#ubuntu-server 2006-10-30
<so_solid_moo> tmh__: no, not quite - I'm thinking more about installing LDAP-dependent software
<so_solid_moo> tmh__: rather than just making LDAP "easier"
<JaZy84> i've installed ubuntu 6.06 on my 200mmz mmx machine with 64mbs of ram and it when it trys to load the kernel it will just reboot
<JaZy84> is there a requirment to run the server? i did regular server not lamp.
<Ries> is it possible with apt to install a php, mysql, imagemagic and apache with one command... liek a lamp server?
<^robertj> hey all. is dist-upgrade still the preferred method for remote upgrades?
<infinity> Yes.
<infinity> Well, no.
<infinity> The best method tends t obe using a frontend (like dselect or aptitude) as they're a bit smarter.
<infinity> But dist-upgrade is fine, if you watch the list of added/removed packages CAREFULLY and make sure it's not going to mess anything up for you.
<^robertj> thanks
<^robertj> this was originally a woody box :)
<^robertj> keeps on trucking :)
<incorrect> hello
<incorrect> what exactly is this optimised kernel for servers?
<tmh__> incorrect: https://help.ubuntu.com/community/ServerFaq
<tmh__> maybe that should be in the topic?
<incorrect> thanks
<nach0s> Hi all, anybody know a web tool to administer a server? like, create user, make some easy tools etc, but dont webmin...
<Burgwork> nach0s: off the top of my head, I know of a few but their names are escaping me
<nach0s> Burgwork, humm.. ok...
#ubuntu-server 2006-10-31
<edneymatias> hi all
<J_P> hi all
<J_P> people, Intel XScale PXA270 is x86, arm or what arch ?
<so_solid_moo> arm
<J_P> so_solid_moo: without modifications ?
<so_solid_moo> what do you mean?
<J_P> so_solid_moo: if xscale is really works as a ARM, or is a pure ARM, I can use distros for arm e works fine..
<J_P>  use linux on it.. probably needs to be xscale specific though ?
<so_solid_moo> not necessarily
<J_P> somethinkg understand
<so_solid_moo> it depends on the device, though
<so_solid_moo> arch isn't just about CPU
<J_P> http://www.compulab.co.il/x270/html/x270-cm-datasheet.htm
<so_solid_moo> I can't tell just by looking
<so_solid_moo> But, for example, some arm devices are wired up little-endian
<so_solid_moo> so you need a specific distro to run, otherwise none of the hardware works
<so_solid_moo> they let you download a kernel and debian filesystem though, so I would think it works fine
<J_P> ok
<shwag> how safe is it to do a  sudo apt-get upgrade  on a live server ?
<jbrouhard> depends
<jbrouhard> do u have mission-critical apps that are being upgraded
<jbrouhard> and if so, do you have backups
<jbrouhard> also, do you *KNOW8 these upgrades will work with your existing config ?
<shwag> well yah,...all the upgrades are on mysql, apache, php....which are all the things I run.
<shwag> the question is...will the conf updates break my system.  im hoping that Canonical's LTS works well.
<so_solid_moo> it shouldn't do, so long as you're just updating the distro and not changing release
<shwag> im not aware that any of these security updates are critical.
<so_solid_moo> if it's php, frankly, it's such a pile of rubbish I wouldn't run anything less than the latest version available
<so_solid_moo> but that's personal opinion
#ubuntu-server 2006-11-01
<Psi-Jack> Hmm. 
<Alter-Ego> whoo a server list
<Alter-Ego> are there docs on ltsp5 ?
<kupesoft> Is there a sendmail replacement that just takes emails and sends them from another place via smtp?
<theDtTvB> :part
<theDtTvB> Oops sorry
<pschulz01> Anyone around?
<Skid> hi guys, I've got some EM64T hardawre - is this supported under the AMD64 package?
<Skid> er, release, sorry
<Ries> I think so yes
<Skid> ah-ha I see, it is yeah
<Skid> thanks.
<Skid> "For computers based on the AMD64 or EM64T architecture (e.g., Athlon64, Opteron, EM64T Xeon). It is not necessary for all (even most) processors made by AMD -- only their 64 bit chips."
<Ries> Skid: I have a XEON.... I am just not into HW but teh amd64 package works
<Skid> yeah, thanks
<Alakazamz0r> will it run on Sparc2?
<Alakazamz0r> sweet it will
#ubuntu-server 2006-11-02
* Starting logfile irclogs/ubuntu-server.log
<Ries> hey Guys, in a makefilee for a debian package I find this line:         @-cp debian/dtc-xen-soap $(DESTDIR)/etc/init.d 
<Ries> should i change debian to ubuntu?
<Ries> Ooo never mind...
<Ries> I think I found it already
<Alakazamz0r>  i accidentally deleted my /etc/bacula directory
<Alakazamz0r> and all the files in it.
<Alakazamz0r> how can i totally reinstall bacula, including the /etc/bacula defaults?
<Alakazamz0r> root@bacula:/etc/bacula# cd /etc/bacula/
<Alakazamz0r> root@bacula:/etc/bacula# ll
<Alakazamz0r> total 0
<Ries> try a apt-get install --reinstall bacula
<CarlFK> dapper desktop live cd kernel seems to support raid1 (/dev/md0 type) but edgy-desktop doesn't.  is edgy-server the same, or does anyone know if the 'rescue mode' on the -server CD does have md support?
<Ries> I can imagine that server support md0.... But I don't run SW raid... so I cannot tell for sure
<CarlFK> fdisk shows Disk /dev/md0: 20.8 GB, 20883832832 bytes
<CarlFK> I want to dd that to a normal partition so that I can fsck it 
<CarlFK> and not mess up my current mess
<CarlFK> how do I make a partition that size, or can it be a bit bigger?
<tmh_> it can
<CarlFK> cool.  thanks
<buzznut> anyone here able to help with getting postfix+sasl+mysql to work on edgy? Moving from debian stable to ubuntu-server 
<buzznut> anybody able to point me to the right place for help on this? I can't get postfix to see my config in smtpd.conf in /etc/postfix/sasl
<sharms> buzznut: wiki has all instructions
<buzznut> sharms: looking at that howto right now to see if it is one of the many that I have consulted.
<buzznut> everything works great but smtp auth, but I will check the wiki to see if it provides me any insight
<buzznut> I tried to follow this howto at http://flurdy.com/docs/postfix/
<buzznut> but smtp auth doesn't work
<buzznut> sharms: which one of the many articles on the wiki do you recommend?
<sharms> buzznut: ha none really, but  the 3rd party docs like flurdy never seem to work on my system
<buzznut> sharms: aint that the truth. I am pulling my hair out because I have everything rocking but one piece and I just can't seem to get past it.
<buzznut> looks like I am going to start over with the complete virtual mail howto :)
<anne__> hi
<anne__> is there a way to connect Winterm ICA-based thin clients to an ubuntu server ?
#ubuntu-server 2006-11-03
<Alakazamz0r> Can ANYONE help me... set up a DLT7000 with bacula on Ubuntu server?
<shoobs> Hello :)
<shoobs> I have a question.
<shoobs> How can I get the install to proceed (Dapper server) with only a USB keyboard connected?
<shoobs> My BIOS doesn't support USB input peripherals.
<KenSentMe> Anyone here installed hula on ubuntu dapper? I've installed hula according to the wiki, but used other ubuntu debs i found on the hula site. I installed slapd as well, and configure hula-admin with option managed-slapd option. Now i get this error when running hula-admin: Driver MDBLDAP failed to load:Driver MDBLDAP, Init failed with: Could not initialize LDAP connection
<thefish> KenSentMe: dont know hula, but that looks like the ldap server isnt running
<thefish> try starting openldap
<KenSentMe> thefish: i think i've found the solution in #hula, it was a problem with hula not starting
<thefish> k
<thefish> KenSentMe: is it a fairly simple install? ive been meaning to try it
<KenSentMe> thefish: there's a wiki page, the install is simple, but the use i don't know
<KenSentMe> thefish: i've been looking into hula, but it seems to much for me. The webinterface is disabled and there are hardly any docs or tuts about configuring hula
<thefish> KenSentMe: you looked at zimbra?
<thefish> if you dont mind not having a built in web interface, kolab is very good(buit from common oss parts, openldap, postfix, cyrus etc)
<KenSentMe> Well, i think i stick with some lower-end solutions, but zimbra sure looks nice
<KenSentMe> I'm now trying to share my calendars on a webdav server, but it won't work properly
<buzznut> !seen sharms
<KenSentMe> Is it possible to install a caldav server on Ubuntu?
<cemil> hi there :)
<cemil> today i played a little bit with kickstart
<cemil> and i have some questions, hope someone is here :)
<cemil> i want to use my own repository for my installation
<cemil> but how can i make a repo for "server"? when i use debmirror, i have a "normal" mirror
<cemil> with the normal packages.gz, etc
<cemil> and it it installs a lot of useless shit :)
<cemil> also i miss /install, when i mirror with debmirror
<cemil> so - i maybe want a mirror for dapper server, right? 
<pschulz01> cemil: Still here?
<pschulz01> Hi purserj 
<purserj> hey
#ubuntu-server 2006-11-04
<cemil> pschulz01: yeah
<pschulz01> :-)
<pschulz01> cemil: Did you figure out what to do?
<purserj> now thats what I call lag
#ubuntu-server 2006-11-05
<Keigo-kun> is it possible to do a server install from the liveCD?
<pschulz01> Keigo-kun: still here?
<Keigo-kun> yeah
<pschulz01> Keigo-kun: It is probably better to get the 'alternate' CD
<Keigo-kun> I guess, but I have a dapper CD right here, but no free CD to burn a new one..
<Keigo-kun> so would be great if it was possible with a normal CD
<pschulz01> Keigo-kun: Why do you want a server install?
<Keigo-kun> Because I want it minimalist.. I just want the programs I pick, insted of getting tons I never use
<Keigo-kun> also, as a learning experience I guess
<pschulz01> Keigo-kun: Have a look.. before the CD boots, there may be an option. (I'm not sure).
<Keigo-kun> There isn't :(
<pschulz01> Keigo-kun: Hmm....
<Keigo-kun> I tried pressing F6 to get additional options
<Keigo-kun> but that just allows me to give arguments
<pschulz01> Keigo-kun: If you're keen to get started, you can install and remove packages after the install (eg. ubuntu-desktop)
<pschulz01> Keigo-kun: .. but you're right. A direct server install is the best way of installing a minimal system.
<Keigo-kun> Yeah, I guess... I just feel like I'll somehow miss something and I'll get tons of problems later because of dependancies etc
<pschulz01> Keigo-kun: Are you Redhat user?
<pschulz01> you a
<Keigo-kun> I'm downloading the Gentoo liveDVD now, I guess I'll try that. If it's too hard, I'll ownload a proper Ubuntu Server CD
<Keigo-kun> no, I have only tried Ubuntu
<Keigo-kun> ans kubuntu
<Keigo-kun> *and
<pschulz01> Keigo-kun: Dependencies are handled very well by Ubuntu/Debian packaging and maintainers. 
<pschulz01> Keigo-kun: 'apt-get' usually handles getting all the dependencies very well. 
<pschulz01> Keigo-kun: Is there anything is particular that you're after?
<Keigo-kun> No, not really :) I just want to sit on an installation where I know what pretty much everything installed is
<pschulz01> Keigo-kun: Something else to look at then is 'debootstrap'
<pschulz01> Keigo-kun: Under ubuntu/debian, this will download and install all of the packages required to setup a 'choot cage' file system. 
<pschulz01> chroot
<pschulz01> Other than a kernel and and 'init' system for starting daemons, this will show you everything else that ubuntu (or debian) installs for a minimal system.
<Keigo-kun> That's pretty cool i guess
<pschulz01> Keigo-kun: I use it to run Ubuntu software on a CentOS (work supplied) worstation.
<pschulz01> workstation
<pschulz01> Anyway.. sorry I couldn't be more helpful. I'm off to bed..
<Keigo-kun> No problem
<Keigo-kun> thanks anyway :)
<dv5237> is it possible to install ubuntu-server and then xorg+wm to minimize the installation?
<dv5237> does someone know how i can install the font fixed? 
<dv5237> what packge contains the font i mean :)
#ubuntu-server 2007-10-29
<XiXaQ> if I have a raid-1 setup and one disk crashes.. How do I see that?
<vjl323> XiXaq: /var/log/syslog should tell you; are you using a RAID controler or software-based RAID?
<fujin_> anyone very familiar with proftpd?
<fujin_> I need to do a blanket quota
<fujin_> of 10mb per usa
<fujin_> user*8
<XiXaQ> vjl323, no, I'm planning. I don't get my server until a few weeks. :)
<kgoetz> does ubuntu-server have its own domain like [x,k,ed]ubuntu?
<Burgundavia> kgoetz: no
<kgoetz> Burgundavia: ok. just checking
<ajmitch> hello dendrobates
<dendrobates> ajmitch: hi
<stiv2k> why doesnt my server have an `htpasswd2`?
<stiv2k> only htpasswd
<kgoetz> why should it have one?
<stiv2k> i don't know
<stiv2k> i am following a guide that is asking me to use htpasswd2
<stiv2k> so i decided to ask to be on the safe side before i use htpasswd
<stiv2k> kgoetz: eh?
<kraut> moin
<_ruben> mornin
<zobbo> Where can I reconfig the system timezone on Gutsy Server ?
<avatar_> zobbo: tzconfig
<zobbo> hmmm, 'tzconfig' not found and no suggested packages displayed
<zobbo> ah - bug #148891 - "tzconfig not in gutsy"
<ubotu> Launchpad bug 148891 in glibc "tzconfig not in gutsy" [Undecided,New] https://launchpad.net/bugs/148891
<zobbo> SNAP ! :)
<Kamping_Kaiser> lol
<avatar_> ah, on my server i'm still running feisty
<zobbo> can I borrow your tzconfig guv ?
<avatar_> [11:30|henkjan@pallas.finux.nl ~]
<avatar_> % cat /etc/timezone
<avatar_> Europe/Amsterdam
 * zobbo gives it a go
<avatar_> zobbo: you can try tzselect
<zobbo> ooh
<zobbo> that's there !
<zobbo> thank you !
<avatar_> Note that tzselect will not actually change the timezone for  you.  Use âdpkg-reconfigure tzdataâ to achieve this.
<avatar_> ...
<zobbo> and thank you once again. Saved me a couple of hours of tearing my hair out !!!
<avatar_> np
<Kamping_Kaiser> could i check out the ubuntu(-server) docs the same way as the edubuntu stuff? i assume its in bzr on LP?
<AnRkey> I have changed my hostname in /etc/hostname, how to i force the change to take effect?
<avatar_> AnRkey: which: hostname <yournewhostname>
<AnRkey> thank you kind sir :D
<spiekey> hi
<spiekey> this might be a little OT :-(
<spiekey>  when i try to install Feisty Fawn from CD i get:
<spiekey> sd 4:0:0:0 Attached scsi disk sdb
<spiekey> sd 4:0:0:0 Attached scsi generic sg1 type 0
<spiekey> then it stops. I have a Scaleo Pa2505
<mralphabet> spiekey: try gutsy
<spiekey> hmm..maybe its my usb disk! I will reboot, try again and come back ;)
<spiekey> whats gutsy?
<spiekey> oh, 7.10
<spiekey> is it not experimental?
<mralphabet> released last week?  week before?
<spiekey> i have a AMD64 X2, do i want the amd64 iso?
<spiekey> i still want a 32bit operating system + tools
<mralphabet> I think you just answered your own question
<spiekey> so the i386 thing?
<spiekey> i thought you can run a 64bit kernel with 32bit applications?
<spiekey> hi
<spiekey> has anyone an idea why my ubuntu installation hangs here? http://i24.tinypic.com/348rdwy.jpg
<spiekey> its 6.06 LTS
<spiekey> (installing on vmware)
<spiekey> from iso image
<tepsipakki> spiekey: check the console (alt-f4)
<spiekey> how can i send alt+f4 to vmware?
<spiekey> oh, with alt+f4 :)
<tepsipakki> don't remember, maybe there was a button for locking alt
<tepsipakki> ah
<spiekey> F1 screen: http://i24.tinypic.com/34dizvs.jpg
<spiekey> F4 screen: http://i20.tinypic.com/2vt14cl.jpg
<spiekey> now, this is not going to be helpful, is it?
<sommer> spiekey: almost looks like your network settings aren't correct.
<lerolero> is there a ubuntu-server related blogsphere of some sort ?
<sommer> lerolero: do you mean blog software? or a server related blog?  AFAK some server dev blogs are aggregated here: http://planet.ubuntulinux.org/
<rbrunhuber> I need help with a feisty server + spamassassin + amavis setup. The permissions for the bayes db get screwed up very often.
<tepsipakki> spiekey: you could try on #ubuntu-installer, but yeah, you can check the network settings by opening a console session on VT2 or 3
<stiv2k> anybody here know a little something abotu WebDAV?
<rbrunhuber> stiv2k: what do you need?
<stiv2k> rbrunhuber: well i'm trying to set up subversion following this guide: http://www.howtoforge.com/debian_subversion_websvn
<stiv2k> but i am having problems with the webDAV part, h/o let me retrieve the error i'm getting
<stiv2k> svn: PROPFIND request failed on '/project_resurrection'
<stiv2k> svn: PROPFIND of '/project_resurrection': Could not read status line: Secure connection truncated (https://websvn.neoturbine.net)
<rbrunhuber> is this server public reachable?
<stiv2k> yes it should be
<rbrunhuber> stiv2k: no it always times out.
<stiv2k> rbrunhuber: what port you trying to connect on?
<stiv2k> 443?
<stiv2k> i think the problem lies with SSL as the guide completely skips over explaining how to setup an SSL certificate and such :|
<stiv2k> i dont know why they would show you how to set up webdav with SSL yet not show you how to set up SSL
<stiv2k> ??
<lerolero> sommer: thanks for the link. that's exactly what I was looking for.
<sommer> np
<rbrunhuber> stiv2k: Sorry, i was distracted: boss calling.
<stiv2k> its okay
<stiv2k> i (sort of) got it working
<stiv2k> i have it working w/o ssl
<mralphabet> stiv2k: somebody did a writeup of svn + ssl on http://planet.ubuntulinux.org/
<mralphabet> it's about 2/3 down the page
<stiv2k> nice
<rbrunhuber> stiv2k : there is one rule of thumb: There is no such thing like a free lunch with apache2 + ssl
<stiv2k> hehe
<stiv2k> what are you implying?
<rbrunhuber> stiv2k: for example virtual host + ssl is not working.
<stiv2k> uh oh
<stiv2k> really?
<stiv2k> so i can pretty much scrap the idea
<sommer>  stiv2k: You can use IP based vhosts with Apache + SSL
<stiv2k> i usually use <Virtualhost *:80>
<rbrunhuber> sommer, stiv2k: thanks for the correction namebased virtual hosts are not working.
<stiv2k> correction
<stiv2k> <VirtualHost *>
<stiv2k> i don't know if that's name-based or IP based
<rbrunhuber> stiv2k, sommer: i got around this problem by redirecting for example http://webmail.example.com  to https://example.com/webmail
<sommer> stiv2k: that's named based.
<rbrunhuber> stiv2k : and http://svn.example.com to https://example.com/svn
<sommer> <VirtualHost 172.18.100.1:80>
<sommer> <VirtualHost 172.18.100.2:80>
<sommer> you'll need to add extra IP's to your interface
<stiv2k> sommer: well i have several name based virtual hosts
<stiv2k> and i have a dynamic public ip
<rbrunhuber> stiv2k: then you are forced to use name based vhosts
<sommer> stiv2k: here's a link explaining why you need IP based: http://httpd.apache.org/docs/2.2/vhosts/name-based.html
<sommer> actually that link doesn't... looking for correct link
<rbrunhuber> the problem is, that ssl is defined in the server context and not in the virtual host context, which means that you can only specify one ssl certificate.
<sommer> try this link: http://httpd.apache.org/docs/2.0/ssl/ssl_faq.html#vhosts2
<rbrunhuber> stivk what do your virtual host names look like?
<rbrunhuber> stiv2k: see above
<rbrunhuber> sommer: seems stiv is now busy reading.
<sommer> heh... I had to deal with that ssl name vhosts issue a couple of months ago, one of those woops moments.
<rbrunhuber> sommer : me too, as my website is only intended for a very small audience i use redirects vom http (pretty url) to https (ugly url)
<stiv2k> hehe
<stiv2k> sorry
<stiv2k> okay
<stiv2k> so i can't just use one certificate ?
<rbrunhuber> stiv2k: ?
<rbrunhuber> stiv2k:  you must use only one certificate and you must have only one virtualhost stanza if you are using name based virtual hosts
<stiv2k> rbrunhuber: i see
<UnNaturalHigh> I have ubuntu-server i386 installed. I know that it is not wise in most instances to have X.org installed on a server so this is why I ask this. Would it be alright for a home server to have X running and if not would running an xen server and having a domU desktop make more sense?
<lerolero> timestamps...
<leonel> UnNaturalHigh: why use xen ?? will there be different users ?
<leonel> if its a home server  ..
<UnNaturalHigh> leonel, only user is me from a GUI perspective
<lerolero> UnNaturalHigh: do you have a desktop other than the server, or you must use the server console ?
<UnNaturalHigh> lerolero, I have two laptops on my desk and the server at my feet
<UnNaturalHigh> I just wanted to use the monitor as an extra desktop with synergy and X11 forwarding
<lerolero> gotcha.
<lerolero> I wouldn't use xen at all for this setup. just install the packages and configure the X server by hand.
<UnNaturalHigh> just trying to get some people's opinions more or less on what direction I should take
<lerolero> well, I usually don't have a local console on my servers.
<UnNaturalHigh> yea, I was just going to run e17 or fluxbox anywho
<UnNaturalHigh> security is not a big concern on a home cable connection
<UnNaturalHigh> I already run a nice firewall in the form of pfsense
<lerolero> :)
<UnNaturalHigh> thanks for you input lerolero
 * UnNaturalHigh is going back to school :)
#ubuntu-server 2007-10-30
<WaVeR> Morning
<coNP[uni]> Can someone hint me how to use ISCSI on a Gutsy amd64 machine?
<coNP[uni]> Okay. It was quite easy, thanks :)
<tepsipakki> the ServerPackageReview is on wiki.canonical.com.. is it going to be moved to wiki.u.c?
<ivoks> probably
<tepsipakki> ivoks: nice
<ivoks> it will be on wiki when session is over
<osmosis> what does  *** stack smashing detected *** mean ?
<mralphabet> osmosis: http://www.debian-administration.org/articles/408
<fujin_> SMASHING THE STACK
<fujin_> It's an exploitation technique.
<bsdunix> i am have question
<bsdunix> which apache does ubuntu-server LAMP install option use? apache or apache2? both are installed here!
<mralphabet> bsdunix: it should be apache2
<bsdunix> jaime@quixote:~$ ps aux | grep apache2
<bsdunix> jaime    17567  0.0  0.1   2828   752 pts/0    R+   15:24   0:00 grep apache2
<bsdunix> no
<bsdunix> not running now, at least
<bsdunix> it is upgrading now. i was asked to chose
<bsdunix> i chose apache
<bsdunix> :(
<mralphabet> what version of ubuntu?
<bsdunix> mralphabet: thanks
<bsdunix> umm 7.1, server... upgrading to 7.10
<mralphabet> there isn't 'really' a 7.1, there is 7.04 which is fiesty and 7.10 which is Gutsy
<bsdunix> not always running server kernel. most of the time, lately, my client's ecommerce has been outsourced
<bsdunix> fiesty
<bsdunix> fiesty-fawn, i think
<mralphabet> yes
<mralphabet> you can look at packages.ubuntu.com for what packages are available for what version, but fiesty should be installing apache 2 I thought
<bsdunix> this is a friend's ibm i talked him into getting. i come by now to see he's not upgraded the simplest thing
<bsdunix> just a dual proc ecc ram scsi raid intellistation zpro
<mralphabet> apache1 is available it looks like
<mralphabet> apache - versatile, high-performance HTTP server
<mralphabet> apache2 - Next generation, scalable, extendable web server
<bsdunix> okay. updater told me (when i clicked on "help" in updater) only apache supported by php
<mralphabet> updater?
<bsdunix> yes
<mralphabet> ah, you are running desktop?
<bsdunix> ya
<mralphabet> k
<mralphabet> apache2 runs fine with php
<bsdunix> he has been using it for LIMEWIRE!
<mralphabet> libapache2-mod-php5 - server-side, HTML-embedded scripting language (apache 2 module)
<mralphabet> . . . I've seen smarter uses of a linux box
<bsdunix> ha ha
<bsdunix> i like ubuntu. it was easy to jump in.
<bsdunix> i have yet to discover the one thing or another that ALL linux distro's just HAVE to mess up
<bsdunix> i left linux years ago after frustration with so many "standards"
<bsdunix> FreeBSD at the time seemed more sane
<bsdunix> haven't really spent too much time with ubuntu, myself though
<bsdunix> or kde. kde seems to have addressed their bloat and broken-ness
<mralphabet> or hardware has finally surpassed the kde bloatware ;)
<bsdunix> :). maybe both
<bsdunix> ah. now i see i'm actually using some ubuntu specific flavor of gdm
<bsdunix> dpkg is apparently doing the upgrade for me now
<bsdunix> okay. i see this is gonna take some hours > it's upgrading openoffice
<bsdunix> talk about bloatware
<mralphabet> which is generally why people who do not like having the entire desktop system installed start with the server install disk and just install kde or gnome or whatever window manager on top of it if a window manager is required
<bsdunix> it would have been nice, but this system has a bit of a task switching history. it is now a desktop - use thingy
<bsdunix> i shine around often to work on a copy of the website
 * mralphabet shrugs
<bsdunix> hoping to someday settle back into it's original task of webserver
<bsdunix> the experience has convinced us of how quick and robust ubuntu can be under even the most diverse scenarios
<bsdunix> easy, too
<fysafysa> ve
<fysafysa> Is kernel.shmmax compiled into the kernel in LTS?
<fysafysa> Having problems raising the shm size for eAccelerator above 32M
<Fryguy--> hi guys, I'm running ubuntu server and noticed today my cpu spiking through the roof because of udevd.  I haven't changed anything that would cause this to happen.  searching around, the cause seems to possibly be related to evms, which I'm using for software raid, and have been, for months, without any issues.  What can I do to make udevd behave normally and without hogging cpu again?
<fysafysa> root@dries:/var/local/eaccelerator# sysctl kernel | grep shmmax
<fysafysa> kernel.shmmax = 67108864
<zul> fysafysa: check the man page for sysctl
<fysafysa> was able to raise it there and added it to sysctl.conf ..
<fysafysa> is there something I need to reload/sighup to have this take effect?
<zul> i think you might have to reload your network scripts
<fysafysa> aha
<fysafysa> had to sysctl -w instead of echo > ..
<fysafysa> thanks.
#ubuntu-server 2007-10-31
<PyroSama> Hey I just installed ubuntu server on a computer and didnt configure the networking on it
<PyroSama> And I'm clueless how to do it
<PyroSama> Where is the configuration file that I need to modify?
<fujin_> vi /etc/network/interfaces
<fujin_> man 5 interfaces iirc
<fujin_> there should be a little header at the top of the file which tells you the manpage
<PyroSama> Thank you :)
<fujin_> but generally,
<fujin_> auto <interface>
<fujin_> iface <interface> inet static
<fujin_> address <address>
<fujin_> netmask <netmask>
<fujin_> gateway <gateway>
<fujin_> should suffice for a static configuration
<PyroSama> Ok :)
<MrProper_> afternoon all
<chowmeined> Will the sparc version of ubuntu server run on something as old as an ultrasparc IIi?
<kgoetz> if its 64 bit (which iirc it is) you migh be lucky
<kgoetz> but i wouldnt count on it
<chowmeined> yea it is 64bit
<chowmeined> ok, im running debian sparc on it now
<chowmeined> i guess ill stick with that
<kgoetz> not sure how different ubuntu+debian sparc is
<kgoetz> chowmeined: what is the server in question? a sunblade? (asking from intrest)
<chowmeined> an ultra 10
<chowmeined> its more of a workstation.. but i use it as a server
<kgoetz> nice. i dont have any 10's. got a 5 running
<chowmeined> its kind of slow but im the only one who uses it and its very stable
<kgoetz> wish i had a sparc running as my workstation, but the only likely candidate is in my rack waiting to be used as a buildd
<chowmeined> oh, i dont use it as my workstation, i just meant the model was designed as a workstation, it has some special 3d card in it
<kgoetz> yeah. same deal with me, but the fancy cards are in the ultra5's not the fast systems :( (all my sparces were made as workstations)
<kgoetz> hi all. http://pastebin.ca/756106 these instructions tell me to edit master.cf for adding dspam into postfix. anyone know a way that doesnt involve master.cf ?main instead?)
<kraut> moin
<zul> ls
<AnRkey> what early warning systems work well with ubuntu? I need something to warn me when services go down
<heatxsink> what should I be googling for when looking for information on extending the installation of ubuntu on boxes?  I have to a tedious roll out, and I was wondering if there was a way of extending the current ubuntu installation
<Kamping_Kaiser> 'extending'?
<heatxsink> essentially I'd like to add a number of users by default, make a few config tweaks on a LAMP server setup and go
<heatxsink> minimize prompting
<Kamping_Kaiser> is all the hardware the same?
<heatxsink> i mean I could bash script the whole thitng
<heatxsink> ya
<heatxsink> all of the hardware is identical
<Kamping_Kaiser> look at mondo
<heatxsink> coool will do
<heatxsink> so I just image the configuration?
<Kamping_Kaiser> you make the system once, then image it multiple times. all systms are *exactly* the same
<ivoks> or FAI
<ivoks> or do your own install CD with custom preseeding
<Kamping_Kaiser> yeah. or preseed.
<Kamping_Kaiser> FAI or preseeding is pretty full on though
<spiekey> hi
<spiekey> whats steps do i need get a normal ubuntu-desktop (as in 7.10) when i currently have a 6-06 server whithout X
<spiekey> upgrade to 7.10 server and then install gnome?
<Kamping_Kaiser> hm. easier to backup and start again imo
<spiekey> hehe, okay :)
<Kamping_Kaiser> you would have to go 6.06 -> 6.10 -> 7.04 -> 7.10 -> install ubuntu-desktop  -> remove extra server packages
<spiekey> ok, that sucks :)
<Kamping_Kaiser> pretty much, but its the only way for Canonical to sanely support upgrades
<zul> if they are the same hard drives you could just dd them
<spiekey> i should be able to install ubuntu-7.10-dvd-i386.iso on a AMD XP machine, right?
<oly-> spiekey, yes that should be fine thats what i use
<varek> how can i disable conntrack ?
<spiekey> how do you enable root login for gnome?
<spiekey> by a command line way if possible
<avatar_> sudo passwd root
<AnRkey> spiekey, you wanna login to gnome with root?
<spiekey> AnRkey: yes
<AnRkey> just remember anything you open will just run
<AnRkey> normally logging in to a gnome with root is not a good idea
<AnRkey> i would suggest using gksudo for the apps you want to run as root
<spiekey> i do understand, but the areca software has problems with that
<_ruben> X as root .. yuck
<_ruben> X on server .. yuck
<_ruben> X as root on server .. damn scary
<spiekey> this is only for backup recover reasons
<spiekey> mabe i will never need it, but i still need to document the way how a recover works
<XiXaQ> _ruben, why is x on server yuck?
<spiekey> XiXaQ: well, whats the point?
<spiekey> why would you ever need X for server services?
<XiXaQ> for a terminal server, for instance?
<spiekey> ok, that would make sense ;)
<XiXaQ> using either xrdp or nx. Is there any reason not to run x on a server in that case?
<XiXaQ> because I do that; first I install ubuntu server, with lamp, mailserver and ssh server, then install ubuntu-desktop and nx. Is there any reason not to do so?
<spiekey> i dont know a reason why i need X for LAMP
<spiekey> ssh is all i need.
<XiXaQ> yes, but I need to have both a terminal server and a lamp/mail server. The question is wether or not I need to separate them into different VMs or not.
<spiekey> well, i would seperate it since users work on a terminal server..i would be scared because of local exploits and local services misconfiguration
<_ruben> indeed
<_ruben> the X protocol isnt one of the most secure ones
<_ruben> but i'd indeed seperate the terminal server from the lamp/mail server .. and i even prefer seperate lamp and mail servers
<oly-> doesnt nx encrypt the x connection using ssh if you use that, should make it a lot more secure ?
<XiXaQ> but this is just for a couple of users. It seems like a waste to separate them like that.
<XiXaQ> oly-, it does.
<oly-> so the X protocol not being that secure is not so much an issue if you use nx for the connections
<XiXaQ> spiekey, do you mean that users could run the exploits accidentally?
<XiXaQ> an unprivileged user could gain access to lamp or mail features?
<_ruben> accidentally or on purpose, does that really make a difference?
<XiXaQ> well, if they have to do it on purpose, then it's not a problem.
<PyroSama> How do I add a network device to my server?
<sommer> PyroSama: do you mean a network card?
<PyroSama> Yes
<sommer> PyroSama: it should be auto detected you can configure it in /etc/network/interfaces
<PyroSama> It doesnt show up under ifconfig and I have it configured in interfaces
<PyroSama> When I restart networking it tells me there is no eth0
<sommer> is it listed if you do a dmesg | grep -i net ?
<PyroSama> Let me check
<PyroSama> Yes it does.
<sommer> PyroSama: do you have the nic's module loaded?
<sommer> you might also see if you have any dhcp client processes running, if so try stopping them and restart networking.
<PyroSama> How do I know if I have the nic's module loaded?
<PyroSama> And how do I see if I have any dhcp client proccesses running?
<sommer> to check dhcp do ps -ef | grep dhcp
<PyroSama> k
<sommer> what model of nic is it?  you should be able to google to find out which driver module your card uses then do an lsmod and see if it's listed.
<PyroSama> Above command returned root 'string of numbers' tty1 then something about grep dhcp
<PyroSama> Not sure of the model
<sommer> you should be good about dhcp then... the model should be on the card, or at least the manufacturer
<PyroSama> Integrated into the board and no chips near the port bear any names that are known for producing ethernet chip sets.
<sommer> ah... I thought you were adding a secondary nic or something.  Do lspci | grep -i net to see the info about your nic.
<PyroSama> Sis 900
<PyroSama> Na this system is an os I installed on one computer then moved the hdd to another.
<PyroSama> The system its in now has no cdrom or ability to add one nor will it boot to usb so I installed on one system and moved it over
<PyroSama> So now I have to get drivers working ><
<sommer> PyroSama: I think the module is named sis900 so you might try lsmod | grep -i sis and see what you get.
<sommer> if it doesn't return anything try modprobe sis900
<PyroSama> Ok
<PyroSama> lsmod brings up info about sis630 and sis900
<PyroSama> modprobe displays nothing and just drops me to the next line
<sommer> that's expected
<sommer> try sudo ifup eth0
<PyroSama> So it seems that the chipset is an sis900
<PyroSama> Ok 1 sec
<PyroSama> error about device not existing
<sommer> any errors if you do dmesg?
<PyroSama> ifup eth0 | dmesg?
<mralphabet> just a dmesg
<sommer> no... just do "dmesg" by itself to check the last output.
<PyroSama> floppy0 errors :P
<sommer> mmmMMM... I'm running out of ideas, try rebooting maybe?
<PyroSama> Should modprobe have installed the driver or something?
<PyroSama> From what it looks like it doesnt have the device associated with eth0
<sommer> modprobe should load the driver into memory... after doing that I believe you should see something at the end of dmesg about the new hardware
<sommer> you're sure the nic is enabled in BIOS?  and the hardware is working fine?
<PyroSama> Not 100%
<PyroSama> This is a modified laptop motherboard that could have suffered damage through its life
<sommer> ah... you might try adding another nic if you can.
<PyroSama> No pci no pcmcia
<PyroSama> USB though
<sommer> you can get USB nics that will work with Linux for a resonable amount.
<PyroSama> sommer: when I dmesg | grep eth0 it shows sis900 after a reboot
<PyroSama> However there still seems to be an issue with eth0
<ivoks_> there's no good sis network card
<PyroSama> It's what I'm suck with unfortuantely
<PyroSama> Shouldnt eth0 show up under ifconfig?
<mralphabet> do cat /etc/network/interfaces
<soren> PyroSama: ifconfig by default only shows configured interfaces.
<ivoks_> soren: well... :)
<soren> er... Interfaces marked as UP, anyway.
<soren> Which - in the good old days - was almost the same.
<ivoks_> but in better days... :D
<PyroSama> cat interfaces showes the contents of interfaces
<ivoks_> really?!
<PyroSama> Has my static config for eth0
<PyroSama> Yeah
<ivoks_> hm... how come...
<PyroSama> Character for character dump of it
<PyroSama> Dunno
<PyroSama> I'm clueless in all of this ><
<soren> That's kind of what cat does.
<ivoks_> what does 'man cat' do?
<PyroSama> Let me check
<PyroSama> Brings up the manual for cat
<ivoks_> suggestion: when someone tells you to do some command
<ivoks_> if you don't know what it does, check with manual
<ivoks_> don't just copy paste... it could get you in trouble...
<PyroSama> ivoks_ try dd if=/dev/zero of=/dev/hda
<ivoks_> now... we are interested in output of 'cat /etc/network/interfaces'
<ivoks_> PyroSama: you mean like this:
<PyroSama> It output the contents of interfaces
<PyroSama> auto eth0
<PyroSama> iface eth0 inet static
<PyroSama> address 192.168.1.210
<PyroSama> netmask 255.255.255.0
<PyroSama> broadcast 192.168.1.255
<PyroSama> network 192.168.1.0
<ivoks_> looks ok
<ivoks_> unmute
<oly-> no gateway ?
<PyroSama> Gate way is set aswell
<PyroSama> But that doesnt really matter when there is no device configured at eth0
<PyroSama> Is there something I have to do to tell something that sis900 is eth0?
<PyroSama> How do I tell it to use address assigned by a dhcp server?
<ivoks> dhclient eth0
<tepsipakki> hmm, seems to be a lot going on about puppet
<tepsipakki> it was evaluated at HUT and turned down because it was pretty similar to cfengine. They both have a syntax language of their own to do things
<tepsipakki> instead, we improved the in-house applications to also do pull operations
<Kamping_Kaiser> its a cfengine replacement, so i'm not supprised it works the same ;)
<tepsipakki> yeah :)
<tepsipakki> our solution uses a patched rsync (all but one in included in 3.0.0pre) over ssh
<tepsipakki> and it has pretty powerful inheritance support etc
<fujin_> cfengine is shit compared to puppet
<fujin_> ;]
<tepsipakki> I'd love to demonstrate it if someone is interested
<tepsipakki> one other tool is the metadata-database, currently called "lkprop"
<Kamping_Kaiser> fujin_, in what way
<fujin_> every single way you could think of
 * Kamping_Kaiser has used cfengine (its a hardcore learning curve), and heard lots about puppet
<fujin_> actually, how about I throw you the curve ball
<fujin_> wait on
<fujin_> how about
<fujin_> native resource bastraction type identifiers.
<fujin_> That'll do it.
<tepsipakki> which is where every data comes from. It's the only place we put host or other data in, everything else is generated from that data
<fujin_> s/babstraction/abstraction/
<tepsipakki> we have 557 hosts hooked up, seven different architectures
<Kamping_Kaiser> pc+unix?
<tepsipakki> well, unix+linux
<fujin_> you're doing it wrong! :D
<tepsipakki> some windows as well, but most of them are in their beloved AD
<tepsipakki> when a new workstation comes in, you only need o add the mac-address, hostname and group it belongs to
<fujin_> wow, that's lots
<fujin_> I have a defautl class which does my hackery
<fujin_> and all it requires is apt-get install puppet
<Kamping_Kaiser> tepsipakki, is this a configuratino tool, or a domain controller?
<fujin_> at a later point you can tell the puppetmaster which classes to include on that node, a specific firewall, a resource/server configuration
<tepsipakki> then in a few minutes that data has been spread out everywhere, and after netbooting the installer you just need to wait 30min and you have a machine up and running
<tepsipakki> Kamping_Kaiser: well, the configuration is elsewhere, but that's where the inheritance patterns really shine
<tepsipakki> like, there's a hierarchy that has hostdep, and hostgroup directories
<fujin_> sounds terribly tedious
<tepsipakki> hostdep has all the hosts, and the configurations that they only have
<tepsipakki> it isn't :)
<fujin_> http://rafb.net/p/UoSVHT48.html
<tepsipakki> hostgroup has stuff like all/all which goes to every host, and ubuntu/workstation which is synced to all ubuntu workstations, obviously
<tepsipakki> fujin_: yes, and is it fun to maintain such rules?
<fujin_> there's no maintaining done :)
<tepsipakki> or write
<fujin_> if by maintaining you mean adding new functionality
<fujin_> then yes
<fujin_> well then
<fujin_> yes, it's much more fun than writing ridiculous cfengine configs
<tepsipakki> sure
<tepsipakki> but why write those at first place :)
<fujin_> because they do what I want?
<fujin_> would you propose I wrote a bash script to manage all of my systems?
<tepsipakki> no
<fujin_> spent countless hours desigining a system which is hard to learn that no one else will ever be interested in?
<tepsipakki> I'm just trying to show the differences, poorly I guess :)
<fujin_> aye, indeed
<tepsipakki> heh
<fujin_> so, you use cfengine and rsync
<fujin_> ?
<tepsipakki> no cfengine
<tepsipakki> rsync yes
<tepsipakki> but the system is called rfist :)
<tepsipakki> (yes, the guy who wrote it has a strange sense of humor)
<fujin_> it's purely rsync?
<tepsipakki> well yes, but the inheritance patterns are what makes it cool
<tepsipakki> oh, and those files aren't synced on top of old ones, instead in /alt/root
<tepsipakki> then there is another tool on the host that actually commits the changes, and backs up the old ones
<fujin_> so, it's modified rsync?
<fujin_> that's just dirty, I can't believe you're promoting it as a good thing
<fujin_> if I inherited that solution, it'd be up there in my top 5 things of things to change
<tepsipakki> fujin_: as I said, all but one patch is already in rsync-3.0.0pre1-> and the last patch is still in consideration
<tepsipakki> under
<tepsipakki> and available in patches/
<tepsipakki> support for '--omit-dir-changes'
<tepsipakki> I understand your concern about it, and that's why those are actively being pushed upstream
<fujin_> so what do you have to do to prepare a box
<tepsipakki> the most simple ones only have to have the hostname, architecture (like @ubuntu7, here it's actually 7.04), ip- and mac-address
<tepsipakki> those are for classroom workstations, for example (we have ~200 of those)
<tepsipakki> and updating those to a newer version only means changing the arch
<tepsipakki> of course the real job is done elsewhere
<tepsipakki> I mean when preparing a new release
<tepsipakki> fujin_: http://pastebin.com/d1d64fc80
<tepsipakki> that's what my workstation data looks like
<tepsipakki> first is the actual data on the "database" (yes, it's a flat-text file)
<tepsipakki> and the rest shows all the data, inherited or not
<fujin_> so you install what on a client
<fujin_> I assume you're doing initial provisioning with ghost, or similar
<tepsipakki> no, debian-installer
<fujin_> I see
<fujin_> haven't played with that
<fujin_> we're using generic server cd's and just apt-get installing puppet after
<fujin_> the next step would be to either use d-i or make our own cd's
<tepsipakki> there is a script that builds a tarball of the most critical tools and a preliminary version of the data which would be rfisted in place
<tepsipakki> and that tarball is then extracted at a certain point. there is a udeb which has a script and some hooks to various parts of the installation
<tepsipakki> fujin_: are you attending UDS?
<fujin_> What's UDS?
<tepsipakki> heh, I take that as a no :)
<tepsipakki> Ubuntu Development Summit
<fujin_> no, I don't believe so.
<fujin_> I'm in new zealand
<tepsipakki> ok, in that case stay put and wait for a public release ;)
<tepsipakki> but if what you have now works for you..
<tepsipakki> ok, shower time ->
<ajmitch> NZ isn't that far from boston :)
<Kamping_Kaiser> resizing roots space on a drive while the partition is online is a  Real Bad Idea, correct?
 * Kamping_Kaiser wants to reclaim some of the 10gb on /home/ for users (read: me)
<Kamping_Kaiser> afk
<close2__> hello, i would like to create a password-protected 7z file
<fujin_> lol
<fujin_> and what does this have to do with ubuntu servers?
<close2__> sorry didn't finish
<fujin_> did man p7zip not answer your question?
<close2__> if i try: 7zr a dummy.7z -p /data/system/
<close2__> i get an E_FAIL error
<close2__> an strace shows, that 7zr tries to readlink/open  a lot of files (INF, TXT, ex_....) but finally gives up
<close2__> creating normal 7z files work
<fujin_> That's because you're doing it wrong
<close2__> ..
<fujin_> 7z a -pPASSWORD archive.7z file
<close2__> same error
<close2__> no wait
<fujin_> I just did it, it works
<close2__> same error
<close2__> i have ubuntu-server gg
<close2__> i had this working with ubuntu-server ff
<fujin_> heh
<fujin_> I doubt it's a problem with 7z
<close2__> what ubuntu-server version do you have?
<fujin_> multiple
<fujin_> edgy and feisty mostly
<fujin_> I don't plan on running gutsy for some time
<fujin_> what version of 7zip is in gg?
<close2__> 4.51 beta
<fujin_> might be that then
<fujin_> I just did it with a folder
<fujin_> 7z a -pTEST /var/www
<fujin_> 7z a -pTEST www.7z /var/www
<fujin_> rather
<close2__> FYI: the strace is available on: http://christian.delta64.com/strace
<fujin_> what's 7zr?
<close2__> the 7z executable (it's apparently the 7z only version), but I tried p7zip-full as well
<fujin_> no, it's 7z
<fujin_> although i can see 7zr aswell
<fujin_> I don't know what it is ;)
<close2__> from man 7zr:  7zr is a stand-alone executable. 7zr handles less archive formats  than 7z,  but does not need any others.
<close2__> i will ask in #ubuntu, if the "normal" version really has a broken 7z and file a bug if necessary
<fujin_> using a beta, complaining about bugs
<fujin_> soudns awesome
<close2__> well, I just did aptitude install 7z with the standard repositories
<close2__> i will file a bug for ubuntu-server as well
<fujin_> cool
<fujin_> feisty doesn't appear to be affected, nor edgy
<fujin_> mm, life on the bleeding edge. I'm glad I have a test cycle, *and* that I don't use 7z.
<close2__> gutsy fixed some serious bugs (kernel panics...)
<close2__> and I would appreciate any ideas on how to password protect an archive which needs to be readable on a windows machine.
<close2__> for daus
<fujin_> good luck on that
<fujin_> use GPG?
<close2__> are there gui-interface for windows?
<close2__> seems easier
#ubuntu-server 2007-11-01
<levander> Where is the default runlevel specified?  I have no /etc/inittab on this Gutsy box.  Did they do away with /etc/inittab?
<kraut> moin
<Kamping_Kaiser> hi
<_ruben> g'day
<lousygarua> sorry n00b, how do i compare strings in bash? if [ $1=='something' ]
<soren> if [ "$1" = 'foobar' ]; then echo \$1 is foobar; fi
<soren> man test
<lousygarua> soren, yeah thanks i got it
<^robertj> where is setup done for the perc5i raid controller? mine was supposed to come factory configured w/ a 5-disk raid 5 but it didn't
<^robertj> lvm is only for configuring software raid?
<avatar_> lvm is different from software raid
<avatar_> md / mdadm is for configuring software raid
<^robertj> avatar_: the tutorials say you add devices to the md set by referencing /dev/sda1 /dev/sdb2 etc, but that doesn't seem to make sense for hardware raid
<avatar_> hardware is configure in the bios of the raid controller
<^robertj> avatar: is that accessible through the motherboard's bios then or by some custom util?
<avatar_> bios of the raid controller
<avatar_> most time accesible at boot time
<^robertj> ahh
<avatar_> by hitting ctrl-m
<^robertj> ill go reboot and watch carefully
<^robertj> back to the wind-tunnel
<avatar_> or another keystroke
<^robertj> avatar_ ahh, there is a "Tools" Menu that gives you the option to do Ctl+r to set it up, after that it seems easy enough
<^robertj> The only RAID i've done before has been on macs where there are vendor-specific vendor-utilities for doing that stuff
<mralphabet> ^robertj: hardware raid is 99% of the time configured at the bios level in pc architecture
<mralphabet> ^robertj: software raid would be configured in the OS
<avatar_> perc5 with raid5?
<avatar_> last week i heard some people complaining about performance with raid5/perc5
<^robertj> avatar_: I'll let you know how it turns out
<^robertj> hrmm, does it normally take 20 minutes to create a 3TB ext3 fs?
<donspaulding> can anyone tell me why my script, linked into /etc/cron.daily/ doesn't run?  both the script and the link have read+execute perms.
<mralphabet> donspaulding: do you have #!/bin/sh at the top of it?
<donspaulding> yes
<donspaulding> because I'd run into that before :-)  but this time I'm stumped
 * mralphabet dunno's
<donspaulding> does anacron log to /var/log/syslog?
<^robertj> hrmm, any reason that grub shouldn't install to the mbr of a hardware raid device?
<sommer> donspaulding: if you do grep -i cron /var/log/sylog is there any entries about your script?
<mralphabet> hardware raid has an mbr?
<^robertj> mralphabet: i figured it pretended to have one
<donspaulding> sommer: looking right now
<donspaulding> syslog is big on this box
<^robertj> mralphabet: do you just install it to your /dev/md0 device?
<mralphabet> md0 is software raid
<^robertj> err your right
<mralphabet> in my storage server I have 2x80 that I use mdadm on to mirror the OS
<mralphabet> I try not to have the OS and the storage array be the same thing
<^robertj> mralphabet: should entering /dev/sda1 as the path for grub install make it happy supposing that / really does live on sda1?
<mralphabet> ^robertj: let me check my grub conf
<^robertj> thats the kind of path it seems to suggest in the installer but its just throwing a generic kinda of no message, and I was wondering if i was doing something wrong agian or if it was time to dig to find out what the problem is
<mralphabet> ^robertj: what media are you using to install? 7.10 server?
<mralphabet> ^robertj: but yes, that should be it
<^robertj> mralphabet: yeah 7.10 server
<^robertj> fdisk -l lists it as /dev/sda1 with /dev/sda2 being swap, which is how autop-config did it
<mralphabet> yeah
<^robertj> the files in /var/log/ don't seem to be of much help and running grub-installer -no-floppy "/dev/sda1" just gives me a blue screen and hten dumps me silently to prompt
<mralphabet> the installer should be doing this for you
<mralphabet> did you quit out of it?
<^robertj> no
<^robertj> its still running in another vtty
<^robertj> but it just said it had a fatal error
<mralphabet> ahh
<mralphabet> gotcha
<donspaulding> sommer: thanks for the help, it appears cron hasn't been running at all for the last 2 weeks.  Ouch.
<donspaulding> sommer: make that hasn't been running for one week.  This is what did it, does it look familiar?
<donspaulding> Oct 24 11:43:35 mta1 kernel: [1969908.736966] cron invoked oom-killer: gfp_mask=0x201d2, order=0, oomkilladj=0
<donspaulding> Oct 24 11:43:35 mta1 kernel: [1969908.746049] No available memory (MPOL_BIND): kill process 4135 (cron) score 0 or a child
<donspaulding> Oct 24 11:43:35 mta1 kernel: [1969908.746109] Killed process 4135 (cron)
<^robertj> mralphabet: so err, boot from cd and choose boot first partition, then try to install grub by hand?
<donspaulding> hmmm... looks like the system was out of memory and cron was determined to be a good candidate for killing
<ScottK> Yep
<donspaulding> I love linux
<donspaulding>  * 5) we try to kill the process the user expects us to kill, this
<donspaulding>  *    algorithm has been meticulously tuned to meet the principle
<donspaulding>  *    of least surprise ... (be careful when you change it)
<donspaulding>  */
<^robertj> /boot/grub/stage1 not read correctly
<Fabio_Como> hello, i had setup proftpd.. the system user "testuser" can connect by ftp and it's chrootet in his ~, the problem is that files he uploads get his permissions.. but i need that file should have the www-data user, so that apache can handle them correctly
<sommer> Fabio_Como: You can change which user the proftpd process runs as with the User and Group config items
<sommer> that may work for you, but you may need to change the permissions of the ftproot
<Fabio_Como> i mean
<Fabio_Como> that the files written trough ftp session should be www-data:www-data
<Fabio_Como> and not username:usergroup
<sommer> Fabio_Como: you might look into the umask config then.
<Fabio_Como> k thanks
<Fabio_Como> it seems umask can only set rwx permissions
<Fabio_Como> and not chown/chgrp
<sommer> Fabio_Como: try GroupOwner
<sommer> and Umask
<Fabio_Como> however i think that i shuld detach from system-user
<Fabio_Como> and create specific ftp users
<Fabio_Como> so i can associate them to the system www-data user
<Fabio_Como> docs: Note that GroupOwner cannot be used to override the host OS/file system user/group paradigm.
<sommer> anyone at or listening to the UDS identity-management session?
<sommer> just wondering who is the guy doing the most talking?
<zul> dendrobates isnt it?
<dendrobates> it's Jerry Carter
<dendrobates> he wrote the OReilly samba book
<dendrobates> But I am talking as well.
<zul> cool
<sommer> dendrobates: thanks, I was wondering about the book part.
<sommer> ah... no sound ?
<mathiaz> sommer: finished now.
<dendrobates> yes
<sommer> ah... thanks
<ScottK> mathiaz: Hello.  I didn't get a chance to say hello the short time I was there, but I at least know what you look like now.
<mathiaz> ScottK: hi. It's good to put faces on nicknames :)
<ScottK> mathiaz: I can hear your accent (from my perspective) when I read what you type now too.
<mathiaz> sommer: do you plan to listen to the server-documentation session ?
<sommer> mathiaz: yep, but I don't have a mic so I won't be able to talk.
<sommer> the audio from the sessions has been really cool... thanks to everyone who enabled that.
<mathiaz> sommer: ok. I can rely if you want.
<mathiaz> sommer: relay
<mathiaz> sommer: I'll ping you when the session is about to start.
<sommer> mathiaz: cool thanks
<mathiaz> sommer: 4:15 PM EST
<mathiaz> sommer: session started
<sommer> mathiaz: sweet, I'm with ya
<ajmitch> a shame that I can't listen in from work
<robin1900> Hi All
<robin1900> Just wondering if someone could clear something up for me
<sommer> mathiaz: my suggestion is to build it in the Wiki
<sommer> mathiaz: then import part or all of the article into the Docbook guide.
<sommer> mathiaz: plus it can be updated quicker
<mralphabet> where are people listening from?
<sommer> mathiaz: and if we get the macro version spec
<sommer> mralphabet: I'm using the icecast link
<sommer> http://people.ubuntu.com/~scott/uds-boston-2007/2007-11-01/index.html
<sommer> mathiaz: you might bring up this spec: https://wiki.ubuntu.com/HelpWikiQualityAssurance
<sommer> mathiaz: nm I think you just did.
<mralphabet> sommer: thanks
<sommer> np
<sommer> mathiaz: if the doc starts in the Wiki you could implement some type of rating system
<sommer> mathiaz: there are moinmoin macros that enable ratings.
<mralphabet> developers don't like to read docs!? WHAT! ;)
<sommer> heh
<ajmitch> unpossible
<mralphabet> whoever is slamming doors needs to be kneecaped
<mralphabet> +p
<sommer> lol
<sommer> it's also a little harder to hear people that are farther away from the mic...heh
<sommer> need surround sound mics or something
<sommer> :)
<mralphabet> yeah
<ajmitch> makes it hard to hear when you're already in a noisy office :)
<sommer> mathiaz: do you have commit rights for docs?
<mathiaz> sommer: no
<sommer> mathiaz: okay, just wondering... all my patches have been commit by bhuzan :)
<sommer> mathiaz: I think the wiki docs can be "translated" to docbook by hand before the freeze... especially with more help from the teams.
<sommer> heh... emacs users under 30... that's funny
<ajmitch> sommer: hm?
<sommer> they were talking about it no me... don't shoot the messanger
<ajmitch> yeah, it's rather hard to follow the discussions
<sommer> it'd be cool to have video... then you could see who's talking, but probably take too much bandwidth
<ajmitch> I can recognise a few of the voices
 * ajmitch wouldn't have minded being able to listen to the web app framework discussion
<ajmitch> except that it was 3AM
<sommer> mathiaz: thanks for relaying, I appreciate it.
<mathiaz> sommer: np.
<sommer> ajmitch: heh... ya it's nice to be in the same tz as Boston
<ajmitch> hm, LDAP, a fairly important topic
<ajmitch> did sound just cut out for anyone else, or am I just unlucky?
<mralphabet> fixed
<kshah> if i'd like to secure a portion of my webroot directory, what are my options beyond a .htaccess file? is ssl overkill?
<kshah> ubuntu 7 server / apache2
#ubuntu-server 2007-11-02
<spiekey> hi
<spiekey> (vsftpd) how can i limit the numer ob anonymous connections to 10 and the local user connection to unlimited?
<spiekey> there is only a max_clients option on the man page :-(
<phaidros> how to find out which kernel scheduler is used on a running system?
<moldy> hi
<moldy> cups takes forever and a day to generate its ssl cert -- can i somehow access the admin pages over plain http, or speed up the cert generation?
 * jnc growls
<jnc> I reboot a Xen domU and the network interface increments
<jnc> i.e. eth0 on first boot, eth1 on reboot, eth2 on reboot...
<jnc> this is freaky
<mralphabet> jnc: that's strange
<jnc> a nice chap in ##xen seems to know what causes this
<jnc> 11:12 <@FuzzyB> random mac addies and persistant udev
<soren> jnc: Yeah, that's by design. Can't you assign static MAC's to the Xen instances?
<jnc> soren: that's what I'm doing now that I know about it :P
<jnc> now... postgresql doesn't start on the domU
<soren> Because of a static mac?
<jnc> no no, different issue I think
<jnc> I never had postgresql working before on the domU
<jnc> trying to get it going now
<soren> Ah, right.
 * soren goes to lunch
<jnc> caio
<jnc> err
 * jnc consults aspell
<jnc> ciao. I meant.
<osmosis> are there any good configuration directives for mod_python that will allow more simultaneous connections?
<pschulz01> Greetings.. anyone here at UDS?
<Burgundavia> yes, but we are in a general session right now
<Burgundavia> the wrapup
<Burgundavia> what is your question, pschulz01
<pschulz01> I'm looking at the gobby dos'c and was going to add some comments.
<pschulz01> Has it been a good week?
<pschulz01> Sound like it :-)
<pschulz01> souns
<pschulz01> sounds
<Burgundavia> yes, very much so
<Burgundavia> please add comments as needed, but make certain you interact with the spec drafter as well
<pschulz01> Burgundavia: How do I find out who that is?
<pschulz01> .. and are the pages titled the same as the wiki page (just checking).
#ubuntu-server 2007-11-03
<Centaur5> I have an LTSP client working perfectly and another LTSP box that doesn't boot into X and I can't login via console.  What would cause this?
<donspaulding> does ubuntu server include a local dns cache that is enabled by default?
<Kamping_Kaiser> Centaur5, different video cards?
<Centaur5> The Sis motherboard works the intel chipset machine doesn't
<kraut> moin
<Calin24> I just had to recompile to enable raid 5 on the server, and now apparmor needs to be rebuilt. Any suggestions where to look on how to do it?
<kolby> I have problems
<kolby> sometimes my server can be quickly accessed by public ip address.  Other times it's so slow it times out!  Why is this?
<kolby> when I use my local network IP or localhost it's fast no matter what
<somerville32> Do you have a router?
<kolby> yeah
<kolby> it's the router I use for DSL
<kolby> do you think it's a router problem?
<kolby> hello...?
<sommer> kolby: sounds like it's a router issue to me.
<kolby> sommer: thanks.
<stainer> Linus Torvalds doesn't wear glasses anymore not because he had laser eye surgery, but because he finally got his xorg.conf properly configured in his head.
<somerville32> Thanks for that stainer
<stainer> no problem, I thought it was funny as all get out
<stainer> anyone use fail2ban? is there a better option?
<kolby> stainer: I don't even know what that is
<stainer> fail2ban watches for connection attempts (ssh on mah box) and bans the ip of people who make a defined # of failed attempts
<stainer> I was getting hammered with dictionary attempts, mostly from China
<stainer> now they get blacklisted after 6 failed attempts
<stainer> no more 3-6 hour blocks of attempts in my auth.log
<stainer> kolby:you in kansas?
<kolby> what?  yeah
<kolby> I have issues with my router :(
<stainer> I am outside Wichita
<kolby> I'm in Dodge City
<kolby> it sucks here.  If you never come here you did yourself a favors.
<kolby> favor*
<stainer> hahaha
<stainer> I am not that knowledgeable about routers... I have a linksys 54G
<Calin24> I'm trying to enable raid45 patch in the default kernel (gutsy) but after recompile I loose restricted drivers, and apparmor ... is there a way to recompile without loosing them?
<stainer> http://www.howtoforge.com/kernel_compilation_ubuntu
#ubuntu-server 2007-11-04
<Kamping_Kaiser> if i want to contribute documentation to ubuntu-server, should i ask about it here or #ubuntu-doc?
<sommer> Kamping_Kaiser: I'd do both just to make sure
<Kamping_Kaiser> sommer, mm ok.
<sommer> Kamping_Kaiser: if you already have something ready you could always submit it to the doc ML
<Kamping_Kaiser> ok, well i'm expecting to be doing up some doco for the place i'm working for, and i was wondering who/how to try and simply expand what the server team already have
<Kamping_Kaiser> *who/how to ask,
<somerville32> Kamping_Kaiser, I think a lot of it is on the wiki
<Kamping_Kaiser> so i need to check whats on the wiki and thats a good start to answering the question?
<somerville32> Yup :)
<Kamping_Kaiser> i'll have to look :)
<osmosis_> everything looks proper, but my /var/www/munin directory is empty. Any ideas ?
<joerlend> something is using my harddisk alot. How can I find out what process it is?
<dworkin> what's the worst case scenario if i install egroupware 1.4 from debian-experimental repositories? (on gutsy)
<Kamping_Kaiser> you get to reinstall because dependancys break and files get overwritten?
<dworkin> hmm :(
<Kamping_Kaiser> why do you want it from debian-experimental?
<dworkin> because i can't get it from anywhere else. https://bugs.launchpad.net/ubuntu/+source/egroupware/+bug/151492
<ubotu> Launchpad bug 151492 in egroupware "new upstream version 1.4.002" [Undecided,New]
<Kamping_Kaiser> why do you need 1.4 not <whatevers shipped>?
<dworkin> Kamping_Kaiser: 1.2 which is included in gutsy doesn't like php5, postgresql, has bugs, etc. 1.4 solves all that + imap client in it finally works.
<Kamping_Kaiser> dworkin, download a tarball from egroupwares website?
<dworkin> Kamping_Kaiser: i'd install it manually if it were up to me, but i'm trying to make it easily maintainable so it needs to be installed from packages
<dworkin> it looks i've no other choice but do it manually though
<Kamping_Kaiser> dworkin, file for a backport. not sure you'll have much luck though
<dworkin> Kamping_Kaiser: comforting...
<Kamping_Kaiser> sorry :(
<Kamping_Kaiser> using experimental is as close to killing a box as i know about
<ivoks> soren: here?
<Centaur5> Is there a way to fix an LTSP client that won't load X or login via console?  It has an intel chipset.
#ubuntu-server 2008-10-27
<TANATHOS> where are you from
<TANATHOS> ?
<djdarkman> TANATHOS: Romania, why?
<TANATHOS> ca si eu is roman
<TANATHOS> da locuiesc in Anglia de o buna bucata de timp
<TANATHOS> :)
<TANATHOS> ma gandeam eu ca esti roman
<TANATHOS> auzi
<djdarkman> si fain acolo? :)
 * djdarkman goes to make a coffe as hard as h3ll
<ScottK> kirkland: You around?
<kirkland> ScottK: hi
<ScottK> kirkland: I've got a question for you.  Let me get the paste.
<kirkland> k
<ScottK> <Randomskk> hey everyone, I'm installing kubuntu 8.10 RC via the alt disk, setup partitioning manually with encrypted lvm, when it gets to "configuring apt sources" it then asks me to insert media ("please insert disk labeled: kubuntu 8.10 _Intrepid Ibex_...")
<ScottK>  <Randomskk> the disk is already in and it's been installing from it up to that point
<ScottK> [20:58] <Hobbsee> is that supposed to work?
<ScottK> kirkland: ^^?
<kirkland> ScottK: hmm, i've never installed kubuntu from the alternate installer
<ScottK> It should be the same as Ubuntu in terms of such capabilities
<kirkland> ScottK: yeah, i'd think so
<kirkland> ScottK: does this only happen with encrypted lvm?
<ScottK> kirkland: Would you be willing to go talk to the reporter?  He's in #ubuntu+1 right now.
<ScottK> kirkland: I'm just the middle man looking for an expert.
<kirkland> ScottK: watching a movie with the wife... i can spend a few minutes but not all night
<kirkland> ScottK: Rondomskk is the reported?
<ScottK> kirkland: Understand.  I'd appreciate it if you'd at least talk to the guy and help him file a good bug if nothing else.
<ScottK> Yes.
<ScottK> kirkland: Thanks.
<kirkland> np
<Wobert> what would ^@ mean in a faillog ?
<Dedi> how many do your firefox 3 needs resMEM? i have 209M displaying NO website oO
<Dedi> fc sry
<kraut> moin
<Logi_Khoo> hi, i have some prob installing e-box
<Logi_Khoo> followed the wiki, but still am not moving on
<soren> Logi_Khoo: Try in #eBox.
<Logi_Khoo> thanks soren
<nobse> hi
<uvirtbot> New bug: #286063 in openldap (main) "slapd package cannot be installed" [Undecided,New] https://launchpad.net/bugs/286063
<soren> Can't be installed? I don't like the sound of that..
<yann2> soren > how stable would you rate the kvm in your ppa? does the worst case scenario include "total VM breakdown, in a non recoverable state"?
<yann2> I've got some mission critical windows vms to create, facing a big dilemma :)
<soren> yann2: The on in the ubuntu-virt ppa?
<yann2> https://launchpad.net/~soren/+archive  kvm72 here
<yann2> so there is a ubuntu-virt ppa... :s
<soren> yann2: Yeah, that's the one you want. I don't recommend my personal one on anything even resembling production systems. I reserver the right to put completely random crack in there.
<soren> I'm much more well-behaved with the ubuntu-virt one :)
<yann2> both versions have the same name? are they still different?
<soren> yann2: Let me check.
<soren> yann2: I believe so, yes. I think uploading it to my personal repo was a blunder.
<yann2> soren > #ubuntu-virt :P
<mathiaz> dendrobates: have you seen bug 289470?
<uvirtbot> Launchpad bug 289470 in open-iscsi "open-iscsi user-space does not match kernel module version" [Undecided,New] https://launchpad.net/bugs/289470
<dendrobates> mathiaz: no
<mathiaz> dendrobates: seems that open-iscsi is borked in intrepid
<dendrobates> mathiaz: damn
<dendrobates> mathiaz: yep and just at the last minute.
<mathiaz> dendrobates: according to pete there have been a lot of changes in the intrepid kernel wrt to iscsi
<mathiaz> dendrobates: the user space part hasn't been updated since last may
<mathiaz> dendrobates: most of the kernel updates have been made in July - that would explain why things are breaking :/
<dendrobates> mathiaz: it worked a lot more recently than July.
<mathiaz> dendrobates: the last change in iscsi was made in september then
<mathiaz> dendrobates: in the kernel
<mathiaz> dendrobates: after some basic testing on iscsi I don't think we have a release critical bug 289470
<uvirtbot> Launchpad bug 289470 in open-iscsi "open-iscsi user-space does not match kernel module version" [Critical,Triaged] https://launchpad.net/bugs/289470
<mathiaz> dendrobates: iscsi is working - I was able to create an iscsi target, mount it in a client and create files on it
<dendrobates> mathiaz: so is the bug report invalid?
<mathiaz> dendrobates: no - it's valid
<mathiaz> dendrobates: display all active sessions and connections
<mathiaz> dendrobates: ^^ that doesn't work
<mathiaz> dendrobates: but open-iscsi is working.
<mathiaz> dendrobates: in the sense that we can mount an iscsi block device and files can be created.
<dendrobates> mathiaz: ok, sounds like an sru candidate after release.
<mathiaz> dendrobates: agreed.
<mathiaz> dendrobates: I've dropped the importance to high and targeted intrepid-updates.
<soren> re bug 286063
<uvirtbot> Launchpad bug 286063 in openldap "slapd package cannot be installed" [Medium,Incomplete] https://launchpad.net/bugs/286063
<soren> mathiaz: ^
<soren> I'm not sure I grok your last comment. /bin/sh is meant to point to dash.
<mathiaz> soren: right - the error message only happens if /bin/sh point to bash
<soren> The bug seems valid enough to me. Looking at slapd.config, it does indeed try to declare a variable local in the global scope => nonsense.
<mathiaz> soren: correct. That's a bug.
<mathiaz> soren: However it doesn't fail if /bin/sh is dash
<Deeps> why point to /bin/sh at all? why not update scripts to point to directly to /bin/dash?
<soren> Deeps: why on earth would we do that?
<Deeps> instead of relying on symlinks that could easily be changed based on the admin's preference
<Deeps> i for one prefer /bin/sh to point to bash, rather than dash, for a number of scripts i have on various systems all point to /bin/sh which in turn points to bash
<mathiaz> soren: I agree that this is a bug in the config script. The question is whether this release critical
<Deeps> i doubt i'm alone in that
<Deeps> tell me why i'm wrong? :D
<soren> Deeps: You're doing it wrong.
<mathiaz> soren: the question is whether this is release critical or can be adressed in the a SRU.
<soren> Deeps: If your script depends on a specific implementation of the bourne shell, you shouldn't use #!/bin/sh
<Deeps> good point
<Deeps> i'll get my hat
<soren> mathiaz: You're right that it only happens with bash. Definitely an SRU thing, then.
<soren> mathiaz: Strange. I don't think I know of other quirks where bash is more picky than dash :)
<philsf> is there a howto on how to use ecryptfs with gnome-keyring instead of pam? this would be useful for a mount "on demand" I'd like to implement for my laptop (hardy)
<philsf> kirkland: ping? ^^
<soren> philsf: He won't be around until a few hours from now, probably.
<philsf> soren: k, thanks
<philsf> I'll try in the afternoon (which in my locale will be in about 5h)
<carbon_monoxide> Hello all!
<TANATHOS> hi
<carbon_monoxide> I'm not an advance Linux server administrator. I have configure my iptables "Filter" with : sudo iptables -A INPUT -p tcp -s 0/0 -d 0/0 --dport 22 -j ACCEPT
<carbon_monoxide> after i applied this configuration. it took me very long time to have SSH logon
<TANATHOS> !question | carbon_monoxide
<ubottu> carbon_monoxide: Please don't ask to ask a question, ask the question (all on ONE line, so others can read and follow it easily). If anyone knows the answer they will most likely answer. :-)
<carbon_monoxide> TANATHOS: understood
<TANATHOS> so, what's the question
<carbon_monoxide> i want to know any reason would cause SSH logon taking longer when i configure the default policy of iptables INPUT to "DROP"
<soren> carbon_monoxide: Is that all you've done? No default policy set or anything?
<soren> carbon_monoxide: Because reverse dns lookups are failing.
<_ruben> or any dns lookups for that matter
<Deeps> default policy drop without any inbound state rules would do that
<carbon_monoxide> Hi soren. yes, i have only configure the default policy to DROP for INPUT
<TANATHOS> carbon_monoxide: if that is all that you have done, then your server only accepts connection to port 22
<soren> carbon_monoxide: Right. That will make dns queries fail.
<TANATHOS> carbon_monoxide: what are you trying  to do ?
<carbon_monoxide> TANOTHOS: i'm trying to make my machine shadowed
<carbon_monoxide> TANOTHOS: cloak, I meant
<Deeps> -I INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
<Deeps> iirc
<TANATHOS> carbon_monoxide: please use Tab autocomplete as I have highlight enabled when someone says my name
<TANATHOS> and that is not my name
<Deeps> lol hey tanothos :)
<TANATHOS> hey
<Deeps> sounds like he's wanting a stateful firewall, with particular inbound services allowed
<carbon_monoxide> TANATHOS: sorry =[ i'm new and rare to IRC. sorry for my manner
<TANATHOS> no problem
<TANATHOS> carbon_monoxide: you wanna cloack your machine ? as in only few ports opened?
<carbon_monoxide> actually i'm using xchat in windows Vista cause OpenSUSE 11 doesn't support my wireless adapter and i'm too lazy to deal with ndiswrapper
<TANATHOS> sorry?
<carbon_monoxide> TANATHOS: yes, it will only serve several services
<TANATHOS> carbon_monoxide: you are making me dizzy
<TANATHOS> :)))
<carbon_monoxide> how to use tab autocomplete?
<Deeps> carbon_monoxide: type the first few letters and press tab
<TANATHOS> carbon_monoxide: then install your services and open those ports
<Deeps> carbon_monoxide: and if you look up at the iptables rule i provided, it should resolve your slow ssh login issue
<TANATHOS> but I still didn;t get your question
<TANATHOS> oh that one
<carbon_monoxide> TANATHOS: yea i know my bad english and poor communication skills
<TANATHOS> !iptables
<ubottu> Ubuntu, like any other linux distribution, has firewall capabilities built-in. The firewall is managed using the 'iptables' command (see https://help.ubuntu.com/community/IptablesHowTo), or GUI applications such as Firestarter (Gnome) or Guarddog (KDE).
<Deeps> carbon_monoxide: the problem being that you're not allowing any inbound access except on port 22, DNS queries use arbitrary ports, and unless you allow for inbound traffic on connections you've made already (i.e. by checking the state on the connection), the result of the DNS query cant get through
<carbon_monoxide> Deeps. thanks! that is same as the shell!
<TANATHOS> carbon_monoxide: where are you from?
<carbon_monoxide> TANATHOS: china, hong kong
<Deeps> carbon_monoxide: what part of hong kong?
<Deeps> carbon_monoxide: my family live in midlevels
<Deeps> carbon_monoxide: about 5 mins from admiralty, near the city centre
<carbon_monoxide> Deeps: hong kong is not big =] Kowloon, Mongkok
<Deeps> nice
<soren> carbon_monoxide: Are you running Hardy or later?
<Deeps> there's a great cheung fun place in mong kok my uncle took me to, near the mobile phone mall
<carbon_monoxide> soren: i'm running 8.04
<soren> carbon_monoxide: You should look at ufw. It does all you want.
<Deeps> need to go back soon!
<carbon_monoxide> Deeps: Mong Kok is a mess =D
<carbon_monoxide> soren: thanks! i'm googling it
<Deeps> carbon_monoxide: true
<Deeps> !ufw | carbon_monoxide
<ubottu> Sorry, I don't know anything about ufw
<Deeps> no me digas
<Deeps> shocking
<carbon_monoxide> lol
<carbon_monoxide> first time that i hear it says "Sorry, I don't know anything about sth"
<TANATHOS> ufw?
<TANATHOS> !iptables | carbon_monoxide
<ubottu> carbon_monoxide: Ubuntu, like any other linux distribution, has firewall capabilities built-in. The firewall is managed using the 'iptables' command (see https://help.ubuntu.com/community/IptablesHowTo), or GUI applications such as Firestarter (Gnome) or Guarddog (KDE).
<TANATHOS> I think this is what you wanted to do
<carbon_monoxide> thanks, TANATHOS!
<carbon_monoxide> ireading it
<carbon_monoxide> i'm reading it carefully *wink*
<soren> No.
<soren> carbon_monoxide: ufw is what you want. Really.
<TANATHOS> soren what is ufw?
<Deeps> uncomplicated firewall
<TANATHOS> :)))
<soren> https://wiki.ubuntu.com/UbuntuFirewall
<Deeps> ubuntu's nicer front end to iptables
<carbon_monoxide> but what i'm confusing now is that, dropping all inc connection except those from port 22 will cause DNS query failure. but i can still get my SSH login successfully. it just takes me longer to wait for the password prompt\
<Deeps> yep, because the ssh server is trying to do a dns lookup on your ip, and until the request completes or times out, it doesn't proceed to prompt you for your password
<Deeps> the time you're waiting is the time it takes for the dns lookup to time out
<carbon_monoxide> Deeps: i see!
<soren> I'm quite sure ufw defaults to allowing established and related connections, and hence would not have this problem.
<carbon_monoxide> sudo iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT #this line seems like solving my problem
<carbon_monoxide> but ufw is a better choice
<jdstrand_> when one does 'sudo ufw enable' it blocks all incoming connections, and allows all outgoing, with connection tracking, so that a standalone computer can connect and use most any service available on a server
<jdstrand_> so, for example, one can do outgoing DNS queries, http, irc, etc
<jdstrand_> to allow incoming connections, simply do 'sudo ufw allow <port>'
<jdstrand_> sudo 'man ufw' for more details on its usage
<jdstrand_> s/sudo/see/
<carbon_monoxide> thanks jdstrand_
<sandstrom> With a password of 14 random characters, I shouldn't have to worry about brute-force attacks on my SSH server, right?
<carbon_monoxide> thanks for the help from all of you! i gotta leave. will be hanging around here later. see you all!
<sandstrom> jdstrand: I've spent alot of time trying to get ufw to allow outgoing hostname lookups, without succeeding. You seem very skilled, would you mind taking a look at this? http://pastie.org/301348
<uvirtbot> New bug: #289856 in openvpn (universe) "openvpn 2.1~rc11 tls_read_plaintext error" [Undecided,New] https://launchpad.net/bugs/289856
<jdstrand> sandstrom: it appears that your /etc/ufw/*.rules files are not standard
<jdstrand> sandstrom: you are missing all the connection tracking rules and icmp
<kirkland> philsf: there's no such howto that I know of
<jdstrand> sandstrom: I suggest you: sudo dpkg --purge --force-depends ufw ; sudo apt-get install ufw
<jdstrand> sandstrom: then add your rules back in. oh, you should 'sudo ufw disable' prior to running the above command
<sandstrom> okey
<sandstrom> will do
<sandstrom> I get an error the first time I run ufw enable, linke this: root@k226741:/etc/ufw# ufw enable
<sandstrom> ERROR: problem running init script
<sandstrom> might be related to the absence of my etc/ufw/*.rules
<jdstrand> sandstrom: uh, if you deleted /etc/ufw/*.rules, that would be problematic, yes
<sandstrom> no, I didn't
<sandstrom> absence was the wrong word. I ment the absence of my ufw/*.rules in my ip-tables
<sandstrom> I get this when I ran your recommended command above: FATAL: Could not load /lib/modules/2.6.18-028stab053.17/modules.dep:
<sandstrom> No such file or directory
<sandstrom> ip6tables v1.3.8: can't initialize ip6tables table `filter': iptables who? (do you need to insmod?)
<sandstrom> Perhaps ip6tables or your kernel needs to be upgraded.
<jdstrand> sandstrom: so your kernel does not support ipv6?
<sandstrom> might be. Unfortunately this production server is running on a VPS, so I don't have control over the kernel
<jdstrand> sandstrom: what version of ufw are you using? ufw --version
<sandstrom> 'ufw 0.16.2.3
<jdstrand> sandstrom: ok, there is an open bug with the way some people disable ipv6, but we can work around it
<sandstrom> great!
<sandstrom> I really appreciate your help
<jdstrand> sandstrom: rather than removing ufw, let's just copy the original rules files in place:
<jdstrand> sudo cp -a /usr/share/ufw/*.rules /etc/ufw
<sandstrom> done
<jdstrand> sandstrom: sudo /etc/init.d/ufw stop
<sandstrom> done
<jdstrand> please paste 'sudo iptables -L -n'
<sandstrom> http://pastie.org/301379
<jdstrand> sandstrom: ok good. now do 'sudo ufw enable'
<sandstrom> root@k226741:/etc/ufw# ufw enable; ERROR: problem running init script
<jdstrand> right
<sandstrom> I think this is where the problem starts.
<jdstrand> now paste: sudo iptables -L -n
<sandstrom> http://pastie.org/301380
<jdstrand> sandstrom: do you have time to help me debug this, and therefore develop a patch for ufw?
<sandstrom> Thinking of this it might be that the state module isn't activated in my iptables, and thats why it hangs.
<sandstrom> sure
<jdstrand> good-- I don't have access to one of these VPS machines, and it will be very helpful
<sandstrom> thats allright.
<jdstrand> sandstrom: can you paste the output of 'lsmod'
<sandstrom> perhaps we should move to a private conversation
<jdstrand> sandstrom: if you'd prefer
<sandstrom> for others, so we don't fill up the channel
<sandstrom> people living nearby the channel could drown
<ScottK> sandstrom: Alternatively there isn't a lot else going on and someone else will likely learn something.
<sandstrom> root@k226741:/etc/ufw# lsmod
<sandstrom> Module                  Size  Used by
<sandstrom> ScottK: okey
<sandstrom> jdstrand: http://pastie.org/301385
<jdstrand> sandstrom: (for the irc logs) we determined that your kernel is a) monolithic and b) does not support netfilter connection tracking
<jdstrand> ufw depends on connection tracking in the kernel, so it will not work for you. You will have to create stateless rules due to your kernel
<ScottK> Is that a kernel we ship or did he roll his own?
<jdstrand> sandstrom: you have been very helpful, and I can have ufw detect for this and bail out with a helpful error message
<jdstrand> sandstrom: thanks a lot!
<jdstrand> ScottK: no-- it is with a hosting provider
<ScottK> Ah.
<jdstrand> sandstrom: fyi-- filed bug #289906
<uvirtbot> Launchpad bug 289906 in ufw "ufw fails when connection tracking is not available" [Medium,Triaged] https://launchpad.net/bugs/289906
<soren> jdstrand: What's the kernel version there?
<jdstrand> 2.6.18
<jdstrand> soren: it's non-Ubuntu
<soren> jdstrand: Right, got it.
<soren> jdstrand: Didn't nf_conntrack appear after 2.6.18?
<soren> Like 2.6.20-ish?
<jdstrand> I don't know off-hand
<soren> I have a machine running 2.6.17. It doesn't have nf_conntrack either, but it does have connection tracking.
<jdstrand> soren: I can probably be smarter about it, but the command that fails is:
<jdstrand> # iptables -A ufw-before-input -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
<jdstrand> iptables: No chain/target/match by that name
<jdstrand> and yes, ufw-before-input exists :)
<soren> jdstrand: What's the advantage of ctstate over state?
<jdstrand>    conntrack
<jdstrand>        This module, when combined with connection tracking, allows  access  to
<jdstrand>        more  connection  tracking  information  than the "state" match.  (this
<jdstrand>        module is present only if iptables was compiled under a kernel supportâ
<jdstrand>        ing this feature)
<Deeps> in bash conditionals, what's the difference between -L and -h?
<Deeps> in the bash reference i'm looking at, both appear to serve the same function - True if file exists and is a symbolic link.
<Steve[cug]> afternoon everyone
<Steve[cug]> does anyone have a suggestion for a SAS HCA card to connect to a dell md3000?
<Steve[cug]> the SAS 5/E card that they ship doesn't work with ubuntu
<trashguy> i use LSI
<Steve[cug]> trashguy: and that uses an infiniband cable?
<Steve[cug]> I need to connect to a dell md3000
<maswan> Steve[cug]: lsi controllers come with all kinds of connectors
<maswan> you can probably find the right model though
<trashguy> http://www.lsi.com/storage_home/products_home/internal_raid/megaraid_sas/index.html
<Steve[cug]> hmmm
<Steve[cug]> it IS an LSI
<Steve[cug]>  LSI Logic / Symbios Logic SAS1068 PCI-X Fusion-MPT SAS (rev 01)
<Steve[cug]> i keep getting errors from the kernel however
<Steve[cug]> Oct 27 12:19:57 nfs1 kernel: [  688.929491] end_request: I/O error, dev sdc, sector 0
<maswan> then the problem likely isn't with kernel support
<Steve[cug]> however the other machine (which is RHEL for testing) works fine
<mathiaz> jcastro: hey - could I take Tuesday 18:00 UTC slot to make a intro the Server team session next week?
<mathiaz> jcastro: I'm planning to change some of the parts I've used during the last presentation (changing the member presentation with a list of features that have been developed in intrepid)
<jcastro> mathiaz: sure, just move it to whatever empty slot you want
<mathiaz> jcastro: great
<toobaz1> Hello.
<toobaz1> I'm trying to use ldap for authentication, via libpam-ldap. I succesfully populated my database, and now if I give the command "id battiston" ("battiston" is the name of a user), I (finally) correctly get:
<toobaz1>     uid=40626(battiston) gid=40626(battiston) groups=40626(battiston),10042(macchinisti)
<toobaz1> but if I try "su battiston", I get:
<toobaz1>     Unknown id: battiston
<toobaz1> At which level do you think the problem can be?
<Weasel[DK]> toobaz1, have a look at this... might give you the answer <> http://linuxadministration.us/2008/05/17/ubuntu-804-hardy-ldap-client/
<toobaz1> Weasel[DK]: Mmh... I'm taking a look at it, thanks
<toobaz1> In my syslog I found the following:
<toobaz1> Oct 27 20:36:11 poisson slapd[6686]: SASL [conn=141] Failure: no secret in database
<toobaz1> Oct 27 20:36:11 poisson slapd[6686]: conn=141 op=2 RESULT tag=97 err=49 text=SASL(-13): user not found: no secret in database
<toobaz1> Oct 27 20:36:11 poisson slapd[6686]: conn=141 fd=17 closed (connection lost)
<toobaz1> let me investigate some more
<osmosis> http://dpaste.com/87148/   With linux software raid 10, how do I tell which drives are mirroring eachother?
<hsl> hello
<hsl> I'm upgrading my server from 6.06 LTS to 8.04 LTS
<hsl> I'm doing a do-release-upgrade
<hsl> http://pastebin.com/d647938ed
<hsl> that;s the error I get
<hsl> any clue how I can restart the upgrade process?
#ubuntu-server 2008-10-28
<cflowers> .
<carbon_monoxide> greetings all!
<carbon_monoxide> is there any repository for Mono 2.0 or newer for Ubuntu 8.4?
<arooni-mobile> with: perl: warning: Please check that your locale settings:
<arooni-mobile> ;  how do i fix that on ubuntu hardy?
<carbon_monoxide> Hi there
<carbon_monoxide> do i really have to compile Mono myself rather than apt-get/aptitude it? this is not debian/ubuntu style
<carbon_monoxide> !mono
<ubottu> Sorry, I don't know anything about mono
<phaidros> how would one monitor a complete directory and trigger an action if something in there cahnged?
<phaidros> fam and gamin seem to be more oriented for the desktop an I don't want to expose RPC to the outer world :)
<phaidros> so, what would be a recommendatable technology for file monitoring on servers?
<soren> phaidros: For real-time monitoring?
<soren> carbon_monoxide: No, why would you suggest that?
<carbon_monoxide> soren: because i can't find Mono in repo
<henkjan> carbon_monoxide: http://inotify-tools.sourceforge.net/
<soren> carbon_monoxide: http://packages.ubuntu.com/search?suite=default&section=all&arch=any&searchon=names&keywords=mono
<carbon_monoxide> thanks henkjan and soren!
<carbon_monoxide> soren: mono package seems is ready on 8.04
<soren> carbon_monoxide: Mono has been in Ubuntu for ages.
<carbon_monoxide> soren: mono is available for dapper, feisty, and gutsy when i look into the URL you've provide me
<Koon> carbon_monoxide: scroll down
<carbon_monoxide> hi Koon! do you mean mono-common?
<Koon> carbon_monoxide: apparently the mono packages have been refactored
<carbon_monoxide> Koon: i see. thanks for the assist! :)
<Koon> depending on what you're after, mono-runtime looks promising
<carbon_monoxide> Koon: so the mono-mcs seems like the c# compiler
<Koon> carbon_monoxide: I have absolutely no Mono clue.
<carbon_monoxide> Koon: me too. no knowledge on .NET
<phaidros> soren: yes, for realtime monitoring
<henkjan> phaidros: http://inotify-tools.sourceforge.net/
<henkjan> carbon_monoxide: that url was not for you :)
<phaidros> thx henkjan, looks like the solution I searched :)
<phaidros> to be precise: incron is the chosen one
<alexharrington> Any libvirt gurus about? I'm trying to get kvm live migration working on hardy, but can't get to qemu monitor per the docs I've found on the kvm site
<alexharrington> i just get a prompt "serial0" where the "qemu>" prompt should be
<phaidros> anyone familiar with incron? how to declare a whole directory recursive? (/tmp/foo/* is not working unfortunately)
<soren> alexharrington: You can't get access to the monitor, when you're using libvirt.
<soren> alexharrington: ...by design.
<alexharrington> soren: ok, any idea how to do migration via libvirt then?
<soren> alexharrington: Not possible.
<soren> alexharrington: In Hardy, at least.
<soren> alexharrington: In Jaunty, probably.
<alexharrington> soren: ok - thanks for your help. Tis a shame, we'll just have to wait. Cheers
<soren> alexharrington: np
<paul68> I have a server with 2 ethernet cards for which eth0 is active at this point, if I activate the 2nd eth is that going to interfear with my current setup?
<paul68> I have a server with 2 ethernet cards for which eth0 is active at this point, if I activate the 2nd eth is that going to interfear with my current setup?
<ikonia> paul68: depends on your routing, but most likley - no
<alexharrington> paul68: It depends on how you configure the second card. Assuming you put it on a different subnet then it shouldn't cause your original any problem
<paul68> ikonia so I can easely modify my interfaces file and start the 2nd eth accordingly
<ikonia> yes, as long as your routing is sound, you'll have no problems
<paul68> I still have to create my firewall that's the reason that I want to fire up my 2nd eth
<paul68> at this point my router is still handling the firewall part but I want to change my server into firewal router dns and dhcp server and install the router as ap on my network
<ikonia> paul68: ok, so what's the question ?
<paul68> the original question was if I could do this and the reason why I wanted to do that
<ikonia> paul68 you can do it, although it seems a bit pointles, it depends on your needs
<paul68> well I want to prepare my system to change to the mentioned config with as less downtime possible since my pregnant wife gets very dangerous when she doesn't have her internet
<ikonia> ok
<paul68> can I modify my interfaces file and restart my networking from remote?
<ikonia> sure
<paul68> Ikonia thanks for your time
<ikonia> no problem
<bogey-> nano > vim ?
<audela> Hello, I'd like to make a certificate that will be signed by a authority elsewhere... I try the command with openssl and it ask about a pem passphrase, will it be necessary for the authority on signon procedure and each time when I restart apache ? If
<audela> yes how to bypass it ?
<_ruben> use empty passphrase
<audela> it does not work and ask for a 4 digit passphrase
<audela> the command tested is : openssl req -newkey rsa:1024 -keyout cle-privee.key -out cle-publique.req
<zul> meeting in a hour?
<Koon> hmm... in two I think.
<Koon> hmm no
<mathiaz> zul: 15:00 UTC
<mathiaz> Koon: ^^
<Koon> My Google calendar entry is confused ;)
<mathiaz> Koon: yeah - welcome to DST
<mathiaz> Koon: or whatever time saving period we're in
<nijaba> 15:00 UTC == 30 min from now, right?
<Koon> nijaba: yes
<spiekey> Hello!
<spiekey> this might be a little off topic but i know here are some smart ppl :)
<spiekey> i am failing to compile syslog http://pastebin.com/m4bf1b114
<spiekey> tha autor says: #
<spiekey> try adding a -ldbi to the link command line.
<spiekey> but i dont know how?! Whats the syntax? :)
<spiekey> anyone? :)
<SchneeSchwarz> spiekey: is libdbi0-dev installed on the machine? But: why do you want to compile syslog in the first place.
<spiekey> SchneeSchwarz: because i need native postgres support :)
<spiekey> SchneeSchwarz: yes, its installed.
<SchneeSchwarz> I'm not familiar with compiling syslog-ng. But the generic first step I'd try is to look at the output of ./configure --help (in the dir where you unpacked the sources). Maybe there's an option to enable pgsql support.
<SchneeSchwarz> If all else fails, you could execute line 4 of your paste manually after adding -ldbi to it.
<spiekey> that worked! :))
<iAlien> I am hopeing that somebody has an idea for a work around for a problem i am having with ubuntu server 8.04. It wont install on a Dell Latitude D600 I have at the office. It appears to be a known issue, I am just hopeing there is a workaround that i have not found
<Deeps> looked on launchpad?
<iAlien> kernel panic
<iAlien> this kernel requires the following features not present on the cpu 0:6
<iAlien> unable to book please use a kernel appropriate for your cpu
<andol> iAlien: Sounds like your D600 doesn't support PAE?
<andol> iAlien: Is it neccesary to run the server-kernel, or would it work with the generic ubuntu kernel?
<iAlien> thats what i'm thinking -- i am just needing to use it as a test bed so i can develop a website with out having it on a live server
<iAlien> just need apache / php / mysql
<iAlien> and sshd
<trashguy> ?
<trashguy> why wouldnt it support PAE?
<trashguy> hwo old is this thing
<iAlien> im guessing 3 or 4 years
<iAlien> was here when i started working here
<trashguy> should be fine
<trashguy> p4 right?
<iAlien> Pentium m --- however we do have a few that have the p4
<soren> iAlien: You need to get the generic kernel installed.
<soren> iAlien: Boot the server cd, and enter rescue mode. go through the dialogues, and when you're in a shell on the installed system, do an apt-get install linux-generic.
<iAlien> thanks
<iAlien> i knew there had to be an easier way then just installing the desktop version
<andol> iAlien: Another option could be to use the alternate-cd
<iAlien> just started the apt-get
<iAlien> sure seems that linux has changed alot - i don't remember it being this easy
<andol> iAlien: It wasn't :)
<freaky_t> i hope i can upgrade from ubuntu hardy to intrepid without any problems on my server in 2-3 days
<freaky_t> maybe i should wait another week so any occuring bugs will be fixed
<trashguy> i doubt its pae messing his stuff up
<iAlien> was 7 years when i last worked with well at that time freebsd
<trashguy> dell laptops are ntorious fail
<trashguy> freebsd isnt linux ^^
<iAlien> true
<trashguy> its a crime to associate it with linux
<trashguy> I actually run the desktop version of ubuntu with the server kernel though
<trashguy> its win
<iAlien> i have the desktop version on a few systems here ( was only able to get away with it cause we were out of licenses for AV software ) for internet terminals for clients
<espacious> why i get this when i try to rename a file ?
<espacious> Bareword "contacts_nagios2" not allowed while "strict subs" in use at (eval 1) line 1.
<espacious> Bareword "cfg" not allowed while "strict subs" in use at (eval 1) line 1.
<iAlien> thanks that worked :)
<jason^> i have a server that i'd like any mail going to any user to go to a different server such as my isp email account, how can this be done?  i've thought of using a .forward file, but that doesn't take care of any mail going to any user
<pltmnky> howdy :) anybody here great with cups and kerberos?
<nijaba> jason^: what about using /etc/aliases? http://manpages.ubuntu.com/manpages/intrepid/en/man5/aliases.html
<nijaba> !ask | pltmnky
<ubottu> pltmnky: Please don't ask to ask a question, ask the question (all on ONE line, so others can read and follow it easily). If anyone knows the answer they will most likely answer. :-)
<pltmnky> :P well, we have a printserver, and a kdc and ldap servers already working and set up correctly. I was able to follow the cups docs on getting cups to auth against kerberos (meaning ask for a password everytime we print). (there are _no_ windows/macs in the mix). I would like for cups to check against the existing kerberos ticket for user printing
<espacious> why i get this when i try to rename a file ?
<espacious> Bareword "cfg" not allowed while "strict subs" in use at (eval 1) line 1.
<espacious> oh mv did the trick
<andol> espacious: What command did you try to use at first?
<espacious> andol rename filename.ext newname.ext
<nijaba> pltmnky: did you check out http://www.cups.org/documentation.php/kerberos.html ?
<kirkland> i'd like to share /tmp/share using an ubuntu server, to another ubuntu client
<kirkland> and i'm having a hell of a time doing it
<pltmnky> exit
<pltmnky> lawl
<pltmnky> nijaba: yes, though it still asks for the password x.x (I'd like to avoid this by using the existing ticket like samba is able to)
<ctx144k> hi all
<ctx144k> how can i get the uuid of my disks on shell?
<yann2_> I've got 500MB of swap used on a server - but plenty of ram not used at all. Is there a way to find out what is using all this space? nothing shows up in top
<Rayn> Hey guys, is it possible for me to switch from 32-bit ubuntu server to 64-bit remotely?
<deshantm> Rayn: http://etbe.coker.com.au/2008/10/22/upgrading-a-server-to-64bit-xen/
<Rayn> interesting, thanks
<Rayn> so this basically says I can replace the kernel, then work on all the other stuff.. I wonder if I can just install a 64bit kernel and then change the repository configs
<uvirtbot> New bug: #290443 in postfix (main) "package update-manager 1:0.93.32 failed to install/upgrade: ErrorMessage: SystemError in cache.commit(): E:Sub-process /usr/bin/dpkg returned an error code (1)" [Undecided,Incomplete] https://launchpad.net/bugs/290443
<cflowers> where can i find really good doc on the new system that replaces init.d?
<cflowers> with some details
 * lamont slaps 290443 into the invalid bucket, where it belongs
<kraut> new init.d?
<kraut> like SCA on solaris?
<kraut> cflowers: did you read that? https://wiki.ubuntu.com/ReplacementInit
<yann2_> 2006-06...
<kraut> dewd, you can read!
<kraut> yann2_: ReplacementInit (zuletzt geÃ¤ndert am 2008-09-13 03:26:17 durch grey)
<yann2_> he just added a comment :)
<kraut> FFS
<cflowers> anyone? bueller?
<cflowers> well, i found it. "upstart". some info here : http://upstart.ubuntu.com/
<slicslak> i can't remember the name of the cli app that can be used for high level configuration of packages (LAMP server, DNS, etc.)
<mathiaz> slicslak: tasksel
<slicslak> thx
<slicslak> what do i need to do to add an admin?  just use adduser and add the user to the sudo group?
<trashguy> yes
<mathiaz> slicslak: add the user to the admin group
<trashguy> thats right
<trashguy> ubuntu just allows admin group to sudo
<slicslak> odd, on a ubuntu-server install i did last month the admin group existed (and no sudo group).  but on this install of ubuntu-server there is no admin group but there is a sudo group.
<slicslak> have you guys heard of this type of setup with ubuntu?
<mathiaz> slicslak: which version of ubuntu-server are you using?
<slicslak> /proc/version says Ubuntu 4.2.3-2ubuntu7
<trashguy> slicslak, you can also
<trashguy> just ad your username to the sudoers file
<slicslak> ya, and inspecting /etc/sudoers only shows root in there.  how odd.  so this definitely isn't a default ubuntu install.  does this sound like a derivitive you guys have heard of at all?
<mathiaz> slicslak: how did you install the system?
<slicslak> mathiaz, i didn't.  it's a dedicated server that was setup for me.
<mathiaz> slicslak: hm - well. It may be specific to your hosting company then.
<slicslak> right.  :/
<mathiaz> slicslak: 4.2.3-2ubuntu7 is from Ubuntu Hardy 8.04 LTS
<slicslak> ya, thanks mathiaz.  i'll have to complain to them then and ask them what else they have changed
<J-_> Has anyone installed wordpress on Hardy Heron(server)? I need some help.
<slicslak> J-_, it's pretty easy, but have you tried #wordpress?
<J-_> slicslak:  Yes. I've installed it and everything. Just not sure what to chmod /var/www/wp-content to. I did a "sudo chmod -R 777 wp-content" But, I'm not entirely sure if that's right. I've sftp'd into the server to look at the directory and it looks like anyone can create and delete files. And, I'm not sure if I should chmod 666 .htaccess
<J-_> slicslak:  any ideas?
<slicslak> J-_, never 777 your stuff
<slicslak> i don't know why that keeps perpetuating in the forums
<J-_> :(
<slicslak> I recommend:
<slicslak> sudo chmod ug=rwX,o=
<slicslak> that will give the user and group read and write and other nothing
<slicslak> the X makes directories only executable (readable in that case)
<slicslak> or you might try:
<slicslak> sudo chmod ug=rwX,o=rX
<slicslak> that's also an ok setup and will let apache read your files if it's not the owner or in the group
<anthony> Hi, I know in the last release cycle NUT had a MIR that I believe was accepted, yet I haven't succeeded in finding documentation for it in the Ubuntu Server Guide or on the wiki.  Could someone point me in the right direction?  (I'm hoping to set up a new server & UPS tomorrow.)
<J-_> slicslak:  the 2nd one didn't work well. It says, "You need to make this file writable before you can save your changes." Then states to do, http://codex.wordpress.org/Changing_File_Permissions
<J-_> Maybe this is why I used drupal a while ago
<J-_> BLEH
#ubuntu-server 2008-10-29
<slicslak> J-_, that means that apache needs access and it isn't an owner of the files
<slicslak> so you can try sudo chmod ugo=rwX
<slicslak> or you could do chgrp www-data
<slicslak> the later is safer
<slicslak> you have the same issue with all webapps, i would advise reading up on permissions in general so you understand what the issue is.
<maw> anyone know how to send windows events to a syslog-ng server?
<slicslak> if aptitude says that a package was automatically installed, how can i determine which package needed it?
<anthony> slicslak:  apt-cache rdepends packagename could give hints (although it won't say exactly which one was the case)
<mynous> does anyone know why a proftpd download from a server would cause rtorrent uploads on that server to come to a near complete stand still?
<mrpockets> hey guys
<espacious_> how do i find where are the binarise of some programs?
<leugimap> espacious_: http://manpages.ubuntu.com/manpages/hardy/en/man1/which.html
<uvirtbot> New bug: #290555 in munin (universe) "munin-node ships #!/bin/sh scripts with bashims" [Undecided,New] https://launchpad.net/bugs/290555
<kyle888> howdy
<slangasek> who normally takes care of testing installation of JeOS on ESX for milestones?  those are the only test cases we don't have results from yet on server for final
<kraut> moin
<lukehasnoname> AHHHHH
<Ububegin> hi.. i have set up a server... Whenever, I type http://localhost .. I want it to get automatically directed to http://localhost/ProjA ... How can I achieve this.. Is there some conf file, I can configure to get this result..
<scientus_> how do i turn a auto-update on server like on desktop
<_ruben> !info cron-apt
<ubottu> cron-apt (source: cron-apt): automatic update of packages using apt-get. In component universe, is optional. Version 0.6.4 (hardy), package size 24 kB, installed size 216 kB
<soren> Am I the only one whose logrotate seems to rotate logfiles every day even though logrotate.conf says to rotate them weekly?
<slangasek> which logfiles?
<slangasek> many of mine are rotated weekly
<henkjan> on hardy configurated weekly - rotated weekly
<soren> slangasek: anything in /var/log, really. Mail logs in particular.
<slangasek> soren: not reproducible for me
<soren> slangasek: Weirdness.
<soren> slangasek: Double weirdness. /var/lib/logrotate/status doesn't even mention my mail logs.
<uvirtbot> New bug: #290673 in samba (main) "fusesmb mount disappears - libsmbclient segfaults" [Undecided,New] https://launchpad.net/bugs/290673
<roktangent> Is there a way to install Ubuntu Server with the encrypted LVM option?  I booted a bunch of ISO's I have, but it doesn't seem to be in any of the installers...is it strictly on the alternative CD?
<thefish> roktangent: yep i think so
<roktangent> Can I installed a no-GUI server via alternate CD?
<mathiaz> roktangent: thre is an option for encrypted LVM in the -server installer.
<roktangent> Is it only in the latest release?
<thefish> roktangent: yes, but also check out jeos for that, its a tiny, really basic install
<roktangent> I guess I should have said 8.04 or 8.10....by latest?
<mathiaz> roktangent: 8.04 and 8.10 support lvm encryption at install time
<roktangent> including the jeos disc?
<mathiaz> roktangent: I don't know if you'd have the option on the JeOS disc.
<thefish> mathiaz: can you modprobe md_mod from a livecd then?
<thefish> that would be useful
<mathiaz> thefish: may be - I don't know about the livecd.
<thefish> i tried quite a while ago, and no joy, but may have been added
<nijaba> mathiaz: yes, LVM encrypted is an option on JeOS (/me remembers that it took a while to have all components in minimal to make it work)
<roktangent> nijaba, are you saying iit is an install-time option on Jeos?
<nijaba> roktangent: yes it is
<roktangent> I'll check it out
<nijaba> roktangent: 8.04 has a separate installer while 8.10 JeOS installer is combined with the standard server CD
<nijaba> for 8.10 press F4 on the first screen and selection "Install a minimal virtual guest"
<roktangent> I got the 8.04 image....it should be on there right?
<roktangent> thanks for the 8.10 tip
<nijaba> roktangent: right and you are welcome
<roktangent> nijaba, 8.04.1 JeoS just says "Guided, use entire disk, Guided use entire disk and setup LVM, and Manual"....no encrypted option
<nijaba> roktangent: duh.  I woudl have sworn it was there, sorry :(
<yann2> nijaba > I think there are several issues with the bacula package on hardy - should I try reporting bugs?
<yann2> many small issues, easily fixable, but which makes it a bit hard to try out  :)
<nijaba> yann2: sure, with my full gratitude if you do so ;)
 * ScottK just noticed that the title for the Ubuntu Server press release about Clamav/Spamassassin in Main looks a lot like the title of my blog post on the topic. 
<ScottK> ;-)
<nijaba> ScottK: I'm glad you noticed ;)
<uvirtbot> New bug: #290747 in openssh (main) "Intrepid X11 Forwarding Not Working" [Undecided,New] https://launchpad.net/bugs/290747
<madrazr> Hi all, I have a dynamic IP connection. I urgently want to demo a site to one of the persons. So I gave to that person this, http://59.92.223.62/
<madrazr> but it says page not found
<madrazr> what should I do?
<madrazr> what should I change in the Apache configuration?
<madrazr> btw, thats my IP, any can try please
<nijaba> madrazr: I confirm the 404 error.  Here is the Apache signature I get with it: Apache/2.2.8 (Ubuntu) mod_jk/1.2.25 mod_python/3.3.1 Python/2.5.2 PHP/5.2.4-2ubuntu5.3 with Suhosin-Patch mod_vhost_hash_alias/1.0 mod_wsgi/1.3 Server at 59.92.223.62 Port 80
<madrazr> nijaba: yeah thats the problem
<nijaba> madrazr: when you test locally, what url do you use and what do you get?
<madrazr> nijaba: I have many configuration files like, default, drupal6, drupal6.4, ikiwik, I usually use localhost, drupal6, drupal64, ikiwik respectively
<madrazr> for local testing
<madrazr> nijaba: many files in sites-available I mean
<nijaba> madrazr: so http://localhost/ does return something to you.
<madrazr> nijaba: yes
<madrazr> that works
<madrazr> nijaba: all the other URLs I told work too
<nijaba> madrazr: you should check your apache log to see if you have some external hits on your server
<madrazr> nijaba: just a min
<madrazr> nijaba: /var/log right?
<nijaba> madrazr: you might be hitting another server
<nijaba> madrazr: yep
<madrazr> nijaba: should I see access.log or error.log?
<nijaba> madrazr: error.log -> 404
<madrazr> nijaba: your IP is 82.242.21.186?
<nijaba> madrazr: yep
<madrazr> Ok
<madrazr> nijaba: got the error
<madrazr> [Wed Oct 29 21:07:10 2008] [error] [client 82.242.21.186] File does not exist: /home/madhu/mywebdevelopment/drupal6.0
<madrazr> I know that directory doesn't exist
<madrazr> but how to change?
<nijaba> madrazr: that's in your site definition in site-available
<madrazr> nijaba: I changed it
<madrazr> but still the same problem
<nijaba> madrazr: can you pastbin is somewhere ?
<madrazr> nijaba: actually when I restart Apache, I used to get this error , http://paste.ubuntu.com/64138/
<madrazr> nijaba: what exactly should I paste?
<madrazr> nijaba: in the previous paste there is a warning
<madrazr> that warning used to come before, now I changed the wrong path to an existing path
<madrazr> nijaba: and still the same warning comes
<madrazr> nijaba: what shall I paste now?
<nijaba> madrazr: on the phone atm..
<madrazr> Ok
<mathiaz> nealmcb: thanks for the correction on the minutes.
<mathiaz> nealmcb: seems that I have to fix my script that generates the email from the wiki page.
<madrazr> nijaba: I think I found it
<madrazr> nijaba: will confirm in some time
<madrazr> nijaba: thanks for the help. I found out the problem
<nijaba> madrazr: great!
<madrazr> I had written a configuration in httpd.conf unknowingly and did not even know that httpd.conf will override other configuration files in sites-available
<madrazr> nijaba: thanks a lot.
<nijaba> np, I did not do much...
<madrazr> nijaba: reminded me to check error.log. I was not doing this and foolishly trying all sorts of things from past 6-7 hours
<madrazr> :)
<nijaba> madrazr: glad I could help then
<madrazr> nijaba: :)
<nealmcb> mathiaz: :)  thanks again for doing the minutes so well - it helps a lot
<espacious_> anyone has nagios2 installed?
<incidence> Hey, How do I make selinux to log? Or how do I test that if it works?
<espacious_> hello i installed a package than i removed it trought apt but the filese wesre still in /etc/some program so i rm -R that dir
<espacious_> now i try to reinstall the package and it refuses
<espacious_> neither revove is ok.
<espacious_> nagios2-common
<espacious_> nagios2
<espacious_> E: Sub-process /usr/bin/dpkg returned an error code (1)
<robd> Hey guys
<robd> Is there an easy way to see how fast tx / rx is on an interface via the command line?
<robd> I'm looking for something like atop, but just the network speed
<robd> and ideally something that doesn't have to muck with the kernel
<Deeps> ethtool will tell you what your link speed is
<Deeps> bwm(-ng) will tell you current rx/tx rates
<robd> Deeps: great
<Deeps> ethtool only works on ethernet links mind*
<robd> Yeah, it's just a e1000 NIC
<robd> I'm just hoping to figure out why my NetBackup server is only receiving data at like 300k/sec
<redi> hello
<redi> can anybody unlock mandriva channel to enter because they banned me
<admin_masu3701> hello
<admin_masu3701> am trying to learn networking...do anyone know of a good tutorial?
<redi> ?????????????????????????????????????
<robd> redi: This is the Ubuntu channel... They have no connection with Mandriva
<robd> redi: So no, we can't help
<redi> Fuck you then
<zul> that was umm...interesting
<admin_masu3701> ??
<robd> Deeps: Hey thanks for bwm-ng, it looks like a great tool!
<robd> see you guys
<nealmcb> admin_masu3701: networking is a broad topic, and this is the ubuntu server channel, so I suggest googling with more specifics instead
<slicslak> what log should i look in for package installation?  if its syslog, what keyword should i grep for?
<zfuser99> Is there a mistake in the ubuntu server guide, mail filtering section, https://help.ubuntu.com/8.04/serverguide/C/mail-filtering.html#postfix-mail-filtering-configuration
<zfuser99> postconf is at port 10024 and master.cf is set at port 10025?
<sommer> zfuser99: nope, that's correct
<sommer> zfuser99: you should be able to telnet localhost 10024
<sommer> and 10025
<zfuser99> Thanks sommer
<sommer> np
<tymop_> hllo everybody
<tymop_>  i am searching some help with the software tetrinet-server. Can I ask here
<andyjeffries> Hi everyone, I'm new to Ubuntu server.  I've admined Gentoo systems for a few years now but am migrating my first one to Ubuntu server.  My question is - after apt-get install uw-imapd, what do I have to do to get it listening for incoming connections (I can't find xinet.d files anywhere)
<mathiaz> andyjeffries: are you sure you want to use uw-imapd?
<mathiaz> andyjeffries: dovecot is the standard imapd daemon in ubuntu
<andyjeffries> mathiaz: I have existing mbox files I have to copy over...  Is there an alternative that will use mbox files?
<mathiaz> andyjeffries: dovecot supports mbox files
<andyjeffries> mathiaz: OK, I'll give that a go.  Do you have much experience with it if I have issues?
<mathiaz> andyjeffries: http://wiki.dovecot.org/Migration/UW
<andyjeffries> mathiaz: thanks for that.
<andyjeffries> mathiaz: are you around?
<andyjeffries> I get an error when I try to login - dovecot: POP3(accounts): open(/var/mail/accounts, O_CREAT) failed: Permission denied
<andyjeffries> ls -l /var|grep maildrwxrwsr-x  2 root mail  4096 Oct 30  2008 mail
<andyjeffries> (oops missed the line break)
<slicslak> is there a repository where i could see hardy online?  i found http://kernel.ubuntu.com/git but this is only for the kernel.  what about the entire distrobution?
<mathiaz> slicslak: what are you looking for exactly?
<mathiaz> slicslak: packages.ubuntu.com
<slicslak> mathiaz, i want to see the default /etc directory as ships
<mathiaz> slicslak: well the content depends on which packages you've installed on the system
<slicslak> mathiaz, sure, but with no packages installed?  is there a default base?  if recall my sudo questions of yesterday... my host maintains they haven't touched a thing.  so i would like to prove to them that their sudoers files i messed.  but i need an online source to point to
<soren> slicslak: With no packages installed, you've got an empty filesystem.
<mathiaz> slicslak: the /etc/sudoers files is created by the postinst script of the sudoers package
<slicslak> right, so i need to look in that package.  thanks
<richf> I set up ubuntu server, but need the GUI at boot rather than just he command line.  I see no inittab in etc and know tha the runlevels in ubuntu are different than in Cent and RH
<mathiaz> !servergui | richf
<ubottu> richf: Ubuntu server does not install a desktop environment or X11 by default in order to enhance security, efficiency and performance.  !eBox provides a GUI system management option via a web interface.  See https://help.ubuntu.com/community/ServerGUI for more background and options.
<richf> mathiaz, I know.  I installed KDE, am in it now, but want it to start automatically at boot.
<richf> mathiaz, I see no /etc/inittab
<ScottK> richf: How did you install KDE?
<richf> It was months ago, but let me go through bash history
<ScottK> richf: If you sudo apt-get install kubuntu-desktop that should get you a complete KDE desktop with autostarting.
<richf> sudo apt-get install kde was what I ran.
<ScottK> Install kubuntu-desktop.  It's a more complete set of packages.
<ScottK> You can remove extra stuff you don't want after.
<richf> Ahh.  Getting 'er now.  I'm used to rh type and inittab
<richf> THanks.
<ScottK> We don't have /etc/inittab because we use Upstart and not Sys V init.
<ScottK> IIRC Fedora has gone to Upstart now too.
<richf> Really...
<ScottK> I recall reading that.
<richf> That's what I cut teeth on, but left at FC5
<ScottK> Once that's installed, you can get Kubuntu/KDE specific questions answered in #kubuntu.  It's OT for this channel.
<mluser-work> Hello, I just installed ubuntu-8.04.1-server-i386.iso.  Installation went fine, but on boot I get a message that sais "This kernel requires the following features not present on the CPU: 0:6 Unable to boot - please use a kernel approprate for your CPU.".. Any ideas?
<phaidros> assuming we have a jail whereto users can - using rssh - only scp and sftp into. what would be a proper way to let users adjust their passwords?
<ScottK> mluser-work: What CPU?
<mluser-work> Pentium M
<ScottK> Dunno if that's supported by the server kernel.
<mluser-work> The ubuntu download site sais its for (x86 architecture, Pentiumâ¢, Celeronâ¢, Athlonâ¢, Sempronâ¢)
<mathiaz> mluser-work: right - try to install the -generic kernel instead. Try with the alternate iso rather then server iso.
<ScottK> Yes, but that doesn't mean there aren't pentiums it doesn't work with.
<mluser-work> mathiaz: 8.04-1 Desktop edition works just fine, can I use the alternate iso to install a non gui ubuntu server?
<ScottK> mluser-work: Or just sudo apt-get remove ubuntu-desktop followed by sudo apt-get autoremove
<ScottK> That gets you pretty well to the same place.
<mluser-work> ScottK: I already have the Desktop iso, can I use it instead and rmove the ubuntu-desktop from it? Or would it be better to use the alternate iso?
<ScottK> It gets you to the same place.
<mluser-work> ScottK: Thank you
<mluser-work> So basically no server optimizations are done by the server iso, other than not installing all the extra gui stuff?
<mathiaz> mluser-work: and installing the -server kernel flavor instead of the -generic kernel
<mluser-work> mathiaz: thanks, one last question, would it not be easier to just chroot into my server partition and apt-get install the generic kernel?
<ScottK> mluser-work: And in tasksel you get some additional options, but you can do that by hand.
<mathiaz> mluser-work: that would probably be easier and faster.
<ScottK> mluser-work: If you have a working box, yes.
<ScottK> I thought you didn't have a running box.
<mluser-work> I already have a ubuntu desktop installed on the same box
<mluser-work> ScottK: is there some environment script in ubuntu I need to run once I chroot into the server partition?
<mluser-work> ScottK: mathiaz: Thanks a bunch guys for all your help
<mluser-work> ScottK: mathiaz: Just so you two know.. it worked like a charm.. thanks again
<mathiaz> mluser-work: np :)
<rrittenhouse> I installed Ubuntu hardy server 64bit and 32bit on two different machines and when apache2 is installed has two different configurations.. is this right?
<uvirtbot> New bug: #290901 in dovecot (main) "Update to 1.1.6 - important fix for broken header parser" [High,New] https://launchpad.net/bugs/290901
<mathiaz> rrittenhouse: what's the difference?
<rrittenhouse> 64bit uses the envvars whereas the 32bit doesn't
<rrittenhouse> the config files are different
#ubuntu-server 2008-10-30
<uvirtbot> New bug: #290945 in samba (main) "shares disappeared after upgrade to intrepid" [Undecided,New] https://launchpad.net/bugs/290945
<kraut> moin
<gawin> Hi there, I have a question about using fdisk and fstab in my Ubuntu Server 8.04
<gawin> every time I reboot my server the two HD's get mixed up... so /dev/sda becomes /dev/sdb and b becomes a
<gawin> unfortunately the switching is quite random...
<gawin> What could cause this problem?
<nijaba> gawin: I do not know what could cause it, but I believe you can fix that by specifying uuid in your fstab
<gawin> how can I retrieve the uuid?
<nijaba> gawin: vol_id -u /dev/sdXX should work
<gawin> thx, (server is rebooting now, so I'll try that in a moment)
<gawin> great it seems to work just fine, thx Nijaba ;-)
<nijaba> gawin: np, my pleasure
<gawin> (I do have to reboot a few more times of course, but so far so good, fingers crossed)
 * nijaba crossing fingers for you as well, but pretty confident uuids won't jump too much
<gawin> yeah, would be rather inconvenient if uuid start reinventing themselves :-)
<Dedi> any way to forcecheck reiserfs and autofix everything on boot? (touch /forcefsck will not fix it afaik) ?
<ganes> ubuntu server didnt have gdm why?
<ara> hello, there is a small bug (localization stuff) in the page http://start.ubuntu.com/8.10/
<ara> where should I report it?
<ganes> i installed ubuntu server 8.04 but it is going only to command mode .. is it correct or not
<ara> reported at https://bugs.launchpad.net/ubuntu-website/+bug/290847
<uvirtbot> Launchpad bug 290847 in ubuntu-website "Error in Swedish http://start.ubuntu.com/8.10/" [Undecided,Confirmed]
<nijaba> ganes: yep, no X server by design, see http://www.ubuntu.com/products/whatisubuntu/serveredition/features/security
<ganes> nijaba,why they have not added the gdm like redhat .. this link i already gone through
<ganes> nijaba, is there any specific reson..
<nijaba> ganes: that's unwise in terms of security and you still have the choice to install what interface you like
<ganes> nijaba, while installing it is not asking any kind of gdm or kdm desktop..
<ogra> nijaba, you should probably make the first sentence there: "By design, Ubuntu Server Edition does not include an X server or any graphical desktop applications."
<hads> Yes
<nijaba> ganes: no and that's on purpose
<ganes> nijaba, im not getting
<ogra> might be that people dont know what an X server is :)
<ganes> nijaba, server cd has that package or not
<hads> As it's not installed on a server by defualt I don't imagine the packages are on the CD
<ganes> nijaba, server cd has the gdm package or not .. otherwise we need to install it manually from repo..
<nijaba> hads: correct
<ogra> ganes, no graphical apps at all
<nijaba> ganes: right, you'll need to get it from repos
<hads> OR just not install it :)
<ogra> :)
<ganes> nijaba, my question is redhat is giving why not from ubuntu
<ganes> ogra, if gdm is there it will be easy to configure
<ogra> ganes, its wasting resources
<nijaba> ganes: beacause we deliberately chose not to be another RedHat?
<ogra> adding more attacink points for security issues ...
<Koon> ganes: because we are better than RedHat ?
<ogra> *attacking
<ogra> if you want a GUI driven server i'd honestly go with the desktop CD and install the server apps you want
<ganes> is the ubuntu server installed any major institutes or any concern ..whats the feedback from them
<ganes> Koon, i want to install this on my server
 * hads has trouble deciphering
<ogra> ganes, how about that  ? http://www.theregister.co.uk/2008/10/13/wikimedia_goes_ubuntu/
<Koon> ganes: we have pretty big installs - and the bigger the happier they are with us leaving out X
<ogra> hads, he wants to see customer feedback
<ganes> ogra, ya
<maswan> on the server, you want remote (serial/serial over lan) console, not gdm
<maswan> at least for any bigger install
 * maswan manages a few dozen racks
<ganes> my self compiled the kernel which you are using by just putting your config file .. but it is asking lot of queries
<ganes> ogra, i just copied your config file & gave make oldconfig .. after it is asking questions
<ogra> ganes, there is #ubuntu-kernel for kernel questions :)
<ganes> ogra, i will be back after testing this server
<nijaba> ogra: suggestion added to the security page, thanks
<ogra> :)
<wo0f_> hi guys
<wo0f_> i need to setup a nx server
<wo0f_> does anyone know of a good tutorial that actually works?
<wo0f_> (also, will, freenx be in the 8.10 repo?)
<Ergo^> hello
<Ergo^> is it safe to upgrade the 8.04 server to 8.10 ?
<slangasek> Ergo^: please read the release notes and decide for yourself
<slangasek> it's "safe", but it may not be the right decision for all server users
<Ergo^> i was asking out of "something breaks" situation, im the sole "user" of the machine
<Ergo^> so i run apt-get dist-upgrade ? thats all ?
<Ergo^> nevermind
 * Ergo^ starts reading docs
<slangasek> http://www.ubuntu.com/getubuntu/upgrading documents the recommended upgrade path
<Ergo^> thank you
<ciapsadm> Hi
<ciapsadm> How do I know that the user name of the database:
<ciapsadm> Access denied for user 'ciapsadm'@'localhost' (using password: YES)
<Ergo^> updating, hope all goes well :]
<uvirtbot> New bug: #288616 in tomcat6 (main) "Tomcat 6 fails to start during install" [Low,Invalid] https://launchpad.net/bugs/288616
 * nijaba loves new invalid bugs :)
<Koon> and I like old, just-invalidated things to appear as "New bug"
<Koon> uvirtbot needs the 100.000km revision.
<uvirtbot> Koon: Error: "needs" is not a valid command.
<Koon> yeah yeah, right
<Koon> you can run but you cannot hide.
<nijaba> :D
<uvirtbot> New bug: #291161 in bind9 (main) "nslookup: parse of /etc/resolv.conf failed" [Undecided,New] https://launchpad.net/bugs/291161
<brewmaster> anyone have any recommendations for shared hosting based in the US tri-state area?  the internet is so saturated with hosting companies...
<ciapsadm> Hi
<ciapsadm> How do I know that the user name of the database:
<ShawnR> I am trying to install ubuntu server 8.10 and when trying to format a software RAID 1, it goes right to 33% and stops.  I noticed that new in 8.10 are some software RAID enhancements (it installed fine when I put on debian etch a month ago)
<J-_> "Error: Configuration file missing and /var/www/wp-content directory (/var/www/wp-content) is not writable by the Web server." What should I do? Can I make it writable by the server and keep it secure at the same time so others can't write to it too?
<yann2> soren > my best guess about the bug is that the format virt install uses is very close to qcow2, but not *exactly* the same
<yann2> in other words, sometimes it will work, sometimes it wont... converting to qcow2 is a good thing to do
<yann2> I downgraded my KVM host to kvm-62 and all the tools with it, and will start putting some windows vms on prod :)
<HellMind> where is the netinstall ?
<HellMind> gusssssssssssss
<HellMind> Where can I get the smallest installer
<Wavesonics> hola. hey isn't 8.10 server suppose to be able to do software RAID? I can't find the others in the server install
<Wavesonics> others = option
<HellMind> Can I convert the regular ubuntu into a server one?
<tonyyarusso> HellMind: sure.  It's just a matter of installing server packages, and optionally, removing X and friends.
<HellMind> then chaging the repertories of apt will do the trick?
<tonyyarusso> You use the same repositories.
<Wavesonics> If I format my system with ext4, can Ubuntu install and run from it?
<Wavesonics> just point ubuntu at it during the install, not ask it to install
<tonyyarusso> I don't think ext4 is supported yet, no.
<tonyyarusso> You mightbe able to do it, but I don't know anyone who would recommend it or be able to tell you how.
<Wavesonics> but I'll be able to upgrade form ext3 to ext4 at a later point?
<Wavesonics> mkfs in 8.10 supports it *shrug*
<Wavesonics> mkfs.ext4
<tonyyarusso> Perhaps it is then.  Haven't really looked into it myself.
<Wavesonics> well il give it a try and let u all know
<Deeps> you may end up wiping your filesystem if you mkfs.ext4 on it
<greenfly> last I heard ext4 was still experimental
<Wavesonics> Linus promoted it from devext4 to just ext4
<Wavesonics> and Fedora has been using it for a while now
 * greenfly shrugs it's your data
<Wavesonics> ya idk
<Wavesonics> it's a clean drive ATM
<Deeps> wikipedia suggests that ext4 is officially stable as of october 21st
<greenfly> my recommendation is to stick with a more stable file system unless you have an express need for some feature in ext4
<Wavesonics> but a ext3 drive can be upgrade to ext4 with out formating it right?
<greenfly> dunno, ext2->ext3 was
<Deeps> A preliminary development snapshot of ext4 was included in version 2.6.19 of the Linux kernel. On Oct 11, 2008, the patches[4] that mark ext4 as stable code were merged in the Linux 2.6.28 source code repositories, marking the end of the development phase and recommending its adoption.
<Wavesonics> it's for a file server, so the extends in ext4 would be nice for my large files
<Wavesonics> ah cool
<Wavesonics> thanks Deeps
<greenfly> whether someone decided to call it stable or not I'd still be leery of something like that for important data until it makes the rounds a bit longer
<greenfly> but that's just me
<Wavesonics> i hear ya greenfly
<greenfly> if you have lots of large files XFS might be the best choice
<Deeps> and yeah, it's possible you can just mount -t ext4 on an ext3 fs
<Deeps> and then have the new features available to you
<tonyyarusso> Anyone know what the rationale was for choosing Bacula over Amanda?
<greenfly> cooler name?
<greenfly> halloween release?
<Wavesonics> Deeps, just that just mount it, or does it actually modify the FS to be ext4?
<Deeps> well, you can take an ext2 filesystem and mount it as ext3 to take advantage of journalling
<Deeps> and thus it 'becomes' ext3
<Deeps> http://en.wikipedia.org/wiki/Ext4#Backward_compatibility
 * Deeps shrugs
<Wavesonics> hhmmm
<Wavesonics> i guess my question is, does it physicaly modify the FS so it actually *is* ext4 there after
<greenfly> I thought you had to use mkfs on an ext2 partition to add journaling
<Wavesonics> ok
<Wavesonics> i got another question for yall :)
<Wavesonics> i just followed this tutorial with the live desktop CD ( http://www.howtoforge.com/install-ubuntu-with-software-raid-10 ) to set up my drive partitions for RAID 10
<Wavesonics> but the last bit of the tutorial is for Ubuntu Desktop
<Wavesonics> and I want to do Ubuntu Server
<Wavesonics> so how can I have the server install read my RAID10 array and install to it
<Wavesonics> the minimum size for my boot partition is 31 GB!
<slicslak> i don't think that some lamp related apps were installed right.  if I use tasksel to deselect LAMP and then select LAMP will my /etc configs remain the same?
<slicslak> nah, didn't touch them. pefrect
<tonyyarusso> I'd like to have some sort of versioning to keep track of changes to files in /etc and allow for rollback.  What are some of the options for accomplishing this?
<ajmitch> tonyyarusso: simplest one I know of is the etckeeper package
<tonyyarusso> ajmitch: hrm, seems reasonable.
<tonyyarusso> ajmitch: is it possible with that to say things like "restore $file to $day&time", or do you have to look up a version number manually
<tonyyarusso> ?
<jimcooncat> ajmitch: is etckeeper available for hardy?
<ajmitch> tonyyarusso: I have no idea :)
<tonyyarusso> 'k
<ajmitch> jimcooncat: looks to be in hardy universe
<jimcooncat> tonyyarusso: must be a way to do that with bash or perl
<jimcooncat> thanks ajmitch
<jimcooncat> it looks interesting. I'm trying to find a way to push configs out to other servers -- maybe make a metapackage with a postint that writes a custom config file?
<ajmitch> look at puppet
<ajmitch> again, I haven't used it, but have heard it's very useful
<jimcooncat> ajmitch: I've looked at it but can't grok it; I guess I'll install it and play
<lool> Hey; I wonder whether ubuntu-vm-builder --in-place should be creating any file in /tmp?  With verbose I see: 2008-10-30 21:58:24,859 INFO     Creating disk image: /tmp/vmbuilder6rA6Qe/disk0.img
<lool> So it would seem like --in-place is ignored?!
<ogra> well, the .img is in a place :)
<uvirtbot> New bug: #291265 in nagios-plugins (universe) "Buffer overflow in check_ntp_peer - Nagios can't check time servers in Intrepid" [Undecided,New] https://launchpad.net/bugs/291265
<lool> Hmm there's little difference between vmbuilder and ubuntu-vm-builder
<lool> --help output are quite similar, but not identical and the contents of the wrapper as well
<lool> But there's no man page for ubuntu-vm-builder
<ogra> how does it pass lintian then ?
<lool> ogra: It passes lintian?
<ogra> no idea, i thought its in main
<ogra> it should pass lintian :)
<lool> In my experience, lots of stuff in main is far from passing lintian :-(
<lool> ogra: Do we have an ubuntu wide lintian instance?
<ogra> no
<ogra> i check my packages from time to time
<ogra> and i'd expect others to do that too
<ogra> but indeed i might assume to much :)
<lool> I run lintian on every build; I don't always fix stuff which I didn't break
<tonyyarusso> My package has somehow ended up broken due to changes in its dependencies when the package itself is identical.  That's a bit annoying.
<ajmitch> lool: only documentation I can see on it is in the server guide & the wiki
<ShawnR> i've checked the MD5 of the iso, even burned at like 12x and on 3 diff drives, the CD does not pass the CD check, what gives?
<dekkong> Hello everyone
<dekkong>  I have a friend that wants an good linux server distribution, he wants to run a dc++ hub, teamspeak server, good firewall what would your recommend?
<hads> You're in the ubuntu-server channel :)
<dekkong> hads: talking to me? :)
<hads> Indeed
<dekkong> hads: yeah i know I just need som opinions :)
<ShawnR> i think most opinions in here, would point to ubuntu server
<dekkong> ShawnR: yes i'm downloading it atm
<ogra> well, indeed you will get great reputation for rh enterprise server or SLES here :P
<ShawnR> burning an ISO at 8x makes me wonder how we ever got through the late 90s
<spiekey> hi
<spiekey> could anyone please help me with this dep problem please? http://pastebin.com/m53e18cf9
<spiekey> i seem to run around in a circle
<dekkong> ok .. but this is how it goes ... a friend of mine wanted a linux server so he could use it as a "firewall" and that he could host dc++ server, teamspeak server
<ShawnR> i didn't know DC++ was still going
<hads> All Linux distributions use iptables so the firewall part is moot
<ShawnR> i ran a TS server on a 500mhz celeron running Win 2k Pro.... any of those services you ask for, pretty much will run on any box
<ShawnR> so it kinda depends on what you wanna play with
<ogra> http://doc.ubuntu.com/ubuntu/serverguide/C/firewall.html
<spiekey> i keep geeting; W: GPG error: http://de.archive.ubuntu.com gutsy-updates Release: The following signatures were invalid: BADSIG 40976EAF437D05B5 Ubuntu Archive Automatic Signing Key <ftpmaster@ubuntu.com>
<spiekey> any idea how to fix this?
<Paulrf> Anyone know a fix for the Intel GV910GL video issue with the 8.10 upgrade?
<soren> What issue might that be?
<Paulrf> Video was working fine - all generic linux drivers...
<Paulrf> Installed 8.10 and now video is corrupt...
<andol> spiekey: Usually that's just temporay, as the mirror updates. Still, I guess you could test what happen if you use another mirror?
<Paulrf> From on another channel, issue seems to be typical with intel drivers
<soren> Paulrf: When you say "video is corrupt"... What do you mean, exactly?
<Paulrf> Login prompt is at very top of display, but X starts.
<Paulrf> After you log in, display is in 3 vertical sections, about 1/3rd each.
<soren> How is this related to ubuntu server?
<Paulrf> Perhaps it isn't, other than the fact that I'm running ubuntu server
<Paulrf> is there a better channel?
<soren> #ubuntu sounds like a good place.
<soren> " For general (not server specific) support visit #ubuntu "  <---- from /TOPIC
<Paulrf> Okay.. I was trying to avoid them - the scroll is so fast, they didn't even see my message
<Paulrf> sorry..
<Paulrf> thanks
<soren> Contrary to popular belief, that doesn't magically make things on topic in other channels..
<ajmitch> beer does...
<ajmitch> at least that seems to be the rule on the NZNOG mailing list :)
<soren> Hrm... Yes, that might be true :)
<zul> soren: you missed yesterday when someone on #ubuntu-server asked how to be unbanned from the #mandrake channels
<_Desp> hi all
<_Desp> I just upgrade to Ibex and I got that error:
<_Desp> apache2: Syntax error on line 185 of /etc/apache2/apache2.conf: Syntax error on line 1 of /etc/apache2/mods-enabled/perl.load: Cannot load /usr/lib/apache2/modules/mod_perl.so into server
<_Desp> apache2 looking for libperl.so.5.8 and Ibex upgraded this libperl to libperl.so.5.10
<_Desp> any ideas please ?
<_Desp> hrmmmmm
<_Desp> is it a bug ?
<_Desp> 130 users just idle here huh
<andol> _Desp: Well, if I were to guess...
<andol> _Desp: It's an upgrade an not a clean install? Perhaps some old, not entirely compatible, configuration which remains. Tried purging and reinstalling mod_perl?
<andol> _Desp: Anyhow, I just installed mod_perl2 on my intrepid computer, and apache didn't seem to have any trouble loading it.
<tonyyarusso> Has anyone used Untangle, and if so how does it compare to Ubuntu with eBox (or something else)?  Someone I work with is planning to use Untangle for ease of administration, but I haven't messed with it or the other server pseudo-GUIs before.
#ubuntu-server 2008-10-31
<CarlFK> if I want to sample sound from a sound card using alsa, what .deb to i install?
<mynous> how can you view your NIC settings on a remote server?
<tonyyarusso> ssh to it
<mynous> just ssh'ing to it doesnt give me the NIC settings
<tonyyarusso> Then ifconfig, like you would locally.
<mynous> tonyyarusso: im looking form the speed and duplex setting of my NIC
<tonyyarusso> mynous: hmm, I'm not aware of a built-in way of getting that.  You may need to use a network monitoring utility of some sort.
<mynous> ahh
<mynous> i know ethtool to set it but i wanted to check and see what it was set at
<tonyyarusso> can ethtool do a dump of current settings?
<mynous> im not sure
<tonyyarusso> sudo ethtool DEVICE maybe
<mynous> would that be the EEPROM?
<tonyyarusso> (although that gives me "Unknown!" in both fields here)
<mynous> ahh, thats it
<mynous> ty
<mynous> for some reason it doesnt seem like its running full duplex
<CarlFK> dpkg-shlibdeps: failure: no dependency information found for /usr/lib/debug/libm.so.6 (used by debian/transcode/usr/lib/transcode/filter_levels.so
<CarlFK> how did that happen?
<CarlFK> trying to build transcode same way I have alwas done it.  and that magically happened
<CarlFK> lets see if this changes it: unset LD_LIBRARY_PATH
<Wavesonics> god i wish some one could help me... I'm setting up a RAID 10 array with 4 disks, each disk as 2 partitions on it, 1 encrypted (for swap) and 1 set up for RAID10 by mdadm, and 1 disk as a standard ext3 /boot partition. I installed just fine to the RAID10 md0 device, but when I try and boot, the first encrypted swap partition is decrypted fine, and then the md0 encrypted RAID10 device is "not found"... How can I make it recogni
<Wavesonics> ze my multi-disk device?
<antdedyet> Hmm.
 * antdedyet is on the search to find out why apt can't authenticate some packages
<antdedyet> ... in ibex
<Wavesonics> anyone who is interested, please take a look and vote up: http://brainstorm.ubuntu.com/idea/15043/
<Wavesonics> in 8.10, how do I enable apache user directories?
<tonyyarusso> Wavesonics: http://httpd.apache.org/docs/2.2/howto/public_html.html
<Wavesonics> <tonyyarusso> thanks
<Wavesonics> if I want to have a user able to edit /var/www what group should I put him in?
<tonyyarusso> Wavesonics: www-data, and double-check that there are write permissions for the group.  (I think so, but haven't looked lately)
<Adam_> <tonyyarusso> i added my user to that group: usermod -G www-data username
<Adam_> but i still can't modify /var/www
<tonyyarusso> what are the persmissions on /var/www?
<Adam_> hhmm
<Adam_> 1 moment, installing SVN :/
<Adam_> drwxr-xr-x 3 root root
<Weasel[DK]> is there a lilo guru in here ?    my server hangs at boot. probably after kernel upgrade. it says "LILO 22.8 Loading Linux" anda a lot of "." (dots), after 2lines it stops. Its Hardy with LVM
<Weasel[DK]> can i enable debug output somewhere
<soren> Weasel[DK]: Can you boot an older kernel?
<Weasel[DK]> soren, nahh i tryed to edit the lilo.conf and set default kernel to "LinuxOLD", but the same result
<soren> Weasel[DK]: How did you get to edit lilo.conf if you can't boot?
<Weasel[DK]> soren, rescue boot from the CD... ;)
<soren> Weasel[DK]: I see.
<soren> Weasel[DK]: Could you try adding "large-memory" to your lilo.conf and try again?
<soren> (of course you need to run lilo after changing the config)
<Weasel[DK]> soren, just a line at the top ?
<soren> Weasel[DK]: Something like that, yes.
<soren> Weasel[DK]: As long as it's not in one of the kernel stanzas.
<soren> And you're sure you're correctly rerunning lilo?
<Weasel[DK]> soren, nahh i just noticed that inside lilo.conf there is a boot=/dev/sda
<Weasel[DK]> i use lvm
<soren> That's fine.
<Weasel[DK]> ok
<soren> boot=/dev/sda means that it'll install the bootloader on the mbr of /dev/sda
<Weasel[DK]> soren, when runing lilo i get -> fatal device-mapper: mapped boot device cannot be on multiple real devices
<soren> Weasel[DK]: And you didn't before you added large-memory?
<Weasel[DK]> did't put in the memmory stuf yet... struggeling with vi... im used to vim ;)
<soren> Ah :)
<soren> So you're in a chroot? You have /proc mounted and all that?
<soren> And /dev bind-mounted?
<Weasel[DK]> i am booting from the install cdrom in rescue mode, runing mount shows that my LVM volume is the root
<Weasel[DK]> had to be some kind of chroot env.
<Weasel[DK]> has*
<Weasel[DK]> soren, what do oyu mean by "And /dev bind-mounted"
<soren> Weasel[DK]: Do you have e.g. /dev/mapper/control ?
<Weasel[DK]> soren, nah i have /dev/mapper/root-lv_root which is the rootfs
<soren> Ok, that's fine.
<soren> I'm still a bit confused. You said you tried setting the default to LinuxOLD... So running lilo back then worked, but not now?
<soren> Or did you forget to run lilo back then?
<Weasel[DK]> soren, it allways where like that no matter what kernel i choose
<soren> Weasel[DK]: What is root set to in your lilo.conf?
<Weasel[DK]> opps
<Weasel[DK]> soren, my notebook lost power :(  sorry
<soren> No worries.
<Weasel[DK]> im back now did i miss anything ?
<soren> 07:47:34 < soren> Weasel[DK]: What is root set to in your lilo.conf?
<Weasel[DK]> /dev/mapper/root-lv_root
<soren> Weasel[DK]: Oh, that's not going to work.
<soren> Weasel[DK]: I presume you have a /boot partition ?
<Weasel[DK]> soren, no its LVM all way
<soren> Has this ever worked?
<Weasel[DK]> yeah sure ;)
<soren> I didn't t hink the installer would let you do that.. :/
<Weasel[DK]> until yesterday... i suspect the kernel update to be the reson but i dont know
<Weasel[DK]> soren, well i also wondere why it was using LILO, the default is grub. maby LILO is better than grub for LVM ???
<soren> grub will not work at all. lilo might have a chance.
<soren> Do you have multiple disks?
<soren> Is it possible that your root volume is spread over multiple pv's?
<Weasel[DK]> yeah, 3 disks with 2 LVM partition om each 1 for root one for swap
<soren> By "LVM partition" you mean physical volume?
<Weasel[DK]> sda1 +sdb1 + sdc1 = root-lv
<soren> Oh.
<soren> That will *definitely* not work.
<soren> :)
<Weasel[DK]> it has worked ;)
<soren> It might have worked at some point.
<soren> If the kernel is now spread across multiple pv's, you're screwed.
<soren> (or the initrd)
<Weasel[DK]> ahh....
<Weasel[DK]> crap
<Weasel[DK]> so you are saying.... put an IDE drive in and put /boot and bootloader on that ?
<soren> Either that or shrink one of your pv's on your /dev/sda and put it there.
<soren> ...and next time do yourself a favour and make sure to have a boot partition.
<Weasel[DK]> soren, ill do that for sure !
<kraut> moin
<Weasel[DK]> soren, ok, ill try to shrink sda1..
<Weasel[DK]> soren, Thank you very much for the help :)
<soren> Weasel[DK]: Oh, don't just shrink sda1.
<soren> Weasel[DK]: You need to pvresize the data first, *then* shrink the partition.
<Weasel[DK]> soren, yes ofcourse... orelse im in "real" trouble" ;)
<soren> Weasel[DK]: Yeah. Just wanted to make sure you knew :)
 * soren takes a break
<mvo> does anyone has a idea what might cause "Setting up landscape-common (1.0.23-0ubuntu0.8.10.1) ...^M
<mvo> Your account has expired; please contact your system administrator^M" (bug #291334)
<uvirtbot> Launchpad bug 291334 in pam "package update-manager 1:0.93.32 failed to install/upgrade: ErrorMessage: SystemError in cache.commit(): E:Sub-process /usr/bin/dpkg returned an error code (1)" [High,Triaged] https://launchpad.net/bugs/291334
<mvo> I have seen that in other reports as well
<mvo> (not many though)
<bugfixes> hello all
<hads> mvo: Sounds like the root account has expired.
<hads> I'm not sure of the correct way to do it but you can fix it by editing /etc/shadow
<mvo> hads: thanks, I saw it in some bugreport while doing triage on udpate-manager and wonder what is the best way to avoid this kind of error and how it happend
<hads> I'm not sure, I've seen it on VM's created with ubuntu-vm-builder
 * soren nods
<soren> u-v-b for a while created locked root accounts.
<soren> :(
<mvo> oh, thanks. I will ask about that
<soren> mvo: ...but it's a certainly a bug that a locked root account makes chfn fail, IMO.
<mvo> ok, I reassign to pam
<Weasel[DK]> soren, i reduced the filesystem on LVM then reduced with lvreduce and did a pvresize now fdisk still says the ther are no free sectors ?
<Weasel[DK]> what did i forget ?
<soren> Weasel[DK]: To resize the partition that holds the pv.
<soren> mvo: Hm... It seems to happen in Hardy as well.
<mvo> soren: with ubuntu-vm-builder? or in genral?
<soren> mvo: I mean chfn failing if the root account is locked.
<soren> I thought that was a side effect of the changes we made to the pam config in Intrepid.
 * mvo nods
<uvirtbot> New bug: #226369 in ubuntu "VFS Not responding error on shutdown (dup-of: 211631)" [Undecided,New] https://launchpad.net/bugs/226369
<uvirtbot> New bug: #291186 in dnsmasq (universe) "disabling dnsmasq in /etc/default/dnsmaq disables init.d script" [Low,Confirmed] https://launchpad.net/bugs/291186
<carbon_monoxide> any hardy backport repo for mono-runtime?
<carbon_monoxide> i want newer version of mono-runtime
<Wavesonics>  
<Wavesonics> I think i somehow screwed up my account's permitions :( The main account I created during instal can no longer sudo, any ideas?
<soren> Weasel[DK]: Any luck?
<Weasel[DK]> soren, nahh the phone keeps ringing.... :(   ill let you know soon... i hope
<soren> Weasel[DK]: :)
<Weasel[DK]> soren, at last.... ;) do you have an advise for resizeing the physical partition on sda.... i have bootet an knoppix 5.1 with qtparted, but it does not seem to be up for the job
<Weasel[DK]> soren, this parted does not know partitions types of  LVM ?
<soren> Weasel[DK]: what I usually do is this:
<soren> Say I have a pv of 100GB, and I want to downsize it to 80G. I start by resizing the pv to something well below 80G (say 75G).
<soren> ...then I reduce the partition size to 80G. Depending on the tool at hand, this might involve removing the partition and creating it again. This feels scary, but make sure the starting cylinder is the same, and you'll be fine.
<soren> Then I use pvresize again to grow the PV to the full size of the partition.
<soren> Before that last step, I probably reboot, though.
<soren> ...but that's pretty much the process I use. It's a bit more involved than it has to be, but I prefer to err on the side of caution.
<Weasel[DK]> soren, ok, but i think i messed up, if i do a pvdisplay the sda1 i was working on is way too big. Data seems still to be ok.
<Weasel[DK]> bigger than the entire disk
<soren> Weasel[DK]: With pvdisplay? umm..  Do you still have the command line you used?
<Weasel[DK]> soren, no but i should be able to set it at the same size at the other disks... the are identical
<Weasel[DK]> well a bit smaller... verything should have been shrinked from the top
<Weasel[DK]> *everything
<soren> Weasel[DK]: Yeah, i'm jus curious how it happened.
<Weasel[DK]> soren, i guess i typed the size of the whole lvm group instead of the disk. It matches the size. on the other hand that would be clumsy to do so ?
<willwill> hello, I installed suphp but phpmyadmin does not work. I then enable mod_php5 (suphp still enabled) and phpmyadmin worked but my script does not run as my user
<willwill> I tried to comment all lines in /etc/apache2/mods-enabled/php5.conf and it still assign itself to .php
<stewils> hi.  i'm mid way through an ubuntu update.  ssh'd into the sever to do it and lost connecgtion mis way.  any way to get the session back
<soren> No.
<stewils> :(
<stewils> bugger
<stewils> so start the install process again?
<henkjan> next time, start your upgrade in screen
<stewils> yeah :)....live and learn
<soren> Yes. It might pick up around where it left off, though.
<stewils> ok
<stewils> i'lll get off and do that then.  thanks
<Frozen-Solid> thanks i thought it might be quieter in here - it's really hard to kepe an eye on the other chat while at work with distrcations
<Frozen-Solid> okay so this alternate cd thing... i'm assuming that's just download latest version, burn iso, and mount like normal?
<Frozen-Solid> i've been on an rpm-based distro at home for years, this is my first time dealing with apt
<ScottK> Frozen-Solid: Are you installing a server?
<Frozen-Solid> yeah
<Frozen-Solid> running on a blade center
<Frozen-Solid> ubuntu se blows my mind in how awesome it is on our new environments
<ScottK> Generally you boot the CD on the machine you intend to install on.
<Frozen-Solid> we gt the install done... i'm looking into how upgrading works
<Frozen-Solid> we built our new systems on 8.04... and then 8.10 came out so i was charged with finding out hte best ways to upgrade with least amount of downtime and least invasive
<ScottK> Oh.
<ScottK> You don't need a CD for htat.
<komotheit> What I usually do, is set the Alternate CD as a repository
<ScottK> sudo do-release-upgrade should fire it off
<komotheit> And do the apt-get distro upgrade
<Frozen-Solid> komotheit was talking about using an alternate cd, so that's what i was asking about
<mvo> make sure you edit /etc/update-manager/release-upgrades is set to "normal" - because hardy is a lts it will not upgrade to a non-lts release by default
<mvo> upgrades via the alternate cd are possible as well, but the upgrade should work fine over the net
<Frozen-Solid> is it generally recommended to stick to lts editions, rather than the fall reelases?
<mvo> depends on your use-case :)
<mvo> if you want the long support then lts is certainly a good choice, if you want (or need) the latest stuff then upgrading is probably a good idea
<komotheit> Well, unless you need something only offered in a new version, its best to stick to LTS releases
<Frozen-Solid> we're not sure our use case yet... we're migrating from an ancient novell netware 6.5 web server setup
<ScottK> Frozen-Solid: ^^^ wrote the upgrade tools, so you are getting advice directly from the best expert.
<Frozen-Solid> oh cool
<komotheit> I didn't upgrade yet, I'm snooping around tech support chat/forums to get an idea of issues from upgrades
<Frozen-Solid> we're not doing a support contract yet, but it's something we may look into in the future... depends on how well we manage this new setup ourselves. I was just getting a feel for how upgrades should be looked at, because noene of us have done linux in such a live environment before
<Frozen-Solid> so way for april. apt-get distro upgrade should be safe - does ubuntu require a full restart after an upgrade like that because of the new kernel?
<Frozen-Solid> s/way/wait
<ScottK> Frozen-Solid: For going from release to release, do-release-upgrade is recommended because it often has special processing to deal with known issue.
<komotheit> Since you're running a server, I wouldn't know. I'm running a desktop environment, I probably would need a restart unless I would shut down X-server before upgrading
<ScottK> Frozen-Solid: You do have to reboot.
<ScottK> Because of the new kernel.
<Frozen-Solid> okay thought so
<Frozen-Solid> i need to remember do-release-upgrade. *makes note*
<Frozen-Solid> while this hsouldn't happen, say network goes down... ubuntu's server's go down... something odd happens during an upgrade... what kinda safty procautions do i need to make?
<ScottK> Frozen-Solid: You should always back up important data.
<komotheit> Was going to say that too :P
<Frozen-Solid> yeah i know that much, i meant specifically from a ubuntu se perspective
<ScottK> If you lose power on a half upgraded system, it's possible that it could be in an odd state, but generally would be bootable/fixable.
<Frozen-Solid> like, if the network goes down, can i just rerun do-release-upgrade again and it can recover? or what happens
<ScottK> Should work.
<ScottK> Just don't reboot a half-upgraded system.
<Frozen-Solid> losing power would be pretty much impossible on this server
<ScottK> Generally it's pretty straight fowared.
<Frozen-Solid> cool
<Frozen-Solid> i tend to do much more invasive upgrades on my home systems... full format cept for the /home partition, reinstall from scratch
<Frozen-Solid> obviously i dont' want to do that here
<ScottK> There's generally no need for that.
<Frozen-Solid> i use Mandriva at home, it's not quite as "neat" of an upgrade as ubuntu seems to have
<ScottK> I've only ever had to reinstall after doing experiments I knew were risky.
<Frozen-Solid> and it feels nice starting fresh
<ScottK> Upgradability is one of the key features of Debian based systems.
<Frozen-Solid> yeah that's why we chose Ubuntu SE. so far i'm VERY impressed from a server perspective
<Frozen-Solid> it's "easy" but it still expects you know what you're doing and doesn't hold your hand. i really appreciate how it's setup
<Koon> mathiaz: I have been considering revisiting https://wiki.ubuntu.com/ImproveSSLCert for Jaunty... what is your position on that spec ? Something you want to do yourself, something you want someone to do...
<Fenix|work> Good morning
 * ScottK points Frozen-Solid to http://ubuntukids.org/blog/?p=117
<Fenix|work> I have a question that I hope someone has an answer to
<Weasel[DK]> soren, i changed my angle of attack a bit... i now removed one of my swap partitions, re-formated it for ext3 and copied the old /boot into the partition.
<mathiaz> Koon: I don't really have strong opinion on doing it myself.
<Frozen-Solid> haven't used ubuntu desktop yet... i'm kinda aattached to my mandrake i've used for 10 years
<mathiaz> Koon: if you have more ideas, please add them to the spec.
<soren> Weasel[DK]: Heh. That should certainly work, too.
<Weasel[DK]> edited fstab, now i have trouble with lilo again
<soren> Weasel[DK]: You need to adjust lilo.conf accordingly.
<Koon> mathiaz: ok :)
<Fenix|work> I'd like to make a bootable DVD of my install so if a HDD or two decide to screw the pooch, I can stick in this bootable DVD and restore my system to a working state, then restore the most up-to-date stuff from backup
<Fenix|work> anyone with any ideas?
<ScottK> Frozen-Solid: Right, well I've never actually used Ubuntu on the desktop for more than a minute or two myself.  Kubuntu (KDE) is my thing.
<Frozen-Solid> lol excellent post scott
<Frozen-Solid> I'm a big Gnome fan... but the fact that ubuntu seems to pick one distro to base it's installs around (kubuntu vs ubuntu) rather than give you abit of everything like i'm used to with mandriva keeps me off ubuntu/kubuntu
<Weasel[DK]> soren, can you tell me how to set those options... i tried diffent things bu i always get : Fatal: Trying to map files from unnamed device 0x0010 (NFS/RAID mirror down ?)
<Frozen-Solid> i use gnome, but a lot of KDE software on it (K3B, Amarok, Kaffeine) as opposed to the gnome counter-parts
<ScottK> Frozen-Solid: They are both in the same repository, so you can certainly install whatever KDEish bits you want.
<komotheit> That's what I did
<Frozen-Solid> yeah... mandriva just does it all though, so it's hard for me to go for a switch
<komotheit> I'm a fan of klipper :)
<ScottK> Myself I like having a common core system so I only need to know one.
<Frozen-Solid> i'm also attached to my root user and it feels rong not being able to log into my good ole root on ubuntu
<soren> Weasel[DK]: Let me think..
<ScottK> That's easy enough to enable if you want it.
<Frozen-Solid> s/rong/wrong
<Frozen-Solid> i'm sure i'll swithc and try ubuntu soonish. mandriva's starting to show it's bloat
<Frozen-Solid> i need to look into ubuntu install on a Novell Netware network, i haven't checked if the novell client is on the apt-get repos yet
<Frozen-Solid> thne i'll totally switch for work purposes
<soren> Weasel[DK]: What is boot and root set to?
<Frozen-Solid> thanks for all your help, i gotta meeting to go to so.
<Weasel[DK]> soren, boot=/dev/sda      boot is only in the append line and says /dev/mapper/root-lv_root
<Weasel[DK]> the new boot is on sda2
<Weasel[DK]> soren, right now i have booted knoppix, mounted the rootfs and mount the new boot into that
<komotheit> Frozen-Solid: Take care and good luck on your upgrades! :)
<soren> Weasel[DK]: I wish I had a box with a similar setup so that I could be more sure..
<soren> Weasel[DK]: I keep forgetting how much stuff lilo works out on its own.
<soren> Weasel[DK]: If you run lilo now, what happens?
<Weasel[DK]> soren, i run lilo -C /mnt/root/etc/lilo.conf
<Weasel[DK]> and it responds with     Fatal: Trying to map files from unnamed device 0x0010 (NFS/RAID mirror down ?)
<soren> Weasel[DK]: oh, do this:
<soren> Weasel[DK]: lilo -r /mnt/root
<Weasel[DK]> soren, Fatal: raid_setup: stat("dev/sda")
<soren> Weasel[DK]: sudo mount --bind /dev /mnt/root/dev
<soren> Weasel[DK]: And try again.
<Weasel[DK]> soren, i get some complaints but at the end i says Added Linux and LinuxOLD
<Weasel[DK]> should i give it a try
<soren> Go for it :)
<Weasel[DK]> soren, IT IS BOOTING.... !
<Weasel[DK]> soren, you are my hero
<soren> Weasel[DK]: I accept beer deliveries. http://www.Ã¸ltorvet.dk/ for your clicking pleasure :)
<soren> Weasel[DK]: Make sure you check that lilo runs as expected in the running system.
<Weasel[DK]> soren, seems to be ok
<soren> Fantastic.
<Technoviking> hello
<Technoviking> I'm using 12 GB of ram on a 32bit version of Ubuntu 8.04.1 Ubuntu Server
<Technoviking> Someone is worried that even with PAE you can't assign 9-10GB to one process, because that
<Technoviking> "overflows size_t"
<soren> Technoviking: Well..
<soren> Technoviking: The explanation is not entirely accurate, but the problem is real.
<soren> size_t is mandated by the hardware, and it happens to be 32 bits, which limits you to 4 GB of addressable memory.
<Technoviking> so even with PAE, you can not use more than 4 GB for a process/app PostgreSQL for example
<soren> Technoviking: That's correct.
<Technoviking> soren: thank for clearing that up for me
<Weasel[DK]> soren, PM me your delivery address or do you live near by ?
 * Weasel[DK] promised his family a trip to Bilka... so c u later.
<soren> Weasel[DK]: Other end of the country, unless I'm much mistaken. Aalborg, specifically.
<CRELOUR>  hi
<jtmoney> hello, guys... 2 x 1 TB drives just got here, and i'm reading up on setting up RAID-1 in ubuntu server... can someone tell me how i can determine if dmraid now supports error handling? the fakeRAIDhowto isn't very clear... https://help.ubuntu.com/community/FakeRaidHowto#RAID-1%20Notes
<Rubin> jtmoney, i would guess that it is not in there
<jtmoney> heh okay
<jtmoney> but how can i find out definitively?
<Rubin> jtmoney, i'd try to find a site for the author of the patch that enables it, and see if they have any kind of info about it
<Rubin> or you could go through the kernel package and try to figure out what patches they have applied etc
<lukehasnoname> I see Ubuntu Server has an ad running on the Ubuntu home page
<lukehasnoname> props to the person who got that ball rolling
<Rubin> wasnt there something on slashdot yesterday about ubuntu loosing money but if server takes off for a couple years they will be in the black?
<lukehasnoname> I wouldn't doubt CANONICAL is losing money right now, but they have a lot of it, so their demise is not imminent. A takeoff of their server OS and the support that businesses would buy for it would really help the company, though.
<Rubin> thats what the article said, almost exactly.
<Fenix|work> can I resize an ext3 partition on the fly?
<ScottK> IIRC Canonical has not made a secret of being in the red nor not being particularly worried about it.
<Fenix|work> Greetings!
<Rubin> i think he said he'd continue to fund it for 5 years
<Rubin> Fenix|work, no
<Rubin> Fenix|work, that kind of thing is reserved for 'real' filesystems, like advfs :P
<Fenix|work> How long does an offline resize take?
<Rubin> if its not heavely fragmented i'd guess it doesn't take very long
<Rubin> course depends on your hardware
<Rubin> are you making it bigger or smaller?
<lukehasnoname> 5 years for ubuntu losing money before MarkS turns off the tap? It sounds like a long time, but it will be here before we know it. I'm sure profitability is in their sights.
<Fenix|work> I have a 458GB partition that I'd like to lop off 58GB and make another partition
<Rubin> lukehasnoname, 13.04 could be the last version :P
<Rubin> Fenix|work, that could take quite a while
<lukehasnoname> Rubin: heh
<Rubin> i did that a while ago to break /home into its own, but i didnt time it or anything
<Fenix|work> Rubin, it's a production web/ftp server and the previous admin failed to make web and ftp separate
<Rubin> completed it in an evening if i recall
<Rubin> Fenix|work, clone it, do the change on the other one, swap the IP over
<Rubin> or add another hard disk :P
<Fenix|work> for that matter, he failed to move web and ftp out of the system partition
<Fenix|work> so everything is lumped into /dev/sda1
<Rubin> yeah lame.
<Rubin> hard disks are cheap though. juts add another
<Fenix|work> hard disks may be cheap, but servers aren' t:)
<Fenix|work> I don't have a spare to swap to
<Rubin> psh. real production setups have hot spares or failover pairs :P
<Fenix|work> Rubin, real servers use hardware raid and the OS can't see hot spares :)
<Rubin> no i mean whole spare systems
<lukehasnoname> BTW I just read about the installation-time server profile of "Virtualization Host"
<lukehasnoname> totally awesome
<Fenix|work> ooh, well in that case I don't have a real production server :)
<Rubin> Fenix|work, then they can handle some down time :P
<Fenix|work> corporate website may not handle downtime well with marketing and execs
<lukehasnoname> five nines
<Fenix|work> how does one check the fragmentation of a partition?
<Rubin> Fenix|work, then they should spring for a real setup with failover and/or hot spare servers :P
<Rubin> uptime costs money
<Fenix|work> yes, yes it does
<Fenix|work> but that still doesn't solve my more immediate problem :)
<lukehasnoname> Rubin: What's the problem with software raid? For a SMB server, wouldn't software raid do alright?
<Rubin> lukehasnoname, there are several problems with it, but it does alright yes.
<Rubin> it doesnt handle errors very well, as you noticed. its slower than hardware raid, etc
<Rubin> but if a disk full out fails, your golden after a reboot (and maybe unplugging it worst case)
<Rubin> i run a mirror lvm setup on my home server
<lukehasnoname> gentoo4life, lol
<r00tintheb0x> Hello all, if I have 6x147GB SCSI drives in a RAID6 array... what would be my total available space?
<r00tintheb0x> Or could someone give me a rule of thumb to calculate RAID space in general?
<r00tintheb0x> Sorry, my client crashed.
<r00tintheb0x> If anyone responded to my question, could you please re-respond.
<r00tintheb0x> :)
<jtmoney> hey guys, recently purchased 2 x 1 TB drives for a file server... it seems like fakeraid (through dmraid) is in its infancy and has poor error reporting... i'm too paranoid that i would screw something up if i used softraid... would it make sense at this point just to use rdiff or something similar to copy files from one partition to another?
<jtmoney> seems like there's no good answer
 * antdedyet dwindles in the fun that is email delivery
<trashguy> i has 8.10
<r00tintheb0x> Hello all, if I have 6x147GB SCSI drives in a RAID6 array... what would be my total available space?
<r00tintheb0x>  Or could someone give me a rule of thumb to calculate RAID space in general?
<Deeps> raid6 - you 'lose' 2 disks worth of space for parity data
<Deeps> raid5 - you 'lose' 1 disks worth of space for parity data
<kirkland> ScottK: hi, i have a couple of dumb mail server questions ...
<ScottK> OK
<maswan> raid10, you lose half of the space for parity data
<Deeps> r00tintheb0x: you can potentially 'lose' more disks if you factor in that it's sometimes smart to have a 'hot spare' as well
<kirkland> ScottK: i simply want an ubuntu system to accept incoming mail, and if there's a local user matching the address, use his .forward file
<kirkland> ScottK: so machine, "foo", dustin@foo address, with a .forward file pointing to gmail or some such
<ScottK> OK, so no actual local delivery?
<kirkland> ScottK: i've got mail to dustin@localhost actually working
<ScottK> OK.
<kirkland> ScottK: right, no local delivery
<kirkland> i think i just need some magic to accept traffic from outside, perhaps?
<ScottK> Do you need to use actual .forward files or is that just the effect you want?
<ScottK> kirkland: I assume you're using Postfix?  Please pastebin the output of postconf -n
<kirkland> ScottK: yes, postfix
<kirkland> ScottK: .forward is the effect i want, if it can be configured differently, that's cool too
<ScottK> I do this with virtual alias domains.  It's pretty easy.
<kirkland> cool, let me pastebin that for you
<kirkland> ScottK: http://pastebin.ubuntu.com/65346/
 * ScottK looks
<ScottK> kirkland: foobar.com is your actual domain you want mail from or the machine's hostname?
<kirkland> ScottK: i just sed-replaced that
<ScottK> Yeah.  I figured.
<ScottK> For virtual alias domains, here's what I have ...
<ScottK> virtual_alias_domains = example.com (note that it should not be listed in mydestination.
<ScottK> Then I have virtual_alias_maps = hash:/etc/postfix/virtual
<ScottK> This is all in main.cf BTW
<kirkland> right
<ScottK> That map has entries like example.com Whatever (need that, it doean't matter what's on the right side)
<ScottK> scott@example.com scott@example.org
<ScottK> etc.
<ScottK> Then in smtpd_recipient_restrictions I have check_recipient_access hash:/etc/postfix/somename
<ScottK> somename has postmaster@example.com permit
<kirkland> gotcha
<ScottK> That can be permit, reject, or dunno
<ScottK> So the virtual table says where it goes.
<kirkland> right
<ScottK> the check_recipient_access does your recipient validation.
<kirkland> let me give that a shot
<ScottK> Don't forget to postmap or postalias your table.
<ScottK> s
<kirkland> so no dovecot required at all for this, then?
<ScottK> Nope.
<kirkland> good
<ScottK> You do this all in the MTA.
<kirkland> right, i was hoping so
 * ScottK needs to run out.  Back later if you have questions.
<ScottK> There's a good REAME on virtual stuff on postfix.org too.
<ScottK> That's pretty much straight out of it.
<kirkland> ScottK: awesome, thanks for your help
<ScottK> You're welcome.
<ShawnR> for a single user (PC sitting in my house) is there any real benefit to using a non-root login? (it seems like a pain to have to sudo everything)
<trashguy> i su in to root
<trashguy> im used to freebsd so it seems sane to me
<ScottK> trashguy: If you want to do that, use sudo -i.  It gives you a slightly more sane environment.
<ShawnR> on my debian install, i just logged in as root all the time, i know for multi-admin users, it's better to not have one ROOT that everyone/anyone uses, but for a home/personal use, i didn't know if there were any real security flaws
<trashguy> ScottK, root is sane for me
<kirkland> ShawnR: i find it keeps me from stepping on my own ... feet
<ScottK> trashguy: sudo -i gets you a root prompt.
<trashguy> ShawnR, there are program like irc i wouldnt run as root
<ShawnR> yeah, that is true
<ShawnR> but for administration
<ShawnR> i'll run many programs as not root, but for configuring everything... i mean, i couldn't even make /downloads without having to sudo... then i had to sudo chmod it to allow myself write access
<trashguy> these are good things
<ShawnR> oh?
<trashguy> well
<trashguy> im all for having to do extra steps to promote secure methods ^^
<ShawnR> i would be, too... but is it really any more secure than me having a password on the root account?
<trashguy> if you need to do a bunch of admin stuff you can sudo -i or su
<ShawnR> i won't be running services as root, just configuring things as root
<ShawnR> hmm
<trashguy> then use sudo -i
<ShawnR> maybe i'll try and get in the habit of doing that
<ShawnR> i guess part of me just loves the idea of logging in as "root"
<trashguy> it just t hrows you in a root prompt
<ShawnR> root@WOPR:~# just looks so sexy
<trashguy> i only log in as root on most machines if im local
<trashguy> avonders@avonders-desktop:~$ sudo -i
<trashguy> [sudo] password for avonders:
<trashguy> root@avonders-desktop:~#
<ShawnR> 9/10 times i will be local
<ScottK> ShawnR: Up until you rm -rf * and aren't in the dir you thought you were, sure.
<trashguy> or umount var
<trashguy> ^^
<uvirtbot> trashguy: Error: "^" is not a valid command.
<ShawnR> that'll be my own problem... but i don't do those things
<ScottK> Of course.
<ShawnR> this is just going to be a personal file/media streaming server with LAMP things just for when it's convenient
<trashguy> smash buttons
<trashguy> RAWR
<ScottK> ShawnR: If it's exposed to the internet be sure to turn off SSH root login.
<ShawnR> yeah
<CarlFK> how can I turn ono the cpu fan?
<ShawnR> put a hairdryer on it, that should trigger the thermal sensors
<ShawnR> it's not on currently?
<lukehasnoname> the server guide needs to be moved from doc.ubuntu.com to help.ubuntu.com as the 8.10 guide
<Appl3Kork> so I've got Ubuntu Server installed, and I got it all setup in webmin, but I can't get ppl outside the home network view it?
<ScottK> Appl3Kork: Webmin isn't in the Ubuntu repositories, so it's not supported here.  Ask the webmin people.
<Appl3Kork> well I'm not using webmin to configure it. sorry.  I'm trying to get the ddclient working through putty
<ShawnR> appl3kork ppl from outside can't view what? can't access webmin or what services?
<Appl3Kork> can't access my server
<Appl3Kork> it's running apache
<ShawnR> and you cna view it locally, right?
<Appl3Kork> yes
<Appl3Kork> I've forwarded ports
<ShawnR> can you access any other service from outside?
<Appl3Kork> no
<Appl3Kork> nothing
<ShawnR> what error do ppl get?
<Appl3Kork> well I just give them the url, and it just says cannot be found
<ShawnR> what url?
<Appl3Kork> g3rm.dontexist.com
<Appl3Kork> I'm just trying to do the basics right now, of them seeing it say "It Works!"
<ShawnR> on port 80, right?
<Appl3Kork> I think port 80 is blocked by my ISP, so my buddy said to use 81
<ShawnR> and you forwarded ports 81?
<Appl3Kork> yes
<Appl3Kork> both router and modem
<ShawnR> and when you access it locally, you use http://g3rm.dontexist.com:81
<ShawnR> right?
<Appl3Kork> no actually
<ShawnR> ....
<Appl3Kork> I just typed in g3rm.dontexist.com
<ShawnR> http:// will default to port 80 unless otherwise specified
<ShawnR> so you're still running on port 80
<Appl3Kork> o
<Appl3Kork> k let me change that really quick
<ShawnR> have you restarted apache?
<TANATHOS> either port 80 nor port 81 works
<ShawnR> 80 works locally, and 80 is blocked by ISP
<Appl3Kork> well I don't think on dyndns.org will allow me to make the site say g3rm.dontexist.com:81
<TANATHOS> what kind of isp block port 80?
<Appl3Kork> gay ones
<ShawnR> comcast used to
<ShawnR> some still do, they don't want you using your home ISP connection as a server
<ShawnR> no, dyndns will not
<TANATHOS> I don't really think you can forward
<ShawnR> you just gotta tell ppl to use the :81 at the end
<TANATHOS> I was about  to write that
<TANATHOS> not necesarily
<Appl3Kork> whats the command to restart apache?
<TANATHOS> ubuntu?
<Appl3Kork> ya
<TANATHOS> ./etc/init.d/apache restart
<TANATHOS> as I remember it
<ShawnR> tanathos what would be the alternative to telling ppl to include port #?
<TANATHOS> make a redirect from another page
<ShawnR> lol
<ShawnR> true
<TANATHOS> ?
<TANATHOS> oh I thought you were laughing at me
<ShawnR> but that'd be a lot of work
<ShawnR> no, just at the backbending
<Appl3Kork> well in webmin it actually asks what port for the server
<TANATHOS> he could make a redirect from another page
<Appl3Kork> and I put 81
<TANATHOS> Appl3Kork yes
<TANATHOS> but that is locally
<Appl3Kork> o
<TANATHOS> you need to redirect from outside your isp
<ShawnR> yeah, but if he has a hosted page somewhere, why not just put the website there?
<TANATHOS> true
<Appl3Kork> i didn't think I had a hosted page
<Appl3Kork> or is that the g3rm.dontexist.com
<TANATHOS> wait
<ShawnR> by hosted i mean on someone else's computer... like at a website hosting company
<TANATHOS> do you have another hosting account somewhere
<Appl3Kork> no
<TANATHOS> even better
<Appl3Kork> not that I know of
<TANATHOS> do you own dontexist.com
<Appl3Kork> no it was just a free one with dyndns.org
<ShawnR> nope, that's a dyndns.org name
<ShawnR> all they do is redirect the subdomain to his IP at home
<TANATHOS> I could give you a hosting package at my comapny
<ShawnR> well, this looks like a match made in IRC heaven
<Appl3Kork> ya but how much is that?
<ShawnR> lol
<TANATHOS> but still you have to own a domain
<TANATHOS> Appl3Kork for free
<TANATHOS> I own the company
<Appl3Kork> so if I own a domain you can host it for free?
<TANATHOS> I got about 16 working servers
<ShawnR> i want a free hosting package!
<TANATHOS> :))
<TANATHOS> hold your horses
<ShawnR> i'm just playin
<TANATHOS> Appl3Kork is in trouble not you
<ShawnR> i've got one hosted now, i'd hate to keep switching... unless you can get me exchange for free :P (which i highly doubt you'd do for me)
<TANATHOS> ShawnR how much do you pay for that package
<TANATHOS> I'll make it half:))
<ShawnR> well, i don't have exchange right now
<TANATHOS> and try not to lie
<TANATHOS> :))
<ShawnR> it's ike USD $80/yr
<ShawnR> i think 84 to be exact
<TANATHOS> when does it expire?
<ShawnR> i just paid for another year... heh
<ShawnR> but all i want is shell access to do file management and backup and i'd REALLY like exchange
<TANATHOS> well your los
<TANATHOS> loss
<TANATHOS> exchange server?
<ShawnR> yup
<TANATHOS> Micro shit?
<TANATHOS> I only have 2 of those
<ShawnR> exchange being that i could sync up my phone contacts with outlook and not have to worry about when i get a new phone
<TANATHOS> sorry I can't give you on MES
<ShawnR> but it's not worth me paying like $100/yr more or whatever it is, just to have that feature
<ShawnR> it's ok
<TANATHOS> are rented
<TANATHOS> and can't really mess them up
<Appl3Kork> i think I own a domain name
<Appl3Kork> had one before
<Appl3Kork> lemme check my email really quick
<ShawnR> well, i'm headed out now... good luck appl3
<Appl3Kork> thanx
<Appl3Kork> so TANATHOS if I've got a domain name and you can host it, does that make it so people can see my server?
<TANATHOS> yes
<Appl3Kork> ok
<Appl3Kork> im just checking to see where my domain name is
<TANATHOS> ok
<TANATHOS> Appl3Kork?
<Appl3Kork> yup
<TANATHOS> domain?
<Appl3Kork> i was just going to get a new one cause it was 1.99
<Appl3Kork> just trying to think what it should be called
<TANATHOS> o lol
<TANATHOS> only 1.99
<TANATHOS> well then get me tanathos.org
<TANATHOS> :))
<Appl3Kork> does it matter if it's .com .net and whatnot?
<Appl3Kork> for your hosting
<TANATHOS> no
<mindframe> so my update to ibex failed during the download and now update-manager -d wont show it as an option.  how can i upgrade my system?
<mvo> mindframe: if that happend during the download (and not during the install then its odd) - should work
<Appl3Kork> but TANATHOS when I have a domain and a host, how does it all setup with the server?
<mvo> mindframe: could you put your /var/log/dist-upgrade/main.log up somewhere please?
<mindframe> damnit pastebin wont let me paste.. saying i trip the spam filter
<hads> paste.pocoo.org
<lukehasnoname> http://mibbit.com/pb/9mtFY2
<mindframe-> http://paste.pocoo.org/show/89757/
<LordDicranius> is there an easy way to move cron jobs from one system to another?
<mindframe> copy / paste?
#ubuntu-server 2008-11-01
<Appl3Kork> TANATHOS u still there?
<Appl3Kork> or is anyone here?
<tonyyarusso> Asking a question about Ubuntu Server tends to be more productive than asking if anyone is here.
<Appl3Kork> well I can't seem to ever get my server detected outside my home network
<Appl3Kork> that's what I always keep running into
<Appl3Kork> I'm looking at the server guide right now, and trying to figure out in the search mydomain.example
<tonyyarusso> define "detected" ?
<Appl3Kork> i have apache, which people told me is used so people can download files from my server
<Appl3Kork> but when I give them g3rm.dontexist.com, it doesn't send them to it
<Appl3Kork> though when I type that in, it goes to it
<Appl3Kork> so I guess the g3rm.dontexist.com is linked with my internal IP or something
<Appl3Kork> well actually when i type that in, it goes to my Modem config page
<tonyyarusso> Hokay, we'll start with some simple bits.  Check http://www.whatismyip.com/ and tell me if it's 75.169.246.22
<tonyyarusso> Do these other users also end up at your modem config, or an error page?
<Appl3Kork> yes that's it
 * tonyyarusso tries himself
<Appl3Kork> it just says for them unable to connect
<tonyyarusso> All right, pull up your modem config and find the bit about remote access if you can.
<Appl3Kork> I found remote management/telnet
<Appl3Kork> is that what i need?
<Appl3Kork> they are both set to off
<tonyyarusso> Both set to off eh?  Excellent.  Leave that alone then and find the bit about port forwarding.
<Appl3Kork> ya I have port 81 being forwarded on both TCP and UDP
<Appl3Kork> cause I guess port 80 is blocked by my isp
<tonyyarusso> Oh really?  All right then.  Did you set up apache to use 81 to match?
<Appl3Kork> ya I set that up in apache using webmin
<ScottK> Appl3Kork: Remember when I said webmin isn't supported here.
<tonyyarusso> err, yeah.  I have no idea what webmin does.  Perhaps you could just pastebin your configuration.
<Appl3Kork> yes I know
<Appl3Kork> is there a command that lets me look it up in putty
<ScottK> You'd be better off to ask the webmin folks how to use webmin to do what you want.
<tonyyarusso> Appl3Kork: Everything's in /etc/apache2/, primarily in sites-available/default.  http://apache.pastebin.ca/ will even do pretty syntax highlighting for it.
<tonyyarusso> Or what ScottK said if you'd like to stick with the webmin route.
<Appl3Kork> well I don't mind not using webmin
<Appl3Kork> I was just following a tutorial that said to install that.  If you can just guide me through the linux way, I would rather do that anyways
<tonyyarusso> Sure.  You can use 'cat' to output the contents of the config file(s) and copy-paste from there to the pastebin, then give the link here, and I'll see if I can figure out what's going on.
<Appl3Kork> just type in cat in putty
<slestak> i cannot find any docs on what is included in the different software selection prompts duirng install.
<slestak> i want a minimal system, what is in "Basic Ubuntu Server"
<slestak> installing JeOS for trac development
<Appl3Kork> this is from typing sudo cat /etc/apache2/sites-available/default: http://paste.ubuntu.com/65485/
<slestak> i just didnt sleect any, i'll ust apt to get what i need
<AirstrikeIvanov> Hello everyone. I need to set up my mail server to read for multiple domains and based on MySQL databases - not Linux users. All I've done is tell the OS installer to install the mail server - among other things. How do I set my mailserver up to read on three seperate domains (@wizardwars.org, @legionrp.com, and @dbd-cz.com) and users not based on Linux users?
<uvirtbot> New bug: #291921 in samba (main) "package libsmbclient 2:3.2.3-1ubuntu3 failed to install/upgrade: " [Undecided,New] https://launchpad.net/bugs/291921
<ScottK> AirstrikeIvanov: There is no short answer to your question.  That's a not a beginner setup.
<ScottK> AirstrikeIvanov: Some hints are you'll want Dovecot for your mail delivery agent and probable virtual domains.
<ScottK> probable/probably.
<ScottK> AirstrikeIvanov: I recommend "The Book of Postfix" as it has most of the piece parts you need described.
<tonyyarusso> I'll second that - great book, and seems to be the unanimous rec. of everyone I asked.
<uvirtbot> New bug: #291937 in samba (main) "package libwbclient0 2:3.2.3-1ubuntu3 failed to install/upgrade: " [Undecided,New] https://launchpad.net/bugs/291937
<tonyyarusso> Appl3Kork: what about /etc/apache2/ports.conf?
<AirstrikeIvanov> The Book of Postfix? Got it. And I do have Dovecot installed - Dovecot 1.0.10, Postfix 2.5.1 and Procmail were installed by the ubuntu installer's mailserver bundle.
<slestak> i have a jeos intrepid vm running that i had to install the generic kernel due to pae not being implemented in vbox.  i want to uninstall the default server kernel package because i am really lowballing this thing for space and resources
<slestak> cannot determine what the name of the default server kernel package is
<slestak> thought it would be linux-server, but that is not installed
<firecrotch> slestak: linux-image-server
<slestak> firecrotch: hmm, apt says its not installed, but i still have those choices in /boot/grub/menu.lst
<slestak> can i do a dpg-reconfigure of grub to get the menu.lst rebuilt based on current kernels?
<centaur5> slestak: My server is just running linux-image-generic
<ScottK> slestak: update-grub is IIRC what you want.
<slestak> centaur5: mine is now, but not by default when i installed.  i had to install the generic package.  i followed the JeOS howto at ubuntu.com and vm wouldnt boot because kernel required pae
<slestak> so i had to reboot in rescue mode to get diff kernel package
<slestak> update-grub, ok
<firecrotch> slestak: what kernels are actually in your /boot directory ?
<slestak> lol, too minimal a system, no man pages, and update-grub --help tries to run.  glad i didnt use sudo. :0)
<centaur5> slestak: So you're using Jeos and virtualbox?
<slestak> server and generic
<slestak> centaur5: yes
<slestak> i know its not in the docs
<centaur5> slestak: Just out of curiosity why did you choose that combination?
<slestak> im using vbox for soem other vm;s and neede da quick vm for some dev work
<slestak> didnt really want to mix diff vm type on this laptop, its not that beefy
<slestak> wanted sth minimal with ssh, python, and trac
<centaur5> Oh, so you're not actually running multiple virtual servers for e-mail, LDAP, etc?
<slestak> centaur5: no, just trying to cut my teeth with floss development.  (pun not intended.)
<slestak> helping someone with a trac plugin.
<slestak> ive been a consumer of foss for years, want to try ti contribute
<centaur5> Alright, I just decided this week I want to do virtual servers but not sure which application I want to use. Jeos, vmware, vbox, qemu. So many choices.
<slestak> i figured i want to pick one and learn it well enough to fit my circumstance.  not get 3 different vm products, and learn none of them well
<slestak> vbox works well enough for me, and the price is right
<centaur5> I want to use only one as well just not sure the best way to go about it. I know that there will probably be benefits to one over the other just haven't figured that out yet.
<slestak> there are cheerleaders in all of their camps.  imo, vbox has the easiest learning curve
<slestak> top
<slestak> sorry
<slestak> i do see linux-image-generic and linux-image-virtual
<slestak> is the 2nd necessary?
<slestak> hey, u missed my last comment and question :)
<centaur5> My upgrade to intrepid must have automatically adjusted my power settings and shut me down while I was discharging.
<slestak> man, pidgin will not let me repeat easy.  just a sec
<slestak> there are cheerleaders in all of their camps.  imo, vbox has the easiest learning curve
<slestak> i do see linux-image-generic and linux-image-virtual.  is the 2nd necessary?
<slestak> i guess one reason i picked vbox is i never liked the way vmware always makes fake nics that pollute my ifconfig output, and i can just nat vbox.  and xen seems to require way too much complexity
<centaur5> I've never had a reason to install the image-virtual but then again I haven't started playing with virtual servers yet.
<slestak> well, this is the guest that has -virtual
<slestak> not the host.  both are ubuntu intrepid though
<centaur5> Oh wait, when I installed vbox on Gutsy to play around with it I had to download it directly from their site to install the .deb package and I never had a different kernel installed.
<slestak> the version from them is called peul, and has a couple of extra features.  the one you get from apt is ose, and is "free-er"
<slestak> i liek the usb and shared folders in peul so i always get it
<centaur5> Well my friend told me vmware can easily do snapshots so you can restore easily if something goes wrong. I don't know the limitations on their free version.
<slestak> vbox does that too.
<slestak> and you can launch them headless
<slestak> from cli
<slestak> vmware is prob better (at the office) but for home use, i've made up my mind
<centaur5> The thing I can't decide is I want to play with ebox but I don't know if I should have the host be the ebox router or one of the virtual servers run ebox and configure every other virtual server to use the virtual ebox for routing.
<slestak> neat, havn't seen that
<slestak> any of the virt products will prob work.
<slestak> i would do the second, especially if you already have any of those services already running
<slestak> you can run the vm's on a private ip subnet
<centaur5> Are you running vbox command line or does it have that option or is your host using quite a few resources?
<slestak> you can run with gui visor or control vm from shell
<centaur5> I figured I should have the host use as little as possible since all the resources will be needed for the real work the vm's will do.
<slestak> thats where i think jeos comes in, 3 vms with 256m ram each can prob run on a decent modern machine.  ebox server will likely need more
<centaur5> slestak: Have you played with ebox at all?  I can't wait for them to add more services and features to the current services.
<slestak> i had never seen it till you mentioned it.  is it j2ee?
<centaur5> perl for the backend I'm not sure about the web based front end.
<centaur5> I've never been very good at programming I just started studying Perl 2 months ago and not doing so well.  Wondering if I should be doing Python.
<slestak> even if its slow for testing, wil prob work
<slestak> im trying to learn python
<centaur5> Are you using Intrepid with Gnome for your vbox host?
<slestak> yes
<centaur5> How long have you been working on Python?
<slestak> lightly maybe a year, but not much practical experience
<slestak> ive just found someone that is kinda mentoring me.  gsve me commit perms on a trac plugin.  try to fix some bugs
<centaur5> Well Perl is what ebox and a couple web apps that I use are written with so I would like to help with those.  I hear Python is easier though and it seems to be everywhere I look now.
<slestak> thats kinda how pyhton has snuck up on me.  between gentoo ports, trac, pytivo, and some other projects, i keep on running into it.
<centaur5> Hmm...perhaps I should get a book.
<centaur5> I've been thinking about it.
<slestak> i have a 4-5 volume set of perl books that i'd let go cheap :0)
<slestak> they are maybe 3 years old
<slestak> its the oreilly perl library
<centaur5> Oh, I was referring to getting a Python book.
<slestak> im not getting rid of any of them
<slestak> perl is too terse for me
<centaur5> I understand, I'm thinking that I probably won't cut it in Perl.
<slestak> wonder why subversion wants to install mysql?  didnt think it used it...
<slestak> im sure you could learn it
<slestak> perl or python
<centaur5> Well I think Python would also be the better choice for doing a GUI since that is what a lot of people are using.
<slestak> yeah.  pygtk
<slestak> i need to get some sleep.  good luck w your project
<centaur5> Therefore, I should probably learn Python.
<centaur5> Thanks for the advice.
<slestak> both :)
<centaur5> g'night
<ShawnR> ok, i know you can restart a service, but what's the command to tell it that you updated the .conf and just need it to reload it?
<ShawnR> i can't remember
<ShawnR> is it reload?
<jmedina> ShawnR: it depends on the service
<jmedina> most of the time you can send a HUP signal
<jmedina> kill -HUP PID
<jmedina> some services have a reload option
<ShawnR> the HUP sounds familiar
<ShawnR> if you just do a restart, that's not the same?
<jmedina> but a HUP wont stop the service, only forces it to re-read the config file
<jmedina> a restart, stop and start again the service
<ShawnR> ok, then HUP is what i remember
<ShawnR> so it's a switch on the kill command?
<ShawnR> figured it woulda been in conjunction with the /etc/init.d/servicename HUP or something
<jmedina> debian uses start-stop-daemon in the init scripts
<jmedina> other distros o rc scripts sometimes uses killproc or kill -HUP `cat /var/run/service.pid`
<jmedina> something like that
<ShawnR> gotcha
<ShawnR> i've been without my music for the last few days (both RAM sticks went 100% bad at the same time).... i'm so glad ot hear my music again
<FFEMTcJ> im lookin for something to do on my server.. i dont touch any of the resources that it has available, so im looking for something to do with it
<ziroday> FFEMTcJ: you can seed torrents
<FFEMTcJ> ziroday: i setup rtorrent to do that
<FFEMTcJ> but it stops seeding
<FFEMTcJ> and icant figure out why
<ziroday> well I hardly use rtorrent, sorry
<FFEMTcJ> i was seeding 8.10 and now it stopped but i know there is more of a demand for it.. im tryin to figure out why it stops workin but havent found any help yet
<ziroday> FFEMTcJ: try asking in #rtorrent
<FFEMTcJ> i did.. noone seemed alive
<ziroday> FFEMTcJ: the official channel is #libtorrent on irc.worldforge.org, you can ask on their
<FFEMTcJ> ok.. ty
<ziroday> or just use a different torrent program
<scientes> what would be a minimal way to test the video capture card on my ubuntu-server?
<scientes> i installed xawtv on a server and it didnt work (it displays a vid capture stream)
<kraut> moin
<scientes> i was trying fbtv but it complains that there is no console font file
<scientes> http://pastie.org/305411
<domas> Hi! Which filesystem for server should I chose? :) XFS is the only one that allows parallel O_DIRECT access, but seems to have some very evil performance regressions, JFS deadlocks with kswapd from time to time, ext3 seems to be slow for high r/w workloads, etc :(
<domas> ok, sorry, no trolling, getting back to work :(
<ScottK> domas: ext3 is the default because it's safe (safest).  Unless that's not your first priority for filesystem features, I'd stick with that.
<domas> performance is
<domas> or, better definition, performance with powerful i/o subsystem and lots of parallel transactional load on top :)
<domas> I raised lots of eyebrows when I pointed out that O_DIRECT makes all file accesses serialized
<domas> on every filesystem out there, except one, which in one condition allows parallel one
<carbon_monoxide> Hi
<carbon_monoxide> I'm using Mono. Mono uses /usr/lib, but I'm using 64bit Hardy. How can I make Mono to use /usr/lib64?
<domas> carbon_monoxide: /usr/lib has 64-bit libs too
<carbon_monoxide> how about /usr/lib/libz.so?
<domas> and usr/lib64 is symlink to 'lib'
<carbon_monoxide> ah!
<Nafallo> drwxr-xr-x 176 root root 57344 2008-10-29 09:13 lib
<Nafallo> drwxr-xr-x  32 root root 36864 2008-10-27 08:19 lib32
<Nafallo> lrwxrwxrwx   1 root root     3 2008-10-15 23:20 lib64 -> lib
<domas> if you want 32-bit libz, then install lib32z1
<carbon_monoxide> no
<carbon_monoxide> i want 64-bit libz
<domas> then it will use the one it has
<domas> carbon_monoxide: Ubuntu installs 32bit libs to /usr/lib32/
<Nafallo> /usr/lib/libz.so.1.2.3.3: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, stripped
<Nafallo> file is handy :-)
<domas> indeed
<domas> Nafallo: unfortunately, when you lack 32-bit library support Ubuntu tells you nothing, just silently exits the program
<domas> Nafallo: I just had to figure out whole nuances of 32-bit support few days ago :)
<Nafallo> domas: sounds like a feature :-)
<carbon_monoxide> :(
<domas> thats why I am so smart now!
<domas> carbon_monoxide: by the way, did you install mono from Ubuntu packages?
<domas> carbon_monoxide: if yes, why do you have to care about libz? :)
<carbon_monoxide> Nafallo: feature LOL you regard Ubuntu
<Nafallo> carbon_monoxide: sorry. not sure what that meant.
<carbon_monoxide> i installed mono from Ubuntu repo
<domas> carbon_monoxide: so why are you looking for libz? :)
<carbon_monoxide> and afterwards i install newer release from a backport repo
<domas> then install libz backport too, if it wants different version
<domas> backporting is pain on whatever system you're running
<carbon_monoxide> domas: I'm running a game server emulator for my curious with Mono
<domas> it is better to backport source packages then
<domas> my private server for a long time has been FC3, I became backporting god :)
<carbon_monoxide> domas: i wanna downgrade my mono now
<carbon_monoxide> how can i use the mono package from ubuntu repo?
<domas> just remove whatever you have now, and use apt-get install whatevermonopackageyouneed
<carbon_monoxide> domas: removing package with apt-get is pain in the ass
<carbon_monoxide> domas: i should use aptitude :(
<carbon_monoxide> domas: it's too late
<Deeps> what advantage does using aptitude give over apt-get?
<ScottK> Deeps: It has more smarts about dependency resolution so it may be able to sort out complex dependeny relationships apt fails on.
<ScottK> My personal experience with it hasn't been good though.  My preference is to let apt do it's best and sort the rest out myself.
<ScottK> YMMV.
<domas> just remove few packages
<domas> then do autoremove
<Deeps> ah, i was under the impression that all it did was autoremove installed dependancies when you removed the package that required them (That apt-get does now aswell)
<domas> easy :)
<ScottK> No.  It knows how to look harder for depency problem resolution.
<ScottK> domas: More than just autoremove.
<ScottK> Personally I don't use it, but many people swear by it.
<domas> anyone has some secret very clever method how to do custom packages, but get them upgraded automatically whenever upstream has updates %)
<domas> there's too much manual labor involved in maintaining local package versions :(
<carbon_monoxide> i'm having horrible dependency problem now
<onkel2000> Good morning
<domas> morning!
<onkel2000> i want to install ubuntu server over the network, but i can't find a netboot img for the server
<domas> onkel2000: http://archive.ubuntu.com/ubuntu/dists/hardy/main/installer-i386/current/images/netboot/
<domas> (replace hardy with whatever you want)
<onkel2000> is that image not for the client?
<onkel2000> *desktop
<domas> ghm
<domas> I guess you can pass some configuration
<ScottK> domas: The best way is to get the packages into the Ubuntu repository and then maybe someone else does the update work for you.
<uvirtbot> New bug: #292130 in samba (main) "Copying from RISC OS to intrepid with Samba fails to close the remote file" [Undecided,New] https://launchpad.net/bugs/292130
<domas> ScottK: nah, I want custom things, like... compiling imagemagick without threads support, or PHP have debug symbols, etc
<domas> ScottK: some small apache lingering hack
<ScottK> Oh.  No secret trick then.
<domas> </3 reentrancy problems
<onkel2000> should i try to use this netboot image (i have a verry slow i-net connection)
<domas> there're two mandatory packages for a server: command-not-found and openssh-server
<domas> ;-)
<domas> everything else can be sorted out later
<onkel2000> ok thank you
<uvirtbot> New bug: #292150 in mysql-dfsg-5.0 (main) "mysql-server package installation returned error on 8.04 -> 8.10 kubuntu upgrade" [Undecided,New] https://launchpad.net/bugs/292150
<uvirtbot> New bug: #291979 in mysql-dfsg-5.0 (main) "package update-manager None [modified: /var/lib/dpkg/info/update-manager.list] failed to install/upgrade: ErrorMessage: SystemError in cache.commit(): E:Sub-process /usr/bin/dpkg returned an error code (1), E:Sub-process /usr/bin/dpkg returned an error code (1)" [Low,Triaged] https://launchpad.net/bugs/291979
<carbon_monoxide> hi domas
<carbon_monoxide> i forgot the command you gave me to apt-get install libz32
<carbon_monoxide> hi
<carbon_monoxide> i need libz.so 32 bit on my AMD64 system
<carbon_monoxide> can i simply obtain them with apt-get and have /usr/lib32 ?
<XiXaQ> didn't think you could use 32bit objects on 64bit os?
<carbon_monoxide> not sure
<carbon_monoxide> i have no knowledge on it
<carbon_monoxide> how can i check whether a specific lib is for 32bit or 64bit on my system?
<XiXaQ> well, if you're running a 64bit os, then it probably is 64bit and vice versa. What do you need it for?
<carbon_monoxide> i'm using mono to run a game emulator program in c#
<carbon_monoxide> the game emulator implemented 32bit libz compression library
<carbon_monoxide> i just need a 32 bit libz.so1.2.3+ for it
<Nafallo> XiXaQ: you can run 32-bit apps in a 64-bit userspace if you have the right libs/dependencies.
<carbon_monoxide> Nafallo: =]
<carbon_monoxide> for instance, playing ZSNES on 64bit Hardy
<Nafallo> wasn't NES 8-bit? /usr/lib8?
<Nafallo> ;-)
<carbon_monoxide> LOL
<XiXaQ> ;)
<carbon_monoxide> not sure
<Nafallo> I am.
<Nafallo> cause I had a SEGA, boosting double the amount of bits NES had :-)
<carbon_monoxide> but the emulator should be 32bit aye?
<Nafallo> ya
<Nafallo> or 64
 * Nafallo shrugs
<Nafallo> snes9express - GTK+ front-end for snes9x
<Nafallo> snes9x-x - X binaries for snes9x - Super NES Emulator
<Nafallo> seems to exist some 64-bit binaries.
<Nafallo> if not znes...
<carbon_monoxide> Nafallo: you got any idea about getting 32bit libs for 64bit Hardy?
<kees> carbon_monoxide: sudo apt-get install ia32-libs    doesn't cover it?
<carbon_monoxide> thanks kees
<carbon_monoxide> how can i check whether ia32-libs contains what i need or not?
<kees> I'd just install it and do    dpkg -L ia32-libs    but then I have a full local mirror
<kees> clicking around on packages.ubuntu.com might work, there's a "files" link somewhere for each package
<Nafallo> lib32z1 I think
 * kees doesn't tend to run much unpackaged software.  :P
<Nafallo> http://packages.ubuntu.com/intrepid/amd64/lib32z1/filelist
<carbon_monoxide> i need libz.so
<carbon_monoxide> woot!
<carbon_monoxide> thanks Nafallo!
<carbon_monoxide> then ia32-libs should include it
<Nafallo> depends on it.
<carbon_monoxide> after installing ia32-libs, it won't overrides my lib64, right?
<Nafallo> nope
<carbon_monoxide> great@!
<carbon_monoxide> that package makes life easier
<shai> hi there
<shai> I have to ubuntu 8.04 servers running vanilla setup. Both have samba installed and server our office of 25 XP machines. One server "userserver" has no problems at all. The other, "dataserver", has issues with solidworks parts files getting corrupted. I've narrowed it down. Any other file type regardless of size is ok. BUT when you transfer a .SLDPRT file to the dataserver the file is changed. I've verified this both wi
<shai> through further testing I've found other extenstions that also corrupt, so this doesn't seem to be solidworks specific
<domas> thats what irc logs are for..
<shai> ???
<shai> domas: was that at me?
<domas> shai: no
<domas> shai: the guy before came here asking for something I told him few hours ago
<domas> :)
<ralesk> hello all; I noticed in recent versions of Ubuntu (hardy, intrepid, maybe gutsy too) that on the console the bright colours all appear as dark grey, so I'm kinda unable to use mc or even a man because it's barely readable...
<ralesk> is any of you 120 people here at all?
<shai> yes
<shai> were all waiting for help :)
<domas> :)
<ralesk> heh :)
<domas> bah, Ubuntu mysql packages have security flaw :(
<domas> okie, reported to security@
<bugfixes> hello all
<domas> hi!
<uvirtbot> New bug: #292364 in openldap (main) "slapd init.d file fails to set -f or -F" [Undecided,New] https://launchpad.net/bugs/292364
<photon> how do I have to change permissions of a script so that they run as root? I tried chown root:root script.sh && chmod +s script.sh, but I still have to type in the admin password
<ScottK> photon: That's a function of your permissions, not the scripts if you run it.
<photon> yea, that's what I'm asking for... " how do I have to change permissions" ?
<ScottK> You have to have admin access to run it as root so you have to type the password in.
<photon> I don't think that's entirely true. you can have setuid scripts, which should make this possible, but it does not work for me as intended.
<greenfly> generally speaking you want to avoid any setuid root scripts if at all possible
<greenfly> a better alternative is to allow a user to run it as root via sudo
<greenfly> you could even potentially set up sudo to run it without requiring a password be typed in. While that could open you up to a security hole depending on what the script does, at least sudo will log every time a user runs the script
<photon> okay, thanks
#ubuntu-server 2008-11-02
<Kamping_Kaiser> greenfly, you do need to control the users path to an extent too, so they cant diy $binname
<Ahmuck> on the F4 option menu, what is a minimal virutal machine?  exactly what it states?
<hotmonkeyluv> how do I refresh my IP?
<Kamping_Kaiser> meaning?
<Kamping_Kaiser> your a client to a dhcp server?
<hotmonkeyluv> well, I have 4 ethernet ports, and only one ethernet cable
<hotmonkeyluv> and for some reason i can't connect to the internets
<hotmonkeyluv> and when I run ifconfig -a, none of the devices have any IP addresses
<Kamping_Kaiser> sure your cable is ok?
<Kamping_Kaiser> dhclient is the command, fwiw
<hotmonkeyluv> thanks, I'll check the cable, but i'm sure it's ok.
<hotmonkeyluv> sweeeeeeeeet
<hotmonkeyluv> thank you Kamping_Kaiser
<hotmonkeyluv> the dhclient worked
<Kamping_Kaiser> hotmonkeyluv, np. enjoy
<hotmonkeyluv> dang it, now I can't install ssh-server
<Kamping_Kaiser> because ...?
<hotmonkeyluv> it says that openssh-server has no installation candidate
<Kamping_Kaiser> try running apt-get update again
<hotmonkeyluv> ok
<hotmonkeyluv> nope
<AirstrikeIvanov> hi everyone
<AirstrikeIvanov> how do i make my DNS server installation download a new named.conf file? the one that is supposed to be in there is missing
<Ahmuck> any suggestions for a linux iso to "burn in" a new system?
<Ahmuck> i just tested "virtual machine" option on ubuntu server in kubuntu 8.04 with virtual box 2.0.4.x and upon installation and then reboot, it errored out
<uvirtbot> New bug: #292494 in bacula (universe) "package bacula-director-pgsql 2.4.2-1ubuntu6 failed to install/upgrade: " [Undecided,New] https://launchpad.net/bugs/292494
<kinection> what does "basic ubuntu server" consist of?
<andol> kinection: tasksel --task-packages server
<kinection> that only works if i already have it installed ;)
<domas> bah, was running tar at 100MB/s from network stream
<domas> and puff, kernel regression, suddenly started spending 100% of time in memcpy_c
<domas> <3 linux
<domas> http://p.defau.lt/?AHX3RRCU0uq_gDD069p9aA
<domas> seems like tar is braindead when it comes to memory management %)
<domas> huh, gutsy opcontrol has syntax errors
<vlad73> Hi! I've installed ubuntu server 8.10. But when I try #apt-get build-deb php5, this error - ÐÐµ Can't open file: /var/lib/apt/lists/security.ubuntu.com_ubuntu_dists_intrepid-security_main_source_Sources
<vlad73> What can i do to appear this file?
<kraut> moin
<vlad73> Hi! I've installed ubuntu server 8.10. But when I try #apt-get build-deb php5, this error -  Can't open file: /var/lib/apt/lists/security.ubuntu.com_ubuntu_dists_intrepid-security_main_source_Sources
<vlad73> What can i do to appear this file?
<Frozen-Solid> I'm trying to setup multiple IPs on my ubuntu server edition 8.04 box.  I have them setup in the /etc/network/interfaces file, but when i restart networking it tells me "SIOCADDRT: No such process" and then fails to bring up the aliases
<Frozen-Solid> the aliases are setup as "auto eth0:0" through eth0:6, each has an address, netmask, and gateway set, and should be set with the right options.  the default interface seems to work fine
<Frozen-S1lid> crisis averted: apparently our pix sucks and didn't refresh it's mac to ip database when we switched servers
<Frozen-S1lid> thanks anyways though!
<tonyyarusso> I didn't even know you could do that...
<Deeps> messy way of doing it
<Deeps> better off using ip addr add
<Deeps> and adding multiple ips to a single interface, instead of creating a tonne of virtual interfaces
<tonyyarusso> Deeps: Seriously?  "ip addr add"?  That's the same syntax as Cisco IOS.
<J-_> What directories should I backup on my LAMP server? /var/www for sure, anything else? I know I have to do a mysql dump as well.
<tonyyarusso> J-_: /etc.
<tonyyarusso> J-_: /home (even if it's not _really_ being used, I usually have some random thing in there.), /opt if you use it
<J-_> cool, yeah I don't really use /home, or /opt
<tonyyarusso> J-_: /var/log, /var/mail
<tonyyarusso> J-_: I also like to do /boot, for when you screw up your initrd or whatever.
<tonyyarusso> I think that pretty well covers it.
<tonyyarusso> And with that, I need to go to work.
<uvirtbot> New bug: #292706 in mysql-dfsg-5.0 (main) "package mysql-server-5.0 5.0.67-0ubuntu6 failed to install/upgrade: el subproceso post-installation script devolvi? el c?digo de salida de error 1" [Undecided,New] https://launchpad.net/bugs/292706
<Yippee_> Is it necessary to set up web server with ssl if you want mail on the Web. Mail server is configured with ssl. And should mail server ssl certificate approved?
<freaky_t> is there any tool to upgrade the server-edition to intrepid (from hardy)?
<freaky_t> or do i just need to edit the entries in sources.list ?
<arooni> perl: warning: Please check that your locale settings:
<arooni> 	LANGUAGE = (unset),
<arooni> 	LC_ALL = (unset),
<arooni> 	LANG = "en_CA.UTF-8"
<arooni>     are supported and installed on your system.
<arooni> how would i fix that on ubuntu hardy server?
<freaky_t> can i allready safely upgrade to intrepid?
<uvirtbot> New bug: #292548 in samba (main) "nmbd -D uses 95% processor when there is not lan conection." [Undecided,New] https://launchpad.net/bugs/292548
<arooni> how would i fix an unset locales issue on ubuntu hardy server?
<arooni> nevermind got it working :P (had to restart apache)
<nvti> hooray
<arooni> i got postfix installed;  and also got postfixadmin installed.... what else must i do to be able to send emails?
<tonyyarusso> arooni: Configure it.
<arooni> thanks tonyyarusso how would i dot hat?
<tonyyarusso> arooni: Most of it is done in /etc/postfix/main.cf, but for details you'll have to read some documentation.  YOu'll find a fair amount in the Ubuntu Server guide, or if you prefer print pick up "The Book Of Postfix".
 * ScottK mumbles "or hire a consultant to read it for you".
<tonyyarusso> arooni: Once you've done a bit of that and have some background to work with, specific problems you still have can probably be dealt with better in #postfix (a bit more active than here).
<tonyyarusso> ScottK: Thanks for your reply about mail components btw - super helpful.
<ScottK> tonyyarusso: You're welcome.
<jdub> zul: got back to you re: php tzdata in hardon
<jdub> zul: sorry, hadn't noticed the bug got love :)
#ubuntu-server 2009-10-26
<uvirtbot> New bug: #460772 in php5 (main) "php5 package doesnt provide php5 binary" [Low,Won't fix] https://launchpad.net/bugs/460772
<StrangeCharm> manually trying to set up an encrypted lvm, grub is giving me an error at boot. what am i likely to be doing wrong?
<twb> StrangeCharm: LTS or 9.04?
<StrangeCharm> twb, 9.10
<StrangeCharm> RC
<twb> Oops, yeah
<twb> Wait, 9.10 is still in RC?  It's nearly 2009-11!
<StrangeCharm> i think the release is in 4 days
<ScottK> On Thursday
<StrangeCharm> either way, twb did you have some tips?
<twb> StrangeCharm: sorry, I was just triaging
<StrangeCharm> lts>9.04>9.10RC ?
<ScottK> Nope.  Sorry.
<twb> LTS is currently 8.04.
<ScottK> StrangeCharm: The most recent LTS is 8.04.  It was followed by 8.10, 9.04, and on Thursday, 9.10.
<ScottK> The next LTS will be 10.04.
<twb> non-LTS releases are for people with more faith or more time :-)
<StrangeCharm> i am aware. i was facetiously remarking on triage priorities
<StrangeCharm> or more need for immediat efeatures
<StrangeCharm> does / have to have the boot flag?
<ScottK> twb: I disagree.  I don't think non-LTS releases are any less stable and the improvements more than offset the amount of time it takes to upgrade, but YMMV.
<twb> ScottK: well, for example, I do not want to have to deal with LDAP's config moving into the database
<ScottK> Right, I can understand that one.
<twb> That is, not until some other bugger has ironed out the big problems
<ScottK> Yeah.
<ScottK> That's a particular special case for staying with LTS.
<twb> StrangeCharm: the boot flag isn't necessary for GRUB, as long as GRUB is installed into the MBR (which is very, very likely).
<twb> ScottK: also, I'm talking about mission-critical servers.  Obviously for a workstation or a SOHO fileserver, non-LTS releases would be "stable enough"
<StrangeCharm> twb, what would determine whether it was?
<twb> StrangeCharm: if grub was installed by grub-install or by debian-installer, then it's in the MBR
<ScottK> twb: For my use cases they have been pretty equally stable.  I have two production servers on Hardy and a test server on Karmic and they all just work.
<StrangeCharm> twb, so that's the default behaviour of the install disks?
<twb> StrangeCharm: yes.  It is extremely unusual to install Grub into a partition's boot record.
<twb> I only mentioned it for the sake of accuracy (pedantry)
<twb> ScottK: granted.
<StrangeCharm> so the boot flag have to be one /boot at all? will the boot flag be problematic?
<StrangeCharm> under what circumstances would grub say that it couldn't find the disk in question?
<twb> StrangeCharm: boot a live CD, and pastebin the output of "parted -s /dev/sda print" and "lvs".
<twb> It'll need to be a live CD with LVM support, so try CentOS instead of Ubuntu Desktop if you have it.
<twb> Or just write the equivalent data by hand and pastebin that.  What I really want to know is the partition layout and the LV layout
<twb> Grub ignores boot flags entirely AFAIK, so as long as it's the first thing the BIOS bootstraps (i.e. it is in the MBR, not a partition boot sector), boot flags on partitions are totally irrelevant.
<StrangeCharm> can i just describe the partition layout in words?
<StrangeCharm> twb http://pastebin.com/d301080a3
<skuld> I have a second hard drive in my system.  When I had fedora I did something that "joined" my two hard drives together so linux saw them both as one drive.  How do I do that again?
<twb> skuld: if you do this the naÃ¯ve way, a failure on either drive will destroy your filesystem.
<skuld> oh, well, I'm backing up my critical stuff
<twb> skuld: it would be better to either make it a separate partition or logical volume, and make a new filesystem on that partition/LV and mount it somewhere.
<qman__> skuld, it's called RAID, and the configuration to use depends on what you're looking for
<skuld> the problem is, I need the extra space on the second  hard drive for my /var/www
<twb> Yes, ideally if you are concerned about individual drive failures, you should get two or three (or more) equal-sized drives and RAID them.  However, this is unlikely to be useful if you're e.g. adding a 200GB drive to a system which currently has a single 80GB drive.
<twb> skuld: are you using LVM currently?
<skuld> I think so.  is there a way to check?
<qman__> if you don't know, you probably aren't
<qman__> but a 'sudo fdisk -l' should tell you
<twb> skuld: does /proc/mounts refer to /dev/mapper/foo-bar or /dev/foo/bar, or does it refer only to /dev/sdXN ?
<skuld> I saw the option when I installed Ubunto, but I don't remember if I chose it or not
<twb> StrangeCharm: OK, your partition layout looks OK.
<twb> StrangeCharm: what is the exact error that grub emits?
<skuld> http://pastebin.com/f1385fd5e
<qman__> skuld, you're definitely using lvm
<twb> StrangeCharm: I'm guessing it can't find /boot because the bit in the MBR is broken.  But it might be that the code in /boot can't find root.
<skuld> ok
<qman__> I don't remember the lvm commands to list volume groups and expand them and whatnot
<twb> skuld: what you want to do is create a PV on the new disk (which appears to already have been done), then add that PV to your existing VG, then create an LV on that PV, then make a filesystem on the new LV, then mount that LV on /var/www.
<twb> qman__: "lvs"
<twb> qman__: oops, VGs is "vgs"
<qman__> ah
<qman__> for the sake of simplicity I generally don't use LVM, but it certainly is useful and allows for some really neat tricks
<twb> LVM is great if you expect to change your mind later
<skuld> wow...that sounds complicated LOL
<twb> This happens a lot in my case, because most of my customers continue to use the same server for years, upgrading it piecemeal over time.
<skuld> I know how they feel.  If I had the money.... LOL
<skuld> and I know I'm going to want to add a couple of TB drives when I can afford it
<twb> Well, for example you might have deployed with 20GB disks seven years ago, and upgrade to 1TB disks right now.  LVM allows that to happen with less downtime.
<twb> If they had lots of money, they'd be more likely to replace the entire box every three years :-)
<StrangeCharm> twb,  i think the error is that it can't find the disk 'disk not found', or words to that effect
<skuld> I know I'd love to do that.  I'm still running on a PIII
<twb> Everything in this office is PIIIs
<twb> Except for engineer-owned laptops, and (sigh) our Q9550 PPPoE bridge.
<billybigrigger> hey all, for some reason apache's access.log has stopped being written to since oct 16...i restarted apache, created some traffice and still nothing is being written to my access.log, i've checked my site settings in /etc/apache2/sites-enabled/xxxxxx and they are all set to log to my access.log
<billybigrigger> running 9.04 server in a vm if that helps
<billybigrigger> i haven't done any messing around with settings for this server for months...but i guess that doesn't rule out an update and i overwrote a config file somewhere right?
<twb> Have you turned on unattended upgrades?
<twb> (I really hope they're still off by default.)
<skuld> okay, so I think I have the second hard drive ready to be added to the Volume Group...I think.
<skuld> well, maybe not.  I don't see sdb1 anymore
<twb> skuld: this disk *is* connected internally, right?
<twb> LVM's probably not appropriate for an external HDD that you're gonna be plugging and unplugging.
<skuld> yes, it shows up fdisk -l, just no info...
<twb> No info where?
<skuld> http://pastebin.com/f33728691
<skuld> no, this is an internal HDD
<twb> Looks like /dev/sdb has no partition table.
<skuld> ugh!  I need to figure out how to do that.  I thought I did it
<twb> cfdisk /dev/sdb
<skuld> FATAL ERROR can not open disk
<twb> Ha!
<twb> And fdisk still works?  Stupid fdisk.
<twb> Your kernel has forgotten about your disk.  Try rebooting, also confirm the cables are snugly connected.
<skuld> ok
<pipedream> 3
<twb> Where in IRC can I find the LVM people?
<twb> I have accidentally create a LVM snapshot and filled it to 100%.
<twb> Now "lvs" and "lvremove /dev/foo/bar-20090909" both tell me it can't read a block of 4096 at points 0 and $bignum for /dev/foo/bar-20090909"
<twb> This means I can't remove the old snapshot, which makes me worry that something more than it just being 100% full has happened.
<uvirtbot> New bug: #460871 in samba (main) "package samba-common 2:3.3.2-1ubuntu3.1 failed to install/upgrade: subprocess post-installation script returned error exit status 2" [Undecided,New] https://launchpad.net/bugs/460871
<twb> OK, here's an interesting feature for you.
<twb> Make an LVM snapshot.  Now you have an LV and an LV snapshot with the SAME ext3 UUID as listed in /etc/fstab.  Reboot.  Is it possible for the LVM snapshot to get the symlink in /dev/disk/by-uuid?
<soren> twb: Unless something makes sure that it doesn't happen (which may or may not be the case), then yes, that could certainly happen.
<twb> Yay for huge failures!
<soren> twb: Something does seem to handle that.
<soren> Let me just check real quick.
<twb> soren: ah, but are you sure it's not just a coincidence that your test picks the right LV first?
<twb> i.e. a negative result alone isn't conclusive that the problem is fixed
<soren> twb: I'm not testing.
<twb> OK, good, carry on
<soren> twb: I'm looking at code.
<twb> Good man
<soren> I know. Absence of evidence is not evidence of absence.
<twb> Forgive me, I deal with a lot of stupid people, so I tend to assume the worst
<soren> Yeah. I know the feeling :)
<soren> twb: Can you give me the output of "blkid -o udev -p /dev/mapper/<the snapshot>" as well as "blkid -o udev -p /dev/mapper/<the "real" lv>"?
<twb> Unfortunately that specific box I have metaphorically jumped up and down on.
<twb> Let me grab another one
<twb> soren: Invalid output format udev.  Chose from value, device, or full
<twb> This is 8.04
<soren> Oh.
<soren> Let me check one of those, then..
<twb> -o value gives me the UUID
<soren> twb: Ok, use "vol_id --export /dev/mapper/blah" instead.
<twb> ID_FS_UUID=2b96f387-98dc-4a7b-95b1-747d00fe4f2d same for all of them
<soren> That's all it outputs?
<twb> No, sorry, shall I pastebin the whole thing?
<soren> Yes, please.
<soren> twb: Oh, and one more thing.
<soren> twb: Include "dmsetup export /dev/mapper/whatever" as well, please.
<soren> I actually think that's really what I want.
<twb> Nice one
<twb> http://hpaste.org/fastcgi/hpaste.fcgi/view?id=11167#a11167
<soren> And which one does /dev/disk/by-uuid/2b96f387-98dc-4a7b-95b1-747d00fe4f2d link to?
<soren> If I'm reading this correctly, it should be /dev/mapper/testtrim-debmirror.
<twb> readlink /dev/disk/by-uuid/2b96f387-98dc-4a7b-95b1-747d00fe4f2d ==> ../../mapper/testtrim-debmirror20091002
<twb> That I did not expect
<alvin> Why is /etc/fstab no longer by-uuid, but by-label by default? Can it give problems? (root device is sometimes no longer found on an ubuntu-server here)
<twb> alvin: hey, man, hold up!  I'm only just working out why by-uuid is evil and dodgy!
<twb> :-)
<alvin> twb: lol, I joined at the right moment
<alvin> So, why is it evil?
<soren> It's really not.
<alvin> Something must be different. On the same server, Jaunty always boots and karmic does not. (Sometimes the root drive is not found, sometimes it's the network)
<alvin> I'm currently suspecting the 'by-label', but there's no proof yet.
<alvin> (the network is bug 459134 . Probably another reason.
<uvirtbot> Launchpad bug 459134 in mountall "karmic: networking is started too late in the boot process" [Undecided,New] https://launchpad.net/bugs/459134
<twb> alvin: 17:15 <twb> Make an LVM snapshot.  Now you have an LV and an LV snapshot with the SAME ext3 UUID as listed in /etc/fstab.  Reboot.  Is it possible for the LVM snapshot to get the symlink in /dev/disk/by-uuid?
<alvin> (I'm totally wrong. The default is not by label, but just the path /dev/mapper/vg0-home for example)
<twb> Does karmic include the insserv migration?
<alvin> twb: just a moment. Testing this...
<twb> alvin: do you get as far as busybox?  If you do break=bottom and inspect stuff, is it any different?  RTFS by diffing /usr/share/initramfs on the two hosts?
<soren> twb: The problem is not uuid based mounting. The problem is that apparantly the thing that's supposed to make sure the snapshot-origin takes precedence over the snapshot when making that symlink is failing.
<soren> twb: uuid based mounting is a good thing. Really. The alternatives are much worse.
<twb> soren: yeah, I know
<twb> soren: I'm just being grumpy
<alvin> twb: You're right. It's the same UUID!
<twb> Having said that, I spent some time recently waiting for bootdegraded=true type failures due to the huge long default timeout
<soren> alvin: Of course it's the same UUID. Otherwise it wouldn't be a snapshot.
<alvin> soren: But then I can't mount the snapshot by UUID?
<twb> alvin: right
<soren> alvin: Right.
<alvin> ok
<twb> If there are two people in your office called "Zippy", you can't refer to them both just as "Zippy" without causing confusion.
<twb> At least one of them has to be referred to as e.g. "Zippy the Pinhead"
<soren> twb: Just for good measure, can you please pastebin your /etc/udev/rules.d/65-dmsetup.rules from that server?
 * alvin is rebooting until the server no longer finds its root disk to test busybox stuff.
<twb> http://hpaste.org/fastcgi/hpaste.fcgi/view?id=11167#a11168
<twb> alvin: hey, I'm clutching at straws
<twb> alvin: don't assume I know what I'm talking about
<twb> Incidentally, insert grumbling here about busybox-initramfs being crippled by removal of e.g. busybox httpd
<twb> Oh, and a user-accessible "busybox start-stop-daemon"
<alvin> twb: No worries, I need to test this today or it's back to Jaunty, where the root disk is always found and NFS mounts do not halt the boot process.
<twb> I actually wanted to use that one in my .bash_profile, but I can't assume it's there on Ubuntu.
<twb> alvin: are you sure it's NFS and not LDAP/NIS?
<alvin> twb: very sure
<twb> alvin: hard binding in the latter is a common source of slowdowns if the init order is futzd
<soren> twb: thanks.
<twb> OK.
<twb> Anyways, I'm going home
<alvin> (My personally most hated bug is 328881. Fixing that one would probably help a lot.)
<alvin> Hey ubottu, bug 328881
<uvirtbot> Launchpad bug 328881 in upstart "init: support logging of job output" [Medium,Triaged] https://launchpad.net/bugs/328881
<twb> Ew!
<twb> Do the upstart people say something horrible like "just start the script with "exec >/var/log/yow"
<soren> twb: I'm filing a bug on this.. What's your launchpad ID so that I can subscribe you to it?
