#ubuntu-server 2006-05-29
<nictuku> hi
<nictuku> neuralis, you're not going to the dev summit, either?
<nictuku> spike, are you there?
<spike> nictuku: sorta yeah, almost 2am here
<spike> nictuku: how's n-u going?
<nictuku> spike, very well, although I'd like to continue the discussion you started about its scope
<spike> nictuku: I'd be pleased to. I've been talking aroun with some friends about it, and they seemed interested, hopefully we'll agreed for a core group and start coding something ppl can play with
<nictuku> IMO, it's not always true that ServerLand overrides NetworkWideUpdates
<nictuku> spike, but coding for serverland or network updates?
<nictuku> https://dev.ubuntubrasil.org/trac/nwu/roadmap
<spike> nictuku: coding that thing I was proposing, which is kinda on the lines of serverland. n-u would be one of the "connected" tools
<spike> I'm looking at the roadmap
<nictuku> did you see http://trac.mcs.anl.gov/projects/bcfg2 ?
<ajmitch> hello
<nictuku> ajmitch, hi
<spike> nictuku: yes, but that's something cfengine like
<nictuku> spike, my point is that nwu is useful even for small and medium-sized networks, and serverland is much more complex
<spike> nictuku: perfectly agree on that
<nictuku> but I miss a broader discussion on that. there is even the possibility that canonical is writing a tool that could also replace nwu
<spike> nictuku: bcfg2 doesnt cover what I want to do. mine is more like cant_rememmber_the_name, it's not sugarcrm... damn
<spike> anyway, that one is more inventory,CRM/ticket related. mine could/will maybe include that part too but starting small it'll be oriented at monitoring in the beginning
<spike> nictuku: ah, didnt know that. thought nwu *was* what canonical was investing
<spike> the one that was gonna be the official product, that is
<nictuku> spike, well, that's what I wanted to be confirmed, maybe in the UFK
<ajmitch> nictuku: you're going to be in paris?
<nictuku> ajmitch, unfortunately, not
<ajmitch> ah
<spike> what does it take to partecipate?
<ajmitch> then I guess you'll just have to spec it out well beforehand :)
<nictuku> ajmitch, it's already spec'ed, but I don't know if it's approved
<nictuku> michael vogt wrote that before dapper
<nictuku> https://wiki.ubuntu.com/NetworkWideUpdates
<ajmitch> right
<ajmitch> and have you updated the spec to say that you have an implementation now?
<nictuku> yes
<nictuku> "UPDATE: YvesJunqueira (nictuku) is working on that. Milestone1 is not far. See [WWW]  https://dev.ubuntubrasil.org/trac/nwu"
<neuralis> nictuku: i will be in paris
<ajmitch> hi neuralis
<neuralis> nictuku: also, canonical has apparently been funding the development of a web-based tool for managing entire ubuntu networks, and it's quite possible they've implemented something like nwu as part of it. i don't have concrete information yet.
<neuralis> hey ajmitch.
<ajmitch> neuralis: that secretive landscape-client?
<ajmitch> which mysteriously slipped into the desktop seeds with no info a few days ago?
<neuralis> ajmitch: yes.
<ajmitch> if so, I think it's a very bad way to do development, when the rest of us are kept in the dark like that :)
<nictuku> neuralis, my implementation is almost 100% adherent to the spec already, so the secrecy of this project is counter-productive
<neuralis> http://ln-s.net/ALs
<neuralis> search for "there is" in the page, read that paragraph
<nictuku> :-(
<nictuku> strangely enough, mark himself knew I was writing nwu, and was very supportive
<ajmitch> great
* ajmitch wonders how much of the SoC project will still be relevant after this
<nictuku> SoC?
<neuralis> ajmitch: i can't say i understand what went on there.
<neuralis> nictuku: summer of code.
<nictuku> summer of code..
<ajmitch> nictuku: I'm doing the network authentication project
<nictuku> I don't want to see a scandal, but do you guys think that should be discussed in the lists, using this publicly available information I have?
* ajmitch will just work on it & see what happens
<nictuku> ajmitch, that is my plan too, even after hearing a rumor that project existed =] 
<neuralis> nictuku: i certainly think you're free to write to ubuntu-devel and ask what's going on.
<neuralis> what confuses me is that both mark and jane extol the all-development-out-in-the-open model, so either we're operating from incomplete information, or something strange is going on.
<ajmitch> neuralis: that's what I question
<nictuku> +1 there
<ajmitch> I'd say that either the network auth project I'm doing won't overlap, or even the distro team people have been kept in the dark :)
<nictuku> I think that project is closed-source
<ajmitch> closed for now, but going to be open, you think?
<nictuku> a canonical-hosted service
<ajmitch> ah
<nictuku> no, I don't think
<ajmitch> that would be interesting
<nictuku> like a microsoft SUS with a free SUS client
<neuralis> it won't be canonical-hosted; it really can't be.
<neuralis> if it's closed source, i imagine it'll be a proprietary product for which businesses may purchase a license (and possibly obtain the source).
<neuralis> but this is stupid speculation; we should just wait to hear what's going on.
<ajmitch> I agree
<ajmitch> it's only a few days until dapper releases
<neuralis> ajmitch: the interview said this won't be ready for dapper; i imagine the real landscape-client will just trickle in through -updates eventually.
<ajmitch> I'd imagine so
<ajmitch> neuralis: on a different note, what would you prefer to see in edgy? apparmor or selinux? :)
<ajmitch> considering that debian is getting selinux integration for etch
<ajmitch> I imagine specs for both will get written up & may get discussed in paris
<neuralis> i quite like apparmor's apache integration, and i haven't seen selinux doing anything similar, though i haven't been looking at selinux particularly closely in a long time
<neuralis> it's actually been a long time in general since i've paid attention to linux mac solutions
<neuralis> mostly, they're just about 1-3 orders of magnitude too complex to be of any practical benefit.
<infinity> nictuku: Even if landscape turns out to be a complete replacement for NWU, there's no reason to drop NWU, since landscape will be a subscription service.
<infinity> nictuku: Plenty of more frugal admins (or people like me) would prefer to have something like NWU that is both Free and free.
<nictuku> infinity, good to hear that
<daxxar> Hm. infinity, I think I got it solved. Again, thanks to you, frinkillo and gpd. :-)
<daxxar> I ran it for ~6 hours of MemTest86 after I removed the memorystick I suspected of being bad, no errors.
<daxxar> .. Or not.
<daxxar> Bloody hell. :|
<daxxar> Guess it's the CPU or mobo then. *sigh* Guess I'll have to test it when I get back home.
#ubuntu-server 2006-05-30
<xerophyte> is there any program to monitor the /tmp partition for nobody uploaded files ?
<FireCat> Has anyone been able to get saslauthd to work with postfix in Dapper?
<J_P> hi all
<lionelp> FireCat: yes
<J_P> in dapper have somethink special for ubuntu server ? like as some addional files to server / conf ?
<FireCat> lionhelp: testsaslauthd works ok and returns success
<FireCat> lionhelp: I'm getting an error in maillog  warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
<infinity> FireCat: postfix runs chrooted, some mangling needs to be done to make this work.
<infinity> FireCat: Someone a few days ago was having issues, and resolved them.
<lionelp> J_P: everything is described here: https://wiki.ubuntu.com/ServerFaq (better that i will do myself)
<lionelp> do you need saslauthd for other things than postfix FireCat ?
<FireCat> lionhelp: No, I don't think I do. I only have like three accounts I want to set up even
<FireCat> That is why I thought that saslauthd would be the easier route to go
<lionelp> Ok, so, just edit /etc/default/saslauthd configuration file
<lionelp> and add at the end:
<lionelp> PARAMS="-m /var/spool/postfix/var/run/saslauthd/"
<lionelp> restart saslauthd
<lionelp> it should work
<FireCat> Ok, let me try that. Thanks
<lionelp> (i personally use saslauthd for other purposes, so i made a simlink from /var/run/saslauthd to /var/spool/postfix/var/run/saslauthd)
<FireCat> Ok, I'll keep that in mind in case I want to do something else with it
<infinity> lionelp: The symlink trick doesn't work in dapper, you have to bindmount /var/run/saslauthd to /var/spool/postfix/var/run/saslauthd
<infinity> lionelp: Err, wait.  symlink the directory?  Yeah, that would work.  I'm not awake.
<infinity> (Someone else was bindmounting rather than linking the sockets, which works too)
<lionelp> yeah, it works, promise, it is tested on my mailserver :)
<infinity> Always about a dozen ways to do anything. :)
<lionelp> infinity: you are working too hard these days :)
<infinity> lionelp: I thought you were symlinking the socket, not the directory, hence the "that won't work!" comment. :)
<FireCat> Starting saslauthd is failing. It seems I don't have a /var/spool/postfix/var
<FireCat> Just /var/spool/postfix
<lionelp> right, it is not done by default
<lionelp> create it :)
<FireCat> Owner postfix?
<lionelp> never mind
<lionelp> root is better
<lionelp> (postfix does not have to write in this dir)
<FireCat> Ok, saslauthd started, but testsaslauthd fails now, and I still cant authenticate
<FireCat>  Oh, I see I need an -f switch I bet
<FireCat> Ok, testsaslauthd works with a -f to the mux file , but I'm still not getting authentication from postfix: warning: SASL authentication failure: Password verification failed
<FireCat> Do I need to copy in files into the chroot?
<lionelp> nope
<lionelp> did you configure postfix right ?
<FireCat> Well the only thing not working is the smtp auth
<FireCat> It is working otherwise, why I had just mynetworks set up
<FireCat> s/why/when
<lionelp> I do not find it on the wiki
<lionelp> another thing to add :)
<lionelp> FireCat: here is my configuration part for smtp-auth: http://paste.ubuntu-nl.org/14856
<lionelp> (sorry, comments are in french)
<FireCat> lionhelp: Thanks
<mocker> Good morning everyone. (or everyone in my timezone :))
<lionelp> hi mocker
<mocker> Looking to learn more about the Ubuntu server project.
<mocker> Will the dapper server release occur when the dapper desktop release happens?
<mocker> Or is there a different cycle?
<lionelp> mocker: yes, it will occur on thursday
<infinity> Different release cycles would be unmaintainable, since we share the same archive.
<FireCat> mocker: As far as I know it's just a different install on the release cd, and I think a different kernel, without desktop stuff like premptive. Is that right?
<mocker> So for testing, I should probably start w/ dapper..
<mocker> Since it's about to be released.
<lionelp> FireCat: you are right
<lionelp> mocker: yes, it is probabily a good idea to start with Dapper
<mocker> So there is going to be 5 years of support but it will track the same release schedule as desktop?
<mocker> That seems ambitious. :)
<FireCat> mocker: I think the desktop is only going to be supported for 3 years
<lionelp> mocker: did you look at https://wiki.ubuntu.com/ServerFaq
<lionelp> (yeah, I know, i paste this link all the time :-))
<mocker> lionelp: looking now. :)
<mocker> Oh, so it's the exact same thing as desktop but w/ a different install CD?
<FireCat> mocker: The kernels are configured differently
<J_P> lionelp: (11:24:12) J_P: in dapper have somethink special for ubuntu server ? like as some addional files to server / conf ? (11:25:52) lionelp: J_P: everything is described here: https://wiki.ubuntu.com/ServerFaq (better that i will do myself)  . Sorry for long time. Thanks for that link!
<lionelp> J_P: you're welcome
<J_P> :-)
<mocker> So universe is a community supported repository, correct?
<lionelp> mocker: yes
<mloman> Hello!
<lionelp> Hello mloman
<neuralis> uh, that faq is confusing at best
<neuralis> "What's the difference between desktop and server? The first difference is in the CD contents. ... An other difference is what you will find on the CD-ROM"
<neuralis> er.
<lionelp> neuralis: oh, yes :-(
<neuralis> lionelp: i don't have time to edit the page at the moment, but you should point out the existence (and autoinstallation) of the server kernel in those first two bullet points.
<lionelp> yes
<lionelp> I dot it right now
<neuralis> lionelp: the official book will be out soon, and all of this is explained, so you'll be able to integrate it into the faq (the license is rather liberal.)
<lionelp> neuralis: I am not the initial author of this FAQ, I just corrected few things this afternoon
<lionelp> the officiel book is the server guide or there is something else ?
<neuralis> the official ubuntu book
#ubuntu-server 2006-05-31
<Mysta_> I was unaware of any books, is there a website for this stuff?
<blanky> hey guys
<blanky> what are the minimum system requirements for ubuntu server command line only
<blanky> what would you guys think?
<blanky> Nevermind I think it should work
<gpd> I'm sure this is painfully obvious - but could i add a vote for apt-get install lamp - in addition to the install option
<infinity> gpd: Too late now.  Dapper's closed for changes.
<infinity> gpd: I'll certainly consider some fun server metapackages in edgy, though.
<gpd> infinity: sounds good :)
<gpd> I'm loving my Dapper Linode - great work guys
<ubun> ola
<fholmes> hello
<fholmes> I am having problems with Bind on my Breezy Badger server.
<fholmes> I have bind chrooted in /var/lib/named and everything was working until yesterday.  Something weird happened in that time frame.
<fholmes> I have not made any configuration changes at all.  In my db.domainname file only the last name is resolving, none of the other names in my list will resolve.
<brad`> anyone use apache1?
<|JulienH|> Hi all
<lionelp> Hi JulienH
<JulienH> Does anyone here suceeded installing Breezy on a RAID5 config ?
<JulienH> During the installation , on the Alt+F4 console, it shows "Installing grub on '(hd0)'" whereas it should be on md0... isn't it ?
<JulienH> Any idea ?
<JulienH> knock knock ?
<infinity> JulienH: grub can't read from software raid5.
<infinity> JulienH: You'll want a small /boot partition for your kernel and grub.
<Mysta_> anyone around?
<infinity> Mysta_: Vaguely.
<Mysta_> i have a quick quesion
<Mysta_> when i run the top command from the terminal how do I determine how much 'load' my 4 processors are taking on???
<lionelp> Mysta_: you mean by processor ?
<gpd> press 1 while in top for SMP toggle...
<enquest> does the new ubuntu server come with special managment software like postfix admin. An easy way to set up your mailserver, manage apache?
<spike> enquest: no
<enquest> in what is it then diffrent then redhat, fedora, debian ... ?
<spike> of those you mentioned, only RHEL is close to ubuntu server in terms of support, certifications and the like
<infinity> enquest: 5 years support, server-tuned kernel, and a different package selection on the CD.
<kermitX_> webmin isn't even in dapper --
<infinity> enquest: It's not any "simpler" than Debian, though Debian policy and package integration makes us both pretty simple, IMO.
<enquest> Thats all??? Hmmm kinda expected a more easy aproce to setting up a mail server and so on...
<infinity> kermitX_: That's because webmin is a festering pile of unmaintainable and unsupportable crap.
<enquest> I'm know running Debian... But always find mail server difficult
<infinity> kermitX_: And those are the NICE things I have to say about it.
<enquest> Don't use webmin
<enquest> webmin is overkill
<enquest> but it would be nice to set up easily a mail server with mysql support without having to change a dozen files
<kermitX_> keep an eye on http://www.ispconfig.org/ for docs on getting ispconfig to work with dapper
<kermitX_> breezy's is http://www.howtoforge.com/perfect_setup_ubuntu_5.10
<enquest> is this ispconfig inlucde in dapper?
<spike> enquest: you can easily install stuff like GPLhost
<spike> yeah, or ispconfig
<kermitX_> no. you get it from ^^^  (it's open source, bsd license)
<enquest> What is this on the ubuntu.com website apt-get lamp for the serveR???
<enquest> or is it the same apt-get apache2 php5 mysql
<infinity> apache2 apache2-mpm-prefork libapache2-mod-php5 mysql-server php5-mysql php5-mysqli
<infinity> But, "yes", otherwise.
<infinity> It's just guaranteed to always work right and not generate bug reports. :)
<infinity> Which is a win for me, since I maintain all those packages.
<infinity> And I dislike bug reports.
<spike> :)
<kermitX_> will there be a meta package (ubuntu-server) to expedite the install of the ubuntu-server packages when using a 'non-server' iso?
<infinity> There isn't in dapper.
<infinity> I'm considering some "make stuff easier" metapackages for edgy.
<kermitX_> and isn't perl part of the server iso?
<infinity> For most "real" admins, this is all fluff anyway.  They just want the bare-bones installation we ship, and then they want to hand-pick which packages they install.
<infinity> But for home users and small-time admins, this stuff's fun.
<infinity> kermitX_: Of course perl's on the ISO (and installed by default)
<infinity> Perl's installed by default on all Ubuntu and Debian systems..
<infinity> Half the dpkg tools kinda depend on it.
<spike> is ther a system besides LFS :) which doesnt install perl as default?
<spike> throw an "actually" in there somewhere
<infinity> Well, the default perl you get on a minimal Debian or Ubuntu system is REALLY lightweight.
<kermitX_> but isn't mod-perl2 separate? or is it unneeded?
<infinity> But it's still there.
<infinity> kermitX_: Oh, no, we don't install mod_perl2 by default.  It's on the ISO, though.
<infinity> kermitX_: As is mod_python.
* kermitX_ mmmm python ;)
<kermitX_> can someone explain the dependancy on php5-cli & php5-common that php4-pear has?
<infinity> kermitX_: php4-pear is an empty package that depends on php-pear.
<infinity> php-pear is built from php5 source, so depends on php5-common for the changelog and docs (php5-common hasn't got much else in it)
<infinity> As for the php5-cli thin, php-pear needs a command line interpreter to run, it depends on php5-cli | php4-cli, so if you have the latter installed, you don't need the former.
<infinity> And if I get one more bug report stating "Oh noes, php4-pear pulled in php5-common, now I have php5 installed!", I *will* hit someone.  I mean it.
<kermitX_> i wasn't complaining.. was mainly wondering what was so important about php5-common. if it's just docs, it's docs. no biggie.
<infinity> It's just so I only have to ship one changelog for all packages built from the php5 source instead of shipping 15 identical changelogs.
<infinity> so /usr/share/doc/php-pear is a symlink to /usr/share/doc/php5-common
#ubuntu-server 2006-06-01
<avalente> Hi.. I've read that some kernel drivers won't be included in the U.Server kernel version.. But, will there be packages for a gnome environment?
<tarvid> anybody know what to do with .db files generated by ip-acct?
<blah> how would i let users have an account and host files from their account?
<infinity> blah: mkdir ~user/public_html && cp junk ~user/public_html && lynx http://localhost/~user/
<infinity> Then marvel at the junk you just put there.
<blah> yuo dont store the users in /home/user
<infinity> Come again?
<blah> im confused on how it works
<_clem> ~user is a like a link to the user's home folder...
<_clem> like if you type cd ~clem on my machine it'll go to /home/clem
<blah> the orginial document dir, is /var/www/ but if you have users on your box you would need to move their folders to /var/www/user
<infinity> ~user is just shorthand for "the user's home directory, as recorded in their passwd entry", which is usually /home/user
<infinity> blah: No, with mod_userdir ("a2enmod userdir" if it's not enabled in apache2 in your setup), http://host/~user/ maps to ~user/public_html/ on the filesystem.
<blah> Oh
<blah> now how would i create users
<lionelp> blah: adduser login
<blah> room number?
<lionelp> blah: 567 :)
<blah> why
<blah> can it be anything?
<lionelp> blah: joking !
<lionelp> yes !
<blah> k <3
<lionelp> It is what weel appear on finger
<lionelp> s/weel/will/
<blah> but, they have access to veiw /
<blah> anyway to restrict this
<lionelp> yes, there are shell users of the system
<blah> uhh?
<lionelp> what ?
<blah> how can i restrict them to their home directory
<lionelp> There is not an answer for this question
<lionelp> depends...
<lionelp> on your usage, etc.
<blah> just for hosting files
<lionelp> disable your users to remote login (check /etc/ssh/sshd_config) and setup a ftp server
<blah> did
<lionelp> chroot your users in their home (most of ftp servers can do that)
<infinity> I add all my chrooted users to a certain group (say, chrootftp, or something), then use proftpd with "DefaultRoot ~/ chrootftp" and "DefaultChdir ~/ chrootftp"
<infinity> So users in the "chrootftp" group will get chrdir()ed and chroot()ed into their home directory.
<NobodHere> hey all!  My ubuntu server box just started acting up -big- time about 4 hours ago.  It is acting like DNS is broken, but it's not.  Apache and MySQL are fine; postfix is taking forever to respond to SMTP connections, same with cyrus and sshd.  Bind(named) is fine.
<NobodHere> anyone?
<NobodHere> glad to see the ubuntu community is so interested in helping users trying to run a server.  Serves me right- I should have installed debian.
<jsgotangco> nice troll
<infinity> Oh my god, no one answered him in SEVEN WHOLE MINUTES.
<infinity> *sigh*
* kermitX_ wishes nobodhere luck with debian. ;)
<jayb> guys.. anyone here run on IBM xSeries hardware ?
<infinity> jayb: We have some at the Canonical datacentre.. Why?
<jayb> ahh sorry .. didnt see your message.
<jayb> why... Im placing an order for some next week
<jayb> would REALY like to use a DEB Based system (Debian / Ubuntu)
<jayb> and wanted to hear someones experience with them.
<jayb> since Ive had trouble with debian / ubuntu on Dell Sc1425's before..
<jayb> (Kernel panic & driver issues)
<jayb> IBM, are suggesting I use Redhat ... but I dont like RPM's :P
<jayb> can you give me some indication of your experience with your hardware..
<jayb> (and what hardware it is your using)
<infinity> We have a fair number of xSeries stuff at the DC (as well as a fair chunk of HP Proliant gear, and some evil Dells)
<infinity> They all pretty much "just work".
<jayb> ok.. have you had similar problems to what I said on the dells ?
<infinity> But I only run the Ubuntu build daemons and do other random stuff on the boxes, I'm not the Canonical sysadmin.
<jayb> ah ok....
<infinity> We've had no end of strange problems with the Dells, though kernel panics have not been an issue with official Ubuntu kernels.
<jayb> ok... ours kernel panics with the default install..
<infinity> Special..
<jayb> within a few min of the system being installed and up and running
<jayb> yea... REAL Special..
<jayb> does the same with debian also...
<infinity> Is it a module panicking that you can blacklist?
<jayb> and we have to frig arround to get a working kernel.
<jayb> I havnt had time in the past to play with it.
<jayb> my Co-Sysadmin is a fedora / Centos Guy
<jayb> and was like.. oh well I know this works.
<infinity> Anyhow, the IBMs aren't the absolute fastest machines money can buy, but they're solid and have given us no problems.
<jayb> so we went that way...
<jayb> yea Im not only after raw speed.
<jayb> I want reliability...
<jayb> and the IBM's look awesome for that
<infinity> They're definitely that.
<jayb> Im looking at x346...
<infinity> For speed AND reliability, go HP, IMO.
<jayb> with all the light path diagnostics, and hot swap hardware (most of it)
<jayb> and the remote management stuff..
<infinity> Though the black IBM chassis sure does look pretty in a rack. :)
<jayb> hehe
<jayb> yea well tahts always important. :P
<infinity> Hey, it sells Dells. :)
<jayb> it sure does.
<jayb> I had a hands on demo with the IBM gear (at their office)
<jayb> and boy is it nice.
<infinity> Seriously, though, we've had no complaints about the IBM kit except for I/O speed, and to be fair, the machines we have I/O issues on are a couple of years old now.
<jayb> the guy let me pull it appart while in the rack.
<jayb> its just so "Industrial" it realy makes the dell stuff look like a toy
<jayb> ok... what sort of I/O ?? disk , lan ??
<infinity> Disk.
<infinity> Network I/O is fine.
<jayb> ok cool
<jayb> what sort of disks do you have ?
<infinity> But in places where we were using the IBM machines for really disk-intensive stuff, like building CD images and heave SQL usage, we swapped them out for HPs, and got the IBMs doing more CPU-bound stuff.
<infinity> s/heave/heavy/
<jayb> ok... Interesting, so you think its the disk controller or something.
<infinity> Like I said, though, those machines aren't that "new" anymore, so it's probably not relevant.
<infinity> IBM and HP will always leapfrog each other, as they adopt new chipsets and tweak firmware, etc.
<infinity> Oh, and the HP smartarray raid controllers are just blindingly fast.
<jayb> ahh ok.
<jayb> disk IO isnt SUCH a biggie for me.
<jayb> and besides... our old hardware was just IDE / SATA BAsed.
<jayb> moving to this IBM with SCSI disks will be sooo fast for us
<jayb> (For a while anyways)
<jayb> hehe
<infinity> Probably, yeah. :)
<jayb> comparativly.
<infinity> Anyhow, you can't really go wrong with IBM.  The old IBM slogan "no one gets fired for buying IBM" is still true.
<jsgotangco> infinity: is the ubuntu-server image yesterday final?
<infinity> jsgotangco: I should hope so, since we're releasing today.
<infinity> jsgotangco: (yes)
<infinity> jsgotangco: Why, did you find a showstopper bug that I can't do anything about now? :)
<infinity> (Except upload a fix to dapper-updates, of course)
<jsgotangco> infinity: im doing a final test run for x86/amd64 now
<ajmitch> then I can start testing the sparc server iso next week..
<infinity> ajmitch: sparc's not final.
<ajmitch> I know
<infinity> ajmitch: Only i386/ppc/amd64
<infinity> Ahh, good. :)
<ajmitch> by the time I get the server moved & get access to it, it probably will be :)
<infinity> You have a T1000, right?
<ajmitch> 2x T2000
<infinity> Oh, then you're fine anyway.
<ajmitch> yeah
<ajmitch> one of them already runs dapper
<infinity> We're delaying specifically to fix the tg3-on-T1000 thing. :/
<ajmitch> installed with the beta release, iirc
<ajmitch> anyway, back in a couple of hours for the release fun
<infinity> Don't miss the party.
<jayb> how far away is the release ?
<infinity> A few hours..
<jayb> any idea how many.. a few = ?
<infinity> "soon"
<jsgotangco> very soon
<jayb> should I be waiting arround at work.. to set it to start download ?
<jayb> or should I do it when I Get home :P
<jsgotangco> grab the build then just rsync your image if an update comes out
<jayb> yea good call...
<xargo> qualche italiano?
<xargo> :D
<brad`> how is security in "universe" handled?  just left up the individual package maintaners?
<brad`> we need to use apache1, but not happy with it being "ENTIRLY UNSUPPORTED" :\
<infinity> brad`: I do apache1.3 security anyway.
<infinity> brad`: So don't worry too much about it.
<brad`> your the maintainer?
<infinity> brad`: While I certainly don't have to, it's a personal pride thing, since I'm both the Debian and Ubuntu maintainer, and a member of the security team.
<brad`> oh ok, not planning on dissapearing? lol
<brad`> i've been pulling apache1 package to bits today trying to find that install error
<infinity> brad`: Anyhow, as a general rule, security in universe is handled by MOTU on a best-effort basis.  There just happens to be some stuff there that gets more attention than others (apache1.3 and php4 both come to mind)
<infinity> brad`: "That install error"?
<brad`> first install always fails, needs to be installed a second time
<brad`> i found the bug report so its known
<infinity> Which bug number?
<brad`> i'll go find it again :)
<infinity> Out of curiosity, what's stopping you from upgrading to apache2?
<brad`> apache2 can't track bytes_sent properly
<infinity> Sure it can.
<brad`> doco's say it can't
<brad`> it just contains the full number
<brad`> not partial
<infinity> Even when using mod_logio?
<brad`> i havn't looked at mod_logio,,, i noticed the behavour in my mod, them found the confession in the API :)
<brad`> https://launchpad.net/distros/ubuntu/+source/apache/+bug/6742
<infinity> Well, are you using these directives?:
<infinity> http://httpd.apache.org/docs/2.0/mod/mod_logio.html
<infinity> Those are the logio directives (and logio is built into our apache2 binaries)
<brad`> looks like that mod made specifically for what i'm talking about :)
<infinity> Yes, pretty much. :)
<brad`> i was quite livid about the loss of functionality :)
<infinity> Thanks for bringing the apache bug to my attention, it slipped right past my radar.
<infinity> I'll have to try to reproduce it later.  Must sleep now.
<infinity> Well, sleep and/or have a release party.  Undecided.
<brad`> it only works on first install btw
<brad`> uninstalling / purging etc won't get the bug back, so needs to be clean install
<infinity> I'm good at building fresh chroots for debugging.  No problem there.
<brad`> heh ok, i been taking vmware snapshots all day, amazingly handy
<brad`> i'll go play with that mod cya, thx.
<infinity> NP.  Have fun.
<ajmitch> well I see I haven't completely missed the party
<jsgotangco> where's the party here?
<jsgotangco> heh
<J_P> hi all
<J_P> people, I anounce of dapper have this line in server section: * Improved support for clusters and SANs. What mean that cluster ? becouse MOSIX dont't run in kernel 2.6 right and default in dapper is 2.6. Anyone can explaim me please ?
<fabbione> J_P: there is not only mosix for cluster
<fabbione> that's one of the many
<fabbione> we are talking HA clusters
<fabbione> HPC is edgy stuff
<fabbione> also.. you don't need mosix to access a SAN
<J_P> fabbione: sorry, what is SAN ?
<J_P> Are there in ubuntu-server one bot for do this tecnical questions ?
<maswan> storage area network
<maswan> a pretty standard computing term
<fabbione> J_P: google will have all the answers for you. mostlikely if you don't know what it is, it's because you don't need it or you don't have it :)
* fabbione -> food
<J_P> fabbione: so I like know what is that support when we are talking about cluster really! For example, I use mosix with debian 2.4. What can I have improved on ubuntu for this (what mosix alternative). I know, that's one of the many. But ubuntu has anyone "more" ready to use..  ?
<neoncode> I have a computer that needs to function as both a server and a desktop computer which version should I use?
<trs80> the standard install - server is just the ubuntu-standard metapackage only
<lionelp> neoncode: the only differences are CD-content and kernels install by default
<lionelp> if you also need to use your computer as a workstation, use a traditionnal install
<neoncode> Right, thank you.
<lionelp> server packages will alse be available
<neoncode> sweet... Oh is "Zone Minder" in the repos?
<lionelp> neoncode: do not know zone minder
<lionelp> apt-cache does not show me anything
<lionelp> you can search easily packages on packages.ubuntu.com
<schimmi> is there a way to get this LAMP configuration of ubuntu-server manually from a ubuntu-minimal installation? (it's a bootstrapped vserver, no installation cd used)
<schimmi> don't find any references to that other than the dapper server webpage, but nothing technical
<lionelp> infinity told yesterday it was an "apt-get install apache2 apache2-mpm-prefork libapache2-mod-php5 mysql-server php5-mysql php5-mysqli"
<schimmi> ic, so the normal packages will install like that. expected some magic in the installer
<lionelp> non, nothing magical:)
<gpd> infinity also said that Edgy would have exciting metapackages - like sagi lamp
<lionelp> that's right
<gpd> i would like to see antipackages - like - 'don't install X11'
<kermitX_> the server seed file installs apache2 php5-mysql libapache2-mod-php5 mysql-server ubuntu-standard.
<infinity> kermitX_: But that will only work if installed with "aptitude install ..."  apt-get will get the dependency resolution wrong.
<infinity> (Hence why I gave the longer line above, with more decisions pre-made for apt)
<kermitX_> infinity: preference of mpm-worker over prefork is by design?
<infinity> kermitX_: If you don't need php4/php5, -worker is usually the better choice (not always, but usually)
<infinity> PHP isn't threadsafe, however, so REQUIRES -prefork.
<infinity> (Because upstream is lame, la la la)
<schimmi> hmm, wondering if there is any solution for the problem to seperate virtual hosts with php nowadays... don't see anything in the standard installation
<lionelp> schimmi: you can do that with libapache2-mod-suphp
<lionelp> hum... not sure it was the answer to your question btw...
<infinity> schimmi: The question wasn't involved enough for an answer. :)
<schimmi> it is, more or less. only thing that I don't like with it, is that www-data still needs read access to every directory of a virtual host. maybe 600 for php files and 755 for directories works, still complicated
<infinity> schimmi: suEXEC + php-cgi isn't ideal, but works.
<infinity> Ideally, someone will fix apache2-mpm-perchild to actually work right.
<schimmi> yes, but probably we won't see that in this century
<schimmi> wondering what happened to this mpmmux project
<lionelp> You can use aloso use "php_admin_value open_basedir" in Apache configuration to limit accesses
<infinity> Yeah, which works reasonably well, but isn't as good as runninng the PHP processes as a different user.
<lionelp> nope, but used together it give a good starting point
<Cas> Hi, just upgraded my server to dapper and now some php modules ain't working no more like curl and sqlite
<Cas> I tried reinstalling them and reloading apache but that doesn't seem to affect it, Do I need to enable them manually somewhere?
<lionelp> Cas: check if they are enabled in /etc/apache2/mods-enabled
<lionelp> (if they are presend, they are enabled, otherwise, yes, you have to enabled them by hand)
<Cas> lionelp: isn't that only for apache modules?
<lionelp> hum....
<lionelp> sure yes :)
* lionelp should go to bed
<lionelp> sorry
<Cas> eg. mod_ssl, mod_rewrite and PHP itself, I'm trying to load PHP modules
<lionelp> check in /etc/php5/apache2/php.ini
<Cas> hehe, np thanks for trying to help anyway
<lionelp> if you find the corresponding .so
<Cas> k
<Cas> lionelp: yes they are there
<Cas> but not in phpinfo()
<lionelp> Did you reload or restart apache?
<Cas> /etc/init.d/apache2 stop and then start
<lionelp> Okay
<Cas> I have fiddled enough with apache to never do reload again :)
<lionelp> I am trying on my Apache
<Cas> I was very content with breezy as server, just needed to install those module and reload apache and it worked, I think it as something to do with the upgrade
<Cas> hence I tried to reinstall them, maybe I can try remove them "completely"
<lionelp> On a fresh install when I install and restart, I have "curl enabled" in phpinfo() output
<lionelp> same for sqllite
<lionelp> -l
<Cas> yeah I had that too on breezy :/
<Cas> I will try reinstall apache and after that install the modules
<lionelp> That sound weird
<Cas> or php will be more logic
<lionelp> Can you check your version of php5-sqlite and php5-curl
<Cas> lionelp: they're 5.1.2-*
<lionelp> * = ubuntu3 ?
<Cas> yes
<Cas> no luck with reinstalling php5
<gpd> are you purging the packages?
<Cas> I mean curl and sqlite aint working
<Cas> gpd: no, should I try?
<gpd> yes, purge - then install
<Cas> k
<Cas> gpd: that did the trick
<Cas> tnx alot all
#ubuntu-server 2006-06-02
<Zambezi> Can anybody help me? I having problem with apt-get so I'm using wget instead but it won't work. I need assistent.
<lionelp> Zambezi: it is more #ubuntu relative so :)
<Zambezi> No. Cause I'm running with WM.-
<lionelp> WM ?
<Zambezi> *without. I installed Ubuntu server. I changed two thing in sources.list but I can't download a file.
<Zambezi> lionelp: WM = Windows manager.
<Zambezi> lionelp: And now I trying to uncompress the file, but I won't work.
<lionelp> Ok ok
<lionelp> Can you show us your sources.list ?
<lionelp> paste it on pastebin.com
<Zambezi> lionelp: Yes.
<Zambezi> lionelp: Just give me a minute.
<lionelp> no pb
<spike> eeer, how does the window manager matters?
<lionelp> but not a lot, my bed is calling me :)
<lionelp> spike :)
<spike> a problem with soures.list isnt an ubuntu-development related question.
<spike> there isnt much to discuss about it
<lionelp> spike: we have to admit that we spend more time on server support here than on server dev
<lionelp> I admit that his problem is not a server problem btw
<Zambezi> lionelp: http://pastebin.com/752403
<spike> lionelp: indeed. and honestly I'm one of those pro to server support as in install applications and the like. yet they must be someway server related
<lionelp> spike: i know that your are pro server support
<spike> ah, you do? :)
<Zambezi> lionelp: And here's the repos: http://einsteinmg.dyndns.org/debian/
<lionelp> I remember a mail you send on ubuntu-server few month ago
<ajmitch> spike: pro server support? in what way?
<spike> I'm still waiting for the day we'll come out with ubuntu-isp
<spike> ajmitch: in a way that we have space for discussions about sysadmins
<spike> ajmitch: exactly like debian-isp
<spike> to me, ubuntu-server should be like ubuntu-isp, and dev discussion should be moved to ubuntu-server-development
<ajmitch> ah right
* ajmitch understands your sentence now :)
<lionelp> maybe it would be more appropriate to use ubuntu-server-devel and #ubuntu-server-devel for devel and keep server for support
<spike> eheeh
<ajmitch> we already have far too many ubuntu channels
<lionelp> spike++
<spike> ajmitch: indeed
<lionelp> that's not wrong :)
<ajmitch> and freenode has a 20-channel limit
<spike> it is at a certain degree
<ajmitch> so you can't join them all, and discussion gets split unnecessarily
<Zambezi> It's too many people in #ubntu so noone can help me. Please, it's one thing. I really need it.
<lionelp> nice, https://wiki.ubuntu.com/ServerTestingTeam is getting more and more complete
<lionelp> Zambezi: PV
* ajmitch wonders if he'll be allowed to do some of that testing..
<lionelp> :)
* spike will never get his awk script done
<spike> well, need to concentrate and try to finish this. talk to you later guys, c ya
<lionelp> ciao
* lionelp need to go to bed :)
<Zambezi> lionelp: Do you see my answers?
<lionelp> no :-(
<Zambezi> lionelp: Dammit. We take it here.
<lionelp> Ok, know why
<Zambezi> lionelp:  I upgraded Breezy to Dapper RC and it worked. But apt-get won't work so now I have to install it with wget, but this is the first time and I can get it to work.
<lionelp> Zambezi: /join #zambezi
<Cas> I really need php5-tidy which isn't availible, is it possible to compile it in from apt-get source php5?
<lionelp> yes
<neoncode> I've tried putting a server install of ubuntu 6.06 on this computer and it always stalls at "Setting up the Clock" At 0%... Even when there is no network present so it carn't be a NTP thing?
<neoncode> Anyone know what's wrong?
<lionelp> Do you wait ?
<Cas> lionelp: any idea how I can put the tidy stuff in a package once it's build?
<Cas> neoncode: you mean the installation?
<neoncode> Cas: Yea...
<lionelp> neoncode: how long ?:)
<lionelp> It should timeout and pass
<neoncode> I left it for like 10 minutes on that screen... I'm at the boot menu now.... I'l try in install again...
<lionelp> Cas: yes but  it is a bit long to explain to do it properly...
<lionelp> and I should be in bed since 1h now :)
<Cas> hehe, have some documentation directions?
<Cas> neoncode: could it be the part it sets your timezone?
<lionelp> Cas: search on the wiki for package creation
<lionelp> Are you familiar with Debian package creation ?
<ajmitch> the packaging guide may be a good start
<ajmitch> at http://doc.ubuntu.com/ubuntu/packagingguide/C/index.html
<Cas> not really, but I think I can hande it with some documentation, the only thing I'm afraid of is how I only get the tidy part and not the whole PHP package
<Cas> tnx ajmitch, will take a look
<neoncode> How long should it take to do this "Setting up the Clock" BIt anyway? Or for it to time out?
<lionelp> neoncode: you have no network ?
<neoncode> lionelp: No, I just tried the install with the network cable un-pluged. See if it would make a diffrence.
<neoncode> I Pluged it back in this time.
<lionelp> strange...
<lionelp> btw, time to go to bed for me
<lionelp> sorry...
<neoncode> ok..
<neoncode> Still going...
* neoncode larts the clock
<SEJeff> Does anyone know the name of the package that supposedly sets up the lamp stack with 1 command?
<SEJeff> I'm guessing it's a metapackage, but I read on the ubuntu release that a fully working lamp stack is available via 1 command so I'm curious how.
<gpd> no - it is not a metapackage at this time :(
<gpd> it is an option on the install CD
<gpd> however i could scroll back and find the packages if you need
<gpd> metapackage funk is apparently appearing in Edgy [according to infinity] 
<SEJeff> gpd: You've *got* to be kidding right?
<SEJeff> And so those of us that have dist-upgraded faithfully since warty are SOL? That feature should not be touted if thats the case.
<gpd> hardly SOL -- it is still one line ... hold on let me check
<SEJeff> gpd: thankyou
<gpd> apt-get install apache2  apache2-mpm-prefork libapache2-mod-php5 mysql-server php5-mysql  php5-mysqli
<maswan> apt-get install apache postgresql [you should already have linux and perl installed] 
<SEJeff> Ok, I just assumed it was some server-candy magic metapackage. Thanks again guys
<gpd> maswan: isn't that LAPP :P
<maswan> "Most of our scripting languages start with p" for 'M' :P
<maswan> anyway, I'm really sleeping now, not ircing.
* gpd seeds DVD torrent on .edu backbone ;)
<jsgotangco> maswan: good night
<Tatey> I understand this is a development related channel, however, I haven't been able to find a possible solution from #ubuntu. My question is a simple yes/no. Is it possible to perform a server install over SSH?
<gpd> do you mean setup an existing ubuntu as a 'server'
<Tatey> no, a fresh install
<gpd> how are you ssh'ing into this box?
<Tatey> currently, I'm not. For example, with Gentoo you can perform the entire install over SSH, and I believe you can with FreeBSD too. I was just curious if you can with Ubuntu-server
<infinity> Tatey: I'm not sure if we're including the openssh-server udeb in our d-i builds, but if we are, you can do an ssh callback installation in expert mode.
<infinity> (That feature exists for s390, since all s390 boxes are completely headless)
<Tatey> thanks very much infinity :)
<UserName14> This morning I had courier\postfix working perfectly on my system but its not working anymore i cant send pop\imap or login to my inbox I assume ubuntu forgot the Maildir thingy and thats why its no longer working  In telnet i get a ERR Maildir no such file or directory
<UserName14> does anyone know how to fix this?
<J_P> hi all
<J_P> people< i have one important question :
<J_P> in search apt show for me linux-image-2.6.15-23-686, linux-image-2.6.15-23-server and I have the server. so is better install linux-image-2.6.15-23-server right  ?
<J_P> But Aren't there linux-image-2.6.15-23-server  specific for each arquitecture ? (Pentium /amd etc) ?
<J_P> that linux-image-2.6.15-23-server works for all CPUs  as server ? anyone can explaim me that ?
<J_P> anyone here ?
<J_P> hi, My conection lost..
<J_P> :-)
<J_P> anyone see my last question ?
<J_P> anyone here ?
<Zaggynl> Hi, I've just installed ubuntu-server, and I'm wondering which window manager to pick
<Zaggynl> I got a hearattack when I noticed that installing xubuntu-desktop is 965mb and kubuntu-desktop is 1322mb
<Wil0000> should the server edition boot to gnome or kde?
<infinity> Zaggynl: If you wanted a window manager, you probably didn't want ubuntu-server.
<Wil0000> or soes it not include it?
<Wil0000> haha, thats what i thought
<infinity> Wil0000: Neither.  It's bare-bones.
<Zaggynl> infinity: well I have to get a server running
<infinity> Zaggynl: Yes, none of my servers have monitors, let alone a windowing system...
<Wil0000> im downloading x11, thats will dive it yes?
<infinity> Wil0000: If you want a full desktoppy system, grab one of {xubuntu,ubuntu,kubuntu}-desktop.
<Zaggynl> infinity: hum err I have get ubuntu talking to my win2k3 AD , and I was hoping I could do it using a wm
<infinity> That'll be a huge download, but you'll be happy.
<Zaggynl> *I have to get
<infinity> Zaggynl: I fail to see how one relates to the other.
<infinity> Zaggynl: There are no GUI tools to configure Samba, Kerberos, or LDAP, the three components of an Active Directory.
<Zaggynl> okay
<Zaggynl> ill drop the whole wm part then
<Zaggynl> I'll follow https://wiki.ubuntu.com/ActiveDirectoryHowto and I'll see how far I will come, thanks for the advice
* ..[topic/#ubuntu-server:karori] : ubuntu-server development discussions | for general support see #ubuntu | U. S. (stable) at http://tinyurl.com/b3jek | U. S. (Devel) at http://tinyurl.com/cllfu | U. S. dapper specs: http://tinyurl.com/aen9b | U. S. forums at http://tinyurl.com/b77qg | ubuntu-server@lists.u.c is up and running | searchable packages list: http://packages.ubuntu.com
<arnaud___> is there a server metapackage for dapper ? (like ubuntu-server for breezy)
<ivoks> no
<ivoks> ubuntu-minimal
<ghort> ok thanks
<ivoks> it's hard to create -server metapackage
<ivoks> since server could be mail server, web server, ftp server, etc...
<ghort> maybe with linux-server
<ghort> but I agree
<ivoks> that's a kernel
<ivoks> linux-server is type of kernel
<ghort> yes, I don't really see the problem
<jackc> ll
#ubuntu-server 2006-06-03
<mirel> Hi, I'm switching from Fedora to Ubuntu. I need desktop functionality + Apache/PHP/MySQL. I'm wandering what release should I install - desktop or server? Do they share a common package repository? Thanks
<infinity> mirel: I answered your question in #-offtopic. :)
<mirel> do you know if LVM is well supported in Ubuntu, it worked great in Fedora
<infinity> Yeah, it works just fine.
<infinity> The installed will set it up out of the box too, if you use the "text-mode" install CD.
<infinity> The desktop/GUI installer doesn't do LVM yet.
<infinity> s/installed/installer/
<mirel> thanks, starting to install right now , bye
<brass> anybody home?
<brass> well, I have a very fresh install of ubuntu server LAMP and I am trying to install vmware server, and thier VMware Server Web-based management interface.
<brass> due to vmware server's dependancy on X, I also installed ubuntu-desktop
<brass> vmware server has installed with no problems
<brass> but, the management interface gives me this error:
<brass> From your Linux distribution CD, install this package:
<brass> compat-db-<#>.<#>.<##>-<#>.i386.rpm or libdb#.deb
<infinity> You might want libdb1-compat
<brass> Does anybody know what I need to apt-get to install the libdb
<brass> ok
<infinity> I'm not sure from your paste which libdb they actually want.
<brass> "apt-get install libdb1-compat"
<brass> to finish the paste
<brass> "where # is a version number particular to your version of the distrobution"
<brass> so i assume that its not to particular.
<infinity> Try libdb1-compat and see if it stops whining.
<brass> ok, thanks.
<infinity> There are many (many) versions of libdb, all incompatible, but if they wanted db2, db3, or db4.x, I suspect they'd specify.
<infinity> And from the RPM name, I'm assuming db1-compat
<brass_> well, I got kicked when i vpn'ed into my work, so can you repeat what I missed?
<infinity> 20:04 < infinity> Try libdb1-compat and see if it stops whining.
<infinity> 20:05 < brass> ok, thanks.
<infinity> 20:05 < infinity> There are many (many) versions of libdb, all incompatible, but if they wanted
<infinity>                   db2, db3, or db4.x, I suspect they'd specify.
<infinity> 20:05 < infinity> And from the RPM name, I'm assuming db1-compat
<brass_> thanks for the past
<brass_> paste
<brass_> found it.  It's in Universe as libdb1-compat
<brass_> :(
<brass_> still complains about libdb.so.3 being missing.
<brass_> currently running updatedb so I can 'locate' it.
<brass_> ahh,  libdb-4.3.so is whats installed
<brass_> hmm. there's a libdb.so.2 as well.
<infinity> if it wants libdb.so.3, you want 'libdb3'
<infinity> Also in universe.
<brass_> ok
<brass_> :(
<brass_> still throwing fits because libdb3 didn't come with a libdb.so.3
<brass_> so I'm thinking of trying a symlink from libdb.so.3 to libdb3.so.3
<brass_> well, It might might be working now.
<brass_> "/usr/lib/vmware-mui/apache/bin/httpd.vmware: /usr/lib/libdb.so.3: version `GLIBC_2.0' not found (required by /usr/lib/vmware-mui/apache/bin/httpd.vmware)   Starting httpd.vmware:  done"
<infinity> Err, oh, wait.  You wanted libdb.so.3, not libdb3.so?  YAY CONFUSION. :)
<infinity> apt-get --purge libdb3- libdb2
<infinity> (That will remove libdb3, and install libdb2, which has an SOVER of 3... Confused yet?)
<infinity> Berkeley DB is a mess.
<infinity> (Upstream's fault, not ours)
<brass_> ah..  Berkeley.
<infinity> Err, I missed an "install" after the --purge. :)
<brass_> k,   I was wondering why I wasn't familiar with these packages.
<infinity> apt-get --purge install libdb3- libdb2
<brass_> :)  yay.   no errors.
<brass_> well, it seems to be working
<brass_> I don't have a vm on the machine yet to test so further testing will have to wait till tomorrow.     :)   Thanks a lot for your help.    I never would have figured out libdb2
<llamakc> during the install in text mode what's the install prompt to do a lamp install?
<llamakc> in text mode what's the install prompt to do a lamp install?
<gpd> if it isn't blindingly obvious then you probably have the wrong disk
<gpd> apt-get install apache2  apache2-mpm-prefork libapache2-mod-php5 mysql-server php5-mysql  php5-mysqli
<gpd> that will do it once you install
<llamakc> no, correct disk. but in text mode the 'install lamp server' option doesn't exist, which is why i am asking. i know how to install the ind. packages
<Linuturk> is there an apt-get command for installing the LAMP components?
<TheBigToe> how do I get apache2 to start on startup again?
<TheBigToe> apache 1.3 started on startuo
<TheBigToe> startup*
<TheBigToe> but now I have to sudo apache2
<gpd> install sysv-rc-conf
<gpd> it has a simple interface
<gpd> or you can hand edit the links in /etc/rc2.d
<TheBigToe> thanks
<Linuturk> should I just reinstall using the LAMP server menu?
<gpd> apt-get install apache2  apache2-mpm-prefork libapache2-mod-php5 mysql-server php5-mysql  php5-mysqli
<Linuturk> thanks gpd
<Linuturk> will these autoload on startup?
<gpd> apache should start on boot yes
<Linuturk> where are the Docs for these ?
<gpd> apache2-doc
<gpd> and /usr/share/doc/package [same as all debian docs] 
<ransu> hello. question: how to change screen resolution in initial login TTY? is it a bootloader option or some config file somewhere ? aptitude is hard to use with just 25 lines per screen...
<ransu> sorry. I understand this is development and not support group, but since there is no ubuntu-server-support group for people who actually want to learn linux, I don't know where else to go. All I want to know is which manual to read really...
<spike> ransu: look into your bootloader options, vga parameter
<ransu> thanks
<spike> if you want bigger resolution look for framebuffer support
<spike> ransu: thing is, such a question doesnt even belong to ubuntu-server-support
<spike> it really belongs to #ubuntu and #ubuntu only, as for any "group of ppl who actually want to learn linux"
<spike> -server edition isnt of course about that, even if it had a -support channel
<ransu> well, the thing is, I read both the desktop and server version's online wiki documentations and it was obvious which one to choose if you really wanted to learn unix. the #ubuntu group has about thousend people asking how to get their ipod working with the GUI so I felt I wasn't getting anywhere there...
<phpmattk_> Installed dapper, apt-get/synaptic says unable to dowload all repo indexes tried 4 or 5 of different sources.list files. http://rafb.net/paste/results/twIZhh87.html  (output of apt-get update).  Any ideas?
<lionelp> hi phpmattk_
<phpmattk_> lionelp.. hello
<lionelp> This is definitely a #ubuntu question, not a server specific one :)
<phpmattk_> i figured.. its so crowded in there though.. hehe
<phpmattk_> so hey.. any suggestions for me since its so quiet in here anyways
<lionelp> yes, my suggestions are on #ubuntu ;)
<phpmattk_> lionelp: thx..
#ubuntu-server 2006-06-04
<Linutur1> what is the default directory for apache?
<Linutur1> for the web content?
<infinity>  /var/www
<Linutur1> thanks
<Linutur1> what are the default credentials for the mysql database?
<lionelp> Linuturk_NB: root without password
<lionelp> on localhost *only*
<Linuturk_NB> does anyone have a good tutorial for getting started on this preconfigured LAMP server? I just need to create a quick database
* infinity really should fix that some day to have it prompt you for a root password...
<infinity> Except that would prevent the LAMP install from being noninteractive.
<infinity> Pain.
<Linuturk_NB> well, you have a short config for the apache side
<Linuturk_NB> why not a quick password request on mysql?
<Linuturk_NB> can I access mysql via terminal?
<infinity> Err, what?
<infinity> apache2 doesn't ask any questions on install.
<Linuturk_NB> i used the ubuntu 6.06 LAMP server install, and it prompted some questions
<infinity> Linuturk_NB: You can access it with "mysql -u root", yes.
<infinity> Linuturk_NB: What questions were you asked?  It's certainly not designed to..
<infinity> In fact, I can't even see how it would.
<infinity> (The installer asks questions, like username/password, etc, but apache certainly doesn't...)
<Linuturk_NB> it asked what type of enviroment I was using it in. Be that internet, local only, and a few things
<Linuturk_NB> this was after the install was finished
<Linuturk_NB> i believe
<infinity> ...
<neuralis> uh?
<neuralis> if anything, that'd be presumably mail daemon configuration, not apache
<infinity> That sounds more like postfix or exim4's deconf prompting.
<neuralis> and we certainly aren't designed to ask those questions by default.
<neuralis> infinity: exactly.
<Linuturk_NB> eh, probably. I'm way off base sometimes
<Linuturk_NB> I'm fairly new to this (been since 5.10) and I'm setting up a server now. go figure
<infinity> But you would have had to actually explicitely install an MTA, we didn't force one on you. :)
<infinity> (Though I was considering forcing one on the LAMP install, in the end I decided against it)
<Linuturk_NB> mta?
<Linuturk_NB> infinity, big dawg around here?
<lionelp> mta stands for Mail Transfer Agent
<infinity> MTA... Mail tranfer agent.... postfix, exim4, sendmail, etc.
<lionelp> A mail server
<Linuturk_NB> got it
<Linuturk_NB> (three time over) :-P
<infinity> No big dawgs..... I rule by a committee.
<infinity> (... of 1)
<infinity> neuralis: BTW, speaking of committee rule, you better have a mess of interesting stuff to discuss in Paris, or there'll be egg all over my face.
<Linuturk_NB> so, i'm in the sql prompt. create database pointofsale; doesn't work. I'm following these instructions btw. http://www.phppointofsale.com/documentation/help.htm
<neuralis> infinity: aye
<infinity> Only 2 weeks to go.
<Linuturk_NB> infinity: well, who is the printing guru for xfce? they need to change the default behavior of cups or add a nice gui like gnome did
<infinity> mysql> create database pointofsale;
<infinity> Query OK, 1 row affected (0.00 sec)
<infinity> Works for me.
<neuralis> infinity: i'll round up my notes shortly; i think there was a bunch of residual crap from breezy, and there's a bunch of new things to talk about
<Linuturk_NB> mysql> create database pointofsale
<Linuturk_NB>     -> create database pointofsale;
<Linuturk_NB> ERROR 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'create database pointofsale' at line 2
<Linuturk_NB> i did that
<Linuturk_NB> silly me
<infinity> Linuturk_NB: XFCE gurus are janimo, nomed, and some others.
<Linuturk_NB> worked the second time
<infinity> neuralis: Focus on achievable, but noticeable.
<neuralis> Linuturk_NB: you didn't terminate the first line, so you actually issued the "create database pointofsalecreate database pointofsale;" query.
<infinity> neuralis: 4.5 months is a very short cycle, so anything we do that's "whizzbang with low effort" wins.  (like the LAMP install was, for instance)
<Linuturk_NB> yeah, new to this, like i said. i like this channel, not as "loud" as #ubuntu and you guys are friendlier
<Linuturk_NB> thanks
<neuralis> infinity: right. though the lamp install was very low-hanging fruit; i doubt we'll get as lucky again.
<infinity> I can be a jerk, you've just not caught me on an off day yet.
<infinity> neuralis: Oh, I could just duplicate that feat with several other "common server setups". P)
<Linuturk_NB> if I changed the permissions of a file in /var/www/ do I have to restart apache before that will take effect? I've got a specific settings file that needs to be edited by other files
<neuralis> Linuturk_NB: no, you don't.
<infinity> neuralis: I suspect I'll have to anyway, after the press release that went out with my name on it, claiming that the "LAMP install was just the beginning of servers for idiots"
<Linuturk_NB> i did chmod 755 on it
<neuralis> infinity: hahah
<neuralis> that's, er, unfortunate.
<Linuturk_NB> hey, this LAMP install has saved me a lot of time
<Linuturk_NB> i thank you
<neuralis> Linuturk_NB: no it didn't. want a dirty little secret? it saved you exactly one line of typing.
<Linuturk_NB> serious?
<Linuturk_NB> o well
<neuralis> very.
<Linuturk_NB> it also saved me the time of figuring out what that one line of typing was
<Linuturk_NB> that's a biggie
<neuralis> that's true.
<neuralis> infinity: well, i don't think we want to litter the boot menu with a bunch of common server setups. perhaps having a 'Common server install' option that pops up a 'mix and match your own components' screen in d-i?
<infinity> neuralis: That smells a lot like resurrecting tasksel, which I'd considered.
<infinity> neuralis: Besides, doing this in gfxboot kinda locks out serial installs.
<Linuturk_NB> well, what I'd like to see is a light gui installed by default. be that fluxbox or xfce i don't care. Having that with some scripts on the desktop for common tasks (such as starting stopping the services) would really kick arse
<neuralis> aye. in fact, that's what i was proposing to the express server install guys when they first started
<infinity> (Granted, most people doing a serial install don't NEED cute pkgsel options, but whatever)
<neuralis> Linuturk_NB: uh, by default? on the server install? over my dead body ;)
<Linuturk_NB> or, the option to
<Linuturk_NB> at least
<Linuturk_NB> for "idiots" like me
<infinity> Seconded on the dead body thing.
<infinity> If you want a desktop, install {xu,u,ku}buntu, then grab your server stuff.
* Linuturk_NB adds the names to his list :-P
<Linuturk_NB> well, the server kernel is special
<infinity> The desktop stuff is dozens (and often even hundreds) of packages.  The LAMP server you just set up was 12 packages.
<Linuturk_NB> so, i did a ubuntu server install, then apt-get the desktop
<infinity> The server kernel will run a desktop like CRAP, mind you. :)
<infinity> (And you can always "apt-get install linux-server" to get the kernel)
<Linuturk_NB> see, these are things I don't know . . . i just did what crimsun told me
<Linuturk_NB> LAMP server install >> apt-get xubuntu-desktop and a xserver core deal
<Linuturk_NB> now, I'm trying to install this web based point of sale system
<Linuturk_NB> joy
<infinity> As a general rule, you should try to get used to the idea of headless servers.
<infinity> Sure, it takes some effort, if you're rather GUI-centric, but fewer moving parts is always a good thing.
<Linuturk_NB> well, i'm a windows convert, so I am gui centric
<infinity> Every time I had an NT server crash in the video driver (more often than you'd think), I'd curse Microsoft for moving the GDI into the kernel space.
<Linuturk_NB> but hell, i don't even know how to irc from a terminal, so a gui is a must right now
<infinity> And by "more often than you'd think", I mean once or twice a year.  But once or twice a year on several hundred machines becomes a lot of crashing for reasons I'd rather not deal with.
<infinity> Linuturk_NB: "irssi irc.freenode.net"
<Linuturk_NB> well, that's one step in the right direction. I got a guini pig machine at home I'll go straight terminal on from now on
<neuralis> infinity: -c, won't work without
<infinity> neuralis: Oh, whatever.  I usually set up my servers in scripts. :)
<neuralis> likewise
<infinity> Linuturk_NB: Make that "irssi -n Linuturk_NB -c irc.freenode.net" just to make neuralis happy about me giving good advice. :P
<infinity> (That command line was actually tested)
<Linuturk_NB> :)
<Linuturk_NB> arg
<Linuturk_NB> this pos system won't install. I've got to annoy it's dev now
<Linuturk_NB> got a permissions error with a certain file
<Linuturk_NB> http://forums.phppointofsale.com/viewtopic.php?t=360&highlight=settings+php << would the commands he outlines there be any different in ubuntu?
<Linuturk_NB> You have to set write permissions to the settings<font size="3">.php file. </font>
<Linuturk_NB> <font size="3">This can be done by doing chmod 755. This can be doing via ssh or your ftp program might support changing permissions.</font>
<Linuturk_NB> sry bout the <font> tags
<infinity> Obviously written by a windows user turned unix...
<infinity> Why do people always recommend making files executable?
<neuralis> infinity: i spent about 6 hours in an epic battle to get a breezy server to boot from a root drive that's on a dm crypto volume sitting on top of RAID. i wonder if this is a simplification target.
<Linuturk_NB> chmod 777 ?
<infinity> Linuturk_NB: Anyhow, if the file is owned by YOU, and you want the webserver to write to it, it needs to webserver to have access to it.
<infinity> Linuturk_NB: 666 would be fine.
<infinity> (And more fun to type)
<Linuturk_NB> heh, but that's the devil Bobby!
<infinity> neuralis: dm-crypt and dm-fakeraid are both on my TODO for dapper initramfs and installer hacking.
<neuralis> rock.
<neuralis> s/dapper/edgy/
<infinity> neuralis: Getting them supported in initramfs is trivial, writing installer bits not so simple.
<infinity> Whatever.  edgy.  Not used to typing that yet.
<neuralis> okay, we can look at the installer bits in paris
<neuralis> what would you like to get out of it? being able to install on a crypto drive?
<Linuturk_NB> genius
<Linuturk_NB> thanks
<infinity> I wonder how upset my girlfriend will be if she wakes up to find that I've thrown her WinXP system across the room...
<infinity> neuralis: Being able to install to dm-crypt and dm-fakeraid would be the goals, yes.
<infinity> neuralis: Neither of those is particularly server-oriented, mind you.
<Linuturk_NB> infinity: just pop in a live cd and watch her freak out
<infinity> neuralis: The major usecase for dm-crypt is laptops, and the major usecase for dm-fakeraid is "people too cheap to buy real hardware"
<neuralis> right. my hellpains were with a server machine which stores sensitive data in a not-fully-trusted environment, so the owners wanted full-drive encryption even if it means having to type a passphrase whenever there's power loss. go figure.
<infinity> Yeah, a fair usecase, but not a common one, IMO.
<infinity> Most uber-sensitive machines have enough physical security to make crypted filesystems pointless.
<TTT_Travis> Hi guys, I recently installed Ubuntu Server Dapper, it works fine but I am trying to transfer a file from my mac to the linux box over my samba network and the file transfer rates are like 10kb/s which is horrible, I tried using ftp same result. I can transfer files from my mac to winblows pc fine? is there something that would cause this?
<Linuturk_NB> i do i view the databases in mysql
<neuralis> Linuturk_NB: show databases;
<neuralis> TTT_Travis: if ftp gives the same result, it's either faulty network equipment (card, hub, switch) or a bad linux driver. the latter is less likely.
<TTT_Travis> hmm could be card I guess
<TTT_Travis> but I swore it worked fine on breezyu
<infinity> Does dmesg have anything to say about card resets or other such fun things?
<infinity> And does "ifconfig" show a whole mess of frame or carrier errors on that card?
<TTT_Travis> I'll check
<infinity> If the former, it could be a bad driver, if the latter, it's a bad cable or hub/switch.
<TTT_Travis> there are some errors
<TTT_Travis> http://pastebin.com/756697
<TTT_Travis> thats ifconfig
<Linuturk> this is my windows box, so don't kill the other
<infinity> (You could also have blown out the MAC on your card with a power surge on the line.  Stranger things have happened.
<TTT_Travis> there was a power outage a week ago
<TTT_Travis> and it messed with my other card
<TTT_Travis> so I put this one in there
<infinity> That may well have done Very Bad Things.
<TTT_Travis> well it has a mac address
<infinity> Oh, you've switched cards?  The new one could just be bad, then.
<infinity> Or your "I blew up the NIC" assumption may be incorrect, and you may have actually blown the PCI bus, so any NIC will fail (though all will fail differently)
<TTT_Travis> heres what happened, I had this realtek one in my server and it suddenly just stopped working with linux so I swapped it with a linksys one of my sisters windows box and tried the old nonworking on in her box, and suprisingly it worked, so I put the linksys one in my server
<infinity> Anyhow, it sounds less like a software issue and more like a hardware issue. :/
<TTT_Travis> it seemed to be working fine with breezy
<TTT_Travis> full speed transfers etc.
<TTT_Travis> mm
<Linuturk_NB> the default login for any database in mysql is my username and password for logging into the machine? or did you say it was root without a password?
<TTT_Travis> I will mount my windows box on my dapper server and try to transfer files that way
<infinity> Linuturk_NB: Root without a password, until you set something differently (which you should)
<TTT_Travis> that works fine at a normal speed
<infinity> Linuturk_NB: Try something like "grant all on pointofsale.* to myuser identified by 'mypassword';"
<TTT_Travis> try the mac I guess
<Linuturk_NB> how do I change that? and it's just for internal use. it won't be used on the internet
<neuralis> Linuturk_NB: man mysqladmin
<Linuturk_NB> ERROR 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'pointofsale.* to username identified by password' at line 1
<neuralis> Linuturk_NB: you're close to exhausting your goodwill allotment for general beginner questions :)
<Linuturk_NB> mmk
<Linuturk_NB> i'm just so close . . .
<TTT_Travis> 360448 how many megabytes is that?
<TTT_Travis> meh
<TTT_Travis> is there a way to show progress when using the cp command?
<TTT_Travis> -v?
<neuralis> TTT_Travis: -v will echo each file as it's copied.
<TTT_Travis> k
<TTT_Travis> yeah linux to windows seems fine but linux to mac seems slow
<TTT_Travis> so maybe its something with my mac
<Linuturk_NB> ok, i ran sudo mysqladmin password ******
<Linuturk_NB> now I can't : mysql -u root
<Linuturk_NB> o, got it
<infinity> Okay, tutorial session is up.
<infinity> neuralis: Feel free to be a jerk, now. :)
<Linuturk_NB> no no, i got it :-P
<Linuturk_NB> arg, maybe I don't
<Linuturk_NB> :(
<TTT_Travis> weird
<TTT_Travis> from my mac I only get 13kb/s transfer but yet from my windows box to my linux box I get like 3 or 5 mb/s
<TTT_Travis> yet mac to windows gives me 3mb/s
<TTT_Travis> think its something with my linux box then
<TTT_Travis> dapper
<TTT_Travis> oh I can download from my ubuntu dapper box at full speed
<TTT_Travis> like 8mb/s
<TTT_Travis> but transfer is whats being slow
<neuralis> that's strange. i'd think syncookies/ecn/newreno-type stuff next, but i'm pretty sure you don't have any of it turned on, and that it wouldn't matter anyway on a local network.
<TTT_Travis> yeah I just have a default install I haven't changed much really
<TTT_Travis> I just did the lamp install
<TTT_Travis> I still think its something software related
<TTT_Travis> because it worked fine with breezy
<TTT_Travis> this sucks
<Linuturk_NB> got it
<Linuturk_NB> :)
<Linuturk_NB> thanks guys
<Linuturk_NB> love your work
<matias> hi there!
<TTT_Travis> I install the dhcp3 server and for some reason it won't start on a default install of ubuntu server dapper
<TTT_Travis> is there like a firewall blocking it?
<infinity> It won't start if you have no subnet declarations in /etc/dhcp3/dchpd.conf
<TTT_Travis> k
<Mercury> Erm, just to verify, is it safe to upgrade to dapper drake with aptitude as opposed to the upgrade tool or apt-get dist-upgrade?
<yogi> I just finished installing the new 6.06 server on hda1 & LAMP on hda3.  B-4 I go any farther I would appreciate knowing if the sources.list differs from that of the kubuntu 6.06LTS?  Thanks.
<neuralis> yogi: no, it doesn't.
<neuralis> yogi: why did you do a separate LAMP installation? it's just plain 6.06 server + a few packages.
<yogi> neuralis:I did both to just check them out... never fsck'd with a server installation, b-4, so thought I'd look them over.
<yogi> neuralis:Thanks for the info about sources.list.
<yogi> neuralis:I'm currently running kubuntu 6.06LTS and have it set up as a router.  Perhaps I don't even need the server... but was curious.
<neuralis> yogi: you understand they're really all the same underneath, right? kubuntu just has a bunch of desktop packages installed.
<yogi> neuralis:That is what I have begun to realize since looking at the two server pkgs.  The added advan to my kubuntu is that the desktop is already installed (plus, the sound works).
<yogi> neuralis:I just had a spare HD so thought I'd take a look since I didn't d/l the live one.
<neuralis> right, and i'm explaining there's nothing to take a look at -- it's just your kubuntu desktop without the desktop packages, and with a few server packages if you did the lamp install.
<neuralis> you can install the same server packages on the kubuntu machine.
<yogi> Yep... I realize that, now.  Thanks for the info. :-)  I was pretty sure they were the same.  The kernel even seems to be the same one.
<nictuku> hi
<yogi> A couple other distros I've used over the past couple years used different kernels.
<yogi> nictuku:hi.
<edneymatias> hi
<infinity> yogi: We use a different kernel on server installs.
<infinity> yogi: 2.6.15-23-server is what you should have gotten, while your kubuntu install would be 2.6.15-23-386
<infinity> (But there's nothing stopping you from installing either in the other system)
<yogi> infinity:So there really is a diff, then.
<infinity> yogi: package selection is the only difference.  The kernel is just a package like any other.
<infinity> yogi: "apt-get install linux-server" on kubuntu, and you have the server kernel.  <twirl finger>
<yogi> infinity:true.  The kernel is hardened, then?
<neuralis> yogi: (don't do that; your desktop will work like shit with a server kernel.)
<yogi> Okay... got it. lol
<yogi> Must be a big diff.
<edneymatias> infinity: that is it? a different kernel and a LAMP stack?
<infinity> yogi: No, it just had some different defaults.  Lower polling rate (hence the "run like shit" above), no preempt (again, not great for desktops), different I/O scheduler (see above), etc.
<neuralis> yogi: not security-hardened. it's non-preemptive, uses a different i/o scheduler (this is the bit that kills desktops), does some smp+numa, slower tick rate.
<neuralis> hah. what infinity said.
<infinity> edneymatias: Well, and no desktop fluff, yes.
<infinity> edneymatias: I'm from the Debian school of server adminitration, where less is very much more.
<yogi> infinity/neuralis:Many thanks for the info.  You, too, edneymatias. :-)
<infinity> edneymatias: Fewer moving parts == easier to understand, less to break, and longer uptimes.
<neuralis>  14:23:12 up 114 days, 23:15, 178 users,  load average: 0.26, 0.27, 0.24
<infinity> edneymatias: And having the desktop and server installations use the same package base means that you can hack software on your laptop that you know will work on your server, since using the server for hacking is often a Really Dumb Idea.
<yogi> neuralis:Cool.
<edneymatias> infinity: yeah! i agree!
<infinity>  12:23:59 up 368 days, 11:23,  1 user,  load average: 0.00, 0.00, 0.00
<neuralis> infinity: well yes, but this box actually has users :P
<infinity> That's my (still not upgraded, because I'm lazy) woody box.
<yogi> How long since [neuralis/infinity]  updates?
<infinity> neuralis: That one hosts ~500 DNS zones and ~250 apache vhosts.  It's not "big", but big enough.
<infinity> neuralis: It's just not a shell box, as yours clearly is. :)
<neuralis> fair enough.
<yogi> infinity/neuralis:I'm running into [seemingly]  weird behaviour on my HP notebook ..I actually have to reboot or risk trouble when updating.
<neuralis> yogi: define trouble?
<infinity> (It's also running woody still, but why split hairs... it's all the same heritage)
<nictuku> hehe talking about upgrades, mariomeyer didn't manage to dist-upgrade our server correctly, not it's been offline for a few days, including nwu trac and svn repos.
<ivoks> neuralis: A state of distress, affliction, difficulty, or need: tried to console them in their trouble; got in trouble with the police.
<ivoks> neuralis: :)
<infinity> Hah, and this is the box sitting next to it:
<infinity>  13:26:17 up 365 days,  9:53,  3 users,  load average: 0.03, 0.12, 0.21
<infinity> You can tell that must have been "kernel upgrade week".
<yogi> neuralis:By trouble I'm referring to various things start to behave weirdly and it isn't always the same.
<nictuku> infinity, 2.4 or 2.2 kernels in those woodies?
<infinity> nictuku: 2.4.31+patches on both of them
<infinity> They're both in desperate need of some TLC, but work always seems to come before hobbies.
<yogi> Take X/KDE, for instance: There was a bad kde-guidance pkg whose bad behaviour appeared by simply restarting; X, on the other hand, though restarted, worked --and when rebooted, went screwy.
<yogi> neuralis:The X behaviour was post-update for X, of course.  Left that part out.
<nictuku> there is a considerable chance that nwu svn and trac repos are gone forever :-(
<neuralis> infinity: 500 zones as a hobby? say, are you the gentleman that wants me to partake in a business venture whereby a certain amount of funds is to be transferred out of the deceased dictator's private accounts? you should have just said so! i'd have taken you up on the kind offer post haste. ;)
<neuralis> nictuku: why?
<infinity> nictuku: If they can be pulled off the filesystem, I can help recover them.
<edneymatias> infinity: errr...but why not administer a server from a desktop?
<nictuku> the guy didn't create a backup for it
<infinity> neuralis: Hahaha.  I just do a lot of hosting for friends and family, that's all. :)
<infinity> edneymatias: Because GUI tools are never a good replacement for understanding how your system actually work.
<nictuku> although I've asked for a dump every day :-(
<infinity> edneymatias: Especially when the GUI fails and you NEED to fix it with SSH, but realise you never bothered to learn how.
<neuralis> nictuku: you still have the most recent code, right?
<nictuku> infinity, I don't know the details. It's a canonical funded box, hosted at serverpronto I guess
<nictuku> neuralis, yes, but I've put a lot of TLC in the trac and in the svn logs :-(
<edneymatias> infinity: ok...but ssh can fail too
<nictuku> work is not lost
<infinity> nictuku: Don't need a dump.  If the original repository exists at all, even in a slightly-buggered state, it can be recovered.
<neuralis> nictuku: sorry to hear about it. i'm happy to give you proper hosting for nwu if you need it.
<infinity> edneymatias: The odds of your sshd failing but some GUI still being up are pretty slim. :)
<nictuku> neuralis, thanks.
<neuralis> nictuku: proper being high bandwidth, shell, raid drives and nightly off-continent backup.
<infinity> edneymatias: But mostly, it's that adding the whole X/desktop stack to a system drastically increases its complexity.
<infinity> edneymatias: It also has a non-kernel process directly fiddling with hardware, leading to instability.
<infinity> edneymatias: Neither of those is a win.
<neuralis> infinity: yeah, scary, that.
<nictuku> neuralis, that is much better than the paid xen virtual host I was planning to move it to, whenever I got the svn and trac dumps hehe
<neuralis> nictuku: when you're ready, mail me your ssh2 pubkey and i'll set you up.
<infinity> neuralis: How much does your current workplace love Debian/Ubuntu?
<infinity> neuralis: And is there a hands-on lab where free software gigs can be hosted? :)
<neuralis> infinity: what do you need?
<infinity> neuralis: Michael Schmitz (Debian developer and m68k hacker) is leaving the university he's been at for the last 400 years, and we need to find new hosting for {crest,q650,kullervo}.debian.org (m68k porting machines)
<infinity> neuralis: I was going to just ship them to me here in .au, but hosting on .edu bandwidth would be much less crap.
<infinity> neuralis: Being old hardware, they require the occasional kick (crest crashes twice a year, that sort of thing), hence the "hands-on" requirement, rather than just locking them in a closet.
<neuralis> if you don't need >~99% uptime, it's almost certainly not a problem
<infinity> I don't think we care much about five nines. :)
<nictuku> hehe
<neuralis> infinity: let me shoot around a few mails, but that should be fine.
<edneymatias> infinity: the x/desktop stuff can help me administer my systems?
<infinity> edneymatias: In all honesty?  Probably not.  There are very few good GUI tools written to adminiter most daemons.
<infinity> edneymatias: People who write UNIX server software tend to be old skool enough to not see the point, and new skool kids don't seem to "get it", and write tools that stomp all over your configs and generally break the system.
<edneymatias> infinity: and what if we develop that good GUI tools?
<neuralis> edneymatias: famous last words. it's *much* easier said then done.
<infinity> edneymatias: <shrug>.. If you were to develop them, that would be a good argument, perhaps, for X-over-ssh, or such, but still never a good argument for an Xserver running on the server box.
<edneymatias> infinity: would the x/desktop be helpfuul?
<nictuku> edneymatias, there are many initiatives to, but using the CLI is more efficient, as the unix history shows
<nictuku> edneymatias, hardly
<infinity> edneymatias: Realistically, I'd not put my seal of approval on anything that adds complexity to the system for the sake of people who can't read manuals.  If it can be done in a way that doesn't harm people like ME, while also helping others, then that's cool.
<edneymatias> nictuku: ok...you are right, CLI is MUCH more efficient
<neuralis> infinity: i have a tentative green light on hosting the machines. i'll double check for any possible obscure problems (since we wouldn't own the machines), but i don't expect issues.
<nictuku> edneymatias, viu? :-)
<infinity> Tihs has been attempted with web-based management software, for instance, which leverages things you already want on a server, while not adding new software.  But most web-based management has, to date, sucked balls.
<edneymatias> nictuku: vi! ;-)
<TTT_Travis> I am trying to set up a dhcp3 server but when I start it keeps failing, is there a log file somewhere so I can see why its failing?
<nictuku> webmin => /dev/null
<infinity> neuralis: Bear in mind that someone in the lab where the machines live would have to be willing to occasionally button-bitch, and perhaps even learn enough about Debian/68k to be walked through swapping faulty hardware or such.
<infinity> neuralis: If that's way too unrealistic, I'll just host 'em in my house. :)
<nictuku> TTT_Travis, tried /var/log/syslog?
<nictuku> TTT_Travis, check /etc/default/dhcp3-server (or something like that)
<TTT_Travis> I'll check
<infinity>  /var/log/daemon.log even.
<nictuku> TTT_Travis, you need to set the interfaces the daemon will listen and send replies to
<infinity> You need two things.  You need to tell it what interface(s) to listen on in /etc/default/dhcp3-server, and you need a valid config file with at least one subnet properly declared in /etc/dhcp3/dhcpd.conf
<TTT_Travis> nictuku gottcha
<neuralis> infinity: it's fine on both counts; it'd be smart folks hosting them
<nictuku> and probably declare it "authoritative"
<infinity> dhcpd is really rather picky about not loading if the config is useless.
<neuralis> infinity: and i have a key in the unlikely case a cluebat need be wielded.
<infinity> if the config is a no-op (ie: listen on eth0, but don't declare any of the subnets on eth0), it'll just exit.
<infinity> neuralis: How many years are you planning on being there? :)
<nictuku> :-)
<neuralis> infinity: it's not contingent upon my being there, so they can stay there as long as they're needed
<infinity> neuralis: Anyhow, I'll talk to Michael and see if he's found hosting in Europe yet.  If not, I'll poke you again.  Your offer sounds about like what we want.
<neuralis> sure.
<infinity> (And you'll be one of the few universities in the world running multiuser m68k machines, that's got to count for some sort of academic nerd points)
<infinity> crest gets a LOT of use.
<nictuku> is the ubuntu-server list not listed in the lists index on purpose?
<infinity> nictuku: Probably just an oversight, though the relative silence on the list as a result is pleasant, no?
<neuralis> infinity: it'll go nicely with the nerd points we have for running the first-ever large scale automatic digital computer in the states :)
<infinity> You still put power to the thing?
<neuralis> hell no. i think it'd burn up in a big ball of fire if we did, not before dimming the lights of every apartment in a 3 mile radius.
<nictuku> hehehehe
<neuralis> but it's on display in the science center.
<neuralis> parts thereof; it's largely disassembled nowadays.
<infinity> neuralis: Yeah, that's what I was thinking, but your use of "running" in the baove sentence led me to believe it was STILL running.
<infinity> above, too.
<neuralis> ah, sorry. i meant "once running".
<infinity> Subtle language, this English.
<neuralis> It was built using 765,000 components and hundreds of miles of wire, amounting to a size of 51 feet (16 m) in length, eight feet (2.4 m) in height, and two feet deep. It had a weight of about five short tons (4500 kg). The basic calculating units had to be synchronized mechanically, so they were run by a 50 foot (15 m) shaft driven by a five-horsepower (4 kW) electric motor. The Mark I could store 72 numbers, each 23 decimal digits long.
<nictuku> thanks for the metric conversion
<neuralis> infinity: think we could run ubuntu on it? :)
<neuralis> nictuku: courtesy of wikipedia.
<TTT_Travis> can anyone that knows about dhcp3-server look at this and tell me what I am doing wrong in my config file?
<TTT_Travis> http://pastebin.com/758172
<nictuku> TTT_Travis, you have to have a subnet lease declaration
<neuralis> TTT_Travis: that's a VERY descriptive and helpful error message. what's unclear?
<infinity> neuralis: Hey, I specialise in running Linux on ancient/obsolete 32-bit systems.  Any further back, and you'r on your own. :)
<TTT_Travis> neuralis I am not really sure how it wants me to declare the subnet in the dhcpd.conf file
<nictuku> TTT_Travis, well, you should read the documentation of a service you're trying to install
<nictuku> TTT_Travis, try www.debian-administration.org
<nictuku> TTT_Travis, wiki.ubuntu.com must have something too
<TTT_Travis> k
<infinity> TTT_Travis: The conf file has example subnet declarations in it, commented out.
<infinity> TTT_Travis: "man dhcpd.conf" is also helpful.
<infinity> TTT_Travis: As is "man dhcp-options", if you're looking to get scary in-depth.
<neuralis> i'm out, cheers.
<infinity> Later, Ivan.
<nictuku> neuralis, cheers
<TTT_Travis> ok here is what I get now
<TTT_Travis> http://pastebin.com/758192
<TTT_Travis> along with my config file
<TTT_Travis> which I am sure I am doing wrong
<infinity> Mismatched braces, for one.
<TTT_Travis> oh yeah
<TTT_Travis> ignore that
<TTT_Travis> I removed the extra brace and it still gives me same error
<infinity> You really should have broadcast-address and routers in the subnet declaration too, not globally, for sanity's sake.
<TTT_Travis> k
<TTT_Travis> bad subnet number/mask combination.
<TTT_Travis> what would that mean?
<infinity> Well, can you paste your CURRENT config then, instead of asking me to debug the wrong one? :)
<infinity> 192.168.1.3 isn't a network number, if your IP address.
<infinity> Your IP address (192.168.1.3) belongs to the network 192.168.1.0/24 (or "subnet 192.168.1.0 netmask 255.255.255.0" in dhcpd-speak)
<TTT_Travis> current
<TTT_Travis> http://pastebin.com/758208
<TTT_Travis> 192.168.1.3 is the boxes ip assigned from my router
<infinity> Yes, which is not a NETWORK ADDRESS, it's YOUR ADDRESS.
<infinity> The network is 192.168.1.0
<TTT_Travis> alright
<infinity> Also, if you have DHCP on this subnet already, you realise this won't work at all, right?
<infinity> You'll have to give your machine a static IP, and turn off the DCHP server on your router.
<TTT_Travis> hmm
<TTT_Travis> what if I changed the network?
<TTT_Travis> to like 192.168.2.0
<infinity> Then you'd need to have another physical network.
<TTT_Travis> oh
<TTT_Travis> I suppose
<TTT_Travis> well what I am trying to do is setup ltsp if you have ever heard of that just to play around with it a little
<infinity> DHCP happens before machine have IP addresses (obviously), so the subnet doesn't matter, it's the physical wire that matters.
<TTT_Travis> but I am stuck on this dhcp3 server part
<infinity> Two DHCP server on the same wire (unless masked off with MAC ACLs) will explode.
<infinity> Anyhow, fix your subnet declaration, give your machine a static IP, turn off DHCP on the router, and you're golden.
<TTT_Travis> yeah and this box only has one NIC anyway
<TTT_Travis> so would that work?
<infinity> And keep in mind that you're now serving DHCP for the whole physical subnet, not just for the ltsp clients. :)
<TTT_Travis> yeah
<TTT_Travis> thats fine
<TTT_Travis> so the box that this is running on would just assign ips to all of the boxes connected to the network?
<infinity> Yes.
<TTT_Travis> my cabling its setup like Router -> dhcp server and then Router -> PC and and Router -> other pc
<TTT_Travis> so I wouldn't need another nic card?
<infinity> The router is a switch or hub, right?
<infinity> So all the machines can see each other through it just fine.
<infinity> So it doesn't matter who is serving DHCP, so long as there's only one of you doing it.
<infinity> It's all one physical ethernet network.  One big wire.
<TTT_Travis> ok
<TTT_Travis> yes
<TTT_Travis> I gotcha
<TTT_Travis> I will attempt to set this up now
<infinity> (which reminds me, I really need to turn off DHCP on my home DSL router and move it to another machine..)
<infinity> Thanks for the accidental reminder.
#ubuntu-server 2007-05-28
<shawarma> Well, I'm off to bed.. G'night guys!
<ajmitch> night
<qman> I have another question...My server has four network cards. They used to be eth0-eth3. One time, after a reboot, eth3 changed to eth4. Is there any way to change it back?
<birdman> hey i was wondering if ubuntu supports quad processors
<ajmitch> sure
<birdman> ok cuz i have a old ibm pc server 704 that is a scsi server with 4 pentium pro's
<birdman> is there anything i have to do or just install it
<ajmitch> it should just work
<birdman> o
<birdman> ok
<birdman> i also have another server i built its a amd opteron dual core 64bit with 2 opterons will it work with that
<ajmitch> should work fine
<birdman> k
<birdman> now with the scsi server do i need the scsi drivers or does ubuntu have it allready
<ajmitch> ubuntu will most likely have the drivers
<birdman> and same with the opteron server it needs sata drivers will it have that too
<ajmitch> quite likely, yes
<birdman> k cool and if it doesnt any linux drivers will work right
<birdman> i can get redhat, sco linux, sco openserver, sco unixware, suse linux, turbo linux drivers
<birdman> will any of those drivers work
<qman> birdman, those drivers won't work, only if you can get the source and compile them, however, all the stuff you need should be built in
<qman> standard linux SMP kernels can handle at least 8 processors
<dsdg> morning guys!
<dsdg> how will I find out the location of my authdaemond socket on ubuntu?
<dsdg> lsof | grep authdaemon gives me [/usr/lib/courier/authlib/authdaemond.mysql]  is that it?
<shawarma> It's more likely to be found in /var somewhere.
<dsdg> /var/run/courier/authdaemon/socket ?
<shawarma> Sounds right. :)
<dsdg> hehehe
<dsdg> ok, let me try, almost done with mailserver just struggeling with sasl and it authing via authdaemond,
<dsdg> i am getting warning: SASL authentication failure: cannot connect to Courier authdaemond: Connection refused
<ivoks> postfix?
<dsdg> yes,
<shawarma> 2 things to check:
<ivoks> postfix is chrooted
<dsdg> no,
<dsdg> it's running normal,
<shawarma> Permissions on the socket and that you've yanked out postfix from the chroot.
<dsdg> no chroot,
<ivoks> by default, it is
<dsdg> i have checked that in master.cf,
<dsdg> by chroot it says n,
<dsdg> that right?
<shawarma> Sounds sounds right.
<dsdg> ok, let me see then, permissions on the socket,
<dsdg> srwxrwxrwx 1 root root 0 2007-05-25 14:42 /var/run/courier/authdaemon/socket
<ivoks> n for what?
<ivoks> smtp?
<dsdg> dirty but should work...
<dsdg> n by everything ectually, under the chroot space,
<dsdg> and for smtp yes,
<ivoks> ok
<dsdg> so ok, let me add that to my smtp.conf under /etc/postfix/sasl/smtpd.conf
<shawarma> Add what?
<dsdg> damn, warning: SASL authentication failure: cannot connect to Courier authdaemond: Permission denied
<dsdg> add this, /var/run/courier/authdaemon/socket as the location of my socket,
<shawarma> dsdg: ls -ld /var/run/courier /var/run/courier/authdaemon
<shawarma> dsdg: Just paste the output of that command here.
<dsdg> root@dna:~# ls -ld /var/run/courier /var/run/courier/authdaemon
<dsdg> drwxr-xr-x 4 daemon daemon 240 2007-05-18 12:25 /var/run/courier
<dsdg> drwxr-x--- 2 daemon daemon 100 2007-05-25 14:42 /var/run/courier/authdaemon
<shawarma> Alright. And then 'id postfix' ?
<dsdg> uid=108(postfix) gid=113(postfix) groups=113(postfix)
<shawarma> that's it then.
<shawarma> sudo adduser postfix daemon
<shawarma> restart postfix, and bam!
<shawarma> :)
<dsdg> shawarma, hehehe
<dsdg> thanks for the help man, you come across as a freakkin genius :P
<dsdg> it still gives me the same error though,
<dsdg> warning: SASL authentication failure: cannot connect to Courier authdaemond: Connection refused
<shawarma> Could you paste your master.conf on pastebin?
<dsdg> sure,
<dsdg> shawarma, http://paste.ubuntu-nl.org/22837/
<shawarma> line 31...
<shawarma> Ah, no, never mind.
<shawarma> You *did* completely restart postfix, right?
<dsdg> yea, let me do that again for you,
<dsdg> root@dna:~# /etc/init.d/postfix restart
<dsdg>  * Stopping Postfix Mail Transport Agent postfix                                                                                                    [ ok ] 
<dsdg>  * Starting Postfix Mail Transport Agent postfix                                                                                                    [ ok ] 
<dsdg> root@dna:~# /etc/init.d/saslauthd restart
<dsdg> Stopping SASL Authentication Daemon: saslauthd.
<dsdg> Starting SASL Authentication Daemon: saslauthd.
<dsdg> May 28 09:27:03 dna postfix/master[24405] : daemon started -- version 2.2.10, configuration /etc/postfix
<dsdg> now let me send this mail, through my server,
<dsdg> warning: SASL authentication failure: cannot connect to Courier authdaemond: Connection refused
<dsdg> its that error i cant get rid of,
<shawarma> dsdg: That's curious.
<ajmitch> yay, upgrade problems
<dsdg> i was thinking it might be something to do with /etc/default/saslauthd
* ajmitch hugs apache
<shawarma> dsdg: Maybe you could find the pid of the smtp process, run strace on it and see what it actually tries to connect to.
<shawarma> ajmitch: feisty->gutys?
<ajmitch> sarge->etch :)
<dsdg> ok, i will try that now,
<shawarma> Oh, dear. :)
<dsdg> ajmitch, something i can help you with?
<ajmitch> I've got another 12 hours or so before I'll start hearing lots of complaints :)
<ajmitch> ok, got it down to mod_ssl not playing along
<ajmitch> though the banner claims it's loaded, oh well
<ajmitch> as long as it all works right ;)
<ajmitch> well, fixed it
<ajmitch> <IfDefine SSL> doesn't play well with apache2.2
<shawarma> Which part of it?
<ajmitch> it seems it doesn't get defined
<ajmitch> even though mod_ssl loaded with no problem
<ajmitch> of course that line was the only difference from the other etch server I have here
<shawarma> It's always been defined on the command line,  i think?
<ajmitch> not sure, I just know that it wasn't working otherwise
<ajmitch> now I can upgrade a few more packages 
<shawarma> Just add -DSSL to your apache command line, and you should be good.
<ajmitch> sure, but I've never needed to do that before :)
<shawarma> I'm *almost* sure that's the way it has always been defined.
<ajmitch> it was working without it in sarge, unless the sarge apache configuration used -DSSL somewhere
<shawarma> I think it did.
<ajmitch> oh well
<spool_> hello, could someone help me with a problem with the apache2.2-common package?
<spool_> (on ppc)
<ivoks> what kind of a problem?
<spool_> when I install it, it doesn't populate the /etc/apache2/mods-available/ folder
<spool_> with things like cgi-load
<spool_> ... cgi.load
<spool_> also no /etc/init.d/apache2
<ivoks> hm
<spool_> and no /etc/apache2/apache.conf
<spool_> it told me I needed to purge and reinstall
<spool_> but that doesn't seem to help
<ivoks> apt-get --reinstall install apache2.2-common?
<spool_> I'll give it a shot
<spool_> is it ok if I use aptitude?
<ivoks> i guess it is
<spool_> aptitude reinstall doesn't seem to change anything
<spool_> it runs, but still no config files
<spool_> someone else has this problem on the forums I think
<spool_> http://ubuntuforums.org/showthread.php?p=2734598#post2734598
<spool_> sorry, just to clarify I only got the "purge and reinstall" message when apache2-mpm-worker was being installed
<spool_> as a dependency of phpmyadmin
<ivoks> this happens only with aptitude, it seams
<spool_> oh really?
<spool_> should I try plain old apt?
<ivoks> or not... :)
<ivoks> first of all, what version is that?
<spool_> what version is what?
<ivoks> of ubuntu
<spool_> oh feisty
<spool_> (for me, the other guy on the forum is using dapper)
<ivoks> do you have /etc/apache2/apache2.conf?
<spool_> nope
<spool_> running the apache2 binary complains about not-finding it
<spool_> (and it's not there, I checked to be sure)
<ivoks> and apache2.2-common is installed, hm...
<spool_> indeed, much frustration :)
<ivoks> try running /var/lib/dpkg/info/apache2.2-common.postinst
<spool_> ... is that a binary?
<spool_> hold on
<ivoks> shell script
<ivoks> ah...
<ivoks> those are all conffiles
<ivoks> beh, silly me
<ivoks> dpkg --force-all --purge apache2.2-common
<ivoks> apt-get install apache2.2-cmmon
<fernando> moin all
<spool_> ? which should I do?
<ivoks> both, in that order
<spool_> ok hold on
<spool_> i got two warnings about missing files on the purge
<spool_> /var/log/apache2 was empty
<spool_> as was /var/cache/apache2
<spool_> hey hey!Module authn_file installed; run /etc/init.d/apache2 force-reload to enable.
<spool_> I got that for a whole load of different stuff
<spool_> should I force reload?
<spool_> sweetness localhost is up and ready for drupal
<spool_> well... almost :)
<ivoks> there...
<spool_> should I run the force reload thing?
<ivoks> yes
<spool_> cool
<spool_> ... oh no...:( localhost/phpmyadmin on firefox asks me if I want to download a .phtml file...
<spool_> thank you very much though
<spool_> I didn't have a clue
<ivoks> you didn't install php
<ivoks> a2enmod php5
<spool_> unfortunally I did install php5
<spool_> is a2enmod a command?
<ivoks> yes
<spool_> this module does not exist!
<spool_> ... apparently
<ivoks> i wonder how you succedeed in doing this :)
<shawarma> spool_: You need to install libapache2-mod-php5
<ivoks> apt-get --reinstall install php5
<spool_> it's pretty impressive I think :0
<ivoks> yeah, that too
<spool_> any particular order?
<ivoks> no
<shawarma> spool_: Just php5 should be fine, actually
<shawarma> spool_: It depends on libapache2-mod-php5
<spool_> if I remember correctly, I also need to clear firefox's cache...
<spool_> hmmm... still tries to download
<spool_> oh restart apache?
<spool_> restart doesn't do it either
<spool_> also the apache (hooray you've installed correctly) page has a few missing image links, but that's not a big deal :)
<ivoks> try with other browser or ctrl+shift+r in firefox
<spool_> oh I killed the cache
<spool_> still didn't work
<ivoks> for installing php5 and apache, everything you had to do was: apt-get install apache2 php5
<dballester> hi to all
<spool_> I began the saga with: aptitude install php5 myphpadmin
<ivoks> drop the aptitude, please
<ivoks> no need for it
<spool_> ok
<spool_> I've read so many conflicting opinions on apt v. aptitude
<spool_> I'll stick with your advice: you've gotten me this far :)
<ivoks> so...
<ivoks> apt-get install apache2 php5 phpmyadmin
<spool_> done that
<ivoks> just to make sure everything is here
<spool_> says nothing to be done
<ivoks> ok
<spool_> except it claims apache2 was 'manual installed'
<ivoks> do you have /etc/apache2/mods-enables/php5.load?
<spool_> whatever that means
<spool_> checking...
<ivoks> mods-enabled
<ivoks> sorry
<spool_> I know :), and the answer is .... NEGATIVE!
<spool_> sorry, I've been banging my head against this for some time now :P
<ivoks> ok
<ivoks> do you have /etc/apache2/mods-available/php5.load?
<spool_> nope
<ivoks> ok
<spool_> interesting eh?
<ivoks> apt-get --reinstall install libapache2-mod-php5 php5
<spool_> is it ok if it wants to swich from worker to fork?
<ivoks> yes
<spool_> coo coo
<spool_> sorry, prefork (I'll assume you understood)
<spool_> 0% [Waiting for headers]  [Connecting to security.ubuntu.com (91.189.89.6)]   
<spool_> .... seems to be stuck
<ivoks> lol, worked 2 minutes ago
<spool_> my luck is fantastic today
<ivoks> works now too, but slow...
<spool_> up! there we go
<\sh> you need check if libapache2-mod-php5 is being catched.
<spool_> slowly...
<spool_> ok hold on
<spool_> yup
<spool_> it's on the 'list' as it were
<spool_> brr... I just realized how cold I am in this room
<ivoks> grrrrrrrrrr
<spool_> grr?
<ivoks> it won't work again
<spool_> ? :(
<ivoks> since these are conffiles
<ivoks> why are they conffiles, grr
<spool_> wow, it feels like I'm running gentoo again
<ivoks> just wait till it finish, then we will continue
<spool_> except the steps to fix things are sooo much shorter
<spool_> done
<ivoks> i guess you still don't have /etc/apache2/mods-available/php5.conf
<spool_> I'll take a look
<spool_> you powers of prediction are uncanny
<spool_> *your
<ivoks> dpkg --fore-all --purge libapache2-mod-php5 ; apt-get install libapache2-mod-php5
<spool_> Module php does not exist!
<spool_> ok
<spool_> it finished
<spool_> and restarted apache
<spool_> shall I firefox again?
<ivoks> yes
<spool_> and php.load has materialized :)
<spool_> HOOORAAAYYY@!@!@!@!
<spool_> hugs! kisses! ticker-tape parade!
<spool_> thank you so much
<spool_> so if I need to purge config files I need to dpkf --force-all --purge eh?
<ivoks> no
<ivoks> just --purge
<ivoks> apt-get --purge remove package
<spool_> oh... so why did we use dpkg --force-all ?
<ivoks> cause you had phpmyadmin which was depending on php
<ivoks> and without --force-all it wouldn't work
<spool_> ah... so then we can fix things without requiring lots of dependency reinstalls?
<ivoks> you shouldn't use that if you don't know what you are doing
<jronnblom> anyone have any experience with netbooting and feisty? Im trying to rebuild the initrd sinice I need the piix module for our machines to boot and load IDE support.
<spool_> :) I think I have clearly demonstrated how little I know about dpkg, apt, etc.
<spool_> also, why is there aptitude and apt-get? ... or is that too long a story?
<jronnblom> I have modified the /etc/initramfs-tools/modules and used update-initramfs to rebuild the initrd however at boot it stops after a few seconds and says "ALERT! /dev/ram does not exist" and then drops to a minimal shell
<ivoks> spool_: aptitude uses apt-get
<ivoks> aptitude is another layer, not needed anymore
<spool_> fair enough. so aptitude calls apt calls dpkg? 
<ivoks> yes
<\sh> jronnblom, you need to change the boot kernel...which is done, afaik via d-i
<spool_> weird... I've gotten into trouble before with installing via apt v. installing via aptitude
<spool_> so I've tried to be consistent
<spool_> and it seemed like I could find more people who thought aptitude was better, so I stuck with it
<jronnblom> \sh: Im not sure what you mean by d-i? debian-installer? I did change the initrd.gz to include the piix module on a feisty desktop system and the copied that initrd.gz to the TFTP server
<spool_> ironically, gentoo seemed a lot simpler, it just took so long to do anything
<spool_> and if something was broken (and that was almost always my fault) I could usually figure it out, but it would take forever
<ivoks> jronnblom: http://myy.helia.fi/~karte/ubuntu_pxe.html
<\sh> jronnblom, you are booting with a normal pxelinux/dhcp/tftp situation or are you using the netboot from the alternate installation cd? if you use the last one, the boot kernel is different then your production kernel, and you need a rebuild of d-i after you changed your kernel config. 
<jronnblom> ivoks: got all that working with dhcpd/tftp and that site is referring to breezy not feisty
<\sh> what I mean with "netboot" is that you boot the standard installation boot kernel, which works very good with our d-i 
<spool_> well, anyway, I'll get back to useful things so you can help others: thanks very very much
<ivoks> your problem is that root is not /dev/ram
<ivoks> but /dev/rd/0 iirc
<jronnblom> \sh:Im booting the vmlinuz file from netboot.tar.gz but the initrd.gz is from an running desktop system. I suppose the problem is that the initrd.gz in the netboot.tar.gz is a special one that I can't replace with the netboot from a running system?
<ivoks> right, you can't
<jronnblom> ivoks: there is no /dev/rd/0 on my system and also no /dev/ram
<\sh> jronnblom, that's right...most propably the initrd in the netboot.tar.gz comes from d-i run...there is a special linux kernel for d-i things
<jronnblom> \sh: so how do I modify the initrd.gz that is in the netboot.tar.gz to include the piix module? Can it be done with the initramfs-tools in an easy way? Or do I have to unpack the initrd.gz and manually edit the /etc/module (whatever its named) and copy the piix somwhere in the initrd.gz?
<jronnblom> Or is there a new feisty d-i kernel with piix in it somewhere? Official or not ;)
<\sh> jronnblom, last time I changed the initrd I just compiled the module with the correct kernel version, and moved it into the initrd
<\sh> that worked
<\sh> and today, I just use FAI to install my servers, even with special kernel..that's more easy 
<jronnblom> \sh: So you recommend FAI instead of d-i and preseeding?
<\sh> jronnblom, I don't recommend anything, but if you have a couple of servers which needs to be reinstalled very fast, fai is much better then using d-i and preseeding.
<\sh> it's more flexible, but needs more brain to setup
<\sh> you can add your own repositories for kernels and special software without breaking anything from ubuntu
<\sh> jronnblom, take a look at http://www.informatik.uni-koeln.de/fai
<\sh> jronnblom, fai is a debian project, and very good supported by ubuntu community, naming siretart and my person
<jronnblom> \sh: Ah, i'll look into FAI again. I heard about it when I started looking at preseed but it's a bit hard to see what differentiates the automatic installtion systems that exist today
<\sh> jronnblom, fai is a system like jumpstart from solaris
<\sh> jronnblom, but it's even more flexible..
<\sh> jronnblom, I'm installing not only debian or ubuntu with it, but suse, redhat etc.
<\sh> jronnblom, the only thing you need to have is a server with ubuntu/debian and fai on it..dhcpd , pxelinux and tftp is straight forward
<jronnblom> \sh: I only run Ubuntu now and few old Trustix 2.2 server which where installed by kickstart (redhat) so I have to replace kickstart with something and got stuck on the piix module in feisty :( 
<\sh> jronnblom, shermann@shermann-home:/lib/modules/2.6.20-15-generic/kernel$ find . -name "piix*" 
<\sh> ./drivers/ide/pci/piix.ko
<\sh> jronnblom, it should be also in the initrd from the boot kernel...or it's in the boot kernel from feisty server edition
<jronnblom> \sh:hmm, so then it should work out of the box... Maybe I got confused by the need to load piix when booting from the CDROM
<jronnblom> :\sh: is FAI faster then preseeding?
<\sh> jronnblom, 6 minutes for a plain ubuntu server on a dl360
<ivoks> + 2 weeks to set it up :D
<\sh> nope...1 hour
<\sh> whem I'm doing it ;)
<\sh> (without the download of the ubuntu archives ;)))
<jronnblom> haha ;)
<\sh> brb smoking and catching a beer
<\sh> to be honest, I have my config space for fai always on my usb stick :)
#ubuntu-server 2007-05-29
<qman> I have a question about dhclient-exit-hooks
<qman> where is the script supposed to be, such that it will actually be called? I'm getting a lot of conflicting information
<foo> I'd check the man page
<qman> it doesn't go into detail
<qman> it seems like it just wants /etc/dhcp3/dhclient-exit-hooks, but some other files hint at it being just in /etc, and there is a /etc/dhcp3/dhclient-exit-hooks.d/ directory
<JuanTao> I've tried several attempts to setup a firewall and do NAT on eth1 for my LAN including the instructions at https://help.ubuntu.com/7.04/server/C/ip-masquerading.html and firewallhttp://www.section6.net/wiki/index.php/Setting_up_a_Firewall_NAT_using_IPTables but i've only succeeded in breaking stuff (three ffr's) any recommendations?
<qman> All I can tell you is, I've spent the last few weeks doing basically the same thing, and I finally gave in and read about a dozen manuals on iptables
<qman> none of the programs that are supposed to make it simpler have worked
<JuanTao> qman, one of the sysadmins where I used to work wrote a script for me that worked beautifully - but for the last two years I've run FreeBSD. Now that I'm switching back to Linux, he's going to re-send it to me. Do you want to try it if it works?
<qman> no thanks, I've already done it the hard way
<qman> but I appreciate the offer
<JuanTao> qman: did you say 'do some reading'? Ack...
<qman> I've spent a total of around 30 hours reading just on iptables
<qman> no lie
<JuanTao> hat's off!
<qman> at least it's knowledge that can be put to good use in more than just one situation :)
<JuanTao> yes. I seem to be a pretty slow learner, but the notebook i've kept has been valuable. I will keep pluggin away. (or chmod a+x my friend's script when it arrives ; - )
<qman> heh
<qman> for some reason, iptables is just one of those things that doesn't make sense until you've put a LOT of time into it
<JuanTao> thanks for the encouragement, I'm off to bed - lot's of reading in my future ...
<qiyong> is there any web interface to manipulate virtual users for postfix?
<qiyong> or any other MTA
<ivoks> afaik, no
<ivoks> but you can always write one your self :)
<ivoks> or try ispconfig
<fernando> moin all
<svschwartz> fernando
<lparry> hey can someone help me with svn. I have got it working successfully, but I want to know how I can use it to monitor a web directory, that I can browse and update using svn
<steveire> Hey. I've installed an AMP stack on my laptop, because I want to try out a few cmses for a website. I'd like for it to be possible for my friends to be able to connect wirelessly to the server on my laptop from their windows laptops. Is it possible?
<mralphabet> steveire: sure
<steveire> Do I need to install samba or anything?
<steveire> mralphabet: A little help?
<shawarma> steveire: It should just work.
<shawarma> steveire: If they have network access to your machine, it should be all good.
<steveire> How do I give them network access to my machine?
<shawarma> Er... Be on the same network as them :)
<steveire> Imagine I'm in a room with them. We all have wireless network cards in our laptops. There is no router or anything. Next what?
<steveire> No existing network
<mralphabet> wireless is not limited by an existing network
<steveire> OK. I type 127.0.0.1 in my browser to access the server on my own laptop. How do I access it from the other laptop?
<shawarma> steveire: I suggest you ask in #ubuntu how to set up networking between you.
<steveire> shawarma: I have to set up some kind of ad-hoc network then, yes?
<shawarma> steveire: probably, yes.
<steveire> Thanks for the help. I seem to be going in circles.
<leonel> steveire: first setup your wireless 
<steveire> leonel: My wireless card? Network? Do I need samba?
<leonel> no
<leonel> weel
<leonel> well
<leonel> how  are you going yo update the contents ?
<leonel> most of the CMS  update their content using the  html forms provided 
<steveire> I'm trying out some cms software. Some friends and I want to make a website. I've installed ubuntu-lamp and some cmses on my laptop and they work fine. I'd want them on their windows laptops to be able to see what I put up there. That's about it.
<leonel> that's with  apache  only
<steveire> hmm?
<leonel> use the browser  on the windows machines
<leonel> and point  to the  wireless ip 
<steveire> Ok. I think someone on #ubuntu suggested that too. I'll try 192.168.x.x. 
<steveire> Aren't ip addresses usually assigned by a router though...?
<leonel> you can  set up that in  /etc/network/interfaces 
<leonel> so the wireless can be static
<leonel> or in the router  assing the same ip to  your wireless with the  ARP
<steveire> OK. There won't be any router, just three laptops. I'll have a look at /etc/network/interfaces
<steveire> So I add something like http://pastebin.ca/519246 to the file?
<steveire> Actually I'm not so sure about that any more.
<steveire> q
<leonel> that's right 
<steveire> other man pages like wireless and iwconfig seem to say wireless is different/separate. I'll turn off the router here and have a go anyway. Cheers
<steveire> leonel: Hey. That entry in /etc/network/interfaces didn't change anything.
<leonel> ??
<steveire> I turned off the router here, and tried to access the apache server on my ubuntu laptop from my windows laptop after editing /etc/network/interfaces like this: http://pastebin.ca/519246
<leonel> did  you restart the network ?
<steveire> I don't know the command-line way. I used knetwork manager to go to offline mode and online mode again. I thought that would reparse the config file. ifconfig didn't show anything about a 192.168.1.20 ip address after that. I don't know what else to look for.
<leonel> ok 
<leonel>  /etc/init.d/networking  restart
<leonel> and  then check the ip   with  ifconfig 
<steveire> right so. That'll probably disconnect me.
<leonel>   it will
<steveire> It didn't O_o
<steveire> I'll disconnect my router and try again.
<steveire_> http://pastebin.ca/519321 <<< There's the output
<steveire> Am I missing something obvoius that I need in the interfaces file?
<shawarma> steveire: It's really not within the scope of this channel. You should try #ubuntu. When you get to the apache bit, you can come back here :)
<steveire> sigh. Alright. Didn't get any answers from them though. Cheers.
<leonel> let me understand 
<leonel> you want  wireless to wireless communication ?
<leonel> steveire: ?
<steveire> leonel: Yes.
<steveire> leonel: Is that something specifically difficult?
<leonel> you need to setup  your wireless as  ad-hoc
<steveire> OK. How?
<steveire> Do I edit /etc/network/interfaces to do that?
<leonel>  check this link  http://justlinux.com/forum/archive/index.php/t-147208.html
<steveire> Alright thanks. I'll think about how that applies to me. When he says he gives the wireless network adapter a certain configuration, that means editing interfaces, right?
<leonel> yes
<leonel> or use  iwconfig 
<steveire> leonel: I followed this: http://ubuntuforums.org/showpost.php?p=841459&postcount=5 which was linked to in that one. Here's the output: http://pastebin.ca/519439
<steveire> I don't know what the error means
<leonel> steveire: 
<leonel> leonel@ubuntu:~$ sudo iwconfig eth1 mode ad-hoc
<leonel> no errors here
<leonel> what wireless card you have ?
<steveire> Ethernet controller: Atheros Communications, Inc. AR5212 802.11abg NIC (rev 01)
<steveire> according to lspci
<steveire> I'm gonna have to give up.
<steveire> cheers.
<hansin321> http://myy.helia.fi/~karte/ubuntu_pxe.html
<ph1zzle> hey guys
<ph1zzle> I have a small problem with feisty server I was hoping someone could help me with, I just installed a new hard disk in this server and copied everything from the old one to the new one, now /var is a seperate partition like it was on the old system but mountkernfs is complaining because it cannot find /var/run and /var/lock I think was the other one, in order to mount them tmpfs, does anyoen know what I shoud do?
<qman> check /etc/fstab to make sure it's correct for the new disk
<qman> your partition labels may have changed, and if it uses UUIDs, they will be different for sure
<ph1zzle> yes I setup uuid's and I just found the problem
<ph1zzle> ubuntu needs /var/run and /var/lock to exist even if they are mounted over, I don't know why
<ph1zzle> if you look at the /etc/rcS.d/S01mountkernfs.sh it will mount /var/run and /var/lock as tmpfs even though the /var is not mounted till S35mountallfs.sh
<mrpoundsign> how do I tell dhclient to renew on an interface?
<ivoks> ph1zzle: er...
<ivoks> ph1zzle: you need to have mountpoint to mount something in it
<ph1zzle> ivoks, yes I do
<ph1zzle> glad you noticed
<qman> what he's saying is, /var/run and /var/lock need to exist before /var is mounted
<ivoks> ah... :)
<qman> I was unaware of this, too
<ph1zzle> I had to do some greping and readnig of shell scripts to find out
<ph1zzle> I actually kind of thought it a little odd that they would mount that but not allow me to mount /var first but it works now and I have other shit to do so I will let it go the way it's meant to 
<ph1zzle> I had a spammer abuse my mail server yesterday which seems is fun...
<ph1zzle> on one hand I when I came home from boating (me lives in Fort Lauderdale) the companies /var partition was so full all company mail had stopped moving, but on the other hand a) the boss bought a bigger hard drive and I see a vital flaw I misunderstood in the configuration
<ivoks> well... true...
<ivoks>  /var/run is mounted before /var
<ivoks> but is cleaned after that
<spiekey> hello!
<spiekey> i am trying to smbldap-populate my box but get: failed to add entry: no global superior knowledge at /usr/sbin/smbldap-populate line 495, <GEN1> line 2.
<spiekey> any idea why?
* dashaun needs postgres help
<dashaun> postgres isn't starting, installed binaries with apt-get, try to start the service, status confirms that service did not start
<dashaun> i did have logs before today, at some point, something went whacko
<dashaun> my /var/lib/postgresql dir is empty
<dashaun> thats not good
<CharlieSu> could anyone help me w/ a PAM problem?  please look at http://pastebin.ca/520158   I'm trying to login via SSH w/ a publickey instead of password auth..  
<dashaun> you are trying to login as root?
<qman> generally, remote root logins are disabled by default, for security
<qman> try doing it with another user
<Burgundavia> CharlieSu: using root is a bad idea, in general
<CharlieSu> Burgundavia: understand.. besides that though?
<CharlieSu> any idea?
<Burgundavia> are you having issue siwth general users?
<CharlieSu> Burgundavia: no regular users login w/ keys.. only passwords..  and that is LDAPed
<Burgundavia> ahh
<Burgundavia> hmm
<CharlieSu> it is a PAM config error.. i was wondering if you knew of any part of that config file in the paste bin that would stop keys from logging in.. now when i try and use the key it prompts for password still instead.
#ubuntu-server 2007-05-30
<jtole_> hey guys
<jtole_> I was wondering if anyone could help me with a simple problem, I am trying to install mailscanner and clamav as a single apt-get process and now trying to remove them to see if it fixes the bug, I get => debconf: DbDriver "config": could not open /var/cache/debconf/config.dat
<jtole_> does anyone know why... or better yet how I create that file
<jtole_> which I know doesn't exist
<jtole_> nevermind
<jtole_> I just created the dir and touched the file and it ran through fine
<r00tintheb0x> wow @ http://www.getdeb.net/
<Burgundavia> crack built debs of questionable quality
<qiyong> dovecot only support local user, not virtual user, right?
<ajmitch> dovecot can support virtual users
<ajmitch> you just have to define a userdb & passdb to use, like a static file
<ajmitch> eg I use passdb passwd-file, and userdb static
<jtole_> hey guys, whats the command again to automatically add or remove something from init?
<jtole_> like to create and remove the links from init.d to rc{2,3,5}.d?
<jtole_> um, actually, if anyone could help me with a bit of a trickier question I am having a unknown problem with apt-get trying to remove a package, I added the -f on this one after it failed without it => http://rafb.net/p/b7DqUZ54.html
* netjoined: irc.freenode.net -> kubrick.freenode.net
<Fezzler> I can map to (Vista) and mount (OS X) Linux server files, but the permission for the folder isn't extending to files in them??
<jtole> hey guys, real quickly, in 7.04 server how do I tell apache2 to run perl / cgi scripts
<jtole> I have looked in a few places so far and I don't see an answer
<qiyong> !postfixadmin
<qiyong> is postfixadmin in ubuntu? i can't find it
<Burgundavia> I have no idea to eitehr question
<qman> if it is, it's most likely a package in the repositories
<qman> a quick search says no
<qiyong> so postfix lacks a web interface for management
<qman> this may be of help: http://flurdy.com/docs/postfix/
<qman> it's written for Dapper, but should translate pretty easily for edgy or feisty
<Skaag> how do I reinstall a module I removed from the kernel?
<qman> modprobe module_name
<Skaag> I mean the file itself ;-)
<Skaag> do you know how I re-apply the settings in sysctl.conf?
<qiyong> !PostGrey
<Skaag> ok sysctl -p does that
<qiyong>  what the benefit ldap is over mysql solution?
<qman> you can combine it with any other user database type
<qman> like active directory, for example
<qiyong> !king
<qiyong> ubuntu has certificate 'king'?
<shawarma> What?
<ivoks> ?
<shawarma> qiyong: What do you mean by "ubuntu has certificate 'king'" ?
<qiyong> shawarma, after a default installation, and I connect to the server 25 port with tls
<qiyong> shawarma, it shows me the king certificate
<ivoks> snake oil?
<ivoks> on installation, all TLS/SSL services use same certificate, self-generated, dummy snake oil
<shawarma> qiyong: Er... A default installation does not listen on port 25?
<shawarma> qiyong: Also, I still don't understand "king"?
<qiyong> shawarma, default postfix installation
* shawarma sighs
<shawarma> How am I supposed to help, when they run off?
<svschwartz> hi all :) I want to manage my virtual hosting server via web ui, can anyone suggest the solution ? thnx :)
<svschwartz> for ubuntu of course
<svschwartz> I wanted to try VHCS, but the project is not actively maintain right now, imho
<svschwartz> anybody :)
<mralphabet> svschwartz: there is not a recommended solution for web management, though I think that is something beging worked on for gutsy
<mralphabet> s/beging/being
<effraie> o/
<effraie> does anybody knows if backporting php5 1.3 to dapper is dangerous?
<effraie> lionel: tu sais pas a, toi?
<lionel> hi effraie
<lionel> I did not test it
<lionel> I think a but report is opened on backporting php
<effraie> ah, ok
<lionel> It was rejected: too much packages to backport
<lionel> Bug #81029
<effraie> thanx lionel 
<lionel> you're welcome :)
<Znuffy> Hello. Are there PDO modules for php5 on ubuntu-server?
<leonel> Znuffy: what package or file name is one of them ?
<Znuffy> I have no idea to be honest
<Znuffy> all I know is that a web app can't find the PDO class, and from what I googled, it's a php extension
<Znuffy> The PHP Data Objects extension, which defines a lightweight and consistent interface for accessing databases <----
<leonel> no it looks like there's no  php-pdo in ubuntu
<Znuffy> that's bad
<Znuffy> seems there are some bugs
<leonel> where in php ? pdo ?
<Znuffy> leonel, no, I mean, reported bugs on ubuntu 
<Znuffy> any idea where I could find the "phpize" binary?
<qman> ok, I ran into one more little problem
<qman> after rebooting my server system, /proc/sys/net/ipv4/ip_forward is set to 0
<qman> what can I do so that it's 1 by default?
<qman> nevermind, I found it
<qman> option in /etc/sysctl.conf
<Paul_UK> hey all, i've got 2 interfaces, eth0 dhcp eth1 static.  eth0 shows up fine in ifconfig, whilst eth1 doesnt, i've configured it as per http://www.ubuntugeek.com/ubuntu-704-feisty-fawn-lamp-server-setup.html for the network interface, why wouldnt it start up?
<qman> run ifconfig -a eth1
<qman> err
<qman> ifconfig eth1
<Paul_UK> shows up everything apart from inet addr:
<qman> the broadcast/network and all that is correct?
<Paul_UK> yeah
<qman> then, open up /etc/network/interfaces and double check that you have the "address x.x.x.x" spelled correctly
<Paul_UK> i do
<qman> can you show me all relevant info to eth1 from that file?
<Paul_UK> sure 1 sec
<Paul_UK> http://rafb.net/p/Q1F1r432.html
<qman> correct me if I'm wrong, but shouldn't that be "auto eth0" and "auto eth1"
<qman> otherwise looks correct
<Paul_UK> im new to linux.  so i presumed that auth mean auto start it.  but i can take it out.
<Paul_UK> wait, sorry my mind must be wandering
<qman> mine all say "auto"
<Paul_UK> its auto eth1
<qman> oh, ok
<qman> if you run "sudo ifconfig eth0 192.168.0.1 netmask 255.255.255.0", does the interface accept the address?
<qman> err
<qman> eth1, in your case
<qman> sorry
<Paul_UK> yeah it does
<qman> then, other than simple typographical error, I don't see any reason for it to not be working
<Paul_UK> :) well the other error that I had, which was the dhcp server not working, well thats now working.  so im also at a loss why the eth1 isnt starting up
<qman> if you run "/etc/init.d/networking restart", does it stay broken?
<qman> or
<Paul_UK> no its fine now
<qman> sudo ifdown eth1; sudo ifup eth1
<Paul_UK> as in, not broken
<qman> ok
<Paul_UK> yeap its ok
<Paul_UK> let me reboot and see what happens
<qman> ok
<Paul_UK> no, dhcp server failed on startup and i presume eth1 didnt start
<Paul_UK> yeah eth1 is down
<Paul_UK> and messages shows nothing
<qman> hmm
<qman> and if you run ifconfig eth1, does it have everything filled out except the 
<qman> IP, or is it just not configured
<Paul_UK> it has everything except the IP
<Paul_UK> :)))))))))
<Paul_UK> well apart from that, i managed to get LTSP working fine.
<qman> if you set the IP manually with ifconfig, then attempt to restart dhcpd, what happens?
<qman> or whichever dhcp server you're using
<Paul_UK> well im setting the IP manually and then I am starting dhcp manually
<qman> did you start dhcp with the init script, or with something along the lines of "dhcpd &"
<Paul_UK> init script
<qman> ok
<Paul_UK> sh dhcp3-server start
<Paul_UK> to be honest, im running in a vmware environment and im not entirely convinced that ubuntu server actually works properly.
<qman> does that dhcp server create a script in /etc/init.d/ ?
<Paul_UK> which script?
<qman> I'm not really familiar with that dhcp server, I use dhcpd on mine
<qman> and my init script is /etc/init.d/dhcp
<qman> so your server is in a virtual machine?
<Paul_UK> yeah
<qman> is eth1 connected to anything?
<Paul_UK> all i have here is dhcp3-server
<Paul_UK> yeah
<Paul_UK> this is a clean install of ubuntu server
<Paul_UK> what bugs me alot, is that it stops at running local boot scripts and doesnt show the logon screen
<qman> is all the traffic on that virtual link from the 192.168.0.0 network?
<Paul_UK> yeah
<qman> my server shows the logon prompt, but then continues to run more services
<qman> so it clutters the screen
<Paul_UK> yeah, that is what i would be usually expecting
<qman> pressing enter gives you a fresh prompt
<Paul_UK> yeah i press enter and then i get a prompt
<qman> I'm not sure why they have it set that way, but it doesn't have any side effects, besides the annoying screen output
<qman> I'm fairly sure it's the order of the services in the rc scripts, but I don't have a deep knowledge of them, so I couldn't say what exactly to do to change it
<qman> but as far as the IP, that's a really unusual behavior
<qman> especially since setting manually with ifconfig works
<qman> my guess is one of your services or startup scripts is unsetting the IP
<qman> after /etc/network/interfaces sets it
<Paul_UK> i just dont get it, in the messages it shows eth0 being up and eth1 just being installed
<qman> have a look at /var/log/messages
<qman> I mean, the interfaces file you showed is correct, the only reason it wouldn't work is if there was a typo in it
<Paul_UK> agreed, i've checked it a dozen time.s
<qman> this is mine: http://rafb.net/p/Vy3NcS88.html
<qman> and that's a real system
<qman> it's my router/firewall
<Paul_UK> no commented out the other lines and still no joy
<Paul_UK> fresh install no LAMP and no DNS.
<qman> that's really strange
<qman> I wonder if it's a virtual machine glitch, or what
<Paul_UK> not sure, but this will go on a real machine once the concept has been proven, so im not worried (yet)
<Paul_UK> just want to say, thanks for your help, now i have to go and configure ltsp.. 
<qman> yeah, sorry it still doesn't quite work
<Paul_UK> its cool, i've written down the notes and thats good enough for me :)
<qman> I guess just to get it working, you could add a late startup script to set it manually
<qman> then restart dhcp
<Paul_UK> its ok, trust me.  after the proof of concept has been done, the vm is deleted :)
<Paul_UK> and the server will just be dhcp and ltsp, nothing else.
<Paul_UK> ok gotta jet.. cya l8r :)
#ubuntu-server 2007-05-31
<PanzerMKZ_> yo
<PanzerMKZ_> so might someone help me with the main diff between server and desktop kernel?
<Pumpernickel> Multi-tasking latency vs. batch-oriented settings.
<PanzerMKZ_> ok
<PanzerMKZ_> so which is which then
<PanzerMKZ_> ?
<Pumpernickel> The one for the desktop, where you generally want multi-tasking and visual responsiveness, is the one optimized for latency.
<PanzerMKZ_> oh ok
<Pumpernickel> The one for the server, where you generally have 'jobs' that you run in 'batches', is the one optimized for that.
<PanzerMKZ_> thanks
<PanzerMKZ_> but still good on smp yes?
<Pumpernickel> They'll both work on smp systems.
<PanzerMKZ_> ok
* Starting logfile irclogs/ubuntu-server.log
<Paul_UK> hey all, has anyone got working ubuntu-server and ltsp?
<shawarma> All our ltsp experts hang out in #edubuntu
<Paul_UK> thanks
<qiyong> how to know what sasl implementation the postfix is using?
<dsdg> halo, i am using mod_auth_mysql and apache 2 and I have seen the following note: AuthMySQLKeepAlive: Note: This parameter currently does not work with Apache 2.x and is ignored. We are aware of the bug. My question is how will i close stale open mysql connections? i am using ubuntu 
<dsdg> currently i am doing a restart of mysql and apache every morning at 5am, and it works but isnt there a better way?
<Stonekeepe1> Hi! I'm getting real problems installing server 6.06.1 on an Intel server. Firstly I had the dreaded "mp-bios bug 8254 timer not connected to io-apic" error. I got rid of that by adding "noapic no lapic" to the boot params, however, it's just hanging the same minus the error now. Any ideas?
<Stonekeepe1> *nolapic   not   no lapic
<ivoks> mmconf=off
<ivoks> or...
<ivoks> pci=nommconf
<ivoks> right, pci=nommconf
<Stonekeepe1> pci=nommconf?
<Stonekeepe1> never heard that one
<ivoks> hehe
<ivoks> try it, without nolapic and noapic
<Stonekeepe1> tried both
<Stonekeepe1> nommconf hangs too :(
<ivoks> hm
<Stonekeepe1> this is insane. I just *cannot* get it to boot with Ubuntu
<ivoks> what MB is that?
<Stonekeepe1> It's an old intel SMP mainboard
<ivoks> chipset?
<Stonekeepe1> i'm trying to find out how to determin the model
<Stonekeepe1> i wish i knew. You think trying to boot the desktop version may work, then get chipset from that?
<ivoks> did you tri nocpi (this would disable SMP, but worth a try)
<ivoks> s/tri/try
<ivoks> noacpi
<Stonekeepe1> on it's own?
<ivoks> yes
<Stonekeepe1> will try now
<Stonekeepe1> I read that older SMP boards have a nsty bug in them
<Stonekeepe1> noacpi on it's own doesn't work either
<ivoks> try disabling ioapic in bios
<Stonekeepe1> it's not an option in the bios :(
<Stonekeepe1> recovery mode shoots through!
<ivoks> phone
<Stonekeepe1> Hangs on : "Begin: Witing for root file system...."
<ivoks> that's ok :)
<ivoks> but it booted, right?
<ivoks> then, try booting regular kernel, and just remove quiest and splash
<ivoks> it should stop on the same place as 'rescue' mode
<ivoks> and that would means that everything is OK with acpi/apic/mmconf, problem is root device :)
<ivoks> s/means/mean
<Stonekeepe1> will try! :D
<ivoks> in grub, root points to what device? root=?
<Stonekeepe1> on the install cd?
<ivoks> is this install CD or you allready installed?
<Stonekeepe1> you are entirely right pal! thanks!
<Stonekeepe1> install cd
<ivoks> oh... :/
<Stonekeepe1> i think the raid is broken
<ivoks> root on install CD is RAM
<Stonekeepe1> yeah, it's the harddisks
<Stonekeepe1> hey man, thanks for your time
<ivoks> np
<ivoks> i'm not sure problem is with disks
<ivoks> if installer doesn't boot at all
<Stonekeepe1> it hangs on waiting for root filesystem
<Stonekeepe1> ...
<ivoks> right... that's not good
<ivoks> you have 6.06.1 server iso?
<Stonekeepe1> yeah
<ivoks> and you've burned it on CDROM like an iso, right?
<Stonekeepe1> yeah, i works for other hardware
<ivoks> hm
<ivoks> and you have quiet splash in grub, as an options?
<ivoks> hey!
<ivoks> you have grub?!
<ivoks> or is it isolinux?
<ivoks> (just making sure you aren't booting from disks :)
<Stonekeepe1> yeah
<Stonekeepe1> grub
<ivoks> grub is not boot loader on install CD
<Stonekeepe1> no no :) disks are formatted :D
<Stonekeepe1> um..................
<Stonekeepe1> o.O
<Stonekeepe1> hang on, I'm going mad... yeah, it's booting off HD
<Stonekeepe1> sorry!
<ivoks> when you boot, do you get ubuntu logo?
<ivoks> :)
<Stonekeepe1> lol
<Stonekeepe1> I'm going mad
<Stonekeepe1> yeah, it's installed on HD, reboot then hangs on waiting for root FS
<Stonekeepe1> so it's the disks right?
<ivoks> ok, then we will fix it
<ivoks> what does root= says? (in grub)
<Stonekeepe1> ok, will reboot. These mainboards take ages to reboot
<Stonekeepe1> it's /dev/cp/rd00010 or something
<ivoks> um..? :)
<Stonekeepe1> thing is, the raid bios magically made a raid 1 from 3 disks o.O 
<Stonekeepe1> 3x34 gig disks and it gives 50G raid 1
<Stonekeepe1> sounds dodgy to me
<Stonekeepe1> (nearly there)
<Stonekeepe1> here we go:
<Stonekeepe1> root=/dev/rd/c0d0p1
<ivoks> rd?
<Stonekeepe1> however, there is a "ro" option o.O
<ivoks> hm...
<ivoks> that's ok
<Stonekeepe1> it's a mylex raid
<ivoks> did you install special modules for it?
<Stonekeepe1> shall i take one disk out, get a standard raid 1, format from bios then reinstall?
<Stonekeepe1> no
<ivoks> just let it boot...
<ivoks> when it stops, wait...
<ivoks> it will eventualy give up and give you a shell
<Stonekeepe1> yes ok
<Stonekeepe1> booting now
<Stonekeepe1> btw, whilst it's booting, I have some other servers with a 3rd party module. How can i insert that at install time on 6.06?
<Stonekeepe1> in feisty they have the new "3rd party driver" option, buit not 6.06
<ivoks> :)
<ivoks> alt+f2
<Stonekeepe1> insmod then?
<ivoks> welll
<ivoks> cp it to /lib/modules/`uname -r`/kernel/drivers/
<ivoks> depmod
<ivoks> modprobe it
<ivoks> that way it will end up in initrd
<Stonekeepe1> alt-f2 at which point?
<Stonekeepe1> language select?
<ivoks> after it downloads additional commponents from CD
<ivoks> when it says that it can't find disks
<Stonekeepe1> ah ok, then <back>
<Stonekeepe1> and redo that bit?
<ivoks> no
<ivoks> yes :)
<ivoks> so... yes is my finall answer :)
<ivoks> did you change partition table with ubuntu installer while installing on this server?
<ivoks> if yes, there is some strange thing with mylex
<ivoks> You have to reboot after altering the partition table, if you have any partitions on that drive mounted.
<ivoks> http://linuxmafia.com/faq/VALinux-kb/hardware-raid-partitioning.html
<Stonekeepe1> they weren't mounted, unless the installer does?
<Stonekeepe1> it's booted
<ivoks> ok, so you've got the shell?
<ivoks> go in /etc/rd
<ivoks> and checkout what you have there
<Stonekeepe1> will do
<Stonekeepe1> rd?
<Stonekeepe1> rd.0 ?
<Stonekeepe1> rd.3?
<Stonekeepe1> omg
<Stonekeepe1> there isn't even init.d
<Stonekeepe1> ah, we're not on the root partition
<ivoks> sorry, by bad
<ivoks> my bad
<Stonekeepe1> ok
<ivoks>  /dev/rd
<Stonekeepe1> i see the issue
<Stonekeepe1> yeah, the partition doesn't exist
<Stonekeepe1> omg /dev/rd doesn't exist!
<ivoks> beh...
<Stonekeepe1> mylex driver not installed?
<Stonekeepe1> yet it installs...
<ivoks> what's the name of that module/driver?
<Stonekeepe1> not sure.. let me see
<ivoks> dac960
<Stonekeepe1> yeah it is
<Stonekeepe1> accelaraid 352
<ivoks> i don't know the name of the module
<ivoks> :/
<Stonekeepe1> I'm sure DAC960 messages come up
<ivoks> yeah, i know, but we need to find out name of the driver
<ivoks> ah...
<ivoks> found it
<Stonekeepe1> http://ubuntuforums.org/showthread.php?t=355912
<ivoks> try modprobe DAC960
<Stonekeepe1> module not found
<ivoks> hehe nice :)
<ivoks> go to /lib/modules/`uname -r`/kernel/drivers/block
<ivoks> is there anything?
<ivoks> there should be DAC960.ko
<ivoks> if not, we can fix this (but that includes reinstall)
<Stonekeepe1> no
<Stonekeepe1> there are 2 mods in that dir: 
<ivoks> or... you can do this...
<Stonekeepe1> cciss cpqarray
<ivoks> boot installation 
<Stonekeepe1> i got the install cd in drive now
<ivoks> and go with it all the way till partitioning
<Stonekeepe1> ok
<ivoks> when it comes to partitioning - stop
<Stonekeepe1> ok
<Stonekeepe1> do you think that 3disk raid 1 is bad?
<Stonekeepe1> because i may as well sort that out first
<ivoks> then you'll have to resintall it :)
<ivoks> but, if you want something else, do it
<Stonekeepe1> i will reinstall
<Stonekeepe1> ok, what do i do when i get to partitioning?
<ivoks> continue with partitioning :)
<ivoks> since you are doing reinstall :)
<ivoks> if i disapear in the meantime, check out http://ubuntuforums.org/showthread.php?p=2754170#post2754170
<Stonekeepe1> hay, thanks for your time
<Stonekeepe1> i'm just ensuring that the raid configuration is totally correct before i continue
<Stonekeepe1> bug in installer?
<ivoks> well, it can be called as a bug :)
<ivoks> one more thing... if you have /boot on separate partition, *mount* it too, before doing chroot
<Stonekeepe1> sure
<Stonekeepe1> thanks man, you're a life saver
<ivoks> np
<ivoks> with next kernel update, you shouldn't expirience any problems, since initrd would include DAC960
<Stonekeepe1> doesn't updates d/l new initrds?
<ivoks> no, it generates it
<ivoks> with update-initrd -u
<ivoks> this way every machine can have its own initrd
<Stonekeepe1> right ok
<Stonekeepe1> I was just thinking about the other servers i have to do with the custom module
<Stonekeepe1> i thought kernel upgrades would kill the module because of kernel module magic number
<ivoks> if new kernel doesn't have module you need, then you'll have to build it for it
<Stonekeepe1> yeah, on suse it used to do kernel updates like normal package updates
<Stonekeepe1> really annoying - am glad ubuntu server holds kernel updates back
<Stonekeepe1> should i report this bug?
<ivoks> about dac?
<Stonekeepe1> yeah
<ivoks> wouldn't hurt, yes
<Stonekeepe1> https://bugs.launchpad.net/ubuntu/+source/initramfs-tools/+bug/31035
<Stonekeepe1> hey ivoks, seriously, thanks for your time on this
<ivoks> sure... ok :)
<Stonekeepe1> omg
<Stonekeepe1> i dont have /etc/initramfs-tools
<ivoks> you didn't chroot
<Stonekeepe1> i did!
<ivoks> oh.
<ivoks> it's /etc/mkinitramfs on 6.06
<Stonekeepe1> oh :)
<Stonekeepe1> few
<Stonekeepe1> phew
<ivoks> any luck? :)
<Stonekeepe1> yeah!!!! THANKS!!!!
<Stonekeepe1> it's doing background initialisation now
<Stonekeepe1> i never really understood what that was
<Stonekeepe1> i've got a conclusive howto here now
<ivoks> great
<ivoks> hi
<ivoks> shawarma: need help with ubuntu-server-tasks?
<shawarma> ivoks: Input is always welcome.
<ivoks> i would like to work on mail part
<ivoks> or something like smb+afp+ftp
<Panzer_> afp?
<shawarma> ivoks: That would be great.
<ivoks> Panzer_: yeah, for macs
<Panzer_> ok so that is the mac file server service then?
<ivoks> yes
<ivoks> for macs < osx
<ivoks> but is also great for osx
<ivoks> but i doubt netatalk would get accepted in main :)
<ivoks> since it is a technology that is passing away :/
<shawarma> ivoks: I just took over the spec today, I think. Last time I read it was at UDS in Paris, so it's been a while. AFAIR it's just tasks. No configuration or anything like that. 
<ivoks> :)
<shawarma> ivoks: I'm somewhat doubtful of the usefulnes, actually, but people seem to like it.
<ivoks> ok
<ivoks> i'm planing to offer a product, based on ubuntu, light server without fancy stuff
<shawarma> It basically just boils down to a set of packages that someone has said are good to perform certain tasks. In order to actually get them to do said tasks, you have to configure them yourself.
<ivoks> so, whatever comes out of it, i would be more than happy to bring ti back into ubuntu
<Panzer_> for me I am new to linux and I picked up ubuntu server first.
<shawarma> Panzer_: Yes? Did you find the DNS or LAMP server tasks useful?
<ivoks> we have dns stuff? :))
<shawarma> Those are the two tasks we have now.
<shawarma> bind9 ftw.
<ivoks> i didn't install non-dapper server yet :)
<shawarma> Dapper had the LAMP install option on the boot screnn, right?
<ivoks> yes
<Panzer_> well I have not a lamp server up yet
<Panzer_> mostly it is my dapper file server
<Panzer_> smb
<shawarma> Ok.
<Panzer_> it forces me to use the command line
<shawarma> It does.
<ivoks> and that's a very good thing
<Panzer_> oh yea
<shawarma> I'm working on a project to make at least file/print services more accessible.
<ivoks> shawarma: trough another client?
<shawarma> (Think web interfaces)
<Panzer_> well for me once someone showed me what was going on it was easy
<ivoks> it would be great to have a client-server app
<shawarma> ivoks: Ah, no, I meant configuration of them.
<ivoks> i see
<ivoks> well, that's what i'm talking about, client GUI app to conect to server
<ivoks> just for configuration
<ivoks> web based is also great... i just prefere gui app out of the server :)
<shawarma> ivoks: Oh, we're not going to be putting x libraries or gtk or anything on servers.
<shawarma> ivoks: But we want it to be shiny, easy and simple. Hence: web.
<ivoks> server:port -> client:app
<ivoks> so, another ubuntu/windows mashine fires up gui app which configures services on server
<shawarma> ivoks: That would be an option, too.
<ivoks> no X stuff on server
<shawarma> ivoks: The major problem is that we'd have to support all sorts of different clients. Not just Ubuntu ones.
<ivoks> right
<shawarma> ivoks: And *everyone* can do web.
<ivoks> pygtk :)
<shawarma> ivoks: pygtk on windows... /me shudders
<ivoks> :)
<shawarma> ivoks: The advantages of going the web way greatly outweighs the downsides.
<ivoks> well, that's fine with me :)
<ivoks> if you need second pair of hands on that project, i'm interested in helping
<ivoks> what do you plan to integrate in it?
<shawarma> ivoks: It's likely going to be based on eBox.
<shawarma> ivoks: http://www.ebox-platform.com/
<ivoks> taking a look...
<shawarma> It's... /me shudders... perl.
<ivoks> doh... you can't have everything :)
<ivoks> lots of features...
<ivoks> hm, but i think it could use some UI love
<ivoks> i like the choosen software
<ph1zzle> hey guys, I am trying to find mod_auth_imap or mod_auth_mysql for apache2 on ubuntu feisty server and so far I have not seen it in packages.ubuntu.com or anywhere else I have looked
<ivoks> libapache2-mod-auth-mysql
<shawarma> libapache2-mod-auth-mysql
<shawarma> heh..
<shawarma> Don't know about imap.
<ivoks> auth over imap?
<ivoks> some people have lots of free time :)
* shawarma calls it a day
<Panzer_> what is only 1100 
<Panzer_> you can't call it a day now
<FlyingSquirrel32> When i try to start Sendmail (sudo /etc/init.d/sendmail start), it just hangs. no errors. Where can I find logs on what's going wrong.
<FlyingSquirrel32> that's a question ^   :)
<leonel> FlyingSquirrel32: check the dns config   or your gateway 
<kronus> hi
<kronus> i installed ubuntu-server on a box, and it didn't autoconfigure eth0
<kronus> when the box starts up, ifconfig just shows lo
<kronus> how do I get it to do a DHCP request on startup?
<mralphabet> kronus: look at /etc/network/interfaces
<kronus> bash sez: not a directory
<kronus> that is...because it is a file?
<kronus> in any case, it's empty
<kronus> oh wait, found it
<kronus> what should I do here?
<mralphabet> kronus: does it have anything for eth0?
<kronus> no
<kronus> adding 'iface eth0 inet dhcp' shoudl do it?
<mralphabet> think so
<kronus> nope, no interface
<mralphabet> dmesg | grep eth
<kronus> shows up
<kronus> if I do dhclient eth0, it comes up fine
<mralphabet> that should show something like
<mralphabet> [   43.257603]  eth0: RealTek RTL8139 at 0xf8846800, 00:11:2f:08:54:0c, IRQ 20
<kronus> yep
<mralphabet> [   43.257606]  eth0:  Identified 8139 chip type 'RTL-8101'
<mralphabet> [   52.481558]  eth0: link up, 100Mbps, full-duplex, lpa 0x45E1
<kronus> only 1 line, though
<mralphabet> what kind of card?
<kronus> is multiline paste fine?
* kronus hopes so
<kronus> [   33.345935]  e100: eth0: e100_probe: addr 0x82100000, irq 9, MAC addr 00:90:27:AA:AE:7F
<kronus> [  247.028228]  ADDRCONF(NETDEV_UP): eth0: link is not ready
<kronus> [  247.038096]  e100: eth0: e100_watchdog: link up, 100Mbps, full-duplex
<kronus> [  247.058060]  ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready
<kronus> [  257.426224]  eth0: no IPv6 routers present
<mralphabet> huh
<kronus> card is a no-name
<kronus> it works fine, if i connect a keyboard and run sudo dhclient eth0
<mralphabet> interesting
<kronus> i just want it to do that when it starts up
<kronus> since it's going to be a headless box
<mralphabet> as a short term fix you could put that in rc.local
<kronus> the one in /etc or in /etc/init.d
<mralphabet> but that's not the right answer for you, I just don't know the right answer
<kronus> well, thanks anyway
<mralphabet> etc
<kronus> i'll try that
<mralphabet> etc/init.d/rc.local is for things that get restarted (odd services or whatever)
<mralphabet> I take that back
<kronus> rc.local gets run at root, right?
<kronus> as*
<kronus> seems to have worked
<mralphabet> etc/init.d/rc.local processes etc/rc.local
<mralphabet> yes
<kronus> thanks very much :D
<mralphabet> again, not the right answer, you will want to continue looking for the right way to do it
<kronus> it's probably an /etc/network/interfaces issue
<kronus> this file looks a lot more fleshed out than mine : http://david.decotigny.free.fr/libre/ibook2-debian/etc/network/interfaces
<mralphabet> heh, a bit
#ubuntu-server 2007-06-01
<gecko89> wondering if anyone can help with a LAMP server?
<gecko89> I only have the LA
<gecko89> i've installed the php module, it doesn't seem to be working... phpinfo() yields a blank page
<ajmitch> what did you install? libapache2-mod-php5 ?
<gecko89> yes
<ajmitch> do you have php5.conf & php5.load symlinks in /etc/apache2/mods-enabled ?
<gecko89> let me check
<gecko89> I added the files.. is there some special way to handle them?
<ajmitch> added, how?
<gecko89> cp
<ajmitch> did you just create the symlinks?
<gecko89> no, what's a symlink?
<ajmitch> uh oh
<ajmitch> best to just remove the files you copied, and use a2enmod
<ajmitch> specifically, a2enmod php5
<gecko89> how do i use a2enmod
<gecko89> oh its just a command
<gecko89> alright lemme try restarting apache
<ajmitch> once you restart apache, check /var/log/apache2/error.log
<ajmitch> you'd see a line similar to:
<ajmitch> [Wed May 30 07:36:43 2007]  [notice]  Apache/2.2.3 (Debian) PHP/4.4.4-8+etch1 configured -- resuming normal operations
<ajmitch> if it is loaded
<gecko89> PHP Warning:  PHP Startup: Unable to load dynamic library '/usr/lib/php5/20060613+lfs/xmlrpc.so' - /usr/lib/php5/20060613+lfs/xmlrpc.so: cannot open shared object file: No such file or directory in Unknown on line 0
<gecko89> [Thu May 31 20:44:35 2007]  [notice]  Apache/2.2.3 (Ubuntu) PHP/5.2.1 configured -- resuming normal operations
<ajmitch> interesting
<gecko89> still getting a blank page
<ajmitch> you've installed php5 only from ubuntu repositories?
<ajmitch> not using getdeb.net or similar?
<gecko89> i did apt-get install php5-common
<gecko89> this is all a little different, i previously ran an apache 1 server with php 4 on windows
<ajmitch> are you trying to load an xmlrpc extension in /etc/php5/apache2/php.ini ?
<gecko89> let's see here
<gecko89> i don't think so, the only reference to xmlrpc in php.ini is:    [xmlrpc] 
<gecko89> ;xmlrpc_error_number = 0
<gecko89> ;xmlrpc_errors = 0
<ajmitch> interesting, I wonder why it's trying to load it. anyway, it's in the php5-xmlrpc package
<ajmitch> and your sample phpinfo page, where is it?
<gecko89> /var/www/
<gecko89> document root
<ajmitch> right, using long tags? 
* ajmitch would assume short opening tags is turned on anyway
<gecko89> this is what it is...
<gecko89> <html>
<gecko89> <body>
<gecko89> <?php phpinfo();
<gecko89> ?>
<gecko89> </body>
<gecko89> </html>
<ajmitch> ok, which works fine for me
<ajmitch> it does have a .php extension?
<gecko89> yes
* ajmitch has to check the obvious first :)
<gecko89> at first firefox wouldn't recognize it, but i added the file type to apache2.conf
<ajmitch> right, how did you add it?
<gecko89> i just installed the php5-xmlrpc package, it no longer does the same error
<ajmitch> that addition should probably be removed now
<ajmitch> since php5.conf in /etc/apache2/mods-enabled has the right configuration syntax to use
<gecko89> AddType application/x-httpd-php .php .phtml
<gecko89> took it out, still getting just a blank page
<gecko89> apache gives an error apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1 for ServerName
<gecko89> i dont think that has anything to do with it though
<ajmitch> no, it shouldn't
<ajmitch> nothing else in error.log?
<gecko89>  nothing
* ajmitch waves to hads
<hads> :)
<gecko89> i have webmin installed, would that be causing any trouble?
<ajmitch> webmin causes all sorts of troubles
<ajmitch> which is why it was removed from debian & ubuntu
<gecko89> how do i remove it
<ajmitch> problem is how it can end up mangling configuration files
<ajmitch> hads: situation is, php5 module appears loaded, everything in the right place, phpinfo() isn't spitting out anything
<gecko89> it hasn't helped me any way so im fine with parting with it
<ajmitch> hi ibeardslee :)
<ibeardslee> hi ajmitch 
* ajmitch is sure it'll be something simple
<gecko89> alright, i removed webmin
<gecko89> still blank, heh
<gecko89> is there any special change i need to make to apache2.conf, or did the add-module part take care of everything?
<gecko89> er, mods-enabled
<ajmitch> no, unless webmin broke the config :)
<gecko89> well im checking paths and stuff, it's pointing to the right place
<gecko89> php5.load:  LoadModule php5_module /usr/lib/apache2/modules/libphp5.so
<gecko89> and libphp5.so is there
<gecko89> i see php5.conf took care of the file types
<hads> Is phpinfo showing anything? The source file?
<ajmitch> and does /etc/apache2/apache2.conf have these 2 lines?
<ajmitch> Include /etc/apache2/mods-enabled/*.load
<ajmitch> Include /etc/apache2/mods-enabled/*.conf
<gecko89> ajmitch, lemme check
<gecko89> hads, the source file is showing the php script...
<gecko89> yeah, that's screwed up
<gecko89> ajmitch, it has both those lines just like that
<ajmitch> hads: we know from apache's error.log that php is loaded at least
<hads> is php5.conf linked in? That will give it the filetypes to process.
<gecko89> yup, linked it
<gecko89> i first had that part wrong
<hads> It could be that the module is loaded but no file types are assigned so they aren't being processed.
<gecko89> <IfModule mod_php5.c>
<gecko89>   AddType application/x-httpd-php .php .phtml .php3
<gecko89>   AddType application/x-httpd-php-source .phps
<gecko89> </IfModule>
<gecko89> that's in php5.conf
<hads> Can you pastebin the output of ls -l /etc/apache2/mods-enabled/
<hads> (not here, in a pastebin).
<gecko89> how do i do a pastebin
<hads> http://pastebin.ca
<gecko89> http://pastebin.ca/526947
<hads> Odd.
<ajmitch> rather
<gecko89> indubitably
<hads> Of course apache has been restarted? :)
<gecko89> quite a bit yeah
<ajmitch> hads: even checked that it's a file with a .php extension in /var/www :)
<hads> With `sudo invoke-rc.d apache restart` or `sudo /etc/init.d/apache2 restart`
<hads> ajmitch: :)
<gecko89> [Thu May 31 21:03:37 2007]  [notice]  Apache/2.2.3 (Ubuntu) PHP/5.2.1 configured -- resuming normal operations
<gecko89> [Thu May 31 21:07:22 2007]  [error]  [client 192.168.0.101]  File does not exist: /var/www/favicon.ico
<gecko89> [Thu May 31 21:18:28 2007]  [notice]  caught SIGTERM, shutting down
<gecko89> [Thu May 31 21:18:38 2007]  [notice]  Apache/2.2.3 (Ubuntu) PHP/5.2.1 configured -- resuming normal operations
<gecko89> i did it the /etc/init.d way
<ajmitch> which should be equivalent
<hads> Yeah, just making sure that you did a full restart
<hads> (not a reload or something)
<gecko89> just how you wrote it
<hads> Well I'm out of ideas.
<ajmitch> hads: which is why I called for ideas :)
<gecko89> i haven't actually restarted the PC, but honestly that shouldn't be needed on linux, right?
<ajmitch> certainly not
<gecko89> two pieces of software made to go together, won't go together
<ibeardslee> I have the full path in the link if that would make a difference?
<ibeardslee> lrwxrwxrwx 1 root root   37 2006-12-20 21:13 php5.load -> /etc/apache2/mods-available/php5.load
<ajmitch> shouldn't matter, works fine for me with a relative symlink
* ajmitch just has /var/www/php.php, and it works at http://localhost/php.php
<gecko89> that's the exact same filepath and even filename i've got
<gecko89> the apache portion of the server works fine, its just the php isn't taking
<ibeardslee> it's just returning source of the php file?
<gecko89> right
<gecko89> <html>
<gecko89> <body>
<gecko89> <?php phpinfo();
<gecko89> ?>
<gecko89> </body>
<gecko89> </html>
<gecko89> well gentlemen, looks like i might have to tackle this another time
<gecko89> thank you for all your help
<ajmitch> alright, sorry it's not working yet
<gecko89> oh, i probably made a stupid mistake somewhere along the line... i'll go over the steps again later
<gecko89> thank you again though
<ibeardslee> does it work from the command line?
<ibeardslee> shit
<ibeardslee> I mean too late
<ajmitch> ah well
<fujin_> I'm tryign to find libgd for PHP in the latest Feisty server. I cannot seem to locate it, there isn't a libgd-php
<fujin_> any idea what I need to install to have gd functionality?
<fujin_> nevermind
<fujin_> I'm a retard, lol
<pc_> Hello could someone help me with xserver problem?
<pc_> HEY CAn SOMEONE HELP ME ?
<ibeardslee> maybe, not if you shout though.  what is your xserver problem?
<pc_> okay when i type startx, it brings up something about FreeFontPath, and /usr/share/fonts/X11/misc refcount is 2 should be 1, fixin. Then stops x.
<pc_> any ideas?
<ibeardslee> the first though that goes through my mind is that the config is wrong and has too many lines in it
<ibeardslee> about the fonts
<pc_> well i went through dpkg-reconfigure xserver-xorg
<ibeardslee> have a look at  /etc/X11/xorg.conf 
<pc_> already did looks fine
<ibeardslee> see if it has /usr/share/fonts/X11/misc in there twice
<pc_> okay be right back
<pc_> in this through irssi
<pc_> so be right back
<pc_> hey I tried that and it didn't fix it ibeardslee
<ibeardslee> you are aware that you can use Ctrl+Alt+F1, Ctrl+Alt+F2 to get different consoles so you don't have to actuall exit?
<pc_> nope didn't know that
<pc_> sorry, I will do that
<pc_> any other suggestions?
<ibeardslee> it's a very handy trick to know
<ibeardslee> sorry I am a wee bit stumped there
<pc_> :*(
<ibeardslee> was it ever working?
<pc_> Nope
<ibeardslee> oh
<ibeardslee> what version?
<pc_> Edgy
<ibeardslee> found a couple of references to your error on google ...
<pc_> any of them have solutions?
<ibeardslee> someone suggested running
<ibeardslee> fc-cache -f
<ibeardslee> did you just do an upgrade?
<pc_> no I did a fresh install
<ajmitch> could be something like bad symlinks, edgy had some interesting things with the move to a more modular X
<ajmitch> hm, a fresh install should never break like that
<ajmitch> have you asked in #ubuntu? it's not really something serverish 
<ibeardslee> I do actually vaguley recall having to change some permissions or something, but I thought that was a distupgrdae to feisty
<pc_> fc-cache -f "fc-cache command not found"
<ajmitch> did you do a server install, and are trying to get X working on top of that?
<pc_> yes
<ajmitch> installed xserver-xorg-core ?
<pc_> yes
<ajmitch> ok, so you probably have xfonts-base installed
<pc_> I installed that yes
<pc_> any ideas?
<ajmitch> though it appears the new package to install is xorg, not sure about edgy
* ajmitch would suggest #ubuntu for X problems
* foo would suggest #ubuntuforums
* ibeardslee is stumped
<pc_> got a new error not something about error locking /home/pc/.Xauthority?
<pc_> got a new error now something about error locking /home/pc/.Xauthority?
<pc_> got a new error now something about error locking authority /home/pc/.Xauthority?
<pc_> there that is the error, sorry had to switch back and forth
<pc_> Anyone have any ideas on this new error?
<ibeardslee> sorry
<pc_> okay here is a question where does startx pull its information from? Like on what to start
<ibeardslee> /etc/X11/xorg.conf and ~/.Xauthority
<ibeardslee> I think that is all
<ibeardslee> err maybe not
* ibeardslee goes, before he digs a bigger hole for himself :-(
<ribo> how do I get a proper serial console with upstart (god I miss inittab)
<fujin_> does it not have an /etc/inittab file anymore?
<ribo> no, upstart kills it
<ribo> and upstart has no documentation on it
<Pumpernickel> There's an upstart support channel - #upstart.
<Pumpernickel> You may even catch a dev there.
<ribo> cool, thanks
<ribo> full of idlers, apparently, any ideas?
<ajmitch> looks like there was a migration script from inittab which created them for upgrades
<ajmitch> I presume you'll need a file /etc/event.d/ttyS0
<ajmitch> something like /etc/event.d/tty1, except with the device name changed
* ajmitch hasn't tested it at all, of course :)
<ribo> hmm yea, would have been nice if upstart had some real docs before it completely replaced init in ubuntu :/
<nrpil> hi there, i wonder where i can find more information about running ubuntu on my server
<nrpil> maybe some page on www.ubuntulinux.org ?
<shawarma> nrpil: What do you want to know?
<ivoks> howdy
<nrpil> hi shawarma, i want to create a production server for our company. so i want to use ldap with samba to join a active directory
<ivoks> i don't see what ldap has to do with this?
<ivoks> you want to connect samba as a client to AD?
<ivoks> or you want samba to be AD PDC
<ivoks> or you don't need help :)
<mpathy> Hi there
<mpathy> I want to update my server from dapper to feisty.. I installed a Postfix 2.3 there from a seperate .deb - when I update to feisty, will I have problems because of that? What common problems are possible in general from update over two releases?
<ivoks> you should update to edgy first
<ivoks> dapper -> feisty isn't supported
<citybird> hi all. i am looking for a step by step guide to installing a mail gateway server using ubuntu. 
<ivoks> install ubuntu-server, install postifx and add relayhost to postfix
<citybird> thanks looking that up
<citybird> i have part 1 and 2 done
<ivoks> when you install OS, you can come here for help
<ivoks> oh, you did already :)
<citybird> yep
<ivoks> open /etc/postfix/main.cf and add relayhost = your_ISP_MX
<citybird> thought about doing it with gentoo but then thought better of it. I already deal with 2 gentoo web servers and dont want to expand that upgrade headache.
<citybird> ivoks: this server only recieves email and forwards it to our exchange server. I will be adding clamav to it after i get that part working.
<ivoks> ok then
<ivoks> instead ISP_MX add exchange IP
<citybird> kool
<citybird> main.cf iis a short file
<ivoks> next, add your domain to mydestination
<mpathy> ivoks: So I have to dist-upgrade to edgy.. then restart.. then dist-upgrade to feisty.. then restart?
<ivoks> mpathy: dist-update to edgy, then yo feisty, then restart cause of new kernel
<ivoks> citybird: you also need clamav-daemon, clamav-freshclam and amavisd-new
<ivoks> for content filtering
<citybird> right. sorry, im slow. first i want to make sure this box is forwarding emails
<ivoks> ok
<ivoks> it's probably not yet :)
<citybird> what is the syntax of the mydestination line? mydestenation = domainname.com
<nrpil> ivoks: sorry, got called away from my computer
<ivoks> citybird: just append your domain
<ivoks> citybird: mydestination = localhost.localdomain, localhost.localdomain, localhost, your_domain
<nrpil> ivoks: users are also going to use ssh to login to the machine
<nrpil> ivoks: my idea was to use ldap for that
<ivoks> so you want local users + domain users?
<ivoks> or only domain users via AD?
<nrpil> ivoks: i want to use the domain users as local user logins
<ivoks> do you have AD already?
<nrpil> yes
<ivoks> you can auth ssh (and all other) users trough samba
<ivoks> so, once you connect samba to AD/kerberos
<ivoks> just set up pam to auth over samba
<nrpil> oke
<ivoks> so you don't need ldap :)
<nrpil> ivoks: because ldap is a pain in the ass ?
<ivoks> no, it's a additional service you don't need
<ivoks> therefor one more service you need to watch over
<citybird> ok ivoks, postfix now has mydest set up.
<ivoks> ok
<ivoks> now add
<ivoks> transport_maps = hash:/etc/postfix/transport
<ivoks> then open /etc/postfix/transport and add:
<ivoks> @your_domain smtp:IP_of_exchange
<ivoks> ups... without @
<citybird> ivoks: ok
<ivoks> citybird: restart postfix
<citybird> done
<ivoks> tail -f /var/log/mail.log and try sending a mail over it
<citybird> now that is the interesting part
<citybird> how do i send mail directly to a particular server.
<ivoks> set up your client or telnet to port 25
<citybird> on another machine i typed telnet ipaddress:25 and it gives me name or service not known
<ivoks> telnet ip port
<citybird> ah
<citybird> got it
<citybird> i forgot the commands 
<ivoks> http://www.activexperts.com/activemail/telnet/
<citybird> there is a problem... it's not responding 250 ok
<ivoks> if you want, msg me an IP and i'll check it
<ivoks> the ip :)
<citybird> sorry, during testing phase the server is not givin an internet address
<ivoks> HELP whatever
<ivoks> MAIL FROM:<someone@dot.com>
<ivoks> RCPT TO:<user@your_domain>
<ivoks> DATA
<ivoks> .
<citybird> yea, i did that and there is never a response and after the . it just sits there.
<ivoks> where does it fail to respond 250?
<ivoks> check your mail.log
<citybird> nothin
<citybird> after the restart there are no messages
<citybird> sec.
<citybird> hmm
<citybird> that tail thing aint scrolling
<ivoks> tail -f
<citybird> trying it again
<citybird> ok here we go, that window timed out.
<citybird> wow, lots of warnings
<citybird> let me try again.
<ivoks> i doubt warrning will go away just cause you're trying again :)
<citybird> ok i wanted to see what warnings came when
<citybird> connect is ok.
<citybird> then this is what i get when i try mail from: webmaster@monitortools.com
<citybird> Jun  1 13:06:23 viruswall2 postfix/trivial-rewrite[1834] : fatal: open database /etc/postfix/transport.db: No such file or directory
<ivoks> doh
<ivoks> postmap /etc/postfix/transport
<citybird> ah
<citybird> ok trying again.
<citybird> woo hooo
<citybird> ok now. Recipient address rejected: User unknown in local recipient table
<ivoks> ok
<ivoks> add this to main.cf:
<citybird> how do i tell it to accept all mails directed to the domain. sorta like *@domain.com
<ivoks> relay_domains = hash:/etc/postfix/relay_domains
<ivoks> and in /etc/postfix/relay_domains:
<ivoks> domain.com OK
<ivoks> then postmap /etc/postfix/relay_domains
<ivoks> restart postfix and try again
<citybird> do i put that near relay host?
<ivoks> it doesn't mather
<citybird> ok did that but it still rejects
<ivoks> could you paste your main.cf somewhere on pastebin?
<citybird> ivoks: http://pastebin.ca/527512
<ivoks> this is everything you have in it?
<citybird> i left out some comments at the top
<citybird> perhaps i should pull the version that comes with the source
<ivoks> try with this: http://pastebin.ca/527515
<citybird> that was much better
<citybird> now we see if anything came through
<citybird> dam it says connection timed out and i have to run for a lunch appointment.
<citybird> some lady got 6000 spam emails 
<citybird> ill be back later, thanks for your help
<ivoks> timed out where?
<citybird> sending to the exchange server.
<ivoks> that's another problem
<citybird> Jun  1 13:25:05 viruswall2 postfix/smtp[2262] : 057CD4B926: to=<jones@farner.ch>, relay=none, delay=61, delays=31/0.02/30/0, dsn=4.4.1, status=deferred (connect to 192.168.150.42[192.168.150.42] : Connection timed out)
<ivoks> i guess your exchange doesn't like you
<citybird> yea, i think it's the firewall settings.
<citybird> ill check it from the serer on port 25 ;-)
<citybird> yep, port 25 is blocked from the firewall. ill have that corrected.
<ivoks> then just run postqueue -f
<citybird> thanks again.
<ivoks> np
<nrpil> ivoks: you have some production servers running yourself ?
<citybird> we have an old virus scan machine from m$ that has a yearly subscription that is abut to expire. i want to replace it with a free linux machine.
<citybird> then retire that server and use the os licence on a new machine.
<citybird> afk
<ivoks> nrpil: with what?
<ivoks> nrpil: i have lots of them, none with AD, it's crap :)
<Stonekeeper> hi ivoks. Just to let you know, the server has been working great :) thanks again
<ivoks> np
<Stonekeeper> apparently the bug has been open for years, and ubuntu devs aren't sorting it out :(
<ivoks> khm, khm... :)
<Stonekeeper> it's not even assigned!
<Stonekeeper> out of interest, do you know if canonical is developing a GUI admin tool for ubuntu server?
<ivoks> ubuntu isn't just canonical
<Stonekeeper> i know. however, that sounds like a story.
<ivoks> afaik, shawarma is working on something...
<ivoks> but he would know better
<shawarma> hm?
<Stonekeeper> i'd really like to contribute to that
<ivoks> :)
* ivoks hides
<shawarma> Which bug are we talking about?
<Stonekeeper> (please tell me it's a python app!)
<Stonekeeper> shawarma: the bug was for the DAC960 driver
<Stonekeeper> I'll find it now
<ivoks> shawarma: DAC960 modules isn't in initrd after install
<shawarma> ivoks: Right.
<Stonekeeper> https://bugs.launchpad.net/ubuntu/+source/initramfs-tools/+bug/31035
<Stonekeeper> it was reported over a year ago
<Stonekeeper> the fix has worked no problem so it's ok for me right now :) I was talking to ivoks about a GUI for ubuntu server though. He mentioned your name
<shawarma> Right. It's going to be a web based application. 
<Stonekeeper> python?
<shawarma> Unfortunately, no, I think.
<Stonekeeper> :(
<Stonekeeper> major :(
<shawarma> I would have wished for it to be python, but:
<shawarma> www.ebox-platform.com  is in perl and it's just too complete to be ignored.
<ivoks> i agree
<shawarma> It's hard to justify building something new just to have it in another programming language.
<Stonekeeper> sure
<Stonekeeper> but think of the maintainability nightmare!
<shawarma> I'll just have to get myself some protective goggles so my eyes won't start to bleed to badly from looking at perl code. :(
<shawarma> Stonekeeper: Well, maintainability is not entirely that simle.
<shawarma> Stonekeeper: Upstream is alive and well, which moves a huge chunk of the maintainability problems away from us.
<Stonekeeper> right
<Stonekeeper> i was thinking of a utility for users used to the win server 200X interface
<shawarma> Stonekeeper: Also, teaching the software to be python is harder and more time-consuming than to teach me to be more of a perl wizard.
<Stonekeeper> "teaching the software to be python" <- ?
<shawarma> to be perfectly honest, I'm not terribly interested in looking like something else for no othper purpose that for it to look like something else.
<Stonekeeper> sure
<shawarma> "teaching the software to be python" == porting it to python.
<Stonekeeper> i think the problem is, it's very easy to get windows admins. If the UI was the same, they could manage linux servers without retraining. It makes ubuntu server a viable option for places that think it's too much of a support risk.
<Stonekeeper> I'll be working soon for a place like this
<shawarma> if think that trying to obtain usability by looking like something else that some - *only* because of experience with it - find easy to use, is a failing strategy altogether.
<shawarma> "I think"*
<Stonekeeper> i agree
<Stonekeeper> this isn't my thinking, but i understand where they are coming from
<shawarma> You can obtain ease of use in two major ways:
<shawarma> 1) Being easy
<shawarma> 2) Look like something that your users are used to
<shawarma> I aim for 1).
<Stonekeeper> yeah. me too :D
<Stonekeeper> there isn't currently a decent samba/ldap/user management gui though is there?
<shawarma> I've just poked the kernel guys about including DAC960 into the default initramfs.
<shawarma> They're all in Canada or USA, so they'll probably not respond just yet.
<Stonekeeper> thanks shawarma
<Stonekeeper> out of interest, is the initrd static and not based on your install preferences?
<shawarma> Stonekeeper: It's already fixed, actually.
<shawarma> Even in Edgy.
<Stonekeeper> ah right, of scourse LTs is dapper :D
<shawarma> I didn't notice anything about LTS. Sorry.
<Stonekeeper> at least the next LTS will have 3rd party support option which will mean you could get this in initrd by stealth
<baggito> hrm. has anyone here used easyspeedy.com hosting?
<citybird> aww, ivoks left...
<shawarma> baggito: I have.
<shawarma> baggito: I used to be a satisfied customer, but over the last summer they had major network problems (which - truth be told - turned out to be their uplink's problem), but they never gave any reasons or any ideas of when you could expect things to work again. *Very* annoying.
<shawarma> baggito: I'd recommend hetzner.de any day.
<shawarma> baggito: Just make sure that you make it absolutely clear to them if you don't speak German.
<shawarma> baggito: they're very professional and cheap.
<fernando> moin all
<baggito> hrm
<baggito> cool. thanks shawarma 
<baggito> hrm. they have no website in english
<baggito> oh i see it
<baggito> hrm. it's redhat
<baggito> shawarma: they only have redhat?
<baggito> hrm. how upgradable is redhat?
<shawarma> No, they have Ubuntu, too.
<baggito> oh nice
<baggito> perfect
<citybird> hey all, i got postfix up and running, it accepts mails and forwards them to the exchange server on our network. now how do you intergrate clamav?
<shawarma> citybird: I usually use amavisd
<shawarma> citybird: amavisd-new, that is
<citybird> working on that now. cant find simple to follow instructions.
<shawarma> citybird: /usr/share/doc/amavisd-new/README.postfix.gz
<citybird> why does everything have to be so deep tech
<shawarma> Because making user interfaces for that sort of thing is not particularly fun. :)
<citybird> i keep getting  cannot open `/etc/mailname' for reading: No such file or directory
<shawarma> Does it exist?
<citybird> nope. i should put my domain name in it and nothing else
<citybird> ok, it's going now.
<Ali_ix> hi
<Ali_ix> can in install glibc 2.4 or higher on a i386 dapper server?
<Ali_ix> current glibc in dapper repositories is 2.35
<Ali_ix> how can i install 2.4?
<Gruelius> how do i force apt-get to use the internet, in tired of putting in my cd -.-
<Panzer_> Gruelius: comment out the line in sources.list about the cd
<Ali_ix> Gruelius: and then do an 'apt-get update'
<Gruelius> cheers. And how can i set a static ip from the command line? i forget the simple things :(
<Panzer_> change the interfaces file in /etc/networking
<Gruelius> rightio
<Gruelius> with ubuntu, if i apt-get something that is normally set to run at startup is it automatically added to bootup? or do i need to add it to rc-update
<leonel> normally gets  configured 
<Gruelius> sweet, im liking this over gentoo allready :D when i grabbed cupsys* i thought great a big compiling time to wait, was done in a tic :D
* foo slaps r00tintheb0x 
* r00tintheb0x kicks foo
<r00tintheb0x> =)
* foo pulls out AOL Disk launcher and fires at r00tintheb0x 
#ubuntu-server 2007-06-02
<Corbeaux> hi
<Corbeaux> anyone here?
<Corbeaux> I'm trying to reinstall GRUB on an HP-DL380, I tried using the rescue option on th install CD but I'm probably entering the wrong options for root(hdx,y). Anyone has suggestions?
<kr8> hello people... anyone here care to help me with a mdamd raid issue on edgy?
<kr8> make that, mdadm :)
<kr8> why on earth does mdadm-raid try to assemble md0 on boot when i have no md0 ?
<kr8> or rather, why does initrd do this even after a dpkg-reconfigure mdadm with a sensible and accurate mdadm.conf for an md10 ?
<kr8> i have a feeling this issue is resolved in feisty from what i have read but I wondered if there was a hack/fix/patch magic spoon that will help me now...
<kr8> many thanks, i hope you have a nice hot cup of coffee standing by ;-)
<Gruelius> Hey all, im having trouble getting samba to work. I had it setup perfectly on gentoo however i cant get it to work right on ubuntu. What i want to do is have all users who dont have the right credentials get set to a guest account however if i login with my details i can shift files e.t.c.
<Rescue9> anyone home?
<Burgundavia> yep
<Rescue9> Kewl... usually freenode has full rooms but no one chatting. :-P
<Rescue9> I'm thinking about switching from Gentoo to ubuntu-server, but have a few questions first
<Rescue9> How "stable" is the apt-get upgrade? I do upgrades with gentoo, but EVERY time I do, something breaks! I'm tired of that. How does ubuntu fair in the upgrade department?
<Rescue9> come on guys.... someone has to have experience upgrading their server?!?!?!? 
<Burgundavia> if you are using a stable version of Ubuntu, it is very stable
<Burgundavia> however, that depends on your server needs
<Burgundavia> what are you doing with this?
<Rescue9> LAMP, IMAP server, Firewall, ispconfig, etc. 
<Burgundavia> ok, that is pretty simple stuff
<Burgundavia> do you understand the divide between main and universe?
<Rescue9> yea... nothing big... Gallery2 and WOrdpress w/mysql takes up most my processing power
<Rescue9> Um... I believe so. Main is stuff that ubuntu people make sure works well... universe is just opensource that others work on??
<Burgundavia> sort of
<Burgundavia> main is supported by Canonical with free security updates
<Burgundavia> universe is supported by teh community and only some packages get security update
<Rescue9> aah. ok...
<Rescue9> I had something like that in mind... just didn't come out right.
<Burgundavia> basically, figure out exactly which packages you need and look them up on packages.ubuntu.com
<Rescue9> what am I looking for?
<Rescue9> Not "packages" but what am I looking for when I look them up. :-P
<Burgundavia> the package name
<Burgundavia> whether they are in main or not
<Burgundavia> which version you can get
<Burgundavia> basically, for a server, you have two different version choices
<Burgundavia> you can use 6.06, which is now a year old, but is supported on the server until 2009
<Rescue9> yea... LTS and non"lts"
<Burgundavia> or you can use 7.04, the recently released version, which is only supported for 18 months
<Burgundavia> or sept 09, basically
<Rescue9> Personally... I don't want or expect to use Canonical support. I've worked with linux enough to fix my own problems. My main reason for moving to Ubuntu is to avoid too many problems though. :-P
<Burgundavia> ye[
<Burgundavia> I enjoy the security support
<Burgundavia> it makes my life a lot easier
<Rescue9> So what you're saying basically is that if it's in main or universe, then it should upgrade cleanly every time, but if it's not, then it's anyones guess?
<leonel> yes
<Burgundavia> yep
<leonel> and  remember  universe has no official  security updates  even  there are    and  not   security announces
<Burgundavia> the packages in the ubuntu archive have fairly high standards
<Burgundavia> you may run into issues still, but remember to report them as bugs
<Rescue9> kewl. That helps lotz. At least I'm only taking a chance with a few packages, vs the whole system when upgrading. 
<leonel> so  you  must  know what  are you using from universe   and if there's  a bug  you should report it  in lauchpad
<leonel> so it can get attention and get fixed
<Rescue9> when a new ubuntu comes out though, the universe will be upgraded most of the time to include the bugfixes right?
<leonel> but remember  there's no oficial support  for universe 
<leonel> Rescue9: yes
<Burgundavia> yes
<Rescue9> kewl.
<Burgundavia> and there is an update tool
<leonel> in case  you need  a newer package  you can  backportit   or request  a backport  from the next new version 
<Rescue9> my biggie was the compile time gentoo took up when updating my 800mhz 256M server. :-P
<Burgundavia> heh
<Burgundavia> welcome to binary distros, they are much better
<Rescue9> ok... elaborate on backports a bit.... sorry if this is newbie stuff but I'v only been using ubuntu for 3 weeks. loaded it on my laptop and have loved it since!
<Burgundavia> the only place I can see compiling to gain 1% is if you have that massive server farm and 1% means an hour or more of processing time
<leonel> easier  cleaner   and  faster to install
<Burgundavia> backports are packages taken from the development version of Ubuntu and rebuild in a stable environment
<Rescue9> I liked the saying that I saw in the forums "I want to spend time working with my OS, not on my OS."
<leonel> ha ha
<Rescue9> so I can request backports of security issue packages, and they "might" get built?
<Burgundavia> pretty much
<Rescue9> Ok... that brings another question. Gentoo has a GLSA (Gentoo linux security advisories) that kept me informed of security holes. If the package isn't in main and I have to keep an eye on it myself... where do I find out about holes?
<Rescue9> amd i going to have to monitor the cert myself?
<Burgundavia> http://www.ubuntu.com/usn
<leonel> or suscribe to the announce list for that package
<leonel> Burgundavia: there's only  for main and restricted  not  for  universe
<leonel> universe has no announces
<Burgundavia> yep
<leonel> Rescue9: I use  clamav   and it's on universe   and  I'm suscribed to the clamav announce list  
<Rescue9> where would I go to subscribe? I can't find it on packages.ubuntu.com
<leonel> Rescue9: even  you can  fix  those packages  backporting the  bugfix   and let a sponsor  to upload your fix
<Rescue9> yea... clamav was one I was looking at in the univ.
<leonel> Rescue9:  I've patched  today  clamav  for  feistyt
<Rescue9> I'm good at fixing problems... but not coding. :-(
<Rescue9> anyway.... how to subscribe?
<Burgundavia> for the security stuff?
<leonel> and  I'm looking to fix  dapper's  clamav
<Burgundavia> rss or security-announce
<leonel> Rescue9: what packages  need  a  from universe 
<leonel> ?
<Rescue9> not sure right now... have to look them all up. :-P Clamav for sure.
<leonel> clamav  is  safe now  even  there's the  message that the package is outdated  but has the  security bugs  fixed 
<Rescue9> I'm starting from scratch on a new machine... so there is a lot going into it. spamassassin, etc.
<leonel> for this case  you can  go to the  spamassassin  mailing list  and suscribe for announces   once there's a security bug
<Rescue9> WOW..... mysql isn't in main?!
<leonel> you can  reportit in launchpad
<Burgundavia> shoudl be
<Burgundavia> look for mysql5
<leonel> mysql-server-5.0  is in main 
<Rescue9> you mean the spamassassin mailing list through http://wiki.apache.org/spamassassin/MailingLists
<leonel> yes
<leonel> for that package 
<Rescue9> I was looking at mysql-client
<leonel> or search for the CVE
<Rescue9> it's not
<Rescue9> See... I'm getting a bit of a lesson in security, and thats what I need more than anything.
<Rescue9> I always relied on building the newest package to fix bugs, but if I can track the bugs myself... then I don't have to constantly upgrade.
<leonel> mysql-client-5.0  is in main
<Rescue9> Are you guys on all the lists that aren't in main?
<leonel> just the packages I use :)
<Rescue9> leonel: yea... duh. :-P
<leonel> squirrelmail  clamav   for example
<Rescue9> yea... squirelmail is another I need.
<leonel> that's updated  
<Rescue9> so by looking at the packages.ubuntu.com site... if it says universe next to it, it's not in main... but if it doesn't say anything, it's in main?
<leonel> yes
<Rescue9> thats where I was mistaken. I thought it would say (main)
<Rescue9> Ok.... here's an OT, but how do you keep up with what you've installed?
<leonel> ???
<Burgundavia> dpkg has a list of installed packages
<Rescue9> does it tell if they are in main, univ, etc?
<Burgundavia> there are different components
<leonel> good question ..
<Rescue9> leonel: ??
<leonel> <Rescue9> does it tell if they are in main, univ, etc? ...
<leonel> that question ..
<Rescue9> aah.. thx.
<Rescue9> lets get back to the backporting. whats the site to request a backport or to "submit" a backport?
<Burgundavia> via the backports team and launchpad
<Burgundavia> http://ubuntuforums.org/showthread.php?t=153402
<Rescue9> thanks. I'm looking at the launchpad page too.
<Rescue9> I registered a few days ago in response to pigdin not getting any love. :-P
<Burgundavia> pidgin is a tricky one, apparently
<Rescue9> why? WOrks good with the get-deb pkg I got
<Burgundavia> get-deb should be not trusted on a server
<Rescue9> I'd assume they don't want to backport cause it "clases" with gaim.
<Burgundavia> the other issue is the sheer number of other package they would need to backport
<Rescue9> Burgundavia: agreed... it's on my lappy.
<Burgundavia> the same issue exists with FF
<Rescue9> yea... but theres a bin for FF isnt' there?
<Rescue9> in the repository?
<Burgundavia> yes, but Firefox is the rendering engine for about 15 other apps
<Burgundavia> anything that uses gecko thus also needs to be backported
<Rescue9> aah... yea. I see what you're meaning now.
<Rescue9> it was unfortunate that Sean had to change the names, but thats what happens with big money gets threatened.
<Burgundavia> he should have bowed sooner
<Rescue9> ROFLOL!!!! someone has already put up a pigdin.im site. for aMSN.
<Rescue9> we'll agree to disagree there. I think he should have stuck it out. 
<Rescue9> Thanks a lot for the information guys. I'll definitely be lurking the room. 
<Burgundavia> sounds good
<Rescue9> leonel: I'd like to chat with you more about security one day soon.
<Rescue9> Thanks again guys!
<Gruelius> Do you guys know how i can speed up printing using windows drivers through samba?
<Gruelius> windows almost locks up
<Gruelius> using the http://server:631/printers/name prints things real fast
<r00tintheb0x> Anyone got any "hard" problems they want to throw @ me, please feel free to do so.
<foo> r00tintheb0x: Help! How can I change the root password!?!?
<r00tintheb0x> lol
<r00tintheb0x> just type it in here
<r00tintheb0x> easy
<r00tintheb0x> :)
<foo> passwd r00tpwindab0x
<foo> oh, wait, the user goes there, darn it
<Gruelius> how do i rebuild my raid5 array if the partition names have changed
<r00tintheb0x> Anyone with advanced problems that no one else can seem to solve... please don't hesitate to contact me. If i don't answer right away, thats because im in #guruhelp. :D
<r00tintheb0x> =)
<Pumpernickel> Or #smug.
<r00tintheb0x> lol
<r00tintheb0x> foo, dont make me stab you with my ub3rn3ss...
<foo> r00tintheb0x: :P
<r00tintheb0x> ;)@foo
<r00tintheb0x> foo, join my new chan man
<r00tintheb0x> #guruhelp
<r00tintheb0x> :D
<r00tintheb0x> ANDELAY!
<r00tintheb0x> ok, im making a samba server that is going to bind to the windows active directory server using winbindd. This samba server is also going to be our NIS and NFS server. For some reason, i can pull users and groups from the AD with gwbinfo... but i can tconnect to samba shares through the AD accounts.
<ivoks> http://us1.samba.org/samba/docs/man/Samba3-HOWTO/domain-member.html#ads-member
<kr8> anyone have a clue whats broken on 7.04 latest kernel and what the fix is? i'm running on last 6.10 kernel for now... :(
<kr8> for some reason a remount of / fails with a device busy and then the /root/dev dir creation fails (of course) and i get dumped into a busybox prompt with nothing...
<eldunco> need a quick hand if at all possible
<Wooksta> im having a problem with ubuntu feisty server... i have an old box which was running ubuntu desktop (edgy eft) and i just re-installed to fiesty server but now every time when the system tries to start it gets past grub, i get a "Starting up..." message and then the system resets, how can i debug this issue?
<kr8>  Wooksta: boot the recovery image or edit the boot line and remove "quiet" to see more details.
<Wooksta> kr8, thanks just re-installing atm then i'll give it a try :)
<kr8> Wooksta: if you run the recovery image, remember you get dumped into single user and an exit will continue to boot. not sure if all the modules are the same between that and the regular kernel image for the same version.
<Wooksta> kr8, ok cheers
<kr8> Wooksta: np :)
<Wooksta> kr8, while im here, do you know of a good ftp server i can install? (wanna set this system up as a LAMP server with ftp & subversion as well)
<kr8> Wooksta: i use vsftp but proftp might be better - if its in ubuntu...
<Wooksta> kr8, ok cheers :)
<Wooksta> kr8, i've tried booting the recovery image / removing the quiet from the normal grub entry but it still dont work, i get "Starting up..." in the top corner for about 1-2 seconds then it resets
<Wooksta> could it somehow be pointing to the wrong kernel or something?
<kr8> no you would see that...
<Wooksta> bizzare :<
<Wooksta> im just checking my install cd to make sure everything is ok
<kr8> have you tried removing/disconnecting any non-essential peripherals?
<Wooksta> not yet, its bizzare though i installed debian 4.0 just to test it and it installed / ran fine :S
<kr8> some usb devices and sata devices cause loooooong delays in starting but perhaps something you have attached is causing the box to reset.
<Wooksta> no periphrials bar monitor/keyboard/network attached
<kr8> maybe a memory issue? running it too close to the end of its max speed?
<Wooksta> scsi cdrw in it
<kr8> if you don't need it too boot remove it. its a good place to start.
<Wooksta> ok will try that after this check
<kr8> run the memtest on it thru 1 pass minimum just to see.
<Wooksta> its been runing fine with edgy dekstop on it
<Wooksta> will do as well
<kr8> the server kernel is more tuned though and will likely contain drivers not used for desktop.
<kr8> can you boot the live version?
<Wooksta> ok, i'll rip out the scsi controller after the tests
<Wooksta> is the live version on a seperate disk?
<kr8> yeah, on one of the other cd/dvd's
<kr8> try booting the live version of 7.04
<Wooksta> i could try , i know for desktop i cant install using the live gui as there aint enough ram
<Wooksta> its an old machine 
<Wooksta> cyrix 700mhz cpu with 256 of ram :D
<kr8> can't recal how to get rid of the splash screen though so you see all the goings on, going on :)
<kr8> is cyrix even supported?
<Wooksta> no idea :P
<Wooksta> edgy worked well on it
<Wooksta> :P
<kr8> best check then, you could be chassing a red herring...
<kr8> you not trying to run the 64bit version are you? ;-)
<Wooksta> no :P
<kr8> lol
<kr8> just checkin
<Wooksta> give me a lil credit :P
<Wooksta> not too much though :P:
<Wooksta> hmm
<Wooksta> the cd integrity check failed
<Wooksta> on a samba .deb file
<kr8> well i only say that as i expect the loader is still going to be 32bit... so you would get so far... then die. no idea what 64bit code does on a 32bit cpu... it may just cause a reboot :D
<Wooksta> think i should try another download / burn?
<kr8> do a mem check, you need to know your minimum spec is capable and stable.
<Wooksta> mem test running just now
<Wooksta> i tell a lie its 128 mb :D
<kr8> get some more ram you fool. lol
<Wooksta> nah i just need it to run apache for my dev and thats it :P
* kr8 slaps Wooksta with the ubunto minimum hardware HowTo... hard.
<kr8> s/to/tu/
<Wooksta> its just an old banger made out of parts from pcs lost long ago
<kr8> and you want to dev what on it? 
<Wooksta> php
<Wooksta> well dev on my system
<Wooksta> test / run web server on it
<kr8> don't think that box is upto it inho...
<kr8> imho even
<Wooksta> hehe it was running a vent server well enough for about 3-4 months ne ways :P
<kr8> better off runnin a minimal vm to do that.
<kr8> anyway teatime here... have fun :)
<Wooksta> will do & cheers for the help, enjoy ur tea
<cottima> hello
<Burgundavia> hello
<cottima> I am confused about ubuntu in general, but my main questions are:  If server edition has just what it needs (I like) how does LTSP work without graphics?  2)does the desktop edition have everything or could I used the server then add what i need from the ubuntu repos?
<Burgundavia> both servera nd desktop come from the same repos, use similar kernels, etc.
<Burgundavia> to use LTSP, you would need to install stuff ont eh server
<cottima> So, the only diff is a config file on what packages to install?
<Burgundavia> basically yes
<Burgundavia> what is installed is controlled through seeds and tasks
<cottima> so I should read up on seeds and tasks
<Burgundavia> seeds are pretty easy
<Burgundavia> tasks are controlled through tasksel and are generally highlevel things, like a dns server or a lamp server
<Burgundavia> basically, in the case of the server, the server seed is enough to get your computer up and running and nothing more, not even an ssh server
<Burgundavia> https://code.launchpad.net/ubuntu-seeds
<Burgundavia> those are the seeds
<Burgundavia> then you choose a task afterwards
<cottima> so ubuntu has centralized the configuration in tasks?
<Burgundavia> tasks are actually a debian thing and are still pretty new in ubuntu
<Burgundavia> the server team is still building more tasks
<Burgundavia> of course, a task is nothing more than a group of packages to install
<cottima> oh, I am a lazy fedora user, so that is why I do not know about tasks
<Burgundavia> right
<cottima> Sounds very simple
<Burgundavia> so the key difference between fedora and ubuntu is the sheer number of packages in our repository, based on our debian heritage
<Burgundavia> also, there is a difference in how long things are supported and what those things are
<Burgundavia> basically, each version of Ubuntu is supported for 18 months, except for our LTS release, which is supported for 5 years on the server
<Burgundavia> by support, we are referring to free security updates
<Burgundavia> however, only things which are in the "main" repository are supported in this way
<Burgundavia> those in universe may or may not be, that depends on the community
<cottima> is it pretty simple to upgrade between versions?
<Burgundavia> recently, yes
<Burgundavia> between 6.10 and 7.04 there is a tool to update servers
<Burgundavia> that tool existed for earlier versions of ubuntu, but only graphically
<cottima> that is still good for desktop use.
<cottima> Are you a debian user by default?
<Burgundavia> nope
<Burgundavia> came from RH8 to Ubuntu in 20045
<Burgundavia> 2004, rather
<cottima> With your transition did you find ubuntu easier and the same for easier in terms of managing?
<Burgundavia> much easier
<Burgundavia> I run a group of WBEL and Ubuntu at work
<Burgundavia> the ubuntu stuff is a magnatude easier to control
<cottima> And do you think a lazy linux user could improve linux skills in ubuntu (commandline, security, etc.)?  In other words so a lazy user such as myself would do better to the point of being on other distros in command line?
<Burgundavia> hmm
<Burgundavia> ubuntu has a lot more sane defaults, so it is less hard to really screw up
<Burgundavia> such as no open ports or running services by default
<Burgundavia> or sudo by default
<cottima> okay, is swtiching between run levels in desktop possible, so if I need I could kill graphics?
<Burgundavia> debian/ubuntu do not use run levels in the same way
<Burgundavia> there is no 3/5 distinction
<cottima> ouch
<cottima> is it possible to turn the graphic server X on and off though
<Burgundavia> yes
<cottima> How would that be done?
<Burgundavia> YourMomsHero: your nick is a little bit rude
<Burgundavia> hmm, not certain
<Burgundavia> I run all my servers headless and my desktops not
<cottima> HAHAHA
<cottima> COX communications has needed a new new for a while, but fits the prices sometimes
<YourMomsHero> Burgundavia: thx
<cottima> if I do not know how to do a command though and want to do it graphically, do I do it from another machine or could i turn the start X or whatever ubuntu does and then kill it?
<cottima> YourMomsHero do not feel bad, all I can get is that cable co. for my internet
<Burgundavia> YourMomsHero: no, I am qute serious. I would like you to change it
<cottima> oh, i was looking at his ip not his nickname, sorry.  yeah our society is too vulgar
<cottima> Burgundavia I really appreciate your help.
<Burgundavia> no worries
<cottima> Thank you!
<Burgundavia> I am frequently here
<cottima> That is good to know
<cottima> I am looking for a distro away from Fedora
<YourMomsHero> Burgundavia: do you have nothing better to do than worry about my nick....?  I wasn't even actively chatting in this channel til you started talkin to me.  Either way, no I won't change it :)
<cottima> YourMomsHero do you live near the star city?
<YourMomsHero> star city? i'm in phx, az
<pirroh> hi, maybe someone of you have read the same question on the general channel, I beg pardon for that
<cottima> OH, you have Cox Comm. as your ip
<pirroh> anyway, I'm trying to upgrade a dapper minimal install to a fresh feisty server
<YourMomsHero> cottima: yeah they're pretty big here
<cottima> same here, but I would like to have Verizon since they are a bit pricy
<pirroh> oops, gotta go, hope to find you here later :)
<YourMomsHero> if Verizon ever brings their FiOS service to my area I'll jump on it
<cottima> YourMomsHero SAME HERE!!!
<cottima> Everyone, food time for me, thanks and have a blessed evening.  Hope to see everyone again soon.
<foo> cottima: See ya
<gejr> I'm trying to add python to my apache server
<gejr> How does ubuntu's apache handle this? as of now it recognizes .php files, but no .py files
<gejr> I thought there would be an addhandler for .php in apache2.conf, but php isn't even mentioned in the file
<leonel> sudo apt-get install libapache2-mod-python
<gejr> so how does the apache server know how to handle php files?
<gejr> leonel: I have added that and the module is loaded
<gejr> added/installed
<leonel> http://modpython.org/live/current/doc-html/inst-testing.html
<gejr> what is this mptest? I have no file called mptest on my system
<gejr> i'll try following that guide
<gejr> thank you
<leonel> it's your python script    mptest.py
<leonel> you can use   a handler    or  a dispacher 
<leonel> i mean
<leonel> you can use   a handler    or  a  publisher
<leonel> the handler is a script that will respond to all requests in a directory
<gejr> I don't want python to only work for one filename?:)
<leonel> and with a publisher  you can make python work  with  many  python scripts 
<gejr> so with this example it'll only work for mptest.py and no other .py files?
<leonel> that's a handler
<gejr> i feel pretty useless now. Guess I have to read up a lot on this :/
<leonel> for that example
<gejr> ok..with that in my apache2.conf i get "No module named mptest"
<leonel> is configured for    /test  on  your   htdocs 
<gejr> I altered it to /
<leonel> of you  request  http://yourserver.com/test/a/b/s/c/e/e/f/sa/as
<gejr> since my example .py file is in /var/www/
<leonel> that request will be responded by mptest
<leonel> you need to put  mptest  in your  python  path 
<gejr> and mptest is any python file i create?
<leonel> yes
<gejr> it's confusing...is this python script valid? #!/usr/bin/python \n print "something"
<gejr> with a real new line of course..
<leonel> yes
<leonel> but that something  must be    Content-type
<gejr> that's what's in my mptest.py now
<gejr> it's now in /var/www/mptest.py
<hads> Yeah, does mod-python require you to send a Content-type header first?
<leonel> yes
<leonel> gejr: if  you want  like  php  does    check the config  for   the publisher
<gejr> what's the publisher?:)
<gejr> I'm trying my best to get it to work the way of that guide now
<leonel> http://modpython.org/live/current/doc-html/tut-pub.html
<gejr> i'm really struggling.. :S
<gejr> it keeps trying to download the script
<gejr> i now have /var/www/test/mptest.py
<gejr> which contains what i found in the first link you gave at http://modpython.org/live/current/doc-html/inst-testing.html
<leonel> you need to put  mptest  in your  python  path 
<leonel> not in your browser
<leonel> i mean 
<leonel> not in your apache 
<leonel> in your python path
<gejr> hm..this might be the problem
<gejr> what's my python path?:D
<gejr> /etc/python?
<leonel> sys.path 
<leonel> print that in python
<gejr> got a lot of hits on that one
<gejr> /usr/lib/python2.5 ?
<leonel>  or
<leonel> you can
<leonel> mkdir  /home/mypythonscripts
<leonel> and in your apache cnfiguration
<leonel>   PythonPath "sys.path + ['/home/mypythonscripts'] "
<gejr> anywhere in apache conf?
<leonel> where you configured  your  mptest ..
<gejr> [ ]  as in optional right? I don't need the brackets?
<leonel> have you worked with  python before ?
<gejr> barely..I've only created really simple scripts.
<hads> http://docs.python.org/tut/tut.html
<gejr> I'm used to using php for web-stuff. Now I just wanted to try python for that
#ubuntu-server 2007-06-03
<leonel> great 
<gejr> you're getting tired of my questions aren't you?;)
<hads> You won't regret trying Python :)
<gejr> I'm sure I won't, as soon as I manage to configure it. But it requires a handler in a different way than PHP obviously. Isn't it weird that my apache.conf has nothing with php in it, and that php still works?
<hads> It's in /etc/apache2/mods-enabled/php5 
<hads> Or thereabouts 
<gejr> so is mod_python.load on my system ;o
<leonel> <gejr> you're getting tired of my questions aren't you?;)  <-- I'm not   just to know  how much python programming experience you have
<gejr> leonel: ok..:)
<hads> Maybe CGI would be easier to setup?
<gejr> Isn't that what I'm trying to do?:D
<leonel> php handles  all the php scripts  in all your  HTDOCS  
<gejr> as i want python to do too :)
<leonel> mod python  goes for  directories  using  handlers      
<leonel> or  the publisher
<gejr> so when the webserver gets a request from one of it's .py files it first contacts the handler. Which is defined as mptest in my apache.conf, which tells the webserver that it's to be handled by /usr/bin/python?
<gejr> http://www.geirola.net/hest.png
<gejr> this is what i've got so far..
<leonel> move your    .py   out of the apache  HTDOCS
<gejr> just realized i had that error
<gejr> oh..not that error
<gejr> but ok
<gejr> so move mptest.py to something like /etc/python ?
<leonel> put that  mptest to another dir as i told you  and add that yo your sys.path
<gejr> i did a import sys; sys.path.append("/etc/python")
<gejr> now it's in the sys.path list
<gejr> and mptest.py is in /etc/python
<leonel> but not in your  mod-python's  sys.path
<leonel> that's why you need to put that in your apache config
<gejr> probably not..:o
<gejr> like..<Directory /etc/python> ?
<gejr> oh..you mean PythonPath "sys.path + /etc/python/" ?
<leonel> what  <Directory /etc/python>    does ?
<gejr> look at http://www.geirola.net/hest.png now
<gejr> you see the error i get in my browser window as well there
<gejr> ok..now i'm a step further
<gejr> it's now showing "hello world!" with whatever .py file i throw at it
<gejr> so it has obviously reached mptest.py
<pirroh> hi
<pirroh> I was wondering if there's a way to update from dapper minimal to feisty server
<pirroh> installing all the packages provided by a fresh feisty install
<pirroh> (dapper footprint on hdd is 250mb... feisty fresh install is 500mb)
<pirroh> so I guess there are more default packages on the server install
<hads> I think the official path is through Edgy first, but a dist-upgrade may work.
<pirroh> are there grouped in some metapackages maybe?
<Shane-S> is SSH enabled by default on 6.10?
<pirroh> Shane: iirc, no
<pirroh> hads: no problem for me going through edgy
<pirroh> I was wondering if there's a way to include all the packages :)
<Shane-S> what is the package name I tried apt-get install SSH, doesn't like that package name
<pirroh> aptitude search ssh
<Shane-S> ohh apt is short for aptitude :P
<hads> pirroh: Not sure sorry. Do you really need them if you don't now? :)
<Shane-S> nm, I have used that before :D thanks
<pirroh> no, they're different programs with similar functionalities
<pirroh> hads: yep, good question... the truth is that I bought a vps, and I can't use an iso image... I like to have fresh installs... I know it's not a big deal ;)
<hads> pirroh: I've always just changed the release name in sources.list and done a dist-upgrade - maybe I've been lucky but I've never had any issues.
<pirroh> hads: yep, it will work, of that I'm sure. I was simply wondering what are the defaults of the server install.... and why they're different from the minimal setup ;)
<hads> pirroh: Sorry, can't be of much help there :)
<pirroh> hads: np, tnx anyway ;)
<Shane-S> pirroh...you could have told me it is ssh not SSH :P
<Shane-S> my fault for being a dummy with the case though :D
<hads> pirroh: I was just browsing through the package list and can't see any obvious meta packages
<Shane-S> all installed and happy now, thanks
<hads> Shane-S: Everything is lower.
<pirroh> Shane-S: the next time you'll surely remember ;)
<pirroh> hads: tnx for the check
<Shane-S> i have worked with enough I should have known....just being normal brain dead self
<pirroh> maybe the only manual change i've got to do is the kernel image
<pirroh> switching to a server kernel image
<Shane-S> anyone here have experience with LTSP on Ubuntu? I want to know if it is better then the Fedora LTSP projects, like K12LTSP
<Shane-S> I am not very familiar with LTSP, just curious which would work better and faster
<Burgundavia> Shane-S: yes
<Burgundavia> Shane-S: k12ltsp is ltsp 4.2. Ubuntu's is ltsp 5, which is newer, has more features and is better designed
<Shane-S> Burgundavia: I have never set one up from scratch, and I am not familiar with the desktop, how do you customize it for each user?
<Burgundavia> customize a desktop for each user?
<Burgundavia> for that you need Sabayon
<Shane-S> like push a new icon/application for all the "users" to see when they log into the server via a TC
<Burgundavia> ltsp is merely a method of getting on OS onto a machine, not a method of controlling what users see
<Burgundavia> for the application, that is easy
<Burgundavia> just install it on the server
<Burgundavia> for an icon or a per-user setting you need sabayon
<Shane-S> ahh ok
<Shane-S> I guess when I think of the terminal server I am envisioning the entire process, not just the OS loading...because I do know that DHCP tell the client how to handle PXE or Boottp requests, as per the K12 docs
<Burgundavia> right
<Burgundavia> k12ltsp has a bunch of hacks for controlling users desktop
<Shane-S> never really had a push to use it, but I am working in a small school this coming year, and thin clienting may be their best solution with little $
<Burgundavia> for ubuntu's ltsp, for policy you use sabayon and for realtime control use thin-client-manager
<Shane-S> ahh ok
<Burgundavia> if you going for a school, I would use edubuntu
<Burgundavia> try #edubuntu
<Shane-S> yeah, have to check that package out
<Burgundavia> edubuntu is not a package
<Burgundavia> it is partner project of ubuntu
<Shane-S> I only know a bit about Fedora and Ubuntu atm, but the K12 guy customized his package pretty well for a school
<Burgundavia> like I said, k12 has some nasty hacks to make it work
<Shane-S> sorry should say "offering" I guess, not meaning like a software package :D
<Burgundavia> right
<Burgundavia> I would download Edubuntu and try it out
<Burgundavia> probably the easiest way to get going
<Shane-S> alright thanks
<Burgundavia> and hang out in #edubuntu
<Burgundavia> there are good people there
<pirroh> do-release-upgrade is one of the coolest thing of edgy :P
<hads> Nice, didn't know that existed.
<pirroh> hads: I preferred a dapper-edgy-feisty path
<pirroh> than dapper-feisty... too dangerous ;)
<Burgundavia> dapper feisty is not supported
<pirroh> Burgundavia: if I s/dapper/feisty/g in sources.list ... dist-upgrade won't work?
<Burgundavia> it might, but I wouldn't do it
<pirroh> I think no one can stops you if you wanna try this kind of suicide
<pirroh> me neither
<pirroh> goodnight
<Rescue9> I'm back... more questions. :-P
<Rescue9> Searched google... can't find answer. Hope you guys can help. I need to select os on next boot, so I can boot into various distro's from a shell without monitor or keyboard. I knew it was possible in gnome a while ago, but haven't found out how to do this from console.
<Rescue9> Ok guys... wakeup again already. :-P
<Burgundavia> I have no idea
<Rescue9> ROFL.
<Rescue9> No worries... I think I found my answer in ##linux
<Rescue9> bbl
<pauliukas> Heya everybody.
<pauliukas> Anyone wanna help out a desperate guy?
<Burgundavia> what is your issue?
<pauliukas> Trying to mount a firewire drive.
<pauliukas> Is there any special procedure that I should follow?
<Burgundavia> right
<pauliukas> Go on.
<pauliukas> On the desktop version of Ubuntu, it just mounts fine.
<Burgundavia> right
<Burgundavia> generally, figure out what device it is and use mount to moutn it
<pauliukas> I know. That's what I usually do.
<pauliukas> Dmesg gives this: http://pastebin.ca/532446
<Burgundavia> hmm
<Wooksta> hey kr8, u around bud? :)
<Wooksta> my ubuntu fiesty fawn server keeps resetting just after it gets past grub (i get a "Startup up..." message and then the system resets).. I have tried re-isntalling several times & have also tried other distros which don't seem to have this problem, can anyone help save my fawn? :<
<Neopath> hi guys.. hey I'd like to get a "beep" from my pc speaker when my server is done booting.... any references or ideas?
<Shane-S> where can I check to see why WinSCP3 keeps getting a connection reset by peer error. I am trying to connect to my Virtual Machine Ubuntu Server, it may be virtual machine itself, but I want to make sure
<Shane-S> I guess to simply it, is there a SSH error log? I would assume in /var/log/?
<Scunizi> For someone to watch a video that is stored on a LAN server from the WAN side, do I need to setup a streaming server? and or FTP server so it can be downloaded directly from the page?  It currently times out.
#ubuntu-server 2008-05-26
<Deeps> bimberi: group membership is fine, am using "auth       sufficient pam_wheel.so trust group=admin" in pam.d/su at the moment instead of sudo
<Deeps> the "%admin ALL=NOPASSWD: ALL" is copy/paste from sudoers file
<Deeps> sudo -s, sudo -i, sudo su -, all prompt for user's password
<Deeps> sudo apt-get too
<Deeps> nm, just added auth       sufficient pam_wheel.so trust group=admin to pam.d/sudo
<Deeps> sod sudoers file
<kgoetz> hi all. should open[vpn,ssl]-vulnkey give the same output? i have a vpn key that openvpn-vulnkey says is ok, but openssl-vulnkey says is compromised
<kgoetz> which is annoying, and more then slightly worrying to me
<dave__> good evening
<uberG00ber> anyone in here a packaging guru
<uberG00ber> or know anything at all about packaging? lol
 * delcoyote hi
<kraut> moin
<Stonekeeper> hi. Is there a way to find out the version of an updated package before installing it? thanks.
<blue-frog> Stonekeeper: apt-cache madison program or apt-cache show program
<Stonekeeper> blue-frog: i thought that showed the installed version?
<soren> Stonekeeper: Maybe "apt-get -s ..." is what you want?
<Stonekeeper> madison looks interesting. i'll try -s
<Stonekeeper> right, same info. ok thanks.
<blue-frog> Stonekeeper: shows all packages, try it you will see...
<Stonekeeper> out of interest, i don't suppose you know of anyone who backports samba/ldap to 6.06.2 ?
<Stonekeeper> 3.0.24 is really old
<Stonekeeper> hmm.. it appears i'm looking at feisty. bleargh. i'll check the dapper repos
<Stonekeeper> blue-frog: thanks for your time.
<Kamping_Kaiser> apt-cache policy?
<Kamping_Kaiser> oh, its gone
<uvirtbot`> New bug: #234926 in logwatch (main) "logwatch missing conf files" [Undecided,New] https://launchpad.net/bugs/234926
<uvirtbot`> New bug: #234927 in php5 (main) "delay php script execution on cli" [Undecided,New] https://launchpad.net/bugs/234927
<owh> I'm experiencing an intermittent solid freeze on suspend of my Thinkpad running Gutsy. In order to locate the problem and locate/create an appropriate bug report I need to figure out a way to determine what is actually happening that might be causing this. Can anyone suggest any such methods?
<steph33560> Hello
<steph33560>  Does somebody else use virt-manager here ?
<owh> steph33560: You should ask your actual question.
<steph33560> owh,  I would like to solve the error "Error starting domain: virDomainCreate() failed" when I launch my VM as non-root user
<steph33560> my user is member of kvm and libvirtd
<steph33560> on files, chown root:libvirtd is set, and chmod is  660
<owh> I've not used virt-manager, but if it works as root and not as your user, my question would be: "After you added that user to those groups - assuming they are the correct ones - did you logout and back in again?"
<Koon> steph33560: make sure virtualization is enabled in your BIOS
<steph33560> Koon, it is enable, and my processor is VMX compliant
<steph33560> owh, I logged out many times... even reboot ;)
<steph33560> owh, if you do not use virt--manager, what do you use ?
<owh> Well, not having used virt-manager, my personal next step would be to use strace to see where it's failing.
<steph33560> mmhh I've got the trace in the main program
<owh> steph33560: At present I'm using vmware, but that is under review.
<steph33560> owh, we stopped using vmware since IOWait problems and time syncrhonisation pb when starting several VM on a same host
<steph33560> here is the error : http://pastebin.com/d4c838a
<steph33560> it's python...
<owh> steph33560: As I said, it's use is under review :)
<hads> Tried using virsh?
<steph33560> hads, that's the funny piece of the cake
<steph33560> when starting with virsh as non root user, VM starts
<steph33560> then using virt-manager as non-root displays the VM as shutdown...
<steph33560> using virt-manager as root displays it running !
<owh> steph33560: So, it's a permissions issue.
<steph33560> chmod is 660 on image file and description file
<owh> steph33560: Or it
<owh> steph33560: Or it
<owh> crap
<hads> :)
<owh> steph33560: Or it's a bug.
<owh> The ' is next to my enter key :)
<hads> Yup
<steph33560> I thought it was permissions, but even with chown root:libvirt on image file and xml file, and with chmod 660 too, I've always got the same error
<hads> If virsh works as non-root you must have permission
<owh> steph33560: It may not be on the image, it might be on a device node for example.
<hads> I'm not familiar enough with virt-manager to offer too much help though.
<owh> hads: I'm in the same boat :)
<steph33560> hads, i'm pretty as experienced as uou ;)
<steph33560> s/uou/you/
<steph33560> owh, device /dev/kvm ?
<steph33560> owh, I've set it 660 and root:kvm
<owh> steph33560: May I suggest that you send an email to the ubuntu-server list as there are plenty of people who either wrote that code or know how it works. Depending on your local timezone, they might be around in about six or so hours - while I'm fast asleep :)
<steph33560> good idea
<steph33560> but ... i've submitted a bug 234938 @ bugs.launchpad.net.
<uvirtbot`> Launchpad bug 234938 in virt-manager "VM started with virsh but not marked started in virt-manager" [Undecided,New] https://launchpad.net/bugs/234938
<owh> steph33560: Well, that will achieve the same eventually :)
<simosx> hi all
<steph33560> owh,  :)
<steph33560> hi simosx
<steph33560> owh, hads, do you think my description is enough precise
<simosx> i want to try out LTSP 5.0. I have Ubuntu 8.04 desktop. Would "apt-get install ltsp-server-standalone" do it for me?
<steph33560> simosx, if your apt is up to date, no pb...
<steph33560> simosx, even if, aptitude will ask you (negative score)
<steph33560> simosx, verify your sources before ...
<hads> I'll take a look in a few minutes after LP loads for me :)
<simosx> steph33560: thanks. this means that I do not have to install ubuntu-server for the demonstration that I am preparing.
<steph33560> simosx, are your talking about package linux-ubuntu-modules-2.6.24-16-server ?
<owh> I'm experiencing an intermittent solid freeze on suspend of my Thinkpad running Gutsy. In order to locate the problem and locate/create an appropriate bug report I need to figure out a way to determine what is actually happening that might be causing this. Can anyone suggest any such methods or a better place to ask this question?
<hads> steph33560: Looks like a fine description to me. The only difference I can see from mine with a cursory look is that I have a+r on the XML files
<hads> (they are root:root)
<steph33560> hads, thanks hads :)
<simosx> steph33560: there are two different Ubuntu ISOs, the desktop and the server. The server comes by default with things like nfs. sshd, ltsp, and so on. I would like to try out just LTSP, preferably on my current Desktop installation. I wonder whether apt-get install ltsp-server-standalone will pull in the necessary packages (I believe the kernel does not hurt to stay the same), or I need to handpick.
<steph33560> simosx, since you want to install LTSP, try out mini distros
<steph33560> install the minimal OS, then aptitude install ltsp
<steph33560> even if you face problem laters, you'll be able to install the server using aptitude install linux-image-2.6.24-16-server
<steph33560> s/laters/later/
<simosx> I see.
<steph33560> simosx, https://help.ubuntu.com/community/Installation/MinimalCD
<simosx> I'll go for the Ubuntu Server installation on a fresh partition. It looks saner when I describe this at the training.
<hads> Just followed the libvirt Python but it goes down into a C module so not much for me to see.
<steph33560> hads, I'm stucking on it too :-(
<AnRkey> for some reason i can't connect via ssh from my ebox to any other ssh server
<AnRkey> scp and ssh
<AnRkey> ssh just times out
<AnRkey> can anyone help?
<AnRkey> i have tried installing stuff via apt and i have tried ssh'ing in to other box's too. I can't find anything in the logs and I have disabled the firewall service in ebox.
<steph33560> AnRkey, does netstat -ant points out a ssh listening socket ?
 * _ruben would use netstat -lnt instead when looking for listening sockets
 * hads uses -plant just because it spells a word
<_ruben> combining l and a doesnt seem very useful to me though :)
<hads> No it's not, but I like it anyway :)
<hads> l overrides a
<hads> erm, other way round.
<bimberi> <--  plunt
<AnRkey> steph33560, I cant ssh out
<AnRkey> ssh in works fine
<AnRkey> i cant use apt-get either
<steph33560> AnRkey,  don't understand ... you said you can't connect ...
<AnRkey> i can't connect to ssh servers from within the ebox server
<AnRkey> so when i am at the terminal of the ebox, i cant ssh out or use apt-get to install bits
<steph33560> AnRkey, does this box have iptables rules ?
<hads> Do you have any network connection at all?
<AnRkey> steph33560, i think it's iptables that might be the problem
<_magnetic> AnRkey: you will have to add firewall rules to your eBox server
<AnRkey> _magnetic, i think this is the answer yes. I think that even though I have disabled the firewall, some of the iptables rules are still there
 * AnRkey is checking
<_magnetic> AnRkey: if you have enabled the firewall module, it won't allow you to connect to external servers
<steph33560> AnRkey, iptables -A INPUT -p tcp --dport ssh -i ppp0 -j ACCEPT
<steph33560> AnRkey, iptables -A OUTPUT -p tcp --sport ssh -o ppp0 -j ACCEPT
<steph33560> AnRkey, if connecting on port 22, of course
<_magnetic> AnRkey: it's pretty easy to add a firewall rule to allow connection to external stuff
<steph33560> AnRkey, and if connecting throught ppp0... might be eth0 for you
<_magnetic> AnRkey: if you want to add rules to allow external connections go to Firewall->packet filter->Filtering rules for traffic coming out from eBox
<AnRkey> _magnetic, this i know. My pickle is that the firewall was supposed to be disabled
<AnRkey> odd
<_magnetic> AnRkey: do you have any interface configured by dhcp?
<AnRkey> none, no
<_magnetic> AnRkey: weird, can you run this: /etc/init.d/ebox firewall stop ?
<AnRkey> ok really odd... i enabled the firewall > added an any rule and accept for outgoing connections and it's fine
<AnRkey> but the firewall was off to begin with
<AnRkey> it's working now though...
<AnRkey> bug?
<_magnetic> AnRkey: did you save changes when you disabled the firewall?
<AnRkey> yes
<AnRkey> i am going to disable it now to try and reproduce
<AnRkey> the fault :D
<_magnetic> :D
<_magnetic> AnRkey: could you make sure you don't have any dhclient running?
<AnRkey> ok
<AnRkey> hmm
<AnRkey> ok firewall is off and it's still fine
<AnRkey> but i never removed that rule from the firewall section before i downed the firewall
<AnRkey> ok, i took the any-any-outgoing rule out
<AnRkey> and then downed the fw
<_magnetic> ok
<AnRkey> and it's scr3wed again
<_magnetic> AnRkey: try this
<_magnetic>  /etc/init.d/ebox firewall stop
<AnRkey> that worked
<AnRkey> so the fw is not stopping then?
<_magnetic> it looks like that
<_magnetic> please, can you check if you have any dhclient running?
<AnRkey> gonna search for a bug in lp
<_magnetic> just to rule that out
<AnRkey> ok
<AnRkey> 21720 ?        00:00:00 dhclient3
<AnRkey> my interface eth0 is static though
<AnRkey> just confirmed
<_magnetic> AnRkey: ok this a known bug then
<AnRkey> oh ok
<AnRkey> nice to know
<AnRkey> i am doing research on a vm here
<_magnetic> in your /etc/network/interfaces you have that interface configured by dhcp
<AnRkey> working all the kinks out
<AnRkey> checking
<AnRkey> wtf?
<AnRkey> it is
<AnRkey> but then...
<AnRkey> how
<_magnetic> AnRkey: one sec
<_magnetic> AnRkey: that's something we have changed for the next eBox version 0.11.100
<_magnetic> AnRkey: basically: we didnt overwrite the /etc/network/interfaces, we wrote the conf in other file
<_magnetic> and that caused this kind of issues
<AnRkey> i c
<_magnetic> AnRkey: you have the new packages available in here http://ebox-platform.com/download/
<AnRkey> will the new version use the interfaces file?
<_magnetic> AnRkey: or you can just woraround your problem by modifying your /etc/network/interfaces
<AnRkey> ok
<AnRkey> well it works fine as long as i leave the firewall on
<_magnetic> AnRkey: the new version already uses the normal interfaces file, and fixes that issue
<AnRkey> i can just add that any<>any<>outgoing rule
<AnRkey> ok shweet
<AnRkey> i love the app so far
<AnRkey> nice work
<_magnetic> thanks :)
<_magnetic> AnRkey: by the way there are more available packages which didn't make it to Hardy in our repos
<AnRkey> oh ok
<_magnetic> and i expect to release a new version in a few days
<AnRkey> do i add your repos to mine or do i replace mine with yours?
<AnRkey> shweet
<AnRkey> you have a wiki page for the project?
<_magnetic> AnRkey: we use trac http://trac.ebox-platform.com
<AnRkey> ok cool
<AnRkey> gonna signup
<AnRkey> i live in a small town called george in south africa. So every1 that I have shown ebox to is excited about it
<_magnetic> and the developers usually hang out on #ebox , so feel free to ask stuff there too
<AnRkey> ok shweet, thanks
<_magnetic> ok
<_magnetic> gotta go now, i gotta install a eBox for a customer
<_magnetic> see you later
 * AnRkey cried when webmin stopped working correctly in ubuntu
<AnRkey> ciao
<geertn> I noticed the installer was unable to install grub on my /dev/i2o/hdb device
<geertn> anyone familiar with this story and should I file a bug?
<zul> mathiaz: I was thinking that patch you did for dovecot should really go upstream
<zul> to dovecot
<soren> Which one was that?
<mathiaz> zul: are you refering to the log message ?
<mathiaz> zul: I think so - I haven't checked if the upstream hg repository has already fixed it somehow.
<zul> mathiaz: yes thats the one Im referring to
<macd> after setting my LVM volume active what is the device that I mount? /dev/lvm_volume doesnt work
<mathiaz> macd: try to look into /dev/group_name/lv_name
<macd> I used volume group name lvm1 but nothing in /dev/ seems to match
<macd> mathiaz, vgscan finds the volume, as well as vgdisplay shows it
<macd> but I can't format it, or mount it
<macd> mathiaz, ahh, figured it out, I didnt create the logical volume, only the physical partitions were added to the group
<macd> I think I'll edit the help.ubuntu page to better reflect the steps
<ScottK> macd: Thank you for taking the time to improve the documentation.
<macd> its only about the 100th time ;)
<macd> brb
<stefg> I'd like to have a public (writable for guests) samba share on a 8.04 server running ebox. I'm facing 2 problems: 1.) actaully there's no use in manually editing smb.conf, b/c ebox will overwrite the change sooner or later. (For testing i added a share manually in smb.conf) 2.) win-clients can see the the share, but are unable to browse it (get passwd prompt). A hardy client can't even see...
<stefg> ...the share... the ebox docu is pretty sparse, anyone got a hint for me?
<zul> try #ebox
<stefg> ah... there's an irc-channel? thanx
<Miguel`> Hi, I wonder if there is a way to stop to annoying sound my server makes while running Folding@Home by not letting it write on the harddisk?
<krogh> Use lsof or fuser to find out what files i actually touches..
<krogh> and move them to a ram-filesystem.
<Miguel`> Why don't they run it in ram as standard?
<krogh> That was one of the tough questions..
<krogh> Why did some other developer chose another implemetations plan.. Hmm...
<Deeps> lol
<Deeps> Miguel`: you need to ask your hardware manufacturer why they made your disks so noiy
<Deeps> noisy*
<Miguel`> It's an old PC :)
<Miguel`> And I don't have the sound when, for example, copying huge files to my FTP
<Miguel`> It sounds like a sharp beeping sound
<Jeeves_> Miguel`: Probably lots of smal reads/writes
<Jeeves_> Anyways, if the data isn't that important
<Jeeves_> You can always create a driectory in /dev/shm/
<Miguel`> The data is important
<Jeeves_> Than you need te leave it on disk
<Jeeves_> And buy another less noisy disk :)
<Miguel`> It would require me to write a script that executes Folding@Home on the ram and when I close it, copy the files to hard disk
<Miguel`> To much work for what it's worth
<krogh> Miguel`: Well.. youre probably still paying quite alot for the extra power it uses.. anyway .. :-)
<Miguel`> I just wanted to donate some CPU power to science, since it's a small home server (www,LAN,gameserver)
<opn6> I want to install  ubuntu sever with the gui.  can i only use the gui when i need it? Or will it boot to the desktop by default???
<faulkes-> you can turn off the gui starting by default by configuring when init loads it up
<faulkes-> you can turn off the gui starting by default by configuring when init loads it up
<faulkes-> just change /etc/rc3.d/S<number><servicename> to /etc/rc3.d/K<number><servicename> (and the same for rc4.d and rc5.d)
<opn6> thanks.. so much to learn.
<InsomniaCity> faulkes-: change? does ubuntu not have something like chkconfig?
<\sh> update-rc.d
<\sh> chkconfig is rpm stuff
<\sh> update-rc.d is debian
<\sh> invoke-rc.d is debian too
<\sh> sysv-rc-conf is interactive
<\sh> (needs to installed, is not available by default)
<fabianhoward> is there any form of documentation for administering the mail server profile?
<mathiaz> fabianhoward: there is an email section in the Ubuntu server guide
<mathiaz> fabianhoward: https://help.ubuntu.com/8.04/serverguide/C/email-services.html
<fabianhoward> mathiaz: thank you, but I can't find any documentation on what the mail server profile provides(from reading config it seems to include a mysql backend, but I've absolutely no idea how to add users etc?)
<mathiaz> fabianhoward: the mysql backend is not enabled by default.
<mathiaz> fabianhoward: postfix will use the system users.
<mathiaz> fabianhoward: /system users/local users/
<fabianhoward> mathiaz: and dovecot will authenticate with pamd?
 * delcoyote hi
<fabianhoward> hi
<uvirtbot`> New bug: #235100 in mysql-dfsg-5.0 (main) "mysql got signal 11" [Undecided,New] https://launchpad.net/bugs/235100
<SwissPhoenix> Hi folks, is there already something implemented to get noticed if unattended-upgrades can't upgrade a package? Or do I have to do something on my own....?
#ubuntu-server 2008-05-27
<sCOTTo> hey guys
<sCOTTo> can anyone who knows about hosting talk me through a few of my options pls?
<sCOTTo> I currently use a reseller account with cPanel on it, I need a windows server for remote desktop through terminal services and also am thinking about getting a linux server up with virtual machines in it to run both a linux server and a cPanel account... anyone here who can help me ?
<Deeps> with cpanel?
<Deeps> there's probably a dedicated channel for cpanel that can help you better
<sCOTTo> Deeps: nah that just one of the things i want to run..
<sCOTTo> what i am debating - because of a lack of understanding really - is whether I should get my OWN hardware and split it OR use the massive hardware my friend has in his own datacenter - he offered me v-servers which I Would pay by the month of - they are mantained by his employees... woul that be the best because its on his hardware?
<hads> Unless you have the ability to own spares for your hardware and the likes I would probably go with hardware offered by the datacentre. That's just me though.
<hads> Not really Ubuntu related though.
<Deeps> from my memory, cpanel largely takes over almost all the components that it manages
<Deeps> and you're forced to use it to configure said services, anything that you try to do by hand afterwards gets replaced by cpanel shortly after
<sCOTTo> thats ok.
<Deeps> also not really ubuntu related
 * Nafallo runs away screaming
<Deeps> cpanel make you cry too?
<Nafallo> I've just got out of a job managing ~200 such servers
<sCOTTo> nah not really...
<Deeps> sCOTTo: your options are basically, a) tool to manage your services for you, either paid for (cpanel, plesk) or free (ebox, webmin), or b) do it all by hand using a command line
<sCOTTo> i am a reseller atm....
<sCOTTo> Deeps: I would rather cPanel.
<Deeps> in both cases i've cited simply 2 examples of many options
<Deeps> what you choose depends on your needs
<sCOTTo> thats a must in my eyes - i HATE PLESK... YUCK!!
<sCOTTo> my essential internal battle is if I go with getting my OWN hardware or using the massive H/W virtual server setup i am being offered...
<Deeps> hads answered that best already
<sCOTTo> hads: im so sorry - i COMPLETELY missed what you said!!!
<sCOTTo> i had to scroll and look hard :(
<c1|freaky> hi all. i got a strange problem. i've installed phpmyadmin apache php etc.. phpmyadmin worked ... now it suddenly doesnt anymore is this a bug?
<sommer> c1|freaky: are there any errors?
<c1|freaky> yea, 404 not found but the phpmyadmin link in /var/www is there if i CD to it, the directory is filled with files
<c1|freaky> i tried different vhosts and the default one none work
<c1|freaky> always 404 not found
<c1|freaky> The requested URL /phpmyadmin was not found on this server.
<sommer> c1|freaky: how about any errors in /var/log/apache2/error.log ?
<sommer> did you change anything in your apache config?
<c1|freaky> the default virtualhost also points to /var/www/
<c1|freaky> oh yea i see something
<c1|freaky> thank you I didnt see it the last time
<c1|freaky> working now :D
<naughtykid001> Hi~  *Newbie warning*
<naughtykid001> I wanted to setup a ubuntu server on Dell poweredge 2600
<naughtykid001> but I the ubuntu wiki shows that Dell server are not supported for this poweredge
<naughtykid001> what can I do to confirmed the hardware is supported? anyone?
<naughtykid001> The graphic is integrated ATI Rage XL
<naughtykid001> Intel Xeon
<seanh> you could install it and see what doesn't work...
<seanh> or boot off a live cd and check the boot message about put
<seanh> with the exception of some of the weirder raid hardware i can't see to much of the stuff in a modern dell server `not` working to atleast some extent
<uvirtbot`> New bug: #235143 in samba (main) "Samba keeps drive "busy" even after unsharing" [Undecided,New] https://launchpad.net/bugs/235143
<naughtykid001> ubuntu server edition is live cd too? I was thinking of trying with live cd but it doesn't work with the one I downloaded (8.04 Hardy)
<naughtykid001> the option I have on the boot-up screen is 1. install ubuntu server 2. Scan for valid CD 3. Test memory 4. boot from first harddisk... sorry I can't remember all, but it is all something like that and not to boot ubuntu into memory
<RoAkSoAx> naughtykid001, you'll need a desktop live cd, but try install it and see what happens
<naughtykid001> RoAkSoAx: I see, thanks! I'm out of harddisk actually so was trying to use a live cd to test it out first
<RoAkSoAx> ok ;)
<kraut> moin ;)
<jords> hey, when munin makes mysql graphs, and the horizontal axis is in quries per second, and graph is marked in 50m, 100m etc, does the m mean million? doesnt seem right at all.. that said 50 queries per second doesnt seem right either. Is there a good manual for interpreting the graphs?
<soren> The horizontal axis is never queries per second.
<stonekeeper> hi. I'm having issues with 7.10 server (I have to use this version) and software RAID5. I've got 3 drives, each partitioned into / and swap. The setup goes fine and the install is great, until it tries to install grub on the boot record. At this point it fails. I've searched google and someone believed that /boot could not be on software raid 5. Any ideas on how to get this working? many thanks.
<stonekeeper> i do have the option of using a nasty raid card but that doesn't have a driver for ubuntu so i'd really like to sort software raid
<Deeps> http://lists.us.dell.com/pipermail/linux-poweredge/2003-July/008898.html
<Deeps> might be relevant to your interests
<Deeps> keywords used in google: /boot grub raid
<stonekeeper> is this possible during install?
<jords> soren: I
<jords> will link the graph i'm looking at... looks like quries / seconds to me :Z
<soren> jords: Possibly, but not on the horizontal axis.
<jords> http://67.207.143.240/munin/propertyreturns.co.nz/www.propertyreturns.co.nz-mysql_queries-day.png
<jords> aah i mean vertical
<jords> i always get it wrong... still wondering how to interpret that though
<stonekeeper> Deeps: this problem occurs with lilo also. i don't know if that's a further clue to the problem
<jords> is 150 m queries/ seconds 150 milliqueries per second ie .150 queries per second?
<_ruben> jords: i would guess so, without looking at the actual graphs, i do know that with cacti it'd mean mili
<jords> _ruben: http://67.207.143.240/munin/propertyreturns.co.nz/www.propertyreturns.co.nz-mysql_queries-day.png
<jords> i thought it was 150 million for a moment... gave me a shock
<_ruben> million would be M
<soren> Yeah, 'm' is milli (1/1000).
<jords> guess they follow S.I conventions then. :D
<sergevn> is it possible to view information about an package in apt-get what is fixed with that update?
<TritonX> I have a small question about Firestarter, if I deny service on port 80 for 82.125.0.0 is it blocking 92.114.*.* ? those damn moldovian :|
<TritonX> oups I meant 92.114.0.0
<TritonX> or is it 92.114.0.0/255 ?
<TritonX> I'm using Firestarter, where can I set the range of blocked ips for port 80 ?
<ScottK> sommer : pitti just copied clamav from -backports to -updates for feisty/gutsy so we now have one fully patched version for all distro releases.  Thanks for all your help with this.
<ScottK> sergevn: IIRC apt-listchanges (or something similar, I didn't look it up) will do that.
<sommer> ScottK: awesome!
<ScottK> Of course there's an RC out for 0.93.1, so probably a new wave of security fixes coming soon.
<sommer> heh, it's a never ending cycle :)
<TritonX> How do I configure Firestarter to block a certain range of ip from my web server ?
<uvirtbot`> New bug: #234901 in samba (main) "Please apply upstream patch for dpkg-buildsource" [Undecided,New] https://launchpad.net/bugs/234901
<TritonX> labidoche... est-tu la
<TritonX> tu pourrais reparer ca avec un livecd et Grub
<TritonX> oups sorry
<stonekeeper> hi. anyone using hardy+samba in production?
<stonekeeper> just wondering if there are any issues i should know about before starting to migrate
<ScottK> stonekeeper: Samba has so many options there's really no way to know if any one else's experience would be like yours.  Local testing is strongly recommended in any case.
<stonekeeper> sure. i appreciate that. I was just hoping that someone could say "no issues on my setup" or "fatal bug! must do xyz after install".
<stonekeeper> just testing waters, y'know..
<ScottK> Sure.
<ScottK> We do get people in here that don't understand you need to test your config, so I thought I'd mention it.
<stonekeeper> :)
<stonekeeper> i was enquiring about general experiences :)
 * ScottK can't help you with that one.
<stonekeeper> i have the horrible task of deciding to stick with feisty (ouch), moving to hardy (seems risky) or using etch (:O)
<TritonX> hardy is LTS, you might be better long term, I switched my personnal server from 6.06 without a hitch
<stonekeeper> it just worries me that it's just out of the door...
<stonekeeper> not that i'm adverse to crazy gambles you know :)
<TritonX> what are the services you will need ? I use the LAMP stack with samba everything is smooth
<Deeps> upgrade to gutsy then
<stonekeeper> just samba/dns/dhcp
<Deeps> avoid hardy til .1, then you're not dealing with something overly fresh
<TritonX> seems similar to me, don't worry it is a very good release, I run the AMD64
<stonekeeper> ooh, i will be using dual core opterons so AMD also
<hads> Hardy is solid
<Deeps> unless you use xen ;)
<TritonX> I even added a raid1 to it when I reinstalled and it's working wonderfully
<stonekeeper> i was considering using openvz. been testing it for ages and it's good
<hads> Well, yeah aparently. I'm using KVM
<stonekeeper> ah, KVM
<stonekeeper> how are you finding it? It kinda crashes a bit on my laptop
<mathiaz> stonekeeper: if you're interested in virtualization, I'd suggest to use kvm
<Deeps> kvm needs VT enabled hardware
<stonekeeper> i have VT enabled hardware
<mathiaz> stonekeeper: it's supported
<hads> Really good. No issues here, been testing it for a month or so.
<mathiaz> stonekeeper: openvz and xen are in universe - kvm is in main
<stonekeeper> do you connect via the libvirt thing?
<kirkland> zul: bug #189616 ...  has it been resurrected?
<uvirtbot`> Launchpad bug 189616 in dovecot "[SRU] connection problems under load with hardy dovecot" [Medium,Confirmed] https://launchpad.net/bugs/189616
<hads> virsh/virt-manager yes.
<kirkland> zul: oh, wait, nevermind...  you marked it confirmed for Hardy.
<stonekeeper> is there a vmdk->kvm convertor?
<mathiaz> stonekeeper: I think so - ask jdstrand ^^
<hads> vmware2libvirt
<hads> https://help.ubuntu.com/community/KVM
<soren> stonekeeper: There is indeed.
<soren> stonekeeper: http://people.ubuntu.com/~soren/vmware2libvirt/
<zul> kirkland: yep its an SRU
<soren> It'll be in an upcoming virt-goodies package.
<kirkland> zul: yeah, sorry, misread the launchpad email notification
<zul> kirkland: no problme
<zul> argh I cant spell
 * ScottK thought maybe zul was goind lolcat on us.
<ScottK> goind/going (maybe it was me).
<soren> Oh, noes!
<stonekeeper> cool
<stonekeeper> thanks soren
<stonekeeper> i'm kinda scared of using kvm
<zul> kirkland: I would appreciate it if you could verify that the SRU is fixed though :)
<soren> stonekeeper: Boo!
<stonekeeper> for instance, can you dynamically allocate more memory/disk space on a running maching?
<soren> stonekeeper: Not with the version of kvm in hardy, no.
<stonekeeper> soren: that suggests it is possible thought?
<soren> Anything is possible.
<stonekeeper> :)
<soren> I'm not sure what you're getting at.
<stonekeeper> well your answer wasn't no, it was "not in the version in hardy"
<soren> KVM in Hardy doesn't allow you to expand memory and disk images while the vm is running.
<stonekeeper> what strategy do you take wrt that?
<soren> I... don't try?
<soren> Or add more storage over iscsi or nfs or something.
<soren> I'm not sure how a guest OS would feel if the hard drive it was looking at grew underneath it..
<stonekeeper> yeah. hmm...
<stonekeeper> i may just use openvz
<mathiaz> soren: does the kernel have online fs resizing available ?
<soren> mathiaz: Yes.
<soren> mathiaz: For some filesystems, at least.
<soren> mathiaz: But that's rather different, though.
<mathiaz> soren: right - so if you use lvm in your guest you could add more storage to a running system
<soren> mathiaz: How?
<soren> mathiaz: I know that you can add new pv's to a vg, but where would this new pv come from?
<mathiaz> soren: from a new block device that you add from the host
<soren> That's not the same as growing an existing block device, though.
 * mathiaz nods
<soren> ...which is what I'm not sure how an OS would feel about.
<cjsstables> morning all.  anyone familiar with rrcomputer consulting LDAP howto?
<mathiaz> soren: agreed - expanding a block device may have unexpected result
<soren> cjsstables: No. Neither is Google. Are you making this up? :)
<stonekeeper> soren: i'd love to use iscsi/etc but i have 5 sites and no money for iscsi on one let alone 5 sites. :(
<soren> stonekeeper: iscsi can be done in software.
<stonekeeper> but you still need a different server?
<cjsstables> nope..  the rrcomputer consulting web site has a howto on seting up a server with logins using LDAP.  I have set it up once before and it worked great, however I moved to Ub 8.04 and redid a setup.  followed all the directions...  but I placed the shared /ldaphome director on a raid5 and the security permissions are preventing the login
<soren> stonekeeper: Not really.
<stonekeeper> cjsstables: let me know how you get on, this is the setup I'm doing
<stonekeeper> soren: ???
<sommer> cjsstables: you'll probably have to adjust the slapd apparmor profile
<soren> stonekeeper: !!!
<cjsstables> are you asking for the web site page
<sommer> cjsstables: see /etc/apparmor.d/usr.sbin.slapd
<soren> If I google for "rrcomputer consulting ldap" all I get is an irc log from this very channel from today.
<soren> Sorry, not from today.
<soren> From March 21st.
<cjsstables> the web site is www.rrcomputerconsulting.com
<soren> I call shenanigans
<soren> :)
<soren> Er..
<cjsstables> sommer: what is this new apparmor thing?
<soren> I suggest you ask Rick and Richard why their stuff doesn't work.
<cjsstables> soren: it did work under 7.10
<soren> Yes?
<sommer> cjsstables: https://help.ubuntu.com/8.04/serverguide/C/apparmor.html
<cjsstables> my only issue is I strayed from the directions on the placement of the /ldaphome directory by placing it on an md device.
<soren> cjsstables: Did you honestly expect us to know about a howto that google doesn't even know about? :)
<cjsstables> I found it with google...
<cjsstables> and fortunately to because I like others have been looking for this kind of server setup
 * stonekeeper is worried about using 8.04 for his samba/ldap servers :'(
<soren> stonekeeper: Why?
<cjsstables> soren:  Is apparmor uninstallable?  meaning that I can remove it without destroying my server install.  Apparmor really isnt necessary for my private network
<mathiaz> cjsstables: you should check your log files to see if there a apparmor messages about slapd
<mathiaz> cjsstables: you can then update slapd profile
<cjsstables> mathiaz:  thanks..  which log would that be in?
<mathiaz> cjsstables: /var/log/syslog or /var/log/kern.log
<mathiaz> cjsstables: apparmor uses the audit subsystem
<mathiaz> cjsstables: you can also use aa-logprof to update the profile
<mathiaz> cjsstables: the ubuntu server guide has a section on apparmor as pointed out by sommer
<cjsstables> ok thanks.  I'll look, but it appears to me that my only issue is that there is a permission error on the directory /ldaphome/testuser.  I say this because when the attempts to log on (with a ldap user) I get the $HOME/.dmrc file is being ignored error.  When I log in with a local user on the client.  The /ldaphome directy is mounted exactly as I have specified in my etc fstab.
<cjsstables> so it appears to me that file permissions are ok for /ldaphome, but not for /ldaphome/testuser
<cjsstables> when I do ls -l on /ldaphome I get the proper ownerships etc.  but when I do ls -l on /ldaphome/testuser I get total 0 and that is it
<uvirtbot`> New bug: #231004 in nagios2 (universe) "Path to 'mail' incorrect in /etc/nagios2/commands.cfg" [Medium,Confirmed] https://launchpad.net/bugs/231004
<cjsstables> ok thanks all.  I disabled apparmor for a test..  thanks again
<stonekeeper> can someone help me with something? please? I'm pulling my hair out :(   I have a promise fasttrack 150 raid controller and I'm not using the raid it gives. I've setup software raid but no matter how many times i do it and different configs, the server just wont boot off it. I've done the manual grub install on each sdX1 partition to ensure it wasn't that. Still nothing. I'm going spare here :(
<_ruben> stonekeeper: any errors ?
<kraut> do i really need do define a Host_Alias in a sudoers to use this hostname in a Runas_Alias or could i also use %my_unix_group  my_hostname       = (username_as_sudoers_should_use) ALL?
<stonekeeper> _ruben: none. It's like the bios can't see the devices, but i know i used to boot off it as i've not altered the sata cables
<_ruben> stonekeeper: not even a grub error ? .. then my guess would be a messed up MBR
<stonekeeper> unless i used it's fake raid.... hmm... but then the 8.04 installer doesn't have dmraid loaded so i'm dead in the water on that front too
<_ruben> ah .. boot order settings in the bios? tell it to boot from 1st disk instead of raid ?
<TritonX> You also got to set the Promise controller in IDE mode or something like that
<stonekeeper> TritonX: oddly, there doesn't seem to be that option
<TritonX> Are you sure, I have a K8V and there is such an option somewhere in the bios
<stonekeeper> this is an asus board too. i have a A8v at home and know of it, but this board..... it's hidden!
<TritonX> :|, do you have other IDE connector available ?
<stonekeeper> yeah ide - this is sata
<stonekeeper> i remember now
<TritonX> hmmm
<stonekeeper> the manual has a screenshot showing the option for sata mode
<stonekeeper> but the firmware doesn't have it
<stonekeeper> and i've got the latest one
<stonekeeper> !!!
<TritonX> that's an onboard controller we are talking abou t?
<stonekeeper> yeah, onboard promise
<stonekeeper> it has another controller too
<stonekeeper> but it seems that it has only 2 ports
<stonekeeper> TritonX: check it out. here's the manual (pdf) : http://dlsvr02.asus.com/pub/ASUS/mb/Socket604/NCCH-DL/e1636_ncch-dl.pdf
<m13> hello
<stonekeeper> clearly on there is the promise mode
<TritonX> I'm on windows here(work) and everythings is froZen :|
<m13> i have 2 realtek 8139 cards and on 1st server  run i got :  id  10ec:8139 is not and 8139C+ compatible chipset ? try the 8139too driver instead
<TritonX> can't see your pdf
<TritonX> ml3: they should autoconfigure fine
<m13> on install it asked me for primary card, i choe eth0, ... reboot server , and on 1st run refused my cards
<stonekeeper> TritonX: it's on page 84. You can't??
<m13> hi stonekeeper :)
<TritonX> stone: nah, my comp here is overloaded, seems like displaying a pdf is a lot of work
<soren> m13: What if you load the 8139too driver?
<m13> soren , i never had to do that b4
<m13> this cards were always working by default
<TritonX> ml3: maybe they are blown
<TritonX> ml3: it happens
<m13> nope
<m13> 2 cant be blown
<soren> m13: ...
<m13> ussualy oneto internet blowns from thunder or somthing, not the one for internal network
<soren> 14:25:19 < soren> m13: What if you load the 8139too driver?
<m13> soren , i can try to load it
<soren> That's what I'm asking.
<m13> but i cant belive this hapenening
<m13> <<<thought of realtek as default on all OS :D
<soren> What?
<TritonX> ml3: never had any problem with realtek cards
<TritonX> remove them, reboot, replug, reboot.. maybe ...
<m13> it is driver problem, and this shouldnt be hapenening imho
<TritonX> ml3: you could try with a livecd to see
<soren> Like all software, drivers have bugs.
<m13> soren , yes, but they are working on 7.04 , 7.10 normaly
<soren> So what?
<soren> Does 8139too work?
<m13> no i try fix now
<TritonX> sorry stonekeeper, can't look at your pdf, my windows machine at work sux,
<soren> m13: What "fix"?
<zul> lovely using apache2-mpm-worker I get lots of segfaults when trying to hammer it
<m13> soren, load 8139too driver i mean
<soren> m13: And does it work?
<m13> soren , sudo modprobe 8139too ?
<soren> yes
<m13> cards are detected
<m13> i go reboot
<soren> Err..
<soren> Why?
<m13> i get same error on reboot :/
<m13> soren , do i need anything else then modprobe ?
<soren> Modprobe doesn't change configuration.
<m13> i see
<soren> You probably want to blacklist the modules that doesn't work for you.
<soren> sudo bash -c 'echo blacklist 8139cp >> /etc/modprobe.d/blacklist-local'
<soren> or something like taht.
<soren> that, even
<m13> tnx soren , i go try
<soren> Next time you stop by here, please try harder to explain your problem to begin with.
<m13> ok , tnx for tip soren
<stonekeeper> is there a way to install dmraid from the server installer
<stonekeeper> ?
<m13> soren , ok i blacklisted 8139cp, and added 8139too to /etc/modules, is that ok ?
<soren> m13: No need to add it to /etc/modules
<m13> ok i remove it
<m13> same error on reboot with blacklisted 8139cp
<m13> on lspci card lists as RTL-8139/8139C/8139C+
<soren> What is the complete, exact error message?
<m13> sec
<soren> And what does "cat /etc/modprobe.d/blacklist-local" say?
<m13> (16.604779) 8139cp 0000:02:04.0: This (id 10ec:8139 rev 10) is not an 8139C+ compatible chipset
<soren> And what does "cat /etc/modprobe.d/blacklist-local" say?
<m13> i put 8139cp in blacklist, as i didnt see blacklist-local
<soren> I told you *precisely* the command to run.
<soren> What *exactly* did you put in blacklist then?
<m13> 8139cp
<soren> Look...
<soren> It's not easy (or any fun) to try to help you, when you refuse to do what I tell you to do.
<soren> Remove 8139cp from blacklist and run the command I sent you.
<soren> 14:40:00 < soren> sudo bash -c 'echo blacklist 8139cp >> /etc/modprobe.d/blacklist-local'
<soren> *headdesk*
 * ScottK mumbles something about -server being the only Ubuntu flavor that does not have separate channels for development and support.
<soren> That's not really the problem.
<m1r> soren , my wlan droped, sry
<soren> 15:00:25 < soren> Look...
<soren> 15:00:53 < soren> It's not easy (or any fun) to try to help you, when you refuse to do what I tell you to do.
<soren> 15:01:15 < soren> Remove 8139cp from blacklist and run the command I sent you.
<soren> 15:01:23 < soren> 14:40:00 < soren> sudo bash -c 'echo blacklist 8139cp >> /etc/modprobe.d/blacklist-local'
<m1r> yes, sry again , will do now
<zul> kirkland: yay php5-dbg :)
<zul> just reading the changelog
<kirkland> zul: yeah, lots of changes upstream
<mathiaz> dendrobates: how are we handling specifications drafting/writing for intrepid ?
<mathiaz> dendrobates: the deadline for spec approval is next week
<m1r> soren , done
<emgent> mathiaz: thanks for iproute ACK :)
<zul> kirkland: looks good to me
<kirkland> zul: sweet...
<kirkland> zul: we better move the php5 merge talk to -motu or mathiaz might kick our butts :-)
<sausageman> what do you all reckon the best solution for sharing files (primarily movies, music, etc.) from a Ubuntu Linux server to multiple Linux and OS X clients is? No need for Windows so I was hoping to avoid Samba, unless it really is the best
<The-Kernel> FTP
<mathiaz> sausageman: nfs is the other good options
<ogra> sftp ;)
<dendrobates> mathiaz: I was planning on writing them this week.
<mathiaz> dendrobates: all of them ?
<dendrobates> mathiaz: yes, you doubt my ability.  :)
<dendrobates> mathiaz: seriously, I could use all the help I can get.
<The-Kernel> I guess it isn't very wise to have your /var on another machine
<Deeps> sausageman: nfs and cifs (Samba) are your best bets
<mathiaz> dendrobates: well - during last release I wrote a couple of blueprints.
<mathiaz> dendrobates: and others did as well.
<mathiaz> dendrobates: has something changed in terms of blueprints handling and spec writing process for this cycle ?
<n6rej> morning... I did an "upgrade" yesterday for HARDY and now the server is dead :(  I can get it to boot only with the .14 kernel.  All others can't find the drive.  And once it does boot nothing functions... no dns, apace, and most of all no network
<n6rej> I need some real help... I'm totally lost as to where to begin troubleshooting
<m1r> n6rej: what network card do you have ?
<n6rej> 8139
<n6rej> its an old kingston I think.
<n6rej> only 10mb
<m1r> same here 8139, i get error on fresh install
<n6rej> it frequently says to use the 8139too not the 8139C but i have no idea how to fix that.
<m1r> same here :)
<n6rej> well I have a nice belkin card I can throw in
 * n6rej trying to remember where the stupid thing is.
<m1r> lucky you, i have 2x 8139
<n6rej> m1r: yeah I am blessed that way... I never throw stuff away LOL
<m1r> :)
<n6rej> wife wonders why i keep 20yr old card
<n6rej> s
<m1r> :D
<n6rej> were you able to get your system running?
<m1r> i am still blocked on that 8139too
<m1r> but card detects on lspci and ifconfig now at least
<n6rej> well with the .14 kernel it used it just fine even with the too error
<n6rej> but now it doesn't
<n6rej> lspci?
<n6rej> oh nice
<specialKevin> does anybody know any good books/guides on setting up radius on ubuntu
<n6rej> I haven't done radius in almost 15yrs :(
<m1r> specialKevin: for what purpose ?
<specialKevin> m1r: wireless authentication
<m1r> specialKevin: join #daloradius please
<specialKevin> m1r: ok thanks
<n6rej> m1r: how can I start troubleshooting this problem?
<n6rej> or roll back the kernels
<m1r> n6rej: i am on 8139too, so u can try do what soren sugested me , : ï»¿sudo bash -c 'echo blacklist 8139cp >> /etc/modprobe.d/blacklist-local'
<m1r> then try load 8139too
<n6rej> done
<m1r> that is as far as i got :/
<n6rej> reboot?
<m1r> u can try
<n6rej> which kernel?
<m1r> try latest and check card ?
<n6rej> dunno if that will solve the drive not being identified by the .17 kernel though
<n6rej> card works.
<n6rej> thats the beauty of it.... its older then dirt but never fails :D
<m1r> :)
<n6rej> I've even got a bnc nic as backup :D
<n6rej> kne4-bt
<m1r> hehe :D
<n6rej> if I remember right
<n6rej> a whooping 5mb nic LOL
<n6rej> but the old boat just keeps ticking
<n6rej> ok, recovery mode or norm?
<m1r> i would go for normal
<n6rej> and we're off
<n6rej> acpi fails cutoff
<n6rej> still get the 8139cp error
<n6rej> srst failed
<m1r> :/
<n6rej> rebooting
<stonekeeper> does anyone know how to initialise dmraid on server install? This is my last hope of not scrapping 5 servers :(
<n6rej> stonekeeper: you should have a nix driver
<stonekeeper> nix replaces dmraid?
<n6rej> dunno about dmraid but with raid devices if it can't find the driver you'll need to provide it.
<n6rej> had that problem with windblows
<m1r> stonekeeper: https://help.ubuntu.com/community/FakeRaidHowto - this is 1st google droped me
<stonekeeper> yeah, that tut is for desktop
<n6rej> !dmraid
<ubottu> Factoid dmraid not found
<n6rej> !raid
<ubottu> Tips and tricks for RAID and LVM can be found on https://help.ubuntu.com/community/RaidConfigurationHowto and http://www.tldp.org/HOWTO/LVM-HOWTO - For software RAID, see https://help.ubuntu.com/community/FakeRaidHowto
<n6rej> does that help?
<stonekeeper> nah, not really.
<n6rej> m1r: "failed to load profile" for cups
<stonekeeper> software raid is fubared on these disks as it seems to find some old raid config on the partitions (even though i deleted them). So going to Software Raid in the part man shows incorrectly parsed values like ";" and "not available"
<n6rej> whatever that means
<n6rej> sorry stone i'm terrible at raid :(
<m1r> n6rej: cups is for printing , no ?
<n6rej> yeah
<n6rej> i can uninstall it if I need to for now
<n6rej> but it says the same about mysql
<stonekeeper> n6rej: no worries. I've just had the second most frustrating day of my life today. I'm ready to set fire to things
<n6rej> and named
<n6rej> lol join the club, I upgraded the server and now its DOA
<n6rej> with no way to back things up :S
<m1r> :D
<n6rej> I've got a cdr but don't think I installed the software to use it.
<n6rej> so why would it be loading a "profile" for mysql and named?
<n6rej> its trying to explain to me what is wrong but i'm not understanding :(
<n6rej> how can you pause the boot screen?
<n6rej> just pause?
<n6rej> gonna try a "hard" reset
<stonekeeper> wow, i wonder if it's a full moon. i have really crap days at those times. Technology refuses to work. The gremlins come out to play.
<n6rej> lol
<stonekeeper> i joke not
<n6rej> I really should buy a new bios battery
<n6rej> poor thing is ancient
<n6rej> don't feel bad stone... I've got a dead server with no real way to back everything up :(
<m1r> n6rej , take out hdd and put in other pc as last option ?
<n6rej> yeah, thats a final solution
<n6rej> will take me weeks to get it back to the way it is now though :(
<m1r> http://www.debuntu.org/2006/06/03/61-how-to-burn-dvds-from-the-command-line
<n6rej> dang missed it.
<m1r> n6rej: check link
<n6rej> check link?
<m1r> n6rej: http://www.debuntu.org/2006/06/03/61-how-to-burn-dvds-from-the-command-line
<n6rej> something is failing on boot but i can't stop the boot long enough to catch it
<n6rej> kk I'll do that
<m1r> shift+pgup should get u up on CLI
<n6rej> i'm in cli
<n6rej> just don't know where to go form here
<n6rej> s/form/from/
<n6rej> i need to find out what is failing at boot
<n6rej> that is the KEY
<m1r> check logs ?
<n6rej> yeah but which?
<stonekeeper> ok, i think there's a nasty bug in the installer to do with software raid. I just had to go to command line during part-man and use mdadm to kill a md0 device that part man would not delete. Returning to part man after my endevours allowed me to create the array again.
<n6rej> stonekeeper: do you know how to freeze the display during boot?
<n6rej> u! didn't do very well with this distro :(
<n6rej> found it!
<n6rej> "vm.mmap_min_addr" is an unknown key
<m1r> n6rej: /var/log/syslog
<n6rej> kk
<n6rej> fyi ^S freezes the boot process
<n6rej> wth?  I've got lots of 172. entries in my dns
<n6rej> how could that have happened?  :S
<n6rej> m1r: ok, named looks fine... must be from root records... anyway... i dunno where to go from here.
<n6rej> I don't understand what its trying to tell me.
<m1r> did u check systemlogs ?
<n6rej> m1r: yeah but I don't understand what its trying to tell me.
<n6rej> it LOOKS fine to me
<n6rej> right up to named failing
<n6rej> but these are failing AFTER the message I told you
<n6rej> "vm.mmap_min_addr" is an unknown key
<m1r> that part i really cant help you :/
<m1r> dont have clue what is that :/
<n6rej> right after that is when everything goes to heck
<n6rej> can you tell me how to filter the apt-search so I only see the kernels?
<n6rej> I want to remove all kernels except for the .14
<RoAkSoAx> n6rej, you can add: | grep <words-to-filter>
<n6rej> RoAkSoAx: the problem is I don't know what to filter LOL... I get a HUGE list of things when I say sudo apt-cache search linux kernel
<n6rej> wait, you can dpkg -L to get a list right?
<blue-frog> dpkg -l *kernel* | grep ii  (ii for installed things...)
<n6rej> blue-frog: tyvm
<blue-frog> won't list the linux kernel...
<n6rej> I wish *nix has a system rollback like windblows does
<blue-frog> why?
<blue-frog> so you can have your virus back?
<n6rej> blue-frog: so I could easily recover from this last update
<n6rej> virus?
<n6rej> what virus?
<m1r> :)
<blue-frog> n6rej: downgrade the things you have upgraded then
<n6rej> blue-frog: thats what I'm trying to do now
<n6rej> blue-frog: i installed the .17 server kernel and everything and its uncle went to hell in a hand basket
<n6rej> i figured out how to remove the kernels so I'm removing all but the .14 kernel which is what worked b4
<n6rej> stonekeeper: i just read something in menu.lst that might help you... it says "don't use saveddefualt" or it will not let you boot :D
<kraut> http://photofile.name/photo/fishki_net/3565337/77816482.jpg
<blue-frog> n6rej: was the 16 removed when you upgraded to 17.
<uvirtbot`> New bug: #235265 in freeradius (main) "Update FreeRADIUS Version to 2.0.4" [Undecided,New] https://launchpad.net/bugs/235265
<blue-frog> sorry 14
<n6rej> blue-frog: no
<blue-frog> then boot with the 14
<n6rej> blue-frog: thats how I'm being able to do things... but I can't use named, eth0, samba, nothing
<blue-frog> weird
<n6rej> ok, all kernels are removed except for .14
<n6rej> rebooting
<m1r> <<<aso eth0 problem , using 8139
<m1r> aso/also
<n6rej> m1r: i'll let you know how this goes
<m1r> tnx n6rej
<n6rej> np... shared knowledge is 10x more powerful :D
<m1r> :D true
<n6rej> poor pc, its only a p3-933
<m1r> heh, mine is p3-500 :)
<n6rej> same error
<n6rej> i saw something about fsck just before all the failures
<m1r> did fsck check disk ?
<n6rej> nope
<n6rej> i just did it while mounted thought :(
<n6rej> hope it didn't foobar anything
<m1r> nah
<n6rej> it found 6 orphaned inodes
<W8TAH> good afternoon - -can someone point me to the upgrade guide to go from server 6.06LTS to Server 8.04LTS?
<n6rej> !upgrade
<ubottu> For upgrading, see the instructions at https://help.ubuntu.com/community/UpgradeNotes
<n6rej> !dist-upgrade
<W8TAH> n6rej, thanks
<n6rej> w8tah np, glad I could help OM
<W8TAH> 73
<n6rej> 73's
 * n6rej QRZ
<n6rej> m1r: keep your fingers and everything else x'd
<m1r> :)
<n6rej> m1r: now its running fsck.. finding several errors
<n6rej> still have a kernel variable problem thought
<n6rej> may have to reinstall .14
<n6rej> blue-frog: you know what vm.mmap_min_addr means?
<n6rej> m1r: i think i foobar'd it badly now... its having a fit.
<n6rej> m1r: "multiply-claimed blocks" all over the place
<m1r> hmm
 * n6rej thinks he may have to try to recover his data and do a fresh install :(
<m1r> never saw that
<n6rej> says I need to run fsck manually
<W8TAH> n6rej, does anyone have the sources.list line for dapper-upgrades repo its not in my list for whatever reason
<n6rej> W8TAH: i'm confused as to why you need it?
<W8TAH> because the instructions say to enable it
<W8TAH> http://www.ubuntu.com/getubuntu/upgrading
<n6rej> W8TAH: oic..ok in the sources-list file.. there is a line that says dep-src
<n6rej> see it?
<n6rej> should be one for each
<W8TAH> yes, however dapper-updates is not there
<n6rej> hmmm ok lets see
<n6rej> !dapper-update
<ubottu> Factoid dapper-update not found
<n6rej> !source
<ubottu> You can easily fetch a package's source with apt-get. See: http://www.debian.org/doc/manuals/apt-howto/ch-sourcehandling.en.html
<n6rej> !apt
<ubottu> APT is the Advanced Package Tool, which together with dpkg forms the basic Ubuntu package management toolkit. Short apt-get manual: https://help.ubuntu.com/community/AptGetHowto - Also see !Synaptic (Gnome) or !Adept (KDE)
<W8TAH> never mind -- i found it
<n6rej> :D
<n6rej> trade you problems :D
<W8TAH> no thanks - it still wont work but the line is there
<n6rej> ok, so its there
<n6rej> now do sudo apt-get update
<n6rej> then sudo apt-get dist-upgrade
<W8TAH> it says to use the new upgrade tool
<W8TAH> which is what im trying to do
<n6rej> for now just do sudo apt-get update
<W8TAH> ya - -done - and i found the error -- one of the pages left off a flag in the command
<W8TAH> its running
<n6rej> :D
<W8TAH> thank you
<n6rej> np
<n6rej> i'm not on my *nix side or I could've helped faster
<W8TAH> no worries
<W8TAH> :D
<n6rej> m1r: boy it had a fit!!!.. either it will work now or is permamently hosed
<blue-frog> n6rej: dunno about your vm thing. anything related to vmware?
<n6rej> blue-frog: shouldn't be.... I don't run vmware.. but I suppose anything is possible
<m1r> n6rej: good luck :)
<n6rej> blue-frog: its something to do with virtual memory memmory map....
<n6rej> I can decipher that much
<n6rej> lol ty m1
<m1r> i have managed to get card runing
<m1r> dont know if it has anything to do with blacklisted driver, it is working now , i wont touch it :)
<n6rej> m1r: thats whats nuts...it WAS working fine till the upgrade.... I'm really ticked at u! with this last distro
<n6rej> i don't blame you
<n6rej> I've never had a problem like this b4 with *nix
<m1r> i say to myself, every day u learn 1 thing, even if it is stupid, u learn 365 things per year :P
<n6rej> m1r: yeppers.... my wife couldn't understand how I wanted to build the railings for the porch... I built the deck last year, and this year want to finish it off.... but over the last week we've gotten 50% of the railings done and now she see's what my concept was... and loves it :D
<n6rej> my son is accidently starting to love working with wood which he was resistant to b4
<m1r> :)
<n6rej> well, its back to the same shape it was in b4 :(
<n6rej> dag nab it!
<m1r> n6rej: i sugest u backup stuff 1st :/
<n6rej> yep.. i think i'd better do that
<m1r> then go play with fixes
<n6rej> get everything off the drive
<n6rej> then just do a fresh.
<n6rej> m1r: can you walk me through parted?
<n6rej> i need to make a 20G partition or so
<m1r> to resize disk ?
<n6rej> yeah
<m1r> never done that on server :/ only gparted on desktop
<n6rej> will be same idea.. its just cli and I don't  know that one
<n6rej> well i know cli just not parteed
<blue-frog> n6rej: haven't read the discussion but if it partitioning with parted, it is quite easy
<n6rej> blue-frog: yeah, i've got files in var/www and /etc/and /home that I need to save... total usage right now for entire disk is 26G
<n6rej> I think i've got about 20G in data I need to save
<n6rej> so I need to resize part1 to -20G
<n6rej> call it 30G to be safe
<n6rej> hell better yet, make it 50G then i can use that for the files LOL
<n6rej> its an 80G drive and its only purpose in life is to be a file/lan server
<blue-frog> then it's a reize2fs job first
<blue-frog> resize2fs
<n6rej> blue-frog: ok, so what do I tell it?
<blue-frog> hang on wonder if you need to get rid of the journalisation first
<n6rej> kk
<blue-frog> yep apparently people on the net do remove the journal first
<n6rej> should I reboot into recovery mode or from the cd?
<blue-frog> n6rej: it depends if you can unmount the partition you want to resize
<n6rej> nope can't
<n6rej> umount /dev/hda1 says busy
<blue-frog> ah only one partition
<n6rej> 2 but the other is swap
<blue-frog> then you need a livecd or sysrescd or whatever cd you are used to
<n6rej> kk
<n6rej> rebooting now
<n6rej> its the desktop version of hardy, but it shouldn't matter
<blue-frog> will be easier as you will be able to do that with gparted
<n6rej> kk
<m13> agree
<n6rej> poor thing
<n6rej> I feel sorry for my server
<n6rej> lol
<n6rej> i've got every version of U! back to 4
<n6rej> lol
<n6rej> breezy I think it was
<infinity> 4.10 was warty.
<n6rej> thats right
<n6rej> warty, then breezy
<n6rej> Warty the warthog
<n6rej> :D
<n6rej> blue-frog: its taking its sweet time but its loading
<infinity> warty, hoary, breezy, dapper, edgy, feisty, gutsy, hardy, intrepid.
<n6rej> infinity: intrepid is out?
<infinity> https://edge.launchpad.net/ubuntu/+series
<infinity> (For the curious)
<infinity> n6rej: Oh, heavens no.  We're just starting on intrepid now.
<n6rej> infinity: ok so I'm an old fart LOL
<infinity> n6rej: Not out until 8.10
<n6rej> infinity: your a dev?
<infinity> n6rej: Yes.
<n6rej> infinity: plz don't take this wrong... but the hardy dist was not ......tested? very well
<infinity> n6rej: Some things could certainly have used more testing, yes.  We have a stable realease process which should end up dealing with most of those rough edges.
<uvirtbot`> New bug: #230030 in php5 (main) "php segfaults with readline" [Undecided,Triaged] https://launchpad.net/bugs/230030
<n6rej> infinity: i really appreciate that... like I said I've been a long time U! user and the kernel problems are bad enough to almost push me back to Engarde.
<infinity> Gah.
<ScottK> n6rej: One possibility is that you're using it with a hardware combination that is not used by developers/testers.  It might benefit you to be involved in testing of Intrepid once we get to that point in the cycle.
 * infinity looks at that bug.
<infinity> zul: Who enabled readline in PHP?
<n6rej> ScottK: i'd be happy to.  I'm using a p3-933 because I can't afford to waste money on new hardware just for a file server
<ScottK> Understand.
<blue-frog> n6rej: apprently ext3 does not need to lose journal first to get resized. gparted does it straight (with a FS check first though
<infinity> zul: libedit is known broken (I have years-old bugs open in Debian on its breakages), and libreadline is, obviously, a non-starter for licensing reasons, which I why I explicitely disabled it for the last 5 years.
<zul> infinity: not me
 * n6rej kicks himself for not plugging in a mouse
<n6rej> hang on guys gotta install a mouse stupid me!
<ScottK> n6rej: For intrepid the QA team has a goal to make it easier to test in a VM so you can do it without risking your actual setup.
<zul> infinity: should I reject that bug then?
<blue-frog> n6rej: ctrl shift numlock  to activate mouse with keypad
<n6rej> ok, now what
<blue-frog> syst/admin/partition editor
<n6rej> runing
<infinity> zul: I commented.  More of a "what should we do?" comment.
<infinity> zul: It's unacceptable to leave things as they are, IMO.  Either we need to disable readline support, or fix libedit to stop sucking.
<n6rej> blue-frog: no devices detected
<n6rej> ScottK: save this email addy... troy@hallhome.us
<n6rej> ScottK: let me know when you need help
<n6rej> blue-frog: no devices detected :(
<blue-frog> n6rej: how old is your machine ?
<n6rej> blue-frog: old LOL... msi-9306 I think
<blue-frog> like noah
<ScottK> n6rej: Just hang out here.  I'm not in charge of test coordination, just aware of some things they are doing.
<infinity> zul: In the past, linking to libedit meant you could even background php-cli processes, the library was THAT broken.  I'm not sure if that's still the case, but yeah.  It's not maintained code.
<n6rej> blue-frog: yeppers... circa 1997
<infinity> zul: It's not necessarily BAD code, just very unmaintained, it seems.
<n6rej> ScottK: np, I'm not on much but I'll check in from time to time
<blue-frog> n6rej: well does not smell good
<zul> infinity: I can look into it
<n6rej> blue-frog: lol I hear ya
<infinity> zul: s/could even/couldn't even/  Typing is hard.
<n6rej> infinity: how can I get access to dev /hda1 from live cd?
<blue-frog> n6rej: even if you shrink the partition with another rescucd, ubnutu is apparently a nono for this machine now
<zul> infinity: yeah tell me about it :)
<blue-frog> n6rej: debian will suit it though certainly
<n6rej> blue-frog: no, it was working fine... right up till I did the last upgrade to the .17 kernel
<infinity> n6rej: Become root and mount it? :)
<blue-frog> n6rej: working with dapper or hardy??
<n6rej> infinity: i want to resize it
<n6rej> blue-frog: both
<blue-frog> oh
<blue-frog> ok
<n6rej> blue-frog: works fine with the .14 kernel
<n6rej> has for month or so
<n6rej> ever since it was released
<n6rej> and with dapper for long time
<n6rej> its run U! for 7 years now :D
<blue-frog> n6rej: then systemrescuecd will be your pal, i guess
<blue-frog> n6rej: there is even a small graphical mode on it now
<n6rej> blue-frog: is that ont he live cd?
<blue-frog> with gparted or q (don't remember
<n6rej> s/ont he/on the/
<infinity> n6rej: Oh, hrm, I never resize anything.  Ever. :/
<n6rej> infinity: why doesn't the live cd find the hd?
<blue-frog> n6rej: 16kernel I assume
<n6rej> blue-frog: OH YEAH! doh!
<n6rej> stupid thing!
<blue-frog> http://www.sysresccd.org/Index.fr.php
<blue-frog> 100 Meg to get
<n6rej> infinity: thats the thing I was talking about both the .16 and .17 kernels don't work :(
<blue-frog> http://www.sysresccd.org/Download
<n6rej> blue-frog: kk ty.. give me a sec.
<n6rej> blue-frog: can you give me 5 min to dl and burn?
<valemon> can anyone point me how to install xserver for 8.04 server?
<blue-frog> valemon: want the whole desktop or minimal x
<valemon> blue-frog: whole desktop
<blue-frog> valemon: sudo tasksel
<blue-frog> you will choose what you want
<valemon> that simple?
<blue-frog> valemon: you prefer it to be complicated?
<valemon> blue-frog: nahh
<valemon> blue-frog: thank you :p
<n6rej> blue-frog: dl'ng now
<zul> mathiaz: ping
<n6rej> blue-frog: its going very slow... only 357kb.. will take 10 min to dl
<m13> :D very "slow"
<blue-frog> n6rej: about time for my kid's story. once you boot sysrescd you can "startx" (it's all explained anyway...)
<n6rej> kk
<n6rej> tyvm
<mathiaz> zul: wazzup ?
<zul> mathiaz: so #230878 is a werid one I cant reproduce his oom but I do get sigbus or segmentation faults when torture testing apache2-mpm-worker, the odd thing is he is getting oom with mysqld as well
<zul> doh #230878
 * zul kicks uvirtbot
<mathiaz> bug #230878
<uvirtbot`> Launchpad bug 230878 in apache2 "Apache 2 produces an OOM after 4 hours using" [Undecided,New] https://launchpad.net/bugs/230878
<zul> I have a patch which fixes the segmentation faults locally though
<zul> and kirkland and I were debating this bug at UDS
<infinity> zul: That bug is worthless without more info.
<infinity> zul: (not your segv, that's real, but the "OOM bug")
<infinity> zul: He doesn't even include any ps output to show that apache is what's eating all his RAM.
<zul> infinity: thats what I thought
<infinity> zul: Anything could be eating his memory for lunch, but apache2 is the first thing killed because it's constantly forking new processes, so it's the first one to hit the ceiling.
<mathiaz> zul: right - it seems that mysql is taking 127 M
<mathiaz> zul: from the screenshots
<mathiaz> zul: like infinity mentionned, he should first figure out which process is eating up the memory
<zul> ok gotcha
<infinity> Because of the way apache and MySQL both agressively spawn new thread/processes, they're often the first on the chopping block, even if your OOM was due to, say, bziping / in a ramdisk.
<infinity> (The OOM killer isn't that bright, it just nails the first malloc attempt when you run out of memory)
<zul> so get him to list the output of ps and tell him to buy more memory? ;)
<n6rej> infinity: idk if this helps you or not but the problem with the kernel is the "SRST" failure
<infinity> n6rej: Doesn't help me terribly, I don't do much kernel work these days.  But a bug report would find its way to the right people.
<n6rej> infinity: there was one placed at the relase of 8 and its still there :(
<n6rej> .17 didn't fix it
<infinity> zul: "Buy more RAM" probably isn't the answer if the system was humming along fine with gutsy, but blaming apache just cause it was the first process killed isn't very scientific either.
<zul> infinity: true
<zul> ok thanks for the help
<infinity> n6rej: Well, follow up to the existing bug, reopen it if it's closed, include new info, etc.
<n6rej> infinity: kk
<n6rej> blue-frog: are you still here?
<macd> Maybe the person reporting that bug might consider switching from prefork model as well.
<n6rej> macd: are you talking to me?
<blue-frog> n6rej: back
<n6rej> blue-frog: sweet
<n6rej> blue-frog: i'm in xorg now
<macd> n6rej, if your the person with the apache bug.
<infinity> macd: He's using PHP, prefork's his only option.
<n6rej> macd: nope thats zul
<blue-frog> n6rej: then on the right (if memory serves) there is the partitioning tool
<n6rej> blue-frog: just as an fyi I saw the srst bug go flying past
<blue-frog> srst bug?
<macd> infinity, we use worker MPM with php all the time, just not on ubuntu
<n6rej> blue-frog: starting with .16 everytime i boots it has problems finding the hd (srst failure) because of using dev uid instead of device name
<n6rej> blue-frog: gparted started "no devices found"
<infinity> macd: Well, yes.  I had this argument with upstream repeatedly, and they refuse to support TSRM, so we don't build threaded PHP.
<infinity> macd: *shrug*
<macd> infinity, yeah I hear you there, what a serious bottleneck in perf.
<infinity> macd: Of course, one could use fastcgi or other options, but whatever.
<blue-frog> n6rej: do you mean that /dev/hda1 does not exist?
<n6rej> blue-frog: i'm thinking not....
<n6rej> blue-frog: doesn't show up on a df
<blue-frog> n6rej: I mean does not exists for that kernel
<n6rej> blue-frog: correct!
<infinity> I should reopen that dialog some day.  But for now, prefork is "they way and the light" for mod_php users.
<n6rej> blue-frog: only with .14
<blue-frog> n6rej: gonna be tough, need to download a rescue cd with kernel 14
<macd> infinity, I still shudder at someone using that in a heavy production env
<n6rej> blue-frog: GRRRRRRRRRRRRRRRRRRRRRRRRRR
<zul> infinity: ill open a bug for my apache testing with a fix and get an SRU for it
<infinity> macd: I have for over a decade.
<n6rej> infinity: anyway to fix this srst bug on the fly?
<macd> infinity, but hey, when you reopen that dialog I'll happily chime in ;)
<infinity> macd: We all used mod_php with apache1.3, which was prefork by design.
