#ubuntu-server 2006-05-08
<xerophyte> anybody useing postfix and saslauthd
<xerophyte> i am getting some auth fail werror with ubuntu but fedora core just work fine .. and i tested with testsaslauthd it worked fine
<Vaske_Car> anybody have a minute to explane me something?
<Vaske_Car> actually I need tutorial to install required aplication to host forum
* #ubuntu-server  [freenode-info]  why register and identify? your IRC nick is how people know you. http://freenode.net/faq.shtml#nicksetup
<nawty> guys, gots a question, anyone around?
<nawty> HostRAID, is that controller supported in the -server kernel ?
<nawty> Intel/Adaptec afaik, SATA.
<nawty> Standard in some of our Intel Boxen.
<soumyadip> I suppose so
<soumyadip> it is there in the stock kernel
<nawty> soumyadip: it detects the two sata disks seperately, and not as the raid, where as the vanilla kernel on the gentoo install works perfectly, as does freeBSD
<nawty> on FreeBSD it becomes ar0
<soumyadip> http://www.ubuntuforums.org/showthread.php?t=34519  <- maybe this would help
<nawty> checking quick, :)
<nawty> it's the SATA Hostraid, not the SCSI one.
<highvoltage> hi there.
<highvoltage> i need some help for someone in #edubuntu
<highvoltage> this person has 8GB RAM on an LTSP server
<highvoltage> so I suggested they install the server kernel.
<highvoltage> the problem is, it brings the server to a crawl.
<highvoltage> hi Petaris, i'm just about half way explaining your problem :)
<Petaris> highvoltage: I didn't even know about this channel
<Petaris> hehe
<highvoltage> and with a 686 kernel, you'd only be able to use 4GB of the ram on that server.
<highvoltage> so what would be the ideal Ubuntu kernel for a big LTSP server?
<Petaris> my system is a dual opteron with 8 GB of RAM (4 per cpu) and hardware raid 1 using an LSI MegaRAID SATA PCI-X adapter
<ivoks> highvoltage: what's the problem?
<highvoltage> ivoks: Petaris is building a big ltsp server, with 8GB RAM
<ivoks> ok
<highvoltage> the 686 kernel can only see up to 4GB RAM, so he's using the ubuntu server kernel
<ivoks> ok
<highvoltage> but it brings the machine to a crawl very quickly
<highvoltage> so which kernel should he use?
<Petaris> my system is a dual opteron with 8 GB of RAM (4 per cpu) and hardware raid 1 using an LSI MegaRAID SATA PCI-X adapter
<highvoltage> it's a dual-opteron server, btw.
<ivoks> crawl as slow or it dies?
<Petaris> slow
<Petaris> very slow
<ivoks> did you try to figure out why it's so slow?
<Petaris> I looked a bit, but didn't find any real obvious reasons
<highvoltage> ivoks: well, it's only slow with the server kernel, with the 386 kernel, it was apparently much faster
<highvoltage> right Petaris?
<Petaris> highvoltage: yes
<ivoks> hm...
<ivoks> run it with -server kernel
<ivoks> and i'll be here next few hours
<ivoks> so i can help you debug the problem
<ivoks> what version is that?
<mdz> highvoltage: what's up?
<Petaris> 2.6.15-21
<highvoltage> mdz: thanks for coming :)
<ivoks> ok, not the latest, but...
<highvoltage> Petaris is building a big ltsp server, with 8GB RAM
<ivoks> Petaris: install -22 for start
<highvoltage> the 686 kernel can only see up to 4GB RAM, so he's using the ubuntu server kernel
<highvoltage> but it brings the machine to a crawl very quickly
<highvoltage> so which kernel should he use?
<mdz> he should use the server kernel
<ivoks> to take the most of the ram - server
<mdz> if he's having a problem with that kernel, he should report a bug and work with BenC to get it resolved
<mdz> otherwise it's just going to bite someone else
<highvoltage> he reports that the system runs very, very slow with the server kernel though, and that's with just one thin client connected.
<highvoltage> mdz: ok, thanks for that feedback
<mdz> highvoltage: that's not a feature
<Petaris> ivoks: that is the version that kernel-image-server installed
<ivoks> Petaris: i know, but new version is out
<highvoltage> Petaris: i think our best bet is to track down BenC, and find out what information he needs to fix it
<Petaris> ivoks: ok
<ivoks> Petaris: metapackage still doesn't install it, but it will soon
<Petaris> highvoltage: right
<highvoltage> Petaris: i see he's on #ubuntu-kernel, let's go bug him there :)
<ivoks> file a bug
<ivoks> but we can work on a problem
<Petaris> highvoltage: ok
<highvoltage> ivoks, mdz: thanks again for pointing us in the right direction
<ivoks> highvoltage, Petaris rarely there is a chance to work on a broken system in real time, so it would be nice if you could give some more informations here on IRC
<ivoks> and paste everything to the launchpad bug
<Petaris> ivoks: What info would you like?
<ivoks> do you run it now?
<mdz> highvoltage: np
<Petaris> ivoks: any chance this could just be my system?
<ivoks> Petaris: all options are open, but we have to start with "it's kernel problem" :)
<Petaris> ivoks: yep, its running now
<Petaris> just grabbing the -22 kernel
<ivoks> keep an eye on load and tail syslog in other window
<ivoks> and kernlog in other
<highvoltage> Petaris: syslog might be handy, the output of dmesg too (perhaps there's some error somewhere)
<highvoltage> Petaris: perhaps also the contents of /proc/cpuinfo. i suppose more informaiton is better than less.
<Petaris> right
<ivoks> but don't paste it here :)
<Petaris> let me install this new kernel first
<ivoks> ok
<Petaris> maybe this will fix it
<Petaris> you never know
<ivoks> it has quite large changelog
<ivoks> not sure how much of it is related to your problem
<highvoltage> the k7 kernels has nothing to do with the opterons, right?
<ivoks> no
<Petaris> ok its in, rebooting
<ivoks> ok
<Petaris> server booted, booting client
<ivoks> ah.. does server without clients works ok?
<Petaris> don't know
<ivoks> ok
<Petaris> clients up
<ivoks> now tail syslog and kernlog
<ivoks> and open top to watch over load and apps that grab too much proc
<Petaris> its slow again
<ivoks> ok, can you work on it at all?
<ivoks> just run 'uptime' to see load
<Petaris> root@Ayumi:~#  min,  1 user,  load average: 0.40, 0.87, 0.44
<ivoks> so, it's not load
<Petaris> nope
<Petaris> and top isn't showing much either
<ivoks> oh... hm...
<ivoks> dmesg
<ivoks> and try to catch any error
<ivoks> you can paste it to a file and upload it somewhere
<Petaris> :)
<ivoks> ok, sec...
<ivoks> this looks ok
<Petaris> what next then
<ivoks> netstat -a | grep -v unix
<ivoks> hm...
<ivoks> didn't you say you booted clients?
<Petaris> just one
<ivoks> none is connected
<Petaris> I'm not logged into it
<Petaris> could that be why?
<ivoks> ok, never mind...
<ivoks> and memory is mostly free?
<ivoks> free -m
<Petaris> root@Ayumi:/var/log# free -m
<Petaris>              total       used       free     shared    buffers     cached
<Petaris> Mem:          8011        244       7767          0         10        141
<Petaris> -/+ buffers/cache:         92       7919
<Petaris> Swap:         6204          0       6204
<Petaris> easier to read: http://phpfi.com/115939
<ivoks> hm...
<ivoks> just a sec...
<Petaris> ok
<ivoks> install and run saidar package
<ivoks> and take a look at disk activity
<Petaris> ok, sec
<ivoks> anything abnormal?
<Petaris> other then I'm still waiting for it to finish installing?
<ivoks> :)
<Petaris> :/
<ivoks> ok...
<ivoks> in grub
<ivoks> add this argument to kernel:
<ivoks> elevator=cfq
<Petaris> add it at the end of that line?
<ivoks> yes... kernel .... elevator=cfq
<Petaris> added
<ivoks> now boot that kernel
<Petaris> ok
<Petaris> what will that do
<ivoks> change default io scheduler
<ivoks> from deadline to cfq
<ivoks> in -686 and -386 default if anticipatory
<ivoks> and in -server deadline
<ivoks> this is kernel tuning
<Petaris> ok its back up
<ivoks> it's not cpu, it's not memory, nor network
<ivoks> so, it has to be disk :)
<Petaris> and I was able to install saidar
<ivoks> is it slow again?
<Petaris> yeah, but not quite as slow
<Petaris> http://phpfi.com/115945
<ivoks> faster than before?
<ivoks> but still slow
<Petaris> yes, but not by much
<ivoks> this comp is totally idle
<Petaris> yeah
<Petaris> not even a client booted yet
<Petaris> sda is getting a writes every few secounds
<ivoks> i guess these are nfs exports?
<ivoks> on sda
<Petaris> not sure
<ivoks> i'm missing something :)
<Petaris> me too
<ivoks> ok, try booting with elevator=anticipatory
<ivoks> (this is a long shot)
<Petaris> ok, rebooting
<Petaris> ok its up
<ivoks> and?
<Petaris> wth?
<Petaris> I can't ssh to it
<Petaris> ahh, there it goes
<ivoks> ?
<Petaris> still very slow
<ivoks> ok
<ivoks> then it's memory
<Petaris> espeacially with X stuff
<ivoks> X stuff?
<ivoks> on clients?
<Petaris> on the server
<Petaris> I haven't booted the client yet
<ivoks> hm...
<Petaris> maybe it is an xorg issue
<Petaris> naw
<Petaris> that would show in memmory probably
<ivoks> well, -server doesn't have preempt
<Petaris> hrm
<Petaris> is there anyway to add it?
<Petaris> like as a kernel option?
<ivoks> nope
<Petaris> bugger
<ivoks> pardon
<ivoks> it has preempt
<Petaris> oh
<Petaris> then thats not it
<ivoks> CONFIG_PREEMPT_NONE=y
<Petaris> hrm
<ivoks> # CONFIG_PREEMPT is not set
<Petaris> should it be?
<Petaris> *for an ltsp server
<ivoks> well, i'm not sure it's preempt problem
<ivoks> BenC will know that better
<ivoks> i'm really not sure
<ivoks> anyway, report a bug
<Petaris> hrm
<Petaris> This is not good
<Petaris> maybe I should just build my own kernel
<Petaris> off of the i386 one that worked
<ivoks> you can try with .config of -server
<ivoks> but change preempt
<Petaris> and add the smp and support for greater than 4 GB of RAM
<ivoks> and then you'll know if it is preempt
<Petaris> hrm
<ivoks> all kernels are i386
<ivoks> but one is -686
<Petaris> the i386 kernel (not server) worked quite well for me
<Petaris> but with only one cpu and 4 GB of ram
<ivoks> -386 kernel is generic
<ivoks> use -686
<Petaris> hrm
<ivoks> did you file a bug about this?
<Petaris> no
<Petaris> not sure what to put in it
<Petaris> My system is slow? lol
<ivoks> poor performance with -server kernel on ltsp server
<ivoks> and mention that X apps are slow
<ivoks> or all apps are slow?
<Petaris> cli apps are slow as well, but not nearly as slow as X apps are
<ivoks> i doubt that's preempt
<ivoks> well... build your own kernel
<ivoks> and you'll see how it goes, but file that bug
<Petaris> is there anything speacial I have to do when building it?
<ivoks> get source
<ivoks> and copy /boot/config*-686 in .config
<ivoks> change max ram supported and that's it
<Petaris> I don't have a 686 config
<ivoks> wait...
<ivoks> is that 32bit or 64bit? :)
<ivoks> processor
<Petaris> opterons are 64 bit with 32 bit compatability
<Petaris> I run 32 bit on them
<ivoks> that's why -386 works
<ivoks> -686 wouldn't work either
<ivoks> get amd64 release
<ivoks> not i386
<Petaris> won't that break my ltsp clients?
<Petaris> well worth a try
<ivoks> break? why?
<Petaris> 64 bit server enviornment with 32 bit clients?
<Petaris> hrm
<Petaris> where is the amd64 linux-image?
<Petaris> I can only find the k7
<ivoks> on amd64 cd
<Petaris> hrm
<ivoks> together with amd64 libc :)
<Petaris> right
<Petaris> I was recommended not to run that for ltsp server
<ivoks> why?
<Petaris> issues with clients and some of the other software
<Petaris> ogra in #edubuntu was the one who advised that
<ivoks> thath could be, i don't know
<ivoks> then you have to use -386 kernel
<Petaris> right
<ivoks> not -686
<Petaris> is there a specific source package I should use?
<Petaris> and is there anything speacial I have to do when building it?
<ivoks> apt-get install linux-source
<Petaris> ok
<Petaris> brb
<Petaris> back
<Petaris> ok, its installed
<ivoks> you'll find the source in /usr/src
<Petaris> ok
<ivoks> you know how to compile a kernel?
<Petaris> yeah
<ivoks> great
<Petaris> but is there anything speacial I need to know?
<ivoks> nope...
<ivoks> go in /usr/src/linux-...
<ivoks> copy /boot/config*-386 in .confg
<ivoks> .config
<ivoks> starta make menuconfig
<ivoks> add support for 16GB RAM
<ivoks> and build it with make
<Petaris> how do you create that initrd.img file in /boot
<nawty> Hey folks, anyone round here had any experience with the Adaptec/Intel/IBM SATA HostRAid ?
<ivoks> mkinitramfs -o /boot/my_new_initrd
<Petaris> ivoks: don't I have to do a make old-config or something?
<ivoks> no
<ivoks> just run make
<Petaris> oh
<Petaris> I seem to remember having to do that before
<ivoks> you runed make menuconfig
<ivoks> and changed a configuration
<ivoks> so oldconfig is newconfig now :)
<Petaris> ahh
<Petaris> ok
<Petaris> hrm
<Petaris> root@Ayumi:/usr/src/linux# make menuconfig
<Petaris> -bash: make: command not found
<Petaris> that can't be good
<ivoks> apt-get install build-essential
<Petaris> ok
<ivoks> i have to go now...
<Petaris> alright
<Petaris> thanks for all the help
<ivoks> i hope it will work
<Petaris> me too
<ivoks> read some docs about initrd
<ivoks> i'm not sure if it will work as i said
<Petaris> ok
<ivoks> bye
<Petaris> bye
<Petaris> hrm
<nawty> anyone?
<Petaris> nawty: LSI MegaRAID SATA
<Petaris> but none of the ones you listed
<nawty> :(
#ubuntu-server 2006-05-09
<nictuku> hi all
<keherman> hello!
<nictuku> keherman, hi!
<keherman> :-)
<maswan> fabbione: https://wiki.ubuntu.com/LustreInUbuntu <- about half a spec, comments are most welcome
<fabbione> maswan: what about finishing it? :)
<fabbione> use cases look ok
<fabbione> go for the implementation
<fabbione> * evaluate current code
<fabbione> * merge with ubuntu kernel
<fabbione> * make packages for the userland tools
<fabbione> * profit...
<fabbione> Code
<fabbione> * verify that lustre can keep up and work with current ubuntu kernel
<fabbione> Data etc...
<fabbione> non
<fabbione> Outstanding issues?
<fabbione> * none are known at the moment
<fabbione> something like this would do
<maswan> Ok, adding that. Thanks
<maswan> Hmm.. Just checked, the next major version of Lustre (release 2007) seem to aim for mainline inclusion. But that's some time away.
<maswan> Anyway, might be good to know, if the current patchset is not good for the current Ubuntu kernel.
<fabbione> so you could add that to Outstandind issue
<fabbione> specially if they plan to change th on-disk format
* maswan checks to make sure
<maswan> on-disk format changes are done with transparent transitions
<maswan> so the current version will support the previous (and next, if a format change is planned)
<fabbione> hmm ok
<fabbione> so what happens if we hit a dapper-like release with lustre.. can we expect a smooth transition in 5 years?
<fabbione> or we will have to reinvent the wheel?
<maswan> Good question.
* maswan adds that as an outstanding issue
<maswan> Possibly a cycle-through of intermediate versions might be needed. I don't know.
<fabbione> that's something we might have to ask upstream
<fabbione> s/we/you
<fabbione> you write the spec.. you get to implement it..
* maswan nods (and eek, but I guess that doesn't mean I have to do everything :) )
<fabbione> well most of it.. :)
<maswan> just talked to the guy that did the patching for breezy locally here, and it seems to not be that bad. just a few trivial conflicts with that kernel. wonder how it looks for the post-dapper devel kernel? :)
<mkrufky> infinity: you around?
<infinity> mkrufky: Ish.
<mkrufky> hi
<mkrufky> infinity: just wondering if you had ever received my email containing the patch for stored procedures support in php-mssql for 5.0.5
<mkrufky> the bug is already fixed in 5.1.x  ... but you had asked me to send you this patch anyhow
<infinity> mkrufky: Err, I think we had a failure to communicate.  You were asking for fixes to php-sybase, then sent me a patch to enable php-mssql.
<infinity> mkrufky: I know how to do the latter, but we're not going to do it.
<infinity> mkrufky: A patch that ports the functions you need from mssql into sybase_ct would be much more helpful.
<mkrufky> ah!
<mkrufky> yes, quite a misunderstanding
<mkrufky> php-sybase will never support full mssql stored procedures, as per what i've read on google
<mkrufky> so.. i think i wont be touching that with a ten foot pole :-/
<mkrufky> you did, however, tell me that you were considering php-mssql for inclusion in POST_dapper
<mkrufky> did i misunderstand this also?
<infinity> Oh, post-dapper, yes, it'll end up in the php-sybase package (both modules), IF we can't merge the two.
<infinity> On the other hand, both wrap the same library, and it seems like it wouldn't be much effort for someone to just port the functions from one to the other.
<infinity> I've just spent zero time looking at that.
<mkrufky> ah
<mkrufky> i bet a lot of users would be happy to know that full mssql functionality could be supported in ubuntu
<mkrufky> unfortunately, even though I got it working..... i dont feel comfortable running a production server off of a hack like the patch that i had to send you
<mkrufky> so........ i had to convert that machine to FC5
<infinity> To be fair, I used to use Debian's php-sybase packages professionally (last job I had before Canonical, where I used MSSQL a lot) and never really felt like I was missing anything.
<mkrufky> but i am hoping that by the time i am ready to build the next server, that ubuntu will have a solution
<mkrufky> the issue is the stored procedures
<mkrufky> in the current src package for php-mssql, stored procedures are completely broken
<mkrufky> err... s/current / breezy
<infinity> Fair enough.  I'm not going to backport patches to a stable release for source we don't even compile by default, obviously. :)
<mkrufky> hehe of course not
<mkrufky> and i have not tried the src packages in dapper, but for all i know they might work just fine
<mkrufky> infinity: so, im just wondering about this......   i was considering a support license, but as of now we're going to wait some longer......   but here is my problem:
<mkrufky> i need the full mssql functionality before i can commit to running ubuntu on our servers....
<mkrufky> so, chicken or the egg... which comes first?
<mkrufky> support licence will be a catalyst for ubuntu to fix it?
<mkrufky> or ubuntu fixing it will lead to my purchase of a support license?
<mkrufky> how do these things get handled with other customers?
<infinity> TBH, I'm not really positive how customers requiring custom packaging is handled.
<infinity> Obviously, I can get the support you need in for edgy, but the changes are fairly invasive to do what I want to do for dapper.
<mkrufky> thats no problem
<mkrufky> just knowing that it will definately be in the release after dapper is enough for me
<mkrufky> i would REALLY prefer using ubuntu on my servers.....
<mkrufky> i just feel better about .deb package management as opposed to redhat rpms.... and ubuntu is the best debian-based distro ive ever used
<infinity> Well, you'll have your pick, as I intend to make the changes you need for both Edgy and Etch.
<infinity> (Which should likely release around the same time)
<mkrufky> what is the difference?  this is the first i am hearing of edgy and etch
<mkrufky> (i've been slacking with my ubuntu news)
<infinity> Edgy Eft == Next Ubuntu release after Dapper.  Etch is the next Debian release after Sarge.
<mkrufky> ah!
<mkrufky> well, i am leaving a spare partition on this server for testing new OS's ..... when you have things ready, I'd be happy to run some tests for you
<mkrufky> to make sure that all works (esp stored procedures) before these get released
<infinity> Fair enough.  I should be making the changes in sid within the next month, and those'll trickle into both edgy and etch quickly enough.
<mkrufky> great
<mkrufky> do u still have my email address ?
<mkrufky> (i dont know if you know anybody else able to test mssql stored procedures)
<infinity> I can test them myself.  I have an MSSQL Server setup here somewhere to test freetds and php-sybase with.
<infinity> But I'm pretty sure I still have your address too.
<mkrufky> ok... if you remember, it would be cool if you could email me to let me know when to give it a whirl
<mkrufky> you might have two email addresses for me... not sure... the one appropriate for this is my irc nick at silenttype dot com
<mkrufky> the other one is the same, at linuxtv dot org.... i think i accidentally used that one when i emailed the patch to u
<mkrufky> oops.. sorry wrong
<mkrufky> mike at silenttype dot com -- that's it
<mkrufky> (sorry for confusion)
<mkrufky> ...and thanx for the info
#ubuntu-server 2006-05-10
<J_P> hi all
<J_P> Are there some dedicated page for ubuntu-server where has concetrated howtos, tutorial etc etc for setup services in ubuntu-server ?
<spike> J_P: not really, best bet is using the search page on the wiki
<J_P> spike: what wiki ?
<spike> J_P: wiki.ubuntu.com
<J_P> spike: thanks
<mgalvin> i attempted to use tiger to scan my dapper machine but it hangs when running the system specific tests... has anyone else tried using these in dapper?
<mgalvin> hmm, there seem to be a few issues with using the harden* packages.
* mgalvin files bugs
<mgalvin> does anyone know of a good reason why nagios would still depend on apache and not apache2?
#ubuntu-server 2006-05-11
<pygi> neuralis: poke
* neuralis feelspoked.
* neuralis feels poked, even.
<ajmitch> hello neuralis
<neuralis> hey ajmitch
<pygi> neuralis: I need idea for a good server project ...  it must include bzr..perhaps Provide a RCS /etc out of the box
<pygi> but thats I suppose too lill' for 3 month
<neuralis> sec, brb
<pygi> neuralis:ok
<ajmitch> pygi: why must it include bzr?
<neuralis> pygi: this is for summer of code, or otherwise?
<neuralis> rcs /etc out of the box is not a complicated project now that bzr is stable
<pygi> neuralis: Indeed...thats why I am asking you for a idea :)
<pygi> not for me tho, but to suggest it to someone
<neuralis> hmm
<neuralis> still summer of code, yes?
<pygi> indeed
<neuralis> i'm not sure revcontroling /etc is sufficient for a whole summer
<neuralis> but it's a decent start
<neuralis> let me think of what else needs to be done
<pygi> neuralis: ok
<neuralis> so actually, you know what might be a cool soc project? the express server idea via tasksel that we talked about a long time ago
<neuralis> how skilled is the person?
<pygi> not yet sure about that :-/ trying to find out
<ajmitch> neuralis: fwiw, I'm going to try for the network authentication spec
<ajmitch> client & server
<neuralis> pygi: you might want to have him send me a resume, so i have some idea of what he's done in the past, and i can recommend a project based on that
<pygi> neuralis: ok, will do
<ajmitch> he's only got a couple of days to put in an applications
<neuralis> ajmitch: yeah, i'll reply within a couple of hours of hearing from him
<ajmitch> it's taken me awhile to put this one together
<ajmitch> with looking into what is feasbile
<ajmitch> s/feasbile/feasible/
<neuralis> i have <10 minute mail turnaround time for 85% of the day :)
<ajmitch> impressive :)
<neuralis> nah, just means i don't sleep nearly enough.
<ajmitch> heh
<neuralis> pygi: don't remember if you have my e-mail, ivan@laptop.org
<pygi> neuralis: I do have your mail :)
<neuralis> okay, cool, i'll expect his mail. anything else before i run out?
<pygi> no need :)
<pygi> enjoy
<neuralis> ajmitch: i'm pretty happy you're the one doing n-a; that has enormous screwup potential, so i'd much rather it be done by someone who knows what he's doing than a total newcomer
<pygi> neuralis: he is still not choosen tho :)
<ajmitch> I can hope
<neuralis> i need to talk to fabio and see what the deal is with ranking applications
<pygi> neuralis: not much :)
<pygi> application can have 1000 points, but if it doesnt have mentors, it fails =P
<neuralis> well, i imagine tollef will mentor this
<pygi> Mithrandir is mentoring n-a
<neuralis> yep
<neuralis> ajmitch: will you be in paris?
<ajmitch> unfortunately not
<pygi> talked to him already...he just hadnt requested a mentorship yet
<ajmitch> I would love to be, really
<neuralis> other commitments?
<ajmitch> yeah
* pygi cant be as well :(
<ajmitch> uni exams on 19th & 21st
<neuralis> ah, boo :/
<ajmitch> plus sponsorship would be required
<neuralis> right
<pygi> I intended to ... but gotta go to Sweden :-/
<ajmitch> it's about 30 hours or so flight time
<neuralis> yeah, the dates are less than pleasant for me as well
<neuralis> because june is now turning out to be croatia, france, brazil, vegas, cambridge directly back to back :/
<ajmitch> busy man
<pygi> neuralis: when again are you coming to Croatia?
<neuralis> pygi: may 27
<ajmitch> I doubt the uni would let me sit exams early just to go to paris
<pygi> heh, I hope Il be back by that date :-/
<neuralis> pygi: i'll be around until paris
<ajmitch> ah, too late to even ask about getting exam dates changed
<pygi> nice, I will plan something out then
<neuralis> ajmitch: sorry to hear it
<neuralis> pygi: cool. much beer will be had.
<pygi> neuralis: :)
<neuralis> beer in this country sucks terribly.
<pygi> lol :P
<neuralis> it's like drinking badly flavored rainwater.
<neuralis> ok, on that note, i'm out
<neuralis> cheers guys, g'night
<ajmitch> night neuralis
<pygi> night
<fabbione> uh?
<pygi> fabbione: ?
<fabbione> why i am reading my name around?
<fabbione> :)
<pygi> lol :)
<fabbione> <neuralis> i need to talk to fabio and see what the deal is with ranking applications
<fabbione> neuralis: you are not allowed to sleep, pussy
<fabbione> neuralis: what's all of this about? :)
<pygi> its all about SoC
<fabbione> i am not part of the SoC
<fabbione> not this year at least
<pygi> agreed, but we wanted ur opinion =P
<fabbione> mind to explain me about what+
<fabbione> ?
<fabbione> i am too lazy to read the scrollback
<ajmitch> suggestions for another SoC project for server work
<ajmitch> since apparantly there's someone asking for ideas
<fabbione> well there are the leftovers from dapper
<pygi> just RCS it seems
<fabbione> that's quite a big one
<fabbione> it's not as easy as it looks
<fabbione> ok let me think a couple of minutes about it
<pygi> for 3 months work? :P
<pygi> oki
<pygi> something which involves python programming should be good
<fabbione> you understimate it.. trust me
<fabbione> there is a lot of things involved there
<pygi> ah,oki :)
<pygi> and who would mentor that? :-/
<fabbione> not me :P
<fabbione> well somebody will be assigned to it if it gets accepted
<pygi> Il make sure it gets accepted because this is the only project for server
<pygi> except n-a, but thats for all :P
* ajmitch wonders how many people have put in an application for increasing XGl/AIGLX bling in edgy :)
<fabbione> well i think a FAI integration would be good
<pygi> ajmitch: 0 :)
<ajmitch> surprising
<fabbione> like you install ubuntu server.. create the image of either ubuntu or ubuntu-server automatically and ready for deployment out of the box
<pygi> ok, will talk to him about that
<fabbione> there are the 3rdy part applications too
<fabbione> to be evaluated, get in touch with vendors and package them...
<fabbione> (assuming they would like them to be there)
<fabbione> there was more.. for sure
<fabbione> improving my offline system-integrity-check
<fabbione> assuming we will ever get the server infrastructure at the DC
<fabbione> there are tons of things that can be done..
<fabbione> pick one :P
<pygi> will do
<pygi> thanks
<pygi> gotta run now, so see ya
<fabbione> cya
<neuralis> fabbione: i never sleep.
<neuralis> fabbione: i only block on a call here and there.
<neuralis> firmware bug.
<fabbione> eheh
<infinity> neuralis: I've heard that not sleeping is bad for you.
<infinity> neuralis: Or, so my coworkers keep telling me.
#ubuntu-server 2006-05-12
<J_P> hi all
<nictuku> J_P, hi!
<J_P> Are there some diference between get ubuntu normal CD to setup a server (getting extras packages from internet) or in installation process (diferent kernel to boot and CD from ubuntu-server ?
<J_P> anyone can explaim me ?
<J_P> hey, Are there some diference between get ubuntu normal CD to setup a server (getting extras packages from internet) or in installation process (diferent kernel to boot and CD from ubuntu-server ?
<pygi> neuralis: poke
<neuralis> what's up?
<pygi> are you a mentor on SoC?
<pygi> Because someone is just about to submit the proposal about put /etc under bzr control, so if you wanna mentor or vote at least :)
<paulb> anyone know how to get frontpage extensions working? i hat em too but its a must have.
<ivoks> sec..
<ivoks> nope
<paulb> nope on the fp entensions?
<ivoks> right
<paulb> r u sure
<paulb> ill compile or whatever i just need them
<paulb_> also is it possible to access mbox through pop or imap
#ubuntu-server 2006-05-13
<FunnyLookinHat> Does ubuntu server install automatically install apache?
<FunnyLookinHat> hmm, apparently not.
<FunnyLookinHat> Does it install anything more than the base kernel & drivers?
<infinity> FunnyLookinHat: No, it installs a base system that you can do what you want with.
<infinity> FunnyLookinHat: By popular demand, the CD does have a boot option to install a "LAMP" server.
<infinity> FunnyLookinHat: Other than that, the general concensus is "we don't know what YOU want a server to look like, so why should we pick for you?"
<infinity> File server, Print server, DNS, Web, KRB Master, LDAP, RBMS, mail, etc, etc.  We have no idea what you will want.
<FunnyLookinHat> infinity, and what is a LAMP server?
<infinity> Silly pointy-haired-boss-ism for "Linux, Apache, MySQL, PHP"
<FunnyLookinHat> oooooh
<FunnyLookinHat> dang, that's exactly what i need  : )
<infinity> Right, well, the easiest way to get that (and this is all the LAMP install does) is "apt-get install apache2-mpm-prefork libapache2-mod-php5 php5-mysql mysql-server"
<FunnyLookinHat> ooh... see the only problem I have is I think my php didn't install correctly
<infinity> Then you did't install libapache2-mod-php5, probably.
<FunnyLookinHat> nope, lol
<infinity> So, install that, then "dpkg-reconfigure php5-mysql" so it'll get added to the apache2 setup.
<FunnyLookinHat> and now restart apache2?
<infinity> Yup.
<FunnyLookinHat> Hmm.. well my wordpress config says it can't connect to mysql server...  what's the default user/pass for mysql?
<infinity> There is none.
<FunnyLookinHat> oooh.. and I create one how?
<infinity> (By default, "root" should be able to connect with no password.. You should ideally change that)
<infinity> As root, "mysqladmin password <mynewpassword>" to set root's password.
<infinity> To create new users with passwords (which is what you should be doing for your wordpress setup), you really should check the MySQL docs.  It's a bit out of scope for this (a development) channel.
<FunnyLookinHat> heh, ok sweet
<FunnyLookinHat> thanks for all the help infinity !
<trs80> are there netboot images for ubuntu-server dapper?
<infinity> If you use netboot, there's no real difference between -server and other installer flavours.
<infinity> http://archive.ubuntu.com/ubuntu/dists/dapper/main/installer-i386/current/images/netboot/
<infinity> s/i386/<your arch of choice>/
<trs80> except the preseed file .... *reads up on d-i*
<trs80> oh good, the server netboot flavour has the preseed config in the boot line
<idimmu> hi
<idimmu> Does ubuntu-server follow the same release cycle as ubuntu and how long is the support cycle for security patches etc?
<idimmu> is it the same 18 months as ubuntu, or longer?
<spike> ubuntu-server will be supported for 5 years
<idimmu> sweet
<idimmu> in that case im going to replace all the servers we have here with it
<idimmu> bye bye redhat \o/
<spike> idimmu: certifications from vendors (ie. oracle) are on the way too afaik
<idimmu> rocking
<spike> at least, there's interest and work in that direction, no idea about the timing
<idimmu> heh
<spike> same for hardware certifications
<idimmu> thats cool
<idimmu> we have one tiny bit of hardware here that im going to have to do some research on
<idimmu> but other than that i think ill just migrate all our systems to ubuntu
<idimmu> and relax!
<spike> idimmu: on the wiki (wiki.ubuntu.com) there are pages for hardware compatibility and the like, and there's also a project for hardware testing you might want to join (reporting your setup and the like)
<idimmu> oh cool
<spike> idimmu: and if you're using some non FLOSS stuff on your servers, like scsi sw for particular controllers etc there's a page where you can request such applications to be inculded into dapper
<idimmu> shiny
<idimmu> my main issue was kernel drivers for our hylafax cards
<idimmu> but (i run ubuntu desktop) ive just noticed they're actually available
<infinity> What cards would those be?
<infinity> (And what driver?)
<idimmu> im a bit clueless when it comes to our hylafax stuff
<idimmu> hylafax-4.2.2-1rh9.i386.rpm but thats the package that contains the driver (i assume_
<idimmu> although lsmod isnt really mentioning anything
<idimmu> im still in the research phase hence my initial questions
<idimmu> no point thinking of switching unless i was sure ubuntu-server had > 18 months of support :)
<infinity> The hylafax package in RedHat (and in Ubuntu) shouldn't have any kernel drivers, just the hylafax daemon and such.
<infinity> It's pretty much modem-agnostic, hence why I was asking which modem you were using with it that required a special driver. :)
<infinity> (And if it's something evil like "ltmodem", then I have a valid use case for building non-free drivers for the -server kernels, which we don't currently do)
<idimmu> yeah ive just realised that
<idimmu> i took over as IT manager here a few months ago
<idimmu> and the previous guy kind of scarpered
<idimmu> and everything is in pretty bad shape
<idimmu> looks like we have an eicon card using diva kernel modules
<idimmu> 00:06.0 Network controller: Eicon Technology Corporation: Unknown device e015
<idimmu> Divatty               264352   8
<idimmu> diva_mtpx             439556   0
<idimmu> diva_idi               34960   1
<idimmu> divas                 160136   0
<idimmu> divadidd               76516   0 [Divatty diva_mtpx diva_idi divas] 
<idimmu> Eicon Diva S (S for Server), 30 port PRI card
<idimmu> joy
<infinity> Ahh, nice.
<infinity> But I don't think we ship that driver for any of our kernels out of the box.
<infinity> I suspect it's so non-free we can't even distribute it, though I'd have to go hunting.
<idimmu> yeah im just investigating
<idimmu> ive just been told we have an nda developer license to get the source
<idimmu> which is nice
<infinity> "Diva MAdapter and Diva TTY driver are not public domain. Therefore, you must not redistribute, modify or reverse engineer it or use it otherwise than intended with Eicon ISDN hardware. You may use it with any appropriate Eicon ISDN hardware which you legally acquired."
<infinity> It does, however, look like their sources are distributed as .debs, and they have decent docs on how to build your kernel modules.
<infinity> So, not rocket science.
<idimmu> sweet
<nicola> I am installing ubuntu 64bit edition on a dual xeon DP, (hp proliant 380 DL) default kernel installed is 2.6.12-9-amd64-generic any better? SMP? which is the optimum for the machine?
<ivoks> linux-amd64-xeon i would say
<infinity> nicola: "apt-get install linux-amd64-xeon" (desktop kernel, fully tuned for Xeons, though) or "apt-get install linux-amd64-server" (slightly more generic tuning, but designed for server use, so different scheduler, etc)
<nicola> so they are ok for dual xeon processor?
<trs80> all kernels come with smp
<trs80> due to some magic that rewrites all the locking instructions to NOPs at boot if there's only one cpu
<nicola> thank you very much!
<lionelp> idimmu: are you still there ?
<idimmu> yeah
<idimmu> poke lionelp
<lionelp> sorry, i was afk, i setup an eicon diva card last week
<idimmu> heh, on ubuntu-server?
<lionelp> yep
<idimmu> what was your rough process?
<lionelp> I am not really happy with my process :-(
<idimmu> download drivers/compile drivers/install drivers/party/chicks?
<lionelp> I will investigate more this week
<idimmu> heh
<lionelp> idimmu: exactly
<lionelp> I download the .deb on eicon website
<lionelp> build it
<lionelp> BUT, you have problem with melware dirvers which come with standard kernel
<idimmu> oh
<lionelp> I finally have to desactivate udev (here is the point I hate !)
<idimmu> yeah that doesnt sound too thrilling
<lionelp> because udev load melware drivers and does not create the good devices for the proprietary drivers
<lionelp> did you tried to install it yet ?
<idimmu> i take it melware are opensource versions of the prop drivers, but not as good?
<lionelp> not as good
<lionelp> you will not have any support from eicon if you use it (and support is a good point)
<idimmu> yeah
<lionelp> and you loose all the configuration software provided by eicon (which is a quite good quality software)
<idimmu> i wonder how hard it'd be to stop udev from loading the melware drivers
<lionelp> i think we just have to blacklist them
<idimmu> http://wiki.archlinux.org/index.php/Udev#Blacklisting_Modules
<idimmu> yeah
<lionelp> the second problem is that the eicon init script do mknod wich is not compatible with udev usage if I am not wrong
<idimmu> heh
<idimmu> hmm i might email eicon and see what they say
<idimmu> if i cant migrate that server it's not the end of the world
<lionelp> :)
<lionelp> they offer good support on fedora
<lionelp> a poor support on Debian
<lionelp> I do not know on Ubuntu
<idimmu> probably no support on ubuntu :)
<lionelp> I think they do not have face it yet
<lionelp> actually, with udev desactivated, it works quite well :)
<idimmu> id rather keep things clean as our fax server is pretty criticle
<lionelp> Ok ok
<idimmu> i was hoping it'd be easiser than that though :)
<idimmu> heh
<lionelp> :)
<lionelp> I would really like to document the process to make it easier :)
<idimmu> ubuntu wiki, chop chop!
<lionelp> yeah, but before, I have to found the right way to setup :)
<idimmu> heh
<lionelp> I will have a look on tomorrow (today is a day off in France ;-))
<lionelp> are you often here?
<idimmu> lionelp: i'll probably be idling here for a while now
<idimmu> as i plot and plan :)
<lionelp> oki, cool
<idimmu> what exactly is the difference between ubuntu-server and regular ubuntu?
<idimmu> from this https://lists.ubuntu.com/archives/ubuntu-server/2006-February/000039.html they're sharing the same package repositories
<idimmu> so what does the 5 year support cover?
<idimmu> everything across the board? so it is applicable to a standard ubuntu install too?
<idimmu> or am i just getting confused between the server install option on the ubuntu cd and ubuntu-server?
<idimmu> those are very crap questions :(
<lionelp> they share the same repository
<lionelp> the only difference is the packages it is composed of
<lionelp> I lost the link which give the list of the packages which will be supported for 5 years
<lionelp> idimmu: here is the list http://people.ubuntu.com/~cjwatson/seeds/ubuntu-server-dapper/
<idimmu> cheers
<subterrific> is there are list of features for the server kernel? i'm doing a diff of the config files right now and i'm just wondering if there is something more readable
<subterrific> nevermind, this is good enough
<xerophyte> which is good method and accurent method to monitor host .. using scripts like getting uptime output or using snmp host.hrSystem.hrSystemUptime .. just wondering which is more reliable ???
#ubuntu-server 2006-05-14
<GrinningFool> I'm hoping someone can give me some advice -- I've got three boxes here that I'm going to be reinstalling. Currently, they run Mandrake (yes, that's right, not Mandriva), Gentoo, and Gentoo.  I'm looking to use the same distro on each, just for my own sanity; I've been impressed with ubuntu desktop, but haven't been able to find much either way about ubuntu-server.
<GrinningFool> I'm currently deciding between FC5 and ubuntu-server, but am still on the fence
<trs80> ubuntu server is pretty much the ubuntu-server metapackage and different kernel
<GrinningFool> Ah; that simplifies.
<GrinningFool> thanks trs80
<trs80> dapper will also be supported for 5 years on the server, although what exactly counts as server I'm not sure
<infinity> trs80: There is no "ubuntu-server metapackage".
<trs80> inifity: doh, meant to say -standard
<trs80> I just can't type today
<nicola> Hi, I'm installing ubuntu 5.10 on a server proliant 380 G4 with 5 GB ram, I've installed linux-image-2.6.12.10-amd64-xeon, at the boot I recive 2 warnings: 1) more than 4GB of memory but IOMMU not compiled in; 2) 32 bit PCI may malfunction. How to correct? have I to compile a custom kernel, if so is there a cookbook or guidelines? Thanks
<trs80> to compile a custom kernel, apt-get install build-essential kernel-package
<nicola> sob! next question: in make xconfig the preselected options are the same of the current kernel; in other words do I have only to change the switch for big mem?
<trs80> http://www.howtoforge.com/forums/showthread.php?t=21 is a quick howto on compiling kernels
<trs80> xeons don't have an IOMMU which is why it's not compiled in ... not sure what the fix is
<nicola> my problem is not how to compile kernel but how to configure I need a quite optimized kernel
<trs80> you could grab the config from linux-amd64-server and go from there
<nicola> ok, that is what I need! :) where do I find the config?
<trs80> apt-get install linux-amd64-server, then the config will be /boot/config-something
<nicola> linux-amd64-server is not available in breezy repository is there a source to add in sources.list?
<trs80> ah, it's dapper-only
<nicola> do you think it is safe to install dapper?
<trs80> it's going to be released on june 1, so pretty safe, year
<trs80> s/year/yeah/
<nicola> ok, let's go dapper! :), thank you very much
<nicola> hallo i've to report a bug, hope this is the correct place, in dapper 6.06 flight7 live, triing to install dapper on a proliant 380 g4 (smart array 6i with 3 disks of 300 GB in RAID 5 hardware 1 logical volume) there are some problems in the partitioning tool used by the installer: it seems to edit the existing partitions but it is not able to select mount points, it is also impossible to write partitions via fdisk on a shell, using the text install
<nicola>  cd it is all ok
<spike> nicola: the correct place for reporting bugs is not here but launchpad.net
<nawty> nicola: www.launchpad.net would be the place for you
<nicola> sorry :(
<spike> nicola: anche check if a similar bug already exists before reporting the new one
<spike> nicola: np
<nawty> np.
<spike> ehehe
<nicola> only wanted to be usefull ;)
<nawty> hehe, always good to contribute ;)
<Ikester> Hi all
<Ikester> Can anybody answer a question about releases?
<Ikester> Will Ubuntu server be a different distribution than the mainstream Dapper?
<Ikester> Or is the latest server build available with the recently announced Flight 7 for 6.06?
<infinity> Ikester: I didn't do ubuntu-server builds for Flight-7, but any recent daily will serve the same purpose for testing.
<infinity> http://cdimage.ubuntu.com/ubuntu-server/daily/
<infinity> Ikester: I will make sure to do an ubuntu-server Flight-8 release, though.
<Ikester> Thanks infinity. How about when it is released in June? I'm guessing it'll be a single download for both(?)
<Ikester> So what would be missing from Flight-7 compared to the daily build?
<Ikester> Some .deb files? Or is it something related to the installer itself?
<Ikester> I'm just wondering if I can get a server running on a daily snapshot and then bring it up to date with apt-get update or if I should wait for an "official" release.
#ubuntu-server 2007-05-07
<dj-fu> Hi there, is it possible to do a limit on which commands 'sudo' can run? for example, I'd like the user to be able to run everything APART from passwd
<amigamia> morning. i installed ubuntu server ver 6 and i thought that it would have a gui for administration to setup the network characteristics? should i have used lamp option? 
<amigamia> ?
<amigamia> i thought it would be a simple install and the network facilities would be setup at some point? 
<amigamia> they dont have a interface to enter in the properties for your network?
<amigamia> ?
<amigamia> bah
<amigamia> i cannot believe there is no option during installation to enter in the domain, ip address, or anything. 
<amigamia> or did i make an error somewhere?
<amigamia> whatever
<amigamia> hello
<amigamia> is anyone even alive or is this just a bunch of bots
<buk> moin miles
<[miles] > hi buk
<[miles] > hows it going
<buk> good
<[miles] > im shattered...
<[miles] > was programming til late into the morning 
<buk> heh
<buk> I'm tired as hell every evening 
<buk> dunno why, dont sleep that well maybe
<[miles] > me also
<[miles] > buk: you been playing with Ubuntu server then?
<buk> nope
<buk> won't be able to until friday i guess
<[miles] > :O
<\sh> ok..installing ubuntu dapper server on dl365 with a MSA60 attached
<ajmitch>   /win 21
<\sh> hmmm...
<\sh> why is dapper kernel not recognizing the external msa60 (which has 12x750GB Sata HDs with raid6 configured)
<\sh> I can see the 4 internal sas drives....(everything is hanging on a P800 SmartArray)
<mralphabet> dell + suse on servers? ;(
<buk> suse on dell servers
<buk> :)
<\sh> hmm??? HP dl365 with P800 SmartArray SAS + 4 internal sas drives + msa60 with 12x 750GB drives 
<r00tintheb0x> Leave me alone you nasty little Gibbon Monkey.
<r00tintheb0x> oops, my bad.
<mralphabet> . . .
<mralphabet> why does that make me remember the monkey scene from Bruce Almighty?
<r00tintheb0x> hah
<gubluntu> does anyone know of a method to auto blacklist in hosts.deny anyone trying to ssh to me from any other user than root?
<ivoks> does it have to be hosts.deny?
<gubluntu> no
<ivoks> it would be better to do it this way
<gubluntu> i just want to stop these bruteforce attacks
<ivoks> 'blacklist any host that tries to ssh more than 4 times in 60 seconds'
<ivoks> is that a better solution?
<gubluntu> more then 4 failed attempts
<gubluntu> right.. how do i go about this?
<ivoks> no, more than 4 new ssh connections
<ivoks> you can do it 4 in 30 seconds
<ivoks> it's unlikely that anyone would want to connect 5 times in 30 seconds
<gubluntu> okay
<gubluntu> how do  do that?
<ivoks> iptables -A INPUT -p tcp --dport 22 -m state --state NEW -m recent --update --seconds 30 --hitcount 4 --rttl -j DROP
<ivoks> you can even do some logging about it
<ivoks> then you have to create rule (before that above):
<ivoks> iptables -A INPUT -p tcp --dport 22 -m state --state NEW -m recent --update --seconds 30 --hitcount 4 --rttl --name SSH -m limit --limit 2/sec -j LOG --log-prefix "SSH_brute_force:"
<ivoks> and beofre both of them:
<ivoks> iptables -A INPUT -p tcp --dport 22 -m state --state NEW -m recent --set --name SSH
<gubluntu> thanks
<gubluntu> do all three backwards in order?
<ivoks> yes
<gubluntu> thanks
<ivoks> umm...
<ivoks> does it work?
<ivoks> probably not... this will work:
<ivoks> TRUSTED_SSH="127.0.0.1/32"
<ivoks> iptables -N SSH_WHITELIST
<ivoks> iptables -F SSH_WHITELIST
<ivoks> iptables -A SSH_WHITELIST -s $TRUSTED_SSH -m recent --remove --name SSH -j ACCEPT
<ivoks> iptables -A INPUT -p tcp --dport 22 -m state --state NEW -m recent --set --name SSH
<ivoks> iptables -A INPUT -p tcp --dport 22 -m state --state NEW -j SSH_WHITELIST
<ivoks> iptables -A INPUT -p tcp --dport 22 -m state --state NEW -m recent --update --seconds 60 --hitcount 4 --rttl --name SSH -m limit --limit 2/sec -j LOG --log-prefix "SSH_brute_force:"
<ivoks> iptables -A INPUT -p tcp --dport 22 -m state --state NEW -m recent --update --seconds 60 --hitcount 4 --rttl --name SSH -j DROP
<ivoks> (sorry for flood)
<ivoks> note that this one is for 60 seconds, not 30
<gubluntu> iptables v1.3.3: Unknown arg `-j'
<gubluntu> ivoks: PiNG :-D
<ivoks>  -j? -j is in iptables from the begining
* gubluntu shrugs
<gubluntu> im just the messenger
<gubluntu> iptables eludes me
<ivoks> modprobe ip_tables?
<gubluntu> returned nothing
<gubluntu> retry returns same error
<ivoks> that's ok
<gubluntu>   --jump        -j target
<gubluntu>                                 target for rule (may load target extension)
<gubluntu> its in my help
<ivoks> right
<gubluntu> does it come before SSH ?
<ivoks> no
<ivoks> SSH is name
<ivoks> target is ACCEPT
<gubluntu> oh
<gubluntu> you mean DROP
<gubluntu> i dont have DROP in there
<ivoks> i don't what rule you are talking about
* gubluntu blushes
<gubluntu> last one
<gubluntu> done.. no error
<ivoks> typo? :)
<gubluntu> ya
<gubluntu> how do i see all of the rules i added?
<gubluntu> so i can check them for errors?
<ivoks> iptables -L
<gubluntu> http://pastebin.ca/475820
<gubluntu> can you take a look real quick?
<gubluntu> do you mind?
<ivoks> yup, that's ok
<gubluntu> thank you very much
<ivoks> now open ssh connection to it
<ivoks> and stay logged in
<ivoks> and in other terminal
<ivoks> open another ssh connection, close it, open again, close it and then try opening it again :)
<gubluntu> how long will i be locked out for?
<ivoks> forever :)
<ivoks> but established connections will not be locked out
<gubluntu> hmm..
<gubluntu> how do i remove blacklisted ips?
<gubluntu> where do they end up?
<ivoks> clearing SSH chain
<ivoks> in kernel
<ivoks> firewall
<gubluntu> hmm
<gubluntu> i cant seem to figure it out
<ivoks> what?
<gubluntu> clear ssh chain
<ivoks> http://www.debian-administration.org/articles/342
<ivoks> maybe this is what you want...
<ivoks> time for me to go...
<ivoks> if you don't like those iptables rules, don't forget tu flush iptables
<gubluntu> k
<gubluntu> thank you
<ivoks> otherwise, you could end up locked out
<ivoks> s/tu/to
<ivoks> iptables -F
<ivoks> iptables -X
<jpiccolo> how would i install a smp kernel from the command line
<mralphabet> sudo apt-cache search linux-image
<mralphabet> pick appropriate kernel
<mralphabet> sudo apt-get install some-linux-kernel
<jpiccolo> i am not seeing any with a -smb do i need to enable that
<mralphabet> you should look at the ubuntu package manager for the kernels, it may tell you which kernel was compiled with what options
<mralphabet> http://packages.ubuntu.com/
<mralphabet> what are you running?
<mralphabet> I'm having some problems with mdadm, I want to delete a software mirror and I was able to fail /dev/md1 /dev/sdb5 and remove it from the array, but it will not let me fail / remove /dev/md1 /dev/sdc5.
<mralphabet> when I try mdadm --set-faulty /dev/md1 /dev/sdc5 I get mdadm: set /dev/sdc5 faulty in /dev/md1 but when I try mdadm --remove /dev/md1 /dev/sdc5 I still get mdadm: hot remove failed for /dev/sdc5: Device or resource busy
<mralphabet> Any suggestions?
<ivoks> and md1 is mirror of sdc5 and sdb5?
<mralphabet> yes
<ivoks> so, you now have md1 in faulty state (without sdb5)?
<mralphabet> correct
<ivoks> why is it strange that you can't delete other disk in raid while using apps which are on that disk? :)
<mralphabet> State : clean, degraded, Not Started
<ivoks> not started?
<ivoks> i was under impression that you have "/" on md1
<mralphabet> is on md0
<mralphabet> ./ is on md0
<ivoks> ok then
<ivoks> you don't have md1 mounted, right?
<mralphabet> nope
<mralphabet> as in, correct, not mounted
<ivoks> lsof /dev/md1?
<mralphabet> none
<ivoks> lsof /dev/sdc5
<mralphabet> none
<ivoks>  /etc/init.d/mdadm stop
<ivoks> then try
<mralphabet> I'm mildly scared to try that heh
<mralphabet> it may blow up this machine, we'll see
<ivoks> that's a monitor
<mralphabet> oh
<ivoks> mdadm-raid is *don't* touch
<mralphabet> heh
<mralphabet> root@Dominus:~# mdadm --set-faulty /dev/md1 /dev/sdc5
<mralphabet> mdadm: set /dev/sdc5 faulty in /dev/md1
<mralphabet> root@Dominus:~# mdadm --remove /dev/md1 /dev/sdc5
<mralphabet> mdadm: hot remove failed for /dev/sdc5: Device or resource busy
<ivoks> hm
<mralphabet> if I do a query / detail I still get 
<mralphabet>        1       8       37        1      active sync   /dev/sdc5
<mralphabet> afk a bit, I'll check back in a bit, thanks
<mralphabet> back
<ivoks> heh
<mralphabet> meeting didn't take long
<ivoks> did you try -f? :)
<ivoks> ups... that for assemble
<ivoks> well, i don't see how you can remove all devices from running MD
<ivoks> only way you can do this is stoping MD
<ivoks> and then removing devices
<ivoks> mdadm -S /dev/md1
<mralphabet> I tried the --really-really-try-really-hard
<ivoks> but... you can't remove all devices from raid and expect it to be running :)
<mralphabet> well, I understand that logic, I just don't care if that partition is running or not
<ivoks> right?
<mralphabet> I'll have to reboot with the server cd
<ivoks> no
<ivoks> mdadm -S
<mralphabet> mdadm -S /dev/md1
<mralphabet> mdadm: fail to stop array /dev/md1: Device or resource busy
<ivoks> hehe
<ivoks> mount | grep md1
<ivoks> :)
<mralphabet> none
<ivoks> clueless
<ivoks> are you using it for LVM too?
<mralphabet> no
<ivoks> and other partitions on that disk
<ivoks> are used for something?
<ivoks> but... hm... that shouldn't matter
<mralphabet> sd[b.c] 1 are in md0
<ivoks> is m1 swap?
<ivoks> md1
<mralphabet> yes, but it's not mounted
<mralphabet> Swap:            0          0          0
<mralphabet> # /dev/md1
<mralphabet> UUID=d007d467-7bbf-4821-a79e-dc535c2202a9 none            swap    sw              0       0
<ivoks> try swapon /dev/md1
<ivoks> then swapoff /dev/md1
<mralphabet> hrm
<mralphabet> root@Dominus:~# swapon /dev/md1
<mralphabet> swapon: /dev/md1: Invalid argument
<mralphabet> root@Dominus:~# swapoff /dev/md1
<mralphabet> swapoff: /dev/md1: Invalid argument
<mralphabet> trying uuid, sec
<mralphabet> root@Dominus:~# swapon -U d007d467-7bbf-4821-a79e-dc535c2202a9
<mralphabet> swapon: cannot stat /dev/disk/by-uuid/d007d467-7bbf-4821-a79e-dc535c2202a9: No such file or directory
<mralphabet> that's an odd one
<ivoks> md1 should work
<ivoks> try mkswap
<ivoks> swapon -a
<mralphabet> no error, but no swap space shows up either
<ivoks> mkswap /dev/md1 (if you are really sure it's for swap :)
<mralphabet> interesting, md1 doesn't have a uuid listed in /dev/disk/by-uuid/
<mralphabet> mkswap /dev/md1
<mralphabet> mkswap: error: swap area needs to be at least 40kB
<ivoks> heeh
<mralphabet> I'm boggled . . .
<ivoks> bring back sdb5 in md1
<mralphabet> FYI - this was set up through the server installer
<mralphabet> rebuilding
<ivoks> FYI - it always works from me[TM] 
<ivoks> for
<mralphabet> I don't doubt it
<mralphabet> mdadm --detail /dev/md1
<mralphabet> State : clean, Not Started
<mralphabet> mdadm --run /dev/md1
<mralphabet> mdadm: failed to run array /dev/md1: Device or resource busy
<ivoks> check sizes of yoursdb5 and sdc5
<ivoks> also check if you don't already have sdc5 in some other raid
<mralphabet> interesting, from md0
<mralphabet>      Raid Level : raid1
<mralphabet>      Array Size : 74918976 (71.45 GiB 76.72 GB)
<mralphabet>     Device Size : 74918976 (71.45 GiB 76.72 GB)
<mralphabet>    Raid Devices : 2
<mralphabet> from md1 
<mralphabet>      Raid Level : raid1
<mralphabet>     Device Size : 3228928 (3.08 GiB 3.31 GB)
<mralphabet>    Raid Devices : 2
<mralphabet> no array size
<mralphabet> /dev/sdb5            9328        9729     3229033+  fd  Linux raid autodetect
<mralphabet> /dev/sdc5            9328        9729     3229033+  fd  Linux raid autodetect
<ivoks> there you go...
<ivoks> ups... i misread that
<mralphabet> hrm?
<ivoks> you should destroy that raid and recreate it
<mralphabet> heh, that's what I'm trying to do
<ivoks> or...
<ivoks> even better
<ivoks> grow it
<ivoks> mdadm -G
<mralphabet> afkhome, back later
<ivoks> and i'm of to bed
#ubuntu-server 2007-05-08
<benkong2> hello
<benkong2> I am trying to install ubuntu-server 7.04 and keep getting a malloc error on boot. Debian Etch boots fine any idea what's wrong?
<kupesoft> What's a good small computer like the mini-mac or something for a headless Ubuntu Linux home server (with a least a pci slot to be a wireless ap)? I'm having a lot of trouble navigating through the sea of distributors );
<jpiccolo> would anyone know why i can ssh into a machine if i use the ip address but not if i use the host name?
<foo> Hm, does a server always need a valid hostname>?
<Gruelius> If im having issues with cups sharing my printers over the network in gentoo, will the problem likely to be resolved in surver ed considering that everything or most stuff is preconfigured?
<Gruelius> ladies?
<shawarma> Gruelius: There's nothing special about the server edition as such.
<shawarma> Gruelius: It's all the same software as the desktop version. The difference is the choice of packages installed by default (no desktop, a different kernel, etc.)
<shawarma> Gruelius: ...so you could try with a liveCD and see if it works.
<Gruelius> sorry i miswrote my question. I guess its stupid actually looking back at it. My main problem with gentoo is that while it uses very verly little resources ive gone through EVERYTHING and i still cant get my printer to share :( lol. Ill use the live cd and see where that gets me.
<shawarma> You could also attack it more directly and ask in a cups channel..
<Gruelius> the cups channel never gets me any help lol. i should find their mailing list/forum actually
<Gruelius> problem is samba creates the error log so ive got no idea wheere to look, they both have correct config files.
<jbsn> what do I need to apt-get to get zlib-devel ?
<mralphabet> zlib1g-dev?
<jbsn> apt-get install libz-devel if anyone wanted to know :)
<jbsn> mralphabet, thanks I figured it out :)
<mralphabet> aye
<gubluntu> how would i go about tailing a log file and sending an email alert wehn a certain regex pattern appears?
<\sh> with a fifo and some perl magic?
<\sh> there must be a tool
<shawarma> logcheck
<Burgundavia> check the toilet
<shawarma> Burgundavia: Is there a treasure?
<shawarma> gubluntu: logcheck is what you want, I think.
<gubluntu> shawarma: i think i shoud look elsewhere logcheck depends on exim mta, this will be for my mailsserver running zimbra (using postifx)
<gubluntu> i forsee massive screwups
<shawarma> gubluntu: logcheck depends on a mail-transport-agent.
<shawarma> gubluntu: Not exim in particular
<gubluntu> The following NEW packages will be installed: exim4 exim4-base exim4-config exim4-daemon-light liblockfile1 lockfile-progs logcheck logcheck-database logtail mailx
<shawarma> That's doesn't mean it depends on exim.
<shawarma> It means it depends on a mail-transport-agent, which exim provides.
<shawarma> If you already have an mta, it should "Provides: mail-transport-agent"
<shawarma> It's Zimbra, you say?
<shawarma> ...which is not in the archive.
<shawarma> It has its own built in postfix?
<shawarma> Evil.
<shawarma> :)
<gubluntu> it installs it during install
<gubluntu> its a great solution
<gubluntu> has saved me many hours and headaches
<gubluntu> plus the AJAX interface is shiny
<lionel> gubluntu: the problem is that it tends to breack package...
<\sh> shawarma, btw...do you have access to a dl365 with a p800 controller and an msa60 storage attached?
<shawarma> gubluntu: What does 'dpkg -l postfix' say?
<shawarma> \sh: No, I must have left it in my other trousers, sorry. :)
<gubluntu> root@mail:/# dpkg -l postfix
<gubluntu> Desired=Unknown/Install/Remove/Purge/Hold
<gubluntu> | Status=Not/Installed/Config-files/Unpacked/Failed-config/Half-installed
<gubluntu> |/ Err?=(none)/Hold/Reinst-required/X=both-problems (Status,Err: uppercase=bad)
<gubluntu> ||/ Name           Version        Description
<gubluntu> +++-==============-==============-============================================
<gubluntu> un  postfix        <none>         (no description available)
<gubluntu> ...oopss... sry.. silly putty paste on right click
<\sh> shawarma, hmmm...you don't have actually a contact at HP or know a person who is playing with really funny hw and ubuntu?
<shawarma> \sh: Not really. fabbione would be a better bet.
<qman> hello
<qman> I have a system with four network cards, eth0 - eth3. I am setting this machine up as the main router and internet gateway for my network. eth0 will be attached to the internet with an automatically assigned address, and the other three interfaces run 192.168.x.x networks, with a DHCP server running on the same box. However, dhcpd will not start unless I define a subnet for eth0. Since it's dynamic, and doesn't stick to the sam
<qman> e network range, I can't very well do this. Is there a workaround?
<ivoks> huh?
<\sh> stick dhcp to just listen on eth1-3#
<\sh> or do some vlan magic ;)
<ivoks> open up /etc/default/dhcp3-server
<qman> where would I tell it where to listen
<ivoks> and define interfaces
<qman> ah, thanks very much, this is exactly what I was looking for and couldn't find
<qman> worked perfectly, thanks again!
<\sh> qman, local-address could be your friend...man dhcpd.conf
<ivoks> yup
<\sh> ivoks, dude, you don't have a dl365 with p800 smartarray controller and something like a MSA storage device attached to it, do you?
* \sh needs to know if he is too stupid to install feisty on this device...or if d-i makes trouble partitioning a >2TB device on the external storage
<ivoks> d-i doesn't make trouble installing on >2TB
<ivoks> but you'll have a problem with booting
<ivoks> d-i will automaticaly create GPT, so you need bios with EFI extensions
<\sh> ivoks, no,..the 2TB device is not the booting device, I know that grub has probs booting eit gpt labled partitions ;)
<ivoks> :)
<ivoks> then just go... d-i in dapper works with >2TB with no problems
<\sh> ivoks, not with the p800 inside ;)
<\sh> ivoks, feisty runs indeed..but d-i complains about the last external port, which wasn't configured at all, with something like external storage... 
<\sh> ivoks, on areca sata 6 controller, no problem with d-i
<ivoks> sorry, missed that p800
<ivoks> (paying bils, ircing and thinking about >2TB doesn't go well :)
<\sh> ivoks, and just want to know, if it's just a glitch in the my matrix, or if it's a real glitch of d-i and the kernel driver of hp
<\sh> hehe
<\sh> I hope I convince my boss to give access to some nice devices we have here running
<\sh> ben would love it, and fabbione will kiss me to work on those devices ;)
<mralphabet> ivoks: you were saying something about growing the array before I had to go last night?
* ivoks back
<ivoks> yeah... something like that
<mralphabet> ivoks: I'm not sure what you were going after
<ivoks> you said your raid field is small, right?
<mralphabet> not really
<mralphabet> I have 2 hard drives with 2 partitions, sdb1 sdc1 sdb5 sdc5, b1+c1 = md0 mounted on / and is just fine.  b5 and c5 was initially intended as mirrored swap I would prefer to just mount as straight swap without the mirror, hence I was trying to make md1 go away to free those partitions up.
<mralphabet> Thanks for the help yesterday by the way, I was at the end of the line.
<ivoks> np
#ubuntu-server 2007-05-09
<theacolyte> Upgrading ubuntu server = the same as with the desktop edition?
<theacolyte> i.e. dist-upgrade/
<Nafallo> dist-upgrade is the fallback method know.
<Nafallo> update-manager-core has do-release-upgrade :-)
* Starting logfile irclogs/ubuntu-server.log
(theacolyte/#ubuntu-server) http://internetworkpro.org/pastebin/494
<theacolyte> shawarma.:| still stuck... bout 30 minutes now
<shawarma> theacolyte: Which version of Ubuntu?
<theacolyte> edgy
<theacolyte> going to feisty
<shawarma> ok.
<theacolyte> shawarma.:| any ideas? or do I just force the dist-upgrade to end?
<shawarma> Not sure, really. I can't imagine why setupcon would hang like that.
<shawarma> Gimme a sec.
<theacolyte> No problem
<shawarma> theacolyte: Oh... That's interesting.
<theacolyte> shawarma.:| what is? hehe
<shawarma> theacolyte: Heh. Just looking at setupcon code.
<theacolyte> hehe
<shawarma> Have you changed anything in /etc/default/console-setup?
<shawarma> What is ACTIVE_CONSOLES set to?
<theacolyte> Nope
<theacolyte> ACTIVE_CONSOLES="/dev/tty[1-6] "
<shawarma> Please do "sh -c 'echo /dev/tty[1-6] '" 
<shawarma> And paste it here.
<theacolyte> shawarma.:| /dev/tty1 /dev/tty2 /dev/tty3 /dev/tty4 /dev/tty5 /dev/tty6
<shawarma> Er.... That weird .:| bit is not part of the output, right?
<theacolyte> right, that's just my nick completion... spend a lot of time in #cisco :P
<shawarma> Alright. :)
<shawarma> Please do a 'ls -l /proc/2519/fd'
<shawarma> No, actually:
<shawarma> Please do a 'ls -l /proc/2519/fd/1'
<theacolyte> l-wx------ 1 root root 64 2007-05-09 09:27 /proc/2519/fd/1 -> /dev/tty1
<shawarma> Anything interesting on tty1?
<theacolyte> Yeah actually...
<theacolyte> keyboard isn't working on tty1 (local to the machine)
<theacolyte> seems to be locked
<shawarma> Hmm... Don't know what that could be. Just CTRL-C the upgrade, I guess. 
<shawarma> And start it again.
<theacolyte> haha
<theacolyte> i ctrl-c'd it... and it continued
<theacolyte> inc pastebin
<theacolyte> http://internetworkpro.org/pastebin/495
<theacolyte> by the way... that mdadm error worries me
<theacolyte> Errors were encountered while processing:
<theacolyte> console-setup
<theacolyte> ubuntu-minimal
<shawarma> The error is because of the console-setup failing actually. It probably didn't get around to upgrading udev which contains that file. When you rerun the upgrade, it should be fine.
<shawarma> Just try it again.
<theacolyte> trying sudo apt-get -f install, but it seems to be crashing on it again
<theacolyte> shawarma.:| yup, same thing...
<theacolyte> root 17032 0.1 0.2 4904 2560 pts/1 S+ 09:34 0:00 /usr/bin/dpkg --status-fd 14 --configure console-setup ubuntu-minimal
<shawarma> theacolyte: I'm really can't guess what would be wrong with your tty1, sorry.
<theacolyte> Let me try to reboot... it's not really production so I'm safe
<shawarma> Also, I need to run off now.
<theacolyte> No problem
<theacolyte> thanks for your help
<shawarma> Before you do, try apt-get install udev
<theacolyte> just goes back to console-setup
<shawarma> Ok.
* shawarma scurries off.
<aleka> Anyone active?
<mralphabet> nope
<aleka> I asked this question in #ubuntu and was refrred here...
<aleka> :) mralphabet 
<ivoks_> about?
<aleka> Here goes.... I just moved my webserver to port 80 and not even a week and my apache logs are being filled with IIS exploit attacks... I have tried a mod_rewrite to redirect them which does not seem to be working...
<aleka> my questions are... If this has happened to anyone here, which am sure it has... how they dealt with it...
<ivoks_> hehe
<aleka> and How I can ban a specific IP using iptables
<ivoks_> i ignore it
<mralphabet> well, if you are running apache, IIS exploits don't really hurt you
<ivoks_> iptables -A INPUT -s IP -j DROP
<aleka> I can ignore it... but every "attack" is junk I don't need in my logs
<aleka> ivoks_: do I need to name the CHAIN it is going to.. or that format will do?
<aleka> sorry.. am not good at these things, if I seem to be asking stupid Qs 
<ivoks_> that'll do that what you need
<ivoks_> or REJECT instead of DROP
<ivoks_> DROP will timeout, while REJECT will close connection
<aleka> might as well make the bot timeout..
<aleka> just seems like most of these seem to be coming from a specifc source.. which is surprising..
<aleka> and how would I configure Apache so It does not log such requests (SEARCH, POST)
<ivoks> you don't want that
<ivoks> doing regex will go over CPU, while loggin false attacks will not do anything
<aleka> cool.. How common are these attacks? Most of the posts I found on Google were around 2005, should I assume it is just some kiddie and expect it to die out soon or should I move my webserv back to the old port?\
<ivoks> just ignore it... it's better for the attacks to get logged
<ivoks> and relax... you can't do anything about that... expect some seriuos iptabeling :/
<aleka> Thanks a bunch for your help and patience ivoks , Appreciate it :)
<Ali_ix> hi
<Ali_ix> i have dedicated server running dapper, how can i upgrade it to feisty?
<Ali_ix> just remote ssh access :)
<\sh> via edgy
<theacolyte> you dist-upgrade to edgy, then feisty
<Ali_ix> \sh: i must upgarde to edgy an then to feisty?
<Ali_ix> thanks :)
<\sh> Ali_ix, yeah, or you just wait for the next LTS release
<Ali_ix> any clean direct way?
<\sh> nope...
<Ali_ix> aha, thanks
<\sh> from LTS to LTS it should be clean, but from LTS to feisty, only the way via edgy
<Ali_ix> should i upgarde my dapper server to feisty? or its ok until next LTS release to have dapper?
<\sh> if you want stability ... you should wait... you need new software, take a risk...depends on you or your boss ,) 
<Ali_ix> \sh: thanks for brief info :)
<mralphabet> on a reboot, how can I make an mdadm array go away?
<mralphabet> I have commented it out of fstab and mdadm.conf and initramfs-tools/conf.d/resume and the thing still comes back
<mralphabet> do I have to go to a live cd and blow the partitions away?
#ubuntu-server 2007-05-10
<foo> Anyone around?
<foo> Bah, server crashed... /home directory is borked.
<foo> This is weird
<shawarma> foo: Which file system?
<shawarma> mralphabet: "comes back"? Is it mounted?
<foo> shawarma: ext3
<foo> shawarma: Doing an e2fsck
<shawarma> foo: Still? it's been 7 hours!
<foo> It's an 800GB RAID5 array with 3 400GB drives.. hm, I don't know how long it should take
<foo> It's still doing stuff
<shawarma> Ah, ok.
<shawarma> One big filesystem on that?
<foo> yeah
<foo> 600GB out of 800GB used
<foo> It was weird...
<foo> df -h showed 600GB out of 800GB used
<foo> du -h / showed 12GB
<foo> ls -al /home showed 600 perms www-data.www-data ownership... file /home showed BMP
<foo> Really werid
<foo> weird*
<foo> Well, not weird... power failure
<shawarma> Could just be your /etc/{group,passwd} that was b0rked?
<shawarma> And why is "du -h / showed 12GB" weird?
<foo> uh, df -h showed 600GB used out of 800GB
* shawarma just woke up..
<shawarma> Yes?
<foo> du -h / should reflect that, or at least be close
<shawarma> Why?
<foo> 600GB out of 800GB used was on /dev/sda1, which was mounted to /
<foo> Furthermore, /home was a file ... not a directory.
<shawarma> Ah, you just started out by saying it was your /home
<foo> hm, ah, my bad.
<SoftIce> hi, what in the status of a linux-vserver kernel supported in ubuntu-server, like what is implemented in the entire debian release?
<shawarma> foo: Still running?
<Burgundavia> SoftIce: with the new build system in gutsy, it should be easier to do
<skyion> hey hey
<skyion> does anyone know of issues with nfsd on ubuntu 7.04
<skyion> nfsd[6185] : nfssvc: Setting version failed: errno 16 (Device or resource busy)
<skyion>  nfssvc: writing fds to kernel failed: errno 0 (Succes
<skyion> NFSD: Using /var/lib/nfs/v4recovery as the NFSv4 state recovery directory
<skyion> :S
* skyion runs into wall repeatedly.
* skyion *wHAAACKK*
<skyion> anyone ?
<svschwartz> hello everyone :)
<svschwartz> is it a developer chanel?
<svschwartz> i guess yes :) #ubuntu-server   Coordination of the Ubuntu Server development team
<shawarma> svschwartz: Also support.
<shawarma> svschwartz: Where did you get that description?
<svschwartz> i see :) helo shawarma :) how is your SoC project? i'm very interested about it :)
<shawarma> Heh.. It's fine. I'm at UDS this week to settle on a bunch of the details.
<svschwartz> desctiption from https://help.ubuntu.com/community/InternetRelayChat
<shawarma> ah. I'll have to change that..
<svschwartz> what exactly do you want to change ?
<shawarma> The description of the channel on that page.
<shawarma> It's both a support and discussion channel.
<svschwartz> shawarma will you write some blueprints for sohobuntu? 
<shawarma> It's already there.
<shawarma> https://blueprints.launchpad.net/ubuntu/+spec/ubuntu-easy-business-server
<daltocli> Heya... How do I change the hostname on my vps? It's set to what the provider assigned, but I want to change that
<daltocli> I've tried "echo eriadu.geckltd.com > /etc/hostname; /sbin/hostname -F /etc/hostname" and rebooted, but that just reassigned the hold name
<shawarma> vps?
<svschwartz> virtual privat server i guess
<svschwartz> private
<shawarma> daltocli: You using dhcp?
<daltocli> Nope
<daltocli> static ip address
<shawarma> I can't imagine where it's getting the hostname then. 
<shawarma> /etc/hostname looks good enough?
<daltocli> That's what I though
<daltocli> But it does seem to reset each time
<daltocli> I believe the host server is using xen if that makes any difference
<shawarma> I can't image Xen would be changing the guest file system.
<ivoks_> what's the problem?
<shawarma> 14:39 < daltocli> Heya... How do I change the hostname on my vps? It's set to what the provider assigned, but I want to change that
<shawarma> 14:40 < daltocli> I've tried "echo eriadu.geckltd.com > /etc/hostname; /sbin/hostname -F /etc/hostname" and rebooted, but that just reassigned the  hold name
<daltocli> The network interfaces look odd in a way
<daltocli> Have venet0, which is a local ip and venet0:0 which is the one with a static ip
<daltocli> I suppose it's so it can communicate with the host
<shawarma> and you're absolutely sure, there's no dhcp involved?
<daltocli> Certain
<daltocli> The interfaces in /etc/network/interfaces are all static
<ivoks_> vps?
<daltocli> Yup
<ivoks_> and... that's? :)
<ivoks_> xen?
<ivoks_> khm... did you take a look at /etc/hosts?
<ivoks_> if you change hostname, you should sync /etc/hostname and /etc/hosts
<svschwartz> daltocli: can you set your hostname manualy? 
<daltocli> I set hosts to "127.0.0.1 eriadu.geckltd.com eriadu" and changed /etc/hostname
<daltocli> That didn't do anything
<daltocli> svschwartz, you mean just via "hostname eriadu"?
<svschwartz> yes
<ivoks_> so 'hostname' returns 'default name'?
<ivoks_> or dns query returns 'default name'? :)
<ivoks_> ah... /etc/hostname gets reset? sorry,...
<ivoks_> yes, that could be done by vps provider
<svschwartz> daltocli: maybe you should talk to your vps provide and ask them to set your hostname as you wish? 
<daltocli> svschwartz, yeah, might just do that] 
<daltocli> *-] 
<daltocli> Something weird is going on
<svschwartz> anyway you can just add this commands to /etc/rc.local
<svschwartz> and they will be executed every reboot
<daltocli> I'll give that one a try, thanks!
<svschwartz> anybody tried Zimbra? :)
<svschwartz> I've deployed Open-Xchange on one ubuntu-server box, works nice, but it's old, no ajax and wiki :(
<daltocli> You want to use ajax?
* daltocli didn't think it was reliable yet
<svschwartz> JavaScript and XML are reliable :) so I guess AJAX too, it depends on app :)
<svschwartz> it's time to go home :) bb
<foo> shawarma: Going to check
<theacolyte> shawarma.:| btw... a reboot fixed it... I could install console-setup and ubuntu-minimal
<shawarma> theacolyte: \o/
<Jchord> boo
#ubuntu-server 2007-05-11
<soldado> i want to ask ,, if there is a firewall/proxy capability included in ubuntu server ?
<gubluntu> clear
<gubluntu> woops
<gubluntu> anyone here use bitchx?
<gubluntu> im used to irssi, apparently im in two channels now but i dont know which one im talking into nor do i know how to switch back and forth?
<prekitt> anyone here
<Burgundavia_> nope :0
<prekitt> hehe
<prekitt> :0
<prekitt> any good choice for an ftp deamon?
<Burgundavia> what do you mean?
<gubluntu> ////////////////////
<gubluntu> oops
<gubluntu> if i have an application that iw ould like to know if someone runs it (i.e. someone copies it off my work computer and runs it from a different location) ... what are methods i could use to submit information to a server via internet  
<gubluntu> im thinking i should use some webservice as to not be blcoked by a firewall
<Burgundavia> umm?
<Burgundavia> are you talking about a web app or a desktop one?
<gubluntu> desktop
<gubluntu> i need it to phone home on open
<ivoks> and this is ubuntu-server; we don't have desktops :)
<gubluntu> neither do i..
<gubluntu> home=ubuntu-server
<guigouz> Hello. I'm thinking about running dapper as a xen guest, anyone ever did this ?
<guigouz> also is it possible to install ubuntu using something link "debootstrap" ?
<h4wk0`> !debootstrap | guigouz 
<h4wk0`> <ubotu> guigouz: debootstrap is used to create a !Debian or Ubuntu base system from scratch, without requiring the availability of !dpkg or !APT. It does this by downloading !.deb files from a mirror site, and carefully unpacking them into a directory you can eventually !chroot into.
<guigouz> thanks h4wk0` 
<guigouz> figured out how to install it on my host
#ubuntu-server 2007-05-12
<guigouz> does dapper have a xen-enabled kernel (for it as a guest) ?
<zion_da> hi
<zion_da> small question
<zion_da> somehow i have a delay in the menus 
<zion_da> i tried to change gtk menu delay to 0 and it wont work
<zion_da> the delay is only in beryl interface and
<zion_da> what can i do ?
<foo> Beryl?
<foo> I'd ask in #ubuntuforums or #ubuntu
<zion_da> thanks!
<DaveMora> I will be attempting to install ubunto on a HP-Proliant Server. Does anyone know of any possible issues? 
<Gruelius> I installed build-essential however i cant compile my app, it tells me that Glib 2.0 is missing
<Gruelius> i tried to install linux-kernel-headers however it said it was allready installed
<ivoks> how is this related to servers?
<Gruelius> because im running server ed?
<foo> ivoks: hm, so this is a servers channel. That's what I thought. Someone asked about beryl in here earlier. hehe
<Gruelius> and i get 0 responses in the normal channel
<ivoks> Gruelius: compiling applications needs headers of some libraries
<ivoks> and your app said that you don't have glib 2.0
<ivoks> first thing you should do then is 'apt-cache search glib 2.0 development
<Gruelius> is that how you search packages?
<ivoks> yes
<Gruelius> allways wondered :D
<foo> ivoks: What monitoring system do you use? If any. zenoss, or nagios or something
<Gruelius> im going to go on ubuntu in a tic, expect me to be back with more semi server related questions
<ivoks> foo: munin
<foo> ivoks: hmm, used nagios/zenoss before?
* foo googles that
<ivoks> no, but zenoss will be packaged for gutsy (probably)
<ivoks> if they resolve they copyright issues
<ivoks> their
<foo> gutsy? Is that a distro?
<ivoks> ufff :)
<ivoks> that's next ubuntu
<foo> ahh
<ivoks> 7.10
<foo> ohhh
<foo> Nice :)
<foo> ivoks: hm, I want to have systems log stuff like /var/log/messages and syslog to a remote system... what's the best way to do this? I'm thinking about writing a script that whenever it sees a new line appended to the log, then either http://domain.com/?event=something ... or, ssh somehost 'cat $line >> /home/log/master.log'  ... or something. You see? Basically, say I got like 3 systems and I want to be able to read the logs from one central location
<ivoks> logwatch?
<ivoks> this is periodic
<ivoks> on mail
<foo> hmmm
<foo> So, logwatch would e-mail me my logs daily or something?
<ivoks> yes
<foo> Mhmm, I see. I'd rather have it write to my server via text... that way I can (theoretically) sit on the server, tail -f log.txt ... and watch everything from however many systems I setup. You know what I mean? Not to mention, I can filter some stuff if I wanted to.
* foo thinks
<ivoks> syslog?
<foo> Yeah, ssh host 'echo $line >> /somewhere/txt' works. Just need to have ssh keys setup
<foo> Hm, what do you mean syslog?
<ivoks> syslog can send logs to another computer
<foo> Hmm. I see. I'll have to check the man page for that. And, I don't think I've seen syslog on RHEL systems. Or maybe I just need to install it
<foo> Does syslog send via ssh? 
<foo> If you'd happen to know, of course
<ivoks> syslogd is on all linux machines
<foo> ah, yup
<foo> Hm, now, taking it a step further... says I wanted /var/log/syslog|messages|auth.log ... and /var/log/apache2/error.log ... is it safe to say that if I wanted to do this I would have to write something?
<foo> say*
<ivoks> you can make all your apps logg to syslog
<ivoks> and then forward syslog to another machine
<foo> ah, I see
<ivoks> or you can write your own thing
<foo> Would you happen to know if syslog appends the data on another machine? Or does it just move the whole file over (via scp or something) ?
<ivoks> append, of course
<ivoks> no point in sending
* foo nods
<foo> Hmm, I wonder how it does that
<ivoks> same way IMAP server appends mail to your client
<foo> When you say I can have my apps write to syslog, you mean have them write to /var/log/syslog - yeah?
<foo> ohh, that's via mail as well
<ivoks> no it's not via mail
<foo> ah, my bad
<ivoks> it's via TCP/IP, like mail, web and most of internet protocols
<foo> ahh, I see
<foo> Cool, thanks, I'll have to play around with that
<Gruelius> I still get the error
<Gruelius> configure: error: You must have the GLib 2.0 development headers installed to build.
<Kamping_Kaiser> Gruelius, what are you trying to build, and how?
* Gruelius runs
<Gruelius> pigdin :P
<Kamping_Kaiser> ah. *heh*
<Gruelius> that is the ./configure stage
<Gruelius> lets presume i am using a gui on my server :P
<Kamping_Kaiser> lol
<Gruelius> ive installed glib C++
<Kamping_Kaiser> enable the deb-src lines in your sources.list, then seach on glib |grep dev
<Gruelius> kk
<Kamping_Kaiser> on glib/apt-cache search glib
<Gruelius> where is my sources file located? ive forgotten the directory
<Kamping_Kaiser> /etc/apt
<Kamping_Kaiser> http://packages.ubuntu.com/feisty/libdevel/libglib2.0-dev probably the packag eyou want?
<Gruelius> probably
<Gruelius> ive got all the other relevant sorts of libglib :p
<Kamping_Kaiser> lol
<Gruelius> im on that site allready, if i run into another compiling problem where should i look?
<Gruelius> You must have the GTK+ 2.0 development headers installed to compile Pidgin.
<Gruelius> is there a package that encompasses all building things?
<Kamping_Kaiser> i suggest `apt-get build-dep gaim` as a start to getting all the pigdin libs
<Kamping_Kaiser> got build-essential?
<Gruelius> yesh
<Kamping_Kaiser> you'll need it
<Kamping_Kaiser> ok
<Kamping_Kaiser> :)
<Gruelius> E: Could not open file /var/lib/apt/lists/au.archive.ubuntu.com_ubuntu_dists_feisty-backports_main_source_Sources - open (2 No such file or directory)
<Gruelius> its not commented in my sources.list file
<Kamping_Kaiser> you'd better `sudo apt-get update`
<Gruelius> lol yep forgot that one
<Gruelius> before someone scolds me about this being a server channel, are there any other quiet irc channel's for general help?
<Kamping_Kaiser> tried #ubuntu-au?
<Kamping_Kaiser> ;)
<Gruelius> lol
<Gruelius> and do dep build gaim i need... duh duh duh
<Gruelius> 101mb of packages
<Gruelius> 30*
<Gruelius> my bad
<Gruelius> still worth it?
<Kamping_Kaiser> *grin*
<Kamping_Kaiser> your call. not mine
<Kamping_Kaiser> btw. serious about -au
<Gruelius> lol
<Kamping_Kaiser> i'll help you just the same ;)
<Gruelius> haha
<Gruelius> Is this the normal process for ubuntu? run wild on the irc till you can build stuff? :P
<Gruelius> so there are variants of Glib that are required to build pigdin, variants specific to gaim that i must download?
<Kamping_Kaiser> normal process probably involves looking at help.ubuntu.com :P
<Gruelius> heh
<Gruelius> how do i request that this gets put onto the packages thing
<Kamping_Kaiser> i dont know how different pigdin is to gaim
<Gruelius> its like gaim but not ugly apparantly
* Gruelius goes brb
<Kamping_Kaiser> file a request bug.
<Kamping_Kaiser> if it is 'the next gaim' then it'll get packaged, probably real soon now
<Gruelius> well idk bout that but its just gaims ui that shits me :P
<Kamping_Kaiser> -> #ubuntu-au
<Gruelius> ive got another bug tho, with the desktop effects thing
* Gruelius thought u were kidding :p
<amachu> hi, i want my laptop to connect to my desktop
<amachu> i have a RJ-45 cable
<amachu> laptop with Kubuntu Edgy
<amachu> and desktop with edubuntu feisty
<amachu> help wanted
<Kamping_Kaiser> how is this server related?
<Skaag> how do I add something to my PATH env var so that when I sudo -s it will be there?
<Skaag> I tried /etc/profile and /root/.profile
<Skaag> nothing works
<Kamping_Kaiser> add a 'if uid=0 use this PATH=' to your bashrc
<Kamping_Kaiser> sudo -s = your bashrc, sudo -i = root bashrc
<Skaag> I see!
<Skaag> great, works now
<Skaag> i've been struggling with this because of this small difference between -s and -i
<Skaag> bummer ;-)
<Kamping_Kaiser> np. 
<Kamping_Kaiser> :)
<Skaag> thanks Kamping_Kaiser 
<Skaag> ;-)
<Kamping_Kaiser> enjoy mate :)
<Skaag> now to try and get Xen working
<Skaag> i'm a bit uneasy with having xen replace my kernel
<Kamping_Kaiser> i havent tried it
<Skaag> I did simulations with apt-get
<Skaag> to see what it will do..
<Skaag> it plans to replace the kernel among other things
<The__FBI> kamping_Kaiser: i have you surrounded
<Kamping_Kaiser> The__FBI, i'll not treat this as ban evasion.
<Skaag> lol
<Kamping_Kaiser> sorry about the distraction :)
<dworkin> I have feisty and i want to install apache2 with ssl support, but the only apache in repos with ssl enabled is 1.3.34. how can i enable ssl in apache 2.2.3?
<jam_> Anyone there?
<foo> Hm, LayeredTech offers ubuntu servers; nice.
#ubuntu-server 2007-05-13
<jondowd> Hello, I've overlooked something simple or missed a step. When I reload apache2 I get a '[warn]  NameVirtualHost jondowd.com:0 has no VirtualHosts' error. 
#ubuntu-server 2008-05-05
<saltedlight> hi. i wanna install php5-gd on a lamp server, but wen i apt-get install php5-gd it say will install _many_ X packages. why? how can i avoid installing X packages but install _all_ php packages?
<pschulz01> Morning.
<Ashfire908> Can I install any of the options I get when I'm installing later AND will it give me the same text interface and setup screens for those packages?
<Ashfire908> (when installing the ubuntu server edition of course. also i already know the answer to the first part is a yes, but i didn't know how to phrase the second part then)
<AtomicSpark> you mean instead of adding "features" during the install, you want to add them later but with a text-biased setup?
<AtomicSpark> *based
<pschulz01> AtomicSpark: have a look ad dpkg-reconfigure
<pschulz01> Are the instructions for setting LDAP authentication setup the same for hardy as gustsy?
<Ashfire908> AtomicSpark, with the same setup as you would get installing them wehn in the installer....
<AtomicSpark> Ashfire908, there is a new server tool. i forget what it's called. it's the real name for that check list that you get when you first installed.
<pschulz01> Ahah.. found instuctions :-) https://help.ubuntu.com/community/LDAPClientAuthentication
<pschulz01> A tthe bottom :-)
<Ashfire908> AtomicSpark, i mean i don't want the checklist program
<AtomicSpark> Ashfire908, this is frustrating. we were just talking about it the other day. X(
<AtomicSpark> it's the program that lets you check which services you want and it auto configures them for you.
<yell0w> hey guys I changed the value of /etc/default/console-setup for the ttys to have only tty1-2 active, but all of them are backup after a reboot. any suggestion ?
<AtomicSpark> tasksel?
<AtomicSpark> yup!
<AtomicSpark> Ashfire908, look at this https://help.ubuntu.com/community/Tasksel
<Ashfire908> i want to know, if i install one of the packages seperalty, via apt-get, after install, will it give me the same propmts as when i would get if i had selected it during install
<pschulz01> yell0w: Have a look at '/etc/event.d'
<pschulz01> yell0w: remove the tty3-6 files.
<AtomicSpark> Ashfire908, that should work for you're talking about what i think you're talking about. :)
<Ashfire908> i don't mean the checklist itself.
<Ashfire908> i mean the prompts for the package.
<Ashfire908> unless they are part of the some thing.
<Ashfire908> *same
<AtomicSpark> Ashfire908, i think so. i don't remember any prompts when i set up the server from the cd installer.
<yell0w> pschulz01: can i just rename them ?
<Ashfire908> if you select some it will give prompts...
 * Ashfire908 shrugs
<Ashfire908> i'll just install.
<Ashfire908> need to get this thing running...
<AtomicSpark> Ashfire908, i never ran the program myself. that's the only way i know to configure your server with a text menu after you install it. either that or aptitude (which only installs packages, doesnt help configure)
<Ashfire908> yea just got a prompt for the mysql root password.
<AtomicSpark> good deal.
<Ashfire908> after selecting LAMP in tasksel (in the installer)
<AtomicSpark> yay i help someone. lol.
<Ashfire908> not really.
<AtomicSpark> god that annoyed me. i couldn't remember the command.
<Ashfire908> it ran tasksel while in the installer on it's own
<pschulz01> yell0w: Have a look inside these files.. you might be able to disable them/get them not to start up by default. The name is the name of the service.. not the tty to use.
<Ashfire908> that's where i was when i came it
<Ashfire908> (in here
<AtomicSpark> wonderful. at least you got it working it sounds like.
<Ashfire908> i didn't know what it was called though.
<pschulz01> yell0w: I'm a newbie to 'upstart' as well.
<AtomicSpark> are you setting up a LAMP server?
<Ashfire908> yes
<AtomicSpark> don't forget to secure it. i just copied the default and made a new "site". then i enabled the new site and disabled the default. make it secure and stuff but still have the default config for example.
<AtomicSpark> more here https://help.ubuntu.com/8.04/serverguide/C/httpd.html#http-configuration
<yell0w> pschulz01: ok
<AtomicSpark> indexies and muiltiview are bad. very bad.
<pschulz01> Woot! Successful LDAP authentication :-)
<pschulz01> .. and it created a home directory..
<jomast> fresh install of 8.04 server edition. having trouble with samba sharing.
<jomast> The following works ok.
<jomast> [QB]
<jomast> 	writeable = yes
<jomast> 	path = /DATA/QB
<jomast> add in the following and it breaks.
<jomast> 	valid users = @qb
<jomast> 	
<jomast> any thoughts? is samba "broken" in this release our of the box?
<pschulz01> jomast: Just about to give it a try..
<pschulz01> jomast: How did you install it?
<jomast> pschulz01: installed during the OS install
<pschulz01> jomast: Ok.. I'm installing the 'samba' package.
<pschulz01> Hmm.. it just found an error in my LDAP user list :-/
<pschulz01> Let me try that again.. after 'apt-get remove --purge samba'
<AtomicSpark> careful with the purge command buddy.
<jomast> I've got 4 users....  that need access to the share... all other users are "guests" that should not have access.  i cant even get this to work now... i cant imagine using LDAP.
<AtomicSpark> samba should be easy to set up on ubuntu. are you trying to make it pull ldap users?
<pschulz01> jomast: :-) NP.. I'm just working through the install now..
<AtomicSpark> jomast, set it to inherit ACLs and put them al in a group and set that folder's owner as that group.
<AtomicSpark> they should have an example of a basic share imo. not just printers and home folders.
<jomast> AtomicSpark: that's been done.  my problem is that i can not access the share remotely when any share level access restrictions (ie: specific groups or users).  The share is simply not accessable.  errors are given on the client side.
<AtomicSpark> jomast are you a member of the group that has permissions on it?
<jomast> yes
<AtomicSpark> and remotely means from another client or over a wan link?
<jomast> in theory when the share is accessed, the user should be prompted for user/pass... or at the least, denied access due to invalid permissions....  however all i'm getting is an error connecting (osx and winxp clients)
<jomast> multiple clients on the same lan.
<AtomicSpark> very interesting.
<AtomicSpark> do you have secuirty set to user?
<AtomicSpark> like security = user in the smb.conf
<jomast> security = share level
<AtomicSpark> hmm. i think it should be user. i believe the choices are user, ldap, etc.
<AtomicSpark> user means they have to have a unix account for each samba user
<AtomicSpark> did you remember to set samba passwords for each user?
<AtomicSpark> smbpasswd +a username
<jomast> yes.
<jomast> switching to "user"  level security
<AtomicSpark> alright do that and restart samba. see if that fixes for ya.
<jomast> same results (i almost got my hopes up)
<AtomicSpark> hmm
<jomast> this should be simple easy
<AtomicSpark> did you edit the default smb.conf? or got it from somewhere else?
<AtomicSpark> you're running this on ubuntu server correct?
<jomast> edited the default... first with webmin... now i've gone to manual for fear that webmin was screwing me
<jomast> yes... ubuntu server
<AtomicSpark> webmin should be okay as long as you don't install packages with it.
<jomast> amen
<AtomicSpark> webmin might of changed all of it though. i can paste the default if you wish.
<jomast> i was just about to strip the conf down to bare minimum...
<AtomicSpark> heh. that's not always the best idea. i'm not sure what some of the settings do.
<AtomicSpark> http://paste.ubuntu.com/10144/
<jomast> dont worry.... just a test run... i made a backup
<AtomicSpark> that's the one for ubuntu 8.04
<AtomicSpark> i make backups of all the configs if i edit ;)
<jomast> yeah... that killed it all together
<jomast> back to the defaults
<AtomicSpark> to get it to work for me, i changed workgroup, uncommented security = user, then add the share to the bottom
<AtomicSpark> i really wish they would add a sample for a share on there.
<AtomicSpark> i think you only need path, read only no, browsable yes, and guest ok no for a simple share
<AtomicSpark> it should pull permissions from the folder's permissions. :-\
<AtomicSpark> oh by default it creates files with permissions of 700. if you want that changed then you gotta add create mask = 755 or something.
<jomast> making the adjustments.... standby for results
<AtomicSpark> i ment 0755. need to get the sticky bit off.
<jomast> heh..... same results
<AtomicSpark> are you using a firewall?
<jomast> no.
<AtomicSpark> very odd.
<jomast> i can access shares on the server
<jomast> but they have to very plain
<jomast> it only breaks when the stipulations for specific users or groups are added
<AtomicSpark> hmm. donno what to tell you sorry.
<AtomicSpark> are you on the same workgroup?
<AtomicSpark> is it set to the right one? lol
<jomast> yeah man
<jomast> everything you've suggested are things i've already gone through.... and/or would have suggested to others
<AtomicSpark> haha. well you never know. hate for it to be something simple you missed.
<jomast> i was hoping there was somebody who knew something i didn't
<jomast> maybe i can pop in my old fedora config file and see if that makes it jive
<AtomicSpark> that may work.
<jomast> (server was fedora 6 yesterday.... today ubuntu)
<jomast> cant make it any worse!
<AtomicSpark> my teacher joked about using the suse gui to set up the config files then copying it to ubuntu.
<AtomicSpark> he likes suse wayyy to much.
<jomast> i've always been a redhat/fedora guy...  but needed to get this server updated... and didn't want to wait for fedora 9 next month... so ubuntu 8 seemed like the thing to try
<AtomicSpark> fedora was okay. of course the last time i used it was around fedora 4. i'm sure it's better now.
<AtomicSpark> it being just a test bed for red hat kindof irks me though. i used to use cent os for servers.
<AtomicSpark> the repo for ubuntu is great though. don't have to worry about adding a bunch of them and putting in priorities. making sure yum wont crap up your system.
<jomast> nice
<AtomicSpark> and then there is suse. it has no repos. haha.
<jomast> dependancy nightmares.... oh the inhumanity
<AtomicSpark> yes.
<jomast> ok.... old config file inserted.... file paths updated....  it does the same thing!!!  i'm starting to think that this samba build is 'broken'
<AtomicSpark> on 8.04? it works on mine. :P
<jomast> let me check the filesystem acls etc.... again... .....
<AtomicSpark> ls -al
<jomast> drwxrwxrwx  6 root   root     4096 2008-05-04 18:40 .
<jomast> drwxr-xr-x 21 root   root     4096 2008-05-03 17:49 ..
<jomast> drwxrwsrwx  2 nobody nogroup  4096 2008-05-04 20:51 ISO
<jomast> drwxrwsrwx  2 nobody nogroup  4096 2008-05-04 20:18 MOVIES
<jomast> drwxrwsrwx  7 nobody qb_group 4096 2008-05-03 23:17 QB
<jomast> drwxrwsrwx 12 nobody nogroup  4096 2008-05-03 23:14 STUFF
<jomast> the share to "STUFF" works fine..... well it did
<jomast> QB worked fine until i put in the network level restrictions (qb_group only)
<AtomicSpark> um. i don't think those should be nobodies. :P
<AtomicSpark> probably root for user and the group that you set for permissions for the group.
<AtomicSpark> qb = quickbooks?
<jomast> qb = quickbooks
<jomast> root or nobody... made no differance
<jomast> alternetivly i've changed from allowing only a certain group to only allowing certain users......  same deal.
<AtomicSpark> hmm
<AtomicSpark> if it wasn't the weekend. i'm sure there would be more then just us paying attention to this room.
<jomast> lol... you mean i get to have this conversation all over again tomorrow??
<AtomicSpark> probably
<jomast> oh well.... that's enough banging my head on the wall for one day.  thanks for the help!
<AtomicSpark> welcome
<imyousuf> Hi. I want to setup a server for my network which will solely serve the purpose to act as a Ubuntu Package Repo server. I want to know which is the best way to achieve it? apt-cacher or apt-mirror?
<nijaba> imyousuf: I've found apt-mirror really easy to use
<imyousuf> ah ok
<Kamping_Kaiser> imyousuf, will you need to work offline?
<imyousuf> yes
<imyousuf> Actually Kamping_Kaiser I am working with a 100kbps line
<Kamping_Kaiser> then you'll need to make a full mirror, not just cache
<imyousuf> and want to update from 7.04->7.10->8.04
<imyousuf> so its a huge download
<imyousuf> and I will be performing this in 3 machines
<imyousuf> sorry 3 desktops and 3 servers
<imyousuf> thus I want to save as much BW as possible
<Kamping_Kaiser> then you'd probably want a caching proxy proxy
<Kamping_Kaiser> -casher will probably work (i use http-replicator myself)
<nijaba> well mirroring for 3 version = about 40-60 Go
<imyousuf> thats not a problem
<nijaba> so I agree with Kamping_Kaiser that caching is what you want
<imyousuf> the mirror server has 400G space
<nijaba> yes but with yor line it will tka a long time
<imyousuf> and I intend to use it as a Ubuntu Mirror/Cacher and Maven Cacher
<Kamping_Kaiser> imyousuf, its a problem because you have to download it ...
<imyousuf> yes, I will have to do it whether I use a cacher or mirror
<Kamping_Kaiser> 100k/s is 50mb/hr
<Kamping_Kaiser> so your looking at about amonth of solid downlaoding
 * nijaba is mixing letters a lot....  not been using a keyboard for a while
<imyousuf> so my plan is upgrade one first and then upgrade the others, I wont be doing multiple upgrades simultaneously
<Kamping_Kaiser> nijaba, *waves*
 * nijaba waves back (and that's cool cause he was sailing)  
<Kamping_Kaiser> nice
 * delcoyote hi
<ctx144k_> hello all, how can i chance the default-charset von apache2 to iso8859-15?
<ctx144k_> and how can i check that the apache willbe use that
<uvirtbot> New bug: #226777 in samba (main) "Impossible to correctly use Samba Shares on a NAS with Ubuntu" [Undecided,New] https://launchpad.net/bugs/226777
<cder> just wondering if hardy is now ready to use in a production environment?
<hattrick> anybody using munin on hardy?
<hattrick> munin isn't working out of the box on hardy???
<Kamping_Kaiser> munin?
<Asad2005> i have created a bond0 of eth1 and eth2 then i change the mode to5 instead of 4 how do i reinitialize it to take my new setting i tried restart networking and ifonfig down/up no use
<Jeeves_> Asad2005: Shut the bond0
<Jeeves_> rmmod bonding
<Jeeves_> modprobe bonding <options here>
<Jeeves_> (AFAIK)
<Asad2005> ok i will try
<dweerf> is hardy ready for a production environment?
<Jeeves_> dweerf: You might expect so
<Jeeves_> It was released last week
<Deeps> depends on your definition of 'ready' and 'production environment', heh
<dweerf> well to be specific useing the xen kernel
<Deeps> hehe, no, not out of the box
<dweerf> i thought not
<Deeps> fixes are available, if you search launchpad for the relevant bugs
<Deeps> i believe the fix is to be integrated at 8.04.1
<Deeps> i hope i'm wrong though
<Deeps> it'll be a couple of months at least though, as whatever fix is applied needs proper testing
<dweerf> thing is ubuntu ok in some respects but i have to say it debian etch rocks
<Deeps> meh, same thing different name, mostly
<dweerf> diffrence is it tends to work better
<Deeps> aside from this xen issue, i've not seen anything to tell them apart
<dweerf> so you think xen is the ONLY issue
<Deeps> although in neither case have i attempted to do an upgrade between releases, thanks to debian's less than stellar record with that
<Deeps> no, i'm sure ubuntu has more issues, and i know debian does too
<Deeps> the removal of binary blobs for device drivers for one, making debian incompatible with my dell kit featuring broadcom nic's is a bit of a pita
<dweerf> yes thats true but i expect debian is tested  more
<Deeps> definately, due to the slower release cycle
<Deeps> thats why i'm not planning on touching hardy until ibex is out, heh
<dweerf> but tends to have a slight advantage of being more soild
<Deeps> no need, dapper's still supported for a long time anyway
<hattrick> Kamping_Kaiser: do you know Munin?
<Kamping_Kaiser> no i was wondering what it is
<hattrick> did you find out already?
<Kamping_Kaiser> !info munin
<ubottu> munin: network-wide graphing framework (grapher/gatherer). In component main, is optional. Version 1.2.5-2ubuntu3 (hardy), package size 588 kB, installed size 996 kB
<phil_> thats a bummer hattrick :/
 * Kamping_Kaiser should have thought of that first
<phil_> always loved that out-of-box feeling for munin
<Asad2005> Jeeves_, i have done what u siad removed bonding and modeprobe it again but it is failed, i have followed this how to https://wiki.ubuntu.com/LinkAggregation to create it except last item in configuration which seems not required for hardy. Do i have to change something  other than mode=5 instead of mode=4
<phil_> i'll do a dist-upgrade now and check if munin works for me :)
<Jeeves_> Asad2005: Nope, afaik not
<_ruben> crap .. forgot how i created my snmp v3 user account last time .. snmpv3 is annoying :p
<hattrick> phil_: can you help me out?
<phil_> I'm still downloading ~30min
<phil_> but does it give you any error while installation/configure is running?
<hattrick> no
<hattrick> it just doesn't work
<rgl> hi
<rgl> which gcc version was used to build the linux-image-server kernels?
<rgl> oh... nm... its in dmesg!
<jonah> hi i know this is more about running an ubuntu server but i wanted to ask a few simple questions about my work. i work in a photography shop, we do special effects so have to save big tiff files of around 80mb with lots of layers etc. we wondered if we could get a central server for our 3 processing computers but are worried about save and load speeds, also accessing from home - how would you go about it? does ethernet limit the speed etc? i don't know
<jonah> much about it really but we need to open and save files quickly when customers are waiting for their photos
<soren> jonah: With gigabit ethernet, the network itself won't be much of a bottlenect.
<soren> bottleneck, even.
<soren> Accessing from home is likely to be rather painful, though.
<hattrick> phil_: i got an error now
<hattrick> cp: accessing `/var/www/munin/': Permission denied
<hattrick> : Permission denied Cannot open /var/www/munin/localdomain/localhost.localdomain-apache_processes.html at /usr/share/munin/munin-html line 488.
<phil_> hm strange
<phil_> did you also do a dist-upgrade?
<phil_> and what are owner/group settings for /var/www/munin?
<hattrick> yes i did
<hattrick> munin:munin
<jonah> soren, is there anyway round accessing from home or is it just broadband providers aren't quick enough?
<soren> jonah: Yeah.
<soren> jonah: I've got a rather beefy 20 Mbit/s connection, and even then, it'll be at least ~40 seconds to download a photo.
<phil_> hattrick: according to my /etc/cron.d/munin munin-cron is run as user munin (but this is from a etch machine)
<hattrick> phil_: same here
<hattrick> so what's wrong with the permissions?
<hattrick> i can't grasp it
<jonah> soren, hmm that's a shame, we wanted to try work from home. like one guy down the studio doing the shoot, another man at home processing and sending the photos back with special effects for print out and collection of customer, but i spose upload speed on home ISP would be even worse. and i only have a 5mb connection
<phil_> hattrick: directories are 755 and files are 644
<hattrick> yeah
<hattrick> i guess munin on ubuntu just sucks
<uvirtbot> New bug: #226851 in mysql-dfsg-5.0 (main) "Users "not root" don't works correctly" [Undecided,New] https://launchpad.net/bugs/226851
<phil_> hattrick: seems as my munin installation is still working after hardy upgrade: "This page was generated by Munin version 1.2.5 at 2008-05-05 T 13:00:34 (UTC)"
<phil_> hattrick: but I'm using ubuntu-desktop here. and it was just a basic installation of munin + munin-node (no config changes etc)
<roshan_s> I'm having trouble with IP forwarding since upgrading from feisty to gutsy (and then to hardy). My external interface is ppp0. IP forwarding works fine when the internal interface is eth0, but not when it's a bridge. This exact setup worked fine in feisty. Has anyone experienced a problem like this?
<_ruben> hrm .. postfix-pcre in hardy isnt upgraded, its still the gutsy version and thus wont install in hardy
<_ruben> !info postfix-pcre
<ubottu> postfix-pcre: PCRE map support for Postfix. In component main, is optional. Version 2.5.1-2ubuntu1 (hardy), package size 40 kB, installed size 104 kB
<_ruben> wtf
 * _ruben slaps his (local) mirror
<_ruben> haha .. oops, messed my sources.list .. *slaps forehead*
<CrypTom> hi all, how do you analyze your logfiles? logwatch? by hand with tail/less? I'm looking for a tool that creates nice webpages or pretty mails
<faulkes-_> logwatch generally does a good job
<sommer> happy monday all
<CrypTom> but the output is not that pretty and I have several servers, is there no way to get one website containing the analyzed logs from all servers
<spiekey> hi
<spiekey> can anyone recommend a nice X-change project (such as OpenXchange or Group-e) ?
<spiekey> i am looking for one with the focus on calendar (sharing), webmail and sync with mobile devices
<_ruben> CrypTom: for email we are using SEC (simple event correlator) .. if you want a nice webinterface: splunk
<keb> The upgrade aborts now. Your system could be in an unusable state. A recovery will run now (dpkg --configure -a).
<keb> how do i resume the upgrade from 6.06 to 8.04 ?
<CrypTom> _ruben: thanks, I will look at those tools!
<CrypTom> spiekey: we you zimbra, very nice!
<CrypTom> spiekey: there is an opensource (free) version, without mobile support, but the network version (costs) has mobile support (blackberry, etc.)
<spiekey> thanks!
<\sh> keb, apt-get dist-upgrade again, or dpkg --configure -a first :)
<keb> thanks.  dpkg --configure -a didnt output anything
<keb> hmmm it says it is already done.
<keb> i guess it is time to reboot and see whether it worked
<keb> can't ssh to the box. i'll have to go there and see what state it is in
<uvirtbot> New bug: #225139 in samba (main) "package update-manager 1:0.87.25 failed to install/upgrade: ErrorMessage: SystemError in cache.commit(): E:Sub-process /usr/bin/dpkg returned an error code (1)" [High,Confirmed] https://launchpad.net/bugs/225139
<sommer> wow, turbogears is kinda awesome... who knew :)
<apadilla> hello, is there a way for me to verify when a  package was removed on a gutsy server?
<sommer> apadilla: you can do dpkg -l | grep package_name
<apadilla> i get some package info but not when it was removed.
<apadilla> its been reinstalled though, that could mess that up I guesws
<sommer> apadilla: woops I misread your question... for *when* you can check /var/log/apt/term.log, that might give you more information
<sommer> there are also past log file in the directory that may also contain the info
<apadilla> excuse me, I also put forward some incorrect information. its actually a dapper server.
<apadilla> don't have /var/log/apt/
<apadilla> I'm starting to suspect this box has been owned
<apadilla> when a package is removed though apt its configuration files are kept, right?
<apadilla> unless you do a --purge
<apadilla> the package that was removed is logwatch
<sommer> apadilla: correct, only using a --purge will remove the configs
<Deeps> hf reinstalling, heh.
<uvirtbot> New bug: #226405 in nut (main) "Missing support for upsmon only configuration (slave)" [Wishlist,Triaged] https://launchpad.net/bugs/226405
<victoruiz> hi
<victoruiz> could sb help me, please?
<victoruiz> I think it's so easy to solve
<ScottK> victoruiz: Your odds of getting your question answered go up if you actually ask it.
<victoruiz> ;)
<victoruiz> the fact is that I'm working actually with ubuntu-server 8.10
<victoruiz> and i can't access remotely by mean of JMX protocol started on port 9095
<victoruiz> I don't know if there is any security system like 'selinux'
<ScottK> selinux is not installed by default.  apparmor is.
<victoruiz> but... i need access it, and at the moment it's impossible
<victoruiz> apparmor is installed?
<ScottK> Yes.
<victoruiz> ok
<ScottK> apparmor should be compatible with Ubuntu packages.  If it's not, it's a bug.
<victoruiz> and do you think it could be the problem cause i didn't change the configuration by default
<ScottK> It'd help if I knew what JMX protocol was.
<ScottK> What package provides that?
<victoruiz> i'm developing a java app with Spring framework, that allows export all functions on JMX
<victoruiz> that's enough? :S
<ScottK> OK.  As soon as you say Java, I know I'm not the one to answer your question.
<victoruiz> but do you think it's the problem? I installed correctly the app
<ScottK> I have no idea.
<victoruiz> and I can see that the server is listening the port i opened for JMX to
<victoruiz> i installed in some other platforms but not ubuntu server and it worked well, this is because i thought it was something related with security on ubuntu server
<victoruiz> anyway Scottk
<victoruiz> in apparmor status, i can see I have no profiles or processed loaded, enforced or complained
<ScottK> Then I'd guess that's not it.
<nealmcb> victoruiz: do you have a firewall running?
<\sh> victoruiz, could it be, that it listens on 127.0.0.1:<port you defined> and not on any other interface ip?
<\sh> anyways..heading home...cu later
<victoruiz> hi again
<victoruiz> there is no firewall running
<victoruiz> outgoing traffic is ok, but looks like the server doesn't accept incomming connections to port 9095
<ogra> does it respond to: telnet localhost 9095
<ogra> ?
<ogra> on the server
<victoruiz> yes
<victoruiz> and remotely too
<AtomicSpark> telnet? -_-
<ogra> AtomicSpark, awesome tool to check ports :)
<victoruiz> yes
<victoruiz> it responds to telnet remotely and executing telnet on the same server
<victoruiz> and in JMX client appears that is trying to connect to other machine than I'm entering as destination
<victoruiz> i.e.: I'm trying to connect to 192.168.0.207 really
<victoruiz> and in logs appears... : java.rmi.ConnectException: Connection refused to host 127.0.1.1
<victoruiz> :|
<victoruiz> it's working well in any other machines, it's not a SW error
<jay2> what languge from you _ruben hehe
<zul> mathiaz: ping what are you doing for all of those samba ucf upgrade error bugs?
<mathiaz> zul: trying to figure out what the users are doing
<mathiaz> zul: are they closing the window ? are they accepting the change ?
<zul> mathiaz: *sigh* ok :)
<cody-somerville> Hey
<cody-somerville> I setup a local DNS server and I setup the router to use it as the primary DNS server but the computers on my network aren't happy because my DNS server is sending them the result directly instead of sending it to the router to send to them.
<cody-somerville> I get the following error when I try to use dig:
<cody-somerville> ;; reply from unexpected source: 192.168.1.105#53, expected 192.168.1.1#53
<Deeps> if your router provides dhcp for your network, tell it to change the dns server it advertises to be .105 instead?
 * cody-somerville looks.
<cody-somerville> Ah, I just have to disable DNS relay in the router.
<Leperquorn> Hi all... Using Ubuntu-server 6.06... I just tried tasksel... It doesn't seem to be there?
<CrOOgie> hello everyone... i have one question... maybe you can help me.
<CrOOgie> so i've installed on my desktop ubuntu server and on laptop ubuntu normal, desktop edition ;) i have external ip so i tried to run own server...
<CrOOgie> on my router i've set portforwarding in 80 port to IP that have my ubuntu-server
<CrOOgie> installed apache2 etc
<CrOOgie> and... when i try to access by 192.168... it's all works
<CrOOgie> but when i try my external IP its telling me that: "Forbidden... You don't have permission to access / on this server."
<CrOOgie> any ideas ?
<Deeps> chances are you're hitting your router rather than your ubuntu machine
<Deeps> remove the portforward and try again to confirm that
<CrOOgie> hmm.. ok but how can router know that where server is without set forwarding ?
<Deeps> the router is probably listening on port 80
<Deeps> and you're getting an error from the router
<Deeps> if you remove the port forward and still carry on getting that error, you know the problem is your router, not your apache config
#ubuntu-server 2008-05-06
<pschulz01> Morning
<docta_v> anyone here free to help me with a debuild problem?
<docta_v> i'm trying to build squid3 from source but the package is messed up
<cody-somerville> docta_v, just ask your question/explain your problem
<cody-somerville> If someone knows the answer, they'll tell you :]
<docta_v> i am running through the standard process
<docta_v> which worked fine on squid v2
<docta_v> run configure script
<docta_v> and then run debuild -us -uc -b
<docta_v> however some of the Makefiles are being deleted improperly
<docta_v> and the build fails because it's missing a Makefile for some of the sub directories
<docta_v> specifically there is no Makefile in the lib subdir
<cody-somerville> Well, it seems like you need to modify the debian rules file not to do that! :)
<mathiaz> docta_v: are you basing your work on the squid3 package ?
<docta_v> yes
<mathiaz> docta_v: there is already a squid3 package in universe
<docta_v> it's not built with ssl support
<mathiaz> docta_v: did you try to build the binary package ?
<mathiaz> docta_v: Makefile can be remove during the clean target, because they're regenerated at configure time
<docta_v> apparently it's not regenerating one of the Makefiles that it removes
<docta_v> i'm running debuild -us -uc -b to build
<docta_v> is that what you mean by building the binary?
<mathiaz> docta_v: you don't need -b
<mathiaz> docta_v: debuild -us -uc should be enough
<docta_v> same error
<docta_v> i do see some messages about "failed to remake makefile"
<docta_v> when i run debuild so that might have something to do with it
<docta_v> i can actually get a lot further if i use -nc
<docta_v> but that seems like it might cause its own problems
<LeonardoESBR> Hi! I have problems in nfs-common client service because start-stop-daemon seems that is not installed. Do anyone know the name of the package that contains "start-stop-daemon"?