<alvin> Currently, there simply is no boot log. I see some people taking pictures of their screen. Try explaining that to a collegue who is used to Solaris.
<soren> The stuff echoed to the screen was never logged.
<alvin> I know. Makes it a bit difficult to file bug reports. Always has been.
<soren> Point is: It's nothing new about upstart.
<alvin> That's true. Ubuntu never had boot logging. I don't know if debian has it actually.
<soren> It doesn't.
<twb> soren: sorry, I don't use launchpad because I hate its UI
<alvin> What is the bug number? (I actually like Launchpad. Pity some things do not work in webkist browsers.)
<alvin> s/webkist/webkit
<alvin> twb: After 5 successfull reboots (NFS mounts commented out) I see the busybox. What is break=bottom supposed to do? (does nothing). It says: /dev/mapper/vg0-root does not exists.
<twb> break=bottom is supposed to stop busybox just before it pivot-roots
<twb> And dump you into a local shell
<alvin> Without root, I can't get a local shell
<soren> twb: We don't pivot-root.
<soren> twb: We haven't for a loong time.
<alvin> So, approximately 1 in 5 boots, the root drive is not found. Someone who knows if there is already a bug report?
<twb> OK, whatever it is now
<twb> break=bottom worked on an 8.04 box I tried the other day
<twb> I concede I don't use non-LTS releases at all, raelly.
<alvin> No use here: libvirt and kvm are more recent. We get crashes on hardy that no longer occur in Karmic. Of course, if the servers don't boot...
<alvin> Against what should I report the /dev/mapper/vg0-root not found bug?
<soren> alvin: try lvm2.
<alvin> soren: thanks. Will do
<alvin> Reported as bug 460914
<uvirtbot> Launchpad bug 460914 in lvm2 "karmic rc: root device sometimes not found" [Undecided,New] https://launchpad.net/bugs/460914
<fahadsadah> twb: All my servers run Karmic beta.
<fahadsadah> (or debian)
<uvirtbot> New bug: #460089 in eucalyptus (main) "network state is lost if the cluster controller (CC) is stopped" [Medium,Incomplete] https://launchpad.net/bugs/460089
<simplexio> i have karmic in vbox for gis development, have tosay that it feel much faster than 9.04 in vbox
<TeTeT> I just set up UEC on karmic . I get a  "The certificate specified is invalid!" in axis2c.log on the node. Any ideas how to fix that?
<yann2> hello
<yann2> I am currently using ubuntu hardy with Puppet on quite a few servers, although it is from universe. I am thinking of moving to chef in a close future. What are Ubuntu plans regarding automated deployments and configuration, is one tool going to make it into main for 10.4?
<uvirtbot> New bug: #456806 in mountall (main) "mountall vomits a shell onto virtual console when you run vi" [High,Fix released] https://launchpad.net/bugs/456806
 * soren goes to eat
<Bilge> Where does aptitude get its package descriptions from?
<heath|work> apt-cache more than likely
<pmatulis> Bilge: when you perform an update the files that are updated are placed under /var/lib/apt/lists.  the apt tools use these files to determine what packages need to be upgraded.  they also contain package descriptions
<pmatulis> Bilge: do an update and then enter that directory and do 'ls -ltr'
<Bilge> I see
<Bilge> Maybe I could write a script to somehow query a package description
<Bilge> But I doubt it given that these files could be called anything and are generally all over the place
<Bilge> Now I see why it takes aptitude a while to start up
<pmatulis> Bilge: that's been done already: 'aptitude show foo'
<soren> Bilge: What are you trying to achieve?
<soren> Bilge: There are rather good tools to deal with the apt cache already.
<Bilge> Well fancy that!
<pmatulis> or 'apt-cache show foo'
<Bilge> apt-cache gives me two results while aptitude gives only one
<Bilge> I can't see any difference between the two results
<soren> Nor can we, because we don't know which package you're talking about.
<Bilge> Well no, but you'd also have to have my distro as well
<soren> Ok, don't tell me anything. I'll reciprocate :)
<Bilge> In case you can match it, I was running `apt-cache show imagemagick` on 8.04
<soren> I get three results.
<soren> different versions.
<Bilge> Oh, heh
<Bilge> One is 7:6.3.7.9.dfsg1-2ubuntu1
<Bilge> The other is 7:6.3.7.9.dfsg1-2ubuntu1.1
<Bilge> I'm not really sure how you'd target one specifically if you want to install it
<uvirtbot> New bug: #459664 in backuppc (main) "Backuppc errors restoring when it encounters filenames starting  ~$" [Low,Incomplete] https://launchpad.net/bugs/459664
<uvirtbot> New bug: #460692 in apache2 (main) "Missing dependency for apache2 init script" [Low,Incomplete] https://launchpad.net/bugs/460692
<_ruben> Bilge: apt-get install $packagename=$version
<uvirtbot> New bug: #459573 in bacula "variable expansion uses outdated data" [Medium,Triaged] https://launchpad.net/bugs/459573
<aubre> hmm - what would cause me all of a sudden to not be able to ssh into my instances?
<aubre> I did do a apt-get update, and apt-get dist-upgrade on all of my servers
<jsalisbury> aubre:  did your public IP address change?  This happened to me.  Try euca-describe-instances
<aubre> jsalisbury: well these are brand new instances
<aubre> jsalisbury: let me check something
<jsalisbury> aubre:  Ok.  I opened a bug for my issue: Bug# 455625
<aubre> jsalisbury: those were instances using the images from the UEC store
<aubre> jsalisbury: now I am trying one of my own
<aubre> jsalisbury: nope locked out of it too
<uvirtbot> New bug: #460294 in libvirt (main) "package libvirt-bin 0.6.1-0ubuntu5.1 failed to install/upgrade: subprocess post-installation script returned error exit status 1" [Low,Incomplete] https://launchpad.net/bugs/460294
<jsalisbury> aubre:  ahh, Ok.
<uvirtbot> New bug: #460271 in apparmor (universe) "virt-aa-helper fails when serial or console type is 'tcp'" [Undecided,New] https://launchpad.net/bugs/460271
<aubre> trying to do a new keypair
<soren> jdstrand: I took the liberty of assigning bug 460271 to you.
<uvirtbot> Launchpad bug 460271 in apparmor "virt-aa-helper fails when serial or console type is 'tcp'" [Undecided,New] https://launchpad.net/bugs/460271
<aubre> tried changing keypairs, that didn't work
<nijaba> Is someone taking care of bug #450044 which seems to be fixed upstream, but not in the version of euca2ools we deliver?
<uvirtbot> Launchpad bug 450044 in eucalyptus "euca-bundle-vol does not create essential tmpfs mounts when bundling Ubuntu images" [High,Fix committed] https://launchpad.net/bugs/450044
<zoopster> aubre: what are you seeing log or console wise?
<aubre> zoopster: console wise, when I do a ssh-i mykey.priv ubuntu@ipaddress I get Permission denied (publickey)
<uvirtbot> New bug: #458910 in libvirt (main) "try to disable ipv6 support than allready disabled on kernel option" [Low,Confirmed] https://launchpad.net/bugs/458910
<aubre> zoopster: I'm rebooting my front-end and will try again, I didn't think the dist-upgrade would have caused any problems but I am checking
<zoopster> aubre: *should* not have, but anything is possible.
<uvirtbot> New bug: #461077 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.37-1ubuntu5 failed to install/upgrade: subprocess new pre-installation script killed by signal (Broken pipe)" [Undecided,New] https://launchpad.net/bugs/461077
<uvirtbot> New bug: #459056 in vsftpd (main) "package vsftpd 2.2.0-1ubuntu1 failed to install/upgrade: il sottoprocesso vecchio script di post-installation ha restituito lo stato di errore 1" [Undecided,Invalid] https://launchpad.net/bugs/459056
<jsalisbury> aubre:  Did you take a look at your .ssh/know_hosts file?  Maybe there is an old entry conflicting with your new entry?
<aubre> no I cleared it out already
<jsalisbury> aubre:  Ok
<aubre> zoopster: jsalisbury : doesn't seem to be anything in the nc.log - what's the best log to look into for ssh-instance problems?
<jsalisbury> aubre:  I'm taking a look too, but I don't see anything logged about ssh logins in any of the /var/log/* or /var/log/eucalyptus/* files
<jsalisbury> aubre:  I'm running a apt-get dist-upgrade today too.  I'll let you know if it affects my existing instances.
<aubre> jsalisbury: thanks
<uvirtbot> New bug: #461090 in jline (main) "updates for karmic needed to get maven plugins building" [Medium,In progress] https://launchpad.net/bugs/461090
<jdstrand> soren: sure
<soren> jdstrand: Lovely, thanks.
<smoser> ttx, kirkland, one of you told me about euca-describe-availability-zones and i think impllied to me that the settings there are configurable
<smoser> do you know where/how ?
<ttx> in the web UI
<kirkland> smoser: you mean the density of systems per core?
<ttx> VmTypes thing
<kirkland> smoser: yeah, web ui
<smoser> ok, so if i hadn't previously logged into my admin UI
<smoser> how do i do that
<smoser> user/pass ?
<smoser> kirkland, ttx
<soren> mathiaz: Oh, thanks for the awesome write-up on https://bugs.edge.launchpad.net/ubuntu/+source/debian-installer/+bug/457767/comments/7   That is going to be really useful. Can you put it on a wiki somewhere (not urgent, just do it after release or something).
<uvirtbot> Launchpad bug 457767 in debian-installer "karmic: iSCSI root: boot hangs on starting iscsid" [High,Confirmed]
<mathiaz> soren: right - for 10.04 we should bundle gpxe - to have native iscsi support in the boot loader for kvm
<mathiaz> soren: I was wondering how/if I could just drop the new bootloader somewhere for kvm to use it (to avoid chainloading from pxe)
<soren> mathiaz: etherboot should have this as welll... Or so I thought.
<mathiaz> soren: etherboot is dead - it's now gpxe
<mathiaz> soren: AFAICT etherboot doesn't support native iSCSI
<soren> Oh, I may have chainloaded gpxe from etherboot when I tried it.
<soren> mathiaz: Yeah, it's been dying for years.
<soren> :)
<stas> Hi, any syadmins/network admins up?
<smoser> kirkland, ttx, bug 461156
<uvirtbot> Launchpad bug 461156 in eucalyptus "User data is not base64 decoded before being presented to the instance" [Undecided,New] https://launchpad.net/bugs/461156
<smoser> this is possibly quite serious if not user error
<stas> can anybody help me create a one nic nat connection for my home network
<smoser> ttx, kirkland can you verify sane-ness of this:
<smoser> $ cat /proc/partitions
<smoser> major minor  #blocks  name
<smoser>    8        0    2144256 sda
<smoser>    8        1    2097152 sda1
<smoser>    8        3      47071 sda3
<smoser> thats from a 'm1.small' instance
<smoser> there is *no* ephemeral storage
<uvirtbot> New bug: #461156 in eucalyptus (main) "User data is not base64 decoded before being presented to the instance" [Undecided,New] https://launchpad.net/bugs/461156
<elginix> hi all - have just been reading about the EC2 cloud images for 9.10 - am interested if anyone has been using ubuntu on the cloud in a production environment and what your experiences have been
<smoser> elginix, there are lots of users of it.  the http://groups.google.com/group/ec2ubuntu?pli=1 is probably the largest group of people.
<elginix> oooh tasty link :) thank you
<elyezer> email server what can I use? Postfix?
<alvin> elyezer: dovecot-postfix is a package that will give you a useful basic mailserver
<smoser> ttx, kirkland please, help, above^
<elyezer> alvin: thank you
<kirkland> smoser: okay
<smoser> my euca is seeing no ephermal storage
 * ttx read backlog
<smoser> i can't spell that word
<ttx> smoser: admin/admin
<smoser> already got that
<elyezer> alvin: If I'm in the desktop edition I need to add any repository?
<smoser> sorry, the other 2 things are 1.) please look at that bug 2.) i see no ephermal storage on my instances... which doesn't seem right.
<alvin> elyezer: no, just $ sudo apt-get install dovecot-postfix
<ttx> smoser: I think its normal to not have any ephemeral if your image is taking up all the space
<ttx> i.e. running a 2G image over a 2G allowance -> no space
<ttx> running a 2G image over a 4G allowance -> ~2G space
<smoser> oh... ewll that is much different. wow. ok.
<alvin> elyezer: it's in main
<smoser> i'll change settings then and test.
<smoser> ttx, so do you get a single partition with "all the additional space" ?
<ttx> smoser: I may have understood that concept wrong, but yes, that's how someone described it to me
<elyezer> alvin: E: Couldn't find package dovecot-postfix (I'm in Ubuntu 8.04)
<ttx> smoser: looking at the bug now
<alvin> elyezer: that explains. That package was new in 9.04
<ttx> aw. that sounds ugly
<alvin> elyezer: but no worries. You can install postfix and dovecot and configure them yourself.
<genii> Hm. Why can something like: script -c /bin/bash -q -a /var/log/$USER    work as a default shell on local console login but not ssh? ("openpty failed" etc)
<elyezer> thank you
<elyezer> alvin: great =D
<uvirtbot> New bug: #363620 in mysql-dfsg-5.0 (main) "Apparmor breaks Squeezecenter when upgrading from 8.10 to 9.04" [Undecided,New] https://launchpad.net/bugs/363620
<ttx> smoser: about bug 461156, I don't get how the SSH key thing works if that bug is real
<uvirtbot> Launchpad bug 461156 in eucalyptus "User data is not base64 decoded before being presented to the instance" [Undecided,New] https://launchpad.net/bugs/461156
<smoser> ssh key does not come over user-data
<ttx> ah
 * ttx fires up his UEC
<zoopster> stas: check out the ServerGuide and use UFW to do what you want
<mathiaz> hm - the ubuntu server domain thread on u-devel-discuss is *almost* reaching 100 messages
<smoser> ttx. i can verify it.
 * ttx should author some research on recurring threads
<uvirtbot> New bug: #236510 in bind9 (main) "default apparmor setting prevents bind from running under chroot" [Undecided,New] https://launchpad.net/bugs/236510
<alvin> For a bug report (bug 461133) I'm asked to run "$ sudo mountall --debug" and send it SIGUSR1. I've send that signal with htop, but the process does not end. What to do to give a useful output?
<uvirtbot> Launchpad bug 461133 in nfs-utils "karmic: nfs shares are not mounted at boot" [Undecided,New] https://launchpad.net/bugs/461133
<smoser> ttx, this is serious. soren please read that bug also. (bug 461156) and confirm with me that without a fix all user-data is hosed in UEC
<uvirtbot> Launchpad bug 461156 in eucalyptus "User data is not base64 decoded before being presented to the instance" [Critical,Confirmed] https://launchpad.net/bugs/461156
<soren> smoser: Yeah, that's pretty bad.
<alvin> What is the SIGUSR1 supposed to do?
<soren> alvin: For what?
<soren> alvin: Eucalyptus?
<alvin> No, "sudo mountall --debug"
<alvin> the mountall script runs, (without success), and hangs somewhere. I'm supposed to send it SIGUSR1, but nothing changes.
<ttx> smoser: could we fix it from inside, like detecting both formats ?
<alvin> I can create a log until SIGINT
<soren> alvin: It's supposed to let mountall know that all your network interfaces are up.
<smoser> ttx, arguably no
<ttx> smoser: I see what you mean
<alvin> soren: ow, they are. I'm running the script within ssh
<soren> alvin: I'm not saying they aren't.
<smoser> in the bug there, there would be no way that that data was not intended.
<soren> alvin: I'm just answering your question.
<alvin> soren: thx, in that case, I will give the output of the command with Ctrl+C at the end.
<smoser> ttx, you could, say, though "if i'm in eucalyptus, then the data is not correctly decoded, so i decode it now".
<smoser> the problem with that is a.) in theory we can't tell if we're in euca versus we're in ec2 (but we can, so that coudl be worked around) b.) that logic fails to work anymore if you fix euca
<ttx> mdz: ping
<soren> smoser: Is this massively different from the ephemeral storage thing?
<soren> smoser: In that case, you wanted to go around and detect stuff and just deal with it, so that either UEC or EC2 could change whatever they wanted and stuff would still work (I'm still curious of the details of that
<smoser> i think i can fix the storage without knowing "am i in euca or ec2"
<soren> )... In this case, why not just try to base64 decode it, and if that succeeds, go ahead and do with what your normally would have.
<smoser> i know you will say "good enough", but its not
<ttx> soren: that would screw up someone sending base64 encoded userdate, I guess
<ttx> userdata
<soren> ttx: Not really.
<smoser> because of the case, that in a fixed eucalyptus, the user provides you with base64 encoded data
<soren> ttx: If they're using it for something, they can still query it, and get the right stuff.
<soren> It's not like we're chaning anything in the meta-data service.
<smoser> which is then re-encoded, and decoded (correctly), resulting in encoded data that would correctly decode, but shouldn't
<ttx> smoser: yes, that was my point.
<soren> Right. This is just like you wanting to mount stuff that the user may not want mounted.
<stas> zoopster: thx, but that didn't help
<smoser> right. ttx. thats the case (possibly unlikely) that is impossible to detect
<zoopster> stas: where are you stuck?
<ttx> smoser: I think we need to parallelize efforts
<smoser> soren, yes, its obviously similar. i think there is enough data to correctly do mount.
<stas> zoopster: I got a pc and the gw, both can ping each other, but pc gets no nated
<smoser> ttx, the user data needs to be fixed in eucalyptus
<smoser> it affects *all* instances that run inside
<soren> Well..
<smoser> empheral storage argubably only affects ours
<smoser> ok, well, thats not true...
<soren> all instances that expect user-data passed from a file.
<smoser> or from the command line
<smoser> either way
<SyL> anybody getting this error when starting an instace?
<smoser> if they expect user data you're hosed
<soren> Virtually /every/ image will expect the ephemeral storage.
<SyL> err... nevermind
<ttx> smoser: no doubt it should be fixed inside eucalyptus
<smoser> soren, by default, you're hosed on that. in euca even "fixed"
<soren> smoser: That does not compute.
<smoser> because default setting is 2G "storage" for an instance. and our images are 2G. thus you get 2G /,and will have no filesystem mounted at /mnt
<smoser> if you do anything larger than 2G - ~600M populated root, operations to fill up /mnt you're done.
<smoser> but that fixable with config
<ttx> smoser: I think eucalyptus needs to work on a fix and we need to have an image-based workaround
<soren> smoser: I'm having trouble following you. I need more punctuation :)
<ttx> smoser: so that we can make the best choice
<zoopster> stas: if you do the steps outlined in the ufw Masquerading of the serverguide you will have a fully working nat - https://help.ubuntu.com/9.04/serverguide/C/firewall.html
<soren> smoser: The code to handle the automatic mounting thing... does that exist yet, or has it yet to be written?
<smoser> soren, if you fire up a UEC instance of m1.small with no configuration changes to your server, you will have 2 partitions '/' (/dev/sda1) and swap (/dev/sda3).  /dev/sda1 is 2G, and is /. we have ~ 600M on /.
<soren> Right, ok.
<smoser> if you change your configuration to make that 4G, then you'll end up with /dev/sda1 of / of 2G, the swap, and 2G /dev/sda2
<smoser> soren, yet to be written.
<soren> Ok.
<smoser> but i think fairly easy
<stas> zoopster: yes, thats the first page i got googleing, I followed the steps but still nothing
<soren> smoser: I would very much like to see it.
<elyezer> when using postfix and dovecot for each user@domain.com I need to create a new user??
<soren> And /dev/sda2 is the expected for i386 images, right?
<SyL> anybody getting this error when starting instances in eucalyptus.  [RemoteBootstrapperClient:SystemClockTimer]  ERROR java.nio.channels.UnresolvedAddressException
<soren> elyezer: Depends.
<ttx> smoser: so by parallelizing I mean we need to forward the issue upstream and we need to have a workaround ready, then make the best choice if/when both are available
<smoser> if /etc/fstab contains /dev/sdb && not exists /dev/sdb && exists /dev/sda2 && /dev/sda2 is ext2 filesystem, then modify /etc/fstab, replacing sdb with sda2
<smoser> only do the above on first boot.
<elyezer> soren: on what?
<smoser> ttx, i realized what you're saying.
<soren> elyezer: Well, first of all, is user@domain.com an alias?
<ttx> kirkland: could you take care of the "forward the issue to eucalyptus and pressure them for a minimal fix" part ?
<elyezer> soren: no
<soren> elyezer: Or should it have its own, separate mailbox?
<zoopster> stas: then you likely missed something...you'll need to do some troubleshooting to find where the issue is and then pose a more specific question
<ttx> smoser: it might be too late to change eucalyptus now, so we might switch in damage-control mode
<smoser> soren, does that logic above seem safe? (it does have to be modified to be arch specific on ec2)
<elyezer> soren: each will have its own mailbox
<uvirtbot> New bug: #352958 in ntp (main) "apparmor-messages in the syslog" [Low,Fix released] https://launchpad.net/bugs/352958
<soren> smoser: I don't know. Are we having "that type of discussion" or are we being reasonable?
<smoser> ttx, i understand. i just think that if we fix it in ec2-init we are 100% guaranteed to break *some use case* (even unlikely) if it is later fixed in eucalyptus
<elyezer> soren: if not an alias then I need to createa new user, isn't it?
<soren> elyezer: Then of course it requires a separate (mail) user.
<smoser> soren, which discussion
<stas> zoopster: I flushed my firewall and tried this http://www.linuxjournal.com/article/7175, still the same
<elyezer> soren: thank you very much
<stas> sysctls forwarding are ok
<smoser> for fstab please tell me where that logic would fail
<ttx> smoser: it may be the only option we have on the table. Better than leaving it the way it is
<smoser> in any type of discussion
<stas> zoopster: should that count if I'm running karmic desktop kernel?
<smoser> ttx, if it is the only option.  i think you can probably fix euca
<soren> smoser: I don't know. Maybe the user is monitoring the contents of /etc and doesn't like having it changed.
<smoser> we only change on "once per ami".
<soren> smoser: What do I know? I think it's perfectly reasonable, but not 100% bullet proof.. Just like I think it's perfectly reasonable to make expectations about names of devices attached to a Xen paravirt guest.
<smoser> i'll even allow you to say "only once ever"
<smoser> in that case, it will only ever happen in our official untouched images.
<soren> smoser: ...and images other people build with the same tools.
<uvirtbot> New bug: #461195 in mysql-dfsg-5.0 (main) "Allow mysql versions 5.0 and 5.1 to be installed at the same time" [Undecided,New] https://launchpad.net/bugs/461195
<smoser> soren, yes, possibly.
<smoser> so i'd be willing to even put a comment in the /etc/fstab that we use that says "this is going to possibly be modified"
<soren> smoser: I think it's perfectly reasonable. I just wanted to know if this was going to be "that sort of argument" again.
<smoser> and if that comment is not present, then not do it.
<smoser> soren, i am seriously interested in making it not break.
<smoser> in any case.
<soren> Then fix eucalyptus instead.
<smoser> i dont like software that works if you hold your mouth right.
<smoser> so, you're correct with your euca suggestion.
<soren> Maybe someone doesn't want the extra space mounted, and has been using amd64 images on Eucalyptus and has been quite happy that this extra space did not get mounted.
<soren> I don't know. In "that sort of argument" I didn't think it was necessary to have examples.
<uvirtbot> New bug: #253849 in whois (main) "whois returns an error when looking up info for "johngalt"" [Low,Incomplete] https://launchpad.net/bugs/253849
 * soren chuckles at that bug
<mdz> ttx, hi
<ttx> mdz: bug 461156
<uvirtbot> Launchpad bug 461156 in eucalyptus "User data is not base64 decoded before being presented to the instance" [Critical,Confirmed] https://launchpad.net/bugs/461156
<ttx> mdz: basically prevents userdata from workin in Eucalyptus in general
<mdz> ttx, ...
<ttx> mdz: do you think we can still fix it inside eucalyptus
<ttx> mdz: or should we prefer a broken workaround in ec2-init
<ttx> mdz: I was planning to parallelize both efforts
<ttx> mdz: and see how disruptive each is
<mdz> ttx, has it regressed or has it never worked?
<ttx> mdz: it has never worked.
<stas> zoopster: i'm getting this with tcpdump, ICMP time exceeded in-transit, any ideas?
<stas> this happens when i ping from pc
<ttx> soren: is the possibility to send a script through userdata something specific to our images ?
<TeLLuS> stas: http://en.wikipedia.org/wiki/ICMP_Time_Exceeded
<smoser> ttx, it is not.
<smoser> the alestic images do it.
<stas> TeLLuS: yeah, i got it, but why im getting ttl exceed?
<smoser> and it is not just "a script". it is all possible user data. customizing an instance via user data is *major* functionality in ec2
<TeLLuS> stas: Maybe a loop or routing error that cause the packet ttl to count down to 0
<ttx> mdz: so should we pursue both tracks in parallel or is one of them not a possibility anyway ?
<TeLLuS> stas: try traceroute
<mathiaz> kirkland: what's the importance for bug where the guest crashes (in qemu-kvm)? medium?
<mathiaz> kirkland: bug 458521
<uvirtbot> Launchpad bug 458521 in kvm "kvm crash when using virtio for network" [Medium,New] https://launchpad.net/bugs/458521
<kirkland> mathiaz: yes, medium
<kirkland> mathiaz: i just saw that one this weekend
<mathiaz> kirkland: and in this case the package should qemu-kvm instead of kvm?
<kirkland> mathiaz: yes
<kirkland> mathiaz: i changed it
<zul> mathiaz: i modified the report to do incomplete unconfirmed as well fyi
<mathiaz> zul: which report?
<zul> mathiaz: the incompleteconfirmed.py report
<zul> meh...doesnt work
<mathiaz> ttx: I'll have a look at reproducing bug 458904
<uvirtbot> Launchpad bug 458904 in eucalyptus "Adding nodes in several waves after launching VMs is not possible" [High,New] https://launchpad.net/bugs/458904
<ttx> mathiaz: cool, thx
<mathiaz> ttx: I may have access to enough hardware for it
<stas> TeLLuS: traceroute stops in gw, so the gw firewall is the problem
<ttx> kirkland: could you take care of the "forward the issue to eucalyptus and pressure them for a minimal fix" part ?
<kirkland> ttx: okay
<kirkland> ttx: assign the bug to me for now
<ttx> kirkland: I couldn't find where the metadata service is handled in the code
<kirkland> ttx: just make sure the bug is fully updated, and i'll take this up with nurmi
<kirkland> ttx: i'm looking at https://bugs.edge.launchpad.net/qemu/+bug/458521
<uvirtbot> Launchpad bug 458521 in qemu-kvm "kvm crash when using virtio for network" [Medium,Confirmed]
<kirkland> ttx: which i'm experiencing too, and has me concerned
<ttx> kirkland: keep in sync with mdz in case he discards one of the options
<kirkland> ttx: this will need to be fixed via SRU
 * soren calls it a day
<ttx> mdz, kirkland: we could fix it in eucalyptus in a post-release SRU, and document the missing userdata support
<fbc-mx> I need to install an UBUNTU server inbetween  by router and may lan to limit connects to certain IPs and to give internet to only certain machines, etc. What software could I load for this purpose? I already have an ebox setup running on a server and could stick another nic into it to serve this purpose as well.
<TeLLuS> stas: or after, but someone running runing the firewall could probably provide more information, I just added a similar thing to a firewall to stop 80.82.120.X from trying all passwords, I just added a routing loop for it
<heath|work> if I edit visudo do I need to restart for changes to take?
<fbc-mx> I've heard of some floppy based distros doing this kind of stuff, but I would like something highly recommended by the ubuntu community.
<KurtKraut> fbc-mx, you should try Squid and ufw (uncomplicated firewall)
<fbc-mx> KurtKraut, great, let em see if I could find some howto's.. thanks
<KurtKraut> fbc-mx, if you're doing this as a job, I suggest you to buy books about Squid and books about iptables (firewall)
<fbc-mx> KurtKraut, It's my dad's shop and we are just a small company of 15 or so. I just need something that I can keep certain machines off of internet and others with limited Instant messaging access.
<heath|work> oh cool sudo !!
<fbc-mx> KurtKraut, you block msn-messenger ip ranges, and crap like that for certain macs.
<simplexio> fbc-mx: iptables (firewall ,NAT ) is in linux kernel, Squid can do all kind stuff to net traffic (like proxy, deny some traffic based it content etc, i dont really know it). all other programs what you are speaking are pretty much user interfaces for iptables
<KurtKraut> fbc-mx, Squid and iptables (or an easier variant, ufw) will do the job. But as I said before, there are books that teach this stuff better than the howtos online.
<simplexio> fbc-mx: then all you need is smallest ubuntu installation and few iptables rules
<magnetic__> fbc-mx: if you already have eBox you can also use the firewall and proxy modules
<simplexio> and maybe add NAT configuration there with dhcp server to give clients ip addre based on nic MAC and build rules from there, possibilities are not endless but allmoust
<fbc-mx> simplexio, KurtKraut,  great... thanks.. I just found some great HOwto's specific to ubuntu on UFW.  KurtKraut, yes, I would like to download the ebooks on squid and ufw from that book publisher with the animals on the cover ( I can't remember their name)
<fbc-mx> magnetic__, yeah except that their documentation stinks, and can't find any information about what to do after I load the modules.
<simplexio> umm.. how about loading those modules and then checking is there some way to confgiure them
<simplexio> offcourse, dont do that on office hours. and first make somekind fallback plan if you dont get it to work, like backup systems and restore plan first
<simplexio> usually if something arent mentioned in docs, then writer has thoght that its trivial. which it usually isn't but its not that comlicated
<mdz> ttx, if it has never worked, it is not critical for 9.10
<mdz> kirkland, ^^
<nekro_> ttx: can you confirm if the patch from revno 942 fixes the userdata problem?
<nekro_> ttx: I just committed something.
<kirkland> mdz: okay, i have never tested it before
<simplexio> btw. why there is postgis 1.4 for postgresql 8.3 in 9.10 but not for postgresql 8.4. 8.3 is obsolete in 9.10
<ttx> kirkland: I'll move it to updates
<magnetic__> fbc-mx: there are new docs in http://doc.ebox-platform.com/
<heath|work> I need www-data to be able to sudo without a password to chown on some files
<heath|work> I have: www-data ALL=NOPASSWD: /bin/chown 1[0-9][0-9][0-9]\:1[0-9][0-9][0-9] /var/www/.*
<heath|work> in visudo, but it's still not working
<fbc-mx> magnetic__, cool, I'll check it out.
<heath|work> I'm attempting to test it with sudo -u www-data sudo chown 1001:1001 file.txt
<mdz> kirkland, ttx, so does that mean we can close the ec2-init task?
<ttx> mdz: yes, fixing it is not desirable if we fix it postrelease
<ttx> mdz: since the ec2-init fix introduces a bug for specific cases
<mdz> ttx, we only need to fix it in ec2-init OR eucalyptus, right?
<ttx> yes
<mdz> in which case I say we should fix it in eucalyptus
<kirkland> mdz: i agree -> eucalyptus is where the fix belongs
<ttx> mdz: i'l update the bug to reflect that, thanks for your inpit
<ttx> input even
<mdz> ttx, kirkland, please pass this upstream right away
<kirkland> mdz: i've already emailed and pinged nurmi
<ttx> and nekro_ just proposed a fix
<nekro_> ttx: yes, just committed it. please let me know if it works
<heath|work> my sudo issue: http://pastebin.com/d1b1a865d
<ttx> nekro_: I won't be able to test it before the end of my day, maybe kirkland will
<kirkland> nekro_: i'll gladly test it; however, i'm not able to run instances at the moment
<kirkland> ubuntu@cloud:~$ euca-run-instances -k mykey emi-E60E17EC -t c1.medium
<kirkland> FinishedVerify: Trying to allocate an address which is already pending: Address [cluster=canyonedge, instanceAddress=pending, instanceId=pending, name=192.168.1.30, pending=true, state=unallocated, userId=eucalyptus]
<ttx> kirkland: I added a release notes task
<TeTeT> how can I tell the frontend, specifically cc to bind to a specific network interface?
<Reepicheep> does anyone know what I have to do to increase the max open files?
<Reepicheep> I've added it to /etc/security/limits.conf and also make sure pam_limits.so is required in /etc/pam.d/common-session
<Reepicheep> but it doesn't seem to work
<heath|work> What group do you need to be in to be allowed to sudo?
<Reepicheep> I need dovecot to be able to open more files
<Reepicheep> in limits.conf I added a soft and hard limit with the * filter
<JanC> heath|work: 'admin' (you can see that in /etc/sudoers)
<heath|work> JanC: do you think it is safe to add www-data to the admin group?
<heath|work> I need to exec chown as www-data
<SyL> is the new ubuntu karmic beta give you a working eualyptus cloud?
<JanC> heath|work: why would you need to do that?
<anothernoob> hi ppl
<heath|work> JanC: so I can keep quotas accurate with uploaded files
<JanC> heath|work: why not sudo as your normal user?
<heath|work> I was trying to use php's own chown() function, but I may have to end up using exec() in which I could do that
<JanC> if your webserver needs to run a script that can run that as root, then configure sudo specifically to allow running that exact command and nothing else
<JanC> I mean, allow www-data to only run that command as root
<heath|work> that's what I have www-data ALL=NOPASSWD: /bin/chown
<JanC> I'd suggest you also limit the parameters  ;)
<JanC> and even the directories on which it's allowed to run  ;)
<JanC> there are some examples in man sudoers showing how to do that
<heath|work> Yeah I have it limited big time at this point
<smoser> kirkland, see my comment in bug 461156.
<uvirtbot> Launchpad bug 461156 in eucalyptus "User data is not base64 decoded before being presented to the instance" [Undecided,Fix committed] https://launchpad.net/bugs/461156
<kirkland> smoser: about base64 -d ?
<kirkland> smoser: that you confirmed that it's encoded twice?
<smoser> yeah, that euca-run-instances is the issue
<smoser> i'm looking at euca2ools, and i *htink* that you can just
<smoser> -	if user_data:
<smoser> -	    user_data = base64.urlsafe_b64encode(user_data)
<smoser> -        euca_conn = euca.make_connection()
<heath|work> JanC: here is the issue I am having
<kirkland> smoser: okay, i'm having serious issues with my production system
<heath|work> http://pastebin.com/d1b1a865d
<kirkland> smoser: i can't do anything until i fix that
<kirkland> smoser: this is why i'm dropping on/off irc
<kirkland> smoser: my production server is a hardy vm, which is crashing
<JanC> heath|work: according to your sudoers, you need to use something like /var/www/file.txt or /var/www/subdir/file.txt instead of file.txt  ;)
<heath|work> ahhh full path. I will try that tx
<uvirtbot> New bug: #461271 in nmap (main) "zenmap not installed to menus properly" [Undecided,New] https://launchpad.net/bugs/461271
<smoser> kirkland, i'm 99.3% sure that the fix is listed there in that bug. but it really does need to be fixed in euca2ools
<nekro_> smoser: so if the data were base64 encoded once, would it work?
<nekro_> smoser: I'm trying to figure out if it is an issue with eucalyptus or euca2ools
<ajtanus> ciao a tutti
<nekro_> smoser: or both
<ajtanus> hello
<ruben23> hi is it possible to used alias on ethernet card on my linux server, eth0, eth0:0
<ajtanus> my gps garmin edge705 doesn't run in ubuntu
<smoser> nekro_, read my final comment there.
<smoser> its a bug in euca2ools
<nekro_> smoser: and not in eucalyptus? in that case I need to revert the latest "fix" to eucalyptus.
<smoser> i can imagine that htis is a matter of boto now encoding user data for you when it didn't before
<nekro_> smoser: that is likely
<smoser> nekro_, correct. there is nothing wrong with eucalyptus . at least thats what i think.
<smoser> nekro_, your fix to euca likely breaks usage of euca and ec2tools
<smoser> ec2-api-tools
<garymc> [TK]D-Fender : sorry to bother you, i dont have my notes with me at home and I cant remeber the dial pattern you helped me with. It was something like x.T|xx.T etc can you remeber?
<smoser> unless you're checking for "is this double encoded".. but anyway you look at it, i'm fairly certain the fix is to remove 2 lines in euca-run-instances
<nekro_> smoser: it was added there because a user complained that user data was not being encoded but it could be an issue with an older boto
<smoser> nekro_, http://code.google.com/p/boto/source/browse/trunk/boto/ec2/connection.py?r=180
<smoser> "Forgot to Base64 encode the UserData
<smoser> parameter to RunInstances.  Fixes
<smoser> Issue-47."
<elyezer> can I use webmin in a production server?or It's a security issue
<elyezer> ?
<kees> I don't recommend webmin.
<nekro_> bug #461301
<uvirtbot> Launchpad bug 461301 in eucalyptus "euca-run-instances unnecessarily encodes user data" [Undecided,Fix committed] https://launchpad.net/bugs/461301
<ninjah> kees: What about ebox?
<kees> ninjah: I've heard it's better.  soren might know more, IIRC
<ninjah> kees: People told me to switch from webmin to ebox. I haven't tried it yet.
<uvirtbot> New bug: #461296 in samba (main) "package samba 2:3.3.2-1ubuntu3.2 failed to install/upgrade: post-installation script azpiprozesuak 1 errorea eman du irteeran" [Undecided,New] https://launchpad.net/bugs/461296
<qman__> webmin isn't supported by ubuntu because of what it does to the configuration files
<qman__> ebox is supported
<genii> It bugs me that the latest Linux Pro magazine has instructions for webmin install to Ubuntu
<genii> Oct issue, sorry, not Nov or Dec
<axisys> I just changed the eth0 to 100 full .. zince switch has no auto.. and it took the change per ethtool eth0.. i did that using the command
<axisys> ethtool -s eth0 speed 100 duplex full autoneg off
<axisys> how do I make the change so it survive the reboot ?
<garymc> If i have 2 web servers on the same outside IP I can only assign one of them to port 80, how do i get to the other from the outside too?
<Reepicheep> axisys: you may want to ad it to the rc.local file
<Reepicheep> garymc: connect to the port the other is listening on.. "http://server.domain.name:81" where 81 is the port number
<axisys> Reepicheep: i was wondering if i can add it to /etc/network/interface file
<Reepicheep> I'm not aware of a way to set it in the interface file.  But that doesn't mean that there isn't one
<Reepicheep> I know you can set stuff like MTU in the interface file. I just have never see speed & duplexing set there
<Reepicheep> I don't see anything in the interfaces man file either
<genii> You can use some post-up directive in the interfaces file to run whatever command you want, ethtool, whatever
<axisys> genii: sweet!
<axisys> genii: thanks
<genii> np
<axisys> genii: i was looking for the post-up dir .. should I just create it under /etc/network ?
<garymc> Reepicheep: so i assign port 81 to the other server?
<genii> axisys: directive, not directory. So in /etc/network/interfaces some stanza under eth0 for instance like:  post-up /somewhere/somecommand -options -to -that -command
<axisys> genii: sorry
<axisys> /usr/share/doc/ifupdown/examples/network-interfaces.gz is pretty helpful
<Reepicheep> garymc: you can assign it what ever port you choose.  you probably just don't want to put it on a standard port used by other services
<Reepicheep> and possibly above 1024 depending on what user starts the web server
<Reepicheep> I just pulled port 81 out of the air
<axisys> genii: do I need to mention the device w/ ethtool when doing post-up for the stanza of that interface?
<axisys> genii: post-up /usr/sbin/ethtool -s eth0 speed 100 duplex full autoneg off .. like this ?
<genii> axisys: Whatever command you normally run like earlier you put: ethtool -s eth0 speed 100 duplex full autoneg off                  is what you put again
<genii> (with full path however, like you had just above)
<axisys> up /usr/sbin/ethtool -s eth0 speed 100 duplex full autoneg off  .. seems to be right syntax.. i just found out there is no post-up.. up is what run the command .. there is only pre-up and post-down.. just an fyi
<garymc> ok i assigned port 81 to my other web server on the router firewall.
<garymc> I put ip addres in browser e.g. 81.234.567.888:81
<garymc> and I get nothing
<Reepicheep> garymc: make sure you also configure the web server on the host to listen on port 81 instead of the default port 80
<garymc> ahhh ok
<garymc> how do i do that?
<Reepicheep> and make sure that you have it allowed through the host based firewall if you have a firewall running
<Reepicheep> garymc: what web server are you using?
<garymc> apache
<Reepicheep> and what is the other web server on the same host?
<garymc> ??
<Reepicheep> the one that is already listening on port 80?
<garymc> no differnt machine
<garymc> its a seperate machine
<garymc> can i make it listen for both ports?
<garymc> 80 and 81?
<Reepicheep> you probably don't need to .. it just needs to be setup correctly in the router
<garymc> Well iforwaded port 81 in the routers firewall to the server I want to access
<garymc> but when i put ip addy:81 in browser it doesnt work
<Reepicheep> just set the port nat to forward some high port to port 80 on the second server..  how to do that is probably quite a bit off topic for this channel
<Reepicheep> it really depends on what nat router you have?
<garymc> Well ive done that already
<Reepicheep> and internally you will still connect to it via port 80 .. only externally with the PNAT work
<uvirtbot> New bug: #437004 in ntp (main) "ntpd crashed with SIGSEGV" [Low,Incomplete] https://launchpad.net/bugs/437004
<smoser> mdz, ttx, ping
<smoser> regarding bug 461156
<uvirtbot> Launchpad bug 461156 in eucalyptus "User data is not base64 decoded before being presented to the instance" [High,Invalid] https://launchpad.net/bugs/461156
<ttx> smoser: pong
<smoser> you follow that, ttx ?
<smoser> is it 100% unacceptable to fix this in 9.10 release by changing euca2ools ?
<smoser> i'll never say something is regression-potential free, but we've fairly clearly identified what is wrong here
<ttx> smoser: mdz said that if its not a regression it should be fixed in an early post-release update
<kirkland> smoser: you want me to teach you how to do an SRU?
<smoser> i dont know if its a regression or not.
<kirkland> smoser: we'll fix this in an update
<smoser> actually, i know that it is not
<kirkland> smoser: i'll show you how :-)
<kirkland> smoser: this fix does not *have* to be on the released CD
<smoser> euca2ools was not in jaunty, so it is not a regression.
<ttx> smoser: and it never worked in a previous kermic release either
<smoser> and ec2-api-tools in universe can be pointed at euca to work around.
<smoser> so the, the right answer is "fix in SRU in euca2ools package"
<smoser> ttx, are you around and able to test something for me ? on UEC ?
<ttx> around, but not able to test on UEC
<ttx> unless I shift to high prio mode :)
<smoser> ttx, ok. i will test on ec2 and on uec and likely have what i believe fairly safe fix for ec2-init for bug 458850
<uvirtbot> Launchpad bug 458850 in ec2-init "UEC images do not mount ephemeral disk on /mnt at boot" [High,In progress] https://launchpad.net/bugs/458850
<garymc> anyone know how I restart httpd?
<garymc> in the CLI?
<ttx> smoser: good. If there is anything I can test tomorrow morning let me know
<smoser> if all goes well, you would expect that i can get this sponsored, uploaded, built ?
<ttx> smoser: if reasonably sure keep the release team updated so that we get a daily image to validate ?
<smoser> ttx, ?
<ttx> smoser: yes
<smoser> k
<kirkland> smoser: i will help you get it sponsored and tested
<kirkland> smoser: in the reverse order, tested, then sponsored
<kirkland> smoser: i am reinstalling my UEC now
<smoser> kirkland, k
<kirkland> smoser: okay, first, let's get your fixed euca2ools pushed to your ppa
<kirkland> smoser: on the end of the version, add a ".1" iterator
<kirkland> 1.0+bzr20091007-0ubuntu1.1
<kirkland> smoser: and since you're going to send it to your ppa, add a ~ppa1 iterator to the end of that
<kirkland> 1.0+bzr20091007-0ubuntu1.1~ppa1
<smoser> kirkland, if its post release, not terribly worried about that right now.
<smoser> i need to get the other stuff tested and in
<kirkland> smoser: hmm, okay; we should prep that upload soon, though
<smoser> y
<smoser> yes
<kirkland> smoser: it shouldn't take but 5 minutes to upload it to your ppa
<kirkland> smoser: i'll pull from there, test it, and sponsor for you
<smoser> ok.
<mathiaz> smoser: is it normal that all UEC instances that I boot have the same hostname (172) ?
<mathiaz> smoser: same instances of the same EMI
<smoser> i see that here, mathiaz
<smoser> i believe that the dhcp server is telling the instance that that is its hostname
<mathiaz> smoser: I don't think so
<smoser> where do you think its coming from?
<mathiaz> smoser: on the CC /var/run/eucalyptus/net/euca-dhcp.conf
<mathiaz> smoser: there isn't anything related to hostname
<mathiaz> smoser: I'd guess ec2-init
<mathiaz> smoser: in /usr/share/pyshared/ec2init/__init__.py
<mathiaz> smoser: it comes from the metadata service
<mathiaz> smoser: I guess that UEC metadata service gives out D.D.D.D as the local-hostname
<mathiaz> smoser: whereas EC2 give a hostname like D-D-D-D.domain.name
<smoser> yeah, i see that.
<smoser> ec2:
<smoser> $ wget http://169.254.169.254/1.0/meta-data/hostname -q -O -; echo
<smoser> ip-10-242-63-240.ec2.internal
<smoser> uec:
<smoser> $ wget http://169.254.169.254/1.0/meta-data/hostname -q -O -; echo
<smoser> (no output)
<smoser> actually, the above should have been 'local-hostname'
<smoser> but still no output on uec
<smoser>     def get_hostname(self):
<smoser>         hostname = self.get_instance_metadata()['local-hostname']
<smoser>         hostname = hostname.split('.')[0]
<smoser>         return hostname
<mathiaz> smoser: well - may be boto is doing something
<mathiaz> smoser: because ec2-init should fail if the output was empty
<smoser> you're right.
<smoser> boto is returning the ip addr
<smoser> and get_hostname taking the first piece
<mathiaz> smoser: so I guess that's a bug in UEC metadata service
<smoser> kirkland, you wanted my ec2-init to ppa ?
<kirkland> where's the fix?  I thought it was in euca2ools?
<smoser> kirkland, bug 461156 is to be fixed post-release (SRU) in euca2ools.
<uvirtbot> Launchpad bug 461156 in eucalyptus "User data is not base64 decoded before being presented to the instance" [High,Invalid] https://launchpad.net/bugs/461156
<smoser> bug 458850 and bug 458576 are to be fixed pre-release (NOW) in ec2-init
<uvirtbot> Launchpad bug 458850 in ec2-init "UEC images do not mount ephemeral disk on /mnt at boot" [High,In progress] https://launchpad.net/bugs/458850
<uvirtbot> Launchpad bug 458576 in ec2-init "ec2: ssh public key fingerprint in console output does not match EC2 standards" [Low,In progress] https://launchpad.net/bugs/458576
<kirkland> smoser: ah, okay
<kirkland> smoser: i'll help you with both of those
<kirkland> smoser: okay, for 458576... can you attach the patch you want sponsored into that bug?
<mathiaz> kirkland: didn't we fix euca_find_cluster in the installer to use the ip published by avahi-publish?
<kirkland> mathiaz: yes
<mathiaz> kirkland: hm - bug 458904
<uvirtbot> Launchpad bug 458904 in eucalyptus "Adding nodes in several waves after launching VMs is not possible" [High,New] https://launchpad.net/bugs/458904
<smoser> kirkland, lets test that, along with bug 458850 fix
<uvirtbot> Launchpad bug 458850 in ec2-init "UEC images do not mount ephemeral disk on /mnt at boot" [High,In progress] https://launchpad.net/bugs/458850
<smoser> patch is http://paste.ubuntu.com/302282/
<mathiaz> kirkland: I've reproduced it and will update the description as it's clear what happens
<mathiaz> kirkland: but basically euca_find_cluster returns on of the public IP addresses
<kirkland> smoser: is that the suggested patch attached to the bug?
<kirkland> mathiaz: huh?
<smoser> kirkland, it fixes both
<mathiaz> kirkland: http://paste.ubuntu.com/302286/
<mathiaz> kirkland: this is the network configuration of the CC
<mathiaz> kirkland: euca_find_cluster in the installer return 192.168.222.12 as the ip of the CC
<kirkland> smoser: the patch in the pastebin ... could you please make sure that's the patch attached to the bug?
<kirkland> smoser: launchpad is authenticated; pastebin's are not
<kirkland> smoser: i will pull your patch from launchpad, not a pastebin
<smoser> ok. thats fine.
<mathiaz> kirkland: http://paste.ubuntu.com/302287/ - while avahi-publish publishes the correct IP address of the CC
<smoser> but i'm not saying you should uploda it at this point
<smoser> you should test it first.
<kirkland> smoser: right, i will test it first
<kirkland> mathiaz: do you have a fix in mind?
<kirkland> mathiaz: i'm juggling several other things at the moment, don't really have time to troubleshoot that right now
<mathiaz> kirkland: ok - I'll look into it
<kirkland> smoser: let's prepare both of those fixes in parallel
<kirkland> smoser: we'll upload the ec2init one first, for karmic
<kirkland> smoser: and prep the euca2ools one for -updates
<smoser> there isn't really a reason to wory about euca2ools right now
<smoser> is there?
<kirkland> smoser: but we can knock them both out now
<smoser> lets get ec2init fixed
<kirkland> smoser: i'm re-installing my UEC now
<jafo1> Hi all. I got a strange problem with ubuntu 8 lts and softraid. I got 3 raid1 partitions. If I set one disc as fail, at next reboot the rebuild process does'nt start automagically.. I need to start it by hand doing mdadm --manage --add...
<jafo1> any hint?
<jafo1> (I tweaked the initramfs-tools to let the system boot with degraded array as well)
<jafo1> I remember that it was a default to automagically rebuild degraded arrays on boot..I'm I wrong?
<jafo1> oopss.. I'm back..
<yann2> sorry for the bump: I am currently using ubuntu hardy with Puppet on quite a few servers, although it is from universe. I am thinking of moving to chef in a close future. What are Ubuntu plans regarding automated deployments and configuration, is one tool going to make it into main for 10.4?
<jafo1> I got a problem with mdadm softraid, I cant' get the md arrays automagically start rebuilding at boot time. I got a problem with 3 raid1 array on a hp sata server.. the rebuild starts only by hand with mdadm --manage --add.....
<jafo1> can I fix this?
<kirkland> yann2: -> mathiaz
<jafo1> I need that md arrays starts rebuild at boot time (and that the system boots with degraded arrays)
<uvirtbot> New bug: #461416 in postfix (main) "package postfix 2.6.5-3 failed to install/upgrade: Unterprozess installiertes post-installation-Skript gab den Fehlerwert 75 zur?ck" [Undecided,New] https://launchpad.net/bugs/461416
<mathiaz> yann2: puppet is in main starting from karmic
<fbc-mx> How can I make a USB startup from ubuntu-9.04-server-i386 image? I tried the USB Creator on ubuntu desktop, but I only get the BOOT: prompt
<yann2> thx kirkland , just thinking abuot moving from puppet to chef, but my choice might depend on ubuntus
<yann2> mathiaz, does puppetd still leak?
<mathiaz> yann2: I don't know - bug number?
<yann2> is in hardy so universe, didnt report it yet as not officially supported
<yann2> but have seen quite a few reports about this on channels and blogs
<yann2> (for more recent versions)
<yann2> using puppet right now, but that leak kind of cooled my ambitions :)
<yann2> mathiaz, just out of pure interest, why did you chose puppet over the other solutions? I am still undecided :)
<mathiaz> yann2: puppet has been around for much longer than chef
<mathiaz> yann2: the maintainance in debian is good (google is behind)
<yann2> ok that makes sense
<mathiaz> yann2: ubuntu users are more using puppet than chef
<yann2> is it safe to assume it will still be in main for 10.4 then? :)
<mathiaz> yann2: yes
<jafo1> no one experienced my problem?
<yann2> ok thanks a lot then ;) this is good news, such a software was definitely needed
<kirkland> smoser: reviewed your patch; code looks good
<smoser> but its bad
<kirkland> smoser: i'm downloading karmic-uec-amd64 now
<kirkland> smoser: sure, it's a hack
<smoser> just checked, i typoed slomething in copy
<smoser> so ssh patch doesn't work
<kirkland> smoser: i haven't tested it yet
<kirkland> smoser: you have an update coming?
<smoser> yes. attaching now.
<ahe> someone knows where the debian/ dir of vmbuilder moved?
<fbc-mx> any ideas on how to get ubuntu serer to install from a usb stick??
<jafo1> I need an mdadm expert..
<ScottK> fbc-mx: You should be able to use usb-creator to put the ISO stuff on a stick
<fbc-mx> ScottK, yeah, I did however all I get is a BOOT: prompt it doesn't go any further...
<ScottK> Dunno.  I've only done it on netbooks, so I can't say
<smoser> kirkland, update is attached.
<smoser> i've tested on 4 cases on uec
<kirkland> smoser: i'm still downloading the image
<smoser> k.
<Guest16233> is there a nice way to turn off ipv6 in ubuntu-server?
<kirkland> smoser: that diff is dirty
<kirkland> smoser: includes the previous diff too
<kirkland> http://launchpadlibrarian.net/34426991/fix.debdiff
<smoser> its a replacement
<smoser> identical except for 4 chars
<smoser> maybe 5
<smoser> 2>&1
<kirkland> smoser: scroll down
<kirkland> +++ ec2-init-0.4.999/fix.debdiff	2009-10-26 16:30:45.000000000 -0400
<smoser> oh. i see.
<jafo1> could be enough to update initramfstools to load raid1 module?
<jafo1> hey.. any md-raid expert here?
<smoser> kirkland, new version is attached there now.
<smoser> and i've tested this on ec2 anad uec.
<smoser> it functtions as i expect it to
<smoser> kirkland, i've got to step out for a while. if you can test that, please do.
<smoser> instructions for doing so are in the bug there.
<smoser> soren, zul your thoughts on patch attached to bug 458576 would be appreciated. i think its generally sane, and i've tested on ec2 and uec
<uvirtbot> Launchpad bug 458576 in ec2-init "ec2: ssh public key fingerprint in console output does not match EC2 standards" [Low,In progress] https://launchpad.net/bugs/458576
<smoser> that patch should fix bug 458850 and the bug its attached to.
<uvirtbot> Launchpad bug 458850 in ec2-init "UEC images do not mount ephemeral disk on /mnt at boot" [High,In progress] https://launchpad.net/bugs/458850
<smoser> i have  to step away for a while.
<smoser> kirkland, call cell if you need.
<kirkland> smoser: okay, i'm running the instance now
<kirkland> smoser: whoa, i just missed you
<Guest16233> is there a way to re generate the keys on the front end? all my pem files are empty
<nekro_> SyL: you can deregister clusters/SCs, walrus. stop the front end. then delete the pem files everywhere and delete euca.p12. restart the front end
<nekro_> SyL: and re-register everything
<smoser> kirkland, you still around ?
<kirkland> smoser: yessir
<SyL> nekro_: ok, trying it now
<kirkland> smoser: quick phone sync?
<smoser> sure
<kirkland> smoser: i want to knock this out, and knock off for the day
<SyL> nekro_: euca_conf --no-rsync --discover-nodes, just rsyncs keys to 127.0.0.1 for some reason
<nekro_> SyL: I don't know how that works. I'd try manually registering a node with euca_conf --register-nodes <ip>
<SyL> nekro_: ok, I'll try it again
<SyL> INFO: We expect all nodes to have eucalyptus installed in //var/lib/eucalyptus/keys for key synchronization.
<SyL> warning: //var/lib/eucalyptus/keys//node-cert.pem doesn't exists!
<SyL> yeah, again, the keys aren't being generated
<SyL> forget it, I'm just going to format it and reinstall again.
<SyL> this is geting old
<nekro_> SyL: perhaps you should stick with Jaunty or wait until the Karmic setup is stable.
<SyL> nekro_: Jaunty eucalyptus wasn't working for me either. I've gotten farther in karmic using euca 1.6 then 1.5
<SyL> 1.5 I got things launching, but couldn't get the network to work, and in 1.6, everything works most of the time.
<zzz2009> test:)
<uvirtbot> New bug: #461528 in libvirt (main) "apparmor blocks migration" [Medium,Triaged] https://launchpad.net/bugs/461528
<uvirtbot> New bug: #459093 in samba (main) "Broken encoding when listing services and their descriptions" [Low,Incomplete] https://launchpad.net/bugs/459093
#ubuntu-server 2009-10-27
<zzz2009> I am setting up a server, the system has 4 500Gb drives, I am thinking of setting them up as a raid 0 which should give me about 2Tb of disk.
<zzz2009> I was thinking of partioning: 100mB ext2 - /boot, 100Gb ext4 - /root, 100Gb ext4 - /var, 1Tb ext4 -/home
<zzz2009> Is his a reasonable setup, for a mail/samba/apache server?
<zzz2009> There are no local users.
<zzz2009> possible global shared space,
<debio264> I just installed slapd on Karmic and I have no idea what the admin password is
<debio264> dpkg-reconfigure slapd doesn't set it anymore, it would seem
<yann2> zzz2009, no, it is not :)
<debio264> so I'm not sure how I should procede
<yann2> with the raid0, the first disk failure would make you lose all your data
<yann2> use raid5 at least, raid10 if you care about performance
<zzz2009> OK, but it gives me the largest sapce + best speed
<zzz2009> sapce = space
<yann2> yes
<yann2> just be aware that you lose one disk, you lose everything, and disks tend to fail regularly ;)
<zzz2009> raid5 gives me about 500-600Mb which leaves me wondering
<yann2> ? no it will give you 1.5TB
<zzz2009> how soon an upgrade will be needed?
<yann2> why would you want 100GB for /root ?
<zzz2009> I am missing something, when I tried to setup a raid 5 I wound up with about 550Gb,
<yann2> with 4 disks in raid 5, you would lose one disk :)
<zzz2009> sorry /roo should be just /, I was typing what i was thinking not what i meant.
<zzz2009> /roo = /root , I need to learn to type
<yann2> the rest seems fine, just dont put it in raid 0 ;)
<yann2> I wouldnt use raid5 neither if the mailserver is going to be used a lot though
<yann2> depends on your usage I guess
<yann2> gotta go, good night!
<zzz2009> thanks yann2
<zzz2009> f not raid 5 what then
<yann2> raid10
<yann2> but you need hardware that supports it (not sure you can do a soft raid 10?) and you would have only 1TB all together
<qman__> you can do soft raid 10
<qman__> but raid 5 performs pretty well, only really high traffic servers will need more performance than that
<qman__> it depends entirely on the level of activity you expect
<qman__> number of users, number of emails, files on the samba share, etc...
<ninnypants> I had wemin 1.45 installed on my server using port 10000 and I unstalled it but when I try to install 1.49 it says that port 10000 is already in use why  is this?
<twb> RAID5 has better read and worse write speed than RAID10, I heard.
<twb> ninnypants: we don't support webmin here, sorry.
<twb> ninnypants: it would be reasonable to assume that something is already using that port.  ss or netstat will tell you what it is.
<JanC> if you want remote admin over HTTP for your site, install AjaxTerm behind SSL with server + client keys  ;-)
<twb> javascript isn't http, grumble
<twb> Do those web-based terminal emulators just do a normal socks5 tunnel over 443?
<twb> (Or whatever; I've yet to find a box that I couldn't do ssh/putty -oPort=443 twb@foo.edu from.
<twb> I'm forced to deploy webmin at work because of our retarded business model, where the customer pretends they can administer their own server.  AFAICT all they really need is a way to add and remove users, which could surely be done better by configuring libpam-ldap correctly or something.
<twb> They also make me install ubuntu-desktop on servers, because "they're used to Microsoft SBS, so we need a GUI on the server in case they connect a monitor to it"
<twb> So these boxes are sitting here starting mDNS and shit like that when they boot, sigh...
<ninnypants> twb: the feedback that net stat gives is udp        0      0 *:10000                 *:*                                 13040/perl
<JanC> twb: if you break things with something like AjaxTerm, at least you can be sure it's your own fault, webmin will do that without your help  ;)
<twb> ninnypants: which says that a perl process (PID 13040) is using it.
<twb> JanC: I *really* do not need to be convinced that webmin is utterly, utterly the wrong thing.
<twb> If you want a giggle, run lintian on the deb sometime
<twb> I think they manually build it with ar and tar
<JanC> twb: in reality, checkinstall probably...?
<twb> Shrug
<JanC> anyway, webmin breaks Debian/Ubuntu, so don't use it
<twb> webmin breaks other systems, too
<JanC> I have no experience with that  ;)
<twb> Are you a chef/puppet fan?  At one point, we considered writing a web UI for it, i.e. basically it looks like webmin, but it writes manifests.
<twb> But we didn't have the budget for it
<ninnypants> what is a good one to use then?
<twb> There are no good web administration tools
<twb> Officially Ubuntu recommends e-box, but I'm unimpressed with it
<ninnypants> is there a decent one that handles mysql?
<blak111> phpmyadmin?
<StrangeCharm> using the karmic server RC, after attempting an install with encrypted lvm (and an unencrypted /boot in a normal partition), grub tells me 'error: no such disk'. what have i done wrong?
<twb> "decent" and "mysql" don't belong in the same sentence
<twb> StrangeCharm: boot a live CD and reinstall grub
<twb> StrangeCharm: you can also ask #grub, but tell them you're using grub legacy (I assume 9.10 still doesn't use grub2).
<StrangeCharm> twb, is there a live environment on the server disk?
<StrangeCharm> actually, i seem to recall that 9.10 did use grub2
<twb> I think there is; issue "rescue" at the boot: prompt.
<twb> Personally I tend not to use d-i for rescue purposes.
<StrangeCharm> twb, looks like grub2 is default: http://www.ubuntu.com/getubuntu/releasenotes/910overview#GRUB%202%20by%20default
<twb> I have had the most luck with the CentOS 4 and 5 live CDs, since they have LVM and md RAID support pre-installed, as well as openssh-server (though it doesn't start by default).
<twb> OK, good to know.
<StrangeCharm> is there a command i can give grub to ask it to boot a cd, or should i just reboot?
<twb> You need to rebot
<twb> *reboot
<twb> Personally I am completely fed up with grub
<twb> Nowadays I deploy extlinux where I can
<StrangeCharm> what's extlinux got over grub?
<twb> StrangeCharm: it works in some md RAID failure modes that grub completely shits itself for
<twb> Because extlinux doesn't write an internal table of disks -- it just bootstraps the disk it booted from.
<twb> This is extremely useful when e.g. sda is dead and the BIOS "helpfully" renames sdb to sda, so that if the MBR on sdb tries to bootstrap (hd1), it will fail because there's only an (hd0) now.
<ScottK> 9.10 uses grub2 for new installs, but not upgrades.
<maxagaz> how to apt-delete the cache ?
<StrangeCharm> this si a fresh install
<StrangeCharm> *is
<StrangeCharm> twb, what's a command for installing grub2?
<smoser> kirkland, i put the euca2ools build up in my ppa now, but haven't tested it yet.
<ScottK> StrangeCharm: If it's a fresh install of karmic, you have grub2.
<StrangeCharm> ScottK, agreed, but it's not booting, so i want to make changes such that it will
<ScottK> Right, but that's nothing to do with installing
<StrangeCharm> ScottK, twb's instructions were to reinstall grub. do you recommend a different course of action?
<ScottK> I see. I missed that.
<ScottK> No, I don't have any specific recommendations as I haven't had to troublshoot it yet.
<zul> smoser: go to bed :)
<twb> StrangeCharm: you need to mount / and /boot (e.g. /mnt/target and /mnt/target/boot) and then say grub-install --root-directory /mnt/target
<twb> If you're lucky, grub-install will work
<twb> If not, you have to run grub by hand and piss about
<StrangeCharm> though, that is made difficult by the fact that / requires lvm and dm-crypt, which you've said are not installed
<paul_whipp> Is it sensible to use AWS/Ubuntu server to host websites?
<twb> StrangeCharm: you'd need to anna-install them or whatever, then
<twb> StrangeCharm: although d-i might be smart enough to do that on its own
<StrangeCharm> anna-install? d-i?
<twb> debian-installer (d-i) is the technology the Ubuntu server install CD is based on.
<twb> anna-install is d-i's equivalent of apt-get install.
<StrangeCharm> twb, i take it that you won't be able to give me info about fixing grub?
<twb> StrangeCharm: what more information do you need?
<StrangeCharm> well, i'm at a grub rescue prompt. i think i know why it isn't booting: it's looking at the wring disk. i want to tell it to load the grub config from the right disk, then try booting with that.
<twb> Ask #grub
<twb> I can't be arsed going through that now
<erichammond> paul_whipp: Yes, Ubuntu is an excellent choice for running web sites on AWS/EC2.
<erichammond> (or anywhere else for that matter)
<smoser> good night all.
<foo> hm, ubuntu desktop 8.10 is hanging during the load up screen. I'm trying to boot for disk. gah, *looks for newer disk*
<foo> hm, can't seem to find one
<foo> any tips?
<ScottK> foo: 8.10 or 9.10?
<foo> 8.10
<foo> it's older
<foo> I figured it'd still work, this is a p4 box
<foo> (and I don't have something newer lying around, apparently)
<JanC> you can download everything newer for free ;)
<foo> I know, it's time :)
<foo> but I might do that if I can't get this working
 * foo tries an auditor cd
<ScottK> foo: 8.10 is about your worst choice.  Use 8.04 (the LTS release) or 9.04.
<foo> auditor seems to be working
 * foo waits to run dd if=/dev/urandom of=/dev/hda
<foo> that will completely wipe the drive, I hope
<twb> Given a server with timezone data on it, how do I dump what *it* believes are the data for a particular timezone?
<twb> Ah, zdump.  Thanks, google and wiki.debian.org!
<edulacomadreja> hi everyone!, i need some help with heartbeat...
<edulacomadreja> the linux-ha channel is dead or something
<fahadsadah> Have an Ubuntu Server box, with remctl-client
<fahadsadah> This box already has Kerberos configured.
<fahadsadah> It does not have rDNS.
<fahadsadah> To fix this, it is in a VPN.
<fahadsadah> With the KDC.
<fahadsadah> Which has rDNS.
<fahadsadah> The KDCs VPN broke.
<fahadsadah> So, I added to /etc/hosts on the client box, kdc.ip.address.here kerberos
<fahadsadah> (so, basically, no rDNS for my box)
<fahadsadah> remctl: GSS-API error initializing context: Unspecified GSS failure.  Minor code may provide more information, Server not found in Kerberos database
<simplexio> fahadsadah: kerberos dosent know any server named "kerberos" , try edit hosts file and add full domain name
<simplexio> not that i know its the problem, its my best quess based on information given
<fahadsadah> The FQDN is in there too.
<fahadsadah> Also, server not found in Kerberos database usually refers to the KDC not finding a machine account for my box.
<fahadsadah> There is one, and I can successfully kinit/kadmin as it with /etc/krb5.keytab
<simplexio> so something changes between configurations, which caues that kerberos server dosent regonize client anymore
<fahadsadah> Thanks, I'll have to look into this further.
<kaushal> hi
<kaushal> I have questions about https://help.ubuntu.com/8.10/serverguide/C/samba-ldap.html
<kaushal> can i seek help here ?
<Lunar_Lamp> kaushal: it's probably best to just ask.
<Lunar_Lamp> (though I'll say straight away that I am far from an LDAP expert, so probably won't be able to  help you)
<kaushal> Lunar_Lamp: when i run smbldap-populate
<kaushal> i get http://paste.ubuntu.com/302630/
<kaushal> I have ldap server running on the same server as samba server
<kaushal> ldapsearch -x -H ldaps://localhost returns fine for me
<alvin> I can't find the link to the rss feeds that track changes in Hardy and Karmic. Is there anyone who has it?
<maxagaz> how to display the hardware spec of my server ?
<maxagaz> like the System Monitor tool in desktop ubuntu
<uvirtbot> New bug: #461746 in eucalyptus (main) "discover-nodes fails on scp'ing keys" [Undecided,New] https://launchpad.net/bugs/461746
<alvin> maxagaz: $ sudo lshw
<StrangeCharm> i think that grub is looking at the wrong disk to read its config (&c) from, from a live environment that can mount /boot, on the right disk, what changes should i make to get it to look at the right disk/partition?
<StrangeCharm> after a fresh install of the karmic RC, with several, distinct encrypted disks, i'm encountring a problem decrypting them at boot: when prompted for the passphrase for the disk that contains /, all goes well, but when prompted for the phrase for md0_crypt, the message "* Reloading /etc/samba/smb.conf smdb only" appears on the same line, before I am able to completely enter the phrase. why is this happenning? how can I stop i
<StrangeCharm> t?
<simplexio> i think you can still insert pass
<StrangeCharm> simplexio, typing the phrase afterwards seems to have no effect
<StrangeCharm> that is, the system does not move on, it just keeps waiting
<soren> ttx: bug 461829
<uvirtbot> Launchpad bug 461829 in eucalyptus "Disallowed command //usr/share/eucalyptus/populate_arp.pl" [Undecided,Triaged] https://launchpad.net/bugs/461829
<soren> ttx: Do you know the effect of that?
<soren> ttx: It's hard to set the importance when I don't understand the impact.
<soren> (Doing triage for stuff from today as well, since we're cutting it close enough w.r.t. the release)
<StrangeCharm> soren: are there a lot of bugs still being reported from the rc?
<soren> StrangeCharm: Sure.
<StrangeCharm> soren, would you say that the rc is gererally buggy, or bug-free?
<soren> StrangeCharm: Buggy. Just like every other piece of software ever released.
<soren> Ever.
<simplexio> StrangeCharm: try hit ctrl+c, maybe it gives you question again
<StrangeCharm> soren, i wasn't looking for an absolute statement. more: something relative, and useful
<simplexio> those encrypted installations are little exotic installs
<soren> StrangeCharm: I cannot give you anything relevant and useful in the form of a binary answer.
<soren> StrangeCharm: Sorry.
<soren> StrangeCharm: Some things are working quite well. Others not quite as well.
<simplexio> StrangeCharm: you can get aroud it using key file on all other crypted partition exept root partition, just but files on root behind pass
<soren> StrangeCharm: If I understood why you were asking, perhaps I could give a more useful response.
<simplexio> off course then dont forget root partition passphrase
<StrangeCharm> soren, what about the question stated thus: i am experiencing a problem. given my experience that ubuntu generally 'just works' should i expect that it's an actual bug, or that i'm doing something wrong?
<simplexio> karmic for somereason couldnt mount all my partition on upgrade, so i think there is some work to do
<soren> StrangeCharm: I don't know. What's the problem?
<StrangeCharm> simplexio, putting keyfiles on the root partition sounds great, it'd be much more convenient only to have to enter one phrase. how do i do that?
<simplexio> StrangeCharm: google "dmcrypt use keyfile" , i use passpharse only on home dir
<zul> heylo
<StrangeCharm> soren, at boot, for the second encrypted partition that's being mounted, after being prompted for the passphrase, another message comes up (related to smb) and i can't enter the passphrase
<soren> StrangeCharm: "Can't enter" how?
<uvirtbot> New bug: #461829 in eucalyptus (main) "Disallowed command //usr/share/eucalyptus/populate_arp.pl" [Undecided,Triaged] https://launchpad.net/bugs/461829
<StrangeCharm> soren, typing the phrase at that point hs no effect
<soren> StrangeCharm: Are you sure? Perhaps it just doesn't echo anything. Try typing your password and hitting return, ignoring the fact that there is no feedback.
<StrangeCharm> simplexio, are d-mcrypt keyfiles supported by the installer? i only recalled being able to choose 'passphrase' and 'random' for the key options.
<elyezer> when trying to send an email from another computer to my email (postfix) server I get this message: THIS SERVER IS TO BE USED WITH AUTHENTICATION (#5.7.1)> #SMTP#
<elyezer> in the return email with the error,what could be?
<StrangeCharm> soren, how long after that point should i wait for something to happen?
<elyezer> locally I can send and receive
<soren> StrangeCharm: Not long.
<soren> StrangeCharm: Wait a few seconds and see .
<StrangeCharm> soren, nothing happens for a few minutes
<soren> StrangeCharm: Then it's probably a bug.
<StrangeCharm> soren, where do i report it?
<simplexio> StrangeCharm: um.. you can do it by hand
<soren> StrangeCharm: Launchpad. Probably against cryptsetup.
<simplexio> StrangeCharm: lets see if i still have link to howto
<soren> StrangeCharm: https://bugs.edge.launchpad.net/ubuntu/+source/cryptsetup/+filebug
<soren> StrangeCharm: Oops, sorry.
<kwork> is it safe to restart udev ?
<soren> StrangeCharm: https://bugs.launchpad.net/ubuntu/+source/cryptsetup/+filebug
<kwork> udevd for some reason takes 100% of cpu
<kwork> i wonder is it safe to restart it from init ?
<simplexio> StrangeCharm: what mountpoints you have crypt ?
<simplexio> StrangeCharm: i have / and home on crypted partitions. so at start i just insert / pass, and then manually mount /home after it
<simplexio> so my setup isnt automatic, but it works
<StrangeCharm> simplexio, [ sawp, /, /tmp] on the disk i can enter the phrase for, [/var /var/log /var/mail and /home] on another disk, and [/data] on the disk on which i'm getting interrupted
<StrangeCharm> simplexio, well, you could automate it with a small script
<simplexio> StrangeCharm: i have 9.04, and it has "bug" that i dosent bring my raid5 setup up correctly so thats reason why i do it manually
<simplexio> there is probably some fix, but no time or intres to fix it
<simplexio>  
<StrangeCharm> simplexio, is the raid encrypted?
<simplexio> yep
<StrangeCharm> simplexio, which bit isn't getting mounted right?
 * soren lunches
<StrangeCharm> are any of the encryption methods in the installer suitable for automatic decryption based on keyfiles?
<uvirtbot> New bug: #460842 in samba (main) "package samba-common 2:3.3.2-1ubuntu3.2 failed to install/upgrade: subprocess post-installation script returned error exit status 1" [Medium,Confirmed] https://launchpad.net/bugs/460842
<StrangeCharm> is it possible to to move a mount point (like /var) to another disk, after intallation?
<sommer> morning
<bogeyd6> StrangeCharm yes it is
<bogeyd6> StrangeCharm https://help.ubuntu.com/community/MoveMountpointHowto
<StrangeCharm> how can i (indeed, can i) reconfigure an existing dm-crypt partition that is currently mounted with a passphrase, so that it is instead mounted with a keyfile?
<brewmaste> I'm setting up a high availability cluster with 2 load balancers (1 being a failover) and 2 webservers. How many or what type of SSL certs do I need to buy to let people connect with https?
<soren> kirkland: A while ago, you mentioned something in #ubuntu-devel about Richard Hughes had found a solution to "the encrypted-swap/hibernate" problem.. Do you have a bug reference for that? It sounds very interesting.
<kirkland> soren: yeah, on sec...
<soren> kirkland: Cool, thanks.
<kirkland> soren: I don't want to over sell this ....
<soren> too late :)
<kirkland> soren: he simply patched gnome *not* to offer to hibernate, if encrypted swap was detected
<kirkland> soren: http://bugs.freedesktop.org/show_bug.cgi?id=23196
<uvirtbot> Freedesktop bug 23196 in DeviceKit-power "Do not offer hibernate with encrypted swap" [Normal,Resolved: fixed]
<soren> Ahah.
<soren> did we merge that?
<kirkland> soren: not for karmic, i don't think, pitti thought it was a little too invasive
<kirkland> soren: we'll have it for lucid, of course
<kirkland> soren: and as far as the *real* problem goes, I think kees or jdstrand or mdeslaur might take a look at getting hibernate working with encrypted swap for lucid, perhaps
<kirkland> soren: i'm trying to lean on them about it, at least
<soren> kirkland: I'm not sure how that would work?
<kirkland> soren: there's a few propositions
<kirkland> soren: currently, we're randomly generating a swap key every boot (at least in the default enc swap setup, if you enc home)
<soren> kirkland: right.
<kirkland> soren: we could opportunistically wrap that random key when you login, in PAM
<kirkland> soren: and store the wrapped key in LUKS
<kirkland> soren: we could do that for at least a couple of users
<soren> I thought about that, but how would that work for resume?
<kirkland> soren: allowing any one of the valid, logged in users this boot to resume from hibernate
<kirkland> soren: we'd need to teach initramfs to obtain that password, and unwrap the LUKS contents
<kirkland> soren: there will necessarily be a password prompt on resume
<soren> kirkland: You don't know if there's anything to resume before you decrypt it, so you have to always ask for the passphrase..
<kirkland> soren: hmm, on cold boot?
<soren> Unless of course you store a bit on the root filesystem saying that there's stuff to be resumed.
<soren> kirkland: Yes.
<kirkland> soren: right, that's the presumption
<soren> Ok.
<foo> ubuntu server 7.04 is hanging on usbhid: v2.6:USB HID core driver, any ideas?
<foo> (during an install)
<soren> It doesn't have to be in the initramfs, though, but I see what you mean.
<kirkland> foo: 7.04?  really?
<foo> kirkland: yup
<soren> foo: Noone will care.
<kirkland> foo: not sure, but 7.04 has been unsupported for a few years now
<soren> foo: 7.04 went out of support almost a year ago.
<foo> I've been doing some googling and tried with parameter irqpoll but that didn't to help
<foo> oh
<soren> foo: Don't use 7.04.
<foo> err, I mean't 8.04
<foo> my bad
<soren> Ah.
<kirkland> soren: yeah, one of the key design goals is *not* to prompt for any password on boot
<foo> err, I mean 9.04
<kirkland> soren: push that auth all the way back to GDM (or PAM as the case is)
<foo> heh, wow... I think I even wrote it wrong on the CD
<foo> Any thoughts? Google-fu is failing me
<soren> kirkland: In a perfect world, we'd collect login credentials early enough to be able to use it for this, and then cache them and pass them to gdm.
<soren> kirkland: In that case, there'd be no problem prompting for the password.
<kirkland> soren: hmm, interesting
<soren> kirkland: We already ask users for their password. What we want to avoid is asking *twice*.
<soren> :)
<kirkland> soren: in the encrypted LVM setup you mean?
<soren> Yes.
<soren> It would require being able to fire up X with a login screen without a rw filesystem.
<soren> ...but that's hardly on-topic for this channel :9
<soren> ":)", even.
<kirkland> soren: heh, yeah
<kirkland> soren: well, solving the encrypted swap hibernation problem is something i hope gets fixed for lucid
<kirkland> soren: though i can't imagine i'll have time to work on it
<soren> kirkland: Nah.
<foo> gah, I can't seem to find anything helpful on google. it looks like others have been having this problem, though
<garymc> [TK]D-Fender : What format have the ring tones got to be in and how do i add them?
<soren> garymc: I'm going to guess you're in the wrong channel.
<garymc> yeah good guess . sorry
<soren> garymc: No worries.
<zul> soren: fyi i fixed the opennebuela ftbfs last night
<soren> zul: I saw. Thanks.
<foo> well, making progress. Now ubuntu server 9.04 is hanging during install on input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input1. this is shocking
<ttx> soren: about the populate_arp thing, I've no clue
<soren> ttx: I'll defer to nurmi for an analysis.
<soren> I guess he'll turn up in a few hours.
<soren> I'm not sure what to do with the importance right now, though.
<ttx> soren: by the way, duting triage day, you're supposed to triage bugs submitted yesterday, not necessarily the ones from today :)
<soren> 11:54:24 < soren> (Doing triage for stuff from today as well, since we're cutting it close enough w.r.t. the release)
<ttx> soren: cool, less work for me tomorrow :P
<soren> In return you get to answer questions from me today :)
<ttx> beh
<soren> kirkland: can you triage bug 455901, please?
<uvirtbot> Launchpad bug 455901 in kvm "guest with vcpus>1 hangs; >1 guest at a time, hangs one of them; hard hang -- must virsh destroy.  thanks." [Undecided,New] https://launchpad.net/bugs/455901
<soren> kirkland: You're in a better position than I to ask for better feedback and such.
<kirkland> soren: sure... can you move it over to qemu-kvm rather than kvm?
<kirkland> soren: i marked it low, since the easy workaround is to use =1 cpu
<kirkland> soren: and it's filed against jaunty/kvm-84; i suggest you ask them to test this against karmic/qemu-kvm-0.11
<soren> kirkland: Good call.
<kirkland> soren: i can do that, if you'd rather me do it
<soren> kirkland: Nah, I'll do it.
 * soren decides he needs gummy bears
<soren> ...and coffee.
<smoser> for anyone who didn't see amazon's announcement today, you can now get
<smoser> instance type with 34GB and one with 68GB of memory for $1.20 and $2.40 / hour
<kirkland> smoser: how many processors?
<kirkland> smoser: url?
<smoser> http://aws.typepad.com/aws/2009/10/two-new-ec2-instance-types-additional-memory.html
<smoser> 4 and 8 cpu
<smoser> but those are all fuzzy
<smoser> they're measured in "EC2 Compute Units"
<ttx> "Quadruple Extra Large", sounds like mcDonald advertising
<smoser> yeah.
<smoser> double secret probation
<smoser> http://alestic.com/2009/10/ec2-4xlarge
<smoser> thats erichammond's blog entry about it. he has /proc/cpuinfo for one of them.
<elijahwright> those instance types are totally yummy.  the relational database service isn't bad either.   definitely good for a lot of biz uses.
<smoser> yeah, the mysql is also cool.
<smoser> and price also went down for the other types.
<smoser> 8.5 cents per hour now for small
 * kirkland needs to update his ec2-cost scripts
<smoser> everything went down by 15%
<smoser> for linux
<ttx> smoser: is there an APi to query costs, so that kirkland doesn't need to update ec2-cost ?
<smoser> i dont think so, but dont know for sure.
<elijahwright> i'm pretty sure that there's not an API to calculate cost.
<elijahwright> [someone writing a REST service to *do* that would be kinda cool, though...]
<smoser> i think that rsync doesn't end up doing all that well with the compressed sparse tar files.
<smoser> in regard to
<smoser> rsync -aP uec-images.ubuntu.com::uec-images/karmic/20091027.1/karmic-uec-*.tar.gz .
<soren> smoser: How do you compress them?
<soren> smoser: "tar cvzSf" or some such?
<soren> gzip wants --rsyncable in order for the compressed data to be... well, rsyncable.
<soren> I don't know how to pass that from tar.
<smoser> soren, http://bazaar.launchpad.net/%7Eubuntu-on-ec2/vmbuilder/automated-ec2-builds/annotate/head%3A/build-ec2-image calls tar. passes --use-compress-program=gzip-rsyncable
<smoser> gzip-rsyncable is http://bazaar.launchpad.net/%7Eubuntu-on-ec2/vmbuilder/automated-ec2-builds/annotate/head%3A/gzip-rsyncable
<smoser> i think its just that the images are so dense. there is some speed up, but rsync for the amd64 just averaged 290.49kB/s for me.
<smoser> a lftp with pget would do as well or better than that on this link
<zul> Nafallo: ping!
<Nafallo> zul: pong
<soren> smoser: Hm... Interesting experiment:
<zul> Nafallo: which version of apache are you referring to for bug #460692
<uvirtbot> Launchpad bug 460692 in apache2 "Missing dependency for apache2 init script" [Low,Incomplete] https://launchpad.net/bugs/460692
<soren> smoser: Have you tried rsyncing the uncompressed image instead? Passing -z to rsync?
<smoser> no.
<Nafallo> zul: the server is running hardy, I checked that it still exist on karmic, so at least hardy to karmic I would assume :-/
<zul> Nafallo: thanks
<Nafallo> zul: does my "fix" seem sensible?
<smoser> ttx, your bug 461301 comments really stink. we'll have to look at that in more depth shortly.
<uvirtbot> Launchpad bug 461301 in eucalyptus "euca-run-instances unnecessarily encodes user data (dup-of: 461156)" [Undecided,Fix committed] https://launchpad.net/bugs/461301
<uvirtbot> Launchpad bug 461156 in euca2ools "User data is not base64 decoded before being presented to the instance" [High,In progress] https://launchpad.net/bugs/461156
<zul> Nafallo: yeah its probably easier to add the depends though ;)
<Nafallo> zul: sure, and it would also make me less happy because it's a lot more ugly.
<ttx> smoser: yes, there might be something fishy there
<zul> Nafallo: yeah I know it would make me less happy as well ill look at it again in lucid
<Nafallo> zul: oki
<zul> Nafallo: obvouilsy its not going to get fixed for karmic ;)
<Nafallo> zul: bah. coward ;-)
<zul> Nafallo: good for an sru though
<Nafallo> zul: want to keep track of that for me? :-)
<zul> Nafallo: oh I will dont worry
<Nafallo> awesome. thanks.
<uvirtbot> New bug: #461987 in antlr3 (main) "Enable testsuite (and fix resulting failures)" [Undecided,New] https://launchpad.net/bugs/461987
<uvirtbot> New bug: #462000 in libvirt (main) "apparmor disallows qemu+tcp:// connections" [Undecided,New] https://launchpad.net/bugs/462000
<uvirtbot> New bug: #447113 in mysql-dfsg-5.0 (main) "[jaunty] Mysql server -5.0 5.1.30really5.0.75-0ubuntu10.2 failed to install." [Low,Incomplete] https://launchpad.net/bugs/447113
<uvirtbot> New bug: #415676 in nis (main) "nis fails to start" [Low,Incomplete] https://launchpad.net/bugs/415676
<uvirtbot> New bug: #377216 in amavisd-new (universe) "amavisd-new fails to block viruses with backup scanner (clamscan)" [High,Triaged] https://launchpad.net/bugs/377216
<uvirtbot> New bug: #393647 in multipath-tools (main) "package kpartx 0.4.8-14ubuntu2 failed to install/upgrade: " [Low,Incomplete] https://launchpad.net/bugs/393647
<ttx> kirkland: did you have time to review the releasenote-potential euca bugs ?
<acalvo> hi
<acalvo> anyone could suggest a good ticketing system supported by ubuntu (and with LDAP, if possible)?
<acalvo> I've been looking at osTicket, and is quite simple but there is no support for ubuntu
 * soren calls it a day
<acalvo> oh, soren, hi
<ttx> zul: bug 449735
<uvirtbot> Launchpad bug 449735 in samba "[karmic] Long SMB share names invisible" [Medium,Triaged] https://launchpad.net/bugs/449735
<TeTeT> when starting the karmic image from UEC, it hangs waiting for /dev/sda2. see http://pastebin.ubuntu.com/302878/
<ttx> zul: could you verify that against your proposed 3.4.2 and forward upstream if you can reproduce ?
<kirkland> ttx: i did not have time to
<zul> ttx: sure
<TeTeT> any idea if that happens all the time or just in my cloud?
<TeTeT> soren + smoser ^
<ttx> kirkland: do you think you'll have more time today ?
<ttx> or should I handle them ?
<kirkland> ttx: probably better if you handle them.  i have a hard stop today
<kirkland> ttx: and i'm testing the uec images
<smoser> TeTeT, it will do that, yes.
<kirkland> ttx: i spent yesterday verifying smoser's fixes, and tracking down a kvm issue that will need to be sru'd
<smoser> you started with m1.small ?
<ttx> kirkland: ok -- we can add more tomorrow anyway
<TeTeT> smoser: yes, the default. Shall I use a different container?
<smoser> TeTeT, it shouldn't hang terribly long though, right ?
<TeTeT> smoser: well, for me it doesn't get out of this state at all
<TeTeT> smoser: last instance I terminated after 15 minutes. I can leave this running for some more time
<azteech> acalvo: in looking over osTicket summary, doesn't look like it matters what serverOS you are running. the only prerequisites are php mysql, and a server running apache. are you referring to there being no download for a ubuntu based server?
<smoser> TeTeT, hm... you see that in console-output i guess ?
<TeTeT> smoser: yes
<smoser> its related to https://bugs.launchpad.net/ubuntu/karmic/+source/ec2-init/+bug/458850
<uvirtbot> Launchpad bug 458850 in ec2-init "UEC images do not mount ephemeral disk on /mnt at boot" [High,Fix released]
<acalvo> azteech: when installing osTicket, you need to tweak some configurations to match ubuntu's base config
<acalvo> it's not a major problem
<smoser> TeTeT, can you euca-get-console-output $iid | pastebin ?
<acalvo> but I really like to install packages that are supported by ubuntu
<smoser> err.. pastebinit
<acalvo> so, every time there a bug fix a minor update, I can run apt-get upgrade and get rid of problems
<smoser> TeTeT, and is this 32 or 64 bit instance?
<TeTeT> smoser: 32 bit
<zul> ttx: i can reproduce it
<ttx> on 3.4.2 ?
<zul> yep
<smoser> so 32 bit c1.small, right?
<ttx> zul: i don't think that bug is upstream yet
<TeTeT> smoser: yes, though how do I see if it's a 32/64 bit image?
<ttx> zul: they have https://bugzilla.samba.org/show_bug.cgi?id=6829
<uvirtbot> bugzilla.samba.org bug 6829 in Client Tools "smbclient does not show special characters properly" [Blocker,Resolved: fixed]
<zul> ttx: creating a share called thisisreallyreallylongshare doesnt get displayed
<ttx> but that's about special chars in the share comment field
<zul> ttx: it will be in a couple of momments :)
<azteech> acalvo: understood. prefer that myself. but, from brief looking over the wiki and forum, there are others who are having to mod as well.
<smoser> TeTeT,$ euca-describe-images emi-247011C0
<smoser> IMAGE   emi-247011C0    i-20091027105900/karmic-uec-i386.img.manifest.xml      admin    available       public  i386    machine
<smoser>  
<ttx> zul: make sure it's clear from description that its a client issue
<zul> ttx: I will
<acalvo> azteech: I know, but since, I usually ask here for advice, and then make a choice
<ttx> if they consider 6829 critical for 3.4.3, I'm pretty sure yours should raise that game
<TeTeT> smoser: ok, so it's 64bit, sorry for the confusion. The get-console-output is still the same as in pastebin http://pastebin.ubuntu.com/302878/
<zul> ttx: can you link bug 6829 to the samba bug in launchpad that has the russian character one is not being displayed properly
<uvirtbot> Launchpad bug 6829 in sysvinit "halt and reboot should not be installed under the Hurd" [Unknown,Fix released] https://launchpad.net/bugs/6829
<ttx> zul sure
<zul> stupid uvirtbot trix are for kids
<smoser> TeTeT, can i see 'euca-describe-instances i-3B23075F' output
<smoser> and then 'euca-describe-availability-zones verbose' also
<TeTeT> smoser: http://pastebin.ubuntu.com/302881
<TeTeT> smoser: http://pastebin.ubuntu.com/302883
 * ttx adds "do not upgrade samba" to his LTS good resolutions
<smoser> TeTeT, what image is this ?
<smoser> i cannot reproduce it on the 20091027.1 build
<TeTeT> smoser: it comes from the UEC image store
<zul> ttx: samba bug 6852
<uvirtbot> Launchpad bug 6852 in mozilla "Mozilla eats bookmarks on ENOSPC" [Unknown,Fix released] https://launchpad.net/bugs/6852
 * zul kick launchpad
<TeTeT> smoser: Ubuntu 9.10 Release Candidate for i386 (argh) 20091022
<ttx> https://bugzilla.samba.org/show_bug.cgi?id=6852
<uvirtbot> bugzilla.samba.org bug 6852 in Client Tools "Shares with more than 12 characters in the share name are not being displayed." [Normal,New]
<zul> ttx: this would be a good situation to package a samba daily git tree in a ppa
<smoser> TeTeT, thank you. well, either way, i'd really appreciate it if i could see this not on RC, but on this current build.  there were changes to mountall, and other changes also that could definitely have fixed this.
<smoser> and i cannot reproduce with current "release candidate" :)
<TeTeT> smoser: ok, I can d/l the current build and try again. what's the original d/l url? cdimage.ubuntu.com?
<zul> smoser: i see the ssh keys in the console ;)
<smoser> TeTeT, http://uec-images.ubuntu.com/karmic/20091027.1/
<smoser> there are instructions on how to download and register with your cloud at
<smoser> http://testcases.qa.ubuntu.com/System/UECCloudImages
<smoser> zul, what tests are you running ?
<smoser> i'll avoid duplicate effort
<zul> smoser: i did the single test for ec2 us. im going to finish that off after lunch but we want duplicate effort
<smoser> i will do eu-west-1 region
<smoser> doing the 4 tests there (amd64,i386 / single,multiple)
<smoser> ttx, kirkland i've run the 20091027.1 on UEC, but i dont see any other results there. you guys running too ?
<ttx> smoser: I've competed both tsets
<ttx> tests
<ttx> http://iso.qa.ubuntu.com/qatracker/result/3357/342
<ttx> http://iso.qa.ubuntu.com/qatracker/result/3358/343
<smoser> ttx, apparently i cant read
<smoser> or reload or something
<smoser> thanks. i hadn't put my result on the amd64 and thought that i had, thus was expecting > 1
<smoser> (there are now 2 on both)
<zul> smoser: acked
<zul> ttx: ours is a dupe of 6829
<ttx> zul: interesting
<zul> yep
<ttx> zul: didn't look that way
<zul> ttx: volker said it *shrug*
<ttx> he knows better than we do.
<quikone> Is this the right place to ask server/networking questions?
<TeTeT> smoser: there's another problem in my UEC now, can't start any more instances.
<TeTeT> quikone: just ask
<smoser> TeTeT, well, based on your availability-zones verbose output (http://pastebin.ubuntu.com/302883) you can only run 2 instances at once
<TeTeT> smoser: I terminated all instances, it's a different problem. I haven't been able to reproduce it reliably, but I get timeouts from walrus when it happens
<quikone> I have removed network manager in favor of network administrator, since then I cannot access my websites locally or remotely.  Any ideas on how to resolve
<smoser> TeTeT, kirkland or ttx are probably more help with that.
<TeTeT> smoser: the instance is in pending all the time. Restarting the NC sometimes helps
<smoser> but please do make sure you're running the most recent stuff. i know that there were arbitrary (low) timeouts in some cases previously.
<TeTeT> smoser: I've updated everything, it's yesterdays image plus updates on the front end and NC
<Reepicheep> quikone: did you change IP addresses?
<quikone> Yes
<Reepicheep> have you restarted the web server?
<quikone> Not recently, although I have restarted networking
<Reepicheep> not reboot .. but just restart the web server (apache, lighttpd, ..)
<smoser> TeTeT, thank you.  ttx, kirkland, you have any thoughts on that problem?
<quikone> No Ihave not
<Reepicheep> it may be binded to the incorrect IP
<Reepicheep> also double check firewall rules if you set rules to the old IP address
<quikone> okay. I will restart.  just apace2?  Or more?
<Reepicheep> just apache should be fine
<quikone> This could be it;  (98)Address already in use: make_sock: could not bind to address 0.0.0.0:443
<quikone> no listening sockets available, shutting down
<Reepicheep> quikone: "netstat -tapn | grep LISTEN" will show you what is listening on what ports and by what processes
<quikone> I don't see apache2 listening anywhere??
<Reepicheep> quikone: make sure it's running.  Check the logs to make sure it isn't erroring on startup
<Reepicheep> like maybe it is trying to bond to the old IP which doesn't exist anymore
<quikone> That would be my guess, how do I get back to the config files
<ttx> smoser: no time sorry
<ttx> TeTeT: doesn't ring a bell
<TeTeT> ttx: it's fine. now the cloud stopped working completely. I'm calling it a day and see what tomorrow brings
<mathiaz> kirkland: hey - question about kvm - which files is used for the bios?
<ninjah> Is ebox worth using?
<mathiaz> kirkland: I'd like to replace the bios with one the gpxe version - so that I don't need to chainload the boot loader
<alvin> ninjah: eBox looks nice, but in my personal opinion, it is not finished yet. It's also very Windows-minded. (no NFS for example)
<ninjah> alvin: Hmm... I was a fan of webmin for some things. I was told to switch to ebox.
<alvin> ninjah: I never used webmin. I will probably test out eBox again in the future, but now, it just can't do the things I want.
<alvin> (like NFS, and ldap address book)
 * alvin is going home
<DrNick_> i'm not a fan of ebox
<DrNick_> i vaguely remember trying it, and it installing a whole bunch of junk with it.  i wouldn't say it is any better than webmin (which i dont find that amazing either :p)
<ninjah> DrNick_ I thought webmin was cool. Easy way to allow someone to configure a box if they don't know Linux
<DrNick_> yeah its not bad
<flagg0204> didnt care for ebox myself, nor webmin for that matter.  but it does have it place for allowing novices to work with some of the more complex elements of linux
<DrNick_> agreed
<jjohansen> smoser have you gotten a chance to do any testing on those EC2 test kernels yet?
<mrchrisadams> i appreciate the irony of asking this in a ubuntu server channel, but... what's GUI equivalent to fdisk/partman in stock ubuntu?
<ninjah> haha... Don't know if I've ever seen a GUI partition tool
<smoser> jjohansen, :-(
<smoser> sigh
<jjohansen> well we are all busy, its not like I have manage to get it uploaded to eu region either
<smoser> mrchrisadams, gparted ?
<mrchrisadams> smoser: I'm using ubuntu jaunty
<mrchrisadams> system > administration  > (should it be here?)
<smoser> mrchrisadams, maybe i'm missing something: http://packages.ubuntu.com/jaunty/gparted
<smoser> you might need to 'apt-get install gparted'
<smoser> i dont know where it'd show up. i'd just run it from command line.
<DrNick_> there is gparted yes, but that requires X11 installed.  you could try 'cfdisk' instead of strait 'fdisk' - it provides a menu driven interface - very easy in my experience
<jsalisbury> I performed an apt-get dist-upgrade to get to the RC.  Is there a way to force another upgrade even if I'm already at the RC?
<DrNick_> aside from that though, i normally use lvm for all my volume management, so most drives i stick in a server don't have a partition table as such
<jsalisbury> I want to see if this caused the issue specified in Bug #455625.  However as expected, re-running apt-get dist-upgrade says 0 packages to upgrade.
<uvirtbot> Launchpad bug 455625 in eucalyptus "Eucalyptus Loses Public IP Address" [Medium,Incomplete] https://launchpad.net/bugs/455625
<DrNick_> even with one disk, lvm makes sense
<smoser> mathiaz, zul better late than never, bzr pull lp:~smoser/+junk/ec2-test
<smoser> https://code.launchpad.net/~smoser/+junk/ec2-test
<kirkland> ScottK: ping
<bdmurray> zul: wrt bug 458637 should samba be able to access windows 7 shares?
<uvirtbot> Launchpad bug 458637 in samba "samba has many issues" [Low,Incomplete] https://launchpad.net/bugs/458637
<zul> bdmurray: it should
<bdmurray> zul: I've seen a couple of other reports regarding that specific issue.  Should I retitle that bug and make them dupes or do something else?
<zul> retitle the bug and make them dupes
<zul> we'll probably have to do an SRU for it
<acalvo> hi
<acalvo> anyone know how can I reset/recover the admin password of a LDAP tree (not the config tree though)
<acalvo> ?
<ahasenack> acalvo: you mean the password of the rootdn dn?
<acalvo> yes
<ahasenack> acalvo: just change it in slapd.conf or, if using slapd.d, in a file inside that directory (I don't remember which one, but shouldn't be hard to find)
<ahasenack> acalvo: it's the rootpw entry
<ahasenack> acalvo: but, if there is no rootpw entry, then it means that rootdn has an entry in the directory itself
<acalvo> mmm I'm gonna check it
<ahasenack> acalvo: and the password should be reset in that entry
<ahasenack> acalvo: I suppose you could add a rootpw temporarily in that case
<uvirtbot> New bug: #461907 in samba (main) "Ubuntu 9.10 won't connect to Windows 7 shared folders (dup-of: 458637)" [Undecided,New] https://launchpad.net/bugs/461907
<bventura_> anyone know how to enable mysql warning logging on ubuntu?  I've tried setting 'log-warnings = 2' in my.cnf and it does not seem to work
<uvirtbot> New bug: #462140 in eucalyptus (main) "maximum 61 "running" instances, others shutting down" [Undecided,New] https://launchpad.net/bugs/462140
<Coosh> Is there anyway to see who is logged onto a pptp vpn in ubuntu? (aparantly logwtmp is broken ?)
<uvirtbot> New bug: #462155 in php5 (main) "PEAR package installation silently fails" [Undecided,New] https://launchpad.net/bugs/462155
<uvirtbot> New bug: #462169 in samba (main) "nmbd dies " [Undecided,New] https://launchpad.net/bugs/462169
<quikone> Is there documentation somewhere to have multiple nics online and configured at the same time.  It seems that if one is up the other goes down.
<billybigrigger> hey all
<billybigrigger> anyone alive?
<uvirtbot> New bug: #462172 in samba (main) "samba "Too many files are currently in use."" [Undecided,New] https://launchpad.net/bugs/462172
<smoser> nekro_, ping regarding 461156
<nekro_> smoser: I am unable to reproduce the problem. Eucalyptus should handle safe as well as unsafe b64 encoding in the latest upstream.
<smoser> it absolutely reproduces with current karmic versions
<nekro_> smoser: I don't know what to tell you.
<smoser> you see the stack trace? it looks at least reasonable that it would fail there.
<smoser> in the code i'm looking at
<nekro_> smoser: yep. there was an issue at some point. Not sure which revno it was fixed in (a while ago so not sure why you see in with the latest karmic)
<smoser> where do i get upstream revision control from ?
<nekro_> smoser: lp:eucalyptus/1.6
<nagappan> hi cr3
<nagappan> cr3, I'm here :)
<cr3> can someone recommend documentation about running two dhcp servers on the same network? is it even possible without wrecking havok?
<cr3> nagappan: cool, now we wait for the gods to answer. I can be the virgin we offer as a sacrifice
<nagappan> cr3, :D
<_ruben> cr3: with which goal in mind? dhcpd supports clustering
<cr3> _ruben: personally, I'm just curious. nagappan has another use case where he would like one dhcp server to offer static addresses and another dynamic addresses
<smoser> kirkland, can you reproduce that bug ?  It is as easy as removing 2 lines in euca-run-instances, and then running: ec2-run-instances -k mykey --user-data " << FOO >" ${EMI}
<smoser> nekro_, note, that you have to have patch/fixed euca-run-instances to not double encode data
<_ruben> cr3 / nagappan : how would each dhcp server know whether or not to respond to a request?
<calzifer> hi, i'm trying to run xvfb with jdownloader on my homeserver without x, but how can i connect on the xvfb ?
<nagappan> _ruben, First DHCP server has to serve based on MAC address
<_ruben> and i dont see why you cant use a single dhcp server which hands out both static and dynamic leases (since that's what i do at work)
<guntbert> nagappan: don't use 2 dhcp servers if possible - they tend to get in each other's way
<nekro_> smoser: I see. yeah I had an older version installed. I can reproduce it now, thanks.
<nagappan> guntbert, okay
<nagappan> guntbert, cr3 suggested me to write static ip in /etc/network/interfaces, let me try that out, this is our test system in VMware, after a batch of test is completed, we do reimaging (using Clonezilla)
<nagappan> guntbert, I have set of scripts which run on each host, probably I can populate the data
<cr3> nagappan: just to make sure, if you hard code the static IP address in /etc/network/interfaces, you won't need the second dhcp server on the network, right?
<nagappan> cr3, we need it for reimaging by Clonezilla
<guntbert> nagappan: sorry, I didn't follow - just jumped on the sentence with two dhcp servers - and of course it is possible to have one server to disk out fixed addresses and random ones
<cr3> nagappan: so hard coding the static IP address might only solve one of your problems but, as suggested by guntbert, you probably shouldn't be running 2 dhcp servers. could you perhaps isolate both networks by vlan or something?
<smoser> you could run 2 dhcp servers on one network, but you just want to make sure that for every MAC that the one is going to answer on , the other is going to ignore
<qman__> yeah, things like clonezilla should generally be done on an isolated network
<smoser> and vice versa. otherwise you're asking for confusion.
<cr3> nagappan: if I may speculate, is the problem that you have one dhcp server managed by people outside your team and you need another dhcp server managed by your team for other purposes?
<nekro_> smoser: I have confirmed that euca-run-instances --user-data works against amazon. I am adding this as an upstream task to fix
<cr3> qman__: nagappan seems to have two nics per machine, so it should be feasible to isolate cloning to one physical network and the rest to the other more general network
<nagappan> cr3, sure
<smoser> nekro_, it is fairly high priority as a karmic-updates... user-data is generally broken without it
<nagappan> cr3, second dhcp server maintained by our techops team
<nagappan> cr3, fist dhcp server maintained by me, with Clonezilla setup
<cr3> nagappan: aha! so there's probably a lot of overhead to implementing smoser's approach where you'd have to ask the techops team to specifically ignore each mac address you intend to server statically from your own dhcp server
<smoser> i suspected that cr3 was correct.  it'd definitely be a pain to coordinate
<cr3> nagappan: instead, you're probably better off isolating both networks, just using vlans if you happen to have that luxury or physically otherwise. then, both dhcp servers will not conflict with each other
<smoser> i have done this before, but in a network where the "official" server only responded to known macs
<smoser> so my dhcp server was free to respond to known macs that the first didn't know about
<bventura_> anyone know how to enable mysql warning logging on ubuntu?  I've tried setting 'log-warnings = 2' in my.cnf and it does not seem to work
<nagappan> cr3, sure
<zul> mathiaz: do you have a suggestion for a fix for 462169?
<mathiaz> bug 462169
<uvirtbot> Launchpad bug 462169 in samba "nmbd dies " [High,Confirmed] https://launchpad.net/bugs/462169
<mathiaz> zul: nope - not really
<fbc-mx> What command would you use to tell ubuntu server to ping all the distros and use the closest one? Like the desktop does.
<_ruben> ping doesnt relate to download speed at all
<fbc-mx> _ruben, ok, then whatever wat the desktop determines it can I get the server version to?
<pmatulis> huh?
<fbc-mx> _ruben, ok then how to I get the server to use the closest distro is there some automated way of doing it like the desktop does?
<pmatulis> archive.ubuntu.com
<fbc-mx> exit
#ubuntu-server 2009-10-28
<uvirtbot> New bug: #452396 in samba "umount.cifs does not update /etc/mtab" [Undecided,Confirmed] https://launchpad.net/bugs/452396
<uvirtbot> New bug: #462317 in samba (main) "setup crashes" [Undecided,New] https://launchpad.net/bugs/462317
<Keke> hello all
<Keke> i have on problem
<Keke> this ubuntu server 9.0.4
<Keke> apparmor
<Keke> server problem
<Keke> hi
<Keke> ?
<Keke> bna uu?
<evon> would windows computers be able to access an ubuntu-based server?
<twb> evon: define `access'.
<twb> Ubuntu services typically use standard protocols like SSH, SMTP, HTTP, etc.  If Windows or a Windows application implements the same protocol, it'll be able to access the Ubuntu server's associated service.
<evon> Well here's what i want to do: I want to set up a server where windows computers can access the server remotely to use programs like word, outlook etc. and save their files
<twb> OK, so you want a file server.
<evon> twb: that's one of the things i want to do
<twb> Windows' preferred network filesystem is CIFS.  The Ubuntu service that provides CIFS is Samba.
<evon> twb: i would also like users to be able to run a desktop remotely that has all the programs they need
<twb> Note that CIFS isn't encrypted, so this is appropriate for a LAN but not exposure to the internet.
<twb> For a remote desktop, your only real option is VNC.
<evon> twb: please forgive me i am a serious server newb so you gotta speak for simply to me about this stuff
<evon> twb: for = very
<twb> Unix systems have a better protocol called X11, but the Windows clients for it aren't widespread.  Windows systems have a better protocol called RDP, but there's no RDP server available for Ubuntu.
<evon> i have no idea what those acronyms mean but I am assuming that you mean that I want be able to do what I want with an ubuntu-based server
<twb> evon: OK, I'm assuming you have Windows workstations and you're considering an Ubuntu server.  The server MUST provide file sharing and SHOULD provide a "remote desktop" to the Windows workstations.  Is that right?
<evon> twb: yes
<twb> evon: do you have political control of the Windows workstations?  That is, can you dictate what is installed on them?
<evon> twb: yes
<twb> evon: OK.  For file sharing, the only sensible option is to use Samba (a service) to provide CIFS (a protocol).
<twb> For remote desktops, you can use either VNC or X11.  Both require a client to be installed on the Windows workstations.
<evon> twb: to further clarify,  at my workplace I am able to use my office computer to access a remote desktop at the head office.  I can also access this desktop from any computer i choose. I would like to set up a similar system at my church but i am exploring the possibility of doing this with a linux-based server
<evon> ?
<foxbuntu> evon, I suggest looking into the Linux Terminal Server Project
<evon> foxubuntu: is that something that is experimental?
<foxbuntu> evon, not really, been around for sometime
<foxbuntu> evon, it really just depends what exactly you are trying to accomplish on what will be the best way to do it
<evon> foxubuntu: is there an irc channel for that project?
<foxbuntu> evon, #ltsp
<evon> foxubuntu: thanks
<twb> evon: LTSP will allow you to simply boot Linux on the workstations.
<twb> evon: it's a great idea if the workstations just need to do office documents and email
<twb> It's also a little more effort to set up, but once it's working there's less maintenance work.  And you don't need to buy Windows licenses.
<evon> twb: ok i c. so you're saying that if someone using a windows computers can boot a remote linux desktop?
<twb> evon: yes, most machines can just boot Linux off the network.
<twb> If you ask wikipedia about "thin clients", this is the technology that LTSP implements.
<evon> ok. would these workstations have issues printing over the network? i ask because of the typical compatibility issues linux distros have with printers
<twb> They might have problems until you configure the network.
<twb> If any linux system can print to your printer, then LTSP can be made to DTRT (do the right thing) wrt (with respect to) printing.
<evon> twb: but it would have to be a linux-compatible printer though right/
<evon> ?
<twb> Yeah, basically.
<twb> There are HCLs (hardware compatibility lists) that cover printing.
<twb> linuxprinting.org?
<evon> twb: yes i am aware of that site. It looks like i may have to go with a windows server
<twb> Is it an MFC printing?
<twb> If it's just talking PostScript and/or PCL, you'll probably be OK.
<evon> I don't even know what those things are ;-)
<twb> printing languages
<evon> ok. just goes to show how much of a newb i am
<twb> evon: don't worry about it
<evon> twb: ;-)
<twb> evon: but it ought to be cheap to boot a live CD and try to get printing working under Linux, which ought to tell you if it's gonna work.
<evon> twb: is it possible for someone using a windows workstation to boot linux remotely and then share files between the 2?
<twb> If you boot Linux over the network, depending on what you boot, it will be able to access files on the workstation's local disk.
<twb> Normally a thin client will just ignore any disks that are installed in a workstation.
<evon> twb: so couldn't i just use wine to install MS office in linux for people to use over the network? i have ms office 2007 installed on my linux system at home and it works fine
<twb> In principle you could.  Why would you want to?
<twb> Openoffice.org can read and write Microsoft Office documents.
<evon> because some of the staff in my church use macros that openoffice cannot run.  also i've found that openoffice has trouble opening .docx files
<twb> Fair enough.
<twb> I do not know how well Microsoft Office will work in wine.
<twb> (I don't actually use an office suite myself.)
<darkpixel> evon: I just joined, so I may have missed info on your network setup.  I have a client that runs a handful of linux desktops with OpenOffice.  When they run into something that requires Office 2007, I have a shortcut on the linux desktop that runs rdesktop in seamless mode and it connects out to a spare XP workstation and runs office apps.  Works well if you have a spare workstation or a windows server.
<evon> darkpixel: well what i'm trying to do is have people boot linux over a network from windows workstations
<evon> darkpixel: so i was thinking of just installing word2007 with wine
<evon> darkpixel: i don't think i'd want them to boot into a whole other desktop just to use office 2007
<ninnypants> I've created an user on my server and can ftp to the server but the users does not have permission to upload files into the folder what do I need to do to grant those permissions?
<evon> chmod
<evon> you need not chmod the folder to the correct permissions.
<ninnypants> ok that's what I thought would it just be chmod /home/user/ 755?  is that the correct syntax for the shell command?
<evon> i honestly don't know. I haven't been successful it setting my own up yet but I used this tuturial http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch15_:_Linux_FTP_Server_Setup
<evon> assuming you're using vftpd
<evon> ninnypants: i hope i was able to help. have a good night.
<darkpixel> evon: They don't have to boot in to a different OS, all you need is one windows server or a free windows desktop for a linux user to 'rdesktop' into.  The office app would actually be running on that remote windows workstation, but displaying it's output on the linux desktop.
<darkpixel> Oops.  Just a few minutes too late.
<nemik> hello. i just did an apt-get update then apt-get dist-upgrade on a hardy install. now SSH won't come up. this is a remote box
<nemik> aside from going out there, is there anything elsei should try? didn't think this kind of stuff would happen with an LTS release...
<twb> nemik: today you learn to be more careful with dist-upgrade?
<twb> If SSH isn't accepting your connection, and there's no other connection method (e.g. KVM over IP), then you can't get in.  You can call the monkey on site and have them type stuff, but other than that, you're gonna have to go out there.
<twb> (I don't know why a dist-upgrade would break ssh, FWIW.)
<nemik> twb: should i have just done regular upgrade instead?
<soren> nemik: Yeah, I haven't heard of this problem either.
<soren> nemik: Wouldn't have made a difference.
<twb> "aptitude safe-upgrade" and then (carefully) "aptitude full-upgrade".
<soren> dist-upgrade and upgrade are really not all that different.
<twb> full-upgrade corresponds to the old apt-get dist-upgrade.
<nemik> soren: i think it might have to do with my having a static IP and it reseting it to DHCP
<twb> By "carefully" I mean making sure that it e.g. doesn't resolve conflicts by purging ubuntu-desktop and gdm
<nemik> not just ssh not working, sorry. it doesn't respond at all
<soren> nemik: No Ubuntu package that I know of will change your network configuration.
<twb> soren: NetworkManager will, the little blighter
<nemik> soren: yea i thought so too...it's a server install though. no X or desktop or GDM
<twb> nemik: did you do the initial install using the server CD?
<soren> twb: I suppose it /might/, but not on upgrades.
<nemik> twb: yea. this has been working perfectly, with occasional upgrades, for almost 3 years
<twb> nemik: good, good
<nemik> first time it broke, damn update. whatever did it
<nemik> i'll see if just having someone reset solves it.
<nemik> thanks for the help guys.
<soren> Sure.
<xperia2> hello to all. i have registered a domain and want now to run different subdomains on my ubuntu server
<xperia2> as i know i need to install the bind9 server for resolving the domain name
<fahadsadah> Yes.
<xperia2> is here somebody why can give me some helpfull tips with setting up a bind 9 server on a ubuntu server
<xperia2> it looks like that the configuration of bind 9 is a litle difficult
<xperia2> what are the needed steps. does a good howto and step by step guide exist for this ?
<xperia2> some people here with experience how to setup such a thing ?
<fahadsadah> xperia2: bind9 is large.
<fahadsadah> Please consider using something that's less of a headache, like dnsmasq
<xperia2> well i have this running on my router
<xperia2> should i better use dnsmasq
<xperia2> for the domain in this case
<fahadsadah> If this is a router, definitely dnsmasq.
<fahadsadah> All Netgear and Linksys routers run that by default, anyway.
<fahadsadah> It just resolves upstream, or, from /etc/hosts
<xperia2> hmmm hear first this
<xperia2> are you sure this works also for people in the internet that call up my domain and the router will resolve this ?
<fahadsadah> xperia2: Yes.
<xperia2> great man !
<fahadsadah> That's not how it's designed, but it will work
<xperia2> thinked it would be much harder
<xperia2> but with your help now and some good howtos
<xperia2> it should be very easy i hope
<twb> fahadsadah: dnsmasq is useful for providing DNS to your local network, but I didn't think it was useful for telling the internet about your domain (i.e. for publishing A records).
<twb> I guess I have misread what xperia2 is trying to achieve.
<fahadsadah> twb: It's not designed to tell the internet about your domain.
<fahadsadah> But it can.
<twb> fahadsadah: have you any notes on this?
<twb> I'm interested, at least, because I use dnsmasq extensively for my thin client networks.
<fahadsadah> On a boxed router (Netgear, Linksys, DLink are the best for this), forward UDP 53 to the router itself.
<fahadsadah> Telnet in, and edit /etc/hosts
<fahadsadah> (it's usually volatile, though - resets on reboot)
<twb> Uh, "forward UDP 53 to itself" means what, in iptables terms?
<twb> I am not dealing with a crappy vendor OS -- my routers run Debian or Ubuntu
<twb> Do you mean an -i <internet iface> -d 53 -j DNAT --to 127.0.0.1 or something?
<twb> It sounds rather like you're advocating just making dnsmasq bind to the internet iface in addition to lo and the LAN iface.  But I think the information you want to publish to the internet is quite different from what you would publish to the local network.
<xperia2> twb: if i understand right fahadsadah he tell as first to open the port 53 on the router
<xperia2> as this port normaly is closed by the nat
<fahadsadah> xperia2: Yes, but twb is right. You want it forwarded to the router itself.
<twb> fahadsadah: why?
<xperia2> on my tomato firmware i can easy open ports and forward them to the server
<fahadsadah> twb: Demonstration purposes.
<twb> fahadsadah: instead of dnatting onto the lo interface, why wouldn't you just tell dnsmasq to bind to eth+ ?
<fahadsadah> I'm assuming you want to do this from the web if.
<fahadsadah> Obviously, your way is better.
<twb> OK, as long as the wacky workaround you're using is understood to be a workaround and not, you know, sensible :-)
<xperia2> so the first step is open port 53 and forward them to 127.0.0.1 ?
<fahadsadah> xperia2: No, this is just for demo purposes.
<fahadsadah> What twb said is better.
<fahadsadah> Much better.
<fahadsadah> Anyway, I wouldn't recommend having a router as a DNS server.
<xperia2> why that. whats wrong with this solution
<xperia2> think its best beside the slow speed maybe
<xperia2> okay i willnow ssh in to my tomato router and execute "iptables -i <internet iface> -d 53 -j DNAT --to 127.0.0.1"
<xperia2> whats next ? do i need to change some config files that handle my domain ?
<twb> I'm out.
<xperia2> bye twb !
<xperia2> twb: whats <internet iface>
<xperia2> is this the wan ?
<TeTeT> soren: hi there, are there euca2ools that are known good to operate with UEC 1.6 available on Hardy?
<soren> TeTeT: You're asking if Euca2ools have been backported to Hardy? Not that I know of.
<TeTeT> soren: yes, that was the question. That's too bad, so we have to go with ec2 tools
<soren> TeTeT: They're not packaged for Hardy either.
<soren> TeTeT: ...as far as I know.
<TeTeT> soren: ok, thanks for the quick response!
<soren> TeTeT: Sure.
<soren> TeTeT: When do you need this?
<soren> TeTeT: We may be able to conjure up a backport.
<TeTeT> soren: for the deploying UEC course in the virtual environment
<TeTeT> soren: the virtual environment uses hardy virtual machines for students access
<soren> When?
<TeTeT> soren: the class is in December. I'm preparing the images right now - it is not urgent
<soren> We can easily build a euca2ools package before then.
<soren> ...for hardy.
<TeTeT> soren: excellent, when might it be ready? Mid of November before UDS?
<soren> TeTeT: I can't make any promises.
<soren> TeTeT: Talk to either ttx or mdz about it.
<TeTeT> soren: ok, thanks
<TeTeT> soren: I'll postpone that after release, when things are less tight
<mdz> TeTeT, appreciated
 * ttx runs the UEC/i386 tests
 * soren takes a break
<uvirtbot> New bug: #462545 in bacula (universe) "bacula did not load" [Undecided,New] https://launchpad.net/bugs/462545
 * soren lunches
<elyezer> I'm using postfix, how can I create a user (for the system too) to receive email but can't login via ssh?
<lamont`> elyezer: adduser --disabled-login, prolly some other flags too
<lamont`> or make the shell /bin/false, if you want to give him a password to authenticate for IMAP access
<elyezer> lamont`: I think that I'll create a group to permit in ssh access
<elyezer> lamont`: the bin/false could be good too, I need the password to login in the pop access
<\sh> elyezer, take a look at http://workaround.org/ispmail so you don't need system accounts for imap/pop mail users
<elyezer> \sh: thanks
<alex88> hi all..i want to set dhcp only for a specified interface, how can do it?
<\sh> sudo vi /etc/default/dhcp3-server -> INTERFACES="<your interface name>"
<\sh> restart dhcp
<\sh> or do you mean dhcp client?
<alex88> \sh: no i mean server..i'll try thanks..
<alex88> \sh: if i start openvpn server, with no dhcp settings in the openvps config, can i just run dhcp server on tap0 right?
<\sh> alex88, sry...no clue about such a setup
<alex88> ok thanks anyway
<\sh> alex88, but the doc on openvpn.org has something
<\sh> http://openvpn.net/index.php/open-source/documentation/install.html?start=1 -> search for "Notes -- Setting TAP-Win32 address/subnet automatically via DHCP"
<alex88> watching it
<zul> morning
<elyezer> when sending email using SMTP, to require that the user authenticate I need to use SASL configuration in postfix?
<alex88> elyezer: i've  use sasl and it's working..look at ubuntu server documentation..it's all explained
<ttx> kirkland: on the test tracker you reported bug 452556 against the Node installer test. I think you rather encountered it during the UEC Instance Run test... could you please move the bug over there ?
<uvirtbot> Launchpad bug 452556 in eucalyptus "euca-authorize default failing" [Medium,Confirmed] https://launchpad.net/bugs/452556
<elyezer> alex88: thank you
<zul> ttx: im going to dup the broken encoding bug
<ttx> zul: if you do, keep the one with the biggest impact ?
<zul> ttx: yep
<ttx> and update title to reflect both symptoms
<zul> ttx: one more thing for samba I think we might want to include this fix: https://bugzilla.samba.org/show_bug.cgi?id=6680 otherwise the users will have to use a registry hack
<uvirtbot> bugzilla.samba.org bug 6680 in Winbind "Authentication failure from Windows 7 when domain joined." [Critical,Resolved: fixed]
<ttx> yes
<zul> k
<zul> i added that last night to the one I was testing ;)
<zul> ttx: ill open a bug in launchpad for that as well
<aubre> when's the earliest I can download the Karmic server iso?
<zul> you can download the dalies now
<aubre> is the one here the final version?
<aubre> http://cdimage.ubuntu.com/ubuntu-server/daily/current/
<zul> aubre: almost
<aubre> zul: ty
<aubre> aubre: I want to do a reinstall but I think I will wait for the official cds
<ScottK> aubre: Odds are you can download that now and once the official ones are announced, you'll already have it.
<aubre> ScottK: ty
<alvin> What package needs to be installed on a virtual guest (kvm) if you want to shutdown the guest from virtual-manager or virsh?
<alvin> aubre: You can download today and rsync tomorrow: https://help.ubuntu.com/community/RsyncCdImage
<zul> ttx: can you do me a favor can you set the priority and set to it to triaged for me https://bugs.edge.launchpad.net/ubuntu/+source/samba/+bug/462626
<uvirtbot> Launchpad bug 462626 in samba "[karmic] Authentication failure from Windows 7 when domain joined." [Undecided,New]
<ttx> zul: sure
<atomic_1> this is a bit off but, anyone know of a email2fax app/service ?
<atomic_1> apt-cache came up with courier-faxmail with those keywords
<atomic_1> but i dont think that's what im looking for
<atomic_1> allright, hylafax
<uvirtbot> New bug: #462626 in samba "[SRU] [karmic] Authentication failure from Windows 7 when domain joined." [Medium,Triaged] https://launchpad.net/bugs/462626
<aubre> alvin: tyvm!
 * nijaba hugs soren for what seems to be a great vm-builder day
<soren> nijaba: I realised how much it was bringing me down that every time I look at that list, it's full of "stuff", so I'm cleaning house :)
<soren> nijaba: Sorry about all the bugmail :)
<nijaba> soren: no, I actually appreciate it, really.
<soren> nijaba: :)
<alvin> After the Debian Import freeze, a package was added to Debian (libsys-virt-perl, to manage libvirt from perl). Do I have to wait for Lucid, or can an import be requested?
<ScottK> alvin: The archive is frozen for release, you have to wait.  Once it's in Lucid, you can request a backport.
<ScottK> !backports | alvin
<ubottu> alvin: If new updated Ubuntu packages are built for an application, then they may go into Ubuntu Backports. See https://help.ubuntu.com/community/UbuntuBackports - See also !packaging
<alvin> ScottK: aha, good. Worth a try.
<uvirtbot> New bug: #313575 in vmbuilder "VMBuilder/vm.py crash on an alpha char in numeric constant" [Undecided,Fix committed] https://launchpad.net/bugs/313575
<smoser> can someone verify... i've downloaded some daily build isos
<smoser> tomorrow will i be able to rsync those with official releases ?
<smoser> (if there were changes)
<uvirtbot> New bug: #360010 in vm-builder (universe) "vmbuilder crashed with NameError in deploy() (dup-of: 352568)" [Undecided,New] https://launchpad.net/bugs/360010
<soren> Is mod_rewrite working ok for anyone in Karmic?
<soren> And by "ok" I mean "at all".
 * soren thinks he knows what's going on.
 * soren pauses for dinner
<alex88> i've installed vsftpd following ubuntu guide, and after succesfully connected it timeout after LIST command..any help?
<KillMeNow> did you uncomment the vsftp_chroot.list line?
<alex88> let me check
<alex88> chroot_list_enable? no
<alex88> it's commented
<alex88> but chroot_local_user=YES so every user logged is chrooted
<KillMeNow> ok
<alex88> right?
<KillMeNow> IIRC they run hand in hand
<KillMeNow> i have my users chrooted and i have the chroot list enabled
<KillMeNow> what it means is that those IN the list are NOT chrooted
<KillMeNow> but the list needs to exist
<alex88> ok, so just enable all and touch the list file?
<KillMeNow> yep
<KillMeNow> also when logged in try the ls command
<alex88> i'll try
<KillMeNow> the list file should be in /etc/
<KillMeNow> but you could drop it anywhere IIRC
<alex88> same thing..not working
<alex88> this is irc client log
<alex88> http://pastebin.com/m5eb5e178
<alex88> and disabling chroot it gives me on PWD->257 "/home/alex88/" and that's my home folder
<alex88> mmhhh..with active ftp mode it's working
<KillMeNow> yep
<alex88> are there no problems to use active connection right?
<KillMeNow> i wouldn't think so
<KillMeNow> i'm looking at my configuration right now
<alex88> but all clients uses for default passive. damn
<KillMeNow> are you going through a firewall?
<alex88> yes
<KillMeNow> are you behind the firewall?
<KillMeNow> so your testing is going through the firewall or no?
<alex88> i'm behind nat..so no public ip..
<alex88> and the remote machine has ufw
<KillMeNow> yea, so you're not on the same network segment as the FTP box
<KillMeNow> try to FTP from command line on the FTP server to localhost
<KillMeNow> it's either the firewall that is borking things up or your NAT that is
<KillMeNow> gotta run to a meeting
<KillMeNow> back later
<alex88> ok it's working from localhost
<alex88> btw, thanks for your help
<alex88> i'll use active connection, no problem for me
<alex88> have a nice day
<jpiche> for services like apache2, what is the correct method of disabling them from starting on boot, since update-rc.d isn't for upstart?
<uvirtbot> New bug: #462749 in vsftpd (main) "vsftpd-2.2.0 (currently in karmic) is affected by pasv_address regression" [Undecided,New] https://launchpad.net/bugs/462749
<nijaba> mathiaz: updated the last sentence of the release note text as follow on bug #458904: "More detailed steps can be found in the Node installation part of the UEC Package Install tutorial, https://help.ubuntu.com/community/UEC/NodeInstallation." as kirkland has very thoughtfully split PackageInstall in multiple modular documents.
<uvirtbot> Launchpad bug 458904 in ubuntu-release-notes "When installing a node, euca_find_cluster fails to locate the cluster controller if instances are running" [Medium,Fix committed] https://launchpad.net/bugs/458904
<mathiaz> nijaba: hm - though about that as well.
<lenios> jpiche, from what i know, you should search for a SXXapache2 in /etc/rc*.d/ and delete it
<mathiaz> nijaba: when I pointed mdz to the specific NodeInstallation wiki page, he replied that the instructions were not complete
<nijaba> mathiaz: ah? sorry, will revert in that case.
<mathiaz> nijaba: since you still had to register the node afterwards
<mathiaz> nijaba: which I think makes sense from a workflow perspective
<mathiaz> nijaba: that being said the NodeInstallation wiki page could actually be updated to point to the next step in the process
<nijaba> mathiaz: hmm. It appears that LP did not take my changes anyway...  so, nm
<mathiaz> nijaba: that's why I refered to step 3 in the tutorial rather than the specific wiki page - just to keep things in context
<nijaba> mathiaz: yes, makes sense.  Let's leave it like that then.
<mathiaz> zul: does bug 449735 only apply to smbclient?
<uvirtbot> Launchpad bug 449735 in samba "[SRU] [karmic] Long SMB share names invisible and corrupts encodings" [High,Triaged] https://launchpad.net/bugs/449735
<zul> mathiaz: I believe so
<mathiaz> zul: or does it also apply to nautilus (via gvfs)?
<zul> mathiaz: I havent tested with nautlius
<zul> mathiaz: lemme test it out and ill get back to you
<mathiaz> zul: the patch attached to the bug lists changes in libsmb
<mathiaz> zul: so it may affect other things than just smbclient
<jpiche> lenios: okay, i'll try that
<lenios> jpiche, "update-rc.d -f apache2 remove" should do it though
<jpiche> lenios, i actually just noticed that
<jpiche> lenios, yup, that worked, thx
<zul> mathiaz: it should affect gvfs but I cant say for certain
<mathiaz> smoser: what's the state of bug 461156?
<uvirtbot> Launchpad bug 461156 in euca2ools "User data is not parsed correctly by Eucalyptus in some cases" [High,In progress] https://launchpad.net/bugs/461156
<mathiaz> smoser: do you have idea of what needs to be added to the release notes?
<smoser> i was just writing it
<smoser> what do you tihnk about:
<smoser> When an instance accesses its user-data in the Eucalyptus meta data service, it will be base64 encoded.  In order to use this data, the consumer will have to decode the data.  This can be done with 'base64 -d'.
<smoser> Because of this bug, ec2-init is unable make use of user-data.
<smoser> mathiaz, ^^
<mathiaz> smoser: here are some guidelines I'm using for writing release notes:
<mathiaz> smoser: 13:51 <mathiaz> you need to provide a title, and then an exaplanation of the symptoms the end user will see, a workaround/how to fix things, and bug number for reference
<mathiaz> smoser: so I'd start first by stating what the end user will see as bug
<bdmurray> mathiaz: is that supposed to be a bug number in the description of bug 449735?
<uvirtbot> Launchpad bug 449735 in ubuntu-release-notes "[SRU] [karmic] Long SMB share names invisible and corrupts encodings" [Undecided,Fix committed] https://launchpad.net/bugs/449735
<mathiaz> bdmurray: yes - apparently I got it wrong
<mathiaz> bdmurray: I'll update the bug description
<bdmurray> mathiaz: cool, thanks
<smoser> mathiaz, where did that '13:51' message come from?
<mathiaz> bdmurray: right - it seemed wired to me that we already had passed the 500 000 reported bugs in LP
<mathiaz> smoser: it's from my irssi
<bdmurray> mathiaz: quite
<smoser> what channel
<mathiaz> smoser: I was talking with kirkland about this and I've just cut-pasted the log
<mathiaz> smoser: it was a PM
<smoser> ok. was just wondering so i could see the rest of it. but thats fine.
<smoser> as you said "guidelines" i wasnted to see the others
<mathiaz> smoser: see https://bugs.launchpad.net/ubuntu-release-notes/+bug/458904 for an example
<uvirtbot> Launchpad bug 458904 in ubuntu-release-notes "When installing a node, euca_find_cluster fails to locate the cluster controller if instances are running" [Medium,Fix committed]
<mathiaz> smoser: 13:52 <mathiaz> I've put the release note directly in the bug description so that we don't have to scroll down in the comments to  find the actual release note
<mathiaz> smoser: 13:52 <mathiaz> once it's ready for inclusion in the release note wiki page, mark the bug as fix committed for the ubuntu-release-note project
<uvirtbot> New bug: #410328 in ec2-api-tools (multiverse) "ec2-api-tools commands require JAVA_HOME to be set" [Undecided,Fix released] https://launchpad.net/bugs/410328
<pmatulis> i would like to immunize a process from the oom-killer.  how do i set the value of /proc/PID/oom_adj ?
<erichammond> smoser: Do you have code which updates the Amazon AMI pages from source data files like http://bazaar.launchpad.net/~smoser/ubuntu-on-ec2/ami-pages/files ?
<smoser> no. but you're more than welcome to write such a thing. wouldn't that be nice?
<smoser> thats the last manual thing
<erichammond> I've been dreaming about it for a couple years.
<erichammond> Mine would be in Perl and you probably want one in Python.
<smoser> i have nothing against perl. programs that work are nice.
<erichammond> I've also talked off and on with the folks at http://thecloudmarket.com/ that there should be some API or common data format which lets AMI publishers list some of the complexities of the relationships of images, especially identifying the most recent in a series.
<erichammond> And proposed similar things to AWS.
<erichammond> Are people still stuck on XML these days for structured data or is there any room for YAML?
<erichammond> We've been using YAML quite a bit and happily, but don't know if it's just our corner of the world.
<ScottK> Debian uses it a lot
<ScottK> Python yaml bindings are by far the highest popcon stuff I've packaged for Debian.
<erichammond> I assume popular programming languages would support it.
<ScottK> I know there are python/perl/java bindings.
<ScottK> Probably others too.
<erichammond> cool, thanks.
<smoser> erichammond, could you take a quick look at https://wiki.ubuntu.com/UEC/Images/NamingConvention in regard to 'removal policy' ?
<smoser> i've got to get to writing that, we're flooding amazon with -testing- at the moment.
<erichammond> smoser: looking
<erichammond> - marker files in S3 => Could also use SimpleDB for easier searching.  SimpleDB is often used to store meta data about S3 objects
<erichammond> - rolling removal of "testing" is fine.  you might also reserve the right to delete any testing image which is seriously broken just to save people headaches.
<smoser> erichammond, i've not used it.
<smoser> not used simpledb.  i think i'll just use the s3 marker files.  i'm just thinking about putting a file named .manifest.xml.unpublished
<erichammond> - might want to explicitly state that non-testing images are *never* removed except in emergencies (completely broken, huge security hole discovered right after release, etc.)
<smoser> then i can just do a list of that bucket for *.unpublished
<erichammond> Yep, simple architectures which store related data close to each other are nice.  I was thinking that you would end up with hundreds of thousands of S3 keys, but this would only relate to the testing bucket which is going to be small.
<erichammond> I wrote a simple CLI to SimpleDB which is handy for setting and getting simple values: http://amazon-simpledb-cli.googlecode.com/svn/trunk/bin/simpledb
<erichammond> or: http://code.google.com/p/amazon-simpledb-cli/
<soren> erichammond: A lot of stuff is moving to json rather than yaml.
<erichammond> smoser: The docs seem to be missing a removal policy for "alpha", "beta", and "rc" images
<smoser> erichammond, i'll explicity put that there, but the plan is for anything in  milestone to stay indefinitely
<erichammond> soren: Yep, I've seen more JSON for communicating data between systems.
<smoser> both json and yaml have issues with unicode and such (i could be wrong)
<erichammond> soren: For the purpose of defining and documenting AMIs I thought it would also be nice to be human readable which YAML is.
<smoser> the reason that xml is big and unwieldy is that it is full featured. those things often go together.
<soren> smoser: Sadly, yes.
<poningru> indeed
<smoser> you really can't suggest something that isn't unicode friendly to be used for descriptions of things.
<erichammond> smoser: agreed
<smoser> it would be nice if ascii were all you needed, though. :)
<soren> "# YAML streams are encoded using the set of printable Unicode characters, either in UTF-8 or UTF-16"
<soren> From wikipedia.
<erichammond> soren: yay
<soren> JSON's basic types are:
<smoser> i'm happy to be wrong there.
<soren> # String (double-quoted Unicode with backslash escaping)
<soren> Likewise from Wikipeida.
<soren> Wikipedia, even.
<erichammond> So how does the HTML blob for Amazon's AMI fit in to YAML?
<erichammond> er, Amazon's AMI pages
<erichammond> URI pointing to a file or web location?
<smoser> i dont follow
<erichammond> I'm just not a YAML expert.
<erichammond> Perhaps YAML has some sort of CDATA type thing which lets you specify large blobs of arbitrary stuff.
<erichammond> soren: I'm basically hoping that "we" or "they" can come up with a good way to define stuff like http://bazaar.launchpad.net/~smoser/ubuntu-on-ec2/ami-pages/files
<erichammond> so that it can be imported and exported to various platforms for letting people find the right AMIs for their purposes.
<soren> erichammond: There's a long Debian history of doing stuff in rfc822 format.
<moonpup> can anyone tell me the corroect owner/group on dns zone files? should it be named/named
<Metapeter4> Hi all. I need to make a folder-structure for a webserver, what characters are ok to use for naming files and folders?
<slicslak> hey everyone, which should i use, nbsmtp or ssmtp?
<_0verlord> With ksplice installed should I be using dist-updgrade to install new kernels?
<_0verlord> Metapeter4: I don't know if there are any characters that you can't use the % substitution for
<soren> Metapeter4: Depends on how much hassle you're willing to accept.
<soren> Metapeter4: If "none" go with plain ASCII.
<_0verlord> Metapeter4: sticking with just alphanumeric plus - and _ usually works well
<soren> Metapeter4: Or perhaps only the letter "a". :)
<Metapeter4> i see. I only know that underscore and dash plus alphanumeric characters are save for webserver-use... thought someone is aware if the numbersign is safe to use.
<soren> "the numbersign"?
<soren> #?
<Metapeter4> http://www.fileformat.info/info/unicode/char/0023/index.htm
<Metapeter4> yes
<soren> It depends.
<soren> # in a url refers to an anchor on the given page, so it needs to be escaped. If you ever expect a human to enter a URL with a # in it, you're probably going to wind up with confused users.
<_0verlord> Metapeter4: why do you feel the need to use extra stuff, particularly characters that have special url uses already?
<Metapeter4> i would feel comfortable to make a folder structure with certain prefixes for better structure
<_0verlord> Just make an extra directory level for organization
<Metapeter4> thanks, ok, nevermind.
<_0verlord> :P
<_0verlord> So yeah, ksplice - should I still grab the kernel updates with dist-upgrade or not?
<jevangelo> hey, how do i just install ubuntu security updates
<_0verlord> jevangelo: I think by commenting out everything but the security repos in your apt sources list
<jevangelo> ok, just didn't know if it was some kind of apt-get switch
<jevangelo> thanks
<_0verlord> There very well might be, but that was the first idea that came to my head
<_0verlord> Or did you mean that you want to have access to all repo stuff, you just want to do sec updates now?
<jevangelo> yea, i want just to the security updates now
<_0verlord> jevangelo: after skimming the apt-get man page I don't see an upgrade-this-repo-only flag or anythign to that effect
<ScottK> Changing sources.list will do it for sure.
<jevangelo> awesome, just did that and apt-get update and then apt-get upgrade is doing just security
<bdmurray> kirkland: isn't bug 462693 documented somewhere?
<uvirtbot> Launchpad bug 462693 in linux "Resume from disk failed when encrypted swap is used." [Undecided,New] https://launchpad.net/bugs/462693
<storrgie> My samba config allows for users from windows to access and read/write files without issue... however users in linux cannot connect....
<soren> smoser: I forget... Do you have a UEC setup?
<silverhead> Hi
<silverhead> Is anyone using linux-image-virtual-2.6.31-14 with i386?
<silverhead> It's missing all "fs" modules, it seems
<silverhead> (it's already reported: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/453073)
<uvirtbot> Launchpad bug 453073 in linux "linux-image-virtual (i386): missing module binfmt_misc on Karmic" [Undecided,New]
<silverhead> Good bot
 * silverhead gives a cookie to uvirtbot
<soren> $DEITY, I hope he's wrong..
<soren> Oh, right, all the important ones are compiled in.
<soren> phew.
<fbc-mx> Hi where can I find an explanation or description for the linux system load indicator? Like what does 0.83 really mean?
<JanC> fbc-mx: http://blog.scoutapp.com/articles/2009/07/31/understanding-load-averages is useful maybe
<JanC> except that the way that the averages are calculated is not the same as mathematical average because that would take too long  ;)
<uvirtbot> New bug: #462928 in mysql-dfsg-5.0 (main) "package mysql-server-5.0 None [modified: /var/lib/dpkg/info/mysql-server-5.0.list] failed to install/upgrade: corrupted filesystem tarfile - corrupted package archive" [Undecided,New] https://launchpad.net/bugs/462928
<kirkland> bdmurray: various places, yes
<kirkland> bdmurray: bug reports, documentation, etc.
<kirkland> bdmurray: which would you like?
<bdmurray> kirkland: how about a bug to dupe it to?
<kirkland> bdmurray: sure, let me pick one ....
<KurtKraut> I've just stared a project for server monitoring that I'd like to share with you. It is called Poor's Man Monitor: http://code.google.com/p/pomamonitor/
<uvirtbot> New bug: #458514 in mysql-dfsg-5.1 "mysql-server-5.1 starts before filesystem is mounted (karmic)" [Low,Incomplete] https://launchpad.net/bugs/458514
 * soren calls it a day
<uvirtbot> New bug: #462962 in mysql-dfsg-5.1 (main) "[karmic] mysql-common fails to install" [Undecided,New] https://launchpad.net/bugs/462962
<smoser> soren, i do. but you're probably sleeping now.
<Agent-X> Has anyone worked with OpenERP on Ubuntu Server?
#ubuntu-server 2009-10-29
<somebody> Hi All,
<somebody> Can someone help me. I can't print.
<somebody> I want to print from my server
<somebody> My server has no driver.
<somebody> It has a parallel interface
<somebody> I normally CAT to it in Mac OS X
<somebody> Can anyone help me set it up under CUP Addon Server? Please.
<somebody> I can't print.
<somebody> No matter what I try
<qman__> anybody know if an ATi Rage XL is supported with the ubuntu server framebuffer?
<qman__> my S3 card died
<mathiaz> bdmurray: oh - I know where I got the wrong bug number while writing a release note.
<mathiaz> bdmurray: https://bugs.launchpad.net/ubuntu-release-notes/+bug/429781/+edit
<uvirtbot> Launchpad bug 429781 in eucalyptus "snapshots created in 1.5 do not get imported to 1.6" [Wishlist,Won't fix]
<mathiaz> bdmurray: ^^ the title is wrong in the edit page
<mathiaz> bdmurray: it says 'Edit details for bug #512078'
<someones> Hello All,
<someones> I can't cat to my printer under Ubuntu Server 8.04 LTS like I can in Mac OS X
<someones> Any idea why?
<someones> Please.
<someones> I try cat file
<someones>  > /dev/lp
<someones> I try cat file > /dev/parport0
<someones> Sorry about the first two commands. Typos
<JanC> someones: is your printer at your parallel port?
<JanC> and does it understand raw files?
<someones> It is parallel
<someones> It is paralel
<someones> Prallel, Sorry
<someones> Yes. It understands raw files
<someones> At least via Serial
<someones> Hmm
<jcastro> kirkland: I have a book on raptors, looking it up
<aubre> good evening - congrats on Karmic everyone - it has been a lot of fun for me to be involved in this project
<someones> My printer accepts raw files.
<someones> I can't cat to it. Can anyone help? Please.
<kirkland> jcastro: heh, thanks
<kirkland> jcastro: got a couple of comments back; looks like mystery solved
<jcastro> kirkland: oh?
<kirkland> http://en.wikipedia.org/wiki/File:Redtailedhawkschertztex.JPG
<kirkland> jcastro: red tailed hawk
<jcastro> kirkland: I was leaning towards a broad winged hawk
<jcastro> kirkland: clearly we need more pics
<jcastro> they look awesome
<kirkland> jcastro: i'll post the scorpion i caught last week next :-)
<jcastro> insects suck compared to birds of prey
<kirkland> jcastro: dude, it's a scorpion
<jcastro> heh
<jcastro> but seriously get some better shots if you see them again
<kirkland> jcastro: will do
<jcastro> you gave me something to do while waiting to test a fix, heh
<kirkland> jcastro: http://people.canonical.com/~kirkland/CIMG0097.jpg
<kirkland> camera phone picture, not very good
<jcastro> man that gives me the creeps
<kirkland> :-)
<poningru> gaah
<poningru> need help with getting iconv on php
<poningru> do I have to recompile php to get it?
<poningru> or...
<StrangeCharm> is it possible to change a dm-crypt volume that currently uses a passphrase to be mounted at boot time, so that it can be automaticcaly mounted using a keyfile?
<qman__> poningru, most likely, you just need to install additional packages
<poningru> qman__, it seems to be an issue with getid3.php
<ajmitch> iconv support should be compiled into php5
<twb> In the past when I've had to deal with dribbling php devs, I found that when they said "php needs to be recompiled with foo" that translated in Ubuntu into "install the php5-foo package"
<ScottK> twb: ajmitch isn't a dribbling php dev.
<ajmitch> ScottK: I don't know, some days I really feel like it
<ScottK> "See full publishing history" for clamav gives a long list ...
<twb> No worries, then.
<edulacomadreja> i'm looking for a good tutorial on samba + drbd + heartbeat...
<lbsjack_> hi,who have install the Eucalyptus in ubuntu 9.10rc?
<twb> !anyone
<ubottu> A large amount of the first questions asked in this channel start with "Does anyone/anybody..."  Why not ask your next question (the real one) and find out?
<edulacomadreja> ubottu: well... i need some help with samba + drbd + heartbeat
<ubottu> Error: I am only a bot, please don't think I'm intelligent :)
<edulacomadreja> lol
<lbsjack_> hi,I can attach the volume to the instance.but in the VM I cannot find it.
<bogeyd6> LOLOLOLOL
<bogeyd6> omfg i have waited my whole life for that
<bogeyd6> ty edulacomadreja
<twb> lbsjack_: that's beyond me, sorry.
<twb> edulacomadreja: you still haven't described the problem.
<twb> edulacomadreja: presumably the first step is to install and configure samba.  Have you done that?
<edulacomadreja> twb: hi!, there is no problem yet... is just that i don't know anything about samba
<twb> Actually I'm a little puzzled as to where samba fits into your cluster
<twb> Are you intending to put together a cluster purely to act as a fileserver?  That would be weird.
<edulacomadreja> nope, i have a lamp drbd heartbeat cluster working without problems
<edulacomadreja> and now my boss wants to install samba on it
<ScottK> Then tell him to go ahead and do it
<ScottK> ;-)
<twb> I don't think Samba needs to do anything special to work with drbd and heatbeat.
<twb> Samba just serves files from the directory tree, and doesn't care where they live on disk.
<zzz20091> Hi, i am running into a problem with DNS (bind9) using the setup supplied with 9.10. I want to setup up a split DNS however all zones must be in a view and named.conf.default-zones breaks this. How much of a problem (current or future) will I give myself if I completely replace the current setup.
<edulacomadreja> yes, that's what i thought but maybe there are some issues to take care about
<twb> Do the zone files live in /etc or /var?
<zzz20091> the setup is out of the box, so they are in /etc/bind. I would prefer to split them up /etc/bind/local,  /etc/bind/external, /etc/bind/slaves
<zzz20091> There also seems to be an inconsistency in that /var/run/named rather than /var/run/bind
<twb> I don't know about bind specifically, but Ubuntu will remember if you modify files in /etc, and avoid deleting your changes.
<ninnypants> what do I need to send mail from my server? I have followed the directsions here https://help.ubuntu.com/community/Dovecot to install dovecot but I still can't send mail. what else do I need?
<twb> Is dovecot an MTA?
<twb> I thought it was an IMAP server.
<ScottK> It is
<ScottK> ninnypants: Which Ubuntu release are you using?
<twb> ScottK: you mean "dovecot is an MTA"?
<ninnypants> 8.4
<ScottK> twb: No, it's an imap server
<ScottK> I see how my response was ambiguous at best.
<ScottK> ninnypants: Start with https://help.ubuntu.com/8.04/serverguide/C/postfix.html
<twb> +1 for installing Postfix.
<ninnypants> ok thank you
<ninnypants> can post fix also recieve mail?
<twb> Postfix talks SMTP.
<twb> That means it can receive mail from other MTAs, and from SMTP clients.
<twb> It can't e.g. download mail from imap.gmail.com using IMAP or POP3.
<ninnypants> does ubuntu-server support shorewall at all?
<poningru> ninnypants, what are you trying to do?
<ninnypants> I need to make sure my firewall doesn't block mail
<poningru> ninnypants, assuming you dont have email servers running inside your firewall... is that correct?
<twb> ninnypants: the default iptables wrapper junk on Ubuntu is "ufw".
<poningru> hehe 'junk'
<twb> ninnypants: shorewall is probably supported in universe, i.e. it gets second-class support.
<twb> poningru: I am of the "write the iptables-restore script yourself, wrappers just make it worse" school.
<poningru> true that
<poningru> twb++
<twb> Yes, someone can probably use a wrapper without understanding iptables -- but do you really want your firewall configured by someone who doesn't understand it?
<poningru> I cant wait till the next gen of linux firewall
<poningru> it is based on bit shifting essentially
<twb> The other problem with wrappers is that every customer uses a different one, so I not only have to understand iptables, but ALSO half a dozen completely different wrappers
<poningru> if {16 bits from the start is 0} then DROP
<poningru> twb, heh
<pwnguin> so stateful inspection
<poningru> pwnguin, yes
<pwnguin> or just packet inspection?
<poningru> pwnguin, it does what iptables does already
<pwnguin> ive no clue what iptables does
<twb> iptables just configures netfilter.
<pwnguin> i can barely understand netfilter
<poningru> but instead of doing it i.e TCP or UDP it bases it on different pieces of the packet itself
<poningru> so it allows you to mess around with broken packets
<poningru> look for next gen firewall in lwn.net
<poningru> they explained it pretty well
<pwnguin> i should write something to visualize iptables rules in graphviz
<pwnguin> or
<pwnguin> i can use google
<pwnguin> http://jekor.com/gressgraph/
<twb> Ooh, thanks!
<ninnypants> how do I determin my mailservers class range?
<twb> What is a class range?
<twb> pwnguin: ew, it parses -L instead of -save output
<pwnguin> twb: i agree, the diagram's ugly
<twb> There's a limit to what you can achieve with graphviz, because it's not pic.
<twb> But OTOH it works at all because it's not pic :-)
<pwnguin> pic?
<twb> Let's see if gressgraph uses HTML tables within the nodes...
<twb> pic is a tool used to create box-and-arrow diagrams in manpages.
<pwnguin> heh
<twb> i.e. it predates TeX's metapost and such
<twb> Which I have been too lazy to learn so far
<pwnguin> i saw someone who wrote a box & arrow diagram to graphviz converter
<twb> Haha, gressgraph is a Haskell program
<ninnypants> not sure under base configuration here https://help.ubuntu.com/8.04/serverguide/C/postfix.html it says to change their example ip and class range to the class range of my mail server
<pwnguin> you could probably write a layout engine that emulates pic
<ninnypants> the example is 192.168.0/24
<twb> ninnypants: that is CIDR "class C" IP range.
<twb> ninnypants: what it's asking for is the IP range of your local network.
<ninnypants> do I just leave it off if I have a static IP?
<twb> No.
<twb> Do you *have* a local network?
<ninnypants> I don't know the setup the server is hosted elsewhere
<twb> I can't really help you with that one, since I don't have a network diagram in front of me, and I don't know what you're actually trying to set up.
<ninnypants> I was just able to send mail so I assume that I got it correctly, but can you explain it to me I would like to understand instead of guess
<twb> You just want a VM to be able to send emails (e.g. from smartd)?
<twb> You don't need it to relay mails from workstations?
<ninnypants> nope
<ninnypants> just a vm able to send emails
<twb> Then I would normally use msmtp rather than postfix.
<twb> What you have is a "satellite" configuration.
<twb> All it needs to do is send its own email to a "smarthost" mail server, which knows how to forward mail on to the actual destination.
<poningru> ninnypants, now when you say send emails...
<poningru> do you mean like from thunderbird? or other email clients?
<poningru> what is it exactly you are trying to accomplish?
<poningru> do you want an email server that handles sending your mail?
<twb> Mail is such a sea of ambiguity.
<poningru> seriously
<twb> I have a hell of time explaining to people that Darcs' --sendmail-command doesn't need the sendmail project.
<ninnypants> from thunderbird but I also need to recieve
<poningru> ...
<poningru> ninnypants, who do you have email setup with
<poningru> your university? your internet provider? a gmail account? a hotmail account?
<twb> Hang on, I thought we were setting up a server.
<poningru> twb, clearly not
<twb> If you're setting up a workstation, you can just do everything directly in thunderbird
<twb> (I'm old-fashioned and don't particularly like that, but it's quite common.)
<qman__> you could send your emails in telnet
<ninnypants> I'm setting up a server. I need to be able to send and recive mail accross multiple sites. guess it probably would have helped if I said it was a web server
<poningru> ninnypants, in that case I would recommend setting up something like a zimbra or obm
<twb> haha
<poningru> to make it really simple
<twb> I would recommend Zimbra to my worst enemies
<poningru> twb, hehe
<twb> "Yes, please run a completely separate second LDAP instance out of /opt"
<twb> What could possibly go wrong?
<ninnypants> so omb then?
<poningru> heh
<twb> I'm not familiar with omb
<poningru> twb, you would cringe at it too
<poningru> though its not that bad
<twb> I don't know why you'd recommend a huge unwieldy mail/calendar/auth system if ninnypants only needs to send mail
<twb> ninnypants: but it's still not clear what you actually want
<poningru> twb, here is what I think about zimbra/other huge unwieldy system
<qman__> ninnypants, what specifically needs to send mail, from where, to where, what type of mail, to what end
<qman__> in the big picture, what task is the mail accomplishing
<poningru> if I were to walk into smb manager and tell him give me a server that costs 2000USD and a fat enough pipe I can set up an email server that can send email, do calendering, tasks the works
<poningru> he would say... "what would happen to it if you were to quit tomorrow", "bring in a competent *nix guy"
<poningru> "bollocks"
<poningru> "setup exchange"
<poningru> ":("
<qman__> exchange is no different
<poningru> qman__, exactly
<ninnypants> I need the web server to beable to send mail from email addresses under the hosted domains to email addresses on remote domains but I also need to be able to recieve mail and either forward it or have access to it through thunderbird
<qman__> despite what microsoft would like you to think
<qman__> exchange is a beast, and requires someone who knows the ins and outs
<poningru> atleast zimbra/obm/citadel etc. are open
<poningru> qman__, right but the mid level management doesnt know that
<qman__> ninnypants, you want an internet site configuration in postfix
<poningru> qman__, he also thinks that he can grab a mcse or whatever they call them these days off of the street and have him administer exchange
<qman__> poningru, all you ahve to do is tell them
<poningru> HAH
<qman__> if they don't get it, either you're not explaining it right, or they're incompetent
<poningru> qman__, welcome to the business world
<poningru> it is most likely the latter
<qman__> I don't work for people like that
<poningru> qman__, you my friend are a lucky man
<poningru> from what I have dealt with ... it is a nightmare
<poningru> dont get me wrong it could be that I am an unlucky sob
<poningru> just saying what I have experienced
<qman__> there are plenty of people like that out there
<qman__> but I don't work for them
<poningru> I could be the exception
<qman__> if they don't listen to reason, I don't want the job
<qman__> I suppose I'm lucky enough to be able to choose my work
<poningru> qman__, fair enough
<ninnypants> ok I've got that setup but without forwarders/inboxes, and I'm not sure how to set up email addresses
<qman__> ninnypants, create users
<poningru> ninnypants, like I said you need dovecot or cyrus to check email through an email client
<poningru> like thunderbird
<qman__> not sure about forwarders, but to create email accounts, you just create user accounts on the system
<qman__> make sure to change their shell so they can't SSH in
<qman__> and yeah
<poningru> but again my recommendation is using something like obm or zimbra so that it handles all of this for you
<qman__> you use dovecot to provide pop3 or imap access
<qman__> I strongly recommend against using something like zimbra
<qman__> basic email accounts aren't that difficult
<poningru> qman__, not for us
<qman__> unless you need an all in one corporate solution, just stick to postfix and dovecot
<poningru> qman__, I dont think a begginer can pick up and administer postfix+dovecot just like that
<poningru> good lord it took me forever to figure out postfix's conf
<qman__> ubuntu does all the work for you
<poningru> it does?
<qman__> you just pick "internet site"
<qman__> tweak a couple settings to your liking
<qman__> and it works
 * poningru fires up a vm to test this theory
<ninnypants> ok what types of configuration should I use with dovecot? I've got it installed and mailboxes set up in /home/user/ but I'm not sure what to do after that
<qman__> it's not the most secure mail server in the world
<qman__> but it's no worse than anything else automagic
<qman__> dovecot, I'd disable pop3 and imap, and only allow connections over SSL
<qman__> but you don't have to
<poningru> qman__, you know what the sad thing is? cablevision ( a major isp ) is using a horrible old smtp/pop server from sun iirc
<poningru> looked into it and found only about a million and one security issues
<qman__> yeah, sun is rough
<qman__> pain in the ass to use, too
<poningru> srsly
<poningru> I think linux gave them a proper competition that they are learning though
<poningru> and I think under oracle they are gonna take off
<qman__> the only other thing you really need to do from the default configuration
<qman__> is get an SSL certificate, and overwrite or use links to replace the snakeoil keys
<qman__> #ssl_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
<qman__> #ssl_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
<poningru> qman__++
<poningru> yes yes definately yes
<qman__> I just generated a self-signed cert and overwrote it
<poningru> and get the pub key and add it to tbird or whichever email client you will be using
<poningru> do not fall victim to mim
<qman__> once you do that, you have a reasonably secure mail server
<ninnypants> how do I choose the "internet site" to use?
<qman__> ninnypants, you do that when you install postfix and dovecot, in the menus
<qman__> it asks you
<qman__> I think you can redo it with a dpkg-reconfigure of some sort
<ScottK> sudo dpkg-reconfigure postfix
<poningru> ScottK, you dont have to do -plow or soemthing like that?
<ninnypants> yeah you can do it for postfix but what if I'm wanting to send from more than one site
<ninnypants> poningru: nope I've done the postfix reconfig a few times now
<ScottK> The internet site should be the mail server you normally send mail out through (unless you have a static IP, reverse DNS, and know what you are doing, you don't want to send it out direct.y)
<ScottK> That mail server will send mail on to wherever it is supposed to go
<qman__> you could configure the others to send mail to it, or you could configure multiple internet sites
<qman__> which is the right choice depends on your overall setup
<ninnypants> how would I configure multiple internet sites I have reverse DNS, and a static IP
<qman__> well, basically
<qman__> if you have more than one site, with different domains or subdomains, you create separate internet sites for each domain on the respective servers at those sites
<qman__> if you only have one domain you want mail sent from, you create one internet site and configure the other servers to send mail to it
<ninnypants> what if they're all on the same server?
<qman__> uh
<qman__> if it's all on the same server, how are there multiple sites
<ninnypants> using vhost
<qman__> oh, you mean websites
<qman__> I thought you meant actual sites
<ninnypants> yes
<qman__> then you just need one internet site configuration
<ninnypants> nope sorry for the confusion
<qman__> and you set up DNS to make it the mail server for all of them
<ninnypants> ok then do I just set up an MX record in the DNS?
<qman__> yes
<qman__> now, if you need mail from multiple domains
<qman__> I'm not sure how to set that up, but I know it can be done
<qman__> you'd have to find a guide
<ninnypants> do you mean recieve mail or send mail?
<qman__> send mail from different domain names, receive mail to different domain names, all of those domains hosted on your one server
<ninnypants> so being able to do that will take a different configuration than what I have now?
<qman__> well, the configuration right now only uses the domain you tell it to use when you configured it
<qman__> you have to add the other domain names
<ninnypants> any idea how to do that?
<qman__> this should help  http://workaround.org/articles/ispmail-etch/
<qman__> it's for debian but should work fine on ubuntu
<qman__> the parts you need to be concerned with are "virtual domains in a database" and virtual users
<qman__> that's really the only way to set up multiple domains on one server
<ninnypants> does this look like it will be worthwile too http://www.postfix.org/VIRTUAL_README.html
<qman__> providing you want separate user accounts for each domain
<qman__> if you just want one set of users, accepting mail from different domain names
<qman__> like, joe@domain1.com and joe@domain2.com being the same account
<qman__> then it's a simple, one-line adjustment
<qman__> otherwise it gets complicated
<qman__> yes, that tutorial is the right thing
<ninnypants> if  I set it up as joe@domain1.com and joe@domain2.com and they go to the same account will I be able to tell if mail was sent to domain1 or domain2
<qman__> the messages should retain the metadata for that
<qman__> but they will be the same account, not separate accounts
<qman__> as in, one login gets all the mails for 'joe' at any of the domain names
<StrangeCharm> how can i convert a dm-crypt volume from using passphrase authentication to mount at boot, to using key-files instead?
<ninnypants> qman__, thank you for all your help
<qman__> no problem
<ESEDU> Where can I find bind9 error log?
<ESEDU> it fails to start
<twb> Hopefully, in /var/log somewhere
<ESEDU> where there?
<twb> I don't know.
<ESEDU> Does any one know?
<twb> The bind authors probably do.
<_0verlord> osnap
<_0verlord> so with ksplice, should I still do dist-upgrades when new kernels are out?
<twb> !ksplice
<ubottu> Sorry, I don't know anything about ksplice
<pwnguin> is ksplice ubuntu supported?
<twb> Never heard of it
<pwnguin> its insane
<pwnguin> in place kernel upgrades, no reboot
<_0verlord> pwnguin: yes it is, even for servers now
<pwnguin> hot plug kernels!
<_0verlord> servers->ubuntu server
<pwnguin> _0verlord: i mean by ubuntu
<_0verlord> pwnguin: hmmm, not sure
<_0verlord> I figured someone in here had played with it
<pwnguin> i guess what im saying is, maybe you should ask the people you're paying the big bucks for help?
<_0verlord> It's freely available
<ESEDU> where am i meant to find bind authors?!
<_0verlord> ESEDU: I'm sure they have a central project homepage
<twb> pwnguin: oh, THAT shit
<pwnguin> ah, its only free for jaunty and karmic
<pwnguin> LTS requires $$
<twb> I meant ksplice
<_0verlord> ESEDU: https://www.isc.org/software/bind
<_0verlord> 2s worth of googling
<pwnguin> me too
 * twb boggles
<pwnguin> http://www.ksplice.com/uptrack/
<twb> Someone would allow proprietary blobs into their kernel?
<twb> Oh wait, now I remember -- the ksplice guys have some kind of ridiculous business model
<qman__> ESEDU, bind logs to /var/log/messages
<ESEDU> how can i check the version of my bind?
<twb> I was thinking it was some punk just hacking code in between classes
<pwnguin> heh
<pwnguin> they're after the billion nines availablity crowd
<qman__> ksplice only came out with jaunty
<qman__> they may backport it to hardy for money, but it's only free for jaunty and karmic
<pwnguin> still, you know what else is free?
<pwnguin> scheduled reboots
<qman__> I rather like ksplice
<pwnguin> i rather like my wallet
<qman__> rebooting my internet gateway is not usually an option
<Boohbah> it will probably cause noobs who don't update their init scripts to break when they finally do reboot. or not
<qman__> it only goes down when the power goes out for extended periods
<pwnguin> if your internet gateway runs ubuntu, it's just a hobby anyways
<twb> pwnguin: FSVO free = gratis, or libre?
<pwnguin> FSVO?
<twb> For some value of
<pwnguin> gratis
<twb> Pfft
<pwnguin> and libre
<_0verlord> This is just for my home server, I really don't mind playing with it
<pwnguin> reboots are open source
<twb> pwnguin: I meant, is ksplice merely free-of-charge in Jaunty and Karmic, or is it GPL'd in jaunty and karmic?
<twb> Because just calling it "free" can be misleading.
<pwnguin> twb: i think the code itself is gpl'd
<pwnguin> but they offer a diff update service
<twb> Crazy buggers
<pwnguin> you'd have to be
<pwnguin> they dont even list a price
<pwnguin> so you know its damn expensive
<twb> Hehe
<pwnguin> http://www.ksplice.com/software
<pwnguin> http://www.ksplice.com/git/ksplice.git
<pwnguin> _0verlord: so what happens when lucid is released?
<_0verlord> pwnguin: I'll upgrade?
<pwnguin> its an LTS though
 * _0verlord shrugs
<Maelos> What's an LTS?
<pwnguin> heh
<Maelos> Is there a new one announced behind 8.04?
<pwnguin> http://fridge.ubuntu.com/node/1916
<pwnguin> "Announcing Ubuntu 10.04 LTS: The Lucid Lynx"
<pwnguin> http://packages.ubuntu.com/karmic/ksplice
<twb> I keep laughing at "lucid", because that's what The Kid's fork of Emacs was called.
<pwnguin> is that your pet name for jwz?
<twb> Didn't everybody at SAIL call him that?
<pwnguin> hell if i knwo
<pwnguin> you know how old i was when SAIL was around?
<twb> http://www.dreamsongs.com/WorseIsBetter.html
<twb> We called him "The Kid."
<twb> That was at Lucid, not at SAIL
<pwnguin> SAIL? more like FAIL
<twb> They're still around: http://en.wikipedia.org/wiki/CSAIL
<qman__> ksplice is GPL'd, it's just that they provide updates as a service, and happen to do it for free for jaunty and karmic
<qman__> you could implement your own update infrastructure based on the totally open and free software
<syncrondi> anyone here willing to help me figure out some ssh key authentication issues? I've only ever used it, never set it up before... I generated my public/privates and then copied them to my windows host and generated the keys to load into pageant. Now that I have it loaded, putty doesn't try using the key-- tries keybd auth
<twb> PuTTY uses non-standard keys, IIRC
<alex88[sleep]> PuTTy sucks..XD
<syncrondi> I have putty working alright with another server I access, but the guys admining that box are better than me :P
<syncrondi> I need to use it to authenticate with plink for bzr
<alex88> dunno man..
<syncrondi> I don't use putty for ssh (although I am right now, ironically) alex88.. it's just that I know that if it works in putty, I'm that much closer to having it working in bzr
<alex88> i use putty on windows..and i get bored with wrong chars, wrong colours etc..
<syncrondi> I'd recommmend SSH Secure Shell 3.2.9 or SecureCRT
<syncrondi> alex88: do you have the character set on utf-8 ?
<alex88> dunno, i've just tried it sometimes when i'm not on linux..so only in rare cases..
<alex88> the linux bash is perfect for ssh..
<alex88> syncrondi: you ever used openvpn server?
<syncrondi> no, but I want to figure out how to
<syncrondi> I've heard it's difficult to configure
<alex88> nope, i've done it in about 2 hours.. from scratch
<syncrondi> ah, nice
<alex88> i can give you some help if you need
<syncrondi> That'd be great. I'll probably look to do that next week
<syncrondi> Are there good tutorials on it, or did you follow a book?
<alex88> i've found some tutorials
<alex88> books are too long for me...let me give you some links
<alex88> linux right?
<syncrondi> uh. yeah ubuntu
<alex88> oh nice
<syncrondi> I have that Packt publishing book on OpenVPN, but haven't much more than glanced at it
<syncrondi> oh if you mean the network... I'd want to have Windows, linux, and Mac
<twb> I have a device with a serial-over-USB thingy.
<twb> When I plug it into a Debian box, I get "[20126.325698] usb 2-2: FTDI USB Serial Device converter now attached to ttyUSB0" in dmesg.
<alex88> syncrondi: ok no problem
<twb> When I plug it into an 8.04 server, I get "usb 3-2: new full speed USB device using ohci_hcd and address 3", but no mention ot ttyUSBN
<alex88> twb: which device is it?
<twb> It's a "Sheevaplug", basically an embedded ARM server.
<twb> Like the NSLU2 with a lot more grunt
<syncrondi> alex88: I'm going to head to bed it's extremely late here. If you want to leave me some links, feel free to /msg me
<alex88> syncrondi: this is the most updated for me http://www.ventanazul.com/webzine/articles/openvpn-ubuntu-and-hulu
<alex88> twb: 8.04 hardy right?
<twb> Yep
<alex88> https://bugs.launchpad.net/ubuntu/+source/linux/+bug/251952
<uvirtbot> Launchpad bug 251952 in linux "[Hardy] FTDI based USB to Serial Converter not recognized" [Undecided,Fix released]
<twb> Got it
<alex88> twb: maybe updating kenel solves the problem
<twb> http://dev.forums.reprap.org/read.php?12,4546 told me to manually modprobe usbserial and tell it the device's name
<twb> Hmm, but when I connect I get a lot of ````'s filling the screen :-)
<alex88> where?dmesg?
<twb> No, when I connect to ttyUSB0 with screen
<twb> I might just have to carry this laptop over there...
<alex88> just try another kernel..why not?
<twb> Because I'm already abusing this system mightily
<twb> Installing and booting a nonstandard kernel would actually get me in trouble
<alex88> ohh...=) i was thinking it's yours..
<alex88> what does modprobe outputs? pastebin in
<alex88> *it
<alex88> http://sourceforge.net/projects/ftdi-usb-sio/files/ftdi_driver/1.3.3/ftdi_sio-1.3.3.tar.gz/download
<alex88> try to recompile and insmod it...
<dru> im having a slight problem with my shell
<dru> i :su nagios
<twb> ITYM sudo -u nagios -i
<dru> and enter the first letter of a command...and the shell just exits
<dru> like so
<dru> imgsrv244:~# su nagios
<dru> imgsrv244:/root$ aexit
<_ruben> the user nagios probably doesnt have a valid shell, or an "odd" login script
<dru> nagios has /bin/bash in /etc/passwd
<dru> oh
<dru> thanks twb
<dru> that did it
<dru> but im interested to know why the shell does taht
<dru> *that
<soren> ttx: I think, at this point, it's better to put off the updated appliance until after the release.
<ttx> soren: why ? We could use one to test (before imagestore publication)
<ttx> soren: the new one would "replace" the old one in the store ?
<soren> ttx: Yes, it would.
<soren> ttx: I'm building it now, and can push somewhere, but I was just feeling hesitant to rush things into the release.
<ttx> oh definitely
<ttx> but we still should have it available for tseting
<ttx> so, to paraphrase you,  it's better to put off publication of the updated appliance until after the release, to give sufficient time for testing it.
<ttx> soren: ^
<soren> ttx: Right. Sorry, had not had a chance to make coffee yet. :)
 * soren realises he hasn't had breakfast yet.
 * soren applies a patch for that
<soren> ttx: http://uec-images.ubuntu.com/appliances/uec-mediawiki-karmic-appliance.img.tar.gz
<ttx> soren: I'll test that -- adding to todolist
<ttx> downloading before the flood
<dru> Im trying to figur out why ssh-copy-id isnt working
<dru> if user has a .ssh folder where "its" keys are stored...why arnt the keys written when coping the ssh pub key from "host" to authorized_keys on client
<dru> lets say user1@host needs access to log onto user1@client to be able to run scripts. so we "ssh-copy-id /.ssh/id_rsa.pub user1@client:/.ssh/authorized_keys"
<dru> ssh-copy-id returns as if the command has been sucessfully executed...however when loging on to user1@client i still have the old key
<dru> restarting ssh dosnt help
<dru> anyone know what im doing wrong ?
<dru> the key is being copied
<dru> do i maybe have to do the process for both client and host?
<dru> strangly it works client to host
<dru> but not host to client
<pmatulis> dru: what are you talking about?
<dru> hey pmatulis
<dru> im setting up check_ssh for nagios
<pmatulis> dru: ok, can't help
<dru> well check_ssh isnt the problem
<dru> ssh-copy-id is
<pmatulis> dru: ssh-copy-id is pretty basic, what's the problem?
<dru> its working from a@A to b@B
<dru> however i need b to a
<dru> i can copy the key without any issues...but ssh seems not to be using the key i give
<pmatulis> dru: did you specify the key to use?
<dru> in the ssh conf?
<dru> nope
<pmatulis> dru: either in your ~/.ssh/config or on the command line (-i)
<dru> yeah i used the -i option
<pmatulis> dru: you used -i when trying to connect with the ssh command?
<dru> like so :ssh-copy-id -i pubkey b@b.....
<pmatulis> dru: couple of things, i said the ssh command not the ssh-copy-id command
<pmatulis> dru: secondly, with ssh-copy-id you specify the private key, not the public key
<pmatulis> dru: -i is always private for either command
<Boohbah> dru: man ssh-copy-id
<Boohbah> dru: check your syntax
<pn> morning all
<pn> I'm trying to setup a nice PXE server for setting up an ubuntu cluster
<pn> and I need to support several versions of ubuntu
<dru> Boohbah: ...im pretty sure my syntax is okay...however dont i need to flush the lkeys  or something ?
<pn> what's the latest and greatest? pxelinux? syslinux?
<dru> pn http://www.debian-administration.org/articles/478
<dru> im afk
<Boohbah> ssh-copy-id [-i [identity_file]] [user@]machine
<jdstrand> twb, poningru: fwi, shorewall is in main and hence not a second class citizen
<Boohbah> pmatulis: the identity file (defaults to ~/.ssh/id_rsa.pub)
<pn> cheers for that dru - it looks much like what I've been trying - although the latest ubuntu (9.10 and 9.04) seem to be moving the kernel image around in the install ISO and I'm now confused a bit as to which to use
<jdstrand> s/fwi/fyi/
<Boohbah> pmatulis: why would you copy your private key to a remote host?
<jdstrand> twb, poningru: also, imo iptables wrappers are not 'junk'. whether it is ufw, shorewall or system-config-firewall, these tools help real users and admins. users who need extra protection and admins who want something that is easy to setup and auditable
<pmatulis> Boohbah: it doesn't copy the private key, it copies the public key associated with the private key, however, i do see the man page defaults to a public key.  i guess both work (specifying private or public)
<Boohbah> pmatulis: ok :)
<jdstrand> twb, poningru: they aren't for everyone, which is why ufw (at least) can be easily disabled or removed
<zul> morning
<dru> pn: basicly you just need to host the image on an apache host
<dru> you can do that from any system really
<Sorell> hey guys,
<Sorell> is 9.10 released yet?
<pn> dru - i think it's the initial pxelinux.0 image i'm using (this is ubuntu 8.04 LTS server)  - it seems a bit braindead about working dhcp or http or something...
<sommer> morning :)
<soren> som	Dude!
<soren> sommer: Dude!
<ttx> smoser: about https://bugs.launchpad.net/ubuntu/+source/eucalyptus/+bug/461156/comments/13
<uvirtbot> Launchpad bug 461156 in euca2ools "User data is not parsed correctly by Eucalyptus in some cases" [High,In progress]
<ttx> smoser: you say that boto encodes user_data using urlsafe_b64encode
<smoser> correct.
<ttx> smoser: looking at the code, it seems to use b64encode
<ttx> smoser: see https://bugs.launchpad.net/eucalyptus/+bug/461156/comments/21
<uvirtbot> Launchpad bug 461156 in euca2ools "User data is not parsed correctly by Eucalyptus in some cases" [High,In progress]
<smoser> hm... yoou are correct.
<ttx> smoser: ok (just confirming that your analysis doesn't make sense :P)
<ttx> that said, looking at HmacV2Handler.java, I'm not surprised it fails
<smoser> i swear i looked at boto... let me check boto upstream
<smoser> because i *know* i looked at this
<ttx> smoser: I checked, and it seems to be that way for a long time
<smoser> yeah, looking at that code, it is no surprise it fails there.
<ttx> computedSig = HmacUtils.getSignature( secretKey, canonicalString.replaceAll("\\+","%20"), Hashes.Mac.HmacSHA256 ).replaceAll("\\+"," ");
<smoser> ok, then ttx, maybe i had changed mine somewhere
<ttx> smoser: for some reason the ec2-api-tools don't hit that code
<ttx> I kinda like the "compare sigs, if it doesn't match, compare harder" approach they have in there.
<smoser> must have been user error to make that statment. boto has never used urlsafe as far as i can see (and doesn't now): http://code.google.com/p/boto/source/browse/trunk/boto/ec2/connection.py
<smoser> ttx, maybe i'm wrong, but i thought that ec2-api-tools use a soap interface and ueca use rest
<smoser> or vice versa
<soren> smoser: That's right.
<smoser> and i just assumed it was a different backend handling
<ttx> smoser: that would explain it :)
<smoser> i even quoted boto in comment 6 without the urlencode
<smoser> dummy me
<smoser> stupid humans are so error prone
<ttx> smoser: yes, the fake quote almost got me
<ttx> smoser: that might make the bug a boto bug, btw
<smoser> i dont think so.
<smoser> since patched version of euca2ools functions against ec2 correctly
<smoser> it is possible that ec2 is in the backend doing some "if this looks to be urlsafe, then urlsafe_decode, otherwise decode"
<Baversjo> Hello! Im trying to block and log SSH brute force attacks. The block part is working. However, I would not like to log EVERY brute force attempt to syslog. I would like to log let's say one every minute or something. Is this possible? I've tried with the following rule:
<Baversjo> -A SSH_LOG -m limit --limit 5/min -j LOG --log-prefix "iptables ssh bruteforce: " --log-level 4
<smoser> but python seems to think thats ok, tierry:
<smoser> >>> base64.urlsafe_b64decode(base64.b64encode(" << FOO >"))
<smoser> ' << FOO >'
<ttx> smoser: yes, that's not really the issue
<ttx> smoser: the problem is the "+" that appears in the querystring breaks sig validation
<ttx> since it plays games with URLDecode and some specialchar replacements
<smoser> yeah.
<ttx> smoser: I'll let them sort it out. Or at least try to.
<smoser> yeah
<ttx> smoser: unless you want to have a look into it
<smoser>             computedSig = HmacUtils.getSignature( secretKey, canonicalString.replaceAll("\\+","%20"), Hashes.Mac.HmacSHA256 ).replaceAll("\\+"," ");
<smoser>             computedSigWithPort = HmacUtils.getSignature( secretKey, canonicalStringWithPort.replaceAll("\\+","%20"), Hashes.Mac.HmacSHA256 ).replaceAll("\\+"," ");
<smoser> well thats the issue.
<uvirtbot> New bug: #439566 in ubuntu-meta (main) "add python-software-properties to ubuntu-standard" [Wishlist,Triaged] https://launchpad.net/bugs/439566
<ttx> smoser: that must be there for a reason. (I hope)
<ttx> smoser: so they might need to do it in a slightly more selective way
<smoser> yeah.
<ttx> smoser: i confirmed that = or / don't pose any problem. Only + will
<smoser> we want this fixed asap though
<smoser> as right now the only way to get valid data to a instance is to use ec2-api-tools with uec
<smoser> which is a explicit violation of ec2-api license (that part is just heresay, i've not verified, but doesn't seem unreasonable)
<soren> smoser: ACK
<smoser> good. then i was justified in not suggesting that work around in the release note
<soren> smoser: http://aws.amazon.com/asl/ section 3.2
<soren> Sorry, 3.3, I mean.
<smoser> ttx, have you tested that if you use urlsafe_b64encode in boto that would fix the problem ?
<smoser> soren is all about reading legal info today
<ttx> smoser: no. And I think you'd need to adjust decoding in euca to switch to UrlBase64Decode
<smoser> ttx, you're probably right.
<smoser> and maybe i'm nmissing something, but it looks to me that if you're putting that into a url (which i think is happening) then you should use urlsafe_b64encode
<ttx> smoser: that's what I meant by boto bug... but maybe its not boto that makes a URL out of it
<ttx> smoser: but I agree that those "+" replacements seem slightly out of place
<ttx> proper use of [url]base64 should prevent the need for those
<smoser> ttx, yeah, so it'd take some more digging, but that may well be a boto bug. that said, ec2 deals with it
<smoser> so, euca *can*, and to be 100% api compatible, has to
<phreestyle-work> having a problem with samba ads authentication. I keep getting an error in my log file that says ads_secrets_verify_ticket: failed to fetch machine password. Then I get another one saying: Failed to verify incoming ticket with error NT_STATUS_LOGON FAILURE!
<ttx> the way they play with this "+" is giving me headaches.
 * ttx switches to productive testing time
<zul> ttx: ?
<ttx> zul: testing the new mediawiki appliance from Soren.
<zul> ttx: ah
<phreestyle-work> can someone help me with my samba server problem?
<ttx> soren: works for me. Logo is still ugly, redirection works. Anything else I should be testing ?
<soren> ttx: Not really, I think.
<ttx> Note that http://x/anything redirects to 404 http://x/mediawiki/anything, but tha's a feature, I guess
<soren> I like to think so :)
<ttx> well, "anything-but-/"
<soren> ttx: And /mediawiki/*
<ttx> works alright
<soren> ttx: Fantastic. Thank you.
<ttx> soren: do you still plan to change the logo ?
<phreestyle-work> does anyone know anything about samba active directory integration?
<sommer> phreestyle-work: you might double check your "add machine account" setting in smb.conf
<phreestyle-work> sommer: I don't have that line in smb.conf
<sommer> phreestyle-work: woops meant "add machine script"
<phreestyle-work> sommer: I don't have an add machine script...unless samba made one
<sommer> phreestyle-work: you have samba installed?  you're looking in /etc/samba/smb.conf?
<phreestyle-work> sommer: yes, and I have it configured to authenticate against winbind
<sommer> phreestyle-work: did you use your own smb.conf or modify the one from the package?  either way you can add a "add machine script" option.  man smb.conf will give you the details
<phreestyle-work> sommer: winbind also works: wbinfo -t, wbinfo -u, wbinfo -g all work fine
<phreestyle-work> sommer: do I really need that to have XP clients access shares in Samba?
<sommer> isn't that what you were asking about?  or am I confused
<ivoks> congratulations everybody
<zul> ivoks: it aint done yet
<ivoks> zul: well, ubuntu.com says it is :D
<phreestyle-work> I'm trying to get Samba to work with an existing Windows 2003 domain. The XP cleints are getting asked for their username and passwords when they shouldn't be
<zul> ivoks: well I guess I was wrong ;)
<zul> ivoks: well congrats to you too then
<kblin> phreestyle-work: what version of samba?
<ivoks> hehe
<phreestyle-work> 3.3 something....
<ivoks> i got flu
<ivoks> fsck
<phreestyle-work> working in Ubuntu 9.04
<kblin> phreestyle-work: and the samba server is joined to the domain, winbindd running and all that stuff?
<ttx> ivoks: yo
<phreestyle-work> kblin: yes, I can run wbinfo -t and everything and it works fine
<ivoks> ttx: hi
<ttx> ivoks: don't believe what you see on the Internet
<kblin> phreestyle-work: can you wbinfo -a a domain user as root?
<ivoks> ttx: hahaha
<ivoks> ttx: i don't - i'm mirror admin :D
<phreestyle-work> kblin: yes
<kblin> so, what's the deal with that cloud thing?
<kblin> phreestyle-work: hm, interesting. any hints what's going wrong in the smbd logs?
<phreestyle-work> kblin: log says Failed to verify incoming ticket with error NT_STATUS_LOGON_FAILURE!
<kblin> uh
<ttx> watching #u-r-p is fascinating
<kblin> try wbinfo -k then
<zul> ivoks: swine flu?
<ivoks> zul: could be
<sommer> phreestyle-work: the XP client is accessing your ubuntu machine correct?  and the XP machine is also part of the domain?
<zul> ivoks: ick....hope you get better in the next two weeks
<ivoks> :)
<phreestyle-work> sommer: yes
<zul> ivoks: otherwise stay home
<ivoks> it's just a flu
<sommer> ivoks: just wash your hands a lot... it'll get better :)
<phreestyle-work> kblin: wbinfo -K works too
<ivoks> sommer: wanna be my roomate? :D
<kblin> phreestyle-work: ok, so you clearly can get kerberos tickets across :)
<phreestyle-work> kblin: yea, but samba keeps popping the error whenver a client connects to it
<kblin> can you smbclient to the local machine as a domain user?
<sommer> ivoks: sure, I'm pretty sure I put you down, heh
<phreestyle-work> kblin: here's my smb.conf file: http://pastebin.com/m594cab3
<ProfMerlin> hey guys
<sommer> phreestyle-work: did you say you're using likewise?
<phreestyle-work> kblin: using smbclient -L localhost -U administrator returns a list of the shares
<ProfMerlin> quick question
<ProfMerlin> going to reinstall ubuntu server. but need LVM support
<phreestyle-work> sommer: I was, but I left the domain with it because I coulnd't get samba to wortk
<ProfMerlin> do i download the Alternate install cd?
<ProfMerlin> or will the normal install cd also have it?
<kblin> phreestyle-work: hah, I don't think ADS will work over port 139
<kblin> phreestyle-work: any reason why you don't allow 445
<phreestyle-work> kblin: I added that because I kept getting erros about writing 4 bytes to client
<phreestyle-work> kblin: there was a page that said to add the smb ports = 139 line to stop that from happening
<kblin> aha...
<ProfMerlin> oi. guys?
<kblin> personally I'd be highly suspicious about advice not from an samba.org site :)
<phreestyle-work> kblin: I'm slowing learning that :)
<nijaba> ProfMerlin: Default server CD support LVM fine.  It is even the default in it
<Baversjo> Quick question: Are there any way to upgrade from ubuntu server 9.10 RC to 9.10?
<ProfMerlin> thanks
<ttx> Barre: apt-get upgrade ?
<ttx> Baversjo: : apt-get upgrade ?
<nijaba> Baversjo: sudo apt-get upate/upgrade ?
<Baversjo> 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
<phreestyle-work> kblin: I think that might have done it, but when didn't it work when I installed likewise-open5 the first time?
<kblin> no idea. I've never used the likewise stuff
<Baversjo> Is there any way to see if it's the RC or the real deal?
<phreestyle-work> kblin: I read on the ubuntu docs that you had to move a secrets.tdb file to make it work, but as usual, the ubuntu doccs are always wrong
<phreestyle-work> kblin: thanks for the help
<kblin> phreestyle-work: no problem
<ivoks> bye all
<sommer> phreestyle-work: the current server guide is for likewise 4, and needs updated for likewise-open5... should be updated for lucid
<kblin> sommer: the fun part is that while likewise 4 was samba based, likewise 5 is a completely new beast
<ttx> kblin: especially 5.4
<sommer> kblin: ya, I need to play around with 5 some more
 * kblin shrugs
<kblin> I can do everything I need to do with samba
<phreestyle-work> sommer: I ended up joining the domain with likewise-open5, and then doing it again with net ads join
<phreestyle-work> sommer: that was the only way to get samba to work, I guess
<kblin> anyway, I just saw the ubuntu website was tooting "open source cloud support", and I was wondering what they mean about that
<kblin> all the whitepapers seem to try selling me the amazon cloud thing
<phreestyle-work> sommer: I'm not sure what the ramifications are of having two authentication systems running, but it seems to be the only way for it to work
<kblin> er
<kblin> I
<kblin> I'd use either one or the other
<phreestyle-work> yea, i think i left the domain with likewise-open, then used net ads join
<kblin> samba should be able to use either, assuming you only have the correct libwbclient intalled
<sommer> kblin: ubuntu enterprise cloud lets you run your own private cloud if you want
<sommer> phreestyle-work: not sure what you mean by two auth systems?
<phreestyle-work> sommer: well, likewise-open and samba's winbind running on the same machine
<kblin> sommer: ah, ok, I'll poke at this some more then
<kblin> phreestyle-work: that's bound to blow up in your face
<kblin> I'm amazed ubuntu even lets you install both at the same time
<phreestyle-work> kblin: I'm not....they will let you hang yourself if you're not careful
<zul> congrats everyone but ummmm now what?
<kblin> phreestyle-work: you sure you didn't use apt-get install --shoot-me-in-the-foot-please ?
<kblin> ;)
<phreestyle-work> kblin: lol
<aubre> did they change the default web interface username/password in the final release for UEC? admin isn't working
<phreestyle-work> kblin: that package was broken :)
<kblin> anyway, I've got no clue whatsoever about the likewise stuff
<phreestyle-work> kblin: but the real trick is to get my other ubuntu server authenticating against the domain as well
<phreestyle-work> kblin: from my limited experience, it doesn't work
<kblin> phreestyle-work: depends
<aubre> Error: Username 'admin' not found
<kblin> what idmap backend do you use?
<phreestyle-work> kblin: you're better off following a howto for editing the config file manually
<phreestyle-work> kblin: well, right now, ad, but I tried lwopen as well
<phreestyle-work> kblin: doh! samba broke again
<phreestyle-work> kblin: i just rebooted the server and it's asking for username/password again
<kblin> you still running winbind and lwopen?
<kblin> for the ad backend, you need that SFU schema installed on your AD dc
<aubre> hmm, now I can't even download my uec creds
<kblin> are you running multipl domains?
<aubre> using euca-conf
<aubre> euca_conf
<phreestyle-work> kblin: ok, I'll remove that line then. wasn't in the howto on the samba site anyways
<StrangeCharm> how can i convert a dm-crypt volume from using passphrase authentication to mount at boot, to using key-files instead?
<phreestyle-work> kblin: ok, now I'm getting a different error in my smb log: my username is invalid on this system
<phreestyle-work> kblin: nevermind, I fixed it by removing that "idmap = ad" line and restarting samba
<kblin> phreestyle-work: I'd suggest you start with a minimal smb.conf file and add only lines you understand :)
<aubre> ok, now all of a sudden I can log in - strange
<phreestyle-work> kblin: yea, I just need one share writable by everyone on this server, so on the server I'm going to use as an actual fileserver, I'm gonna do it the old fashioned way (edit config files)
<kblin> phreestyle-work: if you only need one domain, you might want to use the "rid" backend for idmap
<phreestyle-work> kblin: yea, I only have one domain
<kblin> that is if there's no local users on that box
<kaushal> hi
<kaushal> I am following https://help.ubuntu.com/8.10/serverguide/C/samba-ldap.html
<phreestyle-work> kblin: well, we log into the box as a local user, but I think I followed this guide the last time I set up a server on a Win2003 domain: http://wiki.samba.org/index.php/Samba_&_Active_Directory
<kblin> ah, careful, the idmap settings changed a bit since 3.0.x
<kblin> we really should update that wiki page :/
<kblin> sorry about that
<kaushal> ldapsearch -x -H ldaps://localhost -D cn=admin,dc=example,dc=com -w xxxxxxxx
<kaushal> works perfectly fine
<kaushal> while running smbldap-populate -u 30000 -g 30000 i get http://pastebin.com/d2a098ec4
<kaushal> I am following https://help.ubuntu.com/8.10/serverguide/C/samba-ldap.html
<foolano> kaushal: double check smbldap-tools configuration
<kaushal> foolano, shall i paste bin the configs ?
<ScottK> kaushal: Are you running Ubuntu 8.10?
<kaushal> Ubuntu 8.04
<ScottK> Then don't use the 8.10 docs
<kaushal> ScottK, is there a doc for 8.04 ?
<ScottK> Looking
<kaushal> foolano, i was waiting for your answer
<foolano> kaushal: check that the configuration you are using with ldapsearch matches the conf for smbldap-tools
<kaushal> foolano, ldapsearch -x -H ldaps://localhost -D cn=admin,dc=example,dc=com -w xxxxx works perfectly fine
<kaushal> when i run smbldap-populate command i get http://pastebin.com/d2a098ec4
<kaushal> http://pastebin.com/d1397587d --> smbldap.conf
<kaushal> http://pastebin.com/d63dbbaf6 ---> smbldap_bind.conf
<ScottK> kaushal: The 8.04 server guide doesn't have a specific samba/ldap section, but you might check https://help.ubuntu.com/8.04/serverguide/C/openldap-server.html and see if there's anything that is obviously changed.
<kaushal> ScottK, it does not mention about samba ldap ?
<kaushal> ScottK, i read your line
<ScottK> kaushal: Yes, it's LDAP only.  I thought it might provide some clues.
<ScottK> The samba-ldap docs appear to have first been added in 8.10
<kaushal> I have posted my query to ubuntu-server mailing list too
<kaushal> ScottK, where can i seek help for my issue ?
<kaushal> This issue is taking lot of time
<kaushal> :/
<ScottK> I'd say you've asked in the right places.  We just released Karmic today so a lot of us who are involved in development are pretty tired.  I would counsel patience.
<kaushal> ScottK, sure :)
<kaushal> ScottK, so i need to ask here in this channel today ?
<kaushal> I mean not today
<ScottK> I'd just wait and see if anyone volunteers to help and then ask again later if no one does.
<uvirtbot> New bug: #461464 in eucalyptus "ec2 api tools (ec2-api-tools-1.3-42584) not working against 1.6" [Undecided,New] https://launchpad.net/bugs/461464
<Von_Dracul> some one speak spanish?
<mathiaz> ttx: re bug 458904
<uvirtbot> Launchpad bug 458904 in ubuntu-release-notes "When installing a node, euca_find_cluster fails to locate the cluster controller if instances are running" [Medium,Fix released] https://launchpad.net/bugs/458904
<Von_Dracul> any one knows the minimun requirements of memory for run 9.10 server?
<mathiaz> ttx: so you were able to run two publication jobs?
<mathiaz> ttx: I've tried to do that, but then euca_find_cluster would not resolve the ip address correctly
<mathiaz> ttx: both avahi-publish jobs were running correctly though
<ttx> mathiaz: I added your upstart job and changed avahi config to disable autopublish
<ttx> rebooted
<ttx> then run euca_find_cluster -> PASS
<ttx> addan IP adress manually
<ttx> run euca_find_cluster -> PASS
<mathiaz> ttx: hm...
<ttx> want me to doublecheck ?
<mathiaz> ttx: I can try to reproduce it on the test cluster here
<mathiaz> ttx: well - that means I'd have to go to the office
<mathiaz> ttx: if it's faster for you
<ttx> mathiaz: it will need validation on the real scenario, I think. I cheat by adding IP addresses manually
<mathiaz> ttx: right.
<ttx> though my cheat should be pretty close to what euca does
<ttx> since the output of ip addr show is the same
<mathiaz> ttx: hm - I think I've never tested the publish-address no option with the extra publication job actually
<mathiaz> ttx: I tested the ignore-interface=eth0 option
<ttx> mathiaz: that one won't help :)
<mathiaz> ttx: that lead to non resolvable IPs
<aubre> ttx: mathiaz: fyi I reinstalled this morning and everything is working for me , including storage controller
<mathiaz> ttx: ok - I'll test your workaround on the test cluster tomorrow
<aubre> ttx: mathiaz: I even used the Store to install the images I'm using to test with
<mathiaz> aubre: glad to hear everything is working!
<aubre> mathiaz: thanks! if there is something again that you'd like me to check let me know, this system is after all a proof of concept.
<aubre> I do want to play around with overcommenting memory at some point :P
<mathiaz> aubre: cool - thanks for offering!
<aubre> overcommitting I mean
<aubre> mathiaz: sure!
 * soren calls it a day
<ttx> kirkland: let me know if you think bug 458001 is a good candidate for euca SRUs
<uvirtbot> Launchpad bug 458001 in eucalyptus "LOGLEVEL in eucalyptus.conf doesn't affect cloud-*.log verbosity" [Low,Triaged] https://launchpad.net/bugs/458001
<kirkland> ttx: yeah
<kirkland> ttx: i think it is
<ttx> that's a farily simple fix
<kirkland> ttx: assuming the fix is small
<kirkland> ttx: then, yes, absolutely SRU worthy
<ttx> Adding "-l $LOGLEVEL" to eucalyptus-cloud opts (in /etc/init/eucalyptus.conf ) fixes verbosity for cloud-output.log
<ttx> However the debug and error ones are non-configurable
<ttx> so I'll split the bug
<CodeWar> rather basic question, what does ubuntu cloud buy me I have 3 machines at home. will it tie them up such that <a> tasks can move back n forth betweeen machines based on load balancing (static assignment or dynamic?) <b> unify memory on all of them and make thema ppear as a single NUMA system <c> combine their hard drives togehter to present one ginormous backend storage?
<ttx> kirkland: wanna keep bug 461156 on your plate ? I can take it
<uvirtbot> Launchpad bug 461156 in euca2ools "User data is not parsed correctly by Eucalyptus in some cases" [High,In progress] https://launchpad.net/bugs/461156
<uvirtbot> New bug: #298964 in autofs (main) "autofs.cifs broken when sharing CD drive without CD-ROM" [Low,Incomplete] https://launchpad.net/bugs/298964
<uvirtbot> New bug: #332677 in autofs (main) "autofs fails to look up master map from ldap in Intrepid" [Low,Incomplete] https://launchpad.net/bugs/332677
<ttx> kirkland: I mean, the eucalyptus part of it
<uvirtbot> New bug: #463449 in eucalyptus (main) "No possibility to decrease cloud-debug / cloud-error log verbosity (or disable them)" [Wishlist,Confirmed] https://launchpad.net/bugs/463449
<uvirtbot> New bug: #355762 in bind9 (main) "package bind9 1:9.5.1.dfsg.P2-1 failed to install/upgrade: el subproceso post-installation script devolviÃ³ el cÃ³digo de salida de error 1" [Undecided,Invalid] https://launchpad.net/bugs/355762
<Googa> can i make a domain called "something.localhost."
<Googa> does that sound rational
<bogeyd6> Googa yes you can
<bogeyd6> and that domain will work for anyone who has their DNS server setting set to that server
<Googa> thanks
<qman__> Googa, the normal thing to do in that type of situation is to use "something.mydomain.local"
<qman__> since localhost and localdomain normally always refer to the local host
<qman__> but, that will work
<crohakon> Is there an automated way to setup a dyndns client via console in ubuntu-server?
<crohakon> anyone?
<crohakon> never mind, figured it out.
<Baversjo> Could someone help me with a shell script that doesn't work? It's ony 10 lines..
<kirkland> mathiaz: hey, did we put our bug triage days up in the public wiki yet?
<mathiaz> kirkland: yes - https://wiki.ubuntu.com/ServerTeam/KnowledgeBase
<Baversjo> This script is placed directly in the bottom of /etc/profile. When I login i get the following error message: "  [: 9: mygroup: unexpected operator  "
<Baversjo> http://paste.ubuntu.com/304436/
<kirkland> mathiaz: can we get http://qa.ubuntu.com/reports/ubuntu-server-team/dailynewbugs.ubuntu-server.thu.html to refresh more frequently?
<kirkland> mathiaz: the data there is stale
<Baversjo> My question is: What is wrong in this script?
<kirkland> mathiaz: it's as of 10/22
<mathiaz> kirkland: right - that's last week
<mathiaz> kirkland: it's true that the list is not up-to-date.
<mathiaz> kirkland: it was a screen shot taken last week.
<kirkland> mathiaz: can we just use a LP search?
<kirkland> mathiaz: so that it's not so out of date?
<kirkland> ie, non-cached
<mathiaz> kirkland: nope :/ - there isn't a by_date criteria
<qman__> Baversjo, put quotes around $PGROUP
<mathiaz> kirkland: ie you can't filter on creation date
<mathiaz> kirkland: like - I wanna bugs created *before* a specific date
<kirkland> mathiaz: oh, well, we should get our backlog down to 0 untriaged
<kirkland> mathiaz: and then we don't need to worry about the data
<kirkland> mathiaz: date
<kirkland> mathiaz: the view is just "what's in the sever realm and untriaged?"
<mathiaz> kirkland: I agree that having a realtime bug search would be better
<mathiaz> kirkland: right - our backlog is pretty empty now
<mathiaz> kirkland: so we just need a daily review of what's new
<mathiaz> kirkland: and get these triagged
<mathiaz> kirkland: that's the goal of the process
<kirkland> mathiaz: \o/
<Baversjo> qman__: What kind of quotes? I tried this: [ "$PGROUP" == "mygroup" ]; Still same error :(
<qman__> those are the right quotes
<mathiaz> kirkland: even though the list is getting stale a few days later, the review is supposed to happen the day following the generation
<mathiaz> kirkland: so the accuracy of the list is not that bad.
<zul> hey mathiaz I was thinking of using bzr more for the packaging in lucid how do you think we should go about doing it?
<Baversjo> qman__: The script works when I login as admin, but when I log in as a newly created user (useradd -g mygroup hello) it prints an error message
<mathiaz> zul: hm - use it?
<qman__> Baversjo, I just tested that section of the script on my machine, it works
<zul> mathiaz: like as a workflow
<mathiaz> zul: well - instead of doing an apt-get source, do a bzr co lp:ubuntu/src-package-name
<mathiaz> zul: or bzr branch
<zul> and if there is no bzr tree for it?
<Baversjo> qman__: Cool thx for me also but not for these newly created users :(
<mathiaz> zul: ask james_w to do an import
<zul> mathiaz: sounds reasonable
<mathiaz> zul: most of the archive should be imported now though
<zul> i just noticed samba and apache isnt
<mathiaz> zul: and whenever you prepare a new package upload, I'd suggest to ask for review via LP
<qman__> Baversjo, what is the output of   groups|awk '{print $1}'   for that user?
<mathiaz> zul: if the package isn't imported, ask james_w
<mathiaz> zul: merges could also be done via package branches
<Baversjo> qman__: The output is "mygroup"
<mathiaz> zul: since there is an import of the debian archive as well
<Baversjo> qman__: It's really wierd.
<zul> mathiaz: I think the review stuff would slow us down
<qman__> Baversjo, without quotes, right
<mathiaz> zul: depending on the size of the changes not necessarly
<Baversjo> qman__: Yes, without quotes
<mathiaz> zul: quality is improved by reviews
<mathiaz> zul: as well as knwoledge sharing
<zul> mathiaz: true we should have like a designated person per day for reviewing
<qman__> Baversjo, I think I have the answer
<qman__> Baversjo, the user's shell must be bash in order for that to work
<mathiaz> zul: right - this is what the LP is doing and other teams as well
<qman__> Baversjo, users without home directories get dash, not bash
<mathiaz> zul: we'll have to see how things work out for our own team
<mathiaz> zul: we'll never know if we don't try
<zul> mathiaz: agreed
<Baversjo> qman__: Okey let me try that thank you! This user's got $
<Baversjo> at his prompt and my regular user's got johan@baversjo-server
<qman__> right
<qman__> I did the same thing, same problem
<qman__> ah, figured it out
<qman__> to make it work in dash, change  ==  to  =
<uvirtbot> New bug: #236831 in lm-sensors (main) "fancontrol parse error" [Low,Confirmed] https://launchpad.net/bugs/236831
<qman__> it still works in bash with a single =
<qman__> so that will solve the problem all around
<Baversjo> qman__: Thank you very much works like a charm!
<RoyK> hi all. where can I read more about this cloud stuff in 9.10_
<RoyK> ?
<uvirtbot> New bug: #232413 in minicom (main) "Crash when receiving garbage from serial line." [Low,Incomplete] https://launchpad.net/bugs/232413
<uvirtbot> New bug: #326608 in minicom (main) "on minicon console whem zmodem is selected "failure executing protocol" appears and cant transmit data from host to target" [Low,Incomplete] https://launchpad.net/bugs/326608
<bventura> samba ? .. I've set a force directory mask = 0755 on my share, but when I connect from another computer and put a folder in the share it gets created with 0777 permssions every time.. what am I missing here?  same result for file + create mask it just does not seem to work
<RoyK> bventura: unix client_
<RoyK> ?
<bventura> the client is mac
<RoyK> bingo
<bventura> whats up?  this is driving me crazy
<RoyK> look up unix extensions in the smb.conf manual
<bventura> ok
<RoyK> or in short, add "unix extensions = no" to the global section
<bventura> ok
<RoyK> unix extensions allow the client to define umask and so on
<bventura> aha
<bventura> \OH YEAH
<bventura> that worked thanks for the help i'
<bventura> ve been trying to figure that out forever
<RoyK> :)
<uvirtbot> New bug: #437600 in mysql-dfsg-5.0 (main) "package mysql-server-5.0 5.1.30really5.0.75-0ubuntu10.2 failed to install/upgrade: my.cnf was missing" [Undecided,Incomplete] https://launchpad.net/bugs/437600
<uvirtbot> New bug: #440931 in mysql-dfsg-5.0 (main) "package mysql-server-5.0 5.1.30really5.0.75-0ubuntu10.2 failed to install/upgrade: ?????????? post-installation script ????????? ??? ?????? 1" [Undecided,Incomplete] https://launchpad.net/bugs/440931
<jfb_h2o> anyone know how to define specialhosts so this: http://paste-it.net/public/bacc0f1/  works
<LyonJT> Hey
<LyonJT> What can i use for a SSL VPN Server
<LyonJT> ?
<_ruben> openvpn is a commonly used ssl vpn server
<_ruben> and sslexplorer's kinda nice too
<RoyK> openvpn should be a good solution
<nick125> So, who's planning on upgrading their server(s) to Karmic?
<maswan> nick125: Already running it in production since last week. :)
<nick125> maswan: haha
<nick125> I'm tempted to upgrade my server...but I'm a bit worried about how it'd affect Xen.
<nick125> UEC looks neat, but I'm betting that its KVM based.
<qman__> I've been running karmic on my desktop for a week, but all my servers (except one) are still running hardy
<qman__> and that one that
<qman__> 's running jaunty will get upgraded in a few weeks, once the mirrors recover
<nick125> I really wish that Xen was better supported in Ubuntu. I mean, at least a kernel or something...
<qman__> KVM took over
<nick125> Yeah :(
<qman__> I haven't played with it at all
<nick125> It's not that I like Xen that much, it's just that without VT/SVM, I don't have many options.
<qman__> the only machine I have with hardware virtualization support is my laptop
<qman__> realistically, though
<qman__> any serious VM implementation would be on new hardware anyway
<qman__> so for the vast majority it's a non-issue
<qman__> I'm still running on 939s though
<nick125> My server is a little Celery box and I don't have money to upgrade it (and not really the need to, either)
<qman__> no argument from me, my shell server is a K6
<qman__> just saying, there's not much demand for serious non-VT virtualization
<uvirtbot> New bug: #247283 in nis (main) "bind_wait uses ypwatch without a full path" [Low,Incomplete] https://launchpad.net/bugs/247283
<uvirtbot> New bug: #353698 in nis (main) "Ypserv segfault on Ubuntu 8.10 Intrepid" [Low,Incomplete] https://launchpad.net/bugs/353698
<uvirtbot> New bug: #372426 in nis (main) "NIS not working" [Low,Confirmed] https://launchpad.net/bugs/372426
<ruben23> hi, i have a hardware server i would like to install an ubuntu-server it belong to a LAN, what my options to install ubuntu server on it..since it dont have DVD drive..?
<zul> ruben: you can get a cdrom with a usb enclosure and boot it that way or you can probably try a netboot
<zul> hey ttx
<mathiaz> ttx: hey!
<mathiaz> ttx: party on?
 * ttx sips his porto
 * ttx highfives the team
<uvirtbot> New bug: #374717 in ntp (main) "ntp in kubuntu jaunty does not configure" [Undecided,Incomplete] https://launchpad.net/bugs/374717
<smoser> ruben23, also you can boot from usb, using usb-creator
<mathiaz> ttx: a 20-year old porto for karmic - what's the plan for lucid then?
<ttx> smoser: congrats on your first release !
 * smoser wipes a tear off his cheek
<ttx> mathiaz: I'll have to think about it
<ttx> mathiaz: maybe a 30-year-old Chateau-Chalon
<mathiaz> ttx: well if you add 10 years for every 6-month release, you'll be in trouble soon
<smoser> ruben23, even rack mount servers of modern hardware support usb boot.
<smoser> i think i'll celebrate with one of each at http://www.libertystreetbrewingcompany.com/2.html
<ruben23> smoser: you mean i the usb will do the installation.>?
<ttx> zul: hey, we did it, dude
<smoser> ruben23, yes. download the iso and run 'usb-creator-gtk' adn point it at the iso.
<smoser> it makes a bootable usb device
<VirtualDisaster> smoser, oh nice
<smoser> that does the installation
<zul> ttx: you da man
<smoser> it is really nice. works well for netbook install also.
<zul> smoser: i think ill have a vodka and oj tonight after liam goes to bed
<uvirtbot> New bug: #288905 in ntp (main) "/etc/init.d/ntp doesnt use ntpdate to ensure clocks are aligned before starting server." [Wishlist,Confirmed] https://launchpad.net/bugs/288905
<VirtualDisaster> smoser, in texas we have a limited selection of good beers
<VirtualDisaster> aside from shiner bock i dont drink much else
<VirtualDisaster> zul, lol
<hggdh> well, there's also Sam Adams (but yes, not Texan)
<mathiaz> zul: have finished filling up my Inbox with bug mail?
<zul> mathiaz: almost
<smoser> VirtualDisaster, yeah, after you ran celis out of austin
<smoser> luckily, while the man went back to belgium, his beer came to michigan (where i'm from)
<VirtualDisaster> lol
<smoser> celis is outstanding, btw
<ruben23> smoser:  any link guide  for it..?
<VirtualDisaster> hggdh, im poor atm, i wish i could have a taste right about now
<zul> mathiaz: no rest for the wicked ;)
<hggdh> heh. I hear you
<mathiaz> zul: I can tell - as long as you promise to fix everything in lucid :)
<RoAk> congrats guys for this amazing server release
<zul> mathiaz: heh i think i might need some help :)
 * VirtualDisaster downloads latest server iso
<mathiaz> zul: oh come on - you know the rule: triage => fix
<zul> mathiaz: meh :P
<zul> i think ill go start drinking
<smoser> ruben23, .... i dont know. sorry. you're asking about usb-creator, right ?
<smoser> its similar to unetbootin, but i think its the officially supported ubuntu method of doing this.
<smoser> it really is quite simple.  you run the thing, select an iso and say "go".
<smoser> it copies a bunch of files and then you can boot off the usb stick.
<zul> mathiaz: I stopped at openldap back at it again on monday
<LyonJT> What command can you put in to see what os your running?
<LyonJT> os version*
<mathiaz> zul: thank you!
<hggdh> uname -a will give you the kernel version, type, etc
<zul> mathiaz: for stopping or for triaging ;)
<mathiaz> zul: hm stoppi^Wtriagging!
<zul> hehe
<zul> later
<LyonJT> wiked cheers hggdh
<LyonJT> How can i upgrade my server to 9.10?
<ttx> LyonJT: http://www.ubuntu.com/getubuntu/upgrading#Network%20Upgrade%20for%20Ubuntu%20Servers%20%28Recommended%29
<LyonJT> Cheers pal
<weirddood55> I'm having a weird problem on tty1 when editing config files.
<weirddood55> I'm using vim and when I'm editing on tty1, as I move around in the file, console text gets displayed on the screen and vim stops responding
<qman__> weirddood55, it has to do with kernel messages being sent to TTY1
<qman__> either disable that, or don't use TTY1
<weirddood55> Okay
<qman__> I prefer to just not use TTY1, so I still get the messages
<weirddood55> Thanks...I just wasn't sure and thought I'd just ask in here about it
<weirddood55> thank you qman__
<qman__> I'm pretty sure it's configured in syslog
<qman__> no problem
<qman__> oh, also
<qman__> if you're using an older version of ubuntu (hardy or older) the default vim doesn't support arrow keys
<qman__> you need to install vim-full to use the arrow keys
<weirddood55> No I'm using karmic
<qman__> ok
<grendal_prime> ok I need to set up some place to send backups.  A cloud computed nfs share would be nice?
<grendal_prime> anyone done something similar to that?
<VirtualDisaster> if its a clouded NFS and your just sending files to it then whats the difference?
<VirtualDisaster> its just "clouded" or clustered?
<VirtualDisaster> same thing different name, imo
<grendal_prime> ok
<grendal_prime> let me backfill some info..
<grendal_prime> got a datacenter we need to have the configs from all the linux boxes backed up.  I have a great server for doing this...backuppc all configed, works great.  But i need it to actually store the backups somewhere else (somewhere outside the datacernter as this is a disaster recovery job.)
<qman__> cloud computing is only really useful for computations, NFS is storage
<qman__> you could buy some space on one of those online backup services, or you could just back up to external hard disks and ship them offsite
<VirtualDisaster> greenfly, yeah like qman__ said
<grendal_prime> so my thinking was if i could just get a cloud account somewhere..with a couple of gigs of space.???  what is all of the ec2 amazon talk about then?
<VirtualDisaster> just put up a freenas box offsite and youre done
<qman__> ec2 isn't for storage
<qman__> it's for running programs
<VirtualDisaster> for serious storage i wouldnt go cheap
<grendal_prime> there are all these backup solutions that use ec2
<VirtualDisaster> i mean this is backup data right?
<qman__> yeah, even just building a couple more file servers and putting them geographically far away
<grendal_prime> no just configs
<qman__> just configs?
<VirtualDisaster> freenas and youre done
<VirtualDisaster> virtual freenas and youre done lol
<VirtualDisaster> you could run it on your desktop
<qman__> that's even overkill for that
<qman__> burn to CD-R
<VirtualDisaster> lol
<grendal_prime> that was my plan,  but we were going to run it back to our office (very frar from data center)
<qman__> get a desktop machine at a separate location, with internet access
<qman__> and set up a cron job to shell in and download the backup
<grendal_prime> it staff is like all....hmmm...naa..use offsite storage..look into amazon or jungledrive..or some shit like that.
<qman__> ec2 is not the right tool for this job
<qman__> I mean, you COULD use it
<qman__> but there are better ways
<grendal_prime> ok thats all i wanted to know.
<qman__> hell, you could even just email it to yourself
<grendal_prime> getting things in and out of this...is such a security hell, every port i use i have to run it through sec check and grrrr.
<grendal_prime> well qman_if it works well we will use it for larger jobs
<qman__> if you want it totally automated, the best way is to either hire a service like ubuntu one (there are a bunch of them), or to set up your own server at a separate location
<qman__> and use a scheduled job
<grendal_prime> the backup pc works really well..if i could just nfs mount the storage...wham im done...need to grow it i just give it more space on the netapps nfs share.
<qman__> I'd use scp over the net
<qman__> easy to get through firewalls, secured
<qman__> easy to automate
<grendal_prime> scp? wtf?  backup pc uses rsync as a transport.
<qman__> oh, doing full replication
<grendal_prime> I can even tar it on the fly is i want to...and only trasmit the changes.
<qman__> in that case, a tunnel would work
<qman__> sshfs is pretty cool too
<grendal_prime> ya, then i get back to the same problem...do i send it to my personal datacenter...that will not fly, here...nope they like to keep things seperate, soooooo some cloud location that they have access to and own...that seems the better solution
<qman__> well they have to trust someone with their data
<qman__> do they trust you, or amazon
<qman__> or whoever
<qman__> if they're that concerned, they should set up their own machine at a different office or something
<grendal_prime> my datacernter is in my garage,  i dont have a retnal scanner and a pretty chick at the desk with a tazer ...they like that...
<qman__> your garage is more secure than amazon's cloud
<grendal_prime> i guess i could get the wife a short skirt and a tazer...
<jcastro> rsync.net is cheap and reliable IME for things like this
<grendal_prime> jcastro: cool...i think thats what im looking for.
<qman__> clouds are, bu their very nature, a security risk
<qman__> all it takes is one hole in the virtualization software
<qman__> and bam, everyone on the service is done for
<qman__> at least if you run your own system, you have the advantage of monitoring
<grendal_prime> jcastro: that was EXACTLY what i was looking for
<grendal_prime> shfs mount..and whammo done.
<grendal_prime> I decide i want to put it somewhere else i just mount the same dir to some other location and whammo!! done again...THAT SO TOTALLY WROX DUDE!!
<grendal_prime> sorry
<grendal_prime> 2 exc1t3d
<Garandil> Hmm.. I did a apt-get with a package that I didnt mean too.. and now it's stuck at wanting to install the dep's.. how do I get it out of that loop?
<kblin> ctrl-c?
<Garandil> I have aborted it.. but when I try to install a new package it starts to wine about the one that I aborted
<kblin> try purging the packages you've tried to install
<kblin> the one you didn't want I mean
<Jad_> hi, does anybody knows what apps use the cloud computing feature of ubuntu server?
<Jad_> also is there an rdp application that comes with ubuntu server? the place where they will host my ubuntu is remote and perhaps ubuntu has an rdp app
<Ergo^> hello
<Ergo^> i just did a dist-update to my server
<Ergo^> and while everything appeared to be fine during the process ( i did that once already without problems)
<Ergo^> right now it seems the server didnt start correctly after reboot
<Ergo^> anything i could to troubleshoot the situation ?
<Ergo^> i cant ssh to my machine nor ping it, after dist upgrade, what can be the cause ? disk check ?
<Ergo^> anyone here ?
<tmske> Hi, I want to upgrade my ubuntu desktop to ubuntu-server, is installing linux-server enough? what packages can I remove?
#ubuntu-server 2009-10-30
<A-KO> What would cause apache to suddenly spike in memory usage and then crash the server?
<A-KO> it goes from < 100MB of total system memory usage to > 300MB, chews up swap, then bombs
<A-KO> wordpress-based sites, only one of them seems to cause the problem.
<ruben23> i installed vsftpd, Public accessible ftp site is located what directory..?
<qman__> ruben23, I'm not sure where the default location is, though it's probably specified in the config
<jMCg> 218 only here. Wow.
<qman__> my guess would be somewhare in /var
<jMCg> So, can someone please pastebin me an ldd output of ldapsearch ?
<qman__> I would but I don't have an ldap server
<jMCg> qman__: one doesn't need an ldapserver, to have/need/use ldap-utils
<qman__> well, I don't have/need/use ldap-utils either
<jMCg> I was much hoping someone here does/is/blah.
<jMCg> Alternatively, I could take a look at the package dependencies in the repos.
<qman__> there are probably plenty who do, but this is generally a pretty slow channel
<qman__> might take a while to get a response
<jMCg> Shit.
<jMCg> libgnutls26 (>= 2.7.14-0)
<jMCg> I was hoping it Ubuntu was not on the same GNU/Fascism wave as Debian.
<jMCg> This is the 4th package in a week I'm rebuilding because the gnutls bindings don't have the capabilities I need.
<qman__> I don't really understand what's wrong with using openssl, but if it means an alternative gets good, then I'm fine with it
<qman__> ah
<qman__> I think the only time it would affect me is with my openvpn server
<qman__> that's on hardy though
<jMCg> I mean, of course it's documented: ldap.conf(5) TLS_CACERTDIR <path> Specifies the path of a directory that contains  Certificate  Authority  certificates  in  separate  individual  files.  The  TLS_CACERT is always used before TLS_CACERTDIR.  This parameter is ignored with GNUtls.
<qman__> hopefully the issues are worked out for lucid
<qman__> I'd hate to upgrade to the next LTS and have my VPN break
<Jad_> anybody knows what apps utilize ubuntu cloud feature?
<jMCg> qman__: sure, are you going to help bring all GPL/BSD/APL license wars to peace?
<jMCg> Jad_: lsof -i ;)
<qman__> heh, I don't know what the big deal is between them
<qman__> sure they're different, and choosing your favorite is one thing
<qman__> but I don't see why using software from the different ones is a problem
<qman__> it's all free, it's all open, it's all good software
<jMCg> I don't give TWO FUCKS ABOUT THE LICENSE. I just like good software. And I like good code. And I like both together best.
<Jad_> you mean i type lsof -i in ubuntu to get the apps? i haven't installed it yet
<jMCg> Jad_: apt-cache show lsof , google://lsof
<jMCg> It was a geek ``joke'', you didn't get it. Now read up.
<qman__> that would only tell you what programs are using files over the internet
<qman__> cloud computing seems to be the latest trendy buzz word
<qman__> we used to call it clustering
<qman__> and you didn't bother unless you had an application in mind that you specifically wanted to cluster
<jMCg> qman__: cloud is more than clustering. It's third party, virtualization, with optional ($$$$) clustering. The third party part is important. You give it to the ``cloud'' -- to someone else to take care of it, to someone else to blame (for $$$$).
<qman__> sort of how virtualization became a trendy buzz word a couple years ago
<qman__> oh yes, I understand how it's different
<qman__> just saying, it's really not all that different
<qman__> clustering made easy
<Jad_> yes i appreciate the joke but i wasn't kidding. especially since i'm practially new to ubuntu
<jMCg> Jad_: and I don't even use it!
<Jad_> you don't use ubuntu?
<Jad_> whats this crap heh
<Jad_> lets stay serious
<qman__> Jad_, cloud computing is basically just combining a bunch of servers into one giant computing resource, where you create virtual machines or applications to run on that resource
<jMCg> Jad_: I came here to ask some info about a package. Stayed for the good coffee.
<Jad_> :)
<qman__> so, instead of saying "what can I do on a cloud", you should be saying "what do I need to do"
<jMCg> And then think about how to do it cheaper and more realiable.
<qman__> and once you figure that out, determine if it's economical or beneficial to do it on a cloud
<jMCg> And a cloud is just one of the options.
<Jad_> yea i understand i was just thinking it might be like windows azure
<jMCg> qman__: not quite. Right now the hosting I'm doing is a lot cheaper with a couple of leased root servers (all running a couple of Xen DomUs) than doing it with Amazon (as an example).