<macd> infinity, yeah we miught as well still be using it, why bother with 2/2.x
 * n6rej wonders why its doing that in the first place.
<infinity> n6rej: I have no idea, to be honest.  Like I said, I'm not heavily involved in kernel work these days.
<blue-frog> n6rej: for my part I played a little with partitioning in command line (tune2fs, parted) and I am a bit surprised as parted does not want to resize the partition I want
 * n6rej rats'n fratz'n cottn pick'n :'(
<infinity> macd: Because 2.x is a higher version number, and therefor cooler. :)
<macd> if thats the limitation, at least without php installed the apache model defaults to worker, but I cant help but think people installing LAMP on install and not really needing php, and not knowing the diff
<zul> infinity: mmmm....crack
<infinity> macd: If you dig through the PHP changelog, you'll see I enabled thread support in Debian for all of a few versions, then disabled it again when upstream had a hissy fit.
<n6rej> blue-frog: gonna try 0.4.2
<infinity> macd: But, yes, some day soon, I should revisit that argument, fix some outstanding upstream bugs in TSRM, and just tell them "tough shit, we're shipping it this way, cope".
<macd> infinity, ^5
<n6rej> almost a year old so should be ok for the kernel
<macd> its what an extra half dozen packages that cant just be directly merged
<infinity> macd: The other issue was that upstream didn't build TSRM versions of their proprietary accelerator modules and such, which is a loss for some users who hate freedom, but like speed.
<macd> Oh, that brings up a good point, is eaccelerator ever going to be bundled with a buntuized LAMP?
<Wicky656> is there by any chance somebody around that would be willing to chat about tools that i can use to manage a small linux farm that is going to grow to a large size quickly?
<mathiaz> Wicky656: depends what you wanna do
<macd> Wicky656, cfengine is your friend.
<mathiaz> Wicky656: pssh is a good tool
<mathiaz> Wicky656: puppet is another option
<mathiaz> Wicky656: cfengine is also an option.
<Wicky656> well I need tools to centrally manage logins. deploy servers fast and be alerted when things break both in software and hardware...
<ScottK> Musn't forget FAI.
<Wicky656> looking at FAI and puppet right now.
<Wicky656> the hardware alreting is tuning out to be tricky
<mathiaz> Wicky656: nagios is an option for monitoring and alerting
<mathiaz> Wicky656: as for hardware alerting, you may need to use the vendors tools to extract that information
<mathiaz> Wicky656: the information can then be used in nagios
<Wicky656> yeah the problem is all the servers are ibm
<Wicky656> director on RPM not a great fit with ubuntu
<Wicky656> and director not my favorite tool
<infinity> macd: Personally, I'm not sure I see eaccelerator (or any accelerator/cache) as much of a value-add for a one-button LAMP install.  Users that really need it will need to tweak a lot of things anyway, adding another package isn't rocket science.
<macd> infinity, good point
<infinity> macd: That is, if you're serving so many clients that you need the performance boost, you need to tweak apache client/process limits, MySQL table caches, etc, etc.
<macd> infinity, yeah thats for sure, the baseline install is good for serving about 5 people ;)
<infinity> At least 10, surely. :P
<macd> of course people using any acceleration surely wouldnt have mysql on the same server as apache either
<infinity> (Seriously, though, I've used the baseline on ridiculously busy sites with thousands of DB-mangling requests per minute, on pretty sketchy old hardware... It's not THAT bad)
 * macd drools over memcached
<macd> DB-mangling = bad coding practices?
<infinity> But then I get grumpy about any sort of percieved perfomance loss, and I go tweaking anyway.
<infinity> It's not my code, I plead innocence on that score. :)
<infinity> But the site I'm thinking of is a terribly-written forum that inserts/updates on every hit.
 * macd shudders
<infinity> Indeed. :)
<n6rej> blue-frog: still the same problem :(
<n6rej> blue-frog: you here?
 * n6rej is very multi-tasking... fixing television, working on server, cleanign office all at the same time LOL
<m13> n6rej: u see somthing good came out of this error :P
<n6rej> hahahha yeppers
<n6rej> i'm going to repartition the silly hd so the "FILES" are in their own partition.
<n6rej> that way if this ever happens again its not so scary
<n6rej> m13: my son was complaining for months that his TV was DOA... opened it and it was just a fuse :D  GLad too cause my Oscilliscope is missing
<m13> hehe
<n6rej> m13: oh well, thats what I suspected it was, but its ok, cause now he understands resistance and could do this himself if he needed to :D
<n6rej> m13: do you know if there is a way with *nix to "share" a scanner?  I have a program for windblows that lets you do that via html, and its slick, but I'd prefer everything be on the server
<m13> hmm
<m13> never used such feature, probably somthing like network scanner would be needed or some thinkering with usb
<n6rej> m13: yeah... idk how it works just that you put the server driver on the pc with the scanner and then call it via html and tell it waht you want... kinda like how cups does things
<m13> ye, i know what u mean, but i have no clue about it, only used cups for printers, probably sane would be good way to start
<n6rej> probably
<n6rej> boy the resize tool 8is SLOW
<uvirtbot`> New bug: #235294 in apache2 (main) "apache2 mpm-worker segmentation fault." [Undecided,New] https://launchpad.net/bugs/235294
<mathiaz> kirkland: what's your issue with ubuntu-vm-builder ?
<blue-frog> I am baffled as how gparted manages to resize a partition while I can't with parted
<Deeps> magic dust
<JanC> blue-frog: GParted also uses other tools
<JanC> parted only uses libparted AFAIK
<blue-frog> well I was watching the operation gparted used and saw nothing special
<blue-frog> seems that an anttribute is not liked. found a bug report from 2004 and it seems it is still actual
<JanC> which filesystem was that?
<blue-frog> ext3 I take off journal but still ' File system has an incompatible feature enabled'
<blue-frog> trying to remove the feature one by one (don't how I will get them back by the way :) )
<JanC> hm, libparted should support ext3 AFAIK
<blue-frog> going to run gparted again and note all operations
<JanC> hm, I'm not so sure anymore, GParted uses e2fsprogs I think
<blue-frog> thing I have no idea what gparted is doing when shrinking the partition, says nothing special besides old start old end new start... as if it was deleting the partition and recreating it in fact, not resizing it
<JanC> yes, it uses resize2fs
<blue-frog> for the FS ok butfor the partition
<JanC> like I thought
<JanC> hm, partition is probably done with libparted?
<Deeps> you can click the > arrow to expand and see the operation (and output)
<Deeps> eg, when resizing ntfs partitions, gparted uses ntfsgrow
<blue-frog> Deeps: done that and there is no command while "shrinking" the partition
<blue-frog> only information about start and end of partition
<blue-frog> which leads me to think it is deleting and recreating it
<Deeps> dunno then
<Deeps> data needs to be moved as well
<Deeps> and file systems recreated
<Stonekeeper> hi soren. Are you sure kvm is stable for you? stuff just doesn't work too well for me :(
<JanC> it's dead easy to resize a partition if you don't care about the filesystem on it  ;)
<JanC> Stonekeeper: kvm is mostly stable for me too
<blue-frog> weel apparently deleting/recreating the partition works ok, I will stick with that
<Stonekeeper> JanC: ok. thanks for your feedback. It may be my turion chip being crap :/
<JanC> except for some known bugs with 16-bit code
<blue-frog> and take for granted that it is what gparted does in fact
<Stonekeeper> brb
<Deeps> i'd make a backup first
<Deeps> or accept the fact that you'll probably lose any data that's stored outside your partition boundaries
<blue-frog> am just playing with it on a test partition. don't like to be at the bottom of the wall so I test...
<blue-frog> I usually use LVM so...
<blue-frog> deleting /recreating works a treat. no data loss. perfect
<soren> Stonekeeper: Quite sure.
<Stonekeeper> most iso's don't boot well for me :/
<Stonekeeper> ah well
<Stonekeeper> i also get cdrom boot failure codes then the machines wont shutdown for me. I must be doing something majorly wrong. ah well
<JanC> Stonekeeper: e.g. Gutsy live-cd doesn't boot because of gfxboot
<Stonekeeper> ok, why would gfxboot be an issue?
<JanC> it's a boot loader, so it's 16-bits code, I guess  ;)
<JanC> (or at least starts as 16-bits code)
<Stonekeeper> bah, actually ignore me. even though i eventually want 8.04 server running in kvm, this is kinda OT.
<JanC> 8.04 server CD should boot fine
<JanC> hm, Stonekeeper did you try adding a CD-drive to the VM, linking it to the ISO, and then set the boot device to the virtual CD-drive?
<Stonekeeper> um.. yeah i think so. just used the new vm dialogs
<Stonekeeper> i think there is issues with turion chips as i can't even stop this machine via libvirt
<JanC> I got an issue once or twice like that, and the dialogs don't add a CD-drive to the VM definition (they just add it temporarily for the first run or something)
<JanC> but maybe all this should be discussed in #ubuntu-virt  ;)
<Stonekeeper> is there such a channel? :)
<JanC> there is
<uvirtbot`> New bug: #235309 in dhcp3 (main) "dhcp3-server crashes with bootp clients" [Undecided,New] https://launchpad.net/bugs/235309
<n6rej> can anyone tell me how to set a "mount point" for 2 partitions I just created?
<n6rej> infinity: are you still here?
<n6rej> !mount
<ubottu> Partitioning programs: !GParted or QTParted (also "man mkfs" for formatting) - Mounting partitions in !GNOME under !Dapper: System -> Administration -> Disks - For !Edgy and later, see !fstab and !DiskMounter
<infinity> n6rej: /etc/fstab
<n6rej> infinity: yeah, I went into there and discovered something weird... parted says ext3 is not supported yet the file system for dev/hda1 is ext3
<n6rej> so i made hda3 and 5 ( the new partitions, ) ext2
<n6rej> infinity: but I don't know how to say "be /backup" and mount
<n6rej> infinity: know what I mean?
<n6rej> infinity: i also noticed the uuid thingy which is whats driving srst nuts
<infinity> n6rej: Err, say what now?  ext3 has been the default FS for eons.  parted is clearly lying...
<n6rej> infinity: if I type mkfs 3 ext3 that should make partition 3 ext3 right?
<infinity> n6rej: Anyhow, to mount something at "/backup", you need to create /backup as a directory (mkdir /backup), and then add a line to /etc/fstab something like /dev/sda3  /backup  ext3  defaults  0  1
<n6rej> OIC
<n6rej> so make a dir on dev/hda1 b4 I mount /dev/hda3?
<infinity> n6rej: "mke2fs -j /dev/sda3" would format /dev/sda3 as ext3 (ext3 == ext2 with a journal)
<n6rej> infinity: mke2fs doen'st like the lowercase j
<n6rej> infinity: mke2fs -j /dev/hda3
<n6rej> infinity: i just did mke2fs -T ext3 /dev/hda3
<n6rej> how can i make sure /backup is on /dev/hda3?
<n6rej> nm I c
<blue-frog> how could I find out what gparted is doing when moving partitions? look at the source? strace (if yes how?)? other?
<m13> dhcp3 server wont start, how can i troubleshot it ? was working when setup, then when reboot i lose it
<blue-frog> look at the logs for errors
<m13> i have wlan2 and eth0 , it seems it wants revert to wlan2 all the time altho i set it to be eth0
<m13> blue-frog: i check
<blue-frog> m13 then you might need to "force" it to use eth0
<blue-frog> in /etc/default/dhcp3-server
<m13> eth=0
<m13> umm eth0
<m13> ok tnx blue-frog found error
<m13> one dot can do a lot of mess it seems :)
<m13> blue-frog: do you maybe know how i could get eth0 to get internet pass over wlan2 ?
<m13> so i can serve it over my local network
<blue-frog> masquerading
<blue-frog> you have desktop or command line?
<m13> desktop
<m13> cli is on pc conectiong over eth0 to wlan2
<blue-frog> aws talking of that one
<blue-frog> http://ubuntuforums.org/showthread.php?t=782936&highlight=virtualbox+wifi
<blue-frog> look the part starting at "enable ip_forwarding"
<m13> ok, tnx blue-frog
<blue-frog> then it is just a matter of gateway
<linuxmademecrazy> Hello pplz
#ubuntu-server 2008-05-28
<owh> nijaba: How is the hosting for the survey coming along?
<owh> kirkland: I didn't see any further replies to our lsb list submission. There was one initial response to which I responded: http://lists.debian.org/debian-lsb/2008/05/maillist.html#00000
<kirkland> owh: hmm, that's disappointing
<kirkland> owh: remind me...  do we have a debian bug filed?
<owh> kirkland: Well, there are the two bugs that were there in the beginning, but they seem to have languished. Lemmie look for the numbers.
<owh> kirkland: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=291148 and http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=208010
<uvirtbot`> Debian bug 291148 in debian-policy "status action for init.d scripts" [Wishlist,Open]
<owh> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=208010
<uvirtbot`> Debian bug 208010 in debian-policy "Require init.d scripts comply with LSB" [Wishlist,Open]
<kirkland> owh: hmm, i think that bug should be against lsb-base
<kirkland> rather than debian policy
<kirkland> owh: I'm going to open a new bug, and reference that one
<owh> kirkland: No, the discussion went right off the rails - in my opinion - and became a discussion about policy.
<owh> kirkland: A bit like it did here :)
<kirkland> owh: what's your "no" in reference to?
<kirkland> owh: "No" it should not be against lsb-base
<owh> kirkland: Ah, I see your confusion :)
<owh> kirkland: Yes, there should be a bug against lsb-base, but it was already that initially, it was changed to a policy bug.
<owh> IIRC
<kirkland> owh: ugh
<owh> See what I mean?
<owh> Or did I misunderstand what happened?
<kirkland> owh: okay, well, here's what I'm going to do....
<kirkland> owh: I'm going to open a new bug against lsb-base in debian
<kirkland> owh: attach our patch
<kirkland> reference the policy bug for history
<owh> Both of the bugs I showed you?
<owh> As in, reference both?
<owh> Would it not be simpler to reference our LP bug with its attachments?
<owh> Or is that not a done thing?
<owh> kirkland: FYI, ours is https://bugs.launchpad.net/ubuntu/+source/at/+bug/203169
<uvirtbot`> Launchpad bug 203169 in samba ""status" function for init scripts" [Wishlist,Confirmed]
 * owh had it open in a window :)
<owh> kirkland: Hmm, wonder why it shows as a samba bug - perhaps because that's the only one Confirmed.
<ScottK> Policy is the right place to end in Debian, but in Debian the Policy describes the facts on the ground, it doesn't generally lead them.
<owh> Sorry, ScottK, I don't understand what you mean.
<ScottK> No one will write it in the official policy until after there is a significant body of packages doing it.
<ScottK> Policy reflects the established consensus.  It describes the current situation, not some future ideal.
<owh> ScottK: So, are you saying that kirkland and I will need to approach every single package maintainer and ask them to implement this before we get any traction?
<kirkland> owh: I think we need to get our 10-line patch accepted into lsb-base FIRST
<owh> kirkland: I agree.
<kirkland> owh: once that's there, we send our 3-4 line patches to a few dozen core service's init scripts
<kirkland> owh: and perhaps other people will patch others
<kirkland> owh: considering there hasn't been any movement on our patch to the debian-lsb list, i think we should file a bug (with patch) against lsb-base
<owh> kirkland: So, the lsb-base package maintainer hasn't responded, neither has the lsb-list, what's next?
<kirkland> owh: a bug against lsb-base with patch
<owh> kirkland: The pessimistic side of me suspects that it will be marked as a dupe and shifted to policy, but I agree with your process.
<kirkland> owh: perhaps
<ScottK> owh: Not all, but I think kirkland's got it about right.
<kirkland> owh: but here we're dealing with real and practical code, and not a policy document
<kirkland> ScottK: cool, thanks for the validation, i was wondering what advice you might have
<owh> Yes, and that is different from the two bugs so far.
<ScottK> I'd also check and see if any of the lsb-base maintainers are active in Ubuntu and if so approach them directly.
<owh> Now that is a top idea.
<ScottK> This might be a good release goal for Lenny +1.
<kirkland> owh: i thought you emailed the maintainer directly as a first step?
<owh> kirkland: I did and received no reply.
<owh> kirkland: Twice.
<kirkland> owh: right, then you/we emailed the debian-lsb mailing list
<ScottK> Is there a single maintainer or are there several (including uploaders - those are co-maintainers).
 * ScottK runs off.
<owh> kirkland: Yes.
 * owh wonders if ScottK is talking about real running or virtual running :)
<owh> kirkland: Let me have a squiz at the changelog. Perhaps we can get some ideas from there.
<kirkland> owh: okay
<kirkland> owh: ScottK: http://pastebin.ubuntu.com/15201/
<kirkland> attaching the patch
<owh> kirkland: In the gutsy changelog I have there are lots of ubuntu people, Lamont Jones, Tollef Fog Heen, Michael Vogt, SJR, Matthias Klose. In Debian there are Christian Perrier, Chris Lawrence. I emailed Chris Lawrence and he features most in the Changelog.
<owh> kirkland: That bug report looks good to me. When you've submitted it, I think we should add it to LP. Perhaps it should also contain a link to our LP bug.
<kirkland> owh: definitely
<kirkland> owh: I've submitted it, it takes 15 minutes or so to hit the system
<owh> As in, it should link both ways.
<kirkland> owh: yes, absolutely
<owh> I mean, there's no point on doing this kind of stuff in isolation :)
<kirkland> owh: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=483285
<uvirtbot`> Debian bug 483285 in lsb-base "lsb-base: lsb status_of_proc() function" [Wishlist,Open]
<owh> I'll add it to ours
<owh> kirkland: Do you think I should also add the other Debian bug to our bug?
<kirkland> owh: i'm doing it now
<emgent> heya people
<owh> kirkland: I'll stop typing then :)
<kirkland> owh: updated https://bugs.edge.launchpad.net/debian/+source/lsb/+bug/203169
<uvirtbot`> Launchpad bug 203169 in samba ""status" function for init scripts" [Wishlist,Confirmed]
<owh> emgent: Salutations. What is your challenge today?
<ajmitch> good day
<emgent> owh: ?
<owh> kirkland: Do you think we should also add the other Debian bug: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=208010
<emgent> hi ajmitch :)
<uvirtbot`> Debian bug 208010 in debian-policy "Require init.d scripts comply with LSB" [Wishlist,Open]
<kirkland> owh: hmm, perhaps
<kirkland> owh: but the debian-policy bugs aren't nearly as pertinent
<owh> emgent: Well, when a new (new to me) person turns up and greets the room, I try to be helpful :)
<owh> kirkland: No, but it shows that we mean business :)
<owh> As in, we've done our homework as best we can.
<kirkland> owh: sure
<kirkland> owh: you can add it then, if you want
<emgent> owh: gh
<ajmitch> owh: great, so you can help me with any problems I may have? :)
<emgent> kirkland: some news from upstream and debian peope to cron ?
<owh> ajmitch: No, I know you - you're on your own :)
<ajmitch> :(
<kirkland> emgent: i haven't seen anything, sadly :-(
<emgent> argh :-\
<emgent> ok we will wait :P
<owh> ajmitch: Ask and perhaps yea shall receive.
<kirkland> emgent: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=482284
<uvirtbot`> Debian bug 482284 in cron "crontab -e should use /usr/bin/sensible-editor" [Normal,Open]
<emgent> yep i saw
<ajmitch> owh: well I don't have any ubuntu server problems today
<emgent> it`s in lp tracker
<owh> ajmitch: Well then you'll just have to take your chances :)
 * lamont still has mixed feelings about the sanity of init.d status options
<owh> kirkland: Hmm, LP doesn't like two bugs for a distro about the same thing with a different ID.
<kirkland> owh: okay, then leave as the one with the patch to lsb-base
<owh> lamont: I recall you making a comment about set -e in the code, indicating that echo $? returned nada. If I recall that report from you correctly, can you elaborate because I don't understand it.
<kirkland> lamont: what are your objections?
<kirkland> owh: that was slangasek
<owh> kirkland: Yeah, it won't take two debian-policy things.
<owh> kirkland: Hmm, my memory is fading, I'm getting old :|
<kirkland> owh: review the comments to https://bugs.edge.launchpad.net/ubuntu/+source/lsb/+bug/203169
<uvirtbot`> Launchpad bug 203169 in lsb ""status" function for init scripts" [Wishlist,In progress]
<owh> kirkland: I was just reading and noted it - my screen is on a satellite link and it was still refreshing.
<owh> kirkland: lamont commented that it needs a full spec and perhaps should be in the start-stop daemon.
<kirkland> lamont: owh: the functionality that is needed is described in the lsb spec itself
<owh> kirkland: I agree.
<owh> kirkland: To be fair, we're just providing step 1 of that, not even the full implementation, but at least the structure to hang the rest off.
<kirkland> lamont: owh: and I'm not clear on how this would work in the start-stop-daemon...  this is a 3rd party evaluation of whether or not a service is running
<kirkland> owh: what do you know of that we're missing?
<lamont> owh: if the script is running with 'set -e' active, then any non-zero return results in the immediate exiting of the script... (see any of the various posix-like shell manpages...)
<owh> lamont: Even in a function call?
<lamont> the status of -e is inherited, yes.
<owh> kirkland: Well we're only providing the infrastructure for the LSB spec. We don't provide the actual return codes for all the codes that are specified.
<kirkland> owh: right
<lamont> rather, I expect that the function would immediately exit with the non-zero status
<owh> lamont: Hold on, that makes no sense to me, we're not talking about an exit with a return code, we're talking about a function return.
<owh> lamont http://launchpadlibrarian.net/12710633/lsb.status.debdiff
<owh> That's the lsb patch we're talking about.
<lamont> -mix 790 : sh
<lamont> -mix \! : foo() { false; echo bar; }
<lamont> -mix \! : set -e
<lamont> -mix \! : foo
<lamont> -mix 791 :
<owh> hmm
<owh> lamont: So, you're saying that the pidofproc $daemon >/dev/null will terminate and never get to the next line?
<lamont> so, if the calling script is running with set -e (as is recommended for init.d scripts), and the daemon is not running, then you'll get nothing but effectively "pidofproc $daemon >/dev/null; return 1"
<lamont> exactly
<owh> Crap
<lamont> and this is why god invented if statements
<owh> If that is the case then, the rest of the lsb code is also borked.
<lamont> given my experience with the folks who tout lsb initscriptage, I find that completely unsurprising
 * lamont had the privilege of fixing a whole bunch of lsb-ized initscripts in the hoary timeframe
<kirkland> and that's the most annoying part about this whole experience
<kirkland> we're not touting lsb
<kirkland> i don't have any particular love for it
<lamont> kirkland: I never said you were
<owh> So, why are we doing this thing?
<kirkland> i simply want to be able to determine if and when most any daemon is running or not
<owh> I mean, I realise that it's needed, but its also borked.
<lamont> the lsb code just most-reminds me of something written by first-year CS students and debugged into existance: it generally works
<owh> lamont: It seems that our code has the set -e issue, but the pidofproc() function has the same issue.
<kirkland> the place that makes the most sense to put this functionality is in /lib/lsb/init-functions, as that is inherited by almost any init script
<owh> Hmm, so perhaps we need to "fix" pidofproc as well :(
<lamont> fixing lsb stuff would be a major step forward for lsb, I believe
<lamont> kirkland: and yes, in ithe init-functions makes lots of sense
<lamont> of course, since that's sourced by everyone and his brother, making it slow would also get you attention from the "I can shave .37 seconds off the boot process" people
<owh> So, lamont, is what kirkland and I are attempting just really the thin end of the wedge in your opinion, or are we just wasting our resources?
<lamont> s/process/time/
<lamont> I recognize the value of being able to see if a daemon is running.  and putting it into lsb/init-functions makes the most sense to me, given the push both in ubuntu and debian towards lsb-ized init scripts
<lamont> hrm... make that "I recognize that many people see value in being able to"...
<owh> ROTFL
<owh> Stop making jokes like that, my stomach hurts.
<lamont> at the same time, I'm not sure of the overall value to the security of the internet in having my grandmother be able to think she's doing a good job of administering a public-facing server
<kirkland> pidofproc is a function that is provided by /lib/lsb/init-functions, and is used in various places
<owh> kirkland: But if what lamont showed us is true, then it is also borked, unless I can't read the code properly.
<kirkland> owh: test your patches
<kirkland> owh: apply the init-functions patch
<owh> kirkland: Specifically, this: /bin/pidof -o %PPID $1    status="$?"
<lamont> owh: pidofproc needs a "if" in front of the /bin/pidof call, with the appropriate other changes, if it's to survive a -e script
<kirkland> owh: then patch apache
<owh> lamont: Are you talking about the same bit of code as I am?
<lamont> exactly
<owh> lamont: That's a relief :)
<lamont> just search for =.*\$\?
<lamont> :=(
<owh> Yeah.
<owh> There's more :)
<lamont> er, =.*\$?
<lamont> I like the "... || status=$?
<lamont> nice construct
<lamont> see killproc()
<lamont> that's a clean and fixed version of how to set status=$?
<kirkland> lamont: yes, that's concise
<owh> lamont: Which version of the code are you looking at, I'm looking at a gutsy one that is to hand.
<c1|freaky> is there any way to use a program as IDE on windows, and to work on files on a linux server? like u could do with the fish protocol? the only thing I need is a good IDE for windows which supports makefile projects (like eclips eg.) and I need a way to work on my files remotely in real time - does anyone know of a solution for that? maybe something like a webdrive but, i don't want to and can't
<c1|freaky> use webdav.
<c1|freaky> any idea?
<lamont> hardy
<owh> c1|freaky: Samba
<kirkland> c1|freaky: samba
<c1|freaky> it's not in my LAN
<c1|freaky> i don't want to use a VPN
<owh> c1|freaky: Set up an SSH tunnel.
<c1|freaky> ssh tunnel for what?
<owh> c1|freaky: To tunnel ftp mount for example.
<kirkland> or sshfs
<c1|freaky> there sadly seems to be no support for fish
<owh> c1|freaky: Where?
<c1|freaky> can i mount ssh fs on a windows machine?
<c1|freaky> in windows
<kirkland> dunno, haven't used windows in 8 years
<owh> c1|freaky: Run a virtual machine or a cygwin.
<c1|freaky> no i dont want that
<kirkland> c1|freaky: http://people.ubuntu.com/~kirkland/search.html?cx=003883529982892832976%3Aly2fmeg302s&cof=FORID%3A9&q=sshfs+windows&sa=Search
<owh> c1|freaky: Or boot from a Live CD :)
<c1|freaky> ive got ubuntu installed (with gnome) on my desktop pc
<c1|freaky> but i want to be able to code in windows too
<c1|freaky> and in both operating systems at the same place and i dont want to format my other partition to fat32
<c1|freaky> i could use SVN
<c1|freaky> but i dont have a simple method to manage svn repos
<lamont> and besides, svn sucks
<owh> c1|freaky: Eclipse comes with one built in :)
<owh> lamont: There is that :)
<c1|freaky> owh: with what built in?
<lamont> er, I mean, svn fails to work well for anything more than a single-developer
<c1|freaky> why should it fail its made for that
<lamont> c1|freaky: it creates branches fast (so what).  merges of any complex source project in svn are a multi-day (maybe just several hour) nightmare, since it doesn't actually track patchsets
<lamont> the current generation of version control systems (bzr, git, hg) all track branchsets, and therefore give you fast merges (which is what we do care about)
<owh> lamont: I'm looking at the hardy version of init-functions, I cannot see what you showed us as the nice construct.
<kirkland> owh: line 129
<kirkland>             /sbin/start-stop-daemon --stop --signal "$sig" --pidfile "$pidfile" --quiet $name_param || status="$?"
<kirkland> (and friends)
<lamont> and above that is "status=0", to complete the assignments
<kirkland> right, as lamont says
<owh> Hmm, while I believe you both, I must be going blind.
<c1|freaky> i gotta find a good solution for me and other people. the best thing would be direct remove access but webdav fails to support https on win vista
<c1|freaky> *remote not remove
<lamont> apparently hg (aka mercurial) provides some pretty good windoze support
 * lamont has never used hg though.
<c1|freaky> damn
<c1|freaky> i guess the only and one solution is using linux then?
<linuxmademecrazy> hello people!
<linuxmademecrazy> ._. again
<linuxmademecrazy> lol
<owh> kirkland: Line 129 is: if [ -z "$sig" ]; then
<c1|freaky> well thank you for the help
 * owh feels very dumb.
<lamont> c1|freaky: hg has a windows client (possibly a server), and provides a UI on both platforms
<kirkland> owh: you're looking at /lib/lsb/init-functions ?
<owh> kirkland: Yup.
<c1|freaky> lamont: yes but trac doesn't support it. is there any software like trac for hg?
<kirkland> owh: grep "|| status" /lib/lsb/init-functions
<owh> kirkland: Did it change between the final beta and current?
<lamont> owh: lsb-base 3.2-4ubuntu1
<lamont> c1|freaky: bugzilla comes to mind...
<lamont> or what does trac do?
<owh> lamont: Ah ha. Different version :(
<lamont> owh: welcome to hardy... :-)
<c1|freaky> lamont: example for trac: http://scm.code-1.de
<owh> lamont: Nah, the VM I launched is running hardy, final rc, no updates since.
<lamont> owh: I hope that VM isn't doing anything with SSL then... .:(
 * owh wasn't expecting any updates in lsb given the flack we got for even thinking about asking to add our function :)
<lamont> c1|freaky: ah - wiki+bug tracking...
<lamont> with an almost content free description, FTW!
<owh> lamont: No, it's a machine on my laptop, just to test bits, it's not connected to anything, provides no services, is not in production in any way.
<c1|freaky> lamont: yes, a scm and it only supports subversion and bzr with a plugin
<owh> But I'm not going to download 135Mb to update it as it's now asking me :(
<lamont> c1|freaky: sounds like an interesting challenge then... windows tends to not be well supported in opensource stuff, simply because the bulk of opensource people don't use windows, so there's little motiviation to deal with it
<owh> lamont, kirkland, given the set -e comments, I'll download the latest lsb source and make some patches.
<kirkland> owh: sounds good
 * owh has to go visit a client, so I'll be doing this tonight at the earliest.
<c1|freaky> lamont: yea ... i could use subversion ... but if it's true that subversion isn't good when working in teams that sucks
<owh> lamont: Thanks for taking the time to explain, appreciated.
<ajmitch> owh: pub lunch with a client? ;)
<owh> ajmitch: I wish :(
<lamont> owh: latest lsb source is definitely where you want to base your changes, and it doesn't help that there's a kernel update in hardy-updates...
<owh> ajmitch: Apart from that, it's 10 am around here :)
<linuxmademecrazy> anyone in here familiar with accessing a non-encrypted shared network?
<lamont> owh: glad to help
<c1|freaky> its 4 AM here
<ajmitch> owh: ah, you're a bit further west, I take it
<lamont> linuxmademecrazy: depends on what you mean by "shared network"
<owh> ajmitch: Further west than me gets wet fast.
<lamont> I mean, we all plug our machines into something that exactly matches your description, but I doubt that's what you mean,..
<kirkland> owh: okay, yeah, fixup pidofproc
<lamont> what exactly is the question?
<kirkland> owh: i'd say you should patch that separately
<kirkland> owh: open a LP and a Debian bug, link them together
<linuxmademecrazy> lamont, Umm, the network authentication is "shared". It's a shared network key. I have a lame motorola router that has been setup in a pretty unique way =/.
<kirkland> as lamont said, that should be fixed regardless of whether or not they take our status_of_proc() function
<owh> kirkland: Yeah, I'll give the whole thing the once over. Make our patch separate and make a bug/fix/patch for ubuntu and debian on the issues raised by lamont.
<lamont> owh: and remember: don't call the muppets. :-)
<linuxmademecrazy> lamont, the network authentication is "shared" and the data encryption is "disabled" and I have to provide it with a network key and an associated key index number.
 * owh is not familiar with that reference :)
 * lamont waits for linuxmademecrazy to describe the underlying authentication mechanism
<linuxmademecrazy> lamont, this is the windows properties panel http://img249.imageshack.us/img249/3467/47452358cn6.jpg
<lamont> owh: don't worry.
<owh> lamont: I suspect it has some rubberneck connotations though :)
<lamont> linuxmademecrazy: ah.  802.11-ish network
<linuxmademecrazy> lamont, I'm kinda, not that smart when it comes to linux, my strong suite is php T_T
<linuxmademecrazy> lamont, you're familiar with it?!?! =D
<lamont> familiar with 802.11.  nfc what windows means with what they've said on the control panel though
<ajmitch> linuxmademecrazy: mentioning that it's a wireless network is relatively important :)
<lamont> linuxmademecrazy: I expect that it's some incarnation of WPA or WEP
<linuxmademecrazy> ajmitch, you might be right.... xD
<owh> Later all.
<lamont> linuxmademecrazy: so the question you want to be asking is "how do I configure linux to talk to a wireless network in a manner that windows describes as 'shared authentication, data encryption disabled'?"
<kirkland> yeah, i'm calling it a night too
<kirkland> adios
<lamont> and I don't know what the answer to that question is
<lamont> g'night kirkland/owh
<linuxmademecrazy> lamont, yeah, pretty much.
<lamont> linuxmademecrazy: to make your life more challenging, people who know linux well tend to not know windows well, and vice versa
<linuxmademecrazy> lamont, ah, makes sense, I've never ever used linux before today, but I figure I should start learning, because I want to know how professional server management is done, and windows sucks when it comes to serving up some data.
<linuxmademecrazy> lamont, having no internet on my ubuntu installation makes it a lot more challenging.
<lamont> heh.  yeah
<linuxmademecrazy> I've pretty much spent all day going through all the settings in the wireless network configuration GUI
<linuxmademecrazy> The biggest problem I keep running into, is that the GUI doesn't want the associated index key that is used in association with the network key.
<linuxmademecrazy> So, I figure my solution would have to deal with the terminal/console
<linuxmademecrazy> which, I have no idea about the available commands.
<lamont> linuxmademecrazy: google can sometimes be your friend... dunno
<linuxmademecrazy> lamont, I love google, but linux documentation is very messy, and cluttered, compared to what I'm used to dealing with. I think I might have come up with one possible solution, but I don't want to switch back to my other harddrive until I have 2 or 3 possible solutions, becuase I hate wasting time for switching. This would be soooooo much easier with a second computer xD
<lamont> yep.
<lamont> linuxmademecrazy: or even vmware installed on the windows box with linux running inside that
<linuxmademecrazy> once I get this all working and I start figuring out linux, I'm going to start documenting this crap <_<
 * lamont tries to decide if he really just said that...
<linuxmademecrazy> I can't just VMware my wireless card =/
<lamont> linux needs more people who are willing to write docs
<linuxmademecrazy> Yeah
 * lamont waits for bind9 to finish building so that he can figure out if his current challenge is trivial, or a royal pita
<linuxmademecrazy> First thing I'll be doing is writing a TUTORIAL on how to start off, from scratch, setting up a fully operational apache2 web server with php5, and RoR, networking (both wireless and lan) installation will be included.
<linuxmademecrazy> After that, I'm scratching down all the terminal syntax and comands in a similar documentation style that php.net has.
<linuxmademecrazy> Well, time for the moment of truth, I'll be back =D
<m1r> hello , dhcp3-server dont start after reboot, how to fix this corect way ?
<lamont> m1r: depends on what the error is behind  "dont start" ...
<lamont> what does /var/log/daemon.log have to say on the subject?
<uvirtbot`> New bug: #235378 in samba (main) "hardy samba critically slow" [Undecided,New] https://launchpad.net/bugs/235378
<m1r> larmont , one sec
<m1r> lamont: it is working fine after i start it manually , dont see nothing strange on daemon.log
<lamont> m1r: meh.  /var/log/syslog
<lamont> sorry about that
<m1r> ok, sec
<m1r> lamont:  this one is strange line : May 28 04:20:40 m1r0-desktop dhcdbd: message_handler: message handler not found under /com/redhat/dhcp/wlan2 for sub-path wlan2.dbus.get.domain_name
<lamont> yeah, but it's also not dhcpd
<lamont> that's dbus having a small fit
<lamont> sigh.  so much for my challenge being trivial.
<lamont> m1r: that'd be "not your issue"
<m1r> lamont , yes i check further, long list in syslog :)
<lamont> m1r: so anything from dhcpd?
<m1r> dont see :/
<m1r> only for wlan2 address reciving
<m1r> lamont: i think that it isnt enabled to start at all
<m1r> lamont: where can i check for dhcp3-server being run on start ?
<linuxmademecrazy> Well, that was a fail
<lamont> m1r: oh.  when you said "run it manually" you didn't mean "/etc/init.d/dhcp3-server start" ?
<lamont> see /etc/default/dhcp3-server as well - that says what interfaces to listen on, for starters...
<m1r> lamont:  i can start it normaly with start command, but it dont start at boot , if i managed to explain good
<m1r> lamont:  it is set to eth0 in default/dhcp3-server
<lamont> ok.  what does ls /etc/*.d/*dhcp3-server say?
<lamont> should be a K file in rc1.d, and S files in rc[2-5].d
<lamont> if the links are there, then I suspect that it's trying to start before eth0 exists... if the links aren't there, then that's the issue
<m1r> ok one min to check
<m1r> it says /etc/init.d/dhcp3-server - INTERFACES="eth0"
<m1r> rc1.d have K20dhcp3-server file
<m1r> should i check S files also ?
<m1r> from 2-5 ?
<m1r> 2 also have @K file
<m1r> all have dhcp3-server info
<m1r> lamont: how u mean : ï»¿ then I suspect that it's trying to start before eth0 exists...
<lamont> does rc2.d have S40dhcp3-server?
<m1r> sec
<m1r> lamont: seems that it dosent
<m1r> lamont: only K@...
<lamont> interesting.. I expect that "mv /etc/rc2.d/K40dhcp3-server /etc/rc2.d/S40dhcp3-server" will make the problem go away, at least until maybe the next time you upgrade dhcp3-server
<lamont> as to how/why it got that way, no clue
<m1r> lamont: i was instsalling EBOX , so maybe that is problem
<m1r> lamont: i turned dhcp server OFF on ebox and maybe it deleted it
<lamont> actually, it changed it from start to kill for runlevel 2
<lamont> which is to say, "don't start dhcp3-server for runlevel 2, kthx"
<lamont> hence the behavior you're seeing
<lamont> m1r: runlevel 2 is the default, you see...
<m1r> ah
<lamont> and K files get told 'stop' and S files get told 'start' upon intering runlevel N, based on /etc/rcN.d/
<m1r> sounds little messy but i think i got the point :) tnx for this tip lamont
<lamont> m1r: man update-rc.d - the right way to fix it is burried in there _somewhere_, I expect
<m1r> lamont: so , i am not sure should i edit it manually or try through ebox interface
<lamont> well, if you do it manually, there's a chance that some future dist-upgrade will undo it...  not sure
 * lamont has never used ebox, nor does he plan to use it.
<m1r> lamont: yes i see, i will try first over ebox, then if it dont work i do manual add to rc2.d just for temp fix. tnx for help m8, really appriacte it
<lamont> np.  have fun
<m1r> yes you too , tnx m8 :)
<m1r> i go reboot to test
<m1r> lamont: it's fixed, tnx
<m1r> the dirty way :P
<lamont> heh
<Christian> hi ?
<m1r> hi
<Christian> iam searching a ubuntu-server
<Christian> apropiated
<Christian> for my pc its a old cpu
<Christian> intel pentium mmx at 233 mhz, 32 ram
<m1r> Christian: that might be a bit low even for server
<m1r> Christian: but it could run i think
<lamont> Christian: I have a PII/233 with 192MB of RAM acting as a print server
<Christian> yeah
<m1r> lamont, that is powerfull machine :D loads of ram
<lamont> amazingly, it hasn't actually used any swap
<lamont> m1r: it's acting as a CAT5<->USB adapter. :)
<m1r> :D
<m1r> what little gadgets can do ;)
<lamont> Christian: with 32MB, you may find that you have too little RAM
<Christian> m
<m1r> lowest i installed was 350mhz 128 ram if i recall
<Christian> i have a hd
<Christian> and have installed hardy heron
<Christian> but
<Christian> the hd dont runs in the pc
<Christian> old "says download a kernel apropiated for u pc
<lamont> which kernel is on the hd?
<Christian> i dont now
<Christian> the version
<Christian> is
<lamont> -generic _should_ work (that's what I'm running) on my PII/233
<Christian> hardy heron.
<lamont> I wonder if maybe you have a 64-bit kernel instead of the (necessary) 32-bit?
<Christian> its alredy intalle
<Christian> installed*
<m1r> Christian: did u install 32bit version ?
<Christian> yes
<m1r> i recall got similar error when try run 64bit on 32bit system
<m1r> Christian: u got cdrom on that machine ?
<Christian> yes
<m1r> u installed from that cdrom or on other pc then insterted HDD ?
<Christian> in other pc
<Christian> the hd its from the other pc, i install in other pc
<Christian> sorry for my english its very bad xD iam from mexico..
<m1r> i can only sugest u try install again on that PII from its cdrom
<Christian> but the bios
<Christian> its
<Christian> broken
<Christian> and dont work's
<m1r> heh :)
<Christian> i can't boot from the old pc
<m1r> broken bios ? or just cant boot ?
<Christian> i cant boot
<Christian> check
<Christian> i enter in the boot system and i changue the boot sequence CDRom, C:\, A:\,
<Christian> save changues
<Christian> reboot
<Christian> when the pc starts
<m1r> and it wont accept cd-rom for boot ?
<Christian> the bios send this error
<Christian> says
<Christian> cmos cheksum failed - loading deafult <
<Christian> and starts withh C:\
<Christian> and not with a cdrom
<Christian> :\
<m1r> that sound like battery problem to me
<m1r> battery non-functional >> ï»¿cmos cheksum failed - loading deafult
<Christian> i changued
<Christian> and tested the battery
<Christian> and works
<Christian> :S
<m1r> is ok now ?
<Christian> no
<Christian> says the same error
<m1r> what motherboard u have ?
<Christian> xD
<Christian> asus vx97
<m1r> not that i recomend , but u could try upgrade bios
<m1r> Christian: does that pc save any settings u change in bios ?
<Christian> yes
<Christian> but when i reboot
<Christian> the settings reset
<m1r> they lost ?
<Christian> to deafult
<m1r> battery
<Christian> default
<Christian> the baterry its good
<m1r> yes, imo is battery problem
<Christian> the bios
<Christian> fail
<Christian> no
<Christian> the battery its new
<Christian> and have charge
<m1r> Christian: http://www.pcguide.com/ts/x/comp/mbsys/biosReappeared-c.html
<Christian> xd
<twb> I'm trying to build a hardy/i386 (i.e. partial) mirror using debmirror, but I can't work out where debmirror gets the HTTP *directory* from.
<twb> Ah, -r
<m11> hi itn
<itn> hey
<m11> whats the problem ?
<itn> had someone start pm spamming me a bunch of trash, lol
<m11> freenode mafia yea me too
<m11> use /ignore name
<itn> ah cool
<itn> I have raid1, 750GB
<itn> hardware raid
<itn> this server is for the database
<itn> does ubuntu usually do a boot partition?
<itn> on gentoo I did 52MB /boot, 10GB /, 2GB /tmp and rest for /var
<m11> if u chose auto it'll make swap and /
<itn> yea I don't want swap
<m11> then u need manually config every partition
<itn> k, so is % all I can do?
<m11> for boot set 100 to 200mb
<m11> no
<itn> dang, that much?
<m11> :D
<itn> gentoo /boot used like 32MB - you sure I really need that much?
<twb> Why don't you want swap?  If you have 750GB, there's plenty of room for a swap partition.
<twb> itn: Ubuntu kernels and ramdisks are large.
<m11> 50mb should be enough , but...
<m11> i always make minimum 100
<itn> twb: well, according to mysql if I need swap I either don't have enough RAM or I've misconfigured the server.. also read swap can create some other probs
<itn> hm, how large is large?
<twb> itn: MySQL developers are insane, though
<itn> oh, are they? lol
<twb> If you don't have swap, and you run out of memory, the kernel will start force-killing the most memory-hungry processes
<twb> This is Extremely Not Good if those processes are important services
<m11> with 750gb disk 2gb swap shouldnt hurt
<itn> I realize that.. just have to properly configured everything
<itn> otherwise I loose a couple gigs of space
<m11> itn , always better to leave room to breathe for system
<itn> the servers goes up to 32G/ram and I'm starting with 4G
<twb> It means that with the default ulimits, a user's fork bomb can destroy your mysql database
<itn> not a multiuser system
<twb> Well, I won't try to convince you further.
<itn> heh k
<twb> Because I don't care enough about you, see.
<uvirtbot`> New bug: #235401 in postfix (main) "Please sync postfix 2.5.2-0 (main) from Debian unstable (main)." [Wishlist,Confirmed] https://launchpad.net/bugs/235401
<m11> itn always better to leave room for system to breathe
<itn> well, the manual partitioner isn't excepting MB
<itn> only %
<twb> *accepting
<twb> Are you using parted?
<itn> yes
<itn> parted?
<twb> Use the "units mb" command
<twb> Oh, you answered yes to something else.
<itn> your spelling correction =)
<itn> I'm in the gui, guessing I should get into the cli
<twb> You cannot do RAID with the LiveCD's installer
<itn> it is hardware raid
<m11> itn , i hope u didnt download livecd :D
<twb> Oh.
<itn> I downloaded the only thing that it showed available
<itn> I picked server edition / amd64 and that was it
<twb> There are three CDs: the desktop (live), alternate (d-i) and server (d-i) CDs
<itn> oh
<twb> Hmm, server edition USED to be a command-line CD
<twb> That is, no live component
<m11> still it twb :)
<twb> OK.
<m11> it/is
<twb> itn: so if you are in a GUI, you clearly aren't using the server install CD
<itn> start with gui, if you hits esc you can go to boot:
<itn> no I am
<twb> If you say so.
<itn> at text mode now
<twb> At 4:30pm I can't be bothered arguing.
<m11> :D
<itn> heh
<itn> I have ubuntu-8.04-server-amd64.iso
<m11> ok great
<m11> it should work with 200Mb as setup for boot ?
<twb> I normally give 256MB for /boot, which is plenty.
<m11> more then enough
<twb> Note that unless you're doing software raid, there's not a lot of point making /boot a separate partition
<itn> k
<itn> someone else told me that
<twb> BTW, LVM is a very good idea.
<itn> lvm?
<m11> logical volume manager
<itn> what I figured
<itn> never used one though
<twb> It allows you to free your service (say, scalix), make a snapshot partition (only takes a few seconds), then unfreeze the service.  Then you can backup from the snapshot partition and get a coherent database dump without having to stop service for the two-hour backup period.
<itn> thx for your help btw
<twb> s/free/freeze/
<itn> oh wow, very nice
<twb> it also allows you to change partition sizes, and move partitions between disks, easily.
<twb> Incidentally, if by "hardware raid" you mean "fake raid", don't use it.
<itn> well, I have a raid adapter
<twb> fake raid is the hardware raid you get on raid cards that cost $10 instead of $300
<twb> It's not really hardware raid
<itn> hm, I'm not sure then
<itn> it is LSI SAS 5/iR adapter
<twb> itn: how much did it cost?
<itn> um, a bit more than $10
<itn> let me find my dell paperwork
<twb> If it cost hundreds of dollars, it's probably real raid
<twb> If it costs tens of dollars, it's probably fake raid
<itn> it doesn't list cost, but I know I spent hundreds more to get it.. just says SATA/SAS controller
<twb> OK.
<itn> and at boot I can go into raid manager.. using integrated mirroring raid1
<itn> well hey, I don't want to take up your time.. thanks for helping me out though, appreciate it!
<itn> by the way, this installer does stink.. hitting enter at boot: brought me right back into it..
<itn> I'm out, have a good one!
<harrisony> would this be the best place to ask a ubuntu server question (about setting iup a mail server)
<hads> It would seem to be.
<harrisony> ok ive been following this guide http://flurdy.com/docs/postfix and ive followed all the steps but i cant seem to login through imap (with squirrelmail or telnet localhost imap), what logs should i be looking at first
<_ruben> /var/log/mail.log should be a decent start for mail related log messages :)
<harrisony> blank file, woo
<_ruben> jikes .. mine are filled with messages
<harrisony> i think i might of accedently deleted the logs for mail in my anger late late last night and then i recrated them with touch, yeah that was at 3 am :)
<_ruben> probably created them with faulty permissions
<_ruben> syslog.adm are proper user.group
<_ruben> 640 for chmod
<harrisony> i think i created them with root :P
<hads> Yes, don't do that :)
<harrisony> so i should first run - sudo chown syslog.adm:syslog.adm /var/log/mail*
<harrisony> oh wait, my bad syslog:adm
<_ruben> correct, and a sudo chmod 640 /var/log/mail*
<RockHound> hi everyone ... is there a away to skip the creation of the initial user on servers?
<RockHound> during installation I mean
<_ruben> why would you want to do that? and using expert mode, i think you can
<RockHound> _ruben: because I have all my users in ldap and creating a user sysadmin and then later changing his unixid to something below 1000 is always a hassle ...
<RockHound> will try with expert mode ... thx
<harrisony> hmmm, i changed the owner and perms of the files and still blank
<harrisony> (did some stopping and starting of courier and postfix)
<AnRkey> how can i get dovecot to allow outlook express clients to create folders in the inbox of an IMAP account?
<_ruben> harrisony: restart sysklogd as well
<Metatron> hey, i just got a 8.04 server install, did a sudo aptitude installx-window-system-core, but X wont start, what am i missing?
<_ruben> x on server .. yuck
<Metatron> lol yeah besides that, it should work right?
<_ruben> (and i wouldnt know the answer, never bothered to try it)
<Metatron> id did complain alot
<Metatron> it that is
<_ruben> installing some base x libs and use remote x is as close as x will come my servers
<Metatron> all right, maybe ill rethink strategy
<Metatron> what i wanted was a base line system without all the stuff, to add my own lightweight wm and fm to, a doc on ubuntu help site suggested starting wiht server install, perhaps it meant a diffrent type of server
<_ruben> well .. installing ubuntu server sure is an easy way of installing a pretty minimal base system, which could be used as a base for a desktop as well
<Deeps> Metatron: google for ubuntu mini iso, that'll do you a minimal install
<Deeps> Metatron: netinstall too mind
<Deeps> Metatron: or look for the jeos iso and try that, thats also quite small
<Metatron> this one is not the best to start from?  ubuntu-8.04-server-i386.iso
<Metatron> juice seemed too minimal
<Deeps> how so?
<Deeps> it's a base linux system with little extra crud added on top that you dont want or need, and anything that you do want you can apt-get as usual
<Metatron> just wondering why installing x-windows-system-core went so badly
<_ruben> jeos might not have enough drivers to actually work on real hardware
<Deeps> so replace the kernel
<Deeps> apt-get install linux-image-686, voila
<Deeps> anyway, i cant help you with matters relating to X, #ubuntu probably has more people with more X experience
<Metatron> ok
<Deeps> at a guess, you probably want to install xorg
<Deeps> which'll intall all required dependancies for running x
<Deeps> !show xorg
<ubottu> Factoid show xorg not found
<Deeps> !info xorg
<ubottu> xorg (source: xorg): X.Org X Window System. In component main, is optional. Version 1:7.3+10ubuntu10 (hardy), package size 1 kB, installed size 24 kB
<Metatron> i tried x-window-system-core, that used to do it back when i tried this with version 6.something
<Metatron> im thinking this 8.04 is diffrent beast
<Metatron> x is maybe perm disabled
<Metatron> semi perm anywah
<Metatron> from an about page ---By design, Ubuntu Server Edition does not include an X server
<Metatron> maybe i need to rethink quite a bit
<Deeps> indeed, it doesn't install any packages relating to X, never has
<Metatron> i was able to get x on there with old version...hmm  anway thanks ill go web spelunking awhile
<Deeps> ubuntu desktop, ubuntu server, kubuntu, they're all based on the same ubuntu base, the installer simply pick a different task at install time
<Deeps> one task generally doesn't disable another task from functioning
<Deeps> have you tried installing xorg instead?
<Metatron> not specificaly, about 40 hits with x.org in name, thought the x-window core would grab dependecny, looking now at what its called in reporsitory
<Metatron> have to physicaly move to other machine, im back and forth
<Deeps> !info xorg | Metatron
<ubottu> metatron: xorg (source: xorg): X.Org X Window System. In component main, is optional. Version 1:7.3+10ubuntu10 (hardy), package size 1 kB, installed size 24 kB
<Deeps> oh, and
<Deeps> !info openssh-server | Metatron
<ubottu> metatron: openssh-server (source: openssh): secure shell server, an rshd replacement. In component main, is optional. Version 1:4.7p1-8ubuntu1.2 (hardy), package size 248 kB, installed size 660 kB
<Deeps> easier than moving
<Metatron> x-window-system-core already put it in
<Deeps> "apt-get install xorg"
<Deeps> nm
<Deeps> good luck!
<sparkyy> hello everyone
<The_Kernel> hello
<sparkyy> I have a question if someone can help me.  Its not Ubuntu specific but I figured someone might know
<The_Kernel> well, shoot
<RockHound> beat me to it
<sparkyy> I am looking for some stats on DNS servers.  Does anyone know of stats on who uses what.  I.e. isc Bind marketshare etc.  Like what Netcraft does for webservers
<sparkyy> I think its safe to assume FOSS is up to around 40-50% of all of it but I can't find any mildly scientific studies that point to that
<RockHound> sparkyy: can't help with that, sorry ... but let me know if you find something ;)
<sparkyy> RockHound, I will.  I am quite good at this Internet thing. LOL but haven't found anything yet
<sparkyy> =)
<spiekey> hi
<sparkyy> hey
<spiekey> how could i fix this error? could not create pid file /var/run/ez-ipupdate/foo.pid (Bad file descriptor), exiting
<sparkyy> RockHound, I did!  http://www.isc.org/ops/ds/reports/2008-01/dist-servsoft.php
<RockHound> spiekey: check if the directory /var/run/ez-ipupdate is available
<sparkyy> how the F#$% is MS a top DNS server!?  Wth!?
<sparkyy> lol
<RockHound> hehe
<RockHound> sparkyy: thx
<sparkyy> yw
<sparkyy> Ok, gotta keep writing. Later yall
<RockHound> I would like to keep a file on two systems in sync (dhcpd config with failover) ... cfengine is just a bit over the top, I guess ... is there a "smaller" solution to this task?
<_ruben> rsync
<zul> rsync
<_ruben> we (the company i work) at are using a custom made cvs based script .. all configs are stored in a cvs tree, and each server checks out its own portion of files, and symlinks them in place
<RockHound> _ruben: this does not happen automagically though ... of course I can run rsync, but I would like it to copy the changes and restart the dhcpd process once I make a chance to the file ... which if I think about it, is a bad move
<_ruben> you dont want too much automation indeed
<_ruben> we sync with cvs every 10mins .. but reload dns/fw/mail services by hand
<lamont> sparkyy: if you deliver a nameserver as part of every (M$) desktop, then your numbers go up... of course, if you have a vulnerability in said nameserver...... :-(
<sparkyy> lamont, they are really good at vulnerabilities and have a proven track record of success with .....suking
<Tophat> can someone please assist me in setting ubuntu up as a NAS-server, in a windows 2003 server environment?  im wanting to backup my server with users documents on them and other important fun stuff that i can't afford to loose.
<sparkyy> but so does ISC.
 * Surfer48 Visit http://www.FakeMagazineCover.com (upload pic make mag) - http://www.SillyWebcam.com (play with webcam online) - http://www.Is-A-Jerk.com (insulter/anon email) - http://www.ComedySearchEngine.com (fun) - http://www.BodySwitcher.com (put your face on funny body) - http://www.MedChecker.com (health) - http://www.Canuckster.com (Canada eh) - http://www.Nerdful.com (geeks)
* Surfer48 changed the topic of #ubuntu-server to: -=[ www.WHAK.com ]=- Make Free/Fun Graphics Online At http://www.ImageGenerator.org =)
<RockHound> spam in IRC? thats my first
<Tophat> ....what has the world come too?
<Tophat> he just spammed the motd.
<sparkyy> wow!
<Tophat> wow.
<RockHound> jup
<sparkyy> I want to click on all of those juicy links and get some FREE crap I didn't want anyhow
<sparkyy> lol
<sparkyy> Tophat, https://help.ubuntu.com/community/SettingUpSamba
<sparkyy> Tophat, https://help.ubuntu.com/community/Swat
* Tophat changed the topic of #ubuntu-server to: ï»¿Ubuntu Server discussion and support || For general (not servehir specific) support visit #ubuntu || Get involved: https://wiki.ubuntu.com/ServerTeam/GettingInvolved || Guide to asking questions on IRC: http://www.sabi.co.uk/Notes/linuxHelpAsk.html || http://www.catb.org/~esr/faqs/smart-questions.html ||  Be patient.  Don't ask to ask, just ask.  || server guide: http://tinyurl.com/65jzxw || https://wiki.ubuntu.com/ServerTeam
* soren changed the topic of #ubuntu-server to: Ubuntu Server discussion and support | For general (not servehir specific) support visit #ubuntu | Get involved: https://wiki.ubuntu.com/ServerTeam/GettingInvolved | Guide to asking questions on IRC: http://www.sabi.co.uk/Notes/linuxHelpAsk.html | http://www.catb.org/~esr/faqs/smart-questions.html | Be patient.  Don't ask to ask, just ask. | server guide: http://tinyurl.com/65jzxw | https://wiki.ubuntu.com/ServerTeam
<soren> Heh..
<Tophat> hahah good shit soren
<Tophat> thanks sparkyy
<sparkyy> np
<majikins> hello - I'm trying to find a how-to on openafs server with kerberos
<majikins> can anyone point me in the right direction pls?
<zul> google.com perhaps?
<majikins> tried that
<majikins> maybe I'm searching wrong
<majikins> lots of articals on universities and stuff using this but there does not seem to be any how-to's
<majikins> and openafs.org is not reachable
<majikins> has anyone implemented openafs on Heron?
<majikins> hi - has anyone implemented openafs with kerberos?
<mccune> Hi, should /etc/hostname contain my fully qualified domain name, or just the host part of the fqdn?  hostname -f doesn't return the fqdn, like I expect it to and I'm trying to sort out why.
<Ap4ch3> lol.. noc dude rebooted server (ubuntu, exim mx) without speaking to anyone, now all hell has broken loose... thing probably only had pr0n spam on it anyway! :D
<infinity> mccune: If you have some (any) way to append a domain name to your hostname, /etc/hostname should only contain the host part.
<infinity> mccune: For example:
<infinity> adconrad@loki:~$ head -n 1 /etc/resolv.conf
<infinity> domain 0c3.net
<infinity> adconrad@loki:~$ cat /etc/hostname
<infinity> loki
<infinity> adconrad@loki:~$ hostname -f
<infinity> loki.0c3.net
<infinity> mccune: If you don't have domain/search directives, an FQDN in /etc/hosts will do the trick too.
<fbond> Hi, when I install a kernel upgrade on my server via aptitude, update-grub doesn't get run automatically anymore.  I recently upgraded to hardy.  Any ideas?
<fbond> I see that update-grub is now run by a "trigger", rather than via the postinst script.
<fbond> Ought I be doing something special to kick the trigger?
<mccune> infinity: Hrm.  I have the following.  echo ftp > /etc/hostname, "domain asp.ntst.com" in resolv.conf and 127.0.1.1       ftp ftp.asp.ntst.com in hosts.  I ran sudo /etc/init.d/hostname.sh and "hostname -f" still returns ftp, not ftp.asp.ntst.com
<mccune> infinity: Ah, I swapped positions in /etc/hosts, and hostname -f now runs as expected.  So "127.0.1.1       ftp.asp.ntst.com ftp" in /etc/hosts does the trick for me.
<infinity> mccune: Yeah, FQDN always comes first in hosts.
<mccune> infinity: I was following the convention for localhost localhost.localdomain, which threw me off.
<infinity> fbond:
<infinity> adconrad@cthulhu:~$ tail -n 2 /etc/kernel-img.conf
<infinity> postinst_hook = update-grub
<infinity> postrm_hook   = update-grub
<infinity> mccune: That's just as incorrect.  If you actually want localhost.localdomain to resolve to anything useful, those need to be swapped too.
<fbond> infinity: I have no kernel-img.conf.  I can create it, of course, but I'm wondering if the current behavior that I'm seeing is intended?
<infinity> fbond: It should have been created by the linux-image-$ver-foo postinst, I believe.
<fbond> infinity: I don't have it on my workstation, either...
<osmosis> are there docs for setting up software raid 5 on ubuntu ?
<infinity> fbond: Hrm, it might be the installer that creates the initial kernel-img.conf, actually.
<infinity> fbond: Not positive on that, but it looks like the bit in the kernel postinst that would do it will always be a no-op.
<infinity> fbond: It's definitely the installer that writes the grub bits anyway, since the kernel postinst doesn't have that logic.
<infinity> fbond: So, the million dollar question is "did you install without the aid of an installer?"
<infinity> fbond: (For instance, my server was debootstrapped by hand, and I had to create kernel-img.conf myself(
<fbond> infinity: Well, I don't remember for my server, I may have done some things manually through an upgrade.  However, my workstation was a different story (I think).  I could be misremembering any of this.  I can't say I'm not very intrusive when it comes to APT.
<fbond> Both of my machines got to hardy via upgrades, though.  Is it possible that the upgrade doesn't create kernel-img.conf like it should?
<infinity> fbond: We've been creating kernel-img.conf in our installers (d-i or ubiquity) since the dawn of time, I believe.
<infinity> The only way to not have one would be to either (A) install without an installer, or (B) delete it after installation.
<infinity> I can't be 100% sure on that, but I'm fairly certain.
<fbond> Hm.  Neither of those sounds right.
<infinity> I supopse a plausible 3rd option is "install eons ago, say, a woody or earlier system, then upgrade for years, through Debian and Ubuntu releases until today".
<fbond> Nope, definitely not that old.
<infinity> Not sure what else to say...
<fbond> Indeed.  I've no idea.  And I'm missing it on two machines.
<infinity> We've been using grub as the default bootloader in Ubuntu since we first released, and if kernel-img.conf isn't there, update-grub would never have worked.
<fbond> infinity: Okay, I believe it.  It must be my fault, somehow.
<fbond> Just not sure how.
<fbond> Oh, I do use the netinstall installer...
<fbond> In fact both of these machines were installed this way.
<infinity> I'm not certain it's your fault, but I'm not entirely sure how to track down how it could be our fault either, unless you (A) knew you had the file at some point and (B) could pinpoint when it went away.
<infinity> Ahh.
<fbond> But I'm pretty sure that update-grub used to run at the right times on both of these machines.
<infinity> Netinstall might not run grub-installer.  It's retty lightweight.  Almost as lightweight as just debootstrapping to a chroot.
<fbond> I would've noticed, otherwise.
<infinity> Again, though, can't be positive on any of this.  I'm not an installer expert, per se.
<fbond> Hm.  Interesting.
<fbond> I'm convinced that I never had kernel-img.conf.
<infinity> You may have never noticed or cared if your menu.lst had an entry at one point for vmlinuz.
<fbond> But I'm also convinced that update-grub used to run on these machines, despite this missing config file.
<infinity> Since that would always "Just Work", without ever running update-grub.
<fbond> Hmm.
<infinity>  But if the symlinks went away, or menu.lst lost the symlink entries, you need update-grub to catch new kernel versions.
<infinity> (And I believe recent versions of update-grub now skip symlinks to avoid duplicate entries)
<infinity> And THAT may be your bug.
<fbond> Okay.
<infinity> Yo umay have never had the post-hook in kernel-img.conf, but an upgraded grub (which runs update-grub in its own postinst) might have blatted out the symlink entries, leaving you with only versioned boot choices.  And then a new kernel wouldn't get caught, cause nothing's running update-grub on new kernel installs.
<infinity> Does *that* sound plausible? :)
<infinity> If so, that might be a real upgrade bug.
<infinity> If older shipped versions used to assume the symlink entry would "just work".
<fbond> Is it possible that the default values for /etc/kernel-img.conf (the values that I'd get if I didn't have such a config file) would be update-grub for posthook, prehook, and that those defaults changed with hardy?
<infinity> We might need some clever upgrade logic in... Some random package (perhaps grub itself) to check if menu.lst has a symlink entry, and if so, write out a kernel-img.conf before running update-grub and killing the symlink choice.
<infinity> No, we've never run update-grub from the kernel postinst without having a kernel-img.conf
<infinity> That would blow up horribly on systems without grub (say, all the LILO installations out there, especially back when LILO was the only way to boot certain RAID setups)
<stefg> I have a hardy samba server running ebox as webmin replacement. The funny thing is: WinXP clients connect just fine, but /my/ Desktop (which is hardy as well) can't even browse the shares on the server, let alone access them :( so my desktop-machine can browse other peoples shares on their XP boxes but not he hardy server. Any clue givers what'S going on ?
<infinity> Anyhow, I'm supposed to be in bed, sick, not prattling on on IRC..
 * stefg suspects some authentication problems
<zul> infinity: any reason why we dont ship a pear.conf?
<Assid> heya
<Assid> is it me or is ubuntuforums down?
<stickystyle> Assid: just you.
<Assid> its ridiculously slow
<stickystyle> Perhaps do a traceroute, as its zipping along just fine for me.
<Assid> yeha just started working
<Assid> 2 other people saying it was slow at that time
<Assid> must be crazy loads
 * stickystyle shurg
<Assid> hrmm
<Assid> you guys ever installed openvz on a ubuntu host ?
<uvirtbot`> New bug: #226512 in php5 (main) "php-pear's default system-configuration-file directive is non-existent" [Undecided,Fix released] https://launchpad.net/bugs/226512
<zul> mathiaz: ping what do you think about samba 4 in universe?
<mathiaz> Assid: some people are doing it - https://help.ubuntu.com/community/OpenVZ
<mathiaz> zul: well - samba 4 is still alpha code
<mathiaz> zul: it's not even in debian
<mathiaz> zul: so as of now, I don't see the point of uploading it to universe
<zul> mathiaz: I know the debian guys are packaging it right now so when they are happy with it we could think about it later
<Assid> cool
<Assid> im thinking of running a ubuntu server next
<Assid> with this
<mathiaz> zul: right - there is a samba4 branch in debian svn repository
<mathiaz> zul: I don't know when the package will be uploaded
<mathiaz> zul: it will probably uploaded to experimental
<zul> mathiaz: true
<Koon> zul: if you follow Dan Shearer thoughts, samba v3+backports will be ready before v4 does (for purposes of AD functionality)
<zul> then maybe 3.2 then
<mathiaz> dendrobates-: could you modify this blueprint https://blueprints.launchpad.net/ubuntu/+spec/kerberize-main-clients ?
<mathiaz> dendrobates-: and make me the drafter so that I can modify it
<Tophat> what is the latest git resp?
 * Tophat is embarassed for asking the wrong room :(
<zul> resp?
<Tophat> sorry , im still in the days of cvs ><
<zul> kernel.ubuntu.com/git
<Tophat> thanks mate
<dendrobates-> mathiaz: done
<mathiaz> dendrobates-: hum - it was actually https://blueprints.launchpad.net/ubuntu/+spec/kerberize-main-servers..
<osmosis> are there docs for setting up software raid 5 on ubuntu ?
<zul> dendrobates-: yay picutres :)
<emgent> heya people
<Assid> why are some sites just stupidly slow today
<majikins> hello I'm trying to find instructions for installing openafs with kerberos on heron
<majikins> has anyone done this?
<majikins> has anyone setup openafs with kerberos?
<Nicke> majikins: You mean an afs server? (versus just setting up openafs-client?)
<bdmurray> kirkland: ping
<kirkland> bdmurray: yo
<bdmurray> Did you get your gear back?
<majikins> Nicke: yes
<kirkland> bdmurray: nope :-/
<Nicke> majikins: okey, then I don't know :/
<bdmurray> gah, that sucks
<bdmurray> kirkland: I'm looking at the doc search and noticed there irclogs aren't listed as being searchable but are
<kirkland> bdmurray: yeah, i'm bummed about losing the pictures
<kirkland> bdmurray: interesting, what's the url for the irc logs?
<bdmurray> oh, maybe they aren't weighted?
<bdmurray> irclogs.ubuntu.com
<majikins> bugger - lots of recommendations on the net but no straightforward howto
<kirkland> bdmurray: my search actually searches everything in the world that google knows about, but gives preference to about 20 or so ubuntu-related sites
<bdmurray> right, but no preference is given to irclogs.ubuntu.com ?
<kirkland> bdmurray: i'll add it ;-)
<bdmurray> cool, thanks
 * faulkes- looks at the clock
<faulkes-> meeting today?
<Koon> faulkes-: in 40 min.
<faulkes-> just trying to see how long I can outlast the urge to pour myself a martini
<Koon> I could use a Martini too :)
<m13> hello
<m13> i tried using this tutorial for internet sharing http://raldztech.blogspot.com/2005/12/how-to-share-internet-connection-in.html and i lost conection to internet completly. any tips how to fix this ?
<AlexC_> hey all
<faulkes-> heya
<nealmcb> server team meeting in #ubuntu-meeting in 2 minutes....
<m13> nealmcb: can publics join ?
<zul> m13: its open to the public yes..
<ScottK2> Good day all.
<emgent> hi ScottK2 :)
<owh> FYI, meeting is currently in #ubuntu-meeting.
<ScottK2> owh: Thanks.
<mathiaz> kees: could you stop by #ubuntu-meeting ?
<mathiaz> kees: we're talking about limesurvey and audit
<kees> mathiaz: sure, one moment
<mathiaz> owh: what is your timezone ?
<owh> UTC +8
<mathiaz> owh: ok - thanks
<sommer> ScottK2: any opinion on Bug #234927 ?
<uvirtbot`> Launchpad bug 234927 in php5 "delay php script execution on cli" [Undecided,New] https://launchpad.net/bugs/234927
<owh> zul: So, what was with the DCS elation?
<mathiaz> kees: what's the website you use to figure out meeting times ?
<nijaba> mathiaz: timeanddate.com
<owh> Meeting Planner <http://timeanddate.com/worldclock/meeting.html>
<owh> Better still: The Advanced Meeting Planner <http://timeanddate.com/worldclock/advmeeting.html>
<mathiaz> dendrobates-: could you set me as the drafter for https://blueprints.launchpad.net/ubuntu/+spec/kerberize-main-servers ?
<m1r> ï»¿what is with 8139 realtek complaining to use 8139too driver on server boot ? i have 2 of those cards in server
#ubuntu-server 2008-05-29
<zul> owh: its apart of a spec that was discussed at UDS
<emgent> hey people
<emgent> please take a look in planet about rapache
<kirkland> bdmurray: ping
<stickystyle> emgent: thats pretty intersting...does anything exist yet?
<JanC> emgent: sounds cool  ã
<emgent> stickystyle: pre-pre-alpha
<bdmurray> kirkland: pong
<emgent> i will push it
<kirkland> bdmurray: updated http://people.ubuntu.com/~kirkland/search.html
<stickystyle> is the focus the actual apache2 config, or vhost config?
<kirkland> bdmurray: added an irclogs filter, plus a few more
<emgent> stickystyle: the goal is for all apache2 managing (VHOST, SSL, PHP and more)
<emgent> I hope to do it for Intrepid
<bdmurray> kirkland: cool, what about changelogs? maybe via -changes mailing lists?
<kirkland> bdmurray: good call, i might put that under "Code"
<stickystyle> emgent: well I'll be folowing it.  Quite a undertaking, best of luck with it.
<kirkland> bdmurray: http://changelogs.ubuntu.com/
<bdmurray> oh yeah, that'd be better ;)
<emgent> stickystyle: thanks :)
<kirkland> bdmurray: done!
<uvirtbot`> New bug: #235625 in samba (main) "CIFS: broken support of symlinks" [Undecided,New] https://launchpad.net/bugs/235625
<newzen> hi all,   I liked to install ubuntu 8,04 on IBM X3400 but on this page http://webapps.ubuntu.com/certification/hardware/200712-192/ say compatible and not certified. That means something is not working??
<newzen> some body here :)
<infinity> newzen: "Compatible" is fine.
<newzen> everything works on that status??
<infinity> Should do.
<infinity> Most of the machines in the Canonical DC are HP Proliants, and they're all just "compatible". :)
<newzen> ok, ty infinity. im going to install ;)
<newzen> quit
<PCChris> I'm trying to setup ISPConfig with Apache but when I visit certain pages on ISPConfig I get "The connection to 127.0.0.1:81 was interrupted while the page was loading."
<PCChris> I also get "The connection to 127.0.0.1:81 was interrupted while the page was loading." while starting Apache
<PCChris> *"apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1 for ServerName" while loading Apache
<mathiaz> sommer: congrats for your membership :) !
<sommer> mathiaz: thanks man
<PCChris> ...anybody have any ideas?  It would be greatly appreciated.
<sommer> PCChris: sorry never used ISPConfig, what is it?
<PCChris> a web based control panel to manage servers, databases, etc.
<PCChris> idk if I have an ssl problem
<PCChris> now I get "SSL received a record that exceeded the maximum permissible length."
<sommer> PCChris: are you using a cert from a CA or self-signed?  not sure if it makes a difference though
<PCChris> self-signed...or trying to at least
<sommer> are there any other errors in /var/log/apache2/error.log ?
<sommer> at least ones that pertain
<PCChris> checking that
<PCChris> doesn't look like it
<PCChris> Last thing is "[Wed May 28 21:07:24 2008] [notice] Apache/2.2.8 (Ubuntu) PHP/5.2.4-2ubuntu5.1 with Suhosin-Patch mod_ruby/1.2.6 Ruby/1.8.6(2007-09-24) mod_ssl/2.2.8 OpenSSL/0.9.8g configured -- resuming normal operations"
<sommer> regarding "127.0.0.1:81" did you configure apache to listen to port 81?
<PCChris> ISPConfig listens on port 81 by default after it changes some configs
<RoAkSoAx> PCChris, there is a great howto for ISPConfig on www.howtoforge.com
<sommer> PCChris: did you install ispconfig from a ubuntu package?
<PCChris> I see the "first steps" one but I can't even get to some of the settings pages it mentions
<PCChris> sommer: no, manual install
<PCChris> I don't believe there is a package for it
<RoAkSoAx> PCChris, i have followed step by step this: http://www.howtoforge.com/perfect-server-ubuntu8.04-lts and it worked just fine
<PCChris> I actually followed that, though it doesn't go into ISPConfig installation
<PCChris> I can re-read through it to see if I missed anything
<PCChris> It may be good to mention I'm using the desktop Ubuntu and not the server edition
<RoAkSoAx> PCChris, after following that howto, i followed this: http://www.ispconfig.org/manual_installation.htm as told in the howto
<RoAkSoAx> and it worked without problems
<PCChris> that's where I went and I got all the way through the setup w/o problem but then when I try to go to pages such as server settings in ISPConfig it gives me errors
<RoAkSoAx> weird then.. maybe you missed something or is something related to the username you using or with the config.
<RoAkSoAx> cuz, i followed it and had full access to everything
<PCChris> additionally, some of the images in the ISPConfig interface are broken
<RoAkSoAx> PCChris, maybe is realted to the ISPConfig version you've installed
<PCChris> I got the newest one
<PCChris> stable
<RoAkSoAx> i think i installed the unstable one
<RoAkSoAx> maybe that's why
<PCChris> hmm...
<PCChris> do you know anything about the v3 one?
<PCChris> ...or what uninstallation entails [if anything]?
<RoAkSoAx> don't really know that... but should be an uninstall script somewhere in the source folder
<PCChris> sure you're using the unstable one?
<RoAkSoAx> PCChris, yeah v3
<RoAkSoAx> that's the one i used
<PCChris> ISPConfig 3 Beta?  Sorry, just don't want to crash my whole computer or anything, I've been through reinstallations before...
<m13> i am following tutorial on internet conection sharing , but it seems i cant get it to work. it looks pretty straight forward but after i reboot i lose connection to internet. http://ubuntuforums.org/showthread.php?t=91370 , any help is appriciated.
<RoAkSoAx> PCChris, yeah i used that one... in a VPS server
<PCChris> thanks, I'm installing now (installation guide also seems more thorough)
<PCChris> btw, what do you put for domain name if you're using a redirection service to redirect to your ip?
<RoAkSoAx> PCChris, i think that domain is used for the DNS server... so i guess you could use it aswell... i've never tried that but should be the domain that the server manages
<RoAkSoAx> m13, you want to share your inet connection for other to connect through your wireless card?
<m13> RoAkSoAx: think i got it runing
<m13> RoAkSoAx: router(net)/AP----wlan2/eth0---switch for internal network
<RoAkSoAx> m13, cause if you want to share your inet connection through a ethernet card, you only need 2 lines, 1 to enable packet forwarding and the other to introduce the iptables rule
<m13> yes wlan2 is incoming / eth0 is outgoing
<m13> seems i got it runing as server is updating finally :)
<RoAkSoAx> m13, so you just need to enable packet forwarding and the iptables rule...
<m13> RoAkSoAx: dnsmasq and ipmasq ?
<RoAkSoAx> not really
<m13> RoAkSoAx: problem is i want serve later PXE install server on same network over eth0 so i got dhcp server setup and since dnsmasq already got dhcp in it i thought i would need to do some tinkering on it
<RoAkSoAx> sudo iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -o eth1 -j SNAT --to 192.168.1.31 -->my iptables rule. 192.168.0.0 is my internal network that the ethernet card manages (you need to put IP 192.168.0.1 to the ethernet card) and eth1 is the output iface (which is wireless) and 192.168.1.31 is the IP of eth1
<m13> RoAkSoAx: u using wireless access as internal network ?
<RoAkSoAx> m13, w. router->wlan.laptop.ethernet->ethernet.desktop
<m13> RoAkSoAx: ah i see , same setup i want then
<m13> RoAkSoAx: so u think i can uninstall dnsmasq and ipmasq ?
<RoAkSoAx> i do that because i have 4 VM's on laptop and 4 o desktop and i need bridged networking, and vmware does not amange bridged networking for wireless cards
<m13> RoAkSoAx: i use vbox for that and have usb wlan card, it is working ok
<RoAkSoAx> m13, yeah i would do.. i only have enabled packet forwarding and use that iptables rules, and set static IP's. If you want dynamic you can install a dhcp server
<RoAkSoAx> m13, yeah in vbox works, but i like vmware better xD
<m13> RoAkSoAx: i need DHCP for PXE install server later on eth0
<m13> RoAkSoAx: important is that it does the job , for VM's :)
<RoAkSoAx> m13, tyou can follow this simple config for dhcp: http://doc.ubuntu.com/ubuntu/serverguide/C/dhcp.html
<m13> RoAkSoAx: i check
<m13> RoAkSoAx: i have similar config and added lines for pxelinux.0 , think it should be ok
<RoAkSoAx> yep it should
<m13> RoAkSoAx: many tnx for help and info m8 , server is upgrading :)
<RoAkSoAx> haha welcom ;)
<m13> oh nice ,ssh fix already working :)
<PCChris> I unfortunately ran into a new problem
<PCChris> "modprobe capability
<PCChris> FATAL: Module capability not found."
<RoAkSoAx> PCChris, are u installing it as root?
<PCChris> yes
<PCChris> I did a sudo su
<RoAkSoAx> sudo -i
<RoAkSoAx> the correct way to enter root terminal is to use sudo -i
<RoAkSoAx> but i doubt that that was the problem
<PCChris> oh, I was just following the ispconfig instructions
<PCChris> nope, didn't fix it
<RoAkSoAx> PCChris, have you verified that you have to modprobe "capability" por is it other name and maybe u using the example one
<PCChris> it's capability
<RoAkSoAx> weird then.. so the kernel does not has that module enabled then
<PCChris> Is there a way to fix that then?
<RoAkSoAx> PCChris, what do you need that module for?
<PCChris> idk, it was just in the instructions
<PCChris> pureftpd or quota it looks like
<RoAkSoAx> of ispconfig?
<PCChris> yes
<RoAkSoAx> i checked the instructions and i cant find that
<PCChris> I'm in the installation text that comes with v3
<RoAkSoAx> PCChris, follow the one online for v2 version
<RoAkSoAx> when i installed, i don't remember doing that
<PCChris> ok, I think I might be able to install pureftpd through Synaptic though
<uvirtbot`> New bug: #235646 in likewise-open (main) "Cannot Print to PDF using Likewise-Open" [Undecided,New] https://launchpad.net/bugs/235646
<RoAkSoAx> yes you can
<PCChris> I'll just try Synaptic first, then if I run into more problems I'll probably go to the online guide
<RoAkSoAx> maybe it is because you haven't install pureftp
<PCChris> ï»¿RoAkSoAx: going good so far (I was stuck on some MySql stuff until I realized I kept putting in the wrong root password)
<RoAkSoAx> lol
<RoAkSoAx> haha it happens
<PCChris> aggh!  httpd not running is what I get now
<phynix> does a dhcp server have to be plugged in as a "gateway"
<RoAkSoAx> no
<RoAkSoAx> phynix, not necessary
<Kamping_Kaiser> PCChris, what are you trying to do?
<PCChris> start apache
<phynix> hmm ok. I have one set up. It assigns addresses but won't allow internet connecton to the wan
<Kamping_Kaiser> PCChris, whats the bigger picture?
<PCChris> I  sudo /etc/init.d/apache2 restart then it says apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1 for ServerName
<PCChris> httpd (pid 9994?) not running
<Kamping_Kaiser> the hostname error isnt fatal. its just an annoyance (most of the time).
<Kamping_Kaiser> PCChris, check /var/log/apache/{access,error}.log and check the output
<PCChris> http://pastebin.ubuntu.com/15462/
<osmosis> anyone know what causes high IO wait times with 3ware controllers?
<Kamping_Kaiser> crap controller?
<Kamping_Kaiser> PCChris, and apache /is/ running or /isnt/ currently?
<Kamping_Kaiser> unable to start piped log program '/root/ispconfig/cronolog --symlink=/var/log/httpd/ispconfig_access_log /var/log/httpd/ispconfig_access_log_%Y_%m_%d': No such file or directory
<Kamping_Kaiser> ^^ ispconfig?
<uvirtbot`> Kamping_Kaiser: Error: "^" is not a valid command.
<PCChris> it is not currently
<Kamping_Kaiser> uvirtbot`, bugger off
<uvirtbot`> Kamping_Kaiser: Error: "bugger" is not a valid command.
<Kamping_Kaiser> whois is the bot?
<Kamping_Kaiser> *who's
<Kamping_Kaiser> nijaba, is it yours?
<Kamping_Kaiser> PCChris, i have no idea about ispconfig, so i'm not keen to try and unbreak something its touched
<uvirtbot`> New bug: #235653 in nut (main) "ACL covering all IPv4 addresses is broken in 2.2.1" [Undecided,New] https://launchpad.net/bugs/235653
<PCChris> ï»¿RoAkSoAx: any ideas?
<RoAkSoAx> PCChris, what does it says when you do /etc/init.d/apache2 start
<PCChris> apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1 for ServerName
<RoAkSoAx> PCChris, you need to add ServerName ip-address in /etc/apache2/apache2.conf i think
<RoAkSoAx> dont have apache installed currently
<RoAkSoAx> but is in the config file for apache
<PCChris> I g2g, sorry
<PCChris> will have to look at it later
<Kamping_Kaiser> RoAkSoAx, the correct thing would be to fix his hostname, not hack around it :)
<RoAkSoAx> Kamping_Kaiser, i always had the same warning even if i had the correct hostname
<Kamping_Kaiser> RoAkSoAx, then your hostname was setup wrong :)
<RoAkSoAx> Kamping_Kaiser, don't think so...  ;) :P
<Kamping_Kaiser> the only time you should have to set it in apache is if your making the apache hostname different to the system hostname
<Kamping_Kaiser> RoAkSoAx, i'm right, your not :P *grin*
<RoAkSoAx> Kamping_Kaiser, if that's so, hostname, hostname -f, and uname -n commands wouldn't show the hostname correctly
<Kamping_Kaiser> RoAkSoAx, hostname -d needs to be happy too (and hostname -a, but that should be ok if the others are)
<RoAkSoAx> they are ;)
<Kamping_Kaiser> :)
<mokzu> is it best to build server from JEOS for the best performance?
<Kamping_Kaiser> seems excessive
<hads> And you'd end up with the same stuff, just installed slower :)
<Kamping_Kaiser> nod :)
<mokzu> well that's pointless then, i'll go for full server
<mokzu> is ebox and webmin a good combo for management?
<Kamping_Kaiser> no. i can recommend vim and screen though
 * hads giggles
<hads> I was about to type that.
<mokzu> lol
<Kamping_Kaiser> lol
<specialKevin> lol
<mokzu> \o\
<Kamping_Kaiser> :o hehe
<mokzu> i like timesaving devices
<ajmitch> hads: surely you wouldn't
<hads> Hey ajmitch :) how goes the bug fixing?
<ajmitch> mind rotting, need beer...
<hads> :)
<ajmitch> I've got at least the major ones out of the way for today
 * Surfer20 Visit http://www.FakeMagazineCover.com (upload pic make mag) - http://www.SillyWebcam.com (play with webcam online) - http://www.Is-A-Jerk.com (insulter/anon email) - http://www.ComedySearchEngine.com (fun) - http://www.BodySwitcher.com (put your face on funny body) - http://www.MedChecker.com (health) - http://www.Canuckster.com (Canada eh) - http://www.Nerdful.com (geeks)
* Surfer20 changed the topic of #ubuntu-server to: -=[ www.WHAK.com ]=- Make Free/Fun Graphics Online At http://www.ImageGenerator.org =)
<hads> Hmmm
* hads changed the topic of #ubuntu-server to: Ubuntu Server discussion and support | For general (not servehir specific) support visit #ubuntu | Get involved: https://wiki.ubuntu.com/ServerTeam/GettingInvolved | Guide to asking questions on IRC: http://www.sabi.co.uk/Notes/linuxHelpAsk.html | http://www.catb.org/~esr/faqs/smart-questions.html | Be patient.  Don't ask to ask, just ask. | server guide: http://tinyurl.com/65jzxw | https://wiki.ubuntu.com/ServerTeam
<Kamping_Kaiser> "not servehir specific"?
<hads> heh, that was the last topic before the spam.
* hads changed the topic of #ubuntu-server to: Ubuntu Server discussion and support | For general (not server specific) support visit #ubuntu | Get involved: https://wiki.ubuntu.com/ServerTeam/GettingInvolved | Guide to asking questions on IRC: http://www.sabi.co.uk/Notes/linuxHelpAsk.html | http://www.catb.org/~esr/faqs/smart-questions.html | Be patient.  Don't ask to ask, just ask. | server guide: http://tinyurl.com/65jzxw | https://wiki.ubuntu.com/ServerTeam
<Kamping_Kaiser> i never notice topics getting changed :/
<kraut> moin
<RockHound> moinsen
<liassist> hello, my quey is that i want to run ubuntu server with a gui pkakage (openbox3 or fluxbox or icewm) i also want a tftp server to share data to only 2 clients(my system is 256mb ram 1.4ghz processer and 64mb vram)
<liassist> will it work on this config and will it be easy to install other DE or WM easily
<soren> That is not a question.
<soren> Yeah, sure it'll work.
<liassist> so is install openbox or fluxbox easy and does ubuntu server has all the pakages ubuntu dektop has
<soren> Ubuntu server and desktop share the same repositories.
<soren> Ubuntu server just installs less packages by default.
<soren> ..and a different kernel.
<soren> That's it.
<liassist> what will e the best gui ican run on ths server (iam using it because gnome and kde are very slow)(i want good graraphics and all menu's etc.. all most like gnome)
<liassist> *e be
<soren> xfce, probably.
<soren> I don't see why you want a gui on your server, though.
<liassist> iam not soo good at the CLI also the server will be my desktop (ubuntu has preloaded GUI's)
<Kamping_Kaiser> you cant properly admin a server through a gui
<liassist> yes that is another reason but mainly for a desktop
<liassist> xfce gives good but i want to know if it will give me enough memory to run a 96mb application
<liassist> its just a tftp server (it will be desktop mainly)
<soren> What 96MB app?
<liassist> Counter-strike server (approx 96mb )
<Kamping_Kaiser> so your running a desktop, apache, counterstrike all on 264mb of ram?
<Kamping_Kaiser> *254
<liassist> *256
<Kamping_Kaiser> :| i'll get there eventually
<liassist> not all togteher
<liassist> i want a desktop that will run good (not slow) on my system with anyothe gui (not xubuntu)
 * Kamping_Kaiser leaves you to it
 * soren points liassist at the topic
<liassist> please, tell me how to install openbox3 or fluxbox or icewm
<soren> please, ask in #ubuntu
<liassist> on ubuntu server
<liassist> "server"
<soren> I just told you...
<soren> !
<soren> 07:46:59 < soren> Ubuntu server and desktop share the same repositories.
<soren> 07:47:07 < soren> Ubuntu server just installs less packages by default.
<soren> 07:47:11 < soren> ..and a different kernel.
<soren> 07:47:14 < soren> That's it.
<soren> "For general (not server specific) support visit #ubuntu" <--- It's in the topic
<soren> This is not server specific.
<soren> You're asking about installing desktops.
<liassist> ok thanks soren (last are there any GUI pakages for TFTP)
<soren> I very much doubt it.
<soren> Why tftp?
<liassist> ftp will do or vsftp
<Kamping_Kaiser> *why* do you want ftp
<Kamping_Kaiser> at all
<liassist> to share data with only 2 clients
<Kamping_Kaiser> then your not after tftp. and depending on the clients, use scp/rsync/anythingthatsnotftp
<liassist> a way to share data (smb will do?)
<Kamping_Kaiser> depends on the clients. ..
<liassist> thier winxp clients
<Kamping_Kaiser> smb probably then. (although it doesnt such a whole lot less then ftp)
<spiekey> Hello!
<spiekey> http://pastebin.com/m6678dfeb --> how can i only install the ssh blackilst?
<spiekey> oh, and openssh-client openssh-server
<spiekey> i do not want to upgrade the kernel stuff
<liassist> security? will that will be an issue (i've installed selinux)
<Kamping_Kaiser> spiekey, just apt-get install , it'll update them
<spiekey> Kamping_Kaiser: very cool! thanks!
<spiekey> this channel rocks :)
<Kamping_Kaiser> aww :)
<spiekey> :))
<liassist> :)
<Kamping_Kaiser> liassist asked in both #debian and here about that quetion, fyi
 * Kamping_Kaiser gets irate over that (it may have shown)
<danshearer> 'morning all
<soren> o/
<danshearer> dag, soren
<danshearer> Some docs on the possibility of the openldap AD proxy are here:
<danshearer> http://www.connexitor.com/forums/viewtopic.php?f=6&t=20
<danshearer> as well as 'man slapo-translucent'
<soren> Cool.
<Koon> bonjour Dan
<danshearer> Koon: salut Thierry
<spiekey> can i use a public ubuntu generated ssh-key for putty, too?
<InsomniaCity> you need to use puttygen to convert ssh-keygen'd keys into ppk format.
<simplyubuntu> hello everyone.... can anyone help me with setting up a home file/print server?
<simplyubuntu> or direct me to a good guide....
 * danshearer is away: back in an hour
<fohdeesha1> halpppp
<Kamping_Kaiser> !ask | fohdeesha1
<ubottu> fohdeesha1: Please don't ask to ask a question, ask the question (all on ONE line, so others can read and follow it easily). If anyone knows the answer they will most likely answer. :-)
<fohdeesha1> whats the package that gives the console fonts, so folder show up one color files another etc
<Kamping_Kaiser> thats an ls setting
<fohdeesha1> really? I thought it was a package
<Kamping_Kaiser> it may be. but its an ls setting
<Kamping_Kaiser> ls --color=auto
<hads> Should be set by dircolors which is in coreutils which will be installed.
<fohdeesha1> ah thanks that did the trick, although my buddy always installed some fonts package which did that automatically
<Kamping_Kaiser> hads, whats dircolors do exactly, apart from modify an ls environment variable? :)
<hads> That's it AFAIK
<hads> :)
<Kamping_Kaiser> hehe
<hads> I'm sure someone who knows more can correct me, I don't know that much about it.
<hads> From the manpage, "Output commands to set the LS_COLORS environment variable" - it would seem that's it.
<nooga> hello
<nooga> i'd like to setup ubuntu server on a single hdd next to RAID5 matrix
<nooga> when I install it normally, the GRUB can't boot and throws error 15
<nooga> how to fix it?
<fohdeesha1> I HACKED THE GIBSON
<soren> a) What's "the gibson", b) who cares?
<fohdeesha1> http://www.google.com/search?q=hacked+the+gibson&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:en-US:official&client=firefox-a
<fohdeesha1> Welcome to the internet.
<mralphabet> welcome to 13 years ago . . . get a new catchphrase
<fohdeesha1> protip: take a joke
<Kamping_Kaiser> fohdeesha1, protip for you: dont piss off the people you want help from
<fohdeesha1> LULZ HOLY FUCK IM RUNNING DEBIAN NOT UBUNTUY AND CONNED YOU INTO HELPING ME HOLY FUCKKKKKKKKKKKKKKKKKKK
<Kamping_Kaiser> watch your language please
<fohdeesha1> lol no kick? a lot more lax than the bsd guys
<Kamping_Kaiser> no ops looking. they'll be back ;)
<soren> kthxbye
<Kamping_Kaiser> hes back.
<Kamping_Kaiser> *heh*
<soren> He's been here before?
<Kamping_Kaiser> soren, your back.
<soren> Oh. Heh :)*
<nooga> well
<nooga> got any idea?
<Kamping_Kaiser> :)
<soren> nooga: What do you mean by "normally"?
<nooga> normally: insert cd, hit next, next, next, next till end of installation ;D
<soren> ...
<soren> Oh, then it works.
<soren> Look, if you want help, you need to be helpful yourself.
<nooga> okay, now i tried to manually partition disks: RAID5 (hda, hdb, hdc set to work under RAID), hdd: bootable / and swap partition
<nooga> and it's the same
<nooga> grub throws error 15
<soren> You're trying to boot off of the 4th disk in the system?
<nooga> dunno, in bios it seems to be hd0
<nooga> but linux sees it as hdd
<nooga> as if the matrix was first
<soren> Yeah, that would do it..
<soren> How soon do you get the erro 15?
<nooga> after installation when i boot first time
<soren> ...
<soren> YEs, but *when*?
<soren> How far does it get?
<nooga> sec
<nooga> loading stage 1.5
<nooga> and then "GRUB loading, please wait..."
<nooga> and then
<nooga> boom ERROR 15
<nooga> brb
<nooga> (cig brake)
<soren> Oh, good. That's easy then.
 * soren takes a break
 * danshearer is away: meeting
<nooga> soren: what's easy? ;d
<nooga> what do u mean?
<soren> To fix it.
<soren> You get a chance to hit ESC at some point. Do that.
<nooga> when grub starts?
<soren> Yes.
<nooga> does not work, grub throws error immediately
<soren> Ah.
<soren> Hm... I completely understand the problem, but I'm not sure who to guide you through fixing it.
<nooga> the raid controller is on motherboard and that single drive is connected to additional sata socket, maybe i could connect it elsewhere and try to make RAID1 with one disk, next to the RAID5 with 3 disks and then try to install ubuntu on that RAID1
<soren> nooga: One thing you could do, though..
<soren> nooga: Go through the installation again, but pass "edd=on" on the kernel command line.
<soren> That should make grub install itself on the right disk and also know where to look for the stage1.5.
<nooga> when exactly i should pass that arg?
<soren> When you boot the installer.
<nooga> okay
<nooga> ah, hit f6 in the cd menu and just add "edd=on" in the end?
<nooga> after -- ?
<soren> Yeah.
<cjsstables> what is the security number to use for a ldap home directory? ie is it 644?  I have the Ownership set to testuser:Domain User.  I don't want others users to see a home folder that is not theirs.
<soren> Define "see".
<blue-frog> cjsstables: then you need 700
<blue-frog> with 4 one could be able to read a file if he know the exact name
<soren> No.
<soren> With 4 you could find all the exact names of everything, but not access them. With 1, you could access them if you knew their name (and have access to the file itself), but not list the names.
<soren> cjsstables: Define "see".
<soren> Or don't.
<soren> *shrug*
<cjsstables> soren: if user xxx is logged on the domain, user xxx would not be able to view user yyy home directory with a file manager like thunar
<soren> Define "view", then.
<soren> cjsstables: Do you want users to be able to determine the existence of other users' home directories? Do you want other users' to be able to list the contents of the home directories? Do you want other users to be able to access things in the home directories?
<soren> What?
<cjsstables> soren answer is as follows.  user xxx cannot determine existance of user yyy home directory
<blue-frog> soren sorry. ty for correcting
<cjsstables> user xxx cannot list content of user yyy home directory
<soren> Then you need 701 on /home as well.
<soren> ..but that seems rather pointless as ldap and nss and stuff will likely reveal their existence anyway.
<soren> I'm just trying to point out that "see" is not a very useful term. There are several layers to be taken into account.
<soren> I could have just given you the easy, but not fully correnct, answer: 700.
<soren> ...but that's not really my style.
<cjsstables> ok no problem.  why do we want to give "others" execute permission with 701
<cjsstables> soren,,  your previous comment about revealing access to others when in an ldap enviro.  is that a common practice
<soren> Yes.
<soren> Without execute permissions you can't refer to anything inside a directory.
<soren> Like, say, your own home directory.
<soren> ...which would be inconvenient.
<cjsstables> ok.  so in that scenario.  user xxx can read only user yyy home directory but cannot wx
<soren> There's been a lot of stuff flying around now. What is "that scenario"?
<cjsstables> an ldap scenerio
<soren> Whether you use ldap or not doesn't change what you have access to.
<soren> What are ownership and permissions on /home and the user's home directory in "that scenario"?
<nooga> still error 15 ;/
<cjsstables> that is what I'm trying to determine ....  what should I set them to...   what is the common practice
<soren> cjsstables: Common practice is to stay with the default. That's why their the defaults.
<soren> Well, that's not entirely true.
<soren> I guess they're common practice, because they're the defaults.
<cjsstables> soren: when I created a user with smbldap-useradd it creates a home directory of yyy with the following permissions drwx------.  Is that the corect permissions?
<soren> They are not incorrect.
<cjsstables> ok.  but would they fall into the category of acceptable for a typical ldap environment
<cjsstables> basically I just wouldn't want user yyy copying viewing changing anything that is in xxx home directory
<soren> Those permission will make achieve that goal.
<cjsstables> awesom.  thanks very much soren.
<nooga> soren: i just can't do it
<cjsstables> so if I wanted to chmod a directory and its contents to drwx------ is that 700?
<nooga> is setting RAID1 with one disk for system and separate RAID5 for data a good idea?
<soren> nooga: The problem is that during boot, your bios thinks hdd is the first disk, but the grub on hdd tries to look on the 4th disk for the stage1.5 loader.
<nooga> well
<soren> cjsstables: I wouldn't recommend changin the permissions of the files inside the directory.
<nooga> then i could try to setup grub from livecd
<nooga> is it possible?
<soren> Yes.
<foolano> cjsstables: if you had a public_html directory within the user home directory you'd need excution permissions for others, otherwise   apache couldn't access it
<foolano> cjsstables: if you take a look at what adduser sets when a new user home is created, you'll see something like 755
<nooga> soren: i would be grateful for a hint: how
<cjsstables> foolano: ok . that makes more sense to me
<soren> nooga: Boot the livecd, chroot into the installed system, change your device.map to tell it that /dev/hdd is (hd0), run grub-install.
<nooga> kay
<cjsstables> soren:  are you pretty familiar with the smbldap tools?
<cjsstables> I have added a machine/computer account when I used winxp join the domain.  however I do not know how to add a computer account for a linux client.  How would I do this with the smbldap tools
<nooga> soren: so, if i got (hd0) hda, (hd1) hdb ... , (hd4) hdd
<nooga> i just swap hd0 with hd4, right?
<nooga> soren: and then grub-install hd0  ?
<Assid> hi
<Assid> anyone here got openvz working ?
<soren> nooga: Sounds right.
<nooga> soren: grub-install hd0  (aka hdd) says sth like: /dev/sdd1: Not found or not a block device
<nooga> wtf?
 * Assid needs help with openvz
<soren> nooga: Quit the chroot, and do: sudo mount --bind /dev /whereever/you/mounted/your/target/system/dev
<nooga> ah
<nooga> lol
<nooga> the file /boot/grub/stage1 not read correctly
<nealmcb> !ask | Assid
<ubottu> Assid: Please don't ask to ask a question, ask the question (all on ONE line, so others can read and follow it easily). If anyone knows the answer they will most likely answer. :-)
<Assid> nealmcb: yeah thats why im waiting.. for someone to respond
<Assid> it doesnt work with the kernel in the respository
<nealmcb> Assid: you haven't given enough information for someone to help you - versions, what you did, what you saw etc
<nealmcb> ï»¿Guide to asking questions on IRC: http://www.sabi.co.uk/Notes/linuxHelpAsk.html
<nealmcb> remember - we're volunteers....
<Assid> when i boot.. i get this : "This kernel require the following features not present on the CPU: 0:6"  this is using the openvz kernel available in the respositor and the PPA of will nowak
<nooga> soren: it fails ;(
<nealmcb> hardy?
<Assid> yes
<nealmcb> link to the ppa?
<Assid> using the 2.6.24-17-openvz
<Assid> https://edge.launchpad.net/~compbrain/+archive
<nealmcb> you may have to ask will for help - I don't know what he has up
<Assid> https://help.ubuntu.com/community/OpenVZ -- this suggests to eithe rebuild the kernel.. OR use the PPA
<soren> nooga: How?
<nealmcb> Assid: interesting - thanks for the link.  note that those instructions rely on stuff that isn't supported.  it might help to know what your ultimate goal is and why the main Ubuntu virtualization solution, kvm, won't work for you
<Assid> i am now trying to recompile it.. but this is being really hopeful
<nooga> soren: dunno, i'm in chroot, /dev is binded
<nooga> and under chroot i type: grub-install hd0
<soren> nooga: Do you have /boot on a different partition?
<nooga> i don't know, but it's unlikely
<soren> Er..
<Assid> nealmcb: i dont want to use a hardware virtualization as they FIX the resources (commit the resources), wwith openvz i can OVERSELL / OVERPROMISE more resources than i have
<soren> hd4 is hdd? What's hd3, then?
<Assid> and the VPS that  isnt using as much resources is being shared where required
<Assid> also.. i cant set the amount of CPU power i want a kvm resource to have.. it only lets me dedicate processors
<Assid> so suppose i want SMP for a vps.. but i want each vps to have say 200mhz only (200+200 as dual core)
<Assid> openvz lets me do this.. kvm only lets me set the cpu's per VM
<InsomniaCity> Assid: you realise that if you use openvz, people will know you're overselling, and consequently be that less likely to choose your services
<Assid> InsomniaCity: thats fine.. its all for internal usage atm
<nooga> i guess i'll install ubuntu server again
<nooga> and then try
<soren> nooga: Whu... why?
<Assid> InsomniaCity: i have certain tasks i am targetting PER vps.. and each task is generally going to be used during certain timings.. think of  it as TIMESHARE per RESOURCESHARE
<soren> What's with all the shouting?
<stupidknight> Hi, I've just installed Ubuntu Server on my server, with MySQL. Now I can't access it form an other computer, though on the same network. Any ideas if this is there's something I should take into consideration?
<soren> The fact that mysql only listens on the loopback interface by default, perhaps.
<Assid> hrmm
<stupidknight> oh
<stupidknight> soren: sorry if my question was dumb enough, just installed it and I'm new to *nix in general.
<soren> If you really want to expose your db server to the network, you need to change the bind-address option in /etc/mysql/my.cnf
<nealmcb> Assid: I updated that wiki page a bit to clarify the support and point to kvm also.  sorry I can't help with your underlying question since I haven't used it
<stupidknight> soren: yea, I'm in it now, thanks.
<nealmcb> you might get better help from an openvz channel
<soren> Assid: It would appear the openvz kernel is compiled with pae support. It will fail on old systems.
<Assid> right
<Assid> how do i disable it?
<Assid> which flag is it
<soren> CONFIG_PAE, probably.
<soren> Hmm... Or perhaps not.
<Assid> i got the git distribution.. found PAE .. but in config.server
<Assid> however, how do i know which config file is worked on?
<nealmcb> Assid: which git distribution?  I'd think you'd want to base your kernel off the standard ubuntu kernel and the one in the ppa
<zul> soren: CONFIG_HIGHMEM_64G turns on CONFIG_PAE
<soren> Ah, those are only on i386, of course. That's why I couldn't find them.
<soren> Assid: You want to look for the openvz binary custom flavour thing.
<Assid> might as well compile this for my laptop
<soren> You wan to do hosting off of your laptop?
<Assid> nah.. just playing with it on my laptop before i do it on a production box
<Assid> you dont expect me to blow up a production box do you ?
<nealmcb> Assid: thanks for your input on that bug.  if you could followup with information on the PAE issue that would also help.  e.g. is PAE required in the ppa kernel, but not in other ubuntu kernels?
<Assid> im actually recompiling the kernel atm
<Assid> i am tyring to recompile the kernel as we speak
<Assid> its gonna take a long time.. its just a 1400 pentium m
<ghatak> hi, I have a strange problem with syslog-ng, i want recieve remote syslog from switch and router, when I do a tcpdump i can see udp packets being sent however syslog-ng daemon does not see them. even if i do netcat on port 514, it does not see it, any help please ?
<mathiaz> kirkland: what is the name of the virtualization packages you've created ?
<mathiaz> kirkland: I don't find them in your ppa
<kirkland> ubuntu-virt-server and ubuntu-virt-mgmt, should be
<kirkland> mathiaz: I see them there
<mathiaz> kirkland: yeah - me too :D
<kirkland> mathiaz: oh, they're against hardy
<kirkland> mathiaz: when i uploaded them, PPA didn't support intrepid yet
<kirkland> mathiaz: and it only built i386, strange
<mathiaz> kirkland: that's because they're meta-packages
<kirkland> mathiaz: oh, that's right.  i remember now.
<mathiaz> kirkland: the deb names is _all, which is for all architecture.
<kirkland> mathiaz: that was a conscious change, save space on the repos
<kirkland> mathiaz: gotcha.
<mathiaz> kirkland: they're just built for i386.
<kirkland> mathiaz: -> #ubuntu-virt ?
<mathiaz> kirkland: that's all I wanted to ask
<kirkland> mathiaz: ;-)
<kirkland> mathiaz: can you sponsor for upload to intrepid?
<mathiaz> kirkland: I'm writing the minute then
<mathiaz> kirkland: I'd suggest to follow the NewPackage process.
<kirkland> mathiaz: okay, cool
<mathiaz> kirkland: I can advocate for your package.
<kirkland> mathiaz: i had that NewPackage todo from yesterday's meeting, i'll get right on it
<mathiaz> kirkland: I'd rather follow the NewPackage process.
<kirkland> mathiaz: that's fine
<zul> mathiaz: dovecot SRU works as expected fyi
<Assid> mathiaz: you got nything for openvz
<sommer> zul: I was giving that a test as well, I'm running the load_test.py, is there anything I should look for?
<zul> sommer: I bumped the login_max_proccesses_count to 1 and then rerun it
<sommer> zul: cool will do, isn't it 128 by default?
<zul> sommer: yeah but its easier and faster to see if you get the error message
<sommer> zul: ah
<PCChris> RoAkSoAx: what were you saying yesterday?
<RoAkSoAx> PCChris, about the server name on apache2.conf file?
<PCChris> yes
<RoAkSoAx> add ServerName <ip address of your server> in that file
<RoAkSoAx> PCChris, have you set the hostname as told in the howtoforge.com howto?
<PCChris> I don't believe I did that actually
<PCChris> which howto was that?
<PCChris> perfect server setup?
<RoAkSoAx> PCChris, yeah in the 3rd page
<RoAkSoAx> if you do that hostname setup i think that servername warning won't show up
<PCChris> http://www.howtoforge.com/perfect_server_ubuntu7.10_p3 ?  I don't see anything about Apache config there
<RoAkSoAx> PCChris, i ment the hostname of the server... do the hostname thing first and see if you get that warning
<LowWalker> Grub error 2... what are you
<RoAkSoAx> if you do, add ServerName <1.2.3.4> to /etc/apache2/apache2.conf
<PCChris> So right now I'm supposed to be editing Apache2.conf?
<RoAkSoAx> PCChris, if you haven't set the hostname of your machine correctly, you do
<PCChris> httpd (pid 9994?) not running still
<PCChris> Maybe the first ISPConfig install messed up some settings?
<PCChris> My computer hostname for Ubuntu is chris-laptop, which it provided by default when installing Ubunut
<PCChris> *Ubuntu
<emgent> heya
<RoAkSoAx> PCChris, weird then... try check the apache logs and see why it ain't starting
<RoAkSoAx> PCChris, maybe try resinstalling apache
<PCChris> That's what I was thinking I should just try at this point
<RoAkSoAx> PCChris, i would recommend you to uninstall it with sudo apt-get remove --purge apache2 (and any other packages you have installed)
<RoAkSoAx> then sudo apt-get autoremove && sudo apt-get autoclean
<RoAkSoAx> and then isntall it again
<PCChris> will that remove all it's directories as well?
<RoAkSoAx> PCChris, all the config files, not the directories on /var/www
<PCChris> should I remove those?
<RoAkSoAx> nope
<RoAkSoAx> that is just the DocumentRoot
<PCChris> ok, I uninstalled-but do i need to change my computer host name or anything before trying to install anything again?
<RoAkSoAx> PCChris, what is showed when you do hostname -a and hostname -d
<PCChris> umm...nothing?
<RoAkSoAx> PCChris, if you gonna change the hostname, thouse two commands would show the hostname...
<RoAkSoAx> and i think that you won't have problems with the ServerName warning on apache
<PCChris> but what should I change it to?
<RoAkSoAx> otherwise.. just leave it as it is... and install apache... and then you add ServerName 172.169.0.0 (obviously you will have to replace it with the IP of your machine) and that would be all
 * Assid watches the kernel recompile
<juannicolas> Hi people, I would like to know if somebody here had any experience installing ubuntu in a Dell PowerEdge 1950 or similar. I want to use all disk space RAID0 but when installing the only option I did get was the PERC 5/i system. HOw can I install Ubuntu in the way to use the both 143G?
<PCChris> ï»¿RoAkSoAx: ok, when ISPConfig install asks for the fqdn, what should I put [default is chris-laptop]?
<RoAkSoAx> yeah guess so
<RoAkSoAx> that's why is recommendable to set a hsotname
<PCChris> how do I remove all the old mysql tables?
<RoAkSoAx> PCChris, if you now SQL you could do that
<uvirtbot`> New bug: #235792 in bind9 (main) "BIND 9.4.2 permission denied for custom log files" [Undecided,New] https://launchpad.net/bugs/235792
<PCChris> nm, I think I figured it out
<juannicolas> Hi, how can I install ubuntu hardly in a PE 1950 using my 2 disk of 143Gb at full capacity not raid0
<_ruben> juannicolas: you probably have to use sofware raid (performance is quite decent) .. i installed 2 1950's the other day, but they had hardware raid
<_ruben> juannicolas: ow, you're only seeing one disk in the installer you mean?
<juannicolas> yes Is telling me something about PERC 5
<_ruben> dell default to raid1 config when shipped
<juannicolas> so, how can i change or undo that in order to use both disk
<_ruben> perc5 is the sata/sas/scsi (raid) controller
<brewmaster_> anyone have any advice on setting up a simple failover web server?
<_ruben> you need to reboot and enter the perc 5 configuration manager .. and create a raid0 vdisk (its raid1 by default)
<_ruben> it prompts you for ctrl-a or ctrl-e i think during boot
<juannicolas> with the radi0 I can use both disk seperatly? I mean i would have 280GB tops?
<_ruben> with raid0 you have one virtual disk with the size of about 280GB
<juannicolas> rebooting system
<juannicolas> let me see
<_ruben> then again, i cant think of a reason to use raid0 .. raid0 isnt really raid .. the r is for redundant, raid0 isnt redundant
<_ruben> 2 disks in raid0, one disk dies, you lose the data on the other as well
<juannicolas> i know
<juannicolas> I only want this server for data
<juannicolas> but they requested full max hd capacity
<juannicolas> :S
<_ruben> the more reason *not* to use raid0
<PCChris> ï»¿RoAkSoAx: ok, when setting up the RSA private key does it matter what info I put in?
<PCChris> It has defaults it says I can use, but it's not actually my country, city, etc.
<RoAkSoAx> PCChris, not really... since you are just testing
<juannicolas> I recommended mirroring but That will loose space , hey said
<_ruben> should've gotten bigger disks then .. raid0 is pretty much useless, 1 300G disk would probably be cheaper than 2 150G's
<juannicolas> got you, but thats what they have right now. Maybe later on they can upgrade it
<PCChris> I still get httpd not running
<RoAkSoAx> PCChris, what does sudo /etc/init.d/apache2 start showsÂ¿
<PCChris> It just says it failed
<n6rej> test
<RoAkSoAx> PCChris, from ispconfig?
<RoAkSoAx> weird then
<n6rej> can anyone help me setup proftpd so that I can rw directly to /var/www ?
<PCChris> that's what's returned with ...apache2 start
<RoAkSoAx> you should uninstall it, and install it again so that you can test if it works without anyother config, because it should
<juannicolas> _ruben i thin is ctrl+r for the PE Raid config
<juannicolas> gosh, I dont understand this menu
<PCChris> still fails :-(
<RoAkSoAx> PCChris, have you done any special configutarion or something for apache?
<PCChris> no
<juannicolas> _ruben  thank you, I have created a VD with 278784MB space
<FordPrefect> hi.  Does anyone know how to get a console on a libvirt managed kvm?  I'm having the same problem as this guy: http://article.gmane.org/gmane.linux.ubuntu.user/145009
<FordPrefect> I also tried adding it to the template file
<FordPrefect> it just removes it
<n6rej> nobody knows how to config proftpd?
<juannicolas> n6rej I think you need to give /var/www write permision to all user
<infinity> juannicolas: Dear god man, don't do that.
<PCChris> wait, ispconfig vhost is still there
<juannicolas> infinity  then?
<n6rej> juannicolas: yeah, just gotta figure out how to do it properly
<zul> sommer: can you do munin next?
<psyferre> hey folks, does anyone have a moment to help me out with adding a command to run at boot?  I've seen several methods in my googling, but many are outdated or even say that there should be a "better way".  Anyone have a moment?
<infinity> n6rej: "addgroup $mywebgroup; adduser $mywebuser $mywebgroup; chown root:$mywebgroup /var/www; chmod 2775 /var/www"  (Alternately, make it "$webgroup:www-data and 2750")
<psyferre> I've read that a "good" way is to add your command to /etc/init.d/bootmisc.sh , but looking at that file i'm a bit unsure of where I would even want to put my command
<n6rej> infinity: is that in proftpd?
<infinity> n6rej: No, that's all just unix file permissions.
<n6rej> infinity: include the $?
<infinity> n6rej: No.
<PCChris> ï»¿RoAkSoAx: Yes!  I think I at least got Apache working!  Had to delete all the old ispconfig files that were still there
<n6rej> infinity: k
<infinity> n6rej: That was a variable.  Substitute the name of the groups and users as appropriate. :P
<n6rej> infinity: gotcha... just need one user its for my lan
<infinity> n6rej: IOW, that wasn't an exact cut-n-paste routine, it was a "this is more or less how I'd do it" thing.
<n6rej> infinity: cc
<infinity> n6rej: If it's just one user, you don't need groups at all, I guess, though you might want more than one user with access later.
<n6rej> infinity: nah, just need one.
<PCChris> ï»¿RoAkSoAx: any idea where I should go from here?  Try installing ispconfig again?
<infinity> n6rej: If you're sure it'll always just be one user, though, just make /var/www owned by root:$thatuser (every user should, by default, have a group named after them)
<n6rej> infinity: yeah I just need to give Joomla ftp access to apache
<infinity> n6rej: And then mode 2775 (set-group-id, rwx to root, rwx to $user, rx to "all")
<infinity> n6rej: So all files/directories created under /var/www get that sticky bit.
<infinity> n6rej: (If there are already files under there, you'll need to muck with their permissions by hand...)
<n6rej> infinity: ok.
<sommer> zul: maybe this evening... never setup munin, use nagios myself
<soren> infinity: Do you have an opinion on using fastcgi php5 instead of libapache2-mod-php5 by default?
<infinity> n6rej: chown -R root:$user /var/www ; chmod -R 664 /var/www ; find -type d /var/www | xargs chmod 2775
<zul> sommer: cool just use a vm or something
<infinity> soren: It's a pain in the ass, it doesn't always work as "expected" for some PHP developers, it lacks some fancy features of being tied into the web server directly.
<n6rej> tyvm!!!
<soren> infinity: In other words: "Go for it!" ?
<infinity> soren: Pros would be "it's faster" and it can be configured to be potentially more secure.
<soren> infinity: Yeah, the worker mpm sure would be nice.
<infinity> soren: But, honestly, mod_php serves more people's uses better, IMO.
<soren> infinity: I mean... It is Intrepid, after all. It's a good time to switch and get all the bugs worked out over the course of the release and possibly the next one.
<infinity> soren: The better option, IMO, is reopening the dialog upstream about the future of support for TSRM in PHP.
<soren> infinity: I'm not so sure.
<infinity> soren: fastcgi always has been, IME, a hideous hack.  mod_$lang has always worked better, it would just be swell if PHP was threaded-by-default.
<PCChris> ï»¿RoAkSoAx: awesome, I think everything [might be] working now.  Thank you so much for the help.  (is it a problem if the images in the ISPConfig interface are broken, though?)
<soren> infinity: The security aspects of fastcgi makes me happy.
<soren> infinity: Why do you consider it a hack?
<infinity> soren: Meh.  Hand-wavy.  There's nothing secure about fastcgi by default.  One can potentially mangle it to be more secure (ish), but then again, one can install PHP in fastcgi mode too, if they plan to mangle things.
<infinity> soren: FastCGI is really a framework for distributing CGI jobs to multiple machines.  From back in the bad old days when all corporate CGI was a mess of perl and C, running on very slow machines.
<infinity> soren: The fact that we use it today as a hackish workaround for "running unthreaded apps in a threaded webserver" is cute and all, but it's a speed *hit* compared to what one would get with a native threaded mod_$foo.
<RoAkSoAx> PCChris, if they are broken might be cause they don't have the right permissions to be accessed
<infinity> soren: And, if the big reason to switch to FastCGI is because "prefork is slow, ZOMG", then why pull the woll over people's eyes by offering them a differently unideal solution, rather than pursuing the ideal?
<soren> infinity: Well, ultimately, I'd like us have a php-cgi process per user to get rid of safe_mode and all that crap, too.
<infinity> soren: (Or, another angle, if your argument really is the potential to do security wrappers and such, will you be replacing mod_perl and mod_python with fastcgi implementations?)
<soren> safe_mode... Now, *there's* a hack if there ever was one.
<soren> infinity: I would like that, yes.
<infinity> Safe mode just shouldn't exist.  If it never existed, no one would claim that PHP should hold their hands and be secure in the face of bad programming.
<infinity> Well, I suppose safe_mode is more about protecting users from other users.
<infinity> But still.  Bah.
<infinity> soren: I suspect you'll get a lot of very angry people if you try to take away mod_python and mod_perl.
<infinity> soren: A lot of work has gone into php-cgi to make it "kinda, almost, but not quite" behave identically to mod_php.  There's no such luck with perl or python, where the apache modules behave drastically differently from the raw interpreter.
<soren> infinity: I know. It's not something I imagine will happen any time soon, but at some point, I'd certainly not reject the idea.
<infinity> soren: Fair enough.  My point is that I *do* reject the idea. :)
<soren> Bah.
<soren> :)
<soren> Anyhow...
<infinity> soren: As a man who's run many incredibly busy CGI/script-dependant sites, while there are cases where one might want "secure-by-default" (ISPs... And... ISPs... And... ISPs?), the vast majority want speed, speed, speed.
 * soren calls it a day
<bdmurray> bug 215571 might be worth looking at
<uvirtbot`> Launchpad bug 215571 in system-config-samba "system-config-samba.py crashed with OSError in onHelpClicked()" [Medium,Confirmed] https://launchpad.net/bugs/215571
<psyferre> can anyone give me a few pointers with how to add a script to rc2.d ?  I have my script in there, but i must have given i the wrong permissions or something because it will only run manually... it doesn't run during startup
<throck> I just upgraded a server from 7.10 to 8.04.  Worked great.  But now I have errors on boot (could have been there before the upgrade too, not sure).  The error from dmesg is:  ALSA /build/buildd/linux-ubuntu-modules-2.6.24-2.6.24/debian/build/build-server/sound/alsa-driver/pci/via82xx.c:581: codec_read: codec 0 is not valid [0xfe0000],  plus 3 more just like it.
<stickystyle> psyferre: #update-rc.d /etc/init/your_script_name defaults
<kirkland> "There was some discussion about rewriting the page using ActiveX - it didn't
<kirkland> get far due to a lack of interest in this technology."   :-D
<psyferre> stickystyle: Thanks!! I'll give that a try
<kirkland> mathiaz: ^^
<kirkland> what a sense of humour mathiaz has ;-)
<Assid> bah.. its still compiling
<Assid> stupid kernel
<uvirtbot`> New bug: #235809 in apache2 (main) "apache2 startup script fails to stop apache2 at times." [Undecided,New] https://launchpad.net/bugs/235809
<mathiaz> kirkland: isn't that what happened during the meeting ?
<kirkland> mathiaz: um, yeah, and you do understand that was a joke, right?
<mathiaz> kirkland: I'm just reporting the truth, the only truth ;)
<kirkland> mathiaz: :-p
<kirkland> mathiaz: okay, i think i've done everything i need to do for the ubuntu-virt-* meta packages...  awaiting reviews
<mathiaz> kirkland: right - I've looked at it - why did you set the maintainer to yourself rather than the ubuntu-motu team ?
<kirkland> mathiaz: hmm, that wasn't a conscious omission
<kirkland> mathiaz: that can be fixed
<throck> Any ideas on my ALSA boot errors?
<dbrewer_rjr> I just configured ubuntu hardy server on an ibm server running vmware esxi. i am getting an error on boot "Host SMBus controller not enabled." Is this serious? everything seems to be working.
<dbrewer_rjr> oops i meant gutsy
<psyferre> stickystyle:  I finally got my script worked out so that just doing /etc/init/scriptname start will run the script successfully and then used   update-rc.d scriptname defaults 88 to add it to the runlvls at the appropriate place.  It still for some reason, does not run at bootup... any idea why?
<_ruben> psyferre: it most likely runs in a slightly different environment where certain variables/commands/etc are not available (yet)
<psyferre> stickystyle: i've seen that in some flavors of linux i have to do something like add scriptname_enabled='YES' in a file like rc.conf.... i don't see anything like that  in ubuntu.  Am i missing something?
<psyferre> _ruben: thanks for the reply... that could quite possibly be it.  is there any way I can minimize the chances of that?  my script is a very simple one... just mounting a samba share
<psyferre> _ruben: i made sure that it *should* run after samba starts
<brewmaster_> anyone familiar with 'pound'?
<_ruben> psyferre: why not add it to fstab?
<psyferre> _ruben: i went down that road once before and never had any luck.  I'll try again :)
<PCChris> I can't ping or access my Ubuntu server from anything other than localhost or 127.0.0.1 on the server machine
<PCChris> The lan address also works but only server-side
<neerfri> ï»¿mathiaz: do you know how I can reach David Portwood ? he should be named macd here, but as of now he isn't answering me...
<Assid> err can kvm be defined to give a VM only 200mhz of the available processor?
<_ruben> PCChris: can you ping anything *from* your server? if so: most likely a firewall
<PCChris> yes, I can ping from server but not to
<_ruben> PCChris: sounds like a firewall :)
<PCChris> anything server-side as far as firewall that Ubuntu would come with?
<_ruben> PCChris: hardy is the first release to have one i think: ufw
<PCChris> that's what I'm on
<PCChris> using wireless to connect to my lan-and the laptop show up in the dhcp list for my Belkin router
<PCChris> ...I think I might have an Apache problem, actually...maybe only listening on localhost?
<Ali_ix> PCChris: if you cant even ping your server, there is some routing/firewall blocking problem
<psyferre> _ruben: hi again.. i tried putting the appropriate linein fstab, and it works if I do mount -a, but ona reboot the share is still not mounted.... any idea why?
<Ali_ix> PCChris: you can check teh listenings with netstat command
<psyferre> _ruben: thanks again for all your help
<_ruben> psyferre: any errors showing at boot time ?
<PCChris> netstat -tap?
<PCChris> Ali_ix: netstat -tap?
<Ali_ix> PCChris: i preffer netstat -antp, but -tap works fine
<PCChris> What should I be looking for in it?
<Ali_ix> PCChris: check if it is something like '*:80' or '*:www',
<Ali_ix> PCChris: that means apache is not just listening localhost
<PCChris> Ali_ix: don't see that
<Ali_ix> PCChris: netstat -antp | grep apache
<PCChris> Ali_ix: netstat -tap shows up with *:www though
<Ali_ix> PCChris: or netstat -antp | grep :80
<Ali_ix> PCChris: so it is ok
<Ali_ix> PCChris: do you have and firewall/router in front of your ubuntu server?
<PCChris> yes, but I had it working previously-I'm redirecting port 80 and 8080 to the Ubuntu server
<Ali_ix> PCChris: check that config again
<PCChris> yeah, port 80 and 8080 redirect to my Ubuntu ip which I just verified with ifconfig
<PCChris> wait...ping is working now I think
<PCChris> it's somehow working now
<PCChris> unfortunately idk what changed
<PCChris> unless the router settings just weren't updated or something for some reason
<PCChris> ï»¿Ali_ix: thanks for the assistance, hopefully it won't start acting up again
<Ali_ix> PCChris: try to telnet on 80 port from outside
<PCChris> that fails
<PCChris> as long as I'm doing it right
<PCChris> wait, wrong port-how do I change telnet port?
<Ali_ix> PCChris: telnet IP PORT
<Ali_ix> PCChris: telnet ip 80 (for webs erver)
<PCChris> doesn't seem to work
<PCChris> I can ping and access the site, though
<Ali_ix> PCChris: it is your router or the iptables on server that blocking apache, check both
<PCChris> ï»¿Ali_ix: I'm saying I can access it with external address now-or are you trying to determine why it wasn't working???
<Ali_ix> PCChris: yes, but it doesnt  matter any more if it is working ;)
<PCChris> ok (still wondering why it wasn't working, though)
<PCChris> Ali_ix: thank you very much
<Ali_ix> PCChris: np :)
<uvirtbot`> New bug: #230016 in pilot-link (main) "[intrepid] Rebuild with perl 5.10" [Undecided,Fix released] https://launchpad.net/bugs/230016
<spiekey> hi
<spiekey> is there a way to check the CPU temperature?
<RoAkSoAx> spiekey, http://www.techthrob.com/tech/linuxsensors.php
<emgent> stickystyle: about rapache see planet :)
<spiekey> ermm...: http://pastebin.com/m322228e0
<spiekey> i am not sure what temparature that is :-/
<blue-frog> beginning to be hot
<spiekey> is this the cpu or power supply or what is it?
<spiekey> line 14 is the only one with degres on it.
<blue-frog> i assume cpu but don't know for sure
<spiekey> ok, thanks!
<blue-frog> hum if adpater there woul be a problem I guess at that temp
<blue-frog> anyway how could the motherboard knows about the adpater?
<nxvl> kirkland: no luck
<kirkland> nxvl: you called?
<nxvl> nop
<nxvl> i go
<nxvl> they said there was people until 7
<nxvl> so maybe someone took it
<nxvl> they called to room service and there was the guard of the 3th floor, who called his collegue
<nxvl> and no one knew anything
<emgent> kees: ping
<kirkland> nxvl: bummer
<kirkland> nxvl: thanks so much for trying
<kirkland> nxvl: you da man
<kirkland> nxvl: i emailed a bunch of people there
<nxvl> i will love that someone makes the same for me, so there was no problem
<nxvl> :D
<nxvl> also i don;t have much to do
<nxvl> i'm just on the bar of the hostal drinking a beer and geeking around
<nxvl> :D
<kirkland> nxvl: which hostel?
<kirkland> nxvl: I stayed at an awesome place called The Boathouse in Prague in May 2001
<emgent> people rapache pre-pre-pre alpha with GUI is out, see planet
<stickystyle> emgent: Very nice.
<nxvl> i'm in Traveler's hostel
<nxvl> it awesome
<nxvl> emgent: btw, i will take a look and maybe help you
<nxvl> emgent: it will help with my project, if you don't mind that i use it somewhen as a module :D
<RoAkSoAx> nxvl, go look for some ladies :P
<nxvl> RoAkSoAx: i just want to go home
<emgent> nxvl: :)
<RoAkSoAx> nxvl, hahaha why?? you have to come back to work!!
<nxvl> emgent: i will when i go home and catch the correct timezone :D
<nxvl> RoAkSoAx: because europe is expensive, they don't have ceviche, aji de gallina, you don't put your life in danger when you walk on the streets
<RoAkSoAx> nxvl, hahahaha or have to pay a transit police officer if he stops ya!! oh well!! that's why we love PerÃº :P :D
<uvirtbot`> New bug: #235856 in dhcp3 (main) "dhcdbd still uses old dbus-send location" [Undecided,New] https://launchpad.net/bugs/235856
<JanC> nxvl: you're peruvian?
<JanC> and Prague is actually quite cheap compared to some other places in Europe...
<RoAkSoAx> JanC, i'm peruvian aswell xD
<JanC> great
<nxvl> one peruvian developer per version
<nxvl> :D
<nxvl> s/version/release
<JanC> wow, that's even greater  ;)
<nxvl> i started with hardy and RoAkSoAx with intepid
<nxvl> i hope to see more peruvian involved
<nxvl> RoAkSoAx: and that's our work
<JanC> don't forget to involve non-develoeprs too  ;-)
<nxvl> well
<RoAkSoAx> yeah, we are trying to do that but it's kinda hard since everyone on the Peruvian LoCo work, and we have like different schedules.. but well.. we gonna start giving *
<RoAkSoAx> clases
<nxvl> we have people involved in translations
<nxvl> and in artwork
<JanC> translations & artwork are important too
<JanC> but for things like advocacy, you don't necessarily need technical people
<JanC> try to get some people who aren't in IT to get involved
<emgent> kees: 5th June next Security Meeting, true?
<JanC> they might also have some interesting input...
<JanC> hm, this is probably off-topic here  ;-)
<kees> emgent: that's correct
<emgent> kees: so if it`s ok for you, I think that we can start pt
<JanC> 2008-06-05 isn't on the Ubuntu agenda  ;-)
<kees> emgent: pt?
<kees> emgent: white-hat stuff?
<JanC> (the calendar on the Fridge)
<emgent> schedule pt, yeah
<kees> emgent: feel free to add stuff to the agenda, email the hardened mailing list, etc.
<emgent> ok thanks
<emgent> :)
<kees> JanC: hm, can you fix that?
<JanC> not myself, the fridge people can
<JanC> kees: boredandblogging can change the fridge calendar
<emgent> kees: one or two hours?
<kees> emgent: I'm hoping that the Ubuntu Security Team meeting will be 1 hour.  If you need a separate white-hat meeting, go ahead and get it scheduled too
<JanC> what's the white-hat meeting supposed to be about?
<emgent> kees: cool -- i think to try in security meeting for now and if we will need more time, i will schedule another meeting only for ubuntu-whitehat.
<kees> emgent: okay
<michalski> hey when removing something it says: E: ebox-ntp: subprocess post-removal script returned error exit status 1
<michalski> how do i remove this?
<kees> emgent: I think you updated the wrong thing (not the Meeting agenda)
<emgent> kees: oops
<emgent> just a moment..
<tritonx> question: What is it that tell the browser what name(domain) to show? ie: I have a few domain name at godaddy, but for now I only use redirecting to the proper place and my adress is always a no-ip one. Is there a way I could make it show another address?
<emgent> kees: fixed, sorry
<bobbo> Where can i find the default apache2 envvars file?
<kees> emgent: np -- I just wanted to make sure you actually got on the schedule.  :)
<emgent> thanks :)
<emgent> night people i go to sleep
#ubuntu-server 2008-05-30
<Arrick> hey all, I have an issue I need some help with...
<Arrick> anyone have an idea why my ubuntu server 8.04 install has been hanging for 15 minutes at 3% of the "Resolving dependencies of base packages..." on a compaq proliant ml330?
<Arrick> Im getting [312.513768] kernel panic - not syncing: Attempter to kill init!
<Arrick> what do i do for this error?
<soren> Report a bu... Oh, he left.
<ajmitch> soren: you're expecting a lot of people
<soren> ajmitch: Yes. I'm working on that. :/
 * soren goes to bed
<soren> g'night, all.
<semm0> hi all
<semm0> i got a problem building octave3.0.1 on ubuntu-server 8.04 error message is listed here: http://ubuntuusers.de/paste/229001/
<uvirtbot`> New bug: #235912 in samba (main) "[CVE-2008-1105] Samba: boundary failure when parsing SMB responses" [Undecided,New] https://launchpad.net/bugs/235912
<lamont> ScottK: I almost feel dirty
<samuel> Does anyone know how I can install apache? I thought it can prepackaged with ubuntu server edition, but apparently it doesn't.
<samuel> came*
<kirkland> samuel: apt-get install apache2
 * danshearer is away: Zzzzzz
<lamont> samuel: prepackaged != preinstalled
<lamont> and like kirkland said
<samuel> Yeah, I'm well aware of them not being the same thing. I've actually searched through all the packages and I pretty much don't see it. I even searched through all the files and found nothing that looks useful.
<samuel> I actually worded my question wrong, where do I get apache, with all the trimmings for ubuntu. xD
<samuel> Like, a .deb package of it.
<hads> As kirkland said.
<hads> Probably with a sudo in fron unless you happen to be root.
<will01> does anyone know how to set up a samba share over a hamachi vpn?
<samuel> That's confusing.... I'm linux retarded. I'm switching from windows server =/
<hads> samuel: From the console of your server, or an ssh session you'd type, 'sudo aptitude install apache2'
<samuel> hads: Thanks!!!!!!!!!
<hads> samuel: There's a difference in the Linux world where most things are pre-packaged for you by your distribution (Ubuntu) so you just have to install things rather than get them from a third party.
<hads> In the future, 'aptitude search apache' will show you all the packages available for you to install matching apache.
<samuel> I was actually expecting to find something in the "Add/Remove" in the applications menu, but I didn't find anything, which really confused me.
<hads> I take it you're using a GUI?
<lamont> samuel: or System -> Administration -> Synaptic Package Manager
<samuel> Yeah, gnome came with it.
<hads> Most of the people in here are using servers which generally means using the command line interface, no GUI.
<lamont> samuel: and then click search and type 'apache2' in the box
<hads> https://help.ubuntu.com/8.04/serverguide/C/package-management.html
<lamont> (and yes, I had to actually run it to find out what to do, since I never use it...)
<samuel> I'm actually using this for a bit more than just server usage right now. And thanks lamont, I didn't know that was there.
<lamont> GUIs are evil, you see... :0
<samuel> Woot! Useful documentation! It's hard to google this stuff. xD
<lamont> :-) even
<hads> samuel: For help with the GUI tools you may find you get a quicker response in #ubuntu or something.
<lamont> yeah - most of the responses here assume that you're in a terminal window
<samuel> Ah, thanks, lol.
<hads> lamont: Check out all the links in the channel topic, that one is the tinyurl one.
<samuel> Well, I have a vague idea of how to use a terminal window, it kinda comes with playing with php and ruby.
<lamont> hads: kewl.
<will01> is there a way to run a samba server onto a vpn?
<samuel> I just don't know about the entire comand list yet.
<lamont> will01: a vpn is just another network interface
<lamont> IOW, what's the problem? :-)
<hads> lamont: Oh. that was for samuel :)
<lamont> heh
<will01> ok, so i would just have to set it up here normally/
<lamont> will01: yeah - it's just another interface, with other IPs that are out that direction (as per the routing table)
<samuel> Thanks hads and lamont, I think I'm pretty much on the trail of information that I needed now. ^_^
<hads> samuel: Don't worry, I don't think anyone knows the entire command list, there's quite a few more than DOS :)
<samuel> hads: I never used DOS, that was a bit before my titme. xD
<lamont> zgrep usr/bin Contents-i386.gz | wc -l
<lamont> 20734
<lamont> hrm.. yeah that is a few
<hads> heh
<lamont> although to be fair, only 4546 of those are in main
<lamont> call it 4000 in main in usr/bin and bin
<lamont> nothing quite like realtime refining of search criteria. :(
<samuel> I remember DOS having an actual folder navigation type GUI. I used to play the old puttputt games on it when I was like 5 yrs old. xD
<samuel> OMG!!! =D Gnome is awesome. lol
<samuel> lol, I just noticed that kirkland did reply to me. o_o' I was wondering what ya'll were talking about xD. I feel a bit..... stupid. lol
<RoAkSoAx> chan #aqpglug
<will00> how do i set up my computer so it can share a hard drive across a vpn with windows based computers?
<[gquit]bombadil> will00: step one set up a vpn, step two set up file sharing that would work on a local network
<will00> bombadil, i have hamachi set up and i think its working, but i cant seem to get file sharing to set up properly
<twb> So a customer has specified that they require "a firewall" on their server.  Ignoring for a moment the rampant stupidity of this requirement, I decided to use this as an excuse to look at ufw.  Within the first thirty seconds (i.e. now), I have discovered that there is an ufw.conf in /usr.   Is there a good reason for this apparently violation of the policy manual (and the FHS)?
<hads> Why is it silly to want a firewall?
<twb> hads: it's silly to ask for "a firewall"
<hads> okay
<twb> hads: it is meaningful to instead ask for something like "must not allow access to services from the outside world"
<twb> i.e. specific firewall rules
<hads> True, semantics a customer probably doesn't know though.
<twb> Granted.
<twb> This is why I said "ignoring for the moment..."
<hads> Well I use firehol myself. Haven't looked at ufw
<twb> hads: ufw is one of the whizz-bang PR attempts, I think.  It appears to be installed by default on Hardy servers.
<hads> Hmm, so it is, never noticed it.
<twb> I think it's just a bunch of iptables rules, like the ipmasq package.
<will00> whats the easiest way to share files over a  network/
<ajmitch> twb: the ufw.conf in /usr/share/ufw does look to be identical to /etc/ufw/ufw.conf, perhaps it is meant as an example
<twb> will00: scp, probably.
<twb> ajmitch: I have no such file in /etc, unless postinst installs it
<hads> ajmitch: Agreed, the ufw script only references the one in /etc
<ajmitch> twb: not in /etc/ufw/ufw.conf?
<twb> ajmitch: ah, yes, created by the postinst
<ajmitch>         if [ ! -e "/etc/ufw/ufw.conf" ]; then
<ajmitch>             cp $TEMPLATE_PATH/ufw.conf /etc/ufw
<ajmitch>         fi
<ajmitch> looks to be fairly basic
<twb> I feel that doing that kind of kludge will break the conffile semantics of /etc
<hads> Probably should be in /usr/share/doc/ but isn't.
<twb> It certainly breaks things like "apt-file search /etc/ufw"
<ajmitch> it is very common for files in /etc/ to be generated from postinsts
<twb> It's common for them to be *modified* by debconf-using postinsts.
<twb> The files still exist in the package, and are defined to be conffiles
<ajmitch> and this one is not a conffile, for whatever reason
<twb> Yes, that's my concern.
<ajmitch> why is it a problem?
<twb> I already gave an example: apt-file
<twb> Cruft will also fail to recognize that ufw.conf belongs to the ufw package.
<twb> (cruft(1), I mean)
<ajmitch> file a bug if you feel so strongly about it
<twb> So you agree that the current behaviour is wrong?
<hads> ufw seems like a reasonably good idea.
<twb> hads: granted
<hads> thanks :)
<ajmitch> no, I don't agree it's wrong at all, since the use of ucf was a deliberate choice
<ScottK> lamont: What did you do?
<lamont> I fixed it. :-0
<lamont> postfix config now blacklists a couple of popular-and-wrong values for mailname
<lamont> oh, and dlz support is turned on.
<lamont> now I just need to figure out how to package things so that I don't have to depend on pgsql/mysql libs in the base package
<twb> ajmitch: oh, I didn't notice it was using ucf
<ScottK> Hmmm.
 * ScottK goes to bed.
<lamont> delivering a file to /etc (and therefore as a conffile) when postinst modifies it is just plain stupid
<lamont> since it guarantees a question at every upgrade
<lamont> ScottK: er... dlz would be a bind9 comment.. oops
<ScottK> lamont: Thanks.  I was going to Google it tomorrow when I was more awake.
<lamont> the postfix 2.5.2-1 (??) upload is just translations and the blacklisting
<lamont> dlz == dynamically loadable zones
<lamont> and probably not something you care about unless you care about bind9
<ScottK> No.  Not particularly.
<twb> lamont: hmm, you're right.  Strange I've never noticed that files like /etc/ldap/ldap.conf aren't in the Contents tree,
<lamont> maybe I should go to bed, too.
<lamont> twb: you'll notice that /etc/postfix/main.cf isn't a conffile either
<twb> Er, /etc/ldap.conf isn't; /etc/ldap/ldap.conf IS.
<lamont> basically, one delivers the file into /usr/share or some such, and then copies it into /etc if it doesn't already exist
<lamont> heh.  ufw.
<lamont> hadn't noticed that package sneak in
<lamont> meh.  nuking that removes ubuntu-standard
<lamont> I guess it can stick around and chew up disk space
<twb> ubuntu-standard is only a metapackage
<lamont> only a meta package that makes upgrades work better.
<hads> ;)
<twb> I suppose there's that, too.
<twb> I was going to say "it's chief advantage is allowing you to markauto a bunch of stuff."
<lamont> hrm... ubuntu-meta 0.17 was the first time I uploaded that (jan 2005)
<lamont> heh.  and june 2005 was the last time I uploaded it.
<ajmitch> doesn't appear that I've uploaded that one
<lamont> I will admit to maybe being a little oldschool about iptables rules
<ajmitch> you look fondly back to the days of ipfwadm?
<lamont> then again, I don't find that any of the pretty tools for managing iptables (1) do the job adequately for my tastes and (2) actually make it easier to do
<lamont> iptables is trivially simple.  and therein lies the complexity that causes many people pain and grief
<lamont> wc /etc/firewall*/*
<lamont> ...
<lamont>  1521  8898 61922 total
<lamont> admittedly, that is rather extremely overkill
 * ajmitch only has a third of that in line count
<lamont> for i in mangle nat filter; do echo $i $(iptables -t $i -nvfor i in mangle nat filter; do echo $i $(iptables -t $i -nvL | wc -l); done
<lamont> mangle 116
<lamont> nat 117
<lamont> filter 1122
<lamont> L | wc -l); done
<lamont> mangle 116
<lamont> nat 117
<lamont> filter 1122
<lamont> stupid paste
<lamont> for i in mangle nat filter; do echo $i $(iptables -t $i -nvL | wc -l); done
<lamont> mangle 116
<lamont> nat 117
<lamont> filter 1122
<lamont> a fair chunk of filter is doing traffic accounting
<lamont> wc -l /proc/net/dev ==> 25
<lamont> ^^ that may be, too.
<uvirtbot`> lamont: Error: "^" is not a valid command.
<lamont> silly bots
<lamont> gssapi_link.c:296: warning: excess elements in struct initializer
<lamont> hrm.. oops.
<achandrashekar> helo. I am trying to do an install over pxe. and copied the contents of an 8.04 cd into the /var/www/ubuntu8.04 directory. However after pxe booting a system and pointing the pxe client to the address and path /ubuntu8.04/ it complains that it cannot continue. Any ideas?
<crevette> hello
<crevette> is there a way to use ubuntu-vm-builder to build an iomage for intrepid from hardy ?
<soren> In /usr/share/ubuntu-vm-builder/suites/, make intrepid a symlink to hardy. Likewise in /usr/share/debootstrap
<soren> Er.. /usr/share/debootstrap/scripts, that is.
<crevette> hello soren
<crevette> ubuntu-vm-builder is great
<soren> Yeah, it's not too shabby :)
<crevette> soren: it is not design to create desktop version ?
<crevette> at least I don't see parameter to speicfy the version you want
<crevette> I should pass ubuntu-desktop package to install ?
<soren> No, it's not.
<soren> But it should work anyway.
<soren> It was designed to spew out tiny images for various purposes (quick way of producing a clean environment for reproducing bugs, building appliances, etc.)
<hads> Would there be an advantage to using LVM over an image file for KVM guests?
<soren> If you actually want to install a desktop inside the vm, I'd actually suggest that you go through a proper installation.
<soren> hads: A few, yes.
<crevette> soren: okay
<hads> soren: Speed and resizability?
<soren> hads: Less overhead (probably not anything significant, but it's worth noting), and you're sure that you don't run out of space on the host and mess up your disk images.
<soren> Resizability, too, but strictly speaking, that can be achieved with disk images, too. Not quite as convenient, though.
<hads> Yeah, true.
<hads> There can't be too much more overhead with a loopback image can there?
<soren> probably not anything significant, no.
<twb> I'm confused.  I can mount vfat filesystems, but I have no /usr/sbin/mount.vfat.
<soren> twb: mount commands are in /sbin, usually.
<twb> Sorry, that's what I meant.
<soren> ...but even then, you  might not have one.
<soren> You only need a special mount command if the filesystem for some reason needs to pass binary data to the mount system call.
<twb> What replaced pmount in Hardy's gnome?
<soren> For general (not server specific) support visit #ubuntu
<twb> Sorry.
<hads> soren: Thanks for the tips.
<soren> any time
<hads> I don't think the advantages weigh up enough for me to bother, I think I'll just put images on a separate partition.
<achandrashekar> Hello. I need a little assistance with the pxe installation of clients.
<achandrashekar> Here is my issue - hello. Im running into a pxe install issue on my clients and I have assured the http location is okay. I get this - 192.168.1.155 - - [05/May/2008:15:35:59 +0200] âGET /ubuntu//dists/hardy/Release HTTP/1.1â³ 200 1757 â-â âWgetâ
<achandrashekar>  192.168.1.155 - - [05/May/2008:15:35:59 +0200] âGET /ubuntu//dists/hardy/Release.gpg HTTP/1.1â³ 200 189 â-â âWgetâbut my clients wont install past this. Any ideas?
<soren> achandrashekar: I doubt the interesting stuff is in the webserver logs on the server. What do the clients say?
<achandrashekar> soren: one sec..and ill get that for you as well.
<uvirtbot`> New bug: #235959 in samba (main) ""smbclient -L" gives NT_STATUS_LOGON_FAILURE" [Undecided,New] https://launchpad.net/bugs/235959
 * Surfer38 Visit http://www.FakeMagazineCover.com (upload pic make mag) - http://www.SillyWebcam.com (play with webcam online) - http://www.Is-A-Jerk.com (insulter/anon email) - http://www.ComedySearchEngine.com (fun) - http://www.BodySwitcher.com (put your face on funny body) - http://www.MedChecker.com (health) - http://www.Canuckster.com (Canada eh) - http://www.Nerdful.com (geeks)
* Surfer38 changed the topic of #ubuntu-server to: -=[ www.WHAK.com ]=- Make Free/Fun Graphics Online At http://www.ImageGenerator.org =)
<soren> ffs
* soren changed the topic of #ubuntu-server to: Ubuntu Server discussion and support | For general (not server specific) support visit #ubuntu | Get involved: https://wiki.ubuntu.com/ServerTeam/GettingInvolved | Guide to asking questions on IRC: http://www.sabi.co.uk/Notes/linuxHelpAsk.html | http://www.catb.org/~esr/faqs/smart-questions.html | Be patient.  Don't ask to ask, just ask. | server guide: http://tinyurl.com/65jzxw | https://wiki.ubuntu.com/ServerTeam
<achandrashekar> soren: I have INFO: Falling back to package description or console-setup-udeb
<soren> That's fine.
<achandrashekar> soren: I think i might know what is going on.. the wget  -q http://ubuntuserver/ubuntu8.04//dists/hardy/main/binary-i386/Release -O | grep Architecture
<achandrashekar> soren: it appears that there is // after the ubuntu8.04
<achandrashekar> soren: is that the issue where it cant find the package??
<achandrashekar> packages?
<soren> I wouldn't know.
<soren> You set up the server?
<_ruben> the // shouldnt pose a prob
<soren> Try fetching the url and see if it work.
<soren> s
<achandrashekar> the url is fine
<achandrashekar> i just simply type in a browser and it goes
<achandrashekar> could be a signature issue? the last thing that appears on the client log is Ubuntu CD image autmation signing key
<achandrashekar> soren: okay...I do get a warning messafe WARNING **:bad d-i Packages file
<soren> Now, *that* sounds significant.
<soren> Is your mirror a straight copy of a CD?
<achandrashekar> soren: yes...
<achandrashekar> soren: I d'ld a ISO and then cp -r the contents of it to /var/www/ubuntu8.04
<kraut> moin
<achandrashekar> hello..this is the error i am experiencing is very similar to this - http://ubuntuforums.org/showthread.php?t=409232
<achandrashekar> any help would be great.
<achandrashekar> Im wondering if the alternate cd is what I should be using INSTEAD of the standard desktop ISO. This is very strange indeed.
<c1|freaky> hi all. im using mod_auth_mysql with apache2 on hardy server but it says (error log): Unsupported encryption type: crypt but it should be supported as of the documentation of the module. can anyone tell me if im missing something?
<uvirtbot> New bug: #236003 in mysql-dfsg-5.0 (main) "crash mysql server when install in new ubuntu 8.04" [Undecided,New] https://launchpad.net/bugs/236003
<emgent> morning
<CrummyGummy> Hi all, I'm trying to add sasl auth to my postfix smtp server. The error is as follows. :SASL authentication debug: could not find auxprop plugin, was searching for 'sql': Any idea what I've forgotten to install? I'm using postfix 2.5.1 on feisty.
<thomas__> CrummyGummy do you see a line in your postfix file that says auxprop_plugin=sql?
<CrummyGummy> auxprop_plugin: sql
<CrummyGummy> yes
<thomas__> change it to auxprop_plugin: none
<thomas__> and see what it does
<CrummyGummy> k
<CrummyGummy> SASL authentication debug: could not find auxprop plugin, was searching for 'none'
<thomas__> ok remove the none and just leave it blank
<thomas__> or try mysql
<CrummyGummy> k\
<thomas__> I suggest trying mysql
<thomas__> then leaving it blank
<CrummyGummy> k, blank broke it. badly... Then mysql has the same result.
<thomas__> well then, I suggest removing the plugin altogether
<lukehasnoname> http://asyd.net/docs/cyrus-options.html
<lukehasnoname> Check that CrummyGummy
<lukehasnoname> second or third row MIGHT help
<thomas__> Hey...I was about to post that
<thomas__> :P
<lukehasnoname> Also pwcheck_method
<lukehasnoname> heh
<CrummyGummy> tks
<stiv2k> Help, my server went down and I am at a remote location from it and I dont know its MAC address for WOL.  How can I determine the machine's MAC address so that I can attempt to wake it up?
<achandrashekar> Hello I figured out my PXE boot issues with clients. Appears you need to have the alternate CD and NOT the desktop cd to drop into to /var/www/whateverdistro
<achandrashekar> thanks for fielding my questions earlier in the day.
<achandrashekar> PXE works nicely now.
<achandrashekar> stiv2k: not sure if you can take a look at logs for the "lat" time you log it in to it...or perhaps ping has a flag associated with it...but i doubt it. (Thinking out loud here...)
<achandrashekar> "lat" --- is "last"
<stiv2k> achandrashekar: I cant access it, the machine has lost power about 5 hours ago
<achandrashekar> stiv2k: damn that is a tough one..im thinking whether ssh logs has that info or not
<stiv2k> achandrashekar: oh shit good idea
<stiv2k> achandrashekar: I was ssh'ed into it last night
<achandrashekar> stiv2k: thats just thinking out loud..which sometimes yields unexpected answers..:)
<stiv2k> ehh
<achandrashekar> meaning...im not sure...lol
<achandrashekar> but worth a try.
<stiv2k> I wouldn't know where to look
<achandrashekar> /var/log/syslog??
<achandrashekar> or /var/log/auth.log ?
<kees> zul: say, can you check on this CVE and let me know how it stands for us: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5498
<uvirtbot> kees: The Xen hypervisor block backend driver for Linux kernel 2.6.18, when running on a 64-bit host with a 32-bit paravirtualized guest, allows local privileged users in the guest OS to cause a denial of service (host OS crash) via a request that specifies a large number of blocks. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5498)
<RoAkSoAx> anyone know if there's a bug related to HH Desktop and VMware Server, where from time to time it seems to restart gdm?
<kirkland> hey guys, I submitted the ubuntu-virt-server and ubuntu-virt-mgmt metapackages to REVU: http://revu.ubuntuwire.com/details.py?package=ubuntu-virt
<kirkland> anyone out there with revu-fu, I'd appreciate feedback
<cameronh> are there any packages that provide UPnP NAT traversal (UPNP IGD i think)
<leonel> hey what's going on with  www.ubuntu.com ??
<Jeeves_> leonel: He, wrong banner, it seems :)
<Jeeves_> And some weird errors
<leonel> there was the drupal error saing that can't connect to the database
<Jeeves_> I guess someone is fiddling about with the website
<Jeeves_> leonel: They're working on it
<leonel> Jeeves_:   i see
 * Jeeves_ is afk
<lukehasnoname> #236148
<achandrashekar> hello..im working with kickstart file..which i noticed has samab authentication. I am looking to authenticate with a samba box which i have verified authenticates my XP clients. what extra is need to make this work??
<achandrashekar> specifically any other info in kickstart??
<mathiaz> kirkland: you should register blueprints for the ubuntu project: https://blueprints.launchpad.net/ubuntu/+addspec
<kirkland> mathiaz: thanks, i found my way there
<kirkland> kees: I'm working on the blueprint for RAID Booting into Degraded mode
<kirkland> kees: I think you had some links to background and discussions on the matter
<kirkland> kees: I couldn't find a gobby document for that session
<kirkland> sommer: you know if we had one?
<kirkland> kees: I found this in the IRC log
<kirkland> May 21 08:05:55 <kees>  https://lists.ubuntu.com/archives/ubuntu-devel/2007-September/thread.html
<sommer> kirkland: do mean links before uds?  here's a link to the notes: https://wiki.ubuntu.com/UDS-Intrepid/Report/Server?highlight=(intrepid)#head-75c995bdf63bb5afe0f08461aba9200b6c95814f
<sommer> kirkland: the gobby document I have saved is intrepid-server-softwareraid.notes, and it's the same content that's in the wiki
<kirkland> sommer: awesome, perfect, thanks!
<sommer> np
<kees> kirkland: yeah, sommer got the link I posted before.
<kees> let me paste the check-list I wrote down
<kirkland> kees: thaanks
<kees> kirkland: http://pastebin.osuosl.org/7491
<kees> I already made the 180 -> 30 second change and uploaded it
<kirkland> kees: oh, good
<kees> really the place to look for doing the work is in mdadm debian/initramfs/init-premount mountroot_fail
<kees> (and similarly for lvm2)
<kees> TheMuso already did the core framework for it
<kees> now just a flag to do auto-starting is needed.
<kees> (and potentially changing the framework to allow for an error handler to abort the panic-to-a-shell situation)
<kees> the bigger engineering problem, I think, is getting the installer (or, honestly, grub) to DTRT when it find /boot on an RAID, and splat itself on both drives, adjusted appropriately
<kirkland> kees: I've solved that problem for anaconda/grub/booty in 2005
<kees> for that, see my rant here: http://www.outflux.net/blog/archives/2006/04/23/grub-yaird-mdadm-and-missing-drives/
<kees> the trick is getting grub's install onto the non-primary drive to THINK it's the primary drive
<kirkland> kees: oh, right
<kirkland> kees: sorry, i should have said anaconda/yaboot/booty
<kirkland> kees: http://osdir.com/ml/linux.redhat.anaconda.devel/2005-05/threads.html
<kees> hehe
<kees> yeah, I'll be SO glad when this is fixed for grub.
<uvirtbot> New bug: #236167 in drbd8 (main) ""local disk flush failed with status -5" with drbd8 over LVM" [Undecided,New] https://launchpad.net/bugs/236167
<kirkland> kees: you think it's realistic to scope this to Grub only?  (ie, not lilo?)
<kees> kirkland: we don't use lilo for default installs, so I think that's fine.
<kirkland> kees: thx
<kirkland> kees: surely someone will complain, and I'll gladly review lilo patches ;-)
<kees> bingo! :)
<kirkland> kees: I don't understanding this comment... can you expound?
<kirkland>  * default boot failure (auto-start lacks failure discoverability)
<kees> kirkland: sorry, that was one of the "problems", in that it's not obvious *why* a boot fails.  I think this was addressed by the changes made by TheMuso
<kirkland> kees: cool
<kirkland> kees: okay, i think i have enough for a decent first draft https://wiki.ubuntu.com/BootDegradedRAID
<kees> "Packages affected: mdadm, grub, initramfs, udev, lvm2" that alone makes me want to go hide.  ;)
<kees> kirkland: for the use-cases, please re-word them to be the "here's a successful path of action a user encounters when this is fixed".  e.g. https://wiki.ubuntu.com/NetworkRoaming
<kirkland> kees: thanks, fixing
<kees> kirkland: the rest looks great
<kees> obviously the implementation will need to be filled in a bit before you really start hammering away at it.
<kees> but that usually happens after you review the code and packages a bit more
<kirkland> kees: sure.  i need to get a better handle on what needs to fixed *where* for that
<kees> kirkland: right.  (in the past, some of this happened during UDS -- which I think makes way more sense, you can have all the people that know a given area physically in the room with you.)
<kirkland> kees: see how these use cases work for you: https://wiki.ubuntu.com/BootDegradedRAID
<kees> kirkland: good start -- I was coached to change my use-cases to past-tense, i.e. "here's what happens once this spec is implemented".  e.g. "Kim remotely administers her systems, where she has taken great care to use redundant disks in a RAID1 configuration.  After rebooting her system after a primary drive failure, the system automatically boots from the secondary drive and brings up the RAID in degraded mode, because she select 'boot in degrade
<kees> same for the other one (outlining the non-auto boot)
 * kirkland thinks back to Tech Writing for CompSci where present tense was preferred
<kirkland> kees: I never did like that prof anyway ;-)
<kees> yeah, it's a bit weird.  I don't really mean the tense, but the "future"
<kees> i.e. here's what happens when someone uses the working feature
<kirkland> kees: ah, okay
<kirkland> kees: basically, i need to "complete" the use case
<kirkland> kees: I kind of leave them hanging right now
<kees> kirkland: you could describe each of the various steps (on boot failure, a description of the problems is shown, and user is dropped to an initramfs shell)
<kees> yeah, see how I ended up writing up the NetworkRoaming one
<kees> (mine could have been better in that one)
<kees> anyway, I'm just getting picky -- I think if you show each possible path through the imagined boot system, you'll be fine.
<kees> I'd see the cases as all being about "when drive fails": bootable at all (grub), drop to prompt quickly (30s), report lack of root fs earlier with option to drop to prompt immediately (abort rootfs wait), at prompt report state of system and how to boot degraded (framework: done?), don't drop to prompt at all and boot degraded automatically, installer configuration for degraded boot option, post-install configuration change for degraded boot
<kees> so, if each of those are written up as a separate use-case, you should be good.
<kirkland> kees: okay, i updated the two i have
<kirkland> kees: i'll go write some more use cases then
<kees> cool
<danshearer> 'evening all
<danshearer> Are gobbies only running during a UDS?
<danshearer> (those who haven't seen a UDS, I'm referring to gobby.ubuntu.com, highly useful for collaborative doc development)
<danshearer> kirkland: hello!
<kirkland> danshearer: howdy, howdy
<kees> danshearer: I'm not sure, things seem to have gone missing from gobby.u.c after UDS ended
<kirkland> kees: yeah, i was looking at gobby earlier today, and there seem to be some missing docs too
<danshearer> so atm we don't have the historical stuff either. ok... is there somewhere in the wiki where it is acceptable
<danshearer> to create scratch in-progress documents like a poor man's gobby?
<kirkland> danshearer: see https://wiki.ubuntu.com/UDS-Intrepid/Report/Server
<kirkland> danshearer: oh, sorry, i misunderstood your question
<kirkland> danshearer: i mean that I found most of what I was looking for in gobby had mad it's way into that report
<kirkland> danshearer: you can use a pastebin for that too
<danshearer> kirkland: which is good, I need to study it then. thx
<kirkland> danshearer: pastebin.ubuntu.com uses an inferior pastebin implementation, IMHO
<danshearer> kirkland: pastebin does simultaneous concurrent writers? wow
<kirkland> danshearer: see pastebin.com
<kirkland> danshearer: or better yet, ubuntu.pastebin.com
<danshearer> sure, just never used it that way
<kirkland> danshearer: that one has some neat features, such as syntax highlighting, versioning, and diff's
<kirkland> danshearer: you'll want to set the timeout of the page higher than the default few days
<scuffio> hy there
<kirkland> danshearer: sure.   i'd say it can be used as a "poor man's gobby", as you say
<kirkland> danshearer: as for simultaneous concurrent writers, pastebin is more like a wiki in that sense
<kirkland> danshearer: your other option is Google Documents
<danshearer> kirkland: just tried it out, I'd call it poorer than wiki but richer than nothing :-) thanks!
<kirkland> danshearer: which is friggin cool, just like gobby....  you and I work on the same same document, and i can see you typing in real time (more like gobby)
<danshearer> so I've just written up the server analysis stuff (bug#0) and wanted to throw it open for contribs somehow
<danshearer> looks like I maybe go to Google docs and hand over my DNA to create an account
<danshearer> kirkland: thanks
<kirkland> danshearer: hmm, well, if it's a well formed document, and you intend it to be at least semi-long-lived, the wiki is the right place for it
<danshearer> it's going into launchpad as its final home. but I want to invite contributions to cover obvious misstatements
<kirkland> danshearer: sounds wiki-able to me
<danshearer> ok off I go (ever the Ubuntu brand-new-isn't-this-exciting person :-)
<achandrashekar> hello..im working with kickstart file..which i noticed has samab authentication. I am looking to authenticate with a samba box which i have verified authenticates my XP clients. what extra is need to make this work??
<achandrashekar> and...
<achandrashekar> after the kickstart install the hostname is automatically set as kickseed...how do you change this such that each host is different?
<achandrashekar> anyone a kickstart expert..and why all clients take on the hostname of "kickseed"
<achandrashekar> how do you change this behaviour??
#ubuntu-server 2008-05-31
<zul> kees: for you....anything
 * kees hugs zul
<m_newton> IS there any RECOMENDED/Needed security measure when runing a web server??
<m_newton> Help?  IS there any RECOMENDED/Needed security measure when runing a web server??
<m_newton> are the ppl in this fourm dead?
<Jeeves_> Why is it, that Microsoft is stepping away from the GUI tools and into the shell-tools, and Ubuntu is going to focus on writing GUI tools for the server
<Jeeves_> ?
<Jeeves_> As described here: https://wiki.ubuntu.com/ServerTeam/Bug0
<Kamping_Kaiser> my main query (use of gui tools aside) is, why arnt existing ones being adapted instead of new ones written
<Jeeves_> Kamping_Kaiser: Because everyone can dot it better :P
<Kamping_Kaiser> Jeeves_, hehe :P
 * Kamping_Kaiser imagines booting ubu-serv - "hi, i'm the ubuntu logo, do you need help configuring a server?"
<Jeeves_> My gui tool is better than yours! (Even though, they all suck)
<Jeeves_> ARe you sure you want to add this user?
<Jeeves_> Really?
<Jeeves_> Really really?
<Kamping_Kaiser> lols
<Kamping_Kaiser> "Offer a scalable, robust, standards-compliant mail server. The answer will frequently be âdoes it talk natively to unmodified Outlook clients, and unmodified Exchange servers?â" <-arnt these two items directly at odds?
<Jeeves_> Kamping_Kaiser: Indeed, they are
<Kamping_Kaiser> Jeeves_, oh good, i was doubting my sanity for a tick there
<Jeeves_> I don't want to sound negative or something, but I somewhat hope this bug doesn't get fixed.
<Kamping_Kaiser> Jeeves_, i'm still not sure what the bug /is/
<Jeeves_> The first part of the bug is great, ditch M$ in the server environment. But the way to get there IMHO is defenitly not what is described in there.
<Kamping_Kaiser> nod
<Jeeves_> Kamping_Kaiser: That M$ sells too many ISA servers
<Jeeves_> And Exchange servers
<Jeeves_> And that Ubuntu needs to be changed so people start to use that
<Kamping_Kaiser> hm. then i'm with you - agree with the bug, not sure i like the chosen path
<Jeeves_> Instead, you should start by fixing evolution so that it doesn't grow to 2gb memory footprint when using calendars
<Jeeves_> Fix something that enables you to do normal calendaring (as exchange does)
<Jeeves_> Than, you are able to get far with the current tools
<Jeeves_> The problem isn't the configuration of the features
<Jeeves_> The problem is the inexcistence and/or brokenness of the features
<Kamping_Kaiser> now apples calnedar server is in debian (and probably ubuntu) that job will probably have just got much easier
 * Kamping_Kaiser is in the process of setting itt up at work atm
<Jeeves_> ah let me know how that goed
<Jeeves_> s/d/s
<Kamping_Kaiser> can do.
<Kamping_Kaiser> only got as far as installing the packages ("backported") before getting another thing to work on, but will do
<shtoom> hi can I use uck to build customized ubuntu servers ?
<scuffio> hi
<scuffio> there is anybody here  ?
<scuffio> sorry
<scuffio> is there...
<scuffio> :)
<n6rej> yeah
<scuffio> Hi
<scuffio> I'd like to be a memeber of this team
<scuffio> what i have to do  ?
<n6rej> scuffio: https://wiki.ubuntu.com/ServerTeam/GettingInvolved
<n6rej> scuffio: i'm not a dev so I can't tell you but that will
<scuffio>  ok mate
<scuffio> thk
<n6rej> np
<scuffio> I've a problem with launchpad.
<scuffio> basically, I don't recive the email
<scuffio> in order to complete the registration
<scuffio> someone can help me   ?
<scuffio> https://launchpad.net/~ubuntu-server/+join/+login
<Erosion> Is OpenSSL installed by default on ubuntu-server?
<jpds> emgent: yeah
<jpds> err, he left, sorry emgent
<Terrasque> heh. Found an old bug.. http://ubuntuforums.org/archive/index.php/t-583958.html - that one is apparantly not fixed yet.
<Terrasque> after upgrading from feisty to gutsy I encountered it, on my root partition, no less. Leaving me with the very basic init system to fix things.. Is there a text editor in that system, btw? I couldnt find any, and had to resort to cat, sed, cp and mv
<will01> if i have a vpn server thats connected to the switch, and the switch is connected to a router, which is plugged into the modem, will i be able to use that vpn anywhere?
<lamont> will01: I'm having trouble parsing your question...
<InsomniaCity> will01: that depends on how your router is set up
<lamont> by "anywhere" do you mean "in even one location" or "everywhere"
<lamont> and in any case, the answer is "you'll be able to use that from anywhere that has IP connectivity (can reach) the vpn server, which, in turn, depends on the config of all of those devices, as well as possibly your ISP (some ISPs hand out RFC1918 addrs to their customers, which is really just sad...))
<lamont> will01: your question basically boils down to "if I plug something into my switch, can I talk to it from anywhere?"...  and the answer winds up being "it depends"
<will01> ok
<lamont> I have run vpn endpoints with a topology of: internet -> modem -> router -> switch -> vpn many times.. my current config is slightly different in immaterial ways.
<lamont> brb
<will01> i got it figured out, forgot to configure the dmz doh
<methods> anyone home ?
<methods> rubygems keeps saying it can't find sqlite3.h even though i have the dev package installed
<methods> i had to get it from universe
<RainCT> Hi
<RainCT> Is it possible to let SSH listen on port 80 or will this kill penguins? :P
<stickystyle> RainCT: You can have ssh listen on any port you want.
<stickystyle> providing that it doesn't have something already running on it.
<RainCT> Ah. So if there's already Apache on port 80 SSH can't run there, or?
<stickystyle> Yes, if apache is already running on port 80 you cannot run sshd there also.
<stickystyle> I'm thinking your trying to get past a proxy...am I right?
<RainCT> not sure what it is, but yes :P
<RainCT> I'm building a server as baccalaureate research project and the PC is at school
<RainCT> and I'm waiting since weeks for the technicians from the education department who give the internet to open the ports (until now they've only opened 80)
<stickystyle> Ah.
<stickystyle> So if you already have apache running on port 80, and port 80 is the only port that you have open on the server, i guess your kind of stuck for ssh access.
<stickystyle> there are little php apps out there that will give you a kind of shell through your web browser, but they are ridiculously insecure and i could never recomend running on.
<RainCT> right. well, thanks :)
<JanC> there is a python one too
<JanC> and AFAIK it is secure enough if you use decent authentication/encryption   ;)
<lamont> RainCT: you could do abusive things with openvpn and iptables DNAT - but that's a very long discussion that I don't have time for
<RainCT> JanC: well, I guess I'll wait for a while more before falling back to such stuff
<lamont> (if the source port is XXXX then DNAT to the openvpn instance, otherwise, let it through to port 80
<lamont> or I suppose you could do that with SSH as well
<mfournier>  
<lamont> ssh -D XXXX -p 80 server  - and then the server has iptables -t nat -A PREROUTING -p tcp --sport XXXX --dport 80 -j DNAT --to-destination :22
<lamont> the downside to that is that every now and then, some poor web user will get an ssh connection instead of an http connection...
<RainCT> lamont: what would the XXXX there be?
<lamont> some number, probably >= 1024, definitely <= 65535
<RainCT> ah, I see. the local port to use, right?
<lamont> note also that circumventing an organization's firewall usually has some administrative penalties attached to it....
<lamont> yes
<RainCT> great, thanks
<lamont> of course, if the client goes through any sort of NAT firewalling or a proxy, then that won't do anything for you, since the port is likely to be different then
<UbuntuJul> hi everyone - Linux newbie here, having some troubles getting PHP to "work" - anybody feel like spreading some love?
<emgent> heya
<RainCT> bye
<firehead_eom> hey guys.
<firehead_eom> i have a question about setting up a mail server using a SQL database to hold virtual domains and users.
<firehead_eom> so far, i've followed the default 'tasksel' to install a standard mail server, but alas, the howtos i've found end with me needing to use phpmyadmin to create users and no easy way to connect via imap.
<firehead_eom> any help would be greatly appreciated.
<nealmcb> firehead_eom: what do you mean, no easy way to connect via imap?  is the dovecot server installed?
 * nealmcb notes that you may find more folks around to help during the week
<firehead_eom> nealmcb: i installed dovecot, but i believe my settings are such that when i try to connect using an email client, the connection is actively refused, leading me to believe it's most likely a mysql problem
<nealmcb> is the port open?
<nealmcb> what exactly do you see?
<firehead_eom> true.. i'm in no hurry to set this up quickly, but i wanted to see if help could be found.
<sergevn> firehead_eom: try using syscp
<firehead_eom> i'm sad to say i won't be able to answer that question. I realised that i'd muddled the settings a bit too much and proceeded to apt-get --purge remove all non-core packages from the server.
<firehead_eom> i have to admit, i'm kind of new to setting up a mail server with a sql backend.
<nealmcb> sergevn: doesn't look like syscp is packaged for ubuntu - do you know why not?
<sergevn> nealmcb: syscp is an complete ISP package, it contains smtp(postfix, dovecot etc) ,http(apache) and ftp(proftpd)
<sergevn> nealmcb: all based on mysql
<firehead_eom> oh.. interesting.
<sergevn> yes, and it's opensource ofcourse :)
<nealmcb> sergevn: still seems like it would be nice to have the isp-specific things in a package, and use the standard tasksel for all those things
<nealmcb> otherwise os upgrades can be more difficult
<nealmcb> is there an up-to-date howto on using syscp in ubuntu?
<sergevn> nealmcb: yes, just use the debian-etch howto on their website
<sergevn> nealmcb: i currently have it running on gutsy.
 * nealmcb wonders how the config is different....
<sergevn> nealmcb: not that different, it also works on freebsd
<sergevn> it's application dependand, not OS dependand :)
<sergevn> maybe the peeps on #syscp could give you a better explanation ;)
<sergevn> ;) = :)
<sergevn> I have it running on my hosting servers and works perfect.
<sergevn> Safe by design :)
<nealmcb> well, offhand I'd recommend using standard packages - easier security updates, better ubuntu support etc
<sergevn> nealmcb: yeah, that's the catch, with syscp you are using packages of your distro. sysscp is only a set of phpscripts :)
<nealmcb> catch?
<sergevn> catch/trick/advantage
<nealmcb> if syscp uses standard packages for most stuff, then again I wonder why it isn't packaged already itself
<sergevn> just copy the php files in your webroot
<firehead_eom> wouldn't that mean, however, that if the packages themselves are changed, then syscp may not be able to recognise that change and break?
<firehead_eom> then again, it's worth a look/try.
<sergevn> firehead_eom: could be with an dist-upgrade, but not likely
<firehead_eom> thanks sergevn :)
<firehead_eom> and thanks to you too nealmcb.
<sergevn> syscp has very good documentation and irc support :)
<sergevn> firehead_eom: no prob, you can always contact me if you have problems with installing it
<sergevn> nealmcb: you too
<sergevn> to make it clear, you just install the postfix-mysql package allong with your normal postfix install.
<sergevn> in the configuration file you put the SQL query's that is documented on their website and in the syscp panel itself while installing
 * danshearer is away: Zzzz
<samuel> Can anyone help me with getting the image GD installed for php?
<nealmcb> !ask | samuel
<nealmcb> samuel: ï»¿Guide to asking questions on IRC: http://www.sabi.co.uk/Notes/linuxHelpAsk.html  | Be patient.  Don't ask to ask, just ask.
<samuel> Oh, sorry.
<nealmcb> :)
<samuel> Anyways, I found the solution to my problem. =/ I was just searching for the wrong terms.
<nealmcb> samuel: yeah - I often find that just crafting a good question is all I need to figure out the answer :)
<seisen_> i tried settting up raid on a server but there is a previous raid setup on there that can't be deleted because it keeps popping up that its still busy, how can I get rid of it.
<samuel> nealmcb: It's hard as hell to google for what you're trying to do, when you've used windows all your life. The excessive use of command line probably discuouraged people from properly documenting things, or something.
<nealmcb> seisen: I don't know, but more specifics (versions, error messages, etc like in that guide above) will make it more likely that someone else can hep
<nealmcb> help
#ubuntu-server 2008-06-01
<osmosis> is there anyway to reboot my machine if I am getting this?  -bash: /sbin/reboot: Input/output error
<stickystyle> osmosis: Dono what that means, but you can try 'init 6' to reboot.
<osmosis> stickystyle: just type init 6 ?
<stickystyle> yes
<osmosis> stickystyle: hmm..no error msg, good sign. not sure if anything is happening.
<osmosis> kernel: Cannot read proc file system: 9 - Bad file descriptor.
<osmosis> how do I remount proc ?
<osmosis> stickystyle: init 6 doesnt seem to be doing anything
<stickystyle> Hum... thats bascily what reboot does.
<stickystyle> goes though all the kill scripts /etc/rc6.d
<stickystyle> Hum, I'm not sure what that all means, sorry.
<osmosis> how do I setup software raid with ubuntu ?
<nijaba> !raid
<faulkes-> !uboto
<osmosis> what is an 'interrupt' ?
<cn28h> Trying to install 8.04 on qemu, but it can't find my cdrom.. any ideas?
<uvirtbot> New bug: #236459 in dovecot (main) "IMAP: inotify_init() failed: Function not implemented" [Undecided,New] https://launchpad.net/bugs/236459
<nxvl> zul: please give a look at Bug #236373, do you think that a SRU is recommended for this issue?
<uvirtbot> Launchpad bug 236373 in nagios2 "'/etc/init.d/nagios2 reload' causes nagios to exit (sends SIGTERM not SIGHUP)" [Low,Confirmed] https://launchpad.net/bugs/236373
<nxvl> zul: btw, i'm already home, so shut the package you ask me to help with :D
<celephais> Hi, i have created a vm with virt-manager, exported via vnc, but to connect i have to create a ssh tunnel because vnc server il bounded to the loopback interface. How can i connect from another host without the tunnel?
<Wilde_Sehnsucht> is that possible to shape server INCOMING traffic for the list of IP addresses? how? (tc?)
<uvirtbot> New bug: #236528 in mysql-dfsg-5.0 (main) "Update of "mysql-server_5.0.51a-3ubuntu5.1_all.deb" failed" [Undecided,New] https://launchpad.net/bugs/236528
<cn28h> Anyone have luck installing 8.04 in qemu? I'm not having any
<cn28h> it can't find my cdrom drive
<The_Kernel> http://pastebin.ca/1036268
<The_Kernel> I receive that error whenever I try to login
<The_Kernel> and when I try a root login, it tells me that i enter in the wrong password(I presume it isn't set)
#ubuntu-server 2009-05-25
<giovani> MianoSM: except that webmin is not "supported" by ubuntu, while ebox is
<MianoSM> Due to debians standards?
<giovani> standards?
<giovani> due to ebox working cleanly with configs, and webmin not, I believe
<MianoSM> Or policy
<giovani> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system. See !ebox instead.
<giovani> so no, I don't think it's a free software issue
<giovani> it's just a functionality issue
<MianoSM> http://www.debian.org/doc/debian-policy/ch-files.html#s-config-files
<MianoSM> It is because of how webmin handles the config files, and when debian dropped the "support" as did Ubuntu. :(
<giovani> right ... webmin is awful anyhow
<MianoSM> In your opinion.
<giovani> what else does one state?
<MianoSM> Facts.
<giovani> haha, not really
<giovani> but anyway
<MianoSM> I believe at the moment there are more plugins available for the wm users as well, has ebox caught up yet?
<giovani> I believe you can count the number of people in this room who use a web gui on one hand
<giovani> I definitely don't
<giovani> (so I don't know)
<MianoSM> I don't either, however, I do teach younger system administrators...
<giovani> hopefully you aren't encouraging them to use web guis ...
<MianoSM> and quite a few of them enjoy having a visual reference above and beyond CLI that they eventually and inevitably come to enjoy.
<MianoSM> I don't encourage anyone to use a web gui if they are going to administrate a server, no.
<giovani> but you support web guis in your "teaching"?
<MianoSM> I just like to keep an open mind
<MianoSM> and when they say: "Is there any other way that I could view X, aside from the command line?" I have answers
<MianoSM> Just like when people say: "I use windows", I don't shun and insult or make petty jokes about it either.
<MianoSM> We all have our opinions and choices to make, and what suits one will not suit all. It's really what brought about Linux if you think about it. ;)
<giovani> of course, but equally weighting methods which the vast majority of professional linux administrators would agree are bunk and ones which are widely used is an unfortunate occurrence in "teaching"
<MianoSM> If people want a shortcut, they are either going to find out on their own, or you can hopefully guide them. I used eBox myself, and when I first started managing my own personal server I used webmin. It was comforting for the transition
<GullyFoyle> but eventually the training wheels gotta come off, might as well start woth CLI
<MianoSM> Of course, you just can't beat a person without telling them why you are beating them. ;)
<giovani> discussing GUIs is fine ... but supporting students in using them is a mistake
<giovani> it's what's bred the large army of incompetent modern linux admins
<GullyFoyle> it's like driving a car, if you start out on a standard shift, you can always move to an automatic, but vice-versa is not as easy
<MianoSM> Really?
<MianoSM> Starting at the hardest level and then moving down to easier levels, seems a little odd.
<MianoSM> I know I didn't start at the 12th grade, and finish at the 1st ;)
<giovani> MianoSM: right ... nobody does that, that's the point
<giovani> MianoSM: in 1st grade they didn't teach you 12th grade material with pretty pictures instead of text
<MianoSM> I started by adding apples in one hand to apples in the other.
<giovani> I'm certainly not advocating throwing a student into a pit with no instruction
<GullyFoyle> sink or swim
<giovani> but giving the wrong instruction at the early stage is a crtical mistake, and very difficult to undo, as GullyFoyle pointed out
<MianoSM> These are windows admins transitioning to a linux environment, or even worse, windows users transitioning to linux administration, training wheels help out greatly.
<giovani> MianoSM: well we clearly differ on that
<MianoSM> There are always lash backs, and repercussions for wrong instruction.
<giovani> what windows admins need is to relearn everything from scratch rather than "transition"
<MianoSM> I just feel as though you seem very closed minded.
<MianoSM> eBox, or Nothing!
<MianoSM> don't use something that is unsupported!!!
<giovani> I'm not an advocate of ebox at all
<giovani> I've never used it
<giovani> I don't use web guis, nor would I ever teach them
<MianoSM> so how would you really know if ebox or webmin would suit someone better?
<giovani> because it isn't about suiting someone better
<giovani> that's how I approach this
<GullyFoyle> ok mebbe i was trolling a bit. let's try another analogy; do you teach your kids to add and subtract by handing them a calculator?
<MianoSM> depends on the situation
<giovani> oh boy
<jmarsden> GullyFoyle: Do you teach them advanced multivariable calculus first ?
<giovani> this is hopeless
<MianoSM> the last two finance courses i took taught to both use a financial calc, a spreadsheet, and the long way
<giovani> MianoSM: if you hand someone a tool to do a function they do not understand first, you should be stripped of your teaching title
<giovani> in any subject
<MianoSM> So judging.
<jmarsden> giovani: So noone can be given a computer to use until they fully understand all of it?  Interesting approach...
<MianoSM> I'll be back in a bit, sorry to leave while the convo was just getting good. :(
<giovani> judging on content ... that's the right kind of judging
<giovani> jmarsden: if the subject you're teaching them is the workings of a computer ... absolutely not -- which is why computers are not used in Computer Science 101
<giovani> or 102
<giovani> or 103
<giovani> etc
<GullyFoyle> hmm, another analogy, is my kid "playing" the piano when he pushes the demo button on his electric keyboard and it plays a tune?
<jmarsden> I certainly used computers in my first year of undergraduate Computer Science study... back in 1980-1981...
<jmarsden> GullyFoyle: No, but he did just learn one small part of the UI of that keyboard.
<giovani> jmarsden: as part of the teaching?
<GullyFoyle> and i'm not saying he should learn advanced polytonal harmonies or whatever before he learns to play an instrument
<GullyFoyle> but learning to admin throught the CLI is like learning basic scales and chords and simple tunes first on your instrument.
<jmarsden> giovani: I didn't teach the classes... but yes.  From memory, we were taught Pascal, and PDP assembler, and also basic computer architecture and so forth... in parallel, during that first year.
<giovani> jmarsden: that would be a poorly planned cirriculum, imo
<fbc-mx> Can any wireless device be a MASTER(Access point) on Ubuntu server?
<uvirtbot> New bug: #380087 in openldap (main) "package slapd 2.4.15-1ubuntu3 failed to install/upgrade: subprocess post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/380087
<giovani> fbc-mx: the device must support the mode
<giovani> fbc-mx: as much of wireless communication is offloaded into the card, not all contained in the driver
<giovani> fbc-mx: do you have a particular card you'd like to use?
<fbc-mx> giovani, not really I found a USB wireless stick and plugged it in to the back of my box and tried to set master mode, I suspected that it might not be supported with every device, hence the question.
<giovani> fbc-mx: I believe every major chipset supports it, what driver is in use, and/or what chipset is it, if you know?
<fbc-mx> giovani, I have another wirless device laying around in a drawer somewhere I'm gonna try it out in a minute.
<giovani> fbc-mx: any luck?
<fbc-mx> giovani, dunno it's a digius dn-7003gs
<giovani> ok, iirc, that's a Realtek chipset
<fbc-mx> giovani, I guess I can use it for a CAN-tenna project is it has no master mode.
<giovani> it should support master mode
<giovani> it has a Realtek 8187L chipset
<fbc-mx> giovani, I don't understand then,, I did an Ifdown beofre making changes to it...
<giovani> fbc-mx: hold on, I'm talking to some people who know more about this than I do
<giovani> ok, I'm being told that the card supports master mode, but the driver doesn't support putting it into that mode
<giovani> if you'd really like to use that card for an AP, you can use the windows driver for it through ndiswrapper
<giovani> or google around to see if someone has master/ap mode working with the kernel driver
<fbc-mx> giovani,  hahaha, that's great...About as useless as a solar powered flash light.
<giovani> fbc-mx: useless? hardly, just because it doesn't go into master mode ... it has other uses
<giovani> that chipset supports monitor mode, and injection
<giovani> handy for all sorts of wireless fun
<fbc-mx> giovani, sorry, I meant for this purpose...
<giovani> fbc-mx: like I said, you can use the windows driver in linux via ndiswrapper
<giovani> http://my.opera.com/CrazyTerabyte/blog/linux-ehci-hcd-rtl8187
<giovani> someone documented their efforts here
<fbc-mx> giovani, yeah, I think that ?ll be using it in my cantenna project then.. I don't want to get too deep in drivers and related just to make it work...
<giovani> fbc-mx: pretty much anything but straight up wireless client use requires digging around with drivers in linux, honestly
<quizme> hi, my server keeps crashing.  i have to keep sending a reboot signal to it.  Does anybody know where the logs are for figuring out why it keeps going down?  what should i check first?
<tonyyarusso> quizme: /var/log is where all logs go - there are a few different files in it.
<tonyyarusso> If you find something that seems related, but doesn't have enough detail, you can tell the logging daemon to up the logging verbosity.
<quizme> tonyyarusso: what should i check first?  apache?
<quizme> it seems like a pretty hard problem
<quizme> RAM might be running out
<tonyyarusso> quizme: Depends on what the server's running and whether you have any data points to work from (like "I changed foo and then the problem started...")
<quizme> disk might be running out
<quizme> it's been doing it the past week
<quizme> every few days i have to give it a reboot
<tonyyarusso> You can keep an eye on RAM and disk by just setting up watch commands and seeing what they do right before you lose contact.
<tonyyarusso> 'watch free -m' for RAM, 'watch df -h' for disk.
<quizme> ok
<tonyyarusso> By default watch updates every two seconds, modifiable with -n
<quizme> that's handy
<quizme> thanks
<tonyyarusso> In terms of logs I'd start with syslog and messages
<quizme> it's weird to me
<quizme> servers are so complex it's like trying to diagnose a patient at a hospital
<tonyyarusso> I'd agree with that analogy.
<tonyyarusso> Especially if you just inherited control of the server from someone else so you don't know its history.  If you've been working on it for a while you at least have some idea what might be going on.  Kind of like cars.
<quizme> so to make watch work even after i logout, i can do something like 'nohup watch free -m 1>2 ram.log'  ?
<quizme> 'nohup watch free -m 1>2 ram.log &'
<quizme> ?
<tonyyarusso> You could do it that way.  I usually run my processes like that within screen instead of with nohup.
<quizme> oh... watch .... ok i get it
<tonyyarusso> But watch wouldn't write to a log - it's just updates a display so you can literally watch it in real time.
<quizme> ya watch is for real time
<tonyyarusso> If you want to log it just write a script with a loop to write to the log with a timestamp every so often.
<quizme> ok
<quizme> i see
<quizme> i think it's cuz i'm running an unstable version of phusion passenger maybe
<slestak_> n.
<slestak_> anyone succesful with using python-vmbuilder with bridged networkign that can help me get my guest os to see the lan?  I can ping my guest, but it cannt see the lan
<slestak_> i found a setup that works, but it uses a custom br-ifup script and tap.  id liek to figure out how to use simplest templated setup possible
<MTecknology> giovani: yup, thanks :)
<slestak_> trying again to build vm, since i think br0 is right now
<slestak_> once i get this figured out, looking forward to this.  anyone using kvm in production?
<MTecknology> slestak_: you mean the little hardware piece?
<slestak_> MTecknology: no, the libvirt hypervisor kvm
<fbc-mx> giovani, the other wireless NIC I found is a Bus 005 Device 003: ID 03eb:7614 Atmel Corp. AT76c505a Wireless Adapter, but it won't go into master mode either.
<fbc-mx> giovani, how would I find a list of card that will go into master mode natively.
<oh_noes> is it possible create an answer file and include it into a CD to install Ubuntu?
<oh_noes> Similar to winnt.sif for Windows
<twb> that is called "preseeding", and it is copiously documented in the installation guide.
<twb> (In one of the appendices.)
<twb> I don't know if it's available for Ubiquity, but certainly it works fine on the alternate and server installs.
<oh_noes> thanks, and you can preseed in a CD itself?  Put CD in and it'll auto install ?
<twb> Yes.
<twb> Though it would be more common to use a USB key for that
<twb> Or better, PXE (netboot) install.
<twb> Note that the preseed file can be provided on a different medium, e.g. on an HTTP server.
<gkahla> which revision control tool would you recommend for tracking OpenOffice.org *.odt files?
<gkahla> blobs in RC - anyone have any opinions?
<gkahla> svn or bazaar; any opinions about which would be better for blobs (OO.org files, jpg's)?
<bubba> whats up fellows
<bubba> i need help with proftpd
<bubba> anyone out there?
<bubba> holla
<bubba> need help with proftpd.. anyone?
<gkahla> sry bubba - afk a moment - what's up w/ proftpd? (not an expert, but willing)
<bubba> i am trying to change the default index.html using an ftp client but cant get the permission
<bubba> and i use my administration login so I dont understand why I cant manipulate the files remotely
<gkahla> what are the perms as listed in the client?
<gkahla> you can 'ls -l' inside most ftp clients
<bubba> it was 644 but went ahead and changed it in the client side with no avail
<gkahla> it'll tell you permssions
<gkahla> are you sure the admin account is enabled for FTP?
<bubba> i think so but how do i make sure of that?
<mattt> bubba: sure the file is owned by the user you're logging in w/?
<gkahla> you'd have to take a look at the config file -
<gkahla> also, if the account is listed in /etc/ftpusers, it's NOT ALLOWED
<bubba> hmm
<gkahla> anyone have an opinion about which RCS to use for blobs? OpenOffice files, jpg maps, etc? CVS would loose it's mind...
<bubba> root is listed in /etc/ftpusers
<gkahla> then root may not use FTP
<bubba> need I delete that?
<gkahla> production server?
<gkahla> I wouldn't
<Kamping_Kaiser> i'd advise against it
<gkahla> if you need to get to the file, i'd ssh in, change it's owner, copy it down, edit, copy back, reset owner
<gkahla> i wouldn't change /etc/ftpusers lightly
<bubba> ok I will try that
<Kamping_Kaiser> bubba, any particular reason your using ftp?
<bubba> not working
<bubba> if you just installed proftpd and want to change the default index.html via a ftp client unsuccesfully, what would you do?
<bubba> kapit bahai are you still there?
<Kamping_Kaiser> no idea. I avoid ftp like plauge.
<bubba> you are not kidding
<bubba> i am using ftp because the server has no gnome
<Kamping_Kaiser> whats wrong with scp?
<Kamping_Kaiser> or rsync, for big transfers
<bubba> scp? rsync?
<Kamping_Kaiser> yes. commands to move files around
<bubba> ok. well let me give that a shot
<gkahla> scp is your good friend, really...
<bubba> do i need to uninstall proftpd from the server then?
<gkahla> was this the only reason you have it on there?
<bubba> yep
<gkahla> then, to minimize the amount of programs that could respond to outside requests, I'd definitely get rid of proftpd
<bubba> alright thanks a mil
<bubba> still the same deal the server wont let me delete the default index.html
<gkahla> ssh normally doesn't allow root to login either - who owns the file?
<bubba> the admin
<gkahla> all you need to do is delete this file, right?
<bubba> yes and replace it with my own index.htm
<gkahla> what is the name of your non-admin account on the box?
<bubba> i am inside /var/www/ and keeps saying permission denied
<bubba> is it mysql that is denying me access?
<gkahla> two questions: 1 - who are you logged in as? 2 - what user:group owns the index.html file?
<bubba> i am logged in as the administrator and the index.html file is the default file that reads "It Works" when you initially setup mysql
<gkahla> you're logged in as "root", right?
<gkahla> 'the administrator' doesn't tell me which account you're using - you can set it to anything...
<bubba> correct. how do i dbl chech that. excuse the ignorance
<gkahla> type the command 'whoami' and hit enter
<gkahla> that's who you're logged in as
<bubba> type it in where?
<gkahla> how are you logged into the remote machine? via ssh?
<bubba> correct
<gkahla> so, you've got a terminal open and you're on the remote machine in that terminal? right?
<bubba> i downloaded th scp client and put in all the info into it
<bubba> correct
<gkahla> which scp client?
<bubba> winscp
<gkahla> ah - you're doing this from a Windows machine?
<bubba> yes
<bubba> connected to a ubuntu server
<gkahla> now i understand - are you comfortable with DOS or the command-line?
<bubba> yes
<gkahla> can you install PuTTY instead?
<gkahla> use that to sign into the server?
<bubba> ok
<gkahla> putty will give you a command-line, which is *much* more powerful
<bubba> ok i signed in on it
<gkahla> you've got a blinking prompt, yes?
<bubba> yes i already logged in
<gkahla> whoami <enter> will tell you the username you're signed on as - it is most likely not going to be 'root'...
<gkahla> ls
<bubba> yes it says bubba
<gkahla> pwd <enter> will tell you the directory (folder) you're currently sitting in - where are you?
<bubba> home/bubba
<gkahla> where is the file you want to replace?
<gkahla> /var/www?
<bubba> its in /var/www/
<gkahla> let's find out who owns it - try the command 'ls -l' <enter> (no quotes)
<gkahla> let's find out who owns it - try the command 'ls -l /var/www' <enter> (no quotes)
<gkahla> sorry about that
<gkahla> there will be a column where you'll see owner:group listed...
<bubba> root
<gkahla> probably, it'll be root:root
<bubba> there you go
<gkahla> so, to become the root user, run the command 'sudo bash' <enter> (no quotes)
<gkahla> the prompt will change from $ to #
<bubba> ok there i am
<bubba> it did
<gkahla> cd /var/www <enter>
<bubba> ok
<gkahla> you've got options here - you can either 1) change the index.html file to be owned by bubba, or 2) just make a backup and clear the space for the new version of the file... I'd recommend the later
<bubba> i will opt for tha latter but how do i change the ownership
<gkahla> if you wanted to change that file to be owned by the user 'bubba', you could 'chown bubba:bubba index.html' <enter> (no quotes)
<bubba> oh ok
<gkahla> for the 2nd option, 'mv index.html index.html.backup' <enter> (no quotes)
<bubba> k
<gkahla> now, on your Windows box, you've got a replacement for that index.html file, right?
<Kamping_Kaiser> <gkahla> so, to become the root user, run the command 'sudo bash' <enter> (no quotes) <- if you must suggest dropping to a shell, please use sudo -i
<gkahla> Kamping_Kaiser-  point taken... :)
<Kamping_Kaiser> :)
<gkahla> still with us, bubba?
<bubba> oh yeah. i am waiting for you to say something
<gkahla> you've got a replacement file on your Windows machine, right?
<bubba> yes i do
<gkahla> you can fire up winscp and drop it into /home/bubba - then, move it to the destination folder (/var/www) and chown it to root:root...
<gkahla> leave the putty session open
<bubba> ok
<Kamping_Kaiser> bubba, can i ask why you want to change the file in /var/www/ ? would you be served just as well by using $HOME/public_html/
<gkahla> you'll have to move it over with the putty commandline - as well as changing the owner
<bubba> and i did
<gkahla> who owns the file in /var/www?
<bubba> huh?
<bubba> LOL
<gkahla> who owns the file you just put in /var/www?
<bubba> you mean the replacement index.html?
<gkahla> yes
<bubba> bubba
<gkahla> that's no good - the original file was owned by root:root
<gkahla> change the ownership to root:root
<bubba> then I guess that who owns it. how deo i verify
<bubba> then I guess that who owns it. how do i verify
<gkahla> 'ls -l /var/www' <enter> (no quotes)
<bubba> in putty right?
<gkahla> yes sir - winscp doesn't allow you to type anything
<bubba> ok what i got was root root with the backup file on it
<gkahla> the replacement isn't in /var/www yet?
<bubba> i am not seeing it.
<gkahla> where did you copy it with winscp?
<bubba> copied it into /var/www but i did not chown it. didnt know how
<gkahla> the winscp program only knows how to sign on as bubba  - it cannot land files into /var/www
<gkahla> you'll have to use winscp to drop the file into /home/bubba
<bubba> i dragged it into /var/www
<gkahla> then, use putty to move it to /var/www and change the owner
<gkahla> winscp can't land files into /var/www
<gkahla> not as bubba
<gkahla> user accounts mean something in Ubuntu
<gkahla> that's why we're concerned with who owns things
<bubba> my mistake
<gkahla> np - navigate to /home/bubba in winscp and drop the file in there
<bubba> thats where it is now. so does bubba own it now?
<gkahla> you've still got putty open, right?
<bubba> yes
<gkahla> still signed on as root in that putty session, right?
<bubba> yes
<gkahla> 'ls -l /home/bubba' <enter> (no quotes)
<gkahla> that'll tell you who owns it
<gkahla> it should be bubba:bubba
<bubba> it is not bringing it up. idk why
<gkahla> did you get a set of columns?
<gkahla> or just a list of files and dirs?
<bubba> i have three files in there
<bubba> drwxr-xr-x 2 root root 4096 2009-03-10 11:14 apache2-default
<gkahla> that's a directory - is that in /home/bubba?
<bubba> correct
<bubba> -rw-r--r-- 1 root root   45 2009-05-24 23:43 index.html.backup
<bubba> drwxr-xr-x 2 root root 4096 2009-05-25 00:04 webalizer
<gkahla> that's . . . strange - it's acting like you're running 'ls -l' in the /var/www directory . . .
<gkahla> did you type 'ls -l /home/bubba' ???
<Kamping_Kaiser> suspect he is.
<Kamping_Kaiser> or a mv has gone awry
<bubba> let me do it again
<bubba> stupid me. i am in /var/www
<bubba> how do i get out cd..
<gkahla> that's why i suggested you add /home/bubba to the end of the ls command - it'll look over there without changing directories
<bubba> what i typed in was exactly what u said
<gkahla> if you want to change directories, try 'cd /home/bubba'
<bubba> oh there it is
<bubba> bubba is the owner
<gkahla> copy it over to /var/www, then change the owner to root:root
<bubba> cmd pls?
<gkahla> cp index.html /var/www
<gkahla> that'll copy it over
<gkahla> chown root:root /var/www/index.html
<gkahla> changes the owner
<bubba> root@server1:/var/www# cp index.htm /var/www
<bubba> cp: cannot stat `index.htm': No such file or directory
<gkahla> you're sitting in the /var/www dir - didn't know that
<gkahla> cp /home/bubba/index.htm .
<bubba> k
<gkahla> did it make it over to /var/www?
<bubba> let me see
<owh> Is there a UDS channel?
<bubba> it sure did
<gkahla> bubba-  did you chown it to root:root?
<bubba> yes i did
<Kamping_Kaiser> owh, at a guess something like #ubuntu-uds
<Kamping_Kaiser> owh, i expect they have per topic channels though - its what we do at LCA
<gkahla> bubba-  you should be done -
<bubba> do i need to transfer the accompanying files to index.htm to /var/www as well?
<bubba> thanks for your time <gkahla>
<gkahla> anyone have an opinion about a RCS for blobs?
<Kamping_Kaiser> gkahla, depending on your workflow, bzr would work
<gkahla> it'll be basically two people working on different sections with little overlap
<gkahla> my concern is about the blobs - there will be jpg images for maps, and OpenOffice.org files with documents
<Kamping_Kaiser> i know bzr and svn dont care about blobs as far as commitming them goes. iirc bzr allows binary diffs.
<Kamping_Kaiser> gkahla, i'd suggest asking #bzr to get opinions on bzrs suitability
<gkahla> ooh - binary diffs!!
<gkahla> thx, Kamping_Kaiser - appreciate the feedback
<Kamping_Kaiser> gkahla, gl
<Gargoyle> Mornin All
<gkahla> howdy, Gargoyle
<Gargoyle> Laptop + Garden + Sun = Win! :)
<gkahla> congrats - sun's not up over here yet
<gkahla> thanks all - try and stay out of trouble, eh?
<Gargoyle> Was hardy 8.04 or 8.10?
<Gargoyle> Is there a command in ubuntu to get the version without having to look in /etc/apt/sources.list?
<Gargoyle> Anyone have any recomendations or arguments for/against monit vs nagios. I am looking to install something on a single server and thinking that nagios might be a bit overkill.
<yann2> why not use munin? :)
<Gargoyle> yann2: ahh, so many options!
<yann2> but munin is in main :]
<Gargoyle> I take it that when apt-cache show monit is telling me version 1:4.8.1-2.1 that it means 4.8
<Gargoyle> yann2: Looks like its munin then! :)
<yann2> http://waste.mandragor.org/munin_tutorial/munin.html :)
<Gargoyle> yann2: Ta
<Gargoyle> Is there a way I can get a list of all installed packages? I want to try and get a virtual machine running as close to my real server as possible and then test installations on the VM first.
<maxb> # On the source machine
<maxb> dpkg --get-selections > foo
<maxb> # On the destination VM
<maxb> dpkg --set-selections < foo
<maxb> apt-get dselect-upgrade
<maxb> Gargoyle: ^
<Gargoyle> Sweet!
<Gargoyle> Cheers, maxb
<Gargoyle> Will it mess things up if the source machine is a VM running the Xen kernel?
<Gargoyle> The destination is just gonna be a vmware VM, with the normal kernel.
<maxb> Hmm. You probably want to prune the kernel packages out of the foo file
<Gargoyle> maxb: Too late! ;)
<Gargoyle> I was thinking I can probably just check menu.lst when its finished and check it doesn't default to the xen one?
<maxb> Yes, and you'll likely want to uninstall the unwanted kernels from the guest too
<maxb> for tidyness / conserving diskspace
<Gargoyle> Not too worried about that as long as it doesn't have knock on effects with other packages.
<Gargoyle> Thanks for the tips guys. Time to fire up the bbq for lunchtime burgers! :D
<GullyFoyle> anyone run nginx as a webserver? mine is running fine, but there's one thing. when i do a nginx -t i get an error "can't open /var/run/nginx.pid permission denied. nginx is running as default user www-data. what permissions do i have to change?
<GullyFoyle> d'oh, i had to run sudo nginx -t
<GullyFoyle> got it
<samirnassar> I have two virtual servers with private IP addresses on virtual interfaces (eth0:0) Can I force traffic from and to to go over the virtual interface?
<giovani> samirnassar: with a properly set default route, yes
<samirnassar> giovani: so I need to set a route for traffic to virtual server #2 traffic that is different from traffic for everything else
<giovani> I'm sorry, I don't follow what you're saying
<giovani> if you'd like to control over which interface traffic is routed by default, you set your default route to that interface, as well as a gateway
<giovani> see "man route" for information on how to write the route statement
<samirnassar> giovani: ah sorry. This is new terminology to me.
<samirnassar> giovani: my virtual servers are in the same data center, with private interfaces enabled on both I can transfer data between them that does not count towards the bandwidth limits
<giovani> samirnassar: ok ...
<giovani> then you shouldn't need to modify your route statement
<giovani> your set a private block to your two virtual servers
<giovani> when you reference that IP, it should be routed over the interface that's directly on that private block
<giovani> i.e. virtualserver1's public ip is 1.1.1.1 and private ip is 10.0.0.1, and virtualserver2's public ip is 2.2.2.2 and private ip is 10.0.0.2
<giovani> if you ping 10.0.0.2 from virtualserver1, the traffic will go over the internal interface
<giovani> unless you haven't configured it with an ip and subnet mask
<samirnassar> giovani: ah ok. I have ip and masks set already. I thought I might need to do more
<giovani> well did you try pushing traffic to the internal ip?
<giovani> if it gets there ... then you're done
<samirnassar> giovani: ping (host).(internaldomain) seems to work.
<giovani> why are you not using the ip instead?
<giovani> I don't know what host.internaldomain resolves to
<samirnassar> giovani: both seem to work. SSH works as well.
<giovani> ok
<giovani> there's no problem then :)
<samirnassar> giovani: hah! I like this idea. "If I don't know a problem exists, then there is no problem."
<giovani> what?
<giovani> but you tested it -- no problem exists
<samirnassar> giovani: I guess I didn't realize the testing is so simple.
<samirnassar> giovani: thanks for the help
<giovani> samirnassar: no problem
<TJ`> hi, im trying to get ubuntu installed on the ML110 G5 which has an embedded raid controller
<TJ`> this is my 1st server setup
<TJ`> if i set up the raid array will ubuntu see it as just one big drive?
<giovani> TJ`: presuming it's a real raid controller, yes
<TJ`> its not
<TJ`> its a soft one
<giovani> then no, it requires drivers
<giovani> the RAID card may be supported, I don't know
<giovani> you could try it out
<giovani> if not, you can look at using software raid
<TJ`> sorry had to step out
<TJ`> basically im under the impression that when you set it up in the ROM based setup it creates a virtual RAID array
<TJ`> that most operating systems just see
<TJ`> could be entirely mistaken...
<giovani> operating systems with the drivers to interact with the card, yes
<TJ`> what are the odds that the distro already has them?
<giovani> no idea
<TJ`> lol
<giovani> you could've found out 3 times already ... just try it
<giovani> it takes 5 minutes to get the installer to that stage
<giovani> there's no advantage to guessing
<giovani> softraid is a mess, I advise against it -- but if you want to use it -- just try
<TJ`> i got this system as a test bed for me to learn server OS's
<TJ`> was cheap :)
<giovani> great
<TJ`> another question
<Gargoyle> TJ`: Should have just got vmware! ;)
<TJ`> i have it :)
<TJ`> exsi hyper V
<TJ`> got em all
<TJ`> what dyu guys think of gui's on servers?
<giovani> a horrible, horrible idea
<TJ`> haha thought so
<Gargoyle> TJ`: I think they are a waste of time, and just add extra un-needed software to the system
<TJ`> ok...
<TJ`> any tips on hardening a box?
<TJ`> apart from the obvious ones like changing the ssh port?
<giovani> that's a topic that cannot be summed up with "tips"
<Gargoyle> TJ`: Don't install a gui!
<Gargoyle> ;p
<giovani> TJ`: that's not advisable
<TJ`> Gargoyle not going to install a gui :)
<giovani> changing the ssh port does nothing but prevent your logs from being filled with automated password attacks
<TJ`> giovani u wouldnt recommend changing the ssh port?
<giovani> no, I wouldn't
<TJ`> ok
<Gargoyle> TJ`: Why change the port? That is not hardening. It will take a port scanner all of 2 seconds to work that one out!
<TJ`> i suppose
<giovani> TJ`: instead, look at using keys instead of passwords for ssh
<giovani> and ban password auth on ssh
<TJ`> so by banning password auth one can only access the box using the key?
<giovani> yes
<TJ`> bit like encrypted drives? thats cool
<giovani> no ... not like encrypted drives
<Gargoyle> :)
<TJ`> ah
<TJ`> i meant keyfiles
<giovani> yes, cryptographic keys can be used for many things, but, using them for SSH and for whole disk encryption aren't related
<TJ`> oh i know
<giovani> (and just for the person who wants to chime in -- sure, you can link auto-decryption with a pam login, but that's not the point)
<TJ`> i meant the feature in regards to using a key instead of password like keyfiles
<giovani> sure
<giovani> they both can use keys
<TJ`> what about re-boots?
<TJ`> do you guys ever reboot servers on a sunday morning for example?
<giovani> ... no
<giovani> why?
<TJ`> just wondering
<Gargoyle> TJ`: no... If I wanted to do that, I would install Windows!
<TJ`> im a noob here lol
<giovani> what would be the reasoning for rebooting the server on a sunday?
<TJ`> dyu guys run any regular virus scans if the server file serves to windows clients?
<TJ`> giovani from windows
<Gargoyle> TJ`: Nope, thats the windows users problem, not mine!
<kees> TJ`: many people use clamav when they want to do virus scanning
<giovani> TJ`: many people who run windows file servers do, yes
<TJ`> giovani ive found that a weekly reboot for windows desktop/servers does a lot
<giovani> TJ`: that won't be the case with linux -- this is why windows is considered poorly designed, and a waste of time to use
<TJ`> thanks kees ive got some experience with clam av
<TJ`> ive been running a small ubuntu based server on my mini-itx server for the last 2months
<giovani> the only reasons to reboot a linux server are to upgrade the kernel, to do hardware maintenance, or to ensure that a machine will come back up cleanly on unplanned reboot (such as during a power outage and recovery)
<TJ`> im falling in love with ubuntu
<TJ`> though my only concern with the server being on 24/7 using ext3 is the hdd's
<Gargoyle> TJ`: If you are playing around with software RAID, I did a video the other week for someone else and stuck it on my blog.
<TJ`> constantly journaling wont their performance be affected long term?
<TJ`> Gargoyle got url?
<giovani> TJ`: constantly journaling?
<Gargoyle> http://ga.rgoyle.com/blog
<TJ`> giovani doesnt ext3 constantly write to the drive?
<TJ`> ty Gargoyle
<giovani> TJ`: no ...
<TJ`> ah
<giovani> servers are always on 24/7 ... I don't know where you'd find one that isn't
<TJ`> the drives giovani
<Gargoyle> TJ`: Whizz down to May 10th, "10 Min Ubuntu Server".
<giovani> what about the drives?
<TJ`> i was under the impression that ext3 keeps them spinning 24/7 as well
<giovani> no ...
<giovani> drives spin when they're written to or read from ...
<TJ`> thanks Gargoyle! oh and assasins creed is the best game ever haha
<giovani> just like any drive
<Gargoyle> TJ`: Google did some experiments, there was no conclusive evidence to suggest powering drives down or leaving them on changed their life.
<TJ`> yeah i remember reading that
<TJ`> security updates? i knwo there is an option during install for the system to do it automatically
<TJ`> does that just mean it runs apt update?
<giovani> it means it updates packages for which there are security-based updates
<giovani> for an admin who knows what they're doing, I'd advise not using that feature
<giovani> but, for someone who wants a set-it-and-forget-it server, it's useful
<giovani> unless a new package breaks something
<TJ`> would a simple apt-get update also do security?
<giovani> update only updates the list of available packages
<giovani> after doing update, you must do upgrade to install new versions
<TJ`> yes sorry i meant upgrade
<giovani> but yes, that gets you the same result, and more
<TJ`> lastly - i hope... :P
<TJ`> backups
<TJ`> not the data
<TJ`> but the configurations
<giovani> what about them?
<TJ`> any specific packages that automate this or do you just have a custom script?
<giovani> any file transfer application does what you need
<giovani> at work we use a more complex version-control system
<giovani> to track -changes- to configs over time, and who made them
<giovani> but using rsync, or scp, or whatever works fine
<TJ`> thats a good idea...
<TJ`> svn for config files...
<TJ`> well thanks guys
<giovani> both scp and rsync support file lists
<TJ`> appreciate the help :)
<giovani> you can make a list of config files, and write a cronjob to move those somewhere every x hours/days/whatever
<TJ`> yea thats what i planned
<giovani> and any time you want to change that list, just modify the text file, rather than the cronjob
<giovani> but yes, version control for configs is the right way
<giovani> especially in larger environments
<Gargoyle> giovani: Out of interest, what do you use?
<giovani> Gargoyle: use for?
<giovani> for version control? we use SVN
<Gargoyle> giovani: Version control of your configs? Is it automated update of files from a git repo or something?
<giovani> we track our cisco configs, our voip configs, etc
<giovani> in our tftp directory
<giovani> as well as system configs in various places
<giovani> when you have an admin team of 19 ... it's handy to see who's doing what, and when mistakes happened
<Gargoyle> giovani: So you are still editing the files direct in their normal locations?
<giovani> Gargoyle: yes
<giovani> either in tftpboot, or in the various locations of configs
<giovani> and then commiting to svn
<Gargoyle> Any munin users around?
<giovani> I've played with minun
<giovani> munin*
<giovani> but not a "user" per-se
<TJ`> giovani 19 admins? wow lol
<Gargoyle> I am just trying it out, but getting a bit of information overload!
<giovani> TJ`: that includes the network team, and the unix team, but yes
<giovani> for a company of 150 ... :)
<TJ`> yikes
<TJ`> actually while im here...
<TJ`> is there an nix equivelant to active directory?
<giovani> eh, kinda sorta
<giovani> active directory is like 20 features smashed into one product
<TJ`> lol
<giovani> unix systems tend to compartmentalize tasks, so there's definitely no drop-in replacement for active directory
<giovani> can you be more specific about what parts of active directory you're interested in?
<TJ`> but is there something that could allow it to be a primary domain and manage policies and restrictions?
<TJ`> i know there is LDAP
<giovani> can you be more specific about "manage policies and restrictions"?
<giovani> describe EXACTLY what you'd like to do
<TJ`> eg
<TJ`> create users that would authenticate against it, deploy software, run remote commands, restrict access to certain windows features
<TJ`> just like AD basically
<giovani> ok, so you want to keep using windows desktops but have a linux server that replaces the role of AD?
<TJ`> basically
<giovani> ok, so ... kind of
<giovani> samba, as of version 4.0 has begun integrating AD features
<TJ`> cool
<giovani> but it's still pretty new, and definitely not a drop-in replacement for AD yet
<giovani> most people in windows management environments are going to want to keep an AD server around
<giovani> but that may not always be the case in the future, as samba develops
<TJ`> would be amazing if samba could replace pricey AD
<giovani> AD doesn't cost anything though ...
<giovani> just the server
<TJ`> 64bit or 32bit?
<TJ`> any dissatvantages/advantages with ubuntu server?
<giovani> TJ`: other than certain proprietary applications potentially not being compiled for one or the other, no
<giovani> (that's a reasonably rare problem for server applications, though)
<TJ`> so would u use 64bit over 32?
<giovani> yes
<giovani> presuming the hardware supported it
<TJ`> cool ty
<TJ`> i dont get the difference between 8.04, 8.10 and 9.04
<TJ`> ive been using 8.10
<giovani> you don't get the difference? they're release versions ...
<giovani> like 1.0, 2.0, 3.0
<TJ`> no i understand thaat
<TJ`> but why are more poeple using 8.04 over 8.10 just because of the long term support?
<giovani> yes
<giovani> or because they don't want to upgrade
<giovani> upgrades are messy
<giovani> they often break things
<TJ`> is 9.04 good enough for production environments or should one just stick to 8.x
<giovani> so people generally stay away from upgrading production servers unless required to
<giovani> TJ`: in my opinion, it's perfectly fine
<giovani> but, different people have different opinions on what "production quality" is
<TJ`> do all the same programs and what not work on 9.04? surely...
<giovani> what programs?
<TJ`> samba lamp modrails pptpd
<giovani> lamp isn't a program
<giovani> presuming those applications are bundled with 9.04, sure, they should work
<giovani> they may work differently than in previous versions, for better or worse -- they're going to be more up to date versions of the applications
<cchildress> hi all. i just purchased a vps, which has a very vanilla ubuntu-server 9.04 installation on it.  as it has to be generic, it doesn't run through any of the nice choice-based setup that you get if you run the installation on a local machine.  what's the best way to do this, post-install?
<billybigrigger> to do what?
<giovani> cchildress: there are a very limited number of things the installer asks -- you can just go and modify the files it wrote
<cchildress> basically, when I used the installation disc, it had choices about what services i wanted, what settings i wanted for them, etc. i'm wanting that same automation
<cchildress> giovani, fair enough, i'm just being lazy ;)
<giovani> just install the services you want
<giovani> name a service :)
<billybigrigger> cchildress::: well you could dpkg-reconfigure <insertpackagehere> to configure whatever packages/services you want
<cchildress> giovani, postfix is a real bugger...but generally it just speeds up the initial steps
<billybigrigger> cchildress::: install dovecot-postfix
<cchildress> billybigrigger, hmm...yeah, i hadn't thought of that but it's probably all i'm wanting. thanks
<billybigrigger> i had that running within a few hours :P
<giovani> cchildress: the installer doesn't do anything that you can't do with apt-get
<giovani> a few hours?
<cchildress> billybigrigger, postfix configs are worse than installation
<giovani> postfix is a 10 minute install
<giovani> cchildress: the installer wouldn't have configured it any differently
<billybigrigger> giovani::: are you some guru?
<billybigrigger> haha
<billybigrigger> must be
<giovani> billybigrigger: no ... postfix is very clear
<billybigrigger> well maybe for some
<cchildress> alright, haha. i'll just work on it and if i get stumped or do something stupid/newbish i'll let you know so you can get a chuckle :p
<billybigrigger> i had problems cause i couldnt figure out how to send mail out on a different server, until i found relayhost and blah blah, it was my first mailserver setup, so ya it took me a few hours! :P
<billybigrigger> and the fact i don't think i had my mx record setup correctly added a bit of time/frustration
<TJ`> im trying to install ubuntu server 8.10 on this new server
<TJ`> the installation went fine
<TJ`> but on first boot grub seems to fail and drops to shell
<billybigrigger> whats the error
<TJ`> so now i have a prompt with busybox
<TJ`> i get
<TJ`> usb device not accepting address 2 error 71
<TJ`> and unable to enumerate usb device on port 2
<TJ`> and then
<TJ`> check root
<TJ`> then it drops to shell
<giovani> were you depending on something usb-based?
<TJ`> nope
<giovani> i.e. a network card, a hard drive, etc
<TJ`> there is a missing module
<giovani> a kernel module?
<TJ`> cat /proc/modules ls /dev
<TJ`> ./dev/mapper/ddf1 bunch of numbers does not exist
<jmarsden> cchildress: If you want to add software the way the installer does, you can use tasksel
<giovani> wait, why are you installing 8.10?
<TJ`> why not?
<giovani> because it's outdated?
<TJ`> u recommending 9.04?
<giovani> I'm not "recommending" something, I'm asking why you chose 8.10
<TJ`> ive installed it before its what i know quite simply
<giovani> this could be a kernel bug, it could be a bad sector on your disk
<giovani> TJ`: it's the same OS
<TJ`> giovani they are new disks
<TJ`> just formatted them
<giovani> ok, could be something funky with your softraid
<TJ`> probably
<giovani> how did that end up going?
<TJ`> went fine
<giovani> how did you configure things?
<TJ`> through the ROM based setup
<TJ`> made a RAID 1
<giovani> so you enabled raid ...
<TJ`> made it bootable
<TJ`> and enabled raid in the setup
<giovani> I would recommend not doing that
<giovani> if you want to use software raid -- don't use the fake stuff on the mb
<giovani> just use software raid
<giovani> and defintiely don't combine the two
<billybigrigger> you don
<billybigrigger> you don't suggest using the setup's software raid and using mb0?
<billybigrigger> hmmm thats how i was told to setup my raid 1
<Doonz> hey has anyone managed to setp up azureus on a headless server? im having trouble with the webui part
<billybigrigger> Doonz::: are you set on using azureus? deluge has a nice daemon for running headless
<giovani> billybigrigger: software raid is fine ... just don't use the fakeraid unless you have to
<giovani> Doonz: I'd advise against azureus heavily
<Doonz> yeah billybigrigger thats what everyone said
<Doonz> now im reading howtos
<Doonz> Thanx
<giovani> uhh ...
<giovani> rtorrent
<giovani> please
<TJ`> user rtorrent and wrtorrent
<giovani> please only use rtorrent
<TJ`> the best webui and torrent solution for headless
<giovani> (and whatever gui you want)
<cchildress> jmarsden, thank you! i just got that working and it's exactly what i want.  appreciate the help.
<RoAkSoAx> ivoks, heya master how's it going
<TJ`> for fake raid
<TJ`> http://0x45.com/2009/02/ubuntu-and-sata-fake-raid-on-a-proliant-ml320/
<TJ`> that fixes it
<neshaug> Hey, I have some samba shares up, but I can not copy files to the shares from ubuntu or windows.. I get this error in ubuntu, "There was an error copying the file into smb". Sometimes on small files I can get the copying to complete, but on bigger files it alwasy fails.
<giovani> neshaug: did you look at logs?
<neshaug> nope
<giovani> why not start there?
<neshaug> I'll try, thanks.
<giovani> as a general rule of thumb ... that's where you should ALWAYS start when you get an error from a server
<neshaug> look at samba logs? ;)
<neshaug> I get it, I'll look into getting more familiar with log files, I'm just a newcomer.
<adv> windows has wifi internet, windows connected through LAN to notebook Ubuntu. Ubuntu manual 192.168.0.11, 255.255.255.0 no gateway
<adv> how can i connect internet through shared wifi on windows?
<adv> do i need to have a gateway on ubuntu?
<adv> hello?
<mdlueck> adv, you would need to share the Windows wifi connection. Not sure how to do that. If you have an extra box, consider setting up something like IPCop and share that one Internet connection to your 192.168.0.xx LAN.
<giovani> adv: of course you have to have a gateway
<giovani> or you have to bridge the connections
<giovani> one or the other
<giovani> but this isn't ubuntu-specific
<masc> oi oi all....is there any open source product that works like a Citrix Access Gateway, but then with Ubuntu Terminal Server instead of Citrix?
<fevel> hello
<fevel> can someone explain to me what this means:
<fevel> engenet  pts/0        192.168.0.201    Mon May 25 08:59 - down   (00:00)
<fevel> its an entry on last
<fevel> does it mean it mean the server was shutdown?
<jmarsden> fevel: The user engenet was connected from that IP from that time on Monday May 25 until the system went down
<fevel> ok so it lost energy maybe
<jmarsden> You can use the uptime command to check how long it has been up...
<fevel> maybe the power supply went off
<fevel> after it came back up the stupid local admin rebooted since network wasnt working
<fevel> probably because of squid
<fevel> so uptime shows his reboot
<jmarsden> Then you can look in the logs to see when the earlier restart happened.
<fevel> which logs syslog?
<fevel> I always find it on syslog but for some reason cant find anything
<fevel> the user says that he got there and there was no networking, the local admin says at 8 59 he rebooted
<fevel> how can he have rebooted if the down indicates the system was off
<fevel> he probably turned it on
<fevel> agree?
<jmarsden> Yes, it must have been running when it was rebooted, by definition :)
<jmarsden> grep /var/log/messages for "Initializing CPU#0" to get some idea of when boots / reboots happened ?
<fevel> does "down"indicate a reboot or that the system was turned off?
<jmarsden> Either one.
<fevel> what does it mean then?
<jmarsden> It indicates that the system went away while that user was logged in.
<fevel> can you explain to me what you mean by went away?
<jmarsden> What caused the system to disappear (stop, halt, reboot, cease to function) is not revealed by that last entry
<jmarsden> Read the logs for more details :)
<fevel> I see
<fevel> ok
<fevel> jmarsden: Do you have any idea what may have caused the server to lose connection to the internet? maybe something happens when syslogd restats?
<jmarsden> Not from the info you have provided, no.  last is just logging info about user sessions, not about systemwide networking issues... I would read the server logs looking for more clues about what happened, if it was my server...
<fevel> ok
<fevel> ill take a loog
<fevel> look
<fevel> thanks for your help
<jmarsden> No problem.
<uvirtbot> New bug: #380369 in mysql-dfsg-5.0 (main) "sudo tasksel install lamp-server - stops at 77%(setting up mysql)" [Undecided,New] https://launchpad.net/bugs/380369
<Fenix|work> Greetings...
<Fenix|work> I'm ripping my hair out for something stupid... how do I use bzip to compress from stdin?
<dayo> Fenix|work: check the man pages for tar
<dayo> Fenix|work: man tar
<Fenix|work> ?
<Fenix|work> ok ... found a tar cheatsheet that showed piping tar to gzip, so I used the same method.
<neshaug> hmm, I have this /usr/sbin/smbd process running wich I can not kill with code 9, how can I get rid of it? :)
<neshaug> I can't start samba again when it is there..
<yeason> I'm running a dovecot/postfix mail server and when i try to send mail it fails, this is the pertinent info from the log: "warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory". Obviously the auth isn't working right, any suggestions on where to look for more info or what package to install for this to work?
<mdlueck> tar -j would put it in bzip format
<mdlueck> Fenix|work, I believe that is what dayo meant
<Fenix|work> mdlueck, I wasn't looking at using tar...
<Fenix|work> so I was thrown with man-tar
<Fenix|work> :)
<Fenix|work> anyway... thanks again dayo
<mdlueck> Ja, but try man bzip
<mdlueck> ;-)
<RoAkSoAx> heya ivoks how's the UDS
<ivoks> lots of sessions :)
<RoAkSoAx> ivoks, I've seen that the clustering stack session is the first one on thursday
<ivoks> would someone notify the admins, which are in front of the hotel, thath ubuntu.com doesn't work :)
<ivoks> yeah...
<ivoks> but no one signed to attend :/
<neshaug> heh, I get an error while copying to my samba share, but the process keeps on transfering until it's finished :P
<ajmitch> ivoks: ubuntu.com works for those of us on the outside
<ivoks> ajmitch: great them
<ivoks> then
<infinity> ivoks: Works from my hotel room too.
<ivoks> works now for me too
<RoAkSoAx> ivoks, oh really?? i think it is because there's another server sessions at the same time and lots of people are signed to it
<ivoks> RoAkSoAx: actually, two of them
<ivoks> RoAkSoAx: so, there are 3 server related sessions at the same time
<RoAkSoAx> ivoks, yes.. there are.. so other people have signed to those other meetings.. anyways.. I won't be able to listen to it since It's like 2am for me :)
<ivoks> RoAkSoAx: i'll talk with session manager to get that rescheduled if possible, since i'd like to attend those other sessions at that time
<RoAkSoAx> ivoks, ok cool :) btw.. do you have little time for a couple of packaging related questions?
<ivoks> sure
<RoAkSoAx> ivoks, remeber paraview http://launchpadlibrarian.net/27131383/paraview_3.4.0-4ubuntu1.debdiff ? Do I have to summit to debian the changes originated from the python 2.6 transition ? How should I send the changes?
<NicolasM14> Hi ! I wonder how to display Ext4 new creation, deletion dates attributes. LS and STAT just give the 3 Ext3 attrs. Anyone know how ?
<ivoks> RoAkSoAx: you can send a patch, saying that you tested it with python2.6, and that this diff will make it possible to build with future releases of python in debian
<RoAkSoAx> ivoks, so for example, I can strip out my debdiff like this: http://pastebin.ubuntu.com/180680/ and send it to debian?
<ivoks> RoAkSoAx: didn't you have to change one more file to make it build with python2.6?
<ivoks> RoAkSoAx: you took an upstream patch, remember?
<RoAkSoAx> ivoks, I forwarded that patch to debian, and they included it very quick so i no longer need it:    * Bug fix: "paraview fails to build with some QT lib 4.x versions",
<RoAkSoAx>      thanks to Andres E. Rodriguez Lazo (Closes: #529632).
<ivoks> RoAkSoAx: great
<ivoks> RoAkSoAx: than that's it
<RoAkSoAx> ivoks, ok, I'll summit the diff then. my other question is realted to:  https://bugs.launchpad.net/ubuntu/+source/mapnik/+bug/378819 ...Upstream has left a comment and said that I could drop some changes in debian/rules because in the perspective of upstream, they are not needed to build... Should I do what upstream recommends?
<uvirtbot> Launchpad bug 378819 in mapnik "Please merge mapnik 0.6.0-1 (universe) from debian unstable (main)" [Undecided,In progress]
<NicolasM14> Hi ! No one using Ext4 here ? :(
<ivoks> RoAkSoAx: i'll have to look at that during day time; i can't concentrate very well now
<RoAkSoAx> ivoks, ok :)-.. and besides of that I've done other merges, you can see them here: https://wiki.ubuntu.com/4nDr3s/Mentorship#Merges if you want to review them, however i've subscribed them to u-u-s
<ivoks> RoAkSoAx: good; i'll look at them after uds
<RoAkSoAx> ivoks, ok awesome.. I'll work on other merges this week and after that we can work on something else then :) Have fun there btw :)
<ivoks> hehe will do
<ivoks> good nihgt
<RoAkSoAx> night
<yeason> dovecot/postfix, this shows up in the mail.log: "warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory" Any ideas...? I can't seem to figure it out. sasl2-bin and the libraries are installed
<yeason> anybody have any ideas...?
<Rafael_> is rsync the best option to makes copies of and ubuntu server to a NAS?
<TJ`> is there an alternate ubuntu server iso?#
<TJ`> i cant seem to find one...
<ajmitch> no, because the server iso uses the same installer as the alternate iso
<ajmitch> dekstop & alternate install the same stuff, different ways
<TJ`> according to the wiki the alternate install is what i need to get my fakeraid to work
<yeason> the server iso should come with support for that, you would need the alternate if you are installing ubuntu desktop. if I remember correctly
<TJ`> yeason it claims to be supported
<TJ`> but the the system doesnt boot correctly
<TJ`> doesnt boot at all more like
<TJ`> !
<TJ`> the alternate desktop installation works
<TJ`> but the server iso doesnt!
<TJ`> ok no it doesnt...
<TJ`> for some reason though when i do dmraid -ay and then exit from the shell it works perfectly
<TJ`> is there a way to automate this?
<billybigrigger> can anyone here help me?
<billybigrigger> im trying to get apache to read index.php instead of index.html
<TJ`> did u delete index.html?
<TJ`> do you have them both in the same folder?
<billybigrigger> i've added directoryindex index.php index.html index.htm into my /apache2/sites-available/default and restarted apache...
<yann2> billybigrigger > edit the order of the files in the DirecotryIndex thingy
<billybigrigger> edit?
<billybigrigger> i had to add it...where can i edit it?
<yann2> well now that seems correct
<yann2> /etc/apache2/apache.conf
<billybigrigger> maybe im adding it in the wrong place if there's a place to edit it :P
<yann2> I'd change it there and leave the vhost
<billybigrigger> ahh i was told to add it to my vhost
<billybigrigger> k lemme try that out...
<billybigrigger> DirectoryIndex not found in apache2.conf
<billybigrigger> hmmm...should i add it to end? or is supposed to be somewhere
<yann2> just put index.php first
<yann2> mmh wait
<yann2> mods-available/dir.conf
<yann2> change it there
<billybigrigger> seems every forum question on directoryindex looks like its in the vhost conf
<billybigrigger> ok, ill try there
<billybigrigger> roger
<billybigrigger> thanks yann2
<yann2> you can probably also put it in the vhost conf :)
<yann2> np
<yann2> just if you put it there it will be valid for all the websites
#ubuntu-server 2009-05-26
<billybigrigger> right, instead of just my vhost
<billybigrigger> thanks :P
<billybigrigger> you know html at all? :P
<macd> Any specific suggestions before doing an LVM server install?
<macd> Jaunty install, console shows error: grep: error while loading shared libraries: /lib/libprce/so/3: unsupported vsion on 19525 of Verneed record., removing package libpcre3 + purging, reinstalling fixes error and grep works fine, until next reboot, when the error re-appears
<macd> Additionally, openssh-server installed, but netstat shows no process bound
<oh_noes> Is it expected that /dev/random doesnt output much data?
<Kamping_Kaiser> how did you query it?
<oh_noes> not me, openldap is querying it
<Kamping_Kaiser> is openldap not getting enough data?
<oh_noes> Kamping_Kaiser: appears so
<oh_noes> pos  ubuntu server
<oh_noes> needed to mv dev/random and linked urandom to random instead
<Kamping_Kaiser> wtf
<Kamping_Kaiser> i think not
<billybigrigger> anyone aware of some other log analyzers like awstats but display something nicer?
<billybigrigger> or something that just does apache logs
<al_paun> Hi everybody, i have a network with two internet connections ... the problem I'm facing is that the server is a mail server which is set as mx on one of the ip address. When main connection goes down it the route switches to the other one but now I don't receive mails anymore. And when the main goes back the prior one is the backup  one
<al_paun> how can I make the main one to have priority if recover?
<tdn> I use proftpd but I cannot connect to it from outside my LAN. I get this error in the log: May 26 10:56:52 mediaserver0 proftpd[2754] localhost (::ffff:195.249.157.72[::ffff:195.249.157.72]): error setting IPV6_V6ONLY: Protocol not available
<tdn> Login does not work. How do I fix it?
<foxbuntu> is anyone in here currently in Room 1 this morning...can you change the microphone or talk closer to it...the audio is so quite it nearly inaudible
<radovan> tdn: try login with correct username/password
<tdn> radovan, http://thomasdamgaard.dk/p/P1317.html
<tdn> I do use correct user/pass.
<radovan> tdn: UseIPv6				on
<radovan> try to enable ipv6
<tdn> radovan, why? I do not use IPv6.
<radovan> localhost (::ffff:195.249.157.72[::ffff:195.249.157.72]): error setting IPV6_V6ONLY: Protocol not available
<radovan> so try turning ipv6 off completely, or enable it in proftpd
<tdn> radovan, I did. And then I get rid of the ipv6 errors, but LIST does not work after log in.
<tdn> radovan, I think it is an active/passive ftp problem.
<tdn> The setup is as follows: ftpserver is behind NAT. I have another computer that is behind firewall (not NAT) that tries to connect to ftpserver, but it fails.
<tdn> How do I set up proftpd to allow passive FTP?
<radovan> tdn: set the PassivePorts in proftpd config
<DCracker> whois cef
<cemc> is there a way to tell the kernel to not cache a particular file/directory/partition in ram ?
<TJ`> hey
<TJ`> trying to update 8.10 to 9.04
<TJ`> did do-release bla bla
<TJ`> all the packages fly on the screen as failed then it stays at 0%working on the screen
<s_markow> did you connect via ssh TJ` ?
<TJ`> i did the first time
<TJ`> second time
<TJ`> physcially
<s_markow> just try sudo apt-get upgrade this time
<s_markow> should be allright if the sourcelist points to jaunty
<TJ`> cool
<TJ`> seems to be workimg
<TJ`> s_markow do you 9.04 in any production environments?
<s_markow> nope
<s_markow> its my homeserver
<s_markow> i do indeed use it for my svn rep
<TJ`> would u
<s_markow> dunno :D
<TJ`> lol
<s_markow> i mean it's rock solid for me
<s_markow> to bad netatalk somehow discontinued
<TJ`> ok now its stuck at 42% on libmailtools-perl
<TJ`> what the hell is going on...
<TJ`> oh
<TJ`> there it goes
 * TJ` silly
<TJ`> does anyone know how to login to the local system from a live cd
<TJ`> specifically gparted?
<maxb> TJ`: erm, what do you mean?
<TJ`> maxb some upgrade went funny
<TJ`> and now on boot im reduced to a shell
<TJ`> for some reason the shell wont take any input so i cant even boot the system
<TJ`> so im trying to get access to the local filesystem through gparted
<TJ`> but dont know how :)
<maxb> <TJ`> so im trying to get access to the local filesystem through gparted
<maxb> That sentence makes no sense
<TJ`> gparted is a live cd
<TJ`> actually no
<TJ`> its a gnoe application converted live cd
<TJ`> there is a command prompt
<TJ`> i would like to edit the local file system
<TJ`> from this live cd
<heath|work> I am need to setup a NFS server for Xen.  What kind of power does an NFS server require?
<\sh> heath|work: good IO performance on network and diskcontrollers depending on your usecase..eventually enough RAM for FS Cache
<heath|work> \sh, thanks, I have an external sata case I am going to run RAID10, I should have 3 to 4GB of ram.  Do you have any idea what the CPU needs to be able to handle.  I wouldn't assume too much.
<TJ`> anyone got clamav 0.95.1 running on ubuntu 8.x?
<Sam-I-Am> heath|work: not much... as in you wont notice.
<heath|work> Sam-I-Am, cool thanks for the help
<TJ`> is there anything wrong with chrooting into the system just after install -before the first boot - and running apt-upgrade?
<maxb> Apart from there being no such command "apt-upgrade" ?
<TJ`> *sigh*
<TJ`> apt-get upgrade....
<TJ`> happy?
<TJ`> is there?
<maxb> I wouldn't recommend it without care and attention to things like settings up a policy-rc.d at least
<maxb> Why would you want to, though?
<TJ`> because if i edit usr/share/initramfs/scripts something rather dmraid functions correctly provided i do it b4 first boot otherwise it renders to a shell and i cant boot up
<TJ`> but doing apt-get upgrade messes up dmraid again
<jmedina> o_O
<genii> TJ`: This is why you want to have in your /etc/initramfs-tools/modules    the name of the raid modules. So it auto does it every time you kernel upgrade
<uvirtbot> New bug: #380638 in dhcp3 (main) "The DHCP client crashes on reinstall and does not work properly" [Undecided,New] https://launchpad.net/bugs/380638
<genii> Interesting. I've seen similar issues on the dhcp client now in here, #kubuntu and #ubuntu
<kpettit> Any good suggestions for a VPN server app that can have Windows/Linux/Mac clients?
<radovan> openvpn
<jmedina> openvpn
<kpettit> I've seen the client for Windows, but the last Mac one I tried was command line type.
<kpettit> Is there a decent GUI openvpn client for Mac?
<jmedina> yeap
<jmedina> tunnelbrik
<radovan> or shimo
<TJ`> pptpd
<kpettit> cool thanks.  I've tried tunnelbrik but haven't heard of shimo.  I'll give those a try.
<TJ`> easiest to use
<jmedina> tunnelblick
<radovan> pptpd is evil
<kpettit> I've been doing pptpd, mainly becuase it had a windows built in client.  But with 9,04 I cant seem to get the encryption right
<radovan> pure evil
<jmedina> yeap, and insecure
<kpettit> pptp has been very problematic for me
<kpettit> jmedina: it's insecure?
<jmedina> for real vpn use openvpn
<kpettit> ok
<radovan> or racoon :D
<kpettit> is there any good vpn config scripts, tools, or GUI's?
<jmedina> :S
<jmedina> :S
<radovan> kpettit: just easyrsa for pki
<kpettit> I mean are there any good openvpn config scripts, tools or GUI's
<radovan> kpettit: but config are pretty simple to write
<jmedina> I have a manual Im creating for a openvpn course
<jmedina> it is in spanish
<kpettit> I don't read spanish.  But anything like that would be great
<jmedina> http://tuxjm.net/docs/cursos/OpenVPN_Curso/html/
<jmedina> it is not complet
<radovan> kpettit: http://en.gentoo-wiki.com/wiki/Road_Warriors_with_OpenVPN
<radovan> not for ubuntu, but still fine
<kpettit> jmedina: I wish I could read spanish.
<kpettit> radovan: Sweet!  Thanks
<kpettit> radovan: do you know if the default ubuntu kernel has the needed options in it?
<jmedina> kpettit:
<radovan> kpettit: if you mean tun/tap then yes
<jmedina> it is in the docto how to verify
<kpettit> ok thanks.  going through it now.
<jmedina> kpettit: there is a openvpn gtk gui, I really dont like
<radovan> jmedina: and network manager plugin?
<radovan> it's no glory, but it works
<jmedina> radovan: down know, its been years since I used gnome(ubuntu)
<al_paun> Hello I have a problem with postfix on imap. My configuration is using linux users to connect through imap to get mails. When receiving an email in inbox of a certain users doesn't receive it with proper user rights, it comes with user root group mail.
<al_paun> Can you please help?
<jmedina> I use kvpn for KDE clients
<radovan> jmedina: ugly as kde :)))
<jmedina> :D
<jmedina> for personal use I prefer to launch openvpn in cli
<radovan> i'm osx user, so i have no such problems :)
<jmedina> http://mange.dynalias.org/linux.html
<jmedina> I have never used mac os :D and im happy
<al_paun> I have a problem with postfix ... when receiving an email on a alias it is sent to the users that belongs to the alias with user root group mail instead of that user
<jmedina> al_paun: what you mean it?
<jmedina> permisions?
<jmedina> did you change something?
<jmedina> al_paun: can you provide examples?
<al_paun> yes for example i have defined in alias table in /etc/mail/aliases this alias ... tehnoplus: catalina.geageac, voicu.pop
<al_paun> when sending mail to tehnoplus@... the mail come to catalina.geageac user with root / mail rights
<al_paun> not with catalina.geageac:users
<jmedina> al_paun: show real evidence
<al_paun> but mail sent directly to catalina.geageac@... it is sent with proper rights
<jmedina> ls -l /var/mail/ or something
<jmedina> and pastebin output from postconf -n
<al_paun> http://pastebin.ubuntu.com/181366/
<al_paun> aliases are set with newaliases -bi and sendmail -bi and they are in /etc/mail/aliases
<jmedina> if you are using postfix why not use postfix tools
<jmedina> postaliases /etc/aliases
<jmedina> well it is the same
<al_paun> because of webmin i think
<jmedina> ja
<jmedina> that is your problem
<jmedina> webmin changed something
<al_paun> is it posibly to find out?
<jmedina> is ubuntu pastebin slow?
<al_paun> what do you mean?
<jmedina> al_paun: you didnt show me ls output
<jmedina> I want to see real permisions on mailbox file
<al_paun> ok just a second
<al_paun> /var/mail?
<jmedina> mm I think I dont understand :(
<al_paun> http://pastebin.ubuntu.com/181373/
<jmedina> so where is the file with bad permissions you are talking about
<al_paun> this are the permisions of directories inside /var/mail
<al_paun> just a second
<al_paun> -rw------- 1 root mail 3091 2009-05-26 19:29 1243355384.29547_1.mail
<al_paun> this is the mail
<jmedina> where is that file?
<al_paun> it is in /home/catalina.geageac/.maildir/.Tehnoplus/
<al_paun> 4 drwx------  6 camelia.geageac users 4096 2009-05-26 19:29 .Tehnoplus
<al_paun> this are the rights for .Tehnoplus directory
<jmedina> Im not sure, you are using home_mailbox = .maildir and mailbox_command = procmail
<jmedina> with default config, if you use home_mailbox = .maildir, your users mailbox should be in /home/user/.maildir/ not /var/mail/
<jmedina> are you really using procmail?
<al_paun> sorry my users are in /home/user/.maildir
<al_paun> forget about /var/mail
<al_paun> it was my mistake
<jmedina> so where is that file"-rw------- 1 root mail 3091 2009-05-26 19:29 1243355384.29547_1.mail
<jmedina> ?
<al_paun> /home/catalina.geageac/.maildir/.Tehnoplus/
<al_paun> the rights of directory .Tehnoplus are drwx------  6 camelia.geageac users 4096 2009-05-26 19:29 .Tehnoplus
<jmedina> .Tehnoplus is a folder right in users mailbox, right?
<al_paun> no ...
<al_paun> in /home/catalina.geageac/.maildir/
<jmedina> al_paun: can you show the log entry for this mail?
<al_paun> just a sec
<al_paun> http://pastebin.ubuntu.com/181380/
<jmedina> that is not the entry
<jmedina> look at next lines
<Sam-I-Am> any maintainers for ubuntu server packages here?
<Sam-I-Am> wondering what the interest level is in getting openldap 2.4.16 packaged since its the latest stable version where multi-master and some other features actually work
<al_paun> http://pastebin.ubuntu.com/181384/
<jmedina> Sam-I-Am: if you dont get answer here, plase use launchpad
<Sam-I-Am> yeah i'm actually trying to become a maintainer for openldap
<Sam-I-Am> figure i might as well be useful :)
<Sam-I-Am> since i'm going to package 2.4.16 for myself anyway
<jmedina> Sam-I-Am: I cant test your packages
<jmedina> Sam-I-Am: are you buiding packages for hardy?
<Sam-I-Am> right now, yes
<jmedina> last time I checked 2.4.16 required to upgrade db4
<Sam-I-Am> it does... i built that too
<Sam-I-Am> also added some changes for threading
<Sam-I-Am> another bug..
<jmedina> what about crossed dependencies?
<Sam-I-Am> havent found any yet
<jmedina> Sam-I-Am: is it built agains gnutls?
<Sam-I-Am> i have db4.6 and 4.7 on the same box
<Sam-I-Am> i'm building it against openssl and gnutls
<jmedina> Im not packager, but Im interested in openldap
<Sam-I-Am> i think 8.04 came with 4.6 ..
<Sam-I-Am> i would imagine that 2.4.16 would go into the next release
<Sam-I-Am> like... 9.10+
<Sam-I-Am> since its a major bump
<jmedina> yeap hardy 4.6
<Sam-I-Am> problem is right now the deb/ub packages for openldap are wayyy behind upstream even when released.
<Sam-I-Am> and given how fast openldap progresses, the packages are pretty much useless.
<Sam-I-Am> i would hope ubuntu can release the latest openldap "stable" package at least for every LTS release
<Sam-I-Am> which seems doable
<jmedina> Sam-I-Am: yeap that is a problem, what I have seen is that ubuntu packages works fine for simple setups
<Sam-I-Am> sure
<jmedina> but when you need strong authtentication kerb/sasl and replication that is when ubuntu packages wont work as expectd
<TJ`> whats the difference between clamav and clamavdaemon?
<jmedina> one is a daemon the other a comand
<TJ`> <--- noob
<jmedina> for better performance use clamd
<TJ`> so the daemon runs automatically?
<TJ`> !google clamd
<ubottu> Sorry, I don't know anything about google clamd
<Sam-I-Am> 2.4.11 is an issue because it has known brokenness with replication
<Sam-I-Am> at least the new forms of it
<Sam-I-Am> 2.4.15 is working fine for me but 2.4.16 contains some important fixes for multi-master which i'm not using
<Sam-I-Am> and the openldap folks in #openldap sure hate the ancient packages in distros... not just deb/ub
<jmedina> TJ`: I think you need to run ubuntu server guide, learn how to use man
<Sam-I-Am> speaking of the server guide, that could also use some updating
<Sam-I-Am> at least with ldap/samba/kerb integration
<jmedina> yeap, redhat pckages are worst
<Sam-I-Am> ha, theyre super ancient
<Sam-I-Am> i tried building this infrastructure on centos/rhel as directed by the boss... and got him to let me use ubuntu
<jmedina> Sam-I-Am: I'm not sure, afew weeks ago someone came up and wanted to package openvpn
<Sam-I-Am> replacing package source with upstream in RPMs is extremely painful
<jmedina> I think he was going to upload their packages to a ubuntu PPA
<jmedina> s/openvpn/openldap/
<Sam-I-Am> theres a few people out there
<Sam-I-Am> someone made some smbk5pwd packages which is nice
<Sam-I-Am> but they also based it on 2.4.7/11
<Sam-I-Am> i have an itch to get smbk5pwd working on 2.4.16
<Sam-I-Am> once i verify this part works
<Sam-I-Am> and... it worked
<Sam-I-Am> well, i have packages now
<jmedina> Sam-I-Am: I cant help to test your packages in hardy, I dont use other distro for production
<jmedina> s/cant/can/ :(
<Sam-I-Am> i'm building for hardy since its the most recent LTS, but for maintaining purposes, i'd install squeeze or karmic
<Sam-I-Am> once i get a response from the maintainers i'll ask what direction they'd like me to head
<Sam-I-Am> since i'm going to do all this work anyway
<jmedina> I think they are at barcelona attending UDS
<Sam-I-Am> i think that was last week
<jmedina> Sam-I-Am: are you using openldap with kerberos?
<Sam-I-Am> i will be
<Sam-I-Am> plan is to get smbk5pwd integrated... which is what got this ball rolling in the first place since its not included in the debian package
<Sam-I-Am> and then i said... hmm, why not try to roll 2.4.16 in
<jmedina> I learning about it, so what kerberos implementation are you planning to use?
<Sam-I-Am> heimdal
<Sam-I-Am> particularly since samba4 will have hooks into it
<jmedina> heimdal it is in universe (unsupported)
<jmedina> mit is in main (supported) :S
<Sam-I-Am> yeah, i've noticed that
<Sam-I-Am> but when samba4 rolls out that might need to change
<Sam-I-Am> i could compile it against mit...
<Sam-I-Am> kinda waiting to see whats needed
<jmedina> Sam-I-Am: where can I download hardy packages?
<Sam-I-Am> jmedina: not quite ready yet... need to make sure they install as they're hot off the compiler
<jmedina> https://blueprints.launchpad.net/ubuntu/+spec/server-karmic-directory-management
<jmedina> howward chu is member and nick barcet ;O
<Sam-I-Am> thats interesting
<Ahlee> Jaunty 64bit (server), i have a 4 drive software raid0 (/dev/md3), with lvm volume group (raid0) residing on top.  I can create a logical volume, however when I format it my machine locks up (repeatable with both mkfs.ext3 and mkfs.ext4).  Bad drives?  The 4 disks comprising the raid0 are warmer to the touch than I normally like, however Im' not getting errors on the console regarding short reads or similar, and unfortuantely I put swap there so des
<Sam-I-Am> meh
<muszek> hi... back in Jaunty beta times, I read about dovecot-postfix, a easy to install email server.  The package is no longer present in Jaunty repos... any hints to how to get it?  Is the "easiness" in a regular postfix package now?
<muszek> errr... n/m, it IS in jaunty repos
<Sam-I-Am> moo.
<lamont> woof
<Sam-I-Am> heh
<Sam-I-Am> oink?
<uvirtbot> New bug: #380715 in samba (main) "samba shares of symlinks are always read-only" [Undecided,New] https://launchpad.net/bugs/380715
<wizardslovak> hello people
<wizardslovak> is anyone here who can help me with my email server problem
<wizardslovak> using postfix-dovecot
<wizardslovak> error is no sasl autherzation mechanisms
<al_paun> I have a problem with postfix can anyone help?
<wizardslovak> what problem you got?
<al_paun> i'm using postfix with linux users and read mail with imap
<al_paun> the problem is that for alias addesses it is sending me the mail messages with wrong permissions
<al_paun> i have an alias for example myalias: address1, address2 etc ... when sending mail to myalias@... the mail received by address1 is with root:mail privileges
<al_paun> not with address1:users privileges
<al_paun> probably this happened after installing webmin
<al_paun> I don't realy understand what happened because yesterday was working properly.
<al_paun> for normal addresses if you send an email to address1 directly it is send properly and with proper permissions
<wizardslovak> try post your problem in https://launchpad.net/
<jmedina> probably  procmail is giving problems
<uvirtbot> New bug: #380724 in bacula (universe) "package bacula-director-mysql 2.4.4-1ubuntu5 failed to install/upgrade: subprocess post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/380724
<lzantal> Hi, I need help with raid 5 installation. It fails at the disks partitioning
<gamble6x> lzantal: I found that if I skipped the error and just kept going it worked.  Not sure why it displayed the error.  Otherwise I probably can't be of much help.
<lzantal> gamble6x: thanks I tryed it but it complains that there is no partition. It does not let me create any.i am booting right now with raid disabled in bios
#ubuntu-server 2009-05-27
<xenocampanoli> I am having trouble talking to an internal internet ldap service, and our admin is guessing it's because I need the company certificates properly installed.  We tried /etc/ldap/cacerts, and that didn't go.
<MTecknology> I saw one once that I liked but never played w/ setting up
<MTecknology> !imp
<ubottu> Sorry, I don't know anything about imp
<MTecknology> !horde
<ubottu> Sorry, I don't know anything about horde
<MTecknology> !info horde3
<ubottu> horde3 (source: horde3): horde web application framework. In component universe, is optional. Version 3.2.2+debian0-2 (jaunty), package size 7063 kB, installed size 27132 kB
<MTecknology> So, can I utilize landscape without paying for it?
<tonyyarusso> Say, anyone around who would be able to talk me through the concepts involved in setting up an LDAP-hosted address book with fields I could define for things like different IM protocol usernames?  I'd really like to consolidate all of my scattered information...
<twb> AIUI only the client side of landscape is free software.
<twb> The server side is locked up inside canonical.
<twb> Where "server" is the puppetmaster and "client" is the puppet, in puppet/cfengine terms.
<rsr> hello
<rsr> I am trying to configure fetchmail to grab mail from exchange so I can read with mutt I have this line on .fetchmailrc: poll trunks.engenet.com.br proto imap user "renato.rodrigues" password "hulk01"
<rsr> although I get authfail message
<rsr> instead of trying to connect to fevel@trunks.engenet it tries fevel@mail.engenet
<unewbie> i add new nic on my 8.04.2 but it's not running
<unewbie> 1 card was installed during installation
<unewbie> and when i installed the other card ubuntu doesn't know it
<unewbie> what should i do?
<unewbie> how to install new NIC?
<error404notfound> Do i need a different certificate for every site at my server?
<error404notfound> due to change in cn?
<Sam-I-Am> error404notfound: just use a wildcard cert
<error404notfound> Sam-I-Am, hmmm, how do i create that? also googling in bg
<Sam-I-Am> and it'll be subjectaltname, not CN
<twb> rsr: don't use fetchmail for imap.
<twb> rsr: use offlineimap.
<Sam-I-Am> mutt does a pretty good job of reading imap
<Dittohead> Can anyone point me in the direction of a cheapish (~200USD), low power (less than 100w), with dual NICs and preferably silent, server hardware? My first thought was a first gen eeepc but there is the dual NIC issue (as this will be a router, file/print/media, LAMP server for the home). I'm finding quite a few 1u servers on ebay but they're all fairly high-powered.
<Kamping_Kaiser> whack a usb/pcmcia/express dongle into $laptop?
<Dittohead> Kamping_Kaiser: good idea. any that you'd prefer (or at least avoid)?
<Kamping_Kaiser> Dittohead, not particularly (I dont know whats around for $200US)
<Dittohead> Was more in reference to a particular dongle you'd use. I'm finding eeepc 900s for under 200 on ebay.
<Kamping_Kaiser> ah right. usb ones are probably the most portable (eg, could remove laptop one day and plug dongle into new one), but pcmcia/express are less likely to break at the connection to the laptop
<Dittohead> Kamping_Kaiser: thanks!
<Kamping_Kaiser> np
<twb> Dittohead: you can run two networks over a single NIC, using vlan tagging.
<twb> This will require either linux, sun or cisco gear on the other end of the cable.
<Dittohead> twb: my dd-wrt access point would support this, but I doubt the motorola wimax modem would.
<twb> Dittohead: uh, why would the modem need it?
<twb> You only need tagging on two two ports that the cable connects to.
<twb> s/two two/the two/
<twb> FWIW I've done vlanning between an OpenWRT and an 8.04 server in exactly that configuration.
<twb> I mean, obviously it's better to just slap a second NIC in, but (as in your case) there wasn't room in the server.
<Dittohead> twb: The server would act as a replacement of my current wireless router (or rather to replace the router function between the modem and the network, I'd still use the wifi AP functionality). If the modem doesn't support vlan tagging, and I don't have a tagging-capable switch in between the two then I can't make it work, right?
<Dittohead> (I've not done much with vlan'ing so forgive my ignorance!)
<twb> What's wrong with your existing DD-WRT?
<twb> To answer your question: it depends on what connects your wifi modem to your router/server.  If it's ethernet, then you're right -- vlanning won't work.  If it's USB, that's different.
<Dittohead> I'd wanted to setup VPN capability but my current router but I can't at this point due to NVRAM restrictions on the hardware. That and I want a project. :)
<error404notfound> Sam-I-Am, there?
<twb> Fair enough.
<error404notfound> Sam-I-Am, isn't wild card ssl for domain and all its sub-dmains? or can it be used for all domains on a single host?
<Dittohead> twb: The WiMax modem only has ethernet, which goes into the WAN port of the router.
<twb> Righto.
<Sam-I-Am> error404notfound: its usually for a domain and hosts under it
<Sam-I-Am> error404notfound: in other words, it can do *.domain.com or *.sub.domain.com, but not *.*.domain.com
<Sam-I-Am> you can also list a bunch of hosts in subjectaltname
<error404notfound> Sam-I-Am, say i have www.example.com, www.myhost.com, www.newsite.com, www.topportal.com plus each of these has subdomains under them so how would i create a cert for all of these domains?
<Sam-I-Am> you dont
<Sam-I-Am> you have multiple certs
<Sam-I-Am> but it shouldnt matter much as long as they're legit
<error404notfound> hmmm....
<TimReichhart> hi guys I want to know if there is anyway that I can put my /var/mail.log into a database for per user
<Sam-I-Am> you can only have one wildcard in a cert i think
<Sam-I-Am> but multiple single host/domain combos
<error404notfound> Sam-I-Am, thanks... i guess i will use wildcard ones for subdomain and a single domain, so that way i would have 4 certs for 4 domains and about 25 subdomains
<Sam-I-Am> TimReichhart: might be an app for log management at that level.. or just write a script to parse it out and insert into a database
<TimReichhart> well I have been trying to figure out how to parse it out and put it into a database and I cant find anything how to do that
<error404notfound> btw if i create my own openssl certs, everytime a new visitor hits my site, he will have to accept my cert manually, is there a (possibly free) workaround of this problem?
<Sam-I-Am> shell script that grabs lines by name and makes an sql insert statement?  sounds reasonable.
<Sam-I-Am> error404notfound: check out cacert.org.
<TimReichhart> you got any examples there Sam-I-Am
<Sam-I-Am> error404notfound: its community based trust and i know firefox has them as a CA
<Sam-I-Am> other browsers not so much... then you get to pay
<error404notfound> aaah.... great.... thanks...
<Sam-I-Am> TimReichhart: not off the top of my head
<TimReichhart> ok
<error404notfound> i had an account there and i forgot
<Sam-I-Am> happens...
<Sam-I-Am> anywho, i gotta get... work at 5am tomorrow
<yelyos> hi, I'm wondering how I should install a gui on ubuntu server that doesn't start up on boot so I can leave it off when I need the performance
<yelyos> I'm new to ubuntu
<yelyos> I just installed ubuntu server on a completely clean machine
<yelyos> basically it's a new custom machine with a lot of ram being used as a server to run high-load statistical analyses for a university statistics department
<yelyos> but it might also get used in person by people who don't have much experience with the command line
<error404notfound> yelyos, to install gui, install ubuntu-desktop, kubuntu-desktop, xubuntu-desktop or whichever you like, but take it from me, its a bad practise
<yelyos> it's not a dedicated server
<yelyos> it's only mostly a server.
<yelyos> if it was a dedicated server then yeah
<yelyos> but given how it's going to be used I'm pretty sure we need a gui on it
<yelyos> even if the gui is left unstarted most of the time
<yelyos> I just wanted to know if installing ubuntu-desktop starts up the gui on boot or if it only starts the gui if it's run from the command line
<tonyyarusso> yelyos: By default it should on boot.
<tonyyarusso> yelyos: Just remove gdm from the default runlevel not to.
<tonyyarusso> yelyos: but really you should be asking yourself why your have a gui on a server at all - what purpose will it actulaly serve?
<tonyyarusso> Do you mean you'll have people sitting down and writing an essay and checking their e-mail on this machine too?
<Mr_Archive> hi
<highvoltage> most dhcp servers pings an address before assigning it, right?
<highvoltage> is it really necessary to segment networks when running multiple dhcpd servers then?
<twb> Why do you want to run multiple DHCP servers?
<twb> They *will* fight.
<twb> Even if they don't fight for IPs, they will advertise different next-server, routes, dns-servers etc.
<highvoltage> twb: was part of the discussion at the "Architecture of a Directory Infrastructure" session
<twb> highvoltage: sorry, I don't know what that is.
<Kamping_Kaiser> UDS i'm guessing
<highvoltage> yes
<twb> UDS?
<Kamping_Kaiser> twb, ubuntu dev summit
<twb> Ah, righto.
<Kamping_Kaiser> ftr, i didnt know dhcp servers pinged hosts.
<twb> Kamping_Kaiser: I'm not convinced they do.
<twb> I wouldn't be surprised if they did some ARP-level sanity checking, though.
<Kamping_Kaiser> nod
<ivoks> anyone here that was at last bof at uds about ldap directory?
 * andreas__ was
<ivoks> andreas__: i know; have you maybe accidentaly taken my bag? :)
<andreas__> ivoks: no
<ivoks> ok
<andreas__> ivoks: check under the tables
<ivoks> i did
<andreas__> hmpf
<henkjan> highvoltage: in my experience its not necessary to segment your network for running multiple dhcpd servers
<ivoks> maybe the guy that was between us
<ivoks> i don't know his name :/
<andreas__> ivoks: I remember pushing his back a bit under the table so I could sit
<andreas__> bag
<henkjan> highvoltage: a client will ack a dhcp address. All dhcpd servers will notice this ack and mark the address as in use
<highvoltage> ivoks: o/
<ivoks> i'll find him
<ivoks> highvoltage: you were at the session?
<ivoks> how can someone leave with two bags? :/
<sommer> one for each of him?
<mufasis> anyone here
<jonathan_> yeh
<highvoltage> ivoks: I was
<highvoltage> ivoks: wait, you're missing a bag with a red cross on it?
<ivoks> highvoltage: yes
<highvoltage> ivoks: eek, sorry, it must have been under my bag, I did grab it, I'm terribly sorry about that
<ivoks> ok... could you please return it? :)
<ivoks> i'm at the room 3
<ivoks> in
<highvoltage> ivoks: I only noticed there was another bag when I took mine away just a moment ago, can I give it to you at the projector sscreen where they show the sessions after this session?
<ivoks> highvoltage: i kind of need it now; battery low
<ivoks> highvoltage: in which room are you?
<highvoltage> ivoks: ok, where are you, I'll bring it to you since I'm at fault
<ivoks> highvoltage: room 3
<highvoltage> ok, be there in a minute
<ivoks> ok
<jonathan_> highvoltage and ivoks stay together? o.O
<highvoltage> jonathan_: no we're at UDS and I left the last session in a hurry and took his bag my mistake
<jonathan_> ic
<mufasis> i just finished installing ubuntu server on a proliant dl320 g2 that a friend gave me
<mufasis> im relatively new to linux and i was wondering whats some cool stuff i can with this server?
<Kamping_Kaiser> lots of seti@home *grin*
<Kamping_Kaiser> mufasis, 'cool stuff' is entirely dependant on what you think is cool.
<cemc> you can run vmware/virtualbox on it with windows, if that qualifies as cool for you :)
 * Kamping_Kaiser backs away from cemc 
<cycrosism> Can someone hlp me with vsftpd
<cycrosism> I keep getting permission deniedc
<mufasis> yeah vmware my buddy was telling me about it
<mufasis> what is it exactly?
<cycrosism> Is what?
<cycrosism> When I try to FTP into my server, it only works if im as anonmous. When I try to copy a file to it I get permission denied
<mufasis> vmware?
<cycrosism> yes
<cycrosism> Would you know what is causing the problem mufasis
<massctrl> Hello, I'm running a couple of jeos instances as kvm guests, they have trouble mounting an nfs share though, sometimes it works out, sometimes it doesn't, ... what could be the deal here?
<juliux> hi
<juliux> any chance to get ipmisensors working with ubuntu?
<hvn> about ipmi: we have HP ProLiant D380 G5 with working ipmi
<hvn> the kernel module is what comes with Ubuntu kernel and the user space utility is from HP's "HP System Health Application and Insight Management Agents for Red Hat Enterprise Linux 5 (AMD64/EM64T)"
<hvn> but the main thing is that the module that comes with kernel can talk to hardware ipmi
<hvn> and the Ubuntu version is 8.04 and kernel is: 2.6.24-23-server #1 SMP Wed Apr 1 22:14:30 UTC 2009 x86_64 GNU/Linux
<Pres-Gas> Is there a way to utilize ecryptfs when you authenticate with krb5 and authorize with local passwd files?
<dthacker> In postfix, if I want to accept relays from any machine on the my local network (10.25.25.0), the correct mynetorks setting would be 10.25.25.0\24, correct?
<Pres-Gas> dthacker, if you want all 254 addresses to be relayed, yes.  http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing
<dthacker> Pres-Gas: thanks
<Pres-Gas> All good, dthacker
<lamont> dthacker:  it's /24, not \24
<lamont> Pres-Gas: and it's 256 addresses, since it really doesn't care about network/broadcast blocks...
<dthacker> lamont: yes, the slash was wrong
<lamont> if the subnet is truly /24, then the fact that .0 and .255 have no connectivity has nothing to do with whether or not postfix would love them if they did...
<lamont> dthacker: \ is a windoze thing... in any sane OS, it means "don't apply any special treatment to the next character"
<aljosa> is there a way to have both kvm and virtualbox working on same machine?
<eolo999> Hi! Is it to possible to have eucalyptus-cc and eucalyptus-nc on the same host?
<angelleye> I've got my ftp configured and accepting logins for users on the machine and locking them to their home directory.  the web root for users, though, is on a mounted second hard drive and I need to create an alias to their actual www folder that lives on this mounted drive in their home directory so they have access to it via ftp
<angelleye> or if i'm going about that the wrong way please let me know.  but i think you get the idea of what i'm trying to do..??
<dthacker> angelleye:  create a symbolic link from their ftp home to the web root?
<angelleye> symbolic link.  is that like a shortcut?
<dthacker> like a windows shortcut? no idea
<angelleye> i just need it to look like a folder in their home directory even though that actual folder isn't stored there
<Sam-I-Am> symbolic links are like windows shortcuts yeah...
<angelleye> and i need the ftp to give them access to it
<angelleye> even though they're locked to their home directory
<angelleye> ok i'll check that out
<dthacker> man "ln"
<eolo999> mount?
<angelleye> is ther a simple way to do it in nautilus?  forgive me, i'm graphically inclined
<angelleye> :)
<dthacker> http://en.wikipedia.org/wiki/Symbolic_link#Unix_and_Linux
<dthacker> sorry, don't know nautilus,  pretty much live at the command line
<angelleye> well, I did ls -s /media/storage www    while in my /home/user directory
<angelleye> it created a www folder in the user directory, when when I go into that it's just an empty www folder
<angelleye> i mean ln-s
<angelleye> when i browse it in nautilus now it looks like shortcut folder but it goges to an empty folder
<angelleye> yeah, it's just /home/user/www
<angelleye> but the folder icon has an rrow on it like a shortcut
<j0nr> hello all. I am setting up a basic server. it is a VPS, with 256mb RAM. Currently I am running mysql, apache2, php5 and a session of irssi. I am almost out of memory. does this sound right? It means my install of menalto gallery often runs out of memory
<Kamping_Kaiser> j0nr, depending on what your doing that could be right, but its also possible to run those services in 128mb too
<j0nr> Kamping_Kaiser: I thought it was a bit high... if i stop apache and mysql it drops from ~240mb to 85mb
<j0nr> Kamping_Kaiser: so do you think it is something to do with how mysql and apache are set up to run?
<Kamping_Kaiser> j0nr, run top and look at its memory column to check whats using all the memory (eg, mysql or apache). I suspect mysql
<Kamping_Kaiser> i'll say right now i'm not running mysql anyware, so no personal experiance to offer
<uvirtbot> New bug: #380942 in net-snmp (main) "snmptrapd v5.4.1 seems to have a memory leak much like snmpd in the previous release" [Undecided,New] https://launchpad.net/bugs/380942
<j0nr> Kamping_Kaiser: yeah myswl uses the most, then apache and then irssi!
<j0nr> mysql even
<Kamping_Kaiser> j0nr, re apache, you can probalby unload some modules your not using to free some memory
<Kamping_Kaiser> never had to rework those services for 'low memory' systems before
<ion_> Regarding https://blueprints.launchpad.net/ubuntu/+spec/server-karmic-puppet-integration, are you sure puppet is the way to go? Iâve been using it for a while now and iâm looking for a replacement because the configuration syntax is not a proper scripting language. If it doesnât already provide you with certain functionality, youâll have to extend Puppet separately. For instance, iâve extended Puppet::Parser::Functions with something that sorts a ...
<ion_> ... list, but i canât even use that as a generic thing in the configuration â only in very specific places, such as file { foo: content => sorted_list(...) }. Another example: puppetâs augeas extension doesnât allow you to query augeas for something and then set things based on what it returned. If the configuration file were a Ruby script, for instance, you could use the Ruby bindings for augeas directly instead of using a wrapper that restricts ...
<ion_> ... the functionality. Chef looks like something i might switch to: http://wiki.opscode.com/display/chef/
<ion_> ttx: You seem to be marked as an âessentialâ subscriber to the blueprint. Perhaps you could consider this.
<\sh> ion_: cfengine is the same..no real scripting language..puppet is more to a scripting language then cfengine...and puppet is used by google (AFAIK)...and I chose it too for our servers
<eolo999> hi which is the package which substitutes ia32-libs on jaunty server?
<eolo999> im trying to install xampp on a 64 bit machine
<\sh> eolo999: ia32-libs?
<eolo999> \sh: yes
<eolo999> in hardy there is a package called ia32-libs
<eolo999> in jaunty there is not
<\sh> eolo999: ia32-libs and yes there is
<eolo999> mmmmhhhh
<eolo999> \sh: thx! it was an horrific typo
<eolo999> Is it to possible to have eucalyptus-cc and eucalyptus-nc on the same host?
 * eolo999 wants to build a puppet/cfengine app written in erlang
<Bizzeh> hi, how difficult is it to set up say four installs of ubuntu as a clustered database server
<Sam-I-Am> probably not hard
<genii> Bizzeh: I was just recently looking into high availability postgresql solutions. Previously we had freebsd machines with a custom solution. It looks like Slony for this is about the best bang for the buck.
<Bizzeh> genii: im looking to start something from nothing here, only reason i was looking towards a free solution
<genii> Bizzeh: Stock LAMP install on a number of boxes with Slony for database redundancy seems about the best bang-for-the-buck ( $0 )
<Bizzeh> ahh
<Bizzeh> running the testing on a single dual core machine right now, gonna set up a VM farm at the weekend to test a custered setup then
<Bizzeh> currently have around 8 million rows in 25 tables in 1db, but thats going to grow by about 4 million a day
<genii> Bizzeh: There are also lots of sites with tips to tweak PostgreSQL performance for large installs/speed optimizing   etc
<\sh> genii: I had a look at postgres and slony for a company project...and for master slave replication it's a bit too tricky...using those triggers etc. and for active active clusters I didn't find any good solution for postgres (only cybercluster but there is a lack of good documentation and they do some strange rsync+ssh magic fir Large File Objects, whatever that means in this DB context, wasn't documented)
<genii> \sh: For active/active it IS somewhat difficult. I've been on the same type of search for a better solution myself lately.
<\sh> genii: that's why we choose mysql cluster ... and regarding performance, which is better with postgres, I think more hardware will help here ;)
<genii> \sh: Since I've alread inherited a Postgres-based system (which a bunch of other stuff has been custom-writtten for) migration for us to mysql is unfortunately not an (forseeable) option.
<\sh> genii: yeah...we have luck to just start with this new project so we had to stresstest all involved systems and we had the chance to choose...but for an already running service this could be quite difficult
<lzantal> Just installed 9.04 server with software raid and when I boot I get /dev/md1 does not exist. Anyone came a cross this before?
<lzantal> anyone?
<rkitect> what is the command to list users?
<jmedina> rkitect: which users?
<rkitect> all users that are currently named on the system.
<jmedina> cat /etc/passwd
<rkitect> jmedina: thanks
<orudie> question. with using postfix/dovecot i created a user name and it automatically creates an email account for the user. I want to be able to use this email account as outgoing mail only , so that all the incoming mail to this account is rejected.
<jmedina> orudie: you need to configure postfix, it is well documented http://www.postfix.org/RESTRICTION_CLASS_README.html
<orudie> jmedina-> i think i would rather have the mail forwarded from one user to another, any quick way of accomplishing this ?
<jmedina> orudie: I don know, I always use the procedure described in the document
<jmedina> you can get more info in postfix mailing lists
<jmedina> if you look at the postfix mailing lists archives, you can find good examples
<giovani|work> orudie: postfix supports aliases yes ... but I don't know if they can be used the way you want
<giovani|work> orudie: if you don't want every user on the system to have an email account then use virtual hosting, where you define each email address -- and then you can make any aliases you like
<jmedina> orudie: you can do exactly what you want using postfix and Restrictions Classes, it is not that hard
<ScottK> It's easy enough to do.
<lupine_85> Hiya. I'm considering installing Ubuntu on a machine with a 1GB SSD for /boot and other small essentials (/etc, /lib, etc) and having /usr mounted over nfs/etc
<lupine_85> has anyone done this from install (as opposed to migrating it)
<jmedina> 1GB SSD for /boot?