<sommer> doh, he left
<c1|freaky> what's the best CMS?
<sparky01> hey
<sparky01> Anyone been playing with Nexuiz on 804?
<sparky01> i know its a game and not serious stuff
<sparky01> =P
<sparky01> I have the same problem from the binary download as I do from the repo's version
<sparky01> well don't all answer at once
<sparky01> =P
<sparky01> 106 silent
<sparky01> =(
<ScottK> sparky01: Most people here work US/European days.  It's normally pretty quiet this time of day.
<sparky01> ScottK, yeah, I hear you
<sparky01> Anyone nexuiz server?
<flyback> any chance of a kernel update for 6.06
<flyback> since 2.6.15 is *CANUCKED*
<flyback> nfs crash and burn bug
<ScottK> flyback: Is there a bug in LP for it?
<flyback> yes
<flyback> the kernel bug has been known for 2 yrs
<flyback> you people suck
<flyback> i'm sorry but that's pathetiuc
<nealmcb> flyback: what's the bug number/url?
<flyback> dunno but I can find the event again hang oin
<nealmcb> :)
<flyback> the last post was in april
<ScottK> flyback:
<ScottK> flyback: Good luck getting help by cursing at the people who might actually be able to help you.
<flyback> dude
<flyback> 2 yrs
<flyback> even if you didn't want to change lts how about at least a "hey this affects some people you might want to do this"
<ScottK> Right, but I had nothing to do with that and you just told me I suck.
<ScottK> So guess how motivated I am to help now.
<flyback> probably about as motivated as my diseased asshole
<flyback> to push out shit
<pschulz01> Upgrading remotely.. from gutsy to hardy.. is there a command line script equivalent to the GUI button?
<ScottK> pschulz01: do-release-upgrade
<flyback> https://bugs.launchpad.net/ubuntu/+source/linux-source-2.6.15/+bug/191182
<flyback> *CANUCKED*
<uvirtbot> Launchpad bug 191182 in linux-source-2.6.15 "6.06.02 2.6.15-51-server soft lockup on cpu#0 on shutdown/umount xfs partition on /dev/md0" [Undecided,Incomplete]
<pschulz01> ScottK: Ta :-)
<flyback> actually wrong link God damn google shit
<pschulz01> ScottK: Lets see if it works remotely on my bosses computer :-)
<flyback> https://bugs.launchpad.net/ubuntu/+source/linux-source-2.6.15/+bug/97105
<uvirtbot> Launchpad bug 97105 in linux-source-2.6.15 "samba causes nfsv4 kernel module bug" [Undecided,Confirmed]
<flyback> this is close
<ScottK> pschulz01: I've done it on both servers and desktops and had it work fine.
<flyback> found it
<flyback> https://bugs.launchpad.net/ubuntu/+source/linux-source-2.6.15/+bug/58170
<uvirtbot> Launchpad bug 58170 in linux-source-2.6.15 "Kernel race condition if nfs mounts present on real or virtual nodes [kernel BUG at lib/radix-tree.c]" [Undecided,Confirmed]
<ScottK> lamont: You awake?
<pschulz01> ScottK: /me bites bullet..
<pschulz01> ScottK: :-)
<ScottK> ;-)
<Konam> hi
<flyback> 2.6.15-51 IS STILL the latest for 6.06 lts correct?
<Konam> I want to know if when I install the tasks through the tasksel interface during the installation proccess it will ask me for configuration automatically or I will have to do it manually after the installation process?
<ScottK> Konam: It should ask you during the isnstallation process.
<nealmcb> flyback: looks like it
<Konam> that is a problem :/, good that I didn't choose to install them :)
<ScottK> Konam: It's not unique to tasksel.  By policy packages are supposed to be installed in a running configuration and ask questions if needed to establish sane defaults.
<flyback> ok cause I KNOW my pxe boot + auto script many os vm severely canucked ubuntu server install
<flyback> actually nm
<flyback> I took the kernel # from a normal install I did
<flyback> just to compare
<ScottK> Konam: I can only think of a very few packages that don't do that.
<Konam> ScottK yeah, I know, I just thought it wouldn't, silly me. I'm learning about handling Linux servers through ubuntu now :)
<nealmcb> flyback: thanks for the pointers.  seems like the bug should be marked "fix released" since it works in edgy etc - is that your experience?  the policy on updating stable versions is conservative for good reasons.  You can look at https://wiki.ubuntu.com/StableReleaseUpdates and consider making a pitch for that bug in dapper.  or folks can switch to hardy now of course.
<flyback> uh
<flyback> I don't see a fixed release
<flyback> for 6.06
<flyback> and I consider a kernel crash and burn under load pretty fucking broken
<ScottK> I think we got that already.
<nealmcb> flyback: you're also free to apply the patches and put a kernel in a "ppa" for others to use.  but the policies have been worked out to try to best serve folks all things considered
<flyback> with the mentality at work I might as well shove the package up my ass
<flyback> hopefully I will have a heart attack before then
<nealmcb> like ScottK said, foul language isn't likely to help, so please abide by the ubuntu code of conduct.  http://www.ubuntu.com/community/conduct
<flyback> whatever
<flyback> 'my life's been 34 yrs of bullshit anyways
<flyback> pigs will fly before anything changes
 * flyback goodnight all
<[T]an2> need some help with ip tables
<[T]an2> here is my current set up:
<[T]an2> http://pastebin.ca/1009042
<[T]an2> this give me access to the internet and basic service inbound.
<[T]an2> The problem i have is when i add nat to forward port 80 to a different address... the inbound port 80 rule works, but then I no longer can get out to the internet.
<[T]an2> any help would be appreciated
<logist> there is no rule for port 80
<[T]an2> right... i took it out so i could get to the internet. :-D
<[T]an2> so its current configuration works to get me to the internet.
<logist> so, paste it somewhere
<[T]an2> if i add a rule for port 80 which should be set up identical to port 4569 then my outbound internet stops working
<[T]an2> i clone the rule for 4569 and change the port numbers only for my web server rule
<[T]an2> and it works. however the outbound port 80 stops
<[T]an2> gimme a sec and I will set it up like that and then paste it....
<logist> look like you miss -d<your server IP> here
<[T]an2> here is my updated version
<[T]an2> http://pastebin.ca/1009045
<logist> try A PREROUTING -p tcp -m tcp -d<YOUR IP ADDRESS> --dport 80 -j DNAT --to-destination 192.168.1.10:80
<logist> now it just route all traffic to port 80 to 1.10
<[T]an2> instead of: -A PREROUTING -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.1.10:80
<[T]an2> ?
<[T]an2> or in addition to?
<logist> instead
<[T]an2> errr... what is the command... i am trying to create that using webmin and not doing it correctly.
<logist> sorry, i've never used it...
<soren> "-p tcp -m tcp" seems a bit much.
<[T]an2> soren: how would you do it?
<[T]an2> check me....
<[T]an2> # iptables -A PREROUTING -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.1.10:80
<[T]an2> iptables: No chain/target/match by that name
 * RoAkSoAx by all
<soren> [T]an2: I'd just use one of them instead of both?
<[T]an2> oh, is that why i got the error?
<soren> [T]an2: PREROUTING is in the nat table, by the way.
<soren> You're missing "-t nat".
<[T]an2> help me out with the format of what I need to add.... this is all foreign to me. i can block and open ports... but i have never forwarded
<soren> Just add "-t nat"
<soren> [T]an2: ^
<AussieGuy> hi. I have a Dell PowerEdge 1550 server, 4 scsi hard disks with RAID (2 pentium 3 processors). when I put the hardy install cd in and press enter at the welcome menu, it loads up then drops me to a busybox shell
<AussieGuy> the other strange thing is if I try to put windows nt on it, windows nt cant see the hard drives
<AussieGuy> but ubuntu wont even load with the "try ubuntu without changing your computer" option
<soren> AussieGuy: Do you have any reason to believe that these servers aren't completely b0rken? :)
<AussieGuy> not really
<AussieGuy> do you need to do anything special to make the hard drives visible? it came with windows 2000 server installed on it and that booted fine origionally (until I deleted it)
<AussieGuy> apparently by deleting it I also deleted the dell utility program
<soren> Linux usually just sees everything.
<AussieGuy> would a scratched cd cause it?
<soren> Some BIOS can mark parts of a drive as hidden (e.g. for the dell utility thing) so that Windows won't scribble over it.
<soren> AussieGuy: It's possible, yes.
<AussieGuy> I think I might download the manual for that particular server. might have more info
<AussieGuy> I got given the server
<[T]an2> soren: is this correct:
<[T]an2> iptables -A INPUT -p tcp -d 192.168.1.1 --dport 80 -t nat -j ACCEPT
<soren> No.
<soren> INPUT is in the filter table (the default). PREROUTING is in the nat table.
<stonekeeper> hi. For a while now I've noticed a bug in the u-s partitioner: if you already have partitions of type "software raid", then try to configure software raid it claims there are no partitions to configure. Is this a known bug? Is there a work-around. many thanks.
<stonekeeper> meh, ignore that. PEBCAK. coffee time
<stonekeeper> one thing i will say is that there's an attempt to use ntp which fails badly if behind a proxy
<stonekeeper> any news on if the openvz kernel fixes will be pushed out via updates?
<soren> I would assume so.
<stonekeeper> Any idea when? I'm having to use debian to setup my VEs temporarily and it's not my ideal situation :/
<Deeps> see the kernel mailing list
<Deeps> and/or any relevant bugs on launchpad
<ScottK> sommer: Don't bother with python-clamav NMU.  I heard back from the Debian maintainer and he says he's going to update the package today.
<ScottK> sommer: Thanks so much for looking into it.
<sommer> ScottK: cool, I'll move on to the next one
<lamont> ScottK: awake now...
<ScottK> lamont: I was wanting to kick a certain in-duh-vidual last night and you were the only one with ops that might have been awake.
<lamont> heh
<ScottK> I taunted him a bit instead, so it all worked out.
<soren> I really wish someone would package cobbler so that I don't have to. :(
<zul> hah hah
<ScottK> jdstrand: IIRC you were going to copy clamav from dapper-updates to dapper-security.  I was a little suprised to see another dapper-security upload instead ...
<jdstrand> ScottK: I had already uploaded that before our conversation
<jdstrand> ScottK: the -security build queue has some issues right now, and I am just waiting on it to get straightened out before uploading the latest dapper
<jdstrand> ScottK: it's on my todo list
<ScottK> jdstrand: OK.  Just checking to make sure it didn't get dropped.  Thanks.
<jdstrand> ScottK: np
<Asad2005> how to umount an NFS mount folder if the remote NFS server is no longer available
<Asad2005> i got server failed to unmount
<ogra> man mount :)
<ogra> err
<ogra> man umount, sorry
<ogra> -f     Force unmount (in case of an unreachable NFS system).  (Requires kernel 2.1.116 or later.)
<Asad2005> thanks
<ogra> -l shuld work as well
<Asad2005> I tried with -f and now getting umount.nfs: /mnt/temp: device is busy. i dont seems to be able to ls that folder and dont prefer to reboot
<Asad2005> ok the -l option did it thanks
<zul> jdstrand: ping
<jdstrand> zul: pong
<zul> jdstrand: maybe a stupid question but does the apparmor take account of master/slave configurations for openldap?
<jdstrand> zul: the syncrepl bug?
<zul> jdstrand: exactly
<jdstrand> zul: as long as the user is storing the databases in the normal place, yes.  However, I'd be curious to see kern.log myself
<zul> ok
<jdstrand> zul: that was not a configuration explicitly tested
<jdstrand> (syncrepl that is)
<zul> jdstrand: I was able to replicate his crash (had to disable apparmor though because of his scripts though)
<jdstrand> zul: so, IIUC, it is not an apparmor issue generally, but the user will have to adjust his apparmor profile
<jdstrand> for his configuration
<zul> jdstrand: correct
<jdstrand> zul: ok cool
<zul> jdstrand: I just have to go chance it down and fix it...hopefuly
 * jdstrand nods
<dna_> how do you assign different ips to the same ethernet card?
<infinity> dna_: Put an eth0:1 stanza in interfaces(5)
<infinity> (And eth0:2, etc)
<Deeps> or ip addr add ip/subnet dev <device>
<dna_> umm didn't get you :/
<Deeps> ip addr add 192.168.20.121/24 dev eth0
<Deeps> for example
<dna_> ah ok :) thanks
<uvirtbot> New bug: #227344 in bind9 (main) "bind-dlz und ldap api" [Undecided,New] https://launchpad.net/bugs/227344
<victoruiz> hi
<victoruiz> is anybody there ready for a question about ubuntu server?
<ScottK> !ask | victoruiz
<ScottK> victoruiz: Don't ask to ask, just ask.
<ubottu> victoruiz: Please don't ask to ask a question, ask the question (all on ONE line, so others can read and follow it easily). If anyone knows the answer they will most likely answer. :-)
 * cwebber admits to having that bad habit at first
<victoruiz> hi again, sorry, but i'm working
<victoruiz> the fact is that i've installed an ubuntu server 8.04, the installation is by default
<victoruiz> I installed on it openssh
<victoruiz> and i installed the service that i want to publish on that
<cwebber> victoruiz: im confused... are you looking for help with something
<victoruiz> this service seems to run ok
<victoruiz> yes
<victoruiz> but i'm explaining the case
<victoruiz> finally, the fact, is that the service is developen on java spring framework, making public all methods by mean of JMX
<victoruiz> but i can't access remotely
<victoruiz> if I do a netstat i can see that the port is on listening mode
<victoruiz> and this service is running in some other services but windows servers and it's working well
<victoruiz> I uninstalled apparmor cause after some questions i thought that could be the reason, but it's still working bad
<victoruiz> anyone could say me what could be the reason????
<mhm_jr> perhaps filtered by iptables or restricted by tcpwrappers?
<cwebber> victoruiz: what rev of ubuntu?
<victoruiz> 2.6.24-16-server
<cwebber> lol
<victoruiz> 8.04
<cwebber> there ya go
<victoruiz> which is the prob?
<cwebber> so i have not done an install of 8.04 yet so i dont know defaults... but can you access the service when you are on the same subnet?
<victoruiz> I'm on the same subnet
<victoruiz> and i can't access this JMX service
<cwebber> and have you verified that you dont have a subnet miss match on the box?
<victoruiz> no, it's impossible
<nealmcb> victoruiz: do you have a firewall installed?  if so, have you opened the necessary ports?
<victoruiz> i can access via ssh
<victoruiz> I uninstalled apparmor at all
<nealmcb> apparmor is not a firewall
<victoruiz> and i disabled on startup the ufw
<nealmcb> thought it could cause similar problems
<nealmcb> have you tried looking in /var/log/messages?
<victoruiz> mmmmm
<victoruiz> no, i'll see now
<victoruiz> there is no log when i try to access remotely via JMX
<victoruiz> :(
<victoruiz> i can see in this log that after reboot, the system "start" up the link ethernet
<victoruiz> in localhost interface appears: Disabled Privacy Extensions
<victoruiz> loop: module loaded
<victoruiz> and finally: ip_tables: (C) 2000-2006 Netfilter Code Team
<victoruiz> but executing 'iptables --list' i can see that there is no rule
<nealmcb> victoruiz: have you tried using wireshark or tcpdump to see if packets are arriving or replies are being sent?
<nealmcb> are there firewalls elsewhere in the network?  have you tried using the nc command to probe the ports and see if they are denied, or just timing out?
<nealmcb> can you access the ports from the server itself?
<jdstrand> zul: wrt syncrepl, you mentioned you had to put apparmor into complain mode for slapd-- just for clarity, did the user have a non-standard configuration?
<sommer> jdstrand: I was able to use syncrepl without complain mode... just fyi
<victoruiz> i found that there is a bug
<victoruiz> https://bugs.launchpad.net/ubuntu/+source/netcfg/+bug/8980
<uvirtbot> Launchpad bug 8980 in netcfg "hostname -f does not return a proper FQDN" [Medium,Confirmed]
<sommer> I used the instructions in the server guide, so I'm not sure if there are other ways :)
<jdstrand> sommer: oh excellent
 * jdstrand puts syncrepl on his todo list for qa-regression-testing
<ScottK> victoruiz: There is a work around listed in the bug so you can resolve that issue.
<zul> jdstrand: yep
<ricketick> can a server use dhcp for it's networking?
<dmnd> i wouldnt do that
<dmnd> :)
<ricketick> the dhcp server uses mac address to provide the configuration, not address pool
<dmnd> then you could
<dmnd> but i wouldnt do it
<dmnd> if the dhcp goes dead
<mugwort13> hi all, I run an ubuntu server at work, I wanted a groupware platform to sync outlook 2007 & 2003 calendars.   Is Scalix a good choice?
<dmnd> and reboot
<dmnd> you're screwed
<ricketick> I mailed my ISP and asked for the correct gateway, netmask etc, and they replied "use dynamic settings"
<dmnd> heh
<dmnd> exciting
<dmnd> :)
<ricketick> does this mean I can't get a static network?
<ricketick> dmnd, what happens when the dhcp restarts? shouldn't it give me the same ip?
<uvirtbot> New bug: #227410 in bacula (main) "Catalog Backup fails because .my.cnf is not read" [Medium,Triaged] https://launchpad.net/bugs/227410
<ScatterBrain> Anyone having trouble with SSH disconnects on Hardy?
<ogra> ScatterBrain, that would be pretty well noticed on ltsp servers (we use ssh there by default for X transport), no, i havent heard of anything
<ogra> <-- ltsp maintainer
<ScatterBrain> Hmmm....
<ScatterBrain> I've been connecting via putty to a freshly built hardy machine and after a couple of minutes (max) I get terminated.
<ogra> anything n the logs ?
<jiqiren> ScatterBrain: is your connection idle before it terminates?
<ScatterBrain> nothing other than syslog restarting at 6:00'ish this morning.
<ScatterBrain> jiqiren: only long enough to do things like switch between windows.
<ScatterBrain> a couple of seconds tops!
<jiqiren> sounds like a duplicate IP to me, from another machine, what happens when you ping the IP? do you get 2 responses?
<ScatterBrain> Hmmm... intresting - never thought of that.
<ScatterBrain> lemme check.
<ScatterBrain> jiqiren: I think that may actually be it....I'm getting responses, but the times are wierd:
<ScatterBrain> <spam>
<ScatterBrain> 64 bytes from 10.200.8.56: icmp_seq=34 ttl=128 time=153 ms
<ScatterBrain> 64 bytes from 10.200.8.56: icmp_seq=35 ttl=128 time=0.184 ms
<ScatterBrain> 64 bytes from 10.200.8.56: icmp_seq=36 ttl=128 time=1.22 ms
<ScatterBrain> 64 bytes from 10.200.8.56: icmp_seq=37 ttl=128 time=0.173 ms
<ScatterBrain> 64 bytes from 10.200.8.56: icmp_seq=38 ttl=128 time=1.23 ms
<ScatterBrain> 64 bytes from 10.200.8.56: icmp_seq=39 ttl=128 time=1.28 ms
<ScatterBrain> 64 bytes from 10.200.8.56: icmp_seq=40 ttl=128 time=1.24 ms
<ScatterBrain> </spam
<ScatterBrain> .1 ms, then 1.23 ms?
<ScatterBrain> Not sure but that's odd.
<jiqiren> can you halt the machine (shutdown) then try to ping to verify?
<ScatterBrain> yeah...doing that now.
<mhm_jr> ricketick look into dynamic dns...it can be manged with ddclient if you are unable to get static IP's
<ScatterBrain> jiqiren: That's what it was.
<ScatterBrain> I'm surprised that DHCP did that!
<ScatterBrain> and that the other machine was still alive!
<jiqiren> coolio, well enjoy fixing dhcp. :)
<ScatterBrain> jiqiren: gee thanks!  =)
<ivoks> zul: here?
<zul> ivoks: yep
<ivoks> zul: we have a small but anoying bug in bacula (bug 227410)
<uvirtbot> Launchpad bug 227410 in bacula "Catalog Backup fails because .my.cnf is not read" [Medium,Confirmed] https://launchpad.net/bugs/227410
<zul> ok
<ivoks> i'm creating debdiff at the moment... i think we should push this into 8.04.1 or even asap
<zul> sure...
<zul> can you write up the test case as well?
<ivoks> yes
<zul> thanks
<docta_v> what file does debuild look at to set the package version number?
<ivoks> changelog?
<docta_v> cool thanks
<psufan> hi, what's the steps to install the stock 2.6.15-57 kernel source for a patch and recompile
<psufan> I need to patch against the nfs crash and burn bug
<psufan> hopefully this will result in a .deb I can install on the other blades
<ivoks> apt-get source linux-image-2.6.15-57-server
<psufan> I mean I been doing kernels since 96 but for this production enviorment i'd like to have standard steps I can teach to someone else
<ivoks> then patch it and compile it with debuild; you should talk to ubuntu-kernel for details
<psufan> ok is that the one with smp
<psufan> oh cool
<psufan> didn't know about that channel
<ivoks> i don't recall how it's done with dapper
<psufan> thx
<melter> does anyone know of any resources to help gentoo system administrators transition to ubuntu server?
<ivoks> heh
<ivoks> i'm not sure there's a lot to explain, except packaging system
<ivoks> and maybe config.d directories
<ivoks> i'm not sure gentoo has those
<melter> i'm having trouble getting things set up, dhcp client, firewall, etc.
<ivoks> network is set in /etc/network/interfaces (man interfaces for details)
<melter> for example, if i want to use dhcpcd to configure a dhcp client, where do i start?
<ivoks> firewall is... well... iptables :)
<ivoks> by default we use dhclient3
<melter> does /etc/network/interfaces work with all dhcp CLIENTs?
<melter> whether dhclient3, dhcpcd, etc.?
<ivoks> i'm not sure... never tought about that...
<melter> as for iptables, how do i save rules? how do i get the firewall to automatically start?
<melter> for example, in gentoo, rc-udpate add iptables default, and /etc/init.d/iptables save
<psufan> I wish you guys had just patched this in 6.06
<psufan> the kernel shitting itself I think is a pretty significant bug
<ivoks> psufan: did you report the bug? (i don't know what you are talking about)
<ogra> http://doc.ubuntu.com/ubuntu/serverguide/C/firewall.html
<ivoks> melter: no, there isn't /etc/init.d/iptables script
<ogra> there is ufw (in hardy)
<ogra> see the link above
<melter> i have a bash script that i maintain to set up iptables, do i just need to run that script every time i boot?
<ivoks> melter: that's how i do it
<ivoks> paste it in /etc/rc.local and that's it
<melter> ogra, i already have an iptables setup i use with gentoo, so i'd prefer just to reuse that
<ivoks> (before exit 0) :)
<melter> ivoks, ok, thanks
<ivoks> melter: one big thing is that /bin/sh isn't /bin/bash on ubuntu
<ivoks> so, if you have bash scripts, be sure to change #!/bin/sh into #!/bin/bash - i highly recommend that fot /etc/rc.local
<psufan> what is this git stuff
<ivoks> psufan: git? Linus's CVS :)
<ivoks> psufan: http://git.kernel.org/
 * ogra shaeds his eyes
<ogra> *shades
<psufan> this is so confusing and I remeber hacking a 1.1 kernel to run on 1.6 meg of ram
<psufan> all I want to do is apply a fix to the existing 2.6.15-51 source that prevents the nfs kernel crash and burn
<ivoks> :)
<ivoks> i gave up on kernel compiling 4 years ago
<psufan> yeah I am about to just update to 2.6.17
<melter> if rc.local is run at boot time, what is run at shutdown?
<ivoks> hehe
<ivoks> what version of ubuntu are we talking about?
<JaxxMaxx_> Is there a preferred .torrent tracker for the new version install ISOs?   or is everyone just using mirrors
<ivoks> basicaly, everything in /etc/rc0.d/* starts on shutdown
<mistiipu> i used a lan card direct pc to pc strategy to share internet to an another pc. now i added another lan card and for another pc to share internet but it is not seem to work. can any one guide me?
<mistiipu> <mistiipu> i have eth1 2 3       firestarter (firewall) says 1 is internet 2 is local 3 is ethernet.. i followed http://www.fs-security.com/docs/connection-sharing.php
<melter> ivoks, thanks, putting my firewall script in rc.local works great
<melter> i just changed "/etc/init.d/iptables save" to "[ -x /etc/init.d/iptables] && /etc/init.d/iptables save"
<melter> changed sh to bash, like you said, and added "exit 0" at the end
<melter> now the same script works with both gentoo and ubuntu :)
<ivoks> :)
<dthacker-work> Is there a logrotate wildcard you can use to treat all logs with the same retention, etc?
<dthacker-work> so in subdir /var/log/fancyco I can put the same lograte directives for /var/log/fancyco/loga.log logb.log etc?
<uvirtbot> New bug: #227267 in openldap2.3 (main) "package slapd failed to install" [Undecided,Incomplete] https://launchpad.net/bugs/227267
<andguen1> I'm upgrading from Dapper server to Hoary server, dealing with dependancy problems involving udev and hal -- anyone have a second?
<owh> http://tracking.landwide.com.au/ - this has been causing me grief for over 24 hours. For some reason I don't see its style sheet applied. On my VMware image it works, on my workstation it works but on my VPS it doesn't. Both VPS and workstation have en_AU.UTF-8, and VMware is POSIX. In addition...
<owh> there are some strange results with strings. The "strings style.css" output is in http://tracking.landwide.com.au/style.bob and the "strings index.php" is in http://tracking.landwide.com.au/index.bob
<owh> It does not appear to be a coding issue and a wget -d shows the same output in headers. Live Headers on Firefox shows the stylesheet being loaded on the VMware and workstation, but not on the VPS.
<owh> Anyone seen anything like this before?
<andguen1> I think we are pretty dormant tonight, and I've never gotten into css
<owh> VPS is running a Ubuntu LAMP install - apparently cobbled together with debootstrap. VMware is running Hardy Beta Server LAMP and workstation is running Gutsy.
<owh> andguen1: It doesn't appear to be a css issue.
<owh> I'm more concerned that the strings output of what is supposed to be just plain text is different from the text itself.
<owh> Any WAGs will be appreciated.
<andguen1> I just broke my route...... appearently established sessions are still working :)
<andguen1> I will click those links again when my router finishes upgrading
<owh> andguen1: Tah. I'll have some brekkie in the meanwhile :_
<owh> Back from brekkie...
 * flyback wants to know if ironman's rocket fuel is pure or freebased
<flyback> http://www.youtube.com/watch?v=TsZ3_oCjFnk#
<owh> andguen2: How is your route coming along?
<andguen2> turned out to be that upgrading squid made it cranky, bypassing manually for now.......
<andguen2> think its time to play with fire and reboot.... see what comes back up :)
<owh> Did you have the opportunity to have a squiz at those links by any chance?
<andguen2> I did glance them over, I saw nothing wrong, but again, css isn't my strong suit
<owh> andguen2: So you saw a page that rendered with images and colours etc?
<andguen2> I'm assuming that index.bob actually has a ?> to close the php, and strings just didn't find it
<andguen2> no, only text, i thought this was the output of strings
<owh> andguen2: What if you go to the main url: http://tracking.landwide.com.au/
<owh> andguen2: *.bob is indeed the output of strings
<andguen2> home page looks good, orange bars, a few images, a bit of text, all looks cleanly layed out
<owh> Which browser?
<andguen2> it refuses to give me a scroll bar on the side, i have to expand my window to read the bottom, but otherwise ok
<andguen2> I think its FF 2.0.0.14..... one sec
<andguen2> yes, i guessed correct
<owh> Thanks, that just made me pull out more hair. Thanks for your time andguen2
 * owh thinks a local workstation reboot might be a top idea :-|
<andguen2> FF 3 not working and FF 2 is?
<jay2> hmmmmm
<owh> andguen2: No, FF2 locally.
<andguen2> ooooook..... thats odd
<owh> Lemmie reboot and see if it magically goes away.
<andguen2> opera 9 something loads it correct and gives  a scrolling option too
 * owh has seen some weird stuff on the local workstation of late - freeze on hibernate, internal screen not working, etc.
#ubuntu-server 2008-05-07
<andguen2> this is all from XP pro
<andguen2> (work computer)
<owh> andguen2: Hmm, looking like it might be more my "testing" tools.
<owh> I'll reboot and have a look-see. Thanks again.
<owh> BRB
<andguen2> rebooting my router while we are at it..
 * andguen2 crosses fingers..
<jay2> hope it works out
 * flyback notes all of freenode is apprentely too stupid to realize he was making a jab at robert downy jr's cocaine habit
 * flyback YOU ARE ALL STUPID CANUCKS
<hads> http://www.ubuntu.com/community/conduct
<jay2> hmmm forgot to laugh there flyback :(
<jay2> stupid canucks was not nice at all
 * jay2 oh I am so confused currently
<hotmonkeyluv> does ubuntu server 8.04 have scsi support?
<Nafallo> of course
<hotmonkeyluv> is there an compatibility list somewheres?
 * flyback bites bitmouse
<flyback> CANUCK
<flyback> CANUCK
<bitmouse> hello
<bitmouse> is there a channel for discussions on minimal ubuntu installations?
<flyback> mabye embedded ubuntu or something
<flyback> ubuntu might not be the best for that
<hotmonkeyluv> is 9GB enough to install Ubuntu server?
<hotmonkeyluv> I plan on adding about 6gigs worth of programs and random junk to it.
<hotmonkeyluv> so, 3 gigs esentially
<hotmonkeyluv> probobly not enough...
<ogra> you should be fine with less than 2G for the install
<ogra> an ubuntu desktop install is usually a lot bigger and takes about 3.5G
<bitmouse> well my question is xfe + avman or thunar?
<hotmonkeyluv> ogra: thanks
<hads> bitmouse: Server or desktop?
<ogra> so i guess assuming 2G (even i suspect thats till way to high) is a good bet
<hotmonkeyluv> ogra: does that inclued lots of programming languages, database thingies, etc?
<bitmouse> desktop, hads
<hads> bitmouse: You're in the wrong channel then, a server install will fly into 2GB, for desktop stuff you'll want #ubuntu or something.
<ogra> hotmonkeyluv, no, but a commandline install is done in less than 800M so adding some server processes wont really extend that much
<hotmonkeyluv> ogra: ok, thanks!
<hotmonkeyluv> ogra: what does the "bootable" flag do?
<hads> Not a lot :)
<hotmonkeyluv> as in, nothing, or not much, b/c there is a big difference!
<hotmonkeyluv> lol
<hotmonkeyluv> "how much will this hurt?"   "not much".... "OW!"
<hotmonkeyluv> I have windows installed on this partition, and I need to know if I should have the bootable flag set or not
<hads> I know not of Windows.
<hotmonkeyluv> lucky....
<owh> So much for "R" in BRB.
<sommer> hey owh
<owh> Hi sommer.
 * owh has been pulling out hairs of late.
<sommer> heh, such is life
<owh> sommer: Just out of interest, what do you see when you visit: http://tracking.landwide.com.au/chris.bray/
<sommer> whoa, australia is a whole other continent?
<hads> Australia :)
<owh> Does it have a map type selector in the top right?
<hads> sommer: Australasia is the continent :)
<owh> Above the Landwide logo?
<sommer> owh: yeppers
<hads> owh: Yeah
<owh> What about an overview map in the bottom right?
<hads> Yup
<sommer> yep, I concur
<owh> Riddle me this then. If I do that on my Galeon or FF browsers I get a javascript error and don't see either of those. On a Hardy LiveCD I don't either and in FF, I only see a skinny map.
<Deeps> delete your profile and start again
<sommer> owh: weird... I'm using ff3 on hardy
<owh> Deeps: Well, I started with a new profile, but that made no difference. Lemmie try that again.
<Deeps> oh, ok
<hads> owh: Works here in both Konqueror and FF 3b
<owh> Well at least it works, I suppose that's something.
<owh> Now wouldn't it be great if it worked for the developer who made it also :)
<owh> On the LiveCD boot, running off a VM, it also doesn't work.
<owh> I wonder if there is a borked proxy server in between me and the world.
<owh> Don't suppose there's any bright ideas on how I might detect that?
 * owh wanders off to reboot the satellite modem.
<sommer> owh: I've used the firebug ff2 extension to troubleshoot websites, maybe that'll help track down the issue
<sommer> owh: you can look at the http communitcations with it
<owh> Well, at least it's consistent :-(
<owh> If I lock an account using passwd -l {username}, can I still connect using ssh and an authorized_key?
<sommer> owh: I think so... at leat I seem to remember someone recommending moving/removing ssh-keys
<sommer> owh: I guess it'd be easy to test :)
<owh> sommer: I'm trying to figure out a way to test it without locking myself out :)
<sommer> owh: heheh... I'd create a test user
<sommer> owh: then you can remove/setup without losing your normal account
<sommer> owh: I'd create the same user on the client and server... just to mirror real life
<owh> sommer: Yeah, that was where I was heading also. Then I wondered if the test account would barf if I needed sudo on it with a locked password. I'm thinking that given it says:"password changed", that's going to kill it.
<sommer> owh: I'd imagine... I usually rename the home directories to username.del whenver users leave, which disables the .ssh dir and if they're locked it should be access denied all around
<simonp> anyone have suggestion for mailman alternatives?
<owh> sommer: What I was wanting is a machine where I could only login with an ssh key, but if I lock the password, then sudo will likely bork, and I wanted to avoid a password login.
<owh> sommer: So I'm not removing access for a departed user, if you know what I mean.
<sommer> owh: oooohhh, I'm with ya.  I think you're right locking the password will kill sudo access
<owh> I suppose I could change the ssh config to refuse anything but keyed access.
<sommer> seems like there's a way to do that, pam module maybe?
<owh> I'll look into it once I've got this weird stylesheet/script/browser/hair pulling thing sorted out :-|
<ocyrus_> Is it easy to get xwindows onto the ubuntu server?
<sommer> ocyrus_: !servergui
<sommer> !servergui
<ubottu> Ubuntu server does not install a desktop environment or X11 by default in order to enhance security, efficiency and performance.  !eBox provides a GUI system management option via a web interface.  See https://help.ubuntu.com/community/ServerGUI for more background and options.
<sommer> heh, the wiki link should get you going
<ocyrus_> thanks
<sommer> np
<newz2000> hi, I'm having problems installing server, it's refusing to install grub because of some problem with updates (though this is an initial install in a clean kvm)
<newz2000> here's two screenshots showing the errors: http://people.ubuntu.com/~mnuzum/tmp/server/
<newz2000> anyone know how to work around this?
<sommer> newz2000: there was a bug with grub and kvm, I thought it was solved... but a work around is to use lilo
<newz2000> sommer: ok, thanks
<newz2000> worked perfectly, though I haven't used lilo in many years. I hope it doesn't need anything special.
<sommer> cool, should be basically the same... you can probably install grub later
<newz2000> ok, maybe this is the wrong place to ask, but I'm trying to get kvm working to host a test server... but my kvm instances gets an IP address of 10.0.2.15... I'm not sure what IP address I can use to ssh into it
<newz2000> anyone have any suggestions? (even for where I can get more information)
<ScottK> IIRC that's not a public address.  Your kvm is NAT'ed on the host.  From the host you may be able to use that IP, it may not be reachable.  Dunno.
<newz2000> it's not
<newz2000> is there a way for my kvm machine to get an IP address on the same lan that my wifi card gets one on?
<sommer> newz2000: I usually bridge the physical interface to allow for ssh.  the serverguide has instructions: https://help.ubuntu.com/8.04/serverguide/C/libvirt.html
<newz2000> sommer: bridging sounds like what I want... out of curiosity, have you used that with a wifi card? I'm curious if it works as well.
<sommer> newz2000: heh, I tried once a while back and if I remember right it didn't work as well as planned
<sommer> I do believe you can bridge a wireless nic though
<sommer> it'll just be slightly more complicated :)
<newz2000> I tried with vmware server and had some problem, but its been a while so don't remember what
<sommer> or it may need a different kernel module
<sommer> the other option is to setup a NAT to the vm... that's not covered in the serverguide, but the community wiki has instructions I believe
<mrpoundsign> Allo allo :)
<mrpoundsign> I am curious if there is an easy way to get the list of out-dated packages, and the changes in those packages, so that I can better determine which packages I want/need to update?
<mrpoundsign> (of course, after an apt-get update)
<sommer> apt-get upgrade -s, will print what the upgrade process will do without actually doing it
<mrpoundsign> sommer: yes, however, I am looking for the list of changes, like release notes. (as with the desktop version, you can see the changes)
<ScottK> mrpoundsign: apt-listchanges may be what you want.
<mrpoundsign> ScottK: thanks, I will look into that. :)
<mrpoundsign> ScottK: Do you know, offhand, how to get the list of packages from apt-get upgrade -s into a format readable by apt-listchanges --apt ? :)
<ScottK> mrpoundsign: No.  Sorry.
<mrpoundsign> Hmm, looks like apticron may be the answer :)
<ScottK> mrpoundsign: If you're using the official Ubuntu repositories, the answer to which updates you want is virtually certainly all of them.
<mrpoundsign> ScottK: Yeah, I am not that optimistic, yet.
<mrpoundsign> ScottK: Especialy since there can be minor upgrades that cause havoc in a development environment. As innocent as they may seem to the package maintainer.
<ScottK> mrpoundsign: For released versions of the distro, we are pretty careful.
<ScottK> mrpoundsign: I think a better bet is to just run a test server and try it and see.
<ScottK> mrpoundsign: If you ever get a regression you can then report it and hope to get it resolved.
<ScottK> It'll probably take less time/effort/money to deal with than deciding on updates one by one.
<mrpoundsign> ScottK: Totally understood. Doesn't mean that an update has not killed me before. I have been doing system administration for almost 15 years now. I have a test server, just want to get notifications when there are updates, and what they are, so I can run them through my own tests. :)
<ScottK> After release it takes a lot more than a package maintainer thinks it's a good idea to get something changed.
<ScottK> Sure.  I do too.  I just always update the test server first.
<mrpoundsign> ScottK: Oh, I agree. I like staying up to date.
<ScottK> Also, for non-security updates they go to the -proposed pocket for testing.  You can keep an eye on that and try stuff out.  If you find regressions, then it'll likely never get released (or fixed).
<mrpoundsign> ScottK: Awesome. Also want to know the urgency of updates, such as being notified of security updates, etc, independantly.
<mrpoundsign> independently, even
<ScottK> When you run apt-get -s install you can see which updates come from the security pocket.
<uvirtbot> New bug: #227592 in openssh (main) "openssh-server install does not create privilege separation user sshd" [Undecided,New] https://launchpad.net/bugs/227592
<Cartucci> Anyone have apt-mirror working with hardy
<uvirtbot> New bug: #227615 in mysql-dfsg-5.0 (main) "mysql failing to start due to permission errors" [Undecided,New] https://launchpad.net/bugs/227615
<mistiipu>  i just got a crossover connection for a pc (for internet sharing) got working. i just change the other pc by an other and it stoped working. it says a network cable is unpluged. why is that so?
<jay2> hmm good question there mistiipu!!!!!
<mistiipu> jay2 thx.
<blue-frog> what is the network config of the new pc
<jay2> I am not well experinced in that sort of situation at all :( unfortunatly
<blue-frog> oh it's a windows
<jay2> could be
<blue-frog> mistiipu: so?
<mistiipu> so what..
<blue-frog> what is the network config of the new pc
<mistiipu> 192.168.0.2 is its ip
<mistiipu> 255.255.255.0
<mistiipu> gw 192.168.0.1
<mistiipu> dns 192.168.1.1
<blue-frog> is it wndows or linux?
<mistiipu> but that dont matter........ it was working for a pc before. with same settings. i changed the pc. and it stoped working............
<mistiipu> the 2nd pc is windows
<blue-frog> when was the last time you have seen this windows pc working on the lan?
<saltedlight> hi. anyone can help me setup virtual hosts? i've searched on google, found some tutorials, tryed 'many' of them, but i just can't do it by myself...
<mistiipu> how to clear arp. do i need that?
<mistiipu> blue-frog just a minut ago
<blue-frog> mistiipu: and the cable is carefully plugged into the windows pc?
<mistiipu> ya
<blue-frog> the machine you disconnected is also a windows?
<blue-frog> well anyway, whatever it is..
<blue-frog> sorry can't help you with windows mystery
<jay2> and here I am an ops in #microsoft under undernet
 * rgl waves
<jay2> hi there rgl
<mistiipu> what i think now  is that. my pc. server. has saved some settings related to the old pc. and when i try to connect the new pc with same wire but (new pc has different lan card) it dont allows it?
<jay2> okay interesting hmm
<kraut> moin
<owh> sommer: Aaaaarg. The reason my web page was not working was AdBlock plus which "helpfully" blocked all of the items that had the word "tracking" in them :(
<hads> owh: Heh, convinient.
<owh> hads: I've been at it all day, and all of yesterday. So much for convenience :)
<hads> I hate it when it's something silly like that.
<owh> I knew it had to be, google wasn't helping, so it was obvious that it had something to do with me. I even went hunting through straces - joy.
<r2358> hi there...
<r2358> I have a problem with mysql installation on 8.04 server x64
<r2358> the post-install configuration script returns an error
<r2358> so the daemon doesn't start
<r2358> tryed in another machine (with generic kernel) and it was ok
<r2358> any clues?
<faulkes-> you would have to post the error
<r2358>  * Starting MySQL database server mysqld                                 [fail]
<r2358> invoke-rc.d: initscript mysql, action "start" failed.
<r2358> dpkg: error processing mysql-server-5.0 (--configure):
<r2358>  subprocess post-installation script returned error exit status 1
<r2358> Errors were encountered while processing:
<r2358>  mysql-server-5.0
<faulkes-> check /var/log/mysql.log (I think) to see why it thinks mysqld failed to startup
<r2358> ok...
<r2358> nothing there, just a blank file
<r2358> the same on mysql.err
<r2358> seems it never even starts
<r2358> maybe a dpkg problem?
<faulkes-> possibly
<_ruben> hmm .. mysql server installed/started just fine on my hardy jeos install yesterday (as part of an cacti install)
<r2358> yes, and also on my laptop with x64
<r2358> something weird...
<r2358> i think I'll try to solve it with dpkg and if not reinstall
<r2358> thanks guys...
<jay2> cool _ruben
 * Twigathy waves
<Twigathy> I'm having trouble with cheap-and-cheerful sata_sii based SATA controllers and was wondering if anyone had suggestions for something also reasonably cheap which could be used in mdadm software raid
<Twigathy> I have found this, but I don't know if it'll let me just see the disks as individual disks: http://cgi.ebay.co.uk/Adaptec-AAR-2610SA-64Mb-6port-SATA-RAID-Controller-NEW_W0QQitemZ250242239807QQihZ015QQcategoryZ96881QQssPageNameZWDVWQQrdZ1QQcmdZViewItem#ebayphotohosting
<hsn_> how to remove package if post remove script keeps failing?
<hsn_> dpkg --purge --force all is not enough
<hads> Depending on what the post-remove does and whether it's important you can exit the script.
<hsn_> its not important
<hsn_> should i edit script and add exit 0 to the top?
<hads> If you're sure it's not or you can do what needs doing manually then yeah, that's what I'd do.
<hsn_> its post rm script from db2exc package
<hsn_> package is broken, i will install standard db2 version
<hsn_> exit 0 worked fine.
<egoleo> hello
<egoleo> plse someone help me with how to install perl modules on ubuntu server 6.06
<LMJ> hi
<LMJ> I'm looking for advices : both my web email client & email desktop client support LDAP address book. Sound like I have to setup one. Anyone here already did that ? Some tips or links maybe ?
<LMJ> maybe there is a simple way to get synchronised contact over the network
<LMJ> sound like i'm going to the ldap way, nice tuts on interweb for my needs
<egoleo> anyone help me with install perl modules plse
<phil^> for most modules there are packages in the form of "lib<modulename>-perl"
<phil^> like "libwww-perl" or "libxml-parser-perl"
<phil^> imo you should try to avoid installation via cpan
<egoleo> ok
<egoleo> so i need for  Mail::POP3Client
<egoleo> or how can i search for this modules in the ubuntu repository
<phil^> mh a dirty way would be: apt-cache search perl | grep lib | grep mail
<phil^> most probably you'll need "libmail-pop3client-perl - POP3 client module for perl"
<egoleo> thnx
<LMJ> egoleo : you can also try packages.ubuntu.com
<egoleo> ok
<egoleo> thnx
<LMJ> http:// that is
<dthacker> phil^: curious why you avoid CPAN?
<Jeeves_> dthacker: Because it makes a mess of stuff? :)
<phil^> sorry I did not mean cpan.org in general. I wanted to say that I don't like to install system-software unless it is a debian package (which is easy to upgrade/uninstall etc)
<_ruben> LTS packages are supported, CPAN aint .. good enough i'd say
<dthacker> Jeeves: I haven't had  that experience on other Linux's but havent installed much perl on Ubuntu
<egoleo> yeah
<egoleo> i have been trying to install perl modules whole day and seems not to work with cpan
<egoleo> given some errors i dont even understand
<dthacker> ok, thanks for the feedback.
<egoleo> and given me something something imposible
<egoleo> but if install with apt-get
<egoleo> do i need to change my code or something?
<phil^> the modules should get installed under "/usr/share/perl5/" and you'd just use it via "use NET::FTP" (for example)
<mistiipu_> i made a pc share my internet connection by cross cable direct nic to nic connection. it worked. i changed the client pc and its lan card but with same cable and same settings. it was not working. i have checked cable and lan card. both are fine. i think there is some settings in the server (linux) that has been saved for that old pc. when i plug the new pc it says a network cable has ben unplugd?
<uvirtbot> New bug: #227178 in openldap2.3 (main) "Slave slapd crashes when doing syncrepl" [Undecided,Incomplete] https://launchpad.net/bugs/227178
<egoleo> hello guys
<egoleo> so is there no other way again to iinstall perl modules than cpan
<egoleo> or how do i install and pull all dependencies
<egoleo> bcos installing one by one is getting boring man
<Jeeves_> egoleo: What do you need exactly?
<egoleo>  IO::Uncompress::AnyUncompress qw(anyuncompress $AnyUncompressError);
<egoleo> use Mail::POP3Client;
<egoleo> use Email::MIME;
<egoleo> use Email::MIME::Attachment::Stripper;
<egoleo> use MIME::Parser;
<egoleo> all that
<egoleo> i was using this code on some machine
<egoleo> and now i moved to ubuntu server
<egoleo> and cpan not working
<egoleo> i need to install that modules to work well
<Jeeves_> cpan not working? :)
<egoleo> yes
<Jeeves_> That should work
<egoleo> what should work
<egoleo> cpan is not
<Jeeves_> apt-cache search the modules
<Jeeves_> And install them
<egoleo> is not
<egoleo>  Email::MIME::Attachment::Stripper
<egoleo> this forinstance i cant find it using apt-cache
<Jeeves_> egoleo: It's not in Ubuntu, it seems
<egoleo> hmm
<egoleo> so then how do i get this to work
<Jeeves_> Fix cpan :)
<egoleo> how?
<\sh> egoleo, packaging those modules is an easy task
<egoleo> and how plse
<\sh> egoleo, file some wishlist bugs on LP for intrepid...
<egoleo> any link to show me
<egoleo> ok
<uvirtbot> New bug: #227744 in openldap2.3 (main) "dapper upgrade to hardy: openldap silently refuses to start when unable to open SSL certificates" [Undecided,New] https://launchpad.net/bugs/227744
<ctx144k> hello all
<ctx144k> anyone know how deaktivate udev for eth* devices?
<ctx144k> i dont want a system that knows which mac-adress shouldby eth0 or eth1
<ctx144k> shouldbe
<Kamping_Kaiser> AFAIK, you cant
<ivoks> i didn't understand the request
<ivoks> you don't want system to connect mac address to interface name
<ivoks> or you want to customize it?
<ctx144k> i want a system that i can copy via dd - so if i copy a current system, after startup the system "knows" there is a new networking-.card with new mac-address. current card is eth0 - so it willbe create eth1
<ctx144k> so i want deaktivate that "feature"...
 * _ruben cant think of a situation where you'd really identical machines
<_ruben> with regard to hostname etc
<ivoks> ctx144k: you just need to edit one file
<ctx144k> which file?
<ivoks> ctx144k: /etc/udev/rules.d/70-persistent-net.rules
<ivoks> make it blank before creating the image
<ivoks> then, on reboot it will autogenerate for every computer
<ivoks> do that with /etc/udev/rules.d/70-persistent-cd.rules too
<ivoks> we should have ACL by default :)
<ctx144k> yes i know...  - but, i want it automaticly, so - anm easy way is it to rm that before starting networking
<crevette> hello
<crevette> it this chan is also for virtualization problem
<ivoks> i'm not sure if rm would work
<ivoks> ctx144k: cat /dev/zero >> $file should work
<ctx144k> yes... thnx
<ivoks> and... this has nothing to do with networking
<ivoks> this happens at boot
<crevette> it seems the kvm module is really unstable for m, I'm usig hardy
<ivoks> so, if you empty it, on reboot it will generate it self again
<crevette> rmmod'd the module make my machine stall
<ivoks> so, dd image with those files empty, 'paste' the image on new computer and reboot
<ivoks> crevette: laptop?
<ivoks> or server
<crevette> ivoks: a workstation, withcore  duo 6400
<ivoks> i have exactly the same proc and works fin :)
<ivoks> so, on rmmod kernel crashes or what?
<crevette> I'm not sure I only tired once and my display was totally freezed, and I was unable to stop the system
<crevette> tried
<crevette> I had also the kvm module making the kernel crash at shutdown
<crevette> it happen after I played with libvirt
<ivoks> crevette: did you report it as a bug?
<crevette> no, unfortunately
<crevette> I didn't had enought information to proovide
<ivoks> well, is it a problem if you crash that computer once more? :)
<crevette> I can tried to rrmod kvm but I won't have any log
<ivoks> wait a sec...
<crevette> except if I setup a kernel crash server
<crevette> :)
<ivoks> move to console (ctrl+alt+f1), login and stop gdm
<crevette> yeah yeah
<ivoks> then try rmmoding kvm
<crevette> it is not crash atm
<crevette> yeah
<crevette> let's try
<ivoks> it worked?
<crevette> If I don't reply, it's that crashed okay ?
<crevette> :)
<ivoks> oui :)
<crevette> not crashed
<ivoks> great...
<crevette> perhaps it seems related to libvirt
<ivoks> hard to tell without logs
<crevette> yeah
<crevette> anyway
<crevette> I'll try to look further
<zul> ivoks: around?
<ivoks> zul: yes
<ivoks> zul: but not for long :)
<zul> ivoks: k when you are ready can you send me your patch and test case I have a patch for that other bug as well
<ivoks> i've tested mysql part
<ivoks> i'll do other right now, so we can finish that chapter
<zul> ok thanks...
<cyris|> I have windows xp vpn clients that have locally installed printers on them. Is it possible to have these printers managed by cups ? even tho they are not installed on the server itself ?
<ivoks> sqlite and sqlite3 tested and working
<kingvin> can someone help me to install VMware on ubuntu 8.04
<kabendroth> where is the problem with VMWare and 8.04?
<uvirtbot> New bug: #227654 in mysql-dfsg-5.0 (main) "package mysql-server 5.0.51a-3ubuntu5 failed to install/upgrade: problemy z zaleÅ¼noÅciami - pozostawiony nieskonfigurowany" [Undecided,Incomplete] https://launchpad.net/bugs/227654
<ogra> soren, are there any further plans for ebox inclusion ?
<mathiaz> ogra: ebox is already in universe
<mathiaz> ogra: are you asking if we plan to move it to main ?
<_ruben> hehe .. installing kubuntu-desktop in hardy jeos .. ~650 pkgs to install :p
<psufan> sorry guys
<psufan> it's been fun
<psufan> never again
<melter> has anyone ever tried an OpenRC/Ubuntu merger?
 * melter ducks
<Goosemoose> ive been deploying ubuntu 7 for awhile using a tftp server. does anyone know of any docs on deploying ubuntu 8 the same way? i need to know whats changed with the preseed file. i'd also like the machines to automatically join a windows AD domain which I've heard is now possible
<Goosemoose> anyone have any sample preseed files?
<gladk> Hi all!
<melter> hello
<brewmaster_> is there any way to see / log the average load average over the course of, say, 1 day or x # of hours?
<gladk> Is it neccessary to reinstall the system from Gutsy to Hardy if the system is up to date?
<mistiipu> iam on a server that shares internet to 2 computers. i want to limit their bandwidth to 20k/s jointly pc1+pc2=20k/s and give them priority to my persoanal internet use on server.  secondly i dont want any of the two pcs suck all the bandwidth (by excesive downloading at a time or by torrents) and drain the others pcs band. (out of 20k/s). "i dont want any 3rd distro or another router. i use linux and want it to route".
<mistiipu> i think i need the tc command? where to read about it. and what else i need? thirdly i want to moniter each pc what he is doing. sniff internet. keep detailed records. (if he does any illegal activity eg.) see gui graphic speed graphs. etc. any app or guidance please?
<ivoks> ntop?
<ivoks> for bandwith shapping, right, tc, for fancy graphs - ntop
<ivoks> but i'm not sure ntop would catch illegal activities
<ivoks> you would need to log all the traffic for that
<psufan> I would rather use slackware
<psufan> than ubuntu-server again
<psufan> you fail
<ivoks> than use slackware; where's the problem?
<psufan> 2.6,15 has a nfs crash and burn bug
<psufan> and you dipshits think it's not worth patching 6.06lts
<psufan> then after I have to manually compile a kernel
<psufan> your whatever non standard shit you are using breaks .23 and .24
<ivoks> right... whatever man :)
<psufan> whatever IT'S DOCUMENTED IN 2.6.15 CHANGELOG
<psufan> K THX BYE
<psufan> errr
<psufan> .25
<ivoks> th thing is...
<ivoks> that you can't have whatever version of kernel with whatever verison of udev
<psufan> so what am I supposted to do then
<ivoks> so, backport a fix to 2.6.15 or wait for someone else to do it
<psufan> I can't wait
<ivoks> or upgrade to newer version of kernel and udev
<psufan> this is the 10th freaking time this blade has burned
<psufan> how do I update udev
<ivoks> well, you could update 6.06 to 8.04
<psufan> not possible
<psufan> "we don't touch production blah blah"
<psufan> i'd love to rip it out
<psufan> how do I update udev
<ivoks> but you do have a fix for 2.6.15?
<psufan> no the fix is to move to .17 or newer
<ivoks> ok, do you have any references to the bug?
<ivoks> like commit or something
<psufan> yes
<ivoks> i've used nfs on more than 20 machines without the problem
<ivoks> with 2.6.15
<psufan> https://bugs.launchpad.net/ubuntu/+source/linux-source-2.6.15/+bug/58170
<uvirtbot> Launchpad bug 58170 in linux-source-2.6.15 "Kernel race condition if nfs mounts present on real or virtual nodes [kernel BUG at lib/radix-tree.c]" [Undecided,Confirmed]
<psufan> bbl
<psufan> got a call
<mathiaz> Goosemoose: re AD domain - you should try likewise-open - there is a domainjoin-cli command to help join a machine to a domain.
<mathiaz> Goosemoose: you should try to use the preseed file from gutsy and see if they work for hardy - they should work - but some things have changed.
<mathiaz> brewmaster_: try sar and custom script - if you want more complete coverate, have a look at munin
<mathiaz> gladk: you can upgrade from gutsy to hardy - make sure that your gutsy system is up-to-date before upgrading to hardy.
<gladk> mathiaz: I need to update all packages?
<mathiaz> gladk: yes - you need to install all the gutsy updates before starting the upgrade to hardy
<gladk> mathiaz: is it really neccessary to update to hardy if all packages are updated?
<mathiaz> gladk: hardy is a new release - you don't have to update to hardy if you want to stick with gutsy
<mathiaz> gladk: gutsy is still supported for 1 year IIRC
<mathiaz> gladk: so you'll get security updates for gutsy as long as it's supported
<mathiaz> gladk: and you install the updates
<gladk> mathiaz: ok, thank you for response
<gladk> mathiaz: will wait a little bit, maybe will upgrade to hardy soon
<gladk> mathiaz: thanks
<zul> mathiaz: for the testcase for the dovecot SRU I should be able to run the testscripts to reproduce it correct?
<mathiaz> zul: yes - have a look at the scripts
<zul> mathiaz: ok
<Goosemoose> mathiaz, i was told that likewise-open was built into hardy, isn't that true?
<mathiaz> Goosemoose: likewise-open is available in hardy
<Goosemoose> ok, can i add the join command to the preseen?
<Goosemoose> preseed?
<mathiaz> Goosemoose: well - you'd have to specify the AD admininistrator password in the preseed file - so that wouldn't be a good idea
<mathiaz> Goosemoose: I don't know you can script it though.
<Goosemoose> hmm, i'd setup a separate account that could just join the domain
<Goosemoose> i dont want to manually do it on 300 machiens
<ivoks> psufan: cd /tmp ; wget http://launchpadlibrarian.net/8736376/linux-source-2.6.15_nfsv4client.patch ; sudo apt-get install git-core ; git clone git://kernel.ubuntu.com/ubuntu/ubuntu-dapper.git ubuntu-dapper ; cd ubuntu-dapper ; patch -p1 -i ../linux-source-2.6.15_nfsv4client.patch ; sudo apt-get build-dep linux-image-`uname -r` ; sudo apt-get install fakeroot build-essential ; fakeroot dpkg-buildpackage # at this point, you might want to hit the be
<J_P> hi all
<sommer> ivoks: heheh... that's awesome
<ivoks> sommer: :)
<J_P> ï»¿hey, anyone know if are there one tutorial for install plone 3 on 8.04, because in 8.04 default is the old plone 2.5 :-(
<ivoks> J_P: i'll have a production system very soon with plone
<mathiaz> Goosemoose: it should work - domainjoin-cli accepts the username and the password on the command line
<Goosemoose> ok
<mathiaz> Goosemoose: so you should be able to script domain joining using the late_command option in preseed
<ivoks> J_P: so, if you have a month of free time, you could wait until i sort everything out
<mathiaz> Goosemoose: but be aware of the security implication
<Goosemoose> sure
<Goosemoose> matiaz, have you seen an updated preseed? i've always had a few quirks with my current one
<mathiaz> Goosemoose: the alternate installation guide has a sample that should be up-to-date
<mathiaz> Goosemoose: https://help.ubuntu.com/8.04/installation-guide/
<_ruben> ivoks: nice "howto", too bad it got cut off ... ".. might want to hit the be" ;)
<Goosemoose> ok
<mathiaz> Goosemoose: if that is not enough, ask in #ubuntu-installer
<Goosemoose> ok
<ivoks> _ruben: eh, nobody's perfect
<Goosemoose> does http://archive.ubuntu.com/ubuntu/dists/hardy/main/installer-i386/current/images/netboot/netboot.tar.gz look right for the netboot? file doesn't seem to be there
<Goosemoose> found it http://archive.ubuntu.com/ubuntu/dists/hardy/main/installer-i386/current/images/netboot/netboot.tar.gz
<Goosemoose> just reallly slow
<_ruben> ivoks: i know, was mostly a "FYI"
<ivoks> :)
<Goosemoose> hmm, timing out
<_ruben> security.ubuntu.com wasnt working for me either earlier .. probably overloaded or so
<Goosemoose> grr, i think the site is down
<Goosemoose> yeah
<_ruben> use a local mirror
<_ruben> <countrycode>.archive.ubuntu.com :)
<Goosemoose> ok
<Goosemoose> US didnt work
<Goosemoose> but GB did
 * kees recommends se.archive.ubuntu.com -- it's screaming fast and I'm half way around the world from it
<Goosemoose> lol us is going at 900B/s
<Goosemoose> note, there's no K in thre
<Goosemoose> there
<ivoks> us mirror is broken all the time... what's up with that?
<Goosemoose> thanks kees
<kees> Goosemoose: speedier?
<mathiaz> us. is currently pointing to archive.ubuntu.com
<Goosemoose> kees, 45kbs
<kees> ivoks: I've been pondering trying to get kernel.org to be the us archive.
 * _ruben likes having a local mirror (at work atleast) .. usualy get about 20MB/s from it ;)
<soren> kees: *.archive.ubuntu.com.  CNAME se.archive.ubuntu.com. ftw!
<mathiaz> kees: kernel.org has so much bandwidth to spare ?
<ivoks> those scandinavien guys... :)
<ivoks> they'll take over the whole world
<_ruben> internet + scandinavia = win
<soren> I remember back when woody released (or was it sarge?)... It was announced on slashdot, and the comments were flying about how people should be downloading using bittorrent, or grabbing packages and jigdo them into iso's or whatever..
<_ruben> us dutchies arent doing all that bad either tho i think
<soren> ..at some point the ftp.se.debian.org guy just said: Just get the ISO's. We've got plenty of bandwidth.
<soren> On slashdot.
<ivoks> :)
<soren> Then you had better have a lot of bandwidth to spare. And they do.
<kees> mathiaz: well, it's more than london currently.  ;)
<ivoks> it must be the food...
<ivoks> or all that snow
<_ruben> :p
<soren> ivoks: Or all the crack we smoke.
<soren> Yeah, that must be it.
<Nicke> I like the quote from their webpage: "As we found out later, our activities had both filled an uplink two "hops" up from our university, at the Nordic University Network level to the point of warnings going off and made some DoS-alarms go off at the national level. All part of a fun release. "
<soren> which release?
<soren> I remember reading that, but I forget which release it refers to.
<_ruben> lol
<ivoks> ftp://ftp.se.debian.org/conspiracy/index.html
<Nicke> Breezy it seems
<Nicke> http://www.acc.umu.se/~maswan/2005-12-10/2gbit-freesoftware.html
<soren> Yeah.
<soren> Breezy was a good release :)
<Nicke> hehe
 * Twigathy goes to the University of Kent and the mirrorservice provides a rather good (read: maxes out my DSL line) ubuntu mirror :)
<soren> se.archive.ubuntu.com maxes out *any* connection I've ever been on.
<Twigathy> hehe
<soren> University, home dsl, previous company fiber... Whatever.
<mistiipu>  i hope i can do user1+user2=20k/s  in proxy server . squid?
<_ruben> hrm .. only getting 1MB/s from se.archive .. odd
<_ruben> crappy routing or so i guess
<_ruben> tested from an 1gbps uplink
<_ruben> ah .. it doesnt like that box's rdns :p
<mistiipu>  i hope i can do user1+user2=20k/s  in proxy server . squid?
<mistiipu>  a client on proxy can do anything like he is on his own dsl connection? until the server restricts something?
<ivoks> that's what proxy can be used for, yes
<kirkland> owh: ping
<kirkland> owh: did you ever hear back from Debian upstream on our lsb-functions status patch?
<kirkland> owh: the one that everything else depends upon?
<mistiipu> hm
<owh> kirkland: No, nothing.
<kirkland> owh: perhaps time for a bump?
<kirkland> owh: this would be the ideal timeframe for something like that to get committed for Intrepid
<nijaba> server meeting in 2 min in #ubuntu-meeting
<owh> kirkland: Yeah, I've been head down, but I'll put it on my ToDo list.
<kirkland> owh: thx.  let me know if you'd rather I do it, or you need some help with it
<Goosemoose> so anyone using  domainjoin-cli , im curious if it automatically allows login name/pwd from AD to work for logins
<ivoks> iirc, yes
<Goosemoose> ok
<owh> kirkland: Done
<owh> sommer: FYI, the headache with the non-rendering website yesterday was caused by AdBlocker which detected the "tracking" part of the hostname and "helpfully
<owh>  filtered" the style-sheet and the images :-|  --- 48 hours of my life I'm never getting back :-|
<sommer> owh: heh, I hate when that happens :)
<Goosemoose> does my tftp server have to be updated to hardy to deploy hardy to desktops?
<ivoks> no
<Goosemoose> ok
<_ZeuZ_> Hey guys, is there something like tcng for bandwidth managment for hosts under my LAN? Preferibly with some nice GUI....
<_ZeuZ_> if not, what possibilites do I have to manage the ammount of traffic a host can take from my WAN (Internet) on my LAN?
<_ZeuZ_> anybody who can hand me little help?
<_ZeuZ_> (for the above stated problem)
<ivoks> (we are in the middle of the meeting)
<_ZeuZ_> ivoks: Wow, sorry then... might I ask what meeting? ust curious for knowing if I can join it...
<ivoks> ubuntu-server team meeting
<ivoks> it's in ubuntu-meeting channel, if interested
<Nafallo> seems a bit quiet :-)
 * Nafallo waits for activity so his irssi can remember where it went :-)
<Goosemoose> ivoks, im getting told the the archive mirror does not have a valid release file on it. is that because the tftp server is running gutsy?
<ivoks> tftp is a protocol for serving content
<Goosemoose> yeah i realize. sorry i have an apt-get mirror on the machine
<Goosemoose> that the clients use as well
<ivoks> like apache servs html, tftp serves files
<Goosemoose> i thought apt-get would just get the new hardy files when the client tried to install hardy
<ivoks> so, you can have fedora 1 and serve hardy kernel to clients
<owh> ivoks: That would be sacrilegious :)
<ivoks> :)
<Goosemoose> hmm
<Goosemoose> im missing a step, sorry its been 6 months since i set this up for gutsy
<Goosemoose> its more than just the netboot file that controls the client install then
<Goosemoose> i installed the hardy netboot.tar.gz
<ivoks> you downloaded hardy netboot, right?
<Goosemoose> yes
<Goosemoose> maybe i need to update the apt-cacher
<Goosemoose> yeah the sources.list is still old, i think thats the issue
<Goosemoose> ok where can i get an updated sources.list file? this one has gutsy all over it
<_ZeuZ_> Goosemoose, you can edit it yourself, or, I guess you should have a spare copy of the default as a backup, if not take a gutsy one and change the gutsy for hardy
<Goosemoose> yeah i have the gutsy one, but the top lines have
<Goosemoose> deb cdrom:[Edubuntu 7.10 _Gutsy Gibbon_ - Release i386 Binary-2 (20071016)]/ gutsy main restricted
<Goosemoose> which i dont know what to change for hardy
<Goosemoose> although thats probably irrelevant on a network install
<_ZeuZ_> Comment that one if you're not using the CD for the new files
<Goosemoose> ok
<jdstrand> _ZeuZ_: thought it's cli, you'll want to see ufw for host-based firewalling on Ubuntu. https://help.ubuntu.com/8.04/serverguide/C/firewall.html
<_ZeuZ_> ufw? is that a metapackage?
<jdstrand> _ZeuZ_: no
<_ZeuZ_> just a package? :) what does it deal with? iptables + tcng or it has it's own engine?
<jdstrand> _ZeuZ_: it's just a frontend for iptables-restore/iptables-save
<jdstrand> _ZeuZ_: it's geared towards host-based firewalls, but is flexible enough for be used as a routing firewall
<_ZeuZ_> what about bandwidth managment?
<jdstrand> _ZeuZ_: check out the docs
<jdstrand> _ZeuZ_: no qos or traffic shaping yet
<_ZeuZ_> damn... I'm needing it...
<_ZeuZ_> is the nufw package for debian the same as this one?
<jdstrand> _ZeuZ_: no
<jdstrand> _ZeuZ_: ufw is new as of hardy
<_ZeuZ_> Hmm... sources avaible?
<jdstrand> apt-get source ufw
<_ZeuZ_> (I guess they should, bad question..(
<_ZeuZ_> The problem there is, does it append the rules or delete all and apply the list you create with it?
<jdstrand> _ZeuZ_: depends on the situation-- it tries to append and only reloads when necessary
<_ZeuZ_> Gotcha... Well, as for this is a noobish question (i'm ashamed of myself) but, after doing apt-get sources ufw I think it got installed instead of only downloaded the tar.gz, should I have specified the download only there?
<jdstrand> _ZeuZ_: apt-get source ufw will download the source pacakge and unpack it into ufw-0.16.2
<_ZeuZ_> got it, althought it seems it was installed since it created the /etc/ufw file
<_ZeuZ_> or it's called something like that xD
<jdstrand> _ZeuZ_: if you are running hardy it is installed by default, but disabled
<jdstrand> _ZeuZ_: 'man ufw' and the above link will help you get into it
<_ZeuZ_> lovely, didn't knew that...
<_ZeuZ_> would there be any problem to compile it on a debian etch  enviroment?
<jdstrand> _ZeuZ_: it's python, so shouldn't be a problem
<jdstrand> _ZeuZ_: I gotta go, but check the docs and have fun!
<_ZeuZ_> oops...
<_ZeuZ_> one last quesiton?
<_ZeuZ_> what about NATing? The tutorial does not show much there...
 * flyback eats 4 zyrtec
<_ZeuZ_> Any tool for QoS in Ubuntu Server?
<_ZeuZ_> how can I check how much has the cache of SQUID groiwth?
<Goosemoose> hmm, when doing aptitude update on my apt-cacher server
<Goosemoose> im getting a few Errors were encountered while processing:
<Goosemoose> on tftpd-hpa, ltsp-server and ltsp-server-standalone
<Goosemoose> what can i do about those?
#ubuntu-server 2008-05-08
<_ZeuZ_> Dunno, Havent ever have trouble with them... either way, what errors do they drop? dependencie trouble?
<_ZeuZ_> !QoS
<ubottu> Factoid qos not found
 * flyback goodnight all
 * flyback loves the smell of bleach and hydrocloric acid as he nukes all traces of mold in the house.   He also understands of those 2 mix = darwin awards
<saltedlight> hi. anyone know how to start verlihub at boot time and can give some advices on how to do it?
<vip> hello
<vip> I have installed ubuntu server and i am getting half the speeds on file copy that i get on windows.
<vip> anyone know about some setting that could be causing this problem ?
<ScottK> You're more likely to get a good answer to a question like that during the US/European work day.
<vip> ok thanks
<nomidnes> Hi all, I am having problems with installing the postgresql-8.3 package.. I get errors like: Error: initdb failed. and Error: could not create default cluster. Please create it manually with
<nomidnes> it is trying to use configs from: /etc/postgresql/8.3/main
<nomidnes> which does not exist...
<nomidnes> is that not meant to get created at install time?
<nomidnes> versions: postgresql-8.3_8.3.1-1_amd64.deb postgresql-common_87_all.deb
<nomidnes> as far as I can tell the two important directories (/etc/postgresql/8.3/main and /var/lib/postgresql/8.3/main) are not created or populated
<AtomicSpark> nomidnes, https://help.ubuntu.com/community/PostgreSQL
<AtomicSpark> that's as much help you're probably going to get right now since i've never installed it and everyone else is away at nights/weekends :P
<lucent> nomidnes: you're probably missing an important package
<nomidnes> aah right
<lucent> did you do "apt-get install postgresql" ?
<nomidnes> thats what I thoughts..
<nomidnes> *thought
<AtomicSpark> ^sudo
<uvirtbot> AtomicSpark: Error: "sudo" is not a valid command.
<AtomicSpark> ^ sude
<uvirtbot> AtomicSpark: Error: "sude" is not a valid command.
<nomidnes> # apt-get install postgresql-8.3
<nomidnes> runnig in sudo -s
<nomidnes> tried in synaptic at the start...
<nomidnes> what time is a good time to come back?
<ScottK> nomidnes: US/European work day tends to be best.
<lucent> nomidnes: unrelated, but you should always try to run "sudo su"  or "sudo -sH"
<lucent> never "sudo -s"
<nomidnes> yeah I use su otherwise
<lucent> the difference is in the environment
<ScottK> lucent: Actually sudo su can sometimes end you up with odd environment settings.  What you'd really want is sudo -i
<nomidnes> ok I will swap to that in the future...
<lucent> ScottK: interesting
<nomidnes> ScottK: what time is it currently?
<ScottK> Where?
<ScottK> 0353 UTC is what I have.
<hads> sudo -s is alight if that's what you are intending
<nomidnes> its 4pm here.. just want to get an approx time for me to come back in...
<hads> s/alight/alright/
<lucent> ScottK: sudo -i messes with PWD though
<lucent> I don't like that
<hads> lucent: What do see the problem as with sudo -s?
<lucent> hads: I use $HOME a lot
<lucent> it bothers me when I'm root UID but my $HOME is still that of the previous user id
<lucent> just doesn't seem natural
<lucent> much prefer sudo -sH
<hads> Fair enough. I can see that being useful for you but not really a case to say "never use sudo -s" :)
<nomidnes> lucent: how does that work?, sudo -sH results in sudo: please use single character options
<ScottK> nomidnes: Things should be more alive starting in about 4 or 5 hours and then stay that way for about 10 to 12 hours.
<lucent> well -s -H
<lucent> I mischatted
<nomidnes> Scottk thanks
<nomidnes> lucent: don't worry I should have realised to try that
<lucent> hads: -s -H prevents problems like new users saying "Why can't I access this file, it's in my home dir?"
<hads> nomidnes: 4pm? You in NZ?
<lucent> um... because it is root uid owned when you did something under sudo -s ?
<nomidnes> if I make a mess I just chown -R it
<lucent> :P
<nomidnes> hade: yeah
<nomidnes> *hads: yeah
<AtomicSpark> i'm confused. why not just use sudo? no options?
<hads> lucent: I can see what you're saying but if you argue that then you should argue to never use "sudo command" either.
<hads> AtomicSpark: No reason at all. Just discussing different ways to get a root shell.
<AtomicSpark> hads, ah i see. i'm not even sure of the other commands. i'm reading up on it now.
<lucent> hads: don't use "sudo -s"
<lucent> that's what I think.
<lucent> I've provided a valid reason not to use it
<hads> OK, I disagree :)
<lucent> I should say, I have provided a valid reason not to use it in the general case
<hads> lucent: Yes, but that same reason would apply to "sudo command". Do you recommend not to use that too?
<lucent> quit trolling me
<nomidnes> thanks all for the help
<nomidnes> I will be around later....
<lucent> nomidnes: best wishes, mate.  Once you get pgsql up and humping, there's a #postgresql channel on this IRC network which is quite awesome
<AtomicSpark> ah. -i is environment.
<lucent> highly recommend it for pgsql specific questions
<hads> lucent: I was actually trying to have a rational conversation but that's fine.
<nomidnes> lucent: yeah I have used that in the past.. Its just this machine that I am having issues on... Its my only 8.04 server one though.
<hads> nomidnes: I've got postgresql on a couple of Hardy boxes here, didn't have an issue.
<nomidnes> hads: amd64?
<hads> All x86
<nomidnes> I might have to make a chroot env or a vm of the x86
<nomidnes> just copy the files I need
<lucent> nomidnes: answers one of my quetions "What arch?" , the other question is was this a fresh install from Server, from Alternate, network boot, or an upgrade?
<nomidnes> lucent: sorry I missed that.. arch is amd64 its a fresh server install
<nomidnes> ooh. its from rc1
<nomidnes> hmmm
<AtomicSpark> nomidnes, rc1? you mean the beta?
<nomidnes> wonder if there are any compilcations..
<hads> nomidnes: There were changes to 8.3 late in the release cycle.
<hads> Don't know if they were related or not but I do recall changes.
<nomidnes> I only just tried to install it. portgres* was not installed
<hads> OK
<nomidnes> I will try the same thing on a clean install
<lucent> nomidnes: is a fresh install out of the question?  The RC releases specifically state they are not compatible with the final release
<nomidnes> I think that a fresh install it probably the thing that I am going to hav eto do...
<nomidnes> It is strange that this is the only issue that I have had
<lucent> sounds like a plan, I assure you it should work then
<lucent> if not, get back to me I'd like to know more about any potential problem
 * lucent points to his shiny amd64 machine
<lucent> have been holding out to mess with my OS on amd64 ;)
<nomidnes> I have an AD PDC running on it, LDAP with replication and a number fo other servers..
<nomidnes> aah, yeah I have been using amd64 for quite some time.. early on there were some painful teething issues
<nomidnes> now its reasonably easy
<nomidnes> AtomicSpark: http://www.ubuntu.com/testing/804rc
<AtomicSpark> i only use 64 bit for servers. can't be assed to mess with flash.
<nomidnes> flash?
<AtomicSpark> flash doesn't work in 64 bit firefox. gotta do the work around.
<nomidnes> aah right, I have had less issues with it recently
<nomidnes> anyway I will stay i channel and disconnect from this screen
<nomidnes> later all
<lucent> AtomicSpark: 32-bit chroot is what I do
<lucent> AtomicSpark: it does suck down quite a lot of disk space to do it
<lucent> overall it's user friendly
<lucent> I even have my little icon in GNOME be a launcher, and the script killall -9's the offending browser that has crashed (no doubt! I mean, flash crashes all the time)
<AtomicSpark> i haven't had crashing problems since i did a fresh install. just random firefox freezing. think thats a 3.0 related bug.
<lucent> AtomicSpark: firefox without flash has not crashed once on me
<lucent> with flash, it freezes and crashes regularly
<AtomicSpark> hmm
<hads> AtomicSpark: FF 3b crashes here too
<AtomicSpark> did you two do fresh installs? i never get the flash crash thing
<Centaur5> with every other flash video or application that is opened it crashes
<lucent> AtomicSpark: Adobe Flash
<lucent> swfdec and gnash were okay when they worked
<hads> AtomicSpark: Not flash crashing, FF 3b crashes occasionally.
<AtomicSpark> are you talking about on 64 bit?
<hads> x86
<AtomicSpark> weird. i never have problems anymore.
<AtomicSpark> i did fresh install 8.04 x86 w/ adobe
<osmosis> what the heck is this,  w83793 0-002f: set bank to 0 failed, fall back to bank 2, read reg 0x21 error
<AtomicSpark> they took your moneys
<LiraNuna> anyone knows of a PHP software that will manage events? Kind of like meetup.com, but personal
<LiraNuna> preferably opensource, I'd love to keep my server proprietary-free
<RoAkSoAx> anyone experienced with LVS clusters?
<uvirtbot> New bug: #228095 in php5 (main) "[Sync] Please Sync php 5.2.5" [Undecided,New] https://launchpad.net/bugs/228095
<sgrover> Is it possible to set up access to an NFS share with key authentication - something like SSH?
<lucent> I've never heard of that before, sgrover
<sgrover> I'm looking to find a way to do a secure connection to a local file server from a roadwarrior laptop without having to setup VPNs or any extra steps for the end user...
<lucent> why NFS?
<sgrover> NFS need not be the tool, but when I think file serving over a distributed network, I think NFS...
<lucent> sshfs is more popular for that sort of thing
<lucent> VPN is not difficult though
<sgrover> hmmm... thanks... part of my issue is finding the right words to describe what I want.. :)
<lucent> setting up an IPCop box with the zerina OpenVPN scripts takes an hour maybe
<lucent> it's all web interface and easy to generate/setup VPN connections
<sgrover> If VPN can be set up without any interaction from the user, I'd be for that.  (Already have IPCop setup with Zerina/OpenVPN)
<lucent> you're going to have to interact with the user for secure access
<lucent> why bother them with some odd filesystem? :)
<sgrover> guess it can be scripted - check if an Internet connection is possible, if run the openvpn command....
<lucent> um
<lucent> what OS is your target for the roadwarrior?
<soren> Are the guests Ubuntu machines, too?
<sgrover> lucent: what I'm after is a common file store so that I would have the same files available, regardless of where I am... and other users as well.
<lucent> yeah VPN and SAMBA is the way to do this, if you ask me
<sgrover> At the moment, I'm the guinea pig.  So Ubuntu on the server, local workstation, and laptop.
<lucent> Ubuntu Desktop has "nm-applet" network manager
<lucent> there's an add-on for VPN support
<lucent> it works beautifully
<sgrover> will do an auto connect when possible?
<lucent> no
<lucent> Cisco's VPN client doesn't do that
<lucent> I don't know any free VPN client that does auto-sensing or auto-anything really
<lucent> free-as-in beer when I say free
<sgrover> understood.. :)
<lucent> no mucking about on the commandline though and it integrates with the Gnome key store
<sgrover> The idea isn't fully formed yet, so sorry if I'm not doing a great job of describing this...
<sgrover> lucent: I'm ok with Bash scripting if/when needed.
<kraut> moin
<lucent> click, blah blah network connection (wireless in my case), click again to connnect to VPN,  choose it,  and done
<sgrover> and would be setting up all the workstations involved.
<lucent> what this does not allow for is multiple VPN connections
<sgrover> only does one at a time?
<lucent> yeah, at least that's how it operated when I used it a month ago
<lucent> on Gutsy
<lucent> I'm not making this up, I had a client that needed one thing or the other to get QuickBooks software working remotely
<lucent> my boss told me to use a VPN
<lucent> and so I did.
<lucent> it epic failed for QuickBooks (which fetches an entire 60MB file on open() ), but all the technology worked great and was not weird
<sgrover> lucent: I've worked with VPN, and know what you are getting at.  I'm picturing long term when I need to deal with users who may not have any clue what VPN is....
<sgrover> NFS would be perfect - if it didn't need to be locked down to particular IPs.  If I could apply keys like an SSH key, then it's a done deal...
<lucent> uh NFSv4 hrm with kerberos
<lucent> I don't know anything about that
<sgrover> hmm... I'm not favmiliar with Kerberos... other than knowing what it is...
<pschulz01> Greetings.. is there an easy way to find packages that supply particular perl modules?
<juliux> pschulz01, apt-cache search ;)
<pschulz01> eg. the latest version of bugzilla (3.0.4) requires PatchReader.
<pschulz01> juliux: Yep.. been doing a lot of that.
<pschulz01> Google google google
<T-Hawk> hey guys... i got a problem getting php5-mcrypt to work... i have php5-mcrypt installed via apt, and reloaded my apache server, but according to phpinfo (); there's no mcrypt extension, and the functions don't work
<T-Hawk> anybody?
<lucent> odd
 * Kamping_Kaiser wonders if there was an a2enmod that didnt happen
<\sh> Kamping_Kaiser, php5-mcrypt is a php extension...it's enabled in php.ini of /etc/php5/apache2/
<\sh> what bugs me more is this:
<\sh> PHP Warning:  PHP Startup: Unable to load dynamic library '/usr/lib/php5/20060613/imagick.so' - libWand.so.9: cannot open shared object file: No such file or directory in Unknown on line 0
<\sh> damn
<\sh> it needs to be recompiled with libmagick10
<\sh> it still compiled against libmagick9
<uvirtbot> New bug: #228049 in apache2 (main) "apache2-doc display Parse error" [Undecided,New] https://launchpad.net/bugs/228049
<babolat_> i'm not an expert in Ubuntu, but not exactly new. a matter of professional curiosity; if i have a standard installation of Ubuntu Desktop, will I be able to install Ubuntu Server on my desktop machine?
<\sh> babolat_, ubuntu-server is a subset of ubuntu-desktop... you can install the Ubuntu server on your normale WS for sure..so you have a nice CLI interface.
<babolat_> \sh: ok.. just loast u there.. *WS* ?? *CLI* ??
<\sh> babolat_, WS == workstation, CLI==command line interface
<babolat_> \sh, so, what do i need to make this work? a howto or a guide would be great.. it's been a week now since i have been wondering if i could host my website's files from my very own WS
<faulkes-> I'm not aware of any specific howto (although there are discussions on the forums and on the server ML)
<\sh> babolat_, as I said, ubuntu-server is a different seed of packages .. but all packages inside ubuntu-server you can install via the normal methods on your desktop....if you want to install Ubuntu Server (the iso image) you can do that the normal way you install -desktop...if you just need a webserver or dns ...just apt-get install <webserver> / <dnsserver>
<faulkes-> the easiest route to start, is simply install -server and then if you want desktop, install the ubuntu-desktop package
<faulkes-> and then do as \sh suggests with apt-get
<babolat_> faulkes-, desktop *in* the server??
<babolat_> \sh, sorry for being such a simian, but which packages do u mean by <webserver> / <dnsserver>
<\sh> babolat_, there is really no difference (only the server-kernel can be different)  between -server and -desktop ... only that -server comes with a minimal set of packages installed by default, and -desktop comes with a sh*tload of desktop stuff ;)
<\sh> the underlaying base is the very same for all ubuntu flavours
<\sh> babolat_, well, you decide what webserver package you need e.g. (apache2, lighttpd, <whatever webserver package we have>)
<babolat_> \sh, oh.. i gotta go read up on those server apps
<babolat_> \sh, i just want to install something that could accomodate php and mysql, and the standard web stuff.. which would u recommend?
<\sh> babolat_, apt-get install apache2 libapache2-mod-php5 mysql-server php5-mysql
<\sh> babolat_, with this you get LAMP
<babolat_> \sh, ok.. on it
<Nafallo> apt-get install ~lamp-server ?
<babolat_> \sh, thanks
<Nafallo> hmm some other character :-)
<\sh> Nafallo, hmm...yes...let's provide a virtual package ;)
<\sh> or adding a task in d-i for lamp ,->
<Nafallo> \sh: I was talking about the task that have existed for quite some years now...
<Nafallo> \sh: just don't remember the syntax to tell apt to install the task rather then look for a package.
<vip> can any one help with ubuntu file copy speed problems ?
<\sh> file copy speed problem?
<vip> yeah i installed ubuntu server on a server which has a sata hdd and a raid50 configured.
<vip> The file copy speeds are very sad
<vip> i had installed windows to test the speeds and i was getting double the speeds compared to ubuntu.
<vip> file copy (disk to disk)
<\sh> vip, hw raid5 or sw raid5?
<\sh> vip, which raid controller?
<vip> hw raid
<vip> intel raid controller
<vip> srcsatawb intel raid controller
<\sh> onboard? (as in desktop machine?)
<vip> no i've installed it on a server board
<vip> actually i have one sata hdd which i boot from.. same issue with that too.
<\sh> hmm..most likely more a kernel driver problem then...did you test with other distros, too?
<\sh> I'm running on areca sata raid controller on my servers and no problem with speed...it's even faster then windows...configured 4 raid 5 volumes over 16 500gb seagate disks
<vip> actually yes i had tested with slackware also.. it was slow there too. i always thought that linux would be faster.
<\sh> vip, depends on the driver code...I would push this problem more to the official kernel list...
<\sh> vip, and regarding the same speed problem on slackware, it's most likely a kernel driver problem...
<\sh> (not ubuntu or slackware problem imho)
<vip> hmm any advice on how i can deal with this problem ?
<\sh> vip, first report this to the kernel mailinglist (check http://www.kernel.org/)...mostly the driver maintainer will get in touch with you, and you can help to debug..
<\sh> that was fast ;)
<vip> thanks \sh i check it out.
<\sh> vip, or just change your raid controller to something more reliable...(hp servers with smartarray, areca sata raid6 controller...very fast, imho the fastest raid6 controller on the market)
<vip> sh: ive tried with different hardware also.. and got the same issue so i got confused.
<\sh> vip, different hardware means also a different raid controller, as in switch from the intel one to a whatever one?
<vip> sh: lets say i forget the raid controller.. on a normal machine with 2 sata drives i installed windows. I get very good speeds. disk to disk and over the network also. when i format and install linux over it.. the speeds are slow.. less than half. Even on this server raid is working at high speeds that the sata hdd, but on windows it was double this speed.
<\sh> vip, at home my desktop machine has an intel desktop board ... and connected I have 2 500GB sata drives...last week I had a windows installation on this machine, and the io speed on windows and linux were actually the same..
<vip> sh: which distrib did you use ?
<\sh> vip, hardy and winxp sp2
<vip> hmm
<vip> dunno :) im confused now
<vip> i used hardy and 2003 server
<\sh> actually it's hard to tell what is the bugger actually...I really guess there is a glitch between the board + the sata controller and the kernel drivers...depends how old the hw is..mostly older hardware is better supported  then newer stuff
<\sh> or just a different printing of the speed...and windows is just lying ;)
<vip> sh: hehe no i timed it.
<\sh> vip, well, then it's even inaccurate...ntfs vs. ext2 or ntfs vs. ext3 or ntfs vs.xfs ... it's hard to compare...what really is important is the io speed...
<\sh> iostat e.g. is a good tool to measure this...
<\sh> (for homeuse ;))
<\sh> vip, or spew when you need a stress testing io tool
<vip> sh:iostat good tool ? i'll check it right away then
<vip> sh: i just ran iostat and got Blk_wrtn/s = 28.55 Blk_read/s=455.48 and tps 3.07
<vip> sh: thanks anyways
<\sh> vip, iostat -m or iostat -k <to display mb/s or kb/s)
<\sh> vip, and if you need to watch it during a copy or mv...just do this: watch -n 1 iostat -t -m on one console and on the other start copying
<\sh> or iostat -m -t 1 <which does the same thing but prints everything on the console continuesly>
<blue-frog_> isn't ldap in hardy a bit screwed up?
<blue-frog_> authentication wise
<blue-frog_> installation wise as well. ldap.secret not created during install (thought the debcinf was saying it would create it)
<blue-frog_> created cn=admin wasn't it supposed to create cn=manager?
<sommer> blue-frog_: it's been cn=admin at least since dapper
<sommer> blue-frog_: probably the way it's packaged in debian
<blue-frog_> sommer: haven't I seen manager during debconf? hum gogin to reconfigure
<Kamping_Kaiser> has anyone tried running debmirror from a bash script? i'm getting "wierd" perl errors (just pastebinning atm)
<Kamping_Kaiser> http://paste.debian.net/2413/
<Kamping_Kaiser> thats the same bash script that contains debmirror (using the wrapper found on the wiki), and the script run from another bash script
<Kamping_Kaiser> might be of note - using a Debian 4.0 box to build an ubuntu mirror
 * _ruben whispers "apt-get install task^" to Nafallo 
<Nafallo> _ruben: thanks :-)
<Nafallo> _ruben: I was using the correct char, but put it at the end instead of the front :-)
<Deeps> or use tasksel
<_ruben> tasksel still has some bugs i think, or perhaps the fix has been released already (no proper exit code handling -> zombies -> stalled tasksel)
<_ruben> Kamping_Kaiser: closest i got is running debmirror from a cronjob
<Kamping_Kaiser> _ruben, mm. i've never really had problems with it before, and the lat few days its causing me hell (cant get the rsync mode working, and cant get it run from the script)
 * Kamping_Kaiser wanted a quick fix to a problem. it hasnt happened
<_ruben> strange
<Kamping_Kaiser> wonder if i'm running it in different environments. something that did work, stopped working and now works agian, and its annoying me. ( yes, i know "stopped working" isnt debug output)
<_ruben> ;)
<Kamping_Kaiser> _ruben, have you used rsync mode? i'm wondering if any ubuntu mirrors are rsync capable
<_ruben> Kamping_Kaiser: i tried it for a bit on the dutch mirror .. but has a limitation of 4 concurrent sessions (in total) which i ran into quite regularly, so i reverted to http
<Kamping_Kaiser> ok :/ probalby a per-mirror thing
<_ruben> think so
<kraut> does anybody know, how i send a magic sysrq via cyclades over ssh to a serial console of a server?
<Kamping_Kaiser> sorry no :/
 * Kamping_Kaiser larts au.a.u.c
<mistiipu> iam following http://www.ubuntugeek.com/sharing-internet-connection-in-ubuntu.html and getting following error. $ sudo echo 1 > /proc/sys/net/ipv4/ip_forward
<mistiipu> bash: /proc/sys/net/ipv4/ip_forward: Permission denied          any help?
<Kamping_Kaiser> mistiipu, `echo 1 |sudo tee /proc/sys/net/ipv4/ip_forward
<mistiipu> Kamping_Kaiser what is that comand echo > ... for and why isnt it working despit sudo ?
<Kamping_Kaiser> mindframe, echo simply means 'print to standard out'
<mistiipu> Kamping_Kaiser $ cat /proc/sys/net/ipv4/ip_forward
<mistiipu> 0
<mistiipu> user1@computer1:~$ echo 1 |sudo tee /proc/sys/net/ipv4/ip_forward
<mistiipu> 1
<ogra> tee -a
<\sh> mistiipu, sudo echo 1 will be executed as superuser, but the stdout redir not..
<mistiipu> hm
<mistiipu> thx
 * Kamping_Kaiser cant see what was wrong with the tee yet
<\sh> mistiipu, echo 1 | sudo tee <file> is doing this: it echoes the number "1" and redirects it to sudo tee which can write into proc fs
<ogra> in "sudo echo 1 > /proc/sys/net/ipv4/ip_forward" your sudo only applies to the echo command, the redirect gets done as the user
<mistiipu> hm
<ogra> who indeed has no write premission to /proc/sys/net/ipv4/ip_forward
<\sh> which is good
<ogra> right
<ogra> :)
<mistiipu> hm
<\sh> but i thought those stuff is done via sysctl.conf nowadays? ,)
 * mistiipu is talking to intelligent people
<\sh> mistiipu, old farts is more correct ,->
<ogra> hehe
<mistiipu> i have 2 interfaces to share internet. wish me luck
<mistiipu> well. i would say , then . iam a new dart
<\sh> ogra, do I see you at LT?
<ogra> i run the ubuntu grill
<ogra> thosten cant come so he pushed me in as last minute replacement :)
<\sh> ogra, ahhh....so there is a ubuntu grill again...
<Kamping_Kaiser> \sh, it is (meant to be)
<\sh> and this time I can attend to it :9
<ogra> mistiipu, i guess you want that as permanent setting, have a look at /etc/sysctl.conf for that
<mistiipu> hm
<mistiipu> ogra i do. but i am new to linux. i dont understand those al
<\sh> ogra, btw..you have telekom connect...what ip gives nslookup www.sourcecode.de for you?
<ogra> # Uncomment the next line to enable packet forwarding for IPv4
<ogra> #net.ipv4.ip_forward=1
<ogra> mistiipu, ^^^
<ogra> from /etc/sysctl.conf
<ogra> \sh, ogra@osiris:~$ nslookup www.sourcecode.de
<ogra> Server:		217.237.150.115
<ogra> Address:	217.237.150.115#53
<ogra> err
<ogra> sorry
<ogra> Non-authoritative answer:
<ogra> Name:	www.sourcecode.de
<ogra> Address: 78.46.72.38
<\sh> ogra, ah cool...
<ogra> better :)
<\sh> that was quick for telekom
<ogra> but thats a business line
<ogra> i dont use the common dsl nameservers with that
<\sh> now I only have to wait for CDC to catch up it seems ;)
<\sh> ogra, I don't care about private users ^^
<ogra> lol
<ogra> because the masses are using the more expensive DSL indeed :)
 * \sh uses real men internet connection...32mbit/s cable line...
<\sh> with 2mbit upstream...oh well, it sucks ;)
<ogra> yeah, 32M can suck a lot :)
<ogra> you probably can hear it slurping if you listen close to the modem :)
<Kamping_Kaiser> *grin*
<\sh> ogra, I can use my flute to provide some interferences to the line...;)
<ogra> haha
<\sh> ogra, btw...scottish or irish whisky?
<ogra> either is good :)
<mistiipu> do i have to do it with " or without "               Add the line ânet.ipv4.ip_forward = 1" to /etc/sysctl.conf
<ogra> as long as it is no burbon
<ogra> mistiipu, you just have to remove the comment sign (#) from the line
 * Kamping_Kaiser curses. my mirroring problem is back :( looks like debmirror (perl) has a hissy fit when i'm asking it to build on the existing mirror. this is despite being the same code as the other scirt, just run from a different location
<Kamping_Kaiser> s/location/script
<\sh> ogra, good...I'll need to get one bottle of good stuff for you at least
<ogra> mistiipu, so the line becomes:
<mistiipu> ogra sliy me. thx
<ogra> # Uncomment the next line to enable packet forwarding for IPv6
<ogra> net.ipv6.ip_forward=1
<mistiipu> ogra iam following http://www.ubuntugeek.com/sharing-internet-connection-in-ubuntu.html  . and i have 3 interfaces. one for dsl and 2 other for sharing. i have dong sharing for one. how do i share for the other?
<mistiipu> ogra and its ipv4 not ipv6
<ogra> right, ipv4
<ogra> well, the second should work as well, as long as your routing is proper
<mistiipu> i mean, do i have to follow same steps. all of them . all over again but with making the sharing eth2 instead of eth1 this time ? (done for eth1) ?
<Deeps> mistiipu: shouldn't need to
<Deeps> it should 'just work' on the other now too
<mistiipu> Deeps really ?
<mistiipu> Deeps the tutorial says to enter for one interface. eth1 in my case. and i havent done that for eth2,      (i get dsl on eth4) ...        ifconfig ethX ip
<mistiipu> where ethX is the network card and ip is your desired server ip address (Usually 192.168.0.1 is used)
<Deeps> sorry, you need to have configured eth2 to work on the network you want it to work on first
<Deeps> if it's not configured, it cant access any network, nor share, nor nothing
<mistiipu> Deeps all are configured. but iam talking about sharing
<mistiipu> internet
<Deeps> sharing shouldn't require any furhter configuration
<Deeps> the document you linked to show you should have done something likeiptables -t nat -A POSTROUTING -o eth4 -j MASQUERADE
<mistiipu> Deeps but i have configured eth1 only.
<mistiipu> Deeps yes.
<Deeps> that line configures sharing for all inbound connections to NAT via eth4
<mistiipu> oh. ic
<mistiipu> Deeps and what are inbound connections to nat?
<mistiipu> ifconfig ethX ip
<mistiipu> <mistiipu> where ethX is the network card and ip is your desired server ip address (Usually 192.168.0.1 is used)
<Deeps> your other subnets
<Deeps> eg, you can have eth1 listening on 192.168.0.1
<Deeps> eth2 litening on 10.200.10.45
<Deeps> as long as the computers on those subnets have their default gateway pointing to the relevant IP on the linux machine
<Deeps> NAT will happen
<Deeps> have you tried it yet?
<mistiipu> one is working
<mistiipu> let me check the other
<mistiipu> Deeps i configured for eth1 and its not working itself. link is up on client. but a cross on computer connection on server.       instead eth2 is working fine
<mistiipu> Deeps you there?
<mistiipu> iam following http://www.ubuntugeek.com/sharing-internet-connection-in-ubuntu.html done for eth1 (client) eth4 dsl connection. http://pastebin.com/m4bdf9f3a i configured for eth1 and its not working itself. link is up on client. but a cross on computer connection on server.       instead eth2 is working fine.  any help please ???
<uvirtbot> New bug: #228061 in samba (main) "Samba doesn't display the shared stuffs" [Undecided,New] https://launchpad.net/bugs/228061
<nasa> Hi,  I have a hardware raid card, I created an array and I can't find a way to partition it.  I get the following messages from dmesg:  [sdb] Very big device. Trying to use READ CAPACITY(16).
<nasa> [sdb] Sector size 0 reported, assuming 512
<nasa>  [sdb] 0 512-byte hardware sectors (0 MB)
<nasa> Anybody ever see this before?
<faulkes-> all depends on your raid card and the size of the array
<faulkes-> iirc linux/ubuntu has issues with arrays over 2TB
<nasa> I have a rocketraid card, using the opensource drivers
<nasa> The array is 1.5T
<ivoks> faulkes-: no it doesn't
<ivoks> faulkes-: pc partition table has issue with >2TB disks
<ivoks> nasa: how did you create the array?
<faulkes-> ivoks: just going on discussions I've seen in the forums where people have had issues >2TB+
<ivoks> nasa: with rocketraid's fakeraid?
<nasa> ivoks: I used the raid management software that came with the card
<ivoks> nasa: well, i'm sorry to inform you, but that's not raid card :)
<nasa> ??
<ivoks> nasa: you'll be better of with linux integrated software raid than with fakeraid on those cards
<ivoks> faulkes-: fdisk can't read big partitions, but parted can
<nasa> ivoks: parted doesn't even see sdb
<ivoks> nasa: do you know the model of that card?
<nasa> it's a rocketraid 2320
<ivoks> with two disks on it?
<ivoks> or... how many?
<nasa> ivoks: I actually have 7 drives on it...  5 are on a RAID-5 configuration (which is working fine.  I built that array on a 1740 card, and it was recognized right away).  I am building a RAID-0 (this attempt) with 2 drives
<ivoks> so, you have /dev/sda and /dev/sdb?
<ivoks> only those two?
<nasa> Correct
<ivoks> and when you run 'print' in parted, you only see sda?
<nasa> when I run "sudo parted /dev/sdb" it doesn't start/show anything
<\sh> for drives/raids with >=2TB you need an EIT/GPT partition table
<ivoks> \sh: right, but this one is 1.5 :)
<ivoks> nasa: just run 'sudo parted'
<ivoks> and then print
<\sh> ivoks, so...he has 2 drives and he wants raid0 from the card...
<nasa> ok
<ivoks> \sh: right
<\sh> it should give only one drive..aka volume in raid controller slang
<\sh> nasa, you build the raid0 device with this 2320?
<nasa> Yes, and I also have a raid5 array (sda) which isn't showing up with the print command under parted
<ivoks> nasa: so, what shows up then?
<nasa> ivoks: hold on sec, should have run "print all"
<ivoks> print all or print, should be the same
<gregbrady> In Open Office Calc, is it possible to open a file via sftp?  I have tried and it just keeps asking me for my password, which I supply correctly, and then gives "a general internet error has occured."
<nasa> It wasn't.  The all option added my raid5 array, but not the raid0 array
<\sh> sounds more like the controller doesn't like the raid signature
<\sh> or the kernel doesn't know anything about raid5/raid0 support for this controller
<stbain> greetings all
<ivoks> \sh: kernel is aware of the disk (there is /dev/sdb)
<ivoks> but it can't read it's size
<ivoks> nasa: try, from parted
<ivoks> nasa: parted /dev/sdb
<Deeps> nothing out of fdisk -l ?
<ivoks> nasa: mklabel gpt (this will/should remove everything on /dev/sdb)
<ivoks> fdisk should also be capable reading partition sizes on disks < than 2TB
<nasa> ivoks: it gives me the help menu....
<ivoks> nasa: are you using custom kernel or stock ubuntu kernel?
<ivoks> and which version of ubuntu?
<Deeps> fdisk -l should list all disks, sizes and partition tables
<\sh> ivoks, so something is fcked up with the device in general...mostly the raid is not fully builded...but raid controller gives back the info to the kernel about the two devices...
<nasa> I'm using the stock ubuntu server kernel
<nasa> The latest version
<ivoks> \sh: but first device, raid5, works ok
<nasa> ivoks: yes
<nasa> I'm figuring that it works because I partitioned it on another card/system
<\sh> ivoks, no it doesn't if nothing gets the size of the device...something is wrong there...bios of the controller, kernel driver or whatever it needs to get the real size
<ivoks> nasa: could you reboot and enter controller's mngmnt bios?
<ivoks> \sh: raid5 works, raid0 doesn't - there are two logical disks
<\sh> ivoks, and building a raid on another controller is evil...
<nasa> Yeah, what would I be looking for?
<zul> mathiaz: for that openldap silently refuses to start when unable to open SSL certificates bug couldnt we do somehting like "main: TLS init def ctx failed: -64 [HINT: check your ssl certificates]"
<ivoks> nasa: check if everything is ok :)
<nasa> Yeah, I have checked the bios before and everything looks as it should
<AtomicSpark> if you're using a raid controller, linux doesn't need to know anything about the raid. it shows it as a disk.
<ivoks> nasa: well, maybe your controler doesn't like logical disks from another controller :)
<AtomicSpark> well if you implement hardware raid like you're supposed to
<ivoks> AtomicSpark: well, it need raid controller driver
<AtomicSpark> oh. well that's true.
<AtomicSpark> it doesn't have a driver? that's odd.
<ivoks> it does...
<nasa> No, it does have a driver and it seems to be working
<AtomicSpark> ah. so what's the problem?
<ivoks> driver 'sees' both logical disks
<ivoks> but can't read size of the second logical disk
<AtomicSpark> that's... interesting
<\sh> rocketraid 2320?
<nasa> Yeah
<mathiaz> zul: you mean updating the bug description ?
<AtomicSpark> did you make both at the same time? did you forget to initialize it?
<ivoks> it's very important to note that first logical disk (which works) was transfered from another controller
<\sh> aye...it's highpoint...
<AtomicSpark> ah i see. maybe you did forget to initialize the drive :P
<ivoks> nasa: could you disconnect first logical disk (well, all the disks in raid5), with only two disks from raid0 conneted?
<ivoks> and then boot up server installation
<ivoks> and check if you can see the disk
<mistiipu> i followed http://www.ubuntugeek.com/sharing-internet-connection-in-ubuntu.html but it didnt worked for me. how can i revert?
<nasa> AtomicSpark: No, I did initialize the drives.  No, the 2 arrays were created at different times
<zul> mathiaz: I mean updating the error message so its a bit less cryptic like they do in apache
<ivoks> mistiipu: reading that from bottom up
<AtomicSpark> mistiipu, buy a router, they're cheap ffs. :P
<nasa> ivoks: you mean pull the sata cables for the raid5 array from the card and then try rebooting...?
<ivoks> nasa: right
<mathiaz> zul: well - I'd add a check to verify if the cert and key files can be read - and log an error if not
<ivoks> nasa: but pull them out while computer is powered off :D
<ivoks> mistiipu: there are two commands you need for internet sharing
<\sh> http://www.linuxquestions.org/questions/linux-hardware-18/rocketraid-2320-problem-fedora-8-615988/ ;)
<nasa> ivoks: yeah, I can try that -- but it will be a while (server is in another room)
<mistiipu> AtomicSpark hm
<mistiipu> ivoks ic
<mistiipu> ivoks which ones
<mistiipu> ?
<ivoks> mistiipu: first: echo "1" > proc/sys/net/ipv4/ip_forward
<\sh> hmm...rocketraid drivers are in ubuntu kernel?
<mistiipu> ivoks and?
<ivoks> mistiipu: second: iptables -t nat -A POSTROUTING -j XYZ -j MASQUERADE
<ivoks> where XYZ is your WAN interface
<mistiipu> ivoks i told you i followed that
<mistiipu> i followed http://www.ubuntugeek.com/sharing-internet-connection-in-ubuntu.html but it didnt worked
<ivoks> mistiipu: well, you did something wrong, cause that works :)
<zul> mathiaz: well yeah it does that already when it initalizes the tls context but that error message is cryptic I agree
<mistiipu> ivoks may be i dont know how to make ip settings
<nasa> \sh: no, I had to compile them
<ivoks> mistiipu: you don't need any ip settings
<\sh> nasa, aha
<ivoks> just those two commands
<mistiipu> ivoks well i did that. and the internet was not shared
<\sh> nasa, well, following google this controller gives people more headaches then it helps
<\sh> http://ubuntuforums.org/archive/index.php/t-311723.html
<ivoks> \sh: nasa maybe that controller supports only one logical disk
<ivoks> cause, i was *very* surprised when I noticed that it is some kind of hardware raid :)
<\sh> ivoks, it looks like it...raid5+raid0 no go..but raid5+2 disk is also dangerous to setup
<nasa> ivoks: Nope, thier website clearly states it supports multiple logical disk
<mathiaz> zul: where is this error message coming from ?
<mistiipu> ivoks eth4 is for my dsl.   eth1  2 face 2 pcs
<mathiaz> zul: is it from openldap or gnutls ?
<mistiipu> nevermind. ill just buy a switch.
<zul> mathiaz: openldap
<ivoks> mistiipu: great, then XYZ is eth4
<ivoks> and eth1->3 should have set up ip addresses
<mistiipu> ivoks yes. i did exactly the same
<mathiaz> zul: so it's just a matter of replacing the log message string.
<\sh> nasa, where do you get that from?
<zul> mathiaz: pretty much....not that hard to do
<mistiipu> ivoks what settings should i do in eth 1 2 on server and what about clients?
<mathiaz> zul: well - not sure - actually - there may be some other errors thrown by gnutls when initializing the context
<ivoks> to make things easier: eth1: 192.168.1.1, eth2: 192.168.2.1
<mathiaz> zul: ex a bad private key
<ivoks> clients, first: 192.168.1.2, second: 192.168.2.2
<mathiaz> zul: or the private key and the cert don't match
<zul> true but that would be another error number
<ivoks> router 192.168.[12].1
<mathiaz> zul: right - I haven't looked at the code - but we should not log an error message about wrong permission if it's not the case
<\sh> nasa, honestly I don't read anywhere from their specs that it supports 2 different raid modes
<mistiipu> ivoks theres not router opton. just ip. netmask. broadcast. dns
<\sh> I could think of that it support raid 0 + raid1 in general, but raid5 + raidX I don't think it works
<ivoks> mistiipu: on clients? there must be router
<mistiipu> ivoks windows clients. just dns. and default gw
<nasa> \sh: Just a moment
<zul> mahiaz: I agreee I was thinking something like "main: TLS init def ftx failed: <number> [HINT: Check SSL configuraton]"
<ivoks> mistiipu: router=gateway
<mistiipu> ivoks why it should be 12.1?
<ivoks> for the love of god...
<ivoks> 192.168.1.1 or 192.168.2.1
<ivoks> 192.168.[12].1 was easier to write
<mistiipu> oh ..
<mistiipu> got it
<mistiipu> dns?
 * ogra wonders if god really loves 1 and 2 more than 12
<ivoks> dns of your isp
<nasa> \sh: go to http://www.highpoint-tech.com/ select support, then FAQ, then general SATA questions -- it's question #5
<mistiipu> ivoks my isp?
<mistiipu> ivoks my isp or my dsl router ip. 192.168.1.1
<zul> ogra: well yess he does then it wouldnt be first or second in our hearts
<ivoks> dns of your isp
<ogra> heh
<mistiipu> hm
<ivoks> check /etc/resolv.conf on your ubuntu machine
<ivoks> those are the two you need
<mistiipu> nameserver 192.168.1.1
<ivoks> so, your ubuntu is not the router
<mathiaz> zul: could you check the return code of the TLS init def - and log an appropriate message if it's related to wrong permissions ?
<\sh> nasa, aeh multiple raid arrays doesn't mean multiple arrays of different levels...
<mistiipu> ivoks net mask?
<mistiipu> ivoks no
<ivoks> your ubuntu has another gateway
<zul> mathiaz: sure
<mistiipu> ivoks its my dsl modem router ip
<mistiipu> ivoks net mask?
<ivoks> mistiipu: uhh...
<mistiipu> 255.255.255.0 for both
<\sh> nasa, and you did disable the linux internel highpoint ide support?
<ivoks> [adsl modem-192.168.1.1]->[ubuntu box 192.168.1.2]
<zul> mathiaz: looks like that happens in  ldap_init_tls_init_ctx in libraries/libldap/tls.c
<ivoks> client1 [ubnutu box 10.0.1.1]->[client1 10.0.1.2]
<nasa> \sh: internel highpoint ide support?
<\sh> internal ;)
<ivoks> client2 [ubnutu box 10.0.2.1]->[client1 10.0.2.2]
<ivoks> client3 [ubnutu box 10.0.3.1]->[client1 10.0.3.2]
 * nasa needs to work on his typing...
<\sh> nasa, faq -> linux -> topic 6
<mistiipu> ivoks and while making the eth1 2 on the server i should set their ip to 192.168.(12).1  . right?
<ivoks> mistiipu: you should really get familiar with networking basics if you want to set up network
<\sh> nasa, but the most convinient way is to call highpoint support and ask if it's really possible to have raid5+raid0 mixed on the controller
<mistiipu> ivoks well i did al that. but it didnt worked. not even pinged. i desabled firewall and it did pinged but no internet still
<ivoks> mistiipu: no, set them to 10.0.[12].1
<ivoks> cause your ruter already has 192.168.1.1
<ivoks> you can't have your computer on that address too
<ivoks> it won't know where to route packages
<ivoks> packets
<mistiipu> ivoks actually i set them eth1 to 192.168.0.1 (server)  192.168.0.2 (client)      .11.1  and .11.2 for eth2
<ivoks> ok, great
<mistiipu> ivoks well i did al that. but it didnt worked. not even pinged. i desabled firewall and it did pinged but no internet still
<nasa> \sh: I will have to do that
<ivoks> mistiipu: cause you didn't set up dns
<mistiipu> on client side. i set dns as 192.168.1.1
<ivoks> mistiipu: dns is 192.168.1.1
<mistiipu> :) ^
<mistiipu> and gw as as .0.1 and .11.1
<mistiipu> on clients side ^
<ivoks> right
<Deeps> can you ping 64.233.183.99 on any of your clients?
<mistiipu> and it didnt shared internet. only clint was able to ping when server firewall was off
<mistiipu> Deeps i cant open an site from clients.
<ivoks> what server firewall?
<mistiipu> firestarter
<\sh> ok...heading home
<nasa> bbl: after I talk with highpoint....
<ivoks> uh...
<Deeps> mistiipu: thats not what i asked
<ivoks> mistiipu: kill all firewalls on all computers
<mistiipu> ivoks i disabled fs
<mistiipu> stoped*
<mistiipu> Deeps no.
<ivoks> mistiipu: are you sure iptables tables were empty? i'm not.
<Deeps> sounds like either ip forwarding isn't enabled, or it's not natting
<ivoks> you can't stop firewall
<ivoks> you can set it up or flush it, you can't stop it
<mistiipu> ivoks hm.
<mistiipu> so . then
<mistiipu> ?
<ivoks> did you set everything up?
<mistiipu> i should add rules in firewal to allow 192.168.*.* ?
<mistiipu> yes
<ivoks> cat /proc/sys/net/ipv4/ip_forward
<ivoks> what does it return?
<mistiipu> wel it would do 1
<ivoks> 0 or 1?
<mistiipu> but i reverted it
 * Deeps grins
<mistiipu> ivoks if you say so . ill give a second try
<ivoks> go to computer with ip 11.2
<ivoks> and ping 192.168.11.1
<mistiipu> k
<mistiipu> it pings when fire s is stoped
<ivoks> i repeat, kill/stop/flush/disable all firewalls on all computers
<mistiipu> just a min
<mistiipu> i reverted all settings. which 2 comands you said i want to use for sharing?
<mistiipu> sudo iptables -t nat -A POSTROUTING -o eth4 -j MASQUERADE
<ivoks> iptables -t nat -A POSTROUTING -o eth4 -j MASQUERADE
<mistiipu> and?
<ivoks> echo 1 > /proc/sys/net/ipv4/ip_forward
<mistiipu> $ sudo echo 1 > /proc/sys/net/ipv4/ip_forward
<mistiipu> bash: /proc/sys/net/ipv4/ip_forward: Permission denied
<mistiipu> user1@computer1:~$ echo 1 |sudo tee /proc/sys/net/ipv4/ip_forward
<mistiipu> 1
<ivoks> ok
<mistiipu> cool?
<mistiipu> ok
<mistiipu> now
<ivoks> now ping 11.1 and 0.1
<mistiipu> from serveR?
<mistiipu> ops.
<mistiipu> sory.
 * mistiipu going to the clients
<ivoks> no, from clients
<mistiipu> no
<mistiipu> it dont pings
<mistiipu> if i click on 'stop' at firestarter. it does pings. but no internet ivoks
<ivoks> well, then you didn't setup IP addresses correctly
<ivoks> i give up
<ivoks> i've told you three times to stop all firewalles on all computers
<mistiipu> server ip. 192.168.0.1 maskt 255.255.255.0 broadcast 192.168.0.255   .        client 192.168.0.2  mask 255.255.255.0  def gw 192.168.0.1   dns 192.168.1.1
<ivoks> the thing is that firestarter flushes and disables masquerading
<mistiipu> hm.. really ?
<ivoks> as i said, there's not 'stoping firestarter' - there's only flushing
<ivoks> and since you flused your iptables, it doesn't masquerade
<mistiipu> so what can be done?
<mistiipu> i uninstall fs?
<ivoks> anybody?
<mistiipu> anybody?
<mistiipu> what
<mistiipu> should i uninstall fs?
<mistiipu> ivoks
<ivoks> mistiipu: you should do what i told you couple of times - disable firewall
<ronnieredd> i just got here - what's wrong?
<ivoks> after you do that, then start setting up everyting
<zul> mathiaz: something like this http://pastebin.com/d49d2a5e
<ronnieredd> U have a rule setup for LDAP in fs?
<mistiipu_> ivoks sory i was disconected
<mistiipu_> so ?
<mistiipu_> ivoks you there
<ivoks> mistiipu_: i'm not sure what else i could tell you?
<mistiipu_> ok. should i remove firesaterter?
<ivoks> just disable it or stop it or whatever
<mathiaz> zul: hmm... I wouldn't put in DEBUG level
<ivoks> run those two commands and it will work
<mathiaz> zul: it's at least an warning, if not an error.
<mistiipu_> ivoks ok. what do you think can be wrong
<zul> ok Ill change that
<ivoks> mistiipu_: nothing is wrong,
<mistiipu_> then why isnt it working
<ivoks> did you disable firewall?
<ivoks> can you ping server from clients?
<mistiipu_> yes
<mistiipu_> yes
<ivoks> great, can you ping 192.168.1.1 now?