<Jad_> but it seems more like vmware vsphere
<jMCg> Jad_: Windows Azure is not so much a cloud, as it is a pipe (smoke) dream.
<qman__> I don't know anything about windows azure
<qman__> or vmware vsphere, for that matter
<Jad_> i understand what clouding is, the thing is its different among different vendors. in windows azure it lets a developer distribute bunch of processes/resources on different servers
<Jad_> but azure is only hosted by MS
<qman__> I run all my stuff on actual hardware
<qman__> nothing against virtualization, it just doesn't benefit me
<Jad_> midori seems to be like a cloud but actually a grid compututing system perhaps
<Jad_> yea qman its better to have it local
<qman__> Jad_, the ubuntu cloud computing is the same type of system as amazon ec2
<qman__> or at least it can be configured that way
<jMCg> \o/
<qman__> you can move machines to and from amazon and your ubuntu cloud
<jMCg> Success. Recompiling ldap stuff, and suddenly I can actually verify my connection to all my servers.
<Jad_> so you mean the OS can be run on several hardwares at once?
<Jad_> maybe different processes run on different cases
<Jad_> like grid computing
<qman__> well, that's how a cloud works
<qman__> it shares the load among all the hardware in the cloud
<jMCg> http://queue.acm.org/detail.cfm?id=1017001 some more infos...
<qman__> in one giant environment
<ruben23> how do i check my free remaining space on ubuntu-server
<qman__> ruben23, hard drive space, df
<qman__> I usually do df -Thx tmpfs
<Jad_> ok thanks, yea thats what i was thinking. vmware cloud OS uses another definition for the cloud thats why several vendors use different meanings.
<Jad_> good thing that ubuntu you can have unlike azure
<ruben23> qman__: teh un partion part of my HDD
<ruben23> qman__: the unpartion part of my HDD
<jMCg> fdisk?
<jMCg> cfdisk for more comfort.
<Jad_> vmware's cloud is more like a bunch of vm's btw
<ruben23> hi i did lvextend on my existing logical on a volume group, after that i check df -h nothing happend to my /var/
<Jad_> *low level software that handles bunch of vms, more than 200 OSes
<netrat> ruben23: what filesystem are you using?
<netrat> ruben23: you've expanded the volume, but you have to let the filesystem know of the change
<ruben23> netrat: how to do that..?
<Jad_> is there a 32bit ubuntu server btw?
<ruben23> the logical/volume group is monuted on /var/
<ruben23> do i have to unmount it first..?
<netrat> ruben23: is it an ext3 filesystem?
<netrat> Jad_: yes there is a 32bit server
<ruben23> netrat: how do i check..?
<netrat> ruben23: run the mount command
<Jad_> oh nevermind, found it, thanks
<netrat> ruben23: give me the mount information for /var, for example /dev/mapper/vg0-root on / type ext3
<ruben23> /dev/mapper/VolGroup00-LogVol01
<ruben23>                       1.9G  1.5G  313M  83% /var
<netrat> ruben23: do you see a filesystem type? ext3, xfs, etc...
<ruben23>  netrat: no i cant see it
<netrat> ruben23: type the following command, mount
<netrat> ruben23: then you should see the filesystem type
<ruben23> /dev/mapper/VolGroup00-LogVol01 on /var type ext3 (rw)
<Jad_> oh these shell stuff seem complicated. hope there's easy UI for these stuff
<netrat> ruben23: okay that's good, ext3 supports online resizing. run the following command, resize2fs /dev/mapper/VolGroup00-LogVol01
<ruben23>  netrat: but /var/ is already mounted
<netrat> ruben23: ext3 supports online resizing, meaning you can resize it while it's mounted
<Jad_> do you have to learn these commands to use ubuntu server? i remember the linux book was pretty big :) . maybe though ubuntu is easier
<ruben23> netrat: how about this scenario, ill be having a directory /var/ftp---> can i resize my ftp directory only...
<netrat> ruben23: is the filesystem mounted on /var or /var/ftp?
<netrat> ruben23: if the filesystem is mount /var then you'll have to make a new lv and ext3 filesystem then transfer everything over and mount it on /var/ftp
<ruben23> ok ill do the second options you give
<ruben23> ftp is not yet made, im just going to create the ftp directory
<Jad_> maybe just use alcohol120% for mounting on ubuntu? or not possible?
<netrat> ruben23: have you already resized the /var logical volume? if so you have wasted space and eventually you'll have to resize the filesystem
<Jad_> like mount CDs?
<netrat> Jad_: what are you talking about using alcohol120$? isn't that a windows program? ;-)
<ruben23> netrat: can i revert it back..?
<jdstrand> qman__: didn't read the whole backscroll, and while I of course agree that clouds are a security risk, we have mitigated that quite a bit when using libvirt in karmic. it will launch machines with their own individual profiles so they are isolated from each other as well as protecting the host from user space attacks. hypervisor/kernel level exploits are of course not protected
<Jad_> maybe it has a linux vers too
<Jad_> havn't checked
<netrat> ruben23: that shouldn't be a problem
<Jad_> or emulating :)
<netrat> Jad_: we are talking about mounting and resizing filesystem/logical volumes. alcohol120 is used to mount CD images
<ruben23> netrat: im just focus on resizing ftp directory cause ill be copying large file on that directory
<jdstrand> qman__: I should rephrase... 'clouds *can be* a security risk
<ruben23> netrat: how would we do the revertion..?
<jdstrand> '
<Jad_> oh mounting filesystems. havn't used that ina  long time :)
<Jad_> i guess i should check back my old linux book :)
<netrat> ruben23: use lvextend and lvreduce to resize LVs
<jdstrand> qman__: it all depends on what you are doing, who has access (just like with a real cluster of machines). obviously hypervisor bugs and kernel exploits are an attractive target, and you get more bang for your buck with one hypervisor bug as opposed to compromising a single machine
<netrat> lvextend -L+5G or lvreduce-L-5G
<jdstrand> qman__: but the point remains-- many of these issues are mitigated in 9.10 through the apparmor security driver in libvirt
<jdstrand> s/these/the/
<netrat> Jad_: are you in libya?
<Jad_> no, why :)
<Jad_> its close though
<Jad_> beirut
<netrat> oh Lebanon
<Jad_> was using redhat back in 2002. ubuntu seems the most popular these days. perhaps will switch my hosting to a ubuntu server
<Jad_> the only command i remember is ln sym? symbolic link hehe
<netrat> Jad_: yes i used redhat too.. CentOS is basically the community version of redhat, but i prefer ubuntu
<Jad_> ok
<Jad_> will have to keep a win hosting for aspx and mssql thou
<doug__> I just did a fresh install of ubuntu-9.10-server-i386 on a test system.  I went to edit the /boot/grub/menu.lst file to add a boot option and the file wasn't there.  Did the latest version of ubuntu-server switch to a different boot loader that grub2?
<qman__> 9.10 uses grub 2 on new installs
<qman__> all previous versions used grub 1
<doug__> qman:  That's what I thought and read on the ubuntu site, but shouldn't there be a menu.lst file then?
<ruben23> hi nayone can help i have installed pxe server it work, problem only is the process how it copies the file on my os distro, im doing it by ftp but it didnt work, NFS and http are option but how to do it..
<jmarsden> ruben23: See if the info about using Kickstart at https://help.ubuntu.com/community/PXEInstallServer helps you?
<axisys> w/ apticron running when should i expect the upgrade available email?
<axisys> my apticron runs at 12:44 daily and its 23:55 .. have not received an alert
<axisys> /etc/motd is not saying anything either .. it runs every 10 mins
<axisys> /etc/update-manager/release-upgrades shows Prompt=normal
<twb> Isn't apticron obsoleted by /etc/cron.daily/apt ?
<uvirtbot> New bug: #464172 in mysql-dfsg-5.1 (main) "update script break on run (mysqld not stopping)" [Undecided,New] https://launchpad.net/bugs/464172
<ruben23> hi any help setting pxe server
<twb> ruben23: install dnsmasq
<ruben23> twb: ihave dhcpd already installed
<twb> dhcpd is not a TFTP server.  dnsmasq is.
<twb> But if you want to use tftpd-hpa instead, go ahead.
<ruben23> twb actually i can boot to my pxe server and start the initial install of the OS, problem is during the copying of ciles it cant locate, what id copy the image file
<ruben23> ive tried
<ruben23> ftp
<ruben23> and httpd
<ruben23> same thing
<ruben23> it ask for cdrom
<ruben23> during the installation
<twb> ruben23: that's because you're booting the wrong initrd
<twb> ruben23: which release are you trying to bootstrap, 8.04?
<ruben23> yes
<twb> One moment
<ruben23> im doing the initrd.gz
<twb> http://mirror.internode.on.net/pub/ubuntu/ubuntu/dists/hardy/main/installer-amd64/current/images/netboot/ubuntu-installer/amd64/linux
<twb> http://mirror.internode.on.net/pub/ubuntu/ubuntu/dists/hardy/main/installer-amd64/current/images/netboot/ubuntu-installer/amd64/initrd.gz
<twb> You want to use those two, not the hd-media or cdrom images.
<ruben23> twb: this will i used to the config
<ruben23> how about the process of my image
<ruben23> how it will copy
<ruben23> twb: thanks for this
<twb> ruben23: eh?
<twb> I don't understand the question
<twb> Incidentally, I seem to recall a recent package that will help set up a netboot install server...
<ruben23> twb: i mean i used that file on my pxe config..
<StrangeCharm> can a thin client with no hdd boot ubuntu over ethernet from a server?
<ruben23> then may image ubuntu, how do i copy it to be used by pxe.
<twb> StrangeCharm: yes.
<twb> StrangeCharm: I sell systems that do this for an entire network
<twb> ruben23: I still don't understand.
<ruben23> twb: huhuhu
<StrangeCharm> is there an app in the default repo for the server end of this?
<qman__> StrangeCharm, you can set it up using the alternate install disc
<qman__> it's an automagic type option
<qman__> or you can do it manually
<twb> StrangeCharm: ltsp5
<StrangeCharm> qman__, the server already does other things. i'm not reainstalling the OS.
<qman__> trouble with doing it manually is there's quite a bit to set up
<ruben23> twb what i do next
<qman__> unless they've improved it since I last did it
<twb> netboot-assistant, that's the package
<twb> It basically does everything for you, IIRC
<qman__> nice
<qman__> that didn't exist when I did it
<StrangeCharm> twb, so, i install the netboot package, and the client can just go from there?
<qman__> had to do the DHCP and everything manually
<twb> Sorry, di-netboot-assistant
<twb> It will fetch the d-i netboot kernels and ramdisks and set up a pxelinux menu and everything
<twb> I don't know if it's available in Ubuntu yet, of course...
<StrangeCharm> sweet
<StrangeCharm> well, that's the fun part
<StrangeCharm> problem. on a fresh 9.10 install, with several crypted lvm disks, entering the first passphrase at boot goes ok, when prompted for the second, a bunch of messages appear before the phrase can be entered
<supermatthew> so i just bought a vps, i am mildly experinced with ubuntu, but not a security expert, best tips for keeping it secure?
<supermatthew> other than strong passwords and not handing out ssh accounts like there candy
<qman__> supermatthew, make sure no users have shells that shouldn't ever log on
<qman__> and use encrypted protocols
<supermatthew> https
<supermatthew> atm im not handing out access to it
<qman__> http isn't a big deal unless you're logging in
<qman__> I meant email, shell access, file access
<supermatthew> i setup ispconfig cause i hate messing with files
<qman__> use pop3s/imaps, scp/sftp/sshfs, etc
<qman__> don't use ftp, telnet, etc
<supermatthew> i don't even have a telnet client :p
<qman__> you probably do
<supermatthew> windows 7
<supermatthew> no preinstalled telnet client
<supermatthew> wait putty has a telnet client
<supermatthew> nvm
<qman__> in any case
<qman__> go through /etc/password and if anything has a real shell that shouldn't, like built in accounts, change it to /sbin/nologin or /bin/false
<qman__> err
<qman__> /etc/passwd
<kblin> supermatthew: you're running ssh, right?
<qman__> the only ones that should have real shells are root and any user accounts you create
<supermatthew> yeah
<qman__> ubuntu is pretty well secured by default
<kblin> supermatthew: install something like denyhosts
<qman__> oh, change the sshd config,   PermitRootLogins No
<qman__> unless you need that
<supermatthew> well the default vps image has root enabled
<supermatthew> :p
<qman__> right
<qman__> which is why you should prevent root from logging in through ssh
<qman__> log in through an unprivileged user, then su to root if you need it
<supermatthew> k
<kblin> and I'd switch to public/pricate key auth over ssh
<supermatthew> i guess what i should really worry about is the windows server sitting at my feet :p
<supermatthew> but thats behind my DSL nat, so not really worried
<qman__> a default install is pretty secure, so you only really need to secure anything you install on top of it
<qman__> or in this case, anything your VPS company did to it
<qman__> also, a good firewall is quite valuable
 * kblin shrugs
<qman__> you can mitigate brute force attacks and prevent any connections to anything you aren't intentionally running
<supermatthew> won't fail2ban help with the brudeforce attacks
<kblin> on a server at a hoster, I usually go for "if I don't want to run the service, the port is closed"
<supermatthew> of course closing ports is a good isea
<qman__> I don't use fail2ban, I just use iptables with the recent module
<qman__> brute forcers can only get about 20 failed logins done in a day
<qman__> which is nowhere near fast enough to actually crack an account
<qman__> if they were smart they could get more in, but they're not
<qman__> they're just spamming attempts
<supermatthew> its probably just bots
<qman__> yeah
<qman__> of course my shell server's down right now
<qman__> video card died a couple days ago
<qman__> waiting on a replacement
<supermatthew> i used to run filezilla server on my desktop a couple years ago to let a friend quickly upload and download files(we moved to an svn solution later)
<supermatthew> and i could watch as 1-2 IPs a day tried to brude force the admin password
<qman__> yeah
<supermatthew> though the admin account didn't exsist :p
<qman__> I usually get about 5-10 separate brute forcers trying my shell server
<qman__> per week
<qman__> and it's always root, admin, mysql, etc...
<qman__> none of which can log in
<supermatthew> passwords to always try first if you want into a system: password admin root 123456 12345
 * kblin shrugs
<kblin> I'm using denyhosts with the public database of known offenders
<qman__> that's a bit too resource intensive for my 200MHz shell server ;)
<qman__> iptables gets it done
<supermatthew> might i ask what exactly your server does :p
<kblin> supermatthew: most my servers have "secret" as admin password :)
<qman__> I've got several, that one is for ssh and web
<qman__> it's the oldest and slowest
<supermatthew> i used to use test test as a login/password for various things
<qman__> making it perfect for ssh, since it can only handle 3-4 simultaneous ssh connections
<kblin> then again, those are virtual machines for testing and stuff, they're never on a public network
<supermatthew> then i used it on a friends game and he mad at me :p
<supermatthew> it was a public game
<qman__> and any box could serve my static HTML pages and pictures at the 40k/s my net connection can handle
<supermatthew> test test had full admin rights
<supermatthew> i had fun then loged off and told him to change that password
<qman__> I also used to run ftp and an eggdrop on that machine
<supermatthew> :( i have a gbps port on both of my desktops, why can't i get a fiber cable for cheap
<supermatthew> i watched as they put down a couple hundred strands infront of my apartment
 * kblin goes back to try and find what's causing data corruption on his file server
<qman__> why would you want fiber
<qman__> cat6 is cheaper and easier to work with
<supermatthew> fiber as in from this apartment to a datacenter
<StrangeCharm> qman__, isn't it ironic that your shell server is down because of video card problems?
<qman__> ah
<qman__> StrangeCharm, yes, it is
<qman__> it won't boot without one
<qman__> and it doesn't have an AGP slot
<supermatthew> or some other place
<qman__> so I had to order up a PCI replacement
<supermatthew> theres only 1 hop between my isps network and the datacenter my vps is on
<StrangeCharm> qman__, i'm so young, i've never seen an agp slot in real life
<kblin> ?
<kblin> wow
<supermatthew> O.o
<qman__> hah
<kblin> so let me tell you about running stuff on ISA slots :)
<qman__> this machine predates AGP
<qman__> it only has PCI and ISA
<supermatthew> i have an ISA card in my closet
<supermatthew> sound card
<supermatthew> quite usless to me
<qman__> economically, fixing it is a poor decision
<qman__> but it has sentimental value
<StrangeCharm> qman__, also, fiber has much higher max speeds than cat6. it is better as a long-term investment
<supermatthew> fiber can go for miles
<qman__> StrangeCharm, there are specs for 10g over cat6
<supermatthew> cat6 100 meters
<qman__> I thought he meant in his home, PC to PC
<qman__> making fiber silly
<StrangeCharm> qman__, agreed, there is almost application i can think of that would require fibre in the home. but fiber to the home is a sound investment: highest experimental speeds with fiber are massive, among other advantages
<qman__> yeah
<supermatthew> why, im living in the center of thousands of corprate buildins and 10 or so datacenters within an hour drive
<supermatthew> but im stuck with 3 mbps dsl
<supermatthew> yet i had fios when i lived in denton, which is an hour drive
<StrangeCharm> not to put too fine a point on it: the reason that the us has such poor broadband and beyond-broadband is that llu is not mandated
<qman__> I'm stuck with cable
<qman__> costs three times what it should
<qman__> the only other option is a leased line
<supermatthew> i want to move to sweeden
<supermatthew> sweden
<supermatthew> a friend there has a 100 mbps line
<StrangeCharm> 100meg broadband as a human right?
<StrangeCharm> the suicide rate's pretty high, though
<supermatthew> O.o
<crohakon> StrangeCharm; I think 100meg broadband should be a human right =)
<StrangeCharm> supermatthew, i'm just saying, there's broadband, and there's environment
<qman__> I'll take my freedom over fast internet
<StrangeCharm> crohakon, i agree in principle, but i'd rather not specify a speed, rather a qualitative value that'll keep pace with changing times
<StrangeCharm> qman__, where do you have freedom, out of interest?
<crohakon> Want to know what pisses me off about ISPs? When they block ports!
<qman__> I live in michigan, US right now
<qman__> and my rights are pretty heavily violated here
<crohakon> what part of michigan?
<qman__> but it's much worse in europe
<qman__> lapeer
<qman__> ideally I'd like to go to alaska
<StrangeCharm> qman__, don't assume so. the balance is closer than you think, especially with the echr
<qman__> the last free state
<crohakon> over near flint?
<qman__> crohakon, yes
<crohakon> Ahh, I am from the Muskegon area.
<crohakon> Anyway, time for sleep. Goodnight.
<qman__> good night
<supermatthew> so i was thinkin, Blimps + LAzors + Sharks = Internet Anywere above ground and defence system for said internet
<supermatthew> ie each blimp is a hop
<supermatthew> and connects to other blips or to the ground via lazers
<supermatthew> then you stick the sharks on the blimps so that people can't attack them or enviromentalists will be angry
<qman__> supermatthew, that strategy would be pretty heavily affected by poor weather
<supermatthew> put blimps high up in air
<supermatthew> and if the connections poor, then you use land based connections to cover the area
<supermatthew> then when weathers clear, you can go back to blimpies
<qman__> also, effective laser communication requires extreme precision
<supermatthew> and im sure that not much could stop a 10 gigawatt comminication lazer
<qman__> more than GPS can do
<supermatthew> but sharks + satalite dishes + blimps doesn't sound as good
<supermatthew> i should be gettin to bed
<StrangeCharm> what's the package/metapackage/whatever for the standard ubuntu gnome environment?
<qman__> StrangeCharm, ubuntu-desktop
<StrangeCharm> so simple, thanks
<supermatthew> also: for password security people: download these http://www.outpost9.com/files/WordLists.html
<supermatthew> if your passwords on one of those lists
<supermatthew> please think of a new password
<qman__> nice resource
<qman__> great for pen testing WPA
<supermatthew> :p it seems WPA is becomming a joke
<supermatthew> almost as much as wep
<supermatthew> yay netsplit
<qman__> well, WPA + AES isn't totally broken
<qman__> but it's easy to get a packet, and then brute force
<qman__> so it requires a strong passphrase
<qman__> I keep all my wireless stuff on a separate network from my important stuff
<qman__> and VPN in
<qman__> just like I would from anywhere else on the internet
<nic1> can anyone please tell me where i can get the key bindings for x server?
<_ruben> ubuntu-server doesnt do X
<nic1> ok..
<nic1> what is tty, stty etc.,?
<_ruben> stty (1)             - change and print terminal line settings
<_ruben> tty (1)              - print the file name of the terminal connected to standard input
<_ruben> tty (4)              - controlling terminal
<_ruben> !apropos stty
<ubottu> Sorry, I don't know anything about apropos stty
<_ruben> aww
<twb> !man -k tty
<ubottu> Sorry, I don't know anything about man -k tty
<twb> Bah!
<qman__> not a very bright bot, is he
<uvirtbot> New bug: #464418 in eucalyptus (main) "Official UEC image fails to boot" [Undecided,New] https://launchpad.net/bugs/464418
<uvirtbot> New bug: #464426 in krb5 (main) "missing binary transition package libkrb53" [Undecided,New] https://launchpad.net/bugs/464426
<StrangeCharm> what's the command to start the ubuntu-dektop interface
<kwork> start kdm from init
<kwork> if you use kde
<twb> StrangeCharm: "invoke-rc.d gdm start"
<twb> StrangeCharm: assuming you mean a graphical GNOME login screen.
<fahadsadah> Why have you installed a GUI on a server?
<twb> hear, hear
<fahadsadah> The only time I've ever done that was to rickroll clueless users over X11 forwarding.
<\sh> hmmm..on karmic its "start gdm" afaik, because of upstart? ;)
<StrangeCharm> fahadsadah, i like using a mouse with emacs
<StrangeCharm> so sue me
<Garandil> Hi.. I was wondering if there is any good way to administer the domains and mail users on Ubuntu server?
<kwork> i use postfixadmin
<Garandil> does it work in anyway like qmailadmin?
<twb> Blink.
<twb> People still use qmail?
<twb> StrangeCharm: Emacs has transparent remote file access.  It is in NO WAY appropriate to install Emacs on a server.
<Garandil> I used it 3 years ago.. just gotten around to start fiddeling with linux again..
<twb> StrangeCharm: also, even if you install emacs23-nox on your server, you can do -e xterm-mouse-mode
<twb> As the mg DD, I also heartily recommend it as a lightweight alternative to vi when you're trying to fix the network at the server's local console.
<twb> \sh: ah, I guess in karmic the upstart people finally got off their arses and started moving stuff out of sysvinit-compat
<twb> \sh: start(8) is certainly an upstart API
<\sh> twb, yes...keybuk did some good work on it :)
<twb> At the same time, per finally got insserv on by default in Debian...
<hk_guest> hi all I have a question. What is the main advantage to upgrade my system from 8.04 to 9.1 ?
<twb> hk_guest: you get to spend a weekend fixing all the fuckups it causes
<hk_guest> twb: should I upgrade my server?
<twb> The rule of thumb is: get it working, then leave it the hell alone
<twb> Don't upgrade unless you know you need to
<twb> e.g. because it fixes a bug that's causing you a lot of problems.
<hk_guest> twb: you are right
<twb> Note that security updates are an exception to this rule
<hk_guest> twb: what is the best web based managemetn tool for ubuntu server in ypur opinion? for example webmin or ebox?
<kblin> well, a security update kind of classifies as "a bug that's causing you a lot of problems"
<twb> hk_guest: they're all bloody awful
<twb> kblin: granted
<twb> kblin: not everyone sees it that way :-)
<hk_guest> twb: :))
<hk_guest> twb: I think you are thinking the best management tool is nano or pico :)
<twb> hk_guest: erm, sed -i beats nano
<twb> pico IIRC isn't free software, so it's automatically out
<kblin> hk_guest: basically try whatever you can find and pick your best match
<kblin> hk_guest: mine happens to be vim, yours might be different
<kblin> e.g. you can pretty much manage a samba server from the microsoft management console if you want to
<hk_guest> kblink: yes. I am using nano. I want to set up a new server instead of old with a new PC based hardware. and planning to use 9.1
<kblin> 9.10, if I might nitpick :)
<hk_guest> But I use mysql for vtigercrm and postgresql for another software. I dont know what is waiting for me when I transfer my old data
<hk_guest> I am not sure should I upgrade or not. Because my old system like an test system. lots of unnecessary software I installed on it.
<hk_guest> I want a fresh start again :9
<MazuGrazus> hellow
<MazuGrazus> i am having error while creating cloud server: Error 7: Failed to connect to 91.189.89.31: Network is unreachable
<MazuGrazus> anyone can help me to solve it?
<twb> Pfft, vim is like 7MB
<cemc> which is the fastest virtualization method (performance-wise) in 9.04/9.10 ? for servers without X
<cemc> I mean server guests, ubuntu/debian
<twb> Visualization of what?
<cemc> virtualisation
<twb> Oh, virTualization
<cemc> KVM ?
<twb> KVM is what Ubuntu recommends.
<cemc> mhm. I'm using Virtualbox for windows, and vmware server for ubuntu server installs, but it's a bit (a lot?) slower.
<MazuGrazus> what does it means "cc host"?
<TeTeT> MazuGrazus: cluster controller host in the context of UEC
<MazuGrazus> TeTeT: thx
<acalvo> hi
<Googa> I have created a zone file "ele.localhost."
<Googa> and in the zone file I write @ SOA nameofcomputer.localhost.
<Googa> and then NS RR i put it again and a A record for the loopback adress
<Googa> when i write dig ele.localhost, why dosent my computer loopback adress come up
<Googa> or should i configure it so the zone ele.localhost i created is in my computers assigned ip and not loopback address
<phretor> hello, what do you think about this RPC issue? http://pastie.org/676628 - no firewall nor /etc/hosts.* restrictions are active.
<uvirtbot> New bug: #464646 in ipsec-tools (main) "package racoon 1:0.7-2.1ubuntu1.9.04.1 failed to install/upgrade: subprocess post-installation script returned error exit status 255" [Undecided,New] https://launchpad.net/bugs/464646
<ttx> smoser: bug 464418 looks like a failure to bundle correctly to me... would you get that error if you package something that is not an image together with a valid EKI/ERI ?
<ttx> https://launchpad.net/bugs/464418
<smoser> i dont know how htat could be.
<smoser> ttx, the attached console log http://launchpadlibrarian.net/34665954/console-output
<smoser> says "gave up waiting on sda1" but right before that it shows sda1 output from kernel
<ttx> beh
<ttx> smoser, kirkland: I never got that in testing. did you ?
<smoser> no.
<kirkland> ttx: first i've seen of it
<kirkland> ttx: i did hit the deadlock db issue *all day* yesterday
<smoser> and i to would suspect rebundling (cared that possibly rebundling on non-karmic might have cuased it) other than it doesn't say "no filesystem on /dev/sda1" it says "no sda1"
<kirkland> ttx: particularly as i was setting up for my UEC demo last night
<ttx> kirkland: happy to hear I didn't dream it. I got it every single time.
<kirkland> ttx: i couldn't "not" get it yesterday
<kirkland> ttx: i see why you were so frustrated
<ttx> kirkland: I think its config-related
<kirkland> ttx: we have to fix that in an SRU
<kirkland> ttx: our competition is gonna laugh at us
<kirkland> ttx: and our customers are going to cry
<kirkland> ttx: so i caught dan online, and here's how we "fixed" it
<kirkland> ttx: i commented out the upstart registration jobs
<kirkland> ttx: since the pieces were already registered
<ttx> kirkland: "restart" fixes it for me.
<kirkland> ttx: and restarted eucalyptus
<kirkland> ttx: i had to no-opt the registrations
<ttx> kirkland: simply restarting wouldn't fix it ?
<ttx> kirkland: they asked access to affected configurations to debug it. But the box I experience it on boots 25% of the time correctly because it has hardware quirks, so I'm not sure the eucalyptoids can easily use it for investigation
<ttx> kirkland: good thing if you can reproduce it steadily on something they could access
 * ttx should really dump that intel sdp nightmare and replace it by hardware that works.
<kirkland> ttx: sure, i won't reinstall this system until they've looked at it
<RoyK> choosing "install ubuntu enterprise cloud" feels strange in this VM on my laptop
<kirkland> ttx: so i brought 4 laptops to the release party last night
<kirkland> ttx: and the router
<ttx> kirkland: how did it go ?
<kirkland> ttx: our 2 canonical dell laptops and our router
<kirkland> ttx: plus 2 of my own
<kirkland> ttx: i did UEC demo's all night
<kirkland> ttx: most people there had seen ec2
<kirkland> ttx: and they were pissing themselves when they saw how they could do basically the same thing on their hardware
<ttx> yes, in 15 minutes :)
<kirkland> ttx: so it went well, once i got the db deadlock thing solved
<kirkland> ttx: i also demo'd powernap
<kirkland> ttx: which went really well
<kirkland> ttx: brought the watt-meter
<kirkland> ttx: killed all the vm's waited 5 minutes while i showed the web interface
<phretor> hi folks, I usually don't ask to re-consider a post: I know it's lame and very annoying. However, this is really causing me serious problems in a production environment. Does anybody have any clues about the RPC issue I posted above? Thank you.
<kirkland> ttx: and then each of the nodes s3 suspended
<ttx> yes, that makes a great 45 minute demo. If we could cut the install time while still showing "from ISO to cloud", we could do it in 20-30 minutes
<ttx> I don't think a 15-minute format would give it justice
<Googa> what the fuck is a node
<RoyK> " scrub: scrub in progress for 0h0m, 0,00% done, 852h29m to go"
<Googa> please
<Googa> anyone
<RoyK> a node is a machine in a cluster
<RoyK> among other things
<kwork> member of a cluster
<smoser> Googa, in UEC terms a node is a physical system that hosts virtual systems
<smoser> please do not use foul language, as it might be offensive to some.
<Googa> sry
<uvirtbot> New bug: #464776 in samba (main) "Upgrade to Karmic kills smbfs: cifs filesystem not supported by the system" [Undecided,New] https://launchpad.net/bugs/464776
<Googa> is subdomain same as subzone?
<moonpup> can anyone tell me the differnce between the admin and adm groups?
<moonpup> do you have to be in both for sudo privs?
<Pici> moonpup: admin is listed in the sudoers file. adm is typically used for writing to log files in /var/log/  (someone correct me if I'm missing something)
<moonpup> Pici thanks, as I couldn't seem to find anything in the ubuntu docs regarding the groups
<moonpup> i was pretty sure it was admin, but didn't know what adm was for
<andol> Pici: Well, I guess adm is more used for read access to log files...
<maxernoult> hello
<Boohbah> hi maxernoult
<maxernoult> do you know a command / program that shows the electric consumption of a server ?
<simmerz> hi. Just upgraded a server (Xen host) guest from intrepid -> jaunty -> karmic. Jaunty was fine, but karmic fails to boot. I get the following, and then a Control-D message:
<simmerz> mountall:/proc: unable to mount: Device or resource busy
<simmerz> mountall:/proc/self/mountinfo: No such file or directory
<simmerz> mountall: root filesystem isn't mounted
<simmerz> host is debian etch / kernel 2.6.18
<Boohbah> maxernoult: PowerTOP
<Boohbah> http://www.lesswatts.org/projects/powertop/
<maxernoult> good, th0mz nks
<maxernoult> oups ...
<maxernoult> good, thanks :D
<Liberty76> I want to install 9.10 on a new computer it will be real close to my desktop Shall I administer it via lan or serial port
<Liberty76> Is anyone here that canm help
<Liberty76> Is every one here a bot
<simmerz> hi. Just upgraded a server (Xen host) guest from intrepid -> jaunty -> karmic. Jaunty was fine, but karmic fails to boot. I get the following, and then a Control-D message:
<simmerz> mountall:/proc: unable to mount: Device or resource busy
<simmerz> mountall:/proc/self/mountinfo: No such file or directory
<simmerz> mountall: root filesystem isn't mounted
<simmerz> host is debian etch / kernel 2.6.18
<dmsalles> Alguem estÃ¡ rodando vmware server no ubuntu 8.04
<Liberty76> Simmerz are you real
<simmerz> Liberty76: yep
<Liberty76> simmerz thanks
<Liberty76> lots of people here but not much help
<weechat3> xit
<darkpixel> Liberty76: There are people in here from around the world.  I just woke up and sat down at my PC--but I have to leave for work in about 5 minutes.  Try asking your question in another hour, maybe more people will be looking at their screen.
<Liberty76> maybe
<ttx> kirkland, mathiaz: I'll be away until Thursday, please split the remaining bugs in https://bugs.launchpad.net/ubuntu/karmic/+source/eucalyptus between you two so that they keep moving
<mathiaz> ttx: maaoooowww - okidoki
<ttx> mathiaz: you're trying to sound like a lynx ?
<mathiaz> ttx: :)
<ttx> mathiaz: sounded like when I step on my cat.
<mathiaz> ttx: it's actually hard to sound like a koala
<mathiaz> ttx:
<mathiaz> ttx: ^^ koala
<ttx> mathiaz: how was Montreal release party ?
<mathiaz> ttx: great - I didn't get as much beers as I expected
<mathiaz> ttx: the upside is that I was able to remember the way back home ;)
<ttx> hm, being an Ubuntu dev used to pay more.
<ttx> I also remembered the way from my party couch to my bed
<mathiaz> ttx: how many people were attending your party couch?
<Liberty76> I am building a new pc, and want to make an ubuntu home server, Do i need a monitor will a serial port work or is it better to administer it over the network?
<ttx> mathiaz: do cats count ?
<mathiaz> ttx: yes - mice as well
<ttx> mathiaz: then, 2 plus an unknown number of mice.
<incorrect> is there no 9.10 server edition?
<ttx> incorrect: you are incorrect.
<Liberty76> There is a 9.10 release it came out officially yeserday
<incorrect> well the updates to the website show no 9.10
<incorrect> http://www.ubuntu.com/products/whatisubuntu/serveredition/techspecs/whatsnew
<incorrect> linked from http://www.ubuntu.com/products/whatisubuntu/serveredition
<Liberty76> http://www.ubuntu.com/getubuntu/download
<ttx> incorrect: you are correct -- that "What's new in 9.10 (Jaunty Jackalope)" is quite wrong
<incorrect> http://www.ubuntu.com/getubuntu/download shows no server edition
<ttx> http://www.ubuntu.com/getubuntu/download-server
<ttx> linked from first page (ubuntu.com)
<incorrect> well its confusing for people who have previously just clicked the download and selected server
<ttx> incorrect: and it should be fixed
<incorrect> i wonder if someone will have put in server install from the netboot or if i will have to extract the seed file for it
<ttx> incorrect: thanks for pointing it out
<Liberty76> I thought the whole world knew about 9.10 its ben all over the net. and on the front page of ubuntu. org
<incorrect> i thought maybe the server version was skipping a release as i didn't see a whats new
<Liberty76> I would get it from a torrent. The dowlload servers will likely be over loaded
<Liberty76> Can the server be administered ove a serial port?
<ttx> incorrect: known issue, fix in progress
<incorrect> ttx, cool, i wasn't too sure if there was going to be a server release, i haven't been keeping track of things recently
<ttx> there is. I hope, otherwise I'd have been working 6 months for nothing.
<incorrect> thought it might have been more important to get a good LTS out rather than a server update now
<mathiaz> incorrect: LTS is the next release.
<incorrect> i know
<incorrect> i try to use LTS releases for my hosting platforms
<mathiaz> ScottK: bug 377571
<uvirtbot> Launchpad bug 377571 in postfix "package postfix 2.5.5-1.1 failed to install/upgrade: " [Undecided,Incomplete] https://launchpad.net/bugs/377571
<mathiaz> ScottK: is linux1.hsd1.pa.comcast.net. an invalid value for myhostname?
<ScottK> No.  Let me look at the bug.
<mathiaz> ScottK: I'm going through the postfix bugs to mark all invalid hostname/domain name bugs duplicate of bug 402776
<uvirtbot> Launchpad bug 402776 in postfix "postfix fails to install with invalid hostnames or domain names" [Medium,Triaged] https://launchpad.net/bugs/402776
<mathiaz> ScottK: could the . at the end be the 'misplaced delimiter'?
<RoyK> is there a trivial 'show ubuntu version' command somewhere? looking in all sorts of files in /etc is a mess
<jpds> RoyK: apt-cache show $package | grep Version ?
<Boohbah> RoyK: cat /etc/lsb-release
<jpds> Oh, not packages, lsb_release -a should do that.
<kshbu0> ping
<RoyK> lsb_release -r
<RoyK> thanks
<Pici> !version
<ubottu> To find out what version of Ubuntu you have, type Â« lsb_release -a Â» in a !shell - To know the available version of a package, Â« apt-cache policy <package> Â»
<RoyK> Pici: sure, but the question was answered :Ã¾
<Pici> RoyK: Just in case someone asks in the future, hopefully someone will remember the factoid.
<RoyK> this cloud computing stuff in 9.10 - is it just an abstraction of kvm/xen/something or what's the big deal?
<Skaag> Hi guys, I'm running 9.04 server, 64bit. Is Xen known to work out of the box on this version?
<Skaag> and is it the recommended virtualization solution?
<pdebruic> Is there a metapackage I could use to go from Ubuntu Minimal to Ubuntu Server?
<andol> pdebruic: Depending on what version you run there might be a task called "server" which will give you the packages belonging to a basic ubuntu server.
<pdebruic> andol: OK thanks.  its a Jaunty minimal install.
<andol> Yes, in Jaunty you should find that task
<nijaba> Skaag: Ubuntu works as a guest under Xen, but not as a Xen host. see http://www.ubuntu.com/products/whatisubuntu/serveredition/technologies/virtualization
<Skaag> hrm.
<andol> pdebruic: sudo tasksel install server should do the trick.
<nijaba> Skaag: the recommended virtualization solution for server on Ubuntu is KVM
<Skaag> interesting
<pdebruic> andol: thanks!
<nijaba> btw, I just finished updating http://www.ubuntu.com/products/whatisubuntu/serveredition/techspecs/whatsnew for 9.10
<andol> pdebruic: You might also want to pull the meta package linux-server to get the server kernel.
<pdebruic> andol: ok thanks.  I'm trying to figure out why my smalltalk image runs fine in Jaunty 64 bit desktop but seg faults in 64 bit server
<blackxored> hello I got this disk which says LDM metadata and all that stuff the disk came from windows, how can I mount it in ubuntu 8.04.3???
<sammy> does anyone else happen to use ejabberd's mod_irc to connect to freenode?
<sammy> oh nm. I'm finding the bug now. say, all the instructions I find about using the alternative-iso to upgrade to 9.10 involve using the update-manager gui and not the console. is there a way to use the alternate server iso to upgrade an ubuntu-server install so I can download the torrent instead of putting more load on the mirrors?
<orudie_> question. is it safe to upgrade from 8.10 to 9.10 ?
<ruben23> hi
<ruben23> how do i get initrd.gz and vmlinuz on network boot..?
<sammy> orudie_: https://help.ubuntu.com/community/UpgradeNotes : Skipping versions is not advised as it may cause damage to your system. If you are using an earlier version, and want to 'skip' a version, the safest way is to backup your data and do a fresh installation, or to progressively upgrade to each successive version.
<ruben23> i should not used the initrd.gz and vmlinuz on the installation disc, im doing ubuntu-server amd64 8.04
<ruben23> hi anyone..?
<nijaba> ruben23: you should find your answer in the WP I wrote about automated deployments at: http://www.ubuntu.com/products/whitepapers
 * nijaba calls it a week.  Have fun everyone...
<alex88> hi, i was updating a vps to karmic via ssh..but connection closed..is there a way to resume the upgrade process?
<alex88> cause maybe it's waiting for a configuration input or something else
<alex88> should i simply restart and continue upgrade after restart?
<qman__> alex88, normally it spawns an SSH server on an alternate port
<alex88> yeah...but it's not responding
<alex88> maybe the firewall is blocking it
<alex88> uh..i can use ssh port forward to ssh->localhost..
<alex88> mmhh..i've logged in on alternate port
<alex88> but i can't see the upgrade progress
<alex88> mmhhh
<alex88> i'll try hard reboot
<alex88> uh nice...vps broken...
<alex88> mountall:/proc: unable to mount: Device or resource busy
<alex88> mountall:/proc/self/mountinfo: No such file or directory
<ruben23> 8.04 is entipred right..?
<alex88> ruben23: nope, it's hardy
<alex88> 8.10 is intrepid
<smoser> kirkland, where should i document that you can have second dhcp server on eucal network ignore d0:0d macs?
<kirkland> smoser: somewhere in https://help.ubuntu.com/community/UEC
<kirkland> smoser: ie, some page below that
<blackxored> how can I change keyboard layout in ubuntu 8.04.3????? it's sudo dpkg-reconfigure locales or something else???
<blackxored> please direct my message I'm going out for a while, we need to setup an english keyboard layout from the console of ubuntu 8.04.3 LTS
<Liberty76> I want to build a homeserver system.  My MB has a serial port and will be connected to my network. Can I adminster Karmic without a monitor and keyboard?
<qman__> Liberty76, yes, normally you'd install SSH server and just do it remotely
<qman__> you need a keyboard and mouse for the initial install, though
<qman__> borrowing one from another machine is good enough
<qman__> err
<qman__> keyboard and monitor
<qman__> mouse not needed
<Liberty76> I'm not sure what ssh means?
<Liberty76> Kewl.. I adminstraitng it from Serial port a good idea?
<qman__> not necessary
<qman__> ssh is secure shell, a network service
<qman__> you can connect to your server from another computer
<Liberty76> Kewl
<Liberty76> kewl ..
<qman__> to connect you use 'ssh' from linux machines, or get putty for windows machines
<Liberty76> this is to be a fileserver/webserver and database server any particular gotchas
<qman__> nope, you can just check the "LAMP" install for a web/database server, and install samba or NFS for file server
<Liberty76> I have a karmic desktop machine that will be stacked right on top of it.
<qman__> the ubuntu server guide goes through this process in good detail
<Liberty76> Qman I really apreciate your advise ..
<Liberty76> I never AROUND WITH SERVERS MUCH
<qman__> no problem
<Liberty76> i never played around with servers much. so the cofidence is a little low
<crohakon> Liberty76; I just recently did the same thing you are looking to do. It took me about 2 hours to set up just because I had to start over twice. First time was because the box I was using had a bad mb that kept locking up. The other time was just so I could re-enforce what I had learned from the first two attempts.
<qman__> yes, it's a very straightforward process, ubuntu makes it easy
<qman__> so, even for a newbie, it shouldn't take too long
<crohakon> Liberty76; Now I can connect to my ubuntu server from anywhere and access my files. I am also hosting my own website now, using dyndns.com and avoiding default ports (damn charter)
<Liberty76> I installed the desktop a couple of times and I'l be using the same hardware for the server.
<crohakon> Liberty76; Like qman says, easy even for a newbie. I had never configured a server before. Although, I had been using Ubuntu desktop on my laptop for about a week. =)
<Liberty76> It sounds like fun, I am taking some pride in building pretty powerful machines for not much money ..
<qman__> my record for bringing up a new web server is ten minutes flat, from inserting the CD to production ready
<ScottK> I once had a mail server up and in production in two hours.
<ScottK> But that was from a box of parts on a table.
<Liberty76> I think my biggest thing to learn is the networking stuff.
<crohakon> ScottK; I was going to tackle the mail server next. My only issue is my ISP blocking ports. But I am sure I can find away around it to make it work.
<Liberty76> I use an atom duo board ..
<qman__> ScottK, nice
<crohakon> Liberty76; Whats to know? Ubuntu should setup should configure your nic and it should be plug in play. Install LAMP, configure it quickly by going through the server guide, and you are set to go.
<qman__> crohakon, what I did was set up postfix with a gmail account
<qman__> it's not perfect but it allows me to get mail onto the internet
<crohakon> So, in a sense, you run your own SMTP but use gmail for the pop access?
<qman__> basically, I only set it up to get mail out
<qman__> all mail is "from" that gmail account
<Liberty76> Crohakon It sounds pretty straight forward.  I hope it works that easy.. although desktop proved striaghtforward
<qman__> used it for automated mailing
<crohakon> That would work for my needs. I just want to set it up so my websites can send mail for account activations and such.
<qman__> right, that's exactly what I needed too
<qman__> I did it almost a year ago, so I don't remember all the details
<crohakon> Liberty76; The only issue I faced was that I was clueless when it came to working in a console environment. I almost gave in and installed gnome... but the guys and gals here in this channel convinced me to just push through with console. I am damn thankful they did, I love console now. I even code using nano and have never found building websites to be so easy.
<qman__> but basically you configure it to connect to gmail as its smtp server, you put the gmail account information in a config file, and set it up to use the alternate port and TLS
<qman__> yeah, the console is linux's best feature, if you ask me
<qman__> bash can facilitate some amazing things
<crohakon> I am still learning, but it has been a lot less daunting then I thought it would be. In fact, it really helped me to understand how the OS worked.
<crohakon> Liberty76; When do you plan to do this?
<Liberty76> Crohakon I have had some experiance on sun stations.
<Liberty76> next week I  still need a ca\se and disk drive
<crohakon> ahh
<Liberty76> one of those mine ITX cases
<Liberty76> mini
<crohakon> When ever I have the $$ I want to setup linux on a sold state drive on a mini computer with a touch screen just for fun. =)
<qman__> my most important servers use old hard drives, quantum fireballs
<qman__> those things just don't die
<Liberty76> I have a solid state 32 gig ide : but Im going for a 100 terabyte drive
<crohakon> damn, thats a lot of storage.
<Liberty76> $100 drive just singe terabyte
<qman__> heh, my file server only has 3.3TB
<Liberty76> lol
<crohakon> qman__; How many servers are you running?
<qman__> hmm
<qman__> 5, but one's down from hardware failure
<crohakon> What do you use them for?
<qman__> one's my internet gateway and router
<qman__> one's a file server, also running torrentflux
<qman__> one runs openVPN and mail
<qman__> one's my shell server and web
<crohakon> and I assume the web server is running a lamp configuration?
<qman__> yes
<crohakon> Whats your power bill like? =)
<qman__> oh, computers are the least bit to worry about for power bill
<qman__> family business, it's a campground
<coolman_bg84> hay algien q hable espaniol
<qman__> party store
<qman__> got tons of refrigerators and AC units and such
<qman__> power bills are like $1500 a month
<crohakon> qman__; I have always wanted to own something like that...
<qman__> it's my parents' business
<qman__> I run the network, we have wifi
<linux_dr> I'm really confused on how to configure apache in Ubuntu 9.10.... I'm trying to turn on the RewriteLog to no avail... ideas?
<crohakon> apt-get install apache2
<ruben23> hi how do partition manual my HDD... imean the proer devision on every mount points..
<qman__> linux_dr, you probably need to enable the module
<ruben23> any guide for it
<qman__> a2enmod modulename
<metalf8801> my update just seems to have stopped
<guntbert> linux_dr: #ubuntu-server might be the better place for your problem
<linux_dr> Apache is running just fine... trying to diagnose a mod-rewrite issue.
<qman__> guntbert, this is #ubuntu-server
<crohakon> guntbert; He is in #ubuntu-server... where do you think you are?
<crohakon> lol
<metalf8801> WARNING **: Owner of /tmp/orbit-root is not the current user
<metalf8801>  * Restarting eBox module: apache
 * guntbert blushes
<qman__> linux_dr, sudo a2enmod rewrite
<linux_dr> ROTFL
<qman__> then restart apache
<guntbert> linux_dr: sorry :/
<crohakon> /etc/init.d/apache2 restart
<crohakon> sudo, of course, before hand
<ruben23> any..?
<crohakon> ruben23; sorry, not much good when it comes to partitioning. Never really had to do it much.
<metalf8801> is there anything i can do?
<qman__> ruben23, partition with fdisk, change mount points in /etc/fstab
<linux_dr> the rewrite MODULE is already enabled... I need to turn on LOGGING. so I can see why my rewrite rule is broken.
<linux_dr> RewriteLog
<ruben23>  qman__: i mean how do i propoerly subdivide the sizes, of like /boot  recommended size--for /root---> like that etc.
<qman__> ruben23, fdisk
<qman__> or cfdisk, or parted, or whatever partitioner you like
<qman__> oh, you mean what size should you make it
<ruben23>  qman__: yeah but how about the sizing of partition are ther any standard of it..
<qman__>  /boot should be at least 128MB, probably no more than 256MB
<crohakon> not to big... not to little...
<ruben23> like for /boot , /root,  /local..
<qman__>  / should be at least a gig
<crohakon> =)
<qman__>  /usr should be at least a gig
<linux_dr> it's just with the apache config broken up into a dozen pieces like this I'm not sure where to put it... I put it in the main apache2.conf to no avail
<crohakon> http://httpd.apache.org/docs/2.0/mod/mod_log_config.html <-- does this help
<metalf8801> can anyone help me?
<crohakon> metalf8801; whats wrong/
<metalf8801> i'm trying to upgrade from 9.04 to 9.10 and there seems to be a problem with ebox
<metalf8801> "running post-installation trigger ebox"
<crohakon> metalf8801; not an area where I have a great deal of knowledge.. sorry.
<metalf8801> ok thanks anyway
<qman__> metalf8801, how long has it been sitting?
<crohakon> I can say, that is why I am sticking with 9.04 for a month or so.
<metalf8801> at least 30 min
<qman__> yeah, probably shouldn't be taking that long
<qman__> I'd let it go for another 30 min, but if it's still not done I'd ctrl+c
<metalf8801> well its still says about 27 minutes remaining
<metalf8801> ok thank you
<qman__> well
<qman__> if it doesn't get anywhere in 30 min, then stop it
<qman__> but if it does, just let it go
<metalf8801> it looks like this is what its stuck on
<metalf8801> WARNING **: Owner of /tmp/orbit-root is not the current user
<metalf8801>  * Restarting eBox module: apache                                        [ OK ]
<blackxored> how to change keyboard layout from the console in 8.04?
<blackxored> anyone?
<crohakon> qman__; What is the your camp grounds/stores website?
<metalf8801> thanks qman
<ruben23> can i do LVM with primary partion..? or only extended-logical
<qman__> crohakon, http://www.hilltopcampground.net/ -- the server doesn't support php or anything, so it's a bit lame, but there's pictures and stuff
<blackxored> how to change keyboard layout from the console in 8.04?
<crohakon> qman__; php is not that hard to set up
<qman__> ruben23, you can do LVM with either
<qman__> crohakon, it's not my server, it's just a web host
<qman__> hence the problem
<crohakon> qman__; why not run it at home?
<qman__> charter blocks port 80
<crohakon> so?
<crohakon> port 8000 is not blocked
<qman__> you can't run a business website on an alternate port
<qman__> it just doesn't work
<crohakon> using dyndns with a domain name
<blackxored> how to change keyboard layout from the shell, anyone could answer this one?
<qman__> in any case, that's probably going to be addressed soon anyway
<qman__> we're exceeding our bandwidth at times there
<crohakon> fair enough =)
<crohakon> The place looks nice though.
<qman__> thanks
<crohakon> Do you have tent camping at all or is it just campers?
<qman__> tent camping too, but all sites accommodate campers
<qman__> but we're getting pretty far off topic :)
<ruben23> qman__: my /boot partition--can i do it with ext3 file system..?
<crohakon> qman__; true. =) Well, maybe my wife and I will have to plan our next camping trip there. It looks nice. That is the last I will say on the topic though.
<qman__> blackxored, try "sudo dpkg-reconfigure console-setup"
<qman__> ruben23, yes
 * Liberty76 is leaving thanks qman and crohakon
<crohakon> what are the advantages of running your own DNS server instead of using your ISPs?
<qman__> crohakon, much faster DNS lookups, resulting in faster web browsing
<qman__> plus you can create a local zone and use DNS instead of netbios names
<qman__> or hosts files
<crohakon> qman__; I think that will be my next project then.
<ruben23> do sysadmin guys dreamed to setup and have ther own mail server..running..;-) thats a fact....
<clusty> hey
<clusty> i was curious how much ram do i need to run a LAMP with ubuntu server?
<clusty> i want to buy VPS hosting for my project and was windering if 128 MB ram is enough for some light blog
<poningru> clusty, 256MB here works just fine
<poningru> oh
<poningru> no idea
<poningru> I would imagine so
<__ruben> better avoid getting slashdotted with just 128megs
<clusty> now i got 64 mb :D and it does nto cut it. that is the default conf
<clusty> 64 MB is barely enough to run everything with no clients  :D
<__ruben> my router which also has a lamp stack on it, uses 147M excluding cache/buffers
<clusty> well basically i can "upgrade" to 128 mb for 15 bux/month
<clusty> or switch providers alltogether for 512MB for 25bux/month
<__ruben> i dont have any vms under 512M, i tend to for 1G as "default" .. then again, im not a vps buying person
<clusty> well i am running windows in a box, but that is not comparable usage. and virtualbpx with 256 mb ram is fine for winCP
<clusty> XP*
<clusty> which package do i need to reconfigure to get apache to default conf?
<jpds> clusty: apache2.2-common: /etc/apache2/apache2.conf
<bogeyd6> prob look for
<bogeyd6> dpkg --reconfigure apache2
<bogeyd6> sorry i been in suse all day
<bogeyd6> its
<bogeyd6> dpkg-reconfigure
<cemc> if I use virt-install --vnc, how can I tell it to listen on 0.0.0.0:5900, and not only on 127.0.0.1:5900 ?
<uvirtbot> New bug: #465665 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 (not installed) failed to install/upgrade: subprocess new pre-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/465665
<dannyboy1121> could do with a hand here - manually deleted a directory oops for jabber installation (/etc/jabber). Reinstalling jabber doesn't recreate the directory though. Any ideas how to force a complete fresh install?
<hggdh> dannyboy1121: sudo apt-get purge jabber && sudo apt-get install jabber
<hggdh> (if the dir is created by the install)
<dannyboy1121> h: I've tried this ... reinstall doesn't seem to recreate the /etc/jabber dir
<dannyboy1121> I'm totally confused
<dannyboy1121> :)
<hggdh> dannyboy1121: http://pastebin.com/f7729114b
<hggdh> these are the packages that deal with the /etc/jabber directory (for karmic)
<dannyboy1121> jabberd14
<dannyboy1121> excellent .. that did the trick. I learnt something there ... tyvm
<hggdh> dannyboy1121: one way to find which file belongs to which package is via apt-file. This is where I got the list (apt-file search /etc/jabber)
<dannyboy1121> ahHHhhh .. again, many thanks
<hggdh> yw
#ubuntu-server 2009-10-31
<dannyboy1121> Just onelast general question. I was surprised to see in Citrix Xenserver that there was no direct installation candidate for Ubuntu Server. Is anyone aware if this is likely to change?
<foxbuntu> dannyboy1121, iirc, Xen was dropped in favor of KVM, so no
<dannyboy1121> many thanks
<sven_oostenbrink> I have a 9.04 server, which I want to upgrade to 9.10.. How can I do that?
<zash> sven_oostenbrink: http://www.ubuntu.com/getubuntu/upgrading -> Network Upgrade for Ubuntu Servers
<zash> I wonder if/when to upgrade my hardy server
<qman__> zash, about 7 months from now ;)
<ruben23> hi what is the boatloader of ubuntu server..?
<qman__> ruben23, grub
<ruben23> grub or lilo
<ruben23> cant find grub.conf
<qman__> 9.10 uses grub2
<zash> qman__: yeah, too bad 10.04 won't be called llama :(
<ruben23> qman__: 8.04 im using
<ruben23> how do i find it, grub.conf
<qman__> ruben23, the config file is /boot/grub/menu.lst
<qman__> some systems use grub.conf, ubuntu uses menu.lst
<qman__> same file
<ruben23> qman__: thanks
<clusty> hey
<clusty> i am tryign to enable mod_rewrite in 9.04
<clusty> i am getting this when i try to start apache:http://pastebin.com/m6f4e4217
<clusty> clues?
<ruben23> hi anyone have idea of this error on my updates...? ----->http://pastebin.com/pastebin.php
<qman__> clusty, sudo a2enmod rewrite
<qman__> undo whatever change you made first
<ruben23> hi
<ruben23> any idea of the error on updates
<qman__> ruben23, you didn't link to your paste
<qman__> you linked to the main site
<ruben23> qman__:how do i correct it..
<qman__> ruben23, link to your paste
<ruben23> qman__: what you mean paste..?
<ruben23> sorry
<qman__> ruben23, look at the link you gave, it isn't the right link
<ruben23> qman__: how do i link to my paste
<zzz2009> I am setting up a server, I had used Fedora, but decided to try Ubuntu.
<zzz2009> I am setting up the DNS as the first service, could somebody expain the rational behind the ubuntu/debian bind 9 configuration?
<zzz2009> why isn't bind chrooted? why the, to me, odd division of conf files? TIA Josh
<qman__> ruben23, copy the correct URL, with the random bit at the end, such as clusty just did
<qman__> jla, ubuntu relies on apparmor instead of chrooting
<jla> jla = zzz2009
<qman__> bind isn't allowed to access files outside of its defined directories
<clusty> qman__: had some nasty confs that were causing the crash
<qman__> the "odd" division, as you put it, is just for convenience
<ruben23> qman__:  ill cechk on the source.list on apt...?
<qman__> ruben23, no
<qman__> pastebin, you need to link to the correct URL so we can see the output
<jla> Ok, so chroot is not considered necessary, but why divide up the conf files, setting up a split dns means that i have immediately break the current setup, will this break some other part of the system?
<qman__> jla, the conf files are merely dividing the sections, and are included in
<qman__> it works the same way as if you had one file
<ruben23>  qman__: what i do its just apt-get update, nothing else
<qman__> ruben23, show us the output of the error
<qman__> jla, you can replace the separated conf files with one single file if you really want to, but it's not that complicated
<ruben23> qman__:-------->http://pastebin.com/m314ac77e
<jla> no it doesn't the default cannot be included in the named.conf as all zones must be in a view!
<qman__> jla, ?
<qman__> named.conf includes named.conf.options and named.conf.local
<qman__> at the given points, stated in named.conf
<qman__> it works exactly the same as if all three were in one file
<ruben23> qman__:  what you think...?
<qman__> ruben23, looks like either a corrupt download or corrupt files on that mirror
<zash> but srsly, still lighttpd 1.4 in karmic?
<qman__> ruben23, try a different mirror, or try again later
<jla> it also includes named.conf.default.zones which contain the zone references for the root hints and rfc1912 zones.
<jla> the hints zone should be included in all views, but the rfc1912 should only be included in the local view!
<ruben23> qman__: how do i change my mirror..?
<jla> in the current default config setting up views in named.conf.local does not work.
<zash> so lighttpd 1.5 is still in beta?
<qman__> jla, then just comment out the rfc1912 inclusion
<qman__> I don't even have that file
<qman__> so I don't know how yours is set up, it may have changed
<jla> qman__, OK, but how llikely am I to break some other part of the overall setup?
<qman__> jla, not at all
<qman__> if you wanted to, you could just delete all those config files and use only named.conf
<qman__> and it will work
<qman__> though just commenting out what's breaking things is probably a better way
<ruben23> qman__:..?
<jla> qman__, true, but in this case I have to split the default.zone file in to two pieces. I do it my way and see what happens.
<qman__> ruben23, http://lmgtfy.com/?q=ubuntu+change+mirror
<bostrt> hi, i have a server with ubuntu 8.10 on it, is there a way without a reinstall to ugrade to 9.10?
<qman__> bostrt, upgrade to 9.04, then 9.10
<ruben23> qman__:  it display mirror but it didnt tell how to set the new mirror on the server...:-(
<bostrt> qman__: i believe 8.10 is unsupported
<bostrt> but could i change the souces.list file around?
<qman__> bostrt, no, just upgrade to 9.04, then 9.10
<qman__> sudo do-release-upgrade
<bostrt> qman__: hm, i tried that earlier but nada, now it seems fine. perhaps user error
<qman__> bostrt, also, 8.10 isn't unsupported yet
<qman__> not for another year or two
<ruben23> hi
<ruben23> any chnage the mirror of an exixting ubuntu server..
<nijaba> borst, qman: 8.10 is not an LTS -> as such it is supported 18 months. EOL -> 10/2004
<nijaba> err= EOL -> 04/2004
<nijaba> maybe I'll get that right once: EOL -> 04/2010
 * nijaba got it right, finally...
<qman__> hah, yeah
<ruben23> im getting this error when i run update-----> http://pastebin.com/m314ac77e
<qman__> EOL 4 years before it's released ;)
<nijaba> ruben23: is your connection reliable?  Sounds like the file you download get corrupted.  A faulty proxy cache may cause this as well.
<ruben23> nijaba: i have squid on my gateway server, guess need to turned it off
<ruben23> to isolate
<nijaba> ruben23: that's an idea.  if you can confirm after turning it off, check the caching parameters which might be a bit too conservative.
<nijaba> ruben23: that's an idea.  if you can confirm after turning it off, check the caching parameters which might be a bit too conservative.
<PC_Nerd1011> Hi,  I'm upgrading from 9.04 -> 9.10, and when it restarts bind9 -> "rndc failed to connect"...  bind9 wont start seperately, and named -g -p53 reports an error in being able to read /usr/lib/ssl/openssl.cnf (sym link to elsewhere)....   any suggestions ?
<marcelcohrs> hi, how do i start the ftp server?
<marcelcohrs> hello?
<marcelcohrs> anybody active in this channel?
<marcelcohrs> PLEASE
<marcelcohrs> come on guys
<Sam-I-Am> first you need to install one
<Sam-I-Am> then its either controlled in inetd.conf or by its own config file
<marcelcohrs> hi guys
<marcelcohrs> i cant access my mysql server 4 some reason
<JanC> foursome reason?
<marcelcohrs> ok ok ok
<marcelcohrs> sorry
<marcelcohrs> my fault
<JanC> :P
<JanC> just use plain English if possible  ;-)
<marcelcohrs> my app(navicat) says: can not connect to mysql server at 192.....
<marcelcohrs> :P
<marcelcohrs> :d
<marcelcohrs> :D
<JanC> navicat is a proprietary app IIRC?
<JanC> does it support the MySQL version in Ubuntu?
<marcelcohrs> should
<marcelcohrs> it works with my mysql on osx
<marcelcohrs> i just set up a vm machine with linux ontop of osx
<marcelcohrs> installed a lamp
<marcelcohrs> i can connect to the apache via firefox, but not to mysql even the service is running
<qman__> marcelcohrs, by default, mysql listens on a local unix socket
<qman__> you need to configure it to listen on an IP address if you want remote access
<marcelcohrs> cool
<marcelcohrs> eehm
<marcelcohrs> how?
<qman__> in the main mysql config file, bind-address
<qman__> it's commented out
<marcelcohrs> nice which folder is it by defauilt at
<qman__> /etc/mysql/my.cnf IIRC, something like that
<marcelcohrs> am using latest ubuntu server build
<marcelcohrs> okay
<marcelcohrs> brb
<marcelcohrs> :D
<marcelcohrs> bind-address?
<marcelcohrs> was set to loopback
<marcelcohrs> should i set it to the et0 ip?
<qman__> ah, must have changed defaults
<qman__> yes
<marcelcohrs> eth
<qman__> it used to just be commented out
<qman__> set it to whatever your IP is
<marcelcohrs> okay
<marcelcohrs> but its bind-address, right?
<qman__> yes
<marcelcohrs> thank
<marcelcohrs> do i have to restart mysql
<qman__> yes
<marcelcohrs> host 192.... is not allowed to connect to the mysql server
<qman__> you have to create a user with permission to connect from remote hosts
<qman__> in mysql
<marcelcohrs> i also cant run mysql from my commandline
<marcelcohrs> access denied for user marcel @....
<qman__> grant some privileges on databasename.* to user@host
<qman__> mysql -u root -p
<marcelcohrs> in the same file?
<qman__> and type the password you set it up with
<qman__> no, that's a mysql command line
<qman__> you set the mysql root password during install
<qman__> so, log in as root, and set up mysql users
<qman__> log in to mysql as root, that is
<vraa> you could use phpmyadmin to do that as well
<vraa> and that's a little easier to understand than mysql command line
<qman__> mysql is a pain
<marcelcohrs> true true
<vraa> since i think he said he had apache access with firefox already
<marcelcohrs> thats why i use navicat
<vraa> im not sure what navicat is, but you could use mysql administrator i think it sounds like they may be similar
<marcelcohrs> no linux is running in a vm machine ontop of osx 10.56
<marcelcohrs> 10.6
<qman__> that's not relevant
<marcelcohrs> ok
<qman__> this software would have to be installed on the linux machine
<qman__> phpmyadmin, etc.
<marcelcohrs> sorry, but HOW do i add or grad access to marcel(systemuser)
<marcelcohrs> root works
<qman__> well
<vraa> yeah i'm talking about your ubuntu computer, "sudo apt-get install phpmyadmin"
<marcelcohrs> there is no giu
<marcelcohrs> gui
<vraa> and that'll give you phpmyadmin, so when you go to http://ipaddressofcomptuerrunningubuntu/phpmyadmin/ you get a nice interface
<marcelcohrs> just commandline
<vraa> you certainly have ssh access right ?
<qman__> it's a bad idea to do this, but you could do "grant all privileges on *.* to 'marcel'@*;
<qman__> "
<qman__> what you should do, is create a database
<qman__> and then create a user
<qman__> to access that database
<qman__> and you should never share mysql passwords with system passwords
<marcelcohrs> ooh kay
<qman__> mysql is restricted to the local machine by default because that is a secure configuration
<qman__> if you need remote access, you should only grant specifically the remote access you need
<marcelcohrs> but its just me
<marcelcohrs> :)
<qman__> to the host you need, to the database you need, and for only the user you need
<marcelcohrs> this is a virtual machine
<qman__> and only the privileges you need
<marcelcohrs> i would like to crud my dbs remotely via a gui app called navicat
<marcelcohrs> so pretty much i neet  root access
<qman__> then, what you should do
<qman__> is create a user called navicat
<marcelcohrs> ok
<marcelcohrs> in linux right adduser
<qman__> and grant it all privileges on all databases, but only from your host
<qman__> no
<qman__> in mysql
<qman__> like this
<marcelcohrs> okay
<marcelcohrs> i love u man
<marcelcohrs> <3
<qman__> grant all privileges on *.* to 'navicat'@'1.2.3.4'
<qman__> ;
<qman__> set password for 'navicat'@'1.2.3.4' = password('new_password');
<qman__> and do this where 1.2.3.4 is your host's IP, and new_password is the desired password
<marcelcohrs> mysql syntax error
<marcelcohrs> grant all privileges on *.* to 'navicat'@'1.2.3.4'
<marcelcohrs> sorry
<marcelcohrs> sorry sorry
<qman__> you might have to do each database individually
<marcelcohrs> was me ;)
<qman__> oh, ok
<marcelcohrs> okay should i test now?
<marcelcohrs> or smth else?
<qman__> go ahead and test
<qman__> see if you can log in from the host
<marcelcohrs> omg
<marcelcohrs> omg
<marcelcohrs> ogm
<marcelcohrs> omg
<marcelcohrs> it WOXXX
<marcelcohrs> ure teh man q man
<marcelcohrs> okay...
<marcelcohrs> now!
<marcelcohrs> have u used vsftpd?
<marcelcohrs> cause i can connect already, but i dont have any writing permissions
<marcelcohrs> apparently it uses the linux accounts
<marcelcohrs> how would i set i.E. the user marcel to read and write everywhere]
<marcelcohrs> i can see already the root layer, but i cant drop my files anywhere
<qman__> pretty sure vsftpd won't let you do that
<qman__> use sftp instead
<marcelcohrs> okay
<marcelcohrs> how do i unistall vsftp?
<marcelcohrs> caus i think i starts on startup
<qman__> sudo apt-get purge vsftpd
<marcelcohrs> package sftp has no installation candidate
<marcelcohrs> was the install successfull?
<qman__> no, sftp is part of openssh-server
<marcelcohrs> i remember i checked installed ssh server on my ubutu installation
<qman__> so it's probably already installed
<qman__> it uses system accounts and permission
<marcelcohrs> okay i got rid of vsftp
<marcelcohrs> cool
<marcelcohrs> how do i run it?
<marcelcohrs> OR
<marcelcohrs> shouldm i use macfuse?
<qman__> no idea what that is
<qman__> most linux and nix systems have the ssh, scp, and sftp clients
<qman__> available at the terminal
<fallous> macfuse lets you mount sshfs and such
<marcelcohrs> thats right
<marcelcohrs> i connected already to my linux-box via sshfs
<marcelcohrs> i can see everything, but with my account (marcel)
<marcelcohrs> i still cant write
<fallous> chmod or add your user to a group that does have write perms to the dirs
<marcelcohrs> how would i grand myself these permissions?
<marcelcohrs> the user has been created automatically during the installation
<fallous> yes, and the user doesn't have write perms for whatever dir you're trying to monkey with
<marcelcohrs> no idea ho i would set it to a root use
<marcelcohrs> r
<fallous> you don't want to ssh as root
<fallous> remote connects as root is a Bad Idea(tm)
<marcelcohrs> i know everybody says that
<marcelcohrs> soooo
<marcelcohrs> what should i do
<fallous> what I said :)
<marcelcohrs> i need to drop content(php files) in /var/www
<marcelcohrs> okay let me review
<marcelcohrs> chmod or add your user to a group that does have write perms to the dirs
<marcelcohrs> how?
<marcelcohrs> ^^
<uvirtbot> marcelcohrs: Error: "^" is not a valid command.
<marcelcohrs> srry guis
<marcelcohrs> im coming from the dark(windows) and am going slowliy towards the light
<fallous> I'd set /var/www to be owned by group www with write enabled, then add marcel to that group
<marcelcohrs> okay
<marcelcohrs> im on /
<marcelcohrs> what the command?
<marcelcohrs> do i need to sudo that?
<fallous> ah, I see there is no default www group in 9.10
<marcelcohrs> sorry guys
<marcelcohrs> what do i need to type
<marcelcohrs> ?
<twb> fallous: historically, at least, www-data is used by httpds/
<fallous> yeah
<fallous> on my box I just chmod /var/www so it's editable by any user since I only have my own accounts in there and everything is backed up
<fallous> so quick and dirty like I do it is chmod 777 /var/www
<twb> fallous: do you also make all your executables set-uid?
<fallous> yes
 * twb sighs
<fallous> I also irc naked
<fallous> :)
<twb> I don't wish to know that!
<twb> Kindly leave the stage/
<marcelcohrs> oh MY GOD
<marcelcohrs> too much information fallous
<marcelcohrs> :P
<fallous> it happens when you ask too many questions ;)
<poningru> lol
<marcelcohrs> giggledi
<twb> Once again demonstrating that Ubuntu's -server is nearly as despicably juvenile as all its other channels...
<fallous> and to assuage twb, no I don't run setuid ;)
<fallous> of course it always amused me that linux lacks wheel but that's my old bsd bigotry flaring up
<marcelcohrs> thanks sooooo much
<marcelcohrs> bee back soon
<marcelcohrs> love u guys
<marcelcohrs> <3 qman
<fallous> sorry, already married
<marcelcohrs> :)
<marcelcohrs> buy
<supermatthew> i setup my server with ISPConfig and Courier mail server, but mail isn't working
<supermatthew> i keep getting Unknown user or password incorrect when i try to login via squirrelMail
<Fenix> does a DNS need a static ip?
<Fenix> Does a DNS need a static ip
<debio264> I'm setting up a single sign on system, and I pretty much have Kerberos and LDAP all set, but I'm wanting to have home directories shared across the systems signing in to the Kerberos/LDAP setup
<debio264> can anyone recommend a filesystem to use there?
<debio264> should I just use Samba and have a big home directory share?
<debio264> or something distributed like Coda?
<debio264> or even NFS?
<Fenix> I would try samba
<twb> debio264: are the clients running Ubuntu or Windows?
<debio264> twb: Ubuntu
<twb> Then try NFSv4 before Samba
<twb> libpam_mount.so blows
<debio264> yea, should I just make one big share of /home, or mount the user's directory at login?
<twb> debio264: ask NFSv4's documentation.
<debio264> okay
<twb> Obviously for NFSv3 you export /home directly (or rather, whatever filesystem that lives on), and Samba you export individual home directories.
<twb> I don't know how NFSv4 does it.
<tonyyarusso> Hi, I need some help with BIND.  I'm trying to make a machine on my LAN act as if it were the official archive mirror (for an installfest).  I got it so it answers for archive.ubuntu.com, but now I want to add us.archive.ubuntu.com, etc., and I'm not sure how to do the subdomains.
<tonyyarusso> nvm, I appear to have gotten it...
<supermatthew> can someone help me, my mail isn't working
<Boohbah> us.archive.ubuntu.com CNAME your.a.record.ubuntu.com
<Boohbah> tonyyarusso: the CNAME points to the A record that points to your IP
<tonyyarusso> righto
<tonyyarusso> Is it possible to do wildcards?
<Boohbah> sure
<Boohbah> *.ubuntu.com CNAME ubuntu.com
<supermatthew> can someone help me, my mail isn't working, when i try to send mail from, nothing happens(no errors) but it doesn't arive, when i try to it nothing happens. I can't figure out were log files re
<twb> tonyyarusso: wouldn't it be better to just fix the preseeding so that machines didn't try to talk to archive.u.c?
<twb> Boohbah: I don't think you can CNAME between domains.
<twb> Boohbah: oh, never mind.
<tonyyarusso> twb: That's on the list for Lucid (along with attempting PXE), but I just frankly don't have time to figure that out and make new images before our release party in 7 hours.
<tonyyarusso> twb: Also, I want it to work for people who are upgrading as well.
<twb> Shrug
<twb> Preseeding by hand is just adding url=http://fred/preseed.txt to the boot prompt
<twb> Granted it wouldn't help upgraders
<tonyyarusso> I also won't be around to explain that to everyone necessarily - I'd like it to work as hands-off as possible.
<tonyyarusso> Anyway, we'll see how this works, and make adjustments for next time as needed.
<Boohbah> twb: i get paid for DNS stuff :) looking forward to IDN's!
<twb> Boohbah: including all the exciting issues that Unicode brings?
<Boohbah> twb: punycode
<Boohbah> twb: yes, very exciting! i'm sure there will be many buggy implementations to exploit :)
<supermatthew> screw it, ill modify the system to talk to my windows machine which i know can send and recive mail
<twb> supermatthew: what MTA are you using?
<Boohbah> supermatthew: that's kind of lame. tried postfix? there are plenty of howto's for postfix + ubuntu
<supermatthew> i am using postfix
<supermatthew> i setup ispconfig
<twb> supermatthew: I don't know what ispconfig is.  Is postfix configured?
<supermatthew> ispconfig is a server manager, like cpanel/whm
<twb> ispconfig is not part of Ubuntu, so I can't help you.
<tonyyarusso> For some reason in karmic I can't get the default gateway set from within /etc/network/interfaces - I have to do 'route add default gw 192.168.1.1' separately.
<tonyyarusso> Isn't the syntax just "gateway 192.168.1.1" within the iface options?
<marcelcohrs> i cant access my mysql with my account error 1045 access denied for user marcel
<marcelcohrs> i tried already adding marcel as a user in mysql
<marcelcohrs> solved it
<marcelcohrs> hat to grant @ LOCALHOST
<marcelcohrs> :)
<marcelcohrs> but ive another  problem
<supermatthew> yay i got mail to send
<supermatthew> i just nuked my vps and started over
<twb> tonyyarusso: is the interfaces stanza static or dhcp?
<tonyyarusso> twb: static
<twb> Good.
<twb> I'm out of ideas, then
<twb> Unless your gateway is accidentally not within the netmask you defined
<tonyyarusso> netmask of 255.255.255.0 for a 192.168.1.1 gw
<twb> tonyyarusso: just pastebin your whole interfaces file
<twb> I doubt I can help, but it won't hurt
<tonyyarusso> actually, atm it's more important for me to get some sleep.  Perhaps another time.
<Fenix> where is named.conf file path directive
<Fenix> anyone?
<kblin> try find /etc -type f -name named.conf
<dvrvm> good morning. just upgraded my server to karmic, now the system won't boot because the file system doesn't mount anymore... known problem?
<wetnose> 'admin' user not found on Karmic UEC Cloud Controller install http://tinyurl.com/yh4gk82
<wetnose> Has anyone tried installing UEC via Karmic installer?
<wetnose> Does anyone know of a forum for Ubuntu Enterprise Cloud users?
<twb> !uec
<ubottu> Sorry, I don't know anything about uec
<twb> Apparently not
<cemc> if I use virt-install --vnc, how can I tell it to listen on 0.0.0.0:5900, and not only on 127.0.0.1:5900 ?
<twb> cemc: do you REALLY want to do that?
<twb> cemc: seems to me port forwarding with ssh would be safer
<twb> i.e. ssh -nfL 5900:127.0.0.1:5900 vm && vncviewer 127.0.0.1
<cemc> I'm doing that right know, with ssh and port forwarding. I was just wondering if and how it can be done
<twb> I don't know, sorry.
<cemc> np. btw, this KVM thing IS fast, heh
<kblin> can kvm in karmic finally do snapshots and restores from running vms?
<kblin> e.g. from virt-manager?
<cemc> kblin: hm, haven't tried that, it's my first time with KVM
<kblin> I'm running kvm on my 8.04 dev box, and it's pretty nice, apart from not being able to conveniently do snapshots
<kblin> so on my 9.10 laptop, I tend to use virtualbox
<kblin> the laptop can't run KVM (no VT support), or I'd have tried
<wetnose> twb: sorry, what does "!uec" mean?
<twb> wetnose: I was hoping ubottu would help out
<twb> wetnose: the ! means "hey, ubottu!"
<twb> kblin: I don't know about virt-manager or kvm, but qemu (on which kvm is based) can certainly do snapshots of running VMs, as long as you're using the qcow2 disk format (rather than the raw format)
<dvrvm> how should my menu.lst look exactly? it looks like update-grub sees the new 9.10 kernel but doesn't renew the menu.lst file
<wetnose> Is there much interest in Eucalyptus from Ubuntu users?
<kblin> twb: yeah, I know, but it's not terribly useful if that's not integrated in the GUI. at least not very convenient
<twb> kblin: sure.  I'm just saying that the backend, at least, ought to do it
<twb> Nobody will give me a VT-capable machine to play with virt-manager and kvm on :-(
<twb> "We'll use vmware/openvz/virtualbox again because you don't have experience deploying kvm"
<twb> Well, of course I don't!  You can't bootstrap from null!
 * twb grumbles
<wetnose> Any KVM fans here? I wasn't sold on it when Ubuntu drank the coolaid.
<twb> I *love* qemu
<kblin> wetnose: I like it. it's just the UI that sucks
<twb> qemu -curses and -nographic are killer features
<cemc> of course you don't use the UI much once the guest is up... so...
<kblin> fortunately most of my windows machines can suspend to disk, so I don't miss the VM-based suspend
<wetnose> I use Xen with a webui I wrote myself
<cemc> I mean come on
<cemc> start/stop, that's it
<twb> kblin: doesn't virt-manager mean that it has the exact same UI as xen?
<kblin> cemc: not so much
<cemc> the ssh guest
<cemc> then*
<kblin> cemc: my guests are mostly windows
<kblin> no ssh there
<wetnose> Does console access to KVM guests still require use of VNC?
<cemc> I liked vmware's UI, and virtualbox UI too, but this virsh does the trick too
<twb> I also like how qemu includes DNS, DHCP, userspace masquerading, etc.
<cemc> and virt-install
<twb> wetnose: -curses means I don't need to use VNC -- it just displays the 80x25 console directly in my xterm
<twb> wetnose: VERY fast compared to VNC, very nice when doing d-i installs
<kblin> twb: meh. real IPs and bridging is the way to go. which virt-manager does rather nicely
<twb> kblin: that's harder if you don't have root
<kblin> ok, I got root on my dev box, non-issue for me
<twb> I create and destroy lots of little VMs that only live a couple of hours, tops
<kblin> and I need to have virtual machines that can talk to each other
<twb> It's nice to not have to piss about with an expensive (in terms of my time) setup process
<wetnose> does Xen use qemu?
<kblin> it's kind of hard to test windows cross-forest trust domains if the machines don't talk to each other
<twb> I heard xen uses qemu for "full" emulation, e.g. with windows DomUs
<kblin> wetnose: nope
<twb> kblin: I don't have to deal with Windows at all.  It's lovely.
<renatinho> brasileiros na sala ?
<kblin> twb: well, check my cloak to see why I have to
<twb> kblin: haha
<twb> !pt
<ubottu> Por favor, use #ubuntu-br para ajuda em portuguÃªs. Para a comunidade local portuguÃªsa, #ubuntu-pt. Obrigado.
<wetnose> where does ubuntu make package based bug tracking available?
<kblin> launchpad
<wetnose> ta
<kblin> if you want to file a bug, you can do that from the command line, though
<wetnose> I am trying to find out why UEC install failed to create a user I can login with. :-)
<renatinho> brasil!!!!!!!!!!
<renatinho> nopt ingles
<renatinho> not ingles
<kblin> wetnose: so what's the deal with that cloud thing anyway? isn't that just a couple of VMs you can migrate between servers, with a fancy name?
<wetnose> Karmic UEC feels like Hardy Xen. DOA :-(
<renatinho>  :'( alguem fala a minha lingua
<wetnose> Eucalyptus was a research project that kinda reversed engineered Amazon ec2
<renatinho> eu sou brasileiro lingua portuguesa
<wetnose> Ubuntu Enterprise Cloud is Eucalyptus on ubuntu.
<kblin> yeah, I got that much... but what is it good for?
<wetnose> You can use all the Amazon tools to manage your own cloud
<jpds> !br | renatinho
<ubottu> renatinho: Por favor, use #ubuntu-br para ajuda em portuguÃªs. Obrigado.
<twb> "reverse engineered", or "read the whitepaper and implemented the same thing"?
<kblin> twb: that's pretty much the same thing
<twb> Well, I bet the former is illegal now
<wetnose> twb: yeah, I said kinda
<kblin> twb: nope
<twb> wetnose: righto
<wetnose> twb: because it's not the right word
<kblin> twb: not if you do it correctly
<twb> kblin: hehe
<wetnose> Here's the correct description: http://open.eucalyptus.com/
<wetnose> I want to have my own ec2 and s3 services on my own hardware
<wetnose> tonight if possible
<wetnose> but ubuntu seem to have shipped yet another broken offering
<kblin> wetnose: well, then set it up manually, I guess
<kblin> or buy amazon
<kblin> depends on how much time/money you have, obviously
<wetnose> hehehe
<kblin> twb: http://www.samba.org/ftp/tridge/misc/french_cafe.txt describes Samba's approach at reverse engineering quite well
<wetnose> Yeah, I might go the manual route
<wetnose> Was excited at the promise of it "just working". http://www.ubuntu.com/cloud/private-steps
<twb> kblin: ah, of course.  You Samba people would have first-hand experience.
<kblin> wetnose: it might be fixed soon
<kblin> wetnose: but there's a reason why the bleeding edge is called "bleeding edge"
<wetnose> 9.10 isn't really bleeding edge
<wetnose> hey, I'm going to stop bleeting and get back to solving the problem
<twb> Compared to LTS it is
 * twb kicks LDAP config change
<wetnose> thanks folks
<wetnose> Found the answer to make Karmic UEC work!
<wetnose> You need to reboot the server. Just Like Windows. :-)
<simh> hi, is this a proper place to ask about ubuntu 8.04 lts instalation problems? the installer does not detetect my hdd and no1 could help me so far :)
<dvrvm> please, could someone pastebin his 9.10 server menu.lst?
<dvrvm> update-grub sees the kernels but somehow doesn't update the file
<twb> dvrvm: does 9.10 use GRUB Legacy or GRUB 2?
<twb> GRUB 2 uses grub.cfg (or so), not menu.lst
<dvrvm> twb: i updated from 9.04 ergo still menu.lst and grub1
<twb> dvrvm: you've confirmed this?
<twb> i.e. you're not just assuming that it's the case
<dvrvm> i have no grub.cfg and aptitude says grub2 is not installed
<dvrvm> the problem comes from the fact that i didn't allow the updater to update menu.lst and now it looks like update-grub doesnt "see" where to put the new data
<twb> dvrvm: it's "grub-pc" or so, not "grub2".
<twb> But it appears that karmic and lucid still support grub legacy
<dvrvm> no, grub-pc is not installed either, grub-common is at 1.97 beta4
<twb> 1.97 is grub2
<twb> But grub-common is not a problem, I think
<dvrvm> ok, so why is my system booting the old kernel?
<zoopster> twb: if you are using grub2 and update-grub (stub for grub-mkconfig) you need to pass more parameters...man pages will help
<twb> dvrvm: dunno.
<zoopster> sorry...that was for dvrvm
<dvrvm> zoopster: man update-grub gives my only one option (-y)
<zoopster> dvrvm: really...so for grub2 update-grub is a stub for grub-mkconfig
<dvrvm> hm, and i have the grub 0.97 package installed (but grub-common 1.97)
<dvrvm> plus, no grub-pc and no grub2
<twb> dvrvm: ignore me and carry on.  I was expecting Ubuntu to basically force people to switch to grub2 with dummy packages
<twb> Which AFAICT is not the case.
<zoopster> appears to be the case twb
<twb> zoopster: yeah?  packages.ubuntu.com/grub doesn't have "(dummy package)" for the grub package, cf. packages.debian.org/grub
<twb> I don't have a non-LTS box around to confirm though
<zoopster> just found a note that upgrades will not get grub2
<zoopster> only new installs
<twb> zoopster: OK, I misunderstood your previous remark.  Carry on.
<dvrvm> hehe, i would be happy to switch to grub2 ONCE MY SYSTEM BOOTS AGAIN :D
<twb> dvrvm: do you have physical access?
<dvrvm> yes
<dvrvm> actually, atm only the "physical" access works :D
<dvrvm> i will just try and edit menu.lst by hand
<twb> Yeah, that's what I was gonna suggest
<dvrvm> hm, looks like it's booting :D
<dvrvm> hm, looks like it's booting :D
<dvrvm> hm, looks like it's booting :D
<dvrvm> hm, looks like it's booting :D
<dvrvm> hm, looks like it's booting :D
<dvrvm> hm, looks like it's booting :D
<dvrvm> hm, looks like it's booting :D
<dvrvm> hm, it's booting now apparently :D
<dvrvm> hm, it's booting now apparently :D
<dvrvm> hm, it's booting now apparently :D
<dvrvm> hm, it's booting now apparently :D
<dvrvm> hm, it's booting now apparently :D
<dvrvm> hm, it's booting now apparently :D
<dvrvm> hm, it's booting now apparently :D
<dvrvm> hm, it's booting now apparently :D
<dvrvm> hm, it's booting now apparently :D
<dvrvm> hm, it's booting now apparently :D
<twb> Plonk.
<dvrvm> it's some kind of booting now apparenty
<zoopster> dvrvm: if you want to upgrade to grub2 now...https://wiki.ubuntu.com/KernelTeam/Grub2Testing
<dvrvm> i have to wait until fsck finishes to see whether my system still works at all :D
<twb> I dropped grub in favour of extlinux.
<uvirtbot> New bug: #466513 in samba (main) "Update from ubuntu 9.04 to 9.10" [Undecided,New] https://launchpad.net/bugs/466513
<uvirtbot> New bug: #466540 in samba (main) "package samba-common-bin (not installed) failed to install/upgrade: defektes Tar-Dateisystem - Paketarchiv ist defekt" [Undecided,New] https://launchpad.net/bugs/466540
<spiritof76> is fsck a safe command to run?
<twb> spiritof76: on what?
<spiritof76> on karmic either server or desktop
<twb> I mean, on what filesystem?
<twb> Is the filesystem damaged?  Is it mounted?
<spiritof76> 32 bit ..
<twb> What type of filesystem is it?
<spiritof76> version 2 and 4
<twb> "32 bit" is not a filesystem.  A filesystem is something like XFS or ext3.
<spiritof76> ext 3 and ext 4 I think
<twb> e2fsck will ask you before doing anything drastic.
<twb> You can also run it in read-only mode, IIRC.
<twb> It will impact performance, of course.
<spiritof76> I wanted to try and use it as a defrag? is this reasonable?
<twb> If he comes back, someone explain that ext filesystems don't need defragging unless you use the reserved blocks.
<jla> i am trying setup a soho server, there are a number of packages that seem to be un-necessary e.g. wpa*, ufw, ppp
<jla> if I remove these am giving myself a problem?
<KurtKraut> jla, if they're not truly needed, no, no problem.
<Fenix1> which file should i use in bind, named.conf or named.conf.local
<Fenix1> Ive read tutorials saying both:S
<Fenix1> asdsfd
<KurtKraut> Fenix1, I guess it depends on the BIND version. The named.conf.local seems to be the most update setting.
<Fenix1> what is the difference between them do you know?
<jla> fenix1, depends upon your ned
<jla> ned-> needs, if you are setting up a simple caching server then the conf.local is ok. however if you are setting up a split server or something more advanced I wwould save the existing files somewhere and start from scratch!
<jape^> Is there a tool to automatically change the mirrors used by atp-get?
<andol> sed? :)
<jape^> I havae a us-version on ubuntu-server in my vm, and I like to change the mirrors from us to fi :)
<zash> damn it, something's up with pymsnt :(
<zash> http://p.zash.se/cl
<Consty> has anyone had an issue with 9.10 where SSHD isn't working properly? The service is running, and I can ssh into myself, but can't from any other PC on my network. The odd thing is I can use telnet on 22 to see the OpenSSH signature, but when using ssh on another box it just sits there and hangs
<Consty> So because I'm able to telnet, it's not a firewall related issue
<jmarsden> Consty: I suggest you use   ssh -v -v -v  user@hostname   to see exactly where in the SSH dialogue things are hanging.
<Consty> debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
<Consty> server isn't sending that back apparently?
<jmarsden> Consty: It's a total guess, but the server may not have enough entropy available, and be hanging reading /dev/random ??  If you have a physical screen and keyboard on the server, use them and pound on the keyboard, or do something else that will give the machine some randomness to work from...
<Consty> Yeah I've tried that. It's very weird
<Consty> The issue doesn't exist with 9.04 server.. when I reinstall that SSH immediately works, but not with 9.10
<Consty> any easy recommendations as far as switching repos? because as it stands now i can't even get a successful apt-get update because of the servers getting hammered I assume
<Consty> I'm thinking maybe this issue is resolved by updating
<Shubuntu> hello, i have a question regarding naming hosts
<Shubuntu> i am a bit confused about how to name the host
<Shubuntu> i'm setting up a vps
<Shubuntu> and trying to follow this tutorial on howtoforge
<Shubuntu> http://www.howtoforge.com/perfect-server-ubuntu-9.10-ispconfig-3-p3
<Shubuntu> in that page it's saying I have to name my server server1?
<Shubuntu> any help is appreciated
<zash> have to? i doubt it
<Shubuntu> i just don't understand how the naming works
<Shubuntu> my site is fastformer.com
<Shubuntu> now if i name the host server1.fastformer.com
<Shubuntu> then i'll have a problem with my mail server being fastformer.com
<Shubuntu> correct?
<crohakon> Where is a good guide on creating virtual hosts?
<Shubuntu> cause i want to have my emails like ceo@fastformer.com
<zash> Shubuntu: you can name it whatever you want, but ofc it needs to be the same everywhere
<zash> Shubuntu: and for mail you set an MX record pointing to the mail server
<Shubuntu> zash, but what do people do in this situation? I don't understand how this works
<crohakon> where ever they say to put server1, you put the name of the server you want.
<Shubuntu> zash, the problem i have here isn't with mx, i already have done that in my dns
<crohakon> for example... mail.fastformer.com?
<Shubuntu> i only have one ip
<Shubuntu> with which i'm going to set up everything
<Shubuntu> so i need help figuring out how this works, so i won't make a mistake
<bdelin881> after a karmic upgrade on my server i am getting this error: "mount:unknown filesystem type 'bind'" I get this error after doing mount -a, I have 2 binded directories on my server that are not getting bound when the system reboots
<bdelin881> they are set up in fstab, can anyone help? :)
<bdelin881> it all worked pre-upgrade
<Shubuntu> now in the example it says: "192.168.0.100   server1.example.com     server1", what i need is to name it fastformer.com
<bdelin881> already have uninstalled and tried reinstalling bind9
<crohakon> oka, so put in your IP and mail.fastformer.com
<Shubuntu> but this is all my server not just mail
<Shubuntu> like www.fastformer.com is going to have the same ip
<bdelin881> i have to go soon, guess nobody knows then...
<zash> Shubuntu: if you only have one server, do what i do, CNAME *.mydomain to mydomain and mydomain IN A myip
<crohakon> bdelin881; I have not attempted to update to .10, I am not so much help.
<zash> except i have mail.mydomain A myip, and MX points to mail.
<bdelin881> hmm maybe i should have waited
<bdelin881> i did it remotely
<Shubuntu> i can easily do that with a virtual mx
<Shubuntu> that's not a problem
<Shubuntu> i already know how to do those things with webmin
<Shubuntu> i just don't understand how i can have my server name be fastformer.com
<Shubuntu> without a prefix
<Shubuntu> that way all that go under it
<zash> Shubuntu: why does it matter?
<Shubuntu> will be *.fastformer.com
<Shubuntu> email addresses
<zash> Shubuntu: it can be named whatever.fastformer.com  and handle mail for @fastformer.com
<Shubuntu> i don't want email addresses to be ceo@server.fastformer.com
<crohakon> bdelin881; That is why I am waiting. I want to see all the problems that people have first so I know what I am getting myself into.
<zash> Shubuntu: just set up DNS properly
<Shubuntu> so naming doesn't matter?
<crohakon> Shubuntu; example... mail.whatever.com is the server, but the email addresses are still blah@whatever.com
<Shubuntu> but this is my one server
<Shubuntu> it will have the webpages, the mails, everything on it
<crohakon> mail.whatever.com is just the server your clients connect to when sending receiving or sending mail
<crohakon> Shubuntu; and?
<Shubuntu> so i can't name the server mail.fastformer.com
<zash> Shubuntu: noone outside of your org needs to ever know what your server is named
<Shubuntu> and i don't know if i should call it www either
<crohakon> my domain, I have ftp.whatever.com, mail.whatever.com, smtp.whatever.com, and www.whatever.com
<crohakon> all on same IP
<zash> Shubuntu: just set up A and MX records in DNS properly
<Shubuntu> crohakon, that's all dns stuff, we're not talking about that, i know how to work with dns
<crohakon> Shubuntu; then what is the problem?
<Shubuntu> i'm asking these because if you look further in that tutorial this same server1 appears in set up of the mail server
<crohakon> server1 = wtf you want to name your mail server.... for example... mail.whatever.com
<crohakon> it will not be a prefix to your email accounts.
<Shubuntu> in the imapd.cnf it's setting CN=server1.example.com
<zash> Shubuntu: I think you should read up on how mail and dns works
<Shubuntu> i just need one good tutorial that explains how mail servers are set up
<Shubuntu> and i know how dns works
<Shubuntu> it's just a bunch of tables
<Shubuntu> another question, which is the best mail server?
<Shubuntu> should i use postfix or go for dovecot? any other good options?
<zash> Shubuntu: both?
<zash> I have postfix and dovecot
<Shubuntu> how does that work?
<zash> dovecot is for clients
<palt_> Shubuntu: https://help.ubuntu.com/community/MailServer :)
<zash> postfix retrives and sends mails to other domains
<bogeyd6> update servers are frigging CRAWLING at 36kbs
<bogeyd6> i wish you could choose your own update server
<zash> and dovecot is what the clients talk to to get their mail
<Shubuntu> ok so for my webmail / pop3 / imap i should use dovcot
<Shubuntu> and for sed / receive use postfix
<Shubuntu> send*
<palt_> bogeyd6: I use another mirror, guess you could do that :)
<Shubuntu> and i won't install courier right?
<Shubuntu> do i need to define private ips in the hosts file as well?
<palt> Shubuntu: What do you mean?
<Shubuntu> well my server has 1 real ip, and one private ip
<palt> SÃ¥ one for the internet and one for the internal network?
<palt> so .P
<Shubuntu> so when i say 192.168.0.10 server.fastformer.com server
<Shubuntu> do i do like 10.100.0.1 server.fastformer.com server as well?
<Shubuntu> yes palt
<palt> If I'm not mistaken, the hosts file is just a place where the computer looks up a hostname before doing a DNS query.
<Shubuntu> oh ok so no biggie
<Shubuntu> you finally answered me :P now i know what it is, so no biggie
<palt> But if you have two IP's pointing at the same hostname, I don't know whats going to happen
<Shubuntu> thanks
<Shubuntu> i've set them to broadcast the same
<Shubuntu> and the private to be eth0:0
<Shubuntu> so it'll be fine
<palt> Often you could have a central hosts file that you distribute among your own servers. That way if your DNS dies you can still reach your servers.
<palt> It's also neat for shortcuts :)
<Shubuntu> yeah i understand what hosts file is now
<palt> Sorry, I just got a bit carried away :P
<Shubuntu> i had a different understanding hence why i was confused
<Shubuntu> no worries thanks a lot
<Shubuntu> now i need to set up postfix and dovcot to use virtual mails
<palt> Check out the link I gave you earlier. Should contain some useful information :)
<Shubuntu> will do, and i'll come and bug you till i know how things work
<Shubuntu> i think these things lack good documentation
<Shubuntu> i wish there was a simple wikipage that would have sample configs for these things
<palt> Sometimes they'll do. But I'm off pretty soon but there are plenty of other people here to bug ;)
<Shubuntu> thanks
<Shubuntu> :)
<Shubuntu>  do i have to get a ssl? is there a good free one?
<Shubuntu> i understand that most of them are domain specific?
<palt> No, you don't have to get SSL. But it's great to have it :)
<Shubuntu> so like if i get one that's for www.fastformer.com it won't work for mail.fastformer.com
<palt> Correct
<Shubuntu> are there free ones?
<pwnguin> you can self sign
<pwnguin> or i think cacert is kinda free
<Shubuntu> i know that one
<palt> A valid signature I think you have to pay :)
<pwnguin> blame mark shuttleworth
<Shubuntu> the problem is i don't want to pay 50 bucks for a wild card
<pwnguin> is that all a wildcard costs?
<Shubuntu> i just checked and they have something called wild card
<Shubuntu> it's the cheapest
<palt> Do you have many services that uses SSL?
<Shubuntu> there are ones that cost up to 300 bucks
<Shubuntu> well for mail
<Shubuntu> and for taking donations
<Shubuntu> which i wanna kinda pass onto paypal
<palt> Then it's cheaper to just get one for mail.yourdomain.com instead of a wildcard
<Shubuntu> don't wanna handle money
<pwnguin> the 300 bucks ones usually also cost your time and effort to comply with security precautions
<Shubuntu> i will need one more for webamail
<palt> pwnguin: That's the green bar in the browser?
<Shubuntu> and another for user log in on the site
<pwnguin> palt: that's an EV cert. they're expensive yes, but last i saw like thousands expensive
<palt> one trick is to get one for the main domain. ANd then use mod_proxy to add yourdomain.com/webmail
<palt> That way you only need one cert
<Shubuntu> how would i do that?
<Shubuntu> and if i host more websites on the same server
<Shubuntu> will it work for them too?
<Shubuntu> i have registered another site and the name registrar offers me a free ssl
<palt> It'll work for all yourdomain.com/something. But not for something.yourdomain.com
<MTecknology> I think my system was broken into....
<palt> But I'll have to run. pwnguin can probably explain it deeper :)
<MTecknology> How can I find out for sure?
<Shubuntu> ok thanks
<Shubuntu> pwnguin, how would the proxy thing work?
<crohakon> Shubuntu; Did you just find out that your ISP blocks ports? hehe
<Shubuntu> hun? what does that have to do with ssl?
<Shubuntu> i think you misread my question
<crohakon> Shubuntu; most likely, watching stargate u while chatting =)
<Shubuntu> hehe ok then
<pwnguin> Shubuntu: not a damn clue. i still havent set my ubuntu server up with SSL
<Shubuntu> k
<bogeyd6> shubuntu you can create your own ssl certificate using http://www.linode.com/wiki/index.php/Apache2_SSL_in_Ubuntu
<bogeyd6> Shubuntu https://help.ubuntu.com/community/forum/server/apache2/SSL
<stas```> Hi, cand somebody help me, I keep getting stuff like this in my syslog
<stas```> init: Failed to open console: Permission denied
<bogeyd6> stas``` google hasnt even heard of that error
<stas```> bogeyd6: yeah, I know
<stas```> what's strange, is that vzctl ignores kmemsize for one of the vm i created
<stas```> it leaves it only with 30megs ram
<bogeyd6> derp derp
<stas```> 103:  kmemsize         314861    1740548    1740800    1847296         16
<stas```> user_beancounters
<bogeyd6> Virtuozzo does have known issues
<stas```> and inside the vm I can see 30megs
<bogeyd6> ##parallels
<stas```> bogeyd6: that channel has no users
<bogeyd6> :((((((
<bogeyd6> http://www.parallels.com/support/phone/
<stas```> nevermind
<stas```> inside VM
<stas```> I got this
<stas```> # invoke-rc.d networking restart
<stas```>  * Reconfiguring network interfaces...
<stas```> /bin/sh: run-parts: Cannot allocate memory
<stas```> Failed to bring up venet0:0.
<stas```> /etc/init.d/networking: 75: readlink: Cannot allocate memory
<stas```> same shit I believe happens in the other VM
<stas```> it seems it can't alocate memory , but memtest doesn't seem to bring errors
<stas```> :-/
<g-hennux> my ubuntu virtual machines ("virtual flavour") can't mount nfs any more.
<g-hennux> kernel is "2.6.31-14-generic-pae", might that be the problem?
<g-hennux> that kernel doesn't contain any nfs modules, as far as i can see
<g-hennux> showmount -e HOST *does* list the exports, but i can't mount them, and "dpkg -L linux-image-2.6.31-14-virtual | grep nfs" is empty
<g-hennux> AAAAARGH
<g-hennux> indeed, that kernel (for i386!!) has no nfs.ko (amd64 has!)
<uvirtbot> New bug: #467426 in openssh (main) "openssh package installation crashed when installed via synaptic package manager" [Undecided,New] https://launchpad.net/bugs/467426
<g-hennux> #453073 -- that is it
<uvirtbot> New bug: #467441 in postfix (main) "fail to install" [Undecided,New] https://launchpad.net/bugs/467441
<uvirtbot> New bug: #467435 in openssh (main) "After update to karmic, ssh-askpass does not seem to work. (dup-of: 467434)" [Undecided,New] https://launchpad.net/bugs/467435
<uvirtbot> New bug: #467434 in openssh (main) "After update to karmic, ssh-askpass does not seem to work." [Undecided,New] https://launchpad.net/bugs/467434
<Shubuntu> umm for my webserver, should i go for apache, lighttpd, rails, ....
<Shubuntu> please give me suggestions
<guntbert> !best
<ubottu> Usually, there is no single "best" application to perform a given task. It's up to you to choose, depending on your preferences, features you require, and other factors. Do NOT take polls in the channel. If you insist on getting people's opinions, ask BestBot in #ubuntu-bots.
<Shubuntu> i'm not trying to take a poll
<Shubuntu> just asking people to give me suggestions
<darkpixel> Shubuntu: If you want to start out with 'easy' in my opinion, go with Apache.  If you want to start out with something very lightweight and very flexible, try lighttpd.
<fallous> I used apache for a decade or so, but lately started using lighttpd
<Shubuntu> will i be able to run webmin on lighttpd?
<Shubuntu> is httpd the same in terms of creating sites?
<guntbert> Shubuntu: please be aware that webmin is no longer supported on ubuntu
<Shubuntu> oh, so i shouldn't use it anymore?
<Shubuntu> what does ubuntu support now?
<guntbert> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system. See !ebox instead.
<Shubuntu> ok
<Shubuntu> ty
<guntbert> Shubuntu: but that said: ebox is in no way a replacement for webmin :-(
<Shubuntu> i really liked virtualmin
<Shubuntu> ahh it's very limited
<Shubuntu> yeah i can see
<Shubuntu> can you have ruby on rails running on apache?
<KurtKraut> Shubuntu, if you are asking this to everyone here, the answer is yes, it is possible to run rails on apache.
<Shubuntu> ok, then rails is going be an apache module correct?
<Shubuntu> do i have to download rails as binary and compile then?
<Shubuntu> as source*
<Shubuntu> and what happens to openssl library for ruby, gems, etc
<KurtKraut> Shubuntu, I think you'll receive a better support on that subject on a specific RoR forum.
<Shubuntu> kk thanks
<KurtKraut> Shubuntu, you're using Xchat. Xchat has nickname autocomplete like bash. Just start typing someone's nickname than hit TAB on keyboard.
<uvirtbot> New bug: #467542 in libvirt (main) "package libvirt-bin 0.6.1-0ubuntu5.1~hardy1 failed to install/upgrade: el subproceso post-installation script devolvi? el c?digo de salida de error 1" [Undecided,New] https://launchpad.net/bugs/467542
<vladimir_> 'm getting this output when restarting apache2 on freshly installed LAMP http://pastebin.com/m942dba
<vladimir_> how do i set my ip static ?
#ubuntu-server 2009-11-01
<vladimir_> can someone check if my apache works by clicking this ? http://96.246.33.167/
<JanC> It says it works
<vladimir_> how do i set my ip to static
<vladimir_> JanC, thanx
<JanC> man interfaces
<JanC> hm, that manual could use some better examples  âº
<JanC> vladimir_: https://help.ubuntu.com/9.04/serverguide/C/network-configuration.html
<zroysch> wheres the log to read what would make server make an internal speaker beep, and have networking apparently fail for 5 minutes or so, gmpc and ssh failed to connect. during this time, now its back up like normal. i see nothing in /var/log/messages or dmesg.
<darkpixel> zroysch: You could also try syslog to check on network messages
<darkpixel> zroysch: As for what makes the speaker beep, I don't think that's logged anywhere.
<zroysch> it was a single beep, like it would do on a reboot
<zroysch> but it has apparently not rebooted, according to uptime
<darkpixel> One thing you can do to test your network is leave a ping or 'mtr' running.  After the network drops and comes back up, check your ping or mtr and see if they show packet loss.
<zroysch> not seeing much in /var/log/syslog
<darkpixel> zroysch: Maybe someone else can chime in on the uptime, but if your system clock was off and then the system rebooted, it should have been corrected by ntp...not sure if uptime is based on that...
<mushroomblue> I have a drive running on LLVM, but it's a single volume.
<mushroomblue> for some reason, people configuring Ubuntu do this a lot.
<mushroomblue> I need to pull the drive out, and put it in another box. how do I read the data?
<mushroomblue> s/LLVM/LVM/
<mushroomblue> nevermind. lvresize.
<NineTeen67Comet> Morning all. I've got an internal HDD that's fat32 that just will not share with users. I've chmod -Rv 0775 /media/Storage and made sure fstab is vfat defaults 0 0 .. still it is locked read only to users. What else can I look at?
<darkpixel> NineTeen67Comet: Is that an external drive you plug in to your machine, or a internal drive that was there when Ubuntu was installed?
<NineTeen67Comet> Internal regular IDE .. used to have MS installed dual boot on that server, now it's all Ubuntu-Server but too much on that drive to just convert it back to xfs ..
<darkpixel> Can you copy the contents of /etc/fstab and the output of the mount command to http://dpaste.com and give me the URL?
<NineTeen67Comet> http://dpaste.com/114838/ ..
<NineTeen67Comet> Last line ..
<NineTeen67Comet> The line commented out was another attempt too ..
<darkpixel> That looks correct.  Can I get a copy of the output of the 'mount' command too?
<darkpixel> (A command I love is: apt-get install pastebinit && mount | pastebinit)
<NineTeen67Comet> darkpixel: you mean: sudo mount -a .. or if I mounted it manually?
<NineTeen67Comet> I didn't know about pastebinit .. that's awesome for a new guy .. I don't come around much but this one is driving me nuts and Google hasn't told me I didn't already know .. :)
<darkpixel> If you just type 'mount' it will spit back a list of the current mounted file systems and their options.
<NineTeen67Comet> Gotchya ..
<NineTeen67Comet> dropping pastebinit on there .. nice stuff .. love handy tools ..
<darkpixel> Yeah--it saves a few clicks
<NineTeen67Comet> http://pastebin.com/f20d5083e .. friggin' awesome ..
<darkpixel> Ok--so it looks like your drive is mounted correctly, and it's not read-only according to the kernel...
<NineTeen67Comet> Shows rw on that too .. I just don't get it ..
<darkpixel> Let me see if I understand this correctly:  You are able to read/write, but other user accounts are unable to access it?
<NineTeen67Comet> No users can write to that directory/hdd .. just sudo (root) ..
<darkpixel> (Even though fstab says rw, it's possible for a drive to be mounted ro if the kernel thinks it's corrupted)
<darkpixel> You mean /media/Storage?
<NineTeen67Comet> aha .. could be ..
<NineTeen67Comet> does fat32 have the same issues as ntfs if it wasn't shut down properly?
<NineTeen67Comet> Yeah /media/Storage is /dev/hdb1 (Only partition on that hdd)
<darkpixel> What I meant by that is that it's possible for fstab to say 'rw' but the mount command tells you the actual current state of the drive.
<darkpixel> It could.
<NineTeen67Comet> can I use fsck to check vfat?
<darkpixel> Yes--but it doesn't appear necessary as the drive is mounted correctly.
<NineTeen67Comet> trying fsck.vfat /dev/sdb1 now ..
<NineTeen67Comet> yeah it's got me stumped .. doesn't show full, doesn't show root only and it shows rw in mount and in fstab (I've always used defaults 0 0) ..
<NineTeen67Comet> I'll be in the states mid December, I can swing by and physically touch the box .. Maybe something is wrong with the hdd, but that's would effect all write not just users ..
<darkpixel> NineTeen67Comet: Sorry, I was afk for a minute--my five month old took a big tumble.  Can you show me the output of 'ls -lha /media'?
<NineTeen67Comet> Yup, just a moment, rebooting that box ..
<darkpixel> Also, how are users accessing the data?  Are they linux users logged into the box through SSH or the console, or are they Windows/Samba users?
<NineTeen67Comet> Just ssh and on the box (he can login via X when he wants - I installed ubuntu-desktop for him too - ) most of the time it's just ssh and nfs but haven't gotten nfs up since we can't even write to it as it is .. you know? lol  ..
<NineTeen67Comet> nfs will be his primary way of accessing it once it's up .. it'll be his networked storage box most of the time (he just got a netbook (I put 9.10 on) that is actually his daily use computer)
<darkpixel> Ok--do an 'ls -lhad /media/Storage | pastebinit' and that'll give me the permissions on the Storage folder.
<NineTeen67Comet> drwxr-xr-x 16 root root 16K 1969-12-31 16:00 /media/Storage or http://pastebin.com/f38a1abf2
<darkpixel> That last r-x means everyone should have read access to the Storage folder.  If you want everyone to be able to write to it, you need to 'chmod o+w /media/Storage'
<darkpixel> If you want to include subdirs, make that 'chmod -R o+w /media/Storage'
<NineTeen67Comet> that might have been it .. I've only been doing chmod -Rv 777 /media/Storage ..
<NineTeen67Comet> We'll know momentarily .. lol
<darkpixel> I would stay away from the numeric chmod's unless you understand the bitmasks.
<NineTeen67Comet> yeah .. I've only got an entry level understanding of the numbers .. I have a calculator that shows me the output for what ever you want .. read/write user, group etc ..
<darkpixel> The parameters are u g and o (for user group and other) followed by either - + or = (to remove, add, or explicitly set) permissions which can be r w and/or x (read/write/execute)
<darkpixel> This is probably a good starting point to understand the bitmasks: http://danielmiessler.com/study/unixlinux_permissions/
<NineTeen67Comet> Thanks .. it's opening now ..
<darkpixel> Awesome.  From there NFS should be pretty easy.  If he will be connecting in from the same IP or subnet (like both machines being on a home LAN), you just create (or edit) /etc/exports to have a line that says '/media/Storage    ip.add.res.s(rw)'
<NineTeen67Comet> drwxr-xr-x 16 root root 16K 1969-12-31 16:00 /media/Storage Yeah, no change .. this is driving me nuts .. lol
<darkpixel> Was that after unmounting and mounting the drive?
<NineTeen67Comet> Yeah my house is full of Ubuntu stuff (mythbuntu, desktops and notebooks .. all NFS) .. never had this issue ..
<NineTeen67Comet> I rebooted it ..
<NineTeen67Comet> and that's the resulting code ..
<NineTeen67Comet> NFS has been my friend for ever, samba so/so but only when people are here with MS stuff ..
<darkpixel> Yeah--I'll have to dig for a minute on that one.  The system sets /media/* with special permissions, but I don't remember where it does that.
<darkpixel> Actually, since it's an internal drive, you may want to consider mounting it somewhere outside of the /media folder.  Maybe /mnt or create your own folder.  I believe Ubuntu puts special permissions on the /media subfolders.
<NineTeen67Comet> Yeah I can toss a mount point in /mnt (from my Gentoo days :) .. I'll try that ..
<darkpixel> Ok.  I'm willing to bet it'll hang on to those permissions.  I have a 2 TB RAID 6 array mounted at /data and the permissions stick every time.
<darkpixel> ...although I reboot it about once every few years when the next LTS comes out... ;)
<NineTeen67Comet> darkpixel: My web server used to run pretty much from Kernel update to Kernel update .. I'm on an Air Force base now and Verizon sells us our ADSL and they don't allow anything like a web server .. so it's sitting in my server closet humming along with no users .. sad .. and I hate Verizon .. lol
<darkpixel> NineTeen67Comet: Yeah--I know there are a lot of Comcast haters too, but they treat me pretty well.  I shell out about $60/mo and I get their 20 down/5 up business service.  No hassles about bandwidth and I get a block of 5 IPs from them.
<NineTeen67Comet> When I was offbase we had Fiber .. that was supplied with PPPoE (sucks) but the speeds were GREAT and they gave me everything I neeed .. it was around 8,000 yen a month (basically $80) .. Now I pay $100 for phone and ADSL and it's slow, unreliable and did I mention restrictive as hell ..
<darkpixel> lol--stupid telco monopolies.  I used to work for a non-telco ISP years ago.  I loved our service.  We brought DSL into the area several months before the telco even got to it.  The best part is was over their own lines because we were a CLEC.
<NineTeen67Comet> Same same .. permissions read the same, can't write (sudo can) and it is mounted /mnt/Storage .. I've got no idea where to look next .. Might just wait until I get there in December and rebuilt the box ground up (it's an old Microtel from Wal-Marts quick attempt at a sub $200 computer that I added ram, hdd and video to)
<darkpixel> Did you change /etc/fstab to point to the new mountpoint?
<NineTeen67Comet> Yeah ..
<NineTeen67Comet> UUID=4568-C05A                            /mnt/Storage  vfat         defaults  0  0
<NineTeen67Comet> Even tried /dev/sdb1 ........
<darkpixel> Skip using the mnt directory.  Do a 'mkdir /Storage', set the permissions correctly on that folder, change fstab, 'mount /Storage', verify the permissions (fix if necessary), then reboot and see if it still works.
<NineTeen67Comet> Is it normal for the UUID to be so short? On the rest of my stuff it's always been pretty long ..
<darkpixel> I almost never touch /mnt, so for all I know it may have some strange permissions too.
<NineTeen67Comet> k
<darkpixel> No, I was wondering why it was so short...
<darkpixel> Ubuntu used to have a 'vol_id' command (or something similar) that would return the correct UUID for the partition, but it doesn't appear to be on my system.
<NineTeen67Comet> I used it a few months ago, can't remember what it is called now .. but it was pretty handy for fstab if you were going to move hdds around ..
<darkpixel> Aah--it's been replaced.  The new command is 'blkid'.  You could try 'blkid /dev/sdb1' and find the correct UUID for fstab that way.
<darkpixel> But using /dev/sdb1 in fstab works just as well at the moment.
<ruben23> hi got problem i instaled ubuntu 8.04  amd64 when i update i end up file being corrupted cannot download, is the us mirror have problem on connection, with i386 its fine when i test it..
<qman__> NineTeen67Comet, I think this is relevant, though unsolved: http://ubuntuforums.org/showthread.php?t=324524
<NineTeen67Comet> darkpixel: yeah spits out the same number anyhow .. no biggie ..
<darkpixel> Weird.  I've never seen a UUID that short.
<NineTeen67Comet> ditto
<darkpixel> ruben23: Have you tried running an 'apt-get update' again (or from the GUI, clicking reload)?  It may have cached some invalid information.
<NineTeen67Comet> We bought that HDD new about 3 years ago ..
<qman__> coincidentally, that post is about 3 years old
<darkpixel> NineTeen67Comet: I have no idea how bklid gets it's unique ID--that thread seems to suggest that it's something in vfat that limits the ID to 2 bytes...
<ruben23> darkpixel:  im using CLI, im not on gui
<ruben23>  darkpixel:  tried several times, ive restarted the server, same thig
<NineTeen67Comet> darkpixel: no problem I put it back to /dev/sdb1 .. still has the same issue .. Might have to bring another hdd with me, move all his stuff to it, reformat that one to something more nix friendly (like ext3) and press on ..
<ruben23>  darkpixel:  are there option i can change my mirror, currently its us ubuntu..
<darkpixel> ruben23: What is the name of the corrupted file?
<NineTeen67Comet> darkpixel: I'm headed off to help the wife and kids (I've got a 6 month old (7yr old and 4yr old too) .. so I feel your pain .. take care and thanks for the time .. I appriciate it ..
<darkpixel> NineTeen67Comet: The permissions getting reverted like that wouldn't be a problem with the drive.  Have a good night.
<NineTeen67Comet> darkpixel: I'll see if he's got an external I can have him hook up so I can move all his stuff off then back on after I reformat to something besides fat ..
<NineTeen67Comet> g'night . (almost noon here)
<ruben23> darkpixel: ill check it 2 seconds
<darkpixel> ruben23: If you edit the file /etc/apt/sources.list and change 'us.archive.ubuntu.com' to something else like 'archive.ubuntu.com', 'nz.archive.ubuntu.com', etc... and then to apt-get update, apt-get upgrade again it may fix it.
<darkpixel> But I'd be curious what file is actually corrupted.  It's somewhat unusual that a mirror has a corrupt file.
<maswan> ruben23: can you tell me which IP you are hitting?
<maswan> I run the mirror that is currently hosting us.archive, and I'm very interested in tracking any errors down
<vraa> maswan, got any stats like cacti or mrtg? for curiosity sake
<maswan> http://www.acc.umu.se/technical/statistics/ftp/monitordata/
<mushroomblue> openNMS for the win
<maswan> hammurabi and napoleon are the ones doing us.archive duty
<ruben23>  darkpixel: sorry, was not able to cehck the file, but im on a remote are now..as soon as ill be in office ill message here
<vraa> thx maswan i love graphs
<ruben23> maswan: ill also cehck on that
<ruben23> darkpixel: but thus squid proxy contributes to the problem, i have it on my network..
<vraa> maswan it is safe to say most recent days spike is because of 9.10 ?
<darkpixel> ruben23: You might try clearing the squid cache.  If it somehow dropped a connection mid-download, you may have an incomplete file cached.
<ruben23> ive isolate it tried shutting down the appication and  got a reboot, but still same thing..
<maswan> vraa: yeah, well, the first spike is that. then we took over us.archive and that's the second (sustained) spike
<darkpixel> ruben23: Alternatively, if you are able to bypass squid, that would be a good test.  I've run into this issue before.
<maswan> ruben23: An IP and URL would be very appriciated, so I can check if it is a fault on our side or if it was just a random occurance getting squid:ed
<ruben23> darkpixel: yes shutdown the squid application si what you mean right..? done it and tried again..same error, actually it got update hit, but on the last part..the error comes up
<darkpixel> maswan: Love the graphs.  Am I reading it correctly that you're peaking around 530 MB/sec?
<ruben23>  maswan:  yes ill do that...asap
<darkpixel> ruben23: After squid it shutdown try 'apt-get clean' to clear your apt cache and then try it again.
<maswan> darkpixel: yes, we only have a 4 x gigE uplink (brezhnev is on another switch though)
<darkpixel> maswan: Nice bandwidth.  The largest pipe I've ever worked with was an OC3
<maswan> darkpixel: That's the computer club, work is http://stats.nordu.net/stat-q/load-map/ndgf,,traffic,peak <- those are all 10GE links
<darkpixel> maswan: Beautiful.  Man, I gotta move out of the US.  The lack of bandwidth is annoying.  After all the telco talk and taxes back in the 80s and 90s, I should have 10GE to my house... ;)
<maswan> darkpixel: Well, I only have 100mbit to my house.
<darkpixel> maswan: Ooh--never noticed that before.  You're IPv6 enabled.
<darkpixel> maswan: It must be tough... ;)
<twb> In .au you get a maximum download cap, and a theoretical maximum speed of 22mbps, but effective only about 4mbps.
<darkpixel> twb: I read about that a few months back.  That seriously sucks.  At least where I am, Comcast caps home connections, but if you pay $10-$20 more per month you get an uncapped business connection.
<twb> And that's in the middle of the city.  Country areas have satellite or 56kbps lines.
<darkpixel> twb: Can they get ISDN at least?
<twb> Dunno.  I haven't heard of ISDN being widely used in .au.
<twb> But then, how WOULD I hear from people in the country?
<darkpixel> twb: lol.  I had a friend that (until two years ago) had a box out at the road that had a WebRamp so he could shotgun two 56k modems, and there was a WAP in there that shot wifi back to his house.  He regularly used it to play Halo2 on Xbox Live.  (Every time he hosted a game, we lost because he was so laggy...)
<axisys> where can I talk about uec, ubuntu enterprise cloud ?
<darkpixel> axisys: Probably this channel, but I won't be of any help since I haven't touched it yet.
<axisys> anyone installed UEC? i cannot login to the webgui with admin/admin
<axisys> hmm.. it is working now
<axisys> i guess some virtualbox glitch
<Ganymede> hello, i just installed ubuntu server in a virtual machine (virtualbox) as a guest. i installed it in a super-minimal way and now i want to add an ssh server to interface with it. i tried sudo apt-get install openssh-server but it installs a whole lot of X11 things, i guess just for x11 forwarding.
<Ganymede> can i install an openssh server that is built without X11 so i can avoid picking up all of these X11 packages? i'd like to squeeze as much as i can out of the hard drive space and also avoid having to go through all these X11 things during updates
<Ganymede> something equivalent of the nox versions of emacs
<snth> Ganymede: what X11 packages did you install with openssh-server?
<twb> snth: openssh-server recommends xauth, if that's any help
<twb> And xauth IS just for X forwarding.
<twb> You'll note that while x11-common and friends are quite a lot of packages, they all up only total a few MB of space.
<Ganymede> hmm...you're right, maybe i should looked closer
<twb> You can also opt out of recommendations using aptitude -R or apt-get --something
<Ganymede> i just saw it install a whole bunch of things so i assumed it was pulling in much of Xorg with it
<Ganymede> but it looks like very few X11 packages actually
<twb> X *clients* never pull in X servers
<twb> If they do, that's a bug and you should report it
<Ganymede> libx11-data, xauth, libxmuu1, libxcb1, libxau6, x11-common, libx11-6, libxext6
<Ganymede> i don't remember if libxkb-data and libxdcmp6 were there before
<twb> Shrug
<snth> twb: I didn't know about the -R for aptitude. This is cool. I am looking up the whole apt.conf stuff now. Thanks :)
<Ganymede> oh no, apt-get install recommends by default, it seems
<Ganymede> but i am too rebellious to accept its recommendations
<snth> Ganymede: -R tells aptitude to NOT treat recommendations as dependencies
<snth> Do you guys know of a url listing statistics about the current linux/unix server deployments?
<Ganymede> snth: yes, but i've been using apt-get thus far, and i never noticed it was installed recommendations for me
<snth> Something like what's the precentage of the servers using Redhat vs freebsd vs ubuntu-server vs whatever.
<Ganymede> snth: i will be using aptitude -R in my deployment scripts from now on
<snth> Ganymede: Sometimes recommendations save you some headache :). But sure.
<twb> Ganymede: the Debian policy manual basically defines Recommends as being appropriate for an opt-out policy.
<fallous> snth:  netcraft used to do metrics like that for webservers and browsers
<twb> The problem is that until very recently, apt-get treated it as opt-in, so lots of stuff that belongs in Suggests was dumped in Recommends because DDs didn't know any better.
<Ganymede> "DDs"?
<twb> Debian developers
<snth> fallous: I found the numbers for linux vs microsoft vs BSD on netcraft
<snth> I wish they would have provided a bit more detail about the distributions.
<Ganymede> twb: thanks for this information
<twb> snth: does it really matter who's using what?
<snth> twb: I don't care about WHO is using what. I wanted to know what is being more than what :)
<snth> s/being/being used/
<twb> Shrug
<fallous> surprised nginx outnumbers lighttpd by so much, although I guess china telcom is distorting that quite a bit
<twb> It's only people running webservers anyway
<cupCakeBoy> jo letz
<cupCakeBoy> is how do icheck in ubuntu if curl is added to my php?
<cupCakeBoy> without using the phpini
<cupCakeBoy> sorry
<cupCakeBoy> phpinfo
<twb> cupCakeBoy: dpkg -l php5-curl
<cupCakeBoy> aaaah
<cupCakeBoy> thank bro
<cupCakeBoy> i love linux
<cupCakeBoy> SOOOO easy to istall packages extensions etc
<cupCakeBoy> its a dream that came true
<cupCakeBoy> and i never wanna wake up
<cupCakeBoy> ;)
<snth> Do you guys know if there are any plans to support Dracut in Ubuntu?
<twb> Never heard of it
<twb> Nor has Wikipedia.
<snth> http://fedoraproject.org/wiki/Dracut
<snth> They have a link to the man page.
<twb> "Unlike previous initramfs systems, Dracut aims to have as little as possible hard-coded into the initramfs."
<twb> Sounds like Fedora's playing catch-up
<twb> Ubuntu's initramfs already uses udev and is customizable by packages and by sysadmins
<twb> "It's likely that we'll grow some hooks for running arbitrary commands in the flow of the script"
<twb> ...Ubuntu already has that.
<snth> twb: I honestly don't know much about that. Glad to learn though. Thanks for the info.
<twb> It's possible I've misunderstood, but it sure looks like they're trying to reinvent initramfs-tools
<twb> Fuck.  I just realized the bookkeeping I spent the last four hours doing has a mistake right at the start.
<ruben23>  h how do i copy content files from my /var/www server1 to another local /var/www server2 with rsync through ssh, what command should i used..
<twb> ssh server1 rsync -a /var/www/ server2:/var/www
<twb> Assuming you can ssh directly from server1 to server2.
<Zodling> is there a way to install phpmyadmin without requireing apache ? *i allredy have lighttpd setup and going*  apache didint useto be a requirement of that package :(
<snth> Zodling: phpmyadmin doesn't require apache. It only recommends it. You can use aptitude -R to ignore the recommendations.
<Zodling> in 9.10 if you use aptitude to install phpmyadmin it will force install apache
<Zodling> oh err sorry didint read it all
<Zodling> thanks ;)  sorry agan
<snth> :) No problems.
<Zodling> didint do the trick :(
<snth> aptitude -R install phpmyadmin
<snth> Use pastepin :)
<Zodling> kk
<twb> It'll only install apache if you let it pick the default choice for libapache2-mod-php5 | php5-cgi | php5
<snth> s/pastepin/pastebin/
<Zodling> http://paste.ubuntu.com/306499/
<twb> Zodling: try something like aptitude install -R php5-cli phpmyadmin
<twb> Zodling: or using aptitude's GUI
<twb> Even aptitude install -R --schedule-only phpmyadmin; aptitude --schedule-only purge ~ainstall~napache; aptitude install -R might work
<Zodling> no dice :(
<twb> Zodling: just use the GUI
<Zodling> yah giveing that a try now
<Zodling> i think i got it in the GUI thanks :) pity it cant be done by script so ez anymore :(
<snth> Zodling: try this. sudo aptitude install -R phpmyadmin apache2: php5-cgi
<snth> I meant to have the colon. Try it as is.
<twb> Of course, even if it works you'll lose, because you're doing php and mysql
<Zodling> o.0 why is that ? ;(
<snth> Zodling: This simply says don't install apache2 and choose php5-cgi as alternative to libapache2-mod-php5
<snth> Zodling: I think that would work for your script or whatever. :) have fun.
<twb> Ah, I see I mistyped php5-cgi above
<snth> Night guys
<Zodling> yah thanks ii i was asking why about the php mysql part ;)
<twb> Because they're software written by idiots for idiots.
<snth> twb: pretty big claim right there buddy. I'll keep this conversation for another night :)
<snth> haha . good night guys.
<Zodling> eah.. if you say so
<Zodling> later snth
<maxagaz> i have a server powered on, but i forgot its ip address, is there a way to send a ping to every computer of my network so that it would appear with "arp -a" ?
<twb> arp -l ?
<maxagaz> twb, it returns nothing
<twb> Hm, maybe just "arp"
<twb> lemme find a real machine that I can test it on
<maxagaz> twb, i meaan this syntax is invalid
<twb> Yeah, if you just run "arp" without arguments, it should emit the entire arp table
<twb> But I guess you realize that.
<twb> You could do a broadcast ping, but I dunno if that would populate the arp table.
<maxagaz> twb, how to do a broadcast ping ?
<twb> ping -b -c 1 192.168.155.255
<twb> It actually seemed to work here
<twb> Where 192.168.155/24 is your network
<Fenix1> difference betweem lightweight resolver and a regular one
<Fenix1> ?
<maxagaz> twb, thanks
<twb> Fenix1: resolving what?
<Fenix1> I mean are the terms used for each other or are they different matters all together
<Fenix1> synonyms for each other*
<uvirtbot> New bug: #468197 in samba (main) "ufw blocks samba in karmic default installation" [Undecided,New] https://launchpad.net/bugs/468197
<DrNick_> :s
<kblin> hm? how's that a samba bug?
<twb> Fenix1: I have no idea what you're talking about.
<qman__> it isn't, it's probably a ufw bug
<kblin> yeah, but now I'll have another email about it
<twb> kblin: if you can't handle useless email, get off the internet
<twb> :-)
<kblin> twb: it's not as if I didn't get enough real bug reports :)
<DrNick_> erm, it sounds like it isn't a bug in either of them.  it sounds like a configuration issue to me.
<qman__> well yeah
 * kblin nods
<qman__> but the question is, which package sets that configuration
<twb> IMO it's a *good* thing if services only bind to 127.0.0.1 by default
<kblin> that's a bit pointless to run samba then
<twb> It prevents admins from getting distracted and forgetting to tighten it
<twb> Because you can forget to tighten interface binding, but not forget to loosen it (because it obviously won't work)
<kblin> twb: I don't even want to know how many bug reports we'd get then
<twb> kblin: I have no problem with alienating users who can't read a debconf prompt
<qman__> I'm trying to figure out how I should report this bug in VLC
<DrNick_> kblin: yes, a little ott perhaps :p
<qman__> not server related, it's not preventing the screen saver
<kblin> twb: and I don't have an extra person triaging bugzilla for all these NOTABUG bug reports
<DrNick_> i think they way things are now, that most packages come with a reasonably secure, but real-world config out the box is nice
<twb> DrNick_: the actual problem case I have in mind is OpenSSH
<twb> Which allows passwords from anyone from anywhere OOTB
<DrNick_> go too far the other way we risk becomming like OpenBSD - so paranoid *nothing* ever works without tweaking
<kblin> twb: having that bind to 127.0.0.1 is not a good fix, though
<twb> kblin: hand waving
<twb> kblin: it doesn't specifically have to be done by interface binding
<kblin> tbh the better fix would be to set it to do key-based auth only per default
<twb> The important thing is that it services don't talk to any remote hosts until the sysadmin explicitly says "yes, these hosts should be allowed to use this service"
<twb> kblin: yeah, that'd be a damn good start
<kblin> of course there's a bootstrapping problem there
<twb> kblin: or having debconf prompt for an AllowUsers
<kblin> because usually I first use my password once to copy over a ssh key, and once that works, I turn off password-based auth
<Fenix1> are the terms lightweight resolver and resolver in conjuction
<Fenix1> used in conjuction that is
<qman__> Fenix1, what do you mean by resolver?
<Fenix1> DNS
<qman__> presumably a lightweight one is smaller, faster, or uses less resources
<Fenix1> okok
<kblin> like dnsmasq or the like
<kblin> i.e. not BIND
<s0liddi> Is there any ETA on PCC 9.10 Server release?
<qman__> what's PCC?
<s0liddi> powerpc...
<qman__> oh, ppc
<s0liddi> :D
<s0liddi> damn
<s0liddi> oh well little typo
<twb> I thought PPC wasn't officially supported by Ubuntu
<qman__> sorry, no idea if/when it's planned
<s0liddi> there
<s0liddi> is desktop and alt releases :)
<s0liddi> from 9.10
<twb> s0liddi: that doesn't mean it's supported
<s0liddi> i know
<twb> It could just be some cowboy within canonical wanted his old macbook to work
<s0liddi> i think it'll pop out someday :)
<qman__> well, you could always install desktop and purge ubuntu-desktop, networkmanager, etc
<incorrect> if i upgrade my kvm server to karmic will app armour stop my vm's from running as i keep them under srv?
<Kartagis> hello
<Kartagis> I've just upgraded  to 9.10, and my mail server isn't allowing connections since then
<Kartagis> I got it, that was because my /etc/resolv.conf was pointing at the router
<uvirtbot> New bug: #468343 in autofs (main) "Automounted NTFS disks with Unicode in label results in invalid path after upgrading to 9.10" [Undecided,New] https://launchpad.net/bugs/468343
<Sorell> hi all
<Sorell> I'm having an issue with getting my i.p. address static
<Sorell> I have edited the /etc/network/interfaces
<Sorell> fil
<Sorell> file*
<Sorell> and the /etc/hosts
<Sorell> file
<Sorell> but no joy :(
<Sorell> is there anything else I need to do?
<incorrect> Sorell, what does your interfaces file look like?
<Sorell> # This file describes the network interfaces available on your system
<Sorell> # and how to activate them. For more information, see interfaces(5).
<Sorell> # The loopback network interface
<Sorell> auto lo
<Sorell> iface lo inet loopback
<Sorell> # The primary network interface
<Sorell> auto eth0
<Sorell> iface eth0 inet static
<Sorell>         address 192.168.1.8
<Sorell>         netmask 255.255.255.0
<Sorell>         network 192.168.1.0
<Sorell>         broadcast 192.168.1.255
<Sorell>         gateway 192.168.1.1
<incorrect> dude, pastebin
<incorrect> i bet you could well still have dhclient running
<bogeyd6> lololol
<Sorell> what is paste bin?
<bogeyd6> comment out the auto eth0
<bogeyd6> www.pastebin.com
<Sorell> ty
<bogeyd6> and
<bogeyd6> http://pastebin.ubuntu.com/
<incorrect> sigh
<incorrect> do i dare upgrade my kvm server to 9.10
<bogeyd6> takes 9-10 hours right now
<incorrect> i just upgraded 2 servers, but they are just compile nodes
<Baversjo> I'm trying to make my server secure by only allowing administration services from localhost. I'm using a ssh tunnel to access things like phpmyadmin from other computers. If I use lynx to go to localhost directly on my server it works. If I try to use a browser through the SSH tunnel it doesn't work. I've flushed all my iptables rules. I got this working before on my old ubuntu server. Any suggestions?
<incorrect> seems a little over kill to me
<bogeyd6> Baversjo did you check the apache error log?
<Baversjo> nope let me try that :P
<bogeyd6> cuz you have to use stunnel to go to port 443
<bogeyd6> ala udo stunnel -c -d 80 -r https-for-this-eg-web-page.co.uk:443
<bogeyd6> sudo*
<bogeyd6> setup the ubuntu apache ssl
<bogeyd6> bam, secure like a bank
<incorrect> i thought he was just getting his ssh tunnel settings wrong
<Baversjo> [Sun Nov 01 12:48:51 2009] [notice] Apache/2.2.12 (Ubuntu) PHP/5.2.10-2ubuntu6
<Baversjo> [Sun Nov 01 12:57:16 2009] [notice] caught SIGTERM, shutting down
<Baversjo> Let me try something and get back :P
<bogeyd6> k
<Sorell> do I need to uninstall dhcpd3 as well?
<Sorell> to get the static ip working?
<bogeyd6> Sorell did you comment out the auto line and then do a "sudo /etc/init.d/networking" restart/
<Sorell> yes
<Sorell> all that did was make it so that when I do an ifconfig I see nothing. :(
<bogeyd6> just go here
<bogeyd6> http://www.cyberciti.biz/tips/howto-ubuntu-linux-convert-dhcp-network-configuration-to-static-ip-configuration.html
<bogeyd6> or
<bogeyd6> http://www.ubuntugeek.com/how-to-set-a-static-ip-address-in-ubuntu-810-intrepid-ibex.html
<bogeyd6> plus you never pastebined your config, so i dont know how you expected anyone to fix it
<Sorell> I will type it into paste bin one sec.
<Sorell> http://pastebin.ubuntu.com/306647/
<bogeyd6> k
<bogeyd6> do you need dns servers?
<Sorell> I am using my router.
<Sorell> as one.
<Sorell> no
<bogeyd6> http://pastebin.ubuntu.com/306652/
<Sorell> :) TY
<bogeyd6> yw
<uvirtbot> New bug: #468461 in mysql-dfsg-5.0 (main) "cannot install mysql-server 5.0 on Ubuntu 9.10" [Undecided,New] https://launchpad.net/bugs/468461
<dinger1986> can anyone here help me with a small postfix problem?
<andol> !ask | dinger1986
<ubottu> dinger1986: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-)
<dinger1986> ah ok sorry
<dinger1986> Nov  1 11:59:49 floserver postfix/smtpd[16575]: NOQUEUE: im just setting up a postfix server and i know this is very basic but i cant send from a remote machine what do i need t add the config to allow me to do that? i get reject: RCPT from host212-183-132-77.uk.access.vodafone.net[212.183.132.77]: 554 5.7.1 <daniel.lamb@dlcomputing.co.uk>: Relay access denied; from=<daniel.lamb@flonix.co.uk> to=<daniel.lamb@dlcomputing.co.uk> proto=ESMTP helo=
<dinger1986> <Inbox>in the log file
<dinger1986> anyone know?
<bogeyd6> dinger are you using it as your smtp server or sending from one smtp server to another/
<bogeyd6> the gist of it being you need to authenticate with the smtp server
<bogeyd6> cuz its not an open relay by default
<bogeyd6> http://www.postfix.org/SMTPD_ACCESS_README.html
<Baversjo> I'm trying to make my server secure by only allowing administration services from localhost. I'm using a ssh tunnel to access things like phpmyadmin from other computers. If I use lynx to go to localhost directly on my server it works. If I try to use a browser through the SSH tunnel it doesn't work. I've flushed all my iptables rules (Using policy accept for input, forward and output). Getting the following TCP error when I try to connect using
<Baversjo>  mysql query browser: " No connection could be made because the target machine actively refused it" over the ssh tunnel. Getting the same TCP error when I try to connect to localhost in Firefox over the ssh tunnel. I got this working on my old ubuntu (using 9.10 now). Feels like there's something about permissions or iptables...
<Baversjo> sshd is on port 443
<Baversjo> No changes in apache access.log or error.log when I try to connect.
<bogeyd6> Baversjo did you get http working?
<Baversjo> Ok w8 I got it working now (almost).
<bogeyd6> Baversjo http://www.stunnel.org/examples/mysql.html
<bogeyd6> stunnel has to listen on one port and redirect to another
<Baversjo> The tunnel is working I'm tunneling mysql query browser.
<Baversjo> The only thing now, is the apache configuration. I'm not so good at that
<bogeyd6> bah i give up you are all over the place
<Baversjo> Just saying that I got the tunnel working ;)
<dinger1986> bogeyd6: i am looking to use it as the main smtp server
<dinger1986> i would be quite happy to have it as an open relay, obviously with usernames and passwords tosecure it
<Baversjo> bogeyd6: Got it working now :D Problem was that the tunnel was resolving DNS locally. Now it's resolving on the server :) When I connect to localhost I get to phpmyadmin and when I connect to my hostname outside lo I get to the regular homepage YEY :D
<bogeyd6> dinger1986 open relay is bad, mmmmkay
<bogeyd6> users should be set to authenticate to use SMTP
<dinger1986> can it be authenticated by the email doman or email address which is sending?
<xperia2> hello to all. i have just installed gallery on my ubuntu and would like to know how i can run it as a vhost ?
<snth> xperia2: Do you mean, how to configure a virtual host in apache?
<xperia2> snth: no. i have allready installed mutiple vhost on the server and they run just fine. now i have installed gallery with apt-get install gallery and cant acess gallery becouse of the vhost
<xperia2> i need to setup a vhost for gallery but i dont have the folder
<xperia2> maybe i need however a vhost for the /var/www folder only. this way it would work
<xperia2> but i fear that it will have conflicts with the other vhost site as they are also in the /var/www folder
<xperia2> it looks like that the ubuntu gallery package can not be runned as a vhost. could it be that true ?
<snth> xperia2: I have never used it before, but it seems that you have vhost pointing to /var/www/albums
<snth> xperia2: /usr/share/gallery/setup is where you set it all up I guess.
<xperia2> yes the path for the install folder is right
<xperia2> but i dont think /var/www/albums is the right path for the vhost
<xperia2> as i dont have any scripts in this folder
<xperia2> the folder /var/www/albums is empty
<snth> /var/www/albums is created when you install this package.
<snth> hmm
<xperia2> yes that is right but for me this folder looks like that is only a storage folder
<snth> xperia2: are you sure that it doesn't get populated after you run your setup?
<xperia2> well for setup i need it to call it from the web browser if i am not wrong
<xperia2> and exactly here maybe is the problem
<xperia2> what i am asking me is first if i needmaybe to create a vhost with the path /usr/share/gallery/
<xperia2> till yet however i have allways used only the folder /var/www as vhost path folder
<snth> xperia2: what's in /etc/gallery/apache.conf?
<xperia2> snth: hmmmm this loooks very interessting. it has even a example for vhost
<xperia2> let me put it on pastebin
<xperia2> http://pastebin.com/d130c1052
<snth> xperia2: Cool :) so, that's it.
<xperia2> snth: thank you a lot. i will change now the file and restart apache !
<xperia2> now it must work !
<uvirtbot> New bug: #468809 in vm-builder (universe) "Support adding custom debs" [Undecided,New] https://launchpad.net/bugs/468809
<uvirtbot> New bug: #468837 in dhcp3 (main) "dhcp3-server could not be installed/updated during the distribution upgrade" [Undecided,New] https://launchpad.net/bugs/468837
<uvirtbot> New bug: #468881 in postfix (main) "package postfix 2.6.5-3 failed to install/upgrade: " [Undecided,New] https://launchpad.net/bugs/468881
<cameron> hi all. I've just rebooted my dev computer with ubuntu-server on it and it's trying to check my 750GB filesystem ("primary superblock features are different from backup, check forced")
<cameron> it's been about 15 minutes and it's only gotten 20% through. I need this system up now, but can't find a way to cancel the check
<uvirtbot> New bug: #468928 in openldap (main) "no prompt to enter the admin passwort upon package installation" [Undecided,New] https://launchpad.net/bugs/468928
<darkpixel> cameron: Unfortunately, you're stuck.  Your filesystem is corrupted.  Continuing to run without checking/fixing the errors could corrupt data even further.
<cameron> darkpixel: i'm pretty sure it's from doing a fs resize. Honestly i don't care about corrupting my filesystem further.. i'm mostly trying to check if another hard drive is broken or not
<darkpixel> cameron: I feel your pain.  I have a 2 TB RAID 6 array at home.  Checking takes the better part of an hour.  And you can't skip it.  I know it's been discussed in the past to let people skip the automatic ~32 mount check, but I'm not sure where that left off.
<cameron> i've just had one of my machines start refusing to boot :(
<cameron> the hard drive isn't being detected on the BIOS, on either drive controller
<cameron> swapped cables and all that, and i think it's broken.. annoyingly it's 1 year 2 days old
<crohakon> hard drive = the slowest and least reliable part of a computer.
<crohakon> thus... raid.
<koan> hi, I installed UEC and all goes well, but when I want to install an image from the Store tab in the webinterface, I get the error message "error 28: connect() timed out!"
<koan> is this a known issue or temporary situation?
<koan> I can't see which server it actually tries to connect to
<maxagaz> hi
<maxagaz> amule is using many and any port, how can i set a rule in iptables to make it send its packets from a given NIC ?
<bdelin88> I have sshd for sftp installed and I have a user/password that matches my user/password on the ubuntu server... i am guess that they are not the same because when I set priviledges as the ubuntu user I cannot see them via sftp... how do i set up sshd to match my ubuntu priviledges?
<qman__> bdelin88, sshd uses system privileges
<bdelin88> qman__: hmm
<bdelin88> wonder why my user wasn't able to view the folder then?
<dinger1986> can postfix be authenticated by the email domain or email address which is sending?
<dinger1986>  
<ninjah> I'm trying to reinstall mysql-server and mysql-client. I don't get the directory "mysql" in /etc. Why?
<pbbs90210> I am using the runtime cd and need to figure out if ubuntu will recgonize netgear or belkin adapters without any additional modications (out of the box)
<ninjah> I uninstaled mysql-server. When I reinstall it I don't get the /etc/mysql directory. Why?
<pbbs90210> can I use netgear or belkin wifi adpaters with the runtime ubuntu cd?
<dinger1986> is there anyway to allow emails sent from a specific domain to be relayed without putting in all the ip addresses?
<sub> Domains are forged easily
<sub> Are you using Exim as your MTA?
<dinger1986> no using postfix
<incorrect> do i dare upgrade my kvm server to 9.10, if i upgrade will i have to modify my apparmour config to support my setup?
<dinger1986> i have put in smtpd_recipient_restrictions = permit_mynetworks, check_relay_domains, check_sender_access hash:/etc/postfix/sender-access
<dinger1986>  into my main.cf file but its still not working
<darkpixel> dinger1986: If you do this based on a domain (for example: example.com), I can easily set my mail program to pretend to be 'example.com' and start spamming through your server.  There are really only two good ways to relay mail.  Either put the IP address of the mail server or machine that needs to relay, or require users to authenticate.
<dinger1986> well they will be autheicated by a password as well
<darkpixel> Then don't use 'check_sender_access', use 'permit_sasl_authenticated' instead.  That pretty much says "Anyone who uses a valid username/password can relay mail"
<dinger1986> darkpixel: do you know how to tell postfix to send this way?
<dinger1986> i tried that, it stops working
<darkpixel> dinger1986: Do you mean you have one postfix server that needs to relay mail to another postfix server?
<dinger1986> no i want to be able to send from my mobile phone via postfix
<darkpixel> dinger1986: Sorry, not sure what happened to freenode, but it kicked a lot of people.  Anyways, the easiest way to get authenticated SMTP with postfix is to also setup POP3/IMAP.  I install dovecot on my servers.  Once dovecot is installed and setup, you can point Postfix to authenticate off it's username/password list.
<dinger1986> ok
<dinger1986> i managed to finally get it to send from my laptop but still struggling to send from the phone but ill get it
<dinger1986> i am getting Helo command rejected: Host not found;
<darkpixel> It's somewhat annoying, but Postfix doesn't support authentication out of the box, it requires you to setup another system that uses authentication and connect the two.
<darkpixel> That's usually something in smtpd_helo_restrictions like reject_invalid_helo_hostname
<darkpixel> If you have an 'smtpd_helo_rejections = ' line in your main.cf, copy and paste it in here and I can see what's blocking you.
<dinger1986> darkpixel: i have smtpd_helo_required = yes
<dinger1986>  
<dinger1986> done have smtpd_helo_rejections
<dinger1986> sorry nt done meant dont
<darkpixel> dinger1986: That's a bit odd.  If you don't have any helo restrictions, postfix shouldn't be complaining about a host not being found...
<dinger1986> hmmm well this is from my logs Nov  1 20:16:58 floserver postfix/smtpd[26970]: NOQUEUE: reject: RCPT from host212-183-132-19.uk.access.vodafone.net[212.183.132.19]: 453 4.7.1 <Inbox>: Helo command rejected: Host not found; from=<daniel.lamb@flonix.co.uk> to=<daniel.lamb@dlcomputing.co.uk> proto=ESMTP helo=<Inbox>
<darkpixel> You might try 'sudo apt-get install pastebinit && cat /etc/postfix/main.cf | pastebinit'.  That will post your main.cf file to the pastebin website and return a URL.  If you post that URL here I can take a look at the config and help you.
<darkpixel> That's strange that it says helo=<Inbox> unless your machine is actually named 'Inbox'
<dinger1986> http://pastebin.com/f705028d8
<darkpixel> Two changes:  smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, check_sender_access hash:/etc/postfix/sender-access, check_relay_domains
<peugi> heya! can somebody help me setting up ip aliasing?
<darkpixel> And delete: smtpd_sender_restrictions = reject_unknown_hostname
<peugi> its not working, even despite it should ...
<peugi> I need ideas to troubleshoot
<Vertigo> Hello everyone.. I've been all day trying to work this out, but without success.. I installed Ubuntu Server 9.10 with egroupware. Now i'm trying to install a pear component with pear install Auth_SASL, but after when i do pear list it says not installed. Can anybody help me please?
<dinger1986> vertigo: have you restarted apache?
<darkpixel> Vertigo: Have you done an /etc/init.d/apache2 force-reload?
<Vertigo> dinger1986 and darkpixel: i only did apache2 restart.. will try force now.
<darkpixel> dinger1986: Beat me to it.  If you make those two changes and restart postfix, you should stop getting that error.  Also the 'relay_domains' parameter should be deleted.
<dinger1986> what relay domains parameter?
<darkpixel> dinger1986: http://pastebin.com/f705028d8 (line 48 in the dump you sent)
<darkpixel> dinger1986: Sorry I can't stay and assist.  I just got word my uncle is in the hospital.  Gotta drive 2 hours to go see him.  I'll be on later tonight if you still need assistance.
<dinger1986> aye sorry i had deleted that anyway as i thought it was wrong
<dinger1986> ok thanks alot
<peugi> any ideas on the ip aliasing issue? I have centos5 vmware server 1.x host with a range of ips. two ubuntu vms that work fine. I tried to add ip alias to one ubuntuntu guest, but it doesn't work
<peugi> when I try to reach the ip, the host answers, instead of ubuntu guest
<snth> peugi: How did you add the ip alias?
<peugi> snth: sudo ifconfig eth0:0 192.168.1.11 up
<peugi> also in the interfaces file
<peugi> and promptly restarted the service
<snth> peugi: did you add a routing rule?
<peugi> snth: I guess not? I didn't know I had to
<snth> cat /proc/net/aliases
<snth> What's the output?
<peugi> snth: you mean something that the ISP adds to the routers?
<peugi> snth: or something I have to do on the centos5 host?
<snth> peugi: http://www.faqs.org/docs/Linux-mini/IP-Alias.html
<peugi> oooo let me try ...
<peugi> snth: I added the routes, but still nothing
<peugi> snth: localhost sees its own ip address, but can't access it from the outside ...
<snth> hmm
<snth> pastebin your config files.
<snth> /etc/network/interfaces
<peugi> snth: http://pastebin.com/m2cd13af1
<peugi> the two ips are on different ranges
<peugi> but my centos5 host sees them all
<snth> When you ping 124.28 does it come from centos?
<peugi> yes
<peugi> I mean I tried to ssh
<snth> peugi: is it up? what's output of ifconfig?
<snth> peugi: IM me.
<peugi> snth: sent you IM
<Ash-Fox> Ah, this is really fun. I have a server that has a simple built in SSD drive and a 1TB drive connected via USB. Installing /boot to SSD and the rest of thesystem to the TB drive - I have a feeling GRUB is going to not going to be very happy as previous attempts lead to grub error 2.
<ikonia> Ash-Fox: that is a very simple configuration, grub will have no problem with that
<peugi> I just want to let everyone know that snth is DA MAN!!!
<ikonia> ?
 * peugi bows to snth's l33t networking skillz :)
<snth> peugi: haha .. thanks.
<peugi> kids remember, *never* alias an ip twice!
<peugi> :)
<Ash-Fox> ikonia, considering I'm just getting error 22 and error 2, depending on how I switch things around in the BIOS boot priority, I don't think it's so simple.
<snth> Ash-Fox: What's your grub.conf look like?
<Ash-Fox> I have no idea. The netboot installer doesn't seem to let me mount anything in the terminal when I Try to do things manually.
<ikonia> Ash-Fox: good tip is to not change the bios order, it messes grub up
<Ash-Fox> ikonia, it was messed up before changing it.
<ikonia> Ash-Fox: yes, but changing it is adding more complexity to it
<Ash-Fox> I have on occasion had success with getting things to boot that way. But in this case, I think I'm just going to have to disable the built in ssd.
<snth> Ash-Fox: when you try to boot off of the SSD, what error do you get?
<Ash-Fox> error 2
<snth> What's the file system of your /boot partition?
<Ash-Fox> I set it to ext2
<Ash-Fox> I /think/ I know what happened, I think the system is trying to boot off the built in cardreader (which has nothing in it) on the motherboard.
<peugi> Ash-Fox: did you try grub2? I had this old dell and switching to grub2 fixed my boot problem
<Ash-Fox> Nope, but I'm confident I'll figure this out soon enough. I just hate dealing with weird configurations like this.
<snth> Ash-Fox: Yeah, make sure you are actually booting off of the ssd that has the boot partition. This can definitely be it.
<Ash-Fox> I believe what is happening is that it is booting off the SSD, but the grub configuration is trying to read the card reader, although it's quite difficult to find out exactly what grub is doing since I can't get into it's config yet. I need to stick a live linux on a usbkey.
<kshbu0> testing... quiet here!
<Ash-Fox> Quite amusing, it seems to be getting the better of me. Time to try the LVM trick.
<peugi> anyone running karmic yet? is it worth doing a complete reload and setup ext4?
<qman__> peugi, only if you need the additional performance
<qman__> personally, I don't trust my important data to ext4 yet, maybe in a year or two
<qman__> but it's great for non-critical filesystems
<Vertigo_> Hello everyone. I'm having some difficulty installing pear auth_SASL in my ubuntu server.. after a pear install auth_SASL, it keep saying that it's not installed. Can anybody help me please?
<tonyyarusso> Is there a cache of DNS information that would not be cleared by restarting BIND?  Yesterday I was having a heck of a time trying to access something, and 'dig' returned the result I wanted, but 'w3m' still went to the wrong place.
<qman__> tonyyarusso, dig doesn't use the standard way of resolving things, but nslookup does
<qman__> not sure exactly how it works, but I think there's a local cache
<tonyyarusso> Oh.  Didn't know dig was different.  Lovely.
<tonyyarusso> I didn't try nslookup, so I don't have that data poitn.
<tonyyarusso> *point
<peugi> of course I need the ext4 performance gains ... who doesnt :)
<peugi> and the data corruption issues ext4 had in testing phase is making me cringe :)
<qman__> peugi, ext4 is still getting bug fixes, though they're much more minor than the data corruption problem
<peugi> perhaps I should put my home directory on ext3 and the rest on ext4, to speed stuff up?
<peugi> I want my firefox to open 1 second faster :)
<qman__> peugi, then don't use firefox ;)
<peugi> haha
<qman__> but yeah, ext4 is fine for most things but I wouldn't keep any important data on it
<qman__> or at least keep good backups
<peugi> whats a good webkit browser
<peugi> epiphany?
<peugi> hmm, I think in 9.04 epiphany still uses gecko ...
<peugi> as a backend ...
<tonyyarusso> correct
<tonyyarusso> 9.10 changed it
<Vertigo2009> Hello everyone. Can you help me understand why my ubuntu server is not installing pear auth_SASL?
<Vertigo2009> root@neptuno:/# pear install auth_SASL
<Vertigo2009> downloading Auth_SASL-1.0.3.tgz ...
<Vertigo2009> Starting to download Auth_SASL-1.0.3.tgz (5,724 bytes)
<Vertigo2009> .....done: 5,724 bytes
<Vertigo2009> root@neptuno:/# pear list auth_SASL
<Vertigo2009> `auth_SASL' not installed
<Vertigo2009> root@neptuno:/#
<Vertigo2009> Any help is very appreciated..
<qman__> that's a neat trick
<qman__> sorry, I can't really help
<Vertigo2009> qman__: thanks anyway.
<pwnguin> !info php5-sasl
<ubottu> php5-sasl (source: php-sasl): Cyrus SASL extension for PHP 5. In component universe, is optional. Version 0.1.0-1 (karmic), package size 9 kB, installed size 88 kB
#ubuntu-server 2010-11-01
<qman__> change the owner to www-data, change the group-owner to www-data, add www-data to the group-owner of the file, or change the everyone permission to allow writing
<qman__> which is best depends on your priorities
<qman__> the most secure method, meaning the one with least privilege, is to create a new group to be that file's group-owner, and add www-data to that group
<NightDragon> hello
<NightDragon> i apt-get installed ubuntu-desktop on top of my 10.10 server edition
<NightDragon> how can i get it to start up without launching X11?
<k56731> NightDragon: are you using gnome?
<NightDragon> yes
<k56731> NightDragon: update-rc.d gdm disable
<k56731> NightDragon: try it
<NightDragon> it used to be where you would change the grub conf to include 'text' on the kernel line, but grub has changed so damn much
<NightDragon> hey party people
<NightDragon> i'm trying to set IPMI up for my server
<NightDragon> i apt-get installed ipmitool, but it cant find /dev/ipmi or anything like
<NightDragon> hello all
<NightDragon> i'm trying to set up IPMI
<NightDragon> and i get this msg
<NightDragon> Could not open device at /dev/ipmi0
<NightDragon> wow, this is certainly active :-/
<NightDragon> is anyone around?
<khussein> NightDragon: Yes, but I am sorry I don't know much about ipmi :(.
<NightDragon> :(
<NightDragon> i'm just trying to clear out the stupid event log on my PE 6600
<NightDragon> to get rid of the stupid amber light
<ryan___> Hello
<hggdh> soren: there?
<hggdh> soren: when you get in -- how do I subscribe to the openstack teams on LP? I see no option to request membership...
<hggdh> soren: and I want to vote :-)
<nagchampa> would a server set up as in this guide https://help.ubuntu.com/10.04/serverguide/C/mail-filtering.html only scan incoming mail?
<joschi> nagchampa: no, it'll scan in- and outgoing mails
<ndroftheline> hello
<ndroftheline> how do you change the display mode in ubuntu server
<ndroftheline> my display is really weird, it's a laptop with no screen that i have attached to an external monitor
<ndroftheline> i can see text from the server but it's split and it keeps blinking
<ndroftheline> Server doesn't come with iwconfig?!
<ndroftheline> hrm.
<nagchampa> joschi: do i need to make any modifications if my server is acting as an incoming relay?
<joschi> nagchampa: http://www.postfix.org/STANDARD_CONFIGURATION_README.html#firewall
<MTecknology> yup... bringing a server back from destruction blows...
<uvirtbot> New bug: #669338 in openssh (main) "ssh autologin fails to work" [Undecided,New] https://launchpad.net/bugs/669338
<MTecknology> root@insto:/usr/local/sbin# sudo -H -u www-data -i -- "ls"
<MTecknology> /bin/ls: /bin/ls: cannot execute binary file
<MTecknology> :S
<jpds> MTecknology: Nice.
<MTecknology> jpds: ya....
<MTecknology> jpds: that's what I get for dealing with old distros.. incompatibnilities
<NightDragon> aah, i just love my sexy new server
<Wakko10Warner> When I try to email a message from my mail server to my google account I get an error about using sendmail as a relay server how can I fix this.
<Wakko10Warner> how can I set my smtpd to allow me to relay messages from other computers ....
<Robbster> hi all,
<Robbster> i'm trying to install 10.04 amd64 from CD on a machine and after starting to install packages it says: "Please insert the disk labeled: 'Ubuntu-Server 10.04 LTS _Lucid Lynx_ ..."
<Robbster> I've tried the same thing twice, so either I'm missing something obvious, or... umm, I'm not sure. Google is not being all that helpful either.
<_ruben> sounds like a "broken" cd
<Robbster> http://ubuntu-ky.ubuntuforums.org/showthread.php?p=6441798
<Robbster> these are my exact symptoms, but the hdd is SATA and the cdrom is standard IDE
<coop0a> what should I use to secure my server: apparmor or selinux or something else?
<peterva> HI, perhaps maybe someone here can help me out :) On my install of 10.04 I have configured ipv6, all seems to be okay, but for some reason the server keeps adding 'default via fe80::1:1' to my routes, which seems to mess up my ipv6 config
<pipedream> I want to fix this:
<pipedream> 0 root@oystercatcher:~#dpkg-reconfigure man-db
<pipedream> /usr/sbin/dpkg-reconfigure: man-db is broken or not fully installed
<_ruben> apt-get install -f # might do the trick
<pipedream> thanks, not sure why that didn't work for me before. Caused by a ro /usr, I think
<databits> when I ftp files to /var/www directory apache is unable to access files.   I have to go in and manualy change permissions.  I want to get around this.
<databits> when adding files through ftp, the files are taking ownership of that user
<ikonia> databits: change the permissions on /var/www
<ikonia> databits: set the uid/gid
<ikonia> databits: http://en.wikipedia.org/wiki/Setuid
<databits> ok kinda new to all this
<tgwoollard> Good afternoon all. I have created a bootable USB installation of Ubuntu 9.10 from ISO. My machine boots but the installation wants to configure Ubuntu from a mirror. Is there any way i can get it to use the media within the ISO? Many Thanks in advance
<ikonia> tgwoollard: it should use the local repo if you built the usb correctly
<tgwoollard> I simply used Universal-USB-Installer. Not really much for me to get wrong as you just point it at an ISO and then select your USB drive. Are there any sugesstions as to what might have gone wrong?
<databits> ok ikonia, that is exactly what I am looking for
<Ninjix> tgwoollard: it's easier to use the one built into Ubuntu distro System >
<Ninjix> Administration > Startup Disk Creator
<databits> so I would do chmod g+s www-data ?
<ikonia> databits: that would set the guid
<tgwoollard> Okay i shall give that a try and report back. Thanks Ninjix and ikonia
<_ruben> hm, bash refuses to show my fqdn when using \H in $PS1
<databits> so if I set chmod g+s www-data /var/www
<databits> that would make it so no matter what user uploads a file to that directory
<databits> apache should be able to access the file
<databits> apache is running as www-data
<databits> ikonia: so what would be the correct command to have all files added to the /var/www directory take permissions so that apache will be able to serve the files ?
<databits> I'm not having very much luck here :(
<peterva> chown -R www-data:www-data /var/wwww
<databits> which works for the files currently in the directory
<databits> but when I ftp files to that directory they are not accessable by apache
<coop0a> don't do that! setting the owner of the web files to the same user as apache runs under is a bad idea!
<Pici> coop0a: Thats the normal setup.
<databits> I want all the files which are uploaded through ftp at a later date to be accessable though apache without having to go and reset permissions every time a new file is added
<_ruben> for some reason i cant find more than http://forums.debian.net/viewtopic.php?f=5&t=9225&start=0 which only lists a nasty workaround but no fix
<coop0a> Pici: it is "normal" to run windows, that does not mean it's a safe thing to do.
<Pici> coop0a: I'd like some information on why doing what was suggested is a bad idea.
<coop0a> Pici: the web server is the most likely attack vector. consider a limited exploit by which an attacker does not get root privileges, but instead can access files as user www-data. /var/www/ could then be changed by the attacker. it's better to make it read-only for the web server.
<coop0a> databits: here's what you could do. make /var/www/ owned by someone else. e.g. the user you use to upload files. and make it only readable/executable to the web server.
<coop0a> databits: basically, you should make /var/www/ writable only for users which you will use for uploading files.
<Jeeves_> (apt-get install apache2-mpm-itk)
<databits> coop0a: the issue with that is I am going to have multiple users uploading files to the webserver
<coop0a> databits: then create a new group, add all uploading users to that group and make /var/www/ owned by root:that_group and set permissions to 775.
<databits> sudo chmod -R a+rw /var/www
<databits> when I issue this command all the file currently that are in the directory are able to be accessed by the webserver
<databits> but if I upload a new file, the server is denied access to the file
<coop0a> databits: the approach I just mentioned has the advantage that you can see who uploaded what.
<databits> allrighty let me give this a try
<_ruben> guess noone really wants the fqdn in their bash prompts, might as well resort to the hackish workaround i found (set PS1 based on `hostname -f`)
<databits> drwxrwxrwx 2 www-data www-data     4096 2010-10-31 15:37 images -rwxrwxrwx 1 www-data www-data      405 2010-10-31 15:37 index.html -rw------- 1 databits www-upload 449700 2010-11-01 09:20 Radiant w-9 form.pdf -rw------- 1 databits www-upload 333593 2010-11-01 09:22 Radiant Work Order.pdf
<coop0a> databits: ?
<databits> ok I did everything
<databits> still isn't working
<coop0a> index.html is still not owned by the correct group.
<uvirtbot> New bug: #669443 in openssh (main) "Terminal hangs when sshing to Ubuntu 10.04 " [Undecided,New] https://launchpad.net/bugs/669443
<coop0a> databits: please pastebin ls -la /var/www/
<coop0a> databits: btw, you haven't set the permissions correctly.
<coop0a> databits: Radiant pdf files are only readable/writeable by the owner
<databits> I did sudo chmod -R root:www-upload /var/www
<coop0a> *chown*
<databits> databits@ubuntu:/var/www$ ls -l total 776 drwxrwxrwx 2 root www-upload   4096 2010-10-31 15:37 images -rwxrwxrwx 1 root www-upload    405 2010-10-31 15:37 index.html -rw------- 1 root www-upload 449700 2010-11-01 09:20 Radiant w-9 form.pdf -rw------- 1 root www-upload 333593 2010-11-01 09:22 Radiant Work Order.pdf
<databits> funny thing is I am still able to view the index.html
<databits> but I cannot pull up any of the other files
<coop0a> because you didn't do what I told you.
<databits> I created group www-upload
<databits> added my user to it
<databits> databits
<coop0a> databits: sudo chown -R root:www_upload /var/www/
<roflwafflez> the www-data user and group have absolutly no read/write to any of those files
<coop0a> exactly.
<databits> I added www-data to the www-upload group
<coop0a> that defeats the whole purpose of this.
<databits> like I said I am new to this in the learning process :) :(
<databits> please tell me
<databits> what commands should I issue laugh
<coop0a> databits: I did.
<coop0a> databits: sudo chown -R root:www_upload /var/www/
<databits> when I upload a file they have ownership of databits:www-upload
<coop0a> databits: sudo chmod 775 /var/www/
<coop0a> s/www_upload/www-upload
<databits> do you mean www-upload
<coop0a> s/www_upload/www-upload/
<coop0a> yes
<progre55> hi guys. I've got a server, with ubuntu enterprise cloud installed, and from time to time it just freezes. No ssh connection. But I cant even connect to it using a monitor and a keyboard, so I have to force-boot it. Cant seem to find anything in the logs. Any suggestions, please? what logs to check?
<databits> ok
<databits> done
<databits> now what ?
<coop0a> note that it is ch*OWN* and ch*MOD*, two different commands
<databits> I just cut and paste
<coop0a> okay, now try again.
<databits> it will work not because I just changed the permissions with that command
<databits> but if I upload a new file from ftp it will not work to access that file
<databits> I can tell you that righ tnow without even checking .... I will do so anyways
<coop0a> that is because you didn't set the permissions correctly. I just told you how to do it.
<ssureshot> why wouldn't this respawn when the Xvfb process is killed.. (upstart) http://pastebin.ca/1978684
<databits> sudo chmod 775 /var/www/
<databits> correct ?
<coop0a> yes, but if you have files with wrong permissions already, you must use -R... as in sudo chmod -R 775 /var/www/
<databits> ok
<databits> I am able to view files allready in the directory
<coop0a> ...
<databits> now lets try uploading from ftp and try to access it
<databits> databits@ubuntu:/var/www$ ls -l total 448 drwxrwxr-x 2 root     www-upload   4096 2010-10-31 15:37 images -rwxrwxr-x 1 root     www-upload    405 2010-10-31 15:37 index.html -rw------- 1 databits www-upload 449700 2010-11-01 09:35 Radiant w-9 form.pdf
<databits> as you can see the new uploaded file
<coop0a> please pastebin ls -la
<databits> error.log
<databits> databits@ubuntu:/var/www$ ls -l total 916 -rw------- 1 databits www-upload   7373 2010-11-01 09:38 error.log drwxrwxr-x 2 root     www-upload   4096 2010-10-31 15:37 images -rwxrwxr-x 1 root     www-upload    405 2010-10-31 15:37 index.html -rw------- 1 databits www-upload 449700 2010-11-01 09:35 Radiant w-9 form.pdf -rw------- 1 databits www-upload 333593 2010-11-01 09:37 Radiant Work Order.pdf -rw------- 1 databits www-uploa
<coop0a> databits: if you continue to ignore what I tell you, I'm done helping you.
<coop0a> databits: the problem is obviously that group and others have no read/executable privileges on the files.
<coop0a> databits: please pastebin "ls -la /var/www/"
<databits> databits@ubuntu:/var/www$ ls -la /var/www total 924 drwxrwsr-x  3 root     www-upload   4096 2010-11-01 09:38 . drwxr-xr-x 14 root     root         4096 2010-10-31 05:56 .. -rw-------  1 databits www-upload   7373 2010-11-01 09:38 error.log drwxrwxr-x  2 root     www-upload   4096 2010-10-31 15:37 images -rwxrwxr-x  1 root     www-upload    405 2010-10-31 15:37 index.html -rw-------  1 databits www-upload 449700 2010-11-01 09:
<databits> ok so what do I do from here
<coop0a> databits: check that whatever program you use to upload the files doesn't set the permissions incorrectly.
<databits> it is not changing any permissions
<databits> using flashfxp
<coop0a> windows isn't using unix permissions last time I checked, so it cannot "change" any permissions. it simply does not set them correctly.
<databits> I am ftping the files from my windows machine to my linux box
<databits> coopOa: any idea's ?
<uvirtbot> New bug: #669452 in freeradius (main) "Please sync freeradius (main) from Debian Unstable (main)" [Undecided,New] https://launchpad.net/bugs/669452
<progre55> anyone? I have an ubuntu enterprise cloud server, but sometimes it freezes and doesnt even respond to monitor+keyboard connections., so I have to force-reboot it. Cant seem to find anything in the logs. Any suggestions, please? what log files should I check?
<AbhiJit> hi
<AbhiJit> i wanted apache to listen to localhost only. so following the lamp guide on help.ubuntu  i made Listen 80 to Listen 127.0.0.1:80 now when i try to restart apache it give me error
<AbhiJit> apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1 for ServerName
<AbhiJit> httpd not running, trying to start
<AbhiJit> any help?
<jpds> 127.0.1.1?
<andres_> hi every body, i have a hard disk than the most of sector is whit errors
<andres_> whitch tools i may to use to repair it
<patdk-wk> does it have data you want to recover?
<_ruben> andres_: bad sectors cant be repaired, only option is recovery (as stated by patdk-wk). dd_rescue would be my first bet
<LyonJT> Heyy
<LyonJT> Does anyone know how to get a vnc server working on ubuntu-server and then use a ssh-tunnel to connect to the vnc-server?
<patdk-wk> depends on your definition of repare, I would say forcing the harddrive to remap the sector, is repared, but still data lost :)
<consumerism> i'm accessing an ubuntu server via ssh and it's not giving my gnome-terminal scrollback information (don't know the term) - i can only see a screenful at a time, there's nothing to scroll back to. this is not the case with other remote servers, arch and centos. what do i have to do to enable scrollback for my ssh session?
<patdk-wk> that has nothing to do with the server, ssh or anything
<patdk-wk> that would be your terminal settings on your desktop
<patdk-wk> well, I guess if your running some kind of strange none-scrolling shell on that server
<_ruben> screen for instance
<_ruben> LyonJT: servers dont run X, so VNC is kinda useless
<patdk-wk> if I could only get rhel to understand that
<LyonJT> _ruben: yes but i installed ubuntu-desktop on top of it
<_ruben> LyonJT: so it is no longer a server but a desktop instead, hence offtopic for this channel i'm afraid
<LyonJT> well no because its a ubuntu-server
<LyonJT> with ubuntu-desktop installed on it
<patdk-wk> heh
<patdk-wk> X and vnc are part of ubuntu-desktop, not server
<patdk-wk> so still offtopic :)
<LyonJT> okay fine ill ask in another channel if its to hard to get answer from u
<hallyn> LyonJT: what problem are you having with vnc?
<hallyn> LyonJT: it should just work...
<hallyn> module whatever port forwarding you need to do (i do 'ssh -L5951:servername:5901 fwname' and then 'vnc :51', where fw is my fierwall and servername is the server which vnc is running on, and the vnc session is on :1 on servername)
<NightDragon> hello all: newbie question, but how do i get a modprobe command to be persistant? like that module will forever be enabled, instead of going away when i restart
<shauno> NightDragon: check out /etc/modules, format is simply name per line
<NightDragon> aah
<NightDragon> nice, thanks
<NightDragon> well another thing... let me ask the rest of the class this
<NightDragon>  20 | 11/01/2010 | 15:48:22 | Memory #0x01 | Correctable ECC | Asserted
<NightDragon> should i be worried?
<uvirtbot> New bug: #669514 in rabbitmq-server (main) "package rabbitmq-server 1.7.2-1ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/669514
<kpettit> anybody know good software to compare/diff PDF files?  I need a way to outline the differences between 2 PDF files that's easy for users to read
<ivoks> pdftotext
<ivoks> then diff :)
<NightDragon> lol
<kpettit> I wish I could do that
<NightDragon> truely a sysadmin answer
<kpettit> users need it to look the same.  But I tried to pitch that idea first :)
<ivoks> well, it's #ubuntu-server
<NightDragon> lol
<ivoks> 'users' are here computer literate and understand < and >
<NightDragon> and also miss their classes
<ivoks> diffpdf - compare two PDF files textually or visually
<NightDragon> because their new server drowned out their alarm :(
<NightDragon> o_O
<kpettit> ivoks, that one rocks.  Using it right now.
<NightDragon> cool
<NightDragon> google is your friend
<kpettit> But I need a web based tool.  Trying to figure out what makes this one tick,
<ivoks> actually, apt-cache is your friend :)
<kpettit> I've seen a few think clients but nothing that's usefull for a web app.
<NightDragon> then in that case, couldnt you make a very simple web wrapper for diffpdf?
<kpettit> I'm trying to figure that out.  But the app has no cli option
<ivoks> i beleive there's a python pdf library; i'm sure you could wrote a web app that would do that
<ivoks> believe
<ivoks> or whatever :)
<kpettit> There are a ton of pdf tools in python. Just haven't see one that's easy to compaire, or that I know how to compare with
<ivoks> ah... i have things to do
<NightDragon> why do you look so shifty-eyed when you say that?
<patdk-wk> like helping kpettit :)
<kpettit> that's for the suggestions
<nimrod10> hello guys ! I'm installing ubuntu lucid x64 server via pxe  and the whole install gets interrupted by a  Debootstrap warning package zlib1g is corrupt. I've checked(sha1sum) the package against the one from a install iso and they have the same sha1sum. Can I make debootstrap not check packages ?
<patdk-wk> if your installing via pxe, where does debootstrap come into it at all?
<sheetzam> ppetraki - have an update on that server from last week, when you get a minute
<failsnail-d> is it possible to apt-get php5 and NOT get apache?
<sheetzam> try the cli version of php5
<sheetzam> php5-cli
<failsnail-d> mkay
<failsnail-d> aha! very good. hopefully that'll include everything I need
<sheetzam> :)
<failsnail-d> I just got a turnkey-linux core VM going (ubuntu server 8something I believe) and I wanted to set up just lighttpd + php5 + sqlite for some tinkering
<failsnail-d> apache always wants to get its claws in there
<zul> failsnail-d: instal php5-cgi
<failsnail-d> presumably sqlite needs it?
<sheetzam> failsnail-d - zul is probably right, you might prefer the php5-cgi to php-cli
<ppetraki> sheetzam, hi
<sheetzam> ppetraki - so the server restarted sometime Friday.  Unfortunately I was not here to get a look at what brought it down
<sheetzam> so, we're back to noacpi
<sheetzam> and I haven't been able to crash the server yet
<ppetraki> sheetzam, so refresh my memory, what switches was the server running with with it presumably crashed?
<sheetzam> noacpi
<sheetzam> ppetraki - noacpi
<ppetraki> sheetzam, ok... time to rewind you acpi runtime :)
<ppetraki> sheetzam, which kernel were you running on the LTS that was stable?
<sheetzam> sorry, it just now crashed with just noacpi enabled
<sheetzam> and it was a machine check exception
<sheetzam> so, to answer your question, it was whatever the latest stable server kernel was for 8.04 two weeks ago
<sheetzam> no idea what it was, unfortunately
<RoyK> sheetzam: perhaps an obvious thought, but have you checked the memory?
<sheetzam> RoyK - memcheck86 turns up no problems.  This problem goes away when I set the machine to nosmp
<sheetzam> thanks tho
<RoyK> nosmp helps?
<RoyK> do you have a panic dump?
<sheetzam> RoyK - I have a screen cap of the screen at panic time, that's about it.  Want to see it?
<RoyK> sure
<sheetzam> remind me the image dump url?
<ppetraki> sheetzam, http://pastebin.com/ie1VZjX9
<sheetzam> thanks
<ppetraki> sheetzam, sure
<ppetraki> oh, I forget :)
<sheetzam> mm, sorry, the one for images, not text
<RoyK> http://imagebin.ca/
<sheetzam> http://imagebin.ca/view/2RKhPD45.html
<sheetzam> thanks
<ppetraki> sheetzam, so what this does is removes windows2009 from the list of ACPI OS NAMES
<sheetzam> ok
<ppetraki> sheetzam, essentially forcing the bios to respond as windows vista
<ppetraki> sheetzam, which is what your old LTS would have done
<sheetzam> so, this bios definitely predates windows 2009
<sheetzam> ok
<shauno> 'This is not a software problem!' is a rather worrying line
<sheetzam> ya, no kidding!
<ppetraki> sheetzam,  so if you run with this switch, and only this switch, and it works, it means that either our acpi runtime has regressed, or your acpi tables are broken
<sheetzam> ok
<ppetraki> sheetzam, it's a toss up really, which side the bug is on
<sheetzam> :)
<sheetzam> I understand
<ppetraki> sheetzam,  but we'll find it :)
<sheetzam> so, let me run that, and reboot
<ppetraki> sheetzam, I wrote this script because getting this right from grub is "painfull"
<sheetzam> heh
<sheetzam> ok, I appreciate that!
<RoyK> sheetzam: tried nomce?
<sheetzam> RoyK - no
<RoyK> http://ubuntuforums.org/showthread.php?t=1474477 <-- just saw it mentioned here
<bogeyd6> royk is back, long time no see buddy. of course i have been away awhile myself
<ppetraki> sheetzam,  for the curious, http://lxr.linux.no/linux+v2.6.36/drivers/acpi/acpica/uteval.c#L62
<sheetzam> ok
<ppetraki> linux basically starts at the end and rolls back until the acpi tables respond with something valid
<ppetraki> and yes we pretend to be windows, because no linux distro has actually participated in the standards body to make ourselves relevant :)
<sheetzam> so, that script is supposed to edit the grub boot command, right
<sheetzam> ?
<ppetraki> yup
<sheetzam> ok, my grub does not live at /etc/default...
<sheetzam> hmm
<ppetraki> just takes the error out of it
<ppetraki> this is ubuntu right?
<sheetzam> yeah
<sheetzam> I have no /etc/default/grub
<sheetzam> lots of others, but not that one
<sheetzam> was that added with grub2?
<RoyK> iirc it was
<sheetzam> ok
<sheetzam> still working with the older grub
<sheetzam> seems like as good a time as any to update grub
<sheetzam> https://help.ubuntu.com/community/GrubHowto
<ppetraki> oughta be there, 10.04 right?
<ppetraki> either way
<sheetzam> this box has been upgraded from 6.04 to 8.04, and most recently to 10.04
<sheetzam> so
<ppetraki> oh...
<sheetzam> let me update grub, then run your script
<ppetraki> ok
<sheetzam> give you an idea of the age of the hardware, too...
 * ppetraki fingers crossed
<sheetzam> I should probably also check to see if there's an update to the bios firmware...
<skrite> hey all, i have two myisam tables with identical indexes, one is 4.2 million rows, the other is 2.9 million. It takes about 8 times the time to draw the smaller table than the larger. How can this be explained?
<patdk-wk> draw?
<patdk-wk> normally it has to do with key length, fragmentation, ...
<patdk-wk> how much ram you give the keybuffer
<RoyK> sheetzam: iirc grub2 is installed when you upgrade to 10.04.1, but not to 10.04
<sheetzam> no, it's installed only when you tell it to, it seems
<sheetzam> regardless, it's upgraded, and ppetraki's script has been executed
<RoyK> I'm quite sure 10.04.1 upgrades will add it without asking
<sheetzam> about to restart again
<sheetzam> huh
<ppetraki> sheetzam, great
<RoyK> sheetzam: http://www.redhat.com/docs/manuals/linux/RHL-9-Manual/install-guide/ch-bootopts.html <-- a short description of nomce
<sheetzam> hmm
<sheetzam> what's the downside of that?
<sheetzam> I mean, if it's checking for a problem, and one has been encountered, seems like ignoring it would be a bad thing
<RoyK> sheetzam: no idea, really - what sort of CPUs do you have in this thing?
<sheetzam> a single Core 2
<sheetzam> 2Ghz
<sheetzam> mainly I'm concerned that upgrading to 10.04 busted it, and would like to get the underlying problem fixed
<orudie> greetings. with for sftp, how can I "jail" user in home directory /
<sheetzam> ok, ppetraki - that script did not end up helping - just got it to lock up again
<sheetzam> after I had rebooted
<RoyK> sheetzam: I'm running 10.04 on those processors
<RoyK> sheetzam: are you running 10.04 or 10.04.1?
<sheetzam> yeah, not thinking it's the processors at fault
<sheetzam> one sec
<sheetzam> pretty sure it's 10.04.1, but let me check
<ppetraki> sheetzam, ok
<RoyK> lsb-release -a
<ppetraki> sheetzam, file a bug, it's a regression
<sheetzam> Ubuntu 10.04.1 LTS
<RoyK> k
<sheetzam> ppetraki - can you give me a pointer to get started on filing that bug?
<RoyK> sheetzam: try to 'apt-get update && apt-get dist-upgrade' before doing anything else
<sheetzam> lol
<sheetzam> yeah, way past that :)
<RoyK> https://help.ubuntu.com/community/ReportingBugs
<ppetraki> RoyK, we've been chipping away at this for a while now
<ppetraki> sheetzam, though that does beg the question, are you running the latest LTS kernel?
<sheetzam> one sec
<ppetraki> sheetzam, should be atleast 2.6.32-25-generic
<sheetzam> 2.6.32-25-generic-pae
<RoyK> sheetzam: I don't think I run 32bit kernels on my core2 installs
<ppetraki> sheetzam, yeah that's fine
<ppetraki> sheetzam, sudo apport-bug -p linux
<sheetzam> RoyK - as this is a machine that was originally running 6.04, I've not gone through the pain of changing to 64bit
<RoyK> sheetzam: that is - I'm certain I don't run anything but 64bit on those
<sheetzam> ya
<RoyK> sheetzam: understandable, but still, there might be something there
<ppetraki> RoyK, shouldn't make a difference, and if it does, it's a platform bug
<RoyK> I doubt very many run 32bit on those
<ppetraki> you'd be surprised
<RoyK> ppetraki: sure - just opting my thoughts :)
<ppetraki> :)
<ppetraki> sheetzam, be sure you detail the troubleshooting steps we went through
<sheetzam> ok
<sheetzam> apport-bug?
<sheetzam> thinking that's not a command line thing?
<sheetzam> helps to spell
<sheetzam> ppetraki - just fyi - I'm trying the upstream kernel package now
<sheetzam> or, rather, the mainline kernel
<sheetzam> don't suppose someone has a good writeup of upgrading from 32 bit ubuntu server to 64 bit?
<ppetraki> well...
<ppetraki> technically speaking, you should be able to do a base 64 bit install, over the 32 bit one, just leave all the files in place
<ppetraki> because the 32/64 bit packages are designed to co-exist
<ppetraki> but frankly, I don't think it's reasonable to put yourself through that hassle
<ppetraki> let's fix the bug :)
<sheetzam> ya
<sheetzam> well, for the moment, I'm running with the mainline kernel, we'll see what that brings
<sheetzam> that was quick - a crash
<RoyK> sheetzam: try the -server kernel
<RoyK> boot with nosmp or nomce
<RoyK> I have no idea if it'll help, though - just a guess
<sheetzam> royk - happy to try, can you tell me what the actual package name is?
<sheetzam> looking through apt-cache search, I nly see linux-image for generic, generic-pae and 386
<RoyK> sheetzam: linux-image-server
<sheetzam> ah
<sheetzam> ok
<sheetzam> hmm
<sheetzam> is that a virtual package for generic-pae?
<orudie> what is the ls command to view hidden files that begin with . ?
<sheetzam> ls -a
<orudie> tnx
<RoyK> sheetzam: how much memory do you have?
<sheetzam> 2g
<RoyK> no need for pae then
<sheetzam> so, when I install linux-image-server, it says I have it installed already, and the only kernel I have installed is generic-pae
<sheetzam> so
<RoyK> sheetzam: dunno - how much will you need to setup again if you reinstall with 64bit lucid?
<sheetzam> enough to make it painful
<RoyK> what's the server doing? fileserver? web? apps?
<|rt|> does anyone know if adduser supports the --conf option?
<sheetzam> it's our development and test server for our web based apps
<|rt|> the manpage indicates that it does but when I run adduser with --conf I get an error saying that it doesn't understand --conf
<RoyK> sheetzam: I see
<sheetzam> and nomce just means it restarts without telling me it had an mce :)
<sheetzam> looks like it's nosmp if I want the server to stay up
<RoyK> sheetzam: but then, nomce might leave both cores usable?
<RoyK> oh]
<RoyK> ic
<sheetzam> and, of course, the bios update requires a windows 95 or 98 boot floppy
 * sheetzam facepalms
<RoyK> sheetzam: DOS FTW!
<sheetzam> riiight
<RoyK> sheetzam: if you have an USB pen drive or something, perhaps testing a vanilla 10.04 x86 might be worth a try?
<sheetzam> thinking the only other change I'd be willing to test at this point is 64bit
<sheetzam> beyond that...
<sheetzam> since it happens with the mainline kernel also...
<sheetzam> not sure what further testing is going to help with
<orudie> what should the chmod be set to for /home/user/.ssh/uthorized_keys ?
<_Techie_> 700 for authorized keys, and 770 for .ssh IIRC
<_Techie_> although i have mine set to 700 for .ssh and 600 for authorized_keys
<orudie> _Techie_, the user should not have the ability to modify the file right ? only vew
<_Techie_> orudie, in my setup, a user can raed and write to their key
<_Techie_> but read write and execute their .ssh directory
<consumerism> i set CDPATH and it works but i don't get tab autocompletion in bash. what do i need to do for this?
<|rt|> hmm the adduser man page in 10.04 seems to have a bunch of problems....it's listing options that aren't supported and doesn't list any of the single letter flags that adduser -h lists...anyone else seeing this and should I file a bug?
<RoyK> _Techie_: chmod go-rwx -R $HOME/.ssh is my way of doing it - that works
<orudie> I generated a public auth key with puttygen.exe , and i'm having a hard time pasting it into authorized_keys , any help ?
<_Techie_> orudie, if you use puttygen you will have to do some modification
<_Techie_> orudie, if you pastebin your public key, i can format it correctly and re paste it
<_Techie_> ONLY PASTE YOUR PUBLIC KEY
 * RoyK hits _Techie_'s caps lock key
<orudie> _Techie_, hmm. pastebin.org is down ? whats the other site
<_Techie_> RoyK, sorry, had to make sure that orudie only pasted the public key
<RoyK> orudie: pastebin.com?
<RoyK> _Techie_: :)
<orudie> http://pastebin.com/fF4JXhx2
<_Techie_> orudie, http://pastebin.com/Ly33f9n6 - note it is all one line of text
<RoyK> orudie: I've sometimes seen the rsa key didn't work, but testing with dsa did - no idea why, though
<RoyK> ssh-keygen -t dsa
<_Techie_> RoyK, RSA keys work fine
<orudie> _Techie_, doesn't look right , whats the 3. doing in front of A ?
<_Techie_> i have the same RSA key across 3 servers, ubuntu-server debian and CentOS, and they all work perfectly
<_Techie_> orudie, thats your key
<_Techie_> wait
<_Techie_> i did make a mistake
<RoyK> _Techie_: I know, but I've still seen ubuntu (I think that was 9.04) failing with rsa, but succeding with dsa. As I said, I haven't the faintest idea why...
<_Techie_> ill correct that now
<_Techie_> orudie, http://pastebin.com/m5VUG1yb
<orudie> ok thanks
<orudie> not sure why my user can't edit authorized_keys
<_Techie_> orudie, use sudo to edit them, and chmod them when your done
<sheetzam> ppetraki - https://bugs.launchpad.net/ubuntu/+source/linux/+bug/669621
<uvirtbot> Launchpad bug 669621 in linux "MCE being triggered" [Undecided,New]
<sheetzam> what timing
<ppetraki> sheetzam, thanks, I'm subscribed now
<sheetzam> awesome.  Please let me know how i can help
<ppetraki> sheetzam, https://launchpad.net/ubuntu/+source/fwts/0.16.14/+build/1891976
<ppetraki> sheetzam, run it as root, fwts --no-s3 --no-s4 -p, and upload the results to the bug
<ppetraki> sheetzam, on the system with no extra switches
<sheetzam> sorry, what do you mean with no extra switches?
<ppetraki> sheetzam, like nosmp or noacpi
<sheetzam> ah
<sheetzam> ok
<sheetzam> and what does that do?
<ppetraki> sheetzam, it's not in lucid but it works just the same, just install the deps manually
<ppetraki> it's a firmware test suite we developed here to diagnose buggy bioses
<sheetzam> ah, got it
<sheetzam> cool
<ppetraki> sheetzam, sudo apt-get install -y iasl pciutils, libpcre3
<ppetraki> sheetzam, and then just install the deb
<sheetzam> yeah, on it :)
<sheetzam> ppetraki - is this what I should paste in? http://pastebin.com/6YrAHFsA
<ppetraki> sheetzam, yeah, just put a preamble in saying it's the result of fwts
<sheetzam> done
<ppetraki> sheetzam, crap, no table errors
<sheetzam> :(
<sheetzam> again, anything I can do to help, let me know.
<|rt|> ugh I figured out my problem....i must need more coffee
<|rt|> you can't read the manpage for adduser when trying to run useradd :)
<sheetzam> personally, I hate how close those two are
<|rt|> yeah keeps you on your toes
<|rt|> i was about to file a bug on launchpad when I figured it out heh
<sheetzam> thanks again for your help ppetraki and RoyK
<ppetraki> sheetzam, np
<alex88> ?
<RoyK> !
<Eventyret> Is there any step by step guide to install X on a ubuntu 10.04 server from shell i only got txt mode. and i want a gui on it.
<RoyK> Eventyret: I'd guess reinstalling with ubuntu desktop will be the best choice
<RoyK> Eventyret: btw, why on earth would you want X on a server?
<_Techie_> Eventyret, if you want the ubuntu GUI, you can sudo apt-get install ubuntu-dekstop
<_Techie_> ubuntu-desktop*
 * RoyK didn't know that one
<Eventyret> RoyK: its a VPS from a server i have. and im new to ubuntu so. thats why
<_Techie_> =)
<Eventyret> _Techie_: ok and once that is done you just start x ? or something
<_Techie_> RoyK, theres also lubuntu, kubuntu and xubuntu
<RoyK> Eventyret: lÃ¦r kommandolinja - det er mye, mye bedre
<_Techie_> Eventyret, once those packages are insatlled, X will load on bootup like a normal ubuntu install
<Eventyret> RoyK: jauda men er vrient og sette opp kommando linja nÃ¥r jeg ikke har gjort sÃ¥ mye med den fÃ¸r skal egenltig ha den som en FIL og web server ><
<Eventyret> _Techie_: ok so to get it remote then you install VNC or something oO
<_Techie_> yeah
<_Techie_> you would need to install ubuntu-desktop
<_Techie_> then install and configure x11vnc
<_Techie_> !package x11vnc
<_Techie_> hrmm
<Eventyret> ><
<RoyK> Eventyret: you'll spend hours geting x11vnc working and you'll still have to do the management from the commandline
<Eventyret> because its just a fresh server havnt installed anything on it yet so.
<RoyK> Eventyret: just learn it the hard way
<Eventyret> RoyK: well easy guide to have a Irssi shell + ftp + web server on it then xD
<RoyK> Eventyret: apt-get install vsftp apache2
<_Techie_> tbh, x11vnc isnt that hard to setup
<RoyK> that'll cover most of it
<_Techie_> but since its a VPs you will run into ALOT of problems with X
<Eventyret> _Techie_: oh ?
<RoyK> _Techie_: but he doesn't need it - he's setting up a bloody server, not a workstation
<_Techie_> RoyK, i know, but its what he wants
<Eventyret> let me try here then xD
<RoyK> Eventyret: try the commandline first
<_Techie_> Eventyret, the main thing being that X doesnt like to start without a display device attatched
<RoyK> forget about X
<RoyK> X won't help him setting up a file/webserver
<_Techie_> no
<_Techie_> it wont
<Eventyret> RoyK: ok :)
<_Techie_> RoyK, ive given up on trying to convince people that theres no need for something
<Eventyret> just gotta remember how i add my own root user
<RoyK> _Techie_: giving bad advice is something I try to avoid
<Eventyret> adduser nick admin oO ?
<RoyK> Eventyret: use sudo
<_Techie_> RoyK, i dont provide bad advice, i just dont let them know that what theyre considered is bad
<Eventyret> RoyK: well i want to add my OWN user as well ><
<Eventyret> instedd of the preinstalled shitass one xD
<_Techie_> ermm
<_Techie_> not possible
<RoyK> useradd -m username ; passwd username ; visudo
<Eventyret> oO
<Eventyret> and that adds me as sudo user xD
<_Techie_> there is only one administrator
<_Techie_> and that is root
<RoyK> _Techie_: with sudo, no
<_Techie_> there is no user admin rights like there is with windows
<_Techie_> if you wish for a user to have admin, use sudo
<guntbert> !language | Eventyret
<ubottu> Eventyret: Please watch your language and topic to help keep this channel family friendly.
<RoyK> guntbert: what???
<_Techie_> RoyK, <Eventyret> instedd of the preinstalled s*****s one xD
<guntbert> RoyK: I beg your pardon?
<RoyK> guntbert: I do as well - what is this language nazi thing in here?
<IdleOne> RoyK: ALL Ubuntu channels follow the same basic language guidelines
<guntbert> RoyK: this is the second time that you argue that way
<RoyK> imho an operating system channel shouldn't worry about chistian doctrine, but rather stay focused on the technical bits
<_Techie_> RoyK, if you want to start arguing, use #ubuntu-offtopic
<IdleOne> no arguing in -offtopic either
<_Techie_> fine then, take it to PC
<_Techie_> PM*
<RoyK> who invented this christian doctrine in #ubuntu\* in the first place?
<IdleOne> !guidelines
<ubottu> The guidelines for using the Ubuntu channels can be found here: http://wiki.ubuntu.com/IRC/Guidelines
<IdleOne> !codeofconduct
<ubottu> The Ubuntu Code of Conduct is a community etiquette document to which we ask all Ubuntu users to adhere, and can be found at http://www.ubuntu.com/community/conduct/ .  For information on how to electronically sign the CoC, see https://help.ubuntu.com/community/SigningCodeofConduct .
<IdleOne> there is the information.
<RoyK> I've read that part - it still doesn't make sense
<IdleOne> ok, what part of those pages don't you understand?
<RoyK> I didn't say I didn't understand them
<IdleOne> well then should be easy to follow them
<RoyK> I just said it doesn't make sense to ban a significant amount of the English language
<IdleOne> no just the "bad" words are not acceptable
<RoyK> meaning I disagree totally to that bull
<RoyK> what are bad words for an engineer or a techie?
<IdleOne> RoyK: do you need a list ?
<RoyK> IdleOne: please, please, explain why certain words should be left unsaid in here, when they are used all the time other places?
<IdleOne> because I don't want to see those words and thousand of other ubuntu users agree.
<IdleOne> simple as that.
<_Techie_> !ot
<ubottu> #ubuntu is the Ubuntu support channel, for all Ubuntu-related support questions. Please use #ubuntu-offtopic for other topics (though our !guidelines apply there too). Thanks!
<hggdh> and... we do abide by the CoC.
<IdleOne> _Techie_: correct :) sorry for being offtopic
<RoyK> IdleOne: I'd be delighted to see the list of those users and the discussion about that
<_Techie_> someone quickly refresh my memore, other than /etc/rc.0 and /etc/rc.6 where are shutdown scripts run from?
<_Techie_> memory*
<RoyK> 0
<RoyK> 6 is reboot - 0 is shutdown
<_Techie_> RoyK, please read the question properly
<RoyK> erm - yes
<RoyK> upstart?
<_Techie_> ... what else
<RoyK> perhaps (x)inetd
<_Techie_> im asking because i need to add extra functions to a shutdown command i setup, and i cant remeber where i put it
<RoyK> but nothing else I can think of
<hggdh> you might want to also add the single-user mode
<_Techie_> hggdh, thats not productive at all
<hggdh> ?
<_Techie_> setting it for single user mode would be most unproductive
<hggdh> _Techie_: I have no idea on what you are trying to do. Nevertheless, it is common to have services stopped on single-user mode.
<_Techie_> hggdh, its not a service, its a shutdown script
<hggdh> then, indeed, single-user does not apply
<_Techie_> and at no point did i ever notion to it being a service
<hggdh> er
<hggdh> ah well.
<_Techie_> found it
<_Techie_> still have no idea where it is
<_Techie_> but i managed to find a way to edit it
<guntbert> _Techie_: tell us
<_Techie_> i used webmin
<_Techie_> i originally created it manually
<erichammond> This Ubuntu server download page is a bit out of date (see versions): http://www.ubuntu.com/getubuntu/downloadmirrors#bt
<guntbert> _Techie_: you *do* know that webmin isn't supported on ubuntu any more?
<RoyK> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system.
<_Techie_> guntbert, yeah, i know
<_Techie_> however like many other ubuntu-server users, i choose how i administter my system
<_Techie_> if i wanted the ubuntu team to think for me, then i would have been born a livecd
<RoyK> _Techie_: you aren't much of a techie if you use web-based admin tools :Ã¾
<guntbert> _Techie_: its ok with me - just a heads up
<_Techie_> RoyK, theyre for when i cant get ssh out
<_Techie_> or when im lazy
<guntbert> erichammond:  how did you get to that one? currently it is http://www.ubuntu.com/desktop/get-ubuntu/alternative-download
<Eventyret> RoyK: so what would you suggest install to get a working shell and such then on the new server
<_Techie_> i figured out where i put the shutdown script
<_Techie_> i put it in rc1.d
<_Techie_> technically its a shutdowna dn startup script, but it does the job
<RoyK> Eventyret: the standard install should give you what you'll need
<Eventyret> RoyK: ok.. what you said to install a web / ftp / mysql then
<Eventyret> RoyK: is there like a Xampp package or something ?
<guntbert> _Techie_: remember what hggdh suggested? :-))
<_Techie_> guntbert, shusssh
<_Techie_> i should prolly actualy move it to rc2.d
<_Techie_> just to spite him
<RoyK> Eventyret: you really don't want to mix X into a server - the configuration must be done on the commandline anyhow
<hggdh> _Techie_: it will be difficult to spite me. Anyways, it would be against the CoC. And this is the end of this thread.
<RoyK> _Techie_: the script should go to /etc/init.d and then be symlinked to various rcX.d dirs
<Eventyret> RoyK: i havnt installed X xD thats why i ask you for some help to setup it xD
<Eventyret> RoyK: like a vhost on it xD
<_Techie_> RoyK, yeah yeah yeah, my system... my rules
<RoyK> _Techie_: whatever - you're on your own
<RoyK> Eventyret: xD?
<Eventyret> xD = smiley :P
<_Techie_> x = eyes, D = huge smile
<_Techie_> xD
<Eventyret> lol :P
 * RoyK is setting up a couple of 110TB boxes tomorrow and should go to bed soon
<_Techie_> 110tb 0.o
<RoyK> well, net storage is 140 or so
<_Techie_> i presume its gonna be in a RAID array
<RoyK> gross I mean
<RoyK> net storage will be about 110 per box
<RoyK> zfs ftw!
<_Techie_> very nice
<RoyK> not linux no these boxes
<_Techie_> i have no problem with non linux boxes, every OS has its place
<Eventyret> RoyK: so what you said to setup Mysql / php / apache + ftp ?
<_Techie_> there is a way to select preconfigured services
<_Techie_> but
<_Techie_> sudo apt-get install apache2 php5 libapache2-mod-php5 proftpd mysql-server
<_Techie_> IIRC
<RoyK> Eventyret: apt-get install libapache2-mod-php5 vsftpd
<RoyK> vsftpd is far more used and better supported than proftpd
<Eventyret> RoyK: ok thank you
<RoyK> Eventyret: add mysql-server to that, as _Techie_ said
<Eventyret> done that :)
 * RoyK is off zzzz
<Eventyret> done.
<Eventyret> that is now done RoyK
<fluvvell> Anybody know of a script that would fix permissions and ownership on a server? A file servers share directorys permissions got applied to the whole machine :(
<c0nv1ct_> fluvvell, lol, it would probably be easier to restore your backups than try to fix permissions by hand
<Eventyret> anyonw know why my server wont connect at all to the freenode, when i type /connect irc.freenode.net it just says connection refused..
<jjcm> Eventyret: what client?
<jjcm> c0nv1ct_: Psh, fixing perms is easy. Just chmod -r 777 /
<c0nv1ct_> jjcm, our definitions of "fix" differ :P
<jjcm> I like my files to be like a hippy commune
<jjcm> Everyone can use anything of anyone elses.
<jjcm> yay sharing!
<jjcm> Oh God so hung over.
<jjcm> Do not want to be at work.
<jjcm> Want to sleep longer than zz top's beard.
<Eventyret> jjcm: the server is 10.04 ubuntu
<Eventyret> jjcm: its irssi
<centaur5> Where would I find out what they changed in Maverick to cause my PXE preboot files to no longer work?
<Eventyret> jjcm: i can ssh into it and its a VPS so :)
<c0nv1ct_> Eventyret, firewall issues?
<jjcm> Eventyret: ping works and everything?
<Eventyret> jjcm: il test one sec
<Eventyret> c0nv1ct_: good one il check
<c0nv1ct_> Eventyret, i had the same issues when setting up shorewall, i forgot to fix some outbound policies
<Eventyret> was the firewall c0nv1ct_
<Eventyret> c0nv1ct_: would you happend to know how i can change my hostname on it also add vhosts ?
<Eventyre1> Here we are xD Worked like a charm
<c0nv1ct_> Even|Server, /etc/hostname  sets the hostname
<c0nv1ct_> for apache vhosts you'll want to check out /etc/apache2/sites-*
<Eventyret> c0nv1ct_: and the hostname can be anything ?
<c0nv1ct_> sure
<Eventyret> ok thy
<Eventyret> just reboot here
<Eventyret> exit
<Eventyret> exit
<qman__> http://blog.makezine.com/archive/2010/10/play_zork_on_an_arduino-controlled.html
<qman__> whoops, wrong window
<qman__> interesting anyway
#ubuntu-server 2010-11-02
<clayd> using 10.04.  how do you set up apache so that it opperates as a user?  i.e. shared web hosting server, client uploads wordpress and installs, any fill generated by apache is automaticly chowned by the user
<ivost> hello
<ivost> what's the best way to switch from 32bit server to 64bit server?
<ivost> install the 64bit server and than install the same packages as the 32bit version and then copy the config files=
<ivost> ?
<clayd> pull anything you want to keep and start from scratch?
<ivost> it's quite a bit of work :( since there are many services, ldap, mysql, bind, samba, radius, etc...
<clayd> yes but there are many of thoose that run differently and install differently depending on if they are on 32 or 64 bit system
<ivost> maybe I can get at least a list of all installed packages
<ivost> so that I can simply install them again in the 64bit version
<erichammond> ivost: Don't forget to copy your data as well :)
<erichammond> er, clayd: ^^^
<erichammond> er, er, er, ...
<ivost> I will install the new system to a SSD, so the old data will be still available :D
<ivost> and i've got a dayli backup of my server
<clayd> is this a physical system or a coud system?
<clayd> *cloud
<ivost> physical
<uvirtbot> New bug: #669739 in tomcat6 (main) "unable to setup ip-based virtual hosting due to "Bugzilla 48612"" [Undecided,New] https://launchpad.net/bugs/669739
<ndroftheline> hello
<ndroftheline> how do i change the display mode
<ndroftheline> on server
<ndroftheline> my monitor displays all the loading stuff just fine
<ndroftheline> but then when it gets to a login prompt, the screen flips out
<ndroftheline> it keeps blanking randomly
<ndroftheline> how do i change the display mode?
<clayd> from what I am finding i think this is partially a permisions issue to start
<clayd> sorry wrong place
<ndroftheline> can anybody help me set the display mode
<iisjmii> Can anybody tell me if the base install of ubuntu server includes Python?
<MTecknology> !info php5-pfm maverick
<ubottu> Package php5-pfm does not exist in maverick
<MTecknology> !info php5-fpm maverick
<ubottu> php5-fpm (source: php5): server-side, HTML-embedded scripting language (FPM-CGI binary). In component universe, is optional. Version 5.3.3-1ubuntu9.1 (maverick), package size 2875 kB, installed size 7624 kB
<ScottK> iisjmii: It does.
<MTecknology> !info nginx maverick
<ubottu> nginx (source: nginx): small, but very powerful and efficient web server and mail proxy. In component universe, is optional. Version 0.7.67-3ubuntu1 (maverick), package size 332 kB, installed size 808 kB
<ndroftheline> i've got my ubuntu-server installed but i'm having a few problems: display and internet connection. i can't get them to work properly, any hel?
<ndroftheline> i need to change my display mode
<ndroftheline> my monitor's trippin
<ndroftheline> help
<uvirtbot> New bug: #669751 in bind9 (main) "bind listens on 127.0.0.1:53 rather than *:53" [Undecided,New] https://launchpad.net/bugs/669751
<icek> hey i have a dhcpd/nat/firewalled ubuntu server that replaces my traditional router, I have several clients using this server to get internet, I would like to monitor what websites/what services they are using, basically know what websites or webprograms they are using (like msn etc etc)) and monitor how long
<icek> they are using them for
<icek> what tool can do that?
<c0nv1ct> icek, a transparent proxy would make that pretty easy
<icek> ?
<c0nv1ct> or you could log every single packet on outgoing port 80, lol
<KB1JWQ> icek: That's legally dubious.
<khussein> and port 80 won't capture all the traffic ;).
<icek> this is a home network
<icek> so legality isnt an issue
<c0nv1ct> khussein, it'll catch enough to make layer 7 filtering still too much work :P
<khussein> haha .. well said.
<icek> how would a transparent proxy make that easy c0nv1ct
<c0nv1ct> icek, it would force all http traffic to go through the proxy and make logging simpler and with less extra data
<c0nv1ct> logging through iptables would produce way more data than you'd need
<icek> but thats only port 80 traffic?
<c0nv1ct> well, 443 as well if you tell it to proxy https
<c0nv1ct> that would still account for almost all traffic since nonstandard port usage isnt very common at all
<c0nv1ct> plus, you could set it up under the guise of a caching proxy to make everyones intertubes faster ;)
<c0nv1ct> any specific data you are after or are ya just trying to catch a roomate browsing porn?
<icek> nah my internet is slow and i just wanted to analyze all the traffic flowing without having to do a low level wireshark analysis
<c0nv1ct> you could even toss privoxy into the mix and provide automatic ad blocking for the entire network
<icek> it seems to get slow at certain times of the day or week and i figured if i logged it all nicely i could maybe see some pattern
<icek> i wouldnt otherwise see
<c0nv1ct> are you sure it is http traffic causing the slowdowns?
<icek> no i am not sure, which is why i said http traffic plus other web traffic
<c0nv1ct> http is web
<icek> like all internet traffic
<icek> i mean internet
<c0nv1ct> so like ports 0 through 65535
<icek> all packets
<icek> yes
<c0nv1ct> lol
<icek> and i dont want so much to log all packets as i want to analyze it and keep statistics
<c0nv1ct> sounds like what you really need is some traffic shaping
<icek> it'd just be nice to know how much of each type of packet is going through (like based on port) and based on comptuer
<icek> so see how many packets per port overall and how many packets per port per computer over all
<icek> or something like that
<icek> but really mostly what i need is to know how many mbs of traffic over a given time period each computer uses
<icek> so i can figure out whose draggin the network down
<c0nv1ct> look into vnstat then
<c0nv1ct> that might be simpler than logging packets and trying to sort through that data
<icek> cooool
<icek> apt-get install vnstat?
<c0nv1ct> https://help.ubuntu.com/community/HowToMonitorInternetTrafficTotals
<c0nv1ct> never used ipac-ng, but that looks interesting
<icek> vnstat seems kinda dumb thou, only montiors mbs passed through an interface O_O
<c0nv1ct> hmm, i thought it could log more than that
<icek> im testin
<icek> but we will see
<icek> if ya look at the bottom of the page of that link u sent
<c0nv1ct> i use iptraf for realtime monitoring, but you want something to log right?
<icek> it shows example output
<icek> well i suppose logging but i will take whateve ri can get
<icek> :D
<icek> whats iptraf do?
<c0nv1ct> a per connection breakdown on usage
<c0nv1ct> per interface
<icek> i just got iptraf, how do i start it? sudo iptraf?
<c0nv1ct> ya
<c0nv1ct> icek, bring up Ip traffic monitor for your internal interface
<icek> sweet
<icek> sweet
<c0nv1ct> you could just leave it running in a screen session
<icek> can it show me data per ip leased on my network?
<c0nv1ct> i dont think it can do a totals breakdown for that
<icek> damnnn
<icek> it can
<icek> its my moms damn fishville!!
<c0nv1ct> it uses that much bandwidth?
<icek> it lists 9 internal ips, a total of 1349149 bytesIn and my mom is at 1023618 bytes in
<icek> and out is very similiar
<icek> thats a total of 13 mbs in and 10 mbs of that is my moms fishville
<icek> I just started running this!
<c0nv1ct> if shes saturating the output then that'll likely slow the entire internet down for you
<icek> a total of 2217 my mom is 1655 of them and second place has 280
<c0nv1ct> you can use QoS to queue locally instead of letting your ISP do it
<icek> *packets
<MTecknology> where do you usually find sample configs in a package? I can't remember..
<c0nv1ct> MTecknology, /usr/share/packagename
<MTecknology> thanks :)
<MTecknology> c0nv1ct: I decided I really ought to have examples in my package.. so I'm going to work on that tomorrow
<c0nv1ct> good idea :)
<MTecknology> c0nv1ct: ya- especially considering it's nginx :P
<MTecknology> probably a few very well commented configs - and a tutorial on some of the most common issues :)
<MTecknology> the last package I built took an hour to build.. fun
<c0nv1ct> you need more megahertz
<c0nv1ct> or use tmpfs! OOo only takes 30mins to build in tmpfs
<MTecknology> c0nv1ct: I was building php5
<MTecknology> on launchpad
<c0nv1ct> ah, i'm not familiar with how launchpad works, i always build locally
<MTecknology> I'm building so others can use :)
<c0nv1ct> MTecknology, you can build debs locally too, but i guess crosscompiling is a bit more work
<MTecknology> c0nv1ct: but you can't just upload a compiled package to launchpad
<MTecknology> c0nv1ct: This is what I'm working on -> https://launchpad.net/~nginx
<MTecknology> I guess it's /usr/share/doc/APP_NAME/examples/
<c0nv1ct> oh i see, for ppa use
<Eventyret> Morning
<uvirtbot> New bug: #669808 in nagios3 (main) "Nagios3 checks not scheduled after clocks change from DST" [Undecided,New] https://launchpad.net/bugs/669808
<uvirtbot> New bug: #669812 in dhcp3 (main) "package dhcp3-server 3.1.3-2ubuntu3 failed to install/upgrade: vidinis procesas installed post-installation script nutrÅ«ko graÅ¾indamas reikÅ¡mÄ 127" [Undecided,New] https://launchpad.net/bugs/669812
<Eventyret> RoyK:  *waves*
<RoyK> hi
<Eventyret> RoyK: was considering getting webmin or something how is that to use ?
<RoyK> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system.
<RoyK> Eventyret: as I said yesterday, it really isn't too much work to learn the basics, and you'll get far further with learning the command line than trying to use some web gui
<Eventyret> RoyK: well i got the FTP up on my user so im getting there xD
<RoyK> :)
<Eventyret> RoyK: so what you up to today ?
<HackeMate> hello, I have installed a dhcp server in an ubuntu 7, it is very old, so I want upgrade it, my question is: is possible run a liveCD with the dhcpd.conf on the fly?
<qman__> possible but inadvisable, since a power failure or other cause for a reboot would deconfigure your DHCP server, breaking your network
<qman__> I suggest you back up your confiugration file, install 10.04, and set it up
<HackeMate> it will be for a few hours only
<HackeMate> if it will work is ok
<HackeMate> thansk
<HackeMate> so, thanks
<qman__> no problem, setting it up is just the same as an installed server
<qman__> apt-get the packages, drop in the files
<HackeMate> qman__: another quick question, i have a dhcp server in an ubuntu server, but this server does only run the dhcp process
<HackeMate> do i need the server version really?
<progre55> hi guys. I've got a server with several users. What's the best solution to restrict those users' privileges? chroot them to their own home dir? or any better ways?
<qman__> HackeMate, that's a reason to run the server version over the desktop version
<qman__> less overhead, less going on
<qman__> NetworkManager can easily get in the way of anything networking related, DHCP included
<qman__> though, running ubuntu _just_ to do DHCP is quite a waste
<qman__> nearly anything with ethernet can pull that off
<soren> hggdh: If you didn't work it out yet, it's too late, I'm afraid. The trick was to have signed the participant agreement.
<HackeMate> qman__: what you could use to run a dhcp server?
<RoyK> HackeMate: apt-get install dhcp3-server
<HorzA> is there a "howto" how i can install ubuntu server without cd-rom?
<RoyK> HorzA: there are several - you can use PXE, which requires a little work, but should be easy when it's installed, or you can use an usb pen
<RoyK> HorzA: it's pretty well detailed here how to use a USB drive http://www.ubuntu.com/server/get-ubuntu/download
<HorzA> i have made a usb but during installation it keeps asking where the cd-rom is
<RoyK> huh?
<HorzA> trying to install server without cdrom on the computer
<\sh> HorzA: netboot is your friend :)
<serard> Hi
<yann2> netboot quite complex as you need another computer/server for that... usb usually works, that's how I installed my netbook :)
<HorzA> so it isn`t possible to install from usb?
<TeTeT> HorzA: it should be, please check https://help.ubuntu.com/community/Installation
<jmazaredo> how do i create virtual nic just put it in /etc/network/interfaces ?
<jpds> jmazaredo: Like eth0:0 ?
<jmazaredo> yes
<jpds> Yes, and ifup eth0:0, I believe.
<jmazaredo> so just in that file
<pmatulis_> jmazaredo: treat aliases (eth0:0) like eth0, that's all
<jmazaredo> will try now thanks
<RoyK> jmazaredo: eth0:n is an old way of dealing with aliases
<RoyK> add something like "up ip addr add 192.168.0.1/24 dev eth0" at the end of the eth0 section
<corecode> hey
<corecode> anybody use ipmitool with isol?
<corecode> i only get garbled output, as if the bitrate was wrong
<corecode> but no matter which bit rate i pick
<noaXess> hi all
<noaXess> for 3ware raid controllers, there is a command to check status of the 3ware.. didn't remember it.. thanks
<hallyn> kirkland: in case you're wondering what happened with that merge request from yesterday - this time i think the package was perfect, but i messed up creating the bzr tree.  One more try...
<kirkland> hallyn: howdy
<kirkland> hallyn: okay, is the current one "ready"?
<hallyn> kirkland: if you want to just look at the package, then yes, it's in ppa:serge-hallyn/virt (for natty).  but the bzr tree, sadly, no
<hallyn> i'm re-checking-out maverick bzr so i can rm -rf *; cp -a from my other tree, and check that in.  hopefully that'll do the trick
<RoAkSoAx> mathiaz: howdy!! were you the one that was gonna look into openvswitch?
<mathiaz> RoAkSoAx: not that I know of
<RoAkSoAx> mathiaz: do you remember who was gonna do that :)?
<hallyn> kirkland: think that one shoudl do the trick - it'll spend some time pushing though :)
<mathiaz> RoAkSoAx: nope - I wasn't in the session
<RoAkSoAx> mathiaz: oh lol sorry about that :)
<hallyn> oh, huh, that was fast...
<hallyn> kirkland: merge request on its way
<bbhart> hi all, question about 10.10-alternate and booting to a preseed.  This doc (https://help.ubuntu.com/community/InstallCDCustomization) references isolinux/isolinux.cfg but that doesn't seem to exist.
<bbhart> Is the equivalent now boot/grub/grub.cfg?
<bbhart> And would I pass all my "append" params on the 'linux' line now?
<noaXess> what are the 3ware commands in terminal? i though that there are some commands to get state of the 3ware controller
<Hatrix76> I  was used to the IOSTAT command and at some debian installations the iostat utility give ma all information in one line, as in (vmstat 1) ... but now on lucid iostat gives me statistics vertically, it's so hard to read changes if you do a iostat 1 ... is there a way to change the format to be on one line again? I did not find anything in the man pages .... or is this a new iostat?
<consumerism> %sudo ALL=NOPASSWD: ALL
<consumerism> that's at the bottom of my /etc/sudoers, but a user in the sudo group is still prompted for a password when i try to use sudo
<consumerism> how could i troubleshoot this?
<Hatrix76> sudo is a special group, create a group like admins and try again, i had problems on debian with the default sudo group not having the same path etc.
<SpamapS> yeah, there's already a group for that
<SpamapS> consumerism: either create a 'superadmin' group or something, or just change the %admin group's perms
<kirkland> hallyn: okay, merged, and built source package
<kirkland> hallyn: looking good;  one minor comment, the patches we carry should have a description in their header (ideally, a git hash of the upstream commit, if it exists)
<kirkland> hallyn: uploaded
<CharlieSu> Is there a way to do automated Ubuntu installs?  Is it done w/ the alternate CD?  Could someone send me a URL w/ the most recent 10.04 documentation on doing this?  I have similar hardware and want to just pop in a CD that does partioning and package installation
<Hatrix76> CharlieSu you should read the part about the preseed file in the server documentation
<CharlieSu> Hatrix76: thanks
<Hatrix76> np
<laen> I'm trying to use the install "Auto mode" in combination with netcfg/disable_dhcp=true, but it doesn't seem to work.
<laen> Actually, it does work, but Lucid 10.04.1 doesn't understand auto as alias of auto=true priority=critical.. using auto=true priority=critical with the netcfg works fine.
<uvirtbot> New bug: #663343 in cheetah (main) "Please merge cheetah 2.4.2.1-1 (main) from Debian unstable (main)" [Undecided,Fix released] https://launchpad.net/bugs/663343
<laen> Is it a known thing, that simply "auto" doesn't work with the 10.04.1?
<Hatrix76> laen, i only use auto=true priority=critical
<laen> Hatrix76: Yeah, that works.. but apparently just auto, should be the same. Not working.
<Hatrix76> afair i got my fair share of this bugs so i just stick to what's working, if you do moderate installations it's fine to type, if you do it more often, PXE with bootp and you have not to type anything anymore ...
<laen> True, but not gonna happen here (not my descision).
<Hatrix76> yeah, I hear you ...
<geoffmcc_> I have a user uploading a file right now using WinSCP. If i run w user does not show up - only way i can see is if i check ps -ef... shouldnt w show as logged in?
<dubphil> Hi everybody, where are the init scripts of squid ? they are no longuer in /etc/init.d/
<bluethundr> I need to remove and reinstall ldap-server in Ubuntu Server 10.04 but aptitude remove/purge doesnt' seem to do the trick: http://pastebin.ca/1979676
<pmatulis> geoffmcc_: i believe you need a vt session for the user in order for w to pick up the user login
<pmatulis> geoffmcc_: vt = virtual terminal
<dubphil> anyone using logcheck here ?
<geoffmcc_> pmatulis: thank u. I also notice that the user shows up as 104 instead of name in ps -ef, the user has one more letter than mine that must be doing it - any way to change that?