<Sam-I-Am> thats a bit overkill lol
<lupine_85> a 1GB SSD for basically everything but /usr
<jmedina> you dont need /boot after boot
<lupine_85> maybe /var too
<jmedina> it is only used/read to read vmlinuz initrd
<stickystyle> I don't see why it wouldn't work, IIRC the base install is ~840MB
<stickystyle> and that is with a ton of stuff in /ust
<jmedina> my systems have 100GB for /boot, and I use noauto in fstab
<lupine_85> stickystyle: mm, but can I tell the installer to make use of NFS space?
<lupine_85> or is this something I'm going to have to hack together after the fact?
<stickystyle> Ah, I see what your getting at now....Humm, not exactly sure.  Perhaps the LTSP could provide some guidance, as they do some thin clients, I would think it could carry over to server.
<lupine_85> LTSP is netboot generally speaking, so not really the same domain :/
 * lupine_85 is trying to avoid netboot as he wants something that'll boot if the nfs server dies
<stickystyle> I know, but I thought they had some between thin/thick clients that had a base install
<lupine_85> i've not come across it - which is probably a good sign ;). I'll poke 'em - thanks
<genii> You can do in-target commands.
<lupine_85> genii: true enough, but that strikes me as much more hassle than just hacking it after the fact
<lupine_85> ideally at the partitioning stage there'd be an "add a network share" option :)
<lupine_85> buuuuuuuuuut I don't think there is
<genii> In the preseeds you can have for partitioning a "recipe" but not sure it includes non-local disks
<TJ`> anyone an avid webmin user and could help troubleshoot why im not receiving emails from the System and Server Status module?
<giovani|work> TJ`: Ubuntu doesn't support the use of webmin
<giovani|work> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system. See !ebox instead.
<TJ`> ive got it running perfectly lol
<TJ`> ill have a look at ebo though
<giovani|work> whether it works "perfectly" or not
<giovani|work> it's not supported
<giovani|work> try #webmin
<TJ`> empy
<TJ`> *empty
<TJ`> !google ebox
<ubottu> Sorry, I don't know anything about google ebox
<giovani|work> that doesn't bode well for the software quality
<giovani|work> !ebox
<ubottu> ebox is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/eBox
<TJ`> giovani i dont suppose u know a good system to monitor services on the network and email/sms when they go down?
<billybigrigger_> anyone here use roundcube for a webmail client?
<TJ`> billybigrigger_ ive used as part of cPanel
<TJ`> never installed it myself
<TJ`> its pretty good nice and clean
<billybigrigger_> hmm
<TJ`> users like it
<TJ`> bit slow
<billybigrigger_> i was just wondering about an auto-login for it
<billybigrigger_> just found something that looks alot better than squirrel, or roundcube, imo
<billybigrigger_> atmail
<billybigrigger_> looks very nice
<billybigrigger_> gonna play with that one i think, roundcube is just...i dunno, still early beta...and it feels like it too
<TJ`> lol
<billybigrigger_> http://www.atmail.org/demo.php.
<billybigrigger_> take a look, tell me that doesnt look 10x better than squirrelmail or roundcube
<TJ`> squirrelmail is like notepad
<TJ`> its just dead simple, stable and nothing with replace it :)
<TJ`> its v nice though!
<jmedina> notepad :S, what a comparision
<TJ`> responsive too
 * TJ` loves notepad
<TJ`> ok
<TJ`> what do people here use to monitor their networks and services?
<jmedina> TJ there are editors more advanced which can help you reduce you editing time, and therefore more productive
<TJ`> jmedina ofc there are, notepad++ eclipse, dreamweaver
<jmedina> TJ, just: apt-get install vim && vimtutor
<jmedina> :D
<TJ`> nano > vim
<jmedina> TJ`well I dont use windows, so I dont know
<billybigrigger_> all hail nano
<TJ`> people, is nagios really that good?
<jmedina> vi is the only editor I use, when you manage a comercial unix, the only editor you have is vi
<jmedina> TJ` it depens on your needs, and the layers you want to monitor
<TJ`> i want simple monitoring
<TJ`> when things go down i want an email
<TJ`> cant find ANYTHING simple
<jmedina> tj` well what is your definition of "simple monitoring"
<TJ`> and straightforward
<TJ`> i suppose check if that service on host:port is reacheable
<jmedina> TJ` you can use monit, it is really simple
<jmedina> tj` try centreon, it is based on nagios, really easy to configure
<jmedina> no need to edit nagios files
<TJ`> the samba conf files are easier then monit
<docta_v> i've built several custom .deb packages and would like to enable authentication for them
<docta_v> if i use debsig-verify all packages from the standard ubuntu repo fail verification... should i be using something besides debsig-verify or do i need to add the ubuntu keys to debsig
<docta_v> what method do the ubuntu packages use for verification?
#ubuntu-server 2009-05-28
<Vog-work> jmedina: I wouldn't call centreon simple
<Vog-work> IMHO
<oh_noes> how can I completely uninstall perl deleting any compiled binaries etc, and then reinstall it as per the original OS installation?
<oh_noes> I'm getting the following error:  /usr/bin/perl: symbol lookup error: /usr/lib/perl/5.10/auto/XML/LibXML/Common/Common.so: undefined symbol: Perl_Tstack_sp_ptr
<oh_noes> which I think is related to compiled modules
<Shaudh> Hi there
<Shaudh> I've installed ubuntu server 9.04 and have configured dhcpd3.. according to the man pages the leases should be in /var/lib/dhcpd3/dhcpd.leases.. however.. the file is empty.. and there are 2 leases.. where can I found the registration of these leases? :)
<Shaudh> anyone?
<uvirtbot> New bug: #380938 in samba (main) "_netdev not working; other mount.cifs problems" [Undecided,New] https://launchpad.net/bugs/380938
<error404notfound> i am generating a certificate from godaddy.com, the free 1 year one for open source project, can i input *.mydomain.com in cn field and hope it to work?
<error404notfound> yup, it works...
<error404notfound> gerat :D
<error404notfound> great*
 * error404notfound is surprised to see GoDaddy providing free services for open source considering their site is entirely in asp
<angelleye> I've got ProFTPD installed and I'm trying to browse symbolic link directories but when connected via FTP it says No such file or directory.  When I browse locally in terminal or in nautilus the sym links work just fine.
<FFForever> anyone around that can help with apache vhost?
<foxbuntu> FFForever, I can try to help, what seems to be the issue?
<FFForever> foxbuntu, www.domain.com/index.php works perfect :D
<FFForever> but www.domain.com asks me to download a phtml file
<foxbuntu> FFForever, you need to add the default document type I bet...i.e. setup index.php as the home page
<FFForever> foxbuntu, ohhh yeah domain.com works fine sorry i forgot to mention that
<FFForever> foxbuntu, http://pastebin.com/f58247299 (i have not updated the dns yet)
<FFForever> i am using hosts file to manually test it
<foxbuntu> FFForever, http://pastebin.com/m2dc7a0c0
<foxbuntu> see line 14
<FFForever> foxbuntu, that should be fine no?, since domain.com works perfectly
<FFForever> foxbuntu, i changed it to All and same thing
<foxbuntu> FFForever, if it all points to the same server yes...but try adding the line I noted in the pastebin to see if it helps
<FFForever> error log only says [Wed May 27 23:38:53 2009] [error] [client {My IP}] File does not exist: /home/fresy/public_html/fresyland.com/favicon.ico
<foxbuntu> thats no big deal
<FFForever> yeah...
<foxbuntu> im sorry, I didnt see the directoryindex statement at the top before
<FFForever> np
<FFForever> i only added it to test...
<foxbuntu> you have the hostname in place for both domain.com and www.domain.com?
<FFForever> if i just make a vhost called www.fresyland.com and not use alias it works
<FFForever> =\
<FFForever> nvm i stand corrected
<FFForever> it does not work
<foxbuntu> hrm
 * foxbuntu goes to get his production vhost to compare
<foxbuntu> FFForever, this is what I am using:
<foxbuntu> <IfModule mod_dir.c>
<foxbuntu>     DirectoryIndex index.cgi index.html index.htm index.shtml index.php
<foxbuntu>   </IfModule>
<foxbuntu> paste that add the end of your vhost (above </virtualhost>
<foxbuntu> s/add/at
<foxbuntu> sorry to ask a basic question...but you are reloading the confs after you change them right?
<FFForever> foxbuntu, nope =\
<FFForever> yeah
<FFForever> after each change i am just reloading not rebooting
<foxbuntu> FFForever, strange
<FFForever> foxbuntu, wanna edit your hosts file and see if you get the same?
<foxbuntu> FFForever, perhaps I could try with my dev server
<FFForever> foxbuntu, nvm :D
<foxbuntu> FFForever, I think it your servername statement though
<FFForever> i cleared firefox :D
<foxbuntu> ah
<foxbuntu> cache
<foxbuntu> :)
<FFForever> no more downloading..., oddly server was giving me raw php
<foxbuntu> FFForever, browser junk I am sure
<foxbuntu> FFForever, glad you have it working however
<FFForever> no it was the right source =\
<ivoks> ScottK: !ops
<ivoks> should work
<ivoks> !ops
<ubottu> Help! Channel emergency! infinity, soren, lamont, mathiaz or tom
<ScottK> ivoks: Right.
<hagedorn_> hey, for know iam using nagios grapher for load mysql network graphing, ist there a better solution where i can view live stats of this apps ? for a group of 30 servers ?
<owh> For the life of me I cannot recall what the cli tool is called that allows me to monitor network traffic on an interface. The UI shows a line for each connection and the used bandwidth. Any one recall what it's called?
<infinity> owh: iptraf?
<BlindHunter> r	hi! While installing Ubuntu Server 8.04 I've fount an 'unpleasant moment'. After configuring network (network cable was unplugged) the install hanged on apt checking volatile mirror ... After 15 minutes of waiting I had to reboot pc ... Why not to reconfigure installer and add 'skip' button when checking mirrors ?
<BlindHunter> If it's a 'Server' dist then why should administrators keep waiting ?
<owh> infinity: It's not the tool I was looking for, unless it's changed lots since I last used it, but it's looking pretty useful.
<mattt> owh: you looking for something real-time?  if not, there's vnstat
<owh> mattt: Yeah, the tool I used to use but cannot recall the name for was realtime.
<mattt> owh: it's a nice little tool that summarizes bw usage per day, etc.
<mattt> ah, k
<owh> infinity: I have to say, this is very nice.
<ajmitch> owh: you may have been thinking of iftop
<owh> Ah that rings a bell.
<owh> ajmitch: That's the one!
 * owh now has to choose between iftop and iptraf :)
<chunk> question : have a thin client - that is supposed to boot headless and send the serial port the console - it all works as long as I don't disconnect the vga console port
<chunk> (when vga console port is disconnectedf I see via serial port that it gets as far as grub and then hangs ..)
<chunk> have tried many different type of switches in grub doesn't seem to make a difference...
<chunk> any ideas
<ivoks> lamont: you asked for me?
<lamont> ivoks: more had some questions on postfix 2.6.1 before I uploaded it completely
<ivoks> lamont: ok...
<lamont> ivoks: otoh, postfix 2.6.1-0 is in debian/incoming bound for experimental atm
<lamont> I'd like to toss 2.6.1-1 into unstable tomorrow so I can have it synced before EOW
<ivoks> sounds ok
<ivoks> lamont: are you at uds?
<lamont> physically, yes.
<lamont> working it rather than attending, though
<ivoks> oh, ok
<lamont> so sometimes I'm here, mostly not
<lamont> physically mostly in k4
<ivoks> i'm in 2, which ever that is
<uvirtbot> New bug: #381269 in nut (universe) "NUT fails to shutdown UPS" [Undecided,New] https://launchpad.net/bugs/381269
<kwork> where are defined the commands that are executed at sudo/su ?
<kwork> nevermind.
<tv7497> guys i have a lamp sever ! well is there a way for other's to upload a file to my server ?  well i have jaunty desktop version running for 64 bit machine
<kwork> tv7497,  there are several ways
<tv7497> kwork: could you help me atleast with one way ?
<radovan> tv7497: scp, sftp, ftps, webdav
<kwork> tv7497,  rather you should decide what you exactly need
<kwork> and there are howtos for everything on ubuntu
<tv7497> kwork: well what i need is to a simple way for my friends to upload their pic on to my server
<tv7497> radovan: isnt there a simple tool or a script which would help me here ?
<radovan> tv7497: if you have lamp you can make a simple upload script with http basic auth
<tv7497> radovan: how do i do it ? i am really really new to this :)
<tv7497> radovan: well with some googling i got to know about this proftpd i have no idea how to use it any idea ?
<radovan> ok, forget about ftp, use scp
<radovan> you just need openssh-server installed
<pmatulis> in jaunty is anonymous query allowed by default?
<pmatulis> for openldap
<tv7497> openssh-server okie radovan and ?
<radovan> then you can log in through scp/sftp if you have account, that's all
<radovan> :)
<radovan> there is client for windows called winscp, in linux there is sshfs, or you can you commandline scp
<tv7497> radovan: i have no idea what those are ! scp / sftp  !!! i will install openssh-server and let you know could you please guide me from there ?
<radovan> tv7497: http://en.wikipedia.org/wiki/Secure_copy
<radovan> tv7497:
<radovan> http://en.wikipedia.org/wiki/SSH_file_transfer_protocol
<radovan> but this is offtopic in here, you should discuss that in #ubuntu
<tv7497> radovan: well i get like this when i try to install openssh-server http://paste.ubuntu.com/182831/
<radovan> maybe you should read the manual in the first place
<radovan> off to work
<tv7497> radovan: see ya !
<Fumoh> so there's this old server here in our datacenter, and I need to find something fun to do with it.
<Fumoh> emphasis on the fun.
<tv7497> guys was trying to install open ssh server i get this message when i type ssh user@server ip address i get like this http://paste.ubuntu.com/182831/
<Hecate> tv7497, so what's your problem?
<tv7497> Hecate: its resolved thanks :)
<RoAkSoAx> ivoks, heya master.. any news on the cluster stack session?
<ivoks> it's now
<RoAkSoAx> ivoks, which room to listen to your presentation :)
<RoAkSoAx> I got it :)
<jmedina> RoAkSoAx: what link?
<RoAkSoAx> jmedina, http://icecast.ubuntu.com:8000/room14.ogg.m3u
<jmedina> thanks
<RoAkSoAx> ivoks, I think we should go for with whatever debian goes for... and I think for now is pacemaker... which means both openais and heartbeat... we could also support rhcs for a while...
<ivoks> ok...
<oruwork> whats the path to the list of banned ips by hosts deny ?
<oruwork> ivoks-> !!!! whats up my man
<oruwork> havent seen you in a long time
<frojnd> HEllo there
<frojnd> Today I come home and my serer was turned off...
<frojnd> Now I'd like if there was some kind of CPU overloading
<frojnd> or why did this hapen
<ivoks> check logs
<ivoks>  /var/log/syslog*
<frojnd> I would like to know if tehre was some electricity problem I doubt that since it's on UPS..
<ScottK> I think it's pretty unlikely it'd get to power off all by itself.
<frojnd> ScottK: I think that too..
<frojnd> I'll turn it on and check the logs..
<oruwork> frojnd-> i had the same problem when i had a server at home, decided its not worth it and signed up for a VPS
<oruwork> it was deffinetly hardware related cause that box did the same thing with windows 2k3 server isntalled
<frojnd> oruwork: VPS?
<frojnd> oruwork: this is thefirst time.. I had uptimes up 20 200+ days...
<oruwork> 200+ days thats good
<frojnd> oruwork: Yeah,.. relatively :P
<oruwork> so any ideas on where to start to set up own irc server ?
<radovan> oruwork: you need co compile ircd
<radovan> i like unreal, it has nice set of features
<frojnd> HEllo there again
<frojnd> I'm looking at /var/log/syslog andd I'm trying why would ubuntu server reboot: http://pastebin.com/d345913f7
<frojnd> The first line
<frojnd> reboot
<frojnd> do something
<frojnd> and than turn itself off..
<frojnd> since I found server powered off..
<frojnd> any ideas?
<frojnd> May 28 06:39:01 ubuntko /USR/SBIN/CRON[8492]: (root) CMD (  [ -x /usr/lib/php5/maxlifetime ] && [ -d /var/lib/php5 ] && find /var/lib/php5/ -type f -cmin +$(/usr/lib/php5/maxlifetime) -print0 | xargs -r -0 rm)
<frojnd> what does that mean?
<frojnd> I didn't execute this command..
<frojnd> neither setup any cronjobs..
<frojnd> I would really like to know if I have some leaks in the system :)
<infinity> frojnd: That cronjob ships with php.
<infinity> frojnd: /etc/cron.d/php5
<frojnd> infinity: ok.. still why it did resetart
<frojnd> cause of some error in php
<aljosa> how do i set in python 2.5 instead of 2.6 as default in jaunty?
<frojnd> ?
<infinity> frojnd: That cronjob definitely didn't reset your machine. :)
<frojnd> I'd like to know if there was CPU overflow or RAM leak
<frojnd> infinity: it wasn't restartet you see...
<frojnd> It was POWERED down :)
<infinity> frojnd: Where are you looking?
<frojnd> infinity: /var/log/syslog
<infinity> #
<infinity> May 28 11:17:01 ubuntko /USR/SBIN/CRON[8876]: (root) CMD (   cd / && run-parts --report /etc/cron.hourly)
<infinity> #
<infinity> May 28 17:14:31 ubuntko syslogd 1.5.0#1ubuntu1: restart.
<infinity> ?
<frojnd> hum
<frojnd> em...
<infinity> You lost power, or yor hardware hung.
<infinity> Cron didn't do either of those things.
<frojnd> infinity: lost power when?
<frojnd> I powered on at 17:someting
<infinity> Yes...
<infinity> You obviously lost power at 11:17:01 and turned it back on at 17:14:31 ...
<frojnd> Let assume the power didn't went off...
<infinity> I'm failing to see how this is a software issue. :)
<frojnd> What else it could be=
<infinity> The machine was off, you say?
<frojnd> ?
<frojnd> infinity: yep
<infinity> Then you lost power.
<infinity> We don't spontaneously cut power.
<frojnd> infinity: it's not that simple
<infinity> If the kernel had hung, the machine would have still been on.
<frojnd> infinity: I just have to ask the employee if the power went off...
<frojnd> brb
<frojnd> :P
<uvirtbot> New bug: #381362 in mysql-dfsg-5.1 (universe) "cannot provide "mysql-client" and the the dependencies are to "mysql-client" " [Undecided,New] https://launchpad.net/bugs/381362
<frojnd> infinity: you are right :)
<frojnd> the entire area was weithout power
<frojnd> I was on university but they have generators or I don't know what there..
<frojnd> at the university :P
<frojnd> currently I have usp that can power 30min but looks like I'd need a couple more of em :D
<yann2> if I want to define a .vimrc for all users, where should I put it?
<radovan> yann2: /etc/vim/vimrc
<radovan> yann2: personalized settings are in ~/.vimrc and had priority over global settings
<frojnd> I know this one of those questions that are logicall but, how long does ubuntu take to build the kernel with: Genuine Intel(R) CPU           T2250  @ 1.73GHz (core duo)
<aljosa> is there a way to set python2.5 as default in jaunty?
<_jmedina> radovan: for ubuntu personalized  (global) settings go into /etc/vim/vimrc.local
<_jmedina> it is included in /etc/vim/vimrc
<RoAkSoAx> ivoks, heya master, what's this file ./.pc/.version for?
<ivoks> RoAkSoAx: where?
 * ivoks sleeps
<W8TAH> i have 2 software raid 5 devices on a server that i need to remove -- ive booted off a server install disk and am trying to delete them at the partitioner -- no luck - -what do i do now?
<W8TAH> the install disk keeps protesting that they may be active
<rsr> hello
<rsr> ubuntu isnt detecting my network interfaces. When I try sudo ifconfig ethx up it says no such device. I can see the ethernet devices through lspci though
<ivoks> rsr: sudo ifup ethx
<rsr> anyone?
<ivoks> not ifconfig
<rsr> ok
<ivoks> if it's setup in /etc/network/interfaces
<rsr> same thing
<rsr> error while getting interface flags
<rsr> no such device
<ivoks> which network cards are we talking about and which ubuntu version?
<ivoks> lspci shows PCI devices, that doesn't mean those devices work or are supported
<infinity> rsr: Are you literally typing "ethx"?
<infinity> rsr: Cause that could cause a problem or two. :P
<infinity> rsr: Try "sudo ifconfig -a" and see if you have any network cards usefully listed.
<rsr> of course not
<rsr> lol
<rsr> but I reinstalled a fresh system
<rsr> now its ok
<infinity> rsr: Right, but whatever you're calling your NIC, it's obviously not named that by the kernel, is my point.
<rsr> ill just copy the config files from the one in production
<infinity> rsr: So, rather tan blindly guessing, have a look at what you have?
<rsr> yes
<infinity> s/tan/than/
<rsr> I got it
<rsr> any idea for high availability?
<ivoks> rsr: which ubuntu version?
<rsr> 8.10
<ivoks> redhat-cluster-suite
 * ivoks is becoming addicted to Juanola's de limon
<CNLiberal> i was directed here from the main ubuntu channel
<CNLiberal> i'm having issues with my MDADM array
<CNLiberal> specifically, the array seems to stop all writes or deletes for no reason at all
<CNLiberal> i'm in the middle of editing my music files with EasyTag and the program was doing a mass re-write of the ID3 tags
<CNLiberal> in the middle, it has hung
<CNLiberal> i'm not able to add or delete any files from the array
<CNLiberal> this has happened a couple times before
<Gargoyle> Evenin' all
<vbabiy> Any one have any idea what would make ubuntu do this ping google.ne: and it starts google.ne.com
<vbabiy> running on 9.04 server
<ion_> Could the DNS server you use be doing something strange?
<vbabiy> It also does the same when I use curl or lynx
<vbabiy> ion_: no when I do nslookup it get: ** server can't find google.ne: NXDOMAIN
<ion_> What does getent hosts google.ne say?
<rsr> is there a way I can see if the cable connected is actually connected to eth0 and not eth1?
<vbabiy> howsthe ~/logs/howsthedotcom: getent hosts google.ne
<vbabiy> 63.77.241.229   google.ne.com
<ion_> grep hosts /etc/nsswitch.conf
<vbabiy> grep hosts /etc/nsswitch.conf
<vbabiy> hosts:          files dns
<rsr> ion_ was that for me?
<ivoks> rsr: dmesg | grep eth
<rsr> ok
<ion_> vbabiy: Please pastebin /etc/resolv.conf
<rsr> eth0 switches between link up and link down
<vbabiy> http://dpaste.com/48741/
<vbabiy> ion_: ^
<ion_> vbabiy: Iâm out of ideas then. The last thing i thought of was some search directive or equivalent in resolv.conf causing the problem.
<vbabiy> Is there a package that would do this, I mean I run 9.04 on my laptop and it works fine. But my server is doing this
<Gargoyle> vbabiy: I take it you don't have any relevant entries in /etc/hosts?
<vbabiy> cat /etc/hosts
<vbabiy> 127.0.0.1     localhost localhost.localdomain
<vbabiy> 127.0.0.1     howsthe.com
<vbabiy> Gargoyle: looks right to me
<ion_> vbabiy: strace -f -s10000 -o strace.getent getent hosts google.ne, anything interesting in the output?
<vbabiy> strace -f -s10000 -o strace.getent getent hosts google.ne
<vbabiy> 63.77.241.229   google.ne.com
<vbabiy> This just makes no sense to me
<vbabiy> ion_: do you want to see the file
<ion_> You might want to skim through it to verify it doesnât contain any private data (it shouldnât, but you canât be too careful) and then pastebin it as well.
<vbabiy_> ion_: did you see th paste
<ion_> No messages from you reached the channel.
<vbabiy__> ion_: did you see th paste
<vbabiy__> if not here it is http://pastebin.com/d6d5ab5ca
<FFForever> is there a way to print the final usage?, like 32mb used out of blah, the 32 would include the used - cache/buffered/free
<vbabiy> FFForever: I think you want free -m
<vbabiy> Any one else have any idea when I try to ping a domain that is can't be resolved and dos not have a .com ubuntu addes it to the end. Example google.ne it pings google.ne.com
<hvn> maybe the nameserver you are using is trying to be helpful
<hvn> does e.g., running host whatever resolve to whatever.com or something along that
<ion_> vbabiy: Iâm again out of ideas. The program queries about google.ne, gets a response that *does not* contain âgoogle.ne.comâ and then immediately proceeds to query about google.ne.com. Dunno what could cause that.
<vbabiy> well thanks for your help ion_
<hvn> if I do this: host google.ne.com ns95.worldnic.com
<hvn> I get back: google.ne.com has address 63.77.241.229
<hvn> and ns95.worldnic.com I got from the pastebin above
<ion_> vbabiy: You seem to have nscd installed. Could it perhaps have something to do with this?
<vbabiy> ion_: installed after I noticed the issue
<vbabiy> hvn: not sure what you mean?
<hvn> line 252 on your pastebin link shows ns95.worldnic.com
<hvn> If I query it for google.ne.com I get back the same IP address as you did
<hvn> s/query/query using host/
<infinity> vbabiy: Sounds to me like you have .com in your resolv.conf
<vbabiy> infinity: cat /etc/resolv.conf
<vbabiy> nameserver 72.3.128.240
<vbabiy> nameserver 72.3.128.241
<infinity> vbabiy: output of hostname and hostname -f?
<vbabiy> howsthe ~: hostname
<vbabiy> howsthe.com
<vbabiy> howsthe ~: hostname  -f
<vbabiy> howsthe.com
<Skaag> is there a ready made intrepid kernel with grsecurity?
<vbabiy> infinity: ^
<infinity> vbabiy: for starters, "foo.com" isn't a hostname.  The resolver might be trying to be clever.
<infinity> vbabiy: But, also, your nameserver is extra clever.
<infinity> adconrad@cthulhu:~$ nslookup
<infinity> > server 72.3.128.240
<infinity> Default server: 72.3.128.240
<infinity> Address: 72.3.128.240#53
<infinity> > google.ne
<infinity> Server:		72.3.128.240
<infinity> Address:	72.3.128.240#53
<infinity> ** server can't find google.ne.0c3.net: REFUSED
<infinity> vbabiy: Notice how it's tacking 0c3.net (my domain) on the end of the result?
<infinity> Oh, wait, that's nslookup being clever.
<infinity> Yeah, I'm half asleep.
<vbabiy> infinity: you think, I should just change my hostname to something like howsthedotcom
<infinity> vbabiy: At any rate, your machine thinks ".com" is your search domain, so it adds it to the end of unresolvable hosts.
<infinity> vbabiy: Or, you could just not worry about it?
<infinity> vbabiy: Most people have search domains.  Yours just happens to be silly. :P
<vbabiy> infinity: its a big problem for me, cause hosthe.com service to break :D
<infinity> vbabiy: Or, add a "search" or "domain" line to resolv.conf, if you want a more useful one.
<infinity> vbabiy: It's a big problem for you that unresolvable names are broken?
<infinity> vbabiy: Real hosts (like google.com) surely work fine?
<vbabiy> infinity: right but names like google.ne also work fine since ne.com is a valid domain
<ion_> Ah, i didnât realize a missing search/domain in resolv.conf causes DNS lookup to try to be âsmartâ.
<vbabiy> ion_: me either
<TheDJACR> My system won't boot past Starting Kernel Logging Daemon
<ion_> I expected the only result to be that you need to specify FQDNs everywhere.
<infinity> vbabiy: I'm still failing to see how that's a problem...
<TheDJACR> It just hangs.
<infinity> vbabiy: So, stop looking up unresolvable hosts?
<vbabiy> infinity: well the backend uses urllib2 from python and when I tell it to go check google.ne it gets google.ne.com
<infinity> vbabiy: But why are you telling it to check something that doesn't exist?
<infinity> (Or, again, why do you care?)
<vbabiy> infinity: Well I don't know it doesn't exist till it checks
<ion_> A user probably mistyped something and the service should have said âcanât resolveâ instead of using google.ne.com blindly.
<TheDJACR> What shall I do :P
<infinity> ...
<infinity> Right, I'm failing to get information about this service, or why it's cool to do lookups of unresolvable hosts. :P
<infinity> vbabiy: Just put "search howsthe.com" in your resolv.conf, and make sure you don't use wildcard DNS for your own domain, problem solved.
<vbabiy> infinity: thank, it sure is
<vbabiy> And I am planing on fixing the issue of it blinding check wrong addresses
<vbabiy> thanks for all your help guys ion_, infinity
<TheDJACR> It was an LDAP misconfig.
<TheDJACR> LDAP shouldn't halt the boot, though.
<rysiek|pl> hi guys
<rysiek|pl> I am sure aI am missing something opbvious here
<rysiek|pl> I have got those iptables rules
<rysiek|pl> http://pastebin.com/m6d2104f9
<rysiek|pl> but NOTHING shows up, either in dmesg nor in /var/log/*
<rysiek|pl> any hints?
<rysiek|pl> yes, I am generating the packets ;)
<Skaag> try the iptables channel maybe?
<Skaag> personally I'm very weak with iptables
<Skaag> I use shorewall to cover myself ;-)
<rysiek|pl> tried
<rysiek|pl> the channel, that is
<Skaag> (it then calls iptables but at least I have a layer I can understand easily)
<rysiek|pl> yeah
<rysiek|pl> I am quite good with iptables
<rysiek|pl> butr it just won't log
<rysiek|pl> there is something dumb in that, I know
<Skaag> you think some kernel module might not be loaded?
<rysiek|pl> prolly
<rysiek|pl> loiaded ipt_LOG already
<Skaag> was about to suggest that
<Skaag> you checking in syslog?
<rysiek|pl> yeah
<Skaag> what if it's setup to forward to another destination?
<rysiek|pl> grep 'my-log-prefix' /var/log/*
<rysiek|pl> it's not
<Skaag> such as ulog
<Skaag> hm. ok.
<phoenixz> Ubuntu server edition will allow me to work with LVM during installation?
<Skaag> I believe so
<Skaag> it's an option during the installation process
<phoenixz> Skaag: will it also alow me to specify logical volumes (so that after that I can use them)?
<Skaag> probably although I haven't tried
<Skaag> it makes sense however
<Skaag> or else what's the point
<phoenixz> id think so
<phoenixz> How can I let SSH ignore the knownhosts file? I have some weird problem with a program that keeps replacing the knnown host file and with that it messes up its own ssh calls.. I want to configure ssh to ignore the known hosts file for the moment, just to be able to continue testing. How do I do this?
#ubuntu-server 2009-05-29
<msantos> chmod 000 .known_hosts ; chmod 644 when your done
<oh_noes> Can anyone link to a blog or how to which quickly goes over multipath fibre channel in Ubuntu, and the tools to use
<oh_noes> I've just assigned two disks the a server, atm it's two seperate disks
<oh_noes> what generates /dev/disk/by-uuid symlinks at boot time?
<twb> udev, I imagine.
<oh_noes> I just created a multipath disk mapping but the UUID is pointing to one of the single disks in the DM, and not the /dev/mapper node
<twb> If you're using dmraid, be very, very afraid.
<oh_noes> so I cant use the UUID in fstab to mount it, I'm manually specifying the /dev/mapper entry
<oh_noes> not dmraid, multipath-tools (multipath, scsi_id)
<twb> OK, cool.
<oh_noes> ubuntu's pretty pathetic when it comes to FC SAN disk and MPIO
<oh_noes> but I managed to get it to work
<twb> oh_noes: did you write an article about your adventure?
<twb> fibre's a bit above my means, but I'm still curious
<oh_noes> I should, there's not enough blog posts about
<oh_noes> LAMP, 40000000000000, FC SAN MPIO DM, 1 thats got typos and isnt correct
<twb> LAMP blows anyway.
<twb> Why "the kids" flock to mysql and php, I do not know.
<TimReichhart> hi guys I need some help on getting horde/imp to show up on my server I used the command line to install it by apt-get install imp4
<Clusty> hey
<Clusty> i just installed the server for the first time (i am a desktop user for some time now)
<TimReichhart> hi guys I need some help on getting horde/imp to show up on my server I used the command line to install it by apt-get install imp4
<Clusty> unfortunately during I chose to encrypt the homes on it and now I cannot use ssh keys to access it (that is at least my theory as to why keys don't work). what's the fastest way to disable encryption?
<Clusty> TimReichhart: do a sudo dpkg -L imp4
<Clusty> that is gonna tell you where files are located
<Clusty> if apache is not aware of the location /etc/apache/conf.d/... you need to either make a symlink to  imp inside /var/www or make an alias
<Clusty> hope this helps...
<TimReichhart> well see Im seeing its listed under /etc/horde3 and /etc/horde/imp4
<Clusty> but no web pages?
<TimReichhart> that is correct
<TimReichhart> so I have to create a sym link
<Clusty> ...weird. i never used it but had several web projects installed and all had some "meat" to them
<Clusty> i cannot help you more i guess. might want to try installing from the horde people. not sure how complicated that is
<TimReichhart> ya this is my first time even doing horde/imp
<Clusty> TimReichhart: try the official version. they prolly have a nice step by step howto. its also likely that its newer version
<Clusty> ...takes a while for stuff to reach ubuntu packages
<TimReichhart> i have the newest server 9.04 so
<TimReichhart> nvm i found it
<twb> Is there a channel for LTS *desktops*?
<dthacker> twb:  #ubuntu or #kubunt should be able to respond to LTS questions
<twb> Har har.
<dthacker> then perhaps the forums or questions section on Launchpad would be the place to try.
<billybigrigger> anyone alive?
<error404notfound> billybigrigger, yes?
<billybigrigger> my grub messed up on me, now my raid wont mount
<billybigrigger> fdisk shows sda1 and sdb1
<billybigrigger> http://pastebin.com/m5ecd9eba
<billybigrigger> but i can't mount either sda1 or sdb1
<billybigrigger> and md0 isn't showing
<billybigrigger> im in 9.04 live cd right now...i just a few files off it immediatley and i can deal with the grub issue in the morning
<billybigrigger> how do i re-create md0?
<stanman1> hi, how can i show ssh sessions?
<stanman1> i got an error so putty got killed, now i need to return to that ssh session
<maxb> You can't
<maxb> You might want to investigate the 'screen' program for use in the future
<stanman1> ?
<stanman1> what do you mean?
<mario_> Hello!
<mario_> anyone here using Intels RMM2?
<mario_> my keyboard does not work with my custom kernel. It works with a ubuntu live cd
<mario_> any idea what modules i am missing?
<billybigrigger> i've lost my /dev/md0 device for my raid 1 setup...fdisk shows sda and sdb as linux raid autodetect...now how do i go about re-creating my raid device md0?
<Skaag> you could use MAKEDEV if you know the numbers
<Skaag> but the driver should create that device
<Skaag> if I'm not mistaken
<Skaag> what kind of raid is it?
<billybigrigger> raid 1
<billybigrigger> i set it up during 9.04 install
<billybigrigger> so software raid 1
<Skaag> ah, software raid!
<Skaag> lvm?
<billybigrigger> no clue
<billybigrigger> i just picked the defaults all the way though :P
<billybigrigger> through
<Skaag> probably with mdadm
<Skaag> you have something important on it?
<billybigrigger> it was all setup in ubuntu install, so i don't know the process of setting it up, or configuring it when its broken
<billybigrigger> lol yes of course, there's always something important on the disks that go down! :P
<Skaag> ha!
<Skaag> wait a sec. how did you lose it in the first place?
<Skaag> did you just delete it manually?
<billybigrigger> i don't know
<billybigrigger> no
<billybigrigger> ahh now that i think about it, hard system lock up, then when i rebooted /dev/md0 isn't there
<billybigrigger> not shutdown properly
<Skaag> so you didn't erase it. good.
<Skaag> this means there is a problem with it, and this is probably why the device is missing.
<Skaag> so you do need to fiddle with mdadm probbly
<Skaag> probably
<billybigrigger> ok, thats new to me, i've never heard of mdadm
<Skaag> http://ubuntuforums.org/showthread.php?t=556108
<Skaag> does this sound familiar?
<billybigrigger> did you read those 3 posts?
<Skaag> here's a nice article on how this is done: http://beginlinux.com/server_training/server-managment-topics/1000-raid-1-on-ubuntu-804
<Skaag> yes I read them, there is no solution there
<Skaag> but he talks about a similar problem to yours
<billybigrigger> ya, so am i creating a new raid array?
<billybigrigger> to replace md0?
<billybigrigger> creating the array wont format the disks at all right?
<Skaag> not a new one
<Skaag> you want to preserve the old one right?
<Skaag> yes, only mke2fs will erase the device
<Skaag> so you should be safe
<Skaag> If you can, always make a copy of the files
<Skaag> this way you have something to go back to
<billybigrigger> well i thought that was the point of raid
<billybigrigger> i have 2 x 500gb disks in that array
<billybigrigger> now the array was borked so i loose all that data? :P
<billybigrigger> kind of sounds pointless to run those disks in raid, might as well have a TB of storage :P
<billybigrigger> like i can't even mount sda or sdb by themselves...
<billybigrigger> so they're useless right now...
<billybigrigger> http://pastebin.com/m35b78e72
<billybigrigger> oops, take a look at that
<billybigrigger> am i doing something wrong? im trying to create md1 with sda and sdb
<billybigrigger> so its saying its already part of an array
<billybigrigger> ok
<billybigrigger> i got the array started with mdadm
<billybigrigger> Skaag::: now fdisk reports....
<billybigrigger> Disk /dev/md0 doesn't contain a valid partition table
<billybigrigger> so is my data gone?
<billybigrigger> or whats my next step, just create an ext3 partition and mount /dev/md0?
<billybigrigger> never mind
<uvirtbot> New bug: #380197 in openvpn (universe) "pkcs12 doesn't work in jaunty" [Undecided,New] https://launchpad.net/bugs/380197
<Jeeves_> Hi
<Jeeves_> What's Mark Shuttlewords emailaddress?
<ogra> Jeeves_, its stored on launchpad
<Jeeves_> Ah yes, i'll try to look it up there
<Jeeves_> launchpad is slow :)
<beawesomeinstead> do you guys think i need swap for dom0 that runs nfs server only (8gib ram)?
<RoAkSoAx> ivoks, heya master how's it going
<ivoks> good, you?
<RoAkSoAx> ivoks, good too :)
<RoAkSoAx> ivoks, do you have time to help me out in a couple questions?
<ivoks> i do, but not much
<ivoks> couple of minutes
<RoAkSoAx> ivoks, ok that would be enough.. How do I know if I should do updates?
<ivoks> updates?
<ivoks> what kind of updates?
<RoAkSoAx> ivoks, updating the package to a newer upstream version
<ivoks> there is debian import freeze
<ivoks> https://wiki.ubuntu.com/DebianImportFreeze
<RoAkSoAx> ivoks, so after Debian Import Freeze, I can start working on updates?
<ivoks> ?
<ivoks> are you talking about mergers from debian?
<ivoks> or something else?
<ivoks> oh, from upstream
<RoAkSoAx> ivoks, no. Something else. For example, filling a bug such as: Please update ipvsadm to new upstream version 1.25
<ivoks> basicaly, debian is our upstream
<ivoks> but for packages which we care about more than others
<ivoks> those can be done directly from upstream
<ivoks> all updates should be done before feature freeze
<ivoks> after feature freeze, only bugfixes are going in
<RoAkSoAx> ivoks, right, so I should just pick those packages that I want them to be in the latest upstream version and update them?
<ivoks> yes, but they won't go in unless there is a strong reason
<RoAkSoAx> ivoks, for example this package: https://bugs.launchpad.net/ubuntu/+source/ipvsadm/+bug/375485
<uvirtbot> Launchpad bug 375485 in ipvsadm "[needs-packaging] Please upgrade ipvsadm to 1.25" [Wishlist,New]
<ivoks> is it packaged for debian?
<RoAkSoAx> ivoks, in debian is: 1:1.24-2.1
<ivoks> so, that's a no
<ivoks> you could work on that, if you want
<RoAkSoAx> ivoks, yep i'm on it already :) so what is the workflow in an update??
<ivoks> but note that debian might package it before our debian import freeze, so it still can get in trough merge/sync process
<ivoks> version should be ..-0ubuntu1
<ivoks> so that when debian creates ...-1, we could merge it
<ivoks> anyway, this is for #ubuntu-motu
<ivoks> not here
<W8TAH> how do i delete raid devices that i created incorrectly so that i can re-configure them properly?
<phoenixz> Does ubuntu-server have support for SAN over fiberoptic cards?
<AnRkey> on 7.10 server i have a small problem... in /etc/sysctl.conf i have uncommented net.ipv4.conf.default.forwarding=1 to enable routing. However when I cat /proc/sys/net/ipv4/ip_forward 0 is returned. Is there something that I missed in 7.10 when it comes to doing routing?
<W8TAH> how do i delete raid devices that i created incorrectly so that i can re-configure them properly?
<Max007> Hi, I'm working on a transparent proxy server in bridge mode. It intercept all http request and forwards to squid. I'd like to do the same thing for DNS requests and then keep the result in cache for others clients. Is there a way to do that ?
<AnRkey> W8TAH, i had to delete them with mdadm if i can remember correctly
<AnRkey> W8TAH, after u have mucked it up it's a bit tough to get the tui (text user interface) to install it correctly again.
<AnRkey> W8TAH, in the end I had to do it the command line way to fix it
<AnRkey> or use other clean drives
<W8TAH> ok --
<W8TAH> ugh
<W8TAH> LOL
<W8TAH> i'll see if i cna go via command line to run fdisk
<W8TAH> worst comes to worst i'll grab a gentoo boot disk and use that to kill the partitions
<W8TAH> and start over
<phoenixz> Does ubuntu-server have support for SAN over fiberoptic cards (like Q-logic) ?
<Blime> Do any of you know where to find a port of openssh-server 5.1 for 8.04?
<rsr> I have a load balancer that does icmp, http and traffic checking. I am not responsible for the load balancer, but right after the LB comes my squid proxy and then the LAN. I am havint intermitent connection to the internet on the lan. When I remove the proxy internet seems normall. I dont know which logs to check since I cant see anything unusuall in messages and in syslog. Has anyone had simmilar problems?
<rsr> one thing
<rsr> it seems to be when the logs are rotated
<rsr> does anyone have problems with logrotation and squid ? does anyone experience an internet connection hang?
<jmedina> rsr: do dyou use squid log rotate options?  or logrotate?
<rsr> jmedina when I installed squid through apt-get it seemed to have set up a system itself
<rsr> jmedina I havent set any logrotate system so I assume the ubuntu packages do by default
<rsr> does anyone know how I can disable squids autorotate funcion on ubuntu server?
<rsr> 8.10
<jmedina> rsr: just edit squid.conf and put rotate option to 0
<rsr> jmedina : strange... it is already set to 0
<rsr> jmedina : it defaults 0
<rsr> jmedina So some other tool must be doing it
<rsr> ill be right back
<Max007> Hi, I'm working on a transparent proxy server in bridge mode. It intercept all http request and forwards to squid. I'd like to do the same thing for DNS requests and then keep the result in cache for others clients. Is there a way to do that ?
<AnRkey> Max007, it's called dns forwarding
<AnRkey> i think bind does it
<AnRkey> it's very simple to do
<Max007> AnRkey: I need it to be fully transparent. I can't change any configuration on the lan computers or servers
<Max007> AnRkey: The bridge must intercept all dns queries and forward them to dnsmasq
<Max007> or bind
<AnRkey> 1sec
<AnRkey> Max007, i would set up a dns proxy/cache
<AnRkey> a quick google finds many howtos for that
<AnRkey> the problem....
<Max007> I tried dnsproxy with dnsmasq
<Max007> but I'm not sure it works..
<AnRkey> getting iptables to do the rest for you transparently by redirecting all requests through the bridge for dns to the cache/proxy
<Max007>  iptables -t nat -A PREROUTING -i br0 -p udp --dport 53 -j REDIRECT --to-port 53000
<Max007>                 iptables -t nat -A PREROUTING -i br0 -p tcp --dport 53 -j REDIRECT --to-port 53000
<Max007> dnsproxy's using port 53000
<AnRkey> on a client pc use dig www.google.com for a test
<Max007> hold on, i'll pastebin the results
<AnRkey> ok that's fine, then iptables must nor forward all outbound port 53 traffic to that server's port 53000
<AnRkey> Max007, i know what u need to do, i just need an hour to get my son to sleep, he's bouncing up and down here
<AnRkey> be back in a bit
<AnRkey> will msg u
<Max007> http://pastebin.com/m3e42e509
<Max007> ok
<Max007> AnRkey: ok
<AnRkey> Max007, sudo apt-get install dnsmasq
<AnRkey> u'r done there
<AnRkey> now u just need to mess around with your iptables
<AnRkey> i'm looking around for u, brb
<AnRkey> try something like this http://www.google.co.za/search?q=iptables+dns+redirect
<AnRkey> you want iptables not to allow dns packets through the bridge, it should instead forward all traffic that comes in on the internal port to the dns server of your choice on whatever port
<Max007> ok
<Max007> let me try something
<AnRkey> my techy gets it going with one line in his iptables rules file
<AnRkey> i cant get into the box that it's set up on, soz it must be offline or something
<Max007> )
<Max007> it almost work
<AnRkey> Max007, http://advices.latkos.eu.org/advices-and-information/20/
<Max007> yeah that's what I tried
<Max007> I think it work but not sure
<Max007> http://pastebin.com/m66b9a2fa
<Max007> look at that
<J_P> hi all
<Max007> I don't understand why ns1.reference.qc.ca is responding to 192.168.1.100 ...
<J_P> what is wrong with this mdadm? http://dpaste.com/49158/
<Max007> and dnsmasq doesn't seem to cache the answer
<Max007> i did the same nslookup again and 192.168.1.2 still ask 192.168.1.1 for the answer.. it should be in cache
<AnRkey> yeah, that's not working at all
<AnRkey> it's still going straight through to the dns server without being redirected
<Max007> hmm
<AnRkey> I can ask my techy 2mrw for u if you want, the kid's an iptables ninja
<Max007> I think it's beeing redirected
<Max007> default dns server on the windows pc is 66.46.75.162 but if you look at tcpdump output nothing is going to this server
<AnRkey> no there are 3 hosts involved in your logs, there should only be two if it's working... am i nuts for saying this?
<Max007> no
<AnRkey> oohh, good point though on the ip not showing up in the dump
<Max007> but if ns1.reference.qc.ca is responding to 192.168.1.100, there should be something going from 192.168.1.100 to ns1.reference.qc.ca
<Max007> am i nuts ? :P
<AnRkey> i'm reading through it again
<AnRkey> :P
<AnRkey> what are the two ip's of the bridge
<Max007> only one ip
<Max007> 192.168.1.2
<AnRkey> ok only on for the bridge interface then
<Max007> yep
<AnRkey> ok, 192.168.1.1 is the adsl router or something?
<Max007> yes
<Max007> linksys router
<AnRkey> odd way to set it up but it should work fine
<Max007> and default dns server for the bridge
<AnRkey> ok then is the router set to cache dns requests? cause thats is what it looks like
<Max007> no, i want the bridge to cache dns request
<AnRkey> i know that, but is the router caching as well?
<Max007> no
<Max007> well... i dont think so
<AnRkey> what is the bridge interface's gateway set to?
<Max007> 192.168.1.1
<AnRkey> ok getting closer i think...
<AnRkey> ok what iptables rules did u add, can u paste that to pastebin?
<Max007> yep
<AnRkey> brb, getting my lighter
<Max007> http://pastebin.com/m22edc821
<AnRkey> ahhh, i finally get my sweet mary jane after a week of HELL
<AnRkey> ok then that's working
<AnRkey> it forwarded the request to your bridges gateway i think
<AnRkey> and your adsl is caching the requests
<AnRkey> the problem is that most adsl modems hang or give probs when u put large amounts of dns requests through to them from a large amount of workstations.
<AnRkey> the adsl router is caching the requests, that is
<Max007> AnRkey: there's no adsl
<Max007> AnRkey: it's an E10 connection and there's only me on the network (it's a test environment)
<AnRkey> ok then it's a cable router?
<Max007> we love mary jane :)
<Max007> AnRkey: linksys befsr41 router configured with static ip address
<Max007> AnRkey: I'll check tcpdump on the dns server (ns1.reference.qc.ca) to see if the linksys router is sending a request to it
<AnRkey> ok soz about that, we only have had adsl routers down here in south africa not used to other setups
<AnRkey> i get the idea though
<AnRkey> pc > bridge box > linksys router > cable modem?
<AnRkey> you need to change your iptables rules slightly to include a destination address. make it the bridge's ip
<AnRkey> make sure that dnsmasq is listening on all ip's and interfaces in it's conf file
<Max007> pc > bridge box > linksys router > cisco router
<Max007> yep, linksys router is sending request to ns1.reference.qc.ca
<Max007> dnsmasq's listening on all ip
<AnRkey> so it's just the iptables now
<AnRkey> ok then u'r a breath away from getting it working
<AnRkey> adjust that rule a bit and it should work
<Max007> I think it's not possible to set an ip to REDIRECT target
<AnRkey> no it most dfntly is
<AnRkey> we use it on at least 4 sites
<Max007> ok
<Max007> lets google it
<AnRkey> one box even inspects packets for all sorts of nasties. It's at a local law firm, their internet connection to their mail server and so on.
<AnRkey> google rox
<AnRkey> it's how i found my pipe :)
<AnRkey> i love my pipe
<Max007> hehehe
<AnRkey> ok i dont know how much more use i'm going to be :D
<Max007> lol
<AnRkey> looking around for u anyway, but if your traffic all gets redirected to redtube.com then it's not my fault u didnt check my ip tables rule before using it :P
<Max007> haha
<AnRkey> ahhh, found the problem... that linksys only has a windows xp and vista logo in the compatibility section of the places site
<AnRkey> i wonder how many people buy based on what logo is on the box
<Max007>  REDIRECT
<Max007>        This  target is only valid in the nat table, in the PREROUTING and OUTPUT chains, and user-defined chains which are only called from those chains.
<Max007>        It redirects the packet to the machine itself by changing the destination IP to the primary address of the incoming  interface  (locally-generated
<Max007>        packets are mapped to the 127.0.0.1 address).
<Max007> If I understand that right, it redirect to the local ip
<AnRkey> ok but then what is your bridges dns server set to?
<AnRkey> cat /etc/resolv.conf
<Max007> 192.168.1.1
<AnRkey> i'm looking in my mikrotik router for clues about the iptables rule, i use a dns trap here too
<vadi21> Hi. I installed LAMP on Ubuntu 9.04 via tasksel, but it's not parsing my php pages - just giving them for download. How can I make it interpret them?
<AnRkey> i dont think it's caching then, just forwarding
<AnRkey> your box is doing the request for the client it seems
<Max007> AnRkey: that's what I think too.. no caching
<AnRkey> however a test request from a second pc should use a cached request if dnsmasq is working
<Max007> 1.100 sending dns request to his dns server, bridge intercept it, send to 192.168.1.1
<AnRkey> so to set the ip of the parent dns server change the /etc/resolv.conf file's entry
<Max007> but there's no caching
<AnRkey> now u just need to switch to bind instead of dnsmasq
<AnRkey> i cant think now but are you sure that dnsmasq caches?
<Max007> but i dont understand why ns1.reference.qc.ca respond to 192.168.1.100....
<Max007> AnRkey: yes dnsmasq is a caching dns server
<AnRkey> yeah that got me too
<Max007> but it doesn't seem to cache right now
<AnRkey> i know that using bind as a dns cache is super easy
<Max007> there's nothing going from 192.168.1.100 to ns1.reference.qc.ca... It's weird that ns1 respond to 1.100
<AnRkey> try bind quick
<Max007> AnRkey: really ? I didn't know bind can cache
<AnRkey> lemme see quick
<AnRkey> here from my google notebook
<AnRkey> http://www.zytrax.com/books/dns/ch6/#caching
<AnRkey> bind is bullet proof
<AnRkey> if done some crazy shiz with it
<AnRkey> i've*
<vadi21> Hi. I installed LAMP on Ubuntu 9.04 via tasksel, but it's not parsing my php pages - just giving them for download. How can I make it interpret them?
<Max007> i think it,s normal that ns1.refe... respond to 192.168.1.100... 1.100 is asking ns1.ref so it waits a response from ns1, not the bridge box
<greenfly> vadi21: might have to a2enmod php (to enable the phpmodule)
<greenfly> or the module might be called php4 or php5
<AnRkey> vadi21, sudo apt-get remove php5-common --purge and then sudo apt-get install php5 again
<AnRkey> tadah
<vadi21> a2en says those don't exist, going to try reinstall
<AnRkey> vadi21, u do a net install?
<vadi21> tasksel
<Max007> the bridge box must change the "from" ip address to fit what the windows box is waiting for (sorry for bad english... lol)
<vadi21> not a net install, no
<AnRkey> tasksel?
<AnRkey> what about it?
<vadi21> I used tasksel to install it
<AnRkey> ok i need to read :P
<vadi21> but no, it's still giving them for download
<vadi21> a2enmod says php5 is enabled.
<AnRkey> apt-get clean ; apt-get remove php5-common --purge -y ; apt-get install php5 ; a2enmod php5
<AnRkey> vadi21, of course... tasksel... just never used it directly, but the ubuntu installer does when i do my net installs, that's why i asked about it
<vadi21> afraid the same thing.
<vadi21> I was trying cherokee before, but removed it since. Wonder if that messed anything up
<AnRkey> vadi21, u basicaly need to get php5 installed properly and then apache must have it loaded
<AnRkey> what do the apache logs say?
<AnRkey> pastebin them
<vadi21> which one? error.log?
<AnRkey> the last 50 or so lines after a restart of apache
<vadi21> error: http://paste.pocoo.org/show/119817/ access: http://paste.pocoo.org/show/119818/
<vadi21> ack, that's not access
<vadi21> http://paste.pocoo.org/show/119819/ is
<Max007> AnRkey: got to go. Thanks a lot for the help ! Can I leave you my email address in case you ask your tech guy ?
<stiv2k_> hi
<stiv2k_> my roundcube database is messed up, and I don't know how to fix it
<stiv2k_> for webmail
#ubuntu-server 2009-05-30
<pmatulis> anyone here familiar with the so called cn=config method for configuring openldap?
<pmatulis> for some reason a fresh 9.04 install is not allowing anonymous queries
<Sam-I-Am> pmatulis: whats the error?
<PleXuS> is it save to update to v 9.04 ?
<PleXuS> :)
<Sam-I-Am> sure
<Sam-I-Am> dur, gotta run... check in #openldap if no one responds here
<pmatulis> Sam-I-Am: a getent query as non-root yields "cannot find name for group id" and "I have no name".  root query is ok
<axisys> why do I keep loosing the name server that I prepended in my /etc/dhcp3/dhcpclient.conf file ?
<axisys> it keep disappearing from the /etc/resolv.conf file
 * VK7HSE I've just reported the following bug in documentation...  Bug #381802
<uvirtbot> Launchpad bug 381802 in ubuntu-docs "Update required in moin moin docs (Ubuntu-server 9.04)" [Undecided,New] https://launchpad.net/bugs/381802
<axisys> am I hitting a bug with that prepended domain name server keep disappearing from /etc/resolv.conf ?
<lukehasnoname> Morning
<lukehasnoname> er
<lukehasnoname> evening, I'm in Texas
<uvirtbot> New bug: #381806 in samba (main) "I cannt open shared folder on windows unless i run "sudo /etc/init.d/samba restart"" [Undecided,New] https://launchpad.net/bugs/381806
<TheDJACR> Anyone here use vserver/openvz on jaunty?
<rdw200169> axisys, are you still in here?
<medicdave> How do I add a spare device to a RAID-5 array using mdadm, and have it persist across reboots? Running stock Ubuntu server 8.04. Running `mdadm /dev/md0 --add /path/to/partition` results in 1 spare shown in subsequent `mdadm --detail /dev/md0` but 0 spares after a reboot. Do I need to re-create the array using the --spare-devices parameter? Reassemble it? TIA
<cellofellow> anyone here know dnsmasq very well? I've got a strange issue where all the domains on my lan and some from the internet have a cname to my domain. See this paste. http://paste2.org/p/232464
<cellofellow> causes strange issues, like when the dns times out the site gets redirected to my server hosted on terminator.
<aljosa> anybody knows how can i tell postfix not to deliver locally?
<NorthByNorthWest> Hi! Im having problems with getting LDAP to work with ubuntu server edition, Im administration through webmin... can anyone here please help me? Im trying to get the eGroupWare-server up and running!
<NorthByNorthWest> It says "The OpenLDAP server program /etc/ldap/ldap.conf was not found on your system. Perhaps the path on the module configuration page is incorrect?"
<NorthByNorthWest> But the file is there and the path is correct!
<incorrect> NorthByNorthWest, permissions
<NorthByNorthWest> Is it a permissions issue?
<NorthByNorthWest> ah ok
<NorthByNorthWest> humm... how to fix? setting chmod 777 isnt the best solution is it?
<NorthByNorthWest> Or should I change the "User OpenLDAP server runs as"-group?
<NorthByNorthWest> Im getting nowhere... help appreciated!
<NorthByNorthWest> incorrect: still there?
<isaac> NorthByNorthWest: maybe it's easier for you to install ebox
<isaac> NorthByNorthWest: it will handle ldap configuration for you
<NorthByNorthWest> isaac: hi! whats ebox, exactly?
<NorthByNorthWest> isaac: just install with apt-get?
<isaac> NorthByNorthWest: well, think webmin but highly integrated
<isaac> and easy to use
<isaac> NorthByNorthWest: yeah, well, in theory,except the last version available in ubuntu isn't always the best one
<NorthByNorthWest> isaac: oh... a better webmin?
<isaac> NorthByNorthWest: well, it's a bit different
<isaac> http://trac.ebox-platform.com/wiki/Document/FAQ/HowDiffersFromWebmin
<isaac> ops, not there
 * NorthByNorthWest googles ebox
<isaac> http://trac.ebox-platform.com/wiki/Document/FAQ/HowEboxDiffersFromWebmin
 * NorthByNorthWest reads the info in the link
<isaac> NorthByNorthWest: what are you installing? hardy or jaunty?
<NorthByNorthWest> isaac: i have installed jaunty server edition
<NorthByNorthWest> isaac: remote administrating through ssl and/or webmin right now...
<isaac> right, i think the latest ebox version isn't available for jaunty yet
<isaac> as we focus on hardy
<NorthByNorthWest> isaac: i guess it must be possible to try out ebox in parallell with webmin and then uninstall the one i then dont want to use anymore?
<NorthByNorthWest> isaac: ah ok... can i install additional packages to gt it to work? or would a complete reinstall be necessary?
<isaac> i would discourage from installing it in jaunty at the moment
<isaac> but i would encourage you to give it a try in a hardy install at some point
<isaac> NorthByNorthWest: you can just go to http://ebox-platform.com/ and click the big download link
<isaac> that will get you a installer CD image which will install ubuntu server and ebox
 * NorthByNorthWest downloading
<NorthByNorthWest> isaac: youre a ebox developer?
<isaac> yeap
<NorthByNorthWest> so i can replace webmin in full with ebox....?
<isaac> NorthByNorthWest: well, it depends on what services you require
<isaac> although you can just configure some services with ebox and others with webmin
<isaac> or manually
<NorthByNorthWest> isaac: I want to set up e egroupware server and a NAS
<isaac> but the ones that ebox manages needs to be left just to ebox
<isaac> NorthByNorthWest: well, ebox supports egroupware
<NorthByNorthWest> isaac: ok
<isaac> and also serving files through Samba
<NorthByNorthWest> you if i can make a bootable usb pen drive with that iso file?
<NorthByNorthWest> *do you know if...
<isaac> NorthByNorthWest: i think you can
<isaac> but i am not 100% sure
<isaac> i think someone had done it
<NorthByNorthWest> i running low on cd-r's here! :)
<NorthByNorthWest> you know any specific stuff that ebox cant but that i can do with webmin?
<isaac> i am not really used to webmin
<isaac> but webmin usually exposes *all* or most of the features
<NorthByNorthWest> can i partition and format drives through ebox?
<isaac> of services
<isaac> while ebox usually just tries to make things easy and provide what 90% of users would want
<isaac> NorthByNorthWest: well, the ebox installer has the regular ubuntu partitioning system
<NorthByNorthWest> so i need to do to it through a ordinary terminal?
<NorthByNorthWest> isaac: the ebox installer comes with egroupware preinstalled??
<isaac> uhm, i think you can choose
<NorthByNorthWest> so installing with it will pretty much set up egroupware and all its dependencies as well?
<isaac> yes
<isaac> and will set up openldap too
<NorthByNorthWest> i just found this: http://forum.ebox-platform.com/index.php?topic=1020.0
<NorthByNorthWest> havent read it thorough yet
<NorthByNorthWest> that does it... im going ebox!
 * NorthByNorthWest goes to fetch an USB stick to make an installer
<Kamping_Kaiser> when is Ubuntu 8.04.3 likely to be confirmed? https://wiki.ubuntu.com/HardyReleaseSchedule still lists it as TBC
<Kamping_Kaiser> and julys not that far away :)
<NorthByNorthWest> isaac: ive booted the usb stick with youre installer... no problemo... but do you know the easiest way to find out which /dev/??? to enter to make the installer find the files?
<isaac> uhm, not sure
<isaac> sdb?
<NorthByNorthWest> isaac: another noobish question... how to i make the ls command pause for keypress when it has filled the screen with files?
<Kamping_Kaiser> pipe it into less
<NorthByNorthWest> how?
<isaac> ls | less
<isaac> anyway it's weird that it asks you for a device
<NorthByNorthWest> yeah i think so too but right now i just want to install!
<isaac> well, if you get into problems with the USB it should work perfectly from the CD-ROM
<NorthByNorthWest> it looks for the cdrom yeah... argh...
<mib_gvdksqjw> i have a questions.	how can i have root access in ubuntu?
<Kamping_Kaiser> using sudo
<NorthByNorthWest> isaac: you still there?
<isaac> NorthByNorthWest: sure
<isaac> NorthByNorthWest: i am going to leave now, but magnetic is a ebox developer too
<isaac> NorthByNorthWest: anyway if you want ebox specific help you can join #ebox
<NorthByNorthWest> isaac: is he here now? i just fininshed installing to a use drive but booting makes linux ask for the ubuntu-hardy-cd-rom!
 * NorthByNorthWest joins #ebox
<isaac> yes, he is here now
<dennister> could anyone pls help me with postfix/dovecot/sasl? problem seems to be in latter area
<giovani> dennister: have you checked out the SASL documentation from both the postfix and dovecot projects? it's pretty good
<dennister> i've tried, but must admit it's all a bit overwhelming
<dennister> just can't seem to authenticate...
<giovani> can you tell me what you've tried exactly?
<dennister> ...configured postfix according to howto; configured dovecot according to howto as well, and that's testing as working...built the key, crt, csr...(comfort zone for me)
<giovani> which howto?
<dennister> put cert stuff in correct folders...restarted postfix, dovecot, the sasl demon a hundred times...ubuntu 8.04 official documentations mainly
<giovani> ok, certificates are totally separate from SASL
<giovani> I asked if you had checked out the documentation from the dovecot and postfix projects
<giovani> not from Ubuntu
<dennister> but when that got simply on underlying stuff like dovecot and tls-sasl, ended up adding some stuff from community documentation
<dennister> i did end up using some of the postfix documentation so i could get a passphrase-leass key, cert, etc.
<giovani> what keys are you generating?
<giovani> ubuntu comes with self-signed certs ready to use
<giovani> for testing, etc
<dennister> smtp.key, smtp.crt, same for csr, cakey.pem...
<giovani> ubuntu comes with self-signed certs ready to use
<dennister> i've taken postfix out of chroot for testing/troubleshooting...
<medicdave> Doing kernel RAID-5 on Ubuntu 8.04: ï»¿How do I add a spare device to an _existing_ array so that it persists across reboots? Running `mdadm /dev/md0 --add /path/to/partition` results in 1 spare shown in subsequent `mdadm --detail /dev/md0` but 0 spares after a reboot. Do I need to re-create the array using the --spare-devices parameter? Reassemble it? TIA
<dennister> so where do i go from here?
<dennister> <-------totally stumped
<giovani> dennister: I've pointed you towards the official documentation from both projects, I assure you that it works
<dennister> even with ubuntu...it's a bit different
<giovani> no, it works with ubuntu
<giovani> ubuntu has done nothing to the configs that makes documentation not applicable
<dennister> k...should i try the dovecot more than the postfix docs? since the problem is in the sasl authentication...
<giovani> both sets of documentation are critical, postfix has to be told where and how to use dovecot's sasl, and dovecot has to have sasl running
<dennister> May 30 00:24:38 bannville postfix/smtpd[7301]: fatal: no SASL authentication mechanisms
<giovani> sounds like you haven't configured dovecot's sasl at all then
<dennister> well, i did, but it's not taking...not being recognized as having been done
<giovani> then it wasn't done correctly
<dennister> exactly
<giovani> the documentation is very good, I suggest you read it carefully
<dennister> after i get some sleep :)
<dennister> if I can ever get to sleep...:(
<dennister> and thanks for the old basic...back to the documentation...that really helps
<ghost_lines> hi all, how do I install x server on ubuntu 9.04 server?
<ghost_lines> I tried apt-get install xserver to no avail
<medicdave> you may need to use the package name 'xorg' instead
<ghost_lines> thanks I'll try that
<medicdave> Look at http://packages.ubuntu.com/
<ghost_lines> I was trying X11 forwarding but it didn't work, i then remembered that X11 is not in 9.04 server edition
<medicdave> I see... You'll definitely need some kind of x server - the web site above can list what's available for you
<ghost_lines> thanks I'm looking into it now
<medicdave> `apt-get install <pkgname>` is not very forgiving when you don't specify the package name exactly as it appears in the database
<medicdave> and keep in mind that some packages are meta-packages, meaning they actually end up installing a whole bunch of other packages ('xorg' is one of these)
<ghost_lines> yeah that's true, I'm installing the xorg meta package right now
<Skaag1> I'm trying to forcefully unmount an nfs mount, with umount -f /mnt/nfsdir but it doesn't work, is there a more "brutal" way to do this? :-)
<giovani> Skaag1: is there an error
<giovani> you can try a lazy unmount (-l)
<giovani> as well as forceful
<Skaag1> I managed to do it
<Skaag1> works now. thanks :-)
<giovani> what was the problem and solution -- it's good to keep that in irc for logging purposes
<matt> Hi, is it possible to make an external harddrive look like part of the same fs as the internal harddrive that is on my server? I am trying to create users on a partition of the harddrive and use another partition as a media server, but my server wants everything as the same fs.
<mpundu> hello
<mpundu> is anybody there
<mpundu> i need some help with 8.10 server
<pmatulis> there are 176 people in this channel
<mpundu> i know
<codeshepherd> guys what is the advantage of running  ubuntu on servers over debian ?
<maxb> They have very different release cycles. This may or may not be an advantage or disadvantage
<codeshepherd> ubuntu server gets released often.. and is more uptodate
<codeshepherd> i like that
<codeshepherd> maxb:
<dazman> So difficult to answer.
<codeshepherd> i am using squeeze  now.. i want to move to mysql 5.4 asap.... i want to run latest php versions.. is ubuntu a better choice than debian ?
<dazman> I guess Commercial Support from Canonical may create an advantage to corporate users.
<codeshepherd> no we will not get a commercial support as of now
<infinity> Commercial Support, partner certification, and slightly fresher packages are the Ubuntu advantages.
<codeshepherd> ok.. that sounds nice infinity  dana_good
<codeshepherd> dazman:
<dazman> MySQL 5.4 isn't in Ubuntu 9.04 as a package, so you'll be in the same position with Debian in that you'd need a third party package or compile yourself.
<infinity> Long release cycles (leading to very stable, but older software) and backed by 1000 Debian Developers who probably all use it as a "server" on at least one machine is the Debian side.
<codeshepherd> there is a channel on ubuntu-ec2 .. i dont find similar channels for debian
<codeshepherd> from ec2 perspective .. ubuntu sounds better than debian interms of wide usage
<infinity> codeshepherd: MySQL 5.4 isn't out yet, and we certainly won't be shipping it until it is.
<codeshepherd> ya, i guess you would be the first to ship it .. atleast before debian does
<codeshepherd> infinity: ^
<infinity> Depends on where it falls in the Debian release cycle but, yes, if they're hard frozen, we're a bit more likely to roll 5.4 packages.
<dazman> It depends yea.. it'd be in Debian Unstable very early on.. ,but then, gone are the days people use Debian Unstable on servers.. surely! ;)
<infinity> Some more adventurous developers do, but I'd like to think most users don't. :)
<codeshepherd> ok
<dazman> I *used* too, around the Debian Potato days (when Slink was stable) but, waking up after a dist-upgrade and having to fix perl wasn't the best thing to be doing.
<infinity> My rule of thumb as a Debian and Ubuntu developer was always "if the machine is in kicking distance, I'll run a development release on it, if not, it's getting a stable release"...
<codeshepherd> you guys are already supporting mysql 5.1 .. debian is still in mysql 5.0
<infinity> dazman: Funny you should mention Potato, I just found a machine that had been quietly running Potato SINCE ITS RELEASE, and upgraded it to hardy...
<infinity> dazman: "Oops".
<maxb> Using unstable on a server is a bit over the top. I happily run testing on a server, though, and have done for years
<dazman> infinity, Heh.  Cool.  I really liked Potato - I was on Slink, and Potato was probably the first version I *really* used.. as I was using it as Unstable for ages...
<infinity> maxb: I consider that to be reasonably insane on remote machines too, depending on where in the release cycle you are.
<infinity> maxb: Once the world starts freezing, and most of what trickles totesting is bugfixes and such, then yeah, I'm all for it.
<dazman> Well.. remote Debian Unstable servers, unless they are virtualised and you have decent remote access when * goes wrong.. is pretty impressive ;)
<dazman> Out of the box, and excuse the technology ;)
<infinity> dazman: VMs don't count as "remote" in this case. :)
<dazman> Ubuntu-Server runs out of the box much better than Debian Lenny on a Hyper-V box.  Debian Lenny would drop to arounnd 1MB/sec read rate on the disks after a couple of days.. Ubuntu-server stays solid at 40MB/sec forever..
<infinity> In fact, a machine with a solid KVM or ILO type setup really doesn't count as remote either.
<dazman> infinity, ;)
<infinity> But most cheap co-lo providers don't give me such bells and/or whistles.
<dazman> infinity, Haha.. iLO only has to save you once.. and then you really to value it.. awesome stuff.
<infinity> dazman: I've got serial to the machines I use at work (in the Canonical DC), but my personal co-lo machine has no such spanky features, since I'm a cheap bastard.
<infinity> dazman: So, I admin it conservatively and with much fear on reboots. :)
<dazman> infinity, :)  Yea.. iLO can make you lazier.. :)
<dazman> infinity: I have it on a server I have in a datacenter, because it's 100miles away.. if it was closer, like 10 miles, I'd just drive, but not 100.. :p
<infinity> Yes, well... infinity(Calgary) <-- large continent --><-- giant ocean --> Canonical DC (London)
<infinity> I've never bothered with a tape measure, but.  It ain't close.
<dazman> Haha.
<Skaag1> how do you use ILO stuff in Linux?
<dazman> Amazingly, Potato was released August 14th, 2000. :o
<dazman> Skaag1, it just gives you a remote console.
<infinity> dazman: Hence my shame at still running it...
<dazman> Skaag1, so either serial console, of with the advanced features, full access (as if you plug a keyboard, mouse and monitor in)
<infinity> dazman: But hey, the machine was still happily doing its thing.
<dazman> s/of/or/g
<infinity> dazman: The fact that it was a monolithic kernel, with pretty much no useless drivers, and all it did was firewalling is probably the only reason it didn't end up as some sketchy mass-mailer or something. :P
<infinity> Serial iLO >> KVM iLO... Seriously.
<dazman> infinity, yea.. would be running for decades if you left it.
<infinity> People who insist on the latter have never tried using it intercontinentally.
<dazman> I did a Windows 2008 install over iLO over Virtual Media (hyper-v host)
<dazman> that was, er, fun
<infinity> It's pretty telling that Intel hardware is the only hardware out there where anyone ever even considered a GUI LOM... Thanks, Windows.
<dazman> The KVM stuff isn't the most efficient.
<Skaag1> I have this card you stick in IBM x335 servers which supposedly gives you this functionality
<Skaag1> and the fun part is that if you daisy chain them all together, the card controls all of them
<infinity> Yup, that was the massive selling feature for the xSeries stuff in datacentres.
<Skaag1> IBM used to have this proprietary system where the servers had a built-in kvm
<Skaag1> I can understand why it's a massive selling point, I use this, it's awesome
<Skaag1> the newer models don't seem to have this
<Skaag1> or perhaps I'm missing something
<infinity> I assume the new ones use something else?  I dunno.  We run vanishingly few IBM servers.
<Skaag1> you use Dell now?
<Skaag1> or perhaps HP's
<infinity> HP.  Lots of HP.
<Skaag1> I heard from someone that for the same specs, an HP DL server gives 130% the perceived power of an IBM server
<Skaag1> supposedly something with I/O, or Memory Controllers...
<giovani> Skaag1: that's an impossible generalization
<infinity> Really depends on the line, and generation.
<giovani> Skaag1: most (if not all) server manufs offer out of band management
<giovani> the standard for this is called IPMI
<infinity> But we weren't ridiculously thrilled with I/O on some of the xSeries stuff we had years ago and, frankly, it's much less hassle to just pick a vendor and stick with them, so HP has our love.
<giovani> HP calls theirs iLO
<giovani> dell has some other name
<dazman> DRAC
<dazman> Dell Remote Access Card
<giovani> yep, that's it
<giovani> I don't use proprietary stuff like that
<giovani> I stick to IPMI compliant oob management
<matt> is there a way to make an external harddrive act like part of my servers harddrive?
<infinity> To be fair, IPMI is "proprietary" too, just happens to be used by a few more people. :)
<giovani> matt: I don't know what "part of" means
<giovani> infinity: no ... it's not
<giovani> it's an open specification, that's the exact opposite of "proprietary"
<matt> so it is part of the same filesystem, so I can get the package mt-daapd to retrieve media from it
<giovani> matt: there's only one filesystem on your machine ... the drive is already part of your filesystem
<dazman> matt: can't you just mount it within the past mt-daapd looks in?
<matt> because it only gets things that are from the same filesystem
<giovani> you can mount it anywhere you'd like
<dazman> s/past/path/g
<ghostlines> Hi all, I added my public key to the authorized_keys file but the server still asks me for password
<ghostlines> after the first connection I can make new connections without having to enter a password
<infinity> dazman: I've not noticed too many people being given input into the spec other than the companies shipping it.
<infinity> dazman: Publishing the spec doesn't make it open, any more than publishing the spec for ALOM makes it "open".
<ghostlines> I used passwordless public key auth on earlier versions of ubuntu but I'm having no luck with 9.04
<dazman> infinity, ^^ giovani
<dazman> Heh
<giovani> infinity: you clearly don't understand the meaning of the word "proprietary"
<giovani> I didn't say that it was a community-built specification
<giovani> I said that it's not proprietary
<giovani> which means that a single company doesn't own/control/and keep it a secret
<giovani> nearly ALL technical specifications work this way
<infinity> ...
<giovani> there's a governing body
<Skaag1> I go with Giovani
<infinity> So not getting into an argument about the word "proprietary". :P
<Skaag1> if you open your spec, and others can implement it 100%, I no longer consider it proprietary
<giovani> infinity: good, because you clearly don't grasp its meaning -- and therefore shouldn't be discussing it
<infinity> But as it tends to be used in the Free Software world (looks around him), IPMI is under proprietary control, despite being published.
<infinity> Much like published source for an application, but with a restrictuve license.
<dazman> ghostlines: Is public key auth on in sshd_config? Have you tried ssh -v when you login for more verbose output?
<giovani> this is not an open source discussion
<matt> I need to basically make an external harddrive look like part of my servers filesystem, because the package mt-daapd will only retrieve media that is on the servers main harddrive, but that harddrive is very small.
<giovani> the protocol is open to be implemented by anyone who wants to -- that's the opposite of proprietary
<giovani> period
<giovani> HP's, Dell's etc solutions are proprietary
<giovani> some support SOME IPMI interoperability
<giovani> but their solutions are not built for IPMI
<giovani> matt: as we've told you ... linux works this way already, any drive/device you mount becomes a part of the filesystem -- use the mount command to tell your computer WHERE in the filesystem you'd like it to be
<giovani> i.e. "sudo mount /dev/sdb /where/my/music/files/go"
<Alex_21> Give it a try
<Alex_21> I'll do the same
<matt> I've tried this already.
<giovani> it works
<giovani> I assure you
<giovani> if you have a SPECIFIC problem in executing that command properly, tell us about it
<matt> it does let me view the files, but mt-daapd for some reason does not detect them
<giovani> then complain to mt-daapd people
<giovani> that doesn't sound like a drive/ubuntu problem
<matt> okay
<dazman> maybe if you're mounting it, it's permission based.  Does the user mt-daapd is running as have access to the files on that USB drive when mounted?
<matt> thanks
<dazman> ls -l /path/to/where/usb/mounted and see what permissions the files/folders have.
<Alex_21> I'm looking it up
<Alex_21> I found a Dapper guide
<giovani> a guide to what, exactly?
<dazman> Heh.  wrong channel going on, surely.
<Alex_21> No, the Firefly issue Matt is having
<Alex_21> Lol
<dazman> Oh, Haha. :)
 * dazman predicts permissions
<Alex_21> Where did you mount it Matt?
<Alex_21> I'm going to run a test on the permitions
<Alex_21> How do you run a permitions test?
<Alex_21> ? Please
<giovani> Alex_21: there's no "permissions test" -- you simply look at the permissions and evaluate what kind of access that provides your user
<giovani> ls -l /path/to/directory will print the permissions for the contents of that directory
<Alex_21> Thanks for your help
<Alex_21> Good day
<thierry_> hi, I'm setting up my first ubuntu server : I got a dyndns domain name pointing on my ip adress, setup my router to port forward ssh and http and setup my server with a static ip on my local network
<thierry_> only now I can't access my server even from my local network
<thierry_> but I can ping it
<thierry_> ssh and http simply time out
<giovani> thierry_: on the server "sudo netstat -anp | grep 22"
<thierry_> i get something like tcp        0      0 192.168.122.1:53        0.0.0.0:*               LISTEN      5487/dnsmasq
<thierry_> tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      5076/sshd
<thierry_> tcp6       0      0 :::22                   :::*                    LISTEN      5076/sshd
<thierry_> udp        0      0 192.168.122.1:137       0.0.0.0:*                           5561/nmbd
<thierry_> udp        0      0 192.168.122.1:138       0.0.0.0:*                           5561/nmbd
<thierry_> udp        0      0 192.168.122.1:53        0.0.0.0:*                           5487/dnsmasq
<thierry_> so sshd is running
<giovani> ok, and on the server, "ssh localhost"
<thierry_> giovani : yes I did and it works
<thierry_> the problem is when I'm on another computer trying to ssh my server
<giovani> then either you have a firewall set up on this machine, or this is a network problem
<thierry_> k, you mean a firewall on my server?
<giovani> yes
<giovani> this machine, the server
<thierry_> how can I know if it's the case?<
<giovani> I doubt that's the case unless you specifically set one up
<giovani> "sudo iptables -L" please don't paste the result into the channel -- use a pastebin
<thierry_> k
<giovani> well?
<thierry_> http://pastebin.com/m34cecc64
<giovani> haha
<giovani> well you most certainly have a firewall in place
<giovani> why did you fail to tell me this?
<thierry_> well I half setup this server about 6 months ago and I really didn't know what I was doing back then :P
<thierry_> so, how do I get rid of it?
<giovani> "sudo iptables -F"
<giovani> that won't be persistent across a reboot -- I don't know where you put the script that's writing in the firewall rules, only you know that
<thierry__> giovani : sorry connections problem
<thierry__> so I did the iptables -F
<thierry__> then should be ok?
<giovani> <giovani> that won't be persistent across a reboot -- I don't know where you put the script that's writing in the firewall rules, only you know that
<thierry__> k, but iptables -f kills all connectiion I have, I can't even ping anything from my server anymore
<thierry__> giovani : stupid me , I had firestarter installed, I guess removing it should do the job
<giovani> sigh
<giovani> I definitely can't help you if you don't provide info about your environment
<giovani> anyway, I've got a cookout to go to, later
<thierry__> giovani : thanks a lot for the help
<medicdave> ï»¿Doing kernel RAID-5 on Ubuntu 8.04: ï»¿How do I add a spare device to an _existing_ array so that it persists across reboots? Running `mdadm /dev/md0 --add /path/to/partition` results in 1 spare shown in subsequent `mdadm --detail /dev/md0` but 0 spares after a reboot. Do I need to re-create the array using the --spare-devices parameter? Reassemble it? TIA
<infinity> medicdave: I suspect that spares aren't actually recorded in the superblock, so you likely need them to end up in the config file.  At least, that's a guess.
<infinity> medicdave: And when mdadm.conf changes, you want "update-initramfs -u" to make sure a copy lands in the initramfs too.
<medicdave> Thanks infinity - I tried adding the spare to mdadm.conf, but it still doesn't persist across reboots - however I haven't tried the update-initramfs -u yet... let me learn a bit about that
 * medicdave checks man page
<medicdave> ok, time to reboot the machine - will be gone for a minute (it's my gateway, too)
<matthew21> Hi, how can I check the permissions of a directory?
<MianoSM> ls -hal?
<MianoSM> or for the current working directory ls -hal ..
<jmarsden> MianoSM: ls -ld
<MianoSM> or that
<matthew21> ah
<PhotoJim> I just use ls -l ... it's the fastest way.  but all valid ways.
<PhotoJim> oh, for directories, yes, -ld is better
<ghostlines> Hi all, I'm having trouble with ssh public key authentication in jaunty, I copied my public key to .ssh/authorized_keys but I'm still asked for a password
<ghostlines> but after this initial connection, I don't have to provide a password to connect
<niekie> Is your SSH key protected by a password?
<ghostlines> nopes
<ghostlines> no passphrase at all
<niekie> Is your SSH key vulnerable?
<niekie> (if so Ubuntu might reject it)
<ghostlines> i have 644 permissions on it
<ghostlines> you mean the one on the remote machine right?
<niekie> I mean..
<niekie> There was an exploit a while ago..
<niekie> For SSH keys generated on Debian based systems.
<niekie> Run ssh-vulnkey and paste your public key in.
<niekie> ssh-vulnkey -
<ghostlines> ok i'll try that
<niekie> Then paste and hit ^D
<niekie> Else, I don't know, check /var/log/auth.log
<niekie> Anyway, I gotta go now.
<ghostlines> ahh k thanks
<dennister> genii-yadda: just the person I need!
<Symbian> can ubuntu server link load balancing ?
<dennister> i'm having a problem with sasl authentication in this postfix-dovecot-sasl project, which is part of my first email list server & mailman endeavour
<genii-yadda> dennister: I can't assist today with that. But I'll likely be around tomorrow aft
<dennister> ok, thnks
<dennister> i've got other things to do if no one can help me today :-)
<dennister> could anyone else pls help with this postfix/dovecot/sasl authentication issue I'm having?
<Gargoyle> dennister, possibly
<Gargoyle> dennister: Depends if I can find my old setup doc!
<Gargoyle> Found it, are you still allive dennister ?
<mlalkaka> i'm trying to set up Postfix. sending mail from the server (using mutt) to an external email address works. however, receiving mail does not. i've set up Postfix as an Internet site. i don't know how to troubleshoot this issue. does anyone have any suggestions?
<Gargoyle> mlalkaka: Have you configured the recipiant domains and DNS MX records for the server?
<mlalkaka> i configured the MX record already. in my case, it is the same as the domain name. (e.g. @foo.dnsalias.com -> foo.dnsalias.com). but what is the recipient domain?
<Gargoyle> mlalkaka: "mydestination" in your main config file.
<mlalkaka> oh. yes, i believe i set that up already, when i ran `sudo dpkg-reconfigure postfix`. i set foo.dnsalias.com as the recipient domain
<Gargoyle> That should be all you need. What's the domain name?
<mlalkaka> vc.dnsalias.com
<mlalkaka> Gargoyle: i'm looking at /etc/postfix/main.cf . i see the line "mydestination = vc.dnsalias.com, localhost". is that correct?
<Gargoyle> mlalkaka: yup. Identical to mine (apart from the domain name!)
<Gargoyle> You don't have MX records
<mlalkaka> Gargoyle: i don't? how can i check?
<mlalkaka> Gargoyle: (the domain name is provided by DynDNS.com, so i set it up through their web interface)
<Gargoyle> mlalkaka: "ig vc.dnsalias.com MX"
<Gargoyle> Oops! "dig vc.dnsalias.com MX"
<mlalkaka> Gargoyle: hmm. that's weird. i don't know why it's not showing up. i just set it up again through the web interface. either way, won't most mta's try vc.dnsalias.com if there are no MX records? i've only heard of MS Exchange not doing this
<Gargoyle> mlalkaka: Maybe one day long ago they would, but most spam filters will probably just bin a email for a domain without a MX record!
<Gargoyle> mlalkaka: I'll try for mine, I don't have MX records ether (But I don't actually want/need inbound msgs)
<jmarsden> mlalkaka: If you "just" added the MX records, you probably need to wait for the DNS zone refresh TTL to happen before the change is visible to the public Internet.
<cellofellow> I'm having really weird problems with dnsmasq and /etc/resolv.conf that I'm afraid I can't explain very well. Apparently, all LAN addresses are getting set to be CNAMEs for my domain. See the paste. http://paste2.org/p/233533
<cellofellow> This isn't so bad, but if the domain turns up bad it still points to my domain. http://paste2.org/p/233534
<cellofellow> That gets annoying.
<jmarsden> cellofellow: Are you using some weird DNS provider that redirects you to their pages if you look for an unknown domain?  OpenDNS or similar??
<cellofellow> no, they don't, but currently my own dns redirects me to my own server for an unknown domain.
<jmarsden> Ah, so you accidentally *became* one of those weird DNS providers :)  I don't know dnsmasq enough to help troubleshoot that, I'm afraid.
<cellofellow> ok, so what if it had nothing to do with dnsmasq? http://paste2.org/p/233535 is my /etc/resolv.conf. As you can see it has my domain in the "domain" and "search" options. If I comment these out, it works correctly.
<cellofellow> Why would resolv.conf behave that way?
#ubuntu-server 2009-05-31
<jmarsden> Well, you are still using whatever nameserver is running on 192.168.0.2 -- so dnsmasq is probably still involved?
<jmarsden> cellofellow: How hard would it be for you to switch to bind for your local DNS server (the one on 192.168.0.2) and repeat the experiment?
<cellofellow> dunno, never used bind
<cellofellow> but it seems to have nothing to do with dnsmasq or bind or whathaveyou, but the domain in the resolv.conf
<jmarsden> How do you know?  The DNS server you are using is dnsmasq.  And that resolv.conf is fine, and I don't see that issue here using something similar and bind as the DNS server... and you originally stated that the issue was with "dnsmasq and /etc/resolv.conf" ...
<jmarsden> You could turn up logging in dnsmasq and see what queries it receives with and without the search and domain entries in resolve.conf, if you want to track it down that way.
<ThierryMoisan> hi, I'm setting up my first ubuntu server, it works correctly on the local network but even with a dyndns account pointing on my ip and port fordward, I can't get to connect to my server (but I can ping it)
<BrixSat> Hello
<BrixSat> How can i force my ubuntu server (gateway) to make local dns queries first then make it on the dns server from my isp?
<BrixSat> any help?
<jmarsden> BrixSat: You need to configure your local DNS server to use the ISP's DNS as a "forwarder".
<BrixSat> well i have done that
<BrixSat> but still going to isp
<jmarsden> Is /etc/resolv.conf pointing at your local DNS server?
<BrixSat> yes but every time i reboot it looses the info
<jmarsden> Your server gets its IP address using DHCP?
<BrixSat> yes
<jmarsden> So every time you reboot it might end up on a different IP address?  That's awkward for servers, usually... there's a way to override the resolve.conf stuff... let me find it...
<BrixSat> :)
<jmarsden> Can you set the local DHCP server to hand out the option that sets the DNS server to (local IP of your server) ?
<BrixSat> i did not understand it
<BrixSat> my ubuntu server is acting as a gateway so on one nic modem adsl and on the other nic router's and stuff
<Tweakin> anyone care to save the day with my postfix installation?
<Tweakin> trying to solve the 'Relay access denied'
<BrixSat> no jmarsden no i cant, it is the isp modem wich means it is stupid modem!
<jmarsden> OK... there should be a way to override that behaviour, but I'm not finding it right now... I just make servers have static local IPs...
<jmarsden> BrixSat: Try the idea at http://ubuntuforums.org/showthread.php?t=191239
<BrixSat> another question, can i have on the gateway a dns entry www.campingave.net and not passing it to the net? cause i dont want to interfeer with the real site on the hosting server, i want to make like a mirror that everyone inside the network access the local copy and the internet users access the one on the hosting server
<jmarsden> BrixSat: Yes, you can make your local DNS server believe it is the master for campingave.net if you want; only systems that do DNS lookups on it will use that info.
<BrixSat> thanks ;)
<jmarsden> You could also get tricky and have it only hand out its own info on the LAN interface (to local machines) with a view in named.conf, but that's probably not necessary for what you are doing.
<BrixSat> ~:)
<BrixSat> im going to try the link you give me
<jmarsden> Tweakin: How are you wanting SMTP senders to authenticate with your server so they can send email through it?
<Tweakin> hmm, not sure on the answer there. TLS?
<Tweakin> I followed the Ubuntu Server Guide to get this all setup, so using postfix/dovecot
<jmarsden> Sounds like you need to understand what relay denied means before you configre a mail server?
<jmarsden> Yes, but how will users that want to send mail identify themselves to your server?
<Tweakin> I do understand what it means ;) This is my first ubuntu postfix/dovecot config, I have used Gentoo in the past to setup several others. Gentoo is just getting to hard to maintain.
<Tweakin> I was just unsure of the phrasing of your question
<jmarsden> Will they all have local unix accounts on the server?  Use LDAP?  Some other database of users in a SQL databases...?
<Tweakin> yup, local accounts
<jmarsden> TLS has nothing to do with how users authenticate.
<jmarsden> OK; did you use the dovecot-postfix package to integrate the two?
<Tweakin> Is that what tasksel does when you first install ubuntu server edition? I would assume so.
<jmarsden> Which release of Ubuntu Server are you using?
<Tweakin> 8.04 LTS
<jmarsden> OK, then I don't think it has that package.
<jmarsden> I take it postfix works fine other that the user auth stuff... you can send mail from a local shell account on the server just fine, right?
<Tweakin> yup, and receiving is working remotely. Just not sending remotely
<jmarsden> The options for dovecot auth all changed recently, so looking at my Ubuntu 9.04 setup isn't going to help much...
<Tweakin> yeah, I am following the 8.04 server guide
<BrixSat> jmarsden :( i have rebooted the network, not working, should i reboot the pc?
<jmarsden> BrixSat: Can you pastebin the output of postconf -n so I can see that config, and also /etc/dovecot/dovecot.conf (i think that's the right file!)
<jmarsden> BrixSat: You "rebooted the network"?  Can you explain what you mean by this?
<BrixSat> [jmarsden]: ok :)
<jmarsden> BrixSat: OOps, wrong person...
<jmarsden> Tweakin: Can you pastebin the output of postconf -n so I can see that config, and also /etc/dovecot/dovecot.conf (i think that's the right file!)
<Tweakin> jmarsden; pm for the links or here?
<jmarsden> Here is fine, they shouldn't have any sensitive info in them.
<Tweakin> would rather not want my domain in public (if that is ok)
<jmarsden> Oh, OK... PM is fine too.
<BrixSat> http://pastebin.com/f4ee395a2
<BrixSat> http://pastebin.com/f31220d09
<BrixSat> the files you asked :=)
<jmarsden> BrixSat: Sorry, I meant Tweakin ... trying to help two people at once here and got confused!  Is your network Ok now?
<BrixSat> [jmarsden]: no my network still does not response to local dns queries
<jmarsden> BrixSat: Does dig @localhost yahoo.com    # work when done on the server?
<jmarsden> Tweakin: Looks sane.  Is dovecot-auth running ?
<BrixSat> jmarsden yes it does work|
<jmarsden> BrixSat: OK, so you have a working named.  From a workstation does dig @192.168.0.1 yahoo.com  # work, where 192.16.0.1 is the IP of that local Ubuntu server?
<BrixSat> well all my other machines are windows i cant test dig :(
<Tweakin> jmarsden; dovecot is running, is there a separate -auth daemon?
<jmarsden> BrixSat: OK, use nslookup instead...
<BrixSat> :)
<jmarsden> Tweakin: Yes, there is.
<Tweakin> ahh ha
<Tweakin> well, that would be a problem
<jmarsden> Yes, something has to be listening on that private/auth-client socket so postfix can talk to it :)
<jmarsden> The daemon should be called dovecot-auth (unless it changed its name since 8.04...)
<Tweakin> hmm, this is my first go with dovecot (i have always used cyrus). How do I get dovecot-auth installing/running?
<jmarsden> It should be installed as part of dovecot-common.  It should run, as log as your dovecot.conf file is sane... I think!
<jmarsden> Tweakin: is there a file /usr/lib/dovecot/dovecot-auth on your system?
<Tweakin> yup
<BrixSat> jmarsden http://pastebin.com/m4670e0e3 :) result of nslookup
<Tweakin> so perhaps that is not the problem
<jmarsden> Tweakin: OK, so it is installed... just not running?  Maybe try /etc/init.d/dovecot restart
<jmarsden> BrixSat: So it can't find any info on your domain... does that same lookup work when run on the server itself?
<BrixSat> [jmarsden]: yes
<genii> Is there some service or site which will run an audit on your server and report problems?
<Tweakin> jmarsden; my bad, dovecot-auth is running
<BrixSat> genii is the question for me?
<genii> BrixSat: No, for the channel
<jmarsden> BrixSat: Sounds like your named.conf is not allowing other machines to query that domain... check you have an    allow-query { any; };   in the zone's part of the file?
<BrixSat> jmarsden want to see my zone file?
<jmarsden> Tweakin: OK... so it is running but not allowing users to authenticate... is there anything of interest in the log files?
<BrixSat> jmarsden http://pastebin.com/f37f01f7d
<jmarsden> BrixSat: Well, only if you can't debug it yourself :)  OK...
<jmarsden> BrixSat: That looks OK, maybe I need your named.conf file?
<BrixSat> jmarsden want to see my zone file
<jmarsden> genii: It's safer to do that yourself using nessus and similar tools...
<jmarsden> BrixSat: I guess so...
<BrixSat> jmarsden http://pastebin.com/f1d210e58
<genii> jmarsden: I had previously SARA but that box is defunct now
<jmarsden> BrixSat: Unless you put it /etc/bind/named.conf.local I don't see where the campingave zonefile is being used?
<BrixSat> yes it is in locaL
<jmarsden> OK... I suppose now you need to paste *that* :)
<BrixSat> jmarsden http://pastebin.com/f3E294F0
<jmarsden> BrixSat: That link doesn't work for me... ?
<BrixSat> [jmarsden]: sorry http://pastebin.com/f3e3294f0
<Tweakin> jmarsden; sent you log file - a few things stick out obviously, nothing i have been able to diagnose
<jmarsden> Tweakin: Looks to me like it didn't even try to authenticate?  And the SSL hides all the details from me... if you telnet localhost 25 and ehlo junk do you see the AUTH capability listed?
<BrixSat> now something weird just hapened jmarsden, i can access www.campingave.net (hosted site) but all the others like ftp.campingave.net goes to my local site
<Tweakin> ehlo has STARTTLS
<jmarsden> BrixSat: As I said 10 mins ago, you need an allow-query { any; } ; in there.... see http://pastebin.com/m690b46a5
<jmarsden> Tweakin: again, TLs is orthogonal to (has no impact on) how users authenticate... and you said you understood this...?
<jmarsden> The AUTH=PLAIN is what matters for auth, and it is there... so it should work...
<jmarsden> Can you try connecting using a client that does not use TLS and that does try to authenticate with a username and pw?
<BrixSat> no same thing with allow query any :S
<jmarsden> BrixSat: Check your log files for anything named related?
<Tweakin> jmarsden; i am using both outlook and thunderbird to test with- and attempting each different set of options for outgoing mail with each. user/pass (yes/no), ssl connection (yes/no), etc
<Tweakin> no luck
<jmarsden> OK, can you pastebin the log from an attempt with user/pass yes and ssl connection no ?
<Tweakin> sure
<BrixSat> one stupid question, where is bind9 log? i cant find it
<jmarsden> BrixSat: /var/log/messages or /var/log/daemon.log I think... I forget what the default log file location for named is!
<jmarsden> Tweakin: No sign of any attempt at auth there... strange?
<Tweakin> i just turned -v back on in master.cf
<Tweakin> let me paste the full beast
<jmarsden> OK.  BTW You may want to test auth using telnet, see https://helpdesk.ndchost.com/index.php?_m=knowledgebase&_a=viewarticle&kbarticleid=49 for a quick howto on that.
<Tweakin> sent the big log ;)
<jmarsden> OK... looking ...
<Tweakin> hmm, when attempt AUTH LOGIN via telnet, I get:
<Tweakin> "535 5.7.8 Error: authentication failed: Invalid authentication mechanism"
<TJUSE> can someone help me >
<TJUSE> ?*
<jmarsden> Tweakin: Read the EHLO option list again :)  You don't have AUTH LOGIN configured, only AUTH PLAIN
<Tweakin> oh duh
<Tweakin> ned auth plain heh
<TJUSE> i just am messing around. starting using ubuntu server.
<jmarsden> Ah.. so that howto was not the best one to give you... my fault!
<jmarsden> !ask
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line, so others can read and follow it easily). If anyone knows the answer they will most likely reply. :-)
<TJUSE> and i am trying to access the server remotely without IP
<TJUSE> how can i access my server instead of using my IP
<jmarsden> TJUSE: Sit at its console and work there?  If you want to use its name, give it a name in the DNS?  I'm not sure what you are really wanting to do?
<jmarsden> Remote access to a server without IP means you need some other (non-IP) network to connect to it??
<jmarsden> Why can't you use IP to get to your server, it is how the Internet works... IP == Internet Protocol.  Or am I not understanding what you are asking?
<BrixSat> well i cant solve it :( but thanks any way jmarsden
<TJUSE> i got a DNS domain
<TJUSE> well i dont have a static IP
<jmarsden> TJUSE: OK, so then you should be able to use the FQDN (full DNS name) of the server instead of its public IP.
<TJUSE> so every 3 hours it changes.
<TJUSE> and i dont want to have to worry about figuring it out
<jmarsden> so you are using a dynamic DNS provider, such as no-ip.org, right?
<TJUSE> i am using exactly that.
<TJUSE> my registered host is snoopy@hopto.org
<TJUSE> and if i telnet or ssh it.
<TJUSE> i dont get nothing...
<TJUSE> how am i supposed to "tie" my server to the hsot?
<TJUSE> host*?
<jmarsden> So is your server currently at public IP 204.16.252.112 ?
<jmarsden> You use the no-ip client that updates the info in the DNS server...
<TJUSE> no its at71.219.116.165
<TJUSE> ok.
<TJUSE> so i put the client on.
<TJUSE> and it shows my current IP?
<TJUSE> but how to i terminal to my server?
<TJUSE> what do i enter.
<jmarsden> Yes it connects to your dynamic DNS provider and updates your info whenever it changes.
<TJUSE> cuz before i put "ssh admin@71.219.116.165"
<jmarsden> Once you have that working, you can ssh admin@hopto.org
<jmarsden> You can use the DNS name instead of the IP address, as we said earlier.
<TJUSE> and than login in with my credentials
<jmarsden> Yes.
<TJUSE> its still not letting me?
<TJUSE> 22 refused?
<TJUSE> and all my ports are open.
<TJUSE> i can ssh with IP just fine.
<jmarsden> hopto.org is still pointing at the 204.16.252.112 address... the update is not yet working.
<TJUSE> well i have several.
<TJUSE> hopto.org
<TJUSE> 3utilities.com
<jmarsden> get ONE working, forget the rest for now :)
<TJUSE> under my host by domain. i have calbert.hopto.org
<TJUSE> with 71.219.116.165 as the IP?
<TJUSE> according to no-ip.com
<jmarsden> OK, so ssh admin@calbert.hopto.org  then :)
<TJUSE> port 22 refused.
<jmarsden> Tweakin: I have to go afk and eat...
<TJUSE> if i type IP or calbert.hopto.org in browser it asks for username and pw
<TJUSE> ??? but i never set one.
<TJUSE> (please note i am a COMPLETE NOOB)
<Tweakin> jmarsden; thanks for your help. No idea on that last log paste?
<TJUSE> i am still trying to learn and easiest way to do that is through hands on
<jmarsden> TJUSE:  Is your server directly on the Internet?  if not did you forward port 22 (and 80) through the router to your server?
<TJUSE> my ports are open
<jmarsden> Tweakin: Still looks liek the client did not send any AUTH information, to me.
<TJUSE> i can ssh with IP just fine..
<jmarsden> I'll be back later...
<TJUSE> but not with host.
<Tweakin> thanks jmarsden
<TJUSE> 443, 22, and 80 are open
<TJUSE> shit
<TJUSE> now i cant even get on through IP?
<TJUSE> my router is saying my ports are open.
<TJUSE> but i cannot connect?
<poseidon> Anyone know of a good tutorial on setting up ubuntu to be a home server?  I mainly want it to be a central hub for my media
<uvirtbot> New bug: #382034 in samba (main) "Was attempting to install Samba" [Undecided,New] https://launchpad.net/bugs/382034
<PhotoJim> poseidon: not sure there is a howto, but it's pretty easy to do.  you want to use nfs-server for Linux clients, Samba for Windows, AFS or one of the other two can be used for Macs.  Really pretty easy.
<Rafael> can somebody help me with the follwoing, a friend help me with rsync creting the following script: #!/bin/bash and rsync -v -r -d --delete /home/rgotten/Prueba/Myplasticare /home/rgotten/mnt/ >> /home/rgotten/logs/respaldo-`date +%d%m%Y`.log this has being sve to a file ./respaldo-archivos.sh, my question is how do i ron a crontab to do backups at 1am from monday to friday?
<jmarsden> Rafael: Read    man 5 crontab   # and especially read the part just after EXAMPLE CRON FILE.   Then do crontab -e  and type in a suitable crontab line, probably    0 1 * * 1-5 /home/rgotten/respaldo-archivos.sh
<reenignEesreveR> i wanna setup a file sharing server ... an ungeeky so something better than ftp/samba should do ... is there any "getdropbox.com" like servcie which i may install on my ubuntu machine?
<uvirtbot> New bug: #382117 in samba (main) "Renaming a file through Samba overwrites existing one" [Undecided,New] https://launchpad.net/bugs/382117
<hackeron> hey, I just installed a clean ubuntu server, did apt-get install postgresql - when I try to run /etc/init.d/postgresql-8.3 start - I get: 2009-05-31 12:30:53 BST FATAL:  could not load server certificate file "server.crt": No such file or directory -- any ideas?
<aptanet> I've not tried posrgresql mysefl, but have you tried using tasksel install postresql-server ?
<aptanet> I don't have a box to check on handy, but that my bring in extra packages / configuration
<aptanet> sounds like an ssl problem, is openssl installed?
<Blinkiz> Hi. need some help with bridge interface. I want to bring a bridge interface up without having any physical (or virtual) interfaces attached to it. I know how todo it from command prompt but not from boot of OS. Anyone that know what am missing to get the br1 up in manual mode from /etc/network/interfaces?
<Blinkiz> Am looking for a command like "ip set link br1 up" in interfaces file.
<Blinkiz> bridge interface only starts automatic if I have static ip, dhcp or a interface connected to the bridge.
<aptanet> do you have any interfaces configured in /etc/network/interfaces? I assume you must have something
<aptanet> if so you could add and 'up' entry to the end of one to run the cli commands you need to bring the interface up
<aptanet> for example, after the broadcast entry on one of my boxes I've got
<aptanet> up /root/scripts/routes.rul
<aptanet> which links to a script to add some custom routes once the interface is up
<Blinkiz> aptanet, this is my interfaces file: http://blinkiz.pastebin.com/d5d221d35 . I know want br1 to go up without having eth1 attached to it
<Blinkiz> know = now
<aptanet> does simply replacing 'manual' with 'auto' do the trick?
<Blinkiz> Hmm, maybe.. w8
<aptanet> hang on, brain not working!
<Blinkiz> nupp, unkown metod
<aptanet> that's ip wise, not whether it loads the interface!
<Blinkiz> aptanet, So should I just put in "up brctl addbr br1" or what?
<aptanet> what are you bridging if there's only a single eth interface?
<Blinkiz> aptanet, It will be only virtual interfaces. Its a virtualization server
<Blinkiz> A internal network for only virtual machines
<aptanet> not technologies I've played with, so I'm just speculating
<aptanet> if you don't have eth1 up would you use bridge_ports eth0 ?
<Blinkiz> For now anyway. I will have a physical interface attached to the bridge on Thursday or something. Waiting for the server nic card...
<Blinkiz> aptanet, problem now is that I would like to get the bridge up at OS boot without having a interface attached to it
<Blinkiz> Virtual interfaces will be added when machines are started up after OS boot
<Blinkiz> machines = virtual machines, i mean
<Blinkiz> I know this is possible! I had a guy in #ubuntu-virt a couple of days ago having the same problem. He solved it somehow by putting something in the interfaces file. Bad for me, I was not logging.
<Blinkiz> Oh! Maybe #ubuntu-virt logs exist on the internet somewhere?!? :D
<aptanet> http://logs.ubuntu-eu.org/freenode/
<aptanet> but I don't see it in there
<Blinkiz> bummer
<aptanet> going back to plan A, if you know the commands you can put them in a bash script and link it from an 'up' for the lo interface perhaps
<Blinkiz> aptanet, jepp, am going for that. thanks!
<uvirtbot> New bug: #382136 in samba (main) "Smbd startup failure caused by a failure to create an NT token for the guest account." [Undecided,New] https://launchpad.net/bugs/382136
<dennister> could anyone else pls help with this postfix/dovecot/sasl authentication issue I'm having?
<incorrect> i am trying to set up acl's i've set it so i have rwx and set -R and -d on the directory, however i still can't create a directory up the tree
<giovani> incorrect: ls -ld /path/to/dir please
<incorrect> ls doesn't show acl's
<incorrect> getfacl dir
<incorrect> its owned by root and as a different group
<giovani> ACLs are totally different
<giovani> I didn't see your mention in the original request, sorry
<incorrect> no problem
<incorrect> default:user:myuser:rwx
<incorrect> i can see its there
<incorrect> duh  X not x
<CarlFK> at some point sudo reboot (and shutdown -r now)  stopped rebooting back to POST/grub and started using something like kexec to reload the current kernel.
<CarlFK> how do I get it to reboot such that I can pick a different kernel from grub menu?
<FFForever> how can i find out how much space Chris is using?
<MianoSM> In his home directory, or on an entire system?
<FFForever> home dir
<MianoSM> du -sh /home/Chris
<MianoSM> That will show you Disk Usage (Summary / Human readable) for the directory /home/Chris
<FFForever> awesome
<MianoSM> :)
<MianoSM> you might want to look up user quata
<MianoSM> user quota*
<FFForever> MianoSM, i would love to do user quota but i have yet to find a way without making vfs and putting the home dir in them...
<MianoSM> I haven't had to implement user quota yet, so I'm not much help beyond reading a man page on it :(
<phaidros> which virtualization is everyone here using on servers?
<phaidros> I am using xen since > 2 years, rock solid, stable.
<phaidros> pity to know ubuntu has dropped xen support ..
<Gargoyle> phaidros: I don't use it directly, but my server is a xen virtual machine
 * dazman uses Hyper-V as the host for multiple Ubuntu servers.  
<dazman> Does that count?  *runs*
<Alex_21> Hi, all,
<phaidros> phaidros slaps dazman ..
<Alex_21> I need to use Zip from the command line to make zips of a folder. How do yyou do this. "$ man zip" does not make sense
<Alex_21> What are the sintax?
<Alex_21> Please
<phaidros> Alex_21: it is dead easy: zip zipfile.zip files to zip /or/path/to/files/*
<Alex_21> They are folders though
<Alex_21> And those folders contain directories. I don't want to loose the directory structure
<phaidros> Alex_21: I don't see the problem
<_dennister> hey gang...having a bit of trouble configuring apt-proxy, can anyone help me with backend entries?
<Alex_21> I thought it was "$ zip -r "path/to/folder" "zipfile.zip"
<dazman> Alex_21: zip -r
<phaidros> ah, -r makes sense
<dazman> zip -r zipfile.zip dir/
<dazman> same as tar... destination zip first
<Alex_21> Ok
<Alex_21> Thanks
<_dennister> dazman: could you help me, pls?
<Alex_21> And to install Ubuntu desktop edition for use as a server, which version should I use? I want to have more than four GB of RAM but currently I only have two
<Alex_21> So I'm not sure what determins 32 bit from 64 bit and more importantly which one I should install
<dazman> Alex_21: To get more than 4GB RAM, you'll need x64 (providing you have an X64 box)
<dazman> Alex_21: and you'd probably be better off using Ubuntu-server, surely? :)
<dazman> _dennister: just ask the question openly, and see who answers/helps. :)
<_dennister> dazman: i do, and no one helps in any of the channels I'm logged into :( not my usual experience, either
<_dennister> hey gang...having a bit of trouble configuring apt-proxy, can anyone help me with backend entries?
<phaidros> _dennister: that is boviously a meta question ;)
<_dennister> i've gotta get this set up before bell starts charging me tons of $ tomorrow
<Alex_21> How do I know what my box supports?
<phaidros> sry, I have never used apt-proxy yet. but anyways, I can see not question ;)
<dazman> Alex_21: It depends on the CPU.
<Alex_21> And why is Ubuntu Server better for a desktop system acting as a Server?
<Alex_21> How do I know the CPU
<dazman> Alex_21: It's not always.
<Alex_21> ?
<_dennister> trying to import my cache into apt-proxy, but always get this error message: No Packages files available for ubuntu-whatever
<dazman> cat /proc/cpuinfo will show you the model.
<phaidros> Alex_21: to distinguish between srever and desktop edition: metapackages and kernel are different, slightly, some setting in sysctl maybe
<_dennister> dazman: that specific enuf for you? :-)
<phaidros> _dennister: this might be a bug: read here http://ubuntuforums.org/showthread.php?t=297467
<Alex_21> What do I look for
<Alex_21> ?
<dazman> Model Name
<Alex_21> In determining the CPU and whether it is 64 bit compatible?
<Alex_21> Please
<Alex_21> Here: Intel(R) Core(TM)2 CPU          4300  @ 1.80GHz
<Alex_21> stepping	: 2
<phaidros> _dennister: people seem to recommend apt-cache ..
<dazman> Alex_21: Core 2's are x64 yep
<Alex_21> So do I get better processor effectiveness or what out of 64 bit OS's
<Alex_21> ?
<_dennister> phaidros: yes, i'd seen the bug report in the howto, but the howto said it was ok to ignore it :( apt-cache doesn't do as much as I need it to do because of the blasted bell canada's illegal antics
<_dennister> but I think the bug report might just have steered me into right/sensible path for a fix
<Alex_21> And how do I know how much RAM I can squeeze in this box.
<_dennister> thanks; i'll let u know
<Alex_21> I need to max it out if possible
<phaidros> _dennister: glad I could help
<phaidros> Alex_21: the memory limit is determined by the motherboard usually. afaik.
<Alex_21> How can I find out what is supported on this puppy?
<Alex_21> Please
<phaidros> Alex_21: find the boardname (printed on the board) and ask google
<phaidros> that I'd do
<Alex_21> I can't.
<phaidros> so, ask someone who acan
<Alex_21> And getting a sighted techie in here is hard at best
<phaidros> s/acan/can/
<phaidros> sry i don't know any voodoo to determine tha max amount of ram for an unknown motherboard :/
<Alex_21> The OS itself doesn't know the motherboard?
<phaidros> no.
<Alex_21> It found the CPU
<Alex_21> Oh
<Alex_21> Ok
<phaidros> you can maybe find out about the chipsets.
<Alex_21> Here is an idea.
<Alex_21> I know the Computer model number. I'll just Google that. Silly me.
<phaidros> ^^
<uvirtbot> phaidros: Error: "^" is not a valid command.
<phaidros> irks
<phaidros> sry uvirtbot, din't want to confuse u .. ^^
<jpds> ^fail
<uvirtbot> jpds: Error: "fail" is not a valid command.
<phaidros> ^stupid
<uvirtbot> phaidros: Error: "stupid" is not a valid command.
 * phaidros slaps uvirtbot 
<Alex_21> !Lol
<ubottu> Please don't use "LOL" and "OMG" and so forth on a regular basis. This is IRC, not IM, and using those lines on their own is not required, and it is rather annoying to the rest of the people in the channel; thanks.
<phaidros> rofl
<Alex_21> !Awesome
<ubottu> Sorry, I don't know anything about Awesome
<phaidros> Alex_21: didn't you want to google a certain machine type?
<Alex_21> !Ubuntu
<ubottu> Ubuntu is a complete Linux-based operating system, freely available with both community and professional support. It is developed by a large community and we invite you to participate too! - Also see http://www.ubuntu.com
<Alex_21> !Google
<ubottu> google is the helpers' friend; many newer users dont have the google-fu yet; For GNU/Linux:  http://google.com/linux
<Alex_21> Yeah.
<Alex_21> That is easier for a tech to read next week. The problem was getting a sighted tech to open the machine while it is on the rack
<phaidros> Alex_21: thanks for using other peoples time to safe your own ;)
<Alex_21> So I still need the exact number
<Alex_21> It is no biggie though
<phaidros> :p
<Alex_21> Hey. I can't read it
<Alex_21> Got a problem with that?
<Gargoyle> Alex_21: 37GB
<Alex_21> How do you know that?
<Alex_21> !Trigger
<ubottu> Sorry, I don't know anything about Trigger
<phaidros> 42
<Gargoyle> Magic. ESP. A little bird told me... Take your pick!
<Alex_21> !Blind
<ubottu> Sorry, I don't know anything about Blind
<Alex_21> !Accessibility
<ubottu> Sorry, I don't know anything about Accessibility
<Alex_21> !Access
<ubottu> Sorry, I don't know anything about Access
<Alex_21> !Orca
<ubottu> Sorry, I don't know anything about Orca
<Alex_21> !Deaf
<ubottu> Sorry, I don't know anything about Deaf
<Alex_21> !Disabilities
<ubottu> Sorry, I don't know anything about Disabilities
<Alex_21> !Ignorant
<ubottu> Sorry, I don't know anything about Ignorant
<Gargoyle> Alex_21: Must you do that?
<Alex_21> I'm trying to find accessibility resources for Ubuntu
<Gargoyle> Alex_21: Try google, not an IRC bot!
<Alex_21> Ok
<Alex_21> Thanks
<Gargoyle> Alex_21: You can also /msg the bot with !help to find out what it is most useful for!
<Gargoyle> Alex_21: Without flooding the chan.
<phaidros> +1
<Alex_21> We need #Ubuntu-accessibility
<Alex_21> #Ubuntu is too crowded for accessibility talk if you are using assitive technology
<phaidros> that's a good proposal
<vorian> that would be a proposal you could make in #ubuntu-irc
<Alex_21> Ok
<Alex_21> Thanks. I didn't know about #Ubuntu-IRC
<vorian> not many people do :)
<racecar56> hp mediasmart ext475, anyone?
<racecar56> *ex
<Alex_21> Thanks for your help
<Alex_21> God day
<Alex_21> Lol, ...Sorry
<Alex_21> Good day
<racecar56> does anyone here have any experience installing ubuntu server on a hp media(not so)smart ex475?
<RoAkSoAx> heya guys, do you think that the proposed solution for this bug is the adequate? https://bugs.launchpad.net/ubuntu/+source/passenger/+bug/332238
<uvirtbot> Launchpad bug 332238 in passenger "Building against apache2-prefork-dev would allow mod_php5 cohabitation" [Undecided,Confirmed]
<MianoSM> !chrt
<ubottu> Sorry, I don't know anything about chrt
<MianoSM> !taskset
<ubottu> Sorry, I don't know anything about taskset
<MianoSM> !renice
<ubottu> Sorry, I don't know anything about renice
<MianoSM> !worthless bots
<ubottu> Sorry, I don't know anything about worthless bots
<superfirelord42> Interesting thing, may not be in the right room for this. I installed ubuntu server edition, cant seem to get the e100 driver working right. Looking through dmesg, i see e100: 0000:01:02.0: can't derive routing for PCI INT A, anyone know what may be going on?
<superfirelord42> To be sepecific on not working, I cannot get a DHCP lease, and manual routing and configuration does not appear to work either.
<genii> superfirelord42: You may want to try kernel option of pci=routeirq
<superfirelord42> genii, i just noticed something when i tried to do a dhcp on them all, said try irqpoll, should i try that first?
<genii> superfirelord42: Yes
<superfirelord42> interesting, boot time slows to a crawl on ata1, something about frozen. IRQ #15 was disabled which I know was one of the NICs, still not booted yet
<pygmalion> what's the fastest way to restore the default config files for postfix and dovecot?
<superfirelord42> genii, well, good news bad news, good news, i got the DHCP, bad news, it spewed some IRC issues and now is not responsive, rebooting with your pci=routeirq
<superfirelord42> *IRQ
<storrgie> I created an array, but when I restart instead of /dev/md0 I get a bunch of funny md devices named like md_d0 and md_d0p1
<wizardslovak> ok this is weird , i moved server to other room and turned it on
<wizardslovak> no i cant connect to it true ssh
<wizardslovak> "no route to host"
<wizardslovak> if i ping it it says "destination host unreachable"
<superfirelord42> wizardslovak, can you ping from it?
<wizardslovak> no i am pinging it from my laptop(kubuntu)
<wizardslovak> 100% packet loss
<wizardslovak> i see it on my router tho
<wizardslovak> ok i found it , i plugged into wrong card lol
#ubuntu-server 2010-05-31
<Italian_Plumber> having an interesting problem with my DVD drive -- it can show the directory listing but can't read any of the data itself.
<Italian_Plumber> http://pastebin.com/3g1TRrV7
<ruben23> hi guys i have 50 PC unit want to used UNE to install, how to install them on a fastest way and all pc dont have disc drive..any suggestion...?
<tyler_d> I am trying to install 10.04 64 bit and upon detecting the hard-drives it comes up with "Configure iSCSI volumes" I have tried 4 different hard drives, and I don't have an iscsi device, nor even a scsi drive, they are all sata drives....?
<julianc> iSCSI is related to SAN. Is it only giving you iSCSI as an option?
<tyler_d> julianc: yes, only the iSCSI option, or roll back, which just kills the system
<tyler_d> it would appear that their is an option that is simply not there, ie. just whitespace that you can select - no menu option associated with it.
<julianc> Tried using an alternate install disc or network install?
<tyler_d> I have also tried to install install using a different usb device, thinking that this may be a corrupt installation genre - with the same result
<tyler_d> would love to try a network install, however never done it
<julianc> Did you get any messages about needing to load additional drivers for disk controllers?
<tyler_d> no disk controllers involved, straight off the board, an xfx nvidia
<tyler_d> 680i
<tyler_d> ensured that the fakeraid was turned "off"
<tyler_d> and have even flashed the bios for good measure
<tyler_d> I have just changed to a different sata - changed the usb port that was being used, and restarted, and somehow now it has picked it up
<tyler_d> however thats just silly
<julianc> You were installing from a flash drive?
<tyler_d> yes, I still am
<Zelda> does samba share files over the WAN or LAN only?
<julianc> Samba can share files over any network (even over the Internet).
<julianc> Automatic detection of computers in a workgroup/domain is limited by subnet.
<julianc> Ideally, one would keep Samba shares behind a firewall. Even if not using workgroups/domain as a major part of local network infrastructure, it's possible to just point to the Samba share by hostname/IP.
<Zelda> julianc- thanks. I think what I want to do, is create an openssh or SFTP server then
<bogeyd6-> Zelda, samba can share on both, and to setup ssh server just go to terminal and type "apt-get install openssh"
<bogeyd6-> Zelda, sorry its just "ssh" not openssh
<Zelda> bogey6: thanks!
<bogeyd6> hmm
<Zelda> Ok, so I'll create a share on my LAN so I can stream stuff to my xbox360. And for the later, should I install openssh? This has sftp correct? This would be for the people that are on different subnets and over the WAN.
<Zelda> heres what I want to do to make it short. I want to have a server where my family can access it from their computers. They are not on my LAN. however I want to be able to share files and have them backup their machines on my server. Whats the best procedure to do this? (meaning the easiest)
<Zelda> Or people are using PS3mediaserver.. is that easy to setup for my xbox360?
<Zelda> trying to create a server, and run sw raid 1 and then backup to a drobo eventually.
<Zelda> or question, is raid 1 good to run if say your primary hdd gets corrupted, it could corrupt the secondary couldnt it?
<julianc> Can the Xbox 360 use SFTP natively, or at all?
<Zelda> No. You can create like a "share" network drive on the xbox, but no sftp
<jmazaredo> hi, why do many prefer command line on servers wothout gui? ive been using ubuntu server with gui and find it easier with gui
<Zelda> what gui you using?
<julianc> A GUI can consume precious resources that the server could otherwise be putting to good use.
<bogeyd6-> people use servers jmazaredo for resource intensive multiuser applications and adding a GUI where none is called for takes away from those scarce resources
<Zelda> indeed.
<jmazaredo> yes but administering will be lot easier right?
<jmazaredo> and with resources nowaday just a little it will consume
<jmazaredo> servers ranging from 8 to 16gb ram a gnome or any gui will just use some
<julianc> It could be easier, sure. One thing I sometimes do is install a few GUI-based tools, and run them over SSH with X11 forwarding turned on. That way, I have access to GUI tools without needing to have a desktop environment always running.
<uvirtbot> New bug: #587717 in mysql-dfsg-5.1 (main) "package libmysqlclient16 (not installed) failed to install/upgrade: intentando sobreescribir Â«/usr/lib/libmysqlclient.so.16.0.0Â», que estÃ¡ tambiÃ©n en el paquete mysql-cluster-client-5.1 0:7.0.9-1ubuntu7" [Undecided,New] https://launchpad.net/bugs/587717
<bogeyd6-> jmazaredo, administration ends up being more complicated the more servers you have running
<jmazaredo> yes thats why i use gui
<Zelda> anyone get my question, as to what im trying to do?
<bogeyd6-> log into my 850 servers one by one and see why multissh is ftw
<tyler_d> julianc: however like I am finding right now, utils like disk-util don't work well on remote connect, and quite often kill the server on X-forward
<jmazaredo> 850 servers damn!
<bogeyd6-> Zelda, no, im not clear on what you are trying to do
<jmazaredo> if im using cli i will be doomed
<julianc> Zelda: since the Xbox is Windows-based, it might be a good idea to go with Samba, since it's lowest common denominator for all the systems involved.
<julianc> Much easier to set up Samba as a file server if you don't have to have authentication.
<Zelda> bogeyd6: Im trying to build a server. I want to have my family backup to it and beable to share files and such. These family are not on my LAN, but over WAN. I want to know what I need to do to have them be able to backup/share files on my server. /
<bogeyd6-> is this WAN internet based?
<Zelda> julianc: yes. Thats what I was thinking using Samba for my intranet
<Zelda> bogeyd6: yes
<Zelda> obviously I want the most secure way of doing that.
<Zelda> So on the intranet, use samba to share a network drive to other computers, including the xbox360. for Media. (i.e movies, music, photos)
<bogeyd6-> I can think of no easy way
<Zelda> however for the family that is on the WAN (internet) whats the easiest way to create a server?
<bogeyd6-> The most secure method is obviously samba and vpn. The easiest is just samba with security = user. The fastest is probably to think of something else
<Zelda> create an openssh and have them create accounts?
<Zelda> yeah I dont want to really use ftp since its terribly slow.
<bogeyd6-> having your whole family ssh is probably not in the realm of realistic
<Zelda> yeah. true...
<Zelda> so what is possible? VPN?
<Zelda> so ftp would be the easiest then for people outside my lan right?
<Zelda> i'm really wanting to go with the samba +vpn. if its the most secure.
<Zelda> My router will support up to 5 VPN tunnels I think so I could have up to 5 people at once.
<bogeyd6-> Samba is def the way to go
<bogeyd6-> even with out VPN
<bogeyd6-> !samba
<ubottu> Samba is the way to cooperate with Windows environments. Links with more info: https://wiki.ubuntu.com/MountWindowsSharesPermanently and https://help.ubuntu.com/10.04/serverguide/C/windows-networking.html - Samba can be administered via the web with SWAT.
<bogeyd6-> :)
<bogeyd6-> !vpn
<ubottu> For more information on vpn please refer to https://wiki.ubuntu.com/VPN
<Zelda> I thought samba wasnt secure over WAN.
<bogeyd6-> :PP
<bogeyd6-> samba is secure if you set the security level to user
<bogeyd6-> then each person just maps a network drive with their username and password. easy as pie
<Zelda> Ok, i'll do some reading. thanks for pointing me in the right directino.
<julianc> That will require setting up the Samba server as its own domain controller, IIRC.
<bogeyd6-> julianc, negative ghostrider
<Zelda> the pattern is full. ...
<bogeyd6-> samba will just use its local user/pass file
<bogeyd6-> zelda setting up samba only takes about 4 minutes or so
<Zelda> thanks. I will read on it. I may mess with it in a vm first before I acutally implement it out right.
<bogeyd6-> the guide makes it look overly complicated but in reality you only install it, set security = user, then setup your shares for each person.
<Zelda> oh thats real easy
<bogeyd6-> i can post a share if you would like to see how one is setup
<Zelda> sure, that would be cool
<Zelda> you think an old p4 2gb ram is enough for that?
<uvirtbot> New bug: #587722 in mysql-dfsg-5.1 (main) "package mysql-server-core-5.1 (not installed) failed to install/upgrade: intentando sobreescribir Â«/usr/bin/my_print_defaultsÂ», que estÃ¡ tambiÃ©n en el paquete mysql-cluster-server-5.1 0:7.0.9-1ubuntu7" [Undecided,New] https://launchpad.net/bugs/587722
<uvirtbot> New bug: #587724 in mysql-dfsg-5.1 (main) "package mysql-client-core-5.1 (not installed) failed to install/upgrade: intentando sobreescribir Â«/usr/bin/mysqlÂ», que estÃ¡ tambiÃ©n en el paquete mysql-cluster-client-5.1 0:7.0.9-1ubuntu7" [Undecided,New] https://launchpad.net/bugs/587724
<Zelda> I was thinking about getting something more energy efficient though
<julianc> Should be more than enough, as long as it isn't churning 24/7.
<bogeyd6-> Zelda, http://pastebin.ubuntu.com/442029/
<bogeyd6-> think it will be just fine unless you plan on watching dvd quality movies over that net link
<Zelda> julianc: what if i am planning on running it 24/7 but not accessing it constantly.
<Zelda> bogeyd6: yeah I may eventually do that.
<bogeyd6-> Zelda, obviously you dont want public = yes
<Zelda> Im thinking of getting new hardware.. intel or amd.. I have some specs for though
<bogeyd6-> glad i could help, gl
<Zelda> bogeyd6:indeed
<Zelda> I was planning on getting newer hardware, I have an i3-530 system spec'd out or an amd phenom II x2 specd. sound like that would work fine?
<bogeyd6-> what kind of hdds?
<bogeyd6-> storage subsystem is where its going to count the most
<bogeyd6-> im using windows 7 for work in a vmware image rite now. i gotta say wow, makes me want to leave ubuntu
<twb> bogeyd6-: I'm not stopping you.
<Zelda> standard sata 3gb 500gb
<Zelda> sorry had to get the cake iced. :P
<bogeyd6-> twb, ty trent
<bogeyd6-> Zelda, prob not fast enough
<Zelda> sas?
<bogeyd6-> i would drop the specs on that m/b proc and upgrade to scsi or sas drives, 15k rpms should do it
<Zelda> or get the 6gb
<bogeyd6-> cdw outlet prob has some rocking sas drives for around 100 each, score about 8 of them and put into a storageworks card or w/e
<Zelda> then I might as well get like an hp ml series server.
<bogeyd6-> depends on your fluidity
<Zelda> were talking about $1k
<Zelda> you dont think 3gb sata or 6gb sata would be fast enouhg?
<twb> Zelda: what is this host for?
<Zelda> samba server
<Zelda> and backup server.
<twb> We have a lot of hosts like that, serving small businesses (say, twenty people).
<twb> We just use normal SATA in an md RAID1 or RAID5.
<Zelda> yeah thats what I was thinking.
<Zelda> sas or scsi yet superior.. gets expensive on a budget
<Zelda> making a md raid 5 with like 1t or so.. maybe more.
<Zelda> or raid 1 for 1Tb
<Zelda> TB rather *
<twb> Well, we'd normally buy disks with the best dollars-per-byte count
<twb> Which is around 750 or 1TB at the moment
<twb> No matter what size you buy, the users will fill it up
<Zelda> well then i guess its 2 1TB for a TB of storage
<Zelda> and then just add to it
<twb> With RAID5, you lose one drive to parity, so of 3Ã1TB you get 2TB effective.
<Zelda> yeah I know how raid works.
<twb> OK :-)
<Zelda> :)
<Zelda> I worked at HP for 3 years, building servers.. heh
<twb> My sympathy
<Zelda> now I work at Cisco!
<twb> Ha!
<twb> My biggest bitch about cisco is their entry-level units run vxworks or something instead of IOS or linux
<Zelda> bogeyd6: Thanks for the point in the right direction.
<Zelda> julianc: you too
<julianc> You're welcome.
<Zelda> hahah ! yeah I know what you mean..
<twb> To get a shell on this one here I have to ssh in (which gives me a crippled menu interface) then hit ^Z to suspend it and get a shell
<Zelda> wtf is with the VXworks garbage anyhow?
<twb> Zelda: the advantage over linux is that it can run in 8MB instead of 16MB
<twb> AFAICT
<Zelda> so you think that getting 3 1TB SATA would be quick enough for say roughly 10 people?
<Zelda> over the internet
<twb> Well, over the internet, the bottleneck will probably be the internet
<twb> Cf. disk speed, bus speed, and (say) ADSL2+ speed.
<Zelda> yeah, I wish I got utopia... they dont offer it in my area..
<Zelda> :(
<bogeyd6-> we got docsis 3.0 at my house, 55mbs
<Zelda> but thats fast enough for people to use for a backup though
<Zelda> lucky you man.. I only have 20mbps
<twb> bogeyd6-: you can't get more than 22mbps (theoretical maximum) in my country
<julianc> I'm slumming on 5. DOCSIS 3.0 is in the works.
<bogeyd6-> thats a shame
<bogeyd6-> it bounces from 46-55 but you gonna see 5.6MB/s downloads
<Zelda> Comcast will support 3.0. I dont have the bandwidth. Im not going to pay them 100+ a month for just me.. heh
<twb> Outside the major cities it's dialup (56kbps) uplink combined with satellite
<bogeyd6-> twb, ick
<Zelda> ha, where do you live? Canada?
<Zelda> that really sucks though.
<twb> .au
<Zelda> ah... yeah that makes sense.
<Zelda> lol, give some kangaroo's some adrenaline shots.. heheh
<Zelda> well thanks twb for the advice as well.
<twb> This is apparmour, right?
<twb> [1077521.388157] audit(1275130499.951:7): type=1502 operation="file_lock" requested_mask="k::" denied_mask="k::" name="/var/run/utmp" pid=5406 profile="/sbin/syslog-ng" namespace="default"
<corpse> im having an issue with pure-ftpd. I have all of my drives mounted to /home/ftpusers/username. They are all there with i do ls.  i have my ftp user root as /home/userftp/username. when i access the ftp with a remote computer i show zero files in the directory. i can create a folder from remote and then see that on my other systems. but then i cant see that new folder on the server
<twb> corpse: http://mywiki.wooledge.org/FtpMustDie
<twb> Use SFTP.
<kaushal> hi
<kaushal> I am running logrotate on ubuntu 8.04 hardy server. It causes high load on the server. I have set the nice priority to 19 Still no improvment
<kaushal> Please suggest
<kaushal> The size of the logfile is around 10Gb
<twb> niceness won't reduce load
<twb> rotate that logfile manually.  It's probably spending its CPU cycles gzipping it.
<twb> logrotate won't cause significant load if you've been using it already
<kaushal> twb: yes
<kaushal> twb: any workaround ?
<twb> 17:07 <twb> rotate that logfile manually.  It's probably spending its CPU cycles gzipping it.
<kaushal> twb: i did that
<kaushal> I usually call it from crontab
<kaushal> It happens at 1 am
<kaushal> twb: just want to understand you said to run it manually
<twb> Wrong.
<kaushal> I mean i did not understand that
<twb> I mean something like "mv foo.log foo.log.oldandstupid"
<twb> I don't mean "run logrotate from the command line"
<kaushal> twb: its not possible
<twb> That way logrotate won't see your ridiculously large historical logs, and will happily deal with small logs from now on.
<kaushal> Every day the logfile size is around 10Gb
<twb> Maybe you shouldn't log so much, then
<kaushal> twb: any other way to handle it
<twb> I don't know.
<kaushal> sorry if i am bugging a lot
<\sh> rsyncing the logs on one central logfile server which deals with logfiles much better...decreasing the logging in general...production environment shouldn't log everything...it should log errors and warnings (application logfiles) etc.pp. 10Gb is really a lot of cruft
<kaushal> \sh: ok
<_tydeas_> if i want a home dir to be created i must add to the  /etc/login.defs the line CREATE_DIR=1?
<_tydeas_> if i want a home dir to be created when i useradd i must add to the  /etc/login.defs the line CREATE_DIR=1?
<_tydeas_> I am facing a strange behavior. I have installed apache and php to my server but when trying to access a php file it does not rendered to the browser but i am prompt to download the file.why is that?
<\sh> _tydeas_, check /etc/apache2/mods-enabled/ if php module is enabled...did you restart apache2?
<_tydeas_> mod-enabled and restarted
<ewook> hrm. Seems like I've broken postgrey when doing the upgrade from 8.04 to 10.04. anyone bumped into the same thing? (cant upgrade the package)
<_tydeas_> how to determine version of my ubuntu server?
<kaushal> _tydeas_: lsb_release -a
<_tydeas_> For one more time,php files can be rendered in the browser but only for the once under /var/www. I want the php to render for each user i have this http://pastie.org/985296 in the config.
<ivoks> _tydeas_: restart apache
<ivoks> _tydeas_: and access your file with *w3m*, not firefox
<_tydeas_> w3m?
<ivoks> command line browser
<_tydeas_> i have restarted apache
<_tydeas_> why?
<ivoks> cause firefox has a wicked cache
<ivoks> w3m does't have it at all
<ivoks> that makes it the best tool for testing changes in web pages
<_tydeas_> ok it renders properly
<ivoks> a month ago there was someone with the same issue
<ivoks> and he was using firefox all the time
<_tydeas_> what do i do know
<_tydeas_> ?
<\sh> why not disabling the cache in firefox? ;)
<ivoks> _tydeas_: nothing, it's working; isn't it?
<_tydeas_> you mean the problem was client side?
<ivoks> yes
<_tydeas_> tried google chrome same result
<ivoks> does it render with w3m?
<_tydeas_> yes
<ivoks> then that's it
<_tydeas_> and what the server users
<ivoks> now why someone of your browsers don't reload the page from server
<_tydeas_> they don't use w3m
<ivoks> beats me
<ivoks> try shift+f5 on firefox
<ivoks> err... ctrl+shift+r
<_tydeas_> where
<_tydeas_> ?
<ivoks> firefox
<_tydeas_> when i try to access serverhost/~testing/index.php
<_tydeas_> i get prompt to download the file
<ivoks> that's firefox's cache
<_tydeas_> same on google chrome
<ivoks> cache again
<ivoks> it's easy to double check
<ivoks> tail access.log on server and then use firefox on client
<ivoks> you'll notice that firefox doesn't access your server at all
<ivoks> or, clear cache in firefox
<ivoks> ctrl+shift+del
<binBASH> chrome doesn't cache
<twb> Isn't it backed onto libsoup?
<twb> I vaguely recall that caches
<binBASH> _tydeas_: You can check with curl or wget
<ivoks> of course it does :)
<binBASH> those really don't cache :p
<ivoks> binBASH: he checked with w3m
<ivoks> binBASH: and it rendered :)
<_tydeas_> i appear with firefox in the access.log
<_tydeas_> I will say it again
<_tydeas_> if i try to access a php file under Document Root /var/www
<_tydeas_> it will be rendered properly
<_tydeas_> if i try to access a php under a users /home/user/public_html
<_tydeas_> i get prompt to download the file
<twb> _tydeas_: so PHP isn't enabled for users' home directories.
<_tydeas_> i did enabled it
<ivoks> twb: he enabled it, restarted apache
<ivoks> twb: it's client side cache
<twb> OK.
<_tydeas_> ivoks: that's what i have done
<_tydeas_>  http://pastie.org/985296 & http://pastie.org/985325
<twb> _tydeas_: even with a retarded cacher, you should be able to move the test.php to test2.php and try again
<binBASH> btw. from your pastie <FilesMatch "\.ph(p3?|tml)$">
<binBASH> how old is that config? :p
<_tydeas_> yes
<binBASH> .php3 and .phtml ?
<_tydeas_> i downloaded the ubuntu server and was in it
<_tydeas_> didn't create it
<twb> _tydeas_: what does "lsb_release -c" say?
<_tydeas_> Codename:	lucid
<ivoks> _tydeas_: what does this outputs?
<_tydeas_> what?
<ivoks> wget -qO- http://server/~testing/index.php
<ivoks> php or html?
<_tydeas_> html
<binBASH> try with this <FilesMatch "\.ph(p3?|tml|p)$">
<ivoks> end of story
<ivoks> for firefox and chrome, please go to #ubuntu
<ivoks> or #google and #mozilla or whatever
<_tydeas_> i have not installed php-cgi
<_tydeas_> does this matter?
<ivoks> as i said, for client side questions -> #ubuntu
<ivoks> your apache is parsing php and renders html
<_tydeas_> ivoks: thanks ivoks
<_tydeas_> thank you guys
<_tydeas_> i cleared the cache in firefox and worked
<uvirtbot> New bug: #587810 in samba (main) "pam_winbind reports misleading "Access denied"" [Undecided,New] https://launchpad.net/bugs/587810
<federico2> hi there
<uvirtbot> New bug: #587828 in net-snmp (main) "Row creation in snmpTargetAddrTable fails in 64-bit version" [Undecided,New] https://launchpad.net/bugs/587828
<alex88> hi, i'm on ubuntu and i've installed fastcgi trough package libapache2-mod-fcgid, how can set the number of php processes running? i've followed this tut http://ubuntuforums.org/showthread.php?t=1038416
<\sh> Alblasco1702, http://www.fastcgi.com/mod_fastcgi/docs/mod_fastcgi.html#FastCgiServer <-
<\sh> Alblasco1702, sorry..wrong nick
<\sh> alex88, http://www.fastcgi.com/mod_fastcgi/docs/mod_fastcgi.html#FastCgiServer ;)
<\sh> alex88, there is a hint on "-processes n"
<MasterZuFu> Hello everyone :). I have ubuntu 10.04 as my server with linode.com. I'm trying to get my web server to work on it. I just ran this: apt-get install exim4. How do i test to verify if the mail server is actually online without having to send an email?
<alex88> \sh: looking at.. thank you
<alex88> MasterZuFu: sudo netstat -tapn
<alex88> look at port 25
<MasterZuFu> tcp 0  0 127.0.0.1:25    0.0.0.0:*    LISTEN  and tcp6  0  0 ::1:25   :::*  LISTEN   means it's working then right?
<MasterZuFu> hmmmmm.... alex88: I seem to see that the server is running. I have a mybb forum running on my server also via apache. i tried to send myself an email from it 10 minutes ago, it still hasn't gotten here yet
<alex88> MasterZuFu: look at logs... /var/log/mail.info for me
<alex88> \sh: that's for the cli, not apache module
<MasterZuFu> it's empty
<alex88> so nothing has tried to send mails
<MasterZuFu> hmmmmm
<MasterZuFu> ok
<alex88> probably php tried to send via sendmail command
<alex88> try to use that as test
<blackthor> anyone ever had problems with raid 1 ?
<MasterZuFu> i don't know what the sendmail command is
<twb> !anybody >blackthor
<ubottu> blackthor, please see my private message
<blackthor> thank you twb;)
<blackthor> sorry for being unclear
<blackthor> i have a software raid-1 crash
<blackthor> one of 2 drives died
<blackthor> i seem to have lost 2 days of data
<blackthor> (booting from the remaining drive)
<twb> That doesn't make any sense.
<blackthor> all kinds of updates and changes are reverted back
<twb> RAID1 is a mirror, not a backup.
<blackthor> yes
<blackthor> it is very strange
<blackthor> it's the second time i am experiencing this
<twb> blackthor: what does /proc/mdstat have to say about it?
<blackthor> well,  the machine doesn't boot anymore with both drives hooked up
<blackthor> all md? are active 2/1
<blackthor> if i dig e.g. into syslog  i notice that the black hole takes place from may 27th 6am till today 9am
<blackthor> and i am 100% positive to have worked on that machine on  28th  (files are missing etc)
<blackthor> it weren't big files, the only explanation i am starting to think about is that the   write behind cache or buffer   hasn't been committed to the raid
<twb> In what way doesn't it boot with both drives?
<blackthor> but the weird part is, i have no warning at all
<blackthor> whileas in mdadm.conf:  MAILADDR root
<MasterZuFu> hmmmmmm......for some reason webmin isn't working. it says file not found O.o
<twb> MasterZuFu: webmin isn't supported.
<MasterZuFu> what is supported?
<blackthor> twb: other disk isn't detected anymore in bios
<twb> I suppose ebox is, but really we encourage people to learn the normal command-line tools.
<twb> blackthor: urk
<twb> blackthor: maybe your controller is borked?
<MasterZuFu> i don't have time to learn normal command-line tools when my website's down :)
<twb> Shrug.
<blackthor> hmmmm
<twb> blackthor: I haven't seen those symptoms before, so I'm just speculating.
<blackthor> perhaps
<blackthor> the same raid did the same thing 2 months ago
<blackthor> i replaced one drive and rebuilt
<MasterZuFu> doesn't make any sense why webmin isn't working >_> grrrrr
<blackthor> now it's the other drive that crashed
<twb> webmin doesn't work because it's shit code
<MasterZuFu> it worked before
<twb> No, it *appeared* to work.
<MasterZuFu> code shouldn't matter, and that's personal prefference
<MasterZuFu> i'm just trying to get my website at optimal functionality. ever since i moved from a shared host where i didn't have any chance to mess with the server and then to a dedicated host where i have a chance to mess with it I am learning how to install all these needed things myself. I didn't realize cpanel wasn't free and everyone told me to get webmin. so, i have it, it's installed, but it's not working
<MasterZuFu> that's after we did some serious work on apache though
<uvirtbot> New bug: #587858 in openssh (main) "update-motd executed even in non-interactive sessions" [Undecided,New] https://launchpad.net/bugs/587858
<MasterZuFu> i'm getting this error: http://pastebin.com/ywX7NHPr
<pmatulis> MasterZuFu: looks like port 10000 is already in use.  investigate that
<MasterZuFu> pmatulis, I already did. when i try to go to that port I get the error: "Error-File not found"
<MasterZuFu> hmmmmmm i think i know what might be the problem
<twb> webmin doesn't go via apache
<twb> By default it listens to all interfaces directly, allowing brute-force attacks from the internet :-/
<twb> Use ss or netstat to find out what process is currently bound to 10000
<MasterZuFu> when i first installed apache i put all my files in /root like an idiot. a friend of mine helped me sort t out to the proper location of /var/www/, there was a folder in that directory called "webmin". I think that may be the case that it's still pointed to /root instead of /var/www/
<twb> Well, /var/www is really hysterical raisins.  Somewhere in /srv/ would be the FHSly way to do it.
<pmatulis> MasterZuFu: webmin doesn't use apache.  it has it's own perl-based webserver
<MasterZuFu> i know that
<MasterZuFu> when i installed webmin there was a file in my main web files location, or directory i should say, named "webmin".
<MasterZuFu> i moved it
<MasterZuFu> now i have to find whatever file is pointing to that directory, and change it to the new one
<MasterZuFu> i think that's the issue maybe
<MasterZuFu> and /srv is empty
<twb> MasterZuFu: /srv is REQUIRED to be empty until you put things in it
<MasterZuFu> ok
<twb> It's reserved for the system administrator
<MasterZuFu> uh....i am the sysadmin
<twb> Which is why it's empty
<MasterZuFu> ok
<twb> I mean that packages aren't allowed to place files in there without asking you
<MasterZuFu> it might have asked me
<MasterZuFu> i dunno
<MasterZuFu> what file tells webmin where to look for all the files for it's functionality?
<MasterZuFu> i can't seem to find anything
<MasterZuFu> i'm in /etc/webmin/conf right now, it has this line in there: path=/bin:/usr/bin:/sbin:/usr/sbin:/usr/local/bin
<twb> You should probably ask #webmin (or whatever) for help with webmin
<MasterZuFu> no one's talking in #webmin
<twb> Then be patient
<RoyK> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system. See !ebox instead.
<pmatulis> MasterZuFu: doesn't it log error messages?
<MasterZuFu> i'm looking at them now
<pmatulis> MasterZuFu: that should have been your first step
<MasterZuFu> i'm still learning all this stuff
<MasterZuFu> 29852/apache2
<MasterZuFu> tcp        0      0 0.0.0.0:10000           0.0.0.0:*               LISTEN
<MasterZuFu> wtf?
<MasterZuFu> nvm
<RoyK> MasterZuFu: fuser -n tcp 10000
<twb> IMO webmin borks your system sufficiently that you might as well just reinstall
<MasterZuFu> 10000/tcp:           31435
<twb> (At which point you will learn to keep /home and /srv on separate partitions from /)
<MasterZuFu> yeah i'm just...lost. I've never really had to manage a server myself before. I always just used cpanel.
<twb> You could start by reading the Ubuntu Server Guide and the RUTE
<MasterZuFu> i wish i had the time to. I'm having to make time just to do this as it is. honestly webmin never really worked for me anyways, half the modules always said they weren't installed when they were. being that this is a new server and i'm having to set it up completely from scratch I'm having to learn the hard way on exactly what I actually need to have installed when running my website. i only just realized email didn't work and members couldn't
<twb> If you want to be a sysadmin, you will have to learn this
<MasterZuFu> i know that
<MasterZuFu> it's just difficult because 'm having to juggle so many things at once
<twb> If you know a good linux shop nearby, you could rent one of their sysadmins to help you get up to speed, then gradually take over responsibility yourself
<MasterZuFu> well...I've got a friend of mine who is an exclillent ubuntu sysadmin, he's just hardly ever on :P
<MasterZuFu> and i'm in japan :P and don't know the language lol, so i doubt i'll be finding any linux shops around here
<twb> tokyo?
<MasterZuFu> no, i'm in a smaller town, yokosuka
<twb> Hmph.  The .jp resident I know doesn't appear to be around, or I'd ask him to recommend one.
<MasterZuFu> it's quite alright. i'll figure it out. i'll just turn off activations required emails until i get this all sorted out. it's just a huge security risk to do so but if i don't i don't get any more members.
<blackthor> MasterZuFu: perhaps you should just buy a copy of  cPanel ;) it will save you a lot of headache, stress and time
<MasterZuFu> how much do they run?
<blackthor> or plesk
<twb> Is cpanel really suitable for a single-host VPS?
<wise_crypt> MasterZuFu: !webmin
<blackthor> donno, didn't know that was the point
<twb> I thought it was more for "so, I have a HPC and I want to rent out time on it to my customers"
<blackthor> i've used ispconfig before
<wise_crypt> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system. See !ebox instead.
<MasterZuFu> i know wise_crypt
<twb> wise_crypt: it's "!datum >user"
<wise_crypt> lol
<MasterZuFu> ok, well...i just sent a message to my friend. I guess I'll have to wait this out till he gets back online next time and can take a look at it.
<pmatulis> MasterZuFu: besides installing webmin, what are you trying to achieve with your Ubuntu server?
<pmatulis> (that we can help with)
<blackthor> getting xss security holes ;)
<MasterZuFu> well i was hoping webmin would help me fix my issue with the email
<MasterZuFu> plus i'm trying to install ssl and that's also giving me issues
<MasterZuFu> well hey folks, i really have to go. i have to get back to work. see you all later, thanks very much for the support :)
<uvirtbot> New bug: #587881 in php5 (main) "package libapache2-mod-php5 5.3.2-1ubuntu4.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 10" [Undecided,New] https://launchpad.net/bugs/587881
<sommer> morning
<kaushal> hi
<kaushal> I have a customized init shell script on 8.04 server after reboot it does not come up
<kaushal> Any clue ?
<sommer> any errors in /var/log/boot.log ?
<Jeeves_> kaushal: With init shell script you mean a script in /etc/init.d?
<kaushal> Jeeves_: yes
<Jeeves_> Dit you run update-rc.d ?
<kaushal> yes
<kaushal> I did update-rc.d resque defaults
<kaushal> resque is the name of the script
<Jeeves_> Hmm, ok.
<Jeeves_> And if you run /etc/init.d/resque start, everything is ok?
<kaushal> yes
<Jeeves_> Maybe you're using temporary directories that don't exist yet?
<kaushal> I dont use temporary directories
<Jeeves_> No pidfile?
<Jeeves_>  Are you using full paths?
<Jeeves_> Or are you depending on PATH?
<kaushal> I am using Absolute path
<Jeeves_> Hmm. That's odd than.
<Jeeves_> Can you pastbin your script?
<kaushal> sure
<kaushal> Jeeves_: http://fpaste.org/61qB/
<kaushal> Jeeves_: did you have a chance to look at it ?
<EtienneG> hggdh, how did the EBS testing went in the end?
<baccenfutter> hey, I want my internal DNS to resolv my DynDNS to the internal IP of the www server, rather than passing the request upwards
<baccenfutter> could anyone gimme hint on waht I am looking for?
<EtienneG> hggdh, got your comment in the bug, I see it is all good!
<Jeeves_> krssup: Sorry, I was afk.
<Jeeves_> Can you repaste?
<tarvid> dpkg-reconfigure php5-cli asks no questions
<kaushal> Jeeves_: sure
<tarvid> how can I get the default /etc/php
<kaushal> http://fpaste.org/yHnu/
<Jeeves_> kaushal: Maybe you should add 'set -e' and exit with explicit exit codes?
<Jeeves_> 0 on success and 1 on failure
<kaushal> Jeeves_: please let me know on that bash script ?
<kaushal> I mean pastebin
<cybrocop_> Hello All. Is there a known issue where Eucalyptus cannot use a bukkits directory that is mounted via SMB?
<Jeeves_> http://fpaste.org/FZpx/
<kaushal> Jeeves_: so do i need to run it by hand ?
<kaushal> or check it while booting ?
<Jeeves_> kaushal: No, it should work while booting
<kaushal> oh ok
<Jeeves_> (if it depends on this script)
<kaushal> what does set -e do ?
<Jeeves_> No clue what the thing you're starting does :)
<kaushal> Jeeves_: is there a way to know why it did not come up ?
<Jeeves_> kaushal: Add debugging to it
<Jeeves_> echo some more
<tarvid> any way to reconfigure php5 to distribution defaults?
<kaushal> Jeeves_: it did not worked
<Jeeves_> tarvid: 'apt-get remove --purge' 'apt-get install' ?
<Jeeves_> kaushal: Did you see any debugging while booting?
<kaushal> Jeeves_: can i redirect any error to a file ?
<tarvid> why does dpkg-reconfigure php5 not ask questions?
<kaushal> Jeeves_: since my server is a remote server
<kaushal> and I am not able to see the console
<Jeeves_> kaushal: You can echo to a file from the script
<kaushal> Jeeves_: it worked
<Jeeves_> tarvid: What should it ask?
<kaushal> Let me pastebin it
<tarvid> whether to keep existing configuration or install distribution default
<kaushal> Jeeves_: http://fpaste.org/fFgY/
<Jeeves_> kaushal: Ok, and you see stuff in /root/status?
<kaushal> yes
<tarvid> after removing php5, install php5 does not recreate /etc/php5
<kaushal> I see 06:47:03 up 0 min,  0 users,  load average: 0.44, 0.10, 0.03
<Jeeves_> tarvid: You should purge all php5 packages, remove /etc/php5 and reinstall them
<Jeeves_> At least, that's how I doe it
<Jeeves_> Obviously, there migt be more efficient methods
<tarvid> dpkg-reconfigure php5 should do that
<Jeeves_> No, it shouldn't
<tarvid> why not?
<Jeeves_> Or else it would, and it doesn't, so it shouldn't
<tarvid> The following packages will be REMOVED:
<tarvid>   freeradius-dialupadmin* libapache2-mod-php5* php5* php5-cli* php5-common*
<tarvid>   php5-gd* php5-imap* php5-mcrypt* php5-mysql* php5-xcache* phpmyadmin*
<kaushal> Jeeves_: any further suggestion ?
<tarvid> rather destructive
<hggdh> EtienneG: I think you will have to restart your SC ;-)
<EtienneG> hggdh, ah ... why so?  you found a mem leak?
<Jeeves_> kaushal: Yes, the script you're calling doesn't work :)
<hggdh> EtienneG: I do not know, no shell access. But after allocating about 513 volumes, all calls to euca-describe-volumes take forever, and then return errors
<EtienneG> hggdh, I see ... is there anything I could check to help troubleshoot that?
<hggdh> EtienneG: yes, the SC logs, plus a 'ls -l /var/lib/eucalyptus/volumes' -- thank you BTW
<hggdh> zul, today is a holiday is the US...
<zul> hggdh: right i forgot enjoy your day "off" :0
<kaushal> Jeeves_: where do i seek help ?
<hggdh> zul: sorry. But I will get to them euca bug tomorrow
<zul> hggdh: no problem
<Jeeves_> kaushal: The author of the script you're calling or the product you're using
<cybrocop_> Hi.. can anyone help me with debugging a Eucalyptus issue?
<tarvid> PHP Deprecated:  Comments starting with '#' are deprecated in /etc/php5/cli/conf.d/imap.ini on line 1 in Unknown on line 0
<tarvid> PHP Deprecated:  Comments starting with '#' are deprecated in /etc/php5/cli/conf.d/mcrypt.ini on line 1 in Unknown on line 0
<tarvid> Hello World!
<tarvid> and phpMyAdmin is now broken
<tarvid> Cannot load mysqli  extension. Please check your PHP configuration
<tarvid> No wonder people are switching back to php5.2
<tarvid> similar issues with python
<VadimCK> sup lads, i have a ubuntu server acting as a gateway with shorewall, is there a way to redirect a certain url to a remote http proxy? the remote proxy has authentication on it? maybe setup a local transparent proxy and redirect port 80 to it and have a rule in local squid to redirect to remote proxy? anybody know squid well enough is this possible?
<bogeyd6-> VadimCK, setup a static route
<VadimCK> i can do the shorewall redirect to local proxy
<bogeyd6-> VadimCK, setup static route, put the squid into transparent mode to put everything through that remote proxy
<bogeyd6-> put up a virtual image of that squid and you wont need any extra hardware either.
<VadimCK> the remote squid needs to have auth
<bogeyd6-> it will still ask for the authentication
<VadimCK> is it possible to get the local squid to redirect to a remote squid?
<kaushal> Jeeves_: You around ?
<bogeyd6-> VadimCK, both will be in transparent mode, so you just set your gateway accordingly
<VadimCK> but the remote has to have auth
<VadimCK> its on the internet
<VadimCK> it was my understanding that transparent meant no auth
<VadimCK> am i mistaken?
<bogeyd6-> VadimCK, i keep forgetting you need auth
<VadimCK> ill look through the squid documentation there must be a forwarding rule
<VadimCK> for load balancing etc..
<blackthor> i want to find out which raid controller is used in my machine,  of course, dmesg is truncated.   how can i see what hardware is in it ?
<blackthor> (commandline)
<blackthor> cat /proc/bus/pci/devices ?
<blackthor> that doesn't reveal much..
<VadimCK> what type of interface is on the RAID controller blackthor ?
<blackthor> probably sata
<VadimCK> board side
<VadimCK> pci
<VadimCK> pci-e
<blackthor> no idea, it's a machine in a datacenter
<VadimCK> lspci will list your pic devices
<VadimCK> *pci
<blackthor> aha!
<blackthor> ok that was what i was looking for!
<blackthor> thank you;)
<VadimCK> no problem, glad to help
<blackthor> and another question,  how can i convert timestamps such as  [22215797.203452]  to the actual date they happened ?
<VadimCK> date --date=@22215797.203452
<VadimCK> should do it
<blackthor> and is there a way to switch that syslog timestamps it back to the "old" style setting?
<blackthor> (i reckon this was done for multicore systems?)
<VadimCK> its unix time so its standard for linux logs
<VadimCK> to change it im not sure
<SuperLag> back
<bogeyd6-> wb SuperLag
<SuperLag> sorry
<SuperLag> that was *not* intentional
<\sh> anyone who is using PXE + kernel NFSROOT booting...did you try out to set the DEVICE=eth0 in /etc/initramfs-tools/initramfs.conf  to DEVICE=all to have dhcp requests on all interfaces?
<MTecknology> Is there any wrapper vm builder script for building rhel vm's?
<m_tadeu> hi...I installed mysql-server and it's running. the problem is that the port doesn't show up in nmap/netstat, so I can't connect from a remote machine
<mathiaz> m_tadeu: look at the configuration file, /etc/mysql/my.cnf
<mathiaz> m_tadeu: mysql binds to the loopback interface by default (or socket)
<m_tadeu> mathiaz: it's using a socket located at /vat/run/mysqld/mysqld.sock, as usual...
<mathiaz> m_tadeu: you need to configure mysqld to listen on the network interface as it doesn't by default
<mathiaz> m_tadeu: this is done in my.cnf
<RoyK> mathiaz: I thought recent versions of ubuntu used ip by default, but only bound to localhost
<m_tadeu> RoyK: in deed my bind address is 127.0.0.1
<m_tadeu> I'm comparing with my.conf in my laptop and they look the same...
<RoyK> m_tadeu: then IP should work from localhost, but not from elsewhere
<m_tadeu> RoyK: so what should I set in the ip
<jeeves_Moss> how can I harden up SSH?  I've got some guy from .tw doing a dictionary attack for username
<KurtKraut> Jeeves_, using a non-default port fixes 80% of the invasion attemps.
<jeeves_Moss> KurtKraut, true, but that's kinda not the point with this one.  is there a way to ignore connection attemps from an IP after "x#" of failed logins?
<RoyK> m_tadeu: just remove the line or set it to 0.0.0.0 to allow it to listen to all addresses
<RoyK> jeeves_Moss: apt-get install fail2ban - configure it...
<m_tadeu> RoyK: oki....thanx :)
<kaushal> hi
<kaushal> Any clue to my query ?
<jeeves_Moss> RoyK, thanks.  will that do what I need?
<KurtKraut> Jeeves_, yes. The package denyhosts does this job.
<RoyK> jeeves_Moss: it blocks incoming requests from a given host/protocol if login attempts fail repeatedly
<jeeves_Moss> RoyK, PERFeCT!!  Thanks
<RoyK> it just parses the logs and adds an iptable block for that host/port in case if repeated failure
<kaushal> I have posted it to the ubuntu-server mailing list
<kaushal> Shall i repeat it here ?
<RoyK> kaushal: pastebin your problem or link to the post
<kaushal> sure
<jeeves_Moss> RoyK, great.  thanks.  I'm sitting here watching the log, and I see it's going through user names.  There is only ONE account that's allowed SSH login anyways
<kaushal> RoyK, https://lists.ubuntu.com/archives/ubuntu-server/2010-May/004246.html
<RoyK> jeeves_Moss: just try fail2ban - works for me :)
<blue-frog> jeeves_Moss, fail2ba. no need to make your server work for nothing
<jeeves_Moss> this is TRUE
<jeeves_Moss> I had a SALA setup issue last week, and someone figured it out to mass mail and backscatter
<blue-frog> jeeves_Moss, sed -i '/bantime/s/600/-1/' /etc/fail2ban/jail.conf  will put unlimited ban. dangerous if ssh is your onlay way to connect to the server
<blue-frog> personally I don't care as I have a reconvery console in case ssh is not available
<jeeves_Moss> blue-frog, I've got 2 diff ways into the box, and a third from the inside
<blue-frog> then unlimited ban is for you
<jeeves_Moss> perfect!!!  it stopped that noise!
<blue-frog> fail2ban will do more than ssh. check /etc/fail2ban/jail.conf to see what is protected
<jeeves_Moss> thanks again guys!
<kaushal> RoyK, Did you had a chance to read my post ?
<RoyK> I did, but I don't really have an answer
<RoyK> sorry
<kaushal> RoyK, where do i seek help ?
<RoyK> just wait for a reply
<kaushal> you mean on the same post ?
<RoyK> kaushal: have you liked this script to /etc/rc2.d?
<uvirtbot> New bug: #587976 in samba (main) "Panic or segfault in Samba" [Undecided,New] https://launchpad.net/bugs/587976
<kaushal> RoyK, ?
<RoyK> kaushal: ubuntu doesn't run anything under /etc/init.d unless it's symlinked to /etc/rc2.d
<RoyK> take a look at 'ls -l /etc/rc2.d'
<kaushal> RoyK, http://fpaste.org/fYD0/
<RoyK> perhaps try to move them to somewhere later
<RoyK> S95, perhaps
<kaushal> RoyK, how do i do it ?
<kaushal> I mean S95
<RoyK> cd /etc/rc2.d; mv S20resque S95resque
<RoyK> etc
<kaushal> oh ok
<kaushal> what does 95 means ?
<RoyK> it's just a number defining the order
<RoyK> S01 is executed first
<RoyK> etc
<kaushal> please give me a moment
<kaushal> and will update you
<kaushal> RoyK, shall i reboot and check now ?
<RoyK> yes
<kaushal> RoyK, no luck
<RoyK> check the logs
<kaushal> (Nothing has been logged yet.) in the boot
<kaushal> under /var/log/boot
<RoyK> /var/log/messages?
<kaushal> RoyK, nothing there too
 * RoyK somehow wants to put a ban on all .il users
<kaushal> RoyK, Any further suggestions ?
<RoyK> not really
<RoyK> if the script works from the command line, it should work on boot
<kaushal> yeah
<kaushal> its weird
<EtienneG> zul, are you the one working on the iSCSI target daemon, as discussed in the seed review a tlast UDS?
<zul> EtienneG: werent you suppose to send me an email to remind me?
<EtienneG> zul, would an IRC poke be enough?  ;)
<EtienneG> zul, j/k
<zul> EtienneG: yeah I can look at it this week
<EtienneG> zul, from what I see, tgt needs 1. an MIR, and 2. an upstart job
<zul> EtienneG: which one was it again?
<EtienneG> zul, do you want me to tile a bug on the upstart job?
<zul> EtienneG: please
<EtienneG> zul, it was either tgt or iscsitarget
<zul> EtienneG: gotcha
<EtienneG> zul, we settled upon tgt
<zul> EtienneG: sounds familar ;)
<EtienneG> zul, I will file a bug on the upstart job.  Should/can I file a bug for MIR?
<zul> EtienneG: please and assign it to me
<EtienneG> zul, ok!
<EtienneG> zul, thanks dude!
<zul> EtienneG: mp
<EtienneG> someone already filed a bug for the upstart job part
<EtienneG> zul, looking at the Gobby notes from the seed review session, there is no mention of tgt or iSCSI in general
<zul> EtienneG: yeah I think it was a pseudo hall way conversation
<EtienneG> zul, I cannot remember: was that discussed in another session?
<EtienneG> zul, hurm, ok then.  Should we bring this up in the server meeting?
<zul> EtienneG: sounds like a good idea
<EtienneG> alternatively, if the MIR can wait a few weeks, I can take care of it in early June
<EtienneG> err, *July, even
<kaushal> https://lists.ubuntu.com/archives/ubuntu-server/2010-May/004246.html
<kaushal> Please suggest ?
<zul> EtienneG: ok just let me know again and Ill do the upstart job
<EtienneG> zul, I have assigned the already existing upstart job bug to you, so it will stay on your radar
<zul> EtienneG: thanks
<MTecknology> How do I use libvirt to create a VM using an ISO?
<MTecknology> !kvm
<ubottu> kvm is the preferred virtualization approach in Ubuntu. For more information see https://help.ubuntu.com/community/KVM
<JanC> MTecknology: plain libvirt or virt-manager (with the latter it's very easy, if you have a GUI)
<MTecknology> JanC: I was trying with virt-manager and it was kicking my butt - I just started looking at virt-install
<MTecknology> ji think gui and I just don't get along..
<ChmEarl> MTecknology, it's easier to use kvm --help: kvm -hdc myiso.iso -boot d -net user -net nic,model=rtl8139 -m 512 etc
<ChmEarl> and pass -hda /path-to/file.img
<MTecknology> ChmEarl: thanks - I never caught onto kvm being a command
<ChmEarl> MTecknology, its far more intuitive as a cmd. Might want to pass it -vnc too, then use vncviewer :0 &
<MTecknology> thanks :)
<ChmEarl> MTecknology, once you use virt-manager it will log your VM builds as commands. So hack its logs and see how it builds commands
<ChmEarl> MTecknology,  find /var/log/qemu -name 'myVM'
<MTecknology> nifty
<MTecknology> ChmEarl: I'm not seeing where to saet the network card to the bridged interface - it's usually --bridge=br0 or something similar - how do I do it with kvm?
<ChmEarl> like -net tap
<ChmEarl> I have to look it up
<MTecknology> -net tap,ifname=br0 ?
<MTecknology> ro maybe s/ifname/fd/ ?
<ChmEarl> MTecknology, if your bridge is defined (#brctl show) its all automagic with -net tap
<ChmEarl> no ifname token is needed
<MTecknology> yay
<MTecknology> ChmEarl: how far off am I with this? http://dpaste.com/201551/
<ChmEarl> MTecknology, add a port to -vnc, like -vnc :0
<ChmEarl> you want to pixie boot the first time you use kvm?
<ChmEarl> with a port to vnc the -net will parse OK
<ChmEarl> add -boot d
<ChmEarl> wait unless the pxe bios implies otherwise
<ChmEarl> MTecknology, the pxe bios is usually found in /usr/share/kvm : not sure about karmic/lucid
<ChmEarl> MTecknology, you may need a script for qemu-ifup.. lots of examples for using br0
<n8w> how do i run /proc/sys/vm/drop_caches as a nonroot?
<ChmEarl> MTecknology, see if your OS has /etc/qemu-ifup... ubuntu should have it
<scar> would having a gigabit switch between two machines, containing at least a few virtual machines mirrored with DRBD, increase performance or not so much?
<MTecknology> ChmEarl: sorry - had to run
<edan> hey, i'm trying to install the samba package using a simple "apt-get install samba", it unpacks OK but then it says "start: Job failed to start", any ideas?
<edan> i've also tried downloading the deb package from samba's website and installing manually with dpkg but i get the same error ^_^
<azteech> if I recall, samba usually is started by a daemon .. have to go to System > Preferences > Start Applications to have the service start when the computer starts
<MTecknology> vmbuilder <hypervisor> <distro> [OPTIONS]...    <distro>      Distribution. Valid options: ubuntu
<MTecknology> many choices :P
<edan> thanks for the reply :) unfortunately it doesn't get that far in the installation, on the previous line it says "smbd start /running, process 2431", not sure what smbd even is
<azteech> smbd is the samba daemon ...
<azteech> !smbd
<edan> ah ok, i was expecting to find a manual startup in /etc/init.d/samba but there is nothing there
<edan> and it doesn't appear under Startup Applications either btw
<azteech> don't have samba running on my desktop ... so, can't verify one way or the other ... but, if you run top, you should see smbd running as process 2431 ... or another process id ..
<azteech> the man pages for smbd should have all the info you need ...
<edan> ah, just checked the smbd man, and it's just one part of the samba suite
<edan> so it's probably not completely the whole install as smbd is running
<edan> thanks a lot :)
<MTecknology> With vm-builder, --bridge=br0 works exactly as expected - with virt-install --bridge=br0 doesn't make networking work in centos
<MTecknology> this is really really starting to irk me...
<MTecknology> For this I get Device model: Hypervisor default - in every other machine made my vm-builder virt-manager shows it as being Device model: virtio ...
<MTecknology> I have it coming up as a virtio device now .. but now no networking is possible... grr
<deslector> hi, I want to have dhcp+dns and have one update the other automagically... what is the recommended way to do that on ubuntu server? On the server guide I only see a reference to Bind and DHCPD, but I think it may be overkill...
<deslector> should I just use dnsmasq? any ideas?
<julianc> dnsmasq is the easiest way to have them mesh.
<julianc> If you only need the basics of both, you should be fine.
#ubuntu-server 2010-06-01
<deslector> julianc, ok, thanks
<cloakable> dnsmasq is great :)
<gop_> how do I mount a freenas smb share, and keep it mounted even after reboot
<deslector> gop_, hmm.. /etc/fstab ?
<gop_> thanks
<gop_> deslector what do you mean /etc/fstab
<deslector> gop_, sorry, you should edit /etc/fstab so that the share gets mounted automatically at startup
<deslector> gop_, https://help.ubuntu.com/community/Fstab
<gop_> k
<gop_> thaknks
<gop_> smbfs
<edwin-sv> hello, how can i repair a bad superblock error in a ubuntu dapper server (sorry, i know that it's a too old release, but i am new in this place :p )
<MTecknology> Any of you ever try to put centos on top of kvm? It mostly works but the networking part is being a massive pita...
<edwin-sv> the HD has errors and after pass a fsck -p command, do not recognize the filesystem and grub presents an error 17 :(
<MTecknology> edwin-sv: http://docs.sun.com/app/docs/doc/805-7228/6j6q7uf0i?a=view
<MTecknology> edwin-sv: seems to be what you're looking for
<edwin-sv> thanx MTecknology, i will try :)
<MTecknology> if grub is complaining - You may need to reinstall grub after fixing this
<MTecknology> also... get a new drive - drive errors are usually a bad omen
<edwin-sv> ok, i will try that too...
<MTecknology> !grub
<ubottu> grub is the default boot manager for Ubuntu releases before Karmic (9.10). Lost GRUB after installing Windows? See https://help.ubuntu.com/community/RestoreGrub - GRUB how-tos: https://help.ubuntu.com/community/GrubHowto - See !grub2 for Karmic onwards.
<MTecknology> check out the restore link
<edwin-sv> MTecknology: the command newfs isn't present in ubuntu :(  (Display the superblock values with the newfs -N command)
<edwin-sv> what can i use instead of newfs?
<MTecknology> lemme research google :P
<MTecknology> edwin-sv: what's the exact error
<MTecknology> http://www.cyberciti.biz/faq/recover-bad-superblock-from-corrupted-partition/
<edwin-sv> i try to mount the /dev/sda2 where the system is but it says that i must specify the type of filesystem and when i do that says that there is a bad superblock error
<edwin-sv> a bad superblock on /dev/sda2
<edwin-sv> MTecknology: when i run dumpe2fs /dev/sda2 says "couldnt find valid filesystem superblock" and it suposed says the number of my superblock /dev/sda2
<edwin-sv> i didn't get the output (or similar) like in the example :s
<MTecknology> edwin-sv: replace the drive and restore from backup would probly make the most sense..
<MTecknology> i'm not much of a recovery expert - best i could say is spinrite might save you long enough to recover data
<edwin-sv> the last employee that was watching linux server didn't backup of this drive, as i mentioned early i am new here and i found everything as is :S :$
<MTecknology> spinrite is probably your best save - but it takes a while
<MTecknology> If any of you are smart with kvm - I could really really use some help
<failover> My fastcgi with php on lucid, crash after a few hours of use.
<twb> failover: did you check the logs?
<failover> i 'm not sure at what log file should i look...
<twb> Everything in /var/log
<twb> Sort by time to see what logs have been updated recently.
<twb> And try looking for keywords like "php" or "apache" or whatever.
<skrite> is there a way, if i have a server running a few different services, that i can give resource priority to one service? i run a web, mail, and ivr server. when the system is busy, the ivr gets jittery.
<failover> ok,  twb, i will check the logs
<twb> skrite: you probably want nice(1) for CPU and ionice(1) for I/O.
<twb> These can and should be assigned indirectly via start-stop-daemon(8) where the init script uses that layer.
<skrite> twb, thanks
<skrite> if nice is not declared for a service, is there a nice level that Linux assumes for it?
<twb> IIRC the default niceness is 0 or 10
<twb> The manpage should say so
<skrite> of course, thanks
<failover> Nothing relevant on logs. My fcgi crash on lucid, but when i was using karmic the same happen.
<uvirtbot> New bug: #588104 in bacula (main) "package bacula-director-mysql 5.0.1-1ubuntu1 failed to install/upgrade: ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)" [Undecided,New] https://launchpad.net/bugs/588104
<tucemiux> is this a good line to have in your /etc/passwd: nobody:x:65534:65534:nobody:/nonexistent:/bin/s
<twb> That's normal.
<twb> Why d you ask?
<twb> tucemiux: why do you ask?
<tucemiux> twb, because I'm looking at some tips on how to secure my ubuntu server and theyre talkinb about making sure user nobody doesnt have a shell
<twb> And why do they say to do that?
<tucemiux> twb, because user nobody is not supposed to have a shell and I am wondering if that's true and if I should remove the shell from user nobody on my server
<twb> Why do you think nobody shouldn't have a shell?
<twb> Oh, sorry, I miread you
<tucemiux> yeah thats ok
<twb> I think you could set it to /bin/false and nothing would break
<twb> But I wouldn't bother -- there are doubtless far more important things to lock down
<tucemiux> twb, im thinking on setting it to /dev/null - would that break anything?
<twb> Like: don't run PHP applications, don't allow password-based SSH access, etc.
<twb> tucemiux: I believe /bin/false is the convention
<tucemiux> twb, but what if a hacker creates a /bin/false? I would rather use /dev/null but I dont know if that'll break anything, i just installed ubuntu server and am learning along the way, my ssh and web server are up and running flawlessly
<tucemiux> I am also very worried about this line: Successful su for www-data by root
<tucemiux> twb, i guess Successful su for ww-data by root is nothing to worry about?
<twb> That sounds like you started apache and it relinquished its root privileges
<tucemiux> I'm using lighthtpd by the way, lighthttpd uses www-var
<tucemiux> twb, what's the password for root?  Since it looks like there is a root user on my server: root:x:0:0:root:/root:/bin/bash
<twb> root has no password.
<tucemiux> dawn
<tucemiux> good thing i disabled passwordless ssh logins but unfortunate for me, I didnt disable root login unti an hour ago and restarted my ssh server
<SpamapS> tucemiux: you should have a user capable of sudoing to root though.
<tucemiux> SpamapS,  yes i can sudo to root, im just wondering why there is a root user and what is the password, thats all
<SpamapS> tucemiux: oh there's usually not a root password... its designed to reduce your risk and teach you not to do things as root mostly. ;)
<tucemiux> SpamapS, basically, if an unauthorized user is able to gain access to my machine, would they be able to grant themselves root access, im new at this, if you know of any resources thatll help me explain that stuff i will greatly appreciate it
<SpamapS> tucemiux: you'd have to really screw things up to make that possible.
<tucemiux> SpamapS, i actually did, the good thing is that i didnt allow empty passwords for ssh but I did allow root logins :-(  At least I changed the default port
<twb> pam shouldn't allow empty passwords from insecure ttys in any case
<twb> But root's password isn't the null (empty) password -- it DOESN'T HAVE a password.
<tucemiux> twb, thanks for the clarification, i can sleep well now -- im going to research about denyhosts and keep reading a tutorial i found to secure my ubuntu server
<twb> denyhosts blows.
<twb> IMO it's better for netfilter rules to recognize and tarpit brute-force attacks, than to periodically scan log files for attackers and append to an ipset table.
<tucemiux> twb, netfilet rules?  Is it like ip tables?
<twb> iptables is the user interface to netfilter.
<SpamapS> I like denyhosts.
<SpamapS> I believe it can be changed to execute any command you want to update the local deny listing
<SpamapS> hosts.deny is just its default
<SpamapS> I do wonder if this starts to hurt performance at some point...
<SpamapS> $ wc -l /etc/hosts.deny
<SpamapS> 44289 /etc/hosts.deny
<twb> Well, Wietse's tcpwrappers will complete more of the handshake before hanging up
<twb> Compared to an ipset(8) IP hash, I mean.
<tucemiux> twb, can i use netfilter through ssh?  My server is headless
<twb> tucemiux: sure.
<tucemiux> twb, im already using fail2ban,  should I use netfilter as well?
<twb> They do the same job.
<twb> It's just a matter of having a hard-coded netfilter rule, vs. having an active log-scanner that edits netfilter (or ipset) rules.
<tucemiux> twb, thanks I guess I'll stay with fail2ban then
<tucemiux> twb, do you have any recommendations or any resources I can read or for someone who plans on using ubuntu server to have his own ssh, web, and maybe e-mail server @ home?
<twb> the ubuntu server guide
<twb> Hosting your own mail server is almost certainly not worth the effort
<twb> Unless you're doing it for pedagogical reasons, of course...
<tucemiux> twb, hosting your own e-mail server is not worth the effort? what makes you say that?
<twb> Because it's a major pain in the arse.
<tucemiux> and that's a big mighty word you used back there you got me lost in the middle somewhere :-(
<twb> I'm sure you can find a dictionary if you care enough
<tucemiux> twb, so if I create my own domain as in, mineown.com,  how am I supposed to get e-mail addresses in the form of someone@mineown.com and where would the e-mail server be?
<twb> You pay someone like google to do it for you.
<tucemiux> twb,  ok so what is the part that is difficult with a e-mail server ?
<twb> Hosting your MX records somewhere, setting up a secondary MX, setting up greylisting, making sure you're not an open relay, dealing with being RBLd, etc.
<twb> Oh, and don't forget dealing with ISPs that block 25 on residential plans
<twb> If you had 100 users it might be worth it; for a single-user home network it isn't.
<tucemiux> twb, optimum online offers a service where they open port 80 and port 25 for you and it only costs about $10 a month
<twb> Shrug
<twb> A whole VPS doesn't cost much more than that, IIRC
<SpamapS> these days I still host my vanity domains, but I do not do the MX work.. I leave that up to a barracuda anti-spam appliance that my hosting company provides
<twb> Oh yeah, another issue is of course that when your home network goes down, you lose mail (unless/until the other MTAs resend it).
<SpamapS> yeah I don't believe having servers at home is a) fun or b) ecologically friendly
<SpamapS> Unless they're "servers"
<SpamapS> or you have green power at home.. :)
<twb> SpamapS: I got rid of mine when I realized it was a glorified NAS with an internet-facing httpd on it.  Now I just plug the disk into the back of my OpenWRT and (ab)use busybox httpd.  Nice and solid-state.
<tucemiux> SpamapS,  I have a headless pentium III dua processor machine, does that count ?
<SpamapS> twb: nice. :)
<SpamapS> tucemiux: no, probably chomping down 1kw of power just to spin those old fans and disks. ;)
<twb> Pentium IIIs do have a relatively good power profile, though
<SpamapS> tucemiux: though reusing it *does* prevent waste.. so it may be a wash.
<twb> Probably not as good as a modern MIPS or ARM or Atom/Geode, though.
<SpamapS> True I recall the P3 just died because it was too inflexible to be moved up in clock rate or down in interconnect size.
<tucemiux> twb, i can use a router to host a web site?  I''m using tomato on my router, can I use that to host a web site?
<twb> tucemiux: you can do anything with anything.
<tucemiux> twb, i mean, what youre doing nowadays, youre using your router to host a web site? How does that work?  Itll be awesome if I can do it at home with my router as well, it has the capabilities
<twb> tucemiux: er, you just run an httpd
<tucemiux> twb, ok so i just a daemon on the server and then what?  I plug a USB device into the router?  Or can I point the router to use a HD in another machine?
<twb> That's something you'll have to discuss with the tomato people
<tucemiux> twb, I was talking about what you do, I can actually flash my router with OpenWRT
<joebob> I have a degraded raid array. i don't know if the disk is bad. do I risk bad things if I try to add the drive back into the array?
<joebob> raid 1 btw
<SpamapS> joebob: probably
<SpamapS> joebob: what caused the drive to be marked as bad?
<joebob> SpamapS, not sure. mdadm detail shows Spare Devices : 0 Failed Devices : 0
<SpamapS> joebob: look in your kernel log.. maybe just try 'dmesg' first
<joebob> says the second drive was "removed"
<joebob> SpamapS, what am I looking for?
<SpamapS> joebob: anything about the drive
<SpamapS> joebob: you can also try 'sudo less /var/log/syslog' ... possible that mdadm or smartd printed messages that won't be in dmesg
<joebob> SpamapS, http://pastebin.com/3r6CUQBj
<SpamapS> joebob: ahh, so did you forcibly turn off your machine or have a kernel panic, anything like that?
<SpamapS> joebob: its entirely possible that things are fine given that scenario.. you just need to re-add it.
<joebob> SpamapS, had some power outages recently. just noticed tonight. could have been this way for a month
<joebob> SpamapS, do I need to do : sfdisk -d /dev/sda | sfdisk /dev/sdb? or can I just try to add it again?
<SpamapS> joebob: you only need to do that sfdisk step if you are afraid that the partition tables got out of sync for some reason
<joebob> SpamapS, no not. so how do I add it back in?
<twb> joebob: you should first be asking smartctl and hdparm/sdparm for info about the drive
<twb> Particularly, run a short test and maybe a long test over the dodgy drive.  If they come back with any errors, get a new drive.
<SpamapS> honestly if the data is worth any money at all, just buy a new drive. ;)
<twb> If you're physically proximal, also check that the drives have proper airflow and are separated by a gap.  I see a lot of RAID1 arrays where the drives are one atop the other, and the top one dies.
<twb> SpamapS: certainly a good rule of thumb.
<joebob> SpamapS twb , ok will do thx
<SpamapS> One of my favorite WTF's of all time was when I started at [insert previous employer] and notied a yellow drive light on a very expensive disk array..
<SpamapS> the admin I was replacing goes "Oh yeah, they do that sometimes, just do this" and pulls it out, counts to 3, pushes it back in. "We'll make sure its green again when we leave, usually takes just a few minutes"
<twb> We do that :-(
<twb> If it comes up bad twice in a row, then you are confident that its *really* hosed, not just a stupid firmware
<SpamapS> Best part was two weeks later when he was gone and I contacted the drive array maker to get 3 replacement drives, they informed me that the company had fallen off support, the drives had special firmware, and w/o support the drives would be $3k each.
<twb> ahaha
<SpamapS> I informed the president of the company that we needed to spend $9k plus $1k for a tech to come out and verify the array, or the db server might die at any moment.
<twb> My customers "can't justify" the expense of support contracts
<SpamapS> Guess what happened 4 months later, when we were still on the bad drives?
<twb> Which is why I always tell them "OK, first you should call your support number and ask them.  Otherwise I'll charge time and materials and be RTFSing all week."
<twb> SpamapS: fortunately your tape backup was only two, not five years, out of date!
<SpamapS> A new admin was in the cage, brought a new SCSI disk with him, went to replace 1 of the two failed drives (it was a 6 disk RAID5 w/ 1 hot spare)... but he accidentally pulled one of the green drives.
<SpamapS> so the array supporting the database, but not the transaction logs, failed....
<SpamapS> which would have been *FINE*
<twb> ahaga
<SpamapS> there was a snapshot from 2 days earlier... and transaction logs up to the point in time of idiocy
<twb> I love when the monkeys do that
<SpamapS> but then he makes is REAL genius move
<twb> cf. molly-guard
<SpamapS> "the Array won't come up, I'm rebooting the array"
<SpamapS> meanwhile I'm at home w/ 103F fever.. I'm like "sounds like a bad idea, call the mfgr, pay the support cost and get them out there dude"
<SpamapS> nope, he reboots the array, which he discovers is impossible, because it has battery backups..
<SpamapS> so he disconnects the power
<SpamapS> wiping out the disk configuration..
<SpamapS> and the binlogs
<SpamapS> 2 days of database transactions, lost
<SpamapS> and actually, 3 more days of another database's transactions lost because it was 'less important' and only backed up once per week
<twb> Out of curiosity, what was this, db2?
<SpamapS> Mysql
<twb> Ahahahaha
<SpamapS> on Sun
<SpamapS> but Sun was not the mfgr of the array
<twb> I'll never understand how mysql worms it way into enterprise environments.
<SpamapS> anyway... the best part was how they recovered the "less important" data, which was usernames + passwords
<SpamapS> mysql is simple
<SpamapS> if you understand its limitations, its fine
<twb> Hmph
<SpamapS> the way they recovered the usernames/passwords that were added / changed was genius.. they had support respond "Oh I'm sorry you can't access the account you created last week. Whats your email address? Ok, yes it seems the account data was locked, I can create a temporary password for you and have it emailed to the address on file." and then just sign them up right on the spot.
<SpamapS> If people knew it was happening they could have gotten free accounts, but who cares? nobody knew.
<SpamapS> 6 months there felt like 6 years
<SpamapS> twb: oh I forgot to laugh really hard at you calling them "enterprise" ;)
<twb> It means the women wear miniskirts, and the hardware looks expensive but is actually just painted sheets of plywood
<SpamapS> :)
<kaushal> hi
<trapmax> i have a referer to our website material, which is no longer in use. i also get some log-data regarding to this linking. any ideas on how to get te referring site to drop the link?
<twb> Unless you're talking about HTTP, it's "referrer"
<kaushal> can someone help me about https://lists.ubuntu.com/archives/ubuntu-server/2010-May/004246.html ?
<SpamapS> kaushal: when you say it doesn't start, what do you mean?
<kaushal> SpamapS: when i run it by hand using /etc/init.d/resqueweb start it works as expected but does not comeup automatically after boot up
<SpamapS> kaushal: does the service listen on a specific IP?
<kaushal> nope
<SpamapS> kaushal: anything in the boot log?
<kaushal> nope
<SpamapS> kaushal: so the service isn't even mentioned in /var/log/boot.log ?
<Jeeves_> kaushal: Ah, back again! :)
<kaushal> SpamapS: cat /var/log/boot
<kaushal> (Nothing has been logged yet.)
<SpamapS> kaushal: /var/log/boot.log
<e_t_> kaushal: you probably need to use the update-rc.d command to tell the computer to start it at boot. Take a look at this - http://www.debuntu.org/how-to-manage-services-with-update-rc.d
<Jeeves_> SpamapS: The init-script gets executed, it's just the service called from the init-script that doesn't work
<Jeeves_> e_t_: That's done.
<SpamapS> the mail formatting screwed up the scripts..
<SpamapS> impossible to tell where #'s are preceding a line if the next line is part of the comment or meant to be executed
<SpamapS> kaushal: again, nothing in /var/log/boot.log ?
<kaushal> SpamapS: nope
<kaushal> SpamapS: mail formatting ?
<kaushal> shall i pastebin all the scripts ?
<SpamapS> kaushal: It might help.. but I'd love to see some logs .. thats weird
<kaushal> sure
<kaushal> SpamapS: please give me a moment
<alktors> Hello! I have a spare computer and I would like to install ubuntu server version on it. Does it have a gui or it is text based?
<kaushal> SpamapS: http://fpaste.org/L5BY/
<e_t_> alktors: Ubuntu Server is text-based, though you are free to install a gui if you want. Alternately, you can add server packages to Ubuntu desktop.
<alktors> e_t_,  Thanks for replying, I want to make a nexuiz server out of it. For example what do you type to get gnome?
<e_t_> alktors: I am not familiar with nexuiz. The easiest way to get a desktop is to install one of these: ubuntu-desktop, kubuntu-desktop,xubuntu-desktop. Either ubuntu or xubuntu will give you a GNOME desktop, though xubuntu will be somewhat lighter on resources.
<SpamapS> alktors: what is nexuiz?
<alktors> e_t_,  Ok, thanks so much! It's a open source shooter.
<SpamapS> kaushal: ok, thats a normal init script sure
<alktors> SpamapS,  It's an open source shooter.
<alktors> SpamapS, http://en.wikipedia.org/wiki/Nexuiz
<SpamapS> kaushal: however, if rc had run it, you'd see "Starting ResqueServer: " in /var/log/boot.log
<alktors> SpamapS,  It's really fun :)
 * SpamapS has been placating his gaming need w/ quakelive
<alktors> Thanks for the help e_t_
<SpamapS> alktors: for running as a server, just use ssh
<SpamapS> alktors: you don't need or want gnome. :)
<alktors> SpamapS,  I need to get used to the terminal...I'm not an advanced user:(
<SpamapS> alktors: its easier than you think
<SpamapS> alktors: and I'd be willing to bet that all you're going to be able to do with gnome is open a terminal
<SpamapS> alktors: to help w/ nexuiz I mean
<kaushal> SpamapS: i dont see anything in /var/log/boot file
<alktors> SpamapS,  :)
<SpamapS> alktors: whereas if you just run it w/ regular server settings, you can use putty from windows, or ssh from a mac/linux box, and you don't need to waste time connecting your server to any keyboard/mouse/video
<SpamapS> kaushal: */var/log/boot.log*
<SpamapS> kaushal: boot.log != boot
<alktors> SpamapS,  Ok, thanks. Well I will use ssh then, I migrated to linux for windows....and I have to say I'm so happy.
<alktors> SpamapS,  :)It's a bit hard until I get good enough to help myself but it shure deserves the effort.
<e_t_> alktors: I have to agree about SSH. It's amazing. Also, the best way to get practice on the command line is to use the command line.
<alktors> e_t_,  Hehehehe, yes I think you are right.
<kaushal> ws status
<SpamapS> kaushal: ?
<SpamapS> kaushal: I need to get some sleep.. unless you've got anymore?
<kaushal> SpamapS: yeah
<kaushal> I did replied to all your questions
<kaushal> Do you have something for me ?
<SpamapS> kaushal: I need you to look in /var/log/boot.log  not /var/log/boot
<SpamapS> kaushal: that should show the messages from your init script. If it doesn't, then your init script isn't running.
<SpamapS> kaushal: if they do show, then there's something broken in your start script that is requiring a terminal, and you should contact the resque developers. :-/
 * SpamapS passes out
<kaushal> SpamapS: is there a way to generate boot.log file ?
<SpamapS> kaushal: if its not there, then I don't know what to do. :-P
<tdn> I have set up a server with apt-proxy. I experience a few problems with it. (Using depricated Python modules, hangs sometimes, etc.) This made me read a bit up on the application. I got the impression that apt-proxy is a discontinued project. Is this the case? If so, what should I use instead? Apt-cacher? Or something else?
<e_t_> tdn: I think the latest is apt-cacher-ng
<tdn> e_t_, ok. So is apt-proxy considered depricated?
<e_t_> I guess so.
<tdn> Ok.
<kaushal> is there a way to generate boot.log file on 8.04 server
<kaushal> I see /var/log/boot
<kaushal> http://ubuntuforums.org/showthread.php?t=49925
<kaushal> checking in again for my query
<kaushal> is /var/log/boot the same as /var/log/boot.log ?
<alvin> kaushal: no, it isn't.
<alvin> kaushal: see /etc/default/bootlogd, but read the comments in bug 328881 first
<uvirtbot> Launchpad bug 328881 in upstart "init: support logging of job output" [Medium,Invalid] https://launchpad.net/bugs/328881
<dns53> i'm trying to help someone, they are trying to use bootlogd, we have enabled it in /etc/default/bootlogd,   is there anything else required?
<jargon-> i'm trying to find a backport of squid2.7 for hardy. anyone know where i can find it? doesn't seem to be anything for squid in http://packages.ubuntu.com/hardy-backports/web/
<alvin> dns53: I think that bug report contains a remark about /etc/default/bootlogd not being safe to enable. What's the trouble?
<alvin> Since lucid, Ubuntu has a small bit of boot logging (mountall output), but it's not complete yet.
<dns53> alvin it is on 8.04
<alvin> dns53: 8.04 has no boot logging at all.
<dns53> ok
<alvin> What's the nature of the problem you're trying to solve?
<dns53> it's not my problem but a person from #ubuntu-au trying to debug his own init script
<dns53> his script works correctly when run by himself but does not work as an init.d script
<alvin> environment variables are different during boot. Be careful to give full paths to executables
<alvin> hmm, no. I'm talking about cron, but I gues the boot environment will be somewhat restricted too
<twb> I just created, stopped, and restarted a RAID5 array of: --create /dev/md1 --level 5 -x 0 -n 3 /dev/sd[abc]2
<twb> When I start it, I get mdadm: /dev/md1 has been started with 2 drives (out of 3) and 1 spare.
<twb> Does that seem right to you?
<dns53> raid 5 should be using all 3 drives
<RoyK> raid5 on two drives - heh
<RoyK> -x 0 == no spares
<twb> Exactly!
<RoyK> twb: what does /proc/mdstat say?
<twb> md1 : active raid5 sda2[0] sdc2[3] sdb2[1] 1464645888 blocks level 5, 64k chunk, algorithm 2 [3/2] [UU_]
<dns53> yes has it rebuilt the array?
<twb> dns53: not yet; it's a large array
<twb> where "large" is "more than 256MB"
 * RoyK pats his 50TB opensolaris box
<dns53> yes, so it is doing that, you need [UUU]
<twb> dns53: any idea how to do so, given that I'm already supplying -n3 -x0?
<RoyK> twb: looks like a bug to me - check dmesg for errors
<dns53> twb wait for it to build i think, it's been a while since i used raid 5
<RoyK> dns53: I really don't think it should show that
<dns53> you may be right
<dns53> but it does say that it has all 3 drives in the array
<twb> I suspect it's just because it won't start syncing to the third drive until the first two are in sync
<RoyK> erm
<twb> the three-disk RAID1 array for /boot did something similar.
<RoyK> that's not how raid5 works
<RoyK> raid5 spreads all data across all drives
<RoyK> http://en.wikipedia.org/wiki/Raid5#RAID_5
<twb> But you can lose up to one drive
<RoyK> yes, I know, but it should start all drives at once
<twb> RoyK: even when CREATING the array?
<dns53> you basically get half on one, half on the second and a checksum on the third, you can loose one of the drives and you have enough info to create the third again
<RoyK> yes
<dns53> no it creates the two halves on all drives then goes through and creating the checksums for all the blocks
<twb> Well, since I have no way to tell it to behave differently, I'll see what happens and check on it tomorrow.
<twb> The entire server is just a hot spare for the "real" server, so I don't care too much if it's out of commission for an extra day or two
<RoyK> twb: did you check dmesg?
<twb> RoyK: yes, there was nothing useful there.
<RoyK> k
<RoyK> twb: doing some testing here - give me 10 minutes
<RoyK> twb: which ubuntu version is this?
<twb> 8.04
<RoyK> k
<twb> Probably about 8.04.1
<RoyK> then apt-get update && apt-get dist-upgrade before trying further
<RoyK> that'll take you up to 8.04.4
<twb> I'd prefer not to do that yet, because it's 8:30PM and it's in another suburb
<twb> Just in case it becomes unbootable as a result
<RoyK> your choice - but I've never seen that happen on a minor upgrade with ubuntu 8.04, and I've probably been across > 100 such servers
<twb> Well, that and I *know* the bootloader and the network configuration were hosed the last time it booted, and it was set up with static config long enough for me to get in.  I haven't tested my fixes for those yet, either :-)
 * dns53 has upgraded his server while on the bus
<RoyK> twb: you don't need a reboot after such an upgrade
<twb> Not normally, but sometimes it fucks up
<RoyK> there'll be a new kernel, but the old one will work well until you get there
<twb> I remember vividly repeatedly getting into nis vs. screen spinlocks when libc was being upgraded
<RoyK> anyway - upgarde before doing more raid stuff
<RoyK> 8.04.1 is quite old
<twb> Not spinlocks, deadlocks
<RoyK> that's a bitch
<twb> Basically (IIUC) libc would try to restart nis, but the "finished restarting nis" output would be blocks while screen tried to talk to nis to find out who I was.
<twb> One more reason to drop NIS ;-P
<RoyK> yeah
<twb> That would've been around 2005
<RoyK> we're still using nis
<RoyK> twb: perhaps try not to upgrade in screen next time :Ã¾
<twb> RoyK: but then if your SSH session is killed, you could (worst case) corrupt dpkg's database
<RoyK> then login as a local account
<RoyK> then use screen with that
<RoyK> twb: I can test VM here if you like
<twb> RoyK: it won't hurt :-)
<RoyK> twb: http://pastebin.com/UT6ne0Sm
<twb> Thanks
<twb> Apart from algo 2 vs. 4, it certainly looks the same
<RoyK> will test with 5 drives
<RoyK> see how that works
<twb> Now I check again, it says algo 2.
<twb> I must've misremembered it as 4
<RoyK> wtf can I delete an md?
<RoyK> http://pastebin.com/KRaLBTGg
<RoyK> twb: from https://raid.wiki.kernel.org/index.php/Mdstat <-- represents the status of each device, either U for up or _ for down. So examples 2 and 6 show 'degraded' arrays with some devices 'down'.
 * RoyK sticks to (open)solaris for storage
<zul> morning
<pmatulis> morning
<ttx> zul: yo
<ttx> zul, team, everyone: please nominate your favorite server-papercuts before the meeting today.
<zul> sure..
<uvirtbot> New bug: #280421 in ethtool "ethtool not available in post-ifup script" [Wishlist,Triaged] https://launchpad.net/bugs/280421
<sommer> morning
<MasterZuFu> what firewalls are available in ubuntu 10.04 server version? I'm looking for the most secure one that's also the easiest to figure out as I'm new to using ubuntu, especially in a no-GUI manor.
<pmatulis> MasterZuFu: there is only one f/w and it is called iptables
<pmatulis> MasterZuFu: but there are several utilities/frontends to configure it
<MasterZuFu> hmmmmmm ok
<pmatulis> MasterZuFu: we recommend "uncomplicated firewall" (ufw)
<MasterZuFu> alright, i'll look at that up
<pmatulis> MasterZuFu: good.  it is installed in the base system
<MasterZuFu> oh, really? it's already there?
<pmatulis> MasterZuFu: yes.  try 'man ufw'
<MasterZuFu> root@li116-92:~# man ufw
<MasterZuFu> No manual entry for ufw
<MasterZuFu> root@li116-92:~#
<pmatulis> MasterZuFu: did you install with the standard ISO?
<MasterZuFu> i'm using linode.com, it's a standard VPS install.
<pmatulis> MasterZuFu: oh
<MasterZuFu> yeah, i'm having to learn slowly but surely how to set this thing up
<pmatulis> MasterZuFu: well then, do 'sudo aptitude install ufw'
<MasterZuFu> for example, my email wasn't working. couldn't send activation emails with my forum. turns out i had to install the mail functionality first, then a mail front end, and then realize the mail front end (exim4 or something like that), is set default to "local only". yeah...frustrating. lol
<MasterZuFu> ok, regarding ufw, or really, the linux firewall...anyone know the best settings to: A) prevent/slow down/stop a DDoS. B) Block all ports but SSH, HTTP, SSL, Webmin, phpmyadmin, and...uh, i guess whatever else I need, and also filter those ports so that they are secure? basically I really want my server to be secure, it doesn't look like it came secure out of the box though.
<ttx> smoser: yo
<smoser> hey
<ttx> smoser: no good news ?
<ttx> ok
<smoser> no good news to share. so smoser works today. (/me's wife is expecting "any day now")
<smoser> so, what is the correct response to the last comment to this bug: https://bugs.launchpad.net/eucalyptus/+bug/450044
<uvirtbot> Launchpad bug 450044 in eucalyptus "euca-bundle-vol does not create essential tmpfs mounts when bundling Ubuntu images" [High,Fix committed]
<smoser> the comment is completely not related to the bug.
<ccheney> good morning guys :)
<zul> ttx: right now its pulling out the following info from launchpad: http://paste.ubuntu.com/442803/
<zul> hey smoser
<ttx> smoser: send ----- MARK ----- every 5 min so that we know you didn't have to leave in a hurry :)
<zul> smoser: for that bug ask the user to open a new bug
<zul> hey ccheney
<uvirtbot> New bug: #588293 in qemu-kvm (main) "Memory leak" [Undecided,New] https://launchpad.net/bugs/588293
<lau> i am installing kvm on my fresh lucid server x64 install
<lau> https://wiki.ubuntu.com/kvm
<lau> sudo aptitude install qemu-kvm
<lau> The following NEW packages will be installed: ... x11-common{a}
<lau> I do not want any x11 stuff on my server, how can I handle this ?
<qbitza> Hi guys
<qbitza> Will Ubuntu Server 64bit runon an Intel-3450?
<qbitza> I've been trying to figure out if Intel's latest 64bit chips are compatible with AMD's 64bit
<qbitza> but, the relevant info seems a bit obscured
<lau> qbitza: try egrep -c ' lm ' /proc/cpuinfo
<qbitza> I haven't actually bought the machine yet
<lau> If 0 is printed, it means that your CPU is not 64-bit.
<lau> so check manufacturer specification
<qbitza> I'm doing an investigation to make sure that what we're buying will run what we want
<qbitza> It says it's 64bit
<qbitza> I'm just not sure about the AMD / Intel instruction sets
<qbitza> There's something about Intel's EM64T being compatible with AMD's 64 bit
<qbitza> But EM64T is at end-of-life
<qbitza> So, just wondering - who here is runnign 64bit on Intel processors?
<qbitza> And is it as good as AMD?
<ccheney> qbitza, EM64T is end of life? you sure you aren't thinking of ia64?
<qbitza> That's what my vendor told me
 * ccheney is running amd64 on intel i7
<qbitza> Okay, that should do it then, thanks ccheney.
<ccheney> qbitza, http://en.wikipedia.org/wiki/EM64T#Intel_64  that gives some info about the different names intel used for the amd tech
<qbitza> Hey, another Q, since I have your attention
<TeTeT> smoser: Hi Scott, did you have a minute to look at the uec-describe-cloud tool I wrote? Would be nice if it got go to the standard uec tools :) If this is not too ambitious
<qbitza> Virtualization: Xen / KVT / VirtualBox?
<ccheney> qbitza, it appears ia64 may getting ready for EOL though, that is a completely different arch
<qbitza> That's the one that's NOT AMD compatible, right?
<qbitza> KVT = KVM, sorry
<smoser> TeTeT, i'm sorry that i've ignored that so far.
<smoser> I don't have any real objections to putting it in cloud-utils
<ccheney> qbitza, yea ia64 is the VLIW design Intel did with HP, etc and that never really took off, microsoft finally announced it was dropping support in april
<smoser> i haven't read over it though. just what you wrote in the email.
<qbitza> ccheney, Okay. I was just worried there that they might've started switching to something else again when this Vendor told me EM64T is EOL.
<ccheney> qbitza, vendor was most likely confused
<ccheney> qbitza, or intel just renamed amd64 yet another time
<qbitza> ccheney, Probably teh vendor's confused
<qbitza> ccheney, They ARE a WinTel house ...
<ccheney> ok
<TeTeT> smoser: ok, you want to look at the code for sure, it's one of the first python scripts I wrote
<oru_work> greetings. With postfix/dovecot can someone please remind me how to blacklist domains? I remember there is a file you can edit to do so I just don't remember which file
<lau> why do I need some libpulse0, vorbis, x11-common packages when aptitude install qemu-kvm on a lucid server install ?
<lau> even sudo aptitude install -s -R qemu-kvm needs these packages
<elb0w> would have to look at the source code to know how to answer than question
<alvin> Are you sure qemu-kvm is the right package? Using taksel, ubuntu-virt-server will be installed, and that contains kvm, libvirt-bin and openssh-server
<alvin> lau: ok, digging a bit further, you are right. It's qemu-kvm. I guess you can install it with the -R switch to disable installation of recommended packages if you don't need them
<oru_work> greetings. With postfix/dovecot can someone please remind me how to blacklist domains? I remember there is a file you can edit to do so I just don't remember which file
<AivarasKivilius> Hello, I have something bad with ubuntu server, then i try to access file myip/testing.php (<? phpinfo(); ?>) it works, but if only myip/ it wont show index file, just give ne a download something phtml file with random name... What to do?
<lau> hello alvin, point is even with -R switch, the qemu-kvm package installation requires libpulse0, x11-common and others
<lau> where should I dig to understand why qemu-kvm needs them ? (I am trying to install on a server)
<AivarasKivilius> Here is my server info: http://82.135.231.154/testing.php I think it can help for someone say, whats wrong in my server.
<pmatulis> oru_work: have postfix inspect the mail headers
<uvirtbot> New bug: #586546 in byobu "Byobu should be enabled by default for initial login to Ubuntu Server" [Wishlist,Triaged] https://launchpad.net/bugs/586546
 * kirkland notes he didn't file this; but only triaged it wishlist
<hggdh> heh
<hggdh> kirkland: BTW -- I tested trying to create more than 512 volumes on UEC, got an OOM there
<kirkland> hggdh: did you bump up the loop devices?
<hggdh> kirkland: yes, to 512, using Etienne's rig
<hggdh> kirkland: but I still do not have console access, so cannot open a bug right now
<alvin> lau: on what distribution?
<alvin> lau: I can't confirm the x11-common. You're probably mistaken. Another package will want to install it.
<kaushal> hi
<kaushal> https://lists.ubuntu.com/archives/ubuntu-server/2010-June/004247.html
<kaushal> is there a way to create boot.log ?
<kaushal> I have deleted it
<oru_work> I'm trying to blacklist a domain by editing /etc/spamassassin/local.cf and adding something like blacklist_from *@gmail.com as well as user@gmail.com and it has no effect. The mail still gets delivered to maildir
<jiboumans> morning folks
<sommer> high
<kaushal> checking in again for my query ?
<kaushal> https://lists.ubuntu.com/archives/ubuntu-server/2010-June/004247.html
<RoyK> kaushal: you should find the boot log in /var/log/messages
<kaushal> RoyK, it was there already i deleted it
<RoyK> you deleted what?
<kaushal> boot file under /var/log
<RoyK> wtf? http://pastebin.com/JCTP2DAX
<_tydeas_> When i login in ubuntu server i get a pretty nice header about temprature etc of the machine? where is this located? And how can i call it after being logged in?
<RoyK> _tydeas_: it's in /etc/motd, a file generated by the system - grep through /etc to find where
<lau> alvin: it is lucid server x64, I just http://paste.ubuntu.com/442851/
<lau> alvin I sudo aptitude update && sudo aptitude safe-upgrade just before
<lau> $ cat /etc/issue
<lau> Ubuntu 10.04 LTS \n \l
<simplexio> _tydeas_: lanscape_sysinfo
<simplexio> _tydeas_: landscape-sysinfo
<binBASH> 2 typos in one command ;)
<binBASH> jdstrand: Btw. I found out why I couldn't clone in virt-manager.
<oru_work> how can I check which version of spamassassin I have installed ?
<lau> http://doc.ubuntu.com/ubuntu/serverguide/C/libvirt.html#virtual-networking (I just replaced kvm by qemu-kvm for lucid install)
<jdstrand> jdstrand: oh?
<jdstrand> heh
<jdstrand> binBASH: oh?
<binBASH> jdstrang: I had to change directories in host settings, because I didn't store the virtual machine images in the default folder.
<binBASH> jdstrand btw. :)
<jdstrand> interesting
<binBASH> jdstrand: it defaults to /var/lib/libvirt/images
 * jdstrand nods
<binBASH> and I had my images in /srv/virtual-machines
<binBASH> so it didn't find them and was unable to clone.
<jdstrand> oh, I see, the xml had a different path and it didn't exist
<Daviey> kirkland: The only other merge blocker is http://paste.ubuntu.com/442852/ .  Which looks like simply the handling of axis2_svc_generated.patch..  Can this be dropped do you think?
<binBASH> I just rightclicked the machine host in the virt-manager and there you can change Host Details
<binBASH> not the vm itself
<binBASH> there I add the other directory and then it worked
<jdstrand> cool
<binBASH> yeah, I'm quite happy now ;)
<oru_work> cat /etc/issue only shows ubuntu version, but not release name is that normal ?
<binBASH> oru_work: you can type lsb_release -a instead
<kirkland> Daviey: i think we can take upstream on that one too
<Daviey> kirkland: Cool, in that case i have 16/17 patches to carry
<Daviey> which all apply cleanly
<corpse> does anyone know if  i can use transition to download files directly to my fileserver?
<Daviey> kirkland: Do you have a moment to review the delta?
<ayi> I recently upgraded a hardy server install to lucid. Afterwards, openssh became unreachable through a port forwarded NAT router, although accessible on the local network. Does lucid introduce some sort of blocking mechanism for non-local IPs?
<SpamapS> ayi: unreachable as in it times out, or refuses connection?
<ayi> it hangs forever
<SpamapS> ayi: ok are you sure your IP didn't change?
<ayi> yes, other port forwards work fine.. also changing the port forward to a different machine works
<ayi> might there be some sort of apparmor trickery going on?
<jdstrand> ayi: not unless you created an apparmor profile for openssh. Ubuntu does not ship one
<SpamapS> I am still not very familiar with apparmor
<jdstrand> sudo aa-status
<jdstrand> that ^ will tell you if it is confined, and looking in kern.log will tell you if apparmor is blocking stuff
<elb0w> if I have an up and down statement in /etc/network/interfaces why when I bring it down then up using ifconfig it removes the routes?
<RoyK> elb0w: static routes?
<elb0w> yeah
<RoyK> http://www.ubuntugeek.com/howto-add-permanent-static-routes-in-ubuntu.html
<elb0w> I have done this RoyK
<elb0w> however if I do ifconfig eth3 down
<elb0w> however if I do ifconfig eth3 up
<elb0w> it does not reapply the routes
<elb0w> only removes them
<elb0w> however /etc/init.d/networking restart
<elb0w> will apply the routes
<RoyK> ok - sorry - no idea
<elb0w> np not a major issue
<elb0w> just inconvenient
<RoyK> try ifdown/ifup
<RoyK> instead of ifconfig
<elb0w> Any idea why I get this when trying to stop service? http://pastebin.org/298735
<elb0w> Any idea why I get this when trying to stop service? http://pastebin.org/298735
<pmatulis> no
<pmatulis> no
<RoyK> elb0w: try /etc/init.d/postfix stop
<elb0w> now I get those errors whenever I run insserv
<kirkland> ccheney: ping
<incorrect> so where is it that ethx gets mapped to ethy?
<ccheney> kirkland: sorry my xchat crashed
<ccheney> kirkland, whats up? :)
<kirkland> ccheney: hey
<kirkland> ccheney: was wondering if you have your cloud up and running
<kirkland> ccheney: and also if you have a fix in testing for https://bugs.edge.launchpad.net/ubuntu/+source/eucalyptus/+bug/579942
<uvirtbot> kirkland: Error: Could not parse data returned by Launchpad: list index out of range
<ccheney> kirkland, not yet, i still have no AC should get it fixed today or tomorrow morning, also have been busy with the OOo security update this morning
<kirkland> ccheney: kees added a comment to that bug with instructions on fixing
 * ccheney checks to see if he has any ports available upstairs as its only place with semi-working air conditioning
<kirkland> Daviey: smoser: https://bugs.edge.launchpad.net/ubuntu/+source/eucalyptus/+bug/432154
<uvirtbot> Launchpad bug 432154 in qemu "dynamic block device attach/detach not functional with karmic KVM" [High,Fix committed]
<ccheney> kirkland, i should be able to fix 579942 on my laptop, will have to see if the systems can take the heat in the room where the switch is though
<ccheney> kirkland, otherwise i might not be able to test it until i get my ac working again
<ccheney> i have a portable ac unit but it seems to not work too well in mid day, but i could probably get it tested tonight using it
<kirkland> ccheney: do you have mumble access?
<ccheney> kirkland, yea let me see if i can get it to log in
<ccheney> i haven't used it in a month or so
<ccheney> hmm claims i don't have right password, looking it up now
<SpamapS> anybody have a good solution for mumble feedback?
<SpamapS> whenever I use it.. it just loops all over itself until all I hear is chirping and screeches
<SpamapS> unless I use my noise cancelling bluetooth
<mathiaz> SpamapS: I'm using push-to-talk
<SpamapS> mathiaz: right at least when I do that, it stops when I let go.. but in a long sentence, it gets worse and worse
<mathiaz> SpamapS: hm - usually it's an issue with the settings in mumble
<mathiaz> SpamapS: you may wanna redo the settings correctly
<SpamapS> mathiaz: I have been through the audio wizard a few times, thats usually where the worst feedback manifests. :-P
<SpamapS> mathiaz: but when I go through w/ the bluetooth.. everything is nice and quiet.
<ccheney> kirkland, can you hear me? i think i need to determine how to do push to talk
<mathiaz> ccheney: we can hear you for the time bein
<mathiaz> ccheney: being
<ccheney> ccheney, ok
<mathiaz> ccheney: hm - *can't*
<mathiaz> ccheney: we cannot hear you
<ccheney> mathiaz, ok will try testing again
<zul> umm...meeting now?
<mathiaz> zul: yes
<uvirtbot> New bug: #588410 in eucalyptus "dynamic block storage should use virtio" [High,Triaged] https://launchpad.net/bugs/588410
<Nicd^> I'm trying to install Ubuntu Server 10.04, but it complains that my CD is malformed. I dowloaded the image a second time and burned it again and verified (with OS X's Disk Utility), but it still complains. Can there be a problem with the 32-bit image on the website?
<ThomasG33K> Whats the best method to send email reports to your external email? Do I have to install an smtp server just for that?
<ThomasG33K> I meant log reports
<EtienneG> ThomasG33K, nullmailer, perhaps?
<EtienneG> I do not know it much, but it seems to do the job for send-only
 * ThomasG33K looks it up on google
<EtienneG> ThomasG33K, apt-cache show nullmailer
<ThomasG33K> sudo apt-cache show nullmailer
<EtienneG> will give you a bit of info
<ThomasG33K> got it
<cloakable> You don't need to run apt-cache using sudo :)
<ThomasG33K> yeah forgot about that xD
<ThomasG33K> When it gives me configure nullmailer, it asks for smart hosts. What does it mean?
<ThomasG33K> Is it for specifying an smtp server to use?
<ThomasG33K> thought nullmailer was a basic smtp or MTA server
<ThomasG33K> sudo apt-get remove nullmailer
<ThomasG33K> sorry dont like it
<ThomasG33K> thanks for idea thought
 * ccheney wishes he lived somewhere cold right now
<Nicd^> on my computer the md5sums of ./install/netboot/ubuntu-installer/i386/initrd.gz and its entry in md5sum.txt match, but my server says the file failed md5 checksum verification. what could this be? I've already tried with two different cd's and verifying the result after burning
<ItalicBold> greetings, can someone help me with an apache2 issue?
<funkyHat> !ask | ItalicBold
<ubottu> ItalicBold: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-)
<ccheney> ttx, 551901 SRU doesn't seem to make much sense (at least to me) by the time 10.04.1 comes out 2000 SP4 will be no longer supported for for extended support by Microsoft
<ccheney> ttx, though if its a more generic fix for something perhaps its still useful
<ttx> ccheney: that's an interesting point -- though we had quite a few people bitten by that, so that would prove a lot of people still run W2000
<ccheney> ok
<ttx> ccheney: and it used to work alright
<ccheney> ok :)
<ttx> ccheney: but I didn't know the deadline was so close
<ttx> a *lot* of DCs are running W2000SrvSP4
<ttx> that should hurt them badly :)
<ccheney> its apparently july 13
<ccheney> http://support.microsoft.com/lifecycle/?LN=en-us&x=17&y=11&p1=7274
<ccheney> heh more money to microsoft or conversions to linux soon :)
<ItalicBold> sorry :P ok i have just done a new server intallation with lamp and i have edited /etc/apache2/apache2.conf and added the following lines:
<ItalicBold> ServerSignature Off
<ItalicBold> ServerTokens Prod
<ItalicBold> I have restarted the apache service however I am still getting "Server	Apache/2.2.14 (Ubuntu)" in the response header. the above shoule make it just return "Server	Apache".
 * ccheney found out that the AC repair will be done tomorrow morning at 11am, a full week without working AC, ugh :(
<EtienneG> ccheney, you have my sympathy
<ccheney> EtienneG, thanks :) it'll be up to 37C later this week, so hopefully it really is fixed tomorrow
<EtienneG> ouch!
<EtienneG> that gives you the urge to go to the mall!
<EtienneG> ccheney, if I where in your shoes, I would be working at Starbucks!
<EtienneG> and all my sympathy for wife, the timing couldn't be worse for her ... :(
<ccheney> EtienneG, yea
<hggdh> smoser: let's talk about your request to marjo in a few? Right now I have to recover EtienneG's rig
<smoser> k
<ccheney> EtienneG, yea, not good for her, and getting my server stuff running only works at night when i can get my little portable ac to work good enough
<ccheney> EtienneG, i had to do a lot of security work for OOo today so luckily didn't lose any work time due to the outage
<EtienneG> and I was complaining about my 32C last week ...
<hggdh> EtienneG: come to Texas... Dallas is a nice place also, with 37+ expected this week
<EtienneG> hggdh, I bet
<EtienneG> I like it cool
<EtienneG> except during the holidays
<EtienneG> I mean, the summer one
<hggdh> heh
<Nicd^> on my computer the md5sums of ./install/netboot/ubuntu-installer/i386/initrd.gz and its entry in md5sum.txt match, but my server says the file failed md5 checksum verification. what could this be? I've already tried with two different cd's and verifying the result after burning
<oru_work> can anyone recommend a ticket support software that would let me create statistics possibly in the form of charts/graphs after some period of time ?
<alexm> ItalicBold: instead of editing apache2.conf maybe you can try with /etc/apache2/conf.d/security ?
<alexm> i see there's a servertokens value there (at least on lucid) that probably overrides your previous value in apache2.conf
<ItalicBold> ah
<ItalicBold> thanks
<ItalicBold> i see
<ItalicBold> will try now
<hggdh> EtienneG: the euca 1.6.2-0ubuntu30.1 seem to have already vanished from -proposed, probably on their way to -updates
<hggdh> EtienneG: so we will have to wait to update them. Meanwhile, I will bounce euca on the CLC, Walrus, CC, and SC to recover the memory
<EtienneG> hggdh, glad to hear that
<EtienneG> hggdh, feel free to reboot the entire cloud if it is faster for you
<hggdh> EtienneG: will reboot, then, faster
<ItalicBold> thanks alexm, that worked
<alexm> cool :) i didn't know that security file, i just grep -ri servertokens /etc/apache2 ;)
<hggdh> EtienneG: rebooting now (CLC, Wlarus, CC, and SC). NCs were not affected
<funkyHat> ItalicBold: look in /etc/apache2/conf.d/security -- that is probably where you should make your server signature settings
<funkyHat> ItalicBold: oh, someone already answered -_-
<oru_work> how would I extract .tar.gz file ?
<Pici> oru_work: tar xzvf file.tar.gz
<ccheney> oru_work, tar xvf is good enough on newer versions of tar to extract any compression format it happens to know about
<ccheney> oru_work, z specifies gzip in particular
<uvirtbot> New bug: #588442 in backuppc (main) "backuppc: Missing dependency to rrdtool" [Undecided,New] https://launchpad.net/bugs/588442
<corpse> does anyone know if  i can use transition to download files directly to my fileserver?
<RoyK> transition?
<corpse> err sorry, transmission
<RoyK> transmissioncli works for me
<VadimCK> transmission-daemon also will work, has a built in web-gui
<hggdh> kirkland: wasn't there a bug on memory leak on qemu-kvm?
<kirkland> hggdh: libvirt
<hggdh> kirkland: ah, thank you
<kirkland> hggdh: i need to re-upload that
<hggdh> kirkland: k
<kirkland> hggdh: how late are you around today?
<hggdh> kirkland: as late as you need me to be ;-)
<kirkland> hggdh: heh, okay, i want to catch up with you on one thing in a bit
<kirkland> hggdh: but i need to have 2 other conversations first
<hggdh> kirkland: np
<sommer> mathiaz: I have an openldap-dit-package ready for review: https://launchpad.net/~asommer/+archive/ppa/+packages, I probably missed something, but if you could take a look :)
<sommer> or advise on the next step
<mathiaz> sommer: do you have everything in a bzr branch?
<sommer> mathiaz: yep, I've just been updating https://code.launchpad.net/~asommer/openldap-dit/openldap-dit-split
<mathiaz> sommer: ok - I'll have a look at it then
<sommer> mathiaz: coolio, thanks
<NativeAngels> hello has anyone here installed ubuntu on a sunfire v100
<hggdh> smoser: there?
<smoser> yes
<hggdh> smoser: so, what do you need to get done? marjo asked me to follow up with you
<smoser> i think we're set
<smoser> slangasek took care of it.
<hggdh> oh, OK.
<smoser> hggdh, are you on release team ?
<hggdh> smoser: me poor humble self? no...
<smoser> and are you likely to be the person who would be asked to popuulate http://iso.qa.ubuntu.com/qatracker/build/ubuntuserver/all in the future for the ec2 images ?
<hggdh> smoser: I *might* be, but I never did it, and am unsure if I have the access. I would say ara, though
<smoser> ok. yeah, i was going to say that if you did end up with that job (and had access) that you would want to get the script to do it from slangasek
<hggdh> at least it is good to know which door to knock if needed :-)
<mikel> Hey all - I'm having some difficulty with sudo-ldap. Most LDAP functionality is working fine, users can login and so on, but they can't sudo at all - auth.log reports '3 incorrect password attempts' rather than 'you're not allowed sucka', but the passwords work just fine for the purpose of logging in via ssh in the first place.
<uvirtbot> New bug: #588481 in tomcat6 (main) "Init script fails to start when run via ssh with pty" [Undecided,New] https://launchpad.net/bugs/588481
<NativeAngels> has anyone here used a sunfire v100
<Elad> I am attempting to create a cert and I am at the part where I create a .csr, and it is not liking my common name, which I put as *.mydomain.com <--- Isn't this legit?
<soren> Elad: I believe it is, yes.
<soren> Elad: What's the error message?
<Elad> The name entered in the CN(Common Name) field of the CSR MUST be the fully-qualified domain name for the Web site you will be using the certificate for (e.g., \"www.domainnamegoeshere.com\"), or a valid Intranet domain name. Do not include the \"http://\" or \"https://\" prefixes in your common name. The common name cannot include spaces. Do NOT enter your personal name in this field.
<Elad> and I'm not including that stuff... so I am confused as to why it is angry with me
<soren> NativeAngels: What's your question?
<soren> Elad: What are you using to create it?
<Elad> openssl req -new -key domain.key -out domain.csr
<Elad> via, godaddy
<Elad> I mean, the cert I am attempting to get is via godaddy
<Elad> I am generating everything on my ubuntu server
<soren> Elad: openssl happily accepts *.foobar.com for me.
<Elad> it accepts it from me
<soren> Elad: ....so what's the problem again?
<Elad> it is when I go to request my cert from godaddy that I am getting problems
<soren> Elad: Ah.
<Elad> so I was making sure that I was creating it correctly
<soren> Elad: They may not accept such requests. Not all do. Some do, but demand a higher fee for *.example.com style certs.
<Elad> when I click on the help file it tells me I can do *.example.com
<Elad> k, I will take it up with them; Thanks for the help
<soren> Elad: Looking at their website, they do support it, but you need to choose "single domain with unlimited subdomains (wildcard)".
<ajmitch> soren: you probably know better than I - what's the reason for adding netbase to dependencies? it's the only change to heimdal that we're carrying at the moment
<Elad> soren, right you are; I will just register the 2 I need since I bought the 5 pack
<soren> ajmitch: Hm.... That sounds vaguely familiar. Let me check.
<ajmitch> it seems to have been added quite awhile ago, so I'm trying to find out if I need to keep it :)
<kirkland> hggdh: around?
<kirkland> hggdh: do you have time to mumble?
<uvirtbot> New bug: #588506 in php5 (main) "fastcgi daemon failing" [Undecided,New] https://launchpad.net/bugs/588506
<hggdh> kirkland: I sound like a chipmonk on mumble
<hggdh> what about calling my cell?
<kirkland> hggdh: sure
<kirkland> hggdh: pm your number
<soren> ajmitch: I think it may be a mistake, but I'm still looking.
<ajmitch> I've found some old bugs about netbase in debian & ubuntu being different with regards to depending on an inetd
<ajmitch> but that doesn't seem relevant anymore
<ajmitch> & the last mention of netbase with heimdal was a merge where it was unsure why it was kept :)
<soren> ajmitch: I think what really happened is that when Debian dropped the netbase dependency, whoever did the next merge messed it up.
<ajmitch> ok, as long as I can convince the archive admins of that, it'll get synced then
<ajmitch> thanks for checking up on it
<soren> ajmitch: Sure thing.
<ajmitch> looks like the other change carried was fixed in debian more than 2 years abgo
#ubuntu-server 2010-06-02
<GuyCanada> hey guys im trying to build a home server just for file sharing and whatnot, can anyone give me a hand im having a lot of trouble finding good guides online
<uvirtbot> New bug: #588523 in autofs (main) "Autofs5 fails on cascading/hierarchical mounts" [Undecided,New] https://launchpad.net/bugs/588523
<VadimCK> GuyCanada: how familiar are you with Linux and command line?
<VadimCK> if you just want to share files http://www.howtogeek.com/howto/ubuntu/install-samba-server-on-ubuntu/ is a good guide
<GuyCanada> vladimCK im fairly fammiliar, no expert tho
<VadimCK> what do you want to use the server for?
<VadimCK> GuyCanada: ^
<tyler_d8> I have changed the physical sata port that my primary drive is plugged into, and now I am being dropped into an initramfs prompt
<tyler_d8> how do I a. determine the uuid now that the drive is moved and b. get the system to boot from it?
<ChmEarl> tyler_d8, #ls -al /dev/disk/by-uuid/
<ChmEarl> or #blkid
<therian> hey everyone quick question, where do i go if I want to submit something to the software center? or just request an update?
<norrec> is there a way to limit the amount of bandwidth an ethernet interface can use?
<sorush20> how doesn't the server version have a desktop environment? like gnome?
<norrec> because its a server version, its done to remove the weight and reduce the potential security threats
<norrec> if u need a gui try a webgui like ebox
<sorush20> wow, so the server admin has to run everything from the cli?
<cjwatson> it's easy to install a GUI on top if you so wish.  The Ubuntu server is built out of the same repository as the Ubuntu desktop edition.
<cjwatson> just a question of defaults.
<sorush20> I've installed ubuntu server as a virtual machine on virtual box but now every time I sudo shutdown now, I'm reffered to a menu rather than system shutdown.
<Elad> anyone ever setup a cert for their imap mail?
<tyler_d8> anyone have experience with the "disk utility" -- I am getting an error on connect -- Unexpected stderr output - expected `udisks-tcp-bridge: Waiting for secret' but got `stdin: is not a tty'
<tyler_d8> k so we are one step further, just now need to get the usage details for the udisks package, assumedly the command udisks-tcp-bridge is supposed to be somewhere within the daemon
<tyler_d8> ??
<savid> Hi,  I have a website that sends out automated messages to registered users.  I'm getting blocked by just about every other email provider out there.  I've removed myself from the spamhaus blacklist, and cannot find my IP's on any other list (I checked dnsbl.info as well).
<savid> I also set up an SPF record for my domain.   What else can I do?
<tyler_d8> looking for the optimal mysql db raid-5 stripe size?
<tyler_d8> savid: you may need to e-mail spamhaus to ensure your ip address or range is listed within "commercial" not "private"
<savid> tyler_d8,  I put my IP in the spamhaus tool,  and it says it's not blocked
<tyler_d8> thats not what I said
<savid> ok, just figured that would accomplish the same thing
<savid> Does the reverse-dns IP for the domain have to match the originating server?  If so, not sure if that's even possible for my setup
<savid> tyler_d8,  ok, so I need to email spamhaus -- I can't find any method for contacting them by email on their website.  Is this something you've done before?
<tyler_d8> savid: had to get my ip changed in their system as some isp's block based on where your ip is linked too, commercial or residential
<tyler_d8> cannot remember the exact details so I apologize
<savid> tyler_d8,  so that's not the same as getting removed from the SBL/PBL/etc.. ?
<savid> because that's what I did --  I also checked on dnsbl.info and I'm not appearing on any blacklists.
<tyler_d8> whats a good benchmark utility for my raid array ?
<Roxyhart0> hi there, I need to install in a server a mail client to send email. Somebody know how to do that, a good manual?
<unewbie> Roxyhart0 try zimbra
<unewbie> it's easy :D
<Roxyhart0> I will check thanks, it works with command lines?
<savid> Anyone know of a good, inexpensive SMTP relay?
<unewbie> just extract and answers some questions then do the rest with web
<unewbie> i only know to use zimbra as mail server but i don't know smtp relay
<tyler_d8> whenever I run drive tests on my raid 5 I get kernel panic errors, and ultimately a frozen machine
<tyler_d8> ??
<tyler_d8> the drives are all healthy, and the OS is on a separate drive(not on raid)
<Datz> Hi, I was wondering if xubuntu with gdm killed would be lighter on ram than Ubuntu-server?
<lifeless> ubuntu-server, the thing with no gui ?
<Datz> ?
<Datz> basically, is there any differences between different variants of ubuntu besides desktop environment.
<lifeless> no, they are all the same packags.
<Datz> ah, good, thanks
<twb> Of course, some packages are EOLed earlier than others.
<Datz> my box with only 256 MB ram running xubuntu with GUI killed uses only ~100 MB RAM, however my -server edition is using something like 450MB RAM on another box.. of course it has more tasks..
<Datz> I'll go with -server and see what happens
<Datz> thanks
<twb> Datz: it's trivial to find out what is using up memory, and either remove, replace or reconfigure it.
<Datz> yea
<Datz> I hope it will be trivial if I run into that problem
<Datz> how come I can't find server edtion torrent here: http://torrent.ubuntu.com/
<Datz> 10.04 that is
<Datz> also, I'm not able to donwload the 32bit version from the main page
<twb> Presumably nobody bothered to create a torrent for it.
<twb> I always use my ISP's mirror, since that's not counted against my monthly cap.
<lifeless> torrents are one of the least efficient ways to download things
<lifeless> hugely efficient for the torrent publisher
<twb> lifeless: I contend that is not necessarily true.
<Datz> I was just worried about getting throttled by the download server
<Datz> but since I can't find a download yet, that's not my biggest problem
<Datz> :)
<Datz> this is where the 32bit download takes me: http://quigonjinn03.appspot.com/www.ubuntu.com/start-download
<Datz> I just get a blank screen
<twb> If you have gigabit within campus and a shared 10MB link to the US, and four other people are seeding from within campus, then it would be faster to torrent from your local peers than to use a bulk-bucketed HTTP GET over the 10MB line.
<twb> Datz: what is your country code?
<Datz> In US
<Datz> +1?
<twb> I meant the two-letter code, which would be .us
<Datz> oh
<twb> You want Ubuntu Server 10.04 for x86-64, or i386?
<Datz> i386
<Datz> and yes 10.04
<twb> Argh, it seems that archive.ubuntu.com's CD/DVD images aren't hosted in the same place on us.archive.ubuntu.com as they are on my ISP's mirror
<Datz> humm :-\
<Datz> I can always get it some other time I guess
<twb> You could always use http://us.archive.ubuntu.com/ubuntu/dists/lucid/main/installer-i386/current/images/netboot/mini.iso
<twb> That's a generic installer that downloads packages on demand, rather than up front.
<Datz> ah
<Datz> interesting
<Datz> netboot.. humm
<Datz> would I be able to remotely install?
<twb> The machine is in one place, and you're in the other?
<Datz> it is tucked away between the back of my desk and the wall :P
<twb> During the install, you can choose to install an SSH server in memory, and then perform the rest of the install via SSH
<twb> (All install media, except the "desktop" CDs, support that.)
<Datz> ah, so I need a monitor to do the inital setup?
<twb> Datz: or a serial line
<twb> Or, to provide some answers in advance ("preseeding"), but that's probably too much effort for you
<Datz> ah
<Datz> perhaps
<Datz> maybe I will just move some stuff around
<twb> Debian's installer is a good deal cleverer than Ubuntu's silly wrapper on it
<Datz> humm
<Datz> well, I've saved link, not going to do install tonight, so I'll check if download is working in the morning :) If not I'll try the netboot/mini.iso
<Datz> brb
<twb> ok
<tyler_d8> excellent, so my motherboard is fried in my one machine(server-64) and my backup I have found out now need to be upgraded(in the process now) but as well has gnome-packages installed, what is the most effective way outside of re-installing to switch to ubuntu-server?
<twb> tyler_d8: that was confusing
<tyler_d8> lol, sorry
<twb> You have a host with GNOME installed, and you want it to be a server?
<tyler_d8> I believe its the entire ubuntu-desktop package installed
<tyler_d8> based on what I am seeing within the upgrade logs
<twb> Well, either don't run, or remove, those packages.
<twb> The difference between -desktop and -server is largely the set of packages that are installed by default
<tyler_d8> so I would be safe in doing sudo apt-get remove gnome-desktop
<twb> If you're not using it, sure
<twb> I would probably do:
<twb> aptitude --schedule-only markauto ~i; aptitude --schedule-only keep ~aremove; aptitude markauto ubuntu-desktop
<twb> And carefully review the packages that it offers to remove, in case you DO need any of them.
<tyler_d8> very good, ty
<fluvvell> twb, I like the look of that, not being a big aptitude user - what does the ~aremove do ?
<twb> ~a means "what's gonna happen"
<twb> So ~aremove means "packages scheduled for removal"
<Datz> so, it's not just I having the problem of not being able to download ubuntu-server?
<twb> aptitude-doc-en has a chapter on such patterns.  I highly recommend learning them, since the alternative is usually a tedious chain of grep-dctrl (or worse, dpkg -l/apt-cache and sed/awk/perl).
<twb> Datz: I've no idea
<Datz> ok.. can someone else check? :P
<Datz> it would be most excellent
<fluvvell> twb, thanks - I've generally just used apt-get and apt-cache, dpkg -l with grep etc. my awk got lost about 10 yrs ago (have used it thoughand i've only ever used what others have sed for me ;-)
<fluvvell> oops, dropped a )
<twb> RoyK: FYI, the RAID5 sync finished and is [UUU] this morning
<Roxyhart0> hi there i want to configure in my cups server a printer pdf, somebody have any good link to do that
<Datz> twb: Found the torrent I was looking for. I don't know how I could get to it from the linkI posted before  FYYI http://torrent.ubuntu.com:6969/
<Elad> anyone setup dovecot+ssl?
<Elad> I have been working at it all day with no luck
<twb> Elad: did you read the ubuntu server guide?
<Elad> I read the dovecot guide
<Elad> twb, looks like they have some stuff in the ubuntu guide - reading now
<kaushal> hi
<kaushal> I have deleted the boot file on Ubuntu 8.04 server, is there a way to regenerate it again. I did rebooted and it did not created it, Also I touched the file and there were no entries in that file after reboot. I have followed also http://ubuntuforums.org/showthread.php?t=49925, it did not worked either. Please suggest/guide
<twb> kaushal: which boot file?
<kaushal> twb: /var/log/boot
<twb> kaushal: that file is created at boot by /etc/init.d/bootlogd, iff /etc/default/bootlogd contains BOOTLOGD_ENABLE=Yes
<twb> It doesn't matter if the file exists beforehand
<twb> However, it might be that Ubuntu has broken that functonality in recent versions, since it's largely a sysvinitism and Ubuntu moved most stuff to upstart since 8.04...
<twb> Oh, you're on 8.04.  Carry on.
<corpse> is there a command to get your external ip? or do i have to setup a .sh script?
<twb> corpse: WHICH external IP?
<twb> And, no, not portably.  Conventional wisdom is unfortunately to postprocess the output of "ip address show dev eth0" or some variation thereof.
<corpse> twb: my servers webhost ip
<wise_crypt> corpse: www.whatismyip.com
<twb> corpse: so when you have zero NICs, or fifteen NICs, or one NIC with three IPv4 addresses and two IPv6 addresses, which address do you want?
<twb> wise_crypt: oh, right, maybe he meant that.
<corpse> yeah thats kinnda what im talking about, but i need to run that on my server
<corpse> i have set up some .sh scripts based on what i have found on google. but none see to work as they are all a few years old
<twb> w3m <URL> or lynx <URL>
<corpse> that was it =D thanks alot!
<corpse> didnt know about the w3m command
<wise_crypt> corpse: dyndns can do that for you www.dydns.com
<wise_crypt> corpse: dyndns can do that for you * www.dyndns.com
<Elad> so I just got done reading the ubuntu guide, and it didn't answer my question
<Elad> although it is possible I didn't ask it the right question
<Elad> I can connect fine to dovecot+ssl, but I get a warning of an untrusted cert. I change the cert location in dovecot.conf to my qualified certs, but my mail client still sees the old certs; makes me think I did something wrong
<twb> Did you bounce dovecot after reconfiguring it?
<Elad> yes /etc/init.d/dovecot restart
<SpamapS> ttx: question about cassandra's huge pile of dependencies..
<ttx> SpamapS: yes
<SpamapS> ttx: It seems I'll probably have to replace w/ symlinks.
<SpamapS> ttx: but one in particular is tricky... antlr3
<SpamapS> ttx: we package 3.0.3 in main, I don't see a merge in merge-o-matic .. but cassandra wants 3.1.3
<ttx> SpamapS: welcome to hell
<ttx> SpamapS: does cassandra want 3.1.3, or need 3.1.3 ?
<ttx> also I'd recommend patching the build.xml rather than using symlinks, if you can
<ttx> it's cleaner than reconstructing symlinks on package unpack
<ttx> (source package unpack)
 * ttx grumbles
<ttx> SpamapS: there are several options...
<ttx> SpamapS: (1) Cassandra builds with 3.0.1 alright -> DONE
<ttx> (2) Cassandra can be tweaked to build with 3.0.1 -> PATCH -> DONE
<ttx> (3) Update antlr3 to 3.1 -> prep package, test all reverse build deps to see if they accept 3.1 instead of 3.0.1, upload as the new antlr3, depend on that -> DONE
<SpamapS> ttx: one of the reverse deps is eucalyptus-java-common .. ;)
<ttx> (4) If some require 3.0.x and the others require 3.1.x...
<ttx> antlr is a build dep iirc, so it's quite easy to test
<SpamapS> ttx: ok, my preference was to just build w/ 3.0 .. but the cassandra guys are somewhat militant that we should build with the version as close as possible to the one in lib
<SpamapS> ttx: yes its a build dep, but it is a code generator, so it may generate different code ...
<ttx> SpamapS: if it builds with 3.0, the plan would be to just build with it... and ask debian how open they would be to an update
<ttx> it's a question of how many revdeps
<ttx> SpamapS: that's a calssic case where Java collides with distributions
<ttx> SpamapS: distributions try to have as little different versions of the same libs as possible
<ttx> SpamapS: Java actually encourage devs to pick their specific version
<ttx> and maven made it even worse.
<SpamapS> ttx: thats annoying. :-P
<ttx> SpamapS: it's funny the first time it hits you. Over the long run, you just wish java didn't exist.
<ttx> SpamapS: do you know how to do ISO testing ?
<ttx> http://iso.qa.ubuntu.com/qatracker/build/ubuntuserver/all
<ttx> That's one of the sevarl things we also have to do :)
<ttx> several, even
<twb> Upstream are jackasses, film at 11
<ttx> twb: I wouldn't say that. But in some cases, the way tehy are used to work doesn't play nice with the needs of distributions.
<twb> When they respond to that difference in the style of schily or tuomov or moco, they are definitely 100% jackasses.
<ttx> right :)
<SpamapS> ttx: Does it count if I use the iso to install in VMware?
<ttx> SpamapS: if you mark so in the comments, that's ok
<ttx> SpamapS: I use KVM for most of my testing.
<ttx> SpamapS: I run a few basic installs on real HW just to check.
<SpamapS> ttx: I've no real hardware to test on really.. just my laptop :-P
<SpamapS> I moved everything else into the cloud ;)
<SpamapS> Though I have been thinking about putting in a server of some kind to host my local mirror of the archives
<SpamapS> ttx: so 20100601.1 ?
<ttx> SpamapS: whatever the ISo testing site says. Looks like it is 20100601.1 for ISOs, yes
<ttx> ymmv for UEC images and ec2 amis
<SpamapS> ttx: ok, see you after some sleep. :)
<tyler_d8> anyone in here know mysql server?
<RoyK> a little off-topic, but still https://secure.avaaz.org/en/gaza_flotilla_7/?rc=fb
<RoyK> tyler_d8: I know it quite well
<tyler_d8> ever migrated a db in 5.1 --- ubuntu
<mikekelly> what are obvious things to check if I'm getting a 503 on a basic apache2 setup on 10.04 ?
<mikekelly> localhost works fine but for some reason request to the actual host name are getting a 503
<mikekelly> actually scratch that it's working with the host name - it just won't work from request that aren't on the host box
<RoyK> tyler_d8: usually it just works - export the db from the old version with mysqldump
<tyler_d8> no no, just the physical location on the same disk
<tyler_d8> ie. modify the instance to have the data stored on a raid lets say
<incorrect> is there a list of people providing ubuntu vps services around the world?
<RoyK> eeeeerm ... seems there may be a kernel memory leak in lucid
<RoyK> http://pastebin.com/XK8aDVkc
<RoyK> it seems there are 16 processes running, each using 2,5GB or so, I have 64GB memory and 16 cores in this baby. According to ps, it's not using a lot of memory, but it's swapping like crazy
<Daviey> RoyK: uptime?
<Daviey> incorrect: only google AFAIK
<RoyK> Daviey: 18 days
<incorrect> Daviey, i found one that the xen guys do,
<Daviey> RoyK: can you pastebin the headers of top?
<RoyK> http://pastebin.com/msXYduBX
<Daviey> RoyK: erm.. "top"?
<RoyK> oh
<RoyK> top
<RoyK> :)
<Daviey> ie, http://pastebin.daviey.com/wytX/
<RoyK> http://pastebin.com/cwQYihHe
<Daviey> RoyK: to me, it looks like Flexpart is leaking
<Daviey> RoyK: Are you able to test Flexpart against valgrind?
<RoyK> Daviey: should work, but then, why on earth doesn't ps report this? also, these are jobs that are started and run for, say, 2-3 days. then new jobs take over. new processes, just scripted
<RudyValencia|srv> I love my personal server now that it runs Ubuntu :D
<RudyValencia|srv> I was running it on FreeBSD but it was starting to get kinda hard-to-manage that way
<RudyValencia|srv> (keeping ports updated and all that)
<RudyValencia|srv> how do I thank Canonical for their great work?
<Daviey> RoyK: you could be right, but it would be interesting to see the results of valgrind to rule it out.
<Daviey> RoyK: a resource leak you are experiencing in quite a short time, i would have expected others to have reported that by now
<Daviey> Not saying that ISN'T the case, but be good to rule out things first.
<RoyK> Daviey: this is old fortran code, so I don't know - might be worth a try
<Jeniczek|vPraci> hi guys!
<Jeniczek|vPraci> anybody wiling to help me a bit with a weird behaviour of SAMBA?
<ttx> !ask
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-)
<Jeniczek|vPraci> Guys, I have the following SMB settings - http://pastebin.com/pfahh509 . When a user from creativeshop group creates a directory and uses Windows OS, it correctly creates a directory with 0770 privileges, but a user under MacOSX creates a dricetory with 751 and I really dont know why
<Jeniczek|vPraci> any idea what is wrong ?
<maxagaz> how to count the number of files in a dir ?
<Pici> ls /path/to/dir | wc -l
<maxagaz> Pici, and recursively?
<maxagaz> find ./ | grep wc -l
<maxagaz> Pici, thanks!
<Pici> sure!
<ttx> kirkland/Daviey: could you cover http://iso.qa.ubuntu.com/qatracker/result/4188/494 in Alpha1 ISO testing ?
<spineau> ttx: may I ask you another question regarding UEC ?
<ttx> spineau: sure
<spineau> ttx: When you've just downloaded/registered an image
<spineau> ttx: Does every node cache it or only the one that will be running the instance ?
<ttx> spineau: the node caches it the first time it starts it
<spineau> ttx: If there are extra nodes on the CC, they are not caching for future needs ?
<sommer> morning
<ttx> spineau: I don't think so.
<spineau> ttx: ok, thanks
<ttx> smoser: ping
<Daviey> ttx: I could indeed!
<ttx> Daviey: cool ! You can cover the UEC images test with the same environment:
<ttx> http://iso.qa.ubuntu.com/qatracker/test/4216
<ttx> http://iso.qa.ubuntu.com/qatracker/test/4217
<ttx> Daviey: ask me if you have any question, the docs should be straightforward though
<Daviey> hmm.. ok
 * ttx updates them to use the lucid image by default
<Daviey> ttx: When is the deadline?
<ttx> Daviey: end of today ?
<Daviey> ttx: It's going to be tight!  But think it can be done.
<alvin> Jeniczek|vPraci: You're setting a mask and you're not forcing the mode, so whatever the mac user put in his profile, will fit your mask.
<pthsWork> I'm setting up a Samba server agains 2008r2 DC's, but the realm= in smb.conf seems a bit unclear to me. Is it the domain that goes here, or is it the DC itself, if it's the DC itself, can I list more than one DC?
<Jeniczek|vPraci> alvin hmm
<ttx> zul: for alpha1 testing, could you cover one of the EC2 regions ? Not sure smoser will show up.
<zul> sure
<ttx> zul: that would give us confidence, or time for a respin if needed
<alvin> Jeniczek|vPraci: You can change that on the macs. (in Globalpreferences.plist or something. I don't use samba for macintosh. Resource forks are still a cause for trouble)
<Jeniczek|vPraci> alvin so I have to use ,,force create mode (S) ,, and force directory mode (S) ?
<zul> ttx: gotcha
<smoser> ttx, i'm here.
<alvin> Jeniczek|vPraci: Yes, I'd experiment with that. It's easier than changing all those macs
<Jeniczek|vPraci> alvin the SAMBA runs on ubuntu server, not on MacOSX
<smoser> and i've run the tests last night.
<ttx> smoser: ha
<Jeniczek|vPraci> alvin okey than
<smoser> i just need to open a couple bugs and record results
<Jeniczek|vPraci> thanks alot
<ttx> smoser: care to start your magic EC2 automated tests ?
<ttx> zul: then you can pick random ISO tests
<alvin> Jeniczek|vPraci: I know, but the macs will try to put their resource forks on your server. How that happens is dependant of the version of OS X
 * ttx is on random ISO tests as well
<ttx> zul: mark them started when you start them
<zul> ttx:yep yep
<smoser> ttx, i already did on 20100601
<smoser> was re-spin required ?
<ttx> smoser: no
<ttx> smoser: the tests don't show up as completed (or started), so I figured you didn't run them :P
<smoser> right. i just kicked off the test before i went to bed
<smoser> i have to open some bugs and record results.
<Jeniczek|vPraci> alvin thank you very much, am gonna do it
<ttx> smoser: I had ara promote the UEC image to the tracker, btw
<smoser> have you sniffed it ?
<ttx> smoser: no.
<smoser> :)
<smoser> i can sniff quickly here on lucid UEC
<ttx> smoser: that would be great
<ttx> I didn't plan on reinstalling UEC today, was trying to push Daviey/kirkland into covering that part
<alvin> Jeniczek|vPraci: good luck. (btw, people told me netatalk has come a long way. Apple will still work better with afp than samba.)
<Jeniczek|vPraci> alvin well for me it sounds, that I have to force both create modes ( dir and file) to 770 on all shares that MacOS users have access to...
<Daviey> ttx: I really wanted to get this merge polished today, and the rig isn't yet setup.. That shouldn't take tooo long, but need to dig out some cables.
<ttx> Daviey: maybe kirkland can cover the alpha1 UEC testing (at least on amd64)
<Daviey> ttx: I think i can cover it, but depends on any hiccups getting the rig deployed.  I did want to borrow kirkland to review a diff.. it's quite large @ 648364 lines, and a second pair of eyes would be handy.
<alvin> Jeniczek|vPraci: I'm using force create mode = 0660 and force directory mode 0770, but I don't let apple users use samba. (using a commercial solution for that). Wen using those masks, I set the umask to 002 on the Linux clients (NFS) in /etc/profile. It results in directories drwxrwxr-x and files -rw-rw-r--.
<Jeniczek|vPraci> alvin why you dont let use apple users samba?
<ttx> zul: please concentrate on i386, I've trouble downloading the i386.iso
<zul> ttx: ack
<alvin> Jeniczek|vPraci: That'd make a mess of the shares. That's not too bad, but their applications would have trouble finding out what filetypes are on the share.
<alvin> Jeniczek|vPraci: They could use extensions for that too, but well...
<Jeniczek|vPraci> hmm interestin
<alvin> Jeniczek|vPraci: Our mac users are used to OS9. They don't use extensions and you can't even begin to imagine what symbols they try to put in filenames
<Jeniczek|vPraci> the force create modes are for specific share or as global option?
<Jeniczek|vPraci> i have just se tit for every share and the newly created dir is again with bad mask
<alvin> Oh, you can choose that. I use them globally
<Jeniczek|vPraci> maybe samba needs to be restarted
<alvin> or refreshed.
<Jeniczek|vPraci> how to do that?
<Jeniczek|vPraci> I dont want to break current open files
<alvin> Oh. On Linux it's $ sudo service samba reload
<Jeniczek|vPraci> reload, ok
<alvin> that won't break open files
<Jeniczek|vPraci> Reloading /etc/samba/smb.conf smbd only [ OK ]
<Jeniczek|vPraci> smbd should be enough, right?
<alvin> yes. nmbd is only for netbios
<alvin> Here: http://en.wikipedia.org/wiki/Resource_fork There's a paragraph about SMB shares in that article
<Jeniczek|vPraci> ok, lets try it again
<alvin> but different versions of OS X will save their resource forks in different ways and you can get compatibility problems
<Jeniczek|vPraci> alvin hmm, the MacOSX still ignores the force mask
<Jeniczek|vPraci> I must have somethin wrong then
<Jeniczek|vPraci> It sill creates just 751DIrs
<alvin> What is the umask you'd like to see as a result? 770 dirs?
<zul> smoser: have your thought of creating the rootfs for the maverick ec2 images to be ext4?
<Jeniczek|vPraci> alvin yeah, for most of the dirs, 770
<smoser> zul, thats the plan, yeah.
<smoser> move to ext4 so i can move to btrfs next :
<zul> smoser: k
<zul> heh
<smoser> ttx, images are booting, but i can't get to them.
<smoser> (uec)
<ttx> no ssh into them ? No network ?
<smoser> never mind
<smoser> user error
<smoser> i hate --key
<zul> lol
<smoser> ttx, when the user uses the system correctly it seems that the instances boot and are reachable via ssh
<ttx> smoser: good news, mark the tests ok while it works
<Jeniczek|vPraci> alvin any luck?
<smoser> ttx, its valid to call it passed having tested on lucid host ?
<alvin> Jeniczek|vPraci: I denied access to samba from the macs, so I can't test there, but I tried this from Windows. I want directories as 2775 and  that works. Maybe try  create mask = 02770 and directory mask = 02770
<ttx> smoser: it's actually how it should be tested.
<ttx> smoser: moving guests on stable host, moving host with stable guest
<ttx> though when everything works the shortcut is tempting.
<alvin> Jeniczek|vPraci: You can also try 'force directory mode'
<Jeniczek|vPraci> yeah, thats what I was trying
<alvin> The samba howto is pretty complete about that. (difference between mask/mode etc)
<\sh> ttx, regarding the ipv6 problem with authbind, wouldn't it be a good idea to add ipv6 support to authbind?
<ttx> \sh: that sounds like the right solution.
<ttx> \sh: haven't looked into what that would mean, though
 * ttx watches his upload rate go from "almost unbearable" to "completely useless"
<alvin> Jeniczek|vPraci: Aha, look here: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=532856 I don't know if it applies. The version of samba will be more recent in Ubuntu.
<uvirtbot> Debian bug 532856 in samba "umask settings overridden by Mac OS X 10.5 (Leopard) clients" [Normal,Open]
<ttx> can't even send an email with attachments wth
<\sh> ttx, when I find the time, I'm trying to google some examples of how to implement such logic for ipv6...anyhow I need to find a way to test it though, and this will be a complicated task for me ;)
<kirkland>  ttx: sure
<kirkland> Daviey: morning!
<ttx> kirkland: see with Daviey to not duplicate effort -- also I don't think we need to tset UEC/i386   or the alternate topologies for this milestone
<kirkland> ttx: great
<kirkland> ttx: i'm supposed to review Daviey's merge of eucalyptus-devel today
<kirkland> ttx: i think it would be best if he installed a Maverick UEC for ISO testing
<kirkland> ttx: and then we upgrade that to his merge ;-)
<kirkland> ttx: two birds
<ttx> kirkland: I like that
<Jeniczek|vPraci> hmm, alvin thats pretty crazy
<alvin> Jeniczek|vPraci: I concur
<Jeniczek|vPraci> am tryin to set unix extensions = no if it make any effect
<Jeniczek|vPraci> it seems that it helped to those guys
<alvin> Jeniczek|vPraci: Yes, I'm reading that here. Now I finally know what those unix extensions do. I'll leave them in here.
<alvin> Jeniczek|vPraci: If you have the time, I'd try netatalk.
<Jeniczek|vPraci> I have never heard about netatalk
<alvin> I use a commercial version of it. Keep help those Apple machines in check. Apple has always used appletalk and netatalk will bring that to your linux.
<alvin> (In my world, NFS is for Unix/Linux, SMB for Windows and AFP for Mac.)
<Jeniczek|vPraci> hmm
<Jeniczek|vPraci> ill have a look
<Jeniczek|vPraci> lets try those extensions to be off
<Jeniczek|vPraci> I dont have other Linux clients or server in this LAN, so turning them off should do no harm
<alvin> If I understand it correctly, it shouldn't harm you anyway. only the umasks, set on Linux/Unix will not be set on the shares.
<oru_work> how can Iinstall perl ?
<Pici> oru_work: Perl should be installed by default.
<oru_work> Pici, ok
<Jeniczek|vPraci> hm
<Jeniczek|vPraci> alvin its funny, now it creates 775s ;)
<alvin> Jeniczek|vPraci: If that's not what you want, look in man afpd. There's an option there to set umask
<sludge321> Hi everyone. Was looking for some advice with a stange issue I am having with an Ubuntu 10.04LTS server I set up last week. cron.daily scripts do not seem to be being run. Also /var/log/messages is completely empty.
<kirkland> Daviey: ping me when you're around
<Daviey> kirkland: PING
<kirkland> Daviey: heellllloooooooo dave
<Daviey> kirkland: Hellloooooooooo ... Dustin
<kirkland> Daviey: alrighty, so today, we need to do 2 things ...  a) run the alpha1 uec iso test, and b) review your eucalyptus-devel merge, right?
<Daviey> kirkland: correct-a-mundo.
<Daviey> kirkland: The diff is huge, so a second pair of eyes would be awesome
<Daviey> hand to re-introduce the makefile diff, as it was failing to compile
<kirkland> Daviey: ah, hmm, we'll need to look at that one closer then
<Daviey> *had to reintroduce
<kirkland> Daviey: let me reboot, and then let's get a schedule together for those two items, to make sure we sync up on them today
<Daviey> kirkland: Sounds good.
 * hallyn waits for wiki access...
<hallyn> i'm reviewing general todos, pls lemme know if i'm supposed to be doing anything else in particular
<ttx> hallyn: welcome
<zul> hey hallyn
<hallyn> thx :)
<hallyn> hey
<LinuxAdmin> hi guys
<LinuxAdmin> I'm configuring kvm and I'm getting some troubles.
<LinuxAdmin> I created a VM and I've configured bridge network interface
<LinuxAdmin> although I can ping the host from a VM and ping a VM from the host, I can't ping the  internet.
<LinuxAdmin> do I have to configure tun/tap interface to get it working?
<LinuxAdmin> what could be missing?
<LinuxAdmin> any ideias?
<tintin> Hello. I have configured my Ubuntu 10.04 with LDAP. At logon, appear a list of users who have previously logged. How can I remove these "cached" users? I only want to appear the box to write the username and password.
<hallyn> LinuxAdmin: did you start from cmdline or from virt-manager?
<hallyn> if cmdline, what cmd?
<oru_work> sudo mysql -v
<oru_work> ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: NO)
<oru_work> why would it do that
<oru_work> i'm running ubuntu 10.04
<oru_work> it doesn't prompt me for the password :(
<cloakable> oru_work: you're not telling it to prompt
<oru_work> how would I do that ?
<cloakable> oru_work: mysql -p
<oru_work> sudo mysql -p
<oru_work> Enter password:
<oru_work> ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES)
<oru_work> I have to be root right ?
<oru_work> I don't think i have root enabled
<cloakable> You should enable the password first :P
<oru_work> can I install bugzilla from one of the packages or should I do it manually ?
<elb0w> you dont have to be root
<elb0w> on linux
<elb0w> if thats what you meant oru
<remix_tj> oru_work: mysql -u root is the command you need, if you do not set up the password
<LinuxAdmin> hallyn: I started from the command line
<LinuxAdmin> but I've also tryed from virt-manager
<LinuxAdmin> it's the same behavior
<hallyn> what cmd?
<LinuxAdmin> with virsh
<LinuxAdmin> what I'm burning my head is why can I ping the host from the outside world (it means that bridge is well configured)
<LinuxAdmin> why can't the VM ping the internet
<LinuxAdmin> ?
<oru_work> these are the last few lines of installation of /usr/bin/perl install-module.pl DateTime http://pastebin.linode.com/3895
<LinuxAdmin> can someone help me with this issue?
<hallyn> LinuxAdmin: when you started from the command line, what command did you use
<oru_work> sudo apt-get build-essential
<oru_work> is this misspelled ?
<hallyn> LinuxAdmin: i generally start vms with something like
<hallyn> kvm -drive file=server1.img,if=virtio,index=0,boot=on -m 1000M -smp 2 -redir tcp:2222::22
<LinuxAdmin> I defined auto start
<LinuxAdmin> when I started kvm the VMs start automatically
<LinuxAdmin> sorry hte delay
<LinuxAdmin> I used "virsh -c qemu:///system start vm1"
<oru_work> i got this error after apt-get isntall yaml-mode
<oru_work> hmmm http://pastebin.linode.com/3896
<oru_work> any ideas ?
<brianchidester> hi Deji
<Deji> hgghd : ping
<Deji> brianchidester : pong
<Deji> hggdh: ping
<hallyn> LinuxAdmin: can you pastebin the result of 'virsh dumpxml vm1'  ?
<Deji> brianchidester : thanks for the help
<brianchidester> Deji: yarp
<hggdh> Deji: pong
<oru_work> can someone help me with this error http://pastebin.linode.com/3898
<SpamapS> oru_work: There's not much context there. What printed this error?
<oru_work> SpamapS, i'm already passed that , thanks though. It was after I ran the installer for one of the perl modules
<oru_work> SpamapS, was missing one dev library
<LinuxAdmin> sorry again hallyn, It's been a busy day. here is pastebin link: http://paste.ubuntu.com/443428/
<LinuxAdmin> hallyn: do you see anything strange with the config file?
<LinuxAdmin> br1 it's my bridge interface
<LinuxAdmin> I can ping it from the outside world
<LinuxAdmin> so, I assume is ok with the bridge configuration on the host
<LinuxAdmin> what do you say?
<hallyn> LinuxAdmin: really, you can ping it from the outside world but can't get to the outside world from it?
<LinuxAdmin> I can get to the outside world from the host
<LinuxAdmin> what I can't is ping the outside world from any VM
<hallyn> and you mean you can ping the host, but not vm1, from the outside word?
<LinuxAdmin> yes
<hallyn> what exactly do you get if you do wget google.com from vm1?
<hallyn> (i'm wondering whether your /etc/resolv.conf is just not right)
<hallyn> can you pastebin the output of 'brctl show'?
<hallyn> as well as 'ifconfig -a', 'netstat -nr' from the host, and 'netstat -nr' from vm1
<hallyn> (at your convenience :)
<LinuxAdmin> ok
<LinuxAdmin> just a minute
<LinuxAdmin> hallyn: the link is http://paste.ubuntu.com/443436/
<RyanP> Does anyone have experience having nagiosgrapher graph things from statd? Specificlly, I'm trying to get a graph of the data reported from check_load_statd.
<LinuxAdmin> hallyn: do you see anything wrong?
<hallyn> LinuxAdmin: well you have br1 containting only eth1, which appears to be unconfigured
<hallyn> where is eth1 supposed to lead?
<hallyn> i suspect if you hook vm1 up to virbr0 instead of br1, it'll "just work"
<hallyn> (and i suspect you want to just get rid of br1 altogether)
<hallyn> (leaving it there won't cause problems, just be confusing)
<LinuxAdmin> but I want to use bridge, and I should point bridge interface to physical interface br1 --> eth1
 * ccheney wondering where his ac repairman is at
<hallyn> but eth0 is the configured netif
<hallyn> or not?
<hallyn> oh, i see.
<LinuxAdmin> eth0 is an interface used to a private lan, just to synchronize share storage
<hallyn> so is 194.79.75.210 your real external ip?
<LinuxAdmin> yes
<LinuxAdmin> if I want outside world connect VMs without nat, I mean directly, I should configure bridge
<hallyn> yes
<diago> I installed a debian guest and did not use the --accelerate falg, can I enable it some where in the xml file?
<LinuxAdmin> otherwise I have to make nat roules
<LinuxAdmin> rules, I mean
<LinuxAdmin> and every manuals tells me to make bridge this way
<diago> LinuxAdmin: yes you need a bridge, what ubuntu release are u using
<LinuxAdmin> and it seams that is working because I can communicate with bridge interface ip from the outside world
<LinuxAdmin> 9.10
<hallyn> (sorry, having troubles of my own, metacity hanging)
<LinuxAdmin> I've read a lot on the internet, and I saw an article that says ubuntu 9.10 is getting problems with this
<hallyn> LinuxAdmin: you can't ping outside world by ip address either?
<LinuxAdmin> no
<LinuxAdmin> it's not a dns issue
<LinuxAdmin> I can't even ping an ip of the same network
<LinuxAdmin> I mean, in the same switch
<hallyn> LinuxAdmin: i did use 9.10 with virtio over bridge, but i had to forward bridge to wireless card so wasn't exactly the same setup
<diago> LinuxAdmin: can you pastie your /etc/network/interfaces
<LinuxAdmin> yeh
<LinuxAdmin> ok
<diago> I use 9.10 host with bridges guests all the time
<LinuxAdmin> just a minute
<LinuxAdmin> do you want /etc/network/interfaces from the host or from the VM
<LinuxAdmin> ?
<LinuxAdmin> I'll post both
<LinuxAdmin> just wait
<hallyn> LinuxAdmin: the last thing looking suspicious to me is that your gw on vm is .209, not .210
<hallyn> might be right, but i would have thought the br1 ipaddr woudl be the right value
<SpamapS> hallyn: btw, welcome! :)
<hallyn> SpamapS: thx
<LinuxAdmin> here is the link: http://paste.ubuntu.com/443449/
<LinuxAdmin> sorry for delay but I can't copy/past from VM
<LinuxAdmin> I'm using virt-manager and mouse does not work there :)
<LinuxAdmin> any ideia?
<LinuxAdmin> diago: do you use karmic guests?
<LinuxAdmin> diago: do I have to configure any firewall rule to forward traffic between interfaces?
<LinuxAdmin> I haven't try that yet
<ElbNerd> hey y'all! i want to change the path a symbolic link points to WITHOUT deleting it. i tried the following and somehow it failed http://paste.ubuntuusers.de/398435/ <- do you folks have an idea?
<LinuxAdmin> diago: are you still there?
<oru_work> could someone have a look at this http://pastebin.linode.com/3902
<oru_work> i do have apache2 installed
<Pici> oru_work: What are you trying to do?
<LowValueTarget> Is Munin relatively light weight?
<oru_work> Pici, sudo /usr/bin/perl install-module.pl mod_perl2
<Pici> oru_work: mod_perl2 is in the repos, why are you trying to install it from scratch?
<oru_work> Pici, i'm following the isntallation guide
<Pici> oru_work: What guide?
<oru_work> Pici, bugzilla
<oru_work> Pici, i tried apt-get install mod_perl2 , can't find package :)
<Pici> oru_work: its libapache2-mod-perl2
<Pici> oru_work: Installing these packages from source means that you will not get updates on them when they become available and will render your install somewhat unsupportable.
<oru_work> Pici, i didn't know that
<Pici> oru_work: If you really feel that you need to install bugzilla from source, I highly suggest that you install its dependencies from the packages available in the repositories.
<oru_work> Pici, well right now here is what i see, thanks to you i got the last bit piece of it and ready to go on with my isntallation http://pastebin.linode.com/3903
<oru_work> Pici, well they are already installed, what do you suggest at this point ?
<irk> is it just me or do none of the "Store" images work on UEC 10.04?
<pmatulis> Pici, oru_work: even better, install the bugzilla3 package  :)
<oru_work> pmatulis, :)
<oru_work> installing
<oru_work> 80 mb of space :)
<Ast001> hello I have problem with ssh I get this error PEM_read_PrivateKey failed and I am sure private key is at right place on server.
<Ast001> I am trying to connect to Ubuntu 8.04 from my Ubuntu 10.04 and I did everything online manual said
<RyanP> Does anyone have experience having nagiosgrapher graph things from statd? Specifically, I'm trying to get a graph of the data reported by check_load_statd.
<Ast001> for pdfedit sudo apt-get install pdfedit
<pmatulis> zul: wondering why bug 564920 was declined for lucid
<uvirtbot> Launchpad bug 564920 in php5 "PHP5 under Apache2 on 64 bit system is not completely 64 bit " [Low,New] https://launchpad.net/bugs/564920
<zul> pmatulis: because its not fixed in maverick
<pmatulis> zul: can you elaborate? no SRU possible?
<oru_work> Pici, is request tracker in ubuntu repos ?
<zul> pmatulis: because i havent had a chance to look at it properly. usually once its fixed in the development release i usually open an SRU
<pmatulis> zul: gotcha
<webPragmatist> hrmm
<webPragmatist> where can i find info on how to setup heartbeat resources
<webPragmatist> like for postgresql
<zul> pmatulis: if you want to try to fix it...be my guest :)
<Pici> oru_work: Yes: the package name in lucid is request-tracker3.8
<webPragmatist> i'm looking around can't find what i need
<webPragmatist> oh wait nm got it
<webPragmatist> Path PostgreSQL data directory. (optional, string, default /var/lib/pgsql/data) << that's annoying
<webPragmatist> why wouldn't it default to PG_DATA
<webPragmatist> global var
<pmatulis> zul: will do
<pmatulis> zul: ;)
<oru_work> Pici, just finished installation now sure whats next, what would be he url in the browser ?
<Pici> oru_work: I'm not sure, I've never installed bugzilla myself.
<look> i have a probelm with ubuntu enterprise server, im trying to set it up with Eucalyptus but my Node does not see the Cluster. Ive checked to see if they are on the same subnet and they have there own class B ip
<Deji> hggdh : ping
<hggdh> deji I am here
<ccheney> ac repairman here now, and working on the unit :-)
<oru_work> Pici, i'm really having trouble locating it :)
<hggdh> ccheney: COOL! Er, not yet, I mean great!
<ccheney> hggdh, yep soon :)
 * look sobs and runs for a corner
<Deji> hggdh : hey, i talked to kirkland and he said i have trouble with cc and the logs were not registering
<Deji> hggdh : were u able to access the systems?
<Pici> oru_work: I'd start by looking in /etc/apache2/conf.d/
<ccheney> 28C and rising in the house, so it will be good to have this done before the hot part of the day
<hggdh> Deji: yes, I was. Also, it seems to be working now
<kirkland> hggdh: i'm on the phone at the moment, and hoping you might be able to help deji with his test rig
<kirkland> hggdh: this was a package-based uec install
<kirkland> hggdh: the components are registered, but the nodes are not
<hggdh> kirkland: they are now
<kirkland> hggdh: the problem, as i see it, is that the CC is not quite running all the way
<kirkland> hggdh: hmm...
<oru_work> Pici, nope nothing there
<kirkland> AVAILABILITYZONE        |- m1.small     0000 / 0000   1    192     2
<hggdh> kirkland: that was my feeling also.
<hggdh> ohhh
<hggdh> bad
<kirkland> hggdh: can you help deji debug this?
<oru_work> Pici, i have /usr/share/request-tracker3.8
<hggdh> kirkland: will do. Deji see also https://pastebin.canonical.com/32887/
<Pici> oru_work: Oh, I thought you were talking about bugzilla.. one moment.
<oru_work> Pici, no RT3.8 now :)
<oru_work> Pici, bugzilla i found easy it was mydomain.com/bugzilla3/
<oru_work> Pici, now i'm having trouble locating login url for request-tracker8
<Deji> hggdh : its working now, thanks a lot. Its registered
<Pici> oru_work: domain.com/rt perhaps?
<oru_work> Pici, tried it nope
<hggdh> Deji: but still euca-describe-availability-zones verbose lists 0
<hggdh> Deji: of course, the NCs are not registered yet
<Pici> oru_work: before I look further, can you check /rt3 ?
<hggdh> Deji: ceylon states a system restart is required. Were package updates installed there?
<Deji> hggdh : i think so would do a reboot on that system now
<hggdh> Deji: OK. Are you driving the reboot, or you want me to do it?
<Deji> hggdh : i'll do it, thanks
<hggdh> Deji: roj
<oru_work> Pici, i checked rt3 , not found
 * ccheney will be in his attic for a bit with the repairman, will check for messages when i get back
<Pici> oru_work: Okay, looks like you may need to symlink one of the conf files from /etc/request-tracker3.8/ into /etc/apache2/conf.d/ then
<Pici> And then it will be located at /rt
<oru_work> Pici, symlink? i don't understand
<Pici> oru_work: like: sudo ln -s /etc/request-tracker3.8/apache2-modperl2.conf /etc/apache2/conf.d/
<oru_work> Pici, :)
<oru_work> Pici, should i run this command ?
<Pici> oru_work: yes.
<oru_work> Pici, okay I did
<oru_work> Pici, i tried url.com/rt still not found
<Pici> oru_work: Okay, restart apache first.
<Pici> oru_work: sudo service apache2 restart
<oru_work> * Restarting web server apache2
<oru_work> apache2: Syntax error on line 233 of /etc/apache2/apache2.conf: Could not open configuration file /etc/apache2/conf.d/bugzilla3.conf: No such file or directory
<oru_work>    ...fail!
<oru_work> errr
<oru_work> bugzilla3
<oru_work> ...
<oru_work> I uninstalled it
<look> with eucalyptus it says when i enter the "euca-describe-availability-zones verbose" it gives me this error 'EC2_ACCESS_KEY veriable must be set'
<look> could i get some help with that?
<uvirtbot> New bug: #588605 in groovy (main) "Groovy package in Maverick should be 1.7.2" [Undecided,New] https://launchpad.net/bugs/588605
<oru_work> how would i specify line number in nano ?
<look> i give up no one wants to help
<pmatulis> sommer: the server guide does not mention nfsv4, any reason why?
<sommer> pmatulis: no specific reason... the nfs section could be updated
<sommer> pmatulis: contributions welcome :)
<pmatulis> sommer: alright.  i thought there might be another reason
<RoyK> something seems to be rather bad in 10.04 - just had to reboot this server after the _kernel_ ate half its memory. I stopped all memory-hungry processes and ps axfv showed very low usage. Still, there was ~32GB used
<RoyK> and, no, this was not buffers/cache
<pmatulis> RoyK: what is the server doing?
<NativeAngels> hello has anyone here used a sunfire v100
<Deji> hggdh : ping
<hggdh> Deji: go ahead
<Deji> hggdh : hey please am trying to get the credentials for the clc using the steps on https://help.ubuntu.com/community/UEC/PackageInstall
<Deji> hggdh : i can't get on tamarillo using the web
<RoyK> pmatulis: scientific models
<jimcooncat> Is there a good writeup somewhere that describes advantages of ubuntu server over debian?