<ivoks> from clients
<mistiipu_> no. let me check
<mistiipu_> i just pinged 0/11.1
<ivoks> ping 1.1 (or whatever is you ADSL modem)
<zul> mathiaz: I changed it to a fprintf and it goes to stderr
<mistiipu_> ivoks i cant ping 1.1
<mistiipu_> ivoks it gives me a dhcp ip. does that had to do with anything?
<ivoks> ok
<ivoks> no
<mistiipu_> k
<ivoks> now, on server, check:
<ivoks> cat /proc/sys/net/ipv4/ip_forward
<mistiipu_> 0 :(
<ivoks> change to 1
<mistiipu_> done
<mistiipu_> now
<mistiipu_> ?
<ivoks> iptables -t nat -A POSTROUTING -o ethX -j MASQUERADE
<ivoks> where X is interface connected to modem
<mistiipu_> done
<ivoks> now try pinging 192.168.1.1
<ivoks> from clients
<mistiipu_> nop
<mistiipu_> no ping
<mistiipu_> it only pings to 0.1
<ivoks> what's the interface that gets ip from modem's dhcp?
<ivoks> you said eth4, that means you have 5 network cards in computer... :)
<mistiipu_> working
<mistiipu_> i think its browsing. but not pinging 1.1
<mistiipu_> and there was a message some time ago
<mistiipu_> let me copy that
<mistiipu_> Server Error in '/' Application.
<mistiipu_> --------------------------------------------------------------------------------
<mistiipu_> Runtime Error
<mistiipu_> Description: An application error occurred on the server. The current custom error settings for this application prevent the details of the application error from being viewed remotely (for security reasons). It could, however, be viewed by browsers running on the local server machine.
<mistiipu_> now its working fine
<mistiipu_> but not pinging 1.1
<mistiipu_> <configuration>
<mistiipu_>     <system.web>
<mistiipu_>         <customErrors mode="Off"/>
<mistiipu_>     </system.web>
<mistiipu_> </configuration>
<ivoks> stop flooding the channel
<nealmcb> !paste
<ubottu> pastebin is a service to post multiple-lined texts so you don't flood the channel. The Ubuntu pastebin is at http://paste.ubuntu.com (make sure you give us the URL for your paste - see also the channel topic)
<mistiipu_> sory
<mistiipu_>      -------     ivoks    -----      rocks !!
<mistiipu_> thanks !
<mistiipu_> every thing seems working....
<mistiipu_> ivoks should i give you a bit of more head ache?
<ivoks> no
<mistiipu_> ivoks i think i need tc command. i read the man. but it gave me headaches.         i need eth1+eth2=20k/s dl limit and 4k upload       and i dont want any eth user to consume all the trafic (while both eth1 and eth2 are online) and drain bandwidth from the other. any help?
<mistiipu_> ivoks i need a firewall firestarter. i only get internet while its desabled. any solution?
<hotmonkeyluv> when installing server 8.04, if I select NO to to: "install grub to MBR" do I get to choose a location to install it to, or does it just not get installed?
<Deeps> heh, where else would you install it to?
<hotmonkeyluv> i dunno
<Deeps> grub being a bootloader
<hotmonkeyluv> well, I have an ide drive and 4 scsi drives
<hotmonkeyluv> and I think it boots to the ide drive
<hotmonkeyluv> and I installed it on a scsi
<Deeps> ah
<ogra> you can install grub into a partition indeed
<hotmonkeyluv> ok!
<ogra> doesnt need to be mbr
<hotmonkeyluv> thanks
 * Deeps takes notes
<ogra> but i forgot if you get a selection
<ogra> its years ago that i did that last time :)
<hotmonkeyluv> you do
<hotmonkeyluv> have to enter it manually though
<ogra> and indeed there needs to be something in the mbr that chainlodas
 * hotmonkeyluv forgot which drives are which...
<hotmonkeyluv> chainload?
<hotmonkeyluv> yay! it workeded!!!1!
<hotmonkeyluv> thank you Deeps and ogra
<Deeps> thank ogra, we both learnt from him hehe
<AtomicSpark> the pro of grub is that it does NOT have to be the MBR :P
<hotmonkeyluv> yes
<hotmonkeyluv> thankfully
<ogra> but *something* needs to be in the mbr to call (chainload) the grub from the partition
<hotmonkeyluv> I just installed it to the mbr on my IDE drive
<hotmonkeyluv> and it works ok
<hotmonkeyluv> but now i'm late for work
<hotmonkeyluv> bbl
<babolat> i did sudo tasksel install lamp-server and i'm stuck at Installing Packages | Please wait | 0%
<babolat> is this normal and it just takes long to install, or is something wrong? it's been like this for like half an hour or so
<dury> hi there channel :)
<dury> anyone has phpmyadmin installed?
<dury> can't login
<dury> could anyone assist me to login
<babolat> i did sudo tasksel install lamp-server and i'm stuck at Installing Packages | Please wait | 0%
<babolat> is this normal and it just takes long to install, or is something wrong? it's been like this for like half an hour or so
<mistiipu> i followed http://www.ubuntugeek.com/sharing-internet-connection-in-ubuntu.html and its working. but only when firestarter is disabled. why so and how can i share internet while firestater is running ?
 * delcoyote hi
<dury> in this url http://localhost/phpmyadmin/index.php I login as root but it said = Error
<dury> #1045 - Access denied for user 'root'@'localhost' (using password: NO)
<mistiipu> ogra you there?
<dury> could anyone drive me what should I do, please?
<mistiipu> \sh ?
<dury> that's phpMyAdmin 2.10.3deb1ubuntu0.2
<dury> there is no way to login
<dury> maybe i missed a package
<sommer> dury: you could try this guide: https://help.ubuntu.com/community/phpMyAdmin
<sommer> dury: you need to use a mysql user to login... when you installed mysql it should have prompted you to set the root password
<mistiipu> i followed http://www.ubuntugeek.com/sharing-internet-connection-in-ubuntu.html and its working. but only when firestarter is disabled. why so and how can i share internet while firestater is running ? 2nd it was sharing internet. i rebooted all pcs. and its not sharing now. why so?
<dennister> ok, i'm pretty frustrated with trying to install samba server here; no matter what i do I get:  subprocess post-installation script returned error exit status 1"
<dennister> this is a thread in the forums, but no fix yet that I can find...anybody got any ideas?
<dury> sommer: didn't realize a mysql user to login when I installed, how can I do one?
<dury> sommer: could assist or help to fix it please, I would really appreciate it
<sommer> dury: sudo dpkg-reconfigure mysql-server-5.0
<sommer> dury: should ask you to set the root password
<dury> sommer: hang on
<dury> sommer: great supporter!!! success
<dennister> anyone got any idea how to fix samba installation? (will NOT give anything but a half-configuration)
<sommer> dury: party!
<sommer> dennister: how are you installing samba?
<dury> sommer: you know..... I really appreciate your help and support.... believe me :)
<dennister> sommer: every possible way i know actually :-) repos, cdrom, apt-get, aptitude...
<dennister> always the same non-result
<dury> sommer: party, mate! :)
<sommer> dennister: can you pastebin the output of sudo apt-get install samba
<sommer> dury: you're welcome :)
<dennister> !pastebein
<ubottu> Factoid pastebein not found
<dennister> !pastebin
<ubottu> pastebin is a service to post multiple-lined texts so you don't flood the channel. The Ubuntu pastebin is at http://paste.ubuntu.com (make sure you give us the URL for your paste - see also the channel topic)
<sommer> !paste
<dury> sommer: thank you so much
<sommer> dury: no problem
<dennister> sommer: http://paste.ubuntu.com/10984/
<sommer> dennister: can you paste the output of: dpkg -l | grep samba
<ogra> and do you have an old smb.conf lying around ? and is there anything in daemon.log (or any samba logfile) that would explain why it cant start ?
<sommer> ogra: good call :)
<dennister> sommer: http://paste.ubuntu.com/10985/
<ogra> thats a recent hardy version
<dennister> ogra: actually, there probably are...was reading about this in launchpad, so i located them all, removed them, and still got the same problems
<sommer> dennister: does sudo apt-get -f install give you the same error?
<dennister> ogra: yes, and hardy's driving me totally bokers
<dennister> sommer: yes
<dennister> don't want to be negative, as i'm a big fan of all my previous versions, but hardy is a huge disappointment
<sommer> dennister: do you have a backup of you old configs?
<dennister> sommer: nope, cause i wanted to purge them
<dennister> been purging nonstop witht this samba issue, but like i said, nothing helps
<sommer> dennister: gotcha, you might try purging samba dpkg -P samba samba-common then sudo apt-get update, then sudo apt-get install samba
<sommer> dennister: also, as ogra said are there any messages in /var/log/syslog related to samba?
<ogra> tail /var/log/samba/log.smbd
<matrix> i need source list
<matrix> for netharland
<sommer> dennister: ^^ that too
<dennister> sommer: tried your method of purging, but I'm told i can't purge samba-common
<dennister> too many dependencies
<sommer> mmm, is this a server install?
<dury> sommer: if I logged in in phpmyadmin It means that I have apache, php and mysql installed.. is it right?
<sommer> dury: heh, yep... that's a fair statement :)
<sommer> dennister: just try purging samba then
<dury> sommer: what you mean with a "fair statement", (sorry to ask you that)
<dennister> will look in the var/log/syslog in a minute...but there are actually only 4 dependencies for samba-common: smbclient, smbfs, winbind, and libpam-smbpass
<mistiipu> i followed http://www.ubuntugeek.com/sharing-internet-connection-in-ubuntu.html and its working. but only when firestarter is disabled. why so and how can i share internet while firestater is running ? 2nd it was sharing internet. i rebooted all pcs. and its not sharing now. why so?
<dennister> how about if I remove all of them, and then get them back later?
<sommer> dennister: ya, I'd try purging them... you can always reinstall them
<dennister> ok, i will, since I have the list
<sommer> dury: woops didn't mean to be confusing... yes, you have php with apache and mysql
<mistiipu> \sh ?
<mistiipu> ogra you there?
<dury> sommer: do you know how to install WordpressMU http://mu.wordpress.org/
<mistiipu> blue-frog_ any one?
<ogra> mistiipu, sorry no clue about firestarter
<ogra> i never touched it
<sommer> dury: I've never actually installed it myself, but it should be similar... if you search help.ubuntu.com there's probably a guide
<mistiipu> k
<blue-frog_> mistiipu: certainly because you did an ip forward which has been lost at reboot
<dennister> sommer: ok, done the purging, updated slocate, no versions of smb.conf left
<mistiipu> blue-frog_ it will be lost on every reboot?
<blue-frog_> mistiipu: you need to tweak /etc/sysctl.conf
<sommer> dennister: what about /var/lib/samba?
<sommer> dennister: it shouldn't be there
<mistiipu> blue-frog_ what about firestarter
<dennister> just tried apt-get samba, and it wants to reinstall samba-common, which I believe is causing all the problems
<blue-frog_> mistiipu: don't know
<sommer> dennister: that's expected
<mistiipu> blue-frog_ # Uncomment the next line to enable packet forwarding for IPv4
<mistiipu> net.ipv4.ip_forward=1
<dennister> sommer: no, var/lib/samba isn't there
<blue-frog_> mistiipu: yes
<dennister> but shouldn't i install the other dependencies, too, the four that i just removed?...
<mistiipu> blue-frog_ its already unmounted
<dennister> oh...and Important detail: i got fed up with repos version, so i commented all of them out and am only using the original cdrom
<dennister> at least it installed that way last week when I built this server
<ogra> there were no updates to samba since release
<ogra> so that is fine
<ogra> dennister, grep RUN_MODE /etc/default/samba
<sommer> dennister: you should be able to install samba and samba-common without those other packages
<dennister> ok, so now reinstall samba, samba-common, and leave out those other four dependecies?
<sommer> dennister: for now yes
 * ogra wonders if dennister's samba is set to inetd mode
<sommer> ogra: good question
<dennister> ogra: i just tried your grep command, and it said "no such file or directory"; i believe the ONLY mention of samba i've now got is the empty /var/log/samba directory (I removed them manually)
<dury> sommer: how to make sure that the line  "LoadModule rewrite_module /usr/lib/apache2/modules/mod_rewrite.so" appears in httpd.conf
<dennister> will now try reinstalling only samba and samba-common
<ogra> dennister, right, and then check the /var/log/samba files for errors
<sommer> dury: use sudo a2enmod rewrite... and you should be good to go
 * sommer goes to meeting bbl
<dennister> hey, i got some success!...not completely satisfied with some of the "uint32 failed" messages, but the daemons started
<ogra> is that an amd64 you are installing on ?
<dennister> ogra: no, gave up on amd64 OS's a long time ago
<dennister> ogra: only samba-common didn't install properly this time...will pastebin
<dennister> ogra: could you take a look at my results while I take 5 minutes for a cig outside? http://paste.ubuntu.com/10989/
<ogra> i/me sits outside smoking :)
<ogra> dennister, try: touch /etc/libuser.conf
<ogra> and see if the errors go away
<ogra> (shot in the dark, i'm by no means a samba expert or even user :) )
<dury> sommer: I've checked in /usr/lib/apache2/modules/ and there is mod_rewrite.so
<ogra> dennister, ah, no thats nothing, dont try the touch, google indicates it has something to do with the password db in /var/lib/samba apparently
<dennister> ogra: ty, so much...will only reinstall the dependencies I'd removed if I run into problems
<ogra> good luck :)
<cody-somerville> How much better is slapd in Hardy then Gutsy?
<ogra> cody-somerville, 32.4%
<zul> ogra: why do low? :)
<cody-somerville> A saner question: Is the version in Gutsy like "omgz, upgrade before you ask me a question!" or is it decent enough to use? :P
<ogra> i probably didnt measure really precisely, there is a tolerance of about 7%
<zul> cody-somerville: its the next best thing since slice bread :)
<cody-somerville> How about ebox? :P
<zul> its good I know some people are using it
<cody-somerville> gah!
<cody-somerville> varrun                316M  316M     0 100% /var/run
<cody-somerville> : /
<peanuter> I am going to install vserver on my dapper server.  I have the wiki up and have read it completely.  was just wondering if there are any suggestions before I start.
<sTiVo> I have mysql running on ubuntu but it can only be seen from localhost.  what do I have to change to open port 3306 to the LAN?
<Nafallo> cody-somerville: how did you manage to fill that one? :-O
<cody-somerville> Nafallo, mysql replication server probably
<cody-somerville> How do I make it bigger then 316mb? :(
<cody-somerville> /var/run is slowly running out on the other server too
<cody-somerville> well, not so slowly
<Nafallo> cody-somerville: /etc/fstab
<Nafallo> cody-somerville: move it to a filesystem or something
<cody-somerville> /etc/fstab doesn't have anything about /var/run :(
<Nafallo> oh. it doesn't.
<Nafallo> try adding something :-)
<sTiVo> any mysql-knowledgeable people here?
<sTiVo> how do I expose a mysql database to the LAN?  what config file needs to be changed?
<Navop> Following the Perfect Server step, i'm at the section /etc/init.d/bind9 start and I get an error, can someone help me out plz?
<sommer> sTiVo: change the bind-address parameter in /etc/mysql/my.cnf to the IP of your NIC
<Nafallo> Navop: not without knowing the error
<sommer> sTiVo: then restart mysql with /etc/init.d/mysql restart
<Navop> Nafallo where can i see the error,
<Nafallo> Navop: well... you just said "and I get an error". you tell me :-)
<Navop> actually when i do the start at the end of the line i get a [fail]?
<Nafallo> tail /var/log/syslog to see why
<Navop> thier already--> i get permission denied
<Navop> in the syslog
<Nafallo> not sure what you mean by that. are you saying you can't view the syslog?
<Navop> no in syslog :none:0: open: /etc/bind/named.conf: permission denied
<Navop> also  loading configuration: permission denied
<Navop> going to retry the steps
<Nafallo> there you go then.
<Nafallo> -rw-r----- 1 root bind 1611 2007-07-15 14:10 /etc/bind/named.conf
<Navop> trying to stop the bind process and I get this : rndc: connect failed: 127.0.0.1#953: connection refused
<Nafallo> should be because it never started :-0
<Nafallo> :-)
<Navop> k thanks
<donspaulding> are there any known problems with postfix on 8.04?
<peanuter> i am unable to install linux-vserver-image-2.6.17-11-vserver-generic and apt-cache doesn't have it.  i have modified the sourcelist as documented and apt-get update'd
<peanuter> any suggestions?
<lamont> donspaulding: http://bugs.debian.org/cgi-bin/pkgreport.cgi?src=postfix is a pretty comprehensive list of all the outstanding issues, esp when combined with the launchpad page
<lamont> OTOH, I should go through and clean those up
<peanuter> ahhhh dpkg.u32.net/ubuntu is not updating odd
<peanuter> anyone know of another repository that has linux-vserver-image-2.6.17-vserver-generic
<peanuter> Ign http://dpkg.u32.net edgy/vserver Packages
<peanuter> Ign http://dpkg.u32.net edgy/vserver Sources
<melter> anyone know why "dpkg-reconfigure postfix" isn't storing the email address i specify for the root account?
<lamont> melter: without looking at the postinst, I think it won't write it if there's already an alias for root in /etc/aliases
<melter> lamont, there already is a /etc/aliases file, but i assumed it would make the changes i specify. who owns /etc/aliases? i don't see it listed in "dpkg -S aliases"
<lamont> $MTA owns it. :-(
<mistiipu>  iam following http://www.ubuntugeek.com/sharing-internet-connection-in-ubuntu.html done for eth1 (client) eth4 dsl connection. http://pastebin.com/m4bdf9f3a i configured for eth1 and its not working itself. link is up on client. but a cross on computer connection on server.       instead eth2 is working fine.  any help please ???
<lamont> melter: not sure but what it didn't add a second root: entry in /etc/aliases???  in which case, the first one would win
<melter> it didn't do anything, but i'm going to remove the aliases file and reconfigure just to see what happens
<lamont> cool
 * lamont will see about looking at it later this week (end)
<melter> lamont, that works
<lamont> but generally, postfix has had a lot of fun dealing with not overwriting changes made outside of debconf with non-changes in debconf wiht ...
<lamont> melter: if you can get it down to what/when it does it wrong, please file a bug with the details, and what you expect should have happened instead of what did.
<melter> lamont, ok
<lamont> thanks
<mistiipu>  iam following http://www.ubuntugeek.com/sharing-internet-connection-in-ubuntu.html done for eth1 (client) eth4 dsl connection. http://pastebin.com/m4bdf9f3a i configured for eth1 and its not working itself. link is up on client. but a cross on computer connection on server.       instead eth2 is working fine.  any help please ???
<good_dana> i'm having trouble with a majordomo mailing list, i created a new list and EVERY message gets an NDR that says: "The e-mail account does not exist at the organization this message was sent to.Â  Check the e-mail address, or contact the recipient directly to find out the correct address."
<mistiipu> how to limit bandwith for an ip or eth interface by tc comand?
<mistiipu>  how to simply limit 192.168.0.3 to 15kb/s ?
<mistiipu> <mistiipu> or how to simply limit eth2 to 15kb/s ?
<mistiipu>  how to simply limit 192.168.0.3 to 15kb/s ?
<mistiipu> <mistiipu> or how to simply limit eth2 to 15kb/s ?
<Deeps> mistiipu: http://lartc.org/
<peanuter> sudo apt-get install linux-vserver-image-2.6.17-vserver-generic
<peanuter> excuse me pasted the same thing again by mistake
<peanuter> is there a good alternative to vserver?
<peanuter> since i am unable to get the linux kernel image
<_ZeuZ_> Any news on QoS?
<_ZeuZ_> Any place where ISPs can chat?
<uvirtbot> New bug: #228340 in gnome-keyring-manager "ssh-add -D (or -d) does not delete the keys" [Undecided,New] https://launchpad.net/bugs/228340
<mistiipu> what wil this do        tc qdisc add dev eth0 root tbf rate 15kbit buffer 1600 limit 3000   ?
<_ZeuZ_> it would add the default qdisc for the interface eth0 with the tbf protocol at a range of 15kbps and the other is the buffers limit I guess
<_ZeuZ_> mistiipu, it would add the default qdisc for the interface eth0 with the tbf protocol at a range of 15kbps and the other is the buffers limit I guess
<mistiipu> i did           sudo tc qdisc add dev eth1 root tbf rate 12kbit buffer 1600 limit 3000        is it 12kb/s or 12 kbps   (it seems 12kbps on a trafic knemo chart) ?
<erimar77> need help with 8.04 server bacula-director-pgsql
<erimar77> http://pastebin.com/m53a8a22d
<erimar77> it seems to fail on the postinstall script
<nealmcb> erimar77: did you look at /etc/bacula/bacula-dir.conf ?
<erimar77> nealmcb: look at it for what
<erimar77> since the installation fails, the postgres database does not get setup
<nealmcb> erimar77: I know little about bacula, but simply noted that the error mentions that file.  does it exist on your system?  is is something you need to set up?
<melter> lamont, i just filed a bug for the postfix thing
<melter> #228391
<erimar77> melter: when you install bacula with apt-get it runs a postinstall script from /var/lib/dpgk/bacula and that file is messed up
<erimar77> melter: sorry wrong person
<erimar77> nealmcb: that was to you
<uvirtbot> New bug: #228391 in postfix (main) "/etc/aliases not updated" [Undecided,New] https://launchpad.net/bugs/228391
<ajmitch> hm, I hope he filed a bug for that bacula issue
<gregbrady> Why is it in Open Office Calc that when I try to open a file via sftp, I am asked for my password a couple of times and then get a "General Internet Error"?  Is it not possible to work on a file remotely via sftp?
<AtomicSpark> if i want to host an intranet website on my server, do i need more then LAMP? it seems to resolve to the hostname, but i think it's a bit buggy.
<AtomicSpark> ubuntu think's its on a domain (which it isn't). should i install DNS too and then make an A record for the server?
<nealmcb> AtomicSpark: it will help a lot to show us specific commands and error messages
<nealmcb> ï»¿Guide to asking questions on IRC: http://www.sabi.co.uk/Notes/linuxHelpAsk.html
<AtomicSpark> nealmcb, no error messages. just trying to set up drupal. the server doesn't have dns or mail installed so answering questions like "what's the administrator email" is kindof pointless.
<nealmcb> coffeedude: are you coming to prague for uds?
<coffeedude> nealmcb: ah.....I was planning to but am going to bail at the last minute.  Had some travel this week and more deadlines next.  Just a bit too much travel to handle right now.  Actually hadn't mailed Rick yet.  I should do  that now
<nealmcb> AtomicSpark: ahh - drupal - adding the "mail-server" task with tasksel might be helpful, at least to send local mail or use a smarthost.  you should be able to use some other machine for dns
<nealmcb> coffeedude: we'll miss you!
<nealmcb> coffeedude: so what should we do to improve stuff in intrepid?
<AtomicSpark> nealmcb, i figured i could use the mail server just for outgoing messages.
<nealmcb> (what do you have up your sleeves?) :-)
<AtomicSpark> nealmcb, i'm just wondering if having the server at a fakedomain.local (which i put during the install) will mess with anything.
<AtomicSpark> right now i'm using openDNS for our network.
<coffeedude> nealmcb: Main this I'll be interested in is improving File/Print services (Samba).  I'll have to spend some time
<coffeedude> nealmcb: putting some ideas together.
<AtomicSpark> off subject, what is keeping track of all the hostnames. the router?
<AtomicSpark> hmm. it appears it can only resolve the server. must just be in arp cache.
<nealmcb> coffeedude: much appreciated :-)
<coffeedude> nealmcb: what day does UDS start (not FOSS) ?
<coffeedude> next week right ?
<mathiaz> coffeedude: UDS starts monday May 19th
<mathiaz> coffeedude: FOOSCAMP starts on thursday May 15th, ie next week
<coffeedude> mathiaz: Thanks.  So one week away then.
<nealmcb> coffeedude: ...depending on the slew in your clock rates - "items on the calendar are closer than they seem"   :-)
<coffeedude> nealmcb: True.  very true
<nealmcb> AtomicSpark: you can use /etc/hosts, or some other dns server, to map names to addresses
<nealmcb> coffeedude: :-)
 * nealmcb hates having to log out for silly unix group management - when are we gonna fix that?
<ajmitch> nealmcb: depends, how many POSIX assumptions have to be thrown out?
<nealmcb> :-/
<AtomicSpark> nealmcb, funny. i don't see where it asked for the domain during the install. i must of been seeing things.
<nealmcb> ajmitch: or what other authn mechanicms can be used for e.g. libvirt
#ubuntu-server 2008-05-09
<nealmcb> AtomicSpark: you mean ".local"?
<nealmcb> sounds like avahi at work?
<nealmcb> which is unlikely to work for mail....
<AtomicSpark> nealmcb, yes. i think it only asked me when i manually set up ip settings. i missed it and it used dhcp.
<AtomicSpark> also we use google aps for our email service. is there a way to set up the mail server to just send messages through that? i believe i did this before with exchange.
<AtomicSpark> yup it's the router. heh. it actully works better if everything is dhcp and then i set the server's addy with static dhcp. then the router has the hostname.
<AtomicSpark> mm tomatos
<AtomicSpark> also i can set the "domain" on the fly ;)
<uvirtbot> New bug: #228460 in nagios2 (universe) "/etc/init.d/nagios2 reload kills nagios" [Undecided,New] https://launchpad.net/bugs/228460
<AtomicSpark> yay?
<mralphabet> duh?
<AtomicSpark> lols with the unix passwd sync for samba, it didn't make me set the smbpasswd for one user but it did the other.
<AtomicSpark> funny indeed
<docta_v> does the dhcpd that ships with ubuntu support ldap?
<AtomicSpark> docta_v, i'm sure there is a way to configure it. not sure what you mean by support ldap.
<mathiaz> zul: you may wanna check https://bugs.launchpad.net/ubuntu/+source/quagga/+bug/176015
<uvirtbot> Launchpad bug 176015 in quagga "BGP MD5 support regression" [Undecided,Fix committed]
<mathiaz> zul: there seems to be a regression there.
<lamont> jdstrand: you had some comments re bind9?
<lamont> from a meeting today?
<lamont> you still around?
<Navop> Can someone look at my error i get in syslog http://pastebin.com/d3d4c0f1c ,trying to start bind
<Navop> can't get bind to start it always says [fail]
<jiqiren> Navop: looks like permission problem
<jiqiren> who owns the file /var/lib/named/etc/bind/named.conf? what are the permissions?
<Navop> I followed the steps in "The perfect server" found on page 4
<Navop> right hear http://howtoforge.com/perfect-server-ubuntu8.04-lts-p4
<jiqiren> Navop: i don't know what you are refering to, but i can see the error, you don't have permissions correct on that file
<jiqiren> or a parent directory has permissions wrong
<Navop> follow link, go to dns server
<jiqiren> i don't need to read those instruction to tell you what your problem is
<Navop> new at this, sorry
<jiqiren> you have a permission problem, so you need to figure out why named can't read that file
<donspaulding> can sysklogd output to an arbitrary program on its stdin ?
<hotmonkeyluv> is there a patch of some sort so that ubuntu server will take advantage of more than 2 cores to the fullest? on htop proc1 is 100% and 2,3,4 are all 1-20%
<Navop> jiqiren: will look at the step one at a time and figure out where i went wrong
<jiqiren> Navop: is there a "bind" user on your server?
<Navop> edited file bind9 so it will run as the unpriviledge user bind, chrooted /var/lib/named
<Navop> jiqiren: just re-booted system works fine
<gregbrady> Why is it in Open Office Calc that when I try to open a file via sftp, I am asked for my password a couple of times and then get a "General Internet Error"?  Is it not possible to work on a file remotely via sftp?
<FreeBullets> hello
<nealmcb> elapsed time - 16 seconds....
<hotmonkeyluv> how can I make more lines of text fit on the screen when in cli mode?
<hotmonkeyluv> I get this shiny, new, expensive monitor, and it looks like i'm in 230x320
<lucent> hotmonkeyluv: like on a virtual console?
<hotmonkeyluv> no, like when you log in
<dennister> ok, looking for some advice here: i have a pc-refurbishing-with-ubuntu hobby (nonprofit/charity; just me for now) and need an accounting and inventory module/program
<dennister> was using sql-ledger, but it's a very dangerous program...what i can see as available as a subsitute is tinyerp or egroupware, both of which are very large programs/suites, for large organizations
<dennister> does anyone have experience with these, or a suggestion for something else to install on my ubuntu servers?
<hads> How is sql-ledger dangerous?
<dennister> you're allowed to delete things, and loa and behold, when you do, functions like 'backup' don't work anymore
<hads> I see. I haven't used either of those alternative solutions you mentioned about but Postbooks is another one to add to your list.
<dennister> worked days to get it installed with very sparse documentation, had a whole inventory setup, and bang! couldn't backup
<dennister> Postbooks?
<dennister> not in synaptic i see
<hads> http://en.wikipedia.org/wiki/Postbooks
<hads> I haven't used that either, just heard mention of it at the last conference I was at.
<dennister> sql-ledger should be removed from the repositories i think...one developer who wants to keep documentation poor and secrutiy holes present so people run into trouble, and pay him for support/documentation
<dennister> hads: what type of conference?
<hads> linux.conf.au
<dennister> i'm looking around on their site now...ahh, i see
<dennister> ledgersmb is a fork of sql-ledger (both Canadian, like me) born out of a desire to improve documentation and security issues of sql-ledger, very similar still, but quite frankly, so similar i'm now scared off
<dennister> and their site says...download deb package from sourceforge'....but there is no deb package
<dennister> doesn't inspire one with confidence
<jiqiren> dennister: you are either going to pay with your labor - or buy some kind of commercial software, personally I'd just buy Quickbooks or pay into one of those online accounting packages
<hads> Quickbooks? They have a Linux version now?
<jiqiren> hads: of course not!
<hads> That's an odd recommendation in this channel then :)
<dennister> jiqiren: well i paid with my labour re sql-ledger...i'm retired now with my disabilities, so do have time
<jiqiren> dennister: I keep accounts for a private organization myself with very very low budget. I use pen, paper, and filing cabinet.
<dennister> I just want something more solid, and something where i can export data if possible, instead of beign stuck with buggy, unusable software that i can't even backup...quickbooks makes you pay$ just to access your own data
<dennister> jiqiren: are you an accountant?
<jiqiren> dennister: I'm a dba
<hads> dennister: You might get better help in #ubuntu since it's more of a desktop type question.
<dennister> ahhhhhh...dba's are similar to accountants in some ways...i used to work in HR :-)
<dennister> hads: yes, i was in here earlier getting some excellent assistance with samba in hardy, and forgot to log out :)
<dennister> jiqiren: b4 i go...i'm a big admirerer of pen & paper people...you really have to know what you're doing then...unfortunately, I can't read my own writing anymore :-)
<dennister> g'night all
<Owninizer346> hey everone
<Owninizer_> hello everyone
<fotoflo> hey, im running ubuntu server, i heard the desktop version can automaticly recognize my printer, but how do i get it to work from the server? (with samba as the obvious next step)
<stiv2k_> Help, I am at a remote location from my server, and it seems to somehow have gone down.
<stiv2k_> I can't SSH to it or anything.
<stiv2k_> I can SSH into my router and ping the server from there however, and it seems to be up ?!?!
<stiv2k_> But I cannot SSH or telnet into the server itself from any port, anywhere.
<stiv2k_> Any ideas?
<HS-L> has your server an external ip address?
<stiv2k_> No, it's behind my NAT router -- but all the ports are forwarded.
<hads> Try testing the services to see if they are responding.
<HS-L> well,.. probably not 100% correctly if you can connect from the router and not from the external location it's most likely a nat problem.
<stiv2k_> hads: what exactly do you mean by "testing" and "services" ?
<stiv2k_> HS-L: No, I said I can ping the server from the router, I can't connect to anything.
<HS-L> telnetting to other services than ssh
<hads> Well, what does your server do? HTTP? SMTP?
<stiv2k_> hads: It does a lot.
<hads> OK
<HS-L> telnet serveraddress portnumber_service
<HS-L> see if it responds
<stiv2k_> hads: I already said, I can't access it on any port from anywhere
<hads> OK then.
<stiv2k_> Not even from the router.
<kraut> moin
<stiv2k_> The ONLY thing it is responding to is ping (from my router)...
<HS-L> and are you sure that your server has that ip address?
<stiv2k_> yes
<stiv2k_> it's statically assigned to 192.168.1.10
<stiv2k_> please help, I need to get my server back online
<hads> People are trying, attitude helps a lot.
<stiv2k_> hmm?
<Ali_ix> stiv2k_: sounds like some problem in your router
<Ali_ix> stiv2k_: may be port forwarding rules are missing
<stiv2k_> Ali_ix: Then why can't I telnet to the server from the router?
<Ali_ix> stiv2k_: can you telnet to services fromyour router?
<stiv2k_> Ali_ix: No.
<stiv2k_> Ali_ix: I tried rebooting the router remotely... no difference.
<Ali_ix> stiv2k_: so you may blocked all ports in server it self (iptables rules)
<soren> stiv2k_: Is noone around that can go and see what's on the console?
<stiv2k_> soren: nope
<hads> nmap the server see if it's offering any services, if not it may have hung.
<Ali_ix> stiv2k_: any KVM like system available?
<stiv2k_> Ali_ix: I don't think it has iptables... though i'm not sure
<soren> stiv2k_: And noone can reboot it?
<stiv2k_> nope
<soren> Wel, then you're screwed.
<stiv2k_> Ugh... shit
<soren> If you can't connect to it and noone can reset it, what's left to do?
<stiv2k_> I wont be able to go to reboot it until sunday
<stiv2k_> I just dont understand how it could have happened in the first place
<soren> stiv2k_: What's it running?
<stiv2k_> It was working fine, I was in an SSH session using irssi and streaming music
<hads> There's so many reasons.
<stiv2k_> then all of a sudden it just stopped.
<stiv2k_> soren: various services, HTTP, SMTP, IMAP, MySQL, IRC, NTP, SSH, BOINC...
<Ali_ix> stiv2k_: it is a sevrer or your home/office PC?
<soren> stiv2k_: Which OS?
<stiv2k_> ubuntu
<soren> ...breezy?
<stiv2k_> it was 8.04 but I hadn't rebooted it since about 85 days ago
<stiv2k_> so it never rebooted after the release-upgrade
<stiv2k_> Ali_ix: its a personal server in my apartment, nothing commercial.
<Ali_ix> stiv2k_: there might be some power/hw failue, the system rebooted, and endup in some boot time blocking errors, which is responding to icmp, but no services running
<soren> if you ask the right kind of people (or the wrong kind, depending on how you look at it), I'm sure you can hire someone to break into your apartment and press the reset button. Possibly steal a few things, too, but hey...
<hads> Or heat, or bad memory, or...
<stiv2k_> Ugh
<stiv2k_> that seems so implausible
<hads> heh
<Ali_ix> soren: nice soloution :)
<stiv2k_> it's been running perfectly for over 1 year now
<soren> stiv2k_: What's implausible?
<Ali_ix> impossible may be!
<stiv2k_> soren: how do hardware failures just happen like that
<soren> Hahah!
<soren> How else do you think it happens?
<hads> By definition.
<stiv2k_> I dont know.
<stiv2k_> dammit, I really need to access it
<soren> Do you think it sends you a letter that it'll fail sometime within the next few weeks, so you'd better replace something?
<stiv2k_> soren: I wish.
 * hads giggles
<Ali_ix> stiv2k_: do you have any UPS or Stablizer there?
<stiv2k_> Ali_ix: No UPS.
<soren> It might just have kernel paniced.
<Ali_ix> stiv2k_: so power failure is possible
<stiv2k_> soren: I hope so... I wish there was a way to reset the damn thing.
<stiv2k_> Ali_ix: yes but it responds to ICMP PING
<soren> stiv2k_: 1-800-BURGLAR
<stiv2k_> Ali_ix: so I'd like to rule it out
<Ali_ix> stiv2k_: if it is so important you can user advanced server equipments, like APC panels or some KVM systems
<stiv2k_> Ali_ix: how would KVM work remotely?
<hads> IP
<Ali_ix> stiv2k_: like which most Datacenters provide for servers
<HS-L> Ali_ix: you mean some kind of IPMI card?
<hads> An IP addressable KVM or the likes.
<Ali_ix> HS-L: i just worked with such things remotely, dont know actually teh hardware
<HS-L> ah ok, in my servers i've got ipmi cards, that's sort of a ehhhh.. console via IP, but it can reset the power too
<Ali_ix> more info: http://www.cyberciti.biz/tips/linux-freebsd-ipmi-login-session.html
<Ali_ix> http://www.cyberciti.biz/tips/kvm-over-ip.html
<lucent> kvm over IP eh?
<lucent> I've never seen that in action
<lucent> it's been 2 years since I worked in a datacenter though
<fotoflo> hmm how do i setup CUPS on ubuntu server?
<fotoflo> or is that not what i need to get my HP all in one officejet working?
<lucent> fotoflo: which model?
<fotoflo> 5608
<stiv2k_> hpijs
<Ali_ix> fotoflo: did you tried hplip drivers?
<lucent> if it's supported and USB, you should be able to just plug it in and it will be there for you to use
<fotoflo> on ubuntu server?
<lucent> if that's not happening for you, then there's more work to be done
<lucent> oh
<lucent> apt-get install cupsys non?
<lucent> I was thinking of Ubuntu Desktop
<lucent> got mixed up there
<fotoflo> apt-get install cupsys ?
<lucent> yeah
<fotoflo>   Temporary failure resolving 'cn.archive.ubuntu.com'
<fotoflo> :(
<fotoflo> wtf?
<stiv2k_> China?
<lucent> what would be really neat is a KVM device that inlines with ethernet, for home and SOHO use
<fotoflo> ok it resolved
<fotoflo> odd
<fotoflo> ok, once cups is installed, then it should automaticly recoginze my printer?\
<fotoflo> do i need HPLIP?
<fotoflo> Get:2 http://security.ubuntu.com dapper-security/main cupsys 1.2.2-0ubuntu0.6.06.9 [2253kB]
<fotoflo> Err http://cn.archive.ubuntu.com dapper/main libpaper1 1.1.14ubuntu8
<fotoflo>   Temporary failure resolving 'cn.archive.ubuntu.com'
<fotoflo> wierd, cn.archive seems to be going up and down
<fotoflo> ok, ive got cups installed, hwo do i test my printer?
<fotoflo> how do i know if it recognized it?
<fotoflo> ok, ive got cups installed, how can i test my printer?
<phil^> try http://localhost:631/
<fotoflo> hey, it works
<fotoflo> unfortuatly i only have lynx on that machine...
<fotoflo> and its not accepting connections from outside
<lucent> fotoflo:   echo "Hi I am a test" | lp -dPrinterName
<lucent> I think?
<fotoflo> phil: any idea how i can get that web thing to accept connections from a specified IP?
<lucent> /etc/cups/somethingorother
<lucent> there's a series of permit/deny lines
<lucent> it may or may not be listening on lo0, would check /etc/default/cupsys or something too
<lucent> those are generic ideas for debian based installs
<lucent> I have *no* idea about what Ubuntu does
<lucent> sorry, "lo"  versus "eth0"  not "lo0"
<fotoflo> . /etc/default/cupsys
<fotoflo> is empty
<lucent> probably okay then
<fotoflo> theres a
<fotoflo> . /etc/cups/cups.d/ports.conf with a Listen localhost:631
<fotoflo> line
<fotoflo> i added Listen 192.168.0.18:631
<fotoflo> and i can get in, but only to the first page
<fotoflo> and there is serious latency
<fotoflo> i get a 403 if i try anything but the index\
<fotoflo> Administrative commands are disabled in the web interface for security reasons. Please use the GNOME CUPS manager (System > Administration > Printing). /usr/share/doc/cupsys/README.Debian.gz describes the details and how to reenable it again.
<fotoflo> looking good
<fotoflo> hmm, followed the advice (added cups to the list of users able to read the group shadow) and restarted cups still forbidden
<phil^> fotoflo: is 192.168.0.18 your servers ip or is it the client from which you want to access?
<fotoflo> server ip
<owh> Have you ever seen a situation where an email that is being redirected with a .forward into a script terminates midway through the delivery. I can see the message arriving, I can see the script processing about 25%, then I see the message delivered and the connection from the sender closing. The script stops and does not finish.
<phil^> fotoflo: actually I never tried to make the webinterface accessible from the outside
<fotoflo> maybe it would be easier just to setup a sshtunnel and access from localhost
<fotoflo> ... would that work?
<owh> Some background: I'm processing incoming email with a PHP script. The mail server is postfix. It's running Hardy. If I cat an email message to the PHP script as the user who's mail this is, all works as expected.
<lucent> fotoflo: you're doing it wrong.
<lucent> "Listen" is where the daemon listens
<lucent> it must be "Localhost" or the IP address of an interface on THAT MACHINE
<lucent> per the manual page
<fotoflo> right, the server is localhost, i used its own ip address to listen on
<lucent> check around for an example of allowing /admin connections to specific IPs
<lucent> what's really sad is that CUPS doesn't accepd CIDR syntax
<hads> owh: PHP has a script timeout, perhaps you're hitting that?
<lucent> so you're stuck if you want to produce a subnet access to the machine
<owh> hads: According to syslog the script runs in under 1 second.
<hads> owh: Guess not then :)
<fotoflo> Listen 192.168.0.18:631  < that IP is eth0
<owh> hads: Well, I did start thinking if some previous administrator set it to something stupid low.
<Asad2005> i have my system 8.04 server with raid installed in a 2 GB CF card how can i take an image of the system with out shut down as a full back up including grub
<Deeps> dd?
<fotoflo> i got it to accept connections, but only with major lag and admin is forbidden
<fotoflo> oh only lag on forbidden operatiosn
<Asad2005> Deeps, can you please help me in exact command, i will replace the /dev/sd* to the one i have. I mean what figure to put for count .. etc
<Asad2005> my drive is 2 GB
<Deeps> dd if=/dev/sda of=/dev/sdb
<Deeps> or dd if=/dev/sda of=/path/to/network/share/cf.dd.iso
<\sh> does anyone have experience with 2x quad core opterons on hardy or dapper? :)
<Asad2005> Deeps, thanks
<stiv2k_> hey
<stiv2k_> anyone still here that I was talking to earlier?
<jdstrand> lamont: no, don't need anything in particular-- just thinking of how to manage packaging for both debian and ubuntu and remembered bind9
<jords> I can't understand why everyone seems to think using passkeys for ssh instead of passwords is such a good idea- doesn't that just mean that anyone else who gets on my laptop can ssh to any of my servers/ cat ~/.ssh and have the
<jords> key?
<soren> You encrypt you passkey..
<soren> *your
<soren> With passwords, anyone can bruteforce their way in. With pubkey auth, only people with access to the private key can get it.
<soren> Er.. Can get in.
<soren> (that's what you get for typing while lunching)
<hads> Yeah. jords; passphrase-less keys are a bad thing.
<kirkland> owh: regarding initscripts, let's just post that patch to the list, rather than directly to the maintainer
<owh> kirkland: Which list?
<kirkland> good question....
<kirkland> owh: let me find the right one
<flotishu>  firestarter problem since i removed it , then instaled kmyfirewall. removed it. and reinstalled firestarter. http://pastebin.com/m723ea818     some apps like firefox or etherape are not runing too.  help?
<kirkland> owh: i'm looking over http://lists.debian.org/completeindex.html
<kirkland> owh: http://lists.debian.org/debian-lsb/
 * owh is trying to debug to a dead-line, can you please email me?
<owh> Unless you know why a php script would be terminated before completion when postfix invokes it on delivery?
<kirkland> owh: sure, no problem
<owh> SMTP -> postfix -> .forward -> pipe -> php://stdin -> script
<kirkland> owh: anything in error_log ?
<owh> No, the script just stops midway through, or stdin isn't filled with the email.
<kirkland> owh: change your .forward to write to a file
<owh> With tail -f /var/log/syslog and lots of php errorlog entries, I can see the email arriving, the script starting, then the email connection closing. Then that's all. I don't see the script finish.
<kirkland> owh: then manually cat to | script
<kirkland> owh: and you should be able to see the php error out
<owh> kirkland: This script needs to parse the email and make it into a .csv.
<owh> There are no php errors. I can cat the email to the script on the commandline and all works as expected.
<kirkland> hmm
<owh> It's like postfix kills the process.
<kirkland> memory problem?
<owh> Fsck, I hope not.
<owh> No, that would be very strange. This VPS was built with MySQL and a full LAMP stack. I removed MySQL altogether.
<kirkland> how many MB is the input email?
<owh> Its 2737 bytes.
<owh>  /proc/meminfo tells me that LowFree is: 209252kB
<kirkland> owh: fyi, i mailed the list
<owh> At the moment there are times where even sleep(10) as the first command doesn't guarantee that the whole message has arrived. I'm really stumped.
<owh> Tah
<kirkland> owh: definitely not a memory problem then
<owh> I'll edit the original message and send it when I've licked this issue.
<kirkland> i was wondering if you were processing a 10G email or something
<owh> Nope, just an ittybitty satellite tracker message.
<owh> The script runs for less than a second.
<owh> How can I tell if postfix is really killing the script?
<owh> I'm reading about the postfix pipe command, there is a deamon_timeout, but it's set to 18000s
<kirkland> owh: have you checked the postfix logs?
<kirkland> owh: /var/log/mail.*
<owh> They appear to be identical to syslog
<owh> relay=local, delay=10, delays=0.23/0/0/10, dsn=2.0.0, status=sent (delivered to command: cd ~ ; ~/readmail.php)
<owh> I wonder what 0.23 means
<kirkland> owh: okay, sill questions...
<kirkland> ~ is perms 755 right?
<kirkland> as is readmail.php ?
<kirkland> and you have the php-cli installed?
<kirkland> all this works because running your script by hand works?
<owh> kirkland: Yeah, it's running, I can see the entry in the logs - the script is riddled with error_log() entries.
<owh> Yes
<kirkland> owh: so next i'd pipe it through strace
<kirkland> strace ~/readmail.php
<kirkland> strace ~/readmail.php > /tmp/out
<owh> kirkland: You mean, change the .forward?
<kirkland> owh: yeah, if that's the only way to reproduce the error
<owh> Hmm
 * owh has just shot a message at it, it will take a mo.
<owh> That didn't work: (delivered to command: (cd ~ ; strace ~/readmail.php > ~/strace)), but there is no content or any script debug output
<owh> It could be memory. Lemmie see if I can generate some output.
<owh> kirkland: Just read your email, it looks like you already sent it, am I reading that correctly?
<kirkland> owh: yes
<owh> kirkland: Then my brain isn't all fuzzy just yet :)
<kirkland> ;-)
<owh> memory_get_usage reports 786432 bytes
 * owh thinks it's running out of memory.
<owh> Hold on, thats 786kB, I've got 256Mb
<Deeps> lol
 * owh is used to 6502 CPU's with 64K :)
<timuckun> Two questions: 1) How to fire up the curses GUI for configuring the network
<timuckun> 2) How do I know which nic is which?
<timuckun> 8.04 LTS server
<_ruben> 1) you dont .. 2) pull a cable and check the link status with ethtool?
<Deeps> 1) dpkg-reconfigure etherconf i believe
<owh> Or look at dmesg.
<Deeps> 2) unplug one of the cables, and check which one still has a link with ethtool / mii-tool
<Deeps> and/or from syslog
<Deeps> and/or dmesg
<Deeps> !show etherconf
<ubottu> Factoid show etherconf not found
<Deeps> !info etherconf
<ubottu> Package etherconf does not exist in hardy
<Deeps> heh
<owh> Deeps: Yeah, I cannot find it either.
<Deeps> that was the name of the debian package, it was in ubuntu too
<Deeps> up until edgy it seems
<timuckun> so ethtool -g eth0
<timuckun> right?
<Deeps> ethtool eth0 on it's own
<Deeps> looks like for reconfiguring you'll have to do it manually through the interfaces file now
<timuckun> Thanks guys
<Deeps> thats a bit silly removing etherconf
<timuckun> I agree
<timuckun> I think they should have a curses gui for everything!
<Deeps> lol
<Deeps> you probably need to start to learn to code curses then :)
<timuckun> first I have to learn the ins and outs of command line firts
<timuckun> first
<timuckun> anyway thanks for the help, back to the grindstone
<kirkland> owh: http://lists.debian.org/debian-lsb/2008/05/msg00000.html
<owh> kirkland: That's the first message this month, it's a busy list - not ;)
<Deeps> mmm
<uvirtbot> New bug: #228489 in quagga (main) "Please sync quagga 0.99.9-6 (main) from Debian unstable (main)." [Wishlist,Fix released] https://launchpad.net/bugs/228489
<lamont> jdstrand: ah, ok.  I have one branch for debian and one branch for ubuntu (and util-linux is a much better example than bind9, which is generally converged..)
<lamont> I don't separate out subdirs into their own VCS, since historically that has just caused me to want to go postal.
<lamont> I _do_ commit to debian/ and to !debian/ separately, so that merges are less painful, and cherry picking for upstream  is better
<jdstrand> lamont: cool, thanks
<lamont> (and yes, util-linux upstream is git, and was what pushed me over to migrating all my packages from cvs/arch/bazaar (not bzr) to git
<lamont> somewhere in 2006 or 7
 * jdstrand nods
<flotishu> firestarter problem since i removed it , then instaled kmyfirewall. removed it. and reinstalled firestarter. http://pastebin.com/m723ea818     some apps like firefox or etherape are not runing too.  help?
<flotishu_>  firestarter problem since i removed it , then instaled kmyfirewall. removed it. and reinstalled firestarter. http://pastebin.com/m723ea818     some apps like firefox or etherape are not runing too.  help?
<sommer> flotishu_: do you have the /etc/firestarter dir?
<flotishu_> sommer i have installed fs now . yes i have the dir
<sommer> flotishu_: and the /etc/firestarter/inbound/outbound subdirs?
<flotishu_> no
<flotishu_> $ sudo dpkg -l firestarter
<flotishu_> Desired=Unknown/Install/Remove/Purge/Hold
<flotishu_> | Status=Not/Installed/Config-f/Unpacked/Failed-cfg/Half-inst/t-aWait/T-pend
<flotishu_> |/ Err?=(none)/Hold/Reinst-required/X=both-problems (Status,Err: uppercase=bad)
<flotishu_> -
<flotishu_> cd /etc/firestarter
<flotishu_> user1@computer1:/etc/firestarter$ ls
<flotishu_> non-routables
<sommer> flotishu_: try sudo apt-get install firestarter again
<flotishu_> is already installed
<Deeps> apt-get --purge remove firestarter; apt-get install firestarter
<sommer> flotishu_: ^^ ya.... thanks Deeps
<flotishu_> hm
<flotishu_> nop. same problem
<flotishu_> it happend after i installed kmyfirewall.
<flotishu_>  firestarter problem since i removed it , then instaled kmyfirewall. removed it. and reinstalled firestarter. http://pastebin.com/m723ea818     some apps like firefox or etherape are not runing too.  help?
<\sh> sudo iptables -L -n ; sudo iptables -F ?
<\sh> check what's in your iptables table...and flush it ...
<flotishu_> how to send a message on a windows client machine ?
<psufan> thanks guys for making my life hell
<Deeps> ?
<MenZa> welcome.
<Deeps> what did we do?
<psufan> 6.06LTS kernel is canucked
<psufan> 2.6.15 has a crash and burn nfs bug
<psufan> and you folks don't feel it warrents a fix
<psufan> and 2.6.17-22 have a root hole
<Deeps> umm....
<psufan> and 22-24 break ubuntu 6.06lts
<Deeps> i'm not on the kernel development team
<Deeps> infact, i'm not an ubuntu developer at all
<Deeps> and the beauty of floss, you can fix it yourself
<psufan> I was complaining to the developers
<psufan> no the result is I am forced to run with a root hole kernel
<Deeps> and you can use any other linux distro too
<psufan> nope can't
<Deeps> you have a support contract with canonical?
<psufan> no my boss doesn't allow changes on production boxes
<psufan> only reason I can do the kernel is it crashes and burns
<Deeps> so build your own kernel?
<psufan> I am trying
<psufan> but 2.6.16--> 2.6.22 have root holes
<psufan> 22-24 have some udev change that breaks ubuntu
<Deeps> and there are no patches for 2.6.16-2.6.22 for those root holes?
<psufan> I haven't been able to find one
<Deeps> ah well, joys of free software, nobody owes anyone anything
<psufan> didn't say anyone did
<\sh> if there are any patches, our kernel team will deal with it
<psufan> when?
<\sh> psufan, ask linus
<psufan> it's been patched for yrs
<Deeps> in the fullness of time, at the appropriate junction
<psufan> the nfs bug
<\sh> psufan, did you file a bug? or is there a bug in launchpad?
<psufan> but you guys didn't get the memo or didn't feel it warrented touching LTS
<psufan> someone already did
<Deeps> link?
<\sh> psufan, go to #ubuntu-kernel and ask them
<psufan> good idea thanks
<\sh> psufan, did you test hardy?
<psufan> I can't change distros
<Deeps> haha, looking at the logs, ivoks already told you how to fix it
<\sh> anyways ... meeting
<psufan> deeps
<psufan> how did he do that
<Deeps> 21:09 < ivoks> psufan: cd /tmp ; wget http://launchpadlibrarian.net/8736376/linux-source-2.6.15_nfsv4client.patch ; sudo apt-get install git-core ; git clone git://kernel.ubuntu.com/ubuntu/ubuntu-dapper.git ubuntu-dapper ; cd ubuntu-dapper ; patch -p1 -i ../linux-source-2.6.15_nfsv4client.patch ; sudo apt-get build-dep linux-image-`uname -r` ; sudo apt-get install fakeroot build-essential ; fakeroot dpkg-buildpackage # at this point, you might want to 
<psufan> damn
<Deeps> litterally, every single command you have to do
<psufan> I missed that one
<psufan> damn damn damn
<psufan> thx very much
<Deeps> i've had paid support that's been less useful
<Deeps> and i've had people paying me for support that have been politer
<psufan> i'm frustrated I been thru 5 kernel builds each one had some issue it caused
<psufan> and here they don't even want me to change a battery in a hot swappable ups
<psufan> without a backup plan
<Deeps> seems reasonable
<psufan> ok now I got to figure out how to readd the stock kernel source etc :p
<Deeps> anyway, good luck
<psufan> thx :)
<psufan> very much
<psufan> in my defence
<psufan> I actually did look for a patch file
<psufan> is there an official source from ubuntu for kernels
<Deeps> urr, the apt repository?
<Deeps> 'main' i believe
<psufan> how do I get a listing
<psufan> :P
<psufan> nm I think I know how
<psufan> still getting used to apt-get
<psufan> question
<psufan> when I do dpkg -l linux* I see a lot of junk I don't have anymore how do I flush the extra stuff
<psufan> or is that not the listing of stuff installed
<ogra> dpkg -l |grep ^ii |grep linux
<psufan> oh so it's only ii I have to worry about
<ogra> only the lines starting with ii show actually installed stuff
<psufan> ok cause it showed some other junk as unpacked
<ogra> the header of the output of dpkg -l has a description fo the statuses
<ogra> *of
<psufan> yeah I saw that but I was still confused a bit
<psufan> thx
<psufan> think I got it
<psufan> quick question
<psufan> ii  linux-source-2.6.15
<psufan> that means installed correct?
<_ruben> yes
<psufan> how come there is nothing in /usr/src
<_ruben> you (or someone else) deleted it?
<psufan> I just ran this
<_ruben> the package is installed, but the files that are contained in that package could have been deleted manually
<psufan> weird
<_ruben> apt wont know if you did rm -rf /usr/src/*
<_ruben> could try: sudo apt-get install --reinstall linux-source-2.6.15
<psufan> yeah but I didn't
<psufan> that's what I am doing
<psufan> it
<psufan> has been a long week mabye I did
<psufan> dunno :/
<psufan> no it really isn't
<_ruben> it really isnt what?
<psufan> apt-get install linux-source linux-source-2.6.15
<psufan> did that
<psufan> root@blade4:/usr/src# ls -la /usr/src
<psufan> total 43700
<psufan> drwxrwsr-x  2 root src      4096 2008-05-09 10:41 .
<psufan> drwxr-xr-x 12 root root     4096 2008-03-28 11:05 ..
<psufan> -rw-r--r--  1 root root    69967 2008-02-12 11:51 .config
<psufan> -rw-r--r--  1 root root 44613205 2008-02-12 12:26 linux-source-2.6.15.tar.bz2
<_ruben> there's your source
<psufan> oh it just fetches the .bz ?
<zul> mathiaz: what was that quagga bug number?
<_ruben> yup
 * psufan is really confused
<psufan> how do I make sure it's what ubuntu used in their default build
<psufan> is there a patchset or something
<zul> mathiaz: nm Ill check the backlog
<_ruben> you could reinstall the package to make sure its the right file .. and it'd include the patchset (its not a vanilla bz2)
<mathiaz> zul: https://bugs.launchpad.net/ubuntu/+source/quagga/+bug/176015
<uvirtbot> Launchpad bug 176015 in quagga "BGP MD5 support regression" [Undecided,Fix released]
<zul> mathiaz: merci
<zul> mathiaz: I guess there is a couple of bugs that could be fixed
<psufan> _ruben that's what am asking
<psufan> what is the package name for that
<_ruben> psufan: for what? the kernel source? linux-source-<version>
<psufan> yes
<psufan> but I want the one that has all the ubuntu shit in it
<_ruben> thats what it is
<psufan> ok then I am an idiot
<psufan> because I am not showing anything in /usr/src except the same tarball from 5 mins ago
<psufan> how do I verify this is not vanilla source but is the ubuntu source of the kernel in 2.6.15-51
<mathiaz> zul: in quagga ? yes
<psufan> nm I have a great idea
<mathiaz> zul: I just synced it yesterday
<psufan> ok that worked
<psufan> thx
<zul> mathiaz: k what is quagga exactly btw?
<mathiaz> zul: routing daemon
<zul> mathiaz: ah thanks
<psufan> what's the purpose of git again
<psufan> nm
<uvirtbot> New bug: #228693 in bacula (main) "bacula-director-pgsql postinstall broken" [Medium,Triaged] https://launchpad.net/bugs/228693
<uvirtbot> New bug: #228712 in cyrus-sasl2 (main) "Feature request: add patch to enable crypted passwords" [Undecided,New] https://launchpad.net/bugs/228712
<uvirtbot> New bug: #228722 in samba (main) "swat segfaults" [Undecided,New] https://launchpad.net/bugs/228722
<ivoks> anyone familiar with postgresql?
<Deeps> ivoks: i've used it a bit, not much
<ivoks> are you familiar with concepts of ROLEs?
<Deeps> it rings a bell, but i draw a blank, i'm afraid
<ivoks> ok, thanks
<ivoks> zul: here?
<zul> ivoks: yep
<ivoks> i'm working on pgsql version of bacula director
<zul> just about to step into a meeting but whats up?
<zul> ivoks: ok
<ivoks> zul: go to the meeting, this can wait :)
<mathiaz> kees: hello my good friend, mister the security man that enables crazy compiler options
<mathiaz> kees: I've been trying to merge ipsec-tools and run into this problem http://paste.ubuntu.com/11039/
<mathiaz> kees: I've looked on the wiki page but it seems that the code works as expected (ie the fwrite call is casted with (void)
<mathiaz> kees: the problem is in src/libipsec/policy_token.c - with ECHO (defined as "#define ECHO (void) fwrite( yytext, yyleng, 1, yyout )")
<psufan> defintely need to get a seperate hd for vm's on my laptop
<psufan> ugh
<sparkyy> hello everyone
<sparkyy> anyone know why root owns /usr/share/games
<sparkyy> nexuiz server 2.4 doesn't work and I think its a permissions issue
<sparkyy> atleast the one from the repos
<sparkyy> anyone?
<sparkyy> doesnt work on 7.x or 8.04
<slicslak> is your user in the games group
<slicslak> ?
<sparkyy> /usr/share/games is owned by root:root
<sparkyy> by default
<sparkyy> not by games
<slicslak> but is your user in the games group?  you need to be in taht group to play games
<sparkyy> ok
<sparkyy> so is I add it will it magically fix everything?
<slicslak> maybe
<slicslak> i don't play games :)
<sparkyy> /usr/share/games$ ls -al
<sparkyy> total 20
<sparkyy> drwxr-xr-x   3 root root  4096 2008-04-26 07:39 .
<sparkyy> drwxr-xr-x 298 root root 12288 2008-04-30 07:42 ..
<sparkyy> drwxr-xr-x   2 root root  4096 2008-04-26 07:39 fortunes
<sparkyy> ex
<slicslak> but those perms are proper
<sparkyy> root:root
<ivoks> sparkyy: that's normal
<ivoks> root owns your filesystem :)
<sparkyy> yes, but it doesnt let the game work
<sparkyy> and a regular user is not in root group
<sparkyy> ex. nexuiz-server
<ivoks> ?
<ivoks> /usr/* should be read-only :)
<ivoks> game doesn't write anything there
<sparkyy> ivoks,
<sparkyy> xxx@xxx:~$ ls -l ~/.nexuiz/data/data
<sparkyy> total 12
<sparkyy> drwxr-xr-x 2 root root 4096 2008-05-05 17:31 maps
<sparkyy> -rw-r--r-- 1 root root 8018 2008-05-05 21:23 server.db
<sparkyy> what about .nexuiz
<sparkyy> ?
<ivoks> you started the server as root
<sparkyy> that is the default and it error it out
<ivoks> and it created root-owned files
<sparkyy> doent work either way as a regular user or as root
<sparkyy> look at the .nexuiz directory above
<ivoks> so, if nexuiz works as another user - it won't work
<ivoks> you aren't listening to me
<zul> ivoks: sorry....
<sparkyy> ok, so what do you mean
<ivoks> sparkyy: you installed package nexuiz-server?
<sparkyy> ivoks
<sparkyy> yes
<sparkyy> from the repos
<ivoks> sparkyy: did it create a user?
<sparkyy> I also tried the binary from the alientrap site
<ivoks> (check in /etc/passwd)
<sparkyy> evidently not
<sparkyy> i get a boatload of errors
<ivoks> check /etc/passwd
<sparkyy> and it cant write to server.db
<ivoks> is there nexuiz user
<sparkyy> sorry I am not a the server right now
<sparkyy> sorry man its down now
<sparkyy> I dont recall seeing it
<sparkyy> it just crashed when I sudoed
<sparkyy> same crash happens with the original installer from alientrap website
<sparkyy> i extracted to /usr/local/games
<sparkyy> in that case
<sparkyy> ivoks, should I try to run it as the nexuiz user?
<sparkyy> does it create a nexuiz group?
<ivoks> i can't talk with 3 people at the same time :D
<sparkyy> sorry man
<sparkyy> I though I was the only on ehere
<ivoks> np, just wait a second
<sparkyy> =)
<sparkyy> ok thanks man
<sparkyy> =)
<sparkyy> not to worry I am on the phone now too
<Jas[er_via_UMTS> Appears that the ubuntu-server installer, in manual fdisk mode, treats a multidisk-raid volume in such a way that you can only make one partition on it. Anyone know why?
<Jas[er_via_UMTS> oops.
<Jasper--> yeah, there's an unused one.
<sparkyy> do you have hardware raid controller?
<sparkyy> is it on the supported hardware list?
<sparkyy> I have had many that dont work well in ubuntu
<sparkyy> stupid proprietary companies with closed crappy raid controllers
<sparkyy> they are donkeys
<sparkyy> =P
<ivoks> ok, where were we?
<sparkyy> ivoks
<sparkyy> sorry
<ivoks> sparkyy: ok, that .nexuiz directory is owned by root
<sparkyy> is that wrong?
<ivoks> sparkyy: so i guess you stared nexuiz server as root (with sudo)
<sparkyy> that is in my home directory
<sparkyy> well because it was root owned I did
<ivoks> what was root owned?
<ivoks> root owns firefox, but you still run it as a user, right?
<sparkyy> yes
<ivoks> most of the executables are owned by root
<ivoks> like 99%
<ivoks> but you can start them as a user
<sparkyy> does it need to be that way? Couldn't they be owned by a less powerful user than uid=0
<sparkyy> got ya
<ivoks> why?
<ivoks> you don't want 'ls' owned by nobody user
<ivoks> cause, if nobody is hacked, it can hack your 'ls'
<sparkyy> ok, never mind that
<ivoks> but if someone hacks your 'root', hackesd 'ls' is last on your problem list :D
<sparkyy> should my /home/sparky/.nexuiz be owned by root?
<ivoks> no
<sparkyy> ok
<ivoks> do this:
<sparkyy> should I swith it to my user
<ivoks> chown -R your_username:your_groupname ~/.nexuiz
<sparkyy> yup
<sparkyy> ok
<ivoks> yes, if you will start nexuiz server as a user
<sparkyy> should the nexuiz binary be set to the nexuiz group though
<sparkyy> in /usr/share/games ?
<ivoks> no
<sparkyy> should it be root:nexuiz or root:games?
<ivoks> no no no
<sparkyy> ok
<sparkyy> lol
<ivoks> don't touch anything in /usr
<ivoks> ever
<sparkyy> so I should do a rm -r from /
<sparkyy> right
<sparkyy> =P
<ivoks> ?
<sparkyy> jk
<sparkyy> i kidding
<sparkyy> =)
<sparkyy> im joking
<sparkyy> lol
<sparkyy> ok, i will change that when i get home
<sparkyy> thanks much my friend!
<sparkyy> =)
<ivoks> np
<sparkyy> have a good weekend
<sparkyy> oh, and play some video games!
<sparkyy> nexuiz rules!
<sparkyy> =6P
 * sommer doesn't think nexiuz is that great... too dark
 * ivoks doesn't even know what games are
<sommer> heh, you should try poker, I hear it's great for beginners
<faulkes-> these games you speak of, they are something -server uses?
<sommer> faulkes-: some have a server element... multiplayer games
<faulkes-> ah, so -server is a game, I see
<ivoks> ubuntu-server from games to AD
 * faulkes- goes to kill his users
<faulkes-> it *is* an FPS right?
<sommer> faulkes-: lol, oh ya!
<ivoks> good night everybody
<sommer> later on ivoks
<psufan> ugh
<psufan> I think git did something to the kernel source
<psufan> it never took 4+ hrs to make a kerne;
<faulkes-> the git or a git?
<psufan> git
<faulkes-> thank you thank you, I'll be here all week
<psufan> as in one of the commands someone me to run to patch 2.6.15 against the nfs crash and burn bug
 * psufan lost his humor on monday fighting with this shit
<psufan> it's almost like it's looping a build
<Febreze> Hi, would anyone care to help me set up a webserver?
<sommer> Febreze: do you have a specific question?
<Febreze> I'm trying to Install Xampp
<Febreze> I've got it on my desktop, although I don't understand what my "Shell" is, It's not my "Terminal" is it?
<sommer> Febreze: yep shell and terminal are usually synonimous (or however you spell that)
<Febreze> I thought so, well I've actually got the .tar file on my desktop, although the command it's telling me to enter is returning this error
<Febreze> tar: xampp-linux-1.6.6.tar.gz: Cannot open: No such file or directory
<Febreze> tar: Error is not recoverable: exiting now
<Febreze> tar: Child returned status 2
<Febreze> tar: Error exit delayed from previous errors
<sommer> Febreze: you probably want tar -xzvf xampp-linux-1.6.6.tar.gz:
<Febreze> I tried altering the filepath in "tar xvfz xampp-linux-1.6.6.tar.gz -C /opt" although it didn't help
<Febreze> Ah, I've now got a new error:
<sommer> Febreze: you probably want tar -xzvf Desktop/xampp-linux-1.6.6.tar.gz:
<psufan> is this the correct steps
<psufan> < ivoks> psufan: cd /tmp ; wget http://launchpadlibrarian.net/8736376/linux-source-2.6.15_nfsv4client.patch ; sudo apt-get install git-core ; git clone git://kernel.ubuntu.com/ubuntu/ubuntu-dapper.git ubuntu-dapper ; cd ubuntu-dapper ; patch -p1 -i ../linux-source-2.6.15_nfsv4client.patch ; sudo apt-get build-dep linux-image-`uname -r` ; sudo apt-get install fakeroot build-essential ; fakeroot dpkg-buildpackage # at this point, you
<Febreze> rsh: xampp-linux-1.6.6.tar.gz: Name or service not known
<Febreze> tar: xampp-linux-1.6.6.tar.gz\:: Cannot open: Input/output error
<Febreze> tar: Error is not recoverable: exiting now
<Febreze> gzip: stdin: unexpected end of file
<Febreze> tar: Child returned status 2
<Febreze> tar: Error exit delayed from previous errors
<Febreze> bash: -xzvf: command not found
<Febreze> Returned that error
<sommer> Febreze: ^^ when you first open a shell/terminal it starts you in the /home/username directory.  the tar file is probably in /home/username/Desktop
<sommer> Febreze: tar -xzvf Desktop/xampp-linux-1.6.6.tar.gz
<Febreze> Ooh, I get it
<Febreze> ï»¿tar -xzvf Desktop/xampp-linux-1.6.6.tar.gz
<Febreze> That's worked, hehe
<sommer> Febreze: party!
<Febreze> Thanks alot! :)
<sommer> np
<Febreze> I should learn all the Ubuntu lingo, thanks again!
<sommer> Febreze: heh, you're welcome
<cody-somerville> I installed ebox but I can't access it from localhost/ebox : /
<sommer> cody-somerville: did you do https ?
<cody-somerville> ah! :) thanks
<sommer> :)
<cody-somerville> weee
<cody-somerville> ebox is buggy.
<AtomicSpark> i'm trying to set up drupal. to get the .htaccess files to be able to override php and apache settings, i have to remove "allowoveride none" in the sites-available file correct?
<elventear> I am having a problem with Xen that is more related to networking, so it could be generic and not a Xen bug: Traffic going into one of my domUs virtual interfaces is not coming out the other end through the dom0 bridge/virtual interface. Any ideas of what to try? This seems to be selective some of my local IP lans, not all traffic, but still is weird. Any ideas on what to try to troubleshoot this?
<psufan> hey deep
<psufan> you know that fix you found for me in a irc log
<psufan> it's 100% broken
<psufan> 4+ hrs later it's still looping the same compile over and over
<AtomicSpark> states "Note, however, that setting PHP configuration options from .htaccess only works: if the .htaccess file is actually read, i.e. AllowOverride is not None"
<sommer> AtomicSpark: I set mine to AllowOverride All, when I need to use .htaccess files
<AtomicSpark> sommer, alright thanks. the default lamp install for ubuntu doesn't seem to like drupal very much. i'm trying to get it to work. of course it failed to work on my webhost lol.
<AtomicSpark> but everyone seems to like drupal so i'm trying it out.
<sommer> ya drupal's popularity has increased a lot lately, I use joomla myself
<AtomicSpark> do you know anything about GD library? drupal claims it's installed by default but i think with ubuntu's LAMP i need to install it manually.
<sommer> AtomicSpark: sudo apt-get install php5-gd will install it
<AtomicSpark> alright. that's what i thought. thanks :0
<sommer> AtomicSpark: once installed you'll need to restart apache to allow the new php module to load
<AtomicSpark> :)
<Febreze> Sommer, you're great. Thanks again hehe
<sommer> welcome
<AtomicSpark> ack. i got this message "Fatal error: Allowed memory size of 16777216 bytes exhausted (tried to allocate 167361 bytes) in /var/www/drupal/includes/database.inc on line 218"
<AtomicSpark> the .htaccess should of increased the memory limit -_-
<sommer> AtomicSpark: you might have to increase the memory in /etc/php/apache2/php.ini
<AtomicSpark> ah. thanks for the path :)
<sommer> AtomicSpark: np
<AtomicSpark> sommer, there is no php folder in my etc.
<sommer> AtomicSpark: woops... make that /etc/php5/apache2/php.ini
<AtomicSpark> drupal is kindof a bitch to set up imo lol
<AtomicSpark> oh wait. according to the status report, it's already set at 16 M
<AtomicSpark> so it should be fine.
<sommer> AtomicSpark: mmmm... from the error it tried to alocate slightly more than 16MB, so you should probably bump it to at least 32M
<AtomicSpark> oh good. it set up cron too. everything looks fine now. :) next task: configure mail server.
<AtomicSpark> but that will have to wait. brb.
<AtomicSpark> okay back. yay for moving a bunch of mattresses!
<AtomicSpark> sommer, still there?
<sommer> AtomicSpark: yeppers
<AtomicSpark> so postfix has 3 options during config. i'm not sure which one to use. basically all i want is our server to be able to send email i guess. we use google aps for our company email.
<AtomicSpark> any suggestions?
<sommer> AtomicSpark: the postfix section of the serverguide is pretty good: https://help.ubuntu.com/8.04/serverguide/C/postfix.html
<sommer> AtomicSpark: the "internet" server options should work fine for you I'd think
<AtomicSpark> sommer, i should beable to configure it for google aps actully. just like i did our webhost.
<sommer> sure
<AtomicSpark> so basically right now our mail is going to our web host (which has sendmail) and that is forwarded to our google aps via mx records.
<AtomicSpark> all very confusing :P
<Jasper--> anyone happen to know if ubuntu systems sometimes boot off the swap?
<Jasper--> strangely enough the swap got the bootable flag.
<Jasper--> 2 disks, each with the following: swap, half a raid1 with /boot, half a raid1 with LVM with / and /var, another half a raid0 with lvm with storagespace.
<Jasper--> pure software raid, I don't have hardware raid and I will never, ever do firmware  raid.
<limbeaux> should the lamp server choice during setup have cgi ready to go or do i need to take more action?
<AtomicSpark> limbeaux, should be ready to go. the default website config has cgi paths in it. you just need to put your scripts in that path.
<limbeaux> thanks!!  are the paths listed in apache2.conf?
<limbeaux> i have to set up file sharing portal for files that are too big for email (not p2p)   anyone have any suggestions?
<AtomicSpark> limbeaux, no by config i ment /etc/apache2/sites-available/default
<AtomicSpark> the "default" is the default site file. in there it has the cgi paths.
<AtomicSpark> path should be /usr/lib/cgi-bin/
<limbeaux> thanks again!!  just learning this. i did google it before i asked, but I mostly found instruction on apache1
<limbeaux> i do appreciate your help
<good_dana> chown games /usr/share/games ??
<good_dana> wow i just replied to something like 5 hours up... i should learn to look at my scroll bar
<Jasper--> well, in this particular channel 5 hours isn't *that* many lines
<good_dana> this is true
<limbeaux> anyone use ebox?
<hossam> join #vbox
<limbeaux> actually  i was looking for an opinion, not support
<hossam> hello has anyone successfully created a vmdk that points to an internal hard drive in virtualbox? i keep getting a strange error
<hossam> (amd64 8.04)
<AtomicSpark> i just set up bind9 as a master server. heh.
<AtomicSpark> yay for first time!
 * AtomicSpark crosses fingers
<AtomicSpark> seems to work. although mydomain.com still points to the internet's www.mydomain.com (it should point to server) is that just dns cache? how do i clear it?
<Deeps> what OS?
<Deeps> oh, locally on the server
<AtomicSpark> ubuntu 8.04
<Deeps> /etc/resolv.conf points to localhost?
<AtomicSpark> i'm testing from my ubuntu client. trying to see if the new dns server is working, which it is. but the domain still points to the internet site which it should point to the intranet site.
<AtomicSpark> i guess i could remove the forwarders for a second and see what happens. although my dig output seems correct.
<AtomicSpark> ah. it's being cached by the router. ill restart that. brb.
<AtomicSpark> nvm. was wrong. firefox caches it!
<AtomicSpark> just go into offline mode and back clears it. it works now. :)
<AtomicSpark> hmm. www.mydomain.com doesn't work now. ill have to add an www entry.
<AtomicSpark> we have a shared host for our website (lame) or our real IP address is 12.34.567.8/~username/ if i want to access it without using the domain name. i can't put this as an A record can i? (because of the extra stuff behind ip address)
<AtomicSpark> *for not or
<Deeps> no
<Deeps> you need to get your webhost to configure a vhost for you
<AtomicSpark> its all set up, i just can't see it from our network because i'm using the same domain. was thinking of having domain.com our intranet and www.domain.com point to the webhost
<Deeps> if you're using bind, google views
<Deeps> although more appropriately, you'd want intra.domain.com or somesuch to be your intranet hosts
<AtomicSpark> hmm. interesting.
<AtomicSpark> i'd host our website here but there is a lack of bandwidth.
<AtomicSpark> maybe we should think about what we want to do with our website. we only have a month left and should decide what to do before signing another contract
<AtomicSpark> the problem is we can't do anything neat like drupal because of the limitations of the shared web host.
<AtomicSpark> YES. upon deleting everything in my public_html folder, drupal works with no errors. :)
<brocebeats> well i am trying to set up an svn on an ubuntu webserver where it uses webdav as the protocol and you can only access the svn via the subdomain
<brocebeats> I have the svn up and running but it is available in every domain not just that subdomain
<brocebeats> i added a vhost
<brocebeats> to /etc/apache2/sites-available
<brocebeats> http://pastebin.ca/1013239 <---- is my virtual host
<brocebeats> and that is the only time i call on the svn dav
<brocebeats> I cant figure out how to make it only work on the subdomain
<pdragon> I just tried to upgrade 6.06 server to 8.04  via the command line and it's failing out with this error: http://paste.ubuntu.com/11198/
<pdragon> anyone help?
<brocebeats> wow and your root :-/
<pdragon> yep
<pdragon> was trying with just sudo and thought that may have been why. so i did sudo -s and tried with the same result
<sommer> pdragon: are you trying to upgrade to hardy?
<pdragon> yes
<sommer> then you don't need the -d... the -d is for development releases, and hardy has been released :)
<pdragon> if i don't have the -d it says no upgrades are available
<sommer> is the system up to date?
<pdragon> yes
<bog> sommer: I get the same result without -d
<pdragon> ran apt-get ugrade and apt-get dist-upgrade
<pdragon> well, least i know why i was getting that other error. slowly getting there :)
<sommer> pdragon: try apt-get update then apt-get upgrade then do-release-upgrade
<pdragon> i did
<pdragon> no updates available
<sommer> dist-upgrade isn't the best for ubuntu
<pdragon> will run again
#ubuntu-server 2008-05-10
<sommer> what version of update-manager-core do you have?
<pdragon> 0.56~dapper5
<pdragon> just installed it
<pdragon> ran apt-get update and upgrade again then do-release-upgrade. still nothing
<pdragon> do i have to change anything in the sources.list file?
<sommer> hrmm... that's the latest
<sommer> not really sure... I think the -d doesn't work because it would be trying to install intrepid, which isn't built yet
<pdragon> when i do the -d it's grabbing hardy.tar.gz though
<pdragon> http://paste.ubuntu.com/11198/
<brocebeats> any clue on subversion sommer
<bog> https://help.ubuntu.com/community/HardyUpgrades says for 6.06 server to hardy, that the -d switch is needed
<sommer> pdragon: mmmm... should have looked at the error closer, I thought the -d switch wasn't needed
<sommer> bog: ya, looks like it isd
<sommer> err, is
<sommer> bog: you're getting the same error?
<bog> sommer: I'm getting a different errorâ¦ putting it together now
<sommer> pdragon: what happens if you do sudo do-release-upgrade -d ?
<pdragon> sec
<sommer> pdragon: from a non-root user
<pdragon> same exact thing
<bog> I get these errors from the end of the do-release-upgrade -d and the end of the main.log file: http://paste.ubuntu.com/11199/
<bog> I am also attempting to upgrade from dapper to hardy
<bog> it looks like it tries to remove ubuntu standard for some reason?
<bog> (sorry, ubuntu-standard)
<sommer> bog: and your box is up to date ?
<bog> yes, ran update, upgrade, dist-upgrade
<sommer> pdragon: it looks like a but to me
<bog> same version of update-manager-core
<sommer> bog: did it install a log of packages when you did dist-upgrade
<bog> sources.list matches what is here: http://ubuntu-tutorials.com/2008/04/03/dapper-to-hardy-direct-server-upgrade-works/
<sommer> because that's sort of the same as do-release-upgrade
<bog> sommer: it did update some packages, and I have restarted since then
<sommer> bog: is your /etc/apt/sources.list still dapper?
<bog> yes
<sommer> I'm not sure, I've never really used apptitude... you might file a bug with the output attached
<bog> ok, thanks for looking into it
<pdragon> going to try a post on the install/upgrade forums
<pdragon> thanks for trying to help :)
<sommer> you're both welcome, kind of strange because I upgraded several times using the prereleases
<brocebeats> gah this is so frustrating
<pdragon> http://ubuntuforums.org/showthread.php?t=788455
<pdragon> quick response
<pdragon> think that would work?
<sommer> ummm maybe, but is your server production?
<pdragon> yes
<pdragon> i'm typing that reply now
<pdragon> hoping for a more firm response from someone :)
<sommer> ya, I'd probably file a bug and get something more concreate... at least that'd feel safer to me
<sommer> concrete even
<pdragon> which would be the best place to file the bug?
<sommer> pdragon: also if you have another machine that you could setup as a "clone" (same services/date) it'd probably be worth testing first
<sommer> pdragon: launchpad.net against the update-manager-core package
<pdragon> no, i don't. this isn't really a critical system. just my personal web server
<pdragon> i run some things for friends, though, so would like to avoid extended down times :)
<sommer> ah, I guess you have to weigh the possible down time, before trying something like that... at least withouth testing first
<pdragon> yeah, i could recover from a clean install. would just take a lot longer
<Deeps> clone it to a virtual machine
<Deeps> using virtualbox or vmware server
<pdragon> hmm... not 100% sure how to do that, but i'll look into it. thanks!
<bog> pdragon: I've seen elsewhere that changing your sources.list to point to hardy without doing do-release-upgrade is not a good idea
<bog> also, it may make more sense to upgrade to each incremental release insteadÂ (which would be a bit of a pain)
<bog> I just filed my bug and hope it gets fixed
<brocebeats> I am trying to create an ssl certificate using apache2-ssl-certificate
<brocebeats> but i get an error
<brocebeats> error on line -1 of /usr/share/apache2/ssleay.cnf
<brocebeats> 22156:error:02001002:system library:fopen:No such file or directory:bss_file.c:122:fopen('/usr/share/apache2/ssleay.cnf','rb')
<brocebeats> 22156:error:2006D080:BIO routines:BIO_new_file:no such file:bss_file.c:125:
<brocebeats> 22156:error:0E078072:configuration file routines:DEF_LOAD:no such file:conf_def.c:197:
<brocebeats> any clue how to fix that
<brocebeats> well i am trying to set up an svn on an ubuntu webserver where it uses webdav as the protocol and you can only access the svn via the subdomain
<brocebeats> I have the svn up and running but it is available in every domain not just that subdomain
<brocebeats> i added a vhost
<brocebeats> to /etc/apache2/sites-available
<brocebeats> http://pastebin.ca/1013239 <---- is my virtual host
<brocebeats> and that is the only time i call on the svn dav
<RoAkSoAx> brocebeats, your pastebin is invalid
<brocebeats> ok hold on
<brocebeats> RoakSoax http://pastebin.ca/1013353
<RoAkSoAx> brocebeats, do you have another virtual hosts for the same domain?
<brocebeats> no
<brocebeats> But i dont have a default vhost
<brocebeats>  sudo apache2ctl -t -D DUMP_VHOSTS
<brocebeats> VirtualHost configuration:
<brocebeats> 88.131.101.106:*       svn.ntorrents.net (/etc/apache2/sites-enabled/svn.ntorrents.net.conf:1)
<brocebeats> wildcard NameVirtualHosts and _default_ servers:
<brocebeats> *:443                  is a NameVirtualHost
<brocebeats>          default server fry.1g.se (/etc/apache2/sites-enabled/ssl:2)
<brocebeats>          port 443 namevhost fry.1g.se (/etc/apache2/sites-enabled/ssl:2)
<brocebeats> Syntax OK
<brocebeats> sorry flood
<brocebeats> i think that may be the issue and the person who admined this server used a module called autoindex
<RoAkSoAx> brocebeats, wht will happen if you remove server alias... this is how i usually configure virtual hosts: http://pastebin.ubuntu.com/11211/
<brocebeats> i know i tried that
<brocebeats> I have an idea though
<RoAkSoAx> what is that
<RoAkSoAx> try removing ServerAlias and see what happes
<brocebeats> nope
<brocebeats> still has that issue
<RoAkSoAx> brocebeats, so try addind a virtual host for www.xxxx.net and xxx.net with different documentroot and then another for your svn and see what happens
<brocebeats> still the same issue
<RoAkSoAx> maybe it's not updating then...
<Achoth> I just installed apache2 and opened up port 80, but still I can only access the page from my internal IP, not the external. How do I fix this?
<RoAkSoAx> Achoth, do you have a router?
<Achoth> RoAkSoAx: Yes I do
<Achoth> And I've forwarded port 80 to this computer
<RoAkSoAx> Achoth, have you restarted your router?
<RoAkSoAx> (after openning the port)
<Achoth> Nope
<Achoth> Is that neccecry?
<RoAkSoAx> yes
<Achoth> Oh
<Achoth> Then I will see you in a couple of minutes
<Achoth> brb
<RoAkSoAx> sometimes the router does not take the changes after you reboot
<RoAkSoAx> ok
<Achoth_> Wohoo!
<Achoth_> It works!
<Achoth_> Thanks RoAkSoAx :)
<RoAkSoAx> Achoth, rock on!!
<RoAkSoAx> Achoth, yw
<Achoth_> Now those 3 hours of trying to solve my problems seems... pointless
<RoAkSoAx> hahaha lol... that happens... Achoth_ when i just changed routers from broadhand to dsl ones... had the same issue
<Achoth_> annoying :/
<RoAkSoAx> well a lil price to pay to have NAT working... lol
<cody-somerville> I get the following error when I try to connect to a domain I setup with ebox on another server on my lan:
<cody-somerville> http://pastebin.ca/1013418
<hotmonkeyluv> I have 5 hard drives, each with 1-2 partitions on them, how do I get them to automatically mount? I selected "do not use this partition" when i was installing (don't know why, stupid me...)
<brocebeats> this is so frustrating
<brocebeats> well i am trying to set up an svn on an ubuntu webserver where it uses webdav as the protocol and you can only access the svn via the subdomain
<brocebeats> I have the svn up and running but it is available in every domain not just that subdomain
<brocebeats> i added a vhost
<brocebeats> to /etc/apache2/sites-available
<brocebeats> my vhost is perfect
<hotmonkeyluv> how can I find the uuid of a disk if it's not mounted?
<brocebeats> I have created an svn and want it to host at svn.ntorrents.net.  Everything I read said you create a file in sites available and then enable it with a2ensite <my_site_name>. So thats what I did i showed you my vhost site file http://pastebin.ca/1013353.  the problem is that the svn is accessable from any site on the server.  I can go to http://mydomain.net/trunk or svn.mydomain.net/trunk or subdomain.mydomain.net/trunk all go to the svn meaning my p
<hotmonkeyluv> are UUIDs created new each time the system boots?
<nealmcb> hotmonkeyluv: if you mean file system uuids - no those are set when the file system is created, I think.  but uuids are used for many other things also - see wikipedia
<hotmonkeyluv> thanks nealmcb
<nealmcb> hotmonkeyluv: my pleasure
<vagothcpp> How can I copy 8gb of files over a LAN using ubuntu server 7.10 from console?
<vagothcpp> Can anyone help me please, I am new to linux?
<privet> vagothcpp: so the one machine is ubuntu. what is the other one?
<privet> vagothcpp: cause you can use either scp, smbclient or even ftp... depends on what the machines/OS's are
<vagothcpp> It is windows
<vagothcpp> What can I do if it is a WindowsXP box?
<privet> then best is to use smbclient
<vagothcpp> Okay, ty
<privet> vagothcpp: on the ubuntu machine you can do: "smbclient //IP/share"
<vagothcpp> Thank you
<hotmonkeyluv> my computer can't assign mount points to ntfs partitions when I'm installing ubuntu server
<hotmonkeyluv> is that normal?
<privet> hotmonkeyluv: what is the error that you get?
<hotmonkeyluv> privet: the attemp to mount a file system with type ntfs in scsi1 (0,0,0), partition #1 (sda) at /sda1 failed
<hotmonkeyluv> then it says: you can resume partitioning (and then it takes me back to the partitioning menu)
<privet> are on a already installed server, or busy witht he install
<hotmonkeyluv> i'm installing it now
<privet> hotmonkeyluv: no need to do anything with it during the parttion.
<privet> mount it after you have installed the OS
<hotmonkeyluv> privet: I can set it up later, right?
<hotmonkeyluv> ok
<hotmonkeyluv> thanks for the help!
<vagothcpp> How do I set a DNS Server for an ethernet connection?
<vagothcpp> Any links?
<hotmonkeyluv> how do I install a .deb via the cli?
<hotmonkeyluv> nvmd, i jfgi'd it
<uvirtbot> New bug: #228917 in logwatch (main) "Filter/group some of postfix log output" [Undecided,New] https://launchpad.net/bugs/228917
<kraut> moin
<igoogg> how do i confirm 'sendmail -t -i' is working after installing postfix?
<igoogg> php calls /usr/sbin/sendmail -t -i when i try to send an email, php returns no error. but i am not receiving a mail.
<igoogg> https://help.ubuntu.com/8.04/serverguide/C/postfix.html  <- followed every single step to set up postfix.
<uvirtbot> New bug: #228947 in samba (main) "During shutdown samba shares should be unmounted before network connection is shut down" [Undecided,New] https://launchpad.net/bugs/228947
<LMJ> hi
<LMJ> Is anyone knows here if it's possible to 'hot'switch from soft RAID1 to soft RAID5 ?
<Jasper--> you have a raid1 with 2 drives, and you want to go to a 3+drive raid5?
<LMJ> yes
<LMJ> had a 3rd drive and switch to RAID5
<Jasper--> depending what you mean by hotswitch that should be possible. Degrade the radi1 array to single drive, then you have the one old drive and the newer drive, set those up as a 2-out-of-3 degraded raid5, dd the data over, edit boot stuff and reboot if it's the /,, and then add the last drive to the raid5
<LMJ> sound not impossible
<Jasper--> that should work in theory.
<Jasper--> Make backups. :P
<LMJ> yes, but I have a meta-physical issue ;)
<LMJ> look :
<LMJ> http://tldp.org/HOWTO/Software-RAID-HOWTO.html : If you use N devices where the smallest has size S, the size of the entire array will be (N-1)*S  for RAID5 but only  (N/2)*X
<LMJ> (N/2)*S**
<LMJ> If I have 2 x 500GB HD : it will make 500GB on RAID1  on RAID5 with a third disk, it should make 1TB online
<Jasper--> yup.
<LMJ> that's sound a problem for me
<Jasper--> hm.
<LMJ> for livemigration
<Jasper--> yeah, I'm missing a step
<LMJ> so am I
<LMJ> ;)
<Jasper--> dd it over, then expand the partition and filesystem to fill the now twice as big room.
<Jasper--> depends on what exactly is on the raid device whether that'll work
<Jasper--> the ubuntu server installer apparently treats a raid device you create with it as a partition-equal block device, so I *think* you should be able to dd it over from one /dev/md to the next and then just grow the fs, without worrying about the nonexistent partition table -- otherwise you could manually fdisk in between there.
<Jasper--> If you've got / on the fs in question you should probably run either in single user or from a livecd while doing it all, though.\
<Jasper--> otherwise, just have the fses unmounted.
<LMJ> it's only data
<LMJ> I think I will backup the data on other HDs, setup the RAID5 and copy back my stuff
 * delcoyote hi
<Jasper--> LMJ: That'll work, too, but it's essentially what you're doing anyway.
<Jasper--> just that from a mirror set you can 'rescue' a drive by putting it into degraded mode and on a raid5 you can 'save' a drive by setting it up degraded
<Jasper--> the latter in particular will probably result in a amjor performance hit, though
<MatBoy> mhh, I have a lot of garbage after removing xen, still modules and so on
<MatBoy> this is annoying, dpkg says packages are installed and apt-get can't remove them :S
<MatBoy> fixed that part :)
<dennister> hey channel...having a real mounting problems with cifs...not used to it, but smbfs is deprecated, so I might as well get this right
<dennister> the first of a series of error messages in dmesg is: CIFS VFS: Error connecting to IPv4 socket. Aborting operation
<dennister> followed by: CIFS VFS: cifs_mount failed w/return code = -111
<dennister> none of my web searches is probing fruitful, and my fstab entry for my samba shares does result in the shares being fully browseable/writable by other machines on the network
<dennister> anyone got any ideas?
<sommer> dennister: you might try this: echo 1 > /proc/fs/cifs/cifsFYI
<sommer> dennister: then try mounting the share using the mount -t cifs command... there should then be more output in /var/log/syslog
<dennister> sommer: your echo line gave me a 'permission denied', both as a user and as root
<dennister> but i have found something of itnerest: using kde, system settings--->network settings--->domain name system, I see that I have not IPv4 listed, only ip6
<sommer> dennister: ah, the command failed, because sudo has a different environment which causes the redirect to behave differently... one sec
<sommer> dennister: ah, try:  sudo sh -c 'echo 1 > /proc/fs/cifs/cifsFYI'
<sommer> that should give you more output
<dennister> sommer: i'm afraid it didn't give me more output in /var/log/syslog, not that I can see, although i didn't get an error code in terminal
<sommer> mmm... did it work then?
<sommer> dennister: and you have the smbfs package installed correct?
<dennister> sommer: depends on what you mean by "work"...i probably won't be able to tell until i reboot...i do have smbfs, yes
<dennister> i did doublecheck that
<sommer> dennister: if you can mount it once it's booted it should mount using fstab... at least that's the theory :)
<dennister> ok, let me reboot once or twice...bbs
<mralphabet> can't you do a mount -a cifs to check instead of having to reboot?
 * mralphabet shrugs
<sommer> heh, guess not
<dennister> sommer: the echo line didn't do much after the reboot, i'm afraid, but someone suggested i do the noauto option in fstab, and then try mounting cifs shares manually in terminal, that worked fine
<sommer> dennister: bonus!  ya, /proc isn't a regular filesystem it's only in memory, so when you reboot changes aren't saved
<MatBoy> can I use the LV UUID as a normal UUID in fstab ?
<MatBoy> or do I need to use LV UUID in the fstab ?
<dennister> sommer: ok, a friend has come online whom I know personally, and is a total guru about these and other networking things...will also be able to help me finish this pxe install server
<dennister> so ty for your help, today and the other day with getting samba reinstalled properly on the other hardy machine:-)
<sommer> dennister: you're welcome
<MatBoy> ah, lvm seems to be fun
<sommer> MatBoy: what are you trying to do?
<nxvl> does anyone knows where i can find the svg of the server team logo?
<Twigathy> Hi, how do I install vmware-server for an 8.04 system? http://archive.canonical.com/ubuntu/dists/gutsy/partner/binary-i386/Packages suggests I should be able to do "apt-get install vmware-server" but it comes back with "Couldn't find package vmware-server"...
<Twigathy> oh wait, hardy :D
<il_bonsai> someone can help to install a web server on ubuntu server 7.10
<Twigathy> lame. It's not packaged for hardy :(
<il_bonsai> mail server sry
<il_bonsai> someone can help to install a mail server on ubuntu server 7.10
<il_bonsai> someone can help me please
<sommer> il_bonsai: what kind of mail server are you wanting to setup?
<il_bonsai> to setup emails for my own company
<il_bonsai> it should probably be fast and secure
<sommer> il_bonsai: the default mta for ubuntu is postfix, the serverguide has the steps to configure: https://help.ubuntu.com/8.04/serverguide/C/postfix.html
<il_bonsai> and a very lightweight
<sommer> il_bonsai: I think you'll be happy with postfix :)
<il_bonsai> yesterday i installed the webmin and it shows that the dovecot is installed
<il_bonsai> but its not
<sommer> il_bonsai: webmin isn't recommended for ubuntu, because of the way it changes package configurations
<il_bonsai> 10x sommer
<sommer> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system. See !ebox instead.
<il_bonsai> if i have any problem i ask you
<il_bonsai> ok
<sommer> I may not be around all day, but it's usaually best to just ask the channel, because someone else will probably know the answer
<il_bonsai> i dont use it that much
<il_bonsai> i just installed it to try it
<Deeps> !ebox | il_bonsai
<ubottu> il_bonsai: ebox is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/eBox
<il_bonsai> so the ebox is much better than the webmin?
<Deeps> it's recommended over webmin for debian/ubuntu based systems
<Deeps> whether it's better or not is very subjective
<Deeps> https://help.ubuntu.com/7.10/server/C/email-services.html
<Deeps> is also probably relevant to your interests
<il_bonsai> i try it after installing the postfix
<il_bonsai> the postfix is a graphical server or ccommandline?
<Deeps> i dont know if it has a gui, i've only used it command line
<Deeps> see https://help.ubuntu.com/7.10/server/C/email-services.html for help on how to configure various mail services, including postfix
<sommer> actually the current guide is: https://help.ubuntu.com/8.04/serverguide/C/email-services.html
<il_bonsai> how to open it as a commandline?
<sommer> but thanks for the link Deeps
<sommer> :)
<Deeps> il_bonsai: he's using 7.10
<Deeps> urr
<Deeps> sommer: ^^
<sommer> Deeps: oh, woops missed that
<Deeps> sommer: np, thanks for playing :)
<il_bonsai> 10x to all of you for helping me
<sommer> Deeps: heh, gotta play to win
<Deeps> true.dat
<il_bonsai> one last question
<il_bonsai> how to run the postfix please
<il_bonsai> cause i don't know taht much how to run programs using commandline
<sommer> il_bonsai: postfix runs as a service, it can be stopped and started by using /etc/init.d/postix start|stop|restart
<AtomicSpark> I need a CNAME to point to a shared host address. For example "www N CNAME 12.34.567.8/~username," will this work? If not, how do they point domain names to these hosts?
<Deeps> no
<Deeps> again, you need to get your web host to create an virtual host
<AtomicSpark> X(
<Deeps> if you are your own web host and you're using apache, read up on the VirtualHost directive
<AtomicSpark> interesting.
<AtomicSpark> i know an easier fix. make the local domain .local
<AtomicSpark> .local is one of the upper-level domains that don't route correct? i think i read that somewhere
<Deeps> .myperonaltld doesn't route either
<AtomicSpark> just checking. i think i got that information from win smb 2003 server. who knows if they're right. ;)
<ScottK> .local is a non-existant TLD.  Depending on your DNS server, it may still ping the root servers and discover it doesn't exist.  Not sure exactly what you mean as routing and DNS aren't exactly related.
<ScottK> With a DNS name lookup you either discover records or not.
<Konam> how do I tell to ubuntu to pick the data from my DHCP server and not the router?
<Nafallo> Konam: turn off the DHCP on the router :-)
<Konam> Nafallo that's it? I won't have to indicate the direction of the DHCP router or anything or dhclient will look for it?
<Nafallo> Konam: DHCP broadcast their querys if they can't find a known DHCPd.
<AtomicSpark> Konam, you shouldn't have two DHCP servers running on the same subnet unless you have them master/salve or something crazy.
<Konam> AtomicSpark yes, thanks for the info
<AtomicSpark> you know what's really fun? use static ip's across your network and then set up DHCP to give addresses of unrouterablness. then when an intruder gets on your network, they can't see anything. lols.
<Konam> AtomicSpark but the authoritative line in the dhcpd.conf isn't just for that, to become the main dhcp server even though it wasn't the only one? or am I wrong?
<AtomicSpark> Konam, yes you can set up hierarchy but since it's a router. it's not very smart. so it will interfere with your plans.
<Deeps> Konam: suppose both your router and your ubuntu server are both configured as authoritative, what happens then?
<Deeps> Konam: or more accurately, do you know how your router's dhcp server is configured?
<Konam> Deeps No :|
<Konam> but I was just asking to make sure that the authoritative line was for what I thought it was
<Deeps> from what i read in the man pages, i'd agree with your assessment, assuming only 1 server is configured using that directive
<AtomicSpark> Konam, it's kindof random. I know when we play around with DCHP at school and SOMEONE DOESNT UNPLUG THE INTERNET, it gives people bad addresses. man does that piss off the IT departement.
<AtomicSpark> they have to shut down our classroom's port haha
<AtomicSpark> but anyways, I use the router at work to give out DCHP addresses. I find a single location to configure internets is much easier.
<Konam> AtomicSpark when you specify a subnet and its netmask but doesn't specify its range, no data will be sent to the clients on that subnet?
<AtomicSpark> Konam, not sure. you're setting up DCHP correct?
<Konam> AtomicSpark no, I'm just reading dhcpd.conf :)
<Konam> but I thought the DNS adresses were delivered, at least
<AtomicSpark> Konam, you have to send IP/subnet if you want to send DNS. DNS is optional but you can't just send it.
<AtomicSpark> works one way not the other kind of thing
<Konam> gotcha
<Konam> I will have to set another vm with xubuntu or some other distro to some of those things out
<Konam> to test*
<timboy> i'm having an issue with ssh. I can access it in network but not out of network... on my router i'm forwarding 22 to my box. do you think that my router is lying to me and not really forwarding the port?
<privet> timboy: can you run something like tcpdump on your router?
<timboy> privet, unfortunately no.
<privet> okay. then run it on your ubuntu server that are making the connection too.
<privet> that will show if you are really connecting to the server yout hink you are connecting
<timboy> privet, not familiar with tcpdump... what do i need to pass it?
<privet> timboy: how are you connected onthat server? you on the console?
<timboy> yeah on console
<privet> sudo tcpdump -i any -n port 22
<privet> timboy: "-i any" = any/all interface
<MatBoy> mhh, not any good openvz controlpanel that runs on ubuntu
<privet> timboy: "-n" = do not resolve DNS names
<timboy> wow i just got a ton of console stuff...  it just keeps repeating the ip of my server and the ip of the computer i'm on console with
<privet> timboy: but then you are already ssh'd into the server...
<MatBoy> www.
<timboy> yes locally
<privet> timboy: try sudo tcpdump -i any -n port and not host MYIP
<privet> timboy: MYIP is the IP you are currently connecting from
<timboy> tcpdump: WARNING: Promiscuous mode not supported on the "any" device
<privet> timboy: that is fine... if it bothers you, you can just replace "any" with the itnerface name.  like "eth0"
<timboy> sudo tcpdump -i eth0 -n port 22 not host 192.168.0.136 gives me syntax error. also tried sudo tcpdump -i eth0 -n port 22 not 192.168.0.136 same error
<privet> ...22 and not host...
<timboy> don't get it
<timboy> i already have 22 in there
<privet> sudo tcpdump -i eth0 -n port 22 and not host 192.168.0.136
<privet> *and*
<timboy> ok thx
<timboy> ok so must be router doesn't see when i try to get in from outside world
<timboy> just for the record I hate my 2wire dsl modem
<timboy> i'm pretty sure it's gay
<timboy> thx privet
<privet> timboy: you should see either the "internet IP" that you are attemping the connection from.
<privet> or the LAN IP of your DLS router/modem
<timboy> privet, it doesn't show anything so that means it's not coming through the modem right?
<privet> timboy: yup
<timboy> nice well i've got some good firewood now ;)
<Navop> In the zone table of Bind must you use a description.exaple.com or can you use a fictious name like p4 without the example.com
#ubuntu-server 2008-05-11
<hotmonkeyluv> how do I start fluxbox from a terminal?
<uvirtbot> New bug: #229119 in samba (main) "package samba 3.0.28a-1ubuntu4 failed to install/upgrade: subprocess post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/229119
<Navop> In  the perfect Server tutorial they use server1.example.com, can i use my domain name like abc.navop.com and hostname will be abc
<Kamping_Kaiser> not sure i get your question
<Navop> what i'm asking is that i can use any hostname with my registered domain name like hostname= egor, domaine = navop.com
<Kamping_Kaiser> yes
<Navop> In this example, my system is called server1.example.com, so I enter server1, this is from the howtoforge "the perfect Server"
<Navop> k thanks
<Kamping_Kaiser> that doesnt ensure you can see it from the net, its just a naming thing
<Navop> k
<willwill> hello, I just upgrade my server to hardy (using update-manager on icewm) and X server freezed so I hit the magic sysrq reboot then found that /var /home is not mounted
<willwill> so I mounted and dpkg --configure -a
<willwill> after that, I cannot start apache2
<Kamping_Kaiser> and the error is . ..?
<willwill> it said ok but I cannot lynx localhost and /var/log/apache2/error.log says nothing
<willwill> Kamping_Kaiser: don't know. the initscript said ok and /var/log/apache2/error.log says nothing
<Kamping_Kaiser> willwill, what about syslog?
<willwill> Kamping_Kaiser: /var/log/messages?
<willwill> the last line said localhost exiting on signal 15
<Kamping_Kaiser> willwill, /var/log/syslog
<willwill> and 5 above lines is tcp packet incoming
<willwill> Kamping_Kaiser: I got the same results
<Kamping_Kaiser> willwill, restart apache then pastebin the last 40 lines of syslog please.
<willwill> Kamping_Kaiser: http://pastebin.com/d23ccfef4
<willwill> hi {Roger-BBIAB}
<willwill> oh sorry, my script
<Kamping_Kaiser> i suspect this is related. [warn] The Alias directive in /etc/apache2/apache2.conf at line 240 will probably never match because it
<willwill> Kamping_Kaiser: I can start apache2 with that message in Gutsy
<willwill> and it is up for many days
<willwill> I also cannot ssh to my server
<Kamping_Kaiser> willwill, are you using vhost based hosting? perhaps your dns is mia
<willwill> Kamping_Kaiser: I don't install dns server. I use dyndns with inadyn.
<willwill> Kamping_Kaiser: I use some virtualhosts.
<Kamping_Kaiser> hm.
<Kamping_Kaiser> i'm not sure, hang around and hopefully someone else will be able to lend a hand
<willwill> thanks.
 * delcoyote hi
<Kamping_Kaiser> ubottu, hi
<ubottu> Hi! Welcome to #ubuntu-server!
<Kamping_Kaiser> info vrms
<bicz> info cups
<willwill> I just upgrade my server to hardy (using update-manager on icewm) and X server freezed so I hit the magic sysrq reboot then found that /var /home is not mounted
<willwill> so I mounted and dpkg --configure -a
<willwill> after that, I cannot start apache2
<willwill> it said ok but I cannot lynx localhost and /var/log/apache2/error.log says nothing
<willwill> Here is last 40 lines of /var/log/syslog after start apache2 http://pastebin.com/d23ccfef4
<Konam> how do I tell ubuntu to get the data from my dhcp server? I have an ubuntu dhcp server on a vm and I can't restart my host to get the data :|
<Konam> how do I restart the dhclient on  my ubuntu desktop?
<zul> sudo dhclient <eth device>
<cody-somerville> Nagios, Zabbix, Monit, or Hyperic?
 * cody-somerville ponders.
<cody-somerville> Does anyone here have experience with those products?
<Syntux> in gnome software sources there is an options to ping and select the fastest repository, what's the command line to get the same result on ubuntu-server
<wcarss> Hey, I'm new to administration and I've got a new network of 5-9 PCs with my housemates. We're planning on doing a fair bit of shared foldering and being remotely accessible and generally creating a lot of contact back and forth between our PC's. I would particularly like to be able to use host names or run something like a DNS server internally so that, behind our router, we can resolve names to internal IPs, s
<wcarss> Way long winded.
<Nafallo> avahi can do that automagically
<wcarss> I just checked Avahi out, and it looks like it does neat things, but not precisely what I want. I want to make it so that I can type "ssh carss" when I log into our central server, and it'll go straight to my PC, or so that I can type "ssh carss-laptop" from my PC and it'll go straight to my laptop, and always work
<wcarss> hosts could do this actually, I guess I don't need to use a DNS server - but I don't know how it would work with DHCP. I can ask that elsewhere.
<flotishtu>  i always have to type these commands (when reboot, or firestarter is started or network connection is reconnected) in order to make my network share internet. echo 1 > /proc/sys/net/ipv4/ip_forward iptables -t nat -A POSTROUTING -o ethX -j MASQUERADE tc qdisc add dev eth1 root tbf rate 80kbit buffer 1600 limit 3000 dpkg-reconfigure ipmasq   any way to do it for good, for ever?
<privet> flotishtu: sudo vim /etc/rc.local
<privet> and then put those commands in it.
<flotishtu> firest requires a sudo password. 2. the settings are undo at eth reconnection. 3. how do auto reconfigure ipmasq?
<privet> flotishtu: rc.local is executed each time the machine starts. and it runs as "root"
<flotishtu> yes. but the commands are undo  at eth reconnections too.
<flotishtu> how to i stop that
<flotishtu> and how to auto reconfigure ipmasq. it ruquires a human to press yes. no.
<dougie_> Hi I'm looking for some advice for what I should run on a home server
<dougie_> would Ebox not be a good idea on a home based server? I was reading the site and it says its aimed more at corporate use.
<mralphabet> dougie_: what are you trying to accomplish?
<mralphabet> dougie_: one you have that outlined, does ebox accomplish those things?
<dougie_> well file server and possibly print server and what not
<dougie_> for now anyways
<dougie_> later on may get further use
<mralphabet> and I take it you are not comfortable with the CLI
<mralphabet> command line
<dougie_> umm...... I don't know that I'd call it comfortable but its not like cryptonite for me :)
<dougie_> yeah I know lol
<mralphabet> ok
<mralphabet> ebox just gives you a method of interacting with the services / config files
<dougie_> eBox just looked nice and simple and wouldn't have to worry about SSH or anything I could just load it up in a browser but if its really not aimed for home use and is a bit beyond what I actually need then could probably just do something else
<dougie_> yeah I see they have a lot of modules nad what not
<mralphabet> if you are at all comfortable with commandline / editing files by hand, I would suggest that
<mralphabet> ebox should work for you
<mralphabet> who cares what it is 'aimed' for
<dougie_> ok
<dougie_> so what would be better about just doing it CLI then using something like ebox?
<dougie_> other then the obvious which is understanding and manipulation of linux instead of using some sort of gui
<Koon> dougie_: you would (also obviously) have more options
<dougie_> yeah thats true
<dougie_> Although not sure I need anymore then whats there
<Koon> it's rare we do.
<dougie_> Basically what I'm going to use it for is a media server to serve my HTPC which runs Media Portal and the other computers to use for music and what not
<dougie_> so music, pictures, videos
<dougie_> possibly some personal storage folders to save files to and what not
<Koon> ebox is probably your best friend. Unless you want to take the opportunity to spend some time learning more configfiles possibilities
<yell0w> hey guys, does anyone knows what this error means in bind9 on hardy ?
<yell0w>  unexpected RCODE (SERVFAIL) resolving '119.232.12.194.in-addr.arpa/PTR/IN': 4.2.2.4#53
<ScottK> SERVAIL generally means that the remove DNS server is reporting it's broken.
<yell0w> ScottK: you mean 4.2.2.4 ?
<ScottK> I meant RCODE (SERVFAIL)
<ScottK> remove/remote btw
<yell0w> yes what i meant to ask is, you meant 4.2.2.4 is reporting it's broken ?
<yell0w> well i can still use dig with that server
<ScottK> Or that it got that reply from wherever it queried.
<yell0w> ScottK: do you have any suggestion for a reliable public dns server  ?
<yell0w> ScottK: to use as forwarders for my caching dns server ?
<mralphabet> yell0w: I use dyndns and have had little to no problems with them
<ScottK> No. Sorry.
<Nafallo> yell0w: 208.67.222.222 208.67.220.220
<yell0w> mralphabet: i didn't know they have public dns servers
<yell0w> Nafallo: thanks
<mralphabet> yell0w: don't you get dns from your ISP?
 * Nafallo trust opendns more then his ISP :-)
<mralphabet> heh
<yell0w> mralphabet: ditto Nafallo's
<Nafallo> s/then/than/
<yell0w> mralphabet: my isp's dns is very flaky
<Nafallo> on my server I just use my own DNS network though :-)
<yell0w> Nafallo: but you'd still need a forwarder from somewhere right ?
<Nafallo> yell0w: why?
<yell0w> Nafallo: erhh don't you need that for a dns server ?
<Nafallo> yell0w: why would you?
<yell0w> uhm where do you get the records then ?
<Nafallo> yell0w: the usual way.
<yell0w> Nafallo: which is ?
<Nafallo> yell0w: http://en.wikipedia.org/wiki/Image:An_example_of_theoretical_DNS_recursion.svg
<yell0w> Nafallo: so you query the root servers directly ?
<Nafallo> yell0w: ask the root where the TLD is, ask the TLD where the domain is.
<yell0w> Nafallo: i followed this guys here https://help.ubuntu.com/community/BIND9ServerHowto
<yell0w> guide*
<yell0w> Nafallo: i gotcha
<yell0w> so really the forwarders aren't needed in that case then
<Nafallo> yell0w: forwarders is good for reducing the load of servers quering upstream as well as it makes things faster if you have a commonly used one.
<Nafallo> since the forwarder will cache results as well.
<yell0w> Nafallo: ahh so it's a convenience istead of neccessity
<Nafallo> yea
<yell0w> i thought the root servers aren't to be querried by just any server
<yell0w> this is better news then :)
<ScottK> In theory they aren't supposed to be, but they certainly are.
<yell0w> ScottK: i'm sticking to opendns for now, and if that still gives me error i'll do what you
<yell0w> are doing
<yell0w> :)
<nxvl> infinity: around?
#ubuntu-server 2009-05-04
<marksman> I have 2 NICs that are bother on seperate LANS with 2 different ip ranges (wlan0=192.x.x.x & eth0=10.x.x.x).  Is it possible to route traffic by program?
<pmatulis> marksman: what do you mean "by program"?  what precisely do you want to achieve?
<MighMoS> Why can't I upgrade to jaunty from Intrepid 64-bit server?
<MighMoS> I've tried with both update-manager and do-release upgrade, and both tell me "No new release found"
<pmatulis> MighMoS: look in the file /etc/update-manager/release-upgrades
<MighMoS> pmatulis: its set to normal
<pmatulis> MighMoS: system fully updated i presume?
<MighMoS> pmatulis: Yes.
<MighMoS> I tried upgrading one machine by just running sed s/intrepid/jaunty on /etc/apt/sources.list/ but that causes 7 hours worth of headaches once the network went down in the middle.
<pmatulis> MighMoS: have you had *any* trouble of a package management nature with this machine?
<MighMoS> No. I hadn't with the other one either, so I figured I'd try to brute force it, but as I stated that didn't work out as well as I would have liked. I've disable all 3rd party repos as well
<pmatulis> MighMoS: both systems were 64-bit servers?
<MighMoS> One was 32 (desktop)
<pmatulis> MighMoS: hmmm, something smells there
<pmatulis> MighMoS: are you using a proxy or apt-cacher on your network?
<MighMoS> Indeed, but there doesn't seem to be much I can find to pinpoint the problem
<MighMoS> I do use apt-cacher, but the server is the apt-cache server as well
<MighMoS> Hmm.
<MighMoS> Thanks.
<pmatulis> MighMoS: try removing that part
<MighMoS> Should I open a bug about that?
<pmatulis> MighMoS: no
<MighMoS> Because I really would like to not DL the whole thing again
<pmatulis> MighMoS: you might have a misconfiguration
<MighMoS> And just use the cached debs
<pmatulis> MighMoS: need to first determine whether that is actually the problem
<pmatulis> MighMoS: remove that aspect and just try.  you should be able to abort
<MighMoS> pmatulis: Thanks for your help. I've put it back and it still sees there's an update
<pmatulis> MighMoS: so you good then?  apt-cacher was the problem?
<MighMoS> pmatulis: Apparently
<MighMoS> pmatulis: I moved the proxy file away, ran update and moved it back
<MighMoS> pmatulis: and everything's fine now.
<MighMoS> pmatulis: what would I check to see if apt-cacher-ng is preventing the download of those files?
<pmatulis> MighMoS: logs
<MighMoS> pmatulis: meh. Too much work. I'll figure it out in October ;-)
<pmatulis> MighMoS: take your time, and take care
<slestak> im having difficulty setting up htdigest auth on a ubuntu 9.04 server nagios 3.06 install.  i have verified permissions on the htdigest file, owned by www-data:nagios.  i get the following error logged configuration error:  couldn't check user.  No user file?: /nagios
<slestak> i have used the htdigest command to explicitly add a user and passwd for him.
<slestak> and restarted apache
<jmarsden> slestak: Check permissions on the directory where the htdigest file is, and diectories above that -- can Apache really read that file?
<slestak> let me check
<slestak> jmarsden: htdigest.users is 640 www-data:nagios, /usr/local/nagios/etc is 775 www-data:nagios (appears to be suid nagios), /usr/local/nagios is 755 root:www-data
<slestak> relevant apache nagios conf is at: http://pastebin.com/f69fc4224
<slestak> pastie is wrong, need to append to that
<jmarsden> slestak: Looks OK.  Alright, I'm running Jaunty here, I can download nagios3 and test it ... um, you pastebinned the filename, not the contents of the file?