<ttx> JamesPage: about the work items on your blueprints... They need to follow conventions at https://wiki.ubuntu.com/WorkItemsHowto
<ttx> JamesPage: so you need a colon before status... and if it's not assigned to a specific LP account, just leave out the [..] part
<pmatulis> geoffmcc_: user shows up where?  maybe provide a screenshot
<JamesPage> ttx: ok will update
<geoffmcc_> if i ps -ef it shows all processes running. they all show names execpt one, the user i refered to. He shows as 104
<geoffmcc_> sorry 1004
<geoffmcc_> his username is 9 char long - the ones showing as names are 8 or less
<pmatulis> geoffmcc_: i guess ps will not truncate a name longer than 8 characters.  it uses the id instead in that case
<pmatulis> geoffmcc_: you can do a few tests to prove that
<geoffmcc_> pmatulis: your right, i shoulda thought about it more- will read man on ps to see if option to show the name
<fly9> can anyone give me some tips on a socat problem?
<fly9> trying to read data from a remote serial port and push it out of a virtual tty
<fly9> so from the client i'm typing: socat pty,link=/dev/virtualttyS0,raw exec:'ssh -l root serverip "socat - /dev/ttyS0,raw,echo=0"'
<fly9> and I get: 2010/11/02 07:47:50 socat[9015] E tcgetattr(3, 0x7fffdad321d0): Inappropriate ioctl for device
<fly9> i think i'd be better off using UDP since I just want to read whatever comes across
<fly9> but I can't find any examples online
<uvirtbot> New bug: #670032 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.41-3ubuntu12.3 failed to install/upgrade: subprocess new pre-removal script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/670032
<freeday> i would like to run my script (script.sql) for MySQL on my USB, but I dont know its location/directory
<SpamapS> freeday: is this on a desktop system?
<freeday> SpamapS: im running ubuntu server on VMware
<freeday> already install MySQL and it is already running
<freeday> I want to run my script in my USB...but im not able to do something like (source drive:/script.sql)
<slestak> anyone have any wise words for installing python-ldap on ubuntu-server?
<slestak> been at this all morning.
<pkstef> hey can anyone help with creating a seedbox using ubuntu server?
<slestak> nm.  i see what i was doing wrong.
<pkstef> hey can anyone help with creating a seedbox using ubuntu server?
<zul> SpamapS: which one is the bug you were talking about/
<SpamapS> zul: bug 660227 was the one that has already been verified in proposed
<uvirtbot> Launchpad bug 660227 in php5 "php5-pgsql crash on getting an error back from postgres" [High,Fix released] https://launchpad.net/bugs/660227
<zul> SpamapS: i was thinking the one thats in the sponsorship queue
<SpamapS> oh libdbi-drivers..
<SpamapS> zul: bug 660990
<uvirtbot> Launchpad bug 660990 in libdbi-drivers "undefined symbol: _dbd_parse_datetime" [Medium,Confirmed] https://launchpad.net/bugs/660990
<zul> SpamapS: thanks
<RichardRaseley> Hello all. I am running Ubuntu 9.04 as a VM under Hyper-V. It functions solely as an FTP server and has been working great for quite some time now. Recently we had a host that went down and the machine automatically migrated to another host (as others did without issues), but then I started receiving complaints from users that they weren't able to connect to the machine. I have tried to troubleshoot the issue (removing the interfac
<RichardRaseley> Could someone possibly assist me in troubleshooting this issue? My Ubuntu experience is limited, so I am not sure where to look next.
<RichardRaseley> If anyone feels up for helping me troubleshoot the issue, please send me a PM as I have to step away for a moment. Thank you in advance.
<Steve[cug]> afternnon everyone.....I seem to be having an issue and woudl like to request some help.  I just performed an apt-get dist-upgrade on a server to upgrade the kernel so that I can reboot it.  The server crashed midway through the upgrade and I was forced to perform a hard-reboot.  after the reboot I was unable to boot the server (it looked like the kernel would start up but nothing else).
<Steve[cug]> as a result I booted from the CD and ran in recovery mode to finish installation of the packages in question.  After that the kernel looked like it was successfully upgraded to current and all of the other packages as well, however once i reboot I have the same issue as before.
<Steve[cug]> here is a pastebin of the packages that I upgraded: http://pastebin.com/Ya9BVW5r
<Steve[cug]> I am unfortunately at a complete loss
<cradek> try update-grub?
<Steve[cug]> cradek: ive tried :(
<cradek> did you try to dpkg-reconfigure relevant packages?
<cradek> (I'm just guessing things I'd try...  if I didn't get it pretty quick I'd probably just restore backup.)
<Steve[cug]> yeah i did
<Steve[cug]> some of the stuff didnt like that udev wasnt loaded as part of the cd's kernel, but all in all everything seemed to go ok
<Steve[cug]> when it boots, I get the usual writethrough caching errors (normal) but it just dies after that point
<cradek> sorry, I have nothing
<Steve[cug]> yeah no worries
<Steve[cug]> im in a situation that if I wanna prove its the hardware,I need to install RHEL anyway
<Steve[cug]> thankfully my data is on a seperate partition
<andres_> whitch channel is for php
<b0ot> Anyone here know how to use socat?
<guntbert> andres_: ##php
<andres_> guntbert: gracias
<andres_> guntbert: thank
<guntbert> andres_: if I remember correctly you must be registerd/identified to talk there
<guntbert> andres_: no problem :)
<andres_> what do yo mean?
<guntbert> !register | andres_
<ubottu> andres_: Information about registering your nickname: https://help.ubuntu.com/community/InternetRelayChat/Registration - Type Â« /nick <nickname> Â» to select your nickname. Registration help available by typing /join #freenode
<andres_> ubottu: i get
<mathiaz> kirkland: hallyn: you may wanna add more information/set the status on bug 667076
<uvirtbot> Launchpad bug 667076 in libvirt "Ubuntu's libvirt is compiled with VirtualBox driver disabled by default" [Wishlist,Confirmed] https://launchpad.net/bugs/667076
<kirkland> mathiaz: you got it pretty much right ...
<kirkland> mathiaz: i guest "won't-fix" is probably appropriate
 * mathiaz nods
<hggdh> soren: there? Q for you when available
<soren> hggdh: Shoot.
<qkumbers> hello all, I'm following the guide at https://help.ubuntu.com/10.04/serverguide/C/openldap-server.html to install and secure openldap on ubuntu server. I'm able to enable and connect to the openldap via LDAPS, but I cannot get Ubuntu to authenticate over the secure connection. any help would be appreciated
<_Neytiri_> is there a active directory liek server on ubuntu?
<remix_tj> _Neytiri_: for the moment no, you can only emulate the old NT Domain Controller
<remix_tj> with samba
<remix_tj> in future samba will replace also active directory
<_Neytiri_> i ant lookign to connecto windoes machines i am lookign for it to use on a pure linux netowrk
<remix_tj> _Neytiri_: you can take a look to mit-kerberos
<_Neytiri_> does that have the same functionality as active direcotry?
<bluethundr> what's the best way to install db4 (berkeley DB) on Ubuntu Hardy? http://pastebin.ca/1980130
<bluethundr> this resulted after installing  aptitude install -y db4.4-util
#ubuntu-server 2010-11-03
<cole> anyone have a 10.10 box (physical) that would be willing to test a script for me on?
<jdimatteo1> good evening
<jdimatteo1> how can I configure nsswitch.conf to not timeout with the error "YPBINDPROC_DOMAIN: Domain not bound" before logging in as a local user on a client configured with NIS with no connection to the NIS server?  I'm trying to make logging in to a local user work without long timeouts when the connection is lost to the NIS server
<jdimatteo1> the problem seems to be with the group line of nsswitch, group:   files nis
<twb> jdimatteo1: not using NIS would be the most obvious way
<twb> Listing files before nis SHOULD suffice to allow local users to log in prior to issuing nis requests.  pastebin your whole nsswitch.conf.
<jdimatteo1> twb: thanks, but I want NIS to normally work.  I am trying to better handle the unusual case where the network connection is not working and someone needs to login as a local user (e.g. root needs to login to update the networking configuration).
<jdimatteo1> twb: one sec regarding pastebin
<twb> There are also a bunch of options you can put in [square brackets] in nsswitch.conf; I think they're documented in the libc or coreutils info pages...
<jdimatteo1> http://pastebin.com/SAqs2uGq
<jdimatteo1> twb: your help is greatly appreciated... this problem just drive me nuts
<jdimatteo1> I'm reviewing man libc now
<twb> jdimatteo1: ah, start with man nsswitch.conf
<twb> Also, are you broadcasting for the YP server, or are you hard-coding its IP?
<jdimatteo1> twb: I already read man nsswitch.conf.  from what I understand, [SUCCESS=return] should be the default anyway, and the other statuses (notfound, unavail, tryagain) don't seem any better
<jdimatteo1> twb: I'm sorry, can you please explain what you mean by broadcasting?  I have the YP server hostnames set in /etc/yp.conf, and the ypserver IP addresses defined in /etc/hosts.  Maybe broadcasting is setup as well, but I'm not sure (I didn't originally configure this NIS configuration)...
<jdimatteo1> twb: does that sufficiently answer your question about broadcasting?
<twb> Hmm?
<twb> I mean do you have "server 1.2.3.4" in /etc/yp.conf (IIRC)
<jdimatteo1> yes, I do.  (specifically, I have http://pastebin.com/hi05CCRp)
<twb> If you don't, IIRC it basically causes it to "ask around" (i.e. broadcast) to find a yp server, which probably takes a while
<twb> You can also try turning off / removing nscd
<twb> Also, if Network Manager is installed, get the fuck rid of it.  It causes more network problems than anything else short of a backhoe
<jdimatteo1> twd: I'm not familiar with nscd, and I don't think it is installed on my system (e.g. "whereis nscd" shows no path)
<jdimatteo1> twb: I think Network Manager is installed... I agree with you that it is annoying on a server, so I'm uninstalling it now to simplify things
<twb> In 8.04, if you had NIS and NM installed the damn thing would take twenty minutes to netboot
<twb> Er, to boot at all.
<rdw200169> jdimatteo1: i agree, manual is much easier.  seems pointless to have any kind of NM on a server ;)
<twb> rdw200169: NM is pointless everywhere
<rdw200169> twb: double-agree
<twb> double-plus-un-good!
<jdimatteo1> :) something we all agree on, thats nice
<rdw200169> i never thought it was that hard to understand /etc/networking/interfaces... but then again, i'm not normal i guess
<twb> Normal users don't DESERVE computers
 * twb is a sysadmin
<Nafallo> you guys still use interfaces?
 * Nafallo uses vtysh for that ;-)
<twb> Nafallo: that's not in Debian.
<jdimatteo1> twb: OMG, that fixed the issue :) now let me update my nsswitch to actually work for shadow too and see if it is completely solved
<twb> jdimatteo1: fucking typical :-/
<Nafallo> twb: quagga
<twb> Oh, yeah, there it is in apt-file
<twb> I haven't switched to IPv6 yet, so I haven't bothered.
<Nafallo> neither have I
<twb> I mean, it's not like I have an AS...
<Nafallo> when I do add IPv6 I'll do dual-stacking though
<Nafallo> I do :-P
<twb> I did think about it, but I decided it wasn't worth the hassle just to improve multi-path routing to my office
<jdimatteo1> twb: I really hardly believe that fixed it... but it really did...  seems unbelievable...
<twb> I mean, most outages are caused by telstra not fixing their copper, which will fuck BOTH my ISPs.
<twb> And of course we were talking about NIS clients, which tends to imply leaf nodes on the network, i.e. BGP is not relevant.  YMMV, etc.
<_Neytiri_> can i get some help with ldap i am getting this error
<_Neytiri_> root@Pandora-Eywa-DC1:~# ldapadd -x -W -D "cn=admin,dc=xray-hope,dc=local" -f ~/people_group.ldif
<_Neytiri_> Enter LDAP Password:
<_Neytiri_> ldap_bind: Invalid credentials (49)
<_Neytiri_> root@Pandora-Eywa-DC1:~#
<_Neytiri_> it never asked me to set a password when i set it up
<jdimatteo1> twb: fyi, I must have been confused earlier because it turns out network-manager had nothing todo with the issue.  I really couldn't believe network-manager caused my NIS issue, so I reverted to saved snapshot of the system, updated the nsswitch file, and the yp timeout errors are no longer occurring... I guess it is getting too late for me, since I'm not sure why it is working now, but I just wanted to point out ne
<jdimatteo1> goodnight all.  my problem is fixed and I have no idea why.  good enough for me
<twb> jdimatteo1_afk: still there?
<twb> jdimatteo1_afk: what VM technology are you using (e.g. KVM)?  Are you bridging the VMs to the main network, and are you using proxy arp?  IME VMs often have trouble with even simple things, like getting UDP to work reliably.
<_Neytiri_> anyone here can tell mow how to get ldap working on ubuntu 10.4
<c0nv1ct> _Neytiri_, set the password in slapd.conf
<_Neytiri_> where do i find that file?
<twb> _Neytiri_: client or server side?
<_Neytiri_> serverside
<c0nv1ct> _Neytiri_, /etc/ldap
<_Neytiri_> slapd.cond doesent exist
<c0nv1ct> you should know where to find that file since you need to edit it to setup your ldap server
<_Neytiri_> .conf*
<_Neytiri_> the only .conf file is a ldap.conf
<c0nv1ct> look in there then, you should see lines for rootdn and rootpw
<twb> _Neytiri_: is slapd installed?
<_Neytiri_> twb, it should be i am following this tutorial http://www.debuntu.org/ldap-server-and-linux-ldap-clients
<c0nv1ct> _Neytiri_, but you just said it never asked to setup a password
<_Neytiri_> slapd is already the newest version.
<_Neytiri_> it didnt
<c0nv1ct> _Neytiri_, look at the 3rd step in the guide you just posted
<_Neytiri_> did that it only asked 3 things
<_Neytiri_> omit ldap config, pure db and allow ldapv2
<c0nv1ct> if you didnt omit the ldap config, you should of been asked those other questions
<c0nv1ct> should have*
<_Neytiri_> i dinty omit it and it never asked me
<_Neytiri_> didnt*
<c0nv1ct> _Neytiri_, have you tried the guide for ldap in the ubuntu server guide?
<c0nv1ct> the one i'm looking at looks nothing like that guide you posted
<_Neytiri_> where do i find that?
<c0nv1ct> doc.ubuntu.com
<c0nv1ct> or help.ubuntu.com actually
<_Neytiri_> i did a remove on everyting i installed from that tutorial and am working off of https://help.ubuntu.com/10.04/serverguide/C/openldap-server.html
<_Neytiri_> where would i set the actual domin name?
<twb> _Neytiri_: you mean the LDAP DN?
<_Neytiri_> ya
<twb> It's just the (root)binddn and rootbindpw in the LDAP client
<twb> And the objects themselves in the LDAP server
<overrider> Usually when i log into my Ubuntu 10.04 Server, at least every other day there is something for me to upgrade using apt-get upgrade. Since about 9 days, it always reports 0 packages can be updated.
<overrider> This is on two different 10.04 Servers the same, can it be or is there something wrong?
<twb> 10.04 has been released.
<twb> That means the only updates for it are security updates
<twb> It's actually bad that you were getting updates every other day -- it meant there were lots of vulnerabilities in the original 10.04 release
<overrider> twb: so you mean i also will not receive updates to already installed packages should there be any?
<twb> There are two kinds of updates
<twb> SECURITY updates fix bugs.
<twb> FEATURE updates introduce bugs.
<twb> Released versions of Ubuntu only get the former.
<overrider> What i am saying is, say Dovecot will release a new version of itself. Will that show up when i run apt-get upgrade?
<twb> It will not.
<overrider> Hmmmm
<overrider> What if the update fixes a security hole?
<twb> Then the security team will (usually) backport that security patch to the earlier version.
<twb> There are exceptions to this, such as Mozilla products.
<overrider> Sorry to be numb, somehow i feel nervous that nothing was there to update since days...
<twb> overrider: but change is bad!
<overrider> its 10.04 server lts, and runs apache, dovecot and postfix and the likes.
<fij0> anybody has used kernel direct boot ?
<overrider> twb: yeah sure, just wanted to make sure i still receive the security updates;
<twb> fij0: never heard of it.
<fij0> im trying but the VM donsent boot
<fij0> twb, http://www.mail-archive.com/libvir-list@redhat.com/msg15128.html
<twb> overrider: unfortunately I don't know a way to be confident about that; you could certainly check that -security is still listed in your sources.list, and that "apt-get update" works.
<fij0> twb, you pass to the VM the kernel of the host .........basicaly
<fij0> sorry mi inglish is realy poor
<fij0> english
<twb> I don't see how that could ever work
<fij0> twb, libvirt support that - http://libvirt.org/formatdomain.html
<fij0> twb, it is realy healfull with lvm , so you cant exec the VM in an lv in the host
<fij0> like xen
<twb> Surely it assumes that either you're running a module-less kernel, or that neither host nor guest EVER changes kernel
<twb> Oh, I see what they're saying.
<twb> They just mean the equivalent of qemu -kernel and -initrd -- as opposed to having a bootloader inside the virtual disk.
<fij0> twb, yes
<fij0> twb, work, im sure, but i cant doit :S
<twb> I have done that before with qemu, a lot.  I haven't ever done it with libvirt
<twb> All you do is copy the kernel and ramdisk out of the guest's /boot
<twb> You probably shouldn't put the guest's kernel and ramdisk in the host's /boot, though
<twb> In what way is it not working?
<fij0> twb, when is booting , crash and say
<fij0> boot args (cat /proc/cmdline)
<fij0> check rootdelay= (did the system wait long enought?)
<twb> OK, so it can't find the root filesystem.
<fij0> twb, yes
<twb> Please pastebin your libvirt config file (the XML file), and the full boot transcript.
<fij0> twb, the xml - http://pastebin.com.ar/6320
<twb> I don't think the &quot; should be there
<fij0> twb, the /var/log/libvirt/qemu/base.log - http://pastebin.com.ar/6321
<fij0> twb, what quote ?
<twb> Oops, ignore that, it should be there.
<twb> No, I change my mind again, it shouldn't :-)
<twb> Inside <cmdline />, you have a " on each end.  Try removing it
<twb> You can see those quotes aren't present in the CMDLINE example at http://libvirt.org/formatdomain.html#elementsOSKernel
<fij0> twb, yes, i dont know why put that :S , anyway , i remove and happend the same thin
<twb> OK, try specifying the root filesystem by device name instead of UUID
<twb> Also, in the fallback initrd you get, try catting /proc/partitions
<twb> And also in there, look at /dev/disk/by-*/
<fij0> sorry but i dont understand
<twb> After it talks about rootdelay, it should give you a busybox shell
<fij0> twb, yes
<twb> OK, in there, run "cat /proc/partitions"
<fij0> 252 0 4194304 vda
<twb> OK, so try root=/dev/vda instead of root=UUID=...
<fij0> something like this ?     <cmdline>root=/dev/vda ro</cmdline>
<fij0> twb, it work !!! thanks a lot !
<DanInOz> hey sorry for the noob question, i jsut did a fresh install of 10.10 server and i accidently mistyped the proxy server on the installation. How do I reenter the corrent info?
<twb> OK.  Either you got the UUID wrong, or you can't rely on udev UUID/NAME labelling.
<twb> fij0: because it's a VM, it should be pretty safe to just use root=/dev/vda forevery
<twb> *forever
<twb> DanInOz: when it fails, hit "back" or "reconfigure" or whatever the option is
<DanInOz> i've already completed the install
<twb> DanInOz: oh, then go to /etc/apt/apt.conf
<DanInOz> yeap, changed that. still uses old setting for some reason
<twb> That shouldn't happen.
<DanInOz> i'll just
<twb> what is the value of $http_proxy?
<DanInOz> double check it quick but
<DanInOz> i dunno how to change that ><
<twb> DanInOz: you don't know how to change what?
<DanInOz> like i said, i a a noob haha
<DanInOz> system variables
<twb> I don't know what you mean by "system variables"
<DanInOz> sorry i been reading articles off google trying to fix it I could completely have my wires crossed
<DanInOz> ok i checked apt.conf and it has defiantly saved the change i made
<DanInOz> apt still is trying to use the first value though
<twb> Then check the environment variable $http_proxy.
<DanInOz> how do i do that?
<twb> echo $http_proxy
<DanInOz> it just comes up blank
<twb> Then I don't know where you're getting the "wrong" proxy value from.
<twb> Hm, I suppose you should also check /etc/apt/apt.conf.d/*, but I'm not aware of the installer touching that.
<DanInOz> ok i will look
<twb> Also, I'm assuming you're using either "sudo apt-get" or "sudo aptitude"; if you're using something like synaptic, I can't help you.
<twb> If all else fails, you can try grepping recursively over /etc for the bad proxy string.
<DanInOz> ok thank you :) i'll try those things
<DanInOz> thanks for your patiance!
 * pennyless is away: Gone away for now
<eagles0513875> hey guys i have a quick question for anyone. does it matter waht order i configure dovecot + postfix?
<twb> I shouldn't think so, but I haven't done it.
<eagles0513875> ok :-/
<eagles0513875> prior install i was able to get all incoming email then  no outgoing then at a point i couldnt get incoming emails either
<twb> That was weird.  I just noticed that all my alternatives-managed files in /usr/bin weren't symlinks.
<eagles0513875> O_o
<eagles0513875> im apprehensive to follow the setup guides for dovecot and postfix again
<eagles0513875> to end up with the same result as before :(
<twb> eagles0513875: so go through your /etc history to find out what changed?
<eagles0513875> already purged and reinstalled just havent configured yet
<eagles0513875> atm not sure what would be worse having postfix not working right or having to deal with a microsoft exchange server
<eagles0513875> hey twb
<eagles0513875> im wondering if the issues i was having could be dovecot related
<eagles0513875> dovecot in lucid is old stable version 1.1.2
<eagles0513875> lates is 2.0.6
<uvirtbot> New bug: #670250 in dovecot (main) "upgrade to latest stable version 2.0.6" [Undecided,New] https://launchpad.net/bugs/670250
<eagles0513875> hehe ^^ i reported that
<eagles0513875> any email experts in here this morning?
<_ruben> try asking more specific questions instead
<twb> _ruben: I'm ignoring him, FWIW
<eagles0513875> _ruben: my question is doesnt it matter what order i confgure postfix or dovecot
<_ruben> it doesnt, you should "glue 'em together" yourself anyway
<eagles0513875> ok
<eagles0513875> interesting
<eagles0513875> thanks
<lifeless> .win 67
<eagles0513875> ?
<kaushal> hi
<kaushal> I have been facing issue about collectd MySQL Plugin for configuring Multiple DB,It defaults to root user inspite of other user being hard coded in the config,Please advice
<kaushal> I am using collectd 4.10.1
<noaXess> good morning
<noaXess> have a 8.10 installation.. and saw now, that there are no updates..
<noaXess> can't make updates now, cause on http://ch.archive.ubuntu.com/ubuntu/dists/ there is no intrepid ... grrr
<twb> Isn't 8.10 EOLd by now?
<twb> noaXess: you should probably upgrade to a release that's still supported, see https://help.ubuntu.com/community/UpgradeNotes
<eagles0513875> i think it is twb
<noaXess> twb: EOL i think yes.. but don't i need first update to the latest packages on 8.10?
<kaushal> noaXess: https://wiki.ubuntu.com/Releases
<twb> noaXess: I don't know; read the notes I linked to
<noaXess> ok
<kaushal> Can some one please help me about my query ?
<twb> Sorry, MySQL is boring
<kaushal> i see
<kaushal> what makes you say so
<twb> Because it's not very good at being a real database (cf. postgres), and it's not very good at being an easy-to-use, lightweight toy database (cf. sqlite).
<twb> Which is the position of every DBA I've ever met; the only people that like it are PHP users, which is kind of an anti-recommendation.
<owh> kaushal: What do you mean when you say hard-coded in the config?
<kaushal> owh: shall i pastebin the collectd.conf ?
<owh> No.
<kaushal> when i run the mysql command i am able to connect
<owh> So, what is the actual problem?
<kaushal> whereas when i use collectd, it maps to root@localhost by default
<kaushal> inspite of setting user other than root user
<kaushal> I could see in the collectd debug log
<twb> IIRC mysql has some broken thing where referring to either "localhost" or "127.0.0.1" actually makes it use a socket instead of a port
<owh> Not having ever used collectd, I suspect you might have a syntax error in your config. Can you increase the vebosity? Did you reload/restart collectd after updating the config?
<owh> twb: You appear to be referring to a network/non-network connection parameter which changed default behaviour for security purposes in v4 of MySQL.I don't think it's relevant.
<twb> OK, that was just a shot in the dark
<twb> The last couple of times someone was in here, that turned out to be the problem
<owh> The problem being described appears to be an authentication issue.
<owh> twb: If you make a shot in the dark, that's fine, but it would be smart to let your audience know that it's a shot in the dark. There's nothing wrong with firing off ideas, but you need to provide some context since not everyone knows everyone in this place.
<twb> sorry
<owh> BRB
<kaushal> I have increased the verbosity
<kaushal> to debug
<kaushal> it still not worked
<kaushal> [2010-11-03 01:17:26] mysql_real_connect failed: Access denied for user 'root'@'localhost' (using password: NO)
<kaushal> [2010-11-03 01:17:26] read-function of plugin `mysql' failed. Will suspend it for 10 seconds.
<kaushal> i get that error
<twb> kaushal: that's from collectd's log?
<kaushal> yes
<kaushal> http://pastebin.ubuntu.com/524931/
<twb> kaushal: that doesn't look like root@localhost
<owh> kaushal: Is that the complete configuration file for collectd?
<kaushal> owh: nope
<owh> Does mysql have a nagios user?
<kaushal> yes
<kaushal> Let me pastebin it again
<owh> Did you reload privileges?
<kaushal> http://pastebin.ubuntu.com/524934/
<kaushal> that will explain the details
<owh> It is possible/probable that you have a syntax error in your config, or that collectd doesn't use the credentials the way you expect.
<kaushal> Do you want me to pastebin the collectd.conf ?
<owh> Is there an /etc/default/collectd file which perhaps overrides stuff?
<kaushal> I have compiled collectd from source
<kaushal> I am using collectd 4.10.1
<owh> Well, at that point you lost all support really. Is there not a ubuntu packaged version?
<kaushal> ok
<kaushal> but it does not support multiple instances
<kaushal> I am using 8.04
<owh> The reason I say that is because when you use a ubuntu package, things are stored in certain places and people like me expect things to be in those places.
<kaushal> ok
<owh> Is multiple instances support a compile option?
<kaushal> nope
<owh> So, you hacked it?
<kaushal> http://collectd.org/wiki/index.php/Plugin:MySQL
<owh> Let me get this straight. You're just trying to collect stats from mysql?
<owh> Does it work for one database?
<kaushal> yes
<owh> Why are you then showing a different socket?
<kaushal> It has been configured like that
<owh> A different socket for a different database?
<kaushal> yes
<owh> What happens if you create two plugin sections, rather than two database sections in the same plugin section?
<kaushal> ok
<kaushal> owh: Let me try it out
<kaushal> Thanks for the hint
<kaushal> will update you now
<kaushal> still the same
<owh> So, why are you doing this with two different sockets again?
<kaushal> Its multiple MySQL Instances
<owh> I think you're going to have to ask the collectd developers about this one.
<kaushal> ok
<kaushal> owh: i can pastebin the collectd.conf
<owh> As I said before, I'm not a user of collectd. I'm asking silly questions to get you to say :"Doh, aha!"
<jmazaredo> i will be installing bacula but it ask me to use dbconfig-common will this erase my other databases?
<kaushal> owh: Thanks for the support
<kaushal> np
<owh> kaushal: Not that we got to an answer, but sometimes that happens :)
<kaushal> yes an attempt is crucial in life
<kaushal> isnt it
<kaushal> Thats much appreciated
<owh> Yup
<kaushal> owh: the irony is that no one responds on #collectd
<kaushal> I have been following it rigorously
<kaushal> for quite some time
<owh> I'd see if there is a mailing list and send an email there.
<kaushal> I have tested it with the older version too and then i used the latest under the impression that it would be working fine
<kaushal> but it did not worked either
<Callum__> ugh, postfix doesn't want to work with clamav-milter at all
<Callum__> give it the right name for the socket = still says socket file doesn't exist, even though it does and clamav-milter is running
<Callum__> postfix/smtpd[8781]: warning: connect to Milter service unix:/var/run/clamav/clamav-milter.ctl: No such file or directory
<Callum__> definitely does exist, and is a valid socket
<twb> Grumble
<twb> I get annoyed every time I see clamav on a server, using up all the free CPU and memory
<twb> I think "if they didn't have Windows desktops, I could get rid of this stupid scanner"
<uvirtbot> New bug: #670289 in rabbitmq-server (main) "Laptop won't shut down with rabbitmq running" [Undecided,New] https://launchpad.net/bugs/670289
<Callum__> twb: our business itself doesn't have any Windows machines, but all of our staff do at home so yeah its required
<twb> Stupid staff
<twb> I jump on their heads!
<Callum__> it frustrates me how little about computers they know >_>
<Callum__> but we don't pay them haha we're a non-profit organisation of course
<twb> They should need a license to use them
<twb> like automobiles and forklifts and handgus
<twb> *handguns
<Callum__> heh
<evelyette> hey: I'm having problems with: https://help.ubuntu.com/10.04/serverguide/C/kerberos-ldap.html does anyone care to help ?
<twb> evelyette: you need to describe the problem first.
<dubphil> Hello
<evelyette> twb, hi
<evelyette> well the problem is with step 5: the command I try to issue says: ldap_bind: Invalid credentials (49)
<evelyette> it's  because I don't have cn=admin,cn=config
<twb> Are you on 10.04?
<evelyette> 10.10
<evelyette> twb, ^
<twb> Then why aren't you reading the 10.10 server guide?
<evelyette> does it exist?
<evelyette> well it should be the same ...
<twb> TIAS
<evelyette> yes it's the same
<evelyette> so, do you have any idea why that happens
<evelyette> because I've read this: http://www.openldap.org/doc/admin24/slapdconf2.html and there's no mentioning of "cn=admin,cn=config"
<evelyette> so why should that even be there?
<twb> IIRC cn=admin,cn=config is where Ubuntu moved the database config from slapd.conf into the database itself
<twb> I've only dealt with slapd on 8.04, so I don't know much about it
<evelyette> no it's the cn=config ...
<evelyette> not the cn=admin,cn=config
<evelyette> http://www.openldap.org/doc/admin24/config_dit.png
<evelyette> there's cn=module,cn=config and cn=schema,cn=config. ...
<evelyette> but no cn=admin,cn=config
<twb> Dunno, man
<rdw200169> i hated it when they moved to cn=config
<twb> I hated pretty much every change from 8.04 to 10.04
<twb> If joeyh's cuts get off the ground, I will just switch to it and tell the customers I'm running the "reliable" version of ubuntu
<twb> The only reason I adopted ubuntu was because of the "when it's NOT ready" release schedule
<ScottK> twb: Take a look at what's in Debian and not of the security hardening features in Ubuntu first.
<ScottK> w.u.c/Security/Features IIRC
<twb> Yeah, you have a point there
<twb> Poor kees, he tries so hard to get traction there
<twb> I just get so angry when simple stuff like booting from NFS doesn't work in an LTS release because of cyclic dependencies in the upstart jobs
<kinygos> hi...what is a good program to pipe log files to on my ubuntu server?  primarily i'd like to feed it logs from apache2 and postgres8.4, and would like the rolled every 24 hours
<qman__> kinygos, this is done by default, though the rotation is usually longer than 24 hours
<kinygos> bugger...it's always the way, i've literally just found an article on LinuxLogFiles on ubunt.com (sorry about that)
<kinygos> qman__: thanks for that...i'll check what's going on in my server at the moment :)
<twb> kinygos: what you pipe them into really depends on what you're trying to achieve
<twb> e.g. logcheck and denyhosts both work by reading logfiles, but they do different things
<ScottK> twb: It's clear that the boot work in the last LTS was not well considered for the server use case.  That's unfortunate, but I suspect a one off occurrence.  If you have suggestions on how to fix it, I'm sure if it's not too invasive, they'd be open for changes.
<kinygos> twb: very good point...thanks :)
<Cope> hey
<twb> ScottK: I realize that specific case was a one-off, but there seem to be a lot of one-offs for server users
<Cope> trying to debootstrap a lucid image for uploading to ec2 as an ami
<Cope> do I need to install the ec2 kernel?
<Cope> in the chroot?
<twb> About the worst thing Debian did to me was the motd fuckup
<ScottK> twb: I think NFS is sufficiently non-obscure that there would be interest in getting it fixed.  A large problem is that most server people don't test pre-release.
<twb> Nod.
<twb> I tested 8.04 pretty extensively, but IIRC timing of 10.04 didn't tie in with the contracts I was working late 09 / early 10
<twb> (i.e. I wasn't paid to start developing until June, and that was only because we discovered without warning that 8.04 didn't work with the Atom D510's GPU.)
<Cope> any thoughts on the ami / ec2 kernel?
<Hatrix|away> I  was used to the IOSTAT command and at some debian installations the iostat utility give ma all information in one line, as in (vmstat 1) ... but now on lucid iostat gives me statistics vertically, it's so hard to read changes if you do a iostat 1 ... is there a way to change the format to be on one line again? I did not find anything in the man pages .... or is this a new iostat?
<twb> Hatrix|away: I've never seen a one-line iostat in linux.
<Hatrix|away> twb: what is joeyh's cuts?
<twb> Hatrix|away: Joey Hess is talking about making time-based snapshots of Sid, called "cuts"
<Hatrix|away> twb: hmm, and for what reason, is this ubuntu related or debian related?
<twb> ref http://kitenet.net/~joey/code/debian/cut/
<twb> Hatrix|away: I don't understand the question.
<twb> Hatrix|away: did you mean iostat output like this?  http://paste.debian.net/98916/
<Hatrix|away> twb: yes, exactly
<twb> That's OpenBSD.
<twb> on linux, it looks like this: http://paste.debian.net/98917/
<twb> (And that's FC3, so it has been like that for a while.)
<Hatrix|away> well, i have it on a debian machine, and was used to it, but all ubuntu machines i have have the long output
<Hatrix|away> twb: like here: http://inetpro.org/pastebin/10475
<Hatrix|away> this is a debian 5.0.3
<twb> I don't know how you got that.  Try looking at the manpage.
<kinygos> omg....i've just looked in /var/log/auth.log for sshd logins, and it's packed with failed attempts from ip addresses i've not seen!!!  am i being naive??
<Hatrix|away> I did, I am not a linux newbie ... but I did not find out anything
<Hatrix|away> kinygos: haha, yes, for years i put my ssh logins to different ports (like, bigger 32000), that will not stop a determined person, but stops all those script kiddys and bot-net attacks
<qman__> any SSH server listening on the default port will get hit
<qman__> there are many ways to protect yourself
<kinygos> wow...i think changing port is the first thing to do
<qman__> changing ports can be very inconvenient, and isn't the only way
<Hatrix|away> twb: ah, please forgive me, I never check the path of this iostat, it's a selfcompiled one from http://linux.inet.hr .... seems the prior admin loved the iostat onliner from bsd that much :-) haha, and I was searching my ASS off in the man pages
<qman__> limiting firewalls and fail2ban will also negate these attacks
<c0nv1ct> i'm a big fan of port knocking for ssh access
<twb> c0nv1ct: with -m pknock, or do you use some lame-ass userland implementation?
<Hatrix|away> qman__: yes, and that's why I said that I do it this way, of course there are million different ways, i like the port knockers though, but to much trouble for me
<c0nv1ct> twb, lame-ass userland that works fine for me
<twb> Bah.
<twb> If anyone has a working -m hashlimit / -m recent implementation, let me know.
<c0nv1ct> twb, what advantages does -m pknock give?
<qman__> I use a -m recent
<twb> I can get -m recent working, but -m hashlimit just sits on its ass matching every / no packet.
<twb> c0nv1ct: it's in-kernel, so it'll still work when parts of your userland flake out.
<twb> And obviously it means a purely declarative iptables-restore ruleset.
<c0nv1ct> i thought userland knockd just relied on iptables
<twb> The latter is less of an issue if your userland implementation is ipset(8)-based
<twb> c0nv1ct: anything that calls iptables(8) directly is basically wrong and vulnerable to race conditions
<soren> twb: How do you figure that?
<twb> soren: based on the advice of the good folk of #netfilter, i.e. the guys who make iptables
<soren> twb: What would you use instead?
<twb> But also because I've *experienced* race conditions from scripts that weren't iptables-restore(8) based.
<soren> Oh.
<soren> iptables-restore is atomic?
<twb> <customer> Hey I just restarted the server and the network isn't working so good. <me> hm, looks like you have four copies of most rules because all four ports on the NIC triggered the load-firewall script in your post-up.d
<twb> soren: it's atomic at the table level
<twb> i.e. it doesn't load -t nat and -t filter together, but everything in -t filter is an atom
<soren> Cool.
<twb> ufw uses iptables-restore, too, but in a slightly funny way
 * soren never realised
<c0nv1ct> what does shorewall use? i've started playing with it here a few days ago
<twb> soren: part of the problem is that the kernel api for iptables is actually atomic at the table level no matter what you do
<twb> soren: so iptables -A is actually dumping the entire filter table, making a change, then restoring the whole table again
<soren> twb: "clever"
<twb> Which is OK if you're playing around, but a script shouldn't be doing it.
<twb> c0nv1ct: shorewall's latest major release (4.x?) is iptables-restore oriented
<_ruben> switching from iptables to iptables-restore was quite noticeable for us .. firewall reloads went from 1-2minutes to a few seconds tops
<kinygos> naive question: i only have a dedicated server in the data-centre, no firewall that i can play with...would installing a firewall daemon on my server have a significant impact on performance?
<twb> Plus it's a lot sexier
<twb> #!/usr/sbin/iptables-restore -v FTW
<twb> None of this <<EOF crap
<twb> Just have udev give your interfaces logical names.
 * kinygos feels foolish having just read a bit about ufw
<twb> kinygos: Linux implements the (layer 3) firewall in-kernel; it isn't a daemon.
<twb> Anything you see claiming to be "a firewall" (e.g. ufw, shorewall) is actually just a wrapper around the netfilter/iptables stack, intended to make it easier to use.
<kinygos> twb: the last 20 minutes of dialog here have scared me...am i right in thinking that i should at the very least enable ufw on my server? then look at pknock?
<twb> ufw is a reasonable choice if you only need tcpwrappers-level flexibility
 * kinygos is a developer, not a systadmin...but he's on his own
<twb> i.e. deny all, but allow port X to/from hosts Y and Z
<c0nv1ct> i'm having a hell of a time finding info on pknock
<twb> c0nv1ct: it's part of xtables
<c0nv1ct> twb, is it main line or do i need patches?
<twb> Unfortunately it's currently not mainline :-(
<c0nv1ct> i just skimmed through the netfilter section of my kernel config and didnt see it, so i wondered
<twb> AIUI xtables is the module that provides all the bits the netfilter guys think are cool, but haven't put into mainline yet
<twb> it used to be called patch-o-matic IIRC
<c0nv1ct> thx
<kinygos> twb: just to be sure i understood correctly...ufw is enough if i only want to allow the world to connect on ports 80 and 443, but only my machines to connect on 22?
<twb> kinygos: ufw suffices for that
<kinygos> twb: awesome, thank you very much for your time and consideration :)
<twb> It's something like (from memory), "ufw enable; ufw allow http; ufw allow https; ufw allow ssh from 192.168/16"
<kinygos> rofl....i was about to enable ufw over my ssh connection !!!  i only have remote access lol
<kinygos> praise the developer that coded the warning...i could've lost my server completely
<twb> If it has any brains it'll (essentially) be connection-oriented, meaning that most of the time you have to hang up ssh to REALLY shoot yourself in the foot
<c0nv1ct> kinygos, lol, that is one reason i liked `shorewall try`
<kinygos> i actually have to think about this carefully...i don't have direct access to this server...if my local ISP decides to change my ip address (i'm on a home broadband setup), i'll be buggered completely
<kinygos> is it possible to configure my ubuntu-server to boot up with ufw disabled?
<twb> c0nv1ct: iptables-apply ?
<twb> Personally I don't like it because it was written by some ubuntu schmuck, yet it's shipped by upstream with all the upstart references intact...
<twb> Hm, my mistake.  It's restarting fail2ban, not upstart.
<twb> Hm, is it just me, or does it confuse exit(126) and exit(127)?
<kinygos> rephrase my question: is it possible to have my server boot up without a certain rule enabled?
<twb> It's just me.
<twb> kinygos: anything is possible
<twb> AFAIK ufw is designed to be all-of-nothing.  You give it a ruleset (via "ufw allow" and "ufw deny"), then tell it to be on or off.
<kinygos> twb: so i could potentially turn off the rule relating to ssh on reboot in a start-up script
<twb> That would be a little weird
<twb> kinygos: what are you really trying to achieve?
<c0nv1ct> kinygos, can you have the server rebooted without remote access?
<kinygos> twb: i have no control over the ip address i'm assigned locally by my ISP.  if i restrict ssh access to my ip address, i could lose ssh access to my remote server
<kinygos> c0nv1ct: yes, i have a lights-out board
<c0nv1ct> kinygos, because you could just have a reasonable delay before the firewall is enabled
<twb> kinygos: just restrict it to your ISP's /12, and ensure that password-based access is disabled?
<c0nv1ct> that would limit the vulnerability but still leave you an emergency out
<twb> Or you could simply block everything except, say, alioth.debian.org, and then always ssh into your server via alioth
<twb> (Where alioth is some well-known host that isn't actually alioth, because I don't want the alioth admins to come around and break my fingers.)
<kinygos> twb: lol...i was wondering :)
<patdk-wk> why not just use port knocking?
<c0nv1ct> patdk-wk, twb scared us all away from userspace port knocking
<kinygos> c0nv1ct: i like the idea of a delay
<patdk-wk> userspace?
<patdk-wk> dunno, only used it in the kernel
<c0nv1ct> as in knockd
<patdk-wk> na, iptables can do it all by itself
<twb> What I'd *really* like is just to have exponential backoff in the sshd itself
<twb> But the OpenBSD guys won't accept the patch "because it'd make logins slower"
<twb> Well, duh!  That's the point!
<twb> c0nv1ct: xtables has -j TARPIT, too
<jpds> I wish iptables had TARPIT.
<twb> jpds: m-a a-i xtables-addons, iptables -A INPUT -j TARPIT
<kinygos> twb: that is such a blindingly obvious solution
<jpds> twb: Is the patch maintained though?
<twb> I don't remember the precise invocation because I'm not putting cc on my bastion router
<twb> jpds: AFAIK it's the same guys that maintain the rest of netfilter
<patdk-wk> heh port knocking is supported without xtables, all you need is the recent module, and that is on my 8.04 install
<patdk-wk> example: http://www.shorewall.net/PortKnocking.html
<patdk-wk> shows pretty much the raw iptables lines
<twb> That's not a knock sequence
<twb> That's just one knock
<twb> To do a proper sequence of, say, four ports, you'd need four different -m recent --name's
<jpds> twb: http://pastebin.ubuntu.com/525018/
<patdk-wk> heh?
<twb> jpds: er, .35?  Are you running a non-LTS release?
<jpds> Maverick on the laptop. :)
<twb> Humph
<twb> But yeah, I'd talk to #netfilter about that.  I'm just a user
<twb> jpds: FWIW, compiled perfectly against debian's 2.6.32-5-amd64
<jpds> Yeah, I don't have a box I can test it on at the moment.
<Dark-Sun> hi every1
<Dark-Sun> i have a firewall web panel, it uses perl and works with iptables. i was wondering if is it safe to run the perl script as a daemon using init scripts or not? (web server is apache, server ubuntu 10.04 lts)
<twb> Dark-Sun: that really depends on what the code actually does
<Dark-Sun> twb: not a big deal, reads a text file (iptables's parameters), executes iptables based on that once a while.
<twb> Ah, I see you weren't around for the recent iptables discussion
<twb> I'll /msg you a transcript.
<Dark-Sun> twb: no
<dubphil> Dark-Sun : why the hell using perl for this ?
<_ruben> hm, backporting haproxy from maverick to hardy aint gonna be trivial
<Dark-Sun> dubphil: it was an exercise for the collage. guess it's too bad in the real world, isn't it?
<dubphil> Dark-sun the straighter is the safer
<Dark-Sun> twb: what's wrong with iptables?
<Dark-Sun> dubphil: and what do u mean by "straighter"? shell script?
<dubphil> Dark-Sun: yes of course, stacking block is the way to introduce security holes
<RoyK> dubphil: perl is pretty safe, you know, even if you like it or not
<Dark-Sun> dubphil: that's right. but market demand is on GUIs.
<dubphil> RoyK: yes but security depends on the way you code not on the language itself
<ScottK> Right.  It's possible to write php in almost any language if you work at it.
<Dark-Sun> agree. my code isn't safe at all! :( i'm on to secure it.
<Dark-Sun> guys, please, now i may add it to init scripts beside apache ro i should take care of it?
<dubphil> giving apache the ability to start or stop the firewall, great !
<RoyK> dubphil: indeed
<Dark-Sun> dubphil: oh, hell no! apache can't do anything to the script.
<Dark-Sun> script should being run as root.
<dubphil> Dark-Sun: sorry I didnot understand what you ment before then
<Dark-Sun> dubphil: np, i was just talking about execution at the startup before any user does login.
<ivoks> ttx: how's your new position? :)
<Dark-Sun> if i add it to rc.local it would be like that, right?
<ttx> ivoks: so far, not very different :)
<ivoks> :)
<dubphil> Dark-Sun: you can tweak this by giving a priority
<Dark-Sun> dubphil: humm.. and how may i do it?
<dubphil> man update-rc.d
<Dark-Sun> dubphil: that's what i call a real nice answer. thanks dude ;)
<dubphil> look at the NN or SS and KK
<dubphil> anyone using logcheck here ?
<twb> dubphil: I am.
<twb> What's your real question?
<dubphil> twb: I have put this in my ignore.d.server/local file : ^\w{3} [ :0-9]{11} hostname fetchmail\[[0-9]+\]: Query status=3 (AUTHFAIL) and it is always in my logs reported by logcheck, any idea why it is not taking in account ?
<twb> dubphil: did you follow the logcheck documentation for creating new entries?
<twb> dubphil: In particular, using egrep to test it, and the difference between normal and security local overrides?
<\sh> hmmm..does someone run couchdb behind an apache reverse proxy ? I see some very strange things happening with futon but no error in logfiles...
<dubphil> twb: perhaps not so, but because I had some other regex that where working I didnot understand why this one wouldn't
<dubphil> so I will check the doc
<twb> dubphil: I suspect because it has AUTH in it, you need to whitelist it in the security area
<twb> Er, s/security/violations/
<dubphil> twb: ok I did it in ignore.d.paranoid without much success, ok I test it in violations.ignore.d
<twb> The other way, of course, is to actually fix the software so it doesn't generate that error
<hackeron> hey, I have a /var/crash/linux-image-2.6.32-24-generic.0.crash - how do I get a traceback out of this file?
<dubphil> twb: I use fetchmail to retrieve all my emails from the junk isps so their mailserver are not so reliable
<twb> Dammit.  I just stepped through pbuilder --create --distribution, only to realize I forgot --architecture i386.
<dubphil> twb: arf how long it takes ?
<twb> maybe twenty minutes
<hackeron> anyone? I have a /var/crash/linux-image-2.6.32-24-generic.0.crash - how do I get a traceback out of this file?
<dubphil> hackeron: how did you get this file ?
<hackeron> dubphil: apt-get install linux-crashdump and wait for it to crash (which I assume is caused by the dvr card)
<jdstrand> twb: fyi, ufw upstream does not install an upstart job, or a sysv initscript for that matter. it states in the README that if installing from source you have to figure out how to integrate it into your system. it does ship an example upstart job and initscript
<twb> jdstrand: re upstart & upstart, I was talking about iptables-apply
<jdstrand> ah
<twb> But it actually restarts fail2ban, via init.d
<jdstrand> missed the context from backscroll
<twb> jpds: GODDAMMIT, you're right, xtables-addons doesn't build for me on lucid.  Stupid ubuntu
<jpds> twb: Built for me on a virtual machine.
<rdw200169> who needs ufw anyway? this is -server we're doing here, not some easy-fied user stuff, why not just learn iptables... its not much different
<jpds> (Lucid one that is).
<twb> Hm, it seems to be getting pissed because the host arch is amd64, but the chroot is i386
<hackeron> dubphil: https://wiki.ubuntu.com/Kernel/CrashdumpRecipe says to do apport-retrace --stdout --rebuild-package-info /var/crash/linux-image-2.6.32-24-generic.0.crash but I just get IndexError: list index out of range
<dubphil> hackeron: sorry I will not be of help on this anyone to help hackeron ?
<twb> http://pastebin.com/nafC2C4Z is what I'm getting
<twb> Ah, the trick is to run "linux32 m-a ..." instead of just "m-a ..."
<hallyn> jdstrand: libvirt compiled locally, but not in my ppa, so i guess hold off on that merge request for a bit :(
<soren> twb: Yeah, the kernel build is kinda picky with the personality.
<twb> Heh, shows how dumb I am -- I hadn't even noticed -j TARPIT needed -p tcp
<jdstrand> hallyn: ok
<patdk-wk> twb, your just funny :) you can't tarpit udp :)
<twb> patdk-wk: or, say, -p ah
<patdk-wk> ok, none-window-based-protocols :)
<twb> Actually only -p 6 is supported at this time
<twb> Others may be theoretically possible, of course
<twb> (Patches welcome, I expect.)
<ScottK> kirkland: RE packageselection-server-n-install-flavors - I thought for SSH we ended up on the idea of an installer question, but default to not installed so it doesn't have system policy implications.
<kirkland> ScottK: nope, I took the action item to take this to the tech board
<ScottK> I know we said that at one point, but I thought there was more discussion afterwards.
<ScottK> Simply having the installer question solves the "Oops, I forgot" problem.
<ScottK> SpamapS or ttx: ^^^ do you recall this?
<kirkland> ScottK: installer question, yes, cursor hovering over "yes, install", but giving sufficiently ominous text that would convince the paranoid to move the cursor to "no, don't install"
<kirkland> ScottK: that part I remember
<ScottK> Right, I recall more after.  Just as the session was ending.
<ttx> ScottK: we went back and forth on the subject, I tend to recall the same thing you did, but maybe it was hallway discussions just after
<ScottK> Could be.
<ttx> Maybe raising an RFC on ubuntu-dev before going to the TB would be a good idea
<ScottK> kirkland: I'd suggest adding the question with default No for Natty and then re-assess.
<ScottK> We mostly need to get this right for the next LTS, so there's no need to push it too hard in this cycle.
<kirkland> ScottK: why?
<ScottK> Because adding a question that defaults to no will be completely non-controversial.  Let's do that step first and assess if more is needed.
<kirkland> ScottK: in that case, we can just add the question, no permission needed if we default to no;  and then simultaneously ask for permission to change that default to hovering over "yes"
<kirkland> ScottK: i don't see the point in wasting any more Ubuntu cycles with the default set to something sub optimal
<ScottK> I think the case would be stronger if we could say "We tried defaulting to no for one cycle and people still have problems."
<ScottK> kirkland: Part of the problem is that lots of people will consider a yes default sub-optimal.
<kirkland> ScottK: and they will be in a minority
<kirkland> "are"
<kirkland> If you're installing a server, you need SSH, except in very specific circumstances, in which case you hit "<tab><enter>"
<kirkland> instead of "<enter>"
<ScottK> If ssh is installed by default, we will need process for dealing with short notice ISO respins if security issues in the package happen again.
<kirkland> ScottK: it wouldn't be "installed by default" ... it would take a conscious decision to hit <enter> while hovering over the button that says, "yes, i want to install ssh on this server and open port 22"
<kirkland> smoser: you might want to change the approver of https://blueprints.launchpad.net/ubuntu/+spec/cloud-server-n-desktop-images to robbiew
<ScottK> If the question defaults to yes, it's installed by default.
<kirkland> ScottK: "by default" means that you're not asked whether you want it or not;  like the -server kernel is installed "by default"
<ScottK> I don't think you can assume a user always sees all questions.
<kirkland> ScottK: that's what I came into the session asking for, but we compromised on pulling the ssh-server part out of the tasksel, and giving it special treatment, devoting a question directly to it
<smoser> kirkland, done
<soren> ScottK: We choose which questions to ask.
<ScottK> kirkland: I think a question is great, I just want it to default to no.
<kirkland> ScottK: we also agreed that if users are preseeding, then the default is "no"
<ScottK> OK.
<kirkland> ScottK: if the default is "no", i refuse to put any effort into adding a question to the installer
<smoser> i probably have to change all of those.
<kirkland> ScottK: completely defeats the point
<kirkland> smoser: yeah
<kirkland> ScottK: there's already such a question, in the tasksel
<kirkland> ScottK: its sufficiently buried already
<ScottK> kirkland: I disagree.  The point is people forget to add the task, so it needs to be more obvious.  A question solves the problem IMO.
<kirkland> ScottK: and we'll continue to have an inanely "safe" default, at the expense of the vast majority of server users would benefit from us taking an intelligent stand, rather than an unreasonably staunchly conservative stand
 * patdk-wk likes selecting it from tasksel, and wouldn't like a seperate question
<kirkland> ScottK: it's like defaulting the networking stack to "disabled" by default, just to make sure someone doesn't accidently enable networking
<patdk-wk> either auto install, or in tasksel is good for me (a user)
<mathiaz> ttx: o/
<mathiaz> ttx: how are you doing today?
<ScottK> kirkland: I see your point, but I think presenting the question is a sufficient solution.  We'll have to disagree then.
<kirkland> patdk-wk: thank you for your input.
<kirkland> ScottK: fair enough;  if i'm going to spend any time on this at all, i'm working to have a sane default, which is "SSH is an essential tool installed on most servers which are installed interactively; let's make this intuitive"
<patdk-wk> I'm more under the understanding, if someone is security critical, they would inspect the installed packages, and remove anything not needed, or have their own preseed file they use instead
<SpamapS> ScottK: here now.. I do recall that there was a desire to put it in the first stage of the installer, and that there was considerable resistance to putting any "scary" language in the installer.
<kirkland> ScottK: if you're going to somehow veto that, then I'm not going to spend any effort on this and will abandon the idea entirely
<cradek> (as just another user with 2c) it is a minor pain to have to remember to install sshd on each desktop machine I install.  I have no machines without ssh servers.  I am surprised that it is not default on a server install.  I am surprised it is controversial.
<ScottK> kirkland: I don't have any veto power.
<pkstef> would anyone have any tips for setting up ubuntu-server as a personal seedbox?
<soren> What does a seedbox do?
<\sh> patdk-wk: someone security critical would adjust the ssh default config to not listen on all interfaces/ips etc. and imho most server admins are installing sshd by default, or they do have another method of accessing the box remotely
<SpamapS> kirkland: I'm 100% behind ScottK here. Security sits on the other extreme of the scale that ends with Convenience. We can tick it a little back toward convenience with a well thought out check box... going further means a bit too much exposure IMO.
<pkstef> downloads torrents then i can ftp them from a different location
<marrusl> I am also pro enabling sshd.  you should be setting up in a pretty secure environment in the first place.
<kamusin> sorry for ask here but I am looking for a canonical sysadmin (our LocoContact need help)
<ScottK> kirkland: Fundamentally, I think it's the Ubuntu Security team you have to convince (and at least one of them is a TB member - so doubly so for kees).
<Pici> kamusin: Try #canonical-sysadmin
<SpamapS> kirkland: I also recall that another discussion was centered around enabling it after the second stage and after updates have been applied.
<kamusin> Pici, ;)
<\sh> what I would like to see during an interactive server setup is to provide a ssh user key to install by default and sshd should default to key auth
<pkstef> ?/
<kirkland> ScottK: i have discussed this at length with kees, having filed the blueprint after in-person discussions with him in September
<ScottK> OK.
<ScottK> I like \sh's idea.
<soren> How would that work? You would type in your public key?
<ScottK> USB stick?
<\sh> soren: or use an usb device and d-i will recognize it and push it to the installation target
<SpamapS> \sh: you mean provide a means for the user to upload a public key right?
<\sh> SpamapS: yepp
 * diplo also likes that idea
<\sh> SpamapS: something like RH or SLES did for third party kernel modules during server install
<SpamapS> \sh: cloud-init can do it by grabbing it from an LP account. It would be cool to be able to say in the installer "Grab my SSH keys from: x, y, z"
<SpamapS> This is why I like the 2 stage install idea so much.
<\sh> SpamapS: yes..but think about that during interactive server setup you mostly don't need any network connection...
<SpamapS> Garners respect from experts by giving them "just the base system" quickly, but enables new users by guiding them into things like this.
<ttx> mathiaz: well well
<patdk-wk> oh ya, grabbing a public key from x,y,z is very secure :)
 * patdk-wk waits for x,y,z to be redirected
<marrusl> Isn't the issue about defaults?
<marrusl> rather than cool features.
<mathiaz> ttx: would you mind triagging all the New,Undecided bugs for today Wednesday (as you used to) ?? ;)
<ttx> mathiaz: hmmm
<\sh> patdk-wk: we don't talk about public infrastructure x.y.z...it's more likely that you setup your server interactivly on local infrastructures..
<SpamapS> patdk-wk: x,y,z is on SSL and the key would be shown to the user, duh. ;) Thats why we have OCSP and CRL's
<kirkland> ScottK: kees said that as long as the user knows they're installing SSH, then it's fine by him;  hence the question in the installer
<ScottK> OK.
<ttx> mathiaz: as soon as I get to the "free time" I'm supposed to have in that new position, I will.
<\sh> patdk-wk: regarding cloud installs this is a totally different matter...
<SpamapS> wait, maybe I agreed with the wrong person. Did somebody NOT want the question in the installer?
<patdk-wk> ya, cloud is different
<mathiaz> ttx: :D
<ScottK> SpamapS: The only arguement was over default.
<SpamapS> Default *no*
<\sh> patdk-wk: and most admins who are deploying their servers with automatic tools, they don't rely on d-i or tasksel, they deploy their users automatically and provide most of the times user keys by default
<SpamapS> In fact, IMO, checkboxes that are defaulted on are almost always subversive. Its like asking people double-negative questions.
<patdk-wk> \sh, yes, but we aren't talking about that
<kirkland> SpamapS: i believe ScottK and I are in agreement that an installer question about SSH would be an improvement over the one buried in tasksel
<ScottK> SpamapS: I agree, but kirkland feels strongly the other way.
<ScottK> kirkland: Absolutely.
<kirkland> SpamapS: the only disagreement I *think* there is between ScottK and i is whether <yes, install SSH> or <no, don't install SSH> is highlighted by default in the installer
<SpamapS> Also would this checkbox do what we also discussed, which is to install it post-updates only?
<kirkland> SpamapS: a 2-stage installer is probably 2+ Ubuntu releases away, IMHO
<\sh> patdk-wk: fetching keys from a remote public site is always a security risk...and I woudln't want it..but fetching it from an USB device or from a local network location, this could be a good thing, especially regarding admins who are using preseeding or kickstarting ;)
<SpamapS> kirkland: If highlighted means having to hit a key other than enter to leave it off then I am dubious as to why we are bothering to ask.
<kirkland> SpamapS: adding a question to the installer is something we can do in a day or two, and vastly improve the ubuntu server install experience for thousands of users
<patdk-wk> \sh, if I was preseeding, I would just have my own ubuntu package that contained my key, most likely, or make a package that installed it
<mdeslaur> The security team's stance is adding a checkbox to install ssh is okay, as long as it defaults to off
<SpamapS> kirkland: add the question yes! highlight "No" and include 2 other answers.. "Yes enable SSH" and "Tell me more" with scary language behind that.
<jdstrand> no scary language
<SpamapS> jdstrand: BOO!
<jdstrand> :)
<SpamapS> or rather
<SpamapS> BOO I scare you, not BOOOO your idea sucks. ;)
<kirkland> mdeslaur: is that a unanimous decision?
<\sh> patdk-wk: well, people are leaving the companies, so keys are changing, a package needs to be newly build everytime that happens...user assets in your assetmanagement are much better and faster, and you can add some magic to it to provide keys or other user settings which could be useful during preseeding
<SpamapS> kirkland: On the 2-stager.. why is that so far away? What do we have to do to strip things out of the main installer and change motd?
<mdeslaur> kirkland: as per the last discussion we had, yes. I can re-confirm with everyone if you'd like.
<kirkland> mdeslaur: please do;  would be nice if that discussion happened here
<jdstrand> I'm not sure it has to be unanimous
<mdeslaur> kirkland: ok, wait until kees and sbeattie arrive, and we'll discuss it
<jdstrand> but regardless, mdeslaur stated my opinion as well
<kirkland> SpamapS: because if there's this much disagreement about 1 page in the installer, imagine the complexity in rewriting it
<SpamapS> kirkland: Fair enough. I don't think we can change much at all after this release though, so I'd almost rather see it changed radically in Natty according to what we discussed, and then let the response to that guide us on "O minus 1" so we get that right and change nothing in O.
<SpamapS> kirkland: Also I don't think the "off by default but highlighted" option was clear while we were all talking. the "let the user choose" was though.
<SpamapS> I do like a checkbox. I want it to stay off if the user just powers through the install though.
<mdeslaur> Utimately, it changes the "no open ports by default" policy, which means it needs to pass tech board approval anyway
<marrusl> I think one issue is initial experiences.  people just trying ubuntu server or coming over from rhel/sles just *expect* it to be there.  and the tasksel is too easy to miss.
<SpamapS> whoa.. I just discovered "cmd-A" .. my windows .. they're.. flying around.
<kirkland> mdeslaur: that policy is a mirage -> avahi
<SpamapS> does avahi respond to unicast from other networks?
<jdstrand> kirkland: it isn't a mirage
 * SpamapS actually doesn't know
<jdstrand> kirkland: avahi is the exception that the TB voted on
<jdstrand> kirkland: just like you want an exception
<kirkland> jdstrand: yes, and I volunteered to take SSH to the TB for an exception too
<jdstrand> there is also language that the security team must approve it as well
<gholms|work> How are canonical's stock EC2 images created?  All the docs that I've seen so far involve rebundling the stock ones, not building them from scratch.
<jdstrand> with something as important as a login port hanging out there for anyone in the world to try to login with, I think the discussion with the security team should have been in the open. not with just one member somewhere else
<jdstrand> if it was in the open and I missed it, I apologize
<SpamapS> gholms|work: smoser can answer that pretty easily.
<SpamapS> smoser: ^^ how do we make the EC2 images?
<jdstrand> but at UDS, the members of the security team that attended that session for that bp said 'no'
<smoser> gholms|work, https://wiki.ubuntu.com/UEC/Images/Publishing has most of hte info
<\sh> marrusl: well, they you could say this: "people coming from RHEL/SLES are expecting a 'root' user to be there" ;)
<\sh> s/they/then/
<marrusl> \sh, touche.
<marrusl> Still, it's not like we're talking about telnet here.
<kirkland> marrusl: you'd think I was ....
<gholms|work> smoser: Are things like package selection, mirror locations, and whatnot all hardcoded?  Where does the actual configuration take place?
<\sh> marrusl: but we are talking about defaults of an interactive setup...as said, most serious server admins in enterprise environments won't use any interactive setup, but devs on vmware boxes to test a new release or admins to test new ubuntu releases...(before they start to deploy a new release automatically) ;)
<gholms|work> User configuration...
<marrusl> \sh, disagreed.  most serious server admins won't do that large scale, but many will use interactive setup during testing and prototyping.
<SpamapS> So you make it enabled by default. But then you a) leave password auth turned off, or b) risk compromise through brute force attack...
<kirkland> This is why the Ubuntu Desktop succeeds -- because they make sensible defaults and have the guts to make bold decisions
<marrusl> \sh, well I guess we are agreeing to an extent there.
<SpamapS> option a means you need to get keys to the box somehow (some interesting possibilities there actually)
<\sh> marrusl: that's what I said :)
<SpamapS> option b means you also need denyhosts, or iptables rules, or any number of things that don't work in some environments..
<mdeslaur> kirkland: our bold decision is to not have openssh turned on by default, when other do
<mdeslaur> s/other/others/
<smoser> gholms|work, cloud-init handles first boot configuration
<gholms|work> How about grub configuration?
<\sh> SpamapS: you could even ask for an IP from where you are allowed to connect to the ssh port...there are many possibilities
<smoser> gholms|work, well, it depends.  the code is all there in those repos listed from the link i gav eabove.
<patdk-wk> hmm, ssh access to grub
<SpamapS> \sh: yes, that would work. More options, though, is something others worked very hard to eliminate from the installer.
<smoser> in image creation, we kind of hack in a grub2 config and a grub1 path.  grub1 is used by pv-grub on ec2, and grub2 is used by the 'loader' path on UEC.
<SpamapS> patdk-wk: Actually that would be *unbelievably helpful*
<smoser> on first boot, cloud-init figures out where it is running and seeds grub2 debconf so that the user isn't prompted in the future when update-grub runs
<kirkland> jdstrand: mdeslaur: so just to be clear, we're disagreeing over the placement of the cursor in the interactive server install, whether it's hovering over <yes> or <no>?
<mdeslaur> kirkland: yes. We want the person installing to make a deliberate choice to open ssh. (and, of course, this is only our opinion...tech board ultimately decides...)
<\sh> SpamapS: it's always the difference between easiness and security...most of the time security is not the top priority ;)
<jdstrand> I'm not sure of the benefits of making it that much easier. sure, yank it out of tasksel and present a clear question so people know ssh is enabled or not. make it preseedable. this way people don't miss it and we don't open a port be default or fail compliance tests, etc
<SpamapS> \sh: right, so its important to illuminate risks and never put anybody in harm's way without at least giving them a sword and shield in the fight. :)
<ads> re
<ads> ok, third channel ...
<ads> Ok, who's responsible for the PHP mess in Ubuntu? ;-)
<gholms|work> smoser: So on Eucalyptus it uses grub1 to load grub2?  What eki/eri do you have to use for that?
<ads> I can't get PHP to log parse errors even though I configured every known option and phpinfo() tells me all options are switched on.
<gholms|work> Just one with grub2, or...?
<smoser> gholms|work, on eucalyptus, in maverick, there are patches in the ubuntu eucalyptus package that handle it
<SpamapS> ads: we're all responsible for it in some way.. unless we already filed that bug report. ;)
<ads> ;-)
 * gholms|work wishes deb sources had discrete patches
<smoser> the basic logic is "if a 'kernel' is a multiboot image, then put it on a floppy disk, boot from the floppy"
<SpamapS> ads: you're running it via libapache2-mod-php5 I presume?
<ads> SpamapS: version 5.3.2-1ubuntu4.5, yes
<smoser> then, we publish multiboot images with our uec-images tarballs (named '-loader') that can be registered. those -loader files basically multiboot off of (hd0,0)/boot/grub/grub.cfg
<gholms|work> smoser: Is that all there to work around the lack of pvgrub?
<smoser> gholms|work, well, it provides the same function. and generally the same flow.
<SpamapS> ads: ok, so you just want to set something like 'error_log=syslog' and error_reporting=E_ALL   right ?
<gholms|work> smoser: How do you decide whether something is a multiboot kernel?
<smoser> its just more flexible. outside of the floppy hack, its fairly clean.  we promise to the image creator, that if a kenrel is a multiboot image, then it will be loaded specially.
<smoser> gholms|work, its fairly determinable.
<ads> SpamapS: display_errors is On, display_startup_errors is On, error_reporting is set to E_ALL
<smoser> http://bazaar.launchpad.net/~ubuntu-virt/ubuntu/maverick/eucalyptus/2.0/annotate/head%3A/debian/patches/22-uec-multiboot-kvm.patch is the patch
<ads> SpamapS: when I set error_log PHP does not even touch this file.
<SpamapS> ads: display errors doesn't "log" errors .. so you want them on the page?
<gholms|work> smoser: What does upstream think of it?
<SpamapS> ads: did you look in /var/log/apache2/error.log ?
<ads> SpamapS: this was a test. In case of an parse error I just get a white website with no content at all.
<ads> SpamapS: I did, nothing.
<smoser> eucalyptus is generally in favor, and we hope to have it (or something like it) into 2.1.  Daviey <---
<smoser> gholms|work, fwiw, the easiest solution woudl have been to just let kvm load the multiboot image
<ads> SpamapS: basically I want to see my parse errors, that's all. This is my own dev system, no production system.
<smoser> but due to a bug/missing feature, that wasn't really possible
<gholms|work> smoser: If it's running on kvm, sure.
<smoser> https://bugs.launchpad.net/ubuntu/+source/seabios/+bug/611142
<uvirtbot> Launchpad bug 611142 in qemu-kvm "seabios should have native scsi support" [Wishlist,New]
<ads> SpamapS: and no, parse errors don't go into the apache logfile.
<ads> SpamapS: It seems like php is just hiding them.
<\sh> ads: you did set it in /etc/php5/apache2/php.ini ? (asking just to be sure)
<SpamapS> and restart apache
<ads> \sh: yes - and I checked the actual values with phpinfo()
<ads> SpamapS: yes
<ads> Hell, I'm using PHP since version 3.something, configured a lot boxes, but never seen such a behaviour
<SpamapS> ads: and cli php does what you'd expect?
<ads> Let's test
<ads> No. I get some startup warnings about deprecated stuff (because I have E_ALL), but I get no error message. The php file just contains one invalid line (random chars)
<\sh> Anyways..../me needs to go home now...and care for my baby ;)
<SpamapS> ads: this is lucid, yes?
<SpamapS> (10.04)
<ads> yes
<SpamapS> ads: with the default install I get parse errors in /var/log/apache2/error.log
<SpamapS> [Wed Nov 03 09:33:49 2010] [error] [client 127.0.0.1] PHP Parse error:  syntax error, unexpected ';', expecting T_STRING or T_VARIABLE or '$' in /var/www/test.php on line 1
<SpamapS> ads: and most things in phpinfo() show "No value"
<ads> SpamapS: I would expect the same. Same configuration works on several boxes, just not on this one.
<SpamapS> ads: which means we're just using the SAPI default
<SpamapS> ads: can you post your phpinfo() somewhere?
<Steve[cug]> does anyone happen to know if rsyslog supports ip spoofing like syslog-ng does?
<ads> SpamapS: let me extract the details
<SpamapS> Steve[cug]: thats just.. evil! ;)
<Steve[cug]> what?
<SpamapS> Steve[cug]: changing the IP of packets just because you can. ;)
<Steve[cug]> lol
<Steve[cug]> I need to send the messages to the correlation engine, and the only way for the engine to pick everything up properly is if i spoof the packet
<SpamapS> Sounds like a crappy engine. ;)
<Steve[cug]> :-p  actually its prolly one of the best engines out there IMHO, but it doesnt expect to be the endpoint of another syslog aggregater
<SpamapS> Steve[cug]: that always was syslog-ng's big crusade wasn't it?
<ads> SpamapS: http://pgsql.privatepaste.com/ae7ea92913/w3e4rtfzg
<Steve[cug]> SpamapS: to be a large aggregator...yes.
<Steve[cug]> unfortunately for reasons unknwon to me I was asked if we could use rsyslog instead...as I have to recompile the syslog-ng package to enable ip spoofing
<SpamapS> Steve[cug]: is syslog the only way you can get things into the engine? Maybe it has other ways of taking data that are more suitable to rsyslog.
<Steve[cug]> SpamapS: its the only way we can get many things
<Steve[cug]> so yes
<SpamapS> ads: weird!
<SpamapS> Steve[cug]: but I mean, could it take the source from the content of the message rather than the source IP address?
<SpamapS> Steve[cug]: I wonder if this might help.. http://www.rsyslog.com/doc/property_replacer.html
<ScottK> JamesPage: The existing binary can be moved to Main, so rebootstrapping isn't required.
<kinygos> apologies for the noob question....is it possible to configure fail2ban to not unban an address?  or should i just the ban time to a big number?
<ads> re
<ads> SpamapS: you name it!
<patdk-wk> kinygos, comment out actionunban?
<zul> SpamapS: ping [cilnt-fewbar] MySQL: investigate and resolve conflicts between mariadb and mysql's libmysqlclient: TODO <-- good luck on that ;)
<ads> zul: *fg*
<kinygos> patdk-wk: i don't have an actionunban or anything that looks like it...i'll google
<patdk-wk> did you check out the actions directory?
<kinygos> patdk-wk: awesome :)  thank you very much for your help
<SpamapS> zul: what could they possibly be doing in their *client* library that doesn't make it *necessarily* a new libname ?
<SpamapS> zul: my thinking is, if they've changed the API fundamentally, they should fork and not call themselves libmysqlclient
<zul> SpamapS: binary compat is a bit big thing for them...but i agree with you
<SpamapS> zul: riddle me this, can libraries be managed via alternatives?
<zul> SpamapS: doubt it
<SpamapS> yeah it would probably be a bad idea even if they ABI was compatible.
<ScottK> SpamapS: It would be useful if mysql were packaged so that multiple versions could be installed along side for transition purposes (e.g. like postgresql).  If this were done, it would probably be easy enough to extend it to cover mysql-fork-of-the-day.
<SpamapS> ScottK: looks like what they've done is just call it something else. http://www.percona.com/downloads/Percona-Server-5.1/Percona-Server-5.1.51-11.5/deb/lucid/x86_64/
<ScottK> OK.
<SpamapS> ScottK: not sure what maria is doing..
<SpamapS> But really they all want ownership of port 3306 .. so I'm not sure how they can really coexist. ;)
<patdk-wk> heh, I do it just fine :)
<SpamapS> True you can set a policy to not mess with those services, and then manually configure their listen ports/restart them/etc.
<SpamapS> I kind of like the approach mtaylor was talking about doing for drizzle.. where it installs all of the software just fine, and the default configs come in packages that conflict with one another.
<SpamapS> I haven't looked close enough at pgsql, but I think thats what it does too.
<ScottK> There's a postgresql-common package that manages it.
<ScottK> (IIRC, something like that, YMMV)
<SpamapS> no IANAL?
<ScottK> TANSTAAFL too
<Wise_> how do I move folders exactly? just mv tells me "directory not empty" mv -R or -r tells me invalid option
<Wise_> :|
<krycek_> does ubuntu 10.10 support Dell Poweredge T410 server? in the ubuntu page says it supports R410. But it almost the same machine.
<RoyK> krycek_: isn't the difference between the two just that T- is tower and R- is rack?
<krycek_> should be, i guess
<krycek_> but there is no reference of T410 in the ubuntu page
<RoyK> krycek_: just try it, if you have the box, that is
<krycek_> not yet
<RoyK> krycek_: also, testing 10.04 first might be worth a thought as well, since 10.10 isn't LTS
 * RoyK only uses LTS releases on servers unless he's forced to do otherwice
<krycek_> what will be the next LTS?
<Pici> 12.04
<RoyK> 12.04
<RoyK> krycek_: that is, there are new sub-releases every now and then
<RoyK> 10.04.1 is the latest
<krycek_> hmm... ok
<krycek_> tkz
<RoyK> LTS releases are supported for 5 years, non-LTS for 18 months
<RoyK> and IMHO most servers won't need cutting (or bleeding) edge versions for the most part
<uvirtbot> New bug: #670541 in mysql-5.1 (main) "Upgrade mysql5.0 -> 5.1 fails due to error on postrm script.  " [Undecided,New] https://launchpad.net/bugs/670541
<RoyK> krycek_: what sort of server is it you're setting up?
<krycek_> web, dns, mail
<krycek_> and some databases for some apps used here in the company
<RoyK> I'd stick to 10.04 for that
<krycek_> any recommended material for first time admins?
<RoyK> krycek_: and if someone needs the mysql 6 pre alpha something, use a VM for that to isolate it
<RoyK> !guide
<krycek_> no need for mysql 6
<krycek_> !guide
<RoyK> https://help.ubuntu.com/10.04/serverguide/C/index.html
<Pici> !guide is <alias> serverguide
<ubottu> I'll remember that, Pici
<RoyK> stupid bot didn't know that...
<Pici> now it does.
<RoyK> k
<RoyK> !guide
<ubottu> The Ubuntu server guide may be found at http://help.ubuntu.com/10.04/serverguide/C/
<RoyK> danke
<Pici> \o/
<krycek_> hehe, thanks
<krycek_> do you recommend to use another box to take care of the firewall/routing part? or using just one box for all is ok?
<RoyK> krycek_: depends on your needs - it's generally a good idea to use a separate box for firewalling, and if you're a newbie, something like pfSense might be worth a try
<RoyK> it's really light-weight, all GUI and is easy to setup/manage
<krycek_> pfSense, I'll take a look into that
<RoyK> and based on freebsd, so if you're picky of the OS, maybe something linux-based might be better, but still, pfSense is very well tested
<krycek_> you are very helpfull, RoyK , thanks again
<RoyK> :)
<RoyK> lol - pfSense can be setup to block windoze machines by passive fingerprinting :D
<pmatulis> RoyK: runs openbsd's PF?
<RoyK> *bsd pf, I guess
<pmatulis> RoyK: right, that's from OpenBSD.  ported to FreeBSD
<RoyK> pmatulis: I don't know too much about the details - check if there's another channel available if you want to dig into that...
<pmatulis> RoyK: no need to dig
<RoyK> :)
 * pmatulis runs OpenBSD at home (and uses PF quite a bit)
 * RoyK hasn't install obsd for _years_
<krycek_> for a newbie is it ubuntu the right distro? or CentOS should be easier?
<joesuffceren> I need a little help with NTP. I am trying to get my ubuntu box to sync with my Windows domain controller. (I have also tried using us.pool.ntp.org servers with the same results described below). I can use ntpdate -u to sync the time just fine, but when I set them up as server entries in ntp.conf, they don't work
<RoyK> krycek_: I wouldn't recommend centos or that sort of thing - ubuntu has everything you'll need
<krycek_> I ask because I've just read: http://www.twincling.org/node/689
<joesuffceren> ntpq -p shows my servers that I configure in ntp.conf, but none of them ever has an asterisk beside it, which, if I understand, means it's not actually syncing with them
<krycek_> and he says: CentOS provided the fastest configuration time, lowest learning curve, better ROI, superior package management system, and a good fuzzy feeling of stability.
<RoyK> krycek_: I somehow think the person that wrote that is a centosist without much regard for technology
<krycek_> hehe
<RoyK> krycek_: we have about a hundred servers, most of them on solaris and different linux distros - we're moving most of those to ubuntu, for good reason
<krycek_> it's a very hard decicion for a web developer to make hehehe
<RoyK> for a web developer, you won't find much difference between the two, except that there are perhaps 10x more packages available in ubuntu, meaning if you need this or that apache extension, or this or that special library, you just install it instead of having to compile it from source
<RoyK> or find some obscure package at some site somewhere
<Steve[cug]> krycek_: I typically handle it this way... Ubuntu LTS for any server except when a software vendor requires I run RHEL
<RoyK> krycek_: also, centos is not officially supported, and if you're paranoid, you can get ubuntu support from Canonical quite cheaply
 * RoyK hands Steve[cug] a beer
<Steve[cug]> RoyK: ;)
<RoyK> Steve[cug]: that's exactly what we are doing
<Steve[cug]> I like Ubuntu/Debian's method of handling packages a lot better then RHEL/CentOS/SLES
<krycek_> ok then, I'll use your expertise and use ubuntu LTS
<RoyK> Steve[cug]: except some rare cases where this or that developer or researcher needs a special distro
<Steve[cug]> krycek_: yeah stick to LTS's for servers
<Steve[cug]> RoyK: oh we dont allow for that
<Steve[cug]> you have a choice...Ubuntu, RHEL, or SLES (only for Telecom)
<krycek_> do you own a hosting company?
<RoyK> Steve[cug]: we need to sometimes - some projects use developers or scientists from other countries developing intstrument apps for certain distros - for those cases we have a few fedora machines. But then, I've managed to talk at least one of these groups to use ubuntu instead
<Steve[cug]> most of my infrastructure is Ubuntu, some of our vendor stuff requires RHEL, so we have a small smattering of RHEL boxes, and Telecom uses SLES because the company we use for Voip is a german one
<RoyK> krycek_: I  work for nilu.no - dunno what Steve[cug] does
<Steve[cug]> I work for a mid-size insurance co
<RoyK> krycek_: but still - if you need something that's not in 10.04, just setup a VM and install whatever you might need on that
 * RoyK hands krycek_ some MSDOS 6.22 floppies
<krycek_> using what? KVM?
<RoyK> kvm is the preferred, yes
<RoyK> and using virt-install it's quite simple to use
<RoyK> just like your average windoze app
<RoyK> :)
<Steve[cug]> RoyK: but KVM isnt always the best option unfortyunately
<Steve[cug]> *unfortunately
<RoyK> Steve[cug]: imho it works well enough for most platforms
<Steve[cug]> poor krycek_, we are confusing him
<RoyK> Steve[cug]: what else? xen?
<RoyK> :)
<krycek_> I'm looking for a VPS provider, do you have any one to recommend?
<Steve[cug]> RoyK: KVM sucks for large bandwith needs.  I need to use Xen in those cases
<krycek_> Steve[cug], what would be the second option?
<krycek_> ok
<Steve[cug]> krycek_: depends on how much hand-holding you need IMHO
<RoyK> krycek_: with a new server, you can easily run the VMs in-house
<RoyK> krycek_: just use KVM
<RoyK> krycek_: if that becomes a problem, try something else, but mostly, it'll work well
<Steve[cug]> krycek_: KVM is highly preferred because unless you in an edge-case (like my stuff tends to be) running a vanilla kernel ala KVM is much more beneficial than Xen's highly modified kernel
<Steve[cug]> s/you/your/g
<RoyK> Steve[cug]: I'm not sure if that's the case with paravirtualized block devices, as those you have on 10.04 guests
<krycek_> all right, but i dont think i'll need to use it
<krycek_> at least for now
<RoyK> krycek_: just use kvm if you need virtualization - you'll find out quickly if it fits your needs
<Steve[cug]> RoyK: Xen has near-native networking performance, KVM (and VMWare) still take a heafty hit...esp when you are virtualizing passive network sensors ;)
<RoyK> well, I'm not :P
<Steve[cug]> well I am ^_^
<Steve[cug]> :-p
<RoyK> Steve[cug]: then you're confusing a newbie :Ã¾
<Steve[cug]> i kow....it's what im good at.  I did say that unless you in an edge case, KVM is the way to go
<krycek_> let's hope for no edge cases then :)
<RoyK> krycek_: if you're new at this, it'll take some years before you reach that point
<Steve[cug]> now if only LXC didnt still suck in userland, then we wouldnt need heavily modified kernels for virt or containers anymore
<RoyK> LXC?
<Steve[cug]> krycek_: yeah, I'm a network Security Engineer, so I play with edge cases all the time
<Steve[cug]> LXC == OpenVZ in vanilla kernels
<RoyK> k
<Steve[cug]> OpenVZ is a huge ugly patch on the kernels
<RoyK> krycek_: just to summarize this discussion - use KVM for virtualization - if or when something goes wrong, ask again
<krycek_> k, i'll
<krycek_> RoyK, what you company does exactly?
<krycek_> i dont understand that language
<Steve[cug]> yes
<RoyK> krycek_: press the English link at the top left corner :)
<Steve[cug]> lol
<krycek_> there it is, usually it is the top right corner ;p
<RoyK> basically NILU is Norwegian institute for air research, which means pollution measurments, cliate modeling, health research and a few more things
<krycek_> suddently it all makes sense
<RoyK> not my fault - those windoze guys doing the web stuff aren't my cup of tea
<Steve[cug]> agreed
<Steve[cug]> esp when they mostly just use apache on wintel :-p
<Steve[cug]> IIS *shudders* is just horrid
<RoyK> it's quite nice to use against people you don't like, as in, hey, this IIS server has a problem, we can't have any downtime, though, can you try to fix it?
<kinygos> lol
<Steve[cug]> lol
<krycek_> pfSense looks niceÂ²
<RoyK> there should have been an ARM port for it, though
<krycek_> maybe it is in their roadmap
<RoyK> doesn't look like it http://doc.pfsense.org/index.php/Does_pfSense_support_non-i386_hardware_platforms%3F
<krycek_> damnit
<RoyK> anyway - atom systems doesn't cost too much these days
<RoyK> and it really doesn't matter to me what the arch is, so long as it works
<kinygos> i've configured apache2 to generate my web app logs outside of /var/log...what would be the best practice way of rotating them?  using logrotate or piping them to rotatelogs?
<RoyK> I'd use logrotate, but then, that's only my choice
<kinygos> RoyK: do you know if it's possible for me to just point logrotate at my app's log directory, or do i need to do anything exotic?
<RoyK> kinygos: take a look at the files under /etc/logrotate.d
<RoyK> it's quite easy to configure that
<kinygos> RoyK: i did, found an apache2 one...do i just create a copy of it for my app, with my app log directory?
<Steve[cug]> you may need to modify the apparmor settings for logrotate as well
<RoyK> Steve[cug]: really?
 * kinygos just looked at the AppArmor man page and his mind is boggling
<Steve[cug]> lol, its not that bad
<RoyK> kinygos: just try with logrotate - if it fails, cron will email root
<sbeattie> There's no apparmor policy for logrotate by default, in any event.
<RoyK> that's what I thought
<Steve[cug]> good to know
<Steve[cug]> I just always check just to be safe
<Steve[cug]> hence i said you *may* need to :-p
<RoyK> Steve[cug]: I'd say, better keep quiet unless you know something's going to fail - there's a lot of newbies that may panic (or at least get distressed) if a lot of new things come up
<RoyK> and if things fail, they'll tell us anyway
<kinygos> lol...my brain is fuzzing...i set out to configure rotating logs on my web app, starting learning about LinuxLogFiles (excellent do on help.ubuntu.com)...realised i had numerous spurious attempts to log in on ssh to my server...so had to learn about portknocking, the iptables config on my server, and generally battoning down the ssh hatches...configured fail2bin...and now i've got to learn about cron...
 * kinygos is a total noob
<Steve[cug]> thats one way to handle it.  i've typically noticed that trying to cover all of the bases so that if it fails, they dont spend forever pulling their hair out thinking they did something wrong when it really wasnt their fault.
<kinygos> bloody great fun learning this stuff though
<RoyK> kinygos: fail2ban or denyhosts are good packages to block bots
<SpamapS> kinygos: you seem to be having fun though. :)
<RoyK> I think I'd recommend denyhosts since it works by distributing "bad" IPs
<kinygos> lol...i meant fail2ban...and it is awesome :)
<RoyK> denyhosts is even better, though a bit more nazi on the rules (by default)
<SpamapS> Its also a reasonly good idea these days to just run SSH on an alternate port. :-P
<_ruben> security through obscurity ftw!
<kinygos> at the same time, i'm developing an e-commerce web application that has to go live before christmas this year
<Steve[cug]> SpamapS: I disagree with that, security through obscurity is no security at all
<SpamapS> denyhosts seems to catch about half of the ips that are brute forcing.
<RoyK> SpamapS: not really - I always run on 22, but then, using denyhosts, people won't get much chance to brute their way in
<kinygos> i read about running ssh on a different port, and there's a lot of people that think it's not worth the inconvenience
<SpamapS> Steve[cug]: its not security at all, its convenience, for *me* to not have to attend to so many red flags in my logwatch. ;)
<RoyK> kinygos: I agree
<SpamapS> i have boxes on both setups
 * kinygos is googling denyhosts :)
<X-Sleepy-X> how can i install 10.04 or 10.10 server on my armada e500 with 64 mb of ram
<RoyK> kinygos: apt-get install ......
<Steve[cug]> one of the best ways to lock down SSH is to just stick to the simplistics.  Disable interactive and password auth and sticking to just ssh keys, disabling root logins, and getting sudo setup with least priviledged access
<SpamapS> on a CentOS box I admin that does have port 22 open.. $ sudo grep "Failed password" /var/log/secure*|wc -l
<RoyK> kinygos: after moving to fail2ban/denyhosts I haven't had a single breakin except for some password that got leaked some time back, and that guy came in with ftp
<SpamapS> 81
<kinygos> RoyK: wow...now that is what i like to hear :)
<SpamapS> $ sudo grep "refused connect from" /var/log/secure*|wc -l
<SpamapS> 227
<SpamapS> so I guess these days deny hosts is doing better than 50% :)
<RoyK> SpamapS: :)
<SpamapS> 65248 /etc/hosts.deny
<Steve[cug]> port knocking and non-std ports are just more trouble than they are worth, esp when running through more restricted networks
<Steve[cug]> >.<
<SpamapS> Steve[cug]: unless of course you are on a network that restricts port 22. ;)
<kinygos> the daemon to monitor the port knocks is a single point of failure
<RoyK> SpamapS: wc -l ?
<Steve[cug]> SpamapS: true, but typically that isnt restricted because of FTPS
<SpamapS> RoyK: yeah
<RoyK> that's quite a few :Ã¾
<SpamapS> RoyK: thats denyhosts :)
<SpamapS> I need to look into just configuring it to feed into iptables and just block all traffic. I don't see why I'd want to receive anything from these loathesome zombies. ;)
 * SpamapS heads to lunch
<RoyK> damn - I'm <300 on my private boxes - not that much traffic on those, though
<zul> you have to be careful with denyhosts you dont want to lock yourself out
<kinygos> right...i've gotta go watch the arsenal game with my son...i may have questions about denyhosts when i return...thanks for your help everyone :)
<Steve[cug]> zul: exactly
<Steve[cug]> I have seen peopl to that on VPSs, quite funnly really
<kinygos> and that's what i was worried about zul...i only have remote access to this server
<Steve[cug]> *people
<RoyK> kinygos: enjoy the game :)
<SpamapS> I (shock) whitelisted my whole class C. Everybody in my neighborhood in Los Angeles *MIGHT* be able to brute force my SSH passwords! Oh noes
<Steve[cug]> lol
<Steve[cug]> SpamapS: thats ofcourse assuming that your DHCP range is restricted to that class C
<RoyK> the 192.168.x.x/24 for the open WLAN?
<Steve[cug]> lol
<Steve[cug]> prolly more like thatever public block he is on
<Steve[cug]> *whatever
<_ruben> ssh passwords, yuck
<RoyK> _ruben: keys can be lost too, you know
<_ruben> i wonder if (open)sshd can be configured to require both a key and the local passwd
<Steve[cug]> _ruben: actually I got a Yubikey that I use on my stuff.....works great.  then SSH keys aren't really needed
<Steve[cug]> just need to make sure you have a coupld of keys incase you loose one setup in the system
<RoyK> _ruben: I guess that's just a matter of PAM magick
<makomi> hi, anybody use netatalk with mac clients?
<TuxM> install trouble: text during installation all scrambled. tried various boot options but to no avail... any suggestions?
<makomi> if i select on my mac the afp server i see in logfile of netatalk: "AFP/TCP session from IP" and the next line "server_client PID done"
<makomi> how could I use the credentials from my mac to connect to netatlak automatically?
<RoyK> makomi: I think the preferred way of sharing to Mac's is using samba or NFS these days - AFP is a little oldish
<makomi> but itÂ´s comfortable thru avahi :)
<makomi> but i could use avahi with smb
<Steve[cug]> samba + avahi is the way to go
<TuxM> install trouble: text during installation all scrambled. tried various boot options but to no avail... any suggestions?
<RoyK> TuxM: try vga16fb.modeset=0
<RoyK> kernel commandline
<RoyK> or grub, even
<TuxM> RoyK: You're my hero, kernel gave a message: modeset unknow command (or something like that) but it now works! thanks a million
<RoyK> :)
<RoyK> I got that from some list - trying to install ubuntu on Hyper-V was terrible - screen updates took for ever - that command did it
<TuxM> it also works like a charm on this old VIA motherboard
<RoyK> it should work with anything, really, since it basically turns off the framebuffer and uses the old ASCII thing instead
<TuxM> i tried the fb=false parameter, but that didn't work...
<RoyK> TuxM: I know
<ScottK> kirkland: I think marking the entire spec obsolete is an over-reaction.
<kirkland> ScottK: would you like me to assign it to you?
<ScottK> kirkland: Was the ssh part of the spec the only part you were willing to work on?
<ScottK> I'd be willing to discuss getting the ssh question implemented in D-I with cjwatson or someone else appropriate, but I'm not qualified to do the implementation.
<kirkland> ScottK: the rest of my suggestions in that spec were killed as well (minimal install + better deluxe install)
<kirkland> ScottK: that doesn't leave a whole lot left
<kirkland> ScottK: in terms of what I had hoped to do with that spec
<cjwatson> I don't really want a separate question for it, TBH - you're already asked a question in the server install that includes installing openssh-server as one of its options
<cjwatson> (if I'm understanding this correctly)
<ScottK> kirkland: I thought that evolved into the idea of base install, reboot, and then add goodies as desired through some easy method (like ubuntu-init instead of cloud-init).  Was that another spec?
<ScottK> cjwatson: The problem we have is that ssh-server gets a bit lost in tasksel so people forget it.  Having an explicit question in the installer was a compromise thought between leaving it where it was (often forgotten)  and installed by default (which a number of people didn't like)
<cjwatson> that seems a bit like an arms race to me, TBH
<cjwatson> we could perhaps adjust sorting in tasksel
<cjwatson> that's probably relatively simple, file a bug on Ubuntu tasksel if you want that
<ScottK> Perhaps, but ssh-server is a bit unique in that we (fsvo we) don't want it by default, but if it's forgotten it can leave people without access to a server.
<kirkland> ScottK: mathiaz suggested the 2-stage-installer in this session;  that was never my goal in this spec;  if we want a 2-stage server installer, that probably deserves a new spec of its own
<ScottK> I don't know of any other packages that fit those criteria.
<ScottK> kirkland: OK. I'm mixing the sessions then.
<kirkland> ScottK: no, it was the same session;  your memory is correct
<ScottK> Oh.  OK.
<cjwatson> sorting> I meant just putting openssh-server at the top of the list so that it isn't so easily forgotten
<kirkland> cjwatson: I'm arguing that a server isn't much of a modern server without SSH, in the real world;  we have made an exception for avahi on the desktop in the interest of usability;  I proposed in this session that we pursue a similar exception for SSH on the Ubuntu Server as "the critical application required to get to your server *after* you've installed the darn thing"
<kirkland> cjwatson: we do, by the way, install SSH and open a host of ports for Eucalyptus, if you click, "Install UEC"
<cjwatson> oh damn, I really didn't want to get into this now.  IMO the security team has had their say on this and that carries a lot of weight for me
<ScottK> kirkland: WRT avahi, I'd argue that was an error even for desktops and not a great precedent to follow for servers.
<cjwatson> UEC is a very special case
<soren> I wish we some day will actually decide to do to Ubuntu Server what we did to Ubuntu Desktop.
<kirkland> cjwatson: yup, they have;  which is why i just killed the spec
<ScottK> cjwatson: We can defer the discussion to a later time.
<kirkland> soren: make it friendly and usable?
<soren> kirkland: Yes.
<cjwatson> anyway, this discussion implies to me that at least we ought to change the sorting.  that's easy to do.  can somebody please file a bug on Ubuntu tasksel for that?
<soren> I'm sure lots of then existing linux users disagreed with what we did to Ubuntu on the desktop.
<ScottK> Sure.
<soren> Yet we decided to actually change things and be bold.
<soren> It worked out pretty darned well, IMO.
<ScottK> cjwatson: Bug #670611
<uvirtbot> Launchpad bug 670611 in tasksel "List SSH server first in tasksel" [Undecided,New] https://launchpad.net/bugs/670611
<cjwatson> thanks
<ScottK> You're welcome.
<soren> Have a "I'm new to this, please help me along a bit" option on the boot splash next to a "I don't care about your new fangled stuff. I'm old school" option would be fine.
<cjwatson> soren: I think the pool of available Linux users who weren't being reached was a great deal larger on the desktop
<cjwatson> and the risk of pissing off established people rather smaller
<kirkland> soren: https://blueprints.launchpad.net/ubuntu/+spec/packageselection-server-n-install-flavors <--- that's what i was suggesting there, two options in the splash menu, one ultra-minimal, the other "deluxe"
<kirkland> soren: ultra-minimal geared at old school admins who want to apt-get install from a base install;  deluxe adding a lot more bells and whistles, friendlies, helpers and niceties
<soren> cjwatson: A hypothesis that has yet to be tested properly.
<soren> kirkland: Look through the ubutnu-server ml archives and you will see lots of long, long, long e-mails about similar things.
<cjwatson> the idea that I'll survive if I jump out of Millbank is also a hypothesis that has yet to be tested properly, but I'm not really keen to commit to it. :-)
<cjwatson> and BTW I think the risks associated with giving people unfamiliar with Linux an SSH server are rather greater than the risks of giving uneducated desktop users an open Avahi port; I disagree that those two are remotely similar
<kirkland> cjwatson: the similarity is that an exception was evaluated and granted
<cjwatson> except in this case it was evaluated and denied ...
<kirkland> for open network port, by default
<cjwatson> (for server, not for UEC - UEC is wildly different)
<JanC> IMO server deluxe should have SSH running by default, with ufw connect-rate-limiting port 22 by default too of course  ;)
<soren> I'm not completely decided on the ssh-by-default question.  It was just an example of "hey, let's try to actually change something" that was thwarted by "no, that's not how we did it 10 years ago, why should we do it now?" sort of arguments.
<ScottK> soren: I don't think that's what the argument against it was at all and to characterize it as such is unfair.  I could equally accurately characterize those in favor arguing that only usability matters and security is irrelevant.  I don't think either is true.
<CarlFK> where is the server version of http://archive.ubuntu.com/ubuntu/dists/maverick/main/installer-amd64/current/images/netboot/ubuntu-installer/amd64/
<soren> ScottK: Sorry, I wasn't in the session at UDS, but it sounds to me to have been suggested as part of a set of changes that were rejected wholesale with those sorts of arguments.
<soren> ScottK: If that's not the case... good! It's tiring.
<ScottK> soren: I think it was more nuanced than that.  I thought adding a question to the installer was a reasonable compromise as it would ~cure it being forgotten.
<soren> Boot splash.
<soren> "Yes, I'm in favour of shininess" mode vs "Stubborn, old curmudgeon" mode. Right there.
<ScottK> Server boot experience needs work.  Not sure we got an actual spec on it though.
<soren> I have plenty of situations where I'd choose the latter, don't get me wrong.
<soren> ScottK: Not recently.
<soren> It got old suggesting the same stuff over and over.
 * soren stops ranting for the day
<soren> On this subject, at least.
<ScottK> Where we landed in Lucid and mostly carried forward into Maverick pleases approximately no one for servers IMO.
<ivoks> a lot of work
<ScottK> A bit betwixt and between with a large sprinkling of unreliablity.
<kirkland> cjwatson: on the user account creation page, we could ask for a Launchpad ID, noting that if a) you have an LP ID, and b) you have a public SSH key on LP, and c) this machine is internet connected, then this machine would install SSH on the system, with SSH key auth only, and import your ssh key
<ivoks> install-over-ipmi is unusable cause of all those flashy things
<kirkland> cjwatson: using ssh-import-id to securely retrieve said keys
<ScottK> kirkland: Doesn't that lean into the risk of being perceived as requiring registration?  IIRC robbiew said no on anything that did that?
 * kirkland consider jumping out of cjwatson's window to test his hypothesis for him
<kirkland> ScottK: it's totally opt-in;  nothing required;  just type in a URL in that field where your pubkey can be found, or for convenience, an easy to remember LP id
<ivoks> do not connect it to LP by default
<ivoks> that's a killer feature for ubuntu server, feature that will kill it
<kirkland> ScottK: to prevent MiM attack, you'd need SSL and a good cert, mind you
 * robbiew reads up
<ScottK> kirkland: I think that sounds reasonable.  I'd also like it to take a USB stick.
<ScottK> (as in my case SSL cert validation is rather difficult to arrange during install)
<owh> I've just had a router decide for itself that when I told it that all traffic from a particular host needed to go to a particular WAN port, I was just kidding. Is there a way that I can force my server to cease sending traffic if it's going out via the wrong link?
<kirkland> ivoks: it's not required
<ivoks> kirkland: i doubt many people will use it
<ivoks> kirkland: it's like telling the LP that you are installing the server
<ivoks> that's how people will see it
<kirkland> ivoks: it's not at all like that
<ivoks> i know
<ivoks> but, that would be perception
<ScottK> Give a USB stick option and I think it's fine.
<ScottK> (with the LP/wherever your key is option too)
<ivoks> leave an lp option, but don't isolate it
<ivoks> instead of area for LP ID, put a single text area for everything
<ivoks> lp:id or usb:file.name url:http://blablabla
<ivoks> that way you'd get more usage of LP, imho
<ScottK> And reduced risk of inference that LP was required.
<ivoks> exactly
<patdk-wk> why url:http:
<ivoks> or http: ftp:
<patdk-wk> url is http://...., or usb:filename...., ...
<patdk-wk> I would see everyone screwing up if you had to type url before a url
<ivoks> i agree
<ivoks> it was just to make distinction
<krycek_> any other solution like pfSense? pfSense project looks dead (more than an year in beta)
<baggar11> krycek_: clearOS, zentyal
<krycek_> which one do you use, baggar11 ?
<baggar11> i use a hardware solution
 * RoyK just uses core memory
<RoyK> krycek_: pfsense works well, even if it's a year old
<baggar11> there is also monowall too
<krycek_> it's good to take a look in the others just to make sure
<krycek_> i have to go now... thanks for all the tips
<raubvogel> How is lvm autoloaded in 10.04?
<mconigliaro> can anyone tell me whether do-release-upgrade will upgrade you to the next version or the latest version?
<mconigliaro> i want to upgrade some machines from 9.10  to 10.04 LTS
<raubvogel> mconigliaro, AFAIk to get to 10.10 you would need first to get to 10.04, so that should cover you.
<mconigliaro> ok, cool
<mconigliaro> raubvogel: thanks
<raubvogel> Also, there is some setting to only use the LTS upgrades
<mconigliaro> well, i guess i'll find out for sure in a second ;-)
<mconigliaro> oh, thats interesting
<mconigliaro> well, i mostly want to go to 10.04 just because i haven't gotten a chance to test 10.10 yet
<mconigliaro> but that setting is something ill have to look into
<raubvogel> edit /etc/update-manager/release-upgrades and set Prompt=lts
<raubvogel> Stolen from https://help.ubuntu.com/community/LucidUpgrades
<raubvogel> Just something to think about
<mconigliaro> ah, perfect
<mconigliaro> i see that's already set on my 10.04 machines
<mconigliaro> thanks again
<raubvogel> Cool
<jeeves_moss> when running a cron job as a user, what would cause a premissions error when using wget?
<ChmEarl> raubvogel, got answer about auto-lvm? dm-mod needs to be in /etc/initramfs-tools/modules
<ChmEarl> raubvogel, rather make it dm_mod
<ChmEarl> raubvogel, then of course, update-initramfs -u -k all
<cjwatson> CarlFK: there's no separate server version - the installer has the same core
<cjwatson> CarlFK: you could grab the server preseed file off the server CD
<CarlFK> is this boot parameters?   "different Kernel options" somewhat described on https://help.ubuntu.com/10.10/serverguide/C/preparing-to-install.html#intro-server-differences
<cjwatson> we use the generic kernel during installation on server too
<cjwatson> differences are controlled by installer boot parameters, yes
<CarlFK> thanks.  someone here was suggesting that there were different compile options. didn't sit well with me.
<cjwatson> the kernel you get after installation is configured differently, certainly
<cjwatson> I don't think I would characterise it as "different compile options" as such
<cjwatson> (to me, that means compiler flags)
<CarlFK> differently configured at boot time, right
<CarlFK> um, it has been years. sense I compiled a kernel.. what does "make menu config" write the settings to?
<cjwatson> CarlFK: .config
<CarlFK> thats right.  so is that same or different for -server kernel?
#ubuntu-server 2010-11-04
<cjwatson> CarlFK: different
<CarlFK> cjwatson: ah - I was expecting the same.
<cjwatson> CarlFK: if the .configs were the same, there'd be little point in providing separate kernels ...
<cjwatson> the .config is what makes them different
<owh> I've just had a router decide for itself that when I told it that all traffic from a particular host needed to go to a particular WAN port, I was just kidding. Is there a way that I can force my server to cease sending traffic if it's going out via the wrong link?
<clayd> i just installed vsftpd and went to stop the service and it is telling me "service unknow"  i am using "sudo service vsftpd stop"  anythoughts?
<Nafallo> clayd: running from xinetd?
<clayd> running from command line
<clayd> i am also looking up xinetd right now :)
<clayd> so what i am reading is it is another version of init?
<latenite> Hi folks, Is there a way to istall ubuntu FROM a running ubuntu? I cant shut the system down to boot a love cd. What I miss on my runng system is the wellknow "install" button on the desktop!
<clayd> are you currently running from a live cd, or and installed system?
<latenite> an installed system. If it was a live CD i had the install button...can I install from my system too?
<clayd> the reason i ask that is you question isn't very clear.  what are you trying to install?  A complete reinstall of the OS, or just a portion.  Also this channel is for ubuntu-server and generally there is not a GUI instlalled.
<ChmEarl> latenite, do a parallel install into another partition using debootstrap (while in primary OS), then finish the new install via chroot
<dj-ineedateam> Hello
<latenite> ChmEarl, ahh ok..cool thanks..that sjust like debian
<latenite> ok
<ChmEarl> latenite, the debootstrap in lucid supports all Ubuntu and Debian
<ScottK> For later Ubuntu releases you'll need one from lucid-backports, IIRC.
<ChmEarl> latenite, dpkg -L debootstrap -> ./scripts/maverick squeeze lenny lucid etc
<dj-ineedateam> Would this be ok for a mc server?
<dj-ineedateam> Operating System
<dj-ineedateam> MS Windows XP Media Center Edition Professional 32-bit SP3
<dj-ineedateam> CPU
<dj-ineedateam> Intel Pentium 4
<dj-ineedateam> Northwood 0.13um Technology
<dj-ineedateam> RAM
<dj-ineedateam> 512MB Dual-Channel DDR @ 166MHz (2.5-3-3-7)
<dj-ineedateam> Motherboard
<dj-ineedateam> Dell Computer Corp. 02Y832 (Microprocessor)
<dj-ineedateam> Graphics
<dj-ineedateam> Default Monitor @ 1024x768
<dj-ineedateam> 64MB GeForce4 MX 440 with AGP8X (nVidia)
<dj-ineedateam> Hard Drives
<dj-ineedateam> 59GB IC35L060AVV207-0 (PATA) 28 Â°C
<dj-ineedateam> Optical Drives
<dj-ineedateam> HL-DT-ST CD-ROM GCR-8481B
<dj-ineedateam> NEC DVD+RW ND-1100A
<latenite> ChmEarl, kool I am right at it now...thank you for pointing me in the right direction :)
<twb> What did he mean, "mc server"?
<raubvogel> ChmEarl, I thought dm_mod was built into the kernel since 9.04
<ChmEarl> raubvogel, oh I might have needed to include dm_mod in initrd in custom kernel
<raubvogel>  ChmEarl, I think you are close to the issue though.
<raubvogel> It does sound like it is not loading the lvm crap
<raubvogel> But, once it is up and running I can mount the lvs all day
<_Neytiri_> can anyone help me fix this error
<_Neytiri_> Enter LDAP Password:
<_Neytiri_> ldap_bind: Invalid credentials (49)
<_Neytiri_> i am working off of this tutorial and this is a fresh install
<_Neytiri_> https://help.ubuntu.com/10.04/serverguide/C/openldap-server.html
<YankDownUnder> Anyone know why after doing an update, why my smb shares spit out a DBUS error and I can't view 'em?
<BuenGenio> hello
<BuenGenio> trying to setup dovecot (postfix already setup), but get this in my log
<BuenGenio> 2010-11-04 14:11:20 deliver(root@mydomain.com): Error: userdb lookup: connect(/var/run/dovecot/auth-master) failed: No such file or directory
<SirFiChi> hi folks
<SirFiChi> i have problems to install ubuntu server 10.10 on a hp proliant ml370 server. if i use the amd_64bit cd, the installation stops, because i must use the x86 install-medium, and if i use the x86_32bit cd, it stops while the formating of the raid 5...
<SirFiChi> any hints how to get ubuntu 10.10 to work...
<kinygos> hi...my ubuntu server is remote, i can only get to it by ssh...i'm trying to add /dev/null to the list of shells so i can assign it to nobody, but i'm getting permission denied...what am i doing wrong?
<kinygos> i'm getting permission denied for $ sudo echo "/dev/null" >> /etc/shells
<dubphil> Hi all
<jpds> kinygos: sudo -i; and then echo
<jpds> kinygos: Or: echo "/dev/null" | sudo tee -a /etc/shells
<twb> That's probably not a good idea; use /bin/false instead
<twb> Or simply lock the account
<kinygos> jpds: i managed to edit the file with nano...i must have done something peculiar
<twb> nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
<twb> The "x" means locked
<kinygos> twb: i read somewhere that using /dev/null would mean that an attacker couldn't be sure if a user account existed on the server, whereas they would with /bin/fals
<jpds> kinygos: The shell treats the redirection (">>") as your local user, not sudo; hence the permission denied.
<twb> Maybe you should investigate that before actioning it
<kinygos> jpds: awesome, thank you very much...i thought i was making a mistake
<kinygos> twb: you're absolutely right...i was trying to understand why my /var/log/auth.log was filling up with  pam_unix(cron:session): session opened for user root by (uid=0)
<twb> kinygos: uh, those are caused by cron.
<twb> Nothing you do to the nobody account will affect those log entries
<kinygos> twb: and came across a few different places where it was recommended that the shell for the nobody account be set to /dev/null "as a precaution"
<kinygos> twb: indeed...i hadn't yet got to figure out what that line was about yet....i know it's cron but that's as far as i got before being sidetracked
<twb> kinygos: that suggestion might date back to the days of identd and rsh -- I don't know
<twb> vixie cron's /etc/crontab takes a target user (to run each job as).  The cron.hourly/daily/monthly jobs run as root, which is why pam_unix reports cron opening a session from root to root.
<kinygos> twb: indeed...one article was from 2007
<kinygos> twb: so it's normal behaviour?
<twb> the crontab logs are, yes
<twb> I've never seen /dev/null used as a login shell on a modern system
<kinygos> ok, so going to your earlier point, i didn't need to change it's login shell because it was locked....
<kinygos> (it being the nobody account)
<twb> I suppose it might depend on the pam implementation and suchlike
<twb> Or if you e.g. told sshd not to use pam, and it was reading shadow(5) directly
<kinygos> twb: awesome, thank you very much for your time and help
<twb> Well, I *am* a genius.
<twb> Tell your friends!
<kinygos> :)
<Tombar> Hi room, I've just deploy a ubuntu image in amazon (ami- a403f7cd) and i'm unable to connect into it although security settings are ok, any idea?
<TeTeT> Tombar: can you see the console output with ec2-get-console-output <instance id>?
<yann2> henkjan, you around?
<Makere> Hi
<pmatulis> Makere: hi
<Makere> why can't I ssh my UEC instances
<Makere> connection reset by peer
<pmatulis> Makere: no address assigned maybe
<pmatulis> Makere: note that there is a cloud channel (#ubuntu-cloud)
<Makere> oh
<Makere> using addressing private
<tgwoollard> Good afternoon all. Would anynone please be able to advise on how i can configure remote connections to an Ubuntu 9.10 Server so that i can connect remotely at a login prompt and not to take over an existing session? Many thanks in advance
<Makere> what the
<Makere> it started working
<otaku_coder> hi, im having some issues with configuring snmptrapd on ubuntu maverick server. I've followed as many guides as I can find but keep getting this in the syslog: No access configuration - dropping trap and Warning: Unknown token: authCommunity.
<TeTeT> Makere: maybe the sshd was not up on the instance
<henkjan> yann2: yes
<uvirtbot> New bug: #670887 in php5 (main) "CVE-2008-5498" [Undecided,Won't fix] https://launchpad.net/bugs/670887
<uvirtbot> New bug: #670898 in mysql-dfsg-5.0 (universe) "MySQL in Hardy is vulnerable to CVE-2009-4028" [Undecided,Won't fix] https://launchpad.net/bugs/670898
<yann2> henkjan, you replied on the kernel issue bug on launchpad about a sun fire x4140, "cpu locked"
<yann2> henkjan, you replied a bios upgrade fixed this issue
<yann2> can you confirm the bios upgrade fixed it?
<yann2> see https://bugs.launchpad.net/ubuntu/+source/linux/+bug/353070
<uvirtbot> Launchpad bug 353070 in linux "BUG: soft lockup - CPU#2 stuck for 11s! [kswapd0:332]" [Undecided,Confirmed]
<elb0w> what is a good vnc server?
<_ruben> what is with vnc related questions these days in here?
<JenniferB2> hi folks.. I want a script to run on login.. but not for all logins.. only for a user. i have created a script in /etc/profile.d/Startup.sh ... but this seems as if it's run from everywhere.. i want it to run only for one user
<henkjan> yann2: i've upgraded to a newer kernel
<yann2> henkjan, because the bios upgrade didnt fix it?
<yann2> I cant upgrade, its my zimbra server, only supported on 8.4 :/
<henkjan> 2.6.32-020632-generic from http://kernel.ubuntu.com/~kernel-ppa/mainline/
<henkjan> yann2: only installing a newer kernel won't break your zimbra install
<yann2> ah so you didnt upgrade completely, still using 8.4
<yann2> so you've been using that kernel for a while and it works fine on that server?
<yann2> wait you put a 2.6.32 on hardy? mmmh
<yann2> are you confident that's safe?
<yann2> I see you're in the ubuntu server group, but still it seems like a risky thing to do on a mail server :x
<henkjan> yann2: no risk at al
<henkjan> install the .deb from http://kernel.ubuntu.com/~kernel-ppa/mainline/
<yann2> I ll see with zimbra team if they wouldnt drop my support
<yann2> thanks
<henkjan> and you can stil boot your old 2.6.24 kernel
<yann2> true, just afraid to lose my support if I dont run a vanilla
<yann2> then I dont have to tell them and can go back if I have additional issues
<henkjan> if you are experiencing zimbra problems you can always reboot to an older kernel and try to reproduce the problems.
<ericb> need help, apache2 on ubuntu10.4 downloads my php5 file instead of rendering, any idea why this happens?
<_ruben> ericb: sudo a2enmod php5 ; sudo restart apache2
<dubphil> anyone knows where the squid init script is ? (it is no longuer in /etc/init.d/)
<ericb> _ruben: already done that, when i try enabling the php5 module again, it says that its already enabled
<_ruben> dubphil: probably in /etc/init then
<_ruben> ericb: not sure how smart restart it, perhaps a stop + start does the trick
<_ruben> (been ages since i hit a similar snag)
<dubphil> _ruben: ah yes never notice that it was an init folder in /etc/
<dubphil> how we deal with this files in /etc/init ?
<ericb> _ruben: i think the problem is with the userdir module, when i try running a phpfile on my /var/www/ i dont get the same problem that i get when running a file on my public_html
<_ruben> dubphil: those are handled by upstart .. use: sudo stop/start/restart servicename
<_ruben> ericb: dunno about that one, can't remember when i last used userdirs :)
<ericb> :))
<ericb> anyway thanks, will hit google maybe i'll find a blog or forum post regarding this one
<dubphil> ericb take a look in /etc/apache2/mods-available/php5.conf
<dubphil> _ruben: thanks I understand now
<ericb> dubphil: yeah, i remembered what i did last time, need to comment out the <IfModule mod_userdir.c> block
<ericb> thanks
<uvirtbot> New bug: #670981 in php5 (main) "package libapache2-mod-php5 5.3.2-1ubuntu4.5 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/670981
<yann2> rah the samba/kerberos documentation used to be very good now it's an absolute mess, what a shame :'(
<uvirtbot> New bug: #666954 in mysql-dfsg-5.0 (universe) "package mysql-server-5.0 5.1.30really5.0.75-0ubuntu10.5 failed to install/upgrade: el subprocÃ©s post-installation script retornÃ  el codi d'eixida d'error 1" [Undecided,New] https://launchpad.net/bugs/666954
<uvirtbot> New bug: #668164 in vsftpd (main) "package vsftpd 2.2.2-3ubuntu7.1 failed to install/upgrade: å­è¿ç¨ å·²å®è£ç post-installation èæ¬ è¿åäºéè¯¯å· 3" [Undecided,Incomplete] https://launchpad.net/bugs/668164
<ewook> ivoks: hey. Noticed I've followed the "Extend mail stack in Ubuntu-server". When did you decide to implement ldap-based user config?
<SpamapS> yann2: do you mean the server guide?
<yann2> its a mix of both...
<yann2> the community page sends you to page on the samba wiki, to pages on the kerberos wiki, then its divided into 3 pages...
<yann2> there are inconsistencies, a lot of "i also needed that", things that dont make sense (how can you set the dns and reverse for a server that you actually want to use DHCP)
<ivoks> ewook: you mean, when is it planned?
<ScottK> When ivoks has free time.  Don't hold your breath.
<yann2> ultimately got it sorted though, wasnt as difficult as I remembered :)
<ivoks> ewook: anyway... once i have enough time to do it and we have ubuntu ldap tree
<ivoks> ScottK: :) thanks
<\sh> ivoks: ubuntu ldap tree?
<ewook> ivoks: nono, when the decision was made :)
<ewook> oh, there's a ubu-tree comming?
<ivoks> decision? oh, when i saw ldap for the first time
<ivoks> long before ubuntu :D
<ivoks> \sh: DIT
<ewook> lol
<ewook> ivoks: I've must have missed that part before.
<\sh> ivoks: AH :)
<hggdh> smoser: should cloud-init bugs be routed to the server team?
<kinygos> hi...i'm trying to install gcc on my ubuntu server 10.04...but i'm getting the error Unable to fetch some archives, maybe run apt-get update or try with --fix-missing
<kinygos> any idea what i may have done wrong?
<kinygos> or perhaps, what i should do...it's an LTS, so worried about updating anything really :(
<elb0w> damn you messed something up
<elb0w> that sucks
<kinygos> elb0w: is that directed at me???? :(
<ScottK> kinygos: Check and make sure you're on the network.  That's the most common cause for that kind of problem.
<kinygos> ScottK: i am...it's a remote server, doing this over SSH
<elb0w> kinygos, I think he means does that remote server have internet acess
<elb0w> access*
<elb0w> it can be dns issues as well
<elb0w> try to ping google.com
<ScottK> DNS would be the next thing to check.  Yes.
<kinygos> the previous command was a wget to pull a tar down from pypi
<smoser> hggdh, well, yes. but i get them one way or another.
<smoser> where do they go now ?
<hggdh> apart from you getting a copy, to the limbo
<hggdh> (a few users, but no team)
<kinygos> the output is http://www.fpaste.org/9oAu/ but i can ping gb.archive.ubuntu.com from my server
<jpds> kinygos: Hi.
<kinygos> jpds: hi :)
<jpds> kinygos: Please run: sudo apt-get update
<kinygos> should i do that on an LTS server?
<jpds> Yes, it just updates the package listings.
<jpds> Yours seem to be out-of-date, hence the 404 errors.
<kinygos> ok, to be sure i understand what i'm doing before i do it...sudo apt-get update just updates the package index so that when i try and install a new package, apt-get can find the 10.04LTS version...it won't upgrade any packages...is this correct?
<jpds> apt-get update - will not upgrade your packages installed.
<hggdh> smoser: done, the server team is subscribed
<ScottK> kinygos: That's correct, but you ought to install any updated packages that are available as all that is put into the repository are security changes and important bug fixes.
<ScottK> Upgrading to a newer release is done an entirely different way
<kinygos> that seems to have worked a treat...is that normal workflow?  if install fails due to 404s, update index and try again?  i installed fail2ban yesterday using apt-get
<kinygos> i didn't get any errors yesterday
<Pici> Agreed, thats the main 'feature' of an LTS release, package upgrades (mostly security related)for 5 years.
<Pici> kinygos: Perhaps there were no upgrades for fail2ban that would have required a new package index to be grabbed.
<ScottK> kinygos: A standard server install will, IIRC, update it's package index once per day.
<ScottK> You do want to install the available updates.
<kinygos> ScottK: how do i get security changes and important bug-fixes for stuff i've installed already?  (that's not described in the apt-get.html doc i'm reading on ubuntu.com)
<Pici> I find it handy to install  apt-listchanges so that you know exactly what fixes are going to be applied.
<ScottK> kinygos: sudo apt-get upgrade or sudo apt-get dist-upgrade if new packages are needed (don't let the name scare you)
<Pici> !dist-upgrade
<ubottu> A dist-upgrade will install new dependencies for packages already installed and may remove packages if they are no longer needed. Please see !upgrade for the proper way to upgrade to a new version of Ubuntu.
<kinygos> ScottK, Pici: awesome, thank you both very much for your time...i'll investigate further :)
<Pici> kinygos: you're welcome :)
 * jpds hugs gb.a.u.c.
<savid> Hi, I'm trying to run "sudo apache2 -S" to test my vhost conf,  and I'm getting this error:  apache2: bad user name ${APACHE_RUN_USER}
<savid> Is there a different command I should be using?
<jpds> savid: sudo apache2ctl configtest ?
<savid> Ah, thanks
<zul> JamesPage: sorry i finally got around to ibmasm-utils
<JamesPage> zul: thanks - no rush as it was for natty....
<uvirtbot> New bug: #671000 in cloud-init (main) "Maverick: cloud-init fails during boot of instance" [Undecided,New] https://launchpad.net/bugs/671000
<SpamapS> ugh.. mod_pagespeed is.. a giant ball of unreleased dependencies
<panfist> when rebooting, some of my nfs shares are failing to mount and it does not proceed to boot the system from there
<panfist> i used to be able to press 's' to skip mounting and continue to boot but that's not working
<heypig> Question: I have a machine that, when i ssh in or use webmin, my samba shares crash and my network looses its networked drives. Any idea what could be causing this?
<pmatulis> jpds: wow, hugging a mirror
<panfist> i'm trying to use the showmount command, but no matter what i try, it keeps returning "clnt_create: RPC: Program not registered" not a lot of info via google on the problem
<uvirtbot> New bug: #671065 in dovecot (main) "deliver broken because dovecot.conf uses !include_try" [Undecided,New] https://launchpad.net/bugs/671065
<hallyn> heypig: i would suspect one of your pam modules...
<hallyn> if samba really crashes, ubuntu-bug should send up helpful logs for helping figure out what happened
<heypig>   mmmk
<heypig> hallyn can i open a chat with you?
<hallyn> heypig: you can pm me if (/msg hallyn) if there is sensitive info, but otherwise it behooves you to keep it here bc chances are someone else here will know what your problem is much faster than I
<heypig> hallyn ok, well should I try to re-install the pam modules? ubuntu-bug isnt installed on the machine in question (server distro)
<heypig> sudo apt-get purge libpam-modules  ?
<hallyn> not sure that would help.  does anyone here know about samba-related pam modules?
<hallyn> heypig: what is the distro installed?
<heypig> 10.04.1
<hallyn> server edition you say?
<heypig> yeah
<heypig> it was not a fresh 10.04.1 install though
<hallyn> one that that might help woudl be to find the pid of the parent sshd process, and do 'strace -f -o/tmp/ssh.log -p <thatpid>' while you try to log in
<heypig> it was upgraded from 7.10 )lol)
<heypig> ok ill try that hallyn
<heypig> gimme a few and ill post the log
<yann2> d????????? ? ?    ?       ?                ? .gvfs
<yann2> am having this issue more and more often with always the same folder
<yann2> does it ring a bell to anyone?
<hallyn> yann2: haven't seen that
<yann2> second time I got that, 10.4 server.... I thought it was due to likewise open first, but this is on a vm that havent that
<yann2> hasn't
<yann2> http://www.google.com/search?client=ubuntu&channel=fs&q=%22d%3F%3F%3F%3F%3F%3F%3F%3F%3F+%3F+%3F++++%3F+++++++%3F++++++++++++++++%3F+.gvfs%22&ie=utf-8&oe=utf-8  am not the only one it seems :)
<dbowlby> Hello all.  I'm running ubuntu server 10.10 with the virtualization package installed.  I have a host that has allocated -m 1024 but is taking 1770972K
<dbowlby> how can that be?
<cole> yann2: look at bug id 534284 on bugzilla.gnome.org
<yann2> https://bugzilla.redhat.com/show_bug.cgi?id=493565  mmmmh
<uvirtbot> bugzilla.redhat.com bug 493565 in util-linux-ng "fuse mounts may hang on xattr retrieval causing numerous problems" [High,Closed: errata]
<cole> i think same issue
<yann2> love the last comment "The underlying mount command that is hanging does not hang for users that belong to the 'video' system group."
<yann2> would sound a bit silly on a server but well :P
<heypig> hallyn, unfortunatly im not gong to be able to crash it again (its actually a big fileserver for an engineering company) right now, but i will run the log  tonight after work and hopefully i can catch you again tomarrow
<dbowlby> I just read about a "balloon" feature with KVM
<dbowlby> could this be causing my memory allocation woes?
<hallyn> heypig: ok.  and maybe someone more knowledgeable will have a moment then too
<uvirtbot> New bug: #671103 in cloud-init (main) "backport grub-legacy-ec2 from maverick to lucid" [Medium,Fix released] https://launchpad.net/bugs/671103
<hdon> i am sshing from Ubuntu gnome-terminal into a Solaris system at work. keys like control+arrowkey don't work. how do i start to troubleshoot this problem? it's been causing me a lot of grief
<RoyK> hdon: ctrl+arrowkeys?
<hdon> RoyK, yeah, like ^[[1;5D for Control+Left
<RoyK> AFAIK that stuff doesn't work too well on solaris termcap
<RoyK> no idea why, though
<RoyK> ctrl+a/e works, though
<RoyK> and in bash, 'set -o vi' might be a friend
<hdon> hmm
<hdon> hmm, my bash doesn't acknowledge -o i in "help set"
<RoyK> heh - seems to be missing
<RoyK> try it - it'll turn your shell into vi
<hdon> RoyK, thanks for the help anyway. i do use ^a but i'm in screen all the time, so it's ^a,a
<RoyK> <esc>kkkwcw..
 * hdon lols
<hdon> oh man
<hdon> that's crazy
 * RoyK has been using vi for 15 years and isn't going to stop
 * hdon uses vim
<RoyK> then use -o vi :)
<hdon> yeah this is great actually
<hdon> i can b and w
<RoyK> obviously, I'm also using vim - old vi sucks pretty hard
<hdon> and e
<hdon> heh
<hdon> RoyK, thanks very much for the tip :)
<RoyK> bash is pretty neat at times :)
<RoyK> bourne again, obviously.....
<hdon> pressing v takes me to a vi(m?) with my line to edit
<hdon> looks like vi
<hdon> and shift+i and shift+a
<hdon> this is great
<RoyK> seems it doesn't support stuff like 'gf'
<RoyK> but still - a better shell :)
 * RoyK suspects effj might be swedish
<effj> yup, that's correct
<ComPorTeD> How exactly does one use sredird to redirect your comport?
<RoyK> sredird??
<RoyK> hm
<RoyK> never used that one
<RoyK> looks interesting, though
<RoyK> ComPorTeD: for what do you use those comports?
<ComPorTeD> Well i have a device that I want to get GPS off of
<ComPorTeD> That machine is running ubuntu
<ComPorTeD> 10.04
<RoyK> wouldn't that be easier to do locally and just export the result with http or something?
<ComPorTeD> it connects via serial
<ComPorTeD> and I want to be able to essentially open a putty session with the device from my remote windows machine as if it was connected to my local com port there
<ComPorTeD> RoyK: well there are more options than just GPS, and i would like to be able to use those options
<RoyK> dunno, really, never used sredird - well - never heard of it before now
<ComPorTeD> RoyK: think of it like you were connecting a cisco router that connects via serial... you would want to be able to do all the commands
<ComPorTeD> RoyK: what about with socat?
<RoyK> I haven't done serial over IP - ever
<ComPorTeD> oh :(
<RoyK> but it seems like a good thing
<RoyK> we have tons of instruments at work only connecting over serial, so ...
<ComPorTeD> nice
<ComPorTeD> yeah it would be very nice
<ComPorTeD> socat seemed like a good way to go... you can create bidirectional byte streams of data
<ComPorTeD> think netcat but much more powerful
<RoyK> k
<RoyK> we're building some new loggers these days
<RoyK> allowing them to present the serial port directly over IP would be neat
<darkk^> I used socat to send NMEA over UDP stream (due to unstable GPRS link) - worked like charm.
<ComPorTeD> darkk^: any idea how you might just make the actual serial port available
<darkk^> ComPorTeD, do you need flow control and/or ring/carrier-detect, etc?
<ComPorTeD> darkk^: or if you could help me figure out this: http://www.linuxquestions.org/questions/linux-networking-3/create-socat-connection-parse-output-842006/ that would be awesome
<ComPorTeD> darkk^: shhouldn't need flow control
<ComPorTeD> not sure what ring/carrier-detect is
<_Techie_> whats the easiest way to set a static mount point for a new drive so that it mounts during boot?
<_Techie_> other than using mount in a cron job
<_ruben> _Techie_: edit /etc/fstab
<darkk^> ComPorTeD, READLINE in terms of socat is not `read` from bash that reads single line. I'm sorry, can't give you more detailed answer, it's already 2am here :)
<ComPorTeD> darkk^: alrihgt: :)... you think if you get a chance maybe you could post on that forum. i have met a lot of people interested in how to do similar things, but you are the first person i have met in a LONG time
<ComPorTeD> that even knows what socat is
<osmosis> im having an issue with running a win2k3 guest on ubuntu lucid w/ kvm.  Im doing a fresh install, but after first boot I get 99% cpu use and a blank screen.
<osmosis> this was a dependable behavior in karmic. Now ive upgraded to lucid, and it broken. I filed a bug, but it got marked as priority low. https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/668042
<uvirtbot> Launchpad bug 668042 in libvirt "target device info is not in dumpxml" [Low,New]
<kinygos> hi...i'm using fail2ban to ban ip addresses...i don't want to unban them, i want them to stay banned....is the correct way to do this to comment out the actionunban in the appopriate .conf file?
<osmosis> just filed a bug for the virtualization bug I have been banging my head against for the last week. https://bugs.launchpad.net/ubuntu/+source/qemu-kvm/+bug/671163
<uvirtbot> Launchpad bug 671163 in qemu-kvm "win2k3 guest has blank screen and high cpu on first boot" [Undecided,New]
<sledgez> anyone know if there is an ubuntu HCL for 10.04
<sledgez> i run a few ubuntu servers....and i would like to get a sata raid card for one...but i want to be sure its supported
<sledgez> anyone have good luck with specific brands....etc
<ComPorTeD> RoyK: so i was able to access my serial port over my network
<RoyK> nice
<RoyK> over TCP or UDP?
<ComPorTeD> telnet
<RoyK> ok
<ComPorTeD> using ser2net
 * RoyK googles
<ComPorTeD> RoyK: what did you find about ser2net
<_ruben> sledgez: we're pretty happy with our adaptec raid controller (from low to high-end ones)
<sledgez> cool....ive had good luck with adaptec in the past....
<sledgez> _ruben, can they be made bootable
<_ruben> kinygos: even if you disable the unban action, blocks wont survive a reboot (or iptables flush). perhaps fail2ban does have some persistency option somewhere though
<_ruben> sledgez: yes
<hallyn> jdstrand: so on the failed libvirt 0.8.5 compile, i'm getting:
<hallyn> /usr/include/linux/fs.h:37:2: error: expected specifier-qualifier-list before 'uint64_t'
<hallyn> (weird since even on natty i don't see uint64_t there)
<hallyn> feh, now it is - recent update
<Acs> hello
<Acs> can anyone please tell me how I can make a file get the group of the directory?
<EvilPhoenix> yeah, chown
<EvilPhoenix> i think
<EvilPhoenix> if i understand your question, that is
<Acs> yes but how can I make the process automatically ? Like if user X creates a file instead of the file getting the users group it would get the group of the folder
<Acs> as soon as it was created
<EvilPhoenix> oh...
<EvilPhoenix> not sure
<erichammond> Acs: If you want files in the directory to automatically get the directory group:  chmod g+s DIRECTORY
<Acs> thanks
<khussein> Hi guys. Can someone please tell me where can I see the list of blueprints or features that are planned for the next release?
<khussein> Like approved ones.
<EvilPhoenix> you might ask this in #ubuntu+1
<EvilPhoenix> they would know
<Acs> is it possible to restore files/folders to their original permissions. I accidentally set every file in a dir to 777
<Acs> I want to remove the x but only on the dirs
<Acs> ops
<Acs> only on the files
<Acs> so that I can still access the directories
<yann2> find /path/to/folder -type f -exec chmod a-x {} \;
<Acs> wow thanks
<yann2> you might want to chmod the files 644 though, not 666
<Acs> yeah rw r r
<Acs> ok
<Acs> thanks
<yann2> find . -type f -exec chmod 644 {} \;
<yann2> but replace the dot with the path :)
<Acs> type f ?
<yann2> file
<Acs> isn't f for folder?
<Acs> oohh right
<Acs> ok ok
<yann2> find . -type d -exec chmod 755 {} \;
<yann2> thats for directories
<Acs> right right sorry
<Acs> thanks again
<yann2> but beware to replace the . by the path to the folder
<yann2> or go in the right folder :)
<Acs> sure
<Acs> :)
<SpamapS> jcastro: starting to see why you'd like to replace the launchpad questions system with stackexchange..launchpad has a long way to go to catch up to them.
<jcastro> SpamapS: :D
<SpamapS> My favorite part is when I convert a bug to a question and it says "This bug could not be converted to a question.<br>This bug was converted to a question."
<erichammond> smoser: Regarding https://bugs.launchpad.net/ubuntu-on-ec2/+bug/670161/comments/4
<uvirtbot> Launchpad bug 670161 in ubuntu-on-ec2 "10GB root partition for EBS boot AMIs on EC2" [Medium,New]
<erichammond> smoser: Releasing a new AMI seems different to me than releasing an update for Ubuntu.  An SRU affects installed systems that are upgrading in place.  An AMI only affects the people who decide to start new instances of that AMI.
<erichammond> smoser: It's sort of like deciding to bundle Ubuntu 10.04 Lucid with a different piece of hardware that has different disk/memory configurations. The Technical board would not need to approve an SRU for that.
<erichammond> smoser: Or am I completely missing something here?
<erichammond> smoser: Ok, catching up with the rest of the ticket and linked mailing list thread... Looks like you are working towards that end and Mark Shuttleworth supports it.
<kinygos> hi..i've been afk...just seen _ruben's comment which sparked some googling....does anyone know if fail2ban on ubuntu supports negative bantime setting to give "permanent" ban (iptable flush notwithstanding) ?
#ubuntu-server 2010-11-05
<kinygos> apologies...i must go offline...i may need to ask my question again in the morning
<osmosis> soren, kirkland: your comments appreciated, https://bugs.launchpad.net/ubuntu/+source/qemu-kvm/+bug/671163  and  https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/668042
<uvirtbot> Launchpad bug 671163 in qemu-kvm "win2k3 guest has blank screen and high cpu on first boot" [Undecided,New]
<smoser> erichammond, yeah, you made a good argument.  it *is* a change, though, there is no ignoring that.
<smoser> if it was done in a package, it would have to go through SRU.
<erichammond> smoser: And I'm often on the other side arguing against change :)
<smoser> if the installer wanted to change the default filesystem, there would need to be a decision officially ack'd
<smoser> i think that is basically the same thing as here.  there is good reason, but it needs to be considered.
<erichammond> smoser: I'm happy with the file system matching what you  would get with the standard Ubuntu server.  I like consistency.
<smoser> right. i'm just saying, this change is basically a change to the defaults in an installer.
<erichammond> smoser: Disk size is more like hardware to me than software.  Pick an AMI chooses the software parameters and a couple hardware ones.
<erichammond> (architecture 32-bit vs. 64-bit, and root disk size)
<erichammond> smoser: I guess AMIs can also affect what other disk devices are available, too: ephemeral storage, other EBS volumes created from snapshots.
<smoser> i really dont like setting precedent that we react to somewhat arbitrary external events (like one that would allow customers to save $6.00 per year)
<smoser> but other than that, I think its the right decision
<smoser> and it will be acked by TB
<vraa> hi everyone, how can one figure out which apache module is in use out of (mpm_preform_module, mpm_worker_module, mpm_event_module) in a ubuntu-server 10.10 installation
<vraa> i'm sorry 10.04
<twb> vraa: ask dpkg?
<twb> Usually it will be worker unless PHP has forced the use of prefork
<vraa> i'm just doing some optimizations of my new vps, and i noticed in /etc/apache2/apache2.conf it has the "if modules" for all 3 listed
<vraa> how, um, what does it mean to ask dpkg
<twb> Sounds like you're not sufficiently familiar with the Debian apache setup to safely "optimize" it
<vraa> haha im not, i am going from googling
<twb> vraa: google is full of people who don't know anything, too.
<vraa> yeah that sucks a lot :(
<vraa> i installed mod_pagespeed today
<twb> vraa: re dpkg, something like "dpkg -l apache2-mpm-*" should indicate which of the (mutually exclusive) mpm implementations is installed.
<vraa> gotcha, i was doing dpkg -S, wrong one
<vraa> sweet i think i have prefork installed
<vraa> i do have php installed, :( is that bad
<twb> Well, I don't like it.
<vraa> any reasons you dont like it
<twb> Because it's a language made for newbies by newbies.
<pmatulis> ouch
<vraa> ouch
<vraa> what is a good language to write a webapp in?
<twb> My opinion of web "apps" is about the same
<twb> But I suppose if I was forced to, I'd be looking at Python in preference to perl, php or java
<vraa> python > perl > java|php ?
<vraa> so you can have a python and mysql and apache2 app/
<vraa> or i guess, since mysql no longer has innodb, might be wise to move to postgresql
<twb> I've never met a DBA would liked mysql
<hallyn> kirkland: re Andre Dawson - awesome
<arrrghhh> just wanted to ask here too.  thinking about setting up passwordless ssh logins, but how do i add new systems when passwordless logins are enabled?
<JanC> new systems?
<JanC> you mean new installs?
<arrrghhh> well
<arrrghhh> i access my server from my laptop at home
<arrrghhh> in win7 and ubuntu
<arrrghhh> i access it at work
<arrrghhh> i sometimes like to access the server from my phone...
<JanC> you'll have to add ssh keys for all those devices
<arrrghhh> so just add 'em all at once then eh
<arrrghhh> let's say i go to a friends house... i'm sol?  lol
<vraa> twb, thanks for your help, i've really been able to get my stuff faster now
<JanC> arrrghhh: not if you have your laptop or phone with you  âº
<arrrghhh> lol
<arrrghhh> crap...
<arrrghhh> makes me not want to get rid of password-based logons...
<JanC> well, the alternative is less security, it's your choice
<arrrghhh> yea
<arrrghhh> denyhosts, i'm assuming that would work in either situation?
<arrrghhh> password or passwordless logins?
<JanC> you could also carry an ssh key on an USB stick and use that
<arrrghhh> oic
<arrrghhh> the server's key yea?
<twb> That assumes you trust the machine you're putting the USB stick into
<arrrghhh> lol
<arrrghhh> i shouldn't be connecting to my server on a machine i don't trust ;)
<twb> arrrghhh: not the server's host key.  Your user's private ssh key.
<twb> arrrghhh: correct.
<JanC> a private key with a strong password preferably
<JanC> and when you lose the usb key, you want to remove the public counterpart from the server  âº
<arrrghhh> ah
<arrrghhh> i will read more on it.
<arrrghhh> concept always confused me, and i keep revisiting it.
<JanC> but as twb says, usign an untrusted computer is always bad for security
<arrrghhh> indeed.
<arrrghhh> keyloggers, etc.
<arrrghhh> cool guys, thanks for the help
<icek> hi, my resolution is 1280 - 800 how do i make it higher?
<icek> thats the max it shows
 * twb grumbles about plymouth
<twb> On my debian netbook, I can add video=LVDS-1:d to the boot options, and the onboard head is disabled (meaning you get native resolution on the external monitor).  $coworker can't get it to work in karmic, and I suspect it's because plymouth is modprobing i915.ko by hand before /etc/initramfs-tools/modules takes effect.
<twb> (Native resolution on the framebuffer, that is -- no X.)
<demonspork> are there any open source packages meant for managing a webserver hosting multiple websites? as in setting up the site with a webform and a paypal button?
<twb> apache has been able to host multiple, nominally distinct, websites from the same server for nearly as long as there has BEEN a "world wide web".
<twb> Oh, you mean a web UI for end users (who don't have root on your webserver) to purchase space for their website?
<twb> So I asked <vendor> for quotes of 1TB and 2TB HDDs, and they've given me numbers for a 7200 1TB and a 5900 2TB.
<twb> Am I old fashioned for thinking "WTF is the point of sub-7200rpm in a server"?
<e_t_> twb: Do you expect high I/O, or do you just want massive storage?
<twb> Both :P
<twb> I mean, surely you can *get* 7200 2TBs
<twb> FWIW, the workload I'm CURRENTLY speccing for is basically a SOHO server doing nfs/samba/squid/cups/postfix/dovecot, for about two dozen end users.
<twb> It'll also have a shitty PHP/MySQL timesheeting system, but I still don't expect it to need seriously high I/O.
<twb> Oh, and add slapd/krb/ssh/openswan to that list.
<twb> I'm deploying a 10.04 LTS "do everything" server for an office full of VERY heterogeneous sysadmins.  Management (linux, not windows, desktops) are pushing for some kind of calendaring "thing", which to them means Zimbra.
<twb> I *really* don't want to deploy Zimbra, because it insists on its own custom versions of everything from slapd to postfix
<SpamapS> twb: Kolab has been gaining traction.. not sure if the maverick stuff has been backported to lucid.
<twb> In my ideal world, there is <some thing> that is implemented on top of stock postfix and slapd, using a commodity interchange format, say emails with iCalendar MIME attachments.
<twb> It'd need to work with at least thunderbird and mutt, or (worse) some kind of web UI.
<SpamapS> I wanted that 10 years ago.
<SpamapS> I think they call it "google calendar" now. ;)
<SpamapS> twb: I'm with you on Zimbra though. Rather than provide a good route to integration, they just provide a product. :-/
<twb> There *was* a couple of guys looking into fixing ZCS to use stock ubuntu packages, but last I heard they gave up
<SpamapS> twb: Kolab I believe was a bit simpler...
<SpamapS> why must every new server package land with 45 unpackaged dependencies?!
 * SpamapS eyes mod_pagespeed
<twb> At least kolabd is in sid
<twb> I've asked a flunky to try installing it onto a scratch box and see how far he gets
<eagles0513875> hey guys what the easiest configuration for dovecot + postfix when it comes to adding users etc
<uvirtbot> New bug: #671289 in openssh (main) "package openssh-server 1:5.5p1-4ubuntu4 failed to install/upgrade: underproces installed post-installation script returnerede afslutningsstatus 1" [Undecided,New] https://launchpad.net/bugs/671289
<LyonJT> Hey
<LyonJT> Does anyone how to specify which domain names can access my ubuntu-server via port number?
<LyonJT> i.e. ftp.domain.com can only access the server on port 20
<_ruben> one usualy uses ip addresses to restrict access, not hostnames, as hostnames are way easier to "spoof"
<eagles0513875> hey guys how do i run the smart hdd tests via cli
<_ruben> !smartmontools
<_ruben> !info smartmontools
<ubottu> smartmontools (source: smartmontools): control and monitor storage systems using S.M.A.R.T.. In component main, is optional. Version 5.39.1+svn3077-1ubuntu1 (maverick), package size 422 kB, installed size 1016 kB
<LyonJT> _ruben: fair point actually i might have to purchase some more ip addresses then
<LyonJT> does anyone know how tools that you can use to check the security of a server?
<LyonJT> i.e. from a network point of view - what ports are open etc
<_ruben> !info nmap
<ubottu> nmap (source: nmap): The Network Mapper. In component main, is extra. Version 5.21-1~build1 (maverick), package size 1737 kB, installed size 7052 kB
<_ruben> !info nessus
<ubottu> Package nessus does not exist in maverick
<LyonJT> aa nmap!
<LyonJT> good call!
<LyonJT> thanks buddy!
<_ruben> aww, no nessus package .. nessus is a security scanner, tho i seem to recall it no longer being free or something
<LyonJT> i see
<LyonJT> thank you :)
<uvirtbot> New bug: #671304 in bind9 (main) "package bind9 1:9.7.0.dfsg.P1-1 [modified: usr/share/bind9/bind9-default.md5sum] failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/671304
<HackeMate> hello
<HackeMate> is it a bad idea try to install gnome in an ubuntu server?
<HackeMate> or, simply apt-get install gnome-core could be fair enough?
<soren> Depends on why you're doing it.
<HackeMate> i only need a dhcp and samba server
<HackeMate> i just wanted to know if gnome could networkmanager could break my dhcp
<soren> If you only need dhcp and samba, why install a desktop?
<HackeMate> personal reasons
<soren> I can't advice on your personal reasons, sorry.
<twb> HackeMate: in #ubuntu-server we advocate learning to administer servers from the CLI.
<twb> HackeMate: we don't recommend installing a GUI on a server.
<ScottK> If you want to convert your server to a desktop, just installing Gnome on your server is fine, but further support would be in #ubuntu.
<HackeMate> it just requires graphic enviroment because im not the only preson who will touch it
<HackeMate> they need an user, and, i can't force them to learn linux
<HackeMate> indeed i just can make his life easier with X
<HackeMate> twb: thanks
<HackeMate> I guess it will be better if I create some kind of frontend for his routines
<twb> It is better not to mix server and desktop roles
<twb> One of my customers had about eight FreeBSD workstations, with daemons spread across them all.  It was insane to maintain.
<twb> Give them a headless box that is "the server", and a bunch of workstations.
<yann2> you could put all the services in a kvm vm :)
<yann2> would be an interesting approach
<HackeMate> aha, right
<HackeMate> thanks, for real
<HackeMate> I was very lost at this point
<LariH> I added some comments (link to the patch that fixes this one) on this Ubuntu bug report: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/579276 . It's quite critical and it hasn't been assigned to any one. Ubuntu 10.04 is unstable running on Linux kvm virtualization (virtnet). We haven't been able to upgrade our Ubuntu VMs to 10.04.1 LTS because of this bug. Could someone take a look at this one?
<uvirtbot> Launchpad bug 579276 in linux "Lost network in KVM VM / virtio_net page allocation failure" [Medium,Triaged]
<laen> Ug.
<laen> Hey does anyone use dcron?
<mexx> hi
<mexx> i'm trying to install x11 on a 10.04 server and it hangs while Unpacking libxfixes3
<mich> hi there, trying to upgrade u-server from 10.04 tu 10.10  like described in http://www.ubuntu.com/desktop/get-ubuntu/upgrade but fail
<mich>  root@joah:~# do-release-upgrade Checking for a new ubuntu release
<mich> No new release found
<mich> annyone an idea
<mich> didnt found anything on the net
<mich> or shouold i manualy change apt sources file
<Mutru> mich: You should follow the "upgrade notes" link and then 10.04 upgrade notes link. :)
<Nafallo> mich: /etc/update-manager/release-upgrades might be interesting to look at.
<hggdh> zul: time for a few Qs on SRU?
<hggdh> well, actually Q & A, just the Qs will not carry me long...
<mich> ok i did set Prompt=normal former
<twb> mich: d-r-u defaults to LTS->LTS when you're already ON an LTS release.
<twb> mich: there should be an option to d-r-u that says "non LTS releases matter" or so
<smoser> soren, ping
<mich> ok is do it the debian way
<mich> didnt find anything else
<smoser> is there anything at openstack summit on booting from disk (rather than kernel), ie what i did with the grub loader and a floppy in uec
<smoser> https://blueprints.launchpad.net/sprints/ods-b i don't see anything htere
<mich> man d-r-u didnt take me top such a option
<twb> d-r-u = do-release-upgrade
<mich> jea i did that
<mich> but man do-release-upgrade didnt popiunt me to a a "non LTS releases matter" or so
<mexx> why would the installation of the libxfixes3 package hang, sha1 and md5 sums are ok
<twb> mich: dunno, then
<mich> dunno ?
<twb> mich: I do not know.  I can not help you further.
<mich> ok thanks
<twb> mexx: please pastebin the output of "ps auxf"
<mexx> http://paste.ubuntu.com/526325/
<Wise_> does ruby or rails run as like deamons or anything when I have an apache with passenger running?
<Wise_> like is there any way I can check if passenger or rails or ruby is actually up and running as they should (if they should)?
<Wise_> like with ps -whatever
<twb> I think it runs as like a guy falling out of an exploding plane, without a chute
<ScottK> twb: For d-r-u there's a config file to change if one wants non-LTS releases.
<Wise_> twb; why wouldnt he have a parachute?
<soren> smoser: 'sup?
<smoser> i asked in above and in #openstack
<smoser> regarding loader and openstack
<twb> smoser: thanks; I couldn't be bothered looking it up :-)
<twb> Er, that was for ScottK.
<ScottK> You're welcome.
<twb> Wise_: because I'm a design bigot.  In that I think systems should, you know, have one.
<noname_> Hi guys .Can someone guid me to the best place to get all information that its make me gd administrator of linux server
<twb> !RUTE
<ubottu> documentation is to be found at http://help.ubuntu.com and http://wiki.ubuntu.com - General linux documentation: http://www.tldp.org - http://rute.2038bug.com
<uvirtbot> New bug: #671427 in cloud-init (main) "grub-legacy-ec2 should not use UUID" [Undecided,New] https://launchpad.net/bugs/671427
<twb> !smart questions
<twb> !smart-questions
<twb> noname_: read those URLs, and http://linuxmafia.com/faq/Essays/smart-questions.html
<noname_> twb: ok thx i'll :)
<twb> And https://help.ubuntu.com/10.04/serverguide/C/index.html
<uvirtbot> New bug: #671431 in drbd8 (main) "package drbd8-source 2:8.3.7-1ubuntu2.1 failed to install/upgrade: drbd8 kernel module failed to build" [Undecided,New] https://launchpad.net/bugs/671431
<JFo> Daviey, are you around?
<JFo> if/when you do get 'round, would you mind having a look at bug 579276 and giving me your impression?
<uvirtbot> Launchpad bug 579276 in linux "Lost network in KVM VM / virtio_net page allocation failure" [Medium,Triaged] https://launchpad.net/bugs/579276
<mathiaz> Daviey: o/
<mathiaz> Daviey: you asked about openldap yesterday?
<ivoks> i'm stupid; how does one boot virtio disk from libvirt?
<ivoks> disk is a file
<Ninjix> ivoks: what is the file format? qcow2,raw, etc...
<ivoks> qcow2
 * SpamapS wades into the bug triage list..
<Ninjix> did you build the machine with KVM and are now trying to use libvirt?
<ivoks> i used kvm trough libvirt, booted from Cd and installed the system
<ivoks> installed grub into mbr and now it can't find bootable device on disk
<soren> ivoks: Can I see your libvirt xml?
<Ninjix> hmm... sounds like you need to update the boot order
<ivoks> sure
<ivoks> http://pastebin.com/t5ryMzQW
<Ninjix> looks sane
<ivoks> i know :)
<ivoks> that's why i'm stupid
<ivoks> :)
<soren> ivoks: Can you show me the resulting kvm cmdline?
<Ninjix> have you tried it without libvirt wrapper?
<ivoks> soren: it's missing boot=on, i've noticed that
<soren> ivoks: Then you're screwed.
<soren> It needs boot=on for virtio.
<ivoks> http://pastebin.com/eNNbWkFh
<ivoks> i know
<soren> Which libvirt version is this?
<ivoks> lucid's
<soren> :(
<ivoks> i was looking how to add boot=on to xml
<ivoks> didn't find anything
<soren> It should happen automatically.
<Ninjix> does this boot it? http://pastebin.com/v7YdqKtv
<soren> Based on     <boot dev='hd'/>
<ivoks> <driver name='qemu' type='qcow2'/>
<ivoks> hm
<ivoks> Ninjix: that's how it should look like, yes
<ivoks> Ninjix: boot=on
<soren> I also don't get why it says if=none. that's just weird.
<soren> ..but maybe that's due to the new -device thing.
<soren> I've sort of lost track of this stuff.
<Ninjix> yeah... libvirt on debian/ubuntu is a little too far behind upstream
<soren> Ninjix: Uh.... We're following upstream /quite/ closely.
<Ninjix> I stopped using libvirt and just started working with direct kvm
<ivoks> yes we are
<ivoks> i had problems with boot=on in qemu
<ivoks> qemu doesn't work with it
<Ninjix> ah... ok. I was speaking without having checked :)
<ivoks> couple of months passed before redhat acknowledged there's a bug :)
<ivoks> i'll start all over
<ivoks> disk image was created by vmbuilder
<Ninjix> ivoks: pastebin your ps aux | grep kvm > foo.txt
<ivoks> i've pasted the command on pastebin
<ivoks> it's missing boot=on
<ivoks> that's the problem
<Ninjix> didn't see the past for the libvirt generated kvm command
<Ninjix> only the xml
<ivoks> 16:27 < ivoks> http://pastebin.com/eNNbWkFh
<Ninjix> yeah... no doubt about it
<Ninjix> maybe give the PPA a whirl?
<ivoks> if reinstall doesn't work, i will
<ivoks> :)
<ivoks> reinstall of VM
<uvirtbot> New bug: #668400 in cloud-init "Adding RightScale support to cloud-init" [Undecided,New] https://launchpad.net/bugs/668400
<jdstrand> hallyn: hey. in reviewing your merge, it doesn't pass qrt. I am investigating to see if it is a problem with the tests
<HackeMate> hi again
<hxm> I have installed dhcp3 and I manage a subnet, I want to store all dhcpd log stuff in /var/log/dhcpd/dhcpd.log, so I added the line log-facility local7; to the dhcpd.conf and added a line local7.* /var/log/dhcpd/dhcpd.log at rsyslog.conf
<hxm> I read in some tutorials I should do it in syslog.conf but I don't have that file, I guess it must exist in somewhere else
<hxm> the fact is doesn't work at the moment
<hxm> oh, maybe /etc/rsyslog.d/
<hxm> solved
<ivoks> Ninjix: you know where that libvirt ppa is?
<ivoks> Ninjix: \sh oh, just ignore me
<ivoks> Ninjix: soren i was actually using my own libvirt, in which i disabled boot=on :D
<ivoks> fr... retard
<mathiaz> SpamapS: o/
<mathiaz> SpamapS: do you have some time to mumble about the installation service?
<mathiaz> SpamapS: https://wiki.ubuntu.com/ServerTeam/Specs/Natty/InstallService
<SpamapS> mathiaz: certainly.
<SpamapS> mathiaz: give me a couple of minutes to read that.
<hggdh> zul: still want to ask you some Qs about SRU ;-)
<databits> does anyone know of bandwidth monitoring software to run on a ubuntu server, that can be administered and checked through a web portal
<databits> ?
<ssureshot> databits: I don't know if you want full feature or not but I'd look into zenoss
<ssureshot> it can monitor just about anythying you want
<vraa> maybe munin ?
<databits> damn they charge :(
<databits> I need something freeware
<Pici> Munin is free and open source.
<Pici> Cacti is as well.
<ssureshot> I thought it was open source,, zenoss also has a company that will support it that might be what ur looking at
<ssureshot> nessuss
<jdstrand> hallyn: fyi, looks like a testsuite issue. earlier libvirt's seemed to be ok with 'virsh domname "uuid"' (where the quotes don't get stripped by the shell) whereas the new libvirt wants 'virsh domname uuid'
<vraa> i like munin more than cacti, but that's just my preference
<Pici> Cacti is mostly SNMP related, Munin can pretty much take any datasource if you can write a script/program to get the data.
<hallyn> jdstrand: hm
<databits> well basicly I just wanna have something running on my ubutu server where I can have a gui for the bandwidth monitor
<hallyn> that's kind of weird.  why would you not want to allow quotes...
<jdstrand> *shrug*
 * hallyn looks through git log
<Pici> databits: ntop might do this too, it has been a while since I've played with it though.
<databits> ok sweet thnx alot
<ssureshot> I just don't feel like doing work today
 * jdstrand really needs to convert libvirt-aa-secdriver.sh to python...
<databits> ok I got ntop up and running
<databits> it is telling me that I have to go to http://localhost:3000
<databits> I allready have a webserver running on the server
<SpamapS> yeah thats how it works
<SpamapS> port 3000 will not interfere with 80
<databits> so I should be able to hit http://datait.dyndns.org:3000
<AnirbanHazra> how can I check whether curl is properly installed on my server or not ?
<databits> that dns is pointing to that machine
<zul> hggdh: umm....swap day today :P
<jenkinbr> AnirbanHazra, try using it; i.e. 'curl http://google.com'
<patdk-wk> ssureshot, take the day off and work tomorrow instead?
<ssureshot> patdk-wk: interesting thought but I think I'd rather finish today and not work tomorrow lol
<ssureshot> newborn kept me up all last night so I'm a little unmotivated
<TAO> newborn-congrats!
<ScottK> ssureshot: That's a sign you lack coffee.
<ssureshot> thank you sir
<ScottK> Speaking of which ...
<ssureshot> Scottk: ha right on, you may be right
<patdk-wk> mine is 3, and keeps me up all night watching movies
<TAO> mine is 15, and her guitar keeps me up.
<ssureshot> I'd enjoy that,, right now all he does is scream at me
<ssureshot> I can only hope he picks up the guitar, I'd love to jam with family
<TAO> ...just like I punished my parents when I was 15...
<ssureshot> they say what goes around comes around.. so I think I'm just screwed
<TAO> lol
<TAO> karma
<ssureshot> right lol
<databits> does anyone in here have any experience with ntop ?
<databits> I'm trying to figure out how to bring up the web interface
<TAO> not familiar with that, sorry.
<ssureshot> I do not, but the man page might .. try this howto http://www.howtoforge.com/network_monitoring_with_ntop
<arrrghhh> hey all need some startup script help.  i built a script in init.d, added it with update-rc.d.  everything is fine, but it seems the script didn't start as expected.  what logs can i look in to see why it failed?
<TAO> I would have to look around Webmin to find what script it is...
<arrrghhh> was that to me?  what does webmin have to do with it?
<TAO> I use webmin to look at my logs.
<arrrghhh> i use ssh :P
<arrrghhh> i just don't know what log to look at
<arrrghhh> message?
<arrrghhh> er
<arrrghhh> messages
<arrrghhh> i don't see it in there...
<arrrghhh> maybe syslog?
<TAO> I am looking at my syslog now to see if I can find anyting about init.d
<arrrghhh> i can run the init.d script by hand
<arrrghhh> i wonder if it doesn't like the screen command in there...
<ssureshot> arrrghhh; I think it would depend on what your trying to start,, general I would look at syslog.. but the service your starting might have a special log file
<arrrghhh> rtorrent runs in a screen session.  maybe i have to pass a command so the session is immediately daemonized
<arrrghhh> ssureshot: well it's just one i wrote.
<arrrghhh> real simple, just designed to start a screen session w/ a python script.
<arrrghhh> i can run it by hand no problem.  just wondering why it failed on boot.
<ssureshot> ah,, you could try to send stdout and stderr to a log file
<arrrghhh> so in the command do a > fileanme
<arrrghhh> s/fileanme/filename
<ssureshot> > /var/log/file 2&>1 or something like that
<arrrghhh> kk
<arrrghhh> going to look at how rtorrent does it
<arrrghhh> i may just be doing something silly :P
<ssureshot> does it require to be started after networking ... ? if so change the script to start last in rc1-5.d from say S20script to S99script
<arrrghhh> yes it would need to be up for networking
<arrrghhh> ok
<jdstrand> hallyn: I've committed a change to libvirt-aa-secdriver.sh and it seems to be working now
<arrrghhh> update-rc.d: /etc/init.d/bot exists during rc.d purge (use -f to force) - i did put a -f, i still get this...?
<arrrghhh> oops.
<arrrghhh> moved the -f :P
<jdstrand> hallyn: I'm not sure how much of your time it is worth investigating... you can look at my changes if you want to help narrow it down if you want
<arrrghhh> ssureshot: to do the update-rc.d and put it at 99... how do i do that?
<arrrghhh> nvm i think i got it
<arrrghhh> defaults 99
<arrrghhh> k here goes another reboot!
<hallyn> jdstrand: i'm assuming it's fallout from their (ongoing) switch to the new monitor or whatever they're doing
<ssureshot> good luck
<arrrghhh> thx
<Aison> hello, is that a problem of ubuntu 10.10 or is it just mine, that NFS version 4 is not working right? when I connect from one ubuntu server to another ubuntu server then the rights on the client are really strange
<jdstrand> hallyn: there is one qrt test left that is failing that I am investigating
<jdstrand> (not libvirt-aa-secdriver.sh)
<Aison> it looks like this
<Aison> drwxr-xr-x  2 4294967294 4294967294   24 2009-12-03 21:52 ftp
<Aison> and files like this
<Aison> -rwxr-xr-x  1 4294967294 4294967294  234 2007-11-19 23:09 store-jukebox-home
<arrrghhh> bah
<arrrghhh> script still doesn't work
<arrrghhh> i'm guessing there's an issue with my screen command.
<arrrghhh> is there something special i need to do to get a screen session running in an init.d script?
<arrrghhh> my rtorrent init.d script does it, but i'm not following how they do it :P
<ssureshot> bummer, I can't help with python though.. what about upstart?
<arrrghhh> well the upstart scripts are just symlinks to init.d scripts...
<databits> well I found zenoss
<databits> I'm going to install that instead
<databits> what is the command to remove ntop
<arrrghhh> apt-get remove?
<databits> sudo aptget remove ntop ?
<ssureshot> sudo apt-get purge ntop
<arrrghhh> assuming you installed it with apt
<ssureshot> or remove
<databits> thanks that is what I figured... it has been so long sense I have been doing with all these linux cli commands
<ssureshot> arrrghhh:  true
<ssureshot> does the script run fine when you run it manually?
<arrrghhh> yes
<arrrghhh> which is why it's so maddening :P
<jdstrand> hallyn: the remaining failure seems to be due to a too low timeout with pexpect
<jdstrand> hallyn: so it seems fine functionally at this point (at least for what we test)
<jdstrand> hallyn: I'm going to review the merge now
<ssureshot> Id try calling it from upstart,, use something like this... http://pastebin.ca/1983061
<ssureshot> you can also use .................start on (local-filesystems and net-device-up IFACE=eth0)
<ssureshot> so it starts after networking
<arrrghhh> i don't know if that's the problem.
<hallyn> jdstrand: cool, thanks.  about to head out for some pho, bbl
<arrrghhh> ssureshot: when i call it from upstart manually it's fine.
<arrrghhh> i think my screen command wasn't quite right.
<arrrghhh> trying again...
<arrrghhh> works!
<arrrghhh> my screen command was not correct :D
<ssureshot> good deal arrrghhh sorry I steered you in the wrong direction
<hggdh> JamesPage: there?
<arrrghhh> ssureshot: no worries you were grabbin at straws ;)
<beniwtv> Hi all... I have a strange problem on one of my servers. It seems that none of the locales "LANG" options are set. So, I tried to set a default language via dpkg-reconfigure locales. It generates some locales, but the dialog that used to come up in previous versions of Ubuntu to select the default locale doe snot come up anymore. Any ideas?
<jdstrand> hallyn: btw, when putting packages in your ppa, instead of using 0.8.5-0ubuntu1serge1 as the version, use 0.8.5-0ubuntu1~serge1. this way when you upload 0.8.5-0ubuntu1 users of ppa will get the new version. (eg try running "dpkg --compare-versions '0.8.5-0ubuntu1serge1' gt '0.8.5-0ubuntu1' && echo yes")
<uvirtbot> New bug: #671552 in autofs5 (main) "package autofs5 5.0.4-3.1ubuntu5.1 failed to install/upgrade: trying to overwrite '/usr/sbin/automount', which is also in package autofs 0:4.1.4 debian-2.1ubuntu2" [Undecided,New] https://launchpad.net/bugs/671552
<corecode> hey
<corecode> suddenly my machines start mounting /home via nfsv4
<corecode> any idea why that might happen?
<corecode> the problem is that if the machines are not configured to run idmapd all the permissions are wrong
<wiredfool> I've got a packet loss problem across a bridge for KVM on lucid server -- it's a 2 nic server, internal and external nets. One bridge is working fine, one is dropping packets in waves. The packets are getting to the bridge (according to tcpdump), but not getting to the vm inside, according to a fw logging rule as the first input rule. I've checked arp, and it's stable on both ends.
<arrrghhh> hey all.  i have multiple versions of java installed on my system, some things require 1.5, some require 1.6.  how can i ensure programs are using the correct version?  i set 1.5 the default as per a guide i was reading, but now a program that requires 1.6 fails...
<wiredfool> and even more curiouser, I've got 2 identical hosts with the same set of guests, and they're doing the same thing.
<wiredfool> though one loses a lot more packets than the other.
<hallyn> jdstrand: but 0.8.5-0ubuntu1~serge1 wouldn't have worked for me, bc i had tried to dput 0.8.5-0ubuntu1 and build had failed, so i had to do something higher next
<hallyn> i didn't mean for anyone to use it, only to make sure it would build on the build farm - so i'm about to delete it
<hallyn> i suppose what i ought to do is always immediately  *start* with ~serge1 for my tests
<jdstrand> hallyn: sure. I recommend ppa packages always use '~' and official ones omit it
<jdstrand> hallyn: yes
<jdstrand> hallyn: no huge deal, just an fyi
<hallyn> thanks.  i need to work on the discipline
<jdstrand> hallyn: see, you have to assume that you have fans that are just waiting to try out all your cool stuff :)
<jdstrand> if I actually had a fan, he/she would be seriously disappointed in my ppa. but there is always hope
<hallyn> jdstrand: but so i have to keep doing it wrong so i can get the 'hate'-mail, so i can know i have fans :)
<jdstrand> heh
<lieuwe[49ft]> i've been trying to run a ftp server for a while now, but i can't seem to be able to set it up so that it asks for a username/password, any pointers?
<lieuwe[49ft]> i've got an smb share, which i can view, but i can't add/change/delete files, what do i need to change to be able to do that>
<lieuwe[49ft]> ?
<sherr> lieuwe[49ft]: Howtoforge has a lot of pointers for things like FTP and Samba. Have a look there.
<lieuwe[49ft]> sherr: in the meantime, i fucked things up :P i should really learn to not touch shit XD
<lieuwe[49ft]> sherr: i cannot find anything related on howtoforge,
<guntbert> !language | lieuwe[49ft]
<ubottu> lieuwe[49ft]: Please watch your language and topic to help keep this channel family friendly.
<lieuwe[49ft]> guntbert: sorry
<sherr> lieuwe[49ft]: google search - "howtoforge +ftp" and try the first link. Lots of FTP links to scan. Simialr for samba.
<guntbert> lieuwe[49ft]: did you see https://help.ubuntu.com/10.04/serverguide/C/ ?
<sherr> Which, incidently, is the first google hit for "ubuntu server +ftp"
<sherr> :-)
<lieuwe[49ft]> currently my first concern is getting this share to work
<guntbert> lieuwe[49ft]: the server guide covers that too
<lieuwe[49ft]> guntbert: they all asume you use a user structure, this is(should be) a public share, but right now i get acces denied no matter what
<lieuwe[49ft]> guntbert: it doesn't accept the password for a local user either
<guntbert> lieuwe[49ft]: I have to tell you that I never quite got the hang of windows networking - so I'm familiar with what you experience but cannot help ;-(
<lieuwe[49ft]> pfffff
<lieuwe[49ft]> guntbert: i've got a temp solution, but its a bit silly to use netcat to write files you my www dir
<lieuwe[49ft]> guntbert: oh, the problem seems to be the permisions set on the folder, could you help me with chmod?
<guntbert> lieuwe[49ft]: I can try :-)
<guntbert> lieuwe[49ft]: and read the server logs
<lieuwe[49ft]> guntbert: absolutely *no* idea where the log is
<lieuwe[49ft]> lemme find out
<guntbert> lieuwe[49ft]: search in /var/log
<lieuwe[49ft]> guntbert: doesnt seem to be there
<guntbert> lieuwe[49ft]: look in /var/log/samba
<guntbert> lieuwe[49ft]: even /var/log/syslog might contain something...
<lieuwe[49ft]> guntbert: there are lotsa logs in /var/log/samba what one should i read?
<guntbert> lieuwe[49ft]: as I have none I cannot say - please !pastebin the output of ls -l /var/log/samba
<lieuwe[49ft]> guntbert: okies
<lieuwe[49ft]> guntbert: http://paste.pocoo.org/show/286659/
<hallyn> jdstrand: so in a merge request - does it matter at all how many crummy commits are in the tree i'm proposing?  Or do you just squash them all into a signle commit when merging?
<hallyn> just curious
<hallyn> well, not just curious - i'm wondering whether i should use a new, clean branch for the next request
<jdstrand> hallyn: it'll get squashed in the commit, but it possible to see all your small commits in the history
<jdstrand> I forget the incantation... bzr log squashes it, there is something else that shows all the little ones
<hallyn> --include-merges
<hallyn> ok, thx
<jdstrand> hallyn: for uber-cleanliness, a separate branch is nice, but not required
<guntbert> lieuwe[49ft]: look into log.smbd and maybe log.nmbd.1.gz (you might need zless here)
<lieuwe[49ft]> guntbert: log.smbd only contains a copyright notice
<guntbert> lieuwe[49ft]: ok, I was only asking because its easier to fix permissions if you know whats wrong
<lieuwe[49ft]> guntbert: should i pastebin log.nmbd.1.gz? it doesnt seem to contain anything usefull
<guntbert> lieuwe[49ft]: its a compressed file, so I said "use zless"
<lieuwe[49ft]> guntbert: i did
<lieuwe[49ft]> guntbert: nothing errorlike tho
<lieuwe[49ft]> guntbert: just lotsa [server started at x.x.x.x] and [server stopped]
<guntbert> lieuwe[49ft]: lets proceed with the permission you want to change
<lieuwe[49ft]> guntbert: well, i basicaly want everybody to be able to read and write to /var/www
<guntbert> lieuwe[49ft]: please be aware that this in generally a bad idea â¢
<guntbert> *this is
<lieuwe[49ft]> guntbert: the system has only one user, and a share thats within a firewalled network
<lieuwe[49ft]> guntbert: i dunno how to otherwise make the share work
<lieuwe[49ft]> it get permission denied every time now
<lieuwe[49ft]> (before i could at least read)
<guntbert> lieuwe[49ft]: what do you get with ls -ld /var/www ?
<lieuwe[49ft]> guntbert: d----w--w- 2 user root 4096 2010-10-23 23:01 /var/www
<lieuwe[49ft]> odd
<lieuwe[49ft]> i chown'ed it to user before
<guntbert> lieuwe[49ft]: it should be drwxr-xr-x 2 root root 4096 2010-10-05 11:09 /var/www/
<lieuwe[49ft]> guntbert: and how do i do that?
<lieuwe[49ft]> guntbert: i don't really get chmod, i'm pretty good at shell stuff, just not chmod
<segv`> there a way to make a shared /var/cache/apt/archives?
<wiredfool> lieuwe[49ft]: chmod 755
<lieuwe[49ft]> guntbert: so how do i chmod it correctly
<lieuwe[49ft]> wiredfool: thanks
<wiredfool> and chown root:root
<lieuwe[49ft]> it works
<guntbert> lieuwe[49ft]: when you use chmod -v you get feedback
<lieuwe[49ft]> okay, wth, i can browse it now, but i can't read or write
<lieuwe[49ft]> wiredfool: do you happen to know anything about smb shares?
<wiredfool> I tend to avoid them.
<lieuwe[49ft]> wiredfool: :P
<lieuwe[49ft]> wiredfool: any idea why i can browse but not read/write files in my share?
<wiredfool> I wonder if you mucked up items on the inside of the folder as well?
<guntbert> lieuwe[49ft]: one way: create a group (webauthors), assign the directory to that group and chmod it to 775, then make your user a member of that group
<lieuwe[49ft]> guntbert: i'm not using users for this share,
<guntbert> lieuwe[49ft]: I forgot, but the samba system must act as a user to be able to write there
<lieuwe[49ft]> eh
<lieuwe[49ft]> there's probably something like a samba group or something
<lieuwe[49ft]> guntbert: there's a group called sambashare
<guntbert> lieuwe[49ft]: try: chown -v :sambashare /var/www
<lieuwe[49ft]> guntbert: still no read acces
<guntbert> lieuwe[49ft]: well I told you about my experience with windows networking/samba - sorry
<lieuwe[49ft]> indeed
<lieuwe[49ft]> fudge it, i'm going to netcat my files over to the server
<uvirtbot> New bug: #671637 in irqbalance (main) "Not stoppable/restartable via initctl" [Undecided,New] https://launchpad.net/bugs/671637
<beav_35> I installed the apache2-suexec package but apache doesn't report that it found suexec in it's logs when it starts. What else do I have to do so that it will find it?
<RoyK> beav_35: cd /etc/apache2/mods-enabled; ln -s ../mods-available/suexec* .
<RoyK> apache2ctl graceful
<lieuwe[49ft]> i forgot my mysql database name, is there any way to get it back?
<RoyK> show databases?
<lieuwe[49ft]> RoyK: how do i do that exactly? this is the first time i've ever used mysql
<RoyK> mysql -uusername -p
<RoyK> type password
<RoyK> show databases
<Eventyret> Morning RoyK
<RoyK> Eventyret: morning?
<lieuwe[49ft]> RoyK: "ERROR 1045 (28000): Access denied for user 'user'@'localhost' (using password: YES)"
<RoyK> lieuwe[49ft]: fix your password, tehn
<Eventyret> RoyK: evning x:P
<beav_35> Royk: thanks I worked
<RoyK> god kveld :)
<lieuwe[49ft]> RoyK: i tought i knew the login username/password, aperantly not, any way to reset those?
<Eventyret> xD
<RoyK> lieuwe[49ft]: stop mysqld - start it manually with --skip-grant-tables - login as root - no password - set a new password
 * RoyK has just installed 16U worth of storage
<lieuwe[49ft]> RoyK: hold on, my shell is spazzing
<lieuwe[49ft]> RoyK: stop: Unknown job: mysqld
<RoyK> lieuwe[49ft]: /etc/init.d/mysql stop ; mysqld --skip-grant-tables& sleep 10; mysql -uroot mysql
<lieuwe[49ft]> RoyK: "ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: NO)"
<lieuwe[49ft]> again
<RoyK> try #mysql
 * RoyK is too tired for the newbie helpdesk
<lieuwe[49ft]> RoyK: i'll go poke someone else about this :P
<RoyK> lieuwe[49ft]: no offence, but there's tons on google about the subject
<lieuwe[49ft]> RoyK: yeah, i'm probsably too tired to google properly as i couldn't find anything
<RoyK> http://forums.mysql.com/read.php?10,130308
<RoyK> second hit on google
 * RoyK sends lieuwe[49ft] to the Learning The New Internet course
<lieuwe[49ft]> RoyK: :P
<RoyK> http://www.cyberciti.biz/tips/recover-mysql-root-password.html
<demonspork> are there any open source packages meant for managing a webserver hosting multiple websites? as in setting up the site with a webform and a paypal button to get webhosting with FTP/SFTP access?
<demonspork> or do I have to write my own software that will configure that type of service
<RoyK> demonspork: I'm quite sure there's a lot of free software for that, but I somehow think that google or some other search engine may give better advice than asking in here
<ChmEarl> ##linux
<bkpc> why sles not ubuntu server????
<Acs> hello!
<Acs> I have created a new user but did with the useradd and not the adduser
<Acs> so there is no home folder for the user
<Acs> is there any problem with deleting and create again the user (this time with adduser)
<Acs> I ask this because I have already change the mod for some files
<Acs> making the owner this user
<Acs> so will the files get somehow mixed up or something?
<qman__> Acs, only if the user is given a different UID/GID
<qman__> you can specify it as an option to adduser, so that that doesn't happen
<Acs> aaa ok ok
<Acs> and how do I get the user uid?
<qman__> grep username /etc/passwd
<qman__> gives you something like this:
<qman__> ryan:x:1000:1000:ryan,,,:/home/ryan:/bin/bash
<qman__> first number is UID, second is GID
<Acs> thanks
<uvirtbot> New bug: #671672 in krb5 (main) "Sync krb5 1.8.3+dfsg-2 (main) from Debian unstable (main)" [Wishlist,Confirmed] https://launchpad.net/bugs/671672
#ubuntu-server 2010-11-06
<databits> anyone have any experience installing and configuring zenoss ?
<databits> would appreciate if someone could help me out with this zenoss configuration
<databits> I'm pretty sure I have it installed but it is not configured correctly
<databits> I tried going to the webportal and tomcat page is showing
<uvirtbot> New bug: #671676 in rabbitmq-server (main) "package rabbitmq-server 1.8.0-1ubuntu2 failed to install/upgrade: el subproceso script post-installation instalado devolviÃ³ el cÃ³digo de salida de error 1" [Undecided,New] https://launchpad.net/bugs/671676
<databits> can anyone help me out with zenoss please
 * RoyK can't
<dclake> I'd be interested in zenoss as well
<grr> Hi, just installed ubuntu server on old hardware, ok. but on reboot, no video. holding shift gets me grub boot, then e for edit, what might I try to get video back?
<grr> that was 10.04
<grr> anyone?
<qman__> grr, try the nomodeset option
<uvirtbot> New bug: #671727 in bacula (main) "package bacula-director-mysql 5.0.1-1ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/671727
<kaushal> hi
<kaushal> can some one please guide me about https://lists.ubuntu.com/archives/ubuntu-server/2010-November/004806.html ?
<uvirtbot> New bug: #671733 in drbd8 (main) "package drbd8-source 2:8.3.7-1ubuntu2.1 failed to install/upgrade: drbd8 kernel module failed to build" [Undecided,New] https://launchpad.net/bugs/671733
<kaushal> checking in again for the query ?
<overrider> Id like to setup my 10.04 server to be my lan's router / firewall, connecting to the net via adsl / pppoe. Which of the many tools to use to configure the routing / firewalling part? Shorewall, guarddog, plain netfilter / ipchains? This Server has no GUI. Thanks for suggesting any simple but solid tool(s)...
<uvirtbot> New bug: #665235 in cloud-init (main) "attaching a volume to maverick instance may boot off it" [Undecided,Confirmed] https://launchpad.net/bugs/665235
<kaushal> Anybody around here ?
<k-rad> if you dont mind me asking, no help for this in #ubuntu it seems, i've got ubuntu enterprise cloud selected, my node however is not setup, and i will be using that .50/mo amazon cloud what i'm unsure of is which of the cloud computing selections at the top of sudo tasksel i will need, should i select everything except for node controller ?  could you run sudo tasksel yourself and lend me a hand at those top packages ?
<k-rad> this is from sudo tasksel
<BuenGenio> hello are there any builds of Dovecot 2 for ubuntu?
<kaushal> checking in again for the query
<Cromulent> I'm banging my head against a wall here I followed this tutorial on 10.04 https://help.ubuntu.com/community/PostfixAmavisNew but no matter what I do no email messages seem to come back with the X-Spam-Status header set by Spamassassin
<skwashd> trying in here ... it seems more appropriate than #ubuntu
<skwashd> i've got a 64 bit ubuntu lucid server which was upgraded 2 weeks ago from jaunty to karmic and today it was upgraded to lucid
<skwashd> the box is hanging at the point when udev should be starting
<skwashd> kernel options at just rootdelay=60 to deal with timeout errors
<skwashd> no splash or quiet options
<skwashd> virtual consoles aren't functional at this point either
<skwashd> i forgot to mention ... the box is a dell PE r200
<skwashd> i manually upgraded the filesystem to ext4 ... made no difference
<SAngeli> with a running server if I plug-in a serial device to the server (fax/modem) will it be detected or in order to do so the fax/modem must be connected and powered on before I power on the server?
<kaushal> hi
<kaushal> collectd: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), for GNU/Linux 2.6.8, dynamically linked (uses shared libs), not stripped
<kaushal> what does type of file mean ?
<SAngeli> with a running server if I plug-in a serial device to the server (fax/modem) will it be detected or in order to do so the fax/modem must be connected and powered on before I power on the server?
<eagles0513875> bug 670246
<uvirtbot> Launchpad bug 670246 in roundcube "upgrade to latest stable version 0.4.2" [Undecided,New] https://launchpad.net/bugs/670246
<eagles0513875> :)
<k-rad> good day all
<k-rad> could use your assistance, as you may be more skilled at this than the average desktop user.
<k-rad> need failover for link aggregation to wlan0 and speed tweak recommendations   i am willing to pay anyone $10 if they can solve it for me :)  http://ubuntuforums.org/showthread.php?p=10080308#post10080308
<eagles0513875> k-rad: are you running this on an ubuntu server server
<k-rad> eagles0513875, no sir, i'm using 64 bit ubuntu desktop
<eagles0513875> ask in #ubuntu channel this is more for the server side of ubuntu
<k-rad> i tried ubuntu cloud enterprise last night, and fsck wanted to run on a readonly filesystem.  broke my heart.  i have amazon ec2 services free for 1 year, with a 50 cent charge fee for that
<k-rad> thank you eagles0513875
<eagles0513875> welcome k-rad
<k-rad> last night when i tried ubuntu cloud enterprise, i installed it via sudo tasksel on a 32 bit ubuntu desktop system.  none of my fstab entries were read-only, however, i never got past the ubuntu splash screen
<k-rad> it wanted fsck on a read only filesystem. :(
<eagles0513875> O_o
<eagles0513875> not sure i never tried the could computing feature
<eagles0513875> might end up doign that if i get my hands on another server
<_zoom_> am preparing svn and apache server for our php developers, i need tool allow them to upload and test their codes, any ideas?
<jz_> Hi everyone, I am trying to add mydns to load when my system boots.  Can anyone help me with this, please?
<eagles0513875> _zoom_: i think for svn to commit to it a user needs an ssh key
<eagles0513875> !svn | _zoom_
<ubottu> _zoom_: svn is Subversion: an open-source revision control system, which aims to be a compelling replacement for CVS. See http://subversion.tigris.org/
<eagles0513875> !info svn
<ubottu> Package svn does not exist in maverick
<eagles0513875> _zoom_: let me find the documentation for ya
<ScottK> eagles0513875: The package is subversion
<eagles0513875> !subversion | _zoom_
<ubottu> _zoom_: subversion is an open source application used for revision control. It is sometimes abbreviated to svn in reference to the name of its command line interface. Look here for a Subversion How To on Ubuntu: https://help.ubuntu.com/community/Subversion
<eagles0513875> that link might provide you with some insite :)
<_zoom_>  ubottu: am looking for a tool that helps developer to upload codes into apache server
<ubottu> Error: I am only a bot, please don't think I'm intelligent :)
<qman__> I suggest using sftp/scp built into ssh
<qman__> if you don't trust your devs, you can chroot them
<k-rad> eagles0513875, have you ever used amazon EC2 service before ?
<k-rad> eagles0513875, if its something you'd like to implement on a spare box, i'd love to get feedback from you on how to use amazon EC2 in order to supplement the computing power of a ubuntu desktop (i may run a web server here too)
<eagles0513875> well right now im debating if i am going to build a 2nd machien and turn my current desktop into a server or not
<eagles0513875> still havent quite understood the purpose of cloude computing and what exactly it does
<qman__> in my personal opinion, it's a very niche thing
<qman__> if you're struggling to find a use for it, it's probably not for you
<k-rad> eagles0513875, http://foss-boss.blogspot.com/2010/10/free-ubuntu-server-for-year-at-amazon.html
<eagles0513875> qman__: i just dont understand what its purpose is
<qman__> high availability virtual appliances
<k-rad> i've used their services, but happened to have a spare email, and a sip number to my room for authentication, for 1 year, max they'll charge is .50 cents/mo.
<eagles0513875> qman__: like virtual machines
<qman__> yes
<qman__> the benefit to the cloud system is that it handles distributing it across hardware automatically
<qman__> if you have lots of VMs and lots of hardware, it makes your life easier
<eagles0513875> humm something i might have to consider once i get a 2nd machine and will allow me to reformat and re do my server
<qman__> you no longer have to pick which server to put your next VM on
<qman__> it's very cool tech, I won't knock it for that
<k-rad> eagles0513875, if that is a project you'd consider engaging in, i'd love to be your buddy because i actually have a spare box that could contribute as a computing resource node for my primary box, and to be able to use those amazon EC2 computing services to maximize performance on my main machine, would be totally awesome
<qman__> but "cloud computing" has become a huge buzzword
<qman__> don't get sucked into thinking you need one just because it's the next big thing
<k-rad> qman__, is it anything like openmosix used to be ?
<qman__> openmosix was quite different
<eagles0513875> qman__: can do more with less so to speak
<qman__> openmosix would allow you to split one big load over multiple machiens
<qman__> cloud doesn't
<k-rad> openmosix is something i'd like to accomplish with a spare box, facilitating resources to my main primary desktop.
<qman__> it only allows you to distribute lots of loads across machines
<eagles0513875> k-rad: your thinking of clustering
<k-rad> using ubuntu.  is that possible ?
<eagles0513875> which is used for rendering 3d animations for instance
<k-rad> eagles0513875, indeed i am.  i'd love to do that with ubuntu
<eagles0513875> me 2
<qman__> cloud is only useful if you are running lots of separate VMs
<eagles0513875> i might be able to get my hands on some old p2s
<eagles0513875> qman__: im really considering splitting upmy server across multiple vms
<k-rad> eagles0513875, and it'd be even greater, if we could add the amazon over the net resources to whatever it is we use our computers for.  for me, its my personal desktop
<qman__> if you have one heavy project you want to distribute, you probably want a beowulf cluster
<eagles0513875> atm one server running everything from mysql to apache and eventually email
<eagles0513875> qman__: haha ya im on that mailing list
<eagles0513875> k-rad: distributed computing
<k-rad> i only run 1 vm and that is for windows 7 and itunes.  itunes for a rare track here and there, and thats it.
<qman__> of course, the cost of powering a bunch of PIIs is a lot more than just buying a sempron that can outperform the lot
<k-rad> and audiobooks
<k-rad> its got audible.com
<eagles0513875> qman__: true but i can get them for free from one of my lecturers lol
<eagles0513875> brb switching to desktop
<qman__> openmosix was a very cool idea, it's a shame that it died off
<qman__> that's what most people think of when they are told about "the cloud", but that's not what it is
<k-rad> qman__, i've got a dual core pentium-d presler clocked stock at 3.4ghz, it has gigabit ethernet, and 4gb of ddr2 800 memory and a 320GB drive.  can i cluster that to my primary desktop ubuntu box for additional power awesomeness
<eagles0513875> qman__: does ubuntu server contain the necessary clustering software like mpi and other things
<eagles0513875> im on a core2 quad q9550 at 2,83 ghz
<qman__> documentation is scarce on it
<qman__> last I looked into it, all the info was several years out of date and inconsistent
<eagles0513875> humm qman__ would it be possible to put together a team to possibly create an ubuntu server clustering version
<eagles0513875> qman__: if im not mistaken there is mp2
<eagles0513875> mpi2
<eagles0513875> thats replaced
<eagles0513875> brb on desktop
<qman__> the projects are there but implementing it on ubuntu is some kind of voodoo that no one wants to share
<k-rad> qman__, why do you suspect that is ?
<qman__> a documentation project on it is a good idea
<eagles0513875> qman__: i think i have k-rad and u but i bet i can drum up support from the beowulf mailing list
<eagles0513875> lots of experts
<qman__> not enough people doing it, I guess
<eagles0513875> beowulf cluster has lots
<eagles0513875> brb on desktop
<k-rad> wonderful eagles0513875 could you make a post, and forward a few relevant clustering for ubuntu emails that would be what i needed to know, and have you email them to me ?
<k-rad> to what aim is ubuntu enterprise cloud different and similar to linux clustering ?
<eagles0513875> qman__: i would like to see if there is interest in an ubuntu  derived clustering version
<k-rad> hi eagles0513875
<eagles0513875> k-rad: back
<k-rad> wonderful eagles0513875 could you make a post, and forward a few relevant clustering for ubuntu emails that would be what i needed to know, and have you email them to me ?
<k-rad> to what aim is ubuntu enterprise cloud different and similar to linux clustering ?
<eagles0513875> k-rad: dont have any off the beowulf list
<k-rad> wouldn't it be cool if you could do ubuntu clustering on ubuntu enterprise cloud if amazon EC2 does actually provide processing, resources power to a host
<eagles0513875> ?
<eagles0513875> kinda lost me on that one
<k-rad> eagles0513875, might you be able to post one, and email me back and see if you hear anything ?
<eagles0513875> qman__: coudl i use the cloud in conjunction with vbox for instance
<eagles0513875> k-rad: i would join the list cuz that way you can explain better its free to join
<eagles0513875> qman__: i mean phpvbox
<k-rad> i'll do that thank you
<eagles0513875> welcome
<eagles0513875> ill see u on the list :)
<qman__> clustering uses multiple hardware devices to accomplish a single task with more power
<k-rad> how much is canonical support through email for 3 days ?
<qman__> cloud just manages lots of virtual machines efficiently
<eagles0513875> qman__: can i use the cloud with phpvbox for instance or would i have problems
<qman__> I don't really know what phpvbox is, so I can't say
<qman__> but, for example
<eagles0513875> its the web based front end of virtualbox
<qman__> that probably wouldn't work
<eagles0513875> ok
<qman__> I'm pretty sure UEC uses KVM as the backend
<qman__> so you'd need a KVM/qemu compatible frontend
<qman__> but don't take my word on that, I don't know for sure
<eagles0513875> !cloud
<eagles0513875> does the bot have any links
<qman__> !uec
<qman__> maybe not
<qman__> !kvm
<ubottu> kvm is the preferred virtualization approach in Ubuntu. For more information see https://help.ubuntu.com/community/KVM
<eagles0513875> i still have yet to understand why ubuntu doesnt support xen
<eagles0513875> even though its still in debian repos
<qman__> well, they simply got behind KVM
<qman__> for better or worse, that's what happened
<eagles0513875> ya
<highvoltage> anyone is welcome to maintain xen in universe though
<eagles0513875> isnt kvm more software based like virtual box
<qman__> KVM takes advantage of hardware virtualization but doesn't necessarily require it
<eagles0513875> ok
<qman__> though it's much slower without it
 * eagles0513875 is learning alot today
<qman__> unfortunately the only machine I have to toy with virtualization which has hardware support is my laptop
<qman__> this desktop is an older chip, 939 opteron
<eagles0513875> only one is my monster desktop im on atm
<eagles0513875> 775 core2 quad here
<eagles0513875> i think might build myself a new i7 desktop and make this one a server
<eagles0513875> and try out uec
<qman__> I have a phenom II box, but that one's "The Windows Box"
<eagles0513875> i have 2 drives on this pc
<eagles0513875> 500gb win 7
<eagles0513875> 2tb lucid
<eagles0513875> now i see why they went with kvm
<eagles0513875> easier for users to work with
<qman__> xen was quite a headache if you didn't know what you were doing
<qman__> but with the same kind of effort, they could have made it user friendly
<eagles0513875> ya tell me bout it
<eagles0513875> im wondering if i could work wiht the xen-tools team on that
<eagles0513875> gah i hate flash
<qman__> agree
<jz_> Can anyone please help me add mydns to start on system startup
<qman__> it uses 100% of a core on this machine just to watch youtube videos
<qman__> jz_, you could just add it to rc.local, and it'd work, but it wouldn't be the _right_ way
<qman__> I think update-rc.d still works
<eagles0513875> qman__: flash is crashing firefox left right and centr and i have a number of tabs open with it
<eagles0513875> lol woohoo viva 24% ram usage out of 8gb
<qman__> eagles0513875, I stopped using firefox because it single-handedly dragged my entire system to a crawl, with flash and java both disabled
<eagles0513875> tbh i can live with it maybe cuz i have 8gb of ram on my system but im glad that at least apple isnt using flash any more
<qman__> it wasn't about RAM, it introduced significant UI lag
<qman__> my whole computer is leagues faster now that I use epiphany and chromium
<jz_> qman__: why wouldn't it be the right way?
<qman__> jz_, because it doesn't really install it as a service, it just runs it once at boot
<qman__> it's a hack
<qman__> if that's okay with you, go ahead
<jz_> I'd rather add it as a service if possible
<qman__> I know how to do it with sysvinit, but I don't know upstart that well
<qman__> so with lucid, I'd have to do a lot of reading
<qman__> pretty sure upstart still runs sysvinit style scripts, so you could still do it that way
<eagles0513875> anyone try mysql workbench?
<qman__> put the script in /etc/init.d/, then update-rc.d to set it
<eagles0513875> on lucid or otherwise?
<SAngeli> can someone please advice me on a good artice for setting up a solid, stable and reliable NAS server under ubuntu server? I need an alternative to the nice work FreeNAS has done because I also need to install Hylafax and am unable to do so under FreeNAS
<qman__> SAngeli, if you're using something like iSCSI that's outside my expertise, but simple things like samba or NFS file sharing I can do
<qman__> the first place you should always check is the ubuntu server guide
<garymc> Could anyone help me create a cron job?
<SAngeli> I need to setup a RAID 1 and then iSCSI. but to start I wish to find a well detailed article on how to set up a NAS server, get RAID up and running, check health of the RAID, set up alarms if RAID fails,.. Then I will look for iSCSI article
<qman__> SAngeli, RAID is built into the partitioner, quite easy to set up
<jz_> qman__: thanks for your help.  it worked
<qman__> as for emails on failure, I don't know if they're in there by default but it's also not that hard to set up
<SAngeli> I have been looking for a detailed article on Internet and did not find any.
<qman__> though I did notice when I set a RAID up in the partitioner on a 10.04 install recently, it installed postfix
<SAngeli> I wish first need to read and understand the steps
<SAngeli> as for FreeNAS that tells you all about it so I can read and discern
<qman__> well, FreeNAS is very single-purposed, where ubuntu server is more general purposed, so a comprehensive guide for that particular setup is going to be harder to find
<SAngeli> yea, I noticed this.
<qman__> for RAID information, see here: https://help.ubuntu.com/10.04/serverguide/C/advanced-installation.html
<SAngeli> is it reliable and stable?
<qman__> ubuntu in general? yes, as long as you stick to LTS versions
<qman__> lucid has most of the bugs worked out by now
<SAngeli> is it a good idea to install webmin on top of it?
<qman__> no
<qman__> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system.
<eagles0513875> webmin from what i have red has lots of security vulnerabilities
<SAngeli> ok
<SAngeli> is there a GUI or WEB application that help an admin to manage the server, see RAID status, ...... ?
<eagles0513875> SAngeli: there is commandline mdadm that will help u with raid stuff
<eagles0513875> !mdadm
<SAngeli> ok
<SAngeli> got it
<eagles0513875> ok wait
<eagles0513875> thats not right bah qman__ help whats the command line command to check raid isnt it mdadm or somethign like that
<SAngeli> I will tray with ubuntu server and command line all the way through. Hope I will be able to manage it
<qman__> mdadm is the command tool, but checking RAID status is done by doing `cat /proc/mdstat`
<SAngeli> this will be a production server for storage. Hope will be able to accomplish as FreeNAS outcome
<SAngeli> the end result is that it works
<eagles0513875> qman__: thanks :) havent messed with mdadm in a while and i wasnt sure if that was right
<qman__> while I don't use iSCSI, I've been using ubuntu as a file server for over two years
<qman__> raid6 + hot spare
<SAngeli> did you interface it with vmware and/or Active Domain windows server?
<qman__> it emails me SMART info and mdadm warnings
<qman__> no, it's just a simple file server
<SAngeli> I see
<qman__> samba and NFS
<SAngeli> I believe I do not have to go through vmware for using it with other servers.
<eagles0513875> qman__: might need you to help me setup something like that
<SAngeli> is samba used to interface my NAS with Active Directory of microsoft windows server?
<eagles0513875> SAngeli: yes
<SAngeli> ok
<SAngeli> I will be doing some more readings
<eagles0513875> to interface or have any file sharing capabilities with linux samba is what you need
<eagles0513875> linux to linux you need NFS
<qman__> reminds me, I need to upgrade my router
<qman__> it's running jaunty, which reached end of life about a week ago
<eagles0513875> lol qman__using ddwrt?
<SAngeli> qman__, could you also be so kind to identify for me, just because you already know, the correct articles for enabling "email SMART info and mdadm warnings" ?
<eagles0513875> wtf what router are you running where you can run ubuntu server on it and what do you have configured on it
<qman__> SAngeli, best place to start is postfix in the server guide
<qman__> I configured one mail server to use gmail, I can link an article in a bit
<qman__> and then I configured the rest of the servers to use that one as a smarthost
<SAngeli> ok
<qman__> eagles0513875, it's an athlon X2 4050e with four NICs
<eagles0513875> qman__: will you help me with that cuz im having issues with postfix
<eagles0513875> oh a desktop you turned into a router
<SAngeli> postfix or sendmail would be similar, right? qman__
<qman__> sendmail is, in my opinion, archaic and difficult, and it is also not a supported mail server
<qman__> postfix and exim are the ubuntu-supported options
<SAngeli> would it be sufficient to use a 4GB HD for ubuntu server, raid functionality for two SATA HD, fax server and mail server?
<qman__> yes
<SAngeli> it is a SSD HD IDE HD
<SAngeli> ok, thank you
<qman__> a stock ubuntu server install is only going to use ~800MB
<qman__> I would recommend at least 2GB
<qman__> but as for the mail server
<SAngeli> qman__, if you remer or know of any good link for server setup please MSG me please I will keep in mind and read it. I wish to have some good articles as guidance. I plan on installing ubuntu server 10.10 x64 as server
<qman__> I used gmail but any way you have your mail server sending email is fine
<qman__> the 'client' servers, the ones forwarding mail to it, are very easy to set
<SAngeli> qman__, mail servre will not store emails. It is just for the server itself and perhaps as SMTP server. nothing else
<qman__> just choose 'smarthost' option when installing postfix, and point it to your real mail server
<qman__> I recommend against using 10.10, as it is not an LTS version and will reach end of life very quickly
<qman__> use 10.04.1 LTS instead
<eagles0513875> qman__: will you help me out when i get back
<qman__> sure
<eagles0513875> with dovecot+postfix config
<eagles0513875> dovecot works postfix dont for me
<SAngeli> I never understoo this. why when you someone tries to dowload server it only gives you 10.10 rather than 10.04.1 LTS?
<eagles0513875> i can recieve incoming email but not send any outgoing form my server
<SAngeli> qman__, what is the reason for being 10.10 the Latest versino? What is the purpose of posting it? Can I understand?
<qman__> SAngeli, on the download page (here: http://www.ubuntu.com/server/get-ubuntu/download ), you have to click the drop-down and choose 10.04
<eagles0513875> not sure what im doing wrong qman__ im following the wiki tutorials on how to configure them
<qman__> 10.10 is cutting edge, newest versions of software
<qman__> for a production environment, not usually the best choice
<SAngeli> qman__, sure. I noticed. but will it become later on LTS?
<qman__> 10.04 will have longer support and will stick to mager versions
<qman__> no
<qman__> ubuntu's release cycle is every 6 months
<qman__> the LTS releases are every 2 years
<SAngeli> so what is the correct discernment?
<qman__> what you're looking for in a system
<SAngeli> let's say I install 10.10 What would happend in 1 year from now?
<qman__> if you want the latest and greatest versions, and you don't mind bugs or updating frequently, you want the regular releases
<SAngeli> I see
<qman__> if you want a more stable platform that changes less frequently, you want the LTS versions
<qman__> example, 9.04's support ended a couple weeks ago
<qman__> that was a non-LTS version
<SAngeli> I see
<qman__> but 8.04's support is continuing for quite a while yet
<qman__> because that's an LTS version
<qman__> even though it's a year older than 9.04
<SAngeli> so, what will happend when 10.04.1 LTS will end support? Will 10.10 be the next version?
<qman__> no
<qman__> the next version to 10.04 LTS will be 12.04 LTS
<qman__> direct upgrade
<SAngeli> ok
<qman__> and there will be plenty of support overlap between the two versions
<qman__> lots of time to test and perform the upgrade
<SAngeli> so, what is the purpose of releasing 10.10 or other releases without LTS? Just for testings?
<qman__> testing, less demanding situations, and using newer cutting edge software
<SAngeli> last question: when you say: "using newer cutting edge software" you refer to the OS or to the applications?
<qman__> both
<qman__> 10.04 shipped with certain major versions of software
<qman__> over the course of the support cycle, those major versions will not change, only the minor versions and security patches
<SAngeli> so, if I wish to install the latest version of hylafax as an example I could endup not being able to do so with 10.04.1 LTS ?
<qman__> yes, depending on how old the latest version is
<qman__> and whether or not it's backported
<qman__> for example, 8.04 LTS used PHP 5.2
<qman__> the main repositories still run 5.2 on 8.04, they did not upgrade to 5.3 because there are major functional changes
<qman__> they simply run the latest security updates to 5.2
<qman__> since 10.04 is not that old, right now the discrepancies will be very narrow if at all
<SAngeli> this is what ubuntu port says: http://packages.ubuntu.com/search?suite=maverick&section=all&arch=any&searchon=names&keywords=hylafax-server   this is what Hylafax says: http://www.hylafax.org/content/Download   ubuntu is at 6.0.4  Hylafax current release is version 6.0.5.
<qman__> but 10.04 will not continue to get the latest versions of everything
<qman__> well, that search is for maverick, which is 10.10
<SAngeli> I see, what is the port for 10.04.1 LTS?
<qman__> the latest version for 10.04 is 2:6.0.3-5.1ubuntu1
<qman__> so looks like 6.0.3 with ubuntu specific patches
<SAngeli> wow even older
<SAngeli> if I would need anyway latest release 6.0.5 what would I need to do?
<qman__> you would have to add hylafax's repository to your system
<qman__> they have 6.0.5 on there
<qman__> as instructed here: http://code.highrise.ca/apt/
<qman__> you'd add the following line to your sources.list
<qman__> deb deb http://code.highrise.ca/apt/ lucid hf-6.0
<qman__> err
<qman__> deb http://code.highrise.ca/apt/ lucid hf-6.0
<SAngeli> so not a bit issue
<SAngeli> I see
<SAngeli> qman__, I wish to thank you for now for all the answers you provided me with.
<SAngeli> I will think and read a bit about what we discussed.
<qman__> note that doing so would not be supported by ubuntu, you'd have to rely on hylafax for updates and help with that version
<qman__> no problem
<SAngeli> If I need additional help I will aks further.
<SAngeli> take care now.
<SAngeli> :-)
<k-rad> anyone here have experience using the oslr package in ubuntu ?  i was told it would solve my bonding failsafe fallover problem
<k-rad> and i realize thats unrelated to servers, though perhaps, sometimes utilized ?
<k-rad> there are no ubuntu how-to's on OSLR
<k-rad> and no useful posts on ubuntuforums.org
<amarcolino> Hi can someone suggest ways fo me to identify what is going on my network, denyhosts keeps blocking localhost and the machines I use for ssh, I would like to find out what causes it to trigger a block, the log gives no information on why the machine(s) keep getting blocked
<eagles0513875> hey guys im back
<ehcah> Anyone out there prefer Ubuntu Serer to pre-packaged NAS like OpenFIler or FreeNAS or unRAID?
<eagles0513875> k/j workbench
<eagles0513875> qman__: hey you busy right now
<cjmaynar_> hey, so this question isn't really specific to ubuntu server, more in regards to servers in general. i own a domain, and i've setup a subdomain on it to forward to home home ip address, from there i've got my server running. It's all good and swell, except for after i go to home.domain.com it directs me to jsut my ip address. i was wondering how to go about keeping the subdomain/domain in the url?
<databits> hey does anyone here know of a good webbased irc client I can embed on my website ?
<databits> I was thinking flash would probably be the best route for this
<eagles0513875> databits: there is the one of freenode you can imbed i think
<eagles0513875> i think its qwebirc
<databits> well I am trying to find one a client that will load up with no security issues on the browser but is really cool at the same time
<databits> ya dig
<databits> ;)
<eagles0513875> databits: thats the only one i know of and recommend
<eagles0513875> there is also a java based irc web chat forgot what its called
<databits> what language based is the qwebirc ?
<eagles0513875> not sure
<eagles0513875> databits: ajax based irc
<eagles0513875> http://qwebirc.org/
<eagles0513875> databits: woudl that work for ya
<databits> working on configuring the client right now
<databits> I'm about to find out
<databits> :)
<databits> thanks
<_Techie_> databits, qwebirc is python based
<_Techie_> and very astheticaly pleasing
<_Techie_> i have one hooked up to my BNC and its never failed me
<databits> cool shit
<databits> ok how do I go about compiling the files ?
<databits> this compiling is all new to me
<guntbert> !language | databits
<ubottu> databits: Please watch your language and topic to help keep this channel family friendly.
<guntbert> !enter | databits
<ubottu> databits: Please try to keep your questions/responses on one line - don't use the "Enter" key as punctuation!
<databits> sorry
<databits> â¢Run compile.py to generate the HTML, minify the Javascript/CSS and copy everything to the correct locations | this is what the documentation is stating | I'm not sure how to go about doing this task
<guntbert> databits: :)
<_Techie_> start with python compile.py
<databits> ok looks like I need to install twisted first
<_Techie_> and then move it to where you feel comfortable having, eg ~/qwebirc/ or /etc/qweirc/
<databits> is this going to be running off my webserver or is this going to be a seperate instance ? also should I be able to do a "sudo apt-get install twisted" ?
<_Techie_> it will run in a seperate instance as it has its own built in webserver that works extremely well
<databits> allrighty cool
<_Techie_> if your feeling daring, you can also use libapache2-mod-proxy to map it to a sub domain
<_Techie_> that way you can have it use SSL
<_Techie_> and be accessible behind restrictive firewalls
<eagles0513875> _Techie_: is that how you do subdomains with apache or could you do aliases or that wont really work if you want a subdomain
<_Techie_> eagles0513875, if i have something that maps to a port, i use the apache proxy module to have  subdomain to transparantly redirect traffic inside my network or over loopback
<eagles0513875> ahh
<databits> <_Techie_>: for right now I just want to get everything up and running
<eagles0513875> databits: use tab to complete a name
<eagles0513875> type in da then tab to complete yoru name
<eagles0513875> or eagl then tab to complete mine
<eagles0513875> it bring up the txt ur sending to that person in red
<_Techie_> eagles0513875, colour depends on client
<databits> what is the rename command ?
<_Techie_> mv
<databits> Bareword "config" not allowed while "strict subs" in use at (eval 1) line 1. Bareword "py" not allowed while "strict subs" in use at (eval 1) line 1. Bareword "txt" not allowed while "strict subs" in use at (eval 1) line 1.
<databits> what does this mean ?
<_Techie_> no clue
<_Techie_> i would suggest you start using google
<clayd> how do make it so that when someone uploads a file via FTP the file gets permisions for the user and the group.  For example on a web server.
<databits> the file should automaticly take the default permissions for the user that the ftp is logged in by
<databits> or do you have anon loggin enabled ?
<clayd> no i am using a user.  but you have pointed me in the right direction.  I was thinking it was vsftpd.  How do i set the default permission for a user?
<clayd> so this is wierd.  when i creat a file from the command promt is gets the permissions 644 but when i upload one over ftp it gets 600
<clayd> i cant figure out what is causing this difference
<TeTeT> clayd: check the docs for vsftpd and see how to set the umask for new uploads
<clayd> just fnding that.  but thank you.
<databits> sorry I was in the other room | I had kinda a similar issue | I used ACL to take care of my problem
<clayd> wha is ACL?
<RoAkSoAx> w/in 7
<databits> clayd: http://en.wikipedia.org/wiki/Access_control_list
<data_bits> warning: hg: unable to execute (using a random id). I changed some options in the config file of the ircd-ircu so I can access the config engine from a remote machine instead of the default default host
<data_bits> I tried to recompile the software and it is giving me that error "warning: hg: unable to execute (using a random id)."
<data_bits> does anyone have any idea's with this issue ?
<osmosis> any suggestions on how I could get help with this bug? https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/668042
<uvirtbot> Launchpad bug 668042 in libvirt "target device info is not in dumpxml" [Low,New]
<osmosis> It would be nice if launchpad had a bounty system.
#ubuntu-server 2010-11-07
<cjmaynar_> hey, so I've got a home server setup, and I've got my domain forwarding a subdomain to it, but as soon as i visit that subdomain, it just goes to the ipaddress, how would i set it up to keep the subdomain/domain?
<KnightHacker> cjmaynar_: How did you set up "domain forwarding a subdomain to it"?
<KnightHacker> Did you create a DNS record?
<data_bits> how do I check to see if acl is running  ?
<data_bits> I had my acl configured and setup, but I restarted now it does not seem like it is setting the permission for my web directory anymore
<latenite> Hi folks, i am looking for a tool. Some "webcalendar"  (user edit their calendar with a browser) that ALSO supports CALDAV. I want my iphone and also my emailclients (evolution+thunderbird) to use this calendar with CALDAV. Woud you any tool/suite? thanks :)
<data_bits> ugh my acl just quit working on my website directory for some reason
<data_bits> just out of the blue for some reason when I upload to my web directory my permissions are all screwy now
<data_bits> well I got it working now
<data_bits> I think my fstab or something is jacked
<data_bits> # /etc/fstab: static file system information.
<data_bits> #
<data_bits> # Use 'blkid -o value -s UUID' to print the universally unique identifier
<data_bits> # for a device; this may be used with UUID= as a more robust way to name
<data_bits> # devices that works even if disks are added and removed. See fstab(5).
<data_bits> #
<data_bits> # <file system> <mount point>   <type>  <options>       <dump>  <pass>
<data_bits> proc            /proc           proc    nodev,noexec,nosuid 0       0
<data_bits> # / was on /dev/sda1 during installation
<data_bits> UUID=eb23839d-9487-4f17-a9cf-ecee011fe63d /               ext4    errors=remount-ro,acl 0       1
<data_bits> # swap was on /dev/sda5 during installation
<data_bits> UUID=5b4f4d4f-2e5b-4d0d-b340-26e2a12916ee none            swap    sw              0       0
<vraa> please use pastebin next time - http://ubuntu-server.pastebin.com/
<data_bits> sorry about that ... was not aware of the pastebin
<jose120photo> anyone in here have experience running tomcat on ubuntu server?
<Dantes13> Tried to setup 10.04 server with software raid 1.  2 hard drives.  2 standard partitions with /boot and swap, then lvm for root, tmp, var/log, etc...  Install goes fine, but on reboot it hangs at the spash screen.  When I do mdadm --detail on each raid, all non LVM arrays (/boot and swap) won't activate.  Has anyone seen this?
<eagles0513875> Dantes13: if im not mistaken you have to set the whole drive to be an lvm drive im not 100% sure
<MACscr> are the cloud tools for ubuntu that i see at ubuntu.com included with the server edition of ubuntu server or at least freely available?
<MACscr> nvm, looks like it does
<MACscr> or maybe not. Seems there is a mix of a few things
<jmarsden> MACscr: If you could be more specific about which tools where on ubuntu.com, others might be in a better position to help answer your question.  Ubuntu server does include tools sufficient to create your own private cloud and manage it, see https://help.ubuntu.com/community/UEC
<demonspork> how do I get mysql to listen to only a single internet IP address as well as localhost?
<MACscr> jmarsden: does it allow you to pick what technology you want it to manage? such as xen or kvm
<jmarsden> MACscr: I'm not sure.  I've played with it a few months back but only as a trivial experiment, not real world usage.
<jmarsden> demonspork: You don't, as far as I know.  the bug is still open: http://bugs.mysql.com/bug.php?id=14979
<demonspork> well, what I am trying to do is make it listen but only let it accept connections from a single remote IP address, I don't care how many interfaces it binds to
<jmarsden> demonspork: Oh, then comment out the bind_address line from my.cnf, and then packet filter things so only the one remote client can connect to its port (usually 3306).
<demonspork> ah, k
<demonspork> although that limitation you linked me to is rather odd - that is something I would assume it could do
<HackeMate> hello
<HackeMate> I'm looking for some tutorial about logrotate, I'm unable to make save logs for 4 months
<HackeMate> I followed some webtuto but can't make it work
<HackeMate> the man logrotate doesn't help me at all
<joschi> HackeMate: you just have to keep as many rotated logs ("rotate X") as fit into 4 months when considering your rotation interval (daily, weekly, monthly)
<HackeMate> where to set up that
<HackeMate> I have the dhcpd stored in /var/log/dhcpd/dhcpd.log
<HackeMate> I wanted to separate it daily and for 4 months
<HackeMate> # rotate log files weekly
<HackeMate> weekly
<HackeMate> Instead that, i put monthly?
<homecable> var/lib/ureadahead/debugfs <<< whats that
<joschi> HackeMate: in your /etc/logrotate.conf or better in /etc/logrotate.d/$customfile
<HackeMate> there is where I fail, what $customfile I put, I guess anything I can remember
<joschi> HackeMate: correct
<HackeMate> but I dont know what to add inside, /var/log/dhcpd/dhcpd.log?
<HackeMate> or just /var/log/<service name>
<HackeMate> I also guess /var/log/dhcpd/dhcpd.log ?
<joschi> homecable: http://lwn.net/Articles/115405/
<joschi> HackeMate: the syntax is described in `man logrotate` (http://manpages.ubuntu.com/manpages/lucid/man8/logrotate.8.html)
<joschi> HackeMate: you can also take another of the files in there as a template for your own
<HackeMate> yes I was reading those templates but they don't say what the last /word is
<HackeMate> # no packages own wtmp, or btmp -- we'll rotate them here                                                           /var/log/wtmp {
<HackeMate> it's the same
<joschi> HackeMate: "last /word"?
<HackeMate> /var/log/wtmp { <- what is wtmp really, a servicename? or a logfile
<joschi> HackeMate: it's the file /var/log/wtmp
<joschi> HackeMate: really, read the manpage. it's not that hard
<HackeMate> my english is not that good
<HackeMate> well, I will see if the google translator is powerful in this case
<eagles0513875> hey guys any postfix experts around?
<\sh> eagles0513875: just ask your question
<Tuzlo_> morning all, I know this really isnt the polace to ask hardware questions, but I was planning on installing Ubuntu on my Dell Poweredge 1850. I dont know if I messed up the scsi settings or whether I have a bad scsi drive. Is there anyone around right now that can afford to help me?
<hallyn> gah - anyone remember the name of the cloud provider that had a table at UDS-n, who was givign away 20 hours?
<hallyn> i saw them at linuxcon too, but can never remember their name
<Nafallo> atlantic.net
<hallyn> yes, thanks!
<Tuzlo_> I am planning on installing Ubuntu-server on my Dell Poweredge 1850. Is there anyone around to assist with setting up the scsi controller and drives?
<kirkland> cjwatson: hmm, so i'm quite surprised today to install a stock Ubuntu 10.10 server, and neither screen nor vim get installed
<kirkland> cjwatson: this is a regression since 10.04
<kirkland> cjwatson: checking the server seed, both screen and vim are there
<kirkland> cjwatson: perhaps the server cd is no longer using the server seed?
 * Datz remembers haveing to install screen on ~~
<Datz> eh
<Datz> 10.04
<osmosis> if libvirt is unable to return network statistics, im essentially unable to use ubuntu server in my production environment. too bad.
<soren> osmosis: Does the logs show anything when you attempt to get it?
<osmosis> soren,  any specific log?
<Tuzlo_> Does anyone have exoerience with nistalling Ubuntu-server on a dell Poweredge 1850 that has time to help me get this on
<osmosis> soren, i will dig into the logs next time the issue occurs. i dont know the trigger, so it happens randomly.
<uvirtbot> New bug: #672190 in bind9 (main) "package bind9 1:9.7.0.dfsg.P1-1 [modified: usr/share/bind9/bind9-default.md5sum] failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/672190
<Tuzlo_> Does anyone have experience with installing Ubuntu-server on a dell Poweredge 1850 that has time to help me get this on. I have only installed linux distro's on PC's in the past, dont wanna mess up this machine more than I already have.
<ikonia> Tuzlo_: it's pretty much the same process
<Datz> would someone here be able to help me with phpmyadmin?
<Tuzlo_> ikonia: ok, alright, not sure if the issue I had yesterday was because windows was nistalled on the scsi drives or not
<Tuzlo_> going to try diong this again today
<Tuzlo_> achk, I got sneezes
<hallyn> hey, cool - installing 10.04.1 server on a laptop (yes, the old transmeta which still hasn't been given away :) - and i see it has wireless drivers!
<hallyn> unfortunately, they autoconfiguration doesn't work...
<hallyn> s/they/the/
<Tuzlo_> whats the diff between server and enteprise cloud?
<hallyn> not sure what you mean -afaik we don't have an official install medium for 'enterprise cloud', we only have sample iamges in the amazon image store, right?
<hallyn> but, the diff woudl be less drivers since in the cloud you know what hw you'll get.  server is for on hardware
<Tuzlo_> oh, cause the server ISO I downloaded has enteprise cloud as an install option
<Tuzlo_> ikonia: ok, here goes nothing install number 2
<ikonia> go for it
<Daniel0108> hi
<Tuzlo_> ikonia: partitioning method, guided, guided with LVM, guided use entire disk space with encrypted LVM or manual? (I have partitioned a disk for Linux before
<ikonia> Tuzlo_: depends what you want ?
<Tuzlo_> it's a server dont need encryption
<Tuzlo_> will entire disk set up swap partitions?
<k-rad> is sqlite3 adequate for a low resource web server ?
<Tuzlo_> If you choose Guided partitioning, will it set up swap partitions?
<lieuwe> i've got a problem with a samba share, i can't read/write files in this share that were created on the server instead of trough samba, any ideas on how to fix this?
<oliver602> what's the best tool for caching updates on a local network? apt-proxy?
<lieuwe> halp?
<intick> ahve you checked permissions ?
<lieuwe> intick: yes, i suck at perms tho, but it seems to be the same as the folder i can acces
<intick> are you getting an error msg ?
<lieuwe> intick: apart from acces denied? nope
<\sh> lieuwe: config of this share?
<lieuwe> \sh: lemme pastebin
<lieuwe> \sh: http://pastebin.com/qaBkBKur
<lieuwe> \sh: the main problem is with the files share
<oliver602> ok i give up on apt-proxy
<sailerboy> hey, i'm trying to use top through ssh, anyone know how i would scroll down past the first 20 or so processes?
<demonspork> I have a server that doesn't seem to be running any of the cronjobs
<demonspork> how can I get that to be refreshed/working
<demonspork> I don't even know what to begin troubleshooting
<soren> Is CRON running?
<soren> or even installed?
<demonspork> yes
<demonspork> and yes
<demonspork> it used to work just fine
<soren> What changed?
<demonspork> the server crashed
<soren> How/why?
<demonspork> well, this is a VDS, some planned maintenance took it down early in the morning to upgrade the version of Xen
<demonspork> and the new version had a bug with disk access that made the server grind to a halt that afternoon
<demonspork> and ever since then my crontab doesn't seem to execute
<demonspork> I have restarted the server
<soren> ..and you definitely see cron in the ps output?
<demonspork> I see it yes
<soren> Running as root?
<demonspork> yep
<demonspork> wait
<demonspork> hmm
<demonspork> how I check
<demonspork> user
<demonspork> ps ax is the only way I know to use ps
<soren> ps aux
<soren> adds user info
<demonspork> there we go, I found it with htop
<demonspork> it is running as root
<demonspork> the next cron job to run should happen within 1 minute
<demonspork> but I don't expect it to happen because it hasn't happened for several days
<soren> You're sure the crontab is intat?
<soren> intact?
<demonspork> yep
<soren> ...and how do you check that it doesn't run?
<demonspork> the results never happen
<soren> Like what?
<demonspork> I even tried to make it "touch /home/minecraft/bob" and nothing appears
<demonspork> it normally runs a backup script that I can run manually just fine
<soren> demonspork: I'd probably try stracing the cron daemon to see what it's trying to do (if anything)
<Flakeparadigm> Is there a way to enable intel graphics acceleration in Ubuntu Server (lucid) so that I can run a media center program smoothly?
<Kaffien> how do i tell my ubuntu server to sync with a time server?
<ikonia> Kaffien: use ntpd to sync via ntp
<Kaffien> and that connects to a ntp server not creates one?
<ikonia> yes, connecting to a trusted one is better than running your own
<LyonJT> Hey
<LyonJT> Does anyone know how to add a specific user to a folder with full user rights
<Kaffien> doesn't seem to be updating the time
<Kaffien> updated the ntp.conf and restarted the daemon
<demonspork> soren, how do I strace cron to see if it is doing anything?
<RoAkSoAx> clear
<LyonJT> anyone
<binBASH> sorry for being offtopic but does someone know how amazon ec2 is accounted? I mean if I start an instance, stop it again after 20 mins, and then start another one 5 mins later. Do I have to pay 1 instance hour or 2?
<lifeless> 2
<binBASH> hmmmm, ok. Then I have to rework my scaling script ;)
<Kaffien> ah nevermind it wasn't broadcasting
<MTecknology> I just installed postgresql - but There's no /etc/postgresql/ ....