<RoyK> pmatulis: but it shouldn't really matter, it's something in the kernel, not userspace
<Deji> hggdh : since it is protected by a proxy batuan.canonical.com
<RoyK> jimcooncat: it's mostly the same
<ccheney> over 45C+ in the attic with the plenum venting into it, would be much worse if it was closed up i'm sure
<hggdh> Deji: you either have to use FoxyProxy, or set up a tunnel under ~/.ssh/config
<jimcooncat> RoyK: I gathered that, I'm installing some new ones and want to figure out whether to use the new LTS or lenny with selected backports
<oru_work> how would i specify line number in nano ?
<RoyK> jimcooncat: we're mostly using 8.04 so far
<pmatulis> has anyone here increased the number of available file descriptors before?
<hggdh> Deji: then you can access the UEC web admin via https://localhost:8443
<RoyK> jimcooncat: 10.04 is still fresh and fresh distros usually contain fresh bugs as well
<jimcooncat> RoyK: I get that -- I usually wait a couple months after release
<hggdh> Deji: for example on ~/.ssh/config, see https://pastebin.canonical.com/32874/
<hggdh> Deji: you will have to adjust as needed, of course
<jimcooncat> RoyK: I guess I'll have to look at the individual apps -- there were a few things on squeeze I would love to have, but I haven't the patience to play with anything non-stable
<RoyK> jimcooncat: 10.04 is stable, though I've had a terribly strange problem with this 16 core box. suddenly the kernel was eating 32 gigs of RAM and the box was swapping wildly
<RoyK> jimcooncat: I think it might be related to compcache, but don't know yet
<Deji> hggdh : so when i create a ~/.ssh/config file, what next?
<oru_work> Pici, do you mind having a look at this http://pastebin.org/301485
<RoyK> Deji: man ssh_config?
<jimcooncat> RoyK: yikes! I've got three 4GiB boxes to set up in a very small office
<Pici> oru_work: try enabling mod_rewrite: sudo a2enmod rewrite
<RoyK> jimcooncat: this one has 64 gigs of ram
<RoyK> and since compcache was set to 50%, I guess that's the bad one
<RoyK> the models are quite memory-hungry as well, but no more than about 3GB per job, so it should run well, and it did for 16 days or so, until a couple of days ago
<jimcooncat> RoyK: htop is my friend :-)
<RoyK> what does htop do better than others?
<jimcooncat> it's top with training wheels
<RoyK> heh - I've been using linux since 1994 or so, I don't think I need training wheels :)
<jimcooncat> I'm a bookkeeper and only admin on the side -- so sometimes I forget stuff I use only once in a while
<RoyK> I'm a unix sysadmin :)
<webPragmatist> and drbd experts around
<jimcooncat> RoyK: It looks like ubuntu server is making itself a player in "cloud" computing, which I don't (think) I have need for. So I guess I'll go with lenny, unless there's someone else that can help point out an advantage
<RoyK> jimcooncat: it doesn't do that unless you install it as a cloud node
<RoyK> you get that choice in the initial install menu (grub)Â¨
<jimcooncat> RoyK: I haven't a clue what it's usefulness is. I use a linode for stuff I need on the net.
<RoyK> it doesn't use any cloud stuff unless you specifically ask it to
<RoyK> calm down :)
<ScottK> jimcooncat: If you look at the security hardening specs for Ubuntu Lucid and how much of that is implemented in Debian already, I think it shows a clear win for Ubuntu.
<Deji> hggdh : ping
<jimcooncat> No, it's just that I've left a lot of comments on blogs, and forums asking what the cloud thing is all about, and I've not had much practical feedback. I'd see it's usefulness if it did async drbd or some other automatic failover thing
<ScottK> jimcooncat: It's completely possible to entirely ignore the cloud stuff if you don't care.  It's what I do.
<webPragmatist> how can i tell with drbd which cluster is set to primary currently
<kees> ScottK, jimcooncat: for details on the security features, see https://wiki.ubuntu.com/Security/Features
<ScottK> Thanks.
<ScottK> jimcooncat: Compare that with what is in Lenny.
<kees> the big things that Debian is missing is NX emulation, stack protector, PIE, fortify source, relro, bind now, and (i think) CONFIG_CC_STACKPROTECTOR
<kees> with some individual packages build with PIE, stack protector, fortify, relro, and bind now.
<kees> (under 20, last I checked)
<jimcooncat> thanks much, kees, ScottK. NX emulation != freenx stuff, correct?
<ScottK> It's explained on the wiki page.
<jimcooncat> oh, found it.
<kees> jimcooncat: that acronym is heavily overloaded, unfortunately.  I mean "non-executable memory", which goes by both XD and NX.
<oru_work> Pici, e2enmod rewrite helped, apache now restarts without error
<oru_work> Pici, going back to the URL for rt3.8, not sure what it is i tried mysite.com/rt and its not it
<webPragmatist> Hey guys
<ccheney> i think the ac repairman just dumped 15lb of freon into our house
<webPragmatist> ccheney: dude i lived in an apartment and they would just go around refilling them instead of fixing it
<RoyK> ccheney: nice for the indoor climate
<ccheney> there is so much in the house its cloudy
<webPragmatist> does this look right
<webPragmatist> http://pastie.textmate.org/private/7edo79qjnce191w8wsnea
 * ccheney wonders if it is safe for me to be in here, i sent my wife out immediately
<webPragmatist> i'm having problems with getting the secondary going it seems
<webPragmatist> when i start the secondary  and it is selected to be the current dc
<webPragmatist> i get this
<webPragmatist> http://pastie.textmate.org/private/f1nhragk7mch2smgnn18lq
<webPragmatist> this kinda sucks
<webPragmatist> i don't know what to do
<RoyK> ccheney: it's probably not CFC unless the fridge or whatever it is, is really old
<jimcooncat> webPragmatist: your pastebin isn't working for me
<webPragmatist> jimcooncat: hrm
<webPragmatist> one sec
<webPragmatist> let me try something and i'll repaste after that
<ccheney> royk: r22 whatever that is
<ccheney> royk: the ac unit is about 6 years old, before the changeover to 401
<webPragmatist> jimcooncat: heartbeat is supposed to mount it for you using Filesystem right?
<RoyK> http://en.wikipedia.org/wiki/Freon#Phase_out_of_CFCs
<jimcooncat> webPragmatist: I'm just lurking, I've only researched drbd, not implemented it yet
<ccheney> hmm i think i meant 410 is used now apparently :)
<RoyK> CFCs are BAD
<ccheney> good thing i sent my wife out then, heh
<webPragmatist> hrm
<webPragmatist> drbd is working find it's just Heartbeat that is hosed
<RoyK> ccheney: lol - they're only bad in the stratosphere...
<ccheney> "Overexposure may cause dizziness, loss of concentration, Central Nervous System depression and/or cardiac arrhythmia." not sure if 15lb in a house is enough for that though
<ccheney> or just if you try huffing the stuff
<RoyK> perhaps airing out would be a good idea....
<ccheney> yea i think i will once he is done, my wife is 9mo pregnant so i didn't want to risk any trouble for her
<hggdh> always good. Keep in mind that high concentrations will replace oxygen, so (apart from all else) oxygen starvation is a risk
<webPragmatist> lol this thing keeps trying to promote and demote the drbd
<RoyK> webPragmatist: using heartbeat/pacemaker?
<webPragmatist> yes
<webPragmatist> it's like neither are Master
<webPragmatist> so it's just like wtf promote promote promote
<webPragmatist> it will say master for like a second but i think the promote fail
<webPragmatist> fails*
<webPragmatist> RoyK: have you done htis?
<RoyK> no, but I'm working on a test setup
<RoyK> probably be finished in a few days if I get the time
<webPragmatist> http://pastie.textmate.org/private/ynmooiesn2noryowbzl7ow
<pmatulis> webPragmatist: what do you intend to use this stuff for actually?
<webPragmatist> an ecommerce site
<pmatulis> webPragmatist: is it something required now?  i'm asking b/c there is a new HA stack in the works
<webPragmatist> are we talking days?
<webPragmatist> i mean heartbeat has been around foreverâ¦.
<RoyK> I somehow doubt we're talking days
<webPragmatist> yea
<RoyK> more like 10.10
<pmatulis> webPragmatist: yeah, and as you've seen.  it doesn't work very well
<webPragmatist> 2012
<pmatulis> https://blueprints.launchpad.net/ubuntu/+spec/server-lucid-cluster-stack
<webPragmatist> i'm just not doing something right
<webPragmatist> but yea we have already purchased the server
<webPragmatist> so i need to make it do stuff
<pmatulis> heh, is that directly from your boss' mouth?
<webPragmatist> no i am the boss
<webPragmatist> my boss wouldn't understand
<pmatulis> ok
<webPragmatist> but i don't care to get involved in a server crashingâ¦
<webPragmatist> because it's my but
<webPragmatist> butt*
<webPragmatist> okay question
<webPragmatist> http://pastie.textmate.org/private/rjbtogxzgqbjtdvwc2bq
<pmatulis> i remember trying to do the heartbeat/drdb thing.  stuff not starting, unpredicatble behaviour, etc
<Kyle__> Not an ubuntu-server question as much as an ubuntu-client question, but I figured you folks may have experience with it.  I'm trying to get ubuntu-clients to connect to an ldap server, and they dont' seem to be reading their /etc/ldap.conf
<webPragmatist> location loc-1 fs_drbd -inf: cluster2
<webPragmatist> location loc-2 drbd_disk -inf: cluster2
<webPragmatist> which host is supposed to be that?
<webPragmatist> the "opposite" that runs corosync?
<Kyle__> If I run ldapsearch from one of the clients, I need to specify the server and base that are arleady specified in /etc/ldap.conf.  I'm guessing if I fix that, the rest of this should fall into place
<webPragmatist> hrm
<webPragmatist> i think all those meta tags shold be 1
<Kyle__> Anyone here with ubuntu+ldap experience who could lend a hand?
<pmatulis> grrr, should postfix really be a dependency of mdadm?
<Kyle__> pmatulis: Probably not, but that's package based distros for you :)
<Kyle__> pmatulis: if you already have sendmail or exim will it use those instead?  exim is tiny.
<RoyK> pmatulis: probably "mta" is a dependency
<RoyK> pmatulis: and postfix the first choice
<webPragmatist> http://www.drbd.org/users-guide/s-pacemaker-floating-peers.html
<webPragmatist> pmatulis: 	^^
<webPragmatist> hrm
<webPragmatist> i'm trying to do that but the HA testing doesn't do that
<Freud_> hi all
<Freud_> noob queston, how do I remotely log into ubuntu from cold start?
<jimcooncat> Freud_: I'm not sure that's possible, due to nothing listening by default. You'd have to set up something like openssh-server.
<Kyle__> Does anyone here know how to get ldap-users to appear in the login screen on 10.4?
<webPragmatist> pmatulis: it seems they get out of sync or something
<webPragmatist> damn spoke too soon or something
<incorrect> what is the difference between using kvm and eucalyptus?
<webPragmatist> one is an herbal remedy
<webPragmatist> anyone atleast just use drbd?
<incorrect> yep
<incorrect> i use it all the time
<RoyK> webPragmatist: give me a few days, and I'll know
<ccheney> yipee, ac is now working, and starting to cool the place down a bit
<ccheney> feels extra cool to me as i was up in a 50C attic for part of the time
<webPragmatist> incorrect: what if my nodes are stuf on WFConnection?
<webPragmatist> stuck*
<ccheney> might have even been higher than that, i just noticed my thermometer doesn't measure over that
<incorrect> webPragmatist, not had that problem,  last time i trashed it i did a full rebuild
<webPragmatist> incorrect: wellâ¦ that's not very confident
<webPragmatist> if your drbd goes downâ¦ do you just find another job lol
<incorrect> i take it you haven't read the manual
<incorrect> and what full rebuild means
<webPragmatist> guess not
<webPragmatist> but i think i just did whatever a full rebuild is lol
<webPragmatist> basically i invalidated the secondaryâ¦ and reconnected
<webPragmatist> it's sinking now
<webPragmatist> synching rather
<incorrect> you should rtfm
<webPragmatist> you should diaf
<Kyle__> has anyone here successfully setup ldap authentication with Ubuntu 10.04?
<incorrect> Kyle__, sure i have it running over many nodes
<Kyle__> incorrect: Did you need to do anything special to get the users to appear in the login list?
<Kyle__> incorrect: I can login via console, but not via gui.
<incorrect> oh that is a PitA
<incorrect> you can either install nscd
<incorrect> or you can edit /etc/networks/interfaces and make sure the interface comes up fast
<incorrect> also you will need to restart gdm first
<Kyle__> I think that got installed as part of my futzing aroudn to get ldap authentication working.
<Kyle__> nscd that is.
<Deji> kirkland : ping
<incorrect> wish i could figure out what is causing win7 under kvm to crash on shutdown
<kirkland> Deji: hey
<kirkland> Deji: okay, made some progress on your cloud
<kirkland> Deji: got the cc registered and working
<kirkland> Deji: and your NC registered and working
<kirkland> Deji: however, your NC has VT disabled in BIOS
<kirkland> Deji: so you need to go into BIOS on that system and enable virtualization
<kirkland> Deji: on your NC, try running "kvm-ok"
<Deji> kirkland : kvm is diabled on the nc
<kirkland> Deji: yeah; you need to attach to the console, reboot, go into bios, enable it, and hard poweroff/poweron again
<kirkland> Deji: then your cloud should be operation
<incorrect> what does UEC use ?
<kirkland> Deji: we'll need to document this
<incorrect> if anyone is interested, if you want windows 32bit to run nicely give it a arch='x86_64' not i686
<incorrect> damn that was frustrating
<metalf88011> I can't remember  a very important mysql command that is used to change the default settings to make it more secure I think _secure is even part of the command does anyone know what I'm talking about or have I just lost it?
<qman__> if making it "secure" was one simple command, it would make no sense to not have that be the default
<webPragmatist> hrm
<metalf88011> true
<webPragmatist> anyone know why heartbeat would lose quorum but not try to start the resources
<metalf88011> um it removes the default settings like remote access
<metalf88011> also its one command but there are a few steps to it
<qman__> remote access is not enabled by default
<qman__> mysql listens on a local unix socket out of the box
<qman__> you have to configure it otherwise to enable remote access
<metalf88011> does mysql come with like an example database?
<metalf88011> I know I'm not wording that right
<qman__> it has a built-in database which handles users and permissions
<qman__> but there is not an included 'starter' database or anything like that
<metalf88011> thanks for trying to help me  qman__
<metalf88011> I'm going to have see if there's anyway I can  get into my old notes that were on the schools server most likely not :(
<dominicdinada> what is this refering to it cant remove LAMP ????? tasksel: aptitude failed (100)
<kirkland> hallyn: https://wiki.ubuntu.com/Mirrors/Scripts
<X-Sleepy-X> i would be careful with tasksel remove
<X-Sleepy-X> i used it earlier today and it has a bug
<dominicdinada> what is this refering to it cant remove LAMP ????? tasksel: aptitude failed (100)
<X-Sleepy-X> deleted many packages which it shouldnt delete
<kirkland> hallyn: my mirror is a lenovo q100 "nettop" box, with an internal 500GB hard drive
<dominicdinada>  hmmm
<kirkland> hallyn: tiny little dual 1.6GHz atom processor thing, with 2GB of memory, and 500GB disk, but does actually have gigabit ethernet
<dominicdinada> the hell... I am trying to get rid of Apache,php, etc from the aptitude and use the package from ApacheFriends
<X-Sleepy-X> dominicdinada: are u running lucid?
<dominicdinada> Yes.
<X-Sleepy-X> hang on then
<dominicdinada> ok
<hallyn> kirkland: and how much of that 500G is taken up by the mirror?
 * kirkland checks ....
<kirkland> hallyn: i also mirror about a dozen or so of the daily ISOs too
<hallyn> hm, did they have that thing at frys?
<hallyn> yeah i'd want those too i recon
<kirkland> hallyn: /dev/sda6             449G  367G   59G  87% /mirror
<hallyn> heh, cuttin' it close :)
<kirkland> hallyn: they do have them at fry's;  on sale, they're $179
<dominicdinada> www.pricewatch.com you cant beat their pricewatch. Its like the stockmarket for computers
<kirkland> hallyn: yeah, that includes the full mirror, plus the ISOs i copy
<kirkland> hallyn: 7.0G    /mirror/iso/
<hallyn> i was figuring i'd just do a usb drive though
<kirkland> hallyn: let me warn you about a couple of things wrt to the lenovo nettop ...
<X-Sleepy-X> dominicdinada: Ok, I installed LAMP earlier today with tasksel, these packages were installed, you could remove them with apt-get remove
<X-Sleepy-X> http://paste.ubuntu.com/443581/
<kirkland> hallyn: a) the graphics is crap, no accelerated graphics upstream yet SiS crap
<hallyn> (s'ok my monitors are in another state)
<dominicdinada> ok i am looking
<kirkland> hallyn: b) it comes with 1GB of DDR2 desktop memory, which I upped to a 2GB stick, since I had a spare
<kirkland> hallyn: c) it comes with 160GB hard disk, which I also upped to 500GB, since I had one of those too
<hallyn> you dont' use it as a pc at all though, right?
<kirkland> hallyn: you might do better to just spend $75 and get an external drive and attach to another system
<hallyn> yeah, that's what i'm thinking
<kirkland> hallyn: if you go the external drive route, I recommend getting a laptop size one, so that you can travel with it if you want
<kirkland> hallyn: having a full mirror on a plane is fun :-)
<hallyn> :)
<hallyn> my laptop won't last long on a plane though
<kirkland> hallyn: your sony?
<hallyn> 8 cpus, but only a few hours of batt life
<hallyn> yeah
<hallyn> not that i've tested it
<hallyn> haven't even had time to set up the nvidia to work with compositing (so i'm using dwm, bc metacity locks up)
<X-Sleepy-X> Gotta config php.ini...
<X-Sleepy-X> Boring...
<dominicdinada> before I do this Why would 100% working sites fail it is like URI parser is not working for instance with a codeigniter application i am getting all of these 404s
<hallyn> kirkland: so you just do a release mirror?
<dominicdinada> no matter what link I click on it does not work!
<kirkland> hallyn: no, not quite ...
<theacolyte> My undestanding is that sun-jdk is provided by deb http://us.archive.ubuntu.com/ubuntu/ lucid multiverse - is that not the case?
<kirkland> hallyn: i think ubumirror should do most of what you need
<kirkland> hallyn: i do an archive mirror
<kirkland> hallyn: plus a handful of rsync's on the key ISOs i want from cdimage.ubuntu.com
<theacolyte> ah, looks like add-apt-repository "deb http://archive.canonical.com/ lucid partner"
<hggdh> kirkland: can I have the QA document for Dell? I would like to see what will be tested there
<webPragmatist> how do i stop a crm resource or even delete oneâ¦ crm_resouce is frickin confusing
<dominicdinada> before I do this Why would 100% working sites fail it is like URI parser is not working for instance with a codeigniter application i am getting all of these 404s
<dominicdinada> no matter what link I click on it does not work!
<webPragmatist> oh nm i had to delete the entire group
<pwnguin> where does logrotate ... log to?
<pwnguin> i set up a logrotate job to run mysqldump
<pwnguin> but i haven't seen any action yet
<webPragmatist> how do i delete an ms type resource with crm_resource
<webPragmatist> i tried crm_resource -D -r ms_drbd -t ms
<Wyleyrabbit> Hi everyone
<Wyleyrabbit> on a running ubuntu 10.04 LTS server, is there an easy way of adding/configuring a software RAID5 array using some sort of menu-driven software, like in the initial installation of ubuntu?
<webPragmatist> nm
<Wyleyrabbit> anyone here?
<sjm> wyleyrabbit: nope
#ubuntu-server 2010-06-03
<Wyleyrabbit> that's what I thought
<baobao> Anyone know of any software that handles project management by job or case; for a lawyer or consultant for instance. I used a windows program called ACT! once it was horrible but I liked the idea.
<baobao> open source of course
<pwnguin> ive only used a few terrible tools
<pwnguin> what's the difference
<pwnguin> between a project and a case?
<baobao> none that I know of I was just throwing out some synonyms
<baobao> hoping it would ring a bell
<pwnguin> personally i just use evolution tasks
<pwnguin> but i guess you want something with gantt charts?
<baobao> they would be nice but not immediatly necessary
<webPragmatist> uhhhhhh
<webPragmatist> wow
<pwnguin> redmine?
<pwnguin> !info redmine
<ubottu> redmine (source: redmine): flexible project management web application. In component universe, is extra. Version 0.9.3-1 (lucid), package size 1377 kB, installed size 10844 kB
<pwnguin> !info opensched
<ubottu> opensched (source: opensched): Tool for project management. In component universe, is optional. Version 0.4.4-6 (lucid), package size 344 kB, installed size 724 kB
<baobao> cool thanks
<pwnguin> baobao: is that the sort of thing you're after?
<baobao> maybe
<baobao> I want to be able to attach emails scans and other documents to a case and then track time spent on each case, and have a task manager /calender, and billing info
<baobao> Looking them up on the web now
<pwnguin> so you want project management and content management
<baobao> I guess... Im not really sure what to call it
<baobao> thats why I was having trouble searching for it
<pwnguin> http://demo.redmine.org/
<baobao> redmine looks good at first glance :)
<pwnguin> redmine looks like it might fit if you translate software engineering to law
<pwnguin> s/ticket/case/
<baobao> Yeah I think the workflow is about the same just a different language
<pwnguin> heh
<pwnguin> i have an amusing idea
<pwnguin> en-law
<baobao> english law?
<baobao> inlaws?
<pwnguin> as in l10n
<pwnguin> it has different languages support
<pwnguin> so invent en-law
<baobao> :)
<pwnguin> except instead of translating to chinese or esperanto, you just translate to english law
<pwnguin> so "ticket" becomes "case", etc
<baobao> that could work
<webPragmatist> if i have a drbd , on is uptodate , other is outofdate
<webPragmatist> how do i just make them sync
<webPragmatist> i have connected both but they have WFConnection status
<redsherpa> Okay, I think I've isolated the problem I'm having with curl to a set of C preprocessor items that indicates which time facility is in use.  Given that, if I cna find someone to help me find the usage on Ubuntu, I can determine which state it has, and perhaps at least write a bug for this.
<redsherpa> I'll leave this on for a bit so perhaps I can fish one of you up...and will try to reply promptly.
<redsherpa> This is the source file in question:  curl-7.20.1/src$ ls curlutil.c
<redsherpa> curlutil.c
<redsherpa> I pulled it off the HAXX site.
<osmosis> what is this new Reserved BIOS boot area all about?
<sjm> anyone know how to get/install gcc 3.4 on lucid?
<Anizio> n
<SpamapS> o
<teste2010> kd o analista de fezes???????????
<teste2010> kkkkkkkkkkkkkkk
<Diogo> pidgin pidgin alguÃ©m ligou pra mim
<psgvaz> Alguem pode me ajudar?
<hggdh> psgvaz: English, please
<osmosis> If I want raid and LVM, do I do a software raid and then put LVM partitions on it, or is there "raid lvm" partitions that are specific to LVM?
<pmatulis> osmosis: what level of raid?
<kirkland> hggdh: i think it's what i sent you last week, that you commented on
<hggdh> kirkland: ah, OK. I was not sure this was the final form
<osmosis> pmatulis, raid 1 software
<osmosis> looks like its always just  LVM on top of software raid.
<osmosis> why does the server installer prompt me for a postfix mail configuration, when I never selected mail server?
<osmosis> what is this new BIOS reserved partition? and does it work automatically with a raid1 ?
<alt2> Hello
<pmatulis> osmosis: yes, for raid 1 choose raid and then put lvm on top.  note that lvm itself has raid 1 integrated but it needs to be configured prior to install if applying it towards the system partitions
<redsherpa> Okay, I think I've isolated the problem I'm having with curl to a set of C preprocessor items that indicates which time facility is in use.  Given that, if I cna find someone to help me find the usage on Ubuntu, I can determine which state it has, and perhaps at least write a bug for this.
<redsherpa> I'll leave this on for a bit so perhaps I can fish one of you up...and will try to reply promptly.
<redsherpa> curlutil.c
<redsherpa> This is the source file in question:  curl-7.20.1/src$ ls curlutil.c
<redsherpa> I'll leave this on for a bit so perhaps I can fish one of you up...and will try to reply promptly.
<kirkland> ccheney: any progress on those eucalyptus SRUs today?
<TheWesley> Is it possible to use a USB jump drive to boot the installer for Ubuntu Server Lucid, or do I have to use the CD?  I have tried making the USB drive bootable on both Windows and on my Ubuntu netbook, but neither worked.
<twb> Not if you're that impatient.
<ajmitch> twb: come now, why do you expect people to have patience these days?
<twb> Only if they want answers
<qman__> just over three minutes
<qman__> sadly, I've seen far worse
<ajmitch> average attention span is about 30 seconds on IRC
<twb> Look, a bunny rabbit
<ccheney> kirkland, hi responding to your email
<kirkland> ccheney: thanks
<ccheney> kirkland, i added myself to the conference page for my two
<TheWeslry> I installed Ubuntu Server 10.04 without any errors.  It told me the installation completed fine, and to restart.  I took my USB jump drive out that had the boot image on it, and restarted.  The computer restarted, booted to the hard drive, but then went to a black screen with a CLI that said "Gave up waiting for root device," "ALERT! /dev/mapper/server-root does not exist. Dropping to a shell!" Any ideas on what went wrong?
<twb> The immediate issue is that it can't find your LV
<TheWeslry> what is that?
<twb> Where your OS lives
<TheWeslry> well that can't be good..
<TheWeslry> what should i do?
<twb> IMO the most likely case is that your USB hard drive was considered the "first" drive at install time.
<twb> Thus your normal hard disk was the "second" disk, but now it's the "first" one, but grub is still looking for a second disk
<TheWeslry> oh so should i move the BIOS first boot device to the hard drive instead of usb
<twb> TheWeslry: it depends precisely how it failed.
<twb> TheWeslry: please get to the busybox shell, and pastebin the contents of /proc/cmdline and the last column of /proc/partitions.
<TheWeslry> ok i'm at the shell, and i don't have much experience in CLI, i'm more of a GUI person.. but I'll try my best
<TheWeslry> it said Permission denied
<twb> You need to type "cat /proc/cmdline", without the double-quotes
<TheWeslry> BOOT_IMAGE=/vmlinuz-2.6.32-21-generic-pae root=/dev/mapper/server-root ro quiet
<TheWeslry> thats all it said
<twb> OK, and now /proc/partitions
<TheWeslry> that came up with a list of partitions.. and i don't know how to pastebin..
<twb> Just list them on one line
<TheWeslry> 8 0 78150744 sda | 8 1 48832 sda1 | 8 2 1 sda2 | 8 5 77899776 sda5 | 251 0 76402688 dm-0 | 251 1 495040 dm-1 |
<twb> OK, now tell me what "lvm2 lvs" and "lvm2 pvs" say
<TheWeslry> o dpm
<TheWeslry> i don't see them
<twb> They're commands, not files
<twb> Don't put "cat" in front
<TheWeslry> oh. sorry. i'm new to this stuff.
<TheWeslry> ok lvm2 lvs was not found, but i mistyped the first time as just lvm lvs, and it came up with root server -wi-q- 7.86g
<twb> Hm.
<TheWeslry> sqap_1 server -wi-1- 1.43g
<TheWeslry> swap, not sqap
<twb> Well, that says it's working
<TheWeslry> the pvs says /dev/sda5 server lvm2 a- 74.29g
<twb> So I don't know what's going on
<TheWeslry> ...reinstall maybe?
<twb> I doubt that'll help
<twb> Run "vol_id /dev/mapper/server-root"
<TheWeslry> vol_id: not found
<twb> Damn, what is it...
<twb> Try blkid
<TheWeslry> it could be that I built this rig in 2002..
<TheWeslry> all it shows is >
<twb> TheWeslry: most of our gear is Pentium IIIs...
<TheWeslry> wow.. you win lol
<twb> TheWeslry: I meant "blkid /dev/mapper/server-root"
<TheWeslry> i know, but no matter what i type, it goes to a new line that just says > instead of (initramfs)
<twb> Hit Ctrl+d
<twb> You're inside the blkid prompt because you ran it without an argument.
<TheWeslry> now it says bklid not found
<twb> You misspelt it.
<twb> Get back to the busybox prompt with Ctrl+d or Ctrl+c, then type "blkid /dev/mapper/server-root"
<twb> (It looks like vol_id is an 8.04ism)
<TheWeslry> it just changed to a different screen that says server login:
<TheWeslry> i didn't press anything though..
<twb> Oh, right.  That means you've exited busybox and somehow finished booting
<twb> But I bet if you reboot you'll still be dropped into busybox
<TheWeslry> well i logged in..
<twb> If you reboot and it Just Works, it means we've been wasting time because the issue was transient.
<TheWeslry> ok i'll reboot
<TheWeslry> i used one of the only commands i know.. "sudo shutdown -r now" i figured thats safer than holding the power button.
<TheWeslry> yep i'm back in busybox
<twb> It is definitely better for the system
<TheWeslry> i did your blkid /dev/mapper/server-root and it just said a new blank line
<TheWeslry> well not blank, it says (initramfs)
<twb> Hm
<twb> You should get something more like this
<twb>  /dev/sda2: LABEL="dali" UUID="9e52b2e5-1ca6-4413-9b7b-7f8bafeb75c9" UUID_SUB="2216f102-d37e-4d51-a2db-d68d8669a0aa" TYPE="btrfs"
<TheWeslry> hmm. it worked the second time..
<TheWeslry> it says /dev/mapper/server-root" UUID="93a0c9d4-3d60-4f27-9e69-fed6c7375ccf" TYPE="ext4"
<TheWeslry> i'm guessing the "ext4" means it was external.. maybe my USB drive?
<twb> No, it's the filesystem type.
<twb> It probably means "extended"
<TheWeslry> oh okay. i used FAT when i installed i think
<twb> The root system can't be FAT, it lacks necessary features.
<TheWeslry> oaky maybe not
<twb> You might've used FAT for the install media
<TheWeslry> yea my usb drive is fay
<TheWeslry> fat*
<twb> Well, I am pretty much out of ideas.
<TheWeslry> well thanks for trying though
<twb> The only thing I can suggest is to pass rootdelay=<small number> to make it fail faster, or rootdelay=<big number> in the hope that it's just taking a little too long
<twb> Where numbers are in seconds
<twb> Say 5 and 600 (10 minutes) respectively.
<TheWeslry> okay how would i enter that? just rootdelay=5?
<twb> At the grub prompt, you edit the kernel parameter line (the one with "quiet" on it) to add that option
<twb> grub should prompt you in a fairly self-explanatory way
<TheWeslry> i don't think mine even has a grum prompt.. it's the only os on the computer
<twb> It will still prompt you
<TheWeslry> okay so i'll reboot and try that
<austinium> are there any special settings for download packages using apt-get on LucidLynx Server? I have a server running in VirtualBOX on which i have internet connectivity( i can ping google) but iam unable to to connect to Ubuntu's package repo. I have my internet connection via an ISA Proxy server... i have that taken care of
<TheWeslry> the only thing that shows up when i reboot is a blinking cursor. i think my momitor loads too slow to even see the post screen
<twb> austinium: does normal browsing work within your server VM?
<austinium> twb:i dont GUI on it
<twb> TheWeslry: ok, just hit ESC
<twb> austinium: only crap browsers require a GUI
<twb> austinium: you should have w3m installed already
<twb> Or you could try wget
<austinium> twb: hehe...iam new to this, trying w3m now
<TheWeslry> when i press escape. it says ^[
<austinium> twb: i can ping google.com
<twb> TheWeslry: that means you're already too far
<TheWeslry> ok i'll retry
<twb> TheWeslry: grub happens before the kernel loads
<twb> austinium: well, perhaps, but does HTTP work?
<TheWeslry> i've tried like four times, and right after the post screen i press escape, nothing happens. it goes straight to busybox
<twb> Er, by "POST screen" you mean the BIOS?
<TheWeslry> yea sorry
<twb> OK, I can't explain that.
<TheWeslry> well.. no
<TheWeslry> to go into the bios, i press DEL
<TheWeslry> the post screen is the first thing that shows up on my copmuter. it shows the different ide drives and what buttons to press to go into bios and to select the boot device
<austinium> twb: whats the syntax for -pauth?
<twb> austinium: I don't know what you're talking about.
<austinium> twb: on w3m
<austinium> twb: i have internet access via Proxy server
<twb> Well, the manpage says -pauth user:pass
<austinium> twb: yes i did try that w3m -pauth username:password
<austinium> twb: with the actual username & password
<austinium> twb:it doesn't seem to workj
<twb> Note tihat, IIRC, apt-get doesn't support the non-shit proxy authentication method (DIGEST?)
<twb> austinium: you could try curl or wget, to examine the interaction at the protocol level.
<TheWeslry> i'm just going to try to re-install. maybe i'll have better luck this time.
<AecioAmanci> Pessoal tira uma duvida por favor... to querendo instalar o driver vga do meu pc e nao consigo achar.?
<austinium> twb: wget works
<AecioAmanci> ?
<twb> austinium: what auth method does your proxy use?
<austinium> ISA
<austinium> well i know that its an ISA proxy
<twb> Erm.
<twb> http://en.wikipedia.org/wiki/ISA_Server ?
<twb> Woof, that looks unpleasantly hairy.
<austinium> twb: i'll try to figure that out, i didnt setup the proxy server
<twb> You could just ask your sysadmin
<twb> Also, when you set your proxy in /etc/apt/apt.conf, you can try changing http://example.net to http://user:pass@example.net
<twb> If that works, I guess you don't need to care about how the proxy works
<austinium> twb: i dont have a file names /etc/apt/apt.conf
<austinium> named#
<twb> So how are you telling apt-get to use your proxy?
<austinium> i export http_proxy
<twb> OK, so change it there instead
<austinium> twb i have this setup on Lenny, i have ntlmaps proxy server running on local host port 5865
<austinium> so i set http_proxy to point there
<austinium> apt-get works fine then ( on Lenny)
<twb> If <whatever> works for Lenny, it should also work for Lucid.
<austinium> yeah and that whats got me all confused here
<twb> Do you get an error from apt?
<austinium> yes
<twb> Pastebin them
<austinium> failed to fetch ...
<austinium> yeah just a sec
<twb> Pastebin the entire transcript of "apt-get update" if you can do so easily.
<austinium> twb: pastebin.com/ai5prrQN
<twb> Could not connect to security.ubuntu.com:80 (91.189.88.37). - connect (113: No route to host)
<twb> ...it's not usinga proxy
<twb> Probably sudo is stripping your http_proxy environment variable.
<twb> Try sudo env http_proxy=http://user:pass@example.net/ apt-get update
<austinium> twb: thank you
<austinium> twb: this is what is different b/w Lucid & Lenny
<austinium> twb: on lenny i do this as su
<twb> Lenny probably has an apt.conf
<twb> Oh.
<austinium> twb: here i run apt-get using sudo
<TheWeslry> well thanks for the help twb, i'm letting the installer run and i'll check on it later.  if i have any problems after this install, i'll come back here. bye
<ttx> Good morning
<kaushal> hi
<kaushal> I am running out of LAN IPs on dhcp, is there a way to add any new pool of IPs how is it done ?
<kaushal> I mean on dhcp server
<twb> apt-get install dhcp6 ? :-)
<MasterZuFu> Hi everyone. I just bought two books: "Linux Server Security: 2nd Edition" and "Hardening Linux". I don't know the first thing about linux security, for that matter about linux, but I am hosting a website on a dedicated server with linux as my server OS (Ubuntu 10.04). I wanted your opinions on which book to read first please?
<twb> MasterZuFu: are they both published by ORA?
<MasterZuFu> one moment...
<twb> In general, you should favour ORA over Apress over <everyone else>
<MasterZuFu> O'Reilly and Apress
<twb> I also don't like Apress because they're from the "ragged right" new school of typesetters.
<MasterZuFu> no idea what that means
<twb> MasterZuFu: they think books are web pages
<CaptainTrek> quick question that preceeds my actual question: could someone here help me narrow down an issue with my ssh (non-server side, but client side)?
<twb> !anyone
<ubottu> A large amount of the first questions asked in this channel start with "Does anyone/anybody..."  Why not ask your next question (the real one) and find out?
<CaptainTrek> twb: prepare for a long one then (its a paragraph that is NOT spam)
<CaptainTrek> got an interesting issue.  Connecting to my VPS, and its not accepting my public key.  server / client side logs are here: http://starfleet.pastebin.com/CD2ziaeX    the VPS admin who helped set it up says it might be some issue with seahorse-daemon or gnome-keyring.  any help is appreciated.  Using: Ubuntu 10.04
<CaptainTrek> actually, the server accepts the pubkey
<twb> You can't diagnose "connection refused" issues from the client side.
<CaptainTrek> the client reads some weird issue
<MasterZuFu> so, should i read the Apress book first or the O'Reilly book first? twb
<CaptainTrek> read the pastebin
<twb> OpenSSH deliberately refuses to explain why
<CaptainTrek> it wasnt conn refused
<twb> MasterZuFu: ORA = O'Reilly
<MasterZuFu> oh
<MasterZuFu> lulz
<CaptainTrek> twb: it wasnt conn refused
<CaptainTrek> twb: involves public key issues
<MasterZuFu> Thanks, i'll read that one first then ;) :P
<twb> CaptainTrek: I meant any kind of refusal, including it not accepting your public key
<CaptainTrek> ...
<twb> CaptainTrek: the best way to find out why it didn't work is to have the other guy check his auth.log
<CaptainTrek> twb: the data IS from auth.log
<CaptainTrek> read the pastebin, its got BOTH server AND client
<twb> Oh, sorry, I missed that
<CaptainTrek> twb: there's a blatant pastebin in there >.>
<twb> Try again with -vvv -oBatchMode=yes and pastebin the result
<twb> Actually, I don't know what the hell "Agent admitted failure to sign using the key." is.
<CaptainTrek> that's the consensus
<twb> If you still get that, try "gpg-agent ssh -vvv -oBatchMode=yes <your normal options>"
<CaptainTrek> of you, me, and the hoster (bburhans if you've seen him around on freenode)
<twb> Hopefully that will stick a did new agent in front of your seahorse
<CaptainTrek> yeah i still get it
<twb> Oops, not gpg-agent
<twb> ssh-agent
<CaptainTrek> it wont lemme connect with pw or anything else with just the -vvv -oBatchMode=yes added
<twb> The purpose of -oBatchMode=yes is to disable password auth, so that you can concentrate on why keys aren't working.
<CaptainTrek> ah okay
<CaptainTrek> twb: will i be quieted if I paste 3 lines into here?
<CaptainTrek> the data from the first time
<CaptainTrek> without ssh-agent
<twb> apt-get install pastebinit
 * CaptainTrek just goes to his pastebin
<twb> script -c 'whatever', then pastebinit typescript
<CaptainTrek> twb: http://starfleet.pastebin.com/a9ThwDkk
<CaptainTrek> lemme run with ssh-agent now
<CaptainTrek> now it lets me in with pubkey
<CaptainTrek> twb: ^^^
<twb> That's very odd
<twb> Are you foolishly uses a passphraseless key?
<CaptainTrek> twb: perhaps...
<CaptainTrek> FYI: the hoster told me not to
<CaptainTrek> xD
<CaptainTrek> should I use a passphrased key?
<twb> Well, you're making THEIR system less secure, so it's reasonable for them to tell you not to.
<twb> You can add a passphrase to an existing key
<CaptainTrek> lol
<CaptainTrek> help with that plz
<CaptainTrek> i'm not super with key things
<CaptainTrek> :)
<twb> Try ssh-keygen -p
<twb> As for the original problem, it's caused by your ssh-agent being retarded.  Try uninstalling seahorse, or configuring it correctly (whatever that may mean).
<twb> When I say "your ssh-agent", I mean seahorse, not the ssh-agent *called* ssh-agent.
<CaptainTrek> of course
<CaptainTrek> sudo apt-get purge seahorse?
<twb> It probably means adding ~/.ssh/id_rsa to seahorse's keyring or something
<twb> CaptainTrek: yes
<twb> Note that you'll probably need to run "ssh-add" manually to avoid re-typing your passphrase all the time.
<CaptainTrek> heh
<CaptainTrek> reinstalling now
<twb> Also, you might want something like gtk-led-askpass to pop up a dialog for passphrase entry
<twb> (Just installing it will suffice to make it work.)
<CaptainTrek> twb: cant remove without killing ubuntu-desktop
<twb> ubuntu-desktop is just a metapackage
<twb> But if you want to be a bastard, a trick that often works is "sudo dpkg-divert --rename /usr/bin/seahorse"
<twb> ...which will leave it installed, but make attempts to auto-run it fail
<CaptainTrek> lol
<CaptainTrek> ubuntu-desktop isnt needed?
<twb> "metapackage" means it just lists a bunch of packages to keep installed
<twb> It doesn't provide anything itself
<CaptainTrek> so its not needed then
<CaptainTrek> alrighty, purged, reinstalled, did ssh-add and now it lets it in
<CaptainTrek> *shrugs*
<CaptainTrek> twb: thanks for the help, it seems to have resolved itself now
<CaptainTrek> alrighty more questions, this time configuration
<CaptainTrek> of sshd
<CaptainTrek> (1) how do I add a message that pops up upon connect?
<CaptainTrek> (2) how can I edit the port that sshd listens on?
<CaptainTrek> and thats it
<CaptainTrek> :)
<kees> CaptainTrek: "man sshd_config" should answer both of those.  You'll be editing /etc/ssh/sshd_config and then "sudo service ssh reload"
<CaptainTrek> kees: thanks, i keep forgetting bout manpages xD
<rookie> hello world !!!
<pwnguin> hi
<pwnguin> rookie: you had a question?
<twb> For "message on connect" you may want /etc/motd instead
<rookie> a lotter of question
<rookie>  :P
<rookie> I need to set up a ftp and host
<osmosis> Every time the server crashes, I plug in a keyboard and monitor, and I hit a key to unblank the screen and figure out what happens, and as soon as I hit a key the machine just reboots. Any ideas? is this normal?
<twb> rookie: http://mywiki.wooledge.org/FtpMustDie
<pwnguin> heh
<twb> osmosis: that is not normal.
<pwnguin> just from looking at the URL i think ive found my new cube decoration fro the month
<rookie> thks
<twb> osmosis: it is a PS/2 or USB keyboard?
<pwnguin> rookie: unless you have specific needs, FTP is not a good idea
<pwnguin> SCP works pretty much out of the box
<osmosis> twb, usb
<rookie> so, then what u recomend ?
<twb> osmosis: I can't explain that at all.
<twb> rookie: HTTP for read-only access, SFTP for write access.
<rookie> ok
<rookie> I have set a webside for saturday
<pwnguin> if you have ssh access, you don't need FTP
<rookie> so I need answer now !!!! pls
<pwnguin> what are you using for your desktop?
<rookie> I need a manual to make that happen, please world help me
<pwnguin> you've already got apache running, right
<pwnguin> https://help.ubuntu.com/community/ApacheMySQLPHP
<pwnguin> specically, pay attention to the part that says "virtual hosts"
<rookie> nop
<rookie> thks
<pwnguin> anyone know of a caldav server that supports tasks and work with evolution?
<uvirtbot> New bug: #589056 in net-snmp (main) "snmpd fails to upgrade" [Undecided,New] https://launchpad.net/bugs/589056
<pthsWork> Hi all, I'm setting up Samba against a Server 2008r2 domain with 2 DC's. In krb5.conf kdc= I need to set the server, but is it possible to set two servers here for failover?
<twb> pwnguin: further, you can hand out SFTP access WITHOUT handing out full SSH access.
<rookie> mysql -u root -p
<rookie> Enter password:
<rookie> ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)
<twb> pwnguin: is "caldav" what I would call "that calendaring crap that my customers insist they need"?
<twb> Booking meetings via email, stuff like that?
<MasterZuFu> hello. I'm trying to find whatever files on my server point to any other files or directory the the "/root/" directory in it. For example, if a config file has /root/ as a directory for some files, I want to have a list of what files show that. Any idea how to do this?
<virtual> Is it possible to construct a network like this??
<virtual> client <----> router <----> server
<MasterZuFu> uh, yeah, they do it all the time
<MasterZuFu> you have to use port forwarding
<virtual> and i want the dhcp server on the server machine to give ip for client
<MasterZuFu> no, that'd be done by the router
<virtual> and both the end of the server  is differnt network
<MasterZuFu> i'm lost now, what?
<virtual> i mean both end of the router is different network
<virtual> it was a mistake ;)
<virtual> MasterZuFu, now is it possible to configure the dhcp server like that??
<sjm> virtual: it might be possible if router has a dhcp forwarder in it.
<virtual> sjm,  how can it be done??
<MasterZuFu> well, think about it virtual
<sjm> does the router have a dhcp forwarder?
<MasterZuFu> a wireless router does this already
<MasterZuFu> if you have a wireless router, you can do this
<virtual> the router used here is linux machine
<virtual> sjm, what is dhcp forwarder..what package provides that??
<MasterZuFu> so wait, the router is just a linux box? that's not a router. that's a server
<sjm> start looking here: http://linux.die.net/man/1/dhcp-fwd
<virtual> MasterZuFu, its just for forwarding traffic
<MasterZuFu> uh, still not a router though
<MasterZuFu> :P
<MasterZuFu> i would suggest getting an actual router. servers aren't designed to handle the kind of traffic a router is meant to handle. if you for some reason get a good amount of traffic at any point in time, your server will just crap out.
<jmazaredo> is qemu+zen considered a paraviltualized installed it in my ubuntu lucid
<sjm> virtual:  looks like it might be in the dhcp-helper or dhcp3-relay packages
<MrPicard> Hi guys
<MrPicard> im having issues installing ebox on my ubuntu server
<MrPicard> added the package in the /list/ system via VI
<MrPicard> saved using the :WQ command.
<MrPicard> anyone here?
<MrPicard> I was wondering if possibly im doing somthing wrong in vi
<MrPicard> ive added the DEB file, just get this error. root@ec2db1:~# sudo apt-get install ebox-office
<MrPicard> Reading package lists... Done
<MrPicard> Building dependency tree
<MrPicard> Reading state information... Done
<MrPicard> E: Couldn't find package ebox-offic
<twb> What does "added the DEB file" mean?
<MrPicard> deb http://ppa.launchpad.net/ebox/1.4/ubuntu hardy main via /etc/apt/sources.list
<twb> Do you understand the danger of adding PPAs to your sources list?
<Snadder> Hi. Anyone know what kinda possibilities there is, for a hosting provider to set up its own private cloud for its customers?
<MrPicard> rackspace is a good provider snadder.
<MrPicard> twb i understand
<Snadder> We want to run it on our own hardware.
<MrPicard> thought about vmware sphere 4?
<MrPicard> thats what i use
<Snadder> Cool.. Do you know about a cloud which is compatible with hyper-v?
<Snadder> for migrating
<twb> MrPicard: you forgot to run "sudo apt-get update"
<Snadder> MrPicard, what I really need, is some doc which describes the advantages and dissadvantages of setting up diffrent kinda clouds on my own hardware.
<twb> Snadder: you might find one on Wikipedia
<jumbers> I'm confused by some block messages in my UFW logs. I have the following rule in my settings "80/tcp                     ALLOW       Anywhere" but I am seeing hundreds of thousands of lines that look like this: http://pb.jnumbers.com/10
<twb> Snadder: or at least a table comparing features
<jumbers> Am I misreading my log somehow?
<twb> jumbers: perhaps you're looking at the OUTPUT or FORWARD table?
<twb> ufw is a hand-holding wrapper for iptables-save and iptables-restore.  You can run "iptables-save -c" to dump the netfilter tables and examine them directly, which may help.
<jumbers> They're in my ufw.log though and it says [UFW_BLOCK] in the line
<twb> So what?
<Snadder> What is the real advantages of setting up a private cloud, compeard to traditional virtualization?
<twb> resources are allocated where they're needed
<Daviey> Snadder: ability to easily scale, and "drop in" hardware.
<Snadder> In normal virtualization its easy to set up a new cluster.. and live migrate servers to it.
<Snadder> But this happens more or like automaticly for hosting servers with full os'es in the cloud?
<Snadder> I'm thinking about a PaaS..
<twb> polyamory as a service?
<Snadder> Yes.
<soren> Snadder: What "cloud" in this context gives you that you don't already have with "regular" virtualisation is an API that you can safely expose to random users to let them provision virtual machines.
<twb> soren: libvirt does most of that
<soren> twb: It doesn't.
<soren> twb: At all.
<Snadder> soren, do you know if microsoft offer PaaS?
<twb> then I must've misunderstood some of their salespitch
<soren> Snadder: That's hardly on topic for this channel.
<Snadder> I hope you say no.. because I hate them..
<Snadder> soren, by boss loves them, and want to use theyre technology..
<twb> Snadder: kill him and take his power
<soren> twb: libvirt gives you an API to manage virtual machines and storage and such.
<soren> twb: It's not an API you want to expose to random users.
<Snadder> soren, twb I just want to make sure I can recommend using something MS. don't offer.
<soren> Snadder: Like "Linux"?
<soren> Snadder: MS doesn't offer that.
<soren> Easy.
<twb> soren: I bet it does in some devices
<twb> Do they still run their web servers on BSD?
<Snadder> soren, a PaaS solution like vmware sphere 4, or eucalyptus cloud
<soren> Snadder: That's not a PaaS solution.
<Snadder> vmware sphere 4?
<soren> No idea, but UEC certainly isn't.
<soren> It's IaaS.
<Snadder> Damn.. I knew about SaaS and PaaS.. but not IaaS
<Snadder> *looking up*
 * twb grumbles about new-fangled buzzwords
<soren> SaaS is software as a service. Like Wordpress.com, for instance.
<soren> PaaS is platform as a service. Like Google App Engine.
<soren> IaaS is infrastructure as a service. Such as Rackspace Cloud, EC2, UEC, Rimuhosting, Linode..
<twb> PaaS is "here's my program, run it where you want", where IaaS is "here is my OS, run it where you want" ?
<soren> In a nutshell, yes.
<Snadder> Good clearification..
<twb> I wonder how standardized the underlying "hardware" that the OS image runs on is.
<Snadder> What I really want is IaaS then.
<soren> twb: What do you mean?
<twb> soren: like does everyone emulate a e100 NIC
<soren> they're almost all Xen based.
<soren> So they all use Xen PV NICs.
<twb> But not eucalyptus, right?
<soren> Eucalyptus does both Xen and KVM, but UEC uses kvm.
<twb> Ah, right
<Snadder> All those IaaS providers.. what software does they use?
<Snadder> all diffrent ones?
<twb> I assumed it was doing its own bizarro wacky thing in order to line up with whatever amazon does
<soren> Snadder: Yes, they all roll their own stuff.
<soren> twb: No comment.
<twb> haha
<soren> Snadder: for now.
<Snadder> soren, do you know if its easy to migrate from one of the clouds to another?
<Snadder> soren, or from virtualization to a cloud.
<soren> Snadder: Yes, I do know.
<Snadder> soren, And do you want to share it also :-p
<soren> Sure.
<soren> Snadder: It depends.
<twb> Snadder: use imperative voice, or use a query.
<Snadder> soren, twb: hehe.
<soren> Snadder: It depends on where you're migrating from. It depends on where you migrating to. It depends on what you're migrating. With the current amount of information given, all I can say is: Yes, I do know: It depends.
<soren> Oh, and it depends on how clever you are, too.
<Snadder> Is it possible to migrate old Linux machines from vmware to any cloud?
<soren> Some people find it difficult to operate a keyboard in general. Others dream in Common LISP. If you're in the former category, it's almost certainly going to be difficult regardless of all the other factors.
<soren> Snadder: No.
<soren> Snadder: "Any cloud" is a difficult place to migrate to.
<twb> cumulonimbus, I choose you!
<Snadder> In any cloud I meant, state which clouds it works with, and which it dosn't.
<soren> I'm not going to do all your work for you.
<twb> I have dreamt in Linley's Dungeon Crawl before.
<soren> And again: "old Linux machines" is not something I can usefully relate to nor have opinions on.
<twb> It's pretty fucked up when you wake up and lean against the # only to have it turn out to be a +
<Snadder> Ok, I'm wondring specially on eucalyptus
<soren> twb: I'm sure that all makes sense somehow :)
<soren> Snadder: Then say "Eucalyptus" instead of "any cloud".
<twb> soren: er, s/crawl/nethack/ ?
<soren> Snadder: It's easier that way.
<soren> twb: Sorry.
<soren> cue screaming
<soren> That's right. I've never played more than probably 20 seconds of nethack. I'm comfortable with this fact.
<twb> crawl is nice in that it's actively developed and its UI and gameplay are actually DESIGNED
<soren> Snadder: Until you give me some actual information I can't give you answers you can put to any use.
<twb> We could just make up information
<Snadder> soren, make it easy.. is it possible to migrate a Ubuntu 9.10 machine from vmware to eucalyptus?
<soren> Given the correct circumstances, yes.
<Snadder> soren, And what kinda circumstances is that?
<soren> This is getting old...
<soren> Snadder: How about you tell me what it is that you want to move?
<soren> Snadder: More information leads to more useful answers. Always.
<Snadder> soren, there is not one thing I want to move.. I want to move alot of diffrent things.
<Snadder> I want to move whole .vmx vmware images of all kinda Linux oses.
<twb> soren: not ALWAYS.  In the limit, you need to hire a data miner.
<twb> And they're unionized!
<Snadder> Atm we run VMware ESX Server 2.5.2
<Snadder> Pretty old and outdated.. so we want something we can offer to our customers as an IaaS and at the same thing use for internal use.
<Snadder> same time*
<soren> EUC instances are not persistent. If you shut them down, your changes will be gone. If you application is cool with that, you're golden.
<soren> If you're not cool with that, and you can fix them to be cool with that, you're golden.
<soren> If you can't fix them to be cool with that, but you can move the stuff that needs to be persistent to an EBS volume, you're golden.
<soren> If you can't do that either, you're less than golden. Bronzy at best. Probably rusted irony.
<soren> Whatever that means.
<uvirtbot> New bug: #577183 in linux (main) "keyboard and/or mouse freezing (dup-of: 528720)" [Undecided,Confirmed] https://launchpad.net/bugs/577183
<Snadder> We need persistent storage.. is EBS an general term.. i've read about it when conserning EC2, but not conserning EUC
<uvirtbot> New bug: #522091 in linux (main) "keyboard freezes with kernel 2.6.32-13 (dup-of: 528720)" [Undecided,Confirmed] https://launchpad.net/bugs/522091
<soren> Snadder: UEC has EBS as well.
<soren> Snadder: It's an EC2 thing. Just like everything else in UEC is.
<Snadder> Ah, ok.
<Snadder> I've heard that all external EC2 api's is avaible in UEC too.. Do you know what the diffrence on external and internal cloud api is?
<Snadder> But internal EC2 api's is not compatible with internal UEC api's.
<Snadder> soren, I understand.. so I have to manually move partitions I want to have data in.. to an EBS volume when I move from virtualization to UEC.. :-)
<Snadder> Didn't think about that.. but it makes sense.
<soren> Snadder: Yes, and make sure they're attached to the right instance, not attached to the wrong instances, and are mounted at the correct times, and don't start the service until they're mounted.
<soren> Snadder: Internal EC2 api's?
<soren> Snadder: What do you mean by internal EC2 api's?
<Snadder> soren, I have no clue whats the internal EC2 api is.. I just heard about it in some article talking about cloud compatibilty
<soren> Snadder: Don't worry about them, then.
<soren> Snadder: UEC aims to expose the same API's as EC2.
<soren> Snadder: Simple as that.
<Snadder> Well.. I want to me sure I can move stuff from ec2 to UEC and back as I want.
<Snadder> An aim isn't the same as what they provide.
<twb> Snadder: I imagine patches are welcome
<soren> EC2 frequently updates their API. They're not going to wait until UEC is caught up before releasing stuff.
<soren> ...so UEC can't say "hi, we provide all the same API's as EC2", because the second those words are uttered, EC2 may come out with a new extension to its API.
 * soren goes back to coding
<Snadder> Ok.. thanks alot for the info.
<twb> It wouldn't surprise me if they change the api deliberately to fuck with eucalyptus
<soren> It would surprise me.
<soren> It's not like they're changing it willy-nilly. They're adding new functionality.
<twb> Not *yet* maybe.
 * twb glares at proprietary space
<uvirtbot> New bug: #589142 in tickcount (main) "[FTBFS] Error in PYTHONPATH" [Undecided,New] https://launchpad.net/bugs/589142
<diago> Is it possible to create br0:1 aliases?
<sommer> morning
<soren> diago: Try it?
<diago> I will and if you can that would be the jank
<ttx> sommer: bug 165184 is a documentation papercut... would you mind being assigned to it ?
<uvirtbot> Launchpad bug 165184 in amavisd-new "amavisd-new + spamassassin: cronjob spams root user" [Medium,Triaged] https://launchpad.net/bugs/165184
<hallyn> kir: you know that bug 582509 about torrent hanging ecryptfs - they're using tranmission which I'm told has quite a few exploits, and an irc friend of mine has had boxes frozne by the exploits...
<uvirtbot> hallyn: Error: Could not parse data returned by Launchpad: list index out of range
<hallyn> oh well that would be bc it's 482509
<sommer> ttx: sure no problem
<xfg> morning
<zul> Daviey: ping
<ttx> sommer: cool, thanks !
<Daviey> zul: \o
<zul> Daviey: does eucalyptus use ethtool anywhere...ie hardcoding it?
 * Daviey greps
<kapn> keith.nunn@xe.com1fish2fish
<Daviey> zul: grep returns null
<Daviey> is that good or bad?
<zul> Daviey: nope its good
<elb0w> anyone know of a good IDE font that is clean but ' and " look different
<uvirtbot> New bug: #589170 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.41-3ubuntu12.1 failed to install/upgrade:" [Undecided,New] https://launchpad.net/bugs/589170
<oru_work> after apt-get remove bugzilla3 i'm trying to restart apache2 and here is what i'm getting http://pastebin.linode.com/3907
<pmatulis> oru_work: guess you need to set up /etc/apache2/conf.d/bugzilla3.conf
<oru_work> pmatulis, lol
<oru_work> hmm
<oru_work> i don't see any matches for defining bugzilla3.conf in /etc/apache2/apache2.conf
<oru_work> I think i need to run a command something like a2ensite rewrite
<hggdh> spineau: how are things in the test rig?
<spineau> hggdh: hello
<hggdh> good afternoon, spineau
<spineau> hggdh: not so bad, I tried to get web access to install sw from QA ppa, but firewall rules are too ... strict
<spineau> hggdh: one question, how can you test elastic ip ?
<hggdh> spineau: that may happen ;-) option is (what I have done already many times) to copy the packages in
<spineau> hggdh: in my case, there is A LOT of stuff to install to have checkbox up an running
<rgreening> ScottK: bug 589188
<uvirtbot> Launchpad bug 589188 in lucid-backports "Backport tacacs+ from Macverick" [Undecided,New] https://launchpad.net/bugs/589188
<spineau> hggdh: regarding elastic ip feature, is there some euca commands to redirect the traffic ? Hybridfox seems to be able to do that but I would want to script it so, any idea ?
<riveraj> is it possible to limit skype bandwidth on an ubuntu gateway/router via firewall?
<hggdh> spineau: you mean associate the elastic IP?
<spineau> hggdh: excatly
<hggdh> spineau: when you set an elastic IP the ip tables should be be updated, together with routing
<hggdh> spineau: I mean, automatically
<hggdh> spineau: so, for a client from outside it will be as simple as using the new IP to connect
<spineau> hggdh: but how do you set this "IP"
<jdstrand> zul: hey, would you be interested in the fix for debian bug #366124 that just hit lenny? (1.2.12-5+lenny2)
<uvirtbot> Debian bug 366124 in libapr1 "apache2: should mark its listening socket close-on-exec" [Important,Fixed] http://bugs.debian.org/366124
<zul> jdstrand: yeah lemme go check
<jdstrand> zul: I just happened to notice it on debian-changes...
<hggdh> spineau: euca-associate-address
<Daviey> kirkland:  966 ?        00:00:00 kvm-irqfd-clean
<jdstrand> zul: ie, I know nothing about it personally
<ScottK> riveraj: skype is difficult since if it can't connect to the server it will try different ports.
<spineau> hggdh: yes...
<spineau> hggdh: thanks
<ScottK> rgreening: Looking.
<zul> jdstrand: reading
<zul> jdstrand: have you guys merged openssl yet?
<jdstrand> zul: doesn't look like it. I know nxvl and mdeslaur were looking at it
<zul> jdstrand: i ask because the version of apache in maverick requires a newer openssl so im kind of blocked
<jdstrand> nxvl, mdeslaur: fyi ^
<corpse> does anyone mind testing my webserve adress. i think im getting a loopback
<jdstrand> zul: I imagine that could be done next week. perhaps follow-up with them when mdeslaur gets back?
<zul> jdstrand: sure
<zul> jdstrand: with regards to the debian bug its something we are going to inherit anyways
<jdstrand> zul: right-- I meant more as an SRU type thing...
<zul> jdstrand: right...it might be good ill have to see what is involved for an SRU
<jdstrand> cool, thanks
 * jdstrand isn't sure why he is thanking, since he has no vested interest in the bug atm
<zul> jdstrand: heh
<riveraj> ScottK: is there any way to limit it's bandwidth from the gateway/router side?
<znull> hello, i'm running 10.4 http://pastebin.ca/1876636 but I can't install some packages.. any ideea thank you.
<nxvl> zul: nope, still not merged debsrc 3.0 making the usal complications worst
<smoser> kirkland, you can confirm this, right: https://bugs.launchpad.net/ubuntu/+source/qemu-kvm/+bug/589099
<uvirtbot> Launchpad bug 589099 in qemu-kvm "does not work on amd64 without -no-kvm" [Undecided,New]
<smoser> is there another known bug for that ?
<zul> nxvl: meh
<soren> smoser: On lucid?
<soren> smoser: It works for me, it seems.
<smoser> yes
<soren> smoser: if I'm reading it correctly, that is.
<smoser> you have vt extensions
<soren> Correct.
<smoser> i think thats what the bug really is
<soren> If I unload /dev
<soren> blah
<soren> If I unload kvm-intel, it still works.
<smoser> (ie, i think it will fail to "just work" if you do not. previously if you did not have vt support it would fall back to full virt)
<soren> At that point, qemu can't tell that I have VT.
<ScottK> riveraj: You have to know what ports to limit and that's non-trivial.  I didn't spend more than 15 minutes on the question before when it came up, so someone may have solved it.
<soren> I don't understand the bug report completely, though.
<soren> "when no arguments are given, it should attempt booting from all possible devices"
<soren> All possible devices if not argumets
<soren> Gah... I suck at typing today.
<smoser> yeah, i dont understand it either.
<kirkland> smoser: "qemu -cdrom lucid-desktop-amd64.iso" works fine for me (with and without the kvm module loaded)
<soren> Here is a complete list of possible devices when no arguments are given:
<soren> That is all.
<smoser> i ust tried with kvm_intel unloaded and it seems to go ok.
<soren> So I don't see what he expects it to boot from.
<soren> Regardless, I do see stuff on the console when I run it without arguments.
<soren> Maybe he's using a b0rken kernel. He doesn't say.
<corpse> can somone test nates.serverbeer.com  i can not access it from inside my network
<smoser> mathiaz, you have told me once before that ther eis a well defiendversioning mechanism for security updates.
<smoser> do you have a link to that on han d?
<smoser> maybe jdstrand
<mathiaz> smoser: https://wiki.ubuntu.com/SecurityTeam/UpdatePreparation#Update%20the%20packaging
<smoser> hmm.. i thought they somehow handled the release in the numbering also
<smoser> ie one version of package built for 9.10 is less than for 10.04
<smoser> oh. i see it.
<mathiaz> smoser: right - -ubuntu0.9.10.1 vs -ubuntu0.10.04.1
<smoser> yeah, thanks. sorry for being dense
<ttx> mathiaz: got 5 min now before the call
<mathiaz> ttx: after the call?
<ttx> mathiaz: if it finishes early, yes
<mathiaz> ttx: or we can cover one topic at least
<mathiaz> ttx: mumble
<ttx> ack
<ttx> my upload rate is so slow I can't upload my merges
<soren> ttx: Do it from chinstrap.
<kirkland> Daviey: http://pastebin.ubuntu.com/444079/
<kirkland> Daviey: i *think* your error is there
<soren> ttx: So just get the upstream tarball from Debian or whatnot, and then rsync your diff.gz .dsc and .changes to chinstrap and upload from there.
<Daviey> kirkland: but other instances DO get an address.. which is an odd thing
<Daviey> i think that might be another issue, but not the primary one
<ttx> soren: yep, that's my backup plan
<ttx> soren: but still, this upload rate needs to be fixed :)
<ttx> soren: strangely, all the village is affected... and calls me.
<soren> ttx: Hahah :)
<soren> ttx: Assuming it's your fault or because they think you can fix it?
<soren> Or both? :)
<ttx> soren: they think they can't send email with attachments anymore
 * soren chuckles
<ttx> soren: I'd assume high packet loss on upstream, resulting in connections dying over time
<grante> Is us.archive.ubuntu.com excrutiatingly slow for everyone or just me today?
<ttx> soren: I wish they would replace our telecom center with something modern
<ScottK> grante: Maverick Alpha 1 was released today and is getting some downloads.  It's not just you.
<grante> ScottK: ah, that's why.  Trying to install packages at like 10kB/s when it connects at all.  Gonna be a long day then.
<ttx> Daviey, kirkland, mathiaz: please take ownership of 1-2 bugs each in https://launchpad.net/server-papercuts/+milestone/maverick-alpha-2 ... first come first serve :)
<kirkland> ttx: done
<ttx> kirkland: thanks !
<AlexMax> I'm having an issue with alias networking interfaces automatically starting on boot.  My /etc/network/interfaces is here: http://bpaste.net/show/OMsfA0tyAgjt7Lyspjsq/
<AlexMax> eth0 starts up automatically
<AlexMax> however eth0:0 and eth0:1 do not
<AlexMax> and thus my web servers do not start either
<AlexMax> since it can't bind to .227 and .228
<grante> AlexMax, you have auth instead of auto
<grante> for the two aliases
<AlexMax> grante: ... you're completely right and I feel very foolish
<grante> AlexMax:  that's the kind of typo that can stare you in the face for days without noticing it.  I've done it myself.
<uvirtbot> New bug: #589223 in qemu-kvm (main) "kvm domain failing to start after kernel upgrade to 2.6.32-22" [Undecided,New] https://launchpad.net/bugs/589223
<diago> is there a way to purge apt-proxy of current info, my virts are complaining about a bad header file
<webPragmatist> hrm
<gnoob> hi guys :)  my swapdisk went hunting buffaloes on the eternal happy hunting grounds..   Will my linux server boot without a possible swaparea?  :)
 * ccheney is working on doing a reinstall of the dell laptops right now :)
<webPragmatist> Is there a how-to go from Standalone state with DRBD to online properly
<webPragmatist> i'm trying to do connect and it wont
<heeecht> gday. do i need to activate BIOS RAID for having 2 SATA disks?
<heeecht> My LVM crashes if I add 2nd disk to computer, if I remove it again... Ubuntu server start again. What do I wrong?
<webPragmatist> okay wait
<webPragmatist> i got it back to WFConnection status
<heeecht> Need a LVM/Ubuntu 10.04 guru! Server won't boot with 2nd SATA disk inserted. LVM cant find old PV. I just get the BusyBox
<gnoob> arrgh  the only thing that happens when I boot is that I get a blinking cursor..  What could be wrong guys??  I got a ureadahead error some trys ago.. Now I booted with live cd and removed the failed disks from fstab. The disk with boot partition and boot flag is operative.  what could be wrong.. :\
<grante> heeecht: still works if you unplug the second disk?
<grante> heeecht: if so, try swaping sata ports.
<webPragmatist> okay
<webPragmatist> where in the world is the drbd log >.<
<heeecht> grante: yes, if sata unplugged it works again. will change ports....
<heeecht> grante: first I just disconnected 2nd SATA HDD and took this cable and mounted it on 1st SATA. Starts correctly on SATA port 2. Will try to add 2nd on 1st port.
<heeecht> grante: done. guess you're my hero for today. IT STARTS!! Any explanation for this?
<webPragmatist> how do i cofigure where root@localhost goes?
<webPragmatist> email
<grante> heeecht: some bios number the sata drives weird...their location can change when you add a drive.
<hallyn> webPragmatist: man aliases i believe
<webPragmatist> hallyn: okay i'll take a lookâ¦
<heeecht> grante: thanks really very much. do you have also experience in LVM (expecially how to add a 2nd and bigger drive?)
<grante> heeecht: a bit, but not enough to walk you through it
<heeecht> grante: thanks, I will RTFM again.
<webPragmatist> uhhggggggg
<webPragmatist> wtf
<webPragmatist> why is the dumb thing always split brain
<webPragmatist> i need some serious crm brain downloadness
<heeecht> Need assistance on how to add 2nd SATA disk to LVM on ubuntu server 10.04
<Tyeu> I'm getting this networking error: http://pastebin.com/5TtNRzDD
<Tyeu> Networking issue. can someone help?
<ccheney> kirkland, ping
<kirkland> ccheney: pong
<ccheney> kirkland, did you see the post on ubuntu-devel-discuss list yet?
<kirkland> ccheney: regarding?
<ccheney> "Why do some updates skip proposed? (launchpad bug 589163)" kvm broken on kernel upgrade
<uvirtbot> Launchpad bug 589163 in linux "Cannot start kvm guest" [Undecided,New] https://launchpad.net/bugs/589163
<ccheney> "The kernel released for lucid last night (2.6.32-22.35) broke kvm guests - prevented them from starting"
<debfx> could you please rebuild apr? bug #589158
<uvirtbot> Launchpad bug 589158 in apr "Rebuild apr to pick up cpu change to i686" [Undecided,New] https://launchpad.net/bugs/589158
<Kyle__> Hullo
<Kyle__> What's the preferred method for setting services to come up on boot?
<Kyle__> My dhcp server isn't starting automaticaly.
<webPragmatist> using init.d ?
<webPragmatist> that should be configured by default
<webPragmatist> are drbd configurations supposed to be shared?
<Kyle__> webPragmatist: Supposed to be, but isn't coming up on boot.  Runnign "service dhcp3-server start" works fine though.
<webPragmatist> is there an init.d?
<webPragmatist> it says "synchronize your /etc/drbd.conf file between both nodes"
<webPragmatist> guess i need to sync it with csync
<Kyle__> webPragmatist: Yup.  It's in init.d, and there's a symlink to it in rc2.d.
<Kyle__> ...on a sidenote, does this mean ubuntu gave up on upstart?
<webPragmatist> something like thatâ¦ i dunno sorry
<webPragmatist> check your /var/log/messages maybe?
<Kyle__> webPragmatist: nothing in /var/log/messages, but a few peeps in /var/log/syslog
<ccheney> Kyle__, nope, it just means not everything has been converted over yet
<Kyle__> webPragmatist: however, other than complaining "Can't open /etc/dhcp3/rndc.key: Permission denied", I don't see much.
<Kyle__> ccheney: Ahh.  Shame.  Never was much of a fan of it, I'd be glad to see it's backside :)
<pmatulis> Kyle__: are you using a bridge by any chance?
<Kyle__> pmatulis: Nope. Plain old nic, no special config.
<webPragmatist> efffff
<pmatulis> Kyle__: and static of course?
<Kyle__> pmatulis: Yes.
<Kyle__> Ahh, I got it.
<pmatulis> Kyle__: huh?
<pmatulis> webPragmatist: still in trouble?
<Kyle__> This is werid.  So it complained about the rndc.key having the wrong permissions, but running /etc/init.d/dhcp3-server start worked.
<webPragmatist> pmatulis: mostly
<pmatulis> webPragmatist: :(
<Kyle__> And running service dhcp3-server start worked....but it wouldn't start on boot, until I fixed that permission issue.
<webPragmatist> i'm getting somewhereâ¦ just  trying to figure out how to autoresolve splitbrain now
<pmatulis> Kyle__: ok, good to know.  all sorted then?
<webPragmatist> tbh i don't really know what it's doing lol
<pmatulis> webPragmatist: not a good feeling
<Kyle__> pmatulis: yup.  I'm just rather surprised that's what it was.  I'm used to "if it works from init.d, it will work on boot".
<pmatulis> Kyle__: right, that's sound logic
<Kyle__> Guess it's time to file a bug.
<pmatulis> Kyle__: seconded. i would call it bug material
 * ccheney bbl, lunch
<webPragmatist> despite stickiness being setâ¦ it insists on switching nodes
 * webPragmatist bangs head on desk
<webPragmatist> i think it's because the drbd goes down on split brain so it freaks
<webPragmatist> yea crap
<pmatulis> webPragmatist: how are you connecting your two machines?
<webPragmatist> I'm not exactly sure what is going on but it works fine during the failureâ¦.. but when i bring the node back up I only have a guess as to what it does
<webPragmatist> pmatulis: it's just two nodes, drbd. master/slave
<gnoob> Guys,,   on a ubuntu 10.09 server in production.. whats the best way of keeping it up to date?  aptitude upgrade og safe-upgrade?
<pmatulis> webPragmatist: right, but physically how?
<webPragmatist> uhhh
<webPragmatist> they are vms
<webPragmatist> for the time being
<pmatulis> webPragmatist: hypervisor?
<webPragmatist> no parallels
<webPragmatist> i'm on mac
<pmatulis> oh
<smoser> gnoob, https://wiki.ubuntu.com/UbuntuDevelopment/UsingDevelopmentReleases
<webPragmatist> I think I know what's going on but i'm not completely sure
<pmatulis> webPragmatist: it's important that there be no network latency and such.  VMs can be weird.  cannot try on metal?
<gnoob> anyone knowing if uninstalling ureadahead is a good idea on a server?  I dont really need the speedy boot, and I would think uninstalling it would be a good idea to eliminate a risk of boot problems.. ?? what do you think guys ?
<gnoob> thanks smoser
<webPragmatist> pmatulis: â¦.. crm isn't THAT fast
<webPragmatist> and that's NOT the issue
<pmatulis> ok ok
<webPragmatist> it's what the crm is doing that is stupid
<webPragmatist> i'll try to explain
<webPragmatist> I think when the node comes back up drbd freaks and notices that there are two Primariesâ¦ and doesn't have enough time to resolve it and then the crm freaks because drbd set disk to "disconnected" and switches nodesâ¦ meanwhile all of the drbd disks are now in standalone
<webPragmatist> it's the auto split brain resolution that I can't figure out
<webPragmatist> I'm going to experiment without the crm thoughâ¦ but gotta take a lunch
<webPragmatist> all of the tutorials that cover drbd and clusters assume you are just going to resolve the Primary/Primary (split brain) manually
<webPragmatist> (or rather they end up not even testing their setup and switching to OCFS and do Active/Active so they allow Primary/Primary)
<webPragmatist> when it switches nodes btw it tries to convert the other to primary which has been set to Secondary by drbd...
<webPragmatist> that's the kickerâ¦ and i think that's really what drops everything to standalone
<webPragmatist> i'm sure somewhere out there someone has configured crm (pacemaker) to do this â¦ but this clusterlabs manual without manual split brain resolution doesn't work
<webPragmatist> if you are completely lost lol
<webPragmatist> http://www.clusterlabs.org/doc/en-US/Pacemaker/1.1/html/Clusters_from_Scratch/ch07s03.html
<incorrect> oh great the latest kernel breaks my win7 kvm
<webPragmatist> uh oh
<uvirtbot> New bug: #589297 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.41-3ubuntu12.1 failed to install/upgrade: Le paquet est dans un Ã©tat incohÃ©rent - vous devriez  le rÃ©installer avant d'essayer de le supprimer." [Undecided,New] https://launchpad.net/bugs/589297
<pmatulis> incorrect: did you confirm it?
<incorrect> pmatulis, not yet
<incorrect> i just reverted the kernel back
<pmatulis> incorrect: ah
<incorrect> it could be that i had p-0.11 set and now lucid has .12
<sbeattie> incorrect: is it just win7 vms or all vms? There's a regression for some hardware with kvm and the kernel security update that came out last night (bug 589223)
<uvirtbot> Launchpad bug 589223 in qemu-kvm "kvm domain failing to start after kernel upgrade to 2.6.32-22 (dup-of: 589163)" [Undecided,New] https://launchpad.net/bugs/589223
<uvirtbot> Launchpad bug 589163 in linux "Cannot start kvm guest" [High,Triaged] https://launchpad.net/bugs/589163
<sbeattie> there's currently a mad scramble to push out a kernel with just the kvm patch backed out.
<incorrect> sbeattie, ah, give me a second i have, win2k8r2, lucid i386/amd64
<incorrect> sbeattie, i've not tried any of the others, as i finally fixed an issue with win7 32bit guest
<incorrect> FYI, do not run the arch type as i686, give win7 32bit a 64bit bit vm
 * ccheney back
<oru_work> can someone help me with editting a vhost in /etc/sites-available/ ?
<guntbert> oru_work: if you don't get help here you can ask in #httpd too
<oru_work> okay
<webPragmatist> oru_work: just check out the default one that should get you started
<webPragmatist> after you change it if it's not enabled do a2ensite otherwise just /etc/init.d/apache2 reload
<bcessa> hi there, I'm having a extrange problem, I just install a 10.04 server and turn ufw default deny, then open ports for several services like http, ftp, etc, everything works fine, but using FTP it drops the connection when entering passive mode, any ideas about this?
<bcessa> I also notice that trying to run apt-get update don't work with that firewall configuration, don't know what's missing :o
<webPragmatist> that?
<AlexMax> I'm unable to connect to my ubuntu server from my android phone.  How can I tell what IP's are currently being blacklisted/blocked/whatever by ufw?
<webPragmatist> through vnc?
<webPragmatist> oh
<webPragmatist> ufw
<RoyK> AlexMax: ufw status
<incorrect> i have a weird project to do over the next week,  I am going to sign up for ~40 ubuntu vm's around the globe,  I will add monitoring to these nodes, latency, uptime etc,  would anyone find it useful if i published this info?
<AlexMax> RoyK: So ufw doesn't have any sort of weird filtering going on by default
<AlexMax> guess it's verizon and not me
<incorrect> AlexMax, to check your rules use iptables-save
<incorrect> i find that easier to read
<incorrect> or iptables -L
<AlexMax> oh god there's rules everywhere D:
<webPragmatist> o.O
<incorrect> oh noes
<webPragmatist> ugh
<webPragmatist> my ears just got pwned by avril lavigne
<incorrect> this is why i write iptables rules by hand :)
<webPragmatist> stupid pandora
<AlexMax> yeah i should do that sometime
 * incorrect gives webPragmatist some liquid plaster filler, 
<AlexMax> ufw doesn't play nice with things like fail2ban anyway
<RoyK> AlexMax: iptables -vnL
<webPragmatist> ohhhhhhhhh
<webPragmatist> universal firewall
<webPragmatist> i just got that
<webPragmatist> thanks
<webPragmatist> never used it
<jdstrand> AlexMax: it should play fine with it. it uses its own tables
<jdstrand> AlexMax: I've not done it personally, but the design for the default install is to not blow away other rules, etc
<AlexMax> webPragmatist: Uncomplicated Firewall
<webPragmatist> i don't believe it
<jdstrand> AlexMax: that is true in later versions anyway-- hardy definitely not-- it will blow away stuff
 * jdstrand can't remember what version that changed in... I'm thinking jaunty...
<bcessa> any ideas about this?
<steven_t> ugh
<steven_t> apt-get doesnt keep track of what versions its installed of something, does it?
<RoyK> bcessa: a quick google http://beginlinux.com/blog/2009/10/ubuntu-9-10-ftp-connections/
<steven_t> i have no idea which mod_wsgi i installe a month ago :/
<bcessa> ok, thnx, I'll keep looking at this
<bcessa> cya
<kirkland> Daviey: okay, i'm back online now
<smoser> ccheney, https://help.ubuntu.com/community/UEC/Tips
<Daviey> kirkland: hey.. do you want access back?
<kirkland> Daviey: not necessarily
<kirkland> Daviey: let's just get the bug filed; link to it in the ISO tracker
<kirkland> Daviey: it might be related to this kvm/kernel issue
<webPragmatist> any of you familiar with using drbd
<oru_work> how would I get a subdomain to resolve to the ip of my server?
<webPragmatist> http://pastie.textmate.org/private/ngv5dso8yqcg9km2gqkfa
<webPragmatist> oru_work: use /etc/host
<webPragmatist> s
<webPragmatist> oru_work: use /etc/hosts
<oru_work> webPragmatist, thanks any service needs to be restarted after making changes to /etc/hosts ?
<kirkland> Daviey: i'll try deploying UEC Maverick here tomorrow
<webPragmatist> oru_work: no
<Daviey> kirkland: ok.. i don't think that kernel issues is related tbh
<webPragmatist> http://www.drbd.org/users-guide/s-configure-split-brain-behavior.html
<webPragmatist> discard-younger-primary
<Daviey> kirkland: starting kvm on it's on on the maverick nc works as expected
<Daviey> it's a euca' issue, i'm pretty sure
<webPragmatist> if i am using pacemaker to swap rolesâ¦ and I only have two nodesâ¦. how which should i choose to just "use the newly formed primary"
<ccheney> smoser, like this? CLEAN=1 /etc/init.d/eucalyptus restart
<smoser> no
<smoser> stop eucalyptus CLEAN=1
<smoser> start eucalyptus CLEAN=1
<kirkland> Daviey: okay, this euca is basically identical to that in Lucid, right?
<kirkland> Daviey: we haven't merged kvm, libvirt, or eucalyptus yet for Maverick
<ccheney> smoser, seems to be more complicated than just changing the ip and cleaning, unless i also need to do a clean or something like that on the NC
<smoser> its worth a try, but i wouldn't have thought you would have to.
<smoser> give it a try
<ccheney> smoser, the CC thinks 10.0.0.32 is assigned to the instance but ping doesn't work
<ccheney> smoser, ok
<webPragmatist> where can i find the corosync logs
<webPragmatist> or rather where do i set the path to them
<webPragmatist> I have a /var/log/corosync but nothing is inside
<webPragmatist> weird
<webPragmatist> ahhhh hrm
 * ccheney thinks he will just try blowing it away and reinstalling, heh, clean on NC didn't seem to help 
<oru_work> webPragmatist, can you help me make the domain resolve to the ip of my server ?
<oru_work> webPragmatist, not really sure what i'm doing wrong here
<webPragmatist> oru_work: are you talking about another server?
<webPragmatist> or just one?
<oru_work> webPragmatist, just one :)
<webPragmatist> then you just modify /etc/hosts
<webPragmatist> 10.0.0.1	mydomain.local	somealias.local	etc...
<webPragmatist> save close done
<webPragmatist> it's official
<webPragmatist> drbd is an epic pain in the recutm
<webPragmatist> rectum even
<webPragmatist> man i'm having a problem where when the failing node comes back up it automatically chooses that node instead of staying even with stickiness set.
<corpse> i am having problems connecting to my ftp server. I can connect to it localy by i can not when i use the external ip
<corpse> i have all my ports forwarded and i belive no firewalls are running
<a3ist> anyone recommend a guide for or know the best way to set up ubuntu server 10.04 with x & some window managers installed as a multihead server for several different users, one plugged in and the rest over the LAN?
<jpds> corpse: Is the FTP server listening on 0.0.0.0:21 ?
<cloakable> corpse: Are you connecting to the external ip from the LAN?
<corpse> cloakable: yes and no, i  have tryed from this pc (wich is on the lan) and from my cell phone using the 3g. same resaults
<cloakable> corpse: hmmm
<corpse> jpds: i a not sure, for the life of my i cannot find a config file that will let me specify ip port etc
<corpse> when i use filezilla i get connection refused
<jpds> corpse: sudo netstat -ltnp
<corpse> jpds: pure-ftpd is listening on 0.0.0.0:21
<jpds> corpse: Anything in /var/log/auth.log or syslog
<jpds> ?
<corpse> auth.log has a lot of cron sesions opend ad losed for root and a few postfix/smtpd references
<corpse> syslog dosnt seem to have any useful info
<CaptainTrek> question: i'm ssh'd into my VPS, where can I change what DNS servers it uses for DNS?
<guntbert> CaptainTrek: /etc/resolv.conf
<CaptainTrek> ty
<ccheney> got it working and running an instance i can log into now :)
<CaptainTrek> guntbert:  its got a nameserver <IP> entry, do i just put another nameserver <IP> entry on the next line to make a secondary DNS server used?
<guntbert> CaptainTrek: yes, but that 2nd NS is only used when the first one doesn't respond at all
<corpse> is there a better server i can use then pure-ftpd?
<CaptainTrek> guntbert:  would the second namserver be used if the first one doesn't have an entry?
<guntbert> CaptainTrek: you can always remove the first line (or shove it down) - its entirely your choice as owner of the system
<CaptainTrek> guntbert:  alrighty :)
<webPragmatist> any drbd / pacemakers can check this http://old.nabble.com/DRBD-and-Pacemaker-configuration-td28772524.html
<webPragmatist> to see what i'm doing wrong
<kirkland> smoser: yo!
<smoser> hey
<kirkland> smoser: i see you have a virtio/eucalyptus patch
<smoser> yeah.
<kirkland> smoser: rock, you da man
<kirkland> smoser: we need to get that uploaded to maverick
<kirkland> smoser: i'd do it myself, but i don't want to stomp on daviey's merge
<smoser> yeah, i talked to him some today about it.
<smoser> he was asking if we should try to get Eucalyptus to take it first
<smoser> due to his large ste of patches
<smoser> i think its just "take it now"
<smoser> they may do a better job, but this will get us functional with virtio right now
<smoser> and from the guests perspective later things shouldn't change
<webPragmatist> what is this vick's vapor rub you all speak of
<ccheney> kirkland, for 567371 i need to install the proposed update and then run the test scripts overnight, right?
<webPragmatist> either of you know how to do pacemaker clusters?
<kirkland> ccheney: that would be good
<ccheney> kirkland, what is the location for the tests?
<ccheney> kirkland, ping ^ ?
<webPragmatist> is it recommended to use deb http://ppa.launchpad.net/ubuntu-ha/lucid-cluster/ubuntu lucid main for your prod box?
<webPragmatist> i can't get the ocfs2 pacemaker library otherwise
 * ccheney off to dinner
<Daviey> kirkland: smoser and I already talked about it..
<Daviey> smoser: I mentioned that we should try and get it upstream concurrently
<Daviey> bah, scrollback delay
<Daviey> i see he filled you in
<orudie> Greetings. I just downloaded a .run file TeamSpeak3-Client-linux_x86-3.0.0-beta21.run
<orudie> not sure how to install it
#ubuntu-server 2010-06-04
<corpse> when i try to open my  web domain it opens up my router. i have turned off all firewalls and opened all ports and i still get the loop back. i also do not seem to beable to access it from outside of the network
<abhibeckert> i'm setting up an Ubuntu 10.04 LAMP server, to be run inside a virtual machine on my workstation
<abhibeckert> is it possible to give the VM 128MB of ram? I'd like to keep as much memory free as possible on the host machine
<abhibeckert> It will only be used for apache/php/mysql and I'll be the only person it serves requests to
<hggdh> abhibeckert: 128M may be a bit too low... but the best option is to try it, since you can always increase if needed
<abhibeckert> thanks. i'll be following the slicehost ubuntu setup, which is full of config tips to get lamp running smoothly even with high traffic on their entry level 256MB VM's
<abhibeckert> i'm hoping i can get it down a bit, since my workstation can be starved for ram... especially when i'm testing internet explorer in another virtual machine
<qman__> abhibeckert, I run ubuntu server 8.04 on real hardware with 256MB, doing a whole lot more than LAMP
<qman__> so I assume 128MB should work if you tweak it right
<ruben23> hi what are the added features and goodness of the new version 10.04 LTS...?
<therian> hey guys, can someone help me with ndiswrapper please?
<ccheney> anyone happen to know how to have uec use lp logins, i can't remember what you have to do to make that work
<ccheney> ah uec-run-instances -l (user id)
<cef> argh, why does grub2 have stupid defaults for a server install? I want a menu damnit!
<cef> ok, great.. 2.6.32-22-server breaks my kvm setup. grrrrrr
<ccheney> cef, 22.35 ?
<cef> probably.. got it from security today
<cef> hold a sec I'll check (on an old kernel now -19-)
<cef> yup, 2.6.32-22-server_2.6.32-22.35
<lifeless> 35 is known broken, being fixed
<Maletor> I'm trying to share my music through DAAP with RythmBox. Can I access this stream from work?
<kees> cef: yes, known (bug 589163), fix will be published in a few hours.  :(
<uvirtbot> Launchpad bug 589163 in linux "Cannot start kvm guest" [High,Fix committed] https://launchpad.net/bugs/589163
<sludge321> Was wondering if anyone can help me with a strange issue on a new Ubuntu 10.04 server. /var/log/messages is empty, and cron.daily does not seem to be being processed.
<ccheney> anyone happen to know what causes not tested instances when running uec-testing-scripts?
<KurtKraut> sludge321, does the /var/log/messages modified date and time change? Is it being written and them wiped out? I'm clueless about what it might be, but certainly this is an important part of a diagnosis.
<cef> kees: cool ta
<a3ist> Ok so I've been drooling over the docs all day; can someone recommend a way to set up a new box w/ ubuntu server 10.04 and gdm/gnome with several simultaneous x sessions?  One will be for the HDTV its plugged into via HDMI, and the rest over the network.
<sludge321> KurtKraut: looks like it isn't being modified, date on "ls -la" is 25th of May.
<KurtKraut> sludge321, but is this partition mounted with an option that will update the 'last modified' that?
<cef> also, is the partition mount rw?
<sludge321> KurtKraut: cef: Hmm, "fdisk -l" results in "cannot open /proc/partitions" and "cat /etc/fstab" only has entried for /proc and /dev/pts
<cef> sludge321: what does 'mount' say? it should list all the mounts
<sludge321> cef: /dev/vzfs on / type reiserfs (rw,usrquota,grpquota)
<sludge321> Maybe this is due to the type of virtualisation. I believe this server is a Parallels OpenVZ/virtuozzo vm.
<Maletor> SSH seems slow from work. How can I speed up my ssh connection?
<sludge321> kern.log is empty as well
<sludge321> but mail and apache logs are being written to correctly
<lucas_> mdadm reports that i have three spare disks in my system, but the system only has three disks total, how can i remove these from the set?
<PcCowboy> I have a quick question. I'm trying to setup a home server for FTP, windows file sharing, HTTP, and any other cool servers i can come up with ;-P  I have baan using a windows XP box but i was thinking using ubuntu might mean it would run cooler (less heat), use less electric, ect..  My question is would server or desktop better suit my needs?
<PcCowboy> *been
<twb> lucas_: pastebin /proc/mdstat
<twb> PcCowboy: http://mywiki.wooledge.org/FtpMustDie
<twb> PcCowboy: if you want a server, install Ubuntu Server, not Ubuntu Desktop.
<lucas_> pastebin gave a command not found, heres a cat
<lucas_> root@hackintosh:/proc# cat mdstat
<lucas_> Personalities : [linear] [multipath] [raid0] [raid1] [raid6] [raid5] [raid4] [raid10]
<lucas_> md1 : active raid1 sdb2[2] sdc2[1]
<lucas_>       1429225472 blocks [2/1] [_U]
<lucas_>       [=============>.......]  recovery = 68.0% (972788352/1429225472) finish=112.8min speed=67427K/sec
<lucas_>       
<lucas_> md0 : active raid1 sdb1[0] sdc1[1]
<lucas_>       524287936 blocks [2/2] [UU]
<lucas_>       
<lucas_> unused devices: <none>
<twb> !pastebin > lucas_
<ubottu> lucas_, please see my private message
<a3ist> Ok so I've been drooling over the docs all day; can someone recommend a way to set up a new box w/ ubuntu server 10.04 and gdm/gnome with several simultaneous x sessions?  One will be for the HDTV its plugged into via HDMI, and the rest over the lan
<twb> a3ist: if by "LAN" you mean ethernet, that doesn't make sense.
<twb> You can run X over TCP/IP over ethernet, but those are remote heads, not local heads.  So it'd be a normal terminal server plus a local head connected to your TV.
<a3ist> got a new box that's doing media pc type stuff for the tv; gonna do mythTV or something there.  But I also want others on the lan to be able to log in and use a desktop environment without interrupting it
<twb> Yeah, that's just a normal thin client/server setup.
<lucas_> http://paste.ubuntu.com/444366/
<twb> a3ist: will these other users be booting from the network, or will they be running (say) Windows and just opening some apps on your server?
<a3ist> The latter.  Two mac osx boxes in my dad's home office
<a3ist> I don't need DE's for my own use; I'm perfectly comfortable with CLI
<twb> a3ist: OK, then then basically all you do is install (say) the ubuntu-desktop package for the TV head, and any apps you need, and set up openssh-server.
<twb> a3ist: the OS X user runs (in X11.app) "ssh -X <server> <app> <app's args>"
<twb> e.g. ssh -X mythtv firefox google.com
<a3ist> I have gdm and the gnome desktop environment starting up fine, but I was looking for a way for my father to VNC in or something and get a normal GDM gui login.
<a3ist> Right now it doesn't seem to let multiple gnome-sessions run at once
<twb> a3ist: multiple sessions as the same user?
<a3ist> no, different users
<a3ist> each getting their own session
<twb> It should.  I haven't tried it for a couple of years, but it should Just Work
<twb> You can use VNC instead of X11 by installing vnc4server.
<PcCowboy> twb: Im using an HTTP server too. whats a good way to do this on linux
<twb> PcCowboy: have you read the Ubuntu Server Guide?
<a3ist> I have x11vnc installed, but having multiple people use it just gets them the same display (:0)
<twb> a3ist: that's because x11vnc is the wrong tool.
<a3ist> ah, I'll try vnc4server
<twb> a3ist: x11vnc exports an EXISTING display, like Windows VNC servers.  You want to export a NEW display, separate from the local head.
<a3ist> right
<a3ist> Ok, that would explain my problem then
<twb> Windows VNC servers don't do that because Windows licenses (usually) only allow one user at a time.
<PcCowboy> nope.just looking into thiss buddy...plus the only "info" i can find on server is cloud, Cloud, CLOUD, oh and more cloud....lol
<twb> PcCowboy: install ubuntu-serverguide (or find it online) and read it.
<PcCowboy> thanks ttyl
<ScottK> The link to the server guide is in /topic.
 * ccheney wonders if he has the test misconfigured or he is seeing some kind of bug
<twb> ScottK: last time I looked that link was busted
<ScottK> Works for me.
<twb> I guess someone fixed it.
<ccheney> kirkland, ping, you happen to around still?
<panfist> I need to upgrade the nic on a server that I didn't set up. I will be replacing the onboard nic with an intel add-on
<panfist> the nic was detected automatically, which is great, except it's named eth1 and the other is named eth0
<panfist> is this difference relevant in any of the config files? or is it all config'd by IP?
<cjs> Oooch. The 2.6.32-22 kernel upgrade killed all of my kvms.
<kirkland> cjs: there's another update that fixes it
<kirkland> cjs: sorry about that, we spent most of today unbreaking that
<cjs> Is that update out yet? I just did the update a half hour ago, and discovered the problem.
<cjs> I downgraded to confirm that it was the kernel upgrade, and it started working again, and I updated again just a few minutes ago but now I'm getting virt-manager complaining that it can't attach to dbus or something like that.
<cjs> I suspect that that might be unrelated, but do you have any idea how I might fix that?
<cjs> I don't appear to have a .gconf or .gconfd file in my home dir....
<cjs> Ah, those were under root's home dir. Removing both .gconf and .gconfd entirely fixed the issue.
<cjs> Anyway, so how do I get this new update that fixes this?
<kirkland> cjs: should be out soon tonight/tomorrow
<cjs> Got it, thanks. Will this then be -23?
<qman__> panfist, all interface configuration is based on eth0, eth1, etc...
<qman__> if you want the second NIC to replace the first one, you can change that setting in /etc/udev/rules.d/70-persistent-net.rules
<cjs> Hm. How do I get a guest to boot single-user so that I can run a manual fsck?
<cjs> It always seems to try to boot multi-user, tells me I need to run fsck manually, and then won't give me a shell prompt.
<cjs> Well, I just booted an install CD and selected recovery mode.
<hallyn> hmm - 'man lsof' gives a weird result in the options section
<habanany> I don't get to get out of the black screen
<habanany> Any Spanish speaker  ?
<twb> !es
<ubottu> En la mayorÃ­a de canales de Ubuntu se habla sÃ³lo en inglÃ©s. Si busca ayuda en espaÃ±ol o charlar entra en el canal #ubuntu-es. Escribe "/join #ubuntu-es" (sin comillas) y dale a enter.
<habanany> thanks ubottu
<twb> habanany: try Ctrl+Alt+F1 (just a guess).
<habanany> I will try twb , thanks
<twb> I guess he was dual-booting
<MasterZuFu> Hello everyone. I'm using ubuntu 10.04 for my server and am hosting a mybb forum site on it. For some reason captcha isn't working. I did some looking around and some people say I need something called "GD Library" or "AdEnhanced" installed on my server. Any idea what this is or how to install it?
<MasterZuFu> nevermind, i figureed it out
<abhibeckert> MasterZuFu: did you find a good tutorial? can you post it?
<MasterZuFu> abhibeckert: http://www.redmezzanine.com/?p=360&lang=es
<MasterZuFu> you just need these two commands: sudo apt-get install php5-gd
<MasterZuFu> and service apache2 restart
<MasterZuFu> depending on which version of apache ur running and whatnot
<MasterZuFu> those commands might change depending on that, but that's the basic.
<MasterZuFu> how do i block entire countries at once with a single command? (ip block)
<abhibeckert> MasterZuFu: why would you do that?
<MasterZuFu> because there's some countries I don't want to have access to my site.
<abhibeckert> why?
<MasterZuFu> why should it matter?
<abhibeckert> only reasons i can think of are discrimination and security
<abhibeckert> if it's security... i don't think it'd help any
<MasterZuFu> it'd help a lot believe it or not
<abhibeckert> how? IP blocks are easy to work around
<MasterZuFu> blocking entire countries gets rid of a lot of spam and ddos attacks if
<MasterZuFu> because no one's going to re-route their entire botnet through a proxy, then they'd ddos themselves
<abhibeckert> it'd have a lot of false positives for spam, and just because you stop responding to ddos attempts doesn't mean they stop coming in and flooding your bandwidth
<MasterZuFu> look. i don't have to justify why. i just asked how to do it.
<abhibeckert> i've never done it, but i'm guessing you'll want to do it with iptables. that should help with googling at least
<ttx> Good morning
<MasterZuFu> morning/evening
<MasterZuFu> someone said something about "cid" blocks or, something, i don't know exactly what it's called
<MasterZuFu> but it allows you to block whole countries at once or something
<abhibeckert> ip addresses aren't broken up by country
<abhibeckert> they're broken up by ISP or something like that
<MasterZuFu> i know
<ajmitch> finding all addresses associated with a particular country would be tedious & error-prone because they're usually allocated in quick small non-contiguous blocks
<MasterZuFu> i'm sure i'll find a way
<ajmitch> especially for those allocated from certain places like APNIC
<abhibeckert> so if you're trying to find all IP address ranges from, say, china... then it's probably going to be a huge list that changes all the time
<MasterZuFu> yeah
<abhibeckert> and it seems useless... since the USA is the second largest country sending out spam (as far as i know) and i'm assuming you don't want to block those?
<MasterZuFu> spam isn't what i'm worried aobut
<abhibeckert> maybe you'd be better off looking at what IP you're getting lots of traffic from, and blocking those
<MasterZuFu> about**
<abhibeckert> most likely there's only a few massive ISP's in china? you could find out what their IP blocks are
<MasterZuFu> who mentioned china?
<abhibeckert> no-one, i just gave it as an examlpe
<MasterZuFu> ok. i'm just cautious as a chinese ip just tried to gain access to port 22 :)
<abhibeckert> since you implied you're trying to block spam and ddos attacks... of which many come from chinese bots
<MasterZuFu> which is why china is on my list to be blocked ;)
<abhibeckert> i'm not a sysadmin... but i'm told it's a basically suicide to have port 22 on a public port
<MasterZuFu> it's not public
<MasterZuFu> only i can access it
<MasterZuFu> but he was trying
<abhibeckert> all of the servers run by our sysadmin either have a whitelist of a few IP's who can talk to 22, or run it on a random port
<MasterZuFu> which is why i knew he was trying to access it
<abhibeckert> do you have a fixed IP? maybe you could whitelist your IP and block everyone else's?
<MasterZuFu> no i have dhcp
<abhibeckert> it probably wasn't "he" who was trying to get into port 22, it was probably a botnet
<twb> Disable password-based auth and use only key-based auth.
<jefimenko> does anyone know of any util for automatically restarting services when they crash?
<MasterZuFu> hmmmmmmmm didn't think of that
<jefimenko> or is a cron hack the best practice?
<abhibeckert> a lot of bots are in china, but not all of them. some people suggest most bots are in the USA
<MasterZuFu> i know this
<twb> jefimenko: put them in upstart
<abhibeckert> anyway, you're best off making sensitive ports like 22 only available from specific IP's, perhaps find out what your ISP's allocated range is
<abhibeckert> and then either use a crazy-ass long password, or use a private key
<twb> abhibeckert: password length isn't relevant, since it'll hash down to a finite set
<cef> I tend to run ssh on a non-standard port, not for security (the way I have it set up does that).. I do it to reduce the massive amount of logging from failed attempts that I would otherwise have on port 22
<twb> cef: I would use hashlimit for that
<abhibeckert> twb by "crazy-ass long" i just meant "too long to keep in your head"
<cef> twb: I did.. still fills up
<jefimenko> twb: looking at it now
<MasterZuFu> my pass is already above 150 chars XD :P. I'm not familiar with ubuntu so I'm not entirely sure how to secure it. i did just pick up a copy of "Linux Server Security" published by O'reilly
<twb> The big problem with using a nonstandard port is that most QoS heuristics won't bucket ssh traffic correctly
<jefimenko> twb: it's installed by default in ubuntu?
<twb> jefimenko: "it"?
<jefimenko> twb: upstart
<twb> Upstart has been Ubuntu's default (and only supported) init system for a LONG time.
<abhibeckert> i gotta go guys, 5pm here
<twb> Poor bastard must be a kiwi...
<MasterZuFu> if it helps any i'm only an hour behind him XD
<MasterZuFu> it's almost 4 pm here
<ajmitch> twb: given that it's after 6pm in NZ..
<cef> it's 4:30 here in melb
<cef> (or close to)
<ajmitch> 5pm, must be on a boat in the tasman
<MJennings> Hi.. If i just installed ubuntu-server on a new pc and have two processes in D state that won't go away after reboot, what should i do?
<MasterZuFu> nah, 5pm in australia in NSW
<cef> his ip points him to qld
<MasterZuFu> ooooo so close
<cef> still only 4:30pm their time.. methinks he was confuzzled
<MasterZuFu> ok, guys I gotta start reading this book or crazy chinese ppl are gonna hax my server XD
<ajmitch> cef: easy when it's that close to beer o'clock on a friday
<cef> ajmitch: heh
<a3ist> anyone know exactly what the -query parameter of xvnc / xdmcp instances does?  Restricts it to that hostname?  All the examples are just for localhost.
<cef> yay for kernel updates
<cef> and there goes security.ubuntu.com's throughput as everyone else starts hitting it. ;)
<kees> yeah, it should be on the -updates mirrors soon
<cef> kees: yup.. it's up there now
<kees> cool
 * kees goes to bed now
<cef> ahh hang on.. -updates.. yeah.. I think the aus mirror is doing an rsync.. it's complaining at me. ;)
<kees> copying from -security to -updates usually takes an hour.  it just published on -security, so hopefully in an hour it'll be in -updates.
<cef> :D
<cef> yay! all good now
<riz0n> hey guys, I have Ubuntu Server and a procmail filter system-wide that filters incoming mail flagged as spam to "Junk Mail" folder. I have a user receiving unwanted mail from an email address that wants to have mail from the email address moved to an IMAP folder (probably Junk Mail) can anyone here assist me in setting this filter up?
<SpamapS> riz0n: if you're delivering to real system users, then adding the rule to ~user/.procmailrc will work just fine.
 * SpamapS passes out
<riz0n> yeah thats what im trying to do, but im not sure about how to write the rule.
<riz0n> would this work? Line 1 :0:; Line 2 * ^From:.*\<email@ddresstofilter.com>; Line 3 Junk E-mail
<jefimenko> twb: i already have an initscript for my service, but if it crashes, it doesn't come up
<jefimenko> doesn't come back up
<jefimenko> i've been reading the upstart docs and haven't found out yet how to auto restart a service that dies
<jefimenko> if you know by experience how to do this, please point me into that direciton
<ab2> anyone know how to change the default tty?  since installing xubuntu-desktop on my headless server i can no longer logon to ttyS0
<uvirtbot> New bug: #589556 in unixodbc (main) "package odbcinst 2.2.11-21 failed to install/upgrade: error writing to '<standard output>': Input/output error" [Undecided,New] https://launchpad.net/bugs/589556
<twb> jefimenko: talk to #upstart about it
<twb> I don't use it myself
<MJennings> you have an option not to use upstart? how do you disable it
<twb> By installing 8.04
<twb> where upstart is really only a token implementation
<ab2> how do you get vlans on top of bonding working using /etc/network/interfaces in 10.04?  i can't seem to find the proper configuration online.
<MJennings> can xen be used on 10.04? i tried installing ubuntu-xen-server and there's dependencies problems
<\sh> MJennings, you should read http://noone.org/blog/English/Computer/Debian/xen-tools%2520back%2520in%2520Debian%2520Unstable.html by axel beckert...xen-tools are missing in ubuntu and I think that's your dependency problem, right?
<MJennings> \sh: correct
<\sh> ab2, auto vlan<id> \n iface vlan<id> inet static\n <do the usual stuff> \n vlan_raw_device <your bond interface with out /dev/>
<\sh> ab2, just like this: http://paste.ubuntu.com/444460/
<\sh> MJennings, axel beckert took over upstream and debian maintainership for this package...as far as I understand he provides as well xen-tools package for ubuntu
<\sh> ab2, the format is for lucid working with upstart
<MJennings> \sh: what kind of name is axel beckert
<\sh> mjeanson__, german ;)
<ab2> thanks \sh =)  that worked.
<\sh> ab2, np
<lambrecht> morning
<twb> b k e
<RoyK> morning
<RoyK> t w b
<twb> I was trying to M-x s b k e
<twb> Like so...
<cybrocop> Hi All, I'm having problems with virsh. I accidentally did an init 0 while a kVM instance was running and after restarting my system I am no longer able to run any instances.
<cybrocop> Virsh reports the instances as "started" but they don't produce any console output nor can I see anything with VNC (just a black screen).
<TREllis> cybrocop: can you ping the ip's of the kvm instances ie are they up?
<TREllis> there was a kernel bug affecting kvm recently (no instances started) https://bugs.launchpad.net/ubuntu/+source/linux/+bug/589163
<uvirtbot> Launchpad bug 589163 in linux "Cannot start kvm guest" [High,Fix released]
<ranjan> Hi all..how can i block google talk using squid proxy??
<\sh> ranjan, google talk is xmpp...I wonder if they talk http / https at all
<\sh> ranjan, or do you mean google talk on the google mail website?
<ranjan> \sh, google talk on the google mail website  is the first priority
<ranjan> \sh, how can i do that??
<ranjan> \sh, i have a squid running here
<\sh> ranjan, check the website for the javascript / html tag and try to block that...
<ranjan> \sh, how..?? i want a solid solution. can you please help me?
<cybrocop> TRellis: Thanks I think this is my problem.
<\sh> ranjan, sorry..I can't help...I don't know anything about squid content filters...as I don't use gmail on the website
<uvirtbot> New bug: #589611 in apache2 (main) "client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23)" [Undecided,New] https://launchpad.net/bugs/589611
<ranjan> \sh, oj
<TREllis> cybrocop: should be a kernel upgrade available for it, it was a regression
<cybrocop> Trellis: I may have done and apt-get upgrade to get a new kernel yesterday but I forgot to reboot. Right when I did an "init 0" (inadvertantly) the system was running several KVM images fine. As soon as I restarted, I started experiencing this problem. I'll check for updates.
<TREllis> cybrocop: good idea
<cybrocop> trellis: thanks, you saved me a lot of headache
<twb`> I'm installing Lucid on a router, PXE-booting the d-i netboot kernel.
<twb`> When it prompts for my "primary" interface, the eight ports are listed higgledy-piggledy.
<twb`> Is there an easy way to tell which one is the "real" eth0?
<twb`> http://pastebin.com/VAU1uVbG
<twb`> Hm, never mind.  I just started brute-forcing them, and the first one worked (unlike the last boot).
<ttx> twb`: heh
<twb`> Argh, now it's falling over trying to wget the Release file, despite me being able to fetch it from the same URL from my own machine, with the same proxy settings.
<sommer> morning :)
<twb`> My own fault.  Apparently dhcp-range=vendor:PXEClient,[...] will still match DHCP requests from d-i :-/
<ccheney> Daviey, i got a huge amount of not tested instances when i ran the test last night, and most of them according to the script were 'null', not sure if that is a bad thing or if it means the script itself is buggy
<ttx> jdstrand: if you do some sync processing today, I'd appreciate if you could push tomcat6 (bug 582312, filed 2 weeks ago). I have a few work items blocking on this.
<uvirtbot> Launchpad bug 582312 in tomcat6 "Please sync tomcat6 6.0.26-2 (main) from Debian unstable (main)" [Wishlist,Confirmed] https://launchpad.net/bugs/582312
<jdstrand> ttx: ok
<ttx> jdstrand: thanks !
<mathiaz> ttx: o./
<ttx> mathiaz: yo
<mathiaz> ttx: got some time for some hadoop talk?
<ttx> mathiaz: sure, joining
<ttx> mathiaz: btw you should still assign yourself to 1-2 bugs in https://launchpad.net/server-papercuts/+milestone/maverick-alpha-2
<mathiaz> ttx: yeah - on my TODO list
<ttx> I intend to push ivoks on bug 321091, fwiw
<uvirtbot> Launchpad bug 321091 in bacula "Bacula fails to install correctly if mysql wasn't installed before" [Medium,Triaged] https://launchpad.net/bugs/321091
<twb`> Is there *ANY* downside to installing ext3 and then remounting as ext4 at some later date?
<ccheney> mathiaz, what causes uec-testing-scripts to return 'null' for not-tested instances? i ran a 1000 run test last night and 721 of them showed up as not-tested 'null'
<ccheney> twb`, you don't get all the features unless it is formatted as ext4
<ccheney> twb`, but i don't happen to remember the details
<twb`> "all the features" boils down to some minor optimizations, plus extents.
<ccheney> twb`, probably something like that, yes
<twb`> And if I enable extents, I lose the ability to mount as ext3, which has screwed me a few times in the past
<ccheney> ah, so perhaps its not a feature in your case anyway :)
<twb`> I'm not saying extents aren't useful
<twb`> (I'm installing what will be our new mission-critical router.)
<twb`> Actually, I'm installing onto a CF card, so ext*2* is almost attractive.
<Daviey> ccheney: saw your email.. i don't know tbh.. hggdh might be a better person to ask
<ccheney> Daviey, ok
<ccheney> hggdh, ping
<twb`> I picked ext3 for now, since I can easily migrate to ext2 or ext4 at a later date.
<rgreening> ScottK: hey. how doth bug 589188 fare?
<uvirtbot> Launchpad bug 589188 in lucid-backports "Backport tacacs+ from Maverick" [Wishlist,In progress] https://launchpad.net/bugs/589188
<ScottK> rgreening: Approved.  Just waiting for an archive admin to execute it (if you ask Riddell nicely ...)
<rgreening> cool
<twb`> When doing a priorty=low d-i install, linux-generic is i686, and linux-386 is for i386?
<\sh> ScottK, any clue on "when do sync requests be processed?"
<ScottK> \sh: In theory every day by the archive admin of the day.  In practice it seems like on Tuesday's when it's Riddell's day.
<\sh> oh well...
<twb`> Paraphrasing: what differentiates linux-image-386 from linux-image-generic?
 * twb` digs out their .configs...
<twb`> Apparently there's bugger-all difference
<twb`> http://pastebin.com/SuQJkV7d
<wise_crypt> is it possible to copy squid cache file from other squid server ?
<twb`> wise_crypt: try #squid.
<twb`> It'll depend on the internal format squid users
<twb`> s/users/uses/
<wise_crypt> twb`: ex. from an oss squid server to ubuntu squid server
<twb`> wise_crypt: oss?
<wise_crypt> open suse
<twb`> Urk.
<twb`> SLES makes *RHEL* look good.
<wise_crypt> twb`: opensuse and it uses amd processor
<wise_crypt> twb`: the ubuntu uses intel, can it be done ?
<sjm> wise_crypt: why do you need to?  The cache should regenerate on its own
<twb`> wise_crypt: squid is extremely unlikely to give a shit what CPU you run
<wise_crypt> sjm: it tooks time to generate, a couple of moths ahead with high traffic will have plenty of resources
<twb`> So this whizzo encryption of /home -- will it DTRT if deployed on a multi-user CIFS/NFS NAS?
<sjm> wise_crypt: and you can use wget with the --delete-after option to help generate it if you know what pages you want in there.
<twb`> sjm: it'll still involve a second request to the internet, unless he points one squid at the other
<sjm> wise_crypt: run the wget jobs overnight (or off-peak)
<twb`> Actually... you can tell squid about "peer" caches.  If the old SUSE junk will continue running, you could just leave it there.
<sjm> wise_crypt: what twb said.  use the SUSE cache as a parent of the new one.
<wise_crypt> sjm twb` to do that i have to buy a new server :) unfortunately the budget is too low for this
<twb`> Yeah, I thought he might be reflashing
<wise_crypt> migrating is always pain
<twb`> Migrating from SUSE is, sure
<wise_crypt> :))
<wise_crypt> the hell let them bugging
<wise_crypt> *the hell let them bugging me with me the connection (solved)
<wise_crypt> thanks twb` sjm
<mathiaz> ccheney: hm - not-tested returns null - I don't know what can leads to that
<mathiaz> ccheney: do you have a log of the test run somewhere?
<ccheney> mathiaz, yes
<ccheney> mathiaz, will email you the log, it doesn't have debug info in it but if needed i can probably generate one with debug with nulls too
<mathiaz> ccheney: coudl you put on people.canonical.com instead of emailing it?
<ccheney> ok
<ccheney> mathiaz, http://people.canonical.com/~ccheney/ccheney.log.2010-06-04_010115
<mathiaz> ccheney: null probably comes from the fact the instance didn't have an Instance id set
<mathiaz> ccheney: looking at the log: WARNING:root:Instance failed to start: FinishedVerify: Not enough resources available: addresses (try --addressing private)
<mathiaz> ccheney: ^^ so it seems that instances were not started at all (thus not instance id was available)
<ccheney> oh ok
<ccheney> hmm
<ccheney> how many ips do i need to have available for it to not fall over when testing like that, i have 2 threads and 16 ips
<ccheney> i noticed that before but didn't realize that was what caused all the nulls
<ccheney> when i looked at the running box i noticed it seemed to get to the end of the pool and never reuse the ips that were no longer in use
<mathiaz> ccheney: hm - good question - I don't know exactly
<mathiaz> ccheney: the script will not start instances if there aren't enough ressource available
<mathiaz> ccheney: however it seems that UEC may take some time to give back public ip addresses
<mathiaz> ccheney: you may have run into that issue where there was enough ressource available but no public ip were available yet
<ccheney> yea and it we are going through an ip every 30 seconds when testing (seems that way on my laptop anyway) then it could use quite a lot
<Nicd^> I just installed Ubuntu Server 10.04 and cannot get gnome to install, "Depends: swfdec-mozilla but it is not going to be installed"
<mathiaz> ccheney: IIRC it should check if there are enough ressource available every 30 seconds or so
<mathiaz> ccheney: 16 ips should be enough though - if you just have two cores on your laptop
<ccheney> yea just a 2 core laptop
<mathiaz> ccheney: 2 cores means you can run up to 2 instances at the same time
<mathiaz> ccheney: so something else is fishy here
<ccheney> yea
<mathiaz> ccheney: you may have encountered an UEC bug then
<ccheney> i may have done something wrong or found a bug
<ccheney> i'm new to UEC, but i followed the directions as far as i can tell :)
<mathiaz> ccheney: rerun the test script with debug mode
<ccheney> mathiaz, ok
<mathiaz> ccheney: is this running on maverick?
 * Daviey laughs at mathiaz for suggesting any success on maerick
<Daviey> maverick*
<ccheney> mathiaz, lucid all updates but the 22.35 kernel
<ccheney> and with my new sru roll
<mathiaz> ccheney: I'd try to start a couple of instances by hand
<mathiaz> ccheney: I don't think it's an issue with the script
<ccheney> a small 20 debug run probably will show up the nulls i'll try that first
<ccheney> mathiaz, yea its been working all this time, i thought maybe i screwed it up somehow, heh
<twb`> Hm, git is still git-core in lucid
<twb`> I thought it post-dated the removal of the old git package
<ccheney> WTF
<ccheney> its still saying i'm out of ip addresses
<ccheney> oops, forgot to run the test as debug, grr :-\
<ccheney> i did get 80% failure on a 20 instance test though which seems rather odd
<ccheney> er not failure, -> not tested
<twb`> Wow, sensible-editor(1) prompts you to pick an editor now?
<hggdh> ccheney: pong (sorry, but had to get a voters registration done)
<ccheney> hggdh, ok np, mathiaz is looking at my uec-testing-scripts logs to see why its outputting lots of not-tested 'null' items
<hggdh> ccheney, mathiaz: these are sessions that failed even to start
<ccheney> hggdh, appears to be, seems to possibly be an issue with running out of ips
<ccheney> hggdh, it seems it takes a long time before they are returned to the pool after an instance termination
<hggdh> ccheney: yes, make sense
<hggdh> ccheney: I was told that "eventually they return to the pool"
<ccheney> heh and when doing load testing eventually can be long enough to cause not-tested
<hggdh> ccheney: most certainly
<ccheney> i probably need 32 ips for a 2 thread system from a hunch i have
<ccheney> at least if they are actually released after they no longer show up in euca-describe-instances
<ccheney> however i was having problems with no ips even when there weren't many in that list, so i think it might not be related to that
<hggdh> ccheney: I think it goes beyond that, yes
<habanany> which one u recommend eBox, ISPConfig or Webmin ?
<cloakable> I recommend /bin/bash :P
<pmatulis> cloakable: what about /bin/zsh?  :)
<cloakable> pmatulis: get thee from my sight, heretic ;)
<twb`> zsh is for csh refugees
<pmatulis> the zee shell!
<cloakable> bash is for people who like to get work done ;)
<twb`> The zsh author chose the name because it collided with one of his lecturers.  That shows how unconscionably rude he is.
<twb`> *collideded with one of his lecturer's names, that is
<cloakable> heh
<twb`> I would say: bash is for people who have more important things to do, when being told to fix a new server, than installing another shell.
<cloakable> pmatulis: next you'll be suggesting that emacs be put into ubuntu's /etc/shells ;)
<twb`> cloakable: that breaks scp/sftp; emacs -c does The Wrong thing.
<twb`> It works OK as init, though.
<ccheney> hmm it seems like euca ate my ips but one
<ccheney> er ate all
<cloakable> twb`: file a bug report ;)
<twb`> Incidentally, tmux got that right.
<twb`> "tmux -c foo" will just run foo in a "real" shell.
<cloakable> heh
<ewait> anyone know about channel scanning for a backend non gui server?
<twb`> ewait: as in 802.11?
<ewait> no, as in atsc or dvb-c (tv channels)
<twb`> No idea.
<ewait> thx anyway
<twb`> Try looking at the packages that depend upon <the dvb library package>
<ewait> I have dvb-util and dvb-apps but they seem like there is no US channel presets
<ccheney> mathiaz, the other two are in the same spot now
<ccheney> mathiaz, of the two new runs the first one was without debug by accident and then ran the second one after it
<ccheney> mathiaz, it seems to be stuck only using 10.0.0.46, my pool is 10.0.0.32-10.0.0.48
<osmosis> i did a fresh install of ubuntu server 10.04 64bit. Im getting super slow disk access times. Not sure why.
<osmosis> any ideas on how I can test / troubleshoot?
<twb`> iostat/iowait
<bcessa> hi, I'm trying to set nginx as a proxy to handle static files while let apache proccess the php code, how ever I'm getting a 502 Bad Gateway error, can someone give a hand with it?
<twb`> bcessa: examine the entire response with curl -v.
<osmosis> twb`, whats that?
<habanany> ebox vs webmin , help me to decide
<twb`> iostat               (1)  - Report Central Processing Unit (CPU) statistics and input/output statistics for devices and partitions
<twb`> hdparm -i is another obvious one -- check it's using DMA
<bcessa> twb`: this is what I get back http://pastebin.com/vbjcFPFY
 * ccheney going to reboot his cloud and see if it passes after doing that
<twb`> bcessa: ask the nginx people; I don't know.
<osmosis> twb`, dma modes look okay. I have two brand new western digital drives, ubuntu 10.04 install with software raid1 and LVM
 * ccheney thinks the not-tested are a combination bug/feature, in that if the ips are all used and you get to 12 attempts to get an ip it probably permanently ignores the instance
<twb`> osmosis: are the partitions/filesystems aligned on block boundaries?
<bcessa> I'm already on their forum so far nobody is answering :O thnx anyway
<twb`> though that may constitute ricing...
<osmosis> twb`, uhmm...it was all through the ubuntu installer.
<ccheney> but there seems to also be a bug on my box where all but one ip is never released
<twb`> osmosis: then probably not
<twb`> osmosis: ref. http://thunk.org/tytso/blog/2009/02/20/aligning-filesystems-to-an-ssds-erase-block-size/
<osmosis> twb`, these are not SSD drives. just normal drives.
<twb`> Are they 2TB drives?
<osmosis> twb`, yes
<twb`> Still largely, then applicable.
<bcessa> is weird, the problem is specifically with php files, plain html files works fine, example: http://ve.6pprv6tr.vesrv.com/index.html
<twb`> Urk
<twb`> *still largely applicable, then
<bcessa> and this don't work: http://ve.6pprv6tr.vesrv.com/test.php
<osmosis> twb`, i dont see any CPU slowing on my munin charts though. if it was overhead, it should be high iowait.
<twb`> osmosis: block misalignment will result in IO waiting, not in CPU load
<twb`> Anyway, if this is a fresh install, how do you know it's slower than it should be?
<osmosis> twb`, because i have a slower server that was running the same load just fine. this is unusable.
<osmosis> twb`, i dont have any graphs showing a lag...but the server is often unresponsive
<osmosis> twb`, actually i do see a lot of iowait on the munin cpu chart.
<twb`> Define "slower"
<osmosis> twb`, tcp connections being dropped, slow apache load time, and i have had disk corruption as well
<osmosis> twb`, its definitely IOWAIT
<osmosis> twb`, the article you sent is just talking about SSDs though. not sure i understand it yet
<bcessa> I notice that the php request is not being redirected to apache, and instead handle directly by nginx, so that what's causing the bad gateway, now the question is why :O
<twb`> disk corruption isn't the same as "it's slow"
<twb`> That indicates that something is really, seriously wrong.
<osmosis> twb`, yes
<edwin-sv> hi everybody, someone know about a package or related procedures with gnu/linux commands to make an "image" of an ubuntu server that is running but it must not being shutdown to make an image (maybe with Nort*nGhost or related software) because it is providing a critical web service. The purpose of the task I want to do is to keep a backup image of the server that actually it does not exists. :(
<twb`> osmosis: you should indicate that first.
<twb`> s/indicate/investigate/
<twb`> OK, I'm obviously too tired and drunk to be helping
<osmosis> twb`, investigate? i dont have much to go on. cant reproduce it
<edwin-sv> thanx in advance! :)
<osmosis> twb`, but my IOWAIT is high, and thats my best lead.
<ccheney> on a fresh rebooted setup it seems to be working ok, at least for a while
<ccheney> i might need to have it run for a few hundred instances with debug logging
<ewait> how many things will break when doing a sudo do-release-upgrade?
<bcessa> cya
<ewait> My concern is with backuppc, virtual hosts in Apache2, mysql, etc. with the release upgrade
<edwin-sv> hi everybody, someone know about a package or related procedures with gnu/linux commands to make an "image" of an ubuntu server that is running but it must not being shutdown to make an image (maybe with Nort*nGhost or related software) because it is providing a critical web service. The purpose of the task I want to do is to keep a backup image of the server that actually it does not exists. :( < Thanks in advance! :-) >
<ccheney> no nulls on a rebooted box with 32 run, trying 256 run without rebooting first
<oru_work> which program from repos can I install to be able to traceroute ?
<eagles0513875> !kvm
<ubottu> kvm is the preferred virtualization approach in Ubuntu. For more information see https://help.ubuntu.com/community/KVM
<ccheney> edwin-sv, a fs snapshot might work, but even then it might leave it in inconsistent state for apps
<ccheney> edwin-sv, i think there are some tools to do backups utilizing snapshots
<ccheney> edwin-sv, but i don't have any experience with them
<ccheney> its not failing at the moment but it definitely looks like it might be eating ips
<ccheney> at least based on how its reusing them
<edwin-sv> ccheney, that is the situation, actually i have an ubuntu server providing a critical service to our enterprise, but it doesn't have a backup of configurations of its apps
<ccheney> edwin-sv, this might be useful, but i am not sure if there is already something in ubuntu that makes it easier: http://tldp.org/HOWTO/LVM-HOWTO/snapshots_backup.html
<osmosis> im still not sure why im getting such high IOWAIT on these new WD 2TB drives.
<xperia> hello to all. i have a question related to uploading stuff to the server. why does i get allways a 405 Error Message "The requested method PUT is not allowed for the URL" everytime i try to upload something as follow "curl -T file.gz http://serverip/dir/file.gz"
<edwin-sv> ccheney, do you know if a fs snapshot could take an image of the boot procedure, too?
<xperia> do i need to change some server settings as ubuntu prevent this and if yes where do i need to change this ?
<ccheney> edwin-sv, you would probably have to reinstall grub, but if the (i assume raid) complexity is hidden from the OS then it probably would work otherwise
<ccheney> edwin-sv, i have no idea what you would need to do to restore if you are using softraid
 * ccheney is a newbie server guy so doesn't know detail about a lot of these things
<ccheney> hmm yep euca is eating my ips at least its doing it somewhat slowly
<osmosis> I have two 2TB western digital drives, on software raid1 and LVM. Im getting high IOWAIT. How can I determine the cause?
<xperia> anybody know how i can resolve this Problem here "The requested method PUT is not allowed for the URL"  ?
<guntbert> xperia: for apache problems there is the channel #httpd too
<xperia> guntbert: but nobody answer there. tryed allready !
<edwin-sv> ccheney, actually I want to have an image of the ubuntu server that is running, and if fail the one that is running just turn on the image in other server the image and keep running the apps
<guntbert> xperia: I cannot help you either - sorry - it was only meant as additional ressource :-)
<edwin-sv> ccheney, actually I want to have an image of the ubuntu server that is running, and if fail the one that is running just turn on the image in other and keep running the apps :-)
<hggdh> smoser, mathiaz, ccheney: can I reboot the UEC test rig?
<mathiaz> hggdh: sure
<hggdh> thanks
<RoyK> hm. ubuntufying zimbra would be a nice project
<ccheney> hggdh, yep thats fine, i'm running uec testing on my local setup
<hggdh> ccheney: thank you
<ccheney> mathiaz, did you happen to see my debug log i posted earlier?
<mathiaz> ccheney: not yet
<mathiaz> ccheney: could you repost the url?
<ccheney> mathiaz, http://people.canonical.com/~ccheney/
<ccheney> mathiaz, the latest timestamp is the full debug log
<ccheney> mathiaz, its looking like eucalyptus will reuse an ip immediately until some trigger and then either never reuses it or takes a very long time to do so, which appears to be why i was running out of ips, not sure if that was the cause of the 'null's though
<mathiaz> ccheney: well - the script is running as expected IMO
<ccheney> ok
<ccheney> so a null just refers to something that never got an ip address?
<mathiaz> ccheney: the second time an instance is trying to run, uec fails: DEBUG:root:Instance start output: FinishedVerify: Not enough resources available: addresses (try --addressing private)
<ccheney> yea
<mathiaz> ccheney: so null refers to the fact that an Instance object has been created in but it failed to start (which means that no instance Id are unkown for the object)
<mathiaz> ccheney: that's why there is a null in the report
<ccheney> oh i see
<mathiaz> ccheney: hm - no instance Id are *known* to the testing script
<ccheney> yea
<mathiaz> ccheney: that's why it fails to null
<ccheney> ok
<hggdh> and which is why is I left it as 'not-tested'
<mathiaz> ccheney: the script reveals a problem with UEC though
<mathiaz> ccheney: not a real bug in the script ;)
<ccheney> mathiaz, ok
<ccheney> i'm at the last ip on a debug log 256 run, so maybe it will be of some help to determine whats going wrong
<ccheney> hmm i think i'll reboot so its the full log from a clean system
<ccheney> it got to the problem in under 30m
<ccheney> i see this in the cc.log is that bad: [Fri Jun  4 12:05:35 2010][001251][EUCAWARN  ] vnetInitTunnels(): in MANAGED-NOVLAN mode, priv interface 'eth0' must be a bridge, tunneling disabled
<Tim_R> can anybody tell me how to setup quota for webspace because I want to offer my customers 25mb free webspace
<g-hennux> hi!
<g-hennux> from 9.10 to 10.04, apparently the dovecot-config file has changed
<g-hennux> and i denied the upgrade of the config file at dist-upgrade
<g-hennux> how can i get the default config file from the deb file to compare the two files manually?
<ccheney> hmm lease time for euca dhcp is 20m if its not shut down properly
<coafcv> how can I override the user password? I have a VM running ubuntu server, but I forgot both username and password. it's on my local LAN, and re-installing the OS would take too long.
<ccheney> er 20m, which is  maximum time of lease if its not shut down properly is more accurate
<Daviey> ccheney: yeah, so 20m suggests a bigger pool would hide that concern
<Daviey> ccheney: did you recieve kirklands mail?
<Tim_R> anybody?
<Daviey> If you have a branch or debdiff you want me to have a gander over, let me know (via email ideally)
<ccheney> Daviey, just saw it yea
<Daviey> Tim_R: i would first point you towards disk quota
 * Daviey goes afk
<ccheney> Daviey, now that i know what to look for i am going to make sure the problem is really just the lease time and then bump my pool size
<Tim_R> ok Daviey afterwares
<ccheney> i have a doctor appointment (should be ~ 15m) and a house closing (~ 30m) today also, as noted on my calendar
<ccheney> Daviey, i'm not sure but it doesn't look like the 'public' addresses are assigned by dhcp
<ccheney> Daviey, and from what i recall when you log into a instance you see the internal ip eg 172.x
<ccheney> it might still be related to the 20m lease time for the internal 172.x addresses but not certain, i'll get a good debug log and then up the number of ips
<mathiaz> kees: hi - do you know if there is a package that provides the Debian CA certificate?
<mathiaz> kees: I'm trying to connect to alioth over ssl and firefox doesn't recognize the CA
<kees> mathiaz: hm
<kees> mathiaz: I thought ca-certificates came with it
<mathiaz> kees: http://ca.debian.org/ -> says it's from SPI
<kees> http://www.spi-inc.org/secretary/spi-cacert.fingerprint.txt/view?searchterm=cert
<kees> or rather: http://www.spi-inc.org/secretary/spi-cacert.crt/view?searchterm=cert
 * ccheney thinks he found out his problem but isn't quite sure what the minimum ip range is yet, still reading a comment from developer about a similar user issue
<ccheney> i think maybe i have to tweak VNET_ADDRSPERNET=32 to something smaller
<elysrum> Hi, looking for a little help here.  Every time my server reboots something is resetting the permissions on /tmp to 755.  Anybody have any ideas?
<elysrum> Server Version is 10.04, it is an upgrade from Karmic (not a clean install).
<hggdh> kirkland: I wonder if Deji's systems really have KVM disabled, or if the KVM mods were not loaded -- just had the same issue on sapodilla
<hggdh> Deji1: ping
<Deji1> hggdh : pong
<ccheney> actually it seems that was not the issue as the user was seeing their dhcp show up with all 0's
<hggdh> Deji: did you reboot your NC?
<Deji> hggdh : i have pricklypear up but still no luck with ceylon
<hggdh> Deji: can you please, on ceylon, run 'initctl status qemu-kvm' and tell me what is the output?
<Deji> hggdh : the system is down now, i can't even ssh into it. port 22 is not active
<hggdh> Deji: OK. We wait for it to come back on, and then we check again
<nick58b> uptime
<a3ist> hey guys I'm looking for the current config method for xdmcp; I'm not seeing gdm.conf anywhere and I'm assuming it was moved to an auto-generation setup like grub2.  Need to know where to go enable the gdm greeter for remote logins.
<a3ist> nm think I found it
<Doonz> so my keyboard mapping is all fucked up . where can i change these settings. 10.4 console only no desktop
<alvin> My fileserver just died. PSU was broken. I replaced it and booted. It has 4x2TB disks in mdadm RAID5. Now I'm staring at a big purple screen saying" Your disk drives are being checked for errors, this may take some time". I have the option to press C to skip. Now my question is: is this a rebuilt, or an fsck?
<alvin> What I really want now is some output. A message saying fsck, or the ability to look at /proc/mdam. Something more informative than a purple background.
<RoyK> alvin: reboot into single and check
<alvin> But it's checking. I don't know if it is safe to reboot
<RoyK> press escape
<alvin> aha!
<RoyK> that usually takes it back to the console
<alvin> mountall terminated with status 1 on some filesystems. And ureadahead-other terminated with status 4. Those are the last lines
<alvin> thanks btw
<uvirtbot> New bug: #589830 in squid (main) "Please ship a ufw application profile for squid" [Undecided,New] https://launchpad.net/bugs/589830
<alvin> ahm the ureadahead message is a bug. It's now continuing. This is pretty fast for an fsck. Must be the ext4
<alvin> Why extreme NFS timeouts are great: the fileserver was hosting the qcow image of a virtual mailserver. The mailserver is accessible again and I didn't need to reboot it while it's disk was offline.
<alvin> Must also be a KVM thing, because my desktop on NFS mounted /home is still unresponsive
<mathiaz> ccheney: hey - what's the state of the eucalyptus sru
<mathiaz> ccheney: ?
<ccheney> mathiaz, sent the debdiff to dave and dustin and was trying to do initial testing when i started getting all those weird errors
<Deeps> can anyone recommend any hackable web interfaces for iptables?
<Deeps> or possibly suggest a better solution to my conundrum
<Deeps> i have an ubuntu router for my connectivity
<Deeps> the router has multiple upstreams that can be used
<Deeps> at present, i'm using source based routing using fwmarks to match
<Deeps> e.g., for i in {2..10}; do ip rule add fwmark $i lookup $i; done
<ccheney> mathiaz, would you like a copy also?
<mathiaz> ccheney: yes
<Deeps> and then mangle rules to match specifiuc client IPs
<Deeps> e.g. iptables -t mangle -I PREROUTING -s 192.168.1.3 -j MARK --set-mark 3
<Deeps> what i'd like is an easy way for client machines to advise the router what upstream they'd like to use
<Deeps> so my idea was to have a web interface that would alter the mangle table rules
<Deeps> and have that run on / interface with the router
<ccheney> mathiaz, ok sent, let me know if you get it
<Deeps> nobody? heh
<EtienneG> question, guys: can you define mutliple static per interfaces in /etc/network/interfaces without using stupid eth0:1 type of alias?
<Deeps> EtienneG: up/post-up lines with ip address add $ip/$mask dev $interface
<EtienneG> Deeps, ugh.  thanks for the info, though!
<Deeps> remember to add the corresponding down lines too though
<Deeps> if you're wanting to add a range of ips, post-up for i in {1..255}; do ip addr add blah.$i/$mask dev $int; done
<mathiaz> ccheney: ok - I got your diff
<mathiaz> ccheney: could you create a bzr branch instead
<mathiaz> ccheney: and create a merge proposal
<mathiaz> ccheney: it would easier to conduct the review
<ccheney> ok
<mathiaz> ccheney: and subscribe other - rather than just sending debdiff around
<mathiaz> ccheney: bzr co lp:ubuntu/lucid-proposed/eucalyptus
<ccheney> ok
<mathiaz> ccheney: have you used bzr pkg branches already?
<ccheney> no, never did a merge proposal, etc
<mathiaz> ccheney: ok - let me guide through this
<mathiaz> SpamapS: around?
<ccheney> i have mostly just worked on OOo and some internal oem stuff in the past which didn't use bzr branches
<mathiaz> ccheney: right
<ccheney> i'm going to have to leave in about 20-30m to go to a home closing (sale)
<mathiaz> SpamapS: I was about to guide ccheney through using bzr pkg branches for doing an SRU
<ccheney> but if it doesn't take much time i can do it now :)
<mathiaz> ccheney: ok - I can get you started on this
<mathiaz> ccheney: I usually start by creating a shared repository to hold all the branches:
<mathiaz> bzr init-repo eucalyptus
<mathiaz> naming the directory after the source package
<mathiaz> then cd eucalyptus/
<ccheney> ok
<mathiaz> bzr co lp:ubuntu/lucid-proposed/eucalyptus
<mathiaz> ^^ that gets the code from lucid-proposed
<uvirtbot> mathiaz: Error: "^" is not a valid command.
<mathiaz> then I'd create a local branch to work on the sru itself
<mathiaz> (in this use case I've used lucid-proposed as I know there is already an SRU in place)
<mathiaz> (if not I'd use lp:ubuntu/lucid/eucalyptus - which would get the version of the src package that is in lucid)
<mathiaz> then I'd create a local branch to work on the sru itself:
<mathiaz> hm - wait - I usually check out the LP branch in a directory named after the release
<mathiaz> so:
<mathiaz> bzr co lp:ubuntu/lucid-proposed/eucalyptus lucid-proposed
<ccheney> ok
<mathiaz> that would create a sub-directory lucid-proposed/ that holds the relevant code
<mathiaz> otherwise you'd end with eucalyptus as the directory name
<mathiaz> then I'd create a local branch for preparing the SRU:
<mathiaz> bzr branch lucid-proposed/ lucid-sru
<mathiaz> cd lucid-sru/
<mathiaz> and prepare the SRU in there (patches, changelog edition etc...)
<ccheney> ok
<mathiaz> in our use case you could just apply the debdiff
<mathiaz> (lucid-sru:$ bzr patch < eucalyptus-sru.debdiff
<mathiaz> )
<mathiaz> once the sru is ready, do a local commit:
<mathiaz> debcommit
<mathiaz> and then push it to LP under your account:
<mathiaz> bzr push lp:~ccheney/ubuntu/lucid-proposed/eucalyptus/lucid-sru
<mathiaz> once the branch is pushed to LP you go over to the LP page
<ccheney> does that need to be just lucid?
<mathiaz> and you can propose for merging from the LP page
<ccheney> it says no such distribution series
<mathiaz> ccheney: ok
<mathiaz> ccheney: so try lucid
<Maletor> Can I access a DAAP share at home from work. I realize we need to forward ports, but doesn't it use bonjour? I would really like to be able to do this....
<Maletor> SSHFS seems a little slow.......
<mathiaz> ccheney: cool - your branch shows up: https://code.launchpad.net/ubuntu/lucid/+source/eucalyptus
<ccheney> cool :)
<mathiaz> ccheney: now if you go on the branch page: https://code.launchpad.net/~ccheney/ubuntu/lucid/eucalyptus/lucid-sru
<mathiaz> ccheney: you can propose for merging
<ccheney> i'm on the propose merge
<ccheney> do i need to type the other url in as the target?
<ccheney> it suggests lp:ubuntu/lucid/eucalyptus which seems wrong
<mathiaz> ccheney: right - you wanna propose it to lucid-proposed
<ccheney> pl
<ccheney> er ok
<mathiaz> ccheney: as this is what the branch is based on
<ccheney> ok
<ccheney> mathiaz, should i change the reviewer to ubuntu-server or something like that?
<mathiaz> ccheney: yeah - put ubuntu-server as the reviewer
<ccheney> ok
<ccheney> ok done :)
<ccheney> that was easy with help from you, thanks! :)
<mathiaz> ccheney: cool - the merge is ready for review: https://code.launchpad.net/~ccheney/ubuntu/lucid/eucalyptus/lucid-sru/+merge/26839
<mathiaz> ccheney: I'd suggest to subscribe a bunch of people to do the review as well
<ccheney> ok
<mathiaz> ccheney: I've just claimed the review
<mathiaz> ccheney: https://code.launchpad.net/~ccheney/ubuntu/lucid/eucalyptus/lucid-sru/+merge/26839
<ccheney> ok
<mathiaz> ccheney: on the merge proposal page you can request another review
<mathiaz> ccheney: I'd suggest to add Daviey as well
<ccheney> ok
 * ccheney gotta run to sell his house, bbiab
<mathiaz> ccheney: as for the branch itself, I would subscribe kirkland and Daviey as well
<ccheney> ok
<mathiaz> ccheney: I'll do the later as you're running out
<mathiaz> ccheney: good luck!
<ccheney> i didn't see where to subscribe other people, i saw where they are subed
<ccheney> but not how to add more
<ccheney> looks like only me and james westby were subscribed by default
<mathiaz> ccheney: on the branch page, there is a link that says subscribe someone else
<ccheney> oh i was under the proposal page, oops
<mathiaz> ccheney: right -it's a bit confusing
<ccheney> thanks for the help :)
<mathiaz> ccheney: https://code.launchpad.net/~ccheney/ubuntu/lucid/eucalyptus/lucid-sru
<mathiaz> ccheney: ^^ that the bzr branch page
 * ccheney leaving now, bbl
<ccheney> yea
<mathiaz> ccheney: that's all for now!
<ccheney> ok
<SpamapS> mathiaz: argh, I missed your message earlier
 * SpamapS saves the log
<mathiaz> SpamapS: that's ok - let me know if you have some questions
<MrPicard> Hey guys
<MrPicard> ive got a rackspace cloud server
<MrPicard> im trying to configure ubuntu to work with the server and run ebox on top
<bventura> hello!  I'm setting up a mail server with ubuntu and am wondering what the deal is with DKIM/DomainKeys.  I want to do everything I can to get my mail through to yahoo users.  Do I need to implement both DKIM AND DomainKeys?  Or is DKIM the new way of doing it, and DomainKeys obsolete?  From what I've read online so far it seems unclear as to which one to use or if I need both
<ScottK> bventura: Yahoo! is rolling out DKIM and will retire DomainKeys.  I'd just worry about DKIM for something new.
<LowValueTarget> im running an apt-mirror and im checking the logs every few days. I see something that says 959.3MiB can be freed.... run clean.sh
<LowValueTarget> i run clean sh
<LowValueTarget> and it says removing 260 unnecessary files..... done. but it doesnt seem to be removing them.
<bventura> ScottK: thanks.
<bventura> if you have a link to where you found that info on yahoo i'd appreciate it
<guntbert> LowValueTarget: as what user are you running it? always the same one?
<ScottK> bventura: I've worked on DKIM development.  In the community there I'm active in it's common knowledge.  I can't give you a specific link, although I'm sure it's public information.
<bventura> ok
<qman__> so, I had a NIC fail in a server, and I replaced it
<qman__> and in order to make the new NIC be eth0, I removed the old line in /etc/udev/rules.d/70-persistent-net
<qman__> but it's not giving the new one a name
<qman__> how do I force detection of new cards?
<qman__> it shows up in lspci
<qman__> this is a hardy server, btw, 8.04.4
<Scunizi> I've just turned on my server after several days of being off and it has no connectivity to the network.  ifup & down don't resolve the issue.. double checked wires and routers with no results.. before I go changing the nic what else can I test?
<Scunizi> qman__: what does ifconfig say?
<qman__> ifconfig doesn't see it
<qman__> nothing in dmesg either
<Scunizi> what does lspci call it?
<qman__> Intel corporation 8-something gigabit adapter
<qman__> 82574L
<Scunizi> qman__: was the original nic built into the motherboard?
<qman__> yes, nforce 4, using the forcedeth driver
<qman__> I turned it off in the BIOS
<Scunizi> try sudo lshw .. in the resulting output it will show the logical name for the card.  Even with the internal turned off it might be named eth1 or something
<qman__> it's not getting one
<qman__> lshw says it's unclaimed
<qman__> that's the function I'm trying to find, how to have it detect and assign one
<qman__> I know it normally does that automatically but for some reason it isn't
<Scunizi> that's strange.. it should automatically discover and assign a logical name
<Scunizi> maybe try a different pci slot?
<qman__> it's PCI express, I could, but that'd be a waste of an x16 slot for an x1 card
<qman__> and it is clearly getting detected
<qman__> just not configured
<qman__> hmm
<qman__> google hints that maybe that card isn't supported with hardy's e1000 driver
<Scunizi> qman__: possible.. you're still on hardy huh?  What's the content of /etc/network/interfaces?
<qman__> just a normal single interface, eth0, with a static IP
<Scunizi> although this is a slackware post it might shed some light on it. http://www.linuxforums.org/forum/slackware-linux-help/63049-detecting-network-card.html
<qman__> https://bugs.launchpad.net/ubuntu/+source/linux/+bug/513292
<uvirtbot> Launchpad bug 513292 in linux "Heron LTS 8.04.3 and 20100126's 8.04.4 don't support Intel 82574L NICs" [Medium,Fix released]
<qman__> no workaround was posted, so it looks like the only fix is to compile the new driver from source
<qman__> which should be an interesting trick without network connectivity
<qman__> I don't think that machine has build-essential on it
<Scunizi> ouch.. or look in packages.ubuntu.com for the driver?
<mathiaz> ccheney: hey - what's the status of bug 566793?
<uvirtbot> Launchpad bug 566793 in eucalyptus "[SRU] euca-get-console-output gives first 64k of output, not most recent" [Medium,Fix committed] https://launchpad.net/bugs/566793
<hggdh> mathiaz: there?
<mathiaz> ccheney: IIUC the fix will be reverted in the lucid SRU you're preparing?
<mathiaz> hggdh: I hope so - otherwise something is fishy here...
<hggdh> :-) I asked before I read the backlog...
<mathiaz> hggdh: ah ok
<mathiaz> hggdh: what are you up to/
<mathiaz> hggdh: ?
<hggdh> mathiaz: is there a compelling reason for the sources.list in the test rig to all point to 10.55.55.1?
<hggdh> mathiaz: I just reinstalled topo2, after having 100% failures
<mathiaz> hggdh: which install media are you using?
<mathiaz> hggdh: the isos or the archive?
<hggdh> a locally donwloaded iso...
<hggdh> of course
<mathiaz> hggdh: if you're using the isos it's normal that sources.list points 10.55.55.1 as this is where the isos are unpacked
<hggdh> mathiaz: so I can reset them all, correct?
<mathiaz> hggdh: sure
<mathiaz> hggdh: they will just reinstall everything if you set them to on tamarind
<hggdh> oops
<hggdh> mathiaz: why?
<mathiaz> hggdh: well - I'm not sure I fully understand what you're trying to do/ask
<hggdh> mathiaz: I reinstalled from 10.04, ran some tests, and now I want to apply current fixes to 10.04
<mathiaz> hggdh: so you're testing -proposed
<mathiaz> hggdh: ?
<hggdh> yes, that's the intention
<mathiaz> hggdh: ah ok
<hggdh> and starting to change the code to add in more tests
<mathiaz> hggdh: so - you probably wanna install from the archive then
<mathiaz> hggdh: instead from the iso
<hggdh> k
<mathiaz> hggdh: (although it should be the same)
<hggdh> yes inideed. I will change the sources.list, and see what happens. Should just update
<mathiaz> hggdh: if you're installing from the archive the sources.lists should not point to 10.55.55.1
<hggdh> mathiaz: thank you
<Daviey> mathiaz: i have seen a debdiff from ccheney that fixes bug 566793
<uvirtbot> Launchpad bug 566793 in eucalyptus "[SRU] euca-get-console-output gives first 64k of output, not most recent" [Medium,Fix committed] https://launchpad.net/bugs/566793
<mathiaz> Daviey: hm - fixes?
<hggdh> it's in his branch
<mathiaz> Daviey: my understanding was that the patch was actually reverted
<Daviey> i haven't tested it, but he did have a debdiff ready IIRC
<Daviey> hmm
<mathiaz> Daviey: https://code.launchpad.net/~ccheney/ubuntu/lucid/eucalyptus/lucid-sru
<mathiaz> Daviey: https://launchpad.net/ubuntu/+source/eucalyptus
#ubuntu-server 2010-06-05
<mathiaz> Daviey: https://code.launchpad.net/~ccheney/ubuntu/lucid/eucalyptus/lucid-sru/+merge/26839
<mathiaz> hggdh: which bug are you trying to verify?
<hggdh> mathiaz: no bug right now, just trying to keep in sync
<hggdh> and, after ccheney's SRU makes it into proposed, I will test it again
<mathiaz> hggdh: ok - so we're going to upload version of eucalyptus in -proposed
<mathiaz> hggdh: awesome
<lewq> Hey. I'm having real trouble with a 10.04 server I've installed on /dev/sdb, with a data drive on /dev/sda. I told the installer to install grub2 on /dev/sdb and the BIOS to boot straight off that disk. Grub booted the first time, I installed some updates (possibly a new kernel / grub loader, not sure) and upon reboot, I get "error: out of disk". following http://superuser.com/questions/89307/grub2-error-out-of-disk gives me "error: out of disk" when I tr
<lewq> y and do step 5, ls /boot/. Any ideas? It's gone midnight and I'm in the data centre tearing my hair out!
<aj_____> >	Hi I am currently having a problem with creating a new user in ubuntu server 10.04, when ever I create a new user their terminal will open and then immediately close.
<aj_____> any suggestions
<ScottK> How did you create the new user?
<ChmEarl> lewq, boot your box with live CD like knoppix or puppy. Hose the shitty grub2 and use puppy's grub 0.97 and write a menu.lst in classic style
 * ccheney back
<aj_____> sudo adduser
<ScottK> ChmEarl: Please don't give advice to do stuff that's totally unsupported by the distro unless you plan to provide follow on support to the people that do it.
<ChmEarl> lewq, ScottK booya
<ccheney> mathiaz, should i upload to proposed or will whoever reviews it do that?
<ScottK> aj_____: What was the exact full command you used.
<aj_____> sudo add user --system calvin
<aj_____> then i added calvin to the admin group
<ccheney> mathiaz, for 566793 we are waiting on scott to fix it properly :)
<ScottK> aj_____: You don't want a normal user to be a system user.
<aj_____> how do I create a second system user then?
<ScottK> If it's for an actual human user, it's not a system user.
<ScottK> System users are used by different programs.
<aj_____> ok so if I just put adduser calvin it will work
<mathiaz> ccheney: ok - I'd suggest to upload to -proposed once the SRU reports are properly written
<mathiaz> ccheney: I've a note to the review on the bzr merge proposal
<ScottK> aj_____: You already have a user calvin at this point.  Simplest probably to remove it and then add it again.
<ccheney> mathiaz, ok
<aj_____> ok thanks
<ccheney> anyone happen to know what does the mapping from public ip to internal ip in eucalyptus, it seems that is what is causing the problem on my box, the internal ip 172.x dhcp server seems to be working fine
<qman__> hmm
<qman__> anyone know where I can get libc6-dev_2.7-10ubuntu5?
<qman__> the latest is 10ubuntu6, but my server wants 5
<uvirtbot> New bug: #589945 in php5 (main) "php5-cgi crashed with SIGSEGV in zend_objects_store_del_ref_by_handle_ex()" [Medium,New] https://launchpad.net/bugs/589945
<qman__> it also needs linux-libc-dev_2.6.24-27.69_amd64.deb
<qman__> ah, found them in a hardy-proposed location on launchpad
<uvirtbot> New bug: #589953 in php5 (main) "php5-cgi crashed with SIGSEGV in _zend_mm_free_canary_int()" [Medium,New] https://launchpad.net/bugs/589953
<uvirtbot> New bug: #589954 in munin (main) "munin-graph crashed with SIGSEGV in Perl_sv_clean_objs()" [Undecided,New] https://launchpad.net/bugs/589954
<qman__> gah, still can't get those drivers to compile
<qman__> looks to be https://bugs.launchpad.net/ubuntu/+source/linux/+bug/233950
<uvirtbot> Launchpad bug 233950 in linux "No rule to make target 'asm-offsets.c' during make modules_prepare" [Undecided,Incomplete]
<neo_> I am writing some of document, It's about linux and network. if you have interest to read it. please go to http://netkiller.sourceforge.net/
<CppIsWeird> trying to install ubuntu-xen-server package on 10.04 it tells me that xen-tools package cannot be found.
<neo_> may be xen package is too old.
<neo_> why not, trying to install KVM.
<CppIsWeird> may be some monkey threw a bannana at the ubuntu repo server thus deleting the package from existance.
<neo_> I think the KVMãis better then Xen
<CppIsWeird> i am happy that you are able to form an opinion. this makes the human race look better.
<CppIsWeird> though i guess i should use the word species.
<MTecknology> What is an ideal use for Amazon EC2?
<CppIsWeird> porn.
 * ball snorts
<CppIsWeird> MTecknology, what kind of question is that? You have some free EC2 time you wanna burn or something?
<MTecknology> CppIsWeird: It was a question of curiousity - which was asked under the intention of getting a meaningful response
<ball> MTecknology: Isn't that a hosted computer (or virtual computer) that's on-line somewhere?  Perhaps you could use it as an off-site backup.
<ball> ...or for porn.
<CppIsWeird> well, a meaningful response is anything.
<CppIsWeird> it is a remote instant computer with virtually unlimited resources that can do anything a computer at your feet can do, only a million times more.
<ball> That sounds handy.
<ball> I should get me one of those.
<CppIsWeird> the only limitation is your imagination and pocket book.
<MTecknology> ball: nah- they charge you based on how much you use - I've been trying to figure out if I want to host some of my services on it and if so - which parts
<CppIsWeird> well you can hire me as a consultant. smartass remarks do not cost extra.
<ball> So it's one of those things that's available if you need it (or if you think you might need it).
<ball> ...but can be safely ignored otherwise.
<CppIsWeird> ball, yep.
 * ball goes back to trying to remember how to use rsync
<CppIsWeird> MTecknology, if you feel like testing without paying you can set up a private cloud with just one computer, or if you really feel like it, you can set it up in a virtual machine then test out loading virtual services.
<MTecknology> afaik - you need to deploy a certain image - and then script the installation of the rest of the services - then you can easily deploy a new instance of something
<CppIsWeird> any virtual machines you make in ubuntu enterprise cloud are compatible with EC2
<MTecknology> CppIsWeird: does unlimited also refer to say unlimited bandwidth?
<CppIsWeird> like i said, the only limitations are your imagination and your wallet.
<ball> I considered Ubuntu for a project that I was working on earlier this year.  That could have been called a "private cloud" I suppose, if I were into buzz-words.
<GhostFreeman_> Having issues booting into Ubuntu after updating from 8.04 to 10.04
<ball> I got frustrated in the end and scrapped the project.  Couldn't find a good way to build a high-availability system from two discrete servers.
<GhostFreeman_> Anyone know a good starting point for "Gave up waiting for root device"
<CppIsWeird> what is a "high-availability system"
<MTecknology> CppIsWeird: so if you hosted a drupal website there that got say 200 hits per month - how much would you say that would cost?
<MTecknology> 'basic blog site'
<CppIsWeird> http://aws.amazon.com/ec2/pricing/
<ball> CppIsWeird: In our case, something that appears (to the end users) as a single machine and doesn't go away when one server fails.
<CppIsWeird> MTecknology, imho EC2 would be overkill for a blog site.
<CppIsWeird> just go get a virtual web host for like $5 a month for that.
<CppIsWeird> their everywhere
<MTecknology> CppIsWeird: that's the part that confused me - sometimes it reads like you pay for only the resources you use - and sometimes it sounds like you pay for the server itself
<CppIsWeird> *they're
<CppIsWeird> as far as you know, there is no server.
<CppIsWeird> you pay for resources.
<MTecknology> so how do you set things up?
<MTecknology> if there's no server
<MTecknology> (from your view)
 * ball ponders
<CppIsWeird> http://www.youtube.com/watch?v=bBajLxeKqoY
 * CppIsWeird clicks the "that was easy" button
 * ball can't play YouTubes
<CppIsWeird> sucks for you.
 * ball shrugs
<ball> I'm giving serious thought to frying up some shrimp.
<CppIsWeird> sounds good
<ball> ...or perhaps making some mushroom toasties
<CppIsWeird> hot sauce or coconut?
<MTecknology> http://dpaste.com/203386/
<ball> Onion sauce, possibly.
<MTecknology> I win :D
<ball> I wonder how tall a Shorty is.
<CppIsWeird> I wonder wtf MTecknology is talking about
<MTecknology> CppIsWeird: i won free money
<CppIsWeird> i see
<MTecknology> CppIsWeird: you check the headers?
<CppIsWeird> nigeria
 * ball snorts
<ball> Back shortly, toasties.
<CppIsWeird> damn it, i wanted shrimp
<ball> I'll put the shrimp in to marinade.
<ball> Eat those tomorrow.
<CppIsWeird> fair enough
<MTecknology> how do you turn off that annoying music in youtube that they seem to attack to every single video?
<CppIsWeird> you're an idiot.
<MTecknology> perhaps
<CppIsWeird> easy. know that cord that plugs into the wall from your computer?
<CppIsWeird> that is the source of the music.
<CppIsWeird> cut the cord and there will be no more music.
<CppIsWeird> i would unplug it first before i cut it.
<MTecknology> alrighty! killed that music..
<CppIsWeird> must be using a laptop.
<MTecknology> of course
<MTecknology> I only own one system
<CppIsWeird> job hunting sucks. :(. im having to update my resume from like 3 years ago
<CppIsWeird> compiling stuff from source takes FOREVER
<MTecknology> that's why i stopped using gentoo
<MTecknology> and the general bloat with it..
<MTecknology> We're just about to start searching for someone to hire
<GhostFreeman_> CppIsWeird: I got my last job interview from my LinkedIn page
<ball> MTecknology: to do what?
<CppIsWeird> GhostFreeman_, interesting
<MTecknology> ball: web development
<CppIsWeird> i have a linked in page but no links :P i'm lazy when it comes to social networking
<GhostFreeman_> I just deleted my twitter profile
<GhostFreeman_> My willpower is nothing
<MTecknology> zomg - miley deleted hers!
<GhostFreeman_> >i care
<MTecknology> :P
<ball> I don't enjoy Web development
<ball> Alright, I'll be back later.
<GhostFreeman_> MTecknology where is the position at
<MTecknology> GhostFreeman_: sioux falls, sd - i'm not sure if we can go much wider right now - for tax and insurance (not sure we can afford it)
<GhostFreeman_> Ok
<GhostFreeman_> I can't move to SD at the moment
<GhostFreeman_> so i'll decline
<GhostFreeman_> Atlanta is as close as i'm willing to move
<MTecknology> what kind of web dev do you do?
<GhostFreeman_> RAD web development in PHP or Ruby
<MTecknology> you ever use drupal?
<GhostFreeman_> Yes, i'm actually fighting with this dinky old ProLiant just so I can do some Drupal work for a friend
<MTecknology> like- in depth - such as building in authentication witha  kerberos mentality?
<GhostFreeman_> Haven't done Kerberos, I did have to write a lot of order process code for a electrical supply company
<CppIsWeird> i did not have fun with drupal
<GhostFreeman_> Drupal is like getting crucified
<CppIsWeird> writing custom modules was a pain in the...
<qman__> so, I'm getting a bit desperate, and I'm thinking about installing a lucid kernel on my hardy server
<qman__> is this a very bad idea?
<MTecknology> not kerberos itself - just that mentality - where drupal is the kerberos server
<MTecknology> qman__: why?
<MTecknology> yes - it is a bad idea
<qman__> e1000 driver in hardy doesn't support my NIC
<qman__> and all attempts to compile the driver have failed
<qman__> I've been messing with it for over five yours
<qman__> hours*
 * CppIsWeird is still compiling...
<MTecknology> heh... that's nothing
<qman__> I can't update/upgrade the server because it can't get online
<qman__> the onboard NIC failed, and the replacement won't work
<MTecknology> I spent >300 hours getting my kernel 'just right' - or close to it - and that's not including compile time
<GhostFreeman_> So are we back to "Ubuntu Server Support," because while I enjoyed the segue I really need to get this machine headless again or I will go insane
<qman__> I don't mind upgrading the rest of the system to lucid, I just need to get it online in order to do that
<MTecknology> boot to a live cd and chroot
<GhostFreeman_> The problem is that on startup, it throws that "ALERT! /dev/mapper/ubuntu--server-root does not exist" error, drops me to the initramfs shell, and I have to fumble to find the monitor cable to exit out of it to finish booting
<GhostFreeman_> i'm looking in /dev/mapper and there's said directory there
<qman__> according to the deps, there's no obvious reason the new kernel shouldn't work, but I guess a live environment is worth a try first
<MTecknology> GhostFreeman_: with the two hyphens in both?
<GhostFreeman_> yes MTecknology
<GhostFreeman_> just to clear the air
<MTecknology> GhostFreeman_: pastebin /etc/fstab
<GhostFreeman_> the server is a Compaq ProLiant ML330
<GhostFreeman_> ok give me a moment
<MTecknology> qman__: you just need a driver in the newer kernel?
<qman__> yes, but I can't get it to compile
<qman__> on the old kernel
<qman__> or any kernel, for that matter
<MTecknology> it's probably not woth the effort to go that way
<qman__> the newer kernel comes with the newer version
<MTecknology> grab systemrescuecd - if you have 32 bit type 'rescue32' else 'rescue64' for 64 bit - iirc
<MTecknology> then when you get booted up - get networking working - probably dhclient eth0
<GhostFreeman_> MTecknology: http://pastebin.com/VCsKS2VC
<qman__> and just chroot, do-release-upgrade?
<GhostFreeman_> >chroot
<GhostFreeman_> oh wait changing directory
<qman__> I'll be sure to image the disk first
<CppIsWeird> does ubuntu have a zlib lib and headers package or do i have to install that from source?
<MTecknology> then mount everything to (say /mnt/ubuntu) - make sure to mount -o bind /tmp /mnt/ubuntu/tmp && mount -t proc none /mnt/ubuntu/proc
<MTecknology> then when you mount everything - cp -L /etc/resolv.conf /mnt/ubuntu/etc/
<qman__> vaguely familiar from back when I was using gentoo
<MTecknology> then... chroot /mnt/ubuntu /bin/bash
<MTecknology> then..... do-release-upgrade
<qman__> ok, sounds like a plan
<MTecknology> THEN!..... reboot
<qman__> because what I've been doing is going nowhere
<MTecknology> qman__: before you launch chroot - could you pastebin 'mount' for me to check over?
<qman__> not exactly, can't SSH
<qman__> but there's three partitions
<qman__>  /, /boot, /home
<qman__>  /home is a RAID device, md0
<MTecknology> ok - just make sure to mount /, /boot, /tmp, /proc (in the chroot) [as described]
<qman__> home shouldn't matter for this
<MTecknology> nah
<MTecknology> you'll only be root
<MTecknology> oh.. when you become root - consider 'source /etc/profile'
<qman__> which is good, because that's where the important data is
<MTecknology> yup - no reason to touch home for this
<MTecknology> GhostFreeman_: pastebin 'ls -l /dev/disk/by-uuid/'
<qman__> now if only I could find my systemrescuecd
<GhostFreeman_> MTecknology, do you OK
<GhostFreeman_> ok
<MTecknology> qman__: if you can't find it - it's probably out of date :P
<MTecknology> not that it matters... you only need the 64/32 bit kernel for a little bit
<GhostFreeman_> MTecknology: http://pastebin.com/DyUChMqp
<MTecknology> GhostFreeman_: and... 'ls -l /dev/mapper/'
<MTecknology> qman__: just carefully follow what i wrote - you'll be perfectly fine :) - enjoy
<GhostFreeman_> MTecknology: http://pastebin.com/536JLe5g
<MTecknology> odd
<GhostFreeman_> yeah
<GhostFreeman_> I was thinking this might be an issue in grub but I don't know
<MTecknology> lvm sits on sdb1?
<GhostFreeman_> to clear the air, this was an update from 8.04 LTS
<GhostFreeman_> is it possible LVM settings did not migrate from 8.04 to 10.04
<MTecknology> lvm sits on sdb1?
<qman__> yeah, it's got an older kernel than hardy
<qman__> doesn't detect the NIC
<GhostFreeman_> That's my guess, I installed Ubuntu to use LVM by default
<MTecknology> systemrescuecd has a pretty new kernel in it..
<GhostFreeman_> how could I check?
<MTecknology> vg*
<CppIsWeird> ok, every zlib tar.gz from every mirrior i get is failing to uncompress because of crc errors.
<qman__> yeah, I'm downloading the latest one
<MTecknology> CppIsWeird: bad network?
<CppIsWeird> shouldnt be...
<CppIsWeird> ive downloaded other things and unpacked them
<MTecknology> CppIsWeird: something with pebkac?
<CppIsWeird> unlikely
<CppIsWeird> tar xvfz file.tar.gz
<MTecknology> linky?
<CppIsWeird> http://downloads.sourceforge.net/project/libpng/zlib/1.2.5/zlib-1.2.5.tar.gz?use_mirror=softlayer
<GhostFreeman_> MTecknology: How should I go about checking to see where LVM is located?
<MTecknology> GhostFreeman_: vg<tab><tab>
<GhostFreeman_> ok
<qman__> thanks for the help, I'm feeling a lot better about this
<qman__> it was really driving me up a wall
<qman__> this is what I get for spending the extra money on an intel NIC
<qman__> a rosewill realtek probably would have just worked out of the box
<GhostFreeman_> I got the command "vgcfgbackup" and the output is here http://pastebin.com/YdXXfnhw
<MTecknology> CppIsWeird: heh....
<MTecknology> CppIsWeird: f=etwcebrypwekahejt;echo ${f:8:1}${f:0:1}${f:5:1}${f:11:1}${f:12:1}${f:3:1}
<CppIsWeird> wtf is that?
<a3ist> substring removal
<MTecknology> a3ist: hush ;)
<a3ist> :P
<CppIsWeird> fine, what am i doing wrong?
<a3ist> its like being back in programming class
<MTecknology> CppIsWeird: idk - wfm
<MTecknology> a3ist: that was fun :)
<qman__> hopefully the upgrade works smoothly, otherwise I'm rather hosed
<a3ist> Slightly mean
<a3ist> but still funny
<qman__> fresh install and reconfigure all the services
<MTecknology> qman__: sounds painful - btdt
<MTecknology> somebody else in the world is likely struggling the exact same - without irc
<MTecknology> that pour sool
<qman__> yeah
<MTecknology> a3ist: btw.... I at one point made a complete sentance like that..
<qman__> I was screwing around googling outdated package versions and loading them on with a flash drive
<qman__> modifying makefiles, even patched a kernel source trying to get those stupid drivers to compile
<qman__> nothing doing
<a3ist> there's a lot of coding homework type problems out there with obfuscated text
<CppIsWeird> MTecknology, do you know what im doing wrong?
<MTecknology> not surprising that a module introduced in a later kernel couldn't be backported
<qman__> it was complaining about autoconf files not being there, even though they were there
<a3ist> anyone familiar with xinetd that can tell me how multiple only_from sources can be set for a service?  Are they comma delimited?  Double quoted?
<MTecknology> CppIsWeird: wget http://downloads.sourceforge.net/project/libpng/zlib/1.2.5/zlib-1.2.5.tar.gz?use_mirror=softlayer; tar zxf zlib-1.2.5.tar.gz
<MTecknology> CppIsWeird: that worked
<qman__> I'm not a programmer, but I do know a thing or two about compiling software
<MTecknology> qman__: backports suck..
<qman__> but that one, just couldn't figure it out
<MTecknology> especially in non-backportable kernel drivers :P
<CppIsWeird> ok, well it doesnt work for me for whatever reason. i've used multiple mirrors. and i've downloaded other files, why would this one file keep coming to me corrupt. doenst make sense.
<MTecknology> you're only other option would be to grab an upstream kernel build for hardy which is probably pretty old at this point
<MTecknology> you try on a different computer?
<qman__> between the holiday, UPS guy not showing up, and this, the server's been down for over a week
<CppIsWeird> eh, thats too much work
<qman__> ok, new systemrescuecd downloaded
<MTecknology> CppIsWeird: curl -0 http://downloads.sourceforge.net/project/libpng/zlib/1.2.5/zlib-1.2.5.tar.gz?use_mirror=softlayer | tar -zx
<MTecknology> qman__: g'luck
<GhostFreeman_> MTecknology, have you had a chance to see my vgcfgbackup output?
<MTecknology> !vg
<MTecknology> !lvm
<ubottu> Tips and tricks for RAID and LVM can be found on https://help.ubuntu.com/community/Installation/SoftwareRAID and http://www.tldp.org/HOWTO/LVM-HOWTO - For software RAID, see https://help.ubuntu.com/community/FakeRaidHowto
<MTecknology> !vg is <alias>lvm
<MTecknology> GhostFreeman_: check out those links
<GhostFreeman_> ok
<MTecknology> GhostFreeman_: It's been a long time and i probably can't help w/o doing the same searches as you - you need to check that your volumes and volume groups are still intact
<GhostFreeman_> Would it just be easier for me to reinstall 10.04 scratch without LVM?
<GhostFreeman_> I'm not that far into this client's work to be set back by a fresh start
<MTecknology> it's up to you
<GhostFreeman_> Well, i'm already burning an install CD so
<GhostFreeman_> I need to understand LVM someday, but it's a matter of how much time i'm willing to commit to this project so
<MTecknology> lvm is easy once you've done it a couple times
<GhostFreeman_> yeah
<GhostFreeman_> Thanks for your help though
<GhostFreeman_> Now if there was a way I could install 10.04 over SSH even better
<GhostFreeman_> or at least control the install via SSH
<MTecknology> you can..
<GhostFreeman_> Is that something that can be enabled at installer setup?
<MTecknology> no
<GhostFreeman_> !install via ssh
<ubottu> Error: I am only a bot, please don't think I'm intelligent :)
<MTecknology> it's not something to play with when things aren't workin to begin with
<GhostFreeman_> Ok, i'll just use a monitor
<tech404> I'd like to have some basic power management on a server at home to keep the power use and heat down at my house. It's headless so I'd like to keep unneeded resources off of it. I don't need hibernation at all and suspend would probably never be used either. What are some good minimal packages to support dynampic cpu freq and maybe harddrive spindown? I assume acpid but acpi-support seems to have a lot of bloat.
<CppIsWeird> MTecknology, what version of tar do you have?
<MTecknology> tar (GNU tar) 1.22
<CppIsWeird> ty
<MTecknology> qman__: how's it going?
<CppIsWeird> MTecknology, https://bugs.launchpad.net/ubuntu/+source/gzip/+bug/524366
<uvirtbot> Launchpad bug 524366 in gzip "Regression: CRC error an i386" [Undecided,New]
<MTecknology> CppIsWeird: nice to know
<ruben23> hi guys whats the fastest and most realiable to fins a file on my ubuntu-server..?
<ruben23> find i mean
<MTecknology> fallous: locate
<MTecknology> ruben23: *
<Nonpython> I have set up apache2 with 2 virtual hosts, but the first one (trueblogtales.com) does not work at all, just having 404 for everything, and the second one (staringintothevoidpointer.com) serves the stuff for trueblogtales.
<Nonpython> Help me!
<CppIsWeird> find / -name porn_i_lost
<ruben23> MTecknology:ive done it it doesnt display
<a3ist> anyone know if a client on a lan with an ubuntu server box can connect to an xinetd-spawned vnc4server without using ssh to tunnel in first?
<MTecknology> ruben23: did you run sudo updatedb?
<MTecknology> a3ist: should be able to use vnc4viewer
<MTecknology> !patience | Nonpython
<ubottu> Nonpython: Don't feel ignored and repeat your question quickly; if nobody knows your answer, nobody will answer you. You can search https://help.ubuntu.com or http://ubuntuforums.org while you wait.
<Nonpython> I have set up apache2 with 2 virtual hosts, but the first one (trueblogtales.com) does not work at all, just having 404 for everything, and the second one (staringintothevoidpointer.com) serves the stuff for trueblogtales. Please help.
<a3ist> MTecknology: Does it have to be vnc4viewer to spawn a vnc4server via xinetd?  Two of the clients are OSX boxes with chicken of the vnc
<ruben23> MTecknology: im on root
<ruben23> hi there i have directory, as i ls command i can see to many file and found ruben_011_series file numbered form 100-1000, but when i locate ruben, and find ruben- its not displaying anything, means ti not finding the file, even though ruben is there
<MTecknology> ruben23: man find; man locate
<a3ist> at this point I'm probably just going to write up a script for the clients to tunnel vnc over ssh using pubkey authentication; my overall goal is to keep it as easy as possible for the two mac users, who wouldn't be comfortable with CLI tasks.  Which explains why they prefer macs and I'm gettin them started with ubuntu gnome environments as a transition :)
<MTecknology> a3ist: vnc is bad - you should use something else - just fyi ;)
<a3ist> already got them using openoffice for a while now, next step is gimp; to get their business shifted over to FLOSS
<a3ist> its only on lan, not from external
<a3ist> if I'm logging in remotely I'm doing so over ssh and using just the shell
<ScottK> MTecknology: Just saying X is bad without saying why or offering an alternative isn't particularly useful.
<MTecknology> ScottK: sorry - also arguing with my fiancee on the phone....
<MTecknology> there's freenx and others that offer MUCH greater security and are usually faster
<ScottK> OK.  Probably better just to have one argument at a time then.
<a3ist> I'm assuming he was referring to VNC protocols sending data in the clear, but it shouldn't be a problem over a closed lan
<MTecknology> a3ist: it's really easy to listen to traffic across lan's - sometimes
<a3ist> Freenx sounds interesting, I'll check it out
<MTecknology> !freenx
<ubottu> FreeNX is advanced remote desktop technology. For more information and install instructions, see https://help.ubuntu.com/community/FreeNX
<a3ist> In addition, the macs are connected via ethernet and not wireless; the only wireless client is my laptop I'm on right now running fedora 13 and using wpa and ssh
<ScottK> Assuming the LAN is reasonably firewalled, I think your assumption is correct.
<MTecknology> gotta go... :(
<a3ist> He's getting kill -9'd by the fiancee
<a3ist> Thanks for the tips MT
<qman__> gah
<qman__> everything was going fine, but then the console locked up solid mid-upgrade
<CppIsWeird> :))
<qman__> I don't know if it's a software bug or another hardware failure
<CppIsWeird> sry.
<CppIsWeird> how long has it been locked?
<qman__> about five minutes
<qman__> can't change ttys, numlock doesn't turn on/off
<CppIsWeird> yeah, locked.
<CppIsWeird> i would guess some sort of hardware conflict at least
<qman__> well, it could have crashed the framebuffer
<qman__> the upgrade is taking place inside a chroot from systemrescuecd
<CppIsWeird> then it sounds like you know more than me
<qman__> but in either case
<qman__> it halted
<qman__> and I don't know how that's going to affect the upgrade
<CppIsWeird> eh, crashing mid upgrade is not wise, but not always harmful. depends on the package.
<CppIsWeird> ive crashed there before and been fine
<qman__> it had already installed the new kernel and got past grub and most of the services
<qman__> I have to guess it was near the end
<qman__> I don't really know enough about how the upgrade process works, maybe it'll leave the unconfigured packages flagged
<qman__> it should have enough to boot
<qman__> oh well, worth a shot
<qman__> excellent, it worked
<qman__> reset, sudo dpkg --configure -a, upgrade resumed
<CppIsWeird> nice
<CppIsWeird> thats right
<CppIsWeird> i remember that now
<qman__> the video output looks fine, so it must have been a software thing
<qman__> I had a video card die in a server before, it wouldn't even boot back up
<MTecknology> qman__: hey-back
<MTecknology> I've seen upgrades to 10.04 crash - never found any consistency... but always seemed to be the same issue :S
<MTecknology> qman__: is it finishing up?
<qman__> I figured it was setting up console-fonts or something similar
<qman__> and possibly the host system and the chroot got into it over the framebuffer
<qman__> that command got it going again, seems to be doing fine
<MTecknology> yay
 * MTecknology runs off again - yay... :(
<fallous> locate?  homey ain't no bot ;)
<qman__> it worked, the system is back online
<qman__> torrentflux is broken, but I expected that
<qman__> everything else works
<MTecknology> qman__: ya
<MTecknology> qman__: i can now go to sleep :)
<MTecknology> g'night
<MTecknology> s/ya/yay
<MTecknology> s/\s\/ya\/yay/\s\/ya\/yay\//
<MTecknology> or something like that...
<GhostFreeman_> Well, I tried a reinstall of 10.04 with and without LVM and i'm still encountering that kickback to busybox error
<GhostFreeman_> I think its time I went to the forums about this
<incorrect> is there a package i can install that will check the health of my hdd's ?
<uvirtbot> New bug: #590060 in postfix (main) "package postfix 2.7.0-1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 75" [Undecided,New] https://launchpad.net/bugs/590060
<uvirtbot> New bug: #584943 in dbconfig-common (main) "Problem with a password containing space char" [Undecided,New] https://launchpad.net/bugs/584943
<uvirtbot> New bug: #589880 in chkrootkit (main) "hangs on step checking aliens" [Undecided,New] https://launchpad.net/bugs/589880
<mohammad6006> my package installer not closed what can i forced to close a windows in ubuntu?
<uvirtbot> New bug: #589069 in postfix (main) "package postfix 2.6.5-3 failed to install/upgrade: subprocess installed post-installation script returned error exit status 75" [Undecided,New] https://launchpad.net/bugs/589069
<mohammad6006> my package installer not closed what can i forced to close a windows in ubuntu?
<uvirtbot> New bug: #581844 in clamav (main) "package clamav-milter 0.96 dfsg-2ubuntu1.2 failed to install/upgrade: le sous-processus script post-installation installÃ© a retournÃ© une erreur de sortie d'Ã©tat 1" [Undecided,New] https://launchpad.net/bugs/581844
<uvirtbot> New bug: #590034 in vsftpd (main) "vsftpd default configuration may be susceptible to DoS" [Undecided,New] https://launchpad.net/bugs/590034
<diago1> I'm setting up KVM and would like to use NFS to store the guest images. Does anyone have any opinions on this? I have been reading about creating an iSCSI target as well.
<uvirtbot> New bug: #590104 in whois (main) "ace domain format not allowed for .de nameservers" [Undecided,New] https://launchpad.net/bugs/590104
<KurtKraut> I have a small computer network (5 PCs running Ubuntu). How can I unify logins, passwords and home folders? OpenLDAP seems quite 'rocket science' for such a small job.
<uvirtbot> New bug: #590111 in whois (main) "Please merge whois (5.0.5) main from debian unstable" [Undecided,New] https://launchpad.net/bugs/590111
<KristianDK> How do i give apache access to a file, in a users directory without giviing other users access to it?
<yowlst> external controller and serverA has multiple disk as raid1, can serverB access to serverA and see md0, md1 etc..   ?
<yowlst> sorry
<yowlst> hi, if i attach 2 server with sas external controller and serverA has multiple disk as raid1, can serverB access to serverA and see md0, md1 etc..   ?
<remix_tj> KristianDK: give access to the www-data group
<KristianDK> remix_tj, what do you mean? to the directory?
<KristianDK> like changing the owner of the directory
<remix_tj> to the dir or the file you want to
<KristianDK> remix_tj, ok, i will just try it
<KristianDK> remix_tj, did chown username:www-data directory -R and chmod 0740 directory
<KristianDK> remix_tj, and it doesnt work
<KristianDK> chmod was recusive too *
<remix_tj> KristianDK: is your dir under an apache documentroot?
<KristianDK> remix_tj, its in /home/username/config/
<KristianDK> and the dir id did the commands on what the users homedir
<KristianDK> Â¨
<remix_tj> but is not the documentroot
<KristianDK> what do you mean?
<KristianDK> oh
<KristianDK> no
<KristianDK> its a directory for .wsgi files
<KristianDK> so you dont want them to be under a documentroot
<remix_tj> KristianDK: you can enable the userdir module, and create public_html dir in your user's home
<remix_tj> so you can access with http://yoursite/~username/
<KristianDK> remix_tj, thats not what i need - im hosting django apps, which needs these .wsgi files to enable the users to add special parameters to their hosting
<KristianDK> like adding directories to their pythonpath or whatever
<remix_tj> ahn
<KristianDK> but the thing is, if i just make the dir chmod 777 it works
<KristianDK> so i just need to find a way to limit the access for apache only
<remix_tj> KristianDK: you should give access to all the directories in path to www-data group
<KristianDK> remix_tj, that was what i thought when i did chown username:www-data /home/username/ -R
<remix_tj> but what are /home permissions?
<remix_tj> ls -ld /home/
<KristianDK> drwxr-xr-x 5 root root 4096 2010-06-05 13:52 /home/
<KristianDK> they have global reed as i see it, so i guess it shouldnt be a problem?
<remix_tj> uhm, i think permissions are correct, you have only an apache configuration problem
<remix_tj> but i do not have idea
<KristianDK> remix_tj, but i dont get it - how come it works if i do chmod 777 /home/username/ then?
<remix_tj> maybe the wsgi file requires x privileges
<remix_tj> ah
<remix_tj> on directories you must have 750, not 640
<KristianDK> ill just give it a try, sec
<KristianDK> remix_tj, seems to work :D will just try it on a new installation where i didnt do all kind of weird things and see if it works
<WhatWhat> Hello. Is there a official documentation on how to secure a Ubuntu server running 10.04LTS?
<ScottK> The official documentation is the server guide listed in /topic.
<ScottK> It depends a lot by what you mean by secure.
<jumbers> I was browsing through my SMTP logs and noticed some logs of www-data (Apache) sending out emails and I'm not sure why it would be doing this. Is there any fairly simple way of tracking down what is causing them to be sent? It's happened a couple times and been sent to 2 addresses I'm not familiar with
<MasterZuFu> how do i install a GUI management for exim4?
<ScottK> jumbers: In the mail logs, trace it back to the first entry for the transaction and then look in your apache logs around that time.
<MasterZuFu> I found this: http://silverwraith.com/vexim/download.html but i have no idea on exactly how to install/use it
<jumbers> ScottK: Would there be anywhere that it would have logged the contents of the email?
<ScottK> jumbers: You won't find the contents in the mail logs.
<lewq> How big does /boot have to be? Is 32MB enough?
<MasterZuFu> i guess no one knows how to install this thing.
<GhostFreeman_> How do I list what groups exist on a given server installation
<ScottK> GhostFreeman_: Look at the contents of /etc/group.
<GhostFreeman_> Thank you
<MasterZuFu> I'm trying to install ebox on my server. sudo apt-get install ebox worked, if I try and run sudo apt-get ebox-all it says it can't find the package. additionally, I can't access ebox gui feature from http://myhost/ebox
<MasterZuFu> but I guess no one really cares, so crew it
<KurtKraut> MasterZuFu, what is precisely the package name apt says it can't find?
<MasterZuFu> i'm not sure to be honest. I ran sudo apt-get install ebox ebox-network and it installed a bunch of stuff and tried to install dyndns crap that i don't even need. but when i try sudo apt-get install ebox-all or sudo apt-get install ebox ebox-all it says it can't find the package
<MasterZuFu> E: Couldn't find package ebox-all
<MasterZuFu> i'll have to deal with this tomorrow. it's 2 am here and I have to get up at 6 am to go to work. I'll ask again tomorrow. Thanks for the support.
<ScottK> MasterZuFu|Bed: There is no ebox-all package in Ubuntu.
<MasterZuFu|Bed> http://trac.ebox-platform.com/wiki/Document/Documentation/InstallationGuide
<MasterZuFu|Bed> You can also install all the eBox packages:
<MasterZuFu|Bed> sudo apt-get install ebox-all
<ScottK> Then you need to talk to Ebox people about that.  We don't have such a package.
<jeeves_Moss> is there a dynamic CPU scaling program that I can toss on my backup server so it's not sucking as much power when the load is low?
<cloakable> jeeves_Moss: if your CPU supports it, the kernel can do it automatically.
<jeeves_Moss> cloakable, cool.  is there a test to see if it's working?  it just seems that the cooling fans on this box are cycling a lot.  I relize that it's a tiny antec case, but......
<cloakable> jeeves_Moss: does the CPU support frequency scaling, first?
<jeeves_Moss> cloakable, as far as I know it does.  it's a 3.0ghz Intel P4 on a higher end ASUS board
<cloakable> jeeves_Moss: install cpufrequtils
<jeeves_Moss> cloakable, ok, one sec.
<GhostFreeman_> I'm trying to get apache2 to load a website in /home/websites over /var/www with no success. What am I doing wrong?
<jeeves_Moss> cloakable, ok, installed
<GhostFreeman_> false alarm, it works now.
<cloakable> jeeves_Moss: check 'cpufreq-info'
<jeeves_Moss> kk
<jeeves_Moss> cloakable, lol, unknowen on both cores
<cloakable> jeeves_Moss: damn. Try 'sudo modprobe p4-clockmod'
<jeeves_Moss> cloakable, kk, one sec
<jeeves_Moss> cloakable, nothing
<cloakable> jeeves_Moss: try cpufreq-info again
<jeeves_Moss> cloakable, lol, there we go.  one sec
<jeeves_Moss> cloakable, http://pastebin.com/2G6DKgLc
<GhostFreeman_> I stand corrected, the issue is still there
<GhostFreeman_> It will load a static HTML document now but I can't get it to load a php document needed to install Drupal
<GhostFreeman_> if I post a pastebin, can I get some help figuring this out?
<jeeves_Moss> cloakable, ok, sorry, now I have more time to focus on this.  I was just setting up spam assian
<cloakable> jeeves_Moss: Trying to work out how to get the ondemand cpufreq govenor. :)
<jeeves_Moss> cloakable, no worries.  I'm just trying to get SA to behave.  I hate this hosting busniess.  I guess if one is going to do it, one has to learn each peice, one @ a time
<cloakable> jeeves_Moss: pretty much
<jeeves_Moss> cloakable, currently, this little box hosts all of the v-domains untill I get the new hardware into a rack in the CoLo
<jeeves_Moss> cloakable, the only reason I want it to dymaically scale is because it's sitting in my basement on top of 2 ADSL lines, and I don't feel like having her run full boar all day long.
<cloakable> jeeves_Moss: yeah
<jeeves_Moss> cloakable, you wouldn't know how to get sa-update to run once a day and work properlly?
<GhostFreeman_> here's that pastebin btw if anyone can offer to help http://pastebin.com/t9ueDfDX
<jeeves_Moss> cloakable, I think I can just make a cron job to do it
<cloakable> jeeves_Moss: cpufreq_ondemand doesn't exist in ubuntu 10.04 apparently. wtf?
<jeeves_Moss> cloakable, lol!!!!
<jeeves_Moss> cloakable, I guess it's another thing they've butchered
<cloakable> jeeves_Moss: apparently.
<cloakable> jeeves_Moss: what version are you running?
<jeeves_Moss> cloakable, let's not get started on ruby!
<cloakable> jeeves_Moss: yes, lets not
<jeeves_Moss> cloakable, hardty
<jeeves_Moss> cloakable, *hardy
<cloakable> jeeves_Moss: try 'sudo modprobe cpufreq-ondemand'
<jeeves_Moss> cloakable, nada!  just a line feed
<cloakable> jeeves_Moss: cpufreq-info :D
<jeeves_Moss> cloakable, we did that already
<jeeves_Moss> cloakable, the info shows it'll clock down to 375mhz
<cloakable> jeeves_Moss: yeah, but you should be using the ondemand governor now.
<cloakable> jeeves_Moss: what about current clock?
<jeeves_Moss> cloakable, http://pastebin.com/2G6DKgLc
<jeeves_Moss> cloakable, that's what I'm getting
<jeeves_Moss> is there a CLI that shows CPU freq in real time?
<cloakable> jeeves_Moss: it's not listing the ondemand governor. Is it modprobed properly?
<MrPicard> hi guys, i require some help, im trying to run a shoutcast server
<jeeves_Moss> cloakable, I tried the modprobe you gave me and it's not listed
<MrPicard> ill rerun the system again and provide you with the error, i know you do not support shoutcast however this may be an internal run command in unix shell
<MrPicard> or i may be missing somthing
<cloakable> jeeves_Moss: if it says nothing, it succeeded.
<jeeves_Moss> cloakable, syntax again?  I'll double check
<cloakable> jeeves_Moss: 'sudo modprobe cpufreq-ondemand'
<jeeves_Moss> cloakable, just a line feed
<cloakable> jeeves_Moss: then try 'sudo cpufreq-set -g ondemand'
<uvirtbot> New bug: #590173 in squid (main) "Error on restarting squid" [Undecided,New] https://launchpad.net/bugs/590173
<jeeves_Moss> cloakable, ok, done.  let's hope it works!  LOL
<jeeves_Moss> cloakable, ok, there we go, it shows that "on demand" and "preformance" are listed
<cloakable> jeeves_Moss: now run 'cpufreq-info' because the info should have changed. The kernel will set the cpu speed automatically depending on load.
<cloakable> jeeves_Moss: Give me a new pastebin?
<cloakable> jeeves_Moss: of the new output
<jeeves_Moss> cloakable, http://pastebin.com/SrBkNjkf
<cloakable> jeeves_Moss: "current CPU frequency is 375 MHz (asserted by call to hardware)." congratulations :)
<Error404NotFound> i have a ubuntu LAMP server serving a wordpress blog and couple of other things. Right now there are too many hits to my blog and i can't log in to my admin panel or login to mysql using commandline. any ideas?
<jeeves_Moss> cloakable, yea!!!  Thanks man.  I just hope this'll pull the power usage lower.  Once I get the Xenon rackmounts running, I'll get them to pull low like this.  I don't have a lot of amperage I can use in the rack, and I get charged overages
<cloakable> jeeves_Moss: Put p4-clockmod and cpufreq-ondemand into /etc/modules to get them to load on boot.
<jeeves_Moss> cloakable, thanks!
<cloakable> jeeves_Moss: your CPU has gone from 3000MHz to 375MHz... there will be a difference :)
<jeeves_Moss> next up.  getting SA to update, ClamAV (on e-mail, FTP, and Samba), then my webmail, etc
<jeeves_Moss> cloakable, thanks again.  I just hope this'll lower the temp in the box as well!!  she's warm, and here in Suthern Ontario, it's bloody hot outside
<cloakable> jeeves_Moss: ever touched a 375MHz cpu? ;)
<jeeves_Moss> cloakable, lol, I have a 366mhz with 32Mb of RAM acting as our NTP server and RADIUS box.
<jeeves_Moss> cloakable, it controlls all of the WiFi access points @ our stables.
<cloakable> jeeves_Moss: ever touched the cpu heatsink? :)
<jeeves_Moss> yep
<cloakable> So there you are :)
<jeeves_Moss> cloakable, mine is never under a serious load, so.....
<cloakable> jeeves_Moss: So it'll probably run at 375MHz most of the time.
<jeeves_Moss> cloakable, I know the MoBo will scale the fans, so, I just had to get the power requirements under control, and I think we did it!
<cloakable> jeeves_Moss: Whoo!
<jeeves_Moss> cloakable, I don't think I can wake up the database server that I'm building remotley (I can't remember it's MAC), otherwise, I'd test to see if she'd scare the Xenons
<cloakable> jeeves_Moss: not sure if the Xenons support cpu frequency scaling, though.
<jeeves_Moss> cloakable, I know the new ones do.  @ work, we have a rack of Dells that run VMWare, and they scale, as well as have v-moation on them.
<cloakable> jeeves_Moss: aha. Aparently p4-clockmod will work magic on them too :)
<HollowPoint> anyone know of a bug in Lucid, where after installing the LAMP server, the apache server simply tries to get you to download php files instead of viewing them in the browser as it should?
<jeeves_Moss> cloakable, sorry about that.  damn coffee shop needs to get something more stable
<MrPicard> Hi Guys, i have been setting up a shoutcast server following http://iwtf.net/2010/01/04/setting-up-a-linux-based-shoutcast-server/ however it seems when it comes to starting the service i get this come up [1] + Done(127)                  ./sc_serv ./sc_serv.conf what should i do next?
<MrPicard> i have looked at my current IP port however even this isnt accepting the connection
<jeeves_Moss> MrPicard, what do the logs say?
<jeeves_Moss> MrPicard, did you compile from source, etc?
<MrPicard> i followed that site from word by word.
<cloakable> jeeves_Moss: eh :)
<MrPicard> used the Vi editor
<jeeves_Moss> MrPicard, how did you install the server?  did you d-load the packages from APT?
<jeeves_Moss> cloakable, ok, now I'm my turn to "give back" to the community
<MrPicard> No, i used the wget command.
<jeeves_Moss> MrPicard, ok, you you installed from source.
<MrPicard> Yup the main source
<MrPicard> one secon
<MrPicard> ill paste the commands in via ubuntu paste.
<jeeves_Moss> MrPicard, are you behind a router, or direct connect to the internet?
<jeeves_Moss> MrPicard, and I'll need your IP to see if your server is up
<MrPicard> Ok sure
<MrPicard> im behind a router thats normally ok
<MrPicard> 173.203.80.84
<MrPicard> my server is running on a cloud
<jeeves_Moss> MrPicard, and you have ports 8000 and 8001 forwarded to your internal IP?
<MrPicard> Im not sure Jeeves, this has been an experiment. :D
<MrPicard> i used iptables -A INPUT -p tcp -i eth0 --dport 8000 -m state --state NEW -j ACCEPT
<MrPicard> iptables -A INPUT -p tcp -i eth0 --dport 8001 -m state --state NEW -j ACCEP
<MrPicard> but it couldnt find iptables.
<jeeves_Moss> MrPicard, that's becasue you're behind a router.  I don't think you have iptables installe.d
<MrPicard> the server its self is running on the rackspace cloud
<jeeves_Moss> MrPicard, hummmm, you need to find out how they forward ports
<MrPicard> http://paste.ubuntu.com/445229/
<jeeves_Moss> MrPicard, I'm not 100% sure how rackspace does thier firewalling.  when I nmape
<jeeves_Moss> MrPicard, I'm not 100% sure how rackspace does thier firewalling.  when I nmapped your IP, the required ports wern't open.  is there a log generated by the shotcast server?
<MrPicard> Ok
<MrPicard> is it ok to ask in the main ubuntu IRC channel
<MrPicard> and see if anyone knows there?
<jeeves_Moss> MrPicard, that'll prob be your best idea.  I'm all tapped out here.  I havn't set one up before
<MrPicard> how does one switch off the ip tables?
<ScottK> MrPicard: If you do:
<ScottK> sudo /sbin/iptables -F
<ScottK> sudo /sbin/iptables -X
<ScottK> That will remove all the active rules so iptables isn't doing anything.
<ScottK> It doesn't turn it off, but does make sure it isn't doing anything.
<qman__> don't forget to set the policies to accept
<qman__> sudo /sbin/iptables -P INPUT ACCEPT
<qman__> sudo /sbin/iptables -P OUTPUT ACCEPT
<malchias> can someone direct me to a wordpress shared hosting guide for security?   Specifically I am confused on permissions that each directory needs to be set when I set it up
<malchias> I can lock it down, but in doing so, I can't get wordpress to work.  And when it's working, it has 750 and 777, or even 644 on some files so someone could change a wordpress theme file and simply open the database connection files - how do I prevent that?
<malchias> (or worse write to it by the same manner)
<uvirtbot> New bug: #590201 in qemu-kvm (main) "OpenSolaris (previously working) no longer boots: kernel panics early" [Undecided,New] https://launchpad.net/bugs/590201
<wieshka> PROBLEM: i am doing do-release-upgrade, and it stuck at the Setting up javascript-common (6) ...
<wieshka> what are my options/best solutions
<wieshka> bump - anybody here ?
<wieshka> found solution - i killed apache2
<wieshka> before that i disabled sites running with SSL
<ScottK> How long was it stuck?
<wieshka> for 20 minutes
<wieshka> and no CPU load
<wieshka> i supouse it wanted to restart apache2
<wieshka> but i have ssl passowrd prompt
<wieshka> to stdinout
<wieshka> but script sends it to dev/null
<wieshka> i removed from sites-enebled ssl webs
<wieshka> and script after 5 sec finished proccess
<wieshka> fuck, i supouse my ffmpeg install will be replaced
<wieshka> i forgot to check out
<wieshka> now i have to find my notes to rebuild it for my needs
<malchias> Is there a recommended way to do updates?  (cron apt-get update && apt-get upgrade)
<wieshka> malchias: you mean scheduled updates ?
<malchias> yes
<malchias> is that a bad idea?
<ScottK> It is.
<malchias> so, manually check the deb security releases, and approve manually on some schedule I can live with?
<ScottK> On a server, I tend to think you should not use automatic updates.
<malchias> I can understand why, just looking for best practices
<ScottK> What I do is subscribe to the security list and then do manual updates when something is fixed that concerns me.
<Q_Continuum> I'd agree with ScottK.
<malchias> ok, cool, thak you guys
<Q_Continuum> Also on some regular basis I'd run updates, but that's just me.
<malchias> how about best practices security for wordpress installs?
<ScottK> Isn't that rather orthogonal?
<malchias> I am confused about directory permissions (what they should be to allow both wordpress to function and to be safe)
 * ScottK doesn't run it, so doesn't know.
<malchias> I'd have to look that word up
<wieshka> i am daily doing something on server via ssh
<ScottK> security and wordpress seem like contradictory topics.
<wieshka> it writes in motd if there is some updates aviable
<wieshka> if yes, i check what and deside - update or not-to-update
<Q_Continuum> I do like some of that featureset they added
<wieshka> malchias: for example now i am already spent 2 hours to migrate from jaunty to lucid
<wieshka> ok that is release upgrade
<wieshka> but still - upgrades only manually
<malchias> so, forums, etc where users can create php files - what would be the general method of securing the directories but still allow php to read/write to them - or is that simply impossible?
<malchias> for example, if I had users in /var/www/someuser/htdocs    how should I normally set the permissions for each part of that directory tree so someuser1 can't see/use/manipulate someuser2 files?
<malchias> I'm running them as someuser.www-data but people can easily create a script and if apache can read it, they can have their script read sensitive files
<MTecknology> Could one of you tell me what 'file /usr/share/gconf/defaults/ln' shows you?
<CppIsWeird> MTecknology, still interested?
<MTecknology> CppIsWeird: only slightly now - I told a guy to rm the file and then rm a different one- and things work for him now :P
<CppIsWeird> oh, ok.
<CppIsWeird> so then no.
<MTecknology> CppIsWeird: maybe not the best choice - but a cyclic symlink is kinda :S
<CppIsWeird> heh
<MTecknology> IOError: [Errno 40] Too many levels of symbolic links: '/usr/share/gconf/defaults/ln
<MTecknology> one symlink links to the other
<MTecknology> and vise versa
<MTecknology> I'm going to go get something to mash up potatoes with - bbiab
<CppIsWeird> i just started attacking compiling xen-hypervisor again. it looks like it might actually finally finish.
<MTecknology> cool
<CppIsWeird> but usually when i say that everything breaks
<CppIsWeird> what package do i need to install to install "latex"?
<CppIsWeird> well... i have a problem. after installing the xen-hypervisor, ubuntu wont boot
<coafcv> hi. if I type ssh 192.168. in my console, and then hit tab, it suggests '192.168.122.2o7.net'. This seems to be highly suspicious (note the 2o7.net). has anyone an idea how this completion could have been suggested my console?
<CppIsWeird> bill gates hacked ur box
<CppIsWeird> obviously you typed it in there, thats the only way it got there unless someone else has physical access to your machine
<CppIsWeird> i'd test it out on my ubuntu box but its currently broken. >_<
<coafcv> ...
<wieshka> hmmm i have weird problem
<wieshka> after migrating from jaunty to lucid
<wieshka> my apache error.log says
<wieshka> [Sun Jun 06 01:32:02 2010] [error] [client 95.68.67.155] File does not exist: /usr/share/javascript/jquery-1.3.2.min.js, referer: http://cms.remote3.lv/
<wieshka> why it tryis to access /usr/share ?
<wieshka> not my DOCROOT ?
<tsimpson> wieshka: see /etc/apache2/conf.d/javascript-common.conf
<wieshka> tsimpson: thx - there is the path :)
<wieshka> commented out Alias - tsimpson thx :)
<sudotux> Something happened and now ubuntu wont boot it is stuck just booting into the memtest screen how do i fix
<wieshka> or maybe better to move all javascripts to that folder
<sudotux> Something happened and now ubuntu wont boot it is stuck just booting into the memtest screen how do i fix
<coafcv> do bash consoles consult DNS servers for DNS completion when typing something like ssh half.of.a.domai ?
<wieshka> Thx everyone - my migration from jaunty to lucid has been finished succesfully, there was only problems with restoring postgresql dbases.
<wieshka> have a good night everyone
#ubuntu-server 2010-06-06
<malchias> is there a way to take over an ssh session?   I had one time out but i don't want to kill it
<wieshka> malchias: run ssh seasion by using screen command
<CppIsWeird> how do i install the server kernel on a desktop ubuntu?
<malchias> do I have to run screen ahead of time?
<wieshka> you can attach & dettach it later - depends on your needs
<wieshka> malchias: i supouse that yes
<wieshka> maybe there is some other solution
<malchias> cool - know what would cause it to drop from connections table and lose the connection in the first place (dropped: reason first packet isn't syn)
<wieshka> but i use screen by default
<wieshka> has anybody running calendarserver on ubuntu lucid ?
<wieshka> http://packages.ubuntu.com/ro/lucid/python/calendarserver
<wieshka> where the python-xml has been lost from lucid ?
<dragondon> Greetings all,  how does one stop iptables from logging every dropped connection into the system logs.  I've deleted the rule that tells it to...
<malchias> what's iptables -L say?
<malchias> (dn't paste it)
<malchias> take a look at what you r/etc/network/if-pre-up.d/iptables says, it could be loading a rule set
<MasterZuFu|Bed> can someone like, walk me through how to setup SSL on my ubuntu 10.04 server? I've followed like four tutorials and it's still not working, ended up having to take it out completely.
<ScottK> MasterZuFu: Did you check the server guide (see /topic).  I believe it's covered there.
<MasterZuFu> will do
<MasterZuFu> i've been in the room too long and no longer see /topic, and when i run "/topic" it says it's not enough parameters. could you c/p it here for me please?
<ScottK> https://help.ubuntu.com/10.04/serverguide/C/
<MasterZuFu> oh wow, thanks ScottK! :)
<wieshka> hmmm i have problems with caldavd
<wieshka> root@e3server1:/opt/CalendarServer# /etc/init.d/caldav start
<wieshka>  * Starting Darwin Calendar Server caldavd
<wieshka> Downloading memcached...
<wieshka> curl: (7) couldn't connect to host
<wieshka>    ...fail!
<MasterZuFu> Looking at this part of the configurations (I'm setting up several things at the same time here) https://help.ubuntu.com/10.04/serverguide/C/ftp-server.html. It says near the bottom about shells at /etc/shells/ this directory doesn't exit. Should it have existed during the initial instillation of the package? or do i need to create it now?
<MasterZuFu> ah, nvm, looks like a virtual directory :P
<uvirtbot> New bug: #590255 in php5 (main) "php5-cgi crashed with SIGSEGV in zval_mark_grey()" [Medium,New] https://launchpad.net/bugs/590255
<MasterZuFu> this is confusing me as far as how to create the users. it just says "add the users into this list"...but I have no idea what the actual format is supposed to be for creating users
<MasterZuFu> why the hell does everything have to be so damn complicated? I can't understand half of this crap if my life depended on it >_>
<ruben23> guys how do i extract this------> eaccelerator-0.9.5.3.tar.bz2
<wieshka> ruben23: use command tar
<colk> has anyone heard of a bug in the bnx2 driver that could cause a system to hang and lose outside connectivity with heavy traffic
<jbroome> ruben23: bunzip also
<MasterZuFu> Now PHPMyAdmin won't let me sign in. It was earlier, I have no idea what's going on. I keep getting this error now with the same username and password: #1045 Cannot log in to the MySQL server
<uvirtbot> New bug: #590275 in openssh (main) "ssh init script doesn't use the /etc/default/ssh file" [Undecided,New] https://launchpad.net/bugs/590275
<dragondon> malchias: you still here?  was busy for a bit there....
<qman__> hey, can anybody tell me what this means, and why it happened? in /proc/mdstat
<qman__>        [=====>...............]  check = 27.9% (273060480/976759936) finish=618.8min speed=18951K/sec
<qman__> the RAID was fine yesterday
<qman__> and all the disks are there
<qman__> no SMART errors, no failures
<twb> qman__: there's a monthly resync
<twb> It probably triggered recently.
<qman__> oh, ok
<qman__> never noticed it before
<twb> I freaked out when I first saw it
<twb> went out and bought some new disks
<qman__> I'm surprised I never encountered it, I've been using this type of setup for two and a half years now
<twb> Well, you'd have to look at mdstat within those 12 hours
<qman__> I check it basically daily, I've got a script that shows that and some other basic info on a web page
<twb> qman__: nagios?
<qman__> nah, just something I put together
<qman__> though I guess 12 hours a month, over 30 months
<X-Sleepy-X> So I've set up a chrooted SFTP account and now I wonder if there is any way for me to test how secure it is. I've disabled root login and changed the port number and when I log in to the account I doesn't seem to be able to go up to the parent folder but still I would like to test it more firmly.
<qman__> makes sense that I didn't see it until now
<twb> X-Sleepy-X: what release are you running?
<X-Sleepy-X> 10.04 desktop
<X-Sleepy-X> i386
<twb> Then you can use OpenSSH's built-in sftponly functionality; it's better than a manual chroot.
<X-Sleepy-X> i used openssh
<qman__> then any known possible holes in it would be all over the internet
<twb> qman__: not necessarily; Debian's entropy cock-up didn't affect OpenBSD or RHEL users, for example.
<qman__> that's true
<X-Sleepy-X> I did this in the config Match group sftp
<X-Sleepy-X>         ChrootDirectory /home/%u
<X-Sleepy-X>         X11Forwarding no
<X-Sleepy-X>         AllowTcpForwarding no
<X-Sleepy-X>         ForceCommand internal-sftp
<twb> X-Sleepy-X: ah, OK.
<qman__> amazing how long it took for that to surface, too
<twb> X-Sleepy-X: that's what I meant.
<X-Sleepy-X> yeah ok
<X-Sleepy-X> well how can i test how secure it is?
<X-Sleepy-X> and yeah i disabled root login
<X-Sleepy-X> and changed the port
<qman__> back up your data
<qman__> and try throwing some rm -rf /s at it
<X-Sleepy-X> ive put the shell to /bin/false
<X-Sleepy-X> so im not sure how to input that command... :S
<twb> X-Sleepy-X: publish the password and see if anyone breaks in? ;-)
<X-Sleepy-X> LOL
<qman__> well then there's not much you can test for
<X-Sleepy-X> so it's pretty safe?
<qman__> the only real holes you could be vulnerable to are ones in the services or main system itself
<X-Sleepy-X> ok
<X-Sleepy-X> well i guess that's a risk i'm willing to take
<qman__> and as long as you're up to date, there's not much more you can do on that front
<X-Sleepy-X> true
<X-Sleepy-X> :)
<X-Sleepy-X> no other security mesures i can add to the /etc/ssh/sshd_config ?
<twb> X-Sleepy-X: the best way to secure a service is not to run it
<X-Sleepy-X> twb: yeah, but I'm to lazy to shut it off and on
<twb> You can also disable password auth, use hashlimit/recent (or denyhosts/fail2ban), limit the set of users and the set of source addresses.
<qman__> I would say to set up something to defend against brute force attacks, but running on an alternate port pretty much covers that
<X-Sleepy-X> ok
<X-Sleepy-X> i'll look in to those things mentioned
<X-Sleepy-X> thanks for the help :D
<qman__> that alone puts you out of the target range for 90% of break-ins
<X-Sleepy-X> qman__: good to know :)
<X-Sleepy-X> now i just need to configure my php when i'm done with this...
<X-Sleepy-X> i just love using my eee pc as a server/desktop
<X-Sleepy-X> ;)
<qman__> there's lots of bots out there that scan the net for open SSH servers, and brute force them
<qman__> but they naturally only scan port 22, and only use a pretty simple dictionary attack
<X-Sleepy-X> so with a good password i should be safe from those?
<qman__> yes
<qman__> just make sure you don't have any other users allowed
<twb> So I have to enable universe for a handful of packages.
<qman__> they try stuff like root and built in accounts
<X-Sleepy-X> qman__: How do can I check if I have that or not?
<X-Sleepy-X> -od
<X-Sleepy-X> -do
<qman__> the easiest way in my opinion is to make sure any users that don't log in, don't have a shell
<twb> Can I configure pinning such that 1) updates to INSTALLED universe packages are allowed; but 2) universe packages that AREN'T installed must be explicitly requested -- apt-get install foo, where foo depends/recommends a universe package bar, will fail.
<qman__> about 15 built in accounts in ubuntu have a shell for no apparent reason
<qman__> I change them to /bin/false
<twb> qman__: those accounts should still be locked
<qman__> yes
<twb> qman__: surely OpenSSH doesn't allow logins to any account that has an :x: in shadow
<qman__> yeah, it doesn't allow that
<X-Sleepy-X> so i don't need to set them to /bin/false?
<qman__> but removing the shell adds one more layer of protection
<qman__> in case a password gets set inadvertantly
<qman__> you don't need to, I do anyway
<qman__> and it hasn't broken anything for me
<X-Sleepy-X> ok, but as long as i dont set a password for those account they are safe?
<qman__> yes
<X-Sleepy-X> well i only have two accounts
<X-Sleepy-X> my standard and the sftp
<X-Sleepy-X> with passwords i mean
<qman__> users without passwords can't log in, except if they have key-based authentication configured
<X-Sleepy-X> i haven't gotten around to start using keys yet
<X-Sleepy-X> hehe
<twb> qman__: well, system users usually have a silly $HOME
<twb> X-Sleepy-X: disabling password auth is definitely worth doing
<qman__> it's actually pretty easy to set up
<qman__> to be perfectly honest, I only set up key based auth about a month ago for the first time
<qman__> despite running linux and openssh for over five years
<twb> The main danger is that you can remove a passphrase from a passphraseful key, so you have to make sure users are educated
<twb> Otherwise they'll use passphraseless keys, which are single-factor auth
<qman__> I use some of both
<X-Sleepy-X> ok, but im only going to use my sftp account with ppl i know in person, i mean i will change my password regulary
<qman__> my internet-facing server requires passphrase keys
<twb> X-Sleepy-X: doesn't matter.
<twb> X-Sleepy-X: single-factor authentication is inherently weaker than multi-factor authentication.
<twb> qman__: how does it enforce that?
<X-Sleepy-X> ok
<qman__> well, it doesn't technically require it, I only created keys with passphrases for that one
<qman__> and I'm the only one with root, so
<twb> OK, so it only requires it at a policy, not a technical, level.
<qman__> yes
<qman__> but for the sake of convenience I set up passphraseless keys between my desktop and the other servers
<qman__> because the only possible attack vector is through the one that needs a passphrase
<twb> qman__: that's stupid.  Use multi-hop SSH.
<qman__> unless someone gets really fancy with a firefox exploit, anyway
<twb> You should not be initiating SSH connections from an intermediary.
<twb> ssh -oProxyCommand='ssh gateway.example.net -W %h:%p' foo
<twb> ...connects to foo, via gateway.example.net, using your local machine for both auths
<qman__> nice
<twb> (You can put the same thing in .ssh/config.)
<qman__> I'll have to do that
<twb> If you do that, you should also disable agent forwarding
<twb> agent forwarding achieves something similar, but it assumes that root on gateway.example.net is ultimately trusted.
<qman__> then I could just disable the ssh client on that server altogether
<twb> The major downside is that you're paying double encryption overhead on the you<-->gateway link.
<twb> But IME that's negligible.
<qman__> yeah
<qman__> I've tried before just to see, I can get about 5 simultaneous connections before it chokes
<qman__> I'm the only one who ever uses it, so that's not an issue
<uvirtbot> New bug: #590349 in dhcp3 (main) "package dhcp3-server 3.1.3-2ubuntu3 failed to install/upgrade: o subproceso script post-installation instalado devolveu o estado de saÃ­da de erro 127" [Undecided,New] https://launchpad.net/bugs/590349
<X-Sleepy-X> Is the /etc/php5/apache2/php.ini file configured to be development or production in Ubuntu 10.04?
<Error404NotFound> how can i force apache to append some text e.g. a link or an image at the bottom of every page that it renders?
<twb> Grmph
<twb> ifup -a should not restart sshd five times
<andol> twb: once for every nic?
<twb> Yes
<twb> It should be smart enough to realize that it only needs to do it once, at the end.
<twb> Similar to dpkg triggers
<cloakable> agreed
<ruben23> hi guys whats the features of ubuntu-server new ver, LST..?
<ruben23> KTS i mean..
<ruben23> LTS...:-D
<steffan> ruben23: http://www.ubuntu.com/server/features/reduce-costs
<RoyK> ruben23: for what are you going to use it?
<ruben23> RoyK: ill be using for voice traffic, a predictive dialer system.
<RoyK> asstrix?
<ruben23>  RoyK: right...your correct
<twb> Not freeswitch, then?
<RoyK> I've run rather large asterisk installations on ubuntu. the  problems we saw was asterisk-related, not ubuntu-related
<RoyK> and we saw LOTS of problems
<RoyK> asterisk is not good
<JamesHarrison> I'm getting *** System restart required *** - I guess this just means I've done a kernel update and need to restart to have it take effect. I can't reboot this box; can I hide the message, or is there a way to swap out the running kernel for the new one without a reboot?
<RoyK> twb: do you know any predictive dialer setups with fs?
<RoyK> JamesHarrison: it only shows that message to admins
<RoyK> JamesHarrison: and usually it's ok to ignore that - it just means a new kernel is ready
<JamesHarrison> RoyK: Yes, and nobody else has an account on the box, just me. I know it's probably safe to ignore, it's just irking me :)
<RoyK> hehe
<steffan> Hi this message is shown when logging in http://pastebin.com/hQsKgK01. I've looked at the URL it shows and that is of no help
<steffan> This is a virtual machine running VMWare, although I have root privalidges
<ruben23>  RoyK:i been using 8.04 LTS for production, but i want to upgrade to the new release, im just afraid what migh happen..
<ruben23> the new LTS version..
<RoyK> steffan: http://tinyurl.com/2b2q53j
<cybrocop> Hi All. Output from top on my server shows 147K free RAM, however, I'm not running anything. How can I troubleshoot whats using that memory?
<RoyK> ruben23: it'll probably work
<RoyK> cybrocop: pastebin output from 'free'
<cybrocop> RoyK: Here is output from 'free':  http://slexy.org/raw/s2NN07Pew7
<RoyK> cybrocop: see the buffers/cache line
<RoyK> you have lots of free memory
<RoyK> but linux uses whatever's left for buffering
<RoyK> that's released when something needs it - when it's allocated
<cybrocop> RoyK: I was running kvm, and it froze up for a minute, thought it may be related to this. KVM was/is allocated 850MB
<RoyK> 850 megs is not really a lot for kvm
<steffan> RoyK: 5 results - the majority in Chinese
<cybrocop> RoyK: agreed. But the KVM itself was not heavily used. I was editing a 5 line text file.. But I'll try to pay more attention once this happens.
<cybrocop> Another question, does anybody know how to send Ctrl-Alt-Del through  Rdesktop?
<remix_tj> cybrocop: ctrl-alt-ins?
<cybrocop> remix_tj: doesn't work for me.
<remix_tj> cybrocop: uhm, or ctrl-alt-end
<steffan> RoyK: The website (https://wiki.ubuntu.com/Security/CPUFeatures) says that you can start using it if you install -generic-pae flavor of the 32bit kernel. On login I'm shown '2.6.32-21-generic-pae', which shows that the server is already using it. So why am I getting this message?
<cybrocop> remix_tj: Sorry, that doesn't work either. I must have tried all the reasonable Ctrl-Alt-*** combinations.
<remix_tj> cybrocop: you can use windows security on the start menu, so
<cybrocop> remix_tj: Thanks, thats a good workaround.
<RoyK> steffan: no idea
<MasterZuFu> hey everyone. i'm trying to use byobu (screen) here. i have my server remote-ssh'd into from my desktop, and then i have remote ssh on my iphone. i want to have a screen already setup with two windows on it, both already running a command. i pressed "ctrl+a,d" to detach my screen. then on the iphone i put "screen -r" to resume. it says this: - byobutput: unknown terminal "vanilla". cannot find terminfo entry for 'vanilla'
<MasterZuFu> anyone?
<uvirtbot> New bug: #590408 in dovecot (main) "dovecot dies with "Fatal: Socket already exists: /var/spool/postfix/private/dovecot-auth"" [Undecided,New] https://launchpad.net/bugs/590408
<xelister> how to stop the colorfull logo on boot  at other gimmicks?
<xelister> also how to disable auto starting gdm/kdm (so that by default server does not start any X server)
<xelister> also how to uninstall radeom propertiary driver, and overall remove X to change the computer to a headless setup (but! the computer needs the part to be able to VCN / ssh -X into it)
<RoyK> what is the preferred virtualisation solution for ubuntu these days?
<jbroome> i like kvm
<RoyK> does kvm differenciate between hvm and pv like xen does?
<ruben23> hi where is the php.ini file on ubuntu located..?
<ruben23> on ubuntu-server
<uvirtbot> New bug: #590421 in mailman (main) "list_lists crashed with ImportError in <module>()" [Undecided,New] https://launchpad.net/bugs/590421
<cloakable> ruben23: /etc/php5/
<cloakable> Or php4 if you're using that
<diago> Hello, I am trying to install 10.04 with a raid 1 configuration. I get all the way through the install and on the reboot the system complains that it cannot find /dev/by-uid/<UUID> which corresponds to /dev/md0. When I boot into recovery fstab has the correct UUID for /dev/md0
<diago> It's almost like mdadm is not being loaded in time for the system to boot
<uvirtbot> New bug: #590431 in mailman (main) "withlist crashed with AttributeError in fix_url()" [Undecided,New] https://launchpad.net/bugs/590431
<blue-frog> hi there, drwxrwxrwt for /tmp on a server is correct or there's a catch?
<nealmcb> blue-frog: That's the default
<blue-frog> ok had the default on a desktop but not on the server
<blue-frog> ty
<nealmcb> blue-frog: np
<Rensky> hey i will create a openvpn gateway, the connection is ok, it run, but i can?t ping a pc in the "push network"
<Rensky> i can ping the vpn server
<Rensky> on the tun device and on the eht0 device, but i can?t ping the pc behind eht0
<Rensky> is the problem iptables?
<jbroome> i can't tell from here
<Rensky> you need more information?
<RoyK> hi all. seems redhat has some admin tools that can be run on windoze to manage VMs. are such tools available on ubuntu?
<RoyK> s/on/from/
<iKb> i am tring to install a lamp server
<iKb> if i install apache2 it install apache2-mpm-worker than if i install php5 it replace apache2-mpm-worker with apache2-mpm-prefork
<iKb> is possible to mantain apache2-mpm-worker?
<RoyK> do you really need -worker?
<RoyK> php isn't thread-safe
<RoyK> if you want php, use prefork
<RoyK> it scales well enough for most use
<RoyK> prefork starts to perform bad at thousands of concurrent requests
<volve> hey all, I'm trying to install 10.04 server to a usb thumb drive. All goes well until it tries to install grub - it fails with no details. I tried selecting lilo but that fails too. Am I missing a step? I've read some usb howtos online but they only discuss Desktop, not Server...
<nealmcb> volve: what did you use to do it - usb-creator-gtk on lucid?
<volve> no, simply ran the server installer as "method 1" here https://wiki.ubuntu.com/LiveUsbPendrivePersistent made mention of just pointing to the thumb drive
<nealmcb> volve: that's a pretty old page (those need to be cleaned up....)  what distro were you running on the machine that you created it from?
<nealmcb> you might want to try usb-creator
<volve> I had no os installed. Was just booting from the server install cd.
<nealmcb> but I have only used it for a (simple, successfull) desktop install
<volve> will go read about us-creator :)
<nealmcb> volve: ahh - got it
<nealmcb> :)
<nealmcb> volve: I'd love to hear how it works
<volve> usb-creator's tagline is that it writes the iso images to usb drives. that's what concerns me as that's not an install, I'd end-up with the usb drive booting into the server installer... :/
<volve> maybe I'm googling this wrong, maybe I should try searching for ways to transfer an hd install to a usb drive... hmm
<nealmcb> volve: oops - that sounds right.
 * ccheney just upped his medicine dose 50% today and is feeling a bit wired
<KenBW2> how can i edit my invalid /etc/sudeors file?
<soren> KenBW2: Reboot into recovery mode.
<soren> KenBW2: And from now on, use visudo to edit sudoers.
<soren> KenBW2: It checks the file's validity before letting you replace the original one.
<KenBW2> its a VM, how would i restart into recovery?
<ccheney> soren, you use uec right?
<ccheney> soren, have you ever seen a weird issue where eucalyptus seems to use the external ips (the ones you assign vs the 172.x ones) for a while then stop using them, almost like an ip leak
<ccheney> soren, i'm trying to determine what is causing it to happen on my test box, i saw that the 172.x address are assigned via dhcp but haven't tracked down what handles hand outs of the ips from ip pool assigned by the admin
<soren> ccheney: I don't use UEC.
<ccheney> soren, ok
<soren> KenBW2: Just like you would a regular machine.
<soren> KenBW2: Invoke the grub menu, choose recovery mode. win.
<KenBW2> the first part s what im struggling with
 * nealmcb waves at soren
<soren> nealmcb: o/
<soren> KenBW2: Hold down the shift key, I think.
<KenBW2> this is VMWare Server if that changes anything
<soren> You tell me.
<soren> KenBW2: I've told you what to do. Have you tried it?
<KenBW2> i tried pressing shift while pressing the play button, yes
<KenBW2> but unsuprisingly it did nothing different
<guntbert> KenBW2: not while pressing the play button but inside the VM while it is booting
<KenBW2> ah, ill try that
<KenBW2> ok ive tried Shift, and ESC (as suggested on the boot screen) and neither shows me grub
<volve> nealmcb: turns out all I needed was to make sure the first partition was a FAT32 and set as Bootable. GRUB installed happily afterwards. :)
<nealmcb> volve: excellent!
<nealmcb> hope it boots nice and fast!  And do take /tmp off of it....
<volve> Next question though: how do I disable the silent boot-up and resolution detection? I sort of like seeing my services scroll by... :D
<volve> nealmcb: yeah I need to figure out a script to put /tmp in ram, and also nuke the swap partition the installer created
<volve> I mean, ideally I want to boot the entire filesystem into ram
<t3chkommie> praise goodness there is a server channel!!!!!
<nealmcb> t3chkommie :)
<t3chkommie> can anyone help me with a 10.04 server trying to set up IMAP and webmail?
<nealmcb> volve: Check out /etc/default/grub for boot configs
<t3chkommie> i had postfix+dovecot+squirrelmail... worked fine, untill i did and upgrade and broke everything...
<t3chkommie> now i cant get anything to work.. no roundcube.. courier... nothing.
<nealmcb> volve: and I'd think you could just link /tmp into /dev/shm in fstab
<nealmcb> but I haven't looked into that recently
<t3chkommie> anybody?
<nealmcb> t3chkommie: did you install the mail server task (see tasksel)
<t3chkommie> i think so.
<t3chkommie> isnt that postfix?
<nealmcb> among other tings
<nealmcb> but I'm not up-to-date on it
<t3chkommie> ok, sudo tasksel, it was missing mail server some how, so im going to resintall that
<t3chkommie> nealmcb, tasksel... awsome command, i was looking for that when everything went down yesterday!
<t3chkommie> thanks!
<nealmcb> t3chkommie: :)
<t3chkommie> nealmcb, what should i do now?
<t3chkommie> reinstall dovecot? courier?
<t3chkommie> anyone use roundcube and squirrelmail that prefurs one over the other?
<t3chkommie> im looking for somwthing with a nice UI, and resembles outlook webmail
<nealmcb> t3chkommie: I don't have much recent mail server experience, but if you describe the specifics, someone else here might see something they can answer
<diago> Hello, I am trying to install 10.04 with a raid 1 configuration. I get all the way through the install and on the reboot the system complains that it cannot find /dev/by-uid/<UUID> which corresponds to /dev/md0. When I boot into recovery fstab has the correct UUID for /dev/md0
<Yosi> Anyone here use a LSI 9260 with Ubuntu Server 10.04?   Cause LSI only has official drivers and control/agent software for REHEL..   but someone told me kernel 2.6 and higher has build in drivers for the Megaraid...
<Yosi> any idea?
<Yosi> RHEL*
<Yosi> anyone here using LSI cards in ubuntu./
<Yosi> ?
<lukehasnoname`> Yosi, http://ubuntuforums.org/showthread.php?t=1242919
<lukehasnoname`> last post?
#ubuntu-server 2011-05-30
<WMP> it is possible with gradm  (IP ACL)
<electrofreak> I need help with the networking on my server.
<WMP> electrofreak: ?
<electrofreak> I just did a '/etc/init.d/networking restart' and now I can't ping anything local or over the internet
<electrofreak> I can ping localhost tho
<electrofreak> 'route -n' looks normal
<WMP> give me /etc/networks
<electrofreak> link-local 169.254.0.0
<WMP> this is all?
<electrofreak> WMP: ^^
<electrofreak> yes
<electrofreak> there is a comment, but I'm not typing that out
<robrt`> 1269.254.x.x would generally mean it didn't get a DHCP IP
<WMP> and /etc/network/interfaces ?
<rewt> /etc/networks is just a networks list like /etc/hosts is a hosts list
<electrofreak> auto lo
<electrofreak> iface lo inet loopback
<electrofreak> and...
<electrofreak> auto eth0
<WMP> electrofreak: pastebin
<electrofreak> sorry, yea. I should for the rest of it (I'm typing this all by hand, btw)
<WMP> ;)
<WMP> you have dhcp?
<electrofreak> no, it's static
<electrofreak> http://pastebin.com/U90FQEj7
<WMP> so you mush write data to interfaces
<WMP> hmmm
<WMP> this data is good?
<electrofreak> should be
<electrofreak> I mean, yes... for my network it is.
<WMP> what display dmesg?
<electrofreak> always worked fine in the past
<electrofreak> dmesg shows nothing fishy. what might I look for.
<WMP> ifconfig
<electrofreak> there are a few messages that are from my failed attempts to get it working on my own
<electrofreak> ifconfig will be a pain to reproduce for you guys, heh. but it looks normal
<electrofreak> I almost have a feeling the NIC module got messed up somehow
<WMP> hmmm
<electrofreak> I looked for it in lsmod, but don't think I saw it. was going to try reloading it
<electrofreak> might be compiled in
<WMP> maybe reboot?
<electrofreak> I'd rather not, but if it comes to that :-/
<WMP> i havent other idea ;)
<WMP> good reboot isn;t bad
<electrofreak> yeaa...
<WMP> sorry but it is time to sleep, bye bye
<electrofreak> 97 days of uptime tho :-(
<electrofreak> top
<electrofreak> opps, wrong window
<ubuntucork> Greetings all
<rewt> people stopped caring about uptime years ago
<rewt> if that's the only thing stopping you, don't let it
<ubuntucork> I care about stability more than anything, even features :)
<electrofreak> yea
<electrofreak> I just hate rebooting for stupid crap
<electrofreak> this should work
<electrofreak> :-/ I guess it's my only option tho. damn it
<electrofreak> reboot did fix it
<electrofreak> as I suspected. It was likely something dumb with the NIC drivers, somehow got messed up when I restarted networking
<electrofreak> or some weird lock or who knows what :-/
<rewt> maybe that rmmod
<electrofreak> I don't see any modules for the nic
<electrofreak> do they just compile it in these days?
<electrofreak> might as well do the kernel upgrade and stuff to, now that I've rebooted
<sw0rdfish> hey guys can i have 2 web-based file managers/browsers installed at the same time
<sw0rdfish> like AjaXplorer and Webmin
<duli> IÂ´ve followed the ubuntu server guide to configure a samba pdc sever. The win7 computer has entered the domain just fine, but the logged user cannot edit his own folder. Any ideas?
<dbgster> when installing a package by source, what do you need to do to make it identical to using a system like APT?
<dbgster> is it just the start/stop/restart scripts and update-rc.d?
<jeeves__> what would the wget command be to spider ALL of my website looking for (and d-loading) one type of file (ie. .jpg)?
<uvirtbot> New bug: #790038 in cobbler (universe) "package cobbler-web 2.1.0-0ubuntu7 failed to install/upgrade: sub-processo script post-installation instalado retornou estado de saÃ­da de erro 1" [Undecided,New] https://launchpad.net/bugs/790038
<xokvictor> hi all
<xokvictor> can anyone tell me, which means that certifiaction of equipment? http://www.ubuntu.com/certification/
<moriarty_> Can anyone help me out with an overloaded rails server
<twb> xokvictor: that looks like a Hardware Compatibility List
<RudyValencia> How do I force Ubuntu to do an fsck on boot?
<twb> touch /forcefsck
<twb> And pray
<RudyValencia> That worked. It went right into fsck :)
<xokvictor> can anyone tell me, which means that certifiaction of equipment? http://www.ubuntu.com/certification/
<xokvictor> ???
<xokvictor> anybody there?
<jmarsden> xokvictor: system admins tend to care more about equipment that works, than equipment that is certified.  Canonical will probably be happy to sell you on why certified equipment is "better supported" if your management needs that kind of reassurance.
<xokvictor>  "better supported" - hat do u mean? more stability, more supported devices?
<TeTeT> xokvictor: the certification means that a number of tests have been passed on that machine. Not sure if the tests or their results are publicly available though
<xokvictor> or better suport all devices in specified model?
<TeTeT> xokvictor: so the certified release at least boots and all core components work
<xokvictor> thanks
<TeTeT> xokvictor: it probably will not test for some hardware as fingerprint readers on laptops that would require a manual test
<xokvictor> TeTeT u r very helpful for me
<TeTeT> xokvictor: or a tape in a server for backup
<xokvictor> thank u very much
<TeTeT> xokvictor: though understand that certification does not mean fully enabled, what your questions above seem to ask for
<TeTeT> xokvictor: most likely a fully enabled Ubuntu would come pre-installed on a specific hardware from your vendor of choice
<xokvictor> ok )
<TeTeT> xokvictor: I'd also recommend to contact your vendor of choice and ask them specifically on the ubuntu release and server you're interested in. Always helps to raise visibility
<xokvictor> TeTeT: i'm new user in ubuntu, how i can help for ubuntu?
<xokvictor> TeTeT: how to start learning?
<TeTeT> xokvictor: check the help on help.ubuntu.com and if something is unclear or wrong, contact the page author and let them know. It's a good way to start, there are other ways, but going with the docs first is good
<TeTeT> xokvictor: else, depends on your skills and what you want to do. For example, I do some bug triaging and fixing in my spare time at times
<TeTeT> xokvictor: and try to be helpful on cloud related questions over IRC
<xokvictor> what do u mean in last messege
<xokvictor> what do u mean in last message
<xokvictor> sorry for my english )
<koolhead11> xokvictor, and also join #ubuntu to solve beginner level questions :)
<xokvictor> koolhead11, i'm from Ukraine, and want learning ubuntu and english ) thanks for recomendation
<xokvictor> and want be helpful
<koolhead11> xokvictor, spread the knowledge and more knowledge will come to you!! :D
<xokvictor> and i want integrate Ubuntu in my organization $)
<xokvictor> :)
<xokvictor> koolhead11, u r right!
<xokvictor> )
<TeTeT> xokvictor: it's a technology thing, called cloud, sort of a specialization of a server usage. I'm low on time right now, otherwise I'd give you an intro
<xokvictor> TeTeT: you tell me about this? http://en.wikipedia.org/wiki/Cloud_computing
<TeTeT> xokvictor: yes, specifically UEC, http://www.ubuntu.com/business/cloud/overview
<xokvictor> TeTeT, yes, i'm readed about this option on this weekend, it's very good and i need this.. but i mean private cloud because it's more security
<twb> OK I am borked, because I glanced at this page and thought "TeTeTe" was cyrillic
<_ruben> heh
<xokvictor> who can advise beter solution for NAT?
<_ruben> try asking your actual question(s) instead
<twb> xokvictor: IPv6 is the right solution to NAT
<xokvictor> what do u mean?
<xokvictor> )
<xokvictor> i have a server, and 500 pc's
<_ruben> with ipv6, you wont need NAT no more
<xokvictor> why?
<SpamapS> and with unicorns, you won't need vitamin C anymore
<_ruben> because you'll have way more ip addresses than you'll ever need
<xokvictor> we r working in ipv4
<twb> SpamapS: hey man, ipv6 is older than I am
<twb> Even the telcos have adopted IPv6 (4G), and they're usually behind everyone else
<xokvictor> ok, but not all devices ready for ipv6
<twb> xokvictor: such as?
<xokvictor> i need ipv4 solution, but ipv6 interesting to
<xokvictor> old printers
<twb> https://secure.wikimedia.org/wikipedia/en/wiki/IPv6#IPv6_readiness
<_ruben> solution for what?
<xokvictor> for NAT
<_ruben> what about it?
<twb> You can't "solve" NAT without IPv6
<xokvictor> internet for inside pc's throute NAT
<_ruben> NAT for ipv4 is trivial to setup
<twb> xokvictor: we call that "routing"
<xokvictor> what u can recommended? pf, natd, etc.
<_ruben> netfilter
<xokvictor> Oh, sorry )
<twb> Linux only has one NAT implementation, netfilter.  It is part of the kernel.
<xokvictor> like NetGraph in FreeBSD?
<_ruben> dunno, i dont do *bsd
<_ruben> iptables -t nat -j SNAT -h and man iptables are pretty much all you need
<xokvictor> iptables better than netfilter?
<_ruben> iptables is the userland part of netfilter
<xokvictor> how many people can working through iptable normally?
<xokvictor> without lags
<twb> That would depend on hardware capabilities, and how those people use the network.
<twb> For example, a normal user would use a lot less that some stupid young person spending lurking on facebook and youtube.
<twb> *spending time
<xokvictor> together network using about 400 people
<_ruben> depends on your hardware
<xokvictor> one moment
<_ruben> if it's hardware from this century, you'll quite likely do just fine
<twb> _ruben: millenium even
<_ruben> crap, that's what i meant to say :p
<_ruben> xokvictor: how fast is the internet connection?
<_ruben> and what type?
<xokvictor> CPU: Intel(R) Xeon(R) CPU            5110  @ 1.60GHz (1597.53-MHz K8-class CPU)
<xokvictor>  Multiprocessor System Detected: 4 CPUs
<twb> Intel had model strings that included "K8-class"?  Wow.
<xokvictor> 4GB Fully Buffered DIMMs DDR III
<xokvictor> )
<xokvictor> normal?
<xokvictor> _ruben, what do u mean about @type@
<xokvictor> "type"
<twb> xokvictor: is it satellite, 56k dialup, tie line, isdn, or what
<koolhead11> xokvictor, that will be sufficient :D
<slhsen1> hello, is it still possible to dist-upgrade a server from jounty to lucid?
<twb> slhsen1: upgrades from n to n+1 are always possible
<twb> slhsen1: in your case you'd have to go via karmic
<_ruben> and one usually doesnt do upgrade through dist-upgrade, but use do-release-upgrade instead
<twb> !upgrade
<ubottu> For upgrading, see the instructions at https://help.ubuntu.com/community/UpgradeNotes - see also http://www.ubuntu.com/desktop/get-ubuntu/upgrade
<slhsen1> thanks, i was a little worried about dropped support, since i'm no longer to upgrade any packages
<twb> For debian, at least, that is just because EOLd releases are moved to a non-mirrored location
<xokvictor> we have optical 15 Mb|s
<_ruben> 15 Mbit/s for 400 users .. ouch .. i'd almost feel sorry for the users
<slhsen1> twb:  so can I still access those packages?
<twb> slhsen1: I guess so
<twb> _ruben: depends if he means "actually 15mbps" or "theoretical maximum 15mbps"
<twb> In .au you rent a 22mbps line and get effective 0.5mbps
<_ruben> twb: lovely
<_ruben> sounds a "bit" like our UA office, claims to have a 100Mbit/s pipe, but iperf gets 300Mbit/s over it :p
<soren> "UA"?
<twb> But it's A-OK because RSN ma bell's copper will be told to GTFO and we will have FTTP.  Honest.  It's a core election promise.
<_ruben> ukraine
<soren> Oh.
<twb> _ruben: at least we aren't .za
<_ruben> where pigeon cariers with sd cards are faster than the actual lines
<twb> And the al smelting plants run at 30% capacity because they can't get enough juice from the grid
<soren> Never underestimate the bandwidth of a truck loaded with backup tapes.
<_ruben> yup
<twb> (Yes, OK, I acknowledge that turning alumina into aluminium is electrically expensive.)
<xokvictor> sorry for wait, working :)
<xokvictor> actually 15mbps
<xokvictor> _ruben where u from? )
<_ruben> netherlands
<xokvictor> we  have 100Mbps, but only in our country
<_ruben> got 100 at our office, 1000 at our colo's
<_ruben> working on getting 1Gbps vlans between all
<xokvictor> and what about my quation? about routing?
<xokvictor> )
<_ruben> which question?
<xokvictor> how many people can working through iptable normally?
<_ruben> people dont matter, the only thing that really matters is packets-per-second .. but with a 15Mbps line, you're not likely to hit any limits there
<koolhead11> oneiric-alternate-i386.iso has dependency issues. am not able to install it :(
<_ruben> i have similar spec'ed machines do several 100Mbps for dozens of servers
<xokvictor> we have limits for many people with bandwidth and sites
<slhsen> hello again, when i try to run do-release-upgrade on  jounty I get "An upgrade from 'jaunty' to 'lucid' is not supported with this tool." message. Any workarounds for that?
<otaku_coder> hi, i just setup a new linode vps with an 11.04 32 bit image. I'm trying to do everything as a non-root user. i've added my user to the default set of groups but when i login as that user the shell is too minimal. When using a non-root user on aws i get 'full' shell access (i.e. i can run bash_completion, etc). any ideas how I can fix this on linode?
<slhsen> i'm trying to upgrade to karmic, and then to lucid
<xokvictor> how much pps can sponsoring my hardware?
<xokvictor> how much pps is normal?
<TeTeT> slhsen: I believe jaunty is out of support since half a year, so not sure if upgrades are still possible
<slhsen> TeTeT: I was afraid of that
<TeTeT> slhsen: check https://help.ubuntu.com/community/EOLUpgrades
<slhsen> TeTet: doing so, thanks
<uvirtbot> New bug: #790153 in irqbalance (main) "package irqbalance 0.56-1ubuntu3 failed to install/upgrade: ErrorMessage: subprocess installed post-installation script was killed by signal (Segmentation fault)" [Undecided,New] https://launchpad.net/bugs/790153
<xokvictor> quit
<andygraybeal> morrrningingi
<uvirtbot> New bug: #790166 in samba (main) "package samba-common-bin 2:3.5.8~dfsg-1ubuntu2.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 2" [Undecided,New] https://launchpad.net/bugs/790166
<daxroc_> Noon all
<daxroc_> Has anyone seen problems with rr link agregation ( bonding ) with 11.04 ?
<LinSkyrate> is there a good tutorial on how the comtroller and node are set ut in SaaS?
<TeTeT> LinSkyrate: UEC?
<LinSkyrate> mhm
<LinSkyrate> feel ther i a lot of install tut,, but no actual setup
<LinSkyrate> i have buldt a controller and one node for simulation /Training... but where from here?
<LinSkyrate> i dont want ti connect ti Amazon just yet.. i need to learn more. There is a private cloud part.. i think this is for f.eks training
<TeTeT> LinSkyrate: Canonical offers a training on UEC which guides you through starting instances and doing some stuff with it. I'm the instructor delivering it. feel free to follow the public exercise http://people.canonical.com/~tspindler/UEC/ebs-based-instance.pdf to get something working
<LinSkyrate> thnx :)
<TeTeT> np
<LinSkyrate> TeTeT: is this howto after install of Ubuntu Server or is this Lunux in general?
<LinSkyrate> TeTeT: seem to me that this is from a base linux doing this from scratch.. am i wrong?
<dbgster> when working with differennt services etc, they might have their own login/group.
<dbgster> sudo let's you be root, how to mimick other users?
<dbgster> (without having to login explicitly)
<robrt`> man su
<eagles0513875> hey guys what is /user/sbin/console-kit-daemon --no-daemon
<TeTeT> LinSkyrate: it's after installing UEC, http://www.ubuntu.com/business/cloud/overview
<TeTeT> dbgster: think sudo -u does let you take the role of another user
<dbgster> cool thanks
<bl4nd> hi all , im tryin fresh instal of server its hanging at the list of [ 0.214 etc list , Kernel thread helper , being its last entry , is this normal >or what am i doin wrong ;(
<bl4nd> should the machine be connected to the net whilee i instal ? or is it ok not to be ?
<zul> soren: ping have you seen bug #756138
<uvirtbot> Launchpad bug 756138 in python-gflags "python-gflags version 1.3-1 failed to build on i386" [High,New] https://launchpad.net/bugs/756138
<soren> zul: I hadn't, no.
<soren> poc
<soren> zul: Thanks.
<zul> soren: no worries...
<WinstonSmith> a good day to all! where does ubuntu define which NIC is which interface? e,g. card1 is eth0, etc....?
<_ruben> WinstonSmith: /etc/udev/rules.d/70-persistent-net.rules
<WinstonSmith> _ruben: thank you!
<wunki> do you recommend deleting/removing the "ubuntu" user on Amazon's AWS machines?
<smw> wunki, I do not
<smw> wunki, why would you?
<wunki> smw: I don't know, maybe there were security implications..
<smw> wunki, nope. It is more secure than other options
<smw> wunki, and since you are using ssh keys, it is not like you need to worry about dictionary attacks
<wunki> smw: how do you use the "ubuntu" user? As your default shell user, or do you add another
<smw> wunki, yeah, I use it as my default user.
<smw> wunki, for certain things I su  to another user
<wunki> but you use the "ubuntu" user as administrator
<smw> yes
<smw> wunki, also, you may like ##aws ;-)
<wunki> am I in the wrong channel :)
<smw> No. It is just another channel to find ec2 related info ;-)
<wunki> ok, thanks. I will follow your advice and keep the ubuntu user around as administrator
<wunki> I will add an extra user which will run the web application
<smw> that is a very good idea
<Ethos> what's the best thing to go for for a VPN server that supports PPTP on ubuntu server?
<smw> wunki, because ubuntu has ssh nopass, running stuff is like running as root.
<smw> sudo nopass*
<wunki> smw: yeah, I noticed that, that's why I asked my initial question
<pmatulis> Ethos: rephrase?
<cocoa117>  anyone know why my Ubuntu 9.10 domU never be able to mount the ext3 filesystem listed in the /etc/fstab?
<cocoa117>  i can always manually mounted by "sudo mount /srv/bkp"
<cocoa117> this is my line in /etc/fstab
<cocoa117>  /dev/sda3 /srv/bkp ext3 defaults,errors=remount-ro 0 2
<cocoa117> there is no error message in /var/log/dmesg
<RoyK> cocoa117: is /dev/sda3 visible in /proc/partitions?
<cocoa117> RoyK, let me have look
<cocoa117> major minor  #blocks  name
<cocoa117>    8     1  923795456 sda1
<cocoa117>    8     2    2097152 sda2
<cocoa117>    8    17 1465134973 sdb1
<cocoa117> yes, i call it sdb1 now, and it is visible
<RoyK> !pastebin
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imagebin.org/?page=add | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<RoyK> cocoa117: you said you tried to mount sda3, which doesn't exist
<cocoa117> RoyK, sorry, I have changed the sda3 to sdb1, just to see if it makes any difference
<cocoa117> so sda3 = sdb1, and sdb1 is currently visible under /pro/partitions
<cocoa117> and i can always manually mount it
<cocoa117> no error
<RoyK> cocoa117: wierd - one thing, not that it's an error, but setting defaults,someopt isn't needed, defaults is only used as a placeholder if no options are set
<RoyK> so defaults,errors=remount-ro == errors=remount-ro
<cocoa117> RoyK, i know very wired. i have tried using auto, user, exec... and many different commbination, and didn't work
<RoyK> cocoa117: can you pastebin the entire fstab?
<cocoa117> ok
<cocoa117> hold on
<cocoa117> Royk, http://pastebin.com/tHdrZt8a
<Ethos> anyone good with PPTPD, it's connecting but not giving the client an IP Address, also when I disconnect it takes a while for the server to be accessable again
<RoyK> /dev/sdb1      /srv/bkp        ext3    defaults        0       2 <-- that one would be my fist attempt
<RoyK> cocoa117: which version of ubuntu is this?
<cocoa117> it's 9.10
<cocoa117> RoyK, sorry, no
<RoyK> hm... not supported anymore, though
<cocoa117> lsb_release -a
<cocoa117> No LSB modules are available.
<cocoa117> Distributor ID:	Ubuntu
<cocoa117> Description:	Ubuntu 9.04
<cocoa117> Release:	9.04
<cocoa117> Codename:	jaunty
<uvirtbot> New bug: #790292 in bind9 (main) "package bind9 1:9.7.3.dfsg-1ubuntu2.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/790292
<RoyK> definitely not supported
<cocoa117> RoyK, i know. planning to upgrade to 10.10 first, see if it solve it
<RoyK> 8.04 is, though, so you might want to use that if you need something old
<cocoa117> but it just wired, not supports to happen
<RoyK> cocoa117: I'd stick to LTS releases if I were you
<cocoa117> RoyK, yes, i learned that now, so i will
 * RoyK never uses anything but LTS releases for servers...
<RoyK> btw, why do you use Xen?
<RoyK> making a PVM with ubuntu on Xen is a PITA imho, and a HVM is dead slow on the I/O
<cocoa117> RoyK, so I can run multiple OS, Windows, Ubuntu on the same box
<RoyK> why not KVM?
<cocoa117> my room is small, don't want to keep many boxes
<RoyK> XEN isn't supported in Ubuntu anymore...
<cocoa117> the dom0 is Debian, so i can do Xen
<RoyK> cocoa117: not KVM as in KVM switch, KVM as in Kernel Virtual Machine
<cocoa117> I was running Ubuntu 8.04 with Xen at the time
<RoyK> it's way easier to deal with than Xen
<cocoa117> RoyK, i know, it do require hardware support on the CPU
<cocoa117> and the speed wasn't as good as, i did compare
<cocoa117> the good thing with was KVM is official supported by Ubuntu, so it's easy to upgrade
<RoyK> if you compare KVM with libvirt i/o to Xen HVMs, the KVM easily wins that contest
<cocoa117> anyway, thanx for ur efforts
<RoyK> np
<cocoa117> oh, i was doing KVM linux and Xen pavirt
<cocoa117> because i do use my Ubuntu as samba server, downloading, streaming server a lot
<RoyK> with libvirt drivers on the KVM guest?
<cocoa117> the Windows box is just desktop, running things i can't with Ubuntu
<cocoa117> yes, can't remember the version, sorry
<RoyK> anyway - if Xen works, it works :)
<cocoa117> a while ago it was
<RoyK> and yes, KVM requires cpu virt extensions
<cocoa117> don't have time to learn about KVM, so just stick with Xen for now
 * RoyK didn't have time to learn about KVM either, he just started virt-manager and made some VMs
<cocoa117> both of them are actively developed, so no need to switch right way, :)
<RoyK> true - what works, works
<RoyK> cocoa117: but to your mount problem, I really don't have much idea
<RoyK> does 9.04 use old syslogd, or rsyslogd?
<RoyK> cocoa117: IIRC it's syslogd, if so, you may want to add a line *.* /var/log/everything.log and reboot to see if you can find a hint in there
<RoyK> cocoa117: otherwise, upgrade to 10.04 via 9.10 - do-release-upgrade, reboot, and the same again
<cocoa117> Royk, yes, i am preparing it at the moment
<RoyK> just make sure you have a backup in case something ugly hits the fan
<cocoa117> i am doing backup now actually, tar, :)
<RoyK> why not just take a xen snapshot (if that's supported) or perhaps copy the vm image?
<cocoa117> Royk, i don't know what ssylog is used in 9.04
<RoyK> the only thing I can think of going bad, is grub2, and if so, you may not be able to boot the system
<cocoa117> don't know how, with snapshot, i feel tar is safer for me, i done it in the past 1000 times, and know it worked
<RoyK> ok
<cocoa117> after all, i do have 800G storage inside /srv folder
<RoyK> isn't that mostly on other filesystems?
<RoyK> I guess that's not on the root...?
<cocoa117> i am just backup / without /srv for now, and do  do-release-upgrade with backuped Ubuntu 9.04 first
<cocoa117> if everything worked, then do the real upgrade
<RoyK> remember, you need to do that twice to get to 10.04
<RoyK> ubuntu will always upgrade to the next release, or the next LTS release if no LTS (and configured to do so)
<cocoa117> yep
<RoyK> s/no LTS/on LTS/
<cocoa117> i am thinking to change the upgrade line to LTS after upgrade to 10.04
<RoyK> IIRC that's done automatically
<RoyK> once you upgrade to LTS, the config is changed, and must be changed back to 'normal' manually
<cocoa117> oh, yes, i always change them back, :) because my laptop usage is more often then server :)
<cocoa117> thanx for point it out
<cocoa117> i take u use server more often
<RoyK> I do :)
 * RoyK has 50+ ubuntu machines running at work
<cocoa117> wow, all servers?
<RoyK> some workstations - some of the developers and scientists don't want windows
<cocoa117> my work envirnoment have RedHat more then Ubuntu
<RoyK> I cannot but agree ;)
<cocoa117> :)
<RoyK> we used to have a bunch of redhat around, but I managed to change that when I started - no reason to pay for opensource when you don't even use the support, so rather than paying blood money to RedHat, we got a support contract with a local company that has been doing linux consulting for 15 years
 * RoyK can remember how people were laughing at them when they started up their business back in 1995 - doing CONSULTING for LINUX??? :)
<cocoa117> i c
<cocoa117> :)
<cocoa117> yes 15 years, sound like long time ago
<RoyK> linux wasn't very good back then
<cocoa117> glade to see the progress linux has made
<RoyK> heh - yeah - look at supercomputers/compute clusters around the world
<RoyK> or even webservers
<cocoa117> agree
<sw0rdfish> where is the default location of httpd.conf of apaceh2
<sw0rdfish> located?
<qman__> sw0rdfish, httpd.conf is not used in ubuntu/debian configuration
<RoyK> sw0rdfish: all configs are under /etc/apache2 - you rarely would have to change apache2.conf (aka httpd.conf) - see the directories mods-enabled/mods-available and similar sites-*
<qman__> but it still exists in /etc/apache2
<sw0rdfish> i just want to make /var/www/documents
<sw0rdfish> password protected
<sw0rdfish> i have to edit apache2.conf
<RoyK> nope
<RoyK> just create a .htaccess file there
<qman__> yep, or modify the site configuration
<RoyK> or edit the virtualhost
<qman__>  /etc/apache2/sites-available/default in this case
<sw0rdfish> well its not recommended to use .htaccess
<RoyK> why not?
<RoyK> so long as the apache user (www-data) can't write to the file, it should be pretty safe
<qman__> yeah
<sw0rdfish> http://httpd.apache.org/docs/2.0/howto/htaccess.html#when
<sw0rdfish> its not recommened haha
<sw0rdfish> recommended*
<RoyK> imho it doesn't matter much - still - just edit the apache config as qman__ said
<qman__> well, the proper place in main configuration is /etc/apache2/sites-available/site-name
<qman__> in this case the default site
<sw0rdfish> well to be honest if they're recommending against its usage
<sw0rdfish> based on the fact it slows things down
<sw0rdfish> i guess i shouldn't have to worry cuz i don't have a lot of directories in my server
<RoyK> the slowdown is only noticable on a heavily loaded server
<qman__> the performance impact is next to nothing, you'd only have to worry about it if you hosted hundreds of sites or something like facebook
<sw0rdfish> oh cool
<sw0rdfish> ok so whats the fastest way
<sw0rdfish> the thing is i'd have to read a how-to to do it and don't have a lot of time to read lol
<qman__> you have to do the same thing in either case
 * RoyK sticks to .htaccess - easier to update and no apache reload needed
<qman__> it's just a matter of which file you drop it in
<sw0rdfish> nice ok
<qman__> just make sure the htpasswd file is above the webroot
<qman__> if you're going with basic
<sw0rdfish> i should put .htaccess on /var/www to protect /var/www/documents
<sw0rdfish> right
<RoyK> keep in mind that it'll throw you a 500 if you make a typo in .htaccess
<RoyK> you should place it in the root directory you want to protect, so if you want anonymous access to the files in /var/www, but protect what's under /var/www/documents, place the file in the latter
<sw0rdfish> hey if i protect /var/www
<sw0rdfish> everything under it will be protected right
<RoyK> yse
<sw0rdfish> i might as well just do that
<RoyK> yes
<qman__> keep in mind that the password transmission is in the clear unless you're using https
<qman__> not sure if man in the middle is a concern for you
<sw0rdfish> I am using https :)
<sw0rdfish> uhhh let me guess it is
<sw0rdfish> possible to encrypt the password with md5
<sw0rdfish> right
<sw0rdfish> although i'm not gonna go for it, don't have time to read on that
<RoyK> htpasswd -m
<sw0rdfish> there is a "passwords" file in /etc/apache2
<sw0rdfish> protecting another directory in /var/www
<sw0rdfish> could I just use that one too
<RoyK> sure, just specify that in the .htaccess file
<RoyK> AuthUserFile /etc/apache2/passwd
<sw0rdfish> cool
<sw0rdfish> what does htdigest do
<sw0rdfish> cuz i had to use that to change the passwd of that directory it protects
<sw0rdfish> ahh nvm
<sw0rdfish> if .htaccess is in the same directory to be protected it won't be compromised right?
<RoyK> sw0rdfish: just make sure it's not writable by the www-data user
<RoyK> it must be readable by it, but not writable
<RoyK> so something like this should be safe: chown root:www-data .htpasswd ; chmod 640 .htpasswd
<RoyK> perhaps change root to whatever user is meant to update it
<sw0rdfish> i see
<sw0rdfish> thanks man
<Duvrazh> Can anyone please help me understand what's going on with my raid-5 array and how/when I should mount it? Array installed from 11.04 liveusb install, md0, 18% sync, need auto-mount on boot.
<qman__> well, it's 18% through syncing
<qman__> just have to wait for that to finish
<Duvrazh> will it mount on completion?
<Duvrazh> it's been syncing for hours
<qman__> it should be mounted already
<qman__> and yes, syncing takes a very long time
<qman__> especially with multi TB arrays
<Duvrazh> the md0 is present in /etc/md0 but I wasn't sure if that would turn into the root folder of the array
<Duvrazh> Okay. It's currently 6 TB
<qman__> you must have pretty good hardware then
<Duvrazh> Mid-range $$ hardware
<qman__> mine took three days, for 8 1TB disks in a raid 6 + hot spare configuration
<Duvrazh> damn
<Duvrazh> I can't believe it's so slow. Windows raid takes like 3 minutes.
<qman__> that's because it doesn't actually build the array
<qman__> it just assumes it'll work
<Duvrazh> makes sense
<qman__> it's like quick format versus fill
<qman__> full*
<qman__> you can still use the array while it's syncing
<Duvrazh> so please help me feel not-crazy. when syncing is done, /etc/md0 will be the root folder of the array?
<qman__> though there's a remote possibility of data loss
<Duvrazh> I'll wait ;)
<qman__> probably not, unless you mounted it there
<qman__> which is silly
<qman__>  /etc is for configuration, not storage
<Duvrazh> I don't know if I specified a mount
<Duvrazh> how can I view that? I haven't found any command showing me the mount point
<qman__> mount
<qman__> shows active mounts
<qman__> and /etc/fstab shows configured mounts
<Duvrazh> not mounted
<qman__> df -h shows free space on mounted disks, too
<Duvrazh> editing /etc/fstab will create a mount@boot-time right?
<qman__> yes
<Duvrazh>  Filesystem            Size  Used Avail Use% Mounted on /dev/sdd1             222G  1.1G  210G   1% / none                  3.9G  248K  3.9G   1% /dev none                  4.0G     0  4.0G   0% /dev/shm none                  4.0G  336K  4.0G   1% /var/run none                  4.0G     0  4.0G   0% /var/lock
<qman__> well, if you configure it to
<qman__> the 'noauto' option will make it not auto mount
<qman__> while the 'auto' option makes it mount
<Duvrazh> I first will have to make a filesystem though from that reading, right?
<qman__> yes
<Duvrazh> oh snap it's not even on there...
<Duvrazh> Can I make filesystem and mount during sync?
<qman__> have to make a filesystem before you can mount it
<qman__> yes
<qman__> you have a few decisions to make there, too
<Duvrazh> such as?
<qman__> many use LVM on top of the raid
<Duvrazh> I read that doesn't come without side-effects
<Duvrazh> particularly complexity
<qman__> both methods have side effects
<Duvrazh> data-integrity is main concern
<qman__> my file server is just a straight ext3 on md0
<qman__> well
<qman__> silent data corruption is a big issue with large disks
<Duvrazh> it's a media server, going to be streaming media files with Twonky
<qman__> and none of the stable linux filesystems have checksumming
<Duvrazh> and sharing the raid via samba
<qman__> I've had a few videos go wonky on mine
<Duvrazh> hmm
<Duvrazh> a few I can handle
<Duvrazh> more than 10-20 would be unacceptable
<qman__> nothing devastating, not even close
<Duvrazh> well that's good
<qman__> what was devastating was when on my original raid 5
<sw0rdfish> is authtype digest, the best thing
<Duvrazh> any reason not to use ext4 for my purpose?
<qman__> I had three drives die in one day
<Duvrazh> holy shit
<qman__> which is not as rare or uncommon as you might think
<Duvrazh> western digitals?
<qman__> seagates
<Duvrazh> hmm
<Duvrazh> I guess I'll be glad I'm using Caviar Green
<qman__> which is why I am now running raid 6 with a hot spare
<qman__> yuck
<qman__> prepare for trouble
<Duvrazh> They've been stable for a long time
<qman__> those are not designed to be used in a raid
<Duvrazh> but there is plan to swap them out
<Duvrazh> I know
<Duvrazh> WD raid drives are $$$$$$$$$$$$$$$$, unreasonably so
<Duvrazh> brand loyalist
<qman__> yes
<qman__> but using green drives is just asking for trouble
<Duvrazh> Well aware
<qman__> expect disks to drop left and right
<Duvrazh> They've held out in a raid config for about 5 months and only 1 went bad
<qman__> caviar blacks are the minimum WD
<qman__> RAID class preferred, but they'll do
<qman__> my current server is running samsungs, already had two go bad
<qman__> fortunately not at the same time, so I could RMA them
<sw0rdfish> what is the line to add in sites-available/default to make it force the usage of SSL
<Duvrazh> is ext4 bad for raid?
<qman__> no, ext4 is probably your best pick on linux
<qman__> but none of the common linux filesystems have checksumming, you'd need ZFS for that
<Duvrazh> zfs isn't as stable I thought
<qman__> not in linux
<qman__> it wasn't even an option in linux until recently
<qman__> btrfs isn't stable either
<Duvrazh> screw it... i'll stick with ext4
<Duvrazh> what's the command for it? I keep finding 2/3 but not 4
<ChmEarl> sw0rdfish, sudo a2enmod ssl; then look for sites-available/default-ssl
<Duvrazh> make2fs doesn't support ext4?
<qman__> don't know off the top of my head, always used the installer
<qman__> google should tell
<Duvrazh> google is my nemesis today
<sw0rdfish> ChmEarl, thanks
<Duvrazh> gparted?
<qman__> gparted is for paritioning
<qman__> though I think it's capable of creating filesystems, it also requires a GUI
<Duvrazh> yuck
<nkv> I prefer JFS on linux over ext4.  I've had some bad luck with ext based fs.
<nkv> on servers at least
<qman__> ext3 has always been good to me
<qman__> lost some files with reiser, lost entire filesystems with XFS
<qman__> only time I tried JFS, ubuntu couldn't mount it at boot
<qman__> catch-22 file issue
 * nkv shrugs. I worked at an ISP in the 90s and ext3 would eat the filesystems more often than JFS would when we had system crashes
<nkv> That sorta set my bias
<nkv> so, it may not be relevant anymore
<qman__> before my time with linux
<nkv> As long as you don't use ext2, you are probably pretty safe. :)
<qman__> my only important advice is don't use XFS
<qman__> total filesystem loss in a crash is a very real possibility
<nkv> I use XFS, but it is a crappy port into linux.
<qman__> unless you have absolute stability, don't use it
<nkv> yeah
<Duvrazh> I'm going with ext4
<Duvrazh> just trying to figure out the damn command. :P
<nkv> mkfs.ext4
<Duvrazh> need a few more options than that lol
<qman__> not really
<qman__> mkfs.ext4 /dev/md0
<qman__> I knew that, but I just didn't realize I knew it :/
<Duvrazh> boom!
<RoyK> the 'portable' way to do it is mkfs -t ext4 /dev/whatever
<Duvrazh> I already used qman's command
<Duvrazh> :/
<nkv> RoyK: or make the symlink
<RoyK> same thing
<Duvrazh> I don't need portability
<nkv> It makes the same thing.
<Duvrazh> Just need to be able to hook the raid into Twonky and Samba and I'm good
<Duvrazh> and maybe through DropBox in there
<nkv> Just mkfs.ext4 isn't a real program. It is a link to mke2fs.
<nkv> mke2fs knows what to do by the name it is called by.
<nkv> RoyK was just saying the other command will work on just about any linux distro.
<Duvrazh> ah, well it's a link I'm thankful for
<RoyK> nkv: both will probably work - but the 'standard' way is to mkfs -t fstype /path/to/dev
<Duvrazh> some of the more advanced programs with 20+ options/switches through me for one
<Duvrazh> okay so raid has ext4 now
<Duvrazh> how to mount auto @ boot?
<nkv> add it to /etc/fstab I assume
<qman__> yep
<qman__> pick a mount point, default options should be good
<qman__> you could find the UUID but unless you plan on having more than one raid array ever attached, you shouldn't have to worry
<RoyK> perhaps add relatime or noatime if you expect heavy write load
<Duvrazh> I already found the UUID
<RoyK> erm
<RoyK> heavy _read_ load
<RoyK> I mean
<qman__> yeah
<RoyK> updating atime can be quite expensive
<qman__> with atime, a heavy read load turns into a heavy write load
<RoyK> whoever got the idea of 'whenever a read occurs, do a write'.....
<Duvrazh> that'll kill me when I migrate the existing data over to the array
<RoyK> what amount of data?
<Duvrazh> 4.5 TB
<Duvrazh> anyways thanks for the help, gotta run
<qman__> not exactly planning ahead then, with only a 6TB array
 * RoyK was about to hint on using rsync --bwlimit, but guesses he will find out the hard way
<qman__> I need to update mine pretty soon, about 93% full
<RoyK> seems to me, with linux being able to dynamically add drives and even switch from raid5 to raid6, well, it should be doable
<nkv> Ah.  That actually sounds like it would have been a good canidate for lvm2
<RoyK> a 93% full filesystem is bound to be badly fragmented
<qman__> yeah, I'm at 8 1TB disks now
<nkv> Then you can just append another array
<qman__> need to make a new filesystem with bigger disks
<qman__> holding out to save up some money, so hopefully I can just build a new server
<nkv> md does support expansion of raid5/6 now.
<RoyK> doesn't linux support replacing drives with bigger ones, extending the volume by that?
<qman__> do it up right
<qman__> yeah, but it'll take forever that way
<nkv> you can add drives now and extend arrays hot.  It is really slow.
<qman__> plus mine is still ext3
<qman__> 8TB limit IIRC
<qman__> a little dumb on my part but ext4 wasn't exactly stable yet
<elb0w> is it possible to run a xserver on a server?
<RoyK> lol http://farm2.static.flickr.com/1096/894127714_9f98afa6f5_o.jpg20
<elb0w> says cannot open display
<RoyK> elb0w: it is, but why would you?
<elb0w> this html->pdf module im using is looking for one
<elb0w> I dont know how entailed it is
<elb0w> is it a bad idea?
<RoyK> elb0w: if you're connecting from a linux client or something else with an X server, just install xauth etc on the server, and ssh -X to the server and the client's x server will be used
<qman__> generally, yes
<qman__> significant performance impact and security consideration
<elb0w> ugh this sucks, didnt say anything in pre-reqs
<elb0w> man
 * RoyK starts humming at the RTFM song
<qman__> not sure why a simple file conversion tool would need an X display
<qman__> libraries, sure, but not an actual running X server
<elb0w> RoyK: it didnt say anywhere in the reqs
<RoyK> elb0w: just install xterm
<elb0w> nah im not going to use it
<RoyK> it's like 50k
<elb0w> https://github.com/mreiferson/php-wkhtmltox#readme the Qt made me think that it may of needed X but it never explicitly said it
<RoyK> so it won't fill up your disk much
<elb0w> I dont want to rn a x server
<pmatulis> what are "the reqs"?
<elb0w> ill use something else
<RoyK> it's not about running an x server, it's about allowing x to be used from a client
<elb0w> pmatulis: requirements
<pmatulis> elb0w: what/where?
<elb0w> pmatulis: I am not following your logic, you are not really making a point.
<pmatulis> elb0w: nevermind, i don't have time
<fooman2011> hello guys
<fooman2011>  i'm using the last version of "ubuntu server". I have to launch a java program. So I need the jre. But i'm not   sure but it seems that the jre requires Xlibs. I'm using ubuntu server so i don't have any X... How to solve my   problem ?
<elb0w> pmatulis: didnt ask for any, but thanks
<RoyK> fooman2011: just use a local X server, ssh -X to the server and the app should appear on your desktop
<RoyK> local, as in on your desktop
<RoyK> if you're on linux or OS X, it should be in there by default, if on windoze, use xming and putty
<fooman2011> sorry i'm a newbe i don't undertsand :/
<fooman2011> mmh ok
<fooman2011> but i don't want to see anything
<fooman2011> my problem is when i want to install the jre
<fooman2011> i have:
<RoyK> some windows version, afaics
<fooman2011> The following NEW packages will be installed: avahi-daemon dbus gsfonts gsfonts-x11 java-common libasound2 libavahi-core7 libdaemon0 libfontenc1 libice6 libltdl7 libnss-mdns libpython2.7 libsm6 libxfont1 libxi6 libxt6 libxtst6 odbcinst odbcinst1debian2 sun-java6-bin sun-java6-jre unixodbc x11-common xfonts-encodings xfonts-utils
<RoyK> install xming, configure putty to do x11 forwarding, start xming, connect with the server etc
<RoyK> fooman2011: just install them
<fooman2011> i don't want to use X
<pmatulis> funny, on ubuntu live CD sshd is not installed but there is a sshd_config file
<RoyK> fooman2011: it won't start a big-ass x server, it will only allow you to use remote X
<fooman2011> it's not a big problem to install all of this X stuff on ubuntu server ?
<fooman2011> ok
<fooman2011> thank you very much Royk
<fooman2011> :)
<RoyK> fooman2011: no, it's not, I have it on almost all my ubuntu servers
<fooman2011> let's go for the jre then :)
<pmatulis> disregard my last comment.  i was looking at ssh_config
<qman__> fooman2011, you want the -headless version
<LinSkyrate> anyone that can tell me what this key is? euca-run-instances -k <your key pair> emi-DF771072
<A_B_> Hi, When I add a user in 10.10 it doesn't get added to the "users" group. Why is that, and what's it's significance. I'm learning Samba and the documentations I'm reading assumes that all users are added to the "users" group.
<jits> iptables port forwarding help needed. Please review and let me know why my 8080 port is not forwarded http://paste.ubuntu.com/615066/
<jits> someone plz help on port forwarding .. http://paste.ubuntu.com/615066/ been struggling for a long time :-(
<jits> _GoRDoN_: can you help ?
<jits> anyone here ?
<jits> lunch time ?
<jits> holiday ?
<uvirtbot> New bug: #790363 in bind9 (main) "package bind9 1:9.7.3.dfsg-1ubuntu2.1 failed to install/upgrade: el subproceso instalado el script post-installation devolviÃ³ el cÃ³digo de salida de error 1" [Undecided,New] https://launchpad.net/bugs/790363
<jits> someone plz help on port forwarding .. http://paste.ubuntu.com/615066/ been struggling for a long time :-(
<uvirtbot> New bug: #790372 in bind9 (main) "package bind9 1:9.7.0.dfsg.P1-1ubuntu0.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/790372
<roel-> i'm installing ubuntu servers automatically using the preseed method
<roel-> it works fine, but I would like to have the installer prompt for IP-address and hostname only
<roel-> the IP-address I get a prompt for if I don't specify it using preseeding, but the hostname is always set to 'ubuntu'
<roel-> is there a way to have the installer prompt for hostname as well?
<RoyK> juliux_: I guess you'll need to add that to the forward table as well, but I'm not sure
<smw> roel-, I am pretty sure there is a way to set it
<roel-> i know i can set it, but i want a prompt for it during installation
<RoyK> juliux_: that is - PREROUTING should be done before FORWARD, so I'm a bit unsure about that - have you tried to tcpdump/tshark/wireshark the traffic?
<smw> roel-, does it normally ask for it without preseeding??
<roel-> smw: that's a good question
<roel-> smw: but I think if I disable dhcp, I have to manually configure the network, including the hostname
<roel-> yes
<smw> roel-, I guess what I would do is set hostname after install...
<smw> I don't know how to help. sorry
<roel-> no problem
<roel-> the thing is that I have to set the hostname manually, and also change the /etc/hosts file
<roel-> which is a bit tedious
<jits> RoyK: telling me ?
<RoyK> erm, yes
<smw> roel-, why not have a post install script ask for the hostname?
<roel-> smw: post-install script, haven't looked into that! thanks, let me google that
<jits> ok.. no haven't tried tcpdump/tshark etc ..
<jits> RoyK: do i need to run it on the server or client ?
<RoyK> jits: the router, obviously
<jits> RoyK: ok .. installing tshark .. tcpdump said no suitable device
<jits> RoyK: tshark: There are no interfaces on which a capture can be done :-(
<roel-> smw: I might have found a way to do this
<roel-> smw: apparently i can set the 'seen' flag to false for this particular configuration option
<smw> cool
<smw> learn something new every day :-)
<roel-> so: d-i netcfg/get_hostname seen false
<roel-> i will try that tomorrow morning when I wake up, I'll let you know here
<roel-> ;)
<uvirtbot> New bug: #790379 in mysql-5.1 (main) "package mysql-server-5.1 5.1.54-1ubuntu4 failed to install/upgrade: aliprosessi installed post-installation script palautti virhetilakoodin 1" [Undecided,New] https://launchpad.net/bugs/790379
<Snugger> can someone help my ethernet internet connection does not work on my server anymore it was working yesterday
<uvirtbot> New bug: #790392 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.41-3ubuntu12.10 failed to install/upgrade: subprocess new pre-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/790392
<Jaith> I just instantiated natty on an amazon ec2 instance.  i would like to make sure i have a good sources.list file before i install apache/php/mysql/etc.  I plan to handle sensitive data on this machine.  can anyone recommend an appropriate sources.list file?