<slestak> yeah, echo's instead of cat
<slestak> could selinux maybe interfere?  I do not have dns setup, i am reaching this by ip address
<slestak> http://pastebin.com/f6b90a63a
<slestak> i see one problem, in troubleshooting this, i renamed my htdigest file to htdigest.users, but only touched up one of the locations inthat conf file.
<jmarsden> Yesm edit lines 40 and 53 and see if that fixes it.
<slestak> what about the Auth Name directive, when i made my htdigest, i specified the realm in lowercase, nagios, but Auth User is Nagios
<slestak> it was already not working when i renamed my htdigest
<slestak> so i dont think tht is the total problem.  i have searched for extra .htaccess and other files
<jmarsden> I'd make the case match; I'm not sure if it needs to, but it would be good.  However if that is the problem you should see a different error msg in your logs, the "no user file?" should go away
<jmarsden> OK, one step at a time: fix the config file, restart Apache and retest.
<slestak> same:  [crit] [client 172.17.1.78] configuration error:  couldn't check user.  No user file?: /nagios
<slestak> the place i am working is about to close, so i need to drive abt 10 minutes.  i'll brb
<jmarsden> OK :)
<slestak> hard to find wifi out here in teh midwest on Sun night.  resorted to Micky D's
<slestak> jmarsden: hiya, back
<Noble> Having problem installing wordpress. Apache seems to be blocking it, getting not found erros. apache2.conf = http://pastebin.com/m5248f103
<jmarsden> slestak: OK.  Did you already do sudo a2enmod auth_digest
<slestak> oh, i think you hit it
<jmarsden> That worked for me, then I checked and the realm *is* case-sensitive.
<slestak> jmarsden: tytyty, its working.  have you seen eznag?  pretty well kitted nagios install.  somewhat turnkey
<jmarsden> slestak: No problem.  I tend to edit the nagios configs myself, but I'll take a look at eznag.
<slestak> and http://www.trickytools.com/php/ezcac.php
<slestak> jmarsden: http://www.trickytools.com/php/metanag.php
<slestak> sorry, netbook keyboard gets me sometimes
<AdiePutera> how to remote view desktop using terminal ?
<jmarsden> AdiePutera: You can't display a graphical desktop on a text terminal... ?  Are you looking for software such as rdesktop of vncviewer ??
<AdiePutera> yes
<AdiePutera> so i can connect from my pc
<AdiePutera> to my server
<jmarsden> Your server has no graphical desktop (if it is a Ubuntu server).  To ssh into your server from a PC running Windows, try software such as Putty.
<jmarsden> !putty
<ubottu> SSH is the Secure SHell protocol. See https://help.ubuntu.com/community/SSHHowto for usage. Putty is a nice SSH client for Windows; it can be found at http://www.chiark.greenend.org.uk/~sgtatham/putty/
<AdiePutera> how about setting up nameserver
<AdiePutera> a little bit confuse
<AdiePutera> E: Sub-process /usr/bin/dpkg returned an error code (1)
<jmarsden> What did you do to get that?  For basic DNS setup see https://help.ubuntu.com/9.04/serverguide/C/dns.html
<genii> jmarsden: Damn, beat me to it
<jmarsden> :)
<AdiePutera> why this happen when im trying to install new app
<AdiePutera> always got errors
<AdiePutera> dpkg: error while cleaning up:
<AdiePutera>  subprocess post-removal script returned error exit status 127
<jmarsden> AdiePutera: we need more info to help answer that... which application are you trying to install on your Ubuntu server
<AdiePutera> this is what im trying to do ->root@zetro:~# sudo apt-get install dnsutils
<jmarsden> AdiePutera: That should work fine...   Something is broken on your system.  Try   sudo apt-get -f install
<AdiePutera> same problem
<jmarsden> Please pastebin the full output after doing sudo apt-get -f install
<AdiePutera> root@zetro:~# sudo apt-get -f install
<twb> 127 is file-not-found
<jmarsden> AdiePutera: Don't put all the output here in the channel... use pastebin
<jmarsden> !pastebin
<ubottu> pastebin is a service to post multiple-lined texts so you don't flood the channel. The Ubuntu pastebin is at http://paste.ubuntu.com (make sure you give us the URL for your paste - see also the channel topic)
<jmarsden> Once you have Putty working you can cut and paste the whole thing...
<genii> As a note... your prompt shows # which is root. So sudo is not neccesary.
 * genii doesn't feel up to giving a sudo/root lecture just now
<jmarsden> genii: I'd be surprised if there isn't a !rootlecture or similar shortcut :)
<genii> jmarsden: In #ubuntu it's !root
<genii> !root
<ubottu> Do not try to guess the root password, that is impossible. Instead, realise the truth... there is no root password. Then you will see that it is 'sudo' that grants you access and not the root password. Look at https://help.ubuntu.com/community/RootSudo
<genii> There we go. However since root already seems attained, somewhat moot
<jmarsden> !msg ubottu sudo
<ubottu> Sorry, I don't know anything about msg ubottu sudo
<genii> jmarsden: Oh yeah that one too
<rfsalder> Hi all. I've got a question about using ufw on an server with multiple NICs. I trust this is a good place to ask?
<twb> rfsalder: sure
<rfsalder> Awesome. Can I configure different rules on a per interface basis? Each one of the NICs is on a different subnet and I want rules applied on a per interface basis.
<rfsalder> I've used Shorewall for this in the past, but I'm playing with ufw and starting to like it.
<twb> Dunno.
<twb> I got to the point of working out that if I wanted to write normal rules, I had to grovel through the dirful of iptables-save files.
<rfsalder> Yup - I'd prefer to have as much of a layer of abstraction as possible, as it seems the nitty-gritty is a bit complex.
<twb> Because I'm lazy, what I'm currently doing is just running "iptables-restore </etc/iptab" on boot, where /etc/iptab is a file created by running iptables-save >/etc/iptab and adding comments
<rfsalder> Have you played with Shorewall?
<twb> No, but I've seen some of its rules.
<rfsalder> I've found it to be a nice tool for my setups. I'm wondering if I can do the same kind of stuff with ufw though, since it seems nicely integrated in Ubuntu.
<twb> Essentially how ufw works internally is to cat together all the files in (wherever it is), then dump them into iptables-restore.
<twb> The ufw(8) tool just reads/writes a specific one of those files, the rest are maintained by upstream or by the senior sysadmin.
<rfsalder> Ah... okay.
<twb> So you have the full power of iptables, and ufw is a way to do simple rules that most people want.
<twb> I don't know if the ufw(8) wrapper will let you do what you want, but if it doesn't, you can dive into the raw stuff in that dir.
<rfsalder> I figure if I set a rule in ufw to allow traffic to a particular port on a particular IP, it will simply allow traffic to that IP:port from any of the interfaces.
<rfsalder> Instead of a particular one that I can specify.
<rfsalder> I haven't been able to find any articles or posts on the web discussing multiple interface ufw setups. That may very well mean that it's not a designed use scenario.
<jmarsden> rfsalder: In general that is likely to be true.  ufw show raw   or /sbin/iptables -nvL will show you what the current state of things is, but I don't think ufw has any way to say "allow traffic from IP X to port Y on interface Z.
<rfsalder> Thanks for your help, twb and jmarsden.
<twb> jmarsden: as for me, I find it easier to read iptables-save than iptables -v -n -L
<uvirtbot> New bug: #371530 in samba (main) "samba does not start since upgrade to 9.04" [Undecided,New] https://launchpad.net/bugs/371530
<NineTeen67Comet> Hi all; does anyone know if there is a #networking room? I don't think asking network (general, not server specific) questions in here is appropriate.
<NineTeen67Comet> I've got a studio that has asked me to build their server, site and network. They've got Cat5 outlets in all the rooms, a central box from the ISP in the main office and they want seperate N/G wifi as well as copper connecting all the workstations through the wall drops. I'm thinking the ISP to a Switch and that will hand out to separate G/N routers, a plain router to the wall outlets.
<sluimers> Hello, I've got a mail server up and running, uhmm... I think, I'm pretty much a newbie when it comes to this, can I access it with thunderbird and if yes, how?
<sluimers> When I send send a mail to my server computer it receives it in /home/<myusername>/mbox
<sluimers> I use dovecot as an imap server... I'm not sure what it does, but I'd love to see my received mails in my thunderbird mailbox
<_ruben> if dovecot is configured properly, then you can just configure an imap account in your thunderbird with the details of your server
<_ruben> and mbox storage kinda sucks
<sluimers> Ah, what is the proper configuration then?
<_ruben> maildir for storage, and as for dovecot itself, it kinda depends on the total picture of your install .. the defaults oughta work fairly well (they did for me)
<sluimers> I have a directory called Mail and Maildir
<sluimers> in my home directory
<_ruben> Mail is probably used by one or more mail clients, Maildir is a common place for mailservers to use as storage
<sluimers> okay, how do I know it's working?
<_ruben> when you can properly fetch your email from the server? ;)
<sluimers> all Maildir has are 5 files and three empty directory
<sluimers> lol
<_ruben> which is to be expected for an empty mailbox
<_ruben> you'll have to instruct postfix and/or procmail and/or dovecot to store the mails in those Maildir folders
<sluimers> ah, I see
<sluimers> so... is the Mail folder at the wrong place?
<sluimers> it should be in the Maildir folder?
<_ruben> no, its fine where it is
<_ruben> its where (most) mail clients store they're local copies of email
<_ruben> s/they're/their/
<sluimers> oh, so the Mai folder has nothing to do with dovecot?
<sluimers> Mail
<simplexio> could be that Mail is in mailbox format nad Maildir is is mailfir format..
<_ruben> sluimers: most likely so, yes
<_ruben> sluimers: one could however instruct any MTA/LDA to use Mail/ as storage dir, but that's not very common
<sluimers> ah, hmmm, so my dovecot isn't properly configured then...
<_ruben> sluimers: i think you should approach this from another angle .. determine what you want to accomplish, then work towards that goal from (nearly) scratch .. not try to coerce an existing setup into doing what you might want
<sluimers> Are you telling me to reinstall the whole thing?
<_ruben> nah, just configuration wise (postfix+dovecot, assuming you use postfix as your mta)
<sluimers> yes, I use postfix
<uvirtbot> New bug: #368504 in samba (main) "openoffice and other aplications can't print on a HP Laserjet 3380 via samba (the printer crashes). Maybe is a cups problem?" [Undecided,Incomplete] https://launchpad.net/bugs/368504
<Omahn> Does anyone know if it's normal for the builder servers to have over 5000 packages queued for building?
<Omahn> Or is it just the addition of Karmic that's taking its toll?..
<_ruben> likely
<soren> Omahn: 5000?
<soren> Omahn: Oh, total across all archs?
<soren> Omahn: Yeah, that's probably just autosynced packages being built.
<Omahn> soren: Yeah, that seems to be the case. I was just waiting on an SRU package to be build that's been waiting for several days now. I wonder if Canonical would take offers of server horsepower to speed things up..
<soren> Omahn: I doubt it. We keep the buildd's under strict control for security reasons.
<Omahn> soren: I can fully appreciate that. It's just a shame as we have seriously meaty hardware just sitting idle.
<soren> Omahn: I would have thought, though, that SRU's got a higher build score than regular builds.
<soren> Omahn: Which package is it?
<Omahn> soren: compizconfig-backend-gconf
<Omahn> Not an important one, but if the same delay was experienced for one of our server packages it would be a little concerning.
<Omahn> Scores 1005.
<soren> Yeah.
<Omahn> Not sure if that's high or low priority in comparison to the influx of karmic.
<soren> For critical updates, we can always poke a buildd admin to rescore it.
<Omahn> Good stuff :-)
<soren> Omahn: https://edge.launchpad.net/ubuntu/+builds?build_text=&build_state=pending
<soren> Omahn: You can see how far down the list it is now.
<soren> It's on the penultimate page :)
<Omahn> Aha.
<Omahn> In the end I just build the package locally with pbuilder although that doesn't really validate the SRU build.
<Omahn> *built
<Omahn> Still, might be worth Canonical having a chat with us. We have several Sparc T2000 boxes and 16 way Opteron machines doing very little and I'm sure it would speed things up a bit :-)
<MagicFab> hi all
<MagicFab> is there a single command to change a server's hostname ?
<soren> I don't believe there is, no.
<MagicFab> meh.. so I guess I should rewrite /etc/hosts and /etc/hostsname... that's it ?
<Lord_Devi> echo NEWHOSTNAME >> /etc/hostname
<Kamping_Kaiser> what about `hostname`?
<Lord_Devi> > /etc/hostname sorry
<Lord_Devi> (also must be done as root and not through sudo)
<Kamping_Kaiser> it can be done through sudo, just not how you described above
<Lord_Devi> what way?
<Kamping_Kaiser> echo "foobar"  | sudo tee /etc/hostname
<Lord_Devi> Ahh yes! Good thinking
<soren> MagicFab: Depends. Certain packages might embed the hostname in its configuration files.
<soren> MagicFab: But /etc/hostname and /etc/hosts is a good start.
<_ruben> on a relatively fresh system, grepping for the current hostname in /etc and replacing it, suffices
<pmatulis> Kamping_Kaiser: why not just 'sudo hostname new_hostname' ?
<Kamping_Kaiser> pmatulis, hostname was my first suggestion
<pmatulis> Kamping_Kaiser: k, still need to change the hostname file
<soren> pmatulis: hostname only changes the machine's name as known by the kernel. It doesn't persist across reboots. Sort of like running iptables from the command line without updating ufw or whatever firewall script you're using.
<pmatulis> soren: yes, hence my 2nd comment
<soren> pmatulis: *nod*
<uvirtbot> New bug: #371023 in openldap (main) "ldap server restore failed during upgrade to jaunty" [Undecided,New] https://launchpad.net/bugs/371023
<wizardslovak> hello people
<wizardslovak> how to disable su in server?
<soren> wizardslovak: What are you trying to achieve. Disabling su wholesale will likely have undesired side effects.
<soren> Thinking about it more closely, I'm going to guess that it'll not only have undesired side effects, it will also not have the effect that you're probably looking for :)
<wizardslovak> what is the command for update system??
<wizardslovak> apt-get upgrade?
<Nokio> Hi all, I want to setup a login via ttyS0 serial console i created the /etc/event.d/ttyS0 file and added the information. When i do a telinit q and then look into the log and i get this "" http://pastebin.com/d6c81e83e "" and then it stop and cant get the tty working. Thanks in advance for the time and help
<jimmy51_> hello, i'm running several kubuntu workstations but it's all currently peer to peer.  is ubuntu-server the way i should go for a centralized directory services / policy / update managment solution?
<genii> jimmy51_: I would venture to say yes
<jimmy51_> genii: is it a fairly straightforward process for someone who has set up active directory based domains many times/
<jimmy51_> ?
<genii> jimmy51_: I have not worked much with LDAP, myself.
<genii> jimmy51_: The server guide here: https://help.ubuntu.com/9.04/serverguide/C/openldap-server.html  has a fairly comprehensive tutorial, however
<jimmy51_> thanks
<genii> jimmy51_: You're welcome. At other times of the day, there may also be some people in this channel more knowledgable on the LDAP subject
<uvirtbot> New bug: #371687 in kvm (main) "smb option doesn't appear to work" [Undecided,New] https://launchpad.net/bugs/371687
<Tereza> hi
<Tereza> someone could help me please?
<Tereza> i have to configure a lan with 2 pc ethernet and a router ethernet
<Tereza> what have i to do to configure network?
<Nokio> Hi all, I just setted up a serial console via ttyS0 and if i do a ps axf |grep tty i see the new getty on ttyS0. On the client side i configure minicom to access it through my usb adapter ttyUSB0. But i dont get any login or anything
<unr3a1> heya ll
<unr3a1> hey all*
<unr3a1> I am trying to restore my installed applications on my ubuntu machine and this is what i get:  http://pastebin.com/m257ea5fa.  does anyone know what would cause this?  Thanks.
<TeLLuS_> Tereza: Know some TCPIP and know if you want to use static ip or DHCP. Maybe.. http://linux.about.com/od/ubusrv_doc/a/ubusg17t03.htm http://www.debianadmin.com/ubuntu-networking-for-basic-and-advanced-users.html
<TeLLuS_> unr3a1: Have not set the same /etc/apt/sources.list files as the computer you got the packagelist from..
<unr3a1> TeLLuS, ok... so what do I do?  I dont have that sources.list file anymore
<genii> unr3a1: For packages it's not currently finding which are in regular ubuntu maintained repos, you could look up by package-name at http://packages.ubuntu.com/   to see whic repository needs enabling. For the others which came from non-standard repos, you may need to google.
<unr3a1> ....  alright... from now on I will back up my sources.list file too....
<unr3a1> thanks for the info
<Nokio> No one can help with serial console login ?!
<TeLLuS_> Nokio: Tried with something else then with the usbserialadapter..  Any second comport on same computer..
<Nokio> TeLLuS_ localy on the computer i have 2 serial port ttyS0 is the one that i set a a getty on. ttyS1 if the serial port u just tried instead of the ttyUSB0
<Nokio> and it does not work either using minicom
<Nokio> TeLLuS_ so ttyS1 and ttyUSB0 doesnt seems to work and i dont understand because i did that setup quite a few time on other linux and it just worked
<fbc-mx> I loaded and configured samba, but how do I get it to announce the service.. I still don't see a workgroup on the lan?
<genii> fbc-mx: It uses whatever the default broadcast address is. So if that's not defined, or the default gateway is for a different adapter than the one samba is configured to run on, the broadcasts don't get picked up by other boxes.
<fbc-mx> genii, k, thanks, I'll try to get that configured.
<fbc-mx> genii, It is still not announcing is there anything else I could check for?? My ubuntu machine is connected to the same switch. I and I can see other windows workgroups from it. I keep refreshing the screen to see if the new one comes up but it does not.
<fbc-mx> genii, there is WIndows ADC on the same lan. I don't know if that might be a problem. I'm using a completely different workgroup name from any others.
<BCMM> i have a server running gutsy. what do i need to do to bring it up to date?
<rxMokka> anyone know a page detailing what exactly the difference in supported packages are for LTS releases in regards to "desktop" vs "server"? and by "supported" I mean the extended 3yr/5yr updates
<genii> fbc-mx: The domain controller may have something to do with it. What values are given in smb.conf for settings "domain master" and "os level" ?
<RoAkSoAx> ivoks, morning master :)
<ivoks> RoAkSoAx: hi :)
<RoAkSoAx> ivoks, how's it going?
<genii> fbc-mx: Apologies on lag, my workplace is fairly busy.
<ivoks> RoAkSoAx: lots of work to do
<RoAkSoAx> ivoks, packaging related or job?
<ivoks> RoAkSoAx: job :)
<RoAkSoAx> ivoks, where do you live? I though it was night for you
<ivoks> RoAkSoAx: it's 6PM
<RoAkSoAx> ivoks, Oh i see... it's 11.30 for me.. anyways.. when can we start with the mentorship process?
<fbc-mx> genii, I understand please standby as I've noticed an issue between gadmin-samba and samba itself.. Apparently gadmin-samba is using depreciated values. I may have to configure this by hand...
<n0ah> i only have lo and vnet0 when i do ifconfig, is that my ethernet card?
<ivoks> nope
<n0ah> oh poo :(
<ivoks> ethernet is ethX
<ivoks> vnet is from some kind of virtualization stack
<ivoks> vmware, libvirt, etc...
<n0ah> yeah, but it appears that my ethernet card isn't installed then
<RoAkSoAx> ivoks, btw... when can we start with the mentorship process?
<ivoks> RoAkSoAx: whenever you want :)
<RoAkSoAx> ivoks, i'm ready for action...
<ivoks> oh, i have to tell you to do something? :)
<ivoks> i have to check how the mentoring goes...
<RoAkSoAx> ivoks, https://wiki.ubuntu.com/MOTU/Mentoring Junior Mentirong
<ivoks> hehe thanks
<RoAkSoAx> ivoks, btw I've created #ubuntu-ha so we can work from there
<rxMokka> n0ah: -a ?
<ivoks> oh...
<ivoks> RoAkSoAx: so, you would like to start on packaging?
<RoAkSoAx> ivoks, yes, though i have done merges and updates before
<ivoks> oh, great
<ivoks> phone
<RoAkSoAx> i do have little knowledge
<RoAkSoAx> k
<rxMokka> anyone know a page detailing what exactly the difference in supported packages are for LTS releases in regards to "desktop" vs "server"? and by "supported" I mean the extended 3yr/5yr updates
<ivoks> RoAkSoAx: are there any merges you would like to do?
<BCMM> i have just updated a server, and it seemed to finish sucessfully, but lsb_release -a still says "Release:        8.04"
<BCMM> do-release-upgrade says "no release found"
<n0ah> rxMokka, I should do ifconfig -a?
<BCMM> what version am i running?
<pmatulis> BCMM: how exactly did you update the server?
<BCMM> sudo do-release-upgrade
<BCMM> i was ssh'ed in; i know this is not advised but the machine has no screen
<BCMM> it prompted for reboot, and i said yes
<BCMM> (after editing menu.lst because it got the boot drive wrong)
<MrMist> Hey all
<pmatulis> BCMM: and it started out as 8.04?
<BCMM> pmatulis, no i think it started out as gutsy
<pmatulis> BCMM: so what's the problem?
<BCMM> isn't the current version 9.something?
<pmatulis> BCMM: you upgraded from 7.10 to 8.04
<MrMist> I thought I should try installing Xorg myself, starting with a new jaunty installation
<MrMist> it actually went quite OK
<BCMM> pmatulis, why doesn't it offer me 9.04?
<pmatulis> BCMM: re current version, sure, but you can't leap over mulitple releases except for LTS-to-LTS
<pmatulis> BCMM: you need to upgrade again, to 8.10
<MrMist> but Now I'm having a problem with cwiid... or wminput. It crashes my X session when I push a button on the controller. Don't know how to approach this... Anyone care to help ?
<BCMM> pmatulis, ah, how is that done?
<pmatulis> BCMM: and then again to 9.04
<pmatulis> BCMM: just like a frog jumping from one rock to another
<BCMM> although actually i may well decide to stick with the LTS as i'm not terribly keen on breaking this server
<BCMM> now that i understand that things haven't gone wrong
<BCMM> if i did decide to upgrade, how would i do it?
<pmatulis> BCMM: that's a decent choice (LTS)
<pmatulis> BCMM: what does the following command give you:
<pmatulis> BCMM: $ grep Prompt /etc/update-manager/release-upgrades
<BCMM> that fits what i want, right? keep serving files, and get security updates as it has SSH open to the world
<MrMist> Anyone??
<MrMist> http://pastebin.com/f320cd5d0
<BCMM> pmatulis, Prompt=lts
<pmatulis> BCMM: see?  it's stuck on lts
<pmatulis> BCMM: and that's by design
<pmatulis> BCMM: edit the file so Prompt=normal (when you're ready to upgrade to 8.10)
<BCMM> pmatulis, i'll probably stick to lts
<BCMM> thanks though
<pmatulis> BCMM: np
 * pmatulis goes away
<wizardslovak> what is the command to restart network interface?
<pmatulis> wizardslovak: $ sudo service networking restart
<jimcooncat> not trolling: for my small business (10 users) what is the advantage of going with ubuntu-server rather than debian? I'm torn here, and looking at a big time investment
<stickystyle> jimcooncat: For me the switch from debian to ubuntu was the predictable LTS release cycles
<zul> jimcooncat: predictable release cycles, long term support, etc etc etc
<jimcooncat> during the time when debian was stalled for so long, that did make sense. But now? It seems the rise of ubuntu has jolted Debian into a more responsive mode, or maybe that's temporary?
<zul> maybe temporary you never know
<jimcooncat> are security updates quicker with ubuntu? only for main?
<jbernard> i would say no, both distro's are on the ball when it comes to critical security updates
<jimcooncat> what about technology differences? I'm interested in pxe, drbd, ha-linux, and kvm
<stickystyle> with regards to release cycle and security, http://www.debian.org/security/faq#lifespan
<stickystyle> basically there is no absolute defined timeline of support.
<pmatulis> jimcooncat: all those things are available with Ubuntu
<pmatulis> jimcooncat: although PXE is a hardware technology
<jimcooncat> thanks pmatulis, I meant userland tools for it. I remember long ago trying to netboot several flavors of ubuntu and debian, only to have one version of ubuntu actually install without glitches.
<jimcooncat> or maybe it was debootstrap, I could be disremembering
<pmatulis> jimcooncat: best is to set up a Ubuntu system and test, that's the only way to really know
 * pmatulis moves on
<jimcooncat> so being slow to upgrade (I get busy with other projects), perhaps LTS is safer for me
<uvirtbot> New bug: #371816 in postfix (main) "bug fixes,security updates fail to install" [Undecided,New] https://launchpad.net/bugs/371816
<wizardslovak> hello
<wizardslovak> how to add static ip >
<genii> wizardslovak: Thats a fairly vague question. Can you elaborate?
<wizardslovak> ok so i want for my new server to have static ip
<genii> wizardslovak: Will this static IP for inside the local area network, or for the internet?
<uvirtbot> New bug: #305030 in evince "Failed to print document - can't prompt for authorization (dup-of: 283811)" [Unknown,Confirmed] https://launchpad.net/bugs/305030
<jimcooncat> wizardslovak: are you getting ready to install now, or do you have a server set up on DHCP at the moment
<stickystyle> jimcooncat: I wouldn't use anything other than LTS on a server unless there where absolute reasons to do so.  Most of my servers are 6.06 and I'm happy knowing I wont have to bother upgrading them for another couple years.
<wizardslovak> i have /etc/network/interfaces open  and i know netmask,network and gateway ip , but i cant find broadcast ip
<wizardslovak> this will be for LAN only
<wizardslovak> i am newbie and love to learn ubuntu server so this one is for study purposes
<stickystyle> and they where 6.06 from the begining.  I was in the same place as you deciding between debian and ubuntu a few years ago.
<genii> wizardslovak: If netmask is 255.255.255.0 then broadcast will be x.x.x.255     (where the x.x parts is the IP)
<genii> wizardslovak: If you have some other netmask, there is a formula to find which should be broadcast
<rxMokka> anyone know a page detailing what exactly the difference in supported packages are for LTS releases in regards to "desktop" vs "server"? and by "supported" I mean the extended 3yr/5yr updates
<jimcooncat> stickystyle: that would be good for me. I guess I could try my original idea with hardy, unless there's tech that's not available. I'll be loading them up with preseed anyway, so if I have to switch to lenny it shouldn't be too hard to modify
<uvirtbot> New bug: #371765 in krb5 (main) "Please merge krb5 1.6.dfsg.4~beta1-13 (main) from Debian testing (main)" [Undecided,Confirmed] https://launchpad.net/bugs/371765
<rxMokka> stickystyle: you mention knowing about upgrades... what do you know about when you'll be forced to upgrade?
<jimcooncat> rxMokka: my guess from what I've read is that anything based on x.org (about everything GUI) falls into the desktop category -- perhaps the CFS kernel as well
<stickystyle> rxMokka:  I know in 2010 I will begin to start migrating my infrastructure to the 10.X LTS release as in 2011 is when 6.06 will be EoL.
<rxMokka> stickystyle: is that server EOL or desktop EOL?
<stickystyle> rxMokka:  server.
<stickystyle> desktop 6.06 is eol this year if im not mistaken.
<rxMokka> do we know yet, a packagelist of what will not recieve updates?
<stickystyle> That came up on the server mailing list a little while back, let me see if I still have that thread.
<rxMokka> I mean, is there a published list of what packages will become unsupported after destop-eol
<jimcooncat> rxMokka: If you get stuck for time, they just switch the url for the update. I've got a Edgy system at home, and just had to update sources.list. Of course, we shouldn't be so lazy...
<jimcooncat> rxMokka: but I doubt I'll ever see any security updates, so it's not good to get behind
<rxMokka> jimcooncat: edgy and gutsy both are recieving no updates after EoL, updated files that were already made are still avail in the renamed repo urls, but nothing new
<jimcooncat> thanks all. I'll be back next week when I get stuck! Oh yeah, I do thing community spirit here is +++
<rxMokka> stickystyle: any luck with that ML thread?
<stickystyle> rxMokka:  http://people.ubuntu.com/~ubuntu-archive/seeds/ubuntu-server.dapper/server
<stickystyle> from https://lists.ubuntu.com/archives/ubuntu-server/2007-July/000541.html
<rxMokka> ah lovely!
<rxMokka> thanks stickystyle
<stickystyle> np
<rxMokka> does the ==from desktop== section in the server seed, mean that those also will recieve the 5yr update terms?
<rxMokka> *= From desktop =
<stickystyle> That is what I understand.
<rxMokka> perfect
<stickystyle> Although I'm not a dev or anyone with commit privileges, so don't take my word as absolute.
<rxMokka> damn shame that my sshd and httpd are going to lose support so early though :(
<stickystyle> ssh and apache2 are on there.
<rxMokka> yea
<rxMokka> I use dropbear and lighttpd though
<stickystyle> ah.
<rxMokka> LTS should reduce the workload of patching enough though, that I can maintain my own updates to those two
<stickystyle> Very true.  It's not that hard to backport things anyways, I backport bacula-fd from jaunty to my 6.06 boxes.  Then just rebuild when an update comes out.
<rxMokka> easier to backport an upstream release, than it is to backport an update to an upstream release heh
<rxMokka> my intent is to backport only code patches that fix security issues, inorder to guarantee functional compatibility
<superm1> hi guys. so i wanted to find out when mysqld_safe is running, what might be triggering a SIGHUP to it that's getting trapped and forcing the restart? (wrg to bug 326768)
<uvirtbot> Launchpad bug 326768 in mythbuntu "mysqld_safe thinks mysqld has crashed when it hasn't" [Critical,Confirmed] https://launchpad.net/bugs/326768
<stickystyle> Keeping with the debian/ubuntu way is the best way.  unfortunality I *need* the newer version of bacula :(
<superm1> at least from my test on a system constantly reproducing it, dropping that trap fixes the problem, but i'm not sure it has a useful purpose. and if it does - why hasn't that patch from debian landed upstream?
<rxMokka> thanks again for the links stickystyle, just what I was looking for
<Speedy059> How do you install the "wget" on Ubuntu-Server? I'm more familiar with Red Hat distros...:(
<blizzkid> kirkland: you're here?
<jbernard> Speedy059: "sudo aptitude install wget"
<RoAkSoAx> kirkland, is bochsbios-qemu still in the archives?
<jbernard> RoAkSoAx: doesn't appear to be, looks like it may have been superseded by bochsbios package
<RoAkSoAx> jbernard, that's what i also think, but qemu in jaunty still has it as build depends... anyways I was about to remove it from there
<uvirtbot> New bug: #371876 in samba (main) "package samba 2:3.3.2-1ubuntu3 failed to install/upgrade: subprocess post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/371876
<kirkland> blizzkid: howdy
<jbernard> RoAkSoAx: i would suspect the bochsbios-qemu could safely removed from qemu's builddeps
<RoAkSoAx> jbernard, thanks :)
<kirkland> RoAkSoAx: i see bochsbios - BIOS for the Bochs emulator
<blizzkid> evening kirkland, I'd like to discuss https://bugs.launchpad.net/screen-profiles/+bug/368963 with you a bit... I'd be happy to try to get that patch made, but I miss some details on how stuff works atm
<uvirtbot> Launchpad bug 368963 in screen-profiles "Connect twice to same server, get shared screen session" [Undecided,Invalid]
<RoAkSoAx> KingOfDos, in Jaunty depends is: bochsbios-qemu (>= 2.3.5-1ubuntu1) | bochsbios (>= 2.3.6-2ubuntu1), but since bochsbios-qemu is not in the archives, I removed it from Depends (I'm merging qemu btw)
<kirkland> RoAkSoAx: sweet, thanks.
<RoAkSoAx> kirkland, in Jaunty depends is: bochsbios-qemu (>= 2.3.5-1ubuntu1) | bochsbios (>= 2.3.6-2ubuntu1), but since bochsbios-qemu is not in the archives, I removed it from Depends (I'm merging qemu btw)
<RoAkSoAx> :)
<RoAkSoAx> welcom
<kirkland> RoAkSoAx: i think that looks good
<kirkland> blizzkid: okay
<blizzkid> kirkland: like, how does it check for a running screen right now?
<blizzkid> is that in a binary or in a shell script?
<kirkland> blizzkid: see /usr/bin/screen-launcher
<kirkland> blizzkid: exec screen -xRR
<blizzkid> k, I'll start there :)
<kirkland> blizzkid: cross those -xRR options with the screen manpage
<kirkland> blizzkid: see the whole section in the manpage on -R
<kirkland> http://manpages.ubuntu.com/manpages/jaunty/en/man1/screen.1.html
<blizzkid> kirkland:  have that right in front of me, I'll just look at making that conditional
<blizzkid> and obviously I'll have to figure out how to do a menu like yours
<kirkland> blizzkid: for that, see select-screen-profile
<kirkland> blizzkid: you're going to have to make this configurable, though
<kirkland> blizzkid: ie, it's going to aggravate a lot of people to get hit with a prompt for "which screen session do you want?"
<kirkland> blizzkid: i think the vast majority are going to want -xRR
<blizzkid> kirkland: I did indeed intend to look at something config'able
<kirkland> blizzkid: since that's the debian default
<blizzkid> btw, select-screen-profile?
<kirkland> blizzkid: /usr/bin/screen-profile-select
<kirkland> blizzkid: or rather
<kirkland> blizzkid: /usr/bin/select-screen-profile
<kirkland> blizzkid: it presents a list, you select one, etc.
<kirkland> blizzkid: also, see screen -ls
<blizzkid> ok, right, it's what you get at first start
<kirkland> blizzkid: for a list of open sessions
<blizzkid> and screen -ls is what I wanted to use indeed :)
<kirkland> blizzkid: can i assign you that bug in LP ?
<kirkland> blizzkid: what's your LP id?
<blizzkid> kirkland: it's blizzkid, and I'd be honoured to get this bug assigned
<kirkland> blizzkid: well i'm happy to honour you :-)
<blizzkid> what's $# ?
<kirkland> RoAkSoAx: do you need sponsorship for the qemu merge?
<blizzkid> kirkland: ^
<kirkland> blizzkid: https://bugs.edge.launchpad.net/screen-profiles/+bug/368963
<uvirtbot> Launchpad bug 368963 in screen-profiles "Connect twice to same server, get shared screen session" [Undecided,Invalid]
<RoAkSoAx> kirkland, i guess so, i trying to build it :)
<kirkland> blizzkid: okay, here's what i suggest
<kirkland> blizzkid: if more than one session exists, list them
<kirkland> blizzkid: ensure that the default selection matches whatever -xxR would have selected
<kirkland> blizzkid: such that just hitting enter will get you into that one
<kirkland> blizzkid: also, put a timer on it
<kirkland> blizzkid: such that after X seconds (10?) it selects that screen session
<blizzkid> kirkland: I agree except for 1 small thing: I'm thinking of following: put a config option in ~/.screen (eg: PresentList = 0/1) --> 0 = just do -xRR, 1 = present a list of existing sessions with -xRR's default selected and X seconds (maybe configurable too) timeout
<blizzkid> kirkland: I'm just trying to find out what exactly is $# :p
<kirkland> blizzkid: that's fine, but put it in ~/.screen-profiles/SOMETHING
<blizzkid> you're right on that one :)
<kirkland> blizzkid: $# is the number of args, i think
<kirkland> blizzkid: man dash
<kirkland> blizzkid: search for \$#
<RoAkSoAx> kirkland, it would not build because of this: http://pastebin.ubuntu.com/164457/ any ideas?
<kirkland> RoAkSoAx: oh, please drop libvdeplug2-dev
<RoAkSoAx> kirkland, what about etherboot?
<kirkland> RoAkSoAx: i'm looking
<blizzkid> ok, kirkland, one more question for now... once the profile is set it obviously doesn't present that list anymore... is that being checked for in select-screen-profile too?
<kirkland> blizzkid: no, that's checked in /usr/bin/screen
<kirkland> blizzkid: which is a wrapper shell script
<blizzkid> ok, perfect
<kirkland> RoAkSoAx: i'm not sure about etherboot
<RoAkSoAx> kirkland, it says that etherboot only recommends mknbi and don't depends on any other package.. it is just a virtual package
<kirkland> RoAkSoAx: that's what it looks like to me
<kirkland> RoAkSoAx: maybe build-depend on mknbi
<RoAkSoAx> kirkland, ok will try to do that
<kirkland> soren: around?
<RoAkSoAx> kirkland, it fails
<kirkland> RoAkSoAx: same error?
<RoAkSoAx> kirkland, yes
<a|wen> RoAkSoAx: what are you building against? karmic/main-only ?
<RoAkSoAx> a|wen, karmic yes
<RoAkSoAx> oh lol, should add repos
<kirkland> RoAkSoAx: oh, qemu is in universe
<RoAkSoAx> lol dumb me :)
<a|wen> RoAkSoAx: http://packages.ubuntu.com/karmic/libvdeplug2-dev ... that is definitely not virtual ;)
<kirkland> a|wen: cheers, thanks
<a|wen> RoAkSoAx: so you can just re-add it
<RoAkSoAx> thanks guys :)
<a|wen> kirkland: no problem ... couldn't figure out why that package should have disappeared from vde2 since the last time i worked on the source :)
<kirkland> a|wen: i didn't think to ask, thinking surely RoAkSoAx would have universe enabled, if he's working on a universe package :-)
<RoAkSoAx> just forgot to create the pbuilder with universe :(
<RoAkSoAx> it's not the first time that happened to me :)
<a|wen> it's a real cheater
<RoAkSoAx> ohh btw.. in debian it Depends on: vgabios (>= 0.6c-1) but there's not such version on Ubuntu, so I just used vgabios (>= 0.6b-1) is that the correct thing to do?
<a|wen> RoAkSoAx: is there a reason for it in the changelog?
<RoAkSoAx> a|wen, no
<a|wen> RoAkSoAx: keep the c-version
<a|wen> RoAkSoAx: it is already in karmic ... just waiting to be built
<RoAkSoAx> a|wen, oh so I just keep the debian version then
<a|wen> RoAkSoAx: jup ... it is pending build currently, so need not to
<RoAkSoAx> ok awesome
<a|wen> RoAkSoAx: unless someone re-scores your built it should hit the builders after the new vgabios is ready
<RoAkSoAx> i've been a while since I've done a merge (hardy...) xD
<RoAkSoAx> a|wen, i haven't suscribed it ye.. so it will :)
<a|wen> RoAkSoAx: welcome back in the game then :) ... if you feel for it you can build the vgabios manually for doing the testbuilt now
<RoAkSoAx> a|wen, thanks :) and yes i'll try that before subscribing to u-u-s
<a|wen> RoAkSoAx: of course ;)
<RoAkSoAx> Oh man. hopefully I'll learn everything that's necessary to become a MOTU in 3 months :)
<a|wen> RoAkSoAx: good luck with it :)
 * a|wen MOTU-powers is ~2 months old
<RoAkSoAx> a|wen, thanks :) and that's awesome.. however in my country it's unusual for someone to get involved with open source, and that makes it harder :)
<a|wen> RoAkSoAx:
<a|wen> which country is that?
<RoAkSoAx> a|wen, Peru
<a|wen> cool
 * a|wen thinks he has seen some developer from peru on planet ubuntu
<RoAkSoAx> a|wen, yes he is one of the few who work with open source, this one is nxvl
<a|wen> RoAkSoAx: cool ... then i didn't remeber completely wrong
<RoAkSoAx> a|wen, yep.. so that's my goal, become a MOTU too :)
<a|wen> always good with some goals
<SFauconnier> hi all, can anyone help me out with setting up a DHCP server? I've posted it on the forums as well: http://ubuntuforums.org/showthread.php?p=7213788
 * dayo is reading SFauconnier forum post
<dayo> SFauconnier: what ubuntu release are u using?
<SFauconnier> ubuntu server 9.04
<dayo> SFauconnier: your dhcp server is between your clients and the internet and gives out IPs via eth1, right?
<SFauconnier> indeed
<SFauconnier> eth1 is connected to the internet externally
<SFauconnier> eth0 internally
<SFauconnier> and should give out IP's in the network
<dayo> SFauconnier: aah, so LAN IPs come to your clients from eth0, then?
<SFauconnier> yes
<dayo> eth1-----DHCP Server-----eth0======Clients
<dayo> ^ ?
<uvirtbot> dayo: Error: "?" is not a valid command.
<SFauconnier> indeed
<ken___> hi, how do i enable wireless to come up without someone logging in locally?
<dayo> SFauconnier: the interfaces config u posted, is that your dhcp server?
<SFauconnier> no that's /etc/network/interface
<SFauconnier> * /etc/network/interfaces
<dayo> SFauconnier: the /etc/network/interfaces file that is on your dhcp server?
<SFauconnier> yes indeed
<dayo> SFauconnier: well, there are a few problems with that config. first, please check /etc/sysctl.conf and see if the line "net.ipv4.conf.forwarding=" is set to 0 or 1
<RoAkSoAx> kirkland, i have tested it on my ppa, and it builds succesfully: https://bugs.launchpad.net/ubuntu/+source/qemu/+bug/371879 So I guess you can sponsor my upload :)
<uvirtbot> Launchpad bug 371879 in qemu "Please merge qemu 0.10.3-1 (universe) from Debian unstable" [Undecided,Confirmed]
<dayo> SFauconnier: it needs to be set to 1, to enable packet forwarding.
<SFauconnier> #net.ipv4.ip_forward=1
<SFauconnier> it's commented
<dayo> SFauconnier: uncomment it
<dayo> SFauconnier: what's between your DHCP server and the internet?
<SFauconnier> cable modem
<SFauconnier> no idea what the correct english word is.. something my ISP installed and I can't remove
<SFauconnier> but other than that nothing
<dayo> so, u've got two network cards on your dhcp and eth1's connected to your modem, while eth0 is connected to a switch or a client?
<SFauconnier> a switch, yes
<SFauconnier> now that I've uncommented it, shall I restart the services and try again? or do I need to change/add things in my interfaces file?
<dayo> SFauconnier: does your modem hand out a static IP or a dynamic IP to your server?
<SFauconnier> static
<dayo> SFauconnier: yeah, we need to change your interface file
<dayo> hang on.
<SFauconnier> ok
<kirkland> RoAkSoAx: cool, i'll take a look
<dayo> SFauconnier: ok, backup your interfaces file, disconnect your DHCP from your modem and switch, then make your interfaces file look like this: http://paste.ubuntu.com/164508/
<dayo> after that, plug you modem into *eth0* on your dhcp, and your switch into *eth1* on your dhcp, then restart dhcp
<dayo> also i think we'll have to set up routing. we'll see.
<RoAkSoAx> kirkland, btw i've just added a new debdiff fixing somthing in the changelog that forgot to modify :)
<kirkland> RoAkSoAx: cool, i'll take a look a bit later today
<RoAkSoAx> kirkland, ok awesome, thanks :)
<kirkland> RoAkSoAx: merge review is a non-trivial effort :-)
<SFauconnier> dayo: ifconfig says the broadcast is 255.255.255.255, is that possible?
<RoAkSoAx> kirkland, haha indeed
<SFauconnier> dayo: also, I have no idea what I should fill in in network (derived from my static ip), any idea how I could find out?
<dayo> SFauconnier: is that ifconfig off the old interfaces file?
<SFauconnier> yes
<SFauconnier> (didnt know those two were connected)
<SFauconnier> (I mean, didnt know ifconfig used the interfaces file)
<dayo> SFauconnier: for network, i'd say make it the same as the static IP, except change the last digits to 0   e.g.: static: 192.168.1.23  network: 192.168.1.0
<SFauconnier> k
<SFauconnier> but
<SFauconnier> dont know if this is related
<SFauconnier> but my isp gives me my static IP trough DHCP I think, it's binded to my mac address
<mac9416> Hey, ya'll I want to get Server via shipit, but my hardware isn't 64bit. Is that a permanent policy, or temporary?
<dayo> SFauconnier: u can leave out the 'network' part in the eth0 block.
<SFauconnier> ok, and what about broadcast?
<dayo> leave that out for now. also we need to add a gateway, which would be your modem's IP.
<SFauconnier> (btw thanks a bunch for helping me out, if I could, I'd send you flowers and chocolate through DCC :))
<dayo> let me revise the eth0 block
<SFauconnier> k, thanks
<dayo> SFauconnier:  lol, no problem.
<dayo> ok, make your eth0 block look like this: http://paste.ubuntu.com/164515/
<dayo> i've never used a cable modem before, but i'm guessing it'll have an IP. that IP needs to go into 'gateway'
<SFauconnier> I dont think it has one, and are you sure I can't set eth0 to use DHCP? my ISP hands out my static IP thruogh DHCP
<dayo> basically, the gateway is your dhcp's backup plan. that is if u've got clients and they send a request to your dhcp, the following happens:  if it's a request that can be handled on your LAN, i.e. internally, e.g. "please let me ssh into clientB, then your server takes care of that by itself. however, if the request is something like "log me into IRC", then your server passes the request on to the gateway.
<SFauconnier> k, I'll look it up and I'll try to find out if it has an IP
<dayo> SFauconnier: well, u could try making your eth0 block look like your old eth1 block. let's see if that works. if it does, then your modem's IP doesn't matter for the rest of the config
<SFauconnier> k, I'll try that first
<SFauconnier> gonne get disconnected from IRC though, have to put the switch behind the server again
<SFauconnier> but brb
<dayo> ok
<dayo> forgot to plug my laptop's power cord ........ suddenly the screen went dark. lol
<dayo> brb
<dayo> hmm. just noticed that we might need to change the 'INTERFACES' line in /etc/default/dhcp3-server
<SFauconnier> dayo: didnt work
<dayo> SFauconnier: did u ever change the /etc/default/dhcp3-server file?
<SFauconnier> yes
<dayo> what is 'INTERFACES=' set to? should be eth1, now
<SFauconnier> eth0
<SFauconnier> which is the one that's connected to the internal network (the switch)
<dayo> SFauconnier: change it to eth1. your dhcp is now set to hand out dhcp's thru eth1
<dayo> SFauconnier: exactly
<SFauconnier> it fails to restart the dhcp server now
<dayo> SFauconnier: try to restart networking
<SFauconnier> k
<dayo> sudo /etc/init.d/networking restart
<SFauconnier> might drop out of irc then though, if so, brb
<dayo> ok
<SFauconnier> still fails
<dayo> SFauconnier: pastebin your /etc/network/interfaces  and your /etc/default/dhcp3-server  and your /etc/dhcp3/dhcpd.conf  files, respectively
<SFauconnier> syslog says something in the lines of ignoring requests on eth1, if this is not what you want, please write a subnet declaration in your dhcp.conf.... not configured to listen to any interfaces
<dayo> also do this:  ifconfig eth0   and paste the output
<dayo> aah
<dayo> ok, then paste just your /etc/dhcp3/dhcpd.conf file for now
<SFauconnier> well, that's gonna get tough, I'm logged in into the terminal now using irssi and dont have a graphical interface :o)
<dayo> ok, try this:  sudo aptitude install pastebinit
<SFauconnier> but I'm connected to it with my laptop through ssh
<SFauconnier> so I can type it
<SFauconnier> in links
<SFauconnier> :D
<dayo> hmm, ok wait
<dayo> scp the dhcpd.conf to your laptop and install pastebinit on your laptop
<SFauconnier> k
<dayo> once u've done that, in the directory where u copied dhcpd.conf to (on your laptop) type:  pastebinit dhcpd.conf
<dayo> SFauconnier: it'll give u a link, post that link in here
<dayo> my AC's intermittently spitting tiny ice chunks at my temple. brb
<SFauconnier> my dhcpd.conf: www.pastebin.com/f2deb3dcb
#ubuntu-server 2009-05-05
<SFauconnier> my ifconfig eth0: www.pastebin.com/f13cc0177
<dayo> hmmm. the link says: "    * Unknown post id, it may have expired or been deleted "
<SFauconnier> which one?
<dayo> both
<dayo> links*
<SFauconnier> hm, they work in here in links
<dayo> weird
<SFauconnier> sending you through dcc
<dayo> SFauconnier: well, i guess i'm still an IRC newbie. how do i receive/view the sent files through dcc? what is dcc?
<SFauconnier> what irc client do you use?
<dayo> irssi
<SFauconnier> type in /dcc get sfauconnier eth0
<SFauconnier> and /dcc get sfauconnier dhcpd.conf
<dayo> ok, done. where do i find them?
<SFauconnier> good question
<dayo> aah. in my home dir
<SFauconnier> I suppose somewhere in ~/.irssi
<SFauconnier> or in your home dir
<SFauconnier> have no idea
<SFauconnier> you can set it with /set dcc_download_path
<SFauconnier> yeah, default is ~
<dayo> ok, hang on. let me have a look
<SFauconnier> k, thanks
<captainkirk> what command do i append to a cli command to pipe output to a file?
<heguru> captainkirk: ">" to write to a file overwriting it, ">>" to append to a file
<dayo> SFauconnier: is that your complete dhcpd.conf file?
<SFauconnier> yes
<captainkirk> heguru: ok, good, is it possible to add a variable in the command like 'todaysdate' so each time command is run it autocreates a new filename to output to?
<captainkirk> heguru: like command > uniquefilename.log
<dayo> SFauconnier: what did u set your eth1 to? what IP do u see when u type   ifconfig eth1 ?
<SFauconnier> 192.168.1.1
<dayo> that's odd. what does   ifconfig eth0  give u?
<SFauconnier> ow
<SFauconnier> that was eth0
<SFauconnier> eth1 gives me my fixed IP
<heguru> captainkirk: yourcommand > `date +%Y%m%d%H%M%S`.txt
<dayo> so eth1 is still connected to your modem, then?
<SFauconnier> yes
<heguru> captainkirk: this would give you a filename of YEARmonthDateHourMinSecond.txt
<dayo> arrgh.
<dayo> ok, in your /etc/default/dhcp3-server file change INTERFACES="eth1"   to "INTERFACES="eth0"
<dayo> SFauconnier: then try to restart your dhcp
<SFauconnier> k, it started
<SFauconnier> has an 'ok'! :o)
<dayo> cool. on your client type:   sudo dhclient
<SFauconnier> k
<SFauconnier> done
<dayo> SFauconnier: it should spit out an IP at the end of the output. 192.168-something
<dayo> right?
<SFauconnier> "bound to 192.168.1.10 -- renewal in 248 seconds" you mean that?
<dayo> awesome. so dhcp's working
<SFauconnier> yeah
<dayo> now try pinging google from your client
<dayo> ping www.google.com
<captainkirk> heguru !! thanks..!!
<SFauconnier> doesnt output anything, just hangs
<SFauconnier> wait
<SFauconnier> I shall restart my switch, had trouble with that earlier
<dayo> ok
<SFauconnier> it hangs for about a minute and then says: "ping: unknown host www.google.com"
<dayo> also, what does ifconfig eth1  give u?
<SFauconnier> on my client?
<dayo> no, server
<billybigrigger> can anyone suggest a good webstats app? like webalizer, but something that outputs more info and looks better than webalizer?
<SFauconnier> dayo: my fixed IP
<dayo> SFauconnier: what is it?
<SFauconnier> 81.82.203.26
<captainkirk> heguru. it seems to taking the text literally and creating file name exactly as typed instead of converting to Y m d etc
<captainkirk> billybigrigger: have u tried awstats
<heguru> captainkirk: did you use ` instead of ' ?
<dayo> SFauconnier: sudo /sbin/route add -net 192.168.1.0/24 gw 81.82.203.26
<heguru> captainkirk: not a single quotation mark, but ` (usually located before number 1 key)
<captainkirk> heguru... i used ' not `, so which is correct?
<dayo> SFauconnier: and then   /etc/init.d/networking restart
<captainkirk> heguru. ok trying that now
<heguru> captainkirk: use `
<SFauconnier> dayo: done
<dayo> SFauconnier: try pinging
<billybigrigger> captainkirk, nope, but i will
<SFauconnier> still hangs
<SFauconnier> should I restart services first?
<dayo> yeah
<captainkirk> heguru: the ` has fixed it... thanks,
<billybigrigger> captainkirk, installed awstats from repos, anything i have to configure or where does it spit the index.html out?
<SFauconnier> still hangs
<dayo> brb
<SFauconnier> which is strange btw, it didnt before
<captainkirk> billybigrigger: i have not used awstats on linux, only under apache on windows... 'eeeek' anyway.. the output and info was good.
<SFauconnier> before it could find the domain's ip but had 100% packet loss
<captainkirk> can anyone explain this entry in the syslog file ---- May  5 06:50:13 emerald2 syslogd 1.5.0#1ubuntu1: restart.
<SFauconnier> this server is killing me, have to get up in 5 hours
<reid> anyone able to tell me why there is no tab-completion for apt-get on my ubuntu-server?
<reid> I have it on this lappy running desktop
<SFauconnier> reid: what ubuntu version are you using?
<reid> 8.10
<XiXaQ> OemConfigServer seems nice. Has anyone here actually tried it?
<reid> SFauconnier: I have bash-completion installed as well,  tab-completion works for everything that isn't apt-get
<SFauconnier> reid: what output does "cat /etc/bash_completion | grep apt-get" give you?
<reid> SFauconnier: turns out fine.. I think the reason why is because I was trying to tab-complete as root
<SFauconnier> yes, won't work in root
<giovani> reid: is there a reason why you're logged in as root?
<reid> giovani: because its a server, and I'm doing stuff over sh, and rather than typing sudo over and over again, I'm just sudo su'd
<reid> giovani: but its ok, I fixed it,  I just needed to do ". /etc/bash_completion" as root
<giovani> heh
<reid> sh = ssh =P
<giovani> yeah, sudo allows for much more accountability
<reid> not doing anything dangerous, just moving files around in directories that I'd rather not chmod to 777
<giovani> ... why would you ever chmod 777?
<giovani> sounds like you don't have a proper group setup
<reid> because torrentflux requires its download folder to be 777
<reid> yet I like to keep them in places that are not 777
<reid> for obvious reasons
<giovani> why would it require that?
<giovani> that doesn't make any sense
<reid> because it has users that are not actual users on the server, they are only torrentflux webclient users
<giovani> uh
<giovani> but the process is running as a single user on the system
<giovani> nobody cares about torrentflux users
<giovani> that's not a permissions issue
<reid> for some reason or another, it is required to put files in a directory that is 777, it will not work if you don't.  In this file it creates its web-user directories
<giovani> sounds like there's a lack of understanding on someone's part here
<giovani> this is often how insecurity comes to be
<reid> sounds like torrentflux specifically says "This directory MUST be chmodded to 777"
<reid> =/
<giovani> sounds like there's a lack of understanding on their part ... :)
<reid> oh =
<reid> =P
<giovani> where does it say that, btw?
<reid> on the admin page where you set the download dir
<reid> if you try to set a 755 or something to it, then it doesn't let you save settings
<giovani> right ...
<giovani> because your groups haven't been set up properly
<reid> Define the PATH where the downloads will go
<reid> (make sure it ends with a / [slash]). It must be chmod'd to 777:
<reid> thats the exact wording on the page
<giovani> ok
<giovani> I believe you
<giovani> it's just probably what they feel is the easiest way to get it set up
<giovani> albeit insecure, and stupid
<giovani> I'd really advise you to look at alternatives to torrentflux though
<giovani> rtorrent and its guis are nice
<reid> torrentflux just has some features that I really like, since I have about 20 people who use it
<reid> but yeah, I would love to use rtorrent =P  I'm just lazy i suppose
<giovani> what features?
<reid> multi-user support,  multiple admins,  .tar http download, built-in tracker searches
<reid> not saying rtorrent doesn't have them
<giovani> hmm, ok
<reid> just that I haven't done so much research on it
<reid> and this is very friendly right out of the repos >.<  (lazy again)
<reid> giovani: the only problem I really have with torrentflux is the fact that it uses bittornado as a backend =P
<giovani> uh ... no kidding
<giovani> it's crap
<reid> soon I'll probably be switching to torrentflux-b4rt though and using transmission or something
<reid> something at least better than bittornado
<giovani> haha
<twb> Why not rtorrent?
<reid> explained a few lines up
<twb> Righto.
<reid> I just wish I could find a easy, clean way to just patch Torrentflux up to b4rt
<PleXuS> anyone can tell me how to use BD RE disc on linux ?
<PleXuS> to backup data on it
<PleXuS> like normal hardisk :)
<jmedina> what is BD RE?
<PleXuS> Bluray Rewriteable
<slestak> i think this problem is simpler than i am making it.  i want to scp files from one machine to another, to a similar named dir, NOT overwriting.  I just want the files that are not already there.  i do not see anything in the man page that will accomplish this
<slestak> i'll just scp them all to a sae dir and us cp onthe dest machine
<storrgie> when i run a sudo command in ubuntu i see "sudo: unable to resolve host MYHOST"
<wizardslovak> how to configure mysql ?
<wizardslovak> i cant set up root password
<J-_> I'm currently running a server with 8.04 installed. Not really clean anymore since I've been messing around with configuration files trying to get my interfaces setup, but it's giving me trouble. Can someone guide me through the process of setting my server up to where it's both accessible from WAN, and LAN?
<storrgie> http://pastebin.com/m7971f713
<wizardslovak> try sudo apt-get update
<wizardslovak> then try it again
<storrgie> I did.
<storrgie> also a sudo apt-get install -f ufw
<J-_> http://pastebin.ca/1412952 My interfaces and hosts config files. I don't think they are configured proper. Can someone check them out?
<J-_> And, some advice too, please. :)
<storrgie> http://pastebin.com/m7971f713
<twb> J-_: looks fine to me.
<twb> J-_: I think "network" is not needed anymore, though
<J-_> twb: What's weird is I can't ping google. I can ping 192.168.1.100, and 192.168.1.1.
<J-_> I'll remove network
<twb> J-_: fix your resolv.conf, then
<twb> J-_: you'll also need to fix your routing table.
<J-_> where's resolv.conf? I can't seem to find, or locate it.
<wizardslovak> i cant make password for root
<wizardslovak> in mysql
<J-_> /etc/resolv.conf :)
<J-_> twb: http://pastebin.ca/1412960 Does that look alright?
<twb> No, that looks utterly stupid.
<J-_> err, okay.
<twb> How do you expect to resolve the nameserver's name without a nameserver?
<wizardslovak> my nameserver is 192.168.1.1 lol
<Sarnuial> hey... anyone feel like helping a noob with iptables configuration?
<Sarnuial> what I
<Sarnuial> ^I'm trying to do
<uvirtbot> Sarnuial: Error: "I'm" is not a valid command.
<Sarnuial> is basically looping a gateway through itself
<J-_> twb: How would I configure the file?
<Sarnuial> I have a gateway which connects to the Internet, then my router connects to it, and all my other computers connect to the router
<twb> J-_: you need to identify name servers by IP, not by name.
<wizardslovak> so u got modem ,router and PCs
<Sarnuial> I'd like to have any outgoing stuff on the gateway that didn't originate on the internal side of the router to loop back through the router and then go out the gateway, so I can track bandwidth statistics on the router
<storrgie> http://91.121.193.183/torrentflux/
<storrgie> help!
<Sarnuial> i.e., have iptables set up so that
<Sarnuial> if ($origin != 192.168.0.10) { $traffic->send('192.168.0.10'); } else { $traffic->accept(); }
<Sarnuial> @storrgie: you modified the configuration php file?
<storrgie> yes i did
<J-_> Does freedns.afraid.org give you IPs? I don't think they do. And do I put their DNS nameservers in resolv.conf?
<twb> J-_: I have no idea.
<Sarnuial> @storrgie: are you trying to use MySQL or PostgreSQL?
<storrgie> Sarnuial: mysql
<twb> For a typical domestic setup, resolv.conf is populated with the IP(s) of your ISP's name servers, by dhclient.
<Sarnuial> @storrgie: ./adodb/drivers/adodb-mysql.inc.php exists?
<storrgie> Sarnuial: i think its an issue with adodb
<storrgie> ./?
<storrgie> php5-mysql is installed
<Sarnuial> @storrgie: assuming you're in the main torrentflux directory; /var/www/torrentflux/adodb/drivers/adodb-mysql.inc.php is probably the full path
<storrgie> im not sure how to check for adodb
<storrgie> i installed torrentflux from repos
<storrgie> the main dir is now /usr/share/torrentflux/www
<storrgie> :( not sure why
<storrgie> should I just apt-get remove torrentflux
<storrgie> and download it?
<Sarnuial> probably
<Sarnuial> but first
<storrgie> the DB is ok, i know that much
<Sarnuial> open config.php and make sure $cfg["db_type"] is mysql, not blank
<Sarnuial> should be line... 31
<storrgie> it is
<Sarnuial> mkay...
<storrgie> rip it out?
<Sarnuial> probably a good place to start
<storrgie> how can i rip it out and remove the files
<storrgie> remove --full or something?
<Sarnuial> apt-get remove torrentflux and then dpkg --purge torrentflux
<Sarnuial> that should do it
<Sarnuial> (nobody can help with my iptables issue? :( )
<storrgie> Sarnuial: i also have this :( http://pastebin.com/m7971f713
<Sarnuial> hrm...
<Sarnuial> that's... weird
<Sarnuial> try apt-get install -f
<storrgie> tried that
<storrgie> same thing
<Sarnuial> and if you do apt-get install python it says it's already there?
<storrgie> yep
<storrgie> i did it for python2.5
<Sarnuial> try apt-get check
<Sarnuial> that fail too?
<storrgie> http://pastebin.com/m286fbd02
<storrgie> all kinds of things messed up
<billybigrigger> anyone here use awstats?
<storrgie> apt-get check worked fine
<Sarnuial> I'm not sure if I want to ask what you've done to this poor machine ;)
<billybigrigger> i installed from repos, and edited the awstats.conf to my liking and i can't see any .html or .png's or anything in my webroot, is it supposed to spit out a stats page to my web dir or how do i run it, or what?
<storrgie> its an OVH server
<Sarnuial> @storrgie: I shouldn't have come on IRC this late... I've got to head off. I hope you can get it sorted.
<storrgie> im not sure whats going on
<storrgie> thanks
<mib_wwrjs9> Does anyone know of any good tutorials for making a Home server on ubuntu, probably with just samba and preferably some method of easily adding users and allowing the users to change their own passwords? Also I'd like if it told me what exactly I was doing instead of just having me blindly follow steps.
<XiXaQ> sounds like you just need to install a normal desktop?
<Jeeves_> billybigrigger: http://<yourhostname>/cgi-bin/awstats.pl
<billybigrigger> my /var/www doesn't have a cgi-bin
<billybigrigger> i saw that in the config, was i supposed to make one with proper perms?
<billybigrigger> hmm
<billybigrigger> awstats seems to be off a bit
<billybigrigger> webalizer is showing 700+ hits since i had the webserver running and awstats shows 0
<billybigrigger> im highly doubtful all 700+ hits came from my local machine in the last week or 2
<beawesomeinstead> does anyone know how to get rid of Virtual timer expired error?
<reid> hi all, if I have ALSA working properly on my server, and would like to install pulseaudio.  what is the correct way to do this?  (I have already googled..) =P
<J-_> Can I use ddclient with freedns.afraid.org?
<ar> hi
<J-_> I can ping google's IP, but not the domain. Any ideas?
<twb> J-_: your name resolution is still fucked.
<twb> You can test this by attempting to resolve google.com instead of attempting to ping it, e.g. "host google.com" or "dig -x google.com" or "nslookup google.com"
<jmarsden> twb: dig -x is a reverse lookup... just plain    dig google.com   does normal name resolution.
<twb> jmarsden: oops, thanks
<twb> (I'm not a dig weenie, but my cow-orkers are.)
<J-_> Meh I dunno
 * J-_ shuts his server off
<kaushal> hi
<kaushal> where does mysql server logs error ?
<kaushal> I can not see it in syslog ?
<mixed_drink> how do I disallow access to openssh server from a specific user?
<soren> mixed_drink: "DenyUsers username" in your sshd_config
<mixed_drink> thank you soren
<soren> mixed_drink: More info in "man sshd_config"
<mixed_drink> much thanks :)
<uvirtbot> New bug: #371728 in tomcat6 (main) "Please merge tomcat6 6.0.18-3 (main) from Debian unstable (main)" [Wishlist,In progress] https://launchpad.net/bugs/371728
<twb> IMO it'd be better to whitelist specific users
<kaushal> checking again for my query ?
<DawnLight> can someone take a look at https://answers.launchpad.net/ubuntu/+source/samba/+question/70002 please?
<uvirtbot> New bug: #353529 in samba (main) "winbind crashes (dup-of: 286119)" [Undecided,New] https://launchpad.net/bugs/353529
<micahf> hey, how can I have my gateway box give out opendns addresses?
<micahf> so that I don't have to configure the dns addresses on every client?
<reenignEesreveR> I've installed ubuntu server 8.04. I wanna make sure logrotate is working. I can't find it anywhere in cronjobs ... how do i make sure it works?
<reenignEesreveR> :(
<ogra> /etc/cron.daily/logrotate ?
<reenignEesreveR> ogra, the file exists ... it means it would run daily for sure?
<_ruben> no, it will only run when the server's powered on at the time cron.daily's scheduled
<_ruben> and crond's running, etc
<reenignEesreveR> _ruben, could you please elaborate?
<_ruben> cron.daily usualy gets scheduled at about 6:25am or so .. if the server or any important software part it depends on isnt running, the daily jobs wont either .. which is just stating the (very) obvious
<ogra> well, if it isnt run at 6:25 because the system was powered down, "atd" should care iirc
<ogra> on power up
<reenignEesreveR> righto :)
<Malteser> hello
<sommer> morning
 * Malteser is searching for someone who can help him with postfix-virtual-users on a Ubuntu-Server 8.04
<ageek> hello
<_ruben> Malteser: might wanna ask some more specific questions
<Malteser> _ruben: the problem is: the postfix smtpd receives and stores eMails but the smtp and pop login doesn't work
<Malteser> _ruben: i tried to solve it via berkeley-DB files
<_ruben> smtp auth i havent played with yet .. pop login has nothing to do with postfix
<Malteser> both doesnt work with my virtual users
<incorrect> are there any plans to have a version of 8.04 amd64 that will work with core i7?
<Malteser> _ruben: some idea where i could find something to fix my prob ... found nothing matching my prob all over the web ... also not in the postfix manpages
<_ruben> Malteser: cant help with the smtp part, as for the pop part, you need to check your dovecot/cyrus/courier setup to see if it has virtual user support
<Malteser> _ruben: k thanks ... i keep on searching
<_ruben> i only started playing with virtual users (postfix+dovecot) recently .. got my first setup up and running yesterday :) .. now to migrate from local hashes to mysql
<Malteser> _ruben: that sounds interesting ... can dovecot work with the smtpd_sender_login_maps hashes from postfix
<Malteser> _ruben: or do i need an extra conf for that
<Malteser> quit
<incorrect> has anyone had many problems with ext4?
<blue-frog> no
<blue-frog> now I speak for me not anyone
<incorrect> so as ubuntu 8.04 amd64 won't run with the new core i7 xeon's should i just simply go to jaunty and start treating the OS as disposable ?
<blue-frog> incorrect: ext4 is not enabled by default in jaunty anyway
<incorrect> blue-frog, depends how you install it ;)
<blue-frog> you have to call for it
<incorrect> i can see see ext4 as an FS option
<blue-frog> that's what I say: option
<blue-frog> not default
<incorrect> the way i install nothing is default
<blue-frog> good
<incorrect> i am just irritated that i can't keep my platform on the same OS version
<incorrect> i had backported everything i need to hardy and now i need to build the netboot with a new revision of the kernel, sigh
<incorrect> i think going with making the OS disposable is the best way really
<g_man> hello i just upgraded from ubuntu server 8.10 9.04
<g_man> this broke my ldap database
<g_man> db4.7_recover was processed without errors
<g_man> but it didn't work
<g_man> slapd -d 5 exited with the following error:
<g_man> bdb_dn2id: get failed: DB_NOTFOUND: No matching key/data pair found
<g_man> im kind of stuck now but cannot find any solution
<g_man> i have the bdb database files
<g_man> but not the ldif files
<g_man> any help is appreciated
<reid> could anyone help me install pulseaudio on ubuntu-server?
<reid> 8.10
<sommer> g_man: maybe try db4.7_recover -c in /var/lib/ldap
<g_man> didn't work :(
<sommer> maybe db4.6_recover?
<g_man> db4.6_recover: Unacceptable log file log.0000000001: unsupported log version 14
<sommer> g_man: what if you move the log files to another directory then try the recovery
<g_man> db4.6_recover: Program version 4.6 doesn't match environment version 4.7
<g_man> but thiout the -c fag worked now
<g_man> thiout=without sorry..
<sommer> so it's working?
<g_man> but I still cannot access it
<g_man> db4.6_recover went without errors but no change in the symptomps
<sommer> so is slapd running?
<g_man> im trying it seems to be stuck
<g_man> no it crashed again with the same bdb_dn2id error
<sommer> g_man: you might try sudo slapd -F /etc/ldap/slapd.d -h ldap:/// -d -1
<g_man> it didn't work i'm now looking for the error message there is much more output
<sommer> g_man: ya, that puts slapd into debug mode
<g_man> => access_allowed: auth access to "cn=admin,dc=cifi,dc=local" "userPassword" requested
<g_man> => acl_get: [1] attr userPassword
<g_man> => slap_access_allowed: result not in cache (userPassword)
<g_man> this occurs over and over again is this an error?
<g_man> i think the server is running but i cannot access it via phpldapadmi
<sommer> g_man: what about a simple ldapsearch
<uvirtbot> New bug: #372233 in tomcat6 (main) "tomcat6 fails to start: "cd: 216: can't cd to /var/lib/tomcat6/temp"" [Undecided,New] https://launchpad.net/bugs/372233
<g_man> ldap_sasl_interactive_bind_s: Invalid credentials
<g_man> SASL [conn=22] Error: unable to open Berkeley db /etc/sasldb2: No such file or directory
<g_man> this appears on the slapd console when i try ldapsearch
<g_man> SASL Canonicalize [conn=22]: slapAuthcDN="uid=sysadmin,cn=digest-md5,cn=auth"
<g_man> these cn's don't exist
<g_man> ok i was able to connect as anonymous and all my ou's are gone!
<g_man> i think it recovered the wrong version
<g_man> ok i think we should ditch this
<g_man> i fuond an older ldif-backup but upon phpldapadmin imoprt it reports a constraint violation
<g_man> i think the problemn is that the samba.schema is not added
<g_man> but i don't know/understand the new slapd.conf folder
<sommer> g_man: there's instructions for adding the samba schema in the serverguide
<sommer> !serverguide
<ubottu> The Ubuntu server guide may be found at http://help.ubuntu.com/8.04/serverguide/C/
<sommer> http://help.ubuntu.com/9.04/serverguide/C/ rather
<g_man> sorry :s im starting to get tired
<yann2> mmh.
<yann2> May  3 08:39:20 bladon kernel: [4619889.937303] BUG: soft lockup - CPU#0 stuck for 11s! [swapper:0]
<yann2> that one surely doesnt look good.
<yann2> anyone ever had this before?
<soren> yann2: Yes.
<yann2> what can it be related to?
<yann2> it s a fairly normal ubuntu server - munin, bacula, backuppc, mothing fancy
<soren> In my case it was a lost interrupt to the I/O thread in a kvm-61.
<soren> Err.. 62, it must have been.
<yann2> yeah - but that one isnt using kvm :(
<soren> It can be literally a million different things.
<yann2> hardware or software?
<yann2> cause it basically crashed the server :D
<soren> yann2: Single CPU system?
<yann2> dual dual core
<soren> And you only see these messages for CPU#0?
<soren> ...or are the similar ones for #[123] ?
<genii-around> Weird. my whois previously worked. Now I'm getting "unknown host rejected x.x.x.x"        (where x.x.x.x is my actual static IP)
<yann2> yhamon@bladon:/var/log$ cat kern.log | fgrep bladon  | fgrep lockup
<yann2> May  3 08:39:19 bladon kernel: [4619878.147617] BUG: soft lockup - CPU#0 stuck for 11s! [swapper:0]
<yann2> May  3 08:39:20 bladon kernel: [4619889.937303] BUG: soft lockup - CPU#0 stuck for 11s! [swapper:0]
<yann2> same cpu but twice
<yann2> actually its weird that it sayd its blocked for 11seconds at 1 second interval :)
<genii-around> nvm, seems it's that specific whois server (for proxad.net)
<soren> yann2: Yes, it'll keep doing that forever, probably.
<soren> "forever" as in "until you reboot".
<soren> yann2: 4619878.147617 and 4619889.937303 are 11 seconds apart, though. It's just the syslog that's lagging (for some reason).
<cybersplice> Do things exist after a reboot?
<yann2> took me two days to notice as its my nagios box :(
 * cybersplice lapses into existentialism.
<soren> yann2: Well, it can't be completely hung. It's still logging stuff.
<yann2> soren > no it is not
<yann2> it stopped logging just after that
<yann2> worth a support ticket?
<soren> If it hasn't happened before nor since, there's not much to be done.
<nealmcb> kees: I wonder if it would be helpful to add some more examples to https://wiki.ubuntu.com/UbuntuMainInclusionRequirements in the " Check for security relevant binaries" section.  E.g. "Add-ons and plugins for server software.  E.g. web applications, mail filters, etc."
<ivoks> take care
<kees> nealmcb: hmm
<nealmcb> it is of course obvious to those who think about such things, but....
<nealmcb> or perhaps a separate section for non-root server stuff...
<kees> nealmcb: I think it's a good idea to add more examples.
<nealmcb> kees: we were just talking about webmail systems in the server team meeting
<nealmcb> https://wiki.ubuntu.com/ServerTeam/MailServer
<kees> nealmcb: "* Add-ons and plugins that perform additional tasks (filters, scanners, UI skins, etc)"   ?
<nealmcb> kees: The main point seems to be that it hooks into other security-sensitive things, like servers or privileged desktop software
<kees> nealmcb: hrm, perhaps I'm not understanding.
<nealmcb> and I think adding "web applications" in particular (a very common and problematic class) would help
<kees> nealmcb: that's a pretty giant class of software
<nealmcb> Add-ons and plugins to security-sensitive software (web applications, mail server filters, UI skins, etc)
<kees> ah! gotcha.  adjusting...
<kees> jdstrand: does Ubuntu shadow need to continue to carry the passwd.postinst that cleans up the vmbuilder password glitch?
<jdstrand> kees: no, I don't think so. it is only in vmbuilder created images, and vmbuilder in the affected version of vmbuilder (intrepid) can't build karmic images
<jdstrand> (without hacking anyway)
<jdstrand> from the USN:
<jdstrand> This vulnerability only affects virtual machines created with vm-builder under Ubuntu 8.10, and does not affect native Ubuntu installations.
<kees> jdstrand: okay, I'll drop it from the merge.
<LHC> how much would a dedicated server, 250gig, 2gig ram, unlimited 100mbit line cost
<zul> mathiaz: do you still use bzr to take care of dovecot?
<mathiaz> zul: yes
<mathiaz> zul: let me update the branch in lp
<zul> mathiaz: okies
<mathiaz> zul: lp:~ubuntu-core-dev/dovecot/ubuntu has been updated
<zul> thanks
<mathiaz> zul: this branch is actually based on the svn branch from the debian svn repostiory
<mathiaz> zul: however I can't mirror the debian svn branch in LP - so it's a local branch
<zul> mathiaz: do you want to upload it to the archive?
<mathiaz> zul: and to add to the matter the svn branch has changed in debian
<mathiaz> zul: yeah - I'll give it a try
<mathiaz> zul: I've been using dovecot as playground for bzr-builddeb and getting used to a bzr based workflow for packages.
<zul> how is it going so far?
<wizardslovak> hello people
<wizardslovak> do you know any free domain name rgistration service?
<zoopster> wizardslovak: hello...no more free domain registrars exist
<wizardslovak> lol
<wizardslovak> good to know
<wizardslovak> i got couple questions
<wizardslovak> i am noob with ubuntu server
<wizardslovak> and i would like to host my own web site
<wizardslovak> is my 30mbit isp connection enought??
<beawesomeinstead> wizardslovak: co.cc
<beawesomeinstead> haha
<wizardslovak> ??
<beawesomeinstead> wizardslovak: you can register free domain @ co.cc, i meant :-)
<wizardslovak> lol
<gpled> was thinking of using ubuntu server for a postfix box.   how can i find out, what version of bind and postfix, the server addition would be using?
<beawesomeinstead> gpled: @ packages.ubuntu.com
<beawesomeinstead> there's also aptitude command by i forgot it :-p
<beawesomeinstead> *but
<wizardslovak> is 250gb traffic on web host enought?
<beawesomeinstead> wizardslovak: for static pages but not for warez movies
<wizardslovak> for regular web site
<beawesomeinstead> wizardslovak: i would say yes if regular is less then 87381 views of 100KiB page per day
<beawesomeinstead> ^ is for 250GB/month
<wizardslovak> is better to get hosting or use my server do host site?
<uvirtbot> beawesomeinstead: Error: "is" is not a valid command.
<beawesomeinstead> wizardslovak: depends: for a relatively small site (<1000 visitors per day) i would use either my home server or shared host
<beawesomeinstead> wizardslovak: for a bigger one i would get a linode (linode.com) or a slice (slicehost.com)
<beawesomeinstead> *i prefer linode
<beawesomeinstead> **if you know how to manage vps of course
<wizardslovak> what about godaddy hosting?
<gpled> beawesomeinstead: thanks
<beawesomeinstead> wizardslovak: i personally hate their support, i wouldn't use godaddy (IMHO)
<beawesomeinstead> gple: np
<gpled> ditto on godaddy
<wizardslovak> well i will use godaddy as domain register
<wizardslovak> so far 8.99/year for .us
<wizardslovak> good deal lol
<wizardslovak> ??
<beawesomeinstead> my current stack is: Linode+Slicehost (both) / Moniker for domains / DNSMadeEasy for DNS hosting. Both Linode and Slicehost are reputable companies with awesome support
<wizardslovak> what is "dns made easy" for?
<gpled> been happy with DNSEXIT.COM
<beawesomeinstead> wizardslovak: DNS hosting -- they provide ip anycast, DNS failover with system monitoring, etc, etc, but you don't need it for regular site
<beawesomeinstead> gpled: i wish i could afford dynect
<wizardslovak> beawesomeinstead: thank you
<wizardslovak> i am noob with all this lol thats why i ask
<wizardslovak> oo i see that moniker has 7.29/year for .us
<beawesomeinstead> np, glad if i was helpful
<gpled> wonder what distro dynect runs
<beawesomeinstead> gpled: Apache/2.2.11 (FreeBSD) mod_ssl/2.2.11 OpenSSL/0.9.8e DAV/2 PHP/5.2.9 with Suhosin-Patch
<wizardslovak> i got ubuntu server up and running but still i want to learn it more lol
<wizardslovak> so i decided to get web site and try it on my LAN untill ill learn how to make server be visible to WAN
<wizardslovak> lol
<beawesomeinstead> wizardslovak: this is called "staging environment" :-p
<wizardslovak> lol
<wizardslovak> ok another question
<wizardslovak> where can i find cheapest domain name reg?
<wizardslovak> i am looking for .us only
<beawesomeinstead> wizardslovak: 7.29/year is a pretty good deal
<foxbuntu> wizardslovak, I usually do mine through godaddy.com
<wizardslovak> yea i found it on moniker
<wizardslovak> godaddy is 8.99
<foxbuntu> wizardslovak, yeah...they can be a little more
<foxbuntu> I just have had good luck with the support and such
<oruwork> which kernel is used in 9.04 ?
<gpled> wizardslovak: want to careful on just looking at price.   iv seen places just fall off the world, when you against a time line.  cant get ahold of them sometimes
<foxbuntu> orudie, 2.6.28
<wizardslovak> i used to have godaddy , but when my domain expired , and wanted to get it again i couldnt get no reply from customer support
<wizardslovak> well i think i will go for godaddy for domain registration
<wizardslovak> can i pay on moniker with paypal?
<wizardslovak> ok so i got .us for 3 years for $22.74
<wizardslovak> beawesomeinstead:  how long will it take with moniker for my domain to be registered? i see payment has been cleared out
<beawesomeinstead> wizardslovak: like 5-10 minutes
<wizardslovak> ok so lets wait
<wizardslovak> check this , should i folow it to make web server ?? http://net.tutsplus.com/tutorials/php/how-to-setup-a-dedicated-web-server-for-free/
<oruwork> wizardslovak-> are you going to host it from home ?
<wizardslovak> well not now
<beawesomeinstead> wizardslovak: it's pretty standard configuration that works out-of-the-box with minimal config requirements, i bit disagree with partitioning section
<beawesomeinstead> wizardslovak: if you don't have physical access this tutorial is pretty useless
<beawesomeinstead> *to server
<wizardslovak> physical access??
<wizardslovak> its right next to me , running
<wizardslovak> lol
<wizardslovak> i got router and server , how will other PCs from WAN see my server?
<oruwork> with port forward
<beawesomeinstead> oh, i thought "are you going to host it from home ? well not now" means that you don't :-)
<beawesomeinstead> i would use DMZ option
<beawesomeinstead> *demilitarized zone
<wizardslovak> beawesomeinstead: first i  want to learn server , when i will be comfortable enought with it i will host it
<wizardslovak> i have 30mbit isp with static ip
<wizardslovak> my router is dd-wrt
 * beawesomeinstead is jealous
<oruwork> wizardslovak-> which isp ?
<beawesomeinstead> optonline?
<wizardslovak> yes
<oruwork> i have the same thing, but home package
<wizardslovak> that bussiness package
<beawesomeinstead> yeah a friend of mine uses it, they restrict access to mail from overseas :-p
<oruwork> its really not worth to pay opt online to have a server at home
<oruwork> i learned that over the years
<wizardslovak> oruwork: for now its good, and still its for learning purposes
<wizardslovak> well i kinda dont pay it lol
<wizardslovak> my friends needed internet for wireless so i carge him $10  a month
<wizardslovak> lol
<oruwork> make sure you have a UPS connected to the box
<wizardslovak> uninterupted power source
<wizardslovak> ok so lets talk about that DMZ
<oruwork> dont use it
<oruwork> do you have the server installed ?
<wizardslovak> yes i do with openssh and LAMP
<beawesomeinstead> oruwork: why not?
<oruwork> ok so forward port 80 to the server box
<oruwork> cause DMZ disables the firewall, all ports are open
<wizardslovak> so if i will forward it to server , will other PCs on LAN be able to browse internet?
<beawesomeinstead> oruwork: then he could use iptables/ufw to learn how to firewall
<oruwork> yes beawesomeinstead
<wizardslovak> can i forward other port? or it has to be 80 only?
<oruwork> which other port?
<wizardslovak> well i am just curious
<beawesomeinstead> wizardslovak: you'll probably need 22 -- ssh, if you want to control your box from outside
<oruwork> for now you only need port 80
<oruwork> yes 22 also
<wizardslovak> ok so if you can guide me i will appreciate it
<wizardslovak> lets do 22 first
<beawesomeinstead> wizardslovak: something like http://www.dd-wrt.com/wiki/index.php/Port_Forwarding
<wizardslovak> lol i know how to forward port in ddwrt
<wizardslovak> i though you got to do something in server
<oruwork> no
<beawesomeinstead> ah, no, you do not
<oruwork> just forward port 80 and 22
<oruwork> you know the ip of the server right ?
<wizardslovak> yes
<wizardslovak> thats how you log to server via ssh
<wizardslovak> ssh xxx.xxx.xxx.xxx
<beawesomeinstead> sorry guys, i'm too sleepy, gotta go to bed ...
<oruwork> which box do you ssh from ?
<oruwork> later beawesomeinstead
<wizardslovak> from laptop
<oruwork> which OS ?
<wizardslovak> beawesomeinstead:  good night
<wizardslovak> oruwork: kubuntu
<oruwork> uhu nice
<wizardslovak> ok port 22 is forwarded to server
<oruwork> ok
<oruwork> now port 80
<wizardslovak> well laptop is dualboot , but i couldnt make openssh work in xp
<oruwork> and give me the ip or domain to try ti
<oruwork> you can use putty.exe in xp
<wizardslovak> ok but as i said will other computers be able to browse internet??
<oruwork> yes
<wizardslovak> ok port is open
<oruwork> ok do you have a domain set up
<wizardslovak> well i bought domain but its not showing up yet
<oruwork> ok whats your ip
<wizardslovak> alhough i have there test site on server
<wizardslovak> i sent it to you in PM
<wizardslovak> there is sentence on that site
<wizardslovak> sent me what it says and i tell you if it is
<wizardslovak> right
<wizardslovak> it works here
<oruwork> it works on lan ?
<wizardslovak> yes
<oruwork> it shows it works right ?
<wizardslovak> yes i see the site
<oruwork> i cant access it
<oruwork> i ussume if you did the port forward correctly, your isp is blocking it
<wizardslovak> wait
<oruwork> blocking port 80
<oruwork> you can go to optimum online control panel and open it since you have the business package
<wizardslovak> i forgot to unblock it
<oruwork> optimum boost
<oruwork> :)
<wizardslovak> give me a sec
<wizardslovak> damn i forgot my optimum id
<oruwork> lol
<oruwork> call them have them unlblock it for you
<oruwork> call the business number, this way you'll get in touch with someone much quicker
<oruwork> even if you dont have a business account, they'll still help you out
<wizardslovak> problem is my phone is broken lol
<wizardslovak> i am trying to get them on live chat but it says "your os isnt supported" lol
<wizardslovak> wait ill use my bros xp
<wizardslovak> brb
<wizardslovak> ok i got it
<wizardslovak> i didnt have account created lol
<wizardslovak> i see that ports 80 and 25 are off
<wizardslovak> oruwork: still here??
<oruwork> yup
<oruwork> port 25 is for mail
<oruwork> email
<wizardslovak> ok i see
<oruwork> so unless you plan on setting an email server, leave that alone for now
<oruwork> for your own protection
<wizardslovak> so i will open 80
<oruwork> yup
<wizardslovak> ok it says i have to restart modem
<wizardslovak> but try now
<wizardslovak> i will restart my modem
<wizardslovak> brb
<oruwork> yup
<oruwork> it works
<wizardslovak> ok now it should work
<wizardslovak> try it
<oruwork> it works
<oruwork> baran ?
<wizardslovak> hehe so it works
<oruwork> baran as in sheep ?
<oruwork> male sheep ?
<wizardslovak> yes
<oruwork> ok
<oruwork> russian ?
<wizardslovak> polish
<wizardslovak> so my server works heheh
<oruwork> yup
<oruwork> set up vhosts
<oruwork> you can run multiple domains on one server
<oruwork> separate websites
<oruwork> all on one server
<wizardslovak> now what should i do  so when people will type my web.us  it will redirect them to my server
<oruwork> so web.us is your domain ?
<wizardslovak> nah domain is wizzy.us
<oruwork> ok, who did you buy the domain from ?
<wizardslovak> moniker.com
<wizardslovak> but it still doesnt show
<oruwork> what do you mean doesnt show ?
<oruwork> the nameservers are set up
<oruwork> now you need to set up DNS records
<oruwork> not in your server, but in their control panel
<wizardslovak> when i log into account  and i click on "my domains" i dont see wizzy.us
<oruwork> hmm
<foxbuntu> wizardslovak, it might now show up for 24-48 hours
<wizardslovak> ooo so i gotta still wait
<foxbuntu> s/now/not
<wizardslovak> well ok if i will see it there
<wizardslovak> how do i know which name servers i myne?
<oruwork> dig wizzy.us NS
<wizardslovak> in dd-wrt i see dns 1,2,3
<oruwork> not in your router
<wizardslovak> i think those are my nameservers???!
<oruwork> the nameservers of your domain will show if you type 'dig wizzy.us NS'
<wizardslovak> where should i type it?
<oruwork> in the terminal window
<wizardslovak> of server?
<oruwork> you can
<oruwork> anyone can type it
<wizardslovak> ok i see ns1.domainservice.com
<oruwork> yup
<oruwork> so now you have to point your domain to the ip adderss
<oruwork> the one you gave me
<wizardslovak> so when my domain will show in moniker i should change their nameservers , to myne?!
<oruwork> but you say that your control panel is not ready yet
<oruwork> no dont change the nameservers
<wizardslovak> well its not yet, but i iwant to know what should i do later when it will be
<oruwork> if your package includes DNS services they should give you the ability to point your domain to your server's ip
<wizardslovak> it has "manage DNS"
<oruwork> ok go in there
<oruwork> there you add ip addresses
<wizardslovak> well still shows error
<oruwork> i really dont know how long its gonna take for them to get it set up
<oruwork> try contacting them and find out
<wizardslovak> well some said 10 minutes some 48 hours
<wizardslovak> ok so basically i made my own server (with your help)
<oruwork> yeah there is much more on your journey though
<wizardslovak> well i am happy aNYWAYS
<wizardslovak> ok do you still have time?
<oruwork> yup
<wizardslovak> funny think i got server and domain but dont have web site lol
<wizardslovak> all of files which are coming with website should go to /var/www???
<oruwork> yeah, but you should set up vhosts
<wizardslovak> virtualhost?
<oruwork> so you'll have
<oruwork> separate websties
<oruwork> yup
<oruwork> like
<wizardslovak> but i will have only one
<oruwork> /var/www/site1.com /var/www/site2.net /var/www/site3.org
<oruwork> set it up its not gonna hurt for the future
<genii> Lets say I have 3 dd images ... sda.img sdb.img sdc.img   and they are of the drives which compose a raid5. Any way to make for instance an md device using just the images? (without copying them back to 3 actual drives)
<wizardslovak> ok so make only folders?
<wizardslovak> ok my domain name is active
<wizardslovak> well i see my domain
<wizardslovak> i see all dns for my domain and they are same as in my server
<wizardslovak> where should i change ip to my servers ip
<wizardslovak> i should change host name in my server?
<oruwork> no
<oruwork> http://pastebin.com/m176e6558
<oruwork> this is an example from my DNS manager
<wizardslovak> ok cause over here it asks me for host name , ip and record type
<wizardslovak> lets change my domain name on server
<oruwork> type 'hostname'
<oruwork> it should give you your host name
<wizardslovak> ok i got it
<wizardslovak> UbuntuServer
<oruwork> ok
<wizardslovak> i can use it
<wizardslovak> right
<oruwork> what are the choices for record type ?
<wizardslovak> adress,cname,ms,txt
<wizardslovak> i selected adress
<oruwork> ok
<wizardslovak> and now my ip,right?
<oruwork> yup
<oruwork> the external ip
<wizardslovak> ok done
<oruwork> you have to wait for it to propagate
<wizardslovak> well i typed wizzy.us but it doesnt show
<oruwork> gotta give it time
<oruwork> could take upto 1 hour
<wizardslovak> ok
<wizardslovak> so when someone will type wizzy.us , dns will convert it to ip and send it to my server , server will then open index.html
<wizardslovak> right?
<oruwork> yup
<wizardslovak> ok
<wizardslovak> how to make those vhosts?
<wizardslovak> mkdir /var/www/wizzy.us
<wizardslovak> ??
<oruwork> wait
<foxbuntu> wizardslovak, google apache vhost, they are conf files in /etc/apache2/sites-enabled/
<wizardslovak> foxbuntu thank you
<wizardslovak> although i prefer when someone actually guide me thru process
<wizardslovak> what is good about have vhosts?
<foxbuntu> wizardslovak, the reason I told you to goolge for it was because a vhost is a custom config file based on your needs, the documentation will explain the different pieces of the vhost so you can make an educated decision
<wizardslovak> oooo
<wizardslovak> thank you
<uvirtbot> New bug: #372399 in samba4 (universe) "tevent packaging problems in samba4" [Undecided,Fix committed] https://launchpad.net/bugs/372399
<wizardslovak> oruwork:  maybe i should do firewall in server?!
<oruwork> no
<foxbuntu> oruwork, why?
<wizardslovak> y not?
<oruwork> for what ?
<wizardslovak> not getting vruses or stupid adds
<foxbuntu> its an external facing apache server correct?
<foxbuntu> wizardslovak, firewalls are not web content filters
<oruwork> but he only has like 2 ports open on his server
<wizardslovak> yes 22 and 80
<wizardslovak> oruwork guided me , thankk you
<foxbuntu> how are they filtered now?
<oruwork> with his router
<reid> lol, filling up mpd's database is taking so long
<foxbuntu> so there is already a firewall/NAT device in place?
<foxbuntu> ...then no ufw is not needed
<wizardslovak> yes  i got ddwrt router
<foxbuntu> k
<foxbuntu> then you should be fie
<foxbuntu> s/fin/fine
<wizardslovak> ok oruwork , site still doesnt work
<oruwork> ok i'm out now, so maybe foxbuntu can take over ?
<wizardslovak> lol thank you for your help
<foxbuntu> oruwork, we'll see I have run soon too
<wizardslovak> lol
<wizardslovak> well everything is done
<oruwork> wizardslovak-> if you have done everything correctly and i think you have, you should give some time for the domain to propagate and update its domain records
<wizardslovak> ok
<wizardslovak> one more think
<wizardslovak> so i will make folder /var/www/wizzy.us
<foxbuntu> wizardslovak, internet root servers take anywhere from 6-48 hours to update domain names
<foxbuntu> wizardslovak, no
<wizardslovak> then put index.html and files to that folder
<wizardslovak> and change apache conf
<foxbuntu> change /etc/apache2/sites-enabled/default
<wizardslovak> ok
<wizardslovak> open it with text editor
<foxbuntu> yup
<wizardslovak> nothing is in there
<wizardslovak> i am using nano
<foxbuntu> perhaps its 000-default
<foxbuntu> change /etc/apache2/sites-enabled/00-default
<foxbuntu> er
<foxbuntu> change /etc/apache2/sites-enabled/000-default
<wizardslovak> ok i see it
<wizardslovak> what should i change there
<foxbuntu> anything that refers to the path /var/www make it /var/www/wizzy.us
<wizardslovak> document root, directory
<wizardslovak> shouldnt i make flder first?
<foxbuntu> you can change it then add the dir
<foxbuntu> you will need to have apache re-read the conf before it takes effect
<wizardslovak> ok
<foxbuntu> use this to add the dir: sudo mkdir /var/www/wizzy.us && sudo chown root:www-data /var/www/wizzy.us
<wizardslovak> done
<foxbuntu> then do this: sudo /etc/init.d/apache2 force-reload
<foxbuntu> then you should be set
<wizardslovak> ok it says done but  i got also this "Could not reliably determine the server's fully qualified domain name, using 127.0.1.1 for ServerName"
<foxbuntu> wizardslovak, thats ok, it wont effect the server
<foxbuntu> wizardslovak, you can google it to learn more about it and why it happens
<foxbuntu> wizardslovak, I don't have enough time remaining to explain it sorry
<wizardslovak> ok thank you for help
<foxbuntu> wizardslovak, I do want to point something out, although I, and most of the people here are generally willing to help answer questions, if someone asks you to google it it usually because its easily found and well documented. As everyone here is helping on a voluteer basis, documented answers are commonly pointed out.
<wizardslovak> ok sorry about it
<foxbuntu> wizardslovak, its ok, I am pretty easy going about stuff, but some aren't and I don't want you to get discouraged by that. Google is an Ubuntu User's best friend
<wizardslovak> hehe
<wizardslovak> thnks for warning
<foxbuntu> np
<foxbuntu> I have to go now.
<foxbuntu> gl with the server.
<wizardslovak> ok thank you for your help
<wizardslovak> have a nice day then
<billybigrigger> if my isp has port 25 blocked, is there any possible way i can run a mailserver? i found not problems in recieving mail, but outbound on 25 is blocked...any known workarounds for this?
<ivoks> sure
<ivoks> in postfix's master.cf enable port 587
<RoAkSoAx> ivoks, heya master, I've been working on other 2 packages already :)
<ivoks> RoAkSoAx: great
<billybigrigger> ivoks, what is port 587?
<ivoks> billybigrigger: also called submission
<billybigrigger> #submission inet n       -       -       -       -       smtpd
<billybigrigger> uncomment that line?
<billybigrigger> thats the only entry for "submission" i found
<ivoks> yes
<billybigrigger> should i comment out the above line for smtp?
<billybigrigger> or just leave everything as it is
<ivoks> leave it
<billybigrigger> i dont think its defaulting to port 25
<billybigrigger> err 587
<ivoks> did you restart postfix?
<billybigrigger> May  5 15:35:32 alixandria postfix/smtpd[4884]: disconnect from alixandria[127.0.0.1]
<billybigrigger> May  5 15:36:02 alixandria postfix/smtp[5037]: connect to mx3.hotmail.com[65.55.37.72]:25: Connection timed out
<billybigrigger> May  5 15:36:32 alixandria postfix/smtp[5037]: connect to mx3.hotmail.com[65.55.37.120]:25: Connection timed out
<billybigrigger> still using port 25
<billybigrigger> yes i did a sudo postfix reload
<ivoks> that's outbound traffic
<billybigrigger> or is a init.d/postfix restart required?
<billybigrigger> yeah
<billybigrigger> thats my problem
<billybigrigger> i can't send mail on port 25
<ivoks> well, nothing much you can do there
<billybigrigger> haha
<billybigrigger> k
<billybigrigger> thats what i was asking, if my isp has port 25 blocked is there any workarounds?
<wizardslovak> what isp you got?
<billybigrigger> shaw
<billybigrigger> im in canada
<wizardslovak> lol my isp allows to use 25 and 80
<billybigrigger> 80 is no problem here
<billybigrigger> 25 is the only port i've had a problem with
<ivoks> i thought your isp is blocking incomming traffic on port 25
<billybigrigger> and it must have just been recently, cause i remember when i first setup a mailserver a few years ago with the same isp it worked, i just didnt have a decent domain
<ivoks> billybigrigger: you have to use isp's relay host
<wizardslovak> call them and ask them
<billybigrigger> nope, i can recieve mail to billybigrigger@thefrozencanuck.ca (my domain) and mailserver
<billybigrigger> but i can't send out
<billybigrigger> wizardslovak, it says on the website for unblocked port 25 access i need a business account, which is gay, like a 7/1 line, for about what im paying now for a 15/1 line
<billybigrigger> maybe even 7/512 iirc
<billybigrigger> ivoks, how do i use my isp's relay host?
<ivoks> billybigrigger: you add relayhost=relay.host.com
<billybigrigger> to my postfix master.cf
<ivoks> main.cf
<ivoks> or, even better
<ivoks> dpkg-reconfigure postfic
<ivoks> dpkg-reconfigure postfix
<billybigrigger> which config type should i select? i had internet site chosen before
<ivoks> read, it's in english
<billybigrigger> well i don't know why your asking me to reconfigure postfix in the first place
<billybigrigger> k my sending works
<billybigrigger> now recieving doesnt haha
<billybigrigger> can someone send a test message to me billybigrigger@thefrozencanuck.ca
<billybigrigger> ivoks, ok, i setup the relay, thanks
<billybigrigger> ivoks, i take it i can comment that submission line
<ivoks> yes, that doesn't have anything with sending mail to other mail servers
<billybigrigger> does anyone know what port 2000 is? i think i have way too many ports open, a bunch opened up when i installed dovecot-postfix for some reason
<billybigrigger> 2000/tcp open  callbook
<ivoks> netstat -natp
<ivoks> netstat -natp | grep 2000
<ivoks> dovecot-imapd opened imap, imaps, pop3, pop3s, smtp and managesieve
<ivoks> dovecot-postfix, that is
<billybigrigger> hmm, port 2000 isnt listening on any hosts...
<billybigrigger> tcp        0      0 0.0.0.0:2000            0.0.0.0:*               LISTEN      -
<ivoks> it's listening on all ips
<billybigrigger> oooh
<billybigrigger> how do i find what service is running on a specific port?
<ivoks> put sudo in front of netstat
<billybigrigger> tcp        0      0 0.0.0.0:2000            0.0.0.0:*               LISTEN      3367/dovecot
<billybigrigger> mail
<billybigrigger> hmm
<ivoks> that's managesieve
<billybigrigger> can i paste my nmap output here or pastebin it?
<ivoks> no
<ivoks> i told you
<ivoks> that's managesieve
<billybigrigger> don't know if thats safe to do...but i think i have too many ports open
<billybigrigger> alright then
<wizardslovak> billybigrigger: well i pay $65/month for 30mbit with static ip and 80/25 ports
<billybigrigger> where?
<billybigrigger> canada or us?
<wizardslovak> us
<billybigrigger> there ya go
<ivoks> billybigrigger: if you installed dovecot-postfix, you should have 6 open ports
<ivoks> maybe 7 if we include ssh
<billybigrigger> yes 6
<ivoks> pop3, pop3s, imap, imaps, smtp and managesieve
<billybigrigger> yes
<ivoks> so, that's not too many
<ivoks> and i'm not sure other will be able to send you an email
<ivoks> there's no MX record for thefrozencanuck.ca
<billybigrigger> there was
<ivoks> anyway, i have work to do
<ivoks> take care
<billybigrigger> thanks
<billybigrigger> later
<NetEcho> What might cause SSHD to restart like 10 seconds after it got started upon boot?
#ubuntu-server 2009-05-06
<Gargoyle> apart from it being a waste of space, is it possible to burn a CD .iso to DVD?
<pwnguin> mathiaz: i understand you're looking for evolution-mapi testers?
<mathiaz> pwnguin: yes
<mathiaz> pwnguin: if you have access to an exchange infrastructure and have some time to help out testing the evolution-mapi plugin, it would be very helpful
<pwnguin> well, i have an ubuntu desktop, and an organization exchange account
<pwnguin> i also have a toy exchange domain but that's kinda for student and all
<mathiaz> pwnguin: great. To get started you'd have to install the evolution mapi plugin
<pwnguin> right
<mathiaz> pwnguin: and see if you can connect to the exchange server
<pwnguin> this is different than the old evolution plugin
<pwnguin> right?
<mathiaz> pwnguin: I would try with a test account if you can - just to make sure that you don't loose any data
<mathiaz> pwnguin: correct - the new plugin uses the openchange library to talk to the exchange server
<pwnguin> so what's the test regimen?
<pwnguin> install, configure and send an email to ubuntu-server?
<mathiaz> pwnguin: yes - we haven't written up a test case yet.
<mathiaz> pwnguin: but it seems that this would be a good first step.
<mathiaz> pwnguin: if you think about other tests, let us know on ubuntu-server@.
<nrich> anyone know how to install ubuntu 9.04 as a PV guest on xenserver
<pwnguin> hmm
<pwnguin> well right now im blessed with super duper fast internet updates. blazing 14kb/sec
<pwnguin> and im hearing someone complain that the mail server must be slow. so i may wait till tomorrow to test :)
<pwnguin> but ive got a general idea of what i need to finally ditch outlook
<uvirtbot> New bug: #372328 in bacula (universe) "Bacula has no encryption support in bacula-sd-sqlite3" [Undecided,New] https://launchpad.net/bugs/372328
<wizardslovak> are here any web developers?
<mikegriffin> wizardslovak: #web or #php or #java are better bets
<mikegriffin> but if your question is on-topic, feel free to ask
<wizardslovak> ok forget it lol
<pwnguin> is opsview non-free? i dont quite get why they publish a repo for it but it's not in ubuntu proper
<slestak> i think I want to try to port screen-profiles to aix.  i have most of what i need.  i have python 2.5, screen 4.0.3, gettext.  only thing missing might be newt
<slestak> i see the guy that did installed in on rhel used alien tomake an rpm.  i have rpm installed on my aix box.  think that would be awaste to do it that way?
<wizardslovak> i got problem
<wizardslovak> i did upload index.html to /var/www but i still see old index.html
<mikegriffin> wizardslovak: restart browser, verify correct DocumentRoot
<wizardslovak> how i can view folders in /var/www
<mikegriffin> clarify please
<wizardslovak> ok well i made vhost and i think that file might be actually somewhere else
<wizardslovak> thats why i want to see what folders i have in /var/www
<mikegriffin> this seems like a #apache question, but have you specified a DocumentRoot in your vhost?
<wizardslovak> yes i did
<mikegriffin> having specified your docroot, you do not have to guess which folder in /var/www, you use the one specified
<wizardslovak> ok i got it
<wizardslovak> i chnaged documentroot to /var/www/wizzy.us
<wizardslovak> if i will remove index.html in /var/www will i make mistake?
<mikegriffin> wizardslovak: not likely, but removing it will have little benefit
<uvirtbot> New bug: #372358 in openvpn (universe) "Please merge openvpn 2.1~rc15-1 (main) from Debian unstable (main)" [Undecided,In progress] https://launchpad.net/bugs/372358
<wizardslovak> what benefit?
<mikegriffin> my claim was that there is no reason to remove it
<wizardslovak> how can i monitor traffic on server?
<TimReichhart> could anybody guide me to a good how to guide to setup a email server
<mikegriffin> wizardslovak: in real time or historical data?
<wizardslovak> real time
<mikegriffin> TimReichhart: https://help.ubuntu.com/community/PostfixBasicSetupHowto
<mikegriffin> first search result for "ubuntu setup postfix" in search engine
<mikegriffin> wizardslovak: use 'iftop -n'
<wizardslovak> brb
<wizardslovak> can i transfer directory with scp?
<mikegriffin> yes
<wizardslovak> how?
<mikegriffin> with scp, see the man page yet?
<wizardslovak> i was trying sudo scp directory user@ip:/tmp ,
<mikegriffin> there is a section that says "copy entire directories"
<mikegriffin> i would see what that is all about
<wizardslovak> can you tell me command
<mikegriffin> i did already
<wizardslovak> hmmm
<wizardslovak> i updated my web site to my server
<wizardslovak> it did work but now it doesnt
<wizardslovak> maybe because i removed index.html in /var/www?
<wizardslovak> although my rootfolder is in /var/www/wizzy.us
<wizardslovak> when i put my ip i see site , but when i put name it doesnt show
<wizardslovak> i did change nameservers in my domain name
<wizardslovak> i change ip to my ip
<wizardslovak> it worked before and right now it doesnt work :(:(
<mikegriffin> wizardslovak: this is a question for #apache
<mikegriffin> the dns may be wrong, but #apache will be able to walk you through it
<wizardslovak> well maybe there is something wrong with dns server or i gotta wait?
<wizardslovak> how long does it take for dns server to hmmm how to call it restart??!
<wizardslovak> my server works cause when i put ip i see web site
<wizardslovak> so t has to be dns
<pmatulis> wizardslovak: it depends on the provider, some are practically instantaneous, others can take up to 30 minutes
<wizardslovak> ok so lets wait then
<pmatulis> wizardslovak: what do you mean by "i change ip to my ip"?
<wizardslovak> yes
<wizardslovak> oo sorry
<pmatulis> wizardslovak: a nameserver ip or an ip in your dns config?
<wizardslovak> well i went to moniker and change their ip for my servers ip
<wizardslovak> it worked before , then i switched nameserver to different host and then back to my server
<wizardslovak> so its dns problem i beleive
<mikegriffin> as i said, that was one possible problem, not obviously the problem
<mikegriffin> i would go ask #apache, as i have also mentioned
<wizardslovak> ye noones is in apache chat,
<mikegriffin> im sorry, #httpd
<mikegriffin> i always forget about that
<wizardslovak> yea thats the chanell
<wizardslovak> noones there anyways
<wizardslovak> mikegriffin: can you do me a favor
<wizardslovak> ill send you mu ip and you check if you can see page
<mikegriffin> you already said it works via ip, what would that prove?
<wizardslovak> yes but i am on LAN
<wizardslovak> i want to see if it works on WAN
<mikegriffin> it seems that #httpd is responsive to your questions, handle it there
<wizardslovak> yea right i m only one whos writing there
<Apollonovich> I'm trying to authenticate postgresql against kerberos.  At the moment I have a net that's mostly suse, and RHEL, but my workstation is ubuntu 9.04.  the SuSE workstations have no problem connecting to the RHEL postgres server, and my ubuntu box can use kerberos to authenticate for samba, but for some reason I can't get a ticket granted for the postgres server.  I'm looking for any possible solutions to this.
<wizardslovak> so i have site in my server , now if i want to make email , do i have to creat email server too?
<twb> wizardslovak: I understood every one of those words, but not the sentence in which you placed them.
<wizardslovak> ok
<wizardslovak> so i have web site on my server
<wizardslovak> wizzy.us
<wizardslovak> if i want to have email name@wizzy.us do i have to run email server too?
<twb> !server guide
<ubottu> Sorry, I don't know anything about server guide
<twb> !learn "server guide" http://doc.ubuntu.com/ubuntu/serverguide/C/
<ubottu> Error: I am only a bot, please don't think I'm intelligent :)
<twb> Bah.
<twb> wizardslovak: anyway, have you read that document?
<wizardslovak> which?
<wizardslovak> i am not asking how to
<wizardslovak> question is for web site i need email server too?
<Maxsilver> wizardslovak > To get e-mail at wizzy.us, you need to have access to, or be running a e-mail server somewhere. (Either on the same box, or on another box also tied to your domain name)
<Maxsilver> If you need help setting up e-mail services on a ubuntu server, you're looking for this -> http://doc.ubuntu.com/ubuntu/serverguide/C/email-services.html
<wizardslovak> thank you maxsilver
<wizardslovak> so i can run web server with email server on one PC?
<Maxsilver> Yes, the guide link (above) will walk you through installing e-mail service on an ubuntu server box, which you may have already running apache  or other services
<Maxsilver> I've never actually set up e-mail on ubuntu, so I can't really answer any questions, but that link is the relevant parts of the server guide for how to do it.
<wizardslovak> lol
<wizardslovak> thank you
<twb> I've only set up satellite MTAs, which are trivial -- you install msmtp-mta, postfix or exim4 and just follow the prompts.
<twb> But I suspect wizardslovak will need to set up MX records and proper MTA configuration, which I don't know much about.
<wizardslovak> no i am not trying to set it up
<wizardslovak> i am just curious
<wizardslovak> so basically i need to install postfix only
<twb> wizardslovak: install *and configure*
<wizardslovak> of course
<twb> But basically, yes.  To make a host "do mail", it needs a mail-transport-agent.
<wizardslovak> by install i mean install and confiure hehe
<mikegriffin> https://help.ubuntu.com/community/PostfixBasicSetupHowto
<wizardslovak> thanks mike
<pwnguin> http://manpages.ubuntu.com/manpages/jaunty/en/man1/replace.1.html
<pwnguin> why's this part of mysql?
<mikegriffin> it says on the link you posted:          The replace program is used by msql2mysql. See msql2mysql(1).
<wizardslovak> can i use webmin for server
<wizardslovak> or ssh is better?
<twb> Everything is better than webmin
<wizardslovak> just curious
<twb> Please do not use webmin, it makes baby gautama cry.
<mikegriffin> wizardslovak: just use good tutorials, they are more likely to work than a gui
<wizardslovak> well reason i choosed ubuntu server is to learn commands and tha ubuntu server is best server distro
<twb> I dunno that Ubuntu Server is the best server distro.
<wizardslovak> reviews shows that lol  best reliability
<wizardslovak> anyway always wanted to learn how to make servers
<twb> I would describe it rather as a reasonable compromise between proprietary, sysadmin and QA needs.
<wizardslovak> i got router(ddwrt) is it enough firewall for my server?
<twb> That depends on a large range of factors.
<wizardslovak> well its simple one domain (maybe 2) and maybe email server later
<twb> In particular, note that webmin listens to ALL interfaces by default, accepts password-based logins, and receives NO scrutiny from the ubuntu security team (because webmin is not part of Ubuntu).
<wizardslovak> "out of the top 500 systems, 439 (87.8%) run a Linux distribution"
<wizardslovak> with what command ill find what ubuntu version i have
<twb> lsb_release --all
<wizardslovak> ok my site works now
<wizardslovak> ww.wizzy.us
<wizardslovak> www.wizzy.us
<wizardslovak> ok now when server is running
<wizardslovak> how can i log/check traffic in realtime/history
<billybigrigger> can anyone here suggest a good media server?
<wizardslovak> u can use ubuntu server as well
<wizardslovak> billybigrigger: http://www.mythbuntu.org/
<billybigrigger> i dont want to replace my existing install
<billybigrigger> just want something with maybe a web-base gui i can access from anywhere
<wizardslovak> sorry i wish i can help you , i am newbie with all it anyways
<wizardslovak> so how can i check traffic on server
<njustin3000> is there a torrent manager for ubuntu server edition that has a remote gui interface?
<njustin3000> like utorrent gui, but those are binaries for windows, or mac
<wizardslovak> ktorrent
<wizardslovak> thats torrent client i know about
<wizardslovak> for linux
<wizardslovak> but i dunno if it will work with ubuntu server
<njustin3000> no
<njustin3000> but thanks anyway :)
<darthanubis> deluge
<darthanubis> torrentflux
<darthanubis> azureus?
<jmarsden> wizardslovak: For network traffic monitoring (if you have RAM to spare) try ntop ; for longer term history maybe try argus and ra .. there is no shortage of network management tools... some take time to learn though!
<darthanubis> webmin has a bandwidth monitor as well
<wizardslovak> well webmin?! i prefer ssh
<wizardslovak> my server has 512 memory
<wizardslovak> can i see how much is server actually using?
<darthanubis> what does using ssh have to do with webmin?
<jmarsden> wizardslovak: Use the free command.
<mikegriffin> wizardslovak: look at the middle line of the 'free' output
<wizardslovak> 100400
<wizardslovak> mike thanks, my site is working lol
<wizardslovak> what about hard drive free
<jmarsden> wizardslovak: df -h
<wizardslovak> ok here is output on ntop http://pastebin.com/m197aeec3
<wizardslovak> is there real time monitoring command
<jmarsden> wizardslovak: That's odd, it always "just worked" for me... looks like it can't find /var/lib/ntop/prefsCache.db
<jmarsden> You can use tcpdump to see what is happening on your network in real time, sure.
<wizardslovak> tcpdump "no suitable device found"
<jmarsden> But be careful if you use it over SSH, since you will see it display all the SSH traffic... you need to explicitly exclude that to get sane results...
<mattt_> wizardslovak: you want something tell you how much bw you're using?
<wizardslovak> yes , and also something like which ip was on my server when/how long
<mattt_> wizardslovak: there's a handy tool, let me remember what it's called
<wizardslovak> sure matt take your time
<wizardslovak> something that will log ip/time
<jmarsden> wizardslovak: sudo tcpdump  # so it can see the interfaces.  But use sudo tcpdump not port 22  # so it doesn't display your ssh traffic
<jmarsden> wizardslovak: argus can do that
<wizardslovak> argus
<wizardslovak> so tcpdump 80
<wizardslovak> ??
<jmarsden> What are you trying to monitor?  Only web traffic?   sudo tcpdump port 80
<jmarsden> But why not just get that info from the Apache log files, if that is all you need??
<mattt_> wizardslovak: vnstat!  that's the one.
<mattt_> wizardslovak: oh, vnstat won't log ip/time
<wizardslovak> so argus??
<mattt_> if you want to see who's hitting your server, then use the apache/web server logs
<mattt_> or you can use iptables, etc.
<wizardslovak> i dont have iptables configured
<wizardslovak> i use router
<jmarsden> wizardslovak: If this is a real server, you should probably learn to at least use ufw to set up a basic firewall on it
<wizardslovak> ok
<wizardslovak> so i gotta install it first?
<jmarsden> Yes.  ufw is a very simple command line interface that creates an iptables firewall for you.
<wizardslovak> ok its installed already
<jmarsden> man ufw will tell you how to use it.
<wizardslovak> lol
<wizardslovak> i see
<wizardslovak> ufw app list
<wizardslovak> apache,apachefull,apache secure,openssh,samba
<wizardslovak> do i have to open port in ufw for ssh
<jmarsden> wizardslovak: Yes.
<wizardslovak> hmmm
<wizardslovak> do i have to open 80 port too
<jmarsden> Yes again; you have to allow everything you want to let in.
<twb> ufw is not active by default...
<wizardslovak> ok but that will allow only for server
<wizardslovak> other pc on router wont have problem browse internet
<jmarsden> ufw is only doing things on the machine it is running on.
<wizardslovak> so for open port 80" sudo ufw 80" tight?
<wizardslovak> right?
<wizardslovak> then 22
<wizardslovak> and thats it
<jmarsden> read the examples section of the man page again :)
<wizardslovak> i read just making sure
<jmarsden> You seem to have left out the word allow ?
<wizardslovak> yes i just found the error
<wizardslovak> ok so i allowed 22 and 80
<jmarsden> OK, now you can enable it
<jmarsden> Then you can set it to default deny
<wizardslovak> ok its enabled
<jmarsden> check your rules are still there, and then set it to default deny
<wizardslovak> ok 80 tcp/upd allow
<wizardslovak> 22 tcp/upd allow
<wizardslovak> ufw default ARG
<wizardslovak> ??
<jmarsden> ufw default deny
<jmarsden> ARG can be ALLOW, DENY or REJECT
<wizardslovak> so ufw default deny , then
<jmarsden> Yes.