<bonaventura> Leo, Android show will be good in perspective due to Android's future market penetration. May be a bit early for it now though
<bonaventura> wrong channel, sorry
<MTecknology> I cant seem to make postgresql start at all :S
<uvirtbot> New bug: #672328 in vsftpd (main) "vsftpd: discloses whether usernames are valid or not " [Undecided,New] https://launchpad.net/bugs/672328
<MTecknology> OK... So on my system - "/etc/init.d/postgresql-8.4 start" also start/stop/status/etc.. produce no output at all... and postgresql won't start...
#ubuntu-server 2011-10-31
<kristianpaul> There is a easy way to get a ubuntu work as wireless acess point?
<kristianpaul> like a methapackage for the task or something :)
<_Techie_> is there a way to have ubuntu remove a list of packages using apt-get purge when one/some of the listed packages are not installed
<_Techie_> is there any way to remove all ubuntu-desktop packages so that im left with ubuntu-minimal for a server im setting up, the only disc i had on hand was a desktop disc
<thesheff17> _Techie_, the kernel is different from server to desktop
<twb> _Techie_: it would be better to install from the Server CD in the first place, but yes, you can remove packages you don't need
<twb> kristianpaul: you just need hostapd
<twb> kristianpaul: the documentation for it is a bit obtuse, but it's actually reasonably simple configuration
<_Techie_> twb: are you able to provide an easy way of removing the un necessary packages, the purexfce instructions are a tad outdated
<_Techie_> thesheff17: i dont need a streamlined kernel, all it will be doing is acting as a dhcp server and router between a LAN and the internet
<twb> _Techie_: broadly speaking, go into aptitude and markauto things
<twb> _Techie_: you'll want to keep ubuntu-standard and -minimal metapackages, and a kernel.  Oh, and a bootloader.
<twb> If you get rid of EVERYTHING else, you should still be able to boot, and install packages you do need.
<twb> I would recommend not getting rid of everything else in one go tho -- rather e.g. markauto ?section(metapackages), ?section(x11) and ?section(gnome) to begin with, plus everything in ?section(libs)
<twb> On my own systems I aim for ~i!~M to show only the packages I actually asked for
<_Techie_> twb: just checking, does ubuntu-minimal require networking and /bin/bash  , would hate to accidentaly remove those
<_Techie_> or ubuntu-standard
<twb> You'd have to really go out of your way to get rid of bash
<twb> Not so sure re. networking
<twb> If you've been using NetworkManager up until now, that will obviously go
<_Techie_> its base install
<_Techie_> and it will all be re configured from CLI
<twb> The main stuff for networking will be ifupdown, dhclient and netbase or so
<twb> Assuming ethernet DHCP client
<twb> Currently dhclient is called isc-dhcp-client AFAICT
<twb> If you just pay attention to what you're removing you should be OK
<_Techie_> well, i just marked a ton of stuff as auto and am hoping for the best
<twb> Like I said, it's safer to do a bit at a time
<_Techie_> this is odd, i cant htink of what would be reuiring compiz-fusion
<twb> aptitude why compiz-fusion, or hit "r" in the UI
<_Techie_> okay, i just went nuts
<_Techie_> either im gonna learn something incredibly cool... or im gonna be back at square one within half an hour
<_Techie_> maybe if this doesnt go too well, ill burn a server disc
<_Techie_> okay, i still havent been completely locked out... maybe im not trying hard enough
<_Techie_> twb: just rebooting now, hopefully everything still works
<twb> You're still here, so I guess you had the sense to IRC from another box
<_Techie_> this aint my first rodeo
<_Techie_> okay, things seemed to have worked to a point
<_Techie_> some things are stopping some X11 packages from being removed, and im not going to go chasing after them
<twb> Wise move
<twb> If it's just some libraries, it doesn't hurt to leave them installed
<ttt> anybody know how change password trough command line for ochestra web browser interface?
<twb> ttt: where is it stored?  flat files, ldap?
<ttt> well
<ttt> ok
<ttt> in /etc/cobbler under u 11.10 server
<ttt> user.conf ?
<twb> Dunno, then
<ttt> theres any command line promt program jsutto change it i jsut tried the one i configured and the login page jsut comebakc to the same login page..
<twb> ttt: sorry, I don't use that software, and it sounds like a software-specific password
<tdignan> Right now I'm using google apps. Is it possible to stick my own postfix installation as the 10 priority MX record and have it fallback on google apps?
<lifeless> depends on what you're using google apps for... if for mail delivery, you'll have to send it to google at some point
<tdignan> i want to move over to my own server for mail delivery, receive, and transfer
<tdignan> i've got only one server though, so I'm asking if there's a way to kind of back up the receiving end
<twb> In theory yes; in practice depends what google does
<twb> Certainly my MTA acts as a secondary for some of my customers, accepting mail on their behalf and relaying it to them when they come back online
<tdignan> http://pastie.org/2786323 here's my new mx
<tdignan> is this worth a try?
<twb> Christ, can't you just give it in dig notation?
<tdignan> sorry, 1 sec
<tdignan> http://pastie.org/2786328
<twb> Thanks, although I don't know the answer, since I don't use google :-)
<tdignan> What concept should I research so I can better understand this problem?
<twb> Though it is always a good idea to have a null-mx as first entry and a tarpit as the last entry
<CrazyGir> why would update-rc.d say this Adding system startup for /etc/init.d/drbd ...
<twb> CrazyGir: because someone ran it?
<CrazyGir> when running update-rc.d drbd disable
<CrazyGir> ...sorry, didn't expect that linebreak
<twb> IIRC disable isn't guaranteed to continue working; maybe they broke it
<CrazyGir> wtf?
<CrazyGir> why would that be
<twb> Can't see that mentioned in the sid version of the manpage tho
<twb> So: I don't know why you got that behaviour.
<twb> Are you on lucid, or what?
<CrazyGir> hrm
<CrazyGir> should be lucid, but this one particular might be running 11.04 - what is the ubuntu way for checking/confirming?
<CrazyGir> I would expect uname -a to tell you
<twb> lsb_release -a
<CrazyGir> bah, this particular system is natty
<CrazyGir> and I'm so going to wipe and reinstall with lucid :)
<twb> I doubt that'll help
<twb> But whatever
<CrazyGir> it'll help with a few things
<twb> Granted
<CrazyGir> I find 10.04 to be far more stable
<twb> I meant with the issue youmentioned
<CrazyGir> yep
<CrazyGir> I've found the drbd packages in ntty to be questionable
<twb> I wasn't enthusastic about drbd in the first place
<twb> SANs are hard work
<CrazyGir> yea they are
<twb> In the end I just told <customer> "you don't really need this, just buy a beefy box and run samba, it'll be less headache"
<CrazyGir> I am looking to try out the qlogic-build-it-yourself route
<tdignan> Well, I've got postfix and dovecot both working. I ended up deleting all my google MX's
<tdignan> so I have only one 10 MX rec.
<CrazyGir> eg, you get a bunch of FC HBAs, run their drivers, have at least 3 systems, and you get your own SAN cluster
<twb> tdignan: dig mx cyber.com.au +short <-- re null-mx + tarpit
<tdignan> twb: thank you
<twb> Basically just make sure your first one returns REJECT not DROP on 25; and the last one I just use some other guy's tarpit
<twb> Cuts out some of the spammers that don't follow correct MX logic
<tdignan> so 20 and 30 are your actual mail servers
<twb> Yep
<tdignan> i'm going to google how to make this null mx
<tdignan> thanks a bunch
<twb> Actually the same one; the exetel one is the backup DSL line
<twb> That plus an RBL or two, plus greylisting, is about all the antispam we do
<twb> A couple of our users who interact with normal people, and have had the same email address for twenty years, we use crm114 for them, but overall I am against body scanning
 * CrazyGir <3 openbsd's spamd + pf + tarpitting + open-smtpd
<SpamapS> mtaylor: very belated "pong" .. ;)
<tdignan> ah cool
<tdignan> I can break out the body scanners here, this is meant to be my own private email for my business
<twb> CrazyGir: I threw out all my ancient obsd and sol routers and just put in a single ubuntu box :-)
<CrazyGir> you could have just upgraded them too
<CrazyGir> or one
<CrazyGir> :P
<CrazyGir> sorry, but OpenBSD's correctness and simplicity trump ubuntu anyday - not that ubuntu doesn't have its places or successes, but it fails (miserably) in the correctness/simplicity categories
<twb> Sure but I like a homogeneous network and I didn't want to have to learn those
<CrazyGir> indeed
<CrazyGir> are you using puppet for that homogenous network?
<twb> Nope, too lazy
<CrazyGir> you are so silly
<CrazyGir> (to claim laziness)
<twb> puppet doesn't even have a versioned wire protocol
<twb> And the puppet devs respond to every issue with "upgrade to latest version on both ends"
<twb> And of course then you need ruby on every goddamn host
<CrazyGir> and that prevents you from simplifying maintaining your homogenous network how?
<twb> If I had 1000 hosts I might bother; I have more like 20
<twb> And most of them are actually just jails
<CrazyGir> still silly, in my opinion
<twb> Shrug
<SpamapS> twb: I think the tipping point for needing something like puppet is around 20 servers actually.
<twb> Have you tried to write a parser for sysctl.conf in puppet?
<CrazyGir> there's so much (ridiculous) redundancy in sysadmin work
<twb> Or did you just do what every other bastard did, and just use the exec plugin?
<twb> At that point you're really just using puppet as a glorified clusterssh
 * SpamapS still prefers using OpenBSD for firewalls, as its a nice "air gap" to have a different OS protecting your network.
<twb> SpamapS: I have actual air gaps
<SpamapS> twb: note, Juju is the new glorified clusterssh. :)
<CrazyGir> I'm not so advanced, so right now puppet is a glorified fileserver + automating user/package configuration + some specialized scripts for special services
<lifeless> SpamapS: bwah
<CrazyGir> but I believe, once I have configured a system/service/role, I should not be doing it again
<CrazyGir> I should be adding to it
<twb> Most of the package configuration I do via .deb from the internal PPA repo
<CrazyGir> it's like rewriting an authentication module for your webapp, just cause you are redeploying
<CrazyGir> so silly
<twb> And all the jails are based off a local template that has e.g. ldap pre-configured
<CrazyGir> :)
<CrazyGir> to each and his own
<SpamapS> CrazyGir: I believe you and twb are agreeing on principle, but not on method.
<CrazyGir> sounds like it
<twb> I would be more enthusiastic about puppet if I had the impression of *rigour*
<CrazyGir> though my principles here also dictate that I centralize the configuration and make redeployment a less-than-one-hour sort of task
<twb> Maybe it's just that I used to work with some puppet employees :P
<CrazyGir> twb: if you have others you manage, you can also make them do it!
<CrazyGir> hah
<twb> I can deploy a new jail in about five minutes, FWIW
<CrazyGir> no, I mean the whole rack
<twb> Most of that is choosing a hostname
<CrazyGir> :D
<CrazyGir> I'm still working towards that dream, but I'm already pretty close, which is awesome to me, as I've only been working towards that goal for a few months now
<onre> that's why there is a wikipedia article containing a list of names of moon's geographical features
<twb> Most of my customers have one server and a couple dozen windows desktops, so puppet is not an attractive proposition for those
<tdignan> ah, so the NULL mx is just a way of forcing the MTA to have to go down the list of priorities and try the next one
<tdignan> ?
<twb> tdignan: yes
<twb> tdignan: it rules out anyone too lazy to try >1 MX
<tdignan> excellent trick
<twb> And the tarpit nails any anyone who tries to work from the bottom up, which is a common tactic because people often (stupidly) only put anti-spam on the first MX
<SpamapS> hah that still happens?
<twb> SpamapS: well, maybe my advice is old
<twb> SpamapS: lot of greybeards here
<SpamapS> I tend to just have my hosting provider's barracudas as MX's.. and then the @ that resolves to my webserver rejects anything not from those two barracudas.
<twb> SpamapS: hard disks?
<tdignan> i'm paranoid to just use someone's tarpit: if I do this on my other server: iptables -A input -p tcp -m tcp --dport 25 -j TARPIT -- will that interfere with my ability to send outgoing email from that machine, locally?
<twb> tdignan: is that a separate host from the main MTA?
<tdignan> yeah
<twb> Should be fine
<twb> It's -A INPUT of course
<tdignan> I just want to preserve the ability on that host, to be able to shoot off an email
<tdignan> that's fine, right?
<twb> tdignan: I think so
<tdignan> awesome, thank you for all your help
<tdignan> I am new to using linux as a server other than apache and ssh
<SpamapS> twb: no, they are spam filtering appliances
<SpamapS> twb: by far the best I've seen
<twb> SpamapS: bah
<twb> https://secure.wikimedia.org/wikipedia/en/wiki/Barracuda_Networks
<SpamapS> heavily cultivated blocklists
<twb> Haha "spam firewalls"
<SpamapS> Forgive them the terminology.. they really do obliterate anything else I've seen.
<twb> It's based on clamd
<SpamapS> and spamassassin :)
<twb> I'm not a fan of either
<SpamapS> but what you're paying for is their constantly updated and managed blocklists
<twb> Mainly because whenever I ssh into a customer that uses them, 99% of the load is from clam
<SpamapS> SA and clamd are just for the obvious stuff.
<SpamapS> yeah, its an appliance.. its not your problem. :)
<twb> I sell appliances, I know what they look like on the inside :-(
<twb> "Appliance" just means "don't look, cthulu inside"
<CrazyGir> hah
<twb> Oh man, or those Thecus NASs.  They have everything turned off in busybox, but they still use bash for all their scripts :-/
<tdignan> is there something I can install that will give me periodic reports on my system via email?
<hydromet> hi, I'm trying to do a somewhat difficult installation of Ubuntu Server 11.04 amd64 onto a machine (a Mac Xserve) that has 32-bit EFI firmware only ... someone who wrote up instructions on how to do this suggested  "downloading the network installer of your choice in ISO format" (from the Linux distro desired, in my case Ubuntu Server) ...
<hydromet> I didn't see it on the Ubuntu web site, is there a specific network installer (in ISO disc image format)?
<hydromet> what I have seen is only this file:
<hydromet> ubuntu-11.04-server-amd64.iso
<hydromet> thank you for any suggestions
<patdk-lap> http://archive.ubuntu.com/ubuntu/dists/natty/main/installer-amd64/current/images/netboot/mini.iso
<hydromet> thanks patdk_lap:
<greppy> tdignan: logcheck is good, logwatch is handy as well.
<jasonmsp> hey all.  Anyone know why my server would be showing an open 3128 port attributed to squid-http (when scanned externally) but lsof, /etc/services and netstat don't show anything running?
<jasonmsp>  
<qman__> jasonmsp, either your server is running it and you just don't see it, or something is between your server and what you scanned it with/you scanned the wrong IP
<tdignan> greppy: ah, thanks for the suggestions.
 * tdignan 's wireless keyboard fails to transmit keystrokes when he turns his fan on :/
<jasonmsp> qman__: thanks.  The conclusion i've been coming to is that it is somewhere along the way.  I've been using nmap.  From a command prompt within the server it shows closed, from my present location it shows open.  Is there a way to have nmap find out where the source along the way is?
<qman__> well, in order for it to show up as your server, it'd have to be a transparent device like an inline firewall or NAT router, or from your ISP if applicable
<onre> or alternatively it's a backdoor.
<qman__> yeah, but nmap is pretty good at application detection, it'd have to be pretty sophisticated to fake being squid
<tdignan> I've got logwatch installed and I see that it's created a file in /etc/cron.hourly
<tdignan> I know how to edit user crontabs but have not used the /etc way before
<tdignan> I'm sorry, I mean cron.daily
<tdignan> what is the correct way to modify this to make it run every 3-4 hours, instead of daily?
<uvirtbot> New bug: #884177 in lm-sensors (main) "fancontrol cannot read its own configuration file" [Undecided,New] https://launchpad.net/bugs/884177
<uvirtbot> New bug: #884173 in lm-sensors (main) "sensors returning a bogus temperature reading" [Undecided,New] https://launchpad.net/bugs/884173
<tdignan> nm, found it all in /etc/crontab
<greppy> tdignan: logwatch is good for a daily status update, I depend on logcheck for hourly updates of things that I may need to be worried about.
<tdignan> greppy: cool, trying it out now
<tdignan> i made a new cron category called cron.quadly
<tdignan> so stuff can run every 4 hours
<SpamapS> woo, joined UDS plenaries just in time to see sabdfl praise Orchestra :)
<SpamapS> http://video.ubuntu.com/live/
<ogra_> SpamapS, and you were just mentioned ;)
<sander^work> Where do I submit an bug? Getting lots of weird utf characters when choosing german language before login to phpmyadmin in ubuntu 9.10 server
<ogra_> 9.10 ?
<ogra_> thats EOL since a year i think
<sander^work> Oh, ok.
<sander^work> Is even the server version EOL ?
<ogra_> it wasnt an LTS, so it goes EOL after 18months
<sander^work> ok
<ogra_> (hint: use LTS releases on servers :) )
<sander^work> I do now.. But at that time 10.04 wasn't released.
<sander^work> I'll upgrade it.
<ogra_> yup, do that
 * ersi hugs 10.04
 * ersi cuddles 10.04
 * SpamapS feeds a live mouse to 10.04
<Ursinha> SpamapS: lol
<\sh> sander^work, hopefully you don't have any nic bonding configs on your server
<\sh> sander^work, be sure to read the release notes of lucid before you just upgrade...can be helpful for your dist-upgrade
<lynxman> ersi: you're getting pretty personal with lucid aren't you ;)
<ersi> sorry, can't talk - me and 10.04 is busy ;)'
 * lynxman covers his eyes
<medberry> What #channel is the ITSM discussion going on? ubuntu-uds-bonaire1? or something else?   lynxman ? RoAkSoAx ?
<medberry> ah, cap b
<lynxman> medberry: I'd say #ubuntu-uds-Bonaire1
<medberry> nod.
<uvirtbot> New bug: #884240 in clamav (main) "I'm having the same issue." [Undecided,New] https://launchpad.net/bugs/884240
<pmatulis> funny bug
<miceiken> Hey, after I did a release upgrade I got this error with PHP/PDO: SQLSTATE[HY000] [2019] Can't initialize character set UTF-8 (path: /usr/share/mysql/charsets/)
<miceiken> Am I missing a package?
<pmatulis> miceiken: should be in package 'mysql-server-core'
<pmatulis> miceiken: but see http://is.gd/F44c6V
<miceiken> pmatulis, neither of that worked
<miceiken> mysql-server-core was already installed
<RoAkSoAx> shang: are you at UDS?
<RoAkSoAx> shang: if you are and wanna lookg fuyrther into the orchestra issue just let me know
<The_Fred> hello
<The_Fred> where can i get help with networking?
<pmatulis> The_Fred: here, if you're using ubuntu server
<The_Fred> pmatulis, I am using ubuntu desktop, but i removed network manager by mistake, and am trying to connect manually
<pmatulis> The_Fred: edit /etc/network/interfaces, see the ubuntu server guide
<The_Fred> when I do iwconfgi wlan1 key restricted XXX it thows: SET failed on device wlan1;invalid argument
<The_Fred> thanks for the pointer pmatulis
<RoyK> testing Condor, a cluster scheduler, I see it's got downloads for debian 5 or 6 - which one of those would match lucid best?
<RoyK> huh - seems to be in the repos already...
<RoyK> anyone here working with compute clusters?
<RoyK> hm... condor looks like a good switchboard for parallel processing
<SpamapS> condor? Isn't that the old thing that makes fork() possibly end up forking to another server?
<RoyK> dunno yet - but it seems it's got some nifty features like stopping jobs and migrating them to idle hosts if the host running the job gets some more work, and even resume dead jobs
<RoyK> seems a bit heavy on the network side, though
<SpamapS> Mosix is the thing that I was thining of
<RoyK> SpamapS: someone at work was talking about mosix - 'the way to go', but I started checking what open software were available for such a task...
<RoyK> and since openmosix died three years ago, well...
<SpamapS> Yeah
<SpamapS> I think at this point if you have massive distributed jobs to run, hadoop is the king.
<RoyK> I thought hadoop was mainly about storage
<SpamapS> definitely not
<SpamapS> HDFS is its default storage bit
<Randolph> hi all
<SpamapS> but you can store data in Cassandra, or CEPH
<RoyK> doesn't seem to have the process migration thing that condor has
<RoyK> or job migration
<RoyK> SpamapS: seems the parallel computation bit isn't quite ready....
<SpamapS> uh
<SpamapS> its driving the big data revolution
<SpamapS> RoyK: hadoop is basically destroying traditional enterprise business intelligence ..
<RoyK> SpamapS: still seems to lack a good scheduler...
<SpamapS> "scheduler" ?
<RoyK> for compute nodes
<lickalott> gents, trying to install mysql and am getting errors with CVS and Docdb.  I've tried cvs update and it fails.  CVS isn't in the package manager.  Kind of at stand still right now.
<SpamapS> RoyK: like, so you can let 2 people fight over the same set of resources?
<SpamapS> RoyK: we call that "the cloud" ;) ..
<SpamapS> lickalott: cvs?!
<lickalott> apparently it's needed for what our plans are for mysql.  I'm kind of in and out of the conversation.  lemme get some details...
<RoyK> SpamapS: like if you have a job that will need to spawn 1000 processes across a compute cluster
<RoyK> lickalott: are you using CVS?
<lickalott> we are trying to test out a document database and docdb was the first package that he wanted to try
<SpamapS> lickalott: I can't possibly see why you would want to use CVS
<lickalott> so press without CVS?
<RoyK> SCCS FTW!
<RoyK> lickalott: CVS is a rather elderly version control system - there are others that work very much better :P
<RoyK> like git or mercurial
<lickalott> SCCS?
<SpamapS> RoyK: how do you know you need 1000 processes? Hadoop takes a massive data set, breaks it up into pieces and farms out the pieces to processors. The job and the data do not dictate the number of processors.. that just becomes the way you speed it up.
<RoyK> SpamapS: how would HADOOP know how to split those netcdf files?
<SpamapS> RoyK: all jobs are made up of a map() and a reduce() function
<SpamapS> RoyK: map() takes a chunk and returns the pieces
<RoyK> what controls where those jobs are run?
<SpamapS> the map() tends to run on very few nodes, reduce() runs everywhere
<RoyK> and map/reduce is written in what? java?
<SpamapS> I haven't written any map/reduce jobs, but I believe map() can break it up into big chunks which can be further mapped to smaller pieces
<RoyK> lickalott: SCCP, not SCCS, it's an even more eldrich thing
<SpamapS> Hadoop is java yes.
<SpamapS> Tho I've written mini-map-reduce in PHP w/ gearmand used to do the job control/scheduling
<patdk-wk> sccp is cisco's sip
<RoyK> SpamapS: would this work for scientific data where you might have a terabyte of input data and only want to use, say, 50GB of that?
<RoyK> patdk-wk: sorry, sccs, not sccp :P
<RoyK> patdk-wk: btw, IIRC SCCS is a separate protocol, not related to SIP
<patdk-wk> heh? sccp is what cisco uses instead of sip
<RoyK> cisco uses SIP as well
<patdk-wk> cisco normally defaults to sccp though
<RoyK> that doesn't mean sccp relates to sip
<patdk-wk> never said they are related
<patdk-wk> other than they are both voip protocols
<RoyK> in the same way that h.323 != sip
<RoyK> 19:36 < patdk-wk> sccp is cisco's sip
<patdk-wk> ya, sccp is ciscos voip protocol, vs using sip
<patdk-wk> h.323 is a long way away from sip
<RoyK> h.323 is technically asn.1 over IP
<RoyK> which is ugly....
<^Mike\b> Is there a tool to know whether a reboot is needed to finish applying updates? On the desktop edition, it turns the power button red in the top-right corner, for example.
<RoyK> ^Mike\b: logging in with ssh tells you
<uvirtbot> RoyK: Error: "Mike\b:" is not a valid command.
 * RoyK slaps uvirtbot 
<RoyK> that's done with running landscape-sysinfo
<^Mike\b> ah, right
 * ^Mike\b checks that those scripts are still enabled
<^Mike\b> thanks
<mgw> What is the most recommended way to handle virtualization when using Orchestra?
<SpamapS> mgw: cobbler can manage VMs with koan.
<SpamapS> mgw: but if you want large scale virtualization.. OpenStack may be a better choice.
<miceiken> what do i do if a program wont quit when clicking ctrl+c
<snap-l> miceiken: Try CTRL-Z
<mgw> SpamapS: ty, we're looking to manage a few dozen physical machines
<snap-l> and then run `jobs` to see what the job status is
<snap-l> miceiken: You can then do a `kill %n`, where n is the job number
<mgw> SpamapS : cobbler is part of Orchestra, correct?
<SpamapS> mgw: thats a lot ... I'd go with OpenStack.
<SpamapS> mgw: cobbler is the provisioning portion of Orchestra, and definitely the biggest piece.
<snap-l> miceiken: If that doesn't kill it, you can try `kill -9 %n`
<miceiken> thats what i did :P
<snap-l> miceiken: And if THAT doesn't kill it, you might want to find out why it's not stopping. ;)
<snap-l> miceiken: `strace -p _processnumber_` is a start
<miceiken> [1]+ Stopped ./pipsqueek.pl ../etc/
<miceiken> miceiken@celeste:~/pipsqueek/bin$ kill 1
<miceiken> -bash: kill: (1) - Operation not permitted
<snap-l> kill %1
<snap-l> %1 is special. It means job number, not process number
<miceiken> ah
<RoyK> miceiken: you won't be able to kill init (PID 1) and you probably don't want to :P
<miceiken> haha
<snap-l> Otherwise you're trying to kill the init process
<snap-l> and that's a very, very bad thing
<snap-l> Unless you relish having your machine crash spectacularly, in which case it's a great thing.
<RoyK> snap-l: init is generally unkillable
<snap-l> Highly recommended in that case.
<miceiken> so, why isnt this working then :(
<RoyK> kill -9 %1
<RoyK> a process stopped by ctrl+z won't listen to signals
<RoyK> kill -9 is the 'gun against the head' type
<lifeless> RoyK: it will hear CONT, won't it ?
<RoyK> a normal 'kill' sends a SIGTERM, which is generally a good idea, but if the process has stopped listening, SIGKILL (-9) should work better
<RoyK> lifeless: probably, and perhaps SIGSEGV
<lifeless> RoyK: you can also try SIGHUP before KILL (or SEGV)
<RoyK> SIGHUP won't help much either
<RoyK> and SIGSEGV won't be of much help - the only difference is that it might produce a core dump (if ulimit allows that)
<RoyK> and by default, ubuntu is set to not coredump
<lifeless> it would trigger apport
<virusuy> hi everyone!
<mistergibson> is there a way for me to configure apparmor (or other utility) such that : if no apparmor profile exists for any executable that it will generate one as soon as it is run the first time?
<mistergibson> I guess what I'm looking for here is SysTrace (that venerable and dead project) behavior *somehow*.  I'd really like a big catchers mit for trojans here
<mistergibson> firewall rules are not enough -- need app level learn modes and stuff.
<JanC> mistergibson: apparmor has a "logging" mode
<SpamapS> mistergibson: apparmor is meant to be selective, so if you want a more blanket policy, its probably advisable to contain untrusted users in VMs or containers.
<SpamapS> JanC: right, but you still have to save the complaints as a profile. ;)
<mistergibson> SpamapS: I don't have vms on this box
<mistergibson> is there a utility that will 'catch' anything that is run?
<SpamapS> mistergibson: Generally the regular permissions system can lock things down for blanket purposes
<uvirtbot> New bug: #884428 in lxc (main) "new created ubuntu machines result in: "init: Unable to listen for private connections: Failed to bind socket "/com/ubuntu/upstart": Address already in use" [Undecided,New] https://launchpad.net/bugs/884428
<mistergibson> SpamapS: well, rather than just 'deny' something, I want to do something with it the first time it is run.
<SpamapS> mistergibson: sounds very complicated.
<mistergibson> SpamapS: potentially, but I'd like to be able at least to catch a list of all apps run and see if they have a profile ... if systrace can do it ... can't be that hard.
<mistergibson> SpamapS: unfortunately, systrace source code is old and broken -- but it is *exactly* the kind of thing I need.
<SpamapS> mistergibson: as JanC says, you can turn apparmor's complain mode on and use that to record it into a profile
<mistergibson> SpamapS: so the complain mode will see a new app?
<mistergibson> I know I can make a profile for any known path -- got that part, and run it in complain mode
<mistergibson> what I'm fishing for is the critter lurking that I don't know the path of
<mistergibson> thinking out loud here a bit : so, critterX runs somehow; unknown-thingy see it; observes it has no profile; auto-complain modes it.  perhaps something like that.
<mistergibson> more like profile autogen more than anything I suppose -- it would be a start
<matrillox> hello
<matrillox> upgraded to 11.10, applied latest apt-get update|upgrades and now interface eth0 does not come up on boot. help? thanks.
<RoyK> matrillox: as a start, don't use a non-LTS for a server, and then, if you see errors, pastebin the logs when asking
<p1ruj3> hey, so had a entry in deny.hosts I needed to remove (local printer who freaked out) how do i rehash that file so the printer is no longer banned?
<p1ruj3>  sudo network denyhosts restart
<matrillox> duly noted RoyK
<matrillox> anyway to downgrade back to a LTS version?
<p1ruj3> actually that didnt do it
<greppy> matrillox: if by downgrade you mean reinstall, then yes, there is :)
<matrillox> why yes, i did mean reinstall. that worked out well.
<qman__> matrillox, that's not to say 11.10 isn't supported, but it just came out, and bleeding edge is bleeding edge
<qman__> we need logs, config files, command output
<matrillox> ah, 10-4.
#ubuntu-server 2011-11-01
<uvirtbot> New bug: #884532 in samba (main) ""the system update discovered the bug": package samba 2:3.5.8~dfsg-1ubuntu2.3 failed to install/upgrade: ErrorMessage: package samba is not ready for configuration  cannot configure (current status `half-installed')" [Undecided,New] https://launchpad.net/bugs/884532
<lifeless> SpamapS: we're finally using rabbit btw :)
<SpamapS> lifeless: \o/
<SpamapS> lifeless: how's it going?
<lifeless> SpamapS: slow progress, good performance
<SpamapS> lifeless: I've heard a few grumbles from rabbit users about it becoming a SPoF even with replication/failover
<lifeless> it is
<lifeless> so e.g. https://code.launchpad.net/~lifeless/python-oops-datedir-repo/less-rsync/+merge/80861
<lifeless> where we have a backup system
<SpamapS> lifeless: I missed your answer if you gave it (or I forgot to ask) are you in Orlando or stil attending events virtually?
<lifeless> virt
<lifeless> SpamapS: OTOH, if you get an oops on qastaging, it gets injected into oops-tools in realtime
<lifeless> SpamapS: faster than the time to get the page to you :)
<lifeless> SpamapS: prod will have that come online late this week / next week I think
<shang> RoAkSoAx: no, I am not in UDS this time
<shang> RoAkSoAx: but yes, I am would like to do some demo on orchestra, but I am having some issues
<shang> RoAkSoAx: https://answers.launchpad.net/ubuntu/+source/orchestra/+question/177059
<hydromet> hello - if I want to upgrade a 9.10 amd64 server to an 11.04 amd64 server, do I first need to step to a 10.04 (or 10.10) amd64 server or is it possible to do a direct jump from 9.10 to 11.04?
<lifeless> hydromet: the rule is that LTS->LTS is possible, and anything->anything+1 is possible.
<philipballew> hydromet, you have to upgrade to each one
<hydromet> lifeless thanks, that's very useful to know (hence a good reason to use LTS)
<lifeless> hydromet: 10.04 is an LTS
<hydromet> philipballew: thanks for reinforcing the rule ... so it looks like I'll need to stair step from 9.10 to 10.04 to 10.10 to 11.04. fun! :-)
<SpamapS> just depends on how much you value your time.
<hydromet> lifeless thanks ... looks like the next LTS (12.04) is quite some time away yet
<lifeless> yes
<lifeless> 5 months
<mgw> How can I configure cobbler to *not* use its local mirrors (that haven't been populated yet)?
 * SpamapS heads to the airport to fly to UDS.. woot. :)
<lifeless> enjoyah
<SpamapS> mgw: by default it uses archive.ubuntu.com through a squid proxy
 * SpamapS drive-by's mgw with an answer then goes <POOF!>
<mgw> hmm, oddâ¦ that's what I had sort of thought, but when I try to boot a new server with koan, i get this: HTTP hasFile: didn't find http://X.X.X.X/cblr/repo_mirror/oneiric-x86_64/.treeinfo: HTTP Error 404: Not Found
<shang> SpamapS: a quick question about the orchestra+juju to deploy openstack
<shang> SpamapS: I have the orchestra setup (successfully deploy server from it with the profile), but when I run juju bootstrap,  I got the error: Could not find any Cobbler systems marked as available and configured for network boot.
<shang> 2011-11-01 11:49:16,389 ERROR Could not find any Cobbler systems marked as available and configured for network boot.
<shang> SpamapS: from the profile, I re-enabled the netboot for one of the machine, but I stil l got that error
<lucke> hey guys, we recently had a compromise on our server, a web site was hacked and they installed a porno forum on the site, it was taking up tons of bandwidth, I have since fixed the issue and removed the stuff they had there, I am still getting a ton of hits to that form they installed, what can I do to stop the hits?
<qman__> lucke, in short, you can't
<qman__> if you want to continue receiving requests from the general internet as a whole, there's no way to prevent those from coming in
<qman__> you can rate limit connections if you're being brute forced, and you can remove the offending files/sites altogether (and should have already)
<qman__> but you can't stop requests
<lucke> Ah ok.
<lucke> thanks qman__ I removed those a long time ago, i just keep seeing annoying connections coming into trying to access that forum, by the hundreds.
<lucke> every night at this time of the night, I think they had some sort of scraper running or something
<qman__> if they're coming from the same IP, you can block that IP
<lucke> yea, I wish :(
<qman__> but the requests will still come in, they'll just be blocked at the firewall instead of your web server sending a 404
<qman__> not much difference between the two
<lucke> yea, no big deal I guess, eventually they should go away.
<lucke> should i so a permanent redirect (302) to somewhere or just leave it 404?
<lucke> s/so/do
<qman__> I don't know if it would have any real effect
<qman__> it'd only help if it was a legit search engine or something
<qman__> as in, some program that respects that type of thing instead of blindly requesting
<lucke> ya
<lucke> ill just leave it I guess
<lucke> thanks
<mgw> in regard to cobblerâ¦ any ideas why squid seems to not be proxying?  I'm getting this error when invoking koan:  HTTP hasFile: didn't find http://X.X.X.X/cblr/repo_mirror/oneiric-x86_64/: HTTP Error 404: Not Found
<uvirtbot> New bug: #884606 in unixodbc (main) "package odbcinst1debian2 2.2.14p2-4 failed to install/upgrade: './usr/share/doc/odbcinst1debian2/NEWS.Debian.gz' is different from the same file on the system" [Undecided,New] https://launchpad.net/bugs/884606
<Error404NotFound> What options other than compiling from source do i have to upgrade apache from 2.2.14 to 2.2.21?
<Error404NotFound> If i use precise's main repo to just upgrade apache2, and later delete it, on my 10.10 server is it likely to cause package upgrade issues?
<freakynl> Hi, is anyone aware of a comparison between the new in-kernel iscsi stack (lio iirc) vs iet (iscsi enterprise target)? New being the one in the 3.1 kernel btw
<ikonia> don't know of any ubuntu version using 3.1 currently
 * _ruben is likely to stick to the scst stack
<_ruben> aww bugger .. keepalived's homepage seems "broken" .. only shows a login form :/
<iclebyte> anyone found heartbeat to be unreliable for DRBD / IP Addr resource management?
<_ruben> iclebyte: plain heartbeat (ancient) or combined with pacemaker/corosync/etc ?
<freakynl> _ruben: any reason in particular? we're currently on iet and kinda curious on how interesting it is to change
<_ruben> freakynl: i switched quite some time ago .. iet did have some issues which i dont recall anymore though .. also scst is said to have better performance (depending on config) .. and scst's config file is much cleaner imo
<_ruben> never really looked back at iet, tho scst did base its iscsi part on iet
<freakynl> _ruben: hmm scst is now dropped from kernel in favor of lio... then again, lio is sgst based/compatible (which is scsi stack in kernel) and scst has it's own scsi stack (which unfortunately isn't ever going to make it into the kernel by the looks of it (it has/had some more advanced options and fancy stuff)
<_ruben> freakynl: the lio vs scst vs whatever inclusion in mainline kernels was a nasty political battle from what i've seen about it .. scst compiles just fine as a dkms module, you only lack a few performance enhancements which require actual kernel patches
<_ruben> isn't sgst mostly userland? or am i mixing stacks up?
<SpamapS> shang: did you figure out your juju issues?
<shang> SpamapS: no, unfortunately...
<shang> SpamapS: but the issues is a bit different now. I can't run bootstrap the
<shang> SpamapS: I have the first system deployed with oneiricx86_64-juju profile
<mgw> SpamapS : I'm still having trouble with squid (or something related)
<shang> but when I run juju bootstrap, it says the system is not ready
<SpamapS> shang: pastebin? also run it with 'juju -v bootstrap'
<shang> SpamapS: http://paste.ubuntu.com/725249/
<shang> SpamapS: is there a difference to have the bootstrap node using the oneiricx86_64 profile instead of the oneiricx86_64-juju profile?
<SpamapS> shang: can you ssh to the machine that was started as part of the bootstrap?
<shang> SpamapS: yes, using password authentication
<SpamapS> shang: but not the key? check the console.. I bet cloud-init had problems.
<shang> SpamapS: so we should just login automatically, right?
<shang> SpamapS: and here is the cloud-init.log: http://paste.ubuntu.com/725269/
<SpamapS> shang: uds sessions have started, will get back to you later today
<shang> SpamapS: ok, thanks
<mgw> Anybody know why I'm getting a 404 rather than hitting the squid proxy: https://gist.github.com/2dfbcf76c6fd5d3b1c52
<RoAkSoAx> shang: yeah there's some issues with cobbler-enlist, could you ping Daviey or adam_g as they definitely know what's failing
<shang> RoAkSoAx: ah... if u get the chance, can you help me take a look at the cloud-init ? http://paste.ubuntu.com/725269/
<RoAkSoAx> shang: sure, what's up with it, I don;t see anything significant in the log
<shang> RoAkSoAx: I tried to use juju bootstrap, but I can't get it working: http://paste.ubuntu.com/725249/
<RoAkSoAx> shang: could you also post /var/log/cloud-init-(output i think).log from the bootstrap node
<RoAkSoAx> shang: then do: sudo cobbler system getks --name <what ever name of the node selected to be bootstrap>
<mgw> RoAkSoAx: would you have a second to look at my issue as well?
<RoAkSoAx> mgw: sure
<shang> RoAkSoAx: the log that I sent was from the bootstrap node.
<RoAkSoAx> shang: there's 2 cloud-init logs
<RoAkSoAx> shang: cloud-init.log and cloud-init-(something i cant remember :$).log
<RoAkSoAx> mgw: what are your issues
<mgw> RoAkSoAx: thanksâ¦ when I run koan, I'm gettin a 404
<mgw> https://gist.github.com/2dfbcf76c6fd5d3b1c52
<shang> RoAkSoAx: here is the getks log:  http://pastebin.ubuntu.com/725281/
<RoAkSoAx> shang: oh btw... what preseed are you using, orchestra.preseed or juju.preseed?
<shang> RoAkSoAx: the juju.preseed
<shang> RoAkSoAx: should the bootstrap node using the orchestra.preseed?
<RoAkSoAx> shang: nope
<mgw> From what I understand, it should be hitting the squid proxy, but it seems to be trying to access the non-existent mirror
<RoAkSoAx> shang: it's fine using the juju one
<RoAkSoAx> mgw: oneiric?
<mgw> yes
<RoAkSoAx> mgw: can you file a bug with an step by step to reproduce so I can track it there
<mgw> RoAkSoAx: Sure, but is there a way to get orchestra back to a pristine state?
<RoAkSoAx> shang: so is zookeeper running on the bootstrap?
<mgw> So I can retrace my steps
<RoAkSoAx> mgw: i don't think it's orchestra itself but rather a bug in koan
<mgw> really? okâ¦ any ideas how I could get around it?
<mgw> What URL *should* it be accessing/
<mgw> In order to got through squid
<shang> RoAkSoAx: should it? I didn't see it in any of the doc
<shang> RoAkSoAx: sudo apt-get install zookeeperd ?
<RoAkSoAx> shang: yes it should, could you pastebin /root/user-data-late-command /root/meta-data-late-command
<RoAkSoAx> shang: cloud init should have taken care of that automatically
<RoAkSoAx> mgw: i would have to reproduce it to know what is wrong with it
<RoAkSoAx> mgw: but for what I can see, if you manyually try to browse http://10.1.1.1/cblr/repo_mirror/oneiric-x86_64/ it should be accessible to it, is it?
<mgw> RoAkSoAx: no, I get a 404 there as well
<RoAkSoAx> mgw: ahh i know what's wrong
<RoAkSoAx> :)
<mgw> :-)
<mgw> You have no idea how many hours I spent last night trying to figure this out....
<RoAkSoAx> mgw: its using http://192.168.123.2/cblr/repo_mirror instead of http://192.168.123.2/cblr/ks_mirror
<RoAkSoAx> mgw: could you please just file a bug and I'll take care of it
<mgw> ok
<RoAkSoAx> mgw: and what you could try is to just import a full ubuntu-server ISO
<mgw> can I hack koan to fix it for the moment?
<RoAkSoAx> mgw: instead of the mini iso
<RoAkSoAx> mgw: yeah but it is really in cobbler as the install_tree is obtained with information from cobbler
<RoAkSoAx> mgw: so maybe a patch is not being applied correctly or similar
<RoAkSoAx> mgw: what you could do is edit the profile and change the tree to http://192.168.123.2/cblr/ks_mirror/ instead
<RoAkSoAx> mgw: that should be the fix, just edit the profile and change the repo_mirror to ks_mirror
<shang> RoAkSoAx: http://paste.ubuntu.com/725287/
<shang>  http://paste.ubuntu.com/725290/
<freakynl> _ruben: afaik it's kernel, it has been in-kernel for a very long time. But I'm no expert either :). SGST is the entire scsi stack in the kernel afaik. SCST seems to have a lot of advantages, but yes it is a political war
<RoAkSoAx> mgw: the reason why it is done like that is because ks_mirror is used when you use a full ISO because all the debs are there, while with a mini ISO, there are no *.debs so it assumes that we can create a repository and then copy the packages in repo_mirror/<profile> but the way we use it in orchestra and juju is really differently and does not use the concept of using repositories managed by cobbler
<mgw> i see
<RoAkSoAx> shang: that's the problem: http://paste.ubuntu.com/725290/ for some reason there's not user-data
<mgw> trying to find where to edit the profile
<RoAkSoAx> shang: are you usign juju from branch?
<RoAkSoAx> mgw: either in the profile or in the distro
<shang> RoAkSoAx: no,
<RoAkSoAx> mgw: i dont remember right now
<RoAkSoAx> shang: what version of juju are you using?
<shang> RoAkSoAx: from the CD. apt-get install juju
<RoAkSoAx> shang: uhmmmmmmmmmmmmm
<RoAkSoAx> shang: that might be a problem with juju instead of orchestra
<shang> RoAkSoAx: 0.5+bzr398-0ubuntu1
<RoAkSoAx> shang: let me verify with someone from juju
<RoAkSoAx> might be juju
<RoAkSoAx> might be that orchestra is not doing what's suppose to
<mgw> RoAKSoAx: cblr/ks_mirror/oneiric-x86_64/.treeinfo: HTTP Error 404: Not Found
<mgw> :-/
<shang> RoAkSoAx: ummm...
<shang> RoAkSoAx: ok, let me try to install the zookeeper manually
<RoAkSoAx> mgw: arrgh.. now it looks like the ubuntu patch I had is not correct :S:/
<RoAkSoAx> mgw: just file a bug I'll track it today :)
<RoAkSoAx> mgw: nah, the .treeinfo is from fedora/rhel
<mgw> is there something missing in /cblr/ks_mirror/oneiric-x86_64/ ?
<RoAkSoAx> mgw: so maybe the ubuntu patch i had for that no longer working
<mgw> or maybe .treeinfo isn't what it should be looking for?
<RoAkSoAx> mgw: but that might be virt-inst now :)
<RoAkSoAx> mgw: nah .treeinfo is fedora/rhel specific, but I patched virt-inst for that
<RoAkSoAx> so the issue might be in virt-inst
<RoAkSoAx> mgw: please, file the bug I'll track it as soon as I can get a test environment
<mgw> virt-inst on the guest system (where I'm running koan), right?
<RoAkSoAx> shang: weird... in my case the user-data gets filled correctly
<RoAkSoAx> shang: do this instead:
<RoAkSoAx> shang: create the file user-data-late-command with this: http://paste.ubuntu.com/725299/
<RoAkSoAx> shang: then excecute it
<RoAkSoAx> shang: then reboot, and cloud-init should handle the rest
<RoAkSoAx> mgw: yeah
<mgw> How can I tell what version of virtinst I have installed (for the bug report)
<RoAkSoAx> virt-install --version
<mgw> ok, 0.600.0 is correct, right?
<RoAkSoAx> mgw: yes
<mgw> what *should* it be looking for, rather than .treeinfo?
<_ruben> freakynl: according to http://scst.sourceforge.net/comparison.html : STGT has all SCSI target processing and memory management in the user space. In the kernel it has only a small library to help in-kernel target drivers to interact with it. As a direct consequence, neither iSCSI, nor iSER as well as any other user space STGT target need any STGT kernel modules loaded to run.
<RoAkSoAx> mgw: don't remember.. and yeah it seems that the patch has been dropped
<RoAkSoAx> mgw: gonna have to write a new patch
<shang> RoAkSoAx: no, unfortunately, that does not work...
<RoAkSoAx> shang: rm -rf /var/lib/cloud
<RoAkSoAx> shang: then sh user-data-late-command
<RoAkSoAx> sh meta-data-late-command
<RoAkSoAx> shang: reboot and cloud-init should rerun
<shang> RoAkSoAx: ok
<shang> RoAkSoAx: wow, that's it!
<RoAkSoAx> shang: cool, not the zookeeper should be installed, initialized, same as juju
<RoAkSoAx> and you should be able to status to it
<shang> RoAkSoAx: right, but what happen? is it bug or ?
<RoAkSoAx> shang: to tell you the truth I have no idea because the user-data is being feed correclty into cobbler
<RoAkSoAx> shang: and been feed correctly into the late command that creates that user-data-late-command
<RoAkSoAx> shang: maybe something to do with localization?
<shang> RoAkSoAx: sorry, my bad, same thing: the bootstrap works, but still not able to run the status command
 * shang spoke too fast
<RoAkSoAx> shang: yeah zookeeper needs to be running as well as juju
<RoAkSoAx> shang: so just let cloud-init do its thing
<RoAkSoAx> it might be just taking a while
<RoAkSoAx> shang: and to figure out what could be wrong, manually run this: sh -c 'f=$1; shift; echo $0 | base64 --decode | gunzip > $f && chmod u+x $f && $f $*' H4sIAPHwr04C/5VU23LiRhB911dMOaniAYSQZAxxLalwlQFL3NmFrS3XoBndECOhmcFISf49I4HxOuU8hCd19+me06dPIVGM0QtqKSeYKKG/U+ww4kjJswqJikAmmEmHPfITIMfg7tdLx51kQwZ+f48VTnEiI8gg+PLlrj8Z3Em/XPrtiDi+K8GYyTwWAPwIWMLxNeEmEL1lDtD2fIKLKY/gz4AHXI6T6OQjMZqlscBFie1hyhJYAUU5i6I9xrGoexFl9BGUwsiGYR48ampTLVUkAN7m+kjUa6W/pYizmD
<RoAkSoAx> shang: errr, this: http://pastebin.ubuntu.com/725324/
<RoAkSoAx> shang: and see if the file is correctly created
<mgw> RoAkSoAx: so the issue is the contents of cblr/ks_mirror/oneiric-x86_64/ â or virtinst?
<mgw> (sorry, just trying to hack this to get it workingâ¦)
<mgw> I see virtinst is not detecting the system as ubuntu
<RoAkSoAx> mgw: try accessing directly to cblr/ks_mirror/oneiric-x86_64/
<shang> RoAkSoAx: zookeeper seems to be running, I see the port 2181 is open
<RoAkSoAx> mgw: yeah that's the problem
<RoAkSoAx> shang: what about juju
<shang> RoAkSoAx: on the bootstrap node?
<RoAkSoAx> mgw: so I need to re-write whatever is needed to make it happen
<RoAkSoAx> shang: yep
<mgw> RoAkSoAx : i can access ks_mirror
<mgw> but it doesn't have any of the files virtinst is looking for
<shang> RoAkSoAx: so the cloud init suppose to install juju and the zookeeper, correct?
<RoAkSoAx> shang: yes
<RoAkSoAx> mgw: yeah there was a patch for it
<RoAkSoAx> mgw: and I need to invastigate why it got dropped
<RoAkSoAx> mgw: cause i also forwarded a patch upstream that was supposely taken
<mgw> do you have a link to the patch?
<mgw> opening a ticket now
<RoAkSoAx> mgw: need to run for a bit, at the Ubuntu developer summit atm
<mgw> ok
<mgw> ty
<RoyK> hm.. I have a client (or a few) using no_NO.ISO8859-1@bokmal as their locale, which seems to be a new name for nb_NO.ISO8859-1 - any idea if it's possible to add this as an alias somehow without overriding LC_* etc?
<shang> RoAkSoAx: i install juju on the bootstrap node manually, rm the /var/lib/cloud, reboot, try bootstrap again, still can't see the status
<RoAkSoAx> shang: run this: http://pastebin.ubuntu.com/725348/
<shang> RoAkSoAx: on the orchestra node (where I deploy juju from)? or on the bootstrap node?
<RoAkSoAx> shang: bootstrap
<shang> RoAkSoAx: 2011-11-01 22:25:45,404 INFO Initializing zookeeper hierarchy
<shang> node exists
<shang> RoAkSoAx: 2011-11-01 22:25:45,404 INFO Initializing zookeeper hierarchy
<shang> node exists
<shang> 2011-11-01 22:25:45,417 ERROR node exists
<RoAkSoAx> shang: drop the admin stuff
<RoAkSoAx> JUJU_MACHINE_ID=0 JUJU_ZOOKEEPER=localhost:2181 python -m juju.agents.machine -n --logfile=/var/log/juju/machine-agent.log --pidfile=/var/run/juju/machine-agent.pid && JUJU_ZOOKEEPER=localhost:2181 python -m juju.agents.provision -n --logfile=/var/log/juju/provision-agent.log --pidfile=/var/run/juju/provision-agent.pid
<RoAkSoAx> just use that
<shang> RoAkSoAx: Another twistd server is running, PID 1529
<shang> This could either be a previously started instance of your application or a
<shang> different application entirely. To start a new one, either run it in some other
<shang> directory, or use the --pidfile and --logfile parameters to avoid clashes.
<mgw1> RoAkSoAx: I've opened the bug (#884765)
<p1ruj3> hey, so had a entry in deny.hosts I needed to remove (local printer who freaked out) how do i rehash that file so the printer is no longer banned?
<mgw> I also found the original patch (http://www.redhat.com/archives/virt-tools-list/2011-April/msg00146.html) â but I see it is not looking for any of the files in /cblr/ks_mirror/
<RoAkSoAx> shang: kill it and re run it
<RoAkSoAx> and you should be able to get the status
<RoAkSoAx> mgw: that's passed by koan
<RoAkSoAx> mgw: that';s why i suggested to change that manually for mini iso's
<RoAkSoAx> mgw: but there was a newer patch for that
<mgw> where would I change it?
<mgw> I koan?
<RoAkSoAx> mgw: cobbler profile or distro
<mgw> oh, i changed from repo_mirror to ks_mirror
<mgw> in distro
<mgw> was that incorrect?
<RoAkSoAx> mgw: that's correct
<RoAkSoAx> mgw: now that patch should work
<mgw> but it's notâ¦ it's not finding any of the files (MANIFEST, install, etc) in /cblr/ks_mirror/oneiric-x86_64/
<mgw> â¦ /cblr/ks_mirror/oneiric-x86_64/ has initrd.gz, linux, etc
<mgw> i.e., isValidStore is returning False
<mgw> For UbuntuDistro
<mgw> If I import a full install iso, that might fix it though, right?
<RoAkSoAx> mgw: it should
<shang> RoAkSoAx: re run the bootstrap command?
<RoAkSoAx> shang: yeah destroy the environment and rerun it
<RoAkSoAx> mgw: http://paste.ubuntu.com/725405/ http://paste.ubuntu.com/725406/ http://paste.ubuntu.com/725408/
<RoAkSoAx> that's agains the older verrsion
<mgw> RoakSoAx: I have the patched version
<mgw> but install/netboot/version.info is not in ks_mirror/*/
<mgw> either
<mgw> maybe it's just my iso import is bad
<RoAkSoAx> mgw: yeah it will detect it one way or another
<RoAkSoAx> mgw: not all ISO's have version.info
<mgw> mine seems to have neither version.info nor MANIFEST
<mgw> FYI, I have whatever got automatically pulled in by ubuntu-orchestra-server
<mgw> I've not done any cobbler import
<RoAkSoAx> mgw: i knoe :)
<RoAkSoAx> let me check the patches
<mgw> ok
<mgw> thank you
<RoAkSoAx> mgw: yeah i think something might nbe missing in those patches
<RoAkSoAx> mgw: i don't have the latest patch I had for it in this computer
<RoAkSoAx> so I will have to re-test re-write
<mgw> I'm guessing it should check for initrd.gz
<mgw> ?
<mgw> or linux
<RoAkSoAx> mgw: both
<mgw> but then what?
<RoAkSoAx> mgw: i think that's the fix I did. I will try to search for the patch whenever I can access my home computer and provide a fix for it soon
<RoyK> any idea where to change things to make oneiric start with the xen kernel by default? grub2 is confusing...
<mgw> RoAkSoAx: I imported the full server image, now it keeps wanted to import the kernel for i386:
<mgw> â¦ /cblr/ks_mirror/ubuntu-oneiric-x86_64/install/netboot/ubuntu-installer/i386/linux
<mgw> Which of course is not there
<mgw> I've double checked the distro kernel setting
<mgw> â¦ /var/www/cobbler/ks_mirror/ubuntu-oneiric-x86_64/install/netboot/ubuntu-installer/amd64/linux
<RoAkSoAx> mgw: i'll have to test it myself, dont have the enivronment to this right now
<mgw> ok, sorry
<mgw> thanks for all the help
<RoAkSoAx> mgw: no worries, you dont have to apologize i just done have the test environment
<RoAkSoAx> mgw: will try to tackle it down tomorrow though
<RoAkSoAx> mgw: thanks for making me aware of this otherwise I probabloy wouldn't have
<RoAkSoAx> lol
<RoAkSoAx> :)
<dsirijus> hey, this is my iptables -L output
<dsirijus> http://pastie.org/2793990
<dsirijus> but i cannot telnet to either 8080, 9933, nor 9399
<mgw> RoAkSoAx: the current problem seems to be with this line in OSDistro.py
<p1ruj3> I removed an entry from hosts.deny, restarted denyhosts, and the removed entry still cannot connect, what am I missing? If I reboot it will work.... How can I rehash this entry removal without rebooting?
<mgw> 897:         elif uri.count("installer-amd64"):
<mgw> changing the else: a few lines later to amd64 fixes that problem, seemingly
<mgw> ok.. got a vm running in virsh (via koan)
<mgw> But it's not showing in cobbler system list
<shang> RoAkSoAx: still the same error... thanks for the help BTW, I really appreciated this!!
<shang> RoAkSoAx: do we need to reinstall the sytstem everytime we destroy the environment?
<RoAkSoAx> shang: yes
<RoAkSoAx> shang: every time you bootstrap it should be a new installation
<mgw> RoAkSoAx: does koan do everything, A-Z? that is, does it register it in cobbler as a system?
<RoAkSoAx> mgw: cobbler just uses cobbler to deploy
<shang> RoAkSoAx: um.... so if we modify anything on the node1 (zookeeper) or even reboot, we don't need to destroy-environment?
<RoAkSoAx> shang: destory environment will technically destroy the system within juju but wont uninstall the machines obviously, because on ec2 it just destroys the instances
<RoAkSoAx> shang: so destroying the environment is just telling that the machine is available now again to be deployed with something else
<RoAkSoAx> which will mean it will have to be PXE booted again and ubuntu installed agian
<RoAkSoAx> if you just reboot the machine just because
<RoAkSoAx> you need tomanually start juju
<mgw> ok, so set up the system first in cobbler, then use koan âsystem ?
<RoAkSoAx> becaues they still not have upstart jobs
<RoAkSoAx> mgw: you want to register a system into cobbler with koan? you usually register the system first
<shang> RoAkSoAx: so we should setup the profile or juju deploy xxx before we turn on the system?
<Potatoe> in the package description that contains Package, Priorirty, section, Maintainer, etc.... Is their a field that indicates a security update ?
<Potatoe> or that it is a stability fix, feature fix etc... ?
<RoAkSoAx> shang: yes, before you run juju deploy you should have available systems. Then when you should run juju deploy, and right after that, you should turn on the system
<RoAkSoAx> shang: if you configure power management for the machine, i.e. wkae on lan
<RoAkSoAx> the machine should be turned on automatically
<RoAkSoAx> right after juju deploy
<RoAkSoAx> shang: or even, right after juju bootstrap
<mgw> RoAkSoAx: i've tried using koan with both âsystem and âprofile
<mgw> they both seem to be working
<RoAkSoAx> mgw: if a system exist, --system will work otherwise profile
<mgw> but profile does not register as far as i can tell
<mgw> but now juju bootstrap is telling me i have no systems
<shang> RoAkSoAx: so we should have the bootstrap run first, then turn on the system?
<RoAkSoAx> shang: so basically, 1. install orchestra 2. add systems 3. juju bootstrap (3.1. turn on machine if not done automatically) 4. juju deploy (4.1 turn on machine if not done automatically)
<RoAkSoAx> mgw: you need to add systems to cobbler
<shang> RoAkSoAx: ok
<RoAkSoAx> mgw: you need to add systems to cobbler with the management classes you define or the defaults installed by orchestra
<shang> RoAkSoAx: unfortunaltey, I wont be able to test it out today... I will definitely give that a try tomorrow
<shang> RoAkSoAx: thank you very much for all the help
<RoAkSoAx> shang: you're welcome
<freakynl> _ruben: lio != sgst's iscsi target :) lio is also on the comparison page, afaik it just uses / is more compatible with sgst (which is why they ditched scst iscsi target from kernel in favor of this one)
<mgw> still getting the problem with juju bootstrap
<mgw> I added my test2 system to juju-orechestra-available
<mgw> but maybe my problem now is networking
<dsirijus> here's my iptables -L http://pastie.org/2793990
<dsirijus> i still cannot telnet to either of the ports, how come?
<dsirijus> the ports i'm interested in are 8080, 9933 and 9399
<Potatoe> I am doing an audit of my servers and I notice that security updates are on lucid-updates and not lucid-security. Am I doing something wrong ?
<Potatoe> ah ha! The order of the repository matters!
<Potatoe> Looks like the update comes from the first repository in the list, so if I put security before updates, I see my updates are coming from the security repository!
<b0gatyr> hi folks, is there something like "periodic" in freebsd in ubuntu?
<sevist> Ã¯Ã°Ã¨Ã¢Ã¥Ã² Ã­Ã Ã°Ã®Ã¤
<Pici> b0gatyr: What does periodic do?
<b0gatyr> Pici: just compiles different security, system reports on a daily/weekly/monthly basis and sends it by email.. but now that I think about it, it can be done just by creating a script with the output I want then mail it.
<b0gatyr> just thought linux had something similar..
<Pici> b0gatyr: logwatch might do what you're describing.
<b0gatyr> logcheck seems cool too
<Pici> If its just collect system logs, email to somewhere ton a regular basis, thats what logwatch does.
<Pici> Also has different levels of verbosity.
<b0gatyr> nice, i'll give it a test run
<b0gatyr> thanks
<Pici> np
<uvirtbot> New bug: #884883 in samba (main) "package samba 2:3.5.8~dfsg-1ubuntu2.3 failed to install/upgrade: ErrorMessage: package samba is not ready for configuration  cannot configure (current status `half-installed')" [Undecided,New] https://launchpad.net/bugs/884883
<uvirtbot> New bug: #884908 in mcollective (universe) "Package dependencies need work" [Undecided,New] https://launchpad.net/bugs/884908
<uvirtbot> New bug: #884914 in samba (main) "package samba 2:3.5.8~dfsg-1ubuntu2.3 failed to install/upgrade: ErrorMessage: package samba is not ready for configuration  cannot configure (current status `half-installed')" [Undecided,New] https://launchpad.net/bugs/884914
<puppy3ghz> hello room.
<squidly> I just updated my server to 11.10, and I'm having an issue starting up my network bonding and bonding aliases
<squidly> I keep getting RTNETLINK answers: File exists
<squidly> Failed to bring up bond0:1.
<squidly> does anyone have an idea what that would happen?
<puppy3ghz> what is the usual way to share a folder using permissions across the internet? simplest would be the best.
<puppy3ghz> read and write and only read. per user.
<uvirtbot> New bug: #884964 in rabbitmq-server (main) "rabbitmq leaves login session open" [Undecided,New] https://launchpad.net/bugs/884964
<virusuy> puppy3ghz: share a folder across the internet ? over VPN ?
<qman__> puppy3ghz, SFTP, and HTTP, respectively
<puppy3ghz> i have a http server (xp) but dont want to use that anymore.
<qman__> I simply chose what is in my opinion the best of the most common methods
<qman__> there are literally thousands of options
<puppy3ghz> i was thinking ubuntu with hiawutha or maybe try samba. i want to have folder permissions
<qman__> samba is for local sharing
<qman__> it's possible but incredibly unwise to use it over the internet
<puppy3ghz> i want to have some folders to read and write from across the inet
<qman__> you can, however, use a VPN, or webDAV
<qman__> all file sharing solutions offer that option
<qman__> they're called permissions
<puppy3ghz> all he client machines are xp or vista.
<qman__> your options without installing extra software are HTTP, FTP, or webDAV
<qman__> for reasons that should be obvious, I recommend you don't use FTP, for anything, ever
<puppy3ghz> oops... ftp.
<qman__> SFTP is easy to use with free programs like WinSCP or FileZilla
<puppy3ghz> i have file zilla, but need the window to be more user freindly for the non techy folks.
<puppy3ghz> but on filezilla i think i might have had issues with sftp. cant rember why
<qman__> SFTP is the most secure and widespread
<qman__> webDAV is easy on the users but really difficult to get set up
<qman__> it's also had some security problems in the past
<qman__> samba + openVPN is a good solution too, but the users have to deal with the VPN client
<qman__> and some users are too thick to work it
<puppy3ghz> i need something very simple that would appear as a mapped drive
<qman__> only way to have a mapped drive is samba
<qman__> webDAV appears similarly but not as mapped drives
<puppy3ghz> can a http do a simular appearance to a maped drive for xp?
<qman__> no
<qman__> at least, not without extra software I have not seen
<puppy3ghz> can i set filezillla to keep the connect open instead of timing out?
<qman__> yes
<qman__> I would also look into a possible sshfs client for windows
<qman__> sshfs is a way to mount SFTP shares in linux
<qman__> there's no technical reason it couldn't be done on windows, but I don't know of any programs that do it
<puppy3ghz> let me hook up my server stuff..... 4port KVM, 6computers.
#ubuntu-server 2011-11-02
<uvirtbot> New bug: #883899 in samba "Please update to new upstream version 3.6.1" [Undecided,New] https://launchpad.net/bugs/883899
<DanaG> Whenever I try to boot single-user, I get this looping:
 * twb waits impatiently
<DanaG> o continue): Login incorrect. Give root password for maintenance (or type Control-D to continue): Login incorrect. Give root password for maintenance
<twb> It loops without you typing in a password?
<DanaG> And notably, each piece of that message is on a separate line, shifted right.
<DanaG> Right.  I hit a letter, and it re-spams the prompt.
<twb> That sounds like plymouth has decided to rape you
<twb> Easiest solution IMO is to boot into a live CD and either remove teh root password or remove plymouth
<DanaG> too bad stuff depends on plymouth.
<twb> The right-shifting thing is because something has left the screen in an ncurses-flavoured state
<twb> DanaG: "remove" as in turn off; you can't actually uninstall it :-/
<DanaG> I've also seen it spam this:
<DanaG> Ubuntu 11.04  .  .  .  Ubuntu 11.04  .  .  .  Ubuntu 11.04  .  .  .  Ubuntu 11.04  .  .  .  Ubuntu 11.04  .  .  .  Ubuntu 11.04  .  .  .  Ubuntu 11.04  .  .  .  Ubuntu 11.04  .  .  .
<DanaG> On the serial console.
<DanaG> I also figured out why my server kept crashing.... the Patriot flash drive is crashing.
<DanaG> Now I'm torn between running the OS on my ZFS pool itself, or running it on the only non-usb-flash things I have around, which are old laptop drives.
<twb> ZFS might be OK except that osol blows and running it on linux blows
<twb> So I'm sitting here waiting for btrfs to get its shit together
<DanaG> Yeah, give us a fscking... fsck.  That'll actually fix things.
<DanaG> If I put my root on the pool, I have redundancy.  If I put it on old 20-gig laptop drive of unknown health (since SMART is only approximate)... then there's only one point of failure.
<twb> I meant more "actually work"
<twb> I wouldn't trust its RAID6 implementation right now
<DanaG> Right now I just have simple mirroring.
<twb> I'd still do it in md instead of btrfs
<DanaG> Aside from lack of packages, I didn't like how OpenIndiana gave me no indication at all of whether it was checking for ECC errors.
<DanaG> Whereas on Linux, you see amd64_edac loading and logging.
<twb> I wouldn't know, I'm too cheapass to get ECC hw
<DanaG> HP Microserver.... cheap Athlon Neo.
<twb> You could always test by unplugging a stick while it's running ;-)
<DanaG> twb: safer: hold a compact fluorescent near it.
<twb> Ha
<DanaG> I've heard that that generates lots of noise.
<twb> I didn't want to know that :-(
<DanaG> But have no clue whether that's actually true.
<twb> Probably you want an unshielded tube
<twb> So it bombards with beta rather than gamma
<twb> That is to say, get one without the phosphor lining on the glass housing
<DanaG> I wish I knew people at HP, so I could address their sucky BIOS.  Or get a debricker so I can try CoreBoot on it.
<DanaG> debricker as in whatever they use to connect to their undocumented, presumably SPI, header.
<twb> You are lucky, man
<twb> I deal with ARM
<DanaG> Hope you at least have real serial consoles.
<twb> Har har
<DanaG> I have one PCIe serial card that's IO-based, but grub doesn't see it.
<twb> There's a 40-pin plug which allegedly has UART on it SOMEWHERE
<twb> I'm talking to it via an undocumented buggy nvflash program provided by the SOC vendor (nvidia)
<DanaG> oh, and apparently HP is going to announce ARM servers.
<DanaG> Too bad AMD doesn't do ARM. :(
<twb> That's probably because Windows 8 will have a hard-on for ARM
<twb> And ARM64 was announced recently
<DanaG> Eew, imagine trying to get Flash for that.
<twb> Who gives a shit about flash
<DanaG> I don't like Flash.
<DanaG> But some people need it.
<twb> Even normal users mostly only want it for youtube
<DanaG> There's a 32-bit Linux flash, but only recently an amd64 flash.
<twb> Pity Apple didn't kill it
<DanaG> There's an Android Flash, but no ARM Flash.  Despite the fact that Android IS ARM!
<twb> DanaG: probably because it's written in java
<DanaG> I mean, all it'd take for them to build an ARM flash: install ubuntu, install dev headers, copy source, make.
<DanaG> That's less effort than 64-bit would even take.
<twb> You're assuming their code and build system are actually well-designed and portable
<twb> They've probably hard-coded byte order and stuff
<DanaG> ARM is same-endian as x86, isn't it?
<DanaG> Or at least, the ARM that Ubuntu happens to use.
<twb> Or e.g. used uint when they meant time_t, so all the time-based calls on LSB behave differently where it it a long uint or whatever
<twb> ARM has, at least historically, had at least two versions, and IIRC also some hardware that can switch
<DanaG> oh yeah, I do have an ARM server in my server.  Yeah, there's an IPMI card that's ARM.
<twb> Haha
<twb> I hate LOM cards, they're a PITA
<twb> Nooo, you couldn't just give me serial.  Instead I have to talk to you over RFB that's buried inside some shitty java tunnel that you want me to access via a goddamn web browser
<twb> And then I can sit there watching you boot your in-house linux slower than the one that's on the main system
<DanaG> Oh, and the chip actually has a SOL port that I can connect to...
<DanaG> but isn't wired to anything.
<twb> Yeah :-/
<DanaG> And I did manage to get a serial console on the card itself.  It's an ASPEED AST2150.
<DanaG> username "root", password "root".  Nice.  And it spews crap on the console every second, trampling all over vi and such.
<twb> Blergh
<twb> I hate hw
<DanaG> I'm actually thinking of making a project with my old Xilinx FPGA board, to listen on telnet and pass the traffic to/from a serial port.
<twb> SSH would be better
<twb> If your FPGA-fu is that strong
<DanaG> well, I'd imagine there might be an ssh server for "lwip", for the Microblaze.
<twb> On that subject, not a fan of most switches
<bogen> Not really sure where to ask this question. I can't find a good howto for bootstrapping oneiric. I've used debootstrap quite a bit on older ubuntus and on debian, and I can get a working system that boots fine. However, with oneric, upstart loops on the first boot. I shut it down. Boot again, this time it does not finish, and when I press enter it continues, then the screen clears and I get the login prompt. I can then reboot and it bo
<twb> bogen: lost you after "and it bo"
<twb> bogen: get an IRC client that splits messages automatically, or write smaller messages
<bogen> I took a snapshot of the disk before booting the first time, and compared it when it was booting fine, but no smoking gun. ok, I'll paste bin it.
<twb> I don't know offhand what's wrong; you could try passing --verbose at the boot: prompt, but that's a major PITA to debug with because there's so much stuff from upstart
<twb> debugging upstart is a PITA in general
<bogen> http://pastebin.com/pH4XAV2j
<twb> bogen: oh, this is an LXC container?
<bogen> no, I'm running it in KVM for now. I do that before trying on real hardware.
<bogen> I was saying that minit looks more suited to LXC then to real hardware or a VM
<twb> Not really, cinit and minit work fine in the real world
<bogen> ok, well, minit did not remount / rw
<twb> But init systems other than upstart aren't supported by ubuntu
<twb> bogen: well, did you tell it to?
<twb> If you want to use something other than upstart you will need to port all the upstart (and legacy sysvinit) jobs to that init system; they aren't there automagically
<bogen> I've never used minit, so I'd need to find where the is. I'd rather just use upstart, I just ran into problem. (not working on the first few boots)
<bogen> where the telling it to remount rw
<bogen> hmm. /run/lock not mounted
<bogen> upstart often pauses on "settting console screen modes and fonts" until I press enter.
<bogen> then outputs more (too fast to read) and clears the console
<twb> Turn that off, then
<twb> That'll be setupcon
<DanaG> oh yeah, I figured out my spewing password prompt:
<DanaG> I had ttyS4 service set to start in runlevel 1.
<twb> DanaG: heh
<DanaG> So anyway, no more USB boot for me... my root is now on the pool along with the data.
<DanaG> Just use a small USB drive for the boot files, since I didn't leave any space free on the actual pool drives for ext4.
<DanaG> now, how do I make an upstart job start at a lower-priority Nice value?
<twb> DanaG: man 5 init, I think there is a specific "nice N" option, otherwise you need to fuck about
<twb> Like "exec foo --no-daemonize" becomes "exec nice foo --no-daemonize"
<Tm_T> twb: tsssk, language (;
<twb> Grmph.  This is why I have to make up new swearwords.  Stupid wodging chumblebums...
<Tm_T> my solution is not to swear (:
<twb> Then you sound like an accountant
<twb> Also I'm Australian
<laserbled> hi, can someone help me with dns and nsupdate please - when i use nsupdate to update or delete a zone it says either server fail or notzone error - I added the error log option but cant seem to get that file - have a couple of queries - in nsupdate for servername - is it the ip or nameserver that need to be fed
<laserbled> http://paste2.org/p/1753534 - contains zone and named.conf
<laserbled> http://paste2.org/p/1753538 this is nsupdate outputs
<laserbled> please tell me if I am doing something wrong
<twb> laserbled: bleh, why even bother, just allow AXFRs from 0/0
<laserbled> twb, am new with this- dunno what AXFRs are .. sorry
 * laserbled looking up AXFRs
<twb> AXFR is DNS for "give me a dump of your whole domain"
<laserbled> it says it not really secure - i assume it is doing it without the keys
<twb> A shared secret isn't exactly secure either
<twb> Especially since you just told us what it is
<laserbled> am just checking it in my local ;)
<laserbled> thats not a live key
<twb> But who cares, AXFR just allows you to see the records you could ask for by name anyway.  It's the equivalent of not having a floor directory in your office building
<laserbled> twb,  okie, i il sure look into that but in the meantime could you please tell me what is wrong with that nsupdate - am i giving some values wrong ?
<twb> laserbled: dunno about that :-)  Sorry, I use nsd.
<laserbled> and the log files ?
<twb> But it sounds like it's pissed about the shared secret being different
<laserbled> i mis typed it one - corrected it after
<laserbled> *once
<twb> IIRC bind allows AXFRs from 0/0 by default, although I'm not sure if -update means AXFR or NOTIFY
<twb> I'm probably just confusing you more; sorry
<laserbled> mainly becos am not familiar with AXFR
<laserbled> it would be great if someone help me fix the log atleast
<twb> dig AXFR cyber.com.au
<twb> It's how the slave gets an initial copy of the zone from the master
<twb> NOTIFY is how the master tells the slave "don't worry about the expiry time, pull a new update *now*"
<twb> NOTIFY is entirely optional, AXFR/IXFR are needed for slaves, and optional for everybody else
<laserbled> and how do you update the master ? - manual ?
<twb> Yes
<twb> Basically something like ssh master vi /etc/nsd/master/com.example.zone
<laserbled> i want someway to run it as a service - thats why i was looking for the signed option so that i could add new zones dynamically
<twb> IME the way that happens is you write a shitty PHP frontend
<twb> Or cpanel maybe
<laserbled> python for me
<twb> Whatever
<twb> But if I were you I'd just tell your customers to use zoneedit.com or so
<laserbled> i think i figured out the issue, looks like a permission problem - only if i could get the dns logs :-/
<twb> laserbled: you don't have root on your own box?
<laserbled> ya - i do - just a habit
<laserbled> I still haven't figured out the log files :(
<laserbled> fixed logging, yay
<afuentes> hi, i have a server that froze. Is there a ubuntu faq somewhere about frozing? and how to hunt down the culprit? or what do i need to install to get help me the next time it freezes?
<uvirtbot> New bug: #885107 in lm-sensors (main) "resuming after suspend looses control on fan speed, which is kept at 100%" [Undecided,New] https://launchpad.net/bugs/885107
<angelete2> hi
<angelete2> i'm using 11.04, and i have a problem with my cron
<angelete2> this is my line: 47 3    * * 1   root    test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.weekly )
<angelete2> but it executes always on tuesdays
<angelete2> even if i change it into 47 3    * * 0   root    test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.weekly )
<angelete2> it executes on tuesdays, what is wrong?
<g0bl1n> any hint on why one can't SSH to a user account in AWS ? Created the user, the user key, downloaded the key, created a config file for ssh, but keep getting a permission denied
<g0bl1n> EC2
<RoyK> anyone that knows how I can debug afpd/netatalk? after a crash last night, it suddenly hangs using 100% cpu, not serving much...
<RoyK> corrupt .AppleDB contents....
<air_> RoyK: IIRC you can verify them with the dbd command.
<RoyK> dbd: command not found
<RoyK> oh, bdb....
<RoyK> no, none of that either
<air_> $ whereis dbd
<air_> dbd: /usr/lib/dbd /usr/local/bin/dbd
<RoyK> the one under /usr/local/bin probably didn't come from an ubuntu package
<air_> oh right, I installed netatalk from sources, since it was broken in 11.10.
<air_> but dbd was included in 11.10, supposedly also in 10.04. (but I have no 10.04 with afp around)
<RoyK> cnid_dbd, perhaps?
<air_> probably.
<air_> what netatalk version are you running? (I suppose ubuntu 10.04 LTS?)
<RoyK> 2.0.5
<RoyK> it's lucid, yes
<air_> yeah, lucid's man page for dbd forwards to oneiric. http://manpages.ubuntu.com/manpages/oneiric/en/man1/dbd.1.html
<RoyK> I tried oneiric first, but rolled back when I found netatalk broken
<RoyK> I just removed the broken db files and retried - works now...
<air_> er, it's not the same thing. cnid_dbd seems to be the deamone, while dbd is for maintenance.
<RoyK> I saw that
<RoyK> have you looked into how TimeMachine stores data on a network store?
<air_> in a sparseimage? yes.
<RoyK> seems it's using a bunch of 8MB files including a HFS+ filesystem....
<air_> I got a timecapsule as router, so I run my timemachines against that.
<air_> everything else on ubuntu over afp.
 * RoyK uses ubuntu for time machine as well
<RoyK> 5 2TB drives so far, 4 in RAID-5 and a spare...
<air_> I've considered doing that as well.
<air_> but since I have no other use for that time capsule. :P
<air_> performancewise it sux, but I really don't mind for timemachine.
<RoyK> the time capsule doesn't offer much redundancy, though
<air_> jep.
<RoyK> erm - it does?
<air_> basically it's the backup of my system drive (80gb ssd)
<air_> but I do weekly rsyncs of the drive to ubuntu.
<air_> + all other content is stored on ubuntu, with backup to external usb.
<RoyK> I have this home server and then a backblaze account for secondary backup
<RoyK> should be safe enough :P
<air_> I could use some offsite backup, so I'll look into backblaze. :)
<air_> do you get good throughput there?
<RoyK> it's ok
<RoyK> but not very fast
<RoyK> remember to yank up the throttler after installing it
<RoyK> and - backblaze doesn't support linux yet, which sucks
<air_> oh.
<air_> then I don't want it.
<Ursinha> Daviey: hellooooooooooo
<Daviey> Ursinha: heya
<CarlFK> apt-get install dhcp3-server - what's the service to start/stop?
<CarlFK> isc-dhcp-server
<uvirtbot> New bug: #776818 in vde2 (universe) "[MIR] vde2" [Undecided,Confirmed] https://launchpad.net/bugs/776818
<kpettit> can anybody recommend me a good router/gateway/vpn that does a good job of providing VPN to Windows/Linux/Mac
<kpettit> I've been having a hard time finding a decent one that works well for Win7/Ubuntu.
<virusuy> kpettit: what about Fortinet
<kpettit> virusuy, I haven't heard of that one.  Google'ing now
<virusuy> kpettit: got a lot of differents appliances
<kpettit> I just bought a netgear VPN with ipsec and SSL/VPN.  The SSL VPN is pretty cool becuase it's clientless and works through browser java applet or IE active X stuff.  But has quirks
<virusuy> kpettit: oh, i sorry, i didn't ask if it was for a company or just for your home
<kpettit> Both.  I'm doing IT for a couple small companies and was trying to find a good one to use for my home network as well.
<virusuy> oh, if it's just home network, what about a linksys with ddwrt ?
<kpettit> I looked for that fist.  but couldn't find any decent hardware that already came with ddwrt.  I hate hacking a $100 device for something like that.  I'd rather just pay the extra $100 for something that already has what I need.
<virusuy> kpettit: sound reasonable..
<kpettit> I do love the dd-wrt project.  I wish the had some commercial version on decent hardware, I'd buy a few of them for sure
<virusuy> kpettit: yeah, me too.
<virusuy> i mean, if you buy a linksys wrt54G will work pretty decent with ddwrt - full version
<kpettit> They suck rocks if you put much vpn traffic through it.
<virusuy> really ?
<virusuy> i used with 2 clients only
<kpettit> I used to use them for bridging VoIP networks.  They really had a hard time if you tried more than one VPN connection at a time.
<virusuy> i mean 2 connections at the same time
<virusuy> oh well, then you take a look at those appliance
<iclebyte> kpettit, look at pfsense
<kpettit> It was OK for simple client to connect in for VPN but if you tried to do a small office's network through one on VPN it didn't have the horsepower
<virusuy> they're really cool, or at least i used in 3 differents enviorments and works awesome
<kpettit> iclebyte, thanks.  Looking at it now...
<iclebyte> kpettit, http://www.netgate.com/ <-- they do some more powerfull hardware which you can run pfsense on
<kpettit> virusuy, yeah for most smaller stuff they are fine, but if you have a very big load or need to use it's little processor it's going to suck
<iclebyte> might fit the bill a bit more than wrt
<kpettit> That's why I wish they had better hardware for it, or sold something designed for heaver load
<iclebyte> kpettit, it's a hobbist thing.. pfsense is probably a  bit better for production
<kpettit> iclebyte, know of any good hardware that works with it.  Trying to avoid getting a full on linux server just for firewall/gateway/vpn stuff
<iclebyte> kpettit, http://www.netgate.com/
<kpettit> ah nice.  Thanks
<iclebyte> http://store.netgate.com/Desktop-Kits-C82.aspx
<iclebyte> kpettit, this page: http://store.netgate.com/Single-Board-Computers-C3.aspx
<kpettit> ah, those look nice.
<iclebyte> yea =)
<kpettit> I've got a little MSI windbox II that's my PBX now.  similar to those
<uvirtbot> New bug: #885283 in squid3 (main) "please demote squid and promote squid3" [Undecided,New] https://launchpad.net/bugs/885283
<tonyyarusso> I have a fresh Ubuntu 11.10 server with a grub issue.  It won't boot non-interactively - the grub timeout seems to be being set to -1 even though it's defined as 2 in /etc/default/grub.  It looks like /boot/grub/grub.cfg has a section to do this if something goes wrong, but I don't know why that would be invoked.
<tdignan> anyone know of a good substitute for Google Calendar that I can install on my new ubuntu server?
<tdignan> I've already liberated myself of their email with it
<tdignan> calendar is the next logical step
<SpamapS> tdignan: let me know if you find it!
<tdignan> SpamapS: sure will, I'll test drive some and let you know
<hydromet> hi this may seem like a question with an obvious answer, but with so many web pages around to peruse through, I just wanted to be sure that these four step instructions I should follow for upgrading an Ubuntu 9.10 Server amd64 to 10.04 Server amd64:
<hydromet> https://help.ubuntu.com/community/LucidUpgrades#Network_Upgrade_for_Ubuntu_Servers_.28Recommended.29
<hydromet> it seems almost too simple and I'm concerned that there might be more to it than those four steps
<hydromet> this is also for a headless (no desktop) Ubunutu server
<SpamapS> hydromet: no it really is that easy
<SpamapS> hydromet: I'm not sure if 9.10 had the cool feature where it spawns a second sshd just in case the primary gets killed, but I know current releases do that.
 * SpamapS upgraded his 11.04 EC2 instance to 11.10 with the same steps just recently
<cwillu_at_work> a second ssh doesn't help with that post-upgrade reboot :p
<SpamapS> cwillu_at_work: indeed.. but ultimately, what does other than remote console? ;)
<cwillu_at_work> SpamapS, at which point, who needs the second sshd? :)
<SpamapS> cwillu_at_work: its for the times where the ongoing upgrade fails hard
<cwillu_at_work> SpamapS, but... you have remote console
<cwillu_at_work> it's like complaining that btrfs doesn't have fsck, so what will you do if it breaks?
<SpamapS> cwillu_at_work: often much easier to just ssh -P xxxx than fire up the remote console, but I see your point.
<cwillu_at_work> SpamapS, exactly.
<SpamapS> basically "meh, get remote consoles"
<cwillu_at_work> if it's more than a convenience, you're in deeper than you think
<hydromet> SpamapS; thank you, I'm really glad to know that its as easy as those steps provided, even if the SSH connection gets terminated that's not the end of the world (I have physical access to my machine if I should need it though I would prefer not to plug in a KVM)
<cwillu_at_work> hydromet, it varies though
<cwillu_at_work> if you generally do things properly re: settings and so forth, and any universe/third-party packages all work properly, it's generally pretty smooth
<cudgel> is this the proper channel for discussion of cloud-init related topics?
<cwillu_at_work> cudgel, if you had asked the actual question, whether this is the proper channel would be clearer :p
<cudgel> fair enough.  how do I make use of LVM2 through cloud-init?  I've got a custom cloud-boothook, that does the work of pvcreate, vgcreate, even carves out a swap volume.  However, not sure how exactly I should deal with the default mounts.
<cudgel> for instance:
<cudgel> in my cloud-config, I have:  mounts:
<cudgel>  - [ ephemeral0, null ]
<cudgel>  - [ swap, null ]
<cudgel> (sorry for the spam paste there)
<cudgel> yet, with those entries, /etc/fstab is still updated w/ swap and /mnt entries.
<cudgel> presumably, I can modify that swap line to use the right volume I'm creating.  Butâ¦  not sure how to deal with /mnt
<cudgel> how's that?  more clear?  proper channel? :)
<JanC> cudgel: certainly more useful for people to decide if they can answer (I can't)
<JanC> cudgel: #ubuntu-cloud might be useful to
<cudgel> ash, interesting, I didn't see that channel in the list.  I'll check it out!
<cudgel> ah.  not ash.  fingers = fat.
<alienz> hey guys, is there a way to install gcc on ubuntu server without having to install build-essential?
<patdk-lap> sure just install gcc, and not build-essential
<alienz> it was already installed.. what i was missing was g++.. thanks
<Jacky> Yo everyone
<Jacky> just had pop in and wondering if any body had any experience in getting ubuntu orchestra working
<Jacky> :)
<Jacky> nobody willing to share a secret or two?
<lifeless> Jacky: everyone familiar with it is busy @ UDS
<lifeless> Jacky: s/everyone/nearly everyone/
<Jacky> Oh cool
<Ursinha> /m/27
<Takyoji> Anyone know of a way to remotely deploy Evolution configs for users? Or perhaps with Thunderbird, or?
<twb> Takyoji: on a single LAN, from a server to a bunch of linux workstations?
<twb> Takyoji: do the users' get their $HOME from the server?
<Takyoji> their /home folder is via NFS
<twb> You can probably just edit files in /home if it comes to that
<twb> Most of the MUA config will be user-local
<Takyoji> that's what I'm thinking; I'm just not sure if Evolution has secret little binary config files or similar
<Takyoji> I was also worrying about password config, but I guess I'd just have the users save enter their passwords (or have it remembered by the keyring daemon)
<twb> What I do for tbird, since I control the desktop SOE, is to put stuff in /usr/lib/thunderbird-*/greprefs/all.js
<twb> http://paste.debian.net/142197/
<Takyoji> Pssh, you and your convenient lambda scripts. :P
<hydromet> SpamapS: just wanted you to know that indeed Ubuntu Server 9.10 amd64, when upgrading to 10.04, spawns a second SSH daemon in case of failure / emergency. This is great, it made my day and was easier than I expected (keep in mind, the Microsoft dominated world train people into thinking things have to be overly complex). How refreshing Ubuntu is!
<twb> dru *is* overly complex
#ubuntu-server 2011-11-03
<mgw> SpamapS: do you know if perhaps koan âstatic-interface is broken?
<mgw> SpamapS : ...
<mgw> or anyone else
<mgw> my xml is coming out with "ksdevice=link" instread of eth0
<scalability-junk> what would be the best way to backup a full kvm based on lvm storage?
<scalability-junk> is there any good article about how to ?
<scalability-junk> I want a full snapshot backed up, with the ability to restore the full vm, any ideas?
<patdk-lap> scalability-junk, the best way?
<patdk-lap> shutdown the kvm
<patdk-lap> make a copy of the lv, using like dd
<patdk-lap> or just back it up like any other computer
<scalability-junk> patdk-lap: yeah I already got a backup from inside the vm, but I just wanted to have a way of backup up the whole vm once a month or so
<scalability-junk> so the best way would be shutdown, dd, and then backup to remot
<scalability-junk> *remote
<patdk-lap> if you don't care about data consistancy, and want to do it without a shutdown
<patdk-lap> and don't care about lvm snapshots slowing things down
<patdk-lap> then you can do a lvm snapshot
<patdk-lap> then do the dd backup from the snapshot
<scalability-junk> mh consistency would be better... any experience on how long the downtime would be of a 100G vm with dd?
<twb> LVM snapshots are O(1)
<patdk-lap> that all depends on what your coping from and where you copy to
<scalability-junk> from disk 1 to disk 1 :D
<patdk-lap> the speed of 1 disk to 1 disk
<patdk-lap> whatever speed your disks have to spare
<twb> It's faster if you write to /dev/null instead
<scalability-junk> twb mh great suggestion :D
<twb> And only slightly less reliable
<patdk-lap> twb, faster if you don't bother reading :)
<twb> patdk-lap: but then you don't have a backup!
<twb> One of my customers, they had a broken backup script
<twb> For FIVE YEARS they were dutifully swapping new tapes in each week
<twb> The backup script did nothing but eject the tape
<patdk-lap> ya, love those :)
<patdk-lap> I try to check atleast once a month
<scalability-junk> oh they could have saved so much money on tapes :D
<patdk-lap> hell, saved manpower to change them :)
<scalability-junk> mhhh gzip is just using one cpu damn
<patdk-lap> well, use something better
<twb> scalability-junk: that's because it's sooper-optimized in assembly on x86
<patdk-lap> p7zip, pigz, ...
<scalability-junk> what's better than just use dd if=/vm | gzip -9 > vm.dd
<patdk-lap> depends what you call better
<twb> patdk-lap: that's a funny way to say xz-utils
<patdk-lap> more space saved, or done faster
<patdk-lap> twb, never used xz
<scalability-junk> yeah -9 seems overkill probably
<patdk-lap> normally use 7z myself
<scalability-junk> mh I try with -1 first
<twb> xz is the same algo as 7z
<twb> But it doesn't stupidly conflate archiving with compressing
<patdk-lap> if you want faster, lzop gives ok compression at full throughput
<twb> I'm a big fan of mksquashfs foo foo.sq -compr xz
<scalability-junk> I think I go for using dd withoutg compression and then do the compression afterwards so the vm can be started up again
<patdk-lap> compression, using say lzop could make it faster
<scalability-junk> ok I'll check that out thanks
<patdk-lap> any compression that doesn't overload the cpu, means less disk writing
<twb> lzop is designed for real-time use
<twb> so it won't overload any normal cpu
<patdk-lap> I love using it for memcache type things
<scalability-junk> my estimation right now dd the whole vm would be a downtime of about 5-20 min
<scalability-junk> 40G
<patdk-lap> scalability-junk, should be around 6-7min
<twb> Just quiesce the VM, ensure the VM subsystem has flushed to disk, then LVM snapshot and back that up
<patdk-lap> unless the box is busy doing other things
<twb> Or worst case, stop the VM, make an LVM snapshot, start the VM, then do the backup from the snapshot
<scalability-junk> patdk-lap: yeah unfortunately it won't be too idle...
<patdk-lap> ya, stopping the vm, snapshot, start vm, would work also
<patdk-lap> but also make disk slower, till you remove the snapshot
<scalability-junk> would that be faster in terms of downtime?
<twb> patdk-lap: unless he's some stupid mysql user, who ccares
<patdk-lap> twb, unless you do any disk writing :)
<scalability-junk> twb: mysql is not the only thing writing to ram
<scalability-junk> I'm a fan of loading stuff into ram ;)
<patdk-lap> ram? we are talking about writing to disk, in the vm
<twb> Maybe he knows how reliable mysql databases are, so only uses them on tmpfs
 * patdk-lap hasn't had a mysql issue
 * scalability-junk me neither
 * scalability-junk is using mysql master in ram and slave on disk sometimes :(
<patdk-lap> scalability-junk, shutdown kvm, snapshot, restart kvm
<patdk-lap> should only take very very little time
<patdk-lap> then do your backup, and remove snapshot
<scalability-junk> probably the best yeah
<patdk-lap> did that for mysql on freebsd to back it up
<scalability-junk> just to clarify for restoring .dd files it would be enough to do "dd if=vm.dd of=/path/to/new/lv/vm" right? and then start the vm with virsh --create vm.xml ?
<patdk-lap> maybe
<patdk-lap> but didn't know lvm's did that
<patdk-lap> you using files? or lvm?
<scalability-junk> lvm
<patdk-lap> so your using raw partitions, so like, /dev/mapper/vg-lv, or /dev/vg/lv
<scalability-junk> yeah
<patdk-lap> yep
<patdk-lap> or tell kvm to use the file instead of the partition :)
<scalability-junk> so instead of restoring to a partition I'm just using the .dd file?
<scalability-junk> but wouldn't that have performance issues?
<patdk-lap> doubtful
<patdk-lap> pretty sure kvm file access is about the same as partition access
<patdk-lap> there is some extra overhead
<patdk-lap> but normally not enough to bother about
<scalability-junk> the same with .img files?
<patdk-lap> now, if you used sparse files, and it gets heavily fragmented over time, that could really be a perofrmance issue
<scalability-junk> I used them before and they were a lot slower
<patdk-lap> dunno
<scalability-junk> that's why I switched to lvm ...
<patdk-lap> I haven't had an issue either way, but only tested with xen
<scalability-junk> ah ok
<patdk-lap> but then, you have to set it all up correctly
<scalability-junk> mh I'm trying the dd from file to new lv and hope it's working as supposed :D
<scalability-junk> oh damn I love gzip :D
<scalability-junk> 20G down to 200M, perfect for not fully used lvs :D
<patdk-lap> except you had to read that 20gigs :(
<scalability-junk> patdk-lap: yeah that's not perfect, but I have no other solution yet.
<scalability-junk> and it's not the main backup solution, the main one is from inside the guest which is much smarter...
<yaboo> any mdadm experts about
<twb> !anybody
<ubottu> A high percentage of the first questions asked in this channel start with "Does anyone/anybody..." Why not ask your next question (the real one) and find out? See also !details, !gq, and !poll.
<yaboo> ok have a raid 5 unit with 5 disks, rebooted and seems I have a non functioning raid with three disks and two spares
<yaboo> how can I fix my raid array
<uvirtbot> New bug: #885522 in samba (main) "package samba 2:3.5.8~dfsg-1ubuntu2.3 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/885522
<uvirtbot> New bug: #885538 in samba (main) "package samba 2:3.5.8~dfsg-1ubuntu2.3 failed to install/upgrade: ErrorMessage: package samba is not ready for configuration  cannot configure (current status `half-installed')" [Undecided,New] https://launchpad.net/bugs/885538
<yaboo> trying to reassemble a raid array have four of the five disks and recreates the array, but cannot mount the array
<i3luefire> what is the best way to create an RSA key pair in windows
<twb> i3luefire: use putty, ssh into a normal box
<i3luefire> i thought the key gen had to happen on the machine to be used
<twb> Well, it is better to minimize the places the secret key occurs
<twb> If you move or copy the secret key, it could be intercepted at either end, or in transit
<twb> But RSA is just an assymetric crypto algorithm; it doesn't even have to be used on a computer
<twb> You could use it to encrypt paper notes to pass to your girlfriends in class if you really wanted to
<i3luefire> so if i use putty do i need to type in the key passphrase everytime i log in
<twb> Um, it kinda depends what you want this for
<i3luefire> hmm
<i3luefire> well i used like a 30 char passphrase so i think im gna make it shorter
<virusuy> lol, i dont imagine myself sending some encrypted paper notes to my girlfriend :-)
<virusuy> that sound funny :-D
<twb> cos you ain't got one
<virusuy> girlfriend ? or encrypted message to send ?
<virusuy> :-P
<twb> Yes
<virusuy> LOL
<uvirtbot> New bug: #885554 in mysql-5.1 (main) "mysql-server-5.1 Unpacking Halts 11.04-11.10 Server Upgrade" [Undecided,New] https://launchpad.net/bugs/885554
<i3luefire> ok. i think i have it set up with reasonable defaults but i get the error connection refused
<zetui> hello
<zetui> anyone there ? Â²
<greppy> nope
<afuentes> is there a technical reason why bash.autocompletion is disabled for root account but its enabled for regular users by default?
<zetui> hello anyone there ?
<afuentes> dont ask to ask, just ask zetui
<zetui> ask to ask what ask ?
<afuentes> if anyone knows it and its awake, they will probably answer you
<zetui> ok what this command do : tar -C /overlay -cvf - . | tar -C /mnt/sda1 -xf -
<afuentes> i hate to be that guy, but: man tar , then press /  and type -C (n for next ocurrences) and do so for every option...
<afuentes> as hints, | (pipe) redirect the output of a comand to the input of the next, - (hypen) means standar input, . (dot) means current directory
<zetui> take it easy afuentes
<zetui> of course i check on man tar
<zetui> for -C it is written change to directory DIR
<zetui>    -c       create a new archive
<onre> what part is unclear?
<onre> the first command changes directory to /overlay and starts archiving that dir to stdout, which is piped to another command which changes dir to /mnt/sda1 and starts to unpack stuff from stdin
<afuentes> sorry if i sounded rude zetui, something is not working here and its frustrating me lol
<onre> so, in a way, the command is quite similar to cp -a /overlay/* /mnt/sda1
<zetui> this one - . |
<onre> the '-' is actually argument to option -f, which takes a filename. if filename is -, tar uses stdin/stdout instead of file. '.' is the directory that tar will archive. '|' is unix pipe
<onre> afuentes told this a few lines earlier, actually
<zetui> an archive should always be in a format .tar right ?  correct ?
<greppy> zetui: a tar archive will have a .tar or if it is also gzipped it would could be tar.gz or .tgz or if it is just compressed it could be .tar.Z
<greppy> there are multiple archive formats
<afuentes> zetui, if u mean that a tar file should end in .tar, yes, its preferable but its not requerided
<zetui> ok
<ibatron> hey all, i have a problem with getting a java cgi script to run with apache2 (yes i know cgi is bad, its part of a uni lab), the shell script contains "java -Xms16m Hello" and does not seem to run when accessed from url as cgi
<ibatron> it runs well when tested on cli, both as me and user apache
<ibatron> ive tried instead running a python script or echoing out the header which works
<ibatron> but the java program never seems to run (have it write to a file just to see, which it doesnt)
<ibatron> but apache does not report what is the problem, i only get "malformed header" which is quite true since the program never ran
<gnuyoga> ibatron: can u run a hello world
<ibatron> yea
<gnuyoga> ibatron: also i remember setting the correct environment varible. its been a while i used CGI ;-(
<gnuyoga> ibatron: anything apache error logs says ?
<ibatron> yea i know was surprised to see us being asked to use it but guess they want to teach us to feel pain
<gnuyoga> ibatron: tail -f /var/log/httpd/access and error will give some clue
<gnuyoga> ibatron: that sad ;-(
<ibatron> in my cgi script, if i echo content type it works fine
<gnuyoga> ibatron: is ur prof a sadist ;-(
<ibatron> apache error reports malformed header
<ibatron> but the header printed is fine
<ibatron> i know the java app never even exuctes, because if it did it would write a file
<ibatron> it seems like it yes :S
<ibatron> ill check what access says
<ibatron> access just says 500 (internal server error) which is because of the malformed header, which in turn is due to the java program never running
<ibatron> ive tried running sudo -u apache ./hello.cgi and that executes just fine
<greppy> ibatron: are you setting the path in your cgi script? if not, try giving the full path to the java interpreter
<ibatron> yea using the full path to java
<shauno> I'm not sure it should be needed anymore, but I used to have to set JAVA_HOME to the absolute path to the binary (eg, /usr/lib/jvm/java-6-openjdk/jre/bin/java on mine, not the /usr/bin symlink)
<ibatron> hrm it might be a path error but not the binary
<ibatron> i am using java Hello
<ibatron> it might be that it cant find Hello?
<greppy> ibatron: could be.
<ibatron> can i specify the path to Hello somehow?
<ibatron> usually running all my java apps in eclipse so a bit new to cli running java
<ibatron> like java /var/www/Hello.class --run-main or something
<ibatron> hrm maybe thats what that $CLASSPATH is all about...
<dnjaramba> what flavour of linux would be best for an internet startup?
<pmatulis> dnjaramba: ubuntu
 * greppy looks at the channel name
<onre> i'd prefer something with cherry in it, possibly with a hint of vanilla
<dnjaramba> pmatulis: anyone using it out in the  wild? pardon me asking
<pmatulis> dnjaramba: is anyone using ubuntu?
<pmatulis> dnjaramba: yes, many people are using ubuntu in the marketplace
<onre> we're probably talking tens if not hundreds of thousands of people here, i'd guess
<ibatron> greppy: tried CLASSPATH=/var/www/html/ then export CLASSPATH but still same issue
<dnjaramba> pmatulis: i think am trying to ask how sturdy the server version is, in terms of performance and security
<pmatulis> dnjaramba: very good
<shauno> wikimedia run some fairly trafficed sites off it
<onre> dnjaramba, i worked for a year at an internet startup and we had server infrastructure in amazon ec2, and all of our servers ran ubuntu server 11.04 lts. not a single OS-related problem occurred
<onre> dnjaramba, we didn't have more than about a dozen instances, but we had real production use without any problems, including a major launch
<pmatulis> dnjaramba: next april will be the next LTS release (security and major bug updates for 5 years).  it is more geared towards the corporate world
<onre> dnjaramba, also my hobby project has about 3.5 million page loads per month and it runs on a single dell poweredge running ubuntu server
<pmatulis> !lts | dnjaramba
<ubottu> dnjaramba: LTS means Long Term Support. LTS versions of Ubuntu will be supported for 3 years on the desktop, and 5 years on the server. The current LTS version of Ubuntu is !Lucid (Lucid Lynx 10.04)
<greppy> dnjaramba: I use the LTS versions for mail/web/shell servers
<pmatulis> hmm, can someone correct that factoid to state that beginning with 12.04 desktop is supported for 5 years also?
<dnjaramba> thanks guys!!
<pmatulis> dnjaramba: see you around
<dnjaramba> i already know alot about ubuntu for desktops, was just wondering about the server version because i wanna use ubuntu for a gig
<pmatulis> dnjaramba: time to come onboard then.  what kind of gig?
<dnjaramba> pmatilus: sort of like salesforce for schools
<pmatulis> dnjaramba: database backend i presume?
<dnjaramba> pmatilus: yeah
<pmatulis> dnjaramba: what database?
<dnjaramba> i am currently looking at MongoDB, neo4j and of course MySql
<incorrect> i am passing log level debug to syslog, but i can't see where or which console it is logging the message to
<ikonia> df -h
<ikonia> oops, sorry
<Nothing2Loose> greetzz
<dender> hi... how i can know if i'm running ubuntu server or desktop uname -a and lsb_release are too similar
<ninjix> dender: you can cat the /etc/lsb-release
<_ruben> the most obvious difference is the lack/presence of X
<ninjix> dender: I also use this in a few scripts
<ninjix> dpkg --get-selections | grep linux-image | grep -v deinstall
<ninjix> I found it at: http://askubuntu.com/questions/12562/how-to-check-if-ubuntu-desktop-or-server-is-installed
<Kiall> that seems awful heavy to check if its server/desktop!
<ninjix> agreed
<patdk-wk> dpkg -l ubuntu-desktop?
<Kiall> `uname -a | grep server` .. if $? == 0, its a server
<patdk-wk> kiall, unlikely to work
<Kiall> patdk-lap: works every time ..
<patdk-wk> there are too many kernels other than -server
<patdk-wk> kiall, none of my servers have a -server kernel
<patdk-wk> normally -virtual :)
<Kiall> all the server ubuntu server kernels have -server?
<Kiall> dooh
<Kiall> virtual
<ninjix> yup
<patdk-wk> dunno if it's still the case, but for 32bit it used to be -general-pae
<patdk-wk> oh -generic-pae
<patdk-wk> but I also use -generic-pae on desktops too
<ninjix> I ran into the same regex pattern search headaches for desktop/server/virtual writing puppet modules
<Kiall> `uname -a| grep -P '(server|virtual)'` ;)
<patdk-wk> kiall, still doesn't work for 32bit servers :)
<Kiall> -_-
<patdk-wk> lucid 32bit uses -generic-pae
<Kiall> there *has* to be a better way than dpkg ..
<ninjix> facter provides the "operatingsystemrelease => 3.0.0-12-virtual"
<patdk-wk> oh ya, you also have -xen too :)
<ninjix> Kiall: it does seem like a basic need someone would have solved a while ago
<ninjix> let us know if you find a more efficient way
<patdk-wk> see if openssh-server is installed :)
<ninjix> ;)
<storrgie> I am running 10.04, is it possible to easily install the 2.6.35 kernel?
<storrgie> or even more recent kernels?
<ninjix> storrgie: yes, the .35 kernels are now in the LTS repo
<ninjix> you just have to manually select them for install
<ninjix> I've found 10.04 LTS handles higher IO workloads a little better with the .35 kernel
<storrgie> ninjix, how do I do this, my apologies I'm a little concerned about doing this on my system
<storrgie> I dont want to screw it up
<patdk-wk> install it, reboot
<ninjix> storrgie: just a moment while I log into one of my LTS boxes
<patdk-wk> if it didn't work, reboot with the old kernel :)
<scalability-junk> I have a problem with virsh and thought perhaps someone here knowns about it. when I destroy vms they disappear on one of my servers and I don't know how to fix it
<scalability-junk> so instead of saying domain1 is shutoff it just shows nothing
<storrgie> ninjix, thanks!
<storrgie> ninjix, just checking your history? :D
<storrgie> patdk-wk, I'm doing this on a remote system, I would have to drive about 200 miles to fix it if it doesnt work
<storrgie> Its in a locked closet
<patdk-wk> well, either drive if it doesn't work
<patdk-wk> or setup grub to failover on reboot
<storrgie> if ninjix got it working fine, I'll just take his advice
<ninjix> storrgie: do you have console access at all? Serial or Virtual?
<storrgie> ssh
<ninjix> I'll caution you on switching kernel families remotely
<ninjix> without access to the console
<storrgie> Sure, understood. I'm guessing you have done this on some of your remote machines
<ninjix> Ubuntu and Debian do an awesome job of making this easy but it doesn't alway go according to plan
<storrgie> This machine is quite vanilla, I think the only weird I have is a single mdadm volume
<storrgie> otherwise, I'm installed to a basic storage device
<storrgie> everything should be pretty vanilla
<ninjix> I find that on average about 1/25 machines need console attention for some reason after switching kernels
<ninjix> Do you have all of your packages updated?
<storrgie> ifyeah
<storrgie> yeah*, just did a dist-upgrade
<ninjix> ok
<ninjix> did it pickup an updated .32 kernel?
<storrgie> 2.6.32-34
<storrgie> agd@minerva:~$ uname -r
<storrgie> 2.6.32-34-generic-pae
<ninjix> is a restart request pending?  ls /var/run and look for a restart request file
<storrgie> nope I restarted after install
<storrgie> im going to restart again though, just in case
<ninjix> If it's restarting remotely then you *should* be OK
<storrgie> as soon as it comes back up I'll be ready
<storrgie> I rebooted it last evening also
<storrgie> ok, up
<ninjix> you've got a choice of also using the newer "Natty" kernel build with 2.6.38
<storrgie> you said that 2.6.35 is in the lts tree?
<ninjix> aptitude search linux-image should give you the list of available kernel packages
<ninjix> LTS has .32, .35, .38 kernel families
<storrgie> I think I'll go for 2.6.35
<storrgie> however I'm making this choice arbitrarily
<storrgie> I do need 2.6.35 or greater because I'm trying to do usb audio 2.0
<storrgie> im worried that I may update my kernel and alsa may need update also
<ninjix> this a desktop or server?
<storrgie> server
<storrgie> I literally use it for smb, mdadm and mpd/alsa
<storrgie> just got a new dac (schiit bifrost) at this location, they want to play music from the thing via usb 2.0.
<ninjix> I don't do much with audio devices on servers
<storrgie> well, I can shoot for 2.6.35 and see if it works
<storrgie> do I literally just do a:
<storrgie> sudo apt-get install linux-image-2.6.35-30-generic-pae
<ninjix> yes
<storrgie> and everything else works out?
<elb0w> How can I change the motd so its always the same thing?
<storrgie> grub regens and such?
<elb0w> keeps getting regenerated
<ninjix> yup
<patdk-wk> eblow, fix your update-motd script
<storrgie> lets roll the dice!
<ninjix> have to thank all of the people that have worked so hard over the years making it so easy. :)
<elb0w> patdk-wk: I installed update-motd
<elb0w> now what
<elb0w> Its not changed anything
<patdk-wk> heh
<storrgie> rebooting!
<ninjix> Godspeed, man
<patdk-wk> elb0w, try man update-motd, and you probably want to UNINSTALL it
<hallyn> stgraber: could you push http://people.canonical.com/~serge/lxc.debdiff (for oneiric-proposed, fix two SRU bugs for xlyz)
<storrgie> ninjix, working!
<storrgie> ninjix, also, alsa picked my usb dac right up
<storrgie> ninjix, thank you so very much!
<ninjix> storrgie: excellent
<maxb> Suppose I have several PEM X509 certificates and RSA private keys in a directory, and past owners haven't been all that tidy.. is there an openssl or other command that will check whether a given certificate and key match?
<patdk-wk> is there anyway I can download a source package from like precise? without having to update all my apt sources?
<stgraber> hallyn: looking
<genii-around> patdk-wk: You could try https://launchpad.net/ubuntu/precise/  , using the search.
<patdk-wk> ya, that isn't really a command line option :)
<genii-around> There are command-line web browsers :)
<patdk-wk> I was hoping for something like, apt-get source -t percise xxx
<patdk-wk> cause I want the source from the other system, but I don't want to screw up my updates
<pmatulis> patdk-wk: did you read the man page for apt-get?
<elb0w> http://francisaltomare.com/upvotes/
<elb0w> lol
<pmatulis> elb0w: go to #ubuntu-offtopic for that stuff
<elb0w> o
<elb0w> wrong chan
<elb0w> my bad
<CrazyGir> hello, using qemu for linux kvms, is there a qemu-specific module that is needed? (separate from kvm)
<CrazyGir> when trying to start a vm I get an error about the supported vm types: error: internal error unable to start guest: Supported machines are:
<filo1234> hi all, when I configure ethernet interface with dhcp, who writes /etc/resolv.conf file?
<genii-around> filo1234: dhclient-script
<pdtpatrick1> Question .. iptables does not have a daemon .. upstart or init.d script. Is this part of the base package? Built into the OS ?
<Ursinha> pdtpatrick1: I think that talks pretty much with the kernel
<patdk-wk> why would iptables need a daemon?
<patdk-wk> or are you thinking of the rhel iptables startup script to enable default firewall rules?
<pdtpatrick1> right something along those lines
<pdtpatrick1> albeit .. was just curious
<mgw> anybody know how i can get cobbler to kickstart with the local squid proxy instead of gb.archive.ubuntu.com?
<jamiemill> Is it possible for temporary downtime (let's say recurring 20 minute gaps in service) to be caused by DNS problems?
<patdk-wk> sure
<jamiemill> A server has been unreachable today intermittently by people, whereas AWS, didn't notice any problems
<patdk-wk> but how should we know?
<jamiemill> patdk-wk who is that to?
<patdk-wk> you know, almost anything can do that :)
<jamiemill> patdk-wk is that directed at me?
<patdk-wk> this is the internet, no one said 100% of it is up and running 100% of the time
<patdk-wk> jamiemill, na, just to the internet irc channel ghost
<mgw> SpamapS : do you happen to be here?
<jamiemill> patdk-wk OK. I just wondered because I'm not sure how DNS works, I know it is cached so I thought it strange that the availability was intermittent. But still I suspet DNS is where the problem lies because a few times recently my browser said "name not resolved" or something, and then magically came back a few mins later
<jamiemill> But I wonder how I can detect and prove a DNS problem
<patdk-wk> jamiemill, and the DNS in question is?
<jamiemill> 123-reg
<patdk-wk> that isn't a dns, that is random numbers/letters
<patdk-wk> fqdn?
<jamiemill> using a CNAME to map to a amazon load balancer
<filo1234> genii-around: I read right now your answer.. thanks, but can I modify that script for to set a couple of DNS like google dns for example?
<patdk-wk> don't tell me your depending on dns search to map hostnames to full names?
<jamiemill> patdk-wk ah sorry, yes it's a XXX.XXX.com which is a CNAME pointing at AWS elastic load balancer
<patdk-wk> sorry, if your going X out everything I ask, or not give it, I can't help you
<filo1234> genii-around: or what I can modify for my goal? :)
<patdk-wk> if you dns name is so super secret, maybe you should use it on the internet?
<Ursinha> patdk-wk: calm down, man :)
<EvilResistance> if i'm using an external hard disk to act as backup storage space, would it be prudent to throw additional linuxswap onto the external disk to supplement the swap on the drive which the system runs off of?
<EvilResistance> i ask because i've got most of my swap and RAM already used
<patdk-wk> EvilResistance, what does free -m, say?
<genii-around> filo1234: Instead of modifying the system scripts, why not instead add post-up directives to your interfaces file?
<EvilResistance> patdk-wk:  it was hypothetical.  its got about 5 VMs on the server
<EvilResistance> VPSes
<EvilResistance> hence the usage of RAM and SWAP
<EvilResistance> :/
<jamiemill> patdk-wk OK it's not super secret, if it will help you to help me, the record in question is secure.skylightit.com
<filo1234> genii-around: you mean dns-option?
<EvilResistance> its an unorthodox question, i know, but still
<EvilResistance> :/
<noball> hello
<noball> i have installed x11-common but startx doesn't work
<noball> please help
<shauno> dare I ask what bus the external's going to be on?  the last thing you want to do with swap is add yet another bottleneck
<EvilResistance> shauno:  USB 2.0
<patdk-wk> jamiemill, on your side, 1day cache for dns, on amazons side, 1 min
<EvilResistance> actually wait
 * EvilResistance checks
<patdk-wk> so maybe if the dns server that was looking it up, for the client was having timeout issues
<patdk-wk> or other internet routing issues, bgp flaps
<Ursinha> noball: startx.. why are you using that? :) what's the error message?
<patdk-wk> amazon is defently not failure proof though
<noball> Ursinha: i have installed ubuntu server and i want to run virtualbox to host other operating systems
<filo1234> genii-around: can you say me an example about post-up directive for dns domains?
<noball> Ursinha: but problem is i cann't start startx or blackbox
<EvilResistance> shauno:  USB 3.0.  I forgot i installed a USB 3.0 card that's compatible with Linux.
<Ursinha> noball: so you might want to install another package that would install all you need instead of installing the packages manually
<jamiemill> patdk-wk Hmm thanks, I see, kind of. The thing is, we had reports from two different countries today that the site was intermittently unavailable - UK and India, so it wasn't just one person. I can't 100% rule out a problem with the app itself, but still I suspect something around DNS.
<Ursinha> I mean, you install evilwm and it installs all it needs to make it work
<genii-around> filo1234: under iface eth0 inet dhcp in /etc/network/interfaces  you could add something like dns-nameservers x.x.x.x     if you wanted to specify one there. Or you can also add something like  post-up echo "nameserver x.x.x.x" >> /etc/resolv.conf
<noball> Ursinha: thanks
<patdk-wk> jamiemill, I wouldn't point my finger at dns too much
<jamiemill> patdk-wk Plus I've seen a DNS failure myself a couple of times, but I put it down to my wireless router.
<jamiemill> patdk-wk OK fair point
<Ursinha> noball: I'd use a minimalist environment for that, like evilwm
<patdk-wk> amazon could of had a dns server failure
<patdk-wk> but so many other issues are much easier to have issues with :)
<patdk-wk> mainly bgp routing, and peering
<noball> Ursinha: evilwm says unable to open display
<Ursinha> noball: that's pretty much access to terminal with graphic windows :)
<jamiemill> patdk-wk So to you there's nothing obviously wrong in the current DNS at least?
<patdk-wk> not from what I can see, but I'm in the usa, using amazons usa servers
<Ursinha> noball: so you can try this: see if you are running xorg somehow, if not, run it
<filo1234> genii-around: ok, I tought about dns-nameservers directives but it run only with resolvconf package installed right?
<patdk-wk> uk should be using the ireland amaozon
<patdk-wk> and india should be using singapore
<filo1234> genii-around: I'll try post-up
<Ursinha> noball: then go to another tty and start evilwm pointing to the display where Xorg is (possibly :0.0)
<patdk-wk> the scale of amazon makes it really hard for a user to track an issue like that down, cause you can't test all paths
<noball> Ursinha: ok
<jamiemill> patdk-wk Yeah, and the service status page claims everything is hunky dory.
<noball> Ursinha: i am installing xorg
<jamiemill> patdk-wk Anyway I set up pingdom to monitor from all over now, so will see if that sheds any light.
<noball> Ursinha: but i wanted a light weight desktop manager
<Ursinha> lighter than evilwm is hard :P
<patdk-wk> jamiemill, hmm, your using the appbalancer?
<patdk-wk> I wonder if maybe your app/ec2/... was not responsive and it took it offline for a min or two?
<patdk-wk> and it came back when it wasn't overloaded
<patdk-wk> I can't say for sure, cause I have never used amazons loadbalancers myself
<VivoDePyre> Hey mates
<kints> hi dunno if someone can help me i'm making a clean ubuntu 11.10 install with a nvidia quadra nvs 295 but i'm not being able to connect to Xserver
<VivoDePyre> So I accidentally my entire GNOME shell
<kints> dunno if i'm in the correct place to ask here but no one in #ubuntu could help me
<Ursinha> kints: does it work with the live cd?
<kints> i've blacklisted nouveau and i've tried to install nvidia-current with apt-get and wget the most recent x86_64 drivers with no luck..
<jamiemill> patdk-wk Yes we are. I suppose it's possible. We currently only have one server behind the balancer and if it was taken out of service there'd be nothnig. But then there'd at least be a 503 message i believe, whereas we've had reports of blank screens. But CPU on the server has been low all day.
<kints> Ursinha: it works with nomodeset and noapic
<VivoDePyre> My name is in gray, can anybody hear me?
<Ursinha> kints: ugh.
<Ursinha> VivoDePyre: the color of your nick varies according to the irc client people are using :)
<VivoDePyre> Ah, I see. I'm new to IRC
<hidensoft> what is best version of ubuntu for server ?
<kints> Ursinha: actually it only ubuntu (terminal) only boots if i enable (disable) these 2 boot options
<patdk-wk> jamiemill, blank screens? or the unable to locate server?
<patdk-wk> blank screens normally means apache segfaulted
<VivoDePyre> So, I'm very new to ubuntu, booting 11.10 (oneric). I was trying to install some themes in GNOME 3.2 and I sorta deleted my entire shell
<jamiemill> patdk-wk Yes I suppose you're right. If it was DNS they'd at least get a browser error message I think
<VivoDePyre> Is there anyway I can set all my system files to default settings with a boot-drive?
<jamiemill> patdk-wk But the reason I'm investigating DNS is that's the bit that's a mystery to me and I have personally seen the name not resolving a few times in the last few weeks
<patdk-wk> my slowest issue with dns is the 123-reg.co.uk
<patdk-wk> but that is expected, since they only have servers in the uk
<patdk-wk> jamiemill, if you have dns issue, use, dig +trace xxxx
<patdk-wk> that would show you where the issue is at
<VivoDePyre> No suggestions?
<jamiemill> patdk-wk Ah thanks, didn't know about that. Just ran and saw some output - will it be obvious if there's a problem?
<patdk-wk> well, you would have to do it twice, once for your name, and once for the appbalancer
<just-a-visitor> VivoDePyre: You could try to ask these questions on http://askubuntu.com/. There could even be already a similar question answered.
<patdk-wk> but if there is an issue, it should fail at the point of issue
<jamiemill> patdk-wk OK thanks will investigate
<VivoDePyre> Alrighty then, thanks
<filo1234> genii-around: thanks post-up is my goal :)
<hidensoft> i buy a vps today , i setup my vps with ubuntu 10.4 LTS ,  i must change host name or its not matter ?
<iggi__> Virtual Machine question, would you trust a qcow2 image to host mission critical data if the machine is monitored and guaranteed not to hit max disk usage?
<iggi__> In other words are the only issues with qcow2 when it runs out of space to allocate?
<iggi__> Also I believe it's slower, but I'd like someone else to confirm/deny
<patdk-wk> iggi__, I'm used to mission critical always getting fully allocated space, not sparse
<patdk-wk> mainly cause it's so much easier to HA
<iggi__> Yeah I thought about that as well
<iggi__> It doesn't need to be HA necessarily, just a storage location for template VMs and documentation
<iggi__> if I lost it, it would be hundreds of hours to recreate, so it's kind of valuable, but I was hoping to get away from adding drives when I need more space.
<mgw> anybody here with juju/orchestra experience?
<Ursinha> mgw: maybe they can help you in #juju
<Ursinha> :)
<mgw> ah, okâ¦. thanks
<mgw> i'll try that
<roaksoax> mgw: howdy! What seems to be your problem?
<mgw> oh, hi roaksoax
<mgw> how're you doing?
<roaksoax> mgw: I'm good, yourself?
<mgw> also well
<mgw> 2011-11-03 17:58:04,378 ERROR Could not find any Cobbler systems marked as available and configured for network boot.
<mgw> during juju bootstrap
<mgw> but i've brought up a couple systems with koan
<mgw> i think it's my management classes
<mgw> but not sure how to change that on a system that's already up
<roaksoax> mgw: that's one, it is either management classes that should be orchestra-juju-available or the pxe-enabled checkbox
<roaksoax> mgw: sudo cobbler system edit --name your-system-name --netboot-enabled=True --mgmt-classes=orchestra-juju-available
<mgw> ok, and then the system should be shut down ?
<roaksoax> mgw: yes, when you bootstraps then you should turn on the system and let it PXE
<mgw> ok
<roaksoax> mgw: once installed, juju status should show that the bootstrap is up and running
<roaksoax> mgw: we would be soon testing automatic power on/off with ipmi
<roaksoax> so you wont have to amnually turn one on
<mgw> ok, so in virsh, i should shutdown?
<mgw> and then run juju bootstrap?
<roaksoax> mgw: oh you are using virsh, so then, shutdown first, then run juju bootstrap, then poweron the machine selected to be the bootstrap node
<mgw> hmm, shutdown seems to do nothing
<mgw> i did a shutdown now and i'm in single user mode
<mgw> though
<roaksoax> mgw: virsh destroy <machine>
<mgw> ok
<mgw> sounds dangerous
<roaksoax> mgw: nah will just force the shutdown as if you pull the plug out of a system
<mgw> ok, now i'm getting ssh key not found
<mgw> which key do i need where?
<roaksoax> mgw: ssh-keygen -t rsa
<roaksoax> you need to generate a key for it to be used in juju
<roaksoax> ssh key
<mgw> on the system that i'm running juju bootstrap from?
<roaksoax> mgw: yes
<mgw> okâ¦ is this an intentional feature that it changes class to acquired even if it fails on the ssh key?
<roaksoax> mgw: nope, but good finding
<mgw> anyway, looks like i'm bootstrapped and just have some dns issues now
<mgw> thanks!
<mgw> : Invalid host for SSH forwarding: ssh: Could not resolve hostname vm1: Name or service not known
<roaksoax> mgw: you need to make sure that the place where you are running juju has DNS access to the name of the vms and you can ping the VM's using their dns names
<mgw> ok
<mgw> figured
<mgw> i know how to do dns, so i'll work on that
<mgw> thanks!
<roaksoax> mgw: if you want an environment configured for you that's easy to use, you could use cobbler-dev developed by smoser
<roaksoax> mgw: that's what I use for my testing
<mgw> i started with that
<roaksoax> mgw: just had to install orchestra on the cobbler server
<mgw> but wanted to get a proper system up
<roaksoax> mgw: cool
<mgw> i assume i need to put the public key on the vm that's serving the juju env?
<mgw> or it copies it for me?
<jamiemill> How would I know if my apache server had reached the max number of connections it could handle?
<jamiemill> Would it log somewhere?
<roaksoax> mgw: not really, if you use cobbler-devenv or a dhcp server that serves IP's you could just use that
<mgw> sorry, i'm not sure i understandâ¦. i'm getting this:
<mgw> Cannot connect to machine MTMyMDIwMzQ4MC40Njg2NDc1ODkuMjIwODM (perhaps still initializing): Invalid SSH key
<mgw> 2011-11-03 18:26:06,644 ERROR Cannot connect to machine MTMyMDIwMzQ4MC40Njg2NDc1ODkuMjIwODM (perhaps still initializing): Invalid SSH key
<mgw> when i run juju status
<mgw> the bootstrap succeeded
<mgw> and I can ping vm1
<roaksoax> mgw: so it might still be installing ubuntu on it
<CrazyGir> when trying to start a qemu/kvm with virst I get an error about the supported vm types: error: internal error unable to start guest: Supported machines are. is there a module or package I am missing?
<mgw> the console is up at the login promptâ¦.
<mgw> i already installed ubuntu
<mgw> using koan
<mgw> i ran koan âserver=x.x.x.x âprofile=xxx on the vm host
<mgw> when it finished, i used virsh destroy
<mgw> then ran juju bootstrap
<roaksoax> mgw: right, but when you bootstrap, you need to allow the machine to PXE and install as it will install some cloud-init stuff that is generated right after you juju bootstrap
<mgw> i see
<mgw> ok, would that show on the console?
<roaksoax> mgw: nope, that's all done in the preseed file
<mgw> or it's in the background?
<mgw> ok
<mgw> logging somewhere?
<roaksoax> mgw: so right after you juju bootstrap, juju gives cobbler some cloud-init information which is encoded and then later used on the installation
<CrazyGir> no?
<mgw> nmâ¦ found it cloud-init.log
<roaksoax> mgw: that information is stored in cobbler, and when you run the installation, it gets installed into the machine, but since you *first* installed with koan *before* having that information, you dont have that
<mgw> okâ¦ so i shouldn't use koan?
<roaksoax> mgw: I would allow the system to PXE boot instead
<mgw> ok
<mgw> is there a quick tutorial somewhere on using cobbler with VMs?
<roaksoax> mgw: help.ubuntu.com/community/Cobbler
<roaksoax> mgw: help.ubuntu.com/community/Orchestra --> though things need to be updated here
<CrazyGir> why do you get errors like this when trying to start a vm? I created this vm on another system and moved it over, defining it here, so I was thinking maybe missing packages / modules, but this seems ok: http://dpaste.com/646846/
<mgw> but those don't seem to give any details on how to set up a vm with virt-inst or something ready to pxe boot...
<CrazyGir> why pxe boot vms?
<CrazyGir> that seems like an over-engineered solution
<mgw> so orchestra can mange them
<CrazyGir> ah, is that a VM management app or something?
<mgw> more than that
<mgw> https://help.ubuntu.com/community/Orchestra
<RoyK> does orchestra easily allow for a fully redundant setup?
<mgw> or betterâ¦ https://help.ubuntu.com/community/Orchestra/Overview
 * patdk-wk wonders if there is any brass in orchestra, or if it's just strings
<mgw> just cobblers
<mgw> and squid
<mgw> takes a lot of cobblers to shoe a squid
<patdk-wk> I can't believe how fast launchpad is
<patdk-wk> while everyone is away :)
<patdk-wk> build times of 10min instead of 10hours
<mgw> where is everyone?
<CrazyGir> wow, interesting. I have actually been working on the same vision with puppet, pxebooting and auto/net installs on debian/openbsd
<mgw> yeah, we were using puppet before too
<mgw> and fabric
<mgw> and some other stuff
<mgw> but this ties it all together
<mgw> check out https://help.ubuntu.com/community/Orchestra/OverviewJuju too
<patdk-wk> mgw, they are at UDS
 * RoyK just attended a puppet training course and wonders if that was necessary if orchestra can do the same....
<mgw> i think puppet is more like jujuâ¦ but juju can actually use puppet
<RoyK> btw, orchestra seems to exist only on oneiric, I guess that'll just be the management server?
<CrazyGir> RoyK: puppet can do a lot more
<CrazyGir> and it is os/independent
<CrazyGir> did you go to the one in nyc?
<RoyK> CrazyGir: the OS independency is a very good reason to use it.....
<mgw> i expect to use both juju and puppet
<RoyK> CrazyGir: no, Oslo
<CrazyGir> ah
<patdk-wk> royk, ya, orchestra is new, and suppost to be cleaned up and big thing for 12.04
<CrazyGir> juju, I'll have to look that up
<patdk-wk> but kind of like a demo or whatever you want to say for 11.10
<CrazyGir> I want better vm manangement over vm servers seen as nodes
<CrazyGir> I have been waiting for openstack to get their act together
<mgw> open nebula perhaps?
<CrazyGir> yea, I haven't seen any simplicity from those projects
<CrazyGir> (neblua/stack/eucalyptus/etc)
<CrazyGir> they are ungodly complicated to deploy
<CrazyGir> why do you get errors like this when trying to start a vm?  http://dpaste.com/646846/
<mgw> roaksoax, so i just need to have a vm with no os, ready to bootâ¦ and have it's MAC configured in cobbler?
<mgw> sorry, a bit confused
<mgw> someone had pointed me to koan (SpamapS I think)â¦. so i was working from that direction
<RoyK> CrazyGir: are you using puppet?
<CrazyGir> indeed
 * gnuyoga loves puppet 
<CrazyGir> indeed
<tash> haven't attempted this yet, but I have 2 hard drives, 1 80GB, 1 1TB.  I'd like to use the TB drive for data storage ( app and mysql db ).  Will it be easy to install Ubuntu OS on the 80GB and use the 1TB for data?
<CrazyGir> tash: why not?
<max10> ciao
<RoyK> CrazyGir: how many servers?
<CrazyGir> I use it for 3 different projects, totally about 50 or so systems (physical + vm)
<CrazyGir> I even use it for things like my debian laptops
<CrazyGir> once you start using it, it is silly not to
<CrazyGir> once you automate the tasks that you used to spend hours fiddling with, it is insane to go back
<CrazyGir> RoyK: ^^
 * CrazyGir yells at the networking deities
<RoyK> CrazyGir: I'm an old-timer of sorts, pushing 40, and learning about puppet was a bit of a pick-me-up
<RoyK> CrazyGir: we have everything from old linux machines to solaris 8 and even some Vax boxes - I don't think we'll be able to integrate them all in the puppet setup, but most of them should do
<stgraber> hallyn: uploaded
<stgraber> hallyn: just to confirm, these are currently in Oneiric right?
<stgraber> *Precise
<hallyn> stgraber: in precise
<stgraber> right, all good then
<hallyn> stgraber: cool, thanks :)
<airtonix> is there a nice lvm manager thing that works/operates/appears like htop or jnettop does?
<^slacker^> airtonix: are you looking for iotop?
<^slacker^> airtonix: sounds like it might fit the bill
<airtonix> ^slacker^: i'll have a look/see
<uvirtbot> airtonix: Error: "slacker^:" is not a valid command.
<airtonix> -_-
<airtonix>  ^slacker^: ok i see why you recommend this(and i think i'd be using iotop), however i was hoping there was somekind of simple management tool to mount, resize, shuffle, etc lvm volumes
<^slacker^> airtonix: ah I see. system-config-lvm will do some of these things
<^slacker^> airtonix: it's probably easiest to mount lvm at command line anyway
<airtonix>  ^slacker^ looks like system-config-lvm is a X windows (gtk) application
<airtonix>  ^slacker^ or does it have an ncurses fallback interface?
<^slacker^> airtonix: oh it's x-based
<^slacker^> airtonix: it's not the answer you are looking for, but learning the lvm command line tools is the best way to deal with lvm
<^slacker^> airtonix: this looks like a good howto: http://www.howtogeek.com/howto/40702/how-to-manage-and-use-lvm-logical-volume-management-in-ubuntu/
<^slacker^> airtonix: but I would use cfdisk instead of fdisk. fdisk always seemed too hard to me
<^slacker^> airtonix: good luck
<CantWinn> Just wondering if I may get some information
<CantWinn> << sorry about Cloud service
<CantWinn> What I am looking for is a solution similar to DropBox.com. I have a company where there are many employees that need to share information back and forth and be able to access it from many locations. I am a fan of Ubuntu and wanted to know what might be the best "cloud" solution that it offers.
<CrazyGir> RoyK: yea, adding anything to a puppet management stack is wonderful
<CrazyGir> my dream is to have a way to deploy full racks at a time
<CrazyGir> in hours, not days
<CrazyGir> or weeks
<CrazyGir> redeploying for security/upgrades/etc
<CrazyGir> it would all be a breeze :D
<mgw> is there a way to bootstrap an existing vm into cobbler/juju?
<mgw> rather than doing a fresh install for every system?
<i3luefire> why doesnt my ssh privatekey work. im using ubuntu server 11.10 on the host side and windows 7 / putty on the client side
<Pici> i3luefire: putty requires the keys to be in a special format before it can use them.
<i3luefire> i used puttygen
<i3luefire> should i not have used puttygen?
<Pici> No, thats fine
<RandomCake> Hi, I've just setup Ubuntu Server on a small server, and it's main NIC is a Wifi dongle, I couldn't get it to connect on the command line, but managed with Network Manager in Xubuntu Desktop, is there any way to get the configuration for the Wifi to work without the GUI?
<filo1234> RandomCake: iwconfig or ifconfig lists your wifi card?
<RandomCake> yeah, I can scan and see my network as well
<filo1234> do you have wpa password?
<RoyK> CrazyGir: what sort of OSes do you manage?
<RandomCake> yes filo1234
<filo1234> RandomCake: ok do you have installed wpasupplicant?
<mcsteve> I think I've got a bug here, my server never unmounts /var on shutdown, saying it is busy
<RandomCake> yes filo1234, in case it's relivant, I'm running 11.10
<filo1234> RandomCake: ok look this http://paste.ubuntu.com/727699/ make a file called wpa.conf and configure it with your ssid and password
<mcsteve> I've edited /etc/init.d/umountfs to run lsof and dump the output to a file before unmounting, and nothing is listed in the output for /var
<filo1234> RandomCake: your wifi card is wlan0 or something else?
<RandomCake> wlan0
<filo1234> RandomCake: ok after you configured wpa.conf try :
<filo1234> sudo wpa_supplicant -Dwext -iwlan0 -c /path_where/is/wpa.conf -B
<filo1234> and look by sudo iwconfig if it is associated with your AP/router
<filo1234> after if you use dhcp type sudo dhclient wlan0
<RandomCake> okay, I'm going to have to brb to do this, I'm currently connected to the server via SSH, luckily it's just upstairs :)
<filo1234> RandomCake: ok btw if you use static ip, you need to set interface by hand with ifconfig
<filo1234> and resolv.conf too
<RandomCake> it's DHCP at the moment, but will be static when the server is finished being setup
<i3luefire> it keeps saying server refused our key
<RandomCake> filo1234: I get ioctl[SICSIWENCODEEXT]: Invalid argument, twice when I run the wpa_supplicant command
<filo1234> wpa_supplicant -Dwext -iwlan0 -c /path_where/is/wpa.conf -B  do you have typed this right?
<i3luefire> Pici: do you have any ideas on why i keep getting that error "server refused our key"?
<filo1234> RandomCake: and do you have modified correctly wpa.conf?
<filo1234> RandomCake: are you sure that have wpa password or wep??
<RandomCake> WPA/WPA2 Personal, using AES encyption
<filo1234> uhm AES gets problem, you have to look man iwconfig for change encrypt on wpa.conf
<filo1234> that file reports wpa-psk
<filo1234> RandomCake: run wpa_supplicant command with -dd too for verbosity mode, may help you for debug
<RandomCake> would TKIP be better? I may be able to just change it on the router
<filo1234> nope but some linux driver gets problems with AES
<filo1234> RandomCake: you need to try..
<RandomCake> okay, looks like this cheap router from the ISP doesn't let me configure it anyway...
<filo1234> RandomCake: man wpa_supplicant help you
<filo1234> sorry but now I cannot make tests
<RandomCake> I think the problem is that I have a WPA password that is ASCII, and I should be saving the HEX version, is it just a simple case of converting the ASCII to HEX?
<i3luefire> nvm. i got it
<i3luefire> home dir is lvm so keyfile cant be in home
#ubuntu-server 2011-11-04
<RandomCake> sick of wireless, I'm just going to buy a pair of these "Belkin 1GBPS Powerline 2 Networking Adapters", even with the Wifi connected using connection manager, it drops loads, okay, maybe if I get another dongle it'll be okay, but I can't be bothered with the messing around anymore :) and 1GBPS is a lot better anyway :P
<twb> RandomCake: network-manager is evil
<RandomCake> yup twb, I'm sure it'll all be much better when I can get on the network without the thing :)
<RandomCake> anyway, it's late, thanks for the help, night!
<twb> http://paste.debian.net/142520/
<twb> RandomCake: ^^
<RandomCake> I'll have a go tomorrow twb, thanks :) hopefully I'll have some luck!
<mgw> anybody here with experience with cobbler and images?
<twb> !anybody
<ubottu> A high percentage of the first questions asked in this channel start with "Does anyone/anybody..." Why not ask your next question (the real one) and find out? See also !details, !gq, and !poll.
<ninjix> twb: what's up?
<twb> ninjix: NFI
<ninjix> ;)
<jetole> Does anyone know a good application to monitor response time for pages on web servers
<jetole> ?
<twb> curl
<jetole> twb: I was thinking something more along the lines to monitor them constantly and create graphs and all that
<PandorBox> jetole: serverdensity.com pingdom.com etc.
<jetole> PandorBox: thanks but looking for something I can run myself since I want to monitor individual web servers and not the load balancer
<PandorBox> (also, serverdensity is giving out t-shirts & USB men for free at the moment, lol)
<twb> "USB men" ?
<twb> Reminds me of that guy in #emacs who wrote an elisp interface for his vibrator
<jetole> yeah I was wondering about that too. Just figured it was like a girls blow up doll that plugs into the usb port on their computer
<PandorBox> jetole: http://luneta.sourceforge.net/
<jetole> lol @ #emacs
<jetole> PandorBox: neat
<jetole> PandorBox: what language is that?
<PandorBox> twb: http://i.imgur.com/BLiEj.jpg - pull his head off and he turns into a 1gb flash disk
<PandorBox> jetole: PHP
<PandorBox> (I only suggested it because it came up on freshmeat the other day)
<twb> PHP must die
<jetole> no I mean what spoken language is that? Mexican?
<twb> jetole: hahaha
<twb> jetole: .mx speaks es, silly
<jetole> :)
<jetole> kidding aside though I can't read/write/speak/understand spanish
<PandorBox> jetole: a friend is working on something related at the moment - http://python-log-probe.readthedocs.org/en/latest/screenshots.html#
<jetole> with the exception of common swearing
<twb> jetole: it's either es or pt
<jetole> wtf is pt?
<twb> Looks like pt to me
<twb> Portguese
<jetole> oh
<jetole> same thing to me
<twb> They're very similar -- probably more similar than English and German
<jetole> I understand spanish and portguese as well as chinese, russian, aramaic, etc
<PandorBox> 0.o you understand aramaic?
<twb> ITYM Mandarin
<jetole> PandorBox: I understand aramaic as well as I understand chinese and russian, yes
<thesheff17> so I'm trying to install off this ppa https://launchpad.net/%7Emarceloshima/+archive/ifolder and I get file not found w/ apt-get update off the mirror....I'm running lucid....any ideas?
<PandorBox> Ik hou van polyglotten?
<twb> bokmal?
<jetole> actually I think chinese is very similar to english. I get stuff made in china all the time and it all says "made in china" which seems very similar to how we would say manufactured in china in english
<PandorBox> twb: dutch
<twb> jetole: I think that's enough whiskey for you
<twb> I suck at northern europe
<jetole> twb: I'll take that under advisement but mr. Crown Royal is making a very compelling argument
<PandorBox> twb: I'm doing Rosetta Stone Dutch course to help a friend out
<jetole> so I'm thinking in regards to my original question about monitoring http latency, smokeping maybe?
<twb> PandorBox: is that some Ubuntu thing?
<PandorBox> </offtopic>
<twb> PandorBox: I asked because lp has some translation thing called rosetta IIRC
<jetole> anyone have any thoughts on smokeping to monitor http latency?
<jetole> speaking of rosetta yeah my dad bought a learn mexican rosetta package
<jetole> CD's and guides and all that bunched into a package
 * PandorBox hasn't used smokeping
<jetole> from what I am reading it can create graphs from curl output and I vaguely remember someone once telling me to use curl for this
<PandorBox> IMO httping would be a better tool for the job
 * jetole checks it out
<jetole> btw, I got my nagios plugin published today :D http://exchange.nagios.org/directory/Plugins/Databases/SQLServer/MSSQL-Job-History/details
<PandorBox> jetole: ... why not just use nagios then?
<jetole> PandorBox: I want to measure response times so I can see when servers are slow to respond etc
<PandorBox> if you're open to generating the data yourself and already have a nagios install - httping or siege
<jetole> the movie with denzel washington and bruce willis?
<jetole> oh wait that's The Siege
 * jetole googles siege 
<jetole> though I probably dont want to generate it myself
<jetole> if smokeping can do it then good enough I guess
<PandorBox> :)
<Error404NotFound> I have a setup which involves 1 frontend apache proxy with 5 backend apache servers that actually hold the applications. Clients have FTP servers on the backend servers and have been connecting directly to those till now. I am looking for a ftp proxy solution so that i can route each client to proper backend while putting all backend servers in DMZ and clients only connecting to frontend apache box.
<uvirtbot> New bug: #885998 in facter (main) "facter upgrade crashes puppet" [Undecided,New] https://launchpad.net/bugs/885998
<Error404NotFound> I have a setup which involves 1 frontend apache proxy with 5 backend apache servers that actually hold the applications. Clients have FTP servers on the backend servers and have been connecting directly to those till now. I am looking for a ftp proxy solution so that i can route each client to proper backend while putting all backend servers in DMZ and clients only connecting to frontend
<Error404NotFound> apache box.
<runasand> I have a quick question about the Ubuntu EC2 images; when I right-click and choose connect, AWS suggests I connect with ubuntu as the username. However, when I try to spin up an Ubuntu image that I've edited, AWS suggests root as the username, even though you need to use ubuntu to connect. Is this an Ubuntu-problem or AWS-problem?
<wideball> http://extras.ubuntu.com oneiric release signatures cannot be verified because NO public KEY how to fix this issue
<airtonix> runasand: it's a aws problem with assuming one size fits all. most ubuntu ec2 images use ubuntu as the default user some bitnami images use bitnami as the default user... etc etc
<runasand> airtonix: so I guess I should talk to some aws people, thanks :)
<uvirtbot> New bug: #811422 in apache2 (main) "Exploitable integer overflow on x86 in mod SetEnvIf, leading to buffer overwrite" [Low,Incomplete] https://launchpad.net/bugs/811422
<q_a_z_steve> Is there still an alternate download for AMD64+mac ? I want to install 64bit.
<stetho> I've set up an Ubuntu box as a router between two networks. 192.168.199.0/24 is on eth0 and 192.168.111.0/24 is on eth1. I've enabled ip forwarding and I can ping between the networks. The 199 network is effectively the WAN and there's a route to 192.168.199.253 which is the gateway to the internet. My question - when I enable NAT with iptables -t nat --append POSTROUTING -o eth0 -j MASQUERADE everything dies.
<stetho> Either iptables -t nat --append POSTROUTING -o eth0 -j MASQUERADE is wrong or I'm missing a step which Google isn't helping me find.
<stetho> Can anyone point me to some instructions for doing this or suggest what I've done wrong?
<xranby> stetho: which guide are you following?
<stetho> Loads. There's 5 in the ubuntu forums alone, blog posts, server fault, howtoforge. They're all pretty much the same - the only thing about them is they deal with routing to an ISP (so eth0 is external in the proper sense of the word - in my set up it's still a private network).
<uvirtbot> New bug: #886048 in samba (main) "âcheck password scriptâ option does not reliably pass parameters" [Undecided,New] https://launchpad.net/bugs/886048
<virus-work> morning all
<SilfenX> I got some zombies showing up when I boot server - using the ps command, how can I tell which particular program/service/whatever is causing those zombies ?
<ikonia> SilfenX: lets have a look at them
<ikonia> SilfenX: look at the parent pid too
<SilfenX>  PID TTY      STAT   TIME COMMAND
<SilfenX>     1 ?        Ss     0:00 /sbin/init
<ikonia> SilfenX: are you saying init is zombied ?
<ikonia> or the parent
<onre> https://bugs.launchpad.net/ubuntu/+source/libxml2/+bug/147144    quite weird that i can reproduce this on 10.04 lts with latest updates.
<uvirtbot> Launchpad bug 147144 in libxml2 "xslt:copy element is broken in 2.6.29" [Medium,Fix released]
<onre> given that i'm running 10.04 lts, what practical options do i have for up- or downgrading that package to try out another version to see if the bug doesn't happen with those?
<hidensoft> how i can redirect http://domain.com:8888 to httpS://domain.com:8888 automatically ?
<lotia> greetings all. which release was the first one to support lvm snapshots?
<lotia> sorry snapshot merging
<hidensoft> no idea ?
<filo1234> hi
<gochilla> hi, i am running sybase ASE using ubuntu. i am trying to get pam authentication going ... anyone here, who did this before?
<gochilla> i have a prob when running the ase process as non-root user, then pam gives me problems, specifically the error  pam_unix(ase:auth): unix_chkpwd waitpid returned -1: No child processes
<ball> Does Ubuntu Server run reasonably well on an HP Microserver?
<ersi> ball: after searching for a few HP microserver modells.. I don't see why it wouldn't
<bau-> hi all, how can I install a base gnome for my ubuntu 10.04 server?
<ball> ersi: Thanks
<dork> i upgraded from 8.04 to 10.04 now grub fails saying ALERT! /dev/md1 doesn't exist
<ersi> ball: No guarantees though :)
<dork> trying to troubleshoot it now but not getting very far, any help would be appreciated
<ninjix> dork: I recall something like that happening to me
<ninjix> trying to remember how I got past it
<ninjix> you're trying to boot from a mdadm mirror, correct?
<dork> right
<dork> i did a dist upgrade from ubuntu 8.04 to 10.04
<dork> and it fails booting saying alert /dev/md1 not found
<ninjix> did you try using a live Ubuntu disk, apt-get install mdadm then mount the array and chroot in to make sure that your ramdisk has the modules?
<dork> ninjix: that's what i' trying to do now but i'm having probles with the chroot environment
<ninjix> ok, what are you chroot env issues?
<dork> ninjix: right now i need to recreate and mount it
<ninjix> recreate? the chroot or the array?
<dork> the array, chcking fstab to see which is which
<dork> i've got md1 assebled and mounted to /tmp/root
<dork> but this looks like the boot part
<dork> has the kernel/grub dir etc inside of it
<ninjix> yes, that's the boot
<ninjix> what other md do you see in /dev/mapper
<dork> ninjix: ive got it all set up now
<ninjix> nice
<dork> it wsa using the mdadm.conf from the live cd i had to get the uuid's via blkid
<dork> ok
<dork> so i've got it mounted
<dork> gonna chroot up now
<dork> ok chrooted up
<ninjix> are you familiar with mounting the proc, sys and devpts?
<dork> i did it on gentoo once
<dork> lol
<dork> sudo mount -o bind /proc /var/chroot/proc
<dork> ?
<ttx> Daviey: I heard you planned to sell your charms but I'm not 100% sure how to interpret that.
<dork> ninjix: ?
<SilfenX> I have a zombie process - how can I find out which program/service is causing it? I have run 'ps -1' but it only lists a bunch of numbers, not the actaul name of the program/service ...
<bau-> hi all, I have Mobility Radeon HD 5000 Series video card, since hd output doesn't work, is there a driver to install? (vga works)
<ninjix> dork: hi, I'm back
<ninjix> accidentally over-taxed my workstation's IO
<ninjix> dork: did you get the chroot mounts setup?
<ninjix> I was going to recommend you do: (chroot) sudo mount -t proc proc /proc; sudo mount -t sysfs sys /sys; sudo mount -t devpts devpts /dev/pts
<dork> please can anyone help me?
<dork> ninjix: i'm chrooted in
<dork> ninjix: though i tried to install grub2 this time and i think i made things wors
<dork> ninjix: but i'm chrooted into it now
<dork> with /prov /dev mounted
<ninjix> you're moving out of my scope of experience. I haven't every tried upgrading grub >> grub2 in chroot
<dork> well it's a chroot environment
<dork> should be the sae right
<dork> so what can i do here any suggestions?
<ninjix> what is in the /etc/initramfs-tools/modules file?
<ninjix> also, I recommend making a backup of your /root and /boot
<dork> all comments
<dork> i have a backup
<dork> there are only comments in the modules file
<ninjix> ok
<SilfenX> I have a zombie process - how can I find out which program/service is causing it? I have run 'ps -1' but it only lists a bunch of numbers, not the actaul name of the program/service ...
<mgw> any orchestra/juju gurus here today?
<ninjix> you want to add some mdadm modules :)
<ninjix> raid0 raid10 raid456 multipath raid1 md-mod linear
<ninjix> each get their own line
<ninjix> then you want to do: sudo update-initramfs -k all -u
<dork> ok
<dork> updating
<dork> why did it remove those modules
<mndo> hi! is it possible to, using orchestra, manage older ubuntu versions?
<mgw> how old?
<mndo> mgw, lucid (latest lts)
<mgw> I believe so, using backports
<dork> that didn't work
<EvilResistance> assuming orchestra is in the backports for LTS, mgw
<mgw> I think it is...
<dork> ninjix: that didn't work, could grub2 be causing issues now?
<mndo> i a have a couple of lucid servers, but i am not able to find the ubuntu-orchestra-client package for them
<mgw> but maybe i'm wrong :-)
<ninjix> dork: did the initramfs complete successfully?
<EvilResistance> mgw, fwiw, not much is actually *in* the backports.
<EvilResistance> they dont backport everything, iirc
<dork> ninjix: yes
<dork> ninjix: though the error is different now
<ninjix> that should have worked if grub behaving
<mndo> mgw, lucid-backports has no package with orchestra :|
<dork> ninjix: now it says it can't find a dev w/ a uuid address on it as opposed to /dev/md1
<mgw> ok, it's not backports mndo
<mgw> it's ppa
<mgw> https://launchpad.net/~orchestra/+archive/ppa
<RoyK> fysics: wpa.conf? I thought most of that stuff was done in /etc/network/interfaces ...
<ninjix> dork: that sounds like grub2 is almost configured correctly
<mgw> but no idea how or if it works
<mgw> I"m having plenty of fun on oneiric
<ninjix> dork: if you setup your chroot again, you can use blkid /dev/mapper/md0 to get the UUID
<mgw> smoser, roaksoax â either of you here?
<dork> ninjix: setting it up again now will have the uuid in 1m
<ninjix> my grub2 skills are survival level at best
<dork> ninjix: i'm assembling the md0 and md1 based on the output of blkid
<dork> that's right right?
<dork> it assembles/mounts find
<dork> fine
<ninjix> that sounds promising
<dork> ok chrooted back in
<dork> ninjix: i don't miond going back to grub1 just to get this box back online
<dork> this is impacting mail and dns
<ninjix> that might be the quickest route for a return to service
<dork> blkid /dev/mapper/md0
<mndo> ppa:orchestra/ppa? has only to packages for lucid and it does not even build :(
<dork> show no results
<mndo> *only two packages
<ninjix> then you can compare your backup of /boot and get your server right side up :)
<dork> ninjix: ok im in now, blkid /dev/mapper/md0 shows nothing
<dork> ninjix: just delete grub2 froi the chroot?
<ninjix> I'd try apt-get remove
<dork> ninjix: i removed it but grub fails and it shows a uuid/gpt based address still
<dork> and not /dev/md1 etc
<dork> like it's supposed to
<dork> even though i removed grub2
<ninjix> did you run update-grub after uninstalling grub2?
<dork> no
<ninjix> dork: here's a link to a tool that saved my bacon once
<ninjix> http://www.howopensource.com/2011/08/reinstall-recover-grub-from-ubuntu-live-cd-usb/
<ninjix> it's a grub2 tool, though
<dork> yah
<dork> i have no cd's and no usb drives on me
<dork> and im in the iddle of the largest data center in the world
<ninjix> heh
<dork> but i will have a look
<ninjix> is this a physical box or a virt?
<ninjix> did update-grub run successfully from chroot?
<ninjix> you should see the old grub1 /boot/menu.lst date modified change
<dork> yeah
<dork> it changed
<dork> nothing failed from upgrade-grub
<ninjix> peek inside it and make sure it looks sane
<dork> there is no upgrade-grub actually
<ninjix> open this link
<ninjix> http://rominux.blogspot.com/2009/11/tutorial-reinstall-grub-1-and-grub-2-on.html
<ninjix> try those GRUB1 commands
<dork> those grub commands would break my stuff if that addressing is wrong...
<ninjix> yup
<dork> ...
<dork> ok so how do i make grub look for md1 instead of those uuids
<dork> because obviously that is wrong
<ninjix> I don't recall grub1 using UUID, I think that is a grub2 feature. Can some other ops admin confirm?
<ninjix> that's why I suspect you still have grub2 in the MBR
<dork> ok so how do i fix that
<ninjix> reinstall/setup grub1
<dork> im a little bit worried because of this
<dork> Checking if "/boot/grub/stage1" exists... no
<dork> it sees it in /boot/grub/stage1
<ninjix> might want to try asking over int #debian
<ninjix> might be a sys ops with more experience with restoring grub1
<ninjix> I know you're in an outage state right now so I don't want to give you poor advice on how to proceed
<dork> the people in #debian chastise people for asking for ubuntu help
<dork> and for asking about everything else
<dork> this is insanity.
<dork> i can't believe an upgrade fucked me this bad
<ninjix> should be more current experience with backing out of grub2 back to grub1 since grub2 only became the Debian default recently with Squeeze
<dork> i've got it back to doing exactly what it was doing before
<ninjix> which is?
<dork> can't find md1 insted of that uuid address
<ninjix> dork: previously you stated that you couldn't find update-grub in the chroot
<dork> right
<ninjix> maybe you need to chroot again and apt-get uninsta/reinstall grub
<dork> i did
<dork> that package doesn't come with it
<dork> Checking if "/boot/grub/stage1" exists... no
<dork> Checking if "/boot/grub/stage1" exists... no
<dork> oops
<ninjix> then perhaps grub2 is your path
<ninjix> scroll down about halfway on this page: http://www.howtoforge.com/how-to-set-up-software-raid1-on-a-running-system-incl-grub2-configuration-ubuntu-10.04-p2
<ninjix> it has some instructions that might help you
<dork> you don't really know eh?
<ninjix> :( I'm at my limit of knowledge of this
<yasmani> Hello guys, I'm using a PPTP VPN as a client, I want my external ip address (public one, ppp endpoint) to accept connections on port 80 and redirect it to my machine (internal ip), I've done this in the past but somehow it doesn't work now, any of you have a clue on what iptables rules I should put in? Thanks
<dork> this sucks
<ninjix> dork: have you tried anything new?
<dork> ninjix: people in grub are saying grub 1.98 is broken
<dork> and to upgrade to oneiric's 1.99
<dork> i tried grabbing the .debs from the ubuntu repositories
<dork> but there were a bunch of dependency issues
<ninjix> yeah I can imagine
<dork> kind of screwed and my boss is pissed
<ninjix> what about going gub2
<dork> i did that before, when i first ran into it
<dork> that's why i had grub2 on there
<dork> and grub2 failed
<dork> so i don't know what to do heh
<dork> and thep eople in #grub are idle
<ninjix> hmm... well you could start your  services in the chroot and then take some time to research how to fix the boot loader
<ninjix> let you limp along until later this weekend
<dork> ninjix: i didn't think about that
<dork> ninjix: i wish i considedred starting these services in the chroot a long time ago
<ninjix> did you get your mail and dns services running in the chroot?
<ninjix> dork: any luck?
<dork> ninjix: still doing upgrades
<ghexsel> does anyone have a tutorial or page explaining how to install an 11.10 cloud client without PXE? I wanted to get a demo going but I don't have access to the DHCP server
<qman__> ghexsel, if you're talking about orchestra, the ubuntu server CD has it as a boot option
<shade34321> At my job we have a webserver running ubuntu server. Now we want to create a back up web server to help us keep constant up time and to back up our information just in case something happens. If I were to use clonezilla for instance and clone the server to another drive and then change the network config to broadcast a new IP would that cause any problems, not sure if the actual host name is used anywhere since it's diffe
<shade34321> rent host names, or is there an easier option for that. Also would a simple rsync cron job be the best option to make sure the data on both stay the same, we use trac so only one folder ever gets changed really, or is there a better option for that
<qman__> rsync is good for files
<qman__> you'd have to change the hostname on the copy
<qman__> I don't know anything about trac, but if it uses a database, you'd be better off linking the database servers in some way than trying to use rsync for it
<dork> can anyone help me get grub working again? doing an upgrade from 8.04 to 10.04 has ruined my grub setup and now i can't get it working. i can chroot into the environment fine just can't get grub working
<ghexsel> it never connects... we got some hardware and creaated a subnet
<shade34321> qman__ : sorry I walked away. Trac does use a database, SQLite I believe but don't take my word on it. What do you mean by linking the database servers? Also where is the hostname located at?
<qman__> yuck, sqlite
<qman__> the hostname is in /etc/hostname and /etc/hosts
<qman__> it must be updated accordingly with the new settings
<shade34321> ok...thanks
<qman__> my recommendation is, if at all possible, you should upgrade to a real database server and not use sqlite
<shade34321> i was looking for that file but couldn't find it. Also trac can use other databases but it's built to work with one primarily and it's really easy to set up with it
<qman__> but I don't know if you can/how you would, as I don't know anything about trac
<qman__> anyway, the idea here is
<shade34321> understandable. I will look into more. I know it can use MySQL so I may try and switch it over or something
<qman__> you upgrade to a real database server, on both servers, then link the two together
<qman__> so that both servers always have the current database
<shade34321> so it's two seperate database servers "sharing" a database
<qman__> yes, updating each other in almost real-time
<shade34321> interesting...i will look into that then:)
<qman__> mysql can't go both directions
<qman__> it can only have a master and slave
<qman__> but other servers may be able to
<shade34321> well it would only need to be master slave
<shade34321> only reason we are doing this is primarily just in case of hardware failure or power outage
<qman__> then a mysql master/slave should work fine
<shade34321> pretty much nothing will be done with the back up server b/c theoritically the master server should be up and functional again
<shade34321> k...thank you
<qman__> you can take the slave server, change one setting in the configuration, reload mysql, and it's now the master
<qman__> if you script it, it'd be about a three second failover process
<qman__> the slave server has the caveat that it's read-only
<qman__> so to be fully functional you have to 'flip the switch', as it were
<qman__> but you'd be up to date, no lag
<shade34321> ok...I just looked it up and it is SQLite but trac also supports PostgreSQL and MySQL
<qman__> I don't know if postgresql offers a better solution here or not
<qman__> I only know mysql fairly well, but I also know that it's really lacking compared to others in most serious DBMS areas
<shade34321> Ok. I'll do some research and decided what to do later
<shade34321> i also have a friend that was a MySQL developer so I'll ask him for his opinion when he is available
<FreezingCold> Hey, stupid question: I want to be able to give somebody a ftp link so they can view it in their browsers, but with my shared hosting they have to log in as "anonymous@mydomain.com", not just "anonymous" like most browsers send.  What link can I give them to send the username?
<rich_> is vmbuilder still maintained?
<guntbert> rich_: I do hope so - is there reason for doubt?
<guntbert> rich_: soory, I misread - fwbuilder - no idea about your question
<rweait1> Hi, I'm running 10.04 and have what looks like hardware trouble from a new raid array.  one drive throws errors every few days; then the array goes Read-only.  warm boot won't fix it.  Cold boot does.  It's a remote box.  ...
<rweait1> ... I have a firmware update for the drives, and have applied it to two of the three drives in the raid array. The third drive does not appear in /dev
<rweait1> Can you suggest a way to get that drive back, and apply the firmware update?  Without suggesting reboot - warmboot has failed previously.
<qman__> there really isn't any way
<qman__> if it's not there, it's not there
<qman__> check dmesg to get more detail
<rweait1> qman__ won't come back until BIOS tries to find it?
<qman__> you can hot plug sata, and the kernel will rescan if it detects a hotplug event
<qman__> but again, that's hardware level
<qman__> you can probably initiate a rescan but it won't be there if the hardware doesn't see it
<qman__> hardware issues really need to be sorted out before the box goes remote
<rich_> guntbert most people don't. I think vmbuilder used to be the preferred way for a lot of people to build virts.  using something called jeos, but it's hard to find any recent activity on the project or recent docs.
<guntbert> rich_: I see ...
<rweait1> qman__: +1 for intermittent hardware problems being sorted out before a box goes remote. :-)
<dork> alright
<dork> last stab here
<dork> i upgraded from 8.04 to 10.04
<dork> after that, apparently the kernel couldn't map out my software raid /boot and / partitions
<dork> so it starts to boot the file system etc but it fails trying to mount
<dork> any ideas on how i can resolve this i've been working on this for 12 hours
<RoyK> grub1-2 migration is buggy as hell
<RoyK> dork: try to boot on an install cd with grub2, such as lucid, and reinstall grub on the disks in question
#ubuntu-server 2011-11-05
<Andrewx> Hello.
<Andrewx> I'm trying to upgrade my install of 11.04 to 11.10
<Andrewx> I got the GUI for upgrade and cancelled on accident.
<Andrewx> How can I resume the GUI for upgrade>
<Andrewx> ?
<pangolin> just start over, any debs already downloaded will be skipped
<pangolin> if you cancelled during the install process you may be up a creek and will need to do a clean install.
<dork> hi i've been troubleshooting a problem on an ubuntu system for 15 hours, i have exhausted all ubuntu channels i can think of, so i'm going to try here. i did a distro upgrade that resulted in init not being able to put my software raid together, i can chroot to the environment, i have tried reinstalling legacy grub and reinstalling grub2 multiple times, i just can not get it. would anyone in here please help me trubleshoot this so i can go home?
<Yompa> Side question: how safe are these upgrades? I tend to believe in backup complete reinstall and selective restore.
<dork> Yompa: i've spent 15 hours so far because of an upgrade
<dork> and im still down
<Yompa> dork, I wish you good luck and the best!
<dork> thanks
<virusuy> dork: can you mount your devices ?
<virusuy> i mean, your HD's
<virusuy> ?
<dork> i can assemble the raid and mount the raids
<dork> through busybox and and a chrooted environment
<virusuy> but when servers boot said that cannot find your raid , right ?
<dork> t said this
<dork> http://www.froward.org/~mike/screen.jpg
<dork> http://pastebin.com/Mwn9fAHT <--grub config and raid info
<dork> so it seems it's just not able to assemble the raid
<virusuy> did you tried to boot an older kernel ?
<dork> in busybox i can assemble it by hand
<dork> virusuy: yes and that did not work
<virusuy> dork: uhmm
<virusuy> no idea man, good luck
<dork> anyone else?
<virusuy> and the best
<dork> virusuy: thanks
<Yompa> I'm about to build a 1 + 0, nothing that complicated though. Sorry.
<mateolargo> i'm (trying to) manage a PPA for our company and have hit a bit of a snag
<EvilResistance> how so
<mateolargo> after rebuilding several packages and regenerating my Release files (sorry, i'm probably butchering the terminology here) i'm getting a dependency error when trying to install one of our packages
<mateolargo> nginx-custom : Depends: nginx-full (= 1.0.6-2) but it is not going to be installed
<mateolargo> E: Unable to correct problems, you have held broken packages.
<EvilResistance> FYI dont paste to here
<virusuy> dork: Raid 1 ?
<EvilResistance> mateolargo:  why are you generating a custom nginx package?
<mateolargo> EvilResistance: we needed to included several modules that weren't in the default packages
<virusuy> dork: if you have a RAID 1 array, you can desassemble and try to boot from 1 HD instead of array
<EvilResistance> mateolargo:  can I /query you for a sec?
<mateolargo> sure
<dork> virusuy: i was going to do that as a last measure
<dork> virusuy: i might as well though i'll have to come back tomorrow anyways
<virusuy> dork: if you can boot from 1 HD, then you should resync that array
<dork> virusuy: im just not sure how to approach it
<virusuy> desassemble that array ?
<dork> yeah
<virusuy> disassemble*
<virusuy> uhmm that depends on your RAID controller
<dork> it's software
<dork> just trying to figure out the arguments
<dork> so i don't destroy it
<virusuy> if you can assemble that array in somewhere else, then backup as much you can
<dork> what?
<virusuy> i mean
<dork> i mean boot one disk
<dork> i've got everything backed up
<virusuy> oh , ok
<dork> i got it
<dork> i'm pretty sure
<virusuy> dork: really ? :-)
<dork> yeah
<dork> it's finishing the fsck now
<dork> but i got it to boot
<virusuy> dork: nice! did you boot from 1 HD ?
<virusuy> or did something else?
<dork> i basically rescanned for raid arrays and rewrote a new mdadm.conf, the syntax is different, remade init and installed it, it's booting now.
<virusuy> dork: nice :-D
<dork> took me 16 hours to figure it out
<dork> i'll take nice but i should probably go shoot myself
<uvirtbot> New bug: #886423 in php5 (main) "Can't install php5-mysql in Ubuntu 11.10 due to unmet dependencies" [Undecided,New] https://launchpad.net/bugs/886423
<arrrghhh> hello all.  trying to find a script that will go thru a folder and expand any compressed .RAR files
<arrrghhh> http://code.google.com/p/torrentexpander/
<arrrghhh> seemed to be the answer, and then some
<arrrghhh> but perhaps it's too powerful for my needs - i can't seem to get it to do this simple task.  has anyone ever used it?
<uvirtbot> New bug: #886426 in net-snmp (main) "snmpd init status script doesn't check $SNMPDRUN or $SNMPDRUN" [Undecided,New] https://launchpad.net/bugs/886426
<virusuy> arrrghhh: all your files are in the same folder ?
<arrrghhh> virusuy, no
<arrrghhh> well
<arrrghhh> let me rephrase
<arrrghhh> everything is in one folder
<arrrghhh> but there's a high potential that there are RAR's within sub-folders that will need extracting
<arrrghhh> but i do have a 'central point' where all the files in question are going.
<m_tadeu> hi...where can I find the php logs?
<arrrghhh> m_tadeu, tail -f /var/log/apache/php.errors?
<arrrghhh> alternatively, look in your php.ini file
<m_tadeu> arrrghhh: doesn't exist
<m_tadeu> arrrghhh: I'll check
<arrrghhh> virusuy, have you ever used that script?
<arrrghhh> it seems really powerful
<arrrghhh> but it might be serious overkill
<virusuy> arrrghhh: no at all, and yes, seems powerful
<arrrghhh> i was thinking about looking at its grooming abilites
<arrrghhh> abilities*
<arrrghhh> but i'm trying to start simple, just want the unrar ability
<arrrghhh> and i can't seem to manage that :/
<virusuy> arrrghhh: you also can study what does and create your own script
<arrrghhh> or "just that" i should say.
<arrrghhh> virusuy, i looked at the bash.  it's quite complex.
<virusuy> unrar is ease,
<virusuy> unrar -h for help,
<arrrghhh> i think i can just do the unrar part pretty easily on my own.
<arrrghhh> yea
<arooni-mobile> im trying to ssh into a linux server.  i did ssh -v root@ipaddress... and i'm seeing: "debug1: Connecting to IP [IP] port 22. then debug1: connect to address IPADDRESS port 22: Connection refused"  ... but nothing else.  is there any other reason why the server isnt letting me ssh?  is it because its the wrong port (doing new setup on a new server)
<virusuy> the hardest part is moving between folders and sub-folders
<arrrghhh> yea
<arrrghhh> arooni-mobile, is the far end open?  are you on a LAN?
<virusuy> arooni-mobile: with wich user are you trying to log in ?
<arrrghhh> looks like root
<arrrghhh> which might be the problem as well
<arooni-mobile> virusuy, root
<arrrghhh> you can't ssh to root
<virusuy> arooni-mobile: in some configs root login is disabled by default
<arooni-mobile> ok i didnt get a user data
<arooni-mobile> user name
<virusuy> oops
<virusuy> :-)
<virusuy> can you configure sshd_config on the server ?
<virusuy> i mean, can you acces in other way than ssh ?
<arooni-mobile> i dont know; this is a new client; and have to figure out leasewebs interface
<virusuy> so, you're not using ssh in LAN, right ?
<arooni-mobile> i mean the server is somewhere in the netherlands
<arooni-mobile>  the gateway is provided; but i wouldnt need that to connect i think
<virusuy> uhmm could be
<arooni-mobile> i havent heard of using a gateway to connect to via ssh
<virusuy> is not common
<arooni-mobile> i just hate it when i have to open a damn ticket just to login
<virusuy> but , that gateway can allow or deny connections through port 22
<arooni-mobile> so should i try to connect other than ssh root@ip
<virusuy> but why dont you test connect through that gateway before open a new ticket ?
<arooni-mobile> honestly i didnt know that much about gateways;  i thought it was only for when i have a home router
<virusuy> root shouldn't be allowed through ssh, but, who knows every sysadmin/company is a different world :-)
<virusuy> arooni-mobile: let me find a how to, cos you can configure ssh to use a gateway in some hosts
<virusuy> how-to *
<virusuy> let me rephrase
<virusuy> you can configure your ssh-client to use a gateway
<virusuy> oh, can you test this command ?
<m_tadeu> I'm unable to get logs from php...I tryed setting error_log to a file, and now to syslog....nothing comes out
<virusuy> ssh -w host:port gateway
<virusuy> ssh -W username@host:port gateway
<kevcox> We are starting to use Linux Servers (Ubuntu) more and more for small business solutions.  As we get more I would like to start a standard in managing these servers.  What does everyone feel is the best process for updating the servers that provide a certain role like Samba or Postfix.  Do download all updates or just security updates, etc.?
<kevcox> So far we've been installing all updates (apt-get upgrade).
<kevcox> From time to time I've noticed the apps change and sometimes require .conf file updates that can cause issues if we are not prepared for what can be altered.
<twb> kevcox: it's nontrivial to select only security updates
<kevcox> So you don't rely on the improvements of the apps that are isntalled?
<twb> kevcox: if you have a bunch of servers, like say five app servers, you can designate one of them a staging server and pull updates to it first
<kevcox> Just assume if it works then there is no need?
<twb> kevcox: well, suppose you have lucid, lucid-security and lucid-updates in your sources.list
<twb> kevcox: you can't easily say to apt "please apply updates only from lucid-security"
<twb> kevcox: however, -updates mainly contains critical but non-security-related stuff like fixing bugs that result in data loss
<twb> kevcox: so it's a good idea to pull them in anyway.
<twb> kevcox: OTOH -backports and newer distro releases include new upstream releases, and new feaures = new bugs
<kevcox> Do you recommend for security updates to be performed on their own or manually?
<twb> kevcox: generally I make sure -security and -updates are in sources.list and then just aptitude full-upgrade from time to time.
<kevcox> So you are pulling all security and distro updates manually from time to time?
<twb> Yes
<kevcox> What about when you get an app upgrade that requires .conf migration to a new version?
<twb> Then you deal with it at the time
<virusuy> kevcox: backups .conf files first
<twb> Oh, etckeeper of course
<virusuy> :-)
<twb> But broadly speaking I will tell the users a day beforehand "I'm doing upgrades at 11AM tomorrow, there are no expected outages, but there might be if something goes wrong."
<kevcox> How about this....
<kevcox> I setup security updates to be automatic during off hours on weekends then perform app updates from time to time... Any issues with setting the standard that you can see?
<virusuy> kevcox: automatic updates? NO WAY
<kevcox> Not for critical updates only?
<twb> I have been mostly unimpressed with automated update solutions
<virusuy> kevcox: its my opinion
<kevcox> Meaning critical security updates
<twb> kevcox: how does the automated system know which ones are critical?
<virusuy> twb: indeed
<kevcox> I guess I see security updates as being critical
<virusuy> you should take care of security updates, check every update, wich aplication will update , what and which things you need to do before update
<kevcox> I guess I've failed there
<virusuy> kevcox: i mean, this isn't mandatory
<kevcox> I typically logon and see the console tells me there are updates and how many security.  I then run APT with UPDATE and then UPGRADE without a second thought.
<kevcox> No issues thus far but I want to do it the right way or best solution.
<virusuy> kevcox: yes you can do that and no worries
<virusuy> but one day, something will fail
<virusuy> and probably will be on weekend
<virusuy> at 3 am
<virusuy> :-)
<kevcox> No doubt... :/
<kevcox> :)
<virusuy> my opinion. ..
<virusuy> you just need to update your vital services
<virusuy> i mean, if you run a apache server, then subscribe to apache's security mailing list to be updated about security fixes and so.
<kevcox> Do you happen to know the command to update security only using APT?
<virusuy> and also you will know about updates, what they do and so on
<kevcox> That sounds like a good idea I need to do.
<kevcox> Just what I need more emails.. :)
<virusuy> kevcox: or tag your mails :)
<kevcox> Another Google Apps user?
<virusuy> i actually use a lot of mailing list and twitter
<virusuy> kevcox: gmail only
<lbw> hi
<lbw> i have installed ubuntu-server and using kdm and using virtualbox
<lbw> all is going fine except that there is no voice
<lbw> i have checked for alsa and pulse audio, both are installed
<lbw> how to enable audio so that i can hear sound for virtualbox
<lbw> thanks
<lbw> message says, pa_pid_file() creation failed
<lbw> when i run pulseaudio from terminal
<lbw> do i need to configure kdm to use pulseaudio or alsa ?
<greppy> is your user in the audio group?
<lbw> hmmm
<lbw> how to check that
<greppy> try the 'id' command in a terminal
<lbw> ok
<lbw> no there is no audio group
<lbw> how to add audio group
<lbw> greppy: thanks :)
<lbw> sudo adduser 'you' audio :)
<lbw> now will it work ?
<storrgie> I just had a failure event on one of my mdadm arrays, does anyone know how I can inspect the drive to see if it really was a failure?
<virusuy> storrgie: i guess you can check your raid status with mdadm --detail /device
<storrgie> cat /proc/mdstat tells me that one of the drives is a failure
<storrgie> I need to see if that drive is truly failing smart
<storrgie> or if it is just an issue where the drive was not spinning up properly
<RoyK> stgraber: smartctl
<RoyK> smartctl -t short /dev/sda
<RoyK> stgraber: smartctl -d sat -t short /dev/sda
<RoyK> ops - wrong nick - storrgie left, apparently
<dwelch> Hey guys, looking for some advice on how to setup a Ubuntu server w/ Apach to allow multiple users to host WordPress sites.
<dwelch> I already know how to setup all these (and have done so), but what I cannot figure out is how to setup permissions / users so that each user can upload files through WordPress & have FTP access, but not be able to see any of the other users directories
<RoyK> dwelch: check chrooting for ftp server
<JanC> let them upload to their home directory and use chrooted sftp/ftps access?
<RoyK> dwelch: which ftp server are you using?
<dwelch> vsftp
<JanC> RoyK: I hope he doesn't use plain FTP...  ;)
<RoyK> JanC: seems like it...
<RoyK> dwelch: then check chrooting for vsftpd, it supports it well
<dwelch> And that works well, but some of these accounts I wanted to allow ssh access to also
<JanC> dwelch: ssh/sftp can be chrooted as well
<RoyK> google for ssh/sftp chroot
<Dulcin> Hi, I currently have a server which I use as SMTP server for my website, my personal mail is done through google apps, and my domain is hosted somewhere else. Now to avoid my emails sent from my server being detected as spam, I want to set up an SPF record. Should I set this up on the server itself?
<RoyK> JanC: touchÃ©
<JanC> but another issue might be that scripts run by apache can access data outside the user's home (you might have to use a technique to chroot that too)
<dwelch> It's been a while, but I feel like I ran into WordPress-upload permission issues when I persued that route
<JanC> or at least run them as another user
<dwelch> Hmm
<JanC> dwelch: it's possible to run wordpress as the user (e.g. using FastCGI & such)
<dwelch> Yeah, I ended up using the apache module mpm_itk to prefork & run the request as the user
<dwelch> which works, but I'm worried that's a bit scary from a security stand point
<JanC> ah, yes, that MPM does the same
<JanC> dwelch: filesystem permissions have to be set right too, of course
<dwelch> Yeah, so basically what I've got now is that each user has their default umask to 770, their site served out of ~/www and mpm running the requests as those users
<JanC> dwelch: alternatively you can run multiple webservers in containers or VMs...
<dwelch> With a chrooted ssh / ftp, security should be in good shape, right?
<dwelch> Thought of that JanC, but I'm already on a pretty weak VM in a XEN environment (at linode.com)
<JanC> right, I was just going to write that it's often a security/cost trade-off  âº
<JanC> dwelch: I don't really know mpm_itk, but maybe it also allows chrooting?
<dwelch> Haha yeah, definitely a cost trade off preforking all the requests, but I wasn't sure about the security issue
<dwelch> Okay, well I guess my setup isn't that bad then
<dwelch> I was scared that someone might come swinging for me w/ that kind of setup :P
<JanC> dwelch: what I mean is that you must decide what is secure enough for you and how much money you want to (or can) spend, and balance that  âº
<dwelch> Yeah I hear ya.
<JanC> I wonder if it would be possible to use ecryptfs or encfs...
<dwelch> I've read most the formal documentation for each of these, but I'm wondering if there are any really good resources for basic server admin understanding
<Dulcin> Can an SPF record hold multiple IPs or should I create multiple SPF records
<uvirtbot> New bug: #886592 in samba (main) "package samba 2:3.5.8~dfsg-1ubuntu2.3 failed to install/upgrade: ErrorMessage: package samba is not ready for configuration  cannot configure (current status `half-installed')" [Undecided,New] https://launchpad.net/bugs/886592
<dwelch> JanC: just went and picked up a ubuntu knowledge book from the library, looking into encryptfs for my purposes
<JanC> dwelch: the problem with ecryptfs would be to handle automatic mounting in a secure way (because obviously there is no login password entered when apache forks)
<dwelch> Ah, good point
<JanC> there is an #ecryptfs channel on the OFTC IRC network BTW
<dwelch> O cool, I'll check that out
<RoyK> remember, remember the fifth of november....
<RevChas> Anyone got a minute to help with getting Postfix and SASL to play together?
<julivaljr> qual o conselho para iniciar uma instalacao ubuntu server?
#ubuntu-server 2011-11-06
<potatoe> Can you recommend a tool that will brute force a given FTP server at least 20-30 times before crashing ? preferably in under 5 minutes, it has to trigger fail2ban
<potatoe> apparently running ftp from the command line multiple times is not fast enough
<ropetin> THC Hydra?
<potatoe> I think my fail2ban is incorrectly setup, I did at least 20 logins in 2 minutes, that should of triggered it, I'll keep looking
<qman__> while true; do ftp somehost &; done
<qman__> could crash your system
<SpamapS> qman__: yes, nie fork bomb
<ropetin> Not sure it would trigger fail2ban either, depending I guess on the regex used
<Zanzacar> Hi everyone, I wanted to setup a static IP address for my home server.
<Zanzacar> http://www.howtogeek.com/howto/ubuntu/change-ubuntu-server-from-dhcp-to-a-static-ip-address/
<Zanzacar> That is the site I was following but I had a few quick questions for anyone that is willing to help.
<jasef> I'll help if I can, shoot
<Zanzacar> 1. What is the netmask I should use? 255.255.255.0 seems normal from what I have seen but was not sure.
<jasef> Use whatever netmask your home network uses. Probably 255.255.255.0,
<Zanzacar> 2. network is refering to the actual router it is connecting to?
<jasef> Are you on 192.168.x.9?
<jasef> .x.0*
<Zanzacar> 192.168.0.xx
<jasef> and no, network is the 'network address' which is the first address, which is unusable
<jasef> So for you, you want 192.168.0.0 as the network
<Zanzacar> ok so what about broadcast? and gateway?
<jasef> broadcast should be 192.168.0.255
<jasef> And gateway is the IP of your router
<jasef> Which is probably 192.168.0.1
<Zanzacar> correct
<Zanzacar> wellt hen I guess I will try out everything on that site and if it doesnt work I will have to pull out the monitor
<Zanzacar> and keyboard to reset everything haha
<jasef> Lol. It's always dangerous to try that :P
<Zanzacar> to try and setup a static IP?
<jasef> But as long as you have everything from the guide (double check for typos!) it should be fine
<Zanzacar> I wish I could just do it with my network
<jasef> No, to set new settings that can screw up your networking :P
<Zanzacar> o very true haha
<jasef> Can't your router give out DHCP reservations?
<Zanzacar> I meant router not network
<Zanzacar> I dont think so I poked around but count find anything
<Zanzacar> couldnt*
<jasef> Eh. Some router's don't do it, but that's okay. That config should work. Just make sure you have the auth eth0 line there too or it won't even try to come up
<Zanzacar> ya the router is an older linksys router with limited features.
<jasef> What IP are you trying to assign it?
<Zanzacar> well just something static
<jasef> I'd recommend something that the router's DHCP won't normally assign, so that it doesn't conflict with anything in the future.
<Zanzacar> it was at 192.168.0.14 for a long time but I was thinking about doing something higher like 68.111.168.2260
<jasef> Noooo.
<Zanzacar> ip start at .10 and go up from there
<jasef> It has to be 192.168.0.x
<jasef> Like my network is 192.168.1.0, router gives out .100+, so my server is just .2
<jasef> But it MUST match the first 3 groups of numbers (also called octets)
<Zanzacar> i see, my ip start at 68.111.168.226, so if I went with something liek .5 then it would work
<jasef> ... but... you only have one public IP.
<jasef> You have to give it an internal IP address
<jasef> Unless you've bought more from your ISP...
<jasef> And even then, you would use an internal with NAT to forward the ports, I'd assume.
<jasef> Sorry, this laptop kills channels if I accidentally lave it pointed at them
<jasef> s/lave/leave/
<Zanzacar> I had it set to 192.168.0.14, i forwarded the port so I could SSH in
<Zanzacar> i reset the router and then it reset the ip
<Zanzacar> so now it is 68.111.168.226
<jasef> Your router's external IP is that, right?
<jasef> if you type ifconfig on the command line
<Zanzacar> which is annoying because now I need to change my router setting, my auto ssh etc etc etc
<jasef> What's the IP that shows up?
<Zanzacar> 68.111.168.226
<jasef> Uhm... what... that shouldn't be possible....
<Zanzacar> why is that?
<Zanzacar> my router is 192.168.0.1
<jasef> Yes
<Zanzacar> ip start at 68.111.168.226
<jasef> Which means all computers on your network should be 192.168.0.x
<Zanzacar> the ip address on my network are
<Zanzacar> 68.111.168.226
<Zanzacar> 192.168.0.11
<jasef> Can you explain what you mean by 'ip start at 68.111.168.226' ?'
<Zanzacar> 192.168.0.12
<Zanzacar> 192.168.0.13
<Zanzacar> .14
<Zanzacar> .15
<Zanzacar> is that bad?
<Zanzacar> thats the output I get from nmap, and also ifconfig/ipconfig etc.
<jasef> It's just unusual for you to have an IP like '68.111.168.226' on a local computer
<jasef> Unless it's your router's own external address - then that's fine.
<jasef> But if your home server is connected to the router just like all the other computers, it should have a local address, unless it's dialing the PPP connection itself.
<jasef> Could you please pastebin the output of 'ifconfig' and 'netstat -rn' from the server? I'm just trying to understand what's going on here
<jasef> http://paste.ubuntu.com/ or the pastebinit package works pretty nicely
<Zanzacar> jasef: Thanks everything worked out perfectly
<Zanzacar> jasef: I got my IP setup correctly and everything
<jasef> Awesome :)
<Zanzacar> wasnt too hard and I didnt have to bust out the monitor and keyboard haha.
<Zanzacar> I am off to other things though, just wanted to pop in and say thanks.
<uvirtbot> New bug: #886757 in samba (main) "package samba 2:3.5.8~dfsg-1ubuntu2.3 failed to install/upgrade: ErrorMessage: package samba is not ready for configuration  cannot configure (current status `half-installed')" [Undecided,New] https://launchpad.net/bugs/886757
<goddard> so i go in and try and make it so i can login to my other box via ssh key which was working fine with a password before i changed the config and now all of a sudden it doesn't work i get Read from socket failed: Connection reset by peer
<goddard> even trying to connect to the local machine from the same machine results in the same error
<goddard> ssh is started
<goddard> http://serverfault.com/questions/265244/ssh-client-problem-connection-reset-by-peer
<RoyK> heh - Slackware is a free and open source Linux-based operating system. [...] The current stable version is 13.37
<uvirtbot> New bug: #886822 in samba (main) "package samba 2:3.5.8~dfsg-1ubuntu2.3 failed to install/upgrade: ErrorMessage: package samba is not ready for configuration  cannot configure (current status `half-installed')" [Undecided,New] https://launchpad.net/bugs/886822
<uvirtbot> New bug: #883813 in php5 (main) "php cronjob high cpu usage" [Undecided,New] https://launchpad.net/bugs/883813
<uvirtbot> New bug: #884163 in openldap (main) "OpenLDAP "UTF8StringNormalize()" Off-by-One Denial of Service Vulnerability" [Medium,Confirmed] https://launchpad.net/bugs/884163
<uvirtbot> New bug: #885758 in samba (main) "'ldap passwd sync = yes' and ldap password not updated" [Undecided,New] https://launchpad.net/bugs/885758
<uvirtbot> New bug: #885904 in php5 (main) "CVE-2011-1148 Use-after-free vulnerability in the substr_replace function allows context-dependent attackers to cause a denial of service" [Undecided,Invalid] https://launchpad.net/bugs/885904
<keithclark> I've installed Apache and it works fine.  I can verify with http://localhost.  I've installed mysql.  I've installed php, but when I test with a simple phpinfo.php script using http://localhost/phpinfo.php I get a download dialog box.  What am I doing wrong?
<keithclark> I am using this page as a reference:  http://blog.sudobits.com/2011/10/28/how-to-install-lamp-apache-mysql-php-on-ubuntu-11-10/
<keithclark> No worries, I figured it out.
<keithclark> Can someone please test my apache setup?  http://http://clarkhome.dyndns-home.com/
<ChmEarl> keithclark, its trying here 69.166.23.54, but port 80 is not open
<keithclark> hmmmm
<keithclark> ip address is correct
<virusuy> firewall or port forwarding ?
<keithclark> modem to router.  Port forwarded
<Yompa> Or even an ISP often block common server ports.
<keithclark> i've set it with 'Virtual Servers'.  I also have 'Port Forwarding' option as well
<keithclark> Could someone try again please?
<ChmEarl> clarkhome.com works
<keithclark> ChmEarl, so it changed from not working to working, correct?
<ChmEarl> Connecting to www.clarkhome.com|74.125.127.121|:80... connected
<keithclark> ChmEarl, that is not me
<ChmEarl> hangs: Connecting to clarkhome.dyndns-home.com|69.166.23.54|:80...
<keithclark> hmmmm
<keithclark> I have my speedtouch modem forwarding that port to my dir-615 router and the router set to port forward to my computer
<keithclark> Doesn't seem to be working.
<Yompa> keithclark, if you are on a residential ISP connection, try a different port like 8080 or 8888 forwarded to your local server port 80. Some ISPs have firewalls blocking common server ports.
<keithclark> Yompa, I'm checking on that now.  I've submitted a support ticket.
<ChmEarl> keithclark,  port 22 is closed too
<ChmEarl> or nothing listening
<keithclark> ChmEarl, I now
<keithclark> ChmEarl, how about 21?
<ChmEarl> its a total blackout
<keithclark> I would be surprised if it was my ISP.  It is a small, local company.  No limits and very liberal.  I'm thinking it is my router.
<keithclark> (talk about secure though!)
<pukeko> morning all...  i have several VMs that will be running various web-servers, i want to stick an accelerator in the mix to forward requests to certain machines based on FQL , i need some advise on what to use, is squid overkill ? how about Varnish ?
<ChmEarl> keithclark, some technical sites provide a port scanner
<ChmEarl> I have port 8080 forward inside my LAN to a Xen guest... imagine how long that took to setup
<keithclark> Funny, on Primus it was no issue at all.  I was sure they would have blocks on the common ports but it worked out just fine.
<ChmEarl> keithclark, here is one: http://www.subnetonline.com/pages/network-tools/online-port-scanner.php
<ChmEarl> check the ToS box first
<virusuy> dork: ping
<keithclark> thanks ChmEarl
<keithclark> Ok, port 80 is not blocked by my isp
<keithclark> But still the port is closed
<keithclark> I just cannot get through
<keithclark> Any ideas?
<qman__> are you connected to here through said internet connection?
<keithclark> Yup
<qman__> well, it's not answering connections on 80 or 21, they time out
<keithclark> Yup....not sure why
<qman__> if they were making it to your server, they'd be refused or accepted unless otherwise configured in the firewall
<qman__> so they have to not be getting there at all, which means either router config or ISP
<keithclark> Yup.  ISP assures me no blocking of any ports
<keithclark> Modem is forwarding all 80 and 21 ports to the router.
<keithclark> Router is forwarding 80 and 21 to this machines ip address
<qman__> try forwarding a nonstandard port just to test
<qman__> above 1024
<keithclark> I tried 5222, still nothing
<qman__> then I'm going to have to say router
<keithclark> Yeah, throw it out an get another?
<qman__> could be, a lot of them really overcomplicate things and bury settings
<qman__> if you can't find any substantial information on it, I'd get something else
<keithclark> I've been through 3 of these routers!
<qman__> trying to do this, or they just failed?
<keithclark> Yup, same issue.
<qman__> also, same ones/brand, or different
<keithclark> different brands
<keithclark> I'm thinking Ubuntu
<qman__> if ifconfig returns the address you expect, try browsing from a different computer
<keithclark> browsing?  I have 2 other machines that browse find plus my ps3
<keithclark> *fine
<qman__> browsing to your ubuntu server
<qman__> e.g. http://192.168.1.123
<keithclark> I will try that
<qman__> the thing is, if you're getting to ubuntu but it's misconfigured, you'd get a connection refused, not a time out
<qman__> so it has to be something with the networking
<keithclark> hmmm
<qman__> maybe it doesn't have the IP you think it does, or something is wrong with the NIC/cable/switch/etc
<qman__> all of which you can troubleshoot by attempting to get to it from the LAN
<qman__> by default ubuntu has an accept all firewall policy
<pukeko> any recommendations for a "load balancer/forwarder" to use for a couple of VMs hosting web applications ? i have only one public Ip available
<keithclark> local access works
<keithclark> I can get to this machine from another on my LAN
<qman__> ok, can the ubuntu box get to the internet? default gateway and nameservers working
<keithclark> Yes, I'm typing from it
<qman__> then it has to be the router config
<qman__> ubuntu knows how to get to the internet and accept connections from your network
<qman__> double check the IP on your ubuntu with ifconfig
<qman__> and make sure it's right in the router
<keithclark> Checked many times.  Just did it again and all is fine.
<qman__> also, try the DMZ setting if it has one
<keithclark> Yup, only one router
<qman__> and turn off any SPI firewalls on the router
<qman__> accept wan ping, no filtering
<keithclark> dmz did not work
<keithclark> spi off
<qman__> pings are not getting through to you
<keithclark> Most secure system on the web today!
<qman__> what does your network layout look like? systems - router - modem - internet? or combo router/modem
<keithclark> speedtouch on 192.168.1.254 to dlink dir-615 router
<qman__> if you have the former, but your modem is actually a router/modem, that could be the problem
<qman__> the modem would then need to DMZ your router
<keithclark> Firewall on the speedtouch is disabled
<keithclark> I have the very same modem on Primus at another location with another router and it works fine
<qman__> well, your IP is not answering ping or any TCP connections on common ports
<keithclark> I know
<qman__> so something is blocking them, the modem is first in line and therefore first to check
<qman__> read: even if port forwarding doesn't work, it should be answering ping
<keithclark> yup, I understand
<keithclark> LIke I said, the most secure connection on the planet
<keithclark> Well, I'm at a loss here.  Not sure what to try next, if anything.
<qman__> well, we've established it's not an ubuntu problem
<qman__> if your modem is ISP provided, call them
<keithclark> I already have
<keithclark> "Port 80 is not blocked"
<qman__> yes, but tell them your modem won't respond to ping and you can't forward any ports
<qman__> if it's routing, it should do both of those things
<qman__> if it's bridging, your router is responsible for doing those things
<qman__> don't take this the wrong way, but it's not magic, it's a pretty straightforward setup
<qman__> one of the two is currently holding your internet IP, and is responsible for pings and forwarding
<qman__> if it's not doing those things, it's either misconfigured or defective
<keithclark> I will do, thanks
<qman__> if the modem is routing, it needs to DMZ your router, which then port forwards to your LAN
<qman__> otherwise your router should be holding your internet IP on its WAN interface
<keithclark> I've emailed my isp concerning this.  I've never heard of a bad modem though
<qman__> having such a specific problem with no other issues is rare, but it does happen
<keithclark> Well, we shall see.
<qman__> configuration is far more likely, but in either case, you need to establish which device is responsible for answering pings
<qman__> and find out why it isn't
<qman__> once that's solved, you can move on to port forwarding if it still doesn't work
<pukeko> what speedtouch modem is it ?
<keithclark> ST516 is what shows on the webpage
<qman__> I have charter, but most of the customers I deal with at work have comcast with SMC modems
<qman__> and they can fail quite spectacularly
<keithclark> Let's see how my ISP responds.  They are pretty friendly.
<keithclark> The only other difference in my two setups is that this machine runs 11.10.
<keithclark> I hope that is not the problem
<qman__> it has nothing to do with the problem
<qman__> problem is that traffic isn't getting there in the first place
<qman__> that's not to say it couldn't cause some other problems, but you'll have to get this working before you'd ever see them
<keithclark> Ok, I'll wait to hear from my ISP
<savid> Is there a place in ubuntu to store a global ssh known_hosts file?
<savid> I tried /etc/ssh/ssh_known_hosts, but that doesn't seem to work.
<savid> I tried even copying my ~/.ssh/known_hosts to /etc/ssh/ssh_known_hosts, but that doesn't work either.   Any ideas?
<RoyK> imho that shouldn't be global
<uvirtbot> New bug: #886953 in samba (main) "smbstatus does not reliably detect that a samba connection is in use." [Undecided,New] https://launchpad.net/bugs/886953
<savid> RoyK, I need it to be
<RoyK> why?
<savid> RoyK,  I'm using puppet to manage server configurations.  Servers need to be able to do git checkouts from various git servers.  I don't want to have to manage a "known_hosts" in the ssh directory of every user that needs it.
<savid> RoyK, at any rate, what's wrong with the global ssh_known_hosts?   It's owned by root, and is mode 600
<savid> So security-wise it's no different than any other user's known_hosts
<RoyK> if you're using puppet from the root user, it's not an issue
<RoyK> just update that file
<savid> Oh, hmm..  that's why I'm getting errors, because it's not the root user doing the checkout.
<savid> guess I need to figure something else out
<savid> I guess I assumed that the global ssh_known_hosts file would apply to all users.  But that would make it less secure, I guess
<savid> Although, what's the point of /etc/ssh/ssh_known_hosts if only root can read it?
#ubuntu-server 2012-10-29
<schmitt9531> I was wondering if you could help me out with the qemu-kvm setup. I'm trying to help my friend with his ubuntu hypervisor. He currently has libvirt running to implement qemu-system
<schmitt9531> I connected to qemu:///session it did not work, when I did qemu+ssh I got access denied, added myself to libvirtd, it worked but I got qemu system access
<schmitt9531> instead of qemu session
<schmitt9531> and it gave me access to qemu system which has root privs
<schmitt9531> how do I properly use qemu usermode?
<schmitt9531> or is that not supported in ubuntu
<bearly230> Hello, all I have what I hope is an easy fix question. I have a centos server with a group made, and users added to the group.  But my ubuntu 12.04 desktop clients can't access the folder over nfs. Any sugestions?
<bearly230> Hello, all I have what I hope is an easy fix question. I have a centos server with a group made, and users added to the group.  But my ubuntu 12.04 desktop clients can't access the folder over nfs. Any sugestions?
<patdk-lap> enable group usage on nfs
<smoser> lifeless, dhcp
<orogor> hi
<orogor> may anyone helps me with checking the trip size chunk size and whatever for ext4 over lvm2 over an mdadm raid10 array?
<hallyn> stgraber: so fwtw my problem turned out to be with upstart's mounted-dev.conf.  It calls /sbin/MAKEDEV console which recreates /dev/{console,ttyN}.  That needs to not happen in a container.
<hallyn> oh, nope, guess that actually comes from mountall
<koolhead17> lynxman, hey
<lynxman> koolhead17: hello
<koolhead17> lynxman, where are you?
<lynxman> koolhead17: London
<koolhead17> lynxman, not in UDS
<lynxman> koolhead17: nope
<roaksoax> SpamapS: any examples of a subordinate charm?
<SpamapS> roaksoax: one example of a subordinate is nrpe
<uvirtbot> New bug: #1072744 in maas (main) "maas-cluster-controller depends on rabbitmq-server." [Low,Triaged] https://launchpad.net/bugs/1072744
<iggi_> Anyone here familiar with open-iscsi and mounting drives on boot? I have my startup to automatic yet my boot still hangs where it is waiting for the iscsi drive. I am able to go to the server and manually skip the waiting and it will boot where I can manually log into the NAS.
<iggi_> I just want it to connect at startup
<iggi_> and I would like to disable the waiting screen since I can't get into the system remotely
<jpds> Anyone know why aftering upgrading my KVM host to 12.10, a 12.04 guest running cobbler can't give out DHCP addresses? http://paste.ubuntu.com/1315428/
<uvirtbot> New bug: #1072772 in maas (main) "Package upgrade breaks rabbitmq communication." [Critical,Triaged] https://launchpad.net/bugs/1072772
<fidel_> anyone used to 3ware raid controllers? i am using a 9650SE-12ML on a freshlyinstalled 12.04 - 64bit. i executed the installer from the code-set-iso and selected cli & webinterface. tw_cli works to aks the controller status - but the webinterface seems NOT to be accessible at all on http/https & default port 888. Any ideas? or any other place you would recommend to ask?
<fidel_> btw: netstat shows nothing with port 888
<ewook> fidel_: long time ago I fiddled with 3ware cards, but the web gui was broken back then as well ;).
<fidel_> ewook: hehe
<fidel_> ewook: it worked for me in 10.04 days
<fidel_> so it should be possible to get it working ...at least ;)
<fidel_> bloody 3ware/lsi stuff
<RoyK> fidel_: I've used 3ware controllers with linux for a decade or so, but never tried that webinterface...
<fidel_> RoyK: so you stick to tw_cli only or the bios as well?
<RoyK> not yet tried with 12.04 either...
<RoyK> yeah, it works
<RoyK> tw_cli with nagios/icinga plugin is good
<fidel_> sounds great ;)
<RoyK> but then, I guess I'll stick to software raid on future servers
<fidel_> but well - as it worked in the past i am pretty sure one of the team is "in need" for the web-ui ;)
<udsslayer> I don't suppose anyone who is at UDS could help me setup a guest VM with a public IP?
<fidel_> apart from that: i know the rest works - i would like to get the webinterface working as well
<RoyK> fidel_: they don't need it unless you tell them there is one ;)
<fidel_> RoyK: it worked in the past - they used it .... doomed ;)
<RoyK> well, setup icinga for monitoring and they'll have an even fancier webinterface for monitoring far more than just the raid controller ;)
<fidel_> thanks for the tips - but i am not asking for workarounds or other solutions. basically i would at least test for some more time if its possible to get the webinterface working
<fidel_> sidenotwe: we are running nagios here ;)
<fidel_> so - close to icinga
<RoyK> I used to run nagios, but nothing much has happened to that codebase for, what, 5 years?
<fidel_> pretty silent around nagios yep
<RoyK> Ethan chose to move to Nagios IV, being commercial
<RoyK> the Icinga people have rewritten quite a lot over the last 2-3 years
<RoyK> nagios config files are still compatible, though
<edve> anyon knows a good alternative to landscape ?
<RoyK> edve: for what use? landscape has a few different uses (or a lot)
<skipp3r> hi all, i want to send the output of a script under /etc/cron.daily/ to /dev/null, can i define the sdout inside the script? or how cna i send the sdout just of this script to /dev/null ?
<edve> Monitoring , getting updated easily for some none linux user
<RoyK> skipp3r: just create a wrapper script and run "yourscript > /dev/null"
<RoyK> skipp3r: perhaps with "2>&1" if you want to get rid of stderr as well
<RoyK> edve: for monitoring, there are several systems to choose from, for updating easily from outside the console or terminal, I don't know any, but it's easy to cron that part
<RoyK> !monitoring
<ubottu> There are many ways to monitor processes, here are a few: ps, top, htop, gnome-system-monitor, lavaps, wmtop
<skipp3r> RoyK: the script is under /etc/cron.daily/ where are more scripts, i want to change the output just for a specific one
<RoyK> !icinga
<RoyK> !nagios
<RoyK> stupid bot
<RoyK> skipp3r: just move that script to /usr/local/sbin or something and create a wrapper script in /etc/cron.daily
<RoyK> skipp3r: or modify the script to let the parts that create output redirect their output to /dev/null
<skipp3r> RoyK: how can i modify it? can i somehow inside the script redirect the output to /dev/null ?
<RoyK> skipp3r: editor /path/to/script
<RoyK> it's just a script!
<skipp3r> RoyK: yes, i mean i should just add >/dev/null inside the script? is that enough?
<RoyK> just find the noisy parts and add >/dev/null to them
<skipp3r> RoyK: ok i will try that, thanks!
<recon_lap> bit stuck trying to use sendmail , keep getting this error Oct 29 16:18:37 xxx-Aspire-V3-571 sendmail[5892]: My unqualified host name (xxx-Aspire-V3-571) unknown; sleeping for retry, just what it for testing a web site account verification system on my local machine. anyone able to give a hint what i need to configure?
<RoyK> if they write to stderr, which is normal for errors, add 2>&1 after >/dev/null to redirect file 2 (stderr) to file 1 (stdout)
<RoyK> recon_lap: erm - do people use sendmail anymore? ;)
 * RoyK sticks to postfix
<RoyK> some people like exim as well
<recon_lap> RoyK: I'm using it through SMTP from a web server for email address verification. not sure how postfix/exim relate to this
<RoyK> if you don't have a personal preference for sendmail, I'd recommend using postfix (or perhaps exim, but I don't know that too well)
<recon_lap> RoyK: it's just a development system, I just want it to work so i can test some code. not going to be uses as a production mail server, but I'll have a look at postfix
<RoyK> postfix is generally easier to configure for most stuff
<RoyK> unless you're a sendmail wiz, I'd recommend switching
<recon_lap> RoyK: lol, no whiz, it's just whats installed by default
<RoyK> I don't think sendmail has been installed by default
<RoyK> probably exim
<RoyK> dpkg -l | grep sendmail
<recon_lap> RoyK: thx, I'm looking into it :)
<recon_lap> the bit I don't get is entering a FQDN(fully qualified domain name), I don't have one as far as i know, just using localhost.
<IdleOne> RoyK: if you are inclined to write up a nice wiki howto page on wiki.ubuntu.com for icinga we can write a factoid pointing to it.
<recon_lap> should I just use my host name?
<RoyK> IdleOne: ok
<IdleOne> Cool :)
<bubu\a> hi guys - I want to use logrotate. Whats the difference in putting in an entry in /etc/logrotate.conf
<bubu\a> or creating a specific conf in /etc/logrotate.d/?
<bubu\a> i want to rotate hourly...
<uvirtbot> New bug: #1072813 in puppet (main) "puppetd hangs/slow downs - already fixed in upstream" [Undecided,Confirmed] https://launchpad.net/bugs/1072813
<sean-lee> hi
<xsl> hello all ... i have a LXC/APPARMOR/INITSCRIPTS problem
<xsl> I want to use the funcionality of autostart a container wen its linked in /etc/lxc/auto but i get this error in syslog .. and the container does not start
<xsl> Helena Soares 17:23:38
<xsl> nÃ£o serÃ¡ juntamente com o salÃ¡rio, mas serÃ¡ este mÃªs	
<xsl> NunoSeita 17:31:00
<xsl> juntamente ker dizer o quÃª? nÃ£o Ã© no "recibo" ou nÃ£o Ã© no mesmo dia?
<xsl> oops
<xsl> wrong paste
<xsl>  /shame
<xsl> type=1400 audit(1351535408.081:10): apparmor="DENIED" operation="mount" info="failed type match" error=-13 parent=1384 profile="/usr/bin/lxc-start" name="/proc/" pid=1416 comm="lxc-start" fstype="proc" srcname="proc" flags="rw"
<xsl> i tried uncomenting in /var/lib/lxc/<container_name>/config the string lxc.aa_profile = unconfined
<xsl> but with no luck
<Phibs> is there any way to change to 1000HZ vs 100 in the kernel ?
<stiv2k> hello
<stiv2k> i have a /dev/sdb mounted as my /home tree on my server and lately it keeps alerting me that /dev/sdb will be fsck'ed on next reboot. so I rebooted it but it still says /dev/sdb need to be fsck'ed. what do i do?
<maxb> What's alerting you? the motd when you log in?
<stiv2k> maxb yes
<stiv2k> and in dmesg
<stiv2k> [   16.744800] EXT4-fs (sdb): warning: checktime reached, running e2fsck is recommended
<maxb> OK. Check at reboot is controlled by a field in /etc/fstab. You could either ensure that's not zero, and reboot, and see if it checks then, or you could unmount sdb and check it separately whilst the rest of the machine stays up
<stiv2k> maxb, it has my /home tree, so i dont think i can unmount it right
<maxb> You'd need to ensure no normal users were logged in before you could unmount it
<stiv2k> lol
<stiv2k> sounds like a catch 22
<maxb> Though you could be logged in as root or as another user specifically created with a home outside /hoem/
<stiv2k> ill probably just do the first method
<maxb> Find the line of your /etc/fstab that refers to /dev/sdb and paste it here?
<stiv2k> ok
<stiv2k> maxb, i made it really simple
<stiv2k> UUID=66aa7d2b-2805-47a3-9f18-2b8d2ace60a2 /home         ext4
<maxb> hm is there no more? there should be more fields after that
<stiv2k> i never added any
<stiv2k> it just worked so i left it like that :S
<maxb> stiv2k: After the ext4 add                          defaults   0  2
<stiv2k> whats the 2 for?
<maxb> Not having a number in the sixth field probably is why it didn't get checked
<maxb> 2 is for check this, but do it after the root file system (which should have number 1 there)
<maxb> 'man fstab' for more in-depth discussion
<stiv2k> ah ok
<stiv2k> now just reboot?
<maxb> Just to double-check, the entire fstab line should now look like:
<maxb> UUID=66aa7d2b-2805-47a3-9f18-2b8d2ace60a2 /home         ext4   defaults   0  2
<maxb> At which point, yes, rebooting ought to cause the drive to be checked
<stiv2k> sweet
<orogor> hi
<briggz> Hey guys, anyone here a server admin professionally?
<briggz> I'm looking for final project ideas for my intro to linux class.
<orogor> <=
<briggz> server specific area to study that would be useful for future admins.
<orogor> san ?
<orogor> if you have access to the hardware
<briggz> what's san?
<orogor> storage area network or something like that
<orogor> storage attached n...thing
<orogor> zonning fiber  san switch , stuff like that
<bbhoss> Anyone have issues with runit not sending signals to the correct process when you use chpst? It seems like it is sending the signals to the chpst process instead of the process chpst runs
<briggz> oh, looking more for software server side.
<orogor> never had the courses at univeristy, you need to have like 10kâ¬ just to make a single setup that not everyone will play with
<briggz> like we're doing samba stuff now.
<orogor> you want software only course?
<briggz> it's not a hardware focused course.
<briggz> it's linux operating systems
<orogor> software raid + lvm  is also usefull , and they need to grasp the lvm concept
<briggz> like I installed unbuntu-server
<orogor> and you can do the course with commodity hardware
<briggz> Im one of the 'they' I'm a student looking for ideas on my final project that I get to pick. I asked my teacher for ideas, he said look at a list of things that might benefit a career.
<orogor> how long the projet is?
<briggz> I've got 8 weeks to do it
<briggz> we need to select a topic and start this week.
<briggz> plus it needs to be approved.
<orogor> sorry had to reboot to fix boot sequence :)
<briggz> that's ok
<orogor> so , how long?
<briggz> I have 8 weeks
<briggz>  to compete
<orogor> gotta be networked or be usefull in any way ?
<orogor> like setup nfs/samba shares for roaming profiles for students would be nice maybe
<briggz> it's got to be something that has to focus on server and/networks and more specifically Linux
<briggz> wer
<orogor> no ?
<briggz> we're already doing samba this week
<orogor> like wherever you login your desktops and my document folder is always the same
<briggz> well, we're setting it up and playing with it
<marsje> my friend just upgraded from ubuntu server 10.04 to 12.04 and now it seems his dns settings are wrong... how can I see what is the current dns-server? how can I change it?
<orogor> boot a computer and get it automagically installed
<briggz> no specific tasks in it, something might come up in the coming weeks. but as of right now, we're making windows and our servers see each other, share, etc..
<orogor> cat /etc/resolv.conf
<orogor> virtualisation is also good to play with if you never tried it
<briggz> done that. =)
<briggz> I have my actual ubuntu server, my windows machine, and 4 virtual linux boxes on it.
<xsl> guys i need help with LXC/Apparmor ( get this error message: type=1400 audit(1351535408.081:10): apparmor="DENIED" operation="mount" info="failed type match" error=-13 parent=1384 profile="/usr/bin/lxc-s
<xsl> tart" name="/proc/" pid=1416 comm="lxc-start" fstype="proc" srcname="proc" flags="rw")
<briggz> they're even seprate networks.
<briggz> is there something specific in security that you might think would be good to know more in depth?
<xsl> i tryed commenting out the line lxc.aa_profile in /var/lib/lxc/container_a/config with no luck
<orogor> roles base access c..thing  rbac
<orogor> see apparmor
<orogor> nobody ever use configure this kinds of stuff however
<xsl> i didnt wanted to disable the profile, i been searching but i dont quite get it how to configure that "mount"
<orogor> but it s  the only real way i ve found to get a secure system
<xsl> they just disable ? ... lack of security feature imo ... right?
<orogor> basically you start apparmor in profiling mode , run the system and makes it do all thge stuff it usually does
<orogor> then put the profile in enforce mode , and after that it can only do the things it could do while in profile mode
<xsl> and then i commit the changes
<xsl> yeah i see where your going to
<orogor> xsl,  not speaking to you :)
<xsl> its easyer than writing myself the profile
<orogor> but you might learn as well
<xsl> your not? ... but seems like the solution to my problem
<orogor> xsl,  yhea  it maybe it
<orogor> xsl, in fact afterward you slightly edit the profile and put * in some places , like for a cookie folder
<orogor> else it wouldn t be able to create cookie-zer3zer41ze5rzer4.txt  if this wasn t created during the profiling step
<orogor> but then that s only if you re creating your own profiles
<orogor> else it may means you re encountering a bug of some kind that you should report , or need an update cause it s already fixed
<orogor> xsl, ?
<orogor> :msg nickserv hi
<xsl> i have just a plain install of precise 12.04
<xsl> created my lxc container of a lvm
<xsl> at it gives me that error above wen i reboot the server and the container should start automaticaly
<xsl> im trying to boot the container manually in debug mode ... takes alot of time imho
<orogor> humm bug is marked as solved, odd
<orogor> stupid question , why not try another virualisation solution ?
<xsl> my goal is not rly virtualization
<xsl> its more like the jails in freebsd feeling i want
<orogor> chroot ?
<xsl> chroot not that good as lxc imo
<xsl> cannot define mem limits and such
<orogor> you want really a loot of differt process in their own containers?
<orogor> a lot of
<xsl> 1 container just for mysql 1 container just for php 1 container just nginx
<xsl> something like that
<orogor> would be me it d all go ina  single vm
<xsl> call me paranoid :D
<orogor> and not a chroot or jail , but a  full vm
<orogor> so your desktop upgrade won t break your carefully crafed vm config for php and nginx
<orogor> and you can snapshoot and rollback dureing devellopement
<xsl> its a server
<xsl> and i can snapshot LVM
<orogor> not the same thing
<orogor> well anyhow if you know lxc use that, and fix the apparmor issue
<orogor> if it s single process completely isolated it s  not that bad to turn off apparmor i guess
<orogor> else report the bug to ubuntu or fix it yourself by doing the profile and enforcing it
<xsl> i think its an initscripts problem
<xsl> i can start the container manually
<xsl> only the startup of the server fails
<briggz> orogor:  I think I have a idea of my topic.
<briggz> thanks for the help
<Zer0Glitch> Good day, folks
<Zer0Glitch> Can anyone recommend ideal RAID build for small apache/sql server?
<Zer0Glitch> I'm thinking of using 6x 120GB SSDs
<Zer0Glitch> (128)
<Zer0Glitch> Anyone registering this?
<Zer0Glitch> Jesus Christ, people. If you're going to occupy space in a help and discussion-focused chat room quit running bots/AFK and respond to inquiries or logout
<jeremydei> well, i was gonna say.. 6xssd's sounds pretty screamin fast .. that's all i got sry :)
<Zer0Glitch> Looks better in this: http://www.thermaltakeusa.com/Product.aspx?C=1156&ID=2031
<Zer0Glitch> Running in one of these: http://www.antec.com/product.php?id=2149&pid=8
<bbhoss> Zer0Glitch: sounds like overkill. Also, nginx > apache
<Zer0Glitch> Hoss > Sounds like overkill, but I'm going to be running high IOPS because I'll be hosting a high-visitation site off of it. Combination of Wordpress & custom CRM. I'll have a larger fibre-channel rackmount for the media storage.
<Zer0Glitch> Low latency, high uptime
<Zer0Glitch> I want to minimize my maintenance and chances for hardware failure, so SSDs make sense
<Zer0Glitch> So again, anyone have any suggestions on primary raid setup for server? I was thinking Raid5
<patdk-lap> hmm? raid5 is low iops and high latency
<Zer0Glitch> First time raiding a server. Hence the question
<Zer0Glitch> <-- clearly needs assistance
<Zer0Glitch> I've been running off my home server and run into problems. Now making move to upgrade and need recommendations.
<patdk-lap> http://bytepile.com/raid_class.php
<patdk-lap> generally, you use raid10 for everything, except if it's for streaming workloads, then raid6
<patdk-lap> but high iops is normally always going be a raid10 config
<Zer0Glitch> Why Raid6 for streaming? A big part of the content is podcasts, but I'm moving it to Torrented distribution - first download originating at my site. Not streaming.
<Zer0Glitch> Secondary distribution P2P
<patdk-lap> as it sounds like podcasts and torrents should be streaming, they defently are not
<patdk-lap> atleast when your user count is >4
<patdk-lap> torrent is inherently designed to be random
<Zer0Glitch> I'm getting 10K hits/mo
<patdk-lap> raid6 is only better for streaming, cause you gain extra space really
<patdk-lap> where the performance of raid6 and raid10 could be close, just raid6 assumes your moving large amount of data per transaction
<patdk-lap> and raid10 doesn't make that assumption
<patdk-lap> raid5 is the same, just it's inherently unsafe, expecially the larger disks get
<jbrowne> https://cloud-images.ubuntu.com/query2 appears to be throwing 404s.  I know the existing format is to be deprecated, but the new format (from the announcement) is supposed to still live at that URL (per the examples).  Did I miss another announcement, or has it just broken as a part of releasing the latest refreshed Precise cloud images from last week?
<blendedbychris> anyone decent at troubleshooting snmpd?
<pmatulis> !ask | blendedbychris
<ubottu> blendedbychris: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
#ubuntu-server 2012-10-30
<pmatulis> i notice on 12.04 there is no prompt during install time when setting up raid whether to boot into a degraded mode.  is that right?  the default is also to _not_ boot in such a state.  is that what we want these days?
<patdk-lap> the default is only an option when the root is on raid
<patdk-lap> if it isn't, the option is never presented
<patdk-lap> bug has been filed a long time ago
<Gallomimia> briggz i'd like you to make a piece of software that will allow networked systems to share symbolic links and treat them as if they were hard links. maybe that will fill up 8 weeks of time. file integrity checks, hash checks, and in the case of text files versioning
<Gallomimia> ah he's not here :(
<vicTROLLA> Having trouble with a PXE setup. My preseed file is failing because the OS I'm installing over has LVM data that spans both physical drives. For some reason the installer doesn't want to delete this data. Any ideas?
<vicTROLLA> https://answers.launchpad.net/ubuntu/+source/ubiquity/+question/200964 :(
<briggzer> I'm tring to install bind9 and samba, I keep getting errors and it says failed to start service, am I in the right place?
<briggzer> i'm using ubuntu-server
<bfortified> Finally setup NFS at home, My wifes account is able to manipulate files she doesn't have permissions for with out using root. Is this because she has an administrator account or because of a weak NFS? setup?
<lerian> hi guys
<lerian> i'm looking for someone for this http://pastebin.com/zpCTvK64 (could be remote or on site, it's flexible)
<stgraber> hallyn, utlemming: ubuntu-cloud still downloads 20121017 for quantal instead of the new build, so I doubt I'll get a /dev (still downloading)
<lerian> looking for a system engineer > http://pastebin.com/zpCTvK64
<hallyn> stgraber: gah
<hallyn> stgraber: no wait, quantal as fine.  it's precise that had no /dev
<hallyn> which is downloading release-20121026.1 fo rme
<stgraber> hallyn: gah, right
<lerian> i'm looking for a system engineer http://pastebin.com/zpCTvK64
<lerian> the refferer will get 200 euros http://pastebin.com/zpCTvK64
<uvirtbot> New bug: #1073077 in cloud-init (main) "zsh complains about locale_warn on launch" [Undecided,New] https://launchpad.net/bugs/1073077
<uvirtbot> New bug: #1073082 in cloud-init (main) "Login always warns about fsck, but doesn't actually fsck on reboot" [Undecided,New] https://launchpad.net/bugs/1073082
<xsl> can someone help i get this error wen starting lxc container manually type=1400 audit(1351593348.376:10): apparmor="DENIED" operation="mount" info="failed flags match" error=-13 parent=17347 profile="lxc-container-default" name="/var/lib/ureadahead/debugfs/" pid=17362 comm="ureadahead" fstype="debugfs" srcname="none" flags="rw"
<xsl> and the same happens at startup
<xsl> tough manually the container is up
<xsl> but at startup the container does not start
<xsl> stgraber your there? can you tell me if this bug is sorted?
<stgraber> xsl: it's not a bug, it's intentionally blocked
<bsdman> everyone super happy with ubuntu server 12.10?
<bsdman> I am. :-)
<xsl> stgraber, but apparmor is preventing me from starting containers at host powerup wen i link the container in /etc/lxc/auto
<xsl> manually the container starts up ok , even tough the error on syslog
<xsl> but wen the host server reboots the container does not come up
<xsl> stgraber, http://pastebin.com/H3EhX6Ds
<xsl> sorry if im bothering you
<xsl> but i dont see information on the web about this problem, only a bug on launchpad
<allegrem> Hi everyone !
<allegrem> I've a little problem with udev which fails to mount a key when i plug it
<allegrem> here are all the informations : http://pastebin.com/nPyFk8KP
<allegrem> thanks in advance for your help !
<xsl> the info changes from "failed flags match" wen i manually start it to "failed type match" wen i try it at linking in /etc/lxc/auto
<xsl> another thing i see is that the container tries to come up before eth0 is up at boot... can that be a problem ?
<xsl> i'm so sorry stgraber to bother you ... i found the issue ... i was doing the symlink wrong
<Aison> why do I have got such strange network interface names with 12.10? p10p1, p9p1
<uvirtbot> New bug: #1073159 in tomcat7 (main) "tomcat7 7.0.30 (or newer) should be backported to precise" [Undecided,New] https://launchpad.net/bugs/1073159
<uvirtbot> New bug: #1068405 in tomcat7 (universe) "catalina.properties use hard references to /var/lib/tomcat7/" [Undecided,New] https://launchpad.net/bugs/1068405
<uvirtbot> New bug: #1073204 in cloud-init (main) "ssh-authkey-fingerprints fails on boot" [Undecided,New] https://launchpad.net/bugs/1073204
<roaksoax> jamespage: ping
<roaksoax> jamespage: why do relation hooks get executed twice, or so it seems?
<hallyn> stgraber: success!  I'll have to re-test once everything is in ppa.  there are some oddnesses, but basically not only does it work, even sudo works :)
<highvoltage> whohoo
<uvirtbot> New bug: #1073273 in keystone (main) "keystone package has incorrect dep on python-keystone (= 2012.1-0ubuntu1)" [Undecided,New] https://launchpad.net/bugs/1073273
<stgraber> hallyn: wow!