<airtonix> i need to learn how to do split horizon dns zone
<airtonix> just sayn
#ubuntu-server 2011-05-31
<qman__> Jaith, just grep all the URLs and make sure they're .ubuntu.com
<qman__> or other sites you trust
<Jaith> qman__: i was concerned about what sorts of packages might be downloaded ...like if i put 'multiverse'
<Jaith> qman__: as i understand it, i need at least 'universe' to get most of the reasonable LAMP features
<qman__> well, grepping the URLs will also show which repositories you're using too
<qman__> if you don't trust universe or multiverse, you can remove those too
<Jaith> i've left universe.  thanks for the feedback
<qman__> IMO universe should be at least trustworthy
<qman__> it's more a distinction of supported vs not
<Snugger> is update.ubuntu.com down? because i can
<Snugger> i can't connect to it for some reason
<stgraber> don't you mean archive.ubuntu.com ?
<Snugger> yes that is what i meant, newbie here i aplogize
<stgraber> seems fine from here (quickly tested from Canada, Switzerland and Germany)
<Snugger> us.archive.ubuntu.com is moving super slow on my server,and when i try to install new programs, i time out for some reason
<stgraber> what do you get when you run: host us.archive.ubuntu.com (use paste.ubuntu.com please as it's quite a long output)
<Snugger> no i'm trying to configure a driver for my usb wireless adapter for my server, so i was trying to type in wget http://www.avengergear.com/upload/WG111v3.tar.bz2  and  i time out
<Snugger> \
<stgraber> works fine here too. You quite possibly have a DNS problem on your network
<Snugger> how can i be certain?
<stgraber> you can try doing: time host archive.ubuntu.com
<stgraber> and then: time host archive.ubuntu.com 8.8.8.8
<stgraber> and look at how long it takes to run each
<stgraber> the first uses your current DNS server, the second uses google's
<Snugger> i timed out on the host archive.ubuntu.com 8.8.8.8 but the first one went through fine the 2nd time, but i timed out the first time i did it
<Snugger> still a possible DNS server issue? it wasn't acting like this earlier yesterday
<stgraber> a timeout on 8.8.8.8 would tend to indicate some other network issues
<Snugger> i'll get back to you later, i have to go
<alamar> anybody set up a central syslog loghost where multiple hosts send logging info to? are there some easy to use webinterfaces that provide filtering/searching/sorting capabilities? or how do you access the big amount of information easily?
<jMCg> Hey guys.
<jMCg> I'm looking for a *sane* version of OpenLDAP -- the one in the Ubuntu repos comes with GnuTLS, which is not sane.
<jMCg> ...or I just rebuild it to be sane. Â¯\(Â°_o)/Â¯
<gggsdds> somebody can help to takeme in the right direcction of how to increse the Java VM max memory size?
<jMCg> gggsdds: http://www.oracle.com/technetwork/java/javase/documentation/whitepapers-jsp-139357.html take a look at the Memory Management White Paper.
<gggsdds> thank you
<gggsdds> =)
<Takyoji> How would one add a user on a server; without a password, only to be used via `su`
<smw> Takyoji, just make the user and don't give it a password
<Takyoji> actually it won't let you; with adduser
<Takyoji> you have to use --disable-password instead
<smw> ok
<smw> Takyoji, good to know
<twb> 12:32 <twb> Any idea why I started getting these last night?  /lib/libpam.so.0: version `LIBPAM_MODUTIL_1.1.3' not found (required by /lib/security/pam_env.so)
<twb> 12:32 <twb> http://paste.debian.net/118461/
 * ajmitch saw a mention of that on the server mailing list, cron should have been restarted after a pam upgrade
<ajmitch> twb: restarting cron ought to get it working again
<twb> Hum, I don't remember upgrading pam yesterday
<ajmitch> no unattended security upgrades enabled?
<twb> I didn't *think* I enabled them
<twb> Maybe I did and forgot
<ajmitch> either way, there were a couple of emails about it on the server mailing list about an hour ago
<twb> OK, thanks
<Lobo29> Need help with 11.04 on Dell PE1650, after server starts and OS should start, i get Cannot display this video mode
<Lobo29> i can boot with Live CD
<twb> Lobo29: try passing vga=normal to the kernel
<Lobo29> twb: noob user twb, how do i go about doing that ?
<twb> Lobo29: can you get to the bootloader?
<Lobo29> twb: after raid and bios loads ok,  i get the error message...   I've edited grub via Live cd to be verbose, but i never see anything after bios load successful
<twb> Ubuntu did this "clever" thing of hiding grub by default, to save one measly second during boot
<qman__> you have to hit a key to bring it up, escape or shift or something
<twb> You probably need to unhide it from the live CD, unless you can manage to hit shift at exactly the right time
<Lobo29> qman__: yes, i have tried shift and I edited grub to "not be quiet and not display splash screeen" ... seems the Cannot display this video mode is also blocking me from seeing grub menu
<qman__> also in their infinite wisdom, grub2 now uses a high resolution display mode by default
<twb> Lobo29: ah, that's because grub helpfully also- right
<qman__> so you'd have to configure it to VGA
<twb> qman__: only on x86
<twb> Lobo29: this is why *I* set up systems with extlinux
<twb> Which is the same codebase as everyone already uses for CDs (isolinux) and netbooting (pxelinux)
<Lobo29> qman__: in grub, i uncommented the display line, to force 640x480,  found that fix, but doesn't seem to  help
<twb> # Uncomment to disable graphical terminal (grub-pc only)
<twb> GRUB_TERMINAL=console
<twb> ...in /etc/default/grub, then run update-grub
<qman__> probably need to disable KMS altogether, or something similar
<qman__> yeah
<Lobo29> twb: i believe i've done the edits you've mentioned.  after update-grub i went back in a 2nd time on Live cd and looked at grub again,  changes i made are there
<Lobo29> wondering if i go back in time and try 10.04 server may work instead ?
<qman__> do you have a separate /boot? if so, did you make sure it was mounted when you ran update-grub?
<qman__> 10.04 uses grub2 and KMS, so that probably won't help
<qman__> you'd have to drop back to 8.04 or 9.04 to get grub1 and no KMS by default
<qman__> 9.04 is past EOL
<Lobo29> qman__: it does have separate boot, this  is my first server attempt.  copied steps from website to make this a clonezilla server
<qman__> the configuration that grub actually uses at boot time is loaded in /boot
<Lobo29> ran partition defaults for 'use entire disk and lvm'
<qman__> so that partition must be mounted when you run update-grub
<qman__> otherwise changes won't get applied
<Lobo29> qman__: i have gone back on live cd and looked at grub, changes i've done have been made.
<qman__> the files in /etc are only used to generate that configuration file
<qman__> grub itself doesn't look at them
<Lobo29> qman__: i went to /etc/default when i ran gedit on grub
<qman__> yes
<qman__> that file does not directly affect grub
<qman__> it is merely used to generate the configuration file that grub actually uses, which is in /boot
<Lobo29> qman__: ah ok, maybe that is my issue
<qman__> so if /boot is not mounted when you ran update-grub, it would not make the change apply
<qman__> you need to run update-grub with /boot mounted
<Lobo29> qman__: ok,  i did mount /dev/sda1 before starting
<Lobo29> this isn't good, i've eaten half a pan of brownies trying to resolve this :O
<twb> hash isn't exactly good for critical thinking
<Lobo29> twb: expands the thinking process
<qman__> the actual config file grub uses at boot time is /boot/grub/grub.cfg
<qman__> manually editing it is normally a bad idea since it will be overwritten, but you can check it to see if it reflects your changes
<Lobo29> qman__: i'm booting back up with live cd now,  i can check that in few
<Lobo29> qman__: ok, i'm at /boot/grub,  did ll and shows gfxblacklist.txt and grubenv, just those 2 files
<qman__> should be a lot more files than that
<qman__> about 185, to be more precise
<Lobo29> ok, i'm poor cli skills, how do i verify i've mounted sda1 ?
<qman__> mount
<qman__> or df -h
<Lobo29> mount shows  /dev/sda1 on /mnt/sda1 type ext2 (rw)
<qman__> well, that won't do you any good
<qman__> you need it to be mounted at /boot (relative to your shell) for grub-install to do its job
<Lobo29> last item on df is /dev/sda1
<qman__> mount your system's / in a location (e.g. /mnt/myinstall), then mount your system's /boot inside it (/mnt/myinstall/boot)
<qman__> then chroot in there and run grub-install
<Lobo29> remember i'm booted from live cd to look at  boot disk, if that matters ?
<qman__> oh, probably have to mount /dev and /proc in there too
<qman__> mount -t proc /mnt/myinstall/proc; mount -o bind /dev /mnt/myinstall/dev
<qman__> chroot /mnt/myinstall /bin/bash
<qman__> update-grub
<Lobo29> qman__: grr, sorry, wasn't working,  trying again,  i need to sudo before all those :P
<Lobo29> qman__:  sorry, sudo mount -t proc /mnt/myinstall/proc gives me  the verbose help list of mount ?
<Lobo29> i also did sudo mkdir /mnt/myinstall/proc  and /dev
<Lobo29> qman__: ok, now if i run df,  i show /dev/sda1  with /mnt/myinstall/proc and /dev
<Lobo29> qman__: still with me ?
<Lobo29> Anyone here a grub editor expert ?
<BuenGenio> good'o gents
<BuenGenio> (and lassies)
<BuenGenio> Postfix question... Are there 2.8.x packages for 10.10  or 11.x ?
<jmarsden> BuenGenio: rmadison says:   postfix | 2.8.1-1~maverick1 | maverick-backports | source, amd64, i386
<jmarsden> So there is one for Maverick in maverick-backports...
<BuenGenio> what, how do I get it? and what about 2.8.2 or .3 ?
<jmarsden> rmadison also says:    postfix | 2.8.2-1ubuntu2.1 | natty-updates | source, amd64, i386
<jmarsden> So there is a 2.8.2 version for natty (11.04) in natty-updates.
<BuenGenio> is it dangerous using the natty version on Maverick ?
<jmarsden> Probably.  You should backport it yourself (recompile the source package) at least, if you want to do that.
<jmarsden> There is also:  postfix |    2.8.3-1 |       oneiric | source, amd64, i386
<jmarsden> But you definitely would want to backport and test that one carefully before using it :)
<twb> It depends WHY you want 2.8
<twb> If it's just because it's new and shiny, you should suck it up and run the integrated, tested, well-understood version that came with your release
<BuenGenio> well, whitelist support for one
<jits> hi guys .. my port forwarding is not working. please review http://paste.ubuntu.com/615066/ and help me fix it...
<twb> You have to make a judgement call about whether it's worth the effort (and instability) to get that feature/bugfix/shiny
<twb> e.g. it was worth me making openssl-based libldap packages (because they fixed passwd(1) for LDAP users), but not to replace syslogd with rsyslogd in hardy.
<jits> twb: can u help me plz ..
<twb> jits: English, please.
<jits> twb:  my port forwarding is not working. please review http://paste.ubuntu.com/615066/ and help me fix it...
<twb> jits: looks like you're using iptables-restore, so you should ask #netfilter
<koolhead11> hi all
<jits> ok .. thanks ..
<twb> jits: but the problem is probably that you don't allow -d 10.1.0.20 -p tcp --dport 8080 in FORWARD
<jits> twb: okay .. so pre-routing is not the right thing ? I got it working once .. but then i had opened all ports . :-s
<twb> jits: you need both
<jits> twb: i tried http://paste.ubuntu.com/615198/ .. added forward accept to port 8080 .. did not work :-( .. netfilter no one is responding
<JamezQ1> Hey guys, what do I need to install to get a usb external terabyte drive to work in ubuntu server
<twb> JamezQ1: ubuntu-standard
<JamezQ1> twb, what?
<twb> JamezQ1: you need the "ubuntu-standard" package
<JamezQ1> twb, will that install any unessicary gui, or anything like that?
<twb> !TIAS
<twb> Grmph
<JamezQ1> tias?
<twb> JamezQ1: no
<JamezQ1> alright, then I'll do it, thanks
<twb> ubuntu-standard is almost certainly already installed, and you just don't know how to deal with hard disks
<JamezQ1> ubuntu-standard is already the newest version.
<JamezQ1> what...
<twb> JamezQ1: what isn't working NOW?
<JamezQ1> an external "free agent go" drive.
<JamezQ1> It works fine when normal ubuntu was running on it, it does not work correctly with ubuntu server
<twb> Define "works"
<JamezQ1> I tried fdisk -l, and nothing shows up, that *is* what the wiki says to do
<JamezQ1> it connects and can trasfer files back and forth?
<twb> fdisk -l is wrong.  You should be checking /proc/partitions.
<twb> Disks are not mounted by default.  Assuming the disk exists (check /proc/partitions and dmesg), you will need to mount and unmount it manually, or deploy infrastructure to do so automatically.
<twb> The latter is not part of ubuntu-standard, but IIRC ubuntu desktops do it (which personally I think is bloody stupid)
<JamezQ1> it gives many errors, as shown here
<JamezQ1> http://pastebin.com/kM6nHmRW
<twb> Yeah, [524869.156539] hub 4-0:1.0: unable to enumerate USB device on port 2 says it's not working
<JamezQ1> alright, yea
<twb> If this is a 2.5" USB disk, provide external power, or try a different USB hub/port cluster
<JamezQ1> cat partitions shows "dm-0/dm-1", idk what that is.
<twb> If this is a 3.5" USB disk, it will already have external power... not sure what you can do there other than swap in different components (different USB port, different USB cable, different power cable, different motherboard)
<twb> JamezQ1: dm-0 will be your LVM LV, or possibly fakeraid
<JamezQ1> alright
<JamezQ1> any reason it works in desktop and not server?
<twb> no idea
<JamezQ1> alright
<twb> You're try both on the same hardware?
<JamezQ1> yes
<JamezQ1> and same port
<twb> Same kernel version (e.g. 2.6.32?
<JamezQ1> oh, I am not sure about that, but both 10.04
<twb> OK
<twb> In that case only thing I can think of is maybe your HDD doesn't like being turned on before (after?) the computer
<twb> Or likewise being unplugged/plugged when it's turned on
<twb> I'd try to reproduce the behaviour with a different USB enclosure
<JamezQ1> hmm
<JamezQ1> eh, got it to work in a different port
<JamezQ1> then did fdisk -l, made the dir, and it worked
<JamezQ1> thanks a lot, I might not have tried it without you.
<JamezQ1> Sorry, though, I really should have ruled all of them out for you :(
<JamezQ1> I apologize
<JamezQ1> bye
<Bacta> How are server side mail filters implemented?
<twb> Bacta: carefully?
<Linskyrate> can you deplay desktops via ubuntu server thrugh privat cloud with no Amazon involvement?
<ikonia> !ops | Bacta is on a namespace wide ban - please remove and speak to IRC council for confirmation
<ubottu> Bacta is on a namespace wide ban - please remove and speak to IRC council for confirmation: Help! Channel emergency! soren, lamont, mathiaz or tom
<twb> Linskyrate: I suppose so, although I don't see why you'd deploy *desktops* in the cloud
<twb> Linskyrate: if you want something like Windows Terminal Server, see LTSP
<Linskyrate> twb: just a thought
<Linskyrate> would be an ASP killer if cost is good
<twb> Uh... huh.
<Linskyrate> twb: LTSP?
<twb> I don't think anyone with any brains uses ASP *now*
<Linskyrate> quit
<LinSkyrate> Ok... discover ubuntu cloud server.. done that.. awfull litle info on youtube, exept for the install part, but what next?
<LinSkyrate> seems that everybody has the hang of installing, but image behavier etc are left out.. yes you can link to Amazon, but if you want a private cloud then?
<twb> I think if you're asking youtube for technical information, you have two problems
<_ruben> heh
<twb> The only video I can remember that was vaguely useful on youtube was some blind guys talking about how awesome they made smartphones (iphones?) for blind people
<twb> And you can imagine how pointless the video channel of that was -- two blind guys sitting in front of a camera, talking
<roel-> smw: that 'seen' flag doesn't seem to work
<roel-> smw: when I install manually, the installer asks for the new hostname very early on, but when I set the other network info (gateway,nameservers,netmask,dhcp off etc), the hostname prompt is skipped altogether
<roel-> i would like to see this preseeding code
<uvirtbot> New bug: #790572 in mysql-5.1 (main) "mysqld randomly crashes on SHOW ENGINE INNODB STATUS" [Undecided,New] https://launchpad.net/bugs/790572
<reisi> any ideas how i could preview which packages are to be updated, using commandline tools only? there are a few i'd like to hold
<greppy> reisi: sudo apt-get update && sudo apt-get upgrade
<reisi> greppy: ok, i was just wondering if it could be queried
<reisi> hmm nice, after getting an 10.04.1 to 10.04.2 the motd is screwed; there's the normal issue, welcome, documentation, and under it the same again, and pre-update package counts, system restart required
<reisi> echo > /etc/motd.tail cleared it; there seems to be some discussion about this before the lts release, but nothing since
<_ruben> yeah, something really screwed up the motd generation a while ago
<codec> heya.
<codec> can someone help me out with a UEC problem on maverick? all my VM types report 0000 / 0000 since my rootfs filled up last night ... i fixed that and since that i cant see the (still) running instances and neither start new ones..
<EricJ> I'm having problems with multiple modules being loaded for my hardware. Any suggestions on how I prevent the erroneous ones from loading?
<EricJ> simply blacklisting them in /etc/modprobe.d/ doesn't seem to help..
<pmatulis> codec: sounds like you've lost contact with your cluster controller
<codec> pmatulis: euca_conf --list-clusters --list-scs --list-walruses --list-nodes shows everything
<codec> pmatulis: but the cc.log says  refresh_resources(): bad return from ncDescribeResource
<nkv> EricJ: once you blacklisted them, did you unload the incorrect module?
<nkv> I usually have to do that manually after I setup the blacklist
<EricJ> nkv: indeed I did,
<EricJ> turns out I had junk laying around in /etc/modules, and that modules specified there are loaded regardless of blacklists >_>
<nkv> Oh yeah.. That is higher priority than /etc/modules.d
<nkv> I mean modprobe.d
<codec> axis2/services/ shows EucalyptusNC but axis2/services/EucalyptusNC gives me a 404?!
<nkv> it's too early to think :)
<uvirtbot> New bug: #790661 in nova (universe) "nova-network should depend on dnsmasq and bridge-utils" [Undecided,New] https://launchpad.net/bugs/790661
<codec> can someone do a grep -i services /var/lib/eucalyptus/db/eucalyptus_config.script for me?
<codec> or grep -i EucalyptusNC
<bencc> apt-get upgrade doesn't work because of this bug: https://bugs.launchpad.net/ubuntu/+source/pam/+bug/790538
<uvirtbot> Launchpad bug 790538 in pam "pam update causes cron to stop working with "Module is unknown" error" [Critical,Confirmed]
<bencc> shouldn't it handle regression bugs automatically?
<pmatulis> bencc: shouldn't apt-get handle a bug?  huh?
<bencc> pmatulis: not the bug but a regression bug
<bencc> someone uploaded a bad version of a package
<bencc> that's it? everything is waiting for it to fix?
<bencc> can't the bad package be removed and apt-get automatically revert to the old package
<pmatulis> bencc: it has been removed
<pmatulis> bencc: that's nothing to do with apt-get.  it will install the latest stuff
<bencc> so why does apt-get upgrade fails?
<bencc> pmatulis: I've installed a fresh ubuntu-server 11.04 and did:
<bencc> apt-get update && apt-get upgrade
<bencc> and getting lines like: Err http://us.archive.ubuntu.com/ubuntu/ natty-updates/main libpam0g amd64 1.1.2-2ubuntu8.2
<bencc> so, something is broken in the repository not just the package
<Pici> Thats normal.
<bencc> why?
<zul> soren: did you get xen working yet?
<Pici> Majorly broken updates are typically manually removed from the archives so that people won't accidentally upgrade to them.
<bencc> Pici: so is there an apt command to handle it automatically?
<bencc> apt-get revert to stable or something
<Pici> bencc: You could try using --ignore-missing if there are other updates that you need to get at this time.
<bencc> Pici: ok. still feels bad
<soren> zul: It works fine on real hardware. I can't get it work in KVM anymore :(
<zul> soren: good except the kvm bits
<zul> soren: i need to get the ubuntu bits uploaded still sitting on them
<soren> zul: Like what?
<zul> soren: like libxen3->libxen4
<zul> stupid libvirt
<uvirtbot> New bug: #790673 in bind9 (main) "package bind9 1:9.7.0.dfsg.P1-1ubuntu0.2 failed to install/upgrade: el subproceso instalado el script post-installation devolviÃ³ el cÃ³digo de salida de error 1" [Undecided,New] https://launchpad.net/bugs/790673
<soren> Um.. You're the one who changed the xen stuff to build a libxen3-dev rather than a libxen-dev.
<zul> soren: right
<zul> soren: but the libraries that libvirt need is in like 4 different packages now as well
<soren> zul: What does it need other than libxen-dev?
<zul> xenstore i think is one im sure there is more
<soren> I only see libxen-dev.
<zul> in the xen 4.1 package?
<soren> No, in libvirt's dependencies.
<zul> doh...i didnt notice that....nm then
<soren> :)
<zul> that will certainly make life easier then
<koolhead11> RoAkSoAx, hey
<slhsen> hey, can i upgrade a server from jounty to lucid using alternate-cd iso?
<Pici> slhsen: You'd need to go through Karmic first.
<soren> hallyn: Do you plan on updating libvirt anytime soon?
<hallyn_> soren: I have a candidate source package, but it had some problems
<hallyn_> jdstrand was looking into one CVE regression
<hallyn_> soren: definately it needs to get updated for this cycle
<soren> hallyn_: ok
<lynxman> zul: any thoughts about upgrading erlang to a newer version for this cycle?
<zul> lynxman: why?
<lynxman> zul: we're running R13B03, latest stable one being R14B03, we're a full major version behind
<zul> lynxman: maybe...well see what debian does
<lynxman> zul: sounds fair :)
<hallyn_> soren: do you have a need for a particular version soon-ish?
<soren> hallyn_: I don't know. I have an issue that I was wondering whether was fixed in 0.9.X.
<hallyn_> soren: http://people.canonical.com/~serge/libvirt-0.9.1-sync.2.tar.gz has the source i was working with if you want to test
<soren> hallyn_: And what was the problem with it?
<hallyn_> soren: oh i meant test to see if it fixes your problems.  THe package did work fine for me, but there were failures from the regression testsuite
<hallyn_> let's see - one was just that 'driver name='phy'' stopped working (which is notabug)
<hallyn_> THe other was CVE 2010_2239
<soren> hallyn_: Why did you remove [linux-any] from all the dependencies?
<hallyn_> isn't that invalid for ubuntu?
<hallyn_> I read that as 'not hurd'
<cocoa117> is it still possible to do-release-upgrade from 9.04 to 9.10?
<cocoa117> i got error message "An upgrade from 'jaunty' to 'lucid' is not supported with this tool."
<pmatulis> cocoa117: there is a wiki page on doing stuff like that (EOL upgrades)
<Pici> !eol
<ubottu> End-Of-Life is the time when security updates and support for an Ubuntu release stop, see https://wiki.ubuntu.com/Releases for more information. Looking to upgrade from an EOL release? See https://help.ubuntu.com/community/EOLUpgrades
<cocoa117> when i look at my /etc/update-manager/release-upgrades
<Pici> Last link ^
<cocoa117> cool, thanx guys
<RoAkSoAx> koolhead17: o/
<cocoa117> what is the linux-image-virtual for? is it for domU ubuntu? i am running Ubuntu server on a Xen, should i use linux-image-virtual over linux-image-server?
<smb> cocoa117, It is generally geared towards virtual machine installations. It may miss some modules as it tries to be lean. The server kernel does not have the virt drivers build-in. But if you are currently ok, I'd probably not change it
<cocoa117> smb, thanx, well i am using xen version of kernel, so don't know if it's going to be ok. i am going to test after upgrade
<smb> cocoa117, I assume that is a hardy to whatever upgrade then...?
<cocoa117> smb, actually, it is 9.04 EOF to 9.10 to 10.04
<cocoa117> have bit of trouble at the moment, even with help from EOF upgrade wiki
<smb> cocoa117, So in that case going from a kernel package with xen in its name I would go for -virtual
<cocoa117> smb, ok, whats the procedure then. I need to do-release-upgrade first to 9.04 ->9.10 -> 10.04, i guess i should do apt-get install *-virtual after?
<cocoa117> not sure if the newly install kernel allow me to login after upgrade
<cocoa117> need to test
<smb> I would hope/assume that the upgrade path does this, yeah
<smb> I mean automatically move from a xen kernel to virtual...
<cocoa117> yes, same thoughts
<RoAkSoAx> zul:
<RoAkSoAx> zul: ping
<zul> RoAkSoAx: pong
<RoAkSoAx> zul: hey!! I was just looking into merging pastedeploy and in Ubuntu the delta was to enable the tests, however, in the new upstream release the tests have been excluded from the released tarballs..
<RoAkSoAx> zul: so in this kind of cases we can just forget about the tests or should we patch the source re-adding them?
<WMP> hello
<WMP> why php5-mysql have in depends apache?
<zul> RoAkSoAx: do you know why it was remomved?
<RoAkSoAx> zul: changelog doesn't say anything elkse but "Excluded tests from release distributions"
<RoAkSoAx> zul: that's upstream's changelog, not debian
<zul> RoAkSoAx: disable the tests in the debian package then
<RoAkSoAx> zul: cool, thanks ;)
<orudie> How can I generate a new client. Haven't done this in a while
<xokvictor> who tell me? how set ubuntu-server as server for think clients?
<orudie> hmm. when i type ./vars it tells me permission denied
<orudie> as root
<giovani> orudie: you're going to have to give us more information than that
<cocoa117> after following EOF upgrades Jaunty, I still got error message Cannot upgrade
<cocoa117> An upgrade from 'jaunty' to 'lucid' is not supported with this tool.
<cocoa117> it should upgrade to Karmic!!! any cli to manually set it?
<cocoa117> tar: Removing leading `/' from member names
<cocoa117> pcilib: Cannot open /proc/bus/pci
<cocoa117> lspci: Cannot find any working access method.
<cocoa117> is this need to be solved before do-rlease-upgrade?
<xokvictor> who can tell me? how set ubuntu-server as server for think clients?
<SpamapS> xokvictor: thin clients you mean?
<xokvictor> SpamapS, sorry, yes
<WinstonSmith> hi :) is there a howto or similar to install the latest perl 5.14?
<WinstonSmith> or newer debs than the stock 5.10?
<koolhead17> hello all
<koolhead17> RoAkSoAx: i wanted to know if you had chance to test the multicasting capability of cobbler
<RoAkSoAx> koolhead17: hey, not yet I'm gonna be working on cobbler later this week though
<koolhead17> RoAkSoAx: cool. i will update the wiki as you suggested after running second test from my end tomorrow. :)
<RoAkSoAx> koolhead17: yeah I think we need to create a category for all of these
<RoAkSoAx> Such as "Enablying features"
<uvirtbot> New bug: #790774 in openssh (main) "ssh hangs after inactivity (maybe when connection is lost)" [Undecided,New] https://launchpad.net/bugs/790774
<RoAkSoAx> Enabling*
<koolhead17> yes. i will do it as you suggested, creating a new section and all
<RoAkSoAx> koolhead17: cool ;) thanks for helping out!!
<koolhead17> RoAkSoAx: its mutual :D
<koolhead17> am going to trouble you for koan as i have not tested it on kvm/vmware
<RoAkSoAx> koolhead17: sure thing
<koolhead17> :)
<sw0rdfish> hey guys how do i fix this
<sw0rdfish> perl: warning: Setting locale failed.
<sw0rdfish> perl: warning: Please check that your locale settings:
<sw0rdfish> 	LANGUAGE = (unset),
<sw0rdfish> 	LC_ALL = (unset),
<sw0rdfish> 	LANG = "en_US.UTF-8"
<sw0rdfish>     are supported and installed on your system.
<sw0rdfish> perl: warning: Falling back to the standard locale ("C").
<Kiall> Hi all .. Does anyone have an example of preventing large files from entering the cache? Ideally based on the Content-Length ..
<Kiall> lol
<Kiall> wrong channel ;)
<Kiall> (hell - even wrong IRC server ;))
<sw0rdfish> lol<
<jMCg> Kiall: which cache/server?
<zul> hallyn: hey are you going to do a libvirt upload anytime soon
<Kiall> jMCg, varnish :)
<Kiall> but .. got the answer in the #varnish channel on another server ;)
 * RoyK wonder why Redpill Linpro still sticks to their own network
<hallyn> zul: i'm waiting in feedback from jdstrand
<hallyn> i may investigate the remaining issues myself this afternoon though
<zul> hallyn:cool im going to do a testbuild with libxen-devel and write the MIR up for it today hopefully
<zul> SpamapS: where are we with mysql 5.5?
<jMCg> Kiall: and what was the answer?
<RoyK> zul: postgresql 9 is nice ;)
<SpamapS> zul: side tracked with a few other things. Should submit it to Debian later this week tho
<Kiall> jMCg, override the internal TTL after the item has entered the cache, triggering an immediate expiry  ..
<zul> SpamapS: cool
<sw0rdfish> anyone got experience with ajaxplorer?
<uvirtbot> New bug: #790841 in bind9 (main) "package bind9 1:9.7.0.dfsg.P1-1ubuntu0.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/790841
<hallyn_> is anyone running kvm on a lucid system who can confirm bug 790789?  Particularly if you can say you're on intel and not affected, but any datapoints...
<uvirtbot> Launchpad bug 790789 in qemu-kvm "KVM Guest freezing following Ubuntu update" [Undecided,New] https://launchpad.net/bugs/790789
<RoyK> henkjan_: I'm running a few VMs on my Lucid server, and haven't seen that - that said, I'm not running asterisk on any of them. I used to work with asterisk a few years ago, and got a little fed up with the code, to put it mildly...
<RoyK> http://karlsbakk.net/fun/asterisk-installation.wav http://karlsbakk.net/fun/asterisk_architecture.jpg
<cocoa117> is the ubuntu-standard metapackage as ideal choice for ubuntu server
<smw> cocoa117, ubuntu-server
<smw> cocoa117, you can then use taskel to install other groups of packages (or apt-get)
<cocoa117> i can't see the ubuntu-server metapackage
<smw> cocoa117, in that case I think it is ubuntu-standard
<RoyK> cocoa117: just install ubuntu server, hook off ssh server and do the rest manually
<RoyK> cocoa117: the basic ubuntu install gives you a basic server
<RoyK> no services, just a server setup
<smw> cocoa117,  This package depends on all of the packages in the Ubuntu standard system.
<smw>  This set of packages provides a comfortable command-line Unix-like
<smw>  environment.
<smw>  .
<smw>  It is also used to help ensure proper upgrades, so it is recommended that
<smw>  it not be removed.
<cocoa117> Royk, hi, i installed it with Xen-tool, so don't know what package is installed
<smw> I would say it is a good thing for server.
<RoyK> cocoa117: just install whatever services you need
<RoyK> cocoa117: a server isn't a set of services, it's a platform onto which you can install services
<cocoa117> RoyK, k, just want to be sure, it didn't install xwindows, which is wasting space
<RoyK> cocoa117: if you need SMB, install samba, if you need web, install apache or lighttpd or something, if you need php ..... et cetera et cetera ad infinitum
<cocoa117> got it
<RoyK> don't install a 'base package' with all sorts of crap - install what you need. period.
<RoyK> heh
<smw> RoyK, um... I would like for stuff like wget to be installed automatically...
<smw> RoyK, which is why ubuntu-standard is better than ubuntu-minimal :-P
<smw> RoyK, I am also not sure minimal comes with cron... it depends on the distro
 * RoyK creates metapackages for such setups
<RoyK> the standard install is small enough for most setups
<smw> RoyK, you mean like ubuntu-standard? lol
<RoyK> no, server install
<RoyK> no gnome etc
<smw> RoyK, ubuntu-desktop is gnome, etc
<smw> RoyK, ubuntu-standard appears to be server. I need to look at the ubuntu server preseed file to be sure.
<RoyK> smw: we have a bunch of machines used by scientists at work, they need a truckload of packages, python, fortran, libgrid, libcdf etc - I created a metapackage for the lot
<smw> RoyK, that is a good idea
<smw> RoyK, I am making a scientific linux (rhel 6) ami and I am realizing how much is missing from "base"
<RoyK> smw: once I'm done with it and have trimmed it down, I may post it
<fooman2011> hello :)
<RoyK> smw: what packages do you need in your setup?
<smw> RoyK, not many actually. I love htop though :-)
<smw> RoyK, it is yet another top... but better ;-)
<RoyK> I know
<RoyK> eats more than half my terminal :P
<RoyK> compute nodes are dual 12-core opterons
<fooman2011> I newbe under linux so my question may be seems stupid... I have used apt-get to add a package A. Then i have used apt-get to add a package B. B depends on A. Now i have to get the package A from another repository. It's possible to do this without removing the package B ?
<fooman2011> not sure that my question is clear
<smw> fooman2011, I believe apt always fetches the newest package
<smw> fooman2011, so if the other repo has the newest package, it will switch to that repo
<fooman2011> ok so how to tell to apt to get the specific version from the "PPA" ?
<smw> fooman2011, without package B being affected
<smw> fooman2011, is it newer? just update
<RoyK> smw: it doesn't seem to show hard/soft pagefaults, though
<smw> RoyK, you can configure what it shows...
<fooman2011> mmh sorry but "just update" i don't know how to do that
<smw> RoyK, I don't know if those are options
<RoyK> couldn't find pagefaults at first sight, though
<smw> fooman2011, is the new repo installed?
<fooman2011> i have added the ppa using the add-apt-repository
<smw> fooman2011, sudo apt-get update; sudo apt-get upgrade
<RoyK> smw: dist-upgrade is generally safer in case a jump from 10.04.1 to .2 etc
<RoyK> well, not necessarily safer, but easier
<smw> RoyK, at, that help for when it does not update a package?
<smw> s/at/ah/
<fooman2011> it's another build i dont know if it's newer or older but this is the one i need
<smw> RoyK, I have always forced the updates by hand XD
<fooman2011> first the repository. Is this correct ? sudo add-apt-repository ppa:https://launchpad.net/~rvm/+archive/mplayer?field.series_filter=lucid
<RoyK> smw: I guess it might help dependencies
<smw> fooman2011, no idea. I don't use add-apt-repository
<smw> fooman2011, if you copy and pasted it from somewhere... it should be right :-P
<fooman2011> i just want to install this: https://launchpad.net/~rvm/+archive/mplayer?field.series_filter=lucid
<fooman2011> how to do this please ?
<RoyK> he - using mplayer on a server?
<smw> fooman2011, aren't there instructions?
<smw> RoyK, it is great for transcoding
<fooman2011> yeah i will do this:
<fooman2011> sudo add-apt-repository ppa:rvm/mplayer
<smw> what is is mplayer good for? It is an aweful player
<RoyK> smw: better than ffmpeg?
<fooman2011> but then how to know which package apt-get will get ?
<fooman2011> from the other repository of from the ppa ?
<fooman2011> maybe it ask to me ?
<fooman2011> " add-apt-repository: command not found"
<fooman2011> pffff
<fooman2011> it's write here: http://doc.ubuntu-fr.org/ppa
<fooman2011> how it's is possible ?
<fooman2011> use linux is very hard....
<fooman2011> very not user friendly :(
<fooman2011> So please could you tell me how you add a PPA ?
<RoyK> fooman2011: lol - try solaris or freebsd or HP/UX or AIX or something and come back here and tell me linux isn't userfriendly :D
<fooman2011> :/
<RoyK> the only unix system I know being slightly more userfriendly than ubuntu is OS X, but then only for select software
<fooman2011> ok for info the enable the command add-apt-repository you have to install sudo apt-get install python-software-properties
<RoyK> possibly - no idea, really
<RoyK> you can edit /etc/apt/sources.list and add new repos there if you want to
<fooman2011> ok thanks but now the repository is added
<fooman2011> and when I do
<fooman2011> apt-get install mencoder
<fooman2011> it told me "already installed"
<RoyK> you need to apt-get update first
<fooman2011> ok
<RoyK> and if it's already installed, an apt-get dist-upgrade should upgrade it
<fooman2011> i'm not sure that is a newer version
<fooman2011> it's "another" version
<RoyK> then you'll need to uninstall the version you have and specifically install the new version
<RoyK> apt-get remove --purge
<RoyK> is your friend
<fooman2011> ok but it's my first question
<fooman2011> if i remove this package i have to remove all the packages which depends on it
<fooman2011> " Failed to fetch http://ppa.launchpad.net/rvm/mplayer/ubuntu/dists/natty/main/binary-amd64/Packages  404  Not Found"
<RoAkSoAx> kirkland: ping
<fooman2011> the repository seems to not be valid :'(
<RoyK> fooman2011: it won't - you need to remove those specifically or by 'apt-get autoremove'
<RoyK> fooman2011: tough luck
<fooman2011> ok
<fooman2011> now i have a new problem
<fooman2011> aven after remove the dead PPA, when i apt(get update, i have this: W: Failed to fetch http://ppa.launchpad.net/rvm/mplayer/ubuntu/dists/natty/main/source/Sources  404  Not Found
<fooman2011> i have edited the /etc/apt/sources.list
<fooman2011> i don't find it into
<fooman2011> another place ?
<guntbert> fooman2011: look into /etc/apt/sources.list.d
<oyiptong> hi!
<oyiptong> i'd like to know what you do to keep multiple servers in sync with regards to packages
<oyiptong> i want to install an old package on a supported release that has been superceded
<oyiptong> on the forums, people hunt down the pacakge in http://archive.ubuntu.com/ubuntu/pool/main/ or via launchpad.net. I want to script it and do it programmatically
<fooman2011> gunterb: yes i saw it. How to remove
<fooman2011> ?
<oyiptong> what can i do?is there an apt sources location i can use?
<fooman2011> ok how to install with dependencies using dpkg ?
<oyiptong> fooman2011: i think you need to use apt-get
<fooman2011> yes but it's a file
<fooman2011> not located in a repository
<oyiptong> i think there are ways to use apt-get locally
<oyiptong> dpkg is a simple installer
<soren> fooman2011: Use gdebi
<oyiptong> apt-get and aptitude are "smart" and resolve dependencies
<RoyK> oyiptong: last I checked, dpkg doesn't install if dependencies aren't fullfilled, unless you --force it, that is
<oyiptong> yeah that's what i'm saying. dpkg won't resolve the dependencies for you
 * RoyK is tired - nite guys
 * soren tries again: gdebi
<guntbert> g'night RoyK
<oyiptong> gdebi will work
<uvirtbot> New bug: #790912 in bind9 (main) "package bind9 1:9.7.0.dfsg.P1-1ubuntu0.2 failed to install/upgrade: ErrorMessage: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/790912
<johna> I am trying work out what partition should I use for a webdav Space, about a dozen users, mixed windows and linux users.
#ubuntu-server 2011-06-01
<kirkland> RoAkSoAx: you there?
<kirkland> RoAkSoAx: looking at https://help.ubuntu.com/community/Cobbler/Installation
<kirkland> RoAkSoAx: i think we should try to fix 1 and 2 in the cobbler packaging
<kirkland> RoAkSoAx: set it to the host's ip address at least
<uvirtbot> New bug: #790967 in samba (main) "package samba 2:3.5.8~dfsg-1ubuntu2.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/790967
<sparc> Is there a way to get the installer to send it's messages to a remote syslog?
<RoAkSoAx> kirkland: i'm here
<kirkland> RoAkSoAx: cool;  i'd like you to review a cobbler change for me
<RoAkSoAx> kirkland: yeah we can definitely do that
<RoAkSoAx> kirkland: sure! :)
<kirkland> RoAkSoAx: http://paste.ubuntu.com/615564/
<kirkland> RoAkSoAx: something like that
<kirkland> RoAkSoAx: what do you think?
<RoAkSoAx> kirkland: looks good to me and I do think we should override those configs
<kirkland> RoAkSoAx: do you have a setup where you could test this?
<RoAkSoAx> kirkland: yes, applying patch now
<kirkland> RoAkSoAx: cool, let me know if it works for you
<kirkland> RoAkSoAx: i'm testing here too
<kirkland> RoAkSoAx: bug
<kirkland>  ... /etc/cobber/settings -> cobbler
<kirkland> RoAkSoAx: other than that, worked here for me
<kirkland> RoAkSoAx: http://paste.ubuntu.com/615566/
<kirkland> RoAkSoAx: i've committed and pushed to bzr
<RoAkSoAx> cool, installing now
<kirkland> RoAkSoAx: did you fix that bug ^
<kirkland> RoAkSoAx: i'll upload to oneiric if it works right for you
<RoAkSoAx> kirkland: yes I'm using your new patch from paste
<kirkland> RoAkSoAx: sweet
<RoAkSoAx> kirkland: i think i just found another bug
<kirkland> RoAkSoAx: okay?
<kirkland> RoAkSoAx: whatcha got?
<RoAkSoAx> kirkland: ok, so wlan0 is the one who has ip addr from the network
<RoAkSoAx> while br0 is the bridge for eth0
<RoAkSoAx> that i'm not using atm
<kirkland> RoAkSoAx: ruh roh
<RoAkSoAx> but when I run this: awk 'END {print $1}' /proc/net/route
<kirkland> RoAkSoAx: hmm
<RoAkSoAx> I get br0 as the interface, instead of wlan0
<kirkland> RoAkSoAx: hmm
<RoAkSoAx> kirkland: this is how ip route sh shows:
<RoAkSoAx> default via 192.168.1.254 dev wlan0  proto static
<RoAkSoAx> default dev br0  scope link  metric 1003
<kirkland> RoAkSoAx: which interface makes most sense here?
<RoAkSoAx> kirkland: in my case wlan0 as is the one who is really working and if I would like it to work out of the box it wouldn't
<RoAkSoAx> kirkland: but maybe it is a corner case
<kirkland> RoAkSoAx: hmm, this is a tough one
<RoAkSoAx> kirkland: but giving a second though, let's just not worry about it just yet cause we just need to ensure it grabs a default route interface
<RoAkSoAx> kirkland: and in my cause, I have 2 default routes, which should be avoided
<RoAkSoAx> kirkland: and if this comes as a bug with someone having multiple interfaces, then we can deal with it, unless, we ask a debconf question
<RoAkSoAx> kirkland: so we could just set the defaults the way you did it right now... but still asking the user whether we should keep that address or change it for another one, resolving the issue of having to deal with multiple interfaces on which two of them might have been misconfigured as default routes
<RoAkSoAx> kirkland: cause otherwise it just works well
<monaDeveloper> Hi, Every time I launch an ubuntu ec2 instance I just can login via ssh once with the key assigned after that I get Permission denied
<monaDeveloper> (publickey)
<monaDeveloper> I run ssh -i mykey ubuntu@ec2instance via my bash of course my OS is ubuntu natty.
<uvirtbot> New bug: #790982 in bacula (main) "package bacula-director-mysql (not installed) failed to install/upgrade: sub-processo script post-installation instalado retornou estado de saÃ­da de erro 1" [Undecided,New] https://launchpad.net/bugs/790982
<monaDeveloper> any advice?
<monaDeveloper> is there a specific room for ubuntu ec2?
<rewt> are there instructions there saying that that's a one-time key and you have to generate your own key for subsequent logins?
<RoAkSoAx> so yeah i/win 3
<RoAkSoAx> arghh
<monaDeveloper> no
<rewt> are you running ec2-run-instances with the -k option?
<RoAkSoAx> kirkland: updated docs aswell already
<monaDeveloper> actually I'm accessing a running instance that was launched via aws console
<monaDeveloper> so I login without firing ec2-run-instances
<zul> hallyn: around?
<hallyn> zul: yeah
<zul> hallyn: do you extract the linux4tegra to the flash as well?
<hallyn> no, you just install that onthe pc you'll connect with usb to the netbook
<hallyn> and, i did need to patch the install program slightly for it to work for me
<zul> gotcha
<hallyn> zul: see http://paste.ubuntu.com/615583
<kirkland> RoAkSoAx: agreed, sounds reasonable
<kirkland> RoAkSoAx: okay, well my changes are committed to the lp:ubuntu/cobbler branch
<kirkland> RoAkSoAx: feel free to release those whenever you're ready!
<airtonix> if i followed this guide to creating a self signed cert for development purposes only, do i need to add more hostnames to the cert if they are just subdomains ?
<airtonix> http://www.tc.umn.edu/~brams006/selfsign.html
<airtonix> strange, if i $ mount --bind source target then add target to /etc/exports as /exports/target and mount from a client i can see the contents of target on the server, but if i use a equiv mount command from fstab the contents of target are hidden
<airtonix> maybe not, probably just the funky /etc/exports options i was using as per the autofs wiki page
<_ruben_> bugger .. my local repo mirror doesn't have enough space left to mirror natty (or even oneiric)
<uvirtbot> New bug: #791101 in cobbler (universe) "wrong upstream URL in package description" [Undecided,New] https://launchpad.net/bugs/791101
<uvirtbot> New bug: #791111 in squid (main) "package squid 2.7.STABLE7-1ubuntu12.2 failed to install/upgrade: le sous-processus script post-installation installÃ© a retournÃ© une erreur de sortie d'Ã©tat 1" [Undecided,New] https://launchpad.net/bugs/791111
<jits1998> hello
<kickar> hey guys can someone help me to install php 5.2 and php 5.3 , so I can have both on the same machine?
<soren> No.
<koolhead11> soren, heh
<kickar> is it possible at all ?
<soren> no
<soren> If it were, someone could help you.
<koolhead11> kickar, why would someone do that?
<qman__> it is technically possible, but would require two separate web servers compiled from scratch in their own segregated areas
<qman__> which is definitely not a supported solution
<kickar> I found some howtos and tried but no luck
<kickar> I have a couple of sites that returns error in php 5.#
<kickar> 5.3
<soren> Fix them.
<kickar> is there a solution for that ?
<soren> 5.2 isn't supported.
<kickar> one of the apps that I am using is openx, and I hardly can rewrite their code
<zul> then its a bad app
<qman__> 5.2 to 5.3 isn't a major leap
<qman__> not like php4 to php5
<qman__> some stuff broke, but it's not a complete rewrite type of fix
<qman__> if the package STILL isn't updated for 5.3, I wouldn't want to run it anyway
<kickar> i tried to install php 5.2 from source but couldn't get it to run anyway
<qman__> as others have mentioned, 5.2 isn't supported
<qman__> I'm talking about your web app
<qman__> fix it yourself, complain to the authors, or find a different app
<qman__> those are the best solutions
<koolhead11> kickar, i doubt that would be a major issue. Openx is a well known ad-server IMHO
<jkakar> I have an Upstart init script for my application, which depends on PostgreSQL... I can't seem to figure out how to make it start on boot, after PostgreSQL has started... any ideas/pointers?
<koolhead11> kickar, you can also try #openx :P
<kickar> thanks
<soren> jkakar: I forget... Has postgresql been upstartified?
<jkakar> I tried looking in the Upstart Cookbook and also Googling... but to no avail.
<jkakar> soren: Nope, it hasn't.
<jkakar> soren: At least not on 10.04, which is the environment I'm using.
<jkakar> As much as Upstart is cool it's also a massive pain in the ass.  It'd be nice if we had one init system for everything.
<jkakar> One that was easy to debug for bonus points. :)
<koolhead11> jkakar, +1 :D
<jkakar> Okay, I found a solution.
<jkakar> I was using 'start on started network' before and it wasn't starting at all... now I'm using 'start on (local-filesystems and net-device-up IFACE!=lo)'.
<soren> jkakar: Yeah, that's a fairly common pattern.
<jkakar> There's a race with PostgreSQL, but we're using 'respawn' and our application does a start-up check to make sure it can connect to the database... if it can't, it bails... it gets restarted and eventually PostgreSQL is up so things work.
<jkakar> A but ugly, but it works.
<jkakar> soren: I don't understand why 'start on started network' didn't work, though.
<soren> Not sure.
<uvirtbot> New bug: #791197 in bind9 (main) "package bind9 1:9.7.3.dfsg-1ubuntu2.1 failed to install/upgrade: el subproceso instalado el script post-installation devolviÃ³ el cÃ³digo de salida de error 1" [Undecided,New] https://launchpad.net/bugs/791197
<uvirtbot> New bug: #791221 in python-mox "Test suite fails with python 2.7.2rc1" [Undecided,New] https://launchpad.net/bugs/791221
<sommer> morning all :-)
<ssureshot> can you specify */6 to run a job every six days ?
<ssureshot> in crontab ?
<patdk-wk> I don't believe it will
<Pici> ssureshot: sure
<Pici> why not/
<patdk-wk> pretty sure the *count* starts over at 0
<Pici> hmm
<ssureshot> why not what I'm asking myself why it didn't run this morning .. I set it last thursday..
<ssureshot> 0 9 * * */6 /usr/local/bin/app
<patdk-wk> I'm saying it undrestands that as running */6 times
<patdk-wk> and as only 6/6 will satasfy that, it will only run on day 6
<ssureshot> ah,, roger that.. so any */# will run on the day that number corresponds to
<zul> hey sommer
<plm> Hi all
<plm> people, my server a re with date correct. but when I create a directory ou send file to server date is worong.. why?
<plm> where I configure to proftpd use date of Operating System?
<plm> anyone?
<jMCg> plm: have you checked proftpd's documentation?
<jMCg> By default, you see, most sane servers just use UTC and so should your OS, btw :)
<BrixSat> hello im trying to boot a live cd on a pc with disk problems, how can i disable ubuntu to check disk errors?
<BrixSat> so i can recover something
<luite> is there a customized selinux ubuntu policy available from somewhere, something that's a bit more usable (that allows sshd to run /bin/bash for example...)
<jMCg> BrixSat: why would a live cd do that?
<jMCg> luite: AppArmor :)
<hallyn> luite: i'm hoping to get to that soon in the ubuntu policy.  fel free to fix it if you can
<hallyn> there is an ssh module, so it is a bug
<luite> hallyn: I'm still investigating whether to use apparmor or selinux, don't have experience with customizing profiles for either.
<hallyn> oh, then stick with aa - supported :)
<sommer> I have some time to do some iso testing... how much of that is automated?  just don't want to waste my time double checking something that isn't needed :-)
<luite> I need something that lets some daemon change its own security context (looks like both can do that) to something safe enough for execution of arbitrary code uploaded by users
<luite> apparmor policies look a bit easier to make
<hallyn> luite: seccomp?  :)
<luite> hallyn: nah that's too limited, the code still needs some file access, just very limited (no network though)
<hallyn> put it in empty netns
<hallyn> then aa for file access
<jdstrand> luite: for apparmor, you might be interested in http://wiki.apparmor.net/index.php/Documentation, specifically http://wiki.apparmor.net/index.php/Pam_apparmor_example
<jdstrand> luite: iirc, there is some stuff with changehat for ssh. you could ask in #apparmor on oftc for more info on either
<luite> ah thanks, was already reading the first link, but the example looks instructive :)
<duli> How do I know if a service is permanently on, meaning it will be started after reboot?
<luite> are there major differences between selinux and apparmor in what can be defined in policies?
<jamespage> hey sommer: take a look here - http://jenkins.qa.ubuntu-uk.org/view/oneiric-server/
<jamespage> this is what is currently automated.
<sommer> jamespage: ah sweet
<jamespage> that said its nice to have manual tests as well as they do (sometimes) pickup UI issues.
<ScottK> jamespage: How does one get additional tests added to that?
<jamespage> ScottK: well to start with the preseed and the tests need to be developed and integrated into the ubuntu-server-iso-testing project (see http://launchpad.net/ubuntu-server-iso-testing)
<SpamapS> sommer: o/ !
<sommer> SpamapS: hello hello :-)
<ScottK> jamespage: I was thinking of seeing if we could get some Kubuntu tests added in there.
<jamespage> I'm hoping to fine some time this cycle to make it a bit easier as at the moment it requires the project to be re-build and re-installed on all of the test nodes
<SpamapS> sommer: BTW, the RAID1 tests aren't automated, so that would be a good one to do. :)
<sommer> SpamapS: working on that now actually... for i386 anyway
<SpamapS> sweet!
<ScottK> jamespage: If I aim a Kubuntu/QA oriented person at you, could you help them get set up?
<jamespage> that would be a good use case - jibel has done alot of work automating the desktop and alternate ISO install testing using the same framework
<SpamapS> sommer: I put in a fix early in oneiric so let me know if you have any problems
<sommer> SpamapS: will do, thanks man
<jamespage> ScottK: absolutely
 * jamespage thinks we might need a bigger server soon
<ScottK> Great.
<uvirtbot> New bug: #788059 in squid (main) "squid crashed with SIGABRT in __kernel_vsyscall()" [Undecided,New] https://launchpad.net/bugs/788059
<kirkland> RoAkSoAx: hiya
<kirkland> RoAkSoAx: would you mind releasing/uploading cobbler sometime soon-ish?
<RoAkSoAx> kirkland: howdy! yeah I wanna do that right now... I'm gonna dd the debconf stuff later... just finishing 1 minor powernap thingy
<kirkland> RoAkSoAx: sweet
<kirkland> RoAkSoAx: regarding powernap... i had something i wanted to ask you about
<RoAkSoAx> kirkland: shoot
<kirkland> RoAkSoAx: i'm wondering if it ever makes sense to run powernap in a virtual machine
<kirkland> RoAkSoAx: i'm guessing "no", except for our own testing purposes
<RoAkSoAx> kirkland: I actually though about it and wasw trying to find its uses
<RoAkSoAx> kirkland: the only thing that I came up with is that it will serve as a monitoring system to pretty much poweroff a VM whenever it was not needed
<kirkland> RoAkSoAx: i bet it'll have a very minimal impact on the host
<kirkland> RoAkSoAx: hmm, yeah
<RoAkSoAx> kirkland: cause in terms of power savings, doesn't really make any sense (specially using pm-powersave)
<uvirtbot> New bug: #791410 in apache2 (main) "Extra Apache instances not started on boot" [Undecided,New] https://launchpad.net/bugs/791410
<kirkland> RoAkSoAx: anyway, I was thinking we should have a check, and if not explicitly enabled, I think we should disable powernap if we can tell we're running in a virtual machine
<kirkland> RoAkSoAx: at which point, I'd like to make orchestra-client recommend powernap
<kirkland> RoAkSoAx: such that orchestra-managed clients are running powernap in powersave mode by default
<RoAkSoAx> kirkland: yeah... I guess we could have a pre-start in the upstart script that actually checks that
<kirkland> RoAkSoAx: yeah, that sounds good
<kirkland> RoAkSoAx: how do we tell if we're running in a vm, though?  is there a common function we can use
<RoAkSoAx> kirkland: that's the problem :).., might there be anything under /proc that tells us that?
<kirkland> RoAkSoAx: hacky, but there's /proc/cpuinfo
<kirkland> RoAkSoAx: i swear there was a new tool that did this ...
<kirkland> RoAkSoAx: maybe facter?
<RoAkSoAx> negronjl: ^^ can facter tell us if we are running in a VM?
<negronjl> RoAkSoAx: no but, you can use fact-add ( facter-customfacts-plugin ) to add a fact to that effect.
<RoAkSoAx> negronjl: ok thanks
<kirkland> RoAkSoAx: yeah, facter
<smoser> jamespage, around ?
<jamespage> smoser: yep
<RoAkSoAx> kirkland: but, if we use facter, would it make sense to add the check logic to the upstart job?
<kirkland> RoAkSoAx: sudo apt-get install facter
<kirkland> RoAkSoAx: facter
<smoser> we need test of oneiric
<smoser> images
<negronjl> RoAkSoAx: ie:  fact-add <some_new_fact> <some_new_value>
<kirkland> RoAkSoAx: facter virtual
<negronjl> RoAkSoAx: ie: fact-add vm true
<zul> kirkland: im going to be doing an upload for cobbler on friday
<negronjl> kirkland:  virtual is also used on EC2/UEC so it can be confusing
<jamespage> smoser: right - I'll get it setup to execute then :-)
<kirkland> zul: okay
<smoser> JAMES PAGE
<kirkland> negronjl: right
<kirkland> negronjl: no, it already has support for virtual
<kirkland> negronjl: we just need to consume that
<kirkland> RoAkSoAx: my only concern with doing it in upstart is that it's kinda slow
<kirkland> RoAkSoAx: (takes 0.4s here)
<negronjl> kirkland:  the problem with virtual is that it won't tell you whether it is in a VM or in the cloud
<kirkland> RoAkSoAx: that said, i think it's the right way to solve this
<kirkland> negronjl: we don't care about that
<negronjl> kirkland: ok
<kirkland> negronjl: we just want to know if we're running in a vm, or on physical hw
<kirkland> negronjl: so that we can conditionally start powernapd, or not if we're in a vm
<RoAkSoAx> kirkland: yeah that's what I was thinking but other than that the check would make sense
<kirkland> RoAkSoAx: looks like it's in main
<kirkland> RoAkSoAx: so we can depend on it
<kirkland> RoAkSoAx: okay, i like it;  you want to hack that into powernap's upstart, or should I/
<RoAkSoAx> kirkland: but, if we add that we can cause that powernap will never start in a VM if I want it to, if I'm using poweroff as action_method
<kirkland> RoAkSoAx: right, we should allow for an override
<RoAkSoAx> kirkland: or in the daemon itself
<kirkland> RoAkSoAx: or you could just edit the upstart script locally
<RoAkSoAx> kirkland: something like "if vm and action_method is powersave, kill daemon"
<kirkland> RoAkSoAx: hmm, i was thinking "if vm and not vm_override then don't start daemon (exit true)"
<RoAkSoAx> kirkland: ok, we'll have to document that though!
<kirkland> RoAkSoAx: sure
<smoser> jamespage, before going full out, let me sniff boot of a couple different instance types.
<smoser> at least recently m1.large would not boot
<RoAkSoAx> kirkland: alrighty then, makes sense to me
<RoAkSoAx> negronjl: thanks btw ;)
<negronjl> RoAkSoAx: np
<jamespage> OK - I'll do a quick test of the setup
<jamespage> smoser: ^^
<jamespage> smoser: http://tinyurl.com/3omfdej - seems to work OK; lemme know when you want to run the big one
<smoser> jamespage, what does that mean ? m1.small worked?
<smoser> if you can ... feel free to run a quick single region single ami launch of all types.
<smoser> if m1.small works i'd guess that c1.medium does.
<smoser> so amd64 types would be the ones i question
<smoser> bug 784345
<uvirtbot> Launchpad bug 784345 in linux "amd64 kernel does not boot in ec2 in m1.large" [High,Triaged] https://launchpad.net/bugs/784345
<smoser> i'm testing m1.large now
<RoAkSoAx> kirkland: just updated the powernap branch with the second stage action method if you wanna test it (and upload it for me :) )
<smoser> m1.large is good, jamespage
<smoser> go ahead and kick a full test.
<zul> JAMES PAGE
<kirkland> RoAkSoAx: you need to apply for core-dev, or per-package at least for powernap :-)
<RoAkSoAx> kirkland: I already did, meeting is next week :)
<kirkland> RoAkSoAx: sweet
<kirkland> RoAkSoAx: did you ever hear back from zonker?
<kirkland> RoAkSoAx: about testdrive?
<kirkland> (I didn't)
<RoAkSoAx> kirkland: nope, didn't hear anything I was wondering if he uses irc
<RoAkSoAx> and track him down here
<kirkland> RoAkSoAx: talk to akgraner
<kirkland> RoAkSoAx: she knows him, works with him regularly
<RoAkSoAx> kirkland: will do
<uvirtbot> New bug: #791434 in bind9 (main) "package bind9 1:9.7.3.dfsg-1ubuntu2.1 failed to install/upgrade: il sottoprocesso vecchio script di post-installation ha restituito lo stato di errore 1" [Undecided,New] https://launchpad.net/bugs/791434
<RoAkSoAx> kirkland: btw.. did you ever ask for the UPS/PDU?
<kirkland> RoAkSoAx: asked, have not received it yet
<RoAkSoAx> kirkland: neither have I
<RoAkSoAx> kirkland: ok so I'm uploading your changes to cobbler now cause I don't wnat that branch to get lost or further conflicts and when I add the debconf stuff I'll just do a new upload
<kirkland> RoAkSoAx: k
<kirkland> RoAkSoAx: just make sure you stay in sync with zul
<kirkland> RoAkSoAx: he said he's working on it too
<RoAkSoAx> kirkland: ok will do
<RoAkSoAx> zul: ping! I'm uploading recent kirkland's changes to oneiric
<zul> for what cobbler?
<smoser> jamespage, did you start test ?
<jamespage> smoser: http://jenkins.qa.ubuntu-uk.org/view/oneiric-ec2/job/oneiric_server_ec2/1/
<smoser> gratze
<hallyn_afk> soren: bug 540446, did you in fact have a patch for that?
<uvirtbot> Launchpad bug 540446 in vm-builder "vmbuilder doesn't clean up temporary files when interrupted" [Medium,Confirmed] https://launchpad.net/bugs/540446
<ilya> Hello  :)
<ilya> I can't get my euca server to talk to the node..network issues i'm assuming
<ilya> I'm running 11.04
<ilya> All help is very much appreciated :) Thank you
<adam_g> is openstack known to be working on oneiric? i noticed yesterday nova-manage was broken and still is today
<evilsushi> what are you guys using for a iptables frontend? anyone using shorewall?
<evilsushi> just wanted to get some thoughts on what everyone in here may be using.
<ilya> Can anyone help me out with getting the cloud/node talking to one another in a private network with a switch?
<sommer> evilsushi: ufw is pretty great for servers... it's host based though
<guntbert> evilsushi: I tried ufw and shorewall - liked shorewall better
<evilsushi> host based?
<evilsushi> explain.
<evilsushi> guntbert: what did you like about shorewall?
<evilsushi> the idea of zones for the network interfaces seems kinda "neat".
<evilsushi> are you using shorewall with these type of features?
<evilsushi> sommer: does ufw have the idea of a config file?
<guntbert> evilsushi: I had the task to provide a very tightly closed router - and it was easier accomplished (for me) with shorewall (I better understood its concept than that of ufw)
<ilya> silly uni internet
<ilya> here is my ifconfig output for server/node: http://pastie.org/2004371, Am I supposed to add the dns ip to the interfaces file?
<sommer> evilsushi: host based meaning not using the server to transfer traffic... ufw doesn't have a config file exactly, but integrates with some packages like samba to open the necessary ports
<sommer> evilsushi: if you need to setup a router something like shorewall is probably better suited than ufw
<sommer> evilsushi: ufw can be used though, but may require more work :-)
<sw0rdfish> when I ssh'd into my vps it said i have mail, lol how do i check that?
<guntbert> sw0rdfish: type mail (one way, install and use alpine is another)
<sw0rdfish> yep i used my imagination and just typed mail
<sw0rdfish> thanks guntbert :)
<guntbert> sw0rdfish: :) pine aka alpine is my preferred mail client on CLI
<sw0rdfish> i'll install it now
<ilya> can anyone see me?
<genii-around> ilya: We can see what you type, yes
<ilya> genii-around: great :) now if only they could have acknowledged that :) Thank you for doing that
<sw0rdfish> wow guntbert thanks alpine is pretty cool
<sw0rdfish> listen is there a program or just a way to download stuff into my vps
<sw0rdfish> via http links
<sw0rdfish> but well i guess wget will have to do it...
<guntbert> sw0rdfish: you're welcome :-)  - w3m is apretty web browser, wget for direct download
<sw0rdfish> w3m
<sw0rdfish> a cli web browser?
<sw0rdfish> nice
<sw0rdfish> i think i'll install it
<sw0rdfish> i'll install webmin too....it looks cool
<guntbert> sw0rdfish: of course :), and while you are installing: take screen too  - no, don't use webmin
<guntbert> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system.
<sw0rdfish> oh :o
<sw0rdfish> aww damn!
<sw0rdfish> i loved their screenshots
<sw0rdfish> in their website
<sw0rdfish> :(
<sw0rdfish> it seemed like a cool program to handle your server via gui stuff
<sw0rdfish> via web-based gui server thingy
<sw0rdfish> but oh well
<sw0rdfish> is there something like it out there good with ubuntu?
<guntbert> well, the *screenshots* won't hurt anything :)
<sw0rdfish> is there something like it out there good with ubuntu?
<guntbert> sw0rdfish: not to my knowledge
<sw0rdfish> guntbert: i'ma google it, :)
<sw0rdfish> while i'm installing it take screen? what ya mean by that guntbert
<guntbert> !info screen
<ubottu> screen (source: screen): terminal multiplexor with VT100/ANSI terminal emulation. In component main, is optional. Version 4.0.3-14ubuntu7 (natty), package size 571 kB, installed size 1008 kB
<ilya> when setting up eucalyptus, do i need to add dns information to the interfaces file?
<guntbert> sw0rdfish: yes, links2 even can disply images
<sw0rdfish> :o
<sw0rdfish> NiCE!
<sw0rdfish> think i'll get links2
<sw0rdfish> then
<kirkland> RoAkSoAx: pulled powernap, will review on the plane
<guntbert> sw0rdfish: please don't crosspost across ubuntu channels, and take it easy on the <enter> key - especially in #ubunutu
<RoAkSoAx> kirkland: cool, thanks!
<sw0rdfish> lol ok
<sw0rdfish> i thought they're different channels, but no big deal...
<frewsxcv> i'm installing ubuntu server and it's asking me what i want to install. what is "Basic Ubuntu Server"
<sw0rdfish> whats with irc channels and enter key, can they really get hurt with it
<guntbert> sw0rdfish: they are, but some helpers read both (and some more...)
<guntbert> !enter
<ubottu> Please try to keep your questions/responses on one line. Don't use the "Enter" key as punctuation!
<guntbert> busy channels are scrolled even fatser
<guntbert> *faster
<sw0rdfish> ok gotcha.
<sidnei> is the kernel-ppa the right place to get lts-backport kernels for lucid?
<frewsxcv> anyone have any idea why when i boot grub i get: error: fd0 read error
<frewsxcv> i think it has to do with me having a software raid
<smoser> jamespage, still around ?
<smoser> http://jenkins.qa.ubuntu-uk.org/view/oneiric-ec2/job/oneiric_server_ec2/1/ what does red mean ?
<osmosis> all of a sudden out of nowhere my server started having major IO issues. related to any updates?
<osmosis> My io times dropped without any detectable cause.  system reboot seems to have fixed.  bug?
<jamespage> smoser: well it means that something did not happen according to plan
<jamespage> for example a) server did not start-up correctly first time and had to be rebooted.
<jamespage> b) unable to run tests for some reason
<smoser> ...
<smoser> cloud-config failed across the board
<smoser> but i dont know why
<smoser> ie, please help, jamespage
<jamespage> ERROR:root:Something bad happened Unable to execute in-instance tests.
<uvirtbot> New bug: #791522 in quagga (main) "Debconf really_stop default value break unattended upgrades" [Undecided,New] https://launchpad.net/bugs/791522
<smoser> where do you see that?
<smoser> ah... it looks like our udev friend is much more common now
<jamespage> hmmm - it would appear that executing the in-instance tests results in a non zero return code
<jamespage> that message is at the bottom of the log in all of the cloud init tests I've looked at so far.
<smoser> i think that the instances are not coming up with networking
<smoser> http://jenkins.qa.ubuntu-uk.org/view/oneiric-ec2/job/oneiric_server_ec2/1/ARCH=amd64,REGION=ap-southeast-1,STORAGE=instance-store,TEST=simple-user-data,label=ubuntu-server-ec2-testing/artifact/None/amd64/m1.large/instance-store/i-793b8f2c/268a2649-0f8c-4a6b-aa66-621243928a07-running.console.txt
<smoser> yeah.
<smoser> well, that is good that it is more reproducible
<jamespage> yep - there is alot of that
<jamespage> even if a reboot fixes that it will cause a test failure = red blob
<smoser> well, thats good
<smoser> "reboot fixes my problem" isn't really ok here
<smoser> :)
<jamespage> really? and I though servers just not starting was normal :-)
<jamespage> I think the other issue might be a bit of a bug in the framework
<jamespage> all of the cloud-init tests add a ppa - which does not have oneiric content
<jamespage> apt-get update might return a non-zero
<soren> It certainly will.
 * soren had this problem on his first oneiric test box
<jamespage> would that cause the calling script to return non-zero as well?  it does not use '-e' so will not fail
<jamespage> bah - thats definately the problem
<jamespage> smoser - so that looks like a change in return code for something called during the in-instance tests - we can make that script a bit more rugged
<jamespage> I want to change it so it runs out-of-band from Jenkins anyway
<smoser> ah...
<smoser> yeah, the ppa will screw things up.
<smoser> suck
<smoser> what ppa is it?
<smoser> i will add a oneiric so it doesn't fail
<smoser> we should assert that the ppa is sane
<jamespage> http://jenkins.qa.ubuntu-uk.org/view/oneiric-ec2/job/oneiric_server_ec2/1/ARCH=amd64,REGION=eu-west-1,STORAGE=ebs,TEST=cloud-config,label=ubuntu-server-ec2-testing/artifact/tests/cloud-config/ud-cloudconfig-01.txt
<jamespage> hmm - prob should have tiny url'ed that one
<sidnei> smoser, speaking of ppa, do you know which ppa can i find the lts-backport kernels in? i suspect kernel-ppa it is, but the description says 'daily builds'
<jamespage> thats the cloud-config
<h4lfl1ng> how do i check if two computers are talking to one another over a private network using a switch?
<smoser> sidnei, don't knwo personally. i think i did the same google as you once.
<|rt|> h4lfl1ng: need more information to answer for certain especially if there are more than one route between the hosts etc
<|rt|> h4lfl1ng: but traceroute should show you the path that the traffic is taking if any routers are involved
<|rt|> h4lfl1ng: if it's only one hop then you can assume that both computers are on the same broadcast domain....but not necessarily the same switch if that's what you're looking for
<h4lfl1ng_> |rt|: the second isn't getting an internet connection, but it should through the first right?
<h4lfl1ng_> the server is connected to the internet and switch, and the other pc is connected to switch only
<h4lfl1ng_> |rt|: what other information would you need?
<|rt|> only if the first is setup to route the traffic
<jamespage> smoser: interestingly the instances of the udev issue seem to be isolated to instance-store instance rather than ebs
<jamespage> or at least it seems much worse in those tests
<smoser> so faster local disk
<jamespage> ebs is faster than instance-store?
<h4lfl1ng_> |rt|:should ping work to check if there is a connection between the two machines?
<|rt|> h4lfl1ng_: yes...assuming they are in the same subnet you should be able to ping them
<h4lfl1ng_> |rt|:they are in the same subnet 255.255.255.0, but the second machine has a bridge, which shouldn't matter right?
<h4lfl1ng_> |rt|: and the 2nd also has it's gateway set as the 1st's eth1 ip
<h4lfl1ng_> but they don't ping
<zertyu> hello there
<zertyu> how to check system performance remotely ?
<|rt|> h4lfl1ng_: I don't think the bridge would matter as it's essentially a switch
<_Neytiri_> how to i install updates via cmd line?
<|rt|> h4lfl1ng_: I would check the firewalls to make sure you're not blocking pings
<zertyu> apt-get update _Neytiri_
<zertyu> how to check system performance remotely ?
<zertyu> is that possible ?
<|rt|> zertyu: are you looking for monitoring and alerting?
<zertyu> let me explain the problem what i got, i got small web server i need to upgrade hardware in case  there is lots of usage, i don't know what i have to do
<zertyu> to see when i have to upgrade the hardware, as that thing depends on visitors usage
<|rt|> zertyu: sar can collect data locally but I tend to prefere munin, cacti, or Zenoss
<|rt|> I've also heard good things about Zabbix
<zertyu> sorry i don't get you
<zertyu> what i need exactly ?
<zertyu> do you understand what i mean ?
<|rt|> http://munin.ping.uio.no/
<|rt|> is that what you're looking for
<zertyu> i need to upgrade hardware depending the visiotors
<zertyu> where we don't know about the number visitors will come to my site
<|rt|> If I understand what you're looking for is that you want to monitor usage and trending data so that you know when you need to upgrade your server(s)
<zertyu> yes i simply want to check my system performence
<zertyu> regulary
<zertyu> and to be notify in case needing to upgrade the hardware
<zertyu> is that possible ?
<|rt|> sure using any of the packages I mentioned earlier
<|rt|> sysstat package includes sar which will collect data on the computer
<h4lfl1ng_> |rt|: this is my ifconfig info for both machines: http://pastie.org/2005277
<zertyu> wich one is the best  ?
<|rt|> but munin, zenoss, cacti, zabbix, icigna, nagios will all do this sort of thing too
<|rt|> zertyu: depends on your needs some of those I mentioned are monitoring and alerting solutions others just collect and display trending data
<zertyu> i tell you the needs
<zertyu> just only want to notify about my system performence
<zertyu> in case of lots of demands
<donnie> I just installed Ubuntu server 11.04 on Dell Inspiron E1505. Do i have to install bcmwl-kernel-source like i do in Ubuntu to setup my wifi?
<zertyu> so which is the best ?
<|rt|> zertyu: I don't think there is a "best" but if you want alerting and monitoring you'll need to use Zenoss, Zabbix, icinga, or nagios
<|rt|> zertyu: cacti may have added some alerting though
<|rt|> Zenoss is pretty heavy though so I don't know that I woudl use it to monitor one host
<|rt|> icigna or nagios would be my choice
<|rt|> but you'll need plugins to get the trending data if you want to collect that as they are less integrated than Zenoss and Zabbix in that area
<|rt|> h4lfl1ng_: what are the frame errors on machine 2 eth0
<zertyu> just find xymon what do you think about that ?
<|rt|> zertyu: looks similar to icigna and cacti but looks unmaintained if the latest release was a couple years ago
<|rt|> zertyu: nagios is in ubuntu's repo
<hggdh> zul, is the test rig available?
<zertyu> well is it possible to monitoring icinga by iphone 4 ?
<|rt|> zertyu: I believe so....icinga is just a fork from nagios...think of it as a more open nagios with a nicer web UI
<h4lfl1ng_> |rt|: where do you see the errors? by the way, i just got them talking, but now to figure out how to route the internet connection to the second
<zertyu> is it flexible for managing tasks ?
<zertyu> i don't have any experience with monitoring services
<zertyu> is it flexible for managing tasks ?
<|rt|> h4lfl1ng_: look under the 2nd machine eth0 ifconfig output
<|rt|> zertyu: what do you mean by tasks?
<zertyu> administrative task
<zertyu> administration task
<|rt|> zertyu: most monitoring and alerting systems are very flexible to the point that they can be somewhat complex to setup
<h4lfl1ng_> |rt|: oh, i see it now. It's no longer there on the machine. How would i check what the error is anyways?
<zertyu> well icinga is it easy for setup ?
<|rt|> I don't have any experience with it so no idea
<|rt|> I would assume that it's similar nagios though which is a bit picky about it's configuration files which are not always intuitive in the way the different config files interact with each other
<h4lfl1ng_> |rt|: how would i route the traffic with a switch, i found the guide for a system with crossover cable..but this is slightly different. I'll have to do it to 7 other machines
<|rt|> but perhaps icinga has moved most config stuff to the web ui
<zertyu> thanks lrtl
<|rt|> h4lfl1ng_: have a look at https://help.ubuntu.com/community/Router and https://help.ubuntu.com/community/Internet/ConnectionSharing
<|rt|> h4lfl1ng_: at the very least you'll need to enable ipv4 forwarding and setup ip masquerading (NAT)
<|rt|> h4lfl1ng_: but why use ubuntu as your gateway?  I tend to use something more geared towards that task like pfSense
<h4lfl1ng_> |rt|: and that would be enough to run apt-get?
<|rt|> pfSense is freebsd based so no
<h4lfl1ng_> |rt|: oh, it's a distro..ll, i'm creating a cloud setup, this is only temporary. Maybe later we could have a dedicated firewall/router
<|rt|> well you can run pfSense as a virtual machine if you set up the virtual networking part correctly
<ammar> ubuntu vi editor keybord problem it not wirting my words down how do i fix that
<Pici> ammar: This might sound a bit silly, but do you know how to use vi?
<zul> hggdh: always has been
<hggdh> zul, :-) just checking, better safe, and all that
<ammar> ya
<ammar> type something it dosnt work but my keybord works
<zul> adam_g: around?
<pvthodson> So whats new in the server world anything worth trying?
<hallyn_afk> ensemble :)
<pvthodson> So whats new in the server world anything worth trying?
<lynxman> ensemble
 * hallyn_afk waits for it....
<lau> i am having lots of jbd2/sda6-8(732): WRITE block 273600 on sda6 (8 sectors) on 2.6.38-8-generic #42-Ubuntu SMP Mon Apr 11 03:31:50 UTC 2011 i686 i686 i386 GNU/Linux
<lau> it looks like #607560 but I haven't find any work around any idea ?
<earthmeLon> Just installed postfix on my new server.  My old server had postfixadmin and used mysql for alias and such.  I am trying to figure out how to get postfix to use the mysql databases that i've imported and such.  Anybody familiar with this?
<luite> earthmeLon: you should probably look at /etc/postfix/main.cf from your old server and look for the mysql: type maps
<earthmeLon> Thanks luite
<luite> (it's been a while since I configured postfix, and I don't know the specifics of postfixadmin, so things might have changed a bit in the meantime)
<luite> earthmeLon: anyway these mysql maps refer to other config files that describe how to connect to the database and which column's to use
<JanC> there will be separate config files that define the mapping to the database too
<JanC> âº
#ubuntu-server 2011-06-02
<earthmeLon> Changed what needed to be changed in main.conf.  Pulled all the /etc/postfix/mysql*.cf files.   Restarted postfix.  NO ERRORS :D
<earthmeLon> So, now I just have to test this out :D
<hallyn> would someone with rights mind sponsoring a natty apache upload to fix bug 791410?
<uvirtbot> Launchpad bug 791410 in apache2 "Extra Apache instances not started on boot" [Medium,Triaged] https://launchpad.net/bugs/791410
<hallyn> (mind you the script could be stricter about only allowing ([SK][0-9][0-9])?
<hallyn> oh, doh.  nm, need sru
<hallyn> silly me
<JerryMcFarts> Hello, If my server randomly disconnects from my router what logs can I check to find the cause?
<luite> in what sense disconnects?
<luite> anyway if you use dhcp, i'd check syslog for entries from your dhcp client. if it's lower level, ethernet disconnects, then kern.log and dmesg
<JerryMcFarts> luite, It is unreachable. doesn't respond to pings, router does not see it.
<JerryMcFarts> luite, thank you very much I believe I have found a bread crumb :-)
<awkisopen> Having one heck of a problem with netcat and UDP. If I start listening on a port and begin sending data to said port, the listening instance of netcat will receive it without a problem. However, once I kill the sending instance of netcat and run it again, none of the messages are received.
<awkisopen> Since UDP is "connectionless" I have no idea how on earth that happens.
<awkisopen> Now I'm getting the following error when trying to send data to the port I'm listening on: "read(net): Connection refused"
<uvirtbot> New bug: #791625 in apache2 "/javascript/* URLs sidelined by conf.d settings" [Undecided,New] https://launchpad.net/bugs/791625
<malev> hi folks! I'm having a problem with mysql server, I can not make it automatically start once the server is rebooted. I have the file in /etc/init.d but it does not work. any ideas?
<awkisopen> wow is it dead in here
<malev> looks like :(
<awkisopen> don't suppose you know anything about UDP
<awkisopen> also, in my /etc/init.d, I have a symlink called "mysql" pointing to "/lib/init/upstart-job"
<RoyK> there isn't much to know about UDP
<RoyK> the protocol is fire-and-forget
<malev> awkisopen, I have that too:
<malev> [malev@~] ls -l /etc/init.d/mysql -> lrwxrwxrwx 1 root root 21 2011-05-12 02:17 /etc/init.d/mysql -> /lib/init/upstart-job
<awkisopen> RoyK: so do you have any idea why I'm having the problem I just described?
<malev> as you can see I have the same, I can not understand why it's not working!
<RoyK> that's part of upstart
<RoyK> malev: mysql doesn't use udp
<awkisopen> he's not the one with the UDP problem, I am
<RoyK> I guess you can make it, but it normally uses unix sockets or TCP
<awkisopen> since it is "fire-and-forget," how am I getting a "connection refused" error?
 * RoyK frowns - is tierd
<RoyK> awkisopen: udp will never give you that - that's a tcp answer
<awkisopen> but I am getting that. from udp. right now.
<awkisopen> netcat -u localhost [port]
<RoyK> an ICMP message in fact
<awkisopen> read(net): Connection refused
<RoyK> to the mysql server?
<awkisopen> no
<awkisopen> my problem has nothing to do with mysql
<awkisopen> it's merely that I can't get netcat -u to work properly
<RoyK> which port do you probe?
<awkisopen> 9391
<awkisopen> rather, my MediaWiki installation is sending data to 9391
<awkisopen> so I'm running netcat -ulp 9391
<awkisopen> the first time it sends information to port 9391, I receive it
<awkisopen> all subsequent sends are met with that error message, "connection refused"
<awkisopen> I've been testing it out purely with netcat since then - one terminal running netcat -u localhost 9392, the other netcat -ulp 9392
<awkisopen> when I type messages into the first terminal, they appear in the second
<awkisopen> however, if I stop running netcat in the first terminal, then start it again with the same command - netcat -u localhost 9392 - and send a message, I get the error "connection refused"
<RoyK> why would mediawiki send data to 9391/tcp?
<RoyK> or udp
<awkisopen> it sends Recent Changes edits to a UDP port you specify
<awkisopen> so that you can keep track of edits on the wiki
<awkisopen> and announce them to an IRC channel, for example
<qman__> malev, that's because mysql is now an upstart job in ubuntu, not a sysvinit script
<RoyK> ok, haven't used it that way
<RoyK> awkisopen: but if so, you need a server to receive them
<awkisopen> yes. I have that.
<qman__> malev, service mysql start
<awkisopen> but even completely ignoring mediawiki - netcat isn't working as expected.
<RoyK> awkisopen: if you're getting a connection refused, then the server isn't listening correctly
<awkisopen> it's listening via the command netcat -ulp 9392
<malev> qman__, that works fine, but I want it to auto start every time I restart the pc
<RoyK> awkisopen: or you may have a firewall rejecting those packages
<malev> qman__, any idea what to do?
<awkisopen> and it receives the first edit without a problem
<awkisopen> subsequent edits, however, it does not.
<qman__> if it isn't starting, it's probably a bug
<RoyK> awkisopen: as I said, connection refused is an icmp message, mostly used for tcp, not udp
<qman__> try starting, stopping, starting again, and then rebooting
<qman__> I had to do that with squid
<malev> qman__, oka!
<malev> I'm gonna do that
<awkisopen> fair enough, but everything being used here is UDP
<awkisopen> and as I said, even purely using netcat commands, it's not working right.
<awkisopen> netcat -ulp 9392 will only receive data for as long as the netcat -u localhost 9392 process is kept alive. once that process stops, it fails to listen properly, and any subsequent sends to port 9392 are met with "connection refused," which should not happen.
<RoyK> udp is nice for broadcasts, multicasts and immediate messages, by the millisecond, apart from that, I don't see any reason not to use tcp
<awkisopen> that would require me to somehow modify MediaWiki, which i'm not prepared to do
<awkisopen> I'd rather have what is supposed to be working, working.
<RoyK> awkisopen: this issue isn't really about ubuntu server :P
 * RoyK gets to bed - nit
 * RoyK gets to bed - nite
<awkisopen> It's about connections on a server
<awkisopen> Ubuntu server
<awkisopen> How isn't it about Ubuntu server
<awkisopen> I'm running these commands on my Ubuntu 10.04.2 server and they aren't coming out with the expected results
<awkisopen> If that's not about Ubuntu server, I don't know what is
<RoyK> if I write a crack-pot-app and run it on an ubuntu server, and it doesn't work, well, it's not an ubuntu server problem, is it?
<awkisopen> netcat is not a crack-pot-app
<qman__> while it's an issue on an ubuntu server, it's not really an issue _about_ ubuntu server, specifically
<awkisopen> so where would I go for support for a package in the Ubuntu repositories
<qman__> it's an issue with either your app, or netcat, or current linux kernels and userspaces
 * RoyK bets a tenner it's the app
<awkisopen> I'm not even *using* the app at this point.
<awkisopen> I'm *only* using netcat, which is a package available in the ubuntu repositories.
<RoyK> awkisopen: networking has been rather stable on linux for 10+ years
<RoyK> awkisopen: 15+ if you are slack on the bug report numbers
<awkisopen> My point being, where do I go for support for netcat?
<RoyK> apt-get install wireshark
 * RoyK is off to sleep - night, ladies :)
<awkisopen> I can't install wireshark. I'm on a server. I have no GUI.
<qman__> then tcpdump
<awkisopen> It's flooding me with data about my SSH connection...
<qman__> add "port != 22" to the end
<awkisopen> syntax error
<qman__> in quotes
<awkisopen> oh, sorry
<awkisopen> also a syntax error
<qman__> hmm
<qman__> oh, my bad
<qman__> "port ! 22"
<awkisopen> Well that definitely slowed it down..
<qman__> that will at least tell you what is really happening
<qman__> and you can hopefully pinpoint the issue from there
<qman__> I don't deal much with udp or netcat
<awkisopen> hmm, I'm still getting an awful lot of data
<qman__> I'm sure there's an argument to filter it down to udp only
 * awkisopen tries grep UDP
<qman__> and futher still to only those on the port you want
<qman__> also, use the -n option to greatly speed up packet capture and display
<awkisopen> does this also include information being sent within the server?
<awkisopen> I mean, localhost
<awkisopen> This is very confusing...
<luite> where does ubuntu store the default labels for the ubuntu selinux policy?
<awkisopen> Is there anywhere I could go for support for packages in the official Ubuntu repository?
<jMCg> awkisopen: ubuntu.com/support ?
<awkisopen> "Ask the Ubuntu Community directly using our Internet relay chat (IRC) channel."
<awkisopen> Yet I was just told this isn't a matter for IRC... curious.
<Pici> awkisopen: Whats the question?
<qman__> it's not that that question is not suitable for this channel, it's just that it's a more general linux question and you may be able to get better help for it elsewhere
<qman__> whereas this channel is more centered around ubuntu-specific problems and solutions
<awkisopen> Pici: I'm having difficulties with netcat using a UDP connection. If I run netcat -u localhost 9392 in one terminal and netcat -ulp 9392 in another, anything I type in terminal A gets sent to terminal B, no problem. But if I kill the process in terminal A, later typing in the exact same command, I get the error "connection refused" which makes no sense in UDP.
<awkisopen> In fairness I have no idea whether it's Ubuntu-specific or not...
<Pici> awkisopen: Likely not, you may want to ask in ##networking, although I'm not sure how busy they are this time of day. (I'm not usually on IRC at this hour)
<awkisopen> Pici: Thank you ^_^
<qman__> very doubtful, if anything it would affect all debian-based systems
<qman__> but it's more likely just general linux networking
<luite> there's /etc/selinux/ubuntu/contexts/files/file_contexts, but that's a huge file, isn't it built from smaller source files?
<awkisopen> As it turns out, RoyK and qman__, it *is* a Debian-specific issue: http://paste.pocoo.org/show/399215/
<awkisopen> Thanks to ##networking's sleuthing skills
<awkisopen> So whoever bet a tenner it was the app is, in fact, dead wrong, and there's unfortunately not a thing that can be done to fix this
<donnie> My new Ubuntu-server install automatically points dnsdyn domain to local host. I had to install ddclient on ubuntu-desktop to get it working. Is this the way ubuntu-server works?
<ammar> hey i need help my ubuntu-desktop when i go to vi my keybord mess up how do i fix problem
<twb> donnie: define "dnsdyn"
<ammar> it big problem i cant edit what im doing
<donnie> twb I am sorry i mean DynDNS or Dynamic DNS www.dyndns.com
<ScottK> ammar: This isn't a support channel for Ubuntu Desktop.
<twb> donnie: by default Ubuntu will not update any dynamic DNS service.
<ammar> i know i worrying if you would know the problem
<donnie> twb ah i guess it will stop working as soon as my ip changes.
<twb> If you're going to "foo.example.net" and that resolves to 127.0.0.1 or 127.0.1.1, that's because it's in /etc/hosts as such.
<twb> If so, you should test resolution of foo.example.net on a third party, e.g. on sdf.org
<donnie> twb What does DNS Server or/and BIND9 do that i installed with ubuntu-server installation?
<twb> By default?  Probably nothing,
<donnie> twb I will just install ddclient to update ip. Thanks for your help.
<oyiptong> hey guys
<oyiptong> say i'm cloning ubuntu server vm's
<oyiptong> should i regenerate the snake-oil cert for each machine?
<oyiptong> what other things should i regenerate so that the different users of the cloned vm's cannot spy on each other
<oyiptong> ?
<oyiptong> s/users/owners/g
<twb> oyiptong: you should not be using snake-oil certs anywhere
<twb> They are BY DEFINITION not safe
<oyiptong> i mean... postgres uses it by default, so does apache on install. its for dev machines
<oyiptong> those won't run in production
<twb> That is because it's not possible for the default configuration to have your valid SSL keypairs.
<twb> You emphatically should generate proper SSL keys in a proper SSL trust hierarchy, but if you are too lazy or stupid to do that, then regenerating the snakeoil certs is probably slightly better than not doing so.
<oyiptong> are there any other certificates or keys that i should regenerate if the servers are cloned?
<twb> SSH host keys
<twb> SSL and SSH will be the first 90%
<oyiptong> right!
<twb> There's probably another 90% that I can't think of
<twb> For SSH, just delete them then run "dpkg-reconfigure openssh-server"
<twb> (Unless you're running GNU SSH or something.)
<oyiptong> thank you very much. i'm using the default openssh-server. so bsd
<twb> Will unattended-upgrades pull in new kernels?
<twb> In one case, I specifically don't want it to, because I'm using third-party ko's that need to be rebuilt by hand afterwards, so an unattended upgrade + unscheduled power outage = sad twb
<twb> It looks like it does, because on another host that has u-a installed, and /boot mounted ro by default, apt reports it's in an inconsistent state -- looks like it tried to upgrade the kernel and failed because it couldn't write to /boot
<jmarsden> twb: /etc/apt/apt.conf.d/50unattended-upgrades     includes a list of packages not to unattendedly upgrade ...
<twb> Thanks.
<jmarsden> You're welcome.
<twb> jmarsden: while you're there, do you know where the example dpkg pre/post hooks for mount -o remount,rw /usr went?
<twb> (I want them except for /boot instead of /usr)
<jmarsden> No, I'm not sure where I'd look for those...
<twb> I thought they were in apt_preferences(5) :-(
<twb> DPkg::Pre-Invoke  { "mount -oremount,rw /boot"; }
<twb> DPkg::Post-Invoke { "mount -oremount,ro /boot"; }
 * twb tries
<twb> Works!
<jmarsden> :)
<jmarsden> twb: There seems to be an example in /etc/apt.conf.d/99tmpfs-noexec  on my machine here... maybe that is what you were thinking of?
<twb> No, it was not actually on by default, but it was an example
<jmarsden> That one is present by commented out... OK.
<jmarsden> s/by/but/
<twb> Oh
<twb> I don't have that file tho
<jmarsden> Hmmm.  That is on a 10.0.4.2 Ubuntu desktop... not sure where I got it from, if it didn't come by default.
<twb> lucid and sid servers here
<twb> dpkg -S might tell you
<jmarsden> Ah, maybe Ubuntu adds it.  dpkg -S says it can't find it...
<uvirtbot> New bug: #791747 in openssh (main) "Cannot add keys from PKCS#11 provider" [Undecided,New] https://launchpad.net/bugs/791747
<RoyK> wtf - I create /dev/md3 and after reboot ubuntu has /dev/md_d3, not md3. The create command was 'mdadm --create /dev/md3 --level=5 --raid-devices=2 /dev/sd[ab]' and aslo, after a reboot, the new device shows up without sdb, only one drive!
<besht> good morning
<besht> i was wandering if anyone could help me with a backup question
<besht> i am thinking of managing backups with rsnapshot, as it can do ssh and lvm  and is quite easy to manage, but i cannot find any information on how to use ssh and lvm together
<besht> can anyone offer some experience on that topic?
<lau> hello any issues with ext3 and jdb2 ?
<lau> s/ext3/ext4
<RoyK> what's jdb2?
<NCommander> Does anyone know who (if anyone) will be creating the LXC task for oneiric?
<zul> NCommander: eh?
<jennie> friends please help me in downloading these image   files from  http://emagazine.pdgroup.in/pratiyogitadarpan/01052011/pages.xml
<jennie> these files are in flash player here at this link http://emagazine.pdgroup.in/pratiyogitadarpan/01052011/Home.aspx
<cocoa117> anyone had experience on how to backup ufw rules, and put it to freshly installed Ubuntu?
<cocoa117> I cp -av /var/lib/ufw/user.rule, but in the new system it doesn't run
<cocoa117> after sudo ufw enable, and sudo ufw status, none of the rules are running
<cocoa117> k, it seems the /var/lib/ufw/user.rule is now actually function in /lib/ufw/user.rule!!!
<NCommander> zul: we need an LXC task in the server image for ARM as LXC + OpenStack is our cloud solution in favor of actual virtualization
<jdstrand> cocoa117: the files to backup are /etc/ufw and /lib/ufw/ufw*rules
<jdstrand> cocoa117: on recent systems. ufw used to keep files in /var/lib/ufw. if you have your files in /var/lib/ufw, then just put them in /lib/ufw on the new system
<jdstrand> cocoa117: this sounds like you are doing some sort of a migration from say hardy to lucid (or later). if this is the case, do what I said and it should work
<cocoa117> jdstrand, yes, thanx for clear that up. i just start to realise it now
<lau> RoyK: this one https://bugs.launchpad.net/ubuntu/+source/linux/+bug/607560
<uvirtbot> Launchpad bug 607560 in linux "jbd2 writing block every 5 - 10 seconds, preventing disk spin-down and making noise" [Undecided,Confirmed]
<lau> it sounds like a kernel issue , since I switched to latest 2.6.38-9-generic
<lau> all my fs (ext4) are having issue writing every few seconds
<lau> in the bug description lots of disks are seagate , but mine is western digital
<lau> don't know if it is hardware related (i don't think so) , fs related
<uvirtbot> New bug: #788520 in tomcat6 (main) "crash in tomcat web service on file write" [Undecided,New] https://launchpad.net/bugs/788520
<zul> NCommander: sure but tasksel is going away, the openstack lxc is going to be handled by orchestra though
<NCommander> zul: tasksel is going away?
<NCommander> With what? (and also, we still need a task for germinate to handle)
<zul> NCommander: in the iso yes, but openstack will be seeded when the MIRs are done
<NCommander> zul: as part of the virtualization host task, or a new one?
<zul> NCommander: undetermined
<NCommander> zul: I'd like to see it as a new one simply because the existing virtualization host task is slated to be unsupported on armel this cycle (we have no hardware which can support virtualization on ARM)
<zul> NCommander: ok i think we can do that
<NCommander> Great :-)
<zul> lynxman: is the mcollective-plugins in a bzr branch?
<lynxman> zul: nope, it's pending merging upstream
<zul> what about the debian packaging?
<lynxman> zul: ah I see where you're going now :)
<lynxman> zul: I can create the branch if you want
<zul> lynxman: yes please
<lynxman> zul: I'll create one for the provisioner too, you have the package available as well in the same ppa
<lynxman> zul: lp:~lynxman/+junk/mcollective-plugins
<lynxman> zul: also lp:~lynxman/+junk/mcollective-provisioner for the provisioner
<zul> cool
<Daviey> lynxman: Do you have a branch with longer history of mcollective-plugins ?
<lynxman> DA
<lynxman> er
<lynxman> Daviey: it's all in git unfortunately
<Daviey> lynxman: Is that Ubuntu enteries in git, or upstream git?
<lynxman> Daviey: upstream git, our development branch for our plugins was removed sometime ago
<Daviey> argh.
<lynxman> Daviey: if I just knew... :)
<Daviey> heh.  Are you working on it atm?
<Daviey> (Some of the changelog enteries make it a little hard to work out what has been going on)
<lynxman> Daviey: nope, that's the changelog from our mcollective-plugins, what happened in this last version is that we merged in our own plugins (as patches for now)
<Daviey> lynxman: Okay, super - what are you doing on that package this week?
<lynxman> Daviey: so far in the ppa we had one mcollective-plugins and one mcollective-canonical-plugins packages
<lynxman> Daviey: nothing else, it's all good until we get merged upstream
<Daviey> lynxman: so the need for -plugins is being totally dropped?
<Daviey> and merged into upstream mcollective
<Daviey> ?
<lynxman> Daviey: nope, merged to the upstream mcollective-plugins package :)
<lynxman> Daviey: -plugins are still and will still be needed
<Daviey> hmm.. so mcollective-canonical-plugins is going into mcollective-plugins?
<lynxman> Daviey: yes
<lynxman> Daviey: need to meet with Volcane in a week or two to get it done
<zul> lynxman: i just had a look at the debian/patches the names of the patches are....umm....not good can you give them a bit more descriptive names please?
<lynxman> zul: I was afraid you would say that ;) on it
<Daviey> lynxman: am i right in saying that -plugins upstream is still puppet?
<lynxman> Daviey: yes
<Daviey> lynxman: zul doesn't miss a trick! :)
<lynxman> Daviey: :D
<Daviey> lynxman: Well adam_g is spending the afternoon with puppet, do you want anything asked of them?
<lynxman> Daviey: no need to, the plugins are maintained by Volcane who's in London, I just need to get my arse back
<lynxman> Daviey: we had a planned meeting last Friday but unfortunately he couldn't make it
<i2v8an> hi, could someone direct me to some good documentation for setting up exim4 to use remote smtp?
<Daviey> lynxman: Maybe, i should come and visit at some point :)
<smoser> smb, you have any clue on bug 784937
<uvirtbot> Launchpad bug 784937 in cloud-init "/mnt not mounted, swap not used, disk is xvde" [Medium,Confirmed] https://launchpad.net/bugs/784937
<lynxman> Daviey: I'll be around again from June 13th onwards, so please drop in anytime :)
<Daviey> lynxman: i'll do that!
<lynxman> Daviey: yay ^^
<lynxman> zul: is this better? http://pastebin.ubuntu.com/616732/
<zul> lynxman: the fact.ddl.patch fact.rb.patch is for the same plugin right?
<lynxman> zul: yes, two different files though
<lynxman> zul: same goes for mc-fact
<zul> lynxman: i would just combine them since its for the same plugin will make maintenance alot easier if the code hasnt gone upstream yet and we get a newer snapshot
<lynxman> zul: okidoki, doing that
<sommer> morning all, weeee
<lynxman> zul: http://pastebin.ubuntu.com/616741/
<zul> lynxman: cool now make the change in bzr :)
<lynxman> zul: yessir
<lynxman> zul: all done, pushing new package in the ppa
<zul> lynxman: no need
<lynxman> zul: heh okay :)
<Roasted> How can I see what IPs I handed out from my Ubuntu server?
<lynxman> Roasted: you have a dhcp server installed?
<Roasted> lynxman, I got it. It's under /var/lib/dhcpd/dhcpd.leases
<Roasted> thanks though
<lynxman> Roasted: np :)
<queso> Should sudo hostname newname be updating /etc/hostname and /etc/hosts ?  Or do those have to manually be changed?
<lynxman> queso: as far as I understand it'll change /etc/hostname only
<queso> lynxman: unfortunately it didn't even do that
<queso> lynxman: cat /etc/hostname gives me the original name, but when I use the hostname command it displays the new one.
<lynxman> queso: hm...
<queso> lynxman: I guess as root doing echo newname > /etc/hostname accomplishes the same thing.
<lynxman> queso: it does, it's ugly though :)
<queso> lynxman: what's the right way?
<lynxman> queso: the one you were doing ;)
<queso> (I'm trying to do it in a script)
<queso> lynxman: ha, okay, but that one doesn't seem to work.
<lynxman> queso: that's the weird thing
<jpds> Cheese.
<lynxman> jpds: good point ;)
<queso> After manually modifying /etc/hostname, is a reboot necessary, or restarting some network processes?
<lynxman> queso: a reboot after a hostname change is cleaner
<queso> lynxman: okay, thx
<queso> Where is the standard place to put a self-written script, intended to be run with root privs (sudo), but by other users (such that it will be in their path)?
<zul> lynxman: you havent updated your bzr branch
<lynxman> zul: hmm I pushed the code...
<smoser> jamespage, SpamapS our friend udev is rearing head again.
<smoser> bug 791868
<uvirtbot> Launchpad bug 791868 in udev "udevd dies, loses events, network doesn't come up" [Undecided,New] https://launchpad.net/bugs/791868
<lynxman> zul: it's there :)
<zul> yeah it is but you removed the files but didnt add them back
<lynxman> zul: err :)
<lynxman> zul: fixing!
<lynxman> zul: and done
<hallyn> jamespage: anything new i should know since http://ubuntuserver.wordpress.com/2011/03/02/natty-jenkins-for-ubuntu-call-for-testing/, or can i still follow those instructions?
<jamespage> hallyn: lemme take a look
<jamespage> yep - thats still good for natty
<zul> lynxman; for your *.postinst why are you using invoke-rc.d since mcollective is an upstart job?
<hallyn> jamespage: and for o?
<lynxman> zul: because you told me to use it instead of service :)
<jamespage> hallyn: not avaliable yet either in PPA or archive
<jamespage> working on that one now
<hallyn> jamespage: ok, thx.  will test in natty, then hoping to use it with ensemble
<lynxman> zul: service would exitstate 1 if the service wasn't running and made the postinst fail, invoke-rc.d doesn't
<hallyn> (dunno if that needs oneiric or not)
<jamespage> should be OK on natty
<zul> lynxman: did i? well i was wrong you should be able to do stop mcollective 2>/dev/null || true ; start mcollective || true
<jamespage> are you going to write a formula?
<hallyn> yup
<jamespage> great - I had the same idea; if you want to work together on that more that happy to
<hallyn> excellent
<hallyn> but first i need to just use it :)  get the feel fir it
<hallyn> thx, ttyl
<lynxman> zul: want me to fix it now? it should be quite fast
<zul> lynxman: sure
<lynxman> zul: okay on it
<lynxman> zul: done
<zul> lynxman: cool
<jamespage> SpamapS: around?
<bencer_> hi all
<SpamapS> jamespage: indeed, hallo!
<jamespage> SpamapS: hey - any chance you could put your SRU hat on a look at bug 783836
<uvirtbot> Launchpad bug 783836 in openldap "slapd syncrepl failing using SASL" [High,In progress] https://launchpad.net/bugs/783836
<jamespage> there are a few challenges around reproducing this issue (i.e. we can't)
<jamespage> but the fix has good heritage
<jamespage> and confirmed resolution of the issue
<jamespage> (albeit elsewhere)
<SpamapS> jamespage: right I remember that one.
<SpamapS> jamespage: is it uploaded to -proposed already?
<jamespage> not yet - Daviey is on the case there
<SpamapS> It should be fixed in Oneiric just by virtue of the newer upstream, yes?
<jamespage> yep - Oneiric does include this fix
<mecode> hey all - trying to get into better habits. i usually ssh as root into my ubuntu server and do everything that way. this time around i've made myself a user account and given myself sudo privileges. permissions are throwing me off a little bit. how should i set the permissions on /var/www so that i can edit stuff in there (well pull using git, but same thing) and also www-data (the nginx user) can have access?
<smw> mecode, I would use sudo to git pull
<smw> mecode, just make sure it is readable by the nginx user
<smw> by default it is
<smw> mecode, so... no problem, right? :-)
<mecode> ok so just chown the /var/www for www-data and then use sudo to get around in there? seems like it'd work just fine
<mecode> ok i'll go with that then, thanks
<smw> no
<smw> mecode, I would not give nginx write access
<smw> mecode, I would only chown the folders it NEEDS to write to
<mecode> ok
<mecode> then who has write access?
<mecode> just my user then?
<smw> mecode, root
<mecode> oh ok
<smw> or your user
<smw> mecode, the idea is that nginx should have as little power as possible.
<mecode> that makes sense - in case it gets compromised i guess
<smw> mecode, so, if you have a bug, they can't change the code
<ruben23> hi guys i installll phpmyadmin on ubuntu server- but ti did not ask me to be used fro apache2, directly install now when i try to open http://ipaddress/phpmyadmin- its timeout
<m3asmi> sudo service isc-dhcp-server start  ___________
<m3asmi>  * Starting ISC DHCP server dhcpd   _____________* check syslog for diagnostics.   [fail]
<m3asmi>  sudo service isc-dhcp-server start * Starting ISC DHCP server dhcpd * check syslog for diagnostics. ...fail! ..
<pmatulis> m3asmi: check syslog for diagnostics
<m3asmi> pmatulis: No subnet declaration for eth0 (10.42.44.1).
<pmatulis> m3asmi: there you go
<m3asmi> how
<m3asmi> pmatulis: how can I configure it
<pmatulis> http://www.google.com/search?client=ubuntu&channel=fs&q=No+subnet+declaration+for+eth0&ie=utf-8&oe=utf-8
<uvirtbot> New bug: #791944 in samba (main) "package samba 2:3.5.8~dfsg-1ubuntu2.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/791944
<frewsxcv> in arch, there's an array you fill out for daemons you want to load on startup. is there an equivalent in ubuntu?
<SpamapS> frewsxcv: by default, if something is installed, it starts
<zul> hey SpamapS
<frewsxcv> well i don't always have the option of installing stuff from the repositories
<smoser> smb, around ?
<nigelb> kirkland: around?
<RoAkSoAx> nigelb: he's on a trip I think
<nigelb> RoAkSoAx: ah, its fine then.  I'll just reply on his MP :)
<RoAkSoAx> ;)
<uvirtbot> New bug: #791984 in dovecot (main) "dovecot-postfix upgrade overwrites main.cf settings" [Undecided,New] https://launchpad.net/bugs/791984
<smoser> hggdh, can you approve me for ~ubuntu-server-iso-testing-dev
<hggdh> smoser, of course
<hggdh> smoser, welcome :-)
<kirkland> nigelb: howdy
<kirkland> nigelb: am now
<nigelb> kirkland: I wanted to ask you the license for the comments.png in the summit MP, but I got http://people.ubuntu.com/~mhall119/icons/icons_preview.html :)
<kirkland> nigelb: ah, yeah much better
<nigelb> I was fixing that up today :)
<kirkland> nigelb: fwiw, i got comments.png from famfamfam-silk, which is in the archive
<nigelb> :)
<kirkland> nigelb: but those from mhall are much nicer
<nigelb> kirkland: Yup :)
<kirkland> nigelb: sweet, can I test it somewhere?
<nigelb> kirkland: sadly, we don't have a test server, I'm only submitting MPs
<nigelb> I could give you a screenshot though once I'm done with this.  (still working on it)
<kirkland> nigelb: heh
<kirkland> nigelb: you guys need ensemble + ec2 :-)
<kirkland> nigelb: sure
<nigelb> kirkland: no no, we want Canonical to pay for ec2 :P
<nigelb> mhall119 is working on getting us a server, so it should happen soonish
<nigelb> kirkland: Loosk good? http://i.imgur.com/u9scA.png
<nigelb> *looks
<hggdh> smoser, are you generating oneiric ec2 images?
<smoser> hggdh, well, yesh.
<smoser> i just released some!
<smoser> http://uec-images.ubuntu.com/releases/oneiric/alpha-1/
<hggdh> smoser, ooooohh sooo cool
<erichammond> smoser: Are we getting fresh natty, too?
<smoser> erichammond, do you have a reason for wanting newer natty?
<smoser> i'm in the process of releasing updated lucid
<erichammond> smoser: Seems like there were some good bugs fixed recently, or perhaps I'm not paying attention closely enough.
<smoser> erichammond, http://paste.ubuntu.com/616973/
<smoser> that is the collected changes between release and most recent natty
<smoser> was there something that jumped out of that list as particularly noteworthy?
<smoser> did you really need the "Egypt abandons DST in 2011" fix ? :)
<erichammond> smoser: Thanks, nothing jumps out from that list.  Perhaps it was another Ubuntu version or a bug that is close to being fixed.  It's hard to keep track with so many other things going on in life.
<smoser> what could possibly be more important than tracking bug fixes to a operating system release?
<kirkland> nigelb: sure, thanks!
<nigelb> \o/
<_Neytiri_> how do i set up VM's on my server?
<pmatulis> !kvm | _Neytiri_
<ubottu> _Neytiri_: kvm is the preferred virtualization approach in Ubuntu. For more information see https://help.ubuntu.com/community/KVM
<_Neytiri_> ok
<_Neytiri_> can i still use KVM if my cpu doesent support hardware virturalation?
<hallyn> you can use qemu
<soren> _Neytiri_: Well, I don't know about "use".. It functions, but it's really, really slow.
<hallyn> without acceleration
<hallyn> eh, iit can be acceptable depending on what you're doing :)
<_Neytiri_> i am just running a DNS server
<_Neytiri_> so how would i use qemu, i manage the server i want to run vm's on via ssh
<irong33k> when i installed apache like 'tasksel ^lamp' apache services cant work...without first being connected to the net,.any solutions?
<irong33k> thanx 4 your help :(
<guntbert> irong33k: as I said - I've never seen that: please have a look into /var/log/apache2/error.log - there you should see *why* it doesn't start
<RoAkSoAx> kirkland: o/!! Were u able to test the second stage?
<kirkland> RoAkSoAx: negative, not yet
<RoAkSoAx> kirkland: alrighty! no worries!
<jonesst1> anybody got vmware's esxi vmtools to install on ubuntu?
<kirkland> RoAkSoAx: is Oneiric desktop working for you in Testdrive?
<kirkland> RoAkSoAx: its not working at all for me
<Joshua__> I am trying to configure postfix to send outgoing mail to my exchange server on the LAN, can anyone help with that? Server 11.04
<jonesst1> joshua u need a smarthost setting, it probably goes in main.cf but im not a postfix guy
<Joshua__> where is that located at?
<jonesst1> um /etc/postfix/
<jonesst1> let me go look on rhel6.1 is should be the same thing
<kirkland> RoAkSoAx: also, I'm testing Cobbler on Oneiric
<kirkland> RoAkSoAx: and I'm following https://help.ubuntu.com/community/Cobbler
<jonesst1> looks like its the relayhost parameter
<kirkland> RoAkSoAx: looks like there's a step missing between your "Importing" and "Deployment" stages
<kirkland> RoAkSoAx: the part about adding the machine to Cobbler
<jonesst1> so relayhost=mail.domain.com
<jonesst1> and restart postfix
<jonesst1> and test
<jonesst1> :q!
<jonesst1> oops
<jonesst1> doh
 * RoAkSoAx checks
<RoAkSoAx> kirkland: you mean adding a "system"
<kirkland> RoAkSoAx: you have to add the machine to cobbler
<kirkland> RoAkSoAx: if you want to be able to install it by cobbler
<RoAkSoAx> kirkland: hold on, let me check
<kirkland> RoAkSoAx: i'm testing powernap now
<RoAkSoAx> kirkland: you mean this? : https://fedorahosted.org/cobbler/wiki/DeployFeature
<kirkland> RoAkSoAx: right
<RoAkSoAx> kirkland: haven't yet tested that but will do now
<RoAkSoAx> kirkland: the "deploy" command does not exist
<kirkland> RoAkSoAx: okay, powernap worked for me
<kirkland> RoAkSoAx: looked at the diff, looks reasonable, good work!
<kirkland> RoAkSoAx: shall i release and upload?
<RoAkSoAx> kirkland: please!
<kirkland> RoAkSoAx: wilco
<RoAkSoAx> kirkland: so anyways, I could add the documentation to add systems but the "cobbler deploy" command does not yet exists
<hallyn> jamespage: do i need to install a jenkins git plugin separately, or should that be there?
<kirkland> RoAkSoAx: uploaded, thanks!
<RoAkSoAx> kirkland: thank you!
<hallyn> zul: are you in the mood to sponsor a trivial apache upload for me?  :)
<kirkland> RoAkSoAx: re: my cobbler questions ....
<zul> hallyn: can do it tonight
<kirkland> hallyn: i can, if zul isn't around
<kirkland> RoAkSoAx: so i have a cobbler server running
<kirkland> RoAkSoAx: in virt-manager
<RoAkSoAx> kirkland: ok
<kirkland> RoAkSoAx: and i created a new virtual machine, also in virt-manager
<kirkland> RoAkSoAx: both on the bridge interface
<kirkland> RoAkSoAx: so i boot the new vm
<RoAkSoAx> kirkland: ok
<kirkland> RoAkSoAx: tell it to boot from the network
<kirkland> RoAkSoAx: it doesn't get the pxe information, though
<hallyn> zul: thanks, it's the trivial debdiff attached to bug 787013
<uvirtbot> Launchpad bug 787013 in apache2 "Please merge apache2 2.2.19-1 (main) from debian unstable (main)" [Wishlist,Fix released] https://launchpad.net/bugs/787013
<hallyn> kirkland: thanks for the offer.  this is far from urgent :)
<kirkland> RoAkSoAx: i presume because the cobbler server doesn't know about the new vm's mac addr
<kirkland> hallyn: np
<kirkland> hallyn: any luck with oneiric in kvm?
<RoAkSoAx> kirkland: uhmmm no I don't think so
<hallyn> kirkland: hm, i just got the failure on 'try ubuntu'
<RoAkSoAx> kirkland: so when you tell it to boot from the network, it will try to search for a PXE server in the network
<hallyn> kirkland: looks liek we need spice :)
<kirkland> hallyn: you should get (back) on that :-)
<hallyn> kirkland: the ball is in Daviey's court actually
<RoAkSoAx> kirkland: so the DHCP server does not know of any PXE's so the idea is to tell the DHCP server that the VM is the cobbler server
<hallyn> hm, and -vga vmware locked up over vnc
<hallyn> well, that sure looks bug-worthy
<hallyn> kirkland: have you filed one, or should I?
<RoAkSoAx> kirkland: so for example, in my DD-WRT router i tell this to DNSmasq: dhcp-boot=pxelinux.0,,192.168.230.1
<kirkland> hallyn: i haven't sorry;  please do
<hallyn> k
<RoAkSoAx> kirkland: so whenever I fire up a VM that uses the bridge, then the router dhcp's server tells that the IP is the boot server and it obtains the list of available profiles from there
<RoAkSoAx> negronjl_: ping
<kirkland> RoAkSoAx: ah, right
<kirkland> RoAkSoAx: so how should I do this over virt-manager?
<negronjl_> RoAkSoAx: hi
<RoAkSoAx> negronjl_: did you ever do PXE of a VM using a cobbler server that was a VM using the same bridge?
<RoAkSoAx> kirkland: I'd use koan :)
<negronjl> I did but, without koan kirkland, RoAkSoAx
<RoAkSoAx> negronjl: how were you able to tell that the cobbler server in the VM was the PXE? did you modify the router or did you do something in the host?
<negronjl> I suspect that it would be a lot easier with koan
<kirkland> negronjl: yeah, how did you do it :-)
<negronjl> Let me get the steps together and put them on pastebin
<lynxman> negronjl: share the pastebin love, I would like to know as well :)
<kirkland> zul: lynxman said that you sponsored his mcollective-plugins into oneiric?
<negronjl> sure thing lynxman
<RoAkSoAx> kirkland: if you wanna use koan, please use the virtinst from ppa:ubuntu-virt/ppa
<kirkland> RoAkSoAx: okay....why's that?
<negronjl> kirkland, RoAkSoAx, lynxman:  I started by creating a bridge interface on the host system.  Here is the one I made on my laptop: https://pastebin.canonical.com/48138/
<RoAkSoAx> kirkland: cause when using koan, it hands of the url of the HTTP directory to virtinst, which examines it to determine the distro and stuff, and the one in PPA has more logic that I discovered later, it was missing from the one I patched in Natty
<RoAkSoAx> kirkland: will be uploading to Oneiric soon
<kirkland> RoAkSoAx: perfect, that's what I was checking ;-)
<negronjl> kirkland, RoAkSoAx, lynxman: I started by creating a bridge interface on the host system. Here is the one I made on my laptop: http://pastebin.ubuntu.com/617064/
<hallyn> jamespage: (btw, nm, found my answer, thx :)
<negronjl> kirkland, RoAkSoAx, lynxman: In virt-manager, create a machine and bind it to that interface ( in my case, br0 ).
<negronjl> kirkland, RoAkSoAx, lynxman: Craate n-number of machines, all of them bound to that interface
<negronjl> kirkland, RoAkSoAx, lynxman: That creates your network.
<negronjl> kirkland, RoAkSoAx, lynxman:  For DHCP and access via the host to the internet, I have the following on my machine:
<negronjl> kirkland, RoAkSoAx, lynxman: sudo /usr/sbin/dnsmasq --strict-order --bind-interfaces --pid-file=/var/run/libvirt/network/br0.pid --conf-file= --except-interface lo --listen-address 10.1.1.1 --dhcp-range 10.1.1.100,10.1.1.200 --dhcp-lease-max=253 --dhcp-no-override
<negronjl> kirkland, RoAkSoAx, lynxman: On one of the machines, install ubuntu-orchestra-server.
<negronjl> kirkland, RoAkSoAx, lynxman: PXE boot any of the other machines....it should work.
<RoAkSoAx> negronjl: cool!!
<RoAkSoAx> kirkland: yeah that there should do the work, so dnsmasq in the host itself is given addresses to the VM's. If it doesn't work out of the box, then, you'd just need to also especify that the PXE is the VM running cobbler
<RoAkSoAx> s/given/giving
<negronjl> kirkland, RoAkSoAx, lynxman: In my setup, I have the orchestra-server running on static IP and the rest of the clients running off of dhcp.
<kirkland> negronjl: rock!
<kirkland> RoAkSoAx: perhaps you could add a wiki page under the Cobbler documentation with this magic from negronjl ;-)
<RoAkSoAx> kirkland: will do!!!
<kirkland> RoAkSoAx: cheers
<negronjl> kirkland, RoAkSoAx, lynxman: If all else fails, I can always just dump my configuration and images somewhere for you to take ( chinstrap comes to mind)
<kirkland> RoAkSoAx: do you mind if I make cman a recommends of cobbler (promote from a suggests)?
<lynxman> nice
<kirkland> RoAkSoAx: that will help with one of the cobbler check messages
<RoAkSoAx> kirkland: If you want, but I'm uploading fence-agents either by the end of the week or next week
<kirkland> RoAkSoAx: is that better?
<kirkland> RoAkSoAx: looks like cman is in main ...
<RoAkSoAx> kirkland: yeah cman pull useless cluster stack stuff and contains the fence-agents that have been separated into its own source package
<RoAkSoAx> kirkland: i'm uploading fence-agents and filling a MIR
<RoAkSoAx> kirkland: we could put that in a PPA if you like until that happens
<kirkland> RoAkSoAx: okey doke;  make sure you remove cman as a suggests, and add it as a recommends
<RoAkSoAx> kirkland: will do
<kirkland> RoAkSoAx: cool
<kirkland> RoAkSoAx: oh, powernap feature/request for you ...
<RoAkSoAx> kirkland: I have fence-agents 3.1.4 here: https://launchpad.net/~andreserl/+archive/ha/+packages and it includes one fence-agent for eaton device sadded by arnaud recently
<RoAkSoAx> kirkland: shoot :)
<kirkland> RoAkSoAx: could you make powernap touch/remove a file in /var/run when a system is powernapping/not-powernapping?
<kirkland> RoAkSoAx: I'd like to add an indicator in byobu .zZ that shows when a system is powernapping
<kirkland> RoAkSoAx: or is there an easy way?
<RoAkSoAx> kirkland: uhmmmmmmmmm let me think
<kirkland> RoAkSoAx: nevermind, i'm hacking it myself now
<RoAkSoAx> kirkland: i was thinking that maybe pm-powersave had something we could use
<RoAkSoAx> kirkland: but there isn't really
<RoAkSoAx> kirkland: so yeah I could add that
<kirkland> RoAkSoAx: something like this:
<kirkland> RoAkSoAx: http://paste.ubuntu.com/617078/
<RoAkSoAx> kirkland: yeah we could do that, or whithin the daemon itself to create the file after executing pm-powersave and removing the state file when recover action was taken
<RoAkSoAx> kirkland: cause, it will only be useful when in powersave
<kirkland> RoAkSoAx: hmm
<kirkland> RoAkSoAx: i'm testing this now
<RoAkSoAx> kirkland: ok ;)
<RoAkSoAx> kirkland: oh btw... have a patch for bikeshed. This should not break the release-build script cause of the source format: http://paste.ubuntu.com/617085/
<kirkland> RoAkSoAx: seems to be working well for me
<kirkland> RoAkSoAx: i'm going to commit
<kirkland> RoAkSoAx: feel free to enhance/rework
<kirkland> RoAkSoAx: ah
<kirkland> RoAkSoAx: nice fix
<RoAkSoAx> kirkland: hehe It had me scratching my head for a while :)
<kirkland> RoAkSoAx: heh
<lau> I am having a lot of jbd2 write on my ext4 fs , I rolled back to 2.6.35 but it is the same
<RoAkSoAx> kirkland: I was also thinking on adding WARN methods, so that we could nose notify-send or something instead of only wall messages
<kirkland> RoAkSoAx: intersting ...
<kirkland> RoAkSoAx: i like it
<lau> do you have any idea how to figure out why all these writes ? I looked at log files without any evidence
<RoAkSoAx> kirkland: or even send emails to the administrator
<kirkland> RoAkSoAx: release-build patch worked *perfectly*
<RoAkSoAx> kirkland: heheh I must admit that without barry's help would have found the solutiuon lol!
<kirkland> RoAkSoAx: i recently added a release-test script too
<RoAkSoAx> kirkland: what does it do?
<RoAkSoAx> kirkland: btw.. I'm getting the UPS on monday
<kirkland> RoAkSoAx: same as release-build, but it doesn't change the changelog entry
<kirkland> RoAkSoAx: so that you don't have to revert that
<RoAkSoAx> kirkland: cool!
<Oldschool> I'm having trouble installing a software Raid5 11.04 server - anyone have experience with this?  I think my problem has to do with Grub2
<Oldschool> I've created my RAID and mounted it using LiveCD, but getting Grub2 installed and working is what is causing my problems.
<pmatulis> Oldschool: you don't need a live cd to install a server
<Oldschool> I can't boot without one.  The install usually will leave me with a GRUB> prompt.
<hallyn> jamespage: well, the jenkins git plugin appears to die a horrid death trying to git-clone git://www.linux-cr.org/pub/git/linux-cr.git
<hallyn> on that failure, i leave this for another day
<pmatulis> Oldschool: i cannot see how an install can leave you at a grub prompt.  do you mean after first boot?
<Oldschool> Yes - I create the RAID during the install, and depending on the options I use with the partitioner, either GRUB will not install, or it will install onto a /boot partition, but when I reboot, it ends up giving me a grub recovery> prompt
<pmatulis> Oldschool: then use the live cd to get the installer logs (syslog) to see what happened.  or install again and get to the menu and choose to see the logs
<Oldschool> where are those logs?
<Mostoles> hi
<Mostoles> sorry for my english
<Mostoles> any can try to resolve me a question?
<Daviey> Mostoles: you need to ask the question, :)
<Mostoles> yes
<Mostoles> i like to stop the harddisk to save energy
<Mostoles> my s.O
<Oldschool> No entries under /var/log/boot
<Mostoles> my S.O is ubuntu server
<Mostoles> i have one disk for S.O, and 3 for data
<Mostoles> i like to stop the data disk
<Mostoles> im try to use hdparm, but dont know the flag
<Daviey> Mostoles: sudo hdparm -S 120 /dev/sda ?
<Mostoles> if I reboot, this is persistent?
<Daviey> no
<WMP> hello
<Daviey> Mostoles: you could add it to your /etc/rc.local
<Daviey> (above exit 0)
<WMP> what limit in limits.conf can block memory (RAM) per user?
<WMP> and maybe who know program who use eq. 200MB from ram
<WMP> i wan tto test this limits ;)
<Mostoles> i try to put in /etc/hdparm.conf
<Mostoles> but dont do any
<Mostoles> this /dev/sdc {spindown_time = 120}
<martyn> Hey all !
<Mostoles> thanks for all
<Mostoles> bye
#ubuntu-server 2011-06-03
<uvirtbot> New bug: #792121 in nova (universe) "package nova-common 2011.3~d1-0ubuntu2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/792121
<sw0rdfish> how can one download stuff from websites like rapidshare/hotfile
<sw0rdfish> into a server?
<sw0rdfish> links2 and w3m can't have javascript supported
<sw0rdfish> so is there a solutoin
<robrt`> sw0rdfish: I usually scp it over..
<sw0rdfish> you mean get it to your home pc
<sw0rdfish> then scp into the server
<sw0rdfish> i think thats easy if you have good internet speed from home
<sw0rdfish> i dont
<sw0rdfish> but if you mean scp directly from those sites, hmmm i dont think so
<littlebearz> sw0rdfish: use wget?
<sw0rdfish> robrt`,
<sw0rdfish> but they make you click on the thing "Free Download" or "Slow download"
<sw0rdfish> and give u a special link ...etc
<robrt`> sw0rdfish: Yeah .. download it home and scp it over to my server
<sw0rdfish> there's a program i've been recommended,, rapidleech
<sw0rdfish> will try it out :(
<sw0rdfish> :)*
<Heyho> is there any terminal way, i can check if the computer was used in the last x minutes?
<guampa> lastlog ?
<Heyho> the comment lastlog doesnt give me any useful infos :/
<guampa> too bad
<Heyho> the thing is i want to start bitcoin miner if i idle :D any ideas?
<Tm0> Hi i need to using Cron, i need to backup and restore a demoboard
<uvirtbot> New bug: #792140 in samba (main) "package samba 2:3.5.8~dfsg-1ubuntu2.2 failed to install/upgrade: subprocess installed post-removal script returned error exit status 139" [Undecided,New] https://launchpad.net/bugs/792140
<Ash-Fox> Greetings. I'm currently trying to store my syslog data 'auth,authpriv.*' directly on to a tape drive raw. And while I have succeeded in doing so, I have ran into a problem where I need to be able to run a set of commands to properly load the tape before rsyslog starts (or before it starts logging data to it). Which config files / manuals should I go about reading up on to set this up?
<ChmEarl> http://archive.ubuntu.com/ubuntu/dists/natty/main/installer-amd64/current/images/netboot/xen/
<ChmEarl> the above initrd.gz for xen netboot is defective. Its not intended for use as advertised; its too big and has no xen modules
<ChmEarl> the equivalent maverick version is OK
<BuenGenio> good day
<BuenGenio> I'm looking for dovecot 2 packages for Maverick
<BuenGenio> are there any available
<BuenGenio> only found ones for Lucid so far, from Christian Roessner
<Sanctusorium> I am running into some real trouble with trying to install a GUI into Ubuntu Server 10.04.  I've done apt-get ubuntu-desktop, I've installed VNC, and I am connected to the "desktop" via VNC, but I have just a grey background and a terminal window
<Sanctusorium> Any ideas? :(
<roothorick> So, for my home swiss-army-knife server why should I choose Ubuntu Server over Debian?
<jonesst1> pick the one u ike
<jonesst1> like
<jonesst1> they all do the same thing
<jonesst1> i use debain for home but ive been using it for 12 years
<jonesst1> debian
<twb> roothorick: no reason
<jonesst1> pick the lts version
<rewt> Sanctusorium, sounds like it's starting just X and xterm; maybe you want to install gnome or kde or xfce or such?
<Sanctusorium> Well, I just tried "startx" and I got this:
<Sanctusorium> xf86OpenConsole: Cannot open /dev/tty0 (No such file or directory)
<Sanctusorium> And it goes "whoops, fail" ... essentially
<Sanctusorium> Also, when trying to start gnome, I get similar error
<Sanctusorium> So I try to isntall gnome
<Sanctusorium> And I get errors.  Should I detail them? :)
<Sanctusorium> Or, where should I start? ;)
<rewt> do you want to run X locally, or go through vnc?
<Sanctusorium> Honestly, I just want to get a GUI set up for this VPS.  I assumed I had to use VNC to see it.
<Sanctusorium> Locally, I am on a windows machine.  The Ubuntu distro is the VPS.
<rewt> ah, vps... then i think you have to use vnc
<Sanctusorium> Yep.
<Sanctusorium> I get connected, but when I do, I get a console window and a grey background.
<rewt> so it looks like vncserver starts X and xterm... have a look in the vncserver's config file
<rewt> you probably need to add something in there for it to load the gnome/kde desktop
<Sanctusorium> Well, it may be trying to start stuff up when I connect, but I can't even start stuff myself in that window or through SSH.
<Sanctusorium> When I try to start gnome... I get...
<Sanctusorium> gdm-binary[24130]: WARNING: Unable to load file '/etc/gdm/custom.conf': No such file or directory
<Sanctusorium> I feel like this VPS is sending me trollface.jpg, haha.
<Sanctusorium> When I try to do apt-get install gnome-desktop-environment I get... "Gnome is up to date!" basically.
<Sanctusorium> Sorry if I am over loading :(
<rewt> what if you create an empty /etc/gdm/custom.conf, and then try gdm in the xterm you get via vnc
<jonesst1> in startup try "gnome-session &"
<rewt> i'm not sure what the cmd is to start the gnome desktop
<jonesst1> you need to hash out #twm and the xterm statement
<jonesst1> for vnc
<Sanctusorium> rewt, I have been using gdm start for trying to start Gnome
<Sanctusorium> jonesst1: what is #twm and xterm statement?
<Sanctusorium> :(
<jonesst1> sorry u wanted gnome in a vnc session?
<jonesst1> thats what i set
<Sanctusorium> Whao!
<Sanctusorium> gnome-session & worked
<Sanctusorium> wtf why?
<Sanctusorium> o.o;
<rewt> gnome-session starts the desktop part of gnome, and the & tells it to detach from the terminal and keep running in the background
<Sanctusorium> Nice!  So simple that hours of googling provided nothing
<Sanctusorium> So.  How do I fix it to where this automatically happens whenever there is a VNC connection?
<Sanctusorium> (thank you both by the way... This is so much more awesome now that things are moving... :D )
<rewt> there should be a file in your ~ that loads when you connect via vnc
<Sanctusorium> mmm.  Issue...  When I do dir/ls in ~, it doesn't print anything.
<rewt> how about ll ~
<rewt> (double lowercase L)
<Sanctusorium> Let me see when the reboot is finished :)
<jonesst1> I think you can put it under /etc/
<rewt> what file is it?
<jonesst1> im just looking
<Sanctusorium> ll gave me some kind of feed back.  I assume the names on the far right are the folder/file names?
<rewt> maybe someting like ~/.vncrc
<rewt> yes Sanctusorium
<Sanctusorium> Ah
<Sanctusorium> .vnc/
<rewt> the ones that start with a period are hidden from regular ls
<rewt> go in there and look for a conf
<Sanctusorium> So, everything in that list was hidden
<Sanctusorium> Thats wonderful xD
<Sanctusorium> would xstartup be a good place to start? :D
<rewt> sounds promising
<rewt> or try: grep "xterm" *
<Sanctusorium> In the console or in the xstartupfile?
<rewt> in the console in ~/.vnc/
<Sanctusorium> Okie
<rewt> it'll show you which files have that in it
<rewt> the one you have to change should have it
<Sanctusorium> grep "xterm" * gave nothing
<rewt> grep "term" *
<Sanctusorium> I just have a log, a .pid, passwd, and xstartup that is in green text and has a * at the end for some reason
<rewt> hm, looks like .vnc/xstartup is the right file
<rewt> http://faq.gotomyvnc.com/fom-serve/cache/56.html
<Sanctusorium> What is twm?
<Sanctusorium> I mean, seems to be an alternative to Gnome...
<rewt> that's the "grey background" you have now
<Sanctusorium> My guess at least
<Sanctusorium> AH
<rewt> tiny window manager
<Sanctusorium> This... makes more sense now
<rewt> iirc, a right click brings up a menu
<Sanctusorium> Yep
<Sanctusorium> Well
<Sanctusorium> Only in the console
<Sanctusorium> Background? nada
<Sanctusorium> It was kinda saddening
<rewt> maybe it needs a config
<rewt> hehe
<rewt> well, try replacing it as in that link and see
<Sanctusorium> Probably... I'm a REAL newb to server stuff ;)
<Sanctusorium> Or linux bash
<Sanctusorium> I don't see twm & at all
<roothorick> what will the next LTS be? 11.10?
<roothorick> 12.04?
<rewt> should be 12.04
<rewt> http://en.wikipedia.org/wiki/List_of_Ubuntu_releases#Table_of_versions
<rewt> Sanctusorium, what do you see?
<Sanctusorium> Okie, the last line in the file is x-window-manager &  I am assuming that needs to be there
<Sanctusorium> So, I just added gnome-session & to the end.
<rewt> sure
<Sanctusorium> And I forgot how to start vnc up :P Great.
<Sanctusorium> One second
<Sanctusorium> yay google
<Sanctusorium> AWESOME
<Sanctusorium> :D
<Sanctusorium> Gnome started right up
<rewt> nice
<Sanctusorium> I still don't understand why there were a million different errors in the console with other things, but I guess if it works, it works.
<Sanctusorium> Thanks, ya'll have been a god send.
<Sanctusorium> :)
<rewt> np
<Sanctusorium> Now to install wine.  Gonna see if I can get a terraria server up...
<Sanctusorium> :)
<Sanctusorium> Oh!  will gnome shut itself down when I disconnect?
<rewt> probably not
<Sanctusorium> I guess it would be wise to shut it down on DC then :)
<roothorick> is root-on-MD-RAID a PITA on ubuntu?
<oamaru> been following https://help.ubuntu.com/10.04/serverguide/C/jeos-and-vmbuilder.html with limited success (complains --tmpfs is an unknown option) anyone able to point me at a better resource
<i2v8an> hi, I'm having an issue with figuring out how to change the default keys with the .screenrc file.  Could someone please help me?
<i2v8an> never mind,  one last try after an hour of google'ing finally gave me what I was looking for: http://www.mattcutts.com/blog/screen-power-tips-screenrc/
<Sanctusorium> So, I want to turn off gnome for ram saving.
<twb> Sanctusorium: I'm not stopping you
<Sanctusorium> when I do gnome-session-save --kill I get:
<Sanctusorium> WARNING **: Failed to call logout: The name org.gnome.SessionManager was not provided by any .service files
<twb> That's dbus whinging
<Sanctusorium> Hm?
<twb> your command is trying to send a dbus signal, probably to gnome-session-manager(1)
<Sanctusorium> Ah.  So, how do I fix this? :)
<Sanctusorium> I just want gnome to go bye bye when I am done with it .
<twb> That's kinda offtopic for this channel
<twb> If it were me, I'd just Ctrl+Alt+Backspace
<twb> Or pkill -9 -u twb, to kill all processes owned by my user
<Ash-Fox> I need to execute a command before rsyslog starts / starts logging, how would I do this?
<twb> Ash-Fox: pre-start exec in the upstart job?
<Ash-Fox> twb, I'll look into that
<airtonix> an ideal django apacher server setup has us create a separate subdomain for static and user uploaded files : static.example.com & media.example.com, my issue is that i have generated a self signed ssl certificate for the website ie: example.com, but this certificate does not apply to the subdomains, i imagine i have to do something with chain certificates ? if so, how ? where is a guide with this in relation to aache on ubuntu-server 10.04.2
<littlebearz> the host *.example.com should take care of it i believe
<airtonix> could you elaborate ?
<airtonix> are you saying that i enter *.example.com instead of example.com when i generate the certificate? (when asked for the hostname)
<jmarsden> airtonix: http://wiki.apache.org/httpd/NameBasedSSLVHosts
<littlebearz> airtonix: i'm saying you do both
<littlebearz> airtonix: the example.com is your base, and then *.example.com is all your subdomin
<littlebearz> airtonix: or you could seperate it into 2 cert which is easier to manage
<airtonix> so i just generate more certificates and add them the to the vhost definition file ?
<airtonix> jmarsden: thanks
<jmarsden> airtonix: You're welcome.
<airtonix> ok so now that i've figured that out, and while it's an ok setup for a local dev server or college network etc etc, what do i do about a certificate that has been issued by someone like godaddy ? do i need to call them and say "guys, i need my subdomains covered by this certificate ? "
<airtonix> considering i need the certificate to cover variations of example.com like : www.example.com, www.example.com.au, example.com.au and all it's related subdomains for static and media
<SpamapS> airtonix: wildcard certs are usually fairly expensive
<philipballew> is 10.04 better for a file server or would 11.04 be buggy compared to 10.04?
<SpamapS> airtonix: or at least, more expensive than non wildcard
<twb> philipballew: IMO use LTS unless you have a good reason not to
<SpamapS> philipballew: "better or worse" is probably impossible to determine without knowing your needs. 10.04 will receive critical updates until April, 2015 , 11.04 will only receive them until October, 2012
<philipballew> im setting up a simple media server. all i need is the ability to ssh into it and share my media folder. i think 10.04 sounds good to me
<SpamapS> philipballew: yeah sounds like it
<philipballew> Spamp5 I think it should be fun. only used the desktop version and whenm i need a server running i figured i'd give it a try!
<philipballew> Spamap5 ...
<adam_g> SpamapS: you still admin ubuntu-server list?
<SpamapS> adam_g: yes indeed
<adam_g> SpamapS: trying to consolidate my lists to my @canonical.com account but my membership request to there was never approved (that i know of). can you keep an eye out and approve if i resubmit?
<SpamapS> adam_g: its not a moderated list so you should be able to have it send you a new password
<adam_g> hm, ok. wonder if confirmation got lost originally.. thanx
<SpamapS> adam_g: if you can't get it worked out I'll go in and see if I can manually approve you
<adam_g> SpamapS: actually im a tired moron. :) its ubuntu-server-bugs that i was having trouble getting subscribed to.
<osmosis> how can I do a full reinstall of build-essential.  it got messed up when I canceled during the install.
<SpamapS> adam_g: oh, I find that list 100% useless ;)
<SpamapS> its basically the firehose
<adam_g> i want cell phone alerts
<SpamapS> There's a bug! QUICK! To the packaging bat cave!
<osmosis> i hit CTRL-C while  apt-get install build-essential  was running.  now ./configure wont work.  How can I do a full reinstall of build-essential?
<TeTeT> osmosis: I'd try apt-get install --reinstall build-essential
<TeTeT> osmosis: and maybe apt-get -f install if the above is not working
<jamespage> hallyn: when you get a change ping me with the contents of /var/log/jenkins/*.log
<jamespage> /change/chance/
<browntechx> Who want to help me
<greppy> browntechx: that's going to depend on what your problem is, better to start with that.
<browntechx> Well, I'm going to run an IRC network off of a Ubuntu powered server
<browntechx> So how do I do that
<greppy> You would probably install an ircd and then configure it.
<browntechx> How do I do that
<browntechx> Noob here
<browntechx> :)
<greppy> are you going to be joining an existing network, like efnet, dalnet, freenode, etc?
<browntechx> I will be
<greppy> then you should contact that network and find out what ircd and what network specific configurations you will need.
<browntechx> No UbuntuServer GUI... Sadface
<greppy> you can install a gui on a server, most people don't really have a use for one.
<browntechx> Oka, nvm
<benedikt> I am replacing an old mail office server that is running Mailscanner amongst other things to spam and virus filter emails to various domains. What is the most logical replacement for this on ubuntu?
<benedikt> This server was set up by an odd howto (http://www.howtoforge.com/the-perfect-spamsnake-ubuntu-8.04-p2)
<greppy> benedikt: I have been happy with amavisd-new + spamassassin + clamav + greylisting
<benedikt> greppy: I saw that in the ubuntu server guide. Is there a web interface (to keep my boss happy) for it?
<greppy> that depends :)
<greppy> I have actually been using a previous version of http://www200.pair.com/mecham/spam/spamfilter20110303.html with http://froxlor.org for hosting.
<benedikt> spammers have really messed the internet up.
<greppy> heh
<greppy> just be glad that sendmail doesn't relay by default anymore :)
<benedikt> on second thought, converting this box to a kvm/qemu virtual machine is probably less work
<benedikt> anyone know why the wiki insists that virtual guests should not use ntp?
<greppy> because by default they get the clock from the dom0
<benedikt> isnt dom0 a xen term?
<greppy> you can run ntp on a guest, you just have to make some other tweaks
<greppy> same idea though
<greppy> it gets time from the host
<benedikt> im not sure if i am running kvm or qemu, i set the server up according to the libvirt wiki page
<benedikt> it mentions both kvm and qemu
<greppy> I've never setup kvm, and only used qemu under windows, so I won't be of much help there.
<benedikt> as long as you don't call it 'the cloud' :)
<cocoa117> what is EC2 kernel for Ubuntu?
<lynxman> cocoa117: you can find the official Ubuntu AMIs with their krnel image ID in this doc https://help.ubuntu.com/community/EC2StartersGuide
<Patrickdk> for running on amazon ec2, or as a xen guest
<cocoa117> lynxman, thanx
<cocoa117> Patrickdk, great, that's what i am looking for, a Xen domU image from Ubuntu official channel
<Patrickdk> console won't work
<Patrickdk> but otherwise it worked well for me
<cocoa117> Patrickdk, what do u mean the console won't work?
<cocoa117> you can't do sudo xm console abc to login?
<sommer> morning :-)
<cocoa117> if i am running private Xen dom0, and wants to use official ubuntu UEC image, say 10.04, should i just download the ubuntu-10.04-server-uec-amd64.tar.gz  file?
<cocoa117> and run it under xen dom0?
<TeTeT> cocoa117: I have 0 experience with xen, but I think yet, the kernel should have support for domU
<TeTeT> cocoa117: yet=yes
<cocoa117> TeTet, thanx
<TeTeT> cocoa117: there's https://help.ubuntu.com/community/Xen . but as written above, I've not verified anything. Good luck with that!
<jamespage> morning sommer
<cocoa117> TeTeT, that link was out of date, that's why i am looking at different terms
<zul> RoAkSoAx: got some cobbler patches for me?
<uvirtbot> New bug: #792339 in bind9 (main) "package bind9 1:9.7.3.dfsg-1ubuntu2.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/792339
<zul> lynxman: ping
<lynxman> zul: pong
<zul> lynxman: so mcollective-plugins a couple of more things
<lynxman> zul: shoot
<zul> lynxman: get rid of the watch file
<dkn> i'm still having trouble setting up br0 to bond0 http://pastebin.com/KxwRDPNi
<zul> lynxman: also  i dont really like 0.0.0~git20110520 as a version string, 20110520 as a version string should be fine
<lynxman> zul: okay so just 20110520
<lynxman> zul: gotcha
<lynxman> zul: then... if there's a release at some point (1.0.0 or such) how that'll affect numbering?
<zul> hmmm...are they actually going to do releases?
<lynxman> zul: yes
<zul> ok leave as it is then
<lynxman> zul: k
<zul> lynxman: also your override_dh_install is wrong it installs puppet-package.rb in the wrong place
<lynxman> zul: puppet-package.rb shouldn't be installed, I rename it in rules to package.rb
<zul> lynxman: http://pastebin.ubuntu.com/617498/
<lynxman> zul: so how would you recommend I get rid of it?
<lynxman> zul: err nevermind, I see the problem
<lynxman> zul: fixing
<lynxman> zul: all pushed to repo
<zul> k
<zul> ill take a new look in a sec
<zul> Daviey: ping
<Daviey> zul pongs
<zul> so for the cobbler next steps spec WI the hardware inventory and snapshot repotnig i just noticed that there is couchdb support so we can store the info there
<uvirtbot> New bug: #792347 in postfix (main) "Permission for /etc/postfix not set right when building sasl_password.db using postmap command" [Undecided,New] https://launchpad.net/bugs/792347
<hallyn> jamespage: lol, that instance is long deleted, but i can quickly create a new one (in a bit)
<hallyn> jamespage: last night iw as trying to figure out how to add a slave node,
<hallyn> figuring that, while 'ensemble deploy jenkins', which works now, is neat, it'd be more interesting to be able to add nodes on demand
<hallyn> but i couldn't quite figure out how to do it from the web interface, let alone cli
<hallyn> i gather i need to create an ssh key and register it somewhere, but the web interface has two places for adding ssh keys, neither seems to be fore slave nodes
<jamespage> hallyn - there are a few ways todo it; I'll be back in about 10 mins and I'll give you a few pointers
<uvirtbot> New bug: #779970 in samba (main) "package samba-common 2:3.5.8~dfsg-1ubuntu2.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 128" [Undecided,New] https://launchpad.net/bugs/779970
<uvirtbot> New bug: #788800 in bacula (main) "package bacula-director-mysql 5.0.3-0ubuntu2 failed to install/upgrade: sub-processo script post-installation instalado retornou estado de saÃ­da de erro 1" [Undecided,New] https://launchpad.net/bugs/788800
<hallyn> sigh, i really need to get an ssd
<uvirtbot> New bug: #785045 in bacula (main) "package bacula-director-mysql 5.0.3-0ubuntu2 failed to install/upgrade: il sottoprocesso vecchio script di post-installation ha restituito lo stato di errore 1" [Undecided,New] https://launchpad.net/bugs/785045
<Daviey> zul: ah, nice about the couchdb (even tho i don't like it :P)
<zul> well need to store the info
<uvirtbot> New bug: #789810 in amavisd-new (main) "package amavisd-new-postfix 1:2.6.5-0ubuntu2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/789810
<uvirtbot> New bug: #789582 in mysql-5.1 (main) "package mysql-server-5.1 5.1.54-1ubuntu4 failed to install/upgrade: ErrorMessage: el subproceso instalado el script post-installation devolviÃ³ el cÃ³digo de salida de error 1" [Undecided,New] https://launchpad.net/bugs/789582
<jamespage> hey hallyn - want to talk jenkins slaves now?
<zul> lynxman: uploaded
<lynxman> zul: ty
<lynxman> zul: have a look at mcollective-provisioner as well, let me know what I can fix/change so it can be uploaded to oneiric :)
<zul> yep will try to get to it toay
<lynxman> zul: thanks
<hallyn> jamespage: sure
<jamespage> great
<hallyn> oh lemme fire off an instance real quick
<jamespage> great - we can both look at it then
<hallyn> jamespage: it'll be ec2-184-73-78-32.compute-1.amazonaws.com
<hallyn> there we go, it's up
<hallyn> so does a slave node first get set up as a full jenkins master node?
<hallyn> or can it be anything with sshd running?
<RoAkSoAx> zul: not yet... got caught up in something else... will have them later though
<zul> RoAkSoAx: k because im rolling a new spnapshot
<RoAkSoAx> zul: ok I'll let you know as soon as I have them
<RoAkSoAx> kirkland: ping
<kirkland> RoAkSoAx: pong
<RoAkSoAx> kirkland: sed -i "s/^server:.*localhost$/next_server: $ipaddr/" /etc/cobbler/settings
<RoAkSoAx> kirkland: that should be server instead of next_server right?
<kirkland> RoAkSoAx: hmm
<kirkland> RoAkSoAx: i thought i fixed that yesterday
<kirkland> RoAkSoAx: let me grab the code again
<kirkland> RoAkSoAx: whoops
<RoAkSoAx> kirkland: I'll fix it now, I'm working on the debconf stuff for them
<kirkland> RoAkSoAx: okay, thanks!
<RoAkSoAx> kirkland: ;)
<rynop> how can you make an AMI out of an instance-store EC2 instance?  My EBS backed instances i can 1 click make AMI from the gui. Havent found a good guide for making ami from instance-store.
<rynop> my instance is based off of the 10.10 64bit us-east
<Daviey> lynxman: the queue is https://launchpad.net/ubuntu/oneiric/+queue :)
<lynxman> Daviey: thanks ^^
 * lynxman loves when he asks in one server and gets replied in another one, this is true context switching
<Daviey> :)
<sunil> I want to generate heavy traffic on my network card, how can I do this,
<lynxman> ping mvo
<genii-around> sunil: You could do something like netcat, stream /dev/random or something
<sunil> genii-around: I am looking for about 400MB/s traffic, do you think netcat can do this
<genii-around> sunil: I think it would depend on the source of what you are sending. Might be the bottleneck there (like hd speed if it's a file, etc)
<sunil> jaskal: I am using 23HDD on RAID0
<sunil> jaskal: I am using 23HDD on RAID0
<sunil> genii-around: am using 23HDD on RAID0
<genii-around> work, afk
<sunil> genii-around: 32TB ram
<sunil> genii-around: xeon server
<genii-around> sunil: If you have a massive file like 4G or so, with 2 machines you do: (machine with file on it)  cat 4g-filename | nc -l portnumber-here       (machine to receive file) nc <ip-of-machine-with-file>  portnumber-here > local-filename   eg: cat ubuntu-server.iso | nc -l 65534        and: nc 192.168.0.100 65534 > ubuntu-server-copy.iso
<sunil> genii-around: yes, I think this should work, but I have only one demo server.
<genii-around> sunil: If you have 2 interfaces on the same box, you can use a crossover cable between them, then run the serve part on one interface, send it to the second interface
<sunil> genii-around: yes, that demo server contains 2 interface
<genii-around> sunil: If you do that, add like: -s <ip-address-of-interface-serving-file>  to the first command
<sunil> genii-around: can you plz write command clearly for me
<sunil> genii-around: nc <ip> <port> < filename
<sunil> genii-around: do u think this will work
<RoyK> if you have a gigabit interface or a newer 100Mbps card, crossover cable isn't needed - it's autosense
<RoAkSoAx> kirkland: what's wrong with this, I think I'm missing something: http://pastebin.ubuntu.com/617620/
<RoAkSoAx> kirkland: in the debconf part
<kirkland> RoAkSoAx: +_Template: cobbler/server_and_next_server
<RoAkSoAx> kirkland: should not use underscore?
<kirkland> RoAkSoAx: right, not for that
<kirkland> RoAkSoAx: just for _Description
<RoAkSoAx> kirkland: ok thanks
<genii-around> Someone unplugged my network cord in another area of the building, took a while to track down
<genii-around> sunil: an example with interface 192.168.0.100 sending file and 192.168.0.200 receiving, here I am sending an iso file:  on sending side: cat /home/mike/ubuntu-11.04-alternate-i386.iso | nc -l 192.168.0.100 65534      then on receiving side: nc -s 192.168.0.100 192.168.0.200 65534 > /dev/null
<slyboots> Anyone any suggestions for running virtualisaion software on a Ubuntu server (headerless host) I've tried Qmem and Virtualbox but both are demanding a full X windows enviroment to run/install
<Ekx> Vortexirc looks for linux/chat interested people, if you want to join irc.vortexirc.com 6667  see ya :D
<pmatulis> slyboots: kvm i guess
<slyboots> pmatulis: I cant even get it to start, complains about no display being available
<slyboots> And no kvm support
<slyboots> Or "ROM"
<pmatulis> !kvm | slyboots
<ubottu> slyboots: kvm is the preferred virtualization approach in Ubuntu. For more information see https://help.ubuntu.com/community/KVM
<slyboots> Fun, mny board doesnt support virtulasation
<slyboots> Well that was fruitful ;)
<geekbri> i missed the question, what are you trying to do slyboots?
<slyboots> Run a virtual windows OS on my headerless Ubuntu server
<slyboots> But apparently Im screwed, board doesnt support virtulasation and Virtualbox wants to install every package under the sun
<geekbri> hrm yeah sorry, most of my expierence is with qemu.  I know there is a chapter in the official ubuntu server guide book on installing a vmware server, maybe that would be useful, i really dont know.
<geekbri> sorry, wish i could be more of a help.
<slyboots> Eh, Will jsut give up :P
<slyboots> Figrue out another solution
<maccam94> i'm trying to configure my ldap server to use ssl/tls, which involves generating a certificate using gnutls/certtool. the certificate generated from the ubuntu server guide is only valid for one year though. how can i make a certificate that is valid for 3 years?
<zul> RoAkSoAx how is the cobbler stuff coming?
<RoAkSoAx> zul: almost finished
<RoAkSoAx> zul: trying to reduce the description
<zul> RoakSoak: cool send me the patch
<maccam94> figured out my problem. had to add expiration_days = ### to the end of the ca.info file mentioned in the server guide
<RoAkSoAx> kirkland: does this make sense to you (including the description?): http://paste.ubuntu.com/617696/
<RoAkSoAx> zul: if this also makes sense to you, then that's it for now http://paste.ubuntu.com/617696/
<zul> looks sane
<zul> although s/natty/oneiric/g
<RoAkSoAx> zul better use this one: http://paste.ubuntu.com/617706/
<RoAkSoAx> minimally improved the description
<zul> RoAkSoAx: cool im going to do a test build then uploade it
<RoAkSoAx> zul: cool, thanks
<zul> ok new git snapshot uploaded
<amero> how do we install packages specifically from a ppa when you have another similar package name from the official repo?
<genii-around> !pinning
<ubottu> pinning is an advanced feature that APT can use to prefer particular packages over others. See https://help.ubuntu.com/community/PinningHowto
<Daviey> zul: How come you switched to using git$DATE for cobbler version string, i thought we were using bzr rev no?
<zul> Daviey: right the ubuntu-virt repo is really old and dated so i thought we should start fresh
<zul> besides that delta is based on 2.1.0 and current git diff
<Daviey> zul: yeah, but lp:cobbler is constantly up to date :)
<zul> right but 2.1.0 we have been using lp:ubuntu/cobbler
<Daviey> I'm not sure a git checkout date is safe TBH.. what if there are multiple commits the same day?
<Daviey> If you /really/ want to use git as reference, then surely a short hash is better?
<Daviey> zul: err, lp:ubuntu/cobbler is unrelated to lp:cobbler
<zul> Daviey: right but thats where all of our changes have been done (ie the refrence branch)
<Daviey> zul: hmm..
<Daviey> sure, but lp:cobbler is purely upstream.
<Daviey> does that make sense?
<zul> it does
<Daviey> SpamapS: So what is ensemble anyway?  Where can i find out more info?
<zul> SpamapS: oooh charts!
<genii-around> Daviey: I found http://people.canonical.com/~niemeyer/ensemble/index.html pretty informative
<amero> is it okay to have 2 libevent libraries of different version? one of them is compiled from source, and the other one is from offical repo
<Daviey> sorry genii-around, it was a loaded question. :)
<Daviey> but thanks!
<genii-around> Heh!
<SpamapS> Daviey: why, its good that you asked..  http://fewbar.com/2011/06/so-what-is-ensemble-anyway/
<SpamapS> genii-around: http://ensemble.ubuntu.com is even better. :)
<genii-around> SpamapS: Thanks
<hallyn> cmagina: hey, regarding bug 789229, the previous commit to libmultipath/blacklist.c also seems good
<uvirtbot> Launchpad bug 789229 in multipath-tools "using a blacklist and a blacklist_exception section results in multipathd filtering out paths it shouldn't" [High,Confirmed] https://launchpad.net/bugs/789229
<uvirtbot> New bug: #792513 in tomcat6 (main) "package libservlet2.5-java (not installed) failed to install/upgrade: defektes Tar-Dateisystem - Paketarchiv ist defekt" [Undecided,New] https://launchpad.net/bugs/792513
<hallyn> so unless you say otherwise, i'll use both of those
<Daviey> SpamapS: You threw that together to answer my question?
<SpamapS> Daviey: thats just how good Ensemble is.
<SpamapS> Now hopefully my blog doesn't get *crushed* by the oncoming traffic. ;)
 * SpamapS considers rebooting into c1.medium...
<hallyn> oh, haha
<cmagina> hallyn: yeah, the changes to blacklist.c fixed the issue i was experiencing
<hallyn> cmagina: never mind, i was looking without quilt patches applied :)
<cmagina> hallyn: heh
 * hallyn getting tired, bumps the xterm font up a notch
<uvirtbot> New bug: #792516 in squid (main) "squid crashed with SIGABRT in __kernel_vsyscall()" [Undecided,New] https://launchpad.net/bugs/792516
<jcastro> SpamapS: heh, never heard of siege until I read your blog, nice!
<SpamapS> jcastro: it blows ab away..
<uvirtbot> New bug: #792557 in dovecot (main) "dovecot fails to start on oneiric" [Undecided,New] https://launchpad.net/bugs/792557
<Cheery> what debugging mechanisms are there for dovecot?
<Cheery> I'm in middle of situation where I don't get the message body.
<CrustyBarnacle> secure permissions for /var/www and publicly accessible?
<zombi-> just dont a fresh install of ubuntu server
<zombi-> as far as i can see apache is running as www-data but /var/www/ is root:root group/owner
<zombi-> is there a good reason its root:root and not www-data:www-data ?
<luite> usually apache only needs to read those directories, not own them or write to them :)
<Cheery> oh.. dovecot doesn't actually just mess with my mail.. it actually loses it too. interesting
<Cheery> well. 'loses'
<viezerd> why ?
<Cheery> I'm not sure.
<Cheery> when postfix throws those things. they just end up nice
<Cheery> into new/
<Cheery> when I make dovecot fetch through my imap client, it loses them. :)
<Cheery> they appear in cur/ -directory with :2 -postfix though
<Cheery> but the client doesn't get them ever
<Cheery> also refuses to remove those two now. interesting :)
<hallyn> ppetraki: cmagina: right now, http://paste.ubuntu.com/617832/ shows the list of fixes which is in natty and oneiric, but not in lucid and maverick.
<ppetraki> hallyn, so the only thing that's limiting me from testing this on lucid is machine time, my chassis aren't even mine anymore
<hallyn> ppetraki: right, that' swhy those haven't been SRU'd, bc we can't test them sufficiently for those standards
<ppetraki> hallyn, I have test -10 with failover and it worked "just as well" as the lucid versions, sans the killer FS bug
<hallyn> ppetraki: so I suggest that we go through each of the bugs in that changelog diff,
<hallyn> make sure there are SRU justifications, I'll push a package for lucid and maverick with all fixes,
<hallyn> and you mark them all verified, bc you've verified them before
<hallyn> or maybe we have cmagina test them one more time
<ppetraki> hallyn, ok
<hallyn> but lucid is gonna be worthless if we don't get those in
<hallyn> ok.
<ppetraki> lucid are is worthless :-{
<hallyn> here i go on a marathon SRU justification writeup :(
<hallyn> ssssh
<ppetraki> no one knows yet, I know ;)
<Cheery> Jun  3 23:59:23 boxbase dovecot: IMAP(cheery): maildir++: root=/home/vmail/cheery, index=, control=, inbox=/home/vmail/cheery
<Cheery> huhhuh
<ppetraki> hallyn, there may be cross depends with the most recent changes with initramfs
<hallyn> really?  I thought it was all self contained?
<ppetraki> hallyn, I'll have to test each version and find where it breaks
<ppetraki> hallyn, no :(
<ppetraki> hallyn, at least not in my experience, I wish I had the versions handy, but it was between the lucid/maverick initramfs + latest mp, and it didnt work
<ppetraki> hallyn, *that* I can test, I just can't do failover right now
<hallyn> oh, ok - we'll worry about failover when the rest works :)
<hallyn> i think i'll beg SpamapS to help with straightening out the final mess
<ppetraki> hallyn, ack, i'll take the bisect action in the meanwhile
<hallyn> thx
<SpamapS> hallyn: eh?
<hallyn> SpamapS: multipath.  we haven't had the hw to properly test for SRUs.  So lucid and maverick are missing *7* fixes that are in natty/oneiric.  I'm working on that right now
<hallyn> SpamapS: which means I intend to push one upload for lucid (and one for maverick) for all 7 bugs.
<hallyn> some (at least one) actually had already made it to verification-done, but the package never got pushed to lucid-proposed I guess, or it got dropped form there by accident.  (not impossible :)
<hallyn> anyway, 2 down 5 to go
<SpamapS> hallyn: I presume these are not giant patches?
<SpamapS> or if they are, they're at least straight forward
<hallyn> no, they're not.  most of them came straight from upstream
<hallyn> i can pastebin a full debdiff if you like
<hallyn> http://paste.ubuntu.com/617832/ shows the list of changes
<hallyn> ppetraki: feh, on bug https://bugs.launchpad.net/ubuntu/+source/multipath-tools/+bug/712840
<uvirtbot> Launchpad bug 712840 in multipath-tools "local-top should pass -p part, not -p p" [Medium,Fix released]
<hallyn> ppetraki: i guess i'll have to skip that one, since there is controversy
<hallyn> which makes the whole thing messier
<ppetraki> hallyn, if we had to question why debian does everything a certain way...
<ppetraki> hallyn, sigh... fine
<hallyn> yeah, but we can't change the pathanmes which are in use at an existing site during an SRU update, can we?
<hallyn> that'll set us up for public flogging :)
<ppetraki> hallyn, well, we mount by UUID, so it'll be transparent
<hallyn> we do, but what funky things might the customers do with it?
<ppetraki> hallyn, but for folks who actually have an fstab using wwids, that might be bad
<hallyn> yeah
<hallyn> all right, so all bugs updated, now to come up with a package
<ppetraki> I've got a fresh install chugging away
<ppetraki> the initramfs fix was backported right?
<hallyn> i don't know which your'e talking about,
<hallyn> you mean the mp fix, or a related fix to the initramfs sources?
<hallyn> in any case, i dunno - the packages are all confused.  the bzr tree history is weird.
<ppetraki> hallyn, we'll see if it's a brick after apt-get upgrade then
<ppetraki> https://bugs.launchpad.net/ubuntu/+source/grub2/+bug/687501
<uvirtbot> Launchpad bug 687501 in grub2 "when installer is multipath aware, grub fails to install" [High,Fix committed]
<ppetraki> hallyn, sigh.. the upload was messed up, resulting in a failed verification
<ppetraki> hallyn, so there's no point
<ppetraki> :-/
<hallyn> which one?
<ppetraki> the one I just posted
<hallyn> doh
<ppetraki> hallyn, so the test lab uses an updated iso, looks like I have all the updates, just installed ubuntu10, we'll see...
<ppetraki> hallyn, made it!
<hallyn> excellent.
<ppetraki> so we can upgrade multipath
<ppetraki> grub is still terribly broken
<ppetraki> hallyn, https://pastebin.canonical.com/48181/
<ppetraki> but we're no more broken than we were before
<ppetraki> just don't upgrade your kernel
<ppetraki> no biggee right?
<ppetraki> https://bugs.launchpad.net/ubuntu/+source/grub2/+bug/688261
<uvirtbot> Launchpad bug 688261 in grub2 "When in a multipath, boot from SAN environment, update-grub will make the system unbootable (dup-of: 687501)" [High,Incomplete]
<uvirtbot> Launchpad bug 687501 in grub2 "when installer is multipath aware, grub fails to install" [High,Fix committed]
<ppetraki> they duped it to the installer bug
<hallyn> ppetraki: can you ping SpamapS on that one?  (i'd say cjwatson but he's out)
<hallyn> ppetraki: that one needs to get pushed, obviously.
<ppetraki> SpamapS, ping
<ppetraki> hallyn, should I just move the bug back to incomplete?
<SpamapS> ppetraki: pong
<ppetraki> SpamapS, could you help me push this update along? https://bugs.launchpad.net/ubuntu/+source/grub2/+bug/687501
<uvirtbot> Launchpad bug 687501 in grub2 "when installer is multipath aware, grub fails to install" [High,Fix committed]
<ppetraki> SpamapS, looks like a procedural  bug, and now it's languishing
<hallyn> ppetraki: sorry i'm really not sure.  i'm not even sure what the last comment is referring to in that bug (i.e. why it failed)
<hallyn> the verification succeeded,
<ppetraki> hallyn, that's weird because I'm not getting the updated package
<hallyn> phew, just one mor debdiff to reverse engineer
<SpamapS> That one was blocked on a WUBI issue IIRC
<hallyn> SpamapS: could an explanation of that be added to the bug, so someone can work on it?
<hallyn> it's sort of an important one
<ppetraki> SpamapS, it's really a platform for this bug: https://bugs.launchpad.net/ubuntu/+source/grub2/+bug/688261
<uvirtbot> Launchpad bug 688261 in grub2 "When in a multipath, boot from SAN environment, update-grub will make the system unbootable (dup-of: 687501)" [High,Incomplete]
<uvirtbot> Launchpad bug 687501 in grub2 "when installer is multipath aware, grub fails to install" [High,Fix committed]
<SpamapS> hallyn: its right in the comments
<hallyn> maybe iw as looking at the wrong bug before then
<SpamapS> seems blocked on cjwatson's wubi fixes
<hallyn> (i'm not opening that up before i finish this crap)
<hallyn> <grimace>
<hallyn> servers get to hang so wubi will work.  good
<hallyn> all RIGHT.  debdiffs applied.
<hallyn> ppetraki: wait, is that applied to lucid though?
<hallyn> SpamapS: my reading of that comment is that it's ok to push for lucid but not maverick
<hallyn> ?
<hallyn> ppetraki: if it's only maverick then i'm not particularly worried
<ppetraki> hallyn, I'll be optimistic, for once, it would be terrible for this to miss the 10.3 window
<SpamapS> hallyn: I'm really completely ignorant of the technical matters at hand.. and I think you'll need to get a +1 from cjwatson and/or pitti before we can move forward on it.
<SpamapS> ppetraki: I believe there are 4 weeks left until it freezes.. could be wrong.
<hallyn> ok, i'll send cjwatson an email
<hallyn> SpamapS: so with apologies, I hand you the SRU nightmare...  proposed packages for lucid and maverick pushed.
<SpamapS> hallyn: how many packages?
<hallyn> oh, just two :)
<SpamapS> ok thats not too bad
<hallyn> with 6 changesets/linked-bugs for each
<SpamapS> http://people.canonical.com/~ubuntu-archive/pending-sru.html
<hallyn> (they're identical)
<SpamapS> That may be interesting in helping you guys to track it as a whole.
<hallyn> i should probably watch that more closer than i do in general anyway
<hallyn> SpamapS: thx, ttyl
<uvirtbot> New bug: #792607 in mysql-5.1 (main) "Plugin 'InnoDB' registration as a STORAGE ENGINE failed." [Undecided,New] https://launchpad.net/bugs/792607
<FunnyLookinHat> If I install apache2-mpm-prefork - will it erase/overwrite everything I've setup in /etc/apache2/ ?  Or will it simply add the module and replace the necessary apache2 binaries?
<zombi-> afaik only if you remove it with --purge option
<zombi-> but i would back them up before the reinstall just in case
<FunnyLookinHat> zombi-, better question, turns out prefork is already installed...
<FunnyLookinHat> So how can I ensure it's being used instead of stock apache ?
#ubuntu-server 2011-06-04
<zombi-> FunnyLookinHat: Apache2 -V
<rudyv> Hi, I'm trying to cinfugre iptables on my box to provide NAT through eth1 to eth0 (which provides DSL via PPPoE). How do I set up the rules in iptables to do that?
<jMCg> rudyv: take a look at the ufw wiki, I think it might have something you're looking for.
<rudyv> I got the basic NAT up with iptables.
<rewt> rudyv, also make sure to  echo 1 >/proc/sys/net/ipv4/ip_forward
<rudyv> I did that
<rudyv> and set the appropriate line in sysctl.conf
<rudyv> :D
<rudyv> I have the rules set
<rudyv> Accept if input = eth1 & state = established or related; accept if input = ppp0
<rudyv> That works.
<rewt> eth1 is your lan?
<rudyv> Yes.
<rewt> pastebin your iptables rules and i'll can have a look if you want
<rudyv> Alright
<rudyv> rewt: I'm using Webmin to configure it
<rewt> can that give an equivalent of iptables-save ?
<rudyv> I can get it via SSH
<rudyv> hm
<rudyv> pastebin isn't working from here
<rudyv> lemme try pasteit on the server
<rewt> try a different pastebin
<rudyv> oh, pastebinit
<rudyv> http://pastebin.com/9W9NnnNr
<rewt> yeah, that's quite a bit off :/
<rudyv> oh
<rudyv> that probably explains why some sites take longer to load on this system
<rudyv> rewt: What do I need to do to configure it properly?
<rewt> here's a script that should work after you put in your details in lines 3-5:  http://pastebin.com/Nj43cGT1
<rudyv> Well, I want to be able to set forwarded ports much like one can on a standalone router
<rewt> for that, just add pairs of lines like this:  http://pastebin.com/Lx5YzW4j
<rewt> err, that DROP on the end should be ALLOW
<rewt> ACCEPT
<rewt> http://pastebin.com/gruhhvA8
<rewt> first line redirects it to the lan pc, second one allows it through
<rudyv> I'm inputting the rules in the script into Webmin.
<rudyv> Yay!
<rudyv> I have forwarding up.
<rudyv> Hm, some Web sites though, like my personal Web site, won't come up
<rudyv> (nor will any on the same server)
<jMCg> rudyv: is your personal website in you LAN?
<rudyv> No
<rudyv> it's on a VPS
<rudyv> and I distinctly recall paying for it
<jMCg> downformeor....
<rudyv> "It's just you. rudyvalencia.com is up."
<rudyv> Finally it's come up, albeit extremely slow.
<RudyValencia> hey
<RudyValencia> Why would browsing to some sites be slower than to others if I have my Linux box providing NAT access to my DSL for my LAN?
<RudyValencia> OK
<RudyValencia> Why am I having problems with some sites with NAT provided by my Linux system?
<jmarsden> RudyValencia: Make sure you log everything your packet filtering setup drops, and then read your logs.  Sounds like you are blocking some traffic that you want to allow through?
<RudyValencia> I'm trying to set up IPtables rules to provide NAT on my server
<jeeves__> how do I go about setting up SA-LEARN on my Dovecot box with virtual e-mail boxes that are mapped in MySQL?
<Derptron> Hi, I'm wanting to use oprofile and need an uncompressed vmlinux. Does anyone have any experience doing this? I can't find any documentation on how to acquire/setup one.
<Derptron> (I'd use --no-vmlinux but the given process is spending 20% of its time in "--no-vmlinux", so I need to better isolate what it's doing.
<luite> hmm, last time I needed one (for booting with an old xen version), I rebuilt the whole kernel
<Derptron> I need to somehow do this with minimal to no downtime or performance decrease, as the server has >50 users connected at any given moment.
<luite> I used another (faster) system to build the kernel and just copied the vmlinux file over :)
<Derptron> I was hoping ubuntu 10.04 LTS might have a package that already contains debug symbols etc
<Derptron> hmm, wonder if I could do that
<luite> I'd be interested in that as well, would save me some time the next time
<Derptron> luite: We may be able to use these in the future, although they should probably be documented or included in apt. http://ddebs.ubuntu.com/pool/main/l/linux/
<luite> hmm, interesting, thanx
<luite> thanks
<luite> huge files :)
<RefaelAlats> hola, am attempting to do a RFC Bridging for a Actiontec Modem to a WRT54G2 Router, & am in hopes various persons might be able to assist for references to certain things
<RefaelAlats> the modem gateway is 192.168.0.1 & the Router Gateway is 192.168.1.1, though the Modem displays Address 192.168.0.3 for reasons unknown
<RefaelAlats> & the hopes are to Bridge the couple devices to enable Port Forwarding from the WRT54G2
<FernandoTertiary> can anybody assist with bridging a modem & a router?
<FernandoTertiary> online sites do not help, & the manuals do not cover the topic
<JonathanC> Hello. I'm trying to install a Ubuntu 10.04.2 server for a dev server on a very old laptop (it uses a Xircom Realport card, no built-in port) but though that card loads and works in the installer, it doesn't work in the installed system.
<JonathanC> How should I troubleshoot this?
<Keatonguy> I need info on how to build a proxy server. I already have an ubuntu server machine running on another network, but I don't know what software to use.
<Ethos> anyone experienced with setting up PPTPD? Or could recommend something easier to setup?
<uvirtbot> New bug: #792761 in bind9 (main) "package bind9 1:9.7.0.dfsg.P1-1ubuntu0.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/792761
<RoyK> Keatonguy: apt-get install squid
<teaforthecat> hello, would someone like to help debug an install?
<pmatulis> !ask | teaforthecat
<ubottu> teaforthecat: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-)
<teaforthecat> ok thanks; I swapped out a hard drive from a broken machine; ubuntu 8.04server boots fine; the only issue is no ethernet is picked up. Would there be a way to force ubuntu to see the nic? I put e1000(intel pro nic) in /etc/modules, but no luck.
<RoyK> teaforthecat: probably interface naming - type 'ifconfig -a'
<teaforthecat> ifconfig -a gives lo only
<RoyK> hm...
<RoyK> not udev, then
<teaforthecat> ifup eth0 gives: no device found
<RoyK> what does lshw has to say?
<RoyK> s/has/have/
<teaforthecat> lspci says Ethernet Connection Intel Pro (100/1000)
<pmatulis> teaforthecat: try 'lspci -vvnn' for more info
<RoyK> teaforthecat: if it's a new card, it can have a new PCI ID, which the old driver in 8.04 won't recognize
<RoyK> iirc the only way to fix that, is to fix the driver
<teaforthecat> do you mean recompile the e1000 module?
<RoyK> I don't think you can tie a driver to a PCI ID not known by the driver
<RoyK> yes
<RoyK> in the source, there are PCI IDs listed
<RoyK> and as new versions of NICs are released, they are given new PCI IDs
<exekias> has anyone experienced problems updating from security ppa for lucid?
<teaforthecat> so on the install of ubuntu on the broken machine was the e1000 module compiled?
<RoyK> was it the same card?
<teaforthecat> no
<RoyK> probably something supported, then
<RoyK> the first thing I thought about, was udev, ubuntu ties eth0 to the mac address, so when changing a NIC, the old name is left and the new is named eth1
<RoyK> etc
<RoyK> but if ifconfig -a only shows lo, that's not your issue
<teaforthecat> that is good to know
<RoyK> ifconfig will only list interfaces that are up - ifconfig -a should list all
<teaforthecat> could there be a module that is loading before e1000 that is interfering?
<RoyK> not really
<RoyK> 13:58 < pmatulis> teaforthecat: try 'lspci -vvnn' for more info
<RoyK> did you try this?
<teaforthecat> I'm sorry I'm not at the machine, maybe I will come back later when I am(it is at work)
<RoyK> k
<teaforthecat> but, would the module e1000 fail silently?
<RoyK> you may want to try to boot it up on a lucid cd
<RoyK> just to see if that can see the nic
<RoyK> teaforthecat: the e1000 module is loaded when the kernel finds a PCI ID match. if it's a new card, the PCI ID won't be in kernel, and the module isn't loaded
<teaforthecat> I tried a maverick cd, but I should also try a lucid?
<RoyK> did maverick see the card?
<teaforthecat> yes it worked
<RoyK> ok, then that's the problem
<RoyK> either upgrade to lucid (if you want to stay on LTS) or get another NIC
<teaforthecat> that is the answer; that is awesome; so an upgrade from a lucid cd should solve it?
<RoyK> hm... dunno
<RoyK> I've never upgraded with a CD
<RoyK> can't you just get another NIC for the upgrade?
<RoyK> anyway - to reset the udev stuff, just rm /etc/udev/rules.d/70-persistent-net.rules
<teaforthecat> oh just install a pci ethernet card?
<RoyK> you want to do that anyway
<RoyK> yes
<pmatulis> teaforthecat: you should really identify your card (PCI id like RoyK referred to).  the lspci command you were given twice will give it to you
<teaforthecat> awesome I will try to reset the rules too
<RoyK> pmatulis: and as he said, he's not at the office where the machine sits...
<teaforthecat> but the idea is that I should tie the output of lspci -vnn to a particular module right?
<teaforthecat> I did verify that e1000 is the module that I'm looking for because it covers all intel nics
<teaforthecat> Royk: thanks for the help
<JanC> e1000 is for Intel PCI NICs, Intel PCIE NICs use e1000e...
<RoyK> JanC: are you sure?
<JanC> RoyK: that's what I see being loaded for PCIE Intel NICs at least...
<JanC> I think both drivers share some code though
<JanC> http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=blob;f=Documentation/networking/e1000e.txt;h=97b5ba942ebf847781fbd2e0f2526d7b92646135;hb=HEAD --> most PCIE are e1000e, except for some specific models
<heirenton> I have problem with my new ubuntu vps. I installed ubuntu-server and everthing looks working fine but there is no internet connection... I cant ssh to it or from vnc i cant ping any web adress or ip. I reboot it and restarted network services. eth0 look working correctly. bump... does anyone show me a way to pinpoint the problem?
<smw> shouldn't the vps come setup with networking and ssh?
<heirenton> I am new to vps stuff. I use ubuntu all the time for my local server etc. They told me that after installing ubuntu to vps through vnc ssh and networking should work. but it is not working. i wrote a support ticket but in the meantime i am checking if i am making a mistake on my side.
<RoyK> heirenton: where did you get this vps?
<RoyK> heirenton: also, is ssh installed? or a webserver?
<heirenton> RoyK: Host House... Ssh is installed and it is working. I can ssh to localhost on vnc. Do i need web server for ssh or internet access. Because without internet access i cant update of install anything to ubuntu
<RoyK> no need for webserver for that
<RoyK> if you can't ssh in, a firewall may be blocking
<RoyK> ask the provider
<heirenton> RoyK: I asked already. But as i said i am checking if missing something. I am new to vps stuff. :) Thanks by the way.
<rewt> did you configure the networking?
<luite> is the network configured properly?
<luite> hehe
<RoyK> have you configured the network correctly?
<rewt> they should've given you the network settings to configure
<shauno> I tend to expect a sane working config on a new vps.  but finding an issue right off the bat isn't always a bad thing.  it's a great chance to find out if they're worth the price before you're too vested in them
<heirenton> rewt: Uhmm. They didn't give me any network configuration. But in their confirmation mail they said that after installing ubuntu to the server, i could ssh to it. But i can't... When i checked the dns through nslookup i see google dns is configured. I assume they have that configuration inside ubuntu install.
<heirenton> shauno: I aggree.
<RoyK> heirenton: you obviously need to configure the network somehow...
<rewt> heirenton, did you install ubuntu from scratch, or was it pre-installed?
<rewt> if it wasn't pre-installed, you have to tell it at least the ip & gateway to use
<RoyK> unless the provider uses static dhcp...
<rewt> well, yeah
<RoyK> heirenton: is there an ip returned ifconfig? if so, does this look sane?
<RoyK> s/returned/returned by/
<heirenton> RoyK: yes.
<RoyK> cna you ping something from the server?
<heirenton> it gives me the ip of the server
<heirenton> RoyK: nope. Neither adress nor ip. I cant ping anything
<JanC> heirenton: how do you get that IP address?
<RoyK> does netstat -rn show a default gateway?
<heirenton> JanC: They emailed it to me for ssh to the server.
<JanC> heirenton: I mean, how does the server got it, DHCP or you set it manually?
<heirenton> JanC: I think it is dhcp because i didn't set it up.
<RoyK> heirenton: check netstat -rn
<heirenton> RoyK: netstat gives two results for eth0. First is 77.74.196.0 to gateway 0.0.0.0 genmask 255.255.255.128
<heirenton> second is 0.0.0.0 dest to 77.74.196.1 gateway
<RoyK> can you ping 77.74.196.1?
<heirenton> RoyK: Nope. Host unreachable.
<RoyK> call the provider, then
<RoyK> ask for correct network config
<rewt> lol @ ptr for that ip
<heirenton> RoyK: Ok. :) I thought it wasn't about me but it is better to be sure. Thanks everyone.
<JanC> rewt: heh, the same (default) PTR for all their clients?
<rewt> probably
<FernandoTertiary> hola, am bridging a modem to router, & using transparent bridging. the modem address is 192.168.0.1 & the router address is 192.168.1.1. What should the router address be manually set to initially for Bridge priori Transparent bridge is established?
<qman__> FernandoTertiary, when your modem is switched into bridge mode, the device directly connected to it will have your internet IP
<qman__> if you have a dynamic address from your ISP, use a DHCP configuration, otherwise it's the static IP your ISP gave you
<FernandoTertiary> qman__: in other words, the router adopts the modem address?
<qman__> basically
<FernandoTertiary> qman__: does Ubuntu have a bridging tutorial?
<qman__> well, unless ubuntu is your modem, you don't want to bridge on ubuntu
<FernandoTertiary> the modem & router manuals do not cover that infomation
<qman__> you want to bridge on the modem
<qman__> and then route with the next device, which I am guessing is ubuntu
<FernandoTertiary> qman__: the page http://www.dslreports.com/forum/remark,14709801 was referenced, though does not display step a step instructions
<ujjain> Does Ubuntu Cloud allow to make such an environment as Amazon AC2?
<ujjain> Is the Cloud an effective way to host high-volume sites?
<pmatulis> ujjain: it's meant to answer the need of increasing and decreasing resources quickly
<pmatulis> ujjain: like a tap of water
<ujjain> Yes, seems pretty scalable.
<ujjain> although it does not provide a raid-like storage, does it?
<ujjain> if I have 3 servers with 1x1TB raid1.
<ujjain> for storage, it will not become faster than 90MB per second, will it?
<qman__> clouds are intended for much larger scales than three servers
<qman__> you won't see any benefit
<qman__> only reason to run one on that small of a scale is as a testing environment, before you load your application on a real cloud
<RoyK> ujjain: the cloud is, imho, a good way to host servers if you don't have infrastructure yourself. If you do, however, it'll probably be cheaper in the long run
<RoyK> ujjain: servers are cheap these days, and with Amazon's pricing, you can probably setup a rather nice and redundant system for less money, at least if the system is cpu/network intensive
<qman__> could is a good technology, but it's also very niche
<ujjain> RoyK: I run VMWare ESXi
<qman__> I know it has the current solve everything buzzword effect, but you have to have a specific need to make use of it
<RoyK> ujjain: then why bother with the "could"?
<RoyK> or "cloud"
<qman__> lol, whoops
<RoyK> "servers in the fog"
<FernandoTertius> qman__: maneuvered a modem to router bridge, though now the modem page 192.168.0.1 is no more visible
<FernandoTertius> it is configured for Transparent Bridging
<qman__> FernandoTertius, precisely
<qman__> now the next device in line is directly connected to the internet
<FernandoTertius> ah, & there is no way to enter that modem config utility any more?
<qman__> there is, but it typically only works if the modem is offline
<FernandoTertius> ahh
<FernandoTertius> qman__: gracias amigo
<qman__> the modem doesn't have any influence anymore, it just connects the two lines and that's it
<FernandoTertius> qman__: does Filter Internet NAT Redirection enable NAT? or disable NAT?
<FernandoTertius> it does not specifically suggest "Enable" or "Disable"
<qman__> couldn't tell you, you'd have to look up your device in specific
<qman__> to see what that actually does on it
<FernandoTertius> qman__: forgive the questions, though does Filter Internet NAT Redirection  This feature uses
<FernandoTertius> port forwarding to block access to local servers from
<FernandoTertius> local networked computers. Select Filter Internet NAT
<FernandoTertius> Redirection to filter Internet NAT redirection. This feature
<FernandoTertius> is not selected by default" mean turn it on or no?
<RoyK> FernandoTertius: the way your router works, isn't really related to ubuntu
<teaforthecat> :RoyK the module rebuild worked, the new machine is online with the hard drive from the old machine, thanks for the suggestion
<RoyK> :)
<qman__> I ran into the same thing on my file server, bought a new NIC to replace the burned out one and it wouldn't work. I ended up upgrading to lucid
 * RoyK listens to Rammstein - LOAD
<iceflatline> Rammstein!? Perfect.
<RoyK> Rammstein ist gut...
<FernandoTertius> qman__: when a router is bridged to a modem & the router is the gateway, is each machine within the network then a Router?
<sw0rdfish> grrrr! why can't I send my sysadmin a letter!
<sw0rdfish> maybe i should use "mail" instead of alpine
<FernandoTertiary> hola, am curious if a bridged router should be set to Router or Gateway
<qman__> FernandoTertiary, the router is not bridged, the modem is
<qman__> and, all computers are always routers, that's just basic internet protocol
<FernandoTertiary> ok, does that mean the router is the gateway?
<FernandoTertiary> or can the router still be set to router mode?
<qman__> yes
<luite> FernandoTertiary: if it's a bridge, then you don't need any IP configuration for it, use the gateway that you'd use at the other side
<luite> linux computers can perfectly be configured as bridge by the way
<FernandoTertiary> luite: am attempting to prove open tcp/udp ports with port forwarding, though when attempting to access the specific page with port, it gives error 404
<FernandoTertiary> though the dyndns page displays open
<qman__> most residential ISPs block common ports
<luite> FernandoTertiary: hmm, a 404 error means that at least the connection is coming through. Is it really a 404 error, served by your web server?
<qman__> such as 25, 80, and 443
<FernandoTertiary> luite: not certain what you mean, though the address http://refael.dyndns-work.com displays "It Works!", though with ":9000" it gives "knomes" page, not certain the reason
<qman__> most routers which have that mode option, 'gateway' mode is for being a gateway to the internet, 'router' mode is when you have it connected to other routers for a more complex network structure
<FernandoTertiary> am attempting to prove http://refael.dyndns-work.com:9000 with a "It Works!" page
<luite> FernandoTertiary: doen't work from here at the moment, have you turned off the server?
<FernandoTertiary> luite: forgive, ufw was inactive
<FernandoTertiary> attempt to connect a second time if you would por favor
<luite> doesn't work... is the url correct?
<FernandoTertiary> luite: are you suggesting neither work?
<luite> yeah... can't connect to either of them
<FernandoTertiary> tcp/udp are open
<FernandoTertiary> permit time to prove nmap displays open
<luite> this is your ip address? refael.dyndns-work.com has address 76.242.183.172
<FernandoTertiary> no, that is not the address
<luite> oh fix that first :p
<FernandoTertiary> & nmap shows open|filtered
<FernandoTertiary> actually, not certain why, though the WAN is altering frequently
<FernandoTertiary> though nmap still displays filtered tcp & open|filtered udp
<luite> can't you give the ip address instead? if you can connect to the ip address then you know at least that your network setup is ok
<FernandoTertiary> luite: should VPN Pass through be enabled?
<luite> probably not
<FernandoTertiary> http://192.168.1.125
<luite> that can't be correct :)
<virusuy> hi all, grettings from Uruguay in South America
<luite> since that's a private ip address
<FernandoTertiary> http://76.242.183.172 is the WAN
<luite> FernandoTertiary: oh ok, so the dyndns was correct
<FernandoTertiary> yes
<FernandoTertiary> it pertains the nmap WAN not proving open tcp/udp ports
<luite> FernandoTertiary: but what's your network configuration?  you have a modem and a bridge?
<FernandoTertiary> the actiontec modem is has Transparent Bridge to Linksys WRT54G2
<luite> oh I think I see now. so your Linksys has the public IP address on its WAN port right?
<FernandoTertiary> luite: that is what the Status page displays, yes
<FernandoTertiary> luite: though local network displays address 0.0.0.0
<luite> hmm, that's a bit strange. all your computers are connected to the LAN ports on the Linksys?
<FernandoTertiary> it is just a single machine connected
<Duvrazh> Can someone help me troubleshoot a read-only problem with my Samba when the read only option is set to false?
<FernandoTertiary> though the gateway is displaying 76.242.183.254
<FernandoTertiary> luite: is that typical for loopback configuration?
<luite> FernandoTertiary: I'd expect a gateway for route 0.0.0.0, can you post a screenshot of the network configuration page?
<luite> or maybe some page with a configuration overview, or current status. the one with the most info :)
<FernandoTertiary> luite: there is a local status, & a router status
<qman__> Duvrazh, samba uses 'yes' and 'no', not 'true' and 'false'
<Duvrazh> correction: it's set to no
<qman__> also, check the filesystem permissions on said files and directories, as the user that they authenticate with must have write permission there too
<Duvrazh> would I need to chmod the directory to 777? it's on my private network so security is not a concern
<qman__> no, you would need to make the user or group that they authenticate with have permission
<FernandoTertiary> http://imagebin.org/156761
<qman__> 777 is rarely if ever the right solution
<Duvrazh> qman: a moment to post the setup, I would like your recommendation on how to go about this
<Duvrazh> Server running samba on my entire raid, the samba is JUST to allow my Windows machine to place files there. These files will be access through Twonky and streamed out to an Apple Tv, a PS3, and a WD TV Live
<Duvrazh> and I have little to no exp in this area...
<qman__> are you authenticating successfully? as in, you can read existing files?
<FernandoTertiary> luite: the imagebin page reflects Router Status
<qman__> just not create new ones?
<Duvrazh> I can read/write to my home folder, but the raid array is readonly for some reason
<Duvrazh> yes
<luite> FernandoTertiary: wich page?
<qman__> ok
<qman__> the best solution here
<qman__> is to chown or chgrp the share you want to write to, to your user
<qman__> if you're the only user
<FernandoTertiary> luite: http://imagebin.org/156761 is Router Status screenshot
<Duvrazh> my share is /media/raid
<luite> FernandoTertiary: oh sorry missed it :)
<Duvrazh> I'm the only user yes
<qman__> otherwise, create a group, chgrp to that group, and add all users to that group
<qman__> then, chmod u+w (or g+w) the share
<Duvrazh> chown, what will that do?
<qman__> 777 doesn't just mean all human users, it means everyone, including system daemons, which is high risk even for accidental things
<luite> FernandoTertiary: wan config looks ok, and I can ping the address
<qman__> chown changes the owner, chgrp changes the group-owner
<FernandoTertiary> luite: what address specifically?
<luite> 76.242.183.172
<qman__> you also probably want the -R option, to recursively apply the changes
<qman__> since you have files already
<qman__> ls -l shows the current permissions and owners
<luite> FernandoTertiary: can you shwo the "Local Network" status page?
<FernandoTertiary> luite: am unable to connect to http://76.242.183.172 from local connection
<luite> FernandoTertiary: that's ok
<luite> FernandoTertiary: at least, it's expected :)
<FernandoTertiary> luite: http://imagebin.org/156762 is the LocalNetStatus page
<Duvrazh> i'll take a couple minutes to try your suggestions, thank you
<qman__> Duvrazh, if you need a more detailed explanation of how permissions and ownership work, try the man pages for chown and chmod
<Duvrazh> ls -l of my array's folder drwx------ 2 root root 16384 2011-06-04 16:15 lost+found
<Duvrazh> lost+found being the only folder in there (just installed the server a few hours ago)
<qman__> you actually want ls -l /media
<qman__> that will tell you the permissions of the parent
<Duvrazh>  drwxr-xr-x 2 root root 4096 2011-06-04 16:19 cdrom drwxr-xr-x 3 root root 4096 2011-06-04 16:15 raid
<qman__> yep
<luite> FernandoTertiary: ok looks ok as well. looks like the only things you need to add are port forwards for port 80 to 192.168.1.125 port 80, and port 9000 to 192.168.1.125 port 9000
<qman__> root's the only one allowed to write there
<Duvrazh> so the array is owned by root
<Duvrazh> so chown to my user account?
<qman__> so chown or chgrp to you
<Duvrazh> okay
<qman__> then ensure you have write
<Duvrazh>  drwxr-xr-x 3 duvrazh root 4096 2011-06-04 16:15 raid
<FernandoTertiary> luite: why port 80?
<qman__> yep, should be able to create files now
<Duvrazh> is it necessary to restart samba
<qman__> not in this case
<Duvrazh> hey it worked great
<luite> FernandoTertiary: oh unless you don't want http://refael.dyndns-work.com/ to work
<qman__> filesystem level permissions take effect immedately
<Duvrazh> Thanks qman, two thumbs up
<FernandoTertiary> luite: ok, that is accomplished
<FernandoTertiary> luite: the Linksys already has a Dyndns configuration intrinsic to the configuration
<luite> FernandoTertiary: still doesn't work here :(
<FernandoTertiary> could it be a result from the firewall?
<luite> FernandoTertiary: yes
<Duvrazh> what's the mdadm command that will show you what the progress of building array in percent?
<luite> FernandoTertiary: try to disable firewalls on 192.168.1.125 first
<FernandoTertiary> ufw is configured to prove the ports open, though it displays "filtered" au lieu
<luite> try ufw disable just to test
<FernandoTertiary> luite: ok, accomplished
<luite> still nothing
<luite> you can reach http://192.168.1.125:9000/ on your local network right?
<FernandoTertiary> nmap for LAN displays 9000/tcp open, though 9000/udp open|filtered
<luite> you only need tcp for http
<FernandoTertiary> priori it displayed 9000 tcp/udp just open
<qman__> Duvrazh, actually not an mdadm command, cat /proc/mdstat
<FernandoTertiary> & a loopback
<qman__> you can also watch /proc/mdstat if you want auto refresh
<Duvrazh> naw just needed a one time
<Duvrazh> found a good one though, mdadm --detail /dev/md0   (needed to see the rebuild %)
<Duvrazh> Thank you qman
<FernandoTertiary> the WAN displays 9000/tcp filtered
<FernandoTertiary> luite:
<FernandoTertiary> luite: is port triggering necessary?
<luite> FernandoTertiary: no
<luite> just forwarding
<FernandoTertiary> ok, disabled port triggering
<FernandoTertiary> though the direct to port does not display still
<luite> can you show the page where you made the port forwarding settings?
<FernandoTertiary> luite: http://imagebin.org/156765
<luite> FernandoTertiary: you just need TCP, but other than that, it looks ok
<FernandoTertiary> actually, need udp as well, because it is for a loopback configuration to connect to a server
<luite> hmm? HTTP doesn't use UDP at all
<FernandoTertiary> does HTTPS?
<luite> no, still TCP, but a different port (443 is the default port)
<FernandoTertiary> what uses UDP?
<luite> lots of other things, DNS, some streaming media stuff, online games
<FernandoTertiary> luite: it is for a OpenSim Server
<robos> hello: does anyone know how to disable the update manager?
<robos> i see connections it's trying to make but the firewall is dropping it
<robos> so i'd like to disable it
<FernandoTertiary> luite: & the WAN tcp port displays "Filtered" status
<luite> FernandoTertiary: but if you go to http://192.168.1.125/ in your browser, does it work?
<FernandoTertiary> luite: yes, it works
<luite> FernandoTertiary: if you've disabled ufw, and you still have those port forwards, I'd check the other pages for security options in the linksys config
<FernandoTertiary> luite: the single feature in Security is "Block WAN Requests" and all are enabled
<luite> dunno what it means, but try disabling it :p
<FernandoTertiary> luite: feature is already disabled
<FernandoTertiary> luite: look at the ifconfig http://pastebin.com/BntdkJHt
<luite> FernandoTertiary: that looks ok
<FernandoTertiary> luite: anything else that would perhaps be an assistance to observe?
<luite> FernandoTertiary: you could add route -n, but that's probably ok if you can access the internet from that machine
<FernandoTertiary> luite: ifconfig -n?
<FernandoTertiary> -n: Unknown host
<FernandoTertiary> luite: that -n: Unknown host is potentially a problem and should be corrected
<luite> FernandoTertiary: route -n
<FernandoTertiary> luite: yes, did ifconfig route -n & it returned -n: Unknown host
<luite> FernandoTertiary: just route -n, no ifconfig, it's a different program
<FernandoTertiary> ah, ok
<FernandoTertiary> luite: http://pastebin.com/fG9rCHCm displays the results
<luite> yeah that's ok... otherwise you wouldn't be able to access the internet from that machine anyway...
<luite> FernandoTertiary: can you access http://76.242.183.172/ now by the way?
<FernandoTertiary> luite: no
<FernandoTertiary> luite: would you suggest the problems with the config pertain the DHCP settings being disabled?
<FernandoTertiary> with congruence to the modem bridge & the router?
<luite> FernandoTertiary: nah, a static IP for your server should be ok
<FernandoTertiary> luite: what about host & domain name for Router Status?
<luite> FernandoTertiary: nah it's probably some problem with the forwarding in the linksys, or a firewall issue with the server. if your linksys allows requests to your wan address to be forwarded back to your lan, then you should be able to view http://76.22.183.172/ from your own network
<FernandoTertiary> luite: because the dsl is default DHCP & the Static is coded, does the Host & Domain need to be configured?
<luite> nah you should make it work for the IP address first, that should work without a hostname
<uvirtbot> New bug: #792837 in postfix (main) "package postfix 2.8.2-1ubuntu2.1 failed to install/upgrade: le sous-processus script post-installation installÃ© a retournÃ© une erreur de sortie d'Ã©tat 1" [Undecided,New] https://launchpad.net/bugs/792837
<FernandoTertiary> luite: are you able to see http://192.168.1.125/
<luite>  FernandoTertiary: no, that's an address that only exists in your local network
<FernandoTertiary> luite: what about http://76.242.183.172
<FernandoTertiary> ?
<luite> nope, stil doesn't work
<FernandoTertiary> luite: what about http://refael.dyndns-work.com/ ?
<luite> no that still resolves to the same address, so that doesn't work either
<FernandoTertiary> it works locally
<luite> what does # host rafael.dyndns-work.com   say?
<FernandoTertiary> que?
<luite> if you run that in your terminal
<FernandoTertiary> refael.dyndns-work.com has address 76.242.183.172 ;; connection timed out; no servers could be reached ;; connection timed out; no servers could be reached
<luite> FernandoTertiary: hmm, strange... so you say http://refael.dyndns-work.com/ works, but http://76.242.183.172/ doesn't, from your own network?
<luite> FernandoTertiary: what doesn't work by the way, do you get an error page from apache?
<luite> or a message from the browser saying that it could not connect
<FernandoTertiary> luite: perhaps it pertains Dyndns settings within the router, because the refael.dyndns-work.com works, though the direct Address does not
<luite> FernandoTertiary: what's the type of error you get?
<FernandoTertiary> luite: the connection continues to attempt for a time, then displays "Page not found"
<virusuy> but can you access using LAN ip server?Â¡
<luite> FernandoTertiary: is that literally waht it says? can you post a screenshot?
<luite> FernandoTertiary: amd check that the WAN IP hasn't changed in the meantime
<virusuy> wich port are you using FernandoTertiary ?
<luite> 80 and 9000
<virusuy> 9000 for wich service?
<ReshAyin_> luite: forgive, though enabled DHCP to test, then disabled it, so the address proves different posteri alteration
<virusuy> FernandoTertius: wich specific problem do you have?
<luite> ReshAyin_: that's only your local address probably
<luite> ReshAyin_: a static ip address for your server should really work fin
<luite> e
<FernandoTertiary> am still in chat
<luite> yes
<FernandoTertiary> not certain why it gave "quit" message
<FernandoTertiary> luite: should static routing be configured then?
<luite> FernandoTertiary: you don't need extra static routes
<FernandoTertiary> Dynamic Routing enables the Router to automatically adjust to physical changes in the network layout and exchange routing tables with other routers.
<FernandoTertiary> Dynamic Routing should be enabled & configured for connectivity?
<luite> no
<FernandoTertiary> what about configuring Static Routing?
<luite> the routes you already have should be enough
<luite> FernandoTertiary: what you can to is go to Applications & Gaming, then choose DMZ, and set the DMZ address to 192.168.1.125
<FernandoTertiary> http://imagebin.org/156783
<FernandoTertiary> luite: look to that pastebin
<luite> you don't need extra routes
<luite> if you can access the internet from your server, then the routes are ok
<FernandoTertiary> luite: The Port Forwarding feature is more secure because it only opens the ports you want to have opened, while DMZ hosting opens all the ports of one computer, exposing the computer so the Internet can see it.
<luite> FernandoTertiary: I know
<FernandoTertiary> luite: then do not wish to open DMZ
<luite> but I thought it might be best to make it work first, and then secure :p
<lwizardl> hello
<virusuy> FernandoTertiary: just open 80 and 9000 doing a port forwarding to your local Server
<virusuy> lwizardl: hi
<lwizardl> anyone here know much about cpanel ? I am using it on my ubuntu server and need some serious help
<FernandoTertiary> luite: the local address & the router address won't permit the connection
<FernandoTertiary> the router address can't align with the local
<FernandoTertiary> is that not correct?
<luite> no idea what you mean by that
<FernandoTertiary> the attempt is to connect to the WAN, though that pertains the router address, & the port forwards pertain the local address
<FernandoTertiary> thus advanced routing needs to be configured to align the router & the local addresses
<luite> uh no, that shouldn't be necessary
<virusuy> FernandoTertiary: if you port forward to your local apache server, when you point to your WAN IP will forward the request to your local server
<luite> FernandoTertiary:  advanced routing is for adding static routes that the router must know about, for example if you had another 192.168.2.x network
<FernandoTertiary> though such is a static route that the router should comprehend, since it is not configured within the router
<luite> FernandoTertiary: but in your situation, with only the 192.168.1.x network that the router already knows about, you don't need to add extra routes
<FernandoTertiary> luite: then why is start & end addresses 0.0.0.0?
<FernandoTertiary> on the local status map
<luite> FernandoTertiary: that's because DHCP is disabled
<luite> if you had enabled DHCP there, those would be the lowest and highest IP address that the DHCP server could assign
<qwebirc106043> Can someone please help me with ubuntu - Postfix? My SMTP server is not working. It's like its no longer connecting to my ISP's relay host
<lwizardl> I need some serious help with a server issue lately. I own a server that is running Cpanel 11.28.87 and having the WHM enabled on my account. I was nice enough to host a site for someone and made them a separate login to cpanel and now I need to get into that account to backup content to turn over to the owner. Does anyone here know how as the WHM admin can I gain access to the filesystem account to backup both the DB and file s
<lwizardl> ystem? I am the reseller, and the other account is under me
<cocoa117> anyone know how to make xen-pci frontend driver for Ubuntu lucid ?
<JanC> lwizardl: that sounds more like a question to ask to the cpanel support people, you're paying them after all...
<lwizardl> JanC, i have tried to contact my host and no luck for 2 weeks
<lwizardl> so now its my time to find out for myself
<JanC> eh
<lwizardl> i know i can suspend the account but not wanting to do that really
<lwizardl> and yes i am looking for a new host asap
<JanC> is this a dedicated server or VPS?
<lwizardl> shared i think
<JanC> do you have ssh access?
<lwizardl> from in my cpanel yes
<JanC> eh?
<JanC> no normal ssh access?
<lwizardl> no i think the host blocks direct access to that and mysql
<JanC> well, I have no idea how cpanel works...
<JanC> can't your client make a backup him/herself?
<lwizardl> i think the person has been ignoring all calls and emails. so I am going to backup content to a cdr and then notify them once more and if no response i will kill that account
<qwebirc106043> I need help with my postfix server. SMTP no longer works.
<lwizardl> nope just tested ssh direct access is blocked
<JanC> lwizardl: so how do you upload content ?
<JanC> qwebirc106043: did you check the logs?
<lwizardl> sftp
<qwebirc106043> JanC: Sorry i was AFK. Can you give me the locations of the logs? I'm not good at finding log files for SMTP/Postfix
<JanC> lwizardl: sftp goes over ssh?
<JanC> although maybe they limit ssh to sftp
<lwizardl> yes it does but when i use putty to try and login the server never responds
<JanC> qwebirc106043: /var/log/mail*
<JanC> lwizardl: doesn't respond, or you can't get a shell?
<lwizardl> says connecting to x.x.x.x and stays there for an hour last time i tried
<JanC> eh
<lwizardl> x's i used to hide the ip for the server from irc view
<JanC> lwizardl: anyway, can't you get to his data using sftp or so?
<lwizardl> i think i should be but i can not find that directory when i log into my account
<qwebirc106043> i'm getting a huge list in mail.err, no SASL Authentication...
<qwebirc106043> My ISP is blocking port 25. How can i change the port that postfix uses?
<JanC> submission      587/tcp                         # Submission [RFC4409]
<JanC> to submit mail, you should probably use port 587 (with secure authentication, of course)
<qwebirc106043> JanC, How can i make postfix use that port though
<qwebirc106043> Oh, 587 is blocked by my ISP also
<JanC> huh?
<JanC> port 587 outgoing is blocked by your ISP?
<JanC> or did you want to recieve mail at your home IP?
<JanC> (that's most likely a bad idea)
<qwebirc106043> I want to receive and send mail from my server.
<JanC> server at home or in a DC ?
<qwebirc106043> Now, how can i change the outgoing port
<qwebirc106043> home
<JanC> most mailservers block SMTP connections from consumer IP ranges
<JanC> so sending mail from your home server will require using the relay from your ISP
<qwebirc106043> I've been using a relay from my ISP for the past 3 weeks and its worked fine. Now, SMTP isn't working. I reinstalled postfix and everything. I just need to change the port postfix uses to something other than 587 or 25
<qwebirc106043> I can send mail to localhost just fine. JanC, Can you please tell me how to configure postfix to use a unblocked port?
<JanC> basically, you edit master.cf
<JanC> but for incoming mail you need port 25...
<qwebirc106043> Incoming works for some reason. But outgoing fails
<JanC> like I said, you'll have to use your ISP's relay for outgoing mail
<JanC> IIR one of the debconf preconfigs for postfix allows you to set that up
<JanC> IIRC *
<qwebirc106043> Its setup to use my ISP's mail relay host
#ubuntu-server 2011-06-05
<qwebirc106043> Its just not sending
<JanC> maybe you need to log in or not and you're doing that wrong?
<qwebirc106043> Ok, Incoming mail server is failing too now. How can i fix this? Incoming needs 25 right?
<JanC> for receiving mail from other mailservers, yes
<qwebirc106043> is there a way to change that?Or do i need to contact my ISP to have them unblock it?
<JanC> there is no way to change that, and most ISPs won't unblock (unless you have a business account maybe)
<CrunchyChewie> I want to use exim4 as a send-only email for my web app, how do I make it appear as "noreply@domain.com" versus my user account name@domain.com?
<JanC> that has nothing to do with exim; just use it as the "From:" in your webapp?
<CrunchyChewie> oh ok
<CrunchyChewie> I just wanted to make sure
<CrunchyChewie> I am a bit clueless on mta's
<JanC> then go out and read   ;)
<CrunchyChewie> If OSS documentation was that good these channels would be empty :)
<JanC> actually, there are lots of tutorials & how-to's and whatever about MTA's
<JanC> and in any case, this is not about open vs. closed source, but about an internet protocol  ;)
<floodplain> Hi, I'm not sure if this is the right ch. I've broken my lamp installation and need to completely reinstall it. i've been trying for hours but after each apt-get remove --purge and synaptic gui complere removal the reinstall  it doesn't work. any advice on how to get lamp back as if it was the first time installing it? thanks
<cemc> what's the easiest way to display a message to the console, even if nobody is logged in? I have a background script I need to know what it's doing even if I'm at the login (tty1..6) and not logged in.
<uvirtbot> New bug: #782566 in mysql-5.1 (main) "Cannot install libvtk5-dev - broken dependencies" [Undecided,Incomplete] https://launchpad.net/bugs/782566
<EricJ> cemc: I'd probably just redirect the output to a file or something.
<airtonix> when i run `sudo krb5_newrealm` it returns a prompt showing it has found and decided to use the fqdn kerberos.servername.local, i added srv records to my bind dns zone, yet it still uses the .local domain, what should i be editing to make it use my dns provided domain ?
<uvirtbot> New bug: #793080 in samba (main) "package samba 2:3.5.8~dfsg-1ubuntu2.2 failed to install/upgrade: le sous-processus script post-installation installÃ© a retournÃ© une erreur de sortie d'Ã©tat 1" [Undecided,New] https://launchpad.net/bugs/793080
<alessandro_> ciao c'Ã¨ qualche italiano qui?
<RoyK> alessandro_: this is an english language channel, please
<RoyK> alessandro_: there's another channel, ubuntu-it, that may be better for your use
<uvirtbot> New bug: #793115 in openssh (main) "openssh in natty breaks monkeysphere" [Undecided,New] https://launchpad.net/bugs/793115
<FernandoTertiary> hola, can anybody look to the forum post http://ubuntuforums.org/showthread.php?t=1775007 & assist if potentially able por favor?
<uvirtbot> New bug: #793164 in samba (main) "package samba 2:3.5.8~dfsg-1ubuntu2.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/793164
<FernandoTertiary> what shell would be used to "depurate" the router for a Ubuntu machine?
<luite> FernandoTertiary: have you been able to get a http connection to your ubuntu server working?
<luite> and what does "depurate" mean?
<FernandoTertiary> luite: a Windoze person was asking about telnet stuff
<FernandoTertiary> and the answer is "have not yet" *frowns"
<luite> FernandoTertiary: you mean telnet to your router?
<FernandoTertiary> luite: telnet to router is perhaps what the Windoze guy suggests
<FernandoTertiary> luite: can you look to the Ubuntu Forum post perhaps?
<FernandoTertiary> it has all information updated
<FernandoTertiary> look to the forum post http://ubuntuforums.org/showthread.php?t=1775007 & assist if potentially able por favor?
<fosterdv> Anyone by chance know anything about troubleshooting mail, in mbox format?
<Greg882> Anyone happen to have experience setting up ss5?
<uvirtbot> New bug: #793202 in samba (main) "package samba 2:3.5.8~dfsg-1ubuntu2.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/793202
<RoyK> ss5?
<Greg882> socks server 5
<ikonia> yup
<ikonia> it's pretty much dead now
<Greg882> I have been looking for another option but I cannot seem to find a decent package that has the option to route my connections out on the same ip that they come in on
<ikonia> what is it you want to do ?
<ikonia> (end to end)
<Greg882> I have a vps with 3 ips I need the proxy to connect out on the same interface it came in on and have working authentication as well
<Greg882> more or less
<ikonia> can you not do that with iptables and connection established ?
<Greg882> I just made a mess when I attempted to do that before. You wouldnt happen to know of any resources on that avenue?
<ikonia> --state ESTABLISHED
<ikonia> I'm a bit rusty so you may want to check that with the guys in #netfilter
<ikonia> if you do -i $interface --state ESTABLISHED (at a high level) that should keep the established connections bound to the interface
<Greg882> Alright
<uvirtbot> New bug: #793223 in bind9 (main) "package bind9 1:9.7.3.dfsg-1ubuntu2.1 failed to install/upgrade: Ð¿Ð¾Ð´Ð¿ÑÐ¾ÑÐµÑÑ ÑÑÑÐ°Ð½Ð¾Ð²Ð»ÐµÐ½ ÑÑÐµÐ½Ð°ÑÐ¸Ð¹ post-installation Ð²Ð¾Ð·Ð²ÑÐ°ÑÐ¸Ð» ÐºÐ¾Ð´ Ð¾ÑÐ¸Ð±ÐºÐ¸ 1" [Undecided,New] https://launchpad.net/bugs/793223
<Pr0zoid> hey guys i have a question...  I have an ip address that seems to be blocked but when i do iptables -L i don't see the blocked ip
<agleason6> I have a question about DNS setup
<agleason6> I'm a complete newb when it comes to networking stuff, but do I need to setup my own DNS server (bind9) if I'm pointing my domain to someone else's nameservers?
<qman__> no
<agleason6> how does that work? I've got my domain, and I set the namespace to point to ns1.afraid.org, but how do I tell afraid.org what my IP is? so that when someone goes to my domain it goes to my server?
<qman__> you log into your afraid.org account and configure it there
<qman__> in the case of dynamic DNS, you set up a script on your server to wget the URL, which afraid.org then uses to configure it
<agleason6> k thanks!
<RefaelAlats> hola
<RefaelAlats> there is a modem bridged to a router, & the modem MAC address is displayed in "ifconfig", though the Linksys as well has a MAC address, & the Linksys has determined the WAN address per the MAC address
<RefaelAlats> the Linksys MAC address is not reflected in the "ifconfig", though the Linksys has determined the WAN per the Linksys MAC
<RefaelAlats> & can't reach the WAN
<RefaelAlats> see the forum post in http://ubuntuforums.org/showthread.php?p=10905982#post10905982 & assist if you are able por favor
<llslim> hello has anyone else have trouble with "ping" running idle and not timing out with the following command: "ping -c 2 -W 2 "?
<llslim> err forgot the ip "ping 192.168.56.1 -c 2 -W 2"
<sw0rdfish> is webmin a tool that should be used for people who know what their doing?
<sw0rdfish> or can a newbie use it too
#ubuntu-server 2012-05-28
<aljosa> juju.agents.machine using 100% cpu, no lxc instances running. any idea why?
<yaboo> getting the error Credentials cache file '/tmp/krb5cc_1005' not found when I try to do ssh passwordless login from ubuntu 12.04 to centos
<greppy> yaboo: I think that centos may be looking for kerberos, not sure what you would need to do to make that happy.
<twb> you get that error in sshd log?
<yaboo> will look guys
<blkperl> so what determines which packages the ubuntu-server team is responsbile for?
<blkperl> i see bacula is on the ubuntu-server teams list, but amanda is not
<twb> I dunno about the "team", but I answer questions based on whether I care
<twb> e.g. all the cloud buzzword wank bores me, so I ignore it
<twb> everything in universe gets basically zero support from canonical, and that is probably the discrepancy you're seeing.
<blkperl> oh right that makes sense
<twb> apt-cache policy will tell you where it comes from
<blkperl> well if your interested in helping me out bug 932064
<uvirtbot> Launchpad bug 932064 in amanda "amtape crash" [High,Confirmed] https://launchpad.net/bugs/932064
<twb> Not me, sorry
<cobbler> hi all
<cobbler> this is the preseed file http://paste.ubuntu.com/1010897/ with precise alternate cd
<cobbler> imported the alternate cd like this , cobbler import --name=ubuntu-server --path=/mnt --breed=ubuntu
<cobbler> then added cobbler profile like this, cobbler profile edit --name=ubuntu12_04-x86_64 --kickstart=/var/lib/cobbler/kickstarts/ubuntu-nqa.seed --kopts="auto url=http://192.168.35.1/ubuntu-nqa.seed priority=critical lang=english locale=en_US console-keymaps-at/keymap=us console-setup/ask_detect=false console-setup/layoutcode=us"
<ikonia> cobbler: this sounds silly, but I don't see a question in there, just you explaining your config
<twb> Perhaps he's working up to the question
<cobbler> thanks i went and picked the phone
<twb> always a mistake
<cobbler> well the installer ends up prompting me to add a cdrom which is not the case here, trying to automate the install
<cobbler> do you think my preseed file is not correct?
<twb> Have you compared your preseed to the one in installation-guide-amd64's appendix?
<cobbler> this one https://help.ubuntu.com/12.04/installation-guide/example-preseed.txt
<cobbler> right?
<twb> I guess so
<cobbler> i tried reusing the one available here https://help.ubuntu.com/community/Cobbler/Preseed
<cobbler> and i also read the preseed from the first link
<twb> I'm not familiar with cobbler, sorry
<cobbler> np
<twb> The appendices have several examples of automated preseeding
<twb> At least they did ten years ago...
<haxxpop> If I have a port 25 open,how to close it?
<haxxpop> like this, tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN      1421/sendmail: MTA:
<andol> haxxpop: Well, if you don't want sendmail to listen even on localhost, why do you run it then?
<haxxpop> I tried to restart exim4 but it notified that port 25 is occupied
<twb> haxxpop: uninstall your MTA
<haxxpop> I command "/etc/init.d/exim4 restart"
<haxxpop> and the output is
<haxxpop>  * Stopping MTA for restart                                                                                                            [ OK ]
<haxxpop>  * Restarting MTA                                                                                                                      [ OK ]
<haxxpop>  * ALERT: exim paniclog /var/log/exim4/paniclog has non-zero size, mail system possibly broken
<haxxpop> and I open the paniclog, it notified this
<haxxpop> 2012-05-28 04:41:09 socket bind() to port 25 for address 127.0.0.1 failed: Address already in use: daemon abandoned
<twb> What does "readlink -f /proc/1421/exe" output?
<haxxpop> nothing
<twb> What does "sudo readlink -f /proc/1421/exe" output?
<haxxpop> I loged in as root. it outputs nothing.
<twb> Pastebin netstat -nlp output
<haxxpop> what is Pastebin?
<twb> !pastebin
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imagebin.org/?page=add | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<haxxpop> http://paste.ubuntu.com/1010943/
<twb> If /proc/1421/exe doesn't symlink to something, your system is even more screwed up than I thought
<twb> It sounded like you'd managed to install both sendmail (as in Allman's) and exim4 at the same time, probably by using some junky horrible thing like Scalix or cpanel, and that they were fighting.
<twb> But since your /proc is not behaving as expected, you're probably in a VPS or something even sillier
<twb> You should probably do a clean install.
<haxxpop> my system is a VPS
<twb> Then talk to your VPS provider because your system is screwed up
<haxxpop> Don't exim4 usually work in VPS?
<twb> That is not a meaningful question.
<twb> Ask your vendor why there are two MTAs installed.
<haxxpop> sendmail and exim4 must not be installed at the same time?
<twb> Correct.
<twb> It would be like having two engines in your car
<haxxpop> I got it out. Just remove sendmail and reboot
<zastaph> how do I find out when aptitude is supposed to upgrade a package? say git from 1.7.5.4 to 1.7.10.x ?
<zul> jamespage: whats the url for the new bugs again?
<jamespage> zul: http://reports.qa.ubuntu.com/reports/ubuntu-server/triage-report.html
<jamespage> zul: time for a quick question?
<zul> jamespage: noooooooooo :)
<zul> jamespage: whats up
<jamespage> zul, OK - so I'm working on an upgrade to solr
<jamespage> (don't worry - this is not a java question)
<zul> jamespage: ok
<jamespage> ATM the solr-tomcat package depends on tomcat6
<zul> uh huh
<jamespage> in my new upgraded package I want to depend on tomcat7 - (tomcat6 is way to old)
<jamespage> BUT
<jamespage> when I dist-upgrade from old->new solr-tomcat gets uninstalled
<jamespage> which was not quite the behaviour I was looking for
<jamespage> tomcat7 conflicts with tomcat6
<zul> so you want something like a transitional package?
<jamespage> zul: how can I make apt uninstall tomcat6 and install tomcat7 instead?
<jamespage> if I subsequently do 'apt-get install solr-tomcat' it does that
<zul> jamespage: erm....too early in the morning i would check on #ubuntu-devel
<jamespage> zul:ack
<Daviey> rbasak: can you join #ubuntu-motu please?
<Daviey> maybe jamespage aswell, based on the changelog
<SockPants> hi all
<SockPants> if i want a mail server that only has a number of virtual aliases for different domains and should forward that mail to external email boxes (gmail for instance) do i need anything more than postfix?
<Soekris> Hello
<rbasak> SockPants: postfix will be fine for that.
<SockPants> rbasak: thanks!
<Soekris> Can some one help me to setup MAAS. i have read the wiki but i'm stuck
<johnny53287> hello, i set up a server with ubuntu 11.10 to use the kvm hyperviser and virt-manager. i installed the package "kvm-pxe" to boot the vms via pxe. now when i start a vm, it sends a DHCPDISCOVER, my pxe server response with a DHCPOFFER, but nothing more happens - the vm returns errors like "No IP address". i tested the pxe server with a physical machine and it works well. maybe one of you can give a  hint?
<Soekris> When i want to deploy juju bootstrap . Is it good that in the MAAS console the node have status ready ?
<hallyn> smoser: open a bug (for launch-index) against cloud-init, or something else?
<hallyn> feh, ec2 mirrors are sucking today
<hallyn> utlemming: say, you introduced grub-ipxe, did you ever try to push that to debian?
<hallyn> utlemming: if not, do you want to try?
<hallyn> odd, i see the debian bug it closed.  but it's not in debian pkg
<tehgeekmeister> i remember seeing something about a minimal server install, as opposed to the regular server image.  does that still exist?  where would i find it, if so?
<qman__> tehgeekmeister, there is a 'minimal install' option, but that's probably not what you want, you probably want JeOS
<hallyn> there is the mini iso, which i use for net installs
<hallyn> http://archive.ubuntu.com/ubuntu/dists/${release}/main/installer-amd64/current/images/netboot/mini.iso
<hallyn> it's a small download, and if you use a local apt-cacher, you can get pretty low-bw installs too
<qman__> if you check the 'minimal install' option during install, it usually breaks your system, as it's literally minimal, lots of stuff you really need not there
<qman__> last I checked JeOS was one of the options at boot time
<tehgeekmeister> yeah, i just want an install with nothing unnecessary on it, and i'll use apt to add anything else on top.  i'm not a sysadmin, though, and am just using this for a headless install in a vm on my personal box.
<qman__> yeah
<tehgeekmeister> JeOS seems like it could be right.  or the mini iso, worst case, to just skip redownloading outdated packages.
<qman__> well, if you're not comfortable, I'd recommend just sticking with the normal system
<qman__> it's really not that heavy to begin with
<qman__> a base install takes something like 850MB on-disk
<qman__> the main reason to use these is to fit into really tight spaces, either for specialized hardware or maximizing performance in virtual environments
<tehgeekmeister> oh, i'm plenty comfortable doing my own config, i'm just after the smallest functional install to start off of.
<hallyn> lynxman: smoser: utlemming: I gather you all would prefer we stick with our own ipxe, rebased to most recent git commit, rather than the debian pkg?
<lynxman> hallyn: indeed
<hallyn> sigh
<lynxman> hallyn: sorry to ruin your day :)
<hallyn> i just would prefer we didn't have to separately support...
<lynxman> hallyn: I've tried :)
<hallyn> oh, i see
<hallyn> thanks
<hallyn> lynxman: do you feel we need an update from upstream git, or should we stick with waht we have?
<lynxman> hallyn: we can easily do one with get-orig-source, the package structure is "sane" now so it should be easy
<hallyn> right, i saw that in the rules (that was my tip-off that you would prefer upstream merge :)
<hallyn> we can easily do it, but is there any advantage or will we be introducin upstream bugs for no benefit :)
<hallyn> lynxman: if i put a package in ppa, do you have some tests you can run?
<lynxman> hallyn: no advantage whatsoever, and yeah I can do some testing but for now it's pretty manual I'm afraid
<ZenMaster> Good day Gentlemen,.
<hallyn> lynxman: ok, if no advantage, then nm - i'll just push a package with debian's rom-change-banner-timeout.diff applied
<hallyn> lynxman: thx
<lynxman> hallyn: cool :)
<hallyn> lynxman: did you see that in bug 948323 smb is waiting on you?
<uvirtbot> Launchpad bug 948323 in ipxe "Rom images for e1000 and ne2k missing vendor and device id" [Low,Confirmed] https://launchpad.net/bugs/948323
<jamespage> zul, munin 2.0 from Debian?
<zul> jamespage: what about it?
<lynxman> hallyn: ouch... didnt see that one
<jamespage> zul: I was about to merge it
<zul> jamespage: be my guest
<pior> Hello folks!
<pior> Is there a cloud specific chan ?
<pior> assuming cloud==AWS
<utlemming> pior: ##aws is for all AWS questions, but for Ubuntu specific cloud stuff, here is fine
<pior> utlemming, thanks
<pior> The AWS apt repository are malfunctionning
<pior> http://us-east-1.ec2.archive.ubuntu.com/ubuntu/
<pior> the ones of US-east-1 at least
<jamespage> pior: what error are you getting?
<pior> I get 1/3 of HTTP 200, 1/3 HTTP 403, 1/3 timeout by repeating this : curl -I http://us-east-1.ec2.archive.ubuntu.com/ubuntu/
<pior> indead there is 3 IPs on us-east-1.ec2.archive.ubuntu.com
<jamespage> utlemming, anything you are aware of ^^
<utlemming> jamespage, pior: not that I am aware of....looking now
<utlemming> prior: what ubuntu version?
<utlemming> er, pior: ^
<hallyn> lynxman: ok, i have a debdiff ready for the timeout issue, i'll wait a few mins to see if you object to smb's patch.  if not i can toss that in as well
<pior> utlemming, sorry : precise
<utlemming> pior: looking now
<pior> utlemming, that's great!
<lynxman> hallyn: patch looks legit, I'd go for it :)
<pior> I relaunched the AWS stack (instances)  2 times, it's probably not instance specific
<utlemming> pior: we have new beta repos that you can use if you want. Run: sed -i "s,ec2.archive.ubuntu.com,ec2.archive.ubuntu.com.s3.amazonaws.com,g" /etc/apt/sources.list
<hallyn> lynxman: it looks scary to me :)  but ok, i'll push it. thanks!
<utlemming> pior: I'll see if we can't get this fixed ASAP though
<utlemming> pior: it should be fixed now
<lynxman> hallyn: all that project is a bit scary ;)
<hallyn> which, xen, qemu, or ipxe? :)
<lynxman> hallyn: do I have to choose? lol
<hallyn> new version pushed, though, we should find out whether it works...  as soon as someone runs quantal :)
 * hallyn looks in zul's direction
<zul> works fine for me
<zul> talking about libvirt right?
<alibama> hi all - installing ubuntu server and cant get past grub-loader not installing into target
<alibama> it's my own fault, things were working fine, then i aborted because i hadn't tested the raid config (which turned out to be fine) but now i can't get past this screen
<hallyn> zul: no, ipxe :)
<alibama> does anyone have any experience here?  i need to manually install grub i believe, however i'm in over my head here
<zul> oh
<zul> adam_g:  btw your cherrypick for keystone failed on friday
<hallyn> lynxman: zul: FEH!  i dont' have ipxe upload rights.  (i was sure i was supposed to)
<zul> hallyn: should be in the ubuntu-server seed
<hallyn> lynxman: if you're still around, do you mind pushing http://people.canonical.com/~serge/ipxe-timeout2.debdiff ?
<hallyn> zul: hm.
<lynxman> hallyn: I have even less rights than you :)
<hallyn> zul: do you mind pushing? :)
<zul> hallyn: sure url
<hallyn> zul: http://people.canonical.com/~serge/ipxe-timeout2.de
<hallyn> bdiffhttp://people.canonical.com/~serge/ipxe-timeout2.de
<hallyn> sigh
<hallyn> zul: http://people.canonical.com/~serge/ipxe-timeout2.de
<hallyn> bdiff
<hallyn> oh
<hallyn> i see
<hallyn> (how did that get split in my clipboard?  i'm confused)
<alibama> is this support channel or is there a better place to get some help with my server setup?  I've been battling with the grub loader for ~3 hours now
<hallyn> unless it's a raid/multipath setup, you might just go straight to #grub.  but no reason not to ask here since it's server
<zul> hallyn: done
<alibama> hallyn: thanks, i'll try grub
<hallyn> zul: also, were you still going to push the new libvirt, or did you want me to make a new debdiff?
<zul> did it on friday
<zul> oh you mean for the thing you forgot
<zul> debdiff please
 * zul is stuck in SRU purgatory
<hallyn> ok
<hallyn> i'll just push it then (unless you want to vet it) - thanks
<alibama> anyone have any suggestions for cleaning up my partitions and getting this server back to ground zero?
<alibama> i think it's beyond what the grub problems are at this point
<alibama> ie grub issue is a symptom, not the cause
<alibama> perhaps someone might know how to test whether i've configured raid correctly?  that may be the issue?
<alibama> do i need to configure this at the beginnng or is it something i can do after the instal
<alibama> bueller?
<Soekris> hello I'm stuck with MAAS. I have 1 MAAS server and 2 pxe servers but juju bootstrap don't work about there is no wirteble storage
<Soekris> But the wiki says nothing about that. the 2 nodes a in status ready
<Soekris> where must i seek
<pior> utlemming, great!
<pior> well, 10.250.142.223 is still returning HTTP/1.1 403 Forbidden on /ubuntu/
<pior> utlemming, or on /ubuntu/dists/precise/universe/binary-amd64/Packages.bz2)
<pior> s/)//
<utlemming> pior: try "apt-get clean; apt-get -y update"
<pior> utlemming, did it, apt-get update works 2/3 of the time
<pior> # dig +short us-east-1.ec2.archive.ubuntu.com
<pior> 10.252.111.96
<pior> 10.202.26.15
<pior> 10.250.142.223
<pior> utlemming, I'm working on the new stack for a couple of large deployments, so I'm not looking for a temporary solution
<Soekris> Have some one running MAAS ?
<ZenMaster> Hi guys, I was wondering if there was any support for the ATI 7000.
<ZenMaster> I am trying to get some more performance out of my desktop on my Dell PowerEdge 2800.
<Soekris> ZenMaster: have you a ubuntu desktop version running ?
<ZenMaster> Soekris: Well "X" on Ubuntuer-Server.
<Soekris> There is something called additional drivers
<ZenMaster> I think i may have tried that let me look again;.
<Soekris> This can install the closed software of the ATI driver
<ZenMaster> Soekris: Ok I did install that.
<ZenMaster> So what? do I go look for the fglr ATI driver and try to install this with it as a front end?
<ZenMaster> Shows nothing when I open it.
<Soekris> have you reboot you server ?
<ZenMaster> I don't remember when the last time I did was. Has been months. I wonder if I installed that and never rebooted.
<ZenMaster> Now taht would be funny.
<ZenMaster> The machine says it needs to reboot everytime I login to a terminal.
<ZenMaster> This is just a production server.
<ZenMaster> Hard for me to do that.
<Soekris> Oke
<ZenMaster> Everyone is going to lunch here soon I can do it then.
<Soekris> But the drivers from ati or nvidia have something else in the kernel
<Soekris> so you must reboot
<ZenMaster> My other question is though. I have never isntalled any ATI drivers or anything.
<ZenMaster> This is a default install of X using proprietary driver.
<ZenMaster> Should I try to install some kind of ATI driver? Is that why additional drivers shows nothing maybe?
<Soekris> and if you have configured install security updates automaticaly you get also that message in the terminal
<ZenMaster> Well I know that is part of the reason/ :)
<ZenMaster> The Video in this is an ATI Radeon 7000-M.
<Soekris> And if you have installed the additinal driver you must also reboot
<akoumjian> Anyone else getting 403 forbidden from ec2 ubuntu archives? https://gist.github.com/2821127
<adam_g> zul: do you have any pending changes to glance-proposed or keystone-proposed that you haven't pushed yet?
<pior> akoumjian, yes
<pior> akoumjian,  <utlemming> was supposed to look at this issue
<akoumjian> pior: thanks.
<pior> told me it was fixed : indead the second issue (one of the server in timeout) is fixed
<pior> but waiting for it too
<pior> 'utlemming> pior: we have new beta repos that you can use if you want. Run: sed -i "s,ec2.archive.ubuntu.com,ec2.archive.ubuntu.com.s3.amazonaws.com,g" /etc/apt/sources.list
<akoumjian> pior: Again, thank you. I'm testing some automated deployments, so I will probably just wait until the issue is resolved.
<jolaren> Any tips for nice programs for a server that's going to be hosted at work? I'm thinking PlaySMS for a SMS-gateway and Teamspeak/Socks5.. what more fun thing could you use a ION Asrock 330 for?
<genii-around> Perhaps  Quassel
<jolaren> rather use irssi then but I don't need that
<genii-around> Maybe a web-to-fax gateway
<genii-around> ( or reverse, mgetty-sendfax in, emailed out )
<jolaren> that would be cool
<jolaren> perhaps installing tor is also of intrest
<xclusive585> why is it, if I want to SSH in to my server and run a program, there is almost always problems with running something in the background (&) unless I run it "sudo"?
<xclusive585> I.E. some programs I use that have a command line server half, and a gui front end. I like the server half running in the background so I can just open GUI windows when necessary
<xclusive585> But if I do not use "sudo" and run whatever as root, it will exit when I close my SSH session.
<fluvvell> I have a strange issue with a raid array, was running a swap partition on each of two drives in the array. Machine crashed with server panic, restarting rebuilds one of two arrays on drive and everything returns to normal. Smartctl reports both drives in array in full health. http://pastebin.com/K4G838kc
<fluvvell> have since turned off one of the swap partitions, the one indicated in the error log - pasted log offending info from syslog.
<fluvvell> the machine is running 10.04 server, 64bit and is up-to-date
<xclusive585> I've heard rumors about issues with system RAID volumes in 10.04. Sorry I cannot help here.
<fluvvell> xclusive585: well its been running pretty flawlessly until a week ago
<xclusive585> So, does it rebuild everytime you reboot? or did it just do it once and then it was ok?
<xclusive585> and dont count on "smart" errors... SMART only catches an error in less than 50% of HDD fails.
<xclusive585> but considering it was just your swap partition that was acting up, I think the issue is more likely related to the kernel
<fluvvell> xclusive585: ive only rebooted twice, and it rebuilt both times without my intervention
<fluvvell> xclusive585: related to the kernel how?
<fluvvell> twice in three weeks
<xclusive585> I just think it's weird because only the swap partition is rebuilding, and not the other(s)?
<xclusive585> that's why it seems like an OS issue and not the HDD.
<fluvvell> xclusive585: I think a more accurate assessment of SMART would be that only in 50% of the time does SMART give you enough warning *before* a disk fails.  Sorry, the swap partition is not a raid array - hope I did not mislead there.
<xclusive585> But I could be wrong. Honestly I'd test things by reinstalling Ubuntu, but I know that is not always an easy (or even possible) option
<fluvvell> it is in fact md0 which is rebuilding, the root partition
<xclusive585> well, you only need one swap partition. So I'm confused how you had two swaps worked in together if they were not RAID
<fluvvell> xclusive585: no, your right its not possible - its a production server.
<fluvvell> xclusive585: http://tldp.org/HOWTO/Partition/setting_up_swap.html     9.3 documents more than one swap partition. Its not unusual
<qman__> looks to me like that drive is failing for some reason
<qman__> could be a loose cable or power issue just as easily as drive failure without SMART notice
<xclusive585> well, in my (short) experience, if you have say a two disk mirrored volume, then you set up two swaps (one on each) as a single mirrored swap vloume
<qman__> I wouldn't do that
<xclusive585> Thanks someone else. :-) I have no ideas here.
<qman__> no point
<qman__> your swap really shouldn't be containing critical data
<xclusive585> but how do you keep the two disks swaps equal for mirroriog if you dont?
<qman__> I guess it might work in preventing your server from crashing if a disk failed
<qman__> you don't
<qman__> it's a performance thing
<qman__> but unless you've got serious hardware, a disk failure often crashes the server anyway, or at least requires you to take it offline
<xclusive585> well, if you only create a swap on one disk, then you have either wasted space on the other, or two system partitions that aren't the same size, I guess is what im confused about
<qman__> you create a swap on both
<qman__> then it can use whichever is more convenient
<fluvvell> qman__: one swap will be fine, its just I built the disks identically in layout so they both had a swap partition, I didn't need to swapon them both necessarily.
<xclusive585> so you just use two swaps then?
<fluvvell> its just that errors from a swap partition are new to me
<qman__> fluvvell, what I'm saying is, the disk whose swap isn't working is probably failing
<qman__> make sure you've got a spare around
<qman__> I actually don't use swap, but that's neither here nor there
<qman__> RAM is cheap and fast
<xclusive585> my server never swapped more than a few k, lol and it has some 30 gigs of swap
<fluvvell> qman__: yes, I had wondered that - is there a way to fsck or check the swap partn? or is badblocks enough?
<qman__> May 28 18:06:32 greenstone kernel: [609106.636488] end_request: I/O error, dev sda, sector 266662719
<xclusive585> but in the future, I won't RAID the swaps, I'll just use two separate equal sized ones
<qman__> if it's consistently those sectors, it could be just a bad spot
<fluvvell> qman__: yes I'm also familiar with the idea of using heaps of RAM instead, makes sense.
<qman__> but the odds are, since your array is rebuilding, that the disk is actually going bad or you have some other intermittent failure
<fluvvell> qman__: ah, yes sector 266662719 - well spotted.
<qman__> xclusive585, it's fine to raid them if you want to avoid any downtime with a failure, since a failed disk with your swapped data on it would crash software, but like I said, without other serious hardware it'd probably crash anyway, a lot of disks bring down the controller when they fail and force you to edison boot
<fluvvell> qman__: as it has crashed mine
<fluvvell> qman__: edison boot????
<qman__> fluvvell, kill the power, by either unplugging the cord or using the hard switch
<qman__> edison as in Thomas Edison and many power companies named after him
<fluvvell> yes
<fluvvell> qman__: Oh, power=edison, inventor - funny I've never heard the term
<xclusive585> I run soft raid, on my little home server. The idea is that no one drive failure causes a crash. So I guess I did ok. :-) I use a 2 disk mirrored volume, and a 4 disk RAID10 for data. Sure a failure would mean a reboot, but that's about it.
<fluvvell> power companies not named that way in NZ
<qman__> xclusive585, then you did what you want, just be aware that you've still got coinflip odds it'll crash anyway
<qman__> in case of bad sectors it wouldn't, but in case of other types of failure it's not uncommon
<xclusive585> awww, now im scared. :)
<qman__> it's not permanent damage I'm talking about, just the drive controllers often lock up, so all your disks go offline
<xclusive585> as long as a replacement drive would allow it to boot back up and re-compile, I'm happy\
<qman__> and if all your disks are on the same controller, chances are you have to power it off manually
<qman__> yeah
<fluvvell> qman__: Problem: swap partition reports from fdisk that it starts at 266662935
<qman__> fluvvell, right
<qman__> it's not necessarily in the swap partition, just that the failure caused the swap partition to become unreadable
<fluvvell> Thats enough for me, I
<fluvvell> I'm off to the hard drive shop :-)
<qman__> what you'd do to figure this out is attempt to read or write to those same sectors again to determine if it's spot related or not
<qman__> that's the best plan
<fluvvell> now, with two identical drives, which is sda ?  possibly the one in SATA0 I guess.
<qman__> you can get the serial number from smartctl
<qman__> the naming doesn't necessarily correlate to the physical connections in any way
<xclusive585> do what qman said, but typically yes, sda is sata0, sdb sata1 and so on
<qman__> so the serial number is how to be sure
<qman__> they're named in the order they're detected, which may or may not be the order they're hooked up, and may or may not be affected by other udev rules
<qman__> it's non-deterministic
<fluvvell> qman__: well at least smartctl gives me the serial number :)
<qman__> that's why everything's moving to UUIDs
<fluvvell> yes I use UUIDS
<fluvvell> right thanks for the help, I'm off.
#ubuntu-server 2012-05-29
<koolhead17> hi all
<erichammond> Attention needed from Canonical folks running EC2 repositories: https://forums.aws.amazon.com/thread.jspa?messageID=349163
<lifeless> erichammond: we think its fixed, if they could try again?
<lifeless> erichammond: a good place to ask such questions is #ubuntu-mirrors
<erichammond> lifeless: It would probably be a good idea to post a response on the AWS forum as well as in this thread for the folks who are following the issue: https://groups.google.com/forum/?fromgroups#!topic/ec2ubuntu/gQJWyEP1ABY
<lifeless> erichammond: I'm just acting as middle-man, I'll pass that on
<ChmEarl> anyone got vfb objects working in xen dom0 on 12.04?
<ChmEarl> the xen dom0 boots fine and I can create paravirtual domU fine without vfb
<ChmEarl> nm - fixed it - cd /usr/share;ln -s qemu-linaro/ qemu
<ChmEarl> xen looks for keymaps under qemu, not qemu-linaro
<zul> adam_g: for which?
* Tm_T changed the topic of #ubuntu-server to: Ubuntu Server discussion and support | For general (not server specific) support visit #ubuntu | IRC Guidelines: https://wiki.ubuntu.com/IrcGuidelines | Get involved: https://wiki.ubuntu.com/ServerTeam/GettingInvolved | Docs and resources: https://help.ubuntu.com/12.04/serverguide/ | Quantal (12.10) roadmap bugs, http://status.qa.ubuntu.com/reports/ubuntu-server/release-bugs.html
<jefimenko> does anyone know how to get a consistent MAC address for a active-backup bond in 12.04?
<jefimenko> since upgrading to 12.04, sometimes the system takes eth0 MAC at boot, other times it's eth1
<jefimenko> i need consistency for DHCP
<jefimenko> http://ubuntuforums.org/showthread.php?t=1967987
<Jeeves_> afaik, it always takes the 'lowest' mac-address
<jefimenko> this is my network configuration: http://paste.ubuntu.com/1012761/
<jefimenko> i'm trying to force the hwaddress to the MAC of eth0
<jefimenko> just like the poster in that thread
<jefimenko> it doesn't seem to work either
<jefimenko> Jeeves_: it's not taking the lowest. it's random
<jefimenko> sometimes it's the eth0 hwaddr (lower), other times it's the eth1 hwaddr (higher)
<jefimenko> every time i reboot i don't know if the system will come up on the network :(
<qbitza> Hello, I have a weird RAID issue
<qbitza> dmraid -s returns: ERROR: isw: wrong number of devices in RAID set "isw_biaeibhcac_RIAD1" [1/2] on /dev/sdb
<qbitza> but cat /proc/mdstat says the device is fine
<qbitza> It is correct in reporting that there are more than 2 devices in that array, should be three
<lynxman> morning o/
<RoyK> morning o\
<qbitza> morning \o
<qbitza> Anyone here know RAID?
<rbasak> !anyone | qbitza
<ubottu> qbitza: A high percentage of the first questions asked in this channel start with "Does anyone/anybody..." Why not ask your next question (the real one) and find out? See also !details, !gq, and !poll.
<qbitza> I have a weird RAID issue: dmraid -s returns: ERROR: isw: wrong number of devices in RAID set "isw_biaeibhcac_RIAD1" [1/2] on /dev/sdb, but cat /proc/mdstat says the device is fine - It is correct in reporting that there are more than 2 devices in that array, should be 3
<ogra_> rbasak, i see you are diswcussiong highbank flash-kernel support, please note that we'll remove the current (forked) flash-kernel in ubuntu and will switch to the rewritten one in debian, your coding Ã¼plans should probably take that into account
<ogra_> s/in debian/from debian/
<ogra_> i'll send an emauil this week to ubuntu-devel about that, just wanted to warn you in advance
<rbasak> ogra_: thanks. I had thought that there was no plan to do this! How will we converge board support for everything?
<rbasak> ogra_: see also bug 642855 - no point in fixing that then?
<uvirtbot> Launchpad bug 642855 in flash-kernel "Insecure use of temp files" [Medium,Confirmed] https://launchpad.net/bugs/642855
<ogra_> rbasak, all arches we currently support are also supported in the new flash-kernel (omap, omap4, ac100, mx5), highbank and armadaxp will have to be added thoough
<rbasak> ogra_: when do you expect that we will switch?
<ogra_> rbasak, we wanted to do that since three releases, but postponed it for after LTS (was discussed at every UDS) ... the new flash-kernel keeps HW data distinct from code and will be far easier to maintain
<ogra_> i would like to switch before we start building A1, there the fallout will be least harmful
<ogra_> but i'm not sure i'll manage snice we also switch all images to livefs'es
<ogra_> (alternate will be dropped across the board)
<rbasak> netinst images will remain though, right?
<ogra_> yep
<rbasak> great, just checking
<ogra_> and the server live image will still use d-i
<ogra_> just not a package pool on the image
<ogra_> (and use a squashfs instead)
<rbasak> ogra_: is there a relevant blueprint on this? I think we need work items on porting armadaxp and highbank support.
<ogra_> rbasak, nope, no blueprint (that would onl have "sync from debian, notify people that maintain hacked scripts to port them)
<rbasak> ogra_: I appreciate the advance warning. It will be a severe regression for us. Not a big deal to port, but we will need to do it and retest etc, and I'd like to track this somewhere. What would be the best way to track it?
<ogra_> well, add a spec for eilt ?
<rbasak> I suppose. I'll stick it in the ARM server deployment spec I suppose
<ogra_> https://blueprints.launchpad.net/ubuntu/+spec/foundations-q-hwpack-integration has a Wi for it if ou need a dependenc
<ogra_> y
 * ogra_ wonders why his Y seems to not print 
<rbasak> Do you mind if I stick work items for armadaxp and highbank under your flash-kernel merge work item? It makes more sense to me to put them in there.
<ogra_> hmm, the dont really fit into that spec
<ogra_> *they
<rbasak> I think it's a sub-item of the merge job, since the merge introduces a regression which will need to be fixed
<ogra_> does it ? do we have highbank support in the current flash-kernel already ?
<ogra_> (thats why i wanted to do it early, to actually not have it in before we move)
<rbasak> Just about. There have been uploads. It's buggy currently. I had a non-buggy merge request, but it conflicts with NCommander's latest changes.
<rbasak> So as soon as I've discussed it with NCommander we will have.
<ogra_> (i also would have expected NCommander to actually make sure it gets into the new f-k since he knows about the plans since three releases)
<rbasak> And armadaxp is already in the current flahs-kernel of course
<NCommander> rbasak: ogra_ the current f-k didn't support what was needed
<ogra_> NCommander, oh, you are up already
<NCommander> ogra_: yes, I've been waiting three releases for it. If it actually gets uploaded, then I'll worry about it.
<rbasak> NCommander: hello!
<rbasak> NCommander: can we chat about getting highbank support in flash-kernel and d-i?
<NCommander> rbasak: its already in the f-k that's in archive.
<ogra_> NCommander, awesome, i would like to sync it pre-A1 or shortly after (depending on the live-image move)
<rbasak> NCommander: we have all the pieces - I'd really like to get this resolved asap so that I can focus on maas
<rbasak> NCommander: it doesn't work. Did you get my email?
<NCommander> d-i was waiting on the kernel
<NCommander> rbasak: Monday was a US holiday, I haven't even checked my inbox yet
 * NCommander kicks thunderbird
<ogra_> yeah, half the world has a holiday yesterday
<ogra_> *had
<rbasak> NCommander: ok sorry, let me know when you're ready
<ogra_> (germany too ... whitmonday)
<NCommander> rbasak: oh I see it
<rbasak> ogra_, NCommander: once we have highbank working in d-i, I'd really like to not break it with a flash-kernel merge. Can we work to getting highbank in and tested to the new flash-kernel before we replace the existing one?
<NCommander> the d-i stub wasn't tested fully
<ogra_> rbasak, feel free, we will sync from unstable
<NCommander> rbasak: so the f-k stub works properly if f-k.conf has all the necessary bits in it. I flubbed up the bit of f-k-i that has that code.
<ogra_> and split out the DB data into an arch all package so it can be used without having to install f-k itself
<NCommander> ogra_: sync?
<NCommander> Oh
<ogra_> NCommander, yeah, just a sync and dropping all our hacks
<ogra_> thats why i want to notify everyone in advance :)
<NCommander> ogra_: the hw database is a separate package then?
<ogra_> loics rewrite has support for all arches we support except for the two new server arches ...
 * NCommander hasn't looked at the new f-k in two cycles.
<ogra_> its not in debian, it will be in ubuntu
<NCommander> so f-k will get blacklisted?
<NCommander> (on the sync list)
<ogra_> so we can use tehe DB in chroots even if we dont use f-k
<ogra_> no, it will be a normal merged from then on
<NCommander> right, I remember the discussion, I was waiting for the implementatoin :-)
<ogra_> with (hopefully) just minor packaging tweaks
 * NCommander looks to see if highbank kernel landed
<ogra_> so it would be good to get armadaxp and highbank into debian too :)
<rbasak> ogra_: would a drop-in flash-kernel replacement from debian work today? ie. can I test this in advance easily?
<ogra_> rbasak, theoretically it should just work, yeah
<ogra_> (for arches debian and ubuntu both support indeed)
<rbasak> ogra_: ok, thanks. I think our approach should be to get either debian flash-kernel ready and tested with highbank and armadaxp support first, or an ubuntu delta prepared, before we update quantal. Not sure who'll do that - I'll discuss with the team.
<ogra_> rbasak, then it will have to wait until A2 or A3 ...
<ogra_> which means a *lot* less testing
<rbasak> why would it have to wait until A2 or A3?
<ogra_> the new arches need to be added anyway, the switch will have to happen anyway, so we want it as early as possible in the cycle to have most testing
<ogra_> well, it definitely would have to wait until after A1
<ogra_> since we do the livefs switch too and i'm currently the only one working on arm stuff (the rest is at connect)
<ogra_> that would make us lose one miletone for testing, which isnt good
<ogra_> (note that A1 arm image installability  runs under the "nice to have" tag)
<ogra_> (buildability is the focus for them)
<rbasak> ogra_: when exactly were you planning to sync from debian? And are you saying it will miss A1 because you'll be waiting for the armadaxp and highbank work?
<ogra_> rbasak, no, we planned to release only images that are installable, but there is no pressure from the release team that they "all have to work"
<ogra_> i.e. we planned to make the switch and see what works ootb ... then release that
<ogra_> so we have a window to fix the remaining issues until A2
<ogra_> (omap3/4, ac100 and mx5 should just work without touching any code)
<ogra_> (if they dont, they'll drop off the shelve for A1)
<rbasak> ogra_: sorry, I don't follow you. I want to avoid a regression in flash-kernel since that will block my MAAS enablement work and much of our automated testing which relies on netinst d-i in quantal working on armadaxp too. So I'd like to get flash-kernel fixed before upload. You seem to be saying that if we fix flash-kernel first, then this change would miss A1. Why? What are the deadlines for getting flash-kernel prepared in advance in order to n
<rbasak> ot miss A1?
<ogra_> this week
<rbasak> So you'll be syncing flash-kernel from Debian this week? When exactly this week?
 * ogra_ checks the release schedule ... i think A1 was planned for next thu
<ogra_> june 7th is A1 ... archive will freeze on monday (at least it usually did, not sure that policy changed)
<ogra_> that ,eans it has to be in by june 1st i think
<ogra_> *means
<LyonJT> Anyone know how to manipulate vspftpd so that when i upload a file it automatically changes the user?
<ogra_> (or latest at june 3rd if you like to work on weekends)
<rbasak> ok, thanks. I understand the situation now, and I'll ask the relevant managers about resourcing in today's meeting. Who did you have in mind to do the armadaxp and highbank work?
<ogra_> rbasak, well, someone with access to the HW :)
<ogra_> i.e. whoever does HWE in eilt
<rbasak> OK
<aljosa> how can i get numer of all active threads on system? something like lsof for file descriptors but something to check if i'm close to /proc/sys/kernel/threads-max
<yolanda> hi, i have a question about security on a package, can i get some help?
<rbasak> !ask | yolanda
<ubottu> yolanda: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<yolanda> i had one packaged reviewed last week, openerp-desktop, and i had rejected with some bugs. One of them is about security, so i need some advice on it
<yolanda> this is the problem i had reported: debian/openerp-desktop.postinst sets the openerp database password in
<yolanda>    an insecure manner which allows other users to see it via /proc.
<yolanda>    Both the 'psql' and the 'sed' command have this problem.
<freakabcd> hi all
<freakabcd> I am running ubuntu server 1204 in virtualbox.. everything was working fine, so I saved this vm as  the base. then I cloned it.
<freakabcd> now in the clone (the mac address ofcourse changed), /etc/udev/rules.d/70-persistent-net.rules has eth0 as the old mac and the new mac is assigned to the1
<freakabcd> I could correct this manually in 70-persistent-net.rules but I want the file to be generated automatically
<freakabcd> so i delete the file and simply restart udev and nothing happens!
<freakabcd> i.e. the file is not regenerated as it says in the comment right on top of the file itself
<ogra_> it says it is generated by persistent-net-generator.rules
<ogra_> do you have this ?
<freakabcd> ogra_, I know for sure the file will be regenerated if i reboot the machine
<ogra_> (elsde i would just run the mentioned binary by hand or an initial start script)
<freakabcd> but i ofcourse do not want to reboot :)
<freakabcd> yes, the binary that is run is /lib/udev/write_net_rules
<freakabcd> this binary is automatically called when udev processes the /lib/udev/rules.d/75-persistent-net-generator.rules file
<freakabcd> but if i call the binary with sudo /lib/udev/write_net_rules    it simply says:  missing $INTERFACE
<freakabcd> restarting udev does not seem to regenerate the /etc/udev/rules.d/70-persistent-net.rules file
<Jeeves_> You probably need to set some environment variables
<Jeeves_> which are present at boottime, i assume
<freakabcd> oh ok..
<freakabcd> nice.. i will try it
<freakabcd> when it said missing $INTERFACE I assumes it to be an arg for the program
<Jeeves_> A reboot will probably fix the file.
<freakabcd> it looks like it might be an env var
<freakabcd> i'll try now
<freakabcd> no, i don;t want to reboot :D
<Jeeves_> Why did you completely remove the file?
<Jeeves_> Why didn't you just edit it? :)
<freakabcd> i have massaged this file many times when cloning VMs
<freakabcd> just wanted to see it actually regenerated the file without doing a reboot
<freakabcd> it says that it is regenerated automatically.
<freakabcd> and rebooting linux machines and VMs, i dont like :D
<ogra_> well, there are certain things you have to reboot for :)
<ogra_> even on linux
<freakabcd> no way..
<freakabcd> bringing a dev up for an existing iface does not need a reboot
<freakabcd> it was present on boot and was detected fine.
<ogra_> bootloader, kernel, the initsystem and udev changes surely fall under "you need to reboot to make it work if you want the daemon to pick it up" ... for udev thats surely a blurry area though
<ogra_> since it lives half in userspace and half in kernel space
<ogra_> rbasak, oh, looking at flash-kernel in teh archive it seems that infinity actually invested some time to clean up the mess with highbank
<rbasak> ogra_: he did, but I don't think it works. I'm doing more testing now.
<smb> smoser, utlemming, When Ben said the thing about no kernels in cloud images I realized that you might get bitten by the reduction of flavours quite a bit. Not sure it is possible to make a fallback to generic if no virtual is present in order to work with older and newer releases...
<jolaren> How do I move files from a folder to back from that folder?
<ogra_> rbasak, not to be sarcastic, but did yu guys think about peer reviewing code before uploading it ? :)
<jolaren> now I have a folder called teamspeak in /home/teamspeak/teamspeak/
<rbasak> ogra_: don't look at me. I don't have upload rights. Everything I do gets reviewed.
<smoser> smb, its under control. we'll fix it.
<ogra_> rbasak, yeah i didnt mean you :)
<smoser> utlemming's merge proposal is too simplistic as it is, because we know a range of -generic kernels that do not work (we can't just white list them all)
<smoser> and we need to change som eof the build scripts, but it is what it is.
 * rbasak had a merge proposal that he actually tested and does work
<freakabcd> ogra_, Jeeves_ sudo INTERFACE=eth0 MATCHADDR="08:00:27:98:16:c3" MATCHDEVID="0x0" MATCHIFTYPE1 /lib/udev/write_net_rules
<smoser> smb, unless you're going to change -virtual package to contain a file named
<smoser> '-virtual'.
<freakabcd> regenerated the file :D
<smoser> which may or may not be useful.
<smoser> does -virtual currently (quantal) conflict with -generic?
<smb> smoser, Ok. Yeah it probably needs to check the PAE in the related config for i386. I would rather think not (that about the file)
<smb> smoser, And similar, when there are virtual kernels those likely want to be sorted first... which may be a pain depedning on how the cfg ist created
<smb> (given that I seem to have issues already how I sort the letters in my words...)
<smb> smoser, Btw, the problem is that there is no real virtual package anymore. There are virtual meta packages and those pull in the generic kernel packages. Just like it is now with -server
<smb> real virtual... doh!
<smoser> smb, the code i have correctly sorts
<smoser> or, we can make it do that (it woudl currently favor X-generic over X-virtual except X-generic is blacklisted. so we would have to make it blakclist certiain -generic. that may be suitable).
<smoser> smb, i understood the problem (regarding the meta package). i was suggesting that it would be possible to re-architect kernel packages to build -virtual and -generic that did not conflict (even though they were binary content the same, except for path names)... if you could muck with the uname string.
<smoser> anyway.
<smoser> i dont htink tha tis necessary
<smb> smoser, The desire is to rather have less that same number of packages (while the actual gain is build time, but the packaging has grown rather complicated). But yeah, I think it should be solvable without. If it just picks up any kernel but places virtual first, then as long as the default index of 0 is not changed I would think it would work in all cases.
<szikael> I have problem with setting sshd_config  ,  the point 2 comp ubuntu 12.04  when i'm ussing ssh with out ListenAdress i am able to connect whan i'm adding ip (good one ) connectin refused
<szikael> how ever it is only whan i connect from comp 1 to 2 , the other way all is working corect
<tash> 've got a mysldump script that ran fine in Debian, but in Ubuntu 12.04 it seems like my defaults file ( .my.cnf ) in /root/ is not being read.  In my script I'm setting MYSQL_HOME="/root/" but when I run the script to dump db's I get denied for root@localhost
<tash> if I specify the password in the script on the line of the mysqldump ... --password="password" it works
<tash> so def seems like the defaults file is not being read
<tash> interesting, I removed the MYSQL_HOME variable from the script and it works now.
<tash> can someone explain that?
<jcastro> SpamapS: you were right wrt. my mdadm
<jcastro> a drive was kicked out and it just flipped out.
<jcastro> so instead of the drive being marked as not part of /dev/md1 it just put it in /dev/md1_d1 or somesuch
<SpamapS> jcastro: so were you able to --force it back in?
<jcastro> yep
<jcastro> rebuilt with "assume-clean" or some other very scary flag
<SpamapS> jcastro: I think I'm ready to say that btrfs disk pools or even the wacky FUSE based ZFS are better than ye-olde-RAID ;)
<jcastro> SpamapS: I'll let you know when my disks get here today. :)
<Gallomimia> i had this problem when running apt-get upgrade on my server today: http://pastebin.com/Rr7bW58V
<rbasak> Gallomimia: looks like an issue on your machine, but I can't tell for sure from that message. Do you have enough memory? Any runaway processes? Could the hardware be faulty?
<Gallomimia> i think it's ram. we downgraded and i've not seen how much is left
<Gallomimia> doesn't change what shows in top when i run more or less servers
<rbasak> Perhaps adding swap will help?
<Gallomimia> i think it will yes. we want to avoid swapping like the plague tho
<rbasak> You could always add more memory :)
<Gallomimia> default config is of course without swap cause most people will let it swap hard without noticing what's going on, and what it does to neighboring server's performance
<rbasak> Any idea how much you're short by? Is this operation requiring more memory than it should?
<Gallomimia> yes i think that's a better idea rbasak
<Gallomimia> 3gigs was enough to do what i want. but we went for one less cpu
<Gallomimia> think i'll just setting for what i can do on 2 for now
<rbasak> an apt-get upgrade really shouldn't need anywhere near that order of magnitude
<Gallomimia> well, i was super full
<Gallomimia> i dropped two servers and it's fine
<rbasak> I see. So not an issue with Ubuntu then?
<Gallomimia> when i get that particular flavor more configured properly, i'll use it more
<Gallomimia> no... it appears to be pebkac
<Gallomimia> which is what irc channels are best at telling you
<rbasak> OK, np :)
<Gallomimia> thanks :) good morning by the way
<FunnyLookinHat> Anyone here have experience with setting a TMPTIME in /etc/default/rcS ?  I just realized it's 0 by default which means my server ( which is never rebooted ) will just continue to float more and more data in there...
<FunnyLookinHat> I was thinking setting it to 1 ?  Would there be any big issue with doing os ?
<FunnyLookinHat> *so
<rbasak> m_3: can I give you the charm testing on ARM work item please? Does it still look feasible?
<m_3> rbasak: sure... I can reassign if necessary
<rbasak> thanks!
<m_3> rbasak: won't be able to start looking at it until next week tho
<rbasak> m_3: no problem!
<m_3> rbasak: note no hw (qemu only) if you need to split the item up
<rbasak> m_3: noted, thanks
<FunnyLookinHat> Or can I count on /tmp being cleaned when it reaches a certain size?
<rbasak> zul: any chance you could review https://code.launchpad.net/~racb/ubuntu/quantal/apache2/988819/+merge/106934 for me please? You were the last uploader...I asked for review from ~ubuntu-server as well, or should I put it in the normal sponsorship queue? I thought a server team member would make more sense.
<zul> rbasak: sure right after i poke my eye out with this thing im trying to fix
<rbasak> ok, no problem
<smb> zul, fixing pointy objects is dangerous
<zul> smb: my eye it is
<smb> Just good that we wear glasses...
<hallyn> stgraber: I'm thinking that lxc-net may need to just not run if dnsmasq is installed
<stgraber> hallyn: well, then containers won't get IPs, that doesn't sound like what we want
<hallyn> stgraber: they won't get ips anyway, becaue lxc-net will fail
<hallyn> all right i'll wait on that :)
<stgraber> hallyn: I think we probably should have a LXC_NET_NO_DNS option (using a better name obviously) that users can set to have lxc-net start but not bind :53
<stgraber> hallyn: that won't make it just work by default, because it's awfuly tricky to know how's the system wide dnsmasq configured but that'll at least give the user the option to fix their setup (and have lxc's dnsmasq only act as a dhcp server instead of dhcp+dns)
<hallyn> wil their base dnsmasq then answer dhcp requests for lxcbr0?
<xclusive585> heres a noob one: I cannot get apt-get to just show me what packages WOULD be upgraded. even the -u switch seems to do nothing if you dont actually install updates
<stgraber> hallyn: no it won't, that's why we'd probably want to only disable the dns part of dnsmasq, not the dhcp one
<stgraber> hallyn: AFAIK the system wide dnsmasq doesn't act as dhcp server by default, so we shouldn't get a port conflict on the dhcp port, only the dns port is the problem
<stgraber> we could probably have lxc-net automatically start in dhcp-only mode if it detects that something is already bound on 0.0.0.0:53 but we can't solely rely on that as it's racy
<stgraber> so having the configuration variable + fallback to dhcp-only if 0.0.0.0:53 is bound, sounds like the easiest way to solve ~80% of the current cases :)
<hallyn> sounds good.  but do you think we can have postinst choose automatically
<stgraber> we could, but I wouldn't do that until /etc/default/lxc is completely managed by debconf or people will get confusing upgrade prompts
<hallyn> ok
<stgraber> I'm starting to wonder if it wouldn't just be best if we patched dnsmasq to only bind the loopback address :)
<stgraber> then whoever wants it to listen on something else will have to deal with the consequences
<stgraber> (and hopefully will be clever enough not to set it to 0.0.0.0)
<hallyn> stgraber: well that's what i've watned, but it seems some people (more knowledgeable than i on these matters) think that's a bad idea
<streulma> Hi all
<streulma> does Java and Tomcat run on a Virtual Private Server with ony 1 gigabyte of memory ?
<stgraber> hallyn: another thought, can't we have lxc dump "bind-interfaces\nexcept-interface=lxcbr0" into /etc/dnsmasq.d/lxc and restart dnsmasq in the postinst (if /etc/init.d/dnsmasq exists)?
<stgraber> hallyn: so basically shipping our own dnsmasq configuration file for their .d directory that configures the system wide dnsmasq not to mess with lxc
<stgraber> AFAIK that's even policy-compliant :)
<hallyn> stgraber: i think that's been suggested (and nacked) somewere in one of the bugs for dnsmasq+libvirt+lxc
<hallyn> stgraber: what would then happen if they removed dnsmasq?
<stgraber> nothing
<hallyn> do we just have lxc-net check if dnsmasq is installed before starting its own dnsmasq ?
<hallyn> all right maybe i'll see if i can understand all you've suggested tomorrow.  i have some reading to do
<hallyn> stgraber: thanks
<stgraber> depends what solution you're talking about :) I'm starting to think that shipping /etc/dnsmasq.d/lxc is the cleanest option as it uses the dnsmasq.d directory that's meant for that, makes lxc's dnsmasq do its usual job and doesn't change user behaviour for the system dnsmasq
<stgraber> sounds all win to me :)
<hallyn> stgraber: sounds good to me.  I'll play tomorrow (unless you want to)
<stgraber> hallyn: I'll have a debdiff in a few minutes for you to look at
<hallyn> heh
<stgraber> I already have it working in a container here, just trying to make it look nice
<hallyn> and any reason we couldn't do the same thing for libvirt then?
<stgraber> the same would work with libvirt, yes
<adam_g> zul: i had to fix a patch to tthe swift tests in glance so tests will pass outside of buildds. not sure how that fits into the SRU
<hallyn> stgraber: out for lunch, bbl
<zul> adam_g: should be ok
<adam_g> zul: should i open a bug so we have something to reference in the changelog ?
<zul> reference it in the changelog, "rediffed due to x y z"
<stgraber> hallyn: http://paste.ubuntu.com/1013392/
<hallyn> stgraber: oh, i see. inverse of what i was thinking :)
<hallyn> looks good to me
<hallyn> that makes 3 fixes for q (two are staged in bzr), probably worth a release
<stgraber> sounds good. We'll probably want to get the dnsmasq one through SRU once the current gets into -updates
<hallyn> agreed
<hallyn> do you want me to push it, or do you want to?  (for q)
<hallyn> we can probably combine a bunch of the 'lxc-net failed to start' bugs (dup them i mean) and make them one high prio bug
<hallyn> addressed by both the fix for /bin/sh->bash and your dnsmasq one
<stgraber> I'll do a PPA build of the current bzr branch, see if it works as expected
<stgraber> merging the dnsmasq bugs would be nice, we'll need that if we want to SRU it anyway
<hallyn> great, thx
<stgraber> I also need to check that we can safely dump more than one of these overrides in dnsmasq.d so libvirt can do the same (and possibly network-manager too)
<hallyn> one should effing hope so :)
<hallyn> stgraber: but do you think we need two bugs for lxc-net not starting, or can i combine them all?
<stgraber> they sound like different issues. wasn't the bash one fixed a while ago?
<hallyn> i think that fix is still staged in bzr
<hallyn> maybe not
<hallyn> but i suspect there was only one bug that was due to sh->bash.  anyway, some are marked transitively as dups, but all are now related through dups :)
<hallyn> 4 or 5 of them
<hallyn> stgraber: we sill one day need to talk about syslog ns :)
<hallyn> but not today - gotta go (lunch for real now) bbl
<stgraber> hallyn: yeah... the current corruption mess is annoying :)
<stgraber> enjoy!
<Altbair5> http://j.gs/11yg --see the important movie
<zul> SpamapS:  ping
<SpamapS> zul: pong
<zul> SpamapS: are you doing an SRU run
<SpamapS> zul: yeah, training w/ bdmurray
<SpamapS> zul: he'll send you a reason for the rejection of python-webob :)
<zul> SpamapS: ok i was wondering :)
<SpamapS> zul: hint.. bug#'s are required
<zul> SpamapS: k ill have another look at it
<SpamapS> zul: also, adding quilt in an SRU is a no-no
<skrite> hey all
<stgraber> SpamapS: also, why was python-webob in the precise-updates queue and not in precise-proposed?
<SpamapS> stgraber: oh yeah, that too
<SpamapS> zul: ^^ wrong pocket
<zul> adam_g: do we have any fixes we need in horizon?
<adam_g> zul: none that i know of
<zul> adam_g: ok
<axisys> I have this redhat init script http://paste.ubuntu.com/1013541/ .. need to convert it to ubuntu
<axisys> what do I replace this with?
<axisys> . /etc/init.d/functions
<axisys> with this one may be? . /lib/lsb/init-functions
<axisys> ok what is ``killproc'' equivalent ?
<skrite> i would like to ask a couple of questions about mysql-cluster, anyone with any experience setting this up ?
<hallyn> zul: share some wisdom with me
<hallyn> zul: merging debian's qemu-kvm,
<zul> hallyn: thanks for making me feel old
<hallyn> they are right now copying files in debian/rules instead of using packagename.links / packagename.install
<hallyn> i have to pick different packagenames for most of those anyway, so they can't stay the same,
<hallyn> so should i keep the manual copies in debian/rules, or keep our qemu-common.install etc
<zul> i would do what debian does, less headaches in the long run
<hallyn> all right, will do, thanks
<hallyn> (ideally i'd switch to their package names, but the fact that we split some stuff with qemu-linaro makes that impossible)
<zul> yeah
 * zul go gets his walker
<hallyn> man the deeper i get into this the more i wonder if it was a wise move
<Daviey> zul: wassup?
<zul> Daviey: hmm?
<Daviey> * zul go gets his walker
<zul> Daviey: heh...different context
<Daviey> hallyn: make sure you check to se if you need Breaks (& Replaces)
<hallyn> Daviey: near as I can tell all the old ones pre-date lucid and can actually be dropped
<hallyn> and i'm not changing any package names, so other than ipxe-kvm vs ipxe-qemu and such, all should be good
<Daviey> hallyn: hmm.. think we are talking about different things
<Daviey> ah
<Daviey> ok
<Daviey> i'm sure you've got it covered
<hallyn> we'll see.  my worry at this point is that i'm still doing so much slicing-n-dicing that it may not be worth it in the end
<hallyn> i may be better off just basing off of the same release+patches they use, but using our packaging otherwise
<stgraber> hallyn: the dnsmasq.d trick works with multiple packages providing the same kind of configuration, so will be fine to have something similar in libvirt and network-manager
<hallyn> awesome
<stgraber> oh, and quantal's kernel seems to be happy with lxc now, no more kernel oops
<hallyn> and if someone does apt-get purge dnsmasq, /etc/dnsmasq.d won't get removed (along with .../lxc), then after re-isntall we lose the fix?
<stgraber> hallyn: do you know the reason for the manual rm calls in debian/lxc.postrm? I can see how they might make sense in the remove) target, but in purge) it seems pretty weird
<stgraber> hallyn: I didn't test this, but removing a full .d directory that contains files on removal/purge would be against policy
<stgraber> right, /etc/dnsmasq.d/lxc doesn't get removed on removal/purge of dnsmasq
<hallyn> stgraber: i'm pretty sure i did that.  you're talking about the apparmor ones?
<stgraber> hallyn: yeah
<stgraber> hallyn: I can see why they'd make sense under remove) but under purge) I don't see the point
<stgraber> hallyn: because when you purge the package it's going to remove these anyway
<stgraber> if the idea is to ensure we get rid of the apparmor jobs when lxc is installed, they should be moved to remove)
<hallyn> yeah no, they probably should just be removed
<hallyn> the rms that is :)
<stgraber> is it a problem if the apparmor rules are there after lxc is removed?
<stgraber> if it's, we need to keep the rm calls but move them to remove), otherwise we can just remove the rm calls
<stgraber> (for example I'm removing /etc/dnsmasq.d/lxc in remove) as I don't want our dnsmasq override to exist after the removal of lxc)
<zul> rbasak: whats the url for the merge?
<rbasak> zul: https://code.launchpad.net/~racb/ubuntu/quantal/apache2/988819/+merge/106934
<zul> rbasak: thanks
<hallyn> stgraber: no i don't think it's a problem
<hallyn> if the rules are there after lxc is removed
<hallyn> i obviously was thinking it might be, but i can't think of any reason for it
<stgraber> ok, I'll remove that from the postrm in quantal then
<osmosis> why is munin-node-configure not suggesting the 'memory' graph on 12.04?
<stgraber> hallyn: lxc uploaded to qunatal
<stgraber> *quantal
<hallyn> yay
<hallyn> now if only i could say the same about qemu-kvm
<jMCg> Hello happy people o/~
<jMCg> I'm looking for *sane* OpenLDAP package.
<jMCg> I found a PPA here: https://launchpad.net/~christian-roessner-net/+archive/openldap but it's not available (for Precise)
<Skaag> I have the 10.04 LTS, I run do-release-upgrade and it doesn't find the latest LTS. Any ideas why?
<Skaag> never mindâ¦ the -d switch does it
<jMCg> \o/
<jMCg> I have found the error. It was a missing certificate in /etc/ssl/certs/ca-certificates.crt -- Of course GnuTLS wouldn't tell me that. I had to recompile OpenLDAP so that OpenSSL would give me a sane error.
<axisys> how do I find out all the pkgs I installed after the server install .. I think we installed this server almost year ago and now I need to find out all the pkgs that are installed since then
<ScottK> axisys: Try dpkg --get-selections
<ScottK> That will show you all the installed packages.
<axisys> ScottK: right.. but is there a way find out the diff?
<axisys> I only installed openssh and basic ubuntu server during install
<axisys> and the rest after wards
<ScottK> Not sure.
<axisys> /var/log/apt/term.log has only log from june last year earliest
<ScottK> How about /dpkg.log*
<ScottK> axisys: /var/log/installer/initial-status.gz may be of use too.
<RoyK> zcat /var/log/installer/initial-status.gz | awk '/Package:/ { print $2 }'
<axisys> so initial-status is for the pkgs that came duing install.. correct?
<axisys> during*
<RoyK> axisys: iirc yes, just check the file's date
<axisys> doh! .. thanks 2010
<RoyK> axisys: then make a list over installed packages with something like 'dpkg -l|awk '/^ii/ { print $2 }'"
<RoyK> "dpkg -l|awk '/^ii/ { print $2 }'"
<RoyK> and you have something diff might eat ;)
<axisys> RoyK: thanks a lot
<RoyK> ;)
<pdtpatrick> Question - anyone witness this problem with apt-get  (when updating or installing a package), It starts off fine and then gradually gets slow and eventually just times out
<pdtpatrick> I'm using the following sources list: http://pastie.org/3991893
<RoyK> nope - tried downloading the packages manually? might be something bad with your connection
<pdtpatrick> tried downloading it manually, it takes just as long
<RoyK> then try another country ;)
<RoyK> if in the us, perhaps .ca might be better?