<wizardslovak> ok done
<wizardslovak> so now it will allow only 80/22 and nothing else
<jmarsden> OK, now check people can still get to your web server, and you are all set with firewalling for now.  Yes.
<wizardslovak> ok i can get in
<wizardslovak> try it www.wizzy.us
<jmarsden> Seems fine :)
<wizardslovak> hihi thank you
<jmarsden> Now you just need ntop to work...
<wizardslovak> now i need something to check real traffic and log it
<jmarsden> The apache logs should be there already, try    less /var/log/apache2/access.log
<jmarsden> But really you just need ntop to run...
<wizardslovak> yes but it doesnt work
<wizardslovak> http://ubuntu.pastebin.com/m4bdd0aa2
<wizardslovak> well i tried sudo ntop
<wizardslovak> and it asks me for passwor admin user
<jmarsden> sudo will ask that if you have not used sudo for so many minutes.
<jmarsden> But I think you are confused...
<wizardslovak> might be
<jmarsden> ntop should run in the background, you see what it has done using a web browser...
<wizardslovak> how to do that?
<jmarsden> first sudo ufw allow 3000/tcp   # and then browse to your server's local IP :3000 to see it
<billybigrigger> i just installed ntop and i get the same error as wizardslovak
<billybigrigger> wizardslovak, you might want to file a bug
<jmarsden> Interesting.... if you do    sudo /etc/init.d/ntop start    does it work?
<wizardslovak> failed to connect
<billybigrigger> billybigrigger@alixandria:~$ sudo /etc/init.d/ntop start
<billybigrigger> Starting network top daemon: Tue May  5 22:53:30 2009  NOTE: Interface merge enabled by default
<billybigrigger> Tue May  5 22:53:30 2009  Initializing gdbm databases
<billybigrigger> ntop
<billybigrigger> seems to
<jmarsden> After that browse to the server IP:3000 and see what you see then :)
<wizardslovak> ip:3000 "failed to connect"
<jmarsden> wizardslovak: even after sudo /etc/init.d/ntop start   ?
<billybigrigger> wizardslovak, sudo /etc/init.d/ntop start
<billybigrigger> then sudo ntop
<billybigrigger> enter a password
<billybigrigger> then goto localhost:3000
<billybigrigger> works fine here
<billybigrigger> http://thefrozencanuck.ca:3000/
<wizardslovak> ok i see it now
<jmarsden> billybigrigger: I don't think you opened port 3000 in your router/firewall (but that's good, you don't wanmt everyone to be able to use your copy of ntop!)
<billybigrigger> ahh yeah 10-4
<billybigrigger> forgot you guys can't see that haha
<jmarsden> wizardslovak: So for what you need, click on "All protocols" and then "activity" maybe?  Or just click around inside ntop until you find the info you want :)
<wizardslovak> what is port 48505
<jmarsden> A port like any other port...
<jmarsden> why are you asking?
<wizardslovak> cause i see its in use
<wizardslovak> 48505 and 3000
<jmarsden> well, 3000 is ntop listening.  You can do   sudo netstat -ntlp | grep 48505 to see what is listening on that
<wizardslovak> nothing is hapening
<jmarsden> Then nothing is listening on that port.
<jmarsden> Where exactly are you seeing it being in use?
<wizardslovak> u use verizon?
<jmarsden> Yes... no choice here (except to use Cable I suppose!)
<wizardslovak> heh i just wanted to see if ntop works hehe
<wizardslovak> where do you live?
<jmarsden> Southern California
<wizardslovak> what time you have here??
<wizardslovak> here is 1am already
<jmarsden> just after ten pm here :)
<wizardslovak> ooo
<jmarsden> BTW since we are on IRC, you can do /ctcp jmarsden time    to find that out :)
<wizardslovak> i am newbie in all this
<jmarsden> Your web page kind if gives that impression :)  Anyway, you are learning, which is what matters.
<wizardslovak> lol since morning i installed server, configure it, registered domain, made website and make it run
<jmarsden> Pretty good progress.  So now... go to sleep :)
<wizardslovak> not tired yet
<wizardslovak> i've been home 3 days already , i got flu
<wizardslovak> not swine lol
<wizardslovak> i've done everything i wanted today
<jmarsden> Sounds good... now you just need to get well too.
<wizardslovak> yeap
<wizardslovak> if i will turn off server , and lets say turn on tomorrow
<wizardslovak> all of setting will be still there?
<jmarsden> Yes, they should be.  You might have to restart ntop, I forget if the default install sets it to run automatically...  sudo /etc/init.d/ntop start   will do it if necessary.
<jmarsden> But it might be more fun to leave it overnight and see who visits your web site while you sleep? :)
<wizardslovak> yes i will
<wizardslovak> i wont turn it off tho , just curious
<wizardslovak> well site is new and when i type , my web site to google it wont find it
<jmarsden> No, Google takes a long time to find new sites... can be weeks.  it helps if you can get others to link to your site...
<wizardslovak> how to stop samba?
<wizardslovak> i installed it but i dont need it
<wizardslovak> apt-get remove samba
<jmarsden> sudo apt-get remove samba
<jmarsden> Yes.
<wizardslovak> ok done
<wizardslovak> what are cons of having mysql with webssite?
<jmarsden> It is one more piece of software to run?  It uses up CPU and RAM?  Use if if you need it, of course... if you need a SQl database server for a website, it is a very  popular choice.
<twb> Of course, popular is not the same as clever
<wizardslovak> well i got LAMP installed to mysql is there already
<wizardslovak> what is use of mysql with website
<jmarsden> It lets you store information as a database and so get it back out based on queries...
<twb> FSVO database :P
<wizardslovak> so for what can i use mysql with my website?
<jmarsden> Whatever you can imagine? :)  You could have it store information people enter into a form on the site, and then let people see that information in various ways...
<wizardslovak> so its good to have mysql
<jmarsden> Probably.  See http://www.devshed.com/c/a/PHP/Website-Database-Basics-With-PHP-and-MySQL/ for some lessons on how you might use it.
<twb> Giving PHP and MySQL to a newbie is like giving a bottle of glue, a pack of condoms, and the keys to a GT to a twelve-year-old nephew
<twb> Oh, and a hand gun.
<wizardslovak> lol i used to own 2k gt heheh
<wizardslovak> twb: y so?
<twb> wizardslovak: ah, just because I hate them, and lots of ignorant people write really awful stuff using them
<wizardslovak> well i am not trying to do awful stuff
<wizardslovak> its for learning purposes for me
<twb> I'd prefer someone trained to be using (say) Python and PostgreSQL, than for someone to kludge together yet another web forum or CMS using PHP and MySQL.
<wizardslovak> well noone trained for mysql wasnt born instantly
<wizardslovak> ok i am out to sleep
<wizardslovak> good night people
<nxvl> soren: did you mind if i take the iptables merge?
<soren> nxvl: Not at all. Have fun.
<nxvl> \o/
<maswan> What is the right procedure in trying to get a new NIC driver into hardy? And is it hopeless or easy? :)
<jeroome> hello everybody
<jeroome> I'm installing a server edition over pxe, but I also need xserver running
<jeroome> as it isn't in the normal repository for servers, I added a repository with the alternate version
<jeroome> my problem is that in that case, everything of the alternate version is installed
<jeroome> therefor, I took everything out of the alternate Packages.gz file which doesn't concern xserver
<jeroome> but apt still isn't able to install xserver
<jeroome> the error says that the package is inside the repository, but not available
<jeroome> does anyone has a hint ?
<_ruben> installing xserver on server edition pretty much renders it into the desktop edition
<baz_44> hi there
<baz_44> hi guys, help needed after ubuntu upgrade
<Appiah> oh
<Appiah> ok
<Mr_BestLoser> Moin, weiÃ jemand, warum bei mir bei Awstats keine Farben in den Balken dargestellt werden ? Habe schon gegoogelt, leider nichts gefunden (awstats 6.5).
<baz_44> it was a nightmare, after upgrading my server with 1and1, lost every access to the server, but thanks to the forums, got it sorted again but
<baz_44> but the problem now, when i ssh the server, it doesn't show my user in the leading prompt
<baz_44> it is just showing $
<baz_44> any ideas?
<jeroome> _ruben it doesn't, you still save nearly 500 MB
<sluimers> Hi, I'm trying to follow the instructions in http://workaround.org/articles/ispmail-etch/#step-2-create-the-database-and-user but I get an error message:
<sluimers> mysqladmin: connect to server at 'localhost' failed
<sluimers> error: 'Access denied for user 'rogier'@'localhost' (using password: NO)'
<sluimers> I'm also trying to integrate tomcat into apache -> http://ubuntuforums.org/showthread.php?t=1149507
<sluimers> I'm hoping someone can help me out with this?
<soren> The tutorial seems to assume that you're logged in as root.
<dnwe> hiya
<dnwe> does python-vm-buildervmbuilder
<dnwe> support localisation of the generated VM ?
<dnwe> e.g., --locale ja_JP
<_ruben> jeroome: im talking support-wise
<dnwe> added as question on LP for vmbuilder instead :)
<dnwe> https://answers.launchpad.net/vmbuilder/+question/70137
<jeroome> _ruben have you already tried it out over a preseed pxe install ?
<_ruben> jeroome: i do use pxe/preseed .. but never install x on my servers .. so, no
<jeroome> _ruben ok, thank you for your help
<genii> Would anyone have a recommendation for high availability/failover PostgreSQL (2 virtualised systems, 2 actual systems). Previously on our fbsd boxes we used pgcluster.
 * yann2_ very interested too
 * genii makes more coffee
<Timoteo> hello everybodyy!!!
<tonyyarusso> Question re: NUT w/ an APC uninterruptable power supply:  Say I have three computers connected to the same UPS.  One of them I'd like to shut down almost immediately in the event of a loss of power, and the others I want to hang on until the battery is almost out.  Is that possible?
<wizardslovak> morning people
<bytor4232> gday wizardslovak
<wizardslovak> bytor4232: do you know how to make email server?
<PhotoJim> tonyyarusso: should be doable with apcupsd.  I've never done it.  might be better to have separate UPSes, mind.
<tonyyarusso> PhotoJim: NUT is preferred over apcupsd by repository structure.  Any idea if it can as well?
<tonyyarusso> So I thought I'd check out eBox and see what all of the fuss was about, and did 'sudo apt-get install ebox'.  Then tried going to https://localhost/ebox/, but got blocked by Firefox having a fit about the self-signed SSL certificate.  How do I get around that?  (It's not showing the usual "add exception" button.)
<PhotoJim> tonyyarusso: I'm not at all familiar with NUT, but I'm using apcupsd on my server with good success.  It worked for me with Debian so I stuck with it.
<tonyyarusso> PhotoJim: Fair enough.  I guess I'll "try 'em and see".
<uvirtbot> New bug: #372750 in mysql-dfsg-5.0 (main) "package mysql-server-5.0 5.1.30really5.0.75-0ubuntu10 failed to install/upgrade: le sous-processus post-installation script a retourn? une erreur de sortie d'?tat 127" [Undecided,New] https://launchpad.net/bugs/372750
<wizardslovak> how can i access server from wan?
<wizardslovak> in lan is ssh ip
<wizardslovak> how is it on wan
<soren> Same?
<wizardslovak> but not lan ip but wan ip?
<genii> wizardslovak: If your router is forwarding port 22 or so.
<wizardslovak> yes it is
<wizardslovak> so "ssh wan ip"
<wizardslovak> how can i access ssh from xp
<OKnewbi> putty
<OKnewbi> wizardslovak download putty
<uvirtbot> New bug: #372757 in quagga (main) "quagga: Assertion `len < str_size' failed in file bgp_aspath.c, line 619" [Undecided,New] https://launchpad.net/bugs/372757
<PhotoJim> tonyyarusso: good luck :)
<OKnewbi> Does anyone here have much experience with Samba4 and Bind9 well really Bind9 and Kerberos is where the problem is.
<wizardslovak> whats the command for scp to transfer folders
<wizardslovak> directories i mean
<wizardslovak> for file its scp host@ip:/tmp
<wizardslovak> scp file host@ip:/tmp
<OKnewbi> scp -r directory
<OKnewbi> sorry scp -r directory/*
<wizardslovak> thats when i want to transfer directory to a server
<OKnewbi> yes the simplest way to copy files and directorys over ssh from a windows box is filezilla (imho) the best sftp client out there
<wizardslovak> not from windows
<wizardslovak> from kubuntu
<OKnewbi> k from linux as well
<wizardslovak> all of my web work and server i do on kubuntu
<OKnewbi> sudo apt-get install filezilla
<wizardslovak> filezilla
<OKnewbi> if your a web developer you love it, it also lets you set permissions easily on the files you copy
<wizardslovak> well easy way to transfer update my web site on server
<uvirtbot> New bug: #372761 in mysql-dfsg-5.0 (main) "E:ÐÐµ ÑÐ´Ð°Ð»Ð¾ÑÑ Ð¾ÑÐºÑÑÑÑ ÑÐ°Ð¹Ð» /var/cache/apt/srcpkgcache.bin - open (13 Permission denied), E:Ð¡Ð¿Ð¸ÑÐºÐ¸ Ð¿Ð°ÐºÐµÑÐ¾Ð² Ð¸Ð»Ð¸ status-ÑÐ°Ð¹Ð» Ð½Ðµ Ð¼Ð¾Ð³ÑÑ Ð±ÑÑÑ Ð¾ÑÐºÑÑÑÑ Ð¸Ð»Ð¸ Ð¿ÑÐ¾ÑÐ¸ÑÐ°Ð½Ñ" [Undecided,New] https://launchpad.net/bugs/372761
<yann2_> I think winscp is much better
<yann2_> http://winscp.net/eng/docs/screenshots
<wizardslovak> OKnewbi:  jeez thats help
<OKnewbi> to each his own
<OKnewbi> no problem
<wizardslovak> winscp for  xp
<OKnewbi> Still looking for some help with Kerberos and Bind9 ?
<wizardslovak> maybe you know something about email server?
<OKnewbi> enough to get my self in trouble whatcha go
<OKnewbi> got?
<wizardslovak> well i got web site on my server and it would be nice to have email with my domain.com
<OKnewbi> what version of ubuntu
<JanC> on Kubuntu you can use the file manager I suppose  ;)
<wizardslovak> well server is ubuntu server 8.10
<OKnewbi> wizarslovak if you are on 8.04 or better sudo tasksel install mail-server
<OKnewbi> durring the wizard tell it that it is an internet site
<wizardslovak> which server will it be?? postfix?
<OKnewbi> I think it is postfix
<wizardslovak> i've used aptitude and apt-get but never heard of tasksel
<OKnewbi> you can also just do sudo tasksel and it will bring up a nice menu, use space to select tasks
<OKnewbi> wizardslovak you should also look here http://www.howtoforge.com/perfect-server-ubuntu8.04-lts
<wizardslovak> ok it finished
<OKnewbi> dont follow all of the howto, just the bits you need, but it is a very informative howto
<wizardslovak> how to check it
<OKnewbi> install mailx and then from the cli you can type mail someone@something.com enter type your subject enter type your body then Ctrl + d to send it
<OKnewbi> if you have php you could use this mail scripthttp://www.mibbit.com/up/uUbOhz6b.php
<wizardslovak> cli?
<OKnewbi> the php script is not cli put it into a web directory and the call the url and it will sent the test mail, of course you need to update the script the mailx is cli
<wizardslovak> oknewbi thank you for help
<wizardslovak> but i got to go
<wizardslovak> ;)
<wizardslovak> have a nice day
<sluimers> thanks soren, didn't notice that
<sluimers> Anyway, I've followed a new tutorial now
<sluimers> and apache is now no longer working :/
<wizardslovak> sluimers: #httpd
<sluimers> wizardslovak, thanks
<wizardslovak> that irc chat specified to apache
<wizardslovak> how to change permissions ??
<wizardslovak> i am trying to move file from laptop to server and i need permissions
<wizardslovak> !chown
<ubottu> The linux terminal or command-line interface is very powerful. Open a terminal via Applications -> Accessories -> Terminal (Gnome) or K-menu -> System -> Konsole (KDE).  Guide: https://help.ubuntu.com/community/UsingTheTerminal
<OKnewbi> #samba
<sluimers> hmmm? can't you move it to your hom folder first?
<sluimers> home
<sluimers> of your server
<sluimers> and then copy it from there
<sluimers> or move
<wizardslovak> ok what if i want to use filezilla?
<wizardslovak> when i transfer file from my pc to server it says "open to write,permission denied"
<sluimers> no idea here, I haven't even gotten my web and e-mail server working correctly and ftp is low on my wishlist
<wizardslovak> well i though ill ease my way
<wizardslovak> ill do it in shell
<oruwork> wizardslovak-> what are you trying to do ?
<oruwork> wizardslovak-> copy files ?
<sluimers> Uh oh, I see I've made a big mistake. Can anyone point me out what's wrong with this fstab and how am I going to fix it? -> http://ubuntu.pastebin.com/m3be0da04
<tonyyarusso> sluimers: what's your symptom first?
<sluimers> Read-only file system on every command I type in now
<sluimers> touch rm move cp, everything
<tonyyarusso> sluimers: You seem to have a typo - "userquote" rather than "userquota".
<wizardslovak> oruwork: yes copy updated index.html
<tonyyarusso> When it's trying to mount there is probably a message to the effect of "unknown option" if you watch the output.
<oruwork> wizardslovak-> you want to copy from within ssh ?
<oruwork> from ssh to ssh ?
<sluimers> so uhmmm... how do I edit the fstab file?
<sluimers> vi and nano refuse to edit it now
<tonyyarusso> !sudo
<ubottu> sudo is a command to run programs with superuser privileges ("root"). Look at https://help.ubuntu.com/community/RootSudo for more information. For graphical applications see !gksu (Gnome, XFCE), or !kdesudo (KDE)
<wizardslovak> oruwork: well i wanted to try that filezilla  to cope index.html from laptop to server
<wizardslovak> i logged with hostname and it says  that that  i cant copy it
<uvirtbot> New bug: #372801 in mysql-dfsg-5.0 (main) "package mysql-common 5.1.30really5.0.75-0ubuntu10.1 failed to install/upgrade: " [Undecided,New] https://launchpad.net/bugs/372801
<oruwork> wizardslovak-> you can connect with filezila with root user , or you can give permissions to other users to be able to manage files within /var/www , but dont do it with chown cuase you are gonna mess thigns up
<oruwork> you have to add a user account to the same group as your apache2 server
<oruwork> is in
<wizardslovak> i tried to log with root user but i couldnt
<oruwork> when connecting with filezilla , connect with username "root" and password
<oruwork> but its a bad way of doint it
<wizardslovak> authentication failed
<oruwork> you can upload files to the home directory of any user, then just move it with 'sudo mv' to /var/www
<oruwork> thats how i do it anyway
<wizardslovak> ok
<wizardslovak> i prefer shell anyways
<OKnewbi> looking for samba4 documentation on 9.04 anyone have some good resources?
<ivoks> should we assign dendrobates as approver for blueprint?
<mathiaz> ivoks: yes
<moonpup> is it normal for the syslogd and kjournald process to be in a state D ?? meaning uninterruptable sleep?
<ivoks> RoAkSoAx: hi!
<RoAkSoAx> ivoks, heya master how's it going
<ivoks> great
<RoAkSoAx> ivoks, awesome!
<ivoks> i found some time to work on ubuntu related stuff :)
<ivoks> including mentoring you :D
<RoAkSoAx> ivoks, cool!! i've already done 2 more merges today P
<RoAkSoAx> :P
<ivoks> have they been accepted?
<RoAkSoAx> ivoks, haven't suscribed them yet... :) though you might wanted to review them
<ivoks> i'll check it out later
<ivoks> hm... most of the devs are in front of the TV right now :)
<RoAkSoAx> ivoks, hahah
<RoAkSoAx> ivoks, i would really want you to check this one: https://bugs.launchpad.net/ubuntu/+source/avarice/+bug/372793
<uvirtbot> Launchpad bug 372793 in avarice "Please merge avarice 0.3.2.1-1 (universe) from Debian unstable (main)" [Undecided,In progress]
<ivoks> let's see
<fevel> hello
<ivoks> RoAkSoAx: looks ok
<fevel> I am having issue with ufw, everyone on my network seems to be able to surf the web normally despite the fact that I have blocked port 80 tcp and udp. Am I forgeting something?
<RoAkSoAx> ivoks, ok, so I'll just subscribe them to u-u-s
<ivoks> RoAkSoAx: did get_script report any confilicting files?
<ivoks> fevel: how did you block udp/tcp 80?
<RoAkSoAx> ivoks, you mean grab-merge?
<ivoks> right
<RoAkSoAx> ivoks, nope
<ivoks> RoAkSoAx: there's no need to subscrive uus, i'm a motu, so i could upload it for you
<RoAkSoAx> ivoks, awesome thanks :)
 * ScottK gives ivoks a nudge towards core-dev.
<ivoks> ScottK: :)
<ScottK> Hey, they let me in after all.
<ivoks> hahahahaha
<fevel> ivoks: sudo ufw 80 deny
<RoAkSoAx> ivoks, so I guess you could also upload: https://bugs.launchpad.net/ubuntu/+source/firebug/+bug/372819 and by any chance, did you look to qemu?: https://bugs.launchpad.net/ubuntu/+source/qemu/+bug/371879
<uvirtbot> Launchpad bug 372819 in firebug "Please merge firebug 1.3.3-1 (universe) from debian unstable (main)" [Undecided,In progress]
<ivoks> RoAkSoAx: i will
<genii> Any suggestions on high availability/failover PostgreSQL setup? We have 2 virtualised machines and 2 actual machines. Previously used pgcluster on our fbsd boxes for this.
<ivoks> fevel: did you enable it?
<fevel> yes
<fevel> and status says its denying 80
<ivoks> and telnet your_ip 80 works?
<henkjan> fevel: you try to block web access by blocking port 80 on workstations with ufw?
<RoAkSoAx> ivoks, btw we need to define our goals and roadmap for #ubuntu-ha
<RoAkSoAx> ivoks, btw we need to define our goals and roadmap for ubuntu-ha*
<fevel> henkjan: its the firewall on the network
<henkjan> fevel: ufw was created for hostbased firewalling
<ivoks> RoAkSoAx: right
<henkjan> ufw (by default) does not handle nat
<ivoks> i have to contact fabbione and talk with him
<fevel> henkjan: Im blocking 80 on the input chain and using links to access google.... how is that possible?
<RoAkSoAx> ivoks, k, i guess we can have those things clear for the next server team meeting
<ivoks> RoAkSoAx: i'll do your merges later
<RoAkSoAx> ivoks, ok, np :)
<ivoks> fevel: ufw blocks accesson your machine, not on google
<ivoks> you can block access to or from your machine
<ivoks> you can't block what's someone else is doing
<henkjan> fevel: you should block in on the forward chain
<ivoks> if his machine is gateway
<henkjan> 21:16 < fevel> henkjan: its the firewall on the network
<ivoks> i've seen that; not quite sure what that means :)
<henkjan> i assume he means firewall = gateway
<RoAkSoAx> ivoks, ok, so regardng to the mentorship, what else can we work with?
<fevel> henkjan: yes
<henkjan> but... assumptions are the mother of all fuckups :)
<fevel> its the gateway
<ivoks> then you need to filter forward chaing, not input
<RoAkSoAx> ivoks, or shoudl I keep working on merges?
<fevel> ivoks: but im using the gateway itself
<fevel> and still have access
<ivoks> input controls how everybody else contacts your machine
<ivoks> output controls how your machine contacts everybody else
<henkjan> fevel: when you browse to google, your host wil connect from high numberd port to port 80 at google
<ivoks> forward controls how other machines contact some other machines via your machine
<ivoks> RoAkSoAx: i'll figure out something ;)
<fevel> I just rejected on all chains and they still work
<fevel> iptables -I FORWARD -p tcp --dport 80 -j REJECT
<ivoks> so, that's not ufw :)
<fevel> I know
<fevel> ufw isnt working
<fevel> so im trying to find the problem
<ivoks> ufw does iptables
<fevel> it seems to be that iptables isnt working
<ivoks> it seems like you did -j ACCEPT before REJECT
<ivoks> if you have enable all in front of deny something
<fevel> ok
<ivoks> it will enable everything
<fevel> how should I go about doing it the right way
<ivoks> cause first rule is the one that counts
<ivoks> iptables -F INPUT
<ivoks> iptables -F OUTPUT
<ivoks> iptables -F FORWARD
<ivoks> iptables -t nat -F
<ivoks> iptables -t nat -X
<ivoks> iptables -X
<ivoks> iptables -P INPUT ACCEPT
<ivoks> iptables -P OUTPUT ACCEPT
<ivoks> iptables -P FORWARD ACCEPT
<ivoks> iptables -A FORWARD -p tcp --dport 80 -j DROP
<ivoks> iptables -A OUTPUT -p tcp --dport 80 -j DROP
<ivoks> take care, and sorry for monologue
<fevel> thanks man
<fevel> at least I found that flushing blocks
<fevel> does anyone know how I can install sarg
<fevel> I already have a working copy of squid running
<genii> sudo apt-get install sarg                       ...?
<lorecaster> hi? I want to set up a webserver on a p4 2.8ghz sempron with 512mb ram and a DSL connection.... i'm 100% green to the server linux, and would love some advice.
<lorecaster> wanted to use ubuntu 9.04 server though
<foxbuntu> lorecaster, are you planning on doing anything production level on your webserver or just to mess around and learn?
<lorecaster> I'm a writer... i wanted to have a website to host my novel series... low-traffic, low-bandwidth. I've already got a webmaster lined up who's volunteering his time... just need somewhere to -put- the material. so i guess, to answer your question, somewhere in between.
<RoAkSoAx> lorecaster, you could also rent a VPS
<foxbuntu> lorecaster, that might be a better idea
<lorecaster> vps?
<sluimers> virtual personal space?
<RoAkSoAx> lorecaster, Virtual Private Server
<foxbuntu> something like that
<RoAkSoAx> lorecaster, for example: www.linode.com
<foxbuntu> lorecaster, inexpensive web hosting basically, all setup and supported/backed up
<lorecaster> that's the problem, i've got one, and there's some problems with it, and i cannot afford to rent more. it needs to be a larger space to build the system that my webmaster wishes to use. can i ask why you suggest that over a personal server?
<foxbuntu> lorecaster, backups, security, setup, maintenance
<lorecaster> already own bluehost space, but i'm sharing it... and i don't want to risk wolf's space if the page screws his space up.
<RoAkSoAx> lorecaster, take a look to linode.com.. is a virtual server.. instead of having a real one... I am using it.. and works good for me with no problems at all
<foxbuntu> lorecaster, there are allot of hidden tasks most people don't consider when setting up a server
<lorecaster> such as? I want to learn about this material, i'm a tech, and have not worked with linux much, been excluslivey M$ for 10 years... things are -very- different in your world.
<RoAkSoAx> lorecaster, and if you are setting up a public web server... you should not have Gnome or KDE running on it.. because it is a security risk
<foxbuntu> lorecaster, dont be discouraged in setting up a personal LAMP server with Ubuntu, however just take into consideration all the things it requires to maintain it
<p_quarles> I don't see how renting a VPS gets around the "hidden tasks"; it's just a better hosting environment than a home computer on a DSL line
<lorecaster> the plan had been to set it up and have the hardware in my home-office, while my webmaster does all the work by remote
<foxbuntu> p_quarles, well I am more refering to something that is managed rather than a vps
<foxbuntu> lorecaster, thats still possible with rented space
<lorecaster> i genuinely do not have the resources though.
<lorecaster> that's why i really need to do this myself.
<p_quarles> lorecaster: you say you share an existing VPS with someone else; adding a second site to that space does not carry any risk to the existing site unless the person managing it is grossly incompetent
<foxbuntu> lorecaster, just like in windows you have to weigh the options of how you plan to do backups (if at all), maintain security patches and testing, things like that
<p_quarles> or if it pushes the db server into places it doesn't want to go, I guess
<lorecaster> the gentleman who's taking care of my site for me, warned me that i need to make backups of the entire server, incase something goes terribly wrong... and i respect that. The man i share my bluehost account with is unreachable atm, and i need to get the ball rolling on this server issue
<foxbuntu> p_quarles,  agree, there is no reason a VPS cant have multiple sites on it
<lorecaster> please don't confuse my meaning, i really appreciate your comments, but i've alread weighed most of this issues
<foxbuntu> lorecaster, alright...np, I just wanted to be clear in my help
<p_quarles> lorecaster: well, it's easy to set up a machine with Ubuntu Server on it; use the install CD and you're half way there
<lorecaster> you've been abundantly clear, and you have my great appreciation. but encountering snags and overcoming them is half the fun of swan-diving into a new OS :D
<foxbuntu> lorecaster, web servers are a sensitive area and need careful consideration, so if you feel you have done that and Ubuntu Server is your choice...then we would all be glad to help
<p_quarles> lorecaster: you'll need to make sure openssh-server is installed and running, and your volunteer admin should be able to take it from there
<lorecaster> i know that ideally, i'd use my bluehost account, but i wanted to try this
<lorecaster> i'll need to stop back, then, when i get everything installed... 2.8 celeron and 512mb ram won't hurt me?
<foxbuntu> lorecaster, look at the documentation for Ubuntu LAMP server, that is exactly what you need to get started
<lorecaster> perfect
<p_quarles> lorecaster: that's well more than enough for a small web site
<foxbuntu> lorecaster, should work no problem
<lorecaster> you all have my great thanks :D the program shall download in about an hour. thanks again, i'll return if i have troubles. where do i find this LAMP documetnation?
<foxbuntu> lorecaster, google Ubuntu LAMP
<lorecaster> thanks again.
<foxbuntu> lorecaster, https://help.ubuntu.com/community/ApacheMySQLPHP
<lorecaster> even better :D
<foxbuntu> lorecaster, also you will see an option for LAMP in the install
<lorecaster> perfect thanks.
<uvirtbot> New bug: #360516 in apache2 (main) "apache2 crashed with SIGSEGV in zim_spl_Array_ksort()" [Medium,New] https://launchpad.net/bugs/360516
<nxvl> soren: when you have a change please check Bug #372920
<uvirtbot> Launchpad bug 372920 in iptables "Please merge iptables 1.4.3.2-2 from debian sid" [Undecided,Confirmed] https://launchpad.net/bugs/372920
<uvirtbot> New bug: #372935 in mysql-dfsg-5.0 (main) "mysql installation fails" [Undecided,New] https://launchpad.net/bugs/372935
#ubuntu-server 2009-05-07
<andol> mathiaz: Brian Murray suggested that I might want to make a SRU proposal for bug #296952, regarding Ubuntu 8.04. While preparing (and testing) the debdiff I of course ran into bug #323755. Think this would be a good time to suggest a SRU for that bug as well?
<uvirtbot> Launchpad bug 296952 in mysql-dfsg-5.0 "mysqlhotcopy failed on table with hyphen in name" [Undecided,Fix released] https://launchpad.net/bugs/296952
<uvirtbot> Launchpad bug 323755 in mysql-dfsg-5.0 "server-cert.pem expired: "Not After : Jan 27 08:54:13 2009 GMT" - ssl related test suites fails because of expired certificates" [Undecided,Confirmed] https://launchpad.net/bugs/323755
<uvirtbot> New bug: #373012 in mysql-dfsg-5.0 (main) "package mysql-server-5.0 5.0.67-0ubuntu6 failed to install/upgrade: subprocess post-installation script returned error exit status 14" [Undecided,New] https://launchpad.net/bugs/373012
<mathiaz> andol: yes
<andol> mathiaz: Ok, will do.
<marksman> I have an ubuntu lamp server and I would like it to display pertinent information directly to me when I login.  For example... serious apache/mysql errors.... penetration attempts.... etc.  Is this possible / a good idea?
<mikegriffin> marksman: if you generate that stuff periodically and then display it, prolly not so bad. on the other hand, if the system is under load and simply logging in fires off a bunch of regex, you might have problems if the server is under load
<mikegriffin> and i repeated myself there..
<mikegriffin> marksman: you might just install logwatch and have it emailed to you daily
<marksman> that just emails all logfiles?
<mikegriffin> no. you should 'apt-cache show logwatch'
<fbc-mx> Hi, does the 9.04 server give you an interface for managing samba or do you still need to manually edit conf files?
<darthanubis> fbc-mx, the repos are the same as regualr ubuntu
<darthanubis> basically you can install a gui if you need
<darthanubis> but one is not provided as default
<darthanubis> because, it is the SERVER edition
<fbc-mx> darthanubis, how would I go about locating a text based gui?
<darthanubis> search synaptic
<darthanubis> or apt-cache
<darthanubis> google
<darthanubis> etc.
<foxbuntu> text based gui?
<foxbuntu> uh? ssh?
<fbc-mx> foxbuntu, yeah like aptitude..
<foxbuntu> :P
<foxbuntu> fbc-mx, sorry, Im not adding anything here...I am just feeling a little puncy so I am pulling your chain
<fbc-mx> foxbuntu, it's still a gui.. even if it's not running under gnome... and and it better than digging into conf files when all your interested in are results. Sometime you don't have the time to learn every setting in a conf and just want a gui to do the basics.
<mikegriffin> a gui will often break something while fixing another, i dont use them if possible
<foxbuntu> fbc-mx, to an extent yes
<foxbuntu> fbc-mx, what are you trying to accomplish on your server?
<foxbuntu> fbc-mx, other than a "text based gu"
<foxbuntu> s/gu/gui
<fbc-mx> foxbuntu, just basic management.. rights controls etc...
<foxbuntu> fbc-mx, then you might consider ebox
<fbc-mx> foxbuntu, I have to have a working Ubuntu samba server by Monday or my name is MUDD. I opened my big mouth at a management meeting and mentioned that a linux server would increase the uptime of the server, due to downtime cause by getting the windows server os infected all the time. So now I gotta make this happen.
<mikegriffin> what is the recommended way to go about trying ebox? install u-server via iso and then ebox is the next package you install?
<mikegriffin> fbc-mx: if the os is getting infected all of the time, you have other problems ftr
<foxbuntu> mikegriffin, that would be one way
<mikegriffin> fbc-mx: you might just try swat?
<mikegriffin> foxbuntu: might there be a better way?
<mikegriffin> fbc-mx: do not use swat apparently
<foxbuntu> mikegriffin, not really, you could do it in a VM to keep it contained while yo try it
<mikegriffin> i just didnt know if there was an image that set stuff up in a way specifically for ebox
<mikegriffin> ebox can find the existing stuff generally if it is pretty stock i guess
<foxbuntu> fbc-mx, being a windows consultant to pay the bills, if you have lots of down time and infections in your file server, you have other security issues in your infrastructure that need plugged
<fbc-mx> mikegriffin, the Windows guy is a jerk and doesn't know what he should and doesn't want to put the work into tightening up network security. So I proposed a linux solution the just works.
<fbc-mx> foxbuntu, ebox looks right up my alley though...
<foxbuntu> fbc-mx, yeah...should be what you need
<foxbuntu> fbc-mx, but your also likely going to need ldap+kerbros support setup for samba
<darthanubis> fbc-mx, webmin
<foxbuntu> darthanubis, no no
<darthanubis> lol
<darthanubis> but a gui other than that is a-ok
<foxbuntu> darthanubis, webmin != good
<mikegriffin> is ebox an ubuntu thing? i dont see it on debian testing
<darthanubis> fbc-mx, you said you did not care how stuff works
<foxbuntu> mikegriffin, yes...the the ubuntu-server management app
<darthanubis> it does the job
<fbc-mx> foxbuntu, I typed "sudo shutdown now" and I get a recovery menu on ubuntu server.. Is there some new special command to get this done?
<foxbuntu> fbc-mx, yup, on servers you need to do sudo shotdown -P now
<mikegriffin> what would be the diff between -h and -P ?
<foxbuntu> mikegriffin, man shutdown :)
<fbc-mx> darthanubis, No, I do. How ever I don't have the time right now to dig into it. I need a solution STAT. No like4 or 5 days after I read enough howto's to figure it out.
<darthanubis> foxbuntu, right
<mikegriffin> i did, sorry
<darthanubis> fbc-mx, webmin works
<darthanubis> NOW
<mikegriffin> darthanubis: webmin works like windows 'works'
<darthanubis> you don't ahve to learn anything
<darthanubis> mikegriffin, but it works
<mikegriffin> darthanubis: add a redirectperm in apache through webmin
<darthanubis> mikegriffin, the guy is lazy
<darthanubis> i gave a lazy option
<darthanubis> windows is for the lazy
<darthanubis> we agree
<mikegriffin> ebox seems more intuitive
 * foxbuntu can see this is going to take a turn for the worse and returns to productive things
<mikegriffin> ha, thanks fox
<foxbuntu> later guys
<darthanubis> prescient
<darthanubis> nice
<fbc-mx> darthanubis,  I'm using webmin manage our hosted company  webserver. So I'm quite familiar with it. However it just does too much. I wish I could like remove the plugins I will never use and it will only customize with the left over plugings and not continue to suggest option for plugins that aren't even installed.
<darthanubis> it does that
<darthanubis> it called modules
<darthanubis> and they don't all have to be installed or used
<fbc-mx> darthanubis, yes, but I remove modules, and webmin continues to give me options for modules that aren't installed. I forgot what happened one time but I think I recall making a change to a domain, and it asked me if I wanted to sync it with a service the server wasn't even running, and the plugin wasn't even installed..  Which is why I shy away from webmin. webmin to me is like a lazy webmasters tool. For someone who knows the  rope, but chooses a nic
<fbc-mx> e interface to do the work for you.
<darthanubis> I seem to never have these nightmare experiences that others have?
<foxbuntu> darthanubis, you're perfect!
<foxbuntu> heh
<darthanubis> :-P
<foxbuntu> ah man
<foxbuntu> your over...
<darthanubis> foxbuntu, what are you doing out of the ubuntu-mythtv channel?
<darthanubis> get back where you belong
<foxbuntu> darthanubis, Im never out of there :P
<darthanubis> ;)
<fbc-mx> foxbuntu, darthanubis , mikegriffin , well wish me luck. I think that I will crowned network guru after this coup, and the network guy will be demoted to some paper pusher job.
<foxbuntu> fbc-mx, gl...
<fbc-mx> foxbuntu, how do I make ubuntu server scan for a new NIC and set it up in the interfaces file?
<mikegriffin> fbc-mx: the nic should be present, checked ifconfig -a ?
<fbc-mx> mikegriffin, I thoguth maybe a modprobe but, I wouldn't even know where to start trying to identify which driver goes with which card.
<fbc-mx> mikegriffin, yeah it is it's just not setup... I never knew that ifconfig-a would show me interface that weren't setup... kewl.. I learn somethign new every day.
<storrgie> so i added a bad rule to ufw, how can i see a rule list so i can remove it?
<storrgie> does ufw store that list some place?
<jmarsden> storrgie: sudo ufw status   # shoudl show 6you what it is doing.  Then use sudo ufw delete whatever   to delete the bad rule
<storrgie> http://pastebin.com/m6d347ffe
<storrgie> does it store these in a file
<storrgie> its not in /etc/ufw
<jdstrand> storrgie: /var/lib/ufw/user*rules
<jdstrand> storrgie: what was the command you used to add this errant rule?
<storrgie> lawl
<storrgie> umm
<storrgie> well i want to add a port range
<storrgie> specifically 56000-57000
<storrgie> allow all of them
<storrgie> i dont remember... it did break it... like a bawsss
<jdstrand> storrgie: you don't have it in your command history?
<storrgie> i did it 2 days ago
<storrgie> this box has been neglected
<jmarsden> Unless you type a lot it may well still be in your command history :)
<storrgie> do you know how to do port range?
<storrgie> oh i bet it is
<storrgie> i just dont want to hit up a billion times
<jmarsden> history | grep ufw
<storrgie> ummm
<storrgie> i think i was a diff user
<storrgie> one moment
<storrgie> anyway while i look
<storrgie> do you know how to do port ranges
<jmarsden> man ufw suggests port ranges use a colon separator, so   sudo ufw allow 56000:57000/tcp  # looks reasonable to me
<jdstrand> storrgie: man ufw
<jdstrand> it requires the extended syntax
<jdstrand> $ sudo ufw allow proto tcp from any to any port 56000:57000
<storrgie> http://pastebin.com/m435b2233
<storrgie> ohh
<storrgie> ok lemme try that
<jdstrand> (assuming you want tcp, if not, omit 'proto tcp'
<storrgie> if i do will it do both?
<jdstrand> yes
<storrgie> so
<storrgie> i deleted that line in user.rules
<storrgie> but when i do ufw status i get the same bad port error
<storrgie> do i need to bounce ufw?
<jdstrand> storrgie: what version of ufw are you using?
<storrgie> 0.23.2
<jdstrand> (actually, 'ufw allow 56000:57000/tcp' does work on jaunty)
<storrgie> well
<jdstrand> storrgie: can you paste your user.rules and user5.rules files?
<storrgie> lemme show you my user.rules
<jdstrand> err user6.rules
<storrgie> http://pastebin.com/m563e4f6e
<jdstrand> storrgie: ok, now do:
<storrgie> ok now im getting status not loaded
<jdstrand> $ sudo ufw disable
<jdstrand> $ sudo ufw enable
<storrgie> jdstrand: now its fine i think
<storrgie> just need to add the range rule
<jdstrand> storrgie: when you edit user.rules by hand, you need to flush the rules and reload them by disabling and enabling
<jdstrand> generally, editing user.rules is not recommended, but if you have to, you can
<storrgie> ahh
<storrgie> ok lemme show u my new rules
<storrgie> http://pastebin.com/mc61beaa
<jdstrand> storrgie: that is what you want, no?
<storrgie> i believe....
<storrgie> scared!
<storrgie> im gonna enable
<jdstrand> storrgie: did it work?
<storrgie> i believe so...
<jdstrand> storrgie: sudo ufw status
<storrgie> yea its outputting fine
<jdstrand> ok good
<storrgie> it doesnt show me the default
<storrgie> should my default be deny?
<jdstrand> storrgie: that is the default policy, yes
<jdstrand> storrgie: sudo ufw status verbose
<storrgie> excellent
<storrgie> thanks bud!
<storrgie> adding ranges was pissing me off..
<jdstrand> sure, np
<jdstrand> I'll be sure to add a testcase for :56000:57000 and test on intrepid
<storrgie> ever use fail2ban?
<storrgie> im in intrepid :D
 * jdstrand nods
<storrgie> 8.10 right?
<storrgie> im on an OVH box, so custom kernel
<jdstrand> yes, 8.10 is intrepid
<jdstrand> and no, I don
<jdstrand> t use fail2ban
<storrgie> ahh ok
<reid> whoever told me to use mpd... is now my favorite person in the world
<reid> mpd is simply the best thing I've ever seen in my life
<reid> so if that person is here right now.   Thanks =P
<TimReichhart> could anybody help me getting .citadel to come up on my server
<wizardslovak> hello people
<wizardslovak> i need someone to help me with email server
<TimReichhart> you having problems with a email server also
<wizardslovak> not problem
<wizardslovak> TimReichhart: i want to install  and configure email server for my web site
<TimReichhart> im trying to do the same thing
<TimReichhart> I have been on this thing for almost a week now
<wizardslovak> well hopefully someone will come
<Doble> Hi folks, I have just installed squid on Ubuntu, following the ubuntu server guide, and I haven't changed any of the config other than the http_port and the visible_hostname, but when I try to browse from my PC using the proxy, I recieve an error "Access Denied - Access control configuration prevents your request from being allowed at this time." even though I am on a 10.x.x.x network and 10.0.0.0/8 is in the ACL allow list by default.
<wizardslovak> i host my web site on my own server
<wizardslovak> Doble: what are you trying to do>??
<Doble> just set up a really basic proxy
<Doble> caching and eventually bandwidth control
<wizardslovak> hmmm
<wizardslovak> Doble:  check this https://help.ubuntu.com/8.04/serverguide/C/squid.html
<twb> Doble: by default, squid does not allow connections from anything but the localhost (i.e. the lo interface).
<twb> Doble: this is to avoid sysadmins accidentally exposing the service to an untrusted network.
<twb> Doble: if you examine the squid config file, you will see (commented out) examples referring to (IIRC) "our_networks".
<mikegriffin> grep -v ^\# squid.conf, that will help
<twb> mikegriffin: pah
<twb> egrep -v '^[[:space:]]*($|#)' is the full one.
<twb> BTW, you don't need to escape the octothorpe if it is preceded by a non-blank character.
<wizardslovak> uuu people showed finally
<Doble> thanks, I am doing what I should have done to begin with and reading Squid's user guide :) I will be back in a few minutes once i've read through the first few pages
<mikegriffin> Doble: not if you figure it out
<wizardslovak> email server anyone?
<wizardslovak> i got php installed , what to do so i can use phpmyadmin on it?
<wizardslovak> what do you people think of this? http://www.howtoforge.com/virtual-users-domains-postfix-courier-mysql-squirrelmail-ubuntu8.10
<mikegriffin> using a mysql backend for postfix is usually overkill
<mikegriffin> use system accounts when you can
<wizardslovak> whats he difference btw using system accounts vs mysql accounts
<mikegriffin> using an sql backend requires some sort of intermediary authentication such as sasl but has more flexibility for large scaling
<wizardslovak> well i will host probably 5-10 email accounts on my web site
<wizardslovak> no more
<Doble> twb: thanks, I'm still having some trouble, I've added an ACL, and allowed it, and even tried commenting out the "deny all" ACL at the bottom, but I still get an access denied error
<Doble> twb: nevermind, I had a stray space in one of my ACLs - looks like it's working now!
<wizardslovak> what MX priority?
<mikegriffin> wizardslovak: http://lmgtfy.com/?q=mx+record
<wizardslovak> lol nice
<wizardslovak> problem is i want to mae MX on domain name and it asks me for mx priority ( default is 10) should i leave it or change it?
<mikegriffin> one of those will likely work
<mikegriffin> night everybody
<wizardslovak> ok so i will leave 10
<wizardslovak> night mike
<mikegriffin> damn it
<wizardslovak> is ispconfig good to use?
<wizardslovak> difference btw webmin and ispconfig
<dexem> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system. See !ebox instead.
<wizardslovak> !ebox
<ubottu> ebox is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/eBox
<ball> Is there a small "Powered by Ubuntu Server" badge somewhere for me to stick on Web pages?
<wizardslovak> check google images
<ball> I did, but I've not found anything appropriate.
<wizardslovak> ok so now i am f$%^&d
<ball> ?
<wizardslovak> i was trying to install ispconfig , and now i cant see my website again
<wizardslovak> how can i remove it?
<wizardslovak> i tried apt-get remove ispconfig but it says "couldnt find package ispconfig"
<mattt_> did you install it via apt?  :)
<wizardslovak> ok i used uninstall.php
<wizardslovak> i dont have it nomore
<wizardslovak> but still i cannot see my website
<wizardslovak> www.wizzy.us
<wizardslovak> before i installed it it worked fine
<wizardslovak> should i restart server or somethin?
<mattt> no idea
<wizardslovak> damn
<mattt> but if ispconfig is anything like plesk ... good luck :)
<wizardslovak> plesk??
<mattt> it's similar to ispconfig i believe
<wizardslovak> hmm
<mattt> lets you config all your web hosting through an admin panel
<wizardslovak> so you dont really know how to help me
<mattt> nope
<wizardslovak> can i check if apache is running
<mattt> sure
<mattt> try 'apache2ctl status'
<mattt> (provided you're using apache2)
<wizardslovak> give me sec trying to reset server
<wizardslovak> damn i am always stupid enought to try everything
<wizardslovak> and then something is fucked
<mattt> language
<wizardslovak> sorry
<wizardslovak> w3m: Can't load http://localhost:80/server-status.
<mattt> :)
<mattt> /etc/init.d/apache2 start
<wizardslovak> http://pastebin.com/m131d2739
<wizardslovak> ok i see apache config has something wrong
<mattt> oh
<mattt> sorry
<wizardslovak> ??
<mattt> you need to use sudo
<mattt> 'sudo /etc/init.d/apache2 start'
<wizardslovak> "apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1 for ServerName"
<wizardslovak> so what do you think?
<wizardslovak> i think my domain name has been changed
<wizardslovak> whats the default apache config file?
<mattt> hmm, check under /etc/apache2/sites-enabled
<wizardslovak> nothing
<wizardslovak> i opened it with nano
<wizardslovak> its folder with 000-default and 000-ispconfig.conf
<wizardslovak> ok what if i remove 000-ispconfig
<wizardslovak> then apache should read from wizzy.us
<wizardslovak> i mean from 000-default
<wizardslovak> ??
<wizardslovak> then i would need to point apache to read from 000-default
<mattt> sorry, not familiar w/ ispconfig, so i don't know what changes it could have made
<mattt> wizardslovak: try moving 000-ispconfig.conf out of the way (ie. to /root or /tmp) and then restart
<wizardslovak> ok i removed it
<wizardslovak> command /etc/init.d/apache2 restart??
<wizardslovak> pache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1 for ServerName
<wizardslovak> apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1 for ServerName
<wizardslovak> as i thought
<wizardslovak> i need to change apache config file maybe
<mattt> can you do this for me
<wizardslovak> i am reading apache2.conf
<mattt> netstat -na | grep :80 | grep LISTEN
<wizardslovak> error grep:80 command not found
<mattt> try again
<mattt> :)
<mattt> "grep<SPACE>:80"
<wizardslovak> tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN
<mattt> seems to be running then
<mattt> dude, try wizzy.us, it's working
<wizardslovak> lol
<wizardslovak> how come?
<ball> I'm going to bed.
<wizardslovak> nite ball
<mattt> ball: night
<wizardslovak> ok i see
<wizardslovak> in apache2.conf
<wizardslovak> there is "
<wizardslovak> Include the virtual host configurations:
<wizardslovak> Include /etc/apache2/sites-enabled/
<mattt> correct
<wizardslovak> so that mean by removing 000-ispconfig , apache read other file which is 00-default
<wizardslovak> which is right one ;p
<mattt> well
<mattt> it would have still read 00-default
<mattt> but it would have read it AFTER 000-ispconfig
<wizardslovak> i removed it
<mattt> right, but before you removed it
<wizardslovak> i know
<wizardslovak> uuu
<wizardslovak> i feel better
<wizardslovak> whats stored in /tmp
<wizardslovak> i se i got used 11mb out of 471
<mattt> typically tmp files
<mattt> hey, gotta jet, brb
 * mattt is afk
<wizardslovak> sure
<wizardslovak> that email how tos are pretty tough
<wizardslovak> how to add repository?
<oh_noes> I need to allow a nonroot user access to bind to port 80 -- what options do I have in Ubuntu server 8.04?
<Kamping_Kaiser> oh_noes, sudo?
<twb> oh_noes: the program that binds to port 80 must be setuid (or via sudo), and then immediately relinquish its privileges after binding.
<wizardslovak> hmmm ebox doesnt work with 8.10
<twb> Or, you could set up mod_proxy or mod_rewrite and connect it to the user's high-port binding.
<twb> I think nginx can do that easily, too.
<oh_noes> I dont want to grant the program sudo/root rights though.   100% on root user, except now with ability to bind to port 80
<twb> What is this program?
<oh_noes> and it needs to be done at the OS level, without application changes
<oh_noes> just a custom java app.
<twb> Why does it need port 80, specifically?
<oh_noes> because it's a web server?
<oh_noes> oops, -?
<twb> Web servers aren't required to use port 80.
<oh_noes> because the business has a requirement to run it on port 80, I have the IT requirement to ensure its nto running as root
<twb> Then we come back to16:38 <twb> Or, you could set up mod_proxy or mod_rewrite and connect it to the user's high-port binding.
<oh_noes> in solaris it's just a matter of priv_netaddr access .. i was hoping something identical existed in debian stack
<twb> You run a simple service on port 80 that just redirects requests to the java app
<jmarsden> oh_noes: proxy it.  Or if you have a decent router between server and Internet, do the port mapping in the router instead.
<twb> I'm not aware of anything like that, but that doesn't mean it doesn't exist.
<oh_noes> hrmm, I wonder if apache2 can handle the data piping, similar to mod_jkk
<twb> I'd say DNAT is overkill for this
<oh_noes> DNAT is getting outside the scope of the initial requirements, obviously we want to random custom java on our servers as non-root
<oh_noes> I just didnt think ubuntu would have such a hard time handle it
<wizardslovak> since we got here people ill ask
<wizardslovak> did anyone installed email server on ubuntu??
<Kamping_Kaiser> wizardslovak, i'm sure theres an email server on ubuntu somewhere in the world
<Kamping_Kaiser> oh_noes, the other option is no one here has bothered to do whatyou need.
<wizardslovak> i know i need someone to guid me thru
<DawnLight> hello. samba question, please. even though i've auto home directories configured, they seem to not appear in the list. if i don't set 'browseable = no' the homes share is visible. help? 'smbclient -L SERVA': http://pastebin.com/f2f9e6da5 testparm: http://pastebin.com/f64286115
<Kamping_Kaiser> have you followed the guide on the wiki(s)?
<twb> DawnLight: home directories are only visible to the users that own them.  Dunno if that helps...
<DawnLight> twb: "The browseable flag for auto home directories will be inherited from the global browseable flag, not the [homes] browseable flag. This is useful as it means setting browseable = no in the [homes] section will hide the [homes] share but make any auto home directories visible."
<DawnLight> so they're supposed to be visible
<ar> Does anyone have any experience installing ehcp?
 * Nafallo doesn't even know what it is
<soren> nxvl: This bit from the changelog needs to go: +    - Don't fail to run iptables-save if iptables module isn't loaded.
<soren> nxvl: That's what this patch did: +  * Droped 0903-autoload-module-in-iptables-save.diff, fixed upstream
<ar> its a new web host control panel for Ubuntu
<Nafallo> ah
<ar> http://www.howtoforge.com/instaling_ehcp_on_debian_ubuntu#comment-3886
<soren> Never heard of it.
<ar> its actually pretty nice
<ar> clean layout
<nxvl> soren: right i forgor to change that in the changelog
<nxvl> forgot*
<nxvl> soren: you want me to prepare a new patch?
<ar> Nafallo can you tell me how I could add these to my sources.list http://www.ehcp.net/?q=node/389
<ar> I went to the url but its just directories?
<ar> when I do install for ehcp it tells me my sources.list file contains very few sources
<ar> ???
<ar> I dont know what they mean by that
<soren> nxvl: Nah, that seems to be the only problem, so I'll just do it for you.
<Nafallo> ar: sorry, I can't. I got to run.
<soren> nxvl: I just need to test-build it, and I'll upload. Thanks for doing it!
<ar> ok np thank you
 * nxvl HUGS soren 
<nxvl> soren: yeah, it was quite a lot of work, some patches didn't applied, so i needed to re-do them
<ar> anyone know how to add http://www.ehcp.net/?q=node/389 to source.list ?
<nxvl> soren: plus dig into changelogs to find out about that patch
<nxvl> soren: but i'm happy to help :D
<soren> nxvl: Yeah, sorry I didn't tell you. I forgot all about submitting that stuff upstream.
<jmarsden> ar: man sources.list    may offer some clues ... although that is a slightly odd-looking URL for a repository
<nxvl> soren: the issue was that the upstream changelog isn't in the source
<nxvl> soren: so i needed to go into the web page and start openning one by one the changelogs
<nxvl> soren: i noticed that it was included in the source, i saw some bits of the patch, and some other quite different
<ar> yeah agree jmarsden, I thought maybe it would be text I could copy and past into the source.list but its directories
<Kamping_Kaiser> ar, and i'd suggest you use a file in sources.list.d instead of editing the real thing
<ar> strange
<nxvl> soren: so i went to the changelogs just to be sure
<soren> nxvl: Yeah, the patch changed quite a bit while I was discussing it with upstream. that's the way it goes sometimes :)
<ar> how come Kamping_Kaiser?
<nxvl> soren: plus the DM didn't document some changes that i noticed in some files
<nxvl> soren: i can imagine
<ar> not wise to edit the source.list file?
<Kamping_Kaiser> ar, so if you screw up you can remove one file to remove the repo, instead of trying to fix a key system file
<jmarsden> ar: That URL is just a page with an example sources.list on it... it is not a repo at all, from what I can see.
<wizardslovak> i installed ebox , and it doesnt connect
<ar> Gotcha Kamping thank you :)
<Kamping_Kaiser> ar, :)
<ar> jmarsden so I would just open a file and copy the text in a new file as Kamping mentioned?
<jmarsden> ar: Well, only if those examples are exactly what you need for your system...
<wizardslovak> how to find directory??
<jmarsden> What is it that you want from a new repo anyway?  What software are you looking for?
<wizardslovak> find /directory
<ar> ehcp says It's need for their web host control panel
<jmarsden> ar: Seem dubious to me... that is just an example Intrepid /etc/apt/sources.list file
<ar> lol ok, thanks jmarsden!
<jmarsden> You might want to edit your /etc/apt/sources.list and uncomment a few repositories that are currently commented, maybe??  is that what ehcp is wanting?
<ar> Am I allowed to paste here?
<ScottK> !pastebin
<ubottu> pastebin is a service to post multiple-lined texts so you don't flood the channel. The Ubuntu pastebin is at http://paste.ubuntu.com (make sure you give us the URL for your paste - see also the channel topic)
<ar> This is what it says here http://pastie.org/470901
<ar> The thing is these are intrepid source.list files Im running Hardy?
<jmarsden> ar: So it just wants to see a few more lines in the sources.list, so go ahead and edit yours and uncomment some (reasonable) ones.
<jmarsden> I'd suggest making sure you -security in there, as a start.  But really, that message is not an error, just "advice" you can ignore if you want to.
<ar> jmarsden theres nothing commented out in the source file http://pastie.org/470903
<jmarsden> ar: Looks fine to me, ehcp is warning you about nothing important, just ignore the warning :)
<ar> :) ok thanks Jmarsden
<arvind_khadri> hi, in the smb.conf does uncomment mean remove the ; ?
<jmarsden> arvind_khadri: Yes, or the # -- whichever is at the start of the line you need to uncomment.
<arvind_khadri> jmarsden: ; in this case
<arvind_khadri> jmarsden: is it compulsory to enable cups in smb.conf to enable printing on a shared network
<jmarsden> arvind_khadri: I don't know, but I don't think so... I'd read the Samba docs to find out.
<soren> nxvl: Uploaded.
<reid> hey, anyone able to tell me real fast how to put a directory via ftp?
<reid> tells me not a plain file, and cant find an option in 'man ftp'
<ha1331> how to reinstall apache, in a way that the /etc/apache2 directory and it's contents is recreated
<ha1331> all I get I reinstall is empty httpd.conf
<ha1331> all I get if I reinst....
<soren> ha1331: httpd.conf is empty by default.
<soren> ha1331: Look at apache2.conf instead.
<ha1331> sorenno, that's what I'm saying... no other configs than empty httpd.conf
<ha1331> need to reinstall it in a manner that the /etc/apache2 is re-created
<soren> ha1331: http://people.ubuntu.com/~soren/apache2-etc.tar.gz is a clean /etc/apache2 directory (from Jaunty(
<twb> reid: FTP has no recursive put.
<twb> reid: some clients implement it client-side by repeatedly calling PUT on files and CD/MKDIR(?) on dirs
<twb> Failing that you can make an archive, e.g. tar --lzma -cf foo.tar.lzma foo; ftp -c put foo.tar.lzma fs
<wizardslovak> when i install ebox , i still be able to control server over ssh ??
<sluimers> Hello, my postfix is complaining about greets to it's own hostname. -> http://ubuntuforums.org/showthread.php?p=7230610#post7230610 I don't understand it.
<arvind_khadri> how do i make a windows machine logon to DC which runs samba
<twb> sluimers: it sounds like the problem is that your machine doesn't know if it's name is "mail.mydomainname.com" or "mydomainname.com"
<twb> sluimers: probably your /etc/hostname, /etc/hosts and DNS records do not match.
<arvind_khadri> twb: ï»¿how do i make a windows machine logon to DC which runs samba??
<twb> arvind_khadri: I don't know of care.
<twb> arvind_khadri: I don't know oR care.
<arvind_khadri> twb: where do i look  ?
<twb> arvind_khadri: I've no idea.
<sluimers> both /etc/hostname and /etc/hosts say mydomainname.com
<sluimers> that's correct right?
<skiquel> hi, I'm using bind9 to forward *.ldnm.lan to 127.0.0.1, and having trouble getting it to work. I have the code/some debug commands at http://ubuntuforums.org/showthread.php?t=1151382
<sluimers> my MX (Mail Exchange) should go to mail.mydomainname.com
<sluimers> I mean goes to
<twb> sluimers: to be honest, I'm not too sure.
<sluimers> ... they should all match mydomainname.com?
<sluimers> It's making me so confused
<twb> sluimers: I think the easiest way to fix the issue is to add an option to postfix that says "expect mail. sometimes".
<sluimers> where to use mail.mydomainname.com and where I should use mydoainname.com
<twb> sluimers: you'll have to talk to #postfix of wait for someone else here, to know how to do that.
<arvind_khadri> ï»¿how do i make a windows machine logon to DC which runs samba
<skiquel> hi, I'm using bind9 to forward *.ldnm.lan to 127.0.0.1, and having trouble getting it to work. I have the code/some debug commands at http://ubuntuforums.org/showthread.php?t=1151382
<NineTeen67Comet> What other php.ini file do I need to edit to enable more than 2mb upload to my apache/gallery .. ? I've got /etc/php5/cli/php.ini at 12M upload size and still it tells me 2mb max (in drupal) .. help?
<ivoks> NineTeen67Comet: that's not the one
<Kamping_Kaiser> clue is in the path (cli)
<ivoks> real path is /path/to/your/website/.htaccess :)
<Kamping_Kaiser> :)
<NineTeen67Comet> Kamping_Kaiser: okay I'll look around in ./drupal ..
<Chipzz> no
<NineTeen67Comet> I didn't think the cli portion of php was the issue ..
<Chipzz> you need /etc/php5/apache2/php.ini
<Chipzz> (assuming you use mod-php)
<NineTeen67Comet> Chipzz: that sounds much more familure ..
<ivoks> if you edit /etc/php5/apache2/php.ini, you'll have anoying questions on upgrade
<Chipzz> and apache needs a restart for that setting to take effect
<Chipzz> (not reload, restart)
<ivoks> if you add /etc/php5/conf.d/my_cool.ini you'll avoid that anoying question
<sluimers> Hi, I have installed squirrelmail, what are my usrname and password?
<ivoks> in both cases you'll impose some config to all of your sites
<sluimers> Where can I can find them?
<ivoks> so, having it in .htaccess is the best thing to do
<NineTeen67Comet> ivoks: if I add my own .ini what info does it need? Basically just the maximum file size line?
<sluimers> and how can I edit/add/remove new usernames and passwords?
<ivoks> but sure, just ignore me and do what Chipzz told you; then come back in couple of months and ask us the same question :)
<ivoks> NineTeen67Comet: yes
<Chipzz> ivoks: that assumes you have AllowOverride All on in your vhost
<ivoks> Chipzz: sure
<Chipzz> ivoks: tssssk
<Kamping_Kaiser> sluimers, usually the same logins available via your imap server
<NineTeen67Comet> ivoks: Chipzz I'll have to see what my .config says about AllowOverride ..
<Chipzz> ivoks: I'ld say my solution is a lot more correct than yours :P
<ivoks> Chipzz: why is that?
<Chipzz> ivoks: and no, he will not come back
<Chipzz> ivoks: give me one reason why my suggestion wouldn't stick?
<Chipzz> hint: there is none
<ivoks> he will, once he answers 'Yes, overwrite package's conffile'
<ivoks> i didn't say it wouldn't work
<Chipzz> *sigh*
 * Chipzz hands ivoks a gun
<ivoks> it's just that smart people came up with .d directories
<Chipzz> now shoot yourself in the foot
<ivoks> which enable you to have custom changes
<Chipzz> ivoks: /etc/php5/conf.d/ is NOT meant for what you are suggesting
<arvind_khadri> https://help.ubuntu.com/9.04/serverguide/C/samba-ldap.html is this fine for ldap configuration ?
<ivoks> Chipzz: ?
<Chipzz> ivoks: it's meant for php extensions to drop their .ini files in
<ivoks> doh...
<ivoks> so, /etc/apache2/conf.d is of the same case?
<Chipzz> not for making your own modifications
<ivoks>  /etc/amavis/conf.d also?
<ivoks>  /etc/modprobe.d/ also?
<Chipzz> I would say it is, yes
<ivoks> Chipzz: if you don't understand it, don't put up a claim
<sluimers> Kamping_Kaiser, where can I see those logins available via my imap server?
<Chipzz> ivoks: I was about to say the same thing about you
<ivoks> yes, extensions can put their .ini files
<ivoks> but it is also for custom files
<ivoks> like all other packages
<Chipzz> ivoks: your argument is fundamentally broken. Since you're talking about different software packages, with different rules about parsing init-files, you can't make the comparison
<arvind_khadri> ï»¿i have ubuntu 8.04 , just installed samba and want to use ldap for authentication, how do i set it up ?
<Kamping_Kaiser> sluimers, depends how you configured it. couriers default is using pam, so anyone with a user account has an imap login
<sluimers> because right now, I'm able to receive and send mail through mutt, but that is simply because no loginname nor password is being asked
<ivoks> i give up
<sluimers> any linux user account?
<Chipzz> ivoks: when you have 2 lines with the same setting, but a different value, different software may decide differently on which line wins
<ivoks> what should i know, i only package stuff :)
<Kamping_Kaiser> sluimers, what do you mean "any linux user account"
<Chipzz> some software only looks at the first line, some looks at the last line
<sluimers> I tried using user:myname password:mylinuxpassword, but that doesn't work
<Chipzz> so I call bullshit on your argument
<ivoks> Chipzz: those that look only one line don't have .d directories
<ivoks> by design they don't have them
<ivoks> others, by design, have them
<sluimers> all those written in etc/passwd
<Chipzz> what crack are you on, exactly?
<Kamping_Kaiser> sluimers, auth.log will show you attempted logins
<Kamping_Kaiser> assuming your using pam for logins...
<Chipzz> the existance of .d directories has nothing to do with what you say, rather with the ability of the software to cope with include directorives in their conf files
<Chipzz> I again call bullshit on your argument
<sluimers> user root, user myname, user getmail?
<Chipzz> ivoks: what you're saying shows a very poor understanding. I can have one config file with 2 lines with the same setting. that does not relate to having a .d directory at all, it is a completely orthogonal issue
<sluimers> so it's myname? but I tried myname, I tried the linux password of myname, it doesn't get me into squirrelmail
<Chipzz> what I am referring to is how those issues are resolved. ie, first-match-wins or last-match-wins
<Kamping_Kaiser> sluimers, so fix your setup
<arvind_khadri> how do i populate ldap db ??
<Jeeves_> ldapvi :)
<Kamping_Kaiser> Jeeves_, :)
<arvind_khadri> Jeeves_: was that for me ?? i cant use it here... am actually using webmin as the front end ?
<Kamping_Kaiser> arvind_khadri, then stop asking questions you dont want answers too.
<Kamping_Kaiser> !tell arvind_khadri about webmin
<ubottu> arvind_khadri, please see my private message
<arvind_khadri> Kamping_Kaiser: by i cant use it here i meant that i couldnt find that command on auto complete
<Kamping_Kaiser> arvind_khadri, so install it
<arvind_khadri> Kamping_Kaiser: ok got it, i have a Windows server with all the users, how do i replicate the stuff on this machine ?
<Kamping_Kaiser> no idea.
<arvind_khadri> Kamping_Kaiser: ldapsearch -xLLL -b cn=config -D cn=admin,cn=config -W olcDatabase={1}hdb  , i get invalid credentials
<VK7HSE> Is there a way to purge spam mail from amavis on ubuntu-server ... if so what do I need to type in!
<arvind_khadri> Kamping_Kaiser: you there?
<Kamping_Kaiser> yes, but i dont use any of that software
<henriquelm> Hello there
<uvirtbot> New bug: #346980 in system-config-printer (main) "Crash after searching network printer with Samba (dup-of: 368273)" [Medium,Triaged] https://launchpad.net/bugs/346980
<uvirtbot> New bug: #350697 in system-config-printer (main) "adding printer via samba crashes when looking for network printer (dup-of: 368273)" [Medium,Triaged] https://launchpad.net/bugs/350697
<henriquelm_> is it possible to upgrade from ubuntu server 8.10 32bits to 8.10 64bits?
<Kamping_Kaiser> afaik no
<fevel> how can I verify if someone changed the password for the default user?
<fevel> I am logged in as a user with root access through sudo
<arvind_khadri> ï»¿hi, i get invalid credentials even if i enter the correct password in ldap
<ivoks> fevel: passwd -S
<fevel> thanks
<fevel> theres also chage
<ivoks> fevel: but you need sudo for it, right?
<fevel> yes
<ivoks> err, you don't :)
<fevel> both worked
<ivoks> chage -l username
<fevel> for chage you do
<fevel> uyes
<ivoks> arvind_khadri: what do you do, exactly?
<arvind_khadri> ivoks: am following the community documentation and setting up ldap, where i need to do ldapadd
<ivoks> how do you run ldapadd?
<ivoks> could you paste the command you are running?
<oioiii> hi
<oioiii> I'm trying to get coredumps to work (apache2.2.8 and ubuntu8.04lts)
<oioiii> already tried this: CoreDumpDirectory /tmp/apache2-gdb-dump in apache2.conf
<oioiii> # mkdir -p /tmp/apache2-gdb-dump
<oioiii> # chown www-data:www-data /tmp/apache2-gdb-dump
<oioiii> # chmod 0777 /tmp/apache2-gdb-dump
<oioiii> # echo 2 > /proc/sys/fs/suid_dumpable and # ulimit -c unlimited
<oioiii> but dont get dumps :-(
<oioiii> any hints?
<finite9> quick Q. about apt-get updating a server... Do I need to script this in so that I do an apt-get upgrade every week for security upgrades?  I dont get informed when there are new updates like you do with Desktop edition.  Or is there a way to get informed on server without actually scripting an upgrade?
<ogra> finite9, https://help.ubuntu.com/community/AutomaticSecurityUpdates ?
<dmcoe> What would be some benefits to running a ubuntu server vs. a debian server?
<foxbuntu> dmcoe, Ubuntu > debian > windows
<foxbuntu> dmcoe, heh...sorry don't have a good answer for you, someone else might
<dmcoe> foxbuntu: lol, thanks :-P
<genii> dmcoe: You might want to check out http://www.ubuntu.com/products/whatisubuntu/serveredition it has lots of info specific to -server. Although I don't know if there is somehwere on there any debian vs ubuntu   type thing.
<ivoks> dmcoe: newer kernel, predictive support cycle
<ivoks> dmcoe: some newer services (dovecot for imap/pop comes to mind)
<RoAkSoAx> ivoks, thansk for the suggestions. I'll work with drbd later on since I will have to go in a few mins. Btw... could you also check qemu?
<ivoks> RoAkSoAx: nxvl told you errors in qemu
<RoAkSoAx> ivoks, let me see :)
<RoAkSoAx> ivoks, oh yeah! didn't see the email... thanks :)
<ivoks> what was the name of that fire... thing
<RoAkSoAx> ivoks, firebug
<ivoks> that was uploaded
<RoAkSoAx> ivoks, btw, I have set up this wiki page... https://wiki.ubuntu.com/4nDr3s/Mentorship . there is a task list that I think it would help me... just leave some feedback about it,and if you agree so that we can work that way
<ivoks> heh, you are your own mentor :)
<RoAkSoAx> ivoks, well i always have questions.. and guidance... that's way i thought that it would be better to track all those things based on what the mentor wikipage says :)
<ivoks> RoAkSoAx: for other merges, surbscribe me first
<ivoks> RoAkSoAx: so i could take a look at it, and i'll surbscribe main or universe sponsors
<RoAkSoAx> ivoks, ok cool
<ivoks> RoAkSoAx: do you know how drbd works?
<ivoks> er... dpatch
<RoAkSoAx> ivoks, dpatch-edit-patch new.dpatch and then mamke the changes in the files and that's about it?
<foxbuntu> dmcoe, http://polishlinux.org/choose/comparison/?distro1=Ubuntu&distro2=Debian
<ivoks> RoAkSoAx: also debian/patches/list
<ivoks> RoAkSoAx: you need to add your patch in the list
<dmcoe> foxbuntu: awesome site!!  Thanks!
<ivoks> RoAkSoAx: it's also wise to apply other patches before creating your own
<ivoks> RoAkSoAx: dpatch-edit-patch -a (iirc)
<ivoks> cause you might be editing a file that some other patch changes
<foxbuntu> RoAkSoAx, are you trying to patch lirc?
<foxbuntu> oh sorry nvm
 * foxbuntu is half blind this morning
<Kamusin> somebody know if 8.04 has any load test tool (for make a stress test)?
<Hecate> what kind of test do you wanna make?
<Hecate> a fair amount of different tests can be easily done with the tools you have at hand.
<Kamusin> I need a hard disk test (I ran hdparm but I need other alternative), cpu load and memory
<ivoks> stres
<Hecate> Kamusin, cpu load: dd if=/dev/urandom of=/dev/null bs=1K
<ivoks> er, stress
<Hecate> will only utilize a single core, though
<RoAkSoAx> ivoks, ok awesome
<Kamusin> I have a dual core CPU but it's ok :)
<RoAkSoAx> ivoks, now i really gtg... talk you later.. i'll do the changes later on take care :)
<Hecate> Kamusin, memory: perl -e '$MEM = "\x00"; while(1) { $MEM .= $MEM; }'
<ivoks> crashme is also nice
<ivoks> apt-cache show crashme | grep -A2 WARNING
<Kamusin> I will search crashme :)
<Kamusin> thank's ivoks  :)
<ivoks> Kamusin: try stress
<Kamusin> ivoks, ohh that's what I need!
<Kamusin> sweet, a complete test is just all I need , ivoks  you are god
<skiquel> hi, I'm using bind9 to forward *.ldnm.lan to 127.0.0.1, and having trouble getting it to work. I have the code/some debug commands at http://ubuntuforums.org/showthread.php?t=1151382
<ivoks> can you be a dns for 127.0.0.1/8 at all?
<ivoks> skiquel: ?
<skiquel> ivoks: be a dns?
 * skiquel is very noobish
<acalvo> hello
<ivoks> skiquel: you want to resolve hostnames to 127.0.0.1?
<acalvo> I'm trying to set up a PDC with LDAP and SAMBA, I've looked lots of tutorials, but none seems to help a lot with ubuntu
<acalvo> is there any good tutorial to start with?
<ivoks> what are the issues you are having?
<wizardslovak> morning people
<skiquel> ivoks: yeah
<ivoks> skiquel: why? :)
<skiquel> i can't get www.ldnm.lan / *.ldnm.lan to resolve to 127.0.0.1
<ivoks> skiquel: you want to do that for other computers, or only for your?
<skiquel> because we need subdomains.
<acalvo> has anyone set up ubuntu server as a PDC with samba 3.3.2, openldap 2.4.15, smbldap-tools 0.9.5-1?
<ivoks> acalvo: what issues do you have?
<jmedina> acalvo: http://tuxjm.net/docs/cursos/Samba+OpenLDAP+PAM+NSS-4Ubuntu/html/ in Spanish, easy examples for easy copy & paste :D
<ivoks> acalvo: you know, we can't help you if you don't tell us where the problem is
<acalvo> ivoks: sorry, didn't saw that your last message was for me
<wizardslovak> does anyone know how to setup simple email server?
<ivoks> skiquel: so, 'dig @ip_of_dns_server ldnm.lan' doesn't work?
<ivoks> wizardslovak: ubuntu 9.04 - sudo apt-get install dovecot-postfix
<wizardslovak> 8.10
<ivoks> then fire up your browser and visit help.ubuntu.com
<acalvo> everything seems to be working, I am able to log in using pam-ldap and nss-ldap, but whenever trying to join the domain, it creates the LDAP entry for the machine, asks to add the user and says no trusted relationship between the machine and the domain
<acalvo> jmedina, thanks, but it's a bit outdated
<wizardslovak> if i will upgrade to 9.04 , will all my settings stay?
<ivoks> wizardslovak: https://help.ubuntu.com/8.10/serverguide/C/email-services.html
<acalvo> (although I'll follow it again)
<ivoks> wizardslovak: they should, yes
<jmedina> acalvo: well I only use 8.04 LTS for production
<acalvo> jmedina, mm touchÃ©, maybe I should move to 8.04 instead...
<wizardslovak> how to backup 8.10?
<skiquel> ivoks:  that seems to be forwarding
<ivoks> wizardslovak: what do you want to backup?
<skiquel> to 127.0.0.1
<ivoks> skiquel: great, then it works :)
<ivoks> skiquel: that's what you wanted
<wizardslovak> well i want to back up all my settings/website in case upgrade will go wrong
<ivoks> wizardslovak: you have a web server?
<wizardslovak> yes
<ivoks> just upgrade
<skiquel> ivoks: =] but apache isn't showing anything?
<ivoks> wizardslovak: if you haven't added any programs outside of ubuntu, you won't have a single issue
<wizardslovak> i got :ebox
<ivoks> wizardslovak: eh...
<ivoks> that could be a problem
<ivoks> skiquel: so? are we talking about dns or web?
<wizardslovak> well i am not using it anyways
<ivoks> skiquel: do you understand what you have done?
<skiquel> well I'm not sure if my issue is DNS or not
<wizardslovak> i will probably remove it
<ivoks> skiquel: you've created a domain xyz.lan
<skiquel> ivoks: not at all
<ivoks> skiquel: which points to localhost
<jmedina> acalvo: that works for some customer installations without problems, acalvo if you really need something from jaunty then troubleshout, which it is a little hard because a lot of components
<skiquel> kk :)
<ivoks> skiquel: that means that when i ask your dns server about xyz.lan
<ivoks> skiquel: it will tell me that it's on my own machine
<ivoks> skiquel: 127.0.0.1
<skiquel> but pinging it
<ivoks> 127.x.x.x always points to your local machine
<skiquel> its an unknown host
<skiquel> is that normal?
<ivoks> skiquel: yes if you don't use that server as a DNS for your machine
<acalvo> jmedina, I know, I was setting up a test server, and I need to move my current LDAP to a PDC, so it's kind of a playbox...
<ivoks> skiquel: does your /etc/resolv.conf shows 'nameserver ip_of_your_dns_server'?
<skiquel> is ip_of_dns_server my local ip?
<ivoks> it's ip of your DNS
<skiquel> im doing this all from a laptop, no other computers
<ivoks> the one with bind, the one you configured
<ivoks> skiquel: then yes, IP of your laptop
<skiquel> atm its pointing to my gateway (router admin ip)
<ivoks> skiquel: notice how setting up bind for task like that was pointless
<ivoks> skiquel: you could easily just add xyz.lan to /etc/hosts as an alias to 127.0.0.1
<skiquel> ivoks, thanks
<ivoks> :D
<skiquel> what's your iQ?
<skiquel> what's your day job?
<skiquel> are you from canonical
<ivoks> 1) 5 2) sysadmin 3) no
<ivoks> actually, no, i'm CTO
<ivoks> :D
<skiquel> nice
<RoAkSoAx> ivoks, i'm back
<ivoks> RoAkSoAx: great ;)
<RoAkSoAx> ivoks, give me just a sec and i'll start working on drb
<RoAkSoAx> d
<ivoks> RoAkSoAx: you have 30 minutes, cause i have to leave then
<RoAkSoAx> ivoks, k, i'll fix the qemu changelog and i'll start working on drbd
<ivoks> RoAkSoAx: one by one
<ivoks> RoAkSoAx: and since this isn't server related, we could talk about it in ubuntu-motu
<wizardslovak> whats command for upgrade?
<ivoks> wizardslovak: do-release-upgrade
<wizardslovak> apt-get dist-upgrade?
<wizardslovak> ap-get release-upgrade
<ivoks> wizardslovak: no; do-release-upgrade
<yann2> yann@yann-work:~$ sudo do-release-upgrade
<yann2> sudo: do-release-upgrade: command not found
<ivoks> yann2: install update-manager-core
<wizardslovak> yannn "do-release-upgrde"
<wizardslovak> only no sudo no tnothing
<ivoks> wizardslovak: of course sudo :D
<ivoks> you can't update without root privileges
<wizardslovak> i didnt put sudo but i asked me for sudo password anyway
<yann2> I wonder if this is going to make my notifications work, never got that
<ivoks> wizardslovak: nice, i didn't know that's possible
<wizardslovak> me neighter
<yann2> re
<yann2> what's the package for the notifications?
<ivoks> notifications?
<yann2> yeah, the cool jaunty notifications (sorry, desktop :( )
<ivoks> notify-osd
<ivoks> now move to #ubuntu :)
<acalvo> jmedina, thanks for your how-to (muchas gracias), but it seems that I've everything correctly... however, once logged using PAM-LDAP, I can't create files nor directories
<jmedina> acalvo: is nss working fine?
<acalvo> jmedina, ok... how to check nss?
<jmedina> acalvo: what error do you get?
<jmedina> acalvo: it is in the howto :D
<acalvo> ahahahah
<jmedina> getent passwd
<jmedina> getent group
<jmedina> getent passwd ldapuser
<yann2> oh I had ubuntu-desktop uninstalled, good that's gonna be fine now :]
<acalvo> oh
<acalvo> yes
<acalvo> it is working
<jmedina> acalvo: ok
<jmedina> so what is the problem when you create files?
<acalvo> jmedina, no privileges
<jmedina> acalvo: why?
<acalvo> jmedina, oh, my bad...
<jmedina> acalvo: can you test from a logged in user
<jmedina> id
<acalvo> test@ESCI-PDC:/$ id uid=1001(test) gid=513(Domain Users) groups=513(Domain Users)
<jmedina> looks fine
<genii> You might not want that hyphen in your machine name btw
<acalvo> jmedina, ok, it was my bad
<acalvo> I've used smbldap-useradd -m -P test
<acalvo> s/
<acalvo> s/-m/-a
<jmedina> genii: why not the "-" in hostnames?
<jmedina> :D
<genii> jmedina: I've found it's caused me grief previously
<jmedina> genii: I never have problems even with real TLD domains/hosts
<jmedina> acalvo: good so what s netx?
<jmedina> next
<acalvo> jmedina, well, stuck in the same prob
<acalvo> when joining the domain
<jmedina> which one?
<acalvo> it _seems_ to work
<acalvo> finally, it asks my to add a user (if I want)
<acalvo> I say "yes"
<acalvo> and then it says "no trusted relationship between the machine and the domain"
<jmedina> acalvo: have you used the procedure described in my howto?
<acalvo> I'm going thru right now :D
<jmedina> acalvo: check tha you use create machine scripts in smb.conf
<jmedina> well al lthat /usr/sbin/smblda-comandssss
<acalvo> yes yes
<jmedina> acalvo: try to increase samba log level
<acalvo> I've used the community how-to from Ubuntu
<jmedina> and try again, you might find more info in /var/log/samba/
<ivoks> we should change topic to:
<ivoks> 'First time unix/linux admin? Discover the coolest feature ever: logs in /var/log!'
<acalvo> jmedina, let' see... however, one step I didn't do was adding the WINS server in the wxp machine
<jmedina> ivoks: sounds good :D
<johey> Hi!
<johey> I need to configure my ubuntu server 8.04 to act as a router. I have set it up using ipmasq and dnsmasq. It works fine with no configuration, but now I want to set up some forwarding rules. Where do I start? I don't find any useful examples out there.
<jmedina> acalvo: it is not really needed, but windows netbios resolutions works in strange forms
<acalvo> ivoks, becoming a BOFH is not easy ;)
<jmedina> more when you have a lot of "Computer Browsers" machines in your network
<jmedina> ipmasq?
<jmedina> what is that?
<jmedina> acalvo: it is good to use WINS, so you avoid a lot of broadcast
<acalvo> jmedina, hope so!
<johey> jmedina, I don't really know. Some guide from back in time told me to install it.
<jmedina> acalvo: if you use DHCP you can send wins address to clients, and also the node type
<johey> jmedina, And it actually does some routing. :)
<acalvo> jmedina, I hope to do that in the production environment
<jmedina> acalvo:
<jmedina> do you see your user and machine account with pdbedit -L
<jmedina> ?
<acalvo> yes
<jmedina> johey: well if ipmasq dont provide fort forwardgint features you need to change to something else
<jmedina> I like shorewall, probably using ufw you can do that, Im not sure
<wizardslovak> y
<johey> jmedina, It does I think, but I can't find out how. And the manual is quite thin. It seems like I should set up the rules using iptables.
<ivoks> wizardslovak: d
<ivoks> :)
<wizardslovak> sorry i forgot that i am on konv and in shell it asked for something
<johey> I know I had it working for some years ago using webmin. Is that still an option?
<johey> I think webmin used to use shorewall as a backend.
<ivoks> ! webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system. See !ebox instead.
<acalvo> jmedina, well, it seems to join the domain correctly
<acalvo> now it asks me to add a user
<wizardslovak> johey: try ebox
<acalvo> but it already exists
<wizardslovak> !ebox
<ubottu> ebox is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/eBox
<acalvo> is it fine?
<johey> Alrite! I've never heard about it. Thanks!
<wizardslovak> i just got it yesterday
<wizardslovak> pretty good tho
<ivoks> johey: ebox-project.org
<acalvo> jmedina, ignore my last comment, you've it in your how-to, and now it worked...
<ivoks> or not... :)
<dexem> ivoks: ebox-platform.com  ;)
<ivoks> ebox-platform.com
<acalvo> jmedina, so rebooting
<ivoks> hm... new buttons in google interface
<wizardslovak> johey: if you wan to intall it you need to get their web  into repos
<johey> So I can't install it using the guide in !ebox?
<wizardslovak> i think you can
<wizardslovak> i did it true repos
<jmedina> acalvo: so ?
<acalvo> jmedina, it worked, but I couldn't get to the romaing profile
<acalvo> I'm checking if there is any permissions/settings bad
<jmedina> acalvo: check the logs :D
<acalvo> jmedina, yes!!
<wizardslovak> what are osolete packages
<jmedina> acalvo: where are you from?
<acalvo> jmedina, but, why you didn't set any logon variables? like logon path, logon drive, logon home...
<acalvo> jmedina, spain :)
<jmedina> acalvo: becasuse I store that info in ldap entries
<jmedina> I dont enable them globally
<jmedina> instead in smbldap-tools config
<acalvo> jmedina, ok...
<jmedina> aand not all the users need logon drive/path
<acalvo> jmedina, aha...
<acalvo> still can't get to the profile path
<jmedina> acalvo: how is configured?
<jmedina> is the config shown in pdbedit -Lv user ?
<acalvo> yes
<acalvo> it is shown
<acalvo> and the directory exists
<wizardslovak> ok update upgraded and ebox still works ;p;p
<acalvo> but it seems to not map the user and group of the directory
<acalvo> it shows 1000 1000
<acalvo> drwx------ 2 1000 1000 4,0K 2009-05-07 19:02 acalvo
<jmedina> how is parent dir?
<acalvo> drwxrwxrwx  3 root root       4,0K 2009-05-07 19:15 profiles
<acalvo> how can i recreate the profile dir?
<mathiaz> kirkland: are you running your mythtv on jaunty?
<jmedina> and what is acalvo uid/gid?
<acalvo> uid=1008(acalvo) gid=513(Domain Users) groups=513(Domain Users)
<mathiaz> kirkland: I'm looking into bug 326768
<uvirtbot> Launchpad bug 326768 in mysql-dfsg-5.0 "mysqld_safe thinks mysqld has crashed when it hasn't" [Undecided,Confirmed] https://launchpad.net/bugs/326768
<jmedina> acalvo: any acalvo entry in /etc/passwd?
<mathiaz> kirkland: and I'm not sure if the proposed fix is a good one
<acalvo> jmedina, no...
<mathiaz> kirkland: do you have issue when booting the mythtv backend?
<jmedina> who is 1000 uid?
<jmedina> acalvo: could you plase pastebin pdbedit -Lv acalvo output?
<acalvo> jmedina, don't know...
<robert-b> Q: On ubuntu server 7.1, "apt-get update" previously has worked fine, but now returns errors on all packages. There is a 404 on 91.189.88.45, but I can ping that directly.
<acalvo> jmedina, http://pastebin.com/d14b1a82
<jmedina> robert-b: update your repos
<robert-b> how? or is there a doc online describing what's happened?
<kirkland> mathiaz: i'm running frontends on jaunty, no backend though
<kirkland> mathiaz: yeah, i was looking at that with superm1
<mathiaz> kirkland: where you able to reproduce it?
<kirkland> mathiaz: i don't have jaunty on a backend
<jmedina> acalvo: plase now: smbldap-usershow acalvo
<genii> robert-b: Use old-releases now that it's EOL
<acalvo> jmedina, http://pastebin.com/d3d9d8f1d (i've recreated it)
<hggdh> robert-b, please see https://wiki.ubuntu.com/Releases
<jmedina> acalvo: Im not sure if profile dir already existed, could you try to remove the profile dir and logout/login again, so it is automatically created
<acalvo> jmedina, so, if I log off from win xp and log in againt, it should recreate the dir?
<jmedina> acalvo: yeap
<acalvo> I've tried removing the user, deleting the dir, relogin...
<acalvo> and it is not working
<jmedina> acalvo: plase relogin to check new permisions
<acalvo> moreover, now it gets the correct group (Domain Users) but it shows the id number for the user
<acalvo> drwx------ 2 acalvo Domain Users 4,0K 2009-05-07 19:15 acalvo
<acalvo> ups
<acalvo> not now
<acalvo> ok, relogin'
<jmedina> acalvo: for roaming profiles with osers with more than 2 GB files you should consider Folder Redirection
<jmedina> that will imporove login times
<acalvo> jmedina, ok, I'll try to set up later
<acalvo> once I get the test system and the wxp test machine working
<acalvo> weird, it does not get my profile, but I can reach it thru \\servername\profiles\user
<acalvo> I don't get it
<acalvo> it recreates the dir successfully
<acalvo> but it says it can not access it
<acalvo> jmedina, if I try to join the domain from the ubuntu machine using net rpc join -U user, it says   could not open domain: NT_STATUS_ACCESS_DENIED
<acalvo> uf, gotta go
<acalvo> hope to catch you tomorrow here!
<acalvo> :)
<jmedina> ok
<acalvo> thanks a lot jmedina
<Scrye> is the quagga maintainer here? ipv6 bgp md5 does not work
<genii> robert-b: Please do not message me, I assist in public channel only. I mean by "use old-releases"   is that 7.10 is now out of support. When this happens, the repositories are frozen and moved to old-releases.ubuntu.com    so this is what you require to put for and release which you are still using past it's End Of Life
<robert-b> genii: so I add that to /etc/apt/sources.list , correct?
<genii> robert-b: Rather than add it... you replace whatever says something like:  gb.archive.ubuntu.com           with it
<genii> But otherwise, yes
<robert-b> genii: yes, I see it, for me is us.archive.ubuntu.com
<robert-b> genii: there are about 19 or 20 repositories in this file, none of them seem to work anymore
<genii> robert-b: Gutsy (7.10) is past it's End-Of-Life
<genii> robert-b: All repositories which began with us.archive.ubuntu.com    will no longer work for it. Only for releases which are still currently being supported
<robert-b> genii: my goal was to perform a distribution upgrade, am I doing the right thing here?
<genii> robert-b: If you put the old-releases repos, then follow the upgrade method outlined for 7.10 to 8.04 on the ubuntu upgrade page, you should be fine.
<genii> robert-b: See https://help.ubuntu.com/community/HardyUpgrades#Network%20Upgrade%20for%20Ubuntu%20Servers%20(Recommended)   for the 7.10->8.04 on servers
<robert-b> genii: ok, I see that. Is the correct syntax  "deb http://old-releases.ubuntu.com/ gutsy"
<genii> robert-b: Yes
<robert-b> genii: do I add anything after that, such as universe, main, multiverse and so on?
<genii> robert-b: I'm not sure if all former repositories are included when it becomes archived. Probably most of them, though. If you add all and then can't fetch package list for some, comment those out (would be my suggestion)
<robert-b> genii: ok. The only one that confuses me is gutsy-updates
<robert-b> genii: upgrades are going to be incremental? Step through each version one at a time?
<genii> robert-b: The usual thing is Long-Term-Support versions can go to next Long-Term-Support version. But otherwise, yes, incrementally
<robert-b> genii: ok, thanks.
<philsturgeon> hey, can i preview virtualmin websites? on cPanel I can access sites via http://domain.com/~user
<jmedina> virtualmin?
<philsturgeon> virtualmin is to WHM what webmin is to cPanel
<philsturgeon> virtual host management, etc
<jmedina> well I really dont know webmin
<jmedina> I know whm/cpanel
<jmedina> with cpanel documentroot is /home/user/public_html
<jmedina> so you need virtualmin use same path if you want to preview with /~user/
<philsturgeon> it uses the same path
<jmedina> and of course you need to enable and setup userdir module
<philsturgeon> i assume its rewrite trickery
<philsturgeon> ahh
<philsturgeon> jmedina: when trying to enable this apache complains about my lack of tld server name then says it cant bind to 0.0.0.0:80
<jmedina> philsturgeon: is that the error or what you think it says?
<philsturgeon> the error
<jmedina> mmm
<jmedina> I dont think apache gives such a error
<philsturgeon> ahh no worries I got it in the end
<philsturgeon> thanks for pointing me to userdir
<genii> Usually it says something like can't determine hostname, using 127.0.01     or so on
<danielsan474> idea for server team: why don't add pentaho bi suite (community edition) on ppa or other repository?
<jmedina> danielsan474: you can start contributing packaging it
<jmedina> danielsan474: use lanchpad, how is called "blue prints"?
<danielsan474> jmedina, thank you.
<danielsan474> I'll post or try to do a blue print request for that
<drbobb> hello, do you guys think a 32bit and 64bit install of ubuntu on the same machine could share a single /boot partition?
<_ruben> never tried, but might very well be possible
<drbobb> oops probably not. the kernel and initrd files don't include the arch in their filenames, so I guess the names would clash
<drbobb> that's too bad really
<jmedina> I would install a 64bit OS with virtualization support
<jmedina> then run a 32bit virtualized ubuntu
<jmedina> you get mixed enviroments without rebooting
<Gargoyle> evenin all
<drbobb> well never mind, actually I probably need to reinstall on my laptop because of package breakage I haven't found a way to fix, so I'd take the opportunity to switch to 64bits
<drbobb> I have my / and /home on separate logical volumes, so it's not too painful an operation
<drbobb> something weird happened to my scrollkeeper package: scrollkeeper-update called from postinstall scripts started segfaulting, preventing me from installing any further gnome packages
<drbobb> i tried purging and reinstalling scrollkeeper, but that didn't help, now the package refuses to be configured and spits out a weird error
<ScottK> drbobb: #ubuntu is the channel for desktop support.
<drbobb> ScottK: I know, but when I was there nobody seemed to know what I was talking about
<ScottK> Well that doesn't magically make it on topic for here.
<drbobb> ScottK: feel free to ignore my ranting then
<drbobb> but for the unlikely case that someone here might be able to make sense out of it, the error message is:
<drbobb> I/O error : Attempt to load network entity http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd
<uvirtbot> New bug: #373406 in krb5 (main) "Sync krb5 1.7dfsg~beta1-3 (main) from Debian unstable (main)." [Wishlist,Confirmed] https://launchpad.net/bugs/373406
<mathiaz> kirkland: byobu - nice... :)
<kirkland> mathiaz: :-)  welcome back
<kirkland> mathiaz: you already knew this word from your vast travels around the Orient?
<mathiaz> kirkland: actually no - :)
<mathiaz> kirkland: I haven't made my way to Japan...
<mathiaz> kirkland: ... yet
<mathiaz> soren: server-karmic-automated-kvm-testing - is this targeting kvm itself or any server related packages?
<mathiaz> soren: ie testing of the kvm package or using kvm to automate package testing?
<ZipmaO> Hi
<ZipmaO> I want to find out why my server was restarted
<ZipmaO> just run a $cat syslog | grep reboot
<ZipmaO> found out the time the server was started again with that
<ZipmaO> but just before that point of time there is no trace of a shutdown command in the syslog
<ZipmaO> does this explicity tell me that the power was cut?
<cemc> ZipmaO: it would be a good probable cause... problems with the power, or a hard reset or something
<soren> mathiaz: KVM itself.
<ZipmaO> ok cemec
<soren> mathiaz: I see how I should have made that clearer. :)
<ZipmaO> Nice, think I remember your name from this channel BTW
<ZipmaO> There is no trace of a explicit shutdown command from user, process or cron job.. guess I'll go for that as an answer
<stickystyle> ZipmaO:  is it hot in the server room? perhaps a thermal shutdown?
<mathiaz> soren: great - it doesn't cover the same ideas as server-karmic-automate-pkg-testing-in-the-cloud
<stickystyle> maybe a busted fan
<ZipmaO> Nah, no thermal problem
<soren> mathiaz: Nope.
<ZipmaO> I's hosted at a firends apartment, I'll ask him if they've had any power problems
<ZipmaO> However, I know that it probably not is software-related
<ZipmaO> thank's for the answers
<mathiaz> kees: wiki.ubuntu.com doesn't list dapper as being a supported release
<mathiaz> kees: until when is dapper supported?
<kirkland> mathiaz: dapper is no longer supported on the desktop
<kirkland> mathiaz: server it still is though
<kirkland> mathiaz: at least that's my understanding
<ajmitch> kirkland: wouldn't dapper be supported on the desktop for another month or so?
<kirkland> ajmitch: ah, i guess you're right ... 6.06
<kirkland> ajmitch: the 06 got me
<ajmitch> yeah, the 6 week delay, though it still means another 2 years & a month of server support
<ajmitch> so for the next LTS, will there be an easy way for server admins to see what is supported for 3 years vs 5?
 * ajmitch isn't sure if it's done on a strict package by package basis or not
<z33> I need some help with installing postfix on ubuntu 8.10 i have been following the guide on ubuntu help but i am having issues, can someone please help me?
<ScottK> ajmitch: The other interesting case is that for Hardy, Ubuntu desktop is LTS, but Kubuntu is not.
 * ScottK is curious about what's supported on that after October.
<lamont> ajmitch: I've generally gone with the wag of ubuntu-desktop? 3 yrs.  ubuntu-standard? 5 yrs.  neither but still in main? hrm... good question
<ajmitch> lamont: it's not something I need to worry about too much at the moment, but others will
<lamont> yeah
<lamont> and my version is nothing like canon
 * ajmitch is still mostly running debian on servers 
<stickystyle> Things that are supported after oct for 6.06 server: http://people.ubuntu.com/~ubuntu-archive/seeds/ubuntu-server.dapper/server
<stickystyle> from https://lists.ubuntu.com/archives/ubuntu-server/2007-July/000541.html
<uvirtbot> New bug: #372737 in samba (main) "Samba Chokes  Randomly " [Undecided,Incomplete] https://launchpad.net/bugs/372737
#ubuntu-server 2009-05-08
<pwnguin> does anyone know WHY stunnel is off by default?
<kees> mathiaz: there will be a meeting at UDS to pin down the final list of packages that go EOL in June.
<pwnguin> * Added /etc/default/stunnel with a variable ENABLE.
<pwnguin>     ENABLE=0 by default since stunnel segv on some computer when all lines
<pwnguin>     are commented (Closes: #197663, #197615)
<pwnguin> kees: any security reason why I stunnel might not run by default?
<pwnguin> s/I//
<kees> pwnguin: errrm, dunno, I haven't used it much.
<pwnguin> well, i guess i'll file a bug and see who calls me an idiot
<kees> heh
<pwnguin> its handy for encrypting stuff like synergy
 * kees nods
<pwnguin> otherwise you're just broadcasting root passwords over the network; probably not a great idea
<kees> I always just used SSH for synergy
<pwnguin> ?
<pwnguin> i guess it's not quite the same
<kees> ssh -L something:localhost:synergy-port synergy-host
<kees> then connected synergy to port something
<pwnguin> well, stunnel seemed easier for windows
<pwnguin> anyways, bug filling time, then i leave work
<NativeAngels> can u tell me if xen server works in ubuntu server 9.04
<foxbuntu> NativeAngels, you will likely want to look here: https://help.ubuntu.com/community/Xen
<NativeAngels> ok
<NativeAngels> but will it work on 9.04 foxbuntu
<foxbuntu> NativeAngels, afaik
<NativeAngels> ?
<foxbuntu> NativeAngels, as far as I know
<NativeAngels> i get a perl error when i run xm create
<foxbuntu> NativeAngels, poastebin the error
<foxbuntu> pastebin*
<NativeAngels> http://paste.ubuntu.com/166418/
<foxbuntu> NativeAngels, thought you said perl error?
<NativeAngels> sorry
<NativeAngels> python
<NativeAngels> how do i fix it
<foxbuntu> NativeAngels, sudo apt-update && sudo apt-cache policy python | pastebininit
<foxbuntu> then give me that url
<foxbuntu> sorry typo in that
<foxbuntu> NativeAngels, sudo apt-update && sudo apt-cache policy python | pastebinit
<foxbuntu> ugh
<foxbuntu> Im on a roll tonight
<foxbuntu> NativeAngels, sudo apt-get update && sudo apt-cache policy python | pastebinit
<NativeAngels> http://paste.ubuntu.com/166421/
<foxbuntu> NativeAngels, yea, as I suspected
<NativeAngels> whats wrong
<foxbuntu> python version
<foxbuntu> you have 2.6 (which is default is 9.04) but xm is referencing 2.5
<NativeAngels> how do i fix
<foxbuntu> you likely have a bug to report on xen, but in the mean time you can probably do this:
<foxbuntu> sudo apt-get install python2.5
<NativeAngels> do i re run the xm create now ?
<foxbuntu> yeah...go ahead and try it
<NativeAngels> this is what i got foxbuntu
<NativeAngels> http://paste.ubuntu.com/166426/
<foxbuntu> NativeAngels, did you sudo xm?
<NativeAngels> no
<foxbuntu> try it with sudo
<NativeAngels> i got exactly the same result
<foxbuntu> ok
<foxbuntu> sudo apt-get install python-xen-3.3
<NativeAngels> it says already newest version
<foxbuntu> ok
<foxbuntu> sudo apt-get install --reinstall python-xen-3.3
<NativeAngels> ok done foxbuntu
<foxbuntu> retry it now
<NativeAngels> same error as b4
<foxbuntu> hrm
<foxbuntu> alright
<NativeAngels> what do i do now
<foxbuntu> NativeAngels, uname -r
<NativeAngels> 2.6.28-11-server
<foxbuntu> ah
<foxbuntu> your booted into the wrong kernel
<durt> hey guys, does the server use sysvinit or upstart?
<foxbuntu> NativeAngels, go through all o these steps exactly to ensure you are using the proper things: https://help.ubuntu.com/community/Xen#Install%20from%20packages%20(recommended)
<hackeron> hey, has anyone managed to get mod_xsendfile for apache working on jaunty? - anyone have a repository or package for it?
<NativeAngels> someone said to user 8.04lts
<foxbuntu> NativeAngels, what?
<NativeAngels> of ubuntu as it works on there
<NativeAngels> xen i mean
<foxbuntu> NativeAngels, I would go through the documentation step by step again to make sure you set it up exactly as it is documented to work
<foxbuntu> NativeAngels, xen has its own kernel, it doesnt run on top of the normal server kernel
<storrgie> anyone know how to setup openssh to use arcfour?
<twb> What is arcfour?
<storrgie> twb: http://www.psc.edu/networking/projects/hpn-ssh/theory.php
<storrgie> im not exactly sure
<twb> Oh, RC4.
<storrgie> ?
<storrgie> you know this?
<twb> -o Cipher=foo, where foo is whatever OpenSSH calls RC4.
<twb> That assumes OpenSSH ships with RC4 support built in.
<twb> You can also set that in your ~/.ssh/config (per user) or /etc/ssh/ssh_config (per host).
<storrgie> twb: not exactly sure what you mean by that
<storrgie> ahh can I?
<storrgie> sshd config?
<storrgie> its no server side?
<twb> No, it's a client-side option.
<storrgie> this is client config?
<storrgie> ahhhh
<twb> The ssh server makes a number of ciphers available, and the client picks the one it prefers.
<storrgie> whats the line in the client config
<twb> So in theory I suppose you could instruct the server to ONLY provide RC4.
<storrgie> so im running ubuntu 8.10 with openssh, arcfour available?
<twb> I don't know.
<storrgie> how would I try it?
<twb> This works: ssh -c arcfour fs pwd
<storrgie> fs pwd?
<uvirtbot> New bug: #373513 in mysql-dfsg-5.0 (main) "mysql fails to install" [Undecided,New] https://launchpad.net/bugs/373513
<twb> fs is my file server's hostname.  pwd is a command to run on it.
<twb> Another example would be "ssh -c arcfour mail.google.com -t mutt"
<storrgie> twb: PM
<storrgie> ssh -c arcfour -p 11011 -X -L 3306:127.0.0.1:3306 user@host
<storrgie> ?
<storrgie> it seems to work
<storrgie> i can connect, however Im not sure how to check
<storrgie> I would like to specify this in the ssh_config
<storrgie> ciphers
<storrgie> is there a good program to do visual scp?
<giovani> storrgie: GUIs aren't supported here
<storrgie> pwaaahaha
<storrgie> i just didnt know if there was something that would have some ridiculous options on scp that I dont know of
<storrgie> im copying massive data over ssh
<storrgie> like
<giovani> man scp ... it's amazing
<storrgie> i would like to do 25-50 GiB a day
<giovani> don't use scp
<storrgie> what do you suggest?
<benc1> I'm trying to create a boot script and getting:  warning: /etc/init.d/./ejabberd missing LSB information
<benc1> this is the boot script: http://dpaste.com/41995/
<benc1> any ideas?
<giovani> storrgie: depends on the situation, explain more about it
<storrgie> giovani: its a box in another country, 100m connection... A group of individuals generating lots of data, would like to pull down a subset of that data for daily examination
<storrgie> ive been just sshing in to look around
<storrgie> but I would like to mirror some myself
<giovani> storrgie: the data is entirely new every day?
<storrgie> typically, otherwise I would use git
<storrgie> i like git :D
<foxbuntu> storrgie, sounds like a good se case for rsync
<storrgie> is that encry?
<giovani> uh, version control is not appropriate for this
<giovani> rsync is a file transfer mechanism
<storrgie> if it was incrememntal changes... then yes
<giovani> encrypt it if you like
<giovani> how much of the data changes from day to day?
<storrgie> with ssh?
<giovani> 1%? 10%? 100%?
<giovani> no, with ssl
<storrgie> um
<storrgie> probably need about 10G a day to be really happy
<giovani> why would you use a shell for basic encryption?
<storrgie> on heavy days
<giovani> you're not answering the question
<giovani> <giovani> how much of the data changes from day to day?
<storrgie> im giving you a file size
<storrgie> it changes daily
<storrgie> i would need a subset
<storrgie> probably around 10 GiB
<giovani> ok ... once again
<giovani> not file size
<storrgie> 100%
<giovani> ok
<giovani> so use sftp or something
<storrgie> concerns about security... is that ok to use? everyone I hear says stay away from ftp
<giovani> sftp uses ssh
<giovani> ftp is just a protocol
<storrgie> ah, but then why not just use ssh transfer
<giovani> it can be encrypted just like any other
<giovani> it's better at some things
<giovani> scp is better at other things
<giovani> it depends on your needs
<giovani> anyway, if you'd like to use scp -- go ahead
<foxbuntu> im not sure how rsync is a bad idea, have a cron script run each day to sync up the new and remove the old from the local machine, same thing we do for mirrors at Mythbuntu
<storrgie> think sftp would be faster for the massive amount of data we are using
<giovani> foxbuntu: nobody said it was a bad idea -- but if there's a 100% change rate ... you're not gaining anything by using it
<twb> Both SFTP and (typically) rsync use SSH as the encryption layer.
<foxbuntu> giovani, no, not really but he was asking for a simple way to sync data each day
<giovani> foxbuntu: sure ... why is rsync more simple than scp or sftp?
<storrgie> foxbuntu: it will be fine to manually select data
<twb> If the majority of data is unchanged, rsync will DEFINITELY be more wire-efficient than a pure SFTP/SCP copy.
<storrgie> are there any advantages to sftp over scp
<giovani> twb: yes, we know, but we've already established that 100% of the data changes ... so, let's move past this
<twb> rsync will ALWAYS require more CPU and I/O time on both ends than a raw SFTP/SCP, but usually this extra cost is negligible.
<giovani> storrgie: yes, a number
<twb> giovani: OK, sorry, I hadn't read back that far.
<storrgie> because im currently scp'ing and with sftp i will need to install something new, have another service, have more ports open etc.
<giovani> storrgie: no ... no ports open, sftp uses ssh
<twb> If your data changes completely every day, I would advocate using scp -r with compression turned on.
<storrgie> ahh im listening
<twb> Both scp and sftp are enabled by default when you install openssh-server on Ubuntu, though the latter, at least, can be turned off.
<storrgie> ahh
<twb> Note that SFTP doesn't really have anything to do with FTP or FTP/SSL.
<storrgie> apparently sorry, one of the others is using sftp
<storrgie> just using the places>connect to server in ubuntu desktop
<storrgie> same transfer rate
<storrgie> I think the major issue is my ATT DSL to the box
<storrgie> something is really slowing it down
<twb> Try enabling -o BatchMode=yes in your scp/sftp invocation.
<storrgie> Another guy is on comcast gets 1.2m from the box at all times, we ATT people are getting 120K
<twb> storrgie: change provider, then.
<storrgie> well can I run something to jump through the hops and tell me where the issue is?
<twb> storrgie: you want to isolate the network latency?
<twb> storrgie: try mtr-tiny.
<storrgie> mtr-tiny <destination>?
<twb> Yes.
<foxbuntu> storrgie, are you att people all on the same connectionnNNN?
<twb> foxbuntu: NNNN?
<foxbuntu> ugh there goes the keybord misfire again
<twb> Heh.
<foxbuntu> crazy arse keyboard I have...
<storrgie> no we are on different locations around USA
<storrgie> mtr-tiny not installed
<storrgie> isnt mtr installed by default
<foxbuntu> storrgie, what is your DSL down stream vs his cable down stream?
<storrgie> 600k vs whatever comcast is
<storrgie> with their speedboost and all that
<foxbuntu> well that explains it :
<foxbuntu> :)
<foxbuntu> your DSL is slow, not the server
<twb> Is 512kbps down normal for a US DSL line?
<foxbuntu> I think the slowest down stream comcast offers now s 5M
<twb> I'd have expected at least 1.5Mbps.
<foxbuntu> twb, in some places, yes
<twb> foxbuntu: ah, fair enough.
<storrgie> what about FISH?
<foxbuntu> FISH?
<twb> In some places, .au is still using satellite and 56kbps modems :-)
<storrgie> fish://<uname>@address:port
<foxbuntu> oh for the xfer
<twb> foxbuntu: I think he's talking about gvfs protocols
 * foxbuntu got lost on the topic segway
<storrgie> im not familiar with fish?
<storrgie> should i drop that idea also?
<foxbuntu> rut oh
<foxbuntu> almost out of battery power
<foxbuntu> brb
<captainkirk> i recently changed my servers name from emerald2 to emerald, but when i login it still says root@emerald2:~#
<captainkirk> where do i need to make this change?
<p_quarles> captainkirk: sudo hostname emerald
<captainkirk> ok... seems to have worked.... thanks
<twb> p_quarles: that only changes it until you reboot.
<twb> captainkirk: in general, NEVER EVER EVER change a host's name after deployment.
<captainkirk> hmmm is that the problem here....
<twb> captainkirk: this is especially the case if you deal with LDAP.
<captainkirk> twb: no ldap here (yet)
<twb> captainkirk: for a base install with no services, you need to update /etc/hosts and /etc/hostname, and run "hostname <new name>".
<twb> But you will probaly find a large number of other places where the name is written in /etc or /var.
<twb> A way to avoid this issue is to always give a machine a unique name (e.g. "fred"), and then assign it roles (e.g. "mail" and "www") via DNS CNAME entries.
<twb> Then if you want to e.g. move the web server from fred to anne, you don't change fred's or anne's name, just the CNAME.
<captainkirk> twb: server is still in testing, so i will go ahead and make the changes to the hosts files... i understand your additional comments re DNS etc... good advice
<twb> I suggest you grep -r emerald2 /etc /var
<twb> grep -rl, maybe
<captainkirk> twb: this identified the ssh key only
<durt> hey guys, does anyone know if ubuntu server use sysvinit or upstart?
<twb> durt: upstart
<durt> second question then, anybody successfully replace upstart with sysvinit?
<twb> That is not supported.
<durt> ok, third question, anybody get bootlogging (userspace) to work with upstart?
<twb> Har har.
<twb> Assuming you're talking about bootchart-style "tell me what is making boot so damn slow" logging
<durt> no, I need a mechanism to log messages on boot that do not get logged to dmesg
<twb> You mean lines like "Starting web server... apache" ?
<durt> any message that happens before syslogd etc. starts up.
<twb> Basically there is no mechanism for that.
<twb> You could probably build one, with a little effort.
<twb> Actually, console=/tmp/foo.log might work for some of it...
<durt> with a little effort I could implement the two work-arounds but I'm being lazy :)
<durt> console logging is one of them
<durt> would that go in the boot: prompt?
<twb> Yes.
<durt> Well that sounds easy, I'll try it thanks.
<twb> I don't actually think it'll work, though :-)
<captainkirk> has anyone installed alfresoc onto ubuntu server?
<captainkirk> *alfresco
<twb> Never heard of it.
<uvirtbot> New bug: #373522 in samba (main) "samba failed in some way" [Undecided,Incomplete] https://launchpad.net/bugs/373522
<genii> I wonder if 372737 is also 373522
<captainkirk> what is the command to enter to bring up the  original installation options in ubuntu server..
<tonyyarusso> Is anyone aware of available vouchers I could use for LPI certification exams taken through Pearson VUE?
<twb> captainkirk: what installation options?
<captainkirk> twb: like, to install LAMP, or LDAP or postfix
<twb> Regarding tasksel selections, I don't know.
<twb> dpkg --get-selections will list all installed packages.
<twb> debconf-get-selections (from debconf-utils) will list all answers to questions asked via debconf.
<twb> Note that these will include automatically installed packages / answered questions.
<captainkirk> twb: tasksel is the one i was looking for
<Doble1> Hey folks, how can I see the hit/miss ratios when using webalizer to look at squid's access.log ?
<captainkirk> twb:  ... do you have a life outside of linux ...? :P
<twb> No.
<tonyyarusso> People do?
<oh_noes> Is there a script that allows me to change hostname permanently?  /foo/changehostname.sh newname ?  And it'll update nessacary files and activate it?
<oh_noes> Saves me re-inventing the wheel
<jasonmchristos> how do I create a network installable install package of ubuntu desktop, using a currently installed desktop as an example, and serve it via ubuntu 8.04 for network install?
<LinuxMercedes> Ok, so I'm running Ubuntu server on a webserver, and I recently gave a friend an account.  I added both of us to a group called webmasters, and then changed the group of all the files in the /var/www directory to webmasters.  I also changed all the permissons to 755 (I know, don't need executable, per se).  He still can't write the files.  Any ideas?
<p_quarles> LinuxMercedes: what's the output of: ls -lh /var | grep www
<LinuxMercedes> drwxrwxr-x  9 nathan webmasters 4.0K 2009-05-07 22:28 www
<LinuxMercedes> drwxrwxr-x  9 nathan webmasters 4.0K 2009-05-07 22:28 www
<LinuxMercedes> drwxrwxr-x  9 nathan webmasters 4.0K 2009-05-07 22:28 www
<LinuxMercedes> drwxrwxr-x  9 nathan webmasters 4.0K 2009-05-07 22:28 www
<LinuxMercedes> oops
<twb> p_quarles: -d is your friend.
<LinuxMercedes> only one of those
<twb> p_quarles: ls -hld /var/www/
<LinuxMercedes> I get nothing for that
<p_quarles> twb: yes, I knew there was a better way it wasn't occuring to me
<twb> LinuxMercedes: what does "id" print?
<LinuxMercedes> uid=1000(nathan) gid=1000(nathan) groups=4(adm),20(dialout),24(cdrom),25(floppy),29(audio),30(dip),44(video),46(plugdev),104(scanner),109(lpadmin),110(admin),115(sambashare),1000(nathan),1002(webmasters)
<twb> Hm.
<twb> LinuxMercedes: and you say that "ls -hld /var/www/" prints nothing?
<LinuxMercedes> Uhh..no.  Let me run that
<LinuxMercedes> It says
<LinuxMercedes> drwxrwxr-x 9 nathan webmasters 4.0K 2009-05-07 22:28 /var/www/
<p_quarles> I would try logging in as the other user and running touch /var/www/test -- then give us the error message if any
 * LinuxMercedes is not new to linux, but is new to multiple users
<LinuxMercedes> p_quarles, ok
<LinuxMercedes> no errors...