<hallyn> stgraber: nice talk :)
<stgraber> hehe, thanks. The usual, please use LXC and talk to us if you need anything ;)
<highvoltage> you gave a lightning talk stgraber?
<stgraber> highvoltage: yeah, at the testing in ubuntu event on using lxc for development
<stgraber> with a good 30s preparation time, so was pretty basic ;)
<highvoltage> yeah i got here very late :-/
<stgraber> I saw Adam and a few others arriving just after I was done, I guess you arrived around that time too
<highvoltage> i arrived around 3 mins ago
<hallyn> drat, there is at least one complication from the userns stuff (thoug i'll ignore that when i blog about it :) - i have to move the cgroup setting stuff around.  actuall yi'll probably move that to the parent of lxc-init.  no reason for init to do it itself as it currently is!
<uvirtbot> New bug: #1073287 in tgt (main) "tgt-admin fails to read configuration" [Undecided,New] https://launchpad.net/bugs/1073287
<uvirtbot> New bug: #1073289 in nova (main) "nova-common has an incorrect dep on python-nova (= 2012.1-0ubuntu2)" [Undecided,New] https://launchpad.net/bugs/1073289
<_jmedina> hi there
<roaksoax> jamespage: ping
<_jmedina> Im testing packemaker in 12.04
<_jmedina> im reading the document pacemaker from scratch, and Im in the stage where I requiere to install the pcs tool for management, I already installed pacemaker but dont see any pcs package, anyone knows if is supported?
<mjampala> hi guys, need some help on process D state
<mjampala> snmpd gets stuck in in seq_read() of the seq operation in seq_read.c
<mjampala> hile reading /proc/net/dev
<mjampala> his happens once in every 15 days
<mjampala> repro'ing this is not easy and I am basically panic'd with this
<mjampala> Does anyone run into this
<_jmedina> roaksoax: afaik you were working in the cluster stack, am I right?
<jmedina> about my problem with pacemaker in 12.04 it is because Im reading a recent version of the document clusters from scratch
<jmedina> I think Im going to search for a document that works with the version of pacemaker and corosync that ships 12.04
<roaksoax>  jmedina that document is based on pacemaker 1.1.8 in preise we ship 1.1.7 which uses crm shell
<jmedina> roaksoax: thanks, that is what I just relised
<roaksoax>  jmedina http://www.clusterlabs.org/doc/en-US/Pacemaker/1.1-crmsh/html/Clusters_from_Scratch/index.html
<jmedina> 1.1.7? I just checked and is 1.1.6
<jmedina> roaksoax: now I reading the third edition
<roaksoax> yeah sory quantal has 1.1.7
<jmedina> roaksoax: is there documentation specific for ubuntu server?
<jmedina> roaksoax: I few years ago I read you tesis, but now everything changed
<roaksoax>  jmedina https://wiki.ubuntu.com/ClusterStack/Natty  https://wiki.ubuntu.com/ClusterStack/Precise
<jmedina> thank you, I see it still uses cman
<jmedina> roaksoax: Im following the document for precise, I think it lacks a few details, I hope I can contribute
<jmedina> roaksoax: did you ever worked with CLVM?
<semiosis> hi all... is there an easy way to prevent post-install/upgrade scripts from running when i update a package?  specifically, prevent a service from being restarted on upgrade?
<maxb> semiosis: There could be various ways to achieve it - which package?
<semiosis> hm, it was a question from a friend... i think in his case it was mysql-server.  is there a general solution?
<maxb> Not fully general, no
<semiosis> maxb: ok, i found something about policy-rc.d but didnt really understand it & didnt find any easy examples in a few mins of googling
<maxb> The closest you get to a general solution would be to use the policy-rc.d control over invoke-rc.d, but as some things move away from rc.d-based control to things like upstart jobs, that's not really a guarantee
<maxb> Yeah, policy-rc.d is not well documented
<semiosis> ok that makes sense
<maxb> The most common / basic use of policy-rc.d is in chroots, when you want nothing daemonish to run
<maxb> In that case, it's common to create /usr/sbin/policy-rc.d as a trivial shell script which just runs 'exit 101'
<semiosis> ah, but would that prevent one from starting daemons manually also?
<semiosis> in addition to preventing package scripts from doing it?
<maxb> It prevents anything going through the invoke-rc.d layer
<semiosis> ok so calling /etc/init.d/... scripts directly could still work
<semiosis> cool, thanks!
<maxb> In the case of the mysql server packages currently in Ubuntu, they do use initscripts via the invoke-rc.d layer, so policy-rc.d is a potential solution
<maxb> The other being to simply alter /etc/init.d/mysql to enforce policy
<maxb> Documentation for policy-rc.d is at /usr/share/doc/sysv-rc/README.policy-rc.d.gz if you want to look into writing a small script to use there to do the job
<semiosis> maxb: right, the tell apt-get to keep the installed script.  that would work too
<semiosis> thanks!
<semiosis> s/the tell/then tell/
<stgraber> hallyn: fixed lxc published to quantal-updates
<niel> hello, can anyone help me port forward incoming connections on port 54201 to 10.8.0.6
<gletob> Hey is bind9 installed when you do apt-get install lamp-server^ ?
<gletob> Or more importantly, does it serve any other function than being a DNS server?
<maxb> gletob: I'd be very surprised and call it a bug if bind9 was included in lamp-server task
#ubuntu-server 2012-10-31
<erichammond> apt-get update on EC2 us-east-1 results in: Failed to fetch bzip2:/var/lib/apt/lists/partial/us-east-1.ec2.archive.ubuntu.com_ubuntu_dists_precise-updates_main_source_Sources  Hash Sum mismatch
<erichammond> http://askubuntu.com/questions/209844/
<mgw> I have an issue going on with a post-up script â the script adds custom routes, but sometimes one or more of the routes is not added.  This is on a kvm guest.
<bsdman> what services are being run on your ubuntu server?
<mgw> bsdman: this particular system has redis and nginx â but it was happening on another server that had entirely different services
<mgw> unfortunately, it's hard to reproduce
<benlake> this an appropriate place to ask about AWSOME?
<bsdman> benlake, what do you wish to know?
<benlake> does the implementation provide for non EC2 compliant API implementations?
<benlake> bsdman:
<bsdman> no idea. little beyond my knowledge.
<benlake> bsdman: no worries
<benlake> hmm, looks like it might not be that bad to plug in a new cloud provider
<mgw> bsdman: here's an excerpt from my log â https://gist.github.com/6d8169c1da423e07a70d
<mgw> bsdman: also, it seems to just be the first boot after a destroy/create/start
<hallyn> stgraber: i saw the emails - excellent
<p7ank5te7> Just curious, what's the best policy for adding shares? I noticed that I had pre-existing directories and the acl's didn't seem to take properly. I have another drive mounted as /Share, and the folders in there are owned by root:root with them at RWX for all users, but if I set no guest access, and set authenicated users to read-only and admins as RW it gives everyone RW. I'm still trying
<p7ank5te7> to get used to this, so any suggestions are appreciated. I don't want them be created under /homes/samba/shares/..... is the main thing. I'm running zentyal 3.0 right now and that's where it creates a share if I use the interface. Are there any special permissions I have to set on these folders or something?
<vezq> here is a snippet from my smb.conf which works with acls:
<vezq> writable = yes
<vezq> valid users = @Users
<vezq> hide unreadable = yes
<vezq> inherit permissions = yes
<vezq> security mask = 0000
<vezq> map archive = no
<vezq> force directory mode = 0777
<vezq> force create mode = 0777
<vezq> force directory security mode = 777
<uvirtbot> New bug: #1073463 in maas (main) "User-configurable files are not installed in /etc" [Undecided,New] https://launchpad.net/bugs/1073463
<webwurst> hi! when using iscsi as storage-backend to kvm/libvirt i can migrate running virtualized systems from one host to another, but can't create snapshots. when using qcow2 based file-images it is the other way round. am i right?
<uvirtbot> New bug: #1070775 in maas/1.2 "The zone name (attached to a cluster controller) can still be changed when it contains in-use nodes and DNS is managed." [Critical,Fix committed] https://launchpad.net/bugs/1070775
<uvirtbot> New bug: #1059645 in maas "URI in API description wrong when accessing machine via alternative interface" [High,In progress] https://launchpad.net/bugs/1059645
<uvirtbot> New bug: #1064224 in maas "IPMI detection ends up with power_address of 0.0.0.0" [Undecided,New] https://launchpad.net/bugs/1064224
<uvirtbot> New bug: #1064527 in maas "detect_ipmi needs improvement.  detects non-existant device in nested kvm" [Undecided,New] https://launchpad.net/bugs/1064527
<uvirtbot> New bug: #1070522 in maas "maas-cli nodes new incomplete documentation" [Critical,Fix committed] https://launchpad.net/bugs/1070522
<uvirtbot> New bug: #1070765 in maas/1.2 "DNS forward zone ends up with nonsensical entries" [Critical,In progress] https://launchpad.net/bugs/1070765
<uvirtbot> New bug: #1070774 in maas/1.2 "The hostname of a node can still be changed once the node is in use" [Critical,Fix committed] https://launchpad.net/bugs/1070774
<uvirtbot> New bug: #1066775 in maas/1.2 "Main page slow to load with many nodes" [Critical,Fix committed] https://launchpad.net/bugs/1066775
<uvirtbot> New bug: #1073478 in squid3 (main) "squid3 does not clean up pid file" [Undecided,New] https://launchpad.net/bugs/1073478
<houman> Hello, it seems the Ubuntu 12.04 ami-9c78c0f5 is broken. Does anyone know when the next repository update is scheduled?
<Gargoyle> Morning all
<Gargoyle> I'm hitting some annoying hurdles with munin on 12.10. Anyone else got any experience with it (I am getting html files, but no graphs)
<houman> Within a EC2 Server instance, while running a ./configure, suddenly the terminal hangs during execution. e.g. at config.status: executing depfiles commands. I experienced the same thing once during e.g. sudo checkinstall. The whole terminal becomes unresponsive.  What could be the reason for that? This happens on a ec2 micro instance.
<uvirtbot> New bug: #1073510 in nova (main) "Upstart init script executes before network bridge is available" [Undecided,New] https://launchpad.net/bugs/1073510
<bubu\a> hi guys, can anyone tell me why - smbmount //10.29.39.23/share /mnt/hd2/share -o user=samba,pass=blablabla,gid=ubuntu,uid=ubuntu mounts the drive corrently as ubuntu user on one server and mounts as root on another server....?
<_cronus_> bubu\a, maybe you need to pass the forceuid and forcegid options as well
<vezq> ignore -channels #linuxoutlaws * JOINS PARTS QUITS NICKS
<ak5> hi, can i easily install ubuntu server 12.04 lts on usb key using dd?
<ak5> I have done this with archlinux
<ak5> but I found no docs related to this specifically for ubuntu
<vezq> nope, use startup disk creator if running ubuntu
<vezq> or unetbootin with windows
<Jeeves_> If I install something with --no-install-recommends, will it never bother me with the recommends again?
<ak5> vezq: I am running a different distro
<vezq> unetbootin also available for linux
<ak5> vezq: thanks
<ak5> I have a "amd64" version of ubuntu server 12.04 - this works onintel x86_64 architecture too, right?
<RoyK> ak5: yes, it's called amd64 since it was AMD who first made that architecture - intel followed that when they finally found that the itanium run wasn't good enough
<ak5> ok good, just checking
<ak5> thanks
<ak5> I am confused what options to use in unetbootin for my ubuntu server 12.04 amd64 iso file
<ak5> oh nevermind seems like my download is just corrupt -.-
<TuxLof> I just logged in a KVM node which has a 100GB swap partition... someone hasn't been paying attention during installation  jesus lol
<roaksoax> jamespage: free by any chance?
<vezq> tuxloaf: is there 256GB of RAM? ;)
<TuxLof> has 100gb of ram :p
<TuxLof> also a 48gb udev and 48gb cgroup partition from which just a couple MB is in use
<vezq> :)
<fosfori> Umm.. does this sound familiar to some1? The file path or username are not showing up next to the dollar sign when I connect to my server via SSH
<bubu\a> fosfori, what shell does your user have on the remote machine?
<fosfori> bash
<uvirtbot> New bug: #1073571 in cinder "[Folsom] Conflict between nova-api and cinder-api" [Undecided,New] https://launchpad.net/bugs/1073571
<bubu\a> you sure?
<bubu\a> cat the passwd file
<RoyK> fosfori: perhaps someone has messed up PS1
<fosfori> bubu\a: done
<RoyK> try
<RoyK> PS1='${debian_chroot:+($debian_chroot)}\u@\h:\w\$ '
<fosfori> Just got this baby up yesterday
<bubu\a> fosfori, def bash then? :/
<RoyK> fosfori: is this for root, or a newly created user?
<fosfori> I'm not too familiar with the commands :3
<fosfori> RoyK: new user
<RoyK> then it's probably not bash
<RoyK> http://paste.ubuntu.com/1320990/
<RoyK> fosfori: as that user, run chsh -s /bin/bash, or run chsh -s /bin/bash <username> as root
<bubu\a> fosfori, what shell does that user have when you cat /etc/passwd?
<fosfori> Okay, let's see
<RoyK> default shell is /bin/sh
<RoyK> which is dash
<fosfori> ahh
<RoyK> no idea why that's the default, since imho dash sucks badly
<fosfori> yeah, I looked at the wrong line
<RoyK> bingo
<fosfori> So how does this one help me getting that path to show up?
<RoyK> yes
<RoyK> as that user, just try to run bash
<RoyK> and you'll see the difference
<RoyK> seems it's a useradd default set in /etc/default/useradd
<[conrad]> Does anyone know of anything more elaborate than https://wiki.ubuntu.com/EasyUbuntuClustering , and possibley more specific to a newer version such as 12.04 ? I'm essentially a duplicate of the first use case. We have 4 Dell servers that were recently freed up that we'd like to use together to hopefully achieve this.
<RoyK> [conrad]: what is your target application for this?
<RoyK> I guess it's a compute cluster?
<[conrad]> RoyK: What we'd like to do is get the 4 servers ( they all have 4 cores ) working together as one, and if possible, run a single Virtual Machine off of the cluster, that would have access to all 16 cores.
<designbybeck> I have a test server setup by I university IT, they don't like me because I'm to much of an open source advocate.... at any rate!  I did get a test box to play with Ubuntu Server 12.04. I've tried installing the LMS Canvas and only got so far, because I didn't know some of the prams IT setup.
<designbybeck> But I was pretty sure I installed PHP and such...shouldn't it have started by default? I did a 'ps aux | grep php' and didn't see it there
<designbybeck> i see php and php5 in /usr/bin/
<designbybeck> ah I had to do sudo ps aux | grep php before I saw php there
<RoyK> [conrad]: you can't do that
<designbybeck> so it looks to be running.
<designbybeck> i can only access the doman locally
<designbybeck> but if I try something like domainname/phpinfo.php it doesn't list anything
<designbybeck> I do have /var/www/index.html and that does display
<RoyK> [conrad]: compute clusters are based on queueing - you can't just combine four servers to one
<RoyK> [conrad]: rather get a new dual 16-core opteron instead ;)
<[conrad]> RoyK: I wish it were that easy :-). Do you have any idea on the approach that was going to be taken in the link I provided? The first use case is pretty dead on with what trouble we have.
<RoyK> [conrad]: I know linux and clustering quite well, and AFAIK there's no possible way to run a single VM on a cluster of machines working as single machine. It might be possible with a good infiniband network and knowledge to set it up, but before you've installed that, you've already spent more money than that dual 16-core opteron machine would cost
<uvirtbot> New bug: #1073603 in apache2 (main) "disable ssl compression to mitigate the BEAST attack" [Undecided,New] https://launchpad.net/bugs/1073603
<RoyK> [conrad]: what sort of job are you planning to run that needs 16 cores?
<designbybeck> ah good news... I got my php info to show up!
<designbybeck> step .001 done
<[conrad]> RoyK: We don't necessarily have to do a single VM. We're open to any solution. Our problem is now is that we're constantly either under-utilizing our resources ( while they're sitting idle ), or running into situations where a single box is pinned, and other boxes in the office sit idle. We have several threaded applications that we've built and use that do a variety of things. I'm not sure any single application would effeciently u
<[conrad]> se all 16, but if it was one large VM ( I understand it can't be ), we could have 2-3 users shelled or RDP'd into the machine doing similar tasks, and maximizing the resources..
<RoyK> then what you need is a queueing system
<RoyK> so that jobs can be queued to the cluster and distributed to available resources
<RoyK> that's how they build large compute clusters these days
<bubu\a> why not build an internal cloud?
<RoyK> [conrad]: something like http://en.wikipedia.org/wiki/SLURM
<RoyK> bubu\a: not suitable for compute clusters
<bubu\a> trade in your 4 servers for a SAN? :)
<RoyK> bubu\a: not my servers, but still a bad idea - no chance you can run a compute cluster on a SAN alone ;)
<bubu\a> sorry have missed almost all fo this convo
<RoyK> A SAN is nice to have for other uses...
<bubu\a> what are you trying to accomplish?
<bubu\a> and why
<RoyK> for a compute cluster, you can easily use local storage on each node
<[conrad]> bubu\a: See the first use case on https://wiki.ubuntu.com/EasyUbuntuClustering.
<RoyK> bubu\a: read above - I'm merely answering [conrad], who wants to setup a compute cluster
<RoyK> [conrad]: setting up SLURM isn't very hard, and it's well-proven - see the wikipedia article above
<[conrad]> RoyK: This seems like it might be able to cover us. I seem some interesting features which might benefit us ( IE Idle nodes can be powered down , Different operating systems can be booted for each job ).
<RoyK> SLURM is a linux thing
<[conrad]> The upcoming feature "Integration with Apache Hadoop + Open MPI based job launch" could also be very benificial to us.
<RoyK> but you can possibly hack up something integrating with virsh
<[conrad]> Ahh, yes all the OS's listed are *nix variants.
<RoyK> so what you do is create an executable with some data and post that to the queue, then it'll run when resources are available
<bubu\a> hmm
<bubu\a> tis a good question!
<RoyK> I've never set it up myself, I quit my last job when we were in the process of moving to that
<[conrad]> The only issue I see is that this would be have to be a console based executable right?
<RoyK> yes
<RoyK> supercomputers don't run a GUI ;)
<RoyK> or, i guess some do, but that's another ballpark
<[conrad]> Right, I understand. But this would only solve half of our problem. Some of our utilities are GUI based, and others ( both console and GUI ) are Windows based.
<RoyK> then I guess you'll need two solutions, one for windows and one for linux
<bubu\a> RoyK, could you not setup a big VM box on a SAN? people can thern TS into it to run whatever needed...
<RoyK> I don't know any queueing solutions for windows, but IIRC Microsoft has something
<RoyK> bubu\a: no, a SAN is only storage
<bubu\a> well i know that but with the user of the servers too
<RoyK> well, of course, you can run a hypervisor on a machine connected to the SAN
<RoyK> but SAN is only storage
<bubu\a> yes
<bubu\a> but that could be the storage for the big VM
<bubu\a> and the rest can run of the cores/ram from the servers
<RoyK> so in this perspective, the SAN is irrelevant
<RoyK> think of a SAN as an external harddrive
<RoyK> just bigger and more fancy
<bubu\a> yes i know
<bubu\a> get proper servers conrad?
<bubu\a> a G6 or something?
<bubu\a> fill it full of cores/ram - hook it up to a san for the storage
 * RoyK thinks G6 is only a model series from HP and rather irrelevant to computing power
<bubu\a> create a big VM?
<RoyK> bubu\a: really, there's no point of running a big VM on a single node unless you have a cluster of nodes (for failover)
<bubu\a> hmm yeah fair point
<RoyK> [conrad]: but... if you just need up-to-4-core-VMs
<RoyK> take a look at https://alteeve.ca/w/2-Node_Red_Hat_KVM_Cluster_Tutorial
<RoyK> it's a rather thorogh description on setting up KVM in a cluster
<RoyK> the howto uses DRBD for shared storage, but I don't think that'll be very good for four nodes
<RoyK> better use shared storage somewhere, NFS works, but is a bit slow, glusterfs should work, if you have a SAN, then OCFS2 or GFS2 should do the job
<RoyK> [conrad]: it takes a while to understand how the cluster works, so don't think a simple apt-get install will do
<[conrad]> I'm sure of that. I've spent countless hours over time getting familiar with LDAP, and the other services we have implemented in out network currently.
<RoyK> [conrad]: I've setup a two-node cluster like that (with GFS2) on CentOS - tried with Ubuntu first, but there wasn't much knowledge about it in the ubuntu world, at least not what I could find. Also, the amount of users on such systems seem to be far higher in the redhat world
<RoyK> [conrad]: btw, https://wiki.ubuntu.com/EasyUbuntuClustering seems to be rather outdated, based on Hardy 8.04
<[conrad]> RoyK: I saw that. That's why I mentioned in my original message about something more related to the current 12.04
<RoyK> [conrad]: I guess that KVM cluster I liked to above would be the best start. You can implement that with ubuntu - most of the same tools exist
<RoyK> exept sanlock, which is a bit stupid, since without it, and with shared storage (like GFS2 or NFS), there's no way of stopping two nodes to start the same VM, and doing so will definetely result in disk corruption (beleive me, I've tried...)
<niel> Can anyone help me, yum isn't working anymore after installing EPEL.. whatever I do I get this error: http://pastebin.com/qzBeLNXL
<RoyK> [conrad]: if you need a mixed environment, I'd say setting up a KVM cluster will be a good start. Then you can possibly setup a few Linux VMs to do the batchable work and then a windows VM or two to do the rest
<RoyK> niel: erm - yum/EPEL is a redhat thing, and this is an Ubuntu channel ;)
<niel> oh yeah lol
<RoyK> [conrad]: you might want to read http://www.microsoft.com/hpc/en/us/product/high-performance-computing-faqs.aspx
<RoyK> [conrad]: you can of course setup hyper-v to do the virtualization, but my experience in running Linux VMs on Hyper-V is not good - they tend to be offlined from the network if network traffic is high. I've seen that with ubuntu lucid - never made a test with precise, we moved the linux VMs to KVM before Precise landed
<uvirtbot> New bug: #1073639 in rabbitmq-server (main) "Option to not boot on install" [Undecided,New] https://launchpad.net/bugs/1073639
<moskydos> Hi Folks, I would appreciate any help with my problem since I spent so much time to solve it . I got a snapshot include files to be deployed , now I did the following steps to achieve that :
<moskydos> Creating small ec2 Ubuntu Server 11.10 ( 64 bit)
<moskydos> Create new volume with snapshot needed ( I assigned 6 GB for it)
<moskydos> Attached the volume to my ec2 instance
<moskydos> Created a new directory to hold the data ( /site )
<moskydos> Edit /etc/fstab and add this : /dev/xvdf        /site    auto    defaults,nobootwait,noatime     0   0 and reboot my instance
<moskydos> but when I try to mount using sudo mount /dev/xvdf /site , i'm getting that i need to specify the format of the file
<moskydos> if it was a ext file system, the linux ordinary one, it would have auto-detect it
<holstein> the format of the partition*
<moskydos> anyone can help with this issue please ?
<holstein> !mount
<ubottu> mount is used to attach devices to directories. See also https://help.ubuntu.com/community/Mount
<holstein> moskydos: i would test that i can mount the directory before adding it to fstab
<moskydos> u r right holstein , but i'm doing that and it is not working so far , let me try to show you some results here
<holstein> moskydos: i would take fstab out of the equation
<holstein> moskydos: if you cant mount it, fstab cant
<moskydos> u r right , let's forget about fstab at this stage , my main problem is that i can't mount the snapshot
<holstein> moskydos: take some time and troubleshoot just mounting the partition, then when you can do that, you'll learn how to add it to fstabl
<holstein> moskydos: how is it formatted?
<moskydos> https://gist.github.com/8b7543922893f0771a8b
<holstein> Disk /dev/xvda1 doesn't contain a valid partition table - that is pretty relevant
<moskydos> i'm just trying to figure out the format so I can do something like sudo mount -t vfat  /dev/xvdf /site or whatever is the format
<holstein> where are you getting this partition?
<holstein> if its broken, its broken...
<holstein> HPFS/NTFS/exFAT
<moskydos> mm I didn't setup /dev/xvda1 , it is there already when I initiate new ubuntu instance
<moskydos> the volume that I want to attach is at xvdf
<holstein> moskydos: i would ask whoever made it if they can mount it, or to test it, or to se if it is functioning properly
<holstein> moskydos: i hear you, but if its bad, its bad..
<holstein> http://www.linuxquestions.org/questions/linux-laptop-and-netbook-25/problems-mounting-disk-in-ubuntu-11-10-ntfs-signature-missing-917973/ might be relevant
<moskydos> mmm u recommend me to use another ec2 type somehow ?
<holstein> moskydos: im just suggesting that you dont know anything about that partition.. you didnt create it. it could be the issue and you could waste lots of time trying to mount it and its broken
<holstein> im not saying that is the case, just that its an option
<eagles0513875__> hey guys im not finding a good how to for ubuntu 12.04 on how to setup virtual users and domains for use with dovecot + postfix any good how to's for this?
<moskydos> holstein sorry for the headache here , I just wanna go through this step by step, I just created a new ec2 instance , I didn't do anything with it , I didn't even attach the snapshot , can u see the conf so far here https://gist.github.com/735b4adb8425df3fa920
<moskydos> I just wanna make sure that at this stage nothing broken u know
<moskydos> before I go further
<vezq> eagles: http://www.exratione.com/2012/05/a-mailserver-on-ubuntu-1204-postfix-dovecot-mysql/
<eagles0513875__> humm
<gatsby7> hi there
<gatsby7> is there any postifix or mail server guru ?
<alvarezp> Hi, guys! I just installed Ubuntu 12.04 LTS with Apache2 but I must be doing something wrong. The "it works" page takes about 15 sec to respond, then it responds quickly but after a while it does the same thing again. I suspect DNS problems. I enabled "options debug" in resolv.conf and apache and *.debug in syslog to /var/log/debug but I have absolutely no output.
<gatsby7> suppose is not a local installation, right?
<gatsby7> does error log say something?
<alvarezp> I also did strace -r -p $APACHE_PID for all apache processes (I managed to reduce the clients to only 3) and the problematic function seems to be accept().
<alvarezp> gatsby7, what do you mean by local? It's a physical box that I installed myself and I have full control over.
<alvarezp> gatsby7, error logs are empty.
<alvarezp> gatsby7, I may be able to help with postfix.
<alvarezp> While the web browser is waiting for the response, strace keeps on the accept() function. I think it has something to do with the resolver library.
<alvarezp> I also fully upgraded it, made sure nsswitch.conf has "hosts: files dns" and disabled ipv6, just to put it out of the way.
<alvarezp> Any ideas on this weird behavior, or pointers on how can I debug this? :-S
<gatsby7> alvarezp,  do you made any changes 2 apache2.conf?
<gatsby7> btw i will explain my postfix problems
<gatsby7> when mail comes from mobile devices, or from mailing lists, the sender address is shown ad sendername+SOME_WEIRD_CODE@domain.tld
<alvarezp> gatsby7, I installed cacti and nagios which adds their respective files to conf.d (but I don't find any problems there). Then I changed StartServers and Min/MaxSpareThreads to reduce the number of processes to be able to use strace easily and changed the logging level to "Debug" on apache2/apache.conf and sites-available/default.
<gatsby7> alvarezp, do you reach nagios proberly?
<alvarezp> gatsby7, Yes: Nagios, Cacti and the "it works" page, but all of them with the same problem: 15-sec delay on the first try and immediately after recurring tries. After a while, the pattern repeats.
<alvarezp> gatsby7, sendername+SOME_WEIRD_CODE@domain.tld is a valid mail format and it's the same receipient as sendername@domain.tld. Are you sure it is an error?
<gatsby7> alvarezp, unfortuntely 20 days ago we didn't have this problem
<alvarezp> gatsby7, never seen that behavior
<alvarezp> gatsby7, I have mail servers of my own.
<alvarezp> gatsby7, if you have configuration backups, have you tried diff-ing?
<gatsby7> think i have 2 tell more details
<gatsby7> :
<gatsby7> 20 days ago we had one domain, the we decided
<gatsby7> to have one more domain, using the same mail infrastructure
<gatsby7> so we used virtual domain in postfix and forced with a script
<gatsby7> that all user in the old domain will send mail with the new domain.
<gatsby7> everything is working fine except for mailing list services and mobile devices
<gatsby7> the strange fact is we force our user sender address, but this behaviour occurs when others mail us...
<alvarezp> gatsby7, ohh, that's a perfect use case for configuration diffing
<alvarezp> gatsby7, it'd be useful to know what directives changed, and see which ones are potential candidates for that behavior.
<alvarezp> gabrtv, have you enabled debugging logs and checked?
<Troy^> has anyone upgraded there server from 12.04 to 12.10
<alvarezp> Also, HostnameLookups Off
<ehab33> Hi everyone,  how can I bundle instance into new AMI and share the AMI with some accounts IDs ? any up-to-dated article demonstrate this ?
<alvarezp> Ohh god!!!!!! I found that the slow responses are not my server's fault: it's my web cache fault. :( Sorry all for the noise.
<allanm> Hi
<allanm> I'm looking for a way to upgrade apache to 2.22.2 on ubuntu server 10.04
<patdk-wk> allanm, reason?
<patdk-wk> cause you will break all security patchs doing that
<allanm> well I'm actually trying to get a bunch of vulnerabilities patched
<allanm> CVE-2011-3192 CVE-2010-2068 CVE-2010-1623 CVE-2010-1452
<allanm> CVE-2012-0031 CVE-2011-3607 CVE-2012-0053 CVE-2011-3348 CVE-2011-1928 CVE-2011-0419
<allanm> CVE-2010-0434 CVE-2011-4415
<uvirtbot> allanm: The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192)
<uvirtbot> allanm: mod_proxy_http.c in mod_proxy_http in the Apache HTTP Server 2.2.9 through 2.2.15, 2.3.4-alpha, and 2.3.5-alpha on Windows, NetWare, and OS/2, in certain configurations involving proxy worker pools, does not properly detect timeouts, which allows remote attackers to obtain a potentially sensitive response intended for a different client in opportunistic circumstances via a normal HTTP request. (http://cve.mitre.org/cgi-bin/cvename.cgi?nam
<uvirtbot> allanm: Memory leak in the apr_brigade_split_line function in buckets/apr_brigade.c in the Apache Portable Runtime Utility library (aka APR-util) before 1.3.10, as used in the mod_reqtimeout module in the Apache HTTP Server and other software, allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors related to the destruction of an APR bucket. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1623)
<uvirtbot> allanm: The (1) mod_cache and (2) mod_dav modules in the Apache HTTP Server 2.2.x before 2.2.16 allow remote attackers to cause a denial of service (process crash) via a request that lacks a path. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1452)
<uvirtbot> allanm: scoreboard.c in the Apache HTTP Server 2.2.21 and earlier might allow local users to cause a denial of service (daemon crash during shutdown) or possibly have unspecified other impact by modifying a certain type field within a scoreboard shared memory segment, leading to an invalid call to the free function. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0031)
<uvirtbot> allanm: Integer overflow in the ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif module is enabled, allows local users to gain privileges via a .htaccess file with a crafted SetEnvIf directive, in conjunction with a crafted HTTP request header, leading to a heap-based buffer overflow. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3607)
<uvirtbot> allanm: protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad Request (aka 400) error documents, which allows remote attackers to obtain the values of HTTPOnly cookies via vectors involving a (1) long or (2) malformed header in conjunction with crafted web script. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0053)
<uvirtbot> allanm: The mod_proxy_ajp module in the Apache HTTP Server before 2.2.21, when used with mod_proxy_balancer in certain configurations, allows remote attackers to cause a denial of service (temporary "error state" in the backend server) via a malformed HTTP request. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3348)
<uvirtbot> allanm: The fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library 1.4.3 and 1.4.4, and the Apache HTTP Server 2.2.18, allows remote attackers to cause a denial of service (infinite loop) via a URI that does not match unspecified types of wildcard patterns, as demonstrated by attacks against mod_autoindex in httpd when a /*/WEB-INF/ configuration pattern is used.  NOTE: this issue exists because of an incorrect fix f
<uvirtbot> allanm: Stack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and Android, allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via *? sequences in the first argument, as demonstrated
<uvirtbot> allanm: The ap_read_request function in server/protocol.c in the Apache HTTP Server 2.2.x before 2.2.15, when a multithreaded MPM is used, does not properly handle headers in subrequests in certain circumstances involving a parent request that has a body, which might allow remote attackers to obtain sensitive information via a crafted request that triggers access to memory locations associated with an earlier request. (http://cve.mitre.org/cgi-bi
<uvirtbot> allanm: The ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif module is enabled, does not restrict the size of values of environment variables, which allows local users to cause a denial of service (memory consumption or NULL pointer dereference) via a .htaccess file with a crafted SetEnvIf directive, in conjunction with a crafted HTTP request header, related to (1)
<allanm> sorry about that
<patdk-wk> heh? those are patched
<allanm> I'm currently running
<patdk-wk> I would recommend you check ubuntu cve, or maybe even the apache package
<allanm> 2.22.14
<patdk-wk> version numbers != vaulnerable
<allanm> lol the pci scan is marking me as if it was
<patdk-wk> ya, it's a pci scan
<patdk-wk> you think it actually checks if your vaunerable or not?
<patdk-wk> read up on how to do pci scans :)
<allanm> :)
<patdk-wk> run scan, it checks server version, says you have issues
<patdk-wk> you supply link that shows issue was corrected, done
<allanm> sir you are 100% right
<patdk-wk> https://launchpad.net/ubuntu/lucid/+source/apache2/+changelog
<patdk-wk> check those cve's off that list :)
<patdk-wk> attempting to pass pci scans via software versions leaves you having to manually patch or upgrade stuff yourself
<patdk-wk> I've had a lot of people email me, about apache 2.4 for ubuntu, so they could pass pci scans :)
<allanm> :)
<allanm> patdk-wk, you are amazin now I have to figure out how to deal with the company that does the PCI scan
<uvirtbot> New bug: #1073725 in elinks (universe) "links and elinks don't have js support enabled by default" [Undecided,New] https://launchpad.net/bugs/1073725
<zastern> I'm having a really weird issue
<zastern> apache becomes super slow to respond
<zastern> if i do ufw enable
<zastern> even with 80 and 443 allowed
<Aison> what's that? SourceGuardian requires Zend Engine API version 220090626.
<Aison> The Zend Engine API version 220100525 which is installed, is newer.
<Aison> this started after upgrade to 12.10
#ubuntu-server 2012-11-01
<Neal_> When I download stuff from my server, it only downloads for max 150KB/s (tried with webserver and scp). Any way I can make sure nothing is limiting the speed?
<Neal_> It's supposed to be a gigabit connection.
<Azelphur> Howdo folks, having some odd issues trying to install openjdk on my server, http://pastebin.com/kuAmARFs any ideas?
<holstein> !java
<ubottu> To just use java you need a "Java Runtime Environment" (JRE) and/or a browser plugin. If that is not sufficient you will need a "Java Development Kit" (JDK) aka "Software  Development Kit" (SDK).  Please see https://help.ubuntu.com/community/Java about how to install one of three current implementations.
<holstein> Azelphur: im trying to remember what pacakge i installed...
<Azelphur> that is the correct package
<Azelphur> I think I fixed it, update-alternatives broke and didn't update /usr/bin/java
<holstein> cool!
<p7ank5te7> Hello. I'm trying to set up shares, which I made a folder on the root at /Shared which has 777 perms and it is owned by root:root, then have 2 folders under there call Sharepoint and Video, which I want Sharepoint open as guest and have no problem with, but Video I want authenicated users to be read only and admin group to be RW, but it seems that all users can RW w/o authenication.
<p7ank5te7> http://pastebin.com/gzifTLAf that is the log. I know it shows for a DC but it's just a work group server, and the config is made by zentyal with mods to template script. What I was wondering what is the best practice for the permissions and ACLs for this kind of case.
<lifeless> smoser: what images have the cloud-init-nonet service?
<uvirtbot> New bug: #1073815 in qemu-kvm (main) "Problem with USB passthrough (SmartCard reader)" [Undecided,New] https://launchpad.net/bugs/1073815
<mikal> What's the right mailing list for server team people to be told about embargoed vulns in openstack?
<damo22> hi i would like to upgrade an EC2 server from 10.04 to 12.04, what would be the best option? should i just find a new AMI image for 12.04 or would it make sense to upgrade the packages and kernel?
<eagles0513875___> hey guys i have a question about ufw and the documentation here https://help.ubuntu.com/12.04/serverguide/firewall.html by default with ufw started is ufw set to automatically deny all incoming traffic
<eagles0513875___> by default
<iclebyte> we run our own repository  in which we have the puppet 2.7.19 deb's. however, despite having the repo correctly listed some nodes are ignoring the new repo and showing the old 2.6 version where using aptitude show puppet - any ideas how this could be?
<koolhead17> adam_g, ping
<roaksoax> jamespage: when you remove a unit, is the subordinate relation departed?
<vezq> iclebyte: your repo is not then configured right, are gpg keys used correctly?
<uvirtbot> New bug: #1053391 in maas "ipmipower fails if stdin returns EOF" [Critical,Fix released] https://launchpad.net/bugs/1053391
<iclebyte> vezq, yes the key's are fine. it works on some hosts but not all
<bubu\a> hi guys - iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8808 is working at directing anything coming into that box on port 80, redirecting to 8808
<bubu\a> however its not redirecting to 8808 if the local box itself requests the page ..... any ideas?
<TheLordOfTime> does loopback / localhost ignore NAT routing rules?
<TheLordOfTime> (generic question)
<vezq> afaik yes
<vezq> might use proxy setting for local box
<uvirtbot> New bug: #1073948 in juju (universe) "CryptographicSourceVerification wiki has syntax errors" [Undecided,New] https://launchpad.net/bugs/1073948
<TheLordOfTime> uhm...
<TheLordOfTime> isnt that a bug that's "Invalid"?
<TheLordOfTime> since the bug refers to the wiki, not the package.
<carleeno> Hi all, I am looking for a ubuntu server application that can serve web-portal based remote support, like LogMeIn. Basically I want to offer my own remote support to my customers where they only have to browse to our website for me to connect and help. I apologize that I don't know what the term is for that type of service (that's why I'm having trouble finding a solution using google :-(
<xcat> Can I downgrade to an older version of a package and then lock it at that version using the package manager
<n00bie> how can i create an usb boot stick from ubuntu-12.04.1-server-i386.iso
<iclebyte> under what circumstances would i not be able to kill dpkg ?
<iclebyte> killall -9 <pid> is not working
<melmoth> iclebyte, process is probably in D state in the output of ps.
<n00bie> any ideas how to create an usb boot stick ?
<vezq> try unetbootin software
<vezq> carleeno: http://en.wikipedia.org/wiki/Comparison_of_issue-tracking_systems
<wmp> hello, on upgrade grub-pc i have necurses and i must select disc to install grub, is possible to write this discs on commandline? I need this becouse i run script without ssh connection to server and i cant select discs in interactive mode
<smoser> lifeless, i dont thijnk i undertand the question
<hallyn> jjohansen: bug 1057024
<uvirtbot> Launchpad bug 1057024 in qemu-kvm "kvm kernel module always loaded, without setting /dev/kvm permissions" [High,Incomplete] https://launchpad.net/bugs/1057024
<jjohansen> hallyn: okay thanks
<hallyn> jjohansen: just added a comment to summarize what i've found.
<hallyn> it occurs to me that i didn't check acls
<D4v1d___> hi any idea how to change from UEFI boot to BIOS boot on ubuntu server?
<panchiniak> Hi. I have one IP, and a CNAME entry for a subdomain. How could I configure apache2 VitrutalHosts to reach the subdomain site?
<panchiniak> I've done it once, but can't find the way back.
<maruq> hi guys, just booted a server a precise server on ec2 (eu-west-1), getting errors on apt-get update
<maruq> https://gist.github.com/1b7003320f149aea5d32
<maruq> seeing it on multiple nodes. AMI: ami-3b65664f
<jonconley> What would be the best practical solution for host header based routing? We are using an ASA now, but would I be better off having all external traffic forwarded to a single server that is running (squid|mod_proxy) and forwarding requests to the necessary web server?
<lifeless> smoser: hi, uhm - I was looking at https://bugs.launchpad.net/ubuntu/+source/cloud-init/+bug/1031065
<uvirtbot> Launchpad bug 1031065 in cloud-init "cloud-init-nonet runs 'start networking' explicitly" [Medium,Fix released]
<lifeless> smoser: but I don't see a cloud-init-nonet upstart job anywhere ;)
<keithzg> Arghhh, I'm trying to create external snapshots of some running VMs (for the sake of backups) but I just keep getting "error: internal error unable to execute QEMU command 'transaction': Could not open '/path/to/image.snapshot'"
<Free99> hello everyone, I'm trying to setup a mail-delivery-stack server so that after looking up a recipient on LDAP, it writes the message to a separate file server via NFS.. any suggestions?
<Free99> anybody have experience with postfix LDAP lookups?
<henkjan> Free99: we use it
<Free99> hello henkjan, I'm having an issue getting postfix to accept mail for users on the LDAP...
<Free99> do you find it better to use alias_maps or virtual_alias_maps?
<henkjan> hmm, we only use postfix on our bsmtp servers to lookup domains
<henkjan> not users
<Free99> henkjan: ok then, thanks. the user lookup seems to be my primary issue at the moment. Postmap of the LDAP lookup works fine, but when I send mail to the user, postfix replies with "unknown user"..
<nwilson5> trying to change ulimit for "nofile" on a particular user - but every guide/explanation i see is 2+ years old and all vary somewhat. is anyone familiar with how i can give a particular user permission to have more than 1024 open files concurrently
<jacobw> i'm trying to use virt-install with --location, my vm is hung at the bios stage 'booting from ROM', is this a common issue?
<thebwt> Howdy, we're looking to try out ubuntu's cloud platform for an internal cloud. We're starting with getting maas going. Are we going to need dhcp control to make maas work, or is pxe just an option for nodes, and not required.
<jacobw> thebwt: MAAS depends on DHCP
<jacobw> thebwt: MAAS is similar to cobbler, it takes images and generates the files needed for PXE boot
<thebwt> jacobw: so then is it common to do 2 nics on the maas machine, and have all the nodes be a private network that use the maas system as a gatway? I'm trying to figure out how to do this in an existing dhcp environment.
<thebwt> also: where is teh best documentation for getting started with this? I'm mainly using https://help.ubuntu.com/community/UbuntuCloudInfrastructure , planning on doing ubuntu cloud infastructure with maas and juju. Am I missing a good resource?
<thebwt> we're trying to build a test environment to see what resources we need, then we're going to be buying more specialized hardware.
<jacobw> https://wiki.ubuntu.com/ServerTeam/MAAS/ExistingDHCP
<thebwt> thanks!
<Thirtysixway> Anyone setup a successful ubuntu "cloud"? Looking to create one with my student group but I'm getting very lost with the different software that's out there
<keithzg> Still can't make a --disk-only snapshot of VM with virsh, has anyone else been successful on 12.10?
<thebwt> so wait... https://wiki.ubuntu.com/ServerTeam/MAAS/AddNodes lists 3 ways to add nodes, the third doesn't seem to use pxe, can't I do that?
<thebwt> we did that and the machine turned off, but we didn't see anything added to teh maas node list.
<autojack> can anyone help me out with an issue I'm having with cloud-config in an ec2 instance? I'm trying to pass in an additional apt source and specifying a filename for it, but the file is never created. I can't figure out why.
<autojack> and I think this used to work.
<autojack> I am also passing in hostname in the userdata, and that is working.
<autojack> aha, I see the problem I think.
<autojack> yep. I was using the wrong key.
<autojack> should have looked for the cloud-init log :)
<lifeless> is there any way to add parameters to upstart jobs without editing the conf file? specifically, I want to add --listen to the libvirtd options, so I can run it on the network...
<guntbert> lifeless: look into /etc/default/...
<lifeless> guntbert: ah, thanks.
<lifeless> so its a case bu case thing ><
<guntbert> lifeless: I am not sure
<SirScott> trying to install ubuntu server w/raid + lvm.  It's failing to install the bootloader on /dev/sda.  Any suggestions?  I do not have a dedicated /boot drive, as grub2 should support booting from raid+lvm...
#ubuntu-server 2012-11-02
<Nolar> x/quit
<Titomen> i need some adivse on instaling ubuntu 12.04 on raid 1 boot and rest on raid5 +lvm
<BaldFat|2> just setup a server what is the best way to install a hp laserjet 1006p?
<BaldFat|2> is it lpadmin?
<syntroPi> i am trying to install ubuntu server from an usb stick onto an internal uSDHC card which should be accessible via sdhci_pci module. Undortunately this module is missing from the installer iso :-/  Any ideas how i could get it into the installer kernel to access my installation target?
<BaldFat|2> I am without X how can I use hplip without x on the server. Is there anyway to just forward ssh -X ip?
<syntroPi> is mmc core and sdhci even supported on the server kernels? where can i check which modules are available?
<BaldFat|2> answer is sudo apt-get install hplip    then    sudo hp-setup -i
<syntroPi> ok i have got the kernel modules loaded and a shiny new /dev/mmcblk0 for my usdhc card. Now how can I get the dumb installer to use that? All it would display me is iSCSI and nothing else???
<syntroPi> Any ideas how i should invoke the partitioner part of the installer to use  /dev/mmcblk0?
<kodapa> Hello
<kodapa> Just got this error on ubuntu 12.04.1 KVM host with OpenStack Essex: INFO: task kvm:2771 blocked for more than 120 seconds.
<kodapa> The VM got shutoff
<kodapa> http://paste.ubuntu.com/1325976/
<haojie_1990> ubuntu æä¹éç½®æè½ä½¿æ¸©åº¦éä¸æ¥ï¼æ§è½ä¹ä¸éä½
<Titomen> i need some help installing ubuntu 12.04 on raid..some help --guidence
<uvirtbot> New bug: #1074330 in nagios3 (main) "the nagios user home directory name is incorrect" [Undecided,New] https://launchpad.net/bugs/1074330
<AdvoWork> is there a way I can test what happens with updates before actually doing them at all?
<qman__> AdvoWork, clone your system and install them there
<qman__> unfortunately there's no easy way to roll back an update, either
<qman__> have to manually remove the packages and install the old versions
<uvirtbot> New bug: #1074357 in elinks (universe) "Merge elinks (0.12~pre5-9) (universe) from Debian Unstable (main)" [Undecided,New] https://launchpad.net/bugs/1074357
<uvirtbot> New bug: #1074359 in nova (main) "[SRU] Meta bug for tracking Nova stable update" [Undecided,New] https://launchpad.net/bugs/1074359
<Sander^work> Is doing an apt-get upgrade always painless when it comes to if any package can break?
<lenios> packages are not supposed to break
<lenios> if they do, they can break also with a simple upgrade
<lenios> dist-upgrade should be used for packages that need to add or remove packages, upgrade otherwise
<acidflash> hello all
<acidflash> how can I make a program execute with root privelages, where it doesnt need to type sudo to do everything (in ubuntu 12.04)
<patdk-wk> acidflash, sticky user flag
<patdk-wk> but that is normally not something you want to do
<acidflash> patdk-wk: sticky user flag? how and where do I put that? I really dont ahve a choice, its a flaw in the system design, but its closed source software so no way to fix, its a radius software
<patdk-wk> well, sticky user flag means ANY flaw in the program, can be used to root your server
<patdk-wk> man chmod
<acidflash> can i describe a little more whats happening, maybe i am misunderstanding my problem?
<acidflash> i am using a softwre called freeradius, this software, what its doing is calling another software called rmauth and rmpoller, etc
<acidflash> when it tries to call that software, the following message is returned
<acidflash> Exec-Program output: Exec-Program: FAILED to execute /usr/local/bin/rmauth: No such file or directory
<acidflash> Exec-Program-Wait: plaintext: Exec-Program: FAILED to execute /usr/local/bin/rmauth: No such file or directory
<acidflash> Exec-Program: returned: 1
<acidflash> but the thing is, it does exist, permission are 755,
<acidflash> if you can that program from the shell, it gives hte same thing
<acidflash> BUT, if you call it using "sudo /usr/local/bin/rmauth"
<acidflash> works fine
<patdk-wk> that is defently not a permission issue
<patdk-wk> I'll bet rmauth is a script, not a program
<acidflash> its compiled
<patdk-wk> oh?
<acidflash> executable
<acidflash> yes
<patdk-wk> no shell/perl/...
<acidflash> no, its binary
<patdk-wk> freeradius isn't chroot is it?
<patdk-wk> or, the other option, apparmor issue
<acidflash> freeradius is in /usr/local/sbin
<patdk-wk> that has nothing to do with anything
<acidflash> what i figure, is that its not working right, because its being called /usr/local/bin/rmauth, INSTEAD of "sudo /usr/local/bin/rmauth"
<patdk-wk> "No such file or directory" != "Permission Denied"
<patdk-wk> you can *figure* all you want
<acidflash> patdk-wk: when i call it from bash, it gives me the same thing if i call it without root
<acidflash> without sudo*
<qman__> actually, that does happen under a certain condition
<qman__> if your file which you assume to be executable is not, and you call it from the shell, it will say no such file or directory
<acidflash> qman__: and if you call it "sudo /my/file/name"
<acidflash> and it executes it?
<qman__> no
<acidflash> its executing it!!
<acidflash> this is ubuntu 12.04, logged in as root
<patdk-wk> still something going on, probably apparmor
<acidflash> patdk-wk: could be, what should i do to test apparmor?
<qman__> I wouldn't think so, apparmor usually logs very distinct messages
<patdk-wk> qman, thought that logging wasn't enabled by default though
<qman__> I mean, I wouldn't doubt it causing a problem like that, but you'd normally be able to tell
<patdk-wk> use dmesg to start
<acidflash> dmesg doesnt show anythign out of the ordinary
<acidflash> ubuntu 12.04 no longer allows you to run things as root, you can login as root, yes, but you need to pass sudo to every single command that requires root, this software is not doing that, am I going in the wrong direction with my thinking here?
<acidflash> is the problem not in the fact that its not being called like "sudo /usr/local/bin/rmauth" ?
<qman__> that's not correct at all
<qman__> there is a problem with the way your shell is calling the program, as opposed to the way sudo is calling it
<qman__> apparmor could cause that kind of issue, but it's not easy to troubleshoot
<FunnyLookinHat> The 12.10 ruby1.9.3 package installs a bunch of ruby1.9.1 stuff - but those are all really 1.9.3 right?  I recall that the name never changed for some reason with packaging
<acidflash> qman__: can i temporarily disable apparmor in order to test it?
<thebwt> so maas keeps wanting me to run "maas-import-isos script", but the command runs just fine.
<patdk-wk> service apparmor stop
<blizzow> I have a couple 12.04 servers running.  I installed gcp and am unable to use it.  I get some DBUSexception errors.  I wanted to see if anyone else was having the problem or might know a solution before I file a bug report.
<blizzow> http://pastebin.com/Vd564Ctk
<BaldFat> Sorry to say but I am trying to make my IP static and the offical guide says to edit the /etc/network/interfaces and well there isn't do I create the file?
<BaldFat> Ubuntu 12.10
<BaldFat> ^ idiot I exited out my ssh :P ^
<uvirtbot> BaldFat: Error: "idiot" is not a valid command.
<BaldFat> ^ "idiot" I exited out my ssh :P ^
<uvirtbot> BaldFat: Error: "idiot" is not a valid command.
<BaldFat> "^" I exited out my ssh :P ^
<RoyK> BaldFat: there should be a file there
<RoyK> BaldFat: but if this is setup as a desktop installation, networkmanager should manage networking
<BaldFat> No I was an idiot and I am remoting into the server. I exited out of my ssh and was looking at my local laptop in arch :(
<RoyK> :)
<BaldFat> really banging my head with lpadmin and installing the ppd for my hp p1006
<RoyK> can't you do that with the cups web gui?
 * RoyK doesn't quite remember...
<BaldFat> Not if I am headless and don't have x installed. I wonder if I could use lynks or wm3
<RoyK> BaldFat: you might have a PC from which you can access that web ui
<RoyK> BaldFat: you'll need to configure it to accept connections from other than localhost, but that's about it
<RoyK> BaldFat: or - install firefox and run it with remote X
 * RoyK has firefox installed on a few servers without X just to do stuff like that
<BaldFat> That's what I should do. Never tried that one of x forwarding firefox from a headless
<RoyK> BaldFat: are you on a linux client?
<RoyK> if so, ssh -y servername will forward everything automatically through ssh
<RoyK> or just set "ForwardX11 yes" and "ForwardX11Trusted yes" in $HOME/.ssh/config
<BaldFat> well I just do the ssh -X ip
<RoyK> I meant -Y
<BaldFat> yes I am remoting in from my arch netbook
<RoyK> trusted
<BaldFat> firefox has 33 packages to install :(
<RoyK> but -X will work too, only it'll time out the X connectivity quicker
<RoyK> BaldFat: you need a truckload of libs for ff to work
<RoyK> but they won't eat cpu, just a piece of disk space
<BaldFat> would lynks or w3m work?
<RoyK> !w3m
<RoyK> what's w3m?
<BaldFat> texted based browser
<RoyK> links2 works well with framebuffer, if that's what you mean
<RoyK> well, the cups stuff is pretty simple
<RoyK> I guess even lynx should do
<RoyK> anyway - a few megs to ff and its libs won't hurt ;)
<RoyK> unless you have a very small root partition, that is
<BaldFat> I just want to try and keep this server as small as possible. I have a friend going to try and hack into my system. I swear he will get in in 1 minute right now
<BaldFat> since he does pen testing as a living
<qman__> w3m is a lot better than lynx/links2
<qman__> it doesn't choke as hard on most sites
<BaldFat> w3m working like a charm
<RoyK> qman__: ok
<RoyK> BaldFat: if he does, please tell how ;)
<BaldFat> I find text browsers a supper handy tool for quicka nd dirty hacking
<RoyK> BaldFat: using 12.10 on a server?
<BaldFat> yes
<RoyK> BaldFat: I'd recommend using LTS for servers, that's what I do - less hassle
<BaldFat> Oh I have to be sneaky with him. I have changed every port to non-standard different size passwords and smoothwall
<RoyK> no reason really to change ports
<RoyK> just make sure you use key authentication with ssh, or perhaps denyhosts if you want to use password auth
<RoyK> and make sure nothing that runs as root listens to a public ip
<BaldFat> last time he got into my debian server and fedora server on differnt explots. This time I have a seperate firewall and a different router
<RoyK> that alone should take you far
<RoyK> BaldFat: I guess last time I had a server exploited was in 2001 or so...
<BaldFat> yeah just trying to learn some security stuff. I stopped being a bad hacker in the 80s :) Geez I am old
<RoyK> :)
 * RoyK is almost 40, not a youngster anymore myself either...
<BaldFat> back then you could get into half the servers by typing ? or just ?help
<RoyK> things have gotten a wee bit more secure these days ;)
<RoyK> but there are still holes, always...
<patdk-wk> heh, I had my ubuntu server hacked last year, from a known exploit that was a few months old :(
<patdk-wk> the patch didn't make it into the xen/ec2 kernel, only the others
<BaldFat> if someone wants to get into your server you can never guarentee that they won't but you can make it not worth their effort
<patdk-wk> sure, but this made it extreemly easy
<patdk-wk> the effort required, and the person doing it, was a off the lot, scriptkiddie
<patdk-wk> the script used, was the one posted in the CVE report, exactly
<qman__> that is unfortunate
<qman__> reminds me of the fun SMB2 exploit a few years back
<qman__> blue screen any windows system with file sharing turned on, only way to prevent it for weeks was to disable file sharing
<patdk-wk> after I was exploited, it was easy to locate the missing cve, and get that corrected
<patdk-wk> I have completely moved off ec2, so I'm not actively watching to see if new stuff is missing
<RoyK> patdk-wk: which bug was this?
<thebwt> mass question: trying to start a node for the first time, it isn't able to connect to the ubuntu mirror for some reason. network is configured right, we can ping sites in other terms, it seems like the maas installer itself is borking up.
<RoyK> MAAS?
<thebwt> RoyK: Metal as a service, found my problem on https://wiki.ubuntu.com/ServerTeam/MAAS/Troubleshooting
<BaldFat> wait am I "wanting" to use samba to share my printer?
<uvirtbot> New bug: #1074443 in ipmitool (universe) "Please upgrade ipmitool to 1.8.12 for 13.04" [Undecided,New] https://launchpad.net/bugs/1074443
<RoyK> thebwt: I know - he was saying mass...
<arlo_> hello are there a nice people some can help me to open port 80 on my router, we can use teamwiewer to remote.
<RoyK> BaldFat: pretty easy - there are commented-out config parts in smb.conf to show you how
<thebwt> RoyK: oops
<BaldFat> RoyK: Yes I know how. It is the question of am I buildign a less secure server using samba as oppose to ipp?
<BaldFat> arlo_: can you surf the internet? That's port 80
<BaldFat> or 8080
<patdk-wk> royk, found it
<patdk-wk> http://www.ubuntu.com/usn/usn-1186-1/
<patdk-wk> If I remember right
<patdk-wk> CVE-2010-4073
<uvirtbot> patdk-wk: The ipc subsystem in the Linux kernel before 2.6.37-rc1 does not initialize certain structures, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to the (1) compat_sys_semctl, (2) compat_sys_msgctl, and (3) compat_sys_shmctl functions in ipc/compat.c; and the (4) compat_sys_mq_open and (5) compat_sys_mq_getsetattr functions in ipc/compat_mq.c. (http://cve.mitre.org/cgi-bin/
<patdk-wk> that didn't apply to the xen/ec2 source tree cleanly, and never ended up getting fixed, till december
<patdk-wk> I got rooted over thanksgiving
<patdk-wk> I do remember it was 64bit specific issue though
<patdk-wk> oh, close, but not that one
<patdk-wk> bug 640390
<uvirtbot> Launchpad bug 640390 in linux "Security bug related to CVE-2010-3301" [High,Fix released] https://launchpad.net/bugs/640390
<uvirtbot> New bug: #1074460 in qemu-kvm (main) "kvm: windows xp installation hangs after "Setup is inspecting your computer's hardware configuration"" [Undecided,New] https://launchpad.net/bugs/1074460
 * RoyK mutters something about using 10YO proprietary operating systems
<protoCall7> Hi All, I've been fighting with a preseed configuration for 12.04 server for weeks now, and can't seem to make any progress.  Does anyone know how to pressed out the question "Write the changes to the storage devices and configure RAID?"
<protoCall7> I want to auto answer "Yes" on that one
<dj_corncob> I want to play around with writing client-server sockets.  What should I use in ubuntu to simulate a server on my machine?
<erichammond> dj_corncob: Elaborate on "simulate a server"
<dj_corncob> yeah sorry i don't have the vocabulary for this sort of thing
<guntbert> !crosspost | dj_corncob
<ubottu> dj_corncob: Please don't ask the same question in multiple Ubuntu channels at the same time. Many helpers are in more than one channel and it's not fair to them or the other people seeking support.
<FunnyLookinHat> dj_corncob, FWIW - If you want to write really simple stupid client / server "socket" communication, you can use Socket.IO with Node.JS - however, a more thorough understanding of sockets ( or even programming for that matter ) might be a better place to start.
<FunnyLookinHat> If you're looking to write true client/server socket communication from the ground up ( more or less ) - check out Boost::ASIO
<FunnyLookinHat> But that will require you to have a fairly strong understanding of C++.
<subman> I've never setup a raid system before.  Is it possible to set one up on an already running system?  For example, Ubuntu is already installed on sda and I just installed a blank drive in sdb.
<Troy^> subman: no it is not.
<Troy^> subman: in a raid setup all drives are formatted.
<subman> Thanks Troy^
<Troy^> subman: i have a small home linux server that i have 2 x 80gb ide drives as raid 1. I didn't do it for the purpose to have Raid 1 but just to expierment really.
<erichammond1> Couldn't you do it with LVM by setting up one disk with LVM, copying data there, then converting the other disk to LVM and adding it?
<subman> Troy^, that is what I'm doing here.  Experimentation only.  This server has two ide slots and a built in raid but it is not Linux friendly.
<Troy^> subman: my raid is mdadm (software raid)
<erichammond1> Oh, not real hardware RAID, no.
<subman> Yes, that is what I thought I'd try on the two ide slots.
<subman> Does the Ubuntu installation do a software raid installation?
<Troy^> subman: yes it has the option
<Troy^> https://help.ubuntu.com/12.04/serverguide/advanced-installation.html#software-raid
<subman> Troy^, I guess that is my only option then, reinstall.  Nothing on this server yet anyways!
<Troy^> pretty much yea, just follow the step by step guide in that link.
<subman> Excellent, thanks!
#ubuntu-server 2012-11-03
<uvirtbot> New bug: #1074540 in postfix (main) "package postfix 2.9.3-2~12.04.3 failed to install/upgrade: subprocess installed post-installation script returned error exit status 75" [Undecided,New] https://launchpad.net/bugs/1074540
<trimeta> I just noticed that one of my server's hard drives threw some SMART errors a week or two ago. I'm running RAID Z2, so a failed drive isn't immediate cause for concern, and more confusingly my weekly SMART self-test on the drive in question shows no errors.
<trimeta> I'm wondering if the specific error type might explain the discrepancy, and whether I need to replace the drive ASAP or if I should just keep a closer eye on the situation.
<uvirtbot> New bug: #1074551 in ipsec-tools (main) "package racoon 1:0.8.0-9ubuntu2 failed to install/upgrade: subprocess installed pre-removal script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/1074551
<carleeno> Hi :-) I'm running 12.04 server and want to automatically issue some terminal commands at startup (just before login). How do I create a script that autostarts? This is what I want to do at startup: http://www.richud.com/wiki/Ubuntu_Fluxbox_GUI_with_x11vnc_and_Xvfb       (the lines under "Doing it Separately") Thanks!
<qman__> carleeno, simple enough, but make absolutely certain you do not run this exposed to the internet
<qman__> it's not safe
<carleeno> what if i get rid of nopw and instead usepw?
<qman__> VNC is not secure
<qman__> only access it using a secure VPN or SSH tunnel
<qman__> or a trusted local network
<carleeno> that's what i was about to ask...ssh
<qman__> just make sure you don't expose the raw VNC to the net
<qman__> that said
<qman__> you can create an init script, or just make a script and add it to /etc/rc.local
<qman__> make sure your script appropriately de-escalates itself to an unprivileged user
<qman__> since both cases run as root if you don't, which is also very unwise
<patdk-lap> this is why people made nx
<carleeno> ok, sounds great, I've never written scripts before, I guess I can enter commands into a plain file to create a script? or is it more complex than that? and how to I de-escalate the script from root?
<carleeno> patdk, can i use free nx to get to a xvfb?
<carleeno> freenx* sorry
<qman__> carleeno, more or less, make sure you have a #!/bin/sh line at the top, and then to de-escalate, use su
<qman__> so for example, to put it in /etc/rc.local
<qman__> su -c username /path/to/your/script.sh
<qman__> actually
<qman__> su -c username /path/to/your/script.sh &
<qman__> because your script won't be smart enough to fork itself
<qman__> /etc/rc.local must exit 0 before the rest of the system loads
<qman__> that user should not be able to log in normally
<carleeno> so even with the fork, that user wont be able to log in? or are you saying I should setup a user account that nobody uses for this script?
<qman__> you should set up a user account that cannot be logged into interactively, as in, no password, no shell
<carleeno> cool, which adduser options would i use to do that, --nologin? any others?
<carleeno> qman__: thanks for the info, it has helped me allot. have a great weekend!
<chun> .............
<leo1> - -
<xxx> ......
<chun> å¤§å®¶å¥½
<xxx> hi
<feng> = =
<chun> ï¼ï¼ï¼¼
<feng> ^^
<uvirtbot> feng: Error: "^" is not a valid command.
<chun> èèå¤©å§ï¼ï¼ï¼ï¼
<feng> å»ºäº¨å¦¹
<chun> éï¼ï¼
<qwert> !!
<chun> ï¼ï¼
<qwert> æ©å®åä½
<chun> åå®äº
<orange2> ^^
<uvirtbot> orange2: Error: "^" is not a valid command.
<chun> ï¼ï¼
<chun> yo~
<FroMaster> Any pointers on installing Wordpress on 12.10? Looks like things changed from 12.04 and not all the docs/scripts got updated
<OMG_UbuntuServer> Hello
<OMG_UbuntuServer> I install Ubuntu Server 12.04 and apm (mysql, php, apache..etc)
<OMG_UbuntuServer> I can connect my pc to my server (homepage)
<OMG_UbuntuServer> but server can't connect internet, it can't apt-get update, ,ping wget..etc (all of internet connection)
<OMG_UbuntuServer> How can I solve this problem :( ?
<Skaag> why would fdisk on an sd card would tell me I won't be able to write the partition?
<vezq> OMG: verify your network settings, maybe default route missing
<uvirtbot> New bug: #1074659 in openssh (main) "ssh hangs if pm-hibernate ran on server" [Undecided,New] https://launchpad.net/bugs/1074659
<danawar2> Hey unbuntu server we have just changed ISP and have lost our static ip and our new isp cannot give us a static ip whats the best way to work around this to get maximum up time. at the moment i am using free dns and i keep chaning the ips!
<subman> I'm trying to setup an IRC server using the instructions found here http://www.the-tech-tutorial.com/?p=709 but I don't seem to be able to connect to the server.  I've gotten as far as installing the program and making sure that it is started.  On a client machine it resolves the address but says connection error
<uvirtbot> New bug: #1074708 in clamav (main) "package clamav-freshclam 0.97.6+dfsg-1ubuntu0.12.04.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 128" [Undecided,New] https://launchpad.net/bugs/1074708
<uvirtbot> New bug: #1033727 in qemu-kvm "USB passthrough doesn't work anymore with qemu-kvm 1.1.1" [Unknown,Confirmed] https://launchpad.net/bugs/1033727
<uvirtbot> New bug: #1074713 in vsftpd (main) "package vsftpd 2.3.5-1ubuntu2 failed to install/upgrade: le sous-processus script post-removal installÃ© a retournÃ© une erreur de sortie d'Ã©tat 1" [Undecided,New] https://launchpad.net/bugs/1074713
<mtelesha> I keep getting "Filter Failed" when printing my newly installed HP printer with Cups
<mtelesha> Is there another way I can install the printer with still using Samba?
<GIant81> I'm looking to build an enterprise network from the ground up with no windows at all
<GIant81> ldap, bind, dhcpd, etc...
<GIant81> how easy is it to build an ubuntu LDAP/bind/dhdp server and manage it?
<GIant81> or is linux LDAP more easily managed with 389?
<GIant81> keeping in mind all of my directory experience is in AD
<GIant81> looking for something as easy to build and manage.. then connect clients to and go
<acidflash_> GIant81: its fairly easy,
<acidflash_> GIant81: what exactly is your experience in linux?
<adaminsull> Hi
<adaminsull> anyone here?
<mtelesha> I am trying to install printer with cups. HP p1006. Can I do it without hplip?
#ubuntu-server 2012-11-04
<uvirtbot> New bug: #1074777 in openldap (main) "package libldap-2.4-2 2.4.31-1ubuntu2 failed to install/upgrade: trying to overwrite shared '/etc/ldap/ldap.conf', which is different from other instances of package libldap-2.4-2:i386" [Undecided,New] https://launchpad.net/bugs/1074777
<TheLordOfTime> SpamapS:  alive?
<RoyK>  z
<uvirtbot> New bug: #1074798 in openssh (main) "ssh-copy-id cannot handle spaces in usernames" [Undecided,New] https://launchpad.net/bugs/1074798
<TheLordOfTime> i'm trying to wrap my head around why their usernames would have spaces...
<TheLordOfTime> (regarding that bug(
<btester> fresh ubuntu server 12.04 LTS install on local server has geoip-database-contrib package. Fresh official Ubuntu 12.04 LTS server on Amazon AWS - does not.   ...... Why is that?
<LordOfTime> btester:  different images perhaps?
<LordOfTime> the AWS images are a little bit different from the server image.
<btester> LordOfTime: ghmm. up to the point that that package is not even availabe from repo?
<LordOfTime> might be in a different repo than you have enabled by default
<LordOfTime> universe or multiverse perhaps
<LordOfTime> the AWS stuff doesn't have every repo enabled.
<LordOfTime> i'd know, but most of the stuff I need is in main or in PPAs.
<LordOfTime>  !info geoip-database-contrib
<ubottu> geoip-database-contrib (source: geoip-database-contrib): GeoLite binary database (downloader). In component multiverse, is optional. Version 1.8 (quantal), package size 10 kB, installed size 63 kB
<LordOfTime>  !info geoip-database-contrib precise
<ubottu> geoip-database-contrib (source: geoip-database-contrib): GeoLite binary database (downloader). In component multiverse, is optional. Version 1.5 (precise), package size 9 kB, installed size 62 kB
<LordOfTime> btester:  pastebin the sources.list
<btester> LordOfTime: http://pastebin.com/TDSC5Tgp
<LordOfTime> lines 33, 34, 35, 36.  uncomment those
<LordOfTime> then apt-get update
<LordOfTime> and try again to install the package
<LordOfTime> since hte package is in multiverse (see ubottu's last messages), and multiverse isnt enabled in your instance
<btester> LordOfTime: AHA! well thank you sir! works now.
<LordOfTime> you're welcome!
<hikenboot> hello I need to remount root file system as rw instead of read only in recovery mode how do i do this?
<ironm>  hello. Can you recommend me a tutorial for installing of VMs on ubuntu-server 12.04, please? Thank you in advance for any hints.
<yeats> !kvm | ironm
<ubottu> ironm: kvm is the preferred virtualization approach in Ubuntu. For more information see https://help.ubuntu.com/community/KVM
<ironm> thanks a lot yeahpla
<ironm> thanks a lot yeats
<hikenboot> never mind answered my own question thanks
<ironm> do I really need to install virtinst even I have chosen the "virtual machines host" tasksel option?
<ironm> or is there another way?
<AlphaWolf> I've got 2 partitions I'm trying to format and mount. I've put more information (fdisk -lu and more specific information) on Ubuntu Pastebin if anyone can help. I've tried GParted but it just sees the disk and no partitions. http://paste.ubuntu.com/1332125/
<ironm>  Does libvirtd listen on ethernet interface per default?
<jpds> Not on my host.
<ironm> jpds, I try from remote host (my notebook) to connect (virt-manager) to the KVM host but it didn't work
<maswan> ironm: I think the way to do that is to go via ssh
<jpds> ironm: virt-manager -c qemu+ssh://host/system ?
<jpds> maswan: 'lo. o/
 * maswan waves a bit to jpds 
<ironm> maswan, jpds virt-manager does it via ssh
<ironm> my question is on which port number libvirtd should listen on the KVM host
<ironm> and if I have to change the default setting for libvirtd on the ubuntu-server 12.04 KVM host
<jpds> ironm: That's the thing, it doesn't have a port on mine.
<maswan> and certainly not on the ethernet interfaces
<ironm> jpds, do you use remote client for virt-manager?
<jpds> ironm: Yep.
<ironm> hmm .. I can't follow how it could work if libvirtd doesn't listen on ethernet interface
<maswan> through ssh
<ironm> ok .. ssh
<ironm> so I am doing something wrong
<jpds> ironm: Is your user in the libvirtd group on the host?
<ironm> jpds, yes : root@hvm20:~# grep libvirt /etc/group
<ironm> libvirtd:x:111:ironm
<jpds> Hmm, not sure then, sorry.
<ironm> can I check if the connection works manually ?
<ironm> from the command line
<jpds> ironm: virsh list ?
<ironm> empty output there
<ironm> there is no VM defined yet
<jpds> $ virsh -c qemu:///system list
<jpds> Oh, well...
<ironm> it is a fresh installation of ubuntu-server 12.04 (tasksel option "virtual machine host")
<ironm> jpds, also empty output of: virsh -c qemu:///system list
<jpds> ironm: Well, those would show running VMs.
<jpds> ironm: But they don't return an error, so I imagine it's working.
<ironm> root@hvm20:~# ps -efa | grep libvirt
<ironm> root      2570     1  0 16:57 ?        00:00:00 /usr/sbin/libvirtd -d
<jpds> ironm: Remotely: virsh -c qemu+ssh://hvm20/system list ?
<jpds> ironm@hvm20*
<ironm> jpds, empty output of: ironm@wheezy:~$  virsh -c qemu+ssh://192.168.1.120/system list
<ironm> I had to type in a password for ironm
<jpds> ironm: Sounds like it's working, so what's the problem?
<ironm> jpds. virt-manager can't connect to the KVM host
<ironm> jpds: how the exact CLI command for virt-manager should looks like? ... virt-manager -c qemu+ssh://host/system
<jpds> ironm: Well, it should be doing what virsh is doing, and yes.
<ironm> jpds: error message: virt-manager-connection-error.txt
<ironm> http://paste.debian.net/206418/
<jpds> ironm: I guess the /s aren't suppose to be missing in the paste?
<ironm> how do you mean that?
<jpds> ironm: First line: virt-manager -c qemu+ssh:192.168.1.120
<jpds> ironm: Instead of virt-manager -c qemu+ssh://192.168.1.120/system
<ironm> oOH
<jpds> ironm: I guess that worked. :P
<ironm> jpds: thank you very much! .. I am blond :/
<jpds> ironm: No worries.
<ironm> jpds, I am impressed! .. the only one thing one has to do is to add the user to the libvirtd group after installing ubuntu-server 12.04 LTS (virtual machine host)
<ironm> and to use the correct syntax for the virt-manager on the remote administration client ;)
<hilarie> I've got a folder, with a bunch of folders, and one hidden folder, I want to keep the hidden folder, but none of the rest, how can I do this? rm -r * will delete the hidden one right?
<hilarie> did it with -i and it didn't go for the hidden directory, yay!
<Aison> how can I synchronize an ubuntu server right at startup
<Aison> time sync :P
<Aison> ntp uses some kind of step by step adjustment
<RoyK> ntpdate
<RoyK> ntpdate will fail if ntpd is running, though
<ton1c> ;
<Aison> RoyK, is there a ntpdate startup script that runs before ntp? :D
<RoyK> Aison: not sure, but it wouldn't be very hard to write one
<RoyK> Aison: also, using hwclock to reprogram the hardware clock with the current time should save you that effort
<Aison> RoyK, I don't think that hwclock works in this case, it's a damn virtual machine
<Aison> I start up multiple instances and all instances should be synced
<RoyK> Aison: VMs normally sync well with their host as far as I've seen
<RoyK> Aison: what hypervisor is this?
<Aison> i'm actually working with amazon ec2, so I dont know exactly. It's crap :P
<Aison> I guess xen
<RoyK> iirc they use xen, yes
<RoyK> I don't have a timesync problem with my kvm guests
<RoyK> hyper-v I've used in the past, and it sucks sideways
<Aison> RoyK, well, maybe I expect too much. I would like a sync around 1ms
<Aison> but for that I need a much more accurate setup, and that is going to be too complex
<RoyK> google xen timesync
<RoyK> there's a lot out there
<keithclark> I've added a new usb drive to my server.  I've installed usbmount but I still cannot get to my data..  I see usb>usb7 mounted on /media but nothing is in those directories.
<keithclark> I have added a new usb  hard drive to my server and installed usbmount.  I can see usb-usb7 directories added to /media  but nothing is in the directories.  I saved data there on another computer with rsync to this drive.  Is it not available to another computer?
<escott> keithclark, nothing should be mounted on /media. it should be in a subdirectory therein
<keithclark> escott, yes, it is.  usb>usb7
<escott> keithclark, what is the relevant line in the output of "mount" also please dont crosspost
<escott> i realize this channel is a bit slower so if you want to switch over thats fine
<keithclark> escott, not sure what you are asking about 'mount'
<escott> keithclark, open a terminal and type "mount"
<keithclark> escott, crosspost advice taken.
<escott> anyways "mount" will output all the mounted partitions type and mountpoints
<keithclark> escott, http://pastebin.ca/2248393
<escott> so that doesn't show the usb mounted anywhere
<keithclark> I followed advice here:  https://help.ubuntu.com/community/Mount/USB
<escott> keithclark, is the usb plugged in right now
<keithclark> escott, yes
<escott> keithclark, why dont you (a) remove it (b) put it back in (c) run "dmesg"
<escott> the last few lines of dmesg should show events related to the plugging of the disk back in and should list what /dev/sdX# is the usb drive
<keithclark> http://pastebin.ca/2248394
<escott> keithclark, so the disk is "/dev/sdb" and the partition is "/dev/sdb1" so a command like "sudo mkdir /media/external; sudo mount /dev/sdb1 /media/external" should mount it to /media/external
<keithclark> escott, worked like charm.  Thanks a bunch.
<keithclark> escott, learned a lot.
<escott> keithclark, you can look at the output of mount now and put some of those mount options in your /etc/fstab to avoid having to use sudo in the future
<keithclark> escott, I see the output. How to modify fstab?
<escott> well what is the output
<escott> just the one line mentioning /media/external
<keithclark> /dev/sdb1 on /media/movies type ext4 (rw)
<escott> excellent
<escott> one more command to run as soon as i can remember what it is
<escott> sudo blkid
<escott> run that and look for the bit that mentions /dev/sdb1
<escott> then your /etc/fstab you need to add
<escott> UUID=THE_UUID_FROM_SUDO_BLKID /media/external           ext4    defaults        0       2
<keithclark> yup, got that info
<keithclark> modified
<keithclark> I'll try to reboot
<escott> keithclark, no need to reboot
<escott> this isn't windows
<escott> don't have to reboot to save a file
<keithclark> Now that is funny!
<escott> keithclark, just "sudo umount /media/external" and then verify it is unmounted with "mount" and then "mount /media/external" (no need for root at this point)
<keithclark> shoot, I rebooted now the server is unavailable.
<escott> keithclark, thats also why you shouldn't reboot. there is probably a typo in /etc/fstab so you need to get console access to fix that typo
<keithclark> gotta reboot sometime!
<keithclark> Setting up a monitor and keyboard on it now
<keithclark> It is stuck at 'mountall:  fsck /boot .....'
<keithclark> Ah, trying to boot from it?
<escott> its trying to verify that /boot is not corrupted
<escott> which would usually be almost instantaneous (as /boot is usually very small)
<keithclark> So I do what
<escott> keithclark, boot an install cd or install usb and fsck it there
<keithclark> trying
<keithclark> this is messed up
<keithclark> shoot, won't boot from cd
#ubuntu-server 2013-10-28
<MavKen> Are any of you using 13.04 03 13.10 on a production server?  If so, have you had any issues?
<parallel21> I updated dev environment
<parallel21> It uses php 5.5 which we were unable to use with drupal because of the drop of json_encode
<parallel21> Still working on a way to downgrade, so I rebuilt php from source
<MavKen> ah ok
<MavKen> is there a way to create a script file to run after a clean ubuntu server install to get everything else i want installed and configured?
<parallel21> There are several ways going about that
<MavKen> for example, id like to install apache, mysql (using a prefined root pass), php..etc
<MavKen> just want to put a script together, as much as i repeat the same commands on fresh os installs
<parallel21> You could... https://help.ubuntu.com/13.10/installation-guide/i386/ch04s06.html#kickstart
<parallel21> Or create a puppet manifest to deploy post-install
<parallel21> I haven't used kickstart, and I use puppet to bootstrap servers with a lamp or lemp stack etc
<MavKen> ok thanks, will check those out
<ethana3> I'm trying to direct all traffic to one IP through another... to transparently bypass remote servers without changing nameservice configuration
<ethana3> but the instructions I'm coming across online aren't working, so I think that's because they're old, for different distributions, or both
<ethana3> basically, the *kind* of thing i'm trying to do is just say, 70.xx.yy.zz = 8.8.8.8, so I can just send traffic through 70.x and get google on the other end, that kind of thing
<leif_> morning is this the irc for running severs
<andol> leif_: Well, might not be the only irc channel for that, but yeah, the topic is definetly server related.
<leif_> ok
<leif_> is a bit new to ubuntu so
<hispeed68> is 12.10 preferred over 12.04?
<henkjan_> hispeed68: 12.04 is LTS (Long Term Support) release. that one is preferred
<henkjan_> hispeed68: else you could try 13.10
<hispeed68> 13.10 wouldn't work (video). 12.04 is working.
<riz0n> hello, I have Ubuntu 12.04 LTS server and want to take advantage of new features available in Dovecot 2.2.6-1 ... what would be the bewst way to go about upgrading Dovecot to support the new features?
<melmoth> riz0n, if you are lucky, somebody already packaged it for 12.04
<melmoth> if you are less lucky, you may try to rebuild a package from debian, and cross finger
<G> riz0n: check if the Dovecot team have a PPA
<melmoth> if you are out of luck, compile it in a --prefix dark /usr/local corner of your box ?
<G> based on https://launchpad.net/ubuntu/+source/dovecot it appears there are no builds of 2.2.x in any PPA or any release atm
<G> actually, I lie, missed the link to  https://launchpad.net/ubuntu/+ppas?name_filter=dovecot
<G> but remember, PPAs are use at own risk :)
<hispeed67> i thoughts on striping (no parity) 4 flash drives?
<riz0n> i thought about 2.1
<riz0n> i just want the latest stable version that supports RFC-6154 to fix some issues in Outlook 2013
<RVFCore__> Hi
<RVFCore__> Can anybody helps with 12.04.02 and a Samba configuration?
<jamespage> adam_g, roaksoax: if either of you have time I have a number of MP's stacked up against charm-helpers for various
<jamespage> charm features I'm working on:
<jamespage> https://code.launchpad.net/~charm-helpers/charm-helpers/devel/+activereviews
<gso> How do I unload a kernel module with dots in it's name ?
<Patero-n1> hello I'm on ubuntu server 13.10 and when I change my ip via ifconfig it loses access to dns resolution how to respecifiy or restablish the route
<Patero-n1> I checked ifconfig man page but it says nothing about specifying dns info
<eagles0513875> hey guys is the mod spamhaus package has it been backported to 12.04
<eagles0513875> and apache 2.2
<ihre> Patero-n1: echo nameserver 8.8.8.8 > /etc/resolv.conf
<ihre> or w/e DNS you'd like to use
<Patero-n1> ihre: what about the dns specified on that file why aren't they valid anymore
<ihre> Patero-n1: what do you mean? you can check what your current dns server is with something like nslookup google.com
<mardraum> ihre: if  you read the contents of that file, it tells you about why you should not do that.
<ihre> mardraum: that is when youre using /etc/network/interfaces, right ?
<mardraum> when using resolvconf, which is the default in ubuntu.
<mardraum> Patero-n1: man resolvconf
<ihre> mardraum: ifconfig doesnt attach to resolvconf
<mardraum> no. but I think he is missing information about how to permanently change details
<Patero-n1> when I change my ip on ifconfig it loses name resolution when I put my ip back still can't access dns names I have to dhcpcd again to fix it
<mardraum> Patero-n1: do you want to permanently change your IP?
<mardraum> eg to survive a reboot?
<Patero-n1> mardraum: yes
<Patero-n1> mardraum: after I find out how to specify dns
<mardraum> Patero-n1: you need to edit /etc/network/interfaces
<mardraum> Patero-n1: DNS is specified in that file.
<ihre> then edit /etc/network/interfaces and set something like dns-nameservers 8.8.8.8 4.2.2.2
<mardraum> man resolvconf for details
<Patero-n1> cool
<Patero-n1> mardraum: it only talks about dns when it refers to auto mode in ipv6
<jamespage> zul, ovs 2.0.0 uploaded... smoked OK for me locally
<zul> jamespage:  sweet dont forget to upload it to the CA oh wait...habbit
<jamespage> zul, lol
 * jamespage enjoys a release off
<jamespage> zul, doh - uploaded ovs to saucy
<jamespage> ....
<zul> lol
<zul> jamespage:  im just waiting for the new libvirt before putting it in trusty
<jamespage> zul, OK - I think I figured out how to trigger test runs as well
<jamespage> doing those now
<zul> sweet
<jamespage> zul, btw we need to get sessions raised this week for vUDS as well I think
<zul> jamespage:  really?
<zul> *sigh*
<jibel> zul, hi, I fixed the dep8 part of cherrypy3, now autopkgtest fails for a good reason. cherryd is installed in the wrong location and python3 packaging looks incomplete.
<jibel> zul, https://jenkins.qa.ubuntu.com/view/Trusty/view/AutoPkgTest/job/trusty-adt-cherrypy3 if you want to have a look
<zul> jibel:  cool ill have a look
<zul> jamespage:  i did the same for saucy what you did ;)
<jamespage> zul, lol
<Patero-n1> I need help
<Patero-n1> I read the man of interfaces at network/ and on the static method it doesn't mention anything about setting a dns server I just founnd how to set the default gateway and stuff
<mardraum> Patero-n1: man resolvconf shows you how to do this.
<Patero-n1> k
<mardraum> Patero-n1: I've only mentioned it at least three times now. What exact issue are you having?
<jrwren> it is a little strange that dns-nameservers isn't mentioned in the interfaces man page.
<ihre> Patero-n1: http://dpaste.com/1432527/
<ndee> is it possible to use hosts.deny with a dyndns hostname?
<zul> jamespage:  we need to figure out what we are gonig to do about samba, merges.ubuntu.com wants to merge 4.0
<jrwren> ndee: no, because those hostnames just do a reverse dns based on the incoming IP address to find hostname.
<Patero-n1> apparently I have run the updater script after editing the record of the iface.prog
<Patero-n1> tedious
<Patero-n1> mardraum: my issue is that when I change my ip I lost access to name resolution
<jrwren> http://askubuntu.com/questions/367296/why-did-upgrade-to-saucy-replace-my-host-keys-on-first-reboot
<jrwren> anyone see a reboot after saucy upgrade replace their ssh host keys?
<jamespage> zul, I think we just follow Debian and try to remove as much delta as possible
<jamespage> how much MIR is it going to create?
<zul> jamespage:  i havent really looked at it yet but i can do so today
<jamespage> zul, no rush this week
<Gianluca_31V2> salve
<hispeed67> i activated proprietary nvidia driver xx.73 and now X wont start. i got into text mode, but how do i switch out of the nvidia proprietary driver?
<hispeed67> last try before re-installing.. i installed the proprietary nvidia driver and now cant get into X. how do i return to other framebuffer.
<BrianH> hispeed67: kill lightdm, purge the driver, create a new /etc/X11/xorg.conf, file and restart lightdm
<BrianH> hispeed67: Out of curiosity, which driver are you using and which card?  I just installed the nvidia drivers on my server yesterday for my GT240.
<hispeed67> brianh: awesome, just booting from cd to do reinstall.. already killed lightdm and renamed bunch of lightdm files to lightdm.old. 50/50 on the reinstall. it is *currently* installed on a slow 40g drive, i have a 200G drive i was going to install to..
<BrianH> hispeed67: If you do a fresh install on the 200GB drive, it should set it up with the nouveau drivers.
<hispeed67> i think that is what ima gonna do.. it's an old ms-8917 video card.
<hispeed67> fx-5200
<BrianH> Yeah, the nouveau drivers should be plenty sufficient for that card.  Why did you install the proprietary drivers?
<hispeed67> see if any performance improvement..
<BrianH> Ah, gotcha.  I would recommend imaging your HDD once you have the base system setup, that way you have a fall back in case you mess it up again. :P
<genii> It begs the question of why you are even using X on a server install ;)
<BrianH> I use X myself because I run a bunch of KVM machines.
<hispeed67> cause im more familiar with xtools.. prefer to *boot* into text mode and use startx if i need X.
<hitsujiTMO> does virt-manager not work for remote kvm management?
<BrianH> hitsujiTMO: Yep, but it's my home server so I don't care much to run it remotely.
<Patero-ng> I got a message saying unable to load system information due to load higher then 1.0 what is this means?
<hispeed67> means you system load is high
<Patero-ng> the cpu load?
<hitsujiTMO> Patero-ng: openssh-server wont run the motd scripts when your load is higher than 1.0%
<Patero-ng> why is 1% cpu load dangerous?
<Patero-ng> do I need a faster cpu
<hitsujiTMO> Patero-ng: no
<Pici> 1.0 load is not 1% cpu.
<Patero-ng> ohh
<BrianH> Yeah, 1.0 means your CPU is doing the most it possibly can.  You can have a higher load number, which means things start getting queued.
<hispeed67> i was going to stripe 4 * 16g flash drives... thoughts??
<Patero-ng> BrianH: k
<BrianH> hispeed67: lol, really?
<BrianH> hispeed67: Just to learn how raid works?
<hispeed67> just to fuk with it.. yea...think it would suck???
<baggar11> anyone use deluge-web in here? wondering if you've noticed that title bar preferences don't save on exit.
<hispeed67> no, i know how raid works, just have an excess of flash drives
<BrianH> It might destroy the drives after a while, depending on how much you use them.
<hispeed67> have 7*16G, 3*32G and 2*64G...
<hitsujiTMO> Patero-ng: Pici: my apologies. yes, load 1.0 is a cpu is on full. but doesn't necessarily mean you need to upgrade.
<hispeed67> usually on startup...
<Pici> hitsujiTMO: technically its just 1 core of the CPU
<hispeed67> give time to start before loggingg and and that 1.0 will prolly go away
<BrianH> hispeed67: On USB3?
<hispeed67> one of the 32's is usb3, rest are usb2, but ports are only usb2 anyway
<BrianH> hispeed67: on-board ports or through a hub?  I never really thought about using flash drives for raids, but now I'm thinking it might be a cool way to show students, lol.
<hispeed67> hub
<hispeed67> BrianH: it's cheap...
<Patero-ng> I have a problem my wireless card is not detected anymore it's a netgear wag511 pcmcia
<BrianH> hispeed67: Looks like someone already did this: http://bigbruin.com/reviews05/thumbraid_1
<hispeed67> doh.
<hispeed67> reading
<Patero-ng> oh it just detected it I think the connectors were dirty
<zul> jamespage:  ok i just merged/synced a bunch of openstack dependencies
<Patero-ng> it's a 10 year old pcmcia
<BrianH> hispeed67: I like the concept though.  4 x 4GB drives + a hub and you got a simple setup for a RAID experiment under $25.
<hispeed67> im using 4x16 for my home dir
<ogra_> USB2 maxes out at 25M/s per hub though
<BrianH> hispeed67: wow, his Raid 0 benchmarks were pretty impressive, haha.
<BrianH> for 4 drives ^^
<hispeed67> wonder why 2 drive was so much better than the rest..
<hispeed67> wrong chart
<hispeed67> 4 drive doesn't look *that* bad...
<hispeed67> considering i generally get 8-10mb/sec on single drive.
<hispeed67> that raid looks like fun. have sdb1 for /home, it's a 40G drive. ima raid the 4 16G's and use for backup of /home :)
<hispeed67> when i use apt-get install is there any way to specify where apt-get d/l's the files to?
<BrianH> Anyone know if there's a fix yet for system-config-kickstart on 13.10?
<BrianH> Or any alternatives?
<BrianH> The only alternative I have is to use an older release in a VM to generate the cfg files and run a lamp stack.
<sarnold> hispeed67: what problem are you trying to solve? (I ask because normally people are quite content to let apt-get do whatever it does and magically have working packages ten seconds later...)
<adam_g> zul, did heat + ceilometer ever get acked for MRE?
<zul> adam_g:  yep
<raub> If I want to allow rsylog rhelp traffic, how do I specify the protocol in iptables? I know it is not upd, but what is it?
<hispeed67> sarnold: not a problem per-se, but i wind up installing multiple time before i get everything just right and would like to point apt-get to the pkgs i already d/l'ed instead of keep d/l'ing 100's of megs
<hispeed67> so far, 12.04 server install 4 times, on the 5th time.. only found my wlan0 on install #2... :(
<hispeed67> hoping it finds it on the 5th time...
<hispeed67> during install, it finds eth0 and wlan0 but doesn't locate/find my ssid/router
<sarnold> hispeed67: apt keeps downloaded .deb files in /var/cache/apt/archives/  -- which is handy to know if you ever need to manually rollback a bad package update, you can often find a handful of previous versions in that directory
<hispeed67> that works, long as it keeps the .deb file, i can cp the .deb file to a flash drive so i dont have to redownload.. :)
<sarnold> hispeed67: if you're re-installing machines all the time, you may wish to use something like apt-cacher-ng or squid-deb-proxy
<hispeed67> just trying to get 1 machine *as i like it*.. :)
<hispeed67> from home, 40Mbit connection..
<sarnold> ah hehe :)
<med_> jamespage, et al: Do you do any testing (over and above the built-in testing during packaging) for openvswitch source package (prior to releasing/pushing OVS)?
<zul> jamespage/adam_g: new pbr uploaded for trusty
<jamespage> med_, well it gets tested as part of the neutron topology testing we do
<jamespage> med_, and the package has dep-8 tests that exercise the dkms module and the userspace daemons for switch
<med_> before it gets pushed
<med_> nod, I saw the userspace tests
<hispeed67> the 1 time the wlan0 worked, i did the apt-get install ubuntu-desktop (or whatever) and d/l'ed 500M's, gonna have to do it again..
<jamespage> med_, nothing pre-upload other than the unit testing that run as part of package build
<med_> thanks jamespage
<hispeed67> what do you guys think is faster, cd-rom install or flash drive install?
<justizin> hispeed67: flash drive install should be faster not only on raw io, but it will save you the walk to a museum
<sarnold> depends heavily on the flash drive, I think; usb1.1 will probably be slower than cd-rom but a usb 2.0 stick can probably out-pace a CD
<justizin> sarnold: if it were raw sequential, which it's not, i think a usb stick will always beat a CD
<justizin> it basically installs a bunch of .deb files in a certain order based on dependencies and all sorts of other stuff, it's almost guaranteed to be mostly random seeks followed by brief sequential reads, and that's about as worst-case as you can get for a medium that spins
<justizin> anyway that's my $0.02, i haven't actually used anything but a net installer in like ten years. ;d
<sarnold> justizin: heh, good point, I don't know if any effort has been made to put the debs into an "install order" on the disc images.
<justizin> it wouldn't be much worth it, if you have to install more than once or twice per distro release, it makes far more sense to mirror locally (or at least throw up a squid cache)
<justizin> you can net install against a squid cache in like 5 min
<hispeed67> is there a net installer for ubuntu 12.04 lts?
<hispeed67> cause, im definitely down with a net installer...
<justizin> yeah there should always be
<justizin> i usually put it on a usb stick, it's just a far smaller image than the full installer
<justizin> (it's also handy to netboot)
<sarnold> this looks like a decent guide: https://help.ubuntu.com/lts/installation-guide/i386/install-tftp.html
<justizin> you can also just boot a usb stick to like a 16MB image that installs over the web
<sarnold> yeah, I quite like those "mini install images" that just get you to a point where you can run apt-get install for whatever else you need. :) hehe
<Patero-ng> hey i have a question how much does it take to mkfs.ntfs or format a 4gb pendrive is taking like 5min and is just on 10% is this normal hello
<hispeed67> ewe, prefer justizin's choice.. i have a 12.04 on a 16G usb stick.. yea, a mini-install image would be cool, not wanting to setup a tftp/bootp
 * justizin is searching for an image
<justizin> https://help.ubuntu.com/community/Installation/MinimalCD <- ignore everything that says 'CD' in this wiki page. ;)
<justizin> and i think there's an app that creates a usb for you.. there are so many ways to create an installer it's become labyrinthine
<justizin> which i almost definitely spelled wrong
<sarnold> I'd stay away from the gtk-image-creator or whatever it was, it seems beyond broken. the only advantage it had over 'dd' (gui aside) is that it could make a storage space on the stick for persistent storage. kinda neat, but the tool as a whole seems pretty broken for those who try it :(
<hispeed67> i use the netboot thingy.
<hispeed67> using windoze machine to make the iso for the linux boxen
<hispeed67> unetbootin
<hispeed67> im prolly not doing this the best way. system is installed, but not seeing my wlan0 adapter..  keep re-installing waiting for it to see it. 5th install, saw it on the 2nd install, but i screwed up my X driver, now im on 5th install trying to get wlan0 to work.
<med_> jamespage, another question: precise-proposed has OVS 1.4.6 (and it's been there for a while). Is there a bug somewhere that needs verified to get that into precise-updates?
<hispeed67> these installs are kicking my ass... none are finding my wlan0 card
<hispeed67> it's a dlink
<hispeed67> 1 install last night did, so i keep trying.. :(
<justizin> install over wired, then setup wlan?
<hispeed67> im installing from cd now, ill try to fix wlan after install finishes... :( bumming
<hispeed67> 48%
<sarnold> hispeed67: most of those kinds of issues are far easier to solve once the system is up and running and you've got access to all the archive and its utilities
<hispeed67> been a *long* time since i used linux, lots has changed..
<hispeed67> used to be able to use ifconfig and if-up, not even sure what tools are available nowadays.. <g>
<sarnold> hispeed67: ifconfig and ifup are still there; 'ip' provides more features, but the debian-based config files don't make it easy to get to them all..
<hispeed67> quit doing heavy duty unix stuff in 99
<hispeed67> played with it a lot, but nothing that i *had* to make work..
<hispeed67> etc/init.d has changed too..
<hispeed67> runlevels aren't the same either.
<hispeed67> lotta relearning to do.. i should prolly be in a general-chat room..
<hispeed67> sarnold: whats  ip? iptables???
<sarnold> hispeed67: 'ip' is the 'new' interface to manage everything that used to be done by route and ifconfig -- it's got more features (ability to set multiple IP addresses per device without needing silly "alias" devices)
<hispeed67> ok, system installed, rebooted. only have lo interface...
<sarnold> hispeed67: what does lspci -k show for your NIC and your wlan card?
<hispeed67> atheros..
<hispeed67> sis for eth0, atheros for wlan
<hispeed67> sis900 and ath5k
<hispeed67> i connected the sis900 (i.e. plugged in the net cable)
<hispeed67> still only seeing lo though
<sarnold> hispeed67: and does 'ip link show' and 'ifconfig -a' show anything? how about 'iwconfig -a'?
<hispeed67> ip link show lists lo, eth0 and wlan0
<hispeed67> so does ifconfig -a (but with no ip addy info)
<hispeed67> iwconfig also shows all 3 if's
<hispeed67> so, the kernel sees the if's then..
<hispeed67> they just aren't configured???
<hispeed67> ifup wlan0 and ifup eth0 give error unknown interface wlan0=wlan0
<hispeed67> sarnold: you still here?
<sarnold> hispeed67: does your /etc/network/interfaces look sane?
<hispeed67> only shows lo
<hispeed67> no eth0 or wlan0 in it.
<hispeed67> should i add eth0 and wlan0 to it?
<sarnold> hispeed67: depends; if you're building a server, you'll probably want to assign static IPs, and /etc/network/interfaces is the place to do it. if you're doing a desktop, it'll be managed by networkmanager, and then your /etc/network/interfaces will have very little in it..
<hispeed67> i can go either way with it. it's a home/development server
<hispeed67> going to be a webserver/forum server
<sarnold> static is nice but you've got to poke out a hole for the IP range from your router's DHCP range
<hispeed67> i only have like 12 ip's being handed out (printers, phones, tablets, laptops and desktops) so i could just use an upper ip (i.e. 24.211.120.232) which is never dhcp'ed
<sarnold> funny thing abou addresses which are "never" handed out ...
<sarnold> they eventually do get handed out :) hehe
<sarnold> it's worth picking a part of your range to block out for static; either everything about 127 or above 200 or whatever is easy for you to remeber.
<hispeed67> router only dhcp 0-100, so i could use 101+
<hispeed67> just set to dhcp 125 ip's, so 128+ should be fine for me.
<hispeed67> router also has static ip pool mapped to mac addy
<sarnold> oh nice, you're on the ball then :) hehe
<hispeed67> i can figure out the ip specific stuff later, if i could just get wlan0 (or, even eth0 now) working.. :)
<sarnold> hispeed67: try using iwconfig to associate with an essid..
<hispeed67> rebooting another linux i have on a flash drive and see if it findsd it
<sarnold> hispeed67: off for a bit, good luck, have fun :)
<hispeed67> doh.. damn.
<jamespage> med_, yep - there is
<jamespage> its on my todo list
<jamespage> med_, but if you could deploy and test with it +1000
<hallyn> CHECK IT OUT!  4-line patch to xserver-xorg-video-qxl enables using spice xserver standalone like a vncserver - i.e. for contaienrs
<hallyn> stgraber: ^
<med_> jamespage, cool.
<stgraber> hallyn: nice!
<hallyn> stgraber: the two new debps are in main, so there's no reason we can't do this for trusty
<hallyn> now, who babysits those packages these days :)
<vila> hi guys, what can cause 'lxc_container: command get_cgroup failed to receive response'  ?
<vila> the context is qa-radeon-7750 in the ci lab using otto, has been re-installed from scratch, I probably missed some bit of the config
<vila> did I mention trusty ? ;)
<vila> I have another host, also running trusty that is not experiencing the issue and ca be used as a reference but I don't know *where* to look
<vila> stgraber: ^ ?
<stgraber> vila: can you give me the IP?
<vila> stgraber: 10.97.2.156
<vila> stgraber: the container is named trusty-otto
<stgraber> lxc-start: Error setting memory.memsw.limit_in_bytes to 4G for trusty-otto
<vila> stgraber: hold on, that the last bit I try
<vila> tried
<vila> stgraber: try again
<stgraber> lxc-start: Error setting memory.memsw.limit_in_bytes to 2560M for trusty-otto
<vila> stgraber: yeah, not sure if otto doesn't do some tricks before calling lxc-start
<stgraber> 3530  open("/sys/fs/cgroup/memory/lxc/trusty-otto/memory.memsw.limit_in_bytes", O_WRONLY|O_CREAT|O_TRUNC|O_CLOEXEC, 0666) = -1 EACCES (Permission denied)
<vila> stgraber: sudo su - jenkins and then sudo bin/otto -d start trusty-otto
<vila> stgraber: ^ is what I use
<stgraber> vila: is the memory limit something new in your setup?
<vila> stgraber: it was 4G before the re-install, I just reverted it. So not really new
<stgraber> ok, the failure is because LXC is getting permission denied when trying to write the new memory limit, not sure why that's happening though
<vila> stgraber: here is the doc I'm following http://bazaar.launchpad.net/~otto-dev/otto/trunk/view/head:/doc/README
<vila> stgraber: the only bit I didn't do is the CONFIG_MEMCG_SWAP_ENABLED=Y
<vila> stgraber: nor the apport one but we shouldn't care for now
<stgraber> vila: the swap limit seems to be the problem
<vila> stgraber: memsw.limit_in_bytes ?
<stgraber> yep
<stgraber> vila: machine will reboot twice
<vila> stgraber: what did you do ? (I'm trying to document this re-install)
<stgraber> vila: adding the missing swapaccount kernel parameter
<stgraber> it's already in your doc
<vila> stgraber: excuse my ignorance but I couldn't decipher that part, what should be changed and where ?
<stgraber> vila: right, that did it, everything works fine now
<stgraber> root@qa-radeon-7750:~# grep swapac /etc/default/grub
<stgraber> GRUB_CMDLINE_LINUX_DEFAULT="quiet swapaccount=1"
<stgraber> sudo update-grub
<stgraber> sudo reboot
<vila> ack
<vila> stgraber: so swapaccount is really only needed if/when lxc want enforce memory limits (did I get that right ? Never had to do that elsewhere)
<vila> *to enforce
<stgraber> vila: correct, you need that option if you want to use the swap memory restrictions
<vila> stgraber: ok, makes sense, will need to discuss if we really want to do that given that the host is dedicated to otto...
<vila> stgraber: anyway, thanks again, for the fish and the fishing ;)
<lt-columbo> stgraber: one more question, sir ? Why isn't this parameter set to 1 by default ?
<stgraber> lt-columbo: probably because of some memory or performance impact, you'd have to ask a kernel developer
<hallyn> stgraber: d'oh.  I just realized I left /var/cache/lxc as is.
<hallyn> <deep sigh>
<hallyn> stgraber: oh, you've not yet accepted that merge request?
<stgraber> hallyn: no, I just commented in it
<vila> stgraber: ok, not something you care more than that yourself ?
<stgraber> vila: nope, most of my machines don't have swap ;)
<hallyn> stgraber: oh lemme go check.  then i can fix this as well.
<vila> stgraber: right, can't think why we want swap for a container...
<vila> stgraber: anyway, I won't bother you more with that ;)
<hallyn> stgraber: proposal updated
<hallyn> happy i didn't just push to the archive
<hallyn> "I had a feeling" it would pay off
<hallyn> hm, maybe i should run my nameserver to redirect plain decimal numbers to pad.lv/$n
<Patero-ng> I just found out that formatting a pendrive with fat32 is a lot faster then formatting it with ntfs
<sarnold> Patero-ng: heh, yeah, FAT just writes a quick table at the front of the filesystem and ignores all the data blocks. very quick. :)
<Patero-ng> sarnold: why can't ntfs do the same
<sarnold> Patero-ng: it has to do with the on-disk layout of filesystem datastructures; FAT is extremely simple, NTFS is not. :)
<Patero-ng> sarnold: u rock
<sarnold> \m/
<gaughen> query roaksoax
<gyre007> guys, is it wrong thinking that Ubuntu 12.04 doesn't implement ns ant net_cls subystems ? or is just lssubsys utility NOT returning them ?
<hispeed76> ive installed pangolin precise (12.04.3) and my sis eth0 is working, but the wireless is not..
<hispeed76> also, X doesnt work, crashes to cli
<hispeed76> argh, i been trying to get this working since last night.
<hispeed76> i dont even know what to do next..... please, somebody
<sarnold> hispeed76: do you get any error messages in dmesg that might indicate the problem with the wireless? do you get any error messages in /var/log/Xorg* that might indicate the error with the graphics?
<hispeed67> i finally have 12.04.3 server reinstalled. still no wlan0, but eth0 is working. no X, crashes out to cli... using neauveau (sp?) have fx5200 card.
<hispeed67> anybody, please help.. im  burning out on this.
<sarnold> hispeed67: do you get any error messages in dmesg that might indicate the problem with the wireless? do you get any error messages in /var/log/Xorg* that might indicate the error with the graphics?
<hispeed67> dmesg shows hundreds of cache errors on nouveau
<hispeed67> shows ath5k registered as phy0
<hispeed67> ill write off X, work on that later..
<hispeed67> but, this wireless is kinda important
<hispeed67> sarnold that is pretty much all i see about ath
<hispeed67> a registered and a chip found line..
<hispeed67> 5 re-install, installing doesn't fix it...
<hispeed67> 5th
<sarnold> hispeed67: so, the module is loaded, iwconfig sees it, ifconfig sees it, what happens when you try to associate it with an essid?
<hispeed67> iwconfig sees it, ifconfig does *not*
<hispeed67> ifconfig doesn't show it, ifconfig wlan0 does. i take that back
<hispeed67> so does ifconfig -a
<hispeed67> i giving up..
<hispeed67> not worth it.. too hard.
<sarnold> hispeed67: what happened when you tried to associate the wlan device with a wireless network using iwconfig?
<hispeed67> i dont know how to do that..
<sarnold> hispeed67: iwconfig wlan0 essid network-name-here
<hispeed67> i did that..
<hispeed67> then when i did, then did iwconfig it shows the essid in the info
<sarnold> hispeed67: .. and does it show an Access Point MAC?
<hispeed67> rebooted into windows, shit just works...this sucks (not linux, my inability to get it to work)
<hispeed67> rebooting again
<hispeed67> now, when i type iwconfig wlan0 essid linda <enter>
<hispeed67> i get error, operation not permitted
<sarnold> hispeed67: are you running that command as root or via sudo?
<sarnold> changing network configuration requires administrative privileges
<sarnold> (which is why desktop people use network-manager -- it runs with privileges and provides a handy drop-down box for people..)
<hispeed67> doh, see, im just burning out, hadnt sudoed yet..
<hispeed67> ok, shows essid linda, access-point not associated
<hispeed67> now what?
<sarnold> hispeed67: do you need to enable WEP or WPA2?
<hispeed67> wpa2
<hispeed67> psk
<sarnold> (I can't recall if these would prevent association with an AP or not..)
<hispeed67> guess it is easier to just re-install until it works
<sarnold> hispeed67: do you have the wpasupplicant package installed? that may be necessary..
<sarnold> oof, not my first choice. the installer is such a stripped-down environment it's hard to do anything, and it takes for bloody ever compared to just changing settings...
<hispeed67> it is installed
<hispeed67> wpasupplicant that is
<hispeed67> i can turn off wpa/psk on the router and make the router wide open..
<hispeed67> but, that will break the other 12 devices that are using passwords
<sarnold> hispeed67: I've not set that up manually; check the wpa_supplicant manpage for more details about it.
<sarnold> heh, that's not fun :/
<hispeed67> prolly faster than getting this to work
<hispeed67> wanna hear some crazy ass shit.. did "ifconfig wlan0 192.168.0.112 192.168.0.1"<enter> and now its working
<hispeed67> wtf
<hispeed67> well, can ping router after that.. dns isn't working..
<hispeed67> prolly dhclient
<hispeed67> or something
<sarnold> dns will require setting up /etc/resolv.conf correctly
<hispeed67> it would work if i got the ip from the router, instead of just picking an ip
<hispeed67> never asked password for the wireless network anywhere..
<hispeed67> idk if it's working..
<hispeed67> can ping router and get response, but when i ping the ip address for www.google.com i get destination host unreachable
<hispeed67> im burned out..
<sarnold> you can try pinging other IPs on the network; you don't need DNS for that, and it'll show if the routing is configured correctly
<sarnold> troubleshooting when burned out is definitely no fun
<hispeed67> i turned it off.. i *really* wanted to use 12.04.3 lts, but not anymore..
<hispeed67> ima try openbsd or something...old hardware, shouldn't have the problems it did
<sarnold> does openbsd still do the sh-based installer?
<sarnold> I always kinda liked that thing, horrible though it was.. :)
<hispeed67> i think so.. im hoping to pull down all source and compile.. i think it still uses tarballs..
<hispeed67> i might try slackware
<sarnold> slackware was how I learned how to do linux; _zero_ help from the thing. If you wanted something configured, you had to configure it by hand. it was great then, but got a bit tiring. :) hehe
<hispeed67> i started with slack too..
<hispeed67> kernel .99 for longest time
<hispeed67> burning slack 14.0 now
#ubuntu-server 2013-10-29
<hispeed67> ehlo?
<hispeed67> awful quiet in here...
<jkitchen> 220 OK
<hispeed67> after i get system installed, what is easiest way to image to a flash drive? dd if=/dev/sda3 of=sda3.bak
<hispeed67> or, does of have to go to a device?
<sarnold> both if= and of= can be regular files, devices, pipes, etc.
<hispeed67> so, i could mount the flash drive and dd to a file on the flash drive?
<sarnold> yeah, you've got a few options. you could dd to a file on the drive, or you could dd on top of a partition or you could dd on top of the whole device. each can be right depending upon your goals..
<hispeed67> woohoo, install complete, rebooting.. :)
<hispeed67> looking at clonezilla, maybe amanda, definitely zmanda as i need sql database
<hispeed67> it worked!!! it worked!!!! i gotz X and wlan0 !! ibd
<hispeed67> upgrade to 13.04 will d/l 558M and take about 6 minutes. :)
<hispeed67> done
<sarnold> smoser: hey, I'm trying to use http://bazaar.launchpad.net/~smoser/maas/maas-pkg-test/view/head:/maas-precise-1.2.txt to test maas on canonistack
<sarnold> smoser: I start up the nested vm with xkvm on line 167 .. and can't figure out what username / password to use to to log into the new node
<sarnold> smoser: where have I neglected looking? :) thanks
<MavKen> what packages do people typically install to secure their server?
<badunkadunk> join #vmware
<hispeed67> MavKen: selinux
<andol> hispeed67: No fan apparmor? Running both at the same time seem a bit over the top? :)
<andol> MavKen: Also, security really isn't a separate black bax you can just attach to your system, it's all about having a good complete understanding of the services and the code you run.
<MavKen> true
<MavKen> my next project is getting php mail to work so that drupal can send out e-mail
<xtriz> which vnc server is recommended to be used by ubuntu ?
<hispeed764> is it ok to discuss security in this channel?
<hispeed764> what software is used to create raid arrays?
<melmoth> hispeed764, mdadm ?
<reffcap09> hello all
<reffcap09> i was wondering does anyone know much about wineasio
<reffcap09> anyone here
<Patero-ng> how do I specify a specific dhcpcd server to assign my ip
<tjaalton> jamespage: hey, are you planning to merge samba from sid? it's now based on 4.0.x
<jamespage> tjaalton, I spotted but I've not had time yet to look at it
<jamespage> but yes that would be the plan
<tjaalton> cool, that would make it much easier to get sssd in main
<tjaalton> since some of the build-deps are now from samba4
<tjaalton> which will then get removed from universe
<tjaalton> once samba is merged
<tjaalton> jamespage: mind if I assign the samba task of this sssd MIR bug to you?
<tjaalton> no rush getting it in trusty
<tjaalton> just so that it's tracked somewhere
<smoser> sarnold, well, you probably can't log in with a password. it'd be ssh auth only.
<smoser> i'd recommend the virtual maas charm though
<smoser>   ext-int: eth0
<smoser>   dns-server: $nameserver
<smoser> EOF
<smoser> oops
<smoser> http://bazaar.launchpad.net/~virtual-maasers/charms/precise/virtual-maas/trunk/view/head:/README-nojuju.txt
<mbnoimi> How can I get the used port of OpenLDAP server?
<pmatulis_> mbnoimi: what do you mean by "used port".  slapd can listen on more than one (389, 636)
<mbnoimi> pmatulis_: during installing OpenLDAP it used by default the port 389 but I'm not sure what if my server use it or not
<pmatulis_> mbnoimi: try to connect to (or scan) the daemon's port with netcat or nmap.  can also use lsof or netstat to see what your host is listening on
<pmatulis_> mbnoimi: 'ps ax | grep slapd' will show you the port it is supposed to be listening on, maybe that's enough for you (ldap:/// ldapi:/// ldaps:/// means, respectively, 389, local socket, 636)
<pmatulis_> mbnoimi: note that 636 is deprecated
<mbnoimi> pmatulis_: Oops I got
<mbnoimi> 968 ?        Ssl    0:00 /usr/sbin/slapd -h ldap:/// ldapi:/// -g openldap -u openldap -F /etc/ldap/slapd.d
<mbnoimi> 2484 pts/2    S+     0:00 grep --colour=auto slapd
<pmatulis_> mbnoimi: looks good, 389
<mbnoimi> pmatulis_: where you saw 389?
<pmatulis_> mbnoimi: i told you already.  'ldap:///' == 389
<mbnoimi> pmatulis_: Thanks a lot :)
<pmatulis_> mbnoimi: yw
<raub> Is it possible to upgrade a 11.10 server to 12.04 using the 12.04 server iso?
<hispeed76> gmorning all
<hispeed76> what is better channel for questions about setting up apache
<xgeek-cub> hello guys
<xgeek-cub> I am installing ubuntu server on my vps (ESXI); and it asks me if i want to encrypt my home directory
<xgeek-cub> Should I do that?
<jrwren> no
<jrwren> ultimately it is your choice. IMO it has no place on a server. There are some gotchas to encrypted homedir.
<jemurray> Not if you use ssh / sshkeys... Then it gets trickey.
<xgeek-cub> what about setting up partitions
<jemurray> in what regards?
<xgeek-cub> guided ---set up encrypted LVM
<esde> On a fresh install of server 12.04 64-bit, i ran update, upgrade, then dist-upgrade. Then i installed php5 and it's dependencies, and added the percona source to my sources and installed percona-server-client-5.5 percona-server-server-5.5 and libmysqlclient-dev. Then I see this error http://pastebin.com/PKaKkkr2 when trying to run a script dealing with php and mysql, what can I do to resolve this? I found this stackoverflow post but I'm not sure how
<esde> to do the steps indicated.
<jemurray> xgeek-cub: encryption is up to you.   What is the chance of hardware theft on a server?   That is when you want to use encryption.
<esde> http://stackoverflow.com/questions/10759334/headers-and-client-library-minor-version-mismatch forgot link to stackoverflow post
<xgeek-cub> jemurray: oh; that what is for; ok so tell me this for vps on esxi do i go with normal partition type or LVM?
<smoser> hallyn, https://juju.ubuntu.com/docs/config-local.html
<smoser> why does that say "Due to needing newer versions of LXC the local provider does require a newer kernel than the released version of 12.04"
<smoser> my experience indicates that is "hog wash"
<jemurray> xgeek-cub: Again, this depends on what you want for a server.   If you may need to grow partitions in the future LVM is the way to go.   For me, I do not want to extra complexity on my production servers so I don't use LVM.
<hallyn> smoser: yeah, I don't know.  My main test box has 12.04 (3.2, not hwe) kernel and does fine
<hallyn> only thing i can think is they want lxc-attach
<MavKen> I just installed 13.10 on my vps... are there any issues with sendmail?
<jemurray> MavKen: Such as?
<MavKen> I have drupal and I need it to send out e-mail confirms and password reset e-mails... is sendmail the best approach?
<MavKen> or easiest
<smoser> hallyn, no obvious answers in juju-dev either.
<MavKen> jemurray, would you recommend using sendmail for this purpose or something else?
<jemurray> I personally have used postfix and sendmail both...   Ubuntu recommends postfix as the default MTA.
<jemurray> MavKen: https://help.ubuntu.com/community/Postfix
<MavKen> I tried postfix but the e-mails sent out my drupal were going directly to spam folder with gmail, yahoo and outlook.com
<jemurray> On my production servers that do basic outbound mail like you stated, I use postfix very simple to setup.
<jemurray> Can you tell why?   Make sure you DNS is setup properly.   Make sure the From: line is a valid return address.
<hallyn> tjaalton: hi.  could you take a look at http://people.canonical.com/~serge/xserver-qxl-spice.debdiff (generated from https://launchpad.net/~9v-shaun-42/+archive/xspice/+files/xserver-xorg-video-qxl_0.1.0-0ubuntu3ppa%7Eraring.dsc) ?
<hallyn> tjaalton: with that, we get a Xspice executable thtat we can use like a vncserver, but using spice
<jemurray> MavKen: The choice of mail server should have nothing to do with people flagging your email as spam.
<hallyn> would be terribly useful for containers, and heck just for remote desktops
<MavKen> I have 5 different, unrelated domains on my vps... Can postfix work with more than one domain on the same server?
<jemurray> MavKen: Yes, I have dozens of domains on my servers.   It will default to the server name as the default From: address if you don't specify.   In theory this should work for you.
<esde> Can someone please help me with the version mismatch issue?
<MavKen> so does drupal set the from address? (maybe a question for drupal channel)
<jemurray> MavKen: I can't answer that, I don't know for sure.
<jemurray> MavKen: http://www.postfix.org/BASIC_CONFIGURATION_README.html - There is a section on default domain.
<tjaalton> hallyn: so the diff is backwards?
<hallyn> tjaalton: oh yeah, probably
<MavKen> jemurray, thanks, setting up postfix now
<tjaalton> hallyn: so, yeah I'll merge something like that and release
<tjaalton> to trusty
<hallyn> tjaalton: awesome!  thanks!
<tjaalton> to debian git first and then merge
<tjaalton> oh it was enabled there already
<hallyn> oh??  I thought during breakfast i should check that but figured "no way"
<hallyn> even more awesome
<esde> On a fresh install of server 12.04 64-bit, i ran update, upgrade, then dist-upgrade. Then i installed php5 and it's dependencies, and added the percona source to my sources and installed percona-server-client-5.5 percona-server-server-5.5 and libmysqlclient-dev. Then I see this error http://pastebin.com/PKaKkkr2 when trying to run a script dealing with php and mysql, what can I do to resolve this? I found this http://stackoverflow.com/questions/10759
<esde> 334/headers-and-client-library-minor-version-mismatch but I'm not sure how to do the steps indicated.
<tjaalton> hallyn: libspice-server-dev used to be in universe, so xserver-spice support was removed in ubuntu
<hallyn> tjaalton: right, i think raring is when that changed
<hallyn> i would've said something sooner if i knew the xspice executable existed :)
<tjaalton> heh, sure. and we didn't even rebuild it for 1.14, boo
<MavKen> jemurray, I have setup in postfix config that my server is mail.domain.com.... Do I need to add anything to my DNS?
<tjaalton> hallyn: uploaded
<jemurray> MavKen: Most important is to make sure a forward and reverse DNS entry exist and that they are consistant.
<hallyn> tjaalton: thanks!
<MavKen> what does that mean?
<jemurray> MavKen: For example: mail.domain.com = 10.0.0.1 and 10.0.0.1 = mail.domain.com
<MavKen> what is 10.0.0.1?
<jemurray> MavKen: That was just an example... Here is my test config: http://pastebin.com/PsystLGr
<MavKen> hmm... im currently using google mx for e-mail forwarding...am i going to have to change those mx records to my server?
<jemurray> MavKen: No.   You can ignore that part.
<MavKen> ok
<jemurray> In my case the server is also the MX for inbound.  Yours is only outbound.
<jemurray> Just make sure the forward and reverse are in sync like in my example.
<MavKen> ok, so I don't need to change anything on my dns?
<smoser> hallyn, wrt "old kernel sucks for lxc"
<smoser> https://groups.google.com/forum/#!msg/docker-user/txAd5BiVapU/AfXvssMqkr4J
<smoser> thats what hazmat pointed me at
<smoser> (which, imo doesn't seem to justify someone upgrading their kernel)
<hallyn> smoser: huh?  aufs is in precise...
<smoser> yeah, bad link. its above that.
<hallyn> yup it's there
<hallyn> oh
<smoser> the overal thread is wrt network performance of veth
<smoser> "containers network performance"
<arosales> zul, are you on deck today for the server meeting?
<zul> arosales: yes we are having the meeting right now
<arosales> zul, cool thanks.
 * arosales will join there
<xgeek-cub> the partition /boot should have the bootable flag; right?
<jemurray> xgeek-cub: Does not matter on modern hardware.
<xgeek-cub> jemurray: it is off ; and i am on ESXI
<jemurray> xgeek-cub: GRUB should be installed in the MBR and it will just work no matter how that is setup.
<MavKen> any of you familiar with sendmail?  I just installed it, sent out mail from php script and it goes directly to spam folder on receiving end
<patdk-wk> just installing software != properly configured server
<patdk-wk> and none of it really has to do anything with sendmail
<MavKen> my php script has header from kenny@domain.com but header in gmail shows the from address as www-data@localhost
<sarnold> MavKen: antispam these days is pretty complicated. you need to ensure the MTA is configured properly (not open relay, etc.), ought to configure spf and/or dkim; look around for e.g. what google does to filter mail, and make sure you're on the good side of all that.
<MavKen> but if i set my header with a from address, why does the header on the receiving end show that it is from www-data@localhost?
<patdk-wk> what does the headers have to do with the from address? nothing
<patdk-wk> more important is your ip address and dns
<patdk-wk> after that, helo name
<patdk-wk> after that spf/dkim
<xpistos> Hi all. When I try to look at one of my network shares it lets me drop into the dir, but does not show me my files. I can verify the server is up but when I try to mount -a I get an error that says mount.nfs: mount system call failed
<sarnold> xpistos: it's easy to get a directory that you can 'cd' into but not use 'ls' -- if you give the directory execute permission but not read permission
<xpistos> sarnold: I can see in the dir, but my files are there. it is like it is grabbing a "folder" from the drive not the mounted shared drive
<err-or_> hi, short question. what would you recommend? drbd + corosync + pacemaker + lvm or just drbd + haproxy on my firewall?
<xpistos> Here is an easier issue. why, when I am using vnc does my terminal window close when I press the letter "d"
<err-or_> vnc on a server?
<sarnold> xpistos: you may have a 'stuck' control key, either physically or somewhere in the protocol. ^D is the usual way to ask the shell/terminal to terminate
<xgeek-cub> I just installed my ubuntu server via Vsphere console; now i want to ssh to it ; it is easier that way; is it any Howto available to setup SSH on my VPS
<err-or_> xgeek-cub: you only need to install openssh-server on the virtual host, anbd make sure you can route to it on port 22
<xpistos> sarnold: might be the protocal but not sure how to fix that
<sarnold> xgeek-cub: it'd also be a good idea to set up authorized_keys for it and then turn off password support. you don't need to let the world brute force passwords...
<xgeek-cub> err-or_: i had the same problem before; I am kinda new to ssh; i know I should edit a couple of lines but no clue to which
<sarnold> xpistos: no, me neither, but hopefully fiddling with the keyboard control keys will reset it, at least for one connection..?
<xpistos> Well i have narrowed that down to the "d" key is toggleing to show desktop
<sarnold> ha
<sarnold> that'll teach me a lesson. not sure what..
<esde> On a fresh install of server 12.04 64-bit, i ran update, upgrade, then dist-upgrade. Then i installed php5 and it's dependencies, and added the percona source to my sources and installed percona-server-client-5.5 percona-server-server-5.5 and libmysqlclient-dev. Then I see this error http://pastebin.com/PKaKkkr2 when trying to run a script dealing with php and mysql, what can I do to resolve this? I found this http://stackoverflow.com/questions/10759
<esde> 334/headers-and-client-library-minor-version-mismatch but I'm not sure how to do the steps indicated.
<sarnold> http://stackoverflow.com/questions/10759334/headers-and-client-library-minor-version-mismatch
<patdk-wk> hehe, conflicting percona libmysqlclient and ubuntu libmysqlclient are always fun
<xpistos> YEAH! I was able to change it to ctrl+d and now I can type d's small victory
<patdk-wk> generally best, don't install from source, it causes issues
<esde> The issue was how i installed percona?
<patdk-wk> yep
<sarnold> patdk-wk: I don't think esde installed from source..
<patdk-wk> your percona mysql libmysqlclient isn't the same as your php5 libmysqlclient
<patdk-wk> sarnold, he just said he did
<patdk-wk> installed percona-mysql-server-5.5 source
<sarnold> patdk-wk: I think ".. to my sources" meant /etc/apt/sources.list  ...
<patdk-wk> heh
<esde> I did this to install eprcona
<esde> *percona http://pastebin.com/mBwBsK9t
<patdk-wk> there isn't going be a fix for that
<patdk-wk> unless you want to recompile php against percona-mysql
<patdk-wk> I never have that issue, cause I use dedicated mysql servers, so php is on a different server without percona on it
<esde> I'm just puzzled because the first time I setup the project, I followed the same steps and didn't get this error.
<patdk-wk> it depends
<patdk-wk> sometimes percona and ubuntu mysql match versions
<patdk-wk> sometimes they don't
<esde> Ok. Is there any way to tell if it's doing any damage?
<esde> Right now I just see an error, but everything seems to be working fine otherwise
<sarnold> tough to say. if they didn't change anything in the ABI, it'll run fine without further issue. but if they did change some aspect of the ABI, it might fail in fairly subtle ways very infrequently.
<patdk-wk> it shouldn't be an issue
<patdk-wk> it's more of an issue going between mysql versions, like 5.0 or 5.1 to 5.5
<patdk-wk> but both are 5.5, and almost the same subversion
<esde> Great, thank you for your help :)
<sarnold> esde: I have faith that the percona guys wouldn't break ABI with a minor version update but I'm less certain about the mysql guys. :) hehe.
<MavKen> can you have more than one domain on spf record?
<hispeed76> how can i find out what disks are attached? i.e. i have /dev/sda-/dev/sdf, just attached an external drive, dmesg shows some stuff, but no /dev/sdg
<hispeed76> sda and sdb are internal disks, sdc/sdd/sde/sdf are /dev/md0 just attached an external terabyte drive and it isn't showing up at /dev/sdg
<_root_> hello again
<_root_> i want to install freenx on 13.10
<_root_> sudo apt-add-repository ppa:freenx-team
<_root_> W: Failed to fetch http://ppa.launchpad.net/freenx-team/ppa/ubuntu/dists/saucy/main/binary-amd64/Packages  404  Not Found
<_root_> W: Failed to fetch http://ppa.launchpad.net/freenx-team/ppa/ubuntu/dists/saucy/main/binary-i386/Packages  404  Not Found
<_root_> what is wrong?
<hispeed76> was the hub, nevermind
<Phog> does mdadm have any sort of caching capability with SSD's similar to zfs?
<xnox> Phog: yes.
<xnox> Phog: google for dm-cache
<Phog> was trying to decide between zfs or ext4
<Phog> for a hybrid vm shared storage and general file storage
<Phog> is it pretty slick
<mgw> What would cause kworker procs to accumulate?
<jrwren> _root_: not a supported ubuntu version. see: https://launchpad.net/~freenx-team/+archive/ppa
<_root_> jrwren, where is exactly source.list located? in my machine?
<Phog> another question, what about RAM
<Phog> does ubuntu have something similar to the ARC
<jrwren> _root_: yes, apt-add-repository adds a file in /etc/apt/sources.list.d
<jrwren> Phog: if you mean auto reference counting that has nothing to do with an OS. That is a programming language feature of objective-C
<Phog> sorry
<Phog> i meant the ARC cache in ZFS
<Phog> uses memory for caching
<jrwren> ha! I obviously know nothing about ZFS :)
<Phog> having trouble deciding on the best OS/file system for my home lab
<Phog> torn between ubuntu/ext4 and solaris/zfs
<jrwren> have you considered ubuntu/btrfs
<jrwren> IMO solaris is always the wrong choice.
<jrwren> You'd have to pay me huge $$$$ to even consider dealing with solaris.
<Phog> i've read some
<Phog> from what i've read btrfs still super new
<Phog> unstable?
<jrwren> i don't care how good ZFS is. Its not worth the rest of solaris.
<jrwren> i've no idea. sounds like you considered it and that is good.
<Phog> i don't know a lot about it
<Phog> and I *think* it benchmarks slower
<Phog> yeah, im a solaris noob
<Phog> it sure isn't easy
<gyre007> what Disk encryption would you guys recommend...after doing a tad of research Imthinking LUKS looks like a good candidate
<_root_> pphttp://paste.ubuntu.com/6325791/ any idea how to fix that line 2-6
<jrwren> Phog: i've spent enough time in solaris in my life to never want to do it again. :)
<Phog> i had being so indecisive
<Phog> *hate
<CreativeEmbassy> Hopefully a basic question: Is there a way to install ubuntu server 13.10 from netboot? I already have netboot running, but I can't tell which version of Ubuntu it's going to install.
<CreativeEmbassy> And if it installs Ubuntu desktop, is there a way to convert it to ubuntu server? I mostly just want to get a small cloud going at the hackerspace here. Not used to sysadmining.
<_KaszpiR_> just install server?
<_KaszpiR_> minimum number of services
<_KaszpiR_> CreativeEmbassy try cat /etc/lsb-release
<CreativeEmbassy> I just want to make sure the server stuff is covered. there's some extra diskspace if it downloads the desktop, I just don't need it.
<CreativeEmbassy> _KaszpiR_ It's not running anything yet, I don't know how I can run that
<_KaszpiR_> last time when I was booting netinstall it was asking for packages to install
<_KaszpiR_> i selected none, and it didn;t even install desktop enviroment and so on
<_KaszpiR_> I installed specific software later on
<CreativeEmbassy> _KaszpiR_ thanks. I'm going ahead with the install, and I'll see if it asks me about packages later. :)
<sarnold> hallyn: thanks for the explanation re: /var/lib/lxc  :)
<hallyn> sarnold: np.  i actually hadn't realized theimplication about the release-to-release upgrades.  they *will* rechmod the dirs.  oh well.  c'est la vie.
<sarnold> hallyn: there's so many different ways people can upgrade and skip versions in the middle, it just seemed inevitable. but there's a nice convenient bug with good keywords and descriptions, hopefully the handful of people who might find themselves in this situation will find it and be content. :)
<eagles0513875> hey guys anyone on 12.10 running apache 2.4 with php fpm and mod fast cgi?
<eagles0513875> cuz im trying to follow the same method i used to get apache 2.2 running on 12.04 and it isnt working at all
<rbasak> eagles0513875: post to the mailing list perhaps, if you don't get an answer here? It would be nice for people using that combination to sync up on this. I am sure there will be others in the future.
<eagles0513875> rbasak: i already have a working setup on 12.04 i have no idea what has changed in 13.10 and what is going to be in 14.04
<eagles0513875> rbasak: what mailing list are you talking about?
<rbasak> eagles0513875: the ubuntu-server mailing list
<eagles0513875> ill have to subscribe to it hehe
<rbasak> eagles0513875: there were major changes involve in the 2.2->2.4 transition.
<rbasak> eagles0513875: I expect far less change in 14.04. Probably just bugfixes, if anyone can pin any bugs down (as opposed to config changes, which we know are required)
<rbasak> eagles0513875: https://lists.ubuntu.com/archives/ubuntu-server/2013-September/006712.html
<eagles0513875> basically alot of what i was seeing besides vhosts needing .conf which i think is really stupid imho
<eagles0513875> is permissions and what not with php-fpm and fastcgi
<eagles0513875> that was my biggest stumbling block
<rbasak> It makes packages that work with apache do the task much better
<BrianH> Any Juju experts here?
<rbasak> BrianH: yes, but also try #juju
<BrianH> I'm having a problem bootstrapping my MAAS server.
<rbasak> BrianH: #maas for MAAS :)
<rbasak> (you're more likely to find experts active on IRC in their own channels)
<BrianH> Well, I think it's Juju related, but I'm not sure.  My MAAS IP changed and when I try running juju bootstrap it keeps erroring out because it's looking for the old IP.
<eagles0513875> im no juju expert but do you have the ip hard coded somewhere?
<rbasak> BrianH: I recommend making sure your MAAS machine's IP doesn't change.
<rbasak> BrianH: if you haven't bootstrapped yet, I think you can deal with that by just fixing your environment config.
<rbasak> BrianH: but I'm not sure if MAAS needs any more help with that.
<eagles0513875> i need to experiment with this cloud stuff that ubuntu has but i dont have the hardware to test with
<BrianH> I changed my yaml file and it didn't seem to make a difference.
<rbasak> BrianH: #maas will know better, but I don't think changing the MAAS server's IP is really supported.
<rbasak> BrianH: #maas might tell you what you need to hack to make it go though
<BrianH> rbasak: Thanks.
<rbasak> eagles0513875: the latest juju-core will let you experiment with it on LXC containers quite nicely
<eagles0513875> rbasak: so i was told by someone is LXC just apt-get install and thats it
#ubuntu-server 2013-10-30
<Leroy91> I'm trying to get my machine to go into standby and wake up on it's own at certain times, which I can do with a simple bash script on a cron job but I'm wondering (since I'm running an enterprise level server) if anyone has been able to reduce fan speed during standby time
<Leroy91> The BIOS has no settings available to change fan speed
<Leroy91> it's an IBM xServe 346 running 12.04
<sarnold> Leroy91: check /sys/ for '*fan*' files, there are sometimes fan controls in there..
<Leroy91> i'm only seen block, class, devices, fs, kernel, power, bus, dev, firmware, hypervisor, and module
<Leroy91> doing find fan and locate fan also did not come up with results
<sarnold> Leroy91: hrm. I wonder if the fan controls I have on my laptop came from a kernel module that lm-sensors enabled; have you run sensors-detect on this machine? maybe there's a kernel module to load..
<Leroy91> installed and rebooting now...RAID array takes at least 5min to initialize haha
<Leroy91> ok i've run sensors-detect...it says No modules to load :/
<sarnold> darn :/
<Leroy91> Driver `to-be-written':
<Leroy91>   * ISA bus, address 0xca8
<Leroy91>     Chip `IPMI BMC KCS' (confidence: 8)
<Leroy91> Note: there is no driver for IPMI BMC KCS yet.
<Leroy91> Check http://www.lm-sensors.org/wiki/Devices for updates.
<Leroy91> No modules to load, skipping modules configuration.
<Leroy91> Unloading i2c-dev... OK
<Leroy91> Unloading i2c-i801... OK
<Leroy91> Unloading cpuid... OK
<xIlluzionx> Hello
<Leroy91> I find it hard to believe IBM would not have better linux support on such a server...even if it is from 2005
<xIlluzionx> I am looking for some assistance with boot issues after a 13.10 server installation
<Leroy91> what did you try installing it on?
<xIlluzionx> IntelÂ® Coreâ¢ i5-3570K Processor, Gigabyte Intel Z77 LGA 1155 Motherboard
<xIlluzionx> On it's own dedicated SSD
<Leroy91> have you enabled AHCI in your BIOS?
<xIlluzionx> I can check
<xIlluzionx> Sata mode is set to AHCI
<Leroy91> is it a fresh install?
<xIlluzionx> Yes, this is my first time using Linux
<xIlluzionx> I allowed the install to use the full disk
<Leroy91> any other OS on the machine?
<Leroy91> maybe another hDD?
<xIlluzionx> only one HDD in the machine
<Leroy91> hm
<Leroy91> is it necessary you use 13.10?
<xIlluzionx> I can get the boot to show the GRUB loaded
<xIlluzionx> I tried 12.X but it kept rebooting in the middle of the installation
<Leroy91> have you tried 13.04?
<xIlluzionx> Would there be anything useful at the command screen, I can pull that up through the GRUB selector
<xIlluzionx> no
<Leroy91> oh so yo ucan get to terminal window ok?
<xIlluzionx> If I hit "c" at the grub loader screen
<Leroy91> try the command: startx
<Leroy91> ah..wait this is server OS right?
<xIlluzionx> if I select "Ubuntu" from the loader screen, it gets to the terminal and then reboots
<xIlluzionx> yes
<xIlluzionx> cannot find command startx
<Leroy91> yeah theres no gui for server, you should only see terminal when it boots
<xIlluzionx> yes, but it reboots once it gets to the terminal
<Leroy91> i see
<sarnold> xIlluzionx: hrm, I'm confused.. do you get a <servername> login: prompt?
<xIlluzionx> I get to there, and then a reboot
<xIlluzionx> before I can type
<sarnold> *boggle*
<Leroy91> try 13.04...it may be more stable
<xIlluzionx> I can access a command screen by pressing "c" during the boot
<sarnold> xIlluzionx: try adding "single" to the kernel command line in grub (I think that's the 'c' you used earlier) -- maybe you can find out what is going on by checking the logs in /var/log/  ...
<sarnold> 'single' will skip nearly everything, it ought to just mount your root filesystem and then drop you to a shell.
<xIlluzionx> what is a file viewer, i'm use to "less" on mac
<xIlluzionx> doesnt work here
<xIlluzionx> I can look at boot.log
<Leroy91> i had a similar issue a few years ago when i tried to install 11.x on a machine that was P4 error and only 10.04 was supported on that version of the P4 cpu...haven't heard of the issue on a modern machine
<Leroy91> it's ls
<sarnold> xIlluzionx: 'less' is nice, it lets you backup; but 'more' also works, and might be available if 'less' isn't.
<Leroy91> *era..
<xIlluzionx> grub cannot find command more
<xIlluzionx> trying to do "less /var/log/boot.log"
<sarnold> xIlluzionx: ah, yeah, grub won't do that.
<xIlluzionx> vi does not work either
<sarnold> xIlluzionx: maybe I jumped the gun -- edit hte kernel command line to add 'single' to the command, and then proceed with the boot...
<xIlluzionx> I'm sorry but I need you to dumb that down for me just a bit
<xIlluzionx> I'm fairly competent with command line but linux is brand new to me
<sarnold> xIlluzionx: when you're presented with the list of "ubuntu" and "ubuntu (safemode)" (or whatever it is..) there is a key combination you can hit to edit the 'kernel command line'. it'll have things like "splash" and "ro" and "quiet" in it..
<xIlluzionx> hmmm I dont see anything about the kernal
<sarnold> xIlluzionx: you'll want to add 'single' to that command line, and then boot the system with the modified entry -- that will bring the system up into single-user mode
<sarnold> ah, looks like it's 'e' in grub: http://askubuntu.com/a/132983/33812
<xIlluzionx> alright, "e" pulled up a new screen
<xIlluzionx> is there any specific place to add single
<sarnold> it should work just about anywhere but I always put it at the end...
<xIlluzionx> currently: "setparams 'Ubuntu' \ recordfail \ load_video \ gfx...
<xIlluzionx> cannot find command "single"
<sarnold> *sigh* my VMs start way too fast, the thing is booted while the stupid vnc window is flickering around...
<xIlluzionx> lol
<sarnold> jeeze, you think there'd be a billion youtube videos "lol bypass linux root password lol" showing how to do this but I can't find one. I need a kid to teach me google.
<sarnold> or a book to teach me google.
<xIlluzionx> http://imgur.com/wYCGumg
<sarnold> xIlluzionx: *sigh* sorry :)
<xIlluzionx> ^ thats what I am looking at
<sarnold> xIlluzionx: can you edit that 'linux' line and add 'quiet' immediately after 'ro'? it'd be "ro quiet" at the end of it...
<xIlluzionx> trying
<xIlluzionx> ffs
<xIlluzionx> nope, still gets to a login screen and then crashes
<sarnold> :(
<xIlluzionx> fucking irritating
<sarnold> yeah, I'm getting upset not being able to catch grub in my VM boots. it'd be worse if it were real hardware that was upsetting me....
<xIlluzionx> yea
<sarnold> xIlluzionx: okay, this whole thing was to try to get to log messages. maybe another approach -- try a liveCD? try a different release installer?
<xIlluzionx> i wanted to ditch osx in favor of ubuntu, but this is proving to be very problematic
<xIlluzionx> i guess i will try another install
<xIlluzionx> :/
<xIlluzionx> 12.04.03 okay?
<sarnold> yeah, that should be good, I think it got the EUFI support backported from newer releases, in case your machine requires that...
<sarnold> .. (but it ought to work on non-eufi bioses too)
<xIlluzionx> bios is set to achi
<xIlluzionx> ahci
<xIlluzionx> every single time i try to use 12.04 i get to the install screen, it loads, i select install ubuntu, it reboots
<xIlluzionx> i have no luck
<sarnold> o_O very strange
<xIlluzionx> let me ask you this, can ubuntu non server still be used as a serveR?
<jrwren> of course. what is a server anyway?
<sarnold> xIlluzionx: yes -- the main differences are there's no GUI installed on the server by default and the server doesn't use networkmanager to manage the network interfaces; instead, /etc/network/interfaces is used
<xIlluzionx> All I need this server for is to run a minecraft server with mysql databases and apache
<sarnold> time for me to run, good luck :)
<sarnold> (and have fun :)
<srtfmx> I am stuck for a week in doing pxeboot ubuntu via a centos pxeserver over tftp+ftp
<srtfmx> is this possible to do so via ftp or the only way is to do via nfs
<srtfmx> help me please i am very frustrated at present over this
<srtfmx> Anybody there ?????
<MavKen> would any of you recommend against using 13.10 on production server?
<monokrome> Hey. Does the server installer run SSH by defaukt?
<monokrome> default*
<monokrome> I have a machine without a monitor and am attempting to install Ubuntu on it.
<xgeek-cub> hello
<xgeek-cub> anyone knows how to install wgetpaste?
<xgeek-cub> please; i am tired;
<monokrome> Ubuntu doesn't have a package for it
<monokrome> You can use a service like sprunge that only requires something like curl to be installed
<monokrome> for instance: ls | curl -F "sprunge=<-" http://sprunge.us
<monokrome> will send the output of ls out to a sprunge link and output the link for you
<monokrome> xgeek-cub: ^
<monokrome> If curl isn
<monokrome> isn't available, sudo apt-get install curl
<xgeek-cub> ok so just curl?
<monokrome> right
<xgeek-cub> monokrome: and it just works with sprunge
<monokrome> curl is just an http service
<monokrome> curl just sends the output to that http service and gives you a link to it
<monokrome> There has to be some Ubuntu installer that starts SSHD immediately on boot
<monokrome> amirite?
<xgeek-cub> monokrome: curl: (56) recv failure: connection reset by peer
<monokrome> No network?
<monokrome> I have a machine with two hard disks running Mac OS X and I need to install Ubuntu Server on it, but it doesn't have a monitor. Does anyone have ideas regarding how I can achieve this?
<xgeek-cub> monokrome: no i have ping
<xgeek-cub> monokrome: ssh bro; ssh in to it you do not need a monitor
<monokrome> xgeek-cub: How do I enabled SSH without the monitor?
<xgeek-cub> monokrome: tell me exactly what is the situation
<monokrome> I have a Mac Mini Server that I want to install Ubuntu on
<monokrome> I have no monitor.
<monokrome> That's the problem
<xgeek-cub> monokrome: is that Machine online; has it internet connection?
<monokrome> yes
<xgeek-cub> or at least on a local network?
<monokrome> It's on my local network, I have access to the physical hardware
<xgeek-cub> if yes; go to anyother machine and " ssh -p <port_number> <IP_address>"
<monokrome> xgeek-cub: How is SSH running? I'm trying to install Ubuntu server. It's in the OS from the USB disk.
<xgeek-cub> monokrome: any ubuntu is shipped with ssh server installed; even in livecd or in your case liveusb
<monokrome> Is it running by default in them?
<xgeek-cub> monokrome: yes by default;
<monokrome> oh hmm
 * monokrome must not be properly booting it to Ubuntu then
<monokrome> xgeek-cub: You sure?
<xgeek-cub> monokrome: of what? that the ubuntu livecd has ssh server running on it; yes sure; the way you are approaching your problem not so much
<monokrome> What's wrong with the way which I am approaching my problem?
<xgeek-cub> monokrome: if you want to insatll ubuntu on a mac server; 1. does this server have os on it right now? 2.if yes you want the ubuntu to remove the os and take over or sit beside that os
<monokrome> I want to completely wipe out everything on it and install Ubuntu Server, which is what I am planning on doing once I can find a service.
<xgeek-cub> monokrome: wait
<monokrome> ok
<xgeek-cub> at this time you have this server ok? how you access it (forget about useb; ubuntu ....)
<xgeek-cub> *usb
<monokrome> OS X
<xgeek-cub> monokrome: so it has osx; but you said you donot have monitor yes?
<monokrome> correct
<monokrome> I have SSH and VNC into OS X
<xgeek-cub> monokrome : What from where?
<monokrome> what?
<xgeek-cub> monokrome : right now you have a laptop for example and you ssh to  your Mini server or VNC to it; Yes?
<monokrome> yes
<monokrome> and I am trying to get Ubuntu Server on it instead.
<xgeek-cub> monokrome : do you have physical access to this Mini server of yours
<monokrome> yes
<xgeek-cub> monokrome : i got the ubuntu part
<monokrome> ok
<xgeek-cub> monokrome: What is the machine you use to connect to your server? is it ubuntu or anyother linux?
<monokrome> I have a Macbook Pro and a Macbook Air for that
<monokrome> The have Linux VMs
<xgeek-cub> monokrome : i did some reading;the idea is to connect an ubuntu livecd or usb to your mini server  and make that mini server boot from it
<monokrome> Yes, I am already doing that with the Ubuntu Server USB disk
<monokrome> The USB installer doesn't have SSH as far as I can tell.
<xgeek-cub> if you could do that and now you have a successful boot ; you have some shoot at doing it but it is risky
<monokrome> Why is it risky?
<xgeek-cub> let me brak it down
<xgeek-cub> 1. that ubuntu you use is not working
<monokrome> yes it is
<xgeek-cub> you need an alter image
<monokrome> no I don't
<monokrome> You probably read an old article
<xgeek-cub> monokrome https://help.ubuntu.com/community/Installation/OverSSH
<monokrome> I know how to do it all and have done it multiple times
<monokrome> The only problem that I have is that I don't have a monitor
<monokrome> So, my original question simply regards what I could use as an alternate interface without using a premade install via bootp or some script?
<xgeek-cub> did you read that link
<monokrome> yes
<monokrome> It's not helpful, however.
<monokrome> I'm in the Ubuntu installer and sshd is not running
<qman__> my disk filled up during an update and now /boot/grub is missing files, how do I regenerate them?
<qman__> I tried purging and reinstalling grub and grub-common but it doesn't do the trick
<monokrome> I do not have a monitor, so I try hitting alt+F4 to reach TTY4
<monokrome> at which point I have typed enter 3 times to ensure a shell
<monokrome> and typed sshd but no luck
<monokrome> I can ping the machine, however
<qman__> ah, it was grub-pc, not grub
<monokrome> =]
<monokrome> nmap reports: All 1000 scanned ports on 10.0.1.10 are closed
<monokrome> I wonder if I can just dd a system out to it in target disk mode
<monokrome> I don't think that SSH runs on the Ubuntu Server installer until you've turned it on manually, xgeek-cub.
<xgeek-cub> monokrome : you are right;
<xgeek-cub> monokrome: ; Parted Magic starts sshd on boot. I am not sure if root is allowed to login, but the root password would be "partedmagic"  However, you need to be connected by wire.
<xgeek-cub> but in you case i can't think of other ways
<xgeek-cub> yes you could find a ubuntu machine and make in PXE install server then you could be able to boot your mini server into PXE
<xgeek-cub> or you could detach the hdds and formated them and install ubuntu on them
<mardraum> monokrome: from your shell, type "apt-get install openssh-server"
<monokrome>  /me thinks that nobody realizes the problem
<monokrome> Does anyone know why the Ubuntu Server 13.x installer doesn't come with fdisk or parted?
<xgeek-cub> monokrome: i just did fdisk in my server and it is installed 13.10 is the version of my ubuntu
<monokrome> hmm
<monokrome> I got a different ISO and found a roommate for using his TV
<monokrome> now I'm installing
<mardraum> monokrome: what is the problem?
<monokrome> There isn't one now
<monokrome> :)
<SlimG> $ net-snmp-config --create-snmpv3-user -ro -a Passw0rd didrik
<SlimG> /usr/bin/net-snmp-config: 236: /usr/bin/net-snmp-config: net-snmp-create-v3-user: not found
<SlimG> This is on a Ubuntu 13.10 server
<SlimG> It seems net-snmp-config: 236 expect "net-snmp-create-v3-user" in PATH, but I can't even find this script on http://packages.ubuntu.com/
<giomanda> hi
<giomanda> all of a sudden my server has no longer the command sudo and apt
<giomanda> i tried to install the apt from a .deb package but also the command dpkg is missing
<giomanda> any ideas how i might install dpkg ?
<giomanda> or what is going on?
<giomanda> anyone?
<soren> giomanda: No dpkg, no apt, no sudo... You're pretty screwed.
<ogra_> how did you get there ?
<soren> giomanda: What *does* work?
<giomanda> i dont really know, yesterday all was working ok and sudently todqy this happens
<soren> giomanda: Someone screwed up. Does anything still work at all?
<giomanda> yes pretty much..i dint reallize apt was not working until i needed to install something from ubuntu repo
<giomanda> any chance to see how/who screwed up?
<ogra_> /var/log/auth.log holds all sudo invocations
<giomanda> any chance to reinstall dpkg?
<giomanda> /var/log/auth.log does not excists .... is that normal?
<ogra_> no
<giomanda> ....
<giomanda> if sudo doesnt excists the auth.log shouldnt excists isnt it right?
<ogra_> no, auth.log logs all auth stuff, not just sudo
<giomanda> right..... so something happened ..
<giomanda> any chance to install dpkg .. somehow?
<pmatulis_> reinstall
<pmatulis_> completely
<g105b> As soon as the installer boots and shows "[!!] Select a language", no keyboard input is detected, no matter what USB hole, no matter what keyboard I try.
<pmatulis_> g105b: might be something in the BIOS to look at
<g105b> pmatulis_: I'm looking into how to install over LAN
<pmatulis_> g105b: ok.  btw, 'usb port', not 'usb hole'
<g105b> pmatulis_: thanks :D
<g105b> Given I have the .iso downloaded from Ubuntu.com, how do I prepare the files for booting (using bootp)?
<g105b> The howto "Preparing Files for TFTP Net Booting, Section "Setting up BOOTP server" on https://help.ubuntu.com/community/Installation/LocalNet returns 404 error.
<xgeek-cub> for my vps; I have an Ip that i use it with VMware vsphere  Client to connect to Vps machine and another ip that i use for ssh to my linux on my VPS; in terms of DNS NS records A records and such which domain we are talking about?
<Phog> so im about to lose my shit
<Phog> trying to install ubuntu server
<Phog> having real issues removing device information from disks
<Phog> any good ideas how to just blast away all partitions on all my disks
<Phog> the ubuntu install fails consistently
<pmatulis_> Phog: the installer allows you to remove partitions doesn't it?
<Phog> not in my case
<Phog> it fails
<Phog> consistently
<Phog> says something is in use
<Phog> so i do a bunch of superblock searches through my devices and it finds studd
<Phog> stuff
<Phog> but i can't remove them
<Phog> this partition fucking sucks
<Phog> is there no easy way to jut blasts away the disks data?
<Phog> *just
<pmatulis_> Phog: is there any fakeraid that may be enabled?
<Phog> i tried to install with software raid
<Phog> and it failed to write to grub or something
<Phog> now i can't delete the md created array
<pmatulis_> Phog: i would enter your BIOS and ensure there is no fakeraid enabled
<Phog> no fakeraid
<pmatulis_> Phog: sometimes that screws things up
<Phog> it's a proliant dl380
<pmatulis_> ok
<Phog> even if there was, all my drives are through storage HBA's
<Phog> can i just DD the fuckers?
<pmatulis_> Phog: but it does have hardware raid right?
<mardraum> yes, use dd.
<pmatulis_> Phog: and please be respectful with your language
<Phog> i don't want to wait for it to 0
<Phog> ok
<Phog> is there a dd command to just wipe everything
<mardraum> which gen dl380 is it
<Phog> g6
<Phog> the smart array onboard isn't hooked up
<Phog> im using 9211-8i LSI HBA's
<mardraum> why wouldn't you use the smart array?
<mardraum> oh
<Phog> no virtual drives configured
<Phog> cause it's garbage
<mardraum> no local install of the OS?
<Phog> nothing
<Phog> im booted off the install cd
<mardraum> no it isn't, I bet you just didn't buy a BBWC
<smb> Might help to run "mdadm stop /dev/md?" from a alternate console (if cat /proc/mdstat show some active)
<Phog> mardraum: i have used/tested/benched all sorts of smart arrays, the P812, the P410 (onboard) i have the BBU and 512MB cache
<Phog> they are garbage
<Phog> i've got like 10 of those silly smart(not) array
<Phog> cards
<mardraum> what problems do you have with the P410 on the g6's ?
<Phog> mdadm stop /dev/md127
<Phog> mdadm An option must be given to set the mode before a second device (/dev/md127) is listed
<Phog> it's slow
<mardraum> compared to?
<Phog> mdadm
<Phog> if you want to buy this P812 with 1GB FBBC
<Phog> PLEASE DO
<Phog> any ideas with that error?
 * smb tries to remember the syntax
<Phog> it's --stop
<Phog> and it fails
<Phog> Cannot get exclusive acess to /dev/md127: Perhaps a running process, mounted filesystem or active volume group
<Phog> pretty sweet
<smb> Could be some of those... In that case and if you don't care about disk contents it probably is the simplest to dd from /dev/zero over the disks/partitions involved in the softrait and restart
<smb> softraid
<Phog> do i have to wait for it to zero the drive?
<Phog> I have like 45 drives
<smb> not all of them , only those referred to in protc/mdstat
<smb> and only some sectors
<smb> so dd if=/dev/zero of=disk bs=1M count=1
<Phog> strangely the cat /proc/mdstat says
<Phog> active raid1 sdo1[1] sdk1[0]
<Phog> how do i tell what disks it's using
<Phog> o and k?
<smb> sdo1 and sdk1 (first partition of sdo and sdk)
<smb> so disk in the dd would be /dev/sdo1 and /dev/sdk1
<smb> And just to repeat some warning the dd will destroy some data written to the mirror, too
<Phog> took basically no time
<Phog> confirmed with records in and out
<Phog> just reboot?
<smb> yes, now the meta data should be gone
<Phog> here goes nothing *hail mary*
<Phog> wish the ubuntu instller was more intelligent
<Phog> *installer
<Phog> pretty silly spending an hour just to wipe some disks
<andol> Phog: Don't recall anything about wiping disk. Are you perhaps installing with encrypted disks?
<smb> Usually I thought it was, the fact that there was a md127 usually comes from having a bios defined fakeraid and that is maybe a less common case
<andol> Never mind me, realized that I was just missing plenty of backlog. Sorry
<Phog> well, let's see what happens
<Phog> you guys play with dm-cache much>?
<smb> not me
<Phog> was trying to decide between solaris and ubuntu for my vm storage
<Phog> both have pros and cons
 * highvoltage wants to try out dm-cache
<Phog> ok LETS TRY THIS AGAIN
<Phog> we may have success...
<Phog> NOPE
<Phog> an installation step failed
<Phog> lol
<Phog> the failing step is:  Install the system
<Phog> genius error
<Phog> this makes me giggle
<Phog> welp it was worth trying, guess ill use solaris
<Phog> got it working
<Phog> never mind
<Phog> Unable to install GRUB in /dev/sd0
<Phog> This is a fatal error.
<Phog> haha
<Phog> yes it is!
<smb> sd0? Have you manually specified where to install?
<smb> First hard disk would be sda
<Phog> dunno i'm giving up
<Phog> too frustrated
<genii> sd0 sounds FBSD-ish
<Phog> yeah
<Phog> it has FBSD
<Phog> don't think there is a card in it though
<ikonia> sd0 = cdrom
<pmatulis_> ah, brings back memories
<pmatulis_> msg chanserv op #ubuntu-server pmatulis_
<g105b> Can someone advise me on how to install without GUI? I have booted from CD to terminal, awaiting input, it just reads "boot: _"
<g105b> ok I noticed pressing tab told me a list of commands
<g105b> still didn't get past the issue of https://bugs.launchpad.net/ubuntu/+source/debian-installer/+bug/993242
<smoser> $ lxc
<smoser> The program 'lxc' is currently not installed.  You can install it by typing:
<smoser> sudo apt-get install lxc
<smoser> ummm.... no i can't.
<gchristensen> Hi, I'm using a preseed to pxe-boot install ubuntu server. I'm having an issue where plymouth is being installed, causing "mountall: Disconnected from plymouth" to come up. is there a way to disable all GUI aspects in the preseed? here is what I'm currently using: https://gist.github.com/grahamc/bbb6623705e7c3654e3f/raw/cc9dc1cea1a5c2e9721d4823202456111221de21/gistfile1.txt
<Toaster_Strudel> ubuntu server isnt free?
<gchristensen> it is free
<Toaster_Strudel> the website says essential is 320/yr
<Toaster_Strudel> then standard is 700USD/YR
<gchristensen> ? that must be something different
<gchristensen> http://www.ubuntu.com/download/server
<gchristensen> Toaster_Strudel: that is for Landscape which is some sort of ... thing.
<Toaster_Strudel> is there a website I can show to someone to convince them that ubuntu server is super awesome? I just need a page with pretty screenshots of it in action
<Toaster_Strudel> gchristensen: ^
<gchristensen> pretty screenshots..?
<Toaster_Strudel> yea
<Toaster_Strudel> or maybe graphs and other fancy stuff
<gchristensen> ubuntu server doens't necessarily come with that out of thebox. its a server
<gchristensen> you could setup a node with graphite or munin or something
<gchristensen> Toaster_Strudel: this is what my ubuntu server looks like: http://gsc.io/s/ubuntu_server_login_prompt_12.04_-_Google_Search_18216373.png
<Toaster_Strudel> gchristensen: there isn't any gui with the installer?
<Toaster_Strudel> or can you startx
<gchristensen> there is not
<gchristensen> you might be able to add one
<xgeek-cub> I am in a pros an cons situation; i want to install ubuntu server and i am between 13.10 or 12.04.3 lts?
<gchristensen> xgeek-cub: is this for fun or for business?
<gchristensen> the follow-up question if its for business, do you have free time? yes -> 13.10, no -> 12.04.3
<xgeek-cub> gchristensen: there is in between
<xgeek-cub> what you mean by freetome gchristensen
<gchristensen> I have no time at all to add potentially extra work to my plate, so I go with 12.04.3. if I had more time to burn doing things because I wanted to, I might put up 13.10. 13.10 may require more maintenance over time since it isn't LTS
<jtran> anyone here an expert on preseed?  I'm trying to find out if preseed can setup a vlan tagged nic
<jtran> i want preseed to setup a tagged vlan nic so that i can do a netinstall
<gchristensen> jtran: to vindicate you, I read your question ... preseeds are Deep Magic I think with little docs
<jtran> lol yes it's true i agree it's deep magic
<gchristensen> I've asked many a preseed question with no answer
<jtran> kk i'll try the mailing list then
<jtran> thx for the heads up
<lotia> hi all. when I build a raid array using mdamin, and edit the /etc/mdadm/mdadm.conf file do i need to update the initrd image for it to be consistently named.
<xgeek-cub> could anyboady tell sites like cloudflare
<RoyK> lotia: yes
<RoyK> update-initramfs -u iirc
<xibalba> where is the proper place to set DNS now?
<xibalba> apparently /etc/resolv.conf isn't it
<xibalba> nm just found it
<xibalba> ty
<Pici> np
<Underbyte> question -- the ubuntu server cloud edition image is named exactly the same as the normal ubuntu server iso, is there a difference between the two?
<ryan-c> http://pastebin.com/npp3NKbK < I'm having some rather nasty problems with a package upgrade, can someone please have a look at this? LTS 12.04 server
<ryan-c> Looks like there's some circular dependencies maybe?
<ryan-c> it looks like my procps service is hosed
<ryan-c> procps is failing due to /etc/sysctl.d/30-iscsitarget.conf containing net.ipv4.tcp_mem = 1048576
<ryan-c> commenting that line allows dpkg --configure -a to complete
<sarnold> ryan-c: please file a bug against the icscitarget package -- and please add a note that the quantal version of the package has dropped the 30-iscsitarget.conf file, described in the 1.4.20.2-6 changelog entry
<ryan-c> sarnold: there is already a bug against procps about this
<ryan-c> https://bugs.launchpad.net/ubuntu/+source/procps/+bug/1241376
<sarnold> ryan-c: heh, I hadn't realized so many things provided brittle sysctl files..
<ryan-c> Yeah, it seems more appropriate to fix procps.
<ryan-c> It'll hit people's manual configs as well.
<sarnold> ryan-c: perhaps add a comment to this bug report with your experience, to lend weight to the idea of making the procps initscripts more tolerant of failure?
<jeeves_moss> how do I setup a bind secondary for a windows primary
<rbasak> hallyn_: about bug 930962. I was suggesting doing the mangle the other way inside the container. Not sure if that's possible.
<rbasak> hallyn_: if not, then "iptables -D" can delete a rule by its specification, so perhaps "iptables -D ... || true; iptables -A ..." is a (hacky) workaround?
<sarnold> man I hate checksum offloading
#ubuntu-server 2013-10-31
<hallyn_> rbasak: the mangle inside the container did not seem to work
<hallyn_> sarnold: you're an iptables pro.  do you know of a way to insert a rule only if the rule hasn't previously been inserted?
<rbasak> hallyn_: I didn't actually try that myself. Did you reverse the mangle rule appropriately?
<hallyn_> rbasak: it's possible i did not
<hallyn_> rbasak: what would 'reverse appropriately' mean?  I only have one nic available there (eth0) and you cant do inbound mangle rules.
<hallyn_> so all i did was s/lxcbr0/eth0/
<sarnold> hallyn_: sorry, I'm no pro, I barely speak iptables.
<rbasak> hallyn_: just to match on inbound instead of outbound. I didn't know you can't do inbound mangle rules. My iptables(8) says you can since 2.4.18?
<hallyn_> drat.  ok, thanks.  i'll just make a judgement call then (soonish) on whether to parse iptables -L or use a file under /run.
<rbasak> hallyn_: it's Medium/Low importance for me. The workaround is pretty trivial. The only pain was before I found the bug.
<hallyn_> ok, prio changed, thanks.
<rbasak> hallyn_: I figure that it's Debian that's (now) buggy since consensus seems to be that dhclient should be patched. So it feels better to me to patch the container if possible.
<hallyn_> rbasak: on my saucy laptop:  iptables v1.4.18: Can't use -i with POSTROUTING
<hallyn_> oh, heh
<hallyn_> i misread
<rbasak> hallyn_: in the container I'd guess something like: iptables -t mangle -A INPUT -i eth0 -p udp --dport bootpc -j CHECKSUM --checksum-fill
<hallyn_> rbasak: i'm using iptables -t mangle -A PREROUTING -i eth0 -p udp --dport bootpc -j CHECKSUM --checksum-fill
<hallyn_> (didn't work
<hallyn_> INPUT doesn't either
<rbasak> Oh, dport -> sport
<rbasak> No, perhaps not
<hallyn_> (sorry, flurry of kids arms and legs all around, my attention to detail is lacking0
<rbasak> If it doesn't work then fair enough. I don't know enough about netfilter to know why
<hallyn_> yeah still no go.  I think it has to do with the fact that eth0 doesn't exactly get routed, since it's bridged.  but not sure
<hallyn_> (-j OUTPUT -o eth0 did not work either.  tried all the combos by now)
<hallyn_> someone somewhere who understand this is chuckling at us right now
 * hallyn_ out
<sarnold> alexey? or harald?  :)
<hallyn_> alexey for sure
<xIlluzionx> Hi
<pmatulis> hi
<xgeek-cub> unstalling the ubuntu server ; the install process ask about host name
<xgeek-cub> should i add the domain that i bought for my VPS here?
<jotterbot1234> why can't I
<jotterbot1234> tail -f /var/log/syslog
<jotterbot1234> getting permission denied
<jotterbot1234> but I have added myself to the adm group
<jotterbot1234> with: sudo usermod -a -G adm <username>
<jotterbot1234> what's the deal?
<hallyn_> jotterbot1234: have you logged out and back in since then, or done newgrp adm?
<jotterbot1234> hmm
<jotterbot1234> I have rebooted one, let me see something.....
<jotterbot1234> hallyn_: what does newgrp adm do?
<jotterbot1234> the adm group already exists
<hallyn_> jotterbot1234: check 'man newgrp(1)' - newgrp logs you into a new group
<jotterbot1234> hallyn_: thanks, will do
<hallyn_> np
<xgeek-cub> i want to update my ubuntu server fully what commands should i issue?
<mardraum> update the existing install or update to the latest version, eg 13.10 ?
<xgeek-cub> mardraum: : http://askubuntu.com/questions/368848/upgrade-and-update-ubuntu-server
<mardraum> xgeek-cub: apt-get update && apt-get dist-upgrade
<xgeek-cub> mardraum: the dist-upgrade changes my version from 12.04 LTS???
<mardraum> no
<mardraum> that would be do-release-upgrade command
<xgeek-cub> mardraum: reallysure??? iam doing it right now? going?
<mardraum> pardon?
<xgeek-cub> mardraum: i am confirming
<babinlonston> hi all ,
<babinlonston> I have a VPS from DigitalOcean , And now i need to send mail from my vps to some gmail email id or to some else how can i install and configure mail server in it to send out my vps
<sarnold> babinlonston: cool :) https://www.digitalocean.com/community/articles/how-to-install-and-setup-postfix-on-ubuntu-12-04
<babinlonston> sarnold: this not supported me to send out of vps , its sending mail only to the local users in VPS , and already i did it
<sarnold> babinlonston: oh. bother. I guess I should have read beyond the headline.
<sarnold> babinlonston: the bits here about spf and dkim might be helpful: https://help.ubuntu.com/community/Postfix
<babinlonston> I have a VPS and installed with Ubuntu 12.04 how can i setup ftp for the /var/www/ Directory , I cant give the logins of VPS to Developer so i need to setup a ftp
<andol> babinlonston: Why on earth would you want to use FTP instead of something sane like ssh/sftp?
<babinlonston> andol: what ever , just the developer need to access the /var/www/ directory using filezilla or any other client , i Don't want to provide him my credentials
<esmic> hey
<andol> babinlonston: Then you create an additional user, and give that user access to that folder.
<andol> ...which is kind of what you would need to do with ftp too.
<babinlonston> andol: ok
<esmic> i have a question about ubuntu, and im bit newb
<babinlonston> andol:  did i need to give the user with full permission 777
<andol> babinlonston: 777 really isn't a permission you set on a user, but on a folder, which almost always is a bad idea. Instead you should change the user and/or group ownership, depening on what other users might too need to use that directly.
<babinlonston> ok
<Guest23822> hi, for ufw, I have put http://paste.ubuntu.com/6334657/ to before.rules, and then stop ufw and start ufw. it does not work. I can still access websites 80 ports directly in chrome browser. can anyone help? thanks.
<xgeek-cub> hostname -F /etc/hostname  returns nothing but i have rockspacefn in the /etc/hostname
<MrQuist> ZZzzzzz....
<dzeko> What's the bast way to fully backup your server?
<Patrickdk> take the drive out, and use it as a football for thanksgiving with your relatives
<Patrickdk> !best
<ubottu> Usually, there is no single "best" application to perform a given task. It's up to you to choose, depending on your preferences, features you require, and other factors. Do NOT take polls in the channel. If you insist on getting people's opinions, ask BestBot in #ubuntu-bots.
<dzeko> ok, the what's is nowadays usually way to fully backup your ubuntu home server. What do you use?
<Patrickdk> normally I'll just copy the vmdk file
<dzeko> its not a virtual server, its just a old fashion remote dedicated server :)
<Patrickdk> dzeko, generally, if you want that, two options, reboot into a backup cdrom or so
<Patrickdk> or use lvm and take a snapshot
<Patrickdk> personally, I never liked either, and stuck with just coping the data I needed, like /var /etc and sometimes other stuff
<sgo11> hi, any squid expert here? My squid setup does not work and get Forwarding loop detected warning. Before setup http_port 3128 transparent and iptables, everything work fine. but after forward local 80 port to 3128. and run chrome in the same machine as squid, I met this issue. thanks.
<bazhang> sgo11, try #squid yet?
<sgo11> bazhang, nobody in #squid is awake. I kept asking this question in a whole day. nobody replied....
<babinlonston> which operating hyperviosr we can install in a Dedicated server ? which is located in remote ?
<patdk-wk_> babinlonston, any you want?
<babinlonston> patdk-wk_:  yes we going to buy a Dedicated server , i need to know which hypervisor is good , and i need to install and  manage it from remote
<patdk-wk_> heh? good?
<patdk-wk_> you have several choices
<patdk-wk_> vmware, hyperv, xen, kvm, maybe even virtualbox
<babinlonston> patdk-wk_: i need it in Linux and want to be in open source
<EvilPenguin> Hello is anyone here able to help with a DNS problem (BIND9)?
<MrQuist> EvilPenguin, i might try, state your troubles.
<EvilPenguin> Hello! :) The problem I'm having is that doing an nslookup doesnt give the server name but rather the ip address
<EvilPenguin> e.g nslookup google.com will return server: (IP of DNS Server)
<EvilPenguin> I rewrote the reverse lookup zone twice
<EvilPenguin> restarted bind9 and incremented the serial and still the same problem
<EvilPenguin> can show you screenshots of config files if you want
<sgo11> bazhang, hi, the problem is fixed by adding "-m owner ! --uid-owner proxy" to iptables. found by MrQuist in askubuntu.com. The problem is caused because squid is forwarding traffic back to port 80. I use iptables to forward 80 to 3128. it forms a loop. thanks a lot for your time. just FYI.
<MrQuist> ah, bye EvilPenguin
<xgeek-cub> hello
<bgardner> xgeek-cub: Hello
<xgeek-cub> could I;or better said should I add dotdeb.org to my repos; in orther to install php-fpm?
<xgeek-cub> is it a good practice?
<remix_tj> xgeek-cub: why you need external repos? there is all you need in ubuntu's standard repositories
<xgeek-cub> So no dodeb repository?
<xgeek-cub> ok
<jpds> xgeek-cub: No, it's not.
<jpds> xgeek-cub: Those repos don't get any oversight from the security team - so you're on your own if there's a need security update.
<xgeek-cub> oh yes; because they are 3rd party
<bgardner> xgeek-cub: Yeah, don't do that.  You won't be happy with the outcome.
<xgeek-cub> what about backport repository in ubuntu
<xgeek-cub> bgardner : iwouldn't do that thanks
<jpds> xgeek-cub: There's a large "N.B." comment above it in sources.list you might want to read.
<xgeek-cub> jpds: idon't have the backport line in my repo at all
<jpds> Well, it's just says: "please note that software in backports WILL NOT receive any review or updates from the Ubuntu security team."
<xgeek-cub> jpds: so the same unhappy endding (outcome)
<jpds> There's a php5-fpm package in the repo.
<jpds> !info php5-fpm precise
<ubottu> php5-fpm (source: php5): server-side, HTML-embedded scripting language (FPM-CGI binary). In component universe, is optional. Version 5.3.10-1ubuntu3.8 (precise), package size 3056 kB, installed size 8135 kB
<patdk-wk> but he wanted php-fpm not php5-fpm
<jpds> patdk-wk: Not the same thing?
<jpds> Not that I've ever used it before.
<patdk-wk> php-fpm is rhel naming
<jpds> But: http://php-fpm.org/download/ --- "PHP-FPM is now included in PHP core as of PHP 5.3.3."
<patdk-wk> :)
<xgeek-cub> why when i am trying to ap-get install nginx-extra ; the package nginx-full wants to remove it self
<xgeek-cub> jpds so no php-fm needed at all no apt-get install php-fpm .....
<jpds> xgeek-cub: But you can: apt-get install php5-fpm.
<xgeek-cub> jpds: why should i do that if it is already there?
<jpds> I don't understand what it is you're trying to do then.
<xgeek-cub> installing php mysql nginx andphpmyadmin
<xgeek-cub> but installing nginx-extra removes the nginx that i just apt-get ed
<jpds> xgeek-cub: Yes, see: apt-cache show nginx-extras and apt-cache show nginx-full.
<jpds> -extras is -full AND more.
<xgeek-cub> what is this package? php5-mysql!
<ogra_> xgeek-cub, apt-cache show php5-mysql ... the Description should tell you
<Patero-ng> I want to know how to find out how much left I have for my lease of my ip on ubuntu server 13.10
<hazmat> hallyn_, have you seen this one .. https://github.com/dotcloud/docker/issues/2476
<hazmat> several folks are having issues with lxc in 13.10 and docker
<hallyn_> hazmat: no haven't seen it.  (don't use docker)
<hallyn_> kirkland uses it...
<hazmat> hallyn_, there's a couple rounds of comments on the mailing list and on #docker about the issue this morning
<hallyn_> which mailing list
<hallyn_> presumably they need to fix something in their configs - maybe add pstore to their container fstabs?
<hallyn_> (that's not an lxc issue.  it's a mountal/kernel issue)
<hazmat> hallyn_, docker user ml
<hazmat> hallyn_, installing from lxc daily ppa seems to resolve for folks.
<hallyn_> that's interesting
<hallyn_> (that, on precise, is what i mostly use)
<hazmat> smoser, hallyn_, incidentally that 3.8 hwe kernel thingy.. seems to have come from there docs on the topic.. http://docs.docker.io/en/latest/installation/ubuntulinux/ no reasoning behind it though
<hallyn_> hazmat: only thing which should not work in 3.2 kernel that i can think of is lxc-attach <shrug>  it's a useful enough feature that hwe kernel may be worthwhile
 * hallyn_ goes to see why his printer is not printing
<hallyn_> "what am i paying you for!"
<arcimboldo> hi all, I have a problem with OpenStack, it stopped starting instances, is someone able/willing to help me?
<hazmat> hallyn_, ic, afaik there not using that, really  they only use lxc-start.
<hallyn_> that's why i made my suggestion on the m-l :)  <shrug>
<Underbyte> what exactly is installed when you select the "Virtual Machine Host" option in the Ubuntu Installation package selection dialog?
<adam_g> smoser, around?
<sarnold> Underbyte: here's a list of what it wanted to do on my laptop: http://paste.ubuntu.com/6336744/
<Underbyte> okay, so it doesn't install as openstack?
<Underbyte> *install openstack
<sarnold> Underbyte: right
<Underbyte> sarnold: so what does the 'ubuntu server cloud edition' do differently then? does it just include a package that it automatically installs? or is something a little more special going on here?
<sarnold> Underbyte: sorry, I'm unfamiliar with that; I know we've got a variety of tarballs and iso images available for installing depending upon needs.. some can be quite small, made especially for VPS use in containers or similar..
<Underbyte> http://www.ubuntu.com/cloud
<sarnold> wow that page is all over the place :) hehe
<photon> Which is the earliest ubuntu server version which contains apache httpd 2.4?
<err-or> photon: what you mean with 'easy'?
<photon> err-or: I didn't say easy, I said earliest :P
<photon> as in, lowest version.
<err-or> damn.
 * err-or hides
<sarnold> photon: saucy: https://launchpad.net/ubuntu/+source/apache2
<photon> so, Saucy Salamander
<photon> Thank you
<photon> any way to get the same for the G++ compiler? https://launchpad.net/ubuntu/saucy/+source/gcc is more or less a 404.
<sarnold> photon: yeah, that's harder to track down; gcc uses versioned packages, gcc-4.8, gcc-4.7, gcc-4.6, gcc-4.5, gcc-4.4, gcc-4.3, gcc-4.1 are all in supported versions of ubuntu
<photon> I'm wondering when 4.9 will be supported.
<err-or> sarnold: any special kind of interest in that? else i would recommend gentoo or something else.. :)
<sarnold> photon: it'll happen in the U series, if it happens. we set the toolchain to a fixed point before the series opens. see e.g. http://lwn.net/Articles/571330/
<sarnold> err-or: I've spent enough of my life waiting for software to compile already :)
<photon> sarnold: U series? Sorry, I'm not enough familiar with Ubuntu jargon ;)
<err-or> sarnold: have fun with that :)
<sarnold> photon: sorry -- whatever comes after 'trusty'  :)
<photon> sarnold: oh, so you meant, it's already too late for trusty, but probably after that?
<sarnold> photon: right
<photon> thanks
<photon> oh, U series, because U comes after T.
 * photon is a bit slow today.
<jrwren> really? I'm surprised it won't make trusty
<sarnold> jrwren: we decide on toolchain before the dev series opens; I don't know how one version or another is chosen, I just trust that those who choose do a good job :) hehe
<photon> g++ 4.9 implements C++11 regex. I've been waiting for this for years. :)
<photon> (by which I mean, I'm happy if it comes with U. better late than never.
<Arrick> hey all, I need to temporarily allow root to logon to a 12.04 terminal so I can p2v it onto our vmware host... how do I enable the root account to logon?
<jrwren> yeah, 4.9 is a particularly excellent release. shame to wait a year to get it into std. but i'd imaging there will be a PPA for it
<sarnold> Arrick: easiest is to just use sudo -s or su - from a console.. if you really must give root a password, you may via "passwd" once privs are elevated.
<sarnold> jrwren: I assume part of it is just poor timing; moving to a new release of the toolchain for an LTS release might be a big jump. keeping 4.8 for trusty makes sense as saucy's experience can help knock free some harder-to-find bugs
<jrwren> sarnold: understood.
<Arrick> thanks sarnold I just have to enable it so the vmware p2v tool can run, it has to run as root on *nix.
<sarnold> Arrick: and sudo p2v  doesn't work? o_O
<Arrick> nope
<sarnold> Arrick: crazy.
<Arrick> yeah, its their proprietary tool
<hazmat> hallyn_, not sure if this already reported.. on saucy.. i've got a juju container that's set to auto start, i rebooted, the container is up and running, but lxc-ls --fancy report  its as stopped
<hazmat> as does lxc-info
<hazmat> hmm.. but because its running and lxc doesn't know that. i can't stop or remove it
 * hazmat unlinks the auto and reboots
<hallyn_> hazmat: yes, it's known - probably fixed in -proposed
<hallyn_> hazmat: meanwhile you can address it using 'lxc-list -P /var/lib/lxc_anon' and lxc-stop -P /var/lib/lxc_anon'
<hazmat> hallyn_, thanks
<alex88> hi guys, what's the preferred way to install php 5.5 on 12.04? dotdeb or ppa:ondrej/php5 ?
<bgardner> alex88: We're here to help you with the standard versions that ship with Ubuntu - your question might have better luck over at ##php.
<alex88> bgardner: I'm asking which you think is "safer"
<photon> Ubuntu Server 13.10 installation hangs trying to retrieve file 1 of 2 (93%) in my VirtualBox instance. No CD or HDD activity for 15 minutes. What could be the cause?
<bgardner> photon: Tried switching mirrors?
<photon> Same happened first time I tried installing, there it hanged just after selecting the keyboard layout.
<photon> bgardner: mirrors? oh, it's trying to download something I guess?
<bgardner> photon: Or you mean the whole VM hangs, not just the download?
<photon> how would I do that?
<photon> VirtualBox itself works, the guest OS hangs.
<bgardner> photon: Okay, then disregard my mirror comment, I doubt that's related.
<photon> bgardner: are you sure? couldn't it be that it simply hangs because it can't fetch the file from the server?
<photon> I'm thinking this is quite likely actually.
<bgardner> photon: When you say 'hangs', do you mean you can no longer work with it at all?  Or is it just not finishing a download?
<photon> well, it's the installation process. I see "Installing the system" and a progress bar that is stuck at 93%. Not sure which key combinations I can use to see if it's really the OS that crashed.
<bgardner> photon: Alt-left and right to move between ttys - does that help?
<photon> bgardner: yes, immediate reaction
<bgardner> photon: Okay, so not dead just waiting forever for a transfer.  Good, that does help.  One moment
<photon> bgardner: according to one tty, last action was 15 minutes ago... : unpacking linux headers
<bgardner> photon: Go to vbox settings and "unplug" the network card for the VM for a minute and see how it responds.  Don't shut it down, just do Devices->Network Adapters->Adapter 0->Not Attached
<photon> bgardner: doing that now.
<photon> bgardner: no change.
<bgardner> photon: Okay, then my research suggests either mirrors or ipv6 as possible culprits.  I haven't had this issue, but it may be instructive for you to explore one or both.
<photon> bgardner: how do I change mirrors?
<bgardner> photon: I knew that would be your next question, hang on never needed to do it before so I don't know the procedure off the top of my head.
<photon> bgardner: sure, I'm glad for your help.
<photon> bgardner: should it be able to install without any network cables attached?
<bgardner> photon: Yes, and I was just about suggest you do that.
<bgardner> photon: You can apt-get update && apt-get upgrade afterwards to get brought up to date.  But start with net disabled and just get installed from the CD.
<photon> wow, just switched to another tty, and seeing a lot of debug and error messages now :/
<bgardner> photon: Anything relevant?
<photon> hard to tell, something about not being able to unmount /media, packages missing, mounting /dev/sda on /media failed, etc.
<photon> and "anna: DEBUG: resolver (ext4-modules): package doesn't exist (ignored)"
<photon> "error: couldn't load because of unsupported optional features (240)"
<photon> for ext-4, that is ^
<photon> sounds pretty messed up
<photon> bgardner: ^
<bgardner> photon: That's ... interesting.
<photon> it hangs somewhere different each time I restart the VM.
<bgardner> photon: If I were you I'd start checking components - test memory, HDD, etc.
<bgardner> photon: Yeah, I know it's a VM - but something is wrong.
<photon> I've been running a VM with Ubuntu Server 10.10 for days (years) now.
<photon> worked flawlessly.
<photon> the CD ISO is intact.
<photon> I checked.
<bgardner> photon: I hear you.  Or maybe someone else here is smarter than me and can offer help, but I'm not sure what to tell you.
<photon> wow, now it even hangs when checking the CD for integrity?
<photon> but the one tty console is still intact.
<photon> bgardner: thanks for your effort so far.
<bgardner> photon: Sorry I don't have more, and good luck with it.  I have to go but I might be on later.
<photon> alright, thanks.
<keithzg> So what could be preventing a computer from getting an IP? Suddenly today my officemate's *buntu tower has decided that "auto eth0" and "iface eth0 inet dhcp" isn't sufficient . . .
<genii-o-lantern> keithzg: We are already trying to assist in #kubuntu :)
<jamespage> zul, adam_g: we should look at this during 14.04
<jamespage> https://github.com/pandemicsyn/swift-ring-master
<jamespage> paravoid pointed me at it a few weeks ago when I was winging about how awkward ring management is is swift
<zanzacar> I have been working with linux for a while and I was wondering about using sudo service to get statues and start/stop/restart thing vs other means?
<zanzacar> Is there a best way to handle dealing with your services? I have always used service and never looked for anything else
<sarnold> zanzacar: on ubuntu, services are managed via 'upstart' -- nearly everything you'd ever want to know about upstart is documented here: http://upstart.ubuntu.com/cookbook/
<sarnold> zanzacar: I think you're probably going to be most interested in chapter 11, Cookbook and Best Practises
<zanzacar> sarnold: thanks for getting back to me. Sometimes I never know where the next step in the path is.
<sarnold> zanzacar: there is always something new to learn, isn't there? :)
<zanzacar> There always is, its just a matter of finding out what it is. Thanks for the link I have some reading to do.
#ubuntu-server 2013-11-01
<photon> Does sudo apt-get install php5-fpm suffice to install PHP and the FastCGI Process Manager? I did that and sudo /etc/init.d/php5-fpm start shows now output.
<photon> and php-fpm doesn't listen.
<jpds> Looks like there's a socket at /var/run/php5-fpm.sock ?
<jpds> And you do something like: fastcgi_pass unix:/var/run/php5-fpm.sock;
<jpds> Looking at http://www.howtoforge.com/installing-nginx-with-php5-and-php-fpm-and-mysql-support-lemp-on-ubuntu-13.04 .
<photon> jpds: thanks, I forgot to configure it to listen on a port.
<photon> I wonder, do I need php-cli also?
<photon> or does php5-fpm suffice?
<ericsysmin> need some help with cloud-init, looks like im hitting this error  __init__.py[WARNING]: Unhandled non-multipart userdata starting 'I2Nsb3VkLWNvbmZpZwpob3N0...'
<qubits> yo
<qubits> im on a tablet o.o
<qubits> samsun 4g 16gb sgh t779
<Patero-pe> yo
<Patero-pe> how to check how much time I have left on my lease in ubuntu server
<babinlonston> How to setup a vsftpd for a user to access only /www Directory
<babinlonston> Response:	500 OOPS: vsftpd: refusing to run with writable root inside chroot() -----> I'm receiving this error for a local user
<jamespage> zul, when you start - any ideas? - http://paste.ubuntu.com/6340390/
<jamespage> thats an lxc instance trying to start on havana
<Alina-malina> what is the best video streaming server for ubuntu?
<BrixSat> Hello
<BrixSat> you guys now a good ssh key manager and dristribution system?
<zul> jamespage:  swap day but what image did you download?
<jamespage> zul, disk1.img
<zul> jamespage:  possibly bad image?
<jamespage> zul, might be
<crash_cy> Hello, I am running Ubuntu server on a box at my office, I use it for test development stuff and it is not open to the internet, but I would like to be able to work on it from home.  Is there a way to set up a connection from my home laptop?
<jrwren> crash_cy: can that ubuntu server connect out to the internet?
<bgardner> crash_cy: Via what?  You said it isn't connected to the internet.
<crash_cy> jrwen: yes, it can connect to the internet
<jrwren> crash_cy: then yes, you can do it, but I don't think I can explain it via IRC.
<crash_cy> jrwen: can you suggest what utility I would use so I go find a guide on it?
<bgardner> crash_cy: I use port forwarding from my router to a custom port for SSH.
<bgardner> crash_cy: That assumes you have (or can get) the right to forward a port from your office firewall.
<jrwren> crash_cy: if you have a home server, you can ssh from your office server to your home server and open a reverse ssh tunnel. see the ssh man page for the -R option.
<bgardner> crash_cy: Either way, take precautions to harden the SSH server that you expose.  Speaking from experience here.
<crash_cy> jrwren: no home server, but I suppose I could set up a virtual box if needed
<crash_cy> bgardner: I'm sure I can get the network admin to set up port forwarding as long as it doesn't create added risks for the network
<crash_cy> bgardner: he's already set it up where I can remote into my office desktop, which then can remote into the server
<crash_cy> bgardner: but that's pretty clunky to work that way, so I'd like to bypass the office desktop
<bgardner> crash_cy: Sure, then you're on the right track.  Get a non-privileged port (>1024) forwarded to your server, configure your ssh server to use that port (or remap, your choice), harden it properly and you should be all set.
<crash_cy> alright, thanks
<jrwren> interesting advice.
<jrwren> my advice is different. use default 22. disable password auth. generate a keypair and use that. use a strong password on that private key.
<Arrick> hey all, Its been WAY too long since I've played with my nix servers... can someone tell me (Im using windows terms) how to see what partitions are on what disks?
<Arrick> and how much space is being used?
<jrwren> read the df and du man pages.
<jrwren> and cat /proc/partitions
<jrwren> and maybe read the output of dmesg
<hallyn_> sarnold: jjohansen: hey guys.  I give you,  https://code.launchpad.net/~serge-hallyn/ubuntu/trusty/lxc/lxc.aa-libvirt/+merge/193622
<hallyn_> two questions on that,
<hallyn_> 1. is there a better way (yet) to do this ugliness?
<hallyn_> 2. did i overlook sysfs paths which i've just unintentionally made writeable?
<hallyn_> (i'd better run some more tests and try writing to a bunch)
<Patero-pe> is there a way to find out the lease time of the ip in ubuntu server like there's on windows 7
<pmatulis> Patero-pe: yes
 * hallyn_ biab
<Patero-pe> pmatulis: tell me
<pmatulis> Patero-pe: yes sir.  for me: 'tail /var/lib/dhcp/dhclient.br0.leases'
<Patero-pe> thanks
<nickanderson> Can ayone provide some guidance on what tools I should use to build an apt repo that supports pinning. Its just a small repository, but I do want to support multiple versions of the same package.
<nickanderson> debarchiver and reprepro don't appear to support pinning, and its not clear to me which ones dow
<andol> nickanderson: What do you need in the repo for it to support pinning? Isn't that stuff primarily configured client side?
<nickanderson> First, I am not a debian expert. But I know there are trivial and official style repos. trivial repos dont support pinning. reprepro and debarchiver purge out old versions of a package when I add new ones
<nickanderson> My google fu is failing me
<sarnold> nickanderson: investigate apt-ftparchive from the apt-utils package; it's used in the backend to some tools I use, so I don't know much about it, but it might do the job
<sarnold> (the manpage doesn't mention 'trivial' or 'official', sorry)
<andol> nickanderson: Sounds like what you want is to define separate releases/codenames in the repo, and then have the client pin on that?
<nickanderson> sarnold: apt-ftparchiver will work for me, thanks!
<sarnold> nickanderson: yay! :) have fnu
<sarnold> also fun
<sarnold> hallyn_: https://bugs.launchpad.net/ubuntu/+source/cgroup-lite/+bug/1247299
<hallyn_> sarnold: thanks (marked invalid)
<sarnold> hallyn_: oh hooray, I didn't realize there was a workaround so readily available. :D
<sarnold> hallyn_: thanks
#ubuntu-server 2013-11-02
<brucewhealton> Hello all.  I am planning to reinstall apache2 on Linux to support apsx or apsx2.  I'm needing that and I have discovered that it is compiled with apache2.  So, one cannot install it separately, or locate a apache package that has that installed.  I also want to upgrade php to php5.5.5.  What tools will I need?  Also, will this completely change how apache is configured on Ubuntu?  For...
<brucewhealton> ...example the source code is httpd, yet on Ubuntu we use apache2.
<hallyn_> sarnold: not really a workaround - it's a tradeoff :)  actually we can now do better since we have an option to only mount the container's cgroup and below into the container...
<brucewhealton> I am just curious as to whether or not this will radically change how apache is configured on Ubuntu?  For example, we have commands like a2ensite and etc.
<hallyn_> but generally if you use the -with-nesting profile, then since the containers are not in user namsepace yet, root can completely scape the cgroup
<hallyn_> including device cgroup.  now he can write to disk.  game over.
<sarnold> eek
<sarnold> well, probably for juju's use cases, it isn't a show-stopper, the local provider is mostly intended for development..
<hallyn_> the nestable cgroup manager will solve this :)
<hallyn_> somebody go buy me some time to write it
<hallyn_> but not tonight
<sarnold> oo me too please :)
<hallyn_> anyway gnight :)
<sarnold> gnight :)
<sarnold> brucewhealton: 'apsx'? what is that? I don't see any references to 'apsx' in the searches that are easily at hand..
<brucewhealton> apache extensions
<brucewhealton> or apsx = apache extensions Toolset.  I was taking a course online and was trying to follow along hoping that later it would be clear where and why one would use this tool.  I was hoping to get a better idea how this is used.
<brucewhealton> So, the docs I read said that it is available only when compiling from source.  I was just getting used to how apache works on Ubuntu and was hoping that things wouldn't get drastically changed if I compiled the apache2 application from source.
<brucewhealton> It would be nice to use php 5.4 or even 5.5 and it seems that using package manager one can only get php 5.3.   I guess php can be compiled for Ubuntu after apache is already installed.  I can then figure out if having apsx is very useful or not, in the course.
<jrwren> don't you mean apxs ?
<wiehan> anyone know of a good command line interface DAAP server for ubuntu - I'm not getting forked-daapd working. Any other suggestions?
<morph-> Anyone here familiar with DHCP?
<jml> hello. I'd like to install Ubuntu Server 13.10 onto a machine I have physical access to but no monitor for.
<jrwren> morph-: ask
<jml> OKâ¦ turns out I *do* have a monitor, and the problem was a great difficulty making functional USB sticks.
<jml> I've made a CD, and that boots
<jml> except it hangs at the "Select a Language" screen
<jml> so the 12.04 LTS CD works fine
<jml> and now the install proceeds
<hazmat> hallyn_, when your ssh into lxc-containers, is the common behavior to just grep lxc-ls --fancy for an ip address for the named container? or is there a nicer workflow, the alternative seems to be querying dnsmasq against the container name.
<hazmat> s/your/you
<jml> hazmat: hello
<hazmat> jml, greetings
<hazmat> hallyn_, put together a simple script to just query dnsmasq and output ip given container name.. just trying to simplify ssh user@container_ip  http://paste.ubuntu.com/6347521/
<hazmat> hallyn_, better version with the ssh exec built in as a param http://paste.ubuntu.com/6347583/
<Beatstreet> what the best place to look to see if I can tell why a sever keeps locking up?
<pmatulis> /var/log/syslog
<Beatstreet> ok, thanks
<hallyn_> hazmat: two other ways:  1. you can set LXC_DOMAIN to lxc in /etc/default/lxc-net, and add something like 'server=/lxc/10.0.3.1' to /etc/dnsmasq.conf.
<hallyn_> hazmat: 2. you can add an entry to $HOME/.ssh/config for .lxc, like so:
<hallyn_> http://paste.ubuntu.com/6349837/
<hallyn_> that's what i usually do.  i don't use lxc-ls for it.  in a pinch on a fresh host i just do 'host container1 10.0.3.1'
<hallyn_> I think (1) is the 'cleanest' way but i rarely do it
 * hallyn_ probably offline for rest of weekend
#ubuntu-server 2013-11-03
<lwizardl> hello
<pmatulis> hello
<jparkton> is raring Ubuntu 13? I thought 13 was oneiric
<jparkton> I was wrong
<ikonia> jparkton: 13.04/13.10 - both 13
<jparkton> ikonia: I am just running into weird issues but I think it is a restriction on my vps not the repo :)
<gdos> how can i change the default IP address of virbr0: from 192.168.122.1 to another one?
<andol> gdos: virsh net-edit efault
<andol> gdos: virsh net-edit default
<gdos> thank you andol.
<andol> ..unless you want to define a new/other routed network, or want to use bridged networking.
<gdos> andol: how would i do that?
<gdos> just for curious sake.
<andol> gdos: Have mostly used bridged network myself, and that pretty much comes down to created a bridged network interaces, and then point to it when you create new virtual machines. Not much experiences in mucking around with other rourted libvirt networks.
<andol> https://help.ubuntu.com/community/KVM/Networking#Creating_a_network_bridge_on_the_host
<gdos> ok. will research that. thanks. i'm in the process of installing multiple BBS'es on my system and trying to figure out which is the best way to go.
<joossee> hello. I have installed 12.04LTS 64 on a server. I had a problem with my screens so I set "quiet splash nomodeset" in grub. I can mount encrypted volumes and login fine, but I cannot get startx/GUI to run. I only have access to ubuntu install CD right now, no inet on server.
<joossee> it gives me a very clean error saying to sudo apt-get ... but I dont have internet so it returns an error
<bekks> joossee: As k1l already told you in #ubuntu, there is no startx. Install a desktop environment like ubuntu-desktop.
<joossee> bekks; can i install it on a machine with no internet ?
<bekks> joossee: When using an installation cd, sure.
<joossee> bekks; ok letme try a different approach; i think the problem i am having is that my installer cant access the internet. can you recommend a usb wireless nic that works with the 12.04 installer?I have searched the HWCompatibility list, googled, and the forums but they all conflict with each other...\
<joossee> im getting the impression my video card is too legacy for 12.04...
<ersi> Have you actually tried with any wireless nic?
<ersi> Otherwise, just use the installation DVD as a source.
<joossee> ersi; how do i do that from command like?
<joossee> line\
<ersi> joossee: I searched for "add ubuntu install dvd as apt source".
<ersi> Here's a fitting result: https://help.ubuntu.com/community/Repositories/CommandLine
<ersi> https://help.ubuntu.com/community/AptCdrom seems promising as well.
<ersi> That seems to be for the Live Cd though.
<ersi> And this result is basically exactly an answer (though combining both above links): http://askubuntu.com/questions/4694/how-to-use-a-iso-image-as-a-cd-rom-repository
#ubuntu-server 2014-10-27
<BuffyNZ> I just rebooted my Ubuntu 14.04.1 server with a raid5 LV root drive, and got a grub2 error saying disk '/lvmid/[hash]' not found. It then dropped me to a grub2 rescue prompt. I have downloaded the live cd, installed mdadm, remounted the root partition and tried purging and reinstalling grub. No change in behavour. Can anyone help?
<BuffyNZ> The raid5 LV root has been set up for a good year or so, and was rebooted as recently as yesterday.
<learning> Hi, I am planning to host my project on aws and want to encrypt home directory. I have setup password less ssh login via key. When I logout from the ssh session, will the home directory get encrypted? In that case, how the program will be able to read the text files from the filesystem?
<lordievader> Good morning.
<ochoroch> lordievader: HypeVs Bugs Daily: Admins just tried another type of backup. Switch of the VM before doing backup. This fucked up the Filesystem again ... either they dont know what they are doing or HyperV is just shit! ....
<lordievader> ochoroch: Watch your language, this is a family friendly channel. Perhaps turn the backup off and do it yourself?
<ochoroch> lordievader: ok, wasnt aware that this is a family friendly channel ... i plan to do my own backups, only Backup /var/www/ and databases ....
<lordievader> ochoroch: Add /etc to it.
<ochoroch> ok ... true true. :-)
<Jeeves_Moss> what should the correct directory be for the AWstats icons?
<LeMike> #php does not give me an answer on this so I like to ask here: does the client-side need to take any action on "solving" the poodle-bug? or is it something the server needs to do?
<mardraum> afaik there is no solution, just a workaround - stop using SSLv3
<LeMike> how about SSLv2?
<LeMike> mardraum:
<mardraum> LeMike: no. use TLS. check your server using the ssllabs server tests.
<LeMike> thanks mardraum . that helped!
<rbasak> jamespage: will you be able to sponsor bcache-tools into unstable before jessie freezes, please?
<jamespage> rbasak, I should think so - point me at it
<rbasak> jamespage: I need to prepare it for Debian. Basically what's in Ubuntu, but I'll remove Vcs-* etc.
<rbasak> (since the guy whose repo was hosting the latest seems to be MIA)
<rbasak> jamespage: need some help with the Maintainers and Uploaders field please. Maintainers will be me and one other named person. But neither of us are DMs (AFAIK). So what goes in Uploaders? Both of us anyway?
<rbasak> And do we need a group email for Maintainer?
<jamespage> rbasak, you don't need a group email for maintainer - it can be one person; with others listed in uploaders
<jamespage> rbasak, and its fine to add yourself as an uploader even if you are not a DM yet
<rbasak> OK, I'll do that for now - thanks.
<zul> is vivid open yet?
<rbasak> zul: yes
<rbasak> jamespage: ready for review. github.com/basak/bcache-tools, master branch.
<rbasak> jamespage: please use the orig tarball from Utopic/Vivid when uploading.
<jamespage> rbasak, hmm - no upstream and pristine-tar branches then?
<rbasak> jamespage: no. There's great confusion on the definition of "upstream" currently. Everyone is friendly but there are a number of accidental forks.
<rbasak> I have discussed this upstream and we decided to upload to define the canonical one.
<rbasak> I guess I could create a pristine-tar branch though - I just haven't.
<rbasak> (partly for fear that things will get forked and then screwed up)
<ApplesInArrays> I'm using a VPS that doesn't have nice DNS record configuration like DigitalOcean. Just has a space for "Reverse DNS". Is there a way I could implement Virtual Hosts? on Namecheap I'd point two domains to the same IP. I'm trying to figure out if this could work.
<pdonnachie> Hi everyone, I need to redirect all the URL ending with .htm to the homepage. I'm using apache, so I add in the .htaccess file the line RedirectMatch 301 (.*)\.htm$ http://website.com/ but is not working.. actually is blocking all the website.. What's wrong with the line I added? Thx in advance
<WhiteIntel> hello guys can someone help me with an openvpn client problem in ubuntu server?
<jamespage> rbasak, W: bcache-tools source: maintainer-also-in-uploaders
<jamespage> you can drop david from uploaders
<rbasak> jamespage: oh OK, sorry.
<jamespage> rbasak, np
<rbasak> jamespage: pushed
<jamespage> rbasak, all looks good to me - uploaded to NEW for unstable
<jamespage> thanks!
<rbasak> Thank you!
<rbasak> utlemming, rcj: I don't see any daily cloud images for Vivid. When are these expected, please?
<ApplesInArrays> Just set up a VPS and I'm not having any luck getting mod-rewrite to work. Any help?
<jpds> We're going to need a bit more information that that.
<jpds> than that*
<ApplesInArrays> I'm typing it up now
<ApplesInArrays> Here are the steps I took and the error: http://paste.ee/p/fLd2L
<ApplesInArrays> find / -name httpd.conf  to find httpd.conf as described here (http://tildemark.com/enable-htaccess-on-apache/), no?
<Ryan_Lane> is there any way to set MAILTO for all cron.d entries, without modifying them?
<Ryan_Lane> I'm trying to avoid managing every cron.d that comes with a package, but I'd really like to disable cron emails for my dev environments
<markthomas> Ryan_Lane, try adding -m off to the cron daemon args.
<Ryan_Lane> -m isn't an option
<Ryan_Lane> ubuntu ships with anacron
<markthomas> Ah.
<markthomas> huh
<genii> Ryan_Lane: Have you tried putting MAILTO=""  in the /etc/crontab file ?
<Ryan_Lane> I have
<Ryan_Lane> that only helps with things loaded by /etc/crontab
<Ryan_Lane> and cron.d isn't
<Ryan_Lane> neither are user crons
<genii> Aaah
<Ryan_Lane> I'm pretty sure I'm just screwed
<Ryan_Lane> and based on the bugs I've seen Ubuntu has no plans on switching to vixiecron
<ruben23> hi guys anyone can help how to execute rysnc and be able to display the percentage and status of its copying..?
<WhiteIntel> hello I have a problem with my ubuntu server client: when I try to connect I get this error: RTNETLINK answers: Network is unreachable
<WhiteIntel> Mon Oct 27 20:29:06 2014 ERROR: Linux route add command failed: external program exited with error status: 2
<WhiteIntel> what is wrong here?
#ubuntu-server 2014-10-28
<FilthyMacNasty> did I get banned from here or something?
<FilthyMacNasty> 3 disconnects before it let me in
<Tm_T> FilthyMacNasty: no you were not, it would say clearly "cannot join channel, you're banned" or something similar in case of ban
<FilthyMacNasty> ok cool, didnt want to upset anyone ever
<lordievader> Good morning.
<Farva> On our one server machine, we are running a few different IPs, on one IP, everyone connects just fine (iftop example-http://gyazo.com/2e962762f24c46a4b533a953aed9bc95), on the other, people are showing one bar of connection and are lagging heavily. (same person on the other IP: http://gyazo.com/3837b0e2aec3339ca045078ca9765dd8)  This is a E3 gaming server. How do I trouble shoot this?
<WhiteIntel> hello I have a problem with my ubuntu server client: when I try to connect I get this error: RTNETLINK answers: Network is unreachable
<WhiteIntel> Mon Oct 27 20:29:06 2014 ERROR: Linux route add command failed: external program exited with error status: 2
<WhiteIntel> what is wrong here?
<lordievader> WhiteIntel: You don't have a connection?
<lordievader> A network connection that is.
<WhiteIntel> my server has a network connection and internet, thats the strange thing :\
<lordievader> WhiteIntel: The client throws the error?
<WhiteIntel> yes thats from the client log
<lordievader> WhiteIntel: So the client has no network connection.
<WhiteIntel> the client has network connection, IÂ´m connected over ssh to the client and I can ping google from the client
<lordievader> WhiteIntel: On the client what is the output of "ip route"?
<lordievader> !paste | WinstonSmith
<ubottu> WinstonSmith: For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imgur.com/ !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<WhiteIntel> http://paste.ubuntu.com/8717757/
<WhiteIntel> this is the output
<lordievader> Seems okay, strange interface but whatever. What ip are you trying to reach?
<WhiteIntel> a public ip of my VPN server
<WhiteIntel> under my windows client (that is in the same network as the ubuntu one) I can connect without any problems
<lordievader> WhiteIntel: Just to be sure, what is the output of "ip a s"?
<WhiteIntel> http://paste.ubuntu.com/8717792/
<lordievader> WhiteIntel: Hmm, yes that should work.
<lordievader> WhiteIntel: You mentioned vpn does this error happen after you enable the vpn?
<WhiteIntel> yes after the command "openvpn --config vpn.ovpn"
<lordievader> WhiteIntel: Ah, take a look at how it modifies your routes. It is probably the culprit.
<WhiteIntel> do mean in the server config?
<lordievader> WhiteIntel: What openvpn does is modify routes in order to throw (all) traffic over the vpn tunnel. Seems like this is misconfigured.
<WhiteIntel> lordievader: the server is running in tap mode, as I said on a windows client this works very well and on the server I had this additional configs http://paste.ubuntu.com/8717920/
<lordievader> WhiteIntel: Run the openvpn on the client, and get the output of "ip route" and "ip a s" again.
<WhiteIntel> http://paste.ubuntu.com/8717957/
<lordievader> WhiteIntel: You don't have a default gateway anymore.
<WhiteIntel> yea I saw that, but I donÂ´t know why^^
<lordievader> WhiteIntel: Because openvpn messes up your routes. Check its config.
<WhiteIntel> lordievader: my client config is this: http://paste.ubuntu.com/8718022/
<lordievader> WhiteIntel: I've never setup an openvpn vpn, so I do not know what can be wrong with the config.
<WhiteIntel> lordievader: what else could be the problem?
<lordievader> WhiteIntel: What do you mean?
<WhiteIntel> lordievader: The reason why I canÂ´t connect :\
<lordievader> WhiteIntel: I've already told you, openvpn breaks your routes.
<WhiteIntel> lordievader: but why only under ubuntu? with my other clients all is working well
<lordievader> WhiteIntel: Do the other clients run under the exact same conditions?
<WhiteIntel> lordievader: yes the run under the same conditions
<lordievader> WhiteIntel: Anyhow the proof lies right infront of your eyes, whether you choose to accept it or not,
<WhiteIntel> lordievader: thx
<elias_> Hey
<lordievader> o/
<elias_> i have nginx 1.4.6 (ubuntu) and latest version is 1.7.6 is that secure and include all latest patchs
<elias_> or to be more secure its better to install latest version from source code ?
<lordievader> !info nginx utopic
<ubottu> nginx (source: nginx): small, powerful, scalable web/proxy server. In component main, is optional. Version 1.6.2-1ubuntu1.1 (utopic), package size 3 kB, installed size 47 kB
<elias_> lordievader, what do you mean by that :-/ ?
<lordievader> Nothing was just wondering what version Utopic has.
<elias_> nginx -v tells me that i have 1.4.5
<lordievader> !info nginx trusty
<ubottu> nginx (source: nginx): small, powerful, scalable web/proxy server. In component main, is optional. Version 1.4.6-1ubuntu3.1 (trusty), package size 5 kB, installed size 93 kB
<elias_> does it include all patchs ?
<lordievader> elias_: 1.4.6 is available for Trusty ;)
<lordievader> elias_: No idea, read the changelogs.
<sander^work> What's wrong when I get: "no operating system found" on boot?
<jrwren_> sander^work: empty MBR
<raid-fu>  all, i have a raid problem. it shows as "inactive" and if i try enabling it. it says assembled from 5 drives and 1 rebuilding - not enough to start the array   / i'm confused. how is it rebuilding but not enough to start ?
<alexgl> in ubuntu server 14.04 I have gadmin-samba setup but I cannot get into it from another linux nor windows 7. it's a virtual machine that has got ip from dhcp. Is there something from the path that I'm missing, i'm doing \\server-ip\share
<alexgl> anyone using samba to create a share for windows 7 or clonezilla fileshare?
<sudormrf> !ping
<ubottu> pong!
<lumia900> i cant able to open my samba share folder from windows..
<lumia900> since i have configured as guest ok = yes
<caliculk> Hello, I have a bit of a weird issue. Usually, after about 11 days or so, my server stops responding to network connections, yet it is still running. I can't really figure out why. I don't see anything abnormal in the kernel.log, dmesg.log, or syslog files. I was wondering what other steps I could take to diagnose the issue if it was software. My only ability is to connecto remotely to diagnose it, so I am really hoping it is a software
<caliculk> issue and not a hardware one.
<genii> caliculk: Perhaps check with lshw -C network what make and model the NICs are and what driver is claiming them, and then look up the driver to see if there's some known issue like this and a fix
<caliculk> genii, thank you, will do right now. Is there anything that I could run continuously to double check if the nic is up or responding to connectivity, and if it fails, run specific commands that output to a file as well?
<caliculk> Though from the first google search, there is a report of the driver/devices flat out not working, but that was from ~March's mailing list, and a September forum post. I would assume the latest kernel would have the most up to date driver as well, would it not? If not, I will just go download.
<genii> caliculk: Conceivably maybe a shell script to see if it can ping an external box and if not then maybe to dump last 25-50 lines of dmesg and modprobe -r driver/modprobe driver, call it as a cron job on some reasonable schedule
<genii> lunch, sort of afk gorging :)
<caliculk> No worries, thank you for your help. :) Its frustrating enough for me being on a 7 hour time difference from the box, and when it goes down, I have to wait for someone to wake up to reset it.
<caliculk> At least now I am getting a little help. :P
<genii> caliculk: I know that there are some Broadcom NIC with an issue like this but don't recall the model number offhand
<caliculk> This is unfortunately an Intel NIC, e1000e driver. So completely different manufacturer.
<genii> caliculk: I recall there was some issue with that one. I'd have to look back into it, but something like they modified the e100 driver but doesn't always work properly
<genii> caliculk: According to Intel at http://www.intel.com/support/network/sb/cs-032514.htm "The e1000e driver supports PCI Express* Gigabit Network Connections except the 82575, 82576, 82580, and I350."  ... is one of these?
<caliculk> I have an 82574L
<caliculk> So, no.
<genii> caliculk: Some of the things you might want to do in the cronjob besides dump the end of dmesg is check the current adapter settings with ethtool, , maybe also some traffic with wireshark, maybe tcpdump
<genii> ethtool results when it goes down can be compared to what it reports when working normally, traffic analysis might show what it's trying to do and what the responses/lack of response is
<RoyK> caliculk: I guess it might work if you add its PCI ID to the driver. IIRC it should be possible to do that dynamically without recompiling the driver, but I don't remember how
<caliculk> RoyK, It is working right now, I am using a bouncer to talk from that box. It just coincidentally fails after a random number of days (usually longer than 8).
<dasjoe> Are you sure it's network-related?
<RoyK> caliculk: how does it fail?
<caliculk> I don't know, I am not able to really diagnose it. But, from what I can tell, the connection just dies with the software programs still running in the background that would use the network connection. For instance, two days ago, I got an e-mail from logwatch, shortly after (maybe 10 to 20 minutes) I went to go login to the machine through SSH, and it wasn't responding. Tried encrypted VNC, znc, ping, etc. Everything failed.
<caliculk> It has happened on more than one occasion.
<Finetundra_> anyone have any tips for running a server?
<bekks> ??
#ubuntu-server 2014-10-29
<foo___> I could use some bridging help with a 3 node setup on vms.  The instances can get dhcp addresses but not internet access
<bekks> foo___: Which hypervisor do you use?
<foo___> qemu
<bekks> Oh, I'm sorry, havent used qemu in a decade.
<foo___> Right on.   It's a bridge issue that I just can't seem to get right.
<foo___> I need a hand with the log.
<foo___> *logic
<bekks> So let's try it :)
<bekks> bridging isnt black magic - mostly :D
<foo___> Absolutely.  I'm using ubuntu 14.04
<foo___> eth0 has inet access
<foo___> eth1 is management
<foo___> eth2 is the no-ip external
<qman__> are these connected to the same switch / vlan?
<foo___> gre
<foo___> They're on vm's too btw
<qman__> ?
<bekks> Ok, so per vm: you have three interfaces?
<foo___> Yes.
<foo___> Well, just the network node
<bekks> So just one vm?
<foo___> Yes.  The interfaces on the network node
<bekks> And whats the issue with that one node?
<foo___> The instances on compute can get a dhcp address but not internet access
<foo___> So it looks like a bridge problem on the network node.
<foo___> I followed the juno guide for openstack on 14.04 closely
<bekks> So "the network node" (a vm) serves DHCP addresses to "the other nodes"?
<foo___> The network node service dhcp addresses to the instances on the tenant network
<bekks> and "the network node" and "the tenant network" are your three vms?
<qman__> I'm still not clear on what your architecture looks like
<qman__> also, while bridging is not black magic, openstack's elastic IPs kind of are
<bekks> Let's powerpoint it :D
<foo___> No.  The compute node and the controller node and the network node are 3 vms that are my openstack cluster.  The network node serves ip addresses to the instances that are running inside of openstack
<foo___> Lol... I'm not using floating ip addresses atm.
<|rt|> I've run into an issue with preseed and 12.04.5 images....hash sum mismatches on the repos...is this a regresion from 12.04.4, which works fine?
<|rt|> has anyone else seen similar behavior?
<|rt|> starting to wonder if the 12.04.5 iso has this issue baked in.  https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1371058
<uvirtbot> Launchpad bug 1371058 in apt "Regression: Latest apt security update returns Hash Sum mismatch for file: URI:s" [Critical,In progress]
<thekaos> alguien que me ayudea iniciarme en linux
<cfhowlett> !es | thekaos
<ubottu> thekaos: En la mayorÃ­a de los canales de Ubuntu, se habla sÃ³lo en inglÃ©s. Si busca ayuda en espaÃ±ol entre al canal #ubuntu-es; escriba " /join #ubuntu-es " (sin comillas) y presione intro.
<thekaos> ubottu gracias
<lordievader> Good morning.
<surf> hi guys I have a ubuntu server on virtualbox vm with nginx installed. Using bridged connection I can't see the webapp on the host but I can only see the nginx landing page. Any clue?
<ihre> Hi guys, I've installed graylog2 on my server, and like to give access to regular users from the same system. Graylog2 supports LDAP/AD integration, but is it possible to configure LDAP as a PAM proxy?
<FilthyMacNasty> hilo serveroids
<Mega> HI guys! I wanna use dual boot (Ubuntu 14.10 and Windows 7) Is it possible to make work Node.js from NTFS partition under Ubuntu? I wanna share Node.js project-directory across two systems
<Mega> Or it will be better idea to keep two copies of code, one per system and just synchronizing them thru Git?
<lordievader> Mega: I suppose it is possible but perfomance will suffer and you won't be able to apply Linux file permissions.
<sander^work> Does the boot-repair bootdisk utility do an grub-install after chrooting?
<Gargoyle> Is there a single place to correctly set global environment variables for both users and root ?
<Gargoyle> I've dropped a file into /etc/profile.d/ but it only gets carried over to a root session with "sudo -i" which I didn't think was the proper way to switch
<Myagi> 
<Myagi> Anyone have an opinion about minimum requirements for ubuntu server?
<mardraum> what do you want to do with it
<Myagi> Irc and a forum
<mardraum> ircd and php with a database?
<Myagi> Yes
<mardraum> 1 cpu/1024M RAM/20GB for a low traffic site
<Myagi> Really.. thought that just the os requirements was higher
<mardraum> for server? no
<Myagi> So i should be able to install ubuntu server on these requirements?
<mardraum> I run lots of little 1CPU/1GB RAM/16GB internal machines doing dns/dhcp/reverse proxy
<mardraum> of course
<Myagi> Ok. I will give it a try
<Myagi> Thanks
<LeMike> hi there. is it possible for apache2.4 to use ProxyPass and return a 200 code.
<LeMike> currently I only get a 301 :/
<ccha> hello
<ccha> how can I resize an extended partition ?
<ccha> with cli
<ccha> need to change End sector to the end of the disk
<ogra_> fdisk, cfdisk, parted, sfdisk ... there are probably more i missed
<ccha> and witouth deleting the extened partition
<ccha> you can do that with fdisk ?
<ccha> I want to keep all logical partitions in the extented partitions
<ccha> just grow the extended partition
<ccha> ok cfdisk can do what I want
<ccha> with cfdisk you can create logical partition on free space and the extented partition grew up
<ccha> with fdisk you can't create logical parition since extented parition is full
<ccha> but I got this message "Wrote partition table, but re-read table failed.  Run partprobe(8), kpartx(8) or reboot to update table."
<ccha> and with partprobe, my new logical partition is ready to use
<sander^work> Do anyone know if the boot repair bootdisk here: https://help.ubuntu.com/community/Boot-Repair is any good?
<sander^work> and where can I download it as part of a ubuntu iso?
<notaduck> hello guys
<notaduck> i was wndering if anyone could help make apache run https instead of http?
<teward> notaduck: enable the ssl module?
<notaduck> yearh i have tried ;S
<notaduck> could you mabey take a quick look at my data ?
<teward> notaduck: https://help.ubuntu.com/14.04/serverguide/httpd.html#https-configuration
<teward> nope, i'm an nginx guy, but the server guide has configuration steps
<notaduck> damn ;) i have tried to follow the guide but i cant get i to work
<notaduck> i think it is when i have to type the common name i am doing somthing wrong
<notaduck> i am tping my wan ip in there
<hallyn> zul: can you look at bug 1379585 ?
<uvirtbot> Launchpad bug 1379585 in libvirt "python-libvirt lacks egg-info on precise" [Undecided,Confirmed] https://launchpad.net/bugs/1379585
<zul> hallyn:  sure
<zul> hallyn:  nothing to do with us hes grabbing the python-libvirt from pypi
<hallyn> zul: excellent.  :)
<Shoto> 9
<FilthyMacNasty> hilo serveroids
 * genii slides FilthyMacNasty a fresh beverage
<smrtz|work> I'm trying to create a logical volume with lvcreate, but I'm getting this error: sprunge.us/TWLF  Is there a way for me to tell lvcreate to create it on the Storage partition?
<smoser> hallyn, or stgraber. lxc-create -t download ...
<smoser> say i want to do that with a sub-range of my subuid/subgid
<smoser> ie, i want to create one with:
<smoser>  u:100000:5000
<smoser> and another with
<smoser>  u:101000:5000
<smoser> er.. lxc.id_map = u 0 100000 5000
<hallyn> smoser: use a custom lxc.conf and use lxc-create -f lxc1.conf -t download ...
<hallyn> smoser: or, if you look at flex, you can see how to di it using hte api :)
<hallyn> in python3, you'd do
<hallyn> lxc.clear_config_item("lxc.id_map");  lxc.set_config_item("lxc.id_map", "u 0 100000 5000");  lxc.set_config_item("lxc.id_map", "g 0 100000 5000")
<hallyn> really, it may be time to add a 'b' to the lxc.idmap support
<hallyn> anyway, biab
<smoser> i'm sure i'm doing stupid.
<smoser> http://paste.ubuntu.com/8737925/
<smoser> :-(
<JayJ> On ubuntu 14.04 host runing 3.13.0-24-generic kernel, Guests are freezing and I see "BUG: soft lockup - CPU#x stuck for 22s!" Anybody help me narrowing the issue? HW is Supermicro with Intel(R) Xeon(R) CPU E5-2660 v2 @ 2.20GHz. I need anybody help.
<stgraber> smoser: you probably wnat to pass the conf with -f and then pass -t download
<qman__> JayJ: That is a pretty outdated kernel version, may be a bug, but more likely a hardware issue
<stgraber> smoser: also note that allocations shorter than 65536 will fail if any file in the download tarball is owned by nobody/nogroup
<JayJ> qman__: What I don't understand is that the host is running the same version of ubuntu and kernel. There are no issues with the host. However, teh guest running has all the issues.