<pdtpatrick> ca.archive.ubuntu.com ?
<RoyK> yeah
<pdtpatrick> same deal
<pdtpatrick> 5MB file takes 15mins. wtf -- going to hit up the network guy again.
<RoyK> what if you try something far off? .de? .no?
 * RoyK is in .no and time is well past bedtime - nite
<axisys> nealmcb: nite
<axisys> oops
<axisys> RoyK: nite
#ubuntu-server 2012-05-30
<harushimo> when installing maas, do I need install the server version of ubuntu?
<harushimo> I'm using a vm to do it
<fosterdv> http://people.canonical.com/~gavin/docs/lp:maas/install.html
<bigjools> https://wiki.ubuntu.com/ServerTeam/MAAS is better
<harushimo> I checked this out
<harushimo> it doesn't really answer the question
<harushimo> I'll check it out again
<harushimo> thank you
<bigjools> yes it does
<fosterdv> I think he was talking about mine.
<harushimo> I haven't seen the other link
<bigjools> it's a redirect from maas.ubuntu.com
<fosterdv> The one you gave is pretty nice, thank you for that.
<bigjools> my pleasure
<harushimo> thank you for both of those links
<harushimo> I checked out wiki.ubuntu.com one quite a few time
<harushimo> the second one answers it
<harushimo> the way it looks like to me, you need to have ubuntu server installed and then install maas
<harushimo> the second link from canonical answers it
<harushimo> thank you
<bigjools> you don't *need* it for the server, I run it on my desktop installation.  But you need the server image for nodes.
<harushimo> I'm doing a vm anyways
<harushimo> I just install server and do it that way
<harushimo> right which you need to import right
<bigjools> ok
<harushimo> its easier
<harushimo> last time I install maas, apt-get broke
<harushimo> correction I broke apt-get somehow
<harushimo> that is why I decided to do a vm
<harushimo> if my vm breaks, I can delete it and do a reinstall
<JeffSi> Hello, I was working on getting a squid proxy server running which I eventually did get running, however, I just did a kernel update and something must have broke it. The problem is that I have no idea what may have broken it. Can someone point me in the right direction?
<JeffSi> Any help would be appreciated if anyone gets a chance.
<escott> JeffSi, its such an unlikely cause "changing the kernel affecting a userspace service" that its hard to figure how that might happen? Where did you get this kernel? What was its config?
<JeffSi> escott: Thats what I was thinking but the only thing I did to the system was upgrade the kernel and reboot
<JeffSi> I did an aptitude upgrade to get the kernel and what do you mean what was the config?
<escott> JeffSi, if you got it through aptitude its a standard ubuntu config. i was wondering if you compiled your own
<harushimo> is everything done in the command line on ubuntu-server
<harushimo> I mean it doesn't have a front end
<JeffSi> yes
<harushimo> yes everything done in the command line?
<harushimo> no front-end?
<harushimo> I'm guessing yes to both of those questions
<JeffSi> Sorry, yes
<escott> harushimo, you could install one, but thats less "server-y"
<harushimo> I'm just asking
<harushimo> I figured
<harushimo> I thought servers would have gui interfaces too
<harushimo> my assumption was wrong
<harushimo> how to install all the updates on server?
<escott> harushimo, with windows and mac that may be true, but thats because their command lines are (historically) crippled and there are things you can only do through the gui
<fosterdv> apt-get update && apt-get upgrade
<harushimo> really
<harushimo> I didn't know
<harushimo> lets not go into macs
<harushimo> those computers are they own breed
<harushimo> because they don't fall any unix/linux behavior
<harushimo> it is so different
<harushimo> I like ubuntu desktop
<harushimo> this is my first time using desktop version
<fosterdv> apt-get update will search for available updates.. and apt-get upgrade will push your updates.
<fosterdv> You can run them together by using the &&
<JeffSi> I have no idea what to do to troubleshoot this
<harushimo> I did the update part
<harushimo> I forgot about the upgrade command
<harushimo> would the command be sudo apt-get upgrade & apt-get update?
<harushimo> like that
<fosterdv> Yeah
<harushimo> perfect
<fosterdv> actually, no.
<fosterdv> wait.
<harushimo> ok
<harushimo> what's up
<harushimo> go ahead
<harushimo> how does the command work?
<fosterdv> sudo apt-get update && apt-get upgrade
<fosterdv> That's how it would go.
<harushimo> perfecto
<harushimo> I miss one
<harushimo> hehe
<fosterdv> ;)
<harushimo> thanks everyone. I'm heading out.
<fosterdv> Cya
<escott> JeffSi, i would start by running the daemon from the cli and seeing what it outputs
<manmeetbhangu_> hi
<manmeetbhangu_> is there anyone who can help me in a small issue @ linux
<RoyK> !ask
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<twb> RoyK: or !anyone
<RoyK> !anyone
<ubottu> A high percentage of the first questions asked in this channel start with "Does anyone/anybody..." Why not ask your next question (the real one) and find out? See also !details, !gq, and !poll.
<fosterdv> !patience
<ubottu> Don't feel ignored and repeat your question quickly; if nobody knows your answer, nobody will answer you. While you wait, try searching https://help.ubuntu.com or http://ubuntuforums.org or http://askubuntu.com/
<twb> He's gone, btw
<ScottK> !gone
<ScottK> Should have one for that too.
<fosterdv> Lol, yeah
<twb> ScottK: in #emacs, where I can edit the bot, I have about 70% of my IRC messages built into the bot
<twb> e.g. /msg fsbot salespitch
<twb> /msg fsbot twb-fix
<SpinningWheels> i was copying a large amount of data from one drive to another using cp. at some point it stopped  what is the best way to continue the copy process ensuring that there isnt an incomplete file from random stop? if this is not a trivial task, i will start over and loose a few hours copy time
<twb> SpinningWheels: learn rsync
<SpinningWheels> from what i know about rsync it is slow for local copies and any way that i know of to use rsync to ensure proper copy is to checksum each file which would likely add even more overhead than starting over. correct me if im wrong.
<SpinningWheels> cant use by date because the dates are the same (or the date of the copied file is newer, dont remember what cp does by default)
<twb> SpinningWheels: rsync is not significantly slower than cp
<twb> If I'm doing a cp -a of anything more than, say, 50MB or 1000 files, I will do rsync to begin with, and not even start with cp
<SpinningWheels> rsync -rb src dest accomlish my task?
<twb> I usually do rsync -ai src/ dst/
<twb> rsync cares about trailing slashes, the easiest rule of thumb is just to always put them there
<twb> The -a includes -r, the -i tells you what changes as it goes past.  You can omit -i if it's too noisy, you may also like --stats (which is printed at the end).
<twb> rsync has a lot of options so you should get comfortable with the common ones
<SpinningWheels> thank you for your help. :)
<jolaren> Gah!! All of a sudden everything stopped working ;p .. i did some changes to my sshd_config file but backed it up first and removed the edits and pasted the old one that functioned.. still can't connect over ssh and my teamspeak server is no longer running either
<andol> Doesn't hurt to reread rsync(1) now and then. Somehow there is always some useful option you had failed to notice the last time :)
<jolaren> rly strange
<jolaren> I did a "ip a" and I can now see that eth0 is giving me "no-carrier, broadcast, multicast, up"
<twb> jolaren: the cable is inplugged
<jolaren> wtf lol
<jolaren> two fucking hours of error searching
<jolaren> thanks twb
<twb> "no carrier" in ip link, means the cable from the server to the switch is unplugged
<twb> Note that it can only "see" the nearest cable segment
<jolaren> I didn't pick up on it, but now I'll never forget it
<jolaren> Stupid box, I have a LED behind the network cable.. so it looks like it's plugged in
<twb> Also it won't be reported if the link is not already up (i.e. "ip link set dev eth0 up"
<twb> jolaren: check BOTH ends of the cable
<twb> Also could be pins aren't quite mating &c, try a different cable
<Tm_T> jolaren: language, please
<jolaren> Someone must have pulled it out twb .. ;p
<jolaren> And I'm sorry for the language. I'll refrain myself.
<twb> You're lucky, I've been yak shaving for FOUR hours
<twb> haha, and it just crashed in a new way
<jolaren> This was so imcredibly stupid.. I wonder who pulled the chord and why.. the only solution I can think of would be the maintainance lady
<SpinningWheels> without yaks there would be no life.
<SpinningWheels> dont feel bad, i just spent a few hours on a simple mac address change during a virtual box import. sad thing is, i knew it did that, just never clicked with me that it actually... does that...
<twb> SpinningWheels: it does that without asking?
<SpinningWheels> yep. its part of the default behavior to prevent the other "oh **** why isnt this working now?" of having multilple vm's with identical mac addresses on the same network
<twb> Sigh
<twb> Personally I base my MACs on the hostnames, so if I make a new host to replace an old one, the MAC doesn't change
<twb> http://paste.debian.net/171888/
<SpinningWheels> heh, interesting
<Japje> a/w 156
<Japje> meh
<yaboo> got a ivy bridge machine, when I try to install ubuntu, it goes through the motions, but it will not boot after the install
<SpinningWheels> how many drives? did you install grub on the right one?
<SpinningWheels> is it multi-boot?
<yaboo> SpinningWheels, yes grub on the right one, and not multiboot
<SpinningWheels> ok, the other basic stuff, sure your bios is booting off the right drive? (drive order, etc)
<yaboo> yes it is
<SpinningWheels> well that pretty much covers my fk ups. best thing i can think of is live boot and reinstall grub. was more painless than i anticipated.
<yaboo> SpinningWheels, ok, will try
<twb> Oh bollocks, I hope this isn't the x86 board that doesn't do PAE
<SpinningWheels> o,0
<twb> Hm, how can I test that easily when I cannot boot off a HDD or USB, only PXE?
<SpinningWheels> heh, i never got around to doing PXE dispite my interest.
<twb> In precise, what does this become?  sed -i /etc/default/console-setup -e '/^FONTFACE=/cFONTFACE=TerminusBold' -e '/^FONTSIZE=/cFONTSIZE=12x6'
<twb> (i.e. the brute-force alternative to dpkg-reconfigure console-setup)
<lynxman> morning o/
<twb> Ah, I think console-setup is just not installed yet
<yaboo> SpinningWheels, able to boot my ivy bridge laptop with a live usb, I can mount my install ubuntu partition, how can I check its bootable
<SpinningWheels> i just reinstalled grub. afaik wont hurt anything if its already there.
<yaboo> SpinningWheels, how do I do this again please
<SpinningWheels> http://lmgtfy.com/?q=installing+grub
<twb> yaboo: did you check the Ubuntu Server Guide and the Installation Guide for documentation on that?
<jolaren> I'm searching for a reliable place to store a domain and also somewhere where they have many domains to choose from(.com/.net/.cc) etc
<twb> jolaren: what is your budget?
<jolaren> I just want the domain.. a few 10s a year?
<twb> Do you just want to drop a few files somewhere people can get at them, or do you want to run an ecommerce site.  etc.
<twb> To buy a domain you must talk to a domain registrar.  To host it you must run your own DNS server, or pay for DNS hosting.
<SpinningWheels> godaddy has made me lazy
<yaboo> SpinningWheels, seems I needed to have a efi partition, this ivy bridge ultra book to work.
<yann3> hello!  I've got mysql-client behaving weirdly in ubuntu 12.4 - it doesnt like the --defaults-file  or --defaults-extra-file options... http://pastealacon.com/30290   anyone inspired ? :(
<qbitza> Afternoon peeps
<qbitza> Tries to do a virsh snapshot-create <domain> and it took a looooooooong time
<qbitza> So 1: is there anyway of making faster, and 2:I stopped the process, and now the VM stays in paused state
<qbitza> Is it busy performing the snapshot or is it in a broken state?
<simoneke> Good evening - having installation issues with some ruby application and cannot get it fixed. Someone here who can have a quick look? :)
<zul> good morning
<ogra_> rbasak, FYI https://lists.ubuntu.com/archives/ubuntu-devel/2012-May/035266.html
<lynxman> zul: morning!
<rbasak> thanks ogra_
<ogra_> rbasak, you want to look at /usr/share/flash-kernel/db/ (there should also be a README about the format) to add new HW
<rbasak> ok
<tony_787> Hey i guys.. i have a question
<tony_787> Mounting using this command " mount -t ntfs /dev/sdb1 /mnt/Storage " is safe in ubuntu server 12.04 LTS ?
<Fidelix> Hello, I want to format with ext4 an USB disk that I'll only be using for very large files. Any custom settings I should be using?
<RoyK> Fidelix: no
<RoyK> Fidelix: just mkfs -t ext4 /dev/blah
<Fidelix> K. Thanks.
<gmcinnes> Hi yall. I'm trying to increase the size of the ebs root volume provided by the latest 12.04 on amazon ec2.  I've tried: unmounting the vol, taking a snapshot, making a new larger vol from that snapshot, and attaching the new vol as the root device, but the instance won't boot.
<gmcinnes> Any ideas?
<ironm> hello. short info: for installations of MariaDB 5.3 or 5.5 on ubuntu-server 11.10 or 12.04 in off-line mode ... http://rsync.it-infrastrukturen.org/mariadb/ubuntu/mariadb-ubuntu-local-repo.pdf
<ironm> hanks in advance for any feedback
<ironm> thanks
<reisi> anyone here with experience with mini-sas hba adapter cards and ubuntu server? any recommendations?
<maxtmahem> Probably an easy question, but I'm not sure where I went wrong. I was trying to add a dns search suffix to my server, so I made the appropriate changes to my network/interfaces file.
<maxtmahem> While doing that, I noticed my nameservers weren't set there either, so I added them as well.
<maxtmahem> After a networking restart however, I notice my resolv.conf has two sets of my nameservers in it.
<maxtmahem> Removing them manually and restarting networking results in the extra nameservers being regenerated. Where are these comming from?
<pmatulis> maxtmahem: the interfaces file, if you're using precise
<maxtmahem> pmatulis: yes, I'm using 12.04, but the interfaces file had no dns-nameservers options in it untill I edited it.
<pmatulis> maxtmahem: using dhcp?
<maxtmahem> pmatulis: not for this server.
<pmatulis> maxtmahem: so you have nameservers in the interfaces file now, you restart networking, anything wrong?
<maxtmahem> pmatulis: Well not wrong per-say, but the nameservers are now appearing twice in my resolv.conf
<pmatulis> maxtmahem: perhaps pastebin your interfaces file
<pmatulis> maxtmahem: using any other kind of networking setup that may be related (ex: vpn or multi-homed)?
<pior> gmcinnes, you may be able to do it with cloud-init
<pior> maybe not straightforward, but there is a resize-fs step I think
<maxtmahem> http://pastebin.com/gJEaNSiz
<maxtmahem> pmatulis: shouldn't be anything but plain static networking.
<pmatulis> maxtmahem: well, you have put 2 in there
<maxtmahem> right, but I'm seeing 4 addresses in my resolv.conf
<maxtmahem> resolve.conf http://pastebin.com/uVGxJ09W
<pmatulis> maxtmahem: strange
<blendedbychris> Is this some sort of halt? http://screencast.com/t/vtDYbHh78f8
<pmatulis> blendedbychris: is your server software up to date?
<blendedbychris> yes? i was in the middle of upgrading when it did that but i think it just does that eventually with normal running
<blendedbychris> this is precise with a few upgrades not up to date
<blendedbychris> pmatulis: what exactly am i looking at btw?
<zul> smoser: can you review/approve the openstack-qa spec
<pmatulis> blendedbychris: it looks like a problem with hardware (seeing a lot of "irq")
<blendedbychris> pmatulis: this is a hyper-v box :|
<pmatulis> blendedbychris: probably has to do with the virtual stuff then
<blendedbychris> pmatulis: any idea what i can look at to troubleshoot specifically?
<blendedbychris> like to determin what piece of "hardware" is failing
<pmatulis> blendedbychris: no.  i would contact microsoft first
<blendedbychris> uh
<blendedbychris> you crazy
<pmatulis> blendedbychris: why?  isn't hyper-v a microsoft thing?
<blendedbychris> i'd need to gather some sort of useful information to troubleshoot
<blendedbychris> pmatulis: is what i am looking at stored in syslog?
<pmatulis> blendedbychris: probably.  may also be in kern.log
<blendedbychris> thanks
<pmatulis> blendedbychris: but is there an actual problem?  does the server stop responding?
<blendedbychris> pmatulis: yea it halts
<pmatulis> blendedbychris: ok, that's bad.  runs for how long?
<blendedbychris> well i'm not sure that's why i'm trying to find this in the log
<blendedbychris> what's the number on the left translate to?
<blendedbychris> "157.60.."
<pmatulis> blendedbychris: it's the way the kernel monitors the uptime
<blendedbychris> ah okay so it had been up for 150 secs?
<blendedbychris> is there a logical reason one should use apparmor on a server?
<blendedbychris> weird thing is i can't find anything that correlates to that in syslog or kern.log
<jmedina> for security reason :)
<blendedbychris> that screenshot oi posted
<zul> Daviey: the scripts were done waaaaaay back
<Daviey> zul: i remember :)
<Daviey> zul: What efficiencies does using sqlite help with?
<Daviey> ie, does it still poll all the data on each run?
<zul> Daviey: caching the information on running
<zul> it does
<Daviey> zul: so.. is it still worth it?
<zul> Daviey: its not hurting anyone :)
<zul> Daviey: if someone wants to rewrite it then im all for it
<zul> Daviey: but if there is several scripts that use the same information then you dont have to query launchpad for each script, you just pull down the information once
<Daviey> right
<zul> so in that way its still worth it
<streulma> hello, does someone know how can I relay somename@domain-a.com to somename@domain-b.com ?
<streulma> with postfix
<streulma> somename is different
<streulma> all mail that's come in on domain-a.com must be translated to domain-b.com
<adam_g> roaksoax: ping
<roaksoax> adam_g: pong
<adam_g> roaksoax: so cobbler ships as part of MAAS currently, right?
<roaksoax> adam_g: not exactly, maas-provision (a new package)
<roaksoax> adam_g: it is a simplified version of cobbler
<adam_g> roaksoax: okay, so is there any way i can install cobbler-web alongside that? seems i can't because of conflicts with its dependency on cobbler
<roaksoax> adam_g: yeah, there's no way, unless you remove the depends on cobbler for cobbler-web (i.e. dowload the source, modify debian/control, rebuild, install)
<adam_g> bahh, okay
<adam_g> also, what is the correct profile for nodes ot be assigned to be used with MAAS+juju. is it $distro-$arch-juju, or maas-$distro-$arch ?
<adam_g> roaksoax: ^
<roaksoax> adam_g: maas-$distro-$arch
<adam_g> thanks
<hallyn> jamespage: around?
<hallyn> actually maybe i should jump straight to : zul: around?
<zul> hallyn: hah no
<hallyn> zounds!
<hallyn> zul: samba came up at the uds bug triage session, but not enough.  looking at bug 995817 .  the guy wants to share things over samba with nautilus.
<uvirtbot> Launchpad bug 995817 in samba "share samba doesn't work easily" [Undecided,New] https://launchpad.net/bugs/995817
<hallyn> IMO, this should be targeted at nautilus, yes?
<hallyn> I dont' want to retarget and then be called names and have it bounced back, but this is not a bug in samba
<zul> hallyn:  yeah i think so, just wear your absestos shirt
<hallyn> (and poor jamespage didn't know waht to do with it, apparently has never opened nautilus inhsi life :)
<hallyn> alrighty
<hallyn> thanks
<jamespage> hallyn, for the life of me I could not figure out how to do what the reporter was doing :-)
<hallyn> jamespage: right click on a folder in nautlius and choose 'sharing options'
<jamespage> hallyn, yeah - I don't get that option!
<jamespage> hence my confusion - maybe I'm hitting my own bug
<adam_g> jamespage: oh, you're still up. what was the plan for supporting quantal deployments in CI with MAAS? i see there are multiple juju envs defined, was that to be a work around?
<hallyn> iiinteresting
<hallyn> jamespage: on a standard desktop install?
<jamespage> hallyn: yep
<jamespage> adam_g, other than make it work somehow I'd not got that far
<jamespage> I suspect we will need to run maas from PPA to support quantal
<jamespage> same with juju
<adam_g> jamespage: ah, okay. was looking into it now, didn't realize how unsupported it really was
<jamespage> I could not get it todo anything other that 12.04 when I tried a few weeks ago
<esuave> anyone know how i can rename a volume group if it has logical volumes that are in use?
<esuave> specifically the root logical volumes..
<hallyn> stgraber: I guess actually the premounting of cgroups in a container would be better done through one of your hooks than through /var/lib/lxc/container/fstab - bc we want to mount each cgroup the current kernel knows about (not those existing at container create)
<hallyn> so...  what's the status of the hooks?  :)  were you going to wait on a patch until the api is done?  (in which case i need to get coding!)
<stgraber> hallyn: well, I'm quite busy on other work items at the moment but the hooks really should just be a few one-liners for the calls and a function to actually call them, so I'm not really waiting on the API before working on them
<hallyn> stgraber: ok
<hallyn> maybe we can get someone else on lxc-devel to hack them up :)
<hallyn> or highvoltage :)
<JonEdney> Whats the difference between the minimal system and OEM install?
<donvito2> how can i make /var/www/ to be readable?
<JonEdney> Any networking gurus around?
<Patrickdk> !ask
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<harushimo> i like command line but is it possible to have gui interface behind ubuntu-server
<harushimo> I'm just curious
<fsd> http://www.ubuntugeek.com/install-gui-in-ubuntu-server.html
<grendal-prime> grrr i need a radius server
<harushimo> thank you
<harushimo> I love command line but not this much
<jmedina> harushimo: you can try zentyal
<harushimo> zentyal?
<harushimo> tell me some about this program
<genii-around> harushimo: It's a web based control interface to ubuntu-server
<harushimo> okay
<harushimo> how will it load on the server?
<genii-around> harushimo: As a web page
<harushimo> when I install...don't you still need access to a browser
<harushimo> I'm talking about on the server side here
<harushimo> right now, my server has nothing
<jmedina> harushimo: you can download the full iso, or you can add zentyal repos and install single packages
<jmedina> just try it
<grendal-prime> like a webmin thang?
<jmedina> much better
<grendal-prime> ya i do something similar to that..
<grendal-prime> looks like its a ya small business server
<grendal-prime> looks cool though
<harushimo> okay I will
<grendal-prime> does it do radius
<harushimo> thanks everyone
<genii-around> harushimo: The usual thing is that the server sits someplace on the network and serves webpages, files, whatever it is you have it doing. Then you have other machines which have graphical desktop and browser, one of those is what you use to access the server.
<harushimo> right
<harushimo> I'm just learning about the server side
<genii-around> ( through ssh, or by something like zentyal ( or previously webmin ) )
<harushimo> to me, I find a gui useful even in servers
<harushimo> that is just me because it a little more efficent
<harushimo> you can click and go
<genii-around> For a server, it is not efficient
<harushimo> it is good to know the command  line
<harushimo> why
<harushimo> memory hog
<genii-around> Because X uses a ot of space and resources
<harushimo> I didn't know that
<harushimo> you have a lot of memory in these servers
<harushimo> sorry if I'm asking a lot of questions
<harushimo> I'm learning here
<donvito2> but i think webmin is not compatible to ubuntu?
<donvito2> <ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system.
<genii-around> donvito2: Thats why I said "or previously webmin"
<donvito2> sory
<donvito2> :)
<donvito2> ebox is more compatabile with ubuntu/deb
<genii-around> ebox and zentyal are different names for the same product
<donvito2> but i remember
<com7> hi everyone
<donvito2> i had problems with ebox
<com7> are you guys familiar with ubuntu 12.04?
<com7> as many things have changed since 9.,
<genii-around> com7: Do you have a more specific question?
<com7> do you start services at buutuo still in /etc/rc.2d or so or is there something new, like service xxx
<com7> no worries
<hazmat> com7, there's a new init system called upstart, it has compatibility with sysv init scripts though
<hazmat> see /etc/init/ for some examples of upstart scripts for services
<hazmat> there significantly simpler imo
<hazmat> you can use service xyz start|stop etc
<genii-around> com7: Everything is being moved to upstart, which uses start/stop/restart servicename and the files are in /etc/init    . The old systemV stuff in /etc/init.d/ still gets run with /etc/init/rc-sysinit.conf
<genii-around> hazmat: I think it's service xyz start/stop    for the sysinitv stuff and start/stop xyz for native upstart
<com7> thank you
<com7> i ll check that
<genii-around> com7: If you will be writing your own startup scripts, probably want to look into initctl, it basically has the function what the old update-rc.d did
<com7> thank you so much!
<com7> its then new way to start i think
<com7> my old php-programs had deprecated functions...
<com7> fixed now
<erichammond> smoser: jbrowne indicates he submitted a merge proposal for the AWS ELB package.  What's the next step for this? https://blueprints.launchpad.net/ubuntu/+spec/servercloud-q-awstools
#ubuntu-server 2012-05-31
<hazmat> genii-around, you can use the service command for either type.. but start/stop only work for upstart'ified services
<genii-around> Ah
<Tohuw> Can someone assist me with building a proper route table for my Ubuntu 12.04 server? I have two network interfaces (one with the public static IP, the other with a private IP), but I can see the route table is wrong, and I'm having trouble fixing it.
<Tohuw> (The modem will plug into the "outside" interface, the "inside" interface will connect to a switch)
<pukeko_> rdiff-backup restore problem here...  how do i restore a dir  such as /path/to a dir/with spaces/foo ?
<pukeko_> normally its rdiff-backup -r /some/directory /someother/directory
<pukeko_> ' /path/to a dir/with spaces/foo/'  doesn't work..
<imbrandon> /a/path\ with\ some/spaces/
<pukeko_> imbrandon: hi there - so i need to back slash the spaces huh.. i'll go try it ( its a Samba server - with windows users not OBEYING naming conventions ) m- cheers
<jefimenko> do you have to reboot after reboot after changing the timezone on a server?
<jefimenko> using dpkg-reconfigureÂ tzdata
<grendal-prime> i need a quick and dirty radius server
<twb> grendal-prime: what for
<grendal-prime> I need to create some accounting radius packets send them to a server..then send a stop packet
<grendal-prime> doesnt need authentication..
<grendal-prime> just accounting
<twb> What kind of server is speaking radius instead of sasl or pam?
<grendal-prime> i have to write those two scripts. A vpn server needs to send this info to an appliance that uses radius.
<grendal-prime> I think most isps use radius.
<grendal-prime> still
<twb> What, for dialup?
<grendal-prime> ?
<grendal-prime> No dude...radius has been adapted for all connection mediums ..has been for some time
<twb> Maybe if you like gooey insides
<grendal-prime> ?
<twb> Never mind.
<grendal-prime> how do YOU connect to the internet
<grendal-prime> cable?
<grendal-prime> cause i can tell you this much..comcast uses it.
<grendal-prime> cablevision ..time warner..they all use radius
<grendal-prime> but i digress
<twb> I have an ATM service over copper, called "ADSL2+".  Over that run a stupid PPPoA tunnel that exists purely for the ISP's billing purposes.
<grendal-prime> Ive just never set up a  radius server.  Ya that billing business  thats radius.
<grendal-prime> but anyway
<twb> The only time I had to deal with radius myself, was for stupid 802.11 "enterprise", and for that I used the fake one built into hostapd
<twb> Everything I could find about radius indicated it was an old and stupid alternative to SASL or PAM, and that if you used any method but EAP-TLS you were very very stupid indeed.
<twb> Since I am not authenticating to my ISP with a client-side TLS cert, it's implied that they're in the "very very stupid" category...
<twb> Personally I would prefer they just peg my ISP account to the PSTN service it's currently running on, and not have the PPP overhead of 7% or whatever it is
<grendal-prime> right
<grendal-prime> Anyway
<samba35> after upgrade some package (apt-get upgrade ) mouse doesnt work (as system hang) but if i use super (window) key then i am able to access mouse  why is it so any idea ?
<twb> samba35: we don't support GUIs here
<twb> samba35: try #ubuntu
<samba35> ok
<grendal-prime> radius is a AAA server basically...from what i can gather the first really widely industry adopted trip A  so. its still used for alot of things.
<tohuw> How can I make a script that will run each time I login to an Ubuntu server? I only want it to run at logon, and only when I am interacting with the session (as the script prompts for input)
<greppy> tohuw: call the script at the end of your .bashrc ( or other shell env scripts )
<twb> tohuw: write a cron job that runs @reboot
<twb> tohuw: write an upstart job
<twb> Oh sorry at *login time*
<twb> Then yeah, it goes in your ~/.bash_profile (or .bashrc, depending)
<tohuw> greppy, twb: thank you
<grendal-prime> nevermind i got one working
<twb> grendal-prime: which one
<grendal-prime> it really doesnt matter they are all based on cistron
<grendal-prime> i used xtradius because it seems to just use the default files and doesnt really expect you to connect a db.
<grendal-prime> but it seems like freeradius does the same thing really i dont know..all i know is i can creat a user and authenticate so..i should be able to do accounting only.
<grendal-prime> that and i need  an a&w root beet
<grendal-prime> beer that is
<grendal-prime> gonna try and do this with php5
<tohuw> twb: I added the command to my bashrc, but now each time I create a new window in tmux, it executes those commands. Is there a way to prevent this?
<twb> Use .bash_profile instead.
<tohuw> twb: Oh. That was too easy. Thanks
<andol> Or ~/.profile, if you already have one, which seems to be the Ubuntu default.
<andol> Creating a ~/.bash_profile would lead to an existing ~/.profile not being read.
<tohuw> andol: Ah, thank you! I do indeed have a .profile, and now I see how .profile and .bashrc are different. :) Thanks
<twb> andol: oh, thanks.  I thought .bash_profile was the default
<twb> that is, I thought Ubuntu defaulted to providing a .bash_profile in /etc/skel
<tohuw> twb: My /etc/skel on Ubuntu Server 12.04 has not been altered, and contains only .profile, no .bash_profile
<twb> Okey dokey
<codeshepherd> what is the free ubuntu 12.04 AMI in ec2? what is the AMI - id ?
<smb> codeshepherd, You can find daily builds here (http://uec-images.ubuntu.com/precise/current/).
<codeshepherd> smb: is it better to use the latest build or should I use the AMI that the aws market place suggests?  - in other words - will the daily build have unexpected bugs?
<smb> codeshepherd, Not sure what exactly the market place suggests. But I suspect that it would be the released version. While the daily, despite all efforts to prevent that, can have regressions, the released version for sure has known bugs the more time there is between release and "now".
<codeshepherd> thanks smb
<smb> You could as an alternative take the released version but then I'd at least update all security relevant changes
<blendedbychris> hey guys i just switched to precise and am having trouble getting hyper-v "native" networking adapter drivers to workâ¦ my prior legacy adapter seems to work but doesn't have connectivityâ¦ i need non-legacy to work anyhow. any ideas?
<blendedbychris> i have another vm that has precise running fine but i am not sure what is causing this machine to be wonk
<twb> blendedbychris: what does lspci -nn report?
<twb> (pastebin it)
<twb> If you have a working precise VM, try comparing its lspci -nn output.  Compare their kernel versions (uname -a).  Compare their lsmod output.
<twb> Compare their dmesgs, ip a / ip l / ip r output, &c &c
<Thorn> hello
<Thorn> how do I setup a full remote backup of an ubuntu server using rsnapshot? it appears that I need to grant root privileges to the user that rsnapshot connects with over ssh
<twb> Thorn: that is correct
<twb> Unless you want to run rsync without ssh, which would be very stupid
<Thorn> that still sounds like a security risk
<twb> Thorn: well it's going to have a copy of all the data the target machine had anyway
<twb> So if the rsnapshot host is compromised you're mostly screwed anyway
<twb> Anyway, what you CAN do is passphraseless SSH key + /usr/share/doc/rsync/examples/rrsync.gz in the forced command
<Thorn> in this case it's the rsnapshot host that will keep backups of a VPS (which is obviously accessible from the net)
<Thorn> I don't think it's possible to selectively disable password auth in openssh?
<twb> AllowRoot without-password
<twb> But you should not allow passwords at all in any case
<twb> Nor should the root account *have* a password
<Thorn> I mean, disable password and leave key auth
<twb> Yes, of course you can do that
<twb> PasswordAuthentication no
<Thorn> that would disable it for all users
<twb> OK there are two things you might be asking for, and I have given you both.
<twb> If it's still not clear read sshd_config(5) and the default config file's comments
<Thorn> sorry, I didn't phrase it correctly. I was asking about disabling password auth for a particular user only
<Thorn> doesn't appear to be possible
<andol> Thorn: See the Match directive
<twb> or if that particular user is root, see above
<Thorn> Match is nice
<Thorn> okay, thanks much for help. looks like it's working.
<RoyK> http://biebian.sourceforge.net/
<thys> hi, I'm trying to update my 9.10 to 10.04 to get the LTS
<thys> so I typed sudo apt-get install update-manager-core
<thys> it got 404, failed to fetch
<twb> 9.10 is end-of-lifed, so you need to change your sources.list
<twb> I forget where the EOL stuff lives
<popey> !eol
<ubottu> End-Of-Life is the time when security updates and support for an Ubuntu release stop, see https://wiki.ubuntu.com/Releases for more information. Looking to upgrade from an EOL release? See https://help.ubuntu.com/community/EOLUpgrades
<twb> Good thinking.
<eutheria> i've got a weird issues using sssd to cache users from my ldap server
<eutheria> i change to a local users, ie su - irc -s /bin/bash when i log out i get the message su: User not known to the underlying authentication module
<eutheria> the log looks like http://pastie.org/4000576
<eutheria> however local users aren't affected when sssd isn't running
<eutheria> this has only started happened after upgrading from 11.10 to 12.04
<brainysmurf> I'm getting "No such object" on ldapadd command. But I"m pretty sure I added the base correctly...
<thys> so I'm getting ssh: connect to host warcamp.no-ip.org port 22: Connection refused after I upgraded to 10.04
<greppy> thys: is sshd running?
<thys> cant say, no access
<thys> its on a serverfarm
<Tm_T> thys: my basic rule is "make sure you have ssh installed before reboot"
<Tm_T> but, it's quite possible that it just failed to boot
<ikonia> brainysmurf: do an ldap query
<thys> well, here is a site www.hallandstorget.se
<ikonia> brainysmurf: confirm you can query the directory
<ikonia> brainysmurf: then look at adding
<Tm_T> thys: yes, rest could work just fine, just not ssh
 * Tm_T is currently planning a trip to a server hall to find out what happened to one server that doesn't have ssh responing while everything else seems to work
<Tm_T> ...after an upgrade (:
<thys> fml
<thys> so I might be planning a trip as well now. what should I do once I get there? or what should I tell someone to check or do?
<Tm_T> I would start by checking ssh is installed, running, and responging in localhost, then checking if it responds to external connection
<Tm_T> syslog and friends checked, ofcourse
<Thorn> thys: can you ping your server?
<thys> yes
<brainysmurf> ikonia I can query the directory successfully but I am trying to add
<brainysmurf> ikonia Do you mean add something else than what I'm already trying to add?
<ikonia> brainysmurf: ok, so that's the good news, you do have a running directory service up and searchable
<brainysmurf> ikonia: Bad news though is that I don't know how to add any users
<ikonia> brainysmurf: ok, are you following a guide/document, using a tool etc
<brainysmurf> I'm using https://help.ubuntu.com/10.04/serverguide/openldap-server.html and at populating the directory stage
<brainysmurf> Hmmm, following command returns "no such object":
<brainysmurf> ldapsearch -z 0 -b "o=ssis-suzhou.net" -D "cn=admin,dc=ssis-suzhou,dc=net" -W "(objectclass=*)"
<zul> good morning
<ikonia> brainysmurf: sorry I was just away, let me catch up now
<thys> Im about to get billed by my hostingservice for logging in.. I only have a vague idea of what to tell him to type in to check why ssh is not working on the internet
<thys> I was thinking pstree .. and looking for ssh
<ikonia> ps -ef | grep ssh
<ikonia> is that running yes/no
<ikonia> step 2 "sudo service ssh start" - what is the error
<ikonia> step 3 . ps -ef | grep ssh - is it now running
<brainysmurf> THanks ikonia, I got it working on my own. I just needed to add a ou=people entry
<ikonia> brainysmurf: ahh, well done
<smoser> erichammond, i owe jbrown some work.
<zul> smoser: you owe alot of things
<smoser> i owe, i owe, its off to work i go
<Captain_Proton> need some help with postfix. When I receive a email via smtp it passes to spamassion then it reject for some reason. here is a pastbin of it http://pastebin.com/3k8tDQfF
<Captain_Proton> I found the problem anyone know how to fix this : Starting amavisd: Error in config file "/etc/amavis/conf.d/05-domain_id": Insecure directory in $ENV{PATH} while running with -T switch at /etc/amavis/conf.d/05-domain_id line 7.
<ikonia> Captain_Proton: please don't cross-post the same question in multiple ubuntu channels
<Captain_Proton> ikonia, sorry I know.. You got me :)
<ikonia> Captain_Proton: not a problem
<patdk-wk> and unless you manually used sa-learn, you would have had to turn on autolearn
<Captain_Proton> ikonia, figure it out bug post https://bugs.launchpad.net/ubuntu/+source/amavisd-new/+bug/251377 my /usr/local was set to 777
<uvirtbot> Launchpad bug 251377 in amavisd-new "Problems with amavisd-new: cannot start the service" [Low,Invalid]
<Captain_Proton> :)
<jcastro> adam_g: where you looking for me the other day?
<jcastro> also, if you or jamespage could look at this: http://askubuntu.com/questions/141552/creating-volume-group-in-nova-volume-juju-charm
<jamespage> jcastro, mm - I don't think the openstack charms work with the local provider - might be wrong
<trond-> hi room. I am trying to install samba4 on a fresh 12.04 server, but I am getting permission denied when it is about to configure. install is done as root.
<smoser> roaksoax, https://bugs.launchpad.net/ubuntu/+source/keepalived/+bug/160426
<uvirtbot> Launchpad bug 160426 in keepalived "keepalived using genhash keeps getting "zombied" and using CPU to a 100%" [Undecided,New]
<smoser> could you take a quick look at the most recent comment on there. it looks like someone reproduced on 10.04, possibly has a workaround/fix. you were last to look at that (recently re-opened) bug.
<roaksoax> smoser: sure
<jamespage> smoser: ping
<smoser> here.
<smoser> jamespage, ^
<smoser> also, random question, as i'm triaging
<smoser>  https://bugs.launchpad.net/ubuntu/+source/rabbitmq-server/+bug/968722
<uvirtbot> Launchpad bug 968722 in rabbitmq-server "/usr/sbin missing some wrappers for plugins/env" [Low,New]
<smoser> i would suggest that that bug is "triaged"
<jamespage> smoser, agreed - if whomever wants to deal with that bug decides that its not required then they can 'Won't fix' it
<jamespage> smoser, ping was re tracking of bugs for 12.04.1 for the server package set
<smoser> ok.
<jamespage> smoser: zul hacked the SRU report to focus on precise - http://people.canonical.com/~chucks/SRUTracker/reports/precise.html
<jamespage> I'd like to progress that further so that we can use it both in the weekly team meeting to keep driving 12.04.1 forwards in terms of fixing and verification
<jamespage> and to use for us to support updates in the 12.04.1 bi-weekly meeting
<zul> people use stuff that i write? scarey!
<smoser> jamespage, so you want separate sections that show things that are targetted to a milestone?
<jamespage> smoser, I think that would be good
<jamespage> that would allow us to see potential targets for 12.04.1 much easier
<jamespage> smoser: let me spec something up in the next day or so and see if we can make it really useful
<jamespage> smoser: in the meantime getting the team to target SRU candidates to 12.04.1 would be a good first step
<smoser> jamespage, is there a class of things that should not be targetted to 12.04.1 ?
<smoser> ie, things that should be SRU'd (targetted to distribution), but not immediately targetted to 12.04.1.
<jamespage> smoser, hmm - probably not
<smoser> other htan things that might not for some reason be able to make that milestone
<jamespage> I guess the working assumption is that its 12.04.1 unless
<jamespage> a) its know to be a different target date
<jamespage> actually I think thats it
<smoser> roaksoax, http://askubuntu.com/questions/130772/how-do-i-modify-the-pxe-config-in-maas
<smoser> is that right?
<smoser> you can't change that? or did you just chose to not mention /etc/cobbler/settings for non future-proofness.
<roaksoax> smoser:he wants to edit the kernel args passed to a node and since we are getting rid of cobbler, I didn't mention anything about the commands
<roaksoax> smoser: we don't really need to modify /etc/cobbler/settings
<smoser> well... if you were trying to hide cobbler , then you should not have mentioned editing /var/lib/tftpboot necessarily.
<roaksoax> smoser: my main point wasn't really to hide cobbler, but give the shortest path to modify the kernel args
<roaksoax> smoser: doing with 'sudo cobbler' means first having to find out the system node name
<roaksoax> and then passing the args
<roaksoax> having to edit the pxe file directly, is much faster
<smoser> in the case where it is just this specifric node that needs fixing, yes.
<smoser> but he already knew he could edit the file :)
<roaksoax> smoser: right.
<roaksoax> smoser: well... you can provide your approach to the answer :)
<smoser> well, i was thinking more generically he wanted to add parameters
<jonathangf> good evening
<roaksoax> smoser: yeah, well ultimately the ability to add parameters should go into maas
<jonathangf> hi again, good evening
<ea1het> good evening
<ea1het> anyone with experience in KVM who can help me?
<ea1het> anyone in the channel with experience with KVM (kernel virtual machine)
<ea1het> ??
<ikonia> you're going to have to be patient
<ea1het> :)
<ea1het> at least there is someone here in
<ea1het> :)
<ea1het> thanks
<ea1het> for answering, i mean
<ikonia> no problem
<ikonia> ea1het: try to keep your questions to one channel though please rather than cross-posting the same question in other ubuntu channels
<ikonia> ea1het: work out the best one for your needs, and query that one if possible.
<ea1het> i will keep here in... no problem...
<ikonia> cool, thanks
<ea1het> you're welcome...
<ea1het> :)
<smoser> lynxman, you wanting to do rabbitmq merge?
<smoser> https://bugs.launchpad.net/ubuntu/+source/rabbitmq-server/+bug/1004373
<uvirtbot> Launchpad bug 1004373 in rabbitmq-server "Please sync rabbitmq-server 2.8.2 from Debian" [Medium,Triaged]
<lynxman> smoser: sounds like a plan :)
<smoser> can you upload that, lynxman ?
<smoser> if not, i can review (and i can review even if you can upload)
<lynxman> smoser: nope, it'll need to be sponsored, but I can do a branch merge request
<lynxman> smoser: even if I could I'd be happy to have your review :)
<smoser> or unhappy
<ikonia> ea1het: I'm finishing off some stuff at the moment, if you are around when I'm done I'll try to help you with kvm
<lynxman> smoser: unhappy and smoser don't go in the same phrase
<ea1het> ikonia: good...
<ea1het> i'm waiting the queue... :)
<lynxman> smoser: 21 conflicts encountered <-- it'll take a while to merge :)
<smoser> lynxman, right. we have a fairly large delta.
<lynxman> smoser: yes we do
<smoser> ideally, anything we are carrying would have a debian bug also unless it truely is ubuntu specific
<lynxman> smoser: I'll do my best to merge and then try to contact the debian maintainer if that's okay
<smoser> great.
<roaksoax> lynxman: is this rabbitmq merge?
<lynxman> roaksoax: indeed
<lynxman> roaksoax: we merged all the plugin packages into the rabbitmq-server package (since it was pretty much there), that plus other supercool stuff that SpamapS added make the big delta
<roaksoax> lynxman: i was working on it (was using grab-merge.sh instead because bzr wouldn't cooperate), and most of the conflicts are simple to resolve, and IIRC some of them are simply to take debian's version
<lynxman> roaksoax: ah sorry, smoser just asked me to merge :) let me know if I can be of any help
<roaksoax> lynxman: go for it :) I was working on it last week but didn't finish... :)
<lynxman> roaksoax: ah cool, will continue then!
<lynxman> roaksoax: thanks
<smoser> ugh. sorry, roaksoax lynxman for adding confusion
<lynxman> smoser: hey no problemo at all
<roaksoax> smoser: no worries
<roaksoax> :)
<greppy> grrrrr
<greppy> ( doh, wrong channel )
<ea1het> ikonia: are you still here ?
<JonEdney> Anyone aware of any server monitoring software?  I'm looking for something to monitor processes, and to be able to set certain limits, that will create an email.
<greppy> JonEdney: take a look at xymon/hobbit
<ea1het> ikonia: are you still here ?
<jonconley> JonEdney: #zabbix
<JonEdney> I was looking at Zabbix last night, but couldn't for the life of me get it installed on my server, so I decided to keep looking.
<JonEdney> Maybe I'll give it another shot today.
<rockets> What's the difference, in a cron, between 0 9,12,15,18,21 * * * and * 9,12,15,18,21 * * *
<rockets> Does the second run every minute of all of those hours?
<Pici> rockets: yes.
<rockets> Pici, thanks.
<jonconley> JonEdney: where were you running into issues?
<JonEdney> I"m relatively new still to Linux, i don't recall exactly, I may have just not given myself enough time.
<smoser> JonEdney, well, when you figure it out, you can "charm" it for juju
<smoser> bug 972328
<uvirtbot> Launchpad bug 972328 in charms "Charm Needed: Zabbix" [Undecided,New] https://launchpad.net/bugs/972328
<jamespage> JonEdney, the server guide references a few monitoring solutions - https://help.ubuntu.com/12.04/serverguide/monitoring.html
<JonEdney> I found a web-based monitoring system that isn't free, but if you have 1-2 servers, they monitor for free.  Anyone heard of  CopperEgg?
<jmedina> Hi there,
<jmedina> I'm doing a research for integratin live migration in a virtual enviroment with KVM and ubuntu 12.04
<jmedina> I like to use a iSCSI SAN with at least 6TB
<jmedina> do you know or have experience with something like this?
<jmedina> any model you could recomend?
<freesbie> jmedina: depends on your iops need and budget really :)
<jmedina> freesbie: actually we dont have those numbers, I want to compare features and price
<freesbie> jmedina: iops is pretty damn important if youre gonna virtualize, unless its just storagemachines youre putting on it (which is a bit stupid) :)
<jmedina> freesbie: I know, I just learning how to get those numbers, I hope I can get those numbers in the next weeks
<jmedina> freesbie: any recomendation?, I have read a little about sysstat
<freesbie> jmedina: you could easily build your own iscsi machine with ubuntu and use drbd to replicate to another machine. or you could go with the commercial ones, lefthand, hitachi, equallogic etc
<jmedina> freesbie: yeap, I already built one using ubuntu server drdb+lvm and iscsi, but this customer is a big corporation and they want something "enterprise" with commercial support
<jmedina> I just convince them to use KVM instead of VMWARE
<freesbie> jmedina: depends on the utilization of your existing physical harddrives, and how much you want to pay to be able to give the same max iops or you expect 50% utilisation and so forth ..
<jmedina> freesbie: they are all underutilized with sata discs, it is a small site, actually 12 vms
<freesbie> ive been using hitachi and emc on fibrechannel with vmware on top earlier at the places ive worked. where im now im thinking about buying lefthand and using KVM
<freesbie> try this site to calculate your iops http://www.wmarow.com/strcalc/
<jmedina> vmware it is really expennsive for this small proyect, 3 times
<jmedina> freesbie: thanks, I was about to ask for a tool like that :)
<jmedina> freesbie: thanks for your time :)
<freesbie> jmedina: yw
<jamespage> SpamapS, around - seems we need to discuss ceph?
<SpamapS> jamespage: probably yes. :)
<jamespage> SpamapS, have time now?
<SpamapS> jamespage: I'm in the middle of a conversation.. hopefully will be resolved soon.
<jamespage> SpamapS, sure - ping me when you are done
<Zanzacar> does anyone have any recommendations on pci raid controllers? I have no idea what to even look for.
<rockets> Anybody know any decent alternatives to logcheck?
<rockets> It doesn't appear to be maintained
<ea1het> hi good night
<ea1het> anyone here to talk?
<mgw> e1het: about what?
<ea1het> mgw: hi, thanks for answer. I would like to know.... i guess the utility of LVM for the further use of a KVM-based hypervisor
<ea1het> i don't know if you understand...
<jmedina> rockets: I use ossec
<never2far> can someone explain me why is _U and not U_ ...since the failed device is the second from the list ...or U and _ is counted alphabetically ?! ...so here are the lines from /proc/mdstat
<never2far> md1 : active raid1 sdb3[2] sda3[0](F)
<never2far>       7157752 blocks super 1.1 [2/1] [_U]
<never2far>       bitmap: 1/1 pages [4KB], 65536KB chunk
<never2far> or in this example(from wiki.kernel.org)
<never2far> md0 : active raid5 sda1[0] sdd1[2] sdb1[1]
<never2far>      1465151808 blocks level 5, 64k chunk, algorithm 2 [4/3] [UUU_]
<never2far> what device is down ? maybe sdc1 ...but how can i determine this from the staus of [UUU_] ?!
<grendal-prime> is there a way to set the exit status of a script to 0 even though its not 0
<colon_D> exit 0
<smw_> grendal-prime, in what context?
<SpamapS> jamespage: here now, tho time is limited. :)
<stgraber> SpamapS: do you think you can review the lxc SRU this week? I know it has a long changelog and the diff isn't exactly short so it seems to have scared most SRU reviewers this week, but I'd really like to see it hit proposed soonish (as I already have the next batch of fixes stacking here).
<SpamapS> stgraber: I've spent > 8 hours doing SRU's this week
<SpamapS> stgraber: I will try to get to it.
<iToast> Can i get help wiuth the server installer --_
<iToast> -_-*
<stgraber> SpamapS: thanks and thanks again for all the work on the SRU queue this week, good to see it fit on a single page again!
<iToast> so...
<iToast> Can I get help...
<iToast> Who ever made the server 10.4 installer forgot people will USB boot every here and there....
<iToast> It wants me to mount a non existent cd-rom.
<iToast> How do i make it goto the usb its booted from
<ScottK> iToast: Does it work with 12.04?
<iToast> ScottK: Thats like throwing a match into a gas tanker, no.
<ScottK> Not really.
<ScottK> A lot of bugs got fixed between 10.04 and 12.04.
<ScottK> Unless there's a reason you really, really need 10.04, I'd try the newer release.
<freesbie> scottk: new bugs have also been introduced, so maybe thats a reason to stick with the older and still supported release :)
<ScottK> The general trend is, IME, towards better.  Particularly in the installer.
<ScottK> Two years ago, booting USB was much less common than it is now, so it got a lot broader testing and more attention during 12.04 development than it would have for 10.04.
<ScottK> I have a vague recollection of a specific bug like that which I know isn't around anymore.
<ea1het> can anyone explain me the MaaS concept ??
<freesbie> well, ive never had any troubles booting 10.04 from usb .. only had troubles with unsupported raidcontrollers ..
<ScottK> I can't recall what release I had it on.
<RoyK> ScottK: I never choose a x.x release for a server, better wait for x.x.1 ;) that's also the reason do-release-upgrade won't upgrade 10.04 to 12.04 until 12.04.1 ;)
<RoyK> ea1het: basically similar control over hardware as that over virtual machines
<ScottK> RoyK: The upgrade bit has more to do with testing the LTS to LTS upgrade path than anything about new installs.
<ScottK> I didn't upgrade my 10.04 servers yet, but if I was doing a new install, I'd do 12.04.
<RoyK> doesn't matter, x.x.1 is, im my experience, far better tested, which is rather logial
<RoyK> or logical
<ea1het> RoyK: Maas = PaaS  ????
<RoyK> meaning: If I'm to install a file server or something I *need* to keep stable, I'd use 10.04 for now, and perhaps another year.
<ScottK> No.
<ScottK> https://wiki.ubuntu.com/ServerTeam/MAAS
 * RoyK greets good night and is off for some hourzzzz
<ea1het> ScottK: i was right there reading.. but i don't see it clear....
<ScottK> Honestly I don't either.
<ea1het> hehehehehe
<ihashacks> MaaS: setup MaaS "master", PXE boot a bunch of physical servers which will launch Ubuntu installer, join said servers to the MaaS, those servers then shutdown and wait for the master to summon them for some kind of deployment
<ihashacks> MaaS + Juju is a neat example of a provisioning method
<ihashacks> instead of "gimme a VM with foo service on it", you get, "gimme a physical server with foo service on it"
<ihashacks> then one of your MaaS nodes gets wake-on-lan'ed, says "yes sir" and starts setting up foo service on it
<ihashacks> MaaS is likely useless if you're a small shop with relatively few physical servers but probably awesome if you have a large purchase of racked equipment you need to bring online in a pinch.
<grendal-prime> smw
<grendal-prime> soooo i have this script.  It gathers some info and then sends off a radius packet using radclient..problem is the radius server never responds (which is OK)
<grendal-prime> but the script (its a openvpn client connect script exits with a 1 and then the opevpn server will not let the client connect.
<SpamapS> ihashacks: MaaS is also intended to be useful for the case where you have just a few servers. What about it do you think would make it inadequate for that case?
<SpamapS> stgraber: hey are you here? I am looking at the LXC upload to precise-proposed.. only one question.
<SpamapS> stgraber: there is one change which I can't find a bug for.. its minor, but "Make sure /etc/resolv.conf is valid before running any apt command."
<SpamapS> ahh, no actual report, I see that now in the changelog
<SpamapS> well it looks like somethign that would work as an SRU
<ihashacks> SpamapS: perhaps s/useless/less usefull/
<ihashacks> SpamapS: If MaaS is designed to provision servers in a sleeping state unti you WoL them, and you only have a couple of servers to begin with, then you have servers that only sit there until you summon them from MaaS ...
<ihashacks> ...unless I'm missing a valid use case here?
<SpamapS> stgraber: n/m .. it all looks good. Thanks!
<SpamapS> ihashacks: thats such a tiny piece of what i does :)
<SpamapS> s/ i / it /
<SpamapS> ihashacks: just automating that bit is useful with a few servers if you are going to test deploying something over and over.
<ihashacks> SpamapS: touchee
<ihashacks> SpamapS: I suppose I was thinking more post-testing, in-production - why, if you only have a few physical servers to begin with, would you have them off, waiting to be summoned by MaaS?
<ihashacks> That is definitely a use case I did not think about.
<SpamapS> ihashacks: well if you only EVER plan to have those few servers, why have any automation at all? :) MaaS should make it easier to grow.
<ihashacks> perhaps I should have said, "MaaS is likely less usefull if you're a small shop with relatively few physical servers and will likely always have said limited amount of physical hardware to deploy."
<ihashacks> ;-)
<SpamapS> ihashacks: said shop is likely a boring shop to work in. ;)
<SpamapS> unless its like, a circus.. or maybe a gun range... nothing but laughs in a gun range.
<txomon|home> has anyone used cobbler here?
<txomon|home> I am trying to add ubuntu distros to the cobbler installation, but I don't succeed in adding the netboot files (I don't want to mount/import CDs, as I have all in a mirror)
#ubuntu-server 2012-06-01
<harushimo> I didn't get chance to install my gui
<harushimo> I was wondering what is a good light weight gui
<harushimo> I was debating between openbox or fluxbox
<stgraber> SpamapS: thanks!
<techquila> hi all.. can someone offer any solution to this problem for me please: http://ubuntuforums.org/showthread.php?t=1990842
<harushimo> someone told me two good sites for maas
<harushimo> what was it
<twb> !log
<ubottu> Official channel logs can be found at http://irclogs.ubuntu.com/ . LoCo channels are now logged there too; for older LoCo channel logs, see http://logs.ubuntu-eu.org/freenode/
<harushimo> !maas
<bigjools> maas.ubuntu.com
<Fidelix> Hello. I'm having a serious problem here on my server. My USB drive is not appearing, and dmesg has this: usb 3-1: new full speed USB device number 5 using ohci_hcd
<Fidelix> Then: usb 3-1: device descriptor read/8, error -110
<Fidelix> Can someone, PLEASE, help me fix this? I tried to reboot the server twice. One with "init 6" and another one with shutdown -r now
<lifeless> does the drive work on a different machine?
<Fidelix> lifeless, I don't know. I can't try it in another machine, it's all remote
<lifeless> the symtpoms you are reporting make me thing 'hardware failure'
<Fidelix> lifeless, you mean, physical damage?
<Fidelix> It was working normally before
<Fidelix> Then I was rsync'ing over 1TB of files, and in 60% it suddenly stopped
<lifeless> yes, physical issue
<lifeless> its failing to read from the drive, I believe
<twb> Try plugging it back in?
<Fidelix> twb, and how do I do that?
<Fidelix> I have no physical access to it
<twb> Call the NOC monkey
<JoeCoder> I'm using openssl as part of an installation script, but I can't find a way to make it unattended.
<JoeCoder> in generating X.509 certs, it always asks me for country, city, etc.
<twb> JoeCoder: because you need to mash your head on the keyboard to generate entropy?
<twb> Oh that.  Just use certtool, it's much easier to get the hang of
<JoeCoder> nope;  Im actually not sure where it's getting entropy from
<JoeCoder> oh, thanks.  I'll take a look
<twb> JoeCoder: it gets it from headdesking
<JoeCoder> in 12.04, it doesn't ask me for any entropy.
<twb> Seriously I built some live PXE images of ubuntu, and they would hang during boot until you mashed the keyboard spastically
<twb> because something during boot was generating keys (maybe SSH) and there was no entropy on the freshly booted system
<twb> EPIC symptoms
<JoeCoder> I don't really know what I'm doing or what the various crt, .pem, etc. files do (but I understand the concepts of private key cryptography), and openssl is already working well, so I'm nervous about switching.
<JoeCoder> the tutorial I'm using has me making about 7 different files.
<twb> The file extension doesn't really matter
<twb> Are you familiar with how key-based auth works in SSH, or in GPG?
<JoeCoder> I understand that the client is given a public key, it encrypts the message, and the server uses the private key to decrypt it.
<twb> http://paste.debian.net/172286/ are some notes I made early on when learning TLS
<JoeCoder> I'm using startssl as an authority
<JoeCoder> ok, I follow your notes, but I don't understand why I need 7 different key files
<JoeCoder> http://lowtek.ca/roo/2012/ubuntu-apache2-trusted-ssl-certificate-from-startssl/ is the tutorial I used.
<JoeCoder> openssl gives me 2 files, I give one to startssl, and it gives me back 3 in return.
<JoeCoder> then 2 more files are created by concatenating those first 5 together in various ways.
<JoeCoder> startssl gives me ssl.crt, sub.class1.server.ca.pem, and ca.pem
<JoeCoder> oh well, this is a side-rant and isn't as important.
<JoeCoder> I'll take a  look at certtool
<JoeCoder> if that fails, is there a general tool I can use to provide input to programs that ask questions?
<JoeCoder> since I don't know what I'm doing, and openssl is already worknig well, that would be a faster route for me.
<twb> Well there is always a private key and a public key.
<twb> In TLS the public key is usually embedded in the cert
<twb> A CA cert is a key signed by itself.  verisign et al keys are special only because people include them in their default trust list.
<JoeCoder> that's part of the browser.
<twb> When you want someone to sign your key, you give them a Certificate Signing Request (CSR).  That is basically your public key plus a note that says "please sign this"
<JoeCoder> yep, I give the .csr file from openssl to startssl
<JoeCoder> but I didn't know what csr stood for
<twb> They take that and their the CA private key, and sign your public key and send you back a cert
<twb> So in total, you should have a private key, a CSR and a cert, and they should have a private key and a CA cert.  Note sure how you get to 7 files.
<JoeCoder> startssl gives me ssl.crt.  But they also give me sub.class1.server.ca.pem and ca.pem
<JoeCoder> so what are those .pem files?
<patdk-lap> well, the csr is really just a temp file
<JoeCoder> yeah
<patdk-lap> you need all those
<patdk-lap> you have your certificate, but you also need that certificate chain
<patdk-lap> without that chain, a user can't trace back the trust path, back to the root certificate they trust
<JoeCoder> those two pem files are concatenated together into the chain file.
<JoeCoder> and that's given to apache as part of the SSLCertificateChainFile configuration setting.
<patdk-lap> yep
<patdk-lap> the ca.pem and sub*.pem
<patdk-lap> you can check it's all good using: http://www.networking4all.com/en/support/tools/site+check/
<JoeCoder> oh good.  I had just been loading it up in chrome.
<JoeCoder> yes, it likes it!
<patdk-lap> ya, using a webbrowser isn't good to check the chain
<patdk-lap> cause the browsers cache it
<twb> PEM is the encoding format, more or less like base64 or gzip
<patdk-lap> well, pem is base64 der
<twb> openssl s_client -CApath /etc/ssl/certs/ -connect epoxy:443 <<<QUIT   # debug SSL
<twb> gnutls-cli -s --crlf <hostname> -p <port>                    # Raw SSL connection using GNUTLS
<twb> openssl s_client -crlf -quiet -connect <hostname>:<port>     # Raw SSL connection using OpenSSL
<twb> ...those might help re testing
<patdk-lap> ya, if you understand the ssl specs :)
<JoeCoder> any advantage to those over networking4all ?
<patdk-lap> you can look at more info
<patdk-lap> oscp stapling, and other fun things :)
<patdk-lap> ssl session resume
<twb> I have no idea what "networking4all" is
<patdk-lap> the url I posted
<JoeCoder> yes
<twb> Oh
<twb> Sorry it had scrolle doffscreen :-)
<patdk-lap> https://www.ssllabs.com/ssltest/index.html
<patdk-lap> is an interesting one
<twb> patdk-lap: I guess I never ran into the chain thing because I operate my own CA
<patdk-lap> though I don't agree much with it's *scoring*
<patdk-lap> twb, you run a very flat CA then
<patdk-lap> you don't use sub-ca's?
<twb> Yes, one CA and then all the per-host keys
<patdk-lap> ya, that is plain evil, but no chain needed
<twb> Why is it evil?
<patdk-lap> cause your CA is basically online all the time to sign stuff, and always exposed
<patdk-lap> your should make your CA cert, and sign sub-CA's with it
<patdk-lap> then you only have to invalidate one sub if it's compromised
<twb> Why would it have to be online?
<JoeCoder> what does PEM stand for?
<twb> I could be doing it on an airgapped host
<twb> JoeCoder: portable encoding message or something.  Ask wikipedia
<patdk-lap> twb, airgapped in a vault?
<patdk-lap> airgapped isn't secure
<patdk-lap> it's just internet secure :)
<JoeCoder> http://acronyms.thefreedictionary.com/PEM
<JoeCoder> wasn't sure which one :)
<twb> patdk-lap: you said "basically online all the time"
<twb> I don't see how my hierarchy implies that
<patdk-lap> online == installed on a computer
<patdk-lap> offline it, stored in a vault
<twb> I could be doing that now
<twb> As it happens I'm not, but I *could* do it
<twb> Just take it out once every twelve months or so when I provision a new host
<twb> Or rather, when the old certs expire :-)
<patdk-lap> I'm just stuck to this, based on all security principles, and DOD rules
<JoeCoder> hm, certtool asks a lot more questions when generating a certificate request.
<twb> AFAICT in practice x509 is screwed /a priori/ in its common usage in browsers
<JoeCoder> and it would only accept empty string for the domain name question
<twb> But sure I would probably do what you suggest if I could be arsed.
<twb> JoeCoder: you can supply those answers in a pre-written answer file, as described in certtool's info manual
<JoeCoder> I had expected so; I'm still at the point of figuring out how to answer them
<patdk-lap> twb, ya, it's a pain after the fact, not hard if you think about it when you do it
<patdk-lap> I feel like I waste 2gb microsd cards
<twb> Well in practice I could probably do it in half an hour.  I only have about 20 certs
<patdk-lap> have hundreds of them
<patdk-lap> many of them with just one cert on them
<ScottK> patdk-lap: Or use an old laptop that doesn't get turned on except for this and fits in the safe.
<JoeCoder> https://gist.github.com/2848539
<twb> ScottK: until one day it doesn't turn on anymore :P
<JoeCoder> the unindented questions are the ones I'm not sure about
<patdk-lap> never liked that idea much
<ScottK> twb: Sure.  Make a backup.
<twb> I'm not even bothering to make a CSR, I just exploit the fact that the provisioning host can see inside all the containers
<patdk-lap> but ya, we do one onsite and one offsite
<JoeCoder> the dnsName question on line 8 would only accept an empty string.  I specified the domain name for Common name.
<twb> Realistically I'm using TLS for wire encryption, not for x509 trust hierarchy
<patdk-lap> twb, that is fine, if you don't bother to trust two you connect to :)
<patdk-lap> or you setup static trust
<twb> Well sadly some of it is built on DNS and I'm not doing dnssec yet
<JoeCoder> Is there a tool I can use to supply arguments to a command line program that asks questions?  This would be much faster than figuring out certtool.
<ScottK> For the hierarchy to work you have to assume the entire CA chain is secure and that's sadly often not the case.
<JoeCoder> and it would be useful in the future
<twb> And e.g. for wifi my attempts to use EAP-TLS fell down because hostapd doesn't implement a working CRL
<twb> It would be nice to have all that stuff working but there are lower-hanging fruit IME re security, like "stop using PPTP" or "stop using PHP"
<patdk-lap> never attempted eap-tls
<patdk-lap> it was too imature back last I played with eap
<twb> patdk-lap: what's REALLY stupid is that EAP-TLS is the only WPA Enterprise that's required for WiFi Alliance certification... but x360 and printers don't support it, and n900 doesn't support it without replacing its wifi manager, and iphones don't support it without deploying a configuration management server, and ....
<twb> Not to mention all the users whinging because you force them to generate a key and a CSR
<patdk-lap> yep
<twb> So what I am doing at the moment, which sucks, is to use WPA2 PSK with a per-MAC PSK list
<twb> i.e. if you want wifi you tell me your MAC, I generate it a PSK and I add that pair to hostapd.
<twb> Your client side just sees ordinary PSK and so everything Just Works
<twb> But I can still, at least theoretically, revoke individual users' access
<twb> JoeCoder: FYI here is an answer file I used with certtool: http://paste.debian.net/172288/
<JoeCoder> those don't match the questions I'm asked:  https://gist.github.com/2848539
<JoeCoder> such as the uid, and it won't let me specify anything besides empty string for the domain name.
<JoeCoder> is there a way to make openssl unattended?  a generic command line tool that will let me provide answers to programs that ask questions?  It seems like I've used something like that before, but I can't remember the name.
<twb> JoeCoder: they do correspond, it's just not obvious from the long question vs. answer string
<twb> e.g. signing_key = Will the certificate be used for signing (DHE and RSA-EXPORT ciphersuites)?
<JoeCoder> ah, ok
<JoeCoder> and it's ok to leave the dnsName blank?
<twb> That depends on the client
<JoeCoder> well, it won't let me specify one.
<twb> IME all clients will believe you're you if DNS matches the dn, but some will also allow it if your DNS matches the dnsName
<JoeCoder> no matter what I type, it keeps asking the same question until I enter empty string.
<twb> JoeCoder: that's because you can have >1 dnsname
<JoeCoder> ah, ok
<twb> What that is for is, suppose you have a webserver called www.example.net but it also serves webmail.example.net and arthur.example.net
<patdk-lap> cn?
<patdk-lap> common name is the default
<twb> So you have a dn of www.exampl.net, but also a dnsName for the other two
<patdk-lap> unless you enable subjectalt, then dnsname overrides
<JoeCoder> how do I pass a config file to certtools?
<twb> Er, sorry, I think I mean cn not dn
<twb> Too much LDAP :-/
<patdk-lap> ya, and funny certificates use ldap type syntax too
<JoeCoder> I'm primarily a developer, which is why I'm so confused about system administration.
<JoeCoder> --template=
<twb> patdk-lap: do not talk to me about zimbra
<obelus> Hey - I'm trying to get a local ubuntu mirror onto a machine that's behind a proxy, and download limits prevent it from mirroring the archive itself; I was thinking that I could mirror the archive with rsync or apt-mirror from home and transfer it via a portable hard drive, and use apt-mirror to update it after it's on the target machine.
<obelus> Is this possible? And is there a bettter way to do it?
<rbasak> obelus: that should work fine. debmirror can help you mirror a subset which might help too.
<obelus> rbasak: the idea is to mirror all the packages that we'll need. I'm happy to do the full ~380GB, my only issue would be at the other end, is it enough to move it to the correct folder for apt-mirror and run the update command for it to pick up and use it as a base?
<obelus> rbasak: looking up debmirror atm, it seems that it downloads for given architectures and releases, is that correct? Isn't that what apt-mirror does anyway?
<rbasak> obelus: I'm not familiar enough with the different tools to answer your question, sorry. I'm pretty sure that most tools don't care about where the destination is providing that you move everything across identically - they should be able to resume from that point fine.
<obelus> rbasak: Thanks for your help :) I'll be starting mirroring it on Monday afternoon when I get the hard drive. That'll be a long download before I know if it's going to work properly at the other end though ;p
<_ruben> the stuff you mirror using debmirror is usualy made available through a webserver so your (other) machines can you it is an (alternative) repo
<twb> Or NFS
<twb> Here is a debmirror wrapper script I use: http://paste.debian.net/172318/
<twb> IIRC ubuntu main, one arch, one release, no sources, is only a few tens of GB
<obelus> _ruben, twb: The plan is to make it available locally through http as the primary repository for all machines in the LAN
<obelus> I want to grab amd64 and i386 for both current and lts versions (atm, only 12.04 because it's both)
<obelus> All packages, extras, universe, multiverse, etc. And a few other 3rd party package archives.
<twb> obelus: I'm not stopping you
<obelus> twb: O.o I know. I just thought I'd mention it.
<_ruben> I mirror gutsy-precise, i386+amd64, binary+source, main+universe+multiverse+restricted .. only close to 700G ;)
<obelus> Holyshit. I don't need that much lol
<ikonia> easy on the language please.
<obelus> Just precise for me. I'm not quite sure at this point how to mirror only amd64 and i386 with apt-mirror, or if I'll have to use debmirror, but I have a bit of time before I need to work that out
<obelus> ikonia: Sorry, I forgot that there's strict language rules in here, I'll be good.
<_ruben> !info apt-mirror
<ubottu> apt-mirror (source: apt-mirror): APT sources mirroring tool. In component universe, is optional. Version 0.4.8-5 (precise), package size 13 kB, installed size 101 kB
<ikonia> obelus: not a problem at all
<_ruben> iirc apt-mirror only downloads what it's clients request and then cache it, unless i'm mixing stuff up
<_ruben> debmirror mirrors a complete pocket
<obelus> I use apt-mirror currently to archive the google-chrome repositories
<_ruben> been meaning to ditch debmirror in favor of plain rsync, but i dont think old-releases.ubuntu.com offers rsync access
<obelus> I'd use rsync completely but I haven't been able to make rsync work through the HTTP auth proxy that the server's behind
<_ruben> rsync wont let you sync just precise
<obelus> Oh, no use then ;p I don't want EVERY release
<obelus> I'd be happy with getting 10.04 and 12.04, as some people still like 10.04 there, and one server hasn't been upgraded yet
<obelus> But I don't want all of them
<lambda_engineer> hi there, got a question on bonding and vlans
<twb> obelus: FYI, my metrics (cf. my script posted earlier): http://paste.debian.net/172324/
<obelus> What's included in that ubuntu folder? I mean, is that the one release and arch or more than one?
<twb> 17:42 <twb> Here is a debmirror wrapper script I use: http://paste.debian.net/172318/
<lambda_engineer> I tried to outline the bonding-vlan problem here: http://pastebin.com/T6cK8xfQ
<lambda_engineer> anyone up for some help ;)
<twb> lambda_engineer: sorry, I'm too drunk to deal with that right now
<obelus> twb: Ah, okay. That's really good that all that fits in 180gb.
<obelus> I might make a debmirror script to do the mirror I'm doing. looks easy to customise one.
<lambda_engineer> twb: bad for me, probably so else here can deal with it?=
<obelus> lambda_engineer: Never tried using vlans on Ubuntu, so sorry, not really sure. I've only done vlans on cisco hardware.
<twb> obelus: given I'm tracking 3ÃLTS releases and 2Ãarches, it's probably reasonable to expect to fit one release into, say, a bit over one sixth of that. Say about 40G.
<ikonia> lambda_engineer: https://bugs.launchpad.net/ubuntu/+source/ifupdown/+bug/352384
<uvirtbot> Launchpad bug 352384 in ifupdown "can not add vlans to a bond network device" [Undecided,Fix released]
<ikonia> lambda_engineer: there is a a similar issue raised on Fedora 8 instances.
<ikonia> lambda_engineer: it appears to be a limitation of how the bond is formed.
<obelus> I'm planning for 1 or 2 releases with 2 arches. Would it be okay if I use your script and modify it to limit it down a lot?
<twb> IIRC there are several kinds of bonding, does it affect all of them?
<twb> obelus: I don't care, go nuts
<obelus> twb: thans :)
<obelus> thanks*
<ikonia> lambda_engineer: the suggestion in the ubuntu bug report should resolve your issue, although RedHat seem to be phasing in over a LONG period of time a more technical solution
<twb> obelus: talk to #bash re scripting if necessary
<obelus> twb: Thanks, but I should be fine to modify this. I'm pretty used to bash scripting
<obelus> Is main/debian-installer for network installs?
<twb> Yes
<twb> It's for PXE installing
<twb> If you have a CD installer that's >>20MB in size, you can ignore it
<obelus> Awesome, thanks. My plan is to mirror releases too, so I can have a set of CDs (desktop, alternate, server) for i386 and amd64 and update from there.
<twb> You can just build the CDs from the mirror using jigdo
<twb> Well, maybe not the desktop one
<obelus> twb: ... I should have thought of that, I've used it before. But yeah, I'll need to take copies of the desktop ones. Server/alternate will be good with jigdo though. One problem is, does debmirror only get the latest version of the packages? Because I think the jigdo templates need the same version that was available at their release
<twb> When a release is released, it's contents doesn't change
<twb> New versions go into the -updates or so repo
<obelus> twb: Ah, right. Thanks.
<twb> (There are a few exceptions, e.g. IIUC sun-java was actively removed from releases because Oracle are so douche-y)
<twb> But yeah I just use PXE installs and don't bother with a CD at all.
<lambda_engineer> ikonia: thx a lot
<twb> You can build the desktop versions in theory using live-build but I wouldn't want to guarantee it'll behave the same as the ones ubuntu orll
<twb> *roll
<obelus> twb: I can't really use network boot because I don't control the DHCP server, and the server that's going to hold the mirror is going to be moving to a different subnet soon anyway. Ubuntu also doesn't provide the tiny netinstall images anymore do they?
<twb> Yes they do.
<twb> http://cyber.com.au/~twb/.bin/twb-d-i has links
<twb> If you grovel around near those links, there are USB-HDD and CD versions as well as the PXE versions I am wgetting
<twb> Also re DHCP server, you only really need the DHCP server to send the filename and next-server options, and you can host the TFTP server on another IP
<obelus> twb: I know, but the person that administers the DHCP server isn't going to set that. I'm pretty sure he'd rather that not every computer tries to boot into an ubuntu installer
<twb> Fair enough
<twb> Also obviously PXE can present a menu and timeout to booting off the local media...
<obelus> Yep, but that's not going to be agreeable, I don't think. Although I'd like that idea very much.
<obelus> I'll ask, but I think the answer will be no.
<lambda_engineer> ikonia: seems like this is not my problem, this problem is only on top of bonding with LACP/802.3ad
<lambda_engineer> ikonia: even when i do all the settings they supplied and worked for them... they don't in my case... still the error in /var/log/syslog
<twb> You can also tell pxelinux to skip the menu based on MAC or IP address or IP network
<lambda_engineer> sooo still a problem with vlans on bonded interface: http://pastebin.com/T6cK8xfQ
<lynxman> morning o/
<twb> obelus: http://cyber.com.au/~twb/tmp/tmp.png
<twb> For extra sexiness, that's a serial port on a headless router.
<obelus> twb: Looks great, but the problem is that the area that we'll be using the server in is a network lab, things are reinstalled constantly, and the person that runs the network lab rathers booting via ghost CDs to do network installs, and really doesn't like ubuntu. From experience, he's not going to change the settings to set our ubuntu server as the primary boot device for the entire netlab.
<obelus> Though, I will set it up so it's possible and propose it, just in case he does.
<twb> I understand.  The point was to make you go "wow cool" so you can show him and have him go "hmph, maybe it is worth a demo"
<twb> ghost is pretty sucky by comparison
<obelus> ;p I'm convinced it's awesome. And yeah, but the reason he uses it is that he deploys windows, freebsd and other stuff through it, with preinstalled apps and customisations.
<obelus> And the multicast is helpful when we're doing it to several PCs at once.
<_ruben> twb: what do you use for the menu stuff ?
<twb> multicast doesn't actually save any bandwidth if you're on a flat switched network
<twb> I checked because I am deploying IPTV to a 600 seat prison in the next 18 months
<twb> (Over, btw, netbooting lucid desktops)
<twb> _ruben: that's just pxelinux 4.xx menu.c32
<twb> _ruben: there is vesamenu.c32 but it 1) requires vesa; and 2) is fugly
<_ruben> twb: ah .. the stuff i never to got around to dive into
<_ruben> (as with many things)
<_ruben> syntax seemed rather odd to me
<_ruben> been ages since i looked into it tho
<twb> The syntax used in the boot CDs is the ugly old way
<_ruben> care to share yours? :)
<twb> http://paste.debian.net/172326/
<obelus> Multicast does help though with the disk i/o on the server when it's sending 7gb images ;o
<twb> The 01-* stuff is a custom PXE-booting OS for extra extra sexy.
<twb> obelus: hm, good point
<twb> obelus: but if your OS needs 7 flipping GB it is about 36 times too big
<obelus> He has custom builds of FreeBSD on there that are pretty big.
<obelus> That and the Windows images. Those are only about 4gb for the Win7 ones with compression though.
<twb> obelus: http://paste.debian.net/172327/
<twb> obelus: he clearly sucks at saving space
<obelus> Hah, yes. Compared to that, most people do. We do need stuff on it that's a bit bigger than 71mb though. But 7gb is excessive.
<_ruben> twb: that looks way cleaner than i seem to recall
<twb> The host that OS is for, has "only" 512MB RAM and since I'm copying the entire OS into RAM over TFTP I riced the size down a bit
<rbasak> lambda_engineer: my understanding of the newest docs is that you should no longer define bond_slaves or auto on bond0
<_ruben> auto generating stuff like this does make sense, given the numerous repetitions
<_ruben> twb: the "live" menu entries are dummies right? failing to see where it'd actually boot into a live os
<twb> rbasak: hmm, http://paste.debian.net/172329/ is a bond I'm using, but no tagging
<twb> _ruben: they worked until I deleted the backend files
<rbasak> twb: it has changed: http://bazaar.launchpad.net/~ubuntu-branches/ubuntu/precise/ifenslave-2.6/precise/view/head:/debian/README.Debian
<twb> rbasak: OK.  My paste is from lucid
<_ruben> twb: ok, then i'm not misinterpreting things :)
<twb> Oh yes the live *menus* are autobuilt and they can't find any files to add to them
<twb> I was thinking of the two "awesome" entries in default file
<_ruben> ah
<lambda_engineer> rbasak: which documentation are you talking about? this one: https://help.ubuntu.com/12.04/index.html ??
<rbasak> lambda_engineer: /usr/share/doc/ifenslave I think. You can see it online here: http://bazaar.launchpad.net/~ubuntu-branches/ubuntu/precise/ifenslave-2.6/precise/view/head:/debian/README.Debian
<lambda_engineer> rbasak: arghtzzpftsss...problem solved... actually i missed the line "auto bond0", just retyped it because i'm on the machine with video redirection, so no copy-paste
<lambda_engineer> rbasak: thx
<rbasak> np
<bau-> hi all, how can I add ssl on my ubuntu server?
<andol> bau-: For what daemon/service?
<bau-> andol, I need to run a fb app on my server
<mattcen> Hi all. I'm tearing my hair out trying to work out why my Ubuntu 10.04 i386 install isn't showing libvirt-bin as available in the repo, when I know it's there. Anybody got any ideas? I suspect it's user error, but have no idea where to look.
<mattcen> Nevermind. Looks like my package cache was corrupt... or something :S. All good now
<ea1het_sleep> morning
<ea1het> i need help in terms of filesystems
<ea1het> anyone can help
<ikonia> ea1het: in what respect
<ea1het> the doubt: best filesystem to hold virtual machines
<ikonia> ea1het: apologies for missing you last night
<ea1het> no worries ;)
<ikonia> ea1het: well, it depends on a lot of things, but there ins't really a "best"
<ikonia> ea1het: just use what meets your needs
<ikonia> ea1het: what do you want to use ?
<ea1het> KVM to hold 5 VM.... aprox. size per VM 10Gb each
<ea1het> and another filesystem to hold ISO images
<ikonia> ok, what file system do you want to use ?
<_ruben> give each vm its own lvm lv .. no need to deal with stacking fs's
<ikonia> is there a reason you're doubting just using ext4 or something like that ?
<ea1het> yes... the doubt is about the posibility to use or not LVM
<ikonia> ok, lvm is not a file system
<ea1het> yes...a volume manager
<ea1het> on top of that... i thought XFS.... or EXT4
<ikonia> so you are not asking about file systems, you're asking if you should use a volume manager ?
<ikonia> ea1het: do you have a need for lvm ?
<ea1het> ikonia: in fact... i want to ask for both :)
<ea1het> i'm a big doubt myself :)
<ikonia> ea1het: why do you think you'll need/want lvm ?
<ea1het> i think my VM will not raise over 10Gb
<ikonia> the size of the VM is not really relevent
<ea1het> i think.... i mean... sure 100% i'm not
<ikonia> the size of the file system that holds your VM's is
<ikonia> ea1het: where are you storing your VM's eg: /mnt ?
<ea1het> ok ,let me explain my idea... very quick
<ea1het> yes
<ikonia> ea1het: do you have a disk you're going to mount ?
<ikonia> or a partition ?
<ea1het> a dedicated /mount-point for VM, yes
<ea1het> a partition
<ea1het> it's better to have a disk itself?
<ikonia> just one partition  ?
<ikonia> it doesn't matter a disk or a partition
<ikonia> ea1het: why not keep it simple, put a partition /mnt
<ikonia> then just put two directories under it "images" and "media"
<ikonia> then store virtual machines in "images" and install/data media in medai
<ea1het> right now this is the situation: /vm --> the VM store  && /images --> the ISO images to install from
<ea1het> each one is a partition
<ikonia> ea1het: ok, so they are hanging off your root file system partition correct ?
<ikonia> ah, so each one has a partition that's mount correct ?
<ea1het> yes
<ea1het> yes
<ikonia> ok, so what's the current problem ? what do you want to change and why ?
<ea1het> Q1: The introduction of LVM will allow me to be more flexible in terms of filesystems and/or volumes ?
<ikonia> ea1het: yes and no
<ikonia> it will allow you to resize volumes based on how much storage is in the volume group
<ikonia> ea1het: keep in mind if you put a 100G partition on /vm (for example) and you only use 5 machines at 10GB each, do you need to dynamically resize the /vm volume ?
<ikonia> or are you very tight on space ?
<ea1het> nice situation... close to reality... i'm asking because my current server has 2 HDD but, but, it can admit up to 8. I thought using LVM below the FS i can add and resize my /vm partition and increase its size....
<ea1het> just in case my VM store raise...
<ea1het> and... not... by now... not 250Gb on /vm and 5 x 10GB VM's
<ea1het> not so tight
<ikonia> you can use lvm in that way sure, but it's up to you if you want to
<ea1het> i never used before LVM. What is the administration learning curve for someone it never used LVM ?
<ikonia> to do what you want, not much to be honest
<ikonia> but I wouldn't say do it unless you have a genuine need for it (in your opinion)
<ea1het> To be honest i just want to have the whole picture in mind. My expected raise ratio is 1:7 (Hypervisor : VM's)
<ea1het> More than that... i'm not sure... so right now... with my actual VM's i'm plenty of free space....
<ea1het> but want to be ready to dimensionate if necessary
<ea1het> Q2: My actual FS probably is not the best for large files. What is the best FS in terms of large files like VM's ?
<ikonia> ea1het: unless you've got a problem why not just use ext4
<koolhead11> hi all
<ea1het> hi koolhead11
<koolhead11> hi ea1het
<ea1het> ikonia: is it the best? have support for large files?
<ea1het> I heard about XFS but i'm not sure... i don't know it
<ikonia> ea1het: define larger files ?
<ea1het> large files las virtual machines
<ea1het> sorry
<ikonia> ea1het: that's not a file size
<ea1het> large files like virtual machines
<ikonia> ea1het: have you actually tried ext4 ?
<ikonia> ea1het: virtual machines is not a size, how big are you defining as "big"
<ea1het> various GB
<ikonia> ea1het: various GB......come on
<ikonia> how big do you call big
<ea1het> in general terms probably some TB but i'm only focussing on VM's
<ikonia> ea1het: what ????
<ikonia> ea1het: in your example - what is the size that you consider a big size
<ikonia> this is not a hard question
<ikonia> how big do you call a "big file"
<ea1het> i understand you think EXT4 is nice in order to operate with 10Gb files
<ea1het> a 10Gb file is "nice" enough
<ikonia> ea1het: ok, so 10GB files are what you are calling as "big"
<ea1het> in my case 10Gb might be the mid-point
<ikonia> ea1het: I don't see you having any problems with multiple 10GB files using ext4
<ea1het> ikonia: what do you understand for large files?
<ea1het> just to learn, not kidding
<ikonia> 100G +
<ikonia> 50+ would be a "large file"
<ikonia> 5 x 10G files is not a "large file"
<ikonia> (for my view)
<ea1het> i think i won't face such kind of large files. In case of a 100Gb large file... EXT4 keep on being your main option?
<ikonia> to be honest, just use ext4 unless you actually have a problem
<ikonia> which I can't see you having a problem
<ea1het> Q3: is there any incompatibility in terms of FS selection having in mind a NFS export would be used?
<ikonia> no
<ea1het> EXT4 fs exported over NFS--> OK?
<ikonia> fine
<ea1het> good!
<ea1het> last one
<ea1het> the difficult... (for me)
<ea1het> Q4: KVM -> Move VM over a NFS export using a cross-over cable (1Gb or 10Gb Eth) between 2 servers  ----> Will run? Reliable?
<Jeeves_> I've not tested that for a while
<ikonia> not really
<Jeeves_> It didn't work for me two years ago (using iscsi)
<ikonia> I wouldn't suggest running vm's on an network mounted file system
<Jeeves_> The machine would migrate, and then crash
<patdk-wk> wouldn't that highly depend on the kvm host machine to transparently do that move?
<patdk-wk> why not use some kind of clustering filesystem?
<patdk-wk> then put your vm's on top of that
<patdk-wk> something like gfs, glusterfs, ...
<Jeeves_> Because that would be slow?
<ikonia> even then running them on a network file system is not good
<patdk-wk> Jeeves_, slower than running the vm over a network anyways?
<Jeeves_> Yes, and less reliable (imho)
<patdk-wk> I haven't done that, just know many people doing it for email mainly
<patdk-wk> I do use iscsi and nfs like nuts for vm's though
<patdk-wk> and they run speedy
<ikonia> patdk-wk: you run your kvm hosted vm's on NFS mounts ?
<patdk-wk> currently I run all my vm's over fc or iscsi
<patdk-wk> I only use nfs for mounting like iso's and things for the vm's
<ikonia> ok, so no NFS mounts
<patdk-wk> I know hundreds of people doing nfs though, cause they say iscsi is not stable for them
<patdk-wk> atleast for me, I found iscsi to be more stable than nfs
<ea1het> here is a cost-effective situation men
<patdk-wk> probably all depends on exact software versions and hardware
<ikonia> I just can't see NFS on a remote host being network mounted on a kvm host to run a virtual machines root disk as "good"
<patdk-wk> now, none of them dares to attempt using nfs for vm's, except using 10g network
<ea1het> ikonia: so your best cost-effective option would be a iSCSI, right?
<patdk-wk> ikonia, it's a very common vmware config
<ikonia> ea1het: again, depends on cost effective, I use local disks on a raid card or a fibre card attatched to an array
<patdk-wk> depends on the design goals, local is always going be faster
<ikonia> patdk-wk: I've never seen it run well on VMware, NFS mounted root disks
<ikonia> I've never seen NFS be acceptable let alone "faster"
<patdk-wk> nfs mounted root disks?
<ikonia> yes
<ikonia> (for vm root disks I mean)
<patdk-wk> it all depends on your workloads really
<patdk-wk> nfs can be good, or it can defently get in the way
<ikonia> nfs is good, I don't believe it's effective for running vm root disks
<patdk-wk> well, I personally didn't find it good
<patdk-wk> but based on all the people I talked to, that are scaled much larger than me
<patdk-wk> they had no issues
<patdk-wk> so I don't discount it
<patdk-wk> actually, vmware using nfs ontop of netapp was ok
<patdk-wk> if the netapp was speced better, I probably would still be doing that
<ea1het> we have to understand NFS is much less expensive that any iSCSI implementation... and much much more than any SAN...
<patdk-wk> hmm? I find nfs and iscsi to be the same price
<patdk-wk> unless your getting an iscsi san
<ea1het> patdk-wk: what kind of iSCSI implementation do you do?
<patdk-wk> I am very iscsi heavy here though, moved lots of workstations, to diskless iscsi backed systems now
<patdk-wk> well, I started with iet, but that didn't last long, played with scst some
<patdk-wk> but have settled with openindiana now, iscsi + multipath works great
<ea1het> any link i can follow to learn a bit?
<patdk-wk> looks like LIO is coming along nicely
<ea1het> LIO?
<patdk-wk> it's suppost to replace all the target stacks in linux
<_ruben> patdk-wk: what was your main reason(s) to move from scst to openindiana?
<patdk-wk> well, mainly cause of the nfs stuff I needed
<patdk-wk> and I needed snapshots of it
<_ruben> ah
<patdk-wk> and I needed some way to back it up, other than filecopy
<patdk-wk> the fact it did iscsi was just a side benifit at the time
<patdk-wk> on that system, all my vm's, about 20 of them, use about 200gigs of space, and hardly and iops at all, but nfs load in insane
<patdk-wk> but that was my first openindiana test case
<patdk-wk> on the system next to me now, it is only used for iscsi, and has high iops
<_ruben> low iops due to zfs cache?
<patdk-wk> low iops due to, the vm's never read/write anything ever
<patdk-wk> all processing is done via nfs
<patdk-wk> webservers/mailservers/...
<patdk-wk> once they start, they don't produce disk activity, except for the content that is nfs mounted
<patdk-wk> it's centeral logging, so no log diski/o
<_ruben> oh right
<patdk-wk> it's kind of funny though
<patdk-wk> my openindiana system peeks at 8k iops using nfs there
<patdk-wk> another system, using fc backed san, peeks at 4k iops
<patdk-wk> the openindiana system has 20disks, the san has 74 disks
<_ruben> heh
<patdk-wk> just the san maxs out at a few gigs of ram, so the cache is pretty much useless
<patdk-wk> whereas the opendiana system cache just scales better, cause I can scale it
<patdk-wk> 4k iops is maxed out on those 74disks in raid10
<patdk-wk> where as 1k iops would max out my 20disks
<patdk-wk> or maybe it was around 1.5k
<_ruben> i looked at nexenta(stor) ages ago .. did seem interesting .. tho adding solaris based stuff to our mix is not something i'm fond of .. cow-orkers have enough trouble already dealing with linux :p
<patdk-wk> I haven't touch nexenta, though I hear it's debian like
<patdk-wk> I think I have a good grip on solaris now, only started last sept
<_ruben> i'll likely be sticking with scst for now .. unless i can find really compelling reasons to go nexenta/openindana/etc
<patdk-wk> is LIO too unstable yet?
<_ruben> haven't given that any attention yet really
<patdk-wk> it looked promising, but was not really even beta when I started
<_ruben> hmm .. enterprise edition has vaai support
<_ruben> of lio that is
<patdk-wk> ya, I didn't even know lio wasn't fully opensource till today and saw that
<patdk-wk> kind of makes me wonder why that would be the offical linux kernel one, unless they changed their minds again
<jsmith-argotec> I'm confused about some changes that seemed to happen to logging when I upgraded from 10.04 to 12.04
<jsmith-argotec> nothing is getting logged in /var/log/messages or daemon or others any longer
<jsmith-argotec> and (coincidently??) logwatch doesn't report half of the items it used to before the upgrade..
<jsmith-argotec> everything seems to be only in syslog
<jsmith-argotec> anyone know if this is something by design that I missed in the release notes or something?
<_ruben> i can't find anything about the enterprise edition... :p
<patdk-wk> looks like it's been renamed TCM
<ea1het> what FS is used on openindiana? ZFS?
<patdk-wk> heh, looks more like, it's getting along very badly, even though they managed to get it shoved into the kernel
<patdk-wk> yep
<ea1het> what are Zones?
<patdk-wk> kind of like lxc
<genk1> hello all I have just installed a new Ubuntu server station, my only problem is that I can't made my NIC up
<genk1> when I do : ifconfig -a I got only the lo interface information
<genk1> what are steps to follow to make this card working ?
<genk1> thank you
<ea1het> look in /etc/network/interfaces
<genk1> ea1het only lo is configured there
<ea1het> and do a dmesg to see if you os recognized the board
<_ruben> patdk-wk: seems openindiana hasn't seen a stable release yet, that's a shame
<patdk-wk> depends on what you call stable
<patdk-wk> it feels good, in server mode
<patdk-wk> there are issues in desktop mode still
<_ruben> they label it themselves as being development releases
<patdk-wk> yep
<_ruben> then again, that doesn't alway mean all tha tmuch
<patdk-wk> I feel they are like me, it will always have bugs
<_ruben> hehe
<patdk-wk> at what point do you label it *stable*
 * patdk-wk notes the *stable* crapsan that keeps crashing he has to deal with
<_ruben> :P
<_ruben> well .. features (dis)apearing every other (dev) release is not somethign i'd like for instance ;)
<patdk-wk> personally, only had oi faul up once, and once I took time to figure out what was going on, instead of panic during the emergancy
<streulma> hello, my system boots and stops after scripts/init-bottom
<patdk-wk> it was a known issue, and over sysadmin stimulas
<patdk-wk> streulma, has to help you, we can't look at your screen and see why it stopped
<patdk-wk> though normally it's cause it failed to mount root
<_ruben> or any other mountpoint listed (as auto) in fstab
<patdk-wk> ruben, no
<patdk-wk> that would come after root started
<patdk-wk> fstab isn't *mounted* yet in initrd
<streulma> patdk-wk: fstab is fine
 * patdk-wk notes he never blamed fstab
<_ruben> i had one box halt at that point (iirc), and / was just fine .. was a mdadm volume with data that caused issues
<patdk-wk> ya, mdadm mounts in inittab
<patdk-wk> initrd that is
<streulma> what to check ?
<patdk-wk> the error messages?
<streulma> var log boot.log ?
<patdk-wk> stuff doesn't just go wrong, without yelling
<_ruben> tho i really needa reinstall that box .. it boots into initrd .. and boots on just fine after hitting ctrl-d .. and `halt` wont power down the box either (since upgrade to precise)
<_ruben> now that i think of it, the power down issue i also have on vms
<patdk-wk> hmm, not sure I tested poweroff yet on precise
<patdk-wk> I'm just annoyed with the lucid->precise grub fail
<_ruben> EDIT: After further testing, "halt -p", "shutdown -h now", and "poweroff" all correctly power-off the machine but "halt" (without parameters) does not. However, in Ubuntu 10.04, "halt" did power-off the machine. Is this simply a difference between the two versions of Ubuntu?
<_ruben> should try that
<JanC> might be unclean FS/raid because you stopped the machine with the "big red button"  ;)
<_ruben> havent had any grub issues with upgrades
<streulma> XServ, failed to open listener for inet6
<patdk-wk> _ruben, I only have with vmware so far
<patdk-wk> every single vmware guest fails to upgrade grub
<patdk-wk> there is a bug about it, fix might exist too, but hasn't been pushed anywhere usable
<_ruben> i think i upgraded a few vms from lucid to precies without issues
<patdk-wk> did you do a fresh install of lucid on them?
<_ruben> both upgrades and cleans i think
<_ruben> havent upgraded many boxes to precise just yet, so i might just got lucky not running into it
<patdk-wk> oh ya, I also had a fun e1000 driver issue
<patdk-wk> I have done a few test upgrades
<patdk-wk> mainly to check my stuff, but waiting for .1 for any real upgrades
<patdk-wk> https://bugzilla.redhat.com/show_bug.cgi?id=754589
<uvirtbot> patdk-wk: Error: Could not parse XML returned by bugzilla.redhat.com: HTTP Error 404: Not Found
<patdk-wk> I have that issue with precise
<patdk-wk> on real hardware, not a vm
<patdk-wk> both problem 1 and 2
<streulma> plymouth stop terminated with status 1
<streulma> can plymouth ntpd disabled ?
 * _ruben tries to open bugreport
<streulma> patdk-wk: filesystem is mounted read-only
<patdk-wk> it normally should be at that point
<streulma> patdk-wk: no errors on disk
<patdk-wk> anything from dmesg?
<streulma> profile replace mtpd
<streulma> ntpd is not installed anymore...
<stgraber> gary_poster: thanks for testing the SRU
<hallyn> zul: do you have any objections to my pushing http://people.canonical.com/~serge/libvirt.debdiff ?
<jamespage> hallyn, stupid question time - does ipxe support ARM architectures or is it just for x86?
<zul> hallyn: checking
<hallyn> jamespage: no idea.  lynxman might know
<jhobbs> no ipxe for arm
<jamespage> :-(
<hallyn> I can look through the source in a bit otherwise and check
<hallyn> there you go :)
<jamespage> thanks jhobbs
<jamespage> allenap, ^^
<zul> hallyn: nope
<hallyn> arm does uboot right, does it not even do pxe at all?
<hallyn> zul: thanks (gonna test a bit more first)
<jhobbs> uboot has pxelinux like support
<jamespage> hallyn, kinda - I think it implements a subset
<jhobbs> yeah, a subset of what pxelinux does, plus the normal dhcp parts of pxe
<hallyn> jamespage: this is for maas?
<zul> jamespage:  always assume arm is weird and does things non-standard
<jamespage> hallyn, yes
<gary_poster> welcome stgraber.  thanks for the huge improvements
<streulma> patdk-wk kernel-panic it is
<lynxman> jamespage: afaict it's only x86
<lynxman> jamespage: at least the assembler parts are
<streulma> patdk-wk: he don't update the logs
<hallyn> zul: well this is odd.  dpkg -x libvirt-bin*.deb x shows x/etc/dnsmasq.d/libvirt-bin is there, but dpkg -i libvirt-bin*.deb does not create that file
<zul> hallyn: hmm?
<zul> zul: bug in your debian/rules perhaps
<hallyn> hm, maybe dpkg was trying to be too smart.  i had installed dnsmasq after installing that libvirt-bin.  maybe dnsmasq deleted it, and then after that dpkg -r thought i had manually deleted it?
<stgraber> hallyn: it looks like lxc nesting recently broke on 12.04, looking at it now
<hallyn> stgraber: and that's with your custom policy?
<stgraber> hallyn: yes
<stgraber> hallyn: lxc fails to install in the container because of apparmor, then once forced, it refuses to start, still because of it being unable to load apparmor profiles
<hallyn> stgraber: we don't still drop CAP_MAC_ADMIN from policy do we?
<hallyn> in config that is
<stgraber> hallyn: weird, can't reproduce on my laptop (also on 12.04)
<hallyn> exact same kernel version?
<stgraber> yeah, 3.2.0-24-generic on both
<stgraber> diffing the apparmor profiles and lxc configs now
<stgraber> hallyn: oh, and I just found a nasty bug in the SRU currently in -proposed ... lxc.devttydir isn't set properly
<stgraber> hallyn: I'll fix in quantal and upload a fix to -proposed, at least we should just loose a day of testing, so not too bad
<hallyn> stgraber: not set properly how?  what is it doing?
<hallyn> (I"ll add a test to test suite if testable)
<stgraber> hallyn: basically the logic is wrong, it's setting lxc.devttydir = lxc for releases that do NOT have /etc/init/container-detect.conf
<stgraber> hallyn: that's a regression in quantal that was SRUed to precise :(
<hallyn> ah!  i see
<stgraber> hallyn: http://paste.ubuntu.com/1018119/
<hallyn> i thought all the '$release = precise' checks were out of the template :)  drat
<hallyn> btw i may email dlezcano soon to ask him about the lxc api.  i'm wondering whether he'd prefer to have a long-running daemon (like libvirt).  I assume not, but if he did it would require some changes
<stgraber> hallyn: did you forward 0083-ubuntu-simplify-template yet? otherwise I'll simply patch the patch in quantal too
<stgraber> hallyn: hallyn all the "release = <something>" checks are gone, it's now checking for presence of /etc/init/container-detect.conf instead (that patch I linked before clearly removes the release = check and replaces it with the init job check)
<hallyn> i thought i had but i don't see it
<hallyn> stgraber: well yes that patch did, which would have meant that the check was still there before that patch :)  got it now
<stgraber> hallyn: do you mind me simply patching the patch then?
<hallyn> sure
<stgraber> hallyn: wrt lxc api, I certainly hope we won't run an lxc daemon, but talking to daniel about the API is certainly a very good idea, we shouldn't start doing that kind of work in upstream's back :)
<hallyn> yup
<hallyn> for now i've only started with the most rudamentary functions (create and free in-memory container image; and locking) with testing.  Unfortunately, I get mysterious segvs from libc :)
<hallyn> I think sem_post is messing with me, tbh
<stgraber> hallyn: fix uploaded to quantal and new sru in -proposed, hopefully it'll be approved soon, so users running with -proposed will stop creating containers that will fail to upgrade (main consequence of not having lxc.devttydir)
<hallyn> stgraber: I should've asked you if you thought yo'ud be pushing anything before pushing -ubuntu3 to q two hours ago :)
<hallyn> or, :(
<hallyn> -ubuntu76, here we come
<stgraber> hallyn: oh, and I think I found the reason for my weird apparmor issues with nesting, my template on that host dates back from around precise beta1 :)
<stgraber> SpamapS: if you have a sec, would you mind reviewing the lxc currently in -proposed, it fixes a regression introduced in the previous SRU (I pushed the fix to quantal too), it's a one line change that I believe is "obviously right" :)
<stgraber> SpamapS: (let me know if you're busy with other things and I'll go nag another SRU team member ;) the regression currently produces containers that won't be able to upgrade to 12.10, so even though it's only in -proposed, it's really quite bad)
<hallyn> stgraber: hm, yeah, i'm not getting a console on my containers
<stgraber> hallyn: yeah, I'm kind of surprised nobody saw it during the week it was in quantal...
<hallyn> i need to get my little quantal lab up.  just haven't had time yet.
<soren> bug 1000000
<uvirtbot> Launchpad bug 1000000 in edubuntu "For every bug on Launchpad, 67 iPads are sold." [Wishlist,Triaged] https://launchpad.net/bugs/1000000
<ogra_> lovely
<stgraber> ;)
<soren> Daviey: It works somewhat ^
<Daviey> soren: but new bugs don't show.
<SpamapS> stgraber: accepted
<stgraber> SpamapS: thanks!
<stgraber> hallyn, smoser: http://paste.ubuntu.com/1018196/
<stgraber> just noticed that in a clean lxc container (12.04)
<stgraber> that basically happens when you install lxc in lxc, but the problem is a file conflict between openssl and euca2ools
<stgraber> not sure whether you're aware of it already
<smoser> stgraber, i'm confused.
<smoser> how do i have both openssl and euca2ools installed?
<smoser> (no, i was not aware)
<stgraber> smoser: it seems to only hit when installing both at the same time
<stgraber> smoser: if I run that apt-get again, it succeeds
<smoser> this is strange, no?
<stgraber> oh not, actually it doesn't... running apt-get -f install fixes the situation though
<stgraber> hmm, no, I'm confused ...
<stgraber> I thought it would fix itself, but no, in lxc's case, both being recommends, openssl simply doesn't get installed when running apt-get -f install which "fixes it"
<stgraber> and yeah, my machine also has both installed, but I can't reproduce that on a clean box
<smoser> you got openssl from -updates
<stgraber> smoser: yeah
<smoser> so its a reression at that version maybe?
<stgraber> smoser: anyway, found a way of reproducing both the failing and working scenario
<stgraber> works: install openssl, then install euca2ools
<stgraber> fails: install euca2ools, then install openssl
<smoser> well, stgraber maybe you can help. i'll bow to your packaging knowledge.
<smoser> euca2ools installs that via debian/links
<smoser> its just a link  usr/share/euca2ools/cert-ec2.pem etc/ssl/certs
<smoser> err.. contents of debian/links are:
<smoser>  usr/share/euca2ools/cert-ec2.pem etc/ssl/certs
<smoser> so i really could not care less about the directory itself. it just needs to house a symlink appropriately.
<stgraber> ok, I see what's wrong :)
<stgraber> root@weblive:~# ls -l /etc/ssl
<stgraber> total 0
<stgraber> lrwxrwxrwx 1 root root 33 Mar 22 16:31 certs -> /usr/share/euca2ools/cert-ec2.pem
<stgraber> you're missing a trailing / in your .install
<stgraber> it should be etc/ssl/certs/
<stgraber> otherwise when /etc/ssl/certs/ doesn't exist, it creates a symlink called /etc/ssl/certs pointing to /usr/share/euca2ools/cert-ec2.pem, instead of creating /etc/ssl/certs/ and putting the symlink in it
<stgraber> smoser: ^
<smoser> well, there is nothing in .install
<smoser> you're meaning debian/install?
<smoser> youmeant debian/links
<stgraber> oh, I mean debian/links, yeah
<smoser> which makes sense. yeah.
<smoser> care to open a bug?
<stgraber> sure, will do that after lunch. I'll also test that the fix actually works, looking at dh_link, it's not clear whether it'll create any missing directory or not
<zoski> hello there ! I'm new and i have a question...
<zoski> I run a ubuntu server and i can't find the command to see how much memory is left on my hard disk...
<med_> df -h
<zoski> thank you so much med_ !!
<hdb2> hi everyone! I would like to deploy ubuntu to a number of machines in our small office, but I need the configurations to be consistent. I would prefer not to do that manually. clonezilla is an obvious option, but all my hard drive sizes are different, and I don't care for cloning very much (prefer good configs to OS images). is there some tool/method I can use to accomplish this? I love doing my RTFM, I just need some pointers as to what to look for.  (i
<hdb2>  helps, I'm very familiar with Linux and Debianâ¦I'm not a guru, just not at n00bie level.)
<RoyK> hdb2: perhaps this might help? https://help.ubuntu.com/12.04/installation-guide/i386/automatic-install.html
<hdb2> RoyK wow! on first glance this looks like exactly the kind of pointer I needed.  thank you!
<stgraber> smoser: bug 1007533
<uvirtbot> Launchpad bug 1007533 in euca2ools "euca2ools in precise (probably also quanta) breaks openssl when installed first" [High,In progress] https://launchpad.net/bugs/1007533
<stgraber> smoser: I'm uploading the fix now
<smoser> stgraber, thanks.
<smoser> was it just hte traling /
<stgraber> smoser: nope, it's a tiny bit more complicated, you actually need to give the full path of the target and list /etc/ssl/certs in debian/dirs so that it's created if missing
<stgraber> but yeah, final fix is just a two lines fix :)
<smoser> hm..
<stgraber> smoser: http://paste.ubuntu.com/1018276/
<smoser> stgraber, thank you.
<hallyn> stgraber: it occurs to me we never put any sort of 'create(template="ubuntu",, release="current")' call in the api.
<hallyn> did you think we'd want that?
<ea1het> good evening
<ea1het> anyone who has an adaptec raid controller on a ubuntu server working?
<_ruben> got several of those, never had any issues with it .. the ubuntu+adaptec combo that is .. the adaptecs themselves have proven themselves to not being very trustworthy :/
<_ruben> then again, we dont use supported disks on 'em, which adaptec claims as being part of issues we see, obviously
<stgraber> hallyn: right, I seem to remember us briefly talking about it a while ago. Basically coming to the conclusion that it's a nice to have more than an initial requirement. Though I guess it doesn't hurt to have it in the API design from the beginning.
<stgraber> hallyn: not sure whether it makes sense to have it part of the container struct though, probably makes more sense to have it out of it (similar to list())
<ea1het> _ruben: adaptec model? disk brand?
<ea1het> _ruben: i have in mind adaptec aar-2610sa with seagate 1tb disks
<_ruben> ea1het: 3 and 5 series .. mostly 51245 and 51645 .. seagate desktop disks 1TB
<stgraber> hallyn: so you'd call lxc_create(...) and then get the struct once it's done
<_ruben> ah, the low end stuff
<ea1het> yes :)
<_ruben> no experience with the 2610sa, but we did use similar ones in the past .. tho not in ubuntu boxes i think
<hallyn> stgraber: hm, i still thought it would make sense as part of the container.  So you do c = lxc_container_new('name'); set some settings; then c->create()
<hallyn> stgraber: ok, we don't need to decide that now, i was just wondering.  (writing the email to dlezcano;  cc:ing you)
<ea1het> _ruben: it seems you have experience with Adaptec controllers
<ea1het> do you think the 2610sa is quite poor?
<stgraber> hallyn: yeah, but then we have to decide what happens if you call create() on an existing container and what to do when you call create() before you have any config loaded. So definitely possible but we need to think about exactly what we want there.
<_ruben> ea1het: did you 2410sa or actually 2610sa ?
<_ruben> cant find the 2610sa
<stgraber> hallyn: I can see myself using ->create() on an existing container to replace its rootfs, but that may be a bit confusing to some users ;)
<hallyn> stgraber: agreed we need to decide that :)  agreed we don't need it immediately.
<ea1het> for me seems to be cost-effective and it is for a small raid, for a small project...
<ea1het> let me see.. one sec...
<hallyn> i think i figured it would refuse to run if c->is_defined() returned true
<_ruben> hmm .. it doesnt seem to be on adaptec site, but i do see other sites mentioning it
<hallyn> meaning c->configfile exists
<hallyn> stgraber: and really i figured you would be the one really wanting it for arkose :)
<_ruben> ea1het: we used the 2410sa in some small windows based fileservers .. they did the job ok for the money
<ea1het> under ubuntu?
<hallyn> if we can punt on it, then we can punt on the thought of whether we wrap the lxc-create script or rewrite it all in c.  So I"m happy to delay
<ea1het> ok... under windows... i realized now....
<ea1het> i'm not sure if this board is in the HCL of ubuntu server
<ea1het> ADAPTEC AAR-2410SA/64M S-ATA SATA RAID 0 1 5 10 CONTROLLER
<ea1het> that is the board _ruben
<_ruben> ea1het: ah ok, same we used a few of
<_ruben> ea1het: what will you be using it for?
<stgraber> hallyn: well, arkose doesn't use the templates at all, so I'd effectively never "create" an arkose container. I'd just do abc=container("tmp-name") => write the fstab file to do the overlay magic I need => set the lxc config keys for fstab and rootfs => start/run_command/stop
<ea1het> _ruben: expected to be used for 4Tb mirrored (1Tb+1Tb mirrored to 1Tb+1Tb) for Virtual Machine store and run
<_ruben> ea1het: if you hookup 4 1TB disks, you must realize it has a 2TB max for the raid volume, so raid0 wouldnt work (nor would i even consider it), raid10 would work, raid5 would work if you used one as hotspare
<hallyn> stgraber: ah, ok, cool.  good to know
<_ruben> ea1het: so raid10 i guess?
<ea1het> yup
<ea1het> _ruben: didn't realize before the 2Tb limitation
<_ruben> ea1het: don't expect stellar performance, since it doesn't have the bbu option, enabling write-cache is dangerous .. and without write-cache, performance wouldn't be very good (write performance that is)
<ea1het> _ruben: another controller supporte under ubuntu that would make this job?
<_ruben> ea1het: lsi has very good cards, but they're a bit more expensive than adaptec i think .. and to get write-cache options, entry-level cards aren't an option
<_ruben> ea1het: it really depends on how much disk io you want/need/expect/etc
<_ruben> then again, with just 4 disks, with or without write-cache, performance won't be all that great either way :)
<ea1het> _ruben: to be honest i don't know... the server, an hypervisor (vm host) will run as much as 7 VM at the time....
<_ruben> or actually, i have had several 4 disk raid10 volumes on 5 series adaptecs, and the performance was pretty ok
<_ruben> the number of vms is much less important than how busy each vm is ;)
<ea1het> _ruben: a raid 1 of a raid 5 ???
<ea1het> _ruben: a raid 1 of a raid 0 ???
<_ruben> ea1het: what's the question? :)
<ea1het> _ruben: you said... several 4 disk raid10 volumes on a 5 series adaptecs.....
<ea1het> that is a raid of a raid ?  :o
<_ruben> oh, no .. just multiple seperate raid volumes consistig of 4 disks each :)
<ea1het> ups.... i thought you reinvented the wheel.... :) ... and of course wanted to know how....  :)
<stgraber> hallyn: email looks good, thanks for sending it.
<_ruben> ea1het: these 7 vms, do they exist already or will they be new ones?
<ea1het> _ruben: new ones
<_ruben> ea1het: ok, then determining the iops requirements will be very tricky
<ea1het> _ruben: how can i do it?
<_ruben> tho for just 7 vms, the card might just do the trick .. unless one or more of those vms has very disk intensive tasks
<_ruben> ea1het: making educated guesses is as good as it gets in those cases :)
<ea1het> _ruben: don't know how to query iops ... sorry :(
<_ruben> a vm used to run an irc clients doesnt require any iops at all .. a fileserver used for video editing on the other hand :)
<ea1het> and 1 of the VM will be a Solr repository
<ea1het> (Solr -> documental database)
<_ruben> remember, 4 disks / 7 vms = roughly half the performance of a single disk for each vm
<_ruben> in ideal world
<_ruben> write performance is likely half of that (it needs to write to 2 disks, so it can stripe each write over only 2 disks)
<ea1het> _ruben: so you understand in some cases it is best to write only over 1 disk and use another solution like GFS or DRDB ?
<_ruben> ea1het: no, but spec'ing up a raid volume is far from trivial .. especially when no existing performance data is available
<_ruben> i'd start with this card .. and if it turns out to be slow, start saving for a higher end card and use this card for a simple (future) file server ;)
<_ruben> gotta go now tho, g'luck :)
<ea1het> _ruben: thanks
<hallyn> aahahahaha.  figured out my bug.  malloc(sizeof(s)) instead of malloc(sizeof(*s)).  i told myself years ago not to do that.
<akoumjian> Anyone else using repo supervisord on 12.04?
<SpamapS> jamespage: tsk tsk.. you forgot -v in your merge of erlang from Debian
<roaksoax> SpamapS: so I think that part was taken out from the documentation
<SpamapS> roaksoax: which documentation? I think there are 2 documented ways to do merges
<SpamapS> the merge-o-matic 'grab-merge' way gives you an automatic debuild command to use
<SpamapS> the UDD way, I would suspect, might be the culprit
<roaksoax> SpamapS: so with grab-merge you could still debuild -S -sa, but in the old complete packaging guide it used to say to use debuild -S -vXYZ -sa which doens't anymore
<roaksoax> SpamapS: in UDD, i though there was the command that would generate the changes correctly when it comes to merges
<roaksoax> SpamapS: bzr builddeb -S --package-merge --> (This will add the appropriate -v and -sa)
<SpamapS> roaksoax: right, the UDD one does that right
<SpamapS> roaksoax: so the packaging guide probably took out the -v unintentionally
<SpamapS> roaksoax: with grab-merge I always just use the generated debuild script
<roaksoax> SpamapS: it does
<hallyn> all right, that's much better.  lxcapicore branch fixed, now i just need to move it back to lxcwithapi branch
<jamespage> SpamapS, so I did
<mgw> Hi, is there any reason some server installs would have a sudo group and some not?
<mgw> and osme would have an admin group and some not?
<mgw> (on 12.04)
<RoyK> mgw: afaik that's a small change from lucid to precise
<RoyK> from admin to sudo
<mgw> hmmâ¦ so sudo should totally replace admin?
<guntbert> mgw: the move from admin to sudo group happened from ... , ah what RoyK says
<mgw> ok, so if I'm using ldap, is it safe to have an entry for 'sudo' group in ldap as well?
<mgw> It seems to work
<mgw> getent group shows two entries for 'sudo'
<smoser> SpamapS, https://bugs.launchpad.net/ubuntu/+source/zookeeper/+bug/1007433
<uvirtbot> Launchpad bug 1007433 in zookeeper "zookeeperd not running after installation of zookeeperd" [Medium,In progress]
<smoser> did you test that?
<mgw> and anybody that's in either the local file or in ldap as a ssudo user
<mgw> â¦ will have sudo privs
<smoser> that seems like red herring. as the problem is fix/worked around by first installing the 'zookeeper' package (not zookeeperd). which surely doesn't create or modify that directory path.
<mgw> guntbert: does that sound right?
<mgw> That is, I can have two groups with the same names but different gids?
<guntbert> mgw: I fear there will be conflicts
<mgw> so maybe use a different name for our ldap admin group?
<mgw> it looks like vmbuilder adds the admin group
<SpamapS> smoser: the problem is the dir
<smoser> doesnt make sense.
<SpamapS> smoser: the dir ends up owned by root
<SpamapS> zookeeperd does not run as root
<SpamapS> fail
<smoser> see my comment.
<smoser> (just posted comment 6)
<SpamapS> smoser: I'm not sure that makes any sense though. zookeeper Depends on default-jre-headless
<SpamapS> smoser: so it is already installed and configured at that point
<smoser> look at the apt install log
<smoser> the alternatives get setup at the end.
<SpamapS> by what package?
<smoser> i'm not making this up (i dont think)
<smoser> https://launchpadlibrarian.net/106616529/apt-get-install.log
<SpamapS> I'm reading that
<smoser> i'm certain that it "just works" if you install default-jre-headless in a separate 'apt-get install'
<SpamapS> ah its a trigger
<SpamapS> wait no
<SpamapS> smoser: ok this is weird
<SpamapS> smoser: ok agreed that its a red herring (but must be fixed anyway)
<SpamapS> smoser: does not make *any* sense that dpkg configured default-jre-headless before openjdk-7-jre-headless
<SpamapS> smoser: since default-jre-headless depends on openjdk-7-jre-headless
<SpamapS> I wonder if there is a circular dep there somewhere
<SpamapS> $ apt-cache show ca-certificates-java|grep Depend
<SpamapS> Depends: ca-certificates (>= 20090814), openjdk-6-jre-headless (>= 6b16-1.6.1-2) | java6-runtime-headless, libnss3-1d (>= 3.12.9+ckbi-1.82-0ubuntu3~)
<SpamapS> I wonder if thats going to screw things up
<smoser> jamespage, had said he'd bother doku on monday. but you may be onto something.
<SpamapS> smoser: its the only way I can resolve in my head why dpkg would do things in such a wrong order
<SpamapS> smoser: its the | java6-runtime-headless
<SpamapS> smoser: java6-runtime-headless *is* already set up
<SpamapS> smoser: so, chalk it up to an incomplete transition
<SpamapS> probably anything that does default-jre-headless | *java6* needs to be re-evaluated
<SpamapS> smoser: it may even be that zookeeper doesn't work w/ java7.. testing that now
<smoser> no. dont think so.
<SpamapS> right, looks like it installed 7
<smoser> but that could be it.
<smoser> but i thouht you could start it fine after the fact
<smoser> anyway
<smoser> i'm out for the day
<SpamapS> well maybe I don't understand the bug
<smoser> have a nice weekend all.
<SpamapS> it shows zookeeperd running
<smoser> fresh instance (with no java installed), 'apt-get install zookeeperd'
<smoser> you'll reproduce
<SpamapS> Yeah I'm doing that
<SpamapS> but reproduce "what" ?
<smoser> zookeeperd is not running.
<smoser> status zookeeperd
<smoser> i just terminated my instance.
<smoser> i've got to run'
<smoser> later.
<SpamapS> buhbye
<SpamapS> start-stop-daemon: unable to stat /usr/bin/java (No such file or directory)
<chmac> Quick random question. I've got access to a server for the next ~24 hours, I want to wipe the 2T disks, but /dev/urandom is too slow, and I can't get /dev/frandom to compile, no kernel headers or something.
<chmac> Realistically, short of forensic analysis, `shred -n 0 -z /dev/sda` should do a good job of deleting data, right?
<chmac> I mean, somebody else given the server after us without physical access to it isn't going to be able to recover anything, that's what I'm thinking.
<ikonia> chmac: just write 0's to it
<chmac> ikonia: That's what that command effectively does.
<chmac> ikonia: But with the -v flag, it tells me how far along it is, so I can watch it... :-)
<maco3> i was just using do-release-upgrade to upgrade my server from oneiric to precise. when it got to the part where it updates python, byobu was killed. i can see that dpkg and such are still running, but now i have no way to see their output to answer debconf questions. can i reconnect to that process? or is it safe to kill dpkg and then run dpkg --configure -a?
<maco3> hah, i can actually see that its asking me a question about postgresql right now because the whiptail process shows up when i grep ps for "upgrade"
<maco3> don't know how to answer it though :-/
<pmatulis> maco3: you should be able to reconnect to an ssh daemon
<maco3> pmatulis: i never disconnected from ssh
<maco3> if i try to do "screen -r" it tells me there is no screen to resume, but there is a dead screen instance to be wiped
<pmatulis> ah
<maco3> so i cant figure out how to answer the questions dpkg is trying to ask me so the upgrade can continue
<pmatulis> i don't think you can tbh
<maco3> so kill it and dpkg --configure -a... bleh, that sounds like losing the tweaks do-release-upgrade applies that make it recommended over change-sources.list-and-dist-upgrade
<pmatulis> maco3: i would try the command a second time
<maco3> pmatulis: which command? re-run do-release-upgrade?
<maco3> that gets me "no new release found"
<maco3> thinks im already there i guess
<JanC> you might also need apt-get install -f
<pmatulis> maco3: ah ok
<pmatulis> maco3: but you hit a snag that should be reported, do-release-upgrade should notice byobu is running and provide at least a warning.  dunno, maybe just file a bug against 'update-manager'
<maco3> pmatulis: i'm talking to someone in #ubuntu-devel about it, and we're debating whether its a bug. theoretically you should close all running apps before doing a dist upgrade, but...
<JanC> actually, running an upgrade inside screen is recommended
<JanC> especially when you upgrade remotely
<maco3> mm point
<maco3> because then you can reconnect
<maco3> so screen crapping itself when libs are upgraded is extra bad
<JanC> right, that should neer happen
<JanC> never
#ubuntu-server 2012-06-02
<mgw> using vmbuilder inside a private networkâ¦ should âproxy pointing to my apt-proxy URL be sufficient?
<harushimo> I have maas setup. Is there another site for maas setup?
<harushimo> I don't have the web interface for maas
<pmatulis> harushimo: another one?  what are you after?
<harushimo> I can't get it to add nodes
<harushimo> web interface
<harushimo> I'm not running a gui on the server
<pmatulis> harushimo: what does that have to do with it?  a web server doesn't require a graphical environment
<harushimo> how I access the http? then
<harushimo> https://wiki.ubuntu.com/ServerTeam/MAAS#Create_MAAS_admin_account
<pmatulis> harushimo: the same way you access any web site
<pmatulis> harushimo: what happens when you point your browser to http://your_server_ip_address/MAAS   ?
<harushimo> it keeps reloading
<harushimo> I'm using maas on my virtual machine
<harushimo> I'm guessing that doesn't matter
<harushimo> it does
<harushimo> it doesn't show anything
<harushimo> sorry
<harushimo> it is importing the isos right now
<harushimo> i'm at that step
<harushimo> I'm getting ahead of myself
<harushimo> I just realized I need to change my default gateway
<harushimo> I use the ip address to access my router setup
<harushimo> how long does it take to import isos?
<pmatulis> harushimo: i think it takes 4, all precise, by default.  so not long
<pmatulis> harushimo: and take your time, haste makes waste (Ent saying)
<harushimo> 4 hrs?
<harushimo> I'm guessing that is what it is
<pmatulis> harushimo: no, 4 images
<harushimo> my bad
<harushimo> sorry
<harushimo> how long does 4 images take to download?
<harushimo> i'm guessing that is dependent on the internet connection
<pmatulis> harushimo: bingo
<harushimo> thank you
<harushimo> this is my first time doing maas. I may fail at it
<harushimo> that is okay. I will learn something
<pmatulis> harushimo: well, it's quite new.  it's bound to have bugs.  report back and let me know how it goes
<harushimo> I will definately do that
<harushimo> one thing I'm thinking
<harushimo> please tell me if this isn't a good idea
<harushimo> maas is use for some who has systems background
<harushimo> this is just me saying: Why can maas have front end
<harushimo> the user can click and get it done quite quickly
<harushimo> if it does, I want to know about it
<harushimo> hehe
<harushimo> we can probably stream the process but like you said, it is new
<harushimo> I will definately know about the bugs
<harushimo> if this a bad idea, let me know also
<harushimo> how many machines would need for maas?
<harushimo> I mean ideally
<harushimo> what is the difference between maas & enlightment or just doing an install of ubuntu server and then installing maas after the installation of ubuntu server?
<harushimo> does maas cloud cd have 32 bit?
<harushimo> I have the 64 bit iso
<harushimo> anyone?
<lux`> hi all
<lux`> i've got an urgent problem
<lux`> upgraded my server, screwed up with ip route (which should be only temporany, and reset after reboot), rebooted and can't access anymore to the server via ssh
<lux`> I can access the server in rescue mode and from the syslog mysql and other startup programms are starting
<ea1het_OFF> maybe you have a wrong routing table in your box
<lux`> so I though it's a ip route problem, but shouldn't things modified with "ip" command be temporanyt?
<ea1het_OFF> of course you have to clean it
<lux`> i also tried ip route flush table main from the rescue mode chrotting the server ea1het_OFF
<lux`> and after restarting to normal mode still doesn't work
<ea1het_OFF> i'm not sure the rescue mode serves this matter....
<lux`> well that's the only way i can access the server
<ea1het_OFF> hum.. and i understand you don's have physical access to your server.... right?
<lux`> nop
<ea1het_OFF> the only idea i have is to create a shellscript you can configure... put it on the rc.local init script.... and that script flush all tables and set one and only one default route to your gateway
<ea1het_OFF> maybe it works
<ea1het_OFF> same command you introduce in the rescue session but inside a shellscript to automatically be executed from rc.local in the normal init run
<lux`> k i'll try thanks
<ea1het_OFF> you're welcome
<harushimo> does anyone anything about maas here
<Psi-Jack> Okay, so, I'm having some ANNOYING issues with nslcd NOT starting at boot-up in Ubuntu 12.04.
<lux`> reading online they say that ip and route commands aren't permanent ea1het_OFF
<lux`> also I tried to do as you said and it didn't work
<ea1het_OFF> what do you have in your interfaces file (/etc/network/interfaces) ??
<ea1het_OFF> take a look at the config for incoherences...
<lux`> 1sec restarting to rescue mode
<lux`> ea1het_OFF, the samething I've had for months
<lux`> and these are the commands i've added to rc.local:
<lux`> ip route flush table main
<lux`> ip addr add 46.105.109.0/24 dev eth2
<lux`> ip route add default via 46.105.109.254
<ea1het_OFF> looks good
<ea1het_OFF> lux`: ip route ls
<ea1het_OFF> lux`: ip rule list
<ea1het_OFF> ip route flush cache
<lux`> i can connect only through rescue
<ea1het_OFF> is the ssh daemon running in normal init?
<lux`> always been
<ea1het_OFF> if you don't have physical access ... how are you connecting to your box and changing the init level?
<lux`> through a rescue system the hoster gives me ea1het_OFF
<lux`> it let me connect to the real server harddisk
<lux`> so i can chroot to it
<ea1het_OFF> you are into a VPS Â¿
<ea1het_OFF> ?
<lux`> anyway yeah, ssh is enabled in init level 2-5
<lux`> dedicated server
<ea1het_OFF> what did you tried before, when the connections stop working?
<lux`> ip route del ?.
<lux`> but as I said I read that it refresh every restart
<lux`> shouldn't it?
<ea1het_OFF> it should.....yes...
<ea1het_OFF> did you do any kind of change to the network configuration files?
<lux`> yeah actually I did, added another nic but i restarted network and everything was fine, anyway after I removed it thinking it was the problem
<lux`> so now it's exactly how it has been for months
<ea1het_OFF> when you enter in chroot mode... can you get access to the internet from your server?
<ea1het_OFF> i don't want to think it's a temporary problem in your hoster....
<lux`> yes
<lux`> i can
<ea1het_OFF> run in normal mode
<lux`> can't access anything in normal mode :/
<ea1het_OFF> telnet your_server_ip 22 from you pc and wait for a connection....
<lux`> won't work
<lux`> connection refused
<ea1het_OFF> and tell me if if presents a prompt
<ea1het_OFF> so only two things can happen.... no ssh daemon running in the correct interface.... or no interface well configured.
<lux`> i can even start ssh in the chrotted env.
<lux`> and /etc/network/interfaces is like it has always been
<lux`> :(
<ea1het_OFF> iptables -L -n
<ea1het_OFF> to see if there is something blocking your machine
<ea1het_OFF> (firewall rules i mean)
<ea1het_OFF> any firewall daemon configured in the box?
<lux`> i even removed iptables to make sure it wasn't it
<ea1het_OFF> there is not so much....
<lux`> so it can't be it
<ea1het_OFF> execute the line above to be sure....
<ea1het_OFF> or reboot your machine
<lux`> command not found
<lux`> i'll try to reboot with only the default nic
<ea1het_OFF> good....
<ea1het_OFF> lux`: it is not a good idea to configure interfaces and subinterfaces together
<ea1het_OFF> if you are going to work with subinterfaces.... only configure subinterfaces for all networks
<ea1het_OFF> without configuring the physical device
<ea1het_OFF> about the rest...loooks good
<lux`> nothing, I'll check logs to see if ssh is giving any error i guess
<Psi-Jack> Hmmm
<Psi-Jack> So, I've converted my nslcd init.d script into upstart scripts, and at startup it seems nslcd.conf actually IS running, but nslcd-k5start.conf isn't. Very strange...
<Psi-Jack> is there a network-manager specific event?
<harushimo> I've trying to setup maas. Is it possible to set it up on ubuntu-server 32 bit?
<harushimo> can anyone help me with maas at all?
<harushimo> I've been at this problem for a week
<harushimo> the instructions are 64 b it iso
<harushimo> not for 32 bit
<lux`> what the fuck
<lux`> i even put debug to log level of sshd
<lux`> and it's not showing NOTHING AT ALL
<pmatulis> lux`: language please.  what's the problem?
<harushimo> pmatulis: can I ask you a question
<harushimo> you helped a couple hours ago
<harushimo> is it possible to install maas on ubuntu-server 32 bit
<harushimo> ?
<harushimo> when I look at the instructions, it is for 64 bit
<lux`> pmatulis, sorry i'm very frustrated, it's almost 5am here and still can't fix the server, anyway there is a discussions of like 50lines if you scroll on the top
<pmatulis> harushimo: yes, you can
<pmatulis> lux`: yes, i read it now
<harushimo> how
<harushimo> I've been really struggling here
<harushimo> there are no instructions for the 32 bit
<lux`> install lsh-server now? so i'll check if there is a problem with openssh or something else
<pmatulis> harushimo: well, get yourself a 32bit-based machine and away you go
<harushimo> i'm running 32 bit vm
<harushimo> that I know
<pmatulis> harushimo: so what's the problem?  just 'apt-get install maas'
<harushimo> alright
<harushimo> that is easy
<harushimo> I'll install the ubuntu-server
<harushimo> okay I see now
<pmatulis> lux`: so you put in a bad route with the ip command and now you cannot ssh into the machine?
<lux`> exactly, but everything done with the ip command should be temporany right pmatulis ?
<lux`> so now I'm thinking that there is a problem with ssh
<pmatulis> lux`: yes, it won't survive a reboot
<lux`> and also I'm not reading from the first "faulty" reboot anything about ssh in /var/log/auth.log
<lux`> not even putting the log level to "DEBUG" in sshd's config, so there is something wrong I guess
<pmatulis> lux`: is the ssh daemon running?
<lux`> how can I know, it's not visibile from the outside anyway
<lux`> nor in the logs
<pmatulis> lux`: with the ps command
<lux`> I can't access the machine in normal mode
<pmatulis> lux`: i thought you had an alternative method
<lux`> yes I can connect in "rescue mode", basically I can connect to a temporany computer which got access to the main server's hdd
<pmatulis> lux`: so you can read data on the drive?  browse the filesystem?
<lux`> yes
<pmatulis> check if there is a pid file for sshd
<pmatulis> what release are you running there?
<lux`> nop no pid pmatulis
<pmatulis> what release are you running there?
<lux`> 12.04
<pmatulis> where did you check for the pid?
<lux`> /var/run/sshd/
<pmatulis> try /run/sshd.pid
<lux`> nothing
<pmatulis> did you much around with /etc/ssh/sshd_config at all?
<pmatulis> *muck
<lux`> don't remember doing so, anyway now i'm installing lsh (taking so much time to create the random seed) and then if it doesn't work I'll try to purge and reinstall openssh
<lux`> but the odd thing is that there is no error nor anything at all about ssh in the logs pmatulis
<lux`> since the server problem
<pmatulis> lux`: you did a 'grep sshd /var/log/syslog' and no error?
<lux`> yeah and also /var/log/auth.log
<pmatulis> well, the reason why you can't ssh into the box is because sshd is not running
<pmatulis> auth.log will be empty of anything useful if sshd is not running
<lux`> yes yes yes
<lux`> changing ssh server worked
<lux`> my eyes are gonna cry blood in the pain of frustation
<lux`> it's 5am but it's all right
<mgw> what would be the implications of having, say, 500 ssh tunnels open at once?
<mgw> to remote machines
<pmatulis> lux`: so you can log in now?
<qman__> mgw, lots of CPU overhead for the encryption
<lux`> yes and i don't even wanna know what's wrong with openssh
<lux`> i even purged an reinstalled it
<lux`> it didn't work
<lux`> using dropbear now
<qman__> each tunnel has to run the expensive RSA for the handshake, but then also has to keep up the AES tunnel
<lux`> and i can finally go to sleep, the sun is rising...
<lux`> gnite and thanks pmatulis ea1het_OFF
<mgw> qman__ thanksâ¦ so it wouldn't work very well
<mgw> if at all
<qman__> well, it'll work if you have enough CPU
<mgw> ok
<mgw> any idea how much?
<qman__> any CPU made in the last few years can handle that, but it's a nontrivial amount of computation
<qman__> that you have to take into account when designing the system
<qman__> if that's all you're doing, a modern chip can handle it
<mgw> ok, but 100 would be more doable, even on a smaller system then?
<pmatulis> lux`: good.  let me know why sshd could not start.  g'night
<qman__> it can, but on a typical desktop, doing 100 SSH tunnels with AES256, expect between 10% and 30% CPU use
<qman__> you'd have to do some tests to get actual numbers, but IME it should be in that ball park
<qman__> my 200MHz K6 starts to choke at about 6
<mgw> qman__ thanks
<mgw> would I need to look at ulimits to open this many?
<qman__> no, by default the limits aren't set
<qman__> now, those numbers also depend on the amount of traffic going over those tunnels
<qman__> idle tunnels or light communication doesn't need as much CPU power as, say, a file transfer
<mgw> qman__ obviously
<mgw> i'm not sure i'd actually use a tunnelâ¦ maybe a straight ssh connection, but keep them open
<mgw> I'm trying to optimize an application that opens and closes connetions repeatedly
<qman__> my K6 can't actually keep up with an SFTP transfer, it's notably slower than my uplink
<mgw> okâ¦ but that's a K6
<mgw> ;-)
<qman__> it is, just making the point that a file transfer takes more than 7 or 8 open SSH sessions
<mgw> ah, understood
<mgw> ok, so this is how the system currently works
<mgw> if I'm working with 100 systems, it forks 10 processes (say) and opens 10 connections at a time
<mgw> closes them, and and loops through the 100 servers that way
<mgw> for each task
<mgw> then it starts over
<mgw> for the next task
<qman__> that's going to be really inefficient if you have more than one task per server
<mgw> is the opening/closing more intense than keeping them idel?
<qman__> much more
<mgw> ok, that's what I was hoping
<qman__> you're talking about 2048-bit (or more) RSA per connection
<mgw> b/c it's also really slow
<qman__> versus keeping an AES256 open
<mgw> hoping, b/c I want to make this more efficient
<qman__> and that isn't 8 times more complex, it scales exponentially
<qman__> you're going to want to keep the tunnels open as long as is practically possible
<qman__> they do die off with flaky connections after a while, so you might want to make them no more than an hour long depending on your network and application
<qman__> but that's the range you're going to want to shoot for, not seconds or minutes
<mgw> qman__ I don't really need them for more than a few minutes
<mgw> right now they're being opened/closed several times a minute
<mgw> maybe 15 minutes if there're a lot of longer tasks
<mgw> qman__ one more questionâ¦ if I open a tunnel via a subprocess, will the tunnel close when the parent process dies?
<joseph__> Why does byobu look bad over ssh?
<RoyK> joseph__: it does?
<joseph__> yea maybe a bug. there is a scolling problem had to disable the logo to fix that. but i am trying to fix this http://img600.imageshack.us/img600/401/screenshotfrom201206020.png
<RoyK> looks like a curses bug
<RoyK> file a bug :)
<joseph__> what should i use tmux or screen
 * RoyK just uses screen
<joseph__> it looks even worse when i use tmux.
<RoyK> joseph__: but please file a bug - bugs aren't fixed unless reported
<joseph__> file the bug report https://bugs.launchpad.net/byobu/+bug/1007753 should of explaned it better
<uvirtbot> Launchpad bug 1007753 in byobu "menu display screwed up over ssh?" [Undecided,New]
<joseph__> start up a ec2 instance and run byobu. the status bar infinitty scrooling bug is already filed.
<chmac> `hostname` is returning blah instead of blah.domain.tld, I've reset /etc/hostname and rebooted, but every time it reverts to just blah.
<chmac> Any ideas?
<Jeeves_> vi /etc/hosts
<Jeeves_> hostname -f will probably give the full hostname
<lux`> how can I use ip route or ifconfig to use another nic and not the default one for an IP?
<Jeeves_> ip addr add 192.168.1.1/24 dev ethx
<Jeeves_> Oh wait
<Jeeves_> route
<lux`> and then ip route add outgoing_ip via secondary_nicip?
<Jeeves_> You want to route a specific network over another interface?
<lux`> I want to use a specific NIC for a specific IP
<lux`> so when i connect to the specific IP it uses the specific NIC
<lux`> and not the default one
<Jeeves_> ip route add <dstip> via <dstgw>
<lux`> tried already, gave me no such process error
<lux`> RTNETLINK answers: No such process
<chmac> Jeeves_: I've tried setting the fqdn into /etc/hostname, but it gets overwritten on reboot. It's a proxmox virtualised machine, so maybe there's something going on there, not sure...
<Jeeves_> /etc/hostname is being overwritten?
<Jeeves_> In Ubuntu?
<viezerd> try /etc/init.d/hostname.sh start after editting
<qman__> mgw, yes, the tunnel will close when the parent process dies
<pats_Toms> hi, is there someone who can help me finding the way to multiarch on linux? I want to run 32bit game server on 64bit ubuntu
<harushimo> I installed maas and it gave me my web interface
<harushimo> when I try firefox, i can't use it
<harushimo> I'm using this on my virtual machine
<harushimo> I don't understand why I can't see it on my computer
<Psi-Jack> There we go, FINALLY resolved my fricken nslcd issues with it not starting up properly at boot.
<Psi-Jack> Fixed it by converting my dnsmasq, and nslcd init.d scripts into upstart scripts.
<mgw1> qman__ thanks, that's what I thought
<harushimo> anyone know maas here
<harushimo> how come I can't access the web interface
<harushimo> I have maas installed on my virtual machine
<harushimo> I can't access the web interface at all
<harushimo> do I need to import isos first and then access the web interface
<harushimo> http://cloud.ubuntu.com/
<harushimo> I'm looking at this site. I was wondering updating the address within my network
<harushimo> what is that referring to
<pehden> nmap pehden.dyndns-ip.com msg me results please
<slide> Does anyone know of a tool for analyzing the disk usage to indicate large files/dirs? needs to be command line or output some sort of file
<slide> right now im using du -h --max-depth=1 but thats annoying lol
<slide> ah cool Philesight might work, apparently its web based
<guntbert> slide: start with du -s /* and walk down the tree
<slide> yea but thats REALLY slow heh
<guntbert> slide: "fast" was not on your list of requirements
<guntbert> :)
<slide> true heh
<slide> gt5 is good btw
<harushimo> hello
<harushimo> !openstack
#ubuntu-server 2012-06-03
<harushimo> when your setting up ubuntu server, is it better to partition it like the desktop version
<harushimo> where you have a boot, swap, root, and a home directory?
<pokeswap> i need to run shell comands on the gnome, but it is not on the sidebar. how do i launch gnome?
<harushimo> I have maas finally working on ubuntu-server 32 bit
<harushimo> thank you everyone
<SpinningWheels> I was setting up a couple vm's and noticed "The following packages have been kept back: linux-headers-server linux-image-server linux-server" so, i apt-get install linux-headers-server linux-image-server linux-server. say yes to dependencies and walk away. a day later i boot up the vm and neither can resolve hostnames anymore and the "kept back" packages are still the same.
<SpinningWheels> i can delete these vm's and start over, no big deal, but im curious what went wrong.
<patdk-lap> what idd you do, that gave you that message?
<SpinningWheels> im assuming uncommenting repositories in /apt/sources.list. every time i would apt-get upgrade/update it woud say that afterwards. i got the uncomment additional repositories advice from someone who probably knows less about linux than i do.
<SpinningWheels> or /etc/apt/sources.list rather
<patdk-lap> hmm, failure to read the apt-get manual?
<patdk-lap> upgrade doesn't upgrade everything, as you found out
<SpinningWheels> ic
<patdk-lap> it doesn't bring in new things
<patdk-lap> those are new, therefor it didn't upgrade them
<patdk-lap> try using dist-upgrade
<SpinningWheels> i was just about to ask that
<SpinningWheels> ok, thats finished and rebooted. i still seem to have no dns lookup from the vm
<Syria> Hello, Please tell me how do I configure the virtual machine on my ubuntu server 10.04 to start automatically on system startup?
<Syria> Hello, Please tell me how do I configure the virtual machine on my ubuntu server 10.04 to start automatically on system startup?
<andol> Syria: That really depends on what virtulization setup you are using etc. If you use libvirt/kvm, which I guess can be considered the Ubuntu default, you might want to use virsh autostart
<Syria> andol:  /usr/bin/VBoxManage startvm "machine name" --type headless / this is how i start the machine.
<Syria> andol:  I have to use Virsh autostart for this?
<RoyK> Syria: why don't you just use kvm?
<Syria> RoyK: Because i don't know what KVM is.. :( can it be installed on my ubuntu server 10.04 LTS?
<RoyK> apt-get install kvm virt-manager
<RoyK> then just run virt-manager
<Syria> RoyK:  Thank you, I will do this.
<Syria> RoyK:  Could you please help me with the virt-manager ?
<RoyK> !ask
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<Syria> RoyK: U have installed it, But i don't even know how start the wizard.. I have two virtual machines that i want them to start automatically on system startup
<RoyK> Syria: start virt-manager
<Syria> RoyK: start: Unknown job: virt-manager
<RoyK> Syria: also, virtualbox VMs won't show up there automatically, you'll need to migrate them to kvm
<RoyK> just type "virt-manager" in the console
<Syria> RoyK: http://paste.ubuntu.com/1020975/
<Syria> RoyK: Also how can I migrate the machines from virtual box to kvm please..
<RoyK> Syria: http://bit.ly/LpO01C
<RoyK> Syria: gtk.GtkWarning: could not open display
<RoyK> meaning you need to use X11 forwarding
<Syria> RoyK: Thank you, I will work on the migration now then on the X11 forwarding
<RoyK> ssh -y somehost will turn that on
<RoyK> if you're using a windows client, turn it on in putty and install xming
<meditator> hello... is it possible to run vmware player on ubuntu server ?  What I want to do is to install install vmplayer and run the vmplayer to show a XP machine .. is it possible to do that? help greatly appreciated.
<RoyK> meditator: I don't see why that should be a problem
<RoyK> meditator: also, kvm may be usable to run the vm too
<meditator> thanks RoyK, sorry for my ignorance.. what is kvm ?
<RoyK> !kvm
<ubottu> kvm is the preferred virtualization approach in Ubuntu. For more information see https://help.ubuntu.com/community/KVM
<meditator> thanks
<MatBoy> mhh this sucks... there are differences between partitions made on sda and sdb when setting teh same size
 * cwillu_at_work suggests that you didn't do what you think you did
<qman__> it's possible but only if you have different hardware or messed up geometry
<qman__> if they're the same disks with correct geometry, they have the same exact block layout and can be set up identically
<mr-rich> Unless you have bad sectors on one/both
<MatBoy> qman__: yap... two different disks... but it always worked
<MatBoy> since when can 12.04 not install grub on sdb in a raid1 MD set ?
<heller_barde> hi guys :)
<heller_barde> I have problems getting ufw to run on a ubuntu 10.04 LTS in a OpenVZ Virtual Environment. Is this the right place to come or should I rather ask in #openvz?
<Bilge> How can I tell what the source for a package is?
<Bilge> I want to know if it came from Ubuntu or a PPA
<jdstrand> heller_barde: the kernel may not support everything ufw needs. Use /usr/share/ufw/check-requirements
<heller_barde> jdstrand: oh i see. any suggestions for a firewall solution then?
<heller_barde> jdstrand: i already tried shorewall to no luck
<qman__> iptables
<qman__> unless your needs are particularly complex, a 10-20 line iptables script should do it
<heller_barde> qman__: oh i see :)
<heller_barde> qman__: thanks
<JanC> ufw & shorewall use iptables, so I'm not sure what that would solve...
<jdstrand> surely the kernel supports some netfilter
<jdstrand> so he would have to just avoid the bits that his kernel doesn't support
 * jdstrand wanders off
<qman__> yeah, if it doesn't have netfilter he can't firewall it
<qman__> iptables is getting down to barebones
<JanC> what kernel? (inside an openvz container)
<JanC> most likely heller_barde doesn't have the rights to change the firewall from inside the openvz container
<heller_barde> JanC: probably
<heller_barde> yay, with iptables it worked well :D
<JanC> interesting
<heller_barde> withsome help from this: http://www.mista.nu/iptables/
<JanC> might be useful to see what ufw uses that isn't supported then
<JanC> because what ufw does is create a bunch of netfilter rules based on its configuration, and use iptables to apply them
<heller_barde> JanC: I don't know exactly how to figure that out...
<Bilge> How can I tell where a package came from?
<Bilge> I want to know if it came from Ubuntu or a PPA
<JanC> Bilge: in the GUI, commandline, â¦?
<tibrox> I've setup http(80) to port forward to my server behind my router.  I can access the server from the WAN and LAN ip but not via my phone.  What could I be missing?
<JanC> how is your phone connected to the internet?
<JanC> Bilge: if you don't mind using the commandline, try: apt-cache policy PACKAGENAME
<tibrox> JanC, via data bundle
<Bilge> #ubuntu-server
<Bilge> >don't mind using the commandline
<Bilge> What?
<Bilge> Also, thanks
<sarthor> Hi, installed drupal 7 on 12.04 ubuntu machine with apt-get -y install drupal7, everyting went fine, NO error, when i browse http://192.168.1.65, so the apache2 says it works. How to open drupal7 in browser now??
<Deathvalley122> sarthor: people aren't be able to check that cause its a private ip
<sarthor> Deathvalley122: I am just testing and learning that is why i am installing on Intranet
<sarthor> I am from the lan pc and am trying to browse
<Deathvalley122> are you trying to install it?
<blkperl> sarthor: http://192.168.1.65/drupal ?
<blkperl> sarthor: http://drupal.org/documentation/install/run-script
<sarthor> blkperl: no directory was created my drupal installation
<blkperl> sarthor: you mean theres no directroy called drupal in /var/www/ ?
<blkperl> or where the package installs it
<Deathvalley122> whoops lol forgot to put -n when opening a new window on my kvirc
<sarthor> blkperl: yes
<blkperl> sarthor: just a sec installing it now
<sarthor> blkperl: ok
<sarthor> blkperl: the installation said this in last http://pastebin.ubuntu.com/1022049/
<sarthor> blkperl: once I installed and then i removed with purge, and then reinstalled, that is why it says in some places .. already exists
<blkperl> sarthor: /usr/share/drupal7/ ?
<sarthor> blkperl:  ls /var/www/
<sarthor> 1  default  frontaccounting  index.html  shabaka
<sarthor> root@FA:~#
<sarthor> root@FA:~# ls /usr/share/drupal7/
<sarthor> authorize.php  includes   install.php  modules   robots.txt  sites   update.php
<sarthor> cron.php       index.php  misc         profiles  scripts     themes  xmlrpc.php
<blkperl> sarthor: try http://192.168.1.65/drupal7
<sarthor> blkperl: should i copy this dir to /var/www/
<blkperl> no theres an apache config that points at /usr/share/drupal7
<sarthor> blkperl: says not found
<sarthor> blkperl: are you with me brother?
<blkperl> sarthor: i think you just need to configure an apache vhost
<sarthor> how? any link?
<blkperl> sarthor: http://drupal.org/node/111238, DocuementRoot would be /usr/share/drupal7
<Iceman_B> lo
<kalkin-> hi
<kalkin-> i'm trying to setup dnsmask as local cache
<kalkin-> i have some own dns in /etc/hosts
<kalkin-> i can resolv them from the machine where dnsmasq is running
<kalkin-> i can resolve anything else from the machine where dnsmasq is running
<kalkin-> on my other machine i can resolve only resolve my own dns (like foo.bar) which are written in the /etc/hosts on the maching running dnsmasq
<kalkin-> but local caching doesn't work
<kalkin-> k i think it sounds to complicated
<kalkin-> i have a mchine dns.local which is running dnsmask
<kalkin-> it has some entries like foo.local and bar.local in /etc/hosts
<kalkin-> in /etc/resolv.conf are two nameservers 127.0.0.1 and another one
<kalkin-> /etc/resolv.conf is not a symlink anymore, it's a normal file
<kalkin-> on my dns.local machine i can resolve anything
<kalkin-> it works fine
<kalkin-> but on my other machine (foo.local) i only can resolve the stuff which i entered on the dns machine in /etc/hosts
<kalkin-> i can't resolve google or anything else
<kalkin-> why?
<kalkin-> anyone any idea why it doesn't work?
#ubuntu-server 2013-05-27
<MagBo_> Greetings, gentlemen! Does Ubuntu Server 12.04.2 support paravirtualization out of box? Is there an image that is PV-enabled in official mirrors?
<Patrickdk> hmm?
<Patrickdk> paravirtualization has been supported out of box for awhile
<Patrickdk> but not many people really using it though
<Patrickdk> as you can't use paravirtualization with 64bit
<Patrickdk> but then, it is not needed for 64bit either
<MagBo_> Patrickdk: very strange. I tried several times and still after the installation Xen says that the drive isn't bootable.
<Patrickdk> heh?
<MagBo_> OMG I'm such an idiot
<MagBo_> uuid ( RO)          : d9429e8b-7a25-4fc6-8d9a-8437ea847341 name-label ( RW): ubuntu-12.04.2-server-amd64.iso
<MagBo_> I was 100% sure that it was 32 bit iso :D
<MagBo_> Didn't even check. Thanks for forcing a sanity-check, I'll download 32 bit iso.
<MagBo_> Patrickdk: interestingly enough the following image: ubuntu-12.04.2-server-i386.iso doesn't work with Xen out of box as well. There must be some bootloader magic, maybe I'm missing some step I should do after I install the system via installer and boot it for the first time?..
<MagBo_> But from what I see I suspect that it "thinks" that it operates in HVM mode :(
<tohuw> How might I view all of the packages provided by a given source in my sources.list? (Ubuntu Server 12.04)
<MagBo_> Patrickdk: turned out that there is no well-known way to make image-based installation work in pv fashion, and yes, the problem was that it "thought" that it deals with hvm case.
<MagBo_> in the end, netboot magically worked. :x
<Patrickdk> I don't think I ever did it that way for xen, ever
<Patrickdk> I always use the xen-util builder program to do it
<MagBo_> Heh, I'm new to the concept of running Ubuntu on Xen and new to concept of running things on Xen to be completely honest.
<DrasticDragons1> Is it okay to delete the user "irc"?
<DrasticDragons1> Or if not, just re-name it?
<DrasticDragons1> I would assume as long as I am not running a ircd it shouldn't matter if the user is gone or not.
<majorrabbid> hello everyone
<larsemil> for some reason my install put sv_US.ISO-8859-1 as locale. i dont find the file where this is set.???
<larsemil> i have searched /etc for "sv_US" but no luck
<maxb> That's odd - it's normally set via /etc/default/locale
<larsemil> yes.
<andol> larsemil: What to be generated or what to use as a default?
<Senor> how to set nameserver
<larsemil> andol: to be used.
<andol> larsemil: What happens (not) when you set LANG in /etc/default/locale then?
<mardraum> Senor: man resolvconf
<maxb> larsemil: Where are you actually seeing sv_US.ISO-8859-1 if not in /etc/, then?
<larsemil> maxb: locale
<Senor> I write nameserver into /etc/reslov.conf, but it need write agan at next system startup
<larsemil> now i think i solved it. typo.
<larsemil> #Â¤%&/
<Senor> I write nameserver into /etc/reslov.conf, but it need write again at next system startup
<mardraum> Senor: man resolvconf
<histo> Senor: resolvconf gets replaced. You can place nameservers in /etc/init.d/networking or use /etc/resolvconf/resolvconf.d/head
<mardraum> histo: er, no
<mardraum> histo: you read the manpage, and you don't do either of those things
<histo> mardraum: yes you do
<histo> mardraum: read the man page about /etc/network/interfaces
<mardraum> really? shall I paste you the contents of head?
<histo> mardraum: How do you think the warning message gets in the resolv.conf file???
<mardraum> heh
<histo> mardraum: I should say read the resolvconf man page about /etc/network/interfaces It says right there you can add dns- lines to the iface stanza
<mardraum> it means in the file "interfaces"
<mardraum> not in the file "head"
<histo> mardraum: Right as I suggested. I merely suggested head as an alternative because it will also work. However the proper way is in interfaces
<histo> depends on proper I guess though.
<mardraum> no, it's the wrong way
<mardraum> and editing the init.d script is wrong too
<histo> What?
<histo> mardraum: How is putting dns-namserver in interfaces wrong?
<mardraum> now you are trolling
<histo> No i'm just confused.
<mardraum> go read what you initially suggested.
<histo> At your point
<histo> lol
<mardraum> my point is this. you suggested editing an init.d script or "head"
<histo> my bad tab completed and didn't even look
<mardraum> both are wrong
<histo> It was my tab completion I meant /etc/network/interfaces I started typing ini<tab> before netw<tab>
<mardraum> "21:19 < histo> mardraum: Right as I suggested. I merely suggested head as an alternative because it will also work."
<mardraum> bullshit man.
<histo> huh?  Head will work
<histo> I tried suggestion the proper way first and suggested a secondary option.
<histo> !language | mardraum
<ubottu> mardraum: Please watch your language and topic to help keep this channel family-friendly, polite, and professional.
<Phoenixxl> Hello , in isc-dhcp-server , when an option is set globally , how can one "blank" or "erase" it for individual cases ? replacing is just a matter of setting it again ..
<Phoenixxl> Thnx for any suggestion .
<pmatulis_> Phoenixxl: what cases?
<zerick> Anybody knows if starting Corosync at boot is safe?
<TheLordOfTime> how do i change the gpg home directory for a user?
<TheLordOfTime> s/gpg/gnupg/
<genii-around> TheLordOfTime: I think you'd either have to call it with --homedir /wherever    or else set GNUPGHOME=/wherever   and then EXPORT it
 * genii-around ponders some /etc/skel/.gnupg 
<zul> yolanda:  still around?
<yolanda> still here, i had to go out in the morning for a while, so still working
<zul> yolanda:  cool can you have a look https://code.launchpad.net/~zulcss/cinder/cinder-fixtures-deps/+merge/165916
<yolanda> ok
<NomadJim> any idea why this works fine: WSGIDaemonProcess localhost python-path=/srv/testdj/beginnerdj
<NomadJim> but WSGIPythonPath /srv/testdj/beginnerdj
<NomadJim> cause this bug https://bugs.launchpad.net/ubuntu/+source/libapache2-mod-python/+bug/1073147
<uvirtbot> Launchpad bug 1073147 in libapache2-mod-python "Python version mismatch, expected '2.7.2+', found '2.7.3'" [High,Confirmed]
<NomadJim> *causes
<NomadJim> is it bad to use the first one? cuz if it ain't broke...
<Jinxed-> Does anyone know if there is an m$ exchange room?
<Ron72> Can anyone tell me if installing xorg on a webserver is a big security risk?
<RoyK> Ron72: it's not big security risk, but why would you? you can run those X11 apps over ssh from your desktop/laptop even if it runs windows (with xming etc)
<Ron72> Thanks RoyK. Yes, but in order to forward X11 xorg has to be installed, right?
<RoyK> no
<RoyK> only the x11 libs
<RoyK> and xauth
<Ron72> RoyK: oh. Okay. Do you know what I have to install for the basic x11 libs?
<RoyK> x11 is a client/server thing, the other way around than usual - your desktop or laptop has the X11 server, the server to which you login has the x11 client and connects to your server via ssh
<RoyK> Ron72: ssh -x somebox
<RoyK> and run xeyes
<RoyK> you need xauth too, as I said, if it's not installed, install it and log out and in again from that server
<RoyK> xauth must be installed on the server
<RoyK> oh, ssh -X
<RoyK> not -x
<RoyK> -x disables x11 forwarding, -X enables it
<Ron72> Okay. Do you know a way to reconnect to a specific window when I lose my connection? Screen does not work, right?
 * RoyK has x11 forwarding enabled in ssh_config
<RoyK> Ron72: you can't connect to an existing x11 session with normal x setup
<Ron72> Okay.
<Ron72> Thank you!
<izanagisan> good day/night all
<RoyK> you can use nxclient/nomachine/opennx, though
<RoyK> or vnc
<RoyK> izanagisan: good localtime();
<izanagisan> I'm having a problem with an Expect script run from crontab. If I run it from console, it's perfect. If I execute it from crontab, the part where I give it a parameter as /home/myuser/dbbackups/$(date +"%Y-%m-%d").backup doesn't work. Anyone know what can I do to avoid that?
<izanagisan> tried putting the parameter in simple quotes, didn't help : (
<izanagisan> (I don't think it's an error per se. It's just that in crontab, the space between 'date' and '+' is interpreted as passing to the next parameter
<baniir> hi. is anyone here running raid10 on ebs? i changed readahead values with blockdev, but i don't think the settings are persisting through reboots
<Ron72> RoyK: Still there? I'm curious. How do you edit documents on your server? I'd like to use a GUI text editor in order to jump between configuration files or code faster. Don't you use x forwarding or something?
<PryMar56> Ron72, use geany over ssh
<RoyK> Ron72: I use vim
<Ron72> RoyK & PryMar56. Thanks
<RoyK> may be old-school, but so does my collegues aged 23 or so
<izanagisan> maybe I'll make a shell script that executes the Expect script, and call the shell script from crontab...
<phillw> Hi server people, has there a classroom session been held on LVM?
<marshall> hey ubuntu server
#ubuntu-server 2013-05-28
<keithzg> So how does one clear that "New release '13.04' available." notification on a server? I vaguely remember doing so many releases ago, but once again I find myself with many different servers, all upgraded, that are nonetheless informing me they need to be upgraded ;)
<qman__> there isn't anything to clear, but what you may be getting at is the difference between standard and LTS releases
<qman__> you can configure which release schedule you want to use
<qman__> or, alternatively, you can upgrade using 'do-release-upgrade'
<codepython777> when one uses useradd to create a new user, what is the default password?
<qman__> there is none
<codepython777> thanks
<qman__> the "easy" and defaulted/set up way to add users is with adduser
<qman__> useradd works but it doesn't do anything for you, you have to specify all options
<tohuw> What is the correct syntax to copy files from a source to a destination, assuming I want all directories and their contents, and if a file in the destination matches the source version, skip it? rsync -av SOURCE DESTINATION?
<tohuw> I ask because archive mode reads in the manpage like what I want, but it seems to behave differently; it is apparently re-transferring files I know to be the same (including the path) in the destination.
<qman__> tohuw, that is the function of the -a switch; if the files are being retransferred, they don't match
<qman__> you may also want the -H switch, as it reconstructs hard links at the destination, -a does not
<tohuw> qman__: Thank you. I was able to figure out the mismatch. You were right, of course; they didn't match.
<foosinn> hi, i have build a ubuntu 12.04 using deboostrap. i added the linux-image-virtual kernel + pygrub menu.lst. when i try to boot the vm i see pygru and 'Started domain vm104 (id=39)', but the vm seems to crash. logfiles: http://ix.io/5Pl with ubuntu 13.04 the exact same procedure lead to a working vm.
<foosinn> hostsystem info: http://ix.io/5Pn
<foosinn> anyone an idea?
<elfranne> when I write export SOME_PATH=/to/a/folder in crontab it produce error : bad minute
<greppy> elfranne: drop the export
<elfranne> greppy, i can t, if i am not using export that variable will not be accessible to the script i start in the crontab
<greppy> elfranne: update the script to have the path in it?
<thyrant> hello
<thyrant> so I screwed up my ssh and when I trie to revert the changes with sudo service ssh reload, I get reload: Unknown instance:
<thyrant>  
<thyrant> what do?
<mardraum> revert what changes?
<thyrant> http://ubuntuforums.org/showthread.php?t=1711059
<mardraum> some forum posts from 2011?
<mardraum> revert what changes?
<thyrant> So now it looks identical to how it looked, I made a backup. When reloaded it says unkown instance:
<thyrant> I am in so much trouble, I do not have access to the server if I close the terminal window
<mardraum> thyrant: try "start"
<thyrant> OH GOD thanks
<mardraum> "man service" to learn about the command you are using
<thyrant> sudo service ssh start  -.-  thank you mardroum
<zul> yolanda:  can you have a look at http://paste.ubuntu.com/5709927/ please
<hackeron> hey, anyone familiar with upstart? -- I need to tell it where to look for a pid, I can see this option: http://upstart.ubuntu.com/wiki/Stanzas#pid -- but it seems it was removed? -- What can I use instead?
<hallyn> zul: did you find time to test qemu 1.5?  If not, the (very little different) 1.5-2 is ready, I'll push that to ppa
<zul> hallyn:  not yet ill do some today
<hallyn> zul: ok
<mardraum> hallyn: what tests do you need?
<hallyn> mardraum: i've run the qa-regression-tests test-qemu, now just looking for some manual testing of the qemu for saucy in ppa:serge-hallyn/virt before  push to saucy archive
<zul> yolanda:  ping did you have a look at those merge requests yet?
<yolanda> zul, which merges?
<zul> yolanda:  the ones in the pastebin
<yolanda> i lost connection to the chat for a while, were you talking at me?
<yolanda> can you resend me?
<zul> <zul> yolanda:  can you have a look at http://paste.ubuntu.com/5709927/ please
<yolanda> i lost it
<yolanda> ok
<mardraum> hallyn: I can start/stop/suspend/save/restore some local and nfs machines, what else would you need?
<mardraum> I mostly prefer using libvirt as a frontend
<yolanda> zul, m
<yolanda> small typo in the python-keystoneclient one
<yolanda> debian/cntrl
<zul> yolanda:  k ill fix it
<hallyn> mardraum: not much, thanks :)  well, i'm a bit worried about funky package upgrade situations.  But I really shoudl get aroudn to scripting a test for those.
<mardraum> hallyn: your ppa gave me 1.5.0+dfsg-1ubuntu1~ppa2 - got a few vm's running nicely working hard at some tasks, zero issues :D
<hallyn> mardraum: thanks.  I'm just going to make sure that 1.5.0+dfsg-2ubuntu1~ppa1 builds there successfully (can't imagine why it wouldn't but i have a bad imagination) - then push to saucy - thanks!
<mardraum> got them all hammering away upgrading/syncing sources etc, suspend/save/resume all good
<zul> yolanda:  https://code.launchpad.net/~zulcss/keystone/keystone-refresh/+merge/166058
<yolanda> zul, in that diff, i'm seeing more patches than the sql_connection.patch, is that normal?
<zul> yolanda:  yeah
<plars> server image doesn't seem to boot today, anyone have an idea what happened between yesterday and today?
<zul> plars:  nope just half the team was on vacation yesteray
<zul> yolanda:  another one https://code.launchpad.net/~zulcss/python-quantumclient/pbr/+merge/166060
<plars> zul: not sure what I can do on this at the moment, I tried taking quiet out of the boot, but I still get nothing but a black screen on boot
 * genii-around ponders http://changelogs.ubuntu.com/changelogs/pool/main/p/plymouth/plymouth_0.8.8-0ubuntu7/changelog
<zul> plars:  not sure
<plars> yeah, it almost has to be plymouth, not much else changed
<plars> https://bugs.launchpad.net/ubuntu/+source/plymouth/+bug/1185053
<uvirtbot> Launchpad bug 1185053 in plymouth "Saucy server images do not boot for 20130528" [Undecided,New]
<genii-around> plars: I just pasted your bug report to #ubuntu+1 , but it seems pretty quiet right now in there
<plars> genii-around: desktop builds just landed for today and the automated tests just started up for that. So I suspect we're going to see the same thing there
<plars> I asked here because server was all I had at the moment, and also because I figure the server people would care too :)
<zul> Daviey:  ping
<irv> what rsync flag can i use to include hidden files?
<irv> like ones with a period in front
<irv> i did rsync -azvv /dir1 /dir2
<irv> but the .htaccess and other hidden files aren't included
<zul> yolanda:  ping https://code.launchpad.net/~zulcss/python-glanceclient/pbr/+merge/166069
<plars> genii-around: doesn't appear to be plymouth, the desktop image install is progressing
<genii-around> Odd.
<soren> irv: When I call rsync like that, it certainly includes hidden files.
<mardraum> dotfiles...
<Daviey> zul: hola
<zul> Daviey:  can you de-binary new python3-testtools please and can you promote python-pbr and python-d2to1 as we
<zul> er...as well
<zul> Daviey:  (pbr) https://bugs.launchpad.net/ubuntu/+source/python-pbr/+bug/1183826 (d2t1o)https://bugs.launchpad.net/ubuntu/+source/d2to1/+bug/1183825
<uvirtbot> Launchpad bug 1183826 in python-pbr "[MIR] python-pbr" [Critical,Fix committed]
<Daviey> zul: ok
<zul> Daviey:  merci buckets
<TheLordOfTime> Daviey:  the server meeting, it started in -meeting?
<Daviey> TheLordOfTime: yes
<TheLordOfTime> eesh i'm late!  o.O
<resno> a server on a vm has gone read-only. i see fstab has been renamed to fstab.old.0 for some reason. is it best to boot with a live cd and rename and see what happens?
<TheLordOfTime> resno:  i'd say dig around in the logs if you can and find out WHY it went ro in the first place
<TheLordOfTime> but idk what logs that'd be
<Daviey> roaksoax: I just sent you a mail with another patch for Piston
<resno> the fstab being renamed isnt reason enough?
<Daviey> roaksoax: Sorry, should have raised this with you before you uploaded the current one
<zul> yolanda:  one more https://code.launchpad.net/~zulcss/glance/glance-ftbfs/+merge/166106
<roaksoax> Daviey: had already merged that one!
<roaksoax> applied*
<zul> hallyn_:  sorry which ppa for qemu again?
<Daviey> roaksoax: super
<Daviey> roaksoax: yeah, it got mailed to Gavin and I
<roaksoax> Daviey: cool :)
<Womkes> which windows tool would you recommend for making an bootable usb key for ubuntu server?
<sarnold> Womkes: I've not tried to 'dd' the server images, but I would expect that to work. if you can find a windows equivalent of dd, that'd be my choice...
<hallyn_> zul: ppa:serge-hallyn/virt
<zul> hallyn_:  thanks
<zul> hallyn_:  if it breaks im coming after you :)\
<hallyn_> i appreciate that :)
<adam_g> jdstrand, ping
<jdstrand> adam_g: hey
<adam_g> jdstrand, re https://bugs.launchpad.net/nova/+bug/1177830, upstream's patch that you correctly applied to the quantal/folsom package may have introduced a bad regression.
<uvirtbot> Launchpad bug 1177830 in nova/grizzly "[OSSA 2013-012] Unchecked qcow2 root disk sizes" [Critical,Fix committed]
<adam_g> jdstrand, https://bugs.launchpad.net/nova/+bug/1183606
<uvirtbot> Launchpad bug 1183606 in nova/folsom "qcow image support broken in stable/folsom nova compute" [Critical,Fix committed]
<adam_g> jdstrand, confirming that it affects the quantal package. i hit it now trying to verify our SRU that was rebased to include that fix
<adam_g> (that fix == the security update)
<jdstrand> adam_g: ack, so you are asking that I apply this patch for -security and you'll apply it for your SRU?
<adam_g> jdstrand, not sure how this would be handled. if you are able to repair the regression via quickly -security, i can rebase our SRU to include the additional fix
<jdstrand> I can do that
<jdstrand> does it only affect 12.10?
<adam_g> jdstrand, yes, i believe the regression only hit 12.10 (folsom)
<jdstrand> adam_g: I backported this patch to 12.04, has anyone tried it there? what are the exact steps to reproduce?
<adam_g> jdstrand, i just manually tested that patch against a regressed cluster and confirmed the fix
<jdstrand> adam_g: sure, is there someway I can test it? what about 12.04?
<adam_g> checking essex now, one moment
<adam_g> you can test by simply trying to spawn an instance.
<jdstrand> that seems odd
<jdstrand> that was something I tested
<adam_g> the check of qcow image size happens too early
<adam_g> for images that have not already been cached local on the compute node
<jdstrand> well, I can visually inspect the patch for nova
<jdstrand> precise that is
<adam_g> jdstrand, the bug will go unnoticed if the image has already been booted on the compute node
<jdstrand> right, I thought I tested for that, anyhoo
<jdstrand> I can push these out
<jdstrand> adam_g: I'd appreciate if you could check if essex is affected though
<adam_g> jdstrand, checking now
<jdstrand> adam_g: actually, I think it is not affected
<adam_g> jdstrand, 13.04 should be okay too, i've already verified our SRU that was rebased /w that qcow image size patch
<jdstrand> adam_g: I remember now. when writing my patch, I noticed the behavior you described
<jdstrand> essex doesn't have prepare_template
<adam_g> nop[e
<jdstrand> so I did this:
<jdstrand> if os.path.exists(cow_base) and size < disk.get_image_virtual_size(cow_base):
<jdstrand> 12.04 should be fine
<jdstrand> 12.10 I probably just had a cached image and didn't think to remove it
<adam_g> ya. grizzly/13.04 calls prepare_template() appropriately.  looks like quantal / folsom is the only affected
<jdstrand> adam_g: I'll get that out today
<adam_g> jdstrand, thanks a bunch
<jdstrand> adam_g: np, thanks for letting me know and sorry about the regression
<adam_g> jdstrand, definitely not your fault ;)
<zul> hallyn_:  +1
<zul> adam_g:  its my fault isnt it?
<hallyn_> zul: woohoo.  thanks for testing.  i'll push ina  few hours
<hallyn_> zul: ftr, were you testing -1 or -2?
<adam_g> zul, not unless you're volunteering
<zul> hallyn_:  1.5.0+dfsg-1ubuntu1~ppa2
<zul> adam_g:  i always volunteer
<hallyn_> zul: ok.  -2 probably asn't built yet.  but really should be basically the same
<zul> hallyn_:  i just did a basic smoketest
<hallyn_> yeah, still waiting ot build
<hallyn_> ok thx - ttyl
<hallyn_> stgraber: did you have anything you wanted to push into saucy lxc in the next few days?
<stgraber> hallyn_: nope, I uploaded what I had this morning
<hallyn_> stgraber: what do you thinka bout doing a monthly merge from upstream into saucy?
<stgraber> hallyn_: I'd prefer we do alpha milestones upstream and then get that into saucy, feels better than pulling some random version from git
<hallyn_> ok.  i just don't want to end up with too many patches upstream that aren't in saucy
<zul> adam_g:  frig http://10.189.74.7:8080/job/backport_package/108/console
<adam_g> zul, ?
<zul> adam_g:  trying to backport subunit to precise
<adam_g> zul, when did the --shebang option get added to dh_python3? might need to backport that and make it available in the build schroot
<zul> adam_g:  yeah checking
<adam_g> zul, ... and that version requirement should be reflected in debian/control
<fhf> Hi all I have trouble with iptables firewall. It doesnt allow FTP in (FTP hangs during receiving directory listening) i use pure iptables -A INPUT -p tcp --dport 20 -j ACCEPT and iptables -A INPUT -p tcp --dport 21 -j ACCEPT
<adam_g> zul, when you get a sec can you please take a look at the following. they address issue that prevent most of havana from actually installing
<adam_g> https://code.launchpad.net/~gandelman-a/ubuntu/saucy/nova/depends/+merge/165524
<adam_g> https://code.launchpad.net/~gandelman-a/ubuntu/saucy/python-quantumclient/depends/+merge/165523
<adam_g> https://code.launchpad.net/~gandelman-a/ubuntu/saucy/cinder/paramiko_vers/+merge/165522
<sarnold> fhf: do you need OUTPUT rules as well?
<zul> adam_g:  +1ed
<adam_g> thanks
<fhf> sarnold: I have iptables -A OUTPUT -j ACCEPT so it's not needed is it?
<sarnold> fhf: okay, I think that covers it. :)
<fhf> sarnold: oh I forgot to load "modprobe ip_conntrack_ftp" thats solves the problem, thx anyway ;)
<sarnold> fhf: ah! :) thanks :)
<irv> how can i allow php applications to use mail() on ubuntu server 13.04
<irv> default LAMP setup
<sarnold> irv: iirc, there's two ways, a pear-contraption that does smtp itself, and installing a local smtp server (e.g. postfix or exim)
<irv> sarnold: the box is only hosting our sites, and it's only 1 or 2 of them that will be needing to send mail
<irv> so probably a local smtp is fine, but what's the best lightweight one?
<irv> only used for sending the mail for that one site or whatever
<greppy> irv: if all it has to do is send out mail, pretty much any of them will work.  Pick the one that you know the most about or that your team knows the best.  If it is my choice it is almost ALWAYS postfix :)
<hallyn_> Daviey: so many approved blueprints, but I notice https://blueprints.launchpad.net/ubuntu/+spec/servercloud-s-virtstack is not one of them :(
<hallyn_> ahs3: btw, regardnig my netcf email, the debdiffs he attached to the bugs look simple enough so if you want to quicklyi test+upload that's fine.  otherwise i'll test tonight
<guma> I am having problem receiving multicast data. I have static route from muticast added. ufw is disabled and no iptables rules. When I send mcast data I can see it on specific interface in tcpdump. But I can receive. Is this some firewall issue?
<ahs3> hallyn_: one step ahead of you -- just uploaded
#ubuntu-server 2013-05-29
<hallyn_> ahs3: awesome, thanks
<jdstrand> adam_g: fyi, https://launchpad.net/ubuntu/+source/nova/2012.2.3-0ubuntu2.2
<adam_g> jdstrand, great, thank you
<jdstrand> sure thing
<monokrome> Hey. Does anyone know how I can tell UFW to always allow anything that comes from localhost?
<sarnold> monokrome: try 'ufw allow from 127.0.0.1 to 127.0.0.1'
<monokrome> will
<monokrome> ufw allow 127.0.0.0
<monokrome> allow the entire 127.0.0 network?
<monokrome> Technically those are all localhost, so that'd be best
<RoyK> 127.0.0.0/8 perhaps
<RoyK> rarely a need to deny anything from localhost
<monokrome> I'm not even sure if ufw blocks localhost
<RoyK> monokrome: try iptables -vnL
<RoyK> it shouldn't
<monokrome> RoyK: Everything is on 0.0.0.0
<monokrome> So, unless localhost doesn't hit iptables then it does
<RoyK> I don't think localhost goes through iptables
<monokrome> okay
<monokrome> Thanks :)
<RoyK> the input chain is usually bound to a nic
<RoyK> and lo isn't really one
<monokrome> hmm
<RoyK> that is, ufw has an accept for all -i lo and -o lo
<RoyK> my bad
<monokrome> :}
<monokrome> I was pretty sure that lo was a virtual interface
<monokrome> so it looked like a devikce
<monokrome> device*
<monokrome> IE, `ip addr` shows it
<RoyK> it's virtual, but somewhat real
<monokrome> right...
<monokrome> There isn't a piece of hardware on your computer that it's using to make the connection is what I'ms aying
<monokrome> There's a virtual device in /dev/ that acts like it's a piece of hardware
<monokrome> but probably just funnels things through unix sockets or something similar
<RoyK> monokrome: network devices aren't in /dev
<RoyK> for som odd reason
<tohuw> When implementing an OpenLDAP server in an existing server infrastructure, is the general expectation that you will migrate existing local users to LDAP inetorgperson entries?
<tohuw> If I am configuring OpenLDAP on my already established server, ought I consider migrating local accounts to LDAP accounts? If so, what is the migration process?
<adam_g> Daviey, there's a new nova in queue for quantal-proposed (nova 2012.2.4-0ubuntu3) which is another rebase to include a new security update (which is a fix for a regression introduced in the last security update we rebased on)
 * sarnold grabs a whiteboard to diagram that sentence..
<adam_g> Daviey, that should trump whats in quantal-proposed for nova currently (ubuntu2). also, verification done on bug #1179626
<uvirtbot> Launchpad bug 1179626 in quantum "Meta bug for tracking Openstack 2013.1.1 Stable Update" [Undecided,Fix committed] https://launchpad.net/bugs/1179626
<tohuw> If I am implementing an OpenLDAP server into an existing single-server infrastructure, ought I consider migrating local user accounts to LDAP? There are only ~5 or so I care about, but I am uncertain how to cleanly migrate these, as each of these users have home directories and own files outside of their home, have certain server rights, etc.
<tohuw> (by "certain server rights" I really mean they are members of local groups conferring privileges such as access to sudo or ability to ssh in)
<sarnold> tohuw: find can help you find files owned by some userid, -exec chown to change the owner..
<sarnold> tohuw: (a) the inconsistency would annoy me :)  (b) I've heard it is sometimes useful to have local users in case the server goes down..
<tohuw> sarnold: So, just remove the old user, create the new user in LDAP, and chown as needed? That feels too simple...
<sarnold> tohuw: you could probably keep the old user around until after chowned..
<tohuw> Yeah, I'd definitely keep a local user in case slapd went banannas.
<tohuw> sarnold: even if they have the same name?
<sarnold> tohuw: heh, I spent a very confused few hours to find out that an ldap "sarnold" had a different userid than a local account "sarnold", and nfs didn't care about names...
<tohuw> sarnold: really? I was aware the uids would be different (I just finished reading about that), but the system lets you dupe usernames? That seems somewhat insane
<tohuw> Do new ldap accounts get a home directory and follow other useradd procedures when they are created?
<sarnold> tohuw: well, it was a decade back. perhaps things have improved. :)
<tohuw> sarnold: fair enough! :P I guess I could try it on my dev server... what's the worst that could happen? (famous last words)
<sarnold> tohuw: hehe
 * tohuw has parted: all local accounts purged. Executing rm -rf /...
<sarnold> hehehe
<tohuw> Somewhat related: http://qntm.org/suicide
<tohuw> Okay, more tinkering with LDAP tomorrow. Bed time
<tohuw> thanks for the input, sarnold.
<sarnold> goood night, good luck tohuw :) sorry I didn't have concrete answers..
<Daviey> hallyn_: smsoer, jamespage and myself are re-reviewing them all today
<jamespage> Daviey, morning
<jamespage> Daviey, post lunch review?
<Daviey> mornin' jamespage
<jamespage> zul, I think we may need to upgrade ovs to 1.10.0
<jamespage> backporting fixes for the 3.9 kernel to 1.9.0 is proving awkward (lots of code changes in the newer version)
<jamespage> giving it a test now.
<zul> jamespage:  ack
<zul> jamespage:  im having problems with this can you have a look please http://10.189.74.7:8080/job/backport_package/118/console
<jamespage> zul, you can't backport twice
<jamespage> zul, as the checksum changed and reprepro rejects the inclusion
<zul> jamespage:  yeah the problem is i already blew away the deb
<jamespage> same is happening in the PPA on upload
<jamespage> zul, how?
<zul> rm'ed it
<jamespage> zul, please 'man reprepro' in future
<zul> jamespage:  yeah sorry about this
<jamespage> you have removed the deb but not the entries from the packages lists
<jamespage> zul, ok fixed
<zul> jamespage:  cool thanks
<hXm> i have a binary program which uses a library that is in a different path
<hXm> but when i use ldd i see the missing library but not the current path
<hXm> how to see the path?
<GH0> How am I supposed to disable the KDE Wallet service for a user if one doesn't exist in the Account Details page? http://i.imgur.com/Cdqm4N6.png I don't see anything about disabling the service via cli either.
 * ogra_ wonders how that is server related
<ogra_> GH0, try asking in a kubuntu channel instead
<amkei> hello, is here the right place to solve specific problems? in my case a crashed system/boot problem?
<GH0> ogra_, I am on ubuntu-server and installed a slim-down copy of kde,  but unfortunately that installed along with it. Which is why I thought to ask in here. I can ask there though.
<amkei> after a fsck-repair-operation where some blocks and nodes changed wasnt my system able to boot.
<ogra_> GH0, i think your chances to get support for a GUI app are better over there, yes :)
<amkei> before the grub-screen I got a short message "error: invalid environment block", then comes the grub-screen.
<amkei> if I choose my default entry the boot process hangs up, if i choose recovery-mode the console says "Kernel panic - not syncing: Attempted to kill init!"
<amkei> hm, seems to be the wrong place...sry, I'll ask in #ubuntu
<zul> jamespage:  do you have some time to review heat/heatclient changes later this week?
<jamespage> zul, either today or next week
<zul> jamespage:  next week it is then (i havent started it yet)
<jamespage> zul, OK - I have a ovs 1.10.0 upload prepped and tested OK; I've pinged upstream for some verification that this is the best way forwards
<jamespage> zul, fwiw 1.10 drops support for the brcompat module - I think its a good thing todo this now rather than right on the LTS release next cycle
 * jamespage goes for coffee
<zul> jamespage:  cool
<jamespage> rbasak, hey - remind me again where your patch for mongodb 2.4.x is again
 * jamespage <- brain fell out last week again
<RoyK> hm... in my zfs days, I learned a typical 7200rpm disk can deliver something like 120iops, but when I monitor my raid disks with iostat, I see far higher tps numbers than that
<jamespage> RoyK, read caching maybe?
<RoyK> or NCQ...
<RoyK> not much read caching on rebuilding a raid, last I checked
<_ruben> 120iops is max fully random .. linear max is much higher
<_ruben> less seeking, less latency, more stuff done in same amount of time
<zul> jamespage:  did your brain get slippery when it fell out?
<al-maisan> hello there! Is there a way to see actual cloudinit errors; all I get to see now is: http://paste.openstack.org/show/37866/ and that does not help :(
<hXm> someone using bitcoin?
<BlackBoxCoder> hi :)
<BlackBoxCoder> I have a little question: I use apache2 and created a subdomain via virtual hosts. after this i put some content to the subdomain. after this I uploaded a .htacces file. now i cant access die subdomain anymore. have i to configure the apache service?
<BlackBoxCoder> die = the
<sarnold> BlackBoxCoder: did you reload the apache configuration?
<BlackBoxCoder> ohhh i dont think so
<BlackBoxCoder> one second please
<RoyK> apache config shouldn't matter for an .htaccess file (two s-es). but you could check the apache error log
<sarnold> RoyK: .. but if the config with the new subdomain was never loaded, it'll never even bother lookin for the .htmlaccess ...
<sarnold> err. yes.
<sarnold> me tip gud.
<hXm> hi, in my server using dpkg --get-selections i see some x11proto-* packages, do i really need them? or how can i see if some daemon is using those dependences?
<BlackBoxCoder> thanks for your help, i will have a look :) *thumbs up*
<sarnold> hXm: you can just apt-get purge those packages, it will complain if something else requires them
<hXm> im scared, i wont break anything
<hXm> i'll take a coke for this
<sarnold> hXm: .. of course, you might have installed something that requires them outside of the packaging system..
<sarnold> hXm: (for example, I don't have any *x11*proto* packages installed on my laptop.)
<hXm> yes, i understand what you mean
<hXm> i just unnistalled some packages and now i am not sure if thats related or not
<hXm> i will just try
<adam_g> zul, http://people.canonical.com/~agandelman/ca/folsom/2012.2.4_rebase/nova_2012.2.4-0ubuntu3~cloud0/
<zul> adam_g:  +1
<adam_g> zul, http://status.qa.ubuntu.com/reports/ubuntu-server/cloud-archive/havana_versions.html
<adam_g> zul, the CA pockets will remain empty till the ca havana pockets show up at http://ubuntu-cloud.archive.canonical.com/ubuntu/dists/precise-proposed/ and precise-updates
<zul> adam_g:  cool thanks
<adam_g> zul, wait a minute, that report is wrong
<zul> ?
<adam_g> zul, wait, nevermind. its right, kinda. havan-staging is just mostly a snapshot of the grizzly staging PPA, so it looks wonky atm
<zul> heh ok
<zul> adam_g/yolanda/jamespage/Daviey: always happy to share the pain https://code.launchpad.net/~zulcss/heat/heat-refresh-ubuntu-style/+merge/166337
<zul> adam_g:  python-keystoneclient 0.2.4 just got released can you have a look please? https://code.launchpad.net/~zulcss/python-keystoneclient/0.2.4/+merge/166343
<hXm> i have disabled ipv6 in sysctl.conf and ran sysctl -p, but there are still some tcp6 sockets alive
<hXm> i did restart networking too
<sarnold> hXm: if you kill all the tasks with those sockets open, probably you can get to 0 open ipv6 sockets again, and stay that way
<zul> adam_g:  ping https://code.launchpad.net/~zulcss/python-keystoneclient/0.2.4/+merge/166343
<adam_g> zul,  gettin there
<zul> k
<adam_g> Daviey, if you're still around, what was the motivation behind dropping the markdown dependency to begin with. re: https://bugs.launchpad.net/ubuntu/+source/cheetah/+bug/1183634
<uvirtbot> Launchpad bug 1183634 in cheetah "cheetah pkg does not depend on markdown, but egg requires.txt does" [High,Triaged]
<Daviey> adam_g: I think it was just that during that cycle we were overwhelmed by MIR's, and at that time we didn't need MD support
<Daviey> adam_g: but now, removing the delta with Debian seems smarter.. i think.
<adam_g> Daviey, okay, i guess we can work around it in the meantime with an openstack patch
<blenderman_> are ubuntu sharing options secure?
<adam_g> (while MIRs are in-flight)
<blenderman_> like on ubuntu desktop
<Daviey> adam_g: yeah, interim patches sound smart TBH
<Daviey> Being able to get H-1 out is more pressing IMO
#ubuntu-server 2013-05-30
<flaccid> smoser: any thoughts on this https://dpaste.de/Jk89B/ ?
<centaur5> Is there anywhere that I could see an error log or hint as to why my Ubuntu install infinite reboots and doesn't even show a grub menu or error? I did run the boot repair disc and it claimed to be successful.
<histo> centaur5: did you test the disk?
<histo> centaur5: enable console mode and watch the messages fly by
<centaur5> The drives test good. I did have to fsck all the partitions because it didn't successfully shut down.
<centaur5> This claims it all repaired fine http://paste.ubuntu.com/5715473/
<centaur5> I'm just wondering if somewhere grub keeps any kind of logs so I can troubleshoot.
<centaur5> histo, can I enable console mode in a live disc then see errors?
<histo> centaur5: what is looping the live cd or the hard drive?
<centaur5> hard drive
<centaur5> live CD boots fine
<histo> centaur5: what version of ubuntu?
<centaur5> 10.04
<histo> centaur5: You said something about you had to fsck because the drives were unmounted or something what do you mean?  Is this a new install?
<centaur5> No, capacitors on the mb died so I fixed them but then on boot it complained about needing to manually run fsck so I booted into live and did fsck on all the partitions.
<centaur5> Ever since running fsck on the partitions it loops before booting grub.
<centaur5> Before grub was at least booting the OS but failed to mount the partitions. Silly that an improper shut down was so unforgiving.
<histo> centaur5: I would be more suspicous of your MB and the "fix" you did
<centaur5> ha, I'd agree if it wasn't making it into a live CD just fine.
<histo> centaur5: That doesn't mean you are using the same controller the hard disks are on
<centaur5> Dedicated Adaptec raid card. 4 drives in a raid 5.
<histo> centaur5: is the cdrom plugged into it?
<centaur5> cd drive is onboard. I figured the capacitors north of the cpu wouldn't have anything to do with the southbridge though.
<histo> centaur5: Also why are you installing 10.04 ?
<centaur5> This server has been in production for 2.5 years with 10.04.
<centaur5> I literally received my new hardware today for my new servers that will have 12.04 but I need this 1 running for at least a few weeks so I can learn how to do an HA cluster with the new ones.
<histo> centaur5: No idea I would boot a live cd and check your menu entries and look for a force fsck file in / or whereveer
<centaur5> histo, Alright, thanks for the response now I know there's really not much more troubleshooting I can do.
<centaur5> histo, Just discovered my problem. I forgot to change my ROM boot setting for my raid card in the BIOS after it reset because of the capacitor change. However, it's still complaining about fsck on the partitions even though I ran it from the live disc.
<czi_> Hey
<czi_> Where can I find info on how to remove root password requirement for booting in single user mode?
<histo> what?
<histo> czi_: single user mode there should be no root password
<Senor> what is the env varible name for library path?
<Senor> in ubuntu
<czi_> histo: Single user mode / recovery mode
<czi_> It sure is password protected in the later ubuntu versions
<histo> czi_: so what is it you uwant to do?
<histo> czi_: It's protected with the user you installed with's password then. Root has no password
<histo> czi_: if you are trying to change your pass boot a live cd chroot and passwd bob
<czi_> histo: I want to remove the password protection
<czi_> histo: I know how to boot up the server and change password, I do have the root password. But I want to remove the protection for future use ...
<czi_> From the documentation: "If you decide to set a root password, you will be prompted for it in rescue mode."   But I dont wanna be prompted for it!!! :)
<histo> czi_: then you'd have to remove it to not be prompted
<histo> czi_: edit the recovery mode kernel line to rw and add init=/bin/bash
<histo> czi_: actually you may not even need to change ro to rw just add init=/bin/bash
<czi_> I don't want to remove my root password
<histo> czi_: then add init=/bin/bash to end of kernel line
<czi_> histo: Thanks
<histo> czi_: np
<zastaph> how would you log new incoming and/or outgoing connections? netstat and various tools only monitors in realtime the current state. I'd like a log of each unique new connection and their PID.
<patdk-lap> connections have pid's?
<patdk-lap> zastaph, hmm, you have heard about the firewall? iptables?
<zastaph> sure, i've been looking for an application level firewall and tried most without any luck
<zastaph> iptables has some LOG mode that I didn't quite investigate yet.. seems complicated :)
<zastaph> watch -n 1 "netstat -tpanl | grep ESTABLISHED"
<zastaph> that displays all new connections and their PID
<zastaph> but in realtime.. i'd rather have a log
<zastaph> to setup iptables, ufw, apparmor, first you need some intel about what needs your applications have
<smoser> flaccid, i'm not sure about what went wrong for netdev_info and route_info (proably more information in /var/log/cloud-init.log . maybe)
<smoser> but the subprocess that failed there was initctl. i suspect this is not ubuntu, in which case you'll need to set 'cc_ready_cmd'
<smoser> in cloud-config
<Daviey> zul / yolanda: Hey, can you both look spec out https://blueprints.launchpad.net/ubuntu/+spec/servercloud-s-server-app-banner-updates please?
<yolanda> hi, ok
<Daviey> zul: & https://blueprints.launchpad.net/ubuntu/+spec/servercloud-s-openstack-pkg
<zul> eff
<yolanda> i have to check with zul, i have few idea of it
<Daviey> & servercloud-s-openstack-hypervisor
<Daviey> zul: catch up :)
 * zul will propose less blueprints next time
<Daviey> zul: heh, take a look at all of them :)
<Daviey> zul: if you want to share the burden a bit more, that is possible.
<zul> Daviey:  can we fold the openstack-pkg blueprint into the openstack blueprint since it was more of a are we going to switch to git
<Daviey> zul: yeah, that might make sense
<Daviey> zul: mind you, servercloud-s-openstack-havana is chocked
<zul> Daviey:  ill add the work items to the openstack
<zul> Daviey:  its always is
<Daviey> heh
<yolanda> Daviey, should i add the openstack packages to the dep-8-tests blueprint?
<Daviey> yolanda: i think so, what do you think zul ?
<zul> Daviey: sure
<RoyK> Trying to sort out bug 1171945 - can someone help me understand where MD raids are assembled?
<uvirtbot> Launchpad bug 1171945 in mdadm "Nested RAID levels aren't started after reboot" [Undecided,Confirmed] https://launchpad.net/bugs/1171945
<zul> although checking to see if the help message runs is not much of a test but hey what are you going to do
<Daviey> zul: it checks more than it appears
<Daviey> xnox: Hey, are you able to look at the issue RoyK raised ^ ?
<xnox> Daviey: yes. I have.
<zul> Daviey:  what did you want me to do with hypervisors?
<Daviey> zul: take a look at the Wi's and whiteboard to make sure the content is accurate and complete
<zul> is is
<pythonirc1011> We need to run an email server. How hard is it to configure one in ubuntu?
<pythonirc1011> its very light emailing we need. Perhaps there is a better solution than running our own mailserver?
<jcastro> https://help.ubuntu.com/12.04/serverguide/email-services.html
<pythonirc1011> jcastro: https://help.ubuntu.com/community/Postfix  - was reading this
<pythonirc1011> but it seems even setting up postfix is non-trivial correctly
<pythonirc1011> I tried sending emails using gmail, but it starts complaining that we should use a web browser
<jcastro> you probably want to search for something like "postfix smtp relay through gmail"
<pythonirc1011> jcastro: well gmail screwed us up once. When we use smtp from gmail, after 5 emails, it starts complaining : SMTPAuthenticationError: (534, '5.7.9 Please log in with your web browser and then try again. Learn more at\n5.7.9Â https://support.google.com/mail/bin/answer.py?answer=78754\n5.7.9Â {WEBLOGINREQUIRED}Â ...
<pythonirc1011> jcastro: Perhaps this used to work in 2008: http://ubuntu-tutorials.com/2008/11/11/relaying-postfix-smtp-via-smtpgmailcom/ - am not sure Gmail will put a captcha at some point on this solution?
<patdk-wk> pythonirc1011, how can you put a *captcha* in that solution?
<koolhead17> Daviey: lol
<Daviey> koolhead17: ?
<pythonirc1011> jcastro: is postfix the way to go for emails? or is there a better alternative by now?
<Daviey> pythonirc1011: still the best.
<jcastro> it's the default for a reason. :)
<pythonirc1011> jcastro: If I setup postfix relay + gmail = captcha trouble at some point, isn't it?
<jcastro> I think at this point you should probably just do postfix standalone
<jcastro> or use an SMTP relay service
<Daviey> Debian is also in discussions if they should switch from exim to postfix.
<jcastro> http://aws.amazon.com/ses/faqs/ for example
<maxb> Postfix is a sensible option for simpler setups. Exim is a great MTA if you need to do weird and wonderful things with your mail processing pipeline.
<Daviey> pythonirc1011: i don't think they put captcha on imap, pop3 or smtp
<jcastro> depends on how comfortable you are with postfix
<pythonirc1011> http://www.authsmtp.com/auth-smtp/pricing.php - I wish there base was free
<jcastro> you likely won't find any free service offering smtp relay, heh
<Daviey> maxb: I'm not trolling, but have an example where exim excels where postfix lacks?
<pythonirc1011> Daviey: http://ubuntu-tutorials.com/2008/11/11/relaying-postfix-smtp-via-smtpgmailcom/ - is this going to be reliable?
<Daviey> pythonirc1011: worth a try :)
<pythonirc1011> I don't care about speed/accuracy...only care about ease of use + reliability + spam filtering.
<Daviey> pythonirc1011: i'd try it :)
<pythonirc1011> Daviey: I tried using gmail email send/receive using python - blasted on my face. When we use smtp from gmail, after 5 emails, it starts complaining : SMTPAuthenticationError: (534, '5.7.9 Please log in with your web browser and then try again. Learn more at\n5.7.9Â https://support.google.com/mail/bin/answer.py?answer=78754\n5.7.9Â {WEBLOGINREQUIRED}Â ...
<Daviey> interesting
<Daviey> didn't know it did that
<maxb> Daviey: Configuring a complex set of Exim routers, mainly. Postfix seems to be all about setting up particular options. Exim's approach of plugging bits of logic together in a given order feels more able to deal with complex stuff
<lamont> Daviey: Tower of Hanoi is doable in exim, not so much in postfix.  your choice as to which this argues for
<pythonirc1011> wish I could do : sudo -i; apt-get install emailserver; emailserver.configure --domain = "mydomain.com"  :)
<pythonirc1011> which is easiest to use : sendmail/postfix/exim/...?
<Daviey> maxb / lamont: So it's possibly a familiarity issue? :)
<jcastro> don't even put sendmail on the table
<lamont> pythonirc1011: I have a definite bias towards postfix, but then I've maintained it for 16 years
<Daviey> wow, is it that long?
<pythonirc1011> lamont: Maybe you can hand hold me for my install then :)
<lamont> Daviey: since the alpha days
<lamont> actually, I think we have a couple of months before we hit 16 years proper
<maxb> Daviey: *Partially* maybe. But even as an experienced Exim admin, intent on seriously investigating Postfix, I couldn't figure out how to get it to approach that sort of thing, whilst staring at the docs
<lamont> 0.0.1998121-0 was packaged Fri, 11 Dec 1998 22:31:37, but I kinda accidentally replaced sendmail with it in production about july of 1997, iirc
<pythonirc1011> lamont: so for installing postfix for one domain - + want spam filtering + want to auth anyone who wants to send email thru the server - you've a list of commands for me?
<Daviey> maxb: I admit to being heavy on google juice whilst configuring a complex postfix.
<lamont> Daviey: exim is certainly able to do more things than postfix.  Postfix picked a particular target and went for "do that well".  If you get too far in to the rough, exim is going to be better every time.  OTOH, these days, you have to go a ways to get into the rough that far
<maxb> My main objection to it is that I've been unable to find a decent explanation of a mental model to understand its inner workings. Whereas, with Exim, just reading the routers section of the config file gets you pretty close
<lamont> pythonirc1011: I'd have to send you to one of the howtos
<maxb> I have entertaining requirements like "If the mail contains a text/calendar MIME part, deliver an extra copy somewhere else"
<lamont> maxb: lots of little daemons that do one thing and only one thing, strung together to make a mail server.  That stringing makes it more complicated in some ways, and trivially nice in others.  It also means that reviewing it for security is much much simpler
<lamont> maxb: reading exim config files makes my brain hurt. OTOH, that's probably a cyclical thing since I avoid making my brain hurt when possible
<pythonirc1011> lamont: web link please? + ubuntu
<lamont> Daviey: I think you know all the good ubuntu howto links for postfix better than I do...
<Daviey> you'd think so...
<maxb> Exim isn't simple, I agree. It shines when you *want* an MTA that isn't simple :-)
 * lamont feels more like an upstream for postfix than a core-dev
<lamont> maxb: fact
<Daviey> ScottK and ivoks, spent a bunch of time on mail-stack-delivery package
<pythonirc1011> can I ask postfix questions here? :)
<Daviey> That should try and simplify the common use cases
<ScottK> Daviey: Great.  It's needed some help for awhile.
<ScottK> pythonirc1011: Yes.
<lamont> pythonirc1011: sure.  every now and then, I even let myself get sucked into the conversations...
 * lamont goes back to what he's supposed to be doing, since ScottK is here
<ScottK> No!!!!  ScottK goes back to what he's supposed to be doing first.
<pythonirc1011> I've a domain name "example.com". And want postfix to handle all emails to *@example.com.  What should "System mail name" be?
<Daviey> pythonirc1011: does http://www.placedusoleil.net/node/6 help?
<ScottK> Those are unrelated.
<ScottK> System mail name is the name of the server.
<pythonirc1011> Daviey: I don't have an active directory setup. How hard is that to setup?
<pythonirc1011> ah! Windows  - nope
<ScottK> The mydestination parameter in /etc/postfix/main.cf is what controls what domains are considered as local domains for delivery.
<pythonirc1011> Is there a way to hardcode in a text file : "x@example.com" - forward it to "why@gmail.com", ... , "*@example.com" - forward it to "z@zz.zzz"?
<pythonirc1011> ScottK: master.cf?
<ScottK> No, main.cf
<ScottK> Yes.
<pythonirc1011> how?
<pythonirc1011> Perhaps this can be modified for my purposes: http://www.placedusoleil.net/node/6 ?
<ScottK> I would suggest you join the postfix users mailing list and ask there as they have more people with postfix expertise than we do here.
<pythonirc1011> I just need postfix to mail forward the emails. And I want  a way to be able to use it to send emails by authenticated users.
<ScottK> (I should really be doing work and not messing around on IRC)
<ScottK> pythonirc1011: I'd look at http://www.postfix.org/documentation.html
<ScottK> Most of what you're asking about is pretty standard and is covered in one of the documents linked from there.
<hallyn_> ahs3: d'oh, https://buildd.debian.org/status/package.php?p=netcf
<hallyn_> ahs3: if you're around, we need http://people.canonical.com/~serge/netcf-arch.debdiff to fix the non-lniux arches tryign to build
<hallyn_> ahs3: for the armel and sparc failures, I *think* those were transient
<hallyn_> bc the ifupdown version currently looks to be right on those arches
 * ahs3 otp for a bit...bbiab
<hallyn_> ahs3: np thanks!
<atrius> hello all.. is there a PPA for _recent_ IRC servers aside from ngircd?
<ahs3> hallyn_:  hrm.  i'll add in the patch and re-submit.  hopefully you're right that the other failures are transient
<SpamapS> hallyn_: hey I think I'm hitting bug 1031063 with a nested openstack  nova.. you around to help debug perhaps?
<uvirtbot> Launchpad bug 1031063 in nova "internal error no supported architecture for os type 'hvm'" [Undecided,Confirmed] https://launchpad.net/bugs/1031063
<SpamapS>    domain = self._conn.defineXML(xml)\n', '  File "/usr/lib/python2.7/dist-packages/eventlet/tpool.py", line 187, in doit\n    result = proxy_call(self._autowrap, f, *args, **kwargs)\n', '  File "/usr/lib/python2.7/dist-packages/eventlet/tpool.py", line 147, in proxy_call\n    rv = execute(f,*args,**kwargs)\n', '  File "/usr/lib/python2.7/dist-packages/eventlet/tpool.py", line 76, in tworker\n    rv = meth(*args,**kwargs)\n', '  File "/usr/lib/
<ruben231> hi guys anyone used here tungsten as mysql replicator.?
<hallyn_> SpamapS: lunching, will look shortly
<hallyn_> ahs3: thanks!
<SpamapS> ruben231: I have not, but #mysql has a bunch of people who know about these things.
<RoyK> anyone here that knows where ubuntu 12.04 and later assembles the raid? it's utterly broken for nested raids
<SpamapS> RoyK: initrd
<RoyK> SpamapS: well, where in there?
<SpamapS> RoyK: look at the scripts mdadm puts in /usr/share/initramfs-tools
<SpamapS> RoyK: It should just be pulling the stuff from the disk metadata.
<RoyK> I have, but I can't find anything actually starting the raid
<RoyK> some incremental tuff, but it seems to be broken
<RoyK> normal raids starts well, but nested raids like raid-5+0 won't
<RoyK> SpamapS: bug 1171945
<uvirtbot> Launchpad bug 1171945 in mdadm "Nested RAID levels aren't started after reboot" [Undecided,Confirmed] https://launchpad.net/bugs/1171945
<RoyK> so, tested on lucid, precise, quantal and wheezy - works on lucid and wheezy but not the others
<SpamapS> RoyK: mdadm is *really* broken on ubuntu. I tried for a little while to attack it, but its just a mess.
<SpamapS> RoyK: it doesn't eat your data anymore, but it will often fail to start unfortunately
<SpamapS> RoyK: I think the problem is that Canonical customers aren't mdadm users. :p
<RoyK> SpamapS: well, do you know anything about *what* is broken in the mdadm startup?
<RoyK> AFAIK it's only startup stuff that's broken - other things work well
<RoyK> there were some issues at 12.04.nothing with udev getting a bit stressed, not picking up all the md members, but that was fixed at 12.04.1
<SpamapS> RoyK: for nested, I think it is just assembling wrong. For some of the other issues, it is handling missing disks and stuff that should be ignored as critical errors.
<SpamapS> RoyK: it used to handle those things really wrongly and occasionally wipe out your RAID .. so it's better than it was.
<SpamapS> RoyK: basically what I did was make it more careful. The follow up to that would then be to find the places it is being too careful and handle them properly.
 * RoyK thinks the initial 14.04 should be named 14.04.0 to state that "this is early"
<SpamapS> RoyK: but there is so much rage in the bug tracker, it is hard to weed out the actual data from the vitriol.
<RoyK> well, I don't think there's much in this bug
<SpamapS> RoyK: anyway, xnox has done some work to make it better.. he may have more insight than I do.
<RoyK> SpamapS: still, do you know what actual scripts that does the assembly for the raid? this is from 12.04 and forward, as explained
<SpamapS> RoyK: dpkg -L mdadm , look at the scripts in /usr/share/initramfs-tools
<RoyK> SpamapS: I've talked to him, but he couldn't give me a clear answer - I tried the udev part from wheezy, where it works, but no luck - see the bug
<RoyK> s/bug/bug report/
<SpamapS> RoyK: sorry, I have no interest in mdadm anymore.. no time to see the bug. ;)
<RoyK> please?
<SpamapS> RoyK: ok, I read it. Still nothing to add. :-P
<sarnold> RoyK: heh, there's probably nothing really new in the bug anyhow -- he knows it won't do nested..
<RoyK> shouldn't such a bug be prioritised somewhat higher? I mean - if someone want to build large storage...
<SpamapS> I do recall that the udev rules we have in Ubuntu are wrong and need fixing.
<SpamapS> RoyK: they buy a large storage controller? ;)
<RoyK> SpamapS: same udev rules on debian - works there
<RoyK> SpamapS: wrong answer
<SpamapS> RoyK: my point isn't that nobody wants mdadm. Its that nobody is paying Canonical to prioritize it.
<SpamapS> Paying customers have SAN, built in RAID cards, or gluster/ceph/etc.
<RoyK> which seems rather odd, since canonical seems to be trying to get a larger market share
<sarnold> RoyK: if wheezy's packages work alright on wheezy, why not try the wheezy packages on ubuntu?
<SpamapS> RoyK: Canonical is trying to capture _untapped_ markets like OpenStack deployments and large hadoop clusters. Not home server / SMB server markets.
<RoyK> well, afaik wheezy assembles the raid differently
<SpamapS> RoyK: they won't stand in your way, but you're going to have to put some resources in to get that stuff prioritized.
<yofun> my server wont unrar my rar file correctly
<yofun> it says "failed" all it gives me
<RoyK> yofun: tried 7z?
<yofun> thats a ubuntu package?
<sarnold> yofun: perhaps the file is corrupted, check the sha1sum of the file against a version on another machine that unpacks correctly.
<RoyK> yofun: run 7z - it's a command
<yofun> no other files didnt work either
<RoyK> yofun: p7zip-full is the package
<yofun> -bash: 7z: command not found
<hallyn_> stgraber: ok, so is your host i386, or are you doing i386 host on amd64, and then nesting inside the i386 guest?
<hallyn_> bc i don't think you can nest kvm inside i386-on-amd64 (but i'm not 100% sure on that)
<yofun> atm im useing unrar-free
<RoyK> try 7z
<RoyK> better supported
<RoyK> and takes all sorts of formats
<hallyn_> lemme try on saucy first
<yofun> Extracting  vmaps/Miningsifter01.m2.vmo     Unsupported Method
<SpamapS> hallyn_: you mean SpampaS ? :)
<hallyn_> oh, no, i see, i386 host
<hallyn_> SpamapS: d'oh, yeah.
<SpamapS> hallyn_: i386 host and guest
<SpamapS> I think
<hallyn_> SpamapS: yeah that's what it shows.  sorry, misread at first
<RoyK> yofun: quite possibly a corrupt rar file
<SpamapS> hallyn_: virsh capabilities does show x86_64 .. which is weird
<hallyn_> SpamapS: in the bug virsh capabilities output showed i686
<hallyn_> different machine?
<SpamapS> hallyn_: Linux bootstack-vm 3.5.0-31-generic #52-Ubuntu SMP Thu May 16 16:30:01 UTC 2013 i686 i686 i686 GNU/Linux
 * stgraber ignores the highlight
<hallyn_> stgraber: thanks
<SpamapS> hallyn_: so is this just "i386 can't nest kvm" ?
<hallyn_> SpamapS: i386 should be able to nest.  oh, though /etc/default/qemu-kvm in quantal may still have KVM_NESTED variable defaulting to 0
<SpamapS> hallyn_: or should I set my libvirt_type=qemu ?
<hallyn_> no, defaults to on
<SpamapS> KVM_NESTED=" nested=1"
<hallyn_> SpamapS: this *could* just be the old bug about /dev/kvm not getting chowned right.  can you check ls -l /dev/kvm?
<hallyn_> SpamapS: or, see whether a reboot of the first level guest fixes it?
<SpamapS> # ls -l /dev/kvm
<SpamapS> ls: cannot access /dev/kvm: No such file or directory
<SpamapS> *that* might explain it :)
<hallyn_> SpamapS: d'oh, is it using virtual kernel?
<hallyn_> i thought it started in raring, but maybe quantal also doesn't ship the kvm driver
<SpamapS> hallyn_: generic kernel
<hallyn_> hm
<RoyK> SpamapS: isn't the virtual 32bit kernel with virtualisation now?
<RoyK> erm
<RoyK> SpamapS: isn't the generic! 32bit kernel with virtualisation now?
<SpamapS> hallyn_: what creates /dev/kvm ?
<RoyK> the kvm mod?
<RoyK> modprobe kvm
<hallyn_> really, kvm_intel
<hallyn_> but that should be automaticlaly modprobed at boot
<SpamapS> FATAL: Error inserting kvm_intel (/lib/modules/3.5.0-31-generic/kernel/arch/x86/kvm/kvm-intel.ko): Operation not supported
<SpamapS> [70824.341783] kvm: no hardware support
<genii-around> That doesn't sound good.
<SpamapS> do I need to turn on "vme" and/or "vmx" ?
<SpamapS> looks like my host VM is just not quite right
<hallyn_> SpamapS: what does uname -a show again?
<hallyn_> what does 'kvm-ok' show in the guest?
<hallyn_> and /sys/module/kvm_intel/parameters/nested on the host?
<SpamapS> hallyn_: kvm-ok says no-go
<SpamapS> hallyn_: the vm was not configured with a CPU profile, so vmx is off
<SpamapS> hallyn_: on host nested == Y
<SpamapS> hallyn_: I think I just need to reboot w/ vmx
<SpamapS> or re-configure w/ qemu only
<hallyn_> SpamapS: hm, right, the qemu64 cpu type automatically enables vmx.  the others probably don''t
<RoyK> SpamapS: using ancient hardware?
<soy_el_pulpo> ancient rocks!!! lol
<soy_el_pulpo> ;)
<RoyK> get your old 486 to roll
<RoyK> down the hill, perhaps
<soy_el_pulpo> 386 sx with math-co!!
 * RoyK is reading http://bofh.ntk.net/BOFH/
<SpamapS> RoyK: no, nesting kvm
<RoyK> soy_el_pulpo: heh - the math co was a 386DX, not only the FPU
<SpamapS> RoyK: model name	: Intel(R) Core(TM) i7-3667U CPU @ 2.00GHz
 * RoyK sticks to 64bit these days
<RoyK> eats a bit more memory, but works better
<soy_el_pulpo> jaja, the SX came with a socket where you can add it... if I'm not wrong...
<SpamapS> RoyK: when trying to run a mini openstack across 6-10 VMs on your 16GB laptop.. saving 5% matters. :)
<soy_el_pulpo> the sx came without it... but my board had an additional socket...
 * RoyK has a bunch of VMs on his home server and it only has 8GB (until I plug in the new 8GB)
<RoyK> perhaps time to do that
<soy_el_pulpo> also I got simm slot raisers, I do not how they are called, but it allowed me to ad more than 8 chips...
<soy_el_pulpo> it was crazy...
<hallyn_> SpamapS: can you add "+vmx" to the cpu flags?
<SpamapS> RoyK: right, but I need at the very least 1GB per VM just to start the python monstrosity
<hallyn_> on the host.  (not sure how you're specifying them right now)
<SpamapS> hallyn_: I've done that, but I am trying a few other things before I reboot
<hallyn_> k
<hallyn_> SpamapS: how did you do it?
<SpamapS> hallyn_: in virt-manager :)
<hallyn_> cool
<SpamapS> aaaaand I also need to up the RAM on this VM
<SpamapS> 2013-05-30 18:45:24.109 1373 TRACE quantum.agent.dhcp_agent OSError: [Errno 12] Cannot allocate memory
<SpamapS> doh
<zul> SpamapS:  at least its not java
<SpamapS> zul: nobodyw ould think to try and build a cloud on java...
<zul> hah
<SpamapS> hallyn_: ok, after rebooting w/ vmx we have the hvm capability.. but it seems to.. pwn the guest's CPU
<SpamapS> like, to a level where nothing works anymore
<SpamapS> kernel isn't even responding to arp at this point
<hallyn_> SpamapS: hm, wonder if it would help to allocate hugepages to the first level guest
<hallyn_> are you getting any dmesg info at the host?
<SpamapS> [165124.945856] kvm [1917]: vcpu0 unhandled rdmsr: 0x345
<SpamapS> [165124.948111] kvm_set_msr_common: 22 callbacks suppressed
<SpamapS> [165124.948113] kvm [1917]: vcpu0 unhandled wrmsr: 0x680 data 0
<GrueMaster> Does anyone know why an ubuntu-server (12.04.2) would release/renew it's ip address on reboot?  System is configured for dhcp and submits the hostname to the dhcp server each time.
<SpamapS> hallyn_: so I did the "copy host configuration" button in virt-manager. Trying 'kvm64' now.
<SpamapS> though I suppose kvm32 would be more appropriate
<Chocobo> Hi all.  Is it possible configure a network interface to get an IP from DHCP without also setting nameservers and routes?
<jcastro_> GrueMaster: dhcp server perhaps giving it out as a reservation instead of on-demand?
<Chocobo> sorry, when I say routes I should say "default route"
<GrueMaster> Sadly, we have no control of the dhcp server (Windows based and controlled by an uber paranoid IT group).
<SpamapS> hallyn_: ok, that seems to have fixed it
<hallyn_> SpamapS: sigh, i don't get it.  you copied your nested guest configuration to a new one and that fixed it, or befor you were trying amd64 guest and i386 guest works?
<SpamapS> hallyn_: before I was trying "copy host configuration" in virt-manager, which used "SandyBridge" as my guest CPU config.
<SpamapS> hallyn_: I changed that to 'kvm64' and that seems to ahve worked. I now have a good working nested kvm guest.
<hallyn_> hm, so virt-manager wasn't reading cpu flags right or something?  interesting.
<hallyn_> thanks
<roborino> just got a dell r520 and installed 13.04 server with openssh, however every time I connect to the box shortly after it just disconnects with Write failed: Broken pipe
<sarnold> roborino: how 'shortly'? seconds? near-instantly? minutes? hours?
<roborino> sarnold: within a minute
<roborino> sarnold:  also get ssh: connect to host calvin port 22: Connection refused, but when I look on the console sshd is running
<roborino> sarnold: right now I hit return a couple times, no problem.  Third time I get Write failed:  Broken pipe
<sarnold> roborino: broken pipe makes me think stateful firewall is missing rules to add associated packets...
<sarnold> gotta run now, sorry, but look for ESTABLISHED and firewall rules...
<roborino> enabled ufw allow 22
<roborino> still get Write failed: Broken pipe after about a minute
<thesheff17> no matter what I do I still get libsvn1 (= 1.6.17dfsg-3ubuntu3) but 1.7.9-0ubuntu0~ppa1 is to be installed
<thesheff17> even though the PPA is gone
<thesheff17> any idea what I can do?
<Neozonz> can someone help me conver this .htaccess file into lighttp's url rewrite http://pastebin.com/wh93vjE8
<Neozonz> *convert
<hallyn_> smoser: mjt pointed me to http://mentors.debian.net/package/sgabios   i think you'd like it :)
#ubuntu-server 2013-05-31
<smoser> oh neat, hallyn_
<tohuw> Is there a simple ldapsearch command to enumerate all objects in the directory, with just their cn's and type?
<mi2com> anyone in the Philadelphia, PA region looking for a job?
<mi2com> in a new datacenter
<mi2com> we dont really like ubuntu
<mi2com> but
<mi2com> ...
<mi2com> +its okay :)
<soy_el_pulpo> mi2com: I can move....
<Bitbyte> Any of you guys use a geforce gt 220 on the server ?
<Bitbyte> On Ubuntu 13 ?
<sanderj_> Someone accidentely chown'ed all files in / to the www-data user.. do anyone know if there is a way of changing all permissions on a clean 12.04 os back?
<sanderj_> is it possible to overwrite all permissions or even all files straigt from a ubuntu image?
<freakynl> Hi, if I configure (statically in /etc/network/interfaces) 3 DNS servers for IPv4 and 3 for IPv6 only the 3 IPv4's are picked up
<freakynl> apparently there's a limit of 3 ...
<freakynl> I would need at least 2 on IPv4 and 2 on IPv6, is there any way to do that?
<sanderj_> Would it work to do this to overwrite all files in a os?: debootstrap --arch i386 precise / http://archive.ubuntu.com/ubuntu
<sanderj_> And how do I get the server version with debootstrap?
<Senor> Is there wayes or tools I can monitor the state of a tcp server?
<RoyK> Senor: what do you mean "state"? if it's listening or not?
<Senor> RoyK : network and memory performence
<swaT30> anyone from the Ubuntu OpenStack PPA team around?
<koolhead17> swaT30: i wud assume yes
<swaT30> just would like to see when https://bugs.launchpad.net/quantum/+bug/1169706 is going to be merged into the Grizzly PPA :D
<uvirtbot> Launchpad bug 1169706 in quantum "list floating IPs does not honor port_id filter" [High,Fix released]
 * koolhead17 pokes zul 
<zul> grizzly ppa?
<zul> should already be there now via the cloud-archive
<swaT30> zul: ok, thanks for the heads up! will see if an update fixes this. Do you happen to know what version it was compiled in?
<zul> adam_g:  saucy-havana build deps when you get a chance http://people.canonical.com/~chucks/ca/
<zul> swaT30:  not off the top of my head no
<swaT30> zul: is there anything I could poke through to find out?
<zul> swaT30:  other than the changelogs no
<zul> yolanda:  ping https://code.launchpad.net/~zulcss/nova/2013.2.b1/+merge/166778
<yolanda> hi zul
<yolanda> ok
<zul> yolanda:  just a heads up there is going to be like 7 merge proposals today
<yolanda> fun!
<zul> yeah..
<yolanda> zul, i'm doing the dep-8 tests for nova. I see some packages as nova-volume, nova-ajax, etc... that are classified as oldlibs, and they don't have any content in the package. What are these?
<zul> yolanda:  nova-volume is what cinder use to be called and nova-ajax is a webend front console, you can safely ignore them
<senjin> Hi I am not able to passthrough a pci device in kvm and I keep getting errors in dmesg log "disallowing device assignment. Re-enble with "allow_unsafe_assigned_interrupts=1" module option." Does anyone have any ideas on whats wrong?
<mardraum> did you google that option?
<senjin> Yes and got a sugestion to add it under modprobe.d/ wich resultet in making it inpossible to start vm's at all
<zul> yolanda:  https://code.launchpad.net/~zulcss/keystone/2012.2.b1/+merge/166790
<mardraum> senjin: can you describe exactly what you did that didn't work?
<senjin> Yes I created a new file in /etc/modprobe.d/ and added options kvm allow_unsafe_assigned_interrupts=1 to that file. And after a reboot virsh start vm would not start the vm
<mardraum> I'm no passthru expert, but does this make sense? http://spica-and-roid.blogspot.com.au/2012/07/howto-kvm-passthrough.html
<mardraum> looks like a few extra steps
<zul> yolanda:  https://code.launchpad.net/~zulcss/glance/2012.2.b1/+merge/166794
<hallyn_> jamespage: starting regression tests now with raring qemu with the rbd async flush patch.  could you email me the excerpt of the ping you got from the ceph folks?  (hopefully it includes justification that we can use in an sru)
<senjin> mardraum: Now I cant start the VM again but still no passthrough but I will keep looking
<zul> yolanda:  https://code.launchpad.net/~zulcss/horizon/2012.2.b1/+merge/166796
<yolanda> Daviey, i'm targetting the openstack dep-8 tests to raring, because the openstack-ubuntu-testing is still on raring, am i right?
<zul> yolanda:  half way done https://code.launchpad.net/~zulcss/quantum/2013.2.b1/+merge/166805
<hallyn_> jamespage: http://people.canonical.com/~serge/qemu-rbd-async has the packages
<hallyn_> not sure if you want to do some perf runs
<Daviey> yolanda: Hmm, no - should be saucy
<roaksoax> yolanda: everything that you do applies to the *current* development cycle
<roaksoax> yolanda: this means that the dep-8 tests are for saucy, not for raring
<roaksoax> yolanda: the BP was initially filled for raring, however, since it wasn't done there and you started working on it, you should have retargetted it to saucy
<yolanda> oh i did all the tests for saucy, but i was testing the nova ones against raring
<yolanda> anyway they are working with saucy
<hxm> hello
<yolanda> zul, working with the nova tests i found a bug in nova-spiceproxy. It depends on websockify but the dependency is not listed
<zul> yolanda:  ok
<yolanda> installing websockify by pip gives errors
<yolanda> do we have package for it?
<roaksoax> yolanda: you can check whether we have the packages: packages.ubuntu.com
<roaksoax> yolanda: https://launchpad.net/ubuntu/+source/websockify
<yolanda> i see, we have it, yes, nova-novncproxy is depending on it
<p0wn3d> Anyone know of a good way to document current server settings compared to a default ubuntu server install
<markthomas> p0wn3d: what kind of settings?  Installed packages?
<hallyn_> stgraber: pushed those three patches to staging, thanks
<p0wn3d> configuration settings for services
<p0wn3d> "/etc" will have most of the files and settings but I want to make sure I get them all
<markthomas> p0wn3d: You can check /etc/default, but as for the rest, there is no "good way".  There is no standard way in which services have to define their configurations.  When services use a conf.d directory and the service has been configured in a disciplined way, you can compare that way.  But it's not guaranteed to give you everything you need.
<p0wn3d> thank you
<markthomas> There is one good way: use something like puppet, chef, or (eventually) juju to deploy the configuration.
<markthomas> Then, you can redeploy as needed.
<pcn> Hi #ubuntu-server
<pcn> Is there anyone here from canonical who can fix the s3 perms for the apt archive?
<pcn> I'm having this issue in aws:
<gstudent2> Hi! Hi need a new root server and I found a great offer that is virtualised via KVM. Now I want to use KVM in this machine. Is this a bad idea or is this commonly done?
<pcn> https://gist.github.com/pcn/5686473
<sarnold> gstudent2: at least the virtual-maas juju charm does exactly that for testing purposes. it might be slower than you like, but ought to work.
<sarnold> pcn: note that natty went out of support six or seven months back: https://wiki.ubuntu.com/Releases
<gstudent2> sarnold, thank you!
<sarnold> pcn: you can still get to pcakages via http://old-releases.ubuntu.com/releases
<sarnold> pcn: .. but upgrading to e.g. 12.04 LTS would be worthwhile..
<pcn> Yeah, we use that too, but for testing this particular package shouldn't return a 403
<pcn> This just changed in the last day or two.  So is there anyone from canonical who can fix the permissions in s3 for this repo?
<genii> pcn: When end-of-life is reached, the repositories are normally frozen and archived to the old-releases URL that was mentioned.
<pcn> How's the supposed to work for ec2-clients where that dns points outside of s3?
<adam_g> zul,  i think this is totally cheating http://people.canonical.com/~chucks/ca/python-pbr/python-pbr_0.5.11-0ubuntu2~cloud0_source.changes
<adam_g> zul, but those look good otherwise
<sarnold> pcn: being looked at :)
<zul> adam_g:  yeah totally cheating
<zul> adam_g:  so ok to upload them to the ppa?
<adam_g> zul, ya
<zul> adam_g:  cool thanks
<pcn> sarnold: thanks
<sarnold> pcn: happy to middleman :)
<axisys> is there a image that will let me install server OS over the remote serial console ?
<axisys> I tried to boot from usb precise amd64 iso while connected from a remote serial console and I do see in the screen.. probably defaulted to vga
<axisys> I do not see*
<axisys> is there an image that defaulted to ttyS0 , so I can install from remote console
<axisys> PXE is not working .. keep getting "PXE-E11: ARP timeout" after DHCP and the answer here saying not to enable option #60 in dhcp http://www.bootix.com/support/problems_solutions/pxe_e11_arp_timeout.html
<axisys> I do not think I have that enabled
<zul> SpamapS:  ping whats going on with mariadb and percona in debian btw?
<SpamapS> zul: MariaDB packaging is ready for review. Nobody has time.
<SpamapS> zul: Percona I haven't seen anything going on.
<axisys> looks like alternate installer ISO offer to install from remote console
<axisys> let me try that
<hxm> hello
<hxm> can i control a process to use only a % of the cpu?
<sarnold> hxm: you can make a process take relatively less of the CPU by setting its nice level; see the nice(1) and renice(1) command. they can't give you percent-of-cpu, but can make hogs more tolerable..
<RoyK> hxm: no, but you can renice it
<sarnold> hxm: I think I heard groups can give you percent control like that, but I've nevre gone to the effort of figuring it out myself
<sarnold> hxm: s/groups/cgroups/
<RoyK> hxm: only cpu family I know that allows suballocation of power is IBM POWER
<hxm> sobad, i have intel
<RoyK> hxm: you can use ulimit, but it it'll just limit usage
<RoyK> hxm: better renice those processes
<hxm> ok, there i go
<RoyK> hxm: what sort of processess are these?
<hallyn_> sarnold: pretty much yes,
<hallyn_> except if nooen else is competing for cpu, you'll get all the cpu anyway
<hxm> bitcoind, when downloading the blockchain (10Gb slowly)
<hallyn_> the % is only a guarntee that the rest is available for others, not that you won't get more
<hxm> the developer says is only when indexing the database
<sarnold> hallyn_: ah! thanks.
<adam_g> zul, any idea why this is waiting on subunit + testrepository? https://launchpadlibrarian.net/141174494/buildlog_ubuntu-saucy-i386.quantum_1%3A2013.2~b1-0ubuntu1_MANUALDEPWAIT.txt.gz
<zul> adam_g:  looks like the subunit binary is in universe
<adam_g> zul, does it actually require subunit or just python-subunit?
<zul> i think python-subunit
<slicslak> i have a 10.10 server i'm trying to upgrade.  when i apt-get upgrade i get 404 errors: Err http://security.ubuntu.com maverick-security/main Sources 404  Not Found [IP: 91.189.91.13 80]
<sarnold> slicslak: maverick has been unsupported for a little over a year; it's about time to upgrade :)  https://wiki.ubuntu.com/Releases
<Pici> !eolupgrades
<ubottu> End-Of-Life is the time when security updates and support for an Ubuntu release stop, see https://wiki.ubuntu.com/Releases for more information. Looking to upgrade from an EOL release? See https://help.ubuntu.com/community/EOLUpgrades
<sarnold> cool, thanks Pici :)
<slicslak> perfect, thx
<pcn> Hi, it looks like sarnold is away at the moment.  Can anyone from canonical comment on how fixing the us-east-1 s3 repo is going for 11.04?
<pcn> let me ask: is there a policy/preference from canonical's PoV about clients mirroring the s3 repo via s3 calls?
<RoyK> pcn: 11.04 isn't supported anymore AFAIK
<Pici> Aye.
<pcn> Royk: the distro is not supported, but the repo shouldn't return arbitrary 403s
<RoyK> pcn: upgrade
<pcn> Are you tring to be helpful?  I covered this earlier: we are upgrading.
<pcn> However, not being able to re-launch doesn't actually facilitate the upgrade process.
<pcn> How do I e.g. check to see if something is broken in the 12.04 install if I can't confirm it on an 11.04 install?
<RoyK> not sure
<soy_el_pulpo> pcn: check your logs
<soy_el_pulpo> pcn: look for erros
<shauno> you'll have to repoint your sources.list to archive.ubuntu.com/ubuntu/dists/natty-security/
<soy_el_pulpo> errors
<pcn> https://gist.github.com/pcn/5686473
<pcn> I'm in s3
<pcn> ec2.
<pcn> Unless the images provided by ubuntu fix this automagically, this problem will not let anyone install snmpd in ec2 with an 11.04 ami
<pcn> Since I'm using an image based on a ubuntu image, i don't think they're fixed automagically, so I'm asking for help
<pcn> In fact, everything in that repo is 403'ing.
<pcn> Jeez
<Pici> You'd need to use http://old-releases.ubuntu.com/
<RoyK> pcn: not to be rude or anything, but you should have upgraded earlier
<pcn> Are you trying to help?
<RoyK> I think Pici is
<pcn> I understand, but we covered this ground earlier
<pcn> pici not with you, I'm not trying to dismiss your advice
<pcn> the issue is that the repo still appears to be there, and was working yesterday and is returning 403s today
<pcn> If there is an official "this repo is not working" message somewhere, then I can work with that.
<pcn> My understanding is that this is not intentional, so I'm asking about an ETA.
<shauno> it looks quite intentional to me.  http://security.ubuntu.com/ubuntu/dists/  doesn't have a natty-security folder
<Pici> pcn: you could try poking someone in #canonical-sysadmin , but my frist guess would be that its not supposed to be there and they finally got around to removing it.
<pcn> shauno: that's expected - there are no more security releases, and that's fine.
<Pici> s/frist/first/
<pcn> pici I'll check there, thanks
<jdstrand> shauno: use old-releases.ubuntu.com/ubuntu/dists/
<shauno> yeah, Pici's covered that.  I'm trying to explain why it's not where he is looking
<jdstrand> I see, sorry
<jdstrand> it is intentionally not there
<jdstrand> no need to ask anyone
<pcn> Hmm...
<pcn> OK, so for our use, we sould mirror from old-releases.ubuntu.com
<pcn> Is there some kind of announcement that the repo is now officially dead?
<pcn> Everything here seems to be heresay-ish "you should" and "look here" but not "here's the EOL announcement for that repo"
<yofel> pcn: 11.04? https://lists.ubuntu.com/archives/ubuntu-announce/2012-October/000165.html
<Pici> pcn: http://ubottu.com/y/natty/
<jdstrand> pcn: the EOL announcements go out to ubuntu-announce@ and ubuntu-security@. there is a warning that it will go EOL and then the EOL
<jdstrand> pcn: there is not a separate announcement for when the EOL release moves from archive.ubuntu.com to old-releases.ubuntu.com
<pcn> jdstrand OK.  The hard part is that for ec2 users, we're not using archive.ubnutu.com, we're using us-east-1.ec2.archive.ubuntu.com which doesn't feel the same
<pcn> So that's on me
<Pici> The sysadmins don't usually move the releases to old-releases immediately, it can take months.
<pcn> Yeah, the technical part of that seems like the really important one to me
<maxb> It's the same principle as <countrycode>.archive.ubuntu.com
<pcn> maxb: understood, that's on me
<pcn> I would really appreciate having the transition be announced a bit more though
<Pici> How?
<shauno> if it was working for you yesterday, it's taken 10 months to leave your mirror.  that's quite a grace period
<pcn> Indeed, I'm not complaining about the grace period.  I'm complaining about the transition not being in google.
<pcn> pici: how would be anything that turns up high in a google search, I guess.
<pcn> I know I'm sounding whiny but I would like to be able to contribute that this took me by surprise because it appears to be an arbitrary date.
<maxb> I suppose the current attitude is that once it's EOLed, there's no obligation to announce further
<yofel> pcn: the date was end of October 2012, after that it may stop working on any arbitrary date
<shauno> that's how it strikes me too.  you're told your support path from that point is to upgrade to $next, and then moving to old-releases (so mirroor providers don't need to find a home for 19 releases) isn't a support issue, it's a housekeeping issue
<pcn> Sure, it's defensible.  However, it's poor busines practice
<pcn> Specifically, it's bad communications.
<pcn> Hopefully I haven't said that I expect anything more than "if it's gone, tell me it's gone somewhere, somehow"
<yofel> pcn: https://wiki.ubuntu.com/Releases shows end of live dates, please upgrade before then
<yofel> *end of life
<pcn> yofel: again I understand this is completely within the description of the service that canonical is providing.
<pcn> yofel: I'm saying that communicating that it's going away on a date is a really good idea, too.
<chilicuil> do you know of any solution to test if a network is fast enough to install voip telephony?, I'm looking at http://myspeed.visualware.com/indexvoip.php
<pcn> chilicuil: iperf can be used to test performance between two points that you control, but throughput across the internet can be iffy
<chilicuil> pcn: I only control 1 side, the datacenters from where we offer the sip service, so I doubt I'll be able to use iperf in the windows machine clients, I'll check iffy out, thanks for the suggestion =)!
<hallyn_> zul: btw, debian Bug#710537: libvirt-bin: /etc/libvirt/qemu.conf shouldn't be world-readable.  we might also care.
<pcn> chilicuil: iffy isn't a tool, sorry I mean it may be variable/no guarantees unless you get a provider that e.g. provides tunneling (mpls for ex) but that doesn't sound like what you're doing
<chilicuil> pcn: ohh!, got it! =), then I'll look further
<pcn> chilicuil you may want to try mtr to get a feel for what the path between you and the other end looks like, and watch to see how variable it is
<chilicuil> pcn: yep, I'll probably build a web interface for common network utilities if I don't find anything
#ubuntu-server 2013-06-01
<soy_el_pulpo> hi, any idea when openfire Version: 3.8.2 will be available via the official repos for 12.04?
<soy_el_pulpo> !bot
<ubottu> Hi! I'm #ubuntu-server's favorite infobot, you can search my brain yourself at http://ubottu.com/factoids.cgi | Usage info: http://ubottu.com/devel/wiki/Plugins | Bot channels and general info: https://wiki.ubuntu.com/IRC/Bots
<soy_el_pulpo> !stats
<germanstudent>  Hi. I am relatively new to KVM on ubuntu servers. I want to build a server where all VMs need access to data on the host machine frequently. Do I have to do this like this were seperate machines (sshfs, webdav etc.) or is there a better solution?
<RoyK> germanstudent: I'd use NFS
<RoyK> !nfs | germanstudent
<ubottu> germanstudent: nfs is the network file system. See https://help.ubuntu.com/community/SettingUpNFSHowTo for information on installing and configuring NFS.
<tarvid_> u1sdtool on a headless server gets Unable to autolaunch a dbus-daemon without a $DISPLAY for X11
<tarvid_> https://wiki.ubuntu.com/UbuntuOne/Headless
<tarvid_> u1sdtool?
<mikeey> What would be the best way to share files to Windows-only clients using Ubuntu? The server is on a gig link, running iperf between the computers I get around 880-920 Mbit/s. I have set up Samba and tuned it a bit and I get around 80-90 MB per second r/w speed, however I'd like to max out the gigabit link between the server and the clients, what would be the best way to do this? My disks
<mikeey> are capable of 140 MB/s .
<qman__> samba is the best way, as it's the only way windows can natively connect
<qman__> remember also that the client's ability to save the data matters too
<patdk-lap> how do you expect to get >90MB/sec when the link only does 92MB/sec?
<patdk-lap> qman__, windows supports nfs
<qman__> actually, 920Mbit/s is 115MB/s
<patdk-lap> and samba has overhead
<qman__> but protocol overhead is going to cap you around 105MB/s
<qman__> and that's if everything runs SMB2
<mikeey> What can I do to make Samba max out the link then? My current settings are: http://pastebin.com/Jr9vpjD9 and I have dedicated 4 GB RAM to the fileserver
<qman__> if you've got SMB1 in there, you're really looking at a theoretical maximum right around 90MB/s
<qman__> the point being, you pretty much are maxing out your link
<mikeey> Can I somehow reduce the protocol overhead?
<patdk-lap> use ftp
<mikeey> Got any suggestions for a lightweight and secure FTP-server then? I've looked at vsftpd and proftpd
<qman__> FTP isn't secure, and it isn't lightweight
<qman__> but it has less overhead during a transfer than SMB
<mikeey> I assume sftpd would give me even poorer performance?
<qman__> SFTP is slower due to the encryption overhead
<qman__> if speed is all you care about, HTTP is going to be the fastest
<mikeey> So basically, my options are a) use FTP but have insecure transfers but less overhead/better speeds, b) use Samba but be capped at 105 MB/s tranfer speed?
<patdk-lap> how is http secure?
<qman__> HTTP is simpler, lighter, and faster than all of the above
<qman__> it isn't secure
<patdk-lap> dunno, normally http uses a few temp files, makes a lot of server overhead and processing
<patdk-lap> upload -> apache (tempfile) -> php (tempfile) -> php app (save to real file)
<patdk-lap> maybe webdav?
<qman__> put plainly
<qman__> if security is a requirement, you're not going to get any faster than samba
<qman__> the only secure methods of transfer have similar overhead
<mikeey> If I have the processing power, would a VPN into the fileserver then ftp'ing into the actual server to transfer the file be any faster/more secure?
<patdk-lap> no
<patdk-lap> the vpn will cause all kinds of overhead
<patdk-lap> now you just doubled up the ip overhead
<mikeey> hmm
<mikeey> And the protocol overhead is impossible to reduce?
<qman__> it's already recduced
<qman__> reduced*
<qman__> getting 90MB/s+ over a gigabit link is really good
<qman__> it's possible to get better but you need serious hardware and to get specialized
<mikeey> Right ok. If the peak is 105 MB/s, but the speeds are varying (on sequential read) down to 70-80 MB/s, would anything in my settings be the cause for that?
<qman__> no
<qman__> normally that means a write bottleneck
<qman__> on whichever end is writing
<qman__> or a crappy switch
<mikeey> Ok, thanks for clarifying. Helps a lot.
<qman__> most consumer grade switches can get full bandwidth between two of the ports, so long as none of the rest are in use
<qman__> if you start pumping more data through, they tend to slow down
<qman__> that's why enterprise grade switches cost so much more
<mikeey> Yeah, that is called blocking right? Non-blocking would imply it can get full bw on all ports?
<qman__> the best way to avoid that problem on the cheap is to just buy a much bigger switch than you actually need
<qman__> a cheap 24-port switch should be perfectly capable of full bandwidth on 16 ports, etc
<enraged> I want to run a command on multiple machines. I found out about Cluster SSH. However, ClusterSSH seems to, by all the documentation and videos I can find, require a desktop. Can ClusterSSH be run from a terminal, and if not, can anyone suggest an alternative for sending a single command to multuiple machines?
<mikeey> I just tried mounting the same disks in Windows, I get around 110-112 MB/s there and I get 110 MB/s all the time, not sporadic like I do in Ubuntu, there must be something wrong with my settings somewhere
<mikeey> could I try tweaking anything in the sysctl? Increase the tcp buffers and whatnot or would that be of little to no use?
<patdk-lap> there are lots of tweaks you could do
<patdk-lap> but is gaining from 92MB/sec to 95MB/sec worth the time?
<mikeey> patdk-lap, I had 105 MB/s as the "maximum" speed I could get, if I could get a |stable| seq. r/w speed of 100-105 MB/s I'd be more than happy to spend time on it
<mikeey> I suspect it has got something to do with some buffers somewhere, as it will go up to 95-100 MB/s, then continue for maybe 3-4 seconds, drop down to 70 MB/s and be there for 2-3 seconds, then itll go back up to 95-100 MB/s and then the cycle continues
<arrrghhh> hey all.  I'm trying to figure out how to route traffic with two NIC's... I use OpenVPN and it tunnels all my traffic
<arrrghhh> There's some services I would like to place "outside" of this VPN, like ssh - so I can still access my server while away
<arrrghhh> I assume this involves iptables and POSTROUTING or maybe something else..?
<qman__> enraged, if you're looking to set up a system to repeat this process on a given set of machines, you'll probably be more interested in something like salt
<qman__> enraged, http://docs.saltstack.com/
<arrrghhh> lol I thought you were talking to me at first... until I realized there was a fellow with the nickname of 'enraged' :)
<qman__> ha
<enraged> thankyou qman
<roborino> I just changed the ip address from dhcp to static now when I try to ssh ssh: connect to host calvin port 22: Connection refused, ssh_exchange_identification: read: Connection reset by peer or when I do get in I get Write failed: Broken pipe
<RoyK> roborino: can you ssh from localhost?
<RoyK> can you ping the host?
<RoyK> have you checked the logs?
<roborino> RoyK:  I can ping and ssh from localhost...what log would I check?
<arrrghhh> ping from the client to server
<roborino> yep
<RoyK> first try to ping the server from a client, then try to ssh into port 22 on the server if that works
<arrrghhh> ok
<RoyK> I mean
<RoyK> telnet server 22
<RoyK> if that doesn't answer, something isn't listening or is blocked
<roborino> RoyK:  yep, that works too
<RoyK> perhaps ssh -vvv
<arrrghhh> I was going to suggest that, or kill ssh on the server
<RoyK> and pastebin the results - not sure if I can help, though, but others may
<arrrghhh> and run manually /usr/sbin/sshd -d
<RoyK> arrrghhh: it's answering to port 22
<arrrghhh> yes, but it might give more output as to what the issue is
<roborino> -vvv not alot of help
<roborino> http://pastebin.com/1sANUGpx
<RoyK> try -vvv before the hostname
<RoyK> eh
<RoyK> but
<RoyK> connection refused?
<RoyK> didn't you say telnet calvin 22 worked?
<roborino> on the client it doesn't work
<RoyK> 21:34 < RoyK> didn't you say telnet calvin 22 worked?
<RoyK> connection refused is an icmp message indicating the server doesn't listen to port 22
<roborino> sorry...on the localhost it did
<RoyK> well, try from the client, as I suggested
<RoyK> or perhaps give that server a wee reboot
<RoyK> 'have you tried to turn it off and on again?'
<roborino> a bit more info http://pastebin.com/wh2UQ2En
<RoyK> please use paste.ubuntu.com instead
<RoyK> pastebin is so paranoid
<roborino> sorry http://pastebin.com/wh2UQ2En
<roborino> just logged in and then after about a minute I get the Write failed: Broken pipe
<RoyK> roborino: no idea
<RoyK> oh, some nat in between?
<RoyK> try to add "ServerAliveInterval 5" to your ssh_config
<roborino> it worked fine for hours...no issues.  then I changed from dhcp to static got this going on
<roborino> no nat
<RoyK> well, try it anyway
<roborino> its like changing the dhcp to static something is saved somewhere with that IP or something
<RoyK> shouldn't be anything like that
<roborino> sure...never ever had a problem like this before
<roborino> put it back to dhcp...no issues at all
<RoyK> did you try to configure ssh with keepalives?
 * RoyK runs dozens of ubuntu servers on static IPs
<roborino> I do as well
<roborino> I think I figured it out...
<roborino> something else is using the static ip
<roborino> that's gotta be it
<arrrghhh> hi all.  I'm trying to setup ssh so it is accessible outside my network while OpenVPN is also running
<arrrghhh> it seems I need to split the traffic using iptables... I've read a few guides but I'm having issues applying it to my network
<sharad_> can anybody recommend some cpu and os benchmarking tools?
<tarvid_> u1sdtool won't run
<tarvid_> headless Ubuntu 12.04.2
<tarvid_> Unable to autolaunch a dbus-daemon without a $DISPLAY for X11
<sharad_> on what parameters can ubuntu-server be benchmarked?
<tarvid_> disk to Ethernet transfer rate?
<sarthor> HI, I have printer suremark 4610 installed and shared on windows 7 machine, How can i add that printer to the machine having ubuntu-server 12.04 installed ( no GUI ). HELP Please
<RoyK> sarthor: cups
#ubuntu-server 2013-06-02
<soy_el_pulpo> hi, any idean when openfire 3.8.2 will be available in the repos? thanks
<sarnold> soy_el_pulpo: it might be a while, I don't see it in debian (packages.debian.org/openfire) and that's the easiest way to get it into ubuntu..
<soy_el_pulpo> sarnold: hi, thanks. I really like the fact that is part of repos, it make keeping things updated a lot easier
<soy_el_pulpo> have you noticed my nick is in parenthesis? do you know why?
<sarthor> I have installed cups on ubuntu-server, printer is shared on some windows 7 machine, Printer name/model is SureMark 4610, after telling to my service via browser, "smb://192.168.1.148" for adding printer, press continue ..in the make list-->IBM--SureMark 4610 is not listed, What I have to do in here now?
<soy_el_pulpo> !stats
<BroUnicorn> Hello
<BroUnicorn> I need some ssh help
<BroUnicorn> Can anyone help me with my ubuntu server?
<soy_el_pulpo> hi BroUnicorn
<soy_el_pulpo> yes?
<BroUnicorn> I keep getting a "connection refused" when trying to ssh into my server
<BroUnicorn> I can ssh into it locally
<BroUnicorn> but I can't from outside the local network
<soy_el_pulpo> locally you mean from you internal lan?
<soy_el_pulpo> and from the outside, from a machine not in the same network?
<soy_el_pulpo> BroUnicorn: hello?
<BroUnicorn> Yes
<BroUnicorn> That is correct
<soy_el_pulpo> ok
<BroUnicorn> except I'm attempting to connect from the outside as if I'm not inside of the network
<soy_el_pulpo> you are discussing this same topic on the #ubuntu channel
<soy_el_pulpo> how are you trying to ssh into your server form the outside?
<BroUnicorn> It's on a computer inside the network
<BroUnicorn> but I'm trying to connect through the router's public ip
<BroUnicorn> so that I can simulate connecting from a computer not in the network
<soy_el_pulpo> which ip you are using to connect internally?
<BroUnicorn> 192.168.2.12
<BroUnicorn> which is my server's ip
<soy_el_pulpo> and form the outside? 75.92.217.70 ?
<soy_el_pulpo> from
<BroUnicorn> Yes
<soy_el_pulpo> have you opened a port on your internet router?
<BroUnicorn> Yes
<BroUnicorn> I have attempted to
<soy_el_pulpo> that will allow request to port 23 to go to the correct server?
<soy_el_pulpo> it seems that it is not setup properly
<BroUnicorn> 23
<BroUnicorn> ?
<BroUnicorn> I have it set to 22
<BroUnicorn> I also have DMR on
<BroUnicorn> could it be in my /etc/network/interfaces file?
<soy_el_pulpo> ss22
<soy_el_pulpo> 22, my bad
<BroUnicorn> it being the "error"
<soy_el_pulpo> why?
<soy_el_pulpo> ssh is port 22
<soy_el_pulpo> if your network works it should be fine.
<BroUnicorn> idk
<BroUnicorn> my internal network does
<soy_el_pulpo> ok...
<BroUnicorn> but I changed my port at one point
<BroUnicorn> and decided to change it back
<soy_el_pulpo> i tried to ssh and it gave me a time out
<BroUnicorn> I tried to assign a static ip
<soy_el_pulpo> port of?
<BroUnicorn> I changed the sshd_config file back to port 22
<soy_el_pulpo> where it was?
<BroUnicorn> huh?
<soy_el_pulpo> you changed from what to what?
<soy_el_pulpo> your /etc/ssh/sshd_config
<BroUnicorn> I changed port 22 to another number originally
<soy_el_pulpo> if you can ssh from another machine from your network it should be fine
<BroUnicorn> then I changed it back
<soy_el_pulpo> ok
<BroUnicorn> but then
<soy_el_pulpo> ...
<BroUnicorn> in the /etc/network/interfaces file I changed stuff
<BroUnicorn> to try and add a static ip address
<BroUnicorn> and I don't know if I did it correctly
<soy_el_pulpo> did you kept a copy of the original file?
<BroUnicorn> no I did not
<BroUnicorn> haha
<BroUnicorn> but
<BroUnicorn> h/o
<soy_el_pulpo> ?
<BroUnicorn> I'm going to paste bin the file
<soy_el_pulpo> ok
<BroUnicorn> http://pastebin.com/Ugj1H0JA
<BroUnicorn> except for gateway and name server are 192.168.2.1
<soy_el_pulpo> 2.4 is your router?
<soy_el_pulpo> so you have already changed those 2 on your current file?
<soy_el_pulpo> on the serve
<soy_el_pulpo> r
<BroUnicorn> yes, except it's now 2.1
<BroUnicorn> yes
<soy_el_pulpo> ok
<soy_el_pulpo> have you restarted the network after those changes?
<BroUnicorn> yes I did
<soy_el_pulpo> ok
<BroUnicorn> Is that the incorrect way to do it?
<BroUnicorn> Or are you unsure
<soy_el_pulpo> can you ping your router?
<soy_el_pulpo> unsure of what?
<soy_el_pulpo> right after restarting the network, did you restart the sshd server?
<BroUnicorn> whether that file is correct or not
<BroUnicorn> no
<BroUnicorn> I don't know how to restart the sshd server
<soy_el_pulpo> if it has the las changes you said it is fine
<soy_el_pulpo> "/etc/init.d/ssh restart"
<three18ti> anyway to blink the led on a drive?
<three18ti> e.g. I want to blink /dev/sdd because it needs to be replaced.
<three18ti> no raid.
<soy_el_pulpo> for the network: "/etc/init.d/networking restart"
<soy_el_pulpo> can we solve the ssh first
<soy_el_pulpo> ?
<BroUnicorn> Yes please
<soy_el_pulpo> ok...
<BroUnicorn> I restarted the network and the ssh
<soy_el_pulpo> good...
<BroUnicorn> ssh before the network though
<soy_el_pulpo> network should be first, so the ssh now
<soy_el_pulpo> do the ssh
<soy_el_pulpo> and then ssh from anothe machine on your network
<soy_el_pulpo> ok?
<soy_el_pulpo> your server is connected directly to your internet router?
<BroUnicorn> It is directly connected
<soy_el_pulpo> ok
<soy_el_pulpo> did you try from another machine? ssh to your server
<soy_el_pulpo> after all we did
<soy_el_pulpo> with this we will rule out server configuration
<BroUnicorn> Not yet
<soy_el_pulpo> please try
<BroUnicorn> I have not yet
<BroUnicorn> one second
<soy_el_pulpo> also on the server do: netstat -atn|grep "22 "
<soy_el_pulpo> while ssh'ing form the other machine
<BroUnicorn> connection refused
<BroUnicorn> or should I just ssh using the 192.168.2.XX IP address
<BroUnicorn> I tried using my external IP
<soy_el_pulpo> try using the internal one
<soy_el_pulpo> then we will move to your router
<BroUnicorn> I can ssh in locally
<BroUnicorn> I could before though
<BroUnicorn> I just cannot externally
<soy_el_pulpo> do: netstat -atn|grep "22 "
<soy_el_pulpo> paste the results please
<soy_el_pulpo> also do: iptables -L
<soy_el_pulpo> and paste the results
<BroUnicorn> okay
<soy_el_pulpo> (I am almost sure it is your internet router but I need to clear al this first)
<soy_el_pulpo> ...
<BroUnicorn> okay here's netstat
<BroUnicorn> http://pastebin.com/yvVY4zPd
<soy_el_pulpo> great
<BroUnicorn> and here's the iptable
<soy_el_pulpo> you see there your active internal connection, keep that command for the future
<BroUnicorn> http://pastebin.com/4kXLFz8P
<BroUnicorn> Sweet
<soy_el_pulpo> good, so no fw on your server and ssh is listening to all
<soy_el_pulpo> 0.0.0.0:22 means that
<soy_el_pulpo> ok
<soy_el_pulpo> lets move to the router
<soy_el_pulpo> brand and model please?
<soy_el_pulpo> I check form here and port 22 is not open
<BroUnicorn> okay
<BroUnicorn> Belkin
<BroUnicorn> model...
<BroUnicorn> one second
<BroUnicorn> F9K1103 v1 (01C)
<soy_el_pulpo> i am checking the manual...
<BroUnicorn> Thank you!
<soy_el_pulpo> manual has nothing about port forwarding...
<BroUnicorn> Check Virtual Servers
<BroUnicorn> under Firewall
<soy_el_pulpo> how you did it? check this guide: http://www.justanswer.com/mac-computers/6hj82-set-port-forwarding-belkin-f9k1103-osx-lion-serve.html
<soy_el_pulpo> check the ip of your server
<soy_el_pulpo> and the ports
<soy_el_pulpo> !imagepastebin
<BroUnicorn> Okay
<BroUnicorn> the local ip of my server?
<soy_el_pulpo> goto step 4
<soy_el_pulpo> on the table
<soy_el_pulpo> is there something already?
<soy_el_pulpo> or it is empty?
<soy_el_pulpo> Enable=yes
<soy_el_pulpo> Description=Server ssh
<soy_el_pulpo> helo?
<BroUnicorn> There's something that I put there
<soy_el_pulpo> !pastebin
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imagebin.org/?page=add | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<soy_el_pulpo> use imagebin to show me a screenshot
<soy_el_pulpo> ...
<BroUnicorn> http://imagebin.org/259899
<soy_el_pulpo> got it
<soy_el_pulpo> inbound is wrong...
<soy_el_pulpo> remove it..
<soy_el_pulpo> and put "kronos ssh" on the description
<soy_el_pulpo> will help in the future
<BroUnicorn> Okay I removed it
<soy_el_pulpo> save
<BroUnicorn> Nvm
<soy_el_pulpo> it
<BroUnicorn> won't let me
<BroUnicorn> Gave me an error
<soy_el_pulpo> ok.. it says somethins that needs to be in between 1 and 6xxxxx?
<BroUnicorn> No 1.The number in port entry box should be between 1 - 65535.
<BroUnicorn> Yes
<BroUnicorn> it does
<soy_el_pulpo> put those numbers: 1-6xxxx
<soy_el_pulpo> i do not remember the last number...
<BroUnicorn> wait, put what?
<soy_el_pulpo> inbound: "1-65000"
<soy_el_pulpo> that means all incoming..
<BroUnicorn> Okay I applied it
<soy_el_pulpo> ok...
<soy_el_pulpo> it did not ask to restart the router?
<BroUnicorn> Nope!
<BroUnicorn> Connection refused again though
<soy_el_pulpo> that is correct..
<soy_el_pulpo> bad but correct..
<BroUnicorn> hmm
<soy_el_pulpo> hold on
<BroUnicorn> okay
<soy_el_pulpo> can you send me the full screen capture of that page?
<BroUnicorn> Of the router page?
<soy_el_pulpo> yes please
<BroUnicorn> http://imagebin.org/259900
<soy_el_pulpo> can you click on more info?
<BroUnicorn> It brought up a very large page
<soy_el_pulpo> external link?
<soy_el_pulpo> or from your router?
<BroUnicorn> From my router
<soy_el_pulpo> mmm does it say anything about incoming ports?
<soy_el_pulpo> check your external ip: http://www.whatismyip.com/
<soy_el_pulpo> if the ip still correct, my worst feeling is that your provider is blocking the access
<soy_el_pulpo> also, may check if the firmware is upto date...
<soy_el_pulpo> if not patch it and try again
<soy_el_pulpo> but so far everything is right
<BroUnicorn> okay well thanks anywayts
<soy_el_pulpo> what the page syas?
<soy_el_pulpo> said?
<soy_el_pulpo> your ip still correct?
<soy_el_pulpo> 75.92.217.70?
<soy_el_pulpo> is it?
<RoyK> uh... umounting this xfs filesystem and running a check, xfs_check tells me it's still mounted?!?
<ndee> I'm using htop to monitor my db-server. The server has 32GB RAM and is a dedicated db-server. 19.7G is used by mysql and that's about the main usage. http://screencast.com/t/1P6vu5wnom3 <-- that's a screenshot of the complete htop tree. What I don't understand is, why does the server still swap 189MB?
<RoyK> linux starts swapping out garbage early
<RoyK> better use the RAM for something useful than keeping stuff not in use in memory
<RoyK> you can tune this with the vm.swappiness sysctl setting
<RoyK> default is 60 (0-100). setting it to 1 or something will make linux only start swapping out when it really have to, but the default setting is probably good
<ndee> RoyK, I just saw that most of it is mysql which uses the swap but that's not something I should worry about then?
<RoyK> ndee: I don't think you can see what's using the swap
<RoyK> iirc linux will normally swap out pages that hasn't been referenced much
<sarthor> HI, CUPs intalled, but I am unable to add Epson LX-300 Dotmatrix printer to my ubuntu-server machine, Printer is shared on some Win7 Machine, and I can access via other ubuntu-Desktop machine, working fine.  Help please.
<sarthor>  "Session setup failed: NT_STATUS_LOGON_FAILURE" where can I write login/password for the shared printer using cups?
<RoyK> sarthor: dot matrix printer?!? like the ones we used in the eightees? ;)
<RoyK> sarthor: anyway - sounds to me like a cups or samba issue - not sure
<sarthor> RoyK: Yes. Why in Eightees.. its In now a days for multiple copies.
<sarthor> this is the righ way for inter the url for the smb printer..   smb://[username:password@][workgroup/]server[:port]/printer
<RoyK> looks right
<maxagaz> hi
<maxagaz> how do I have more and more "/usr/sbin/apache2 -k start" in my pa aux listing with the time ?
<maxagaz> when I have too much it seems my websites get slower, and at some point I need to restart apache
<Hans11> Want to export a ssl certificate to another server but it is not valid
<rotten777> I'm having an issue creating a local repo... I've run the apt-mirror command and it downloaded the 95gb+ to the local drive, but it seems like parts of the mirror are missing when running `apt-get update`
<rotten777> any help?
<rotten777> I'm not sure if my entry in sources.list is bad or that the apt-mirror command needs some more parameters added
<Hans11> Somebody experience with certificates and Nginx, need to convert it from another server
<WouterNLD> Hi guys, IÂ´m looking for an OS that can server as a home media NAS. It should be able to handle ZFS fylesystem, samba shares and should work with popular plugins such as Sickbeard/Transmission/Couchpotato. Am i in the right place?
 * ball wonders what plug-ins are.
<WouterNLD> Ah, itÂ´s the dumbed down way of saying software :)
<ball> WouterNLD: I'm about to build something along those lines myself.
<ball> Tried to buy a case for it yesterday but the local computer shop was out of stock.
<WouterNLD> Heres the deal, I used to be on OpenMediaVault NAS software, wich was based on linux and was fine. I used to have 2 disks and that was all good. Mirror raid > no problemo.
<WouterNLD> I have a HP Microserver N40L with 8gb ram
<WouterNLD> It does however not come with a hardware raid controller, so iÂ´m stuck to software raid
<ball> People seem to like the N40L.
<WouterNLD> Yea itÂ´s a neat little thing, and i got it really cheaply
<ball> WouterNLD: Not having hardware RAID isn't much of a limitation.
<ball> ...I know some people actually prefer it.
<WouterNLD> iÂ´ve upgraded the box to 4 disks. While mdadm is fine for 2 disks, itÂ´s too processor intensive for a little 1.4 dual core AMD NEO processor
<WouterNLD> And with the lack of battery pack of the box, Raid-5 is suicide
<WouterNLD> So i decided to go with ZFS
<ball> Shouldn't be processor intensive if you're doing RAID 1+0
<WouterNLD> True however I think ZFS is secure enough and gives me more space
<WouterNLD> Well, seeing as OMV doesnÂ´t support zfs, i went to FreeNAS
<WouterNLD> and to be honest,
<WouterNLD> FreeBSD is a pain in the ass
<WouterNLD> *mind the language*
<WouterNLD> ItÂ´s nice as a basic nas with zfs, but as a media server is is simply horrific
<WouterNLD> So i thought, why not ubuntu server. I like ubuntu, i like linux much better then freebsd, itÂ´s easier, zfs is availble, iÂ´m sure i can install some of the media software fairly easily because itÂ´s around for the desktop version aswell
<arrrghhh> zfs is available on Linux?
<ball> WouterNLD: Ah, I have no idea about Ubuntu Server.  I was planning to use OpenIndiana.
<arrrghhh> https://wiki.ubuntu.com/ZFS
<arrrghhh> not sure I'd want to use ZFS in that state... just me.
<WouterNLD> Yes i read https://wiki.ubuntu.com/ZFS, i donÂ´t really see the downside?
<arrrghhh> WouterNLD, it's not availalbe in Linux.  You have to use it as a FUSE module
<arrrghhh> I guess you can add a kernel module... still would concern me that a file system is not natively supported.
<WouterNLD> There is a native kernel module..?
<arrrghhh> did you read that page?  lol
<WouterNLD> What is the downside of a fuse module?
<arrrghhh> it's not part of the OS
<WouterNLD> arrrghhh, yes i did, lol -.-
<arrrghhh> I used to access NTFS thru the FUSE module, was turrible.
<WouterNLD> oo i remember using that
<WouterNLD> yea that ain
<WouterNLD> Â´t good
<arrrghhh> granted NTFS is also turrible
<ball> Is mdadm the Linux software RAID thing?  I imagine that could do RAID 1+0 without too much CPU overhead.
<arrrghhh> yes mdadm is the linux software raid doohickey
<ball> Thanks.
<tohuw> How can I output a description/visualization of my entire OpenLDAP tree, recursively?
<tohuw> (Specifically, all DNs and objectClasses)
<arrrghhh> WouterNLD, I would just be cautious about using ZFS.  It's a great concept, but until it's "part of" Linux, I wouldn't trust it with my critical data.
<arrrghhh> tohuw, I know the CTO of OpenLDAP, but no clue how to use it xD  sorry
<ball> Or you could run it on an OS that it /is/ part of.  ...just saying.
<arrrghhh> trying to think if there's a better channel for that...
<soy_el_pulpo> like REISER, he went crazy and now is in jail
<soy_el_pulpo> real jail, not CHROOT one
<arrrghhh> ReiserFS is promising
<arrrghhh> Brtfs or whatever
<arrrghhh> but yea the dev went nuts and murdered his wife
<WouterNLD> Maybe what iÂ´ll do is.. I have a 4 disk zfs pool and a 1 disk backup pool. IÂ´ll run the 4 disks in zfs for linux and back it up to a 1 disk seperate disk (non raid)
<tohuw> ReiserFS != Brtfs
<soy_el_pulpo> he will kill his FS anytime!!!
<soy_el_pulpo> with our files too
<soy_el_pulpo> hi all btw
<arrrghhh> tohuw, oh I thought brtfs came out of reiser?
<arrrghhh> Btrfs also has "a number of the same design ideas that reiser3/4 had".
<tohuw> No, not really. Chris Mason is the principal on btrfs, and while some inspiration from ReiserFS was taken, it bears little real resemblance. ReiserFS is effectively dead and not recommended.
<arrrghhh> yes
<arrrghhh> I realize this... lol
<arrrghhh> I just thought some crap from btrfs was borne out of ideas used in ReiserFS... that's all.
<WouterNLD> thanks for the input guys, off to a bbq :)
<arrrghhh> n
<arrrghhh> p
<arrrghhh> wow.  so this is kinda OT, but related to what we were talking about... Reiser's wife was a mail-order bride bwhahaha
<arrrghhh> I did not know it was a Russian mail-order bride...
<RoyK> anyone that knows a decent SATA HBA that actually works? I have this old LSI 1068 controller, but my mobo won't detect it in the 16x pci-e bus. I just need something that works - no need for hw raid
<qman__> RoyK, I have two of these in my file server: http://www.newegg.com/Product/Product.aspx?Item=N82E16816118112
<qman__> the brackets are backwards though
<RoyK> any idea if those will work in a standard desktop mobo's 16x slot?
<qman__> wait, actually that one has the right bracket
<qman__> I got mine from a different site with the wrong bracket
<qman__> I'm using them in a gigabyte AMD desktop board
<qman__> hold on, I'll find the exact one I bought
<RoyK> thanks
<qman__> http://www.atacom.com/program/print_html_new.cgi?Pagecode=SEARCH_ALL&Item_code=CONB_SUPE_SA_L8&USER_ID=www&cart_id=6436767_66_188_36_22
<qman__> I got it from there because it's cheaper, but it's the same chipset
<qman__> it just has a non-ATX bracket on it, had to do a little hacking
<RoyK> qman__: http://www.ebay.com/itm/LSI-SAS-9211-8i-6Gbps-8-Ports-SAS-SATA-8-Port-PCI-e-RAID-Controller-Card-/190848825358?pt=US_Server_Disk_Controllers_RAID_Cards&hash=item2c6f79f80e ?
<RoyK> qman__: any idea why this 1068 won't get detected by my mobo? perhaps some mobos have specially crafted 16x slots for display cards only?
<qman__> I haven't run into that, but some of them have configuration on which slots to provide the lanes
<qman__> many boards will have 2 or more x16 slot and be in a 16/4 or 8/8 configuration, and it may be manually configurable or autodetected
<RoyK> this one only has one 16x slot
<RoyK> card isn't even detected by bios
<RoyK> seen posts about this issue other places on the net
<qman__> hmm
<qman__> maybe the card is 2.0 or 3.0 and not back compatible, the board is an older version?
<qman__> the main difference between the versions is bandwidth
<RoyK> mobo is pci-ex 1.0, I think, so is the hba
<qman__> does the board have all the lanes?
<RoyK> iirc the 1068 is 8 lanes
<RoyK> I've used those rather a bit on some opensolaris servers
<qman__> ok
<qman__> I haven't seen any boards that will go less than 8 on the only x16 slot
<RoyK> but then, on mobos with 8-lane slots
<RoyK> the 16x slot works with a 2-lane card, though
<nicekiwi_> hey, somethings happend to my VPS. I cant acces it anymore. And I have no idea why not.
<sw> hi. how can I restore all the /etc/pam.d/common-* config files to their defaults?
<arrrghhh> nicekiwi_, contact your provider?
<nicekiwi_> Ubuntu 12.04 64bit, apache is runing wihtout issues, but I cant ping it or SSH into it anymore
<sw> nicekiwi_: your best option is probably contacting your host, rather than wasting hours trying to figure out what's going on
<arrrghhh> that's why you pay for it, right?  :P
<nicekiwi_> unless its something I did?
<sw> or, can someone paste them?
<arrrghhh> sw, I don't think I've changed mine...
<sw> arrrghhh: oh, could you maybe pastebin?
<arrrghhh> nicekiwi_, we don't know what you've done :D
<arrrghhh> sw, I will 1 sec
<sw> -auth, -account, -password?
<sw> nicekiwi_: what did you last do before things broke?
<arrrghhh> sw, http://pastebin.com/FJg9MAEH
<nicekiwi_> sw: disabled ufw and added a entry to my hosts file.
<arrrghhh> sw, http://pastebin.com/qBuaxH2E
<arrrghhh> sw, last one http://pastebin.com/AswW7BCU
<Beltechs> o/
<jacksonka> I am Running Ubuntu 12.04 on HPM110g6 on static ip address assigned by provider.  I would like to install Jabber2 starttls on port 5222 with MYSQL database.  Has anyone done something like this before?  Steps I have completed. 1) sudo apt-get install jabberd2 2)  ?
<Beltechs> hello how long will S12.04 be supported?
<arrrghhh> Beltechs, for a full matrix see here
<arrrghhh> https://wiki.ubuntu.com/Releases
<sw> arrrghhh: thanks! think you had some samba parts in there, I removed them and it seems to be working now *wipes forehead*
<arrrghhh> server edition of 12.04 is April 2017
<arrrghhh> sw, np ;)
<Beltechs> so about 4 years left...
<Beltechs> what a nightmare I just getting the hang of this and its time to switch up again.
<jacksonka> I would like to see the Jabber2 info updated for the common deployment Jabberd2, MYSQL, require STARTLS,  jabber.mydomain.com ,port 5222 without register enable.  This setup should be in the guide for the SMB or SME market.
<andol> jacksonka: Out of curiosity, what basis do you have for that being the common dployment?
<jacksonka> Well, I think that a script to deploy this that would ask the questions and you provide the answers would make deployment straight forward.  Standard  deployment scenarios such as the one I just mentioned helps small business deploy world class solutions cost effectively.   Ubuntu did a great job with mail ie postfix-dovecot for example.
<jacksonka> The postfix-dovecot package is the gold standard although manual installation is also possible.
<jacksonka> This is was Ubuntu is all about.  sudo apt-get install bang!
<andol> jacksonka: I don't doubt the benefit of such a thing, was mostly curious about the specifics, for example why a MySQL backend would be more common/better than say a sqlite, especially for the smaller setups you seem to be refering to.
<jacksonka> Except crypto laws limit deployment efforts from providers
<jacksonka> Here is the reason.  When an SMB runs Accounting, Sales, Inventory, CRM, etc on Mysql then having other services on the same db reduces learning curve and makes SQL reporting thru MYSQL beautiful.
<jacksonka> Its all about solution topology.
<jacksonka> So, SugarCRM, MYSQL, Postfix MYSQL, Jabberd2 Mysql, Drupal or news MYSQL etc.
<jacksonka> When generating reports the sql programmer can access the MYSQL databases all collectively and generate a report on a resource such as an employee.  If I want a performance report on an employee I can create a query report to access ALL databases for that employees activities for the day.
<jacksonka> By the way it doesn't have to be MYSQL but could be Oracle or sqlite or other db but most programs work well with MYSQL.
<jacksonka> If you want to do statistics, sales forecasting, or similar analysis this is quite valuable.
<jacksonka> They did a great job with mail I just thought in other services as well the guide could be improved.  Just a humble suggestion.
<andol> jacksonka: Again, not arguing the main point, was mostly curious about that detail.
<andol> Guess the main problem is finding that Someone motivated enough to do the actual legwork.
<jacksonka> Ok detail.  MySQL has loadable storage engines, SSL on port 3306, high scalability, large records and table capability.
<jacksonka> MySQL is already the defacto standard of the open source DB industry.  Would it not be sensible to take full advantage of this by providing MySQL and of course starttls in almost all the apps in the server guide.
<RoyK> jacksonka: no, it's not. mysql is a lousy dbms compared to postgresql
<jacksonka> I agree PostgreSql is more flamboyant but few company's standardize on it.  Facebook uses MYSQL MEMCACHE.
<RoyK> I don't care what facebook uses
<jacksonka> Alternatively, if the guide provided both MYSQL and POSTGRES scripts or options over starttls or ssl then presto.
<jacksonka> For example, the guide provides lan and berkeley db install instructions yet today workers work at home and telecomute.  Oh, mobile is also very important.
<jacksonka> If you deploy ssl or secure tunneling then public infrastructure can be used and workers would be free to engage clients and associates and more ergonomic, flexible and productive was.  This conserves office space.  Another plus!
<jacksonka> This open computing idea synergizes well with Ubuntu Server, Desktop, Tablet, large screen tv and obviously Ubuntu phone.
<jacksonka> I love the Ubuntu concept and would like to see it grow.
<jacksonka> Anyway I will be attempting to manually install Jabberd2, MYSQL, STARTTLS port 5222 with no registry enabled.  Pre-registry by admin would be required in the DB.