<LinuxMercedes> ok...it's working for me now.
<p_quarles> LinuxMercedes: the file is there, I take it? if so, nothing's wrong
<LinuxMercedes> yep
<LinuxMercedes> ok, it works on my side
<LinuxMercedes> Apparently there's something screwy going on on his side
<p_quarles> so, what's different about the way the other person was attempting to write to this directory?
<LinuxMercedes> or maybe there's pebkac
<LinuxMercedes> I'm not sure
<p_quarles> that's my first guess :)
<LinuxMercedes> yeah
<LinuxMercedes> Well, I'll give him the benefit of the doubt because he said he was really tired =]
<LinuxMercedes> Thanks for helping the newb out here =]
<wizardslovak> whats up people
<foxbuntu> wizardslovak, the sky?
<wizardslovak> dark here lol
<foxbuntu> does that mean the sky is no longer up?
<wizardslovak> lol forgot not everybody here is from place like me hihi
<wizardslovak> yep , 1am
<wizardslovak> so how are you
<foxbuntu> tired
<foxbuntu> things are not getting accomplished :(
<wizardslovak> lol personal or linux oriented
<genii> I wonder if there's any distinction there for him, actually
<wizardslovak> hehee
<genii> foxbuntu: Or her, if you are of the female persuasion
<wizardslovak> damn tomorrow i gotta format my laptop
<foxbuntu> genii, not a chick sorry
<wizardslovak> i decided to use kubuntu only
<wizardslovak> lol horny genii
<foxbuntu> genii, also, there is not a distinction...
<wizardslovak> i just logged into server
<wizardslovak> and i see restart required
<foxbuntu> wizardslovak, sounds like you grabbed a kernel update
<genii> wizardslovak: I'm a eunuch
<foxbuntu> heh
<wizardslovak> hehe
<foxbuntu> genii, Im a programmer by my own definition
<foxbuntu> genii, http://wiki.foxmediasystems.com
<wizardslovak> uuuuuuuuu
 * genii makes more coffee
<wizardslovak> genii: 2 sugars and little bit milk thx
<genii> wizardslovak: After I make it, it's "help yourself"
<twb> Ew, milk or sugar in coffee is Wrong
<foxbuntu> genii, i prefer red bull thx
<genii> twb: I agree. I don't like polluting my coffee
<wizardslovak> hmmm
 * genii digs up a Red Bull for foxbuntu
<wizardslovak> then double expresso shot ;p;p
<wizardslovak> how to check if everything works in server?
<foxbuntu> wizardslovak, use it?
 * foxbuntu is a smart ass
<wizardslovak> yea i updated from 8.10 to 9.04
<wizardslovak> just want to check if everything works
<foxbuntu> usually the easiest way is to just check all your services
<foxbuntu> as in...
<foxbuntu> try it
<wizardslovak> well webserver works
<foxbuntu> if you run a web server, try hitting the page
<foxbuntu> ect
<foxbuntu> ect
<foxbuntu> ect
<wizardslovak> ok ok ok
<foxbuntu> heh
<wizardslovak> what about see what programs are running
<foxbuntu> ps ax
<wizardslovak> foxbuntu , u're sysadmin?
<foxbuntu> wizardslovak, yup
<wizardslovak> can i ask you a question?
<foxbuntu> is it on topic fo the channel?
<wizardslovak> well kinda
<wizardslovak> how do you become sysadmin?
<foxbuntu> wizardslovak, thats not on topic...if you want to chat, join #foxmediasystems
<twb> wizardslovak: you become a sysadmin by getting REALLY drunk, and waking up chained to a rack
<wizardslovak> lol
<foxbuntu> twb, don't give away all of our secrets
<wizardslovak> weird is i never got drunk in server room
<twb> And since it's your first position, the rack probably won't even contain rackmount gear
<foxbuntu> lol
<wizardslovak> hmmm
<twb> whitebox towers with razor-sharp edges that DEMAND BLOOD
<wizardslovak> lol
<wizardslovak> take glowes
<tonyyarusso> twb: Good description....
<genii> wizardslovak: I doubt they'd let you bring a bottle into most of the data centers I've seen.
 * tonyyarusso just installed his first rackmount gear in his bedroom - is giddy
<genii> tonyyarusso: Hehehe
<wizardslovak> lol i used to do power lines for couple server rooms
<wizardslovak> just amazing to be in there
<foxbuntu> wizardslovak, I have been in some impressive data centers before
<twb> tonyyarusso: I once knew a girl who had most of a PDP in her basement
<wizardslovak> lol  my bedroom is my server room
<genii> twb: PDP-9? 11?
<twb> I don't know
<wizardslovak> what are you people using for backup?
<twb> wishful thinking
<twb> Or in production, rsync with Solaris/ZFS (new) and rsnapshot (legacy).
<wizardslovak> amanda
<tonyyarusso> wizardslovak: Attempting to use Bacula.  That thing's crazy complicated to configure though.
<wizardslovak> well i am reading about backups
<tonyyarusso> Step one:  "You need them."  ;)
<wizardslovak> i would love to have something what will backup every other day ,and replacing old file with new one
<wizardslovak> something "configure and forget"
<tonyyarusso> Trust me, that's not actually the configuration you want.
<tonyyarusso> Inevitably someone will say "Hey, turns out I messed up $file three days ago.  Can you give me the backup please?"
<tonyyarusso> To which you'll have to respond that all you have is a backup of the broken version.
<wizardslovak> well what would be good config?
<tonyyarusso> You need at least two copies in rotation (ie Day 1 - make copy A.  Day 2 - make copy B.  Day 3 - make copy C, delete copy A).  How many exactly and the timing of them depends on your local needs.
<tonyyarusso> In our setup there are different rotation schemes for different directories, since some things change much more rapidly than others.
<tonyyarusso> The best way to do it is to sit down with all of your users and find out how they are using files, and what their recovery needs would be.
<twb> I hate rotating tapes
 * tonyyarusso doesn't use tape anymore
<twb> That's why I have an offsite RAID 5 array, which stores each incremental backup by using ZFS/hard links
<tonyyarusso> Everything just goes on a TB HDD.  Ideally we should have a more redundant solution, but that's the budget for this quarter.
<twb> tonyyarusso: ouch
<twb> tonyyarusso: you should at least get RAID1
<tonyyarusso> twb: It's a five-man business, so everything's pretty tiny so far.
<tonyyarusso> Up until a few months ago there were no backups.  Baby steps.  :)
<wizardslovak> can i well can i use usb attached hda?
<tonyyarusso> wizardslovak: sure.
<tonyyarusso> Ours is at least eSATA, for speed, but USB would work just as well.
<wizardslovak> well thats just for study purposses for now
<wizardslovak> so even dvd will  be fine
<wizardslovak> what software do you use?
<tonyyarusso> scrollback is your friend.
<tonyyarusso> I even highlighted you!
<wizardslovak> bacula
<wizardslovak> sorry
<genii> tonyyarusso: Making everyone work tonight, eh? ;)
<tonyyarusso> you betcha
<wizardslovak> what do  you use BAT or BWEN
<wizardslovak> BWEB
<twb> Isn't amanda/bacula kind of overkill for a five-man 1Ã1TB backup?
<ajmitch> may as well start off doing it right
<tonyyarusso> twb: Very much so, but I was advised to learn the real way now so I don't have to later.
<tonyyarusso> Possibly by ajmitch :P
<ajmitch> unlikely
<ajmitch> upload all your private data to an anonymous ftp server, I say ;)
<genii> tonyyarusso: We had a cute script one of the old guys wrote, at each login of a user it cached the ~ and at logout did a compare between actual and cached, backing up any differences. Worked pretty good
<ajmitch> genii: sounds like it could be slow for large home directories
<ajmitch> much like NT's roaming profiles mess
<genii> ajmitch: At that time we limited them to 2Mb. Nowadays we took quotas off
<wizardslovak> is it possible to set for bacula to send backed file to other computer?
<arvind_khadri> ï»¿hi, if i wanted to make the login based on domain, do i have to change workgroup to domain in ldap.conf ???
<tonyyarusso> yes
<tonyyarusso> wizardslovak: Bacula is a multi-level client-server setup.
<wizardslovak> i mean instead of ,burning on cd/hda , send file over LAN to other computer
<tonyyarusso> Yeah, so do I.
<tonyyarusso> Soon we'll be setting it up to back up files from a client computer in Connecticut onto our server here in Minnesota.
<arvind_khadri> tonyyarusso: ï»¿hi, if i wanted to make the login based on domain, do i have to change workgroup to domain in ldap.conf ???
<tonyyarusso> Don't know LDAP yet.
<NativeAngels> has anyone here got xen working on ubuntu 9.04 server ed
<plaes> hey.. I have trouble with iscsi client :P
<plaes> basically iscsi stuff gets started before networking is up :(
<plaes> how can I change the order of the services and set iscsi stuff depending on the networking?
<jpds> plaes: Not sure how to do it myself, but I think "man update-rc.d" is what you're looking for.
<soren> plaes: You need to get open-iscsi to start after rcS.d/S40networking.
<soren> plaes: Are you using iscsi to access /usr or / or similar core parts of your filesystem?
<kinnaz> with what command i can see what proccess has opened smt at some partition
<jpds> kinnaz: lsof | grep /path/to/partition
<kinnaz> jpds, tnx
<plaes> soren: /
<jpds> kinnaz: Might have to run it as root to see certain stuff tho.
<soren> plaes: Then you're screwed.
<plaes> it works manually... :)
<soren> How?
<plaes> soren: sorry for delays, I'm relaying for the friend who cannot use IRC :(
<plaes> ugh.. it get's mounted under /iscsi
<soren> "it"?
<plaes> ugh.. dunno, the guy has something messed up..
<plaes> soren: it was basically bug 227848 :(
<uvirtbot> Launchpad bug 227848 in open-iscsi "boot order wrong for iscsi" [High,In progress] https://launchpad.net/bugs/227848
<soren> Not if he's trying to mount / using iscsi.
<soren> Then he's got an entirely different set of problems.
<plaes> he tried to well, this was miscommunication
<plaes> it goes under /iscsi
<plaes> hrm..
<plaes> not / but /iscsi
<kinnaz> has anyone encountered error wxport not found while sudo-ing
<kinnaz> strange thing is i dont have any xorg installed and it seems to be related to xorg
<soren> What's the exact error message?
<soren> and the exact command line you're executing?
<NativeAngels> whats the best free hosting panel
<thefish> anyone here managed to use unionfs to create a mirror?ie two writeable branches that are *both* written to on each write.
<twb> thefish: no.  That is not what unionfs does.
<twb> thefish: if you want that, you need to write a different fuse driver.  But using RAID1 would be far easier.
<thefish> twb: it needs to be per directory, i dont have the option to use volumes
<thefish> what fuse driver?
<twb> unionfs is a fuse driver
<thefish> and what "other" fuse driver would you recommend
<twb> You would have to write one.
<thefish> haha
<twb> It's not hard, provided you know C.
<thefish> and you have time
<twb> It'd only be about 100 lines long.
<thefish> of course
<twb> Sorry, 500 lines
<twb> thefish: alternatively, you can pay someone to write it
<twb> thefish: but AFAIK there is currently no way to do dir-level mirroring.
<thefish> cool, cheers
<kinnaz> does ubuntu 8.10 have ext4 support ?
<kinnaz> *9 even
<jpds> 9.04 has ext4 support.
<kinnaz> okey
<kinnaz> just looking at some tests, seems to give nice benefit with write speeds
<Kamping_Kaiser> kinnaz, make sure your box doesnt hard shut down for any reason though
<kinnaz> its "weak" like reiser ?
<Kamping_Kaiser> it holds its buffers longer between writes (iirc 15 seconds), so you may wind up with 0 length files
<Kamping_Kaiser> there a bug on launchpad if your interested enough ;)
<Kamping_Kaiser> ubottu, ext4
<ubottu> Sorry, I don't know anything about ext4
<Kamping_Kaiser> ubottu, your a useless bot :(
<ubottu> Error: I am only a bot, please don't think I'm intelligent :)
<Kamping_Kaiser> ubottu, ext4 is a recently released filesystem, available in Ubuntu 9.04. Be careful to keep your power running though: https://bugs.launchpad.net/bugs/317781
<uvirtbot> Launchpad bug 317781 in linux "Ext4 data loss" [High,Fix released]
<jpds> Kamping_Kaiser: Yeah, but, that's been fied?
<jpds> fixed*
<Kamping_Kaiser> jpds, if you've got an updated kernel, yeah. kernels probably been in the archive long enough to assume people have it i guess, but its still worth a warning imo
<Kamping_Kaiser> jpds, in my mind ext4 still needs the 'new fs' warning flag anyway ;)
<simplexio> who runs server without ups  ?
<Kamping_Kaiser> simplexio, people on a budget, or who havent thought about it hard.
 * Kamping_Kaiser only just got his servers onto ups
<simplexio> well if you dont have ups, then you shold use fs that dosent cache writes, or just disable them. assuming that you need system which dosnt loose data
<simplexio> but agree, for some budget home server ups is needed, is recommended
<simplexio> and if you dont happen to have ups, its much better use ext2/ext3 than ext4 or xfs. no experince from other fs
<benc> I have a boot script that workes on 8.10 but doesn't work on Jaunty http://dpaste.com/42109/
<benc> any ideas?
<jpds> Why does it not work?
<benc> when I run sudo update-rc.d /etc/init.d/ejabberd defaults 30
<benc> I get a warning. something about lsb
<benc> and the server is not started on boot
<Kamping_Kaiser> whats the exact error, what exactly did you expect?
<benc> Kamping_Kaiser: I'll run it now and paste the error. a sec
 * Kamping_Kaiser wonders if you could be a bit more vague and hand-wavy about asking for help :\
<Kamping_Kaiser> cheers
<benc> you are right. sorry
<benc> this is the warning http://dpaste.com/42112/
<jpds> Might not be the problem but you have four '#'s for begin instead of three :)
<benc> jpds: where?
<benc> jpds: ok. deleting one
<jpds> Line 5: #### BEGIN INIT INFO
<Kamping_Kaiser> jpds, its a comment
<Kamping_Kaiser> benc, did you see the wiki page?
<jpds> Kamping_Kaiser: $lsbinfo{'found'} = 1 if (m/^\#\#\# BEGIN INIT INFO$/);
<benc> jpds: now I don't get the warning but it gives me help as if it didn't perform anything: http://dpaste.com/42114/
<Kamping_Kaiser> jpds, where did you see that? :o
<Kamping_Kaiser> ah, theres the 2nd paste
<jpds> benc: Try: defaults
<benc> Kamping_Kaiser: yes but can't understand
<jpds> Kamping_Kaiser: /usr/sbin/update-rc.d
<benc> jpds: :)
<benc> jpds: thanks
<jpds> No problem at all.
<Kamping_Kaiser> jpds, {invoke,update}-rc.d ftw
<jpds> Kamping_Kaiser: Absolutely.
<benc> are you still talking about my script? do I have more errors?
<Kamping_Kaiser> benc, I'm supprised theres no ejabberd init script shipped
<benc> Kamping_Kaiser: there is with the package but I had to build from source
<benc> Kamping_Kaiser: and the directory structure when installing from source and from a package are different
<soren> benc: There used to in Hardy, that's for sure. If it went missing, that's probably a bug.
<benc> soren: there is a boot script in the package. but I'm building from source
<benc> soren: I couldn't just copy the boot script from the package because the directory stucture is different
<soren> benc: http://packages.ubuntu.com/karmic/amd64/ejabberd/filelist
<soren> benc: ...very clearly shows it.
<soren> ah
<romme> is it possible to hide users from each other?
<romme> i want it be difficult to discover who else is using my system for regular users
<Kamping_Kaiser> yes, but i cant tell you how
<Hecate> i'd rather say, it's damn near impossible, unless you want to spend hours over hours.
<Hecate> there are a lot of different ways of figurting out, who's using the system, which are all accessible for non-root users.
<Hecate> the only "proper" solution i can think of, would be restricting access to proc- and sys-fs and various system calls.
<Hecate> but this would severely curtail a users freedom, or even make the system unusable.
<Hecate> (just an educated guess, though)
<Hecate> romme, i'm quite certain there is no perfect solution to this problem. how difficult do you want it to be, though?
<romme> Hecate: at least i don't want him to be able to list contents of /home
<romme> at least one problematic user
<romme> i have a bad "policical" situation in which one particular user shouldn't know another user is hosted here
<Hecate> does that user have shell access?
<romme> yes
<Hecate> that makes it quite difficult.
<Hecate> one cannot just change the DAC permissions on /home, since you need read access to the parent folders, to have access to the subfolders, as well.
<romme> hmmph
<romme> i think i fould a "solution"
<Hecate> selinux/apparmor?
<romme> i can try moving the problematic user ouf of /home into /
<Hecate> worth a shot.
<Hecate> you'd still need to use ACLs to specifically deny that very user access to /home
<romme> it all woudn't happen if i didn't share a server with my girlfriend
 * romme reads mans on Access Control Lists
<Hecate> so i assume, the access-restrictions should be as stealth as possible, too, in order not to offend her ...
<Hecate> then i just hope, she's not too skilled, since there are - as i already said - plenty of ways, to determine which users have accounts/home-folders/access/etc. on/to a system.
<Hecate> all she'd have to do is read /etc/passwd, for instance
<Hecate> my recommendation, romme, just obfiscate the username of the user you'd like to hide.
<Hecate> simple, yet effective. kiss. ;)
<Hecate> http://en.wikipedia.org/wiki/KISS_principle
<romme> no, she's not skilled. she can only use a file manager and the contents of /etc would scare her
<dmhardison> I have been setting up a PXE cluster and two of the machines I am installing use different nic drivers than the others, can I add a flag to the kernel boot flags to tell it to load the driver for that particular nic before continuing to boot the system, I really do not want to recompile the entire kernel for this.  I have an initrd image.
<jmedina> dmhardison: why dont you add the drivers to initrd image?
<dmhardison> jmedina is there a simple way I can do that?
<jmedina> dmhardison: what about reading man mkinitrd?
<dmhardison> alright.
<jmedina> mkinitramfs
<dmhardison> I've added sky2 to this modules initramfs configuration file, and when I update the initrd image, it still does not add it, why!? it is in the modules directory of the system
<fevel> how do I restart bind?
<dmhardison> nm got it, just made a whole new image.
<jmedina> good
<Nafallo> kirkland: ping
<duvnell> don't yell at me, but is there a package that contains rpm-build?
<ivoks> nope
<duvnell> carp and bass
<ivoks> afaik, rpm-build is just alias for rpm --something
<ivoks> but i could be wrong...
<shiruken> I'm trying to install Ubuntu server, but it keeps trying to go gui and my monitor won't display that resolution
<shiruken> how can I force into text mode?
<duvnell> I believe you are correct sir
<duvnell> rpm -ba works on RH.. but is unknown option on ubuntu
<duvnell> 's rpm
<duvnell> oh well
<shiruken> duvnell: I use dpkg -l | grep foo
<shiruken> for ubuntu
<shiruken> obviously, replace "foo" with what you're looking for
<ivoks> shiruken: ubuntu server doesn't have GUI
<duvnell> but that only lists what's installed
<shiruken> so does rpm -ba
<shiruken> ivoks: then it must be a textmode vga= option
<shiruken> hrm
<ivoks> shiruken: when does it fail?
<shiruken> essentially, I can get the kernel verboseness going on, but then at the end of post
<shiruken> end of kernel post
<shiruken> it throws it into a resolution my monitor can't handle
<ivoks> shiruken: are you sure it's ubuntu server?
<shiruken> I see syslogd
<shiruken> yeah
<ivoks> shiruken: ubuntu-server doesn't change resolution, it just starts ncurses based program
<shiruken> ubuntu 9.04 non-server installs fine (using the gui oddly enough)
<ivoks> shiruken: then it's not the resolution that's the problem
<shiruken> um, it is
<ivoks> shiruken: which monitor/vga card is that?
<shiruken> we can go back and forth on this, I've been installing ubuntu-server for a while :)
<shiruken> dell 19" monitor on a ati radeon x300
<ivoks> so, once kernel finishes, your monitor reports unsupported resolution?
<shiruken> I have alternatively, thought about install ubuntu 9.04 without X11
<shiruken> but I couldn't figure out how to do that
<shiruken> ivoks: yes
<ivoks> shiruken: have you tried cltr+alt+f2?
<shiruken> yes
<shiruken> ctrl-alt-f1-7
<ivoks> what does ctrl+alt+f1 shows?
<shiruken> ctrl-alt-backspace too
<shiruken> nope
<shiruken> nada
<ivoks> f2?
<shiruken> I was hoping to get at least a console
<shiruken> nothing
<shiruken> just the same resolution not supported
<ivoks> on f2 is a console in the same resolution
<ivoks> f1 is also a console, though
<ivoks> with ncruses program
<ivoks> i'm puzzeld
<shiruken> yeah, me too
<ivoks> have you tried removing 'quite' optiong from boot arguments?
<shiruken> yes
<ivoks> quiet
<shiruken> that's how I got the kernel verbose messages
<shiruken> and can see it going then a line with syslogd in it and nothing after that
<ivoks> does ctrl+alt+del resets the machine?
<shiruken> I do wonder if I should set a vga= option
<shiruken> yeah, it does
<shiruken> though, I smash it a few times in frustration :)
<ivoks> very strange
<shiruken> so I could see if once would be enough
<ivoks> maybe it needs bigger resolution than the one console has
<shiruken> totally
<ivoks> try vga=791
<shiruken> I was thinking of doing that
<shiruken> ok, I'll be back
<ivoks> or 794
<shiruken> or "ask"
<ivoks> 791 is 1024x768
<ivoks> that should work
<shiruken> I'll try all 3 unless one works before the 3rd
<ivoks> 794 is 1280x1024
<shiruken> yeah, 300 is 640x480@8
<shiruken> k, brb
<shiruken> yeah, that worked
<shiruken> I thought it might
<ivoks> which one?
<ivoks> probably both
<shiruken> 791
<shiruken> prolly, all 3 would
<shiruken> but, I stop at the first one that works
<shiruken> might want to have that as an install option
<shiruken> in the menu, the one with expert mode, and noapic
<ivoks> i think it is...
<shiruken> it's not
<ivoks> Fsomething
<shiruken> I was kinda expecting it under f4 or f6
<shiruken> but then, I have alot of residual learned behaviors
<ivoks> heh
<shiruken> thanks for the help, ah you're in Zagreb?
<ivoks> yes
<shiruken> cool, my friend Miro lives there, he's a programmer type
<shiruken> anyhow, thanks for your help again
<ivoks> Miro lastname?
<ivoks> np
<shiruken> Miroslav Silovic
<ivoks> ah, don't know him
 * shiruken nods
<shiruken> well, zagreb is a big place
<shiruken> ok, off to configure this server
<ivoks> ok, take care
<philsturgeon> hey, I have recently set up a server with a lamp stack that was auto-installed when i installed virtualmin/webmin. i have lost root access on localhost...
<philsturgeon> when i try to log in via mysql i get...
<philsturgeon> ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES)
<philsturgeon> i can log in remotely, just not local :S
<jmedina> so where is the problem?
<jmedina> system login or mysql login?
<jmedina> they are not the same root user
<philsturgeon> mysql login
<philsturgeon> i think the issue is i have several users with the same name
<philsturgeon> i was trying to get remote logins working and i ended up writing something like GRANT AL database.* 'root'@'%'
<philsturgeon> so i think that made a new user that can only access that db
<philsturgeon> ahh, nope i have cleared all permissions...
<pteague> any idea which might be better - install ubuntu-server 9.04 beta & then update or download ubuntu-server 9.04, install that, & then update?
<philsturgeon> i tried to remove rthe duplicates and removed too many. how to insert new privlidges with no mysql access? >.<
<pteague> root doesn't even have access?
<philsturgeon> nope
<philsturgeon> mega balls-up
<jmedina> philsturgeon: can you stop mysql server?
<pteague> ouch
<ivoks> philsturgeon: then access from outside
<ivoks> philsturgeon: and add root user with localhost as hostname :)
<philsturgeon> ivoks: i lost remote too
<ivoks> then you'll have to stop mysql
<ivoks> dpkg-reconfigure mysql-server-5.0
<jmedina> philsturgeon: you can reset mysql perms, but you need to stop and start mysql
<philsturgeon> if i reconfigure i may b reak virtualmin
<philsturgeon> jmedina: i have stopped mysql
<ivoks> you won't breake it
<ivoks> you'll just reset password
<ivoks> oh, right
<ivoks> backup first, of course :)
<philsturgeon> jmedina: ran the command, it asked me to enter password and confirm twice in a row
<philsturgeon> errord the 2nd time
<philsturgeon> then gave same error ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES)
<ivoks> then the hard way
<ivoks> http://ubuntu.flowconsult.at/en/mysql-set-change-reset-root-password/
<philsturgeon> bah screw it, quicker to rebuild the server
<philsturgeon> thanks anyway guys :)
<ivoks> khm..
<ivoks> how is it quicker?
<philsturgeon> its a mosso cloud server installed yesterday :)
<philsturgeon> may even have a "post virtualmin" backup
<philsturgeon> yup, backup indeed. problem solved
<yml> hello I have an ubuntu server in a vbox configured in bridged mode. I can ping all the computer on my subnet except the gateway
<yml> the subnet is 192.168.1.*
<yml> I can ping 192.168.1.11, 192.168.1.12, 192.168.1.13 but not 192.168.1.1
<yml> where i can ping 192.168.1.1 from the host
<yml> so I don't understand what could prevent me to ping the gatway.
<philsturgeon> i have set up a new cloud server that has only an ip address, now i am wondering how to attach domains
<LigHTRokHE> :|
<LigHTRokHE> attacha domains?
<philsturgeon> i plan to have several servers on my domain serverofdoom.co.uk
<philsturgeon> if i use dynamic dns then i can set this domain on no-ip.org i can point a sub-domain to this ip right?
<philsturgeon> then how to set up name servers on virtualmin?
<LigHTRokHE> man resolv.conf
<LigHTRokHE> =)
<pteague> i would suggest at least 1 external DNS unless you really don't care whether visitors get strewn to the bit bucket when you go offline
<philsturgeon> im setting the domains up with namecheap, i can use their nameservers and enter them in the config here?
<pteague> my last place of employment surprised me...  they had all this redundant stuff, all in the same data center, & both DNS were in the data center... power died & fried something to do with the dedicated incoming power line causing brownouts... discovered both DNS were in the data center so we couldn't even reroute people to a "yes we know we're offline" page
<pteague> yeah, should be able too
<jmedina> philsturgeon: you can use namecheap nameservers or you can setup your own dns server with bind9, and probably you can ask your ISP to be a slave dns server for your domains
<jmedina> pteague: read ubuntu server guide for information about setuing up a nameserver
<pteague> jmedina: 1 of the many reasons why i left
<jmedina> pteague: sorry, the messages was for philsturgeon
<jmedina> pteague: that is a common case for DNS
<pteague> :)
<jmedina> they even add RAID1 to their servers :D
<jmedina> a lot of redundancy.......
<jmedina> useless
<Hecate> jmedina, raid1 can save your butt, one day ;)
<jmedina> Hecate: yeap, they had a server in degraded mod for a year
<jmedina> they only ignored all the alarms from nagios jajaja
<Hecate> well, a common raid1 doesnt save your butt twice ;)
<Hecate> but iff ppl do no realize that, its their own fault ... natural selection.
<celephais> Hi, i want to backup a web server + mysql daily. which solution do you suggest?
<celephais> Pardon, i have to backup a web server + mysql on another server
<Hecate> just the files the web server serves + the databases?
<Hecate> or the entire box, celephais?
<celephais> Hecate, only files served + database
<jmedina> mysqldump + tar
<Hecate> mysqldump --all-databases
<Hecate> and if i were you, i'd rather use dar instead of tar
<celephais> Hecate, how do i send it to the backup server?
<Hecate> incremential/differential backups can save you a lot of space.
<Hecate> piping it through ssh?
<jmedina> rsync file user@backupserver:/backups/
<celephais> Hecate. ok thank you. But, just to know, if i were to backup lots of server which way do you suggest?
 * jmedina sugests bacula
<celephais> ok thank you
<Hecate> i dont knwo bacula, but if it concentrates most of the configuration on a single machine (to keep the amount of work caused low), it's good.
<Hecate> configuring every server you want to back up to have it make backups regularly and upload them to a different box, causes lots of work.
<jmedina> I use bacula to backup linux, unix and windows servers
<jmedina> it can do incremental, differential and full backup
<jmedina> full backup catalog
<Hecate> particularly if you make only a tiny change to the config, which you'd have to apply to all the servers ...
<jmedina> compresion, backup integrity checks,
<jmedina> secure communitcation with remote servers
<jmedina> you can encrypt your backups
<celephais> ok , thank you all very much
<jmedina> you only need to install a agent software in the server you want to backup
<Hecate> that sounds like the piece of software, i've been looking for, quite a while now.
<Hecate> jmedina, can it backup extended attributes?
<jmedina> Hecate: sure
<jmedina> acl,user_xattr
<Hecate> selinux attrs?
<jmedina> mm not sure about it
<jmedina> I dont use selinux
<jmedina> but you can always use post and pre backup scripts
<Hecate> i suppose, it does support them as well.
<Hecate> probably got ext34 ea-supoort built-in
<jmedina> bacula 3 has much better acl support
<Hecate> jmedina, does it store the backed up data in a (mysql|postgresql|sqlite) database? just read, that it requires on of the three.
<jmedina> Hecate: just job records
<Hecate> alright, thanks.
<jmedina> data is backup in files, tapes, dvds
<Hecate> definitely gonna drop that one down on my useful software disk-
<Hecate> *list
<jmedina> you can have different pools
<jmedina> Hecate: it has a console tool
<jmedina> in command line, gtk, and new qt based bat, witch rules
<jmedina> you can instala bat in admin workstation and manache remote bacula
<jmedina> good notification system
<Hecate> stop ... you already convinced me ;)
<jmedina> jajaja
<jmedina> Hecate: -*10.....
<Hecate> i beg your pardon ...
<jmedina> sorry, I was cleaning my kb
<Hecate> kk
<philsturgeon> using webmin/virtualmin how can i park one domain onto another?
<alex12> hi guys, ive recently installed ubuntu 9.04 server on a g3 dl360 server with a i5 raid card ... 2 x 72 u320 scsi disks ... and im noticing a very high iowait times doing simple tasks, the system seems very sluggish and impossible to multitask .... ive read around this may have something to do with the latest kernel running at the moment? any recommendations on understanding a very high iowait time?
<jmedina> alex12 you can check whois doing i/o
<jmedina> iotop
<jmedina> iostat
<jmedina> pidstat
<CharlieSu> How can I enable multiverse for a single package?  I'm having trouble finding documentation for that..  Thanks in advance!
<soren> CharlieSu: You can't.
<CharlieSu> soren: I'm running 8.04 and would like sun-java6-jdk but that is it..  No options for that?
<Hecate> CharlieSu, download the package from packages.ubuntu.com and install it manually.
<CharlieSu> Sorry about htat..  did you say something?
<soren> Why not just enable multiverse?
<Hecate> multiverse is bad. it will fuck up your box beyond repair. it can be easily compared to the dark side of the force. no way back. ;)
<yml> does anyone know how to disable ipv6 on 9.04 ?
<Hecate> yml. not possible. its built-in.
<yml> because i tried the techinic describe there http://ubuntuforums.org/showthread.php?t=87798&page=15
<yml> without success
<yml> Hecate: that would explaing why
<Hecate> yml, setting a drop policy for all three netfilter chains with ip6tables will pretty much disable it.
<Hecate> that's what i did.
<yml> the pb for me is this
<Hecate> ipv6 used to be a kernel module (in versions < 9.04, now with it being built-in, there's no way i know of to disable).
<yml> On Linux hosts, functionality is limited when using wireless interfaces for bridged networking. Currently, VirtualBox supports only IPv4 over wireless. For other protocols such as IPv6 and IPX, you must choose a wired interface.
<Roritharr> hi guys, i've got a question, is it possible to install the ubuntu server on a 2gb CF Card?
<yml>  this is an extract from the virtualbox documentation
<soren> CharlieSu: Why not just enable multiverse?
<yml> In french it means that the guest computer cannot acces internet if the host has IPV6 an is connected to the network using the wifi
<soren> Hecate: Err... Not true.
<soren> Hecate: sysctl -w net.ipv6.conf.all.disable_ipv6=1
<soren> Bam.
<Hecate> ahhh.
<Hecate> good to know, thanks.
<soren> It can also be done on a per-interface basis, of course.
<CharlieSu> soren: I did.. Thanks..  Do you know how to get around the sun license agreements when installing?  I'm trying to do it automated
<yml> soren: I imagine then then I need to reboot ?
<soren> yml: No, no.
<soren> yml: In fact, if you do, it'll be reset.
<soren> yml: If you want it to stick, add it to /etc/sysctl.d/ somewhere.
<yml> soren: it doesn't seems to work : http://dpaste.com/42233/
<soren> yml: And you claim you've set that value correctly?
<yml> soren: i copy paste from this window
<soren> CharlieSu: Something like: echo debconf shared/accepted-sun-dlj-v1-1 true | sudo debconf-set-selections
<alex12> jmedina: thanks, but the problem is really bad disk i/o ...
<soren> yml: Sorry, what?
<alex12> only 30megs per sec
<alex12> when a sata disk can do like 60mb/s
<yml> I did : sudo sysctl -w net.ipv6.conf.all.disable_ipv6=1
<yml> and then what is in the link I have posted
<soren> *shrug* Does it still actually /do/ anything regarding ipv6?
<soren> alex12: What are you testing, specifically.
<soren> ?
<yml> http://dpaste.com/42235/
<alex12> soren: using dd .... etc
<soren> alex12: "specifically"
<alex12> soren: secondly im doing a big import of sql - around 10gb of data ... and its doing it dog slow,
<alex12> and doing other tasks at the same time like installing iotop
<alex12> is dead slow...
<alex12> and sluggish
<alex12> like just sshing into the box takes like 25-30secs for a response for a login prompt
<soren> yml: Right. Does it still /do/ anything regarding ipv6?
<soren> alex12: That could be lots of other things, though.
<soren> alex12: DNS, for instance.
<alex12> well right now im @ 40% io wait, some sur some sys, and rest idel ...
<alex12> soren: sure i understand that, lets ignore the ssh slowness for now
<alex12> just trying to figure out why other tasks while doing this sql import is sluggish, and swecondly
<alex12> why the import is dead slow...
<alex12> iostat only shows 3mb/s
<Roritharr> http://www.youtube.com/watch?v=lZed9-OjR6k
<alex12> like right now with iotop im seeing mysql being the only proces doing something
<alex12> but top shows iowait of 50%
<alex12> wtf?
<alex12> and its only doing like 100-150k/s
<soren> That does sound odd.
<soren> alex12: Have you tried bonnie++ by any chance? On an otherwise idle system, of course.
<alex12> bonnie/
<alex12> ?
<soren> alex12: Yes.
<alex12> i havent no, ill check it out
<alex12> what is it?
<soren> bonnie++ - Hard drive bottleneck testing benchmark suite.
<alex12> ill install it
<Adri2000> no one is working on the vsftpd merge?
<soren> Adri2000: I thought you were :)
<Adri2000> I am :) just wanted to make sure I'm not duplicating work
<Adri2000> comment added on MoM
<alex12> soren: im seeing crap io on the hdd using bonnie
<alex12> its like it spurts and splorts in iotop aswell
<alex12> but iowait remains solid
<alex12> this is fustrating :(
<greenfly> alex12: what's your free memory look like?
<greenfly> how far are you into swap?
<alex12> nothing in swap
<alex12> its a pure iowait issue, im finding it hard to nail
<greenfly> yes, but swap issues become iowait issues :)
<alex12> it
<alex12> [21:49] * timburke (n=timburke@unaffiliated
<greenfly> anyway I was just ruling that out
<alex12> http://pastebin.com/m1eed6964
<alex12> surer
<alex12> thats my free
<alex12> bonnies writing really slowly ....
<alex12> im on ubuntu 9.04 with 2.6.28-11-server
<alex12> im thinking of rolling my kernel back
<alex12> into the stone age to see if that makes a difference
<timburke> yes alex12?
<alex12> ?
<timburke> <alex12> [21:49] * timburke (n=timburke@unaffiliated
<alex12> sorry, mispaste
<greenfly> alex12: this is a sata drive, right?
<alex12> hp dl360 g3 - i5 controller - 2 x u320 scsi drives
<greenfly> ahh
<greenfly> hw RAID1?
<alex12> yeap
<greenfly> I wonder how much that affects the throughput for just flat-out writing to disk when the cache can't help much
<alex12> unsure
<greenfly> ya, would be difficult to test, as well
<alex12> i shouldnt be getting 1-2secs of no writes, then maybe 100-150K/s writes for a few secs, then maybe 1 sec of 4MB/s wrtie, then back in circles
<alex12> io wait all this time is like 40-60%
<greenfly> getting any interesting scsi errors in dmesg?
<alex12> nope
<alex12> looks clean... nothing since 20secs from boot
<greenfly> maybe boot from, say, a knoppix 5.x cd. should have support for HP controllers and you could test IO from that and rule out the kernel revision
<jmedina> I dont like hardwae raid, hard to debug when you dont have a linux tool
<alex12> hrm ok ill give that a shot
<alex12> how would i downgrade the kernel anyways?
<greenfly> that's tougher... might have to downgrade the OS depending... but if you seem to get to that point it might be worth filing some sort of bug against the module
<greenfly> especially if you get an older ubuntu live cd (say 8.10) and also don't see the problem
<greenfly> then it would classify as a regression and would be easier for people to test
<alex12> ok well im downloading knoppix and ubuntu 8.10 now
<greenfly> also, both should have the ability to run apt-get from ramdisk so you could install bonnie if you needed to
<alex12> ok
<alex12> im noticing in iostat -k -x 1
<alex12> that await is sitting around 220
<alex12> %util is @ 100% aswell
<jman888888> How do i install plesk?
<jman888888> ....
<jman888888> Ok how do i install plesk?
<alex12> greenfly: changed some bios options, rebooted, and started the import again ...
<jmedina> jman888888: plesk is not opensource, you better ask to plesk people as part of your support
<alex12> iostat -x shows 6-10% util ... io wait is 1-2% ...... cached memory is slowly increasing....
<alex12> i wonder when cached gets full ill loose all performance...
<greenfly> alex12: I could see the import giving you half the performance you expected since it has to read in some chunks, process them, write them, then repeat
<alex12> iotop and iostats shows writing/reading @ 4MB/s
<alex12> i turned HT off, and set the system to "io performance"
<alex12> rather than "memory performance"
<alex12> whatever the f that does...
<alex12> still reading and writing @ 3MB/s ... systems chugging away with strong user% ... low io wait @ 1-2%
<alex12> %util in iostat is 5-10% ...
<alex12> await is 2
<alex12> that was like 200 before
<alex12> ok running out of cached now...
<alex12> er free memory i mean
<alex12> ok wow, im getting great stuff on bonnie now
<alex12> 30MB/s now./...
<alex12> now great but lots better, during the mysql import ...
<jmedina> :O
<alex12> await is high
<jmedina> alex12: so what changed?
<alex12> rebooted, and changed some bios settings:
<alex12> [22:36] <alex12> i turned HT off, and set the system to "io performance"
<alex12> [22:36] <alex12> rather than "memory performance"
<jmedina> :O
<alex12> during bonnie, await in iostat is 140->400 and util is 100%
<alex12> which is expected ...
<alex12> while bonnie is running, everything else is bogged down....
<alex12> must be stressing the disks hard
<NativeAngels> hello can anyone tell me what port ssh uses on a guest machine
<NativeAngels> for xen
<jmedina> NativeAngels: the same when running in native, unless you change it
<NativeAngels> hmm
<jmedina> you can verify with "netstat -pltn | grep sshd"
<NativeAngels> im getting timed out
<jmedina> of course in the server
<NativeAngels> when i ping the guest machine i get destinatin host unreachable
<jmedina> NativeAngels: do you have access to Dom0?
<NativeAngels> im using putty
<NativeAngels> what do you mean
<NativeAngels> this is the setup jmedina http://paste.ubuntu.com/167188/
<NativeAngels> did you get that jmedina
<jmedina> NativeAngels: connect to xen1.example.com with something like:
<jmedina> # xm console xen1.example.com
<jmedina> login as root
<jmedina> and check ssh is running with
<jmedina> netstat -plutn
<jmedina> if not, install it
<jman888888> Ok(JGB Was AFK) Whats a great oss Cpanel?
<NativeAngels> this what i got after xm console jmedina http://paste.ubuntu.com/167232/
<phaidros> something wrong with initrd or kernel modules ..
<phaidros> does your guest have the correct /lib/modules version (same as you set in you cfg) ?
<jmedina> NativeAngels: that is all?
<jmedina> NativeAngels: try to kill the machine and start it again
<jmedina> xm destroy xen1.example.com
<jmedina> and xm create xen1.example.com -c
<alex12> jmedina, greenfly: bonnie did well: sql1,10000M,,,31599,15,17739,8,,,52860,16,577.7,1,16,+++++,+++,+++++,+++,+++++,+++,+++++,+++,+++++,+++,+++++,+++
<alex12> thats during a sql import :)
<alex12> hrm ill just leave it as is then
<alex12> maybe it was that bios option ...
#ubuntu-server 2009-05-09
<slestak> i know netselect and apt-spy are not official ubuntu-server programs.  is there a preferred way for finding a good mirror from the console?
<giovani> slestak: if an "official" solution to that situation existed ... then there probably wouldn't be other apps to do it
<giovani> use either of those ... or select one at random
<Bytewalker> Hi all, im new to servers.. I registered www.custom-quiz.com and pointed it to my IP (ubuntu box with apache/etc), my friend says he can't connect to it through http://custom-quiz.com OR http://205.206.131.93 , can anyone tell me if either of these work for them?
<slestak> giovani: thx, i prefer to stay with blessed tools, just wanted to ask.
<giovani> Bytewalker: nope ... port 80 at that IP isn't open
<giovani> well, technically it's "filtered" ... but there's no service responding on that port
<Bytewalker> giovani: really weird.. my computer in the other room is on a diff IP (205.206.131.92 (one below)) and it can connect to custom-quiz.com and it works, any ideas?
<giovani> Bytewalker: uh ... probably a filter
<giovani> given that the IP is filtered
<giovani> is this a residential IP?
<Bytewalker> Hmm, this computer isnt connected to a router at all.. what could be filtering it
<giovani> many residential ISPs filter port 80
<giovani> at their router
<Bytewalker> yeah im connected through telus ADSL.. it gives me 2 IPs
<giovani> if your computers are both connected over a switch/hub, then you wouldn't be accessing computer number 2 through Telus' router
<giovani> hence why computer 1 would be able to access port 80 on computer 2, but not anyone else on the internet
<Bytewalker> i have a main hub (one line to server, one to a router) and my other comp is behind router
<giovani> yes
<Bytewalker> omg thanx, makes sense
<giovani> Telus is filtering port 80 for you
<giovani> try moving your web server to port 81
<giovani> to test this theory out
<giovani> or some other random port
<giovani> and then try to access it this way: http://205.206.131.93:81/
<Bytewalker> ok. will http:// look at port 81 too by default?
<giovani> nope
<Bytewalker> doh
<giovani> only 80
<Bytewalker> lol.. just wondering why my isp would filter port 80
<Bytewalker> they dont want me to host?
<giovani> of course not
<giovani> most residential ISPs do this now
<giovani> they see "hosting" as a non-residential use of the connection
<Bytewalker> but bittorrent is ok i guess... lol..
<giovani> nope, they're making efforts to block that too
<giovani> it's just much much harder
<Bytewalker> ok wel thanks dude, i'm gonna try port 81 rly quick
<Bytewalker> or mabey call telus and bitch?
<giovani> nope
<Bytewalker> any hint on moving apache to port 81 would be mucho appreciated:) plus.. do isps block any other ports?
<giovani> Bytewalker: depends entirely on the ISP
<giovani> look in /etc/apache2/httpd.conf
<Bytewalker> giovani: im gonna try 8080 and mabey you can test it after :D, they mighta blocked that too though im guessing
<giovani> very possible
<giovani> as for how to change the port: http://httpd.apache.org/docs/2.2/mod/mpm_common.html#listen
<giovani> documentation is plentiful -- please make an attempt to look those things up first
<linux_noob> hello, anyone around?
<linux_noob> I have an issue transitioning from http to https access... I'm using svn as a test.
<kj4> hello all
<kj4> anyone here that could help me with setting up a mail server?
<twb> !anyone
<ubottu> A large amount of the first questions asked in this channel start with "Does anyone/anybody..."  Why not ask your next question (the real one) and find out?
<kj4> will someone review my zonefile and tell me if it looks good for mail?
<FFForever> Hello
<FFForever> why does this happen?, $ ls
<FFForever> znc-0.068  znc-0.068.tar.gz
<FFForever> $ ^[[A
<FFForever> i get the ^[[A when i press up...
<foxbuntu> FFForever, sounds like you created a new user and didnt set the default shell to bash
<foxbuntu> FFForever, to test, try this: $ bash
<foxbuntu> ls -l
<foxbuntu> then press up
<FFForever> foxbuntu, whoops, how do i set it?
<Kamping_Kaiser> try `echo $SHELL` - bash returns /bin/bash
<foxbuntu> FFForever, sudo nano /etc/passwd
<foxbuntu> FFForever, then you can find your user and set the end of the line to /bin/bash
<Kamping_Kaiser> I'd recommend `chsh` personally
<FFForever> i like bash :D
<FFForever> foxbuntu, it was /bin/sh
<foxbuntu> FFForever, that should do it, log out and back in to verify
<FFForever> foxbuntu, how hard would it be to upgrade from 8.10 to 9.04?
<foxbuntu> FFForever, depends on your hardware
<foxbuntu> but should be easy nuff
<FFForever> its a vps
<foxbuntu> FFForever, sudo do-release-upgrade
<foxbuntu> FFForever, oh then it should be no big deal
<foxbuntu> FFForever, actually, do it this way
<foxbuntu> sudo apt-get update && sudo do-release-upgrade
<FFForever> foxbuntu, how do i add my user to the admin group
<foxbuntu> FFForever, sudo usermod -a -G root
<wizardslovak> hello people
 * foxbuntu hides from wizardslovak 
<wizardslovak> FFForever: i did update without any problems
<FFForever> foxbuntu, root@chr1831:/home/chris# usermod -a -G chris chris like that?
<FFForever> whoops i am already in chris...
<FFForever> sudo: do-release-upgrade: command not found
<wizardslovak> try do-release-upgrade
<wizardslovak> myne worked without sudo
<foxbuntu> wizardslovak, it requires sudo
<foxbuntu> FFForever, yeah... and there is indeed an admin group so
<wizardslovak> lol
<FFForever> foxbuntu, not for me :D
<FFForever> no admin group...
<wizardslovak> i might be su then
<foxbuntu> FFForever, switch to your first user
<foxbuntu> FFForever, you can also just edit the conf
<FFForever> i did :D
<foxbuntu> FFForever, sudo nano /etc/groups
<foxbuntu> oops
<foxbuntu> FFForever, sudo nano /etc/group
<FFForever> anyways..., how do i upgrade?
<foxbuntu> sudo do-release-upgrade should work
<FFForever> nope...
<foxbuntu> did you log out after changing your groups?
<FFForever> didn't change it...
<FFForever> there we no admin groupd lol
<Kamping_Kaiser> FFForever, what version of ubuntu server are you running? whats the output of `groups`?
<foxbuntu> adm?
<Kamping_Kaiser> are you in shared hosting, or your own host?
<FFForever> 8.10 from what i am told...
<FFForever> well according to the ubuntu64 tar.gz file :D
<foxbuntu> FFForever, lsb_release -a
<FFForever> chris@chr1831:~$ lsb_release -a
<FFForever> No LSB modules are available.
<FFForever> Distributor ID:	Ubuntu
<FFForever> Description:	Ubuntu 8.10
<FFForever> Release:	8.10
<FFForever> Codename:	intrepid
<foxbuntu> indeed it is 8.10
<FFForever> stripped :D
<Kamping_Kaiser> what about your groups?
<foxbuntu> FFForever, check for the group called "adm"
<FFForever> my ubuntu is only 605mb
<foxbuntu> so?
<FFForever> shouldn't it be bigger?
<foxbuntu> that sounds about normal for server
<FFForever> centos was 2gb =\
<FFForever> 2gb on a 6gb vps sucks... LOL!
<foxbuntu> heck, with Mythbuntu we are still inside a CD
<foxbuntu> and there is allot more there than server default install
<FFForever> anyone in here setup ubuntu + suphp?
<Bhagavat> hi
<Bhagavat> someone talk in spanish?
<Bhagavat> i know that ubuntu comunity is expert talking in english, but i not good talking tecnique terms in english
<FFForever> any idea why i get this?, Internal Server Error
<FFForever> File "/home/chris/public_html/index.php" is not in document root of Vhost "/var/www/"
<foxbuntu> Bhagavat, I believe there is a spanish channel #ubuntu-es iirc
<Bhagavat> well i wole like activate a new ubuntu server, but i have cuestions about the technical specifications of my machine
<Bhagavat> thanks foxbuntu
<foxbuntu> FFForever, sounds like you need to update your vhost (google apache vhost for specifics) /etc/apache2/sites-enabled/default is the file you need to edit
<FFForever> foxbuntu, how do i find out what uid 1 is?
<FFForever> i mean 33
<FFForever> =\, chris:x:1000:1000::/home/chris:/bin/bash.... i modded the dir with chown chris:chris /blah/index.php shouldn't it be 1000:1000 then?
<FFForever> www-data:x:33:33:www-data:/var/www:/bin/sh.......... why is it launching as www-data...
<foxbuntu> FFForever, no
<Kamping_Kaiser> FFForever, you need to include more details in what your talking about
<foxbuntu> FFForever, uh...
<FFForever> i was writing the files as root...
<FFForever> i am trying to setup suphp :D
<FFForever> http://vps.chr1831.com/~chris/
<foxbuntu> FFForever, because apache runs under www-data
<Kamping_Kaiser> what is it? whats it do? why does it need to access particular files? what did you do to create those errors? etc etc etc
<foxbuntu> Kamping_Kaiser, thanks
 * foxbuntu felt like a fog was setting in
<foxbuntu> ;)
<FFForever> foxbuntu, so the file is owned by www-data?
<Kamping_Kaiser> foxbuntu, ;)
<Kamping_Kaiser> FFForever, stop saying "the file" or "the directory". *what* file? *what* directory?
 * Kamping_Kaiser still isnt sure whats *broken*
<FFForever> /home/chris/public_html and its index.php
<Kamping_Kaiser> how did you try and access it?
<FFForever> via userdir
<FFForever> wait i know why.........
<FFForever> fixed the miss matched uids... now i get this Could not execute script "/home/chris/public_html/index.php"
<Kamping_Kaiser> foxbuntu, there must be a 'give us useful info' factoid, but no idea what it is :(
<FFForever> do i need to have +ExecCGI on the vhost?
<Kamping_Kaiser> no
<Kamping_Kaiser> what gave you that error?
<FFForever> trying to browse my index.php =\
<FFForever> i have error to browser to true
<foxbuntu> Kamping_Kaiser, I don't know what it is on ubottu
<FFForever> suphp.log says [Sat May 09 06:51:37 2009] [info] Executing "/home/chris/public_html/index.php" as UID 1000, GID 1000
 * Kamping_Kaiser wonders why its executing
<Kamping_Kaiser> FFForever, http://www.suphp.org/Home.html is this what your playign with?
<FFForever> nothing in the error log =\
<FFForever> Kamping_Kaiser, yeah
<FFForever> i compiled from source
<Kamping_Kaiser> why on earth are you using that?'
<FFForever> Kamping_Kaiser, to make php run as the user :)
<Kamping_Kaiser> suPHP is a tool for executing PHP scripts with the permissions of their owners. It consists of an Apache module (mod_suphp) and a setuid root binary (suphp) that is called by the Apache module to change the uid of the process executing the PHP interpreter.
<Kamping_Kaiser> my god that sounds bad ;S
<FFForever> why?
<FFForever> Kamping_Kaiser, how would you suggest i run php as the user?
<Kamping_Kaiser> FFForever, for a start - why do you want to?
<FFForever> because its better for security when doing hosting..
<Kamping_Kaiser> FFForever, and it sounds bad, because your putting one of the most abused languages onto your system, with control of a suid binary.
<Kamping_Kaiser> if its going via suid , its not more secure then anything.... imho, of course
<FFForever> php is not that bad...
 * Kamping_Kaiser laughs
<FFForever> wanna rewrite my site in python then?
<Kamping_Kaiser> half a minute, let me put on my caring face...
<Kamping_Kaiser> speaking of python *goes to get his laptop and work on a website*
<wizardslovak> what ports should i open??
<wizardslovak> besides 80
<FFForever> 99999999999
<FFForever> :D
<Kamping_Kaiser> wizardslovak, depends which ports you need to use.
<wizardslovak> well i am trying to setup ufw
<wizardslovak> i am using  browser,ssh
<wizardslovak> ssh is 22 ,right?
<Kamping_Kaiser> yes
<wizardslovak> thats should be it
<wizardslovak> hmmm basically two  lol
<wizardslovak> also https should be good
<wizardslovak> 443 if i am not mistaken
<wizardslovak> how to unzip .zip?
<Kamping_Kaiser> unzip file
<wizardslovak> hmmm i cannot find Gtk2
<Kamping_Kaiser> not a problem on servers ;)
<wizardslovak> sorry
<wizardslovak> i though ti am on kubuntu chat
<cemc> I just found out that my maillog files are not rotated as they should... I have 'monthly' specified in the logrotate.conf, but they still get rotated daily
<cemc> on Hardy
<reid> hi all.  my server's mobo just fried and I just put a new one in with it.  It no longer connects to my network.  Any ideas?
<Kamping_Kaiser> reid, onboard ethernet?
<Kamping_Kaiser> !z25
<ubottu> Sorry, I don't know anything about z25
<Kamping_Kaiser> bah.
<Kamping_Kaiser> dpkg does :o
<Kamping_Kaiser> reid, <dpkg> As of version 0.090, udev has the ability to statically rename ethernet cards based on MAC address. The addresses are configured in /etc/udev/rules.d/z25_persistent-net.rules .  If you want the mappings to change, edit that file.  See <forcedeth mac>.  As of version 0.124-1 the file is called /etc/udev/rules.d/70-persistent-net.rules
<Kamping_Kaiser> reid, the file name might be slightly different, but the idea is the same ;)
 * Kamping_Kaiser -> afk
<wizardslovak> good night people
<cumulus007> I'm looking for the location mysql saves my databases in
<Kamping_Kaiser> cumulus007, /var/lib iirc
<cumulus007> and then?
<cumulus007> never mind ;)
<XiXaQ> is it common for mailserver to refuse to relay mail from users on a mailserver that isn't encrypted, or one that uses self-signed certificates?
<Doonz> hey does anyone know when your growing a raid 5 software array and the computer fails. does it break the array
<emgent> hallo
<emgent> some mysql guy around ?
<LoreCaster> Hey all, question... i've installed ubuntu server 32-bit v9.04 on my machine, but it's just a flat install. i need to install the materials required for remote login (since i just want a power cord and a network cable plugged into the tower) and a webserver. My admin also needs remote access, and all that good stuff. Can i ask where i go now?
<LoreCaster> i know that, sometimes, the order of operations for a server is important... didn't want to start anything without more knowledge lest i foul something up
<LoreCaster> i've foudn this, is it a good source of info? http://www.howtoforge.com/perfect-server-ubuntu-9.04-ispconfig-2
<Nicke> LoreCaster: Have you looked at the Ubuntu server guide? https://help.ubuntu.com/9.04/serverguide/C/index.html
<LoreCaster> i've never had much luck with these, is it a step-by-step how-to for my needs?
<LoreCaster> i've NEVER seen such a comprehensive resource!! thanks so much! :D
<kirkland> Nafallo: pong
<kirkland> Nafallo: i was on holiday yesterday :-)
<NativeAngels> can anyone help me with im having a problem with start a xen virtual machine
<billybigrigger> hey all
<NativeAngels> anyone here use xen server
<giovani> NativeAngels: you might want to try #xen ... that's what it's there for
<FFForever> Hello
<NativeAngels> ok
<FFForever> Anyone know anything about suphp?, i am trying to set it up but i get an error that says it cannot execute the script "..../index.php" =\
<FFForever> 500 internal server error, Could not execute script "/home/chris/public_html/index.php" to be exact....
<wizardslovak> morning people
<FFForever> mornin
<FFForever> can anyone help with the suphp?, plz lol
<incorrect> i am going to install my new server, but its in the garage,  can i pxe boot it and ssh in somehow?
<Nafallo> kirkland: did you change something in the screen madness that steals my alt+pgup/pgdown?
<Nafallo> kirkland: where 'alt' = 'shift'... ;-)
<Nafallo> 16:25 < NativeAngels> anyone here use xen server
<Nafallo> ehrm
 * Nafallo blames weird Xorg
<FFForever> can i ban running passwd via sudo and disable sudo -i?
<FFForever> (for 1 user)
<giovani> FFForever: certainly for denying passwd access
<giovani> did you read the sudoers manpage?
<giovani> you can deny all access to passwd, or prevent just access to changing the root password
<giovani> using some basic expressions
<FFForever> what about the -i option?
<giovani> I don't believe so, it doesn't really accomplish anything special though, so I'm unclear on why you want to ban its use
<giovani> you can ban access to the shell
<giovani> or don't give the root user a shell
<FFForever> how do i remove the shell from root?
<giovani> sudo usermod -s /bin/false root
<FFForever> ahhh cool :D
<giovani> /bin/false is just a non-existant shell
<giovani> it's not a special name
<giovani> it could be /bin/doesntexist
<AnRkey> how can i get cupsys to recieve jobs like lprng does? I need to add queues like I did in my /etc/printcap file but I cant see how with cupsys
<NativeAngels> can anyone here help me with xen setup
<giovani> NativeAngels: I've recommended you visit #xen
<incorrect> wow jaunty recognised my sata raid and did the mirroring, but i don't see any mdadm
<giovani> if you have a "raid card" then you shouldn't be running md
<incorrect> no its not real raid
<giovani> heh, then let's not call it a raid card :)
<incorrect> /dev/mapper/isw_bdgaggad_Vol07
<incorrect> it created those mappings
<giovani> ok
<giovani> ps aux | grep -i md   returns what?
<incorrect> krfcommd
<giovani> that's it?
<incorrect> yes
<incorrect> i don't see mdadm
<giovani> well mdadm isn't the daemon
<incorrect> well you can normall see something running that is monitoring the raid array
<giovani> well as long as the raid is setup and running, what's the problem?
<jetole> Is anyone in here familiar with linux advanced routing and filters on the PRIO queing discipline, the filters I am applying are not being used the way I like => http://pastebin.com/m46e44c4e
<NativeAngels> can you use sun virtualbox from ubuntu server edition
<giovani> NativeAngels: sure ...
<giovani> my view of VirtualBox is that it's more of a desktop virtualization product
<giovani> but it's possible it has some non-gui interface I don't know of
<jetole> I honestly don't know why anyone with a modern cpu would want to use virtualbox
<jetole> linux kvm ftw
<jmarsden> It looks as though libvirt support for VirtualBox is almost there, so I'd think vmbuilder support could follow?  http://article.gmane.org/gmane.comp.emulators.libvirt/12872
<uvirtbot> New bug: #311968 in dhcp3 (main) "DHCP very slow and unreliable" [Undecided,New] https://launchpad.net/bugs/311968
<incorrect> hmm my nic bonding module options don't work anymore
<guiss> Hello guys. Where I can find documentation to configure an ubuntu LTS server? I went to the helpt pages of ubuntu community but it wasn't helpufl
<wizardslovak> guiss: what do you need to install
<wizardslovak> http://www.howtoforge.com/perfect-server-ubuntu8.04-lts
<guiss> wizardslovak: I want to install a terminal server, I did the lstp-server installation and configuration of dhpc but the thin client hangs on login
<guiss> oops, my mistake. Linux Terminal Server :) not Long Term Support
<jmarsden> guiss: Did you read and try ideas from https://help.ubuntu.com/community/UbuntuLTSP/ClientTroubleshooting
<incorrect> I want to bring up my bond0 interface with no ip config so i can then bridge it
<incorrect> i don't see an option for no config
<jetole> incorrect: are you asking how to enable bond0 without an IP address?
<incorrect> yes
<jetole> did you try ifconfig bond0 up?
<jetole> or ip link set bond0 up
 * Nafallo thinks the bond0 device is on vlan 007
<incorrect> jetole, so what about running all the scripts to recreate the interface?
<jetole> incorrect: don't know what you just asked me now but you asked how to enable a device without assigning an IP address to it
<android6011> I want to create an energy efficient media streaming server /nas, I thought maybe installing ubuntu server to somethign such as a flash drive would help. Is this a good idea or no?
<incorrect> jetole, with the other info was in interfaces
<jetole> still not sure what you just asked
<incorrect> you know what the interfaces file is?
<jetole> /etc/network/interfaces?
<jmarsden> android6011: You could do that... have you tried FreeNAS http://www.freenas.org/ ?
<jetole> thats my guess
<android6011> jmarsden: im looking to also have a mythtv backend so linux is my best bet
<android6011> I thought maybe webmin would also help simplify maintenance if anyone has any experience with it
<jetole> webmin is for people who don't know how to setup a system and want to risk breaking it at the gleam of a point and click interface
<jetole> webmin is not something I would ever recommend to anyone
<jetole> it doesn't know all the details about which version of what you have installed and tends to make some bad mistakes
<android6011> thats too bad, well there is always ssh
<jetole> best bet for simplifying maintenance is to know how to maintain it
<jetole> yeah, ssh is a great tool
<jetole> one I have used for over a decade
<jetole> puppetmaster and cfengine are also great when it comes to distributed maintnance but you can't put a GUI in front of something and hope it makes it easiar unless you really understand how the gui works
<android6011> ya
<jetole> and if you are using webmin then you probably don't in the first place
<android6011> also, because this is just a home streaming server, i would like for it to go into some power saving mode and wake up if something tries to access it over ethernet, will i specifically need wake on lan or does say sleep mode cover that
<jetole> sorry to sound crass but linux server admin has been my job for a long time
<android6011> heh ya
<jetole> well sleep mode and wake on lan can work together however I don't think the kernel in ubuntu server supports sleep mode
<jetole> it shouldn't since it's for a server
<android6011> ya thats what i figured
<jetole> look into using the desktop version
<android6011> ya i was thinking about doing the desktop and just dissabling x but I don't like the idea of having all the extra overhead
<jetole> they both use the same package repo i.e. same packages for both but the big diff is how the kernel is setup
<jetole> what extra overhead?
<jetole> update-rc -f gdm remove
<jetole> X no longer starts
<jetole> you can also install a server and then install the desktop kernel
<android6011> just like all the extra packages installed by default etc
<android6011> is there a minimal install disk like there is with debian?
<jetole> I don't know but I have never seen it
<jetole> I don't think so
<jetole> install the server, then do an => apt-get install linux-image-generic
<jetole> then set the generic kernel inside /boot/grub/menu.lst
<android6011> wouldnt apt add it to menu.lst by default?
<jetole> it might but I don't know if it will become the default
<jetole> double check
<jetole> also, even though the kernel supports it, I don't know if sleep will be enabled by default
<jetole> you would probably have to read into that
<jetole> I know on desktop edition it's not
<jetole> it has to be told to but I have never set it up since I ssh into my machines
<jetole> actually, wake on lan would work for a few but I have never looked into it
<android6011> ya, i just dont want to have to manually tell the machine to wake up
<jetole> then don't put it to sleep
<incorrect> jetole, the answer is 'manual'
<incorrect> or inet manual
<jetole> incorrect: I don't know what your question was to begin with but you can do just about anything with manual mode or you can even skip interfaces entirely and write your own startup script
<incorrect> nevermind then
<jetole> did I sound concerned?
<jetole> sorry if I did
<incorrect> hmm i wonder what created virbr0
<jetole> libvirt
<jetole> /etc/init.d/libvirt-bin
<incorrect> thanks
<kirkland> Nafallo: hmm, no, not that I know of ...
<kirkland> Nafallo: shift-pgup & shift-pgdown should be trapped by gnome-terminal, or whatever, and will scroll back in its buffer
<kirkland> Nafallo: for proper scrollback on a per-window basis in screen itself, use F7
<Nafallo> kirkland: well. my issue is that the screen doesn't scroll up in the current screen window anymore, but rather scroll to the previous one.
<Nafallo> kirkland: this is HIGHLY suboptimal when you want to check switch configs for example.
<kirkland> Nafallo: huh?
<kirkland> Nafallo: i don't understand
<Nafallo> kirkland: might be easier if we find each other on allhands? :-)
<kirkland> Nafallo: :-)  sure
<kirkland> Nafallo: so shift-pgup is switching among your tabs in gnome terminal?
<Nafallo> kirkland: terminator
<kirkland> Nafallo: or is it doing what f3-f4 are suppose to do?
<Nafallo> kirkland: no. it's weirder than f3-f4, it's like it's scrolling back in it's buffer (as it should) but instead of scrolling a screen at a time it's scrolling back between windows (which should be what you call tabs)
<Nafallo> kirkland: get a few windows and then output lots of content in the last one (cat or whatever), then try shift+pgup :-)
<Nafallo> ehrm
<Nafallo> actually. right now it DTRT :-/
<Nafallo> I wonder if this have to do with the switches outputting something strange.
<kirkland> Nafallo: oh, right, that's sort of "expected"
<kirkland> Nafallo: so that shift-pgup is trapped by gnome-terminal
<Nafallo> kirkland: I don't use gnome-terminal
<kirkland> Nafallo: and it scrolls back through what it "knows" about
<kirkland> Nafallo: okay, whatever your terminal is
<kirkland> Nafallo: really, you need to use F7 if you want to scroll back in only one window
<kirkland> Nafallo: this will let screen do the scrolling properly
<kirkland> Nafallo: if you only open one window, it will DTRT all the time :-)
<kirkland> Nafallo: if you don't switch between the two windows, it will DTRT
<Nafallo> kirkland: well. I don't open "just one window" :-P
<kirkland> Nafallo: you'll see the problem if you open two windows, do a "find . " in one, then switch to the other window, do an 'ls' and then shift-pgup
<kirkland> Nafallo: your terminal is sort of like a video camera
<kirkland> Nafallo: recording everything it sees scrolling by
<kirkland> Nafallo: it doesn't have any intelligence about screen's windows
<Nafallo> hmm. yeah. not sure if I understand correctly or if what I saw was different :-)
<Nafallo> and the damn thing does the right thing at the moment.
<Nafallo> which isn't extremely helpful :-P
<incorrect> when i try and run a kvm I errors trying to connect to the framebuffer
<incorrect> i thought kvm was supposed to be fairly fast?
<Nafallo> incorrect: you might have better luck with those questions in #ubuntu-virt :-)
<incorrect> thanks
#ubuntu-server 2009-05-10
<slestak> any zenoss users here?  i'm tinkering with the vmdk version
<somnolence> is it possible that qemu-dm doesn't utilize proper drivers to boot from my cd-drive, it seems to crash every time it tries to boot the windows xp disk.
<Iceman_B|SSH> close
<afief> I've got an old Gusty machine I'd like to upgrade, could someone tell me what the best thing to do would be?
<panfist> hi, i have LAMP running and I have three folders in /var/www ... i can go to two of them and it starts serving me PHP, but if i go to the third folder it says forbidden. the permissions are all the same for all files and folders
<Kamping_Kaiser> panfist, are the permissions the same on the directory itself?
<panfist> yes
<Kamping_Kaiser> panfist, other then that, check /var/log/apache2/{access,error}.log for clues
<panfist> all directories are drwxr-xr-x
<panfist> error.log shows Directory index forbidden by Options directive: /usr/share/ampache/www
<panfist> oh
<panfist> i had to restart apache because i moved ampache files to /var/www
<jetole> does anyone know where I can ask questions about tc filters and queues and routing? I have asked a few places where no one seems to know the answer, especially the official spot lartc on oftc.net which I am one of two people to say something in 5 days
<mrhoden2009> Does anyone know how to set up RAID configurations?
<mrhoden2009> Anyone here?
<poningru> mrhoden2009, whatsup?
<poningru> raid?
<beornlake> hello - I'm looking for help with setting up a virtual interface for hosting a PPTPd VPN - anyone available to answer some questions by any chance?
<beornlake> I'll just toss this out there to see what sticks: I'm looking to set up a PPTPd server on my 9.04 VPS, but the VPS is configured at the host to have only one network interface (the global-facing en0). I'm looking for some guidance to help set up a virtual interface (or VLAN?) that I can hook the PPTP daemon to (for itself and the clients to use) - feel free to PM me if you like
<mrhoden2009> Does anyone know how to migrate a folder from an old drive to a new RAID 0 configuration?
<mrhoden2009> The old drive would be basically my server now.
<twb> mrhoden2009: RAID 0 is striping.  If *either* disk fails, you lose everything.
<twb> So RAID0 *doubles* your failure rate, rather than halving it.
<twb> RAID0 is only useful in certain limited applications, such as holding temporary copies of data while it is being crunched.
<mrhoden2009> I'm looking for speed which is why I was looking to do that, I already have pretty fast hardware, is there a way to use RAID 0 and RAID 1?
<twb> mrhoden2009: the right question is: do you care about your data?
<twb> If so, you do not want RAID0.
<mrhoden2009> I see your point.
<twb> Sometimes people use RAID0 on top of RAID1 (four disks), but IMO you'd be better off using RAID5 or RAID5 with two parity disks (sometimes called RAID6).
<mrhoden2009> let me see something real quick
<twb> Also, you will want md RAID (software RAID) unless you paid a couple of hundred dollars for your RAID controller.  Cheaper controllers are called "fakeraid", which you can read about on Wikipedia.
<twb> Regarding migration from a single-disk to a RAID system, the easiest way to go about this is to have a spare disk -- you set up the array, then copy the data across from the original disk.
<TimReichhart> could anybody help me out I can send out emails ok on my mail server but I cant receive any emails
<mrhoden2009> Two things: The reason I would do hardware is to speed things up. and Is it possible to set up the RAID config with some HDD's then copy the stuff from the original one that also has the OS on it
<ScottK> TimReichhart: What mail server program are you using?
<TimReichhart> im using dovecot/postfix
<ScottK> TimReichhart: OK.  What does /var/log/mail.log tell you about delivery attemps?
<twb> ScottK: fakeraid will not be significantly faster than md raid.
<twb> Sorry, bad completion.
<TimReichhart> well see im using mysql also that is been setup for the mail server
<ScottK> TimReichhart: Look in the logs.
<TimReichhart> ok
<TimReichhart> let me take a look here
<mrhoden2009> Do I need to word that better or do you know what I'm talking about?
<twb> mrhoden2009: I think I already answered your question: 14:01 *** TimReichhart JOIN
<twb> Gah.
<twb> mrhoden2009: I think I already answered your question: 14:01 <twb> Regarding migration from a single-disk to a RAID system, the easiest way to go about this is to have a spare disk -- you set up the array, then copy the data across from the original disk.
<mrhoden2009> Okay, thank you
<TimReichhart> what are you talking about twb?
<ScottK> TimReichhart: He just over copy/pasted.
<twb> My IRC client suppresses display of some messages, but they still exist in the buffer.  So I can inadvertently select them if the cursor is at their boundary.
<beornlake> anyone here happen to have experience with OpenVPN and/or setting up virtual network interfaces for a VPN server? I'd love to ask a few questions. :)
<lwizardl> hey
<lwizardl> I was wondering generally what does a traditional server (in a rack server case like 1U or 2U) cost to run in electricity ?
<T-KILLER> Hello there! I've just installed Ubuntu Server 9 and am looking to set it up for local and remote administration.  I want it to be a fully working web, mail and video server for a youtube type site using a CMS.  I have selected all the installed packages such as LAMP Java server, mail server, DNS server and so on but ommited the installation of virtual machine.  Just looking for general help...
<T-KILLER> setting up a control panel of some sort for remote administration and accessing ftp etc to install the cms once the web server is working to my liking...
<T-KILLER> but i really dont know where to start, I'm presented with te command line on the local server and don't really know where to go from there, a real newbie here!  Someone offer some guidelines and some directions what to do next ?
<infinity> T-KILLER: You may find some things at https://help.ubuntu.com/9.04/serverguide/C/index.html helpful.
<T-KILLER> thanks, ill go take a look now...
<T-KILLER> i need to install ffmpeg to this server but i cant find any apt get type install procedures on the ffmpeg site, it there an easy way to fully install the entire ffmpeg package to Ubuntu Server 9 using the command line ?
<T-KILLER> and reading a little bout ebox, would it be worth my while installing it on the server so i have a web gui to administrer the system ?
<T-KILLER> or are there better alternatives ?
<jetole> does anyone know if there is a copy of the 7.10/gutsy repo anywhere?
<jetole> T-KILLER: apt-get install ffmpeg
<jetole> you can either use "apt-cache search" or "apt-file search" although you will have to install apt-file and do an apt-file update or you can take a look at packages.ubuntu.com
<jetole> T-KILLER: I don't know about ebox but I know a lot of people ask about webmin which has a habit to break systems since it's an ambigious management tool for many versions of the same program but the best way to maintain your software is _KNOW_ how to maintain your software
<jetole> web based gui are there for people who don't want to bother learning how to properly manage a server / desktop
<jetole> albeit desktop users should not have to be as well informed but then again you are in the ubuntu-server room
<jetole> and yeah, running a server means knowing how to run a server essentially, I would not trust any general purpose all server management solution no matter what it's called unless it comes with and provides updates for all packages it manages i.e. a distro which includes the management software
<jetole> only one I know of that is close to being complete is called windows server
<jetole> emphasis on close
<a|wen> jetole: old-releases.ubuntu.com iirc
<jetole> a|wen: thanks, will check in a minute, just doing some tweaks on tc / routing
<Chipzz> jetole: while I agree with your sentiment, there are ways around that
<Chipzz> like use a database to store configuration, ie ldap
<Chipzz> ftp daemons support ldap, there's an apache plugin to read your whole apache config from ldap, dhcpd supports ldap, ...
<Chipzz> postfix supports ldap
<DarKnesS_WolF> hey fast question, any tools " other than FAI " to do auto / mass installation for ubuntu servers ?
<T-KILLER> ok, thanks for the advice
<XiXaQ> is there any reason why joomla isn't packaged for ubuntu?
<jetole> Chipzz: I have no idea what I said that you responded to you agreed with my sentiment
<jetole> Chipzz: I run postfix and dovecot both over ldap
<jetole> Chipzz: with details stored in MySQL
 * jetole shrugs
<jetole> XiXaQ: yes. because no one has packaged it but you are more then welcome to
<XiXaQ> it is packaged?
<XiXaQ> http://developer.joomla.org/section-blog/17-developer-team-blog/86-joomla-debian-package.html
<jetole> a|wen: I just changed the sources.list to use old.releases (after looking over the site first) and it worked like a charm, thanks
<jetole> btw, does anyone know how long and LTS release lasts for?
<a|wen> your hopefully temporary solution
<a|wen> jetole: the server-part lasts 5 years
<XiXaQ> jetole, 3 years on the desktop and 5 years on the server.
<jetole> a|wen: well when I have a chance to upgrade this machine I may but it is a firewall at a remote data center which means I won't be doing it remotely and will have to route around it when I do
<jetole> a|wen: thanks, do you know how often the server parts are released?
<jetole> hmmm, you know thats actually kinda depressing? the LTS have lower shelf life windows on updates
<a|wen> jetole: it is released around every 2 years for what i know
<jetole> so 10.4 should be another one I guess
<a|wen> it might ... not announced yet, so no guarantees
<jetole> cool
<jetole> well I was able to install a package I needed on 7.10 just now so I am happy
<a|wen> it can keep you going at least
<jetole> you know, I have spent the last week reading over tc and lartc and traffic shapping and queing disciplines and I find it odd that I don't see an automated way to limit bandwidth per connection
<jetole> or per IP
<jetole> you know, say no single IP in this network can go over this limit without specifying each IP
<a|wen> that might be right ... haven't played much with it
<jetole> well I am guessing I could go with a for loop in bash and set them all up
<a|wen> normally my challenge have been supporting dynamic IP lists
<jetole> I am really killing time right now too, have a project that needs to be done this weekend but I am half way through a 4 hour copy that I have to wait on atm
<jetole> dynamic IP on routing?
<a|wen> dynamically open/close IPs in the firewall
<jetole> i.e. tc filters?
<jetole> oh
<jetole> well there are a few ways around that
<jetole> there is a nmap sniffer / iptables rule tool, trying to remember what it is called
<jetole> also inline snort
<jetole> NAC such as openfire with compatible smart switch is good
<a|wen> i got it working with 100% iptables
<jetole> our firm uses two hp procurve 2650 btw, I love those switches
<jetole> oh you mean with the recent module?
<a|wen> yeah ... took some time finding that one though
<jetole> I used recent a couple years ago
<jetole> havn't had much of a use for it lately
<jetole> psad is a cool tool
<jetole> it's the anti-Nmap
<jetole> which it also claims to be but it does work
<a|wen> there are so many tools in this area
<jetole> yeah
<jetole> I'm going for a smoke, bbiab
<BioGuyver> Hi
<BioGuyver> Trying to get some clarification of a problem while installing Server 9.04
<Gargoyle> Wassup?
<BioGuyver> This is my first time installing Server so I just went ahead and did a default install and everything worked fine
<BioGuyver> I then went back and started the install process again to setup ths time on raided disks
<BioGuyver> I have used software raid plenty of times before but never at install time
<BioGuyver> I followed a couple of online guides but at the part where you create the raid disks in software it fails
<BioGuyver> The error on console 4 is mdcfg: mdadm: /dev/mdmd0 is not valid
<BioGuyver> That looks like a typo or error in the scripting to me?
<BioGuyver> I would expect that to be /dev/md0
<Gargoyle> Should just be /dev/md0?
<Gargoyle> :)
<BioGuyver> ok well that is kinda out of my hands as it is done during the install
<BioGuyver> so is there a proper way to log this as a bug then?
<BioGuyver> not sure how i move on from here
<Gargoyle> I'll have a quick check and see if the same happens here. Did you get any specific iso or just the standard one?
<BioGuyver> I am using server 9.04 but I got the same error trying alt 9.04 as well both on amd64
<BioGuyver> Thanks Gargoyle
<Gargoyle> Just two disks with a mirror?
<BioGuyver> yes a pair of 320 ide disks
<BioGuyver> I created 2 partitions on each as I plan to raid / and Swap
<Gargoyle> Just downloading the ISO, hang around in here for a bit and I'll let you know how I get on.
<BioGuyver> ok thanks. I am afk a bit but will keep checking here
<BioGuyver> Thanks again
<Gargoyle> np, been planning to have a poke around with 9.04 anyways! :D
<BioGuyver> btw just fyi I checked the hash on all the isos I have downloaded just to be sure
<Gargoyle> Seems OK so far. Only difference I can think of is that my VM is setup with virtual discs that showup as SCSI not IDE
<Gargoyle> BioGuyver: I followed this guide (https://help.ubuntu.com/community/Installation/SoftwareRAID) using the normal server CD
<BioGuyver> that is the exact guide i followed and my disks althou IDE show up constantly as scsi and as /dev/sda and /dev/sdb
<BioGuyver> at point 9 of the configuring raid bit if I take a look over at console 4 I get the error there where there is a prob creating /dev/mdmd0
<BioGuyver> for the record I just installed ubuntu desktop 9.04 and 8.10 on the box just clicking next next next and both installs are fine although they default to a single partition on the disks
<Gargoyle> Is that when you try to create the first raid partition?
<BioGuyver> the error on console 4 shows up as I create the first raid partition and I get the same error if I try and create a second too.
<BioGuyver> Then back on the partioner page after using finish I still only have my 2 raw devices listed. I don't have an MD) or MD1 to set mount points on etc
<BioGuyver> md0 even
<LMJ> Hi
<LMJ> Got to 2 ips on my server, how to tell him by default, use the IP eth0:0 not the one from eth0?
<Gargoyle> I think that is something to do with the metric
<TeLLuS> LMJ: Routing or HideNAT maybe.. Why do it matter when they are on the same subnetwork..
<Barbarella> LMJ:lok for 70-persistent-net.rules
<Barbarella> LMJ:it is in /etc/udev/rules.d
<LMJ> one ip is the administration, would like to hide it instead of spread it on each emails ;)
<LMJ> great Barbarella, thanks
<LMJ> thanks Gargoyle & TeLLuS too
<BioGuyver> Gargoyle: Just started the install with 8.04 alternate and I get the same problem but with a different error message
<LMJ> Barbarella  : that's udev rules, sound more insteresting to play with metric or route, no ?
<Gargoyle> BioGuyver: Just recording you a vid incase your missing something from the instructions.
<BioGuyver> this time it tells me an array by that name is already running but no indication of what array it is refering to. This is at point 9 again
<BioGuyver> thanks Gargoyle
<Barbarella> LMJ:you can tell which driver to load on which eth
<celephais_> Hi, when i transfer files with scp using gigabit ethernet i get Corrupted MAC on input. If i use a different NIC 10/100 i get no error. I red that it can due to NIC buffer corruption. Is there a way to chack this?
<celephais_> *check
<Gargoyle> celephais_: Do you have CAT5e cable?
<LMJ> Barbarella : ha yes, I could use /etc/iftab too but this ip is a failover IP, it could be used on several server and I only have one ethernet card
<celephais_> Gargoyle, let me check....
<celephais_> Gargoyle, yes 5e
<Barbarella> LMJ:than you can use ifconfig for it, if it is a static ip
<LMJ> Barbarella : ifconfig eth0 ip.ip.. netmask etc.. ?
<Barbarella> yes
<Barbarella> and route your default gateway
<Gargoyle> BioGuyver: Can you play quicktime .mov's?
<Gargoyle> BioGuyver: http://ga.rgoyle.com/irc/Ubuntu-9.04_Server_Install.mov
<BioGuyver> Gargoyle: Thanks, I am just gonna watch it now. I have put a couple of pictures of the screen I am getting here: http://www.miracles.co.uk/Temp
<BioGuyver> Gargoyle: watching your video and we are both the same right up until you choose automatic partition on the new disks. I did mine manually
<Gargoyle> BioGuyver: You could try automatic. Not sure if there is something extra it does - I just knew it was a quick way to crate a main partition + swap partition.
<BioGuyver> Gargoyle: then when you create the first raid device itremoves sda1 and sdb1 from your options for creating the second raid device but for me it still shows both pairs as it has failed to create any raid devices at this point
<BioGuyver> Gargoyle. Going to go and try that now :)
<BioGuyver> Gargoyle: Used the auto partition tool and still get 'mdadm: another array by this name is already running' :(
<Gargoyle> BioGuyver, Strange!
<BioGuyver> very
<Gargoyle> BioGuyver: Have you tried completely removing the partitions from the disk with fdisk and then restarting the install ** OBVIOUSLY THIS WILL DELETE ALL THE DATA ON YOUR DISK **
<BioGuyver> that is the same error for both 8.04.2 and 9.04
<BioGuyver> yes tried that while using the LIVECD
<BioGuyver> will try again now thou and then use the auto partition as per your video
<BioGuyver> Thanks for the help thou Gargoyle
<Gargoyle> No probs
<incorrect> I am thinking about using zimbra for my email system, are they any other alternatives?
<uvirtbot> New bug: #374427 in openssh (main) "doesn't accept multiple keys in id_rsa" [Undecided,New] https://launchpad.net/bugs/374427
<BioGuyver> Gargoyle: Used fdisk to delete the partion tables from the disks and it made no difference. At this point I think I will do a single disk install and convert to raid once the machine is up and running :(
<BioGuyver> Gargoyle: Thanks for all the help thou
<Gargoyle> BioGuyver: OK, Hope you get it sorted.
<BioGuyver> Gargoyle: yep I have no idea why it is failing on my system. I am gonna run up another hardware box during the week and try again just to find out if it is the hardware in this server
<uvirtbot> New bug: #297576 in samba (main) "cifs mounts become inaccessible when another user fails to mount cifs share" [Undecided,Invalid] https://launchpad.net/bugs/297576
<philsturgeon> i've done it again... my mysql is locked out.in virtualmin it listed root as having 3 different permission entries. the permissions were the same but the hosts were different. one saying localhost, one saying server host name and one saying 127.0.0.1. i changed localhost to Any (%) and now i get there error DBI connect failed : Access denied for user 'root'@'localhost' (using password: YES)
<philsturgeon> i have another mysql user with all privileges, could i perhaps change this back somehow?
<philsturgeon> via command linevia SSH
<Hecate> philsturgeon, did you run mysql_secure_installation? it should take care of all those users, etc.
<philsturgeon> i do not know what that is
<Hecate> man mysql_secure_installation
<philsturgeon> ok
<Hecate> however i dont know, if it will work, if your mysqld is already fubar.
<philsturgeon> well it asks for a password then says access denied again
<philsturgeon> as i said i have another user that can do anything to any db. can i simply edit a field in mysql or information_schema
<philsturgeon> ahh i can leave it blank and set a new one :)
<philsturgeon> no joy. its blocked with the error http://pastie.org/473638
<Hecate> hmmm. i have had a similar problem some time ago.
<Hecate> this might help: http://dev.mysql.com/doc/refman/5.0/en/resetting-permissions.html
<Hecate> UPDATE mysql.user SET Host='localhost' WHERE User='root';
<philsturgeon> whoop, my plan worked. logged in via command line and ran update user set host = "localhost" where host = "";
<Hecate> that should help you.
<philsturgeon> thank god for having that extra user with rights. last time this happened i rebuilt the server :$
<Hecate> well, i've just given you all you need to reset it.
<Hecate> i've committed that "fatal mistake" before and was that >< close to purging mysql, but i figured it out, how to resolve it.
<incorrect> damn it, jaunty ldap-auth-config doesn't generate working config
<Chipzz> Hecate: easiest solution is: cp /etc/mysql/debian.cnf ~/.my.cnf ; editor ~/.my.cnf
<Chipzz> (as root)
<Hecate> Chipzz, for doing what? resetting the authorized host/password of a suer?
<leOn> hey .. any chance to get a xen kernel running on jaunty ?
<uvirtbot> New bug: #374501 in likewise-open5 (universe) "Likewise-open5 login gives error code 0x0000200c" [Undecided,New] https://launchpad.net/bugs/374501
<soren> leOn: dom0 or domU?
<leOn> dom0
<leOn> well .. both actually
<leOn> i read somewhere that kvm was the official virtualization platform in ubuntu
<soren> leOn: -server works as a domU.
<soren> leOn: That's also true.
<leOn> but i was hoping to get it working with xen too
<leOn> hmmm
<leOn> ok .. i use xen all the time, and this is my first serious ubuntu try out
<soren> You can use the dom0 from Hardy.
<soren> and user the -server kernel as domU.
<leOn> is there any nice gui tool to manage kvm platform in ubuntu?
<leOn> the problem is that for hardware support reasons i need a kernel >= 2.6.27 ..
<soren> leOn: As your dom0?
<leOn> yep
<soren> virt-manager is the preferred gui tool to manage kvm VM's.
<soren> I don't think we have a dom0 more recent than 2.6.24.
<leOn> i may be wrong .. but i'm not so convinced that kvm is a more serious virtualization platform than xen ... but that's only MHO
<leOn> either way it's a shame that ubuntu doesn't provide dom0 kernels in recent versions
<slestak> is libvirt and kvm usable for a production server?  I have been tinkering with vmware-server for a couple of weeks.  would rather stick with foss stack
<soren> slestak: They are, yes.
<slestak> soren: thx.
<leOn> soren: can i use the -generic kernel instead of the -server with the kvm solution ?
<soren> leOn: Yes.
<leOn> guess i'll give kvm a try ...
<leOn> can you pont me any ubuntu related docs for kvm ?
<soren> leOn: https://help.ubuntu.com/community/KVM
<leOn> thanks
<leOn> for windows the only choice is full virtualization, right?
<soren> Yes.
<Noble> Is there any way to remove the ubuntu-desktop dependencies?
<celephais> Hi, do you know any issues with module sky2 on hardy?
<Noble> I installed ubuntu-desktop on my server, and now I want it gone ^^
<celephais> It give me data corruption with scp
<leOn> celephais: are you sure it's the NIC?
<celephais> using the secondary NIC ( 10/100 ) no data corruption with scp
<celephais> that is 3Com Corporation 3c905B 100BaseTX
<celephais> the one that give data corruption is Marvell Technology Group Ltd. 88E8053 PCI-E Gigabit Ethernet Controller
<leOn> have you tried with a different kernel version?
<celephais> now i use 8.04 but some month ago i tried 8.10, same problem
<celephais> better to buy a different NIC?
<saylar> hey guys. I'm stuck with my mail server setup and I could need some help. Right now I'm sending my mail through the local exim server which then uses my isp smarthost to send the mail. Furthermore I'm polling 4 different pop3 server with getmail and deliver the mails to the local imap server. all this is working well. what I wanna do now is, send and receive my mails through local ssh tunnels. any suggestions or hints are very welcome 
<uvirtbot> New bug: #374537 in munin (universe) "Munin-node have a empty /etc/munin/plugins folder" [Undecided,New] https://launchpad.net/bugs/374537
<FFForever> Anyone around?
<ivoks> no
<FFForever> ntpdate "fixes" my time =\
<FFForever> only problem is it says my time is tmw...
<FFForever> chris@chr1831:~$ sudo ntpdate pool.ntp.org
<FFForever> 11 May 01:06:45 ntpdate[10827]: step time server 64.62.228.129 offset 54000.686280 sec
<ivoks> is the time correct?
<ivoks> is 01:06?
<FFForever> no lol
<ivoks> is it...
<ivoks> then you have misconfigured system
<ivoks> set to a wrong timezone
<FFForever> how do i reconfigure it, i ran dpkg --reconfigure tzconfig, i set it to etc -> gmt -8 (california)
<ivoks> tzconfig
<FFForever> tzconfig is outdated :P
<ivoks> tzselect :)
<ivoks> check /etc/timezone
<FFForever> ivoks, =(
<ivoks> what's in /etc/timezone?
<FFForever> how do i set this system wide?, TZ='America/Los_Angeles';
<FFForever> it just says i can put that in my .profile...
<ivoks> what's in /etc/timezone?
<FFForever> Etc/GMT-8
<FFForever> change it to America/Los_Angeles?
<ivoks> yes
<ivoks> but i guess that's the same timezone
<FFForever> ivoks, so i need to reboot after the change?, or can i do it without a reboot it is a server after all...
<FFForever> root@chr1831:~# ntpdate pool.ntp.org
<FFForever> 11 May 01:11:58 ntpdate[10875]: adjust time server 64.62.228.129 offset -0.000370 sec
<FFForever> root@chr1831:~# date
<FFForever> Mon May 11 01:12:02 GMT-8 2009
<ivoks> don't paste here
<FFForever> sorry
<FFForever> it says its giving me the gmt -8...
<ivoks> hm, i don't know where ntpdate checks the timezone :/
<FFForever> can i disable ntp?
<ivoks> you should really use it
<ivoks> let's fix the problem, not override it
<ivoks> give me a minute or two
<FFForever> ok
<ivoks> ah...
<ivoks>  /etc/localtime
<ivoks> cp /usr/share/zoneinfo/America/Los_Angeles /etc/localtime
<FFForever> ok now?
<ivoks> ntpdate
<FFForever> that fixed it :D
<FFForever> instantly...
<ivoks> i'd suggest runing ntp server, instead of ntpdate
<ivoks> ntpdate shifts time, if diff is > than 0.5 seconds
<ivoks> that could cause problems for some programs
<FFForever> kk
<ivoks> ntp server makes time slower or faster if there's a diff
<ivoks> dovecot, for example, will die when time shifts
<FFForever> why do we count up in seconds from a date?
<FFForever> (when using linux)
<ivoks> since 1.1.1970.?
<FFForever> that sounds about right :D
<FFForever> yeah
<ivoks> that's the begining of time for unix
<ivoks> http://en.wikipedia.org/wiki/Unix_time
<FFForever> but why?
<gourgi> why not :-P
<ivoks> hahaha
<ivoks> why is now 2009.?
<FFForever> lol
<ivoks> read the link
<FFForever> and because... isn't storing a long string like that a waste of mem?
<ivoks> it's an integer, not a string :)
<ivoks> since it's a signed 32bit integer, having it 0 or 1234567890 takes the same amount of memory
<ivoks> and as we as shifting to 64bit that amount will even get bigger :)
<ivoks> http://en.wikipedia.org/wiki/Year_2038_problem
<FFForever> ivoks, my cpu is 64bit but i still use 32...
<Hecate> 64bits ftw ;)
<FFForever> not everything (damn flash...) works in 64bit...
<Hecate> FFForever, it does.
<ivoks> flash works in 54bit
<ivoks> 64 even :D
<FFForever> since when... last time i tried flash it didn't work in 64bit..
<FFForever> that was like 2 years ago though...
<ivoks> 2 years in posix time is... a lot
<Hecate> http://labs.adobe.com/downloads/flashplayer10.html
<FFForever> XD
<FFForever> is ti as stable as 32bit?
<Hecate> probably the first time linux was favoured.
<Hecate> it is.
<FFForever> perfect :D
<FFForever> ill make the change next time i have to redo my system...
 * ivoks doesn't have 64bit cpu in laptop :/
<Hecate> want some pity?
<Hecate> ;)
<ivoks> :)
<ivoks> take care
<FFForever> has anyone gotten suphp to work with ubuntu?
<FFForever> when i try it i get could not execute "/path/to/index.php"
<andol> FFForever: I use suPHP on a couple of servers.
<FFForever> andol, could u help me get it working?
<andol> FFForever: Well, if nothing else I should be able to give you a few pointers
<FFForever> any idea why i get the could not execute error?
<FFForever> nothing happens in the error.log or suphp.log (says it changed the uid/guid) and access.log shows it was a 500 error
<andol> FFForever: First of all you should make sure you configure /etc/suphp/suphp.conf the way you want it. The default is not neccesary what you might expect.
<andol> FFForever: Have you looked in syslog?
 * Nafallo uses andol on a few servers
<FFForever> no, i got pissed and removed all suphp config lol
<FFForever> andol, i had to set the docroot to / or else it would error script not in doc root (even with the check set to false...)
<andol> FFForever: Well, just did a simple tests myself. At least I got my error in /var/log/apache2/error.log
<FFForever> nope =(
<FFForever> only error i got was from restarting apache...
<andol> FFForever: Well, feel free to give me a paste.ubuntu.com of your suphp.conf as well as a "ls -la" of the script directory
 * andol is running Ubuntu 8.04 on his servers by the way
<FFForever> i compiled myself, brb resetting up suphp gimmie 5mins :D
<FFForever> i am on 8.10 only ubuntu the vps provider offered
<FFForever> andol, http://vps.chr1831.com/ and lemme install pastebinit
<FFForever> andol, http://pastebin.com/f4a8d971b i know the permissions should not be enabled for group/world writeable but i need it for a few scripts :D
<FFForever> and i added this to my vhost http://pastebin.com/df815590
<andol> FFForever: A "ls -la" of your DocRoot wouldn't hurt either.
<FFForever> andol, http://pastebin.com/d41ae3da3
<FFForever> the .htaccess is blank
<andol> FFForever: Well, can't see any major errors upfront. Sure everything is installed/compiled correctly? php5-cgi installed?
<andol> FFForever: Tried using the version from the repositoires?
<FFForever> yeah php5-cgi is installed
<FFForever> andol, the version is so outdated...
<FFForever> 0.6.2
<andol> FFForever: Anything you need in newer versions?
<FFForever> andol, no but the i already tried 0.6.2 :D
<FFForever> andol, anyways this is the only real error in the error log =\, File does not exist: /home/chris/public_html/favicon.ico
<andol> That error shouldn't matter
<andol> Have you tried keeping it none-world-writable, just for debuging (no matter what the conf says)
<FFForever> andol, yeah =\
<leOn> hmm.. trying out kvm. there's something wrong with the keyboard mapping
<FFForever> andol, http://pastebin.ca/1418424
<FFForever> thats from the suphp.conf...
<FFForever> i mean suphp.log
<jussi01> hi all - anyone know how to fix this?
<jussi01> Your account has expired; please contact your system administrator
<jussi01> chfn: PAM authentication failed
<jussi01> adduser: `/usr/bin/chfn phon' returned error code 1. Exiting.
<FFForever> andol, can i see what you added to your vhost?
<jussi01> that was after an adduser
<leOn> FFForever: did you enable chroot in suphp.conf ?
<FFForever> leOn, no
<FFForever> its commented out
<FFForever> leOn, http://pastebin.com/f4a8d971b should be my suphp.conf
 * andol wishes the channel wouldn't scroll when he is trying to copy and paste :-)
<andol> FFForever: You don't have any other PHP directives in your apache conf? Have you tried simply moving the .htaccess away?
<leOn> man .. are you sure you want all those allow_file_* and allow_directory_* writable = true?
<FFForever> andol, i have tried =\, and there is no other php directives... i disabled php5
<FFForever> leOn, yeah :D
<leOn> what version of suphp are you using ?
<andol> FFForever: This is the suphp-conf I add to apache, by modes-enabled/suphp.conf http://paste.ubuntu.com/168940/
<andol> FFForever: Perhaps a stupid question, but since you've done this yourself, I'm sure you'r loading the module as well?
<FFForever> andol, yeah look @ vps.chr1831.com it says suphp  0.7.1 :D
<FFForever> it surely has to mean its loaded right no?
<andol> should meen that yes
<andol> FFForever: Nothing fishy about your index.php then? Have you tried something really simple like a script only doing an echo statement or so?
<FFForever> ive spent exactly 1 week on this...
<FFForever> andol, LOL!!!, its just using the .php extension and the only thing in that in BLAH!!! - this is a test
<FFForever> no wait i am wrong.. i changed it to phpinfo();
<andol> FFForever: How about if you just give us a pastebin of your index.php, just for the sake of it?
<leOn> FFForever: what should be the docroot?
<FFForever> leOn, i have it set to / since ${HOME}/public_html/ does not work for me...
<FFForever> and one moment ill pastebin it
<FFForever> andol, leOn, index.php http://pastebin.com/f5afa204c
<leOn> that file is in a users public_html folder already ?
<FFForever> leOn, nothing i made it manually
<FFForever> and i already deleted .htaccess
<leOn> what does exactly happen when you try to access it?
<andol> FFForever: Sure you don't have any userdir settings confusing apache, how about using a folder not named public_html?
<FFForever> andol, i am sure thats not the problem, i already moved it to /home/chris/blah once :D
<FFForever> also i get the same error when using ~chris at the end of the url
<andol> FFForever: Another option, instead of putting docroot to /, how about just "commenting it out" using a ;
<FFForever> andol, one moment
<FFForever> andol, same thing =\
<andol> FFForever: Wait, now I think I have it :)
<FFForever> what?
<andol> replace x-httpd-php="php:/usr/bin/php5" with application/x-httpd-php=php:/usr/bin/php-cgi
<FFForever> nope
<FFForever> won't change anything... =(
<andol> FFForever: /usr/bin/php is the CLI version, while php-cgi is the cgi version
<FFForever> since php5 is a symlink for php5-cgi
<andol> Ohh, bummer
<FFForever> i don't have the cli version
<FFForever> ive had it set to php5-cgi, php5, php, php-cgi lol
<leOn> sorry but i didn't "hear" the problem from start .. what is exactly the problem?
<FFForever> ...
<FFForever> andol, changing it to php5-cgi works :D
<FFForever> ...
<FFForever> ...
<FFForever> i guess after installing the php5 module for apache it fixed something =\
<FFForever> and disabling it
<andol> FFForever: Another stupid question :) You've been restarting apache between changes, right?
<FFForever> andol, ofc :D
<FFForever> woot my week long problem has been fixed :D
<andol> Well, glad it worked out, for whatever reason it did :)
<billybigrigger_> good day all
<FFForever> i am an idiot....
<FFForever> root@chr1831:/etc/apache2# ls /usr/bin | grep php
<FFForever> php-cgi
<FFForever> php5-cgi
<FFForever> whoops sorry didn't mean to paste that in this room....
<billybigrigger_> im new to raid, and have 2 identical seagate 500gb 7200.11 sata disks, and i want to run them in raid, they are both ext4, what is my best option for raid? and should i do software? or configure raid through my asus bios?
<leOn> billybigrigger_: you want to mirror the disks or concatenate them ?
<billybigrigger_> probably mirror
<leOn> i.e. .. use the 2 disks to have 500gb and in the case on fails you don't loose the data
<billybigrigger_> as then if one goes down i can rma the drive or buy a new one as they're $70 and still have my data right?
<billybigrigger_> ya mirror
<FFForever> how can i add a user quota of 500mb?
<leOn> or use the 2 disks and concatenate them in 1TB logical drive and risk loosing everything in case of them dies ..?
<FFForever> leOn, raid is not a backup solution :D
<FFForever> if someone hacks ur server and deletes the files ur screwed...
<billybigrigger_> leOn::: no, i don't need 1TB, i'd rather have 500gb mirrored
<leOn> billybigrigger_: you want raid1 then
<billybigrigger_> k
<billybigrigger_> leOn::: and hardware raid though my bios is the best option correct?
<FFForever> leOn, do u know how i can give a user a quota?, for /home/username
<leOn> FFForever: i never said that raid was a backup solution
<leOn> billybigrigger_: my personal opinion would be software raid
<FFForever> leOn, just making sure :D, i know someone who ran a pretty big website using raid as a backup...
<leOn> hw raid only really matters for raid5
<billybigrigger_> and raid5 is?
<leOn> raid5 will make you more space available than raid1 and still get data integrity in the case of a disk failure
<leOn> but mininum of disks for raid5 is 3 disks
<billybigrigger_> raid 5 is striping no?
<leOn> and you loose 1/3 of disk capacity
<leOn> raid0 is stripping
<leOn> the thing about hw raid is that if your controler dies, you need to get another similar controler
<billybigrigger_> ahh
<leOn> and it doesn't really pay off unless it's for raid5, in terms of performance
<billybigrigger_> onboard controller = no good
<billybigrigger_> ok, so i setup raid in the ubuntu install?
<leOn> i would say yes
<billybigrigger_> or after ubuntu's installed? i've never really paid attention so im new to this
<leOn> FFForever: mount the /home filesystem with the usrquota option
<leOn> and enforce disk quotas
<FFForever> leOn, /home is part of /, its a vps
<billybigrigger_> next question, filesystems, am i going to gain/lose performance by going with a certain fs for raid? ie will my two ext4 disks perform better than using reiser or ext3? or does raid configuration have no effect on performace?
<leOn> FFForever: that kinda sucks then
<leOn> =)
<leOn> billybigrigger_: i would advise you ext3 or xfs
<billybigrigger_> not ext4?
<billybigrigger_> is that becuase of the early ext4 problems?
<billybigrigger_> with data loss and such?
<billybigrigger_> or do ext4 and raid not play nice or why?
<leOn> and i would advise you also to read some benchmarks comparisons and think what type of files and folder arrangement you're going to have on that fs
<billybigrigger_> i have a mix
<FFForever> apt-clean just cleared my system of 500mb... =\
<billybigrigger_> i have small mp3's, to my large HD camera videos
<leOn> big files vs small files, etc
<leOn> imho ext4 is still a baby
<leOn> i wouldn't use it for anything important
<billybigrigger_> but having raid1 will have a copy of my files if the ext4 fs gets corrupted? or does it corrupt both since its a mirror?
<Nafallo> billybigrigger_: both
<billybigrigger_> thought so
<Nafallo> billybigrigger_: you confuse disks with file systems I think
<Nafallo> billybigrigger_: two disks, one file system
<billybigrigger_> hehe no i dont
<billybigrigger_> both disks have to run the same fs no?
<billybigrigger_> or can i have 2 disks with ext3 and ext4 on each disk?
<Nafallo> no. both disks are seen as ONE disk.
<billybigrigger_> im just new to raid, i know the difference between a disk and a fs :P
<Nafallo> on top of that ONE disk you put ONE file system
<billybigrigger_> k
<leOn> raid means that you build a logical drive
<leOn> and it's in that drive (like it was a new disk) that you're going to make the fs
<billybigrigger_> ahh
<leOn> so the system actually only sees 1 harddrive
<Nafallo> see. you were confused about disks and file systems ;-)
<leOn> which is logical and is composed by the two physical drives
<billybigrigger_> no, confused how raid worked :P
<Nafallo> well. that's not really relevant.
<Nafallo> what's relevant is that you will have ONE file system :-D
<billybigrigger_> yeah, i thought raid would still see 2 disks, both with the same fs, and both disk 2 would be a copy of disk 1, i didnt realise raid created 1 disk out of both disks
<billybigrigger_> k
<billybigrigger_> off to reinstall i guess then
<billybigrigger_> any tips? :P
<billybigrigger_> raid 1 with ext3 should suit my needs then?
<leOn> i would say it's the safe bet
<billybigrigger_> roger
<billybigrigger_> thanks a bunch, ill let ya know how it went
<billybigrigger_> also
<billybigrigger_> what dir can i backup to my /home for my apt packages? like i've already downloaded them once, can i copy them to home and back after the reinstall and then just sudo apt-get update && sudo apt-get upgrade and it just updates without downloading?
<billybigrigger_> or is that looking to get some broken packages?
<uvirtbot> New bug: #374567 in tomcat6 (main) "tomcat6 with spring throws org/springframework/core/NestedExceptionUtils" [Undecided,New] https://launchpad.net/bugs/374567
<wizardslovak> i need help of someone to guide me true installing and configuring email server
<incorrect> what websvn tool do people like?
<leOn> virt-manager is calling kvm with -k en-us
<leOn> how can i change that?
<uvirtbot> New bug: #374589 in samba (main) "samba server fails to start on boot time when laptop is not connected to any network." [Undecided,New] https://launchpad.net/bugs/374589
<leOn> ok .. i managed to change the -k parameter .. but deadkeys don't work
<leOn> any ideas?
<FFForever> is there any useless packages i can remove?
<FFForever> to slim down ubuntu-server
<andol> FFForever: Generally useless, probably not, but perhapse useless for you. If nothing else you can always do a "dpkg --list" and see if you find something you know you won't need.
<andol> FFForever: On the other hand, not sure how much you'd actually gain.
<FFForever> i have a 6gb vps..., ubuntu takes about 1gb =\
<Noah0504> Can anyone help me force the www in my domain name?
<andol> FFForever: You could probobly save a couple of hundred MBs by keeping your apt-cache empty
<FFForever> how do i do that?
<FFForever> i don't use apt-cache search....
<andol> FFForever: apt-cache search will work anyway. I'm talking about the saved deb-files apt likes to keep around
<FFForever> ohhh i already cleaned them...
<andol> FFForever: Should some setting somewhere allowing you to tell apt how much of those to keep around. Otherwise apt-get clean is the easiest way.
<FFForever> i clean it after all installs :D
<andol> FFForever: How about you install some kind of virtuell ubuntu server, running from your desktop computer or so. Then you can try removing packages and picking it apart until it breaks :)
<FFForever> lol :)
<quizme> how do i install a ppa file ?
<andol> quizme: Adding a ppa file? Downloading a specific .deb from a ppa or adding a ppa as a repository?
<quizme> andol i figured it out.  basically, i didn't need to do anything with the ppa.  I was just confused by the website.  i just needed to add a repository source then do apt-get update then apt-get install keepassx.
<quizme> i still don't know what a ppa is
<ajmitch> a PPA is a repository
<ajmitch> specifically one that's available on launchpad where everyone can upload source packages to their personal archive & they get built
<andol> quizme: Well, glad it worked out anyway :) If you want to read more about PPAs, feel free to take a look at https://help.launchpad.net/Packaging/PPA
<quizme> andol is launchpad a famous company or something?
<andol> quizme: Heard about Canonical? :)
<quizme> andol: no
<andol> quizme: Well, it might just be a good company to be at least somewhat familiar with if you run Ubuntu...
<andol> http://en.wikipedia.org/wiki/Canonical_Ltd.
<quizme> andol: very interesting.  i just read about him
<quizme> mark shuttleworth
<quizme> wow cool
<quizme> i think ubuntu will win
<quizme> $30M/yr
<wizardslovak> 30mil a year for what?
#ubuntu-server 2010-05-10
<uvirtbot> New bug: #578035 in openssh (main) "ssh-askpass-gnome doesn't prompt for password in any release post ubuntu 8.10 32/64bit" [Undecided,New] https://launchpad.net/bugs/578035
<trimeta> Are there any known issues with upgrading a server from Karmic to Lucid?
<trimeta> I'm less worried about GUI changes than I am about my Apache still working, that sort of thing.
<scar> what could be wrong with my server where the hdd's are not detected (bios just waits and waits) in AHCI mode but they are in IDE mode?  and just yesterday, before installing ubuntu, they were detected in AHCI mode?
<borden> hi , I've just installed phpmyadmin but it still throws the same mysql error which has existed since the release candidates , there already is a bug report on launchpad and its status is "won't fix" here is the link : https://bugs.launchpad.net/ubuntu/+source/mysql-dfsg-5.1/+bug/566736 , so what are we supposed to do now ?
<uvirtbot> Launchpad bug 566736 in mysql-dfsg-5.1 "mysqld does not start reliably..." [Low,Won't fix]
<enav> hi people i got a problem using ubuntu server edition... i cant make ebox run propertly... can i have some help here???
<enav>  hi people i got a problem using ubuntu server edition... i cant make ebox run propertly... can i have some help here???
<_Snark> So. I don't suppose anyone has any advice on installing 10.04 on an ion n330 platform with fakeraid?
<_Snark> aside from don't..
<jturek> Snark, actually i have seen a few people make DIY NAS with fakeraid using the small form factor N330
<jturek> Snark, not going to say you could use all your data though <grin>
<echosystm> ok dudes
<echosystm> how do i get the ssh client to disconnect?
<echosystm> ive uncommented escapechar in /etc/ssh/ssh_config
<echosystm> but when i do ~~. it stil doesnt work
<echosystm> what is this madness?
<jturek> try ~? to see if you get a list of options
<jturek> ~. should be the same as the telnet CTRL-]
<jturek> if you set your Escape Char to ~
<echosystm> doesnt work jturek
<echosystm> :/
<echosystm> just to clarify
<echosystm> hold shift, press `, press /, release shift ?
<enav> hi people i got a problem using ubuntu server edition... i cant make ebox run propertly... can i have some help here???
<jturek> echosystm: http://www.void.gr/kargig/blog/2006/01/24/ssh-escape-characters/ has a quick run down
<jturek> 1
<scar> jturek, why not be able to use all the data?
<scar> echosystm, it has to be done on a new line i think, so push enter first, shift+`, release shift, then period
<_Snark> [14:20] <jturek> Snark, actually i have seen a few people make DIY NAS with fakeraid using the small form factor N330
<_Snark> ^^ wish i could talk to them then
<uvirtbot> _Snark: Error: "^" is not a valid command.
<_Snark> 10.04 has the fakeraid bug on this hardware
<_Snark> after some messing about i can get the installer to complete, but grub is still stuffed.
<owen1> after i upgraded to lucid, i can't login. i see a wallpaper, the mouse is responding, keyboard is not and no login screen shows up. i can, however ssh to my machine. any tips?
<MrPancake> What's the "ubuntu approved" way to disable a service from starting on boot?
<RoyK> rm /etc/init.d/Sxxnameofservice
<Jeeves_> You can usually set some parameter in /etc/default/
<RoyK> erm
<RoyK> no, rc2.d
<RoyK> not init.d
<Jeeves_> RoyK: I can not imagine that that's the 'ubuntu approved' way
<RoyK> but I don't know if that is 'approved'
<RoyK> works, though
<RoyK> that's why you have symlinks in rc2.d starting with S for start...
<stanman246> hi in here, i've got me a broken raid5 (4 disks, one broken). Made a backup of the disks and removed the faulty disk. mdadm --detail --scan shows me I've got an array on /dev/md0. I can't mount it though, getting a : structure needs cleaning as a result of the mount attempt. What could I do?
<Pirate_Hunter> hi i've got backed up files on a server which are backed up as .tgz is there a way for me to explore inside the .tgz file and extract the folder I want?, if there is can someone provide the commands, thanks
<stanman246> do you use a ubuntu desktop?
<alvin> I upgraded a Karmic server with dovecot-postfix to Lucid and now mail users can't log in anymore. Where can I find dovecot-postfix.conf (that file seems to be gone)
<hallyn> (i notice there is no blueprint for https://wiki.ubuntu.com/Specs/LXCSupportInEucalyptus )
<alvin> I found files in /etc/dovecot/conf.d. Are these autogenerated, or can I change them back to the right settings?
<ivoks> hi
<ivoks> alvin: what's the problem?
<ivoks> oh, i see
<alvin> ivoks: Hi. Well, i'm not finding where to change stuff
<ivoks> well, dovecot's config changed a lot
<alvin> Most of the settings are changed
<ivoks> some of the attributes that existed before do not exists any more
<alvin> Oh? Is there any documentation?
<ivoks> on upgrade, if you didn't change anything in dovecot-postfix config
<ivoks> postinstall will just install new version of config
<alvin> I'm now comparing the old config file to the files in conf.d and auth.d
<ivoks> do you know what you have changed in karmic's dovecot-postfix.conf?
<ivoks> just a second...
<alvin> Yes, I have a copy and used dovecot -n c <originalfile>
<uvirtbot> New bug: #578176 in quagga (main) "ospfd crashes with assertion failed on lucid" [Undecided,New] https://launchpad.net/bugs/578176
<_ruben> !info quagga
<ubottu> quagga (source: quagga): BGP/OSPF/RIP routing daemon. In component main, is optional. Version 0.99.15-1 (lucid), package size 1533 kB, installed size 5272 kB
<alvin> Ouch, first_valid_uid is not valid anymore :-(
<ivoks> i'm back
<ivoks> when you start dovecot, it will complain what's wrong
<alvin> Yes, it does. Problem is. I used a user 'mail' with uid 8 and dovecot no longer accepts first_valid_uid
<alvin> Error: Error in configuration file /etc/dovecot/auth.d/01-dovecot-postfix.auth line 2: Unknown setting: first_valid_uid
<ivoks> alvin: if you want custom changes, my advice would be to create additional config file in conf.d
<alvin> So, I shouldn't change 01-dovecot-postfix.conf
<ivoks> that's the only file in conf.d?
<alvin> I just wantd to keep my configuration from karmic, but that is destroyed
<alvin> yes
<alvin> well, there's also 01-dovecot-postfix.conf.dpkg-old (because of the upgrade)
<ivoks> it's not; it's in /etc/dovecot/dovecot-postfix.old or something like that
<ivoks> isn't it?
<alvin> There is no file /etc/dovecot/dovecot-postfix*
<alvin> I do have a backup of that file, but the originl was deleted on upgrade
<ivoks> it was merged in 01-dovecot-postfix.conf
<ivoks> that's basicaly, your config
<alvin> and changed I see
<ivoks> changed?
<alvin> maybe the first_valid_uid should go into that file. I have put it in auth
<alvin> Yes, almost all settings I had were changed
<ivoks> it isn't it just split it into two files
<alvin> location of maildir, authentication, protocols,... everything
<ivoks> ok, let's start over
<ivoks> in karmic, you installed dovecot-postfix, right?
<alvin> yes
<ivoks> then you changed /etc/dovecot/dovecot-postfix.conf?
<alvin> yes
<ivoks> then you upgraded to lucid
<alvin> also yes
<ivoks> as an author of dovecot-postfix
<ivoks> postinstal script should've split your custom dovecot-postfix.conf into two files
<ivoks> one is conf.d/01-dovecot-postfix.conf
<ivoks> and the other is auth.d/01-dovecot-postfix.auth
<alvin> Is there a way to run that postinstall script on a custom file? (my original dovecot-postfix.conf)
<ivoks> then it offered you a diff/merge options for both of those files
<alvin> I do have those files, but the contents are not the same as the original dovecot-postfix.conf
<ivoks> correct?
<alvin> it didn't. It offered me to diff/merge dovecot.conf
<alvin> because that file wasn't used, I let the upgrade overwrite the file
<ivoks> so there's nothing except 01-dovecot-postfix.conf in conf.d?
<ivoks> not even .old?
<alvin> that's the only question I got during upgrade
<alvin> Only 01-dovecot-postfix.conf and 01-dovecot-postfix.conf.dpkg-old
<ivoks> so, there is dpkg-old
<ivoks> that's your old config
<alvin> yes
<alvin> is it safe to use?