<JayJ> qman__: Windows hangs too.
<qman__> JayJ: oh, I misread, but if your guests are locking up, the advice still applies, are you using local or shared storage? Very slow or unreliable storage can frequently cause guests to hang or die
<qman__> A kernel bug is more likely than I initially suggested, too
<JayJ> qman__: We are seeing the same behavior on the local filesystem as well as Ceph backend storage
<JayJ> qman__: Will upgrade the kernel to see if that makes any difference
<ApplesInArrays> Any such service to allow me to scan for vulnerabilities on my server?
<ApplesInArrays> or any way to update all software and the 14.04OS?
<genii> sudo apt-get update     and then either sudo apt-get upgrade  to keep your current kernel and upgrade everything else, or sudo apt-get dist-upgrade to do that plus kernel upgrade if available
<ApplesInArrays> Right now, when I have a fresh install of 14.04LTS, shellshock works. If I update the kernel, this might change?
<genii> You should at least do sudo apt-get update && sudo apt-get upgrade   to upgrade binutils and fix bash
<ApplesInArrays> I just did that. Had 2 prompts to ask me to update. Cron and a config file
<ApplesInArrays> Thanks, genii
<genii> np
<ApplesInArrays> I guess that's something worth doing after I spin up a new VPS.
<genii> Yup.
#ubuntu-server 2014-10-30
<FilthyMacNasty> I think I;ll eat a grenade now, just got done imaging 15 dells
<Sachiru> Query: For some reason, sudo apt-fast autoremove does NOT remove old kernel headers from my machine. Why is this?
<maven> Need help, planning to setup small business datacenter.
<maven> Need help any body there?
<lordievader> Good morning.
<hariom> I am facing issue in playing a sound file: http://pastebin.com/Et5mh77F
<hariom> Can anybody help?
<hariom> Using Ubuntu Lucid
<lordievader> hariom: What does 'aplay -l' return?
<lordievader> !paste
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imgur.com/ !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<hariom> lordievader: aplay -l aplay: device_list:252: no soundcards found...
<lordievader> There you go ;)
<hariom> lordievader: but did you see this: http://pastebin.com/Et5mh77F
<lordievader> hariom: Yes, but alsa has not found any sound card. And thus it is unable to play any sound file.
<hariom> lordievader: yea. This is a server without GUI. I just now got few files uploaded by a user and need to listen those files before reply. Can't transfer to other system. I have installed alsa-utils
<lordievader> hariom: Gui or not does not matter. Alsa doesn't see the soundcard.
<hariom> lordievader: How to set it to find the soundcard?
<hariom> lordievader: http://paste.ubuntu.com/8745476/
<Andy-311> what is "cat /proc/asound/modules" returning?
<hariom> lordievader: http://paste.ubuntu.com/8745543/
<lordievader> hariom: Reload alsa, see if that helps.
<hariom> lorddievader: tried: "sudo alsa reload" and also tried rebooting but aplay -l still says no sound card found
<lordievader> hariom: Hmm, I'm not sure how to force alsa to detect a sound card.
<hariom> ok
<lordievader> hariom: Does reloading show errors by the way?
<hariom> lordievader: no errors. http://paste.ubuntu.com/8745695/
<fridaynext> can drives spin down to idle mode if I'm connected via SMB (not reading/writing, though)?
<jrwren_> smoser: ping
<gchristensen> Hi, I'm looking to have upstart start a job when cloud init has finished running my cloudconfig specifications. it looks ilke over time (for natty and maverick etc) the event has changed. anyone familiar with what upstart event to `start on stopped cloud_something_here`?
<smoser> jrwren_, whats up?
<smoser> gchristensen, well, natty and maverick are not supported
<smoser> so, they'ure kind of not terribly important.
<gchristensen> sorry for the confusion, smoser, I'm running on 14.04, but I can't find any information about what the event is for 14.04. given that it has changed over time, it makes it fairly hard to trust any of the posts on the internet about what it might be
<smoser> precise and trusty should be 'start on stopped cloud-init-final'
<gchristensen> ah fantastic, thank you so much smoser
<smoser> so other than lucid, that covers all supported releases.
<jrwren_> smoser: saw your name on juju-core deb.I'm wondering where the source is for that.
<gchristensen> excellent
<jrwren_> smoser: I can apt-get source and learn how it is packaged, but I'd like to know how the orig tarball is built too.
<smoser> jrwren_, the juju core packaging ?
<gchristensen> will there be any upstart support in future versions of ubuntu, or will we have to migrate to systemd to be able to deploy it?
<smoser> well the packaging probably has a 'get-upstream-source' or something.
<jrwren_> smoser: yes, source deb for juju-core.
<smoser> that says how to do it. but really, you downoad it.
<gchristensen> and will cloud-init-final fire if one of the steps in cloud-init failed (like my user script)
<smoser> gchristensen, yeah. it should.
<jrwren_> smoser: apt-get source grabs juju-core-1.20.10. When 1.20.11 comes out, how does the source deb get updated? manual?
<smoser> jrwren_, yes. correct. manual.
<smoser> http://bazaar.launchpad.net/~ubuntu-branches/ubuntu/vivid/juju-core/vivid/files
<gchristensen> excellent, thank you again smoser
<smoser> that is ubuntu packaging. i believe sinzui does upstream packaging (which is very close to == ubuntu at http://bazaar.launchpad.net/~juju-qa/juju-release-tools/packaging-juju-core-default/files/head:/debian/ )
<smoser> as to "how do i know if there is something new"
<smoser> there is a 'watch' file in debian/
<smoser> and 'uscan' will read that and search
<jrwren_> smoser: Huge Thanks.  I'll ask sinzui about it too.
<gchristensen> is there a log of upstart events which have triggered? I'm trying to debug why my service didn't start
<hallyn> stgraber: i'm going to argue that if download ubuntu images stop setting up ubuntu user by default, then that can' treally happen until there is an option in trusty/utopic lxc-download.in to set a default user/pwd.  users will see that as a regression in functionality
<hallyn> i didn't want to step on mwarfield's toes, but i had almost accepted the patchset moving password gorp into a lxc post-create task.  maybe i shouldve, bc i don't like where it's heading.  it's hacky and tack-ed on.
<hallyn> templates should only be providing a 'set-password' hook, and lxc should be guiding the password setting and (if random) storing
<stgraber> hallyn: so my current focus was on closing the security holes and no user, no root password and no sshd does that. But yeah, as with most such security fixes, that does cause a few regressions. My current hope is that most people use lxc-attach rather than lxc-console or ssh when dealing with local containers and that those who don't, setup public key auth ssh and don't use password auth anyway.
<stgraber> but yes, having templates accept a set-password argument or something like that which lxc-download can call would work
<hallyn> did you see teh patchset a few weeks ago by...  i forget his name.  after lxc calls the templates to create, it walked a user-provided list to call passwd in the containers (with the rootfs properly set up)
<smoser> the change is more than just using lxc-attach or not.
<smoser> it means that there is no user named 'ubuntu'. so:
<hallyn> i dunno.  i don't have time to properly address it.  but i may have to serve warning that in jan/feb i may completely replace it if what comes in is too hacky.  bc mwarfield's "I already sent a patch so mine should be used" isn't really workable.
<smoser> lxc-attach -n foo sudo -Hu ubuntu ls -l
<smoser> will fail
<hallyn> stgraber: waht about creating a ubuntu user with no password ?
<smoser> or even:
<smoser>  [ -d /home/ubuntu ]
<stgraber> hallyn: that's I think an acceptable compromise for now
<hallyn> smoser: i suppose we could argue that download template is only for playing around,
<hallyn> and for any serious deployment you should use ubuntu-server.  but i don't like that.
<hallyn> stgraber: my worry is that as the current stuff becomes settled everyone will have it engrained and we'll have to always support it
<hallyn> oh well.  as i don't have time to work on it, i'll deal with the fallout
<hallyn> stgraber: oh -= you meant the passwordless ubuntu user.  exxcellent
<stgraber> right
<hallyn> i think that's waht smoser needs
<hallyn> cool - thanks
<hallyn> i need a cup of coffee.  baim
<stgraber> and for 1.2 we need to come up with a clear definition of what the templates need to do, have a standardized set of options and provide the hooks needed for the download template to be feature-equivalent with the regular templates
<stgraber> and sure, that won't be a backward compatible change, but that's what needs to happen
<hallyn> stgraber: what were you thinking for 1.2 timeframe?
<stgraber> so my current plan is for 1.1 before EOY, 1.2 should be before next Plumbers (so probably August-ish) and that means we can then do 2.0 for February 2016 and ship that in the LTS
<hallyn> maybe i'll look over the m-l threads and current code over the weekend
<hallyn> that gives me two things to do in the air, keeping me nice and busy
<JayJ> qman__: You there?
<IanMalcolm> Hey guys. Should I be using upstart or systemd?
<IanMalcolm> on a default 14.10 install
<lordievader> IanMalcolm: By default Utopic uses upstart.
<IanMalcolm> cool. Thanks
<hallyn> for now that's the better support option.  as the cycle proceeds that may change
<jptned> Anyone active here?
<lordievader> jptned: Depends.
<jptned> My postfix server doesn't work. :(
<bekks> jptned: So talk to him seriously, and convince him to start working again, or get fired. :)
<jptned> bekks: not that simple, I need him. :P
<jptned> When I try to connect to my mailserver via Outlook 2013, I get the following error:
<jptned> (it's actualy in Dutch, so it's not literaly)
<jptned> Sending test email: This server doesn't support any verificationmethod which is supported by this client.
<jptned> Connecting for incomming mail did work.
<jptned> Am I alone? :(
<lordievader> !patience | jptned
<ubottu> jptned: Don't feel ignored and repeat your question quickly; if nobody knows your answer, nobody will answer you. While you wait, try searching https://help.ubuntu.com or http://ubuntuforums.org or http://askubuntu.com/
<jptned> Sorry. :|
<lordievader> jptned: There is no common ground between the server and the client. Any recent changes to the authentication methods on either the server or client?
<jptned> Not sure if I understand you, but I portforwarded port 587 to local port 25 because my ISP blocked port 25.
<jptned> It has never worked, btw.
<lordievader> jptned: That sounds like it will never work. 587 is used for SSL traffic IIRC, so the client expects to communicate with SSL while the server expects plain SMTP.
<qman__> jptned: 25 is for server to server, 587 is for mail submission
<jptned> But 25 is the default for Postfix, right?
<qman__> They are different and use different authentication
<qman__> If your isp blocks 25, you will never get email from the rest of the internet
<qman__> There is no way around that
<jptned> Right.
<jptned> How about sending, that should work without port 25?
<qman__> 587 should be forwarded to 587
<qman__> Yes
<jptned> But why can't PHP send emails then?
<qman__> Though your mail is likely to be caught as spam
<jptned> Wait...
<jptned> I changed my hostname a hour ago
<jptned> Didn't check PHP yet, that works now. :-)
<jptned> But there's absolutly no way around port 25?
<qman__> Correct
<qman__> Get a business account or a VPS or something
<jptned> Too bad. :(
<jptned> I found that my ISP has an Relayserver which, as they say, sends the e-mail back to the right port.
<jptned> I set it up at my DNS provider
<jptned> Still can't connect to my e-mail server with Outlook.
<lordievader> jptned: Does the server see the requests from the client come in?
<jptned> How do I test?
<jptned> I've got port 587 now back linked to 587 local
<jptned> 25 to 25
<jptned> And I'd set up port 587 in postfix by uncommenting submission (like https://major.io/2007/07/04/enable-submission-port-587-in-postfix/)
<jptned> Still same error...
<jptned> This server doesn't support any verificationmethod which is supported by this client.
<lordievader> jptned: tcpdump.
<lordievader> jptned: Also see 'man tcpdump'
<qman__> By default, only plain login methods are enabled, but require ssl/tls
<jptned> qman, explain?
<K4k> what's the proper way to set static IPs in 14.04? I've set up the interface in /etc/network/interfaces (also tried a file in interfaces.d) but I can't restart the network service and the old static IP still applies on reboot.
<K4k> What am I missing?
<lordievader> K4k: How did you set it up in /etc/networking/interfaces?
<K4k> vim?
<K4k> or is that not what you're asking?
<K4k> The current static IP was set up during install
<K4k> o...m...g, is network-manager running by default?
<lordievader> K4k: I actually meant, could you pastebin your /etc/networking/interfaces...
<lordievader> K4k: Network manager ignores interfaces that are configured in ^
<K4k> oh, ok
<K4k> what's the prefered pastbin for this chan?
<qman__> restart networking hasn't worked in a long time, but ifdown and ifup do
<K4k> qman__: AH! You've hit a point I meant to mention. If I run `ifdown eth0` I get "interface eth0 not configured"
<K4k> but ifconfig clearly shows it up
<jptned> lordievader: The server notices the attempt to connect: "21:24:27.369667 IP 192.168.2.24.submission [...]"
<qman__> K4k: ifconfig eth0 0.0.0.0 down; ifup eth0
<K4k> qman__: -_-"   ok, why did that work?
<qman__> K4k: ifdown only works if the config in interfaces is what's configured now
<K4k> ah
<qman__> Or close enough at least
<K4k> cool, reboot sets the correct IP now
<K4k> just curious. When you set an IP during install, does that configure it in network manager?
<jptned> qman__: what do you mean with 'only plain login methods are enabled, but require ssl/tls'?
<lordievader> jptned: Check the logs for hints, or make a packet capture and try to debug the issue from there.
<qman__> jptned: I mean exactly what I said
<jptned> Guys, I'm an absolute noob in this stuff... I just don't understand. :-(
<qman__> jptned: It only has plain login enabled, and will only allow plain login over a secured connection, via ssl or tls of some kind
<lordievader> jptned: Perhaps you shouldn't start with a mail server. Mailservers are usually  pain to setup.
<jptned> qman__: So I should select none at type of encryption in Outlook?
<qman__> There should be connection encryption, but no login encryption
<qman__> Ssl, tls, or starttls
<jptned> lordievader: That's why I'm here. I've got my server working as webserver, and now I'd love to mail from te domains I host on that mailserver. ;)
<jptned> qman__, this is the advanced window in Outlook, I guess these are the settings for the connection.
<jptned> :
<jptned> ... uploading ...
<jptned> http://prntscr.com/51dyyy
<jptned> I've got the encryption (versleuteling) set on Automatic (Automatisch)
<jptned> I've checked the checkbox at the verification required
<jptned> for SMTP
<jptned> Not selected 'SPA required'...
<blaaa> jptned: what do you want to do exactly?
<jptned> I'm trying to make my email server work. Mailing from PHP works, connecting to POP3 with Outlook as well, but I can't connect tot SMTP with Outlook.
<blaaa> ah, is see, you have set up postfix on the server
<jptned> Emailserver is postfix
<jptned> This is the error: This server doesn't support any verificationmethod which is supported by this client.
<blaaa> and you connect to 587 submission
<blaaa> can you telnet to the server?
<blaaa> (on that port?)
<jptned> I'm on windows, so that should be ping, i guess?
<blaaa> windows might have telnet
<jptned> i'll try
<jptned> 'telnet' is not recognized as an internal or external command,
<jptned> operable program or batch file.
<blaaa> hmm, too bad probably installing telnet in optional in windows nowadays
<jptned> http://windows.microsoft.com/nl-nl/windows/telnet-faq#1TC=windows-7
<jptned> Found installation instructions. :P
<jptned> One second.
<blaaa> Apparently MS even has some instructions... http://support.microsoft.com/kb/153119
<blaaa> except you need to telnet to 587 of course
<Filthy> use putty for telnet
<jptned> I've got Putty...
<jptned> 220 <<my hostname>> ESMTP Postfix (Ubuntu)
<blaaa> that might come in handy if you need to starttls anyway
<jptned> I use putty to manage my server.
<jptned> It's not in the room I work ;)
<jptned> But I guess the server responds; '220 <<my hostname>> ESMTP Postfix (Ubuntu) '
<blaaa> jptned: and what happens after you greet your postfix back: 'EHLO whatever'
<jptned> 502 5.5.2 Error: command not recognized
<jptned> 502 5.5.2 Error: command not recognized
<jptned> 502 5.5.2 Error: command not recognized
<Filthy> tell it EHLO for me
<jptned> 502 5.5.2 Error: command not recognized
<blaaa> jptnet: you use "EHLO ..." without the quotes?
<jptned> That worked
<blaaa> you now probably get some list of stuff, including STARTTLS, not including AUTH?
<jptned> 250-<<my hostname>>
<jptned> 250-PIPELINING
<jptned> 250-SIZE 10240000
<jptned> 250-VRFY
<jptned> 250-ETRN
<jptned> 250-STARTTLS
<jptned> 250-ENHANCEDSTATUSCODES
<jptned> 250-8BITMIME
<jptned> 250 DSN
<blaaa> jptned: sof far so good, you now would want to STARTTLS, to verify that works, and to be able to see what AUTH methods are supported
<jptned> Just type STARTTLS?
<blaaa> unfortunately I only ever do that with openssl...
<blaaa> jptned: telnet will not be able to handle that, but maybe putty knows how to do it
<blaaa> I won't know though
<jptned> STARTTLS doesn't work
<blaaa> after you started tls you should be able to EHLO again, this time the server should respond with some listing of possible AUTH methods
<blaaa> jptned: have you tried 'versleutelde verbinding' TLS in you outlook client?
<jptned> I guess... Wait..
<jptned> Like this, I asume; http://prntscr.com/51eaam.
<jptned> http://prntscr.com/51eaam
<blaaa> jptned: yes, your postfix probably supports PLAIN and LOGIN authentication, which should be supported by outlook afaik, also outlook should support starttls
<blaaa> afaik...
<jptned> Same error; Sending test email: This server doesn't support any verification method which is supported by this client.
<jptned> Found this online; http://www.harryrabbit.co.uk/electronics/tutorials/command%20line.html
<jptned> auth login answered: 503 5.5.1 Error: authentication not enabled
<blaaa> jptned: your postfix only supports AUTH after STARTTLS
<jptned> My postfix, or everyones postfix? :p
<blaaa> jptned: I believe some older versions of outlook (express?) had buggy SMTP support
<jptned> I've got Outlook 2013, latest for Windows.
<blaaa> jptned: yours, as it is apparently (probably) configured that way
<blaaa> you don;t want auth over unencrypted connections anyway
<blaaa> jptned: can you log in with openssl?
<jptned> THis one: https://www.openssl.org/source/?
<jptned> https://www.openssl.org/source/
<blaaa> openssl s_client -starttls smtp -crlf -connect <<yourpostfix>> 587
<blaaa> just do it from the server itself maybe
<blaaa> as we have already established you can connect from the client to the server on port 587 (right?)
<jptned> When I do a tcpdump and connect with Outlook, it shows up.
<jptned> openssl s_client -starttls smtp -crlf -connect nederveen.ga 587
<jptned> no port defined
<jptned> usage: s_client args
<blaaa> sorry nederveen.ga:587
<blaaa> a colon in there
<jptned> CONNECTED(00000003)
<jptned> depth=0 CN = WebServer1
<jptned> verify error:num=18:self signed certificate
<jptned> verify return:1
<jptned> depth=0 CN = WebServer1
<jptned> Back
<jptned> Kicked out
<blaaa> jptnet: use sprunge.us or some other pastebin maybe
<blaaa> to post the output
<jptned> Yeah, thought of that after I pressed enter. ;P
<jptned> http://pastebin.com/i749NrPw
<blaaa> jptned: you can EHLO again, and see what authentication methods are advertised by postfix
<jptned> EHLO with Telnet in Putty?
<blaaa> jptned: I dont know what outlook does with self-signed certs by the way, have you added it to its trusted certificates. maybe it's a reason to refuse the cert
<blaaa> jptned: no, just use the openssl connection you have opened
<jptned> First time I tried to connect it asked if I wanted to accept it, I did.
<blaaa> should avertise AUTH PLAIN LOGIN
<jptned> 501 Syntax: EHLO hostname
<jptned> 501 Syntax: EHLO hostname
<blaaa> you have to type 'EHLO somestuff'
<jptned> Pipelining, seize 10240000, vrfy, etrn, enhancedstatuscodes, 8bitmime, dns
<jptned> dsn*
<blaaa> jptned: so no AUTH?
<jptned> Nope
<blaaa> jptned: you have to look at your postfix config then, enable authentication
<jptned> In main.cf or master.cf
<blaaa> jptned: that should probably be in main.cf
<jptned> http://postfix.state-of-mind.de/patrick.koetter/smtpauth/smtp_auth_mailclients.html
<jptned> It now askes for username and password.
<jptned> Evereytime i click OK, it comes back...
<Filthy> getting closer
<jptned> Yup.
<jptned> Where does it get It's authentication details?
<Filthy> whered you tell it to look?
<jptned> Didn't tell him...
<jptned> I use VestaCP for my webhosting, in the control panel i can create mail accounts
<jptned> No idea where it saves them. :P
<Filthy> so why are you authenticating with postfix, just point at their smtp server and let it auth
<blaaa> jptned: you create IMAP accounts with that? you might be able to use the IMAP server or LDAP...
<blaaa> that's a good point filthy?
<Filthy> thats ultimately where the auth goes down
<jptned> Actualy, I don't know, but I do know logging into pop3 works with my entered details
<jptned> At least that is wat Outlook sais...
<Filthy> you may need to configure outlook to pop3 auth before smtp, check with your provider
<blaaa> jptned: checking with the provider seems to be the best idea.
<jptned> Wait, provider?
<jptned> It's my mailserver, right?
<Filthy> web provider
<jptned> ISP?
<blaaa> jptned: VestaCP?
<jptned> Yes.
<blaaa> jptned: who set up VestaCP?
<jptned> I did, at least, kind of tried. :P
<jptned> Web works.
<Filthy> you enter your mail users on vestacp right?
<jptned> Yup
<Filthy> then thats where your (their) little part of the mailserver lives
<jptned> And where a little part doesn't work?
<blaaa> jptned: have you installed vestaCP?
<jptned> Yes.
<Filthy> you don't need a local smtp server they have one probably something like smtp.vestacp.com or somesuch
<blaaa> do you know what it does?
<jptned> It makes me able to host multiple websites / domains on one server...
<jptned> Using a web based control panel
<blaaa> jptned: yes, the question is what the control panel does to your server
<blaaa> I suppose it sets up dovecot in some way
<blaaa> maybe using LDAP users
<blaaa> anyway, you should then be able to configure postfix to authenticate via dovecot
<blaaa> use dovecot SASL
<jptned> You know how?
<jptned> http://wiki2.dovecot.org/HowTo/PostfixAndDovecotSASL
<jptned> ?
<blaaa> jptned: that might do it. I have not set that up in quite some time...
<blaaa> the wiki is probably much better than I would be
<blaaa> but the most important hing is you need to know what the VestaCP does
<jptned> Not that clear what to edit, but I'll try
<blaaa> I would advise against using web-based control panels if it's not clear what they do
<jptned> I'm absolutely not home in Ubuntu or any Linux bases system, so I like it. :p
<jptned> I guess it came with sendmail
<blaaa> jptned: ther must be some POP3 server. most likely dovecot
<Filthy> you want a turn key mailserver with multi domain support? google deeproot linux
<blaaa> it needs to provide SASL, which then can be used by postfix
<jptned> Error writing conf.d/10-master.conf: No such file or directory
<jptned> :(
<Filthy> you probably don't want your mail server in the same machine as web server anyway
<blaaa> jptned: it might be /etc/dovecot/conf....
<Filthy> or /etc/default/dovecot.conf
<jptned> Filthy, I do. I only have one server, and use if for development and small hosting.
<Filthy> buck up $50 and buy a cheapie used desktop
<jptned> !include conf.d/*.conf
<Filthy> download and install deeproot linux
<Filthy> mailserver done
<jptned> It should be possible on one device, right?
<blaaa> yes it should be
<Filthy> it can work, if traffic is low
<jptned> It is
<blaaa> jptned: have you checked /etc/dovecot/conf.d/10-master.conf ?
<jptned> I just pasted the code in /etc/dovecot/dovecot.conf
<blaaa> jptned: !include conf.d/*.conf that means it includes the *.conf files in conf.d in ovecot.conf's directory
<blaaa> so there should be a conf.d subdirectory
<blaaa> probably including 10-master.conf
<jptned> There is, but somehow I can't edit it.
<blaaa> containing i mean
<jptned> Ok, that didnt work...
<jptned> POP3 is down as well.
<jptned> I'm going to bed.
<jptned> 22:54 here.
<jptned> 6:30 up tomorrow
<jptned> Thanks for your help!
<jptned> Maybe I'll see you around.
#ubuntu-server 2014-10-31
<lordievader> Good morning.
<frickler> why does upgrading libvirt-bin to 1.2.2-0ubuntu13.1.6~cloud0 suddenly conflict apparmor? this is causing trouble for our servers, which suddenly cannot start new instances anymore
<pmatulis> morning
<blakey> hi, I've been using ubuntu server for a while now, and most times I rename the network interfaces to something more meaningful than eth0 eth1 etc, upon installing 14.04.1 I noticed that the interfaces are no longer named by udev... do you know how I can change these interfaces to something a bit easier than p5p1, p1p1 etc???
<Kartagis> heh, why is gftp connecting to my localhost when I use SSH2?
<Joe_knock> If I am struggling to install a piece of software on Ubuntu 14.04, would there be any security issues to install it on 12.04 instead?
<bitbyte> Hi guys im having some trouble with apptitude, can some one take a quick look at http://pastebin.com/e6y8X1XK and tell me why my servers complaning about the kernal image
<bitbyte> oh wait i was being an idiot seems its out of sapce
<bitbyte> space *
<sudormrf> is there a japanese IME for ubuntu server?
<Joe_knock> IME? sudormrf
<sudormrf> Joe_knock, as in, if someone wanted to type japanese text
<Joe_knock> oh. you mean support for Japanese text?
<sudormrf> Joe_knock, yes
<sudormrf> and being able to type it
<Joe_knock> it could be possible with a translated package. Let me check. hmmm
<Joe_knock> It seems it's possible in Ubuntu itself, as far as the terminal goes, that is not clear.
<lordievader> sudormrf: Where are you trying to input these Japanese characters? Directly at a tty?
<sudormrf> lordievader, yeah
<hariom> why do some admins prefer to install packages via source instead of adding into source.list or .deb file? Is this a personal preference or any benefits are associated with this?
<lordievader> sudormrf: Hmm, that might make it difficult.
<sudormrf> hariom, some people don't like the PPA model.
<jpds> hariom: Some people just want the latest stuff and are too lazy to learn .deb packaging.
<hariom> sudormrf: yea, I know that some people don't like that model but any reason? Is it personal perference or any technically sound reason?
<jpds> hariom: Not really technically sound.
<hariom> jpds: ok
<sudormrf> jpds, curious why it isn't technically sound
<hariom> jpds, sudormrf: As per my experience, adding from source limits to that particular version itself and updates are more or less not possible to install easily
<jpds> sudormrf / hariom: One of the points of using the provided packages is that they are supported, and that's how you get security updates.
<sudormrf> hariom, hmm.  in my experience if a newer version comes out that isn't added to the PPA, I have installed it on top without issues.
<sudormrf> jpds, provided packages = ppa?
<jpds> sudormrf: You compile your own self, it's up to you to keep it patched and secure.
<jpds> sudormrf: No, PPAs are not supported.
<sudormrf> jpds, ah, I see what you mean.
<hariom> jpds: what you mean by PPAs are not supported? Could you pls explain
<sudormrf> I prefer not doing things from source whenever possible.  I don't like pulling stuff from github even.  just makes a mess of things and I end up having to move stuff all over the place manually
<sudormrf> makes it a pain to maintain
<jpds> !ppa
<ubottu> A Personal Package Archive (PPA) can provide alternate software not normally available in the offical Ubuntu repositories - Looking for a PPA? See https://launchpad.net/ubuntu/+ppas - WARNING: PPAs are unsupported third-party packages, and you use them at your own risk. See also !addppa and !ppa-purge
<hariom> jpds: I see. Ok so it means for example: adding postgresql PPA provides regular updates from postgres and possibly may not be supported by ubuntu at that time.
<jpds> hariom: Yep, it's maintained by the postgres guys, not ubuntu developers.
<hariom> jpds: But if PPA is coming from the organization or developers who maintain that software then there is less harm in using them
<jpds> hariom: Yes, but you have no guarentee that it wouldn't break something somewhere else later on down the line.
<hariom> jpds: yea
<sudormrf> exactly
<sudormrf> more often than not, you are fine without running the absolute latest version
<sudormrf> if you want bleeding edge, go with arch.
<sudormrf> some things require updates due to newly discovered security flaws
<sudormrf> and those updates tend to be backported (as necessary)
<hariom> backported is supported officially?
<hariom> or it is just an optional way to get access to version no available in the standard package list
<jpds> !sru | hariom
<ubottu> hariom: Stable Release Update information is at http://wiki.ubuntu.com/StableReleaseUpdates
<funkster> so.. ubuntu 14.04 server, how can i change resolution on bootup? i have X installed and start a minimal window manager + browser. xrandr?
<jpds> funkster: I'm wondering more why you would need X on a server?
<funkster> jpds: its a kiosk machine. boot run x + browser. doing this based on desktop would add a ton of bloat. either way changing the res wouldn't matter i don't think.
<zertui> hello there
<Joe_knock> Hi
<zertui> on ubuntu server is it possile to configure one interface with dhcp and one interface with static ip ?
<esde> yes
<zertui> yes is not a correct answer
<zertui> if yes how ?
<zertui> :)
<qman__> You asked if it was possible, the answer is yes
<qman__> The way to do it is to configure one static interface, and one dhcp interface
<qman__> See man interfaces or read the server guide for more details
 * Joe_knock murmurs
<esde> https://xkcd.com/912/ relevant xkcd is relevant
<bekks> hi
<bekks> someone in here may lend me a helping hand in setting up a PXE server booting 14.04 server? I'm stuck at "trying to load /pxelinux.cfg/default - no DEFAULT or UI configuration directive found" although /srv/tftp/pxelinux.cfg/default exists
<Joe_knock> Hello
<Joe_knock> bekks: Can you explain a bit more what you're doing. I'm a bit lazy to search for it myself.
<bekks> No problem :) Trying to summarize:
<bekks> I'm trying to setup a PXE server which lets me boot 14.04 server for installation - I've installed tftpd-hpa, changed /etc/default/tftpd-hpa to point to /srv/tftp and use a specific IPv4 address.
<bekks> I've copied pxelinux.0 to /srv/tftp/, and created /srv/tfp/pxelinux.cfg/default with this content:
<bekks> http://paste.ubuntu.com/8766691/
<bekks> I also setup a DHCP server with this configuration:
<bekks> http://paste.ubuntu.com/8766704/
<bekks> Trying to boot a PXE client ends up with the error message above.
<bekks> Joe_knock: You have any clues? :)
<Joe_knock> bekks, looking into it. Is that a bash script in 8766704 ?
<bekks> Thats the DHCP configuration for dhcp3-server
<Joe_knock> Okay, let me see if I can understand what you want to do (keep in mind, I've never done this myself). You want to setup a PXE server that will boot to a ubuntu 14.04 server?
<bekks> Almost.
<bekks> I'm am trying to boot 14.04 via PXE for getting rid of the 14.04 iso for installing things. I want to get rid of the cd boot media, but boot via PXE instead.
<bekks> Or, rephrased: I am trying to "move" the boot medium from cd to PXE.
<Joe_knock> oh!!!
<bekks> I am not trying to boot an entire server via PXE, but just the installation medium.
<Joe_knock> PXE is akin to a virtual boot?
<bekks> I'm lacking the english mother tongue - I assume your question was: "do you try to boot a virtual environment?"
<bekks> Yes, I am trying to boot up a bunch of virtual machines, which I need to install from scratch, for different purposes.
<Joe_knock> ok I understand you now.
<bekks> Joe_knock: Any clues?
<Joe_knock> bekks: Are you using this: https://help.ubuntu.com/community/PXEInstallServer
<Joe_knock> ??
<bekks> Do you thing it's worth trying?
<bekks> It will take just a few minutes.
<Joe_knock> It is Ubuntu's instructions...
<Joe_knock> Ubuntus
<bekks> This didnt work either: https://help.ubuntu.com/community/PXEInstallMultiDistro
<bekks> Outdated, since there is no casper anymore.
<Joe_knock> bekks: http://www.unixmen.com/install-configure-pxe-server-ubuntu-14-04-lts/
<bekks> Thanks a lot - let me try that one.
<Joe_knock> sorry for not being of more help. I haven't used PXE ever before.
<bekks> Joe_knock: It works! Yay! It works!!! :)
<bekks> THANK YOU! :)
<Joe_knock> Well done bekks.
<bekks> Thanks for that clue. I almost lost my mind during the last three days :)
<Joe_knock> The philosophy of : If you're doing it, someone else has already done it seems to hold true here.
<bekks> All I need it to modify the menu entry to use my custom kickstart file :)
<bekks> *is
<Joe_knock> but don't thank me. thank the people at: unixmen.com
<bekks> Yeah, thats why I asked in here :) You provided the link to me, which I hadnt found yet. :)
<Joe_knock> Do you use google to search?
<bekks> Yes I do.
<bekks> I used "ubuntu, pxe, install, howto, boot, 14.04, setup" without , and in various combinations.
<Joe_knock> Try this search engine instead: https://duckduckgo.com/
<bekks> I'll remember that one :)
<bekks> Joe_knock: Thanks again - you REALLY made my day :)
<Joe_knock> no problem. All the best bekks
#ubuntu-server 2014-11-01
<fivetwentysix> The russians are abusing my postfix server
<fivetwentysix> YES! I win!
<fivetwentysix> postqueue -p
<fivetwentysix> Mail queue is empty
<fivetwentysix> Down from 23430424 emails
<fivetwentysix> lol
<Sachiru> LOL
<Sachiru> GJ
<Valduare> hmm
<Valduare> if I make an image of a drive will it do just the used space or the entire drive partition size
<qman__> imaging takes an exact bit copy of everything, including free space
<qman__> imaging is rarely if ever required and usually not the best choice
<Valduare> k ty
<Valduare> qman__: I got a windows laptop here thats got a failing hard drive
<Valduare> still readable data
<Valduare> takes half hour to boot to windows so I was thinking of taking a copy of the hd before going further
<qman__> Valduare: you should use gnu ddrescue
<cfhowlett> Valduare, stop booting.  it's failing with each read/write.  get thee to a backup solution immediately
<qman__> get a new hard drive to copy it to, or take an image if you have to, but use gnu ddrescue to make a recovery image
<Valduare> im booted into ubuntu live cd atm
<Valduare> havnt heard of gnu ddrescue
<Valduare> looking it up now
<Valduare> is it a direct 1to1 solution
<Valduare> ie I need to have the new hd available
<qman__> the short of it: ddrescue -f -n /dev/sda /dev/sdb /tmp/rescue.log
<qman__> you should, that's the best way to do it
<qman__> but you don't have to, you can do to a file if required
<qman__> it won't be compressed though
<qman__> and it will be an exact 1:1 copy of everything it was capable of recoverin
<Valduare> just the used space right?
<qman__> all the space, total size of the disk
<Valduare> prob with these huge 1 terabyte hds lol
<Valduare> damn
<Valduare> so what if im wanting to go from a 1 terabyte platter drive to a 256 ssd
<qman__> can't do it
<Valduare> thereâs only 71 gigs used space on the 1 terabyte drive
<cfhowlett> qman__, as you're clearly better informed than I ... I buy a new computer.  I'm going to do some experimental things.  I want to image the drive in case I need to restore it to virginal status.  How to proceed?  does the backup include the empty space on the drive?
<qman__> the recovery drive must be as large or larger than the failing drive
<qman__> once you have recoered the data, you can then move it to a smaller drive
<qman__> the recovery tools are filesystem agnostic, because they have to be
<qman__> so they cannot recognize what matters and what doesn't
<qman__> you should turn off the system with the failing drive and wait until you can get a same size or larger drive to recover to
<qman__> cfhowlett: imaging is not a good backup solution, file backups are more space efficient, faster to take, faster to recover, and avoid fragmentation
<Valduare> its fine to have it booted up into ubuntu live cd
<Valduare> hd isnt accessed
<qman__> no, it isn't
<qman__> as long as that drive is spinning, it could die completely
<qman__> shut down, unplug the drive
<Valduare> weâre not completely sure âwhat kind of dieingâ the hd is
<cfhowlett> Valduare, yep.  this ^^^
<qman__> it doesn't matter what kind
<qman__> cut power until you can recover
<qman__> that's the safest bet, always
<cfhowlett> Valduare, assume the worst kind, assume the worst time and proceed from there.
<qman__> cfhowlett: imaging is best for forensics, and as you see here, recovering from a failing hard drive
<cfhowlett> qman__, fair enough.  I'll research more.  my goal was to restore "reset" to pre-me mucking about status.
<qman__> cfhowlett: an image will be a 100% bit-for-bit copy, including fragemntation, noise in your free space, your empty free space, and all
<Valduare> read error rate 136
<qman__> Valduare: stop messing with it, shut down, and unplug the disk until such time as you have another 1TB or larger disk to recover to; every second you spend with it spinning increases chances of total failure
<Valduare> its doing a compressed backup to an external hd atm
<qman__> cfhowlett: if it has to be _exactly_ the same, an image is the way to go, but be aware of the downsides; most of the time, things don't actually need to be exactly the same
<cfhowlett> qman__, thank you much.
<Valduare> looks like 1 terabyte platter drive 85 at best buy
<Valduare> guess iâll go that route instead of the ssd for their laptop heh
<RoyK> gnu ddrescue rocks
<RoyK> I once got a drive from a user that couldn't be mounted on any OS i tried it on
<RoyK> it took gnu ddrescue a little less than a week to recover 99,8% of the data
<cfhowlett> RoyK, 24 x 7 for a week?  hardcore!
<RoyK> 500GB
<RoyK> 24x5.5 or thereabouts
<RoyK> (24x7 for a week doesn't make sense - a week for a week :P)
<qman__> yeah, I had one that kept turning off
<qman__> but if I power cycled it, it would spin back up
<qman__> repeated that for about a week and a half, got well over 99% of the data, enough to recover
<qman__> less than a megabyte was lost
<blaaa> I have just restarted a server remotely after a firmware update, but the network is not coming up. I have no terminal unfortunately.... the only thing I can see is the network interfaces are actually coming up at post, but they are shut down at some point while ubuntu is booting
<bekks> you need some terminal or console access to investigate that issue.
<blaaa> bekks: that's probably true, but some hypothesis on what could have caused this would be nice... before I'll be on my way.
<blaaa> bekks: I think maybe the issue is caused by renamed interfaces after the fw update
<blaaa> i think NIC interface names might not be persistent if some enumeration has changed, is that right?
<qman__> blaaa: the interface names are based on MAC address
<qman__> blaaa: a boot failure is much more likely - by default, if it fails to boot once, grub will wait indefinitely the second time around
<qman__> blaaa: an fsck or failure to mount something could also be at issue
<blaaa> qman__: thanks, i'll have to go and see I suppose. After the firmware update the computer booted fine (but I had not tested the network, not even attached it....) and it did a clean acpi shutdown after a complete boot
<RoyK> qman__: do you know how to configure grub to stop that nonesense?
<RoyK> nonsense, even
<blaaa> RoyK: there is some option in the config
<blaaa> RoyK: don;t remember what it is right now though
<blaaa> had looked it up when setting up the server...
<qman__> RoyK: I have, I looked it up before
<qman__> It was causing me issues with some ebayed supermicro servers that rarely boot the first time
<qman__> http://askubuntu.com/questions/178091/how-to-disable-grubs-menu-from-showing-up-after-failed-boot
<blaaa> was it GRUB_RECORDFAIL_TIMEOUT ?
<qman__> yes
<blaaa> yes, apparently
<RoyK> qman__: thanks
<blaaa> lucky the server is not far away...
<blaaa> apparently the interface name had changed
<blaaa> from p1p2 to eth0
<blaaa> p2p1...
<blaaa> but I have no idea why, except for a fw update and reboot-cycle nothing had changed
<blaaa> and I believed the point of the new naming scheme was to have persistent names...
<furkan> i've got a question about grub: i'm running 14.04 in a VM, and i modify /boot/grub/menu.lst to add a virtual serial port so that i can console in with virsh, and whenever there's a new kernel installed it likes to update menu.lst and overwrite my 2 lines - any way i can avoid this?
<furkan> these are simply the 2 lines that i put in:
<JanC> furkan: sre
<furkan> serial --unit=0 --speed=115200 --word=8 --parity=no --stop=1
<furkan> terminal --timeout=10 serial console
<JanC> sure
<furkan> JanC: i'm all ears :)
<furkan> i noticed the /etc/grub.d/40_custom file but wasn't sure if that was the right place to put it since it said custom menu entries
<JanC> it's explained in the manual AFAIK, but you need to put it in a script in /etc/grub.d/
<JanC> those scripts get run as part of update-grub
<furkan> so when i run update-grub is it supposed to get copied into menu.lst?
<furkan> since i just tried putting it there and it doesn't seem to do that
<JanC> the output of those scripts gets copied to menu.lst
<JanC> so yes, you need to run update-grub
<furkan> man i'm confused, on my desktop 14.04 i've got grub2 but i guess the server version is still using the old one
<JanC> oh
<JanC> you sure?
<JanC> Amazon?
<furkan> no well this used to be a 12.04 VM
<furkan> and then i upgraded to 14.04
<furkan> is grub2 default in ubuntu server 14.04?
<JanC> grub2 was the default in 10.04 and before
<furkan> hmm maybe because i used vmbuilder
<JanC> but IIRC there is/was some issue with Amazon cloud images not working with that (never needed that)
<furkan> ya this is on our own server, not amazon
<furkan> we've got a bare metal running 14.04 + a few 14.04 VMs running some services
<JanC> it's still possible that it is/was used in cloud images though?
<furkan> i built the image with vmbuilder for 12.04... so whatever that does by default i guess
<furkan> but yeah i guess this is sort of odd since /etc/grub.d seems to be for grub2 only
<JanC> that's right
<furkan> i wonder if anything will break if i upgrade
<furkan> so for grub2 it looks like the right place to put the serial console stuff is in /etc/default/grub
<furkan> unless that's the same thing as just putting it in the custom file
<JanC> not the same thing
<JanC> the variables you set in /etc/default/grub are used by the scripts in /etc/grub.d/
<furkan> ah i see, interesting
<furkan> thanks for the info :)
<JanC> it's interesting to read those scripts in /etc/grub.d/ some time  :)
#ubuntu-server 2014-11-02
<Valduare> qman__: hi
<Valduare> qman__: u around
<Leviticus> !ops | waaaaaaa ban me
<ubottu> waaaaaaa ban me: Help! Channel emergency! infinity, soren, lamont, mathiaz, Pici, Daviey, Tm_T, pmatulis, Corey, IdleOne, ikonia, funkyhat, Myrtti, ocean, genii, phunyguy!
<Leviticus> !ops | waaaaaaa ban me!
<ubottu> waaaaaaa ban me!: Help! Channel emergency! infinity, soren, lamont, mathiaz, Pici, Daviey, Tm_T, pmatulis, Corey, IdleOne, ikonia, funkyhat, Myrtti, ocean, genii, phunyguy!
<Leviticus> !ops | waaaaaaa ban me!!
<ubottu> waaaaaaa ban me!!: Help! Channel emergency! infinity, soren, lamont, mathiaz, Pici, Daviey, Tm_T, pmatulis, Corey, IdleOne, ikonia, funkyhat, Myrtti, ocean, genii, phunyguy!
<Leviticus> !ops | waaaaaaa ban me!!!
<ubottu> waaaaaaa ban me!!!: Help! Channel emergency! infinity, soren, lamont, mathiaz, Pici, Daviey, Tm_T, pmatulis, Corey, IdleOne, ikonia, funkyhat, Myrtti, ocean, genii, phunyguy!
<Leviticus> !ops | waaaaaaa ban me!!!!
<ubottu> waaaaaaa ban me!!!!: Help! Channel emergency! infinity, soren, lamont, mathiaz, Pici, Daviey, Tm_T, pmatulis, Corey, IdleOne, ikonia, funkyhat, Myrtti, ocean, genii, phunyguy!
<Leviticus> !ops | waaaaaaa ban me!!!!!
<ubottu> waaaaaaa ban me!!!!!: Help! Channel emergency! infinity, soren, lamont, mathiaz, Pici, Daviey, Tm_T, pmatulis, Corey, IdleOne, ikonia, funkyhat, Myrtti, ocean, genii, phunyguy!
<Leviticus> !ops | waaaaaaa ban me!!!!!!
<ubottu> waaaaaaa ban me!!!!!!: Help! Channel emergency! infinity, soren, lamont, mathiaz, Pici, Daviey, Tm_T, pmatulis, Corey, IdleOne, ikonia, funkyhat, Myrtti, ocean, genii, phunyguy!
<Leviticus> !ops | waaaaaaaaaaaaaaaaaaaaa'
<ubottu> waaaaaaaaaaaaaaaaaaaaa': Help! Channel emergency! infinity, soren, lamont, mathiaz, Pici, Daviey, Tm_T, pmatulis, Corey, IdleOne, ikonia, funkyhat, Myrtti, ocean, genii, phunyguy!
<Leviticus> !ops | waaaaaaaaaaaaaaaaaaaaa'
<Leviticus> !ops | waaaaaaaaaaaaaaaaaaaaaa
<ubottu> waaaaaaaaaaaaaaaaaaaaaa: Help! Channel emergency! infinity, soren, lamont, mathiaz, Pici, Daviey, Tm_T, pmatulis, Corey, IdleOne, ikonia, funkyhat, Myrtti, ocean, genii, phunyguy!
<Leviticus> !ops | waaaaaaaaaaaaaaaaaaaaaaa
<Leviticus> !ops | waaaaaaaaaaaaaaaaaaaaaaaa
<ubottu> waaaaaaaaaaaaaaaaaaaaaaa: Help! Channel emergency! infinity, soren, lamont, mathiaz, Pici, Daviey, Tm_T, pmatulis, Corey, IdleOne, ikonia, funkyhat, Myrtti, ocean, genii, phunyguy!
<Leviticus> !ops | waaaaaaaaaaaaaaaaaaaaaaa
<ubottu> waaaaaaaaaaaaaaaaaaaaaaaa: Help! Channel emergency! infinity, soren, lamont, mathiaz, Pici, Daviey, Tm_T, pmatulis, Corey, IdleOne, ikonia, funkyhat, Myrtti, ocean, genii, phunyguy!
<Leviticus> !ops | waaaaaaaaaaaaaaaaaaaaaaaaa
<Leviticus> !ops | waaaaaaaaaaaaaaaaaaaaaaaaaaa
<ubottu> waaaaaaaaaaaaaaaaaaaaaaaaa: Help! Channel emergency! infinity, soren, lamont, mathiaz, Pici, Daviey, Tm_T, pmatulis, Corey, IdleOne, ikonia, funkyhat, Myrtti, ocean, genii, phunyguy!
<Leviticus> !ops | waaaaaaaaaaaaaaaaaaaaaaaaaaaaa
<Leviticus> !ops | waaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
<ubottu> waaaaaaaaaaaaaaaaaaaaaaaaaaa: Help! Channel emergency! infinity, soren, lamont, mathiaz, Pici, Daviey, Tm_T, pmatulis, Corey, IdleOne, ikonia, funkyhat, Myrtti, ocean, genii, phunyguy!
<Leviticus> !ops | waaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
<Leviticus> !ops | waaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
<Leviticus> !ops | waaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
<ubottu> waaaaaaaaaaaaaaaaaaaaaaaaaaaaa: Help! Channel emergency! infinity, soren, lamont, mathiaz, Pici, Daviey, Tm_T, pmatulis, Corey, IdleOne, ikonia, funkyhat, Myrtti, ocean, genii, phunyguy!
<Leviticus> !ops | waaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
<Leviticus> !ops | waaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
<ubottu> waaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa: Help! Channel emergency! infinity, soren, lamont, mathiaz, Pici, Daviey, Tm_T, pmatulis, Corey, IdleOne, ikonia, funkyhat, Myrtti, ocean, genii, phunyguy!
<Leviticus> !ops | waaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
<ubottu> waaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa: Help! Channel emergency! infinity, soren, lamont, mathiaz, Pici, Daviey, Tm_T, pmatulis, Corey, IdleOne, ikonia, funkyhat, Myrtti, ocean, genii, phunyguy!
<Leviticus> !ops | waaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
<ubottu> waaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa: Help! Channel emergency! infinity, soren, lamont, mathiaz, Pici, Daviey, Tm_T, pmatulis, Corey, IdleOne, ikonia, funkyhat, Myrtti, ocean, genii, phunyguy!
<Leviticus> !ops | waaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
<ubottu> waaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa: Help! Channel emergency! infinity, soren, lamont, mathiaz, Pici, Daviey, Tm_T, pmatulis, Corey, IdleOne, ikonia, funkyhat, Myrtti, ocean, genii, phunyguy!
<Leviticus> !ops | waaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
<Leviticus> !ops | waaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
<ubottu> waaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa: Help! Channel emergency! infinity, soren, lamont, mathiaz, Pici, Daviey, Tm_T, pmatulis, Corey, IdleOne, ikonia, funkyhat, Myrtti, ocean, genii, phunyguy!
<Leviticus> !ops | waaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
<ubottu> waaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa: Help! Channel emergency! infinity, soren, lamont, mathiaz, Pici, Daviey, Tm_T, pmatulis, Corey, IdleOne, ikonia, funkyhat, Myrtti, ocean, genii, phunyguy!
<Leviticus> !ops | waaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
<Leviticus> !ops | waaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
<ubottu> waaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa: Help! Channel emergency! infinity, soren, lamont, mathiaz, Pici, Daviey, Tm_T, pmatulis, Corey, IdleOne, ikonia, funkyhat, Myrtti, ocean, genii, phunyguy!
<ubottu> waaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa: Help! Channel emergency! infinity, soren, lamont, mathiaz, Pici, Daviey, Tm_T, pmatulis, Corey, IdleOne, ikonia, funkyhat, Myrtti, ocean, genii, phunyguy!
<Leviticus> !ops | waaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
<ubottu> waaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa: Help! Channel emergency! infinity, soren, lamont, mathiaz, Pici, Daviey, Tm_T, pmatulis, Corey, IdleOne, ikonia, funkyhat, Myrtti, ocean, genii, phunyguy!
<Leviticus> !ops | waaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
<ubottu> waaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa: Help! Channel emergency! infinity, soren, lamont, mathiaz, Pici, Daviey, Tm_T, pmatulis, Corey, IdleOne, ikonia, funkyhat, Myrtti, ocean, genii, phunyguy!
<ubottu> waaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa: Help! Channel emergency! infinity, soren, lamont, mathiaz, Pici, Daviey, Tm_T, pmatulis, Corey, IdleOne, ikonia, funkyhat, Myrtti, ocean, genii, phunyguy!
<ubottu> waaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa: Help! Channel emergency! infinity, soren, lamont, mathiaz, Pici, Daviey, Tm_T, pmatulis, Corey, IdleOne, ikonia, funkyhat, Myrtti, ocean, genii, phunyguy!
<ubottu> waaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa: Help! Channel emergency! infinity, soren, lamont, mathiaz, Pici, Daviey, Tm_T, pmatulis, Corey, IdleOne, ikonia, funkyhat, Myrtti, ocean, genii, phunyguy!
<ubottu> waaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa: Help! Channel emergency! infinity, soren, lamont, mathiaz, Pici, Daviey, Tm_T, pmatulis, Corey, IdleOne, ikonia, funkyhat, Myrtti, ocean, genii, phunyguy!
<Leviticus> !ops | waaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
<Leviticus> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
<ubottu> waaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa: Help! Channel emergency! infinity, soren, lamont, mathiaz, Pici, Daviey, Tm_T, pmatulis, Corey, IdleOne, ikonia, funkyhat, Myrtti, ocean, genii, phunyguy!
<ubottu> waaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa: Help! Channel emergency! infinity, soren, lamont, mathiaz, Pici, Daviey, Tm_T, pmatulis, Corey, IdleOne, ikonia, funkyhat, Myrtti, ocean, genii, phunyguy!
<ubottu> waaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa: Help! Channel emergency! infinit
<Leviticus> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
<Leviticus> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
<Leviticus> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
<chu> Dude, can you please calm down
<Leviticus> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
<Leviticus> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
<Leviticus> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
<Leviticus> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
<Leviticus> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
<Leviticus> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
<l0rdn1x> !ops Leviticus flood
<ubottu> l0rdn1x: I am only a bot, please don't think I'm intelligent :)
<Leviticus> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
<Leviticus> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
<chu> Oh, I see, you got banned from #ubuntu-offtopic and now you're having a massive cry. Nice. Productive.
<Leviticus> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
<Leviticus> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
<Leviticus> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
<Leviticus> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
<Leviticus> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
<Leviticus> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
<Leviticus> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
<l0rdn1x> Leviticus, quit being a troll
<Leviticus> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
<Leviticus> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
<teward> !ops | Leviticus is spamming
<ubottu> Leviticus is spamming: Help! Channel emergency! infinity, soren, lamont, mathiaz, Pici, Daviey, Tm_T, pmatulis, Corey, IdleOne, ikonia, funkyhat, Myrtti, ocean, genii, phunyguy!
<Leviticus> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
<Leviticus> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
<Leviticus> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
<Leviticus> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
<Leviticus> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
<Leviticus> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
<Leviticus> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
<Leviticus> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
<Leviticus> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
<Leviticus> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
<Leviticus> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
<Leviticus> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
<Leviticus> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
<Leviticus> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
<Leviticus> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
<Leviticus> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
<Leviticus> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
<Leviticus> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
<Leviticus> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
<Leviticus> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
<Leviticus> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
<Leviticus> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
<Leviticus> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
<Leviticus> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
<Leviticus> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
<Leviticus> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
<Leviticus> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
<Leviticus> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
<lordievader> Good morning.
<Novice201y> Is the CLI text editor that colors syntax for nginx.conf file?
<mardraum> Novice201y: do you mean "what is"? vi does, for example (vim on ubuntu)
<mardraum> but nginx config doesn't really lend itself to a huge amount on syntax highlighting
<mardraum> of*
<Kartagis> hi
<faylite> Just finished setting up a server was going to install some stuff, and suddenly "error: deb (amd64) does not match system (i386)" -.-
<cfhowlett> faylite, one of your packages is unusable
<faylite> I installed 32-bit by accident, now I have to reinstall for 64-bit. I have to label my cd's better.
<cfhowlett> faylite, cd?  USB!
<faylite> cfhowlett: USB?, I prefer floppy.
<RoyK> faylite: floppy ftw! Let's see - three DVDs with Debian install - only 8827 floppies ;)
<RoyK> (that'll take some time)
<faylite> RoyK: http://www.geeky-gadgets.com/wp-content/uploads/2012/04/Floppy-Disk-Archiver.jpg
<RoyK> faylite: you'll need something larger ;)
<faylite> Multiple mags.
<RoyK> I don't have a 3,5" floppy around, but let's suggest it's 4mm thick, meaning the 8827 floppies will make a stack 35 of meters :D
 * RoyK remembers the days when a 210MB harddisk was a lot
<jptned> I've got the following problem; i've got a webserver running. The webserver is accessable from anywhere but my own network. From my own network I can only access it on its local ip. Someone any idea how to solve this?
<dasjoe> jptned: sounds like an issue with your DNS setup
<sync0pate> are off-topic questions allowed? I'm looking for recommendations for a decent domain registrar..
<jptned> dasjoe: Yes. It started after I changed the hostname of the webmaster to a fqdn.
<jptned> sync0pote: Can't help you, unless you wan't a Dutch registar. :P
<mardraum> sync0pate: gandi.net
<sync0pate> seems good to me, thanks mardraum
<Leviticus> !ops | waaa
<ubottu> waaa: Help! Channel emergency! infinity, soren, lamont, mathiaz, Pici, Daviey, Tm_T, pmatulis, Corey, IdleOne, ikonia, funkyhat, Myrtti, ocean, genii, phunyguy!
<Leviticus> !ops | waaa
<ubottu> waaa: Help! Channel emergency! infinity, soren, lamont, mathiaz, Pici, Daviey, Tm_T, pmatulis, Corey, IdleOne, ikonia, funkyhat, Myrtti, ocean, genii, phunyguy!
<lampstarter> hi guys, i am having trouble with installing php myadmin on ubuntu server. i think i am missing something small.
<lampstarter> i followed this guide https://www.digitalocean.com/community/tutorials/how-to-install-and-secure-phpmyadmin-on-ubuntu-14-04
<lampstarter> and everything looked allright up to the part where i went to my_ip/phpmyadmin and nothing was there but an ubuntu error message
<lampstarter> The requested URL /phpmyadmin was not found on this server
<Leviticus> !ops | waaa
<ubottu> waaa: Help! Channel emergency! infinity, soren, lamont, mathiaz, Pici, Daviey, Tm_T, pmatulis, Corey, IdleOne, ikonia, funkyhat, Myrtti, ocean, genii, phunyguy!
<Leviticus> !ops | waaa
<ubottu> waaa: Help! Channel emergency! infinity, soren, lamont, mathiaz, Pici, Daviey, Tm_T, pmatulis, Corey, IdleOne, ikonia, funkyhat, Myrtti, ocean, genii, phunyguy!
<faylite> What's happening?
<qman__> faylite: this guy has been raging since last night, spamming
<soren> qman__: That should do it.
<lazyWeekend> hallyn: are there any other config files in ubuntu that define the lxc net outside of /etc/lxc/* and /etc/default/lxc-*?
<lazyWeekend> I'm running into an interesting situation where i've edited the files to point @ a bridge i created, br0, and lxc is still atempting to spin up containers and contact them through lxcbr0, when i hack the config file and change it to br0 things work as expected.
<lazyWeekend> ah figured it out, my woes were due to a stale template sitting around in /var/lib/lxc
<lordievader> Good evening.
<LinStatSDR> Hello.
<lordievader> Hey LinStatSDR, how are you?
<LinStatSDR> Good good. Just woke up myself. Being lazy today.
<LinStatSDR> How 'bout yourself?
<lordievader> Doing good, wondering why UXterm doesn't like its config.
<rww> suddenly i have deja-vu
<freezevee> I am trying to sudo chmod user:user a folder and it completes successfully but the owner does not change. Any ideas ?
<LinStatSDR> oh hi rww.
<lordievader> freezevee: The user exists?
<freezevee> lordievader: it's a vbox ubuntu-server 14.04 vm on a mac os host and I am trying to mount the vboxfs volume in a folder
<freezevee> lordievader: of course it exists
<freezevee> but it completes successfully and remains root:root
<lordievader> freezevee: Does vboxfs support Linux file permissions?
<yeats> !crosspost | freezevee
<ubottu> freezevee: Please don't ask the same question in multiple Ubuntu channels at the same time. Many helpers are in more than one channel and it's not fair to them or the other people seeking support.
<freezevee> yeats: ok got it sorry
#ubuntu-server 2015-10-26
<th3s3_3y3s> What is the smallest installable iso for i386?
<TJ-> A network installer netinst image
<th3s3_3y3s> installable iso
<th3s3_3y3s> ubuntu desktop is over 1 G
<JanC> Ubuntu doesn't support !385
<JanC> i385
<JanC> eh
<JanC> i386
<JanC> *grr*
<OerHeks> only lubuntu, server and mini iso fit on cd
<JanC> and then only for some i686 plus level hardware
<th3s3_3y3s> ok
<th3s3_3y3s> and only some have torrents is that so?
<th3s3_3y3s> when running dialup speeds torrent is useful to resume
<th3s3_3y3s> hmm
<XIX> Hello. I'm trying to find an open source, free (as in money), enterprise level backup solution. Any recommendations? Thanks in advance.
<lordievader> Good morning
<jgcampbell300> can anyone tell me what im doing wrong here ... I get Read only from 10 and 2 /mnt/files1 10.0.0.2(rw) 10.0.0.10(rw) 10.0.0.0/24(ro)
<jgcampbell300> can anyone tell me what im doing wrong here ... I get Read only from 10 and 2 /mnt/files1 10.0.0.2(rw) 10.0.0.10(rw) 10.0.0.0/24(ro) oh sorry ... NFS Export on file server
<th3s3_3y3s> Is it morning lordievader?
<th3s3_3y3s> put this on autopilot
<th3s3_3y3s> going away
<pmatulis> morning
<bittin> morning
<th3s3_3y3s> what do you want
<pmatulis> submarine, castle, etc
<MacroMan> I've been reading up on interupts and irqbalance.
<jcastro> hey jgrimm, I've submitted 5 sessions for the cloud track for Juju
<jcastro> so if you want to fill out the rest we'd be done. :)
<yossarianuk> hi - one of my DEV team just accidentally chmod'ed -R /var to their user....
<jpds> yossarianuk: Sweet
<jpds> yossarianuk: Why did you give them sudo?
<yossarianuk> I know on redhat systems you have something like -> 'rpm --setperms --setguids '
<yossarianuk> is there an equivalent for deb systems
<yossarianuk> jpds: well its a dev systems (not live/PRD) and they are meant to be an 'expert'
<thebwt> yossarianuk: you're best bet is something like this article, http://hyperlogos.org/page/Restoring-Permissions-Debian-System
<thebwt> using apt or dpkg to get a package list and doing a reinstall fo sorts
<thebwt> however, you should make sure you back up everything first
<thebwt> and until that's all done, don't reboot. The system probably won't boot right now.
<teward> yossarianuk: you should also NOT give your dev team sudo
<teward> ever
<teward> again
<teward> (most dev teams don't *need* sudo)
<thebwt> That's there prerogative. A dev server, it can help get rid of red tape. Just make sure you're taking backups and could recreate the server from nothing.
<teward> (point missed)
<jpds> thebwt: No, you get rid of red tape by giving them VMs on the server, without giving them sudo on the server
<thebwt> do we know this wasn't a VM?
<thebwt> I assumed it was a vm or a cloud server just because that would be sensible
<yossarianuk> teward: thebwt: cheers for the advice - the person previously worked for google... (I assumed he would have known better..)
<thebwt> yossarianuk: fat fingers happen
<yossarianuk> thebwt: yep it was ./.* that did it......
<thebwt> been there, done that.
<teward> yossarianuk: backups are highly important.  or individual VMs :P
<wmp> hello, on 14.04 on ubuntu kernel i have problem with NIC
<wmp> x552/x557-at this is my NIC
<wmp> on this kenel NIC havent negotiate speed
<wmp> on kenrel form OVH all works
<sarnold> wmp: you could try one of the newer hardware enablement stacks and see if that helps, see https://wiki.ubuntu.com/Kernel/LTSEnablementStack for some information
<wmp> sarnold: thanks, but i thinks that dont help
<wmp> when i build my own kernel based on OVH configuraiton, i have this same problem...
<sarnold> wmp: interesting, I wonder what they did differently.
<wmp> sarnold: maybe any firmware or patch?
<wmp> now i compiling older kernnel version
<sarnold> wmp: iirc most firmwares are in the linux-firmware package
<fuzzywuzzzy> Anyone using a landscape alternative that is fully FOSS
<teward> fuzzywuzzzy: what exactly are you trying to achieve with this 'FOSS' alternative?  All the same functions?  I think you'll have issues with that, because there's not one thing that does *all* the things that Landscape does in the way Landscape does it
<fuzzywuzzzy> teward, I'd like simple, centralized patch management
<fuzzywuzzzy> no need for a webgui or stats
<wmp> sarnold: on this same version of kernel that has ovh i havent any NIC...
<fuzzywuzzzy> I
<fuzzywuzzzy> I've only got 6 servers to manage and Landscape is way too much $$$
<sarnold> for an installation that small you may be able to use landscape for free, see http://askubuntu.com/questions/549809/how-do-i-install-landscape-for-personal-use for some information
<fuzzywuzzzy> sarnold, Thanks but I may grow significantly soon so I'd like something else
<sarnold> fuzzywuzzzy: fair enough :)
<fuzzywuzzzy> sarnold, You know how it is. My big budget is $0.00 =P
<fuzzywuzzzy> Anyone ever use pssh?
<RoyK> fuzzywuzzzy: what's in it? I use mosh
<sarnold> RoyK: pssh is parallel ssh, it runs commands on multiple hosts simultaneously, or something similar anyway :)
<fuzzywuzzzy> Yes, mosh is more for roaming
<sarnold> fuzzywuzzzy: it feels like the kind of thing that probably works alright on e.g. six hosts but doesn't feel like it'll go well beyond that
<sarnold> fuzzywuzzzy: once you reach some density, you're going to have upgrades failing for funny reasons, and you'll have messes to clean up on individual machines more and more often, at some point ansible or puppet or chef or similar is going to be more reliable and worth the extra work
<wmp> sarnold: unfortunately on 15.10 i have this same problem... link is not detected...
<fuzzywuzzzy> Ansible is a ripoff!  WTH?
<sarnold> fuzzywuzzzy: never tried it myself.
<fuzzywuzzzy> Puppet is really only free for 10 users
<sarnold> wmp: please file bugs, 15.10 is pretty new and ought to support it
<fuzzywuzzzy> all of those are cloud focused or moving in the direction.
<sarnold> fuzzywuzzzy: all I know is that it isn't salt, I've got a very low opinion of salt devs after they picked the RSA expoonent '1'. idiots.
<thebwt> spacewalk has beta level ubuntu support
<thebwt> re: fuzzywuzzy
<th3s3_3y3s> What options have you for virtualization?
<th3s3_3y3s> For working with android.
<thebwt> The main android sdk has a virt system built in
<thebwt> beyond that, #ubuntu-servers may not be the right place to ask
<teward> there's always kvm with arm emulation, but that's been glitchy as far as I can tell.  the Android SDK is a good first stop though
<teward> there's also supposedly a VMware image for Android that runs on non-arm, but as thebwt stated, #ubuntu-servers is probably not the right place to ask (start with the android support first)
<th3s3_3y3s> teward, it looks like its plugged into a google issue system
<th3s3_3y3s> teward, I've had problems finding support for android.
<thebwt> th3s3_3y3s: #android and #android-dev should be more helpful
<teward> ^ that
<teward> (i was ninja'd)
<th3s3_3y3s> ninja'd?
<teward> slang for saying "thebtw beat me to saying the same thing"
<th3s3_3y3s> thebwt, not usually
<sarnold> but surely android channels nkow more about android than some random ubuntu channel?
<th3s3_3y3s> shadow ring
<th3s3_3y3s> It alters otherwise mean statistical probability.
<th3s3_3y3s> Watch out for lollypop guild blasting your brain out with em radiation.
<th3s3_3y3s> skyangel!
<th3s3_3y3s> The dangers of using shadow ring.
<th3s3_3y3s> Nueral net decides a lot of pathways useless.
<th3s3_3y3s> And discontinues them.
<teward> um, what?
<th3s3_3y3s> teward, Do you have facebook or a picture?
<teward> !offtopic
<ubottu> #ubuntu is the Ubuntu support channel, for all Ubuntu-related support questions. Please use #ubuntu-offtopic for other topics (though our !guidelines apply there too). Thanks!
<th3s3_3y3s> If ubuntu-server is selected for install does it remove ubuntu-desktop?
<RoyK> sarnold: wouldn't you use MPI for that sort of things?
<thebwt> th3s3_3y3s: there isn't an ubuntu-server metapackage
<sarnold> RoyK: MPI feels more specific to an application; I wouldn't use MPI for "apt-get install vim" on ten machines..
<sarnold> RoyK: it'd take some coding work to get that to work with MPI, and I don't know if MPI provides authenticated channels or not
<jrwren> +1, MPI is for something else, and these days, I'd use mesos instead of MPI directly
<jrwren> I used fabric to do a bit of that kind of small server maint a while back (before juju)
<jrwren> err, this fabric http://www.fabfile.org, not fabric.io
<RoyK> sarnold: for something as apt-get install on a bunch of machines, I'd use something like puppet or ansible
<jrwren> RoyK: fabric is even simpler, IMO :)
<RoyK> jrwren: url?
<RoyK> got it
<RoyK> what I really dislike with puppet is ruby
<jrwren> RoyK: this is python :)
<RoyK> jrwren: I know
<th3s3_3y3s> thebwt ok
 * RoyK likes perl, but then, it seems perl isn't going anywhere and that python is taking over :(
<jrwren> I like perl too. it is so stable and done.
<th3s3_3y3s> pathologically ecclectic
<jrwren> a lot of the things these server admin things do, cfengine did almost 20yrs ago
<RoyK> th3s3_3y3s: Pathologically Eclectic Rubbish Lister :)
<th3s3_3y3s> RoyK, The cool drives python.
<th3s3_3y3s> Is there a way to merge python and perl?
<RoyK> th3s3_3y3s: hardly, but perl regex is supported in python
<dmor> Hi guys, how are you? network install related question: one of my clients using appliances with 14.04.1 (which used in development, QA, unit-testing, etc.). I've installed Foreman 1.92 in-order for him to commit network installation with preseed. Foreman uses Ubuntu mirror which installs the latest version which is 14.04.3. I'm trying to find the w
<dmor> ay (if it's possible) to let the preseed file/installer know that I need 14.04.1 specifically. Can't find anything about such configurations. Is it possible? if yes, how?
<dmor> How can I ask the Ubuntu installer to install specific "minor" version? is it possible to use the relevant ISO as installation source for network-based installs? (tried - didn't worked so much)
<bekks> dmor: install a syystem using your own repositories holding the versions you want.
<bekks> dmor: but whats the point in not installing latest patches?
<dmor> bekks: 1. How can I do it?
<bekks> dmor: 1. tell us how you did
<dmor> bekks: I've tried few things:
<dmor> 1. apt-mirror - the problem - will take the last version.
<bekks> dmor: sorry, I was confused with another channel.
<dmor> 2. Using the 14.04.1 ISO - just mount it, configure d-i live/installer for the squashfs. - not working
<bekks> dmor: you would have needed to create your repo while the old release you want was the current one.
<bekks> dmor: why dont you use 14.04.3 repos?
<dmor> bekks: I totally understand it ;-). How it can be done?
<dmor> Because the client currently can't update to 14.04.3. He will, not now. I'm trying to understand if it's possible. Can't find it on Google/offical docs and apparently also on the IRC ;-)
<dmor> Is it possible to create local repo of 14.04.1 or use remote repo of 14.04.1?
<dmor> bekks: any guidelines?
<bekks> dmor: You cannot create a 14.04.1 repo anymore, since 14.04.1 is long gone now. The current release is at 14.04.3
<dmor> bekks: 10x. So just to conclude: you're 100% sure it's NOT technically possible?
<bekks> dmor: I am sure that you cannot create a full 14.04.1 anymore, since it doesnt exist anymore.
<dmor> bekks: is there a way to tell apt to use specific version? 14.04.1 instead of 14.04.3? is is something possible?
<bekks> As far as I know it is not possible, since those versions are not separated in the repos.
<dmor> bekks: Sounds reasonable. In RHEL (for example) it's works differently. You have a directory for each version.
<bekks> Ubuntu isnt RHEL :)
<dmor> bekks: 10x a lot! One last question - is it possible to take the Ubuntu server ISO and create from it installation repository? I've tried with no luck. Maybe because of the fact it doesn't have all of the debs on it.
<dmor> and RHEL is not Ubuntu ;-)
<bekks> It isnt possible because it doesnt have all of the debs.
<dmor> bekks: thanks a lot man. You've helped.
<bekks> It only has all the debs needed for a plain install, without all updates, without additional software, etc.
<bekks> Force your customer to use 14.04.3 - everything else isnt supported anymore.
<dmor> And what will happen if next week 14.04.4 will be out? the same process again?
<bekks> sudo apt-get update; sudo apt-get dist-upgrade;
<dmor> A lot of comapnies uses not the latest OS version for their appliances/servers.
<bekks> And you're fine :)
<dmor> Just to make sure: dist-upgrade do what? install everything except Kernel updates, X updates and security fixes?
<bekks> As you may just realized, the update policy on Ubuntu is totally different from RHEL.
<bekks> dist-upgrade updates everything in 14.04, while not updating to 14.10
<dmor> Yep. I'm a real Ubuntu fan, but in this specific bullet, it sounds less convenient I must say ;-\
<dmor> EVERYTHING? including the Kernel?
<bekks> For me, it sounds convinient, and Ihavent had any issues with that since 8.04 :)
<bekks> dmor: Everything, including kernel updates.
<dmor> So basically running dist-upgrade on 14.04.1 will create 14.04.3 like fresh install of 14.04.3?
<bekks> It will use the same packages as (14.0.4.3 plus updates).
<bekks> fixed: It will use the same packages as (14.04.3 plus updates).
<dmor> Haven't got it yet ;-)
<tarpman> not exactly: 14.04.1 and 14.04.3 have some different packages because of HWE
<bekks> tarpman: Yeah, nbut old HWE arent supported anymore, once a new HWE is out.
<dmor> guys - thanks a lot for your help.
<dmor> It's really apprecaited.
<elro> Iâm having trouble running the wily images on ec2 c4 instance types. The ec2 console reports âinstance reachability check failedâ and Iâm unable to ping or ssh in. It all works on the t2 instance types. Perhaps there is a kernel incompatibility? Iâm using the 64bit hvm-ssd images.
<elro> Looking at the boot log I see errors like this: cloud-init[1469]: 2015-10-26 20:45:49,887 - url_helper.py[WARNING]: Calling 'http://169.254.169.254/2009-04-04/meta-data/instance-id' failed [0/120s]: request error [('Connection aborted.', OSError(101, 'Network is unreachable'))]
<elro> so presumably the network never came up
<teward> who do i bother for errant error messages on landscape.canonical.com?
<thesign> O   &   m   Y   {   N   :   H    Z   \   $   d   *              $   U       *   '   `   9   F    F   S   X   .   +      :   z       e   D   f   v   ]   e   x       (   A   '   H
<thesign>   /   #   #    }   u   $   R      Z   D   A
<thesign> "   M   F   W      ^   W   z    ,   -   F   S   :   T   O   2        w   D   V   L   )   I   ?    t   T   W   Z   |       %   ,    R   q   c      p   >   A   y        ,   [   M
<thesign> 1   J      ]        ?   .   D       7   3   /
<thesign> #   !   @   O   s   p   (   ;    G   M   `   d   9      n   e    y   c   F      z   `   o   m    x   Z   |   Q   |   G   7   :    *   t   j   B   ?   <   i   K    b   M       M   g
<thesign> P   c        j   3      P   r   +   '
<thesign> v   ^   q   '   W   J   R   Z    !   $   W   >   K   A   u   "    '   G   #   *   L   @   r   N    B   K   O   s   v   '   Q       H   T   y   U      [   )   #    _   q   =   q   h
<thesign> -   ?   z    "   %   d   T   q   `   I   :
<thesign> t   X   Z   <   p   _   @   g    ~   \   N   X   }   1   "   a    <   A   *   )       J   ~   `    Q   ;   J   ]   &   }   }   _    U   =   -   z   B   d   f   D    <   {   (   B   O
<thesign> G   i   N    2   F      h   p      \   %
<thesign>    J   ~   o   Y   :   )   b    >         r   [   r   |   d    /   L   :   #   K   +   O   %        )      B   >   !   ;   E    e   =   {   9   Q   q   -   .    J   o   R   p
<thesign> i   #   R   ?    '   p   l   C   k   y   O   /
<thesign>    .      U       >   d   T    2   G   \   j   y   L   L   h    J   ~   "   X   7   :   ;   r    &   q   "   !   #   Y   p   (    y   -   `   Y   P   K   ]   D    D   G   >
<thesign> Z   g   H   )   m    O   k   t   '   Z   A   ;   ?
<thesign> c         4   &   B   T   `    R   N   3   @   U   j   m   1    d   x   H   w   r   S   C   _    E   h   Z   R   L   I   p   D    d   D   g   M   (   Z   $   N    k   +   g
<thesign>   u   c       N   (       f   k   g   Z   %   /   /
<thesign> V   &   "   e   R   (   P   _    k   G   +   }   V   x       a    E   d   "   h      ~   f   =    i   S   B   H   ?   P   e   d    H   f   '   f   i   R   =   m    P   3   X   ?
<thesign> 9   1   Q   d   K         <       X   #   ]   v   @   j       \   %   ]      N   I   L   k       F       "   `   u   B   h       ~   #   !   .   =   j       a   8   V   S
<thesign> j   l   +   ,    F      ^   n   H   d   O
<thesign> S   T   b   |    g   }   _   u   Q   %   X   .
<thesign> h   P   C   -   c   5   n   q    #   }   I   e   )   '   "   N        '   =   >   (   ?   #   r    ^   k   S   %   p   /   4   T    W   E   F   u   E   y   g   w    )   ]
<thesign>    [   b   i   ,   &    n   c   _   ?   I   u   h   R
<thesign> b   Q      |   B   w   ,        E   (   j   :   I   C   e   ]    f   d   *   h   $   a   T   |    V   I   H   l   t   F   r   i    y   x   D   B   _   M   ?   b    V   @      +
<thesign> U   C   Y   G    f   I   |   =   T   \   2   R
<thesign>    @   O   h   Z   A   R   O    ;   !   m   p   !   }   q   k    L   K   `   J   h   ~   p   l    h   &      t   0   ^   F   U    O   _   l   Q   ,      0   =    [   z   (   "   i
<thesign> +   u   S       P   ,   $   )   +   q   }
<thesign> H   t   @   ,   M   J   "   |    b   k   |   n   ,   ?      $    g   e          m   i   #   $    z   j   y   _   v   t   b   L    L   Q   I      h   5   R   V    *   ;      3
<thesign>   k   q   D   Y    *   `   \   b      6   `   ?
<thesign> :   D   %   j   k   4   J   +    G   |   ]   D   '   C   B   V    }   )   M   U   w   \   D   u       M   0   O   I   $   x   V    w   m   ~   J   Z   '   L   M    G   z   r   ]
<thesign> ]   %   \   a       T   \   .   Z   8   r   t
<thesign>    D   u   R   ]   {   M   X    [   Z   D   ;   p   @   8   x    4   V   Y   o   i   V   E   b    z   p   "   Y      #   j   b    r   r   |   ;   G   >   `   .    s   1   >   /
<thesign> )   D   =   +    +   )   t   =   \   h   q
<thesign> $   l   `   L   C   #   h   w    Q   q   o   W   l   b   3   3    {   t   C      #   Z   D   $    D   L   Y   V   0   1   h   /    |   !   m   G   |   G      4       q   n
<roaksoax> !ops
<thesign> m   1   }   E   A    M   g   k   ~   t   X   ~   T
<thesign> [   c   j   L   T   v   a   9    M   _   m   ]   H   r   l   o    G   ~   +   J   D   #   K   c    N   ;   b   b   j      Z   Z    #   ?   ~   z   p   y   f   x    P   +   ,   H
<ubottu> Help! Channel emergency! infinity, soren, lamont, mathiaz, Pici, Daviey, Tm_T, pmatulis, Corey, IdleOne, ikonia, funkyhat, Myrtti, ocean, genii, phunyguy!
<thesign> G   ?   -   %    f   L   >   e   ?   q   n   t
<thesign> 4   o   T   6   ?   w   Z   I    ;   +   @   -   ^   (   Q   7    q   8   T   _   :   0   O   T    $   ;   +   @   t   R   L   T    ;   p   Y   E   K   [   D   %    Y   ,   1   '
<thesign> V   a   ^   F       #   z   K   6   r   #   \
<thesign> 8      :   t   [   S   S   %    M   )   A   O   n   g   _   ]    -   "   w   $   k   R   A   *    i   E   O   Q   G   T   n   X    /   r   D   b   \   {   Z   -    {   R   a   Q
<thesign> r   U      )    ;   ]   L   X   Z   p   o   w
<thesign> O   ]   Y   c   i   A           t   _   /   m   D   &   .   T    3   *   $   "   k   8   w   O    L   ~   m      )   ;   F   C       l            C   [   m    ^      H   R
<thesign> X   j   W       P   ;   v   -   V   )   a   J
<thesign>    ,   D   <   I   |   &   e    -   /   E   G   l   *   Q   @    _   |   T   R   W   6   r   z    %   B   "   {   P   !   X   k    _   W   %   O      X   |   }    S   @   |
<thesign> Q   *   Y   )   U    R   M   !   >   ;   i   >   >
<thesign> F   u   8   m   q   E   B   /    R   ^   &   x   1   {   j   -        k   u   Q   T   M   0   S    >   n   o   X   K   |   R        \      R   }   v   K   -   |       P   z   s
<thesign> +      (   S    K   =   d   &   %      r   L
<thesign> t   x   2   o   u   z   .   }    G   D   6   /   A   '   V   a    D   I   E   W   |   *   "   e    G   v   q   &   K   $   }   (    (   j   o   +   f   l          5   J   Y
<thesign> m   ^   f   M       K   b   t   /   L   W   o   2
<thesign> C   <   a   Q   2   &   M       *   h   *   F   %   V   f   i       F   M   )   >   R   x   K    F   G   m   e   t   v      e    [   '   J   q   `   C      ~       `   h   ,
<thesign> J   o   !   "    ;      J   (   q   z   E
<thesign>    2   S   s   !   M   M   F    e   L   _   q   E   6      b    -   T   7   d   Q   W   -   _    t   T   ]   Q   \      I   M    v   S   I   A   ~   M   +   =    c   .   %
<sarnold> thanks phunyguy :)
<phunyguy> np.
<RoyK> not even a spambot, afaics
<GeekMan1222> da fuck
<Seveas> it was an illuminati bot
<OerHeks> interesting.
<RoyK> what's an illuminati bot?
<OerHeks> Those come alive with full moon.
<th3s3_3y3s> according to pop culture they want to murder priests
<GeekMan1222> lol
<GeekMan1222> they came for the chat and left with my data
<Overand> Huh.
<pmatulis> teward: what errant messages?
<th3s3_3y3s> the choice between red pill and blue pill or some sort of paradigm except the pill is placebo
<th3s3_3y3s> it is the choice that matters
<th3s3_3y3s> If you choose to be a mimic the illuminati give bad examples
 * patdk-wk votes for the green pill
<th3s3_3y3s> so the mimic turns into another bad example
<th3s3_3y3s> as far as I've seen 99% of the programming is illuminati
<th3s3_3y3s> Even the merchant workforce now.
<teward> pmatulis: when i login to the interface, it gives be a brief error message saying "Error: a trial account cannot be created"
<teward> pmatulis: once every so often when i login, usually requires a couple logins before it hits that
<teward> (the error message is in a red popup which indicates an error)
<teward> pmatulis: while not breaking by any means, it's still annoying :)
<teward> pmatulis: note though it's not a huge issue and it's one I can live with for an indeterminate period of time, especially since it doesn't persist
<teward> (that said, Landscape is wonderful when managing a bunch of Ubuntu systems xD)
<pmatulis> teward: ok, maybe i can track something down
#ubuntu-server 2015-10-27
<teward> pmatulis: again, no rush, not a huge issue :)
<lordievader> Good morning.
<th3s3_3y3s> morning lordievader
<soulisson> Hi, does Ubuntu has a repo for security updates?
<ogra_> soulisson, yes, it is enabled by default in your reposoitory list in /etc/apt/sources.list
<soulisson> ogra_, trusty-security?
<ogra_> on a trusty install, yes (and with the correct server name)
<soulisson> ogra_, do the security packages contain the version provided by the editor or is this is the work of the ubuntu team?
<rbasak> soulisson: the Ubuntu security team cherry-pick security fixes
<andol> Well, at least that's the general rule.
<soulisson> rbasak, sorry english is not my first language what does it mean?
<rbasak> soulisson: the Ubuntu security team take the security fix patch from upstream and apply it to the package version that is in the stable release.
<rbasak> soulisson: as andol says this is the general case - there are occasional exceptions
<soulisson> rbasak, ok, thanks
<enleeten> ah a little chmoding never hurt anybody
<ztyuio> hi
<ztyuio> i need your help to setup nomachine 4.3.3 on windows 10 with ubuntu trusty
<ztyuio> anyone using nomachine here ?
<ztyuio> seems not working with port 22
<ztyuio> i can able to join my machine over putty a putty session
<ztyuio> but not with nomachine
<roaksoax> smoser: have you seen this before? http://pastebin.ubuntu.com/12980715/
<smoser> not enough context, but it would seem something is pretty wrong.
<smoser> it is always helpful to post entire logs.
<smoser> probably there is a WARN somewhere.
<roaksoax> smoser: yeah, the person doesn't seem to have the full set of logs
<roaksoax> smoser: http://paste.ubuntu.com/12980737/
<smoser> still not much context, but it really seems like package is not installed, or cloud-init is foobarred badkly somewhere.
<roaksoax> smoser: http://paste.ubuntu.com/12980749/
<roaksoax> smoser: it seems so
<hallyn> dannf: hey - so no problems using the qemu from ppa from a few weeks ago?
<th3s3_3y3s> Is single user mode no longer supported or runlevels at all?
<hallyn> dannf: if not i'll push that with changelog tweak to xenial
<dannf> hallyn: no, it worked fine. most of the problems i had were backporting it to trusty. i worked through those, but there's probably some changes you'd want to bring in
<dannf> that i need to clean up
<dannf> hallyn: def good enough for the initial xenial upload imo :)
<hallyn> cool, thx.
<hallyn> hm, but why does x have a newer version than nw
<hallyn> oh, rharper
<hallyn> well that complicates the merge :(
<hallyn> screw it i'll fake it in git
<dannf> hallyn: here's one patch you might want to bring in: http://lists.nongnu.org/archive/html/qemu-devel/2015-10/msg04627.html
<dannf> hallyn: it'll land upstream differently because they're doing some other configure changes
<hallyn> dannf: but it's ok/safe as is?
<dannf> yeah
<hallyn> hm,
<dannf> not needed for xenial, but is for trusty - i just assume that i won't be the only one that needs to backport it (e.g. cloud archive)
<hallyn> right, i see
<hallyn> had to check rmadison then groked
<hallyn> all right, i'll try to get something into x today - thx
<hallyn> wow no zul
<hallyn> life is meaningless.  alea jacta est
<hallyn> i really need to set something up to notify me on all new devel-release qemu uploads
<th3s3_3y3s> Does the instal cd come with a pxe bootable kernel?
<bekks> Every Ubuntu kernel can be booted using PXE.
<th3s3_3y3s> looking at this command to copy from the ubuntu server install cd : sudo cp -fr install/netboot/* /var/lib/tftpboot/
<gzoo> I'm trying to setup a mail server. I installed the mail-stack-delivery package, but I want to use virtual users.
<gzoo> I set up dovecot so it recognizes users with `doveadm user <user>`
<gzoo> but I'm not sure on the postfix part... I got up to the point where the mail is delivered to my server, but "user" is getting the mail instead of "user@nicedomain", so the postfix thinks theres no such user
<patdk-wk> odd
<patdk-wk> you are using lmtp right? to deliever it to dovecot?
<gzoo> patdk-wk, yes, I use dovecot-lmtp. But I think I'm confusing many, many things.
<gzoo> can postfix check whether a user exists when talking to dovecot by lmtp?
<patdk-wk> yes, but you really shouldn't bother doing that
<teward> sarnold: around?
<th3s3_3y3s> no?
<sarnold> hey teward :)
<teward> sarnold: incoming PM :)
<th3s3_3y3s> patdk-lap, specifiy that
<patdk-wk> heh?
<patdk-wk> specify what?
<th3s3_3y3s> what you shouldn't nother with
<th3s3_3y3s> specify
<teward> sarnold: can I pick your brain with a packaging question in the interim?
<sarnold> teward: you can try but if it's about the conflicts: thing from the other channel, I've got no idea :)
<sarnold> teward: learning packaging on the security team I really only deal with the easy cases where we just do tiny bumps of version numbers and make sure that version numbers are monotonically increasing..
<sarnold> I really am clueluess about the finer points of long-term packaging
<gzoo> patdk-wk, (sorry for reviving an old comment), how do I tell postfix to use dovecot properly? after that all should be set? no virtual user maps on the postfix side?
<patdk-wk> why is there no virtual user mapings?
<patdk-wk> you just said you didn't want system user accounts
<patdk-wk> but full email address accounts
<gzoo> patdk-wk, yes, I have virtual users on the dovecot side
<gzoo> no system users
<patdk-wk> normally, one sets up virtual users in postfix
<patdk-wk> postfix at a min, will need to know all the virtual domains
<patdk-wk> but you generally need 2 tables to do all the mapping
<patdk-wk> dovecot users
<patdk-wk> map this to postfix mailboxes
<patdk-wk> or you could let postfix figure them out by asking dovecot via lmtp, but seems kindof overkill
<patdk-wk> and a alias map table, for email addresses to mailboxes, for postfix
<patdk-wk> but this is way too much for an irc channel
<patdk-wk> lots of people in #postfix will help with the postfix part though
<gzoo> well, I didn't like the idea of having the same data about users in both dovecot and postfix
<gzoo> I guess I'll head off to #postfix for more in-depth help
<patdk-wk> why not?
<patdk-wk> if they use the *same source data*, why not let many programs use the same data directly?
<patdk-wk> less points of failure and other things to go wrong
<patdk-wk> or, less castcading failures
<gzoo> how come having a table on the postfix side, and another one on the dovecot side is the 'same source data'?
<gzoo> it's the same data duplicated
<patdk-wk> heh?
<patdk-wk> it's one table
<gzoo> err, ok i'm missing something
<patdk-wk> your using static hash-key files?
<patdk-wk> not sql/ldap/....
<patdk-wk> I would highly recommend using sqlite instead if your doing that
<patdk-wk> but yes, doing it that way would be a royal pain
<patdk-wk> cause you have too many different pieces of info about one user all over the place
<patdk-wk> if you really must do it that way, no idea why you would, make one file to hold it, and use a make file to create the seperate parts
<gzoo> can't I just have a passwd-like file like they show on the dovecot docs, instead of sqlite. I only need to have 1-few users on the server, and using sql on this would be the overkill opposed to simple files
<patdk-wk> that won't handle your aliases and mappings for postfix
<gzoo> which creates the duplication problem.
<patdk-wk> if you want something simple like that, it sounds like you want to use system users
<gzoo> if I go sqlite, I can have postfix play with sqlite as well?
<patdk-wk> not virtual
<gzoo> I prefer it be virtual users actually
<patdk-wk> you can perfer it all you want
<patdk-wk> but by definition, you have to duplicate all the work, local/system users does automatically for you
<patdk-wk> making it *not as simple*
<patdk-wk> you can't have everything
<sarnold> though you do then have to worry about those users trying to ssh in to the system, heh
<gzoo> I have to note that this is a hobby exercise, so even if I'm scratching my right ear with my left hand I'd rather have it scratched
<gzoo> Some googling seems to show postfix+sqlite hopes
<patdk-wk> sarnold, no
<patdk-wk> you just set it to /bin/false, done
<gzoo> patdk-wk, set the system user's shell to /bin/false?
<patdk-wk> yes
<gzoo> well, thanks for clarifying some things. I will try going the SQLite way.
<patdk-wk> tables makes it much easier
<patdk-wk> basically a mailbox table, a alias table, and a domain table
<patdk-wk> should solve all your needs, or you can make it more complex
<patdk-wk> should be tons of examples on google
<patdk-wk> the bad thing, almost all the examples have issues too :(
<ponyofdeath> anyone know if its possible to write a app armor policy to only allow a process to append to files and not be able to erase or clear them?
<sarnold> ponyofdeath: the 'a' permission should do exactly that
<ponyofdeath> sarnold: thanks! i was just reading that in the man page :)
<lamont> the whole "don't boot with incomplete swraid" option... what package is that in>?
<TJ-> lamont: do you mean the old requirement for bootdegraded=true thing?
<Elion> Hi, i have an ubuntu server and i want to install multiple services on it like gitlab, owncloud, mumble, web server, monitoring system, .... What do you advise me to use to get services in boxes : docker, vm, whatever... and should i use something like chef to manage it ?
<BrianBlaze420> hello beautifuls
<BrianBlaze420> I seem to have openvpn server running
<BrianBlaze420> as the service says it is and syslog looks good
<BrianBlaze420> but netstat -lntp shows only ssh is there I don't see my vpn port
<BrianBlaze420> anyone know where I messed up?
<sarnold> BrianBlaze420: remove the 't'
<BrianBlaze420> lol
<sarnold> BrianBlaze420: that shows tcp but openvpn probably runs on udp
<BrianBlaze420> true it does
<BrianBlaze420> okay so I use u instead
<BrianBlaze420> and see it lol
<BrianBlaze420> thanks
<sarnold> yay :)
<BrianBlaze420> so now I gotta figure out whats blocking me out of thurrr
<BrianBlaze420> thanks a lot tho
<BrianBlaze420> :)
<lamont> TJ-: yeah that
<lamont> (trusty system)
<TJ-> lamont: as I recall, in trusty, either on release, or very soon thereafter, there was an update that stripped that out - I remember because it caught me out!
<sarnold> BrianBlaze420: do you get any error messages from either peer? check service logs, syslog, dmesg on both
<lamont> TJ-: I know that I have a machine that doesn't boot when I have a one-device raid1
<lamont> TJ-: that when I force my way into busybox and mdadm --add the second partitoin, and then reboot, it comes up just fine
<TJ-> lamont: 3.2.5-5ubuntu3 : http://changelogs.ubuntu.com/changelogs/pool/main/m/mdadm/mdadm_3.2.5-5ubuntu4/changelog
<BrianBlaze420> nah I am actually using amazon aws and it's funny when I open ports it's like they don't open but I wanted to really make sure it wasn't my server
<BrianBlaze420> because everything looks grand server side
<TJ-> lamont bug 1279741
<ubottu> bug 1279741 in mdadm (Ubuntu) "Degraded array check, may not do what it says it's doing" [Undecided,Fix released] https://launchpad.net/bugs/1279741
<sarnold> BrianBlaze420: ah, yes, the security groups also need to be managed :)
<BrianBlaze420> I have done that
<lamont> TJ-: oh hell.  that reads like exatly what I most donot want
<BrianBlaze420> but I swear they don't open
<TJ-> lamont: I recall I was hit in a similar way as you seem to be, and I did some debugging and decided the patch xnox added wasn't working for all circumstances, but I can't recall where that led
<lamont> my issue is that I want the machine UP and I'll deal with recovering the RAID at that point.  Given the size of the drives, a 2 day reboot is unacceptable.
<TJ-> lamont: yeah, that was my scenario too
<lamont> esp when, since the second drive wound up not being in the array at all, it's not a 2 day outage, it's a drive there and hookup the keyboard and monitor and manually intervene
 * lamont has to run
<TJ-> lamont: I had the advantage of network KVM, but yes, it isn't good
<BrianBlaze420> you don't know of a way to kick in an updated security group do you>
<BrianBlaze420> I heard it was right away... I have yet to see it right away lol
<sarnold> BrianBlaze420: if you've had time to type about it on irc then perhaps there's something else wrong.. it seems most likely to me that perhaps the one you added might not be sufficient for the job..
<BrianBlaze420> I went this through my other server with opening port 80 too
<BrianBlaze420> and magically it just started working
<BrianBlaze420> so I guess I wait lol
<BrianBlaze420> well i stand corrected other ports opened so its all on me this time
<BrianBlaze420> and it works :)
#ubuntu-server 2015-10-28
<Elion> Hi, i have an ubuntu server and i want to install multiple services on it like gitlab, owncloud, mumble, web server, monitoring system, .... What do you advise me to use to get services in boxes : docker, vm, whatever... and should i use something like chef to manage it ?
<neonixcoder> hay guys.. I am using Ubuntu 14.04 server(recently we upgraded from 10.04 to 14.04), after upgrade I am getting blank screen. But I can connect to that machine remotely..
<neonixcoder> any suggestion?
<sarnold> neonixcoder: maybe try deleting plymouth, I think that's the thing that does happy boot graphics
<neonixcoder> sarnold: how can I do that, is it apt-get remove plymouth?
<sarnold> neonixcoder: yeah, I think that should do it
<neonixcoder> after that do I have to do something?
<sarnold> just reboot and test..
<sarnold> where do you lose graphics? do you see the grub boot menu? if you hold the left shift, does that make the grub boot menu appear?
<neonixcoder> I can see grub boot menu..
<neonixcoder> after grub completes.. its just blanks out..
<neonixcoder> do you want my /etc/defaults/grub file content?
<sarnold> nah, I know next to nothing about the booting end of things
<neonixcoder> sarnold: It want to remove upstart and cron as well which I feel critical for ubuntu machine..
<sarnold> I was just curious if it broke before or after grub :)
<sarnold> neonixcoder: hunh. that's annoying. upstart and cron shouldn't care about plymouth :(
<neonixcoder> yes.. they are interlinked..
<TJ-> neonixcoder: with the black screen, does Ctrl+Alt+Fx (1 <= x <= 7) give a login tty ?
<neonixcoder> no nothing..
<neonixcoder> all are blank..
<sarnold> flashing cursor? or completly blank?
<TJ-> neonixcoder: sounds like a 'nomodeset' requirement; which GPU/driver is installed?
<neonixcoder> TJ-: My details are http://pastebin.com/32bhciDX
<TJ-> neonixcoder: can you "pastebinit /var/log/dmesg"
<neonixcoder> sarnold: completly blank and I dont see signal is going to monitor.. it just say "No signal" and switch off the monitor..
<neonixcoder> TJ-: http://pastebin.com/mTMgdtgx
<TJ-> neonixcoder: line 713 "gma500 0000:00:02.0: I2C transfer error"
<neonixcoder> TJ-: Actually that pastebin is dmesg command out..
<TJ-> neonixcoder: so the video driver should be gma500_gfx.ko ... what does "lspci -nnk -d 8086:8108" report?
<neonixcoder> give me one min..
<neonixcoder> 00:02.0 VGA compatible controller [0300]: Intel Corporation System Controller Hub (SCH Poulsbo) Graphics Controller [8086:8108] (rev 07)
<neonixcoder> 	Subsystem: Device [8100:8086]
<neonixcoder> 	Kernel driver in use: gma500
<sarnold> I love that 8086:... so cool ;)
<neonixcoder> Its a custom build embedded board
<neonixcoder> Any suggetions TJ-?
<TJ-> neonixcoder: there is "915.modeset=0 nomodeset" on the kernel command-line. did you add those in an attempt to fix this issue?
<sarnold> hey, check this out https://wiki.ubuntu.com/HardwareSupportComponentsVideoCardsPoulsbo
<sarnold> all about that video card
<neonixcoder> those are old configs, which are added by other person in my team.. They are working perfectly fine in 10.04 version..
<neonixcoder> TJ- those settings are there in my /etc/deafults/grub file
<TJ-> sarnold: Yes, because if I recall correctly this video card has the non Intel GPU videocore
<TJ-> neonixcoder: I'd try booting it without those; they prevent any video modesetting
<neonixcoder> oh ok..
<neonixcoder> let me edit my file..
<neonixcoder> rebooting now.. let me see if that works..
<neonixcoder> no improvement :(
<neonixcoder> TJ-: Do you want lspci command output or dmesg output again?
<TJ-> the GMA500 is the Imagination PowerVR SGX535
<TJ-> neonixcoder: the dmesg might help us
<neonixcoder> one min
<neonixcoder> TJ-: Here you go.. http://pastebin.com/XrEyeNP2
<TJ-> neonixcoder: that looks better. Line 435 "vesafb: mode is 640x480x32, linelength=2560, pages=0"
<TJ-> neonixcoder: line 448: "vesafb: mode is 640x480x32, linelength=2560, pages=0"
<neonixcoder> but still I dont see screen..
<TJ-> neonixcoder: is there a display whilst the system is booting?
<neonixcoder> yes.. till grub menu..
<TJ-> neonixcoder: OK, so this time the vesafb driver loads, but the same gma500 warnings occur at the end of dmesg. This is the one I think points to the cause. "gma500 0000:00:02.0: trying to get vblank count for disabled pipe 1"
<TJ-> neonixcoder: If I recall correctly, Intel uses the term 'pipe' to mean 'ouptut' or 'head'
<neonixcoder> I can even see kernel booting up to 7 to 8 seconds..
<neonixcoder> ok?
<TJ-> neonixcoder: if that is correct, it is telling us the output is disabled. So, I'd try some of the tips in the Wiki page sarnold pointed to earlier
<sarnold> 9.7 seconds in.. [    9.730378] [drm] Initialized drm 1.1.0 20060810
<sarnold> are there -two- display outputs on this computer? is one of them disabled in bios? or can you use the second one?
<sarnold> I'm surprised vesafb -and- gma500 are loaded / running / etc.. I know next to nothing of display things but it seems strange to me
<TJ-> neonixcoder: I'd suggest removing "splash" and possible telling GRUB to work in text mode, not graphical ("GRUB_TERMINAL=console")
<neonixcoder> sarnold: I dont think it have two displays..
<neonixcoder> TJ-: There is not splash settings in my /etc/defaults/grub file..
<TJ-> neonixcoder: I'm seeing claims it could be an ACPI issue
<neonixcoder> hmmm
<TJ-> neonixcoder: OK, try the GRUB_TERMINAL=console ... just in case! I've found that sometimes helps to not have  GRUB but the display into gfx mode... if it does the kernel sometimes fails to be able to switch modes
<neonixcoder> TJ-: No effect thought I enabled GRUB_TERMINAL=console
<TJ-> Times like this I miss 'xrandr' !
<neonixcoder> As sarnold suggest is my display disabled?
<neonixcoder> If display is disabled, how come it worked for same monitor in 10.04?
<sarnold> 10.04 didn't have the gma500-speciic driver
<sarnold> it might have used a generic vesa / vga thing that is more or less unchanged since 1992.
<sarnold> you may have some success blacklisting the gma500 driver too, but since the wikipage reports successes, it might be worth trying to make it work with the newer driver
<TJ-> neonixcoder: next is to add "console=tty1" to GRUB_CMDLINE_LINUX
<neonixcoder> sarnold: Let me read it and I will get back to you on this..
<sarnold> neonixcoder: try TJ-'s, advice, he's been on a roll all day :)
<TJ-> The one thing I'm a little unclear on is, the driver loaded here reported by lspci is "gma500" but I/We are thinking/looking at info about gma500_gfx. I'm not entirely clear if those are aliases, driver-renaming over time, or something else entirely
<OerHeks> gma500_gfx is correct , https://wiki.ubuntu.com/HardwareSupportComponentsVideoCardsPoulsbo
<sarnold> OerHeks: lspci reported "IKernel driver in use: gma500"
<TJ-> OerHeks: right, but we have "01:06:26   neonixcoder |  Kernel driver in use: gma500"
<TJ-> I *think* it is just a name alias of the driver but best to be sure
<OerHeks> there is a community driver for 3d, that kernel driver is just 2d  https://launchpad.net/~thopiekar/+archive/ubuntu/emgd
<neonixcoder> Let me have look at those things guys..
<TJ-> neonixcoder: we can gather more debug info if you add "drm.debug=1" to the kernel command-line - at least, in the mainline kernel. Not sure when that setting was introduced
<neonixcoder> to which option I can include it?
<TJ-> neonixcoder: yes, it is in 3.19. ... to either, but GRUB_CMDLINE_LINUX is best since that attaches to ALL boot entries
<med_> smoser, can you point me at the "Where's Chuck?" meme storage? I need to get a pic of him into my OpenStack Trivia talk tomorrow.
<med_> or if anyone else knows....
<th3s3_3y3s> symlinked an apparmor profile to the force-complain directory and restareted and it still runs enforcing
<th3s3_3y3s> the link was red and now it is light blue
<th3s3_3y3s> attempting again
<th3s3_3y3s> hmm works now
<ksx4system> how do I add startup items on systems with systemd (most stupid software ever written, even Windows 3.11 makes more sense)?
<ksx4system> back in the good times it was a matter of dropping my script into /etc/init.d
<TJ-> ksx4system: that is still possible; systemd has a sysv-init generator
<th3s3_3y3s> Is there a gui frontend for qemu-kvm?
<TJ-> th3s3_3y3s: libvirt has virt-manager
<th3s3_3y3s> dhcp still not starting
<th3s3_3y3s> I have to repair the internal network.
<th3s3_3y3s> TJ- does virt-manager run kvm?
<TJ-> th3s3_3y3s: virt-manager > libvirtd > kvm/qemu or lxc
<th3s3_3y3s> syslog reports nothing about the dhcp server not starting
<th3s3_3y3s> there was some sort of apparmor complaint
<th3s3_3y3s> that has been taken care of and dhcp still does not start
<th3s3_3y3s> TJ- what is your expertise?
<th3s3_3y3s> There's nothing in the config file about listening on specific interfaces.
<th3s3_3y3s> Attempting to start it manually shows this is what is causing it to not start it reads "not configured to listen on any interface"
<th3s3_3y3s> I don't see anything about interfaces in the example configs.
<th3s3_3y3s> Ok there it is so with the virtual machines can I have it listen on lo
<th3s3_3y3s> And configure the virtual machones o listen lo
<th3s3_3y3s> so each virtual machine is something like 127.0.0.100
<th3s3_3y3s> TJ-, respond
<hateball> Is 10.04 -> 12.04 not a support EOLUpgrade? I can't seem to get it to work
<hateball> By "not work" I mean I have added old-releases, and am trying to do-release-upgrade, but the installer just craps out claiming "failed to read mirror file"
<th3s3_3y3s> hateball, they claim it is unsupported
<hateball> This is going to be a longer day than I intended
<admcleod-> hi guys, what list(s) should i look at for repo/package release info?
<lordievader> Good morning
<MBorges> good morning everyone
<MBorges> I'll cut to the chase and ask away .-)
<TurBoss> Hi
<TurBoss> \o/
<MBorges> I'me moving AD 2003 network to ubuntu server samba 4... so far so good in building test environment with one ubuntu server doing DC, dhcp and dns (bind).
<MBorges> This AD has two sub nets (172.16.5.x and 172.16.6.x) and each of the old servers have 2 NICs, each connected to diferent switches and we have 2 DCs doing dhcp for each sub net and serving diferent computers (floors of the building)
<MBorges> My thing is... can I have my ubuntu server dhcp serving somethink like 172.16.x.x and avoid the need for this? will this have decent performance? Is this a completly idiotic ideia?
<MBorges> I have to say we have a large network but are non profit organization with very little money to spend, hence the change from a all Windows environment that was paid from a project we did many years ago for agriculture
<hateball> MBorges: you can use virtual nics if you like, and only have one physical but then you need to have a trunk port
<MBorges> so independent sub nets are always the way to go if more than 254 ips are needed?
<hateball> well it depends you need to use c-class subnets for QoS or other reasons, otherwise just use a b-class ?
<xnox> lamont: correct. I believe we have then subsequently pulled mdadm change. IMHO I'm not sure what should be done with mdadm, but the thing it's doing now is not working.
<hateball> MBorges: either way you'd point iphelper in your routing to the dhcp server and have that serve whatever, it doesnt need to have different physical nics if you use virtual ones
<maxb> Forget classful addressing, just choose to size your subnets however you like
<maxb> however, if you want to merge the subnets that exist, you need to ask yourself if there is a reason they are separate
<maxb> e.g. to partition broadcast traffic
<maxb> you'd want to look at things like whether the switches support vlans, and what the network bandwidth is
<lamont> xnox: agreed.  I'll certainly play with it more as this week progresses
<pmatulis> morning
<hallyn> dannf: hm, ppc64el build of qemu 2.4 failed.  (haven't looked at why)
<gQuigs> just looking at the different openstack release notes, and what they say about upgrading charms/openstack -
<gQuigs> https://wiki.ubuntu.com/UtopicUnicorn/ReleaseNotes/OpenStackCharms mentions how to upgrade to Juno Openstack
<gQuigs> https://wiki.ubuntu.com/ServerTeam/OpenStackCharms/ReleaseNotes1510#Upgrading mentions how to upgrade charms
<gQuigs> https://wiki.ubuntu.com/ServerTeam/OpenStackCharms/ReleaseNotes1504 doesn't mention upgrading...
<gQuigs> is there a generic upgrading page (or should we start one) that they can just all link to?
<gQuigs> specifically should 1504/1510 cover the upgrading from 14.04 case?
<fuzzywuzzzy> howdy
<sysdoc> Hi every one, I have a Ubuntu server that is at ver 12.01 I tried to upgrade and get an error that the sources can not be reached. I believe that the repo is no longer active as the ver has reached the EOL. Can anyone suggest a path to upgrade the version?
<gQuigs> sysdoc: 12.01 isn't an ubuntu version number, maybe 12.10 ?
<sysdoc> Yeah, sorry a typo there
<gQuigs> sysdoc: you can change the archive to point to http://old-releases.ubuntu.com/ubuntu/
<gQuigs> but it might be worth considering a fresh install (of either 14.04 or 15.10)
<memoryleak> is there a software solution that images a certain disk before booting ?
<bekks> !eolupgrade | sysdoc
<ubottu> sysdoc: End-Of-Life is the time when security updates and support for an Ubuntu release stop, see https://wiki.ubuntu.com/Releases for more information. Looking to upgrade from an EOL release? See https://help.ubuntu.com/community/EOLUpgrades
<sysdoc> gQuigs: Yes I just found a site with that address, and thanks for the EOL links bekks!
<fuzzywuzzzy> Ok I kind of fat fingered somethign.  I chmodded /var/www to 755.  Anyone know how I set it back to what it was by default?
<RoyK> fuzzywuzzzy: IIRC that's the default
<fuzzywuzzzy> I mean I did a chmod -R
<fuzzywuzzzy> on all the files
<RoyK> fuzzywuzzzy: heh
<fuzzywuzzzy> too
<RoyK> fuzzywuzzzy: restore from backup?
<genii> fuzzywuzzzy: Default permissions for files under there are 644
<fuzzywuzzzy> how do I change those all at once and not effect parent dirs
<fuzzywuzzzy> Do I have to go directory by directory?
<RoyK> fuzzywuzzzy: find /somepath -type f -exec chmod -x {} \;
<RoyK> fuzzywuzzzy: should probably help
<RoyK> fuzzywuzzzy: I really doubt you'll need +x on any files under /var/www
<fuzzywuzzzy> that will just find them
<fuzzywuzzzy> then I can chmod and remove execute from the group www-data
<fuzzywuzzzy> right?
<roasted> hi
<fuzzywuzzzy> howdy
<RoyK> fuzzywuzzzy: no, won't just find them - see the -exec argument there in the manpage
<RoyK> fuzzywuzzzy: you won't need execute bit on data files - you really should not have that
<rbasak> utlemming: what's the ETA on Xenial daily cloud images, please?
<fuzzywuzzzy> ok tx
<utlemming> rbasak: we're working on it. We were waiting on the tool chain, which I think lands tomorrow.
<rbasak> utlemming: thanks. That's a bit confusing - I thought Xenial was already open for uploads?
<utlemming> rbasak: https://wiki.ubuntu.com/XenialXerus/ReleaseSchedule
<utlemming> rbasak: yeah, you can do uploads and the pocket's open
<rbasak> utlemming: I'd like to, but I can't run qemu-based dep8 tests locally since that needs a daily cloud image :)
<utlemming> rbasak: Odd_Bloke has EOD, but he's working on the enablement in our build system.
<rbasak> I can probably hack something together but not worth it if you'll have dailies soon.
<teward> i found an interesting issue in mysql-server... installing mysql-common didn't actually install the my.cnf file on Trusty, I had to dig it up from LP o.O
<rbasak> That's odd.
<rbasak> Oh
<rbasak> teward: my.cnf is supplied by the variant server package now
<rbasak> teward: there's a fallback shipped if you don't have a server package installed
<rbasak> teward: that way different variants (eg. MariaDB) can ship their own.
<teward> rbasak: E:ConflictingINformation
 * RoyK doesn't like mysql
<rbasak> teward: mysql-common just manages a symlink with update-alternatives
<teward> rbasak: mysql-server-core-5.5 mysql-server-5.5 installed alongside, no my.cnf
<rbasak> Oh sorry.
<rbasak> I think that happened after Trusty.
<teward> Trusty, not recent :)
<teward> rbasak: yeah, i know it did, but i'm talking Trusty, not newer :)
<ShellGame> i have a command that works if i enter it in bash but fails if i add it to a script im running could someone help with that. cp -pruv sourcedir/!(backups|Thumbs.db) destdir/DriveBackup
<sarnold> ShellGame: does the ! invoke something from your history?
<ShellGame> sarnold: the !(... was used to ignore directories and it works great if i just type it
<sarnold> ShellGame: crazy, I've never seen that before.
<ShellGame> sarnold: either had i untill i did some google searches and since it worked as i needed it when i type it i added it to the script and the script fails to run
<TJ-> ShellGame: prefx the 'cp' line with "echo " and run the script; see what is actually generated by that line and if it differs from when using the shell command-line
<sarnold> ShellGame: looks like'd need to use shopt to set extglob in the shell script
<sarnold> ShellGame: fwiw I'd be more inclined to switch to rsync and use --exclude instead, it feels more likely to work reliably
 * TJ- nods
<ShellGame> TJ-: cp -pruv ~/stuff/!(backups|Thumbs.db) ~/stuff/backups/Stuff-Backup; which is why i was excluding the backups folder
<ShellGame> i had thought about rsync but the script was already using cp for other things so i used this option when i saw it and that it worked
<ShellGame> when i run the script with the command in it it complains about the (
<TJ-> Like sarnold says, it may be shopts causing an issue with interpretation
<sarnold> yes, you need to set the shopt extglob in the script so that it matches your interactive shell
<ShellGame> how do i do that?
<sarnold> shopt -s extglob --- for some small details, run 'help shopt', for the full story, read about shopt in the bash(1) manpage
<sarnold> bring popcorn, it's a huge manpage
<ShellGame> so just add that to the top of the script and test away?
<sarnold> yeah
<ShellGame> says shopt not found
<sarnold> it has to go below the #! line
<ShellGame> yeah i put it on line 2
<th3s3_3y3s> Is kvm a virttype when hardware extensions able?
<ShellGame> first two lines are#!/bin/bash shopt -s extglob;
<sarnold> ShellGame: is the file executable?
<ShellGame> yep for the user
<ShellGame> i just ran the file with ./filename and it started working :|
<atralheaven_> Hello, I use lighttpd, there is a folder in /var/www directory for my personal downloads, I want to be able to add/remove files from this folder without need of being root. what is the safest way for it? thanks
<ShellGame> thanks sarnold & TJ- i believe it is working as its supposed to again
<teward> stupid question: is there a way to force landscape-client to update the apt-repository data to clear a "package data fetch" error that Landscape is complaining my system is having?
<KFKG_> hey everyone
<KFKG_> I am having an issue with Ubuntu Server 14, can I get some help?
<cliluw> KFKG_: It depends. What's the issue?
<KFKG_> My specific problem is I am on a dedicated server that was installed on our host, I am using putty to connect and right now its all command line, I attempted to install kde as well as gnome, they seem to be installed but they will not launch using X
<KFKG_> sorry StartX
<cliluw> KFKG_: You're using X11 forwarding?
<KFKG_> cliluw i am not exactly sure
<KFKG_> I am trying to get a GUI installed on the server as this server will be used for more then just command line operations
<cliluw> KFKG_: What's the error message that you get when you run startx?
<KFKG_> (EE) Server terminated with error (1). Closing log file. xinit: giving up xinit: unable to connect to X server: Connection refused xinit: server error
<KFKG_> I would be happy to provide anyone access to look at it, i think I have installed like 4 desktop guis so far and nothing is working
<KFKG_> This is a brand new server
<cliluw> KFKG_: Are you going to be display the GUI on the Ubuntu computer itself or do you want it displayed on the Windows computer?
<KFKG_> Ideally we want to see the GUI from the rdp or teamviewer/vnc interface
<KFKG_> the server has no display, its in a network center
<KFKG_> we are not physically located at the server
<sarnold> then you won't run X11 on the server itself
<KFKG_> I will confess I know of linux and did some dabbling a few years back, But I am not up on all the terms
<KFKG_> The goal is this server will become a email/ftp/web/streaming audio server
<KFKG_> We have full acess to do whatever is needed from the remote side
<sarnold> why the gui?
<cliluw> KFKG_: You probably did everything correctly. Follow this guide and you'll be able to see the desktop environment on your Windows machine. https://wiki.utdallas.edu/wiki/display/FAQ/X11+Forwarding+using+Xming+and+PuTTY
<KFKG_> sarnold, because of a software called rivendell, it is a radio automation software
<KFKG_> that we need to have the Gui for
<sarnold> cliluw: wow, xming is still around? cool
<KFKG_> reading....
<sarnold> "Recommended Minimum System Requirements ... XFree86 Supported Video Card" -- wow.
<KFKG_> Ok i downloaded that, it says zero displays connected
<KFKG_> let me read some more
<sarnold> ah, good, they do have tarballs from this year. I was afraid the whole thing was going to be 2002 vintage.
<cliluw> sarnold: Even if it was from 2002, it would probably still work.
<sarnold> cliluw: they referenced kernel 2.4.21 loadable modules in the install guide.
<sarnold> now 2.4.21 was a fine kernel, quite good :) but it's unlikely that modules written for it would just recompile against 3.x or 4.x kernels
<cliluw> KFKG_: If you've installed and started Xming, the only thing left for you to do is tick the X11 checkbox in Putty and reconnect.
<KFKG_> I have done so it drops me to the command line
#ubuntu-server 2015-10-29
<cliluw> KFKG_: Type something like "xclock &".
<KFKG_> heh i see the clock
<KFKG_> how will this launch the gui viewable via vnc
<KFKG_> I am looking for a full-time gui btw
<cliluw> KFKG_: Haha, the clock is just to test if the connection is there. To see the full GUI, type "gnome-session" or "startkde".
<KFKG_> ok
<sarnold> the downside is that if the connection between your windows box and the linux box does down, the clients you start there are almost certainly going to die too
<KFKG_> Right so if i have the radio program running and I disconnect I will shut that off, I want ot so it will run no matter what
<KFKG_> can we work on the steps for that
<KFKG_> I see the kde desktop and a hard drive icon but nothing else
<KFKG_> there are a bunch of icons, kind of like a mac bar showing up
<KFKG_> nothing is clickable
<KFKG_> I want this server to allow us to leave things running and login remotely to the gui
<cliluw> KFKG_: It might take a while since you're loading the full desktop. I don't think I've ever loaded the full desktop through X11 forwarding. I usually launch just the app that I'm interested in using like Firefox.
<sarnold> how fast is the link / what kind of latency do you have? it might be pretty slow, especially compared to e.g. vnc..
<KFKG_> like remote desktop
<sarnold> yeah, I think x11 forwarding would only work for you  guys if the application was written to make it easy
<KFKG_> the link is 300 mbps
<KFKG_> roughly
<sarnold> it's hard to tell if it is written that way
<KFKG_> sarnold
<sarnold> then it oughto be snappy :) hehe
<KFKG_> no the radio app must be run full time, thats why vnc is the way we need to go
<KFKG_> I see the clock and half the desktop now
<KFKG_> Is there another way so that I can login via teamviewer/vnc to control the desktop via a gui
<cliluw> KFKG_: I don't know anything about this program but it sounds like x11vnc fits your needs.
<sarnold> KFKG_: I think x11vnc is probably the way to go; this guide looks tolerable, https://www.lxtreme.nl/blog/headless-x11/
<KFKG_> I tried to install that through apt and it said no such package
<KFKG_> i am familiar with x11vnc from back in the debian days
<cliluw> KFKG_: Also, try asking in #ubuntu. In #ubuntu-server, people only use command-line interfaces.
<sarnold> x11vnc is in universe; perhaps if you only enabled main, it might not be there..
<KFKG_> #ubuntu sent me here lol
<sarnold> hehe
<KFKG_> this guide is written in debian will it work for ubuntu
<JanC> if you run a GNOME based desktop, it has a built-in VNC server called 'vino'
<KFKG_> JanC
<KFKG_> let me see whats going on with Gnome
<JanC> you might have to configure it to start listening
<sarnold> KFKG_: it looks like it's decent, skip the bit about gdm3, and I have no idea about 'light-locker', that doesn't sound familiar
<JanC> maybe KDE has something similar too
<sarnold> JanC: any idea how to get it to start from an upstart script or sysv-init script?
<cliluw> JanC: I think he/she has both GNOME and KDE installed.
<KFKG_> the key is I am on the command line now which i an entirely unfamiliar with
<KFKG_> cliluw, there are a total of 4 desktop guis that I installed
<KFKG_> I was sort of just grasping at straws
<cliluw> KFKG_: Wow, that's hardcore. :-)
<JanC> sarnold: vino is started when the GNOME session starts, I think
<sarnold> KFKG_: hey, check this out :) a guide just for ubuntu stuff https://help.ubuntu.com/community/VNC/Servers#x11vnc
<JanC> started by /etc/xdg/autostart/vino-server.desktop I guess
<KFKG_> root@u18018703:~# gnome-session-check-accelerated: Helper exited with code 256 gnome-session-check-accelerated:: command not found root@u18018703:~# gnome-session-is-accelerated: No composite extension. gnome-session-is-accelerated:: command not found root@u18018703:~# gnome-session-check-accelerated: Helper exited with code 256 gnome-session-check-accelerated:: command not found root@u18018703:~# gnome-session[26158]: WARNING: software acc
<KFKG_> it didnt like gnome
<JanC> I wonder if it likes mate or some other ancient desktop then  :)
<JanC> or maybe xfce
<JanC> for less ancient
<sarnold> probably those errors are coming from the X11 forwarding
<sarnold> I'm not shocked that ming x11 doesn't have composite extension ;)
<KFKG_> so do I open port 5900 on the server to connect to the x11vnc?
<sarnold> yes, but be sure to restrict it to only the IP ranges that shuold be allowed
<KFKG_> ok be back in a few
<JanC> sarnold: 3D acceleration doesn't real work well over the internet anyway  :)
<sarnold> JanC: dunno, 300mbps it might work out alright.. ;)
<JanC> and maybe better not open that port publicly but connect using ssh and forward it
<sarnold> yeah, I trust ssh a lot further than vnc
<sarnold> good idea
<cliluw> I assumed this was all over a LAN so it wouldn't matter than VNC sends passwords in plaintext.
<cliluw> that*
<JanC> cliluw: <KFKG_> the server has no display, its in a network center
<cliluw> JanC: Haha, I assumed he was in the network center too.
<KFKG_> ok I connected through the firewall to the server, i am looking at an all black screen inside realvnc
<sarnold> KFKG_: that sounds like real progress; this looks like the next step http://www.karlrunge.com/x11vnc/faq.html#faq-headless
<KFKG_> sarnold, now I am really llost
<sarnold> KFKG_: you need to create an x11 server on the machine for x11vnc to export; the karlrunge.com link shows some small configuration sections for an xorg.conf file that will create the X11 server
<KFKG_> ok when I try to run the x11vnc its failing now
<sarnold> with what error message?
<KFKG_> xopen_display failed
<KFKG_> and they say windoze is complicated lol
<KFKG_> in the old days we just used remote desktop/vnc to connect and we could see kde fine
<sarnold> it'd probably be easier if someone around here had done this recently; the handful of times I've run programs remotely, the usual x11 forwarding over ssh worked perfectly, but it was for things like netscape navigator or mozilla that I didn't care if they died if the link went dead..
<sarnold> but doing the whole gui session, and for an x11 server that has no hardware, it's a bit more complicated :)
<KFKG_> sarnold, would you advise to go back to windows server?
<KFKG_> thats what we are migrating from
<sarnold> KFKG_: the last windows server I used was NT 4.0. It bluescreened every thursday and we never figured out why.
<sarnold> so my advice on windows issues may not be entirely up to date with modern things :)
<KFKG_> sarnold lol
<KFKG_> We were running a cloud server with windows 2008 server dedicated datacenter r2
<KFKG_> we thought we could migrate to linux to save on license fees
<KFKG_> but if we cannot even get a gui thats not showing promises
<KFKG_> it took a week to get the windows server running and all setup
<KFKG_> I have no issue with linux, to be very fair
<KFKG_> when I can see it....
<sarnold> hehe
<KFKG_> we have just completed a plesk config with 11 websites, we had just gotten the ftp / email servers running
<KFKG_> I have no issue with debian or suse or even ubuntu, when I can configure and install the programs
<KFKG_> when they turned on this box they gave us a blinking cursor and that was it
<sarnold> please tell me the plesk server is firewalled agressively
<KFKG_> on windows it is yes
<KFKG_> we have rules setup like you would not believe
<KFKG_> only ports open on that server are the ones we need to communicate with the outside world
<KFKG_> I personally hate plesk
<KFKG_> we uninstalled the mail and ftp clients and only used it for the websites, plesk is just a cover window dressing for IIS
<sarnold> those sorts of web management frontends are the cause of most hacked linux boxes. or maybe they're number two, right behind guessed ssh passwords.
<KFKG_> hacked linux?
<KFKG_> our plesk was in windows
<KFKG_> lol
<sarnold> I suspect their windows versions are no better ;)
<KFKG_> they wanted us to do a managed linux with plesk but said we would have no gui
<sarnold> not to crap on plesk specifically, I further expect it's parity with all the others
<KFKG_> not that I need to confer with my partner the licensing fees are not looking so bad now
<KFKG_> doh i meant now
<sarnold> KFKG_: skimming the rivendell wiki it looks like it ought to be possible to run the rivendell server on one machine and use other workstations as clients
<KFKG_> sarnold riv is very powerful
<KFKG_> but it needs a gui
<sarnold> KFKG_: it might be worth trying to figure out if you actuyally need a gui on the server at all; if you can just connect to it with rivendell clients on your other computers, that'd feel a lot esier to me than managing a vnc server..
<KFKG_> we are only running one riv host
<KFKG_> the riv client is the riv server
<KFKG_> same machine
<sarnold> ow :/
<sarnold> dang
<KFKG_> mysql qwill be installed as well for the wordpress sites so we will just add a database
<KFKG_> but honestly getting to rivendell may prove challenging and honestly I am not seeing the benefits
<KFKG_> the goals of moving to linux box were to use rivendell and run the server like a normal gui server
<sarnold> I think that's still possible, I just hoped there was an easier way :)
<KFKG_> sarnold
<KFKG_> its been a day now and still no gui
<KFKG_> care to login and take a crack at it ;)
<sarnold> KFKG_: sure, you got one, all black, but you got one :)
<KFKG_> LMAO
<sarnold> hah, figures, karl's got a script to run to set the whole thing up! http://www.karlrunge.com/x11vnc/Xdummy
<KFKG_> sarnold its not a package on any source
<sarnold> KFKG_?
<KFKG_> I tried to apt the pacakge
<sarnold> KFKG_: hmm, funny, now that I read a bit more of http://www.karlrunge.com/x11vnc/ I start to think there might be something easier, perhaps vnc4server or tightvncserver would do better
<sarnold> KFKG_: (that Xdummy script you could just download with wget or curl, chmod 755 the thing, and run it if you trust the author..)
<sarnold> I have no idea which would be easier..
<KFKG_> sarnold the issue still remains that for whatever reason these things do not want to work for me
<KFKG_> I remember tightvnc for windows that is
<KFKG_> I just need a gui so I can config this box
<Contigi> errmagawd
<Contigi> so I just use a command to manually move files from a download to my media folder but I did sudo cp download/* media/*
<Contigi> instead of the mv command .. erased everything that was in there
<Contigi> any good way to go about getting this restored back to before it was cp
<sarnold> Contigi: so, you want to take e.g. half the stuff from media/ and move them back to download/  ?
<Contigi> well the files in media were far more important. I guess im looking for a way to get the media folder back rather than the download
<sarnold> hmm, I guess I'm confused then.. can you pastebin the actual commands you ran, from history?
<Contigi> sudo cp -r Downloads/* Media/*
<Contigi> I then ctrl+c out of that command as I releaized I just wanted to do sudo mv Downloads/* Media/*
<Contigi> not I find that the entire directoy in Media/ is empty
<Contigi> excpet the 3 files that got moved into there from Downloads/
<sarnold> are there any directories in Media? it could be all the Media stuff got moved into that subdirectory
<Contigi> well how the hell did that happen
<Contigi> lol thanks sarnold
<sarnold> cp assumes the finaly argument is the directory to move multiple  things into
<sarnold> foo/* bar/* tells the shell to glob both those directories...
<Contigi> so it takes the last directory in bar/* and places it all in there than?
<sarnold> if the last argument on the command line, e.g. Media/zz  just happens to be a directory, cp will shove everything that you listed into the named directory
<sarnold> now, of course, 'last' is funny, some shells sort it, some shells don't, etc. but IFF the last argument is a directory, cp will start doing what it was told to do :)
<Contigi> ahh, i'm ok with that - just glad I didn't lose that directory
<sarnold> if the last thing isn't a directory it bitches:
<sarnold> cp: target âb/4â is not a directory
<Contigi> interesting. I will have to go read some more on this mystical cp command I thought was simple. Thanks so much sarnold, I really appreciate your help here
<Contigi> I thought I lost all my porn there for a minute...
<Contigi> lol jk
<jonah> hi is any body any good with cups and could please help? I've tried in the cups channel but no replies. I'm running ubuntu server and cups was working great with shared printer to local network but not to outside world. Now all of a sudden I can no longer connect to cups and just get "unable to connect" error when i visit 192.168.0.100:631 which used to work?
<jonah> any help to get this working again would be really appreciated
<lordievader> Good morning.
<pmatulis> morning
<lordievader> Hey pmatulis
<mborges> morning
<mborges> :-)
<teward> good morning all
<teward> :)
<rbasak> o/
<teward> hiya rbasak
<thebwt> morning folks
<RoyK> localtime();
<guga> thebwt: good evening )
<thebwt> :)
<wehde> does anyone know of some good open source linux management tools like puppet or landscape that are free?
<wehde> looking to manage 70+ ubuntu machines and landscape is a bit expensive for our blood
<maswan> like puppet or quattor?
<jpds> wehde: puppet/ansible/chef/...
<wehde> jpds, puppet has a pretty big price tag. ill look into ansible
<maswan> my collegues are deploying puppet right now and are def not paying anything
<jpds> wehde: puppet enterprise has a price tag
<thebwt> wehde: what kind of management?
<jpds> wehde: puppet itself doesn't
<jpds> wehde: sudo apt-get install puppetmaster on the server, sudo apt-get install puppet on the clients
<RoyK> wehde: puppet is OSS
<RoyK> we're looking at ansible atm
<jpds> ansible is all the rage these days
 * RoyK gets a headache even thinking about Ruby
 * thebwt prefers saltstack, though some people may hold past silly things against them.
<RoyK> cfengine is another
<wehde> basically i'm looking at basic operations such as managing upgrades and packages
<RoyK> wehde: all of them can do that
<wehde> but i would also like some at a glance info and be able to copy down files to groups of machines
<RoyK> wehde: all of them can do that too
<wehde> is ansible OSS?
<jpds> wehde: Yes
<RoyK> even pssh should work
<RoyK> wehde: all mentioned tools are OSS
<thebwt> wehde: https://docs.saltstack.com/en/getstarted/fundamentals/index.html
<thebwt> for what you're doing, any of these will work
<jpds> wehde: At this point, it's literally a matter of preference
<wehde> i'll check out puppet's community edition and ansible
<thebwt> my specific case, and the reasons I'm looking at spacewalk, is that I can't necessarily keep an agent on each of the client machines like that.
<RoyK> wehde: are all machines linux, or is it a mixed environment?
<RoyK> thebwt: you don't need that with ansible, it uses ssh
<wehde> i currently use cssh and webmin for servers but i'm looking at up to 150 clients that need to be managed
<RoyK> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system.
<thebwt> RoyK: still problematic :( we need rhel style repo channels
<thebwt> for compliance BS
<RoyK> ouch
<RoyK> not my cup of tea
<wehde> its a mixed environment but we are slowly going all linux
<wehde> front office is windows but our production floor is purely linux now
<wehde> eventually i'll convince front office to dump M$
<wehde> *eventually win10 will convince them to dump M$
<wehde> RoyK, do you prefer ansible over puppet?
<jpds> wehde: Do you prefer vim or emacs?
<RoyK> wehde: I do, although I haven't implementet neither. I don't really like Ruby, the language of choice in Puppet. Ansible is rather easy https://www.youtube.com/watch?v=xew7CMkL7jY
<RoyK> jpds: https://xkcd.com/378/
<jpds> Puppet doesn't completely use Ruby, it has its own thing kind of based off it
<jpds> And actually, Puppet is alright once you have it all up and running
<wehde> ill just try puppet and ansible both
<wehde> thanks for the suggestions
<RoyK> jpds: sure, but ansible is alright after an apt-get install on the central server, no agents needed ;)
<jpds> RoyK: Sometimes, agents are nice
<RoyK> jpds: sometimes, but usually not needed
<wehde> checking out ansible after lunch
<wehde> thanks
<jpds> RoyK: I do a change on my puppetmaster, test on one machine, walk away and let the others do it
<wehde> i prefer nano btw
<RoyK> haha :)
<wehde> or the butterfly
 * patdk-wk sticks to wordstar
<RoyK> :)
<pmatulis> i remember wordstar, just barely
<catphish> i just upgraded a host with software RAID + LVM from 12.04 to 14.04, the result is that grub can't find its modules at boot and drops me to a rescue prompt, is there an obvious reason for this, and something i can do to prevent it?
<bekks> Whats the actual error message you get?
<catphish> i'll reboot and paste it
<catphish> "error: file not found." http://i.imgur.com/AS8RGIM.png
<catphish> interesting, booting from my second drive fixed it, i guess grub was updated but only installed to sda
<catphish> i guess now it's booted, a grub-install to both drives will sort it
<catphish> boot is now being interrupted with a warning "diskfilter writes are not supported" but it boots
<teknomega> hi all
<teknomega> if i installed postfix using apt-get install postfix
<teknomega> how do i reconfigure it
<teknomega> when i first installed it.. it asked me how i wanted to set it up
<teknomega> i want to rerun that initial setup application that apt-get gave me
<teknomega> nvm i figured it
<teknomega> dpkg-reconfigure
<catphish> try dpkg-reconfigure
<catphish> ^^ :)
<KFKG_> Hey everyone, day 3 of this madness, I am trying to install and run a GUI on Ubuntu server 14, I want to be able to remotely login and view the desktop like we can in windows RDP, can someone help me? I have installed KDE and X11vnc and i can login via X11vnc but the screen just shows a few icons and the desktop is completely frozen
<jrwren> is there a way to configure apt http proxy to NOT use the Acquire::http::Proxy value for localhost
<sarnold> jrwren: Acquire::http::proxy::192.168.122.1 DIRECT;
<sarnold> sigh I didn't mean to get the newline, too..
<sarnold> jrwren: replace the 192.168.122.1 with 127.0.0.1
<jrwren> sarnold: thank you!
<jrwren> I've used that before and had forgotten!
<sarnold> :)
<sarnold> KFKG_: I wonder if the kde windowmanager is going to want to do too many graphics-hungry things while decorating windows and so forth; try a simple stupid window manager without a desktop environment, perhaps? openbox or fluxbox or twm or fvwm or i3 or notion or evilwm or something else that's just simple..
<thebwt> modern kde hasn't worked well with vnc for me. Any desktop that uses 3d accell could be like that I imagine
<thebwt> have you tried the xubuntu-desktop ?
<thebwt> and how fast is your pipe?
 * thebwt grins
<thebwt> In college I'd run crazy crazy stuff over "ssh -X"
<thebwt> so, depending on what you need the "desktop" for,  you may not need all that
<thebwt> just get in with ssh w/ x forwarding and start x
<jrwren> I occasionally miss the LBX exension
<sarnold> thebwt: he does have a Fast Enough pipe, but ssh -X won't work because he needs the application to continue running when clients disconnect :(
<thebwt> oh, got it
<|TheWolf|> Hi! I'm not sure this is the right channel, if it's not, feel free to point me to a better suited one :-) I have a (Debian) server on which I run a Ubuntu virtual machine whose virtual disk I want to increase. I guess after doing so I need to adjust the root partition of the Ubuntu installation. How do I do that without any kind of graphical interface? Every solution I can find on the net requires me to either sit in front of th
<|TheWolf|> e host machine or at least have some kind of graphical interface to it...
<thebwt> so is the physical disk bigger, but the partition hasn't grown?
<thebwt> sorry, the 'virtual block device'
<|TheWolf|> Well, the physical size of the host machine is still the same. But I am going to adjust the size of the virtual disk ("the .img file").
<|TheWolf|> yes
<thebwt> I think this is what you're looking for: http://linux.die.net/man/8/resize2fs
<|TheWolf|> Haven't done that, but I guess the Ubuntu root partition won't auto-adjust to it. If it did, that would be perfect, of course...
<thebwt> it may, depends on the virt system
<|TheWolf|> I use kvm
<thebwt> i've not touched anything but xen in a while (which doesn't), so I can't say
<|TheWolf|> Okay, that looks pretty good. So the introductory sentence of --> http://www.howtogeek.com/114503/how-to-resize-your-ubuntu-partitions/ about not being able to resize Ubuntu partitions without a kind of live CD is not true?
<thebwt> but I'm mostly sure that's what you need
<RoyK> |TheWolf|: virt-manager is rather useful for that
<RoyK> |TheWolf|: just use it over remote X
<RoyK> |TheWolf|: add a new storage device and add it to your LVM setup
<RoyK> |TheWolf|: increasing a storage device should be possible as well, but I've never done that
<|TheWolf|> RoyK : unfortunately, there is no LVM in the VM -.- that would make my life so much easier
<thebwt> |TheWolf|:  yea, you don't need a live cd, thats crazy talk
<thebwt> well, no I get it
<RoyK> |TheWolf|: try to ask on #virt @ irc.oftc.net
<thebwt> they're assuming single disk
<thebwt> resize2fs should handle what you need
<RoyK> thebwt: partitions need to be changed as well
<thebwt> ohoh
<thebwt> derp
 * RoyK never sets up anything without LVM
<thebwt> that's the catch
<thebwt> now, I am betting kvm grows the partition
<thebwt> though
<shauno> yeah.  if you've formatted a raw device, resize2fs will work.  if it's partitioned, you need to grow the partition, then the filesystem
<thebwt> I'm a terrible gambler
<|TheWolf|> RoyK : I don't, either. Unfortunately, though, I wasn't the responsible for that server until a week ago...
<shauno> the easiest way I know of to grow the partition is simple to delete it and create a new one that starts in exactly the same place.  of course, backup is step 0 there.
<jrwren> |TheWolf|: once the img is rezized, resize2fs will work, or maybe you have partitions in the VM on that img. you'd need to expand the partition and then run resize2fs
<RoyK> |TheWolf|: try named channel
<|TheWolf|> jrwren : yep, of course there's partitions in there. Everything else would be too easy...
<jrwren> |TheWolf|: hehe. just root and swap or even more partitions?
<jrwren> |TheWolf|: on plus side, now is a great opportunity to simplify :)
<|TheWolf|> just root and swap
<|TheWolf|> 4GB of both, actually. No idea why anyone would create such a small root partition on a host that has >1TB of free storage...
<jrwren> |TheWolf|: I would deactivate the swap, delete that partition and expand root partition to fill block, run resize2fs and then apt-get install swapspace for my swap.
 * RoyK would reinstall the PoS with LVM
<|TheWolf|> ok guys, thanks for the suggestions. I'll try my best tomorrow ;-)
<|TheWolf|> thanks a lot!
<jrwren> good luck, have fun
<|TheWolf|> yeah, I have been thinking about reinstalling the whole thing too
<|TheWolf|> I'll see if I can sell that to the customer
<RoyK> |TheWolf|: probably worth the effort so you don't have to spend hours on this next time
<|TheWolf|> RoyK : yep, but according to customers there will never be a next time ;-)
<|TheWolf|> we'll see
<|TheWolf|> cu
<pauljw> !I
<jak2016> hi all
<jak2016> i want get the date in this format   YYYY_MM_DD_HH_SS i try: http://pastie.org/10517007    but not work any advice?
<sarnold> jak2016: bash is very different from dos command.com or cmd.exe scripting; if you're going to be doing a lot of it, it might be worth a day or two at http://mywiki.wooledge.org/BashFAQ
<sarnold> jak2016: try this:  DATE=`date +"%y-%m-%d-%H-%M-%S"`   echo $DATE
<jak2016> ok thanks
<ponyofdeath> hi, anyone know how I can mount a read only iso, then modify files i need added to it then repackage it. with something like aufs? or overlayfs?
<sarnold> ponyofdeath: the bsdtar program may be able to help, http://www.libarchive.org/
<sarnold> ponyofdeath: if that doesn't, then xorriso probably can, but I have a vague feeling that that's work
<ponyofdeath> sarnold: thanks
<jak2000> thanks
<jak2000> for copy a file from server1 to server2(remote servers) wich is better? scp or rsync?
<sarnold> I choose between scp and rsync depending upon the size of the file, whether or not the file on the other system is "close" to the file I'm sending, etc
<sarnold> .. and the network between the two systems
<jak2000> 450Kb
<jak2000> scp /home/user/table.csv jane@host.example.com:/home/jane/mytable1.csv   ?
<sarnold> yeah that should work; for one smallish file, scp is probably fine
<jak2000> and with rsync?
<sarnold> I'd start with rsync -avzP /home/user/table.csv jane@host.example.com:/home/jane/mytable1.csv
<jak2000> man you know about mysqldump command?
<sarnold> I know it exists but that's it..
<sturmflut> Good evening! I happen to be in Austin, Texas in about two weeks and if you would like to hang out, please just contact me in private.
<jak2000> i not want put the password on my backup script: http://pastie.org/10517069
<sarnold> jak2000: put the "> /backup/$MYDATE2" part at the end of the line
<jak2000> in wich line?
<sarnold> the mysqldump line
<jak2000> like this: mysqldump --opt dbtarimas tmtarima ttarcprod ttarclote > /backup/$MYDATE2
<jak2000> and user and password?
<jak2000> i want automate the task
<sarnold> I'd move the user and password stuff to be immediately after "mysqldump" -- maybe you can specify a file to use instead of command line, that'd be better if it is an option
<jak2000> yes
<jak2000> but i down want specify the user and password in this file
<jak2000> ok i am reading someting
<jak2000> man when execute this line:
<jak2000>  rsync -avzP /home/user/table.csv jane@host.example.com:/home/jane/mytable1.csv   ask me a password
<jak2000> where put the password for my cron job take the password and execute the task??
<sarnold> create an ssh key for that, ssh keys are great things
<jak2000> sarnold have a link for follow?
<jak2000> for read/learn?
<sarnold> jak2000: this is a decent short guide. https://help.ubuntu.com/community/SSH/OpenSSH/Keys  -- this one is a lot more detailed and covers a lot of stuff that's less likely to be useful, https://wiki.archlinux.org/index.php/SSH_keys
<jak2000> ok i am reading thanks
<jak2000> other question (last of the day i think) with crontab, how to execute a script all days exept Sunday?
<sarnold> jak2000: "1-6" for the day-of-week field should do it
<jak2000> ok
<sarnold> jak2000: see crontab(5) for full syntax
<jak2000> and: every 10 minutes from 8am to 8pm ?
<jak2000> ok
<sarnold> 8-20 in the hour field, 0,10,20,30,40,50  in the minute field
<jak2000> 0,10,20,30,40,50 * * * 1-6 /usr/scripts/respsql.sh
<jak2000> ?
<jak2000> error
<jak2000> 0,10,20,30,40,50 8-20 * * 1-6 /usr/scripts/respsql.sh
<sarnold> that looks right
<jak2000> sarnold you worked with certificates? (forget the last question of the day :)   ?
<sarnold> jak2000: not much
<jak2000> my dude, is, i need pay for generate a .cer?   (f course i can generate it without paying but is invalid)
<jak2000> ?
<sarnold> jak2000: https://letsencrypt.org/
<sarnold> jak2000: https://www.startssl.com/
<jak2000> interesting the first
<jak2000> ooooo goood
<jak2000> thanks
<jak2000> much to read.... thanks friend
<sarnold> note that startssl charges for revocation
<sarnold> I don't know how letsencrypt does revocation..
<jak2000> charges is $$$$ ?
<teward> sarnold: i didn't know letsencrypt was open for business yet?
<sarnold> teward: I think I saw a third-party site with a letsencrypt cert the other day
<teward> sarnold: i know they've got beta and such for some sponsors
<teward> but we're talking sums of money there
<teward> "In Limited Beta"
<teward> so, not 'public beta'
<jak2000> scp /backup/tari.sql jak:mypaas@mydomain.noip.me:/home/jak/sql/    <--- not work :(
<jak2000> ssh: Could not resolve hostname jak: Name or service not known
<sarnold> jak2000: probably user:pass won't work
<sarnold> user@host should work
<jak2000> and the pass?
<sarnold> ssh keys :)
<jak2000> only ?
<sarnold> I think so
<jak2000> same as rsync
<sarnold> yeah, rsync just runs over ssh, so it expects the same things
<sarnold> and ssh keys are easiest to use
<jak2000> then reading https://help.ubuntu.com/community/SSH/OpenSSH/Keys     https://wiki.archlinux.org/index.php/SSH_keys
#ubuntu-server 2015-10-30
<jak2000> sarnold, teward: ssh-keygen -t rsa -b 4096
<jak2000> this files was generated: http://pastie.org/10517125
<jak2000> wich copy to remote server?
<sarnold> jak2000: id_rsa.pub
<sarnold> jak2000: you'd save it as ~/.ssh/authorized_keys
<sarnold> jak2000: normally you want to append these public keys to the authorized_keys, to keep any that you already have stored there
<jak2000> in the remote server?
<sarnold> jak2000: the ssh-copy-id program automates this
<sarnold> jak2000: yes
<jak2000> ok
<jak2000> sarnold, create the file without password right?
<teward> if you don't want to provide a password then yes
<sarnold> jak2000: yeah, for automated backup systems that's probably best
<teward> i have a few ssh keys that i use for passwordless autosyncs of data :)
<sarnold> jak2000: you can jump through some hoops to run an ssh-agent that works for cron, but it's a big hassle.
<jak2000> isnt dangerous?
<jak2000> without password?
<sarnold> slightly dangerous, yes
<sarnold> but your id_rsa key is mode 600 in a directory that is mode 700 -- it's a bit safer than a password in a shell script in /usr/local/bin :)
<sallon> Hello
<sallon> There are peapol know move pilote graphique ? i work in ubuntu 14.04  and i run in driver i915
<sallon> but my real pilot for my hardware is the i965, i have download and setup package i965 jessie debian. All depandency are successfull
<sallon> i would like to know if modprobe work for disable and enabel after reboot system ?
<sarnold> sallon: if you need to load a module after every reboot, /etc/modules or /etc/modules-load.d/ might help you
<sallon> sarnold yes know but i would like to confirm of dev or user have successfull avec ubuntu 14.04
<sallon> sarnold yes know but i would like to confirm of dev or user have successfull with ubuntu 14.04
<sallon> sarnold thank you for your time readen
<nbros652> anyone know how to get /usr/bin/beep to work from a udev script?
<nbros652> It works just fine when I run the script manually. The script runs just fine when run by udev, but it fails to beep the pc speaker.
<shauno> nbros652: modprobe pcspkr and try again?
<shauno> I believe if that's not loaded, 'beep' will default to just echoing ^G to the terminal, which does the traditional beep - but won't work if the parent process doesn't own a terminal
<shauno> nbros652: failing that, man beep and check out the section 'ioctl wackiness', there's a run-down on what conditions have to be met for beep to be allowed
<nbros652> did that in the script. It works just fine and beeps when I run the script manually.
<nbros652> shauno: ^^
<nbros652> shauno, I can't find any clear reason why it's not beeping when run by udev. I even changed the permissions on /usr/bin/beep to allow everyone to beep. It still fails to beep when run by udev while manually running the script produces a beep.
<nbros652> shauno, it's working now. I didn't make any changes. It just went from not working to working, I'll take that as a win. I just wish I knew what changed.
<shauno> yeah, it'd be nice to know.  but the system bell is a very weird beast, being still handled by the tty for reasons that are older than either of us
<nbros652> shauno, okay, this is strange. It consistently beeps on some USB sticks but not others! Any thoughts on that one?
<nbros652> Perhaps, the script is not running with the insert of certain usb devices
<shauno> none at all.  that'd be squarely in udev's court, which I'm still unfamiliar with
<nbros652> okay, thanks.
<nbros652> strange... it is running. I can see the USB get mounted and unmounted... I guess I'll just have to play around with it and see if I can figure out what's going on.
<jak2000> sarnold? are you there?
<jak2000> i am try copy a file from server1 to server 2: http://postimg.org/image/5e385aizd/ with ssh-keygen -t rsa cant, i do: 1) in server 1, typed: ssh-keygen -t rsa, generated 2 files on: /home/jak/.ssh id_rsa and id_rsa.pub, 2) next step, i do: cat /home/jak/.ssh/id_rsa.pub and copied the contento to server 2 ton: /home/jak/.ssh/authorized_keys     then server1 file /home/jak/.ssh/id_rsa.pu
<jak2000> b  is exact same on server2: /home/jak/.ssh/authorized_keys   i do this command:  rsync -avzP /backup/tari.sql jak@domain.noip.me:/home/jak/sql/   asked something yes/no, typed yes, and then ask me the jak's password, typed correctly, and the file was copied, rerun again the rsyn command and again ask me a password, wich i am do wrong? thanks
<noregret> NSS can't resolve local hosts using their FQDN, what could be wrong? dig/host can resolve normally but not e.g. ping/firefox
<TJ-> noregret: what order is the 'hosts' setting in /etc/nsswitch.conf ? maybe mdns is getting in first?
<noregret> TJ-: hosts:          files mdns4_minimal [NOTFOUND=return] dns
<TJ-> noregret: So possibly mdns4_minimal is answering first, especially likely if the domain is .local
<noregret> TJ-: it is .local
<noregret> TJ-: how can i check mdns4 ?
<noregret> TJ-: btw, the configured dns servers on my machine are a local one and google's
<noregret> so could it be using googe's to resolve those?
<TJ-> noregret: see "man nsswitch.conf"
<noregret> can I configure priority ?
<TJ-> noregret: the order of services is first-come, first-served, so if mdns4_minimal answers for .local and says NXDOMAIN (in DNS speak) then dns will never be tried
<noregret> TJ-: sorry but i don't know what mdns4_minimal is, is it also a "minimal" dns server?
<TJ-> noregret: it's serviced by the package "libnss-mdns"
<TJ-> !info libnss-mdns
<ubottu> libnss-mdns (source: nss-mdns): NSS module for Multicast DNS name resolution. In component main, is optional. Version 0.10-6 (wily), package size 20 kB, installed size 125 kB
<noregret> TJ-: where can configure it?
<TJ-> noregret: configure what?
<noregret> TJ-: libnss-mdns package, could it be reading an incorrect dns? (only google's)
<TJ-> noregret: I already told you, see "man nsswitch.conf"
<pascal> hi
<pascal> anyone has a checklist for lsi megaraid cards/perc cards ?
<pascal> i have a server going at 1mb/s
<bekks> pascal: Which checklist?
<rbasak> stgraber: http://askubuntu.com/questions/691860/how-to-upgrade-lxc-container-after-do-release-upgrade-to-wily
<rbasak> stgraber: run do-release-upgrade inside the container I presume? I've not actually tried this though. I know dist-upgrade would work.
<bekks> dist-upgrade doesnt upgrade releases.
<atralheaven_> Hello, I want to install php, which version should I install?
<bekks> !info php | atralheaven_
<ubottu> atralheaven_: Package php does not exist in wily
<bekks> Yay :)
<atralheaven_> ...?
<bekks> !info php5 | atralheaven_
<ubottu> atralheaven_: php5 (source: php5): server-side, HTML-embedded scripting language (metapackage). In component main, is optional. Version 5.6.11+dfsg-1ubuntu3.1 (wily), package size 1 kB, installed size 10 kB
<atralheaven_> is php5 the last version?
<bekks> Which version do you need?
<atralheaven_> bekks: I don't know, thats why I asked
<atralheaven_> which version is regular version?
<bekks> atralheaven_: Then whats your actual goal?
<bekks> What do you need php for?
<atralheaven_> wordpress, mainly
<atralheaven_> I have not worked with php before
<bekks> Then you'll be fine with the version in the ubuntu repos.
<atralheaven_> bekks: you mean php5 package? because there is no php package
<bekks> Yes.
<atralheaven_> bekks: just for knowing, what's the last version? I think there is a php7 but its still under development, right?
<bekks> www.php.net tells you about the last version out there. Just use te version available from the Ubuntu repos.
<atralheaven_> bekks: I installed php5, Thanks :)
<atralheaven_> bekks: it seems that php7 will be out about two weeks later
<atralheaven_> bekks: I will ask my other questions on #php
<atralheaven_> how can I install "mod_rewrite apache module" on ubuntu server 14.04
<hateball> a2enmod mod_rewrite
<atralheaven_> hateball: "ERROR: Module mod_rewrite does not exist!"
<jrwren> its a2enmod rewrite
<hateball> yes, my bad
<atralheaven_> Thanks :0
<atralheaven_> :)
<phre4k> what's the difference between the ubuntu and ubuntu-cloud LXC images?
<rbasak> Technically they are different templates, not images.
<rbasak> The "ubuntu" template builds you a rootfs using debootstrap.
<rbasak> The "ubuntu-cloud" template uses cloud images.
<rbasak> With the latter you get a cloud-init based system, with the former a more "traditional" system.
<rbasak> For most things it should make little difference except that the latter is much quicker.
<rbasak> (to create)
<phre4k> yeah, meant templates, sorry. So the major difference is the init system?
<phre4k> @ rbasak
<rbasak> phre4k: I guess so. Perhaps the set of default installed packages too, and some other minor configuration pieces. Note that the "init system" as in upstart or systemd is the same. cloud-init adds on to either.
<rbasak> "ubuntu-cloud" will get you an environment much closer to what you'd get on an OpenStack VM, Amazon EC2 instance, etc.
<rbasak> Or Ubuntu deployed with MAAS.
<rbasak> "ubuntu" will get you somehting close to what the server installer does.
<rbasak> If you install from CD image.
<phre4k> aaah ok, thanks for clearing that up. Using the cloud template :)
<phre4k> why can't I create a LXC container with -r wily? It seems that it didn't find the release...
<herrkin> hello community. I have a question for you. I have to set a server on a company, I dont want them to mess with my code but they change network settings very often, so I need to let them access the server to change that, is there a way that I can create a user that can only change the network settings and maybe ping or something like that?
<phre4k> herrkin: how do you want them to change the network settings?
<phre4k> with networkmanager, editing /etc/network/interfaces, ...?
<rbasak> herrkin: on a server only root can change network settings by default. You can write a wrapper and then configure sudo to provide a particular user access to run only your wrapper as root.
<genii> herrkin: Create a user for that and then give them access to specific application in sudoers file
<rbasak> Yeah basically what genii said - same thing :)
<herrkin> ok honestly I havent used networkmanager so I use the /etc/network aproach
<rbasak> Note that wrappers are finicky to get secure.
<rbasak> So I wouldn't rely on them for strong security unless you really know what you're doing.
<herrkin> ok now I am confused
<herrkin> how do I do it?
<rbasak> But if they have physical access then they have root anyway.
<herrkin> why?
<herrkin> if they have physical access there is a log in screen
<rbasak> There's also a box with screws on it.
<herrkin> no root unless you log as root
<rbasak> And a BIOS that lets me boot something else to reset the root password with
<rbasak> (or just change the kernel boot parameters)
<herrkin> not if I have the encrypted partition
<herrkin> I think
<rbasak> What if they lose power? They can't use the server until you come in and type the decryption password?
<rbasak> What if you get hit by a bus on the way in to do that?
<herrkin> so there is no way to deny access to root?
<rbasak> And even then I could trojan the password prompt.
<rbasak> Google "evil maid attack".
<rbasak> Not if they have physical access.
<rbasak> And if they know what they're doing.
<phre4k> found the solution to my LXC issue: you have to do lxc-create -n name -t ubuntu-cloud -- -r wily (note the double dashes)
<rbasak> And they want to get root.
<herrkin> thats bad, I thought there ways a way to deliver a secured box so that noone could log in and even if I they wanted to get access to the partition it was encrypted
<phre4k> herrkin: do you know a scripting language, e.g. python? Install python, write a small script which can change the network settings and only give them the right to exec that particular script
<phre4k> why don't you trust the company? They shouldn't trust you
<phre4k> either you install them a black box or they can configure it. Just charge them to change the network settings. They shouldn't do that anyway.
<rbasak> phre4k: the problem is that I could add a "up" line in the /etc/network/interfaces file I give to the Python script, for example, and then I have root.
<rbasak> phre4k: so everything needs to be sanitized and that is non-trivial to explain on IRC :)
<phre4k> rbasak: that's why you don't specify free-form variables, you only ask for IP and mode and whatnot. They don't need up/down scripts.
<genii> herrkin: You can lock out root password login and only make it by ssh with key. Then the machine is effectively locked out except from another box with acceptable key where you could re-enable password
<TJ-> herrkin: why do you want an unprivileged user be able to create a network interface?
<phre4k> rbasak: but yeah, your point is valid as f**k
<rbasak> phre4k: my IP address is "10.0.0.4\n\tup ..."
<rbasak> phre4k: just ask my friend Bobby Tables. He knows all about this type of thing :)
<phre4k> TJ-: that's what I ask myself too
<phre4k> rbasak: haha, classic xkcd reference
<herrkin> see, the companies always want to make an excuse to keep the code. I dont want that.
<herrkin> the normal excuse is that they need to change the ip address because whatever reason
<rbasak> herrkin: best thing to do then is run the server somewhere else where you have control of it.
<phre4k> ^
<herrkin> so if there is no network I can log into I cant configure it myself
<rbasak> herrkin: sounds like they need a DHCP server. Allows them to change network settings on all of their network at once as they wish.
<TJ-> herrkin: DHCP
<herrkin> so I have to do something so that they can change it themselves whithout letting them touch the code
<phre4k> if there is no network, they have to call you in and you have to fix it. For moneys.
<herrkin> yeah thats out of topic I work nationwide in venezuela.
<herrkin> so it is inneficient that they have to wait for me.
<TJ-> I cannot imagige NOT using DHCP for this kind of situation
<TJ-> s/imagige/imagine/
<herrkin> me too. but they are always doing these things.
<TJ-> DHCP static reservation; sorted
<herrkin> I can manage the server because they do intranet. its not internet service.
<TJ-> herrkin: sell them some consultancy on configuring DHCP :)
<herrkin> so the service has to be in their premises
<phre4k> tell them they have to fire their current network admin if he can't figure something out this simple
<phre4k> (or she)
<TJ-> (or it)
<phre4k> ^
<herrkin> ok lol
<herrkin> just leave the ip as it is
<herrkin> period
<herrkin> lol
<phre4k> or this
<TJ-> herrkin: or you could be sneaky and make the password the required IP address :D
<phre4k> whyever they don't know that fancy thing called "hostnames"
<herrkin> TJ-, I dont know what you mean
<TJ-> actually... I can picture a pam_user_to_ip module that looks for a username of the form ip:A.B.C.D and assigns it :D
<rbasak> As a bonus you'll have a list of IP addresses they have used in /home :)
<TJ-> LOL
<herrkin> I am installing a box, I am on the company, they have changed the ip like 3 times because problems of access
<herrkin> thats a very annoying thing.
<herrkin> they have the dns disabled for now
<TJ-> DHCP has to be answer
<TJ-> herrkin: who owns this PC, you or your customer?
<herrkin> they
<TJ-> herrkin: you can't really deny them access then if they want it
<herrkin> but the contract says we manage it.they cant access it.
<herrkin> while we are in contract. if they want to leave it then they can.
<TJ-> herrkin: I was going to suggest installing a small, cheap, router in front of it that they can access the web console of, and then have 'your' box take an IP from the router :)
<herrkin> TJ-, that seems like a good ide
<herrkin> idea
<herrkin> to eliminate that problem
<TJ-> herrkin: that way the router just does NAT from their IP to the known static IP subnet the 'box' is on
<herrkin> yeah
<herrkin> so there is no touching the console at all.
<TJ-> herrkin: although, then you have the problem of controlling what they can change in the router!
<TJ-> herrkin: but yes, that stops them needing login access to the 'box'
<herrkin> they can do whatever they want with that. I think that is not a problem.
<herrkin> as long as they dont screw the nat
<TJ-> herrkin: precisely; you could exchange one set of issues for another :)
<TJ-> herrkin: although, if you choose the router careful so it runs something open(wrt) like, you could provide a modified unprivileged log-on which only allows entering the router's 'WAN' side IP
<TJ-> herrkin: another option... on the 'box' itself. install your own software in a VM guest, then they can log-in to the host, change it's LAN-side IP. NAT/bridge host/guest and they can change the IP but can't mess with the encrypted guest nor need its password
<herrkin> something like a docker container_
<herrkin> ?
<herrkin> I thought of that
<TJ-> LXC possibly
<TJ-> or KVM for a full guest. That way you could keep an identical copy in your premises modify it, and ship revisions easily, too
<herrkin> good I have to look that up.
<TJ-> Xen is also on option for the hypervisor, with ubuntu in dom0, and your application in a guest in domU
<herrkin> I guess lxc is better than kvm, for it doesnt emulate hardware. its faster, uses less resources as I have seen.
<phre4k> herrkin: buy a Ubiquiti EdgeRouter, they're "cheap" and have pretty extensive features
<phre4k> TJ-: if they can login onto the host, they have access to the guest, even if it's encrypted. You could however route only the interfaces file through to an LXC container
<phre4k> and then they logon to the container
<TJ-> All in all I think a front-router would solve the issue easiest
<herrkin> or I could make it a web service. phre4k I can make for example node.js change those settings
<herrkin> there is no need to log on the system.
<TJ-> herrkin: do they change their sub-net? what network changes do they make that need the PC IP address to change?
<phre4k> herrkin: yeah, it's an idea
<phre4k> but still, suggest they fire their network admin
<genii> TJ-: I also am curious why they need to change their IP all the time, sounds a bit fishy
<TJ-> genii: makes you think 'ulterior motive'
 * genii makes more coffee
<captine> hi all.  question. adding ubuntu to AD following https://help.ubuntu.com/lts/serverguide/sssd-ad.html resulted in the server being added, however, it was added without the windows admin needing to enter a username and password.  pretty strange.  most times when adding windows laptops to AD, an admin needs to type username and password, but when adding ubuntu server to our domain, it was not needed?
<captine> anyone else experience this?
<toyotapie> hello. I have a virsh/kvm/qemu virtual disk in qcow2 format. It's 6.7 gigs. I have to convert it to vmdk to send to the windows guys, and it goes from 6.7 gigs to 27 gigs when I convert using qemu-img convert. Is there an option that I can specify so that the size doesn't grow out of control?
<sarnold> toyotapie: you could try compressing it afterwards; if you're lucky the difference is largely filled with zeros...
<sarnold> toyotapie: or, you could send your pals an ubuntu ISO image and tell them how to use qemu-img themselves? :)
<sarnold> that'd still be ~23 gigabytes smaller, hehe
<toyotapie> Yea, but even my ubuntu users use virtualbox which doesn't recognize qcow2.
<atralheaven_> Hello, I want to setup PPTP vpn on my VPS, on the "/etc/pptpd.conf" file, there is "localip" and "remoteip", what should I use for localip? server ip or 192.168.0.1? and I don't know what my clients IP would be, what should I do for that? Thank you
<atralheaven_> btw, https://help.ubuntu.com/community/PPTPServer
<RoyK> atralheaven_: just don't use pptp
<RoyK> atralheaven_: openvpn is vastly better and more secure
<atralheaven_> RoyK: I know, I have OpenVPN already set up
<atralheaven_> RoyK: I need to have PPTP too
<RoyK> atralheaven_: ptpp is defined in RFC 2637 from 1999, written by Microsoft, and has status as "informational". It's not secure, not by far
<RoyK> when something doesn't even get into the standards track, stay away
<atralheaven_> RoyK: Im aware of this but I really have to, may you help me get this done?
<RoyK> I don't think I've setup pptp for 10+ years, sorry
<atralheaven_> RoyK: may you take a look at "https://help.ubuntu.com/community/PPTPServer" and tell me what do you think about "localip" and "remoteip" part?
<RoyK> atralheaven_: not sure, but I guess the remoteip part is about what addresses to hand out as in a dhcp fasion, where the localip is the ip given to the local server's virtual nic
<atralheaven_> RoyK: Have you worked with l2tp?
<RoyK> atralheaven_: just for testing. usually it's problematic in terms of low-end gear that doesn't allow for other protocols than udp/tcp
<atralheaven_> RoyK: Im trying to set up this too, OpenVPN was the best...
<RoyK> openvpn just uses https, so it will work with all sorts of cheap NAT stuff
<atralheaven_> May someone please test my openvpn? I can't connect to it but everything seems to be fine, I thought it can be from country firewalling. I can give the .ovpn file, I want to see if you can connect to it
<soulisson_> Hi, when applying security updates to Apache, is the Apache version number suppose to change?
<tarpman> soulisson_: version number as reported where/how?
<soulisson_> tarpman, reported by Apache
<ogra_> why would it
<ogra_> its still the same version, just with a backported security fix
<ogra_> (the package version changes though, it gets a suffix bump for the .1 suffix)
<soulisson_> I'm really new to this, what does it mean to be backported?
<ogra_> the fix gets taken from the newer version and added to the one that is in the release
<tarpman> to add to that, some people oppose including the exact package version in the apache version reported over the internet, because bad people could use that to decide which attacks to attempt on you
<soulisson_> ogra_, ok, so when a vulnerability is found Apache, Apache releases a new version of its product?
<ogra_> they release a fix to the vulnerability ... most likely for the most recent version
<RoyK> and then that fix is applied to the older version, if possible
<ogra_> right
<soulisson_> ogra_, RoyK, ok, I see
<RoyK> not all fixes are backportable, some are design changes, but most fixes gets backported
<ogra_> well, security fixes usually get backported :)
<RoyK> ogra_: my point, but some issues may need to be fixed by design changes
<ogra_> yeah
<ogra_> and some depend on newer features
<RoyK> ogra_: with RHEL, we see that with cryptography changes, where redhat doesn't backport the changes to take out weak ciphers or methods or hashes. I'm not sure how that applies to debian/ubuntu
<ogra_> heh, me neither, you have to ask the security team :)
 * RoyK dislikes working with redhat systems - no such thing as a do-release-upgrade
<ogra_> though i think highly insecure ciphers would surely be dropped
<ogra_> heh
<soulisson_> Does Ubuntu Server provided the latest releases or does it only backport the fixes?
 * ogra_ looks forward to snappy on servers ...
<RoyK> soulisson_: only fixes are backported
<RoyK> soulisson_: if you want the bleeding edge, use 15.10
<ogra_> i just upgraded my laptop to wily ... 2h wasted ... snappy could do it in 30min
<bekks> ogra_: Did you try it using snappy?
<RoyK> ogra_: heh - running on spinning rust?
<ogra_> old XPS13 ... but slow internet (2MBit)
 * RoyK uses spinning rust for large data and loathes it for everything else
<ogra_> bekks, nah, but i know that snappy has no separate packages and no maintainer scripts ... upgrading package by package (and coordinating all the interactions) is awfully time consuming
<soulisson_> RoyK, Ok, so for intance if my server comes with let's say Apache 2.4.16, the Apache version will stay the same but the fixes will be applied
<bekks> ogra_: If snappy has no separate packages - it wouldnt work I guess :)
<ogra_> a snappy desktop would perhaps consist of 100 packages ... and have no delay for package configuration
<bekks> ogra_: It has separate packages, but a different package management system.
<ogra_> whereas my laptop upgraded ~2500 packages, downloaded each of them and configured each of them
<ogra_> bekks, i know, i work on it ;)
<bekks> :P
<ogra_> the point is that snaps have more bundled in them ...
<RoyK> soulisson_: right
<ogra_> and no delay after install ... they just get dumped in place ...
<soulisson_> RoyK, ok, thanks for the help
<ogra_> soulisson_, if you need to check if a certain security hole was fixed http://www.ubuntu.com/usn/ has all the links to the respective trackers and info pages
<soulisson_> ogra_, thanks
#ubuntu-server 2015-10-31
<trimeta> I'm having trouble getting the installer to work from a USB flash drive. I used dd to directly copy ubuntu-15.10-server-amd64.iso onto a drive, and while it boots initially, and I can hit "enter" at the "Install Ubuntu" screen, on the next screen (where it wants you to choose a language), it freezes and refuses to respond to any input.
<trimeta> (Note, there are two "choose language" screens, the one before the "Install Ubuntu" option, and the one after. I can get through the first screen no problem, it's the second one where there's an issue.)
<CardingiSFun> Hello, does anyone know how to setup postfix?
<it_> i used this to backup                                                      sudo tar -cvpzf backuphome.tar.gz /media/it/faad1b8e-1145-4114-a15d-783536747e10/                                                                          should i type this to restore will it restore everything back??                                                              sudo tar -xvpzf /cdrom/backuphome.tar.gz -C /media/it/faad1b8e-1145-4114-a15d-783536747e10/ --numeri
<it_> c-owner
<quantic> CardingiSFun: beyond "dpkg-reconfigure postfix" ?
<CardingiSFun> i have it installed just i dont know what to put as the settings. i have a webmin panel that is easy to configure it. i just dont know how i would do so with all the settings
<CardingiSFun> does anyone know how to fix a email problem? my server wont send emails
<quantic> CardingiSFun: Where is this server? Home, hosted, what?
<quantic> CardingiSFun: because, honestly, postfix is very easy to configure via dpkg-reconfigure. I get the distinct feeling that you haven't done your own research.
<CardingiSFun> its a server built at my friends house in flordia. i have full tv access and webmin access. and i just dont know what half the stuff does. like im not good with stuff like that besides the game servers i host.
<quantic> CardingiSFun: Then this is an excellent learning opportunity for you.
<quantic> CardingiSFun: But I'll give you something to get you started: You should configure it as a satellite host. You'll use a smarthost for delivery, and that smarthost is your friend's ISP's outbound email server.
<CardingiSFun> how do i set it up so it uses my domain name after the @?
<CardingiSFun> i have wolfbrotech.com forwarded to the server and the web-server works.  just when people register it doesnt send the activation email out.
<quantic> CardingiSFun: You need to search for and read documentation.
<quantic> CardingiSFun: The answer to your question already exists in some eleventy-billion places on the internet.
<quantic> CardingiSFun: And I've given you a pretty good starting point for your search already.
<mnathani_> CardingiSFun: look for mx records
<mnathani_> in dns and in reference to setting up email for a domain
<quantic> mnathani_: that has nothing to do with his server sending emails out. he's not trying to receive email.
<CardingiSFun> i was checking /var/mail/ttb and all i see is this http://pastebin.com/wzcGavx7
<quantic> CardingiSFun: I already told you what you need to start looking for.
<CardingiSFun> https://www.digitalocean.com/community/tutorials/how-to-install-and-setup-postfix-on-ubuntu-14-04
<CardingiSFun> i followed that
<quantic> CardingiSFun: That doesn't fully apply to you. You're not hosting anything at DO. You're hosting it out of your friend's house.
<quantic> CardingiSFun: The difference being what I already told you.
<CardingiSFun> i dont understand.. i cant understand what you mean..
<quantic> CardingiSFun: Because you keep asking for answers instead of doing your own research.
<quantic> CardingiSFun: But I'll give you something to get you started: You should configure it as a satellite host. You'll use a smarthost for delivery, and that smarthost is your friend's ISP's outbound email server.
<quantic> CardingiSFun: I said that earlier. That, quite literally, is the answer you're looking for. How to actually DO that is an exercise left to you.
<quantic> CardingiSFun: To explain: Your friend's server isn't capable of sending emails the way normal not-hosted-at-home servers do. It can't just send an email straight to the destination - it'll get flagged as spam almost 100% of the time, if it's even accepted at all.
<quantic> CardingiSFun: His internet service provider, whoever that might be, has an email server for this use. You'll have to configure postfix to use that server as a relay when it sends mail.
<quantic> CardingiSFun: It's very easy to configure postfix to do this, but you have to Read The Furnished Materials to figure out how to do it.
<CardingiSFun> i cant read well
<quantic> ... Then that would appear to be your first issue.
<quantic> And you might want to tackle that before trying to configure an email server, to be frank.
<CardingiSFun> dyslexia doesnt help much
<quantic> You're going to have to learn to conpensate. :/ It's unfortunate, but the expectation is that you can do your own research.
<it_> i used this to backup                                                      sudo tar -cvpzf backuphome.tar.gz /media/it/faad1b8e-1145-4114-a15d-783536747e10/                                                                          should i type this to restore will it restore everything back??                                                              sudo tar -xvpzf /cdrom/backuphome.tar.gz -C /media/it/faad1b8e-1145-4114-a15d-783536747e10/ --numeri
<it_> c-owner
<lordievader> Good morning
<mrtAkdeniz> hey there
<mrtAkdeniz> my nslookup IP returns wrong information
<mrtAkdeniz> anyone?
<Sling> mrtAkdeniz: what do you mean with wrong information?
<Sling> what did you do, what did you expect to happen, what happened instead
<mrtAkdeniz> Sling, my hostname is : roomworks.site
<mrtAkdeniz> my hostname -f is roomworks.site
<mrtAkdeniz> but when I try to send mail with postfix
<mrtAkdeniz> it returns http://pastie.org/private/zpqv7egmbmkleugp1qfoga
<mrtAkdeniz> as you see, it think my hostname is room.site
<mrtAkdeniz> nslookup IP returns
<Sling> no, room.team
<mrtAkdeniz> 211.10.196.82.in-addr.arpa	name = room.team.
<mrtAkdeniz> Sling, yeah room.team .. I mean not my hostname
<mrtAkdeniz> Somebody told that, my reverse lookups are wrong
<Sling> so fix the PTR record to make the reverse and forward records point to each other
<mrtAkdeniz> googling it for 1.5 hours.. stil no answer
<Sling> then your google skills must be bad :) https://en.wikipedia.org/wiki/Reverse_DNS_lookup
<mrtAkdeniz> Sling, I mean I did not find a solution to do that
<mrtAkdeniz> Should I change my dns addresses?
<mrtAkdeniz> on resolv.conf?
<Sling> whichever company assigned you the IP should have a way of setting those PTR records
<Sling> no this has nothing to do with your resolvers
<mrtAkdeniz> hmm
<mrtAkdeniz> it is digitalocean
<mrtAkdeniz> i think i can check domains part, there must be an option for ptr
<Sling> https://www.digitalocean.com/community/questions/how-do-i-set-up-reverse-dns-for-my-ip
<mrtAkdeniz> rofl, i found it
<mrtAkdeniz> i need to rename droplet to change it :3
<Sling> looks like it yes
<Sling> 30 minutes ttl
<mrtAkdeniz> Sling, thank you, I'll inform you if it works
<Sling> so can take up to 30 minutes to work
<Sling> http://paste2.org/h7DJkZW9
<Sling> looks good
<mrtAkdeniz> yeah but no luck :\
<mrtAkdeniz> http://pastie.org/10519912
<Sling> probably dns cache
<mrtAkdeniz> dns flush?
<Sling> unless you have permission to do that on the dns resolvers you are using, you will have to wait until their cache expires
<Sling> or change to other resolvers that don't have this lookup cached yet
<mrtAkdeniz> this may up to take 30 min?
<mrtAkdeniz> or longer?
<Sling> depends on the TTL of the record
<Sling> which is 1800 seconds in this case
<Sling> 211.10.196.82.in-addr.arpa. 1800 InfoTest PTRroomworks.site.
<mrtAkdeniz> thank you so much
<Sling> hm not sure where that InfoTest came from, but ok
<mrtAkdeniz> I think after that my problem become postfix problem
<Sling> oh wow, there are tab chars in my copy buffer and irssi uses that to autocomplete, heh
<mrtAkdeniz> rofl
<mrtAkdeniz> so InfoTest was not on there:D
<mrtAkdeniz> sorry @ InfoTest :3
<Sling> IN <tab> PTR <tab> roomworks.site
<mrtAkdeniz> :D
<mrtAkdeniz> Sling, can you check it "http://pastie.org/10519917" is there any restriction?
<Sling> im not a postfix expert, but the myhostname looks fine
<Sling> if it still doesn't work in 20-30 mins, you can always check with #postfix
<maddawg2> anyone here have experience configuring VLANs in Ubuntu-server
<maddawg2> i am attemtping to have one ubuntu server act as a router for two seperate vlans on the same NIC
<quantic> maddawg2: I think it's a matter of installing the "vlan" package, then creating interfaces in /etc/network/interfaces with the "vlan-raw-device" stanza.
<quantic> maddawg2: Have you reviewed https://wiki.ubuntu.com/vlan ?
<maddawg2> quantic that was my assumption too... we use ubuntu server where i work and we've never used vlans before, but we use ubuntu as our router and vpn server for all of the facilties.  However we have some local IT people who are not well verse in Linux and as such we made it slightly easier to manage aspects of the server using webmin.  I am curious as to whether creating a vlan in the interfaces file would appear to the dhcp module as a seperate
<maddawg2> interface
<maddawg2> also wondering if there are any best practices when assignling vlan tags... I.e. i want a public network and a corporate network... is it best to leave the corporate network tagged and leave public untagged or does it matter?
<quantic> maddawg2: If you're going to use vlans at all, tag EVERY network. Properly segregate your stuff.
<maddawg2> gotcha
<maddawg2> someone in another channel told me that most switches pass vlan tags regardless if they are managed or not.  Is this true?
<maddawg2> i was under the assumption that switches stripped the vlan tags out
<maddawg2> and the switches would have to be configured in order to route traffic
<quantic> maddawg2: depends on port configuration, I believe. Admittedly, the finer points of 802.1q aren't my forte. :/
<maddawg2> yea i've never used vlans before lol
<maddawg2> used to just use seperate physical networks, but some our facilities dont have a physically seperate network, and also our wifi APs will allow us to use multiple SSIDs bonded wth a vlan
<maddawg2> i want to take advantage of that so our public wifi is available throughout the whole facility
<TJ-> some switches will tag the ports (so the clients don't need to know about tagging)
<jak2000> hi all
<jak2000> http://pastie.org/10517424#15   cant do the job, i need copy a file from server1 to server2, i try generate a ssh certificate, and ask and ask me the password any adivce?
<jak2000> sarnold?
<teward> jak2000: did you upload the public key to server2's authorized_keys file for the user you're trying to login as?
<teward> for example, to add my SSH key to 'teward' on server2.tewardnet, i'd have to SSH in to there first, and put it into /home/teward/.ssh/authorized_keys
<teward> then try and SSH over with the key and not the password
<teward> if the key is not accepted then it will prompt for PW auth of course
<teward> (and if you're trying to do this as root, well, there's one of your problems)
<teward> s/there's one of your problems//
<jak2000> teward reading
<TJ-> jak2000: see "man ssh-copy-id"
<jak2000> in both boxes i do with user: jak
<jak2000> and http://pastie.org/10517424#15   line 54 (password OK), and copied the file
<jak2000> and yes i copyed the key generated on server 1 copied to server 1
<jak2000> (i do this steps much times, here sarnold and TJ- try help me)
<jak2000> but not work
<teward> jak2000: i assume when you generated the key you just hit 'enter' at the password generation?
<teward> because it's always going to ask when you generate, if you leave it blank there's no pw
<jak2000> yes
<jak2000> only hit 'enter'
<teward> jak2000: well, it looks like rsync is working there.
<teward> "sending incremental file list" is typical of what I see
<teward> and it got past the authentication based on that (it'd have errored out before sending data, usually).
<teward> so what's wrong here?
<jak2000> yes line 52, but see line 51
<jak2000> and line 58 and line 57
<jak2000> ask the password
<jak2000> (i need generate a crontab task for copy a file from server1 to server2) without ask me a password
<jak2000> see please: http://postimg.org/image/5e385aizd/
<teward> jak2000: image isn't useful, we know what you're trying to achieve (you've said it 3 times after all)
<teward> jak2000: `ssh -v` from server1 to server2.  Pastebin the output.  Check to make sure that the key is being provided during the connection phase, you'll maybe see something like this in the verbose output:  debug1: identity file /home/teward/.ssh/id_rsa type -1
<teward> we just need to make sure the key is actually being tried
<teward> (assuming you remember where you said the key should be saved, when you generated it)
<dtsdwarak> hi everyone!
<dtsdwarak> I am currently trying to strip down the ubuntu-server kernel to remove the modules that I don't want
<dtsdwarak> Can someone point me to a link from which I can obtain the kernel source code for ubuntu server images?
<teward> !kernel
<ubottu> The core of Ubuntu is the Linux kernel: see https://help.ubuntu.com/community/Kernel - You shouldn't have to compile your own, and if you need to troubleshoot issues, you can try a !Mainline kernel instead, but if you insist, see https://help.ubuntu.com/community/Kernel/Compile (see also !Stages)
<teward> dtsdwarak: that last link there may be what you want, as well as the first one
<dtsdwarak> teward: and ubottu : Thanks a lot guys. Maybe I put my question wrong. I wanted a way to compile minimal kernel for ubuntu server. The one that resides in kernel.org is too heavy and way too much stuff seems to be taken care of
<teward> dtsdwarak: compiling remains the same either way, you still have to first *obtain* the source code, and to start you have to get a copy of the kernel
<teward> then strip it down
<teward> then follow compilation
<teward> https://wiki.ubuntu.com/Kernel/BuildYourOwnKernel may be useful too
<teward> download, modify, compile.
<teward> how is that different from what you're asking?
<dtsdwarak> The ubuntu server's built in kernel is already stripped down version right? I wanted way so I can start off from where it left - to strip it further down easily.
<jak2000> teward: i type: ssh -v on server1, and tell me a man page: usage: ssh [-1
 * teward grumbles
<jak2000> following: <teward> jak2000: `ssh -v` from server1 to server2.  Pastebin the output.  Check to make sure that the key is being provided during the connection phase, you'll maybe see something like this in the verbose output:  debug1: identity file /home/teward/.ssh/id_rsa type -1
<teward> jak2000: "from server 1 to server 2"
<teward> providing you use the same exact ssh command but add a -v to the arguments
<teward> which you failed to do
<jak2000> okk
<teward> from server2: `ssh -v foo@server2`
<dtsdwarak> teward: !
<teward> or w/e it is
<teward> dtsdwarak: then why are you not referring to the documentation on how to get the kernel?
<teward> "Obtaining the source for an Ubuntu release" on the link I gave you
<teward> (for BuildYourOwnKernel)
<teward> adapt and compile as you see fit
<dtsdwarak> Thanks teward for your help. Let me check that first
<jak2000> teward: http://pastie.org/10520487
<teward> jak2000: lines 37 and 38 suggest that the key was offered but it was not accepted by the server.  So either the public key is not in the correct place on server2, or it's incorrectly copied, or one of many other issues
<teward> jak2000: how did you copy the key over to server2?  Via ssh-copy-id ?
<jak2000> in both servers.... i have ubuntu 14.04 installed
<jak2000> i connect to each one via putty (from windows 8.1 pc)
<jak2000> in server 1 i do a cat: cat id_rsa.pub
<jak2000> and select (with mouse) and and paste on server 2
<jak2000> http://pastie.org/10517424#15,22,24   (line 24 and line 40)0
<jak2000> is wrong?
<teward> jak2000: don't use sudo to edit it, if the 'jak' user is the one it needs to be in
<jak2000> ok
<teward> on server 2: `sudo chown --recursive jak:jak /home/jak/.ssh`
<teward> try again after that
<teward> http://pastie.org/10517424#40  <-- this is where your mistake was, line 40
<jak2000> ok
<jak2000> testing
<jak2000> :( http://pastie.org/10520526
<jak2000> wich is wrong?
<quantic> jak2000: what are the permissions on your id_rsa file?
<jak2000> quantic in server 1? or server 2?
<quantic> jak2000: either.
<quantic> jak2000: which one are you copying FROM?
<jak2000> see please: http://postimg.org/image/5e385aizd/
<quantic> jak2000: then server 1. You could have just answered that instead of linking me to that.
<jak2000> on server1: ls -l id_rsa.pub
<quantic> jak2000: No.
<jak2000> -rw-r--r-- 1 jak jak 395 Oct 29 23:54 id_rsa.pub
<quantic> ls -l id_rsa
<jak2000> jak@swManzana:~/.ssh$ ls -l id_rsa
<jak2000> -rw------- 1 jak jak 1679 Oct 29 23:54 id_rsa
<jak2000> on server 1
<quantic> jak2000: try to ssh to server 2, see if key auth works. If not, ssh -vv to server 2 and pastebin the log. It's going to be quite spammy.
<quantic> jak2000: is there an authorized_keys file in your .ssh directory on server 2?
<jak2000> quantic: http://pastie.org/10520625
<quantic> jak2000: And the answer to my second question?
<jak2000> i paste in the first lines
<jak2000> yes
<jak2000> quantic: http://pastie.org/10517424#15,22,24      i hit only 'enter' key when ask me a password (3 times)
<quantic> jak2000: The contents of /var/log/auth.log on server 2 should indicate why key authentication is being refused.
<trimeta> I'm having trouble getting the installer to work from a USB flash drive. I used dd to directly copy ubuntu-15.10-server-amd64.iso onto a drive, and while it boots initially (using either regular USB boot or UEFI), and I can hit "enter" at the "Install Ubuntu" screen, on the next screen after that (where it wants you to choose a language), it freezes and refuses to respond to any input.
<jak2000> quantic ok i do on server2: sudo tail -f /var/log/auth.log
<jak2000> ons erfver 1: scp  /backup/tari.sql jak@frigorificos.noip.me:/home/jak/sql/
<jak2000> *server1
<jak2000> quantic: http://pastie.org/10520649
<quantic> jak2000: your key is corrupt somehow.
<quantic> jak2000: regenerate it. ensure that the private key is in id_rsa, the public key in id_rsa.pub, and that public key copied to authorized_keys on the destination server.
<jak2000> ok
<jak2000> 1) on server1: cd /home/jak/.ssh    2) rm * -f   (same on server 2)
<jak2000> 3) server1: ssh-keygen -t rsa  9 ask me file an 2 times password( in all 3 ENTER)
<jak2000> generated 2 files: -rw------- 1 jak jak 1679 Oct 31 13:06 id_rsa   and -rw-r--r-- 1 jak jak  395 Oct 31 13:06 id_rsa.pub
<trimeta> Sorry about that; I fell off the net. If I missed any replies, please resend them.
<jak2000> quantic can i do: scp id_rsa.pub jak@domain.noip.me:/home/jak/ftp   ?
<jak2000> or better cat and paste?
<TJ-> jak2000: did you not read "man ssh-copy-id" ?
<jak2000> TJ- sorry, no
<jak2000> i read now
<jak2000> ssh-copy-id -i ~/.ssh/id_rsa.pub remote-host
<jak2000> TJ-, http://pastie.org/10520689    quantic: http://pastie.org/10520689
<jak2000> ooooo not ask me a password
<TJ-> jak2000: that looks correct. Now try an ssh log-in to the target(s) and you ought not to need to enter a password
<jak2000> testingo now copying the file
<TJ-> jak2000: so now your scp/rsync will do the same
<jak2000> ok
<jak2000> testing
<jak2000> TJ- uf............ done the thing
<jak2000> done..... :) i am happyy
<trimeta> I'm in the ubuntu-server ncurses-based installer, and I'm trying to configure some encrypted volumes manually. I set up a couple of disks and was able to do this successfully (by formatting the disk as encrypted volume, then going to "configure encrypted volumes" and activating those volumes), but some other partitions refuse to appear in the "configure encrypted volumes" options even though they also were set up as "physical
<bittin> http://www.twitch.tv/twitchinstallsarchlinux :D
#ubuntu-server 2015-11-01
<detha> When trying to do a PXE install on an isolated network, the installer still wants to contact security.ubuntu.com, and hangs if it isn't given access to that. How does one tell it not to try that?
<szybki_slup> Hi. I'm trying to install Ubuntu Server 15.10, and I have strange issue. The installer stuck on "Installing the base system | Retrieving libc-bin". I was trying to install Ubuntu on different computers, but always the same issue. I can't download libc-bin_2.21-0ubuntu4_i386.deb even via the browser. The strange thing is, that when I'm trying to do that using different internet connection, it works without any problems. An
<jak2000> hi all
<lordievader> o/
<fragtion> lo all. upgraded my server to 15.10 which went ok, but after the reboot I'm not seeing eth0. the VMware NIC is detected with lspci, but ifup is segfaults on boot query
<fragtion> anything I could/should be looking for  ?
<fragtion> whats the easiest way to switch from ensxxx interface naming back to ethx , on wily? (since it evidently broke this on half of my machines)
<fragtion> http://askubuntu.com/questions/689070/network-interface-name-changes-after-update-to-15-10-udev-changes ...
<fragtion> ty fragtion
<fragtion> np fragtion
<fragtion> :)
<pwnawannab[NE]> can anyone help out with freeipa client setup on ubuntu?
<jak2000> sarnold_?
<jak2000> quantic?
<quantic> ?
<jak2000> quantic, yesterday you helped me remember?
<quantic> vaguely?
<jak2000> with ssh certificate, last coment of tj- helped me: ssh-copy-id -i ~/.ssh/id_rsa.pub remote-host
<jak2000> and when i use the scp command (for copy a file from server1 to server2) work (not ask me a user and password)....
<quantic> Oh, yeah.
<jak2000> here all worked fine.. love this command
<jak2000> but i created a task that copy the file andnot work... :(
<jak2000> have time for try help me?
<quantic> jak2000: define "created a task."
<jak2000> a crontab job
<jak2000> wait a moment i try show you the line and commands
<quantic> jak2000: What user is the job running as?
<jak2000> i run the command with sudo
<jak2000> then is root right?
<jak2000> here mi error
<jak2000> changing
<jak2000> 0,10,20,30,40,50 8-20 * * 1-6 /usr/scripts/respsql.sh
<jak2000> 40 8-20 * * 1-6 /usr/scripts/respsqlMedDia.sh
<quantic> jak2000: only processes running as your user have access to the key. If you want root to be able to authenticate as you, then you need to copy the id_rsa file into /root/.ssh/id_rsa
<jak2000> ok
<jak2000> interesting
<jak2000> where ssee if fail the crontab tasks?
<quantic> jak2000: the cron log
<jak2000> its located on /var/log ?
<quantic> like most logs, yes.
<jak2000> changed: 1-6 to 1-7
<jak2000> :)
<quantic> jak2000: By the way, you do realize that the whole "0,10,20,30,40,50" is unnecessary, right?
<quantic> jak2000: If you want something to run every ten minutes, just do "*/10"
<jak2000> ok
<jak2000> server1 date: Sun Nov  1 11:33:30 MST 2015  server 2 date: Sun Nov  1 13:30:20 EST 2015   how to sync the time the mandatory is server1
<quantic> jak2000: Are the two servers in different time zones?
<jak2000> mmm not know googling: how to check timezone ubuntu
<quantic> jak2000: ... WHERE are the two servers?
<quantic> like, physically, on planet earth
<jak2000> ahahah
<jak2000> server 1 in gmt-7 and server 2, in gmt -6 (guadalajara mexico)
<quantic> jak2000: then set the correct time zones, first off.
<jak2000> isnt correct set timezone server1 gmt-7 and server 2 gmt -7?
<quantic> jak2000: no, because they're not physically in the same time zone.
<jak2000> ok, thanks
<jak2000> understand
<jak2000> ls /var/log/cr*    or ls /var/log/cr*.*   no such file... why?
<quantic> cat /var/log/syslog | grep CRON
<RoyK> quantic: or grep CRON /var/log/syslog :P
<quantic> RoyK: Don't ask me why I have that habit. :P
<quantic> RoyK: Usually it's because I know what file I want to look in, and I'm building my search in my head as I type, so I go backwards.
<trimeta> The manual partition manager on the Ubuntu Server disk refuses to activate encrypted (dm-crypt) partitions from an SSD, even though it has no problem doing so from an HDD. Why?
<trimeta> old on...apparently after entering the "Configure encrypted volumes" area, I needed to choose "Finish," not "Activate existing encrypted volumes" or "Create new encrypted volume"
<trimeta> I'm trying to build a server with a BTRFS RAID 1 root on top of encrypted volumes. Normally, initramfs doesn't want to decrypt two different volumes on boot, but I modified /usr/share/initramfs-tools/scripts/local-top/cryptroot to fix this. However, the system still refuses to boot of the BTRFS system wants two devices, even though both of those devices are unlocked.
<trimeta> Anyone know what's going on here? I can mount the BTRFS system without error from within the initramfs rescue shell, but for some reason it's not mounting automatically in the scripts.
#ubuntu-server 2016-10-31
<k_sze[work]> How do I force Trusty server to renew the IP address by DHCP?
<k_sze[work]> I have unplugged the network cable and plugged it to another network.
<k_sze[work]> `dhclient -r` and then `dhclient` don't seem to have any effect
<al_nz1> any nagios peeps here?
<al_nz1> I installed nagiosgraph and *had* it going, but now i am getting blank graphs - sigh
<zul> jamespage: hey when you get a second can you add the zesty-ocata schroot please
<jamespage> zul, done
<zul> jamespage: merci buckets
<jamespage> zul, yw
<synthmeat> i'm not sure what in this service config makes it not stop on restarts/stops https://gist.github.com/synthmeat/db9a68bee22f0abfff98aee9b51e787e
<synthmeat> i get EADDRINUSE on each restart
<rickardve> Anyone who managed to use ec2-ami-tools to bundle a Ubuntu 16.04 Instance Store AMI? I get problems with grub, and it failes to boot.
<rickardve> (It does work with 14.04 and 16.10)
<nacc> rcj: --^ maybe you know?
<rcj> rickardve, PV instance-store?
<coreycb> beisner, hi can you promote the packages in liberty-staging to liberty-proposed please?
<coreycb> beisner, I'm sorry, I meant mitaka
<beisner> ctrl-c
<beisner> ;-) jk, yep, on it, mitaka.
<beisner> coreycb, mitaka staging->proposed done
<rickardve> rcj: PV or HVM doesn't matter
<rcj> What does the error on the console look like when you try to boot?  For PV, are you installing grub-legacy-ec2?  What is the structure of the disk image (FS without partitioning?)
<rcj> And do you have any feature flags enabled for the FS that you don't see in stock (working) instance-store AMIs?  You can check with tune2fs -l /dev/<root_device>
<rickardve> rcj: I have used the latest official Ubuntu 16.04 ami and just try to install the needed tools and repackage it into a new ami.
<rcj> rickardve, Okay.  So what do you see in the console log when it tries to boot?
<rickardve> nothing, it hangs in grub. So for pv I should use grub-legacy-ec2 and for hvm grub.
<rickardve> When I bundle the vol I get a warning about: Missing key 'BOOT_IMAGE' and some more.
<zul> jamespage: while you are at it can you add the ocata backport jobs as well please
<ThiagoCMC> jamespage, hey man, we're facing the following bug in our Xenial / Mitaka deployment: https://bugs.launchpad.net/nova/+bug/1605720 - any change to speed this up and include on Xenial?
<ubottu> Launchpad bug 1605720 in OpenStack Compute (nova) "backing store missing for ephemeral disk on cold migration" [Undecided,In progress]
<ThiagoCMC> I tried to rebuild Nova package but, first, the patch doesn't apply clean against nova_13.1.1-0ubuntu1.1, then, I updated it but then, the tests fail that it runs during the build process fails.
<ThiagoCMC> Test error: http://paste.openstack.org/show/587492/
<ThiagoCMC> So, because the test fail, I'm a bit concerned in using the current version of the patch, in my production environment...
<zioproto> hello
<zioproto> coreycb: hey there, are you around ?
<zioproto> coreycb: sumitted a new patchset for that bug
#ubuntu-server 2016-11-01
<coreycb> beisner, hello, can you promote all of liberty-proposed to liberty-updates please?
<coreycb> zul, i'm looking at the nova mitaka backport failure
<zul> coreycb: openstackclient needs a newer heatclient i just havent gotten to it yet
<coreycb> zul, ok
<zul> coreycb: MIRs have been filed as well
<coreycb> zul, awesome thanks
<coreycb> zul, ddellav: let's focus a little extra CI time this week to get ocata CI stabalized
<zul> coreycb: yep yep
<zul> coreycb: heatclient uploaded
<beisner> hi coreycb - ok looking now
<ddellav> coreycb ok
<beisner> coreycb, liberty proposed->updates complete re: https://bugs.launchpad.net/bugs/1619452
<ubottu> Launchpad bug 1619452 in Ubuntu Cloud Archive liberty "[SRU] liberty point releases" [Undecided,Fix released]
<coreycb> beisner, thanks!
<beisner> coreycb, yw sir
<ddellav> coreycb did we drop keystoneauth1 from cinder control for some reason?
<ddellav> q:q
<coreycb> ddellav, not that I know of.  it looks like we should have it for stable/newton+.
<ddellav> coreycb i thought so. Also, I'm seeing the weirdness with test failures in cinder due to the version number again. It doesn't like the dev308 suffix
<coreycb> ddellav, want to file a bug and do an sru for the keystoneauth1 dep?
<ddellav> coreycb sure
<coreycb> ddellav, thanks
<teward> the server team is meeting today right?
<xnox> +/- 1h; given the UK vs US timezone brainsplit
<rbasak> teward: also many people are out today, so I'm not sure there's any point holding the meeting. I'll be there though, so we'll see.
<rbasak> France and Germany (at least) have a public holiday today, and others are at a Canonical sprint.
<zul> coreycb: ping
<coreycb> zul, hi
<zul> coreycb: why do we run mysql-server in the autopkgtest for neutron?
<coreycb> zul, prob because we use mysql (not sqlite) in production
<zul> bah yeah...mysql-sever is failing to start on s390
<coreycb> zul, hmm
<coreycb> zul, any idea what the failure is?
<zul> coreycb: no clue http://paste.ubuntu.com/23411966/ ;)
<coreycb> zul, one way to debug if you can't get an s390 instance is to add some temporary debug to the autopkgtest or dump log files via autopkgtest, then:
<coreycb>  https://bileto.ubuntu.com (open ticket, upload to ppa, build via ticket, then you must 'lander approve' before autopkgtests get queued up)
<coreycb> but getting an instance would be quicker..
<ddellav> coreycb zul new dependency for designate: monasca-statsd
<ddellav> pkg does not yet exist
<zul> coreycb: yeah im on one :)
<coreycb> zul, oh.. well run the script manually then
<zul> ddellav: yep...the is license issues with monasca-statsd upstream
<zul> coreycb: yeah runs fine if mysql is running :)
<skulltip> i just bought a USB N300 wireless adapter, but i realize i'm running the server, not the gui of 16.10.. how do i 'connect' and put in my wifi password
<phre4k> hey guys, I have a 14.04 server, is it "pretty safe" to upgrade with do-release-upgrade -m server? We have a holiday here so I don't want to drive in, but it's not that big of a hassle. If the chance is only 50% that anything goes wrong I'd take it.
<phre4k> skulltip: I'd use nmcli, is that installed?
<phre4k> skulltip: else just install desktop Xubuntu or the like, it takes only a few minutes to do so
<nacc> phre4k: i assume you have console access etc/
<skulltip> that's the thing phre4k.. it isn't installed but my main ethernet onboard connector is hosed. when i plug it into my router, at random it locks up all my connections and i have to pull all the wires and reboot my modem to free it up.
<phre4k> skulltip: well, install networkmanager then *before* it locks up
<phre4k> nacc: yes, currently SSH but I could KVM. And I could just walk to work in 15min but it's cold
<nacc> phre4k: i meant physical console access (serial console) -- just in case something does go wrong; ssh relies on things still working :)
<nacc> phre4k: i expect that upgrade should mostly just work, but there's always corner cases
<phre4k> nacc: KVM is kind of a console, isn't it
<phre4k> we don't have serial, only networked KVM (LightsOut)
<nacc> phre4k: ah ok
<RoyK> phre4k: iLO should work well
<RoyK> (only problem with it is it's infested by buggy java unless something has changed dramatically the last months)
<phre4k> nothing changed, it's still horrible Java, but one of our engineers coded a nice wrapper around it
<phre4k> we're trying to convince our boss to open source it
<Pici> heh
<phre4k> okay, please label me "officially dumb". I just made a fuss about upgradingâ¦
<phre4k> â¦ a goddamn LXC container m(
<nacc> phre4k: :) i guess just goes to how convincingly system-like they are :)
<phre4k> at some point I'm rerouting our internal network so we connect to an external DC and nobody will notice it
<phre4k> the "cloud" is frightening :D
<teward> rbasak: was merely curious, just had a tidbit on nginx to add, but it can wait to next meeting
<rbasak> teward: OK, thanks!
<zul> ddelav/coreycb: i got os-vif and os-brick
<donu7> Hello, I'm needing help with a ubuntu dns server (named/samba)
<teward> donu7: specifics are useful
<teward> though not sure what 'samba' has to do with named
<teward> (aka 'bind')
<donu7> I'm trying to keep it succinct, english isn't my native language
<donu7> i'm running 14.04 with zentyal. from what I can tell, bind is the actual service running/processing authoritative dns requests. The issue is, I'm looking at the tables in /etc/bind and I'm not finding any records for a few dns hosts on a neighboring subnet
<donu7> So, I'm trying to figure out where those records are being kept. If they're not in /etc/bind/ then where should I look? I've tried Zentyal support and came up empty so I'm hoping I can get some clues on where else to look
<sarnold> try lsof to see if the files are held open
<sarnold> if not, fatrace may show you open/read/close calls for the process
<dberube> Hello I'm trying to figure out how I can remove an additional IP address that was added to the loopback interface without restarting the server. I'm running 16.04 (upgraded from 14.04) If I comment out the three lines for lo:1 and do an ifup -a the IP will still be active until I restart the server. Here's the output of /etc/network/interfaces https://gist.github.com/dberube1/86ced90a276a7c533cb64b02a72067c9
<donu7> I see, I've not heard of fatrace ty sarnold does this channel have a paste.it ?
<teward> dberube: ip -4 addr del IPADDR/CIDR dev lo
<donu7> nvm^ found the pastebin http://paste.ubuntu.com/
<teward> dberube: that'll 'remove' the IP address from the device's "IPs Assigned" but you should consider a reboot eventually if services are trying to bind to that IP at all
<dberube> thanks teward
<donu7> here's a a gist of `lsof -i :53` http://paste.ubuntu.com/23412596/
<teward> dberube: you also need to make sure that whatever's adding that IP at boot is not going to in the future
<teward> so you aren't running that command every day :P
<teward> s/day/time/
<donu7> I suspect that there's additional dns records stored in /var/lib/samba/private/dns/*.ldb but I've no idea how to access those -- this is where I tried zentyal support but again, came up empty
<phre4k> just installed docker.io but there's no command "docker", what am I doing wrong?
<phre4k> wtf. Nevermind, now it suddenly works.
<dberube> teward: I'm actually writing a playbook with ansible to manage the anycast addresses for my load balancers
<teward> not sure if anycast needs special configuration, dberube, just saying
<coreycb> beisner, hi can you promote nova and nova-lxd from mitaka-staging to mitaka-proposed please?
<coreycb> zul, cool thanks
<coreycb> zul, i'll get osc-lib and os-win
<zul> coreycb; ack
<skulltip> ok how do i change my previously defined static IP for the hardware ethernet port, so i can make the wireless one the same #
<coreycb> zul, jamespage, ddellav: I'm going to start backporting a bunch of stuff to the ocata cloud archive where we have deltas vs xenial for openstack deps
<coreycb> it looks like all of the oslos have been backported already
<coreycb> zul, jamespage, ddellav: nevermind, looks like that's already been done.  my report is just out of date.
<coreycb> Ursinha, hi would you be the right person to ask if we can enable http://reqorts.qa.ubuntu.com/reports/ubuntu-server/cloud-archive/ocata_versions.html ?
<Ursinha> coreycb: not really :/ I created that project long ago but haven't touched it in at least three years
<coreycb> Ursinha, ok np :)
<skulltip> i got a n300 usb adapter wireless to connect to my router, but it doesn't seem to be working. the green light on the usb is on, but i cant ping the gateway.
<beisner> hi coreycb - nova and nova-lxd promoted to mitaka-proposed
<skulltip> it's a RaLink RT5372
#ubuntu-server 2016-11-02
<fels> hi All  -  help... !  I know nothing about this and an screwed as the guy who normally does this is awol -  I need to setup mapping for nginx
<fels> I 've mapped it according to a link i found but its' not honouring the mapping . please help!!!
<tomreyn> get prof help if this is too heavy for volunteers
<tomreyn> :-P
<fels> lol - we have to start somewhere - so might as well start here .... i really need to get thsi running ..
<tomreyn> fels: how many employees are there in this company
<fels> which one ?
<fels> tomreyn: ?
<tomreyn> the one you're trying to get the nginx stuff fixed for
<fels> 2 - its a stat up
<tomreyn> so you are one founder and the other foudner is absnet without leave?
<tomreyn> well that's more of a conclusion than a question really.
<tomreyn> you should put your configuration on a pastebin
<tomreyn> !pastebin | fels
<ubottu> fels: For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imgur.com/ !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<tomreyn> since this will make it public to thew world, before you paste it there, you should redact sensitive info
<tomreyn> i.e. maybe replace domain names, peoples names in comments, ip addresses etc.
<tomreyn> and then explain what you need to map where, and how you can tell that it does not currently work.
<fels> tomreyn: no - I'm not the founder - just hte helpful guy that got roped in :)
<tomreyn> i see
<fels> when you put multiple names in the .conf file do you seperate it with  SPCE ? eg :   server_name JOE.mainsite.com BLOGSS.mainsite.com ?
<tomreyn> yes
<tomreyn> but you end the line with a ;
<fels> (great - tomreyn thanks
<tomreyn> you can use "sudo nginx configtest" to check whether your configuration files' syntax looks fine.
<fels> Thnks tomreyn- That will come in handy -  what if i need that to map to JOE.mainsite.com/SOMETHING ?
<tomreyn> are you saying that you want all http requests directed to http://JOE.mainsite.com to go to http://JOE.mainsite.com/SOMETHING instead?
<fels> yeah
<fels> is that possible ?
<tomreyn> fo sure, as long as requests to http://JOE.mainsite.com actually end up on the server you are working on
<tomreyn> http://nginx.org/en/docs/http/ngx_http_rewrite_module.html#return
<tomreyn> so withint the server{} block add a location{} block. and in this 'location' block, add a 'return' statement
<tomreyn> server { ...; location / { return 302 http://JOE.mainsite.com/SOMETHING ; } ... }
<tomreyn> roughly this, fels
<fels> thank you tomreyn
<tomreyn> this wont redirect requests initially made to http://JOE.mainsite.com/xxx or to httpS://JOE.mainsite.com though
<tomreyn> i.e. only requests for the main web page at the / URI will be redirected
<tomreyn> so it's quite late here, and i really need to get some sleep. AKA, good luck.
<fels> ok tomreyn thks for the help -
<fels> where ar you based ?
<tomreyn> to the south east
<Guest63015> does anyone know how to setup minidnla with an external hard drive?
<Lehthanis> I need some help with hosts and postfix/ptr record settings...my ptr record is mydomain.com but my postfix myhostname setting is servername.mydomain.com and my hosts file lists the ip address as servername.mydomain.com also.
<Lehthanis> its a web server that hosts multiple domains...so do I need to change my ptr record to servername.mydomain.com or change my hosts file to remove the servername?
<Lehthanis> http://hastebin.com/okixudaral.css here's my /etc/hosts file
<Lehthanis> edited to protect the guilty (xx.xx.xx.xx is my ip address and my real domain names and server name is in there)
<Lehthanis> also...servername is not www...should it be?
<brucegl> :-D
<cpaelzer> rbasak: I've seen your mysql upload blocked on dovecot
<cpaelzer> rbasak: I quickly looked at the actual fail and I'm not convinced that is sql related at all
<cpaelzer> rbasak: the new dovecot is uploaded now but the queues are rather full
<cpaelzer> rbasak: if you have the power you might just try to re-run that test to check if it is a transient error
<cpaelzer> rbasak: I have seen the dovecot 2.2.25 autopkgtests succeed in zesty on Monday morning
<cpaelzer> rbasak: but that was on amd64
<rbasak> cpaelzer: thanks, I hadn't noticed. I'll look.
<YuxKukMo> hi! can anyone here tell me how can i setup the apache server to listen only on 443 port ?
<YuxKukMo> thank you
<rbasak> cpaelzer: that failure looks familiar. I think it's a test instability. I requested a retest, thanks.
<rbasak> smb: do you have an opinion on bug 1321144 please?
<ubottu> bug 1321144 in xen (Ubuntu) "/etc/default/grub.d/xen.cfg only works on english language system" [Medium,Confirmed] https://launchpad.net/bugs/1321144
<rbasak> Sounds like something you would have hit by now?
<rbasak> Also bug 1352512
<ubottu> bug 1352512 in xen (Ubuntu) "typo in /etc/default/grub.d/xen.cfg - no automatic boot of xen after reboot" [Medium,Confirmed] https://launchpad.net/bugs/1352512
<rbasak> nacc: do you want to assign yourself https://bugs.launchpad.net/bugs/1570472 in our bugwork status? I just hit it while triaging.
<ubottu> Launchpad bug 1570472 in puppet (Ubuntu) "Set systemd as default service provider" [Medium,In progress]
<rbasak> Or did you want to drop it?
<zul> coreycb: when you get a chance can you have a look at the autopkgtest failure i am sooo confused now
<coreycb> zul, sure, which package was that again?
<zul> coreycb: oslo.i18n and oslo.services i think
<coreycb> zul, ok
<coreycb> beisner, can you promote mistral and neutron to newton-proposed please?
<zul> coreycb: thanks
<coreycb> zul, is it neutron maybe for s390x?
<zul> coreycb: yeah but i tried reproducing yesterday and I was able to reproduce but mysql might be in a werid state on s390
<zul> i really dont know
<coreycb> zul, do you have an s390x instance I could use?
<zul> coreycb: i do
<fels> hey all
<fels> Can someone help me setup SSL on Ubuntu 16... ?
<hateball> fels: in what? apache, nginx?
<fels> nginx hateball
<hateball> fels: do you have a commerical certificate?
<fels> yes - one was purchased -
<fels> so the main daomin lets say SITE.com is hosted  on a differnt plan with the same company
<fels> I have this ubuntu VM and it will have multiple submdomains eg :   api.SITE.com and app.SITE.com and stuff.SITE.com
<fels> I would like those to be SSL secured
<hateball> well you define server_name in your config so that shouldnt be a concern
<hateball> fels: so you got a wildcard cert?
<hateball> for SITE.com
<fels> yes
<hateball> Usually whatever commercial seller of certs you use has a guide for how to use them
<fels> so 1st question - should the cert be installed on the SITE.com server ?
<hateball> fels: Otherwise this is short and simple https://www.digicert.com/ssl-certificate-installation-nginx.htm
<hateball> fels: eh... the cert needs to be on any machine serving a website
<hateball> fels: so if you api, app, etc all on different ones, they all need the cert
<fels> those will be on the same VM but differnt ports
<hateball> well, you only need your key, cert and intermediate in one place, then you have a config file for each website pointing to the certs
<fels> main SITE.com is on a differnt machine its  a marketing site so they not to concerned just yet
<hateball> If you read the link it is quite clear
<frickler> jamespage: not sure if I asked that earlier already, but can we get ceph 10.2.3 into xenial-updates? there's lot of important bug-fixes in that release, in particular for rgw
<fels> hateball: are you about for a few hours in case i hit  a wall ? I woudl really appreciate it
<hateball> fels: on and off, I am supposed to be working after all :)
<fels> :) - i understand
<fels> hateball: do i need OPen ssl ? how do i know if is installed  ?
<hateball> fels: if you have nginx installed you have openssl
<fels> Great "_
<Andrew_jedi> 	Hello folks, We are running icehouse and we may have to upgrade the kernel from 3.13 to 4.2. Do you think this can affect the openstack installation in any way?
<Andrew_jedi> I mean openstack  icehouse packages and willy kernel? Will this work?
<ikonia> the kernel is your hypervisor
<ikonia> so the kernel will have an impact to your virtualization stack
<coreycb> zul, I couldn't recreate the autopkgtest failure.  let's see what the next run shows now that you are dumping the log file.
<zul> coreycb: ok
<Andrew_jedi> ikonia: This is the reason why we have to upgarde the kernel, we have problems in our virtualization layer. VM is hanging.
<ikonia> so why did you upgrade the kernel ?
<coreycb> zul, I'm looking at the heat failures for ocata
<zul> coreycb: im doing neutron....yaaay
<coreycb> zul, k
<coreycb> zul, cinder has some issues too so I'll take that
<zul> coreycb: i saw...it looks like to do something with the newer os-brick
<zul> coreycb: sorry :)
<theGoat> quick syslog-ng question.....(can never get anyone in #syslog-ng to respond)  i have a huge list of subnets.  i have a large list of subnets in cidr notation....can i put those into a file, and have syslog-ng read that for the netmask filter?  i don't want to have tp manage them in the syslog-ng config file
<ikonia> the config file format does inlude and "include" directive
<coreycb> zul, ah yeah so I think we need to be careful of bumping deps before they land in upper-constraints (os-brick)
<zul> coreycb: yeah
<zul> coreycb: was a bit overzealous
<coreycb> zul, bug 1638576
<ubottu> bug 1638576 in Cinder "ocata unit test failures with os-brick 1.7.0" [Undecided,New] https://launchpad.net/bugs/1638576
<binia> hi all
<binia> got a slight problem
<binia> by stupid mistake deleted daemon system user from 16.04 server
<binia> well, not me manually
<binia> script i used did
<binia> how can i re add it the right way?
<timeflow> ouch...
<binia> yeah
<binia> already emailed script dev
<binia> my mate used nick daemonfor script to add
<binia> then removed that user and script simply removed damn daemon user from the system
<binia> luckily didnt reboot the server after that
<binia> heh
<timeflow> so what exactly was deleted? can't you just restore /etc/passwd?
<binia> can i just add to etc/passwd and etc/shadow daemon user?
<binia> or is there some commands
<timeflow> i mean don't quote me on this but as far as i know these should be the only files that matter
<timeflow> but better wait for a second opinion on that
<binia> cool, checking goolge meanwhile but cant find much :(
<timeflow> what did the script do exactly? delete the line with deamon from /etc/passwd?
<cpaelzer> you likely want to ensure to get it the same gid/uid it had before which likely was "1"
<cpaelzer> same if you had any group memberships of or to it
<cpaelzer> binia: ^^
<binia> well it first added daemon as normal user, it said that the user exists, so it created home directory, added vsftp login etc
<binia> then my mate wanted to test user removal
<binia> and it did get rid of daemon user from the system
<timeflow> haha oh man ^^
<binia> so deleted from /etc/passwd and /etc/shadow, group all that
<cpaelzer> :-/
<timeflow> restore backup?
<binia> didnt have one
<binia> heh
<cpaelzer> outch
<binia> this server shouldnt be even touched
<timeflow> uuuuh nice ^^
<binia> but from what i see uid was 1 etc for that user
<cpaelzer> binia: you might already be doomed, but in case you want to try to set the assumed old gid is like this: groupadd --system --gid 1 daemon
<binia> as its missing from /etc/passwd
<cpaelzer> similar for the user
<cpaelzer> with uid
<binia> ok will try it
<binia> gonna be scared to reboot it now
<cpaelzer> wait
<cpaelzer> since you have to create the user from scratch
<cpaelzer> only use useradd
<cpaelzer> maybe something like: useradd --system --gid 1 --uid 1 daemon
<cpaelzer> that should autocreate the group for the user
<cpaelzer> and any old ownership on files should match again
<binia> ok let me try
<cpaelzer> but if you had any group member ship it might be lost unrecoverably
<binia> heh useradd command not found
<timeflow> now it's getting interesting
<cpaelzer> binia: would be of package passwd which I thought is always there
<binia> thats a bummer :/
<nacc> binia: um if you're on 16.04 and you don't have passwd; I feel like you're not actually on 16.04
<nacc> binia: or at least not Ubuntu
<nacc> binia: pastebin apt-cache policy passwd?
<timeflow> binia: i'm out. good luck!
<binia> http://i.imgur.com/RHma2F5.png
<binia> nacc^
<nacc> binia: urgh, dpkg -L passwd?
<binia> thats very long
<binia> sec
<nacc> binia: i wonder if the PATH of the user you tried to run useradd was just wrong?
<nacc> binia: try with absolute path (/usr/bin/useradd) and maybe sudo
<binia> http://pastebin.com/MLN2TUHp
<binia> ok will try
<nacc> binia: yeah, so the package does provide /usr/sbin/useradd (sorry wrong path a moment ago!)
<binia> -bash: /usr/sbin/useradd: No such file or directory
<binia> too weird
<nacc> binia: can you manually see if it is present?
<binia> checking
<binia> no it isnt
<nacc> binia: urgh; something rather serious is wrong, I'd think then -- dpkg and your filesystem no longer agree, which means someone manually messed with it?
<nacc> cpaelzer: thoughts?
<binia> thing is it did work just fine few hours ago
<binia> all went crazy after my mate added daemon user and removed it
<nacc> binia: useradd did?
<coreycb> zul, looking at keystone for ocata
<zul> coreycb: its needs a patch for requirements.txt
<zul> its blocking on oslo.config
<coreycb> zul, I see tests are running ok but failing on "install: cannot stat '/<<PKGBUILDDIR>>/httpd/keystone.py': No such file or directory"
<binia> nacc, yeah
<zul> coreycb: huh
<nacc> binia: that's very strange
<nacc> binia: i guess as a quick test you could try reinstalling passwd and see if the binary(s) are back
<binia> ok
<cpaelzer> nacc: sorry was on other screens
 * cpaelzer is reading backlog
<nacc> cpaelzer: np
<nacc> binia: i hope you have backups generally? might be simpler to just restore from a backup if things are this odd -- as I don't know why only one package like this would be in a bad state
<coreycb> zul, yeah so that's just final removal after deprecation
<binia> nope, no backup
<cpaelzer> nacc: he denied having backups before
<binia> didnt manage to do it
<binia> stupid me
<cpaelzer> one more thought on the weird passwd there but not
<binia> tried to reinstall, not working still
<cpaelzer> binia: can you run "dpkg --verify passwd"
<cpaelzer> binia: that should list any files of the package that are not where/as they should be
<binia> nothing listed at all
<cpaelzer> binia: than dpkg finds your useradd where it should be
<cpaelzer> maybe just path ...
<cpaelzer> binia: does "sudo /usr/sbin/useradd --help" work?
<cpaelzer> ah I see above you had that nacc
<cpaelzer> any other deletions by that script we are not yet aware of binia?
<binia> it does work
<nacc> binia: oh sudo does work?
<binia> cpaelzer, the script is in fact seedbox script
<cpaelzer> ok, so on that you can try reestablishing your group and user
<binia> so it shouldnt really mess with system
<binia> the only thing is it managed to remove daemon user when asked
<binia> would think it removed files owned by the user?
<cpaelzer> binia: there is no auto cleanup for that
<cpaelzer> it just seems your path is weird
<binia> oh shit
<binia> useradd worked
<cpaelzer> but if the sudo to useradd works restore your group and user
<cpaelzer> but with the uid/gid magic I listed
<binia> yes
<binia> let me check did it add to files
<binia> daemon:x:1:1::/home/daemon:
<binia> in /etc/passwd
<cpaelzer> binia: so you are maybe good again :-)
<binia> useradd --system --gid 1 --uid 1 daemon
<binia> after that
<binia> thought it should look like this daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin
<cpaelzer> yep the nologin needs to be set
<binia> ok, command or file editing?
<nacc> probably usermod -s /usr/sbin/nologin daemon?
<cpaelzer> or just forc it in with "sudo vipw"
<binia> ok vipw i heard about
<nacc> cpaelzer: good call
<nacc> cpaelzer: easier than figuring out usermod options :)
<binia> ok edited vipw
<binia> can someone show me how it should look with vipw -s please
<binia> i have this daemon:!:17107::::::
<binia> or do i just delete all daemon lines from vipw -s
<binia> ?
<cpaelzer> binia: you can mod that with chage
<cpaelzer> mine looks like "daemon:*:16729:0:99999:7:::"
<cpaelzer> binia: the only meaning ful number is the date you set it which should be fine as you set it to not expire
<binia> trying to get vipw -s daemon line from exactly same server and setup
<binia> just in case
<binia> yeap, you're right cpaelzer
<binia> thanks for your help
<binia> should i be fine now, you think?
<jge> hey all, good morning. What's the difference between default-jre and openjdk-8-jre ?
<nacc> !info default-jre
<ubottu> default-jre (source: java-common (0.57ubuntu1)): Standard Java or Java compatible Runtime. In component main, is optional. Version 2:1.8-57ubuntu1 (yakkety), package size 0 kB, installed size 6 kB
<nacc> !info openjdk-8-jre
<ubottu> openjdk-8-jre (source: openjdk-8): OpenJDK Java runtime, using Hotspot JIT. In component main, is optional. Version 8u102-b14.1-2 (yakkety), package size 69 kB, installed size 251 kB
<nacc> jge: well, openjdk-8-jre is a specific implementation, for one
<nacc> jge: default-jre is a metapackage, i think, that depends on the currently recommended Java RE (currently it's openjdk-8-jre in 16.10)
<jge> nacc: got it, so if I install openjdk-8-jre it grabs default-jre as well since it's a metapackage?