<jacksonka> I fill you guys in on my success or failure.
<arrrghhh> hey all.  I'm trying to get my server, which is running OpenVPN as a client, to split traffic...
<arrrghhh> as I can ssh just fine when the OpenVPN client is not running... but when the tunnel is up, I can't ssh from other remote locations
<cppCzar> Hello
<cppCzar> I need help with my server.
<cppCzar> I cannot ssh to it through my router's external ip address, meaning that I cannot connect to it without a local connection
<habr100> A music messaging session has been requested. Please click the MM icon to accept.
<habr100> c:D
<RoyK> cppCzar: if you can connect to it over the LAN, it's a problem with the router config
<jacksonka> Only way is go to server with monitor and use password auth
<cppCzar> use password auth?
<cppCzar> for?
<cppCzar> and okay RoyK
<jacksonka> But, then you can enable ssh for both cert and pam etc for options
<cppCzar> RoyK: Do I need to have a static ip address? and jacksonka what are vert and pam?
<jacksonka> I use Elliptic Curve DSA encryption for ssh authentication.
<jacksonka> Elliptic Curve DSA 521 is military grade encryption approved by the United States government for top secret classification e docs.
<jacksonka> Cert is certificate authentication so you don't have to use a password to log in.
<jacksonka> Ubuntu currently recommends ECDSA certificate authentication for Ubuntu Servers.
<jacksonka> Use Openssh and google to find sesson on ECDSA521
<cppCzar> Okay! Could you help me to set that up (once I get it connectable worldwide)?
<jacksonka> Yes you just need the script which you can get of the net.
<jacksonka> It is very fast
<cppCzar> Sounds great. But I'm still having trouble figuring this problem out
<jacksonka> I don't remember the exact procedure but it is easy to find on the net.
<jacksonka> You must go to the server with a monitor and cable and log in through localhost
<cppCzar> I can ssh in locally
<jacksonka> You must be physically at the server.
<cppCzar> but I'm also physically at the server
<jacksonka> oh
<cppCzar> I'm logged onto the server
<jacksonka> good
<jacksonka> Ok I will find session for you on net.  One minute
<jacksonka> First,  sudo vim /etc/ssh/sshd_config
<jacksonka> This is the daemon configuration file.
<cppCzar> okay
<jacksonka> Be careful.
<jacksonka> Here you can use alt ports
<jacksonka> Instead of port 22 you can use port 2222
<jacksonka> or any other to improve security.
<cppCzar> Okay
<cppCzar> cool
<cppCzar> I have it at 22
<jacksonka> So if you want standard port leave it at 22
<cppCzar> I had changed it to something else last night
<jacksonka> But everyone knows it is 22
<cppCzar> but I changed it back because I couldn't ssh into the server over internet outside of local
<cppCzar> then I'll change it again
<jacksonka> OK sudo apt-get install nmap
<cppCzar> on my server?
<jacksonka> very important
<jacksonka> yes
<jacksonka> or on your pc client laptop or server
<cppCzar> Cool, that's the port searcher correct?
<jacksonka> yes
<jacksonka> It will tell you whether the port is listening.
<cppCzar> hmm
<cppCzar> I'm getting errors
<jacksonka> after install then nmap mydomain.com
<jacksonka> what is the error
<cppCzar> a bunch of lines saying "Failed to fetch http://"...
<cppCzar> with different websites
<jacksonka> absolutely
<jacksonka> because you are not on the internet
<cppCzar> but I managed to install openssh
<cppCzar> O.o
<jacksonka> you need to reboot dsl or cable modem or other ip access
<cppCzar> how do I reboot dsl?
<cppCzar> and should I just turn off my modem and router and turn them back on?
<cppCzar> Or do I need to reboot something in command line?
<jacksonka> yes
<jacksonka> hard
<jacksonka> hardware
<cppCzar> okay
<jacksonka> then wait
<jacksonka> and pray
<jacksonka> shut down everything gracefully if you can.
<cppCzar_> Hey
<cppCzar_> I'm back now
<jacksonka> k
<cppCzar_> I restarted it
<cppCzar_> I have an important question though
<cppCzar_> I have a wireless card on my server
<jacksonka> ping a public domain
<cppCzar_> and in the installation I have no idea if it installed using the wireless or the lan
<cppCzar_> it being the server
<jacksonka> Never use wireless on a server
<jacksonka> ALWAYS USE TOP QUALITY ETHER CABLES CONNECT DIRECTLY TO YOUR UBUNTU SERVER.
<cppCzar_> Right
<cppCzar_> so I want to change that
<cppCzar_> and disable it from command line
<cppCzar_> :O
<jacksonka> NO DOUBT
<cppCzar_> Can you help me do that?
<jacksonka> FIRST ORDER OF BUSINESS SB TO hardwire your box to your router
<cppCzar_> I have it locally connected
<jacksonka> Do you have a ether cable going from your server to your router
<cppCzar_> I had it locally connected when I installed it, but I also had the wireless card inserted and on
<cppCzar_> Yes
<jacksonka> turn of the wireless card
<jacksonka> you do not need it
<cppCzar_> Okay, but how?
<cppCzar_> Do I just need to completely take it out of the computer?
<jacksonka> I s your machine an actual server or just a desktop?
<cppCzar_> desktop
<jacksonka> That is the problem.  Servers don't come with wireless garbo
<cppCzar_> ^.^
<cppCzar_> lol
<uvirtbot> cppCzar_: Error: ".^" is not a valid command.
<jacksonka> Ok, but you can still improvise server services
<cppCzar_> Okay, so do I need to completely remove it from the desktop, or is there a way to disable wireless from CLI?
<jacksonka> Completely remove the wireless card from the server.
<jacksonka> Unless your internet service is wireless.
<cppCzar_> Okay
<jacksonka> Your service sb from dsl or cable modem with a static ip address for server class operations.
<cppCzar_> sb?*
<cppCzar_> What is sb?
<jacksonka> should be
<cppCzar_> Okay, how can I make sure it has a static ip address?
<cppCzar_> I will begin removing the wireless card
<jacksonka> It should cost more from your provider and they should have given you a fixed ip if you requested one.
<jacksonka> Mine is $10 a month.
<cppCzar_> Ah, I haven't requested one
<jacksonka> No free lunches.  This is real world class internet services bud.
<jacksonka> If your are on dynamic stop right here and get a fixed ip.  I will help you with everything else.  Where are you from ccpCzar
<cppCzar_> United states
<cppCzar_> How do I get a fixed ip?
<cppCzar_> I assume I have to contact my isp
<jacksonka> yep
<cppCzar_> Do I just call and ask? haha
<jacksonka> You want IPV4 with four octets something like 93.22.200.33
<cppCzar_> And they won't give the server a static IP, but they'll give the router a static ip right?
<cppCzar_> well when I look at my Network setting under TCP/IP
<jacksonka> No they usually give you two one for the router and one for the server
<cppCzar_> I have an IPV4 address
<jacksonka> fixed?
<cppCzar_> on my laptop, not the server
<cppCzar_> What do you mean?
<jacksonka> no you want to configure the server for the fixed ip not the laptop
<jacksonka> sudo vim /etc/network/interfaces
<cppCzar_> I know, but I don't know how since it's only command line
<cppCzar_> I'm not sure if it's right though
<jacksonka> The router provides DHCP Dynamic Host Controller Program services for ip leases.
<cppCzar_> because it's like, 192.168.2.4
<cppCzar_> Okay, so what does that mean?
<jacksonka> What is your public fixed ip address given from your ip provider?
<jacksonka> Not 192.168......
<jacksonka> Fixed public ip
<cppCzar_> I'm not sure
<cppCzar_> how do I find out
<jacksonka> Call your ip service provided to ensure they gave you one or ask them to.
<cppCzar_> Oh this is the 10$ a month thing?
<jacksonka> yes
<jacksonka> bottom line
<cppCzar_> So just because we have internet doesn't mean we have a public fixed ip address
<jacksonka> correct
<cppCzar_> Alright. Do I just ask for a public fixed ip address?
<jacksonka> yes
<jacksonka> Make sure it is ip4
<jacksonka> ipv4
<cppCzar_> okay
<cppCzar_> well I guess I'll come back when I do that
<cppCzar_> haha
<cppCzar_> thank you
<jacksonka> k
<jacksonka> bye
<tohuw> Can someone assist me in understanding why apparently none of the entries in this LDIF load? http://pastebin.ca/2387803 contains the LDIF. The ldapadd syntax and error messages are at http://pastebin.ca/2387804. This is a freshly installed slapd from the provided package for Ubuntu 12.04.
<enraged> I failed to enter my LVM decryption phrase in time and I was presented with an initramfs tool called BusyBox. Could anyone help me with, A, shutting down the computer from this terminal, and B, reinitiating the LVM decryption process without restarting my machine?
<arrrghhh> hey all.  I'm trying to get my server, which is running OpenVPN as a client, to split traffic...
<arrrghhh> as I can ssh just fine when the OpenVPN client is not running... but when the tunnel is up, I can't ssh from other remote locations
<VSpike> Is open vpn adding a default route via the tunnel?
<arrrghhh> VSpike, yes.  It appears to add a route for it, and put a metric of 100 on my "normal" default route
<arrrghhh> this is fine, I would prefer it to tunnel by default... but there's a few services like ssh and ddclient perhaps that I would like to place "outside" of this tunnel
<qman__> arrrghhh, do you mean incoming connections only?
<arrrghhh> qman__, well for example... if I force dyndns.org to point to my actual IP instead of the tunnel IP
<arrrghhh> I can 'see' the SSH connections coming in... but it never establishes a connection.
<arrrghhh> if I tear down tun0, all is well.
<qman__> so what's happening is, the connection comes in directly, but your default route is over the tunnel and it sends the return traffic out that way
<qman__> if you tweak routing settings the same way you would for dual wan, it will fix that problem
<arrrghhh> correct.  can you help me with this, or perhaps show me a guide to do this?
<arrrghhh> I would think a separate routing table would do this, and I would mark the packets with iptables?
<qman__> http://lartc.org/howto/lartc.rpdb.multiple-links.html
<arrrghhh> cool
<qman__> that's obviously the way to do it live, you'd have to add it with the appropriate additions in /etc/network/interfaces to get it on boot
<arrrghhh> hm ok
<arrrghhh> qman__, can I do this with a dynamic tun0 address?
<arrrghhh> eth0 is static, but tun0 gets a new address everytime the tunnel is started
<qman__> you could, might have to do some tricks putting it in if-up.d for that interface or something
<arrrghhh> well the vpn is started with a init.d script
<qman__> then you could just add it to the end of that
<qman__> you can do something like this to get your IP in the script
<qman__> ip a s tun0 | grep inet\  | awk {'print $2'}
<arrrghhh> qman__, does this guide work for Ubuntu Server?
<arrrghhh> Maybe I'm not understanding how to enter these routes (entirely possible, I am a routing n00b)
<qman__> it's generally applicable to the linux kernel
<arrrghhh> qman__, the first route add command is failing...
<arrrghhh> sudo ip route add 192.168.0.0 dev eth0 src 192.168.0.99 table T1
<qman__> that's because you're not giving it a network address
<qman__> if you're in a class C, it should be 192.168.0.0/24
<arrrghhh> giving what a network address?
<arrrghhh> oh
<arrrghhh> right, I needed the mask
<arrrghhh> hm.  I still get "Error: argument "T1" is wrong: "table" value is invalid"
<arrrghhh> derp, remove the T
<qman__> so basically what you're doing is telling linux to return traffic from whence it came, instead of just using the default route
<qman__> and then configuring your default route to be over your actual preferred interface
<enraged> I failed to enter my LVM decryption phrase in time and I was presented with an initramfs tool called BusyBox. Could anyone help me with, A, shutting down the computer from this terminal, and B, reinitiating the LVM decryption process without restarting my machine?
<qman__> ctrl+alt+del should reboot it
<qman__> if you've been dropped to busybox, I don't think you can go back and continue
<qman__> I honestly don't know why they put it in there, I have yet to find any use for it at all
<enraged> Ability to manually choose which drivers get loaded
<enraged> Atleast, that's my understanding of it
<enraged> But yeah, thanks for that cad, I'll give it a go next time.
<enraged> On the reinitiating the decryption, well, it seems to start in initramfs so there must be a way
<arrrghhh> qman__, sorry not sure what messages went thru.  do I only need to setup ths return path on the non-tunnel interface?  and does this ensure all other traffic is still tunneled..?
<qman__> arrrghhh, it needs to be set up for each interface which has a gateway
<qman__> so, how I'd try it
<qman__> add the part that creates a table for the interface to the main interface's config
<qman__> and have it select that as the default route from the beginning
<qman__> then, in the VPN config, have it set up the second table on tun0 and then select that one as the default instead
<arrrghhh> hm.  I wonder if I need more complicated policy rules...
<arrrghhh> I want to make sure the tunnel is the default for everything else, except ssh
<arrrghhh> I already removed ddclient and put it on the router
<arrrghhh> oh well, I'll have to come back to this.  thx for the help!
<enraged> Ok, is there a way to use a PAM module when you use keys to login via ssh instead of a password?
#ubuntu-server 2014-05-26
<babinlonston> I Want to allow one person to check my server for some issue, and he needs to check the server in root privileges, how can i give him login detail's using ssh key file
<Tazmain> hi all, is there anyone here that has worked with squid before ?
<hadifarnoud> is it a bad idea to have gzip compression turned on for low mem servers?
<Oplex> anyone successfully linked deluge to sickbeard ?
<maswan> So, how do I stop my trusty server from randomly renaming the p2p2 NIC to "rename5" on occasional reboots?
<sarnold> maswan: first, please file a bug report about that, I know I've seen some complaints about it but I don't think they've been written down anywhere :/
<maswan> sarnold: well, https://bugs.launchpad.net/ubuntu/+source/biosdevname/+bug/1284043 seems to cover it
<uvirtbot> Launchpad bug 1284043 in biosdevname "udev renaming the same hardware network i/f to different name, breaks networking and firewall" [High,Confirmed]
<sarnold> maswan: probably uninstalled the biosdevname package will do it, but that'll change all your names
<maswan> but as usual there seems to be a fair bit of blahblah in the launchpad bug too
<sarnold> maswan: heh, yeah, everyone has a story rather than just stating the bug. oh well. it's documented. :)
<sarnold> maswan: so if you d'nt mind the eth0 eth1 eth2 etc names, you can uninstall the biosdevname package and rebuild your initramfs
<maswan> sarnold: yeah. I kind of like the new names, but not to the point where drbd won't work because the internal networking went away because the nic suddenly was "rename5"
<sarnold> maswan: yeah. it seems surprising it wasn't found and fixed earlier.
<Pupeno> Should users used for running a web app and for deploying an app by system or regular users?
<Pupeno> A custom upstart job I wrote is not starting and it's not writing anything to /var/log/upstart/jobname.log. Any other log files I could check for errors?
<RoyK> Pupeno: perhaps /var/log/messages
<Pupeno> RoyK: there's no such file in Ubuntu, at least 12.04.
<RoyK> erm
<RoyK> s/messages/syslog/
<RoyK> sorry
 * RoyK is using a lot of RHEL/CentOS at work and confuses things a bit sometimes
<Pupeno> RoyK: no, nothing there :(
<RoyK> Pupeno: then I don't know - sorry
<dasjoe> maswan: have you checked /etc/udev/rules.d/70-persistent-net.rules?
<soren> Suppose I have a number of outstanding security updates. Does anyone have any good ideas for how I can list the corresponding USN's?
<soren> jdstrand: ^ Any good ideas?
<XKM> Hello
<XKM> I have an HP n54l with 8GB of RAM and an radeon HD540
<XKM> the CPU is AMD Turionâ¢ II Model Neo N54L
<XKM> should i be running 64 bit or 32?
<XKM> I think 64...am i wrong?
<XKM> Its going to be a NAS btw if that makes any different
<XKM> anyone?
<RoyK> sec
<XKM> ok
<RoyK> it's a 64bit cpu AFAICS
<RoyK> http://www.cpu-world.com/CPUs/K10/AMD-Turion%20II%20Neo%20N54L%20-%20TEN54LSDV23GME.html
<RoyK> with 8GB RAM, it'd be best to run it in 64bit mode
<XKM> Syeet
<XKM> Sweet thanks!
<XKM> How stable is the new 14.04?
<XKM> Would i be better of witht he 12.04?
<lorenz> Hey, I got a problem with my 14.04 Server, it won't boot anymore. It seems like that all upstart jobs are failing, because when I run it in debug mode, they start at a 5-second interval (which is the default for upstart when services fail). Does anybody know what's going on?
<XKM> lol
<lorenz> what lol?
<TJ-> lorenz: disk corruption?
<XKM> sorry i am thinking between 12.04 and 14.04 ubuntu server
<lorenz> I checked my disk with btrfs scrub, btrfsck and rebalanced. Everything worked perfectly and no errors showed.
<TJ-> lorenz: is the root file-system mounted read-only?
<lorenz> no, I don't think so. At least in /etc/fstab it's mounted rw and the root subvolume is flagged rw.
<TJ-> lorenz: Do you have a shell terminal you can type at?
<lorenz> no, the shell doesn't work yet
<lorenz> it fails when starting the plymouth-bridge
<TJ-> lorenz: have you tried starting with "init=/bin/bash" so you can at least explore?
<lorenz> oh, thank you
<lorenz> I'll try that
<XKM> so what about 12.04 vs 14.04?
<XKM> which one should i go for knowing its going to be a NAS box
<lorenz> I saw something: when i typed mount in, it showed me a warning that /etc/mtab is not writeable (read-only filesystem). But in the flags for / it shows rw. How can I find out if the disk is really getting mounted rw or ro?
<TJ-> lorenz: "cat /proc/mounts" will show what is actually mounted as far as the kernel is concerned
<lorenz> It is actually read-only.
<lorenz> Can I just remount it rw or would that break something?
<TJ-> lorenz: try to determine why
<lorenz> I remounted it with mount -o remount,rw / and now it shows in /proc/mount as rw
<TJ-> lorenz: has any file-system run out of space?
<lorenz> no, all Fs have plenty of space
<TJ-> lorenz: I wonder if the initrd.img could be corrupted
<lorenz> Wouldn't update-initramfs -u fix that? Because I ran that command in a chroot and nothing changed.
<TJ-> lorenz: it's the initrd.img's "/init" script that handles the root pivot from the kernel's rootfs to the real root
<lorenz> ok
<TJ-> lorenz: Yes, it should, assuming the /boot/ volume is good
<TJ-> lorenz: Is /var/log/ in the root-filesystem?
<lorenz> Yes, it is, but the ls command took ~1s to complete
<TJ-> lorenz: "tail -f /var/log/kern.log" see what is being written
<TJ-> lorenz: is all mass-storage local on the server ?
<lorenz> a lot of retire_playback_urb: 832 callbacks suppressed
<lorenz> yes, all storage is local (I currently run an image of the server on my computer in QEMU-KVM, so the hardware isn't the issue)
<TJ-> lorenz: what USB devices connected?
<lorenz> no USB devices connected
<TJ-> Any sound devices?
<lorenz> ac97
<lorenz> default of qemu, I can remove it if that helps
<TJ-> "retire_playback_urb" is a message from sound/usb/pcm.c
<lorenz> ok
<TJ-> hang on... this server is running in qemu-kvm ?
<lorenz> The original server who failed to boot is physical. I took an image of the ssd on my local computer to help debugging after I failed to bring it back up. It behaves exactly the same in QEMU-KVM. But when it works again, I plan to write the modified image back to the boot ssd of the physical server.
<TJ-> lorenz: That is *strange*
<TJ-> lorenz: How large is the root file-system block device?
<lorenz> The Image is 60 GB (It's taken from a Kingston KC300 60GB)
<TJ-> lorenz: I'm wondering if it's a btrfs bug. If you have the space, I am thinking it might be worth creating a new blockdevice and formatting it ext4, then rsync the data from the current root-file system, and then modify things enough to try starting from that.
<TJ-> The fact you had a read-only mount even on QEMU seems 'wrong' unless there is something wrong with the btrs volumes
<lorenz> Well, I got a few terabytes on my computer, so I'm just gonna create  a new image with 60GB and copy stuff over.
<lorenz> Why could I mount it rw if there's something wrong with the volume? The kernel didn't complain (and not even throw a warning in the logs).
<TJ-> I have *no* idea, but I'm trying to reduce the problem space through eliminating potential issues... the more you can do that, the easier it is to focus on the real problem
<lorenz> Something else: when I am in bash (from init=/bin/bash), can I then launch the normal init after I remounted / as rw?
<lorenz> btrfs -> ext4 copy job is running
<sarnold> lorenz: maybe. if you want to try, try exec /sbin/init
<lorenz> ok, I'm gonna try that on another image
<lorenz> ok, exec /sbin/init waits 60 seconds, afterwards it prints init: plymouth-upstart-bridge main process (196) terminated with status 1. So this fails too. I'm now waiting for the copy process.
<sarnold> lorenz: oh, drat. :( thanks for trying, I realize now I'd never known if that could or should work, or why not if it doesn't..
<Diplomat> hey guys, i installed 64bit ubuntu to my server.. and for some random reason it shows i686
<Diplomat> any ideas ?
<lorenz> sarnold: well, it was the same error as without /bin/bash, so it could work if it works without init=/bin/bash
<lorenz> Diplomat: what is the output of uname -a
<Diplomat> Linux os-comp2 3.11.0-22-generic #38~precise1-Ubuntu SMP Fri May 16 20:50:12 UTC 2014 i686 i686 i386 GNU/Linux
<Diplomat> I'm more than 100% that I installed Ubuntu 12.04.4 64 bit version
<ikonia> looks like a 32bit kernel
<ikonia> seems %99.9 certain
<lorenz> Diplomat: That's a 32bit ubuntu, I can't tell you more.
<Diplomat> that's what im asking
<Diplomat> how can it be 32bit when i used 64bit iso.. :/
<ikonia> you didn't
<ikonia> you used 32bit
<lorenz> A 64bit ISO can't install a 32bit OS, it doesn't have the packages.
<Diplomat> http://releases.ubuntu.com/12.04/ubuntu-12.04.4-server-amd64.iso is this 32 bit ?
<lorenz> You have a 32bit OS
<ikonia> Diplomat: that's not what you used to install
<ikonia> Diplomat: please run "file /bin/bash" please
<Diplomat> haha lol now how can you tell me that
<Diplomat> I have installed ubuntu at least 50-60 times
<ikonia> Diplomat: please run "file /bin/bash" please
<RoyK> Diplomat: amd64 is 64bit - use the 32bit one
<lorenz> RoyK: He wants 64 bit
<Diplomat> ikonia, I checked it already it's 32
<Diplomat> it shows
<ikonia> Diplomat: ok, so you can't have used a 64bit install media
<Diplomat> http://pastebin.com/rzkqrVQH
<ikonia> the 64bit install media doesn't have the 32bit software on it
<ikonia> so you have to have either a.) downloaded/installed the wrong media b.) the ubuntu site gave you the wrong media, but renamed it to 64bit media name (unlikley)
<lorenz> ELF 32-bit LSB executable
<ikonia> that's the only two options
<Diplomat> ikonia, please, there is no way that I used 32 bit iso when I used that URL to download it to my desktop and then used that exact file for installing
<lorenz> It could also be that the software to write the USB stick failed and left an old 32bit installer
<Diplomat> I wouldnt be here making a joke of myself if i wouldnt be that sure
<ikonia> Diplomat: repeating it won't change the facts you have a 32bit os
<ikonia> Diplomat: so what do you want to do / happen now ?
<RoyK> lorenz: 64bit doesn't work with 32bit hww
<RoyK> lorenz: 64bit doesn't work with 32bit hw
<Diplomat> nothing, i was just surprised and i wanted to ask about this issue
<ikonia> well, as you are the only person who's ever reported this issue, it's most likley (but not fact) a simple user error mistake
<ikonia> it does happen,
<lorenz> RoyK: yes I know. But if it the script failed (didn't write anything on the stick), and there was another 32bit installer already on there.
<ikonia> Diplomat: stick the install media in now, and config the volume label on it
<lorenz> Diplomat: What installation media did you use?
<guntbert> s/config/confirm/
<Diplomat> I just booted it and installed like I have always done it
<Diplomat> and if I failed some where.. then how lol
<ikonia> check the volume label on the disk
<lorenz> Was it an USB stick, CD, DVD or something else?
<Diplomat> http://puu.sh/92ub6.jpg
<ikonia> Diplomat: that's an iso image
<Diplomat> just that file to empty VirtualBox
<ikonia> Diplomat: not the boot media
<ikonia> ahhh a virtual box install, sorry, I missed that earlier
<lorenz> Boot order in VirtualBox?
<Diplomat> What I did was I created a new vm.. and then it booted then it asked for installer I picked that ISO and then installed it and then it restarted and then i did some stuff there and then i realized that something is wrong and did "uname -a"
<Diplomat> and voila
<Diplomat> I dont have any USB or CD/DVDs connected
<ikonia> Diplomat: boot the install media and check it with uname -a again
<Diplomat> I was messing with this: http://docs.openstack.org/icehouse/install-guide/install/apt/content/nova-compute.html
<lorenz> Then get an Ubuntu Cloud install image
<Diplomat> http://docs.openstack.org/icehouse/install-guide/install/apt/content/basics-packages.html
<Diplomat> this too
<lorenz> no
<lorenz> http://www.ubuntu.com/download/cloud
<lorenz> this one
<lorenz> Has OpenStack preinstalled
<Diplomat> Yea, but that's why I didnt get it because I wanted to try myself
<Diplomat> and it appears I was able to do the impossible lol
<Diplomat> well
<Diplomat> I'm gonna download that same iso again and try again
<Diplomat> maybe i'm able to get it 16bit
<sarnold> 8bit best bit
<Diplomat> I'm trying man
<lorenz> You will then have 256bits of ram available :D
<Diplomat> lol
<Diplomat> I might be able to open hello world text file then
<Diplomat> that's pretty cool too
<cloudman> Hi, just installed 14.04 for the first time on a server and activated root but sftp is saying no all the time...
<Gallomimia> is your ssh server running?
<cloudman> fresh install, got in as user and activated root etc so yes
<Gallomimia> sftp runs over ssh. i'm sure your client is configured to get in that way too
<lorenz> Is "Subsystem sftp /usr/lib/openssh/sftp-server" present in /etc/ssh/sshd_config
<cloudman> tried about 4 times, checking pwd and sftp just keeps ignoting it??
<Gallomimia> by the way sftp as root is pretty brutal. recommend using a different username than that
<cloudman> Gallomimia: I need to upload a file to root dir
<cloudman> I need root
<lorenz> SFTP as root is maybe not very secure, but it works (I tried it once, I needed to move a whole lot of files to root)
<cloudman> give me root everytime, let me take care of security, yet to be hacked since 1995
<cloudman> is root sftp possible in 14.04??
<Gallomimia> just as secure as anything. just can be easy to overwrite things you didn't want. anyway, viewing the file at /etc/sshd_config will let you look at a few options for the server
<lorenz> Yes, it is possible
<cloudman> how?  :)
<lorenz> Should work out of the box
<Gallomimia> having not run 14.04 yet im unsure. hm. do i have any ubuntu servers left?
<cloudman> will do a fresh install but its having none of it here
<lorenz> If you set your root password to something else than an empty hash
<lorenz> Look at /etc/ssh/sshd_config
<lorenz> Upload the contents somewhere on pastebin or similar
<Gallomimia> there must be something turning off sftp for root if you having problems
<Gallomimia> or your client is not configured properly
<cloudman> beats me
<cloudman> will check it out
<TJ-> check "/var/log/auth.log"
<cloudman> lorenz: http://paste.ubuntu.com/7524412/
<lorenz> cloudman: that's ssh_config, not sshd_config
<cloudman> ah, sry too much wine tonight
<cloudman> http://paste.ubuntu.com/7524436/
<cloudman> first time with 14.04
<cloudman> all good fun anyway
<cloudman> lorenz: http://paste.ubuntu.com/7524436/
<lorenz> cloudman: Subsystem sftp /usr/lib/openssh/sftp-server is there, so the server should have no issues. Could you also post /var/log/auth.log?
<cloudman> Yes as Tj mentioned checked that and it says pwd failure???  keyboard setup maube??
<cloudman> maybe
<cloudman> sshd[1357]: Failed password for root from
<cloudman> how can that be though, I know my typing is a bit off tonight but...
<cloudman> thing is I tried with a simple 123456 as well and got the same, sftp reject
<lorenz> cloudman: Is there anything above the failed password line?
<cloudman> lorenz:  pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=
<lorenz> cloudman: anything above there?
<genii> With "PermitRootLogin without-password" aren't you supposed to be using a key?
<cloudman> fail2ban not built in to 14.04 is it :)
<lorenz> cloudman: It's what genii said
<cloudman> genii: not sure, 12.04 user here
<lorenz> cloudman: Change line 28 of /etc/ssh/sshd_config to PermitRootLogin yes
<cloudman> ok, hangon
<cloudman> lol, need root
<cloudman> won't let me do it
<cloudman> hangon
<cloudman> ok, should I restart ssh server
<lorenz> cloudman: yes
<cloudman> ty
<cloudman> Guess what guys
<cloudman> in as ./
<cloudman> tahnks
<cloudman> thanks
<cloudman> tanked up as well
<cloudman> why does it do that as default
<cloudman> lorenz: ty
<cloudman> genii: even more ty
<cloudman> TJ ty
 * genii hands out the coffee and cookies
<cloudman> what a pain though
<TJ-> it's done deliberately
<cloudman> to annoy people?
<cloudman> thanks guys, great help and fast response, superb
<TJ-> cloudman: If I wanted a user to write to "/" I'd simply do "sudo adduser $USER root && sudo chmod g+w /"
<lorenz> TJ-: Copy process is done, I will now try to setup grub
<TJ-> lorenz: good luck, I hope it is that; at least you can then get on with fixing the problem
<cloudman> 8 core 8 thread, 8Gb Ram DDR3 1Tb HD 35 euro a month anyone want one as a reward ;)
<cloudman> not kidding just got a batch in
<cloudman> now to see if VM installs fine on 14.04
<cloudman> should be a gas
<lorenz> cloudman: https://www.hetzner.de/en/hosting/produkte_rootserver/ex40 is 32GB RAM for 49 â¬ per month
<cloudman> yeah I have one
<cloudman> mine is manged though
<cloudman> managed
<cloudman> not that anyone here should need a managed onr though I guess ;)
<cloudman> talk about preaching to the converted lol
<cloudman> thanks guys
<cloudman> Virtualmin installer fails on 14.04 hope they sort it soon
<TJ-> how did it fail?
<genii> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system.
<cloudman> TJ http://paste.ubuntu.com/7524677/
<cloudman> wow
<TJ-> cloudman: "/root/virtualmin-install.log" ?
<cloudman> TJ-: http://paste.ubuntu.com/7524686/
<lorenz> TJ-: Unpacking grub-pc-bin in the rescue system is now running for like ~10min with no disk activity
<TJ-> lorenz: that's not good
<TJ-> lorenz: something very weird with your setups there
<TJ-> cloudman: The line "Installing dependencies using command: ..." has the list of packages it was going to install. My guess is that one or more are no longer available or have changed SO version-names in 14.04
<cloudman> They are sorting it soon
<cloudman> webmin is ok but you just have to love virtualmin its so easy
<lorenz> TJ-: It's a normal 14.04 installation, just standard packages and only a few PPAs (Percona, Elasticsearch, Ksplice, Owncloud, Passenger and XtreemFs)
<cloudman> https://www.virtualmin.com/node/32970
<TJ-> cloudman: I was already there :)
<cloudman> :)
<cloudman> be nice to get it all sorted
<lorenz> TJ-: I'm trying with the boot-repair ISO, my grub-pc-bin package seems broken
<TJ-> lorenz: ouch
<cloudman> I have some servers that lose boot dir recently??
<lorenz> TJ-: boot-repair also requires you to install this package in chroot. It doesn't work there either. But I have been able to attach a strace to the responsible dpkg process. It's writing with the speed of about 4KB/s :D
<TJ-> lorenz: This is from the QEMU session?
<lorenz> TJ-: It's inside QEMU, yes.
<lorenz> TJ-: The Ext4 image is on a SSD, so that's not the issue
<TJ-> lorenz: Are you *100%* sure that QEMU is using VT hardware support? It sounds as if its using software emulation
<lorenz> TJ-: Everything else is very fast, I rechecked and KVM is enabled and the load on my host is something around 0.1
<TJ-> lorenz: then something you've got there is playing silly buggers with you!
<ikonia> how are you checking if kvm is being used
<lorenz> ikonia: virt-manager shows Hypervisor: kvm
<ikonia> lorenz: is the kvm module actually loaded ?
<TJ-> lorenz: "ls /dev/kvm" or "kvm-ok"
<lorenz> ikonia: lsmod | grep kvm shows kvm_intel and kvm
<lorenz> TJ-: kvm-ok: KVM acceleration can be used
<TJ-> lorenz: good... one more thing checked off :)
<TJ-> lorenz: just to be clear, the host is fine, it's the guest image in the VM or when its run on the original bare-metal server, that is having problems?
<lorenz> TJ-: Exactly
<TJ-> lorenz: Then it has to be something in the images. Have you managed to start the ext4 clone of the root-file-system ?
<lorenz> TJ-: I'm trying to install grub on it right now. The images are the simple .img files, so they shouldn't cause any problems. I need img to write them later back to the SSD.
<TJ-> yeah, that's how I do it
<lorenz> TJ-: It finished now! :D
<Pupeno_> My custom upstart job stopped writing to /var/log/upstart/jobname.log. Any ideas what it could be or how to troubleshoot it?
<TJ-> Pupeno_: logrotate not setting the permissions of the new file correctly?
<lorenz> TJ-: The install dpkg for grub is now just sleeping (according to strace, it does a nanosleep)
<TJ-> lorenz: one thing I can think of, is when hostname tries to be resolved outside the localhost... can affect many commands unexpectedly
<lorenz> TJ-: Sorry, that was the top-level dpkg which was waiting for the children. But the child now also writes very slow.
<Pupeno_> TJ-: there's no file right now, and it's not being created. I didn't touch the permissions of the parent directory since before it stopped working.
<TJ-> Pupeno_: if the log file is missing then ownership and/or permissions will be the issue
<lorenz> TJ-: localhost resolves to 127.0.0.1 according to /etc/hosts
<Pupeno_> TJ-: that wasn't an issue when the computer was freshly installed, but I would be happy to explore that.
<TJ-> lorenz: how about the hostname itself - the name of the machine
<lorenz> TJ-: That also resolves to 127.0.1.1, which seems ok to me. Btw, is it correct that the kernel is responsible for executing the calls I see in strace?
<Pupeno_> TJ-: created the file as 666 and still nothing got written to it.
<TJ-> Pupeno_: I've seen instances of a daemon working fine until logrotate fires off, which changes ownerships and stops the daemon from writing... it can be caused by the daemon dropping privileges/to another unprivileged user-id and can therefore not have root:root access to access the log file
<Pupeno_> The job is not starting, something is preventing it, but logs are empty.
<TJ-> lorenz: You're seeing the syscalls mostly
<TJ-> Pupeno_: Try starting the daemon manually in the foreground with full verbosity/debug enabled
<Pupeno_> TJ-: I was working on the app this job is supposed to fire when it stopped working. I don't think it was logrotate, but still, without logs, I can't figure out what's stopping this app from starting.
<Pupeno_> TJ-: that doesn't work, it fails, and that's all right. I'll get to that error after I fix upstart.
<TJ-> Pupeno_: I'm lost; if the daemon won't start manually, how can upstart start it?
<Pupeno_> TJ-: I wrote the app, there's a bug somewhere, which I'll resolve later. Right now, I want to see the error messages in the context of upstart. I'm not expecting upstart to work, I'm expecting upstart to log the error.
<TJ-> Pupeno_: You'll need to do "initctl log-priority debug" to see more info in the syslog
<Pupeno_> TJ-: still nothing in upstart/projectx.log or syslog.log. Should I look in another log file?
<genii> "...in the syslog"
<TJ-> Pupeno_: As far as I recall, /var/log/syslog is the place to look
<Pupeno_> Should I add that line to my upstart conf file?
<TJ-> what line?
<Pupeno_> initctl log-priority debug
<TJ-> Pupeno_: That's a command to issue directly, as root/sudo
<Pupeno_> ok, that's what I did.
<lorenz> TJ-: It has now worked, Boot-Repair is installing the new MBR. I'm trying to reboot shortly.
<TJ-> lorenz: *fingers* crossed
<TJ-> lorenz: but that slowness suggests something is dragging its feet terribly
<lorenz> TJ-: Ok, it boots. BUT it is stuck at the same line as before.
<lorenz> TJ-: Oh, I forgot to update /etc/fstab
<TJ-> lorenz: *tuts*
<lorenz> TJ-: Sorry, didn't help. The newly created ext4-machine (without EFI and BTRFS) does exactly the same. It shows init: plymouth-upstart-bridge main process (182) terminated with status 1 and mounts / as read-only
<TJ-> lorenz: Then you've got some problem in the initrd.img I'd guess
<lorenz> TJ-: Can I reinstall that somehow?
<TJ-> lorenz: Before this first started, what was the last (few) sysconfig changes/system updates ?
<lorenz> TJ-: I did nothing the day it started. The (physical) machine just stopped responding (I had a SSH session open, but it also didn't respond to pings and ARP-requests). Then I hard-rebooted and it didn't came up.
<TJ-> lorenz: I have to start  thinking along the lines of "comprised" and "root-kit"
<TJ-> lorenz: s/comprised/compromised/
<lorenz> TJ-: It runs Snort, UFW, chkrootkit, OSSEC and is hardened with bastillion, so it's quite unlikely. But it could happen.
<lorenz> TJ-: I had no alerts that day. And wouldn't somebody who attacks the machine try to not bring it down, because a disabled machine can't be used to do anything?
<TJ-> lorenz: Well look at the facts... you've moved the same image to different hardware, inside a VM, using a different file-system, and it still does the same thing
<TJ-> lorenz: extract the initrd and check it for anything 'weird' or 'missing' or 'badly configured'
<lorenz> TJ-: Have you got a command ready to do that?
<TJ-> lorenz: funny you should say that ;p
<lorenz> TJ-: I found one.
<TJ-> lorenz: "mkdir /tmp/initrd && pushd /tmp/initrd && zcat /boot/initrd.img-`uname -r` | cpio -i -d "
<lorenz> TJ-: Thank you!
<lorenz> TJ-: What should I look for?
<TJ-> lorenz: $1,000,0000 question!
<lorenz> TJ-: Ok :D
<TJ-> first check in the conf/ directory and its sub-dirs, read the files, get a feel for what they're saying
<TJ-> There should be some mdadm.conf stuff in there if you're using MD
<lorenz> TJ-: I use btrfs RAID, so there is no mdadm.conf
<lorenz> TJ-: /conf folder seems well, everything makes sense
<TJ-> also, check the /libs/ and the lib/
<TJ-> grrr, typo... "lib/"
<lorenz> TJ-: Found one: klibc-P2s_k-gf23VtrGgO2_4pGkQgwMY.so
<lorenz> TJ-: Does that look normal?
<TJ-> lorenz: "md5sum:  4152a06877635bf3dc98a3cf6e48bd4a  lib/klibc-P2s_k-gf23VtrGgO2_4pGkQgwMY.so"
<TJ-> lorenz: I notice there's "/etc/{lvm,mdadm}/"
<lorenz> TJ-: 4152a06877635bf3dc98a3cf6e48bd4a  klibc-P2s_k-gf23VtrGgO2_4pGkQgwMY.so -- seems the same
<lorenz> TJ-: I don't use LVM nor MDADM
<TJ-> lorenz: OK... how about "cat $(find scripts -type f) | md5sum"          ==  2dc83e509c928077916b5951b8162cd9
<TJ-> lorenz: that'll probably be different to mine; I have lvm, mdadm, and cryptsetup
<lorenz> TJ-: That's different
<TJ-> lorenz: not surprised, that was a lot of files to expect to be the same!
<lorenz> TJ-: http://paste.ubuntu.com/7525216/ Are the sums of my scripts dir
<TJ-> lorenz: OK, take a look at the "./init" shell script that controls the process. You'll see several function calls of the form "maybe_break XXXX" these are points where the script can be stopped by adding "break=XXXX" to the kernel command-line
<lorenz> TJ-: I think I found something: my lib/modules are for 3.13.0-27-generic and my kernel is 3.13.0-24
<TJ-> lorenz: In particular, look at "maybe_break mountroot" ... at that point it is about to call "mountroot". If you did "break=mountroot" and then manually executed that call, *maybe* you can find out why it is mounting it read-only
<TJ-> lorenz: Really!?!
<TJ-> lorenz: Let me extract the same version here
<lorenz> TJ-: My newest image in /boot is initrd.img-3.13.0-24-generic, but the contents are 3.13.0-27-generic
<TJ-> lorenz: "ls lib/modules/"  = "3.13.0-24-generic"
<TJ-> lorenz: That'd sure mess things up!
<TJ-> lorenz: "May 26 21:03:48 <TJ->   lorenz: I wonder if the initrd.img could be corrupted"
<lorenz> TJ-: your script unpacked my host initrd, that was the problem.
<TJ-> lorenz: lol ... I thought you'd adjusted the paths for the VM :) ... oh well, it's never *that* easy!
<TJ-> lorenz: so, back to the idea of "break=mountroot"
<lorenz> TJ-: ok, i'll see
<TJ-> lorenz: If you do that, the first thing once you have the shell prompt is to source the function library with ". scripts/local" and then you can do "mountroot"
<lorenz> TJ-: ok
<TJ-> lorenz: also, *before* you call "mountroot" ensure there's verbose logging with export quiet="n"; set -x;
<lorenz> TJ-: Kernel panic: Illegal number mountroot
<TJ-> hmmm!
<TJ-> lorenz: Did you see any messages/debug info before that?
<lorenz> TJ-: I missed a newline before the mountroot, is now fixed. I'm compressing the next initrd.
<TJ-> lorenz: OK
<lorenz> TJ-: Nothing happens now (I put a newline between break and mountroot)
#ubuntu-server 2014-05-27
<TJ-> lorenz: I think at the shell prompt you'll probably need to do  "export quiet=n; set -x" ". scripts/functions" ".scripts/local" "mountroot"
<lorenz> TJ-: Where?
<TJ-> lorenz: on the kernel command-line it should be "linux .... break=mountroot"
<lorenz> TJ-: Oh! I thought I needed to modify the maybe_break in init
<TJ-> lorenz: That'll drop the the shell prompt in /init just before the mountroot is done, so you can then do it manually using the commands above ^^^
<TJ-> lorenz: oh! no... they're clever ways for the script to test if you want it to stop at that point, and they use the kernel command-line to find out by looking for "break=xxxx"
<TJ-> lorenz: if "xxxx" matches a "maybe_break xxxx" then the script stops at that point and drops to the shell prompt
<lorenz> TJ-: Kernel panic: VFS: Unable to mount root fs on unknown-block(0,0)
<TJ-> lorenz: hmmm!
<TJ-> lorenz: possibly a side-effect of not quite having the correct manual steps, but did you get any debug output from the scripts to give us a clue?
<TJ-> lorenz: when you call "mountroot" that's from "scripts/local", which first calls "pre_mountroot" in the same script file. That should be bombing you with useful info
<lorenz> TJ-: I got in :) I adjusted my build process for the initrd's a bit
<TJ-> OK :)
<lorenz> TJ-: Verbosity level is up, should I now launch mountroot?
<TJ-> lorenz: do all the steps I outlined above ^^^
<TJ-> lorenz: "export quiet=n; set -x" ". scripts/functions" ".scripts/local" "mountroot"
<lorenz> TJ-: Ok, done. produced a whole lot of output.
<TJ-> lorenz: And do you have a read/write root file-system? "cat /proc/mounts"
<lorenz> TJ-: https://imgur.com/3CJKH4c
<lorenz> TJ-: ext4 ro ...
<TJ-> OK... so its done that all correctly, so lets see if we can manually complete init
<lorenz> TJ-: It's still read-only?
<TJ-> It should be
<lorenz> TJ-: Ok
<TJ-> lorenz: I'm trying to figure out an 'easy' way to get that script to pick up where it left off.
<TJ-> lorenz: actually, I may be wrong there, it might be supposed to be writeable
<TJ-> lorenz: "mountroot" does, eventually: "mount ${roflag} ${FSTYPE:+-t ${FSTYPE} }${ROOTFLAGS} ${ROOT} ${rootmnt}"
<lorenz> TJ-: So it should be read-only. But where will it be remounted?
<TJ-> lorenz: Actually no it ought to be read/write. it's mounted to ${rootmount} right now
<TJ-> can you do "echo ${roflag}"
<TJ-> lorenz: That should be "-w"
<lorenz> TJ-: It is actually -r
<TJ-> lorenz: Which is set by "${readonly}" ... echo that one too please
<lorenz> TJ: echo ${readonly}: y
<TJ-> lorenz: OK, we were correct the first time, the default value is "export readonly=y"
<TJ-> lorenz: That is also set if "ro" is on the kernel command-line
<lorenz> TJ-: Yes, that argument is set on the grub cli
<TJ-> lorenz: OK... so that is good. The switch to read/write will be done when the real root /etc/fstab is read by mountall
<TJ-> lorenz: OK... I can't see an easy way right now to continue execution in the ./init script, so the best thing to do is reboot it.
<lorenz> TJ-: Can I execute mountall?
<TJ-> not from the initrd no, it needs a restart with "break=XXX"
<TJ-> lorenz: **without** "break=XXX" !!!
<lorenz> TJ-: break=mountall or without break at all?
<TJ-> without it at all. It's not given us any better info unfortunately, aside from we know the rootfs isn't having a problem being mounted
<TJ-> lorenz: so now I'm looking at what happens once the real root-fs /sbin/init starts
<lorenz> TJ-: Still breaking at plymouth-upstart-bridge
<TJ-> It's really hard to think it through without being able to explore it directly.
<lorenz> TJ-: What should I do?
<lorenz> TJ-: I saw something: EXT4-fs: re-mounted. Opts: (null)
<lorenz> TJ-: Shouldn't that be remount,rw?
<TJ-> lorenz: I'm at a loss right now; I'd be looking for ways to monitor the boot scripts to find out what's happening
<EzeQL> hi, im trying to setup postfix and dovecot. I am getting : Initialization failed: namespace configuration error: inbox=yes namespace missing
<Macer> i just moved all my gear and it's nice to know that when it came to the ubuntu server all i had to do is turn my UPS on heh
<Macer> booted, started my containers, done.
<lorenz> EzeQL: Post your dovecot.conf somewhere
<TJ-> lorenz: Check the "/etc/fstab" for the root file-system
<TJ-> lorenz: Here I have "grep remount /var/log/dmesg"   "[   11.136487] EXT4-fs (dm-5): re-mounted. Opts: errors=remount-ro" and "/etc/fstab" "/dev/mapper/Hephaestion-Ubuntu_14.04_rootfs     /                         ext4    errors=remount-ro 0       1"
<lorenz> TJ-: I got /dev/sda1 /  ext4   defaults 0   1
<TJ-> lorenz: that'd explain the null, but not why it doesn't remount rw
<EzeQL> lorenz, http://pastebin.com/C0CNiDbE
<lorenz> EzeQL: That file does nothing, when you remove the comments it just includes other stuff and nothing else
<EzeQL> im following this: https://digitalocean.com/community/articles/how-to-configure-a-mail-server-using-postfix-dovecot-mysql-and-spamassasin
<EzeQL> when i try to login using pop3: i get -ERR [SYS/TEMP] Internal error occurred. Refer to server log for more informatio
<EzeQL> n.
<lorenz> EzeQL: You missed step 4: You need to download the files from Dropbox
<TJ-> lorenz:  do you have in "/var/log/dmesg" or from "dmesg" "EXT4-fs (sda1) mounted filesystem with ordered data mode" for the root file-system ?
<EzeQL> lorenz, are you sure? https://www.dropbox.com/s/wmbe3bwy0vcficj/etc-dovecot-dovecot.conf.txt compared to mine have some diffs
<lorenz> TJ-: How should I check that?
<lorenz> TJ-: Could I inject a custom init-script that prints out stuff?
<TJ-> lorenz: "dmesg | grep 'ordered' " or "grep 'ordered' /var/log/dmsg"
<lorenz> TJ-: I don't have access to a shell
<TJ-> lorenz: of course! Grrr
<EzeQL> lorenz, any hint?
<EzeQL> quite tired of working on this
<lorenz> EzeQL: The guys from digitalocean commented the main namespace out
<lorenz> EzeQL: I can give you my config
<EzeQL> lorenz, ok!
<TJ-> EzeQL: It looks like you uncommented "#inbox = no" in "/etc/dovcot/conf.d/10-mail.conf" but not the surrounding "namespace"... it shouldn't be needed in most cases
<lorenz> EzeQL: http://paste.ubuntu.com/7525600/ (single file)
<lorenz> TJ-: It seems like that upstart fails
<TJ-> lorenz: hmmm
<TJ-> lorenz: the root-fs is 60GB isn't it?
<lorenz> TJ-: Yes
<lorenz> TJ-: The new one is only 40GB
<TJ-> lorenz: I'm digging but not finding any clues
<lorenz> TJ-: I booted in verbose mode with --verbose and found out that upstart is starting the services in precisely 5-second-intervals which is exactly the standard respawn limit (http://manpages.ubuntu.com/manpages/natty/man5/init.5.html)
<TJ-> are the same processes being respawned
<lorenz> TJ-: Yes
<TJ-> you know how upstart works? emits events which jobs do things like 'start on filesystem started'
<lorenz> TJ-: Yes
<TJ-> I'm wondering if an early job isn't emitting its signal
<TJ-> The other thing I'm wondering about is how long it is until udev starts
<lorenz> TJ-: I never saw udev starting
<TJ-> lorenz: hmmm
<lorenz> TJ-: It tries to start plymouth-upstart-bridge over and over again
<lorenz> TJ-: At 86 seconds it first launched mountall and afterwards it handles plymouth-ready events all over the place, but it's still being restarted all the time
<TJ-> lorenz: and that fires on the "startup" event... I wonder if that is firing repeatedly because, maybe, udev fails to start
<lorenz> TJ-: It seems that it starts a new service around every 30s and restarting the other ones constantly at a rate of one per 5 seconds.
<TJ-> I think it's worth trying on the kernel command-line one or both of "nolapic" and "noapic"
<lorenz> TJ-: No effect, I also tried them before.
<lorenz> TJ-: I need to get upstart to print errors
<TJ-> lorenz: it was a long shot... that'd only really apply to bare metal anyhow
<TJ-> lorenz: http://askubuntu.com/questions/465193/14-04-pxe-slow-boot-process-udev-upstart-systemd
<lorenz> TJ-: Looks exactly like my issue, besides that mine doesn't start at all
<TJ-> here's some helpful shell terminal for boot debuging upstart http://upstart.ubuntu.com/wiki/Debugging#Boot_Problems
<TJ-> lorenz: I recall a critical issue during the last cycle where an upstart script had a syntax error that caused upstart to fail... I wish I could remember the bug ref
<lorenz> TJ-: Could it help to remove upstart scripts?
<TJ-> ahhh, that was a SIGSEGV of /sbin/init due to a bad alsa-utils config
<TJ-> lorenz: Those and sysvinit scripts, but it's a case of figuring out which ones
<TJ-> lorenz: I wonder, have you tried updating the kernel to a newer release?
<lorenz> TJ-: I can't do that anymore
<lorenz> TJ-: I'm going to bed now. At least I know that the problem is upstart. I'll look into it tomorrow.
<lorenz> TJ-: Thank you for your help, It's very appreciated.
<TJ-> same here, it's almost 3am
<Sachiru> Anyone use ZFS on ubuntu for production and manage to get it run stable? How much RAM did it eat up as minimum system requirements?
<Sachiru_> Anyone use ZFS on ubuntu for production and manage to get it run stable? How much RAM did it eat up as minimum system requirements?
<Oplex> anyone running deluge web ui on headless server?? I am trying to figure out why my config file won't save ..
<jdstrand> soren: hi! did you ever get an answer to your question?
<MannerMan> Sachiru: I'm running ZFS on Ubuntu 12.04, general recommendation is 1gb of ram per TB of storage for ZFS
<MannerMan> I have 3 disks alÃ¡ 1TB, and have dedicated 4gb to ZFS, run without issue for 1.5 year
<jdstrand> soren: you probably want https://usn.ubuntu.com/usn-db/database.json.bz2 (https://usn.ubuntu.com/usn-db/database.json.bz2.sha256)
<jdstrand> soren: that will have all active releases. for all releases since we began tracking, you can use database-all.bz2
<soren> jdstrand: Hi!
<soren> jdstrand: No, I didn't get a response yet.
<soren> jdstrand: I'll take a look at that database. That sounds like exactly what I need.
<jdstrand> cool (and sorry I missed you before)
<soren> jdstrand: No worries. I pretty much wandered off right after asking and just came back now, so your timing couldn't have been better. :)
<soren> jdstrand: Still in Malta, I presume?
<sarnold> Sachiru: check out #zfsonlinux -- ram usage depends if you turn on deduplication or not. you'll need at least one gigabyte per terabyte of storage that is being de-duplicated.
<sarnold> Sachiru: there are known issues with memory accouting, you might wish to reduce the size of your ARC from the defaults if you're finding you're under significant memory pressure
<sarnold> Sachiru: even though some people get zfs on / working, it feels like too much work to me. I'm intending on building a zfs storage box sometime soon and won't bother with zfs on root.
<ruben23> hi guys is it possible to ssh tunnel to a multiple web server on a remote server..? scenario is i have 1 firewall(publicIP) and 2 local webserver, and water to access the webpage on this both local webserer using SSL, problem they might be using same port 443 - standard fro SSL
<Oplex> i'm kinda putoff by deluge, i just want something slim that works and will integrate with other programs like sickbeard / couchpotato etc...
<soren> Oplex: I think you have the wrong channel.
<jdstrand> soren: yes, which is why I missed you-- sprinting is hard :)
<morph-> anyone here use symfony?
<hxm> a spanish framework?
<hazmat> stgraber, https://github.com/containers/container-rfc
<Guest57558> hi
<ruben23> ok i have a windows PC and 2 remote linux server behind firewall..currently Linux1 is port frowarded for port 22 only and linux 2 are not.. this linux are both webserver with using SSL, 1. how to i ssh tunnel to linux1 to be able to display its SSL page on my windows PC browser and at the same time Linux 2 also same scenario, diaply the SSL page on my windows PC.
<pmatulis_> morning
<Tazmain> hi all , does anyone know of a good backup program that can do a backup to a ftp  ?
<OpenTokix> Tazmain: rsnapshot probably
<Tazmain> OpenTokix, I will have a look at that thank you.
<OpenTokix> Tazmain: does it have to be ftp?
<Tazmain> OpenTokix, as far as I am aware that is the only option that the place that hosts our server is giving us.
<Tazmain> Its a local ftp to them
<OpenTokix> Tazmain: ok
<lool> stgraber: Would you know of a workaround or a patch for the unprivileged LXC bug?  LP #1322067
<uvirtbot> Launchpad bug 1322067 in lxc "3.15.0-1.x breaks lxc-attach for unprivileged containers" [Undecided,Confirmed] https://launchpad.net/bugs/1322067
<zul> containers containers containers
<montekki> hi all. how can i view packets that are dropped by interface? i know that for fedora there is dropwatch but i failed to make it work  on ubuntu
<stgraber> lool: it's already fixed
<stgraber> lool: just waiting for the security team to fix apparmor so lxc actually migrates to utopic
<stgraber> (kernel regression is making lxc's adt fail at the moment which in turn prevents cgmanager and systemd from migrating. jjohansen has a patch so this should be resolved soon)
<lool> stgraber: oh sorry, I wonder why I still hit it
<lool> stgraber: I'm on utopic
<sarnold> montekki: if th epacket was dropped by the interface.. doesn't that mean it was -dropped-? as in, never makes it to the kernel?
<stgraber> lool: unless you're using lxc from utopic-proposed, you don't have the fix, the fix will land in utopic's release pocket only once the utopic kernel is fixed and I can get lxc to pass adt testing again
<jjohansen> lool: right, it passes the lxc tests, and I am putting together the pull request for the kt, it should go out in a few minutes
<lool> kt?
<lool> oh
<lool> jjohansen: thanks
<lool> so I guess workaround is to downgrade to older kernel
<stgraber> lool: that or pull lxc directly from utopic-proposed
<jjohansen> lool: right, if you drop back to the last 3.13 kernel it will work
<hxm> hi, I am migrating a server and I want to create exactly the same user as it is in the old server, a part of use the same username, what else do I need to copy, the id and something more?
<lool> stgraber: ah ok; I thought kernel upload was still pending in utopic; utopic-proposed packages worked
<lool> thanks all
<montekki> sarnold: nope in fact not, if kernel drops a packet due to some reason (like ipv6 when the host is not configured for it) this drop will also inc the counter of dropped packets in ifconfig
<montekki> sarnold: at least i believe it is true for kernels newer than 2.6.something
<sarnold> montekki: ahhh. thanks.
<lorenz_> TJ-: I replaced Upstart with systemd and figured out that udev causes the boot to hang
<TJ-> lorenz_: Hmmm, is that a permanent fix or a proof of problem?
<lorenz_> TJ-: More a proof of problem. systemd also hangs at udev
<lorenz_> TJ-: At least it shows where it hangs
<TJ-> lorenz_: OK. Those PPAs on that system, do any of them add custom udev rules "/etc/udev/rules.d/*" ?
<TJ-> lorenz_: Or in "/lib/udev/rules.d/*"
<lorenz_> TJ-: I tried removing the complete /etc/udev/, replacing it with other versions, no luck. I haven't checked /lib/udev/rules.d yet
<TJ-> lorenz_: if you can chroot mount the root file-system, you can do "dpkg-query -S /lib/udev/rules.d" to find any packages that add to that location
<lorenz_> TJ-: Yes, it worked: udev, consolekit, systemd, libsane:amd64, qemu-system-common, bridge-utils, hdparm, biosdevname, btrfs-tools, crda, keyboard-configuration, gnupg, dmsetup, docker.io, pulseaudio, xserver-xorg-core, util-linux, udisks2, librbd1, colord: /lib/udev/rules.d
<TJ-> lorenz_: OK... I'm going to point at PPA-packages, like docker.io first as things to read and possibly disable
<lorenz_> TJ-: docker.io is from universe, but I'm gonna disable it anyways
<TJ-> Is it? OK, hadn't realised that.
<TJ-> lorenz_: Whilst you've got a full chroot, I'm wondering if it may be worth doing "apt-get --reinstall install udev udev libudev1 upstart" in case there is some corruption in the binary installation ?
<lorenz_> TJ: Done! I'm trying to boot now.
<lorenz_> TJ-: No luck. Still hanging at udev
<TJ-> lorenz_: This is with systemd-init ?
<lorenz_> TJ-: Yes
<TJ-> lorenz_: OK... have you had chance to use that debug technique I pointed to yesterday, where you start with init=/bin/sh, start a 2nd terminal "getty -8 -n -l /bin/sh 38400 tty2 &", , then do "exec /sbin/init" in the first terminal ?
<TJ-> lorenz_: If that approach works, then you can move on to running "udevadm monitor ..." in the 2nd terminal
<lorenz_> TJ-: Nothing in dmesg, logs were not changed
<lorenz_> TJ-: I can do that
<lorenz_> TJ-: Hangs at /devices/virtual/vtconsole/vtcon0
<TJ-> lorenz_: oooo, real data at last :)
<TJ-> lorenz_: I'd suggest expanding the usage now you know it works, by doing "udevadm monitor --kernel --property" so we can see the KEY=VALUEs being fed through
<lorenz_> TJ-: Ok, doing that
<TJ-> lorenz_: that report was it very similar to "KERNEL[13.267429] add      /devices/virtual/vtconsole/vtcon0 (vtconsole)"
<lorenz_> TJ-: Exactly that line (just another time)
<TJ-> Great... I can follow your progress by viewing my local "/var/log/udev"
<TJ-> lorenz_: Is the server self-contained, or, does it rely on an external service for authentication, such as using pam_console to query an LDAP server
<lorenz_> TJ-: nothing new hangs at the same position but shows now SEQNUM=1910 SUBSYSTEM=vtconsole UDEV_LOG=7
<TJ-> UDEV_LOG=7 ... will likely be the "debug" log setting
<TJ-> Well, now we know what to look at... console.... so, any recent changes to the underlying console drivers, or graphics drivers (drm stuff maybe?)
<lorenz_> TJ-: Well, it doesn't have any special graphic drivers (it normally runs without a screen and is installed without a GUI)
<TJ-> lorenz_: OK... here's what should come next (from my local udev log) http://paste.ubuntu.com/7529123/
<lorenz_> TJ-: Mine stops at vtcon0
<TJ-> lorenz_: OK, another tack... how many CPUs have you allocated to the VM guest?
<lorenz_> TJ-: 2 CPUs
<TJ-> Can you try it with 1?
<lorenz_> TJ-: Now udevadm monitor outputs "add /module/zswap (module)" as last line
<TJ-> lorenz_: OK ... so this could be a kernel freeze up then
<TJ-> lorenz_: what we see from udevadm is the events being supplied by the kernel... looks like they are drying up
<lorenz_> TJ-: I have no swap, so zswap is unlikely the issue
<TJ-> I don't think the events we see are linked to the problem; I think there's something else going on. Are you booting with "debug" on the kernel command-line? I think we ought to be able to capture the kernel boot messages (maybe over a serial console connection) and review them carefully.
<TJ-> This is where testing alternative kernel versions might help
<lorenz_> TJ-: I tried a lot of kernels, didn't help
<TJ-> lorenz_: Do you have "/lib/udev/rules.d/85-lvm2.rules"
<lorenz_> TJ-: No
<TJ-> OK ... strike one possible cause then :)
<TJ-> lorenz_: On that 2nd (or a 3rd console) when it hangs can you capture "ps -efly" and let me see it?
<TJ-> lorenz_: I'm exploring whether udev is modprobe-ing a kernel module which gets stuck
<lorenz_> TJ-: ps -efly hangs too
<TJ-> So... kernel issue then
<TJ-> so now we need to capture the kernel log (over serial maybe) as I described, and analyse it
<lorenz_> TJ-: Ok, so it works. How can I increase the verbosity, because it seems that it doesn't log much more than on the screen
<TJ-> lorenz_: If you have "debug" on the kernel command-line that'll be max verbosity
<TJ-> lorenz_: obviously, remove any "quiet" option since that is minimal logging
<lorenz_> TJ-: I found https://wiki.archlinux.org/index.php/Boot_debugging, I'm setting it to Heavy Debugging
<TJ-> lorenz_: OK... the main benefit there is log_buf_len=10M... one thing to bear in mind, if the root issue is a timing issue, then adding too much debug output can actual slow things down enough to workaround the issue so it goes away :)
<lorenz_> TJ-: Well, I now get a lot of systemd messages, but still not more kernel messages
<lorenz_> TJ-: [    1.598937] systemd[1]: systemd-random-seed-load.service changed dead -> start [    1.601965] systemd[1]: Accepted connection on private bus. These are the last two systemd lines
<TJ-> Grrr @ systemd hijacking the kernel logging
<hallyn> wtf - rackspace suddenly seems to only have ubuntu 10.04 and 12.04 images for creating a server?
<hallyn> i seem to be on an ancient view.... newest fedora is 17
<hallyn> zul: projected date for new libvirt?
<Havenstance> is there a working tutorial on how to make mdadm send email notification of a failure event?
<Havenstance> I know to process it needs a mail client to send with. I have SSMTP up but I can't seem to get it working for whatever reason.
<raub> So I just updated postfix in my 12.04LTS server. And one of the things it did was to delete http://pastebin.com/0PrTwUkb from my main.cf. Does anyone know why?
<TJ-> raub: did the postconf ask to replace the existing config file?
<raub> TJ-: nope. It was completely automatic
<raub> TJ-: I will not mention it also decided to reset my tls cert
<TJ-> raub: updates should always prompt if you've changed the config file from standard
<raub> I do agree, which why this was very, well, not pleasing
<TJ-> raub: I *think* there should be upgrade logs in /var/log/apt/ or /var/log/dpkg/ or similar... can't recall if 12.04 has those or where they are, though
<TJ-> raub: which version of postfix? I haven't seen an update in a while
<raub> The file in question would be /var/log/apt/term.log
<TJ-> raub: The latest update I have is "postfix (2.9.6-1~12.04.1)" from Febrauary
<raub> dovecot-postfix 1:2.0.19-0ubuntu2
<raub> I will need to check the postfix package version
<TJ-> Oh... dovcot!
<lorenz_> TJ-: I'm going to reinstall. Nothing seems to work :(
<TJ-> raub: "dovecot (1:2.0.19-0ubuntu2.1)" ... May 14th
<TJ-> lorenz_: It's very strange... wish I had access I'm intrigued as to what you've got there
<raub> TJ-: http://pastebin.com/PE3qKqub
<raub> main.cf is postfix
<TJ-> raub: that *is* bad!, especially for a silent upgrade
<TJ-> raub: bug-report it, that's really not good
<TJ-> raub: I'm not using that package which is why I didn't see it
<raub> I do not even know about mail-stack-delivery
<raub> And, I now see I should not have used the postfix-dovecot "helpful" package, instead installing both separately as Xenu wanted
<TJ-> raub: http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-3430.html
<uvirtbot> TJ-: Dovecot 1.1 before 2.2.13 and dovecot-ee before 2.1.7.7 and 2.2.x before 2.2.12.12 does not properly close old connections, which allows remote attackers to cause a denial of service (resource consumption) via an incomplete SSL/TLS handshake for an IMAP/POP3 connection. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3430)
<raub> I should be running dovecot 2
<raub> Lemme check
<raub> 2.0.19. still behind times (I get mocked at #dovecot a lot) but not 1.1
<raub> hmmm, the more I read the CVE the more confused I am about the version number thingie
<sarnold> heh, yeah, that's not a great summary.
<TJ-> dovecot has several parallel 'stable' branches
<raub> AFAIk they do want you to go to 2.X
<raub> On an unrelated note, does any of you run sudo-ldap in 14.04? It is core dumping on me
<sarnold> 10.04 LTS EOLs in eleven months, hopefully the few still using it will be upgrading soon :)
<raub> sarnold: you are such a joker
<cloudman1> happy with 12.04 here at the moment, still having problems installing Virtualmin on 14.04, webmin is ok though on it
<cloudman1> On a fresh install of 14.04 seem to be having problems with  libapache2-mod-fcgid, wont install for some reason
<sarnold> raub: hehe yeah, lucid isn't so bad. I was happy to say goodbye to hardy though. :)
<Havenstance> anyone know of a decent tutorial on SSMTP?
<qman__> I use postfix regardless of how simple or complex the task, because it's easy to set up and widely supported
<hydruid> Havenstance: the configuration for SSMTP is super simple, not much to it
<raub> Havenstance: what do you need to do with it?
<raub> Of course I mean beyond sending mail out, but the particulars
<Havenstance> trying to configure MDADM to use it to email failure notifications
<Havenstance> but with my setup SSMTP will not authenticate properly
<raub> Can you pastebin a defanged version of the config?
<Havenstance> I've tried several different versions based on lots of different tutorials i've tried with it
<Havenstance> If someone could pastebin a working one and I could sub my info maybe that might work?
<Havenstance> i'll throw in what i have and what the terminal reads tho to help :)
<raub> Havenstance: http://unixwars.blogspot.com/2013/08/installing-ssmtp-in-redhatcentos.html
<raub> ignore the redhat/centos part
<raub> Also has some test thingies
<Havenstance> This is the pastebin of the config and the terminal readout from the attempted test pastebin.ubuntu.com/7530107/
<Havenstance> http://pastebin.ubuntu.com/7530107/
<Havenstance> there
<Havenstance> it does not use SSL/TLS at all either
<Havenstance> Username & PW Are correct also
<raub> Can you telnet to mail.royscorner.com port 2626 and send email by hand?
<raub> Also, I like to do ssmtp -v when testing
<raub> And, is the machine in question in the internet or behind a firewall natting its way?
<zul> hallyn:  next week
<zul> 1.2.5 is out next week so thats the next one
<hallyn> zul: so you're waiting for 1.2.5 for utopic?
<zul> yep
<hallyn> suddenly rackspace gives me modern images again.  starts building, now sits at 80% created for 3 minutes.
<hallyn> zul: ok
 * hallyn should look into digitalocean
<arosales> matsubara, I am yet again late on sending out the meeting minutes.  I got the blog, email, and wikis updated.  However, since this is such late notice that you are up next I am fine with chairing this week unless you would like too :-)
<raub> Havenstance: testing smtp auth using telnet: http://www.ndchost.com/wiki/mail/test-smtp-auth-telnet
<zul> hallyn:  problems?
<matsubara> arosales, I can do it. No worries, you paid your due already heh
<arosales> thank you matsubara :-)
<hallyn> zul: 99
<zul> hallyn: ?
<hallyn> sorry just jokingly referencing http://youtu.be/WwoM5fLITfk
<hallyn> but yeah rackspace is being very weird today
<hallyn> and the build (jessie vm) is STILL at 80% built
<zul> hallyn:  are you joining the containers meeting on #openstack-meeting-alt?
<hallyn> i'd thought this woudl be faster than building msyelf a new vm locally.  i was wrong
<hallyn> zul: hm, i guess. it conflicts :)
<zul> hallyn:  yep
<FrEaKmAn_> hi all.. I want to block a request from certain websites.. what is the best way to solve it? firewall?
<cfhowlett> FrEaKmAn_ or blocked at the router ...
<FrEaKmAn_> no, I'm using VPS
<cfhowlett> FrEaKmAn_ you could also edit your DNS to block
<FrEaKmAn_> ubuntu 12.04...
<FrEaKmAn_> but I'm no sure if I can block by ip
<FrEaKmAn_> but by referrer
<TJ-> FrEaKmAn_: what do you mean by "block a request"? Web-sites don't generally make requests directly to other servers, their clients do
<FrEaKmAn_> http://semalt.com/
<FrEaKmAn_> somebody is using this service to crawl/check my websites
<FrEaKmAn_> and it's getting on my nerves because it's killing my metrics
<gaughen> matsubara, I think you set the new land speed record on getting the irc mtg done ;-)
<TJ-> FrEaKmAn_: that sounds like blocking based on user-agent, or source IP range
<TJ-> FrEaKmAn_: This might get you started: http://httpd.apache.org/docs/2.2/rewrite/access.html
<matsubara> gaughen, heh I tend to rush these thing over. Hopefully I didn't miss anything
<FrEaKmAn_> TJ-, thanks.. I will check it out
<FrEaKmAn_> other question is which firewall do you recommend?
<FrEaKmAn_> I have few apps running at different ports and want to block access
<TJ-> FrEaKmAn_: the one that's already there! netfilters, controlled by iptables or some higher-level tool
<FrEaKmAn_> ok
<hallyn> ahs3: around?
<hallyn> ahs3: http://people.canonical.com/~serge/netcf-src-0.2.4/netcf_0.2.4-1.dsc  appears to be testing well on jessie
<cloudman1> Hi apparently I cannot install 12.04 on a new server I got because the hardware is too recent, whats that all about??
<hallyn> waiting for some libvirt testing still, but i think it should be ready
<TJ-> cloudman1: You'll need the HWE kernels (hardware enablement) https://wiki.ubuntu.com/Kernel/LTSEnablementStack
<cloudman1> Thanks, will tell my server people
<cloudman1> But I guess they will say we dont offer that etc
<cloudman1> I think I see theyre point
<cloudman1> thier
<cloudman1> or is it their
<TJ-> yes, it is
<cloudman1> or they're
<TJ-> "I before E except after C... except in their!
<TJ-> they're is short for "they are" ... "their" is the possessive
<cloudman1> that i before c is complete nosense
<cloudman1> or i before e I mean
<cloudman1> its why I dont code
<ahs3> hallyn: dude.  cool.  could you drop me an email with that link in it so i don't forget?  i'll see if i can get to it this week.
<hallyn> ahs3: thanks, will do
<ahs3> hallyn: sweet.  thx.
<hallyn> ttyl
<cloudman1> TJ is that enable stack ok for 12.04 to 14.04??
<TJ-> cloudman1: see https://lists.ubuntu.com/archives/ubuntu-devel/2014-February/038042.html
<teward> is rbasak alive at all?
<nikki1> hi
<pmatulis_> strange question teward
<teward> pmatulis_, strange question because i'm trying to see whether the bug importance change he did on an nginx bug was automated or not :p
<teward> some of the bug importance changes by people, they seem automated almost :P
<pmatulis_> teward: it just looks that way.  bug #?
<teward> give me a minute to grab it, chrome just exploded on me
<pmatulis_> ah
<teward> Bug #1323387
<uvirtbot> Launchpad bug 1323387 in nginx "Auth Request module does not seem to be loaded in the "extras" package" [Medium,New] https://launchpad.net/bugs/1323387
<teward> not entirely certain that's a 'medium' but meh
<teward> :P
<teward> (extras package != main last i checked)
<Havenstance> raub, it might be working now. I ran a test and it seemed to have went somewhere. took some playing
<pmatulis_> teward: is the workaround to load the module manually?
<teward> pmatulis_, the workaround is a recompile, this isn't apache, so it's not as module-friendly
<teward> pmatulis_, nginx doesn't have plug-and-play modules like apache does
<pmatulis_> ok
<pmatulis_> teward: so unable to implement the old username/password stuff on nginx in Trusty?
<dasjoe> I'm trying to semi-automate a debootstrap deployment, any idea on how to get grub-pc not to ask me where it should install itself?
<teward> pmatulis_, i... think it might be a bit different than basic username/password auth, AFAICT from the docs, it implements client auth based on the result of a subrequest
<teward> and based on the status codes returned, access is allowed or refused
<teward> (basic username/password auth exists as part of the auth basic module)
<pmatulis_> ah
<teward> pmatulis_, i've never had to actually use this module
<pmatulis_> teward: why do you need it now?  just curious
<teward> pmatulis_, *points at the bug filer's name*
<teward> you'll notice a difference between them and me :p
<pmatulis_> it's not you?
<teward> pmatulis_, i'm just tryin to figure out why robie made it a medium
<teward> pmatulis_, no, my LP is ~teward
<teward> Thomas Ward (~teward)
<teward> that != trevor slocum (bug filer)
<teward> i just watch the nginx bugs like a hawk :P
<teward> (USUALLY its my handiwork making minor patches for the package)
<pmatulis_> teward: we need to understand the impact to increase the importance
<teward> pmatulis_, my concern is medium is too high
<teward> not that it needs higher :P
<pmatulis_> oh!
<teward> pmatulis_, two considerations on that:
<pmatulis_> teward: then Medium is good
<teward> ok
<pmatulis_> teward: see https://wiki.ubuntu.com/Bugs/Bug%20importances
<teward> pmatulis_, i'd say low because "moderate impact on non-core"
<teward> and i'm familiar with bug importances, i do do triage work :P
<teward> but meh
<pmatulis_> gotcha
 * teward yawns
<teward> probably *not* the best thing ot be doing triage while recovering from the flu
<teward> but i'm bored out of my skull watching netflix >.>
<pmatulis_> i watched a ghenkis khan (spelling?) one yesterday
<teward> heh
<rbasak> teward: what importance do you think it should be?
<teward> rbasak, low, because "moderate impact on a non-core application"
<rbasak> teward: sure. Go eahead and change it.
<teward> rbasak, and i'm basing that on the nginx-extras package, since it's not the nginx-core package that's in main
<teward> rbasak, done.
<pmatulis_> that's true
<Havenstance2> okay so this one is new... http://pastebin.ubuntu.com/7531067/
<Havenstance2> any clues?
<rbasak> teward: my main concern was to get the size of the server triage queue down.
<teward> rbasak, true.  i think we should be careful just activating arbitrary code though
<teward> the code probably still exists in the code
<rbasak> teward: and setting things to Low irks reporters sometimes, so maybe I err on the higher side to avoid getting into that debate.
<rbasak> teward: is it supposed to be activated? That was what was implied in the bug to me. If not, then Wishlist?
<teward> rbasak, its listed in the package description supposedly, but I don't have Synaptic on this system to check (only Trusty cli in a very poorly-resourced VBox VM)
<teward> rbasak, i'm going to poke the changelog to see if it was ever deactivated
<rbasak> teward: thanks for looking! Please do what you think is best (or leave it if you need to).
<teward> rbasak, i'm hesitant to turn it on, but i can't check upstream or the PPAs as easily through my non-Ubuntu system
<teward> (my Ubuntu system is in the middle of a rather large rsync operation backing up /home/* and /etc/ and the package list of what's installed)
<teward> (in preparation for Precise -> Trusty upgrade)
<teward> rbasak, the code exists, but it's probably supposed to be on but isn't.
<teward> hmm...
<teward> rbasak, this might be wishlist
<teward> rbasak, according to http://bazaar.launchpad.net/~ubuntu-branches/ubuntu/trusty/nginx/trusty/view/head:/debian/control that module isn't listed under the nginx-extras package description
<Havenstance2> Anyone have time to take a peek at something? I'm getting an error with SSMTP and Ubuntu Server
<Havenstance2> http://pastebin.ubuntu.com/7531067/
<teward> rbasak, FYI, package status -> Incomplete because there's no confirmation on this
<teward> (I'm curious where they're seeing this, when it's *not* listed in the package)
<teward> s/package status/bug status/
<n88> afternoon guys... i'm trying to migrate my pure-ftpd users from one server to a replacement server... I apt-got installed pure-ftpd, configured it, added the ftpgroup group and ftpuser user accounts with the same GID and UID of the server i'm migrating from
<n88> copied over pure-ftpd.passwd and pure-ftpd.pdb
<n88> pure-pw mkdb'ed... but no dice... pure-pw list shows the same accounts on both servers now but the new one isn't allowing login
<n88> anyone done this before that can give me a hand ?
<teward> rbasak, update: they confused the Debian package with the Ubuntu package.  this is a Wishlist type bug.
<RoyK> what's the reason noone's taking care of bug 1171945?
<uvirtbot> Launchpad bug 1171945 in mdadm "Nested RAID levels aren't started after reboot" [Undecided,Confirmed] https://launchpad.net/bugs/1171945
<hxm> is it safe disable sendmail if I use postfix?
<LearGear1> Hi - does anyone know if Dell T110 server with Dell SAS 6/iR Raid controller will work out of the box with ubuntu?
<lamont> hxm: if you install the postfix package, it (1) removes the sendmail package and (2) provides a daemon called sendmail/
<hxm> but there is a cron (dont know where) that does this (smmsp) CMD (test -x /etc/init.d/sendmail && /usr/share/sendmail/sendmail cron-msp) all the time
<hxm> and is still running somehow
<hxm> apt-get remove sendmail says there is no sendmail package to remove (already previously removed)
<Krugger> anyone using any other good centralized authentication mechanism than LDAP + Kerberos?
<Patrickdk> heh? ldap + kerberos?
<Patrickdk> one could use ldap, or kerberos
<Patrickdk> but there is also radius
<Patrickdk> also saml
<Krugger> I just needed to authenticate a couple of users in several ubuntu server that are running SSH
<Krugger> the problem is kerberos doesn't create the home directories and makes sure all user ID are the same across the whole cluster
<Krugger> so I have to add LDAP in the mix
<Krugger> and I really hate LDAP
<Krugger> and NIS is an even worse solution
<Krugger> was hoping someone had developed a nice solution for it
<nwilson5> haven't done anything with lvm before, but I'm assuming it's possible if I took 2 3TB drives to set it up as one 6TB partition ?
<patdk-lap> nwilson5, sure
 * genii resists the temptation to smack the crap out of copocaneta
<Patrickdk> genii, no need to resist
#ubuntu-server 2014-05-28
<ruben23>  How do I remove a specific extension from a directory..? sample directory have 10K wav file adn 5K .mp3 files i want to remove the .wav files only..? any idea..?
<jyfe> rm /dir/*.wav \OR\ cd dir && rm *.wav ?
<Pici> find /path/ -iname "*.wav" -delete   (will do it recursively)
<Tohsh> Having an issue with a fresh install of 14.04 server. Boot will freeze during adding swap. Will boot fine with "nomodeset" on kernel in grub. Verified UUID's match in /etc/fstab and blkid. Have not experienced this issue with any builds in the last few years. Any idea?
<jonascj> Hi all. What is the difference between the php5-mysql and php5-mysqlnd package? Both claim to provide the php mysql bindings?
<OpenTokix> jonascj: The mysqlnd library is highly optimized for and tightly integrated into PHP. The MySQL Client Library cannot offer the same optimizations because it is a general-purpose client library.
<dw1> http://dev.mysql.com/downloads/connector/php-mysqlnd/
<jonascj> OpenTokix: thanks, but I do not understand. All references indicate that mysql-server and mysql-client should be installed alongside both php5-mysql and php5-mysqlnd. So they both rely on anothe rinstallation of the mysql server and client, don't they?
<jonascj> *another installation
<OpenTokix> jonascj: "all references" beeing howtos on random webpages that you copy and paste from?
<jonascj> OpenTokix: no, I am actually stopping and thinking, otherwise I would have installed both. I wonder why some suggest one package and others the other package
<OpenTokix> jonascj: the thing is the mysqlnd is pretty new, so I am guessing the bulk of guides talking about php and mysql is pretty old.
<jonascj> 2http://packages.ubuntu.com/precise/php/php5-mysqlnd
<jonascj> vs http://packages.ubuntu.com/precise/php5-mysql
<OpenTokix> jonascj: I would go with the native driver, since it is recommended from the mysql docs
<jonascj> more or less the only thing setting those two pages apart is "native"
<jonascj> but why a native driver? I thought the idea was to go cleanly through well defined sql interfaces.
<jonascj> OpenTokix: thanks, I'll read mysql's own statement
<Gaba1> hello, can someone please lend a hand? I am having issues post installation
<sarnold> Gaba1: hello ;irc tends to work best if uou jst ask questions :)
<Gaba1> ok thanks
<cfhowlett> !details
<ubottu> Please elaborate; your question or issue may not seem clear or detailed enough for people to help you. Please give more detailed information, errors, steps, and possibly configuration files (use the !pastebin to avoid flooding the channel)
<Gaba1> I used yumi to put ubuntu server onto a flash drive and then installed (completely) onto my PC and once I rebooted I just get a little white curser blinking at me
<Gaba1> then I repeated the process and the same thing happened again
<Gaba1> I then tried to use the check for errors function and I just got a screan that blinked white and black and I decided to turn my computer off before I began to seize
<Gaba1> !I am now running Ubuntu 12.04 off of another flash drive. memory is 7.8Gig.
<ubottu> Gaba1: I am only a bot, please don't think I'm intelligent :)
<Gaba1> !processor is AMD phenom 8750. OS is 64 bit
<sarnold> Gaba1: so a 'live image' works okay but installing it doesn't work?
<Gaba1> I am running a live version of ubuntu 12.04, but I am attempting to instal ubuntu server
<Gaba1> my ultimate goal is to run a minecraft server on that computer, but it was lagging using windows
<Gaba1> I am now installing ubuntu 12.04.3 LTS and it recognizes that I have installed ubuntu 14.04 LTS (which I assume is the server I was trying to instal). I am splitting my partition in half for both to be installed at the same time
<LeMike> Hello. How can I see how much physical space is given on the drive and how much is mounted? Like "Disk Size: 200G, /dev/sda1 begin 1024M end 150G" or something like that
<sarnold> LeMike: 'df' will show you which filesystems are mounted and how much space they have; fdisk -l will show you partition table information
<LeMike> oh yee. `fdisk -l` ... i need coffee. sorry! but thanks sarnold :)
<sarnold> LeMike: have fun :)
<stetho> Hi all. Is there a correct/clever way to install packages from one release in to a lower numbered release - trusty and precise to be exact?
<sarnold> stetho: check out 'package pinning', that might do what you want
<stetho> sarnold: I always thought pinning was the other direction (new releases, old packages) but after reading PinningHowTo it looks exactly what I need - thanks
<sarnold> stetho: with the usual caveat that the packages weren't tested for that and wreen't intended for that :)
<sarnold> jamespage: we'd like to demote chkrootkit from main; any comments? https://bugs.launchpad.net/ubuntu/+source/chkrootkit/+bug/1324111  thanks
<uvirtbot> Launchpad bug 1324111 in chkrootkit "please remove chkrootkit from main" [Undecided,New]
<smoser> Daviey, didn't you enable nested virt in 12.04 ?
<phunyguy> \o/
<sync0pate> anyone in here know much about UK data protection?
<sarnold> sync0pate: I have this url :) http://www.ico.org.uk/news/latest_news/2013/~/media/documents/library/Data_Protection/Detailed_specialist_guides/p
<sarnold> rivacy-in-mobile-apps-dp-guidance.pdf
<TJ-> sync0pate: There is none; apply to GCHQ for everything you need :p
<sync0pate> I've got a client who is convinced that:
<sync0pate> a) shared hosting or vps is not secure enough to meet their data protection requirements
<sync0pate> b) they do not have the expertise or budget to host anything in-house
<sync0pate> I don't know what other options they could possibly have
<sync0pate> and I'm not convinced they're right on either count
<TJ-> sync0pate: Depending on the confidentiality of the data, then yes, a) makes perfect sense
<sync0pate> but what options does it leave them with?
<Meerkat> get out of the UK.
<TJ-> sync0pate: Depending on how it is operated and protected physically, dedicated servers might be a solution
<sync0pate> well they're not legally allowed to transfer the data out of the UK either
<sarnold> amazon may have proper certifications to placate "cloud isn't safe enough"
<sync0pate> and they've said they can't afford a dedi :\
<sync0pate> they're already e-mailing this data back and forth without any security :\
<rbasak> Sounds like you have a sales or customer service issue there.
<TJ-> sync0pate: advise then withdraw, it sounds like the typical scenario where the consultant gets the blame later
<sync0pate> TJ-, yeah
<sync0pate> that's what I'm leaning towards
<TJ-> sync0pate: my experience has been the cheapest clients cause the most agro
<sync0pate> it's just I've been brought into this by a friend, so I'm keen to help if I can
<sync0pate> but
<sync0pate> yeah you know
<sync0pate> you're right
<sync0pate> if they can't afford a dedi, how are they affording my invoice?
<dasjoe> sync0pate: there are encrypted cloud solutions, maybe something like that'd work?
<TJ-> sync0pate: So, honour your intentions by providing them a 'no liability' free report, then explain why you have to withdraw if your advice is ignored
<sync0pate> thanks, I appreciate the advice
<TJ-> dasjoe: Even with encrypted cloud, once the data is in memory it's rarely encrypted and out of control of the customer
<sync0pate> I'm not even allowed to mention the word "cloud"
<sync0pate> the irony is this is a system intended to share information...
<sync0pate> with other organisations
<dasjoe> TJ-: the idea is to never transfer unencrypted data into the "cloud" and for encryption keys to stay on the clients' computers
<TJ-> sync0pate: I hate that euphemism, but it seems to have taken over. It's simply using someone else's servers to run your core operations in most cases
<sync0pate> dasjoe .. that's an interesting idea..
<sync0pate> I didn't even think of that
<TJ-> dasjoe: But I think sync0pate point is, they need to process the data 'in the cloud', too, not just store it.
<sync0pate> well.. TJ- , yeah.. to an extent
<sync0pate> but
<sync0pate> hmm
<sync0pate> it might be part of the solution
<sync0pate> I could maybe convince them to do the data-processing in-house
<sync0pate> and then anything that needs to be shared can be end-to-end encrypted
<dasjoe> TJ-: Well, it wouldn't be possible to process data "in the cloud", no. That's why I like it so much ;)
<TJ-> sync0pate: In which case it'd be cheaper to store it in-house too, surely, only sharing on an as-required basis and encrypting any shared data to the recipients public key
<sync0pate> TJ-, yeah, that makes more sense to me too
<sync0pate> but they don't want incoming connections to their network
<sync0pate> so maybe it could be in-house and locked off
<sync0pate> and then upload the data that needs sharing
<sync0pate> encrypted with the recipient key, like you say
<TJ-> sync0pate: What *do* they want? access by 'client's to a sub-set of their data ?
<sync0pate> yeah
<sync0pate> exactly that
<TJ-> sync0pate: If the 'client' requests are not high-volume then why not a mail auto-responder that simply takes well-formatted emailed requests to a named@domain.tld mailbox, uses the locally pre-shared public key of that client together with the locally stored pre-shared return email address, encrypts the requested data, and uses 'sendmail' to send it ?
<TJ-> sync0pate: Those well-formatted emails could be generated by a shared-hosting web-form
<sync0pate> it's even simpler than that
<sync0pate> the client doesn't even request the information
<sync0pate> they are sent it
<TJ-> sync0pate: sorted then... provided they use the pre-shared keys and email addresses
<sync0pate> well
<sync0pate> it's still a battle to convince them to host in-house
<sync0pate> they already have an in-house network, that is already secured
<sync0pate> does adding another server add any security risk?
<sync0pate> if it's a fully-internal server?
<TJ-> Maybe point out how insecure their secured network is, by emailing (unencrypted) from the secure side
<sync0pate> well that's why I'm getting annoyed
<sync0pate> I can understand the security requirements
<sync0pate> but everything they do now is nowhere near secure
<dasjoe> hah, sounds like a job from hell, I don't think I'd do it
<sync0pate> and this is only a small part of their business
<TJ-> sync0pate: Maybe you need to provide a quick "security 101" lesson
<sync0pate> am I wrong about that part though
<sync0pate> if they have an already secured network
<sync0pate> adding an internal server to it, assuming that is also secured and patched and etc
<sync0pate> isn't introducing a security risk, is it?
<TJ-> sync0pate: Well, technically, any addition expands the exposure risk, but in practice, you're correct
<TJ-> sync0pate: It sounds to me like they don't even need a new server, just an additional service on an existing system
<sync0pate> well exactly
<sync0pate> they just need a DB
<sync0pate> internally
<sync0pate> that occasionally sends out encrypted data "somehow"
<sync0pate> anyway, cheers for that
<sync0pate> I've got a meeting with them next week
<sync0pate> I think I need to stress to them that there are lots of other ways to achieve what they want without security issues
<sync0pate> and more importantly
<sync0pate> everything they do currently is insecure
<TJ-> sync0pate: And make sure to bracket each potential solution with its capital and ongoing costs
<sync0pate> absolutely
<sync0pate> the whole thing is a fucking mess for a ton of other reasons
<sync0pate> the person I'm dealing with, who is in charge of procuring the solution..
<sync0pate> doesn't actually know the ongoing budget
<sync0pate> so all this "that won't be affordable" is utterly speculative
<sync0pate> I need to stop accepting work leads from friends
<Overand> Anyone have any ideas of a 'web interface for web hosting' - not designed for 'end users' but for fairly tech sasavy people - that will handle making apache virtual hosts, perhaps mySQL databases, etc- but is fairly integrated, and also does *not* conflict with creating or editing your config files yourself?
<Overand> Something a bit like ISPConfig or t hat sort of thing?
<Overand> (WHich I don't know if lets us edit config files manually as well)
<[lutchy]> Overand, Webmin ?
<rbasak> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system.
 * rbasak knows no more about it.
<[lutchy]> You can install it independently
<sarnold> I hear webmin is a good worm vector
<rbasak> I think the general issue is that a large number of tech savvy people who could write such a thing would choose not to use it, so it doesn't happen.
<rbasak> For a paid equivalent, there's cpanel.
<[lutchy]> I have it installed here on all my Ubuntu installations using Webmin repo. My public servers have Webmin blocked for security reasons
<sarnold> also a good worm vector..
<[lutchy]> Well, use whatever you like that works for you... You can even go ahead and create you 'Web Interface System' or OPT for Server Appliance that has integrated 'Web Interface'
 * patdk-wk created his own
<patdk-wk> too many crappy php stuff, with horrible md5 passwords
 * [lutchy] plan to create a Web Interface of his own (huge project)
<jbwiv> guys, when you log into an ubuntu server, it tells you the number of packages which can be upgraded and how many of these are security upgrades. anyone know how to manually do this at the command line?
<hadifarnoud> I installed mongodb with apt-get install mongodb
<hadifarnoud> it did install something. but composer still complains
<dasjoe> jbwiv: /usr/lib/update-notifier/update-motd-updates-available
<dasjoe> jbwiv: Actually, that file calls "/usr/lib/update-notifier/apt-check --human-readable"
<jbwiv> dasjoe: great...thanks!
<pakcjo> Hello, I just upgrade to 12 and I think I got into this https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1003854
<uvirtbot> Launchpad bug 1003854 in openldap "Database upgrade/migration fails with nested db directories (lucid to precise)" [Medium,Confirmed]
<pakcjo> i have no idea how to recover
<pakcjo> how can I test slapd???
<pakcjo> can someone help me?
<pakcjo> I added accesslog to /var/lib/ldap/
<pakcjo> slapd started but it doesn't seem to have anything
<pakcjo> how can I recover?
<cwillu_at_work> what package is responsible for generating /etc/nsswitch.conf?
<cwillu_at_work> dpkg-query -S /etc/nsswitch.conf doesn't list anything
<pakcjo> I really could use some help right now...
<Pici> cwillu_at_work: I'd guess either libc-bin or base-files.  Both contain an nsswitch.conf file, and could be likely candidates.
<cwillu_at_work> Pici, thanks
<sarnold> pakcjo: check #ubuntu-server channel logs, I think I saw someone else mention this before, no idea if I ever saw a resolution.
<cwillu_at_work> Pici, where do you see that they contain that?  dpkg -L doesn't show that, but maybe it's generated in a post-install script or some such?
<Pici> cwillu_at_work: I did: dpkg -S nsswitch.conf, and also looked at the nsswitch.conf manpage.
<cwillu_at_work> ah, yes, there's a psotinst
<pakcjo> sarnold: where are the logs?
<sarnold> pakcjo: irclogs.ubuntu.com
<pakcjo> sarnold: thanks
<sarnold> pakcjo: good luck, sleep time here
<pakcjo> oh no search... dan
<RobCWDudley> Hey folks, is it possible to configure an FTPd (say VSFTPd) to allow multiple users to access the same directory (/var/www) and have file ownership sorted so web server can read and users can modify / delete?
<Patrickdk> it's called, group permissions
<Patrickdk> or, go crazy nuts, and use acl's
<Patrickdk> but ftp doesn't do acl's
<RobCWDudley> Patrickdk: ok so owner remains as user that uploads, group it www-data and that should just work?
<pakcjo> I'm going crazy, I need ldap running
<pakcjo> that bug was reported on 2012 and it still present... WTF guys
<pmatulis_> pakcjo: how big is your data/database?  possibly install a test 12.04 vm and import the db to see if that works
<pakcjo> pmatulis: shouldn't be that big...
<pakcjo> pmatulis: but that's not the case, I upgrade and ended up in this state...
<pmatulis> pakcjo: sure but it can help you get back the original install by comparing
<pmatulis> pakcjo: what errors do you see in the logs?
<pakcjo> slapd shows as iF ... So, there's what seems to be my bug in that page https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1003854 but how can I recover?
<uvirtbot> Launchpad bug 1003854 in openldap "Database upgrade/migration fails with nested db directories (lucid to precise)" [Medium,Confirmed]
<pakcjo> it was the same as the log, what I did was to create /var/lib/ldap/accesslog and it started
<pakcjo> but doesn't seem to be stable and package is still in iF state... how can I resolve that?
<pmatulis> pakcjo: ah, so slapd is up again?
<pakcjo> comment #5 suggested something but after modifying it, I don't know what else to do
<pakcjo> pmatulis: yes, but not in a good state, kerberos can't connect to it
<pakcjo> iF  slapd                                2.4.28-1.1ubuntu4.4                 OpenLDAP server (slapd)
<pakcjo> how can I fix that... it's in iF state...
<pakcjo> i need like to reinstall it but using the modified scripts and not the ones from the package (which seems to be broken since 2012)
<pmatulis> pakcjo: not sure what 'iF' is.  not 'if'?
<pakcjo> dpkg -l | grep slapd
<pakcjo> shows "iF"
<pmatulis> ok, i see the output
<pakcjo> I tried to ask about this in #debian but they are sure that slapd upgrade is not broken there...
<pakcjo> so I have a half installed slapd or whatever, and the data is (probably) all wrong
<pakcjo> so, what can I do?
<pmatulis> pakcjo: it would be great to know what 'iF' means.  everywhere i look does not mention 'F'
<pmatulis> pakcjo: did you check the dist-upgrade logs?
<pakcjo> pmatulis: where can I find them?
<pmatulis> pakcjo: /var/log/apt/dist-upgrade , something like that
<pakcjo> 2014-05-28 20:43:04 status half-configured slapd 2.4.28-1.1ubuntu4.
<pmatulis> it's normal to have lines like that.  keep looking.  /var/log/dist-upgrade
<pakcjo> screenlog.0:  Backing up /etc/ldap/slapd.d in /var/backups/slapd-2.4.21-0ubuntu5.5... done.
<pakcjo> screenlog.0:  Loading from /var/backups/slapd-2.4.21-0ubuntu5.5:
<pakcjo> screenlog.0:dpkg: error processing slapd (--configure):
<pakcjo> screenlog.0: slapd
<pmatulis> pakcjo: were you using the old-style config system with slapd.conf?
<pakcjo> screenlog.0:Installing new version of config file /etc/init.d/slapd ...
<pakcjo> screenlog.0:  Backing up /etc/ldap/slapd.d in /var/backups/slapd-2.4.21-0ubuntu5.5... done.
<pakcjo> screenlog.0:  Loading from /var/backups/slapd-2.4.21-0ubuntu5.5:
<pakcjo> screenlog.0:dpkg: error processing slapd (--configure):
<pakcjo> screenlog.0: slapd
<pakcjo> pmatulis: no that I know, but it sounds to me that this is the same as https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1003854
<uvirtbot> Launchpad bug 1003854 in openldap "Database upgrade/migration fails with nested db directories (lucid to precise)" [Medium,Confirmed]
<pmatulis> it looks like you were (/etc/ldap/slapd.d) but can you confirm you were not using slapd.conf?
<pmatulis> (if it's running now what does 'ps ax | grep slapd' show?)
<pakcjo> pmatulis: yes
<pakcjo> /usr/sbin/slapd -h ldap:/// ldapi:/// -g openldap -u openldap -F /etc/ldap/slapd.d
<pmatulis> ok
<pakcjo> # dpkg-reconfigure slapd                                                         /usr/sbin/dpkg-reconfigure: slapd is broken or not fully installed
<pakcjo> should I force it?
<pmatulis> pakcjo: and you were indeed using nested databases?
<pakcjo> pmatulis: yes
<pakcjo> pmatulis: I didn't set it up, so I'm not 100% sure, actually I know nothing about ldap
<pakcjo> just that before the upgrade it was working fine, now it doesn't
<pakcjo> at least I need to get that package out of iF state
<pakcjo> half installed or whatever...
<pmatulis> pakcjo: accesslog is not necessary for running.  you can take the simplification approach and remove it from the config until everything is stable
<TJ-> pakcjo: F = Half-configured
<pmatulis> TJ-: same as 'if' ?
<pakcjo> TJ-: so I need to do: dpkg-reconfigure --force slapd
<TJ-> The "i" means installed
<pmatulis> yeah, but the 'f' and 'F'
<pakcjo> ok, I'll take what's on /var/backup back into /var/lib/ldap, modify the scripts in /var/lib/dpkg/info/slapd.* according to the bug report, and then run dpkg-reconfigure --force right?
<TJ-> dpkg reports "iF", two flags, first means installed, second means Half-configured see "man dpkg-query"
<pmatulis> ok, looks like 'f' has now become 'F'
<pakcjo> ok, now I'm getting a prompt when it says if I want to omit openldap server configuration ??? what is this
<pmatulis> pakcjo: it wants to know if you want to include the config database into the reconfigure command.  i would say 'no'
<pmatulis> pakcjo: the configuration of slapd is itself a database within slapd
<pakcjo> ok so I would say no
<pakcjo> but i don't want an initial configuration, i want to migrade the old one...
<pmatulis> saying 'y' shouldn't hurt
<pakcjo> already said no... it asked about values with the old ones, but now it's asking about password... i don't have that
<pakcjo> empty will use the same?
<pmatulis> asking about password?
<pakcjo> hmmm ok, it's up again, still kerberos can't connect
<pmatulis> pakcjo: not sure what you mean by that.  you have kerberos data inside one of your databases?
<pakcjo> when I try to connect it get  conn=1001 op=0 do_extended: unsupported operation "1.3.6.1.4.1.1466.20037
<pakcjo> kerberos uses ldap
<pmatulis> pakcjo: that's the only log message?  try running slapd in debug mode (prolly easiest to invoke binary manually but add '-d -1')
<pakcjo> pmatulis: I'm currently trying to see a way to drop ldap form kerberos...
<pmatulis> pakcjo: prolly need to add some quotes:
<pmatulis> /usr/sbin/slapd -h 'ldap:/// ldapi:///' -g openldap -u openldap -F /etc/ldap/slapd.d -d -1
<pmatulis> do other operations work?
<pakcjo> I don't have that many users and probably it will just be better to have a normal database, it seems that krb supports its own db2 stuff
<pakcjo> pmatulis: no, it ask for password, i didn't enter anything so
<pmatulis> not sure what you mean
<pakcjo> the only reason that I have ldap here is to work as a database for kerberos, to authenticate users, someone thought that will be a good idea...
<pmatulis> slapd can be good to have around for other future projects
<pakcjo> yeah, well, if it is going to break on every upgrade... I rather not
<pmatulis> don't use nested databases, that's not good form
<pakcjo> pmatulis: no idea what is that... there are like 10 users only, no idea why it was nested on the first place
<fridaynext> anybody here use a CLI email client exclusively?
<pmatulis> pakcjo: prolly b/c whoever set it up didn't know any better
<pakcjo> fridaynext: mutt
<fridaynext> pakcjo: do you have specific reasons why you use it exclusively?
<pakcjo> fridaynext: because i don't like anything else
<pakcjo> fridaynext: I use i3wm and it looks good in it
<fridaynext> pakcjo: well that looks cool.
<RobCWDudley> thanks Patrickdk - got it all working now
<pakcjo> is there a way to list everything that is in the ldap database?
<pmatulis> pakcjo: of course
<pmatulis> pakcjo: do you know the index number of that database?  if you have 2 (accesslog and "normal") then it would be "1" and "2".  the config database is "0"
<pmatulis> pakcjo: the simplest is with: 'sudo slapcat -n 0 > slapcat.config' ; where the index is given by '-n #'
<pakcjo> thanks pmatulis
#ubuntu-server 2014-05-29
<lorenz> TJ-: You remember monday when we tried to figure out how to get the server back online? I then reinstalled and today it happened again. Exactly the same problem. Approximately the same installation, running less than 36 hours, then hung up (network didn't work anymore, local console login timed out). I couldn't do anything besides rebooting and exactly the same problem appeared again.
<pakcjo> how can I be sure that slapd gets started before krb5kdc?
<TJ-> lorenz: !!!! on bare hardware or VM, or both?
<lorenz> TJ-: Again on both.
<lorenz> TJ-: I already checked initramfs, removed anything that isn't on my host machine and rebuilded. Seems the same. I now got detailed file logs on what has changed in the last 36 hours.
<Gallomimia> im having trouble with the installer not giving keyboard access anymore after entering the recovery mode in its grub menu
<Gallomimia> it's been working fine for days. then suddenly no keyboard in installer
<TJ-> lorenz: have you done a memtest86+ on the bare metal?
<lorenz> TJ-: No, I haven't. But I have done one  on the KVM host, so it should boot at least there.
<RoyK> the only way to run memtest is on bare metal
<RoyK> lorenz: a kvm host should be bare metal
<RoyK> and it probably is
<RoyK> lorenz: using ecc on this one?
<lorenz> RoyK: I ran it on the host.
<RoyK> all way through?
<lorenz> RoyK: for a night
<RoyK> should do
<TJ-> lorenz: do you test it on the VM only after it fails on bare metal?
<lorenz> RoyK: I got standard DDR3-1600, but my host system never crashed in a whole year of usage (5-8h/day)
<RoyK> lorenz: probably not memory issues then
<lorenz> RoyK: The server first crashed after 20d uptime and now after 36h
<lorenz> RoyK: the 36 hour-one is a fresh install
<RoyK> lorenz: wrote this little program to just stress memory from inside the OS, it made my system crash easily when memory was bad
<TJ-> lorenz: I've had modules go 'funny' in severs after a long time... turned out to be vibration-related... reseating the modules after removing them fixed it
<lorenz> TJ-: Ok, I'll see. I'll also run a quick memtest.
<RoyK> lorenz: http://karlsbakk.net/tmp/memstress/
<RoyK> lorenz: run that over for some time - if that can't crash the system, neither can the vm
<RoyK> (IMHO)
<Sachiru> Anyone using ZFS on Linux for production on limited systems? How much RAM is the minimum requirements for it? Somehow I can't find that in the documentation.
<lorenz> RoyK: It normally runs on bare metal
<lorenz> RoyK: KVM is just for debugging
<RoyK> Sachiru: 2GB should do, but the more, the better
<RoyK> Sachiru: just don't use dedup unless you know what you're doing
<Sachiru> No dedupe
<Sachiru> Cool
<Sachiru> Is that 2GB just for ZFS ARC, or does that already include the OS?
<RoyK> the zfs arc should be large enough to sustain most use
<Sachiru> Also is it safe to use ZRAM with ZFS?
<RoyK> no, arc is separate on linux and freebsd
<Sachiru> Ah.
<Sachiru> So 2GB for ARC + Whatever OS needs
<RoyK> it's only on illumos/solaris where it's somehow integrated
<RoyK> it's dynamic, so don't worry
<RoyK> zram?
<Sachiru> Yep
<RoyK> what's that?
<Sachiru> The compressed swap in RAM thingy
<RoyK> probably
<Sachiru> http://en.wikipedia.org/wiki/Zram
<RoyK> Sachiru: how much memory do you have on the box?
<Sachiru> 8GB RAM, but 4GB shall be consumed by VMs.
<RoyK> add a small ssd for l2arc
<RoyK> if the VMs reside on zfs, set aside 8GB or so for SLOG
<RoyK> just a small partition for SLOG
<RoyK> it'll boost performance a bit
<Sachiru> Uh
<Sachiru> I don't think I'd need L2ARC
<RoyK> on the SSD, that is
<Sachiru> Or a SLOG
<Sachiru> Performance isn't really necessary (low use, test/dev environment VMs)
<RoyK> SLOG is very good for sync writes and VMs do a lot of that
<Sachiru> Yeah, but I don't have the budget for an SSD
<Sachiru> Sadly
<RoyK> just get a cheap SSD
<Sachiru> The VMs are just small AMP stacks
<Sachiru> But sure, when I get into the money I'll add an SSD
<RoyK> just trying to talk about how to make zfs better
<RoyK> no offence
<Sachiru> None taken
<Sachiru> So you're sure that ZFS can fit into my needs?
<Sachiru> Can I limit/throttle ARC on a linux system?
<RoyK> yes
<Sachiru> Cool.
<RoyK> but I don't remember how
<RoyK> try #zfsonlinux
<RoyK> they'll know
<Sachiru> Thanks!
<RoyK> np :)
<Sachiru> Originally I was planning LinuxRAID, but, lack of transparent filesystem compression.
<RoyK> the sad thing about zfs is the lack of flexibility
<RoyK> the good thing aboud MD is the revese
<Sachiru> In that you can't define partitions as differing RAID levels, right?
<RoyK> you can add and remove drives from an MD raid without issues
<RoyK> you can't add another drive in a raidz on zfs
<Sachiru> True
<Sachiru> BTW
<Gallomimia> reading all that made me hopeful for a decent answer to my problem of getting a system to boot with raid5, encrypted filesystem, and LVM. the root filesystem is on there. but in the mean time i've been tinkering with it and can't get past the language select screen on the 14.04 server installer cause the keyboard just dies
<RoyK> that'll require block pointer rewrite, which has been thought to be in the works for 5+ years
<Sachiru> Is it possible to run LVM on top of ZFS?
<bekks> Sachiru: sure, but it makes no sense.
<bekks> ZFS is a volume manager already.
<Sachiru> Ok.
<Gallomimia> i thought about zfs for this system but it didn't sound like something i wanted
<Gallomimia> block pointer?
<RoyK> Gallomimia: don't do it. boot the root fs from a pair of mirrored drives or even a tiny drive and use separate data drives
<Sachiru> Given a choice between linuxRAID and ZOL, if the primary concern is stability and secondary performance, which would be the common recommendation?
<Gallomimia> uh...
<bekks> Sachiru: dont use ZOL for mirroring your boot devices.
<Sachiru> @Roy: What I was planning was LinuxRAID two 8GB flash drives for boot/OS
<bekks> Sachiru: USe it for your data stuff.
<Sachiru> OS swap + VM storage on ZFS mirrored 2TB drives
<Gallomimia> how much space does the "root" fs need? do i need to mount everything in the root dir from separate volumes?
<Sachiru> Linux will boot even if it doesn't have swap right?
<bekks> Sachiru: Use an OS which support that natively, then.
<RoyK> Sachiru: sounds reasonable
<Gallomimia> doesn't need swap
<RoyK> Sachiru: just keep the data and the root separate
<Sachiru> Or should I keep swap on root drive?
<bekks> You need swap. :)
<bekks> Sachiru: Keep it on the root disk.
<RoyK> bekks: no, you don't
<Gallomimia> yeah. YOU need swap
<Sachiru> Ok
<bekks> RoyK: For suspend2disk - you need swap, of course.
<Sachiru> A minimal install of lubuntu shouldn't eat up 8GB of space on the flashdrive right?
<RoyK> bekks: for a server?
<Sachiru> Also no plans of suspending
<Sachiru> For a server
<Gallomimia> me either
<Gallomimia> if i need to suspend, better to shut down
<Sachiru> This is intended to be a KVM server. Lubuntu simply for the lightweight GUI
<RoyK> Sachiru: then install ubuntu server without the gui
<Sachiru> All it will do is start, stop and manage VMs. Everything else will be in a VM inside, and Lubuntu because I'm not yet that comfortable with configuring KVM from the command line
<RoyK> no need for a gui on a server
<bekks> RoyK: for various use cases, you actually need swap, on a server.
<RoyK> bekks: no, you don't. you need swap when you get a memory leak, but the swap will fill up and it'll take longer to find out what happened
<RoyK> bekks: because with swap, it'll just slow down, you can't log in blablabla
<Gallomimia> my server's a desktop. but i want to do some server stuff on it. all im trying to do is boot up the rescue mode of the server install. my keyboard dies at that point. any ideas?
<Sachiru> So what's the consensus? Swap on rootFS (LinuxRAID mirror on two 8GB flash drives)?
<Sachiru> Or swap on ZFS data drive?
<RoyK> bekks: without swap, it'll crash gently
<RoyK> Sachiru: no
<Gallomimia> dont put your swap on a usb drive
<Gallomimia> wow.
<bekks> You do. Like the requirements of Oracle RDBMS clearly state. So the general assumption "you do not need swap on a server" is wrong.
<RoyK> geowany`work: no!
<RoyK> Gallomimia: noÂ§
<Sachiru> RootFS would be on usb flash drives
<Sachiru> So swap on ZFS data drive then?
<Sachiru> Ok
<RoyK> Sachiru: no
<Sachiru> Where would I put swap then?
<RoyK> Sachiru: keep the root and swap on the same media
<Sachiru> But root is USB flash
<Sachiru> Or should I discard swap altogether?
<RoyK> then set vm.swappiness = 1
<Gallomimia> listening to oracle for advice on running open source software sounds like listening to the advice of the surgeon general telling you cars are perfectly safe, cause they cause more business for surgeons than any other market
<RoyK> so linux won't swap at all unless it really has to
<Sachiru> Ok
<Sachiru> Is it required for swap on Linux to be the same size as RAM?
<RoyK> if you have the root on usb sticks, set vm.swappiness=1
<RoyK> no
<Sachiru> Or can I have 2GB swap with 8GB RAM?
<RoyK> just make a small thing like 128MB
<Sachiru> Ok
<RoyK> if you set vm.swappiness=1, it won't use swap
<bekks> Gallomimia: do you actually earn money with running Oracle RDBMS? If not, I gently discard your post.
<RoyK> running oracle on ubuntu?
<RoyK> that's not supported afaik
<RoyK> so you won't make much money ;)
<Gallomimia> true enough, but can we agree that oracle or its software is not anywhere close to this topic?
<bekks> RoyK: It isnt. It just tried to point out that the general assumption "you do not need swap on a server" is wrong.
<Sachiru> Ok
<RoyK> bekks: you don't
<Sachiru> Thanks for the advice
<bekks> RoyK: I did, read the backlog please.
<Gallomimia> i ran servers with no swap for awhile. i eventually put swap in. and the problems of memory leaks were as the rest of the channel mentioned
<RoyK> bekks: if you need swap on a server, you have too little memory
<bekks> RoyK: If you do not read the requirements section, no one can help you.
<Sachiru> I'll do  / and 256MB SWAP on USB flash drive with VM.swappiness=10% (for ZRAM), then /home and /VM-Storage on the ZFS data disks
<RoyK> bekks: I know linux uses swap a lot to make room for active memory. it's true. but it's also true that some versions of the kernel abuse this rather a lot, and start swapping out even with lots of gigs of memory available
<Gallomimia> the only time i needed the swap, was when there was a memory leak. and only then just so i could kill the server between levels and not in the middle of a game :P
<bekks> RoyK: which doesnt change the point that the general assumption is wrong.
<Gallomimia> anyway, in ubuntu it's possible to have more than one swap file
<RoyK> bekks: I've been using linux for a few years, almost 20, I know a bit about how it handles memory
<Gallomimia> on different volumes if desired
<bekks> RoyK: I am, too. But still there is software out there that requires swap, no matter wether it is used or not. So again, the general assumption is wrong.
<lorenz> TJ-: So, Memtest is now running, after one pass no errors. But I'm letting it run. What about the system?
<Gallomimia> again you're correct in a general sense, but this guy told us his entire usecase and it doesn't actually need swap. aside from the fact that he's using up most of his memory in vm's
<RoyK> bekks: no, software doesn't require swap. all memory usage is virtual. if the memory consumption is higher than what linux has, it swaps out. if vm.swappiness is set high, it swaps out early to free rarely-used pages for those who use them
<RoyK> bekks: but no software require swap
<bekks> RoyK: So did you read the Oracle RDBMS requirements section, actually?
<Gallomimia> 1. are we using oracle rdbms?
<RoyK> bekks: I don't run oracle, so no
<RoyK> bekks: I use open source software only
<bekks> I can safely consider this discussion to be pointless then.
<lorenz> I can confirm that, on many of my PCs and server I don't have swap set up and everything worked fine. If you have enough RAM it doesn't matter.
<Sachiru> @lorenz: One pass isn't sufficient in my experience
<TJ-> lorenz: how do you mean?
<Sachiru> I've seen several systems where it required two or three passes to catch intermittent errors
<RoyK> bekks: when was oracle a part of this discussion before you introduced it?
<Gallomimia> 2. just because this one piece of software says it needs swap space doesn't mean all or any software actually needs swap space. it's much more likely that the software at hand is poorly written and abuses its privilege of having swap space.
<lorenz> TJ-: Was a response to the swap discussion.
<Sachiru> My current practice is to run memtest for at least 12 hours (three passes) before declaring it "semi-stable"
<Sachiru> Unless it's ECC RAM, in which case two passes is enough.
<Gallomimia> 3. no more oracle in FOSS discussions please
<lorenz> Sachiru: Yes, I'll let it run.
<bekks> RoyK: It never was - again, I proved that the general assumption is wrong. However, I'm not going to discuss this any further, since you dont want to see the difference between the "Sachiru use case" and "the general assumption".
<TJ-> lorenz: I wasn't reading it :)
<lorenz> TJ-: What about the system? I can give you full change lists, but I've already looked through them and there's nothing interesting there.
<RoyK> bekks: there's a little difference between running linux systems for 10+ years in production and "assumptions". I know linux. I know how it works. It doesn't need swap until the midden hits the windmill
<RoyK> bekks: it's not assumptions - it's what I've learned over the years
<TJ-> lorenz: I'm at a loss, really. Aside from memory corruption being flushed to disk I can't imagine what could cause those symptoms
<bekks> And you havent touched Oracle yet and you are assuming how it should work. I'm off of this pointless discussion.
<RoyK> bekks: so please, tell me why we should have a ton of unused gigabytes of swap on our servers ;)
<RoyK> bekks: I Don't Use Oracle. Got it?
<bekks> So please just read the requirements section where this point is explained.
<bekks> And I am off of this discussion. Got it?
<RoyK> are we discussing oracle or linux?
<RoyK> bekks?
<lorenz> bekks: Noone here cares about Oracle requirements. It is simply not relevant.
 * RoyK diverts bekks to #ubuntu-offtopic
<RoyK> Sachiru: no, it's not *needed* to have swap on linux
<RoyK> but a small section of swap is always good
<RoyK> say, 1GB or 500MB or so
<RoyK> so that linux can swap out things not in use there and use the remaining memory for something useful
<lorenz> TJ-: I currently have a very similar system, which (after an upgrade from 12.04 to 14.04) runs for around 2 months. No problems there. My newer host (which is the one that fails) has a newer i7 4770, while the other host has the predecessor i7 3770. Any known issues with Haswell CPUs on Linux?
<RoyK> Sachiru: if you have a fast drive and little memory, it may be good to keep a 1-2GB swap space and setting vm.swappiness=100
<RoyK> Sachiru: if you have sufficient memory, it's no need
<lorenz> RoyK: vm.swappiness=100 just kills the SSD because of the writes
<RoyK> Sachiru: if you have low memory and *slow* swapspace, set vm.swappiness=1 or so
<RoyK> lorenz: no, it won't swap that much
<RoyK> lorenz: it only swaps when it finds it necessary
<lorenz> RoyK: I thought at 100 it would swap almost everything
<RoyK> lorenz: and most good SSDs these days can handle rather a lot of writes, even cheap MLCs
<pakcjo> hello
<RoyK> lorenz: no
<RoyK> lorenz: it's just an index - at 100 it'll try to work out which pages to swap out earlier. the default is 60
<lorenz> RoyK: Ok, something learned :)
<RoyK> :)
<Sachiru> Well
<Sachiru> I was planning on using ZRAM
<Sachiru> (compressed swap in RAM)
<Sachiru> I guess I can just use ZRAM and no swap
<Sachiru> Then vm.swappiness = 100%
<Sachiru> So that it uses compressed swap in RAM always (essentially a dirty way of compressing RAM transparently)
<lorenz> TJ-: Added files since install http://paste.ubuntu.com/7540516/ , Modified files since install http://paste.ubuntu.com/7540519/  (Excluded /usr/share/man, /var, /usr/share/doc)
<TJ-> lorenz: As I said the other day; I blame one of those PPAs!
<Sachiru> One more query:
<lorenz> TJ-: Well Owncloud is certainly not the problem (Just a web application), Elasticsearch and Percona XtraDB are just database servers, so they aren't even started at the time it fails. That leaves Suricata and Ksplice. I already removed Ksplice because it integrates into initramfs and others and is therefore a candidate for the failure, but even after a complete uninstall it didn't work better. Suricada does not really interact with
<lorenz> the kernel (besides NFQUEUE), but I'm trying to remove it and see what happens.
<Sachiru> As I said, rootFS shall reside on mirrored 8GB flash drives (Sandisk Cruzers). Should I max out the 8GB, or just partition 7GB and leave 1GB for free space (garbage collection, trim and all that).
<Sachiru> Or do USB drives not have TRIM?
<lorenz> @Sachiru It depends on the USB adapter and the drive.
<Sachiru> So, google the drive and research controller if it implements wear leveling
<Sachiru> If yes, leave slack for overprovisioning, if no, allocate all and hope that OS is sane enough to wear-level on its own?
<patdk-lap> you do know it's rare for a usb flash drive to do garbage collection or trim?
<patdk-lap> and I don't know of any that do it with <128gigs of flash
<lorenz> @Sachiru I would assign the full 8GB, even that is barely enough for many applications
<Sachiru> No intended applications
<lorenz> patdk-lap: I use a lot of Kingston KC300 60GB SSDs and they do TRIM
<Sachiru> This is intended to be VM host
<Sachiru> Flash drives only host boot data for OS
<Sachiru> Everything else is stored onto ZFS data drives
<patdk-lap> lorenz, that is a usb stick?
<lorenz> patdk-lap: No, but still flash
<Sachiru> Also a quick google shows that Sandisk Cruzers have very basic wear leveling (no trim or garbage collection but better than nothing yes?
<patdk-lap> I said flash usb
<patdk-lap> sure, you can get sata flash at 4gigs that do trim
<patdk-lap> but not usb
<Sachiru> Also, query: RAID mirror of 2 flash drives where the /boot and / partition resides ensures that the system can boot from either of the two drives, correct?
<patdk-lap> Sachiru, nope
<Sachiru> Ok
<patdk-lap> you have to make sure grub is installed to both
<Sachiru> Yes
<Sachiru> And that too
<patdk-lap> and that bios is set to boot both
<Sachiru> Forgot to say that, sorry
<patdk-lap> and hope the first one doesn't fail in a half state
<davidbowlby> what's the best way to backup my old vmware ubuntu server instance and restore it to my openstack instance?  I'm not looking to do the full vmdk move because it takes too much space.  I've been playing with tar to zip the files and restore, but I'm obviously overwriting stuff that the cloud image uses to mount the boot volume.  Any help would be appreciated.  :)
<patdk-lap> !best
<patdk-lap> stupid bot
<davidbowlby> I've used the VMDK transfer method for my win2k8r2 VMs, but I figured since both the source and destination are running the same release of ubuntu I could probably do some form of backup/restore
<lorenz> TJ-: Checked memtest again, still no errors at 3 passes.
<davidbowlby> it would save me a ton of space because I have quite a few ubuntu VMs in my old environment
<Sachiru> @patdk-lap
<Sachiru> What would you recommend then?
<Sachiru> I want to make it so that the base OS can boot from either of the two drives
<patdk-lap> you can't
<Sachiru> So that if one fails I can pull it out
<Sachiru> And put the other in
<lorenz> Sachiru: BTRFS can do that (I think)
<patdk-lap> you just have to hope the first one when it fails, fails badly enough, it boots the second
<Sachiru> Ah
<Sachiru> Hmm
<patdk-lap> heh? btrfs seems to do a lot of things it can't
<lorenz> patdk-lap: Well it has checksumming and integrated raid, so it would detect where the faulty data is.
<patdk-lap> the only way to solve that fully, is to use a real raid card
<Sachiru> Is there an easy way to clone a USB drive?
<patdk-lap> lorenz, and at that point? your boot already failed
<patdk-lap> and it won't boot the second disk
<patdk-lap> so no, btrfs didn't fix it
<Sachiru> I'm thinking just use one flash drive, do weekly clone
<Sachiru> To another
<patdk-lap> it just didn't run the corruption, at best
<lorenz> Sachiru: A simple dd would work
<Sachiru> In case primary fails just unplug it and plug in the latest clone
<Sachiru> Does that work?
<patdk-lap> why wouldn't it?
<Sachiru> Ok
<Sachiru> If I do LinuxRAID (2-way mirror) of the flash drives then unplug one
<Sachiru> If I plug it back in later could I use MDADM to rebuild/re-clone the drive?
<lorenz> yes, that would work
<lorenz> but it is a lot of work
<patdk-lap> just keep bitmaps turned on
<Sachiru> I think I'd go with LinuxRAID then
<Sachiru> LinuxRAID doesn't do "rebuild the moment the drive is plugged back in" right?
<lorenz> No
<patdk-lap> make sure mdadm is setup correctly to boot in degraded mode
<lorenz> At least not in default config
<Sachiru> Ok
<Sachiru> Thanks
<Sachiru> Now I know what to do. Thanks all! You've been such a great help
<lorenz> TJ-: I left my VM running and it has made it to the promt where it says that /tmp, /boot/efi and /home aren't ready
<lorenz> TJ-: Would point to a udev problem
<TJ-> lorenz: Can you checksum the boot files (vmlinuz, initrd.img) and compare them against the originals before the problem?
<lorenz> Has anyone of you had udev problems lately?
<lorenz> TJ-: Well, there are no originals (at least no this time)
<lorenz> TJ-: That system was installed, booted and hung
<TJ-> lorenz: You have pretty amazing Linux-killing superpowers!
<davidbowlby> could I just boot my vmware ubuntu server and use rsync in some way to transfer its files to the openstack ubuntu server?
<davidbowlby> I have several servers for different purposes and don't want to lose their configs or data.
<lorenz> TJ-: Yay! But I never asked for it :D
<lorenz> TJ-: initrd.img is (nearly) the same as on my local host
<lorenz> TJ-: Nope, my diff call was not recursive.
<lorenz> TJ-: The diffs are ok, I also tried to boot it with my local initrd. It booted the kernel, but didn't do more than the old initrd.
<TJ-> lorenz: something very weird then, it must be disk image corruption somewhere
<lorenz> TJ-: BTRFS -- So no disk corruption possible
<lorenz> TJ-: Booting with host vmlinuz and initrd works, but doesn't make it any better
<lorenz> TJ-: I got something! I removed all udev and plymouth upstart jobs and now it boots quite quickly to the point where it fails to mount /etc/fstab volumes. Then I started a maintaince shell, which surprisingly worked and now I got the log message that mountall failed (but after 19 seconds, not the usual 300)
<lorenz> TJ-: That's also the first boot which logged into kern.log!!
<TJ-> how about starting udev now, manually
<lorenz> TJ-: Ok, done that. I'll try now to continue the boot process.
<lorenz> TJ-: Mountall seems to fail now.
<Sachiru> Anyone know how to configure memory limits for ZRAM on ubuntu? There's nothing in the official documentations and if there's anything on the forums about it 2 hours of googling apparently isn't enough.
<lorenz> /etc/init/zram-config.conf
<lorenz> probably there (I can't check that because I don't have ZRAM)
<Sachiru> Nope, no such file, and if it did exist it's empty (not even a comment)
<Gaba1> after I install ubuntu server from USB it will not find the HDD to boot. I try ubuntu 12 and that works fine. anyone have any ideas?
<Gaba1> hello, I am having an issue where I create a USB boot drive and when the installation gets to GRUB there is an error and then when I go to complete the installation all I see is a little white blinking underscore
<cfhowlett> Gaba1 verify your ubuntu ISO and the boot USB
<cfhowlett> !md5sum
<ubottu> To verify your Ubuntu ISO image (or other files for which an MD5 checksum is provided), see http://help.ubuntu.com/community/HowToMD5SUM or http://www.linuxquestions.org/linux/answers/LQ_ISO/Checking_the_md5sum_in_Windows
<Tohsh> I have a clean install of server 14.04 on an intel i5 3rd gen based machine. I am unable to boot normally without the nomodeset flag set on the kernel line in grub. It will attempt to boot and then freeze when adding swap. This has never been an issue in the past on previous releases for me. I have verified my UUIDs match in fstab and blkid. Any idea?
<RoyK> beamed-up-zombie-day!
<sarnold> RoyK: do you have the day off?
<RoyK> yep
<sarnold> nice
<Tazmain> hi all how do I upload to a ftp that uses a username and password ? And where is the rsync.conf file in ubuntu I cannot find the default one.
<ikonia> you create the rsync.conf
<bekks> Tazmain: Use a ftp client. And you can provide the credentials on the rsync commandline.
<ikonia> and you upload to an ftp site that needs a username and password by puting in the username/password when prompted by the client
<Tazmain> so do I set the location in rsync as the ftp client ? or ftp url ?
<bekks> rsync has no gui, it is a command line utility.
<Tazmain> that I know
<Tazmain> you need to say in the config the location you are backing up to
<bekks> You dont need any config, you need the command line only.
<Tazmain> I want to automate it, doesn't it require a config then ?
<bekks> No.
<bekks> It requires a command line.
<Tazmain> really ? I am on the rsnapshot howto page and it says 4.1 create the config file. But okay if i just require command line I can make a bash script. So in the command I will also have to put the username and password then ?
<Tazmain> bekks, if you run rsync as a deamon doesn't that require a config. Just trying to clear my confusion
<bekks> Tazmain: you dont run the client as a daemon.
<bekks> Tazmain: you are connecting using the _client_ to the ftp site, which doesnt require a config but a command line only.
<Tazmain> I meant rsync as a daemon
<bekks> You dont use the rsync client as a daemon.
<bekks> And you do not configure the server to connect anywhere, thats what the client does.
<Tazmain> Oh I understand
<bekks> I told you three times now ;)
<Tazmain> bekks so I could go rsync backup /var/www/stuff ftp ftp.location.com/var ?
<bekks> "/var/www/stuff ftp ftp.location.com/var" doesnt make much sense. you can use rsync to transfer data to an ftp location, yes.
<Tazmain> bekks okay do I need to mount the ftp location or how would I do the command? Could you give me an example if that isn't too much of a bother
<bekks> you dont need to mount the ftp location but you specify the credentials and the transfer protocol on command line. "man rsync" shows you how to do it, and you want to use the -e option.
<Tazmain> bekks, thank you very much I will have a look at that otherwise I will use curlftpfs and just rsync to that. Only thing I still want to ask is if I want rsyn to run everyday do I need to make it a daemon or just a cron task
<sarnold> cron task is probably fine
<sarnold> daemon mode rsync is nice if you have many clients all reading (or writing) to the same places
<Tazmain> sarnold, so would you recommend cron ?
<sarnold> Tazmain: yes
<bekks> Tazmain: the daemon is for creating an rsync server, nothing else.
<foolhardy> I cannot seem to mount a "linux" partition: http://pastebin.com/DpJt5fx0
<foolhardy> any advice
<foolhardy> ?
<sarnold> foolhardy: "Linux" is just a partition type, it doesn't tell you what is actually on that block device
<foolhardy> how can I find that out?
<sarnold> foolhardy: try file -s /dev/sdb1
<bekks> sudo blkid
<foolhardy> /dev/sdb1: sticky x86 boot sector, code offset 0x0
<foolhardy> sudo blkid did not return anything regarding this new disk
<foolhardy> only the original os disk
<bekks> So there is no filesystem found.
<sarnold> you could try leaving off the -t <foo> and see if mount can just figure it out
<sarnold> if not, try ext2, ext3, exg4, btrfs, zfs, ntfs, ntfs-3g, vfat, etc..
<bekks>  -t auto
<moparisthebest> can I get do-release-upgrade to just download all needed packages and not change anything else?
<moparisthebest> because I have to do the upgrade remotely over a slow connection, so I'd like to have it download everything while I don't have to watch it, then just apply things later
<rbasak> moparisthebest: back up /etc/sources.list and /etc/sources.list.d/. Then replace all mentions of "saucy" with "trusty" (for example). Then run "apt-get update", then "apt-get --download-only dist-upgrade".
<rbasak> Then change the files back. Correction: /etc/apt/sources.list and /etc/apt/sources.list.d/
<rbasak> Then you'll have everything downloaded in /var/cache/apt/archives/, and a later upgrade will use those files instead of downloading against, except if there is anything new since you did that.
<rbasak> instead of downloading again
<moparisthebest> ah yea, guess that should work
<moparisthebest> yea it should get the vast majority for me, thanks!
<pakcjo> Hello, I think kerberos is starting before slapd and it should be the other way around, how can I confirm/fix this?
<sarnold> pakcjo: check if they have old-style init.d scripts or upstart scripts, that'll decide how you fix it..
<pakcjo> looks like upstart
<pakcjo> sarnold: at least for slapd: http://pastie.org/9235435
<moparisthebest> hehe ok rbasak: Calculating upgrade... Failed The following packages have unmet dependencies: *snip* E: Error, pkgProblemResolver::Resolve generated breaks, this may be caused by held packages.
<moparisthebest> so is there a way around that?
<rbasak> I don't think that should happen unless you've got third party packages installed.
<rbasak> If that's right then you'll need to resolve those yourself.
<moparisthebest> well, this is a lucid 10.04 box
<moparisthebest> it worked for downloading precise 12.04 packages
<moparisthebest> but failed with that when I tried trusty 14.04 :(
<genii> Might want to ppa-purge and try again
<moparisthebest> there is nothing in /etc/apt/sources.list.d/ never was
<genii> moparisthebest: When you say "this is a lucid 10.04 box " ... "it worked for dowloading precise 12.04 packages" ... Do you mean you upgraded 10.04 to 12.04 or that you installed 12.04 packages onto a 10.04 system?
<moparisthebest> well aptitude is getting the majority of them, that'll be good enough
<moparisthebest> genii:  no I'm trying to pre-download most of the packages I'll need for do-release-upgrade
<moparisthebest> I'll be upgrading to precise, then immediatly to trusty
<moparisthebest> so I changed my sources.list to precise, apt-get update, apt-get -d dist-upgrade
<rbasak> Oh, I see. I'm not aware of any way to get the trusty package downloads without upgrading to precise first.
<moparisthebest> which worked, downloaded packages and did nothing else
<moparisthebest> and then changed sources.list to trusty and did the same which broke a little
<rbasak> I would strongly suggest redeploying trusty rather than upgrading all the way from lucid.
<rbasak> Use configuration management, and test first.
<moparisthebest> you think so?
<moparisthebest> I actually have a server I originally had 6.X on that currently has 12.04
<moparisthebest> I've never upgraded twice in a row like this, but hopefully it won't have any issues
<rbasak> The general approach is much more reliable and reproducible. Know what you have deployed, rather than carrying issues forward.
<moparisthebest> yea makes sense, what configuration management do you use?
<rbasak> We do support upgrading, but the nature of server distributions is that they involve local customisations, and upgrade scripts cannot always carry that forward.
<moparisthebest> all I've ever used is backups and such :)
<davidbowlby> This sounds like you should walk through it a couple times.  I suggest booting up a virtual machine running 10.04 and attempt the upgrades a couple times before playing with a production system.
<davidbowlby> you can hose a VM over and over ;)
<moparisthebest> hmm, never saw the --sandbox option for do-release-upgrade before
<moparisthebest> that should be pretty safe?
<moparisthebest> -s, --sandbox         Test upgrade with a sandbox aufs overlay
<jpds> moparisthebest: Safe as an upgrade gets.
<jpds> moparisthebest: https://wiki.ubuntu.com/AufsBasedUpgrades
<moparisthebest> ah thanks I was trying to find more info about it
<davidbowlby> it wouldn't take you long to run through it in virtualbox
<moparisthebest> well except I don't have another exact copy of this machine in a VM
<davidbowlby> you don't need an exact copy to get the procedure down
<davidbowlby> I'm talking about nailing down how you're going to do it
<davidbowlby> the rest is just data
<moparisthebest> I've upgraded 10.04 to 12.04 on multiple desktops/laptops/servers before, it was just around the time 12.04.1 was released, so, awhile ago :)
<davidbowlby> not saying there can't be issues with packages you have installed
<davidbowlby> but you can do a dpkg list to find out what's on it
<davidbowlby> but you're not talking 10.04 to 12.04
<davidbowlby> you're talking 10.04 to 12.04 to 14.04
<moparisthebest> I've also upgraded from 12.04 to 14.04
<davidbowlby> but you're asking about the double upgrade
<moparisthebest> the same computers that *used* to run 10.04, and 8.04 before that
<bekks> davidbowlby: 10.04 to 12.04 to 14.04 includes 10.04 to 12.04.
<davidbowlby> personally I'd want to walk through it on something I don't care about first
<moparisthebest> I'd think it'd be about the same
<davidbowlby> thinking and knowing are two different things
<moparisthebest> yea the only thing that's giving me pause is I have to drive 10 miles if it won't reboot or something hehe
<davidbowlby> exactly, so why not be sure about it
<davidbowlby> create a 10.04 vm
<davidbowlby> with the same packages installed
<davidbowlby> (you can get a list from dpkg)
<davidbowlby> and then try it
<davidbowlby> if it goes well, you have a procedure
<davidbowlby> if it breaks, you didn't break a server 10 miles away
<davidbowlby> 10 miles lol, try 1600 miles away
<bekks> moparisthebest: Just use do-release-upgrade -s
<moparisthebest> yea it's a good idea, just not sure if I want to try it or just screw it and roll the dice, like you said, it's not like it's 1600 miles away or more like the rest of my servers
<davidbowlby> I'd do the VM and document a procedure in confluence for future use
<davidbowlby> but that's me :D
<moparisthebest> well and this is my last computer on 10.04 so I don't ever need to do it agai
<davidbowlby> ah
<davidbowlby> but you can always share it online for other suckers in your position
<moparisthebest> hmm yea
<davidbowlby> #contribute
<davidbowlby> lol
<MTughan> I'm trying to provision an Ubuntu 14.04 image on an OpenStack installation and am switching to using WaitConditions. I get a URL from the wait condition and install the heat-cfntools package (to get cfn-signal), but running cfn-signal returns a Python import error: "No module named heat_cfntools.cfntools". I can't find the module anywhere on the system.
<MTughan> Am I just missing a package that needs to be installed? Is something missing from the package? Something else entirely going on?
<fridaynext> anybody here use phpvirtualbox on ubuntu server? any comments on performance?
<fridaynext> i'm currently remoting into KVM from a VM on my OSX laptop, and that's too kludgey for me. I want to simplify.
<fridaynext> I already have OpenVPN installed, so it seems phpvirtualbox would be a perfect companion to access my media server's VMs from anywhere.
<davidbowlby> MTughan, did you install heat-api-cfn  ?
<MTughan> davidbowlby: No, because I think that's the server component.
<davidbowlby> I think heat-engine is
<MTughan> Looking at its dependencies, you may be right.
<davidbowlby> https://packages.debian.org/hu/sid/web/heat-api-cfn
<MTughan> Yeah, the name suggests that it's the API endpoint, but maybe it's not.
<davidbowlby> I'd say based on your error message, it's a good thing to try ;)
<MTughan> It's weird though, looking at the OpenStack git repo for heat_cfntools, the module's in that repo. http://git.openstack.org/cgit/openstack/heat-cfntools/tree/
<davidbowlby> This package contains the CloudFormation (CFN) API.
<davidbowlby> I assume you installed heat-api
<davidbowlby> that error is specific to cfn though, so I think apt-get install heat-api-cfn will fix it
<MTughan> If the packages were available, perhaps.
<MTughan> E: Failed to fetch http://nova.clouds.archive.ubuntu.com/ubuntu/pool/main/h/heat/python-heat_2014.1~rc2-0ubuntu3_all.deb  404  Not Found [IP: 91.189.88.153 80]
<davidbowlby> hmm interesting
<davidbowlby> sudo apt-get update
<MTughan> I'm trying an update now.
<davidbowlby> ;)
<davidbowlby> gmta
<MTughan> Normally, I have cloud-config do an update on boot. But I think that was skipped this time because of an issue I had while testing.
<MTughan> Yeah, now it's working.
<davidbowlby> sweet, I just started playing with OpenStack last week
<davidbowlby> got tired of esxi hardware support continuing to dwindle
<davidbowlby> migrated my mysql server last night using rsync, that was nerve racking, but went well
<davidbowlby> luckily I was smart and used DNS in my environment lol
<MTughan> davidbowlby: Neither heat-api nor heat-api-cfn fixed it.
<MTughan> I had thought because I didn't do an update that heat-cfntools might not've been up-to-date, but upgrade didn't touch it or fix it.
<lordievader> Good evening.
<pakcjo> which is the init.d script for dhcpd?
<PryMar56>  dhcp3-server
<pmatulis> pakcjo: if you want something lighter and progressive you may consider dnsmasq.  it doesn't have all features though
<pakcjo> PryMar56: I don't have that (Ubuntu 12.04.4 LTS)
<pakcjo> I have isc-dhcp-server and isc-dhcp-server6
<PryMar56> pakcjo, I checked lucid
<pakcjo> I'm asking because it seems that there was a change, /etc/dhcp instead of /etc/dhcp3/
<pakcjo> is there a better tool than update-rc.d to see which init.d scripts are enable?
<PryMar56> pakcjo, ls -al /etc/rcS.d  ; ls -al /etc/rc2.d/
<PryMar56> if you see symlinks to /etc/init.d/ the service is setup
<pakcjo> hmm interesting, I have a S07dhcp3-server but it is not in /etc/init.d/
<pakcjo> so, is this a new upgrade bug?
<PryMar56> pakcjo, that is a dead symlink
<PryMar56> its harmless
<pakcjo> PryMar56: yes, but I don't have anything to start dhcp with...
<PryMar56> pakcjo, run update-rc.d against the new isc-dhcp...
<pakcjo> PryMar56: which? isc-dhcp-server or isc-dhcp-server6? why I have 2?
<PryMar56> do you want to hand out ipv6 addresses? I don't
<pmatulis> pakcjo: there may be an upstart job
<pmatulis> /etc/init
<pakcjo> oh 6 is for ipv6, thanks ;)
<pakcjo> pmatulis: oh yes, there is :)
<timhansen> good afternoon
<pakcjo> hello timhansen
<timhansen> i just created a new 14.04 server on linode. installed lamp, and setup a virtualhost. added the entry into my local hosts file, but when i go to the fake domain, iâm getting the index view of the html directory (i removed the default ubuntu index.html)
<timhansen> hereâs the output of my virtualhost: https://gist.github.com/willc0de4food/cc014d072cf42eb538dc
<timhansen> any ideas as to what i did wrong?
<pakcjo> is there a way to set order of init.d scripts?
<pakcjo> if I manually change the symbolic lick from S06 to S05 will that work?
<pakcjo> (is that the correct way of doing it?)
<pmatulis> pakcjo: is this kerberos & slapd again? normally those links should not be changed
<pakcjo> pmatulis: yes
<pmatulis> timhansen: remove 'Indexes'?
<pakcjo> I have to start them manually after a reboot... I was thinking of adding them to /etc/rc.local but there should be a better way...
<timhansen> i figured it out. iâm absent-minded & didnât name the vhost with .conf -.-
<pmatulis> pakcjo: doesn't kerberos only need access to slapd when it receives a request?  why would it depend on it to start up?  are you also storing kerberos/kdc config information in slapd?
<pakcjo> pmatulis: yes, ldap is used as db for kerberos
<pmatulis> pakcjo: so what is the current problem?
<pakcjo> pmatulis: kerberos tries to start, fails with couldn't connect to ldap server, slapd starts
<pakcjo> i need slapd to start before kerberos
<pmatulis> pakcjo: i wonder why?  it must do a check when it starts
<pakcjo> a check?
<pmatulis> pakcjo: yeah, it obviously does a check of some sort
<pmatulis> pakcjo: would be great if you could pastebin some logs from kerberos
<pmatulis> pakcjo: but it's weird that such a problem has not already been identified
<pakcjo> there isn't much: kadmind[1333](Error): Can't contact LDAP server while initializing, aborting
<pakcjo> https://bugs.launchpad.net/ubuntu/+source/krb5/+bug/652433
<uvirtbot> Launchpad bug 652433 in krb5 "Init script dependency error: krb5-kdc starts before slapd" [Low,Confirmed]
<pmatulis> ah
<pakcjo> from 2010 XD XD XD
<pmatulis> pakcjo: that bug explains things fairly well.  were you not able to get a workaround out of it besides manually changing the symlinks?
<pakcjo> well the bug report suggest to change order
<pakcjo> and rc.local XD
<pakcjo> another reason to get rid of slapd
<sixBB> hello.  I am exeperiencing problems with installing/upgradiing udev.  Thie configure process hangs.  I've googled and not tound anything pearticularly helpful
<sixBB> any suggestions?
<pakcjo> what is the correct way to start/stop services in /etc/init/?
<Patrickdk> service xxxx (start|stop)
<pakcjo> thasnk Patrickdk
<pakcjo> so start xxxx and stop xxxx is for something else?
<pakcjo> or they are aliases?
<Patrickdk> dunno
<lordievader> pakcjo: There are many ways, using initctl is another way ;)
<Patrickdk> hmm, start/stop is aliased to initctl
<lordievader> Ah, that is new to me. :)
<pakcjo> thanks
<MTughan> pakcjo: service using start and stop in the script for start and stop.
<MTughan> And status and reload for those two as well, apparently.
<MTughan> All of which are aliased to initctl by softlinks.
<MTughan> "restart" is just accomplished by calling stop followed immediately by start.
<Patrickdk> ah, service is just a script, that runs init.d or initctl for init
<MTughan> Exactly.
<MTughan> Shell script, even. Thought it might be Python, but I guess that'd be overkill.
<Patrickdk> since upstart, I switched to using service for everything
<MTughan> (sorry, I've been doing a lot of Python lately)
<Patrickdk> I've been doing lots of lua scripts lately :)
<Patrickdk> very low latency :)
<MTughan> Yeah, service should be your goto for service-y stuff (no pun intended).
<pakcjo> nested db in ldap is a bad idea right? is there any documentation about it?
<pmatulis> pakcjo: it makes things unecessarily complex
<pakcjo> pmatulis: do you have any link about where I can read about it? or a guide to switch/port to hmm "lineal?" model?
<pakcjo> flat model
<pmatulis> pakcjo: no, but IMO it should just be a matter of changing the slapd config so it points to the new location
<pmatulis> pakcjo: i idle in #openldap , you might get better opinion there
<pakcjo> pmatulis: it's nested vs flat or is there a better terminology for not nested?
<pakcjo> thanks
<pmatulis> pakcjo: i don't think 'nested' is a great term
<pakcjo> :)
<pmatulis> pakcjo: it usually implies one thing working within another.  but in this case, it's just a matter of directories.  a location and not something in the logical/working aspect
<pakcjo> pmatulis: thanks
<pmatulis> ex: nested kvm.  a hypervisor which is actually a guest of another hypervisor
<pmatulis> pakcjo: i know i have at least one cleanup/re-install shell script that would wreak havoc if i had a database located within the directory of another database ;)
<pakcjo> :)
<__dan__> hi guys, hope you're all well, been having consistent hangs with btrfs defrag on ubuntu 14.04 stock kernel, was wondering if there is a guide to updating the kernel to latest and also updating the btrfs supporting programs? any guidance appreciated, cheers :)
<Patrickdk> don't use btrfs till it's stable?
<__dan__> when will that piece of string reach it's end?
<__dan__> also, I'm not using the more cutting edge stuff like dedupe or parity raid, I'm comparing between ZFS on Linux and btrfs on the same hardware and would like to evaluate btrfs latest, preferably in a safe non-hacky manner I was hoping to get some help with that
<Patrickdk> dunno, watch btrfs.wiki.kernel.org
<__dan__> uh huh
<Patrickdk> they don't say btrfs is stable yet, at all
<Patrickdk> only that the ondisk format is stable, not that the code/runtime is stable
<__dan__> well, I believe the man page etc was changed last year to reflect it's relative stability from where it was when that man page was originally written
<Patrickdk> well, consider the wiki was updated less than a month ago
<Patrickdk> and says NOT STABLE
<Patrickdk> I would assume it's not stable
<__dan__> the situation is a little more complicated than you seem to be giving credit
<rberg_> __dan__:  check here for builds of upstream kernel releases.. http://kernel.ubuntu.com/~kernel-ppa/mainline/
<Patrickdk> how is it more complicated?
<__dan__> because some parts of the codebase are more mature than others
<__dan__> hi rberg_ thank you I will take a look
<rberg_> as for userland you may need to build it yourself.
 * Patrickdk just hopes he can use btrfs, without dedup/compression/snapshots/...
<Patrickdk> just to store files
<Patrickdk> without it exploding and becoming completely corrupted
<__dan__> ah yes I saw this earlier, I'm running trusty and would like to keep it that way, is it OK to run the utopic kernels? and is there a way to set it up to update automatically? (ie. an apt repo that has latest 3.14 for instance?)
<Patrickdk> had it do that way too many times
<rberg_> heh the way btrfs and zfs do snapshots is REALLY nice..
 * __dan__ nods :) I'm a FreeBSD refugee and used to running ZFS but ZFS on Linux is highly not recommended for 32-bit machines - guess what I'm running :/
<__dan__> to be fair it's not the best idea on 32-bit FreeBSD either but I ran it with no issues whatsoever after the initial tune-up period
<Patrickdk> there are still 32bit systems?
 * __dan__ rolls eyes
<Patrickdk> thought they died out with pentium D cpu's
<metho> anyone successfuly migrated bind to windoz server?
<__dan__> metho: I'm no DNS expert but can't you just configure windows as secondary and have it pull the zonefiles from bind primary?
<__dan__> can't say I know anyone crazy enough to migrate DNS to windows though sorry :) i dare to even ask your use case
<qman__> Migrating a DNS zone to MS DNS isn't hard, but it's not an ubuntu question
<__dan__> maybe on some level he came here so we could talk him out of it :)
<qman__> As for migrating _from_ MS DNS _to_ bind, making bind the secondary, transferring the zone, then reconfiguring as a master is a good method
<Joe_knock> Hello there
<Joe_knock> Whenever I SSH into my remote server, I get a small introduction about the system, how do I make this introduction appear whenever I want?
<lutostag> Joe_knock: I believe you are talking about motd (message of the day), which is created by the scripts that live in /etc/update-motd.d/
<Joe_knock> lutostag: is there a simple command to make it display? Or were u telling me by saying motd?
<Jordan_U> Joe_knock: cat /etc/motd
<Joe_knock> Jordan_U: Thank you
<Jordan_U> Joe_knock: You're welcome.
#ubuntu-server 2014-05-30
<zombu2> anyone awake?
<__dan__> yeah i am
<__dan__> seems to be full of channels all with 400 idlers in, this network
<__dan__> wouldnt take it personally :) hehe
<zombu2> heh maybe you can help me out
<zombu2> i am trying to bond 2 nics
<zombu2> i setup the bond interface but it seems to have trouble with the cards
<zombu2> one is always disabled and the other one only works in single mode
<__dan__> ooo i havent done that in a while, and if i remember correctly, the method of doing it changed since i last attempted it (debian etch i think)
<zombu2> well i m loosing hair over it lol
<zombu2> very limited info available
<jerrcs> zombu2: Which mode are you using for bonding?
<zombu2> i am trying to use mode 4
<zombu2> 802.3ad
<jerrcs> Ok, sorry.. I don't know anything about that.
<__dan__> thats the aggregation one isnt it?
<jerrcs> it appears so, yes
<zombu2> yes you need a managed switch for that
<zombu2> either way i have tried it with all modes
<zombu2> i would be happy with roundrobin-rr for now
<__dan__> I take it you've seen this: https://help.ubuntu.com/community/UbuntuBonding
<jerrcs> zombu2: why roundrobin-rr?
<jerrcs> zombu2: What are you trying to accomplish?
<zombu2> end goal is to combine 2 nics for more speed
<jerrcs> good luck.
<zombu2> roundrobin would be a start
<jerrcs> it doesn't quite work like that
<jerrcs> it's not necessarily going to get you more speed, that is.
<__dan__> i thought it would, if you had a compatible switch
<zombu2> i m trying to get it to work anyways for learning sake
<zombu2> but i m stuck
<zombu2> during boot it says waiting additional 60 seconds
<__dan__> might be waiting for DHCP
<zombu2> waiting additional 60 seconds for network configurtation
<__dan__> have you been through that URL I posted above?
<zombu2> yes
<jerrcs> I guess your results may vary.
<zombu2> thats what i used to set it up
<__dan__> are you on dhcp or static ip?
<zombu2> for some reason eth0 gets renamed during boot to em1
<zombu2> static
<jerrcs> Change udev.
<zombu2> how
<jerrcs> You can rename it back to eth0, there's a file in /etc/udev/rules.d/ that has all of the interface listings
<__dan__> how odd, i would expect to see em1 on freebsd haha
<jerrcs> Wait, which version of Ubuntu?
<zombu2> server 14.04
<jerrcs> ok
<zombu2> funny thing is only eth1 shows in rules.d
<zombu2> using lshw i can see the second card is there but disabled
<jerrcs> I don't have the file on mine.. but yeah, find the NIC that matches up with the mac address and name it accordingly
<zombu2> i tried that too
<zombu2> i added the mac and name to rules.d still no dice
<zombu2> deleting the file and let it be recreated on boot only writes eth1
<__dan__> if you're just testing, might be worth grabbing a coffee while you flatten and reinstall it :)
<__dan__> make sure each nic is working first
<jerrcs> actually, that's a bit weird. my 14.04 doesn't have the 70-persistent-net.rules
<jerrcs> my 12.04 does, however
<zombu2> wierd
<zombu2> reinstall is not an option for now since it got about 3tb of data on the raid
<__dan__> on the same partition??
<__dan__> like, as root and all that
<zombu2> no md0
<zombu2> boot drive is a different hdd
<zombu2> md0 is a mount
<jerrcs> I think he was asking about your partition layout - whether or not / is the filesystem with the 3tb of data
<zombu2> but i m afraid i cannot reassemble the mdadm device
<jerrcs> Ah, ok
<zombu2> no it is not
<__dan__> ahhh i see what you mean
<__dan__> yeah if you dont have a backup then maybe best not to risk it
<zombu2> the md0 is mounted in /media
<zombu2> yeah keeping a 3tb backup around is kinda hard to do
<zombu2> i m low on space as it is lol
<zombu2> now back to preventing udev from renaming the nic
<__dan__> so what does ifconfig or ip link show, what interfaces does it think it has?
<__dan__> eth0, em1 ?
<zombu2> ifconfig -a shows em1 eth0 bond0 regular ifconfig just shows bond0 and loopback
<zombu2> lshw always tells me that em1 is disabled
<__dan__> how about ethtool?
<jerrcs> ok, maybe you can just pastebin /etc/network/interfaces and then the output of "ip addr"
<jerrcs> just to see what you're working with here
<__dan__> ya good call
<zombu2> i have to revert the bonding changes kinda ghard to paste it without net lol
<zombu2> give me about 5 mins
<__dan__> lol ya
<jerrcs> well
<zombu2> i just comment em out
<jerrcs> you can always manually assign an IP to the interface w/o rebooting
<jerrcs> ifconfig eth0 192.168.1.14/24
<jerrcs> route add default gw 192.168.1.1
<jerrcs> etc etc
<zombu2> brb
<jerrcs> or em1, whatever it may be
<jerrcs> alright
<__dan__> not sure about that tbh, i got the implication that eth0 and em1 were both down
<__dan__> <zombu2> ifconfig -a shows em1 eth0 bond0 regular ifconfig just shows bond0 and loopback
<jerrcs> Yeah, I think it will help to see the "ip addr"
 * __dan__ nods
<zombu2> http://pastebin.com/kKBFvFEv
<zombu2> next coming up
<zombu2> http://pastebin.com/zKxe74Vg
<zombu2> http://pastebin.com/pgZSnFzS
<zombu2> http://pastebin.com/dKAXE2rx
<zombu2> http://pastebin.com/P4d2w3ym
<zombu2> http://pastebin.com/VvATViyu
<zombu2> that should be all
<zombu2> at least what i can think off
<__dan__> yeah you seem to be missing a line in your udev rules for the other nic
<zombu2> yes
<zombu2> seems so
<__dan__> although not sure if that would be an issue anyway
<__dan__> can you confirm if both nics are working independently?
<zombu2> but it does not create it and even after deleting the rule and recreating it it s not there
<zombu2> they are
<zombu2> i pulled em out and tested both in another machine
<__dan__> well, i mean can you assign an ip address to em1 and have it behave
<zombu2> i can try real quick
<zombu2> 1 sec
<__dan__> im just trying to round down the problem mate
<__dan__> to be honest this kind of thing isnt my strong suit
<zombu2> yeah i understand
<zombu2> no problem
<zombu2> i m pulling my hair out as well lol
<__dan__> yeah we've all been there :/ haha
<__dan__> if it's any consolation, a friend of mine did this with 4 cards and im almost sure they were intel
<__dan__> think the switches may have been extreme networks
<__dan__> and that was with debian lenny i think
<__dan__> you could also check that the kernel module is being loaded with lsmod
<zombu2> all the cards are intel
<zombu2> same ones too
<__dan__> yeah whatever you can say about intel they make good wired nics
<zombu2> in my other home server i run a 4 port intel server card
<zombu2> and it seems as soon as i assign an ip to em1 and activate it i get the waiting for newtwork config
<__dan__> used to have a few of those at a place i worked at, real nice kit
<zombu2> seems the card is not behaving
<zombu2> yeah the 4 port is great
<zombu2> i got that one running roundrobin for now since i can t seem to get 802.3ad to run on linux mint lol
<zombu2> but thats another story
<__dan__> yeah one problem at a time fella :)
<zombu2> yep lol i m glad rr works on that one lol
<__dan__> almost 4am here so i might have to abandon you shortly
<zombu2> seems there s an issue with the em1 not behaving
<__dan__> yeah its not a good sign
<zombu2> yeah np not like the problem is going away lol
<zombu2> 4am damn where you at europe?
<__dan__> haha to be honest if i were in your shoes i would be considering swapping the boot drive for a spare, disconnecting the raid array and reinstalling ubuntu fresh
<zombu2> i might try that next
<__dan__> then make careful changes based on what you learned, see if the em1 / eth1 thing is still a problem, etc
<__dan__> I'm in England
<zombu2> i have the bad feeling that something is interfereing
<__dan__> well it does seem like udev is confused which is never a good omen
<zombu2> yeah i wonder what happened
<zombu2> ima see if there s a bios update for the board
<zombu2> i hate amd lol
<zombu2> difference on those cards is one is in a 4x slot and one is in a 16x
<__dan__> oh mate i hate them all
<__dan__> computers suck
<__dan__> :)
<zombu2> lol
<zombu2> amd stuff so far has given me nothing but grief
<__dan__> to be honest I haven't touched any of their stuff since athlon 64
<__dan__> although the opteron stuff was never bad
<zombu2> yeah but i had to get one of these apu contraptions since i didn t have enough to get a intel board
<__dan__> ahhh yeah i would be less inclined to go for one of those
<zombu2> i wasn t either but it was either that or nothing
<__dan__> never had an ATI chipset board but had the displeasure of working with a couple of NVidia chipset boards - convinced me that graphics card manufacturers have no business making motherboard chipsets
<zombu2> anyways how can i make udev not rename the card
<zombu2> lol too true
<__dan__> well, i dont think it's renaming the card, i think it's not doing anything with it, and thats the problem
<zombu2> dmesg says its renaming eth0 to em1
<__dan__> i would be inclined to copy the line concerning eth1 and replace it with eth0 and the details from the em1 card
<zombu2> heh i did that too no change i think it gets ignored
<zombu2> i tried to run the script that creates the entries manually but it always says missing $interfaces
<zombu2> deleting the rules and rebooting creates a new one but leaves em1 out
<zombu2>  
<zombu2> ima stick a realtek in there and see what it does
<__dan__> yeah i was just looking at that - /lib/udev/write_net_rules
<zombu2> yeah it gives me the missing $interfaces error running it
<zombu2> i assume it s either looking for eth0 or it sbroken lol
<zombu2> i read something about putting biosdevname=0 in grub.cfg or something
<zombu2> to prevent renames
<__dan__> i've always just edited that file, and it's always worked
<zombu2> yeah i tried no dice
<__dan__> once had a centos machine where eth0 had to be a specific nic
<zombu2> i had a fedora machine do the rename thing on me caused all kinds of issues
<zombu2> ima go and stick a realtek in it and see
<zombu2> i bbl
<__dan__> well good luck mate i tinkered with write_udev_rules but it does the same for me
<__dan__> i gotta sleep
<zombu2> yeah np nn i be back tomorrow
<__dan__> gn :)
<zombu2> hmm seems there is a problem with that 16x slot and nic cards
<zombu2> video card works in it but nic cards get detected but do not work
<zombu2> first time i ve seen that lol
<sheptard> zombu2: interesting
<zombu2> yes sheptard it is interesting i wonder if the board is defective or if it is a bios bug
<Tazmain> hi all, for using rsync to a mounted ftp location if I want dayly and weekly backups should I write scripts with rsync and have them in cron.
<sarnold> "mounted ftp location" -- that kinda terrifies me. please elaborate a bit.. :)
<Tazmain> curlftpfs
<sarnold> very terrified :)
<sarnold> I'm mostly confident you would hate that solution.
<sarnold> why can't you rsync directly to the remote system?
<Tazmain> hahaha sarnold well its a local ftp to the server. and its the only backup solution they provided. Thing is I cannot figure out how to do that. The ftp needs a username and password. I have multiple directories to backup. If there is a better solution I would go with that .
<sarnold> Tazmain: how much backup storage do they provide compared to your 'working' storage?
<sarnold> Tazmain: probably a handful of tarballs would be better.
<Tazmain> sarnold, they give us 50 gb . I only use about 4-7 gb
<Tazmain> 100meg connection to the ftp
<sarnold> Tazmain: nice. probably tar cfa /path/to/backup.tar.gz /path/to/dir1 /path/to/dir2 ... -- then ftp put your /path/to/backup.tar.gz
<Tazmain> sarnold, is that now with rsync ?
<sarnold> Tazmain: no, I wouldn't use rsync in your configuration at all -- rsync over an ftp-fs thing would be miserable. horrible. painful.
<Tazmain> sarnold, can't rsync backup to ftp if it needs a username and password ?
<Tazmain> sarnold, what would you suggest doing then to make backups to ftp. I have sql,web and a repository to backup.
<sarnold> Tazmain: i'd save tarballs of your data locally and then ftp those tarballs to your ftp site
<Tazmain> sarnold, okay but the only issue I see with that is that the ftp site will get full , I mean I am going to do daily backups of some stuff
<sarnold> Tazmain: sure. delete the old ones after a week or two.
<Tazmain> so I would have to write a bash script to do that ?
<sarnold> Tazmain: sure, or python. take your pick of languages.
<Tazmain> alright I have one last question how to I transfer the tarball to the ftp. I mean so far I had to either mount the ftp or go ftp site.address and then follow the promts to enter username and password.
<sarnold> Tazmain: curl can do that, see curl --upload-file -- or you could use lftp or ncftp, I think both of those have easy upload ability from a single command
<Tazmain> Awesome thank you I will try that.
<lordievader> Good morning.
<Adri2000> hi
<Adri2000> is the cloud archive available for trusty yet?
<cfhowlett> !cloud
<ubottu> Ubuntu Cloud Infrastructure is a ready to deploy Infrastructure-as-a-Service (IaaS) based on OpenStack. See https://help.ubuntu.com/community/UbuntuCloudInfrastructure for further details.
<Adri2000> cfhowlett: is that for me?
<cfhowlett> Adri2000 yes.  sorry but that's all I "know" about cloud
<sarnold> gaughen: looks like https://wiki.ubuntu.com/ServerTeam/CloudArchive could use an update now that 14.04 is released :)
<Adri2000> http://ubuntu-cloud.archive.canonical.com/ubuntu/dists/ only shows precise
<Adri2000> I'd be interested in more recent icehouse packages for trusty
<sarnold> Adri2000: are the icehouse packages that shipped with trusty good enough for intiial testing?
<Adri2000> sarnold: for initial testing maybe, but of course they have bugs and unfortunately some are blockers for me
<Adri2000> like bug #1311047 which makes it impossible for people using horizon in french to launch an instance
<uvirtbot> Launchpad bug 1311047 in horizon/icehouse "Cannot launch instances in French (using the modal)" [High,Fix committed] https://launchpad.net/bugs/1311047
<sarnold> wow htat looks .. ungood.
<Adri2000> sarnold: I thought canonical was doing CI and testing of every openstack commit into ubuntu. aren't those packages available anywhere?
<sarnold> Adri2000: good question.
<sarnold> Adri2000: ooh check this out: https://launchpad.net/~openstack-ubuntu-testing/+archive/icehouse
<sarnold> Adri2000: note that I just found that from google. it looks useful. but I can't make any promises about whatever that might or might not be good for. :)
<Adri2000> sarnold: perfect! well I guess the usual "this is not supported" and everything, but for my need right now (packages with recent bug fixes) it's alright
<Adri2000> I might revert to the regular trusty-updates once the first openstack point release is uploaded there
<Adri2000> thanks
<Tazmain> sarnold can curl remove a file ?
<sarnold> Tazmain: hrm. dunno. you may need a command line ftp client all the same :)
<Tazmain> sarnold okay so if I have my backup.tar how would I in the bash script tell lftp to upload that ?
<sarnold> Tazmain: that's the 'rm' command http://manpages.ubuntu.com/manpages/trusty/en/man1/lftp.1.html
<InFierno> ;join #centos
<Tazmain> sarnold, have a look at this, it keeps telling no such file or directory  *.gz  http://privatepaste.com/1ebcdd774d
<sarnold> Tazmain: 'put' uploads a single file. you've given it a glob to expand, perhaps lftp doesn't do globbing for the 'put' command. it may not do globbing for the 'mput' command either..
<Tazmain> sarnold, Awh I see I think mput wil work having a look now.
<Tazmain> mput works :p
<rob_____2> exit
<rob_____2> :q
<sarnold> rob_____2: /quit  :)
<Tazmain>  hi all how can I make it that cron will run every second day ?
<andol> Tazmain: */2
<mardraum> Tazmain: man 5 crontab
<Tazmain> andol, thank you.
<Tazmain> andol, if I want cron to run at midnight is is 0 0 ?
<Joe_DM> Tazmain 0 0 is midnight, 5 0 is 5 mins after midnight
<Joe_DM> If you have a few jobs to run I'd recommend seperating them by a few minutes to prevent smashing the system all at once.
<Tazmain> Joe_DM, okay cool was just wondering if it maybe took midnight as 24
<Joe_DM> np
<lkonia> you're all idiots
<lkonia> #ubuntu offers more help
<Joe_DM> <lkonia> Whats wrong?
<Joe_DM> #ubuntu is spammed with desktop support
<sarnold> Joe_DM: that's not ikonia, that's mikey, he's an annoying troll.
<sarnold> Joe_DM: it's pointless to try to reason with mikey; the best approach is to quiet or ban him and move on.
<Joe_DM> sarnold: lol, trolls, can't live with em... Can't live with em.
<sarnold> Joe_DM: *nod*
<ikonia> apologies all,
<sarnold> thanks ikonia :)
<cfhowlett> ikonia I wondered - but then I thought "Naw.  COULDN'T be!"
<Joe_DM> ikonia: He's just jelious becasue of your cool i
<ikonia> I doubt that
<ikonia> thank you for the heads up though, normal service can be resumed
<lkonia> I'm just jelious becasue of your i
<leetdood> Is it possible to use a DNSBL with iptables?
<leetdood> someone is attempting to spam my game via proxies (they got mad because they got banned)
<gaughen> thanks sarnold. I had done some updating but missed some of the "next LTSes". Was trying to keep it simple since cloud archive doesn't yet apply to 14.04 since it won't have an archive until Utopic goes out.
<cloudman> is there a way to change server locale without rebooting but keeping current session?
<cloudman> 12.04 & 14.04
<cloudman> difficult one eh :)
<lordievader> cloudman: Sourcing /etc/default/locale sets it for the current session.
<jrwren> leetdood: yes, it is possible, you'd have to script it yourself.
<cloudman> ty
<cloudman> have one for debian
<jrwren> leetdood: a cron job or something that adds iptables rules from a DNSBL zone xfer, if you can zone xfer
<leetdood> thank you
<jrwren> leetdood: also, check out emerging threats rules, they make IP tables scripts for known bad guys
<jrwren> http://rules.emergingthreats.net/
<leetdood> thank you!
<cloudman> anyone care to do the script, will pay
<keithzg_> Hrmmmm, on my work desktop I keep getting kernel panics like https://lh3.googleusercontent.com/-4nMjWeofiio/U4isWvAbYGI/AAAAAAAAFnc/cfmJu5n4Ask/w1375-h774-no/IMG_20140530_100533864.jpg since upgrading to 14.04, even when killing lightdm and just running pure VTs...this last one appeared to happen a few hours after I left work last night.
<keithzg_> Actually, the specific panic/fault seems to vary time to time, and often nothing at all is displayed. Meanwhile I can't seem to prove any hardware issues (memtest checks out fine, smartctl claims the main drive has no complaints, etc)
<semiosis_> hallyn: ping re bug 1297218
<uvirtbot> Launchpad bug 1297218 in libvirt "guest hangs after live migration due to tsc jump" [Low,New] https://launchpad.net/bugs/1297218
<hallyn> semiosis_: yeah, sorry, i don't have any specific info, other than it appears as though io requests may be being lost or something (causing qemu's io threads to hang and eventually become too numerous, outstanding io)
<hallyn> may even only be with o_direct
<hallyn> but it doesn't happen with other backing stores, so i figured i'd mark it against glusterfs.  <shrug>
<semiosis_> hallyn: my hunch is that the vm hangs while gluster does some healing or integrity checking.  i'll try to get the gluster team to take a look.  i'll also update my qemu-glusterfs package for trusty in the ppa (semiosis/ubuntu-qemu-glusterfs) and ask the reporter to try with that instead of a fuse mount
<hallyn> semiosis_: thanks.  (though to be honest the fuse mount with the easy scalability is the most interesting part of gluster to me so i'm hoping if there are any issues there they get worked out)
<hallyn> (of course, the way i'd use it wouldn't be affected by that probably :)
<semiosis_> the qemu-glusterfs integration just skips fuse at the top, replacing it with a C library (libgfapi) linked directly into qemu.  all the scalability & fault tolerance are the same
<toyotapie> Hello, I just installed spamassassin as a pre-queue filter. Postfix sends to port 10025 and spamassassin sends it back on port 10026. How does spamassassin know to send the email to port 10026 and not another port ? Can I change the port being used ?
<xibalba> anyone here use btsync?
<fridaynext> for the mutt users in here, anyone have a notification set up (i.e. notification center on mac) to alert you of new mail?
<ikonia> notification center on mac for mutt? ? but you're asking in #ubuntu-server ?
<pmatulis> yeah, try #mutt on Freenode fridaynext
<jetsaredim> is there a way to get apt-cacher to cache http files that get downloaded within packages?
<jetsaredim> eg: the webupd8 oracle java packages that retrieve the jdk during the package install
<jrwren> jetsaredim: nope
<rberg_> jetsaredim: for that I would use make-jpkg and create a proper java deb
#ubuntu-server 2014-05-31
<zombu2> evening
<pmatulis> evening
<zombu2> netsplit galore
<InFierno> Hi anyoen can give me a hand with what format i use to setup IPAlias in Ubuntu
<InFierno> (server 12.04LTS)
<lordievader> Good morning.
<Pupeno_> How long should ntpd to update the clock?
<joe_dm> hi all
<joe_dm> Whats the best way to make a user with no permissions for use as an SSH tunnel only
<andol> joe_dm: command="/bin/echo Thou shall not pass!",no-pty,no-X11-forwarding,no-agent-forwarding,permitopen="forward_to_ip:foward_to_port" ssh-rsa ...
<joe_dm> andol: Thanks, I ended up giving it rbash
<joe_dm> and added this to bashrc
<joe_dm> [ -t 0 ] && read -p "Press [Enter] to exit..." && exit
<joe_dm> and trap the escape ctrl
<andol> joe_dm: But will .bashrc help you in case someone just does a "ssh servername command" then?
<joe_dm> andol: no, where do I put your stuff into?
<andol> That is authorized_keys entries
<andol> Putting it infront of the key you are using
<andol> joe_dm: Full example at http://paste.ubuntu.com/7558712/
<joe_dm> andol: where is the authorized_keys stored, is it a per user thing in the home directory?
<maxb> By default, though this can be configured otherwise
<andol> The default is ~/.ssh/authorized_keys
<joe_dm> isn't ~ just shortcut for home?
<andol> Yepp
<andol> The config option is AuthorizedKeysFile
<joe_dm> user is ssh-tunnel and i cant find /home/ssh-tunnel/.ssh
<andol> You need to create it yourself if you want it.
<joe_dm> do i need to generate a key too then?
<maxb> Oh, were you trying to set it up using password authentication?
<joe_dm> yeah
<fridaynext> I have a media server with a Celeron G1610 and no video card - would it be pointless to mine bitcoin with it?
<jrwren> yes, very pointless
<joe_dm> very very pointless
<joe_dm> you might get one in a few hundered years
<fridaynext> Gotcha. Definitely will avoid it.
<joe_dm> even with a GPU the ASICs have made them almost pointless
<fridaynext> I want to start using BTC for some transactions, and I figured since I have the media server, why not use it for something else - but I'll leave that 'something else' for non-futile efforts.
<fridaynext> And the ASICs are incredibly expensive.
<joe_dm> I'll leave you to decide that
<fridaynext> well the one's i've looked at are.
<shauno> unless someone else is paying your electricity bill, it doesn't work out anymore.  it's cheaper to buy the btc than to cpu/gpu mine them.
<joe_dm> thats one opinion. I know people who would disagree
<fridaynext> Is there anything useful a G1610 running ubuntu server 12.04 can be doing all day, since I leave it on anyway?
<fridaynext> like should I do folding@home?
<joe_dm> anything you make it do will make it use more electricity, keep that in mind
<fridaynext> Yeah I guess I should just aim to get rid of it completely, and switch to a basic NAS setup, for even lower electricity usage.
<joe_dm> andol: would rbash be enough to secure me from people running commands with ssh?
<andol> joe_dm: I have never looked into rbash myself.
<joe_dm> what about using sudoers to strip all commands?
<joe_dm> or alias all commands to echo "access denied"
<Gallomimia> i'm looking for a bit of help getting a grub script and initrd customized to boot my rather member:strange looking raid setup. the problem i'm having is that i'm booted from ubuntu 14.04 liveCD and can't get the system to boot. how do i make a grub script for the non-live filesystem?
<bekks> Gallomimia: Which RAID level do you try to boot?
<Gallomimia> the raid is a level 5, but boot is on a partition that is not raided. a small slice of the first drive in the raid. if i can swing it i'd like to raid1 that partition to all 3 drives
<bekks> So the short answer is "no raid".
<bekks> And whats the exact issue you have?
<Gallomimia> bekks: i have no bootloader for that install. i need to config grub properly, and get an initrd that will mount assemble the raid, ask for the crypto passphrase, and get lvm going since the rootfs is on that. i actually don't know where to start, and my system is as yet only running in liveCD
<bekks> Then why dont you install grub?
<Gallomimia> did that... it works. boots up to grub. doesn't go any further
<Gallomimia> blank screen. tried nomodeset
<dasjoe> Remove "quiet splash" so it can show any errors
<Gallomimia> ah, a good place to start
<Gallomimia> i can't find any option of quiet splash in the grub config...
<dasjoe> Gallomimia: just edit the kernel command line in grub's boot menu, that should be enough for testing. But what you're looking for is in /etc/default/grub, "GRUB_CMDLINE_LINUX_DEFAULT"
<Gallomimia> dasjoe: why would the files in /etc/default/grub on my liveCD affect my config for main boot? don't i need to run update-grub or something? wouldn't that update the grub config for the liveCD instead?
<dasjoe> Gallomimia: I didn't mean your Live CD environment, sorry for being unclear. I assumed you chrooted into your installation and were looking for some of grub's configuration
<Gallomimia> hmmmmm
<Gallomimia> chroot into my installation. that sounds like a good thing to do
<Gallomimia> maybe i should try that after i reboot and edit the grub menu to try no quiet splash
<Gallomimia> if i chroot into my installation, i can run things like mkinitramfs and grub-mkconfig and update-grub?
<dasjoe> Sure
<Gallomimia> can i also run apt-get install and get packages installed on that installation?
<Gallomimia> it's like a light brighter than a welding arc has come on and overpowered my half dozen candles with focusing mirrors
<joe_dm> how does chroot work for a single user?
<joe_dm> can you chroot just one user so whenever that user logs in they are in like a jail?
<joe_dm> or does chroot apply to everyone?
<Patrickdk> neither
<Patrickdk> you can do whatever you want with chroot, the issue with chroot is, everything must be inside it, all programs, libraries, and crap that user needs
<joe_dm> not for me as I just want the user to be able to open a bash to hold ssh tunnels open via putty
<joe_dm> How do you run chroot for a single user?
<Patrickdk> hmm, heh?
<Patrickdk> you can't run bash in a chroot
<Patrickdk> without first installing every single thing bash depends on inside that chroot first
<joe_dm> ?
<joe_dm> lol
<Patrickdk> chroot cuts that *program* off from the rest of the disk
<Patrickdk> so everything anything you do in the chroot, needs everything to exists in there
<joe_dm> surely there is a standard way to do it or a program that automates it?
<joe_dm> seems like jails would be in demand
<Patrickdk> jails are the same as a chroot
<joe_dm> if not chroot is there a good way to make a jail or sandbox
<Patrickdk> except it also limits program/network/... stacks
<Patrickdk> doing any kind of jail/sandbox will have the same limits
<Patrickdk> do you really expect the jail/sandbox/chroot to go OUTSIDE, to grab things?
<Patrickdk> that would be a huge security issue
<Patrickdk> why you basically need to copy /lib /usr into your chroot
<joe_dm> no, I expect it to never get outside.
<joe_dm> I'll do the googles in the morning. almost 3am here.
<joe_dm> I get what you mean though :)
<[lutchy]> There is Restricted BASH ?
<[lutchy]> If it's just for SSH Tunnel, how about /bin/nologin ?
<bobby_> Hi, I have a question regarding screen savers / powerdown on ubuntu server. I am running several ubuntu servers on laptops. My problems is that after a while the screen goes blank, as in white. How can i turn this feature off ?
<bobby_> tried setterm -blank 0
<bobby_> hope it will work, but i doubt it
<Tohsh> Booting issue with clean install of headless 14.04 server. Will only boot with ânomodesetâ flag on kernel line of boot loader. Verified UUID matches fstab and blkid. Freezes during adding swap. Never had this issue on previous releases. Can anyone advise?
<subman> I'm trying to upgrade my 12.04 LTS server to 14.04 LTS via 'sudo do-release-upgrade', but that returns 'No new release found'.  If I do a 'sudo do-release-upgrade -d', don't that take me to the next development release, 12.10?
<bekks> subman: 12.04 to 14.04 will be available when 14.04.1 is released.
<subman> bekks, thanks!
<bekks> subman: the "next" development release is 14.10
<subman> bekks, right, but from my 12.04 LTS, the 'next' development release seen would be 12.10, no?
<andol> subman: I tried doing do-release-upgrade -d on a 12.04 server, and it wanted to give me 14.04. Might have helped that I had /etc/update-manager/release-upgrades set to include "Prompt=lts".
<subman> andol, Mine is also set to Prompt=lts
<subman> andol, Oh, I see what you are saying now.  With the '-d' option you get 12.04>14.04
<andol> subman: Yepp
<subman> andol, doing it right now, thanks.
<andol> np
<bekks> subman: No. The next development release is 14.10
<bekks> subman: 14.04 is the development release until 14.04.1 is released.
<subman> bekks, Ah, got it.
<subman> This is not a production server anyway, no worries at all here with experimentation.  Gotta learn somehow!
<elliotd123> Is there a way to tell what caused my server (12.04) to shut down? I looked through auth.log and kern.log and can't find anything suspicious.
<elliotd123> It just looks like it shut down gracefully for no apparent reason in the middle of the night last night
<pmatulis> elliotd123: there should be something in the logs.  maybe you had a power problem
<elliotd123> no it's a VM in ESXi, and there's other VMs on the same server that didn't crash
<elliotd123> is there a way to tell what user might have sent an "init 0" signal or the like?
<pmatulis> elliotd123: look for suspicious sudo commands in auth.log .  is there a root password set?
<elliotd123> no there's no root password set, and auth.log shows normal stuff right up until it got powered off - doesn't look like anyone logged in or anything right before hand
<elliotd123> no sudo commands
<hxm> does "PAM service(sshd) ignoring max retries" means someone is brute forcing ssh?
<hxm> or is any kind of script or application trying to login ssh too fast or too many times
<elliotd123> hxm: that could be - but I'm not sure why that would crash the server. Doesn't sshd by default start dropping connections when there's too many?
<hxm> does not crash, im just in a ssh session and I see that message
<elliotd123> oh sorry I thought you were responding ot my question haha
<apb1963> ubuntu 12.04 ... can't get tomahawk to play sound.  It requires vlc backend which I installed... is there something else I need to do?
<DonRichie> My vServer is horribly under capacity. Where can I find some folks who want to have something hosted to get rid of this ressource-wasting
#ubuntu-server 2014-06-01
<InvadeD> how horribly under capacity we talkin?
<h0p> Hello
<h0p> I am following the wiki to set up a headless server
<h0p> But i am having a hard time for  h81 btc to pick ip my r9 290x
<h0p> when i remove the GPU it boots up fine
<h0p> like i get an ouput to the HDMI and screen works etc
<h0p> as soon as the GPU is plugged in i get no signal anymore
<h0p> here is a picture, i think i am messing up the wiring
<h0p> https://i.imgur.com/QR1s2gy.jpg
<zombu2> plug power into the molex and it might be an issue with that 4x port
<zombu2> what happens if you plug the card into the 16x
<zombu2> looks like you building a bitcoin miner lol
<h0p> no its not a miner
<zombu2> plug that card into the 16x and fire it up
<zombu2> no extension cable
<h0p> i don tthink it will fit tho :/
<zombu2> make sure you fill the molex on the board to supply power to the bus
<h0p> i mean the fans spins and all
<zombu2> why wouldn t it
<h0p> but no output
<h0p> dunno
<zombu2> yeah the card might need the 16 to produce video
<h0p> But the problem is i am not using for video
<zombu2> the 4x extensions are used for mining no video needed
<h0p> but when i plug it in it kills the HDMi output on the motherboard
<zombu2> well whatever you use the card for plz just stick it in the 16x port for now to test if it posts
<h0p> and keep the power cables the same?
<zombu2> yeah of course
<h0p> Are they plugged in cirreclty i the pic?
<zombu2> you might be able later on to change the bios setting to post on mainboard video first
<h0p> hmm
<zombu2> as far as i can tell yes
<h0p> i might try and do that first
<zombu2> put power to the boards molex
<zombu2> those cards use a lot of bus power
<h0p> so
<h0p> i plug PSU-MOLEX-CARD with one cable in that order?
<zombu2> ?
<zombu2> just plug in 2 molex into the board where they fit there is 2 places
<zombu2> leave everything same
<h0p> or both for one card?? that cant be right
<zombu2> i would really like to try to post it with the card in the 16x
<h0p> ok ok
<h0p> il get the card in the x16
<h0p> give me  a sec
<zombu2> make sure you plug video in the r9
<zombu2> if it posts put the extension back on the card and plug it into the 16x too and see if that boots then
<zombu2> the only real thing you can do with that card with the 4x extension is mining or boinc
<h0p> fuckin hell
<h0p> it works when in the x16 slot
<zombu2> see
<h0p> does that mean i will only be able to run one of those card then
<h0p> ???? i read everyhere else i could run multilple
<zombu2> put the extension on
<h0p> hence the motherboard
<h0p> Thank you very much btw!
<zombu2> well you reducing the bus
<zombu2> and 1st slot is usually crap
<h0p> meaning?
<zombu2> it means the card is only good for mining or boinc
<zombu2> video will be godawfull slow
<h0p> i have yes
<h0p> yes that oks
<h0p> 1 x PCIe 2.0 x16, 5 x PCIe 2.0 x1
<h0p> Will i be able to stick more of those cards in the x1 slots?
<zombu2> does the card post with the extension in the 16x?
<zombu2> well if it does try it in the 3rd 4x port
<zombu2> and see if it posts
<h0p> i dont know i only have 1 extension and its x16 to x1
<zombu2> well take it from the 16x and plug it into the next slot down and try to post if you see a pic it works
<h0p> ok
<zombu2> you should have gotten a better board that has 4 or 5 16x
<h0p> but if it doesnt work with x1 number one
<h0p> why yould it work in the others
<zombu2> just try it
<h0p> ok
<zombu2> i have seen that many times
<zombu2> hell i got a board where the 1st slot can t even run a nic card
<zombu2> i think it has to do with bus id's
<h0p> amdconfig --adapter=all --initial -f
<zombu2> does the card work in the 3rd slot?
<h0p> shuting down
<zombu2> remember using that cable the card is siriously gimped and not good for pretty much anything
<zombu2> exept for mining and distributed computing
<h0p> nope nothing in that sot
<h0p> slot
<zombu2> yup i figured
<h0p> HDMI is still in the card
<h0p> ugh
<zombu2> do yourself a favor and get a board with more 16 slots
<h0p> fuuuuuck
<h0p> fair enough
<zombu2> lol a 60$ board is a 60$ board
<h0p> hahahah yup
<h0p> any reccomendations?
<zombu2> well evga msi asus or gigabyte
<zombu2> i personally prefer evga and msi
<zombu2> but evewrybodys taste is different
<h0p> ugh
<h0p> aight
<h0p> Well thanks for your help and time
<zombu2> but i tell you right now those boards ain t cheap
<zombu2> yeah np been there done it
<zombu2> you do know that card is a 3.0 card and prolly not compatible with 1x slots
<zombu2> minimum is prolly 4x
<joe_dm> Hey just tuned in, I too thought you could run the card from a x1 port, are you sure its not just a BIOS thing sending video out the mainboard whenever it doesnt detect a card in the x16
<joe_dm> Like if you plug the card into a x1 and connect video to the motherboard can you still use it and see the hardware?
<zombu2> it will prolly not work
<zombu2> minimum requirements for that card is 4x
<zombu2> i looked
<joe_dm> oh I see
<zombu2> 1x will not work
<zombu2> not enough pins
<joe_dm> h0p: Mind if I ask, What do you want the card for?
<h0p> oclhashcat
<joe_dm> Guess that makes sense
<zombu2> heh
<zombu2> well i m using gtx 780's for wifi cracking
<joe_dm> whitehat of corse ;-)
<joe_dm> I used my 680 when it was still latest and greatest
<joe_dm> getting dictionary list is the hard part
<zombu2> heh i use a 680 for physics only
<joe_dm> I should day getting good ones
<joe_dm> I didnt think you could combo a 600 and 700 series together?
<zombu2> yo don t use dictionaries you use rainbow tables
<joe_dm> two different chipsets.
<joe_dm> how can you rainbow table a wifi?
<zombu2> you can t sli em but you can run it for just physics
<joe_dm> I thought rainbow tables were pre-hashed and wifi are all hashed against different things... so no rainbow tables for wifi?
<zombu2> it does work
<zombu2> yo gotta know ssid and make of router
<joe_dm> and make of router?
<joe_dm> are they adding more to the hash than just the SSID now?
<zombu2> https://forums.hak5.org/index.php?/topic/12708-church-of-wifi-wpa-psk-rainbow-tables/
<zombu2> nowadays to crack a wpa2 aes you can use the code vulnerbility
<zombu2> just plain brute force attack
<zombu2> most routers have code numbers on
<zombu2> takes a couple hours and you in
<joe_dm> o.0
<zombu2> you  know what i mean ... the 6 digit code
<joe_dm> how could you get that though without being close enough to plug in?
<zombu2> how do i get what
<joe_dm> the code
<joe_dm> router info, etc
<zombu2> the code is unknown
<zombu2> you can bruteforce it
<zombu2> it s only 6 digits
<zombu2> and brute force atack can be done over wifi
<zombu2> best card for that is alfa
<joe_dm> The result was a set of hash tables of about 8 gig total, comprising 1000 of the most common SSID's, computed for 172,000 dictionary words
<joe_dm> So far that doesnt look like a viable option
<zombu2> it s for wpa psk
<zombu2> wpa2 aes only option is code atack
<joe_dm> I still think for brute force unless the SSID your attacking is in the rainbow table then it's pointless
<zombu2> well yeah
<zombu2> if it s not in the table you have to make a new table wit hthe ssid
<zombu2> either way wpa2 aes only option to break in is brute force on the 6 digit code
<joe_dm> Hey
<joe_dm> How do I set an SSH session to never time out for a user?
<Gallomimia_> joe_dm: sorry i can't remember exact command. keepalive something in /etc/sshd_conf
<joe_dm> Yeah tried that
<joe_dm> still seems to time out
<joe_dm> also i was hoping there was a way to do it for just one user
<therealklanni> Hey, I am getting "Reading package lists... Error!" when running `sudo apt-get update` ... I tried `sudo rm /var/lib/apt/lists/* -vf` but still getting the error, any ideas?
<therealklanni> on precise
<therealklanni> https://gist.github.com/therealklanni/d09678e233b79213f3d9
<therealklanni> And yes, the apt-get update output in that paste does just stop there, no additional information printed out
<cloudman> does 14.04 configure a dhcp ip rather than a static as 12.04 and if so how can I stop it doing so?
<InFierno> Imput the IP address and set it IIRC
<cloudman> I tried altering /etc/network/interfaces but the server will not start after reboot
<cloudman> this new server will not use 12.04 for some reason regarding new hardware which is a shame
<therealklanni> can't find anything on forums or elsewhere to fix my issue :/
<samiux> therealklanni, did you stop the process during the update/upgrade?
<therealklanni> no
<samiux> maybe some respos not working
<therealklanni> It gets the list but when it's read that one after the universe translate-en it throws that error and exits
<samiux> try to change server
<samiux> to other country, such as gb or us
<therealklanni> hmmm, I commented out universe translate-en and no more error
<therealklanni> what does that repo provide? translations? (dumb question)
<samiux> I do not know, may be
<therealklanni> whoa just got an error on apt-get upgrade now
<therealklanni> aha
<therealklanni> OK found out why I was getting these errors
<therealklanni> a runaway process had eaten up the memory
<samiux> why?
<therealklanni> so it was error on memory alloc
<samiux> bug?
<therealklanni> Just apt-get wasn't outputting the erorr
<therealklanni> error
<samiux> what process?
<therealklanni> Killed the proc then uncommented those universe repos and redid it and everything was good
<therealklanni> java :/
<therealklanni> (figures)
<samiux> java application?
<therealklanni> yeah minecraft server
<samiux> or java itself?
<samiux> I see
<samiux> find a bug
<samiux> file a bug*
<therealklanni> for minecraft?
<therealklanni> Or bug for apt-get not throwing error correctly
<therealklanni> ?
<samiux> both
<therealklanni> alright
<InFierno> Anyone know if there is an easy way to sandbox a java application?
<InFierno> Hey anyone mind giving me a hand with IpAliasing?
<kikinovak> Hi. I can't seem to install Dnsmasq on a fresh install of Ubuntu Server 12.04. I get "dnsmasq : Depends: dnsmasq-base (>= 2.59-4) but it is not going to be installed". Any suggestions ?
<InFierno> kikinovak, just run aptitude install dmasq-base dmasq
<kikinovak> InFierno: that doesn't change anything. "Unable to correct problems."
<kikinovak> InFierno: "dnsmasq-base : Breaks: dnsmasq (< 2.59-4ubuntu0) but 2.59-4 is to be installed
<Joe_DM2> Hey All, Does anyone know how I can set a users SSH session to never time out?
<Joe_DM2> When logged in locally it never times out howeven when connected via the internet it times out after like 10 mins.
<ikonia> Joe_DM2: keep_alive
<ikonia> Joe_DM2: it's possible you could be being killed at network device level, eg: switch/router
<Joe_DM2> ikonia: I have already se the universal keep alive, I hadn't though of the router killing my session. Good advice.
<ikonia> Joe_DM2: did you set it on the client or the server
<Joe_DM2> client it putty, not sure where to find it in putty
<Joe_DM2> I set it on the server
<ikonia> ah, so that should do it then
<ikonia> if you're doing it in putty
<ikonia> you know you have to start a new session, that setting doesn't change dynamically (although the docs say it does)
<Joe_DM2> Yeah, It looks like you can set the keep alive in putty
<Joe_DM2> Thanks for the tip. :) will see how it goes.
#ubuntu-server 2015-05-25
<darius93> on a kvm guest, how would i set a specific speed for it without having to manually edit the domain?
<neurotus> morning
<dewdrop> Hi, I am running ubuntu server on virtualbox. I am trying to set a static local IP (using bridged mode). Now when I set the primary network interface in /etc/network/interface(http://paste.ubuntu.com/11343370/) to and restart networking service it still connects to old dhcpd IPon differnt address.
<dewdrop> What might be the issue ^^
<CyborgCygnus> Can you make say School ubuntu setups with roaming accounts like windows has?
<guest0917254124> question: im using sssd to auth against AD
<guest0917254124> only sudo getent passwd shows AD users
<guest0917254124> and id <username> doesnt resolve the group names, just shows IDs
<guest0917254124> do i need to setup full kerberos or something?
#ubuntu-server 2015-05-26
<lordievader> Good morning.
<tekzilla> hi, can someone maybe explain this ? added a new user, adds fine to one group, doesnt add to another group saying "user does not exist"
<tekzilla> http://paste.ubuntu.com/11366958/
<tekzilla> sorry! my bad, just a typo.. getting some coffee
<QGuLL_> hi, i'm on ubuntu-server 12.04 lts and trying to configure quota (for disks), but neither libquota-perl or quotatool works. edquota work though, but i'd like to script this setting
<QGuLL_> all i got with quotatool is Â«quotatool: Error while detecting kernel quota version: No such file or directoryÂ», whereas modules are loaded, filesystem is mounted with usrquota, and quota is on
<QGuLL_> and my kernel is an ubuntu one, which has been configured before compilation to handle quota
<wizzkidd> hi all, im trying to create a self signed certificate with the CA flag set to true - any help out there? i'd like to create my own ssl cert for for a webservice in ubuntu (which I already know how,but not the CA flag part).  im not bothered about the browser, as i know i have to trust the site on the client end.  Im just focusing on the server cert/
<pmatulis> wizzkidd: what's the problem?
<wizzkidd> pmatulis: i would like to create a cert that has CA=TRUE
<pmatulis> wizzkidd: try https://help.ubuntu.com/lts/serverguide/certificates-and-security.html and report any problems you may encounter
<wizzkidd> pmatulis: thanks, i'll give that a go
<QGuLL_> pmatulis: how about my problem with quota ?
<pmatulis> QGuLL_: i don't think you need to compile your kernel
<QGuLL_> i don't have to, indeed, mine (the ubuntu one) has quota options
<QGuLL_> in fact, quota works, but i can only modify with edquota (manualy with an editor), not quotatools or libquota-perl
<pmatulis> QGuLL_: dunno then sorry
<wizzkidd> pmatulis: thanks, that helped a lot, I have now created a signed certificate "myserver.crt" and I have the corrosponding "myserver.pem" file too.  But where is the "server.key" file?
<pmatulis> wizzkidd: in your working directory
<pmatulis> openssl genrsa -des3 -out server.key 2048
<wizzkidd> pmatulis: ah yes, i used it earlier
<zotta> is it possible to install/use use a different gcc version on ubuntu 14 lts?
<Kully3xf> hola - does ubuntu run bash in ram?
<Kully3xf> I want to run a script that will delete itself and then shutdown the server
<Kully3xf> If it runs it in ram
<Kully3xf> I should be able to rm the file then order the shutdown
<Kully3xf> yes?
<lordievader> The Linux kernel is quite nice with deleting files that are in use. Since it creates a link to the inode somewhere in /proc
<lordievader> Thus you can have executables, run it, and then delete the executable. The executable looks gone, but it is still on the disk.
<Kully3xf> cool. That's perfect
<Kully3xf> thanls
<Kully3xf> thanks*
<Walex> lordievader: that's not quite how it happens. It is impossible to delete files in UNIX/Linux.
<lordievader> That was my understanding anyhow.
<wizzkidd> is it possible to create more than 1 symbolic link to a single file?
<lordievader> wizzkidd: Symlinks? Sure.
<wizzkidd> lordievader: thx
<Smaug> hey all, after making changes to /etc/environment, is there a way to apply this to all sessions and users without a restart?
<pmatulis> Smaug: each user should source the file
<Smaug> pmatulis: i want to make the new environment variables available to a service.  would i just source it as root user?  doesn't sourcing it only make it available for that session?
<sarnold> s/session/process/
<sarnold> the feature you want does not exist in unix
<Smaug> thanks sarnold, re terminology
<sarnold> every process that you want to have the new values needs to do something to get those new values; that's sourcing them in shells, that's explicit calls to setenv(3) in nearly everything else.
<Smaug> sarnold: should i add to my service that it sources /etc/environment before running other commands?  is that a reasonable approach?
<Smaug> it's a service i wrote
<sarnold> Smaug: I don't like that approach much; I think of /etc/environment as something for people, a nice service froma friendly administrator; services should take care of their own environment in their own way, either via an /etc/default/ file or their inistscripts or something else similar.
<Smaug> ok, and if it were to be done from an initscript that would using setenv?
<sarnold> Smaug: best is to use 'env' and 'export' commands from upstart: http://upstart.ubuntu.com/cookbook/#export
<Smaug> thank you
<Smaug> i'll look into
<Smaug> also, using /etc/default -- i am not familiar with that approach, do you have a resource for that as relates to init scripts?
<Smaug> do i just put a settings file in /etc/default with the same name as my service?
<sarnold> Smaug: then you also make sure your service startup sources the file in there..
<sarnold> Smaug: see e.g. /etc/init/cups.conf
<Smaug> sarnold: my ubuntu doesn't have /etc/init/cups.conf
<sarnold> Smaug: dang, I though that one was a sure hit :) also check for /etc/init/libvirt-bin.conf /etc/init/rpcbind.conf /etc/init/mountall.conf
<Smaug> yeah i have rpcbind.conf and mountall.conf
<Smaug> thank you sarnold i'll check it out :)
<Walex> Smaug: the "same name as my service" in '/etc/default' is just a convention.
<Walex> Smaug: Debian an Ubuntu packagers seem to dislike consistencym, so often the name of the package, of the daemon, of the various configuration directories, of the service are all slightly different.
<DonRichie> I am currently reading the file hierarchy standard. I do not understand the term "local". What are local files which are stored in /usr/local?
<genii> DonRichie: For instance, binaries you compiled yourself would go in /usr/local/bin
<DonRichie> Okay, Thank you for your answer. Your answer and some google results lead me to the following opinion:
<DonRichie> - /usr is for files installed by the package manager,
<DonRichie> - /usr/local is for files compiled by myself which rely on other /usr content (or sometimes do not) and need to be out of scope of the package manager
<DonRichie> - /opt is for programs which are usually completely separated of the hierarchy and provide their own.  They also are more likely to bring their own libraries
<histo> DonRichie: local to that system
#ubuntu-server 2015-05-27
<squisher> rbasak, jamespage: I pushed some more changes to bcache-tools, and I think it's ready for a release. It should be all prepped, but it's not tagged yet (waiting for feedback from you guys first)
<DonRichie> Can somebody give me a link to a tutorial how to make an ubuntu guest ready for a virtio network adapter? Googling confuses me at the moment since the tutorials I find refer to the configuration on the kvm host itself
<DonRichie> Am I done by installing libvirt-bin and then enabling virtio for the adapter on the KVM Host system?
<rbasak> squisher: OK, I'll take a look.
<lordievader> Goodmorning.
<pvlos> hello guys, I read that a backport for apache may be released for <apache2.4 versions regarding the logjam attack
<pvlos> is there any ETA for the packages?
<pvlos> I am using 12.04
<bekks> pvlos: Which CVE is it?
<pvlos> bekks: http://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-4000.html
<bekks> Well, 2.2 is currently in needs-triage. So no need to backport 2.4
<bekks> The link can be found in your link :)
<pvlos> bekks: I know but the 'needs-triage' may stay forever
<bekks> As for every bug. There is no guarantee that a bug will be fixed.
<pvlos> bekks: the bug is critical though
<pvlos> is there any way to fix the issue withou the backports?
<pvlos> without^
<bekks> Which makes it very likely that it will be fixed, but still no guarantee
<pvlos> i see
<bekks> And since 12.04 (and 2.2 with it) are supported until 2017, it is not likely that a backport isneeded. Instead, 2.2 will be fixed.
<lukasa_> Hey all: does the cloud archive repository lag behind the cloud-archive staging PPA?
<lukasa_> Because the cloud archive Kilo staging PPA contains a fix for libvirt that does not appear to have made it to the package source that is added by apt-add-repository cloud-archive:kilo
<jamespage> lukasa_, it will get there - the staging PPA is a holding area for entry in the stable update process
<jamespage> lukasa_, those updates are in proposed - http://reqorts.qa.ubuntu.com/reports/ubuntu-server/cloud-archive/kilo_versions.html
<jamespage> just pending some testing
<lukasa_> jamespage: ah great, thanks
<lukasa_> Out of interest, do you know what the timeline usually is?
<jamespage> lukasa_, normally minimum of a week
<jamespage> lukasa_, those ones colided with last weeks summit - apologies
<lukasa_> jamespage: No worries, it happens. =) Just wanted to make sure I understood what was happening. For testing we can temporarily use the kilo-staging PPA. =)
<jamespage> lukasa_, use the proposed pocket
<jamespage> add-apt-repository cloud-archive:kilo-proposed
<lukasa_> Ah, much better idea, thanks!
<jamespage> lukasa_, that way you will use exactly the same binary as we release to updates
<jamespage> lukasa_, i've just kicked off the testing - if that succeeds, I'll push through today
<jamespage> mean't to be taking two days off :-)
<lukasa_> That's extremely kind of you jamespage, thanks so much. =)
<jamespage> lukasa_, no problemo
<lukasa_> In return, I promise to ask you no further questions for a week or so
<lukasa_> (If only because I'm on holiday myself. ;) )
<jamespage> lukasa_, well until monday nayway
<turambar> hi, any experts on pxeboot here? :)
<turambar> i want to know if it is possible to provide a kickstart file on the server that provides the netboot infrastracture via its local filesystem instead of an url
<rbasak> How would a booting machine get to the local filesystem on the boot server?
<Ameurux> the question is not clear
<aryklein> is there any good reason why ubuntu cloud image comes with grub-legacy instead of grub2?
<aryklein> is there any good reason why ubuntu cloud image comes with grub-legacy instead of grub2?
<genii> aryklein: Ask whoever provided the images, Like Amazon or whoever it is
<aryklein> genii: I got it from https://cloud-images.ubuntu.com/
<aryklein> genii: so this is the reason why I'm asking it here
<genii> aryklein: From what I can find, it's due to an issue between Xen Hypervisor and Grub2
<aryklein> genii: ah ok. Thanks for the info
<gartral> hey all, I'm working colaboratevly on a server backend with someone and I've been wondering; is it possible to share a proccess, or control there of, to a group of people like you can files?
<sarnold> gartral: shared tmux or screen sessions
<sarnold> gartral: it's perhaps not as easy/transparent as sharing files, but it works well enough
<baggar11> When did linux-generic-lts-vivid drop?
<baggar11> Am I seeing it right, that it dropped on the 21st?
<baggar11> for 14.04...
<sarnold> looks like the 20th to me https://launchpad.net/ubuntu/+source/linux-meta-lts-vivid
<baggar11> sarnold: thanks, wasn't sure if it was the proposed date or the updates date on the 21st
<sarnold> the "full publishing log" shows 2015-05-20 17:13:35 PDT -- presumably it'll localiz e to your timezone if you visit https://launchpad.net/ubuntu/+source/linux-meta-lts-vivid/+publishinghistory
<broder> is it possible to access a copy of the archive in s3? we were hoping to point some of our servers at one of the new in-vpc s3 endpoints
<broder> (i see $region.ec2.archive.ubuntu.com, but it looks like that points at ec2 instances)
<sarnold> broder: I suggest checking in #ubuntu-mirrors -- I know some of the aws mirrors were on s3, but there were reliability issues, I don't know if they have been addressed or replaced with ec2 instances..
<broder> ah, cool. will do - thanks!
<sarnold> it seems like it's been a while since I've heard reliability complaints there.. hehe
<broder> i've been trying to piece together what happened from email archives. it looks like it was originally s3, but i suspect they moved to ec2 because something something snapshot consistency
<tyler_wy1ie> o/ has anyone here who's used fai configured their grub? i'm running into some snags trying to fix it
<gartral> sarnold: the issue with shared tmux/screen is that it's a huuuge security hole... I don't want the other members to run programs as the dedicated user..
<gartral> sarnold: if I wanted to do what you were suggesting I would have just given them an SSH key for the user
<gartral> also I have an edge-case issue that I'm unsure how to reslove.. I have a code base that I need to import from a *VERY* old backup, we're talking 5-1/2 inch floppies, I happen to HAVE a 5-1/2 inch floppy drive so that's not a problem... the problem is there's hundreds of files and they're all upper-case, how can I squash-case them without doing it file by file, by hand?
 * gartral makes a mental note that he should have used better punctuation there...
<sarnold> gartral: try mount(8) option shortname=lower
<gartral> sarnold: already tried, i got no data transfered
<sarnold> oh :(
<jdstrand> sarnold: that is an interesting idea. I would going to suggest rename(1p)
<jdstrand> s/would/was/
<sarnold> gartral: you can probably also configure sudo to let your pals run a few specific commands as a specific user..
<gartral> sarnold: I have them safely on the HDD, I just want a move command that'll squash-case
<sarnold> jdstrand: heh, that was goiong to be my suggestion if the mount option didn't work :)
<jdstrand> :)
<gartral> oh dear god this is going to be fun compiling later, it's partially written in f***ing LISP
<gartral> can GCC even handle in-line lisp? >.<
<sarnold> you may have better success getting emacs to do C :)
 * sarnold runs
<gartral> LOL
<gartral> o.o ok, never mind... whoever wrote this was a bloody genius... there's a LISP parser, written in C, in the code to handle the Lisp in-line... I now feel wholy under-qualified to even touch these disks
<gartral> an-e-way how would I go abuot squash-casing these?
<jrwren> is it gnu common lisp?
<tonyyarusso> gartral: What was wrong with the rename suggestion?
 * genii ponders rename 'y/a-z/A-Z/' 
<inno> hello, i maintain an ubuntu vps for my blog, which i command from a mac via ssh
<inno> i'd like to backup and move my production site to my local mac, make changes and then upload back to production the changes
<inno> i'm trying to setup an rsync deal, but was wondering if that's the way to go, or should i use scp
<inno> or... ?
<inno> i'm kinda new to all of this
<sarnold> rsync is awesome, definitely beats scp individual files or re-copying everything needlessly
<sarnold> no need to run an rsync daemon though, just rsync -e ssh ... is sufficient
<sarnold> (and probably the -e ssh isn't even needed these days)
<sarnold> consider also using git; a local and remote repository, so you can just pull changes when you make them; thishas proven popular on e.g. heroku
<inno> yeah, i'm looking at git as well for this and currently have the site dir as a git repo as well
<inno> i'm using ghost for the blog and it requires turning off the ghost service before doing anything with the database, so i'm not sure yet how to handle that
<inno> with the git solution
<inno> with the rsync one, i wrote a script i run on my mac that ssh's into the vps, stops the service, rsyncs everything, and then starts the service again
<inno> i modified the sudo config so that a password isn't required over ssh when starting and stopping the service for my user
<inno> is this the right approach?
<inno> and should I set a delay after the call to stop the service to make sure it stops before running the rsync command (the next line in the script)?
<sarnold> it's probably fine if it's a single-purpose system
<sarnold> please promise me you're using ssh keys rather than passwords though :)
<sarnold> there may be a way to use e.g. status <foo> to find out if the service is still running or not
<inno> haha, i am using ssh keys to connect, although it used to ask me for passwords for sudo commands until i made that change
<inno> is there something else i need to do?
<inno> ah, that would be awesome to check for the service status and then run the rsync
<harushimo> Can I install maas on a VM?
<harushimo> I've been doing that last couple times
<sarnold> hey harushimo :) I thuoght of you when this got pasted around the other day: http://www.ubuntu.com/download/cloud/install-ubuntu-openstack
<harushimo> I did
<harushimo> I couldn't get passed step 3
<harushimo> I needed to redo my VMs again
<harushimo> hehe
<harushimo> its an experiment
<sarnold> d'oh :)
<speedy> hi
<harushimo> sarnold: any tips?
<sarnold> harushimo: you should be able to do maas in a vm, though that does mean your VM needs to be configured properly to allow the vm guest to do all the raw networking it wants to
<sarnold> so it can't do NAT and that kind of stuff around the vm
<harushimo> sarnold: I've  been following http://marcoceppi.com/2012/05/juju-maas-virtualbox/
<marcoceppi> harushimo: that guide is pretty out of date now
<harushimo> marcoceppi: any tips
<marcoceppi> harushimo: it's much better to use libvirt and qemu since MAAS can actually use that as a power type
<harushimo> marcoceppi: do you have some instructions on that
<marcoceppi> harushimo: not really, there are some on the MAAS website but they are kind of incomplete. I can do a blog post tonight if you'd like about it
<harushimo> marcoceppi: that would be great
<harushimo> marcoceppi: I can't get pass step 3 on that documentation
<harushimo> marcoceppi: I've been trying to install openstack so I can install cloud foundry
<marcoceppi> harushimo: well you're going to want something more than VMs
<harushimo> marcoceppi: oh really?
<marcoceppi> harushimo: yeah, I mean eventually
<harushimo> marcoceppi: I agree..sorry this for my dev purposes
<harushimo> marcoceppi: I would need more than VMs
<marcoceppi> harushimo: how are you deploying cloud foundry?
<harushimo> marcoceppi: It will be done through openstack
<harushimo> marcoceppi: I need to install hypervisor which is openstack and I install over that
<marcoceppi> Right right, no worries. Okay, I need to fix my MAAS machine but once that's sorted I'll start on the blog post/video
<harushimo> marcoceppi: thank you so much
<harushimo> marcoceppi: companies are going this route. I want to be learn the technology and sell myself too
<harushimo> marcoceppi: I'll continue to experiment
#ubuntu-server 2015-05-28
<lordievader> Good morning.
<hojgaard_> test
<hojgaard_> test
<lordievader> !test | hojgaard_
<ubottu> hojgaard_: Testing... Testing... 1. 2.. 3... ( by the way, remember that you can use /join #test )
<hojgaard_> sorry, i have joined test
<lordievader> ;)
<kickinz1>  /msg NickServ identify MokiTokiTori!33
<histo> kickinz1: nice
<histo> kickinz1: you may want to change your password
<kickinz1> histo, yes, a wonderfull one, I'm already doing so...
<histo> kickinz1: that one was too hard to type anyways
<rbasak> You can send username:password as the server password on Freenode. Then it automatically authenticates against nickserv for you.
<rbasak> So I never have to type it by hand.
<rbasak> (also I have SSL enabled)
<freeflying> is docker.io built with gccgo or go in trusty?
<gcivitella> Hi all, I'd like to ask some questions about LXD. Is this the rigth channel to ask?
<pmatulis> gcivitella: you can try. see also #lxcontainers
<gcivitella> pmatulis: ok, thanks
<caribou> smoser: where can I look for maas's curtin script customization, most particularly on how to partition disks ?
<strikov> caribou: http://paste.ubuntu.com/10939715/
<strikov> caribou: it's not final but may give you some ideas
<caribou> strikov: kool, thanks a lot !
<smoser> strikov, i dont know what that is what caribou was looking for
<smoser> caribou, what strikov pointed at is the declaritive format that maas will (in the future) specify to curtin to describe desired layout
<caribou> smoser: so this is not what to feed curtin in order to get a specific disk partitioning ?
<caribou> maybe I should explain what I'm trying to achieve :
<caribou> I want to replace d-i preseed syntax used by maas's debian installer by its curtin equivalent
<caribou> so the fast installer can be used & do specific disk partitioning
<strikov> caribou, smoser: Ah, I could create a confusion, sorry. Right now curtin doesn't support partition layout specification. It will be supported in the future (format I sent is an example).
<caribou> strikov: ok; good to know
<ws2k3> does ubuntu have special images for ubuntu cloud?
<caribou>  strikov so you mean that curtin does not support disk partitioning, or not support using this layout ?
<andy___> Hi there!
<smoser> caribou, right now, curtin is just very stupid in its partitioning.
<andy___> I am having trouble with my Ubuntu Server 14.04 LTS, where I am trying to setup an AD domain controller, but when I try to use the smbtree command to resolve my domain controller, it does not show up.
<smoser> it has a 'builtin' partitioning that is 'curtin block-meta simple'
<smoser> that basically says "pick what you thnk is the first disk and put something on it"
<smoser> and also supports gpt and separate boot partition
<smoser> but thats really it.
<smoser> you can give curtin config that will override that default to run whatever commans you want.
<smoser> and at the end of those commands, you should have the target filesystem mounted.
<smoser> its not well defined really.
<caribou> smoser: indeed, I saw some mention of something similar
<caribou> smoser: http://bazaar.launchpad.net/~curtin-dev/curtin/trunk/view/head:/doc/topics/overview.rst#L39
<smoser> so when your command is done, the target needs to be mounted at TARGET_MOUNT_POINT
<smoser> and you should have populated a fstab style format in OUTPUT_FSTAB
<smoser> (environment variables with full paths to output file)
<andy___> I am having trouble with my Ubuntu Server 14.04 LTS, where I am trying to setup an AD domain controller, but when I try to use the smbtree command to resolve my domain controller, it does not show up.
<jetsaredim> is there any way to setup apt-cacher to cache things other than apt-related files?
<jetsaredim> specifically, I always have to turn off the apt-proxy setting when I update oracle-java* due to it needing to download a tar.gz file directly as part of installation
<andy___> I am having trouble with my Ubuntu Server 14.04 LTS, where I am trying to setup an AD domain controller, but when I try to use the smbtree command to resolve my domain controller, it does not show up.
<_andy_> Hi there! I am having problems with resolving DNS on my Ubuntu Server AD domain controller.
<speedy__> hi
<med_> zul, jamespage Kilo requires (or at least provides) newer QEMU. Do we need to upgrade qemu when we upgrade our compute nodes to Kilo. We're trying to do a minimal kilo upgrade via UCA from Juno UCA.
<med_> is gate testing now only wiht a new QEMU?
 * med_ wouldn't be surprised it there are pkg deps on new nova-compute to new qemu
<jamespage> med_, minimal upgrades are not really supported - we only testing kilo with the qemu and libvirt in the same pocket of the cloud archive
<med_> nod
<med_> so you've tested j->k in UCA and t-updates->qemu to uca_kilo->qemu
<med_> in a running cloud... :^)
<speedy__> what are the most used install commands?
<zul> med_,  yes should work
<med_> thanks Chuck.
<blaaa> How do I run a serial console with hardware flow control?
<blaaa> done
<sarnold> what was it?
<blaaa> at least I believe so, using 'console=ttyS0,115200n8r' on the kernel command line, but I still have to check...
<sarnold> aha :)
<sarnold> thanks
<Teduardo> does anybody in here have servers using the i40e driver that are stable long term?
<Teduardo> im having nightmarish problems on 14.04
<gQuigs> I'm trying to determine if there was a specific reason keepalived hasn't been merged from debian since saucy
<gQuigs> it's on 1:1.2.7-1ubuntu1 for 14.04 -> 15.10, and on debian, 1:1.2.13-1 for jessie was released May 2014
<_andy_> Hi there! I am having trouble setting up an AD domain controller. It is not showing up in the smbtree command.
<teward> gQuigs: the ubuntu delta, perhaps?
<teward> gQuigs: i.e. "Does the delta still need to exist, and if it does then merge, not sync."
<gQuigs> teward: yea, that's all I've found so far... afaict it's not that substantial of a delta, so I'm hoping to find another answer for customer
<gQuigs> but if that's it, that's it :)
<teward> gQuigs: poweruser it - use a ppa
<OliPicard> Hello! Quick question about logjam if anyone can spare a couple of minutes.
<OliPicard> I'm attempting to protect my server from logjam, noticed that you have to generate a new key
<OliPicard> was wondering, do you need to re-generate the certs at the same time?
<teward> OliPicard: i'm not sure the certificates themselves need regenerated, no.
<teward> don't quote me on it, but i don't think the certificates need regenerated anywhere in there, based on what I have found so far on logjam
<teward> (moreso the ciphers need to be done, the dhparams need regenerated, etc.)
<baggar11> Anyone know if 12.04 will get the lts-vivid kernel backport?
<sarnold> baggar11: I think once 14.04 LTS was released, that was going to be the last HWE kernel for 12.04 LTS
<sarnold> leaving users two choices, either use the original 12.04 stack or use the newer 14.04 stack
<baggar11> ah, that makes sense
<sarnold> and I believe same will happen for 14.04, once 16.04 is out, that'll be the last hwe stack for 14.04
<baggar11> yeah, I'm mostly staging my upgrades now, just curious how many kernel backports an older supported LTS release got
<baggar11> thanks
#ubuntu-server 2015-05-29
<moloney> My fresh ubuntu server (14.04.2) install is completely borked. RAID for the root filesystem won't come up and I have no keyboard support. I am pretty sure I need to install linux-image-extra to solve these problems. I tried doing that at the end of the install using the "select additional packages" option but I end getting a kernel panic.  Is rescue mode my only option?
<moloney> When I briefly tried rescue mode I had no DNS setup, and trying to manually configure it was giving all sorts of errors about directories/files not existing.  I guess this is due to the fact that the system was never successfully booted
<lordievader> Good morning.
<Walex> moloney: live CD...
<greylurk> I've got an ancient hardy server that just started throwing errors about invalid SSL certs.  Any thoughts on how to update the ssl?
<greylurk> I think it's the root CA certs that have aged out.
<greylurk> (for various legacy application reasons, upgrading to non-eol server is not an option)
<OpenTokix> greylurk: Upgrade the server, run your legacy shit in docker containers - and dont run outdated servers.
<greylurk> THere's no Hardy docker containers.
<OpenTokix> Make one
<greylurk> Wouldn't that have invalid SSL certs too?
<OpenTokix> You do a reverse proxy for the ssl-termination on something more modern
<greylurk> Ok, so I'll petition management for budget for a 2 week project to migrate the entire architecture.  Any thoughts on how to get my server up and running in the next few hours?
<OpenTokix> greylurk: A start is probably to paste the exact error message somewhere and not a generic "ssl error" - and good luck
<greylurk> https://gist.github.com/greylurk/f6c4c0c65f3d229ba526
<greylurk> Actually, wait, never mind.
<greylurk> Crap, that's an outdated akismet code.
<greylurk> Sorry to have bugged you.
<gQuigs> looking at doing a sync request, but I can't figure out why there are these two changes there;   why don't we have services stop at runlevels 0 and 6?
<gQuigs> (both libsnmp30 and keepalived have this as one of a very few changes)
<gQuigs> something about upstart maybe?
<vivek_> hello i am testing the openstack deployment using the openstack autopilot installer, However it fails due to landscape deployment timeout exceeded more than 45 minutes, is there any workaround.if i could increase the time out?
<vivek_> hello i am testing the openstack deployment using the openstack autopilot installer, However it fails due to landscape deployment timeout exceeded more than 45 minutes, is there any workaround.if i could increase the time out?
<rbasak> vivek_: if you don't get an answer here, try askubuntu.com.
<rbasak> vivek_: and I'll see if someone from the autopilot team can look at it.
<vivek_> rbasak: thanks
<vivek_> i did ask at askubuntu.com
<teward> vivek_: also crossposting your question across multiple channels is frowned upon
<teward> is there any way to configure SSH to permit root login only from certain IP ranges?
<teward> or is it Enabled, Enabled with No Password (key auth for example), or Deny
<teward> and that's it
<cryptodan_laptop> why do you want that
<jrwren> why would you want that?
<jrwren> I think the answer is "No." and the extended answer is, "because that is a bad idea."
<cryptodan_laptop> ^^
<shauno> you can, by abusing AllowUsers (eg, allow tom dick harry root@10.0.0.10).  there isn't really a sensible way to do it because it's not a sensible thing to do
<teward> shauno: internal server, need to allow 'root' login from one specific system to sftp files up to it (packages that were built in house separately)
<shauno> (but you need to specify every user that way)
<teward> not my fault the system's set up weirdly.  guess i'll just do without-password and use key auth
<shauno> keys are almost always the right answer :) trusting internal ranges means that if some backwater box that no-one cares about is compromised, it all falls
<cryptodan_laptop> teward: change the policy
<teward> shauno: problem is everything's static'd at the network xD  Irrelevant, though, I just don't want the extra work of setting up pageant (putty ssh agent) on the windows systems I'm stuck sshing with :/
 * teward grumbles about the OS in use at the workplace
<cryptodan_laptop> and why is sftp using root to transfer files
<dasjoe> teward: look into ansible, maybe?
<teward> cryptodan_laptop: a .deb needs to be pushed to the server.  nothing up to do it
<teward> dasjoe: not a frequent thing, a short-term problem. but meh
<teward> i'll just upload ssh keys
<jrwren> i was going to suggest using direvent/dircond to watch for non-root upload and respond to event, but its not packaged and my head exploded
<teward> jrwren: heh
<teward> jrwren: i'd rather put a small VM up and put reprepro on it just to serve the .debs but meh
<teward> same probl3em
<teward> and wow I can't type today
<jrwren> teward: yes. reprepro is very nice. I'd do that too.
<jrwren> teward: can do all that without root ;)
<IronDev> How do I login to an active session in ubuntu
<IronDev> server 15.04
<sarnold> what is an "active session"? what does it mean to "login" to one?
<cryptodan_laptop> teward: the sftp can be run as a normal user to push the .deb to the server then maybe setup a cronjob to run the dpkg -i command on *.deb as root.
<IronDev> sarnold Ok lets say root is on tty1 and I need to connect to it to run commands on a program
<sarnold> IronDev: aha! :) the easy way is to start the program in tmux or screen, so you can re-attach to it from another location later
<IronDev> sarnold Ya but the program uses ip binding
<IronDev> sarnold And I cant force it to stop or the server goes corrupt
<sarnold> IronDev: what's that?
<IronDev> sarnold PocketMine
<sarnold> IronDev: next time you need to restart the server, run tmux, then run the server in the shell that tmux starts
<sarnold> IronDev: then you can use "tmux attach" later on to re-attach that shell
<dasjoe> IronDev: sarnold: reptyr may help
<dasjoe> *may*
<sarnold> dasjoe: I've always been worried by such programs; that's so far outside the way things normally work that I suspect it'd be a failure for anything really important :)
<dasjoe> sarnold: I learned to stop worrying and love the magic ;)
<sarnold> dasjoe: ha! :)
<Patrickdk> I just never bother with anything
<Patrickdk> never login to an *active session*, never use screen, never use tmux
<Patrickdk> if something is so broken I would need to do this, it's not worth using
<dasjoe> Patrickdk: tmux is very nice, I just wish it could save window configurations
<dasjoe> I recently ran 63 instances of badblocks via tmux, 9 per window. I don't think I would've stayed sane with screen or running them sequentially
<Patrickdk> oh, I just run them in 63 different ssh windows :)
<sarnold> hahaha
<Patrickdk> damn, I'm low currently :(
<Patrickdk> only 83 ssh sessions open
<dasjoe> I'd like to build a container (docker? lxc?) for an application that runs in wine, so I need X. Any suggestions?
<Patrickdk> should be simple
<Patrickdk> don't need X
<Patrickdk> just use x forwarding, or remote display
<Patrickdk> x was designed for this :)
<Patrickdk> but if you want it local only, different issue
<Patrickdk> xvnc?
<dasjoe> It should be local only, yeah.
<dasjoe> x11vnc + xvfb seem to be the way to go
#ubuntu-server 2015-05-30
<neurotus> how to check what needs system apps needs system reboot ?
<neurotus> -needs
<cryptodan> neurotus: usually only kernel updates need rebooting
<sarnold> neurotus: investigate this http://www.lowendguide.com/3/security/checkrestart-is-your-debian-secure-after-an-update/
<lordievader> Good morning.
#ubuntu-server 2015-05-31
<DonRichie> where are systemd's journal logs stored? In /run/systemd/journal there is nothing which looks like data files and /var/log/journal/ does not exist
<DonRichie> I think i found the logs via "lsof | grep journal" :) The seem to be located at /run/log/journal
<DonRichie> Can somebody tell me why Ubuntu 15.04s default behavior is to save the systemds journal logfiles not reboot safe?
<lordievader> Good afternoon.
<histo> hola
<lordievader> Hey histo
<histo> lordievader: hello
<Onepamopa> guys, need some help
<lordievader> Onepamopa: Please ask your questions.
<Onepamopa> installex xfce4 (all packages), however, startxfce4 returns: "X: exec of /usr/bin/Xorg failed" "xinit: giving up" "xinit: unable to connect to X server: Connection refused"
<Onepamopa> any ideas ?
<lordievader> Onepamopa: Not really server related (more Xubuntu related), but have you installed an X server?
<Onepamopa> Im not sure it's xubuntu related, Im using this on a dedicated server running Ubuntu Server 14.10
<Onepamopa> xserver-xorg is already the newest version.
<lordievader> Onepamopa: Not many people run X on their servers ;)
<Onepamopa> well, I need to run a java profiler on it so ... no choice
<Onepamopa> that means gui + vnc
<Onepamopa> I chose xfce4 since it's lightweight
<lordievader> Ugh, vnc.
<Onepamopa> yeah yeah ...
<lordievader> Anyhow, does /usr/bin/X exist?
<Onepamopa> can I paste ?
<lordievader> Paste what? This was just a yes or no question.
<Onepamopa> # stat /usr/bin/X
<Onepamopa>   File: â/usr/bin/Xâ
<Onepamopa>   Size: 10192           Blocks: 24         IO Block: 4096   regular file
<Onepamopa> Device: 902h/2306d      Inode: 12133       Links: 1
<Onepamopa> Access: (6755/-rwsr-sr-x)  Uid: (    0/    root)   Gid: (    0/    root)
<lordievader> !paste | Onepamopa
<ubottu> Onepamopa: For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imgur.com/ !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<Onepamopa> right, next time :)
<lordievader> I take that as a yes ;)
<lordievader> Edit your ~/.xinitrc to start xfce and run 'startx' as a user.
<Onepamopa> no .xinitrc file present at all
<lordievader> Onepamopa: Edit/create, whatever ;)
<gartral|2> hey all, got a bit of a pickle here, I have a server that's running 13.10.. I really want to upgrade it... how do I do this?
<gartral|2> >.>
<maxb> that sounds just business-as-usual, not a pickle?
<maxb> Oh, *13*.10
<maxb> https://help.ubuntu.com/community/EOLUpgrades/ seems relevant but somewhat dated
<maxb> The core fact you'll need is that there exists http://old-releases.ubuntu.com/ubuntu/
<gartral|2> ok, so add that to my sources and go from there?
<maxb> I'd probably start by changing sources.list to point there, and then seeing if the normal upgrade procedure works
<gartral|2> ok, so next stupid question... should I comment out the existing entries?
<gartral|2> maxb: ^^^
<maxb> An interesting question, and I'm not sure how the upgrader is going to respond, given that your upgrade target is *not* on old-releases since it's still supported
<maxb> I'd give it a go with _just_ http://old-releases.ubuntu.com/ubuntu/ lines active in sources.list, and see if the upgrader is smart enough to move you back to a normal mirror during the upgrade
<gartral|2> well.. I can try both ways... I have a good backup so I'm not going to be *too* mad if it goes belly-up\
<maxb> If it is not, the worst it's going to do is fail early before changing anything of significance, and roll-back sources.list
<gartral|2> hrrm..
<gartral|2> Seveas over in #ubuntu gave me a good alternative.. change all the sources to the target and do the updates/upgrades, following up with autoremove and debfoster
<Seveas> Try the do-release-upgrade thing first though
<Seveas> it /win 10
<maxb> It's a practical alternative, though seems a shame to not get the all-in-one tidyness of do-release-upgrade, which is one of Ubuntu's nicest improvements over Debian
<Seveas> as a long-time user of Ubuntu, before do-release-upgraded existed, I'm feeling fairly meh about it
<Seveas> then again, I tend to do crazy things like skipping 5 releases in an upgrade
<maxb> As someone about to have to hack together a basic equivalent for a bunch of Debian servers at work, I'm very enthusiastic about it :-)
<gartral|2> maxb: backport do-release-upgrade and send a push request upstream to the Debian folks.. though they really are purists..
<gartral|2> hm hm hm... checking for new release
<gartral|2> nope...
<gartral|2> "Your Ubuntu release is not supported anymore."
<gartral|2> do-release-upgrade is a jerk
 * maxb agrees :-)
<maxb> Whoever thought up that error message was _not_ writing good UX
<gartral|2> UX?
<Seveas> fancy word for UI
<gartral|2> ah, I was going to backronym it to "User eXplination"
<maxb> eXperience
<Seveas> User eXcrement
<maxb> i.e. how pleased/furious the user is after using the UI :-)
<gartral|2> ah, like windows explorer (HAAAAAAAAAAATE)
<gartral|2> whoever over at Microsoft designed that PoS needs to be found; then Hung, Shot, Quartered, Electrocuted, Crucified and burned.
<gartral|2> ooook on my way to upgrades
<gartral|2> Seveas: should I do the standard upgrade then dist-upgrade?
<Seveas> neh, just dist-upgrade
 * gartral|2 blinks 
<Seveas> otherwise your system may get into a fairly weird state
<gartral|2> ok.. glad I double-checked
<bekks> gartral|2: Whats "PoS"?
<Seveas> bekks: piece of solid-human-waste...
<gartral|2> 1264 upgraded, 213 newly installed, 18 to remove and 0 not upgraded.
<Seveas> sounds about right
<Seveas> autoremove will remove more later
<gartral|2> bekks: depending on context, either "Point of Sale", "Position of Star", or "Piece of S***". in my context, the 3rd one
<maxb> The upgrade then dist-upgrade thing is just a way to enforce a different ordering on the package upgrades. The 'weird state' is that once you've started that kind of upgrade, you're committed to following up with the dist-upgrade right after, or your system _will_ be in a weird state
<gartral|2> I love my internet. almost 2000 packages in about 30 minutes
<gartral|2> doo-dee-doo
<maxb> I'm guessing the upgrade then dist-upgrade thing came about either because it helped apt steer around some dependency resolution problems it had difficulty solving right, or possibly because it divides the upgrade into "less likely to interfere with people trying to simultaneously use the system" and "more likely to interfere ..." portions
<gartral|2> maxb: considering under *normal" usage dist-upgrade tends to upgrade kernels/thing that require a reboot, I'm going to say the latter
<gartral|2> 13:38 -!- Jarvis2 [~java@host86-139-75-0.range86-139.btcentralplus.com] has quit [Excess Flood] <--- phhht... bot
<bekks> gartral|2: Or just a bouncer running wild.
<gartral|2> my * hurts >.<
<gartwitch> yay... terminals craashed
<gartwitch> oh wow
<Seveas> gartwitch: long live screen/tmux :)
<gartwitch> telnet towel.blinkenlights.nl
<gartwitch> Seveas: oh yea. I use byobu
<gartwitch> is it bad that I can hear my server's hard drive from the next room, when the thing is in my bedroom closet?
<dasjoe> Well, it might be bad. Depends on the noise
<lordievader> Time for a smart check, I'd say.
<dasjoe> I'm using a small script to check my SATA disks' SMART values, https://gist.github.com/dasjoe/a7252e3f737ec36de36f
<gartwitch> it was a joke question , it's just the brand of HDD...
<Patrickdk> hmm, smartmontools does that automatically
<Patrickdk> really should use it instead of a script
<Patrickdk> realtime notification, scheduled disk smart test runs
<dasjoe> Patrickdk: I prefer doing it manually before and after a run of "badblocks -svwe 3" so I can compare outputs. Also, I only want to see the stats I'm interested in, like http://paste.debian.net/191119/
 * gartwitch passes out pancakes
<Patrickdk> during a disk test is different
<Patrickdk> I mean more for production usage
<Patrickdk> not randomly for disk checks
<gartral|2> Seveas: what was that command... debfiller?
<gartral|2> Seveas: should i reboot before or after the autoremove/debfoster?
<Seveas> gartral|2: reboot after dist-upgrade has finished, but ONLY if it finished without errors. If there were errors, pastebin them.
<gartral|2> Seveas: understood
<gartral|2> you know what apt needs?
<gartral|2> apt needs a way to show an estimate on the amount of your life wasted by babysitting it, measured in time.
<gartral|2> uuuughh
<gartral|2> Seveas: looks like it completed without error
<gartral|2> uh oh...
<gartral|2> Seveas: great... it's giving me connection refused when trying to ssh back in
<gartral|2> Seveas: then agin, it really helps when I type the damn address right >.>
<gartral|2> Seveas: autoremove or debfoster first?
<gartral|2> bekks: hey
<gartral|2> maxb: you around?
<maxb> hello
<gartral|2> do you know if I should autoremove or debfoster?
<maxb> These are mainly tidying-up operations. Wise for the long term sanity of your installation, but not immediately critical
<Seveas> gartral|2: autoremove. debfoster takes time and you'll want to study its manpage before running it.
<gartral|2> Seveas: sudo seems to be throwing an odd error: "no talloc stackframe at ../source3/param/loadparm.c:4864, leaking memory
<gartral|2> seems to be samba related, meh
<Seveas> gartral|2: I'm afraid it's bedtime here, so I can't help any further
<devster31> hi, what's the preferred way to get python 2.7.9?
<lordievader> !info python2
<ubottu> Package python2 does not exist in vivid
<lordievader> !info python
<ubottu> python (source: python-defaults): interactive high-level object-oriented language (default version). In component main, is optional. Version 2.7.9-1 (vivid), package size 133 kB, installed size 680 kB
<lordievader> devster31: What version of Ubuntu are you running?
<devster31> 14.04 unfortunately
<devster31> 14.04-2 server
<lordievader> !info python trusty
<ubottu> python (source: python-defaults): interactive high-level object-oriented language (default version). In component main, is optional. Version 2.7.5-5ubuntu3 (trusty), package size 130 kB, installed size 671 kB
<lordievader> devster31: The Ubuntu Toolchain PPA has an Python 2.7.9 available for Trusty: https://launchpad.net/~ubuntu-toolchain-r/+archive/ubuntu/ppa
<devster31> oh, nice
<tyler_wylie> Has anyone setup an ubuntu-server VPS as a VPN endpoint? I am having issues with ISP's backbone routing trying to enjoy games and am tempted to roll my own VPN via VPS
<Locke2002> I can't find the right way to google my problem. What are the right key terms I should search for: I already have a mail server and I want the other hosts on my domain to use the mail server for their mail?
<Patrickdk> dunno, that is very undefined
<Patrickdk> what mail software are you using?
<Locke2002> sendmail
<Patrickdk> what exactly is meant by other hosts on my domain
<Locke2002> just other ubuntu servers. I don't know if it's a stupid thing to want, but I want to use alpine from any of my other servers for the same inboxes
<Locke2002> I guess that's a side point. What I really want in the long run is to be able to have the other hosts send mail to/through my mail server
<Locke2002> and I guess that just means reading and understanding more about relaying?
<Patrickdk> I guess you just want your server to act as a msa then
<Patrickdk> google how to configure sendmail as an msa
<Patrickdk> and how to setup your other servers to use it
<Locke2002> Thank you, I will look into that :)
<Patrickdk> generally to simplify things, you would setup a nullmailer on the other machines
<Patrickdk> rather than use a full mailsystem on them to relay to that one
<Locke2002> ah ok
#ubuntu-server 2016-05-30
<Troy^> Hey guys has anyone routed there home LAN through a second NIC in their Ubuntu Server that uses a OpenVPN client. So all traffic on the LAN is routed through the WAN NIC that is using the OpenVPN client?
<worm5er> Question for folks... I'm trying to do some automated builds using preseed files, but having some issues with getting LVM and a single disk install (which does not utilize all the disk space up) working...
<worm5er> I'm curious if anyone has a known working LVM based single disk preseed file for me to look at...  To note, I've looked at many of the examples, and have been running tests on a VM for the last few weeks, and can't seem to get an LVM preseed on a portion of the disk..  Granted, I'm willing just to rework a "last" partition if needed, but struggling heavily with getting the preseed to work ...
<Yuri4_> Is it OK to install WordPress + LAMP on a VPS as a root? I will be transfering WP multisite from cheap hosting to that VPS.
<Yuri4_> Is it OK to install WordPress + LAMP on a VPS as a root? I will be transfering WP multisite from cheap hosting to that VPS.
<bhuddah> don't Spam, Yuri4_
<Yuri4_> sorry forgot to log in and wasn't sure that message wen trough
<MannerMan> #ubuntu-touch
<MannerMan> ops, sorry
<iberezovskiy> hi
<Yuri4_> iberezovskiy, privet!
<cpaelzer> Yuri4_: what you ask for is asking for opinions - since there is no hard "is it ok" for your question
<cpaelzer> Yuri4_: IMHO - I consider WP dangerous as it is a common place trying to be exploited
<cpaelzer> Yuri4_: that said (!opinion!) I would not like it in general without a lot of extra protection
<cpaelzer> Yuri4_: personally I'd start to put it in a isolated KVM guest or (LXD container these days) to further conatain any potential risk
<cpaelzer> Yuri4_: since you already ahve a VPS - 2nd level isn't fast usually, so I'd give LXD a try
<cpaelzer> rbasak: I love http://www.justgohome.co.uk/blog/2015/01/ubuntu-package-versions.html - I wonder thou how often I have to read it in my life until I no longer have to read it in soem cases :-)
<fermulator> is there somewhere else I should be asking Canonical Landscape related questions? Not having much luck in the past.
<shewless> Hi There. Wondering if someone can help me get keystone to be integrated into LDAP. I've read the instructions and made changes to keystone.conf but I'm getting an error from keystone saying "domain not found". I don't think it's even hitting the LDAP config yet.. the domain is coming from the "domain" field on the horizon login. Here is my keystone.conf: http://paste.ubuntu.com/16834199
<shewless> Would anyone be able to help?
<Guest45030> test
<NegativeFlare> Guest45030: https://help.ubuntu.com/lts/serverguide/network-configuration.html
<NegativeFlare> check that out
<Guest45030> thanks, looks like no eth interfaces.
<kyle__> What is the smallest/ligtest command you can run that gives output on stdout?
<patdk-lap> echo
<kyle__> I have a box that I think is swapping to hell/invoking the OOM killer, trying to see.
<kyle__> Humm.  Still nothing.  using ssh -v I can see it hanging after 'Entering interactive session', never even completing the "Sending environment"
<shewless> Hi. Maybe someone could help me find the most up-to-date keystone configuration documentation. I'm not sure if I'm using the right one: http://docs.openstack.org/developer/keystone/configuration.html
<kyle__> shewless: You want the one that matches the keystone you're using, not the most up to date.
<kyle__> openstack's most up to date docs are for the one in development.  They also maintain the current, and I think 1 or 2 back.  Which also means that if you're using keystone in a project and don't think you'll be updating it along with each of their releases... make a dump of the docs with wget
<shewless> kyle__ : thanks I'm using mitaka.. but I can't find specific docs for that
<kyle__> Hu.  That might be it then... Not sure.  http://docs.openstack.org/mitaka/install-guide-ubuntu/
<kyle__> It's been a whiel since I had to dig around on there, but I'm not seeing a different keystone section than waht you found.
<kyle__> We're still on liberty at my work.   I tend to only look at their docs when I'm writing the recipes for work, or when something breaks and we're all lost.  Sorry
<shewless> kyle__: thanks. those docs are just for installing keystone.. but they don't go into any detail on actually configuring it.
<jklare> coreycb hey, any news on the gnocchi packages for trusty?
<kyle__> /window close
<devster31> where should I enable idmapping ? /sys/module/nfs/parameters/nfs4_disable_idmapping or /sys/module/nfsd/parameters/nfs4_disable_idmappin
<devster31> also, can I persist those changes across reboots?
#ubuntu-server 2016-05-31
<ubuntu_> Hello, ubuntu-server won't ad a network adaptor.
<ubuntu_> test
<linuxmint> Hello?
<cpaelzer> good morning
<halvors> Hi. How can i disable dhclient for some given interfaces?
<Walex> halvors: that's not a good question
<halvors> Walex: Is there any way to just run the dhclient on a spcifed interface? Where is the config file for this?
<Odd_Bloke> halvors: /etc/network/interfaces and /etc/network/interfaces.d/* should be what controls it.
<coreycb> jklare, it looks like bug 1586443 was fixed so I'll take a look at backporting gnocchi again.  it's going to be a bit though if at all since the fix will need to land in yakkety first before an SRU to xenial can be approved.
<ubottu> bug 1586443 in Gnocchi 2.1 "i386 tests exhaust threads" [Medium,Fix committed] https://launchpad.net/bugs/1586443
<coreycb> jklare, your best bet would be to test on xenial
<jklare> coreycb thanks, would be great to see it in trusty too. We are already using it on xenial and it seems to work :)
<coreycb> jklare, that's good to hear.  I'll keep you posted.
<halvors> Odd_Bloke: Well, it isn't as both are completly empty.
<halvors> But dhclient still requesting DHCP on all interfaces.
<cpaelzer> halvors: for static and manual configs it shouldn't - would you mind providing a pastebin of your /etc/network/interfaces[/.d] and name an interface in it that you expect to not do dhcp, but does it?
<halvors> cpaelzer: As i said both /etc/network/interfaces and /etc/network/interfaces.d is empty.
<halvors> cpaelzer: My interfaces is configured with iproute2
<Odd_Bloke> halvors: Could you pastebin your /var/log/syslog somewhere?
<cpaelzer> halvors: ah I read that as "not empty" sorry
<cpaelzer> like "it is not like both would be completely empty" - anyway clarified now
<cpaelzer> somebody might know the inner workings if that file is completely empty (I don't out of my head) - I'd try to just replace dhclient with a wrapper that reports PPID and current ps axlf output to a tmp file - so you'd see where it is coming from
<Impaloo> Hey not sure what's going on with a mounted USB stick. `df` says it has 29G used, whereas `du` says the mount point has 3.6G usage
<Odd_Bloke> Impaloo: Could you pastebin the two outputs?
<Impaloo> Odd_Bloke: http://pastebin.com/C8V710Bp
<Impaloo> worth noting it's an exFAT fs
<Odd_Bloke> Impaloo: Hmm, I'd expect du to report permissions errors, but there might be files on there that your user can't access?
<Impaloo> Odd_Bloke: nope, no extraneous files
<Odd_Bloke> Do you have access to any other distros/OSes?  What do they report/
<Odd_Bloke> *?
<Impaloo> Odd_Bloke: unfortunately no, on Raspbian atm
<Odd_Bloke> Hmm, afraid I'm out of ideas then. :)
<Impaloo> i'll try reformatting to ext4
<cpaelzer> Impaloo: http://serverfault.com/questions/57098/du-vs-df-difference http://linuxshellaccount.blogspot.de/2008/12/why-du-and-df-display-different-values.html
<cpaelzer> Impaloo: the difference of "trusting superblock" vs "counting" could be amplified by behavior of xfat in your case
<cpaelzer> As Odd_Bloke thought the omst common issues are permissions or mounting over directories then invisible to du
<jayjo> Is there a way to program a cron job to skip certain calendar days - as in skip July 4th, August 2nd, etc
<cpaelzer> jayjo: I don't know of a "skip" parm, people usually do like this http://unix.stackexchange.com/questions/88770/cron-to-not-run-on-specific-day-but-all-other-days
<Walex> jayjo: not really, but you can write a shell script script to do that with 'date'
<Walex> halvors: I think that you are asking the right question...
<Walex> halvors: I think that you are NOT asking the right question...
<Walex> halvors: it usually helps if you say first what you want to achieve, not about the way you think is theb way to do it.
<Walex> halvors: for example "I have 2 interface and I want to configure statically one and dynamically the other and I am using 'ifup'/NM/... to configure them.
<smoser> flarunt, invalid manifest (sorry, long weekend). is that still an issue ? you're saying the manifest file in the ova has invalid sum for the .ovf file i think, right?
<Walex> halvors: you could also ask why your original question was wrong...
<Walex> or at least looked wrong.
<smoser> please file a bug against cloud-images https://bugs.launchpad.net/cloud-images/+filebug
<jayjo> Walex: so use a cronjob to execute a shell script, and that script will only continue if it meets the date param criteria?
<devster31> can I apt upgrade python* making apt only update packages already installed?
<patdk-wk> why do you want to update python? but nothing else?
<devster31> it was an example, first thing
<shewless> Hi guys. Does anyone know a good place to read up on keystone configuration? I'm using this guide but it does not give enough detail on LDAP configuration: http://docs.openstack.org/developer/keystone/configuration.html
<shewless> Do I need to download the source code and read it or is there some proper documentation that I just can't find?
<devster31> shewless: #openstack and #openstack-keystone might be better fits?
<shewless> devster31: thanks I'll look there. To be honest you guys at ubuntu-server are far more responsive :)
<devster31> maybe, but I know absolutely nothing about openstack, you could also try http://docs.openstack.org/developer/devstack/ if you aren't already
<caribou> rbasak: I'm done with the kexec-tools's merge; should I wait for usd-import to be run so I get the repository created ?
<jamespage> coreycb, poked a load of things in packaging CI today
<jamespage> most things working/in the pipe for build testing again
<jamespage> ironic broken due to my mistake in the versioning field for the build - fixed now
<coreycb> jamespage, awesome, thanks.  b1 should be released any day now.
<jamespage> coreycb, yah - I see global-requirements sync's going past
<jamespage> coreycb, we should probably do a oslo.* run through
<jamespage> (says the man not here for the rest of the week)
<jamespage> coreycb, we're nearly deployable from branch PPA's now
<coreycb> jamespage, ok.  on that note I'm catching up on all the upstream g-r review policies etc to help out with that.
<jamespage> \o/
<jamespage> coreycb is awesome
<coreycb> jamespage, lol I've not done much yet.  ack on the oslo bumps.
<coreycb> jamespage, re: almost deployable from PPAs, are you referring to the charms?
<jamespage> coreycb, yes
<coreycb> jamespage, that's good, so we should be in pretty good shape to get b1 out the door.
<jamespage> hope so
<cpaelzer> caribou: you might want to highlight nacc for that question as well - @nacc importer timing question above
<rbasak> caribou: I was about to reply to you when nacc appeared!
<rbasak> nacc: seen caribou's request for import of kexec-tools? I wanted to ask you if I'm fine to run the importer for people on request now.
<rbasak> (I haven't actually tried to run it at all yet :-/
<nacc> rbasak: it would work, but i've not pushed our rework yet
<nacc> rbasak: so it would result in a different tree, not sure if kexec-tools would be affected or not :)
<nacc> rbasak: i can do the import later today, i think, i was pretty close to being done with the rewrite on friday
<nacc> rbasak: i'll respond to caribou on-list regardless :)
<nacc> rbasak: if that's ok with you?
<rbasak> nacc: sure!
<nacc> rbasak: also, did you see my last e-mail from last week? re: merge and double-commits?
<rbasak> nacc: sorry, I forgot about that.
<nacc> rbasak: np! long weekend and i sort of asked you not to respond at the time :)
<rbasak> nacc: I think one commit is fine, but we'll have to end up with two commits when a user pushes to upload/<version>
<rbasak> This is assuming that there isn't a case I'm missing here.
<nacc> rbasak: right, i'll need to consider that case still (right now, i'm not handling upload/ being added properly, i expect, even in the current code)
<rbasak> It would be nice if the importer could somehow detect and add the second commit so a merger would only have to upload a straightforward rebase, but I'm not sure that's possible.
<nacc> rbasak: yeah, i'll think through it, and worst-case put some comments in
<caribou> nacc: rbasak: on-list is fine for me btw
<nacc> caribou: thanks, sorry for the delay, holidays and just waking up now :)
<caribou> nacc: no worry, I was fighting with my merge anyway
<caribou> nacc: I need to spend some time cleaning the Wiki's notes & merge mine
<nacc> caribou: ack, i also was considering making a second page that's more tied to this tool and with a working example
<caribou> nacc: well, I will most probably have to redo my own merge with the new tree so I'll write down a set of side notes that I can add somewher
<nacc> caribou: sounds good -- it'll be some sort of combination and distillation of what's in the serverreleasehandling page (which has gotten quite long :)
<caribou> nacc: some pkg specifics makes things weird sometimes; like kexec-tools that provides patches that it doesn't apply and that are removed as delta
<caribou> nacc: couldn't figure out why there were patches in d/p but the result was still ok wrt the merge :)
 * caribou makes a note to submittodebian this one
<rbasak> There's a thought
<rbasak> submittodebian could do with expanding to work on individual git commits.
<nacc> rbasak: yeah, all of these tools and stuff, are part of what i want to document, too :)
<nacc> rbasak: i will say the new algorithm makes some nice gitk graphs :)
<caribou> nacc: FYI, I have pushed a kdump-tools update which should take care of the ppc64el crashkernel issue
<caribou> nacc: It'll hit Yakkety once I get kexec-tools merged in
<nacc> caribou: awesome, that's what i was looking forward to seeing :) i'm sure ibm will appreciate it ... eventually :)
<caribou> nacc: well, I'll need someone to formally test it as I don't have the hardware available
<nacc> caribou: yep, should be easy to find someone if you need me too
<rbasak> rharper: for bug 1518440, I'll mark as cleared in my tracking. There seem to be enough people affected that one would think someone could complete SRU verification. If not, then the SRU team will warn and remove, and I think that's fine to avoid regression risk (if nobody cares).
<ubottu> bug 1518440 in MAAS "tgt fails to install in LXD" [Medium,Triaged] https://launchpad.net/bugs/1518440
<rbasak> rharper: thank you for driving.
<rharper> rbasak: sure
<rbasak> nacc: for the bacula bugs, I think I'm missing a big picture of how the different issues interact. For the MySQL-specific ones, upstream and I are quite happy to help - I'm just not sure how everything needs to fit together to make the whole thing usable.
<nacc> rbasak: yeah, i think we discussed this during the sprint and was why we demoted bacula to universe?
<nacc> in 16.04
<rbasak> nacc: I think that given we demoted it it's up to us to unbreak it. Once unbroken and in sync, we (Canonical) have done our duty and don't need to worry about it any more.
<nacc> rbasak: ack, not disagreeing
<rbasak> magicalChicken: around? I've got some old bug assignments I'm tracking - bug 869017, bug 1394403, and a new one, bug 1511222.
<ubottu> bug 869017 in kbd (Ubuntu) "Ubuntu server enables screenblanking, concealing crashdumps (DPMS is not used)" [Medium,Triaged] https://launchpad.net/bugs/869017
<ubottu> bug 1394403 in apache2 (Ubuntu Trusty) "RewriteRule of "^$" is broken" [Medium,Incomplete] https://launchpad.net/bugs/1394403
<ubottu> bug 1511222 in apache2 (Ubuntu Trusty) "Incorrect trusted proxy match test in mod_remoteip" [Medium,Triaged] https://launchpad.net/bugs/1511222
<rbasak> magicalChicken: I know you've been out, but jgrimm informs me that you should be able to work on these again soon, so I'm just checking in.
<magicalChicken> rbasak: Hey, I'm back in this week
<magicalChicken> Sure, I'll pick these back up, I think I had partial fixes for all of them, just never got through the final stages for getting them approved
<magicalChicken> I'll take a look at the new apache bug first
<rbasak> magicalChicken: thanks!
<magicalChicken> rbasak: Of course, sorry it took so long to get the two old bugs handled
<spaceturtle> Does anyone know how I can use an .ssh/config entry that will re-write my username based on the hostname? The %h varaible doesnt work for User
<EmilienM> coreycb, jamespage: did you already try trove? trove-taskmanager recently fails to start on Mitaka (works on RDO): http://logs.openstack.org/20/323320/1/check/gate-puppet-openstack-integration-3-scenario003-tempest-ubuntu-xenial/cb423b0/logs/etc/trove/trove-taskmanager.conf.txt.gz
<EmilienM> err, wrong link
<EmilienM> http://logs.openstack.org/20/323320/1/check/gate-puppet-openstack-integration-3-scenario003-tempest-ubuntu-xenial/cb423b0/logs/trove/trove-taskmanager.txt.gz#_2016-05-31_12_25_39_482
<EmilienM> coreycb, jamespage: found it, it's a bug in packaging I'm reporting it
<jamespage> this rings a bell - something todo with the wrong config files EmilienM?
<EmilienM> yes
<EmilienM> trove packaging loads trove.conf only
<EmilienM> while trove use multiple files
<jamespage> EmilienM, https://bugs.launchpad.net/bugs/1516471
<ubottu> Launchpad bug 1516471 in openstack-trove (Ubuntu Xenial) "systemd init scripts not setting correct conf file" [High,Triaged]
<jamespage> I have a fix committed in the repo
<EmilienM> omg
<EmilienM> so it's not fixed in xenial?
<jamespage> unsurprisinly a comment on a bug is not always the best way to get peoples attention
<jamespage> I picked that out of the backlog last week
<EmilienM> we disable trove testing on ubuntu in the meantime.
<jamespage> EmilienM, sure - I'll get the bits lined up next week (about to disappear for a few days).
<jamespage> EmilienM, is it relatively easy for you to test from our stable branch PPA's?
<jamespage> ppa:openstack-ubuntu-testing/mitaka will have pre-upload fixes in a while
<EmilienM> jamespage: we already released mitaka, which means now we rely on what you provide in stable repo
<EmilienM> jamespage: we don't want to use ppa on purpose because we want stable things
<EmilienM> and fwiw, trove was working on trusty/mitaka
<EmilienM> jamespage: we can enable ppa but only for our master branch (and only if you give us newton packages)
<EmilienM> otherwise, we're not interested by ppas
<jamespage> EmilienM, I was not suggesting you release an update with a PPA; I was asking whether you could help test the fix
<ddellav> coreycb almost forgot, lp:~ddellav/ubuntu/+source/keystone and lp:~ddellav/ubuntu/+source/ceilometer re: https://bugs.launchpad.net/ubuntu/+source/keystone/+bug/1587589
<ubottu> Launchpad bug 1587589 in keystone (Ubuntu) "[SRU] liberty point releases" [Undecided,New]
<coreycb> ddellav, keystone looks good. can you rebase ceilometer?
<ddellav> coreycb i thought i did but i'll look again
<coreycb> ddellav, there were probably some ci fixes that snuck in since
<aslaen> hello, I am trying to use openstack autopilot. I have MaaS installed and working (nodes ready), juju installed and connected to MaaS, but when I run autopilot it fails because the environments.yaml is ignored and it uses ~/.cloud-install/juju/environments/maas.jenv instead.
<aslaen> For some reason that yml file tries to connect to MaaS on port 5420 but my MaaS runs on port 80 so it fails
<aslaen> sorry meant 5240
#ubuntu-server 2016-06-01
<thekrynn_> hello, was wondering if anyone knew why a screen's /var/run/screen file resets all associated stat times when it's attached to or detached from
<jelly> it's not a file, it's a named pipe
 * jelly hides
<rbasak> nacc: could you take look at bug 1576734 please [triage]: is this familiar?
<ubottu> bug 1576734 in apache2 (Ubuntu) "package apache2 2.4.18-2ubuntu3 failed to install/upgrade: Unterprozess installiertes post-installation-Skript gab den Fehlerwert 1 zurÃ¼ck" [High,Confirmed] https://launchpad.net/bugs/1576734
<rbasak> Syntax error on line 2 of /etc/apache2/mods-enabled/php7.0.load: Cannot load /usr/lib/apache2/modules/libphp7.0.so into server: /usr/lib/apache2/modules/libphp7.0.so: cannot open shared object file: No such file or directory
<caribou> nacc: I'm not sure I know how to proceed with the git repo that you created for kexec-tools
<caribou> nacc: from what I understand, this git repo contains the equivalent of the git-dsc-commit on all existing source packages available
<caribou> nacc: with the appropriate tags
<coreycb> ddellav, jamespage: neutron-lbaas seems to have been fixed, possibly from a dependency bumps
<rickbeldin> Good morning.  A partner in Korea was looking for some historical release notes on 12.04.5 but found that the Wiki is essentially empty.  Is there someplace else that has release notes and changelogs for 12.04.5?   You can see the page that ways still under development here:  https://wiki.ubuntu.com/PrecisePangolin/ReleaseNotes/ChangeSummary/12.04.5
<rickbeldin> s/ways/page/
<teward> rickbeldin: just for .5, or are they looking for 12.04, 12.04.1, 12.04.2, 12.04.3, and 12.04.4 as well?
<teward> because there's a lot of different data there - strewn across multiple pages.
<teward> best thing to look at are release notes rather than change summaries
<rickbeldin> Just for .5.
<rickbeldin> teward: just for .5.  All the others seem complete.
<teward> looks like it's not complete, and I can't find anything - my guess is *maybe* there's nothing but pacakge version chagnes there, but don't quote me
<rickbeldin> I found an announcement page which has minimal info.  They are looking for something like this https://wiki.ubuntu.com/PrecisePangolin/ReleaseNotes/ChangeSummary/12.04.4
<rickbeldin> Aren't the .minor releases usually just for new hardware enablement within a main release?
<teward> and maybe installer issues, but it just looks like the page wasn't completed.  Nothing we can do, and I don't think logs are kept anywhere specifically...
<rickbeldin> I know it is old stuff, but 'encounraging' people to let go of the past can be done sometimes with documentation.  : )
<rickbeldin> Apologies.  I can't type today.  :)
<rickbeldin> I think the best we can do is a diff of the manifests between 12.04.4 and 12.04.5?  Does that make sense?
<nacc> caribou: right
<nacc> caribou: so, IMO, you'd clone it, go through the process of breaking ubuntu/yakkety into reconstruct/version then logical/version, then rebase that (new) local tag onto debian/sid
<caribou> nacc: ok, I'll try that out & shout if I have problems :)
<caribou> nacc: thanks!
<nacc> caribou: np
<nacc> caribou: and then, eventually, it'll be in a place more people can push to (possibly) -- and so it would not just be the imported versions, but also the active development repository (or could be), and so you'd push your stuff up to lp, we'd merge it in and tag it as 'upload/version' rather than 'import/version' in that case
<nacc> caribou: that process probably needs refinement still :)
<caribou> k
<nacc> rbasak: found a bad case for our 'versions never go backwards' :) clamav 0.91.2-3ubuntu2.1~feitsy1 was published after 0.92~dfsg-2~feisty1 in feisty-backports. The first was deleted, technically, as a bad a backport, but I don't have a way to know that algorithmically. I think this would be a stil-valid case of having hte 'parent override'?
<teward> stupid question, but i've got an (ancient) mail server set up with dovecot in a "every mailbox is a folder in an on-the-system user's home directory" for every email address, and I'm trying to copy its data to a newer Ubuntu version; assuming I've copied over /etc/passwd, /etc/group, and /etc/shadow correctly to keep the same user authentications across both systems, would an rsync with the argument flags -o -g -A -D be enough to copy all the
<teward> data from the old server to the new and retain permissions/ownership/etc. so Dovecot and such would still work?
<teward> egads that's a long message
<ikonia> in theory yes
<ikonia> nothing stupid about that question
<teward> ikonia: 9.04 box -> 14.04 box though
<teward> hence the question
<teward> stupid because E:AgeOfOriginSystem
<ikonia> not sure why that matters,
 * teward shrugs
<ikonia> you may need to adjust the exim config if there are feature differences
<nacc> i think it should be fine, as well, from a permissions perspective
<teward> ikonia: anything I should be aware of, then, moving the dovecot configurations over from such an old version to 14.04?  I expect this to be an evil migration headache in terms of settings, but I basically copied over the permissions to start with; would go through and modernize after
<teward> lovely thing about backups is that they're there in case i botch things heh
<ikonia> teward: should be fine, I'd look at any feature differences between the two dovecot versions
<teward> s/permissions/permissions and origin system settings/
<teward> ack
<ikonia> I wouldn't blindly copy over the config
<ikonia> certainly the data
<teward> ikonia: y'know the problem though - i didn't configure it initially
<teward> so i'm walking into the config blind :/
<teward> at least, in the config migration
<ikonia> teward: all the more reason not to copy it across
 * teward shrugs
<ikonia> work through the config - understand how it works, then re-apply that same concept to the later version of dovecot
<ikonia> most of it should be the same, maybe some silly stuff around uid/gid of system users and some auth/encyption stuff would be different/better
<teward> ikonia: time then is the problem - learning dovecot in this case would take too long for the migration plan at the workplace.  Kind of getting things handed to me, rather than being consulted with first :/
<ikonia> shouldn't take long, it's pretty clear english in terms of a config
<ikonia> just visually comparing parameters would be enough
<teward> ikonia: so, what, compare original to a default from 14.04, drop things in where necessary?
<ikonia> you'll probably find the only real differences are the auth/encyption stuff
<ikonia> teward: more "merge"
<ikonia> or "port
<ikonia> "
<ikonia> you may find totally identical functionality, in which case, just copy the whole file
<teward> i wonder how stock the configs are on this origin system
<ikonia> but that wouldn't be my starting point
<rbasak> nacc: two publications in the same pocket going backwards? Yeah, sounds like a parent override is needed to me. Apart from warning or failing, I don't see what else we could do in that case.
 * teward goes hunting for the packages
<nacc> rbasak: yeah, back-to-back, becuase the first was in error (per the publishing log on lp)
<nacc> rbasak: ack, will add that, so i can import clamav for jgrimm :)
<jrwren> teward: why not rsync with -a?
<jrwren> teward: iirc dovecot config changed a bit. you will want migrate the config.
<teward> jrwren: i'm going through config line by line now to try and find what changed - doesn't change the fact it's a PITA to do
<teward> jrwren: didn't see -a on the version of rsync on the origin system
<jrwren> teward: yup. i did it once. it was a PITA
<teward> AFAICT so far, it's pretty stock
<jrwren> teward: rsync -a was there in 9.04, i'm pretty sure.
<teward> but ehh
<teward> jrwren: already ran the rsync, but i'll do that next time
<teward> until the new server is 'up' I expect to have to rsync data again
<teward> :p
<teward> jrwren: imap imaps pop3 pop3s in older, I assume that the s indicates SSL-secured?
<jrwren> teward: yes
<teward> jrwren: funny story: dovecot comes with a 'migrate the configuration' tool :/
<teward> lol
<ikonia> teward: I wouldn't trust that tool
<jrwren> teward: well, i wish I knew that a couple yrs ago
<ikonia> it's a bit hit and mess (of course depends on your config)
<teward> ikonia: it gives me a starting point to see what's evil
<ikonia> very true
<teward> i'm not using it for actually generating the config
<teward> i'm using it as a guide to know what the heck changed :P
<ikonia> nope, can be useful
<teward> it *looks* to me like this is a super basic configuration...
<teward> based on the warnings and what i'm seeing lying around in dovecot
<teward> but... only testing will tell
<jsheeren> hi, anyone got any experience with emulex oneconnect skyhawk 10gb/s nics?
<ikonia> why don't you just ask the question
<ikonia> I've used emulex 10g and fibre - just not the specific skyhawk version, however based on your question my answer should be "no"
<jsheeren> i cannot get the card to detect a link; in the bios the card shows there's a link, but in ubuntu server 16.04 .. No link
<ikonia> jsheeren: what bios ?
<jsheeren> it's using the be2net driver
<jsheeren> the dell server bios
<jsheeren> dell poweredge r620
<ikonia> ok, so thats just a basic link loop connectivity test
<ikonia> the bios version of "green light on the port"
<jsheeren> eys
<jsheeren> **yes
<ikonia> how are you checking the link in ubuntu
<jsheeren> using ethtool
<ikonia> ethtool doesn't support 10G I think (I'm not sure)
<jsheeren> i'm guessing so, 'cause it's not showing any advertised link modes
<jsheeren> nor speed
<jsheeren> anyway i can check the link in ubuntu besides ethtool?
<ikonia> what is the device name on ubuntu
<jsheeren> enÃ 1
<jsheeren> eno1
<jsheeren> sorry; dmesg shows:  eno1: link is down
<ikonia> if you run "sudo ethtool eno1" what do you get
<ikonia> ethtool does support 10G
<jsheeren> settings.. supported ports (fibre) supported link modes 1gb and 10 gb
<jsheeren> cannot paste it (using the drac at the moment)
<ikonia> understandable
<jsheeren> link detected = no
<ikonia> does ubuntu see the card
<jsheeren> yes
<jsheeren> the be2net driver initialises the card according to dmesg
<ikonia> if you do "ip link show" against that card what do you see
<jsheeren> ikonia: no-carrier;broadcast;multicast;up
<jsheeren> then state down
<ikonia> so have you tried configuring the card ?
<rbasak> nacc: am I OK to run the importer out of your git tree to do merges? Eg. exim4.
<nacc> rbasak: i pushed exim4 last night, iirc
<nacc> rbasak: sorry, should have e-mailed last night
<rbasak> Oh. I didn't expect that. No problem, I'll just use it!
<nacc> rbasak: i'm trying to get the parent override stuff in so i can import clamav and then i'll update hte importer git repository properly
<rbasak> OK
<rbasak> nacc: did someone else ask for exim4? Or is that just an example? Just wondering if I'll clash with anyone to merge it.
<nacc> rbasak: jgrimm did, iirc
<nacc> rbasak: not on the list, but in my 1x1 last week
<nacc> sorry, totally blanked on e-mailng that to the list
<rbasak> Was that to merge or for an importer example do you know?
<jgrimm> rbasak, i asked for it.  knowing it needed merged
<rbasak> jgrimm: ah OK. Are you fine with me taking the merge?
<jgrimm> rbasak, yep!
<rbasak> I'm being unproductive so thought I'd hit up some merges.
<rbasak> OK thanks ;)
<nacc> rbasak: btw, the new algorithm's gitk graphs are much cleaner -- esp. wrt to proposed and release
<jgrimm> :) thanks sir
<jsheeren> ikonia: yep in the interfaces file
<jsheeren> but it stays down
<ikonia> jsheeren: what happens when you try to bring it up
<jsheeren> nothing
<jsheeren> there is no link
<ikonia> it must do something ?
<nacc> jsheeren: are you able to (with ip link) set the link manually up? istr there are classes of devices where the link auto-detection doesn't always work (historic, might still happen sometime)
<nacc> rbasak: quick question, if you have a moment
<jsheeren> nacc: i tried that; but no joy
<nacc> jsheeren: ah ok
<jsheeren> i'm guessing there's a driver issue
<rbasak> nacc: sure
<jsheeren> i contacted our contact at dell for this
<jsheeren> i'm hoping he has good news for us tomorrow
<nacc> rbasak: do you mind if we do a hangout?
<jsheeren> got to go
<jsheeren> thank you all for the suggestions/tips!
<rbasak> nacc: inviting...
<teward> ikonia: jrwren: if I want to tell Dovecot the order of where to check for the mailboxes, is that done as mail_location=FIRSTLOCATION:SECONDLOCATION   ?
<ikonia> I think so
<ikonia> not got a config open in front of me to check
<jrwren> teward: i don't nkow. i'd have to read docs. its been a few yrs.
<teward> was just curious if you knew offhand, I'll dig
<ikonia> nope, not off hand
<teward> i'm currently rsyncing the mailboxes which are *not* in user directories >.<
<teward> (23GB+)
<coreycb> ddellav, ceilometer 5.0.3 uploaded to the wily review queue, thanks
<coreycb> beisner,  nova 1:2014.1.5-0ubuntu1.5~cloud0 is ready to promote to icehouse-proposed
<teward> ikonia: I think I have this all done, now, the warnings the system triggered definitely helped, only way to know is to test later heh
<teward> thanks to you and jrwren for your pointers/advice/suggestions
<beisner> coreycb, ok, pushed that
<coreycb> beisner, thanks
<beisner> yw coreycb
<coreycb> beisner, neutron 2:8.1.0-0ubuntu0.16.04.2~cloud0 is also ready to promote to mitaka-updates
<beisner> coreycb, any stable charm implications re: pkg version?
<beisner> ie. 8.0.0 --> 8.1.0
<coreycb> beisner, I think they've all landed, but let me check
<beisner> coreycb, yah i see         ('8.1', 'mitaka'),   in neutron-gateway @ stable/16.04
<beisner> landed may 18
<coreycb> beisner, yes, and neutron-api / neutron-openvswtich are good too
<beisner> coreycb, ah yes, was looking for landscape clear signals.  they've marked fix-committed on that side.  pushing!
<coreycb> beisner, yay :)  btw james fixed up that charm-helpers code so we shouldn't have to deal with the version bumps anymore, in the next version of the charms at least
<beisner> coreycb, sweet!
<beisner> coreycb, pushed re: bug 1580674
<ubottu> bug 1580674 in Landscape Server 16.05 "[SRU] mitaka neutron 8.1.0 point release" [Undecided,Fix committed] https://launchpad.net/bugs/1580674
<ikonia> teward: very nice work
<teward> ikonia: give me a stick, i think i need to beat myself with it 'cause dovecot gave me a headache, and I should have learned this a year ago when doing my linux certification training heh
<Yuri4_> Guys, how do I make 2 servers to be exactly the same? I already have 1 set up. I need second to back up first under load balancer.
<teward> Yuri4_: 'exactly' the same is not possible, there *will* be minor differences
<teward> image the first one, put the image on the new one, adjust hostname and IP data
<teward> that's how I'd do it
<Yuri4_> teward, but once the data on server 1 change, the data on server 2 stays the same
<Yuri4_> so...
<teward> Yuri4_: network storage between the two servers for sharing of data, and then that problem goes away; secondary issue you're always going to have though is that there's the one central datastore then
<teward> and you don't state if loadbalancing is done at the same physical location, or between two servers not at the same location
<Yuri4_> teward, and how do I do that
<Yuri4_> ?
<Yuri4_> teward?
<pentiumone133> i have a remote ubuntu server that i need to change the IP address on, what ould be the best way to do so to ensure I dont get locked out of it forever
<pentiumone133> just change interfaces fine and bounce the nic somehow?  whats the best way to bounce it these days?  i know that you used to do init.d/networking restart but im seeing some articles that the begavior of that script is different now
<pentiumone133> ifdown eth0 && ifup eth0 in a screen session?
<sarnold> maybe skip the && -- if the first fails you don't want the second to be ignored
<pentiumone133> good point
<sarnold> tych0: that reminds me, I saw in your lxd networking blgpost that you suggested restarting the networking service -- I thought we blocked that from doing anytuing in recent releases?
<pentiumone133> id really like to take the existing IP that it is using and move that to eth0:1, and give eth0 a new address
<pentiumone133> then i can take eth0:1 up and down with the ip that i care about without loosing connectivity
<tych0> sarnold: oh, could be actually
<tych0> sarnold: i mostly pulled that from some instructions i wrote a while ago
<tych0> let me see.
<pentiumone133> in my case it is an 11.04 box
<sarnold> zounda
<sarnold> zounds, too
<patdk-wk> man, 11.04 hasn't been supported since a lifetime ago
<pentiumone133> exactly why im doing this.  replacement is ready to go but i need the replacement to have the same IP
<sarnold> pentiumone133: if this is just a temporary measure maybe just use ip addr add ... and skip the /etc/network/interfaceds and so on?
<pentiumone133> it will be permenant but because it is remote, i need to be able to get into hte old machine if i have to after the new box is live
<pentiumone133> at least for a day or two before they can overnight it to me
<pentiumone133> basically if i change over and SHTF i need to be able to bring the old one back without buying a plane ticket
<pentiumone133> although, it is in vegas, so maybe that is a better option
<sarnold> hehe
<newbsie> Why is it bad to leave root login if you disable password based login?
<newbsie> Is it because the username is known?
<AndyWojo> because if you log directly in to root, and someone makes a change / causes an issue, you can't see who did it
<AndyWojo> If they logged in as their user, and used sudo, that is tracked.
<newbsie> AndyWojo: ahhhh... so root user doesn't get logged like other accounts.
<sdeziel> newbsie: root or any other users don't have their actions logged (unless you use auditd). On the other hand, when someone uses sudo, this gets logged
<newbsie> sdeziel: gotcha
<AndyWojo> well that's not true
<AndyWojo> the actions are logged as root
<AndyWojo> you just don't know *who* it is
<AndyWojo> so just to show you what I mean
<AndyWojo> log in as yourself, and sudo su -
<AndyWojo> Then do the following two commands:    whoami      who am i
<AndyWojo> When you do, who am i, it shows your real user, even if you are root
<sdeziel> AndyWojo: what do you call "actions logged" the shell history?
<jrwren> newbsie: its bad because nothing is gained by doing so.
<newbsie> jrwren: I guess the short version is, just setup a new user and enable sudo on it and disable root logins over ssh.
<jrwren> yes, especially since that is the default.
<newbsie> jrwren: what do you mean by it is the default? My box spins up with root user.
<jrwren> newbsie: ubuntu hasn't had an password enabled root account in a very long time. Your box may not be ubuntu?