<ivoks> that file gets created when you overwrite your old conffile with a new one
<ivoks> don't use it, adopt it
<alvin> Very well. I'll do that. I'll let you know how it ends
<ivoks> rename it to 02-something.conf
<ivoks> and keep in it only stuff that's different from 01-dovecot-postfix.conf
<alvin> Ah, so 02 overwrites the settings in 01?
<alvin> So I shouldn't change 01?
<ivoks> correct
<ivoks> and keep only custom stuff in it
<alvin> Will do.
<ivoks> notice that authentication part moved to auth.d
<alvin> Yes, I saw
<uvirtbot> New bug: #578179 in samba (main) "No write permission on smbmount on XP machine, if the shared folder is more than 1 word" [Undecided,New] https://launchpad.net/bugs/578179
<ivoks> i'll be online whole day
<ivoks> so if you have any problems, let me know
<alvin> Thank you. I will :-)
<ivoks> if i'm not here, wait couple of minutes, i'll come back :)
<ivoks> like now :)
<ivoks> brb
<siya> moing
<siya> -g
<siya> I have an issue with a server of mine after doing a do-release-upgrade to lucid. console-setup doesn't install and as such I'm now in limbo land... dpkg just hangs and postinst
<ivoks> hmm
<siya> http://pastebin.com/qEzf8aPH
<ivoks> that happend to me once
<siya> tried to force remove console-setup
<ivoks> i killed postinst script
<siya> then purge it using aptitude
<siya> ivoks, yeah have to
<ivoks> but, the funny thing is...
<siya> which then suggest console-setup-mini as an alternative. Which didn't install propperly either
<ivoks> when i did dist-upgrade again, it worked :)
<ivoks> or was it dpkg --configure -a
<_ruben> hmm .. just had my first failed karmic-lucid upgrade .. upgrade seemed to go just fine, just not coming up after reboot, not sure when i'll be at the datacenter again :/
<siya> ivoks, dpkg --configure -a get's me stuck at the same place
<ivoks> _ruben: ilo, ilo
<Jeeves_> siya: 'exit 0' helped me a couple of times in a postinst
<siya> _ruben, had that going from 9.04 to 9.10 (same box sadly)
<Jeeves_> Kindof depends on the actions done in a postinst if it's possible
<_ruben> ivoks: forgot to config .. then again, it only got bmc, no full ilo/drac/whatever
<_ruben> just a test box, so not big a deal
<siya> ivoks, my system thinks it's on 10.04 already so dist-upgrade doesn't do much for me
<ivoks> siya: dist-upgrade updates to latest packages from distro
<ivoks> siya: so if it says that there's no thing to update, then you are up to date :)
<siya> it complains about console-setup being missing or broken
<siya> then stops
<ivoks> sudo apt-get --reinstall install console-setup
<siya> halts in the same place
<siya> post install
<siya> see http://pastebin.com/qEzf8aPH
<ivoks> that's not output :)
<ivoks> sudo DEBCONF_DEBUG="developer" apt-get --reinstall install console-setup
<siya> hehe
<siya> riiiight, I should've piped that output to a file...
<siya> ivoks, does the last bit help or do you need the whole thing? http://pastebin.com/1HdJqZcg
<ivoks> this is where it stops?
<siya> yup
<siya> just sits there
<siya> have to kill the process(es)
<ivoks> hm
<ivoks>     db_get console-setup/optionscode
<ivoks>     options="$RET"
<ivoks> looks ok
<ivoks> could you open /var/lib/dpkg/info/console-setup.postinst
<ivoks> go to line 70
<ivoks> comment out from 70 to 76
<ivoks> and add echo "TEST" to 77 :)
<ivoks> then run sudo DEBCONF_DEBUG="developer" dpkg --configure -a
<siya> file edited
<siya> same but now with TEST after it
<siya> so it halts after that section
<ivoks> ok
<ivoks> now add echo "TEST2" to line 84
<ivoks> test3 to 86
<ivoks> and test4 to 92
<siya> goes through to test4
<ivoks> and test4?
<ivoks> oh
<siya> shows up fine
<ivoks> it fails on line 131
<ivoks>     setupcon --save-only
<siya> I recall seeying that in ps ax
<ivoks> try running it by hand
<ivoks> sudo setupcon --save-only
<siya> same result (before editing it, that is)
<siya> ahh that
<siya> works fine
<siya> no idea what it does tho
<philsturgeon> hey guys, how can I enable ZLib on PHP?
<philsturgeon> running apache2, PHP 5.2 and Ubuntu 10.04
<ivoks> siya: hm
<ivoks> siya: type plymouth
<ivoks> philsturgeon: it's already enabled
<siya> ivoks, plymouth is hashed (/bin/plymouth)
<ivoks> siya: bashed?
<ivoks> siya: that's the output of 'type plymouth'?
<ivoks> hased
<siya> yes, from bash
<ivoks> argh...
<philsturgeon> ivoks: ahh, i've got a script that runs and extracts a ZIP via ZLib and its erroring with a white-page of doom. first time running this script on this environment. i am using error_reporting(E_ALL), any idea what else could stop errors from displaying?
<siya> ivoks, :)
<ivoks> philsturgeon: set up php to put errors into file
<ivoks> siya: no clue... try rebooting :)
<siya> ivoks, tx for the help. Learned a lot!
<ivoks> siya: iirc, --configure for me worked after reboot
<siya> ivoks, will keep it in mind
<siya> :)
<ivoks> siya: cause the problems seems related to plymouth
<philsturgeon> ivoks, it's a dev box, id like to see errors. it was an undefined function, but i should have seen that!
<ivoks> maybe diplaying errors is disabled?
<siya> ivoks, ooh... http://www.mail-archive.com/ubuntu-bugs@lists.ubuntu.com/msg2201467.html << I had mount errors... :s
 * clintb shakes off 16 hours of travelling and enjoys the conf file discussion from the back wall.. :)
<uvirtbot> New bug: #578200 in nut (main) "(megatec_usb) error: Driver not connected" [Undecided,New] https://launchpad.net/bugs/578200
<ivoks> siya: sudo apt-get --reinstall install plymouth
<ivoks> ? :)
<ivoks> siya: https://bugs.edge.launchpad.net/ubuntu/+source/console-setup/+bug/564360
<uvirtbot> Launchpad bug 564360 in console-setup "console-setup installation hangs" [Undecided,Fix released]
 * siya really needs to get some paid work done today
<RickyWh> how do I locate my apache2 config file?
<ivoks> RickyWh: /etc/apache2 is config dif
<ivoks> RickyWh: there's conf.d for general configuration
<ivoks> RickyWh: and sites-enabled for per-site configs
<ivoks> RickyWh: both override config from apache2.conf
<RickyWh> ahh, nm, i found it
<RickyWh> i was looking for the vhosts file but it's called 000-default
<RickyWh> why is it that whenever i go to edit a file with vim, when I save I get an error message. Can't open file for writing
<ivoks> you are not root
<dominicdinada> quick question guys, with mysql if I am specifing the host a user is allowed from can I use multiple hosts? ie ? 192.168.0.1, 192.168.0.2  ..... etc
<ivoks> yes
<ivoks> 192.168.0.%
<dominicdinada> ok :P
<RickyWh> i cannot login as root because it tells me to login as ubuntu user instead
<dominicdinada> RickyWh: you can take root privilages if you were the first user.....
<RickyWh> yes i was
<RickyWh> well, actually, i'm using one of the amazon ec2 images
<RickyWh> http://uec-images.ubuntu.com/releases/karmic/release/
<dominicdinada> and you cant sudo ?
<dominicdinada> Hmmm cant log into remotly to mysql what the hail........
<RickyWh> ya i can sudo, but it seems like alot of typing to add sudo before vim
<dominicdinada> RickyWh: So I guess security is not a primary concern for you then... there are howto's to circumvent the constant request for escalating privalages... just google it
<RickyWh> well, i first did a sudo passwd root, then set a root password and then did a su root
<RickyWh> it worked
<dominicdinada> ?
<dominicdinada> RickyWh:  ??? Did you get it ?
<stephank> Hello! Having some trouble installing 10.04 on a Dell PowerEdge SC1425. I created a RAID-1 in the BIOS disk utility, but the installer doesn't seem to detect it. The error I see is: âERROR: ddf1: wrong # of devices in RAID set "ddf1_4035305a8680df242020202020202020b1c464013a354a45" [1/2] on /dev/sdaâ
<stephank> not sure if this is helpful, some dmraid output: http://privatepaste.com/8021bffaf2
<pmatulis> stephank: raid controller model?
<_ruben> sc1425 most likely doesnt have hardware raid, so using software raid (mdadm) would be your best bet
<smoser> http://ubuntu-smoser.blogspot.com/ . That is me begging for users of ubuntu server to join UDS
<smoser> remote participation.
<halvors> I cant connect send email with my server from ThunderBird here is a images: http://halvors.skymia.net/errorsmtp.png
<pmatulis> halvors: looks like your password is no good
<Jeeves_> smoser: Hmm. Too much Cloud and Enterprise :)
<halvors> it is not that
<smoser> Jeeves_, there are lots of sessions. even other than server
<halvors> it must be some other and i get no errors in logs
<halvors> sorry for norwegian error?
<halvors> ;(
<Jeeves_> smoser: I know. But my main interest is the server part.
<Jeeves_> I see an interesting session about server boot and upstart. But I'm on the road than. :(
<stephank> pmatulis: I don't think it's a hardware RAID controller. It's software RAID on top of a CERC SATA 2S controller. (hence dmraid)
<_ruben> stephank: i'd go with plain mdadm software raid then .. dmraid is evil :)
<_ruben> i'd only ever touch dmraid if it was for dual boot machine with windows
<stephank> hmm, reading up on that now
<_ruben> stephank: set the controller to sata instead of raid in the bios, configure software raid in the ubuntu installer
<Italian_Plumber> is there a way to tell the sytem not to do a filesystem check on a drive at startup?  Do I just not mount the drive?
<stephank> _ruben: well, let's give it a shot. Thanks for the pointers. :)
<_ruben> Italian_Plumber: its controlled by /etc/fstab, one of the last 2 columns
<Italian_Plumber> ... so, if I don't mount the drive, it won't check it?
<_ruben> sure, but you can mount without checking as well
<Italian_Plumber> gotcha.  Thanks!
<stephank> I'm confused, software RAID works at the partition level rather than the disk level?
<refnumzx> using kvm on lynx. the --firstboot bug was fixed a couple of days ago but i don't see it in the apt repository.  how do i get this?
<ttx> kirkland: join ebene ?
<bogeyd6> can bind9 use a SPF record type instead of TXT?
<pmatulis> refnumzx: kvm on lynx?
<pmatulis> refnumzx: ah ok, lucid
<refnumzx> right. and kvm being a virtualization. i suppose to be more accurage vmbuilder is wht i am having problems with
<pmatulis> refnumzx: bug #?
<refnumzx> wow for typos. sorry
<refnumzx> yup. a fix was submited. i just want to know how to apply it to the installation
<pmatulis> refnumzx: bug #?
<refnumzx> pmatulis: #536942
<pmatulis> refnumzx: so you want to import the upstream fix into lucid?
<refnumzx> i do.
<pmatulis> refnumzx: you will need to make a package yourself if no one else has
<andriijas> what was the url to the preview channel thing
<andriijas> to fix php in lucid
<refnumzx> is there documentation on how to do this?
<pmatulis> refnumzx: most people would use the PPA method for such a thing.  so google 'ubuntu ppa'
<refnumzx> thanks a lot
<dominicdinada> quick question where is a place to quick upload a pdf without having to register and crap
<pmatulis> dominicdinada: ubuntu-server related?
<dominicdinada> sorry got help already
<mdasilva> hi all, im looking at setting up a UEC but want to clarify the hardware requirements, specifically storage; nodes will only cache guest/instance images that live on the front end, correct?  can nodes take advantage of local data storage or must it use "walrus" for data storage on the front end?
<Italian_Plumber> Good morning.  I'm having a hard drive problem, summarized here: http://ubuntuforums.org/showthread.php?t=1478985  ... any help or suggestions would be greatly appreciated.
<mcas> Italian_Plumber: do you have any errors in dmesg about /dev/sdd?
<mcas> Italian_Plumber: additional you could test your hard drive with smartmon-tools
<eagles0513875> hey guys just a quick question what is the difference between an ubuntu server kernel and normal ubuntu kernel
<mcas> eagles0513875: e.g. support for special server hardware
<eagles0513875> mcas: could i use it to install the desktop the remove the server kernel ?
<eagles0513875> cuz atm ubiquity installer in kubuntu seems bugged and same in server O_O
<eagles0513875> sigh
<mcas> eagles0513875: have you tried alternate cd?
<tesseracter> hi, I set up a NFS server, and linux computers can mount the systems fine. any ideas why osx is being pissy?
<eagles0513875> mcas: alternate net install live cd
<mcas> and server works for you?
<eagles0513875> ubiquity is bugged mcas filed a bug but probably wont get looked at till next week due to uds
<eagles0513875> mcas: will know soon enough
<eagles0513875> acpi also seems bugged
<mcas> if you have a server installation you can install kubuntu-desktop
<mcas> and so you get kde enviroment
<eagles0513875> mcas: i plan on doing that just curious as to the difference between the 2 kernel
<eagles0513875> kernels
<mcas> eagles0513875: i think you will have no problems with using server kernel
<uvirtbot> New bug: #578292 in apache2 (main) "package apache2.2-common 2.2.14-5ubuntu8 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/578292
<eagles0513875> mcas: at the point of loading additional components
<Italian_Plumber> mcas: I have looking in dmesg and found some relevant data which I am currrently posting.
<eagles0513875> another bug i have noticed mcas for me to get past formatting i have to turn acpi off if i dont it wont format my hdd
<eagles0513875> mcas: not sure if you have a sec to take a look at this bug but my bug is 578210
<mcas> bug #578210
<uvirtbot> Launchpad bug 578210 in ubiquity "ubiquity fails to install kubuntu on lucid 64bit" [Undecided,New] https://launchpad.net/bugs/578210
<mcas> eagles0513875: have you asked in #kubuntu-devel?
<eagles0513875> mcas: server is even better formatting crashes and not hdd activity what so ever
<eagles0513875> mcas:  :( banned from there long story on that that happened a few yrs back
<eagles0513875> mcas: i have tried 2 different sizes of drives
<eagles0513875> be it 500gb or 2tb same issues
<Error404NotFound> i am connected to a openvpn server running ubuntu, i can ssh that but when i ping that i get "Time to live exceeded", similarly i can't use the DNS server deployed on openvpn server.
<mcas> eagles0513875: jou talked to riddell?
<eagles0513875> i filed the logs as he wanted mcas havent heard anything
<Italian_Plumber> I found this in the dmesg: http://pastebin.com/CMH3bazc
<eagles0513875> mcas: doesnt look like hes around either
<eagles0513875> mcas: unless hes in devel hes more then welcome to pm me
<mcas> eagles0513875: i am sure he will look at it asap
<mcas> Italian_Plumber: i think you have a hardware problem either with your hd or with your mainboard
<mcas> do you have a backup?
<mcas> eagles0513875: i have no 64bit machine to test your bug so i think i cannot help you much more
<eagles0513875> mcas: you talking to me re hardware
<mcas> eagles0513875: pardon?
<eagles0513875> about the hardware problem with your harddrive or mainboard mcas
<mcas> eagles0513875: no... it's another problem i try to help with ;)
<eagles0513875> mcas: ok
<eagles0513875> well im trying again using local mirror
<mcas> eagles0513875: have you checked your cd? have you tested you memory?
<eagles0513875> tested all hardware its fine
<eagles0513875> checksum of the isos match so its not a bad iso
<eagles0513875> and im using a bootable usb
<eagles0513875> tried 2 different ones and the same issue
<eagles0513875> humm
<mofomikes> hi all, im looking at setting up a UEC but want to clarify the hardware requirements, specifically storage; nodes will only cache guest/instance images that live on the front end, correct?  can nodes take advantage of local data storage or must it use "walrus" for data storage on the front end?
<Italian_Plumber> mcas: a hardware problem is likely as I had a power failure a few days ago.
<mcas> Italian_Plumber: do you have a second pc where you could test the hd?
<eagles0513875> mcas: question for ya how well does server handle drives over 1tb
<Italian_Plumber> ah yes.  Here's the point of failure last night: http://pastebin.com/JHt6bJ17
<mcas> eagles0513875: no problems afaik
<Italian_Plumber> I do have a second PC: my wife's. :)  So it's problematic getting access to it.
<eagles0513875> strange why is the formatting hanging then mcas
<mcas> Italian_Plumber: i think it's the only test you could do
<mcas> eagles0513875: hanging for how long?
<eagles0513875> mcas: seems like it formats up to 33% then there is no hdd activity at all
<eagles0513875> and then on kubuntu same thing if i leave acpi turned on hangs at 33%
<eagles0513875> server its different with acpi on or off it still hangs at 33%
<eagles0513875> i did have a power outage 2 weeks
<eagles0513875> ago
<eagles0513875> thing is at that time i was on win 7
<eagles0513875> so i know thats not my problem right now
<eagles0513875> ram and video card are all ok
<eagles0513875> hdd is fine as well
<Italian_Plumber> mcas: thanks.  Are you at a Marine Corps Air Station? :)
<mcas> no ;-)
<eagles0513875> :(
<eagles0513875> im running out of options
<eagles0513875> live cd alternate and even net install same problems
<mcas> eagles0513875: have you tried to boot into live cd and then formatting your hd?
<eagles0513875> mcas: on kubuntu live cd with acpi off that works fine it formats then i have issues with shared objects
<eagles0513875> and an error saying that the version im installing is different then what is on the cd in my case live usb
<mcas> eagles0513875: ubuntu live cd?
<eagles0513875> if i hit retry a number of times it sometimes installs other times i ahve to skip
<eagles0513875> mcas: havent tried ubuntu live cd yet gonna try kubuntu alternate cd
<oru_work> how do I go to a specific line in nano ?
<mcas> oru_work: META-G
<oru_work> mcas, thnx
<billybigrigger> is an nfs share supposed to be laggy on a 100mbps home network?
<billybigrigger> ie, it will transfer 50mb, then pause for about 8 secs, then go for another 50mb
<billybigrigger> the nfs server is through vbox, watching top, i have lots of cpu/mem available
<_ruben> sounds more like the disks cant handle it or so
<eagles0513875> billybigrigger: they ide or sata drives
<billybigrigger> maybe it's just slow through vbox, but the whole system hangs up after about 50mb
<billybigrigger> hmm now that i think about it, my os disk is ide...
<billybigrigger> have 2 storage drives that are sata...
<eagles0513875> billybigrigger: i have noticed that I/O is slow on vbox
<eagles0513875> and ide doesnt help either
<billybigrigger> nope it doesn't
<billybigrigger> just testing nfs out, building a fileserver today, that will have 1tb sata
<billybigrigger> thinking about getting a gigabit switch in here today too...
<eagles0513875> gotcha your better off testing with a sata drive if you want more accurate I/O info
<billybigrigger> 2 storage drives on my main machine here are sata...so i shouldn't have any more problems when i go live, instead of using vbox
<billybigrigger> eagles0513875, you have experience with gigabit networks at all? ie for home use
<eagles0513875> its funny you ask
<eagles0513875> i dont have a giga switch
<eagles0513875> but desktop and mac are both gigabit nics
<eagles0513875> billybigrigger: what kinda questions you got
<billybigrigger> yeah, new fileserver mobo will have gigabit nic, so i might as well take advantage of them
<billybigrigger> just wondering what real world speeds i will achieve
<billybigrigger> 1000Mbps works out to ~140MB/s
<eagles0513875> ya i wanna get a wireless n router for my wifi n card in my mac as well as a gigabit switch
<billybigrigger> im happy if really see over 100MB/s
<eagles0513875> billybigrigger: not sure off the top of my head m8 but even with 100mbps router
<eagles0513875> i get 1.2mbps over my 10mbps cable internet connection
<billybigrigger> why so slow?
<billybigrigger> my cable connection is 25mbps and i can max it out
<eagles0513875> billybigrigger: cable isp is a monopolizing compnay here on this island
<billybigrigger> using usenet, or torrent
<eagles0513875> nice
<billybigrigger> island, which one?
<eagles0513875> malta
<eagles0513875> 60 miles south of scicily
<billybigrigger> oooh, must be nice living there :)
<eagles0513875> paradies
<eagles0513875> hehe
<eagles0513875> originall was born in usa
<eagles0513875> but parents are from here so im back here now studying hehe
<billybigrigger> i live in canada, so that sounds like a beautiful place to live for me
<eagles0513875> have family back here
<billybigrigger> ahh thats cool
<eagles0513875> it is i love it over the usa
<eagles0513875> but i have best of both worlds usa and european union
<billybigrigger> dual citizen?
<eagles0513875> mcas: strange the partitioner on the alternate cd seems to be working O_o im wondering if there is a bug in the partitioning system
<eagles0513875> billybigrigger: ya
<billybigrigger> niiiice :P
<billybigrigger> alright, going to pick up some parts...ill be back with some questions i imagine haha
<eagles0513875> lol ok billybigriggerand im gonna stay here trying to get kubuntu lucid installed
<eagles0513875> ubiquity has a severe bug
<mcas> eagles0513875: i told you to try the alternate cd :-D
<eagles0513875> i am now
<eagles0513875> but its strange how it doesnt work on ubuntu server the partitioning and formatting just hangs at 33% and when i touch the drive there is no activity on it
<halvors> I know it takes a lot of time on the 33% but it shoulds continue :-/
<eagles0513875> 2tb hdd halvors
<eagles0513875> its continuing now
<eagles0513875> installing base system
<Italian_Plumber> mcas: looks like turning the computer off and back on again (instead of just rebooting) has got that SATA link back up.
<Italian_Plumber> oh and I also reseated the drive's power cord, data cable, and the SATA controller card
<mcas> that sounds good to me eagles0513875 and Italian_Plumber
<mcas> i have to go
<mcas> bye
<halvors> ok, i know i formatted a 1tb hdd its took a lot of time.
 * eagles0513875 regrets using the shitty local mirror which isnt a local mirror but a server here redirected to a uk server. will have to work with lug to get that sorted and setup the right way
<enav> good morning... you guys know how to change the screen resolution to an Ubuntu Server????
<rigr> xconfigurator
<enav> let me google it  thanks
<Error404NotFound> i have made a torrent of some videos that i made i my local machine, same videos exists on my ubuntu server deployed at say abc.com, is there a commandline torrent that i can use to seed my torrent?
<mcmatterson> can someone give me a definitive answer about what the UEC metadata service should look like on a lucid UEC install? I've got a single-machine CC+NC setup for testing, and am experiencing the 'hang on EC2 metadata' bug that's all the rage these days (https://bugs.launchpad.net/eucalyptus/+bug/566792). What should a wget http://169.254.169.254/latest/ return?
<uvirtbot> Launchpad bug 566792 in eucalyptus "UEC guests sometimes fail on consuming user data (metadata service isn't ready)" [High,Confirmed]
<eagles0513875> mcas: we shall see if the install was successful after reboot
<eagles0513875> hehe
<eagles0513875> mcas: regretting choosing the correct mirror
<Italian_Plumber>  error: check out rtorrent
<Italian_Plumber> Error404NotFound ^^
<Error404NotFound> Italian_Plumber, found bittorrent, rtorrent doesn't create torrents afaik
<Italian_Plumber> rtorrent does not make torrents.  You said you already made the torrent.
<Italian_Plumber> is there a "stronger" command to reboot, than "reboot"?
<eagles0513875> Italian_Plumber: use the init scritp on command line issue sudo init 6
<eagles0513875> Italian_Plumber: 6 is reboot 0 is shutdown
<RoyK> reboot -f
<eagles0513875> RoyK: init scripts would work as well
<RoyK> unless something hangs
<RoyK> reboot == init 6
<RoyK> halt == init 0
<Italian_Plumber> so far neither is working :)
<Italian_Plumber> box is still pluggin' away
<RoyK> reboot -f normally works
<RoyK> if you can reach the console, type hold alt+prtscreen and type SUB
<Italian_Plumber> Console is ~3 miles away :)
<Italian_Plumber> I guess I'll have to wait until I get home
<Italian_Plumber> oh -- wait... I think it's doing it now
<RoyK> an OOPS can make the system not allow for a reboot
<eagles0513875> Italian_Plumber: hence install ssh hehe
<RoyK> I've seen that a few times
<Italian_Plumber> an oops?
<RoyK> so, enable kernel.panic_on_oops
<RoyK> and kernel.panic = 60
<RoyK> oops is a "panic light"
<eagles0513875> Italian_Plumber: another reboot command is sudo shutdown -r now
<RoyK> eagles0513875: it still just does an init 6
<eagles0513875> gotcha
<Italian_Plumber> successfully rebooted :)
<RoyK> Italian_Plumber: in /etc/sysctl.conf, set kernel.panic_on_oops = 1 and kernel.panic = 60
<RoyK> that'll make the system panic if an oops happens and reboot 60 seconds the panic
<Italian_Plumber> what would cause an opps
<eagles0513875> mcas: what im finding funny is the installer seems to fail when installing kde
<RoyK> Italian_Plumber: usually a faulty driver or bad hardware
<RoyK> eagles0513875: kde on a server?
<eagles0513875> RoyK: no not on a server my desktop
<eagles0513875> been fighting with ubiquity like no other and it turns out its a bug between ubiquity and kde something with kde
<ARTSIOM> Hi All!
<enav> hi guys for some reason i cant execute ebox on my ubuntu server
<ARTSIOM> right now on karmic I have sun_java6_jdk_1.6.0_20, how can I downgrade it to sun_java6_jdk_1.6.0_17?
<ARTSIOM> right now on karmic I have sun_java6_jdk_1.6.0_20, how can I downgrade it to sun_java6_jdk_1.6.0_17?
<eagles0513875> ARTSIOM: i wouldnt advices it
<eagles0513875> anything below 20 has a nasty exploit
<mcas> re
<eagles0513875> mcas: got it workign with alternate
<mcas> eagles0513875: great :-)
<eagles0513875> turns out the bug is between ubiquity and the kde packages somewhere
<eagles0513875> installing kde now hehe gnome installs fine kde is bugged
<eagles0513875> mcas:  :( thats not good
<eagles0513875> had a random reboot
<eagles0513875> nm
<eagles0513875> damn screen saver hehe
<ARTSIOM> eagles0513875: ok, if I understand the risks, is there any standard way to downgrade package?
<eagles0513875> ARTSIOM: im not sure actually
<mcas> ARTSIOM: do you still have the "old" package on your hd?
<eagles0513875> mcas: i think if he doesnt he could get it from the java website
<eagles0513875> java.sun.com
<ARTSIOM> mcas: no, 1.6.0-u20 was the initial install
<mcas> ARTSIOM: how do you install this version?
<ARTSIOM> mcas: apt-get install sun-java6-jdk
<mcas> ok then you have to download the -17 version from the java.sun.com website first
<ARTSIOM> mcas: I am already browsing it for a while, but can't find a link for old versions...
<mcas> after you uninstalled the -20 version apt-get purge sun-java6-jdk install the package you previously downloaded
<mcas> ARTSIOM: http://java.sun.com/products/archive/
<eagles0513875> mcas: fyi you can have multiple versions of the jdk it seems like without them conflicting
<billybigrigger> hey all
<eagles0513875> hey billybigrigger i figured out the source of the problem i was having
<billybigrigger> which was
<mcas> eagles0513875: thanks for the hint
<eagles0513875> no problem mcas fyi can also have 2 versions installed 32bit or 64bit at same time as well
<RickyWh> which version of ubuntu should be used for a stable server?
<billybigrigger> im having problems setting up my routers after adding this switch
<billybigrigger> dhcp doesn't seem to be working, so im guessing i have to manually set my ip addresses
<mcas> RickyWh: IMHO you can use the brand new LTS 10.04 release
<billybigrigger> is it odd for a switch to not have an uplink?
<RickyWh> apt-get update && apt-get dist-upgrade to get any updates right?
<billybigrigger> this switch i bought only has 5 ports, so i imagine i just connect my router to link1?
<billybigrigger> i thought it would have an uplink port for a router
<mcas> billybigrigger: i think the switch has auto mode for uplink on every port
<billybigrigger> yeah
<billybigrigger> got er working now
<billybigrigger> except my fileserver only has a 100mbps link
<billybigrigger> weird
<eagles0513875> O_o
<billybigrigger> not having an os installed shouldn't change the link speed of my internal nic should it? ie im just sitting after post..."insert boot media in selected boot device and press a key"
<billybigrigger> can't see anything in the bios to select a link speed either
<eagles0513875> billybigrigger: what kinda network cable you got
<eagles0513875> 5e or cat 6
<billybigrigger> sonnofa.....
<eagles0513875> billybigrigger: ?
<billybigrigger> thought it was 5e, looks to be and old cat5
<eagles0513875> billybigrigger: thats the problem most likely
<billybigrigger> :P
<billybigrigger> hmm
<billybigrigger> cat5e patch cable will do i guess
<eagles0513875> shame i cant walk over a 5e table to test it lol
<billybigrigger> hmmm
<billybigrigger> this 5e patch cable is still only giving a 100mbps link
<billybigrigger> sob
<jeeves_moss> just wondering about gl_tail and if anyone has been able to install it.  currently, I'm stuck on net-ssh (ruby package), and I can't get it installed
<billybigrigger_> am i wrong in assuming that a cat5e and a cat5e patch cable have the same throughput?
<mcas> i think cat5e and cat5e should have the same troughput :-)
<MTecknology> Any of you know much about xmpp with google apps? If that's even appropriate for this channel.
<mluser-work> Hello everyone, I need to blacklist kvm and kvm_intel kernel modules, but adding them to /etc/modprobe.d/blacklist.conf does not seem to work.. any ideas?
<sbeattie> mluser-work: can you disable the kvm initscript/upstart config that causes them to be loaded?
<mluser-work> sbeattie: yes thanks.. its working now :)
<uvirtbot> New bug: #578463 in libpam-ldap (main) "pam_ldap disconnects from LDAP without unbinding, causing many "connection_read(): no connection!" warnings in logs" [Undecided,New] https://launchpad.net/bugs/578463
<Airells> do you know any good and actuall tutorial or sth about LDAP on ubuntu ?
<soloslinger> hey all.  I am following this documentation, but it doesn't mention anything about adding the service to start on startup.  How would I go about doing that? https://help.ubuntu.com/6.06/ubuntu/serverguide/C/ftp-server.html
<soloslinger> rc-update add vsftpd default?
<u0324> Has anybody dealt with reconciling apt-get installing the amanda-server package in lucid with backup:backup and the ZWC client wanting to backup windows machines using the amandabackup user?
<RickyWh> how do i enable sftp on ubuntu 10.04 ?
<RoyK> RickyWh: apt-get install ssh
<RickyWh> When I try to connect with WinSCP it asks me to login, i type root and the error says "REceived too large SFTP packet"
<RickyWh> if i try logging in with user ubuntu, then I cannot upload files to the /var/ directory, error "permission denied"
<RoyK> /var is usually not writable for users
<RoyK> try the home dir
<RoyK> or set permissions for the dir into which you want to upload files
<RoyK> not the whole of /var, that'd be bad
<RickyWh> i want to upload files to /var/www/
<RickyWh> which is where my apache2 reads from
<RickyWh> and the only reason I need access to /var/ is to upload an /includes/ directory with database php scripts
<RickyWh> is it safe to make /var/www chown to ubuntu user?
<RoyK> RickyWh: man chmod
<RickyWh> well i already changed the owner of the directory to ubuntu
<RickyWh> maybe I should just make it read and write by a group that ubuntu is part of instead?
<RoyK> with scp or stcp the user used should suffice
<RickyWh> is it a huge security risk to chown the /var/www to ubuntu user?
<mdasilva> with a UEC setup, can node instances write to local disks?
<uvirtbot> New bug: #578504 in postfix (main) "package postfix (not installed) failed to install/upgrade: Unterprozess installiertes post-installation-Skript gab den Fehlerwert 75 zurÃ¼ck" [Undecided,New] https://launchpad.net/bugs/578504
<enav> hi guys after install ebox on my server it does not run at all.... what could it be?
<cloakable> Just upgraded to 10.04, and there's a bug in the mailstack: the cmusieve plugin isn't installed, you need to use sieve, not cmusieve now.
<uvirtbot> New bug: #578535 in postfix (main) "package postfix 2.7.0-1 failed to install/upgrade:" [Undecided,New] https://launchpad.net/bugs/578535
<enav> guys witch is the most stable server edition of ubuntu 8 ,9 or 10?????
<ScottK> enav: Myself I've never had any stability issues with any of the supported releases, but, of course, depending on your hardware and package selections it may be different for you.
<ScottK> If you are just starting now, I would recommend starting with 10.04 (the most recent release).
<enav> ScottK  i ask that question because ebox is not running on my ubuntu server... i'm just downloading  Ubuntu Server edition 8  and see what happens
<ScottK> The most work around ebox integration was done for 8.04.
<enav> ScottK that means ebox is a little outdated?
<ScottK> No, it means that if you are using ebox, your best chance of it working is probably 8.04.
<ScottK> It hasn't had a lot of focused effort since.
<enav> ok thanks mate... im about to create my first web server in the open source world....
#ubuntu-server 2010-05-11
<JohnA1> i am thinking of using 10.04 for my SMB server. I have several questions that I would like to get answer
<JohnA1> Oops, -- to. first off , why does ubuntu use exim as its mta, in the tasksel setup. Is there some advantage to exim over postfix?
<JohnA1> alt, could somebody point me to a paper or other discussion as to why?
<bronson> how do I make a networking device come up by default on boot?
<bronson> I've added it to /etc/network/interfaces, and ifup eth0 works...  it just doesn't happen when the machine boots.
<bronson> The http://tinyurl.com/ubuntuserv link in the topic is broken.
<bronson> tinyurl: Error: Unable to find site's URL to redirect to.
<billybigrigger> anyone here run an nfs file server over a gigabit network?
<Zider> sorry, only 100Mbit here so far
<axisys> how do I password protect a pdf file.. i need to send it to someone over the email .. i will call the person and give the password over the phone ..
<Zider> on a server..?
<axisys> might be offtopic for this channel.. will ask #ubuntu or #ubuntu-offtopic
<Zider> you could encrypt the entire email instead.. :)
<mikelifeguard> I have a 'server' (really an old desktop) that now says http://sprunge.us/CaIV about NX... but I don't think the processor supports NX - certainly I don't see a setting for it in BIOS. How likely is it that check-bios-nx is wrong here?
<axisys> Zider: i am using gmail... i will just encrypt using openssl and give him the password on separate email
<Zider> axisys: gmail webmail or via mail application?
<axisys> gmail webmail
<axisys> Zider: ^
<mikelifeguard> `check-bios-ns --verbose` says http://sprunge.us/MiXI
<axisys> i just need to encrypt the attachment .. and we both are in US
<Zider> axisys: yeah, you can encrypt with any tool and just mail it then
<axisys> Zider: yep.. looking for the syntax with openssl
<Zider> or rar, it can encrypt too
<axisys> openssl enc -ciphername [-in filename] [-out filename] [-pass arg] <-- looks like this will do
<lavish> hi all
<lavish> "Doc and resources: http://tinyurl.com/ubuntuserv" -> it's broken ;)
<hackeron> hey, I dist-upgraded to lucid which removed postgres-8.3 so now I cant access any of my databases? - and it seems I can't reinstall 8.3 as it's no longer available. What do I do?
<nick58b> hackeron: check out pg_upgradecluster
<hackeron> nick58b: thanks
<axisys> Zider: like rar.. thanks
<axisys> Zider: tested .. works pretty good
<Rodney_> I am trying to load 10.4LTS on my server but it fails even though the cd was verified.... Fails at every step once I get to "select and install software" step.. If I continue it will fail with Grub no mater if I install grub 1 or 2 and also fails if I try LILO...  Am I missing something? I am installing the 64 bit system on a 64 bit intel system.
<sebas891> hi folks,  I wonder why ubuntu 10.04 take more than 60 minutes to install using the alternate cd installer.
<uvirtbot> New bug: #578587 in samba (main) "umount.cifs does not work on logout with libpam-mount" [Undecided,New] https://launchpad.net/bugs/578587
<RickyWh> anyone know why the images are not loading on my site?  http://ec2-204-236-201-28.compute-1.amazonaws.com/
<RickyWh> it's weird
<mikelifeguard> RickyWh: The webpage at http://graffitihousewars.com/sliver.png might be temporarily down or it may have moved permanently to a new web address.
<RickyWh> oh wait, those are linking to the domain, right
<RickyWh> ok thx :)
<mikelifeguard> np
<RickyWh> i was worried there for a few lol
<mikelifeguard> Also, I'm not sure if url(...) is valid CSS. You might want url('...')
<elnur> I'm upgrading my server through ssh from 9.10 to 10.04. My VPS is based on Xen. Should I upgrade to GRUB 2 or there are problems with GRUB 2 and Xen?
<kaushal> hi
<kaushal> can some one help me with the usage of mcelog ?
<kaushal> I have got this http://fpaste.org/z9XT/
<kaushal> I am running ubuntu 8.04 server
<kaushal> i did /usr/sbin/mcelog --ascii b200000000070f0f it did not worked for me
<MTecknology> Any ideas what would be causing this? sshd[32308]:
<kaushal> checking in again for my query ?
<maxagaz> sorry to ask here, but is there a free vnc server to put on a windows vista system ?
<maxagaz> I have tried RealVNC but can't connect to it from ubuntu
<maxagaz> although the port is openned
<twb> maxagaz: I don't know.  Try asking ##windows.
<twb> IIRC on NT5.0 and NT5.1 I used Tight VNC.
<twb> I expect your VNC server is running, but Vista is firewalling it somehow.
<twb> (Obviously, using Windows' native RDP server would be VASTLY preferable to VNC.)
<SpamapS> yeah there's a native RDP client called rdesktop for X
<SpamapS> works quite well most of the time
<twb> And from NT5.1 onwards, even single-seat Windows SKUs ship with the RDP server pre-installed (but off by default).
<twb> From memory you hit "properties > advanced" on the "My Computer" icon and turn on RDP, then go into the MMC and add your user to the appropriate "remote access" group.
<timboy> time on my machine is an hour off. how can i fix it?
<MTecknology> timboy: ntpdate
<timboy> 11 May 00:11:18 ntpdate[2107]: no servers can be used, exiting
<twb> timboy: what release?  Lucid?
<timboy> twb, how can I tell from command line?
<twb> lsb_release -a
<timboy> twb, 8.04
<twb> ntpdate-debian, then.
<timboy> twb, that updated the time properly. should I put that in my cron jobs?
<twb> No.
<twb> ntpdate-debian should automatically be run at boot time, and ntpd should be invoked at boot time.
<twb> As at 8.04, ntpdate[-debian] is responsible for large jumps, and ntpd performs incremental resyncs.
<timboy> twb, this system never reboots it's been slowly losing time daily about 2 mins a day or so
<twb> (In later releases, both roles are performed by ntpd.)
<twb> timboy: that suggests that ntpd is either not installed or not being started at boot time.
<timboy> twb, ntpd doesn't appear to be installed should I install ntp or openntpd?
<twb> ntp.
<timboy> ok thx twb
<dominicdinada> How do I auto mount a usb drive at boot?
<timboy> dominicdinada, add it to /etc/fstab
<dominicdinada> as in the drive name ?
<dominicdinada> !fstab
<ubottu> The /etc/fstab file indicates how drive partitions are to be used or otherwise integrated into the file system. See https://help.ubuntu.com/community/Fstab and http://www.tuxfiles.org/linuxhelp/fstab.html and !Partitions
<twb> dominicdinada: no, the UUID or LABEL
<dominicdinada> ok and if the drive isnt there will it just skip it?
<uvirtbot> New bug: #578665 in dbconfig-common (main) "package dbconfig-common 1.8.44ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 10" [Undecided,New] https://launchpad.net/bugs/578665
<uvirtbot> New bug: #578668 in awstats (main) "Please sync awstats from Debian unstable" [Undecided,New] https://launchpad.net/bugs/578668
<l3iggs> i would like to create a folder in which any user can create a file, yet only root can modify or delete the files once they're created.
<l3iggs> i would appreciate any help in that matter
<twb> Can't be done with the POSIX DAC.
<l3iggs> if the SUID bit worked on directories, this would be quite easy
<l3iggs> really!? this is a totally impossible task?
<twb> High bits have different meanings on directories (compared to binaries).
<twb> l3iggs: yes, totally impossible.
<l3iggs> well darn
<twb> The closest you can get is the permissions on /tmp, which (broadly) allow anyone to create a file, but only the owner to subequently modify it.
<twb> Depending on your wider goal, you might want a set-uid program that allows students to submit files, but not to delete them.
<l3iggs> yeah, that's a sticking point, i don't want the owner to be able to modify or delete it
<twb> Another approach would be to simply have students submit their assignment via email, and have a procmail script place it in a world-readable, owner-writable directory.
<l3iggs> let me elaborate,
<l3iggs> i'm running a web server in which users upload files through a web portal
<l3iggs> the file appears on my hard drive with www-data as the owner
<l3iggs> i don't want the next user to be able to delete this file through the web page
<l3iggs> or modify it for that matter
<twb> That's up to your crappy web app, then
<qman__> that's something that would normally be handled in the web application
<l3iggs> yeah, i'll have to modify the web app
<l3iggs> i was hoping to avoid that
<l3iggs> i appreciate your help
<twb> If you REALLY didn't want to edit the web app, you could do something totally horrble
<l3iggs> go on...
<twb> e.g. write a FUSE module along the lines of fuse-rofs that only allows OPEN write syscalls, and not much else.
<twb> And returns ENOPERM or so for everything else.
<twb> Possibly a MAC like apparmor or selinux could express the same thing, but I doubt they're set up for that level of granularity
<l3iggs> the web app is open source and fairly heavily developed, i think i'm better off looking for support from its devs
 * twb grumbles about web apps
<l3iggs> i thought there might be some quick permissions or ACL trick that i don't know that could solve the problem easily
<l3iggs> but i guess not
<twb> l3iggs: not trivially, no.
<l3iggs> well this points me in the right direction. i really appreciate the help
<jnss> hreyt
<jnss> hey!
<jnss> so, does 10 come with nicely colored terminal colors
<jpds> KMS?
<twb> jpds: define "nicely colored terminal colors"
<jpds> jnss: ^--.
<jnss> doing ls -la shows files colored by their type
<l3iggs> the new terminal is slightly transparent, which is kinda neat
<l3iggs> by the way,
<l3iggs> if anyone was reading on about the issue i brought up earlier,
<l3iggs> i have solved it
<l3iggs> with an .htaccess file that contains:
<l3iggs> <Limit DELETE>
<l3iggs> Require user root
<l3iggs> </Limit>
<twb> Oh, nice idea
<l3iggs> :-) thankyou
<twb> Of course it assumes your httpd will honour .htaccess files.
<RoyK> allowoverride authconfig :Ã¾
<twb> RoyK: well, I normally run busybox httpd, not apache httpd.
<uvirtbot> New bug: #578681 in apache2 (main) "apache2 crashes on svn query with kerberos + ssl" [Undecided,New] https://launchpad.net/bugs/578681
<dominicdinada> i got this error during update E: Sub-process /usr/bin/dpkg returned an error code (1)
<dominicdinada> http://pastebin.com/YfGXvftM
<iclebyte-work> Does anyone know how you would configure squidguard to block all except specified domains? I'm using 'pass !allowed none' but it's still blocking everything.
<Julia> Hey People! Im trying to figure out, where an old partition started. The partition before ends at cylinder 6879 according to fdisk. I tried 6880 for the next partitions, but the fs (reiser) cannot be mounted. Can it be, that the next partition starts at 6879? Can one partition start in the cylinder in wich the one before ends?
<twb> iclebyte-work: pastebin your squid.conf so I don't have to go find mine
<iclebyte-work> one second!
<twb> Holy wavering attention span, Batman!
<iclebyte-work> twb, http://pastebin.com/ZpQNzjUS
<twb> iclebyte-work: that's the whole file?
<sporedi> how to use reverse proxy with ubuntu using apache
<SpamapS> sporedi: do you want to use apache as the reverse proxy, or the backend HTTP server?
<sporedi> i want my intenal web services to be acess over internet
<twb> Hmm, is mod_proxy full of sexy HTTP/1.1 pipelining goodness?
<iclebyte-work> twb, has that pastebin given you any clues?
<recsa> Hi, i have read that in order to gonfig vncserver you have to edit /etc/sysconfig/vncservers file, i have look for it but that file is not present at my Karmic .... how can i make my second vnc4server desktop to run as a specific user?
<twb> iclebyte-work: answer the question, please
<iclebyte-work> twb, yea that's the whole file. It's a simple rule I'm trying to implement.
<iclebyte-work> twb, i've had it working in the other direction i.e. allowing everything except the contents of the allowed domain file by using 'pass !allowed all'
<iclebyte-work> but I need to block everything EXCEPT the contents of that file and for some reason google is not turning up much, nor is the squidguard documentation..
<twb> I thought more like "acl whitelist domainlist allowed/domains.txt" and then "http_access allow whitelist"
<twb> acl defines a pattern; http_access applies it
<twb> That's pretty much what I have, except url_regex instead of domainlist
<iclebyte-work> twb, is that squid.conf your talking about or squidGuard.conf?
<twb> squid.conf
<twb> Which is what I asked you to paste.
<twb> (I don't use squidguard; IMO it doesn't add much value.)
<iclebyte-work> right i shall try with squid alone then =)
<ravionrails> can anyone tell me how to set up subdomain in ec2 cloud
<erichammond> ravionrails: EC2/AWS does not provide DNS service.  You are responsible for providing this yourself.
<erichammond> ravionrails: or are you looking for something else?
<ravionrails> erichammond: actually i want to know how to set up in apache configuration
<erichammond> ravionrails: ah.  EC2 does not support multiple IP addresses per instance, but you can support it with standard Apache virtual hosts.
<ravionrails> erichammond: can u point me to  the settings in apache configuration file to setup subdomain
<erichammond> ravionrails: Sure, Google "apache virtual host"
<uvirtbot> New bug: #578729 in augeas (main) "Sync augeas 0.7.1-2 (main) from Debian unstable (main)" [Wishlist,New] https://launchpad.net/bugs/578729
<ujjain> I have a server here and only a HDMI cable, my monitor supports both HDMI and other type, but I don't have such a cable. Small chance I will be able to install VMWare ESXi on the server without such a cable, right?
<a_ok> How can I renumber the ethernet ports? Mine start at eth2 now I have disabled the on board stuff
<Jeeves_> a_ok: /etc/udev/rules.d/70-persistent-net
<Jeeves_> or something like that
<a_ok> Jeeves_: thank you
<Jeeves_> yw!
<a_ok> Jeeves_: can I simply remove that file?
<uvirtbot> New bug: #578773 in dhcp3 (main) "dhclient waits a random 0-4 seconds before trying to acquire a lease" [Undecided,New] https://launchpad.net/bugs/578773
<Jeeves_> a_ok: Yes. If you remove it, Udev will recreate it the next boot
<mcas> hiho
<tesseracter> I set up a NFS mount based on https://help.ubuntu.com/community/SettingUpNFSHowTo but even with the rw option, I cannot write to the mounted drive - read works fine.
<tesseracter> anything else able to cause it not to be able to be written to?
<zul> tesseracter: have you looked at your log files on your server?
<tesseracter> zul, it was even easier - the folders were set to 755, i just did chmod 777 and it was fixed.
<SpamapS> ping!
<RoAkSoAx> kirkland, ping?
<kirkland> RoAkSoAx: pong
<RoAkSoAx> kirkland, where you at? I just fixed the bug I had and I think its ready for merging if you wanna review it
<RoAkSoAx> (testdrive)
<kirkland> RoAkSoAx: in a session in cocobolo-3
<RoAkSoAx> kirkland, ok be there in a bit
<timboy_> do all printers get added to lp group?
<kirkland> bug #471615
<uvirtbot> Launchpad bug 471615 in lxc "Linux containers not working on EC2" [Undecided,New] https://launchpad.net/bugs/471615
<a_ok> how do I install sun java ?
<a_ok> instead of openjdk
<Pici> a_ok: In Lucid, sun's java is in the partner repository.
<Pici> !partner
<ubottu> Canonical's partner repositories provide packages a location for software vendors to publish applications. The repo itself can be added by running this in a !terminal: Â« sudo add-apt-repository "deb http://archive.canonical.com/ RELEASE partner" Â» where RELEASE is lucid/karmic/etc
<a_ok> Pici: is sun-java6-jre the right package?
<Pici> a_ok: If you want the runtime environment, you'd need the sun-java6-jdk package for the jdk
<a_ok> ok
<sveinse> Hi. I just recently upgraded from 8.10 to 10.04, and now the server wont boot. The server is a machine running on a vmware host.
<sveinse> A fresh install into a separate guest machine works perfectly. I get a (initramfs) prompt and it complains about not finding the rootfs (which is a LVM2)
<sveinse> Any ideas to where to start debugging this? If I use the install CD and rescue, I find all partitions of the LVM perfectly intact
<alvin> sveinse: Look into bug 360378 and bug 577353. Not sure if the situation is exactly the same.
<uvirtbot> Launchpad bug 360378 in linux "Gave up waiting for root device after upgrade then busybox console" [High,Confirmed] https://launchpad.net/bugs/360378
<uvirtbot> Launchpad bug 577353 in linux "System can not find root device with kernel 2.6.32-22" [Undecided,Incomplete] https://launchpad.net/bugs/577353
<alvin> I still have to restest that last bug on the same machine without LVM. reinstall as soon as I have time.
<alvin> XDMCP is not working anymore since upgrade to lucid. (configuration unchanged). I can see the kdm on the server, and type login and password, but then I get thrown out.
<alvin> Where can I get logs of XDMCP sessions?
<alvin> There's only Xorg.0.log
<sveinse> alvin: Yes, my server misbehaves the same way as the bug reports indicate. Problem now is to find which remedy works best. If course this happened on a production server!
<alvin> sveinse: In the second case, I boot the previous kernel. The other bug. well, that one was introduced with karmic. Keep rebooting until it works is my current workaround...
<alvin> The other workarounds in the report (kernel options) do not work for me
<sveinse> alvin: No, kernel options is not it for me either, since root=/dev/mapper/xxx. However /etc/fstab uses uuid, so I'm trying to alter that now
<alvin> sveinse: Yes, do that (see bug 563117)
<uvirtbot> Launchpad bug 563117 in ubuntu "Release upgrade converts /dev/mapper entries in /etc/fstab to UUID" [Undecided,Confirmed] https://launchpad.net/bugs/563117
<alvin> This doesn't happen to everyone. Happened to me on some machines. On most, it stayed /dev/mapper
<sveinse> Strange thing is that the test upgrade machine is now running lucid perfectly in the same settings as this one
<sveinse> So I cannot say the error is occurring randomly
<sveinse> Is fstab updated to initramfs? (I.e. do I need to run update-initramfs after updating fstab?)
<lunaphyte_> dpkg-reconfigure says "you chose not to install grub to any devices - are you sure you want to continue?" - i did not do this - why does it think i did?
<sveinse> alvin: What does it mean that it asks for password during booting?
<sveinse> IIRC there is no root pwd set per default
<sveinse> Hmm. Backup seems to be extremely important right now. Again this being a production server.
<sveinse> Which live CD can I use which will recognize the LVM partitions from Ubuntu (Intrepid)?
<guntbert> sveinse: if I remember correctly every (newer) live CD will be able to handle LVM
<sveinse> It seems reinstall is inevitable for me. Is it at all safe to use Lucid for this? I mean, due to the above bug reports and all
<alvin> lunaphyte_: Yes, install grub2 afterwards (it's called grub-pc)
<alvin> sveinse: Oh, I didn't log that bug yet. It asked my (non-existing) root password also
<lunaphyte_> alvin: it's installed.
<lunaphyte_> this appears to be related to the upgrade from 9.10 to 10.04 i just did.
<alvin> lunaphyte_: then run upgrade-from-grub-legacy
<alvin> Yes, most of my upgrades told me that I had chosen not to install grub
<alvin> (I didn't)
<alvin> You can set it right afterwards
<sveinse> Are this issues related to server upgrades or lucid in total regardless of upgrade/fresh install?
<lunaphyte_> alvin: thanks.  it seems to be fine - i just would like to understand why ubuntu thinks this.
<RoyK> is there a good reason to upgrade to grub2? i mean, grub1 works on my upgraded systems
<alvin> I don't think there is (yet)
<DrNick_> apart from grub2 being a pita to configure
<p1und3r> hey all, I just put up an ubuntu server with samba and whatnot, strange thing is that I lose internet every once in a while and I must reset my router to regain internet, can anyone point in the right direction of how to fix this?
<lunaphyte_> i like that grub 2 supports lvm.  does grub 1?
<p1und3r> i removed bind9... thinking it was DNS messing up
<sveinse> *bump* Sorry for being persistent: Can I trust lucid on a production server (yet)?
<alvin> lunaphyte_: grub 1 supports lvm
<lunaphyte_> i see.
<DrNick_> if internet works when you reset your router, its the router's fault
<p1und3r> DrNick_ the router is just crappy out and it's not my settings 100%?
<p1und3r> crapping*
<DrNick_> p1und3r: if it works fine after you reset the router, how can it be your settings?
<p1und3r> DrNick_ i don't know, before I implemented the server it never did this
<p1und3r> DrNick_ i didn't think it was my settings but that's why I'm here
<p1und3r> DrNick_ i
<DrNick_> does the server have anything to do with your internet connection?  i.e. do the stations on your LAN go through your server as a router, get DHCP addresses from it, or use it as a DNS server?
<p1und3r> DrNick_ no they use a windows server on the network
<DrNick_> it can't be much to do with the linux box then.  if you want to convince yourself tho, unplug the linux server for a bit and see if it does it.
<alvin> sveinse: I'd love to chat about that (I'm not sure either), but I have to go home now. Bye
<p1und3r> yea it sux cause it only happens once in a blue moon
<sveinse> alvin: Thanks anyways.
<p1und3r> and the fact that my office is using the shares on the linux server :|
<DrNick_> i very much doubt its anything to do with the server.  is the server itself displaying odd behaviour during the problems? have you noticed any other things in common when the problems happen?
<p1und3r> NrNick_ the only symptom is all the internet goes out thats it
<DrNick_> i wouldn't say the problem is the server then
<[[Mike]]> sveinse: You can trust lucid if you test it and find it to be trustworthy :P
<p1und3r> DrNick_ well thanks for info im gunna look in to it more
<p1und3r> DrNick_ the windows server on the network is a mess..
<p1und3r> DrNick_ and it does the Ips :D
<DrNick_> that might have something to do with it.
<p1und3r> DrNick_ maybe it doesn't like linux :p
<p1und3r> DrNick_ prior to addin the supplement everything was groovey except for exchange server
<p1und3r> lol
<DrNick_> i admit its odd if the problems actually did start after you bought the linux machine online, but i could just be chance that your router started playing up at the same time.   next time it happens i'd pay more attention to whats actually happening on your LAN - use wireshark or something
<dominicdinada> so if i add an external drive in fstab will the system error and lock if the drive is not present?
<DrNick_> dominicdinada: no it'll just fail to mount it
<dominicdinada> ok :)
<DrNick_> not that i expect anyone will know, but out of interest, anyone got an idea of how close sambe4 is to completion?  the wiki seems to have been the same for ages
<DrNick_> er, samba4 *
<RoyK> DrNick_: last I heard it's still in development - try #samba
<DrNick_> cheers
<DrNick_> would be pretty nice to run a full Windows Domain on linux servers :)
<RoyK> it's possible, but currently only for winnt4-type domains
<DrNick_> of course
<DrNick_> but i don't know many people who'd want that kind of domain anymore.
<RoyK> DrNick_: well, it works, mostly
<enav> hi guys i got i little and noob question
<RoyK> DrNick_: you can probably try and run the alpha
<DrNick_> RoyK: might be interesting to play with on a virtual network or something yeah
<RoyK> just use a VM
<RoyK> no need for a vnet
<enav> before install ebox on my server... ubuntu manual says: to access ebox  go to        https://yourserver/ebox      but is does not work
<RoyK> enav: _before_ installing?
<enav> sorry after install
<RoyK> you may have to configure apache
<RoyK> dunno - I don't use webstuff for administration :)
<DrNick_> RoyK: yes thats what i was refering to.  a virtual network inside a hypervisor.  i can have other VM's as test clients and member servers then.
<enav> royk humm that sound cool... i mean you say console is better
<RoyK> enav: by far
<enav> thanks mate
<RoyK> takes a little while to learn it, but when you know it, it is way faster
<RoyK> enav: "a little while" is something between some weeks to several years, depending on the level of knowledge and how fast you learn
<DrNick_> in my case, it took a year or so of dabling 'part time' so to speak to be able to do most routine stuff.  its so powerful though that people who've been using UNIX for 40 odd years are still learning
<enav> i learn fast
<RoyK> I installed my first linux box in 1994, and I'm still learning
<mikedep333> hey, I have a system running ubuntu-desktop 10.04, but my question is about mdraid. is it a bad idea to create an mddraid array from two block devices (eg /dev/sdb and /dev/sdc) rather than from partitions?
<RoyK> enav: go for it :)
<RoyK> it's very powerful
<DrNick_> mikedep333: thats exactly what i do assuming i want the whole disks in the array and i never have problems
<RoyK> mikedep333: it doesn't really matter
<RoyK> mikedep333: linux treats all block devices the same
<mikedep333> DrNick_, thanks, now I need to figure out why I can't mount it
<DrNick_> mikedep333: all it means is that instead of creating a partition table on the disks, the RAID metadata is on there instead, which might mean other OS's will recognise them as "new" drives so be careful there, but as far as linux is concerned it won't really matter
<mikedep333> it says /dev/md0p1 already mounted or /media/backups busy
<RoyK> as opposed to opensolaris that turns off disk cache on partitions/slices by default "just in cse"
<DrNick_> heheh
<mikedep333> I did blkid and stuff, along with mdadm -D, it looks fine
<RoyK> mikedep333: seems automount mounted it already
<mikedep333> /etc/mtab doesn't show it mounted
<RoyK> try to umount it
<mikedep333> can't I check the mount point?
<DrNick_> is it reported when you issues the 'mount' command with no arguments?
<mikedep333> "mount" does not show it
<mikedep333> umount /dev/md0p1: not mounted
<DrNick_> i can only assume you have something else mounted under /media/backups
<RoyK> cat /proc/mounts
<mikedep333> I tried mounting it on /backups, no luck
<mikedep333> note that when I try mount without -t ext3, it says "unknown filesystem linux_raid_member
<RoyK> add it to /etc/fstab and try to reboot
<RoyK> it really shouldn't mount unless you have asked it to
<mikedep333> I did
<mikedep333> let me make sure my fstab options are ok
<RoyK> have you put an fs on it?
<mikedep333> you know what
<mikedep333> previously I had /dev/md0 in fstab, rather than /dev/md0p1
<mikedep333> let me see if that fixes it
<DrNick_> hang on....
<DrNick_> have you done makefs on it?  i'm assuming you didn't create a partition on it with type "linux RAID"?
<mikedep333> I created it a long time ago
<mikedep333> with ubuntu 9.04
<RoyK> partition type?
<mikedep333> I had it mounted before I rebooted
<mikedep333> ext3
<mikedep333> I just restarted
<mikedep333> it's checking an fs
<RoyK> that's fs type
<RoyK> not partition type
<mikedep333> won't say which one
<mikedep333> oh
<RoyK> fdisk says
<AmokPaule> Hello, where i do find the config for the update manager?
<DrNick_> what's the output of 'fdisk -l /dev/md0'?
<mikedep333> it's fsck-ing
<DrNick_> o
<AmokPaule> When i do do-release-upgrade and i have hardy lts shouldn't it say me that there is a new lts available?
<RoyK> that depends on the settings in /etc/update-manager/release-updates
<AmokPaule> its set to lts
<RoyK> then it should, but I'm not sure if ubuntu-server is flagged for updates yet
<mikedep333> DrNick_, the fsck didn't help. ID: 83 System: Linux
<AmokPaule> ok ty
<RoyK> mikedep333: wtf? did fsck finish without warnings?
<mikedep333> RoyK, yes
<RoyK> which release is this?
<mikedep333> RoyK, at least I think so. Which log does fsck output to?
<mikedep333> 10.04
<RoyK> check /var/log/messages
<RoyK> hope it's not a bug, although I haven't upgraded my 8.04 boxes yet, it'd be nice for 10.04 to be somehow stable
<mikedep333> cat /var/log/messages | grep fsck just says checktime reached
<mikedep333> I think I had this problem with 9.04
<mikedep333> something to do with a process already accessing the array
<RoyK> does mount show something?
<RoyK> and what does /proc/mdstat say about it?
<mikedep333> RoyK, no, mount says nothing, I'll check mdstat
<mikedep333> oh
<mikedep333> I think I see the problem
<mikedep333> md_d0 exists
<mikedep333> and it has a few fewer blocks than md0
<mikedep333> is it raiding the partitions or something?
<RoyK> never did that on itself while I was using md
<RoyK> and that was for fairly large volumes
<RoyK> what sort of array is this?
<DrNick_> no idea what you've done there... basically when you create your raid device from the block devices, you should end up with /dev/md0 (assuming your first array), then thats the device you can put your filesystem on
<mikedep333> md_d0: inactive md0p1[0](S)
<mikedep333> raid1
<[[Mike]]> mikedep333: Did you know that `grep fsck /var/log/messages` is equivalent to `cat /var/log/messages | grep fsck`? I didn't for the longest time :)
 * [[Mike]] 's mind was blown
<mikedep333> lol, thanks
<RoyK> mikedep333: is /dev/md0p1 the first partition on md0?
 * RoyK never partitions md
<DrNick_> (alternatively a nice idea is to make your raid device a physical volume for LVM, but thats another story)
<mikedep333> md0: active raid1 /dev/sdc[1] /dev/sdb[0]
<mikedep333> RoyK, yes, /dev/md0p1 is the sole partition on md0
<RoyK> wouldn't it better to partition the drives and then put a mirror on those partitions?
<RoyK> s/a mirror/mirrors/
<mikedep333> DrNick_ said he mirrored drives (block devices) without problems, and that's how linux works
<mikedep333> hmmm, http://ubuntuforums.org/showthread.php?t=1168360
<mikedep333> oh
<mikedep333> it may be something with the UUIDs
<DrNick_> well, you specify the name of the raid array when you create it
<mikedep333> DrNick_, yeah md0
<mikedep333> /dev/sdb1, /dev/sdc1 & /dev/md0p1 all have the same UUID
<mikedep333> although I was mounting the partition by /dev/md0p1, not by UUID
<DrNick_> :s
<mikedep333> (partial) success
<mikedep333> mdadm --stop /dev/md_d0 made mount -a work
<RoyK> mikedep333: that seems to answer it quite well
<mikedep333> RoyK, yeah
<RoyK> do you have any devices under /dev/md/ ?
<mikedep333> yes, d0, d0p1, d0p2, d0p3, d0p4
<RoyK> try to mount /dev/md/d0
<mikedep333> I think they're links to the devices under /dev/dm_d0*
<mikedep333> RoyK, I think those were the issue
<RoyK> thanks - I need to remember that
<RoyK> seems the old devices names might have been removed in recent kernels
 * RoyK has a few soft-mirrored installations
<mikedep333> or rather /dev/md_d0* are links to /dev/md/d0*
<mikedep333> let me check my mdadm.conf
<DrNick_> i've never known anyone have such a confusing situation with softRAID
<RoyK> seens like a udev issue somehow
<RoyK> DrNick_: I haven't seen Jesus either, but rumors reports his existence
<mikedep333> my mdadm seems to identify the disks by uuid
<mikedep333> maybe I should identify by whatever you call it (/dev/sd*)
<RoyK> that might break md
<RoyK> not a good idea
<mikedep333> ok
<RoyK> since md might be working on the devices at the same time
<RoyK> can you mount /dev/md/d0 ?
<RoyK> or something?
<RoyK> try dd if=/dev/md/something count=10 | file -
<RoyK> see if you can find an ext3 fs
<RoyK> perhaps count=100
<mikedep333> alright, it worked!
<mikedep333> mdadm --stop seemed to fix it permanently
<mikedep333> (eg after reboot)
<mikedep333> and best of all
<RoyK> could you restart it?
<mikedep333> /dev/sdb1 and /dev/sdc1 don't show up in the side of gnome
<RoyK> or are you on single drives now?
<mikedep333> RoyK, yes, I restarted it
<mikedep333> it's mounted properly
<RoyK> check mount, then, and rewrite fstab
<RoyK> and please report the final fstab :)
<RoyK> I might have to go through this myself
<mikedep333> md0p1 is mounted
<RoyK> is /dev/md0 and /dev/md0p1 the same dev?
<mikedep333-hegem> /dev/md0p1	 /media/backups	ext3	errors=remount-ro 0	1
<mikedep333-hegem> I copied the errors=remount-r 0 1 from my root partition
<mikedep333-hegem> but still
<mikedep333-hegem> that alone did not make it work
<mikedep333-hegem> I had to do mdadm --stop /dev/md_d0
<mikedep333-hegem> that made it work
<RoyK> mikedep333-hegem: ls -lS /dev/md0 /dev/md_d0
<RoyK> I mean ls -lLi
<mikedep333-hegem> RoyK, the /dev/md_d0 devices do not exist
<mikedep333-hegem> just /dev/md0 and /dev/md0p1
<RoyK> what are the devnums for those?
<mikedep333> umm, how do I check?
<RoyK> ls -l
<RoyK> roy@fred:~$ ls -l /dev/ttyS0
<RoyK> crw-rw---- 1 root dialout 4, 64 2010-04-25 16:33 /dev/ttyS0
<RoyK> 4,64 are the devnums
<RoyK> major,minor
<mikedep333-hegem> brw-rw---- 1 root disk   9, 0 2010-05-11 13:19 /dev/md0
<mikedep333-hegem> brw-rw---- 1 root disk 259, 0 2010-05-11 13:19 /dev/md0p1
<RoyK> huh? wierd
<RoyK> can you pastebin /proc/devices?
<mikedep333> RoyK, I'm not familiar with devnums
<RoyK> mikedep333: devices in unix (and linux) have major and minor numbers - the major says which devices is used and the minor which part of it - basically
<RoyK> md0 and md0p1 have separate major numbers
<mikedep333-hegem> http://paste.ubuntu.com/431797/
<mikedep333-hegem> gotcha
<mikedep333-hegem> oh
<mikedep333> brb, bathroom
<RoyK> erm - so they changed from md to blkext?
<mikedep333> RoyK, I'm not sure what you mean
<RoyK> it's two different drivers
<RoyK> in kernel
 * RoyK checks
<kaushal> hi
<kaushal> is there a mailing list in Ubuntu for reporting Hardware issues ?
<wvusportman1280> hello. i have 10.04 installed and am trying to do ldap authentication with apache2.  I currently getting "Can't connect to the server" messages in the the apache log. and ldapsearch -d 5 shows that the certificate is being rejected.  However when the dates are being reviewed, its between 2009 and 2012.  Also of note, that if i use ldap:// instead of ldaps://, it works perfectly fine.
<RoyK> kaushal: http://kurl.no/5KZ4
<mikedep333> kaushal, you mean the drivers for th hardware have bugs?
<kaushal> I have a Machine check Exception
<RoyK> those are usually driver bugs
<RoyK> report it
<RoyK> or google first
<mikedep333> speaking of hardware support, I was impressed. I bought a radeon 4000 series card (late 2008, latest is 5000 series) and the X.org FOSS driver had 3d acceleration!
<mikedep333> nexuiz (demanding 3d game) ran slow as balls on this low-end card, but still. compiz fusion ran great
<kaushal> RoyK: shall i pastebin my issue ?
<RoyK> kaushal: no, report a bug
<RoyK> it's probably something noone in here can fix, but perhaps the ubuntu wizards can
<kaushal> I have posted it to the Ubuntu Server Mailing list but did not get any answer
<RoyK> just report it as a bug
<kaushal> Its a Hardware level Machine check exception
<RoyK> add all possible info
<RoyK> a machine check exception is mostly due to bad drivers in my experience
<RoyK> either that or bad hardware
<RoyK> heh - oracle sucks - a bug was filed to oracle about a solaris problem by Opera and Opera was told they didn't have their EUR 500k support contract so they could find out about it themselves, so they simply dropped solaris support :D
<mikedep333-hegem> hmm, I used a linux serial terminal emulator before with text interactive interface. does anyone know what it is called?
<kaushal> RoyK: can you please paste me the URL to report bug ?
<kaushal> I have been going through https://help.ubuntu.com/community/ReportingBugs
<alvin> RoyK: Do you have a link about Opera dropping dupport for Solaris?
<mikedep333-hegem> oh, minicom
<RoyK> alvin: I got the story from the opensolaris ml - opera dropping solaris is on opera's website
<alvin> I use Opera on Solaris :-(
<alvin> I heard 2 things about Opera today: support for Opera on Maemo is coming, but they drop it for Solaris.
<RoyK> http://my.opera.com/desktopteam/blog/2010/04/29/the-setting-sun
<binBASH> Hi all
<binBASH> someone got a package for 64 bit lucid? I would need varnish 2.1.2
<binBASH> Seen lucid only has 2.1.0
<RoyK> is there a big difference?
<binBASH> 2.1.0 has memleak bug afaik
<RoyK> the bugfix might be backported
<RoyK> it's quite common to stick to a version a backport the fixes
<binBASH> RoyK: How would I know that? :)
<RoyK> it's probably done already
<RoyK> they backport the fixes in the repositories
<RoyK> debian has been doing that for 10 years or so
<RoyK> other distros as well
<qman__> for example, PHP -- php5-common (5.3.2-1ubuntu4)
<qman__> it's 5.3.2, but it's been patched at least 4 revisions
<binBASH> how to see what patches are applied?
<qman__> well, on the packages site, there's options to download the original source, the patched source, and the diff between the two
<qman__> probably a changelog somewhere, though I'm not sure where to get it
<uvirtbot> New bug: #578930 in qemu-kvm (main) "Lucid qemu-kvm: ksmd default config is CPU hog" [Undecided,New] https://launchpad.net/bugs/578930
<ziesemer_> My /etc/apt/sources.list seems to have been modified by something, and is missing many lines - including all the deb-src ones.  What is the easiest way to get it back to a "default"?
<pmatulis> ziesemer_: /usr/share/doc/apt/examples/sources.list ?
<pmatulis> ziesemer_: now investigate etckeeper, it helps with this kind of thing
<ziesemer_> pmatulis: Thanks.  Unfortunately, though, that one doesn't like anything like the default.  Will look at etckeeper, though!
<pmatulis> ziesemer_: what release are you running?
<ziesemer_> 10.04
<ziesemer_> I did just copy over scp from another VM I had just installed, so I'm working for now - but would like to find a better way in case I didn't have a VM available, etc...
<pmatulis> ziesemer_: you can download the source (of 'apt' in this case).  but that yields the same file for me as the one given previously
<dominicdinada> need a hand with fstab
<uvirtbot> New bug: #578947 in mysql-dfsg-5.1 (main) "Doesn't work after upgrade" [Undecided,New] https://launchpad.net/bugs/578947
<dominicdinada> need a hand with fstab please
<docta_v> the xen packages on 10.04 don't have xen-create-image
<docta_v> so what is the preferred way to setup guest domains now?
<therian> can UEC process graphics at host level?
<therian> and also can you use nodes for input and output?
<therian> thanks guys
<Tyler--> Just asked in #ubuntu, but its a little crazy :-x. I'm new to ubuntu, but installed lucid on my server and was trying to add some ppa's and of course was following some guides, but ran into this: add-apt-repository: command not found
<alvin> Isn't it apt-add-repository?
<Tyler--> sudo: apt-add-repository: command not found
<alvin> It's part of the python-software-properties package. probably not installed on a server
<alvin> You don't need it anyway. Add the sources in /etc/apt/sources.d/<whateveryouwant>.list and apt-key the key
<Tyler--> alvin: thank you
<alvin> sudo apt-key adv --recv-keys --keyserver keyserver.ubuntu.com <insertkeyhere>
<enav1> hello i got a question the ServerAdmin  on apache config for a new site  it could be any email i want???
<juanjoA>  hi, I cant install ubuntu 10.04 lucid with raid1 from installation (ALERT! dev/by-uuid.... busibox).  Is a bug?
<juanjoA> ubuntu server i386 / asus p5kpl-am epu / seagate 500GB x 2
<enav1> juanjoA im doing some tests on virtualbox so far no problem with raid with 3 hdds
<enav1> juanjoA this is the guide to install raids http://is.gd/c4OPI
<juanjoA> thx, I have installed karmic and dapper without problems
<juanjoA> but over lucid I dont have chance
<juanjoA> I see on the forums many problems with same result = busybox
<enav1> moss open console an type this:  update-grub2
<enav1> moss show me the outcome using http://pastebin.com/
<itsonlyme> hi, I just installed 10.04, logged in the first time to updated network/interfaces for astatic ip, and rebooted.  On the reboot the machine booted to a message "fsck from util-linux-ng... clean...." and got stuck.  I can log in from ssh and everything works as expected remotely, but there is no prompt on the local display.
<itsonlyme> any ideas?
<therian> how do you create more virtual desktops with the command line? and how would you access them with remote desktop? im having a hard time getting the good lord google to tell me
<itsonlyme> therian: press alt - f1 to alt -6
<itsonlyme> is that what you want?
<therian> no
<itsonlyme> sorry
<therian> lol its ok
<itsonlyme> X11 virtual desktops?
<therian> i already run compiz
<therian> ya
<therian> i learned it in school just forgot how to do it lol
<itsonlyme> oh... hang on.  I saved instructions for that, if I can find it.
<therian> thank itsonlyme
<chrismsnz> hey guys, is there a support channel for wrangling netboot?
<brianherman> Ok, so I installed wordpress on my ubuntu server
<artisan> anyone knows of a xen4 ppa?
<brianherman> how do I make it so it follows symlinks so when i goto <ip address of my server >/wordpress it goes to wordpress
<artisan> or at least dom0 kernel?
<artisan> brianherman: which webserver?
<brianherman> ubuntu 9.04 server
<artisan> brianherman: which webserver software?
<brianherman> oh apache2
<artisan> sec
<artisan> brianherman: http://www.linuxquestions.org/questions/linux-software-2/redirecting-apache2-to-wordpress-site-by-default-669117/
<brianherman> artisan: THANKS!
<artisan> np
<artisan> anyone knows of a xen4 ppa? or at least dom0 kernel?
<artisan> (for lucid)
<brianherman> wait I want to do the opposite
<brianherman> oh man artisan
<brianherman> 9.04 was the last release to support xen
<brianherman> :(
<itsonlyme> therian sorry man, couldn't find it.
<therian> itsonlyme: thats ok, thanks for looking, and you pointed me in the right direction
<brianherman> artisan: http://bderzhavets.wordpress.com/2009/06/25/setup-xen-3-4-1-dom0-on-top-of-ubuntu-9-04-server-via-marc-a-dahlhauss-udev-patch/
<artisan> brianherman: no thanks, that is not xen4, but thanx for the effort
<brianherman> Ok real easy question How do I get apache2 to execute .php files
<artisan> brianherman: hehe
<artisan> my apache knowledge is a bit rotten, but imho it was via mod_php
<artisan> there is actually a recent dom0 kernel in debian/sid
<artisan> hm, seems I'll go for this one, regarding xen4: http://publications.jbfavre.org/virtualisation/migration_form_xen3_to_xen4_lvm_drbd_debian
<artisan> same same for ubuntu :)
<brianherman> artisan: Good luck, I hope nothing breaks.
<artisan> brianherman: will go for it on a testing cluster first :)
<brianherman> My place systeminplace uses xen, but I only know that xen virtualizes... thats about it.
<brianherman> I mean hosting provider
<brianherman> hi u0324 and msantos
<brianherman> Whats crackin?
#ubuntu-server 2010-05-12
<storrgie> I have a networking issue, is anyone a network guru in here? this one may be hard to spot
<chrismsnz> drop it in here, if someone can help they'll pipe up :)
<dominicdinada> storrgie: still breaking stuff ? i might be able to help
<storrgie> yeah this is the same ongoing issue
<storrgie> I'm not exactly sure what it is or how it may be related to things
<storrgie> I would draw you a picture if i could
<storrgie> let me explain my network
<dominicdinada> ok
<storrgie> gateway is a U-Verse modem
<dominicdinada> ok
<storrgie> wired directly into a WRT54GL router
<storrgie> that router does everything
<dominicdinada> i got one of them
<storrgie> the modem doesnt do junk
<storrgie> so behind that router we have various machines
<storrgie> important one is a server
<storrgie> big rig
<storrgie> running ubuntu 10.04
<dominicdinada> Why have the mrt54gl then ?
<dominicdinada> wrt54gl uverse router is all in one
<storrgie> no the U-verse modem doesnt do anything
<storrgie> noo
<storrgie> the WRT54G is a router
<storrgie> the Uverse 2wire thing is our modem
<dominicdinada> yes the hg 3800 is a router/modem i have one :/ but continue
<storrgie> alright
<storrgie> so
<storrgie> i made a change
<storrgie> i moved all linux machines to 10.04
<storrgie> thats four laptops, my server and one desktop
<storrgie> my main laptop
<storrgie> i use pidgin on it
<storrgie> im using it right now to talk to you
<storrgie> i use it for IRC/Gtalk/AIM/etc
<dominicdinada> oik
<storrgie> alright so
<storrgie> after the change i tried something new
<storrgie> the server
<storrgie> our fileserver
<storrgie> i set up KVM on it
<storrgie> using bridged networking
<storrgie> i started up a bunch of VMs
<storrgie> so it appears
<storrgie> when I have VMs running
<storrgie> on the server
<storrgie> my laptop
<storrgie> which is completely seperate
<storrgie> arbitrarily drops connections to gtalk/aim/irc
<storrgie> but only when the VMs are really talking
<storrgie> like one of them
<storrgie> i put transmission-daemon on
<storrgie> if transmission-daemon is running
<storrgie> poof i drop connections on my laptop like crazy
<dominicdinada> I am not sure of this one... :(
<storrgie> yeah
<storrgie> i am super confused
<dominicdinada> could be that either the machines change something in your network settings or that there is alot of traffic and it keeps flooding you off
<storrgie> yeah i think its the traffic thing
<storrgie> i am sniffing right now
<storrgie> I see a TON of traffic like this:
<storrgie> http://pastebin.com/GjFHtEk6
<storrgie> it seems to be taking place between my router and a windows machine on the network
<storrgie> the only windows machine
<dominicdinada> can you output more of it...
<dominicdinada> your using wireshark right ?
<storrgie> yep
<storrgie> http://imgur.com/rZlk1
<dominicdinada> which is which then ?
<dominicdinada> Cisco  --- Liteon
<storrgie> cisco is the router
<storrgie> liteon is my roomates silly dell running windows 7
<storrgie> how do i check for network loops
<storrgie> maybe STP is hurting me
<dominicdinada> network loops would be in the network configuration but maybe he is running filesharing
<storrgie> i doubt he is, but either way thats a lot of traffic
<storrgie> not sure how  to stop it
<dominicdinada> you could also check both routers configuration if he is port forwarding it to run a different application maybe
<storrgie> the windows machine?
<dominicdinada> yes whatever liteon represents lol ( only knows liteon as cd/dvd burners )
<storrgie> sorry
<storrgie> dropped
<f1yback> is there an official vm
<dominicdinada> http://ckp.made-it.com/ieee8022.html
<storrgie> dominicdinada: i just dont know what to do
<dominicdinada> but it doesnt describe why it is flooding the windows machine, is that connectivity off and on also ?
<storrgie> yeah
<storrgie> off and on
<dominicdinada> and if you turn off the transmission daemon what happens ?
<storrgie> stability... it appears
<dominicdinada> !transmission
<dominicdinada> blah
<dominicdinada> !daemon
<storrgie> what about it
<dominicdinada> well is there a setting to specify the address that you want to use the transmission daemon ewith
<egsome> i'm going to open a small programming office, How can i benefit of the Ubuntu Server Cloud technology in that environment ( about 4 PCs connected with Ubuntu Server by LAN ) ?
<dominicdinada> Because this is all traffic from your router so it is not the machine that is running transmission daemon unless it is sending requests for other clients/servers
<egsome> anyone can help ?
<dominicdinada> I have not worked with cloud as of yet
<dominicdinada> !cloud | egsome
<dominicdinada> !server
<ubottu> Ubuntu Server Edition is a release of Ubuntu designed especially for server environments, including a server specific !kernel and no !GUI. The install CD contains many server applications. Current !LTS version is !Lucid (Lucid Lynx 10.04) - More info: http://www.ubuntu.com/products/whatisubuntu/serveredition - Guide: https://help.ubuntu.com/10.04/serverguide/C/ - Support in #ubuntu-server
<dominicdinada> egsome: http://www.ubuntu.com/cloud
<egsome> at all, with cloud in ubuntu server i can get for example ( low spec. PCs ) and let them work with the cloud ( that is installed on a very high spec. PC ) , Right ?
<dominicdinada> as i assumed it uses free resources for other machines but in a tiny office i dont see the gains unless you are using CAD or Video editing not just IDE's
<dominicdinada> from what i know it shares resources and well simple text,ide's are not intensive to begin with
<dominicdinada> like i said before graphics,cadding, video editing and so on would gain from it but dont rely on what i say
<dominicdinada> when i think of cloud, i think more of server farms that are not efficently using the processors and or load balancing
<egsome> dominicdinada, thanks anyway, and i think that you're right
<egsome> dominicdinada, anyway i were thinking in ways to make the PCs less in spec. and for sure suitable for programming
<dominicdinada> egsome: like i said get a second opinion but from text book in my networking classes........ i dont see a gain other than centeralizing files
<dominicdinada> egsome: I hate to say it but a descent PC/Laptop etc you can get for a few hundred hell you can even develop on netbooks
<egsome> dominicdinada, yeah that's right, but the screen size would be so hard, so i think about a desktop pc for each programmer
<dominicdinada> true :P
<egsome> dominicdinada, i thought today about mainframes :), i see it would be useful in my case, one big computer do all the job, and some screens and KBs and Mouses .. no more :)
<dominicdinada> yes
<dominicdinada> that would work build a good server and then you can do that
<dominicdinada> 1 server 4 TB 16 Gigs ram.... but then your already paying more for the server than 4 brand new mid grade pc's  again unless your makinggames,video blah blah :P
<dominicdinada> i forgot games before and top end gamming machine cost a few grand
<slipperychicken> "HostRAID" = fake raid, yes ?
<slipperychicken> this supermicro board is giving me "adaptec raid" and "intel raid"
<ChmEarl> slipperychicken, #dmraid -r    (to expose fakeraid)
<slipperychicken> on boot with adaptec, it's posting with "HostRAID - ICH10R"
<slipperychicken> booting...
<ChmEarl> ich10r is fakeraid via northbridge
<slipperychicken> so with this DMRAID command, it'll tell me whether or not it's a real raid controller ?
<slipperychicken> ps: this whole raid-trickery is silly, imho.
<ChmEarl> it tells what fakeraid metadata is there
<slipperychicken> so miss leading.
<slipperychicken> aight.
<ChmEarl> unless you setup ich10r raid bios, there should be none
<ChmEarl> slipperychicken, I got ich5r metadata to work with an upgrade to ich10r before
<ChmEarl> moved some drives from a p4 mboard to a C2Duo
<slipperychicken> hrm, there is no OS installed, just booting from the 10.04 server iso.
<slipperychicken> dmraid isn't in the installation.
<slipperychicken> would using the irc10r raid be better than an MD software raid ?
<slipperychicken> easier to recover from a disaster i'm guessing ?
<ChmEarl> slipperychicken, if you don't want ich10r keep going, but if you do then start over and setup the raid bios
<slipperychicken> whats are the pros of using ICH10R vs MDraid ?
<slipperychicken> or cons.
<slipperychicken> you would need a ICH10R raid controller to read the raid if the server blew up, yes /
<ChmEarl> if you are going to co-locate the box and didn;t have access, then fakeraid is trouble
<slipperychicken> that's what's going to happen. :)
<slipperychicken> it's going to a data centre in about 3 days.
<slipperychicken> 24x7 biometric access.
<ChmEarl> slipperychicken, if your OS and boot partition will go on raid, then don't use fakeraid
<slipperychicken> MD raid it is. :)
<ChmEarl> slipperychicken, data on fakeraid is OK
<slipperychicken> thx mate.
<slipperychicken> that's what i'm reading.
<_Snark> ok. I have a ubuntu server softraid setup with LVM. All is fine. Until I get to the grub install, wherein it critically fails. I have 2 disks mirrored in softraid. any pointers? :|
<_Snark> i have a bios/grub partition on sda seperate to the raid/lvm volumes
<_ruben> /boot can live on softraid just fine, grub just doesnt handle it being on lvm (lilo does afaik)
<_ruben> not sure if grub2 changes any of that
<enav> _Snark im not expert but maybe here is the answer to your problem http://is.gd/c59jt
<_Snark> well, i'm not using grub2, just grub1, and yeah
<_Snark> grub-installer just reports "wrong number of args: mapdevfs <path>"
<_Snark> when i try and run it manually on md0
<_Snark> this is 10.04 LTS, btw
<_ruben> i always use the grub command to install it onto a sw raid .. and i thought 10.04 used grub2?
<_Snark> and this is after completely giving up on getting 10.04 running on this machine with fakeraid :|
<_Snark> it can use either i thought?
<_Snark> but i could be wrong.
<_Snark> *could
<_ruben> http://paste.ubuntu.com/432025/ <-- my notes on installing grub1 on sw raid "manually"
<_Snark> regardless which it is, it isn't happy, and none of the error messages / logs report anything useful as a result of the "critical failure"
<_Snark> i don't have grub normal available.. i don't think
<_Snark> this is during the 10.04 guided install
<_Snark> i've just switched to a new terminal to mess about on cli in the hopes i can trick the thing into working :|
<_Snark> i have grub-installer and that's it from the looks
<_ruben> assuming grub1, you should be able to chroot into the installed system and run grub from there
<_ruben> how to do this trick with grub2 i dont know (yet)
<_Snark> both grub1 and grub2 seem to be available on the disk, still nfi which is attempting to be used though
<_Snark> *install CD that is
<_ruben> i think grub2 is used by default on the recent versions
<_Snark> main partition is mounted under /target it seems.. aaaand there isn't much there.
<_Snark> can't get the grub-installer script to return anything bar the "wrong number of args" message either
<_Snark> le sigh.
<_Snark> it seems like this shouldn't be such a struggle.
<_ruben> odd, it should be containing the installed system indeed
<_ruben> i dont even recall the last time i had issues with grub (be it 1 or 2) .. i just make sure /boot always is either a plain partition or 'simple' sw raid volume, and put the rest on lvm .. has worked like a charm for me thusfar
<_Snark> i have /boot on a small ext4 partition on sda
<_Snark> grub is still critically failing while attempting to install
<_Snark> and giving no indication as to why
<_Snark> so far 10.04 has made me want to shoot myself in the face :|
<twb> That's a feature
<twb> But I wouldn't use ext4 for /boot...
<_Snark> guess it stops people from running off to use other distros :p
<_Snark> well, i am not married to anything, and low on knowledge, i'm not used to having to faff about anywhere near this much when installing any distro
<trimeta> I screwed up my grub when upgrading to Lucid; I forgot to mount my /boot partition during the upgrade, so the new kernel got put onto the main volume (which is a logical volume in a physical volume in a RAID5...it's slightly complicated); when I moved the kernel back to the dedicated root partition (which itself is a RAID1, but that isn't as important), it screwed up the boot.
<trimeta> If I run it with a liveCD, how much work will it be to tell Grub where the kernel is now? Just rerunning update-grub or something?
<twb> Depends how stupid grub is these days.
<twb> You used to be able to fake your way through it by just installing grub into the MBR manually.
<trimeta> It's using grub2 now.
<twb> Precisely
<IpWned> ladies and gents, I'm running a dedicated server on Karmic, it has 2 internal HDs and I can't get the second HD to work if my life depended on it. Badly enough, as soon as that second HD has a partition on it I can't remote boot that server again. Anyone willing to help me out with this?
<twb> IpWned: is it listed in /proc/partitions?
<IpWned> it is yes
<twb> OK, so it's working.
<IpWned> to elaborate
<IpWned> if sdb is unpartitioned
<IpWned> I boot fine
<IpWned> but as soon as i run fdisk and partition
<twb> Is the bootloader installed to both disks' MBRs?
<IpWned> the server won't boot to the point where SSH loads anymore
<IpWned> nope only sda
<IpWned> sdb is pristine-empty
<twb> These are SATA disks?
<IpWned> oddly enough, once a partition is present on sdb, the only way i get to boot far enough to get SSH is to completely destroy sdb's mbr using dd command
<IpWned> yes SATA
<IpWned> i should mention it's a remote server
<IpWned> so I don't see any screen output once the partition is present
<twb> OK, I hypothesize that what you consider to be the "first" disk is actually plugged into the second port on the motherboard.
<IpWned> that's down the line I was thinking
<twb> Your BIOS is "helpfully" swapping them around in software when it discovers that there's no partition table on the first disk
<twb> I have had *lots* of problems along those lines with remote C4/grub1 SATA deployments.
<IpWned> sighs. nuthin but trouble with server.lu
<IpWned> it sounds reasonable
<IpWned> only thing i can imagine at this point
<IpWned> the drive seems to work fine if I format and mount it in a running session
<twb> What you want to do is either 1) have the local monkey swap the cables; and/or 2) ensure that there's a boot path from either disk
<IpWned> uhm .lu tickets are infamous for taking 5 days lol
<IpWned> how would i go about putting a boot path on the second drive
<uvirtbot> New bug: #578922 in mysql-dfsg-5.1 (main) "mysql configuration does not prevent against combined attacks against LAMP stack" [Undecided,Triaged] https://launchpad.net/bugs/578922
<twb> IpWned: I don't know what a .lu is.
<twb> IpWned: you'd do exactly the same thing you did to make the first drive bootable
<twb> Probably something along the lines of grub-install '(hd1)', and possibly ensuring /boot is mirrored across all drives in a RAID1.
<trapmax> i use squashfs to backup data. when i append my sfs-file with -keep-as-directory -option, how can i set the directory name to be appended?
<drcode> hi all
<drcode> how can I backup online server in ubuntu?
<twb> trapmax: I'm curious; why did you select squashfs?
<drcode> I got confuze with all backup tools
<drcode> Irun ubuntu server , I need some solution to make online backup
<IpWned> twb sorry was spurting off to try it lol my bad
<IpWned> .lu is server.lu
<IpWned> my hoster
<trapmax> twb: i have lots of small files and duplicates.
<hmw> the link in the channel topic looks outdated: http://tinyurl.com/ubuntuserv
<twb> trapmax: what, squashfs does block dedupping?
<twb> Hmm, I suppose it might effectively achive that due to gzip
<Mkools> mcas: Hi
<Mkools> mcas: I am getting this when start tomcat servelet engine: WARNING:   No rules found matching 'Server/Service/Engine/Host/Host/Valve'.
<pecisk> hi people, I creating seed files to automatically restore my Ubuntu servers. I can't find several parameters though. Is there somewhere full reference of seed parameters?
<pecisk> I want to preseed answer for question should system download language packages
<RoAkSoAx> kirkland, eucalyptus (backend) is java based?
<pecisk> duh, already found answer :)
<pecisk> nevermind
<kirkland> RoAkSoAx: parts of it (CLC, WC, SC) are Java based
<twb> Java's "enterprise-ready"! :-/
<kirkland> RoAkSoAx: CC and NC are written in C
<RoAkSoAx> kirkland, ty
<Mkools> Can anyone help?
<Guest_52> is it safe to use torrent as a backup. without the .torrent file you wont be able to download the seeded file right?
<_ruben> torrent as backup solution, how odd is that :)
<said1976>    	 	 	 	 	 	   Hi
<said1976> I'm new in the Linux world  and system administration
<said1976> I've created a local server on the internal networks at home and I installed LAMP + Samba + Openssh on the server for the application of the study.
<said1976> Ubuntu server version I used is 10.04
<said1976> The device used a bit old, but he works well
<said1976> A connected devices on the network are: Sony PlayStation 3 and DreamBox and another computer in addition to the  server and all networked to the modem type of Cisco EPC2425 by cables and I have a laptop connected by wireless.
<said1976> We have come to the problem
<said1976> The problem is that when I run the server the wireless disappears from the network and laptop disconnected (if it was) and when I Turn off the server the wireless comeback to appear and the connection is excellent. This is the problem
<said1976> Of course, those who will ask, have I modified a file in the server interface to the work static ip .
<said1976> Information network interface on the server of the type Netgear FA310TX
<said1976> Thank you
<said1976> hi ppl
<said1976> nobody have a resolve to my question
<said1976> hello
<said1976> any body there
<said1976>    	 	 	 	 	 	   Hi
<said1976> I'm new in the Linux world  and system administration
<said1976> I've created a local server on the internal networks at home and I installed LAMP + Samba + Openssh on the server for the application of the study.
<said1976> Ubuntu server version I used is 10.04
<said1976> The device used a bit old, but he works well
<said1976> A connected devices on the network are: Sony PlayStation 3 and DreamBox and another computer in addition to the  server and all networked to the modem type of Cisco EPC2425 by cables and I have a laptop connected by wireless.
<said1976> We have come to the problem
<said1976> The problem is that when I run the server the wireless disappears from the network and laptop disconnected (if it was) and when I Turn off the server the wireless comeback to appear and the connection is excellent. This is the problem
<said1976> Of course, those who will ask, have I modified a file in the server interface to the work static ip .
<said1976> Information network interface on the server of the type Netgear FA310TX
<said1976> Thank you
<said1976> ?????????
<_ruben> said1976: define "wireless disappears"
<said1976> i can connect to my wireless network
<said1976> its look like the modem stop sending wireless
<said1976> *i can't
<said1976> (01:22:44 PM) said1976: i can't connect to my wireless network
<said1976> did u got it ruben??
<_ruben> the most obvious, but unlikely at the same time, would be that the server emits so much radio noise, that it interferes with the wifi signal .. what happens when you power on the server but dont connect the network?
<_ruben> or do you see the network, but cant get an ip address?
<_ruben> "can't connect" is a tad ambiguous
<said1976> ok, i mean the network desappeard , when the server is off i can see the network name and can connect to it
<said1976> but when i start the server , i disconnect automaticlay from the network if i was logged on, or if not , i dont see my network name
<said1976> i didnt try to start the server and plugd it out
<said1976> i will when i get home
<said1976> got it ruben??
<_ruben> you could also see if the modem does do any logging and see if anything weird shows up when you power up that server .. and double check its wifi settings when it doesnt work
<said1976> thanx ruben, i did check my moden many times , but i will check again when i get home
<said1976> ruben , you will be here att night , or in which times u are online
<said1976> ?
<_ruben> said1976: during working hours (8am-4pm) i tend to be more or less around (but also doing work, so not always responsive) .. during the night im here when im here ;) (same timezone as you btw)
<said1976> _ruben: ok, i will try what u told me to do and see, otherwise if u come with something new in the next tow and half hour so just post it to me,   thanx
<_ruben> sure, no problem
<phil_> hi all
<phil_> just download 10.04 Ubuntu Server and wishing to install on a HP Proliant that has no OS onit already
<phil_> can anyone help at all
<Pici> phil_: You'll have better luck if you ask an actual question here :)
<said1976> phile_:its simple, burn the iso file on cd and run it on the HP and follow the instructhion
<phil_> tried that however the server is not booting to the cd/dvd rom for some reason
<alvin> Read the manual in order to know what key you have to press or BIOS setting to set in order to boot from CD. (and make sure the CD drive isn't broken or can't read writable cd's)
<phil_> does it matter that i have dual dvd drives
<alvin> I'm trying to upgrade 4 hardy servers with do-release-upgrade, but they all say 'No new release found'. Isn't that the proper way?
<alvin> phil_: no
<said1976> phil_:you have to go to the bios in your HP and change the the boot option to boot from the cd-rom
<RoyK> alvin: it's probably not flagged for server release upgrade yet
<alvin> RoyK: Oh, ok. I can wait. Thanks
<phil_> thankyou for your help i will try and find my manua now
<RoyK> alvin: dunno, but someone said here that won't happen until 10.04.1 will come out
<RoyK> alvin: do-release-upgrade -d if you can't wait :)
<alvin> Nono, I can wait. If it's not flagged, there's probably a good reason for it.
<xperia> hello to all. i have a external usb disk but the access to the data on this usb disk is very slow. anybody know any tweeks to make the usb disk more responsive ?
<Omahn> xperia: Might be worth checking you're plugged into a USB2 rather than the older & slower USB1 interface.
<xperia> well it is a usb1 port on the server
<Omahn> xperia: In that case it will be, very, very slow.
<Omahn> xperia: It's just a limitation of the interface I'm afraid.
<xperia> why that cant understand becouse even a ls on the disc takes sometime minutes
<xperia> till i get the list of a few files in a directory
<Omahn> xperia: If you have lots of files in the directory you're performing the ls on then it's relatively normal.
<xperia> the thing is it is allways the first time. on the second run it is very fast but okay it looks like all the problems are related to usb1
<Omahn> xperia: Second time the meta data will be cached and so it doesn't need to go over the USB interface.
<xperia> Omahn: ahhh okay thanks for the info. well need in this case usb2 at least
<Omahn> xperia: No problem at all. If possible it might be worth purchasing a USB2 interface card, they're relatively cheap.
<xperia> ohhh did not know that. have to search in ebay then. on the otherside have to look if i have any free slots.
<Omahn> xperia: Ah, yes, you will be a little stuck if you don't have any slots :-)
<xperia> Omahn: have done some transfer tests with hdparm on this usb disk
<xperia> what do you think about this values
<xperia> "/dev/sdb2:
<xperia>  Timing cached reads:     2 MB in  2.12 seconds = 965.21 kB/sec
<xperia>  Timing buffered disk reads:    4 MB in  3.92 seconds =   1.02 MB/sec"
<xperia> so it is 1 MB per second
<Omahn> xperia: Yep, that's about right for USB1.
<xperia> bad bad bad
<Omahn> xperia: Yeah, only useful for mice and keyboard really.
<xperia> yeah indeed. have pluged in a 1 TB USB DIsk and have to save a lot of Videos on this Disk over Internet
<Omahn> xperia: Wikipedia says USB1 is capable of a maximum 1.43MB/s, with overheads 1.02MB/s is probably the quickest it will go.
<xperia> Omahn: thank you a lot for your Help. Got more wise now
<Omahn> xperia: No problem. :-)
<ruben23> hi guys
<ruben23> is ubuntu-server 8.04 LTS can fit in on a CD-R..?
<Omahn> Hi ruben23
<ruben23> or does it need to be on a DVD-R
<Omahn> 700M CD-R
<ruben23> Omahn: thanks
<Omahn> pl
<Omahn> Wrong window. damn.
<ruben23>  Omahn:what country are you..?
<Omahn> ruben23: UK
<ruben23>  Omahn: you a sysadmin..?
<Omahn> ruben23: Indeed.
<ruben23> very nice
<ruben23> what application servers you maintain..?
<Omahn> ruben23: I work more at the operating system level rather than the application level, we have other groups for that.
<ruben23>  Omahn: whats on the opearating system level..?
<Omahn> ruben23: I've just double checked the 8.04 ISOs and the server releases will actually fit on a standard CD-R. The alternate and desktop ISOs do need 700 CD-R though.
<ruben23> Omahn: yeah i have burned it now on a clean CD-R
<ruben23> Omahn: im sure you good at what you do..
<RoAkSoAx> kirkland, waiting for you :)
<ryoohki> does anyone here have a default lvm install on a fresh 10.04?  i have a simple question
<guntbert> ryoohki: server?
<ryoohki> guntbert: yes.  i want to know the default lvm names for the root vg and the lvs / and swao
<guntbert> ryoohki: just installing - I'll tell you when its finished
<ryoohki> guntbert: in fedora it would be VolGroup00/LogVol00 for / and VolGroup00/LogVol01 for swap
<guntbert> ryoohki: did you choose "guided - entire disk - with lvm" ?
<ryoohki> guntbert: in ubuntu i think it maybe servername/root and servername/swap_1
<ryoohki> guntbert: no but that's the info i want to know
<guntbert> ryoohki: trying ...
<ryoohki> guntbert: i think you can see the info with "egrep 'root|swap' /etc/fstab" or "vgdisplay" or "lvdisplay" or "lvscan"
<guntbert> ryoohki: yes, but only after the installation :-))
<ryoohki> guntbert: do you have an eta?
<guntbert> ryoohki: maybe only a few minutes
<ryoohki> guntbert: thanks!  i'll wait
<ruben23> hi whats the features and added stability for the new ubuntu-server..?
<guntbert> ryoohki: I'm doing it in a VM -- its muck quicker :-)
<ruben23> the new release
<guntbert> ryoohki: the root VG is just the server name
<guntbert> root is on servername/root and swap is on servername/swap_1  as you already guessed :-)
<ryoohki> thanks!
<guntbert> ryoohki: you're welcome :-)
<ryoohki> i'm going vm too, i'm going to have ubuntu server 10.04 and 2 uec ubuntu 10.04 cloud instances
<ryoohki> guntbert: going to practice private cloud at home
<ryoohki> guntbert: is there a ubuntu uec channel?
<guntbert> ryoohki: have fun :-)
<ryoohki> guntbert: thanks again
<guntbert> ryoohki: I don't know about an uec channel - best try it here
<ruben23>  hi whats the features and added stability for the new ubuntu-server..?
<ruben23> new release version
<cipher42> can anyone tell me why "do-release-upgrade" crashed my server?
<cipher42> when i reboot i get not display
<cipher42> is anyone here?
<ruben23> hi anyone can help, i got connection refused ssh on my ubuntu-server
<ruben23> i got connection refused
<aoeuhtns> ruben23, have you installed openssh-server?
<ruben23> anyone have idea..?
<ruben23> yes
<ruben23> during the fresh install
<ruben23> but problem
<guntbert> oubiwann: please don't change your nick so often
<ruben23> when i do  /etc/init.d/sshd restart----> i get no such directory
<ruben23> aoeuhtns: what could it be
<cipher42> you need to apt-get install openssh-server
<cipher42> like he said
<aoeuhtns> ruben23, that should be /etc/init.d/ssh
<ruben23>  aoeuhtns: same thing no such file or directory..
<ruben23>  cipher42: i have install openssh-server during the installation process
<aoeuhtns> ruben23, I'd say do "apt-get install openssh-server" just to see what happens
<ruben23> package openssh-server is not available
<cipher42> yea sounds like it's not there
<cipher42> apt-get update
<cipher42> then try again
<ruben23> when i do apt-get install openssh-server
<cipher42> after apt-get update
<ruben23>  apt-get update--> reciving package now
<cipher42> does btrfs come with ubuntu-server 10.04?
<ruben23> cipher42:  after update ill run this again-->  apt-get install openssh-server
<ruben23> right..?
<RoyK^> cipher42: don't use it
<cipher42> right
<RoyK^> btrfs is far from stable
<RoyK^> use zfs if you need that functionality
<cipher42> want to use it so bad...
<RoyK^> either with fuse or on fbsd or osol
<cipher42> it gets updated with kernal updates right?
<RoyK^> yes, and you can update it manually
<RoyK^> if you want to play with it, make sure you backup your data
<cipher42> i read people are having good results with it
<RoyK^> sure, but it's not stable
<RoyK^> so it's like playing with matches and petrol - might work well
<cipher42> can i change from ext4 to btrfs later?
<RoyK^> yes
<cipher42> it will convert the whole fs for me?
<RoyK^> btrfs has an upgrade path for that
<RoyK^> yes
<RoyK^> and keep the ext4 (or perhaps just ext3, don't remember) as a snapshot
<RoyK^> https://btrfs.wiki.kernel.org/index.php/Conversion_from_Ext3
<cipher42> do i have to do it from another system
<cipher42> ?
<cipher42> like i can't do it on the fs i'm currently running right?
<RoyK^> doesn't look like it, no
<RoyK^> but you can probably do it from a livecd with the same btrfs version
<RoyK^> keep in mind that it's not even frozen, so structure changes happen
<RoyK^> at least it wasn't last i checked
<cipher42> yea it's froze
<RoyK^> try asking on #btrfs
<cipher42> pretty sure i ready yesterday
<RoyK^> ok
<cipher42> guess ruben just needed to install openssh-server....
<RoyK^> ruben23: apt-get install ssh
<ruben23>  cipher42: its done, thanks so much
<cipher42> np
<ruben23> RoyK^ thanks also
<RoyK^> cipher42: also, make sure you use the latest kernel from kernel.org
<cipher42> i was jus planning on trying it with 10.04
<RoyK^> the btrfs in lucid might be more buggy in 2.6.32 than in 2.6.33 - quite a bit has changed
<cipher42> i did the do-release-upgrade
<cipher42> and my server is all fraked up
<cipher42> when it boots, looks like a gui tries to start, then drops the display
<RoyK^> cipher42: try to remove 'splash' from grub
<RoyK^> or simply boot into single
<cipher42> guess i should try a live cd?
<cipher42> how do i remove splash and how do i boot into single user mode?
<RoyK^> you can choose single from the grub menu
<RoyK^> 'recovery mode'
<RoyK^> if you're using grub1, which I guess since you've upgraded, not installed 10.04, remove 'splash' from the kernel line in /boot/grub/menu.lst
<RoyK^> and it looks to me you're not very familiar with linux, so I suggest you try out btrfs on something else than your root partition
<cipher42> i have grub 2 installed now
<RoyK^> use a file if you don't have another drive
<cipher42> and i can't select anything cuz the display bombs out
<RoyK^> I don't know grub2
<cipher42> i'm pretty linux savy
<cipher42> just not grub
<RoyK^> in my grub conf, the line is
<RoyK^> kernel          /boot/vmlinuz-2.6.32-22-generic-pae root=UUID=35c659a9-223a-40ce-8093-926b7f59ddd9 ro quiet splash
<RoyK^> that's grub1
<cipher42> oh oh
<cipher42> i gotcha
<cipher42> yea they moved it in grub 2
<RoyK^> where is that stuff in grub2?
<cipher42> can't remember off the top of me head
<RoyK^> I see the last btrfs patches came in yesterday
<cipher42> i really wanna try it..
<RoyK^> anyway - try it on something != your root fs
<RoyK^> or on a test system
<RoyK^> you may of course use it in production, but I don't think your boss will like it when your data disappears
<cipher42> i keep all my important stuff on a different drive
<RoyK^> or the entire filesystem
<RoyK^> ok
<RoyK^> just make sure you use the latest kernel - not the one that comes with lucid
<cipher42> reinstalling the OS is a pain in the ass, but at least my stuff doesn't get lost
<RoyK^> that way, you can help the btrfs guys to fix problems
<RoyK^> if you're using the lucid kernel, they probably won't accept bug reports
<cipher42> can i use the installation cd, then get new kernel?
<RoyK^> yes
<RoyK^> download from ftp.kernel.org and build it
<RoyK^> get one from   ftp://ftp.xx.kernel.org/linux/kernel.org/pub/linux/kernel/v2.6/testing/
<RoyK^> xx being your country TLD
<RoyK^>   ftp://ftp.xx.kernel.org/pub/linux/kernel/v2.6/testing/ that is
<AmberJ> Hello
<AmberJ> The Doc and resources link in /topic is not redirecting to where-ever it was actually intended to
<RoyK^> AmberJ: https://help.ubuntu.com/8.04/serverguide/C/index.html is a good place to start
<RoyK^> seems there's one for 10.04 as well https://help.ubuntu.com/10.04/serverguide/C/index.html
<AmberJ> I was going to ask that :) thanks
<oru_work> greetings. can someone remind me how can i get all the information and settings about the php that i'm running with a text file that i can put in the www dir ?
<RoyK^> <?php phpinfo(); ?>
<kpettit>   <? phpinfo() ?>
<kpettit> sorry RoyK^ is the right version
<oru_work> is it safe to keep this file there ?
<oru_work> permanently ?
<cipher42> if you wanna get hacked
<RoyK> cipher42: heh - you can't hack a machine through that
<kpettit> it shows all the PHP features you have enabled.  Some features may have exploits, makes it easier for hackers to find out things.
<RoyK> but it will tell a hacker what php version you have etc
<RoyK> oru_work: mostly it's safe - perhaps put it in a separate directory and password protect that
* ChanServ changed the topic of #ubuntu-server to: Ubuntu Server discussion and support | For general (not server specific) support visit #ubuntu | IRC Guidelines: https://wiki.ubuntu.com/IrcGuidelines | Get involved: https://wiki.ubuntu.com/ServerTeam/GettingInvolved | Be patient.  Don't ask to ask, just ask. | Docs and resources: https://help.ubuntu.com/10.04/serverguide/C/
<shrini> team: need help on NFS
<shrini> I get disconnected from nfs server
<kpettit> ewww, nfs....
<cipher42> what's wrong with nfs?
<shrini> nfs server not responding timeout
<shrini> getting this error
<RoyK> probably either a network or server problem
<kpettit> no current authentication type method.  Makes it hard to lock down properly with a large user base
<RoyK> probably not client based
<shrini> RoyK: I can ping and ssh to server
<RoyK> tried restarting nfs on the server?
<kpettit> last place I worked at used it extensively with tons of clients, custers, servers, etc.  painful
<cipher42> yea it can be..
<shrini> RoyK: yes. did
<RoyK> checked if the server is heavily loaded?
<shrini> RoyK: no load in server. it is just a simple nfs server
<RoyK> no i/o load either?
<shrini> RoyK: just sharing /home
<kpettit> I like NFS alot, just wish you could do more SMB like user/group type rules
<shrini> no i/o
<shrini> load
<RoyK> wierd
<RoyK> should be quite safe
<RoyK> we're having 10+ nfs servers and 100+ nfs clients at work
<shrini> only 8 clients
<RoyK> servers on solaris, opensolaris and some linux boxes
<shrini> 1 server
<RoyK> works well
<shrini> hmmm
<RoyK> no firewall between them?
<shrini> no firewall
<shrini> it mounts for a while
<RoyK> enable sysstat and see if wio is load at times
<shrini> i can access from commandline for a while
<shrini> how to do that?
<kpettit> are you going across a subnet?
<RoyK> apt-get install sysstat - edit /etc/default/sysstat to enable it - /etc/init.d/sysstat start
<shrini> RoyK: thanks. doing
<RoyK> after that, 'sar' will give you a list of the system load over time
<RoyK> man sar for more info
<RoyK> shrini: also, kpettit asked a question :)
<shrini> kpettit: no. same network
<shrini> only 10 machines
<shrini> all are ubuntu
<arpu> hello
<arpu> how can see (like the login massage) i need update the server ?
<arpu> or rebbot
<kpettit> shrini, another option to NFS that works out of the box is SHFS or SSH mouting.  You can do that through Ubuntu GUI or in /etc/fstab
<RoyK> with 9.10 or later it should be printed for admins when you login
<shrini> kpettit: nfs over ssh?
<Italian_Plumber> how do I submit a kernel bug?
<kpettit> I had lots of issues with NFS, SSH always worked and was easier to manage
<RoyK> Italian_Plumber: submit an ubuntu bug if it's an ubuntu server
<shrini> it will take much time, for doing all encryption/decryptions
<RoyK> kpettit: nfs should work well
<kpettit> shrini, no I was suggesting you use SSH to mount filesystems instead of using NFS.  You can use SSH to mount filessystems just like NFS or SMB.
<RoyK> why not nfs?
<kpettit> You can do it right through the Ubuntu file explorer.
<RoyK> we have a rather large unix environment at work and we only use nfs
<kpettit> Ease of use.  I like NFS, but for fast and easy ssh already exists and requires no real setup.
<shrini> kpettit: speeed on shfs?
<RoyK> iirc it uses fuse, so both fuse and ssh will give a little overhead, but probably not a whole lot
<kpettit> NFS is faster for lots of small files.  Transfering big files and stuff it's about the same.  But it wouldnt' be good for a webserver, but it's OK for office documents and ISO images,etc...
<RoyK> shrini: use -o tcp with nfs
<shrini> RoyK: i use tcp in /etc/fstab
<RoyK> iirc linux defaults to udp, which can be troublesome if something goes bad with the network
<kpettit> I use SSH through the Ubuntu File explorer and bookmark all my servers.  Makes it nice to use my local editor to get to files on all my remote servers.
<RoyK> shrini: ok
<kpettit> used with ssh keys it's very nice/easy/secure
<shrini> how to check for network inconsistancy, if any
<RoyK> shrini: also, remember to use the flags soft,intr,bg and set timeo to something reasonable
<RoyK> shrini: network troubleshooting isn't very ubuntu specific :Ã¾
<shrini> RoyK: ya. did the same already
<RoyK> do you see this problem on all clients?
<shrini> RoyK: yes. all the 8 clients
<RoyK> nothing in the server logs either?
<Mkools> Hello, I am confused where is my CATALINA_HOME because /usr/share/tomcat6 and var/lib/tomcat5 both contains webaaps directory and when I do sudo mkdir $CATALINA_HOME/xyz it makes directory in / . Please help
<shrini> RoyK: what logs to look on server?
<RoyK> /var/log/messages should have it
<RoyK> or dmesg
<shrini> svc: failed to register lockdv1 RPC service (errno 97)
<shrini> RoyK: this error in /var/log/messeges in server
<RoyK> does the timestamp match any time of problem?
<shrini> dmesg also says the same
<shrini> timestamp is different
<RoyK> dmesg timestamps are seconds from reboot - see /proc/uptime for the current
<shrini> ya
<shrini> RoyK: it shows in same time
<RoyK> did anything happen at that time?
<shrini> RoyK: nothing happens
<RoyK> no idea about that error message - sorry
<shrini> RoyK: its okey
<shrini> thanks a lot
<shrini> svc: failed to register lockdv1 RPC service
<shrini> getting this errror
<shrini> on restarting nfs
<dominicdinada> Can someone help me with setting up a wireless access point via server i read the howto and it keeps killing connectivity when i try to do so
<RoyK> shrini: I don't think it's related to the error you're seeing
<shrini> RoyK: hmmm
<RoyK> check sar when this problem occurs again
<jpwatts> how does one add a new --suite option to the vmbuilder command? i had a 9.10 server and wanted to install a 10.04 vm
<RoyK> might be i/o load
<jpwatts> this time i just upgraded the server, but it'll come up again when 10.10 is released
<Mkools> Can any one help/
<jayki> was dein prob?
<Mkools> jayki: Are you talking to me?
<RoyK> Mkools: it'd be nice if you just asked with an explaination of your problem :)
<jayki> yes thats what i mean,i have the probnlem to change between a german ubuntu channel to an english one xD
<Mkools> RoyK: I wanted to deploy a war file on my host(which I added in server.xml, is name of my private dns).
<Mkools> for that where should I copy sample.war in /usr/share/tomcat6/webapps or /var/lib/tomcat6/webapps
<jayki> i don?t know anything about this ,sorry
<Mkools> Because when I do mkdir in $CATALINA_HOME no where does directory is created.
<pmatulis> can someone recommend a decent command line bitorrent client (useful for a server?)
<RoyK> pmatulis: transmission-cli works for me
<pmatulis> RoyK: nice, thx
<RoyK> Mkools: I think that might be a good question for the #tomcat folks
 * RoyK points Pirate_Hunter to the pirate bay
<Pirate_Hunter> RoyK, original I like, I like :D
<elnur> What is the best option for a DNS server if I'm doing it for the first time?
<jrwren> elnur: bind9 IMO.  its been around so long there are lots of great docs
<thesheff17> anyone using squid to serve a web site w/ apache as the backend?
<Jeeves_> Haven't done so in a long time.
<Jeeves_> what's the issue?
<thesheff17> about squid?
<alvin> Is there a command to activate disks? A server here has 3 disks. Yesterday it saw only 2, today only one. I lost 2 disks (they were not mounted). Can't see them with fdisk. Is there a way to rescan?
<alvin> disregard that. Was looking at the wrong server. Only lost one disk
<alvin> and found it. (lost it in a RAID set. It's still there)
<Italian_Plumber> would this post be better in a different category? http://ubuntuforums.org/showthread.php?p=9288222
<enav> hi all
<thesheff17> it sounds like the drive may be faulty
<thesheff17> or the controller on the board maybe
<Italian_Plumber> well the controller isn't on the board it's on a PCI expansion card.
<thesheff17> have you tried a different card?
<Italian_Plumber> but "faulty drive" is what I'm starting to think too
<Italian_Plumber> I have not tried a different card, but I have tried a different drive.  Different drive was fine.
<thesheff17> so another drive had no issues?  I would get the drive tools from there site and test.