<binia> you think i should reinstall any packages?
<nacc> jge: other way around
<nacc> jge: if you install openjdk-8-jre, you are saying you want specifically version 8 of the OpenJDK JRE
<nacc> jge: if you install default-jre, you're saying, give me whatever is currently the default -- and on upgrades, I keep on wanting to use the default (which might change)
<jge> Ohh I see
<jge> thanks for clarifying nacc
<cpaelzer> binia: you should be good in the degree that most things should work
<binia> nope
<cpaelzer> binia: but good is only true if you start working  on an backup/restore policy asap
<binia> apt-get update && apt-get upgrade gives dpkg-preconfigure error
<cpaelzer> yay - this gets more and more complex
<cpaelzer> binia: I hope the one that gave you the script had bedded a few pardons to you already
<cpaelzer> binia: we might run out of ideas, but feel free to pastebinit the error
<binia> he's still asleep
<binia> that bastard
<nacc> heh
<cpaelzer> s/insult/compensation/gc
<binia> geezus, might have to get another server and rsync users directories then reinstall
<binia> g'damn 280 gbp server :/
<binia> what if i spin off a kvm, install 16.04 and rsync /bin /usr/bin and /usr/sbin
<cpaelzer> binia: IMHO everything else than fixing up with useradd/vipw/vigr will have even higher potential to make it worse
<cpaelzer> binia: the effect of syncing in will be to drop every group/user setup that is different which I think already makes it worse
<binia> what if i sync only missing files?
<cpaelzer> binia: sync up the daemon lines like that in vipw/vigr if you want, but that should be what you already have
<binia> what if i get dpkg working manually trying to reinstall it
<nchambers> hey guys. setting up my .bashrc. what is the advantage and/or point of lesspipe and debian_chroot?
<sarnold> nchambers: debian_chroot makes using schroot with different releases very much nicer
<nchambers> hmm ok
<sarnold> $ schroot -u sarnold -c trusty-amd64
<sarnold> (trusty-amd64)sarnold@hunt:~$
<sarnold> lesspipe sets up some environment variables that change how less works
<temmi_hoo> on 15.04 how do i find out which block device the freshly inserted usb stick is? dmesg says usb 1-2
<temmi_hoo> i would like to dd onto that and am at loss currently
<temmi_hoo> it might be mounted but the mount command does not indicate that is he case
<binia> cpaelzer, seems i fixed it :d
 * binia drops the mic
<binia> heh
<sarnold> temmi_hoo: look for /dev/disk/by-id/ or /dev/disk/by-path/ to find the device node
<temmi_hoo> dev disk by id shows only ata devices and there is no disk by path
<temmi_hoo> ls /dev/s* shows sda sda[125] sg0 sg1 snapshot sr0 and std(in|err|out)
<temmi_hoo> am typing on a pad so sorry for shortening stuff
<sarnold> are you sure that usb device supports mass storage?
<temmi_hoo> it is a usb flash stick
<sarnold> does it work on other systems? maybe it's dead
<temmi_hoo> mounta on a windows machine but i cannot dd the install media on that as that requires admin password i lack
<temmi_hoo> mounts
<beisner> coreycb, delayed pong.  still need to scoot mistral and neutron to newton-proposed?
<coreycb> beisner, yessir, please
<beisner> coreycb, ok mistral + neutron promoted to newton-proposed re:
<beisner> https://bugs.launchpad.net/ubuntu/+source/mistral/+bug/1634475
<ubottu> Launchpad bug 1634475 in mistral (Ubuntu Yakkety) "[SRU] Files missing from package" [Undecided,Fix committed]
<beisner> and https://bugs.launchpad.net/ubuntu/+source/neutron/+bug/1635369
<ubottu> Launchpad bug 1635369 in neutron (Ubuntu Xenial) "[SRU] Syntax error 'type' in neutron-openvswitch-agent.neutron-ovs-cleanup.service.in" [Undecided,New]
<coreycb> beisner, thanks appreciate it
<beisner> yw co
<beisner> yw coreycb
<ddellav> coreycb zul are you guys having  issues building in zesty for ocata? I was able to do it fine yesterday but it's been failing on package resolution all day today.
<zul> ddellav: yep
<temmi_hoo> okay it seems usb-storage kernel module is not loaded and for some reason the /lib/modules is not populated
<temmi_hoo> explains lack of /dev/sdb
<jancoow> Hi. For some reason i can't update owncloud: http://download.owncloud.org/download/repositories/9.0/Ubuntu_16.04  Release.gpg The following signatures couldn't be verified because the public key is not available:NO_PUBKEY 47AE7F72479BC94B
<sarnold> jancoow: if you completely trust that key's owner with root on your computer, feel free to install their key into your /etc/apt/trusted.gpg.d
<sarnold> sadly the instructions on how to do that are all over the place; the apt-key manpage shows how to add the key to your /etc/apt/trusted.gpg file, but that makes it a lot harder to remove them eventually
<jancoow> sarnold: well, no. I want a trusty source for owncloud
<sarnold> jancoow: the owncloud team didn't want to keep distro versions updated, so they asked dstros to delete their packages
<jancoow> sarnold: wut 0.o . That doesn't make sense. What should be the best way for me now?
<sarnold> jancoow: downloading the package from their repository, as you were trying to do, is the thing to do if you trust them with root on your system
<sarnold> jancoow: maybe there's a "snap package" available, in case you don't trust them with root
<DK2> hello im trying to connect to a ubuntu machine via ssh
<DK2> it hangs at
<DK2> debug1: Connection established.
<DK2> debug1: permanently_set_uid: 0/0
<DK2> debug1: identity file /root/.ssh/identity type -1
<DK2> debug1: identity file /root/.ssh/id_rsa type -1
<DK2> debug1: identity file /root/.ssh/id_dsa type -1
<DK2> what could be the cause?
<nacc> DK2: why are you ssh'ing as root?
<DK2> im trying to get access back to the machine
<DK2> im usually logging in with my user, but this box is not included into our puppet yet
<DK2> however, the ssh connection wont go further than that
<nacc> DK2: does it allow ssh by root?
<sarnold> I'd really hope you'd get an error message of some sort back
<nacc> sarnold: good point ...
<nacc> DK2: what is the actaul error you get, or is it hanging there?
<sarnold> I've seen more than one bug report mention that changing the mtu fixes ssh logins. :/ I've always hated those, it doesn't feel like it makes sense
<DK2> its just hanging there
<DK2> for decades
<DK2> well not decades, but i have it running for 5 minutes now
<sarnold> very nearly a decade :)
<DK2> well, #openssh says it because the server doesnt send the ssh banner
<DK2> so i guess the sshd of the server is kind of broken
<sarnold> interesting; nc or telnet could confirm/deny that quickly anyway
<DK2> which nc switches should i use when testing?
<sarnold> I'd just nc host 22   and see if it spits out a banner eventually
<arooni> i have a ubuntu 14.04 server running a few wordpress sites; wondering what the advantage/disadvantage of upgrading to 16.04 would be?
<sarnold> arooni: does wordpress work on php7?
<cdorsal> I am trying to listen to all incoming UDP traffic from a windows system on the same subnet as my ubuntu system, but nothing appears in wireshark or tcpdump. If I listen using another windows system, I have no issues.
<cdorsal> I have tried using promisc mode on eth0, played with iptables, pimd, smcroute and all I have been able to do is send a udp packet to the target IP address, which is not what I want to do
<sarnold> does the switch know to also send the packets to your switch port?
<sarnold> sometimes you can configure a specific port as a 'span port'
<sarnold> which gets everything
<cdorsal> there's no switch in between my windows system and my ubuntu system
<sarnold> ahh so they're directly connected?
<cdorsal> correct
<cdorsal> *crickets*
<sarnold> cdorsal: *maybe* http://tldp.org/HOWTO/Adv-Routing-HOWTO/lartc.kernel.rpf.html
<sarnold> it doesn't exactly sound like your issue
<sarnold> but it's the next best guess I've got
<cdorsal> I'll take a look
<cdorsal> that looks like it might make it worse, but I'll try it now
<sarnold> hahaha
<sarnold> could be, could be..
<cdorsal> sarnold, it did not work
<cdorsal> :(
<sarnold> cdorsal: hrm :(
<cdorsal> I'm sort of surprised this is so hard to do in ubuntu
<cdorsal> I am trying to listen to all incoming UDP traffic from a windows system on the same subnet as my ubuntu system, but nothing appears in wireshark or tcpdump. If I listen using another windows system, I have no issues.
<cdorsal> I have tried using promisc mode on eth0, played with iptables, pimd, smcroute and all I have been able to do is send a udp packet to the target IP address, which is not what I want to do
<cdorsal> this IRC is not nearly as helpful as the others, bummer
<nacc> cdorsal: this is volunteer driven support; be patient
<cdorsal> @nacc you helped me with an AP problem a month ago!
<cdorsal> (many thanks)
<nacc> cdorsal: heh, could be; have no recollection :)
<tomreyn> cdorsal: more people might feel inclined to help if they could see how you are testing
<tomreyn> like, what do you do on the windows side to create / send the apckets, and how do you try to capture them on the receiving end (ubuntu)
<tomreyn> show commands run, output generated, optionally packet dumps.
<tomreyn> also discuss ubuntu release + patch level + active kernel version
<sarnold> hmm that reminded me, https://github.com/nmap/nmap/issues/34
<sarnold> dunno if it's related or not
#ubuntu-server 2016-11-03
<cncr04s> is there any way to force a resync of a new drive to the other partner in the raid1 array, that throws IO read errors on blocks that don't really matter. Ive tried copying the partition to the new drive, but I can't get it to add as a clean drive, it always starts to sync, then fails due to IO errors. I want to ignore these errors, I fan fix those missing sectors later
<tomreyn> cncr04s: http://unix.stackexchange.com/questions/42277/linux-repairing-bad-blocks-on-a-raid1-array-with-gpt
<tomreyn> but you really should replace the disks
<CodeMouse92> Every so often, when I'm working with PHPldapadmin, it crashes Apache2 quietly. As in...nothing in the error log, but Apache2 just stops listening on port 80.
<cncr04s> i replaced one
<cncr04s> but the second is bad too
<CodeMouse92> Even if I restart Apache2, that's the case. I have to restart the computer to fix it. What's going on?
<tomreyn> cncr04s: experimenting with badblocks, if anywhere, only makes sense where the 1h wage of trained it staff is several magnitudes lower than that of a new drive.
<tomreyn> cncr04s: to create an exact copy of one of your previous raid members use dd_rescue
<cncr04s> can I just add sda3 to a whole new array, with a missing disk, It's the / partition not the /boot. so I just need to update fstab in that case for / being the new array. I would just copy the filesystem from the old array to the new one if I need to, and in theory it should just have a new clean array with the filedata. This is what I'm trying next
<cncr04s> do I need to clear anything on sda3 in this case? superblock?
<CodeMouse92> Answering my own question...mod_evasive was doing its job. Because of how PHPldapadmin works, it exceeded 2 page requests a second. I whitelisted my internal network and raised the DOSPageRequest number.
<CodeMouse92> Will a user crontab run its @reboot on reboot if it isn't logged in?
<patdk-lap> will a user crontab run if the user isn't logged in?
<CodeMouse92> That's what I said, yeah :)
<Seveas> yes, crontabs don't need the user to be logged in [*]
<Seveas> [*]unless the user has an encrypted homedir and the cronjob uses things in said homedir. Then the cronjob will still run, but obviously fail.
<rbasak> cpaelzer: the dovecot retest on armhf didn't work. I can request again because it is intermittent. But we should probably fix that.
<rbasak> I'm pretty sure it's a race.
<cpaelzer> rbasak: I'm pretty sure as well as none in that particular test is arch specific
<cpaelzer> rbasak: But while I fixed the test to work on last merge I never was really deep into it (only fixed stuff on the surface)
<cpaelzer> rbasak: so I guess it is nothing to "just do in 5 min" especially that we need a portbox or such and to hit the transient case to analyze
<cpaelzer> rbasak: would you open a bug and copy-attach the failing log?
<cpaelzer> rbasak: one more for the backlog I guess
<rbasak> cpaelzer: will do.
<cpaelzer> rbasak: thanks
<rbasak> cpaelzer: bug 1638865.
<ubottu> bug 1638865 in dovecot (Ubuntu) "dovecot dep8 tests intermittently fail on armhf" [Medium,Triaged] https://launchpad.net/bugs/1638865
<cpaelzer> thanks
<haasn> What's the proper way to set up macvlan interfaces via /etc/network/interfaces? The hack I'm doing right now is like this: https://0x0.st/2-V.txt but the problem is that since `ip link add` gets run dynamically, it gets a different MAC address every time. I _could_ hardcode a MAC using `hwaddress ether ...` as well, but this all seems like a hack. Is there a better way to statically attach multiple
<haasn> macvlan interfaces to a single physical interface?
<powersj> cpaelzer: around?
<cpaelzer> powersj: whats up?
<powersj> cpaelzer: I got the two added qemu/live migration runs added, I was going to ask for names, but figured it out.
<cpaelzer> powersj: that was what I added before the commands
<cpaelzer> powersj: but eventually it is just names - make sure we recognize what it is all else isn't important
<powersj> ok, I did change them slightly just to keep things consistent sort of
<cpaelzer> yeah I'm good with that
<rbasak> stgraber: I get "rror: Error opening startup config file: "loading config file for the container failed"" when trying to get into a zesty container on zesty. Any ideas? http://paste.ubuntu.com/23420414/
<rbasak> I don't see anything obvious in /var/log/lxd/
<rbasak> stgraber: I fixed it. I tried downgrading lxd, but that failed with a gazillion missing libgolang dependencies, so I gave up and "sudo apt-get -f install" to restore lxd and lxd-client back to 2.5-0ubuntu1. Now it works. So some kind of upgrade path problem? diglett is set to unattended-upgrades everything.
<coreycb> zul, I'm kicking a bunch of rebuilds off in ocata CI
<zul> coreycb: k good luck :)
<zul> coreycb: starting to look at autopkgtest
<coreycb> zul, ok
<coreycb> zul, i'm working through heat and trove
<zul> coreycb: is stuff building again?
<coreycb> zul, yeah
<zul> coreycb: cool
<theGoat> is there a way to tell whether ubuntu has booted via systemd or booted via upstart?
<zul> coreycb: i got keystone
<coreycb> zul, thanks
<coreycb> theGoat, pid 1 should be systemd
<coreycb> if running with systemd
<theGoat> ok, tks.
<theGoat> on another issue.  ever since i upgraded to 16.04, i can't open any files on my nfs mounts.  on the server side all i get is : lockd: cannot monitor <client> and on the client side i get "no locks available"
<theGoat> been fighting it for a week.  not sure where to go next
<cpaelzer> theGoat: my NFS worked just fine through the same upgrade - any special lock related mount options in place?
<cpaelzer> theGoat: I had all sort of tuning in the past but realized I didn't need it so these days I only have "rw,user,noauto"
<theGoat> here is an example from my exports: /dumping_ground/software           192.168.101.170(rw,sync,no_root_squash,no_subtree_check,insecure
 * cpaelzer needs to do a few logins to comapre
<theGoat> i have even tried nolocks and locallocks on the client side...no luck
<cpaelzer> I'm down to (rw,no_subtree_check) these days, but nothing in your config seems wrong to me atm
<cpaelzer> hmm
<cpaelzer> theGoat: might this help you ? http://sophiedogg.com/lockd-and-statd-nfs-errors/
<cpaelzer> na I think that is suprt old or some other way not applicable
<cpaelzer> ah well I found the dirs on my nfs server
<cpaelzer> thou tey are empty
<theGoat> cpaelzer:  following that doc....there doesn't seem to be a service labeled nfslock
<cpaelzer> theGoat: true might have a slightly different name or is not appliacble here
 * cpaelzer is checking
<cpaelzer> I seem to have rpcbind, nfs-kernel-server, nfs-server, nfs-config and nfs-mountd running
<cpaelzer> theGoat: I'm sure there are dependencies solving most and you only have to stop/start a few, but I don't know which ones without going deeper
<theGoat> yeah, i have tried just about anything....it's a test box, so i am half tempted to whack it and go back to 14.04 or something like that
<cpaelzer> theGoat: if it is a test box try if just stopping all of the services, then cleaning that dir and rebooting gets you working
<cpaelzer> theGoat: if you do  not insist on any of the export options I't also remove some like sync
<theGoat> cpaelzer: something like this: /dumping_ground/software           192.168.101.170(rw,no_root_squash,no_subtree_check,insecure)
<cpaelzer> yeah, I don't know about insecure but it sounds insecure :-)
<cpaelzer> the two others should be good I tihnk
<theGoat> and i noticed i only have one lockd process running
<cpaelzer> theGoat: if you haven't stopped the services yet (por later if the probelm persists)
<cpaelzer> you can look at
<cpaelzer> rpcinfo -p localhost
<cpaelzer> and
<cpaelzer> rpcinfo -u localhost nlockmgr
<cpaelzer> theGoat: http://serverfault.com/questions/188918/problem-with-nfs-server-lockd-timing-out-on-debian-linux
<cpaelzer> but they end up with the same solution
<Braven> Does anyone here use maas
<DK2> how safe is a upgrade from ubuntu 10.4 to 16.4?
<ogra_> while it should be safe it will definitely be painful
<ogra_> you cant do a direct upgrade but need to go from one LTS to the next in steps
<ogra_> i.e.: 10.04 -> 12.04 -> 14.04 -> 16.04
<DK2> so a release upgrade will jump to 12.04 first automatically?
<ogra_> 10.04 is EOL already ... so for the first hop you need to follow https://help.ubuntu.com/community/EOLUpgrades/
<ogra_> all subsequent ones should just work via do-release-upgrade
<codedmart> If I made a change to a file in /etc/init.d/ do I need to run any command for the changes to take effect and/or be read/used?
<zul> coreycb: doesnt help no binaries have been published yet for a dep when you do a jenkins run
<coreycb> zul, is CI not publishing to the testing ppa?
<zul> coreycb: nah oslo.config ftbfs yesterday and yadda yadda
<coreycb> zul, yeah a ftbfs would cause binaries to not be published
<zul> coreycb: ass
 * coreycb laughs
<stgraber> rbasak: yeah, we've seen two reports of that before. Best guess right now is that in some cases the lxd daemon isn't respawned on upgrade causing that error when forkexec is invoked
<coreycb> ddellav, zul: working on swift
<ddellav> coreycb ack
<zul> coreycb: dep just needs to be backported
<coreycb> zul, pyeclib?
<coreycb> zul, ah yeah, did you kick that off?
<ddellav> coreycb zul anyone working on heat?
<coreycb> ddellav, I think it may have issues with oslo.config 3.19.0.  I think we can hold off on heat until 3.19.0 is in upper-constraints.
<ddellav> coreycb ok
<zul> coreycb:  yes
<ddellav> coreycb zul fwiw i ran through keystone before i knew zul was working on it. Getting test failures complaining about oslo.config 3.18 conflicting with requirements.txt. I updated the sbuild and it is using proposed so not sure whats up with that
<coreycb> ddellav, this should get you into the chroot if you want to poke around 'schroot -c zesty-amd64 -u root'
<ddellav> coreycb yea, i've got that in my notes, i am inside the schroot but i see that 3.19 is installed. I'm not sure why the tests are complaining about 3.18
<coreycb> ddellav, d/control may need to be updated to >= 3.19.0
<coreycb> ddellav, since 3.19.0 is in zesty-proposed and 3.18.0 is in zesty
<ddellav> coreycb ok. zul did you finish keystone?
<zul> coreycb: not yet still failing
<coreycb> zul, ddellav ^
<ddellav> coreycb zul ack
<ddellav> coreycb I'm getting that version number issue like with cinder on keystone
<ddellav> now that i fixed the oslo.config
<ddellav> only 1 test failed
<ddellav> heh :)
<ddellav> ValueError: Unknown remainder ['0dev253'] in '10.0.0.0rc2.0dev253'
<coreycb> ddellav, zul: I just pushed an update for PBR_VERSION to cinder that fixes the unknown remainder issue
<zul> coreycb: cool
<ddellav> coreycb excellent. Perhaps thats needed for keystone as well
<zul> coreycb: heads up https://review.openstack.org/#/c/393344/
<coreycb> zul, aha
<skylite_> how can I use rsyslogd to separate all my logs? Why is there only local0-7 how whould that be enough if I want to separate more than seven service logs?
<sarnold> having only seven local services is a holdover from the 70s or something similarly ancient, back when it was hard to imagine even their huge 4 megabyte memory machines from running more than eight services
<skylite_> but thats really it? I would have to work it out with 7?:D I tought Im missing something
<skylite_> maybe I'll try to use fluentd is that more suitable for this?
<sarnold> depends upon what you're doing; most linux distributions (except gentoo?) are moving to systemd family of services, including the systemd journal
<sarnold> but for your own services perhaps fluent or ELK stack or whatever else might be more appropriate
<skylite_> sarnold: Im not familiar with journal but I fould that its loosing all the logs after a reboot ? Â¯\(Â°_o)/Â¯
<skylite_> *found
<skylite_> also I dont really like the idea of binary logs I would be happy with simple text files
<jathan> Hello ubuntu-server. Is there is something similar to Kickstart for CentOS and RedHat scenarios, but for doing this (as automatic installations and system configiguration) with Ubuntu Server 16.06 please?
<jathan> I need to set up an Ubuntu Server 16.04 script with hardening based in the CIS Benchmark.
<sarnold> jathan: native is debian preseed files; also possible are cloud-init scripts, FAI (fully automated installer), maybe MAAS ...
<jathan> sarnold: Thanks a lot! So instead of use a kickstart file for Ubuntu Server like this https://gist.github.com/vrillusions/d292953ff9bc0e2041d9 I can use FAI and create the neccesary content? Do you know if I need to do that manually (writing a new script) through a GUI or are there some FAI templates to create Ubuntu Server machines?
<sarnold> jathan: I've not used FAI myself, I just know that some of the regulars here have used it; it's packaged in the archive, so hopefully there's some good starting points also packaged
<marxjohnson> I'm running 16.04 on my home server, and dnsmasq keeps dying.  Can anyone suggest how I might track down why?
<compdoc> mysql kept dying on mine. turns out an update to v5.7 stopped using my.conf, and needed mysql.conf. it would start and run, but then die after 24 hours or so
<tomreyn> marxjohnson: start with: sudo service dnsmasq status
<tomreyn> (after it failed)
<tomreyn> other than that you could enable core dumps to file and analyze those with gdb to get a backtrace.
<sarnold> is there any information in the logs when it happens?
<marxjohnson> tomreyn: thanks, I'll look at that next time it p
<marxjohnson> dies
<marxjohnson> sarnold: which logs should I be looking at?
<tomreyn> in case it doesn't die but just freezes, you can make gdb attach to the (running) process to get a backtrace: PID=`cat /var/run/dnsmasq/dnsmasq.pid`; sudo gdb -q -n -p $PID -ex 'bt' -batch
<sarnold> marxjohnson: auditd logs if you have those, dmesg, syslog, dhcp logs..
#ubuntu-server 2016-11-04
<med_> smoser, I
<med_> smoser, I'm glad you finally got your cubswin:)
<med_> for cirros and yourself.
<smoser> med_, https://git.launchpad.net/cirros/commit/?id=9a7c371ef329cf78f256d0a5a8f475d9c57f5477
<smoser> 0.4 series will include a new password. i would never do something like that just for fun, as it definitely causes pain
<med_> xlnt!!!
<smoser> but bug 1454144 seemed legit for people.
<ubottu> bug 1454144 in CirrOS "Default password should use alphanumeric chars" [Low,Fix committed] https://launchpad.net/bugs/1454144
<sarnold> fun :)
 * med_ was actually using cirros when he posted above... validating some metadata service changes in openstack
<arooni> hey everyone
<CodeMouse92> I'm going a little crazy, and hoping someone can help. I am using Phabricator, and it's sending a POST request to somewhere else. That works fine with HTTP, but when it tries to do the same with the HTTPS URL (which I confirmed works and has a valid cert), it returns "HTTP 60" in head. What is going on?
<RoyK> CodeMouse92: bhat's not really related to ubuntu - I guess the same issue should arise on other platforms as well
<CodeMouse92> RoyK: Okay, well, I thought I'd ask somewhere where people knew this stuff well. Anyway, I'm just working around it for now.
<RoyK> try #Phabricator
<CodeMouse92> RoyK: Was already there
<CodeMouse92> Thanks for the help. Heading out
<sat_> Hi, does anyone here have experience with LVM2 and dm-cache on 16.04?
<sat_> I tried to set it up on 14.04 and it works with: â  ~ sudo lvconvert --type cache-pool --poolmetadata vgc/lvc_meta vgc/lvc
<sat_> But the same thing on 16.04 complains about missing dm-cache kernel module
<sat_> â  ~ sudo lvconvert --type cache-pool --poolmetadata vgc/lvc_meta vgc/lvc modprobe: FATAL: Module dm-cache not found in directory /lib/modules/4.4.0-45-generic   /sbin/modprobe failed: 1   Failed to determine version of cache kernel module
<sat_> And indeed the kernel module is nowhere in the system
<sat_> nobody? ^^
<ducasse> sat_: (following up from #ubuntu) those modules are present on my install.
<ducasse> sat_: /lib/modules/4.8.0-26-generic/kernel/drivers/md/dm-cache.ko
<sat_> ducasse: oh, you have a newer kernel
<ducasse> sat_: sorry, this is 16.10...
<sat_> ls -l /lib/modules/*-generic/kernel/drivers/md/dm-cache.ko  zsh: no matches found: /lib/modules/*-generic/kernel/drivers/md/dm-cache.ko
<ducasse> sat_: let me check my 16.04 host...
<ducasse> sat_: /lib/modules/4.4.0-45-generic/kernel/drivers/md/dm-cache.ko
<ducasse> sat_: from linux-image-4.4.0-45-generic
<sat_> damn... I know it should be there, but for some reason it's not
<ducasse> sat_: reinstall the package?
<sat_> yeah, I'm trying that now (I think I already did that) and I definitely reinstalled -extras
<sat_> oh, it's there now
<sat_> very very strange
<sat_> ducasse: thanks a lot!
<ducasse> sat_: np :)
<zioproto> coreycb: hey there ! the neutron namespace patch is merged :)
<zioproto> coreycb: I have seen the cherry picks
<zioproto> I dont they will not accept the cherry pick in MItaka
<zioproto> because it is not security related
<zioproto> should I refresh my ubuntu merge request ??
<zioproto> or you guys have this patch in the radar for a wider set of ubuntu ditributions ?
<zioproto> because I can test only trusty/liberty
<ben911> Hello, I am trying to install ubuntu server 16.04 on supermicro server (UEFI mode due to nvme drives not visible for legacy boot), booting a single drive works fine but I wish to configure everything with raid-1 like I used to do in the old MBR bootable machines.
<ben911> For some reason I can only see the first nvme drive in the installer
<ben911> cat /proc/partitions shows the other nvme device
<ben911> I thought about trying to manually configure everything but the installer environment doesn't have any partition tools that I could find (fdisk/cfdisk/parted)
<ben911> Any idea what's wrong with the installer and how come it sees only 1 drive?
<ben911> Anyone around?
<zul> coreycb: yeah i got a better way of doing this
<coreycb> zul, ok let me know what you are thinking
<coreycb> zioproto, I figured I'd at least attempt to get the mitaka one merged. yes please refresh your merge request.
<zul> coreycb: its like having a template conf, generating the sample config and then using sed
<coreycb> zioproto, I'll work on the mitaka and newton package updates to cherry pick the patch
<coreycb> zul, so, using sed instead of patch?
<zul> coreycb: yeah
<ben911> Has anyone ever encountered a case in which partman doesn't see one of the drives?
<ben911> (during installation)
<coreycb> zul, that seems just as fragile or even more fragile than using patch
<zul> coreycb: well no lemme show you
<coreycb> zul, patching nova/common/config.py appears to be the right way to do this
<zioproto> coreycb: I reworked the patch for Liberty, compiling ubuntu packages just now
<coreycb> zul, the only issue is that the defaults you set in that file appear to show up commented in the generated config
<zul> coreycb: yeah thats where the sed stuff comes in
<zul> coreycb: something like this as well paste.ubuntu.com/23425973/
<zul> coreycb: but you would still need the wrapper
<zul> coreycb: patching the sample configuration is juet crazy maintenance wise
<coreycb> zul, that approach makes sense, although we may also need to patch nova/common/config.py for options not in the nova namespace
<coreycb> not sure what you mean by wrapper though
<zul> coreycb:small shell script modifies the nova.conf.sample basically
<ddellav> zul coreycb you guys talking about upstream configs for nova?
<zul> ddellav: yes
<coreycb> zul, ok let me know when you're done, curious to see it
<zul> coreycb: yep yep...
<coreycb> zul, seems like the generator or apis should allow you to expose a config option though instead of leaving the default commented out
<ddellav> zul me too. I could never figure out what to do for nova so I left it for last
<zul> coreycb: you should be able to, i guess no one has asked for it
<zul> coreycb: btw the virtio flag isnt needed anymore its default
<coreycb> zul, ok
<zioproto> coreycb: https://code.launchpad.net/~zioproto/ubuntu/+source/neutron/+git/neutron/+merge/309457
<zioproto> I pushed the new patch for Liberty
<zioproto> reworked on the one that was merged upstream
<zioproto> I have to go, see you guys monday
<zioproto> Weekend is starting here in Europe :)
<coreycb> zioproto, thanks!  little bit of a backlog on neutron srus right now but next week hopefully we can get newton and mitaka patches sru'd and then liberty.
<zioproto> noproblem
<zioproto> I have already patched packages in production
<zioproto> so I am running safe
<zioproto> just make sure you dont drop this patch at the next package upgrade
<zioproto> or my cloud will break :)
<zioproto> now I am really leaving ! have a good weekend everyone
<fuzzywuzzy> Who should own /var/log/apache2 ?
<fuzzywuzzy> If I created a user, added them to adm and gave them SUDO why would they not be able to read apache2 logs?
<fuzzywuzzy> Ooooh, its www-data:www-data
<fuzzywuzzy> Wow... its quite in here
<sarnold> fuzzywuzzy: I think apache suffers from the same problem as https://www.ubuntu.com/usn/usn-3114-1/
<fuzzywuzzy> sarnold, What do you mean?
<fuzzywuzzy> sarnold, Does apache have the same vuln?
<sarnold> fuzzywuzzy: I can't recall now; but if apache is writing the logs as www-data:www-data then at least it can't overwrite important root-owned files
<teward> sarnold: erm, I think Apache handles file opening differently than nginx
<teward> 3114-1 was nginx-specific
<sarnold> teward: lets hope so :)
<teward> and specific to the way the packaging is permissions wise vs. how nginx handles files
<teward> sarnold: you should have a very *lengthy* email chain on this
<sarnold> teward: because it was lengthy is why I can't recall the details :)
<teward> sarnold: see the other channel for a 'poke'
<fuzzywuzzy> sarnold, so /var/log/apache2/ should be www-data:www-data?
<sarnold> fuzzywuzzy: yeah, I think so.
<fuzzywuzzy> So should I add this non-root user to www-data too?
<fuzzywuzzy> or just use sudo su to view the logs in apache2
<sarnold> if you want them to have access to the web server too, yeah
<fuzzywuzzy> sarnold, Thanks I will do that
<fuzzywuzzy> Can anyone recommend a good supported HID like Lynis for a very small install (2 servers)?
<genii> !info lynis
<ubottu> lynis (source: lynis): security auditing tool for Unix based systems. In component universe, is optional. Version 2.3.2-1 (yakkety), package size 161 kB, installed size 1221 kB
<genii> hm
<fuzzywuzzy> genii, I'm looking for something commercially supported. Like Lynis enterprise.  Not the FOSS versions
<fuzzywuzzy> Oh dear, Stallman is gonna strike me down. =P
<genii> fuzzywuzzy: I've never used it myself, but UpGuard seems to have solid reviews and has 3 tiers from free to enterprise
<fuzzywuzzy> genii, Gracias I will check it out
<genii> np
<CodeMouse92> Hey gang, if I have a duplicity server backup encrypted with GPG, is it enough to retain just the password for restoring to a fresh server if this one dies?
<CodeMouse92> Or do I have to be concerned with storing the key somewhere>
#ubuntu-server 2016-11-05
<tomreyn> CodeMouse92: you will need both, passphrase and (private) key.
<CodeMouse92> tomreyn: Ick, okay, so not a good fit if I am making a backup for restoring from bare metal
<CodeMouse92> I only have one server, and I need to back things up so I can restore to a new server (after I have the appropriate things installed)
<tomreyn> key files are small, you can easily download them and upload them if needed. or you could store them next to the backup (that's not too wise, but if the passphrase is strong, i guess it works, too, and maybe that's how duplicity does it by default, not sure)
<tomreyn> bottom line: i don't think it rules out using duplicity with just one server (as long as you have a separate backup space, which you will need anyway).
<CodeMouse92> Okay.
<CodeMouse92> Another unrelated question...apache2 is giving me royal fits.
<CodeMouse92> I have Owncloud installed, and in owncloud.conf, I define `<VirtualHost owncloud.mysite.com>` and `ServerName owncloud.mysite.com`...
<CodeMouse92> In one of my sites, I have defined `<VirtualHost *:443>`.
<CodeMouse92> Yet, owncloud appears to 'trump' the default site
<CodeMouse92> That is, going to mysite.com opens up the directory for OWNCLOUD, not the document root I define
<CodeMouse92> The only way around this is to define the other site as `<VirtualHost mysite.com:443>`
<CodeMouse92> What is going on?
<CodeMouse92> (Correction...owncloud.conf is `<VirtualHost owncloud.mysite.com:443>`)
<CodeMouse92> Problem solved.
<vbotka> CodeMouse92, check DocumentRoot for each site.
<vbotka> CodeMouse92, not SNI enabled browsers will have problems
<vbotka> https://en.wikipedia.org/wiki/Server_Name_Indication
<fishcooker> is it ok to reboot this server when i get the error output about deps like this https://bpaste.net/show/966735ff6992 if i have this list of installed package https://bpaste.net/show/a1e06172eda9?
<Seveas> fishcooker: that sounds like a bad idea
<Seveas> fishcooker: sudo dpkg --configure -a
<mp3pulse> Good evening
<DarthEaron> hi everyone! im using 16.10 server to build an offline repo using apt mirror for 16.04 and 16.10 desktop clients. my mirror.list shows sources for xenial already. my sources.list file shows sources for 16.10 (yakkity ). could i just use     cat /etc/apt/sources.list | grep -v "#" >> /etc/apt/mirror.list     to add in the downlaods for 16.10? i have already started apt-mirror downloading 16.04 before ive ran that command
<erick3k> hi
<erick3k> is anyone here?
<DarthEaron> yeah i am
<erick3k> cool
<erick3k> i need help maybe someone knows
<erick3k> i need routed network on ubuntu with the command post-up however upon runing cloud-init this command gets deleted on /etc/network/interfaces. Is there any other place to put post-up route instead of /etc/network/interfaces?
<erick3k> like on centos
<erick3k> you can add route-eth0
<DarthEaron> erick3k, i wish i knew more but i dont
<DarthEaron> erick3k, i find it confusing  how quiet irc is sometimes even with a lot of users logged in.
<erick3k> darthearon thanks
<erick3k> i need routed network on ubuntu with the command post-up however upon runing cloud-init this command gets deleted on /etc/network/interfaces. Is there any other place to put post-up route instead of /etc/network/interfaces?
<erick3k> Hi, i need routed network on ubuntu with the command post-up however upon runing cloud-init this command gets deleted on /etc/network/interfaces. Is there any other place to put post-up route instead of /etc/network/interfaces?
<Amgine> Can a server reasonably use an encrypted LVM? how does it reboot?
<ikonia> the same way as any other boot process
<Amgine> iow: someone has to type in the passphrase.
<ikonia> no
<ikonia> it depends how you encrypt
<ikonia> but there will have to be some interaction, either with a "key" or the enter of a pass phrase to unlock, or it would be worthless
<ikonia> the other option is to only encyrpt what you need
<ikonia> rather than the whole of the disk
<ikonia> eg: just encyrpt the volumes you need
<Amgine> <hmms> Thanks for the answers.
#ubuntu-server 2016-11-06
<xibalba> stupid question, but how do i change the from address of my root user? I'm forwarding it's incoming mail to my account and it just comes through as 'root@shell'
<wolflarson> xibalba: $man aliases
<wolflarson> do snaps run as root?
<RoyK> !snaps
<RoyK> snaps?
<ogra_> schnaps !
<ogra_> wolflarson, services in snaps always run as root, yes ... (simple exectuables run as the user who execs them as usual) ... there is also #snappy btw
<wolflarson> thanks ogra_ i'll ask more questions there.
<sypher> So, somehow, the dpkg configuration screen for a package got launched outside of an active terminal. How can I get into that screen or otherwise respond to it?
<CtrlC> What's the difference between -d and --to-destination options exactly in iptable command? I can't find --to-destination in the man page.
<Walex> CtrlC: #Netfilter is usually better for questions about 'iptables'.
<CtrlC> Walex, Thank you. it got solved. Forgot to mention it here.
#ubuntu-server 2017-10-30
<berglh> can anyone tell me how to update the ulimit for nofiles (soft/hard) for a non-root user on ubuntu 17.10 without restarting the whole server? when i edit /etc/security/limist.conf and /etc/systemd/user|system.conf and set the nofiles limits, then logout of the box and back on, the new settings for the user don't take effect. am i missing something?
<chamar> join #go-nuts
<lordievader> Good morning
<jancoow> Hi. I'm running a ubuntu server for several years now. I've a feeling that the performance of my fileserver is going down. I've like ~10 harddisk inside it and I'm using greyhole. I wanna know from each disk if they have some problems etc.
<jancoow> how can I do this the best
<jancoow> I don't get all the SMART information and I've no clue if the tests are up-to-data
<hateball> jancoow: if they support S.M.A.R.T, query with smartctl
<jancoow> yeah all of them have smart
<jancoow> hateball: could you maybe help me a bit further? :)
<jancoow> I just wanna make sure everything is all right :)
<jancoow> Maybe my samba configuration is just wrong;
<hateball> jancoow: pastebin your smartctl output and I can have a look
<jancoow> hateball: do you want individuel pastebins for each drive?
<jancoow> hateball: hdd1: https://jancokock.me/f/49c53 hdd2: https://jancokock.me/f/1377e hdd3: https://jancokock.me/f/de675 hdd4: https://jancokock.me/f/9b81b hdd5: https://jancokock.me/f/70c46 hdd6:  https://jancokock.me/f/e4ef3 hdd7: https://jancokock.me/f/8a5e5
<rbasak> jancoow: if ext4 then "e4defrag -c ..." is useful
<jancoow> rbasak: defrag for ext4  ? :O
<rbasak> It'll tell you if it's required.
<rbasak> Hopefully not :)
<jancoow> i'm also running badblocks now
<rbasak> But pathological cases will be able to fragment any filesystem I think.
<rbasak> And it's easy and quick enough so you might as well eliminate that.
<jancoow> how long does it take for the command to finish?
<hateball> jancoow: look at the error rates on hdd2
<hateball> .. and hdd3
<hateball> 4 and 5 also has some, tho not nearly as bad
<jancoow> what are these rates?
<jancoow> again these stupid seagates..
<jancoow> 2 years ago they both failed at the same time
<jancoow> lost a lot of data (which was redunant stored on both..)
<jancoow> I did got 2 new ones because I was still under RMA
<jancoow> but now they are failing again??
<hateball> well it can be the controller as well
<jancoow> rbasak: http://jancokock.me/f/6045f/ still wating on hdd3
<jancoow> hateball: should I run badblocks on them?
<jancoow> so I can check if there are any bad blocks?
<jancoow> I think I will move the landing disk from greyhole to hdd1. I don't trust these seagates anymore
<hateball> oh I didnt even notice they were seagate and not WD. seagate report smart data differently
<jancoow> Yeah that's one thing I hate about smart. There is no actual standard
<jancoow> And the raw values are sometimes encoded..
<jancoow> Why just not one standard which makes it easy for everyone
<hateball> Because https://xkcd.com/927/
<jancoow> yeah exactly
<rbasak> jancoow: I think you actually need to ready the output of -c.
<rbasak> -c tells you whether it's needed. It doens't actually do it.
<jancoow> It says "Done."
<jancoow> I will try without running the command in the background
<rbasak> standard> SMART is a standard. The individual parameters checked can be manufacturer-specific. But if the disk thinks there's something wrong, smartctl will tell you that.
<rbasak> Yeah it should give you more output than that.
<rbasak> (IIRC)
<jancoow> yeah I know, smart is the standard
<jancoow> but indeed the values are specific
<jancoow> and that's what I hate
<jancoow> rbasak: https://jancokock.me/f/33e32
<rbasak> The "I think I'm about to fail" indication isn't specific though.
<rbasak> jancoow: sorry. The manpage says to use -v as well.
<jancoow> oh I needed root permissions
<jancoow> rbask
<jancoow> rbasak: after I used the sudo command I do get some more information
<jancoow> It has 5 fragmented files
<jancoow> so that's not a big issue
<rbasak> Great!
<jancoow> rbasak: now checking the other 6 disks ;p
<jancoow> rbasak: yay. None of them need defrag
<theGoat> so i have some nfs exports on my ubuntu 14.04 server, but the transfer rates seem slow.  only able to write at about 50 MB/s or so.  SCP i am able to push close to 90.   is there any tuning i can don on the nfs server?
<andreas> theGoat: try rsize and wsize
<theGoat> andreas: yeah i have them set to 65536
<joelio> theGoat: udp mode any quicker?
<theGoat> let me give it a whack
<joelio> should be udp default iirc
<joelio> if it is udp, you might want to wrangle your rmem kernel params etc
<theGoat> joelio: udp doesn't seem to be any better.  kernel params on the client or server side
<joelio> perhaps check the rmem settings then, only other thing I can suggest
<theGoat> joelio: on the server or client side?
<joelio> both really, check out http://www.tldp.org/HOWTO/NFS-HOWTO/performance.html or something similar
<joelio> (may be a bit old that, but still is valid) - also vhat version of NFS, 3 or 4?
<theGoat> figured it out.  had the export set to sync, and not async.  once i changed it to async:
<theGoat> dd if=/dev/zero of=/nfs/software/zerofile bs=1024k count=500
<theGoat> 500+0 records in
<theGoat> 500+0 records out
<theGoat> 524288000 bytes transferred in 7.002229 secs (74874441 bytes/sec)
<joelio> cool, got there in the end
<theGoat> yep
<theGoat> thanks for the help
<joelio> np dude
<albech1> anyone know of an interface for administrating websites on a shared webserver. the different departments in our company need this for wikis etc.
<andreas> nacc: what's the preferred way to use the git workflow to update the version of a package? That doesn't come from debian. It's a plain new upstream version
<nacc> andreas: uupdate/uscan, probably
<nacc> andreas: i can tell you how I have done it, if you want. HO?
<andreas> and then git commit/delete as necessary?
<andreas> add/delete I meant
<nacc> andreas: right, uupdate will create a new directory
<andreas> yes
<nacc> andreas: you'll need to effecitvely move it in place over your git repo
<andreas> ok
<nacc> andreas: it's something i want to wrap better, as that can be error prone :)
<andreas> I was just wondering if there was such a wrapper already :)
<andreas> thx
<nacc> andreas: `git status --ignored` can help, to see what has updated
<blizzow> Does anyone here know if the nagios-nrpe-server package is fixed to honor the allow arguments flag in the config? Last I checked it was broken and wouldn't read the allow arguments flag.
<nacc> blizzow: is there a bug?
<blizzow> nacc, there have been some firefights with the maintainer saying that the args option a security hole. The point of the feature is to let the user choose. Having the option is not a security hole, setting the option is.
<blizzow> It's like disabling the ability to set the listening address in mysql via the conf file.  Yes, if you set it to 0.0.0.0, you could be in for a bad time. But the designers intended the behavior to be configurable. Intentionally breaking the ability to configure certain parts is asinine.
<nacc> blizzow: i meant is there a bug #, not your opinion on the bug :)
<blizzow> nacc: there have been multiple bugs filed, the maintainer consistently closes them citing "security hole"
<blizzow> like a TSA agent.
<nacc> blizzow: ... give me the bug numbers?
<nacc> blizzow: and more importantly, is there an ubuntu bug filed?
<blizzow> https://bugs.launchpad.net/ubuntu/+source/nagios-nrpe/+bug/1555258
<ubottu> Launchpad bug 1555258 in nagios-nrpe (Ubuntu Artful) "Request contained command arguments" [Medium,Fix released]
<nacc> blizzow: well, that's fix released in all ubuntu releases.
<nacc> blizzow: so not sure what you were just talking about?
<blizzow> It's not clear to me which way the package maintainers have decided to swing, allow command args to be configured, or disable them entirely.
<blizzow> I was hoping to get an answer here before installing, testing, and possibly rebuilding.
<nacc> blizzow: it is fixed in Ubuntu.
<nacc> blizzow: as that bug says, a few times.
<nacc> blizzow: you will need to modify your configuration to allow it locally.
<nacc> blizzow: the functionality is there by default, but disabled.
<blizzow> I guess I'll try the latest.
<nacc> blizzow: latest what?
<nacc> blizzow: you don't to run Artful to get the fix.
<nacc> *don't need to run
<blizzow> package. like I said, the maintainer for a long time was marking the bug "fixed" because args are a security hole if not used properly.
<nacc> blizzow: well, yes, you'd try the latest package. Not sure what else you'd try? Sorry, this feels like a rather circular converstaion.
<nacc> blizzow: also, I think you mean the Debian maintainer? As the LP bug says, Ubuntu has decided to diverge from Debian on this issue.
<sarnold> have you tried since may?
<blizzow> I was just hoping to get an answer here before testing the current package, that's all. I spent a bunch of time building a system to build a custom deb with it enabled to distribute among my systems.
<nacc> blizzow: why wouldn't you use a PPA ?
<nacc> blizzow: but regardless, yes, fixed.
<rh10> guys, which version of python do you mostly use for system administration tasks? or devops?
<rh10> 2 or 3?
<teward> nacc: rbasak: dpb1: et. al.: I may have a meeting conflict tomorrow with a client, so I might not be able to chair the meeting this week.  Sucks that clients are slow at responding to me.
<dpb1> teward: hah
<rh10> and how long python 2 will b esupported? is next LTS ubuntu version will be shipped with python 2 onboard?
 * dpb1 looks at schedule
<teward> dpb1: i'mma pull myself off the chair list, bother me later :P
<teward> rh10: I use Py3 because Py2 dies in 2020
<teward> and Py3 is becoming the standard
<dpb1> teward: ok, sounds good
<rh10> teward, thanks
<teward> rh10: i think both will be in the repositories, but Py2 is *dead* in 2020 by upstream
<dpb1> teward: let us know when/if your schedule is more "predictable". :)
<teward> dpb1: who should I put in for it, rbasak, you, or TBD?
<teward> dpb1: will do.
<dpb1> teward: who is next up?
<teward> rbasak
<teward> after me
<dpb1> put him in for next, he can slide the next person up if he wants (his schedule is a bit weird now too).
<teward> done
<drab> hi, anybody around using netdata, possibly with influxdb as a backend storage?
<sarnold> "auto-detects everything, it can collect up to 5000 metrics per server out of the box" mmm nice for the very lazy admin like me :)
<drab> the other interesting thing is that it's very much lxc aware
<drab> so it plays really nicely with all the containers I have
<sarnold> some of these screen capture/video/image things are really cool
<drab> I've had this sort of problem forever, being able to look at what's happening "right now" in high def and have historical
<drab> that's how I used to use collecd
<sarnold> everyone has :) e.g. pcp is ~twenty years old now..
<drab> but the frontend stuff is non-existing/a pain for high res
<drab> so netdata + influx may finally be a way to fix this
<drab> especially since the data at that high rate doesn't need to leave the box, which is the other issue if you even say you're sending stuff to statsd somewhere closeby, still lots of stuff leaving the host
<sarnold> zfs support :)
<drab> yep, only cavia is that being zfs at kernel level and therefore all containers sharing the same kernels those numbers are repeated
<drab> I'm still trying to figure out exactlty what to do with that part
<drab> maybe there's something I'm misunderstanding
#ubuntu-server 2017-10-31
<hehehe> any one knows cool GUI mail client?
<hehehe> for ubuntu
<hehehe> I have Evolution and it sucks
<hehehe> often just gets stuck
<drab> hehehe: this is the server channel, no GUI, ask in #ubuntu please
<nacc> hehehe: feels like something rather easy to google for.
<drab> also "cool" is not a feature requirement, I find mutt cool, but I suspect you wouldn't
<nacc> mutt +1
<drab> but maybe who knows, it has that 1337 feeling to it :P
<nacc> heh
<hehehe> mutt is not GUI
<hehehe> else maybe good
<lordievader> Good morning
<nyaa> after installing linux-image-generic-lts-xenial on 14.04 can i remove linux-generic, linux-headers-generic and linux-image-generic ?
<joelio> nyaa: yep
<coreycb> jamespage: I'm going to merge python-monasca-statsd for unstable, however our source package is named monasca-statsd and there's is python-monasca-statsd. i don't think i need to do anything special but if you can think of anything please let me know.
<joelio> ow 6
<joelio>  hrm /window fail
<Scoop7> I was sent here
<Scoop7> by lotuspsychje
<teward> Scoop7: for...?
<Scoop7> he said I can find help here
<teward> we ain't psychic, we'll need more information about what you're looking for.
<nacc> Scoop7: as i said in #ubuntu, your questionn is sort of a loop
<teward> sorry if I seem on edge, I'm nursing a headache from staring at radio frequency data all day.
<teward> (so far)
<nacc> if you are overcommiting your server, either a) do not overcommit or b) setup your server to handle overcommit
<teward> ^ that
<nacc> where b) might mean setup swap, add more RAM, etc.
<nacc> and a) typically means workload management
<TJ-> Does chrome headless support KSM maybe?
<nacc> TJ-: isn't KSM trasparent to the application? unless you mean does it do mlock or manual dedupe?
<nacc> err, madvise not mlock
<TJ-> nacc: well, generally the app calls madvise(ptr, size,MADV_MERGEABLE)
<nacc> TJ-: ah sorry, i was cofusig it with THP
<nacc> TJ-: you're right, KSM is a opt-in thing
<nacc> TJ-: THP, in contrast has an "always" setting, but defaults to "madvise" on the ubuntu kernel
<nacc> Scoop7: would be good if you replied at some point :)
<TJ-> nacc: are you using ecryptfs for $HOME?
<nacc> TJ-: nope
<nacc> TJ-: why do you ask?
<TJ-> nacc: I'm looking for someone to try and recreate a kernel BUG in ecryptfs. I've reproduced on different PCs and kernel versions from 4.4 to 4.13.
<tyhicks> TJ-: hi - I'm the upstream maintainer and have seen your bug reports in launchpad and kernel.org's bugzilla
<nacc> heh
<tyhicks> TJ-: I'll attempt to reproduce it shortly (having to handle other things first)
<tyhicks> TJ-: thanks for the bug report!
<TJ-> tyhicks: Yay! thanks very much :)
<TJ-> tyhicks: I started off doing some what I thought were simple overlayfs experiments... ended up going backwards until 5.30am and still going backwards now!
<TJ-> tyhicks: is there any possibility ecryptfs will at some point support the trusted.* extended attributes so it can be used as a writeable upper layer in overlayfs?
<rbasak> nacc: MP ready: https://code.launchpad.net/~racb/usd-importer/+git/usd-importer/+merge/333040
<rbasak> nacc: the point of all of this is to make test_git_repository.py trivial.
<nacc> rbasak: reading it now
<nacc> rbasak: should the Link constructor be callig super() and taking a kwargs?
<rbasak> nacc: yes. Good catch.
<rbasak> I guess I'm not testing that :-/
<nacc> rbasak: i think you'd see an issue if you tried to name the link? not sure
<rbasak> Yep. That's what I'd expect.
<rbasak> I'll fix but also write a test :)
<nacc> heh
<rbasak> (tomorrow)
<nacc> rbasak: overall looks really nice and promising
<rbasak> \o/
<rbasak> Thanks
<rbasak> Bedtime now. I'll read your review tomorrow :)
#ubuntu-server 2017-11-01
<lordievader> Good morning
<drab> .o/
<drab> a clear sign I should be asleep...
<lordievader> Well... are you?
<drab> unfortunately I am... trying to get a migration done while everybody else is asleep
 * drab is waiting on an rsync to finish
<drab> I might actually be done and without any apparent disaster... good stuff
<drab> have a good day europe folks
<lordievader> Same to you, drab
<jamespage> coreycb: looking at my zesty issue - the neutron-gateway unit is loading very heavily with rootwrap calls
<jamespage> not sure tbh
<jamespage> top - 11:10:21 up  1:18,  1 user,  load average: 9.18, 5.87, 5.53
<jamespage> calls just seem to be taking along time
<jamespage> coreycb: https://bugs.launchpad.net/ubuntu/+source/neutron/+bug/1729274
<ubottu> Launchpad bug 1729274 in neutron (Ubuntu) "sudo/rootwrap calls consuming large amounts of CPU" [Undecided,New]
<Scoop7> Hello if on my ubuntu 16.04 lts server, apache breaks down - could this resolve to a ssh access fail to that server ?
<andreas> hm, is there a way to have a wireless on a vm?
<andreas> with kvm?
<andreas> sorry, I dropped briefly from the network, if someone replied please tell me again
<lordievader> andreas: Are you asking if you can have a wireless nic in a vm?
<andreas> yes
<andreas> without passthrough
<andreas> a simulated one, of course
<andreas> not connecting to a real wireless network
<lordievader> A simulated one? No, I don't think that exists.
<lordievader> Passthrough is the only option I can think of.
<coreycb> jamespage: interesting, i wonder if that's the case in artful+
<andreas> hey, packaging question regarding dependencies
<andreas> I'm triaging a bug (#1729064)
<andreas> where when you install bacula-director-pgsql, that pulls in postgresql server via recommends
<andreas> problem is, the bacula postinst expects a working database, but postgresql isn't fully installed yet. There isn't even a postgres user yet
<andreas> so bacula-director-pgsql fails
<andreas> it also can't just depend on postgresql server, because the server might be remote and not localhost
<andreas> it does depend on the postgresql client bits
<andreas> and it does have a recommends for the postgresql server, which gets pulled in by default if you just apt install bacula-director-pgsql
<coreycb> andreas: we had a similar situation with openstack packages
<coreycb> andreas: basically we used to have the package install with an sqlite db to get the services running by default
<coreycb> andreas: for example, postinst script updating the sqlite db: https://git.launchpad.net/~ubuntu-server-dev/ubuntu/+source/keystone/tree/debian/keystone.postinst?h=stable/ocata
<andreas> yeah, but in this case it's a pgsql-specific package that is being installed
<coreycb> andreas: we've since dropped use of the sqlite db though since it's more problem than it's worth
<andreas> not a generic one that can use 3 different db backends
<andreas> I remember the issues we had with the sqlite db in openstack
<andreas> services would start with that, then the relation with mysql would show up, and you would have to migrate from sqlite to mysql
<coreycb> andreas: hmm, yeah. i guess you could assess whether the postinst db commands are really needed.
<andreas> debconf asks if you want to use a localhost or a remote db
<andreas> if you choose localhost, kabum, because postgresql isn't configured yet
<andreas> is there a way in d/control to fix that? Tell it that postgresql should be ready to use?
<andreas> but still be a recommends?
<andreas> or just via some postinst voodoo?
<coreycb> andreas: i don't know, sorry
<andreas> np
<coreycb> andreas: that does seem a bit odd though, that postgresql doesn't get fully installed
<andreas> I checked dpkg -l while the debconf question from bacula was up showing an error
<andreas> postgresql was U
<andreas> not even the postgres user existed
<andreas> one of the debconf options was to abort, which I selected, then the rest continued
<andreas> and all I had to do to "fix" it was "apt install --reinstall bacula-director-pgsql"
<andreas> maybe a --configure would have been enough
<coreycb> andreas: sounds like a bug somewhere. maybe try on an older release?
<andreas> I'm going over the changelog
<andreas> going to try debian too, since it's a sync
<rh10> need some python experience for system administration jobs. which last script did you write? :)
<andreas> coreycb: it worked in artful, which has a newer version. I have something to check now
<andreas> as long as it's not a dpkg change, or something else core :)
<coreycb> andreas: ok good!
<sruli> i am trying to set my luks to automount from key file in /boot, but need to set a fallback to ass for pass if key not found, all the scripts i found are for Plymouth, what do i use instead for my script in server (non-gui) ?
<drab> .o/
<drab> woke up in the morning and stuff is still working... gotta be a good day
<rbasak> sruli: could you just write a straightforward keyscript? See crypttab(5).
<albech> can anyone recommend an interface where i can let users create websites and administrate them on a shared webserver. I have looked at the webmin/virtualmin/usermin, but its way too sophisticated to what i am looking for. A simple interface that allow users to configure a virtual nginx, ftp and mysql.
<albech> prefer support for 1-button installs for wordpress and possibly a few other CMSs
<arunpyasi> albech, I would like to recommend you VestaCP but at the moment it doesn't have 1-button install :P
<arunpyasi> albech, It'll have Softaculous in next relase though
<albech> i have looked at http://www.hostingadvice.com/blog/cpanel-vs-plesk-vs-webpanel but most of these provide much more than i need. I dont need mail, dns and all those other things they provide. i see VestaCP is there too, maybe ill try an install to check it out.
<arunpyasi> ok albech
<sarnold> albech: please firewall the hell out of it, only allow trusted people to use it from specific IP ranges or something similar. those kinds of tools are usually rubbish code quality.
<albech> sarnold: yeah. the ones using it are all on vpn, so it should be fairly simple to keep it tight.
<albech> arunpyasi: froxlor seems to be exactly what i was looking for.. thanks for the suggestion though.
<drab> lol froxlor, great name choice :)
#ubuntu-server 2017-11-02
<SmokinGrunts> Ahoy
<SmokinGrunts> I setup postfix as an SMTP local-send-only server earlier today, started to add sasl to make it remote accessible, checked logs, and WHAMBAM logs -> NOQUEUE: reject: RCPT from unknown[23.227.207.153]: 454 4.7.1 <spameri@tiscali.it>: Relay access denied; from=<spameri@tiscali.it> to=<spameri@tiscali.it> proto=ESMTP helo=<WIN-SSV9OCSUNV0> :o
<SmokinGrunts> was within 15 minutes after setting 'inet_interfaces = all'... I had no idea spammers were so active. This is a small server, only for dev and demo purposes. Should I be worried, or was this just a case of the spammer fishing for potential open relays?
<SmokinGrunts> I found this from google-fu: https://groups.google.com/forum/#!topic/news.admin.net-abuse.email/FluMw5tx0xo
<drab> SmokinGrunts: entire ranges of ips are continuosly scanned at this point for open relays, just like known http vulenrabilities in wp and stuff like that
<drab> so I wouldn't worry as long as it's no longer happening. also since relay was denied I don't think it's a problem. plus if the trace is correct it was indeed just a test to see if the relay was open by sending to itself, not even sending actual spam
<SmokinGrunts> aye
<SmokinGrunts> cool cool, thanks
<lordievader> Good morning
<brianw> moin
<lordievader> o/
<cpaelzer> hiho
<SmokinGrunts> ahoy-hoy
<van777> hey! I've got the server in VMware. I open up a playlist containing russian characters with moc. Some encoding errors in wmware window, but everything fine if i ssh in with putty. How do i change VMware font? Here are 2 screenshots of what's happening -->  https://imgur.com/gallery/wWtEG
<SG_Sleeps> van777 search locale issues for vmware
<van777> ;)
<LeMike> Hi there. I guess I broke it :P I am sitting at a server that simply says: Failed to start {Login Service,Accounts Service} and to raise network interfaces. I wait for hours and it is not givin me a CLI. How do I fix this?
<rbasak> LeMike: that sounds like a desktop machine.
<rbasak> Hmm, perhaps servers have those too.
<LeMike> rbasak: Yee, actually a Futro Thin Client is aside me which I use as a small home server. Dunno what to do with the linux rescue shell to get rid of those problems :/
<Jenshae> Salutations
<lordievader> o/
<joelio> Highdely Ho
<Jenshae> http://h10032.www1.hp.com/ctg/Manual/c03519601.pdf <-- I downloaded this after a disk failure. tell me I have to run a Windows program -.-
<Jenshae> Is there a way to use something like mdadm to re-build the RAID5 now that the replacement drive is in?
<Jenshae> Going AFK for lunch. Been very busy lately :(
<joelio> Jenshae: yes, of course
<joelio> that's the point of mdadm, to create, monitor and rebuild
<joelio> although tbh I'd ZFS all the things now, above raid5 mdadm ;)
<joelio> unless you need a root drive, in which case it could be messy if you don't keep track of what you're doing during the setup phase
<joelio> but for a /{blah
<joelio> then it's absolutely superb as an FS
<Jenshae> 4x 500GB regular 7200 rpm SATA drives, slapped together with BIOS FakeRaid.
<Jenshae> Since it is an archive server, (or more just for offloading files that should be deleted), I am maximising on storage space.
<Jenshae> ... and there is Â£/$ zero budget because i am building it out of spare hardware to prove its usefulness.
<sdeziel> Jenshae: do you need to salvage the data in the fakeraid array or can you start fresh?
<joelio> BIOS fakeraid should be avoided imho, it's just software (there's no writeback cache etc) and you lose management/transparency for dodgy firmare and closed blobs
<joelio> JBOD them and use mdadm/zfs/btrfs whatever
<Jenshae> Getting the machine to just work as a physical demonstration. I went with wiping the drives and starting again, I am in mid install now sdeziel
<Jenshae> I have added a ZFS to my home machine, so I am getting more familiar with that.
<sdeziel> Jenshae: like joelio, I recommend staying away from fakeraid and use mdadm
<sdeziel> Jenshae: for such use cases, I typically partition each drives in 2 with the first partitions aggregated with mdadm and the 2nd partitions aggregated with zfs. This way you can put your rootfs on a mdadm array and get zfs goodness for the rest (bulk storage)
<joelio> yea, you can do root zfs but it's a bit of a faff currently
<joelio> would love the d-i to have support for it! :)
<Jenshae> Have either if you written a newb guide and blogged it on how to step by step do that while installing Ubuntu server?
<sdeziel> Jenshae: no, sorry
<sdeziel> Jenshae: with such old drives, I really recommend to put your valuable data on a FS that does checksumming (zfs/btrfs)
<sdeziel> Jenshae: if you are more adventurous you could even use btrfs for your rootfs (maybe the bigger slice as well). This is officially supported in the installer but I never tried myself
<joelio> Jenshae: no sorry, keep meaning to blog on lots of things but time management sucks
<Jenshae> There is no valuable data. This is going to be all stuff that should have been deleted but someone might want for some strange historical reason that is not required by law.
<joelio> only logs, generally?
<sdeziel> zfs compression is really good with logs ;)
<albech> just made a copy of my.cnf and changed the settings to allow for another sql instance to run on port 3307 and a different socket. How do I tell the system to also start an instance with the new name?
<Jenshae> Nah, this company has been around for donkey's years. We had two servers that I kept eyeing, thinking I wanted to re-use their hardware for something else. Turns out they are on all the time and doing absolutely nothing now.
<Jenshae> They are also just dual core 1GB desktops in fancy cases.
<Jenshae> So we have copies of letters for clients that are not with us going back 20 years. We only need to hold things like that for 5 years.
<Jenshae> CCTV footage of incidents that have probably been settled but we hold it years later in case it gets appealed.
<Jenshae> (All of this data will still be in the backup tape cycle)
<Jenshae> Auto security updates or Landscape?
<dpb1> Depends if you want to stage your updates, or have the automatically applied.  Different levels of risk management.
<Jenshae> They can happen any time. I am guessing there will be 1-2 hours of scheduled activity while it writes the day's data to a compressed file on the backup server and then 15-45 minutes of one person at a time dumping or retrieving stuff.
<joelio> Jenshae: auto-updates all the way (imho) - but I'd read up and perhaps blacklist kernel updates etc (especially if you've a small /boot partition)
<joelio> Landscape if you pay for it already
<joelio> it's probably worth it if you've got a bunch of servers and don't want to mess with them too much :)
<Jenshae> Nothing is standardised here. :(
<Jenshae> Win2003 and SUSE machines are the two rubbish "servers" I just spoke about. There is a Win 2012 R2 server that does our backups (that is all it does, fill up each day and then write to tape). Then there is 2x Win2012 hosts that hold 7x virtual servers, of which 6x are Win 2012 R1 and then there is another SUSE server holding a bespoke operating system that is also holding a bespoke database and application.
<Jenshae> I think there is a Solaris server somewhere in the building that handles the building's security. It is managed by a third party but sometimes I have to web portal into it for CCTV footage.
<Jenshae> (It would be an ancient machine and nearly dying by my guess of lack of activity and the visible hardware and how awful the app to use it is.)
<Jenshae> I recently had to Win IE6 to be able to log into it.
<Jenshae> Wine IE6*
<Jenshae> All the work points are a mess too. I arrived and there were still WinXP and Vista machines. Turned those into Lubuntu machines. There is Linux iGels and Win7 machines, one Win10 machine. My pet peeve is the variety of monitor sizes, cable types and graphics ports.
<Jenshae> The frigging iGels, you order the same model as some of the others but it will arrive with one display port and a DVI-D one vs two DVIs or another one had two display ports.
<Jenshae> Then I have to go and ask the guarder of the purse to give me permission to go to petty cash and get some money to then go and buy a few cables from a shop down the road. Can't just order in a large batch to save time and hassle, oh no, that would just cost too much in the short term ... ggggrrrr.
<Jenshae> Anyway, since just a mouse or keyboard replacement has to be authorised, I think you get the idea of the sort of mess I work with here.
 * joelio passes Jenshae a stress ball
 * Jenshae grins
<Jenshae> It has gone crazy. It keeps asking for commands whilst doing things.
<joelio> ?
<Jenshae> Update grub then text written over, root@server#
<Jenshae> pm-suspend and pm-hibernate are handy
<Jenshae> Back another day. Have a good weekend if I don't see you tomorrow. o7
#ubuntu-server 2017-11-03
<Unte36> Hello all. I have some questions about certificates for my apache server. anyone please?
<sarnold> where are you stuck?
<Unte36> Hello Sarnold. I just finished install of webmin and apache. Is certbot the app I need to install for my servers cert?
<Unte36> Iá¸¿ all new to Ubuntu
<sarnold> Unte36: please be careful with webmin -- I strongly recommend firewalling it off to just IP address ranges that you want to have complete control of the computer.. web-based management consoles are usually pretty poor
<sarnold> Unte36: if you want to use letsencrypt there's at least one client under that name, there's more clients availab,e but I don't know how many are packaged with ubuntu already
<Unte36> :S I was not aware of this vulnerability. Would it be wiser then to remove it all an do it from command line?
<sarnold> that's my very strong preference
<Unte36> Just need to make a simple server to share some files online
<Unte36> I will follow your advise Sarnold. Thank you very much.  Is there a way to remove it all and the software that it has been isntalled within??? Any suggestions on a good option to achieve this?
<sarnold> Unte36: how did you install webmin in the first place?
<Unte36> SARNOLD. I did install it from terminal. Checked on software and it is not being displayed in the list.  apt-get remove webmin / apt-get purge webmin??
<sarnold> Unte36: it depends on how you installed it. if you installed it with apt-get install webmin, then yes, apt-get purge webmin should work.
<Unte36> Yes Sarnold. it was sudo apt install webmin
<Unte36> trying it now
<Unte36> Sarnold. dpkg: warning: while removing webmin, directory '/usr/share/webmin/ajaxterm/ajaxterm' not empty so not removed
<sarnold> Unte36: okay, that's a little odd, but a 'sudo rm -rf /usr/share/webmin/'  once you're done will take care of that
<Unte36> command run
<Unte36> anything else to totally purge webmin installation?
<sarnold> I don't know what it might have done to your apache configs, or other configs, during install. depending upon how much you fiddled with it, it might be worth apt-get purging any applications that it configured
<Unte36> I just installed webmin + updates + apache
<Unte36> do I need to reinstall my pc to get ride of it all?
<sarnold> hopefully not
<Unte36> :) heheh  fingers crossed then.  So how can I purge apache ? since it was all installed within the app?
<sarnold> oh? hrm. try apt-get purge apache2 apache2-bin
<Unte36> heheh :) it worked. Seems to be going down with files now
<Unte36> Thank you. So what would it be your advise to achieve the a simple werver to share files ?
<Unte36> and just like webmin dpkg: warning: while removing apache2, directory '/var/www/html' not empty so not removed
<sarnold> did you put anything in that directory yourself?
<Unte36> nop
<sarnold> if not, rm -rf /var/www/html  is fine
<Unte36> what is that -rf command for?
<sarnold> -r means recursive, -f means force
<Unte36> rm: cannot remove '/var/www/html/index.html': Permission denied
<Unte36> :S
<sarnold> the rm command likes to ask you silly questions like "you can't read this file, are you sure you want to delete it?" kind of thing
<sarnold> ah sorry, 'sudo rm -rf /var/www/html'
<Unte36> heheh my fault sorry
<Unte36> somthing funny with webmin
<Unte36> apt-get install webmin
<Unte36> sudo apt-get install webmin / Reading package lists... Done / Building dependency tree       / Reading state information... Done
<Unte36> E: Unable to locate package webmin / lluix@lupa:~$ sudo apt install webmin
<Unte36> Reading package lists... Done
<Unte36> Building dependency tree
<Unte36> Reading state information... Done
<Unte36> E: Unable to locate package webmin
<sarnold> hrm. Did you add a PPA or other apt repository to get webmin packages? I don't see any webmin packages in our archives
<Unte36> nop I only did the install webmin
<Unte36> from terminal
<Unte36> :S
<Unte36> Sarnold. I had added the ppp and reinstall it
<sarnold> Unte36: wow,that takes me back :) I haven't done ppp in ages..
<Unte36> hehehe why is that ?
<Unte36> I will try this time sudo apt-get remove webmin
<Unte36> sarnold
<sarnold> Unte36: I've been lucky enough to have ethernet network connections for a while ;)
<sarnold> Unte36: can you pastebin the output of apt-cache policy webmin   ?
<Unte36> Sure ; ) bare with me one sec, still finishing with the install
<Unte36>  Installed: 1.860
<Unte36>   Candidate: 1.860
<Unte36>   Version table:
<Unte36>  *** 1.860 500
<Unte36>         500 http://download.webmin.com/download/repository sarge/contrib amd64 Packages
<Unte36>         500 http://download.webmin.com/download/repository sarge/contrib i386 Packages
<Unte36>         100 /var/lib/dpkg/status
<sarnold> aha. crazy, I'm surprised that installed.
<sarnold> do note that this means whoever controls that repository essentially has root on your computer.
<Unte36> yes I added this http://download.webmin.com/download/repository
<Unte36> in software & upd / other software
<Unte36> Sarnold. I see, so I need to remove this and purge it all for good
<Unte36> : @
<sarnold> Unte36: that's my recommendation, yes
<Unte36> which command to use? I dont know the difference % purge and remove
<Unte36> the previous install didnt work purge. Shall I do the remove this time?
<Unte36> Sarnold
<Unte36> sudo apt-get remove webmin
<sarnold> sudo apt-get purge webmin should do the job
<Unte36> but last time I got the error :s
<sarnold> what error?
<Unte36> Running uninstall scripts ..
<Unte36> readdir() attempted on invalid dirhandle $DIR at /usr/share/webmin/at/linux-lib.pl line 10.
<Unte36> closedir() attempted on invalid dirhandle $DIR at /usr/share/webmin/at/linux-lib.pl line 29.
<Unte36> Subroutine list_servers redefined at /usr/share/webmin/servers/servers-lib.pl line 92.
<Unte36> Subroutine list_servers_sorted redefined at /usr/share/webmin/servers/servers-lib.pl line 111.
<Unte36> Subroutine get_server redefined at /usr/share/webmin/servers/servers-lib.pl line 143.
<Unte36> Subroutine save_server redefined at /usr/share/webmin/servers/servers-lib.pl line 158.
<Unte36> Subroutine delete_server redefined at /usr/share/webmin/servers/servers-lib.pl line 175.
<Unte36> Subroutine can_use_server redefined at /usr/share/webmin/servers/servers-lib.pl line 188.
<Unte36> Subroutine list_all_groups redefined at /usr/share/webmin/servers/servers-lib.pl line 208.
<Unte36> Subroutine logged_in redefined at /usr/share/webmin/servers/servers-lib.pl line 278.
<Unte36> Subroutine get_server_types redefined at /usr/share/webmin/servers/servers-lib.pl line 303.
<Unte36> Subroutine this_server redefined at /usr/share/webmin/servers/servers-lib.pl line 313.
<Unte36> Subroutine get_my_address redefined at /usr/share/webmin/servers/servers-lib.pl line 332.
<Unte36> Subroutine address_to_broadcast redefined at /usr/share/webmin/servers/servers-lib.pl line 361.
<Unte36> Subroutine test_server redefined at /usr/share/webmin/servers/servers-lib.pl line 375.
<Unte36> Subroutine find_cron_job redefined at /usr/share/webmin/servers/servers-lib.pl line 394.
<Unte36> Subroutine find_servers redefined at /usr/share/webmin/servers/servers-lib.pl line 407.
<Unte36> Purging configuration files for webmin (1.860) ...
<Unte36> dpkg: warning: while removing webmin, directory '/usr/share/webmin/ajaxterm/ajaxterm' not empty so not removed
<sarnold> btw a pastebin would be better for anything that's more than two lines of output
<sarnold> but all that looks like it mostly worked to remove the thing. a simple sudo rm -rf /usr/share/webmin/ afterwards should clean up what dpkg couldn't delete
<Unte36> alright brb
<Unte36> Sarnold . BTW how can I make a paste bin for the next time ? sarnold
<Unte36> ;)
<sarnold> Unte36: the easiest way is to install the pastebinit package; then you can run a command like apt-cache policy webmin | pastebinit
<sarnold> then you just copy-and-paste the url that it returns
<Unte36> ahhh, let me install it now for next time
<Unte36> sudo apt-get install pastebinit???
<sarnold> yes
<Unte36> Weird. The purge went somewhat too fast this time :S .....
<sarnold> most terminals let you scroll up with shift+pageup
<Unte36> With apt-cache policy webmin | pastebinit can we check if it has completly purged??
<Unte36> The issue is not scrolling but the last time I saw more removing lines
<sarnold> Unte36: well, "completely" is difficult to measure
<sarnold> you can run the debsums program to try to get an idea of what might be changed; it's .. kind of verbose though. still, it's a useful tool to know about. try running debsums -ac
<Unte36> what command do you suggest for controlling this?
<Unte36> sudo debsums -ac | pastebinit
<Unte36> ???
<sarnold> well, depends; if you want feedback on specific files that are reported as changed, maybe
<sarnold> but debsums takes forever to run
<Unte36> then with apt-cache policy webmin | pastebini?
<Unte36> Sarnold here is the result from sudo apt-get purge webmin | pastebinit
<Unte36> sudo apt-get purge webmin | pastebinit
<Unte36> http://paste.ubuntu.com/25877126/
<sarnold> holy moly look at all those i386 packages
<sarnold> Unte36: definitely do the 'sudo apt autoremove' command next :)
<Unte36> Sarnlod. I know... reason why I wanted to let you look at it
<Unte36> sudo apt autoremove webmin | pastebinit  ????
<sarnold> just sudo apt autoremove
<Unte36> BTW what is the logic when installing a program in ubuntu? in win you have Program files where you can review the software isntalled on your pc but in here. I have no idea of how does this work
<sarnold> Unte36: you can use dpkg -L  to show the files that package installs; check out 'dpkg -L bash' to see a simple example
<Unte36> sudo apt autoremove webmin | pastebinit
<sarnold> no 'webmin' on that command
<Unte36> ok
<Unte36> WARNING: apt does not have a stable CLI interface. Use with caution in scripts.
<sarnold> ha
<sarnold> apt is a friendly interface over apt-get and apt-cache and maybe some other tools. those other tools have stabilized interfaces, so it'd be worth using those directly in scripts
<Unte36> so which command shall I use?
<sarnold> sudo apt autoremove
<Unte36> E: Could not get lock /var/lib/dpkg/lock - open (11: Resource temporarily unavailable)
<Unte36> E: Unable to lock the administration directory (/var/lib/dpkg/), is another process using it?
<Unte36> lluix@lupa:~$ sudo apt autoremove
<Unte36> E: Could not get lock /var/lib/dpkg/lock - open (11: Resource temporarily unavailable)
<Unte36> E: Unable to lock the administration directory (/var/lib/dpkg/), is another process using it?
<sarnold> I wonder if unattended-upgrades is running?
<Unte36> Reading package lists... Done
<Unte36> Building dependency tree
<Unte36> Reading state information... Done
<Unte36> 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
<Unte36> what for is autoremove?
<sarnold> apt keeps track of packages that were installed solely because something else installed needed them; and when that something else is removed, it can suggest to remove the other packages too
<sarnold> it's not perfect, but it's pretty good
<Unte36> Sounds like it. So it does clean all the extra software in depedency with main apps previously installed?
<sarnold> I think you've got the right idea :) it's difficult to convey exactly what it does..
<Unte36> Loving linux just the logic of it. Remains in some areas rather blur
<Unte36> Sarnold for the simple file server is apache a good option ??? or what do you suugest me???
<sarnold> Unte36: different people need different things from "fileserver". Some people want samba shares they can use with windows or mac os x desktop clients; some people just need a place to scp to and from. Other people want to scp files to a machine and then use http to get them back.. and other people want a web interface to upload and download
<sarnold> Unte36: apache can fill the role for some of those requirements, but not all, and it'll even require applications in apache to do anything beyond basic ..
<Unte36> I understand it. My requisite is to have a server to share video files stored in my local HD to share with my mother that has a broken leg so that she can access it from a remote location
<Unte36> via browser
<Unte36> Sarnold
<sarnold> Unte36: will she want a friendly javascript player and so on? or just a pile of files?
<Unte36> I want to keep it as simple as possible since I dont know yet my way around Ubuntu. A normal interface that she may be able to open the files from
<sarnold> I don't think this qualifies for "simple", but I've heard good things about it https://nextcloud.com/
<Unte36> hehee fair point ;)
<sarnold> Unte36: time for me to bail, have fun :)
<Unte36> thank you,  ;) apreciated
<Unte36> take care
<lordievader> Good morning
<mybalzitch> hello
<dnegreira> what is the best way to do a server installation with a vlan interface on ubuntu? Im booting via usb stick and now I need to setup an interface with a vlan but by default that is not possible via the gui, and the iso does not provide 8021q module or vlan package. any ideas/gudes? google is not helping me atm
<dnegreira> guides*
 * dnegreira giving a try on expert mode
<dnegreira> just saw that you can select the vlan component
<tomreyn> yes, it should work that way.
<tomreyn> another option is to setup a server without vlan initially and set up the vlan later.
<dnegreira> not an option for me, dont have the possibility to automate it
<dnegreira> would love to load the vlan component related things on the 'normal installer' without expert mode
<dnegreira> just to have the vlan option available when configuring the devices
<dnegreira> but expert mode works for me for now
<joelio> dnegreira: you can in preseed afaik?
<joelio> #d-i netcfg/use_vlan boolean true
<joelio> #d-i netcfg/vlan_id string {VLAN}
<tomreyn> but that would be automation
<joelio> well yes and no
<joelio> you can pass those as kernel params when booting
<joelio> but why not automate? D:
<dnegreira> I do not "manage" the switches
<dnegreira> which I hate
<dnegreira> that is why I said that I cannot automate that part and hence need to boot up in expert mode and choose the vlan stuff. But now I understand better how to load that on boot and automate it
<burningatrocity> morning
<burningatrocity> anyone have experience setting up hylafax server?
<burningatrocity> or with modems?
<rbasak> cpaelzer: could you glance at https://bugs.launchpad.net/bugs/1729854 please? Is this a case of needing the right template?
<ubottu> Launchpad bug 1729854 in linux (Ubuntu) "Failed to create kvm guest with uvt-kvm on Zesty s390x zVM" [Undecided,Incomplete]
<cpaelzer> reading
<cpaelzer> Yeah that is a dup to my bug&fix
<cpaelzer> rbasak: are you marking it as such?
<rbasak> I can do
<rbasak> cpaelzer: duping to bug 1452016 or a different one?
<ubottu> bug 1452016 in uvtool (Ubuntu) "uvtool-libvirt needs arch specific templates" [Wishlist,Triaged] https://launchpad.net/bugs/1452016
<cpaelzer> that is the right one rbasak
<cpaelzer> rbasak: and if you'd merge my MP you could say Fix Committed :-P
<andreas> nacc: hey, I have a git (github?) question
<andreas> nacc: http://pastebin.ubuntu.com/25880349/
<andreas> nacc: I want the diff for that merge (f3b6bfac5911f248499c79a42a0d18f12ca9065a)
<andreas> but git show f3b6bfac5911f248499c79a42a0d18f12ca9065a only shows me the commit message
<andreas> what's the right way to get the diff? Let's say I don't have the branch anymore. Can I get the diff with just the hash of that merge commit?
<nacc> andreas: a diff relative to what?
<andreas> master
<nacc> andreas: git diff master..<hash>
<nacc> (or without .. actually)
<andreas> that branch panlinux/enable-tests-package-build was merged, and I was expecting that that merge hash would show the diff
<nacc> that will just diff the trees
<andreas> yeah, but relative to amster at that time
<nacc> andreas: that's not quite how merges work :)
<andreas> not master now
<nacc> andreas: git reflog master to see the old hash?
<andreas> https://github.com/CanonicalLtd/ubuntu-advantage-script/commit/f3b6bfac5911f248499c79a42a0d18f12ca9065a shows the diff
<andreas> but git show that same hash doesn't
<nacc> andreas: i believe that's a github thig
<andreas> nacc: ah, when I download the .patch version of that url
<andreas> the From has a different hash
<nacc> andreas: it understands merges and can contentfully show you what they have added (based upon what they were merged into)
<andreas> hm, the .patch version actually is a sequence of commits
<andreas> all commits from the branch
<andreas> I see
<nacc> which makes sesne, it's showing you, i think, the differences between the old master and the result of the merge, by commit
<andreas> I'll probably do a diff between first commit and last one
<nacc> andreas: i think there also relevant options to git-diff for dealing with merges
<andreas> oh, wait
<andreas> a merge commit has an extra header in git log
<andreas> commit f3b6bfac5911f248499c79a42a0d18f12ca9065a
<andreas> Merge: 4f6740e 05c8944
 * andreas checks if that is correct
<nacc> andreas: right, those are the 'parents'
<nacc> andreas: a merge is a commit with multiple parents
<andreas> yep, that helps
<nacc> andreas: and the diff is technically different from each
<nacc> rbasak: are you around?
<SmokinGrunts> if I've received a SERVERNAME.ca-bundle file, a SERVERNAME.crt file, and have my SERVERNAME.key private key, and postfix expects all intermediate CAs into a bundle, does this mean I need to 'cat' the .crt and .ca-bundle into a new file, or should the .ca-bundle already have this?
<sdeziel> SmokinGrunts: typically yes, you need to cat the .crt and the ca
<sdeziel> SmokinGrunts: some CAs have the bad habit of including their root CA in their bundle so you might want to remote it to optimize the TLS handshake
<SmokinGrunts> okay, and the SERVERNAME.crt would come first, then the .ca-bundle?
<sdeziel> SmokinGrunts: yes
<sdeziel> http://www.postfix.org/TLS_README.html: cat server_cert.pem intermediate_CA.pem > server.pem
<SmokinGrunts> aye, thank ye
<sdeziel> np
<|\n> hello
<|\n> on a hoster's vps with 16.04 i see linux-image-4.4.0-100-generic which is the latest provided by linux-image generic, however i'm unable to see it on this list https://packages.ubuntu.com/xenial/allpackages?format=txt.gz
<|\n> what could i check?
<nacc> |\n: it's in xenial-proposed
<|\n> ah, thank you so much nacc
<nacc> |\n: yw
<nacc> |\n: rmadison helped me figure that out (rmadison linux-image-generic)
<|\n> neat! thanks, nacc
<sdeziel> funny how "\n" breaks tab completion of the user name here :)
<nacc> sdeziel: works fine in irssi :)
<sdeziel> nacc: yeah, I never made the switch from pidgin to irssi
<|\n> last time i heard of issues regarding it it was some notification output from os in relation to highlighting the user on a mobile device
<nacc> sdeziel: :)
<sarnold> |\n: hah, love it :)
<|\n> me too, me too, thanks for the hints guys, every single step after leaving job place is hard and you've just made it a lot easier, thanks again nacc, i was just looking at the package maintainer like a retard for 2-5 minutes or so
<nacc> |\n: np
#ubuntu-server 2017-11-04
<FManTropyx> yo
<FManTropyx> I'm thinking of setting up a new VPS, but I started to wonder if I should wait 5 months so that I can get it started straight with fresh 18.04
<FManTropyx> I know upgrading works, did it from 14.04 to 16.04, but still...
<FManTropyx> the spiders crawling through my file server are endless - I thought that they would get satisfied at some point that they have the whole picture :P
<FManTropyx> is there some tool that lets me cut through all the noise in Apache's access log to filter in just actual user downloads?
<gunix> guys
<gunix> i always get annoyed by the weekly kernel updates on ubuntu
<gunix> anyway to get kernel updates to be less frequent, debian/centos style, once every 2 months?
<rbasak> gunix: you don't *have* to update.
<rbasak> You could watch the USNs and make individual decisions on security updates.
<gunix> rbasak: is there a way to check if the kernel update is security or not?
<gunix> can't apt just say "dude, this is security related, do the update"
<gunix> ?
<rbasak> https://usn.ubuntu.com/usn/
<rbasak> You could add an apt pin to lower the priority of non-security updates I think.
<rbasak> apt does know the difference.
<rbasak> But I suspect you may find that virtually every kernel update includes security updates, eg. for drivers you aren't using.
<rbasak> There's also https://www.ubuntu.com/server/livepatch
<tomreyn> ...or drivers you ARE using
<tomreyn> gunix: which part annoys you about it? a prompt to install updates, the bandwidth being used during the download, the prompt to reboot after the update succeeded?
<tomreyn> oh we'Re talking server here, so no such prompts, i guess. then what is the issue?
<gunix> tomreyn: the fact that i always have to reboot the server to stay up to date
<gunix> you have to reboot redhat/debian every 2 months, but ubuntu every week
<gunix> think about that when running an openstack infrasrtucture
<gunix> reboot every node once a week
<tomreyn> gunix: well as said before, you don't have to reboot
<gunix> yea but security update of kernel won't be applied until you reboot
<tomreyn> but if the other distros only ship kernel security updates less frequently it means they are doing a worse job
<tomreyn> livepatch was also suggested
<gunix> livepatch is risky
<gunix> can break the system
<tomreyn> not rebooting for security updates is also risky
<tomreyn> how can it "break the system"?
<tomreyn> if you compare it to other distros which make kernel security patches available less frequently, you really need to see it this way: ubuntu provides you an opportunity (but does not at all require) to have a shorter time-to-patch, i.e. you can close security vulnerabilities faster and thus increase the systems' security overall. you can maker use of it, but you don't have to.
<tomreyn> so comparing to the other distros, consider it a free add-on offer.
<tomreyn> (or, if you care about security, consider ubuntu to do a better job than the others which did not provide those security patches in a timely manner, keeping your system at risk.)
<tomreyn> if patching / maintenances interrupt your service, you should rethink your service architecture
<gunix> tomreyn: live migration of instances is not always the best for customers
<disposable> i've uninstalled lxd (from xenial-backports) from my test xenial server and it left a sizeable /var/lib/lxd behind. when i try deleting it, i get "/var/lib/lxd/storage-pools/default/images...... Read-only filesystem"  How do i get rid of this directory? i've already dpkg purged everything lxc/lxd related.
<disposable> and i don't see anything relevant in /proc/mounts
<tomreyn> gunix: yes, sometimes HA is
<disposable> nevermind, lxd created those directories as btrfs subvolumes.
<MartesZibellina> Hello!
<MartesZibellina> I have a problem - my system doesn't recognise my network adapter, TL-WN721N, after the 1st reboot.
<MartesZibellina> USB tethering with my phone doesn't work either.
<oerheks> MartesZibellina, what does lsusb/lspci say about that wireless TL-WN721N?
<MartesZibellina> It IS recognised, but the network manager says "Device not ready".
<JanC> MartesZibellina: lsusb/lspci knowing its name doesn't mean there is a driver
<JanC> seems like there are at least two different adapters with that name...
<JanC> sorry, *five*
<JanC> three with Atheros chips and two with Realtek chips
<JanC> MartesZibellina: does it tell you what version it is?
<JanC> or check what the USB ID is
<JanC> the USB ID would look like "0cf3:9170" or "2357:0107"
<JanC> the version would likely also be printed on the adapter itself (but might be hard to recognize as such)
#ubuntu-server 2017-11-05
<Bert_2> Hi guys, I was looking into why logwatch for my NAS wasn't reporting zfs info and I noticed that the zz-zfs.conf service script for logwatch presumes the zfs and zpool binaries are in /usr/sbin while zfsonlinux in 16.04 installs those in /sbin/, should I file this as a logwatch bug or a zfsonlinux bug on launchpad?
<JanC> Bert_2: sounds like a logwatch bug to me
<MartesZibellina> I need some help.
<MartesZibellina> I can't connect to my server on a client PC, even thought apt update and local SSH-ing work fine.
<MartesZibellina> Hello?
<ikonia> define can't connect
<MartesZibellina> Cygwin says: "Could not resolve hostname <hostname>: Name or service not known".
<ikonia> ok - so there is no dns entry for it
<tomreyn> so this system has a name resolution issue
<ikonia> cygwin....ugh
<tomreyn> not an ubuntu issue
<MartesZibellina> WinSCP also reports the same issue.
<ikonia> you have no name server resoution for your ubuntu IP
<MartesZibellina> How do I alleviate that issue?
<ikonia> fix whatever your name service is
<ikonia> or put an entry in the hostfile on the client
<MartesZibellina> How?
<tomreyn> or connect to the servers' ip address , not hostname
<MartesZibellina> Oh.
<MartesZibellina> BTW, how do I check my IP address on the server?
<tomreyn> ip a
<MartesZibellina> Now it says "Connection refused".
<MartesZibellina> Which IP address should I connect to?
<tomreyn> the one the service your are trying to connect to listens on
<tomreyn> "netstat" -pn or "lsof -i" would show.
<MartesZibellina> Which IP address, to be exact?
<tomreyn> how would we know?
<tomreyn> you are trying to connect, using an unknown protocol, from some client (ip address unknown) to some service (unknown) listening on some (unknown) port on a server running ubuntu using an unknown protocol. it is unknown which network the client and the server reside in, and how connectivity between them can be established.
<tomreyn> so, without more details from your end, no one will be able to help you.
<MartesZibellina> The server and the client reside in the same home network.
<MartesZibellina> I can upload a photo if you want.
<MartesZibellina> https://s19.postimg.org/51wl94vsj/lsof_-i_output.jpg
<MartesZibellina> BTW, how can I scroll text in the non-desktop terminal?
<MartesZibellina> Ie., the one that you open with Alt+1-Alt+6.
<MartesZibellina> Hello?
<FManTropyx> did you try the PgUp/PgDn keys?
<MartesZibellina> They don't work and PgDn only yields me a tilde sign.
<rsx> Shift+PgUp/PgDn should work
<MartesZibellina> It works!
<MartesZibellina> But still, what am I supposed to do?
<rsx> is sshd running at your server? check i.e. with netstat -tlp | grep sshd
<MartesZibellina> https://s19.postimg.org/4b8gh0y7n/20171105_144153.jpg
<MartesZibellina> The command's output.
<rsx> what does /var/log/auth.log tells about connection refused?
<MartesZibellina> On the client?
<rsx> on the server
<MartesZibellina> May I post a picture of it?
<rsx> yes
<MartesZibellina> Or you know what? I'll just upload it on hastebin.
<MartesZibellina> https://hastebin.com/uyuwucerix.sql
<rsx> Can't see any ssh connection from your client. Did you try to ssh via ip address from your client?
<MartesZibellina> When I try connecting to the CORRECT IP address, on the correct port, it says "Connection timed out".
<rsx> that means your client cannot access your server at port 22/tcp. Do you get an replay for ping from client to server?
<rsx> reply
<MartesZibellina> How do I ping it?
<MartesZibellina> With cmd?
<rsx> cmd: ping <ip address>
<MartesZibellina> The host is unreachable.
<rsx> can you ping any other machine i.e. router from your client and your server?
<MartesZibellina> I can ping my router just fine.
<rsx> ping server to router is ok, ping from server to client any vice versa is not?
<MartesZibellina> Ping to router from client AND server are both fine.
<MartesZibellina> Let me try server->client.
<MartesZibellina> That works just fine.
<MartesZibellina> How do I stop the pinging process?
<rsx> CTRL+C
<rsx> do you have any kind of firewall configured on the server?
<MartesZibellina> No.
<rsx> check iptables -L -n
<MartesZibellina> On server?
<rsx> yes
<rsx> last idea: do all machines have the same netmask?
<MartesZibellina> How do I check it?
<rsx> ip a
<MartesZibellina> https://s19.postimg.org/y0ln9fetf/20171105_154331.jpg
<rsx> are client or server connected via WLAN?
<rsx> and if so, does your router (access point) allow communication between clients?
<ikonia> this is getting silly
<ikonia> why is someone trying to run a server who doesn't understand basic networking
<MartesZibellina> The client is connected through Ethernet, and the server through a wireless adapter.
<ikonia> MartesZibellina: have you got a basic grasp of IP networking
<MartesZibellina> I just want my problem to be solved.
<ikonia> MartesZibellina: I understand that, that's why I'm asking if you understand basic TCP IP networking
<MartesZibellina> I don't think so.
<ikonia> ok - so why are you trying to run a server ?
<MartesZibellina> I want to make an use of my old PC.
<MartesZibellina> Why would it be only lying around, after all?
<MartesZibellina> The SSH worked just fine before rebooting.
<ikonia> then I suggest you research a basic understanding of networking
<MartesZibellina> Are there any good sites?
<ikonia> just buy a book
<MartesZibellina> Maybe removing desktop environments will help?
<MartesZibellina> Also, there's "A job is starting for Wait for Network to be Configured".
<MartesZibellina> And it fails.
<MartesZibellina> Upon boot.
<ikonia> MartesZibellina: again, this is why you need basic understanding of networking
<MartesZibellina> Now, the problem's solved!
<MartesZibellina> It's the desktop environment that's been interfering with the server!
<ikonia> what ?
<MartesZibellina> Now I can SSH just fine.
<ikonia> the desktop does not touch ssh
<MartesZibellina> Maybe the network manager did.
<ikonia> if you have configured /etc/interfaces and network manager then of course it will fight
<ikonia> as both are trying to manage the network card
<MartesZibellina> In any case, now I can rest assured that my client will SSH just fine to the server.
<MartesZibellina> I installed lubuntu-desktop before.
#ubuntu-server 2018-10-29
<cpaelzer_> good morning
<ahasenack> good morning
<kstenerud> ahasenack o/
<ahasenack> hi kstenerud
<frickler> can someone remind me of the URL for the version check matrix for UCA packages? somehow this has dropped from my list of bookmarks
<ahasenack> cpaelzer: did you see my last comment on https://code.launchpad.net/~ahasenack/ubuntu/+source/cyrus-sasl2/+git/cyrus-sasl2/+merge/357779 ? Probably lost somewhere in your inbox storm
<cpaelzer> ahasenack: I didn't see that yet
<cpaelzer> hmm
<cpaelzer> let me check if I see it in the ppa conf where I thought it was in the past
<ahasenack> it's what prompted my emailing about bileto usage
<cpaelzer> I'm sure I have seen valid xenial tests
<ahasenack> well, they pass with other packages
<ahasenack> but if you look there, they are also including the phone ppa
<cpaelzer> oh, I see
<ahasenack> it just so happens that none of the needed packages come from there
<ahasenack> these two tests that are failing use qt packages
<ahasenack> and apparently the phone has/had such packages at a higher version than xenial
<cpaelzer> since most of the overlay was UI centric it makes sense that it is qt
<cpaelzer> but OTOH most of our cases don't hit those bits
<ahasenack> correct
<cpaelzer> so unless most tests have issues I'd go on and consider this one an unlucky special case that needs manual tests
<cpaelzer> as said on the mail thread
<cpaelzer> but I'm still pretty much in favor of testing pre-upload
<smoser> https://code.launchpad.net/~smoser/usd-importer/+git/usd-importer/+merge/357826
<smoser> rbasak: ^
<rbasak> smoser: it is merged, but Launchpad is behind
<rbasak> https://git.launchpad.net/usd-importer/log/
<rbasak> smoser: it should be in edge
<smoser> hm. i'd never seen launchpad behind.
<kklimonda> is there some documentation on running ubuntu core on bare metal servers, or is it not at that point yet, and still mostly focused on IoT?
<ahasenack> cpaelzer: are you still looking at https://code.launchpad.net/~ahasenack/ubuntu/+source/cyrus-sasl2/+git/cyrus-sasl2/+merge/357779 ?
<Guma> I just reinstalled my server and desktops to 18.04. I was wondering if there is a way to point all my desktops to my server for updates? The ideas is that I want all my desktops update to latest what is on server in order to keep my desktops on same level.
<josefig> Hi, I have installed Ubuntu server 18.04 for LTSP server, I already installed everything but there's left the dnsmasq  someone has information how to set it up with 2 NICs ?
<lotuspsychje> Guma josefig idle here a bit ok, we having a bit of timezone glitch atm :p
<josefig> hehe no worries, in the meanwhile i'm reading you know
<josefig> I think it has to be with the second NIC, the first is connected to internet properly
<RoyK> Guma: setup an apt mirror on the server and configure the desktops to use that server as an apt source
<RoyK> Guma: or if your internet connection is good, just use unattended-upgrades to have them upgraded automatically as often as you wish
<Guma> RoyK  I never done this. Do you have some link to document waling me through it? Thank you so much
<RoyK> Guma: first hit on google https://www.howtoforge.com/local_debian_ubuntu_mirror
<Guma> Great. I will try. Thank you for getting me started
<RoyK> good luck :)
<Guma> One more thing. I have my own deb packages that I am creating. This is for company I am working on. They are private deb packages and also looking at hosting them privately
<RoyK> Guma: again - google says https://wiki.debian.org/DebianRepository/Setup
<Guma> Ok that will get me going. :)
<RoyK> Guma: http://jfgi.herokuapp.com/images/bart.gif ;)
<Guma> RoyK Fair enough. I always do. But in this case I was not sure where to start. Now I know. Cheers
<sarnold> Guma: you can also set up a squid-deb-proxy if you don't want to spend a terabyte of disk space on a mirror
<cpaelzer> ahasenack: I was fine with the cyrus fix given that you tested locally where the bileto test failed
<ahasenack> cpaelzer: ok
<JanC> nowadays a terabyte isn't all that much, of course  :)
<lotuspsychje> JanC: did you buy that 15tb WD? :p
<JanC> no
<josefig> If I'm trying to boot PXE and I get  "DHCP packet received on enp3s0f1 which has no address" could be because of the network card has not IP assigned, even if I did a static declaration when I do a ip addr i don't see the ip. Why is that? or How is the correct procedure to do this ?
<RoyK> josefig: do you have a dhcp server on that thing?
<ahasenack> yeah, check if the server actually offered an ip
<ahasenack> i.e., server logs are also useful
<tomvolek> HI : I am trying to install Ubuntu from USB on a HP proliant server , I get a message "parition /de/sda1 assigned to / starts an offset 565248 bytes from minimum alignment for this disk" ,     is this a question for this group or the Ubuntu channel ?
<tomvolek> Entire install disk is partitioned to one partition / and a swap .
<sarnold> heh, that's a funny number.. 8192 * 69
<xnox> tomvolek, with UEFI or eithout UEFI?
<tomvolek> sarnold: Some folks on the net mention you need to format the USB to make sure it does not use 512 byte sectors by default and increse it to 2048 , So I did that, used disk utility on mac to increase sectors on usb to 2048 so it would match linux.
<xnox> tomvolek, also there should be either grub-bios slice inserted or an UEFI ESP partition.
<tomvolek> xnox Sorry where does UEFI comes into play ?
<tomvolek> xnox  what do you mean by grub-bios slice inserted ?  inserted where ?
<xnox> tomvolek, well, if the server is booting using UEFI, you also need an ESP partition formatted as EFI.
<tomvolek> I tried to keep thigns simple and created only one parition with swa
<xnox> tomvolek, are you using automatic partitioning, or manual?
<tomvolek> manual sir
<xnox> tomvolek, and if you are booting using BIOS one needs to create a grub-bios partition (not sure if that is done automatically, even in manual mode)
<tomvolek> on the ubuntu install screen, it allows you to reparition and I remove all previous partitions and recreate a root and a swap
<xnox> well, without ESP (UEFI) or grub-bios (BIOS) you will not be able to install grub, and will fail to boot.
<xnox> tomvolek, can you first try to use automatic partitioning to wipe and install? before playing with manual?
<tomvolek> xnox, i certainly did not create a seperate parition grup-bios ...   how much space should allocate tot that... I never had to do that on my other installs :)
<tomvolek> xnonx .. sure, how do i do that ?
<xnox> tomvolek, i know the details because that's what the backend code does. But i'm not sure if we actually show this in the UI or not. Cause it is fairly minor details, the grub-bios is very tiny, like a few kB after mbr
<tomvolek> xnox.. I am booting from a usb stick , ubuntu 16.04 ...  on an older HP DL 365 proliant ..
<xnox> tomvolek, reboot installer, hit enter, until done.
<xnox> tomvolek, at partitioning choose to "automatically partition the whole disk" or some such.
<xnox> tomvolek, when done boot and checkout what partitioning layout is created, start/alignment, etc.
<xnox> tomvolek, most likely first partitionin does not start at 0. And it's safer if one starts it at like 4MB to be honest.
<xnox> (if one is manually partitioning things)
<tomvolek> xnox,  installer will detect whatever partition its on the disk already and present it,  interesting it does not present me with option to partition automatically or manully,  it displays the error I mentioned above and forces me to go back and try to delete the partions it detects on disk and recreate ....hence i get into this loop :)
<xnox> ah
<xnox> even when you reboot the installer, right? (it can mess up its own state machine)
<tomvolek> its very intereting, i have installed lots of Ubunut , never seen this before
<xnox> tomvolek, can you drop to shell, and delete things manually? the drive might have odd things leftover which installer fails to clean maybe?
<xnox> like incomplete signatures of incomplete LVM groups, or parts of RAID, etc?
<tomvolek> I do a hard reboot,  recycle power on BIOS I set to boot from USB,  it detects USB, boots inot instller . i take option to install, it asks for my time zone and then comes into this parition issue and stops
<xnox> ctrl-alt-f4 should give you a terminal, or something
<xnox> hm, sad.
<tomvolek> xnox , ok i will try, I can go into a command line and start gparted ,, and remove all partitions, then reboot and come back into installer and see if this time i can do automatic partitioning ...
<tomvolek> too much of my time is getting waisted on this one lab server :)
<xnox> tomvolek, yeap.
<ahasenack> sgdisk -Z <device>?
<ahasenack> that erases it
<tomvolek> ok let me try ..tx for suggestion .. stand by :)
<xnox> if there is sgdisk available.....
<xnox> tomvolek, also why use 16.04? and not 18.04?
<xnox> the installer in 18.04 is well lit.
<tomvolek> not sure, i am using ubuntu 16.04 stock on the USB
<ahasenack> that is two years old
<xnox> 18.04 has less screens, asks less things, does the installer quicker, and can even import ssh keys from launchpad or github.
<tomvolek> xnox, reason is there is a bug in 18.04 with a graphich device driver :)  , so i have to install 16.04 and then upgrade to 18.04 ... thats another long story :)
<ahasenack> is this a desktop?
<tomvolek> yes sir
<xnox> oh
<xnox> tomvolek, given the channel, i assumed you are trying to install Ubuntu Server
<xnox> tomvolek, do you have internet? whilst you are in this broken state, could you please do $ ubuntu-bug ubiquity ?
<xnox> and open a bug report, that would give me all the right logs.
<xnox> tomvolek, and yeah sgdisk should work to unbreak you.
<xnox> tomvolek, i typically use $ wipefs --all /dev/disk/by-id/*
<tomvolek> xnox,  i wasnt sure where to post my question thats why i asked at the start. Let me try sgdisk and report back . thanks guys
<xnox> or use the disks app to format the drive.
<xnox> tomvolek, it's all good =)
<tomvolek> ok i back out of install and on the screen which says try Ubuntu , from here I should be able to get gparted or cmdtool started
<tomvolek> FYI: this host has Raid 1+0  , two 146 G drives ..
<xnox> hmmmm
<xnox> tomvolek, but what raid is it? hardware raid? intel matrix raid? does it need drivers?
<xnox> tomvolek, it's a bit odd installing desktop on a server =)
<xnox> tomvolek, i would go the other way around, of using server installer, and then installing desktop with $ apt install ubuntu-desktop
<tomvolek> xnonx  ok thats a great suggestion,
<xnox> let's just say desktop installer, might not be expecting raid devices =)
<tomvolek> ok it has gdisk ...
<tomvolek> could be ...
<xnox> if you can bring networking up; you can use $ apt update; apt install
<xnox> to get whatever you need.
<tomvolek> yes, I am conected to network .. dhcp ..
<tomvolek> what shoudl i say to gdisk options
<tomvolek> gdisk -Z /dev/sda
<tomvolek> interesting when I start gparted , it displays a message saying "The driver descriptor says teh physical block size is 2048 but Linux says its 512 bytes "
<xnox> and /dev/sda ... is that usb stick you are booted from?
<xnox> or the drive you are trying to install onto?
<xnox> i typically check $ ls -latr /dev/disk/by-id/*
<xnox> to make sure i know for sure who is who
<tomvolek> @xnox @ahasenack : reporting back,  I used gdisk , wiped out the hard drive, tried to reinstall, this time I selected LVM vs manually partitioning.  Install is going forward at the moment, seemed like this worked :)  thanks again for your suggestions.
<Glorfindel> hey all, ubuntu server 16.04 running on my vps, I'm having issues with some of my applications not running, complaining of no storage space left. I have 50gb and ncdu shows 16gb has been used. is there a limit to what percentage of storage can be used in the /home/ dir?
<Glorfindel> if I try to install anything it also complains of no storage space left... weird :/
<cryptodan_mobile> Run df -h
<tomreyn> and df -i
<cryptodan_mobile> Copy to dpaste.com share link
<RoyK> Glorfindel: check cat /proc/sys/fs/file-max and cat /proc/sys/fs/file-nr
<Glorfindel> cryptodan_mobile, tomreyn: here's each http://dpaste.com/0208Y7W
<RoyK> some applications open a *lot* of files and thus the max can be reached
<Glorfindel> RoyK: pretty new to linux, check them for what?
<tomreyn> inodes are full on /
<JanC> you might be out of inodes...
<tomreyn> sudo find / -xdev -printf '%h\n' | sort | uniq -c | sort -k 1 -n
<RoyK> better use xfs next time ;)
<Glorfindel> so basically I have too many folders?
<RoyK> folders are files
<Glorfindel> *dirs
<JanC> you can configure inodes when creating the FS
<RoyK> an inode points to a files or a folder and you have three millions of them
<JanC> the number of inodes
<RoyK> usually 3M files won't happen with such a small fs
<JanC> I don't think you can change it afterwards for ext3/ext4?
<RoyK> you can't
<tomreyn> you'd use the line i posted above to identify what consumes them mostly, then move those files to a new file system (optionally one with extra inodes)
<JanC> it might be email or something like that...
<Glorfindel> tomreyn: ahh, I see. I actually know what is using them up... the ls -R stream it generates almost lagged me out
<Glorfindel> it's the tileserver I installed
<JanC> ah, that seems a possibility too if it stores each tile in a separate file
<tomreyn> it should probably not be on /, and maybe be backed by a DB.
<JanC> a filesystem is a database too  :)
<tomreyn> if a file system then most likely a separate file system with different mount options and extra reserved space
<Glorfindel> ok, so if I understand this correctly; an inode is what stores the data about what files to show if a user is looking in a specific directory, right? and I ran out of those somehow?
<JanC> no
<RoyK> Glorfindel: what are you storing on this to get that amount of inodes?
<Glorfindel> RoyK: I am hosting a minetest server, and I installed a tileserver that reads the minetest database and generates a real-time map of the world
<Glorfindel> and it created a lot of directories to store tiles in I guess, not 100% on that
<RoyK> Glorfindel: ok - so millions of small files?
<Glorfindel> yeah
<JanC> inodes describe the file
<RoyK> (or dir)
<tomreyn> or other file system object
<JanC> multiple names in multiple directories can point to the same inode
<Glorfindel> so it's metadata?
<JanC> e.g. in case of hardlinks
<JanC> part of the metadata for a file, yes (not the filename)
<RoyK> Glorfindel: the "database" that holds filenames etc
<Glorfindel> be back in a few minutes
<JanC> inodes don't contain filenames
<JanC> directories contain filenames  :)
<RoyK> JanC: and directories are inodes, since they're basically files containing the names of the files inside them
<RoyK> well, inodes point to directories
<JanC> right, the latter
<RoyK> yes
<JanC> well, in theory on-disk "inodes" could contain filenames on some filesystems if they refer to a directory that contains only a small number of files where they store the file (directory) data in the inode record itself, I guess
<RoyK> doesn't matter much for Glorfindel - (s)he needs a new filesystem to make this work - I'd guess XFS would be better - no hard limits on the inodes
<sarnold> ouch running out of inodes on /
<JanC> either that or set the inode limit for ext* high enough
<sarnold> "this is a usenet server thanks"
<JanC> and probably best to store such data on a separate filesystem indeed
<RoyK> JanC: and preferably not on ext4 :Ã¾
<sarnold> doubleyes :) hehe
<JanC> well, you can set the limits on ext4 if you want
<JanC> but using XFS or such might be easier
<sarnold> these files have an average size of ~5k.. given how huge the binaries are going to be, I assume the actual data files are likely to be <4k..
<RoyK> dd if=/dev/zero of=somexfsfs.img bs=1M count=10k ; mkfs -t xfs â¦
<sarnold> lol
<sarnold> (seriously that's probably a good way out of this)
<JanC> not going to work if you have no inodes left  ;-)
<RoyK> that's why I wrote that ;)
<RoyK> JanC: well, you can probably release one inode for the image file
<RoyK> and another for the mount point
<sarnold> probably there's a useless kernel image.. :)
<JanC> and hopefully mkfs doesn't need temporary files  ;)
<JanC> or something like that
<RoyK> JanC: I doubt it - otherwise - just delete some old log files
<RoyK> it should be doable
<Glorfindel> I can release 3 million of them...
<Glorfindel> and regenerate the tileserver stuff after
<RoyK> then do so
<JanC> if you can, (re-)install the VPS with a separate filesystem for that stuff
<RoyK> Glorfindel: but you'll need a filesystem supporting a lot of more inodes for that than what you hve now
<RoyK> JanC: if the provider allows you to choose fsâ¦
<Glorfindel> JanC: at this point I'm going to make that the last solution, as I have quite a bit of data and no good place to migrate it to
<Glorfindel> well this is the longest I've seen rm take to delete anything
<RoyK> it'll take some time to remove 3M files
<sarnold> yeah rm isn't going to go quick :)
<JanC> well, if you can create a new VPS for a month or so and copy everything over...
<RoyK> but you can just background it and start creating an image file and putting xfs on it
<Glorfindel> RoyK: can you explain what that command you sent earlier will do?
<sarnold> (if it were ZFS, then you could delete the dataset, but that would also have required a different setup from the start, too. :)
<RoyK> Glorfindel: the dd command just creates an empty file, 10GB in size - the mkfs -t xfs, creates a filesystem
<JanC> well, booting from ZFS would be even more of a problem maybe
<RoyK> Glorfindel: after it's created, mount it somewhere, add it to /etc/fstab and it should be fine
<Glorfindel> ah, so it would be like a virtual disk?
<RoyK> Glorfindel: yes
<RoyK> JanC: I've used ZFS for almost a decade - not at home anymore, though - I prefer the flexibility of md ;)
<Glorfindel> JanC: also I don't think this vps provider gave me the option for what fs to use
<JanC> booting a linux VPS from ZFS, I mean
<JanC> Glorfindel: you can't install a custom OS on it?
<RoyK> JanC: I doubt most VPS providers support ZFS on the guest
<JanC> well, it's Ubuntu, so ZFS support is included
<sarnold> yeah pretend I didn't mention zfs.. it was just an aside that *some* filesystems offer way faster ways to remove three million files than rm :)
<Glorfindel> JanC: it offers ubuntu 16.04 or windows server (forget what year) for an additional fee
<JanC> the problem is more the booting, depending on the type of VPS this is
<Glorfindel> may have been other distros too, I don't remember
<Glorfindel> I'll check
<RoyK> Glorfindel: just create that big, empty file and place a filesystem on it
<JanC> my VPS provider allows me to install my own OS if I prefer (they won't give support on how to do that though)
<Glorfindel> I was misremembering, you can install other disrtos via iso
<RoyK> never mind zfs - it's not what you need here
<Glorfindel> RoyK: "dd if=/dev/zero of=somexfsfs.img bs=1M count=10k ; mkfs -t xfs"?
<RoyK> # dd if=/dev/zero of=somexfsfs.img bs=1M count=10k
<RoyK> yes - just put that img file under /var/something
<RoyK> somewhere it may belong
<RoyK> perhaps /var/lofs
<RoyK> or whatever
<Glorfindel> any reason to not put it in ~/ ? I only ask because it's easier for me to remember the path if I keep everything in /home
<RoyK> then mkfs -t xfs /path/to/that/file
<Glorfindel> s/put it in/mount it in/
<RoyK> place it where you like, but filesystems don't really belong in /home
<JanC> using an image file might have a small impact on FS speed though...
<Glorfindel> ok
<RoyK> JanC: it will, but it'll work
<RoyK> Glorfindel: if you can get a new vdisk for the VPS, it'll probably be best
<JanC> well, depending on how important FS speed is (maybe not if this is just for some personal test setup)
<Glorfindel> RoyK: I just added an additional 20gb of ssd storage as "block storage" from 1and1
<Glorfindel> I'll check and see where it got put
<JanC> ah, 1and1
<RoyK> Glorfindel: lsblk?
<Glorfindel> rm is still going at it lol
<Glorfindel> RoyK: sdb
<Glorfindel> that was easy, thanks
<RoyK> well, put xfs on it
<JanC> Glorfindel: that also depends on how directories are structured  :)
<Glorfindel> so mkfs -t /dev/sdb ?
<RoyK> mkfs -t xfs /dev/sdb # or perhaps put lvm on it first - just in case
<Glorfindel> how do I put lvm on it and what is the purpose?
<RoyK> !lvm
<ubottu> Tips and tricks for RAID and LVM can be found on https://help.ubuntu.com/community/Installation/SoftwareRAID and http://www.tldp.org/HOWTO/LVM-HOWTO - For software RAID, see https://help.ubuntu.com/community/FakeRaidHowto
<Glorfindel> thanks
<sarnold> bah are those links actually usfeul here?
<JanC> I wonder if/how filesystems optimize stuff like removing all files from a directory...
<RoyK> Glorfindel: lvm is a nice abstraction layer on top of a 'physical' device  - just vgcreate myvolumegroup /dev/sdX ; lvcreate -l 100%FREE -n myvolume myvolumegroup
<RoyK> JanC: xfs does it quite quickly - ext4 doesn't
<JanC> you'd need something like temporarily disabling index updates which some databases support
<RoyK> zfs has a massive backlog so it seems to do it quickly, but yet, it takes some time
<JanC> right, it would say ready, and then start doing the work  ;)
<JanC> (well it would record the fact that it will do that first)
<JanC> still doesn't seem easy though, as the application uses a syscall for each file, I assume?
<JanC> unless there is a syscall to delete a whole tree?
<RoyK> JanC: the way ext4 works, you'll need a systemcall or five for each file, yes
<RoyK> I doubt such a systemcall exists
<RoyK> perhaps in zfs - certainly not in ext4
<JanC> it's useless if rm doesn't use it anyway
<JanC> it seems like something that would be useful in some cases...
<Glorfindel> oh hey it finished
<Glorfindel> now maybe I can tab-complete
<RoyK> :)
<Glorfindel> ok, so should I put lvm on it? do the benefits outweigh the complexity?
<RoyK> Glorfindel: did you stop the process holding those files open?
<Glorfindel> no, but it crashed when it ran out of inodes
<Glorfindel> yesterday
<RoyK> I'd say put lvm on it
<RoyK> but that's up to debate, I guess
<JanC> can you resize that block storage without losing data?
<Glorfindel> JanC: I just added it half an hour ago, there isn't any data on it yet
<JanC> it might already be using something like lvm on the supervisor level
<JanC> Glorfindel: I mean, if you ever want to in the future
<RoyK> the only issue with xfs AFAIK is that it can't be shrunk
<RoyK> but then - who shrinks a filesystem?
<Glorfindel> ohhh.. no, I don't think so. when I look at the level I'm at in regards to resources they don't allow downsizing plans due to storage size changing
<JanC> well, that might be because they can't guarantee your filesystem can downsize  ;)
<RoyK> Glorfindel: anyway - try 'vgcreate somevolumenme /dev/sdb'
<Glorfindel> seems lvm is installed, but the command didn't work as I didn't sudo
<JanC> but if they down allow upsizing either, lvm would allow you to increase the filesystem over 2 (or more) such "block storage" devices
<JanC> *if they don't allow*
<RoyK> JanC: or PVs
<JanC> the "block storage" they provide to the VPS would be the PVs, of course
<JanC> not sure they provide _real_ _physical_ volumes
<RoyK> probably some hierarchical storage
<RoyK> keep the old data on spinning rust and sell it all as 'ALL SSD'
<sarnold> :)
<JanC> might be storage on some SAN too
<RoyK> you don't get hierarchical storage on anything but on a SAN
<RoyK> there have been some OSS projects, but I don't think any has landed yet
<JanC> oh yes you do; you can buy SSHDs everywhere  ;)
<RoyK> not quite the same ;)
#ubuntu-server 2018-10-30
<Glorfindel> alright, so now I just change sdb to xfs using the command above, move the tileserver to it and I should be golden, right?
<JanC> it works the same, just on a different level/size
<RoyK> Glorfindel: have you just created a VG or have you also created an LV and put a filesystem on it?
<Glorfindel> ehhhhh what
<JanC> this reminds me about the CERN data storage where the fast layer is (was?) spinning rust and the slow layer was tape robots...
<RoyK> Glorfindel: pastebin the commands you used
<RoyK> !pastebin
<ubottu> For posting multi-line texts into the channel, please use https://paste.ubuntu.com | To post !screenshots use https://imgur.com/ !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<Glorfindel> I created the .img like you said, but haven't changed it to xfs yet or mounted it. then I mentioned that I added block storage and I'm assuming I can change the fs on that to xfs and run the tileserver from it, leaving the rest of the system intact?
<RoyK> Glorfindel: you don't need that img file now - you have sdb
<JanC> yeah, if you mount that filesystem on the block storage in the right place
<JanC> you want the tiles to end up on that  :)
<JanC> or maybe point the tile server to the right place, dunno what's easier
<Glorfindel> right, ok. so now I still need to set the filesystem to xfs, and move the data for tileserver over to it?
<JanC> how do you get the data for the tile server?
<RoyK> rsync?
<Glorfindel> I run java -jar ./tileserver/tileserver.jar
<Glorfindel> tileserver.jar and the config files I got from github
<Glorfindel> I was planning on cp-ing them over
<RoyK> Glorfindel: anyway - just start off with 'vgcreate myfineandgloriousvolumegroup /dev/sdb' and then 'lvcreate -n mynewlogicalvolume -l 100%FREE myfineandgloriousvolumegroup' and then mkfs -t xfs /dev/myfineandgloriousvolumegroup/mynewlogicalvolume
<RoyK> then mount it
<RoyK> Glorfindel: and use rsync -avPHAX instead of cp
<Glorfindel> is it ok if I change the name of my volume group? :P
<RoyK> obviously
<RoyK> :)
<RoyK> and the name of the LV, of course
<Glorfindel> mount: can't find /dev/sdb in /etc/fstab
<Glorfindel> running "mount /dev/sdb"
<Glorfindel> https://paste.ubuntu.com/p/Q2vV3wpQQ6/
<Glorfindel> ignore everything after the "ls /dev/" line
<RoyK> well, obviously you'll need to run those lvm and mount commands as root
<RoyK> and you'll need to mkfs -t ext4 /dev/minetestvg/tileserver and that's the one to mount - not sdb
<RoyK> also - to have it mounted automatically, add it to /etc/fstab
<Glorfindel> didn't I want to create xfs though?
<Glorfindel> or is ext4 part of xfs
<RoyK> two separate things
<Glorfindel> ok
<RoyK> there's no mkfs.xfs or mkfs -t xfs in that pastebin, and you're trying to mount the pv, not the lv
<sarnold> RoyK: wait why ext4 here?
<RoyK> sarnold: sorry - my fault
<RoyK> Glorfindel: no - don't put ext4 on that - put xfs on it - typo
<RoyK> tiredtypo
<Glorfindel> too late. rerun it with xfs?
<RoyK> yep
<RoyK> it'll tell you there's an fs there
<Glorfindel> mkfs: failed to execute mkfs.xfs: No such file or directory
<RoyK> apt install xfsprogs
<Glorfindel> https://paste.ubuntu.com/p/Z2PGJTqP35/
<Glorfindel> am I supposed to put -f all alone?
<Glorfindel> rather than with the -t
<sarnold> -ft xfs would probably work
<RoyK> no -f
<sarnold> if not, then indeed -f -t xfs
<RoyK> sarnold++
<RoyK> -t takes an argument
<RoyK> -f does not so it has to come first
<Glorfindel> invalid option 'f'
<Glorfindel> idgi
<RoyK> pastebin that command
<Glorfindel> on it
<Glorfindel> https://paste.ubuntu.com/p/g8CqG7VTm5/
<RoyK> erm - move -f to the back or just run mkfs.xfs directly
<RoyK> mkfs -t xfs is an alias for mkfs.xfs
<sarnold> ow. I sure didn't expect *that* mess..
<Glorfindel> mkfs.xfs -f /dev/restof/path worked
<RoyK> sarnold: well, you get what you pay for and it's free ;)
<sarnold> RoyK :D
<Glorfindel> ok, so attempting to mount it, still complains of not being able to find it in /etc/fstab
<RoyK> mount /dev/bla/bla /somewhere
<Glorfindel> ooh I get it
<RoyK> then - when it works - add it to /etc/fstab
<Glorfindel> ok, I'll see if I can figure out this stuff myself, seems simple enough
<RoyK> after adding it there, umount /somewhere and try 'mount -a'
<RoyK> it should work
<Glorfindel> worked
<RoyK> :)
<Glorfindel> it seems I need sudo to modify it though, how do I fix that?
<RoyK> fix what?
<RoyK> you need sudo to do system things
<Glorfindel> needing sudo to add a directory
<Glorfindel> so I'm assuming I'll need to run the .jar as sudo also
<RoyK> depends on where
<RoyK> !chmod
<ubottu> An explanation of what file permissions are and how they can be manipulated can be found at https://help.ubuntu.com/community/FilePermissions
<RoyK> !chown
<Glorfindel> oh, right. I'll investigate chown then. thanks :D
<Glorfindel> RoyK: everything seems to be working perfectly, many thanks for walking me through all that!
<sarnold> nice :)
<Glorfindel> once I open the port I'll share a link to what I was running
<RoyK> Glorfindel: good :)
<Glorfindel> eh, I need to mess around with this a bit more before it runs I guess. oh well. Thank you all and have a good night :)
<Glorfindel> but here's it running on someone elses map https://pandorabox.io/map/#-1693/-58/8
<sarnold> that's cool
<TJ-> 18.04 (server) has an /etc/sysctl.d/xxxx that contains "net.ipv4.ip_forward=1" but it isn't being set ("systemctl status systemd-sysctl") shows the service ran. How to debug? "/lib/systemd/systemd-sysctl --prefix=net.ipv4.ip_forward" wants to set it correctly
<Kazaaak> Hello, i faced with problem i was run ZNC but when i try connect to ZNC i got error (connection refused), what can be problem? P.S. znc online.
<frickler> coreycb: jamespage: can you please remind me of the URL for the version check matrix for UCA packages? somehow this has dropped from my list of bookmarks
<ahasenack> good morning
<coreycb> frickler: https://wiki.ubuntu.com/OpenStack/VersionTracking
<frickler> coreycb: perfect, thank you
<tomreyn> Kazaaak: sounds like znc is no longer running or no longer reachable on the ip:port it binds to from where you are trying to connect from.
<Kazaaak> znc true that running because i see nick is online, by /whois and i try connect via mIRC by command /server ... and i not sure or at server are firewall maybe you can tel what command at terminal i can open ZNC port?
<tomreyn> Kazaaak: just running znc should make it bind to a port which you can then connect to. if this doesn't work, check your firewall configuration, try to connect with  nc -v  from the same server and from remote to see whether the TCP connection can be established.
<chillage> Good time,
<chillage> I'm here too help Kazaaak get help..
<chillage> so we problem is that we can't connect to znc via mIRC, i think we need open port at ubuntu terminal window, so who can tell what command line can open port if port is 1234
<ahasenack> I have an old sysv initscript (squid on xenial) that has a restart) action, and does some checks there
<chillage> ?
<ahasenack> xenial uses systemd, though, so that is "converted" into a service
<ahasenack> but it looks like systemd has no specific restart action and always interprets that as stop + start
<ahasenack> which means the code in the restart() function of the sysv script is not executed. It looks like systemd just calls the sysv script with stop and then tsart
<ahasenack> is that interpretation correct?
<ahasenack> (my interpretation)
<ahasenack> cpaelzer: do you know? ^
<ahasenack> looks like it's a known issue: https://github.com/systemd/systemd/issues/2175
<cpaelzer> ahasenack: yes afaik it is as you describe
<ahasenack> ok
<kstenerud_> Has ubuntu changed how initd scripts are generated from the debian dir between xenial and bionic? I'm looking at debian/sssd-common.sssd.init.in and I can't find the file anywhere in xenial, even though it was introduced in 2010
<ahasenack> check d/changelog for mentions, and also d/rules to see how it is and was installed before
<kstenerud_> bionic has the file exactly in /etc/init.d/sssd, and xenial has something vaguely similar in /etc/init/sssd.conf, but it's not the same file
<ahasenack> it might have been converted to systemd
<ahasenack> or upstart
<ahasenack>  /etc/init/ is an upstart config directory
<kstenerud_> ok
<ahasenack> you know, you can never have enough init systems
<kstenerud_> so if I wanted to backport pidfile handling stuff, I'd need to redo it according to upstart conventions?
<ahasenack> looks like it
<Kazaaak> tomreyn, thank you that you try help, but i dont know how to check firewall with nc -v, i need try write at terminal at same server where running znc this command: nc -v <server_ip>:<znc_port>? Then from another server terminal same command?
<gunix> is there any official documentation and best practice for using network namespaces on ubuntu 18.04? does netplan support network namespaces?
<kierank> Is it possible to do uefi, preseed and software raid 1 with 14.04?
<RoyK> kierank: never tried with preseed - but then - why 14.04? it's soon out of support
<kierank> just to match some existing configurations
<nacc> kierank: preseed is certainly supported in 14.04.
<kierank> yes we do preseed and software 1 raid one with legacy bios
<kierank> but not uefi
<nacc> kierank: but as RoyK said, all of those existing configs are going eol in ~1 year
<nacc> kierank: oh i see what you are asking now, sorry
<RoyK> nacc: or ~7 months :Ã¾
<nacc> RoyK: rounding up ;)
<RoyK> kierank: if it's not too complex stuff you're working with, an upgrade should be trivial
<kierank> yes we plan to update soon but we need to match some existing configurations in a closed environment
<sarnold> trusty is likely to get an ESM service too; if you need to keep running it beyond EOL, have a conversation with an ubuntu advantage support person about your needs
<kierank> sure
<nacc> sarnold: announced a little over a month ago: https://blog.ubuntu.com/2018/09/19/extended-security-maintenance-ubuntu-14-04-trusty-tahr
<sarnold> nacc: oh :) nice
<sarnold> nacc: thanks
<sdeziel> I can't find how long is ESM in that page
<sdeziel> seem like the #1 selling point for it :)
<nacc> sarnold: np; tbh, I wasn't sure it was announced or not, but I thought it was, so I was checking for my own edification
<sarnold> that was a sprint week for me, I'm not at all surprised it didn't make an impression on me :)
<nacc> heh
<Kazaaak> How to check or at server are firewal?
<nacc> Kazaaak: Not sure I parse that, you want to check if there is a firewall on a server?
<sdeziel> "iptables-save; ip6tables-save" should tell you what's loaded in terms of ruleset
<Kazaaak> nacc, yes, i want to know or firewall blocks one port, because i was run ZNC and i can't connect via mIRC. Can you help me?
<RoyK> Kazaaak: as sdeziel said, check with iptables and ip6tables, either those save commands above, or iptables -vnL and ip6tables -vnL
<sdeziel> has anyone used keepalived+conntrackd+radvd (or different combo) to setup HA firewalls? I'm looking for some advises to address a problem during failovers
<RoyK> sdeziel: not with firewalls, but with a postgresql install - should be about the same, except some TCP sessions will be lost
<RoyK> didn't use conntrackd, though
<sdeziel> RoyK: interesting, since mine are firewall, they only see TCP sessions cross them and conntrackd makes the state sync between the 2 nodes
<RoyK> didn't know that could be clustered
<sdeziel> RoyK: yeah, works very well
<RoyK> what issues are you getting?
<sdeziel> I see "bogus" RA being sent to clients
<sdeziel> I have keepalived setup to use fe80::1 as VIP and that's what clients initially pick up as their default gw
<RoyK> all IPv6 or mixed?
<sdeziel> dual-stack but v4 works flawlessly
<sdeziel> when I restart keepalived it moves the master role and along with it radvd
<RoyK> ok - perhaps file a bug, then - maybe someone hasn't really worked too hard on the ipv6 support
<Kazaaak> Good, RoyK, i wanna check only IPv4 so i can enter command to terminal window: iptables -vnL ,and what i need sea then?
<sdeziel> but doing so result in the clients picking up the link local IP of the new firewall as another gw so they have 2 gw and they load balance between both which I don't want
<sdeziel> RoyK: I'm sure I'm the one at fault here ;)
<tomvolek> whats a good package for sharing one monitor with multiple servers? Is synergy still the only solution ?
<sarnold> hardware kvm boxes are popular
<sarnold> dunno if they are *good* but they're popular
<tomvolek> sarnold: true, but i used to use Synergy, network based app, no hardware need, and it did what I wanted to do.. trying to reduce number of devices around me :)
<sarnold> normally when you have to use a monitor something has gone wrong.. it's nice to have the simplest possible tools at that moment ;)
<tomvolek> indeed
<mason> tomvolek: My favourite answer is a network-accessible hardware power/kvm switch. Retrofits to existing boxes and makes them act like enterprise server hardware.
<tomvolek> @mason any brand/model in mind ?
<mason> tomvolek: I'm trying to remember what I used to use, but failing that I'll find one of the same class.
<tomvolek> tx, will google it
<mason> tomvolek: It's possible the vendor I used is gone now - it was much of a decade ago. Something vaguely like this: https://www.startech.com/Server-Management/KVM-Switches/4-Port-USB-VGA-IP-KVM-Switch-with-Virtual-Media~SV441DUSBI
<mason> The ones I deployed last did both KVM and power.
<Kazaaak> I think i need just try open port and be see or it's helps or not, can anyone tell what command i can open port: 1235 on Ubuntu 18.10 ?
<sarnold> Kazaaak: the commands to use to open it depend upon the commands you used to close it in the first place..
<sdeziel> Kazaaak: could you pastebin the iptables-save output as well as "ss -nlt"?
<mason> tomvolek: I'm going to give up as I'm finding neither email where I talked about it nor the actual product, and I'm not remembering the brand, but it was something like https://www.startech.com/support/SV1108IPPOW , only with more ports.
<tomvolek> @mason  thanks my friend, dont worry, i will find something,  much appreciate it
<mason> tomvolek: Sure. Enjoy.
<Kazaaak> sarnold, i don't close the port, i just install ZNC and i can't connect, i think at my server is on firewall... I don't know:/
<Kazaaak> sdeziel, afcourse i can give you output at pastebin, jus tell me exactly what i need enter input command?
<hggdh> jamespage: ping re the LP team ubuntu-server-iso-dev
<sdeziel> Kazaaak: ( iptables-save; echo; ss -nlt ) | pastebinit
<jamespage> hggdh: wow does that still exist?
 * jamespage waves at hggdh
<hggdh> jamespage: hi, long time :-)
<jamespage> hggdh: indeed
<hggdh> jamespage: yes, it is still there, and there are 4 or five pending joins. Looking at it, and the ML, it seems mostly dead
<hggdh> jamespage: should we go ahead and simply bury it?
<jamespage> hggdh: +1 I think it got superceeded a while back
<hggdh> jamespage: what is the replacement (so that I can let these applicants know)
<jamespage> that is a very good question
<hggdh> heh
<hggdh> I will go ahead and announce the funeral, and refuse the applicants; then I will find out how we can kill it, effectively
<Kazaaak> Ok lets try, sdeziel, little bit wait.
<jamespage> hggdh: I think this replaced it but it may have since had a similar funeral - https://utah.readthedocs.io/en/latest/index.html
<hggdh> yeah
<hggdh> jamespage: renewall is set to "ask" instead of auto-renewal. I set a note in the home page stating this team is no longer active, and declined the pending candidates (most requested around 2013)
<Kazaaak> sdeziel, https://www.irccloud.com/pastebin/afeqOwDm/
<sdeziel> Kazaaak: is that a Ubuntu server machine? (also, please avoid pastebin services requiring javascript)
<Kazaaak> sdeziel, yes Ubuntu 18.10 VNC
<sarnold> an ubuntu machine without iptables or iproute2? o_O very curious
<mason> A box without hinges, key, or lid, yet golden data inside is hid.
<sarnold> my precious!
<sdeziel> Kazaaak: you don't seem to have a firewall configured
<sdeziel> and yeah, no iproute2 is weird
<sdeziel> but I haven't encounter that many cosmic machines
<Kazaaak> sdeziel, yes stranger. My admins rent me server from appboxes.com.. I can't connect to ZNC port what i run.
<teward> is there a subiquity bug for "Use FUll Disk and set up LVM" where it doesn't take more than 4GB of space for the LVM?
<ahasenack> teward: yes
<teward> what bug number is it?
<teward> so I can subscribe and track
<ahasenack> teward: https://bugs.launchpad.net/subiquity/+bug/1785321
<ubottu> Launchpad bug 1785321 in subiquity "LVM Entire Disk option does not use entire disk" [Undecided,New]
<teward> ahasenack: sounds to me like we need to make some changes to subiquity then to 'ask' how much of the LVM to utilize.  because 4GB is... real small.
<teward> was this 'change' documented in the release notes?
<teward> or did I miss that too?
<ahasenack> I heard arguments that it was correct behavior, in the sense that the VG is using the whole disk, and the LV is easily resizeable
<ahasenack> but I also think it's a bug
<teward> i'm on the fence.
<ahasenack> teward: it's a bug, not a "change", so no release notes entry
<ahasenack> if you use ext4 for /, you can even resize it without booting into rescue mode
<ahasenack> or so I heard
<teward> ahasenack: yeah, i'm thinking if we do anything that isn't 'the whole VG' for the LV, then we should be doing 50% of the LV.  LVM was kind of the 'thing' this became, and since it's a VM it's possible I'll expand this over multiple virtual harddrives within VMware spanning multiple datastores if this gets large.
<teward> but that's just me :P
<teward> *goes back to fixing things now that he's expanded the LV to fill up the VG*
<ahasenack> reducing the LV after installation is more annoying
<ahasenack> but 4Gb by default is unexpected, that will easily be filled
<teward> well, then at least something larger than 4GB
<teward> 10GB even is better than 4
<ahasenack> yep
<ahasenack> chime in over there :)
<teward> can't from my phone but will later when I get home probably.
<ahasenack> hehe
<ahasenack> understood
#ubuntu-server 2018-10-31
<Glorfindel> uhhhhhhhhhhhhghghghg. so. I created a  xfs filesystem because I ran out of inodes on ext4, but I've also filled the inodes on this xfs disk. is there any other filesystem I could use that has more inodes?
<sarnold> woah, really?? I didn't realize that was possible with xfs. I thought it was dynamic. heh.
<Glorfindel> wait.... ncdu only reported 16gb used, but df -h shows I used all 20gb?
<Glorfindel> maybe I didn't run out inodes, that would be good
<sarnold> that makes more sense to me :)
<Glorfindel> at the same time though, over 20gb of data to create a tileserver for a map that's kept in a ~200mb database seems a tad excessive
<Glorfindel> 7.9 million inodes.... yeah I'm submitting a bug that's ridiculous
<sarnold> I suspect that means whoever made the database design really understood the principles of data normalization! :D
<Glorfindel> lol
<RoyK> and whoever wrote that software, didn't understand that millions of files is generally a bad ideaâ¦
<RoyK> Glorfindel: keep in mind that metadata also takes up space
<sarnold> Filesystem                       Inodes    IUsed       IFree IUse% Mounted on
<sarnold> srv                         12875952530       10 12875952520    1% /srv
<sarnold> oh. don't mind me. I can't read.
<RoyK> 12 billion - should be enough for everyone (tm)
<sarnold> :)
<Glorfindel> one would think :o
<sarnold> 62 million files on that thing, give or take.
<sarnold> suddenly 8 million for a mineserver map server seems pretty silly
<RoyK> or someone aught to think that 8 million files in a directory (or tree) just means "you nee to use a database!"
<RoyK> *need*
<Glorfindel> sarnold: wow
<sarnold> Glorfindel: my ubuntu mirror is ~800k inodes.. the unpacked sources are way bigger :)
<Glorfindel> heh, makes sense
<keithzg[m]> Huh, I wonder why multiple VMs of mine (three so far) are running into kernel panics on boot with the latest kernel :/
<sarnold> :(
<RoyK> keithzg[m]: which kernel is that?
<keithzg[m]> Specifically, I'm seeing `Kernel panic - not syncing: VFS: Unable to moutn root fs on unknown-block(0,0)`. Kernel is "4.15.0-38-generic #41-Ubuntu SMP Wed Oct 10 10:58:23 UTC 2018 i686 athlon i686 GNU/Linux"
<mason> keithzg[m]: Ah, sounds like your initramfs files didn't build...?
<mason> keithzg[m]: Can you boot into older kernels and rebuild your initramfses?
<RoyK> update-initramfs -a
<RoyK> perhaps
<keithzg[m]> mason: Yeah that's what I thought, although `sudo update-initramfs -u -k 4.15.0-38-generic` did not fix it.
<keithzg[m]> RoyK: "Illegal option -a"
<mason> -c -k all, isn't it?
<mason> I confuse platforms sometimes.
<mason> Yeah, try update-initramfs -c -k all
<keithzg[m]> Shall do...
<RoyK> keithzg[m]: out of curiousity - what sort of virtualisation?
<keithzg[m]> I wonder if this all has to do with grub2, I got the "GRUB upgrade scripts have detected a GRUB Legacy setup in /boot/grub" message last week and accepted chainloading, intending on actually checking things sometime this week. All the VMs in question are quite old ones I inherited from my predecessor, they started out on at least 10.04!
<keithzg[m]> RoyK: KVM
<RoyK> ok
<RoyK> 10.04 is a wee bit old ;)
<keithzg[m]> Yup they've had long lifespans, gone to 12.04 then 14.04 then 16.04 and recently finally 18.04 and a move to an entirely different machine a few months back!
<keithzg[m]> Alas, `update-initramfs -c -k all` did nothing, the VM I tried still kernel panics.
<mason> keithzg[m]: Hrm. I'd want to rip apart the initramfs at this point. Unsure what else to do.
<keithzg[m]> Very oddly, the VM I first noticed this on earlier today worked fine after I rebooted into the prior kernel, applied pending updates, and rebooted again. It's also one of the old VMs.
<mason> keithzg[m]: Make sure your /boot isn't out of space, although I'd think you'd see an error message to that effect when building.
<mason> keithzg[m]: Another less-intense thing might be to delete the new kernel and reinstall, and capture the session in script(1) for further debugging.
<RoyK> if it's out of space, remove old kernels - you may have to truncate some of the files to remove before running apt remove/purge, since apt uses some disk space just to remove things
<RoyK> don't remove them manually - apt will be upset
<RoyK> just run something like
<RoyK> > /boot/somekernel
<RoyK> to truncate it
<keithzg[m]> mason: Yeah, these VMs don't even actually have a separate /boot partition, and / has plenty of space. Funny enough, the VM that recovered *had* run out of space, and I had initially thought that was a problem. Maybe in fact it was a problem on *that* VM and the same panic message is actually from a different underlying cause on the other VMs, although that seems like a *huge* coincidence if so.
<mason> keithzg[m]: The initramfs having issues or being invalid is the most common cause of that error message. Kernel tries to load it and fails.
<mason> keithzg[m]: Might be worth update-grub as well, with a spelunk into the grub config files to make sure it's specifying the right files.
<keithzg[m]> mason: yeah already tried `update-grub`.
<keithzg[m]> Oho, I fixed it on one of the VMs at least; under the presumption that there's some sort of reason why last week that I was still on grub-legacy was flagged during the `apt upgrade` I ran on 'em all, I tried running the suggested `upgrade-from-grub-legacy` and then rebooted. Et voila!
<keithzg[m]> Thank goodness for virtualization, if I hadn't been able to take a quick snapshot before hand it might have been quite a while before I worked up the courage to try that ;)
<mason> Ah, good.
<keithzg[m]> Other failing VMs seem to have been fixed by the same approach. Other than "dpkg-maintscript-helper: error: environment variable DPKG_MAINTSCRIPT_NAME is required" as the last output line, `update-from-grub-legacy` seems to have worked fine and resolved this. Phew!
<n00bee> I upgraded a VPS from 16.04 to 18.04 and now there is no network. The VPS lets me log in via a web console but I can't even ping out from the server. How to troubleshoot?
<n00bee> The outputs for some of the commands are here: https://imgur.com/a/cmqGEfE (sorry it's an image rather than text paste but the webconsole doesn't allow text copy)
<nacc> n00bee: try `sudo systemctl status networking` and if it's off, try `sudo systemctl start networking` ?
<nacc> n00bee: your interface has no IP address
<n00bee> nacc: It's probably worse. It says Unit networking.service not found
<n00bee> *could not be found
<nacc> i might have the wrong service
<nacc> n00bee: try `sudo ifup eth0` ?
<n00bee> nacc: sudo  systemctl restart NetworkManager.service ... also not found
<n00bee> nacc: ifup command not found
<nacc> n00bee: you're not on a desktop, so no NM
<nacc> n00bee: ah it would appear that ifupdown maybe got purged
<nacc> n00bee: you have two options, i think, follow what is written here: https://wiki.ubuntu.com/BionicBeaver/ReleaseNotes#New_since_16.04_LTS
<nacc> n00bee: apt-cache policy ifupdown?
<n00bee> nacc: apt-cache policy ifupdown suggests it may be installed
<n00bee> wait..sorry..no
<n00bee> installed: (none)
<nacc> systemctl status systemd-networkd
<n00bee> candidate: 0.8.17ubuntu1.1
<nacc> may give you some debugging output
<nacc> yeah, so if you want to keep using /e/n/i you need to have that installed, read the release notes above
<n00bee> nacc: Sorry, what does /e/n/i mean?
<nacc> n00bee: /etc/network/interfaces (which is what ifupown parses)
<nacc> n00bee: sorry, gotta step away, read those docs
<n00bee> nacc: ok. thanks
<n00bee> nacc: So I read the docs and they specify the 18.04 counterparts to 16.04 commands and services. Using that I was able to start systemd-networkd and do the equivalent of ifup eth0. But still no network.
<d-rock> When you say "no network", what do you mean?
<d-rock> Does ifconfig show eth0 up and running?
<n00bee> d-rock: I upgraded from 16.04 to 18.04 today and now have not network. Can't SSH in or ping out.
<d-rock> OK, but "ifconfig eth0" shows that the interface is UP and RUNNING, and shows tx/rx activity?
<n00bee> d-rock: The web console doesn't allow copy paste. Let me take a screenshot of the output of ifconfig eth0
<genewitch> looking for a package (or whatever) that is like pfsense, a web frontend for NAT/router/gateway/firewall.. the simpler the better. I literally just need NAT/dhcpd and i will be running pihole for DNS
<d-rock> I'm on a terminal, so I can't view graphics :)
<n00bee> d-rock: :) so it says flags=4098 broadcast, multicast
<d-rock> That's not up
<n00bee> d-rock but it doesn't say anythign that indicates up or running. All packets RX, TX are 0
<genewitch> also, i have eth1, but it's not getting a static IP, i have /etc/network/interfaces.d/eth1 populated
<d-rock> For reference, my interface: enp5s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
<d-rock> First, let's see if we can manually configure it
<d-rock> Unless you've already verified that
<genewitch> http://projectftm.com/#pAGR1e0AkCvAlV8xVaYeAA this is the eth1 file
<n00bee> d-rock: OK wait. It is up now. I ran sudo ip link set eth0 up
<n00bee> after that ifconfig eth0 shows up, broadcast, running, multicast
<d-rock> OK, does it have an IP set?
<d-rock> I suspect you'll need to re-ifup
<d-rock> I can't remember the networkd command off the top of my head
<n00bee> d-rock I don't know if it has an IP set. ifconfig does have a line for inet6 but ipv6 is not enabled for the server i think
<d-rock> inet6 will always be set. At the very least, it gets the link-local address
<d-rock> Do you see a line for just plain "inet"?
<JanC> RoyK: a filesystem *is* a database
<n00bee> d-rock: No line for inet
 * JanC doesn't understand why people don't understand that
<d-rock> OK, can you re-run the networkd command?
<n00bee> d-rock: you mean sudo systemctl restart systemd-networkd
<d-rock> That'll do it
<d-rock> There's another, more surgical command, but I can't remember it
<n00bee> d-rock: That didn't do anything :(
<n00bee> It didn't throw any errors but I still can't ping out. And ifconfig eth0 still doesn't show an inet
<d-rock> Then let's just try to bring this up manually
<d-rock> ip addr add <ip/mask> dev eth0
<buddhirt> some query if anyone knows? i have installed isc-dhcp-server in 18.04. Seems like in 18.04 interface is not auto-up without connecting network cable to client machine, so dhcp server cannot listen to defined interface. Any solution
<n00bee> d-rock: I have the static IP address. and in /etc/network/interfaces the netmast is 255.255.255.0. So you're saying the sommand is ip addr add 192.241.x.x/255.255.255.0 ?
<genewitch> are you freaking kidding me
<genewitch> network configuguration is done through YAML?
<genewitch> come on, guys, seriously
<genewitch> ubuntu drives me batty
<d-rock> genewitch: I kinda had the same reaction when I saw netplan
<d-rock> n00bee: ip addr add 192.241.x.x/24 dev eth0
<n00bee> d-rock: Thanks!
<d-rock> 255.255.255.0 is a 24 bit mask
<n00bee> d-rock: OK so now I see that in ifconfig eth0. Now restart systemd-networkd ?
<d-rock> No, let's hold off
<d-rock> Can you ping your gateway now?
<JanC> you don't have to use netplan
<n00bee> d-rock: Web console hung
<d-rock> n00bee: when you set the ip address?
<n00bee> d-rock: yay! i can ping the gateway
<d-rock> Huzzah!
<d-rock> ip route add 0/0 via <gateway>
<n00bee> d-rock : done
<d-rock> Should be able to ping, say, 8.8.8.8
<n00bee> YES!!
<JanC> and netplan makes lots of sense when you have to do cloud configurations
<d-rock> Should be able to reach it from outside, as well
<n00bee> d-rock: yes, it's back online and accessible from the outside as well
<n00bee> d-rock: are these changes going to stick after a reboot?
<d-rock> They will not
<d-rock> But, it does confirm that this is an issue with networkd and/or netplan, not the NIC or network itself
<n00bee> d-rock: hmm...so what should i do
<JanC> or with the netplan configuration ;)
<d-rock> Sure, it could be the config
<d-rock> To be honest, I'm fighting my own battle with 18.04 networking. I ended up just writing a shell script to init things the way I wanted
<JanC> there is a #netplan channel to discuss that BTW
<n00bee> d-rock: I could probably just move stuff out of this server and set up a new one from scratch
<d-rock> I hesitate to project my own experience, but that might be simpler :P
<genewitch> so is there a simple answer? webgui for all the firewall-y stuff in linux? Like pfsense/monowal/ipcop for BSD
<d-rock> In any case, I need to drop off. Good luck!
<n00bee> d-rock: Thanks much. You were a life saver and hero today!
<d-rock> NP, glad I could repay some of the help I've gotten on this channel :)
<JanC> (although e.g. cyphermox is in here too it's easier for them to miss discussions of netplan maybe)
<genewitch> is there a guide to having 3 routable networks under netplan?
<genewitch> i have 10.0.0.0/8 192.168.1.1/24 and WAN
<genewitch> which is technicaly 192.168.42.1/something
<JanC> genewitch: that's exactly the sort of thing you want to ask in the #netplan channel (if it's not in their documentation)  ;)
<genewitch> GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH
<JanC> and do you really need a web interface for the firewall? or is a descriptive configuration file also useful?
<genewitch> ubuntu implemented netplan
<genewitch> they broke 10 years of working network config
<JanC> you don't have to use netplan if you don't want to...
<JanC> ifupdown still works if you prefer that
<genewitch> /etc/network/interfaces.d/eth1
<genewitch> doesn't work
<genewitch> this used to be stupidly obnoxiously straightforward, it's taken hours out of my night
<JanC> if you don't have a netplan config and ifupdown is installed, that should still work, I guess?
<genewitch> i have a netplan config but it is complaining about something
<JanC> if not, file a bug report   :)
<katamo> genewitch you should be able to `netplan generate --debug` and get more verbose information on what it errors about
<genewitch> http://projectftm.com/#EfzbyVArZW8ykjaekYCE_w
<genewitch> exact same output
<genewitch> Error in network definition //etc/netplan/eth1.yaml line 5 column 17: expected sequence
<JanC> shouldn't addresses take a sequence?
<JanC> simply said: put it between []
<JanC> (I'm not a netplan expert, so this is just a guess, to be fair)
 * katamo had a toddler interruption
<genewitch> yeah that's all working now, but the routes are wrong
<JanC> you have "addresses: [10.0.0.1]" instead of "addresses: 10.0.0.1" now?
<katamo> http://projectftm.com/#FD5qmugC0YFFuZUHIlvuFQ
<katamo> genewitch ^
<katamo> does that get closer?
<katamo> note the use of space between addresses & eliminating the genmask/netmask lines in favor of */* address syntax
<genewitch> JanC: yes
<genewitch> i had that originally :-) but it doesn't look right, you know?
<genewitch> a single IP is a /32
<genewitch> katamo: i did addresses: [10.0.0.1/9]
<genewitch> er /8 obviously
<katamo> genewitch I just ran `netplan generate --debug` after copy paste of the link I shared with you. it completed without error
<genewitch> katamo: yes mine works fine too, except i can't ping 10.0.0.2 :-)
<katamo> `ip r | pastebinit`
<genewitch> i can't do that, because the internet isn't working now
<katamo> fair enough lol. whats the output?
<genewitch> http://projectftm.com/#n3T06ci4QHs35bHBQYdPWQ
<genewitch> lemme if down eth1 this is ridic
<katamo> `ip r del default via 192.168.1.1 dev eth0`
<katamo> for testing
<katamo> or that works
<genewitch> i can ping 192.168.1.1 after running that, but nothing else
<genewitch> default route is for what, internet?
<JanC> default route is for everything that doesn't have a specific route
<JanC> usually that means the general internet  ;)
<katamo> Okay, can we get the full output for configs on all interfaces?
<katamo> for one thing in the "routes", your 192.168.1.1 dev eth0 network has no netmask definition
<genewitch> http://projectftm.com/#ZbbJinc8BCQs-wI-SOKPuQ
<genewitch> 192.168.1.0/24 is going to be out of band, the only two networks that should be routable outbound are 10.0.0.0 and whatever usb0 is
<katamo> config files. either netplan or interfaces(.d)/* ?  sorry I'm not used to reading ifconfig output any more lol. woe is me
<genewitch> the yaml?
<genewitch> eth1.yaml http://projectftm.com/#HKWqhJ0ub1YeoPaZs72tUQ
<genewitch> eth0.yaml http://projectftm.com/#3fWxIdIZ-5dpFLaSRUr-WQ
<genewitch> there's no usb0 in either location
<genewitch> usb0 is brought up with dhclient usb0
<genewitch> i wanna make sure i can still access the internet if i disable eth1.service
<JanC> the output of "ip route" might be relevant...
<katamo> okay. lets do one interface at a time then. that was a good idea. and i'm still hung up on "192.168.1.1 dev eth0"
<katamo> are you okay with bringing all interfaces down, then raising eth1 first? sounds like you're concerned about that.
<genewitch> ip route with `systemctl disable eth1` http://projectftm.com/#bTUtehwmWwosE68B7sj8_A
<katamo> JanC I think we have that output here: http://projectftm.com/#n3T06ci4QHs35bHBQYdPWQ
<genewitch> i can ping both public (4.2.2.2) and private (192.168.1.12) with that setup
<JanC> (remember 'ifconfig' has been deprecated for over a decade and in theory might disappear any day now :P )
<katamo> Okay, we should not have multiple default routes.
<JanC> ah, right
<genewitch> i want eth1 to provide NAT from usb0 to the 192.168.1.1 network
<genewitch> but not via this device
<genewitch> I got a router connected to eth1
<katamo> we're doing routing from this box?
<genewitch> on the WAN port
<genewitch> NAT only
<genewitch> well i guess routing, but i just want to be able to ping 10.0.0.2, 192.168.1.1, 192.168.1.12, 4.2.2.2, google.com
<genewitch> once i am there, i know what to do
<katamo> Okay. can we bring the eth0 down? `ip link set eth0 down` ?
<genewitch> katamo: should i reboot with eth1 enabled first?
<genewitch> and this is going to slow me down since i have to physically access the machine which is not in this room
<katamo> wait a sec
<genewitch> eth1 systemd service is disagbled right now
<genewitch> and everything is working as i'd expect
<genewitch> i know i am rough
<katamo> okay you specifically mentioned every network except the 192.168.1.0/24 dev eth0 network
<katamo> what is the .0/24 network?
<katamo> and why does .1.0/24 have a netmask/24 whereas the 1.1 network has implied /32?
<genewitch> inet 192.168.1.6  netmask 255.255.255.0  broadcast 192.168.1.255
<genewitch> 192.168.1.1/24? it's a class C handed out by another router right now
<genewitch> it's out of band
<katamo> admittedly i'm a server engineer not a networking engineer and I deal mostly in virtual networks/servers
<genewitch> yeah this is a unique thing.
<genewitch> It's a SBC with two nics that actually operate at gigabit so i was hoping i could set this up
<katamo> sounds like a fairly complex network for usb nic's?
<katamo> ah
<genewitch> the usb nic is a cellphone
<genewitch> my cellular modem got taken out by lightning
<katamo> oic. cellular gateway?
<genewitch> yes
<genewitch> so usb0 is just going to NAT to eth1
<katamo> I use LXD ubuntu servers as routers with odd nic devices & client wifi radios as wan all day so it should be straightforward
<katamo> hrm
<genewitch> eth0 is just out of band so i can get in if those are down
<genewitch> As i said, i just need to ssh IN to eth0, eth0 doesn't need to route anywhere
<katamo> Okay, do you ssh into it via the 192.168.1.1 or 192.168.42.129 address?
<genewitch> 192.168.1.6
<genewitch> .42 is cellular
<genewitch> ip a without eth1 http://projectftm.com/#iXR_MMRn9J7DXpLxooHptQ
<genewitch> all this routes. i can ping google.com and i can ssh in
<genewitch> lemme reboot with eth1 enabled
<genewitch> baby steps
<katamo> Okay http://projectftm.com/#lmhaVjJrGSozjkZ5hIKL0A
<katamo> that accurate?
<genewitch> yes
<genewitch> working networking http://projectftm.com/#loQFlNCyXBQso4LWCf84UA
<genewitch> not working networking http://projectftm.com/#wnB3yyIcgi4U-81DDvd3SQ
<katamo> okay, please amuse me for a sec. can you cp your eth1.yaml to a safe place, then make a new one with copy paste of http://projectftm.com/#OMMBbGahZEd0nkjU5hvALw ?
<genewitch> of course
<katamo> then `ip link set eth1 down; ip link set eth1 up`
<katamo> wait
<katamo> `ip link set eth1 down; netplan generate --debug && netplan apply && ip link set eth1 up`
<genewitch> stand by
<genewitch> ok
<katamo> how's our ping 4.2.2.2 look?
<genewitch> can't ping 4.2.2.2
<katamo> :*(
<genewitch> :-D
<genewitch> From 10.0.0.1 icmp_seq=4 Destination Host Unreachable
<genewitch> so it thinks 10.0.0.1 is the default route
<genewitch> whereas it should be 192.168.42.whatever
<katamo> if its not a route, than remove the gateway line from your .yaml
<genewitch> ^
<katamo> wait.... this is.... duh. its trying to use its own interface as the default route
<katamo> shoulda seen that sooner. i'm silly after hours
<genewitch> i'm just happy ssh always works on reboot right now
<katamo> haha no doubt. you shouldnt have to reboot between netplan config changes though
<genewitch> i do anyhow
<genewitch> it's like 6 seconds
<katamo> fair enough then
<genewitch> okay now i can ping 192.168.1.12 (that network) and the internet
<katamo> woohoo!
<katamo> and everything else?
<genewitch> so why is gateway not necessary? does that autoconfigure a route or something?
<katamo> gateway tells the OS that it is a route. IE if there's not an obvious alternate, that is where to pass traffic for up stream nat
<genewitch> everything else isn't set up yet and i imagine the reason i can't ping 10.0.0.2 is that the router that is connected to has "ignore WAN ping" rofl
<katamo> likely
<katamo> cell phones are a pita
<genewitch> if this works it saves me literally $200
<genewitch> so that's why i am so dedicated
<katamo> absolutely! I've used my cell hotspot as WAN for 2 days for fail over
<genewitch> that cellular modem costs a bit, and even that is double NAT - if i have to deal with double NAT i'd rather do it on my software
<genewitch> oh this is my primary internet
<katamo> :O
<genewitch> i'm using my personal cellphone for testing, the actual cellphone is on a windows machine, i'm talking to you on an ubuntu VM in Los Angeles while sitting at a windows desktop in louisiana
<katamo> do what works lol
<genewitch> indeed.
<katamo> genewitch given your use-case can I ping you with a thought out of channel? Its not ubuntu-server specific but relevant
<genewitch> sure
<katamo> ping sent
<ahasenack> good morning
<ahasenack> kstenerud: I still see two issues in d/changelog in https://code.launchpad.net/~kstenerud/ubuntu/+source/tmux/+git/tmux/+merge/357991, not sure if you are still working on that or waiting for another review pass
<ahasenack> xnox: hey, question about a server seed change you made a while ago
<xnox> ahasenack, Which one? ^_0
<ahasenack> xnox: you added both gnupg and dirmngr to server seeds, but gnupg has a depends on dirmngr, is the latter really necessary?
 * xnox does a lot of seed changes
<ahasenack> xnox: https://pastebin.ubuntu.com/p/dnDZDwy8Md/
<xnox> ahasenack, need to check things...... back in the day gnupg and dirmngr got split out and at one point did not have the dep between themselves.
<ahasenack> could be
<xnox> but now gnupg is a metapackage effectively
<kstenerud> ahasenack: I've pushed changes to address that. Do I need to write a comment about it?
<ahasenack> kstenerud: I don't know if just pushing changes sends out an email notification, a ping/comment would be nice
<ahasenack> kstenerud: but I see two other issues there still, I don't think he commented on them
<ahasenack> kstenerud: the bug number is missing a #,
<ahasenack> kstenerud: and the new version number is incorrect
<xnox> ahasenack, right. So i think the change still stands. Albeit redundant now, but was not much so before.
<kstenerud> what should the version number be?
<xnox> ahasenack, this could be made lighter, by replacing "gnupg dirmngr" with "gpg dirmngr gpg-agent"
<ahasenack> kstenerud: check the security team's page with that table
<xnox> ahasenack, but imho having the full gnupg suite of utils is nice.
<ahasenack> xnox: I agree with having gpg and dirmngr for the reasons you stated, I was just wondering if I was missing something since gnupg has a depends on dirmngr
<xnox> ahasenack, any particular reason why you are asking about this? do you want to drop all of gnupg? or does this gnupg-metapackage-of-doom pulling in too much now?
<xnox> ahasenack, when we still had gnupg2 package and were transitioning to the new one, the dirmngr depends was not there.
<xnox> so historical.
<ahasenack> xnox: ok, thanks
<xnox> but i'd want to keep it there, such that it doesn't regress again
<ahasenack> agreed
<xnox> cause to talk to keyservers one needs dirmngr installed.
<ahasenack> yes, the network part
<y1ds> Hello
<y1ds> i`m having some problems with slapd on ubuntu 16.04 and was wondering if someone has some tips
<y1ds> I want to change my admin password but I keep getting inufficient acces errors, something like this http://www.mehic.info/2014/05/rootdn-ldap_add-insufficient-access-50/
<y1ds> but i dont want to go and change those files
<y1ds> ive noticed a few thinfs
<y1ds> in my olcDatabase={1}hdb,cn=config i have an olcRootDN and olcRootPW, this is the password i want to change
<y1ds> but it seems i need to use the creds from olcDatabase={0}config
<y1ds> but in there i only see a olcRootDN, no olcRootPW
<y1ds> i`m reading here https://help.ubuntu.com/lts/serverguide/openldap-server.html
<y1ds> and in the post install chapter i see this command: sudo ldapsearch -Q -LLL -Y EXTERNAL -H ldapi:/// -b cn=config dn
<y1ds> this returns No such object (32)
<y1ds> but i see the file strucute that is above in the docs
<y1ds> any clues?
<y1ds> ive tried ldappasswd -Y EXTERNAL -H ldapi:/// -s welkom123 cn=Manager,dc=yo,dc=lo
<y1ds> ive tried making an ldiff and trying to put it in using my admin account but im not allowed
<ahasenack> y1ds: do you know the existing password for cn=admin?
<y1ds> well i know the password for manager, wich is the rootdn of the database, but not of the config
<ahasenack> y1ds: try this example:
<ahasenack> ldappasswd -x -D cn=admin,dc=lxd -w secret -s newsecret cn=admin,dc=lxd
<ahasenack> -w: existing password
<ahasenack> -s: new password
<y1ds> that doesnt work
<ahasenack> -D: dn of the admin
<ahasenack> it does, I just did it
<ahasenack> cn=admin,dc=lxd: dn whose password you want to change (same as -D for this casE)
<ahasenack> note I provided the existing password
<y1ds> yes i tried that
<ahasenack> because the acl for the userPassword attribute reads, among other things: by self write
<ahasenack> root@xenial-foo:~# ldappasswd -x -D cn=admin,dc=lxd -w secret -s newsecret cn=admin,dc=lxd
<ahasenack> root@xenial-foo:~# echo $?
<ahasenack> 0
<ahasenack> I jsut did it
<y1ds> sec
<ahasenack> there are two admins here, btw
<ahasenack> one is for the cn=config db, the other is for the dc=lxd (or whatever domain you have) db
<ahasenack> my line above changes the pw for the dc=lxd suffix
<y1ds> ldap_bind: Invalid credentials (49)
<ahasenack> then -w has the wrong password
<ahasenack> or -D is incorrect
<y1ds> it is not
<ahasenack> to change olcRootPW in the cn=config db (for the olcRootDN "user"), you need ldapmodify, not ldappasswd
<ahasenack> ldappasswd only changes the userPassword attribute
<ahasenack> try ldapwhoami with the same -D and -w
<y1ds> ldap_bind: Invalid credentials (49)
<y1ds> yeah i tried changint it with ldapmodify and an ldiff
<y1ds> but i think the problem is that i need to be the root of olcDatabase={0}config
<y1ds> there is also a olcRootDN in there, namely cn=config, but not a olcRootPW
<y1ds> yeah what you say aboce
<y1ds> above
<ahasenack> it's not clear to me which password you want to update
<y1ds> i think i need  to be the one for the cn-config db, but that one does not have a password
<ahasenack> RootDN is the admin of the database, and it doesn't have to have an entry in the directory
<ahasenack> its password is RootPW
<ahasenack> that's like the old rootpw setting in the old slapd.conf
<ahasenack> you need an ldapmodify operation to change that, authenticated with -Y EXTERNAL
<y1ds> well, i want to change the password for the admin user of the dc=blabla, but i think i need the password for the admin of the cn=config db
<ahasenack> you don't have the existing password corresponding to the userPassword attribute of cn=admin,dc=blabla?
<y1ds> yes i do
<ahasenack> then prove it with ldapwhoami, using that DN and password
<y1ds> ah yeah that works
<y1ds> made a typo before
<ahasenack> in this example, https://pastebin.ubuntu.com/p/QjbPKCSkRZ/, you want to change userPassword from cn=admin,dc=lxd in line 24?
<ahasenack> for the example above, it would be: ldappasswd -x -D cn=admin,dc=lxd -w <existingpassword> -s <newpass> cn=admin,dc=lxd
<ahasenack> that treats cn=admin,dc=lxd just like any other entry, nothing special about it being admin, because you are binding as the entry itself
<ahasenack> if you didn't have the existing password, then you would have to bind as the rootdn, and that password is rootpw, defined in the cn=config suffix
<ahasenack> confusing, agreed
<ahasenack> I'm not a super fan of this cn=config structure
<y1ds> ah okay no but its differentin my setup
<y1ds> the admin is not a user
<y1ds> it is the rootdn in the cn=config
<ahasenack> ok, then you need an ldapmodify operation on cn=config
<ahasenack> something like
<ahasenack> sudo ldapmodify -Y EXTERNAL -H ldapi:///
<ahasenack> then feed it
<ahasenack> dn: cn=config
<ahasenack> changetype: modify
<ahasenack> replace: olcRootPW
<ahasenack> olcRootPW: <newhash>
<ahasenack> I think the dn in this example is wrong, locate the right one by dumping with slapcat -n 0
<ahasenack> y1ds: https://pastebin.ubuntu.com/p/SBZMKGP7Qq/ that set the new password to the plaintext value of "secreT" (no hash: don't do that)
<y1ds> https://pastebin.ubuntu.com/p/zdyQvR2xfk/
<ahasenack> your rootdn is just cn=config?
<y1ds> apperently
<y1ds> i must say i dont know much about ldap, and didnt set this up, im just trying to change some things
<ahasenack> see if this works: https://pastebin.ubuntu.com/p/xHYJjPnh9P/
<ahasenack> note I used slappasswd to generate a hash for "newsecret"
<ahasenack> use whatever password you want
<ahasenack> ah, use sudo ldapmodify, not just ldapmodify, of course
<y1ds> yes
<y1ds> insuficient access
<ahasenack> check if the acls are about uidnumber=0+gidnumber=0, that's when root connects to the ldapi socket and is what we are doing here when calling ldapmodify with sudo and -H ldapi:///
<y1ds> but is my assumption that i need to authenticate as the rootdn from olcDatabase={0}config,cn=config incorrect?
<ahasenack> the acls under cn=config
<ahasenack> well, depends on the acls
<y1ds> uhm how do I check that
<ahasenack> look for attributes olcAccess
<ahasenack> for example, this is what allows that uidnumber=0+... to manage the db:
<ahasenack> olcAccess: {0}to * by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=extern
<ahasenack>  al,cn=auth manage by * break
<ahasenack> in my example db
<y1ds> okay im gonna check
<ahasenack> access to * by thatgui manage
<ahasenack> "thatguy" being what ldapwhoami returned, in this case
<y1ds> hm I see olcAccess: {0}to *  by * none under dn: olcDatabase={0}config,cn=config
<ahasenack> it's the last entry that wins
<ahasenack> I mean, if there was no match before
<ahasenack> so I guess it's the first one that wins
<ahasenack> you go from specific to generic
<y1ds> hm okay well im calling it a day for now thanks for the tips :)
<ahasenack> y1ds: cheers, good luck
<ahasenack> kstenerud: remember you have to explicitly ask for sponsorship in the MP before someone will just tag and upload a package for you
<kstenerud> ahasenack: So I just write "please sponsor this"?
<ahasenack> something like that
<ahasenack> I'd also add the git hash, confirming that's what you want sponsored
<kstenerud> ok
<ahasenack> rbasak: looking at https://bugs.launchpad.net/ubuntu/+source/mysql-5.5/+bug/1745185 that person could be using that other mysql package that has no "initscripts", right?
<ubottu> Launchpad bug 1745185 in mysql-5.5 (Ubuntu) "If apt-get upgrade is run on mysql server when the server is disabled, the upgrade fails." [High,Confirmed]
<ahasenack> wouldn't be solving the bug, though
<rbasak> ahasenack: https://bugs.launchpad.net/ubuntu/+source/mysql-5.7/+bug/1592669 is related
<ubottu> Launchpad bug 1592669 in mysql-5.7 (Ubuntu) "postinst fails when daemon is not running (or is disabled by policy-rc.d)" [High,Fix released]
<rbasak> ahasenack: apart from that bug (which we've fixed now, not sure about what release the reporter is using), I think that correct behaviour and any bugs in postinsts attempting to restart masked services is down to debhelper.
<rbasak> ahasenack: I'd like to know exactly what Ubuntu release and package version the reporter is reporting against, and exactly how (what command) the reporter is disabling the service. Ie. full steps to reproduce. Until then, Incomplete IMHO.
<ahasenack> that was mysql 5.5, command was systemctl disable mysqld
<ahasenack> which indicates it was...
<ahasenack> trusty
<sdeziel> systemd and trusty?
 * ahasenack wonders that
 * ahasenack does a quick check on bionic fwiw
<sdeziel> bionic didn't ship mysql 5.5 AFAIK
<rbasak> I think that's why he's wondering :)
<ahasenack> I meant I will try a sequence of disable + upgrade on bionic
<sdeziel> oh upgrades could explain the oddity
<ahasenack> worked just fine in bionic
<ahasenack> it got started up again during the pkg upgrade, but was stopped at the end
<ahasenack> failed in xenial
<ahasenack> which also has mysql-server-5.7
<chillage> Good time, i wanna wondering maybe someone have appboxes.co server or maybe some one have server something like appbox?
<ahasenack> I don't
<chillage> You know, my friend got rented server for him from him admins.. ant we don't know how open port at that specific "appbox" (Ubuntu 18.10 VNC) for znc, there are not default firewall i think there are specific firewall..
<chillage> specific firewall
<teward> chillage: well if there's no firewall that you can manage on the server, it'd have to be form the appbox control panel
<teward> and if there's not a firewall there you can control then you have to contact the admins
<chillage> i'll ask him about control panel, he told me that are desktop and terminal window.. contact with admins who give him server it's little bit dificult because they can't know about znc.. se if we don't found control panel then we try write to appboxes.co a
<chillage> so thank you for help:) nice halloween night then, until
<plm> Hi all
<chillage> good time, plm,
<chillage> ok, i'm away, good luck
<teward> chillage: if they can't know about ZNC, that suggests that it's not permitted on their infrastructure, so you should avoid running it there.
<memphisto> hi, how do i share printscreen here
<sdeziel> ahasenack: I too don't know what acpid is used for these days
<sdeziel> ahasenack: I've be purging this on servers since Xenial IIRC
<ahasenack> heh :)
<ahasenack> that's good info :)
<memphisto> i can't pass the filesystem setup screen , i'm doing manual partition with LVM, /(root)as btrfs , ext4 home...
<memphisto> i'd like to share screenshot but don't know how/where to uplaod
<ahasenack> rbasak: (for whenever you read this) is linux-meta (src) a known git-ubuntu import failure? It's a main package, but not imported
<ahasenack> memphisto: you should upload it somewhere, there are some free image hosting services
<ahasenack> or even dropbox and the like
<ahasenack> google drive
<memphisto> thanks
<memphisto> https://imagebin.ca/v/4L1qdANGnY4j
<sdeziel> ahasenack: I dig a little and found a commit in my puppet stuff: "remove acpid from Xenial VMs (not needed thanks to systemd)" dated Oct 17 10:15:24 2017
<ahasenack> memphisto: is this 18.04 or 18.10?
<memphisto> ahasenack: 18.04.1
<ahasenack> sdeziel: I tried a trusty vm, but could still power it off externally without acpid, so I wasn't sure what was going on there
<ahasenack> memphisto: that looks like a bug, let me give it a try
<memphisto> ahasenack: yes, it looks like it
<ahasenack> memphisto: have you tried 18.10 also?
<sdeziel> ahasenack: interesting, found another note where I concluded that 15.04+ only needed the dbus package to properly handle ACPI signals in KVM
<ahasenack> sdeziel: interesting, I saw dbus messages in the console when I pressed the power button
<memphisto> ahasenack: no, i haven't...i like using only lts
<sdeziel> ahasenack: I may have missed that 14.04 was also OK
<ahasenack> memphisto: that's fine, just checking if it was perhaps fixed in the 18.10 installer
<ahasenack> memphisto: the whole disk is a pv, right
<memphisto> ahasenack: yes
<ahasenack> memphisto: yeah, same here
<ahasenack> memphisto: let me try 18.10 to compare
<memphisto> ahasenack: great, thanks ... for a moment i thought i'm going crazy
<ahasenack> I think it might be because /boot (part of / in this case) is not in its own partition
<ahasenack> verifying that oo
<memphisto> yesss
<memphisto> does it really have to be separate?
<ahasenack> don't know yet
<ahasenack> the moment I add an actual partition for /boot, I can't setup lvm anymore
<ahasenack> yeah, it was /boot
<memphisto> ok, how did you create /boot and lvm ?
<ahasenack> so I think it's bug https://bugs.launchpad.net/subiquity/+bug/1785332
<ubottu> Launchpad bug 1785332 in subiquity "18.04.1 can't put /boot on SW RAID" [High,Triaged]
<ahasenack> memphisto: I created a big partition to hold the PV, and left it "unformatted"
<ahasenack> memphisto: then created the PV in that unformatted partition
<ahasenack> after that I was able to add a /boot partition with the remaining space, outside the pv
<ahasenack> and add the lvs to the vg as usual
<ahasenack> let me share a screenshot
<ahasenack> but the order was important, because the moment you create a /boot partition, the lvm option becomes grayed out
<memphisto> no need, got it
<memphisto> doing it right now
<ahasenack> memphisto: http://people.ubuntu.com/~ahasenack/partitioning.png fwiw
<UsQUE> Anyone did migration from FreeBSD samba dc to Ubuntu Server Samba dc?
<ahasenack> any sort of samba migration sounds hard on its own
<UsQUE> nah I think its pretty easy :P
<UsQUE> just backing up the correct files and restore them back on the new system
<UsQUE> anyone got HyperV server + Samba DC constrained deligation working ?
<compdoc> Hyper-V is too slow for my guests
<nacc> UsQUE: isn't that  question for either samba or hyperv?
<nacc> (/ microsoft)
<RoyK> !ask | UsQUE
<ubottu> UsQUE: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<rbasak> ahasenack: it's blacklisted.
#ubuntu-server 2018-11-01
<mcclurken> I'm attempting to install Ubuntu Server 18.04 and am having trouble configuring filesystems, with or without LVM.Is the general idea to switch out to the shell to create filesystems?
<sarnold> there's a few different installers, and some of them iirc make it easier or harder to do block storage things..
<sarnold> but I'd expect most tasks to be possiuble within the interface
<mcclurken> I've tried several different approaches. I can't create filesystems within the automatic LVM config, tried falling back to just partitions and such and ended up creating a partition for everything (/, /home, /usr etc)
<mcclurken> I'm missing the old ncurses debian installer
<sarnold> that's still around
<sarnold> hmm. this doesn't *say* anywhere that it's the old one.. http://cdimage.ubuntu.com/releases/18.04.1/release/ but that's the link from "Download the alternate installer" on https://www.ubuntu.com/download/alternative-downloads
<mcclurken> I'll give that a shot. It wasn't clear to me since the filename doesn't mention anything so it looks like the regular one.
<mcclurken> I guess the hint is its missing the "live"
<sarnold> oh is that the tell? heh
<kstenerud_> How do I report multipass bugs?
<RoyK> multipass?
<ogra> kstenerud_, try asiking in #multipass
<ogra> RoyK, https://snapcraft.io/multipass
<RoyK> ogra: oh - another docker-ish thing? ;)
<ogra> not at all :)
<ogra> its an OS agnostic VM tool (also runs on win and macos)
<ogra> no containers involved ;)
<RoyK> what's underneath? kvm?
<ogra> you have to ask the devs :)
<kstenerud_> It's to VMs what lxd is to containers
<kstenerud_> in beta atm
<kstenerud_> kvm
<RoyK> ogra: libvirt or qemu afaics, looking at src/platform/backends
<RoyK> and IIRC libvirt uses qemu and is just another abstaction later on top of it
<RoyK> and qemu may use kvm if the arch supports it
<kstenerud_> yup, and multipass gives it all a nicer UI with similar commands to lxd
<RoyK> gotta take a closer look at it some time
<kstenerud_> container: lxc launch ubuntu:cosmic blah
<kstenerud_> VM: multipass launch --name blah cosmic
<RoyK> how does multipass deal with networking?
<RoyK> I have a bridge (br0) setup on my home server now for kvm/libvirt use with some VMs
<kstenerud_> I'm not really sure - I'm just getting started with it myself.
<RoyK> ok
<kstenerud_> you can pass it --cloud-init <file>
<ogra> you should really ask in #multipass ... i dont think any of the guys working on it is around in this channel
<kstenerud_> Found their github issues page so all is good
<ogra> well, they should mention the issue link in the snap description ... or in the contact field of the snap
<kstenerud_> Nope, there's no contact link in the snap unfortunately
<ogra> thats what i mean :)
<ogra> tell them in the #multipass channel ;)
<ahasenack> good morning
<ahasenack> rbasak: hi, any idea why it's blacklisted?
<ahasenack> rbasak, around?
<rbasak> ahasenack: we avoided importing the kernel as it's too big and they have their own workflow (ownership of the default repository in Launchpad)
<rbasak> I'm not sure about linux-meta specifically
<ahasenack> linux-meta is ~150kb uncompressed
<rbasak> Understood, but it might have been dragged in with the "leave the kernel for now" direction
<rbasak> nacc: ^ do you remember anything about linux-meta?
<ahasenack> it was added in the first revision of the blacklist file
<ahasenack> hm, but it was in b/gitubuntu/source-package-whitelist.txt
<ahasenack> commented
<rbasak> I'm keen to avoid stepping on the kernel team's toes.
<ahasenack> found the change
<ahasenack>     usd-cron-packages.txt: blacklist kernel packages
<rbasak> But if there's OK with it (including the takeover of the default repository on Launchpad for the Ubuntu package), I can't think of any other reason to not import it.
<ahasenack> well, ok, another question
<ahasenack> different topic
<ahasenack> acpid, removing it from server seed
<ahasenack> how can I check if it won't be demoted to unverse after that?
<rbasak> germinate-output?
<rbasak> http://people.canonical.com/~ubuntu-archive/germinate-output/ubuntu.disco/rdepends/acpid/acpid
<rbasak> Looks like desktop also hold it in main
<ahasenack> I see
<ahasenack> via acpi-support
<ahasenack> which is what pupolates /etc/acpi/events
<ahasenack> i.e., all the scripts for wifi buttons, keyboard backlight, etc
<ahasenack> but that's a recommends
<ahasenack> is that "strong" enough?
<ahasenack> rbasak: ^
<rbasak> ahasenack: I believe so
<ahasenack> rbasak: after the seed change, how is the ubuntu-server metapackage (from ubuntu-meta src) updated?
<ahasenack> I see an "update" script in it
<rbasak> ahasenack: ubuntu-meta needs the update running and re-uploading, yes.
<ahasenack> ok
<ahasenack> any particular order this needs to happen? seed change vs meta package change?
<rbasak> Seed change first IIRC
<ahasenack> looks like it indeed, given the script
<ahasenack> thx
<rbasak> The update script fetches the seeds to then update the ubuntu-meta sources
<rbasak> Might be worth double checking the plan in #ubuntu-devel - I don't do this very often.
<ahasenack> rbasak: any opinion versus removing acpid entirely, or moving it to server-ship as a first step?
<rbasak> I don't see any need for it to be in server-ship, since I don't see that it would be affected by any bootstrapping issues.
<ahasenack> ok
<rbasak> I say drop it unless someone comes up with a reason to keep it.
<rbasak> And we'll hopefully get reports with reasons we're wrong before the next LTS.
<rbasak> (preferably before the next release!)
<rbasak> And if necessary we can re-add but with a comment explaining why this time.
<openfire> Any downside to disabling netplan on bionic and manually configuring networkd?
<cyphermox> openfire: no, you're free to do so if you want
<cyphermox> just don't specify the interface in /etc/netplan
<openfire> Ah, so I don't even need to remove the package. That makes sense, thank you.
<Mr_Pan> !0d5
<zetheroo> I installed a second disk in a Windows 10 system and installed Ubuntu Server 18.04 on it, but on boot there is no grub menu and thus no way to select which OS to boot into. At the moment Ubuntu is booting.
<zetheroo> I have tried manually entering the details into /etc/grub.d/40_custom and running update-grub but that's not working for me. os-prober shows /dev/sdb1:Windows 10:Windows:chain
<zetheroo> Should I be using the uuid of /dev/sdb1 in  /etc/grub.d/40_custom?
<TJ-> zetheroo: if the system is using UEFI, then GRUB isn't responsible for choosing, it is the PC firmware boot manager itself. It should have 2 entries added when Ubuntu was installed, and usually Ubuntu is set to the default. It sounds like that hasn't happened. The alternative is you booted the Ubuntu installer in CSM/Legacy BIOS mode, and so was installed that way, in which case you'll need to use the
<TJ-> PC's boot manager to choose to boot CSM/Legacy mode from the 2nd disk
<zetheroo> I got the grub menu to show up by pressing SHIFT during boot, but is there a way to make it always show automatically at boot?
<mason> zetheroo: Have a GRUB_TIMEOUT, and don't set GRUB_TIMEOUT_STYLE, is what I do.
<zetheroo> mason: ok
<zetheroo> TJ-: I'm fairly certain I installed Ubuntu with Legacy and not UEFI
<zetheroo> I'm also pretty sure that when I installed Windows 10 on this server I didn't use UEFI either
<TJ-> zetheroo: oh, so there is a GRUB menu, it was just hidden!
<zetheroo> Server bios boot mode is set to dual
<kstenerud_> for a changelog message, I'm wondering what to put in the changelog when I changed multiple files
<kstenerud_> Normally it's d/p/some.patch, but what if I modified a bunch of files in debian/
<zetheroo> yes, I pressed SHIFT right before boot and the grub menu showed up
<DammitJim> I still don't understand the difference between apt-get purge vs apt-get remove
<DammitJim> does purge do a remove as well?
<sdeziel> DammitJim: yes but purge leaves no old conf behind
<zetheroo> TJ-: this is what I have in /etc/grub.d/40_custom /etc/grub.d/40_custom
<zetheroo> https://paste.ubuntu.com/p/dHD7Kc5yX4/
<zetheroo> TJ-: that's the uuid from /dev/sdb2 but I have also tried the uuid from /dev/sdb1
<zetheroo> why doesn't Startup Disk Creator let you select other iso's than Ubuntu iso's?
<zetheroo> try SGD now
<zetheroo> no luck
<zetheroo> this is what I am getting when trying to boot into Windows from the grub menu https://ibb.co/fRCUOL
<kstenerud_> rbasak: https://pastebin.ubuntu.com/p/5MhXY6WR59/
<kstenerud_> So 3 files changed
<rbasak> kstenerud_: how about: https://paste.ubuntu.com/p/gY9RWGRF88/
<rbasak> kstenerud_: the diff itself looks great BTW, thanks.
<kstenerud_> cool thanks!
<zetheroo> bios boot mode changed from Dual to Legacy - Fresh install of Ubuntu 18.04 completed - boots straight into Ubuntu with no grub menu
<zetheroo>  https://paste.ubuntu.com/p/sXc55gBnp6/
<mason> zetheroo: My recommendation remains.
<zetheroo> mason: getting to the grub menu is not really the issue ... but that there is no Windows to boot from in the grub menu
<nacc> rbasak: ahasenack: looking
<zetheroo> should grub be installed on the Ubuntu disk only, or also on the Windows disk?
<zetheroo> boot-repair is asking me where to install grub
<zetheroo> I'm thinking only on the Ubuntu disk
<nacc> rbasak: ahasenack: right the binaries those packages create are all kernel-team owned, afaict
<mason> zetheroo: GRUB should be installed on whatever disk you want to boot from, and it should have an entry for whatever system you want to boot. If you have the option of UEFI/SecureBoot, you want that.
<mason> What it needs to look like on-disk depends on whether you're going for UEFI or legacy.
<zetheroo> mason: grub installed on Ubuntu disk - rebooted and grub menu shows no Windows
<zetheroo> This is the pastebin from boot-repair https://paste.ubuntu.com/p/Cd2cXWg9NR/
<zetheroo> any ideas?
<zetheroo> Should I switch the Boot Mode in bios to UEFI?
<zetheroo> if I do, do I have to reinstall Ubuntu?
<zetheroo> UEFI enabled and nothing boots
<zetheroo> I just end up at this screen showing a list of disks and Shell>
<zetheroo> switching back to Legacy and seeing if Windows boots at all if I select it's disk as the primary boot disk ... Ubuntu boots :/
<mason> zetheroo: https://askubuntu.com/questions/110698/add-windows-to-my-boot-menu seems relevant
<zetheroo> https://paste.ubuntu.com/p/rqJJrKhmy6/
<zetheroo> so why doesn't Ubuntu add Windows to the grub menu during install?
<openfire> What's the contents of the actual grub.cfg file?
<zetheroo> is it in here? https://paste.ubuntu.com/p/Cd2cXWg9NR/
<zetheroo> I'm booting back into Ubuntu now
<openfire> Are you mounting the Windows partition before running update-grub?
<zetheroo> openfire: no
<openfire> So mount the windows partition, and run 'update-grub'. Not grub-mkconfig.
<zetheroo> how do I mount the windows partition? I mean ... do I just mount it anywhere?
<zetheroo> and which partition do I mount?
<zetheroo> there are 3
<zetheroo> https://paste.ubuntu.com/p/FtjKFTCcnz/
<openfire> I think it'll be the second one, if memory serves. The largest one.
<openfire> And I usually mount it to '/mnt/windows' or something.
<openfire> And DEFINITELY mount it as read-only.
<zetheroo> can you help me with a mount command for r/o?
<openfire> man mount will tell you that.
<zetheroo> and this mount is just temporary right?
<openfire> It has to be there whenever you run update-grub.
<zetheroo> ok mounted
<zetheroo> https://paste.ubuntu.com/p/f25gvJSnYW/
<openfire> That's not grub.cfg.
<openfire> And I also didn't tell you to mount more than one Windows partition. :/
<zetheroo> openfire: with sdb3 unmounted it's the same output
<TJ-> zetheroo: mounts are not required; os-prober does that. The problem seems to be that /etc/grub.d/30_os-prover is either disabled or not betting the message
<TJ-> grrr s/30_os-prover/30_os-prober/
<openfire> I thought it had to be mounted somewhere to be found. My mistake, then.
<TJ-> zetheroo: do you have "GRUB_DISABLE_OS_PROBER=true" in /etc/default/grub
<TJ-> openfire: no, it scans all block devices (unless config options prevent it)
<openfire> Filing that away, thank you.,
<zetheroo> here is the grub file https://paste.ubuntu.com/p/7rqx28PrQ6/
<openfire> zetheroo: grep GRUB_DISABLE_OS_PROBER /etc/default/grub
<openfire> is it true or false?
<zetheroo> nothing
<zetheroo> false
<zetheroo> where is the grub.cfg?
<zetheroo> found it https://paste.ubuntu.com/p/YSNhFRxty8/
<TJ-> zetheroo: let's debug the script. "pastebinit <( sudo sh -x /usr/sbin/grub-mkconfig 2>&1 )"
<zetheroo> http://paste.ubuntu.com/p/PBPrxK7JQK/
<nacc> GRUB_DISABLE_OS_PROBER=true ?
<nacc> from /etc/default/grub.d/50-curtin-settings.cfg
<zetheroo> nacc: https://paste.ubuntu.com/p/pyDssTg4QN/
<TJ-> nacc: indeed, I thought it'd be there somewhere :)
<TJ-> zetheroo: there you go, disabled :)
<nacc> yeah, you can't have that and dual boot, zetheroo
<nacc> dunno why it's set that way, tbh
<zetheroo> no way :/
<zetheroo> so ... comment it out?
<nacc> zetheroo: how did you install this system?
<zetheroo> nacc: from installer - fresh install
<zetheroo> USB bootable
<nacc> zetheroo: which installer?
<TJ-> zetheroo: which release of Ubuntu is it, too?
<nacc> (and what version of ubuntu is this?)
<nacc> yeah
<nacc> my fresh 18.04 desktop has no such file
<zetheroo> ubuntu-18.04.1-live-server-amd64
<nacc> you installed server side by side with windows?
<nacc> i'm not sure that's mean to be supported by default :) (without some extra steps)
<nacc> *meant
<zetheroo> ok, so what's the best solution now
<zetheroo> ?
<zetheroo> should I change that to =false?
<zetheroo> and run os-prober and update-grub again?
<nacc> TJ-: --^ I'm not sure. I think that should be fine, but this is an odd setup to me.
<TJ-> zetheroo: If the curtin package gets updated it might return. I'd use "dpkg-divert" to permanently move the file so it doesn't get read at all by grub
<zetheroo> TJ-: ok, never heard of that. what's the full command?
<TJ-> nacc: seems pretty 'normal' to me; When we lost the alternate installer it was said the server installer would do everything it did so was un-necessary. Seems like the server installer team have forgot it is supposed to be a fallback for those that cannot run the desktop live installer (often due to graphics/video problems)
<nacc> TJ-: ah could be. smoser --^ ? this seems like a corner case that should be more obvious
<TJ-> zetheroo: "sudo dpkg-divert --divert /etc/default/grub.d/50-curtin-settings.cfg.disabled --rename /etc/default/grub.d/50-curtin-settings.cfg"
<zetheroo> done
<zetheroo> do I still need to edit the config?
<TJ-> zetheroo: no, just "sudo update-grub"
<TJ-> zetheroo: that config file is no longer going to be read by grub
<zetheroo> ok, and os-prober?
<TJ-> zetheroo: even if curtin package upgrades, it'll upgrade the new filename, which grub ignores
<zetheroo> cool
<TJ-> zetheroo: os-prober is called by grub automatically
<zetheroo> gosh ... all the things I didn't know
<zetheroo> https://paste.ubuntu.com/p/DvHsSVzzcR/
<zetheroo> hey that looks better
<zetheroo> is that it ... or?
<zetheroo> is it safe to reboot?
<TJ-> zetheroo: now you just have to work out which one to boot!
<zetheroo> oh
<TJ-> zetheroo: that's it :)
<zetheroo> sdb2 is the largest partition ... so I have to do anything more manually?
<TJ-> zetheroo: *usually* the 1st entry is the Windows recovery partition
<zetheroo> ok
<zetheroo> do you suppose the grub menu will be shown at boot now?
<zetheroo> TJ-: anything else I should do before rebooting?
<TJ-> zetheroo: you have to tap Esc (or hold Shift) to reveal it. You can change the /etc/default/grub options to make it display always
<zetheroo> TJ-: I would prefer it always popped up
<TJ-> zetheroo: I think you'd add "GRUB_TIMEOUT_STYLE=menu" and then "sudo update-grub" again
<zetheroo> its GRUB_TIMEOUT_STYLE=hidden atm
<TJ-> zetheroo: and ensure the *TIMEOUT= values are not 0 !
<zetheroo> GRUB_TIMEOUT=10
<zetheroo> ok, done and done
<zetheroo> reboot? :)
<TJ-> zetheroo: your choice :p
<zetheroo> ok, fire in the hole
<zetheroo> all my fingers and toes are crossed :D
<zetheroo> grub menu with Windows OS shows up !!!
<zetheroo> there are two Windows OS entries .. the first one boots into Windows 10
<zetheroo> the second one also boots into Windows 10
<zetheroo> well .. better two that work than none ;)
<cryptonix2> zetheroo: nice
<smoser> we are aware of the pain of /etc/default/grub.d/50-curtin-settings.cfg
<smoser> if you do not like it's effects on things, it is safe to remove it.
<zetheroo> ok, well thanks all for your help with this. No way I would have found this out.
<nacc> smoser: ack :)
<nacc> smoser: is there a bug tracking it as a pain point?
<smoser> byes
<smoser> yes even
<smoser> https://bugs.launchpad.net/curtin/+bug/1635181
<ubottu> Launchpad bug 1635181 in curtin "Curtin sneaks config into /etc/default/grub.d/" [Undecided,New]
<nacc> smoser: ack thanks, zetheroo --^ fyi
<zetheroo> nacc ok
<teward> the server installers don't have a "side by side" install option, right?
<teward> if I remember right that's a Desktop-only installer function
<nacc> teward: i believe that is correct
<teward> that's what I thought
<RoyK> the GRUB_TIMEOUT=0 that ubuntu server has, is rather peculiar - for a desktop or laptop, sure, but if you're setting up a server, you know sufficient already not to be scared by the linux boot screen - if not - you'll learn that after a short while
<ahasenack> RoyK: +1
<ahasenack> I also always have a problem with that, specially in VMs, where getting the timing right is super hard
<ahasenack> and "shift" isn't the best key in that case
<RoyK> the main reason I don't use ubuntu too much on servers anymore, is that ubuntu really focuses a lot on the desktop, not on server/stability - so I had my Debian relapse ;)
 * openfire looks at the extremely large server estate that he runs, a mix of 16.04 and 18.04.
<openfire> Not on servers or stability, huh?
<nacc> RoyK: yeah that's pretty FUD-y to me too :)
<RoyK> nacc: it's not ;)
<openfire> Yes, it is.
<openfire> It's total BS, to be completely blunt.
<RoyK> oh well, famous holy wars etc
<nacc> RoyK: "ubuntu really focuses a lot on the desktop, not on server/stability" is FUD. You are basing it upon .... nothing?
<nacc> RoyK: look at relative contributions, and stop abscribing your epxerience to a distribution (which can't "focus" on anytihng, because it's not a person, anyways)
<openfire> It's not a war. You're full of crap, end of story.
<openfire> There are several solid server distributions out there. Ubuntu IS one of them. To say it isn't is FUD.
<RoyK> nacc: experience - quite a few years of it - I moved to ubuntu from debian back in 2008 or thereabout and moved back some 4-5 years back because of quite a few bugs I posted that was never fixed - same thing worked well on debian
<openfire> https://yourlogicalfallacyis.com/anecdotal
<openfire> ONE thing didn't work for you. So that magically translates to "Ubuntu doesn't focus on server or stability."
<openfire> As my old CO used to say, "That dog don't hunt."
<RoyK> the particular problem I was stuck on back then, was nested RAIDs - a bug that was never solved until a new release came out
<RoyK> the main problem, as far as I can see, with ubuntu server, is that it tosses in a lot of packages that aren't really ready or well-integrated, where in debian and centos, you get a system that is more balanced
<RoyK> I'm not saying ubuntu server doesn't work - I still use it from time to time - but hell - I prefer debian - I don't think there's a death penalty for saying that even here ;)
<sarnold> funny, I'd have thought it the other way around, since we've got a clear demarcation between main and universe
<openfire> RoyK: You can prefer what you want. Your statement, however, was not one of preference. It was a judgment. "ubuntu really focuses a lot on the desktop, not on server/stability"
<openfire> RoyK: I'm happy with people preferring what they want. But when people try to make statements of fact that are obviously BS, I call them out.
<RoyK> openfire: we're all quite subjective, really
<RoyK> openfire: but hell - if the "code of conduct" in here is to never complain about ubuntu, please show me that paragraph
<openfire> RoyK: That's a total non-answer. And also very transparently a retreat and attempt to change the subject. You made an objective claim, and I called you out on it.
<nacc> RoyK: no one said you violated the code of conduct. Stop being melodramatic.
<nacc> RoyK: unless you can point to specific numbers of contributions that clearly show ubuntu changes are prioritizing desktop over server, maybe don't make such claims.
<openfire> RoyK: If you make a claim, its on you to support your claim if someone calls you on it. You've failed to do so in any valid way. You've offered nothing in the way of data, your own unverifiable and suspect experience aside. You've offered opinions, and then relied on "it's just my preference" and other nonsense to change the context.
<openfire> RoyK: Your original statement at issue was: "ubuntu really focuses a lot on the desktop, not on server/stability." Prove it, or be quiet.
<teward> how about we all drop this argument and move on to something more beneficial
<RoyK> this was about bug 1171945, which was never solved - that is - after upstart was thrown in the bin, it worked. As far as I can see, noone really worked on it while the problem persisted, which was some years
<ubottu> bug 1171945 in mdadm (Ubuntu) "Nested RAID levels aren't started after reboot" [Undecided,Confirmed] https://launchpad.net/bugs/1171945
<teward> rather than shooting back and forth at each other.
<RoyK> teward: indeed
<openfire> Agreed.
<sarnold> hey I see me! :)
<openfire> I see you, too!
<Epx998> There an easy way to determine if a server is running beta or release on a non lts
<Epx998> guess 'lsb_release -a' gives me what I need
#ubuntu-server 2018-11-02
<dholbach> hiya
<dholbach> a colleague of mine is running into https://bugs.launchpad.net/cloud-images/+bug/1792543 - who could help out with this?
<ubottu> Launchpad bug 1792543 in cloud-images "EKS AMI init process should not rely on non-standard tags and AWS CLI" [Undecided,New]
<vlt> Hello. In a (typical?) RAID10 => LUKS => LVM setup, where would you insert a fast SSD (or two of them as RAID1) as bcache device? And does the RAID10 then still make much sense or would you replace it with RAID5 or 6?
<dholbach> Odd_Bloke: ^ can you help with this bug or is it somebody else?
<openfire> vlt: Frankly, I would never replace RAID10 with any kind of parity RAID setup. As for the caching option...
<openfire> vlt: I would add the SSD as an LVM caching volume.
<openfire> vlt: Rather than using bcache/dm-cache directly.
<openfire> vlt: man 7 lvmcache
<cryptodan> this weekend my dell pe 4600 will be retired and replaced with a more modern hp mp350l dual 2.0ghz hexacore setup
<vlt> openfire: Thanks for your answers. I'll definitely have a look at lvmcache. Why would you never use parity RAID instead of RAID10? I thought parity RAID's weakness is writing and that should be covered by the caching device. What other reasons are tehre?
<openfire> vlt: Undetectable data corruption due to read errors during rebuilds. Most (all?) storage vendors consider parity RAID a dinosaur these days.
<vlt> Ah, ok.
<frickler> jamespage: can you please check https://bugs.launchpad.net/ubuntu/+source/ceph/+bug/1750848 ? I'm confused how a rebuild of mimic can fix an issue with luminous.
<ubottu> Launchpad bug 1750848 in ceph (Ubuntu) "ceph 12.2.3 lint" [Low,Fix released]
<frickler> nice name btw, cosmic disco ;)
<jamespage> frickler: some of the changelog history is missing from the comment; I did a load of work to cleanup the lintian awarnings on the mimic packages
<jamespage> I won't backport that
<jamespage> it does not materially effect the function of the package
<frickler> jamespage: o.k., understood, but the plan would still be to support latest 12.2.x for the time being, just not fix that issue there, correct?
<jamespage> yup
<frickler> ok, thx
<dholbach> hiya jamespage - how are you?
<dholbach> do you know who could help with https://bugs.launchpad.net/cloud-images/+bug/1792543?
<ubottu> Launchpad bug 1792543 in cloud-images "EKS AMI init process should not rely on non-standard tags and AWS CLI" [Undecided,New]
<zetheroo> I am trying to setup static IP on 18.04 server by editing /etc/netplan/50-cloud-init.yaml
<zetheroo> So far I can ping internal IP's and external domain names (google.com) but I cannot ping any internal hostname's
<zetheroo> this is what the config looks like https://paste.ubuntu.com/p/rshmvDyC5X/
<zetheroo> what am I missing?
<teward> zetheroo: does it give you a specific error message?  have you verified they're all on the same subnet?  Are they on different subnets and there's a firewall restricting access?
<teward> zetheroo: is there an internal search domain?
<teward> check another system for any 'searhc domains' that it defaults to
<zetheroo> teward: I am trying to reach hostnames on the same network in the same domain
<teward> that might be necessary
<teward> for the DNS resolutoin to work proper
<zetheroo> yes, but where do I enter that info?
<teward> https://netplan.io/examples#dhcp-and-static-addressing
<teward> nameservers > search
<teward> underneath the ethernet device config
<zetheroo> ah ok
<zetheroo> brilliant - thanks
<cyphermox> teward: thanks
<dougquaid> I'm in the process of hardening an ubuntu server. Is there some software that I can scan the server with that will find vulnerabilities?
<lotuspsychje> dougquaid: i like lynis as nice scanning tool, but security has very wide ranges
<lotuspsychje> dougquaid: you can harden your server on so many different ways
<lotuspsychje> dougquaid: first thing is gathering info on everything, like a hacker would do
<lotuspsychje> !security | dougquaid
<ubottu> dougquaid: Security Updates are dealt with here:  https://help.ubuntu.com/community/Security - See also !root, !firewall, !server, and !usn
<dougquaid> thanks
<lotuspsychje> dougquaid: nmap is also very good for information gathering on your ip's/locally and remotely
<lotuspsychje> dougquaid: can you share with us wich services you run from your server?
<teward> cyphermox: for?  oh, the netplan thing with zetheroo?
<giaco> hello
<giaco> I am installing ubuntu server on a machine that has no graphical output, but I have a serial terminal 115200n8. I am supposed to pass additional kernel command line parameters such as "console=tty0 console=ttyS0,115200n8" but I can't find in the install menu where I am supposed to type it
<giaco> By sending F3 it says "To use one of these boot methods, type it at the prompt, optionally followed by any boot parameters. For example: boot: install acpi=off", but if I do "install console=tty0 console=ttyS0,115200n8" it says "Loading install... failed: No such file or directory"
<giaco> same for "expert console=tty0 console=ttyS0,115200n8" "Loading expert... failed: No such file or directory"
<cyphermox> teward: yup
<giaco> but if I do "memtest" it goes "Loading /install/mt86plus... ok", so the boot prompt seems working. Are "install" and "expert" correct references?
<teward> cyphermox: ah, cool.  yeah i keep that examples page bookmarked :P
<teward> since it explains some of those questions real easy :)
<cyphermox> teward: yup, and I'll do one big update of it very soon
<giaco> could you please confirm me that the "install" and "expert" boot options are correct? The documentation is mesleading
<teward> cyphermox: cool, let me know when that happens, can't wait to see even more examples and know even more about Netplan!  :D
<giaco> thank you for your consideration. I'm dropping ubuntu server for a good debian, which has a working install bootloader
<Ussat> wat ?
<Ussat> I have never had an issue with a Ubuntu install bootloader
<mason> Ussat: You need to be more special to encounter it.
<Ussat> I see, reading up
<Ussat> I have not installed a debian in a long time, but I dont expect its a lot different
<mason> Not for the server install, certainly.
<xnox> giaco, i typically use F6 to modify the cmdline of the installer.
<xnox> giaco, i don't think failing to pass the right cmdlines is considered to be a broken bootloader, especially since this is installer only and not the installed system.
<giaco> xnox: contrary to what you are saying, failing to add kernel parameter at boot, especially at intaller boot, can be considered a severe fault
<giaco> xnox: moreover, using the ubuntu netinstall image the behaviour is different and the same command line options are working
<xnox> giaco, are you using non-ubuntu netinstall images and those are broken?
<giaco> so is the the ubuntu server 18.04 iso (the ~900MB one) that is not working
<giaco> xnox: no, the ubuntu netinstall is working, the normal iso is not
<xnox> giaco, live or non-live one? cause the live one, which uses subiquity, has probably incorrect help text on the scren.
<xnox> giaco, right, we should fix that. One second, let me give you two links.
<xnox> giaco, http://cdimage.ubuntu.com/releases/bionic/release/ubuntu-18.04.1-server-amd64.iso  this is the "old" server installer, which uses d-i, and should use all the same kernel cmdline parameteres as netinstall image does.
<giaco> this is the one that did not work https://www.ubuntu.com/download/server
<giaco> xnox: I don't think is a matter of bootloader feature availability: the parameters are passed straight to the kernel
<giaco> btw I've succeeded in installing ubuntu server 18.04 using netinstall + parameters "console=tty0 console=ttyS0,115200n8"
<xnox> giaco, eeeee..... well..... some of them are also parsed by initramfs, and also parsed by installer, to launch the installer on the right console.
<xnox> giaco, i suspect that the one pointed at https://www.ubuntu.com/download/server is a subiquity based one, and doesn't in fact support multiple consoles and doesn't start installer on ttyS0
<xnox> only starts it on tty0
<xnox> actually tty1
<giaco> well, I need ttyS0 anyway, which is not started by default on netinstall
<xnox> giaco, we have two server .iso; this looks like a legitimate bug in one of them; please try this iso http://cdimage.ubuntu.com/releases/bionic/release/ubuntu-18.04.1-server-amd64.iso
<xnox> this one must support console=ttyS0,115200n et.al. correctly; and the same params as netinstall does, as they are built similarly.
<xnox> the image from https://www.ubuntu.com/download/server is very different beast.
<giaco> I didn't know that, sadly
<xnox> giaco, or like for other architectures look at http://cdimage.ubuntu.com/releases/bionic/release/ to download for the whatever arch you need it for
<giaco> But now I'm into configuring the new system, I don't really have time to go back and retry
<xnox> giaco, i'm sorry =/ this is quite low-level details, and i know this because well, i build these images.
<giaco> Can I keep it as homework for next time?
<xnox> giaco, i will open the bug report to fix console=ttyS0 support on the other image (the one from https://www.ubuntu.com/download/server )
<giaco> xnox: oh, well. Thank you for helping me
<xnox> giaco, btw. on the https://www.ubuntu.com/download/server there is a link to these other images
<giaco> I'm curious: why splitting?
<xnox> giaco, under the green button tehre is "see our alternative downloads." in blue
<giaco> is there a "dev/prod" into ubuntu server installer ?
<xnox> giaco, we are working on making the new one; but clearly it would be irresponsible to stop building the old one, given that it is impossible to find all corner cases.
<giaco> xnox: right. Well, glad to help
<xnox> cause we re-wrote the installer from scratch (the new one)
<xnox> plus we dont' have encryption yet in the new one
<xnox> giaco, so yeah, hence the download page does say "This release uses our new installer, Subiquity. If you need support for options not implemented in Subiquity, such as encrypted filesystem support, the traditional installer can be found on the alternative downloads page."
<xnox> or in your case "has buggy console="
<xnox> =)
<giaco> xnox: well, you know, I just went through XD
<xnox> giaco, can you explain again to me your system you are using? you need to boot it using console=ttyS0,115200n8 but it is otherwise x86_64 machine right?
<xnox> with a serial connection / bootloader on the serial console?
<xnox> https://bugs.launchpad.net/subiquity/+bug/1770962
<ubottu> Launchpad bug 1770962 in subiquity "Support serial-port based install" [Undecided,New]
<giaco> xnox: yes, this https://www.pcengines.ch/apu3a2.htm
<xnox> thanks.
<xnox> giaco, for now please use the alternative iso, i pointed you to =/
<xnox> also, once installed, Ubuntu is so much nicer than Debian ;-)
<giaco> xnox: and I connect with this https://www.pcengines.ch/usbcom1a.htm
<teward> xnox: subiquity supports RAID (software, FAKERAID, hardware RAID controllers-controlled arrays, etc.), right?
<xnox> giaco, thanks.
<xnox> giaco, and when you booted that broken iso; it did boot and show bootloader (cause you are describing things like F3 and etc) but you didn't manage to boot to installer, correct?
<giaco> thanks to you. I didn't know I was looking at something new. I tend to consider the boot part of solid server OS quite bulletproof. I not even considerer an "old option". My fault
<xnox> giaco, this is helpful. i'm sorry you had this experience, but i'm glad you shared it with us.
<xnox> giaco, i might want to update the website to also mention that serial console is not working.
<xnox> giaco, note, on all other architectures we are still pointing to old installer, as those are typically done via non-graphical terminals.
<giaco> I confirm. I was able to see the bootloader menu, preff F-keys, type at boot: prompt, start memtest. But install, expert, cli and other were not accepting console options. Without them I was that it was loading something but hey no feedback no party
<xnox> Cool, thanks!
<giaco> * Without them I saw that something was loading
<xnox> giaco, yeah, most likely there was a very pretty installer on tty1 which you couldn't see.
<xnox> giaco, if you launch the new ISO in a qemu/kvm you will see how simple, and pretty it is. Full-terminal curses ui, with minimal steps, import of ssh keys, and very quick install speed.
<giaco> I tend to be the guy with null-modem cables in 2018
<xnox> =))))))))))))))) but also! thank you =)
<xnox> giaco, i might try to fix this, and will try to ping you when it's done.
<xnox> giaco, can you subscribe to https://bugs.launchpad.net/subiquity/+bug/1770962 ?
<ubottu> Launchpad bug 1770962 in subiquity "Support serial-port based install" [Undecided,New]
<xnox> just added a comment to that bug report, about your experience.
<xnox> teward, LVM, RAID, Bonds, Vlans => are all there.
<xnox> teward, fakeraid is partial
<giaco> ok, new network manager. What is netplan? And why is not picking my interfaces? Error in network definition //etc/netplan/01-netcfg.yaml line 9 column 10: br0: interface enp1s0 is not defined
<giaco> but ip a | grep enp1s0: enp1s0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq state DOWN group default qlen 1000
#ubuntu-server 2018-11-03
<n00bee> Ubuntu 16.04 repos only have PHP 7.0. Security fixes will not be available for PHP7.0 will stop on Dec 3. What is the plan? Should we Use the PPAs or is there an upgrade planned in the distro's repos?
<Glorfindel> ok, so this isnt
<Glorfindel> *so this isn't really ubuntu server specific, but ##linux isn't much help and there isn't a nano chanel that I could find; so I'm trying to open the file ./program/configfile.properties, but I am getting the following error: [ Error reading lock file /file/path: Not enough data read ]
<Glorfindel> I've tried deleting the file ./program/configfile.properties.swp but it does not exist. so I created one. still didn't work. deleted that one, and more of the same.
<rbasak> n00bee: https://answers.launchpad.net/ubuntu/+source/php7.0/+question/675535
<kantlivelong> odd kerberos error. rpc.gsssd reports WARNING: Client 'nfs/XXX.YYY.ZZZ.com@YYY.ZZZ.com' not found in Kerberos database while getting initial ticket for principal 'nfs/XXX.YYY.ZZZ.com@YYY.ZZZ.com' using keytab 'FILE:/etc/krb5.keytab'          but klist -kt /etc/krb5.keytab shows that exact entry
<Buoy172> what mta would you recommend?
<ahasenack> kantlivelong: I think it means it didn't find that principal on the kdc
<kantlivelong> ahasenack: its bizarre tho. a line above it says it found one. on 18.04 i have no issue :/
<kantlivelong> fresh install, update, ad join/kerb, mount
<ahasenack> what does the kdc log show?
<kantlivelong> the kdc is ms ad. will have to look but figured it wouldnât be anything on that end at this point
<kantlivelong> ... being that it works fine for fedora and 18.04
<ahasenack> if you export KRB5_TRACE=/dev/stdout, the client library will print some debugging
<ahasenack> iirc it's KRB5_TRACE
<ahasenack> that has helped me in the past figuring out exactly what the client was trying to do
<kantlivelong> oh thatâs handy to know. im mobile right now but will def give that a go
<kantlivelong> trying to find the paste i did earlier but its too far back
<ahasenack> yep, that's the name, just confirmed
<ahasenack> the other usual checks would be permissions in the keytab file, and dmesg to check if apparmor isn't denying something
<Buoy172> I just installed postfix. Do I have to install mail too to be able to send emails?
<kantlivelong> ahasenack: https://paste.ubuntu.com/p/GZqqcGgsvk/
<ahasenack> Buoy172: you want to send email from the command line, cron jobs, that kind of thing? Postfix is just an MTA, not a MUA. It provides /usr/sbin/sendmail that some scripts know how to use, but it's not meant to be used by actual users
<ahasenack> kantlivelong: that's the old paste you mentioned?
<ahasenack> kantlivelong: I see a "$" sign next to some principals that is not in the list of /etc/krb5.keytab, is that expected?
<kantlivelong> yeah
<Buoy172> ahasenack: so what should I do?
<ahasenack> windows computer names have $ at the end, or used to back in the NT days
<kantlivelong> which old ones?
<kantlivelong> er read that wrong
<ahasenack> Buoy172: I don't know what else you want to do, or who will be using that postfix service
<kantlivelong> ahasenack: i assume you mean the fqdn principal with the $? the length is too long for a spn so i think thats just some weirfd autodetect
<kantlivelong> but maybe thatâs it?
<ahasenack> I mean it says it's looking for ADTESTUBUNT.XXX.YYY.ZZZ$@XXX.YYY.ZZZ
<ahasenack> with the $
<kantlivelong> yeah
<kantlivelong> its not a valid spn
<ahasenack> you have host/ keys for that domain, but without the $
<ahasenack> I think
<ahasenack> it's a long list :)
<kantlivelong> but im guessing thats juat some auto detection?
<ahasenack> you even have principals with that name
<kantlivelong> yeah the short name is there
<Buoy172> ahasenack: I have a website hosted on ubuntu 16.04. There's a contact-us form. That's where I need to send email from.
<Buoy172> First I want to make it work and test by sending email from the command line. Then I know how to use php's mail()
<ahasenack> Buoy172: then just postfix should be enough, php and "web stuff" usually knows how to call /usr/sbin/sendmail, or use localhost:25
<ahasenack> Buoy172: ah, ok, for testing, you can install whatever provides /usr/bin/mail
<ahasenack> I think mailx is a minimal client
<kantlivelong> im going to have to compare that to the 18.04 box tho
<Buoy172> ahasenack: I tried this: php -r "mail('myemail@example.com', 'Test from Ubuntu', 'howdy partner');" but I didn't receive an email
<Buoy172> of course, I didn't use myemail@example.com, but I used a vaild email that I have
<ahasenack> Buoy172: I'm not sure about the php syntax, but you can check /var/log/mail.log to see if postfix was even used
<Buoy172> It seems to have been used
<Buoy172> I'll create a paste of mail.log for you to see, and I'll replace my actual mail with XXXXX
<Buoy172> ahasenack: https://kopy.io/Jy1CJ
<ahasenack> Buoy172: yeah, you seem to have a firewall blocking outgoing connections to port 25
<ahasenack> kantlivelong: what are the actors here again? you are trying this on a 16.04 nfs client, kdc is AD, and the nfs server is something else?
<kantlivelong> ahasenack: fresh install of 16.04, updates, realmd, sssd, krb5. joining ms ad (2016). nfs server is centos7
<kantlivelong> same steps for 18.04 where it works
<ahasenack> sssd might have been fixed in some regard
<ahasenack> I'll play with this a bit with an ubuntu-only setup, to see which principals are involved for just nfs
<kantlivelong> i know the credential cache had some kernel changes
<kantlivelong> also as a heads up. i have to use msktutil to fetch updated ticket info for the keytab
<kantlivelong> not sure if thats normal or not. the samba net ads util doesnt seem to do anything on either setup
<ahasenack> realmd is supposed to help in that regard I think
<ahasenack> but I remember having to create something on the windows side once, I forget the name of the thing, spn maybe?
<ahasenack> really want to avoid having to deal with windows again
<kantlivelong> ahasenack: 16.04 client, centos 7.x nfs server, 2016 ad
<kantlivelong> ahasenack: just have to add the nfs spns
<kantlivelong> ahasenack: i did too but openldap/samba was more of a pita and added too many variables
<Mr_Pan> hello i have a ubntu 18.04 server .  i have a service ionclean ... 46.5% CPU.  what is this ?
<Mr_Pan> do u have idea  ?  http://i.imgur.com/vRTYiQr.png
<Mr_Pan> what are these services ?
#ubuntu-server 2018-11-04
<RoyK> openfire, nacc et al: bug #1059541 is a good example of how things aren't really cared for in the ubuntu server camp
<ubottu> bug 1059541 in initramfs-tools (Ubuntu) "Change default behavoir to boot degraded RAID" [Undecided,Confirmed] https://launchpad.net/bugs/1059541
<kantlivelong> ahasenack: comparing the output of rpc.gssd between 16.04 and 18.04 looks very different
<kantlivelong> it looks like 16.04 is looking for a machine entry with the FQDN where 18.04 uses the short name
<kantlivelong> hostname.domainname.com$@DOMAIN.COM vs hostname$@DOMAIN.COM
<kantlivelong> not sure if thats configurable
<lotuspsychje> welcome Curtman
<lotuspsychje> perhaps also mention the ubuntu server version to the channel
<Curtman> I'm using open-iscsi to connect to a target, I would like to do 'rmmod g_mass_storage; modprobe g_mass_storage file=/dev/sda stall=0' each time the initiator connects to a particular target.  Does anyone know how to make that happen?
<Curtman> Ubuntu 18.04
<Curtman> Initially I tried adding 'modprobe g_mass_storage file=/dev/sda stall=0' to rc.local, but found that it does that before the initiator connects to the target.  Does anyone have an idea how to make that happen after iscsid in systemd?  My systemd-foo is not good.
<lotuspsychje> idle here a bit Curtman, as we have different timezones volunteers might read a bit later when wakeup/back from away
<Curtman> Yep,  I'm not sure this is the best place to ask but I cant seem to find a better one.
<lotuspsychje> Curtman: if you have ubuntu server your question fits right in here
<Curtman> Well, the target is on a Ubuntu Server with the tgt package.  The Initiator would be any debian based distro with open-iscsi.  I'm hoping to make a rasperry pi zero (raspbian distro) connect to an iscsi target at boot, then use the g_mass_storage gadget to make the pi look like a usb mass storage device to whatever it is plugged in to.
<Curtman> Everything works wonderfully if I ssh into the pi and modprobe the kernel module manually each boot.  I'd like to find a way to automate that each time the target is connected.
<Curtman> More googling leads me to believe my answer is udev. 'udevadm info -a -n sda' provides a bunch of information.  Possibly I need to figure out how to create udev rules that insert and remove the module.
<TJ-> Curtman: you need to remove/re-insert the module, or just insert it once at the correct time?
<Curtman> Ideally remove it when the iscsi target disconnects and insert it when it connects.  I think this is a good clue:  https://www.suse.com/support/kb/doc/?id=3684654  "all iSCSI disks (identified by the vendor ID IET) will be ..."
<TJ-> Curtman: you could add a udev.rules file, firing on ADD/REMOVE events, matching on the iSCSI device. e.g. ACTION=="add", SUBSYSTEM=="scsi", ENV{ID_VENDOR}=="IET",RUN+="/sbin/modprobe g_mass_storage stall=0 file=/dev/$kernel"  and a similar ACTION=="remove" to do RUN+="/sbin/modprobe -r g_mass_storage"
<Curtman> Thank you very much TJ-
<Curtman> TJ-, I must be missing something, I've added exactly this to /etc/udev/rules.d/99-com.rules: ACTION=="add", SUBSYSTEM=="scsi", ENV{ID_VENDOR}=="IET", RUN+="/sbin/modprobe g_mass_storage stall=0 file=/dev/sda"
<Curtman> It doesn't seem to be happening.
<Curtman> I tried restarting udev, and even rebooting to be sure..  It should happen when I restart the open-iscsi service, /dev/sda disappears then reappears when I start it.
<TJ-> Curtman: to begin with, I suggested using the udev variable to make it mroe modular, as in "...file=/dev/$kernel"
<TJ-> Curtman: you need to ensure all the match entries do match (the == ) - I may not have it entirely correct, so you need to use "udevadm info ..." to check what the relevant keys/attributes are
<Curtman> Yes, I think I've got it now.. ATTRS instead of ENV..  This seems to work: ACTION=="add", SUBSYSTEMS=="scsi", ATTRS{vendor}=="IET     ", RUN+="/sbin/modprobe g_mass_storage stall=0 file=/dev/sda"
<Curtman> Thanks very much for your helo
<Curtman> help