<newbsie> jrwren: I'm sorry, yes you are correct. I misunderstood you. My box spins up with a key-based login
<newbsie> jrwren: pre-set by hosting provider (digital ocean)
<jrwren> newbsie: and they use root for that instead of the "ubuntu" user eh? that is a shame. They shouldn't. They are doing it wrong. Sorry.
<stokachu> jrwren: i dunno i consider DO droplets as throwaway vms
<stokachu> just having a root user to deploy an application is normally all you want
<newbsie> jrwren: yeah, first time I login, it is as root
<jrwren> stokachu: it doesn't matter, its still wrong. cloudimg and CPC is the right way.
<jrwren> newbsie: that is disappointing. Oh well. TIL.
<newbsie> jrwren: I think their focus is on easy to get going, more than setting barrier which security kind of is.
<jrwren> that was windows focus throughout the 90s. It did not end well for internet security ;p
<newbsie> jrwren: It didn't end well for security, but it ended well for marketshare among consumers.
<jrwren> newbsie: indeed. Which approach is better for humanity overall?
<newbsie> jrwren: besides, it's not like the internet is more secure today with the proliferation of *nix systems in general.
<jrwren> newbsie: its not? can you prove that assertion?
<jrwren> newbsie: I do not mean to suggest that the internet is secure, however, the removal of entire exploit vectors has been good for us.
<newbsie> jrwren: Better for humanity? A company existing is pretty good result imo.
<newbsie> jrwren: what I meant to say is that, *nix systems are still vulnerable.
<sdeziel> newbsie: everything is vulnerable ;)
<jrwren> newbsie: now we are getting into economics. Is company existing when quality of life is low for all better than a company not existing, but overall quality of life is better?
<newbsie> sdeziel: of course unless you aren't connected :)
<jrwren> newbsie: when you say *nix systems are vulneraable, are you implying all of them, or only some? which some? what are the vectors? they are much different than they were and that is good and that is my point.
<newbsie> jrwren: So your argument is that it is harder?
<jrwren> newbsie: Yes that is part of it.
<newbsie> jrwren: My point is that the approach is often viewed in a vacuum, and that is a limited view.
<patdk-wk> are we only talking known vectors? or also unknown? quality of developemnt? ...
<jrwren> newbsie: I see. I really like that point. I really dislike blanket prescriptions. Still, in this case, I see no benefit to not doing what cloudimg does, but I'll admit I'm wearing blinders.
<newbsie> jrwren: MS view was to get ease of use, so that every home can have a computer.
<newbsie> jrwren: DO is trying to get more users, and not putting up walls. Security is at your own choice.
<sdeziel> while I'm in favor of sudo in general, most of the time the audit trail isn't reliable because people are used to do sudo -i/sudo su - which bypasses sudo logging
<jrwren> newbsie: I do not see how they will get more users or how it is putting up walls to deviate from the way AWS, Azure and every Ubuntu Certified Cloud Partner does it. It only makes things harder by being different for no reason.
<newbsie> jrwren: You login and you immediately have access to everything. If you are new, you might know about su....
<newbsie> I meant to say, you might not know about it. Similarly, I came in asking very basic questions.
<jrwren> newbsie: if you are new, you will be referencing ubuntu docs often all of which know the way the ubuntu cloudimg does it, all of which document using sudo.
<jrwren> newbsie: yes, we side tracked from your original questions into a rather interesting discussion.
<jrwren> I like DO. I am only disappointed in their deviance from the standard.
<newbsie> jrwren: I found it easier, but I also worked with AWS, and their Amazon Linux logs you in as ec2-user.
<patdk-wk> their amazon linux != ubuntu
<patdk-wk> and they don't claim it is either
<newbsie> patdk-wk: yeah, it is based on redhat I belive
<patdk-wk> it's a redhat/centos clone
<newbsie> patdk-wk: but in general aren't the different flavors kind of similar in the end.... I mean I get the difference in tools included, layout, and so on, but to me as a infrequent user, they all look kind of the same.
<patdk-wk> how are they in the least the same?
<patdk-wk> sure, bash on one, is mostly the same as bash on another
<patdk-wk> except ubuntu doesn't use bash by default, so there goes that
<patdk-wk> config files are totally different
<patdk-wk> ubunt uses apparmor and not selinux
<patdk-wk> they are highly different
<patdk-wk> but if you only look at the surface, sure you could mistake one for the other
<newbsie> patdk-wk: but those are just the tools to me. Can't you just install it?
<patdk-wk> no
<patdk-wk> not without starting to custom compile your own kernel
<patdk-wk> changing things
<patdk-wk> and well, then you just end up with the other system
<jrwren> i agree with you newbsie, they are all the same.
<newbsie> patdk-wk: Well, I'm not knowledgeable about that. To me, I just install whatever I need, and I notice often you can just install whatever you need.
<jrwren> they are the same until they are different.
<patdk-wk> yes, but follow enough documentation for one, and it likely won't work for the other
<patdk-wk> it will be close, but you will run into issues quickly
<patdk-wk> and it might be simple to fix, and it often will run you into a fun rabbit hole :)
<jrwren> yes, what patdk-wk said.
<jrwren> and if you don't knwo the differences, you won't even know you are in teh rabbit hole
<newbsie> but aren't the differences mostly in where configuration files are. The package is often already there.
<patdk-wk> in the simplest of cases sure
<newbsie> hmmm.... So why does this matter?
<newbsie> Like what does these differences do for the user?
<patdk-wk> everything
<patdk-wk> it's a mindset
<patdk-wk> it's a way of thinking
<patdk-wk> it doesn't do anything for the user, except users will fine one or the other easier for them
<jrwren> well, this is #ubuntu-server so to me, users never see this stuff. devs and admins see this stuff. Users use the software and services the devs and admins build and deploy.
<patdk-wk> and then they know what one they are more comfortable with
<jrwren> the devs and admins will care about these differences when they have to make software X work on non-ubuntu distro Y and things don't work.
<patdk-wk> for me, updating rhel system, was just always painful and prone of failure
<newbsie> To me, all these flavors don't add anything. I use Ubuntu, because it is almost always available everywhere, and information is easily accessible.
<jrwren> dig deeper. you'll eventually discover what they do add and have another reason to use ubuntu ;]
<patdk-wk> I use whatever I'm given
<patdk-wk> but since I have a huge repo of software I maintain for ubuntu/debian, I'll perfer ubuntu
<newbsie> I frankly is becoming a devops person, but my experience is quite limited with this.
<patdk-wk> though, I used to maintain the stuff for rhel when I used that before ubuntu existed
<patdk-wk> and for slackware, before rhel existed
<jrwren> you maintain your own repos?
<patdk-wk> me? sure, what sane admin wouldn't
<newbsie> To me these differences is actually making it harder....
<jrwren> do you use reprepro?
<patdk-wk> I used to
<jrwren> what do you use now?
<patdk-wk> oh, for that level, I gave up years ago
<patdk-wk> I use the ppa's since they where made
<newbsie> I don't see the value, but perhaps somebody that tweaks servers, and say need performance for something and they find this flavor suits their need better....
<patdk-wk> doing it manually was much work back then :)
<jrwren> how do you manage rollbacks, given that PPA doesn't support more than one version of the same package?
<patdk-wk> I don't rollback
<jrwren> newbsie: maybe someday you'll see the value.
<patdk-wk> I have a testing ppa I use first
<patdk-wk> and a production ppa
<patdk-wk> and a few others for more customized stuff
<newbsie> jrwren: yeah, if I dig deep enough.
<patdk-wk> I can always just republish, I have all versions on my system
<jrwren> patdk-wk: soo... what if something rolls out to production, is deployed, but a bug is found later and rather than push a new deb (likely takes long) you want to rollback?
<patdk-wk> just compile it and install from .deb?
<jrwren> republish... so... delete from PPA, wait for the delete to process, and re-upload?
<jrwren> hahaha, yeah, compile it and install from .deb is an option.
<patdk-wk> the only thing I really miss, that kindof sucks is
<sarnold> apt-get install foo=version.number.goes.here
<patdk-wk> I wish I could mark things as security updates on ppa's
<jrwren> these are the problems I'm currently facing. Many solutions. I'm wondering what is best.
<patdk-wk> marking as security update is much more annoying to me, than rolling back :)
<jrwren> sarnold: that only works if you point to many PPAs and they have version.number.goes.here and ersion.number.goes.there
<jrwren> sarnold: it is the option I like best.
<patdk-wk> I'm also kindof suprised at how many other people use my ppa
<patdk-wk> get random emails and irc messages from some of them
<apb1963> Got no response in #ubuntu and since printing is a server feature... here goes.  ubuntu 14.04 LTS; I'm using Nimbus screenshot within Firefox - trying to print.  It appears to send it to the printer OK, no errors or anything to indicate a problem.  But the printer just sits there idle.  Nothing in the print queue. "echo test | print" works.  I'm not sure where to go from here.
<nacc> apb1963: not sure how printing is a server feature, and you should read !patience, but i'm guessing one (firefox) is using cups and possibly print (which is the mailcap helper) is using something else, not sure. YOu could try testing with 'lp', iiuc. Or use the GUI to print a test page?
<apb1963> nacc: "echo test | print lpr" works.
<apb1963> nacc yes to cups ... and the HP driver for the HP printer.
<nacc> apb1963: are you sending to a different printer from firefox? not sure what nimbus screenshot is, but can you print anything from firefox?
<apb1963> nacc: Yes.  File->Print works
<apb1963> nacc: Same printer.
<nacc> apb1963: i'd ask the nimbus folks what tehy are doing differntly, then
<apb1963> yeah, kinda thinking the same at this point.  You should take a look at it though, very nice screenshot utility with many features.  Other than it not printing for me of course.
<apb1963> thanks for your help!
<nacc> apb1963: when i need screen shots, i hit print screen :)
<nacc> also i never need screen shots :)
<nacc> apb1963: i would not think they are doing anything special to print, so my guess is they are printing no data, maybe
<apb1963> dunno
<apb1963> sounds reasonable but... strange.
<apb1963> so yeah, I'll ask what they have to say about it.
<apb1963> what's nice about nimbus is it lets you annotate the screenshot.  So add text, color, blur portions of the screen that are "private", etc.
<nacc> apb1963: is that an ubuntu package?
<apb1963> firefox add on
<nacc> apb1963: ah, then definitely should contact the upstream/addon project first :)
<apb1963> I like to ask on IRC first since it's often the case others here are using the same addon and have already figured out the answer.  But yes, that's my next stop now.  Thank you :)
<apb1963> nacc: actually, I did find this in the cups error log: E [01/Jun/2016:12:57:33 -0700] [Client 16] IPP read error: Invalid media name arguments.
<apb1963> sort of implies a configuration error
<drab> hi, are there any recommendations for backing-up a bunch of servers?
<drab> I'm leaning toward using rsync with hardlinks, there's a couple really good scripts out there, or maybe backupninja
<drab> the main problem I'm facing is how to get to the data
<drab> in a push model, I'd have to have each server hold a ssh private key and put the pub on the backup machine
<drab> in a pull model I need to get in as root to be able to fetch /etc or other root-only pieces of the fs
<drab> is there a known-better pattern to do this?
#ubuntu-server 2016-06-02
<YamakasY> anyone doing some decent kernel management with puppet ?
<LeMike> hello. how do I see the inbox of another user via terminal? I can cat his /var/mail/foo file but due to the chunks I can not read it. Is there a command like mailq to read the mails of another user?
<caribou> nacc: rbasak: I think I will need help with the new usd-import git repo created for kexec-tools
<rbasak> caribou: for a merge?
<caribou> rbasak: yes, I'm testing the new procedure from nacc's usd-import tree
<rbasak> nacc and I spent a while yesterday figuring out how to do a merge using the new structure. It is non-trivial.
<caribou> rbasak: (I've done the merge using the previous method )
<rbasak> Our conclusion is that we need a tool that will take the imported tree and produce a branch that has no merge commits that is suitable for rebasing.
<caribou> rbasak: for some reason, I'm checking out ubuntu/yakkety, rebasing -i, reset HEAD^ and I get a version that is way past the last merged version
<rbasak> It will probably start with a commit from Debian (git merge-base debian/sid ubuntu/yakkety) and then cherry-pick using -m back up to ubuntu/yakkety).
<rbasak> Then that should be familiar against the old process.
<rbasak> Otherwise rebase gets really confusing since most commits are merge commits. It sounds like that's what you're hitting.
<caribou> rbasak: yes, looks like that
<caribou> rbasak: will try that
<rbasak> caribou: so I did:
<rbasak> git checkout -b master abb0083a5ad0b9e25c0f08a8d08758ed0922d553
<rbasak> git cherry-pick -m 2 4715d38
<rbasak> git cherry-pick c92c1ce
<rbasak> That seems to work. As a sanity check, this should produce no output:
<rbasak> git diff origin/ubuntu/yakkety
<caribou> rbasak: let me try that
<rbasak> And now you can "git rebase debian/sid" and it should just work (no --onto needed)
<rbasak> I get merge conflicts but that's as expected. To avoid the debian/changelog ones, it's necessary to do the full reconstruct and logical steps.
<caribou> rbasak: ok, let me try that method on my kexec-tools merge that I will compare with the previous one I did & document the steps
<caribou> rbasak: then you guys can review the document & see if I'm right, then we can append the doc somewhere
<jonah> Hi guys I just wondered if anyone could please help. I have just installed 'smartmontools' on my backup server just to keep an eye on the disk errors etc. I've also set to run it as a daemon on startup. The thing is in the config  file it says it will email errors to my root user... Does anyone know how I set mailx to email me on a different email address or set the root user/sudo user (whichever it will email) to have a forwarding email so
<jonah> I don't have to ssh into the backup server and type mailx to check for local mail. I instead just want to get it in my normal mail inbox...
<jonah> Sorry for the long question
<jonah> hope it makes sense...
<brigante> jonah, which config file are you referring to? /etc/defaults/smartmontools?
<jonah> brigante: yeah that's the one
<rbasak> jonah: set up an MTA to forward all mail to some other system. I configure exim for this.
<rbasak> jonah: here's my exim4.conf as an example: http://paste.ubuntu.com/16918668/
<rbasak> All my non-email servers use this to forward all root mail to me.
<brigante> surely you could just change the setting from root to your email address?
<brigante> rather than forwarding
<brigante> like in crontab
<rbasak> That requires a working MTA still.
<brigante> sure but, apt install postfix is not exactly difficult
<rbasak> Or msmtp or something, but that will lose mail during network outages.
<rbasak> You still need to configure it, and you end up with a fully functional email server with mailboxes for every user, etc.
<rbasak> I don't want that, so I configure exim to only have a local root user and forward all root mail to me. This will catch mail generated by any daemon (eg. debconf).
<rbasak> One could set up root alias in the MTA, of course. I'm effectively doing this but more minimally.
<brigante> its a nice lightweight approach rbasak, but does it account for bouncebacks etc?
<brigante> when i need a server to email out, i always install postfix. no need tro setup users or anytrhing else
<rbasak> What bouncebacks?
<brigante> rbasak, you say you're forwarding mail to another mailbox, what if your mailbox is not reachable?
<brigante> will it queue the email, and re-try?
<rbasak> Yes.
<brigante> thats nice
<brigante> isn't exim a fully featured MTA anyway?
<rbasak> Yes, but its configuration is flexible. I'm configuring it minimally to do almost nothing.
<brigante> fyi - you dont NEED to configure postfix either
<brigante> out of the box it has a minimal setup
<rbasak> You get asked questions.
<rbasak> That's configuring it.
<brigante> haha
<brigante> i guess
<brigante> 1) Internet site 2) enter bogus server name... config complete
<brigante> but always nice to know of alternatives
<rbasak> and that's what leads to stuff like https://bugs.launchpad.net/ubuntu/+source/postfix/+bug/1576978
<ubottu> Launchpad bug 1576978 in postfix (Ubuntu) "package postfix 3.1.0-3 failed to install/upgrade: il sottoprocesso installato script di post-installation ha restituito lo stato di errore 75" [Undecided,Invalid]
<rbasak> The bug tracker is full of these.
<brigante> there will always b users tho
<brigante> some bnetter than others
<brigante> better*
<brigante> i hear what you're saying though, less config is good
<brigante> im not sure we helped jonah tho
<brigante> rbasak, do you know much about iproute2 or networking in general?
<brigante> i have a very strange scenario on one of my servers i'd like to run by someone to check im not going insane
<brigante> jonah, type in man smartd.conf
<brigante> the -m flag allows you to email any email address, i.e. -m admin@example.com
<coreycb> beisner, qemu 1:2.2+dfsg-5expubuntu9.7~cloud4 is ready to be promoted to kilo-updates
<caribou> rbasak: nacc: done with the kexec-tools merge using your imported repository. MP is in LP
<jonah> brigante: hi sorry I just had to go for a bit there, i'll just read what I've missed!
<jonah> brigante: ok thanks for all those comments and the pastebin... so in that conf file could I just change the -m root to -m emailaddress@addres.com etc?
<brigante> jonah, that should do the trick mate
<brigante> BUT you will still need an MTA (like postfix or exim)
<brigante> otherwise you have no running SMTP server, which is required to send email
<jonah> brigante: ok I've changed that line and changed root to just an email address, that's awesome thanks. But what about the -M exec bit, will this need removing or does it do anything by default on ubunt server?
<brigante> jonah,  /dev/sdc -m admin@example.com -M test
<brigante> sends a test to admin@example.com
<brigante> im just reading the man pages here, i dont really know
<jonah> brigante: thanks, really appreciate the help
<brigante> no problem
<jonah> brigante: just tried the test but it says "Unrecognized option: m"
<jonah> brigante:  is this the right command sudo /dev/sda -m myemail@gmail.com -M test
<brigante> no it wont work from the command line
<jonah> brigante: or is that because I need to install postfix?
<brigante> you have to put it in the smartd.conf
<jonah> brigante: ah ok
<brigante> then when you run `service smartmontools restart`
<brigante> it will send the test email
<jonah> brigante: so you put that in smartd.conf instead of the normal command and do the servrice restart, ok will try it thanks
<brigante> but you should `apt install postfix` first
<rbasak> caribou: process-wise that looks great! How was it for you? Would you like me to review the merge itself?
<jonah> brigante: ok I've add postfix and it's asking if it is 'Internet Site' 'Sattelite system' etc do I just use Internet Site?
<caribou> rbasak: a review would be nice indeed. not much delta so it should be quick
<rbasak> OK I'll do it now.
<caribou> rbasak: process-wise, I find it clearer, once I had your clarifications
<caribou> rbasak: I just sent a request to import corosync so I can test it again
<brigante> jonah, chose internet site
<caribou> rbasak: & see if I can figure out how to get started myself
<jonah> brigante: ok thanks and just leave the System mail name as the name of the machine?
<brigante> yeah thats fine, unless you plan on using a domain name you actually own
<brigante> if so, use that
<brigante> jonah, when your server sends email out, it will be from [user]@[the domain you use]
<caribou> rbasak: it's easier not to have to worry about the ./git ./gitwd directories
<jonah> brigante: hmm tried that and now the service smartmontools restart won't work, it just says fail...
<brigante> jonah, `tail -f /var/log/syslog` should shed some light as to why
<brigante> probably a bad line in your config
<brigante> leave tail running, then restart smartmontools in another terminal window
<jonah> brigante: I ended up rebooting and now it will restart but weirdly the test email doesn't come through...
<caribou> rbasak: btw, regarding the merge proposal, I wasn't sure about the "preference path" to be used for the MP. Used debian/sid as was shown in the screen capture
<brigante> jonah, type `mailq`
<brigante> any mail queued?
<jonah> brigante: mail queue is empty...
<jonah> brigante: maybe that test command line is a bit wrong somewhere, I tried both DEVICESCAN /dev/sdc -m myemail@gmail.com -M test
<jonah> brigante: and without DEVICESCAN in front too...
<rbasak> caribou: you don't have to use xgit git/gitwd if you don't want to. None of the tools require it. I find it handy to not worry about the .git directory being inside the working tree, that's all.
<brigante> jonah, you do have a /dev/sdc right?
<caribou> rbasak: yeah, I kind of like this fact.
<brigante> jonah, type in `lsblk` to show your block devices (disks)
<rbasak> caribou: thank you for the note about MP creation. I'll take a look. I've not tried it myself yet so I'm not sure what you mean, but your MP looks reasonable to me. It's showing the new diff against Debian, which seems reasonable. For more diffs I had to clone your repo, but that also seems reasonable.
<jonah> brigante: that brings up sda, sdb, sdc and sdc and all the raid partitions and such too as well as md1,md0 etc
<brigante> ok kool
<brigante> just checking
<jonah> brigante: thanks...
<brigante> jonah, i would test your MTA is working correctly
<caribou> rbasak: btw, you'll see a few results of the multiple questions I asked two weeks ago about removing conffiles, etc
<jonah> brigante: right... what's the best way to do a test?
<brigante> `mail -s "testing!" your@gmail.com
<brigante> then type A BODY OF THE MESSAGE
<brigante> THEN PRESS CTRL+D
<brigante> oops caps lock
<jonah> brigante: ok and it just says EOT
<jonah> brigante: ah yes got that email in my gmail ok, just comes through as root@servername
<jonah> brigante: so mail must be ok...
<brigante> bingo
<brigante> so your mta is fine
<brigante> must b problem with smartmontools
<brigante> the line without DEVICESCAN is the correct one i think
<brigante> not sure why its not working for you
<jonah> brigante: ah found this: http://serverfault.com/questions/426761/is-smartd-properly-configured-to-send-alerts-by-email
<brigante> hmmm seems to differ to the man pages
<brigante> i hope you get to the bottom of it
<jonah> brigante: could it be because I've just uncommented DEVICESCAN -d removable -n standby -m EMAILADDRESSHERE  -M exec /usr/share/smartmontools/smartd-runner
<jonah> brigante: but haven't uncommented anything else? or that that line doesn't work with just "removable" there...?
<jrwren> be sure to file a bug if the man page is wrong.
<jonah> brigante: maybe I don't need that line at all and should just uncomment this line DEVICESCAN -S on -o on -a -m myemail@mydomain.com -s (S/../.././02|L/../../6/03)
<brigante> i would comment out the line with EMAILADDRESSHERE
<brigante> and yes, uncomment the latter
<brigante> replace the eail address with your own
<brigante> email*
<jonah> brigante: but the line with EMAILADDRESSHERE was the one that doesn't seem to work for me...
<brigante> jonah, comment out means put a # at the start so the program IGNORES the line
<brigante> i.e. ignore the line that doesn't work
<brigante> uncomment, means remove the hash from the start of the line so the program uses it
<jonah> brigante: ah got it working i think...
<brigante> with that -M test line it should send a test email everytime the daemon is restarted
<jonah> brigante: all it was is that DEVICESCAN doesn't work for me. So I ended up adding a line for each drive like in this tutorial: https://blog.shadypixel.com/monitoring-hard-drive-health-on-linux-with-smartmontools/
<jonah> brigante: then when I added the test line at the end of each of those lines I get an email! thanks for helping me out!
<brigante> haha excellent
<brigante> you're welcome dude
<jonah> brigante: thanks again, we got there in the end
<brigante> now if only i could get some help with my problem...
<doublel93> hey, I installed ubuntu 16.04, shouldn't python be there by default ?
<brigante> I have a server with 3x physical network cards. Each card has 1x IP address all in the same network 192.168.0.0/24. Each NIC is wired to the same switch. The problem, when I ping the IP addresses: ALL traffic goes to eth0... wtf
<brigante> doublel93, probably
<brigante> doublel93, i just installed 16.04 on my laptop and i have python 2.7
<jonah> brigante: good luck, I wish I could help you with that one, just one network card for each server for me...
<brigante> jonah, thanks mate. I have never run into this situation before. its a real conundrum
<doublel93> I come from a centos background, on installation centos ask you for ip, gateway,... of the server, in ubuntu 16.04 it didn't ask me anything about it, how do you go about changing them in ubuntu ? is there a wizzard ?
<brigante> doublel93, no - edit /etc/network/interfaces
<doublel93> ok thanks
<sdeziel> brigante: if you want your 3 NICs to be in the same network, you probably want bonding https://help.ubuntu.com/community/UbuntuBonding
<brigante> sdeziel, thanks, would that make my 3x NIC's into 1x 3Gbit NIC?
<sdeziel> brigante: kinda ;) It depends on the way you setup your bond
<kyle__> How do you stop dnsmasq-dhcp from responding?  service dnsmasq stop claims to kill it, and I see no processes running, but the damndable thing is still consuming dhcp requests as noted in syslog
<doublel93> ifconfig -a | grep eth is showing 0 results, this is a new installation, is there something that needs to be configured ?
<genii> doublel93: Network devices now get unique names similar in principle to UUID scheme of hard disks. So you will not see names now like eth0 eth1 and so on. You will see a name like enxff99ee88 with 3 letters and then 8 characters of it's physical MAC address, or a similar name to this
<doublel93> I found ens32
<doublel93> still googling why =p
<genii> doublel93: The basic idea is same as why UUID for hard drives. So that each device has a universally unique name and cannot be used by mistake
<kyle__> Internally, they're actually still called eth#.  udev renames them by default now.
<Odd_Bloke> doublel93: See https://www.freedesktop.org/wiki/Software/systemd/PredictableNetworkInterfaceNames/ :)
<ogra_> "predictable"
 * ogra_ always found that a good joke :P
<kyle__> You can pin which devices goes to which device by MAC address
<genii> I blame Dell.
<kyle__> ogra_: Like most things the udev/systemd team have pushed, It makes sense in some slim selection of cases, and confuses the hell out of every other one :P
<patdk-wk> harddrives don't have uuid
<patdk-wk> they have wwn
<ogra_> kyle__, yep
<kyle__> patdk-wk: I thought wwn was scsi or iscsi only actually....
<patdk-wk> wwn is scsi
<patdk-wk> harddrives don't have uuid
<patdk-wk> sata has nothing
<patdk-wk> filesystems have uuid though or something else, depending on the filesystem
<patdk-wk> the names of my nics are really annoying now, enp3s133f1
<kyle__> sata & ata do have serial numbers.  Not sure if those are always in the same place though.
<patdk-wk> they don't ALWAYS have serial numbers
<ogra_> patdk-wk, what ? and you didnt *predict* that name ?!?
 * ogra_ grins
<kyle__> patdk-wk: What's fun is a naming/renaming but in the 14.04 installer, that occasionally fails to rename all the nics if you have > 4.
<patdk-wk> nope, that name changes based on the pci slot it's plugged into
<patdk-wk> the 133 is the pci slot id
<kyle__> "Oh, I have rename7 again, guess i have to reboot the installer and hope for better luck"
 * kyle__ grumbles
<patdk-wk> I don't understand why there is a renamexxx at all
<patdk-wk> it has done nothing but screw up systems since before trusty
<patdk-wk> I know I filed a bug about it, it was *fixed*, but problem continued
<patdk-wk> think it got marked as a wont fix
<Odd_Bloke> If only there were some way that those interfaces could get predictable names so this wasn't an issue. ;)
<genii> If you have scripts that used to do something with an interface and relied on the names being eth0 eth1 and so on, it gets pretty annoying
<genii> To revert though, you just need net.ifnames=0 in GRUB
<brigante> i tend to use udev rules to specify my own names for nics
<brigante> bind the name to the mac address
<genii> That was the way before, yes, edit /etc/udev/rules.d/70-persistent-net.rules but it no longer works unless you disable the net.ifnames
<patdk-wk> I had never had an issue with the old way
<patdk-wk> using udev to match the nic name to the mac address
<compdoc> 70-persistent-net.rules could get screwed up if you swapped nics, or installed new ones
<patdk-wk> how so?
<brigante> genii, i just setup an 16.04 server and used udev rules without the grub flag set... seems to work fine
<patdk-wk> never had it happen
<patdk-wk> if you swap nics, just update the mac with the new one, reboot, done
<brigante> patdk-wk, maybe if you remove the nic before updating udev, i guess it might hang on boot?
<patdk-wk> it won't hang at boot
<brigante> ofc it just wont rename the missing nic
<patdk-wk> yep
<brigante> so whats the point of the grub flag again?
<patdk-wk> if it hangs cause a nic is missing, your system has very bad boot scripts installed
<brigante> agreed
<genii> brigante: Because the interface naming is now in the kernel, it turns that off
<patdk-wk> kernel? or systemd?
<brigante> so if i dont set udev rules, eth0 is renamed by the kernal to enps0lmnop32xyz ?
<brigante> and if i set the grub flag, it will remain as eth0 ?
<teward> this may sound a little odd, but is there any decent guide for setting up an email server, complete with antispam and antimalware solutions, from a pure Ubuntu box?  Would more or less be a 'to learn how everything works' thing, but need to start somewhere :P
<brigante> teward, check out the tutorials on digitalocean.com
<genii> patdk-wk: It was coming in before upstart->systemd, so it's not something systemd
<patdk-wk> but that used to be the biosdev??? package before
<patdk-wk> I haven't looked in 16.04 though
<genii> patdk-wk: Yes, but now it is not
<patdk-wk> but in 14.04 you just uninstall that, and done
<genii> biosdevname is a package you could uninstall or tell GRUB biosdevname=-1 or =0. But now it's in kernel, so you need either edit sysctl.conf or GRUB
<patdk-wk> sysctl.conf would be seriously late to adjust a kernel eth rename
<patdk-wk> I still don't believe it's kernel thing though
<brigante> interesting
<patdk-wk> cause my 16.04 system boots with eth?? devices
<patdk-wk> and it renamed them later
<patdk-wk> if it was kernel, the eth?? would have never existed to start
<brigante> i got one for you guys: i recently tried to move my LVM pv's into an encrypted partition which used luks, i rsync'd my boot partition out of LVM to /dev/sda1, ran grub-install, everything seemed OK. But on reboot, I was not prompted to unlock the crypt and grub sat there asking "where's the root drive?"
<brigante> how do you tell ubuntu that its root is inside a crypt?
<patdk-wk> brigante, did you bother to tell grub it is?
<patdk-wk> there is some good adjustments you have to make :)
<nacc> rbasak: caribou: i've got the script working with our exim4 example, at least
<nacc> rbasak: caribou: didn't get a chance to push last night, as i was still testing the parent overrides, let me finish that and push it up and you should be able to use the same script with corosync
<brigante> patdk-wk, perhaps this is what i'm missing...
<patdk-wk> says here, the nic renaming is systemd
<nacc> rbasak: the override seems to have worked for clamav (not exim4 as mentioned above, sorry!) so that's good!
<caribou> nacc: I've already merged i the traditional way (only one patch delta) so it'll be quick to test
<brigante> whats the deal with systemd in ubuntu anyway, it seems half in half out
<nacc> caribou: yep, was just reading the backlog :)
<nacc> caribou: the script basically encapsulates the manual commands rbasak gave for git
<brigante> no netctl for example (that is a systemd component right?)
<nacc> netctl is an ... arch linux thing?
<brigante> nacc, im fuzzy on it tbh, i've only ever used it in arch so maybe
<nacc> brigante: systemd is (aiui) 'fully' in ubuntu...
<patdk-wk> systemd-networkd to be specific
<brigante> i must have my wires crossed then
<brigante> thanks nacc
<brigante> i thought systemd was taking over everything
<brigante> systemd alarm clock etc
<patdk-wk> I thought it already did
<patdk-wk>  Ican't believe how many CVE's it *reopened* for past systems that solved these problems years ago
 * patdk-wk looks at systemd dns resolver
<Odd_Bloke> genii: patdk-wk: The renaming is systemd, but it isn't networkd (which Ubuntu does not yet use).
<patdk-wk> hmm
<patdk-wk> ya, I knew it couldn't be the kernel atleast
<Odd_Bloke> (It may be in the networkd code, but it doesn't require networkd to be running)
<brigante> Odd_Bloke, does networkd contain the netctl command? and is part of the systemd family?
<genii> Interesting
<brigante> or is netctl specifically an "arch thing"
<brigante> im still fuzzy
<brigante> i quite like netctl
<brigante> ok i just checked, netctl is arch specific and nothing to do with systemd/networkd
<doublel93> I modified the "interfaces" file and installed openssh-server, how can I see if my server actually has the ip I set ?
<brigante> doublel93, run `ip addr`
<brigante> doublel93, also run `ss -ntlp` to see if SSH is listening
<doublel93> brigante: it is listening on *:22,  instead my ens32 interface says inet 192.168.1.161/21 brd 192.168.1.255 scope global ens32 (I tried to set it to 192.168.1.48)
<EmilienM> coreycb, jamespage: FYI: module some issues we ignore now (documented on https://etherpad.openstack.org/p/puppet-openstack-xenial) - we now gate on Xenial (and not trusty anymore) for our master (current newton). But still deploy Mitaka.
<brigante> doublel93, you may need to `ifdown ens32` and then `ifup ens32` to get the new IP
<EmilienM> coreycb, jamespage: any ETA on "be able to test newton repo"?
<doublel93> brigante: nothing changed
<brigante> doublel93, try a reboot
<brigante> thats one thing i dislike about ubuntu/debian... how the fudge do you restart networking properly
<brigante> `service networking restart` seamingly does nothing
<Odd_Bloke> brigante: Well, it does an ifdown/ifup. :p
<brigante> i always end up rebooting... someone tell me there is a better way? im not talking about setting up manually using iproute2 commands either... how do you tell ubuntu to reload the /etc/network/interfaces config?
<brigante> Odd_Bloke, lol
<coreycb> EmilienM, \o/ on the xenila move.  newton pkgs should be in proposed a few days after upstream releases newton b1, which should happen any day now.
<doublel93> brigante: even after a full reboot it didn't change, I just came to ubuntu from centos, such a pain
<brigante> doublel93, is that a DHCP address?
<EmilienM> coreycb: ok cool
<doublel93> brigante: this image is what I did https://mjmckinnon.files.wordpress.com/2016/05/edit-interfaces-file.png?w=776&h=454  ,  except I used the ens32 name
<coreycb> xenial, that is
<brigante> doublel93, that looks fine to me
<brigante> double check your config doesn't have dhcp instead of static defined
<doublel93> brigante: address is the one that has to become 192.168.1.48 right ?
<brigante> yup
<brigante> Odd_Bloke, so how do you reload the /etc/network/interfaces config? or do you just reboot like me?
<brigante> ubuntu seems to be stuck in the past when it comes to network configs, probably the fault of debian
<doublel93> brigante: ok I feel stupid, that was it dhcp was left
<doublel93> but now I have 2 in ip addr, global and global secondary, is that good ?
<nacc> brigante: keep opinion to #offtopic, please :)
<nacc> brigante: rebooting to restart networking is ... not sane, I would be surprised if that was actually required
<brigante> nacc, apologies i will refrain from opinion comments
<brigante> nacc, so what is the advised way to reload the networking config?
<brigante> ifup, ifdown, service networking restart all seemingly do nothing
<nacc> brigante: does `service networking status` indicate it is active?
<brigante> other than using iproute2 to specify the same thing as the config i dont see a way...
<brigante> nacc, yes, active
<brigante> active (exited) to be precise
<brigante> perhaps it requires the `reload` argument
<brigante> rather than restart?
<doublel93> ok I have finally solved that problem thanks a lot, how can I doublecheck that I'm using my dns server now ?
<brigante> doublel93, use the dig command
<nacc> brigante: then i expect a `service networking restart`  to dtrt, but you can laways check that
<nacc> stop followed by start does work
<nacc> in my case, in a simple lxc container, stop brings down the interfacae and a start brings it back up
<brigante> nacc, yikes, good luck doing that remotely :)
<nacc> brigante: i assume if you're mucking with networking, you have another means of access (serial console or otherwise)
<doublel93> brigante: I do not see any of my dns, (the dns server is configured on another one), dns-nameservers 192.168.1.67  was the right option to change to point to that ?
<brigante> not always, i have rented dedicated servers in the past without serial access
<brigante> alas, thats why virtual machines are a god send tho
<brigante> still seems odd that a `restart` doesn't actually do anything
<nacc> brigante: it does seem like `service networking reload` will do what you want
<brigante> aha
<brigante> well thats good to know
<nacc> brigante: but i don't see why that is safer if you've chagne the config
<nacc> for remote modifications
<brigante> if you `service networking stop` you cant start it again as ssh will drop...
<brigante> hence reload is much safer imho
<nacc> also, `service networking restart` absolutely does something here, so i'm not sure what your config is like
<brigante> hmmm perhaps its fixed in latest ubuntu
<brigante> i've been using ubuntu since v6 and it has bugged me for years
<nacc> brigante: what version are you on?
<brigante> 16.04 currently, but still manage servers with 12.04 and 14,04
<nacc> 16.04 is the latest, and was what i was testing on (in a container)
<brigante> i will test now too
<JanC> teward: https://help.ubuntu.com/16.04/serverguide/email-services.html has the basics
<teward> JanC: thanks
<brigante> nacc, nope. it does nothing, either `reload` or `restart` doesn't update the interface
<brigante> i incremented the last octet in the static ip address by 1, tried to reload/restart, and I get the same IP i had on boot
<brigante> for a minute i thought i had been a fool for many years...
<brigante> i'd happily be the fool if someone can tell me the correct way to do this without a reboot or using iproute2 commands
<brigante> nacc, what test did you run?
<nacc> brigante: both reload and restart and checked what syslog said
<brigante> nacc, try the test I just did. change the ip address.
<brigante> this is what im talking about. reloading the config
<brigante> just cos syslog says "it worked" doesn't mean your IP address has changed
<nacc> no ... but asserting it doesn't do anything is also false ... :)
<nacc> that's all i was checking
<brigante> lol fair enough
<brigante> i'll chose my words more carefully, blimey...
<nacc> brigante: :)
<nacc> brigante: let me change the lxc config
<brigante> i have not tested or tried lxc
<nacc> brigante: well, odd, lxc started with dhcp, so it is refusing to give up the lease, but adding a static gave the device a second ip as configured on networking restart
<nacc> brigante: unfortunately don't have more time to spend on it right now
<brigante> nacc, well thanks for clarifying. this "bug" has occured in every version of debian and ubuntu i have ever used
<nacc> brigante: and i've never experienced it :)
<nacc> brigante: which isn't a good case, just saying i've not seen that issue
<brigante> it seems most people haven't
<brigante> who knew that changing an IP address was such a specialist thing lol
<nacc> given the nature of cloud deployments, i would also think many configs are using dhcp or don't really care about the networking details, as long as its routing properly -- dunno
<brigante> nacc, perhaps dude. it's just always struck me as odd
<brigante> anyway - im off home now, thanks to everyone for their help today
<ddellav> coreycb can you take a look at keystone, It builds successfully for me after I updated the d/control for oslo-utils: lp:~ddellav/ubuntu/+source/keystone
<coreycb> ddellav, sure
<Yuri4_> Hi, guys! I have 2 servers. There is a folder /mount that has wordpress files that are syncronized accross servers via SMB 3.0 protocol. What is the best way to sync that folder with my Wordpress that is located at /var/www/html ?
<coreycb> ddellav, that should work
<ddellav> coreycb ok, ironicclient is also ready for review: lp:~ddellav/ubuntu/+source/python-ironicclient
<coreycb> ddellav, just changing back to 0ubuntu1
<coreycb> ddellav, ok
<ddellav> coreycb oh ok, i never know if i should step on someone elses commit message
<coreycb> ddellav, you wouldn't be
<coreycb> ddellav, if you clone it and it's UNRELEASED then that version wasn't ever uploaded
<ddellav> coreycb ok,  in keystone my changelog message was in the same block as yours and jamespages so i wasn't sure if updating d/control was enough to modify the version number
<ddellav> coreycb or did dch change it to 2
<coreycb> ddellav, keystone pushed, want to manually retrigger a build in jenkins?
<coreycb> ddellav, one for xenial and one for yakkety
<jrwren> Yuri4_: rsync or unison both sync folders very well.
<Yuri4_> jrwren, which one is better? Don't have rsync expirience and this is the first I hear of unison
<jrwren> Yuri4_: rsync is more widely used and it sounds like you are syncing 1 direction. use it.
<jrwren> Yuri4_: unison is better when changes might be in both places, a 2 way sync.
<Yuri4_> jrwren, yes! Thank you! The source folder /mount might become disconnected from time to time. Might that be an issue? Also, should I create a script that rsyncs changes every 20 seconds, or can rsync run forever?
<jrwren> Yuri4_: cron is a good tool for running periodic jobs.
<jrwren> Yuri4_: it is probably best to check that the folder is mounted and to do nothing if it is not mounted.
<Yuri4_> jrwren, no, I want it to be run constantly. But if the folder drops rsync won't delete everything, would it?
<Yuri4_> jrwren, basically it's for a WordPress website running on 2 linux VMs in Azure. From time to time Azure shuts down VMs for 30 minutes. I'm building a web site that should not go down
<jrwren> Yuri4_: there is no such thing as "constantly" unless you want "while true ; do rsync... ; done"  which I don't recommend.
<Yuri4_> jrwren, why not?
<jrwren> Yuri4_: IIRC there are wordprss plugins that move teh static storage out of the local filesystem. there maybe one for azure blobstorage. I'd recommend that.
<ddellav> coreycb ok i'll try heh
<Yuri4_> jrwren, thank you
<jrwren> Yuri4_: its a waste of cycles. Ideally you'd not do anything unless soething is written and changed. You could use inotify for that.
<jrwren> Yuri4_: but yes, look into not using local filesystem for those files at all. Its a great solution.
<wedgwood> I can't tell from https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1573231 when that patch will be released in AMI form. Anyone here have any idea?
<ubottu> Launchpad bug 1573231 in linux (Ubuntu Xenial) "Kernel Panic on EC2 After Upgrading from 14.04 to 16.04 via do-release-upgrade -d" [Critical,Fix committed]
<dannf> hey hallyn: would you mind taking a look at LP: #1566564 and letting me know if you have any objections to me uploading xenial SRUs?
<ubottu> Launchpad bug 1566564 in qemu (Ubuntu Xenial) "support query-gic-version QMP command" [Undecided,Confirmed] https://launchpad.net/bugs/1566564
<coreycb> ddellav, I'm working on a new python-hacking, that should fix up neutron for newton
<ddellav> coreycb awesome
<coreycb> ddellav, it looks like trove just needs it's patches rebased
<coreycb> ddellav, I'll let you do that one
<ddellav> coreycb ok, i'll take care of it
<coreycb> ddellav, thanks
<jdeler> hello guys i have registered a vhost on port 3000 locally and how can i start the server
<jdeler> i am lill new here for apache2 server
<Sling> jdeler: service apache2 start/stop/restart
<Sling> just like any other service
<sdeziel> nacc: if you could check my new debdiff attached to LP: #1570472, I'd really appreciate :)
<ubottu> Launchpad bug 1570472 in puppet (Ubuntu) "Set systemd as default service provider" [Undecided,Triaged] https://launchpad.net/bugs/1570472
<sarnold> lol "upstart is required to confuse Puppet"
<sdeziel> sarnold: don't laugh, I was really confused when my lxc container wouldnât let me reproduce the issue ;)
<sarnold> sdeziel: apparently it's also suitable for confusing sdeziel and amusing sarnold :)
<sdeziel> lol
<sdeziel> next time, I'll try to reproduce an issue before looking into patching it ;)
<sarnold> hehe
<sarnold> strange that the specific version numbers are listed, rather than allowing open end points
<sarnold> that's just going to need to be edited again in four months..
<sarnold> but hey looks like that's the way they chose to go
<sdeziel> I guess that's because they don't support "greater than" when there is a "." in the version number
<sdeziel> hmm, I'll update that debdiff to fix the changelog address
<ahi2> apache2 runs on different ports but only accessible from web on 80? anyone know why?
<sarnold> ahi2: check netstat -tnlp to see which addresses it is bound to -- and check your firewall, if one is installed, to see if those other ports / addresses are open
<ahi2> apache listening on 7950
<ahi2> firewall rule good
#ubuntu-server 2016-06-03
<BlenderPro> I connected to ftp server on windows from ubuntu using the command line ftp command I did succesfuly logged in but I'm stuck, can't upload full directories can someone help me
<sarnold> BlenderPro: how are you trying to upload the directory? have you set the binary mode? are you using correct active or passive mode?
<sarnold> man I forgot just how terrible ftp is..
<BlenderPro> I am using binary mode set with type but I don't know about passive or active
<sarnold> can you put a single file alright?
<sarnold> does it come through uncorrupted?
<BlenderPro> I can probably do that k I'll try
<BlenderPro> I have a question before
<BlenderPro> if I transfer a zip file should I go binary or ascii
<sarnold> binary
<BlenderPro> wow thanks
<sarnold> ascii changes the line endings of files
<sarnold> which will destroy nearly everything
<BlenderPro> ok I tried put and send command and I get permission denied on both
<BlenderPro> i try mkdir urt to create that directory and it can
<BlenderPro> I check on windows server and it has permission for files to be written for that lone ftp account
<sarnold> hmm, is the error perhaps coming from the local client rather than the remote server?
<JanC> sounds like you have an issue with Windows or the FTP software on it?
<sarnold> once you've logged in via ftp is the current working directory correct?
<BlenderPro> sarnold, the current working directory is the root directory of the ftp account or my local directory
<worm5er> Anyone online good with doing preseed partitioning schemes that I can discuss some challenges with?
<BlenderPro> and yes I think is a local error since the server termianl is not showing me any error other the previous command typed that was succesful
<JanC> BlenderPro: does your Ubuntu user have the rights to read those files?
<BlenderPro> it doesn't
<BlenderPro> is owned by root oh I missed that
<ShaRose> so, TIL if you ever install a linux image with --no-install-recommends, install the extra package
<ShaRose> because the stock package doesn't have such helpful features such as usb hid support. or networking.
<sarnold> hah I've screwed that up before too
<sarnold> filed the panicky bug report and all
<ShaRose> sarnold yeah, I was testing my 'install ubuntu to zfs root' walkthrough
<ShaRose> the guy who wrote the original never included it either
<ShaRose> it works in a VM
<ShaRose> tried it out on my hardware for the first time
<ShaRose> it's not on the network. I can't log in with the terminal.
<ShaRose> Mouse doesn't move, keyboard doesn't work
<ShaRose> reinstalled it like 5 times
<ShaRose> I could chroot in and do stuff, installed a BUNCH of extra packages I didn't need
<ShaRose> man, when I could log in as root....
<ShaRose> I was so relieved I took a massive dump
<sarnold> hehehehe
<hallyn> dannf: i didn't look too closely at the diffs - how much did you have to massage them?
<caribou> rbasak: regarding the kexec-tools merge comments, how do you want to proceed with the changes I applied ?
<caribou> rbasak: should I create new commits for the changes or include them in the existing logical commits & do a forced update of my git branch ?
<rbasak> caribou: that's a very good question. Since you are an uploader, for the process generally I don't mind. The idea would be that when you're happy, you push whatever set of commits based on debian/sid, tag it upload/<version>, and the importer will figure it out. So no need for an MP. But to exercise the process, for sponsors, and when uploaders want a review, we want an MP. In that case, when
<rbasak> reviewing, I think I'd prefer to see extra commits on the end, because then it's easier to re-review just the review fixes rather than the whole thing again. And in this case, I think it's fine to push those without rebasing again, since that's not really any different from uploading an ubuntu2 to fix things later. The person to merge next time will take care of squashing it down.
<rbasak> OTOH if the review really wants a rework than a few minor changes, then perhaps rebasing would be better. In both cases I'm interested to see what Launchpad does to the MP.
<caribou> rbasak: well, I have rebased the change so let see what it does
<caribou> rbasak: I have another question : how did you define that the first cherry-pick needed -m2 as an option ? Looks like I don't need it for corosync
<ddellav> coreycb lp:~ddellav/ubuntu/+source/openstack-trove
<ddellav> ready for review
<rbasak> caribou: see nacc's post to the ubuntu-server ML. Each imported commit can have up to two parents - the "changelog parent" and the "publishing parent". You want to find the changelog parent each time. -m selects the parent. I examined "git log --oneline --graph" to tell you which parent to use for each one.
<rbasak> caribou: nacc's newest tool should do this automatically now.
<rbasak> (as in, there's a tool that you can use to do this step and pick the right things and right parents to cherry-pick automatically)
<caribou> rbasak: ah, ok
<coreycb> ddellav, looks good, I've pushed that to the repo
<ddellav> coreycb ok i'll trigger a rebuild in ci
<coreycb> ddellav, ok
<Yuri4_> Hi, guys! I have 2 servers. Server1 is mater server for WordPress site. Ocasionaly server1 will go down. Traffic manager will redirect visitors to server2. How do I keep wordpress in sync across two servers? I can use intermidiary folder via SMB 3.0. But, that's about how far I could plan it.
<teward> does anyone know where Dovecot stores file attachments to emails when it's in imap format?  Does it store them as raw bytes in the mnox itself, or...?
<andol> teward: The last time I checked it didn't do anything special with the attachments. Yet, seems simple enough to check for yourself?
<RoyK> teward: afaik it uses maildir format (imap is a protocol, not a format), and with maildir, all mesages are stored in separate files. attachments are not separated from the message
<teward> RoyK: this one's configured for mbox, does that still apply?
<andol> RoyK: Well, Dovecot can use a bunch of different storage formats: http://wiki2.dovecot.org/MailboxFormat. Technically one even being imap, even if I don't think that was what was meant.
<teward> andol: i meant how it would store the attachments in the mbox format, not in the protocol
<teward> but point doesn't change, I still have to figure out whether it's storing attachments in the mboxes (inbox mailbox) or if it's storing it in directories
<andol> teward: Just look in the files, and you'll. Also, I'm almost entirely certain that the attachment is stored as part of the message.
<ogra_> they are usually uuencoded inside the single mail
<ogra_> no matter if it is mbox or maildir
<teward> andol: I'll have to get permission from the manager to dig around in there, I was hoping that was the case though
<teward> ogra_: that's what I thought as well, but doesn't hurt to ask
<RoyK> teward: mbox is jut one huge file with every message in that file
<RoyK> teward: mbox scales horribly badly
<teward> RoyK: yes, it does.  I didn't set this up heh
<teward> but i think i have the answer I need
<teward> :)
<teward> thanks
<ogra_> you can convert it
<RoyK> np
<teward> y'know, that would explain some of these MBOX files being 32GB+ in size, if it's all attachments lol
<teward> if it's stored in the message heh
<RoyK> teward: convert it to maildir - it'll help a bit
<teward> RoyK: first task: get it from an ancient 9.04 to a newer 14.04
<teward> s/9.04/9.10/
<RoyK> hehe
<teward> RoyK: gotta move everything and get it working
<teward> THEN we can worry about maildir conversion lol
<RoyK> first upgrade to 10.04, it should be easy with the right repos
<RoyK> then do-release-upgrade to 12.04, then to 14.04
<RoyK> or perhaps the quickest way - setup a new vm and install the needed software and move the data :P
<teward> RoyK: doing the last one
<teward> actually tried the first route; didn't work well
<teward> E:BOOM
<teward> so...............
<teward> yeah
<teward> doing it the old manual way
<teward> with rsyncs to get mailboxes, user homedirs moved
<teward> manually porting the configs over to newer dovecot...
<teward> and testing during the next maintenance period >.<
 * jrwren twitches thinking about old mail servers adn large mbox
<teward> jrwren: fun-fact: I've been doing this for some time now heh
<jrwren> teward: 20+yrs I'll bet ;]
<teward> jrwren: well, i meant this project ;)
<teward> i'm not *that* old :P
<jrwren> oh. well, I am :p
<teward> jrwren: indeed, and I admit when I don't know things... oh wait, this is what IRC and Internet support is for :)
<jrwren> teward: sounds like a nice area ready for lots of improvement and improvement is fun.
<teward> jrwren: first rule of IT: you can't know everything
<teward> second rule of IT: you will always learn new things
<teward> third rule: don't anger sysadmins, they have evil vengeful wrath
<jrwren> fourth rule: sysadmins are worse than lawyers, treat them as shakespear would.
<teward> heheh
<teward> fifth rule: cryptolocker sucks, if you get it, RUN
<teward> (in windows enviros)
<RoyK> https://xkcd.com/705/
<RoyK> (about sysadmins)
<jrwren> lol
<coreycb> ddellav, neutron should be back in shape, it needed a new oslo.cache.
<ddellav> coreycb why did it build successfully locally? Am I not checking out the right repo or something?
<ddellav> sbuild, yakkety, master branch
<teward> RoyK: lol
<RoyK> teward: not run - just restore from backup ;)
<teward> RoyK: unless the backups are also crypto'd
<coreycb> ddellav, I'm guessing you didn't use a snapshot orig tarball based on the latest upstream commits
<jelly> s/RUN/restore from backups/;
<teward> heard that happened to someone recently :P
<jelly> hah
<RoyK> teward: I've seen that happen
<RoyK> teward: with people just finding out "oops - my x months old data has been overwritten"
<teward> heheh
<ddellav> coreycb ah ok. *facepalm*
<coreycb> ddellav, heh
<jelly> teward: it happened to $employer with a machine from someone in upper mgt who had access to LOTS of file server dirs.  Whoops, restore tens of thousands of files for 3 days.
<coreycb> ddellav, btw for trove it looks like it might just need more patches rebased
<ddellav> coreycb ok, when I ran quilt push -a it only showed 1 patch that had a single fuzzy match so i fixed that.
<ddellav> coreycb but again, that was using the master branch of the packaging repo instead of the latest tarball
<ddellav> so i will look again
<coreycb> ddellav, hmm. oh so same situation probably.  you'll need to generate the snapshot tarball.
<coreycb> ddellav, yeah, use master branch + snapshot tarball
<blizzow> I'm doing an upgrade from 15.10 to 16.04.  The upgrade hangs during udev installation.  It hangs when trying to add the group 'input'.  If it exists, it complains that the group exists and says "Exiting." and sits. If the group doesn't exist, it adds the group says "Done." and never moves on. Anyone know how I can get past this? It's a real pain in the junk.
<dabaR> Hello. I'd like to change the server's hostname so that the prompt is different. Or does just changing prompt pattern in .bashrc seem like a better idea for that? What kinds of things does server hostname affect?
<sdeziel> dabaR: if you only care about the prompt, I'd only change PS1 in your ~/.bashrc. It's much less intrusive than changing the hostname
<dabaR> Thanks
<blizzow> ugh xenial upgrading is so brutal! freezes while removing console-common, freezes while upgrading udev, errors processing the lvm2, mdadm, lybsystemd, systemd, console-setup-linux. Whoever decided that 16.04 should be released with a completely b0rked upgrade path to wait until 16.04.1 should be tarred, feathered, and ridden out of the community on a rail.
<jelly> what else should have they done, considering noone did the work to fix said upgrade path?
<blizzow> Oh, and whoever decided that UTC should be removed as a timezone choice during installation should be put in a stockade and prodded with hot pokers.  Choosing Iceland as your location totally screws the installation language.
<dabaR> So you're saying you upgraded before 16.04.1 against explicit warning?
<blizzow> dabaR: I got a notice saying that a new release was available, there was no explicit warning during the release process.  I shouldn't have to come to IRC and/or scour the web for "explicit" warnings as such.
<blizzow> jelly: If the work was going to eventually be done (to release 16.04.1), then the whole release cycle should have started at that point. In any case "STABLE" should not be released with a broken upgrade path.
<blizzow> I'd understand unstable having a broken upgrade path, but stable? c'mon.
<jelly> ok, so you think they ought to have delayed the release to 16.07?
<dabaR> blizzow: mine did not. I tried upgrading a 14.04 a week or so ago, and it told me nothing is available
<dabaR> Then I googled, cause I knew it was available, and then I found some mention of not recommending upgrade
<jelly> what's the alternative you're proposing there, except for "magically conjure engineers to fix do-release-upgrade in time"
<dabaR> How did you upgrade? with do-release-upgrade, or?
<sdeziel> dabaR: that's because LTS only offer to upgrade to the next LTS when it has reached the .1
<dabaR> Sorry to hear about your server, BTW
<dabaR> Ah, so blizzow upgraded from something that was not the LTS?
<sdeziel> I would think so
<jelly> I've done a trusty->xenial myself, with the appropriate option given to d-r-u but I did not complain about breakage because it's KNOWN to be broken
<blizzow> jelly: my alternative is not to release something labeled stable LTS until it's damn well good and ready.
<dabaR> blizzow: did you upgrade from 14.04, or which version?
<blizzow> Done both 14.04 and 15.10.
<\9> 14.04 doesn't let you upgrade to 16.04 without using the -d switch, which is a well documented debug option
<jelly> blizzow: it was well good and ready for the initial installations, and it was well documented when release upgrades would be ready
<genii> It's not a bug. LTS to LTS option should not kick in until after first point release
<genii> If you used -d option on do-release-upgrade right now, it would take you to the development version which is Yakkety
<jelly> genii: that does not cover the 15.10->16.04 upgrade tho
<coreycb> beisner, ceilometer 1:5.0.3-0ubuntu1~cloud0 and keystone 2:8.1.2-0ubuntu1~cloud0 are ready for promotion to liberty-proposed
<coreycb> beisner, and python-os-brick 0.5.0-0ubuntu3~cloud0 is as well
<beisner> coreycb, ok those are promoted to liberty-proposed
<coreycb> beisner, thanks sir
<beisner> coreycb, yw sir :)
<nacc> blizzow: i'm sorry you had a bad upgrade experience. As mentioned earlier by others, 15.10 -> 16.04 should work, if you could provide steps to reproduce or file a bug that would be great. 14.04 -> 16.04 is not supported (14.04 -> 16.04.1 will be), and none of the tools out there should be offering it by default.
<newbsie> I setup basic firewall/ssh/fail2ban, but I can't login after a reboot. I followed these simple instructions http://dpaste.com/0MME0D9, anyone?
<newbsie> Everything works until a reboot.
<sarnold> newbsie: what error message do you get from the client? what's in the ssh logs on the server?
<newbsie> sarnold: problem is, I can't get to the server now so I can't see the logs. From the client, there is just a time-out.
<newbsie> sarnold: I tested the new account, and loggedin with a key fine, then did a sudo -i and configured the firewall, then reboot and dead.
<newbsie> There are only two things I can think of that can go wrong, which is the firewall, and the fail2ban.
<sarnold> newbsie: just hanging suggests that might be correct; when you netcat to port 22 on that machine do you get an ssh banner? (I expect nc to hang too)
<newbsie> sarnold: yup, just hangs
<sarnold> newbsie: is this on a cloud provider like amazon? perhaps you need to modify their security groups
<newbsie> sarnold: well everything works before the configuration, so I assume it has nothing to do with the cloud provider.
<newbsie> sarnold: is ufw, iptable based?
<sarnold> newbsie: okay, I just wanted to make usre that you'd tried the login from elsewhere rther than just on the local machine :)
<sarnold> newbsie: it is
<newbsie> sarnold: did anything stand out in the directions as a culprit? disallowing root login, and password auth shouldn't have any effect... and the firewall rules seem to be correct. Stumped.
<sarnold> newbsie: I thought perhaps the home directory or ~/.ssh/ directory ownerhsip/permissions might upset sshd but you're not even getting that far :/
<sarnold> newbsie: there's always a chance that it's fscking or something similar.
<newbsie> sarnold: I am playing around with this on DO, and this is like the 3rd time this happened, so something is wrong with the config I think.
<sarnold> newbsie: do they provide a console?
<newbsie> sarnold: interesting, the console works with a password login
<blizzow> nacc: Thanks for the condolences. The 15.10 upgrade path seems to freeze around udev/systemd (on at least two systems). I have no idea what's causing the issue though. As I mentioned before, terminal output gives an error saying something along the line of: group Input exists already, exiting. If I remove that group and try again, it adds the group, says done. and does nothing else. I see nothing in apt logs, ps output shows that udev is trying to re
<sarnold> newbsie: excellent! then you stand a chance of debugging this thing :)
<sarnold> blizzow: you were cut off at "trying to re"
<blizzow> trying to restart but I've let it sit overnight with no success.
<sarnold> blizzow: I suspect the "group input" thing is a simple warniing that you can ignore
<blizzow> I assumed so as well, but the hanging during upgrade is not something I can ignore.  Well, I can ignore it and reinstall from scratch on servers that fail upgrades, but jeez that sucks.
<sarnold> where there more impressive looking messages higher up the scrollback?
<newbsie> How do I verify the rules in ufw? When I do "ufw status", all I get is "Status: active". Every where else I look, it says it should show the rules....
<newbsie> OMG, I'm retarded. I didn't add the OpenSSH rules... and thus, no rules are showing.
<sarnold> d'oh
<newbsie> sarnold: thank you for your help... live and learn.
<sarnold> newbsie: all sorted? rebooted and everything? :)
<newbsie> sarnold: yup!
<sarnold> newbsie: nice :D
<newbsie> sarnold: thank God for the cloud console
<sarnold> newbsie: no kidding. some cloud providers don't have those consoles. I'm not sure how they survive. hehe.
<newbsie> sarnold: it is the sliced bread of cloud feature
<sarnold> hehehe
<nacc> blizzow: I upgraded my home laptop from 15.10 to 16.04, and have tried it in a few containers, and not seen that. It's obviously possible something is specific to your configuration that is causing that issue, it would be good to file a bug report and see if we can narrow it down that way
<cryptodan_mobile> newbsie: sudo iptables -L
<newbsie> cryptodan_mobile: thanks! :)
<teward> has anyone noted any weird apt/dpkg/systemd errors on package installations where dpkg fails because it gets an error code but the application is actually running when you check the status of the service?
<nacc> teward: i could see that happening potentially, depending on which stage the error happened at?
<cryptodan_mobile> teward: have an example
<teward> sure, there's at lesat two nginx bugs that fit that criterion
<teward> let me grab them
<teward> https://bugs.launchpad.net/bugs/1588972 most recent
<ubottu> Launchpad bug 1588972 in nginx (Ubuntu) "package nginx-core 1.10.0-0ubuntu0.16.04.2 failed to install/upgrade: telepÃ­tve post-installation parancsfÃ¡jl alfolyamat 1 hibakÃ³ddal kilÃ©pett" [Undecided,Incomplete]
<teward> another here: https://bugs.launchpad.net/ubuntu/+source/nginx/+bug/1582954
<ubottu> Launchpad bug 1582954 in nginx (Ubuntu) "package nginx-light 1.10.0-0ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New]
<OerHeks> 2nd one is for 16.10
<nacc> teward: looking
<teward> OerHeks: started in Xenial
<teward> then Yakkety opened, kept going, same symptoms of bugs
<teward> if it were a *real* bug, it'd be in the systemctl output
<nacc> teward: have you been able to reproduced it yourself?
<nacc> *reproduce
<teward> nacc: no, that's the problem
<nacc> teward: ack, was wondering
<teward> and I have no specs on the systems observed
<teward> (see my q in #ubuntu-devel)
<nacc> teward: yep, noted
<nacc> teward: do you know in the bugs (still reading them myself) that nginx is already running and that's why the systemctl fails?
<teward> nacc: apport hooks for any package failure on install/upgrade pulls the full systemctl data, they should be in those bugs
<teward> though, apport chokes with foreign characters
<teward> (I think I filed a bug on it?)
<nacc> teward: oh i see that now, sorry!
<teward> nacc: you can blame Debian for my needing to pull that data - systemd and the nginx init scripts now just eat error data
<teward> silently :P
<teward> 'twas why I put the apport hooks in in the first place
<nacc> sigh
<teward> nacc: for all other reasons for installation failure...
<teward> missing nginx.conf, port bind errors, configuration errors in conf files, obsolete conf arguments, etc.
<teward> it's captured by the apport hooks
<teward> these fails are nondeterministic
<teward> and unable to be reproduced by myself
<teward> even on 1 vCPU 128MB RAM systems which should choke
<nacc> teward: yeah, based upon the systemctl log (and when it says the jobs started) it does seem like nginx was already installed
<nacc> and running
<teward> nacc: exactly why i'm thinking "WTFH"
<nacc> the 16.10 one's apt ordering is also strange
<teward> i think hggdh peeked at at least two of these
<teward> *shrugs*
<nacc> it seems like removing nginx-core removal would imply the others can't proceed
<teward> nacc: i think i should explain nginx a little
<teward> nginx-core is the flavor
<teward> nginx-core == nginx-full minus third party modules
<nacc> ah
<teward> nacc: nginx-common has all the common files
<teward> nginx-core, Conflicts: nginx-light
<teward> nginx-light, Conflicts: nginx-core
<teward> light, core, extras, full - the flavors of the package
<teward> (different modulesets)
<nacc> understood now, thanks!
<teward> so the apt ordering there is valid and makes sense in that case
<teward> but the failures don't
<nacc> yep
<atralheaven1> Hello, I have a question that I don't know where to ask. I have a vpn server, I would be glad to share it with others so they can get free of this censorship that we have. but I am worried about abuse, if someone uses my vpn to do illegal stuff etc that can get me in trouble, what can I do for that? thanks.
#ubuntu-server 2016-06-04
<John[Lisbeth]> what's a good package to virtualize an iso to a server distro and get into the repl from the shell
<John[Lisbeth]> I know there's a non gui version of virtual box but I don't want to install x with it
<sarnold> John[Lisbeth]: virsh can do a ton of those things but it's a bit annoying. check out this front end that's a bit easier to work with and doesn't force you to use isos as a nice benefit :) https://help.ubuntu.com/lts/serverguide/cloud-images-and-uvtool.html
<keithzg> sarnold: That command does look pretty neat; does it play nicely with virsh, however? As in, is it all just being handled by libvirt in the backend and so one could pop back and forth between using virsh and uvtool (and virt-manager) without any complications?
<sarnold> keithzg: I'd expect it to play nicely, yes
<keithzg> sarnold: Cool cool. I'll have to keep that in mind for next time I create a new VM here at work, rather than installing from an ISO. For now though it's Friday and there isn't a cloud I can see in the sky, so I should probably just get out of the office already ;)
<sarnold> keithzg: smart :)
<b4r> has anyone been success with server as ldap for network logins?
<b4r> or Active Directory
<therealtbe> keyboard does not work on install language selection screen;  ubuntu 14.04 server;   keyboard works on bios and grub menus;  in installer keyboard lights not on (numlock capslock)
<b4r> therealtbe: install 16.04 lts?
<therealtbe> thanks for the alternative task suggestion
<therealtbe> however I would like to complete this task not the one you suggested
<b4r> ok
<therealtbe> how do I make the installer recognize the keyboard
<sarnold> therealtbe: maybe try a different 14.04 image? there's several to choose from https://wiki.ubuntu.com/Releases
<patdk-lap> never ever had that problem
<patdk-lap> exactly what is the keyboard? and how is it connected?
<patdk-lap> sometimes ipmi/kvm things get funny
<therealtbe> I have tried with two different usb keyboards
<therealtbe> the keyboards are fine
<therealtbe> the keyboards work on other computers
<therealtbe> the keyboards work in bios and grub
<patdk-lap> but neither of those two use linux usb drivers
<patdk-lap> they use the bios usb drivers
<therealtbe> ok is there a kernel parameter to use bios usb drivers
<b4r> therealtbe: md5sum of the image was confirmed upon download? re: sarnold's idea to use another image
<therealtbe> okay I will do this;  but I have a feeling I will be back.
<b4r> therealtbe: sure, faulty images are not common. just an idea tho
<b4r> even if md5s match
<sarnold> I know some images had troubles with keyboards
<sarnold> it was years ago and I didn't think it affected 14.04
<sarnold> but it's easy to check a different image
<newbsie> How can one specify mailfrom in logwatch on the command line? If I don't want to configure .conf files.....
<JanC> therealtbe: you could try to enable or disable "USB legacy" support in the BIOS (toggle from whatever it was to the other)
<sarnold> good idea
<patdk-lap> shouldn't matter though
<patdk-lap> would affect usb keyboard for grub but shouldn't for linux
<JanC> it shouldn't, but sometimes it does
<patdk-lap> :)
<patdk-lap> someone should setup ip's for these servers
<patdk-lap> I just so don't feel like it
<JanC> and I'm pretty sure that indicates a broken BIOS/firmware, but...
<sarnold> patdk-lap: it
<sarnold> patdk-lap: it's gotta be something like ten thirty on a friday night for you, right?
<patdk-lap> 9:30
<patdk-lap> I plan to install these two new zfs dovecot servers tomorrow morning :)
<sarnold> ahhhhhhh
<patdk-lap> 28tb usable
<sarnold> what layout?
<patdk-lap> 3way mirrors
<sarnold> niiiiiice
<sarnold> are these in a redundant/ha sort of configuration?
<patdk-lap> not needed
<patdk-lap> dovecot will self replicate
<sarnold> really? cool
<patdk-lap> something like this
<patdk-lap> http://www.dovecot.org/img/dsync-director-replication.png
<patdk-lap> except in my case, no nfs
<sarnold> that looks pretty slick :)
<patdk-lap> been using most of that now, directory really helps a lot
<patdk-lap> turned that on a few years ago
<patdk-lap> but never thought to go the storage way till now
<patdk-lap> oh, almost forgot :)
<patdk-lap> I wonder if I have network cables
<sarnold> are you tripling the backend? or .. replacing an existing storage?
<patdk-lap> I will be replacing
<patdk-lap> current system only has 9tb
<patdk-lap> it's at 7tb full
<sarnold> will dovecot just dsync everything other transparently? or do you have to move things by hand?
<patdk-lap> both
<patdk-lap> for the most part, it will move it all over
<patdk-lap> I'll just have to run dovecots basically rsync command
<patdk-lap> change my directors to use the new servers
<patdk-lap> then do it once more
<sarnold> heh, 7tb... I hope you've got 10G NICs? :)
<patdk-lap> I do
<sarnold> yay
<patdk-lap> thinking I'm going do lacp 2 ports to the switches from each
<sarnold> oooooo
<patdk-lap> then two more directly connected between them
<patdk-lap> almost went with 40gig for that, but I don't need that speed
<patdk-lap> and this way I am protected from a nic failure
<sarnold> your new systems sure feel like they could injest that quickly but I'd be surprised if your old ones can read _that_ fast :)
<patdk-lap> old ones are maildir
<patdk-lap> I want to use mdbox for these so badly
<sarnold> 10G, sure, 20G... maybe? 30G or 40G probably not..
<patdk-lap> but when customers ask to recover email for them, maildir makes that *so* simple
<patdk-lap> oh, something I should file a bug report on :)
<sarnold> I've wondered about that. On the one hand, maildir means N syscalls _per email_, which feels way wasteful. But not having to parse things also feels like a huge win.
<patdk-lap> was fixed most everywhere else
<patdk-lap> but the new interfaces file just uses interfaces.d/*
<patdk-lap> really should be *.conf
<patdk-lap> to keep it from being screwed with .bak ~ and whatever files
<patdk-lap> I don't care about syscalls
<patdk-lap> it's more the inodes that kill it
<sarnold> "This means that it's possible to move older mails that are rarely accessed to cheaper (slower) storage. " that's cool
<patdk-lap> yes
<Xin> Howdy gang
<Xin> sooo
<Xin> I have this weird idea just for a fun project
<Xin> im going to use 2x USB 3 hubs with 2x4 1tb thumb drives that I have lying around
<Xin> and make it into like, a raid 10 of 2 raid 1's or somesuch
<Xin> get a couple of tb running at like 200mb/s, out of spare parts
<Xin> xD
<Guest_85757> Allah is doing
<Guest_85757> sun is not doing Allah is doing
<Guest_85757> moon is not doing Allah is doing
<Guest_85757> stars are not doing Allah is doing
<Guest_85757> planets are not doing Allah is doing
<Guest_85757> galaxies are not doing Allah is doing
<Guest_85757> oceans are not doing Allah is doing
<Guest_85757> mountains are not doing Allah is doing
<Guest_85757> trees are not doing Allah is doing
<Guest_85757> mom is not doing Allah is doing
<Guest_85757> dad is not doing Allah is doing
<Guest_85757> boss is not doing Allah is doing
<Guest_85757> job is not doing Allah is doing
<Guest_85757> dollar is not doing Allah is doing
<Guest_85757> degree is not doing Allah is doing
<RoyK> !op Guest_85757
<RoyK> perhaps an op should kick Guest_85757 in the arse
<Xin> hi all
<Xin> I have a domain name pointing to a vps
<Xin> I have installed postfix on there and just have an a record for my dns
<Xin> I need to add an mx record to get it accepting mail, no?
<RoyK> no, but you need an mx record for email servers to forward email to it
<Xin> lol well thats fairly important xD
<Xin> it seems kind of silly that it wouldnt just try the domain name?
<RoyK> Xin: just register an MX - it's not very hard ;)
<masuberu> hi all
<masuberu> I am having issues trying to ssh to my new ubuntu server
<masuberu> I just installed ubuntu 12.4.5
<masuberu> I can see the ssh_config file but I am not sure if the service is running
<masuberu> how can I check that?
<masuberu> what is the name of ssh server on Ubuntu 12.4.5?
<Xin> RoyK; hmm
<Xin> http://mxtoolbox.com/SuperTool.aspx?action=mx%3ayouwillrememberthis.xyz&run=toolpage#
<Xin> All set up and testing ok
<Xin> but still perminently fails sending from gmail
<RoyK> Xin: youwillrememberthis.xyz. 1800	IN	MX	1 youwillrememberthis.xyz.
<RoyK> looks good so far
<RoyK> Xin: negative caching in place, probably - wait an hour
<Xin> yeah but trying to send it mail doesnt work ;<<
<RoyK> to which email address? I could try
<Xin> inbox@youwillrememberthis.xyz should be up
<RoyK> Xin: telnet: Unable to connect to remote host: No route to host
<RoyK> that's from a test with telnet youwillrememberthis.xyz 25
<RoyK> dang
<RoyK> sorry - worked well from outside my network - ISP blocking 25/tcp
<Xin> xD
<Xin> sent another about 5 mins ago, no failure message yet
<Xin> or at all for 40 mins
<RoyK> did you get my email?
<masuberu> why is this tasksel: aptitude failed (100)??
<masuberu> im using 12.4.5
<masuberu> fresh installation
<masuberu> and why apt-get is not installing dependencies?
<Xin> RoyK; Hahah I found it!
<Xin> and mine are working now
<Xin> how grand
<Xin> thanks bud
<Xin> now I just need to set up rsync and im good to go
<RoyK> Xin: good :)
<Xin> Just a random other thingy
<Xin> I want to run a headless gdm/xdm/kdm/whatever
<RoyK> the don't install the desktop part
<Xin> so I can remote in graphically
<RoyK> or uninstall it
<Xin> is that a thing?
<Xin> or should I just use vnc
<Xin> or something
<RoyK> I juse use ssh
<Xin> I thought if I had a local gdm or whatever and connected to the remote server
<Xin> Id get much better performance
<RoyK> remote x works well
<Xin> like using remote desktop on windows instead of vnc
<RoyK> just ssh in and start whatever x program you want
<RoyK> what OS do you have on the client?
<Xin> it will be ubuntu to ubuntu
<RoyK> ssh myhost
<RoyK> should do it
<RoyK> just run something like xeyes for a test
<RoyK> google remove gui ubuntu - it's a simple apt-get remove thing
<YamakasY> I know TransIP has a BIG issue now
<JanC> YamakasY: what?
<YamakasY> JanC: they based some dropbox on it
<JanC> you mean Stack?
<JanC> does it even work on Ubuntu/Linux?
<YamakasY> JanC: yep
<YamakasY> JanC: why not ?
<JanC> I mean, work as a filesystem or something
<JanC> seems like they support WebDAV
<xevious> Is it possible to enable SSH and add apt sources in the Ubuntu Server install environment? Alternatively, can I start an Ubuntu Server installation using the Ubuntu Desktop Live ISO?
<JanC> YamakasY: not sure why they have a big issue (unless you wonder how they will pay for it too)
<OerHeks> xevious, answer1: no, server has no live environment to setup ssh, and 2nd a: never done such server install from a desktop iso
<xevious> OerHeks: I'm trying to follow this tutorial, but I'd prefer to have a minimal server installation and not have to go through and remove all the desktop stuff. https://github.com/zfsonlinux/zfs/wiki/Ubuntu-16.04-Root-on-ZFS
<OerHeks> use the server iso then?
<OerHeks> i am good in making problems that are not there too :-D
<xevious> OerHeks: The server ISO is an extremely minimal environment. apt and dpkg don't even exist in it. It's got udpkg, so I'm mashing at stuff with it until something happens.
<JanC> I think you should be able to use the desktop live CD to do a minimal install using debootstrap
<JanC> or from the server installer CD too maybe
<xevious> I've almost got dpkg and apt working in the server ISO environment.
<YamakasY> JanC: they depend on it as they changed it to their own needs
<YamakasY> so they run FOSS
<JanC> running on FOSS doesn't make you open
<xevious> After poking at it for a while, it doesn't seem like adding dpkg, APT, and ZFS to the server ISO is the way to go. I'm going to install using the desktop ISO and then pare it down to a server install.
<ztane> supervisord not autostarting on 16.04 :?
<devster31> can I safely run badblocks on a partition without deleting data?
<OerHeks> bad blocks are known to grow, so i guess the answer is no.
<OerHeks> or is badblocks some sort of program?
<Xin>  hai all
<devster31> badblocks is /sbin/badblocks
<devster31> from e2fsprogs
<OerHeks> devster31, oh oke, sure you run it with cron or just a script > SeijiSensei  2012, 08:37 http://ubuntuforums.org/archive/index.php/t-2090773.html
<teward> just to reconfirm my understanding of rsync, 'rsync src dest' will sync data from source -> destination, under what conditions?  If there's no difference in last-mod time on destination, where source is a pattern that includes, oh, 80 files?
<tarpman> teward: from the second paragraph of DESCRIPTION in the man page: "files that have changed in size or in last-modified time"
<BlenderPro> is there a way to make nano show the full path on the title bar and not just the file name
<teward> tarpman: i don't have the manpage in front of me, thanks
#ubuntu-server 2016-06-05
<tarpman> teward: not being snarky - being specific so you know where to look for more details :)
<tarpman> teward: but now I'm curious, how do you have rsync but not the manpage?
<teward> tarpman: question asked by coworker over texts
<teward> IRCing from my iPhone :p
<tarpman> fair!
<Xin> yo homies
<Xin> any rsync peeps in here
<Xin> I need to set up a bi-directional file sync
<Xin> well, actually between 3 nodes
<Xin> so 2 links per node
<Xin> basically so all my servers self-replicate changes, wherever they're made
<Xin> overwriting files with newer modified times, adding new files, deleting explicitly deleted files
<Xin> or is there something better than rsync for that?
<Xin> like some kind of replicating filesystem or somesuch
<Hawky__> I found a dead link on the http://conjure-up.io homepage. It's been there for weeks. I emailed webmaster@ubuntu.com and webmaster@conjure-up.io, but it's still busted
<Hawky__> the link is: The latest CONJURE-UP news - More CONJURE-UP news from Ubuntu Insights
<Hawky__> thought I might as well report it here incase any of the web admins for conjure-up.io are listening :)
<Xin> a broken link? ON A WEB PAGE?!
<Xin> CALL THE PRESIDENT WE NEED TO GET HIM ACROSS THIS ISSUE NOW
<therealtbe> report it to w3c immediately
<Hawky__> lol
<therealtbe> thunderbirds r go
<Hawky__> Slap bang in the middle of the homepage no less!
<therealtbe> ubuntu server 14.04 installing from usb key;  it says it cannot mount CD-ROM.  there is no cdrom.  it's running from usb key duh
<Hawky__> lol
<therealtbe> why does it try to mount cd-rom when there is no cd-rom
<therealtbe> hello?
<teward> ikonia: jrwren: thanks to you both on the dovecot assists the past week or so - thanks to your assistance, and the Ubuntu community at large, and Google, my migration task of 9.10 -> 14.04 is DONE ^.^
 * teward can now work on the fifty other projects he has
<Xinny> hey peeps is there a way I can dump a file of packages loaded in apt-get so I can pipe it into apt-get on another system to do an approximately same/same setup?
<Xinny> php -i
<Xinny> ...
<Xinny> lol soz
<teward> Xinny: dpkg --get-selections
<teward> if you want to store it so you can move the file over: dpkg --get-selections > packages.txt
<teward> then move packages.txt
<teward> that's one way anyways
<Xinny> thx teward - someone in #ubuntu suggested apt-clone too
<Xinny> both look perfect
<teward> Xinny: the one I just stated doesn't save auto or manual installed data though
<teward> not sure about apt-clone
<teward> also, for the future...
<teward> !crosspost | Xinny
<ubottu> Xinny: Please don't ask the same question in multiple Ubuntu channels at the same time. Many helpers are in more than one channel and it's not fair to them or the other people seeking support.
<teward> pick one, wait there
<Xinny> fair enough haha :)
<teward> if you don't get a reply in an hour consider a crossposte
<teward> crosspost*
<Xinny> lool who's got an hour to sit on their hands
<Xinny> for that kind of time id use forums
<Xinny> xD
<teward> :P
<Xinny> hey why does ubuntu server not include 'mail'
<Xinny> where do I get that
<jrwren> congrats teward
<dirty> need some help guys; I have a new supermicro server with 10 drive bays filled with 512GB SSDs, I have two SATA controllers, one is sSATA and the other SATA
<dirty> four of the drives are on the sSATA controller, the other six on the SATA controller, in the installer for ubuntu server, under the partitioner for guided LVM, I get raid10 device #126 973.0 GB - Software RAID device
<patdk-lap> so, what exactly is this so called sSata thing?
<patdk-lap> hopefully they are ahci controllers though
<dirty> patdk-lap: it's the second bios controller applicable to four of my 10 drives
<dirty> they are ahci
<dirty> the other six are on a "SATA Controller"
<patdk-lap> yes, but you are not naming the controllers
<dirty> s/bios controller/bios sata controller/
<patdk-lap> well, everything has a bios, and the bios is unrelated to anything else in the system
<dirty> patdk-lap: right, that's the nomenclature under the aptio BIOS within the supermicro mobo
<patdk-lap> yes, so what is it?
<patdk-lap> or maybe, what is it you are attempting to do?
<patdk-lap> instead of talking about all this non-meaningful infomation
<dirty> uhm, how else do I make this clear... I have 10 drive bays, four are controller by a "sSATA controller" under the aptio bios, the other six are under the "SATA Controller", all are set to AHCI, not RAID, and not IDE
<patdk-lap> they have names and model numbers :)
<dirty> patdk-lap: be tact, or don't attempt to help please?
<dirty> I need help, not chiding
<patdk-lap> actually, you need help locating *any* infomation first
<dirty> the problem is with the drive configuration recognition for the Guided - use entire disk and set up LVM
<patdk-lap> like the model of your supermicro motherboard, the model number of the chipsets used
<patdk-lap> and the all overal best part, the actual question or problem you have
<patdk-lap> the overall description above doesn't even matter yet
<dirty> wow
<Xinny> whats the package I need to add for ssh?
<patdk-lap> cause no one knows what it is in relation to
<patdk-lap> Xinny, openssh-server or openssh-client
<Xinny> ty, and what about for vpn
<Xinny> openvpn-server?
<Xinny> xD
<patdk-lap> vpn?
<patdk-lap> well, if you mean openvpn, openvpn
<Xinny> virtual private network
<Xinny> haha ok ty
<patdk-lap> yes, that is a generic concept :)
<patdk-lap> could mean, openvpn, ipsec, pptp, ...
<Xinny> Sure, its an open question. I dont have any specific security model in mind.
<Xinny> It just needs to be a tunneling protocol of some variety I can use on both windows and linux
<patdk-lap> openvpn for more simple, or strongswan if you want to have real fun :)
<Xinny> openvpn will probably do just fine
<dirty> patdk-lap: I'm setting up LVM across 10 drives, six of which are being recognized as SCSI[1-10], of which 5-8 are being globbed as RAID10 device #126 - 973.0 GB Software RAID Device, this is a SuperMicro SuperServer 1018R-WC0R
<dirty> does that help?
<patdk-lap> so the question is?
<dirty> I need the RAID10* device "unwrapped" as individual block devices to manage
<patdk-lap> you don't want that raid10 thing?
<dirty> patdk-lap: yeah
<patdk-lap> ah, just go into your bios and tell it to use ahci, and not raid
<dirty> patdk-lap: did that, they're already labelled AHCI buddy
<patdk-lap> any more specific, I still need your model info
<patdk-lap> and time to actually real your motherboard manual
<patdk-lap> if it was, it wouldn't show as raid
<dirty> patdk-lap: calling my bluff then?not trying to start any ego crap, but seriously, I did my diligence and triple sanity checked
<dirty> it's AHCI on both controllers
<dirty> not RAID or IDE
<patdk-lap> yes, and my instructions are generic
<patdk-lap> since I still don't know what you have
<dirty> what else do you need? starting to crack me up here, I swear I'm being as clear as I can
<patdk-lap> http://superuser.com/questions/384536/how-do-you-disable-bios-raid-on-supermicro-x9scl-x9scm-motherboard
<patdk-lap> you still have not posted any model infomation at all
<patdk-lap> I asked several times for the model of your motherboard, and sata controllers
<patdk-lap> ah, once the raid infomation is set, looks like your screwed
<patdk-lap> have to wipe it manually
<dirty> patdk-lap: I never set it to RAID, and for good measure I wiped the drives manually using dd if=/dev/zero of=/dev/sd? bs=512 count=4
<dirty> from the rescue shell
<patdk-lap> that hardly even clears the mbr
<patdk-lap> it won't touch a gpt partition
<patdk-lap> or raid config
<patdk-lap> try, dmraid -r /dev/sd?
<dirty> patdk-lap: here's the mobo http://www.supermicro.com/products/motherboard/Xeon/C600/X10SRW-F.cfm
<patdk-lap> if you really want to use dd
<patdk-lap> atleast use bs=1M count=10
<patdk-lap> that will work if it's at the start
<patdk-lap> can't remember if it is at the end or not
<dirty> patdk-lap: alright, excuse my reactions, thanks for attempting to help, I'll attempt your suggestion and be right back here, carry on if you have more info I'm trying.
<patdk-lap> -r E /dev/sd? likely
<RoyK> dmraid?
<RoyK> !dmraid
<dirty> RoyK: trying to say don't use dmraid there?
<RoyK> something like that
<dirty> patdk-lap: alright I'll dd larger to bs=1M
<patdk-lap> maybe mdadm :)
<dirty> with a count of 10
<dirty> what would be the mdadm command suggestion to be sure if there's any RAID shit set, that it's unset
<patdk-lap> no difference
<patdk-lap> dmraid can handle more than mdadm
<RoyK> dirty: I didn't follow - what sort of raid are you building?
<dirty> so mdadm -r /dev/sd?
<patdk-lap> I think mdadm can only do two of those types
<patdk-lap> dmraid can do more
<patdk-lap> royk, he is attempting to destroy it
<patdk-lap> it was built automatically
<RoyK> ah - dd is the guy, then
<dirty> right
<dirty> we'll see how it goes
<dirty> I'm almost to the rescue shell
<patdk-lap> the intel raid header is a complex mess though
<dirty> this installer is a bit drawn out
<dirty> patdk-lap: seems that way
<patdk-lap> it's kindof like audio wave files
<Xinny> how do I enable root for openssh
<patdk-lap> very flexable and nice, but kindof hell to deal with
<Xinny> actually nm ill google it
<RoyK> patdk-lap: some audio porn to help the raid up?
<patdk-lap> you want a moaning track?
<dirty> bout time, got to my shell
<dirty> attempting the dd @ 1M
<dirty> hmm interesting, the target block devices seem to be giving me output on the dmraid -r /dev/sd?
<dirty> patdk-lap: I'll run through the installer again and see where I get this time, thanks for trying to help me ;)
<dirty> also applied the dd @ 1M bs at 10 counts
 * dirty fingers crossed
<RoyK> some raid systems store metadata at the end of the disk
<Magnetz741> When I get "Server accepts key:" in ssh -v, while my attempts at authenticating give "Permission Denied (publickey)" does that mean it won't accept my AuthorizedKeysFile?
<RoyK> Magnetz741: try chmod 0600 $HOME/.ssh/authorized_keys
<Magnetz741> It asks for the passphrase on the key, even though there isn't one. If I set PasswordAuthentication yes, it asks for both keys and doesn't fail to connect
<Magnetz741> RoyK: Alright, I had it at chmod 700
<dirty> ahhh yay, well now the installer is showing something a bit different fellas, so instead of the "RAID10 device #126 - 973.0 GB Software" now I'm getting "RAIDmd126 device #:RAIDactive device #(auto-read-only)RAIDraid10 device....
<dirty> RoyK and patdk-lap any other suggestions?
<RoyK> Magnetz741: no need for +x for a config file
<patdk-lap> you need to reboot likely
 * RoyK has no idea
<patdk-lap> it's cause you just dd'd it
<patdk-lap> but it didn't remove what it had already knew about
<dirty> patdk-lap: well I also peformed the dmraid -r /dev/sd?
<dirty> so, next step please? this almost feels like progress
<patdk-lap> ya, but that is the same as dd really
<patdk-lap> it doesn't remove it from the system
<dirty> well ff, I'm open to suggestions... again, the controllers in the BIOS are both AHCI...
<dirty> so... I'm open for suggestion
<dirty> need to get this damn server rolling for prod soon, this is a drawn out "fun" hangup I didn't expect
<Magnetz741> RoyK: Weird, .ssh seems to be owned by root, in /home/user/.ssh/, I still get Permission Denied (Publickey)
<dirty> s/th AH/th set to AH/
<dirty> patdk-lap: "10x SATA3 (6Gbps) via C612" on that mobo... so I guess the controller is a C612?
<patdk-lap> but that only does 8 I believe
<RoyK> Magnetz741: it must be owned by the user
<dirty> patdk-lap: well the way it appears in the BIOS is 4 and 6
<dirty> the other would be... Intel SATA
<dirty> that's f'in generic
<patdk-lap> strange
<dirty> I have four in question... the other six show up fine in the ubuntu server installer
<dirty> that's why I kept bringing up the sSATA and SATA crap... my assumption is the C600 controller is handling the four and labeled "sSATA controller" in the aptio BIOS
<dirty> yeah it's a bit bizarre to me
<patdk-lap> ah
<patdk-lap> it's the normal 6 via the intel ICH
<patdk-lap> and 4 via the c612
<dirty> right...
<dirty> that aligns with my thought
<patdk-lap> the manual on the board is horrible
<dirty> ns
<dirty> leave it to .tw
<patdk-lap> hmm, dunno about the ssata thing
<patdk-lap> have never used it before :(
<dirty> the ssata thing is just how the C612 appears in the BIOS
<dirty> it's very similar to the Intel SATA in terms of configuration
<patdk-lap> ya, it's a funny chip, it actually doesn't do anything, pretty much just gpio pings
<patdk-lap> and the driver has to emulate sata on it
<dirty> patdk-lap: the intent here is to do software RAID 1 on two of the drives for the OS, and the other 8 RAID 10 if that means anything, but wiht this hangup holding four of my drives hostage, I'm in a bit of a ringer
<Magnetz741> Royk: Well if I do chmod 600 on ~/.ssh I can't even read the permissions, even while I've chowned the file to the correct user, every guide says chmod 700 for .ssh and it hasn't given my issues with logging in while ~/.ssh is chmod 700 and PasswordAthentication yes is set in /etc/ssh/sshd_config, I get "Permission denied (publickey)" when I set PasswordAuthentication no, and it still asks for both the rsa key's passp
<Magnetz741> RoyK*
<Xinny> weird question, I want to rename something to the current unix timestamp ?
<Xinny> dynamically
<dirty> patdk-lap: when I attempted an FBSD install... it reconized all 10 of the block devices distinctively; but bhyve is too experimental for my goal, so I went to Ubuntu server in hopes that I could do LVM instead of ZFS and get KVM rolling
<RoyK> Magnetz741: the dir should have 0700 - the files under it should have 0600
<dirty> I don't know if that makes any difference to you, maybe it's a device driver issue with the current ubuntu-server stack?
<patdk-lap> no
<patdk-lap> did you do a reboot yet?
<dirty> I had
<dirty> I'll do it again right now for good measure
<Magnetz741> RoyK: Yeah, that's how it's set now, still get Permission denied (publickey)
<Magnetz741> RoyK: I also doublechecked the keys, they match
<patdk-lap> and owned by the user of that folder?
<patdk-lap> not root?
<Magnetz741> patdk-lap: Yep
<Magnetz741> patdk-lap: Host/Server is Ubuntu 14.04 LTS while the client is Arch
<Magnetz741> Checking ssh versions
<dirty> patdk-lap: same crap on reboot
<dirty> should I do a longer dd, is there anything else you can think of to destroy this pseudo RAID array?
<Xinny> is it possible to config my domains dns records so that it tries my dev server first, and if its offline, refer the request to a backup server?
<Xinny> or do I have to reset my a record each time
<patdk-lap> :(
<patdk-lap> longer won't help likely
<patdk-lap> but wiping the last 10megs of the disk, probably won't hurt
<dirty> man, what a effin pita
<Magnetz741> I'm trying to remember how the hell I had this set successfully before
<Magnetz741> -_-
<Magnetz741> ssh is backwards compatible right?
<Magnetz741> So differing versions couldn't be the issue, client being Arch and later than the server which is Ubuntu 14.04?
<RoyK> ssh is backwards compatible unless you use something like ssh v1, but that dates back 15 years
<Magnetz741> RoyK: It was because I was trying to authenticate using the public key x'D
<dirty> YESSSS!!!!!
<dirty> thanks guys!
 * RoyK likes a YESSS
<Magnetz741> Now here's the real question, should I dist upgrade my webserver?
<RoyK> Magnetz741: I always do that
<syeekick> "error connecting to /tmp/tmux-1000/default (No such file or directory)
<syeekick> " anyone had this error before, i've never had tmux fail on me
#ubuntu-server 2017-05-29
<cpaelzer> good morning
<mrparanoid> im having some trouble with loading a preseed file from an iso image, I can see the preseed file on the iso and it is also in the append to call the file, however it isn't working and the UI install prompts are still appearing.. is there anything else that needs to be set/configured for it to load?
<eatingthenight> hello, anyone know a trick to get settings changes made in /sys to take effect faster. in my case I am setting the cpu to performance mode and it takes about 40 seconds until it actually registers that it's using max cpufreq.
<eatingthenight> can you trigger this to happen faster?
<fishcooker> how to know the detail of these 2 lines information of 49 packages can be updated and 28 updates are security updates ?
<ikonia> fishcooker: I don't know what you are asking
<M3mphiZ> How can i get the welcome message telling me the last login time, updates, restart required, etc. wihtout logging out and in again?
<cpaelzer> M3mphiZ: some are executed as needed - but mostly you get what you need from man update-motd
<cpaelzer> M3mphiZ: e.g. parts are in /var/run/motd.dynamic
<cpaelzer> M3mphiZ: do you want to see "what you had on login" or to regenerate it as t would be now?
<cpaelzer> Since this is a thing multiple programs can plug in the output can differ and be modified
<cpaelzer> M3mphiZ: and as addendum - for e.g. the last login "lastlog" gives you way wider overview than just motd
<hallyn> cpaelzer: re libvirt, i'm not reading the bug emails closely (and am driving all day today), but if i skimmed them correctly, the weird packages in question were part of trying ot get back in sync with debian;
<hallyn> so as you work to fix whatever is broken, i'd recommend making sure to either go in the direction of completing that or ditch the idea entirely.
 * hallyn out
<winem_> hey guys, (sorry if you read my question in #ubuntu as well, but I guess this is the right place to place it) I have to setup a postgresql or mysql / mariadb / galera db cluster. requirements are that failover and a virtual shared IP is supported. some years ago I used a combination of mysql, heartbeat, pacemaker to achieve this. but I did not use such a setup in the last few years. so which db (postgresql or mariadb / galera)
<winem_> would you recommend and why? I guess this can save me some googling. requirements: a couple of reads and about ~20k writes per minute (so they are not that high...)
<cpaelzer> hallyn: thank you
<cpaelzer> hallyn: yeah it is about completing the move to align with Debian
<cpaelzer> hallyn: I'm fine cleaning up, just the list for this cycle seems to get longer and longer
<cpaelzer> due to myself being able to identify more things
<cpaelzer> hallyn: you just left too sudden and I'm the one missing you most due to the follow on work :-)
<cpaelzer> hallyn: have a good trip
<cpaelzer> hallyn: TL;DR I just didn't realize before that this part of the move was only half way done - but we will complete that now
<M3mphiZ> cpaelzer: thanks for the hint, im using the following script now to show the motd: for i in /etc/update-motd.d/*; do if [ "$i" != "/etc/update-motd.d/98-fsck-at-reboot" ]; then $i; fi; done
#ubuntu-server 2017-05-30
<hallyn> cpaelzer: the list is always too long :(  sad thing is the cycles they go in.  when i first joined, there were a lot of issues around net connectivity and live migration :)
<cpaelzer> hallyn: yeah thanks for your sentiment - it raises me up to hear that I don't feel like that alone and that it was the same "before me"
<cpaelzer> rbasak: hey if you are around - could you import virt-manager into usdi?
<cpaelzer> I want to look ho complex the Delta looks like when I split it up
<cpaelzer> and when I start I can as well prepare for the case that I might merge it - so usdi would be helpful
<ws2k3> is there something wrong with the ubuntu installer? i just installed ubuntu 16.04 and it refuses to boot. i installed it twice to make sure i didnt do anything wrong
<ikonia> "refuses to boot" isn't really a problem description
<cpaelzer> rbasak: I don't really need virt-manager in usdi itself, I currently try to import it myself locally
<cpaelzer> rbasak: if it ends up with a working git tree I'm good
<rbasak> cpaelzer: I've been importing it for a while. It's on unapplied xenial currently
<rbasak> cpaelzer: in theory the hashes should match your import. So it'll be interesting to see if that happens.
<rbasak> It's just started on applied now
<cpaelzer> mine is in applied for about 15-20 minutes now
<cpaelzer> yeah, interesting if all hashes match :-)
<cpaelzer> rbasak: would you have 15 minutes for some conffile fun somewhen today?
<cpaelzer> rbasak: I'll need to do a summary writeup for a clearer discussion - so not now (at least 15 minutes or so)
<cpaelzer> rbasak: but I'd appreciate to find one to discuss some details before working on a proposed fix
<rbasak> cpaelzer: sure
<rbasak> cpaelzer: import complete
<ahasenack> hi, does anybody know what this is about? https://launchpadlibrarian.net/234346016/DpkgTerminalLog.txt "innserv" is in a loop apparently
<ahasenack> maybe https://bugs.launchpad.net/ubuntu/+source/insserv/+bug/541023
<ubottu> Launchpad bug 541023 in insserv (Ubuntu) "insserv does not work when rsync or winbind are installed" [Undecided,New]
<ahasenack> from the lucid (!) days
<cpaelzer> ahasenack: yeah I've seen those in the past
<cpaelzer> ahasenack: in 95/100 cases people have ppas or even "more out of archive" packages/tarballs installed
<cpaelzer> ahasenack: those mess up the system by placing things in init scropts which lead to loops at the dependency resolution
<cpaelzer> ahasenack: mostly it is about spotting the uncommon name in the logs and asking where this file is from (dpkg -S"
<ahasenack> insserv shouldn't be used anymore, right?
<tomreyn> depends on your ubuntu release, which you have not yet disclosed
<ahasenack> 15.10 in that case
<tomreyn> well that's unsupported for a good while now :(
<cpaelzer> ahasenack: if you have a low maintenance old package even insserv is fine - it will install its stuff and the systemd-generator will pick it up
<ahasenack> it could be "smfpd", I don't recognize that name:
<cpaelzer> so you see it here and there in packages that don't care about systemd yet but instead rely on the compat handling
<ahasenack> insserv: Starting smfpd depends on ondemand and therefore on system facility `$all' which can not be true!
<ahasenack> tomreyn: sorry, let me clarify. It's not my system, it's a bug filed by someone
<ahasenack> against "samba"
<ahasenack> but I've seen others like this filed against random packages when the real problem is insserv
<tomreyn> oh okay, also for supported releases then?
<cpaelzer> ahasenack: as I said before the "real problem" IMHO mostly is out-of-archive software
<cpaelzer> I've seen messages like that up to and including zesty every now and then
<ahasenack> tomreyn: no, wily, I'll close it but add a note that it's not in samba
<ahasenack> tomreyn: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1534944
<ubottu> Launchpad bug 1534944 in samba (Ubuntu) "package samba 2:4.1.17+dfsg-4ubuntu3.1 failed to install/upgrade: Ð¿Ð¾Ð´Ð¿ÑÐ¾ÑÐµÑÑ ÑÑÑÐ°Ð½Ð¾Ð²Ð»ÐµÐ½ ÑÑÐµÐ½Ð°ÑÐ¸Ð¹ post-installation Ð²Ð¾Ð·Ð²ÑÐ°ÑÐ¸Ð» ÐºÐ¾Ð´ Ð¾ÑÐ¸Ð±ÐºÐ¸ 1" [Undecided,Confirmed]
<ahasenack> it got in my radar because of the last comment, "confirmed"
<ahasenack> which made me get an email :)
<cpaelzer> ahasenack: and if you want to do him a favor ask him to do a dpkg -S on /etc/init.d/smfpd
<tomreyn> oh you're bug triaging, sorry i thought you were seeking support.
<ahasenack> tomreyn: yep :)
<ahasenack> cpaelzer: good idea
<ahasenack> I think there are hundreds of apport-reported bugs against eol releases now
<cpaelzer> yep ahasenack
<cpaelzer> ahasenack: we have the discussion if we should mass-close them or something like it every now and then
<cpaelzer> ahasenack: bring it up next week, it might be time to have that talk again
<ahasenack> cpaelzer: I think dpb1 will favor that
<ahasenack> I will add it to the agenda
<ahasenack> although I think he has something like that already in it
<cpaelzer> ahasenack: my opinion last time was to only process those that are on ubuntu-server subscription and for those do the extra work of really checking on newer versions
<ahasenack> cpaelzer: it's tough when the bug happened during apt upgrade and the logs are not conclusive, it's almost impossible to get into that same scenario again
<ahasenack> updates have been issued and superseeded older packages which are no longer available
<ahasenack> sometimes the user refuses to add extra logs, for privacy concerns, and it's awkward to start a dialogue 2-3 years later "hey, could you please attach /etc/foo/bar.conf?"
<cpaelzer> ahasenack: I'm not objecting :-)
<cpaelzer> ahasenack: yet it will make the "ubuntu gives up on 12345678 bugs" post go around the world
<ahasenack> will make it clear though
<ahasenack> but deserves a discussion
<cpaelzer> which is what I suggested and you agreed, so we are on the path
<cpaelzer> did you add to the agenda?
<ahasenack> just did
<ahasenack> cpaelzer: sprint agenda
<ahasenack> dpb1 had a topic already, I expanded it a bit
<zul> jamespage:  pinghttp://pastebin.ubuntu.com/24714955/ (fyi)
<PresidentTrump> I want to run npm install as http user but http user is nologin. I prefer not to run as root and then chown to http. npm install is being run by a systemd script.
<dpb1> PresidentTrump: you can: sudo chsh -s /bin/bash http
<ogra_> or just sudo apt install npm
<dpb1> ogra_: he wants to npm install, not install npm.  funny turn of words. :)
<ogra_> eeep ... indeed ... blind me, sorry for the noise
<ogra_> :)
<PresidentTrump> thanks
<ahasenack>     raise ProvisioningError("Your filesystem or build does not support posix ACLs, which s3fs requires.  "
<ahasenack> hm, zfs
<ahasenack> nsn7/lxc on /var/lib/lxc type zfs (rw,noatime,xattr,noacl)
<ahasenack> :(
 * ahasenack inspects zfs set acltype
<ahasenack> yay
<ahasenack> nsn7/lxd/containers/zesty-samba-ad on /var/lib/lxd/storage-pools/default/containers/zesty-samba-ad type zfs (rw,noatime,xattr,posixacl)
<ikonia> thats interesting your running a samba service to replicate AD in a container ?
<ahasenack> the container is just the development aspect of it, I'm doing some testing
<ikonia> is it doing a full AD substitute ?
<ahasenack> it should, but it's the first time I set samba up like that
<ahasenack> they have a nifty tool nowadays
<ahasenack> just run "samba-tool domain provision"
<ikonia> interesting, standalone or will it integrate into an existing AD setup ?
<ahasenack> what I'm trying is standalone. It sets up kerberos, dns, ldap
<ahasenack> joining an ad forest is simpler
<ikonia> very interesting indeed
<ikonia> well....maybe not
<ikonia> as I'm curious to how the AD txt/srv records would be managed with containers
<ikonia> and an overlay network
<ahasenack> you just don't use the dnsmasq services
<ahasenack> use a static ip, setup bind, rndc keys
<ahasenack> use the container as if it were a vm
<ahasenack> I attached this container to a libvirt-managed network where there is no libvirt-provided dhcp (dnsmasq)
<ikonia> bind is a dns server, it won't manage the txt and srv records an AD service would require/generate
<ahasenack> samba4 can either use bind, or its own internal implementation
<ahasenack> the default is its own internal implementation
<ahasenack> same for ldap
<ikonia> hence why I'm curious how hooking it into an AD service that is expecting to manage it's own DNS would work
<ahasenack> in the ldap case, it can't use any other ldap implementation actually
<ikonia> yes, Samba can, but AD can't
<ikonia> hence why joining the forest is of inerest
<ikonia> interest
<ahasenack> I'll get to that at some point :)
<ahasenack> right now I'm checking a bug report
<ikonia> be interested how you get on with that
<ikonia> especially with a container and an overlay network
<ahasenack> hm, finding some rough spots in the samba4 packaging
<ahasenack> when setting up an ad dc
<ahasenack> but ok, got it to work
<ahasenack> http://pastebin.ubuntu.com/24715338/
 * ahasenack finds the rough spots in the TODO.Debian file
<Da9el> En fra dk der lige kan hjÃ¦lpe med en SSH der driller
<mason> Da9el: er der en liste her, der kan hjÃ¦lpe: https://lists.ubuntu.com/mailman/listinfo/ubuntu-dk
<Da9el> Okay mÃ¥ jeg prÃ¸ve tak
<mason> Da9el: Held og lykke.
<teward> is there a server team meeting or was it postponed?
<teward> or cancelled
<dpb1> teward: there is, in 10m
<teward> cool, wasn't sure :)
<teward> i'll be there.  ish.
<teward> *still trying to figure out IPv6-from-public-to-LXD-container stuff*
<dpb1> teward: :)
<teward> did I happen to mention that IPv6 is painful
<teward> or is that just 'implied' now
<nacc> jamespage: any luck with your artful runs for openstack with new django?
<jonfatino> So it seems casper doesn't support http fetch of filesystem.squashfs. I found a patch onÂ https://forum.kde.org/viewtopic.php?f=309&t=136596Â but it doesn't seem to be working with the latest initrd/scripts/casper
<jonfatino> Perhaps someone can take a look at the altered initrd/scripts/casper file and fix it up?  https://pastebin.com/V6W39XJu
<PresidentTrump> what is the proper way to deploy passwords as env on production servers? add them to /etc/environment ?
<nacc> PresidentTrump: why would you ever want to do that?
<PresidentTrump> nacc, https://caddyserver.com/docs/automatic-https see section under enabling dns challenge
<nacc> PresidentTrump: i see -- it seems dangerous to store credentials in the environment, but that's just me
<PresidentTrump> nacc, would storing them in the systemd file be safer?
<PresidentTrump> systemd has a method of setting variables
<nacc> PresidentTrump: i'm not sure -- it just seems 'dangerous' to put credentials like that anywhere that if you were to get hacked, then all of a sudden the hacker has access to everything else
<PresidentTrump> nacc, if they hack into the server don't they already have access to everything
<PresidentTrump> database passwords are there
<nacc> PresidentTrump: i assume your database passwords are encrypted
<nacc> PresidentTrump: i'm saying if your server is hacked and your credentials are stored in plaintext in the environment or in a systemd file, that seems odd
<PresidentTrump> nacc, if its encrypted then how can the application access the database?
<nacc> PresidentTrump: different problem, i'm just looking at the idea of storing credentials in the environment
<PresidentTrump> and its encrypted but the key is also stored on the server then it serves no purpose
<PresidentTrump> can I get a practical answer?
<PresidentTrump> there is no point on focusing on securing credentials when there is lower hanging fruit
<PresidentTrump> 99% of small websites out there are far more insecure
<ahasenack> PresidentTrump: /etc/environment is meant to be read by all users of the system at login time. Isn't it just one user who needs access to this password?
<PresidentTrump> yes
<ahasenack> does it have to be a shell variable? Can it be a file in the user's /home directory for example?
<PresidentTrump> ahasenack, can you look at the caddy documentation I linked to?
<PresidentTrump> is there a way for it not to be a shell env?
<PresidentTrump> I think the most sensible way of making it a single application env is to add it to the systemd file
<ahasenack> is that a daemon?
<ahasenack> I think in systemd you can refer to a file that has your variables
<ahasenack> that sounds ok. You would make that file 0600 then or something like that
<ahasenack> or have whatever script starts the daemon source the file with the variables
<ahasenack> but not /etc/environment, that is system-wide and meant to be 0644
<PresidentTrump> ahasenack, so I have a bash script that needs the vars too
<ahasenack> it can source that file that the systemd config is sourcing
<ahasenack> I don't recall the systemd configuration key now, sorry
<PresidentTrump> ahhhh
<PresidentTrump> right I should use source...
<PresidentTrump> thanks
<ahasenack> I checked upon that once when researching how to pass proxy variables to a service
<ahasenack> nacc: hi, the bug I need sponsoring on, following up our irc meeting: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1677329
<ubottu> Launchpad bug 1677329 in samba (Ubuntu Zesty) "libpam-winbind: unable to dlopen" [High,In progress]
<ahasenack> it has a branch attached
<ahasenack> meant for artful
<nacc> ahasenack: reviewing
<ahasenack> nacc: thx
<ahasenack> nacc: thanks for the review
<nacc> ahasenack: np, does it make sense?
<ahasenack> yes
<ahasenack> :)
<nacc> ahasenack: feel free to fix up and push back over the top, i'll pull your changes down and re-review whenever you need
<ahasenack> ok
#ubuntu-server 2017-05-31
<cpaelzer> good morning
<ruben23> hi there guys anyone can help with this command i get syntax error ------>   fakeroot make-kpkg âinitrd âappend-to-version=-custom kernel_image kernel_headers
<ruben23> anyone can help correct the command
<cpaelzer> ruben23: you might post the actual error via pastebinit
<cpaelzer> ruben23: maybe -- after the fakeroot?
<cpaelzer> to ensure it is not picking up make-kpkg's options?
<cpaelzer> also at least what you copied here has merged unicode "â" instead of "--"
<cpaelzer> ruben23: ^^
<ruben23>  cpaelzer:  Thanks a lot it works..
<cpaelzer> yw
<adrian_1908> if anyone here is using Nginx on 16.04, for the resolver directive (http://nginx.org/en/docs/http/ngx_http_core_module.html#resolver), do I use 127.0.1.1 (Dnsmasq) or is 127.0.0.1 the right IP? I found almost no examples of the former, so I'm a bit confused.
<cpaelzer> adrian_1908: well if you set nothing you should use the default which on your system should be 127.0.1.1
<cpaelzer> adrian_1908: see /erc/resolv.conf
<adrian_1908> cpaelzer: yes, that's set to nameserver 127.0.1.1 and dig reports that IP too.
<cpaelzer> adrian_1908: so I'd assume you do either nothing at all with that directive or have a reason to set something really different like an external nameserver
<adrian_1908> cpaelzer: you mean, if I omit it, Nginx will try to go through dnsmasq anyway?
<cpaelzer> I'm only 98% sure, but yes
<adrian_1908> cpaelzer: ok. Alas, I'm not experienced in networking related things, so i often don't know how to test these things. thanks.
<adrian_1908> my VPS provider uses Ubuntu cloud images that already point dnsmasq to their nameservers, and that works really well, so I didn't want to use Google's 8.8.8.8 or whatever most guides use.
<cpaelzer> I think you are fine without setting somethnig
<cpaelzer> if you need a better expert ask teward later on (not around yet I'd think)
<adrian_1908> I might, but for now thanks man!
<Tripps> Curious here, how can I transfer one disk to another; meaning the data on the drive to my 2tb harddrive?
<tarpman> cp(1)?
<Polarcraft> tarpman, well I don't want to use the normal drive at all, I want to migrate over to the 2tb and have it run on reboot without any issues.
<Poster> you might look at something like clonezilla to do the imaging, if you used LVM the resizing should be pretty easy, if not gparted should help
<semiosis> i'm running into a problem since upgrading my ec2 API servers from trusty to xenial.  a server will run fine for a day or two, then it will stop serving requests.  when i SSH into the machine, if I can login at all, it is extremely slow.  it takes a few seconds for each character i type into the shell to be echoed back.  there's no errors in the system log, no problems showing in dmesg, and my API logs look fine.  any ideas what this
<semiosis>  could be?
<semiosis> cpu usage is minimal, system load is near zero, and there is free memory available
<semiosis> all the usual stuff checks out fine
<sarnold> semiosis: any luck yet?
<sarnold> semiosis: give this a view and see if it provides anything useful to work with http://www.brendangregg.com/blog/2015-12-03/linux-perf-60s-video.html
<semiosis> no luck trying to figure this out on my own, so coming here for help.  been dealing with this for a few weeks.
<semiosis> will check. thanks
<tarpman> semiosis: problem on the server, or between you and the server? run a few commands with `time` prepended and see if things actually take longer than expected just executing on the server?
<semiosis> my hunch is it is a network issue.  kernel tcp stack maybe.
<semiosis> i just deployed an increase of the tcp memory limits.  when these servers die i'll try timing some commands.  thanks for the tip
<Epx998> aha
<SupaYoshi> HJHi
<SupaYoshi> I've tried enabling TLS support with Pure-FTPD, got that working
<SupaYoshi> But everytime I enable UFW (I've got port 21 TCP open)
<SupaYoshi> I cannot access the directory listings with Ufw enabled and TLS
<SupaYoshi> (FTPS)
<SupaYoshi> but I can with FTP
<SupaYoshi> what ports does FTPS use
<sarnold> don't you need both 20 and 21 for ftp?
<mason> sarnold: Only if you want data *and* commands.
<sarnold> mason: picky picky :)
<mason> SupaYoshi: FWIW, "grep ftp /etc/services" will show the ftps ports, and also sftp.
<SupaYoshi> im not using sftp
<SupaYoshi> im using ftps
<nacc> SupaYoshi: ok, so grep what mason said
 * mason contemplates an RFC describing sftps, just to be difficult.
<nacc> mason: :)
<nacc> SupaYoshi: also, mason didn't say you were using sftp, they said it shows ports for both ftps and sftp
<SupaYoshi> ok
<mason> I are plural! \o/
<SupaYoshi> its odd that it works fine without ufw
<SupaYoshi> and stops with ufw enabeld.
<SupaYoshi> http://paste.ubuntu.com/24731516/
<nacc> SupaYoshi: you didn't need to paste it, we all have it on our systems too
<SupaYoshi> so what port
<SupaYoshi> is needed for it to work? :P
<SupaYoshi> 21 is open, 22 is.
#ubuntu-server 2017-06-01
<nacc> SupaYoshi: did you read what you pasted?
<Cyb3r-Assassin> I need to build php5 apache server on Ubuntu 16.04.2 LTS but PHP5 is deprecated from sources. Anyone have information on getting php5 on this box?
<nacc> Cyb3r-Assassin: use 14.04 in a container/VM
<nacc> Cyb3r-Assassin: or you can use ondrej's ppa, but it's not officially ubuntu (and only ondrej can support you with issues)
<Cyb3r-Assassin> nacc: I dont have VM options.
<Cyb3r-Assassin> or ability to build out a new image.
<Cyb3r-Assassin> i would be fine with modifying sources.list with new ppa yes
<Cyb3r-Assassin> perfect done thank you
<Cyb3r-Assassin> can I mask the use of anything over 5.6? Having some problems with deps while building lamp
<sarnold> you may have better success using lxd to run 14.04 LTS tools instead..
<nacc> sarnold: +1
<ruben23>  hi there guys if i upgrade my linux ubuntu version with custom compile kernel do i lost the custom kernel.?
<ruben23> second question i tried to re compile the kernel of ubuntu server just increasing the time frequency but when i compile it its been two days already it still not done compiling , the status of compilation did not stop, is this really taking so much time and this long.?
<ruben23> guys anyone.?
<sarnold> ruben23: use 'make localmodconfig' to build a kernel just for your hardware
<sarnold> ruben23: the default kernels ubuntu builds have so many things enabled because you never know what hardware people have
<sarnold> a kernel build takes our buildds about five hours https://launchpad.net/~canonical-kernel-team/+archive/ubuntu/ppa/+build/12486778 so perhaps you've got slow hardware too?
<ruben23> sarnold: any chance we can speed it up.?
<sarnold> ruben23: make localmodconfig is a good start
<ruben23> just run that command.?
<sarnold> then be sure to run make menuconfig afterwards to set whatever variables you need differently than the ubuntu kernel's choices
<ruben23> the problem her eis we only need to change one thing timing frequency we just increase it thats all we need
<ruben23> but the compiling process is taking so much time
<patdk-lap> how many cores are you giving it?
<ruben23> sarnold: so i run make localmodconfig then  make menuconfig after.? any guide you can send so i can push the process somehow
<patdk-lap> and threads did you tell make to use?
<ruben23> patdk-lap: no, just timign frequenzy to 1000HZ
<patdk-lap> more hz isn't going make kernel compile faster
<patdk-lap> it just makes task switching smoother
<patdk-lap> oh, you wanted to build with a higher hertz
<patdk-lap> isn't that dynamic these days?
<sarnold> ruben23: when you started the compile how many threads did you start up?
<ruben23>  sarnold: i did not touch the threads, just the timing frequency
<ruben23> patdk-lap: yes what you mean dynamic.?
<ruben23> how to do that.?
<patdk-lap> what are you doing that needs 1000hz?
<sarnold> ruben23: when you run 'make -jN bzImage' what do you used for 'N'?
<patdk-lap> I like to use 0.1 :)
<sarnold> patdk-lap: what the heck does that do? :)
<patdk-lap> syntax error probably
<sarnold> the last time I built a kernel I used 'make defconfig' and 'make -j' with no arguments, and it finished in 48 seconds :) but I suspect that kernel would be too useless to do anything with..
<sarnold> load average over 300..
<patdk-lap> heh
<patdk-lap> I haven't built a kernel for awhile
<sarnold> I only built that one to test the machine, hehe
<patdk-lap> have built many illumos kernels, those take me about 45min on 6cores
<patdk-lap> well, that is more than a kernel, that is kernel + libc + basic tools
<sarnold> it gave me fond memories of 30-minute builds back in the pentium days..
<sarnold> oh? I'm surprised they don't have a GENERIC that just works
<patdk-lap> generic?
<sarnold> yeah, like the BSDs
<patdk-lap> not sure what you mean
<sarnold> the BSD kernels usually hvae a bunch of configuration options same as linux, but they always recommend everyone to run the prebuilt GENERIC builds they provide
<patdk-lap> I remember recompiling freebsd kernels like mad
<patdk-lap> those never worked for me, freebsd only supported 2gigs of ram, and going over it, required extensive tuning
<sarnold> oww
<patdk-lap> cause the default table sizes where based on ram sizes, and they would just get stupid big, or be way too small
<patdk-lap> for illumos, it's cause of kernel patches I have made, or drivers I'm adding to it
<sarnold> 1024 processes should be enough for anyone!
<sarnold> hehe
<sarnold> oh cool, what have you done to illumos? :)
<patdk-lap> bcrypt work
<patdk-lap> testing a bunch of patches for other people
<patdk-lap> adding in pvscsi and vmxnet, though those are mostly offical now
<patdk-lap> endless hacking with lsi sas driver
<sarnold> i'm surprised that's not perfect by now; everyone uses that, right?
<patdk-lap> Used to do linux kernel work, but haven't touched it since 2.2
<patdk-lap> did a crapload of hacking of my 2.0 and 2.2 kernels, complete memory and scheduler swap outs
<sarnold> back when that kind of thing made more of a difference, hehe
<patdk-lap> I would still enjoy a scheduler option
<patdk-lap> used strict priority levels
<patdk-lap> nothing on a lower level would run, unless all higher level niced programs where idle
<patdk-lap> having a runaway program would DOS your system, but
<patdk-lap> recommend, don't use firefox on it :)
<patdk-lap> but then, those where servers, and I didn't really have that issue
<sarnold> you -could- configure linux to do the same; put everything into sched_rr and remove the slack space that allows non-rt tasks to run even if rt tasks peg the cpu
<Cyb3r-Assassin> Im using this ppa https://launchpad.net/~ondrej/+archive/ubuntu/php to give me php5.6 but I am having dep conflicts trying build a LAMP service that supports everything correctly. Any PPA I can add to provide everything else I need?
<Cyb3r-Assassin> Or any option to have it build with apt-get install lamp-server^ as I need.
<lordievader[m]> Good morning
<Bodenhaltung> Hmm "Setting up libc6:amd64 (2.19-0ubuntu6.11) ..." crashed with a reboot. oO
<Bodenhaltung> A "dpkg --configure -a" crashed also, the maschine does ja full reboot. :(
<Bodenhaltung> 14.04
<Bodenhaltung> Any ideas? :(
<lordievader[m]> Bodenhaltung: Grab a live-usb, chroot into the install and update from there.
<Bodenhaltung> Hmm, not really possible, its a virtual maschine (on openvz)
<Bodenhaltung> lordievader[m]: Can i solve the "blocker" so i can --reinstall libc6?
<lordievader[m]> Bodenhaltung: Oh, that makes it easier. Mount the virtual disk in the hypervisor and chroot from there.
<sarnold> Bodenhaltung: hey I've got an idea.. it's a bit of a wild guess
<sarnold> Bodenhaltung: within the openvz, run "mkdir /run/systemd/system"
<sarnold> or "mkdir -p /run/systemd/system"
<sarnold> Bodenhaltung: http://sources.debian.net/src/glibc/2.19-18%2Bdeb8u9/debian/debhelper.in/libc.postinst/#L221
<pankaj_> Hello. I am ubuntu server for ftp services but as soon as I type "ifconfig" I cannot see eth0 or eth1 being listed; instead I just see enp0s3 and lo interfaces. Why? What's the matter?
<lordievader[m]> Newer udev ;)
<pankaj_> Hello
<lordievader[m]> pankaj_: https://www.freedesktop.org/wiki/Software/systemd/PredictableNetworkInterfaceNames/
<pankaj_> lordievader[m]: Sorry Sir but I googled it and got the same article but the documentation seems to be very complex. Is their is no any straightforward reason and what should I do for my ftp server to assign IP address?
<lordievader[m]> It is not very complex, basically the way the name is derived has changed.
<lordievader[m]> Rather that something arbitrarily a consistent way based on where the network interface is.
<lordievader[m]> The physical location of the nic on the motherboard.
<lordievader[m]> The ways of assigning ip addresses has not changed, but instead of having an ethX name you have an enpXsY name.
<pankaj_> lordievader[m]: I think that "yes" it is not complex. OK, so is their any way so that I can assign the IP address so to run my ftp Server.
<lordievader[m]> Dchp does not cut it for you?
<pankaj_> lordievader[m]: I didn't understood.
<lordievader[m]> pankaj_: https://help.ubuntu.com/lts/serverguide/network-configuration.html
<microwav_> @lordievader sorry to interupt you on that but do you know the reason they changed that name usage?
<pankaj_> lordievader[m]: Thanks. I will read the documentation and then.
<sarnold> microwav_: machines with a few NICs would randomly re-order the stupid things on reinstalls
<lordievader[m]> microwav_: Read the documentation. The motivation is to make device naming predictable.
<microwav_> ah that clarifies, thnx!
<sarnold> microwav_: or deployments of a thousand 'identical' machines would have unexpected names roughly distributed randomly
<sarnold> microwav_: or people with multiple usb nics not knowing which is which..
<lordievader[m]> Or the networking not working because you transferred a disk to another exactly the same machine because the mac address was different.
<Bodenhaltung> sarnold lordievader[m] Its solved, i have reinstalled kmod, now it is working fine, thanks to you for point me in that way. :)
<lordievader[m]> Network was configured for eth0, not for eth1 :P
<lordievader[m]> Bodenhaltung: Good to hear :)
<sarnold> Bodenhaltung: kmod?
<microwav_> thnx Lordie
<microwav_> and sarnold
<Bodenhaltung> sarnold: Jepp, kmod:amd64, pure desperation. :D
<sarnold> Bodenhaltung: and that -worked-???
<pankaj_> lordievader[m]: Thanks. I think firstly I must read a good book to get started with networking environment in Linux. I had previously studied networking but can you suggest any good books so to get started in linux networking environmrnt?
<lordievader[m]> Errrmm, I have gotten my knowledge mostly from online documentation and trial & error.
<pankaj_> lordievader[m]: Any advice from you will be a lot to me.
<sarnold> I started with ora.com's TCP/IP networking book ~twenty years ago. If it's been kept updated over the years it might be alright today.
<lordievader[m]> pankaj_: Grab a vm and experiment. Read documentation, try out what is said, see what it does and try to understand why things work the way they do.
<sarnold> If you -really- want to know your stuff, W Richard Stevenson's many books on TCP/IP are fantastic. Sadly they have probably not been updated over the years.
<pankaj_> sarnold: I just want to know the networking environment basics in Linux. I just downloaded a Book "Linux Device Driver" by Jonathan Corbett. Can you suggest anything about the book
<pankaj_> lordievader[m]: I had already installed it and now running ubuntu server but I think I must also understand all things that I am doing and not just type some code so that things workout. Therefore, I said abut any good book or documentation.
<sarnold> pankaj_: that's a fantastic book but it is all about writing kernel device drivers. If that's your goal by all means keep at it :D
<pankaj_> sarnold: Yes, if it makes understand the reader to have some good grasp of linux kernel and networking then I will surely read this book.
<pankaj_> sarnold: Can you suggest me any any book whose focus is all on networking in Linux environment?
<cpaelzer> mdeslaur: strongswan remerge for CVEs done
<cpaelzer> at least for me and some tests it works as before but safer :-)
<sarnold> pankaj_: this is entirely linux and entirely networking -- it's also extremely advanced material http://lartc.org/
<pankaj_> sarnold: OK. Firstly I must test the book by reading myself. Thanks. Talk to you later
<sarnold> pankaj_: have fun :)
<pankaj_> pankaj: Thanks
<cpaelzer> pankaj_: also slightly outdated but a great start and ofen more a use-case/coding point of view that I liked was in "UNIX Network Programming" by Richard Stevens
<cpaelzer> sarnold: is that the same you recommended on a different title?
<pankaj_> pankaj: I will also try it and then decide between the two. Well, the name seems to be very interesting. Thanks for telling.
<cpaelzer> sarnold: or did you mean the TCP/IP Illustrated series?
<cpaelzer> pankaj_: theres also the "adcanced" version of it
<cpaelzer> anyway we all seem to sellte that mister Stevens is a good way to start :-)
<pankaj_> cpaelzer: OK. I will check it out.
<cpaelzer> I was lucky to get most "basic books" when they closed an IBM Library a few years ago
<cpaelzer> and basic concepts rarely change
<sarnold> cpaelzer: I meant the TCP/IP Illustrated series
<sarnold> UNIX Network Programming is good too but the entire second half of the book is a long-dead interface, right?
<cpaelzer> yep
<cpaelzer> I just always liked the "parcitical" start
<sarnold> cpaelzer: oh man, grabbing stuff from an ibm library, great idea :D
<cpaelzer> I've had more than I could move on my last move to a new place
<cpaelzer> handing out books all around
<sarnold> hahaha
<sarnold> when I moved into my current house I was thrilled that it already had something like 5m * 4 shelves... but it's not enough. I still have book piles.
<cpaelzer> And it was a nice pic when 4 studends filled up my crappy old car with books until the suspension stopped us to go on
<sarnold> rofl
<sarnold> wunderbar :D
<cpaelzer> sarnold: wow 5m*4 is impressive - these days I read like a snail crawling over the pages, I won't need more anytime soon
<sarnold> cpaelzer: funny thing, I read so much more on my phone now, I'm still working on harry potter und der order der phoenix for five or six weeks... my german's not quite good enough to plow through it even when tired. hehe.
<cpaelzer> sarnold: phÃ¶nix :-) with Ã¶
<sarnold> cpaelzer: my keyboard lacks those :)
<cpaelzer> it's vice versa for me only reading in english since a decade
<cpaelzer> damn actually two decades - oO getting old
<sarnold> hehe
<fallentree> Is there a reason for nginx package to install both fastcgi.conf and fastcgi_params, with the former having SCRIPT_FILENAME defined in addition to other params also present in fastcgi_params?
<fallentree> I mean, since there are uwsgi_params, proxy_params and scgi_params, why not just fastcgi_params, with SCRIPT_FILENAME, as default?
<fallentree> It's inconsistent and confusing to new users.
<mdeslaur> cpaelzer: thanks!
<lucidguy> Need to perform CPU benchmarks on Linux systems, recommended tools?
<nacc> teward: --^ fallendtree's comments?
<nacc> *fallentree
<bdmurray> The server team CI bot owner might be interested in this bug I just reported about Launchpad. https://bugs.launchpad.net/launchpad/+bug/1695031
<ubottu> Launchpad bug 1695031 in Launchpad itself "apport retracing service regularly encountering timeouts" [Undecided,New]
<powersj> bdmurray: thx
<bdmurray> powersj: Are you seeing these timeouts too?
<powersj> <-- server team CI bot owner and no I have not seen evidence of them, so I will need to go look where something is complaining.
<bdmurray> powersj: Okay, I'd be curious to hear about what you discover.
<powersj> ok I'll let you know if I find anything
<powersj> bdmurray: that didn't take long https://jenkins.ubuntu.com/server/job/simplestreams-ci-trigger/50799/console
<powersj> that is a job to check for merge proposals that need reviews
<bdmurray> powersj: Any idea when the bot first started encountering it?
<powersj> bdmurray: I don't. I only have a days worth of run logs. I haven't been keeping an eye on streams project because it is usually low volume/nothing to do there :\
<nacc> rbasak: I think LP: #1275495 should drop bitesize and server-next, agreed?
<ubottu> Launchpad bug 1275495 in monitoring-plugins (Ubuntu) "check_radius missing" [Medium,Triaged] https://launchpad.net/bugs/1275495
<rbasak> nacc: agreed, thanks
<nacc> rbasak: thanks
<dpb1> nacc: one last q, how can I inspect the change that went into 0.43ubuntu1.1 in xenial?
<dpb1> for pkgsel
<sarnold> dpb1: head to the launchpad page for the source package https://launchpad.net/ubuntu/+source/pkgsel
<nacc> dpb1: couple of options
<sarnold> click on the version you want, then find the 'diff from 0.43ubuntu1 to 0.43ubuntu1.1 (799 bytes)' near the end
<dpb1> sarnold: ah yes
<nacc> dpb1: what sarnold said, which should get you to https://launchpad.net/ubuntu/+source/pkgsel/0.43ubuntu1.1 and then http://launchpadlibrarian.net/265398320/pkgsel_0.43ubuntu1_0.43ubuntu1.1.diff.gz
 * dpb1 waits for hopefully command line option
<nacc> dpb1: or, locally, `pull-lp-source -d pkgsel 0.43ubuntu1; pull-lp-source -d pgksel 0.43ubuntu1.1; debdiff pkgsel_0.43ubuntu1.dsc pkgsel_0.43ubuntu1.1.dsc`
<rbasak> If only pkgsel were imported into git :-)
<nacc> dpb1: or you can ask me to import it and then look at the git diff
<nacc> rbasak: that was #3 :)
<dpb1> secret option #3
<dpb1> OK, that is enough pestering.  that's exactly what I wanted, thanks
 * dpb1 dupes that bug now
<nacc> dpb1: now, there is a separate question -- why wasn't this caught in testing?
<nacc> dpb1: does that mean we don't have a written testcase for server iso for the possible choices here?
<nacc> dpb1: i mean, it was caught pretty early, but still post-release
<dpb1> nacc: I'd like to explore that, yes
<nacc> dpb1: oh it also may have been a bug in the merge, I see that now (based upon the prior xenial changelog entry)
<dpb1> hm
<dpb1> for that bit of archeology, I think I need the git import
<dpb1> s/need/want/ :)
<nacc> dpb1: it's running
<dpb1> it was introduced in the runup to xenial for sure
<nacc> dpb1: sorry, src:pkgsel showed me a bug in the importer (not super important, but breaks our orig tarball imports). I was looking at fixing it, but i'll generate the tree anyways so you can do archaeology :)
<nacc> s/tree/repo/
#ubuntu-server 2017-06-02
<pankaj> I want to setup ftp server on ubuntu server but when I type "ifconfig" I get two interfaces enpls0 and lo. Where is eth0 or how do I congigure for my ftp server for an IP?
<andol> pankaj: The short answer is that enpls0 likely is what you think of as eth0.
<andol> pankaj: The long answer can be found at https://www.freedesktop.org/wiki/Software/systemd/PredictableNetworkInterfaceNames/
<andol> Also, http://mywiki.wooledge.org/FtpMustDie
<pankaj> andol: Are both same? But, how can I get the IP address so that I can use for my local ftp services.
<cpaelzer> good morning
<cpaelzer> pankaj: it is just a different name than eth0
<cpaelzer> pankaj: the link andol listed is good, it explains the backgrounds - but TL;DR where you'd had set eth0 (e.g. a grep or so) use the new name
<pankaj> cpaelzer: You mean to look in 'interfaces' file and change enpls0 to eth0?
<cpaelzer> pankaj: no I really not mean this
<cpaelzer> pankaj: you had something in mind when you thought it would still be eth0
<cpaelzer> like grepping for the interface name or callinth ethtool or whatever
<cpaelzer> there, use the new name
<cpaelzer> After the initial pain of adapting the new naming really is better IMHO
<Jtremback[m]> hey, does ubuntu have any kind of declarative system config format
<Jtremback[m]> I've been using LEDE and it's UCI system is really great
<nacc> Jtremback[m]: no, I don't believe it does
<Jtremback[m]> bummer
<sarnold> Jtremback[m]: many things can be configured via debconf -- see debconf(7) -- but certainly not as many things as e.g. suse's yast can configure
<Jtremback[m]> sarnold: thanks!
<nacc> sarnold: but even debconf isn't quite so imperative -- it's at the package level, I assume. Rather than say 'service' level like UCI?
<sarnold> nacc: no idea what uci is, but I'm going to go with 'yes' :)
<nacc> sarnold: yeah, i did a cursory google based upon Jtremback[m]'s question -- it's the config manager for LEDE (I think)
<hehehe>  :)
#ubuntu-server 2017-06-03
<lordievader[m]> Good morning
<ppetraki> morning
<jancoow> Hi guys
<jancoow> I want, for example, install the binary from zoneminder-feature-h264-videostorage
<jancoow> https://launchpad.net/~iconnor/+archive/ubuntu/zoneminder-feature-h264-videostorage
<jancoow> But there is no binary for ubuntu zesty
<jancoow> Is it possible to take a binary for an older version
<jancoow> for exmpale the one from trusty?
<haylon> Not sure if anyone else is up, its 10:30CST. Would/Is Conjure-up a good idea for using on Ubuntu-Server 16.04.2, or was it more for using with the desktop edition so you have instant access to the UI?
<stokachu> haylon: works on server
<stokachu> haylon: if you are ssh'd into a server have a look at using sshuttle for proxy, https://docs.ubuntu.com/conjure-up/en/usage#running-conjure-up-remotely
<haylon> Huh, that's spiffy. Thank you stokachu
<stokachu> np
<haylon> I figured I'd give Ubuntu Server a try again since I'm getting tired of CentOS and that whole line.
<stokachu> :)
<teward> NTP... is fun.
<teward> >.<
<IShavedForThis_> hey guys, I need help installing Ubuntu 16.10s version of fsck onto my 16.04 lts server as its creating issues with the rw ability of my external drives. could anyone point me in the right direction on how to install these?
<IShavedForThis_> /dev/sdd1 has unsupported feature(s): metadata_csum
<IShavedForThis_> e2fsck: Get a newer version of e2fsck!
<IShavedForThis_> "
<IShavedForThis_> anyone?
<teward> IShavedForThis_: related: https://bugs.launchpad.net/ubuntu/+source/e2fsprogs/+bug/1365874
<ubottu> Launchpad bug 1365874 in e2fsprogs (Ubuntu) "Ubuntu 12.04 LTS, 14.04 LTS, 16.04 LTS do not support ext4 metadata checksumming" [Wishlist,In progress]
<teward> IShavedForThis_: I'm not sure you can safely download that, but you'd have to probably manually go fetch the package and its dependencies from 16.10 and then install on 16.04
<teward> though you'll probably have a ton of dependency errors
<IShavedForThis_> damn. thanks man. Do you know any work arounds? or is the only fix to download a graphical Ubuntu lts 16.04 and fixed the disk errors on that?
<IShavedForThis_> ?
<teward> I don't have a workaround, sorry.
<teward> someone else might though?
<IShavedForThis_> yeah im googling. so far I cant find anything
<RoyK> sudo apt install mono
<RoyK> return -OWRONGWINDOW;
#ubuntu-server 2017-06-04
<IShavedForThis_> hey guys. just wanted to know if there was any awesome things I can do with a server. I primarily use it for plex, but am just wasting away a ton of power not fully utilizing it.
<IShavedForThis_> hey guys. just wanted to know if there was any awesome things I can do with a server. I primarily use it for plex, but am just wasting away a ton of power not fully utilizing it.
<tash> I'm seeing a lot of systemd messages in syslog like: Started User Manager for UID 116, Stopping User Manager for UID 116, Reached Target Shutdown...
<tash> lots and lots of occurrences, is this normal?
<tash> every 5 minutes
<dn`> Iâm trying a preseed/netboot installation. Is there any build in way to redirect the log to a syslog with a kernel parameter?
<guest4119> hey guys! whats something cool you do with your server? I got mine running smoothly now, and I realized I have way more than enough memory and cpu power for other tasks
<Poster> you might look into running virtual machines
<IShavedForThis_> hey guys! whats something cool you do with your server? I got mine running smoothly now, and I realized I have way more than enough memory and cpu power for other tasks
<Latrina> jails, bhyve, you name it
<IShavedForThis_> and what would the point of that be? Not trying to sound rude, I honestly just don't know
<teward> IShavedForThis_: it's really up to you
<teward> what's cool for one person is lame for another
<IShavedForThis_> lol true. I'm looking into things like slicify and the like right now to try and make some passive income
#ubuntu-server 2018-05-28
<cpaelzer> rbasak: those three packages are also fully in cosmic and in main there
<cpaelzer> I see them under "Binary only movements to universe" thou on https://people.canonical.com/~ubuntu-archive/component-mismatches.txt
<cpaelzer> If anything I'd read it as these three have nothing holding them in main anymore
<cpaelzer> also the LP view on the new upload LGTM
<cpaelzer> rbasak: I think my archive-component-foo is too bad for this special case, ping me later to help me understanding this please (/me wants to learn what I miss)
<lordievader> Good morning
<DirtyCajun> anyone played with tgt recently? I am having issues presenting a bare drive directly to direct-store. any backing-store *.img files work fine
<cpaelzer> DirtyCajun: only with .img files which worked for me (but also for you)
<DirtyCajun> damn
<DirtyCajun> ive tried  /dev/sd. ..... ive tried put it in a vg and making a lv for it...  othing.
<DirtyCajun> there is NO NEED to create a filesystem and add that overhead
<zioproto> good morning
<zioproto> I used to download sources of pristine-tar from http://anonscm.debian.org/cgit/collab-maint/pristine-tar.git
<zioproto> but now this repo is gone :(
<zioproto> anyone knows where to find the official new repo for this tool ?
<ikonia> thats not really an ubuntu problem zioproto
<zioproto> ikonia: sorry I did not put context
<zioproto> I used to build Ubuntu Xenial packages for Openstack
<zioproto> but Xenial has a pristine-tar package too old
<ikonia> and /
<ikonia> ?
<zioproto> and it is not possible to build ubuntu packages on xenial with pristine tar 1.33
<ikonia> ok ?
<zioproto> I had an automation script that installed 1.4x from that repo
<zioproto> the repo is gone
<ikonia> so basically a 3rd party script, provided by a 3rd party repo is now gone ?
<zioproto> I am looking for a pristine-tar 1.44 backport for Xenial
<zioproto> ikonia: the question is, is there a Ubuntu Xenial backport for pristine-tar 1.44 ?
<zioproto> like a PPA or something
<zioproto> I cant find it
<ikonia> so basically a 3rd party script, provided by a 3rd party repo is now gone ?
<zioproto> https://launchpad.net/ubuntu/+source/pristine-tar
<ikonia> those repos listed in https://launchpad.net/ubuntu/+source/pristine-tar are still there
<zioproto> OK I sorted it out
<zioproto> sudo apt-get install ./pristine-tar_1.44_amd64.deb
<zioproto> got the package from https://launchpad.net/ubuntu/+archive/primary/+files/pristine-tar_1.44_amd64.deb
<zioproto> that is what I needed
<zioproto> sorry for the nice
<zioproto> noise
<alex_dg> Hi! What secure GUI can I install on the server?
<ahasenack> rbasak: I know it's a holiday, but if you are around, could you please kick an import for skytools3?
<Neo4> how to back up and restore mysql?
<Neo4> mysqldamp -u[user] -p[password] [db_name] > damp.sql
<Neo4> it's for one database
<Neo4> what shall I do if I want to make damp all mysql?
<Neo4> and how recover?
<Neo4> can I merge two database?
<sdeziel> Neo4: you should probably read mysqldump's man page
<Neo4> ok
<Neo4> I will for one database do script for crone
<Neo4> wp_cronetab_backup.sh "/var/www/[site_name]"
<Neo4> and this will universal script to apply for many wp sites
<Neo4> it will automatically get from wp-config.php credansials for mysql and do tar archive in $HOME/backup
<Neo4> with current site_name_date_time.tar.gz
<sdeziel> Neo4: dunno if that can help you but I've been using this system-wide cron for years: https://sdeziel.info/mysql/mysql-backup
<sdeziel> it uses the default super MySQL user from /etc/mysql/debian.cnf
<Neo4> sdeziel: yes, it very helped, I wanted to know how apps to connect to mysql without asking root password, They might use those credentials
<Neo4> nice :)
<Neo4> now I will also use that file for creating removing database/users withotu asking root
<Neo4> this file /etc/mysql/debian.cnf
<Neo4> you cant log in using it in phpmyadmin, but in terminal you can
<Neo4> it might specially made for shell
<Neo4> for creating without asking
<Neo4> sudo mysqldump --defaults-extra-file=/etc/mysql/debian.cnf --single-transaction --lock-tables=false --quick --events wp_test2 > /var/www/wp.test2/damp.sql
<rbasak> ahasenack: starting
<rbasak> I think pristine-tar is broken in the importer somehow
<rbasak> ahasenack: it failed
<rbasak> Oh wait, my fault
<rbasak> Running again now  properly
<rbasak> ahasenack: done
<foo> If I want something to monitor server load, what do you suggest? I used to have my own nagios server... but mainly looking for something to monitor server load at thi spoint
<foo> Show me a graph
<foo> One system (digital ocean droplet), pretty simple (ideally a free account if possible, can pay if I expand/want to watch multiple system)
#ubuntu-server 2018-05-29
<lordievader> Good morning
<edenist> morning
<olivierbourdon38> monring everyone, anybody having experience with overlayroot package on ubuntu xenial 64 bits which generates a new initrd which is not compatible with my LVM based initial server setup. When I install overlayroot on my base image and reboot, the system does not seem to look for LVM root partition. Any ways to fix this ?
<olivierbourdon38> in fact I just narrowed down the problem which is not caused by overlayroot but by initramfs-tools
<olivierbourdon38> in fact on my system,  dracut is installed and was used to generate the initial initrd
<olivierbourdon38> installing initramfs-tools removes dracut and regenerates a non LVM compatible initrd
<rbasak> cpaelzer: I see three MPs in the review queue from you. Is there anything you'd like me to look at first?
 * rbasak takes the oldest one first
<compdoc> three MPs in the review queue? whats that?
<rbasak> compdoc: https://code.launchpad.net/~canonical-server/+activereviews
<rbasak> compdoc: though not a requirement for Ubuntu development, the Canonical server team operate a peer review policy for ourselves.
<ahasenack> any idea why ubuntu-upload isn't working for this package that is in xenial? https://pastebin.ubuntu.com/p/FTBtZz5krd/
<ahasenack> it's looking in cosmic
<ahasenack> rbasak: hi, morning, did git-ubuntu break again? I'm getting ERROR:root:Is python3-pygit2 installed?
<ahasenack> I have 0.7.4+git82.3512465  429 from edge installed
<ahasenack> or maybe that was never fixed and I upgraded
<ahasenack> oh, wait, I have 430 actually
<ahasenack> but with that error
<ahasenack> 429 works, I just reverted
<cpaelzer> rbasak: no particular prio order - open-iscsi is a bit special (no merge but a bug fix)
<cpaelzer> rbasak: and surely the one with the biggest changes, so more to discuss
<rbasak> cpaelzer: what I haven't been able to figure out is how the socket activation works at all
<rbasak> I grepped for sd_ and found nothing
<rbasak> and StandardInput=socket doesn't seem to be in use
<cpaelzer> rbasak: it is an abstract socket
<cpaelzer> the iscsi adm uses the same abstract socket
<rbasak> ahasenack: sounds like it's broken again :(
<cpaelzer> so the @... in the socket file registeres this abstraction
<cpaelzer> and this is what iscsiadm and co open against
<rbasak> cpaelzer: yeah but if systemd accepts the first connection, how does it pass the fd of that first connection over?
<cpaelzer> rbasak: I didn't care yet, but this is a general socket activation question and less MP specific right?
<rbasak> cpaelzer: it's MP specific in that I don't see how it could possibly work so therefore have a suspicion that merging this will break something
<rbasak> ahasenack: the self test passes for me. What subcommand is giving you that error please?
<cpaelzer> rbasak: the socket connecting code in iscsiadm always does retry the connection anyway mutliple times
<cpaelzer> rbasak: even if it does not use sd_listen_fds which would be explicit enabling via socket
<rbasak> cpaelzer: ah
<cpaelzer> the client will just reconnect
<cpaelzer> the first triggers the service
<ahasenack> rbasak: it was clone
<rbasak> ahasenack: thanks
<ahasenack> rbasak: I was trying to clone the recently imported skytools3
<rbasak> ahasenack: it works for me. What release is your host machine please?
<cpaelzer> rbasak: and it even has native systemd socket actviation support
<cpaelzer> from open-iscsid changelog line 225
<cpaelzer> 225       iscsid: implement systemd-compatible socket activation
<cpaelzer> rbasak: I'm fetching the upstream repo to tell you where it does
<cpaelzer> while I'm doing so, FYI - Fedora has socket activation on iscsid quite a while
<cpaelzer> so things would have broken some time in this part of the world already
<cpaelzer> rbasak: yep it checks first if it got an FD by systemd in  mgmt_ipc_systemd
<ahasenack> rbasak: it was 430, I reverted to 429
<rbasak> Ah
<cpaelzer> rbasak: since https://github.com/open-iscsi/open-iscsi/commit/5d0e19fcc1cea77a72647cf96c5d3d773e8ee277
<rbasak> cpaelzer: I was looking for sd_*
<cpaelzer> rbasak: is that enough FYI for now or are there other open issues?
<rbasak> cpaelzer: looks like they've implemented it themselves instead of using the systemd provided API
<cpaelzer> rbasak: yep
<rbasak> cpaelzer: that's fine for now thanks. I'll continue.
<rbasak> ahasenack: I mean what release of Ubuntu, sorry - I want to try to reproduce in a VM.
<ahasenack> rbasak: bionic
<rbasak> (as it doesn't reproduce on my system)
<rbasak> OK thanks
<LambdaComplex> is there a guide for disabling netplan in ubuntu server 18.04?
<sdeziel> LambdaComplex: last I've heard, it was as simple as "rm /etc/netplan/*"
<LambdaComplex> well that would be nice
<LambdaComplex> the /etc/network/interfaces file says to install ifupdown--i'm guessing that's the package containing the ifup and ifdown binaries
<rbasak> I think that's all you need to do
<genii> If you also want to use use ifconfig instead of ip, then you'll also need net-tools
<LambdaComplex> genii: noted
<LambdaComplex> ubuntu 16.04 doesn't use netplan, does it?
<cyphermox> that's different from whether you use ifup / ifdown
<cyphermox> LambdaComplex: it can, but it doesn't by default
<compdoc> LambdaComplex, netplan isnt difficult
<cyphermox> LambdaComplex: it would help a lot if you could tell me what you're trying to do, so if it doesn't work using netplan we can fix it for everyone.
<rbasak> ahasenack: reproduced. Yeah it's pretty broken. The self test fails on Bionic. I think it happens to pass on Xenial because it matches the core snap release.
<ahasenack> sometimes snaps remind me of the broken java promise: write once, run everywhere
<LambdaComplex> cyphermox: can i just say "trust me, the problem isn't netplan" and have you actually trust me? :P
<cyphermox> if you say so
<cyphermox> if what you're trying to do is actually special though, it might still help if you describe it; then if someone else wants to do something like that we have an example or something
<cyphermox> I *know* there are some things that aren't supported yet and I'm working on that, but I don't necessarily know of all the gaps because I don't necessarily try XYZ :)
<LambdaComplex> cyphermox: oh, you're one of the netplan devs?
<rbasak> ahasenack: FYI, I filed bug 1773991
<ubottu> bug 1773991 in usd-importer "snap version 430 broken" [Undecided,New] https://launchpad.net/bugs/1773991
<ahasenack> ok
<rbasak> cpaelzer: what is the purpose of replacing the invoke-rc.d call for the non-upgrade-path with deb-systemd-invoke?
<rbasak> Specifically I mean:
<rbasak> + deb-systemd-invoke restart iscsid.service || true
<cpaelzer> rbasak: two reasons for that
<rbasak> cpaelzer: FYI I just finished my review and asked in the MP but we can continue to discuss here
<cpaelzer> change #1 is to change from the start/restart to just restart - this is due to the whole things no only mattering at restart (guared when entering htis)
<cpaelzer> change #2 is to use deb-systemd-invoke, that is to be able to be able to pick .socket or .service
<cpaelzer> without it will be both
<rbasak> Are you sure it'll be both?
<cpaelzer> and as I mentioned deb-systemd-invoke is the one that considers policy.d
<rbasak> I got the impression systemd-sysv-generator affects .service only
<cpaelzer> rbasak: it was both when testing, and with deb-systemd-invoke I can be explicit
<rbasak> invoke-rc.d also considers policy-rc.d :)
<cpaelzer> I want to explicitly say .service to be sure to do what I mean
<rbasak> OK
<cpaelzer> and not just, "some iscsid"
<cyphermox> LambdaComplex: yes
<rbasak> cpaelzer: would you mind putting a comment above that line please, explaining why that bit of the delta is there? The reason for everything else was obvious to me, just not that bit.
<cpaelzer> rbasak: I'm already copying over
<rbasak> Thanks :)
<rbasak> My second MP point is also debatable
<rbasak> I think it's probably correct to call systemctl is-active directly without deb-systemd-invoke
<rbasak> Looking at its implementation
<rbasak> And its manpage lists the start, stop and restart actions only
<rbasak> But I await your opinion.
<cpaelzer> interesting rbasak
<cpaelzer> I didn't find that aspect, thanks to bring it up
<cpaelzer> yeah I'd use systemctl instead then
<cpaelzer> I was so happy to find deb-systemd-invoke to overuse it maybe, let me fix that
<cpaelzer> there is another call that neess the same change
<cpaelzer> rbasak: grepping through debian*postinst also confirms on systemctl for that
<cpaelzer> rbasak: I have the MP updated
<LambdaComplex> cyphermox: may i query you?
<nacc> rbasak: there?
<rbasak> nacc: o/
<cyphermox> LambdaComplex: sure.
<rbasak> nacc: I'm going to pop out for a while soon but will be back later.
<rbasak> nacc: it'd be good to sync up with you
<nacc> rbasak: sure
<rbasak> nacc: well I'm still here right at the moment :)
<rbasak> When is best for you?
<nacc> rbasak: i'll be around for a while, and i think we have a checkpoint tmrw?
<rbasak> Would you like to join a HO?
<nacc> rbasak: yeah i can do a hangout
<rbasak> nacc: I sent you a URL
<LambdaComplex> hm, i just realized i screwed up...
<LambdaComplex> i deleted the 1MB partition that ubuntu put at the start of the drive
<LambdaComplex> apparently that was necessary
<ahasenack> LambdaComplex: are you booting uefi or legacy/mbr?
<lordievader> Sounds like the efi partition.
<ahasenack> how do systemd service files with a "@" in their name work?
<ahasenack> they seem to be some kind of template
<ahasenack> https://pastebin.ubuntu.com/p/vNQfzrs7nr/ practical case
<ahasenack> I *think* the idea is to have one service per config file in, respectively, /etc/openvpn/server and /etc/openvpn/client
<sdeziel> ahasenack: yeah, exactly, those are per instance services
<ahasenack> how are they used?
<ahasenack> let's say I place a config in /etc/openvpn/server/myconfig.conf
<ahasenack> the openvpn-server@.service file has
<ahasenack> WorkingDirectory=/etc/openvpn/server
<ahasenack> ExecStart=/usr/sbin/openvpn --status %t/openvpn-server/status-%i.log --status-version 2 --suppress-timestamps --config %i.conf
<sdeziel> "service openvpn-server@myconfig start"
<sdeziel> %i gets replaced with what follows @
<sdeziel> not sure about %t though
<ahasenack> hmmmm
<ahasenack> that's cool
<sdeziel> %t is runtime dir
<sdeziel> man 5 systemd.unit()
<sdeziel> yeah, that is a really nice feature
<ahasenack> thanks
<trippeh_> ah good, systemd-networkd-wait-online seems to be broken on my computer (18.04)
<trippeh_> unless I specify interface it just times out, even with interface managed by networkd, working default ipv4 and ipv6 routes
<trippeh_> oh one unimportant interface is temporarily stuck in configuring
<trippeh_> so I guess not really broken just a little surprise :)
#ubuntu-server 2018-05-30
<DirtyCajun> Anyone use tgtadm with vmware esxi hosts? I cant get vmware to recognize any kind of backing-store but a .img flat file made by dd. Direct disks (/dev/sdxxx) and luns (/dev/mapper/vg-1/lv-1) show the controller but no formattable space
<cpaelzer> good morning
<lordievader> Good morning
<cpaelzer> hi lordievader
<cperrin> Hey. I amtrying to install ubuntu server 16.04.4 on my Dell R515 and it just wouldn't work. I get the grub screen but after that it just doesn't display anything. It might be a problem with the graphics that I just can't see any thing. Is there an option for "simpler" graphics?
<cperrin> Or maybe any other Idea. I see that the Server loads to image but then it just stops
<blackflow> cperrin: remove "quiet nosplash" from the kernel command line from grub, see if you get any output from the system booting and with that any error listed.
<rbasak> cpaelzer: on empty dirs in git-ubuntu
<rbasak> What I've been doing is disabling the hooks but proceeding anyway
<rbasak> In many cases the disappearing directory doesn't break anything because it's a 3.0 (quilt) package so gets effectively recreated (with a warning) by dpkg-buildpackage - because it doesn't end up in the debian tarball anyway, and the orig tarball doesn't get changed.
<rbasak> So the only things that would be broken are your commits which won't contain the empty directory.
<ahasenack> we just have to be careful if it's a new version, right? a new orig tarball
<ahasenack> we need to be sure it is the pristine upstream tarball, and not one generated from the git repo
<ahasenack> or not even that?
<rbasak> In this case I don't think it actually breaks much except for final rich history adoption since the importer will see the mismatch
<rbasak> Not even that
<rbasak> I believe that the orig tarball will always match byte for byte.
<ahasenack> the tarball we get will have the empty dirs?
<ahasenack> when we build-source, for example
<rbasak> Yes, because we effectively store the binary.
<rbasak> (via pristine-tar)
<cpaelzer> rbasak: oh I see, you say if the empty dir is not needed/touched by the commits then it doesn't matter
<cpaelzer> because the build provess will correctly recreate it anyway
<cpaelzer> with just tar+quilt
<rbasak> cpaelzer: right
<cpaelzer> rbasak: well then let me recreate what I wanted to send you as debdiff in git
<rbasak> Only the importer will refuse to accept your upload tag unless you create that final commit with empty directories again (which the git CLI can't do)
<rbasak> can't*
<cpaelzer> rbasak: and I'll compare the dsc/changes
<rbasak> cpaelzer: ack
<cpaelzer> rbasak: ahasenack: yes it really is exactly the same debdiff
<cpaelzer> ok, then I can MP propose this as well
<cpaelzer> \o/
<ahasenack> I wouldn't expect the debdiff to chang
<ahasenack> e
<ahasenack> I was worried about launchpad complaining about a hash mismatch with the orig tarball
<cpaelzer> ahasenack: the orig tarball was not touched
<cpaelzer> since it doesn't regenerate it but uses it as it has found it on publish
<pankaj_> While installing ubuntu server i was unable to comnect and configure network as i was dual booting. But now how to configure my network especially wifi via terminal. Please help
<RoyK> pankaj_: try "ip link list" to see if the nic is available
<Ussat> dual booting....
<RoyK> what about it?
<Ussat> There are better things in life than dual booting, like VM's
<nacc> what does dual booting have to do with being able to connect to the network?
<RoyK> nothing
<sarnold> nacc,RoyK, well.. I had a laptop once that couldn't use wireless until you booted it into os x or windows. (I can't remember which laptop that was. I just remember the annoyance.)
<sarnold> once the drivers had been updated in the first os then they'd work in linux..
<nacc> sarnold: you mean every time?
<sarnold> nacc: no, just the once
<sarnold> thank goodness :)
<nacc> sarnold: ah interesting. so some proprietary logic, i guess?
<nacc> sarnold: i wonder if you did some acpi hack if it would 'just work'
<sarnold> nacc: my guess was it was just lackinga  firmware, and hopefully the linux-firmware package would have taken care of it
<nacc> sarnold: ah could be
<sarnold> it was either a g3 ibook or a lenovo z60? iirc a p4m machine ..
<jaddison> Hi! looking forward to settling in on 18.04... having a networking problem though. I don't use sleep/hibernation, so it's not related to that.  When I reboot (or boot up after shutting down), the ubuntu does not get an ipv4 address. if I manually run `sudo dhclient` it gets one just fine. Upon reboot it is lost, however.
<jaddison> netplan is configured - in fact, the ip address worked fine for a few reboots, then stopped automatically working.
<dpb1> jaddison: can you pastebin the files in /etc/netplan/* ?
<dpb1> !pastebin
<ubottu> For posting multi-line texts into the channel, please use https://paste.ubuntu.com | To post !screenshots use https://imgur.com/ !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<jaddison> https://paste.ubuntu.com/p/RKdyMpqF2d/, dpb1
<jaddison> It was originally `optional: true`
<cyphermox> what does networkctl say there?
<dpb1> jaddison: remove addresses:
<dpb1> (I don't think that is causing it, but it's not needed)
<sarnold> cyphermox: should I be worried that systemd-networkd isn't running on my laptop?
<dpb1> sarnold: no, there you should be using networkmanager
<sarnold> dpb1: cool, thanks :)
<cyphermox> sarnold: cosmic?
<sarnold> cyphermox: bionic
<jaddison> cyphermox https://paste.ubuntu.com/p/jZDBTgTYqT/
 * dpb1 wonders if something changed in cosmic...
<cyphermox> you probably still ought to have networkd running..
<sarnold> p3 vs p2?
<jaddison> sarnold me? yeah, I just noticed that. No idea how that happened though?
<cyphermox> jaddison: did you change the hardware for that system?
<jaddison> cyphermox no.
<jaddison> wait, what do you mean?
<cyphermox> changing network card
<jaddison> I plugged in another GPU after it all
<sarnold> did you move the NIC?
<jaddison> surely that wouldn't do anything
<cyphermox> could be that
<jaddison> no
<jaddison> it's onboard nic
<jaddison> so ubuntu/netplan can't adjust if hardware is moved? that doesn't sound quite right... :)
<cyphermox> you mean networkd/udev
<cyphermox> but essentially, yeah, the issue is that the netplan yaml expects to configure p2, but the device is p3
<jaddison> cyphermox but I don't understand how it got into that state. Is this something that might happen again in future? I literally installed the box got it running fine, then added a GPU (I *think* that was the trigger?) then it all fell apart
<cyphermox> it's a little odd that adding a GPU would cause that, but it's plausible, the p there stands for which numbered bus the device is on
<cyphermox> jaddison: only when you change hardware, this is dependent on what buses are scanned in what order, but the ordering won't change
<cyphermox> I don't expect it would change again even if you changed the GPU
<dpb1> jaddison: a more reliable naming scheme *could* be for you to use mac address matching to id the card you want.
<dpb1> jaddison: https://netplan.io/examples#vlans -- look at the mainif, 'match:' stanza
<jaddison> cyphermox, dpb1 so, if I don't move hardware around in future for this box, I won't see this problem, most likely?
<cyphermox> right
<jaddison> dpb1 thanks, that's interesting.
<dpb1> yup
<jaddison> cyphermox ok, thanks (you too dpb1)
<jaddison> I'm back in the saddle, folks!
<cyphermox> jaddison: if it's a desktop, you're also not likely to have many more buses for new things to appear if you add/remove hardware ;)
<cyphermox> jaddison: dpb has a good point, you could add a match:  for the mac address of the device and rename it to something else, that way the name will never change
<blackflow> I've seen this happen. Remove/add a GPU and netif changes name.
#ubuntu-server 2018-05-31
<michael2> hi all. does anyone know how to get a load average with  `sar' command?
<xtuh> Hello, need some assistance with mdadm / fstab . i have 18.04 server, sda for system, sdb and scd as raid0 md0 device. the first problem is after reboot md0 became md127, is it ok? or i need start over?
<sarnold> michael2: no, but here's some reading that you may enjoy http://www.brendangregg.com/Articles/Netflix_Linux_Perf_Analysis_60s.pdf http://www.brendangregg.com/USEmethod/use-linux.html
<neildugan> I have setup a server using the 'ubuntu-server' meta package... I am trying to get netplan to create a bridge with a static IP... the method used in every doc. I have found doesn't seem to work... can anyone help here.  The "addresses: [10.20.0.1/16]" doesn't seem to do anything
<rbasak> cpaelzer: did you get an error running "git ubuntu merge start" on your ntp merge?
<rbasak> nacc: looks like dpkg-parsechangelog eliminates duplicates, but debian.changelog.Changelog does not. The assertion check caught this for ntp. I have a minimal test case. Additionally I found that the assertion check has an edge case bug when trying to prepare a test case.
<rbasak> So I now have two bugs: one where the assertion check fails to assert, and the underlying issue when it does assert due to a duplicate.
<rbasak> This is a bit mind bending so I thought I'd share. I'm wondering how to proceed.
<rbasak> Use case: git ubuntu merge start fails on ntp because of a historical changelog error
<rbasak> In that case it doesn't really matter that the two implementations mismatch
<rbasak> However this kind of difference is why we wrote the assertion check in the first place
<rbasak> Does this difference affect our algorithm?
<m27> Question: is fail2ban supposed to work out of the box? (without any configuration)
<cyphermox> neildugan: have you looked at https://netplan.io/examples#bridging ?
<cyphermox> neildugan: otherwise you should paste your entire netplan config so we can look at it
<Ussat> o/ morning
<Ussat> I am REALLY starting to like netplan :)
<blackflow> It's awesome, isn't it!
<Ussat> yes
<Ussat> just took some getting used to
<LambdaComplex> hi #ubuntu-server. i have another fun problem. i just tried resizing my ubuntu's / partition (ext4) using centos 7, but resize2fs failed because the filesystem apparently has "unsupported feature(s)"
<LambdaComplex> any ideas of which feature(s) could/would be causing this problem?
<LambdaComplex> (not sure if i should be asking here or a centos channel tbh...but i assume this place will know more about what features ubuntu uses for ext4 by default)
<sdeziel> LambdaComplex: that's a known thing, let me find the bug
<LambdaComplex> sdeziel: i found something on the centos mailing list but it devolved into bikeshedding over updating for reboots
<LambdaComplex> and i don't think a conclusion was ever reached wrt the original topic
<sdeziel> LambdaComplex: https://lists.ubuntu.com/archives/ubuntu-server/2018-March/007671.html
<sdeziel> ext4 feature 'metadata_csum'
<Ussat> gpartd
<sdeziel> LambdaComplex: that said, I always resize the root FS live
<LambdaComplex> sdeziel: lol, you said that right as my coworker messaged me something about metadata_csum
<LambdaComplex> so i'd say that's definitely the thing
<sdeziel> LambdaComplex: so if the partition boundary is moved already (CentOS was probably able to do that part), I'd boot on 18.04 then run "resize2fs /dev/fooX"
<sdeziel> live resize never failed me
<sandstrom> I'm upgrading from 16.04 to 18.04 and wrestling with systemd-resolved. I need to forward requests under one FQDN to a local DNS server, all other requests should go to the DNS acquired via DHCP. I had this working with dnsmasq previously, but doesn't work after upgrading. Is DNS forwarding per FQDN/domain possible with systemd-resolved? Or do I need to disable it and use dnsmasq only?
<sandstrom> If I do disable it, how can I ensure that dnsmasq is setup with the DHCP-acquired dns-server (which I assume may change from time to time)?
<sdeziel> sandstrom: systemd-resolved supports per domain forwarders
<sdeziel> dunno how to configure it that way though
<sandstrom> @sdeziel sounds awesome :)
<sandstrom> @sdeziel I've looked through the docs, haven't found anything
<sandstrom> @sdeziel there is support for search domains, but that is something else
<sdeziel> sandstrom: hmm, maybe I was wrong. systemd-resolved supports per-link resolvers/forwarders
<sdeziel> sandstrom: not sure anymore about the per domain
<sandstrom> @sdeziel Yeah, I didn't find anything in `man resolved.conf` at least
<sandstrom> @sdeziel guess I'll just have to bypass systemd-resolved entirely
<sdeziel> sandstrom: have you tried a systemd specific channel?
<sandstrom> @sdeziel know of any?
<sandstrom> I'll try in #systemd
<sdeziel> sandstrom: that's where I'd go ;)
<LambdaComplex> cyphermox: my coworker wants to know how he can make netplan "put up a bridge containing only a vlan interface with no addresses assigned?"
<Ussat> WAT ?
<cyphermox> LambdaComplex: right not, you can't, unless you add another .network file setting ConfigureWithoutCarrier=yes
<cyphermox> I'm fixing that very very soon, working on a new release right now
<sdeziel> cyphermox: that's good to hear cause I was also missing that feature
<cpaelzer> rbasak: I hit all sort of errors during merges
<cpaelzer> rbasak: none that I'd not have reported already in one or another form
<cpaelzer> rbasak: not sure if the one I hit on ntp was on merge start or later
<cpaelzer> rbasak: I quite often have to do the rebase again, which seems due to old merge tags being around
<cpaelzer> I haven't proven yet what the source is e.g. how to trigger
<cpaelzer> but in those cases I do the rebase myself, and have to take out ALL history until it starts at the right place
<cpaelzer> so something at the parenting seems to be mixed up
<cpaelzer> rbasak: mostly I hit the "error has to be clean" when creatin logical tags
<cpaelzer> in those cases I create it myself
<nacc> rbasak: do you have a log?
<rbasak> nacc: I can produce one but I'm confident I know exactly what's going on
<rbasak> nacc: I intend to write it all up in a bug
<rbasak> With minimal reproducers etc
<rbasak> nacc: minimal test case: http://paste.ubuntu.com/p/6D3VpsshrP/
<rbasak> nacc: minimized reproducer: https://pastebin.ubuntu.com/p/XZsc8g2Frr/
<rbasak> nacc: in the assertion, "zip" throws away the end of the longer input, so the minimal test case needs the fourth changelog entry to trip it up. I think that's a bug in the assertion code.
<rbasak> I've come to the conclusion that it doesn't matter for the importer, but I'll double check.
<rbasak> Since the changelog parent is defined as the first occurance that matches, the issue of a second match never comes up
<rbasak> So I think what I'll do is fix and relax the assertion
<rbasak> If the assertion dedupes both input lists before asserting, then the assertion will still pass and detect any other mismatch problems
<rbasak> While explicitly accepting this particular class of mismatch
<rbasak> To be clear, that means I think there are two things that need fixing.
<rbasak> 1) Relaxation of the assertion to allow a duplicates-exist vs. deduped difference assuming that we all conclude that this is safe.
<rbasak> 2) Fixing of the assertion in the zip truncation case that causes the comparison to fail to assert with only the first three changelog entries in my example.
<nacc> rbasak: ack
<granjero> hi, i got a question. Ubuntu server 18.04. I see /etc/network/interfaces is gone.  I'm reading about netplan. I got a file on /etc/netplan called 50-cloud-init-yaml. Is the only file in that directory. It has a comment that says that changes on that file will not be persistent. I want to fix a static ip address.
<granjero> Do i have to delete that file and create a new one with sudo netplan generate?
<sarnold> it's probably worth spending a few minutes skimming the website if this is your itnroduction to netplan https://netplan.io/
<granjero> will do sarnold
<granjero> thnx
<Buoy172> how do I check my ubuntu server version?
<genii> cat /etc/issue
<genii> sarnold: Added !netplan just now, for future reference
<sarnold> genii: thanks
<genii> np
<nacc> rbasak: did have a thought about your test case
<nacc> rbasak: 1) I'm not sure that Ubuntu will let you do that, if those are all actually published, as 3 would be published with different contents
<nacc> rbasak: 2) if it is allowed we should see a reimport tag, and two distinct entries, but I think with my branch that should all work (when we see the second 3, we'd create a reimport tag)
<cyphermox> granjero: you can modify that file, the mention that it's not persistent is essentially a lie.
<cyphermox> or you can delete and create a new one, but you shouldn't use 'netplan generate'; use 'sudo netplan apply' instead
<nacc> rbasak: meanwhile, did you figure out with kyrofa what is going on with 430?
<cyphermox> genii: thanks!
<nacc> rbasak: also afaict, ntp's `git ubuntu merge start` failure has nothing to do with this code? rather confused
<nacc> I see a failed cherry-pick
<nacc> oh i know why this happened, I think
<nacc> after the reimport, our merge logic might need adjusting
<Ussat> FYI I am VERY happy with netplan
<cyphermox> I'm not
<cyphermox> I'd be if I could fix these autopkgtests :)
<cyphermox> Ussat: if your config is more than just dhcp or static addresses though I'd be very interested to have a look; see if we can make that a generic example
<granjero> cyphermox, thanks. it's confusing thats says that changes to the file will not be persistent. =P will bakup that file and create a new one "config.yaml"
<granjero> excuse my english
<granjero> it is a bit rusty
<cyphermox> granjero: well, it's persistent unless the metadata changes, which depends on what kind of server it is
<granjero> also confused about the indentation of the file.
<granjero> is there a "tab" then 2 tabs an so on?
<dpb1> don't use tabs
<dpb1> spaces only
<granjero> cyphermox, the name of my ethernet interface comes from the comand ip?
<granjero> ip a?
<cyphermox> yes
<cyphermox> ip link
<granjero> great. thanks
<rbasak> nacc: o/
<rbasak> nacc: git ubuntu merge start --tags-only currently fails on ntp
<rbasak> nacc: the root cause I believe is that dpkg-parsechangelog output mismatches the parsing of debian.changelog.whatever
<rbasak> nacc: and that fails the assertion
<rbasak> The reason for the mismatch is that in the ntp changelog currently in Ubuntu, a changelog entry is duplicated
<rbasak> Like it is in my test case
<rbasak> nacc: I haven't checked but I suspect that there weren't actually two uploads or anything. It's a changelog transcription error from the uploader probably.
<rbasak> Or else it's intentional and represents how the maintainer decided to make something in experimental appear linear, etc.
<granjero> cyphermox, worked like a charm!
<granjero> thank you very much
<granjero> sarnold, thank u too
<trippeh_> [   10.020680] mlx4_en: enp2s0: Link Up
<trippeh_> [  499.936066] EXT4-fs (sda2): mounted filesystem with ordered data mode. Opts: (null)
<trippeh_> well thats not good :p
<trippeh_> that is / by the way
<nacc> rbasak: uh ... it works fine here
<nacc> rbasak: what version of the snap?
<nacc> rbasak: r430 is unusable, as you know, so i'm manually on r429
<nacc> rbasak: what changelog entry do you see being duplicated?
<nacc> rbasak: i'm fairly sure the code you're talking about is completely unused by merge
<nacc> rbasak: fresh clone, merge start --tag-only worked fine with r429
<nacc> now the rest of `merge start` does not ... but that is what i was referring to earlier
<trippeh_> hm. it is blocking in initramfs. could be entropy maybe
<Blueking> hello nacc
<nacc> Blueking: hey
<Blueking> sup ?
<nacc> Blueking: ... nothing? you pinged me :)
<Blueking> :)
<Blueking> got mine xeon E3 'server' fixed :)
<nacc> Blueking: nice!
<Blueking> had to perform bios flash with ME disabled
<trippeh_> strange, it is modprobe ext4 that is blocking??
<trippeh_> and it unblocks the second I send it a alt+sysrq (with no sysrq command)
<sdeziel> hmm, isn't that always builtin on Ubuntu kernels?
<trippeh_> sdeziel: yes. it IS strange ;)
<trippeh_> now if I could figure out how to give it a alt-sysrq-l through this POS java thing
<trippeh_> of course if it unblocks when I get to alt-sysrq that wont work ha
<trippeh_> hitting the keyboard until crng inits does nothing, but alt-sysrq immidiately unblocks it.
 * trippeh_ confused
<trippeh_> it is a Atom C3758, fwiw
<trippeh_> and on cosmic (pretty sure I saw it on bionic too)
<nacc> rbasak: heh, it will work properly with our non-merge upload tags
<nacc> rbasak: but is pretty broken with our merge ones, and i need to think of how it ever worked
<trippeh_> hm on a hunch I started blacklisting drivers during initramfs
<trippeh_> blacklisting ixgbe seems to fix it
<trippeh_> ..but now it locked up on shutdown hrm ;)
<trippeh_> ok I've pretty reliably moved the hangs from boot to shutdown. progress? :P
<sarnold> heh, now you just need a reliable way to yank the power ..
<trippeh_> the bios is confused about the ixgbe now. there might be a pattern..
<genii> sarnold: https://imgs.xkcd.com/comics/hard_reboot.png
<sarnold> genii: hehehe :)
<nacc> rbasak: cpaelzer: ok i see why merge start failed
<nacc> pkg/upload/1%4.2.8p10+dfsg
<nacc> bah, pkg/upload/1%4.2.8p10+dfsg-5ubuntu2
<nacc> does not have an appropriate import-tag as a parent
<nacc> it was based off a point where we had the devel branches separately being merged throughout the history
<nacc> thus, `merge start` doesn't see those commits (they are not in the ancestry list) and so the cherry-pick fails
<nacc> rbasak: that's the only bug i see with ntp currently
<nacc> rbasak: i *think* our new algorithm would reject this upload tag
#ubuntu-server 2018-06-01
<trippeh_> seems it was just bad memory. didnt trip any ECC tho.
<sarnold> o_O
<cpaelzer> good morning
<cpaelzer> rbasak: nacc: ok, we will see if next time things are similar
<cpaelzer> I'm ok if the hickups this time were due to the re-import
<lordievader> Good morning
<sruli> anyone tried running ubuntu-server from usb stick in production? i have HP DL320 8x256GB SSD RAID 10, does it make sense to run the OS from internal slot, will it effect the performance of kvm vm's on the main raid?
<blackflow> sruli: I haven't tried, but in theory I don't see anything wrong with that, assuming you treat the USB installation as readonly root, and mount writable paths from faster media, like the "main raid" you mention.
<sruli> blackflow: i understand, on the flip side if i install the os on main raid will that have any effect on performance of kvm?
<blackflow> sruli: again depends where you mount writable paths, but it'd probably be insignificant, unless you have any high volume logging going on or something like that.
<sruli> blackflow: not show how to mount root as read  only and which path i need to make to main raid
<blackflow> if I were you, I'd consider using ZFS and put VMs on dedicated zvols.
<sruli> blackflow: i ran some bonnie++ test with the os install on main raid vs on usb, see the results here, https://www.saurymper.com/pages/bonnie-results-2018-05-31.html see  Set 1 & 3 tests
<sruli> blackflow: i will put vm's on seperate LV's, i want to stay with raid 10, i am not sure if zfs can surpass the performance of dedicated raid card (p420)
<blackflow> sruli: those numbers don't mean much to me, it's a synthetic benchmark.
<blackflow> sruli: it might, depending on the size of hot data and amount of RAM
<blackflow> but you also get all the goodies of ZFS: checksumming, snapshots, easy backups, ARC/L2ARC and in case of write heavy applications, ZIL
<sruli> blackflow: to use that i would need to delete the raid set and expose the drives directly to os, right?
<blackflow> and compression. Just as an example, I only use ZFS, exclusively on the servers. All the hot data (actively accessed) fits in RAM so ZFS' MFU (Most Frequently Used) caches are reigning supreme, while at the same time all the data is checksummed, auto-healing raid6 (raidz2), and backups are a snapshot + zfs send|recv away.
<blackflow> sruli: yes. ZFS works best if it uses drives directly.
<blackflow> if you're not familiar with ZFS, I wouldn't recommend you going straight to production with it. I just meant to say consider it, toy with it, learn it, because in the long run you'll reap huge benefits.
<sruli> blackflow: i have 32GB ram, i guess zfs raid 10 would be the fastest?
<sruli> blackflow: been using zfs z2 on my workstation for 3-4 years, installed and forgot about it (its a storage pool, os is on ssd)
<blackflow> depends on the workload. but in general I'd say yes, raid10 -- or striped mirror as it is in ZFS -- should be very fast.
<sruli> blackflow: will try it and run a bonnie test, maybe someone will be able to decipher those tests and see which is best option
<blackflow> bonnie wont help you there. ZFS MFU is built over time and the true performance benefits come from L2ARC and ZIL -- unless you're already using ssd/nvme for disks
<sruli> blackflow: its a new install no existing data, using consumer ssd's (hp s700 pro)
<blackflow> sruli: then it boils down to if hot data fits in RAM. if not, ZFS will not be performant (but will be everything else).
<sruli> blackflow: all the files are small (except maybe for the actual os installs on the VM's) and a few 2-300mb files
<blackflow> sruli: that doesn't mean anything. it all depends on how they're used, especially if frequently used blocks can fit in RAM / can be identified by ZFS MFU.
<sruli> blackflow: how do i figure that out?
<blackflow> sruli: you don't, in advance. You have to put it in production and see, or have eexperience from previous such deployments.
<Buoy172> I have ubuntu 16.04 with caddy. I just installed php7.2 on it. I created a test page /var/www/index.php and its contents: https://pastebin.com/V6pLVMuE
<Buoy172> The output in the browser is the same as the contents.
<Buoy172> Not just "Hello World"
<Buoy172> What is the problem?
<blackflow> Buoy172: you haven't configured the web server to interpret the .php scripts with the PHP interpreter
<sandstrom> On Ubuntu 18.04, how can I let dnsmasq know about the upstream (dhcp-provided) DNS server?
<sandstrom> In NetworkManager there was a specific setting for dnsmasq, but NetworkManager doesn't seem to be used in 18.04.
<blackflow> sandstrom: NM is used, on desktop, but abstracted with netplan. It's still full networking authority in case of dhcp setups via netplan. Which means, NM + dhcp should set up DNS servers from dhcp data. but, irrc, dnsmasq is not default, so you must've set that up?
<blackflow> sandstrom: anyway, to config dnsmasq under NM, see this, see paragraphs for "dns" setting:  https://developer.gnome.org/NetworkManager/stable/NetworkManager.conf.html
<sandstrom> blackflow this is an ubuntu server (if that matters), yes I've setup dnsmasq manually.
<blackflow> oh yes, the channel is -server :)   well, then the networking authority is networkd, for dhcp setups. otherwise you need full network config via netplan itself.
<blackflow> or ignore netplan and configure networkd directly.
<sandstrom> blackflow: when systemd is the authority, is it still possible to have it 'tell' dnsmasq about the upstream dns server?
<Buoy172> How do I configure the web server to interpret php?
<blackflow> sandstrom: not sure. by default it wants to use systemd-resolved, and personally I have very little experience with dnsmasq, I use bind (and mask out resolved completely).
<sandstrom> I haven't found anything similar to what you quoted in the man pages for 'systemd.network'
<sandstrom> blackflow I wouldn't mind using bind either. My problem is that I want to forward dns queries under one special domain (.example) to a local dns server (say, 127.0.0.2).
<blackflow> Buoy172: for example   https://www.digitalocean.com/community/tutorials/how-to-install-linux-nginx-mysql-php-lemp-stack-in-ubuntu-16-04
<sandstrom> This doesn't seem to be possible under systemd-resolved, so I'm thinking that I need to configure systemd-resolved to pass all traffic to dnsmasq/bind, and then have dnsmasq/bind resolve with upstream (dhcp provided DNS) for everything except those under the special domain.
<Buoy172> blackflow: I don't need instructions for nginx. I have caddy.
<blackflow> Buoy172: then look up caddy documentation on how to set up php-fpm fastcgi.
<blackflow> sandstrom: nah, just drop resolved completely
<Buoy172> I'm looking... :)
<blackflow> sandstrom: that way you have full control over /etc/resolv.conf and can do full DNS configuration with bind. eg, make it authoritative for .example, and pass through everything else to an upstream resolver, OR query the roots directly (my preference)
<sandstrom> blackflow Agree, that's what I want
<sandstrom> but I don't know how to let bind know about the dhcp provided dns server
<blackflow> ah, I see what you mean
<sandstrom> (I've figured out how to take back control over /etc/resolv.conf from systemd-resolved (read in the man pages), but don't know how I'll have systemd-networkd inform bind (or dnsmasq) about the upstream DNS servers (received via DHCP). I guess I could hardcode 8.8.8.8 or similar, but would like to avoid that if possible
<blackflow> well I'm not sure, I'd have to google it, but it'd probably involve dhclient or dhcpcd integrating with bind/named somehow.
<blackflow> eg, NetworkManager can integrate with unbound via hook scripts, and same principle could be used for bind, but... that's network manager.
<sandstrom> alright, those are good pointers, I'll investigate further! Thanks a lot for your help!
<blackflow> dhclient has such hook scripts too iirc
<Buoy172> blackflow: now the url outputs "502 bad gateway". Do I need to install php-fpm?
<blackflow> Buoy172: yes, if you're configuring the web server to use php-fpm via fastcgi.
<blackflow> and oyu should, that's pretty much a standard setup nowadays. PHP under fastcgi with php-fpm as the process manager for it.
<Buoy172> I installed php with this command: "apt-get install php7.2"
<blackflow> Buoy172: I believe that pulls in php7.2-fpm
<Buoy172> I looked up that "dpkg --get-selections | grep php" lists all the installed php packages
<Buoy172> and here they are: https://pastebin.com/tP4dEetQ
<Buoy172> Does this mean I don't have php-fpm?
<blackflow> Buoy172: yes, install php7.2-fpm
<blackflow> Buoy172: ah yeah, it pulled in the libapache thing, I see the dependency is that libapache thing, OR fpm, OR cgi.
<blackflow> libapache thing = libapache2-mod-php7.2, aka the mod_php for apache
<sandstrom> Buoy172 tried any of http://oonlab.com/code/2016/08/12/setup-caddy-on-ubuntu-to-work-with-php/ https://www.digitalocean.com/community/tutorials/how-to-host-a-website-with-caddy-on-ubuntu-16-04 https://www.digitalocean.com/community/tutorials/how-to-install-wordpress-with-caddy-on-ubuntu-16-04
<Buoy172> sandstrom: thanks, I'll check those links out
<sandstrom> top hits on google
<Buoy172> all right, managed to setup php!
<Buoy172> Thanks guys. I might have some more questions later. Please bear with me, I'm a beginner ;)
<lordievader> Nothing wrong with that ð
<coreycb> frickler: would you be able to respond to rbasak's question on the dynamic-routing bug?
<frickler> coreycb: oh, I had interpreted that at being directed towards thedac who did the Ubuntu testing. I'll add a comment
<coreycb> frickler: well possibly, i thought you tagged it but anyone will do if they tested
<coreycb> thanks frickler
<nacc> rbasak: re: ntp merge, have a sec?
<rbasak> nacc: yes
<rbasak> nacc: here? Or HO/Meet?
<nacc> rbasak: whatever you prefer
<rbasak> nacc: I sent you a link
<rbasak> (DM)
<teward> ahasenack: any idea why an autopkgtest inside snapped LXD doesn't have any netowrking connection?  (It's like it's not requesting an IP...)
<SSMAdmin> Hi all.  Anyone else had their 18.04 apache server suddenly stopp working?  Error.log only says "Out of Memory", apache2ctl -S" complain about a missing or empty Letsencrypt certificate (which actually IS there and is NOT empty), and "sudo apache2 -X -f /etc/apache2/apache2.conf" complain about  Config variable ${APACHE_RUN_DIR} is not defined.  I myself have not made any changes that should create these errors and apache
<SSMAdmin> stop working.  So I wonder what could have happened, and how to fix it.  Any help?"
<dpb1> yuck
<dpb1> how much memory does your system have
<SSMAdmin> 4G
<SSMAdmin> and there is nothing else running on the machine, exerpt the kid wathcing netflix
<SSMAdmin> apache is serving nextcloud, but there is no traffic there, only private cloud (which is now not working as apache refuse to run)
<SSMAdmin> To me it looks like some system update have messed up things, as the sound settings on the desktop was also suddenly changed/reset, so I had to go in desktop system tools area to configure sound output once more to get the sound back.  Strange things have happened.  And I know for sure the box is not hacked, and my 6 year old is not capable of messing with system settings
<matjam> SSMAdmin: I didn't realise this channel existed
<matjam> so, thanks
<yeats> SSMAdmin: could be that the server ran out of RAM for non-apache reasons and apache was just collateral damage
<matjam> SSMAdmin: I've seen out of memory stuff in apache when using something like PHP and you increase the upload limit to something silly like 2GB and you don't have a small VM
<matjam> *big vm
<matjam> SSMAdmin: the certificate thing is weird too
<matjam> SSMAdmin: you should be able to change the systemd policy to restart apache in any condition
<matjam> or switch to nginx because it's better
 * matjam ducks
<SSMAdmin> I dont think the server ran out of RAM, as it is only apache that runs most of the time.  Kid log in and watch some netflix before bedtime, but else there is nothing running
<SSMAdmin> Beside, it has worked in this type of configuration for years, then I upgraded to 18.04 i April, and it has been running without error since...until these strange things happened yesterday
<matjam> well basically you should go through the logs
<matjam> dmesg, syslog etc
<matjam> look at the times around when the problem happened
<matjam> also the apache2ctl -S command might complain if you did not run it as root and the certificate permissions are set such that your user can't read the files that are referred to in the configuration in apache
<matjam> and running the apache2 command directly would complain as there is an environment variable set in the startup script for the apache daemon
<matjam> so I don't think either of those things are symptomatic
<matjam> SSMAdmin: also, are you running the official apache package from the ubuntu repos or did you build from source? Are you using PHP? any other deails you can give about the system?
<matjam> "sudo apt install inxi pastebinit" and then "sudo inxi -Fr -c0 -z | pastebinit" and sharing the URL that it prints out might be helpful for us to get some context.
<matjam> SSMAdmin: did you get the last thing I said?
<pavlos> SSMAdmin: matjam  I'm here too
<SSMAdmin> matjam https://paste.ubuntu.com/p/f2BxZdNnXx/
<matjam> :thumpsup:
<matjam> SSMAdmin: and you just used the Apache package in the Ubuntu repo right?
<SSMAdmin> yes
<matjam> SSMAdmin: whats the apache serving? A php app?
<matjam> SSMAdmin: is it open to the internet?
<SSMAdmin> matjam apache is serving nextcloud, and it is open to the internet, it has been working since April when I installed 18.04 and nextcloud and configured the system.  Errors and strange behavior occured yesterday
<matjam> SSMAdmin: it may be someone was running an attack against your server and managed to trigger a bug to consume memory and DoS your server.
<matjam> nextcloud is written in PHP, so the code is executed in the apache process
<matjam> which means if there's a bug in nextcloud or in php, it would behave like that
<matjam> I've seen that behavior before when I've had a server being actively attacked, and I was running an older version of the app or PHP
<matjam> make sure you've got libapache2-mod-php7.2/bionic-updates,bionic-security 7.2.5-0ubuntu0.18.04.1 amd64 isntalled not the older libapache2-mod-php/bionic,bionic 1:7.2+60ubuntu1 all
<matjam> make sure nextcloud is updated
<matjam> if you still have problems with it, I'd look at using nginx + php-fpm which is the fastcgi runner for php apps, and that runs your PHP application in a separate process - so at worst it will take out the PHP environment but not nginx. You can also use the same model with apache - it also supports fastcgi
<matjam> SSMAdmin: I'd check the apache logs and see what was hitting your server on the lead up to the crash, I would suspect that there's lots of weird requests.
<SSMAdmin> matjam thankyou. That is a lot to wrap my head around, but I'll try.  I am not linux-trained, so only have basic commandline skills
<SSMAdmin> I will read up about your suggestions
<matjam> SSMAdmin: yeah, you should be aware that there's lots of automated scripts out there trying to find their way into whatever they can, you'll probably find lots of random accesses in your apache logs, thats usually not people thats some automated script
<matjam> and they try like, every exploit they can against the server, and this will sometimes crash things
<SSMAdmin> yes, I saw huge logs, so there is a lot in it.  what is the command in nano to get to the last line of the log?
<matjam> uh, shift pg-down I think?
<matjam> I usually use less to view logs though
<matjam> no chance I will accidentially edit the file
<SSMAdmin> shift pg-down did not work
<SSMAdmin> how to use less?
<matjam> man less will give you all the commands
<matjam> "man less"
<SSMAdmin> thanks
<dlloyd> last line is >
<matjam> I typically do shift-F and then ctl-c to get to the bottom lol
<matjam> there ya go
<matjam> update-alternatives --set editor vim :P
<SSMAdmin> dlloyd > alone did not work, shift > or ctrl > did not work either
<dlloyd> uh, sure you are in less?
<dlloyd> G should do eof too
<SSMAdmin> dlloyd, sorry, I thought you ment nano
<SSMAdmin> matjam, looked in access.log.  There is nothing there indicating some attack.  Last lines indicate working apache serving nextcloud connections from known clients.  Then traffic just stops, no more entries in access.log
<matjam> then may just have been a bug in nextcloud
<matjam> above advice still holds
<SSMAdmin> ok, i try deactivating nextcloud, and activate 000-default.conf and see what happens
<SSMAdmin> well, that did not help, apache not running
<matjam> you probably have an invalid apache configuration, so become root with "sudo -i" and then run apachectl configtest
<SSMAdmin> Syntax OK
<SSMAdmin> apache2 -X -f /etc/apache2/apache2.conf
<SSMAdmin> [Fri Jun 01 21:02:09.055322 2018] [core:warn] [pid 27409] AH00111: Config variable ${APACHE_RUN_DIR} is not defined
<SSMAdmin> apache2: Syntax error on line 80 of /etc/apache2/apache2.conf: DefaultRuntimeDir must be a valid directory, absolute or relative to ServerRoot
<SSMAdmin> This is a strange thing, as I have not touched this setting, so why should it suddenly complain about that variable?
<SSMAdmin> In /etc/apache2/envvars it says "export APACHE_RUN_DIR=/var/run/apache2$SUFFIX".  I have checked that /var/run/apache2 dir actually exist
<SSMAdmin> So apache is complaining about a non-existing directory that actually exist
<SSMAdmin> Similar to it complaining about a non-existing or empty letsencrypt certificat, that actually exist, and is NOT empty, its content is as originally created by certbot
<SSMAdmin> have to put kid to bed, be back later
<matjam> you can't start apache like that
<matjam> why do you keep doing that ..
<nacc> SSMAdmin: you aren't using the service file, which probably does other things, like ensure envvars is sourced.
<SSMAdmin> matjam, I dont "keep doing that".  I run some command I have found on the internet, from posts discussing similar problems, in order to find out what is wrong.  I dont usually run apache manually
<SSMAdmin> nacc you are probably correct, but I am just a newbie, so I dont know.  Could you please tell me how to do this correct then?
<matjam> systemctl start apache
<matjam> look at error_log
<SSMAdmin> yes I know, and I have tried it, nothing happens, not even an error message.  The only thing that then happens in error.log is a new entry of "Out of Memory"
<matjam> sudo systemctl status apache | pastebinit
<matjam> also journalctl -u apache will give you what systemctl knows
<SSMAdmin> systemctl status apache | pastebinit
<SSMAdmin> Unit apache.service could not be found.
<SSMAdmin> Du prÃ¸ver Ã¥ sende et tomt dokument. Avslutter.
<matjam> its probably apache2
<SSMAdmin> then
<SSMAdmin> journalctl -u apache
<SSMAdmin> -- Logs begin at Sun 2018-04-29 19:26:53 CEST, end at Fri 2018-06-01 21:51:11 CEST. --
<SSMAdmin> -- No entries --
<SSMAdmin> apache2 yes, sorry, I try again
<sarnold> my favourite part is how the tools don't give you any feedback that the unit name is unknown
<sarnold> "lol here's the non-existant logs in that time frame!"
<matjam> yeah it is idiotic
<matjam> silent on success, print something on failure, thats the unix way
<matjam> so service name is apache2
<matjam> sorry
<matjam> I use nginx
<SSMAdmin> Status apache2: https://paste.ubuntu.com/p/N22kwvvr9K/
<matjam> SSMAdmin: cat /etc/apache2/mods-enabled/mpm_prefork.conf | pastebinit
<matjam> also cat /etc/apache2/apache2.conf | pastebinit
<SSMAdmin> journalctl -u apache2: https://paste.ubuntu.com/p/cDx5t8shFM/
<matjam> SSMAdmin: also cat /etc/php/7.2/apache2/php.ini
<SSMAdmin> apache2.conf: https://paste.ubuntu.com/p/ckJRxPfT8W/
<matjam> | pastebinit
<SSMAdmin> php.ini: http://paste.ubuntu.com/p/B8FQbbkP6G/
<matjam> also, cat /var/log/apache2/error.log | pastebinit
<SSMAdmin> error.log: http://paste.ubuntu.com/p/CWFGdVdQnY/
<sdeziel> this also work: "pastebinit /var/log/apache2/error.log"
<sdeziel> cat doesn't hurt but I find it cool that pastebinit can eat files directly
<SSMAdmin> thanks sdeziel
<sarnold> Out of memory
<sarnold> uhhhh
<matjam> oh thats nice
<matjam> SSMAdmin: did you increase php memory limit to 256M?
<matjam> memory_limit
<matjam> I'm assuming when you were setting up the app
<SSMAdmin> yes I may have done that when configuring nextcloud settings
<sdeziel> I find it odd that no timestamp is prepended to those messages
<matjam> can you do, find /etc/apache2 -ls | pastebinit
<matjam> sdeziel: I think it's the php module
<matjam> sdeziel: my theory is we need to increase memory available to php in apache2 configuration
<matjam> just trying to confirm there is no limts being set elsewhere
<matjam> https://httpd.apache.org/docs/2.4/mod/core.html#rlimitmem
<sdeziel> matjam: wouldn't that be in /etc/php/7.?/apache2/ then?
<matjam> SSMAdmin: also confirm that grep -ir RLimitMEM /etc/apache2 returns nothing
<SSMAdmin> matjam http://paste.ubuntu.com/p/CbjD3qcpNv/
<matjam> sdeziel: the apache directives should be in the apache conf.avail etc dirs
<SSMAdmin>  grep -ir RLimitMEM /etc/apache2 returns nothing
<SSMAdmin> grep: returns: Fila eller mappa finnes ikke
<SSMAdmin> No file or directory (translated from norwegian)
<matjam> ok
<matjam> lol yeah
<matjam> just "grep -ir RLimitMEM /etc/apache2"
<matjam> should return nothing at all
<SSMAdmin> correct, last command did not return anything at all
<SSMAdmin> lol, I see now
<SSMAdmin>  grep -ir RLimitMEM /etc/apache2 RETURNS NOTHING :-)
<matjam> lol
<matjam> sorry I should have quoted it
<matjam> so this won't be a fix but if it works then it will confirm my theory
<matjam> add "RLimitMEM max" to /etc/apache2/mods-enabled/php7.2.conf
<matjam> at the bottom is fine
<matjam> and then try "systemctl start apache2"
<matjam> and then systemctl status apache2
<matjam> to see that it's running or not
<SSMAdmin> Nope, refuse to run
<matjam> hmm
<matjam> grep -r www-data /etc | pastebinit
<SSMAdmin> error.log just got a new entry of "Out of Memory", thats all
<matjam> yeah
<matjam> also modify memory_limit in php.ini to 128M temporarily to see if it will start
<matjam> its really odd
<matjam> /etc/php/7.2/apache2/php.ini
<matjam> oh before you do that
<matjam> have you rebooted this machine at all?
<matjam> like, since yesterday
<SSMAdmin> grep www-data: http://paste.ubuntu.com/p/jhjkqVqCDq/
<SSMAdmin> yes, rebooted several times
<matjam> pastebinit /etc/systemd/system/multi-user.target.wants/apache2.service
<SSMAdmin> changing memory-limit to 128M did not work
<matjam> yeah ok
<matjam> so you upgraded from 16.04 to 18.04?
<SSMAdmin> http://paste.ubuntu.com/p/HGNyWyy9Hm/
<SSMAdmin> no, I installed fresh 18.04
<matjam> ah ok
<matjam> did you make any other modifications to any other system files?
<matjam> like /etc/sysctl.conf etc
<SSMAdmin> previous system was 16.04
<SSMAdmin> no
<matjam> so
<SSMAdmin> what about uninstalling apache2 and reinstall it?
<matjam> can you "cat /etc/apache2/sites-enabled/* | pastebinit"
<matjam> well its one thing to try
<matjam> we're not there yet
<matjam> its something specific to your configuration, as I have just installed apache 2 & php etc and its working fine
<matjam> and like, its something that if it was broken, lots of people would have been having problems
<matjam> well that looks fine
<SSMAdmin> could it be a harddrive error, some sector damaged, that holds information apache2 needs?
<matjam> you'd see something in dmesg
<matjam> or /var/log/syslog
<matjam> sense error stuff like that
<matjam> unlikely though
<matjam> pastebinit /etc/apache2/envvars
<SSMAdmin> http://paste.ubuntu.com/p/X288S9rgpc/
<matjam> seems fine
<matjam> weeeeeeird
<matjam> ok so this will suck
<matjam> sec
<matjam> I need to test locally
<SSMAdmin> ok
<sdeziel> if you suspect a mod_php issue I'd a2dismod it as a test
<matjam> good point
<matjam> do that
<SSMAdmin> ok, a2dismod what?
<matjam> a2dismod php7.2
<matjam> then start the server again with systemctl start apache2
<SSMAdmin> apache2 running
<matjam> systemctl status apache2
<SSMAdmin> yes, its running
<matjam> if it's running then, stop it with systemctl stop apache2
<matjam> yeah ok it's php
<SSMAdmin> done
<matjam> a2enmod php7.2
<SSMAdmin> ok, then problem is back
<matjam> SSMAdmin: cd /etc/apache2
<matjam> source envvars
<matjam> apache2 -X
<matjam> as root
<matjam> does it print anything useful>
<SSMAdmin> ok, nothing happend.  Did not print anything useful.  "systemctl status apache2" gave same error message as earlier
<matjam> yeah it will
<matjam> when you say, nothing happened
<matjam> it just returns straight back to the prompt?
<SSMAdmin> yes
<matjam> ok so as root, in /etc/apache2
<SSMAdmin> as root, yes
<matjam> strace -f -o /tmp/apache2.strace apache2 -X
<SSMAdmin> in /etc/apache2
<matjam> then patebinit /tmp/apache2.strace
<matjam> ugh
<matjam> pastebinit /tmp/apache2.strace
<SSMAdmin> http://paste.ubuntu.com/p/5hqsrZdWBP/
<matjam> well thats useful
<matjam> how much swap on this system?
<matjam> "free" will tell you
<matjam> free | pastebinit
<matjam> also df -h | pastebinit
<SSMAdmin> Swap:        999420           0      999420
<SSMAdmin> http://paste.ubuntu.com/p/dGhMcGzsBD/
<SSMAdmin> https://paste.ubuntu.com/p/S33jpR2QgG/
<matjam> so, system has 4GB ram, <1GB swap
<sdeziel> the reading pattern of /dev/urandom is weird, 8 bytes at the time
<matjam> that *should* be ok
<matjam> sdeziel: my apache2 does that
<matjam> seems "normal"
<matjam> so like
<matjam> mmap(NULL, 93874405974016, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = -1 ENOMEM (Cannot allocate memory)
<matjam> that number 93874405974016
<matjam> is the number of bytes its trying to allocate
<sarnold> what's 85 TB here or there? :)
<nacc> i'm 99% sure that this a local configuration issue
<matjam> yeah
<matjam> SSMAdmin: can you a2dismod ssl
<sdeziel> could it be RLimitMEM max?
<matjam> SSMAdmin: then try to start apache with systemctl start apache2
<matjam> sdeziel: tried that
<matjam> sdeziel: as in, it had no RlimitMEM statement, we added one
<SSMAdmin> a2dismod ssl done, still same error
<sdeziel> matjam: right but I'd remove it
<SSMAdmin> apache2 will not start
<matjam> sure
<matjam> SSMAdmin: can you remove the RLimitMEM entry from the php conf we added before
<matjam> oh hang on
<matjam> SSMAdmin: can you "cat /etc/apache2/mods-enabled/* | pastebinit"
<matjam> I like the modularity of the debian config for apache
<matjam> but man, it scatters the config all over the place
<SSMAdmin> matjam, removed RLimitMEM, still same error
<matjam> yeah figured
<sdeziel> this would provide a fuller view: "grep . /etc/apache2/*-enabled/* |  pastebinit"
<SSMAdmin> https://paste.ubuntu.com/p/QP36brRfSD/
<SSMAdmin> http://paste.ubuntu.com/p/dVNGbMcwn3/
<matjam> sdeziel: mr fancy
<sdeziel> matjam: hehe :)
<sdeziel> the split out apache2 config was one of the key factor in me adopting Ubuntu years ago. I have now moved to nginx when feasible though
<matjam> yeah
<matjam> I like using fastcgi
<matjam> problems with php don't take out the entire webserver
<matjam> and it performs better
<matjam> I dunno man, this all looks boringly normal
<matjam> other than the weird mmap for 85TB or fram
<matjam> of ranm
<matjam> SSMAdmin: can you please "dpkg --list | grep php | pastebinit"
<matjam> if the output of that is boringly normal
<matjam> then I'm officially throwing in the towel
<SSMAdmin> https://paste.ubuntu.com/p/XfKBbwf5gM/
<nacc> are we not getting an error from apache2 at all?
<matjam> no I don't think its getting that far
<matjam> I think its loading modules and php prints to stderr and that goes to error.log
<matjam> so on my system I don't have libapache2-mod-php, just libapache2-mod-php7.2
<nacc> well, you *should* have mod-php :)
<nacc> it's a metapackage to track updates
<nacc> *upgrades
<matjam> ah
 * matjam throws in the towel
<matjam> SSMAdmin: sorry dude, I'm at a loss
<matjam> SSMAdmin: you've hit some weird bug in php
<sdeziel> SSMAdmin: any idea of what changed since it all started?
<nacc> why do you think it's in php?
<sdeziel> nacc: a2dismod php7.2 makes the issue go away
<nacc> ah, that was what i was missing
<sdeziel> SSMAdmin: you could try to disable every PHP modules and selectively reintroduce them one by one
<nacc> has a purge of php (or at least libapache2-mod-php*) and reinstall been tried?
<SSMAdmin> matjam, thank you for trying and spending a lot of time on it.  Ok...its a php bug, but then it must be something from the ubuntu repos, because I have not changed anything myself.  I has been running without error since april when I installed 18.04, suddenly yesterday it stopped working
<sdeziel> SSMAdmin: could you share /var/log/apt/history.log ?
<nacc> SSMAdmin: any clues if a packge update happened? /var/log/apt/history.log
<SSMAdmin> apt history: http://paste.ubuntu.com/p/vdXWmG4PHR/
<sdeziel> nothing of interest in there
<SSMAdmin> I have no idea what updates have been made by the system automatically.  I did a manual update earlier today, in order to see if that would fix anything, but it didnt
<sdeziel> zcat /var/log/apt/history.log.1.gz | pastebinit
<SSMAdmin> sdeziel, https://paste.ubuntu.com/p/FTwcz38XBj/
<sarnold> looks so *plain*
<sarnold> nothing here makes sense
<sarnold> my next thought is to ask perf to dump a stack trace when mmap fails and hope that somepart of the stack trace indicates what might be wrong
<sarnold> http://www.brendangregg.com/perf.html#StackTraces
<SSMAdmin> I suggested removing and then reinstalling apache2.  matjam did not think that was needed.  How about reinstalling php7.2?
<sdeziel> removing symlinks from /etc/php/7.2/apache2/conf.d/ would be simple too
<SSMAdmin> Ok, I have no clue about this, so I just follow your suggestions.  How do I remove these symlinks, and what will happen?
<sarnold> meh, i'm not real hopeful, and I'd rather know the *cause*, but if you go that route, I suggest ot use apt-get purge rather than apt-get remove
<SSMAdmin> sarnold, ok thanks
<sdeziel> the phpmyadmin that's in "rc" bugs me
<sdeziel> I'd purge this one first (I never liked that piece of software ;)
<SSMAdmin> how do I purge it?
<sdeziel> dpkg -P phpmyadmin
<SSMAdmin> done
<sdeziel> (I don't remember if apt-get purge would work on a package in "rc")
<sdeziel> apache2 still choking on startup?
<SSMAdmin> how do I check if the purge did what it should?
<sdeziel> "dpkg -l| grep phpmyadmin" => should return nothing
<SSMAdmin> apache2 still choking
<SSMAdmin> returned nothing, so good
<sarnold> apt-get purge on 'upstart' on my laptop took it from rc to un
<sdeziel> thx
<sdeziel> that's weird to see "openat(AT_FDCWD, "/usr/lib/ssl/openssl.cnf", O_RDONLY) = 12" when mod_ssl isn't even enabled
<SSMAdmin> So, if I should try to clean out php (both 5 and 7?) and then reinstall, what should I do then?  And that means I must reinstall also extra modules needed by apache and nextcloud?
<SSMAdmin> I have a2enmod ssl now
<sdeziel> I just picked it as it was few lines before the huge malloc
<sdeziel> s/malloc/mmap/
<SSMAdmin> ohh btw, it was php7.2 only that is creating the problem, not php5? We only disabled php7
<sdeziel> on a bionic box, only 7.2 should be there
<sdeziel> https://paste.ubuntu.com/p/XfKBbwf5gM/ showed it was the case
<SSMAdmin> ok
<SSMAdmin> so....apt purge <what>?
<SSMAdmin> php7?
<sdeziel> SSMAdmin: each PHP package one at the time, I'd start with php-apcu
<SSMAdmin> purge or just disable them?
<sdeziel> purge would probably be easier to undo afterward
<SSMAdmin> ok, will you guide me?
<SSMAdmin> so I start with apt purge php-acpu
<sdeziel> I'm afraid I'll have to leave soon
<SSMAdmin> ok
<sdeziel> but it's pretty simple, purge, test, rince and repeat
<sdeziel> the above paste captures the list of php packages you had before starting to poke at it
<SSMAdmin> so,example php-curl, will that also purge php7.2-curl?  Or is there some significant difference in all these?  Are there some I should NOT purge?
<SSMAdmin> Question put another way:  Why are there some of these modules without the *7.2 part in the name
<sdeziel> those are virtual packages
<sdeziel> they point to the current php7.X-mod version
<sdeziel> on Xenial it would have been php7.0-mod, on Artful: php7.1-mod and so on
<SSMAdmin> ok, but there are some of them that does not have a php7.x version of them
<SSMAdmin> php-acpu as an example
<sdeziel> I _think_ that's because they don't build from the PHP sources and are external components
<SSMAdmin> and should I purge the virtual ones, or the 7.x ones?
<sdeziel> SSMAdmin: purging the 7.2 one should also purge the non versioned one
<SSMAdmin> thanks, I go ahead, take them one by one, purge, test, reinstall, purge next, test, reinstall?
<sdeziel> nacc also suggested to purge and reinstall libapache2-mod-php*
<sdeziel> and he knows PHP far better than I do :)
<SSMAdmin> ok, "apt purge libapache2-mod-php*" will work, but how about reinstall? "apt install libapache2-mod.php*" will probably not work
<SSMAdmin> apt install libapache2-mod-php
<SSMAdmin> apt install libapache2-mod-php*
<sdeziel> installing libapache2-mod-php only should pull the other
<SSMAdmin> ok thank you.  I try
<SSMAdmin> purging libapache2-mod-php* made the apache2 able to start
<nacc> SSMAdmin: yeah that seems accurate (as purge will remove the config which implies a2dismod php7.2)
<SSMAdmin> but now some ssl protocol error on the website
<sdeziel> SSMAdmin: wasn't SSL disabled earlier?
<SSMAdmin> so better leave libapache2-mod-php installed, for bugtracking the other modules
<sdeziel> but if you have SSL errors, that probably means apache2 starts now, isn't it?
<SSMAdmin> yes, but I enabled it again (a2enmod ssl), I think
<SSMAdmin> sdeziel, apache starts now, yes
<sdeziel> ok is mod-php installed yet?
<SSMAdmin> no, should I reinstall it?
<SSMAdmin> I try
<sdeziel> yes because we already knew that without php involved it was working OK
<SSMAdmin> Well, now apache2 is able to start with libapache2-mod-php reinstalled
<nacc> SSMAdmin: so i'd assume it was due to a config change you did with php before
<SSMAdmin> so now this part is fixed, apache2 is able to run with php involved
<nacc> SSMAdmin: maybe related to nextcloud, dunno
<SSMAdmin> nacc, no, I have not touched the system since I installed it in April, it has been running without error until yesterday
<SSMAdmin> but now there is still a ssl protocol error
<SSMAdmin> I did "a2enmod ssl" to enable it, we disabled it earlier in this session
<sdeziel> SSMAdmin: didn't you have a nextcloud vhost specifically for SSL? if yes, I'd enable it
<SSMAdmin> still some problem
<sdeziel> what's apache2 error.log like now?
<SSMAdmin> sdeziel, ahh...there it is, I try enable the nextcloud.conf file
<SSMAdmin> wait a second..
 * sdeziel is in holding pattern
<SSMAdmin> HOLY MOLY, everything is suddenly working
<dpb1> wow
<dpb1> epic debug session?
<dpb1> like, 2 hours
<sdeziel> but the root cause remains unkown so we are none the wiser
<SSMAdmin> so, then only thing to fix the problem was to purge and reinstall libapache2-mod-php
<nacc> which implies some config fubar
<nacc> i know you'll say you didn't do anything
<nacc> but that's not what the operations imply :)
<sdeziel> still would have been nice to find what was mmap'ing 85T
<sdeziel> I know sarnold, I hear you ;)
<SSMAdmin> nacc, well, I KNOW I have not touched the system, exerpt running "apt update" and "apt upgrade" manually on a few occations.  I have not touched a single config file or installed any additonal modules after I got the system running in April
<SSMAdmin> sdeziel, what was that mmap'ing 85T?
<nacc> from your strace of apache2 earlier
<SSMAdmin> opps, too late, he is gone
<SSMAdmin> what does it mean?  Someone trying to send 85T to the server?
<nacc> SSMAdmin: no, your apache2 program was trying map 85T of virtual memory, which the kernel said no to.
<SSMAdmin> ok, I don't understand "mapping of virtual memory"
<SSMAdmin> maybe I don't need to know? :-)
<SSMAdmin> anyway, thanks a lot everyone.  Say thanks to sdeziel from me, and also to matjam that worked a long time to try to help me
<_KaszpiR_> SSMAdmin you should REALLY order pizza/beer for them :)
<SSMAdmin> _KaszpiR_, I will :-)  Is there a command for that?
<SSMAdmin> pastepitsa&beer ?
<nacc> !cookie
<ubottu> Wow! You're such a great helper, you deserve a cookie!
<nacc> is the closest we have :)
<SSMAdmin> !fortunecookie
<nacc> SSMAdmin: sorry, didn't see your question -- it's the program trying to allocate memory to do something
<SSMAdmin> nacc, what could need 85T?
<nacc> SSMAdmin: that's what we don't know
<nacc> i guess if it happens again, rather than just purge
<nacc> make a backup of /etc, then purge, then reinstall and diff old and new /etc
<SSMAdmin> thanks, but that sounds like something more complicated.  I don't know how to do the diff-stuff
<_KaszpiR_> I suggest asking on privmsg for details where and when to deliver pizza ;)
<SSMAdmin> I am a linux newbie, have been a newbie for many years
<SSMAdmin> _KaszpiR_, that sound a bit like pizza-gate, I am not into that sort of stuff :-)
<_KaszpiR_> hahahahahaah
<nacc> SSMAdmin: something link `sudo cp -aR /etc /etc/.bak; sudo apt purge libapache2-mod-php*; sudo apt install libapache2-mod-php; diff -urpN /etc.bak /etc` and if that last command returns anything, something your local config changed
<nacc> bah first line was a typo :)
<nacc> sudo cp -aR /etc /etc.bak
<SSMAdmin> nacc thanks a lot, I take notes
#ubuntu-server 2018-06-02
<matjam> whee
<matjam> so package purge/reinstall fixed it?
<matjam> am glad
<matjam> wonder what it was that broke
<matjam> super odd
<wayne7> How can I show the messages of other users on a chat channel?
<JanC> what do you mean?
<wayne7> Thanks. I am using Xchat but whatever channel I join just shows a list of users without showing what they are all chatting about. Can I see all their messages scrool down the screen?
<JanC> well, you did see my message, right?
<JanC> you only see what they are chatting about in the channel(s) you are in
<JanC> or when you are chatting with them in private, of course
<wayne7> Yes, good. But is it only one-on-one chat. I once joined a channel where you coauld see what everybody was saying to each other.
<JanC> right now we are the only two people saying anything  :)
<JanC> in this channel
<wayne7> Oh, thanks. So if I wait, I may see others chatting?
<JanC> it's Friday night in the Americas, very early morning in Europe, so most people aren't really at their computer chatting right now, I guess
<JanC> this isn't really a super-active channel either
<JanC> but, yes, you will see others chatting too, if you stay around long enough
<wayne7> I see. Last night I wentto dozens of channels but did not see any chat. I am in Australia.
<JanC> it's now afternoon in Australia, right?
<wayne7> Yes. At last I reached a channel which anwered when I said, hello. But they only spoke German.
<JanC> most channels on Freenode are for answering questions or discussing stuff on a specific topic really, although there are some social/offtopic/etc. channels too
<wayne7> So when I join a channel with names listed down the right column, that does not mean that all those people are present waiting to chat.
<JanC> it means they are logged in, but they probably have a computer on 24/7 (just like me)
<JanC> and not everybody sets their status to "away"
<JanC> (e.g. for privacy reasons)
<wayne7> Oh, so all those listed are not there waiting to ask you questions?
<JanC> they will ask/answer when they have questions/answers _and_ happen to be around
<wayne7> Thanks, Jan.  I will keep trying try to find a subject or social channel with people chatting.
<JanC> sometimes answers can come hours after asking (if you stay around)
<wayne7> Thanks, Jan.
<JanC> wayne7: in general try to keep questions on-topic for whatever channel you are in though
<wayne7> I understand.
<Guest42555> hi
<Guest42555> who here uses or maintains Evolution
<Guest42555> well wrong question
<Guest42555> as it is for desktop
<lordievader> Good morning
<Ubu-1604> good morning to you as well ... from canada :)
<lordievader> ð
<Neo4> hi
<Neo4> who know how I can connect to the server? https://paste.ubuntu.com/p/t33t2TyTCZ/
<Neo4> without key
<Neo4> I put ssh -i and any text and neo@ip to connect from vmware
<Neo4> strange behavior :)
<Neo4> anywhere
<Neo4> Warning: Identity file kasdfk not accessible: No such file or directory.
<Neo4> and connect passed
<tomreyn> looks exactly as i'd expect
<Neo4> tomreyn: what?
<Neo4> when I remove all files from .ssh I can't connect
<Neo4> behavior
<Neo4> https://paste.ubuntu.com/p/GCpBYGSQvT/
<Neo4> key in temp and I do ssh -i alkjsdflasjfs and it connects
<tomreyn> you will have the key cached in your ssh agent
<tomreyn> actually no, you're entering the password, so that's how you authenticate
<tomreyn> now what is the unexpected part?
<tomreyn> okay you're probably surpised that you need to enter the password one time but not the other time. that's unrelated to ssh key but just because your password is being cached.
<Neo4> before it wasn't so
<Neo4> I remember always entering password
<Neo4> or key
<Neo4> on vmware only working so
<Neo4> ok
<tomreyn> run with -vv if you want to know what is happening
<Neo4> ssh -vv -i key ?
<Neo4> this output https://paste.ubuntu.com/p/2Qmg7GTphx/
<Neo4> not understandable, I'd rather test on real comp than on VM
<blackflow> so what's the problem? you connected fine it seems?
<Neo4> blackflow: wrong, It shouldn't have connected
<Neo4> key is not correct
<Neo4> anyway I lost all my work for today
<Neo4> :(
<Neo4> overwrited accidantely on old version :( :( :(
<blackflow> Neo4: it's using the key from the agent:  "debug2: key: neo@neo.ru (0x55872d37b3f0), agent"
<Neo4> blackflow: where that key is placed?
<blackflow> Neo4: note that -i does not force only that one key... ssh is trying every key from the configured set.
<Neo4> and do you know how to recover overwritten files?
<Neo4> I did scripts that instlal swap and a few others and all removed
<blackflow> you can't recover overwritten blocks, only *MAYBE* undelete, assuming nothing was written after the delete.
<blackflow> sounds like it's time to restore from backups.
<Neo4> blackflow: I recalled I removed folder vps_install and then load old version, confused
<Neo4> blackflow: files aren't overwritten, they are removed
<Neo4> I need soem app that will allow to see removed files on disk
<blackflow> there's extundelete for ext filesystems.
<blackflow> !info extundelete
<ubottu> extundelete (source: extundelete): utility to recover deleted files from ext3/ext4 partition. In component universe, is optional. Version 0.2.4-1ubuntu1 (bionic), package size 56 kB, installed size 154 kB
<Neo4> can't,
<Neo4> I removed folder and put on her place other folder
<Neo4> the same
<Neo4> using filezila
<Neo4> if you remove file and then put file with the same name it might now show
<Neo4> testdisk doesn't see even files that is placed to trush
<Neo4> I removed in filezila, it puts not to trash
<Neo4> doesn't matter, all disappeared :(. Will rewrite new shell
<Neo4> ((((
<Neo4> my shell script for add/remove swap
<Neo4> https://gist.github.com/kselax/556846637900bd7dc380d09e4d2621b4
<Neo4> recreated
<Neo4> having recreated script
<Neo4> I am afraid to lost again script
<Neo4> :)
<Neo4> I did it by following on this instruction
<Neo4> https://support.rackspace.com/how-to/create-a-linux-swap-file/
<tomreyn> maybe you should have backups. and a git repository
<Neo4> tomreyn: If I put all script on git repository everybody will know how I set up server. This need to keep in secret for security
<Neo4> open-source and security... What? :) :)
<Neo4> recalled phrase from youtube video about linux violate community )
<tomreyn> you need to keep passwords and key material away from prying eyes, but not usually anything else.
<tomreyn> also, there are private git repositories.
<Neo4> tomreyn: for private need pay, there free only public
<Neo4> yes, shell scripts is very important things, Need carefully keep them
<tomreyn> Neo4: you can host private ones yourself, also bitbucket got them for free.
<Neo4> :)
<Neo4> I have five usb flash, better do offline back up
<tomreyn> usb flash storage is no backup storage. use hdds.
<Neo4> tomreyn: ok, have desktop computer with 2 hdds
#ubuntu-server 2018-06-03
<lordievader> Good morning
<Neo4> I need a list of needed apps for frash ubuntu installation
<Neo4> I'm going to reinstall ubuntu and next time don't want to do installation manually.
<Neo4> installation over ubuntu software takes long time, it's not efficient :)
<Neo4> much better over shell script
<Neo4> I did this script and reinstall ubuntu, want to remove dualap and put home to separated disk ,now it together with OS
<RoyK> dpkg --get-selections > pkglist.txt
<RoyK> then dpkg --set-selections < pkglist.txt on the new machine
<RoyK> then apt-get install -f # IIRC
<RoyK> obviously you'll have to store the file somewhere safe during reinstallation
<Neo4> and need put to .vimrc and .bashrc your own settings too
<Neo4> this automatization has many details
<RoyK> Neo4: better use ansible
<RoyK> then you have it for later too
<Neo4> RoyK: no, this is easy echo "needed setting" tee -a $HOME/.vimrc
<RoyK> it's easier to use ansible with "blockinfile" to do that stuff
<RoyK> or lineinfile
<RoyK> ansible is really neat
<RoyK> I've used to roll out some 20 raspberry pi machines as infoscreens
<Neo4> RoyK: I will have two separated scripts one for desktop, desktop_install and one for vps vps_install? or might better put all in one? This will bloated menu
<lordievader> Or use puppet, or some other automation tool. Anything is better than a bunch of scripts.
<RoyK> lordievader: not to start a holy war, but I prefer ansible :)
<lordievader> Never tried ansible. puppet+foreman works here.
<blackflow> SaltStack ftw! ;)
<blackflow> The attraction of ansible is that it's very simple, no need to install nodes/minions/clients, works over ssh and is simplistic enough even for managing a single host with some declarative config.
<RoyK> that's probably why I like ansible ;)
<ikonia> it struggles with windows though
<ikonia> winrm....wow
<ikonia> blackflow: do you have a large saltstack deployment estate ?
<ikonia> I'm yet to really get experience on a large scale salt deployment so I"m a bit on the fence about it
<blackflow> ikonia: nah, a dozen or so servers.
<ikonia> yeah, I'd like to see the "few hundred" scale minimum
<blackflow> ikonia: but eh, the only reason we're using saltstack and not ansible, is the "reactor" functionality, where nodes can trigger events on other nodes.
<ikonia> blackflow: thats one of the things I'd like to see at scale for dynamic cloud type operations
<blackflow> otherwise for such a small deployment we'd probably have stayed on ansible.
<blackflow> ikonia: from what I've read and heard, it scales well.
<ikonia> hands on understanding though is priceless
<blackflow> oh definitely.
<sonu_nk> hi i am facing this issue on linode "Network Helper did not run: could not determine distribution or distribution version   " suddenly all stopped...
<ikonia> sonu_nk: what distro are you running ?
<sonu_nk> centos 7
<ikonia> sonu_nk: then why are you asking in an ubuntu channel
<sonu_nk> i am asking if anyone knows this error "Network Helper did not run: could not determine distribution or distribution version"
<ikonia> this channel supports ubuntu
<ikonia> not centos problems
#ubuntu-server 2019-05-27
<lordievader> Good morning
<geodb27> People : hi !
<geodb27> I'm trying to have a full automated installation of ubuntu 18.04 server, so I've fed the grub.cfg with this http://dpaste.com/1KYXKVN as leftyfb kindly suggested me last thursday. However, this don't select french on the very first screen and thenafter, even if the values are fed, I always have to manually confirm the french choices, be they for language or keyboard layout. What did I do wrong ?
<samba35> i am try to add intel_iommu=on to /etc/default/grub and then run update-grub but still i cant see iommu and cat /proc/cmdline does not show iommu entry
<samba35> what could be wrong
<geodb27> Is there a way to preselect something else than English on this ubuntu-install disk first step and avoid user beeing prompted ? https://www.cjoint.com/c/IEBjzorO6Ik ?
<samba35> i am on ubuntu 18.04  on macbook pro :) i just installed and update system i want to install iommu and i update grub but not update are takeing place
<samba35> i am on ubuntu 18.04  on macbook pro :) i just installed and update system i want to install iommu and i update grub but not update are takeing place
<lotuspsychje> dont repeat please samba35
<samba35> sorry i was trying to enter something but by mistake i use arrow and enter
<samba35> how do i check i am using grub  or systemd-boot ?
<samba35> i add intel_iommu=on it /etc/default/grub and then i update grub and reboot but when i could not see expected outout i check with  cat /proc/cmdline it show old grub
<samba35> any idea why ?
<sdeziel> samba35: could you paste your /etc/default/grub?
<samba35> sure
<samba35> https://pastebin.com/N3y9YbP7
<sdeziel> samba35: OK that looks OK. Have you checked if GRUB_CMDLINE_LINUX_DEFAULT was overridden by other files like /etc/default/grub.d/* ?
<samba35> how do i check that
<samba35> grep ?
<sdeziel> yes
<samba35> grep -i -r "  GRUB_CMDLINE_LINUX_DEFAULT" *
<samba35> grub.d/10_linux:      GRUB_CMDLINE_LINUX_DEFAULT="$GRUB_CMDLINE_LINUX_DEFAULT \$vt_handoff"
<samba35> grub.d/20_linux_xen:  GRUB_CMDLINE_LINUX_DEFAULT="${GRUB_CMDLINE_LINUX_XEN_REPLACE_DEFAULT}"
<samba35> with /etc folder
<sdeziel> grep -rF GRUB_CMDLINE_LINUX_DEFAULT /etc/default/grub.d/
<samba35> sorry i was disconnected
<samba35> any idea ?
<Dad> [08:47:33] <EC5Asamba35> with /etc folder
<Dad> [08:48:10] <C197sdeziel> grep -rF GRUB_CMDLINE_LINUX_DEFAULT /etc/default/grub.d/
<Dad> [08:52:32] * Quits: samba35 (~shrikant@unaffiliated/samba35) (Ping timeout: 252 seconds)
<samba35> sorry disconneted
<samba35> this system keep get disconnted to nic
<samba35> how to i check whether i am using grub or systemd-boot ?
<foo> blackflow: just saw your message from earlier, thank you. Will blackflow resolve the issue of hanging for 30-60 seconds? Hmm
<foo> blackflow: also, any config needed for haveged ? (whoops, I meant haveged in my last message, not blackflow for package :))
<lordcirth> foo, haveged should not require any config
<foo> lordcirth: thank you. I don't fully understand the performancing/hanging issues, but I reported them here: https://github.com/pyca/pynacl/issues/327#issuecomment-49147140 - by any chance, are you in agreement haveged can resolve what I'm seeing?
<lordcirth> foo, it seems likely, given that it's hanging on opening /dev/random. Try running 'cat /proc/sys/kernel/random/entropy_avail' while it's hanging?
<foo> lordcirth: it's sporadic, and difficult to catch - however I'll try that! Thank you.
<foo> Every now and then I'll run a tool and see it hang for 30 s- 1 min... otherwise I see it in the logs from various processes
<lordcirth> foo, is this in a VM?
<foo> lordcirth: digital ocean droplet. /proc/sys/kernel/random/entropy_avail currently at 115. What does this signify?
<lordcirth> foo, that's far too low, so yes, you are running out of entropy
<lordcirth> VMs generally have far fewer ways to generate entropy than physical machines, so this isn't uncommon
<foo> lordcirth: ahhh, well this is reassuring. I've been trying to narrorw this down for months. And do you still suggest haveged, given that low entropy?
<lordcirth> haveged is definitely the easiest fix
<foo> lordcirth: thank you!
<tomreyn> haveged is a bit of a compromise, but a (mostly) generally accepted one.
<foo> lordcirth: ok, apt-get install haveged looks good. Looks like reboot not necessary, can you confirm?
<tomreyn> and running VMs is a bit of a compromise, too, in this sense
<foo> tomreyn: thank you, will keep an eye on the logs and hope these issues I'm seeing go away
<lordcirth> foo, I don't think you need a reboot. Run cat /proc/sys/kernel/random/entropy_avail again
<foo> lordcirth: 2431 :)
<blackflow> foo: actually personally I like to raise the entropy threshold for haveged to 2048, default is 1024
<foo> blackflow: how do you raise it? Not sure if it's as simple as writing to that file. I'm open to anything that will minimize these hangups I'm seeing. This script gets called a ton
<blackflow> foo: /etc/default/haveged
<foo> thanks!
<blackflow> (and of course restart the haveged.service)
<Greyztar> is it so that apt and aptitude is the same only aptitude is an ncurses something user interface of apt?
<Greyztar> or are they two separate packet managers?
<tomreyn> !aptitude
<ubottu> Like apt and apt-get, aptitude is a terminal frontend for Ubuntu's package management system. Unlike the others, it is not recommended in Ubuntu because its behavior differs significantly from other Ubuntu package management tools and can cause issues.
<Greyztar> thanks tomreyn i also eventually found an article about it aswell
<tomreyn> Greyztar: can you post the link, i'd be interested to read what has been written about it.
<Greyztar> tomreyn, sure i its not a professional article per se though so dont know if it counts also i dont know how authoritative this source is https://www.tecmint.com/linux-package-managers/
<Greyztar> but article says package managers so i guess they all count as different package managers,normally i wouldnt bother knowing but im doing an school assignment on it
<tomreyn> that's an ok overview. it doesn't discuss how using apt and aptitude on the same system creates problems. but other than that it's ok, i guess.
<Greyztar> yeah ok for an overview,i had an link to ubuntu which explained apt,aptitude and dpkg but i long lost it though
#ubuntu-server 2019-05-28
<plongshot> I want to install this:  https://syncope.apache.org/  on a remote ubuntu 18.04 server (it's a linode).  Will I be able to use the gui interface shown in the screenshots out of the box with only installing syncope?  Or are there other dependencies? If so, what / how?
<plongshot> Thanks in advance for any help. It is much appreciated.
<teward> plongshot: for the record I am not an expert with Syncope, but in THEORY you should just be able to install the deb and get its GUI, but you would have to consult their documentation for it.
<teward> https://syncope.apache.org/docs/2.1/getting-started.html#debian-packages is probably where yo uwant to go for installation questions, etc.
<teward> and I don't see the 'screenshots' you are referring to
<plongshot> teward: Thanks.   Will check it out.  I like chatting in these places before putting my had to things  It stimulates my mind and gets me in the mood.  :>
<teward> plongshot: my two cents?
<plongshot> Oh wow. Idk about screenshots but theres a demo  https://syncope.apache.org/demo
<plongshot> sure
<teward> plongshot: demo suggests it's got web-based components
<teward> but I'd deploy this locally in a VM or a container first to 'test' it before you deploy it remotely.  Just a thought.
<plongshot> I see how it works now. I
<teward> in case something goes wrong.
<plongshot> yes exactly  :>
<plongshot> I've got an ear to ear grin on my face right now
<ruben23> hi there guys how do i used grep command to find any name inside a config on the entire system.? any idea on the command
<samba35> what is best and simple way to install/configure systemd-boot on 18.04.2
<lordievader> Good morning
<Greyztar> hello,all of a sudden my user seems to be able to run commands without using sudo,any tip where to start looking?
<Greyztar> i guess some time ago i must have changed something and dont remember ugh
<weedmic> you mean commands that would not normally require sudo?  check the ownership/group rights to the file
<Greyztar> weedmic, im using systemctl command though which normally should require sudo?I checked sudo file theres no NOPASSWD entry either weird
<Greyztar> wasent using the correct command,seems all other systemctl is ok without sudo just try restart sshd or so
<weedmic> if i can fish to a server in dolphin, does that mean fstp is on the server?
<weedmic> Greyztar: that's a relief b/c I couldn't really thing of anything other than group membership or rights issues
<Greyztar> weedmic, yeah sorry sometimes i just tend to mix it up a little thanks for helping though (,")
<weedmic> nvm
<weedmic> is there a text version of dolphin one could run on a remote server to browse more easily than using konsole cd (want to call this from a script).
<uzee> Hi, can I use a local machine to serve as an installation sopurce for preseed?
<uzee> *source
<uzee> Hi, I've copied the entire contents of the ubuntu 18 server iso to a local machine and am trying to use that machine as the installation source in preseed, for e.g:
<uzee> d-i mirror/http/hostname string http://myhost.mydomain
<uzee> d-i mirror/http/directory string /ubuntu/ubuntu18
<uzee> but the installer gives me an error saying "no kernel modules found" is having the iso copied locally not enough?
<coreycb> sahid: nova 17.0.10 uploaded, thanks for that
<sahid> cool ack
<samba35> how to configure /install systemd-boot ?
<samba35> bootctl install ?
<Delvien> Have a local dns server, ubuntu-server can ping anything on the network, but the network cannot ping or ssh to the ubuntu-server
<lordcirth> Delvien, did you enable ufw or another firewall?
<lordcirth> Also, run 'tcpdump' on the server, then try to ping it
<Delvien> lordcirth: i have a constant ping going dm
<lordcirth> Delvien, and what is the ping result? No route to host?
<Delvien> lordcirth: turned off ufw, rebooted, still nothing, something to note: when i initiate a reboot, ping starts responding
<sarnold> waaaat
<lordcirth> So some service is blocking it that turns off during shutdown
<Delvien> tcpdump is not showing anything from lan
<sarnold> you haven't assigned an IP address to multiple machines, have you?
<Delvien> nope
<Delvien> just the one
<sarnold> and all the machines agree? :)
<Delvien> yep
<Delvien> resolved has the correct dns server, and i can make ALL outgoing connections
<Delvien> can i just switch to resolv.conf instead of this resolved nonsense?
<Delvien> I need a static entry thats it.
<lordcirth> resolved is not your problem
<lordcirth> Delvien, pastebin "iptables -L" please
<Delvien> ok so this is weird
<Delvien> i am currently VPNed to the network with the ubuntu-server, windowsservers, debian servers, LXC and dockers can all be connected to while on this same connection, but not the ubuntu server.
<sarnold> do you have an ethernet bridge on that system as part of this?
<Delvien> i had turned off ufw on the ubuntu server btw
<lordcirth> Delvien, is the LAN a /24?
<Delvien> yep /24
<Delvien> an ethernet bridge on the VM host side, yes
<sarnold> an interface connected to an ethernet bridge doesn't have an ip address -- instead the address is assigned to the bridge
<Delvien> PCs that are on the network can ping and connect to the ubuntu server
<lordcirth> Also, sometimes the bridge can get assigned a different MAC than the interface, and that doesn't work
<Delvien> but not this one, thats on the VPN
<sarnold> I suspect it could lead to the symptoms you've described here if you've got some configuration that tries to assign the IP to the interface left over from before the bridge was configured
<Delvien> sarnold: but then it wouldnt work for any other PC on the network
<Delvien> sarnold its specifically not allowing this VPN'ed pc
<lordcirth> Delvien, traceroute?
<Delvien> goes to gateway, then *  * * till end  (30 hops)
<Delvien> whats odd, is that this is the only machine that has this issue, i can access EVERYTHING else on the network, which is why im here, bc it may be a ubuntuserver related problem (not a bug just a config probably)
<TJ-> Delvien: the problem only affects the local PC which is VPNed into the remote network?
<Delvien> Im on the VPNed pc, trying to connect (via ssh) to the ubuntu server + i cannot ping from the VPNed PC to the ubuntu server
<Delvien> I remember running into this like 6 months or so ago with an ubuntu server, and its something to do with dns or a service running
<Delvien> unfortunatly "history" didnt go back that far
<TJ-> Delvien: sounds like a VPN config issue
<TJ-> Delvien: or else *local* firewall/routing on the PC
<Delvien> ufw is off
<TJ-> Delvien: on the *local* PC, if you "tcdump -ni tunX icmp" and then in another shell, run a ping to one of the GOOD hosts confirm you can see replies, then ping the BAD host
<Delvien> " 15:32:01.327377 IP 10.10.11.2 > 10.10.10.12: ICMP echo request, id 18420, seq 26, length 64
<Delvien> over and over
<Delvien> nothing in my firewall blocking traffic
<Delvien> its something with the ubuntu-server configs.
<Delvien> or a service
<Delvien> As soon as i initate the reboot, it starts responding to ping requests lol
<Delvien> what is a negative trust anchor for systemd-resolvd?
<lordcirth> Delvien, a domain that DNSSEC is turned off for
<Delvien> Stopped target "network is online" seems to be when the ping starts responding when i shut down
<lordcirth> Delvien, What Ubuntu version?
<Delvien> 18.04.1
#ubuntu-server 2019-05-29
<wholesum> how do i rebuild grub? I can access the system partition (and the LVM) using the liveCD. it's 18.04.1.
<wholesum> i've been struggling for the past 24 hrs, i'm afraid i'm going to lose my job...
<wholesum> i already tried to use refind, reinstalling grub, and a lot of other things.
<sarnold> wholesum: if you mean, how to ask grub to rebuild the menu, configuration, etc, then try 'update-grub' -- the /etc/default/grub file points there
<wholesum> i'm in grub rescue now
<wholesum> sarnold: you can see the grub info here (menuentry ubuntu, ignore above) https://pastebin.com/AuiAvrjY
<sarnold> wholesum: you might have better success in #ubuntu -- many of the folks here haven't seen grub in years, but the #ubuntu folks help debug install problems a lot more often
<wholesum> sarnold: what are you using? refind? i had better luck with that, but not enough to boot my system
<wholesum> i can do away with grub, there is only one OS in the system
<wholesum> BTW not a install problem. server has been running fine for almost 1 year. last night I rebooted and it told me no OS found
<sarnold> wholesum: I've never needed to do anything like this, ever
<sarnold> wholesum: refind is in universe, so it wouldn't be the preferred choice; efibootmgr is in main, it's probably the ubuntu preferred tool
<wholesum> how would i go about configuring it from a live CD? set the boot order to use the partition where ubuntu is installed?
<sarnold> you could chroot to the mounted path..
<sarnold> it'd be something like: (untested) (pretend the instal;led system is mounted on /mnt/root) mount -obind /proc/ /mnt/root/proc ; mount -obind /sys/ /mnt/root/sys/ ; chroot /mnt/root /bin/bash
<wholesum> will try!
<wholesum> so once i have a shell inside the installed system i play with efibootmgr?
<wholesum> sarnold: I'm in the shell for the installed system
<wholesum> I cleaned up efibootmgr to have only a single entry: ubuntu
<lotuspsychje> wholesum: why is your server not up to date to .2?
<wholesum> lotuspsychje: didn't want an upgrade to bork it up and can't afford downtime on it...
<lotuspsychje> wholesum: there are like tons of security updates out, and now your system is also borked
<wholesum> it was fully up to date, on a daily basis
<lotuspsychje> wholesum: is that an intel cpu?
<wholesum> but on 18.04.1
<wholesum> yes, i5
<wholesum> disk is NVME SSD with secure boot
<lotuspsychje> wholesum: we had several users reporting unable to boot on the new !mds
<wholesum> whats the new !mds? i'm not using raid
<lotuspsychje> wholesum: did you change uefi settings recently?
<lotuspsychje> !mds
<ubottu> Microarchitectural Data Sampling is a security issue with Intel processors. Update your system to receive the kernel and microcode patches. Visit https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/MDS for more info and recommendations.
<wholesum> ah yes, the new vuln
<wholesum> uefi settings have not been changed in months...
<lotuspsychje> wholesum: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1829620
<ubottu> Launchpad bug 1829620 in linux-hwe-edge (Ubuntu) "intel-microcode on ASUS makes kernel stuck during loading initramfs on bionic-updates, bionic-security" [Undecided,Confirmed]
<wholesum> i am the single user on this machine, running only trusted apps. i am going to disable all mitigations later
<lotuspsychje> maybe worth testing?
<lotuspsychje> ill be out for breakfast first
<wholesum> i doubt that's it, but i will look at it
<wholesum> it's a lenovo box
<wholesum> no cryptsetup
<lotuspsychje> wholesum: you might also wanna browse https://bugs.launchpad.net/ubuntu/+source/grub-installer/+bugs?orderby=importance&start=0
<wholesum> thx and good morning
<wholesum> :)
<lotuspsychje> there's tons of grub installer bugs noticed recently
<wholesum> i reinstalled from 18.04.2 server (not live)
<wholesum> i have an image of the previous install system partition
<lotuspsychje> ah
<wholesum> i'm thinking about booting into the desktop live usb again, and copying this image over the (same size) current  system partition. do you think it would work?
<wholesum> setting up everything again will take weeks...
<lotuspsychje> wholesum: dont you have a backup of your configs, or can preserve your /home on a new installer?
<wholesum> lotuspsychje: too many applications installed and configured, and 4 users. but i do have a backup of /home inside the img of the entire system partition
<raddy> Hello Everybody
<raddy> I am using ubuntu 16.04.5 in AWS
<raddy> tmpfs has 377M free space
<raddy> But it still says there is no free space
<tomreyn> which tmpfs?
<raddy> You mean ?
<raddy> tmpfs           377M     0  377M   0% /run/user/1000
<tomreyn> raddy: so you're trying to write to somewhere below /run/user/1000/ ?
<raddy> I am trying write in /tmp/
<tomreyn> then the above output is not relevant, try this:  df -h /tmp
<raddy> Filesystem      Size  Used Avail Use% Mounted on
<tomreyn> raddy: now repeat the line which wasn't transferred since it started with a slash. add a blank space as the first character
<raddy> tomreyn: I don't get you, but I don't have separate /tmp file system
<tomreyn> raddy: so how much free unallocated space do you have in / ?
<tomreyn> raddy: alternatively, run this and post the url:  df -h /tmp 2>&1 | nc termbin.com 9999
<raddy> 2.4Gb free space is available
<tomreyn> raddy: that's not a lot. if it's an ext{2,3,4} file system, then 5% are reserved for the root user by default
<tomreyn> 5% of the total file system
<tomreyn> another explanation could be that all inodes are in use: df -hi /tmp
<raddy> tomreyn: You nailed it. that is the issue
<raddy> tomreyn: find . -type f | wc -l shows the /tmp/ has only 80 files
<RoyK> tomreyn: df reports the available space after the 5% is subtracted. also, tmpfs doesn't have that. the reserved space can be tuned with tune2fs -m<something> /dev/sd<something>
<raddy> But 512k inodes being shown as used
<raddy> Please help
<raddy> I got it
<tomreyn> you'll need to create a new file system, specifying a higher amount of inodes (-I)
<tomreyn> actually i didn'T explain this properly, read the man page, please
<tomreyn> actually -N is what you'd need,-I just changes the inode size.
<jamespage> coreycb, sahid: train milestone 1 is next week so we should make a plan to upload snapshots to eoan
<coreycb> jamespage: sounds good
<jiffe> so I'm trying to install ubuntu 18.04 on a desktop, it installs find but doesn't boot, no grub menu or anything I just get a flashing cursor in the top right
<jiffe> boot order is correct, its booting from hd
<lordcirth> jiffe, you are installing Ubuntu desktop or server ISO? EFI or BIOS?
<jiffe> ubuntu server, not sure about the later let me check
<jiffe> yeha looks like bios, nothing about uefi in here
<jiffe> or efi
<jiffe> this is an old P4 machine
<lordcirth> jiffe, pentium 4? 32 or 64bit?
<jiffe> 64 bit
<jiffe> I see people having success with something similar running boot-repair from a live cd
<tomreyn> jiffe: which installer did you use (.iso filename)? and which version of the installer? were there any warnings or errors while installing?
<tomreyn> also, with hardware this old (with known unfixed security bugs), you'll want the latest firmware available to be installed, i'd say. did you check you have that?
#ubuntu-server 2019-05-30
<mettiu> what's the best way to configure a 18.04 php webserver with multi domain (each domain must have it's own sftp user)? i need to use a test webserver isolating different application. i've read about that online but never find a real clarification about the "good" way to do that (like hosting provider do, for example). thanks
<blackflow> mettiu: the answer to that question is too broad, it'd take a lot of typing.... do you have a more specific question about it? but in short... one user per site. ssh with sftp-only chroot setup to user's $HOME. put the web server into the user's group. chmod 750 homedir. create a subdir per domain in $HOME. run php-fpm with a pool per user, running as that user.
<blackflow> the subdir is important. with sftp chroot the user won't be able to create any files in their $HOME directly (because $HOME has to be owned by root, for sftp chroot). Standard names are ~/public_html   or   ~/htdocs   but it's just a convention.
<mettiu> thanks blackflow, good info. one of the typical question is about "where to put the public_html" folder, in /var/www or user home. from what you say it's better to use the user's own home directory
<blackflow> now I'd go even further with securing that thing down, but it requires you to have 100% control over what is being run in PHP, so you place an AppArmor and protect sites from each other, and block PHP from executing files it can modify.
<blackflow> mettiu: yes, user home because of the chroot.
<mettiu> thanks, blackflow.. are there books about that or is just experience? i'm a developer, and i want to increase my knowledge about the stack :)
<blackflow> in my case, that's experience from running public sites for over 20 years, most of that as a managed hosting provider. And besides, it's not as if you have a million different ways to pull it off, if you start from the Least Privilege Principle and security-first.
<mettiu> thanks blackflow, you put me on my way to better undestand :)
<blackflow> mettiu: however, this is based on the "SFTP needed" premise. If you don't strictly need it, then I'd do it differently. In fact, in our use case we develop and control the web application, and thus it is deployed from git, PHP files owned by root. special RW dirs for "uploads". fpm unprivileged, AppArmor profile separating instances. full systemd service isolation of instances (one fpm master per
<blackflow> site, not just many pools under single master).
<mettiu> sure blackflow, it would be different
<ybaumy> moin. any advice on how to solve that systemd-resolved mess once and for all? i would like to use docker but no container can resolve dns hosts.. i already read todo's on how to install other tools and  restore /etc/resolv.conf  to its original state.. so i removed the link for /etc/resolv.conf and added nameserver entries but now nothing resolves anymore
<ybaumy> i am on 18.04
<kklimonda> check /etc/nsswitch.conf and see if you have `hosts: files dns`
<lordcirth> How can I configure the NFS client to refresh cache when it receives an ESTALE?
<lordcirth> Hmm, apparently that's not what I actually need either
<plongshot>  does 18.04 server come with any tools / utilities that can create an image (ie: clone) of the server it's intalled on and depoit it in the form of a tar.gz ?
<plongshot> depoit\deposit
<plongshot> I found an answer. ty
<_KaszpiR_> dd ;D
<plongshot> Are there any known challenges to using wildfly on ubuntu server 18.04?
<plongshot> considering the fact that it's a rhel developed application and they use yum (a different package manager). So would there be any problem installing, configuring, using?
<tomreyn> plongshot: well the primary issue will be that it's not available (via APT) in ubuntu
<tomreyn> https://launchpad.net/~ilanddev/+archive/ubuntu/wildfly-15?field.series_filter=bionic may help there if that's an acceptable version
#ubuntu-server 2019-05-31
<coreycb> jamespage: sahid: the software-properties sru for train has landed in bionic-updates. so add-apt-repository cloud-archive:train(-proposed) will now work.
<jamespage> coreycb: \o/
<Odd_Bloke> Hey folks, I'm having latency issues between two Ubuntu machines on my (wifi) network and was wondering if anyone had some advice on how I could start debugging.  The two machines on wifi are surprise and leopard; they both get good pings (1-3ms) to lively, which is plugged directly in to my router.  However, the pings between them show the occasional 1-3ms ping but more often than not they're upwards
<Odd_Bloke> of 200ms, all the way up to ~700ms in some cases.  Any thoughts?
<Odd_Bloke> (From one to the other: rtt min/avg/max/mdev = 1.385/167.298/676.538/146.793 ms)
<teward> rbasak or sarnold: either of you alive for me to run something by you before I consider making a proposed 'fix' to a runtime raceish condition bug on nginx?
<Odd_Bloke> OK, it looks like pinging _from_ leopard works absolutely fine, but pinging leopard from my router, for example, is bad.
<lordcirth> Odd_Bloke, can you pastebin a traceroute between the two slow ones?
<lordcirth> Preferably one each way
<Odd_Bloke> lordcirth: https://paste.ubuntu.com/p/qPvx6652RF/
<lordcirth> Odd_Bloke, look at the interfaces with 'ip link' are there dropped packets?
<Odd_Bloke> lordcirth: I'm not seeing anything about packets in the `ip link` output; what should I be looking for?
<lordcirth> Odd_Bloke, sorry, wrong tool. Try installing ethtool and running "ethtool -S ifacename"
<Odd_Bloke> lordcirth: https://paste.ubuntu.com/p/mQYqT8RKY3/
<lordcirth> Ok, so not massive amounts of packet drops
<lordcirth> Odd_Bloke, what are the Ubuntu versions?
<sdeziel> teward: re LP: #1581864, AFAIK, this is reproducible in every releases as long as you have 1 CPU
<ubottu> Launchpad bug 1581864 in nginx (Ubuntu) "nginx.service: Failed to read PID from file /run/nginx.pid: Invalid argument" [Low,Confirmed] https://launchpad.net/bugs/1581864
<teward> sdeziel: even 1 vCPU VMs couldn't reproduce on my end
<teward> but if we could make a NOTE that it affects all releases on the bug so we can assign tasks that'd be great
<teward> the 'proposed workaround' there is actually why i'm poking rbasak or sarnold xP
<sdeziel> teward: I'm less sure that's a nginx bug now to be honest. I've vaguely remember seeing the same error with other daemons
<sdeziel> teward: it feels as if systemd expects the PID to be there just a little before the daemon gets to create it
<teward> sdeziel: then that sounds like a SystemD bug
<teward> but the nginx one we can still apply a workaround, if it makes sense to add a half-second delay I could
<teward> but I want to 'avoid' breaking other things
<teward> so it would need additional testing
<Odd_Bloke> lordcirth: disco on leopard, eoan on surprise
<Odd_Bloke> (Thanks for your help BTW!)
<TJ-> Odd_Bloke: when the ping latency spikes are both wifi devices trying to send at the same time?
<Odd_Bloke> TJ-: "send" in what sense?  They're both running stuff, so I expect the network is in use at some level ~all the time.
<Odd_Bloke> (And how can I check/measure what you're asking?)
<TJ-> Odd_Bloke: I'm thinking they're causing transmit collisions with each other, which would induce spikes. The other possibility could be how the router handles ICMP. Is it only ping, or other protocols too?
<Odd_Bloke> TJ-: arping exhibits a similar issue
<TJ-> Odd_Bloke: the obvious difference is you've got 4 trips over wifi, whereas for lively, there's only 2
<Odd_Bloke> Hmm, I wasn't seeing slowness router->lively before but I am now.
<Odd_Bloke> And I'm seeing it to my Android phone too.
<Odd_Bloke> OK, I think this is a router/wifi config issue, so I'll look at that later when I don't need Internet to work.
<Odd_Bloke> TJ-: lordcirth: Thanks for the help. :)
<lordcirth> Oh, I didn't realize it was wifi. Yes, wifi is a single collision domain and can cause this sort of thing
<sdeziel> teward: agreed but the workaround is so ugly ;)
<teward> sdeziel: when is a workaround NOT ugly >.>
<teward> and besides who only uses 1cpu nowadays anyways lol
<teward> *shot*
<sdeziel> teward: I have yet to see high enough load on nginx to warrant 2 CPUs. I was never slashdot'ed though
<teward> usually not nginx that needs the extra CPU but $BACKEND that needs the extra power :P
<lordcirth> How can I have an xattr be set on all new home directories that are created?
<sarnold> teward,sdeziel, that proposed workaround is really too ugly to ship. it's fine to suggest, but too ugly to give to other people
<teward> that's what i had assumed
<teward> sarnold: then we need systemd to investigate and fix :p
<teward> because if sdeziel is correct this affects other daemons not just nginx
<teward> and systemd is the race condition
<sarnold> teward: if you've got the cycles and the enthusiasm, give it a try on newer releses, or fedora; if it still happens with one of the latest two or three systemd releases, then systemd upstream will be a *lot* more motivated to try to find a solution
<sarnold> teward: but don't be surprised if they say it'd be best to convert to using socket activation or the systemd readiness API or remove the pidfile entirely etc
<sdeziel> teward: there was a related discussion in #systemd: https://paste.ubuntu.com/p/CFGsSkJJ4y/
<teward> sarnold: sdeziel indicated it affects all latest :P
<sarnold> (honestly given how almost nothing implements pid files correctly, removing them all would do the world a huge service)
<sdeziel> sarnold: yeah, bad PID handling is that what the systemd person hinted at
<sarnold> yeah, I think I agree completely with damjan in this case :)
<sdeziel> I don't know how much of it is due to the re-exec capability of nginx
<sdeziel> (service nginx upgrade)
<teward> sdeziel: MY solution to the upgrade bits would just to be a full service stop and start
<teward> but that's not a friendly way
<teward> because downtime
<sdeziel> teward: that's no solution then :P
<teward> exactly :P
<sdeziel> that's one of the very nice advantage that NGINX has over Apache
<teward> NGINX can also handle async uwsgi properly (Django)
<teward> unlike Apache's WSGI plugin
<teward> sdeziel: well in THEORY we could probably try and get by WITHOUT a pidfile but that'd torture a lot of things.  But systemd IS nice for me running things where I don't need a pidfile, even like a simple application
<sdeziel> teward: I don't know if Debian wants to keep compat with non-systemd setups. And the init script is used for at least 2 things even when systemd is present: upgrade and rotate (the logrotate job uses it)
<sdeziel> teward: that said, I think it would still work to drop PIDFile and ExecStop from the systemd unit. NGINX would still create the PID for the other actions to make use of it
<sdeziel> teward: scratch that, just tested it and it works until you "service nginx upgrade" at which point systemd looses track of the main process
<teward> yep
<teward> sdeziel: well we're already EXTREMELY diverged from Debian
<teward> with nginx anyways
<teward> we could probably alter it further to do our needs to ONLY support SystemD based systems without many headaches...
<sdeziel> granted but maybe the best course of action would be to check with upstream if the PID handling could be improved as suggested by damjan (#systemd) and sarnold
<teward> sdeziel: except they still support some older mechanisms and non-systemd things
<teward> upstream
<teward> so until EVERY distro they build/support is SystemD they can't remove it
<teward> i know this because I Have this discussion with them regularly
<teward> for other "supported" things that need to go die...
<sdeziel> teward: I'm not asking for support of Type=notify, just better PID handling
<sdeziel> I don't even know if Type=notify would work with NGINX through re-exec/upgrade
<teward> *shrugs*
<teward> sdeziel: i'd need details on explaining what they need to do to make handling work better.  Right now I'm not feeling up to dealing with their upstream devs just now, but if you want to open the issue for discussion, email nginx-devel@nginx.org - i'm subbed there and can weigh in :p
 * teward is currently nursing an insufficient-quantity-of-caffeine headache
<sdeziel> teward: unfortunately, I don't know much about fork/exec/PID handling to provide an adequate bug report ... merely enough to have a vague feeling I understand some of it ;)
<teward> :P
<teward> i know a little about PIDfile handling... but that's mostly because of Python scripts and services that are cron-run every minute
<teward> and sometimes the last process hasn't completed
<teward> ... and also the worker processes for some Redis-driven API systems
<teward> which are also SystemD-ified, but with less dependency on the pidfile
<teward> which are also SystemD-ified, but with less dependency on the pidfile (and more for the worker to not run if there's more than one worker attached for that queue)
<teward> (due to queue locking)
<TJ-> teward: sdeziel I think I have a solution for your nginx issue; TimeoutStartSec=XXX --- according to "man systemd-system.conf" the default is 100ms, so increasing that would likely solve your issue cleanly
<sdeziel> TJ-: thanks trying now
<TJ-> oops, sorry, misread, it's set to 90s ...DefaultRestartSec is 100ms
<sdeziel> TJ-: I tried RestartSec=1s and it didn't work
<TJ-> actually, I found something strange here. All the docs talk about TimeoutStartSec but (at least for apache2 here on 18.04) that doesn't exist BUT TimeoutStartUSec does - implying its micro-seconds not seconds as the base unit
<sdeziel> IIRC, some version of systemd tried to make those timeout params uniformly named. I also they they all take unit suffixes (s, ms, us, etc)
<TJ-> yes, seems like USec is only for DBus activations though
<TJ-> on the face of it, if DefaultTimeoutStartSec=90s, then systemd shouldn't complain about the missing PIDFile until that expires even if the process has started (which begs the question what it considers to be 'started' )
<TJ-> ahhh, I see. With Type=fork it's when the parent process exits and of course nginx is calling ngx_create_pidfile() from the forked process, not the parent, so may not have completed that call
<TJ-> easiest solution would be to move the call to ngx_create_pidfile() to before the ngx_daemon() call
<sdeziel> TJ-: thanks for digging into the code, your conclusion is sound to me
<sdeziel> if you want a tester for a path, count me in ;)
<sdeziel> s/path/patch/
<teward> TJ-: feel free to propose the patch upstream as well, but if your patch works we can quilt patch it for Ubuntu
<TJ-> teward: I've attached it to the bug
<TJ-> sdeziel: ^^
<sdeziel> teward: please let me know if you intend to provide a test build with TJ's patch, if not, I'll setup a local builder
<teward> sdeziel: email server's fubar but i'll look once I'm home, and probably test-build in a PPA against Eoan and Bionic (current 'test' envs I have available)
<teward> so I will have test builds... but in a few hours
<teward> not now
<teward> (can't get into home from work right now)
<sdeziel> teward: awesome, if you can post link to that PPA in the ticket, I'll be sure to test it out tomorrow
<arooni> how come i see "updated software is available for this computer; do you want to download"?  i thought i set up auto install of unattended upgrades both security and not security.  why am is eeing this?
<arooni> *seeing this
<teward> TJ-: mind if I steal your name/email right from Launchpad?  Or do you have a specific thing you want me to put in the DEP3 headers?
<TJ-> teward: It should just be "Tj <ubuntu@iam.tj> or <hacker@iam.tj>
<lordcirth> arooni, look in /etc/apt/apt.conf.d/50unattended-upgrades. Is -updates repo enabled?
<TJ-> teward: if it works I'll do a PR upstream
<arooni> lordcirth:yes under allowed-origins
<lordcirth> arooni, ok, so if you do " apt list --upgradeable" what repos are they from?
<arooni> lordcirth: grr i already ran the update so i dont get any output on that command
<arooni> lordcirth: it was stuff like neovim
<TJ-> arooni: presumably you have PPAs added?
<arooni> oh i definitely do
<TJ-> arooni: if I recall correctly unattended-upgrades only deals with Ubuntu archives, not PPAs
<arooni> well that would explain it
<lordcirth> Yeah, that list is a whitelist of repos
<sdeziel> I think that adding "LP-PPA-${PPA_NAME}:$DISTRO" to the allowed-origins is what's needed
<teward> TJ-: ack.  They'll want an hg-created patch though against their HG and submitted to nginx-devel
<teward> they don't use git :\
<TJ-> that's fine :)
<Odd_Bloke> arooni: Bear in mind that a PPA owner could put any package in their PPA and you would have it installed via unattended-upgrades; this could break your system without any chance of you intervening.
<arooni> Odd_Bloke:so you're saying its not a goodddddddd idea
<Odd_Bloke> (Obviously there's some danger of that regardless, but PPA packages don't have to go through the same process that Ubuntu packages do.)
<Odd_Bloke> Yep, it's not something I would do.
<Odd_Bloke> (Unless I specifically trusted the PPA owner a great deal.)
<TJ-> ^^^^
<Odd_Bloke> And when I say any package, I mean any package; someone could put a compromised browser, kernel or fundamental system library in there and you might not notice.
<arooni> wow didnt know that was a thing
<Ussat> everyone knows everyone on the internet is to be 100 trusted
<teward> TJ-: sdeziel: PPA at https://launchpad.net/~teward/+archive/ubuntu/nginx-lp1581864 - Eoan builds are all done except for s390x, builds queued for Xenial, Bionic, Cosmic, Disco.
<teward> but it's the PPA builders soooooo
<teward> put the thing in the bug as well for testers.
<teward> i adjusted some security restrictions at work to let me out - advantage: IT Security guy :P
<teward> TJ-: also when I did the DEP3 headers I used Tj and ubuntu@
<teward> for the author part of the patch
<sdeziel> TJ-: teward: test failed here
<TJ-> sdeziel: the patch definitely applied?
<sdeziel> TJ-: pretty sure as the PID handling was very different, see the bug update for the details
<TJ-> sdeziel: was this for service start, or restart/reload ?
<sdeziel> TJ-: I only tried to start it
<TJ-> oh of course! stupid of me
<sdeziel> looks like there is double forking
<TJ-> PID will be parent not child, doh! Can you tell I've been up for 19 hours?
<TJ-> Hmmm, did you try using the systemd directive GuessPID=true and leaving PIDFile= unset?
<TJ-> sorry,  GuessMainPID=
<TJ-> see "man systemd.service"
<sdeziel> TJ-: I tested with PIDFile= (empty) without your patch, this didn't work
<TJ-> it is the default for Type=forking
<sdeziel> TJ-: GuessMainPID defaults to yes when Type=forking so I think I tested what you asked, just not with your patch on
<TJ-> I agree with you
<TJ-> I can see why the patch didn't work, and I can see how it might be possible to make a different patch that would, but that has to be more invasive so I'm looking for the most straightforward, minimal, way to do it.
<TJ-> I'll sumerise: ngx_daemon() is the function that does the fork(). When calling fork() it returns the PID of the child to the parent, and 0 to the child. ngx_daemon() does an immediate exit(0) so never returns so we can't get at the child's PID in the parent before it exits. There are 2 options: 1) have the create_pidfile() cann moved into ngx_daemon() [ not nice ] or 2) amend ngx_daemon() in some way
<TJ-> so even in the parent it can return and bring with it the child PID
<teward> sdeziel: TJ-: Removing the packages since they don't work - has the bug been updated that tests failed?
<sdeziel> teward: yes
<TJ-> I almost have it :)
<teward> TJ-: well you'll have to upload a new patch xD
<teward> unrelated i'm starving, time to make dinner.
<TJ-> I could do with some review of this one!
<TJ-> http://paste.ubuntu.com/p/sbsSp5xwJ9/
<TJ-> if you can follow the logic that'll help :) Basically, instead of ngx_daemon() doing exit() after the fork() it returns the childs PID. The calling code uses that (child_pid) to figure out whether to write the PID file. PIDs are always > 0 (NGX_OK) so the exit() is done after create_pidfile() only if pid_child > NGX_OK
<sarnold> TJ-: wow that's subtle
<TJ-> I've not done a compile test on this patch
<TJ-> I've tried to make the code retain cross-platform usage so it won't break a WIN32 build
<sarnold> is win32 code the part missing between hunks?
<TJ-> sarnold: yes
<sarnold> ah, good.
<sarnold> well, those are seaprated by a lot :) but at least if it doesn't run, it won't have sideeffects from not being run twice :D
<TJ-> that's why I set pid_child = NGX_BUSY (-3) so I can detect if it was set by a call to ngx_daemon()
<TJ-> pid_child will be either NGX_ERROR (-1) if the fork failed, NGX_OK if this is the child process, or > 0 if it is the parent process
<sarnold> TJ-: I think if it were my codebase, I'd want the first added line to be: ngx_int_t child_pid = NGX_BUSY;
<sarnold> sigh firefox y u copy neewline
<teward> TJ-: let me know when you want me to local-test the patch.
<sarnold> ngx_int_t child_pid = NGX_BUSY; /* sentinal used for ngx_create_pidfile later */
<TJ-> sarnold: good idea, I'll add that
<sarnold> TJ-: and if they don't like extra comments, feel free to blame me :D
 * teward wants pizza, but has no money at the moment
<TJ-> how about this? http://paste.ubuntu.com/p/gCfDk6YkXM/
<TJ-> sarnold: yeah, I don't like code without comments!
<TJ-> I doubt upstream will like this, but it should solve the immediate issue
<TJ-> sarnold: which ubuntu release are you primarily testing with this (so I can do a compile/build test here before posting the patch to the bug report) ?
<sarnold> TJ-: I haven't done any testoing at all
<TJ-> ah, it was teward wasn't it?
<sarnold> TJ-: your comment is much better :) nice. I think it'd read better if it had a newline in front of it
<sarnold> TJ-: and sdeziel
<teward> sarnold's better at code :)
<teward> but i'm happy to do some testing
<TJ-> I'm sooo tired my memory is like a goldfish right now
 * teward has a number of tests he runs locally
 * teward gives TJ- caffeine
<TJ-> I've a Husky asleep at my feet; I want to swap places :)
<sarnold> awwwww :)
<teward> don't mess with the husky :P
 * sarnold awooooooooo
<TJ-> newline just for you http://paste.ubuntu.com/p/Xk58SZr7bk/
<sarnold> TJ-: there we go that's the good stuff :)
<TJ-> teward: which ubu release should I compile/build-test with this?
 * TJ- needs to fire up a container
<teward> TJ-: start with Eoan?
<TJ-> teward: will do
<teward> since that's where this will land first
<teward> then Bionic after that since LTS is important :P
<teward> TJ-: i'd also ask you test Xenial because that's still supported for a few years too so :P
<teward> but at the least Eoan and Bionic are the two big ones, Eoan 'cause it'll land there faster than the rest, and Bionic because latest LTS
<TJ-> teward: as long as the code hasn't changed too much so the patch doesn't break :)
<sarnold> this feels like code that would have been written once 15 years ago
<teward> good point.  I don't think much has happened from the initialization part for some time
<TJ-> I'm not even sure which branch I've got my git pointing at!
<teward> and the oldest you'd have to go is 1.10.x which is 16.04.
<teward> so bleh
<TJ-> oh, its 'origin/ubuntu/devel
<TJ-> I assume that matches latest for Eoan
<teward> TJ-: cat the changelog?
<teward> check what the latest entry is :P
<TJ-> nginx (1.16.0-0ubuntu1) eoan;
<teward> yep that's eoan
<TJ-> I was forgetting this'll include the packaging
<teward> :P
<TJ-> I'm on a slow connection so I'll make a pot of coffee whilst the container gets ready
<TJ-> hmmm, I may not be able to do this here now; out of space on both / and /var  !
<sarnold> uhoh. bad idea to deal with that while tired
<TJ-> let's see if I can resize  the /home/ LV to free up some extents... this could be fun whilst mounted!
<TJ-> need to log-off whilst I do this
<telescopeemoji3> Anyone know why the ubuntu server rpi3 image updates to rpi2?
#ubuntu-server 2019-06-01
<tomreyn> telescopeemoji3: i don't, and wont be able to test, but it'd be easier for others to respond if you told which image exactly (ideally by download location) you used and which how-to you followed and how you determined that this image "updates to rpi2". also note there is #ubuntu-arm
<TJ-> currently building nginx (finally) for Eoan
<teward> TJ-: that means you are about to fail randomly :P
<TJ-> it's built, and installed, now I'm trying to restrict the container to 1 CPU although I'm not sure that'll help!
<TJ-> argh, broken
<sdeziel> TJ-: once it started fine, you can try "service nginx upgrade" and see if systemd lost track of the new main PID
<sdeziel> oh shoot
<telescopeemoji3> https://www.ubuntu.com/download/iot/raspberry-pi-2-3 im using the 3 image
<telescopeemoji3> When it updates it changes the kernel to 2
<telescopeemoji3> oh nm
<telescopeemoji3> i may be corrected
<telescopeemoji3> uname -a
<telescopeemoji3> Linux Raspberry 5.0.0-1006-raspi2 #6-Ubuntu SMP Thu Apr 11 18:04:26 UTC 2019 aarch64 aarch64 aarch64 GNU/Linux
<TJ-> building again with added logging
<TJ-> sarnold: nginx - do you know where the ngx_log_stderr() is supposed to go!? I'm not finding the output anywhere, even when starting nginx manually
<sarnold> TJ-: I do not :( it might require setting a specific loglevel somewhere..
<TJ-> no, it seems somehow the debian build isn't including my code!
<TJ-> I've added lots of ngx_log_stderr() with the string "child_pid" used, and "strings /usr/sbin/nginx" doesn't find it
<sarnold> strings -a ?
<TJ-> Aha! id' already done a fakeroot debian/rules build... so when I rebuilt the package it used the build products under ./debian/ ! Doing a 'clean' looks like it'll solve that
<TJ-> so my adding log messages didn't get into the build products
<TJ-> sarnold: we have data! https://paste.ubuntu.com/p/nksHVHcF2Q/
<sarnold> beautiful!
<TJ-> sarnold: patch is: http://paste.ubuntu.com/p/sMT3Wnj6pH/
<sarnold> TJ-: nginx[10421]:
<sarnold> TJ-: that never said 10422 :/
<TJ-> so it seems like ngx_create_pidfile() is actually writing the /wrong/ pid into the file
<TJ-> so becuase of how I've coded it it looks like I've got to 'munge' the ngx_pid
<TJ-> building it now
<TJ-> I hope this is it; been hacking away for 24 hours now
<TJ-> sarnold: woohoo! https://paste.ubuntu.com/p/zrBPvhq4SR/
<sarnold> nginx[27728]: nginx: This should be child process PID 27729, parent PID 27728
<sarnold> TJ-: something's still goofy :(
<TJ-> nah, it's fine
<TJ-> systemd uses the parent PID in its logging regardless of child processes
<TJ-> the funniest is "nginx[27728]: nginx: Process PID 27729 exiting" because that is printed after ngx_pid was set to the child PID :)
<TJ-> but whereas before this the package installation would hang during configure, it didn't hang this time
<TJ-> I'll remove the log messages and attach the patch to the bug
<sarnold> OH! so that part of the message isn't formatted by nginx? it's formatted by systemd? (and it gets it wrong, of course, becasuse why would it be doing the formatting.)
<TJ-> well, I thought that was it, but just did a package upgrade and got this: "Jun 01 03:19:23 u1910 start-stop-daemon[18631]: /sbin/start-stop-daemon: warning: failed to kill -3: No such process"
<sarnold> oh my
<sarnold> why isn't there a process 3? I don't have one either :)
<sarnold> if that had been -2 or -4 or so on you might have had a bad day :)
<TJ-> it's -3, NGX_BUSY, the tell-tale
<TJ-> that's because when ngx_inherited == true ngx_daemon() is NOT called, so child_pid doesn't get set
<TJ-> I've just got to add another test on ngx_inherited
<sarnold> the thing is, kill with a negative pid number STILL KILLS -- process groups
<TJ-> I've fixed that now, doing a build test
<TJ-> this only affected reloads where there was no fork()
<TJ-> sarnold: sorted, works perfectly for starts/stops/restarts
<TJ-> attached to bug report, going to bed now
<sarnold> TJ-: beautiful! and .. the upgrade?
<sarnold> aha
<sarnold> TJ-: goodnight, good weekend :)
<TJ-> yes, the upgrade too
<sarnold> :D :D
<FarhaadN> hi all
<FarhaadN> i am using ubuntu server 12.04.5 LTS , and i know it's old, but i have problem on this
<FarhaadN> df not working
<lotuspsychje> we dont support eol versions FarhaadN
<lotuspsychje> in this stage you can choose 12.04 ESM or !eolupgrade but reccomended would be clean install 16.04 or 18.04
<FarhaadN> can you help please from your experience?
<FarhaadN> i cant upgrade server to newer version right now
<lotuspsychje> FarhaadN: supporting an eol version is not how it works, as your system might suffer all kinds of security flaws
<FarhaadN> i know that , server isolate from security attack, i am just check mount and storage
<Greyztar> cant seem to install packages no more is there a problem with the mirrors?
<Greyztar> nvm was my iptables rules o.0
<banditti> Hello all.  I have a ubuntu server (18.04) with dual nic.  (10.0.0.0 and 10.0.100.0). I am trying to get one only to connect to a qnap box via iscsi.  when I use iscsiadm it logs in both IPs.  Also, need to figure out how to auto boot the mapping.  What am I missing?  Thank you in advance
#ubuntu-server 2019-06-02
<samba35> if i want to create systemd-boot then do i have to reformat /recreate esp boot partion to configure/install systemd-boot ?
<adrian_1908> The netplan config supports setting nameservers. Won't this clash with systemd-resolved, namely /etc/systemd/resolved.conf?
<adrian_1908> Ok, looks like there's support for per-interface DNS server along with the global ones, hence the two pathways. Netplan is responsible for the (optional) per-interface ones.