<Italian_Plumber> The 30 window to return the drive has passed, unfortunately
<thesheff17> hehe everyone asks me what hard drives I buy...I say which ever ones come with the 5 year warranty
<thesheff17> there should be a warranty from the company that makes it
<thesheff17> at least a 1 year or 3 years usually
<thesheff17> 5 years is harder to find.
<thesheff17> usually you don't even have to talk to anyone anymore to get a drive RMA
<alvin> thesheff17, Italian_Plumber: The drive is in perfect working order. I just hit bug 27037 on the upgrade to Lucid. I just finished the whole report.
<thesheff17> and if you put down a cc you they will even ship you one while yours is getting shipped back
<uvirtbot> Launchpad bug 27037 in linux "mdadm cannot assemble array as cannot open drive with O_EXCL" [Medium,Incomplete] https://launchpad.net/bugs/27037
<alvin> Unfortunately, it was a RAID0 (yes, I do have backups and it doens't contain important data)
<thesheff17> yea I try not use mdadm anymore
<thesheff17> I have had problems w/ crashing in the past
<alvin> I was able to restore the raid to a working state by stopping the array (and the wrong array) and reassembling
<aoeuhtns> thesheff17, what do you use instead?
<alvin> The (very old) bug still stands of course. This shouldn't happen
<thesheff17> use multiple drives w/ rsync
<thesheff17> not the best but works
<thesheff17> or buy a hardware raid card
<aoeuhtns> I've had mdadm drop a disk from a mirror once, but I stuck it back in, it reassembled, and (apparently) there were no other issues
<thesheff17> yea I must have gotten a lot of bad hard drives from western digital....I replaced 3 of them already....out of 4 in a RAID5
<alvin> Expensive raid cards have never given me trouble. Cheap ones fail.
<enav> thesheff17: dude western digital  is the sh***
<thesheff17> the last time I had it running I did an ls in a directory and it gave me an I/O error...rebooted and was never able to assemble the raid array again
<alvin> The RAID0 was meant to speed up disk I/O for virtual machines
<thesheff17> very frustrating
<alvin> ZRAID is ways better. One day we'll have something like that I imagine.
<thesheff17> yea that is why I try to avoid mdadm unless I'm running RAID1 only
<Italian_Plumber> thesheff17: I'm not sure you and I are having the same problem...
<alvin> Hmm, I can find more similar bug reports on Launchpad. Lots of Lucid
<Italian_Plumber> thesheff17: what makes you say that my drive is in perfect workingn order?
<thesheff17> I didn't say that
<thesheff17> I would replace the drive
<Italian_Plumber> oh... you're right... my bad. :)
<alvin> I said my drive was in perfect working order. (it is. I just started some virtual machines from it)
<alvin> Now, on another machine I want to install libvirt-bin, but not autostart it because it leaks memory. How can I do this with the new init system?
<enav> is a good idea to implant a web server inside a virtualbox machine????
<alvin> enav: If it doesn't need heavy I/O (most web servers don't), yes.
<alvin> Ah, virtualbox
<alvin> I thought virtualisation in general
<alvin> Virtualbox, while a great product, is more meant for what is called 'desktop virtualisation'
<alvin> Ubuntu supports kvm and that cloud thing
<enav> actually im running my first Web server inside a virtualmachine on my desktop and runs pretty well.. but i need to do some stress test to decide if i'm going  to place the final server inside a Virrtualmachine or a real one
<thesheff17> alvin what version of ubuntu?  I use update-rc.d to machine init scripts
<thesheff17> enav: yes I have tons of web servers in virtual machines
<alvin> thesheff17: lucid
<alvin> That doesn't work on upstart scripts, does it?
<thesheff17> I don't think so
<thesheff17> update-rc.d libvirt-bin remove
<thesheff17> it has something about can't remove try w/ -f to force it
<thesheff17> is upstart replacing init scripts?
<enav> thesheff17  everything works like a charm???... i thin run a web server inside a virtualmachine  is pretty flexible idea... btw i'm a real noob so i cant  make a good affirmation about webservers and virtualmachines under desktop environments
<alvin> yes
<thesheff17> hehe I have apache2/tomcat/jboss all running in a virtual machine env w/ kvm
<thesheff17> for my company
<thesheff17> for staging env
<thesheff17> even my mysql failover machine is running inside a kvm.
<thesheff17> for production
<thesheff17> alvin: ug well I have millions of scripts that use /etc/init.d/
<enav> thesheff17 that sounds really cool for me
<alvin> thesheff17: Yes. I believe it is the intension that they should be replaced
<enav> thesheff17 i have 5 weeks to take the final decision
<alvin> s/intension/intention
<thesheff17> yea I have been running kvm since 9.04 and have a bunch of 9.10 all running 8.04 LTS inside them
<thesheff17> now need to start testing Eucalyptus all w/ 10.04
<thesheff17> has anyone ran squid in front of apache ?
<jfb_h2o> hello, I was accidentally disconnected from ssh while doing apt-get upgrade, now I get a problem because I can get a lock
<jfb_h2o> any ideas on how to deal with this?
<jfb_h2o> is it safe to remove /var/cache/apt/archives/lock
<dominicdinada> Need help with setting my wireless into master mode
<Technoviking> getting this error install Simpana backup software from CommVault Installing startup scripts in /etc/init.d ...FAILED. in Ubuntu 10.04
<Technoviking> is there a way yo make 10.04 work with programs needing /etc/init.d still?
<ahasenack> is https://launchpad.net/~ubuntu-on-ec2/+archive/ppa abandoned? There are no karmic or lucid packages
<ahasenack> I need a newer version because the current one in lucid doesn't recognize the ap-southeast-1 region
<dominicdinada> sudo echo zd1211rw >> /etc/modprobe.d/blacklist.conf
<dominicdinada> -bash: /etc/modprobe.d/blacklist.conf: Permission denied
<dominicdinada> diabolical@diabolical-fs:/etc/modprobe.d$
<dominicdinada> how the heck can it fail with permission denied when im logged in under root
<ahasenack> if you mean that sudo bit, actually only the echo command is being run as root
<ahasenack> not the redirection
<dominicdinada> ok how should i add it to blacklist then?
<erichammond> ahasenack: This is slightly more up to date (for Karmic, but still no Lucid): https://launchpad.net/~ubuntu-on-ec2/+archive/ec2-tools?field.series_filter=karmic
<erichammond> ahasenack: smoser is the right person to ask
<ahasenack> erichammond: thanks
<ahasenack> latest version is 49953
<ahasenack> (ami-tools)
<smoser> ahasenack, the version in lucid is latest "publically released" version
<smoser> so that ppa doesn't have anything newer
<ahasenack> smoser: I got 49953 from http://developer.amazonwebservices.com/connect/entry!default.jspa?categoryID=88&externalID=368&fromSearchPage=true
<ahasenack> smoser: and then was able to upload a bundle to the ap region
<smoser> there is a more recent "enable ap-southeast-1" version that i just discovered tonight.
<ahasenack> smoser: I don't know which version started supporting this region, though
<erichammond> smoser: What should people running Hardy or Karmic do to use the latest AMI tools?
<dominicdinada> https://help.ubuntu.com/community/WifiDocs/MasterMode i got the driver and blacklisted the zd1211rw but any other instructions send me to pages dont exist what am i missing
<smoser> Support for EC2 API version 2009-10-31: Amazon EC2 in the Northern California Region (us-west-1)
<smoser> basically, i was unaware of that until tonight.
<smoser> they dont "release" anything in any sane mechanism
<smoser> one just has to notice that the url is different.
<smoser> so anwyay
<smoser> we'll get those packaged and into the backports ppa for hardy, karmic, lucid
<smoser> ahasenack, what exactly are you trying to do that doesn't work ?
<smoser> i think only migrate image ends up needing it
<erichammond> I think I recently migrated AMIs to ap-southeast-1 using the current ec2-ami-tools in Karmic.
<smoser> erichammond, i dont think that would work. but i could be wrog.
<smoser> i basically gave up on migrate image
<erichammond> smoser: I would have been using Amazon's Fedora 8 kernels.
<erichammond> smoser: In one of Amazon's ami-tools releases they changed migrate to do good guessing at the AKI+ARI based on the bucket/key names.
<dominicdinada> !slapd
<dominicdinada> what the hell
<dominicdinada> !ldap
<ubottu> LDAP is the Lightweight Directory Access Protocol. For more information, installation instructions and getting clients to authenticate via LDAP see https://help.ubuntu.com/community/OpenLDAPServer
<dominicdinada> !ladp
<RoAkSoAx> kirkland, ping?
<smoser> ahasenack, i put a build into my ppa
<smoser> of the latest. you can give it a quick try
<smoser> it still has to build
<smoser> ahasenack, https://launchpad.net/~smoser/+archive/ppa/+packages
<thesheff17> has anyone had end/home stop working with lucid vim?
<uvirtbot> New bug: #579094 in mysql-dfsg-5.1 "10.04 Upgrade, backend no longer communicating with mysql database" [Undecided,Confirmed] https://launchpad.net/bugs/579094
<trimeta> I tried using add-apt-repository to add a ppa to my Lucid server, but it said command not found; what package do I need to install to get it?
<RoAkSoAx> trimeta, python-software-properties
#ubuntu-server 2010-05-13
<trimeta> RoAkSoAx: Thanks.
<trimeta> Weird place for it...
<Owner_> hello people
<Owner_> i just got new server
<Owner_> 2 hard drives 80 and 160gb
<Owner_> how should i partition it?
<Owner_> primarily as web server
<trimeta> Owner_: Honestly, I'd consider using an LVM or something so you could have one huge space. But I'm no expert by any means.
<wizardslovak> hmmm
<trimeta> With the new grub, you can even boot off of a LVM partition, though I don't know if I'd trust it for a production server.
<wizardslovak> ok
<wizardslovak> maybe i will just partition 80gb for now and leave 160 for later
<wizardslovak> huh
<wizardslovak> what version are you using?
<trimeta> I just upgraded my server from Karmic to Lucid.
<trimeta> Though, since I've got four 1.5 TB drives with a small RAID 1 partition for /boot and everything else RAID 5'd together to form a physical volume for a LVM, which lets me put swap and / on the same space...it's a bit more complicated than your HD setup.
<wizardslovak> well i want this server to run 2-3 web sites
<wizardslovak> so not much data tho
<trimeta> My only experience with running multiple sites is Apache's sites-enabled stuff, so I can't tell you whether you'd want them all on the same partition; I can't think of why you wouldn't, but that doesn't mean there isn't a reason.
<wizardslovak> i want to erase partition and it says "in use by lvm volume group name"
<trimeta> If you've started creating an LVM setup, you need to take it apart from the top down: remove the logical volumes, then remove the volume group, and then you can change the physical volumes into something else.
<wizardslovak> ok got it
 * flyback bbl
<i3> quit
<wizardslovak> ok so 80gb is partitioned
<wizardslovak> how should i set up 160gb?
<trimeta> I don't know; if you're making the 80gb one volume, then the only option would be to make the 160gb a separate volume.
<trimeta> Though don't forget some swap space and maybe a boot partition.
<wizardslovak> yea swap is 2x ram and boot is 1gb
<trimeta> Sounds fine.
<wizardslovak> so i should leave 160 as "free space"?
<trimeta> I suppose, as long as you've got your swap and boot taken care of.
<wizardslovak> i used to play with ubuntu server some time ago
<wizardslovak> i just have to remind myself some stuff
<jeeves> what is the best way to do a CLI ADSL PPPoE connection?
<flyback> go into your modem from the isp and configure it for bridge mode :P
<flyback> and not worry about the pppoe part
<wizardslovak> hmmm
<wizardslovak> i used to bridge modem and then upse PPpOe in router
<wizardslovak> always worked
<chrismsnz> hey, is anybody here running supermicro 2u twin servers?
<chrismsnz> I'm having stability problems, have replaced almost every inch of the system and starting to think it may be ubuntu related
<flyback> try
<flyback> memtest.sh
<flyback> google "redhat memtest.sh"
<flyback> notice I said memtest.sh
<agentk> wizardslovak: Last time I configured it that way my router called it half-bridged mode.
<flyback> NOT memtest86
<chrismsnz> flyback: are you talking to me?
<flyback> yes
<wizardslovak> huh wel i had wrt54g with dd-wrt huh
<wizardslovak> just put my info in there and worked lol
<chrismsnz> what will it tell me that memtest86 won't?
<flyback> it checks
<flyback> cpu
<flyback> dma channels
<flyback> pci bus
<flyback> ide bus
<flyback> etc
<flyback> for bit errors
<chrismsnz> ah, excellent
<flyback> basically it zips and unzips the kernel source
<chrismsnz> does it stress the machine much?
<flyback> a canuckload of times
<flyback> and diffs it to check for bit flips
<flyback> yes
<chrismsnz> ok, i'll remove a node from production - thanks for that flyback, i'll see what it tells me
<flyback> sure :)
<Azelphur> Hi, playing about with ubuntu server on a really old laptop. It doesn't have a networking port, so I've been trying to use a USB wifi dongle to get it going, however when I plug it in the dongle doesn't show up in ifconfig
<Azelphur> but if I plug it into my PC that has ubuntu desktop, it does.
<wizardslovak> how come /etc/resolv.conf its empty?
<wizardslovak> i am trying to setup static ip
<jeeves> well, the DD-WRT box I've got running just isn't cutting it.
<jeeves> and I'd like to set up the server as the router/firewall
<wizardslovak> oh ok
<wizardslovak> i run dd0wrt for couple years now and never had any problems with it
<wizardslovak> i had it on dsl and cable , always worked like charm
<wizardslovak> huh
<jrwren> the ipv6 iptables stack kinda sucks under 2.4, but the wifi chip in WRT54G isn't supported well under 2.6, so dd-wrt kinda stinks at ipv6 on wrt54gl hardware
<jeeves> well, currently, I have DSL @ the house here, and the Linksys POS router is just that, a POS.  I'd like to run the modem into my server, then have the server be the router (along with a lot of other crap)
<wizardslovak> listen do i have to remve dhcp-client to have static ip on server?
<killown> how i do to adjust clock to UTC?
<killown> how setup timezone?
<jeeves> wizardslovak, are you giving out DHCP addresses to your internal network?
<jeeves> killown, look under /etc/ntp.cfg
<killown> jeeves, nothing there
<jeeves> killown, one sec
<wizardslovak> no i want server to have static ip , it will be web server so no dns
<killown> ln -sf /usr/share/zoneinfo/Brazil/ /etc/localtime
<jeeves> wizardslovak, your static IP comes from your ISP.
<wizardslovak> yes i know
<wizardslovak> i gt static ip from isp
<jeeves> wizardslovak, ok, and you have 2 NICs in your box?
<wizardslovak> i want my server to have static ip on my LAN 192.168.1.x
<jeeves> killown, give me a sec, I'm going to see if I can find out what's going on with your box.  Do you have the NTP server installed?
<wizardslovak> yes i do have 2 of them
<wizardslovak> i just got my 1u server today ;)
<killown> jeeves, yes
<jeeves> wizardslovak, ok, and you've got the ISP side one direct connect to the modem?
<jeeves> killown, ok, one sec
<wizardslovak> my isp goes to modem which goes to router to which server is connected
<jeeves> wizardslovak, ok, and you've got your ports forwarded to the server?
<wizardslovak> yes 80 and 25
<wizardslovak> i wont use it as email so no other ports are nessesary
<killown> dpkg-reconfigure tzdata
<wizardslovak> i am following this guide http://www.howtogeek.com/howto/ubuntu/change-ubuntu-server-from-dhcp-to-a-static-ip-address/
<killown> jeeves, i found..
<jeeves> killown, http://codeghar.wordpress.com/2007/12/06/manage-time-in-ubuntu-through-command-line/
<killown> anyway thank you
<jeeves> killown, sorry, I've got the 2 of you, 3 people on FB,and the fiance wanting attention
<killown> jeeves, no problem!! ty
<wizardslovak> jeeves , i know how it feels
<jeeves> wizardslovak, ok, so you've got the setup as the following..  internet ==> modem ==> router ==> server?
<wizardslovak> yes
<jeeves> brb guys, rum is in the fridge @ the other end of the house
<wizardslovak> huh i still gotta go pay my bills today , which is couple block huh
<wizardslovak> all day long i was waiting for this server to come so i can play with it ;)
<jeeves> ok, sorry, I had to go get some rum
<jeeves> wizardslovak, ok, so you want to do what now with your setup?
<wizardslovak> static ip on server
<wizardslovak> i just redone /etc/network interfaces
<wizardslovak> is there anything else i gotta do?
<jeeves> wizardslovak, are you talking about an internal static IP (ie. static on your internal network so you can port forward)?
<wizardslovak> yes
<wizardslovak> so i can ssh in my LAN
<jeeves> wizardslovak, http://pastebin.com/SkzUUb3E
<dominicdinada> Anyhow i am still having problems getting my wireless up in master mode.... stupid hows link to pages that dont exist... and are incomplete  for the zd1211 chipset
<jeeves> then pull a "sudo /etc/init.d/networking restart"
<wizardslovak> yeap i got same
<jeeves> ok, once you've got that setup that way, then go into the port forwarding on your router and point the ports you need to that static IP
<dominicdinada> Anyhow i am still having problems getting my wireless up in master mode.... stupid hows link to pages that dont exist... and are incomplete  for the zd1211 chipset
<jeeves> dominicdinada, I heard you.  I'm not the wireless guy.  sorry
<dominicdinada> Ok :P
<dominicdinada> maybe someone else is
<jeeves> wizardslovak, did that work out for ya?
<jeeves> dominicdinada, it's kinda quiet in here tongiht
<cipher421> hey guyz, i upgraded from 9.10 to 10.04 and i hangs at boot, kernal log says can't read proc fs 1
<jeeves> cipher421, did it ever boot after you upgraded?
<cipher421> yea barely tho
<cipher421> like 2 lines into the boot
<cipher421> says will check some fs in 2 boots or so
<cipher421> then hangs
<jeeves> cipher421, lol, sounds like to me that grub forgot what it was doing.
<STF> hi
<wizardslovak> huh i restarted all system and now its "main process (797) terminated with status 4
<jeeves> cipher421, have you tried a grub repair?
<cipher421> no
<STF> i have a fresh ubuntu 9.04 installed
<cipher421> jus grub-repair or so?
<STF> and need help with routingtables
<jeeves> everyone, make sure that you put the person's name infront of who you're talking to.  otherwise, no one knows who is talking to who!
<jeeves> cipher421, one sec, I'll see if I can find the howto I used
<jeeves> cipher421, do you know what partition the boot is on?
<cipher421> hrm
<cipher421> i think so
<jeeves> cipher421, ok, this "howto" is a little "round about", but it'll get you to where you need to go.  http://www.ubuntu-inside.me/2009/06/howto-recover-grub2-after-windows.html
<wizardslovak> damn
<wizardslovak> something happened
<jeeves> wizardslovak, ???
<wizardslovak> i cannot boot into system
<cipher421> did you go pee on the machine again??
<wizardslovak> "init: ureadahead-other main process (784) terminated with status 4"
<cipher421> sorry, crazy stressful day
<cipher421> thanks jeeves
<jeeves> wizardslovak, lol, this is after you changed your interfaces file?
<wizardslovak> yes i changed this and enabled uwf
<jeeves> cipher421, np.  give it a try.   I have to do it every time I update any adobe products on either of my Windows partitions on my netbook
<jeeves> wizardslovak, lol!!!  ok, can you get grub to boot you into recovery mode?
<cipher421> jeeves, ok so my problem is that i will have to use this hdd to recover the server
<jeeves> wizardslovak, I think you've got a little more going on there than just the interfaces table
<cipher421> or actually i can use the server cd to recover...
<wizardslovak> hmmm
<wizardslovak> lets see
<wizardslovak> i cannot get into grub lol
<jeeves> cipher421, what it sounds like is that when the upgrade went through, there was some wierd drive mapping going on with the orignal install, grub's auto find OS feature messed up, and poof, no bootable OS
<wizardslovak> ill just reinstall whole os
<jeeves> wizardslovak, d-load the live CD, and beat it into sublission with a large alumimium baseball bat (and yes, I've done that to a client's server before)
<jeeves> wizardslovak, is there anything on there that you care about?
<cipher421> jeeves i'll report back in 10 or so!
<cipher421> thank!
<wizardslovak> jeeves i just got this server huh nothing there yet
<jeeves> if not, them play with it and learn!!  otherwise, you'll never figure it out!
<jeeves> cipher421, lol.  kk
<jeeves> wizardslovak, well, if there's nothing important on there, then play with it! Those are the best ones!  when you have no pressure of time or messing things up.
<wizardslovak> yea but i cannot even get int o grub lol
<cipher421> also, i was told earlier that btrfs was included on 10.04, but didn't see the option
<jeeves> wizardslovak, when you boot off of the live CD, then you've got shell
<jeeves> cipher421, ???   you may have to get into it via a live CD, then figure it out!  I pitty you if you've got to edit Grub2 by hand
<cipher421> i've done it before...
<cipher421> have a bad taste in my mouth already
<cipher421> i really don't like grub2....
<cipher421> what was wrong with grub?
<wizardslovak> huh
<cipher421> talking to jeeves
<cipher421> brb
<wizardslovak> lol now i cant even boot into livecd
<jeeves> cipher421, lol, they made the decition to move to the new one because it "looks better" and does more things.  Personally, I prefer my 1985 Jaguar XJ-S over the Mazda POS that my fiance drives.  And for a car that's got 20 years on it, I can still smoke her (and most of the rice rockets) on the road
<jeeves> wizardslovak, check your BIOS to boot from the disk (or you may have to hit F12 on POST)
<wizardslovak> i hit f12 choosed cdrom nothing
<wizardslovak> choosed usb same think
<jeeves> wizardslovak, ok, check the BIOS boot order (and if you've got the proper ROM if you have more than one)
<wizardslovak> hmm
<wizardslovak> "inte boot manager"
<wizardslovak> intel huh
<jeeves> LOL.
<jeeves> you've got an intel board?
<wizardslovak> "intel boot agent" huh
<wizardslovak> yes its p4 3ghz ht
<wizardslovak> ok so i booted into usb
<wizardslovak> and i put rescue a broken syste,
<wizardslovak> system
<jeeves> ok, and do you have root @ a shell prompt?
<wizardslovak> huh i think i found my problem
<wizardslovak> failed to detect and mount cdrom
<STF> what is wrong here: "sudo route add -net 134.91.0.0 gw 192.168.1.2"
<jeeves> STF, I'm not sure.  I think I'm the only one in here who's actually @ the keyboard
<STF> lol
<jeeves> wizardslovak, did you figure it out?
<wizardslovak> i changed some setting is bios
<wizardslovak> let see what happen
<jeeves> wizardslovak, kk
<jeeves> STF, have you thought of using Webmin?
<wizardslovak> ok
<wizardslovak> i bypassed that cdrom
<wizardslovak> now i am at shell
<wizardslovak> ~x
<jeeves> wizardslovak, lol.  good!  we're making progress!
<wizardslovak> i wont use cdrom anyways , i will dissable it later
<wizardslovak> its taking me ,ittle longer to get thinks ;)
<jeeves> lol, just comment out that line in the fstab
<wizardslovak> ok that i didnt get
<jeeves> wizardslovak, "pico /etc/fstab" then put an "#" next to the line for the CD-ROM.
<jeeves> then it won't complain untill you reboot
<wizardslovak> "pico not found"
<jeeves> lol.
<jeeves> <slowly shakes my head>  vi then?
<wizardslovak> test editor? i like nano
<wizardslovak> ok weird
<jeeves> lol, I use pico
<wizardslovak> "sedu nano /etc/fstab" and it says "sudo" not found"
<wizardslovak> i mean sudo nano
<jeeves> you don't need "sudo" if your prompt ends with "#".  that means your logged in as the root user
<wizardslovak> ok nano /etc/fstab
<jeeves> yep
<jeeves> those are all the mounts that happen @ boot
<wizardslovak> there is nothing like "cr-drom"
<wizardslovak> there are 3 lines
<jeeves> see the CD in there?
<wizardslovak> first line "none /dev/pts   devpts  defaults 0 0 "
<wizardslovak> second line  "none  /proc   proc  defaults 0 0"
<wizardslovak> third line "none /sys  sysfs noauto 0 0 "
<wizardslovak> and thats it
<jeeves> ok, don't worry about it then.  you'll need to fiddle with repairing Grub now
<wizardslovak> ok
<wizardslovak> so what do i do now?
<wizardslovak> never repaired grub before
<jeeves> one sec
<wizardslovak> sure even two ;)
<jeeves> lol, I'm trying to fix a web hosting box @ the same time
<wizardslovak> ok i got time
<jeeves> http://www.ubuntu-inside.me/2009/06/howto-recover-grub2-after-windows.html
<wizardslovak> ok
<wizardslovak> "fdisk " -> "not found"
<jeeves> do you even have an outbound connection?
<wizardslovak> i will just reinstall os
<wizardslovak> ??
<jeeves> can you do a "apt-get install fdisk"?
<wizardslovak> no
<jeeves> lol,  'meh.  nuke it if you want, but personally, I'm thinking it'd be an amazing learning exp for ya
<wizardslovak> i think i messed up somewhere
<wizardslovak> listen
<wizardslovak> this might sound stupid
<jeeves> try me.  I deal with dumb people all day
<wizardslovak> hostaname is name of pc/server right?
<jeeves> hostname is the name of the box you're on.
<cipher421> tis a no go
<jeeves> cipher421, what was the setup on that box before the upgrade?
<wizardslovak> ok partitioning ill just use entire hard drive
<cipher421> think i've given up jeeves, i documented all my settings, so a reinstall will be a time saver at this point..
<cipher421> feeling pretty beatup in general today anywayz
<jeeves> cipher421, no worries.  if you've got everything backed up, then do it up.
<wizardslovak> ext4 or ext3?
<jeeves> cipher421, I'm just trying to get wizardslovak to learn how to recover his system
<cipher421> yea i keep all my good stuffs on another drive
<cipher421> ext4 for sure
<jeeves> wizardslovak, for now, stick with ext3 unless you've got a massive drive
<cipher421> aw man!
<wizardslovak> ok
<cipher421> ext4 = much better performance
<jeeves> wizardslovak, I wasn't able to recover my ext4 drive with a live CD the last time
<cipher421> interesting
<wizardslovak> so maybe thats why i couldnt do it this time
<jeeves> cipher421, it depends on the size of the drive though!!!
<cipher421> anywayz thanks jeeves, goodluck wizardslovak
<jeeves> cipher421, np. I've got a mickey of rum, I'll be better in a few
<cipher421> schweet
<jeeves> cipher421, lol, have a look @ www.tessawhite.ca for a good idea of who's waiting for me to get into bed
<cipher421> i have a 20 year old hottie waiting for me myself
<wizardslovak> ok i see interesting option
<wizardslovak> in "use as:"
<cipher421> which is why you need to be like me and stop geekin out on here
<wizardslovak> its called physical volume for LVM
<wizardslovak> i got some free space ,
<jeeves> cipher421, pics?
<cipher421> hrm
<jeeves> cipher421, lol, and she's not home yet.  she works 'till 11
<cipher421> my server is down!
<cipher421> hahahahaha
<jeeves> cipher421, lol, nice excuse!
<cipher421> usually i take pride in it
<cipher421> hold up
<jeeves> drop me a line.  I think you've got one of my domains.  just hit the webmaster account
<cipher421> since this is obviously a pissing contest, i must win!
<wizardslovak> ok i got  " / , swap , /home / var and /tmp" did i forget anything?
<jeeves> cipher421, lol.
<jeeves> wizardslovak, what are you looking for?
<wizardslovak> if i got correct partitioning on hard drives
<wizardslovak> its only for webserver + mysql
<jeeves> wizardslovak, do you have one that's called /boot or /etc?
<wizardslovak> no
<wizardslovak> got /boot now
<wizardslovak> do i need /
<wizardslovak> ??
<jeeves> yes
<wizardslovak> ok 10gb as /
<wizardslovak> still got 6.5 gb free
<jeeves> cipher421, lol, no pics?
<wizardslovak> i put 40gb on /var
<cipher421> i im'd you
<jeeves> cipher421, http://moseley.ca/cat.jpg
<wizardslovak> hmm can i put /etc and /var on other hard drive?
<jeeves> wizardslovak, sounds like you've got a REALLY messed up system.  just nuke it
<wizardslovak> ok i am doing fresh install now
<jeeves> wizardslovak, I'd help more, but I need to see what I'm looking @
<wizardslovak> thats why i am asking how to partitionid
<wizardslovak> huh ok  you looking at server with 2 hard drives
<wizardslovak> 80 gb and 160gb
<jeeves> what drives do you have in the box?
<jeeves> I'd personally leave everything but the /home dir on the 80, and mount /home on the 160
<wizardslovak> ok
<wizardslovak> so /boot and swap on 80
<jeeves> make swap ~4gb, and mount /home on the 160gb, and everything else is on the80
<wizardslovak> ok
<wizardslovak> can you specify "Everything else?
<jeeves> ok, swap will be ~4Gb on the 80Gb drive.  Mount / on the 80 as well.  mount /home on the 160.
<wizardslovak> how much space should i put on /etc?
<jeeves> dosn't matter.  it'll mount under / on the 80
<wizardslovak> ok still got 25gb free
<jeeves> how?
<wizardslovak> maybe /tmp?
<jeeves> ok, follow closlet
<jeeves> *closley
<jeeves> delete EVERYTHING on both drives.
<wizardslovak> 1gb as /boot 4gb as swap 50gb as /
<jeeves> select the 160
<wizardslovak> u da boss
<jeeves> create a new file system (ext4) on the 160.  Tell it that the mount point is "/home"
<wizardslovak> i am following
<wizardslovak> done
<jeeves> then, on the 80, make a 4Gb partition @ the END of the disk.  set it as SWAP
<wizardslovak> done
<jeeves> now, the rest on the 80, make a new partition and format it as EXT3.
<jeeves> then, the mount point for that is "/"
<wizardslovak> done
<jeeves> there ya go.  keep going.
<wizardslovak> just because i am curious
<jeeves> ??
<wizardslovak> can /var be on other hard drive?
<jeeves> NOOOO, just leave it the way I got you to set it up.  you don't need to worry about putting anything else anywhere, just go on to the next setp of the install
<wizardslovak> ok i just asked huh
<jeeves> no worries
<wizardslovak> get sip of rum before we proceed ;)
<jeeves> just finish the install
<wizardslovak> ok
<wizardslovak> install LAMP and openssh or later?
<jeeves> that's the third or fourth last section of the install.
<wizardslovak> yea just want to know
<jeeves> np
<wizardslovak> if its better to install it now or later?
<jeeves> wait untill the installer gives you the option
<wizardslovak> ok
<wizardslovak> encrypt home direstory?
<wizardslovak> directory?
<jeeves> noooo
<wizardslovak> ok now it is
<wizardslovak> LAMP server and openssh server?
<jeeves> yep
<wizardslovak> ok done
<wizardslovak> its installing ;)
<jeeves> good!  now, reboot and do an update (after you edit your /etc/apt/sources.list file)
<wizardslovak> edit file?
<wizardslovak> shouldnt "apt-get install update" be enough?
<jeeves> well, you won't have the restricted repos in there
<wizardslovak> ok
<wizardslovak> installation complete
<jeeves> good!
<jeeves> now, when you're storing things, make sure you store them in /home
<wizardslovak> ok i am in
<wizardslovak> yuhuuu
<wizardslovak> ok
<wizardslovak> jeeves
<wizardslovak> what should i edit in /etc/apt/sources?
<jeeves> find the lines that have a # infront of them that has "deb" or something like that
<wizardslovak> ok
<wizardslovak> done
<wizardslovak> 4 lines
<jeeves> ok, update it
<wizardslovak> done
<jeeves> upgraded?
<wizardslovak> updated
<wizardslovak> upgrade it too?
<jeeves> upgrade next
<wizardslovak> done
<jeeves> good.  now go play
<wizardslovak> static ip and openssh
<wizardslovak> ;)
<jeeves> didn't you install ssh in the install?
<wizardslovak> yes
<jeeves> ok, and?
<jeeves> you've already set your MySQL root password.
<jeeves> so, what else do you need to do?
<wizardslovak> yes
<wizardslovak> ok so i modified /interfaces
<jeeves> and?  did it take?
<wizardslovak> do i have to remove dhcp-client?
<jeeves> you don't need to worry about it if you've got one of the interfaces is a static
<wizardslovak> ok done
<wizardslovak> i can access it with putty huh
<wizardslovak> do you use ufw?
<jeeves> ???  no
<wizardslovak> ok
<jeeves> there ya go, one working system
<wizardslovak> yeap
<wizardslovak> now i can play ;)
<jeeves> have fun.  I'm going to play Left 4 dead 2 untill my fiance gets home
<wizardslovak> thank you again
<jeeves> np
<uvirtbot> New bug: #579737 in openvpn (main) "OpenVPN client connect hangs on PUSH_REQUEST" [Undecided,New] https://launchpad.net/bugs/579737
<Owner_> hello people
<wizardslowak> i am having problem with apache2
<wizardslowak> apache2 could not reliably determite servers fully qualified domain name
<elnur> jrwren, thanks. i'll give it a try.
<Kutakizukari> When I upgraded my Ubuntu from 9 to 10 it also upgraded my php from 5.2 to 5.3 I need php back to 5.2. How do I do that?
<chrismsnz> Kutakizukari: not sure if that's supported by Ubuntu - you should probably roll back or locate some unofficial packages
<Kutakizukari> chrismsnz, found this will try it. http://www.nickveenhof.be/blog/reverting-or-downgrading-php-53-52-ubuntu-lucid-lynx-1004
<chrismsnz> ah yep, apt pinning should work - test thoroughly to make sure it's not linking against newer libs or anything
<ne7work> hello all i need help
<chrismsnz> just let us know your problem
<chrismsnz> if someone can help they'll speak up
<ryoohki> anyone know if grub 2 can boot etx4?
<ryoohki> do i still actually need a seperate /boot that's ext3?
<thesheff17> I would ryoohki
<impi> good morning, i am building php5 from source so that i can use reflection with GD - wich isn't in the bundled version. I'm in the source dir and have to do a command: dpkg-buildpackage -rfakeroot which i do: this then tells me : Unmet build dependencies: libdb4.7-dev | libdb4.6-dev - when i do the apt install it wants to REMOVE apache2-prefork-dev - how do I stop apt from removing my packages?
<SpamapS> impi: you might want to install devscripts.. you can just use 'debuild' then.
<SpamapS> impi: sorry I answered that before reading your actual question..
<impi> SpamapS, no worries bro, and good morning, i just scp'ed the deb file, i had it build successfully on another server :)
<SpamapS> impi: is this in 10.04 ?
<RoAkSoAx> kirkland, I'm creating a testdrive-common package to install testdrive.py into /usr/share/pyshared/testdrive and then symlink it in /usr/lib/python2.6/dist-packages/testdrive/testdrive.py. Is that ok with you?
<kirkland> RoAkSoAx: yup
<RoAkSoAx> kirkland, and should the symlinking be done during install or post-install?
<impi> SpamapS, no..9.04
<impi> well uhm, ya maybe it is ten..how can i tell?
<impi> hetzner installed the box
<SpamapS> cat /etc/issue
<SpamapS> reason I ask is the dependencies allow for libdb4.8-dev
<SpamapS> in lucid
<impi> SpamapS, Ubuntu 10.04 LTS \n \l
<impi> great tip, thank you for that
<ivoks> lsb_release -a
<ivoks> lsb_release -r
<ivoks> etc...
<SpamapS> ivoks: fancy. ;)
<uvirtbot> New bug: #579809 in php5 (main) "acinclude.m4 macro PHP_CHECK_SIZEOF is not properly quoted" [Undecided,New] https://launchpad.net/bugs/579809
<impi> php5-mysql depends on php5-common (= 5.2.10.dfsg.1-2ubuntu6.4); however:
<impi>   Version of php5-common on system is 5.3.2-1ubuntu4.
<impi> how can i install that version on my ubuntu system?
<SpamapS> impi: you probably have the wrong php5-mysql
<impi> SpamapS, i got it working bro ;)
<SpamapS> impi: werd
<impi> thanks for the help...i just reconfigured it with add pdo...and it kinda went about its thing...and completed..
<impi> yea,
<impi> thank you for assisting me, much appreciated
<SpamapS> :)
<impi> now if only friday can hurry up and bloody get here :D
<eolo999> hi, is there a way to use ubuntu-vm-builder on hardy to create a lucid guest?
<RoyK> is it possible to install ubuntu onto a btrfs partition?
<RoyK> just for test (in a vm)
<guntbert> oubiwann: please don' change your nick so often in the channel
<guntbert> *don't
<uvirtbot> New bug: #579909 in mysql-dfsg-5.1 (main) "mysql fails to build form source on armel" [Undecided,New] https://launchpad.net/bugs/579909
<uvirtbot> New bug: #579924 in bacula "Upgrading Ubuntu LTS skips database version - Fatal error: Version error for database "bacula". Wanted 12, got 10" [Undecided,New] https://launchpad.net/bugs/579924
<garymc> Hi I need help . Ive got a Dymo Label writer 400 which apparently can run on my server so all users can use it.
<garymc> I found some instructions but dont know how to download the tar.gz
<garymc> Extract the files from dymo-cups-drivers-1.0.3.tar.gz. Open a terminal window and run the
<garymc> following commands in the package directory:
<andriijas> Whats up with mysql 5.1 in lucid?
<andriijas> start: Unknown job: mysql
<andriijas> when trying to start
<Pirate_Hunter> one of the options in my fstab is stopping my system from booting, I can't even go into recovery, how do I go about mounting the / filesystem  through the livecd considering its on a raid 0 and than lvm?
<rahman> Hi, I have setup a mail server with postfix + dovecot. Here is my main.cf file: http://pastebin.com/2Uw64vTh
<rahman> THe problem is I get this when I try to send mail: NOQUEUE: reject: RCPT from localhost[127.0.0.1]: 554 5.7.1 <xxxxxxxxxxxx@gmail.com>: Relay access denied; from=<ffffffffff@rahmanduran.net> to=<xxxxxxxxxx@gmail.com> proto=ESMTP helo=<mail.rahmanduran.net>
 * guntbert wonders why "everyone" wants to set up a public mail server 
<rahman> guntbert: Experimenting for learning stuff
<guntbert> rahman: then please don't connect it to the internet - keep it strictly internal
<Jeeves_Moss> just wondering how hard it is to set up a hot failover load balance system
<SpamapS> Jeeves_Moss: like, an IPVS cluster system
<Jeeves_Moss> SpamapS, I have an old Linksys RV082 that's on her last legs.  I'd like to get something a little more stable (....think courtney love with out pills) for tossing into the data center.  I'm going to be transisioning my home server into a 1U rackmount in a data center, and I'd like to get it setup so if one line craps out, it'll fail over
 * RoyK just ordered a new 2x8-core opteron system with 64 gigs of ram :D
<Jeeves_Moss> RoyK, want to share?
<RoyK> hehe
<RoyK> supermicro box
<RoyK> for chewing volcanic ash
<Jeeves_Moss> RoyK, guess I'll just have to live with my dual core 3hz intel box in the basement
<RoyK> these scientists spend a few cpu years with their models
<Jeeves_Moss> lol, well, for me, this is "scrap" systems client's have "tossed" on my reccomendation.
<Jeeves_Moss> she's in a nice little Antec case with 2x500Gb drives striped together, and a 320Gb for boot.
<RoyK> it'll be interesting to see how ubuntu scales to 16 cpus
<Jeeves_Moss> this is true.  let me know!  I've got a dual 3Ghz Xenon 1U in the basement that I'm dying to watch go up in smoke!
<RoyK> striping is like russian roulette
<Jeeves_Moss> lol, I like the Russians.  They're fun to drink with.  (and she's RAID 10 actually to an external drive)
<RoyK> k
 * RoyK uses opensolaris for storage
<RoyK> zfs ftw
<Jeeves_Moss> lol
<Jeeves_Moss> want to add you $0.02 to the convo about doing hot failover load balancing on Ubuntu?
<RoyK> drbd and pacemaker usually works well
<Jeeves_Moss> peacemaker?
<RoyK> http://packages.ubuntu.com/karmic/pacemaker-heartbeat
<RoyK> https://wiki.edubuntu.org/ClusterStack
<Jeeves_Moss> this is what I'm looking to duplacate
<Jeeves_Moss> http://www.cisco.com/en/US/products/ps9926/
<Jeeves_Moss> I've got a dual port NIC that I'm planning on tossing into the rackmount server when I put her into 151 Front st in Toronto.  I get 2 10Base-T connections, so I want to be able to load balance and hot failover on those lines
<RoyK> http://lartc.org/ is a good start
<Jeeves_Moss> humm
<RoyK> it's not easy, but quite doable
<Jeeves_Moss> brb, system reboot
<Jeeves_Moss> lol, nothing I want to do is "easy"!!!
<RoyK> most systems like that use routing protocols that handle failover
<Jeeves_Moss> including this!!  http://www.tessawhite.ca
<Jeeves_Moss> brb
<Jeeves_Moss> sorry about that all
<fallback> hello
<fallback> having problem with software RAID + LVM. After server power off, LVM refuses to create /dev/foo/bar, although /dev/mapper/foo-bar are mountable and intact... pvscan replies no matching physical volumes found... what can i do?
<fallback> re-creating with pvcreate /dev/md0 replies disk not found, while cat /proc/mdstat reports no problem, and volumes are mountable...
<fallback> hello?
<fallback> wrong place to ask this question?
<guntbert> fallback: I don't know for sure if this is the right place or not (it is if somenone can help you :-)) --- but you need to be patient
<fallback> ah ok, sorry
<guntbert> fallback: :)
<uvirtbot> New bug: #580045 in samba (main) "in smbfs package the smbmount binary removed but libpam-mount with smbfs would use it" [Undecided,New] https://launchpad.net/bugs/580045
<fallback> sorry for my impatience, but does anybody have time to help with an software-RAID + LVM problem?
<fallback> in desperate need of advice getting my RAID-LVM setup back up... power-out killed proper LVM handling; RAID array is fine, /dev/mapper/foo-bar mountable but /dev/foo/bar won't appear, pvscan etc all reply no volumes/groups etc found...
<fallback> is it too busy, too easy a question or too difficult? Originally posted this question nearly 60 minutes ago...
<kaushal> hi
<kaushal> I dont see label for /dev , /dev/shm on http://paste.ubuntu.com/432875/
<kaushal> on 10.04 Ubuntu Server
<kaushal> Any clue ?
<kaushal> It says "none"
<mcas> kaushal: i think thats normal
<__3ies__> yes, as far as i know that is right
<kaushal> I dont see that behaviour in 8.04
<__3ies__> because /dev is mounted in a diferent way as of 8.04
<kaushal> __3ies__: still not understood why is it different from 8.04
<kaushal> please explain me with examples
<__3ies__> ok
<__3ies__> i am looking for some examples
<__3ies__> it has to do with udev i think
<__3ies__> earlier you have all dev devices created on disk
<__3ies__> now they are gonna be created as they are used by something or someone
<kaushal> __3ies__: is it documented somewhere ?
<__3ies__> yes
<__3ies__> but i don remember where i read it
<seanr> I've got PHP 5.2, Apache and sendmail installed on my server.  When I try to send an email from PHP, no error is generated, but nothing is ever sent.  I don't see anything in the logs.  Any idea where I should look to debug this?
<kaushal> __3ies__: if you can point me to the document it would be really helpful
<__3ies__> i am working on it but i dont find anything yet for now
<__3ies__> for example this
<__3ies__> http://manpages.ubuntu.com/manpages/karmic/man7/udev.7.html
<__3ies__> or this
<__3ies__> At bootup, the /dev directory should get the 'devtmpfs' filesystem 60     mounted. Udev will manage permissions and ownership of the kernel-created 61     device nodes, and possibly create additional symlinks. If needed, udev also 62     works on an empty 'tmpfs' filesystem, but some static device nodes like 63     /dev/null, /dev/console, /dev/kmsg are needed to be able to start udev itself.
<__3ies__> from this:
<__3ies__> http://git.kernel.org/?p=linux/hotplug/udev.git;a=blob;hb=HEAD;f=README
<__3ies__> and this:
<__3ies__> http://www.kernel.org/pub/linux/utils/kernel/hotplug/udev.html
<__3ies__> and this too:
<__3ies__> http://en.wikipedia.org/wiki/Udev
<seanr> Apache is segfaulting when I try to use the PHP mial function.  Any idea why that might be?  Using Ubuntu 9.04
<seanr> mial = mail
<JohnDoy> seanr: not much info
<seanr> JohnDoy, I have no idea where to look to give you more.  Need help with basic debugging here.
<seanr> error.log reports [Thu May 13 13:30:15 2010] [notice] child pid 21677 exit signal Segmentation fault (11)
<juanjoA> hello, I need some help about run a backup script when I halt the system (ubuntu 10.04)
<JohnDoy> juanjoA: try to put script in /etc/rc.6 with chmod +x
<juanjoA> If I create a script in /etc/rc2.d/K99backup.sh, this dont work on Ubuntu 10.04, maybe upstart ...
<juanjoA> Ubuntu server, run level 2
<JohnDoy> rc6 is run on restart
<juanjoA> ok, I need to save the script on the runlevel halt?
<juanjoA> this is runlevel 0, I think
<JohnDoy> It says: 6 - System Reboot
<juanjoA> But I need this when I halt the server ...
<JohnDoy> On shutdown ?
<juanjoA> this = make the backup
<juanjoA> Yes on shutdown
<JohnDoy> rc6 is executed on reboot, that means Shutdown, killing apps
<juanjoA> ok, I will probe, thx
<JohnDoy> http://en.wikipedia.org/wiki/Runlevel
<__3ies__> kaushal: was it enough for you?
<enav> hello i'm building my first web server using ubuntu server edition...  everything is running well is guess but i'm worry about security... guys can you give me some good  article or guide to provide security to my server????  thanks
<__3ies__> https://help.ubuntu.com/10.04/serverguide/C/security.html
<enav> thanks mate
<JohnDoy> __3ies__: install shorewall (interface to iptables, a firewall)
<kaushal> __3ies__: shall i pvt message you ?
<__3ies__> yes
<__3ies__> enav: not at all but you have read the heading of this irc where you ca see "Docs and resources: https://help.ubuntu.com/10.04/serverguide/C/" the next time :P
<enav> thanks bro
<__3ies__> enav: not at all :)
<seanr> Strange - php test email script works from CLI, but segfaults apache when called from the web.  Anyone seen this?
<JohnDoy> Has the JeOS`s vmbuilder a xen support ?
<JohnDoy> seanr: do you have installed mail clients like sendmail ?
<seanr> JohnDoy, yes, I have sendmail installed.
<seanr> Running from the commandline works and sends the email
<JohnDoy> http://ubuntuforums.org/archive/index.php/t-34786.html
<JohnDoy> fix sendmail_path in php.ini
<seanr> JohnDoy path in phpinfo() viewed from the web is already correct. /usr/sbin/sendmail -t -i
<seanr> $ whereis sendmail
<seanr> sendmail: /usr/sbin/sendmail ...
<seanr> So I'm still at a loss.
<JohnDoy> I Don`t have idea ...
<seanr> There's also almost nothing different between the two php.ini files (/etc/php5/apache2/php.ini and /etc/php5/cli/php.ini)
<iKb> hi all
<iKb> how can i installa a specific php version?
<jldugger> iKb: how specific?
<iKb> 5.2.13
<iKb> not the 5.3 version
<iKb> is possible with apt-get to select the version to install?
<pwnguin> no
<pwnguin> well, you could pin the package if it were available
<pwnguin> but afaik, it's not
<pwnguin> keep in mind that if you do that, you'll be missing security patches
<pwnguin> http://packages.debian.org/changelogs/pool/main/p/php5/php5_5.3.2-1/changelog#versionversion5.2.12.dfsg.1-2
<iKb> i can't use php 5.3
<iKb> my aplication at the moment is not compatible
<pwnguin> you could build that package
<iKb> can i use something like "apt-get install nautilus=2.2.4-1"
<iKb> but how can i have a list of all the versions
<lord_koala> Hi everyone! I have Ubuntu hardy 8.04 server with command line install. I can't activate my wi-if.. can anyone help me out, please?
<pwnguin> i think apt-cache madison, but you won't like the results
<pwnguin> lord_koala: your server uses wifi?
<lord_koala> pwnguin: I am a anewbie.. just wanted to get wi-fi on my test pc.. our cable is in the living room and I don't want to clutter it with my desktop.. wife don't like it.. so I have to hide it
<iKb> pwnguin: apt-cache show or showpkg
<iKb> i think this is the answer
<pwnguin> afaik, there has never been a debian package of 5.2.13
<pwnguin> you'll have to build from source'
<iKb> it will not be simple as apt-get :(
<pwnguin> life aint fair ;)
<pwnguin> you could always port the application to 5.3 in case that's easier
<pwnguin> or stick with an older release of ubuntu and php until your app is future ready
<cipher421> did dhcp3 change in 10.04?
<iKb> ok tnx going to reboot from ubuntu
<lord_koala> hi everyone - can anyone help me with a wi-fi activation on my hardy 8.04 server, please? when I try iwconfig wlan0 essid <name of the essid> it returns  error for wifi request "Set ESSID" (8B1A): and set failed on wlan0: invalid argument
<Guest64942> how to login eucalyptus-cloud ?
<Guest64942> [error:0185] User 'eucalyptus' validated
<Guest64942> [error:0215]
<Guest64942> [error:0255] Failed to load Eucalyptus.
<Guest64942> [error:0390] Service exit with a return value of 1
<pwnguin> lord_koala: have you disabled network manager?
<lord_koala> I have no idea.. perhaps :) how can I activate it
<lord_koala> when I try ifconfig wlan0 up it returns IDCSIFFLAGS: invalid argument
<pwnguin> i think you have to take a look at /etc/network/interfaces
<lord_koala> when I try ifconfig wlan0 up it returns SIDCSIFFLAGS: invalid argument
<lord_koala> what should I look at there?
<pwnguin> if it's all auto then network manager takes over
<thesheff17> are you using the GUI to manage your network connections or have you changed /etc/network/interfaces
<lord_koala> just command line.. fresh install
<lord_koala> but I put the wi-fi card after I completed the install
<lord_koala> no GUI
<thesheff17> ah ok
<thesheff17> well then everything will be in /etc/network/interfaces
<thesheff17> to configure
<thesheff17> do you see the card w/ lspci
<lord_koala> in /etc/network/interfaces, everything is auto, but it was only eth0 and lo.. I put auto wlan0
<lord_koala> and iface wlan0 inet dhcp
<lord_koala> address netmask network and broadcast all have values, but I entered them.. maybe it is wrong
<lord_koala> what is lspci?
<Callum__> lord_koala: lists all the connected PCI cards and controllers on your system
<lord_koala> Callum_ :how can I do that?
<lord_koala> thesheff17: lspci returns these => network: intersil corp. prism 2.5 rev01  --- ethernet: intel 82540EM gigabit ethernet card ver02
<thesheff17> so is that what you added?
<lord_koala> it seems so
<thesheff17> that doesn't look like a wireless card
<lord_koala> this is the chipset.. how can I see my driver
<thesheff17> linux isn't like windows with drivers really...the kernel which drives hardware has built int support for devices
<lord_koala> mine is d-link 520.. I think it has intersil prism chipset
<thesheff17> do you also have a ethernet adapter in the machine?
<lord_koala> theseff17: what should I do than :)
<lord_koala> yes. ethernet is there
<thesheff17> so the device you are trying to configure is a d-link 520 wireless adapter
<thesheff17> the first thing is you have to make sure lspci sees it
<thesheff17> then once it can see it you can mess around with /etc/network/interfaces
<thesheff17> yea it is kinda tough sometimes you have a device with a brand name but the chip on it comes from another vendor like intel or whoever
<lord_koala> how can I understand if lspci is seeing it or not?
<thesheff17> kinda have to just match them up
<thesheff17> ah ok...so ethernet and wireless adapters are separated...so here is the output of mine
<thesheff17> 09:00.0 Ethernet controller: Broadcom Corporation NetLink BCM5906M Fast Ethernet PCI Express (rev 02)
<thesheff17> 0c:00.0 Network controller: Intel Corporation PRO/Wireless 3945ABG [Golan] Network Connection (rev 02)
<thesheff17> so it looks like this is your wireless adapter:  network: intersil corp. prism 2.5 rev01  --- ethernet: intel 82540EM gigabit ethernet card ver02
<thesheff17> when you do lspci you see one that says ethernet right? and that is different then Network
<thesheff17> also what version of ubuntu are you using?
<thesheff17> this page might also help determining if your wireless adapter is supported: https://help.ubuntu.com/community/WifiDocs/WirelessCardsSupported
<lord_koala> 8.04 lts hardy
<thesheff17> k
<lord_koala> mine seems to be intersil corporation prism 2.5
<thesheff17> so that is the chipset...it doesn't really matter...as long as it sees it.
<lord_koala> so it sees it.. I think it is disabled.. but when I try ifconfig wlan0 up, it doesn't work
<thesheff17> what do you have in /etc/network/interfaces
<thesheff17> it needs to be configured in there
<thesheff17> prior to doing ifup ifdown or /etc/init.d/networking restart
<thesheff17> also if your wireless network is using security all that has to go in that file as well
<thesheff17> wep or wpa or whatever you are using
<thesheff17> the problem is most poeople don't put wireless adapters inside a server edition of ubuntu
<thesheff17> the desktop version has a network manager that takes care of all this through the GUI
<thesheff17> for you
<lord_koala> this is the server :( I looked ar interfaces.. my wlan0 wasn't there and I put wlan0 auto
<lord_koala> oh.. so.. I need to configure /etc/network/interface..  could you tell me how I can input password and wpa there?
<lord_koala> thesheff17: I only have eth0 and lo configured in /etc/netwrok/interfaces - it seems to be the problem is here.
<thesheff17> yea I'm trying to find you a good example on google...but the docs are hard to find:
<thesheff17> here is one that looks pretty good:
<thesheff17> auto wlan0
<thesheff17> iface wlan0 inet dhcp
<thesheff17> wireless-mode Managed
<thesheff17> wireless-essid myssid
<thesheff17> wireless-key s:mywepkey
<thesheff17> try to add that all to your /etc/network/interface file
<thesheff17> /etc/network/interfaces I mean
<lord_koala> I use wap..
<lord_koala> wpa2 actually
<lord_koala> is it still aftes optipn "s"?
<thesheff17> sudo apt-get install wpasupplicant
<thesheff17> prob need that
<thesheff17> https://help.ubuntu.com/community/WifiDocs/WPAHowTo
<thesheff17> it is pretty confusing but with some tweaking you can get it working
<thesheff17> avoid the network manager since you are on the server
<lord_koala> do I need internet connection to use apt-get for wpa :)
<thesheff17> haha yea
<lord_koala> it defies the logic :)
<lord_koala> but at least my wi-fi should be working if I configured right.. password is a later step..
<thesheff17> hehe I know...apt-get used to default to the cdrom but they have gotten away from that.
<thesheff17> yes
<thesheff17> password goes in a config file some where
<lord_koala> I edites /etc/network/interfaces and restarted the machine
<thesheff17> you can do /etc/init.d/networking restart
<thesheff17> to restart all networking interfaces
<thesheff17> and then use ifconfig to see all them
<lord_koala> what about this	wireless-key s:mywepkey
<thesheff17> I would remove that and follow the instructions for useing WPA
<lord_koala> mywepkey isn't the actual password
<thesheff17> well yea but it is not for wep
<lord_koala> I stÄ±ll see eth and lo only when I look at ifconfig
<lord_koala> seems hopeless
<thesheff17> well there are tools for searching for wireless networks...it isn't hopeless but definitely harder to do on a server.
<thesheff17> w/ no GUI
<lord_koala> when I use restart it fails to start wlan0
<lord_koala> it says error for wireless request "Set Mode"
<lord_koala> set failed on device wlan0: operation not supported
<thesheff17> hmmm...yea it is hard to find the exact settings because everyone uses the GUI
<thesheff17> I would get those wpasupplicant installed
<thesheff17> and play around with the tools
<thesheff17> and see if can even discover the SID around you
<lord_koala> what is SID
<thesheff17> SID is short for security identifier which is assigned to your router that is broadcasting its name
<lord_koala> thesheff17: thanks alot.. you gave me the basics.. now it is up to me to solve the rest :)
<thesheff17> yea try to discover the networks and see what you can get working...also sometimes it may not be wlan0 and ath0 sometimes....there should be a tool that tells you which is which but I forget which tool that is
<thesheff17> the reason they are different is because they have different kernel drivers for each
<thesheff17> if you need more help just come back to this board or post on the ubuntu forums...but the ubuntu forums seem to go un answered for allot of my questions :-/
<lord_koala> yeah.. forums are not the best place for specific questions :)
<thesheff17> hehe the other thing you could do is bridge a laptop wireless adapter to the ethernet adapter and the plug the ethernet adapter from laptop into the server
<kaushal> hi again
<thesheff17> I have had to do this before because I didn't have an internet connection on the server.
<kaushal> man mount says (The customary choice none is less fortunate: the error message `none busy' from umount can be confusing.)
<kaushal> what does that mean ?
<kaushal> in context to my query regarding "none" device label on 10.04 server
<thesheff17> kaushal: what are you trying to mount
<thesheff17> what kind of share?
<kaushal> thesheff17: let me pastebin it
<kaushal> http://paste.ubuntu.com/432978/
<thesheff17> I guess that has to do with your tmpfs
<thesheff17> file systems
<thesheff17> I have never seen that before
<kaushal> yes
<kaushal> strange for me too
<thesheff17> why so many tmpfs ?
<kaushal> why it works for 8.04 and not on 10.04
<kaushal> I mean the device label
<thesheff17> this one is on the 10.04 but not on the 8.04
<thesheff17> none         tmpfs     36G     0   36G   0% /lib/init/rw
<thesheff17> maybe that is the one causing the error
<thesheff17> I have to run...but I will be back on later...kaushal sorry couldn't help more
<Pirate_Hunter> can someone look at my fstab -  http://pastebin.com/3bcHr1kS - and tell me why my quota settings on / are not being applied when running command quotacheck -avugm which outputs quotacheck: Cannot find filesystem to check or filesystem not mounted with quota option
<enav> im noob... how FTP manage accounts and passwords?
<enav> for example my linux user is /home/enav
<failover> enav, why you need to use FTP  ?
<enav> if i want to connect to my server with another name i need to create anoter linux account????
<failover> can't you stay with ssh ?
<enav> yes i can... but is just a question to understand how FTP works
<guntbert> enav: by default it uses the accounts in the system
<enav> i finished a text here: http://is.gd/c7SuC   but this says nothing about create new FTP account or something like that
<enav> so to resume this  SSH  and  FTP just remote connections and works with system accounts?
<failover> by default!
<failover> but you could set another source for users !
<failover> a mysqldb, ldap, etc..
<enav> i want to be able to create an account and a password and limit that user to one folder
<failover> search for virtual users vsftpd for samples !
<dominicdinada> enav are you using samba ? that is simple then
<enav> no im buiding a web server with ubuntu  but im still learning
<dominicdinada> enav: samba will take care of that as well
<enav> over internet?
<dominicdinada> on the same network
<enav> hum
<enav> i want to set my server simple   just give the webmaster the domain, the ftp server address ftp user and ftp password... simple
<dominicdinada> while it is possible to do with ubuntu server you can do that with any desktop os also you just need a ftp server( software )
<enav> i made a couple o f web sites in the pass... so i want to made my web server works like those i used in the past
<enav> maybe i need to google vstftpd  for further information
<dominicdinada> you gonna host it to the internet from your server? are you going to use a domain forwarder or just have people connect via your ip?
<enav> yep a DNS pointing to my static IP
<dominicdinada> you most likely have a dynamic ip that doesnt change ... :) but then dont forget to open the port on your router for ftp,http etc :)
<enav> ok
<enav> im reading the information on the ubuntu website... this is good and vague same time
<dominicdinada> dont forget to let me know when you get your site up =)
<enav> roger amigo
<Adylas> Hello ! Is there a 10.04 version of jeos ?
<enav> i forwarded port 80 to my local ip but i cant acces my web server from outside... what is wrong?
<zatunk> So... I'm about to upgrade my home-server from an old 600Mhz desktop from the stoneage to something more up to date, my plan is to build a media-center desktop with virtual instances of ubuntu-server, one for development and one for production. Is this a particularly bad idea, to host a production server on top of a desktop os in the manner of performance and/or security?
<cloakable> It may not make much sense running a desktop machine 24/7 as a home server. You might be better served with an Atom D510 box as a dedicated home server.
<cloakable> It'll save you plenty of money in the long run versus running a desktop 24/7
<enav> im new on this... every time i restart my apache this show me this output but i don know whether this is good or bad http://pastebin.com/TaA9QyCF
 * f1yback bbl
<zatunk> cloakable: heh, I was rather thinking the new athlon II x3 45W to have some muscles under the hood :/
<cloakable> zatunk: What for? home server is a very low-power situation. My server rarely uses more than ~5% CPU over all four cores.
<zatunk> cloakable: yeah I know, just me being stubber, when I deploy my production services, I'm of course better of to rent space at a hosting company...
<zatunk> enav: maybe this will help: http://serverfault.com/questions/1405/apache2-startup-warning-namevirtualhost-80-has-no-virtualhosts
<mikedep333> hey, I'm planning on copying my ubuntu 10.04 install from one partition to another. Should I go into a live cd/usb environment, create the new filesystem, use the tar command as listed here: http://www.tiplib.com/174/copy-filesystem-another-filesystem-tar, edit fstab for the new UUID, and then reinstall grub2?
<enav> thanks mate
<enav> what is a PAM cession ???
<theacolyte> So, how do I get into single user mode in 10.04?
<enav> nm
<theacolyte> It b oots before I can do anything
<theacolyte> Tried to boot from CD< but the CD just forces a boot from the drive
#ubuntu-server 2010-05-14
<theacolyte> WhatI've found in 10.04 is if you do anything that interferes with the boot process, like in my instance, incorrectly adding an IP to a network interface, and you reboot
<theacolyte> You can't boot anymore
<theacolyte> Not to sound unconstructive, but that seems pretty awful to me
<theacolyte> And now I can't get into single user mode to fix it
<theacolyte> So I'd be more than glad ffor some suggestions.
<theacolyte> wonderful
<theacolyte> How do I access the drive on my ubutnu server if I can't  boot?
<theacolyte> I need to edit /etc/network
<theacolyte> since apparently that broke it
<Smeh> ok, in bug reports / install guides etc for 10.04 i keep coming across people refering to choosing "advanced" at the end of the installer where you can choose / check what drive grub is going to be installed to
<Smeh> but don't see any evidence of any advanced option myself? :|
<Smeh> also, on a tangentially related note, say i'm aiming for a LAMP server with x-windows gui, which makes more sense
<Smeh> starting with server and installing X, or using desktop and installing the lamp services?
<pmatulis> Smeh: if your desktop environment will be GNOME i would choose the latter
<Smeh> probably will be gnome
<STF> hi
<STF> i running my ubuntu-server on a Laptop, without x11, and now i'm looking for a way to shutdown the backlight of my screen, cause i administrat my server about ssh from another machine
<qman__> closing the lid usually does the trick
<RickyWh1> is it easy to switch out apache2 for cherokee ?
<RickyWh1> is there some way I can test my apache server to find out how many requests it can handle before it gets overloaded?
<fbc-mx> does anyone know of a condition that would make everything even your root disappear then mysteriously come back after a reboot? ex."-bash: /bin/ls: Input/output error"
<fbc-mx> a
<gkahla> is hald enabled by default on ubuntu server 10.4?
<deslector> hi, what is the best way to run iFolder on Ubuntu?
<lord_koala> Hi everyone: dmesg | grep wlan0 gives me wlan0: cannot get RID fd42 (len=6) - no PRI f/w  ... I am trying to connect with my prism 2.5 chip wi-fi card. ifconfig only shows eth0 and lo. I tried to load some firmware to /etc/network/Ä±nterfaces for prÄ±sm 2.5 and no luck. lspci -v shows I have my network card Ä±s prÄ±sm 2.5. Any help is appreciated. thanks.
<lord_koala> I am running hardy 8.04 server edition.
<acerimmer> When running Virtual Box on ubuntu server, how do I network connect to the virtual machine?
<f1yback> if it's in bridge mode
<f1yback> just like any other real box on your lan acerimmer
<acerimmer> f1yback: ah.  thank you. gottago and try it
<f1yback> smoke me a kipper
<RickyWh1> which file to I edit to top apache2 web server from loading up?
<acerimmer> f1yback: whattaguy!
<f1yback> heheh
<chrismsnz> hey guys, i'm installing security updates on my server
<chrismsnz> is there a command that will show me a changelog for the affected packages before i install them?
<cleary> hi folks, I'm setting up a ppa for the first time, dput is failing with a connection refused error, and I cannot ftp directly to ppa.launchpad.net from multiple connections (none of which are firewalled)
<cleary> I'm assuming there is a service outage, but just wanted to confirm before I spend any more time on it
<cleary> chrismsnz: try aptitude changelog <package>
<chrismsnz> cheers cleary _b
<chrismsnz> it's a good start
<enav> hello im new to this....   i want to set up a vsftpd server with multiple virtual user usin PAM authentication... i got a good guide but it use a weak password authentication i mean just password uptu 8 character... i want something stronger...  give some web site or guide pleas
<uvirtbot> New bug: #580319 in dhcp3 (main) "dhcp3-server launches before upstart brings all interface, thus failing to start" [Undecided,New] https://launchpad.net/bugs/580319
<qman__> enav, there's not much point to using strong passwords with FTP because it's a clear text protocol
<enav> yeah yeah  im reading something like you said....   :S
<qman__> you CAN, but you're still shouting them out for the world to see
<enav> you are right  ftp with password is just to preven noob hackers
<rahman> Hi, I have setup a mail server with postfix + dovecot + squirrelmail. Here is my main.cf file: http://pastebin.com/2Uw64vTh
<rahman> I ave a problem, I can send email to aaaa@rahmanduran.net from bbbb@rahmanduran.net. But I can't send email from bbbb@rahmanduran.net to different domain like cccc@gmail.com.
<rahman> I get a "Relay access denied" error from postfix
<enav> virtual users and SFTP is possible???????
<rahman> enav: can you explain more? I use virtual users, and have a table virtual_users in mysql
<rahman> email accounts of my domain can receive email from diffrerent  domains with success, btw
<enav> can you make a new system user that have access to SFTP but is not allowed to use SSH, and limit this SFTp to one folder????
<qman__> enav, yes, look up sftponly and chrootdirectory in sshd configuration
<qman__> this is a new feature as of ~9.10 IIRC
<uvirtbot> New bug: #580375 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.41-3ubuntu12 failed to install/upgrade: Package is in a very bad inconsistent state - you should  reinstall it before attempting a removal. cant stop mysql server to reinstall it" [Undecided,New] https://launchpad.net/bugs/580375
<realV> hi to all
<realV> I'm trying to setup an high availability system, really simple (account, ftp, file sharing, mail), with a pair of servers, one principal and one "backup", that switch on in case of failure.
<realV> i've looked for UEC, but is really too big for my little infrastructure
<realV> drbd for sync data is a good solution, but there are too much ways.
<enav> my head is going to blow UP!!!!!!!!!!!!    this article say that Now alice can use SFTP to read from and write to her ~/public_html/ directory, but can't use OpenSSH to get a shell, nor even to read files outside of ~/public_html. ......... but is a lie   i can see and change all system folders.... what im doing wrong
<enav> ups this is the article http://is.gd/c8uMy
<juanjoA> Hello, how I can remove the configuration of raid on 2 hd. I delete all partitions but when I reinstall, partman recognises old distribution of raid ...
<juanjoA> maybe MBR
<realV> you can use dd on the device
<realV> if you have /dev/sda, you can remove mbr with 'dd if=/dev/zero of=/dev/sda bs=512 count=1'
<realV> keep in mind that all the data will be lost
<juanjoA> realv: ok, thx, I will probe this
<juanjoA> Is there a ubuntu 10.04 server guide on PDF?
<sommer> jussi: I don't think there is at the moment, but there may be in the near future... I think there was an issue in generating the Lucid pdf.
<Jeeves_> An issue creating a pdf? :)
<jussi> hrrr
<sommer> well automatically creating a pdf
<uvirtbot> New bug: #580424 in libpam-ldap (main) "package libpam-ldap 184-8.2ubuntu1 failed to install/upgrade: " [Undecided,New] https://launchpad.net/bugs/580424
<RoAkSoAx> kirkland, by any chance do you have a copy of the testdrive gobby doc? Cause its gone from gobby :S :/
<kirkland> RoAkSoAx: crap ....
<kirkland> RoAkSoAx: i didn't copy it to the blueprint :-(
<RoAkSoAx> kirkland, neither do I :S. Hopefully someone else saved it :/
<kirkland> RoAkSoAx: you should /join #testdrive
<_chris_> is it usual for apache2 to have about 10procs running ?
<guntbert> _chris_: yes, they are running in because starting a new process takes "a lot" of time
<guntbert> *running because ...
<RoyK> _chris_: see StartServers/MinSpareServers/MaxSpareServers
<RoyK> in apache.conf
<RoyK> apache2.conf
<_chris_> ah okay
<_chris_> 5/5/10
<guntbert> _chris_: if you don't expect many requests on you server you can reduce those values
<_chris_> guntbert: ok, thanks :)
<musimar> hello I have a problem with my email server
<musimar> I can send emails in local but not outside
<musimar> http://paste.debian.net/73252/
<musimar> this is the paste of the end of my /etc/postfix.cain.conf
<musimar> main*
<guntbert> musimar: why do you need a public smtp server?
<musimar> because the server is at home
<guntbert> musimar: no, my question was: why does it have to be public? why not just (for learning ) confined to your private network?
<musimar> hummmm
<musimar> don't know ;-)
<musimar> it's better to send emails outside no?
<musimar> :-D
<guntbert> musimar: if you don't "*really* know what you are doing" don't run an smtp server with access to/from the internet - it can get you in troubles rather quickly (google for "open mail relay")
<dwight> Hola, I'm wondering what is the easiest way to recover the default apache ports.conf file for ubuntu 10.4... am I likely to find it on the wiki, community docs, or is there an aptitude command I can use to revert?
<jpds> dwight: Consider using etckeeper. :)
<dwight> etckeeper looks like a nice solution!
<dwight> but won't help me out of the current jam.
<_chris_> heja. having a small issue. i have an ubuntu-server in our firms network. before it was set to dhcp and i could access the webpage per servers hostname. now we gave it a fix ip adress and since then its not possible anymore to reach the website per the servers hostname, always have to enter the ip adress instead. maybe anyone has an idea ?
<_chris_> well its not only the webpage, he isnt reachable by its hostname in any way. may it be putty, a ping or whatever
<egsome> Is there any Application that helps making my Ubuntu-Server a Router for my Office ?
<cloakable> egsome: ipmasq
<egsome> cloakable, Great, Thanks
<cloakable> egsome: no problem
<cloakable> egsome: if you want a more powerful solution, shorewall. but ipmasq will do the basics.
<egsome> cloakable, Shorewall is to be installed on Ubuntu or as a distro ?
<cloakable> egsome: shorewall is a program. it's in the ubuntu repo
<egsome> cloakable, good
<cloakable> egsome: but it isn't a fire-and-forget solution like ipmasq... it needs configuring.
<egsome> cloakable, What do you recommend for me ? i only need the server to act as router, i need to restrict web access to some sites, and do more like that jobs
<cloakable> egsome: hmmm. not sure. I don't know how to restrict access
<egsome> cloakable, no problem, but generally what do you recommend ? and access restrict and suck jobs are done by iptables, no problems
<cloakable> egsome: sounds more of a job for shorewall, it's more configurable than ipmasq
<egsome> cloakable, OK Thanks, will look on it
<RoyK> hi all. I have a package list from a 9.04 server - is there an easy way to install all _existing_ packages from that list on a 10.04 box?
<bogeyd6> RoyK, im not sure they would all be compatible
<bogeyd6> you could just make the list into one big line of text and apt-get install <paste files>
<RoyK> bogeyd6: that's the probem - but an upgrade works, only I don't want to install 9.04 and then upgrade
<bogeyd6> hmm
<bogeyd6> RoyK, did you download all of the dpkg files?
<bogeyd6> or .debs
<RoyK> no, I'm trying to apt-get install `cat list.txt`, but it halt if it finds an unknown package
<RoyK> it'd be nice for those to be simply ignored
<_chris_> heja. having a small issue. i have an ubuntu-server in our firms network. before it was set to dhcp and i could access the webpage per servers hostname. now we gave it a fix ip adress and since then its not possible anymore to reach the website per the servers hostname, always have to enter the ip adress instead. maybe anyone has an idea ?
<cloakable> _chris_: you might want to add the server to your dns.
<RoyK> erm... " rsyslog: Conflicts: linux-kernel-log-daemon" - wtf is this? rsyslog is installed, but I have no linux-kernel-log-daemon in my list
<RoyK> klogd...
<RoyK> got it
<RoyK> http://pastebin.com/hCHtteKt
<uvirtbot> New bug: #579274 in postfix (main) ""unknown job" trying to restart postfix" [Undecided,Invalid] https://launchpad.net/bugs/579274
<axisys> failing to upgrade
<axisys> http://pastie.org/private/9vlrulhrxx9a55pvahxpya
<axisys> how do I change my repo ?
<axisys> may be will have better luck w/ another repo
<bogeyd6> axisys, edit /etc/apt/sources.list
<bogeyd6> anl.gov is the fastest for most people
<bogeyd6> sometimes down for maintenance
<axisys> bogeyd6: it is not down.. i can talk to port 80
<bogeyd6> also it looks like you fudged the sources.list file
<bogeyd6> all of these are 404 messages
<bogeyd6> axisys, pastebin your /etc/apt/sources.list
<axisys> bogeyd6: ok
<bogeyd6> file guinely doenst exist
<bogeyd6> axisys, that file does exist in another mirror
<axisys> bogeyd6: http://pastebin.com/znsKxZih
<bogeyd6> axisys, looks ok to me
<bogeyd6> prob just need to go ahead and switch to the ubuntu.cs.wisc.edu
<slipper1024> UEC CC CLC SC Walrus on 1st server
<slipper1024> NC on 2nd and 3rd server
<slipper1024> as per guide https://help.ubuntu.com/community/UEC/CDInstall
<slipper1024> cant --discover-nodes
<slipper1024>  or --synckey
<slipper1024> any ideas guys, Lucid 32bit
<axisys> bogeyd6: so like this?
<axisys> bogeyd6: sed 's/mirror.anl.gov/ubuntu.cs.wisc.edu/' /etc/apt/sources.list > /tmp/list; cp /tmp/list /etc/apt/sources.list ?
<axisys> i backed it already
<axisys> bogeyd6: or there is an elegant ubuntu tool there, like for desktop ?
<axisys> bogeyd6: did just that.. lets see if do-release-upgrade works now
<axisys> bogeyd6: you were right. noticibly slower
<bogeyd6> kk
<bogeyd6> axisys, anl.gov is the fastest for anyone in the midwest
<jpds> mirror.anl.gov is awesome.
<jpds> axisys: sed -i...; would save you the cp.
<bogeyd6> axisys, they run an oc192 out of the argonne laboratory
<bogeyd6> jpds, sorry, i meant they now run a dual oc192 out or argonne
<jpds> bogeyd6: I know.
<jpds> bogeyd6: I've spoken to the admins in the past before. :)
<bogeyd6> i dont speak to them
<bogeyd6> :)
<bogeyd6> probably never would or have cause to
<bogeyd6> but they are a public entity and as such everything they do is online
<dinda> ivoks: ping
<ivoks> dinda: pong :)
<wizardslovak> hello people
<wizardslovak> why is apache showing "index of.." instead of actual website?
<cloakable> wizardslovak: Have you put a website into /var/www?
<aoeuhtns> wizardslovak, probably because the "Indexes" option is on and there is no index document (index.html)
<wizardslovak> i actually made folder with website name and put everything in it
<wizardslovak> then in sites-available/website  i changed document root to website flder
<cloakable> wizardslovak: did you then do 'sudo a2ensite website'?
<wizardslovak> oh no
<wizardslovak> do i have to wrtie "a2ensite /etc/apache2/sites-available/website?
<cloakable> No
<wizardslovak> cause i am geting error "no site found matching
<cloakable> wizardslovak: are you doing as root or regular user?
<wizardslovak> root
<wizardslovak> probably i did something wrong in sites-available/website conf
<cloakable> Unlikely
<wizardslovak> hmm
<cloakable> what is the name of the file in sites-available?
<wizardslovak> so whats the corrent command for a2ensite
<wizardslovak> wizzy
<cloakable> sudo a2ensite wizzy
<wizardslovak> ok got it
<wizardslovak> i forgot to put correct folder in "directory" ;) thank you people
<wizardslovak> yea one more think
<wizardslovak> can i connect usb printer and use it with CUPS in ubuntu?
<ivoks> in ubuntu server?
<ivoks> yes
<Wack479> good morning!
<wizardslovak> huh somehow when i connect usb printer i dont see it
<Wack479> I am having issues with my 9.04 server running kernel 2.6.28-18-server. About 2-3 times a week my networking service has to be restarted. It happened again this morning and i got this in the kern.log http://pastebin.com/iHfL1DVL
<axisys> bogeyd6: ubuntu.cs.wisc.edu is working .. no 404
<axisys> bogeyd6: thanks for your help
<iKb> is there a simple way to install php 5.2 on ubuntu server 10.04?
<Wack479> ikb: apt-get?
<iKb> apt-get install php 5.3
<iKb> i need php 5.2
<Wack479> oh ok sry
<iKb> is apt-get pinning the only solution?
<axisys> =pkg_version_number have you tried that?
<axisys> iKb: ^
<axisys> iKb: man apt-get will show you the syntax
<iKb> axisys: there is no 5.2 version for 10.04
<iKb> this is why i need pinning
<wizardslovak> su
<wizardslovak> thats weird
<wizardslovak> http://pastebin.com/v08atfZ4
<axisys> iKb: check man apt_preferences
<iKb> axisys: this is for pinning no?
<axisys> iKb: yes
<stas_> hi, can somebody help me, I got an entry like this in aliases>test :include:/etc/postfix/lists/test and postfix appends @$mydomain to that entry each time a new mail is received. what Iam doing wrong?
<uvirtbot> New bug: #580565 in dbconfig-common (main) "package dbconfig-common 1.8.44ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/580565
<Wack479> I am having issues with my 9.04 server running kernel 2.6.28-18-server. About 2-3 times a week my networking service has to be restarted. It happened again this morning and i got this in the kern.log http://pastebin.com/iHfL1DVL
<wizardslovak> is there software in which i can connect with web browser to check status/traffic on server?
<tannerb> Ok, I'm going slightly mad. I'm installing 10.4 on a new server using 4 750 GB drives. 2 of those I pulled out of an old server that was using some nvidia fakeraid. I fdisked the previously used discs to the partition table I want, but the ubuntu installer keeps wanting to activate the old raid configuration on those discs. Is there a place I'm not thinking of where that stuff would be hidden that fdisk wouldn't touch?
<tannerb> My apologies if that's a silly question, but I can't think of where that configuration would be hidden after a whole new partition table had been written to the disk...MBR or some such? Have I gone entirely insane?
<Bart_> I'm now running 2.6.32-22-generic-pae. How do I switch to the server kernel?
<failover> Question about hardware requisites for a mail server, Lucid + Postix + MailScanner + SpamAssasim + Dovecot, 7k incoming mail , 4k outgoing mails, 800 users. Which should be the minimum hardware to run this setup ?
<failover> a virtual machine with 1 GB of ram do the trick ?
<ninjai> how do i set up phpmysqladmin? I downloaded it through apt-get but find no php page anywhere
<uvirtbot> New bug: #580590 in squid (main) "Squid no longer uses $SQUID_MAXFD" [Undecided,New] https://launchpad.net/bugs/580590
<AmokPaule> ninjai try to locate phpmyadmin then do a link to that folder
<uvirtbot> New bug: #580611 in puppet (main) "variable scope problem" [Undecided,New] https://launchpad.net/bugs/580611
<bkingx> Greetings! Quick question: a script that runs at startup is run under what user?
<RoyK> root
<bkingx> thanks RoyK
<bkingx> Next question, trying to script some gpg decryption in that script and I am thinking it can't access the .gnupg folders/files.
<bkingx> So how can a script at startup, running as root, can't access those files?
<mr_daniel> I use ubuntu since 5.10; before I tried debian several times, which was a lot fun. I want to setup my first root server, both for fun but also to start building cool web apps with tools I like to use and without any limitations from web hosters; I am at a point where a simple LAMP configuration is not enough.
<mr_daniel> but the problem is: I never owned a root server, and I don't know where to start?
<mr_daniel> I hope you guys can give me some tips where I can start, maybe
<mr_daniel> a good book
<Hypnoz> mr_daniel: apt-get update && apt-get install apache2 && apt-get install mysql-server && apt-get install php5 && apt-get install phpmyadmin
<mr_daniel> Hypnoz: :)
<mr_daniel> wait, why not use aptitude?
<Hypnoz> because aptitude takes longer to type than apt-get of course
<Hypnoz> mr_daniel: after you've installed the LAMP stack, and have a more specific question, that might be good
<Hypnoz> mr_daniel: just asking how to create a server that hosts a webpage is too broad, and something that should probably be googled for since it takes quite a few steps
<mr_daniel> I guess you are right Hypnoz
<Hypnoz> is "googled" a recognized verb of the english language yet?
<Hypnoz> mr_daniel: really creating the web hosting server isn't the hard part. programming the site in php/javascript/etc is what takes skill
<Hypnoz> mr_daniel: there are some frameworks that might be worth learning like cakephp or django
<Hypnoz> mr_daniel: or maybe installing something like wordpress
<Hypnoz> mr_daniel: something like wordpress would cut waaay down on the web programming aspect required
<mr_daniel> I want to go further
<mr_daniel> for example I want to build a web app with CoucDB, or with J2EE, and want to be prepared for high traffic, etc.
<Hypnoz> mr_daniel: why couchdb instead of mysql?
<mr_daniel> because I want to learn new things
<mr_daniel> and CoudhDB is cool :) and sounds very interesting
<Hypnoz> try django I got a friend that loves it, and its a very popular thing to put on a resume
<Hypnoz> and you'd get to learn python too
<mr_daniel> never used django, but I used python for a few things and I like the language
<vkramar> I have some troubles enabling PHP in userdir on 10.04. Already tried both /etc/apache2/mods-enabled/php5.conf and /etc/apache2/conf.d/php-in-homedirs.conf ways as described on wiki, but no success. Can anybody point me right way?
<RoyK> http://pastebin.com/hCHtteKt <-- fine, new box
<storrgie> anyone using tomato firmware?
<RoyK> what is that ?
<storrgie> router firmware for wrt routers
<vraa> storrgie, i use tomato firmware, i switched from dd-wrt becaue dd-wrt was too complicated
<RoyK> how many cpus does linux support these days?
<RoyK> 256 or so?
<storrgie> vraa: it seems that all of my traffic, when QoS is on I only get 10% thoroughput
<vraa> maybe your qos settings are not correct? did you set your inbound and outbound speeds correctly? btw i dont think this is related to ubuntu-server :)
<storrgie> vraa: I know its not related to ubuntu-server but tomato has ZERO irc community
<vraa> RoyK can't you use BFS for more than 1000 core support?
<storrgie> I cant find anyone to help me
<vraa> :) try to double check your inbound/outbound maxes, also check how you are classifying your traffic
<RoyK> vraa: http://en.wikipedia.org/wiki/Brain_Fuck_Scheduler?
<vraa> yah
<vraa> i believe it's designed more NUMA or something
<RoyK> what a nice name :)
<therian> is it any good?
<vraa> if it ain't broke, dont fix it
<vraa> in regards to "is it any good"
<vraa> if you have 500 cores and things aren't working well, i'm sure BFS would be a viable thing to try out
<vraa> but me, on my single core pIII laptop? i'll stick with whatever is default
<RoyK> just installed this 16-core thing - it'll be interesting to see how the load is distributed when they start the models
<vraa> dual 8core opteron right RoyK ?
<RoyK> yes
<RoyK> 64 gigs of ram
<RoyK> chewing volcanic ash transport models
<RoyK> or simply particle transport models
<enav> good morning
<RoyK> good evening
<aoeuhtns> good afternoon
<therian> good afternoon
<therian> fuck
<aoeuhtns> :-)
<therian> ;p
<RoyK> good localtime();
<therian> lol
<_3ies> Good morning, and in case I don't see ya, good afternoon, good evening, and good night!
<therian> oh night
<therian> i forgot that one
<_3ies> :))))))))))))))))))))))))))))))))))))))))))))))))
<_3ies> it is from the truman show
<RoyK> http://karlsbakk.net/top-16.png
<guntbert> !language | therian
<ubottu> therian: Please watch your language and topic to help keep this channel family friendly.
<ziesemer_> I've been looking into denyhosts or fail2ban to help prevent some server attacks.  Both appear to only work by parsing log outputs from /var/log/syslog, etc.  Isn't there a more efficient method?  I.E., is there a syslog "consumer" that can be used?
<aoeuhtns> RoyK, 48GB of swap?!
<RoyK> no, 16
<therian> my bad
<RoyK> but ubuntu 10.04 comes with this compcache thing, swapping to compressed memory
<aoeuhtns> interesting
<RoyK> planning to use some SSDs for the swap
<RoyK> some of the models can use way more memory than the 4GB per core that's in there now
<lolufail> hi
<lolufail> !
<lolufail> what does the "virtualsiation" checkbox during installation do? just that networkbridge?
<uvirtbot> New bug: #580674 in irqbalance (main) "Not stoppable/restartable via initctl" [Undecided,New] https://launchpad.net/bugs/580674
<axisys> how do I install sun storage CAM (common array manager) in ubuntu ? i need to manage my sun storagetek 6140
<bluethundr_> I am trying to use standard networking tools like nslookup and dig on an 8.0.4 Hardy box... but they are curiously absent. what package installs these?
<RoyK> bind-utils
<tannerb> I'm not sure about hardy, but probably dnsutils.
<RoyK> or bind9-utils
<tannerb> Or exactly what RoyK said.
<RoyK> nslookup is old - use 'host' or 'dig'
<bluethundr_> RoyK, thx!
 * RoyK just got an email from the CEO congratulating a server setup - not bad
<uvirtbot> New bug: #580700 in cyrus-sasl2 (main) "Package is actually called "sasl2-bin"" [Undecided,New] https://launchpad.net/bugs/580700
<bluethundr_> I have updated my serial number in my dns db and restarted bind and made sure my mx was correct, but when I use dig -mx it doesn't see the mx record
<bluethundr_> http://pastebin.com/KH3adera
<RoyK> perhaps $ORIGIN hasn't been set before the MX line
<RoyK> set $ORIGIN to your domain name in the start
<enav> i need help.... i want to limit a SSH user to specific folder "/home/www".... i have 2 days trying to do this reading manuals and articles but nothing works
<RoyK> $ORIGIN mydom.tld
<guntbert> bluethundr_: all on the same machine?
<RoyK> enav: you need to chroot the user - not trivial
<RoyK> enav: use a vm instead
<enav> i tried that several times in several ways and still not working propertly
<bluethundr_> guntbert, yes, and this config file is an exact copy of another dns db file that works, only with the values for this machine subtituted
<RoyK> enav: see message above
<guntbert> bluethundr_: I asked because dns propagation can take surprising long time :-)
<enav> RoyK use a vm instead???
<RoyK> enav: chrooting ssh is not trivial
<enav> RoyK what that means
<RoyK> either use other access methods or use a virtual machine
<bluethundr_> this one works and I can't see any substantive difference between this one and the one that doesn't
<bluethundr_> http://pastebin.com/dVDVRyWn
<bluethundr_> guntbert, ah ok.. yes but this is all local the machine having the issue
<uvirtbot> New bug: #580708 in cyrus-sasl2 (main) "Can't run multiple saslauthd daemons as per the documentation" [Undecided,New] https://launchpad.net/bugs/580708
<RoyK> bluethundr_: add $ORIGIN mydomain.com. around $TTL
<guntbert> bluethundr_: ok - sorry to hear - no solution from me either
<bluethundr_> RoyK: on it, I'll let ya know
<enav> RoyK i though chroot limit a specific user to a specific folder... but this not works
<RoyK> as I said, chrooting ssh sessions is not trivial
<RoyK> use a vm for that
<enav> RoyK  what do you mean with trivial???
 * RoyK points enav to dictionary.com
<enav> RoyK do you mean chroot is not easy to configure?
<RoyK> not for ssh clients
<RoyK> what are your needs?
<RoyK> isolating all clients inside a jail?
<enav> RoyK do you know a good text or website to chroot ssh users???
<RoyK> if so, why?
<enav> well i have an Admin account and a Webmaster account... i just whatn to jail webmaster accoutn to "/home/www" folder that is all
<enav> i have 2 days trying to do this
<RoyK> use ftp
<qman__> no, use sftp-only
<RoyK> ftp over ssl is secure
<RoyK> and trivial to configure
<RoyK> ftp over ssh means the user will be given access to whatever's open
<RoyK> enav: I'd guess securing your system, home directories and so on, will be easier
<RoyK> just give www or whatever access to the files needed
<qman__> not if you configure ssh correctly
<qman__> recent versions can limit it to sftp and chroot right in the sshd config
<enav> im give up with SFTP
<qman__> no special jailing setups required
<RoyK> how do you chroot ssd/sftp?
<enav> let me try that you say now
<RoyK> qman__: url?
<qman__> I'm looking for the doc
<qman__> http://www.debian-administration.org/articles/590
<RoyK> qman__: thanks
<qman__> it's way easier than the old style jailing
<RoyK> seems so, yes
<RoyK> thought it was harder
<qman__> the version of openssh in hardy is older and doesn't support that
<qman__> but the current versions do
<qman__> I've set up a few old style jails with jailkit, no simple task
<enav> qman__ is a hell
<enav> qman__ your article look great but can i use this to jail an user not a group to a specific folder not a home folder????
<qman__> enav, yes
<enav> qman__:   Match group sftponly  --->   Match user webmaster    really?
<qman__> not sure if that's the syntax, but you can match per user
<qman__> let me find more information
<enav> wait a sec
<enav> your article work for you? i mean did you try it before?
<qman__> http://prefetch.net/blog/index.php/2006/09/05/limiting-access-to-openssh-directives/
<qman__> Match User username
<qman__> the way Match blocks work, is they include all of the directives below it until there is another Match block or the end of the file
<qman__> so place them at the bottom
<enav> ok  let me try again
<enav> because i did this a lot of times
<qman__> the one caveat I'm noticing is that the chroot directory must be owned by root
<qman__> other than that, it's straightforward
<enav> ok
<tannerb> Wow, I hadn't looked at doing chrooted stuff securely for years and that's about a bah-jillion times easier.
<qman__> you're telling me
<qman__> the old way was a total pain
<tannerb> Yeah, and by the time one would get close to getting it working properly, you'd have to find another goat to sacrifice.
<enav> im feeling the pain now
<enav> qman__  chek this http://pastebin.com/YmgedfRg
<qman__> that's correct
<qman__> but where's the rest of the configuration file?
<enav> i just copy paste an little section
<qman__> ok
<qman__> I noticed that the default configuration has this in it
<qman__> Subsystem sftp /usr/lib/openssh/sftp-server
<qman__> you will want to change that over/remove it
<enav> yes you ned to change it
<qman__> two Subsystem sftp lines will break it for sure
<enav> i delet the original 1 and add the new 1
<qman__> ok
<qman__> then, chown root:root /home/www, and service ssh restart
<ziesemer_> What is the impact of the "owner" provided to tunctl ?
<Jeeves_Moss> afternoon all!
<gregcoit> is it possible that S99mysql isn't waiting for S98rc.local to finish in lucid?
<gregcoit> and is this somehow related to upstart?
#ubuntu-server 2010-05-15
<gregcoit> how can I force /etc/rc4.d/S99* to wait for S98 scripts to finish before firing off on boot?
<gregcoit> would there be a better place to ask an upstart-related question?
<gregcoit> nm, there is an #upstart channel....
<therian1> hey guys, anyone know a command to probe your local network?
<therian1> thanks
<qman__> you'll have to be more specific
<therian1> for command line
<therian1> i want to ssh into my box at work
<therian1> then into another box
<therian1> but i dont know its ip
<qman__> nmap is the best port scanner I know of
<qman__> it isn't included by default, you will have to install it
<therian1> thanks qman__ ill try it
<qman__> the command you'll want to use should look like
<qman__> sudo nmap -sS -p 20 192.168.1.0/24
<qman__> err, -p 22
<qman__> and obviously use your network range
<therian1> thank you qman_
<therian1> Error #487: Your port specifications are illegal.
<qman__> that exact command works here
<therian1> hmm
<therian1> oh my bad
<therian1> i forgot the -p 22
<therian1> i changed the /24 lol
<qman__> heh, yeah, that's CIDR notation
<therian1> thanks qman__ worked great
<therian1> now i just have to figure out which ones mine lol
<therian1> is there a way to resolve host names?
<qman__> well, you could reverse dig each one
<qman__> there might be an option for that in nmap, but there's a lot of them
<qman__> prepare to read the manual for a while
<therian1> could you briefly explain reverse dig please?
<resno> just did a fresh install and my nic isnt working, at all. i cant get it in ifconfig
<qman__> dig -x 1.2.3.4
<therian1> thanks qman__ :0
<therian1> :)*
<nerdy_kid> so i am a total newb at this, i have a basicly non configured apache server running on one pc and thats all i can handle.  I am curious as how i would go about getting more then one server serving data, sort of like dual core only with servers.
<resno> dual core with servers?
<nerdy_kid> i mean like so when i request a file from an IP, that multiple servers serve the data back to the requester
<nerdy_kid> resno ^^
<resno> nerdy_kid: im not sure what you are trying to do. so im hoping someone smarter will respond
<resno> are you saying multiple phyisical servers?
<nerdy_kid> resno yeah serving the same IP
<resno> you mean like doing load balancing?
<nerdy_kid> resno yesss
<nerdy_kid> exactly :)
<resno> oh, i havent done anything with that. ive been meaning to try it out, but havent yet
<nerdy_kid> is it a largly complex thing to do?
<resno> i havent done anything with it, so you are asking the wrong person. google or #apache2 would be a good place to start
<nerdy_kid> resno ok thanks :) at least now i know what it is called :)
<resno> sure, thatll give you something to search for
<nerdy_kid> resno yeah thanks :D
<fried_pe1guin> ah, much better
<therian1> anyone know how to output to file with wget?
<fried_pe1guin> what are you looking to output?
<therian1> im wgetting a page, then comparing it to another file
<therian1> i want wget to output to a file
<therian1> i tried wget -o file
<therian1> but no workie
<fried_pe1guin> just tried wget sitename >> file and (|) file with no success either
<fried_pe1guin> what about wget file && diff?
<therian1> fried_pe1guin: i did try that
<fried_pe1guin> kvm question: do I want VT support enabled in the bios for kvm?
<therian1> ah got it to work
<therian1> silly me
<therian1> big O not little o
<therian1> ok i found the problem, there is a & in the url
<therian1> so when ever i try to run wget it tries to run everything after the & as another command
<therian1> anyway to get it to stop that?
<ziesemer_> Put it in quotes.
<ziesemer_> The whole URL.
<therian1> thanks ziesemer_
<ziesemer_> Single will work best.
<therian1> awesome thanks ziesemer_
<therian1> worked like a charm ;p
<therian1> still dont see how charms work tho...
<therian1> anyone use google reader?
<qman__> fried_penguin, yes
<uvirtbot> New bug: #580800 in postfix (main) "package postfix 2.7.0-1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 75" [Undecided,New] https://launchpad.net/bugs/580800
<dominicdinada> need a hand with fstab
<enav> qman__ my SFTP apparently is working good
<enav> i need a little orientation  this article http://is.gd/c9lXs  have several times this "chroot()"   what is that is a function???
<hink> Is it possible to have primary and backup ubuntu repos? i.e. update from the local mirror .... if the local mirror fails to respond, try ubuntus mirror
<uvirtbot> New bug: #580819 in clamav (main) "package clamav-base 0.96 dfsg-2ubuntu1.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/580819
<enav> the good of filezilla is that its shows you with messages what is exactlyy happening woth your connection
<enav> ouch!!! wrong chat
<joschi> I installed the package
<joschi> I installed the package 'postgresql', purged it, an reinstalled it
<joschi> now the configuration files in /etc/postgresql are missing
<joschi> how can I regenerate them?
<joschi> or how can I make aptitude install them again?
<RoyK> should be there when you reinstalled
<joschi> RoyK: the truth is much, much uglier >(
<joschi> I had to purge the postgresql packages (and its dependencies), the needed to manually delete /etc/postgresql, /etc/postgresql-common, delete the user and the group 'postgresql' and run 'dpkg -P' on all the postgresql packages
<joschi> then, and only then, a new installation of postgresql-8.4 would create the files in /etc/postgresql
<RoyK> what about postgresql-common or whatever it's named?
<RoyK> http://karlsbakk.net/top-16.png <-- nice
<joschi> RoyK: /etc/postgresql-common or the package postgresql-common? anyway the directory /etc/postgresql-common was recreated as it should be without the "purging stunt". just /etc/postgresql was the problem
<RoyK> joschi: which distro version is this?
<joschi> karmic
<joschi> RoyK: https://bugs.launchpad.net/ubuntu/+source/postgresql-8.2/+bug/108296 suggests that this problem exists for a long time now...
<uvirtbot> Launchpad bug 108296 in postgresql-common "missing /etc/postgresql/ after uninstall/reinstall" [Undecided,Invalid]
<RoyK> joschi: I can upload the default /etc/postgresql* files somewhere, for lucid, but I don't have access to any Karmic boxes from here
<joschi> RoyK: thank you but that's not necessary
<RoyK> k
<joschi> RoyK: after purging everything related to postgresql (e. g. manually removing the user and the group "postgres"), aptitude recreated the directory
<RoyK> ok
<joschi> RoyK: but I find it quite disturbing that this bug (?) survived since april 2007
<RoyK> it's flagged invalid
<joschi> yes, I know. even more disturbing IMHO
<joschi> just tried it on a lucid test machine. problem still occurs. :(
<RoyK> that's a bitch
<RoyK> try reopening the bug
<joschi> RoyK: yep, just reopened it/expanded it to cover postgresql-8.4
<elnur> A question about BIND9. Is using wildcard (*) for all subdomains a bad idea? Should I define a line for every subdomain I have?
<imjustmatthew> elnur: I explicitly define each subdomain
<imjustmatthew> elnur: though I don't know why wildcard would be bad
<elnur> imjustmatthew, then why do you define them explicitly? what is your reasoning?
<imjustmatthew> I define them each explicitly to make it easier for me to maintain my config files
<imjustmatthew> some of them are shared accross servers since some are fron-facing DNS and some are LAN facing
<imjustmatthew> that sentence had to many somes...
<imjustmatthew> some of the subdomain configs are shared accross servers since some of the servers are front-facing DNS and some are LAN facing
<elnur> imjustmatthew, and how does that affect to your choice? I don't get it
<elnur> The only problem I know with explicitly defining every subdomain is that you have to wait while global DNS records update for every subdomain you add.
<imjustmatthew> I've never had a problem with that, but yes, you are right that could be a downside if you change the records frequently
<elnur> imjustmatthew, ok. thanks for your help
<JanC> putting them in explicitly (and removing them when not used anymore) might be useful to remember what you actually use  ;)
<uvirtbot> New bug: #580891 in samba (main) "samba filenames wrong" [Undecided,New] https://launchpad.net/bugs/580891
<RoyK> how many cpu cores does ubuntu server support?
<RoyK> as in out of the box
<Tweeda> RoyK, that's likely limited to the 2.6.32 kernel which is likely significantly higher than you'll find available via Intel and AMD processors and related mainboards.
<RoyK> what is that? 64? 256?
<Tweeda> the out of the box ubuntu 10.04 server kernel looks like CONFIG_NR_CPUS=64
<RoyK> should suffice even for a quad 12-core
<penguin42> should only be a problem for those lucky guys with an 8 socket system
<resno> i am trying to setup a virtual server and am looking for suggestions on what to use.
<resno> xen, kvm or vmware
<andol> resno: Well, unless you have any specific preferenses or reasons, go with KVM. If nothing else because that's what has been closest integrated into Ubuntu.
<RoyK> penguin42: those opterons are only made for quad usage anyway - not enough hypertransport links for more
<resno> andol: ive heard that it doesnt work on every platform. how can i check to see if itll work?
<resno> im not running a desktop as a server
<resno> im running a desktop as a server
<Tweeda> resno: egrep '(vmx|svm)' --color=always /proc/cpuinfo
<Tweeda> if you get output, your cpu supports kvm
 * resno crosses fingers
<resno> no such luck
<resno> so whats the next best option?
<Tweeda> you're stuck with xen
<andol> resno: Are we talking about always-availible servers, or just something to use for testing and/or development?
<resno> andol: it will be always on. running services for my home network
<resno> Tweeda: and xen is hacky setup from what ive tried on the ubuntu docs
<resno> s/docs/wiki/
<Tweeda> resno: agreed.  I run centos5 for my last remaining Xen host
<resno> Tweeda: is it easier to setup in centos?
<Tweeda> A Xen host?  Yes, it's available as an optional kernel and from the same codebase redhat supports commercially.  It works.
<Tweeda> Setting up a Xen host (Dom0) in Ubuntu is a bit of work as resno related
<andol> resno: Also note that Debian has a pretty good Xen integration.
<andol> resno: http://wiki.debian.org/Xen
<Tweeda> might also look at a cpu upgrade :)
 * Tweeda hasn't tried debian Dom0
<resno> Tweeda: maybe, i doubt ill need a better cpu. ill only need more hard drive space :)
<Tweeda> resno, oh, before you take the xen plunge, you might want to check settings in your bios.  Often, the factory settings disable virtualization support on the cpu.
<resno> debian has its own version naming conventions, ):
<andol> Tweeda: We run our fair share of that at work.
<Tweeda> andol, then debian would probably be closer to home than centos.
<andol> Tweeda: My thought exactly :)
<andol> resno: But as Tweeda say, first take a peak at your BIOS settings, and see if there's an option to enable hardware virtualization, or so.
<Tweeda> I'd still rather pick up a cpu that supports virt and run kvm
<resno> Tweeda: what cpus support it?
<Tweeda> most new cpus.  it's usually listed in the tech specs.  well, tech specs worth their salt.
<Tweeda> I run kvm on really cheap amd cpus with little fuss
<resno> what do you consider "new cpus"?
<Tweeda> last few years
<andol> resno: As a very general rule of thumb, if the cpu is 64-bit, it likely also has hardware virtuzliation support.
<penguin42> RoyK: Oh didn't know the 12 cores were limited to 4 sockets; still you can do 8 socket on Nehalem-Ex and I think thats hyperthread, so you cang et 8x8x2->128 threads
<penguin42> andol: Except the bottom end ones - like this lapto
<penguin42> p
<RoyK> penguin42: I guess 48 cores will suffice for most use :Ã¾
<Tweeda> resno, what CPU are you running?
<RoyK> any suggestions for which benchmark suite I should use to benchmark a 16-core system?
<RoyK> I'm curious about memory bandwidth - it's an amd system, so it should be good, but it'd be nice to see the actual numbers
<resno> Tweeda: p4
<penguin42> RoyK: It really depends what you want to do with it; I'm always a slave for compile times - make -j  is always fun :-)   But are you a databasey person or a supercomputery maths person?
<RoyK> this system is meant for doing modelling
<penguin42> well then give it one hell of a model
<RoyK> volcanic ash chewing :Ã¾
<penguin42> RoyK: You might better fan filters for that :-)
<RoyK> hehe
<RoyK> after EyjafjallajÃ¶kull started farting, we've had a lot to do at work
<mcas> RoyK: what do you work ;-)
<RoyK> nilu.no
<mcas> ah ok :-)
<RoyK> that new 16-core machine has something like the same cpu power as the other eight boxes they've using for models so far :)
<RoyK> 64 gigs of ram should probably suffice even for this :Ã¾
<RoyK> how do I disable samba on lucid?
<RoyK> doesn't seem to be anything under /etc/rc2.d
<NativeAngels> hello has anyone here used a sunfire v100
<RoyK> not with ubuntu....
<NativeAngels> but you have used one
<Tweeda> RoyK: /etc/init.d/samba4?
<RoyK> I think we have a few running s10
<RoyK> Tweeda: samba4?
<RoyK> Tweeda: anyway, the init.d script isn't run directly, mostly from /etc/rc2.d
<NativeAngels> ive  been given 3 and i need to know how to set them up
<ivoks> NativeAngels: i have couple of sunfires, why?
<Tweeda> RoyK, I use rcconf, so if /etc/init.d/samba4 exists: rcconf --off samba4
<ivoks> NativeAngels: that's sparc, right?
<NativeAngels> ive never used rackmounts before
<NativeAngels> but always wanted a rackmount
<RoyK> NativeAngels: the problem isn't that they're rackmounted, but iirc they don't have a graphics card
<NativeAngels> and someone was giving them away
<RoyK> you may have to add a graphics card or install using a serial console
<ivoks> serial console, of course
<NativeAngels> ok
<NativeAngels> and how do i do this
<ivoks> but, if it's a sparc, lucid won't work at all
<ivoks> sparc is being removed even from ports archives
<RoyK> it's sparc
<NativeAngels> i also go given a sun ultra 5
<RoyK> oh
<RoyK> throw that away
<RoyK> ATA3 controller and not very fast cpu
<NativeAngels> ive been reading a few sites on the v100 it was saying about a console cable
<ivoks> yeah... if no one steps up to mainatain sparc arch in lucid, it will die by feature freeze
<ivoks> NativeAngels: yes, you need console cable
<NativeAngels> where can i get these from
<knutmithut> hello.. i'm having problems with the kerberos authentication.. i dont know how to access home folders using kerberos and nfsv4
<NativeAngels> would the likes of pc world have one ?
<knutmithut> i've already added the user to the kerberos principals and received a ticket, but can't cd to ~
<ivoks> iirc, sun machines have special version :)
<ivoks> but i might be wrong
 * incorrect goes to his garage and returns with a hand full of cables for NativeAngels 
<incorrect> pc world won't but most geeks will have a garage full of them
<RoyK> NativeAngels: I guess you can find the pinout somewhere on the web - get a serial cable, clip it, fasten the correct cables to an RJ45 plug
<RoyK> NativeAngels: or you might want to call Sun^WOracle and buy one from them, it probably won't cost more than $200 or so
<NativeAngels> eeks
<Jeniczek> Hi there
<Jeniczek> DId anyone solved the kjournald2 ext4 problem or is there a known fix for this?
<NativeAngels> are you in the uk incorrect
<RoyK> http://www.sunhelp.org/unix-serial-port-resources/serial-pinouts/
<incorrect> NativeAngels, yes
<NativeAngels> do you have any of these cables ?
<Jeniczek> Am now unpacking 240k email for setting up a mailserver and I can see, that every 5seconds or so it waits unitl some kjournald writeouts
<incorrect> NativeAngels, i have boxes and boxes of stuff
<NativeAngels> me to
<NativeAngels> but not them
<incorrect> best thing to do is subscribe to a local recycle mailing list
<RoyK> NativeAngels: http://www.sunhelp.org/unix-serial-port-resources/serial-pinouts/
<incorrect> or make it as RoyK points out
<incorrect> more fun to make it
<RoyK> soldering a D-sub is a bitch, but just using an already soldered serial cable is trivial
<incorrect> a 9pin is easy
<incorrect> a 15pin vga is hard(er)
<Jeniczek> so no one know ?
<Jeniczek> everybody running ext4 without a problem?
<Jeniczek> I just wonder, becasue google showed me hundreds of fucked up ppl
<RoyK> I just installed my first box with ext4
<RoyK> works so far, although I haven't been micromonitoring it
<incorrect> Jeniczek, for a year
<incorrect> i have 30 servers on ext4
<incorrect> its xfs i've had problems with
<Jeniczek> well, I am not a LInux guru, but If i clearly see, that unpacking 100gig archive takes more than hour and I cann see taht every 5 seconds kjournald2 and pdflush blocks the unzipping process
<RoyK> incorrect: out of interest - what problems?
<Jeniczek> then I know it is fucked up :(
<Jeniczek> http://bbs.archlinux.org/viewtopic.php?id=84953
<RoyK> Jeniczek: bad hardware?
<Jeniczek> https://bugs.launchpad.net/ubuntu/+bug/442443
<uvirtbot> Launchpad bug 442443 in ubuntu "kjournald2 writes to disk about every 10 seconds" [Undecided,New]
<Jeniczek> and so on and so on
<incorrect> RoyK, just file corruption
<RoyK> incorrect: that's quite bad
<Jeniczek> well, its a 1200Euros PCIE card
<Jeniczek> and I havent got any issues on ext3 afaik
<RoyK> incorrect: I was using xfs a lot earlier, never seen anything like corruption, though
<incorrect> let me see iotop doesn't show that for me
<Jeniczek> and as I can see a lot of ppl around having that problem
<RoyK> Jeniczek: how much data is on that?
<Jeniczek> so its definately on my side
<incorrect> my ext4 system is fine
<ivoks> Jeniczek: upgrade from ext3 to ext4?
<Jeniczek> RoyK 3 RAIDs, 1 74gig RAID1, 1 2.3TB RAID5 and 1 3TB RAID5
<Jeniczek> no
<Jeniczek> clean install
<RoyK> if you can handle the downtime, downgrade to ext3, that works
<incorrect> my 15tb array doesn't have problems on ext4
<RoyK> but moving 5TB+ will take some time
<Jeniczek> well I dunno how to downgrade to ext3 from ext4 workin system
 * RoyK uses zfs for storage
<Jeniczek> the RAID is now almost empty
<Jeniczek> am now fillin it up
<RoyK> you can't downgrade, only mkfs
<Jeniczek> so if it really is ext4 issue, than now is the rigt time to do it
<Jeniczek> hm
<RoyK> what will ext4 help?
<RoyK> over ext3?
<RoyK> ext3 is pretty rock stable
<Jeniczek> dunno, ext4 was the default
<Jeniczek> so i chose it
<RoyK> I'd say recreate the filesystems
<RoyK> move the data
<RoyK> wait for someone to fix the bugs
<incorrect> other way round
<incorrect> move data then recreate fs;)
<Jeniczek> can you help me with the recreate command?
<RoyK> obviously, yes
<Jeniczek> am in a biiig hurry, I got one hour :(
<ivoks> mkfs.ext3 :D
<RoyK> Jeniczek: move the data to somewhere, mkfs -t ext3 on the now unused fs, move the data back, etc
<Jeniczek> well, ill man mkfs then
<ivoks> i still don't understand what's the problem
<incorrect> rsync localfile/* remotehost:/somewhere/
<RoyK> ivoks: bad i/o performance
<ivoks> the fact that kernel is flushing data to disk?
<incorrect> mkfs.ext3 /dev/something or other
<incorrect> rsync remotehost:/somewhere/ localfile/*
<incorrect> oh wait i forgot to unmount and mount
<RoyK> rsync -a
<Jeniczek> the problem is, than right now am unzipping the 100GIG archive, and every 5 to 10 seconds a kjournald2 and pdflush stops the whole unzip process, does somethin, and then it keeps goin
<ivoks> yeah, it's flushing data to the disk :)
<RoyK> Jeniczek: are any of those filesystems empty?
<Jeniczek> nope
<Jeniczek> but not full so much
<Jeniczek> the mail raid5 is almost empty
<Jeniczek> am now setting it up
<RoyK> Jeniczek: then move the data around to empty one
<RoyK> then recreate an ext3 fs on that
<RoyK> then check if you see the same behaviour on ext3
<Jeniczek> /dev/sdc1 1.4T 215G 1.1T 17% /var/mail
<Jeniczek> /dev/sdd1 2.7T 48G 2.6T 2% /var/storage
<ivoks> but it would still need to flush data to the disk
<RoyK> if you do, it's not an ext4 problem
<ivoks> otherwise, there wouldn't be anything on the disk :)
<RoyK> just move the storage over to mail
<ivoks> ext3 does it every 3 seconds
<Jeniczek> well, i need to move the mail to the storage
<ivoks> ext4 every 5 or 10
<Jeniczek> ivoks so what do you think that causes this problem?
<RoyK> Jeniczek: there's more than four times as much on mail as there is on storage
<ivoks> these aren't problems
<ivoks> that's how systems work
<ivoks> pile up data in memory
<ivoks> and then flush it onto disk
<Jeniczek> so why is it so slow?
<RoyK> what sort of drives?
<RoyK> how many?
<ivoks> cache on your raid card?
<RoyK> hardware or software raid?
<Jeniczek> hardware
<ivoks> did you enable cache on it?
<Jeniczek> 256MB, BBU included, 3ware 9650
<Jeniczek> 12Ports
<ivoks> there's tw_cli utility
<RoyK> is the write cache enabled?
<ivoks> download it and enable write cache
<Jeniczek> how can I found it out?
<ivoks> tw_cli
<RoyK> either with tw_cli or rebooting into 3wares bios
<incorrect> oh god not a 3ware
<Jeniczek> I have installed the 3ware utlilty which set ups some kind of web server and allow me to connect to a WEb based gui to control those raids
<RoyK> what's wrong with 3ware?
<incorrect> i found my 3ware controller was slower than software raid5
<RoyK> I've used 3ware for years - works well
<ivoks> Jeniczek: you can use that too
<ivoks> 3ware rulez
<ivoks> xfs too
<RoyK> incorrect: software raid usually beats it all
<ivoks> xfs on 3ware = success :)
<Jeniczek> what i have heard, 3ware is a good raid card
<RoyK> it is
<Jeniczek> okey
<incorrect> not in my experience
<Jeniczek> so what should I do now?
<Jeniczek> about the cache
<incorrect> my PERC6's blew the 3wares away
<Jeniczek> fuck dell :P
<RoyK> if you can reboot the box, do so, hit alt+3 during boot
<RoyK> check if write cache is enabled
<RoyK> it normally is
<Jeniczek> RoyK I can reboot it, but am not in the same city the box is atm, and i dont have a KVM
<Jeniczek> so I can get into Alt 3
<RoyK> ok
<ivoks> Jeniczek: you said you installed web utility?
<Jeniczek> but I can get to the web based thing
<RoyK> then you need tw_cli
<knutmithut> anyone has an idea, why nfsv4 maps users to nobody on the client?
<incorrect> i benchmarked dell, hp, supermicro
<ivoks> Jeniczek: then use it
<Jeniczek> well, ill try to dig fro some cache thing in there now
<incorrect> out of all the servers dell came top other than for disk, but that was because hp put nearline sas drives in
<ivoks> JanC: there's controler settings in management
<incorrect> i put the near line sas drives in the dell and it blew the hp away
<ivoks> bah
<ivoks> Jeniczek: ^^
<ivoks> Jeniczek: you'll see Unit Write Cache setting
<Jeniczek> okey, mmt
<Jeniczek> hm
<Jeniczek> it seems its enabled :(
<Jeniczek> ivoks http://i40.tinypic.com/2d2a9eg.jpg
<ivoks> is logic disk builded or still building?
<Jeniczek> is this it?
<ivoks> Jeniczek: protection?
<Jeniczek> I dunno, thats the system disk
<Jeniczek> or the system raid
<ivoks> you are copying to raid1 or raid5?
<Jeniczek> raid5
<Jeniczek> i have copied the 100gig archive to the MAIL RAID5 array
<ivoks> ok, give me screenshot of 'summary'
<Jeniczek> and now am unzipping it there
<ivoks> doh
<ivoks> you are unzipiing 100gb zip of mails?
<Jeniczek> it consists of 264345 mails
<ivoks> that will take some time :)
<Jeniczek> yupp
<ivoks> cause that's mostly text
<Jeniczek> well, but I see that it unzipps cca 65MB/s and then i can see in iostat, that it does nothin just pdflush and kjournald
<ivoks> so the zip ratio is very high
<ivoks> pdflush is writing data to disk
<ivoks> that's what it does
<RoyK> knutmithut: what sort of server?
<Jeniczek> http://i39.tinypic.com/s2zgid.jpg
<Jeniczek> here you go
<ivoks> Jeniczek: click on '2'
<knutmithut> ldap kerberos nfsv4
<ivoks> and then do a screenshot
<incorrect> how much diskspace does the multiverse take?
<knutmithut> and ubuntu 9.04 ;)
<RoyK> knutmithut: both client and server?
<knutmithut> now, current client is 9.10, later will be 10.04
<Jeniczek> http://i39.tinypic.com/2udxoxk.jpg
<ivoks> Jeniczek: you might try disabling 'Queuing' in controller settings
<RoyK> knutmithut: I've seen mapping to nobody when trying without krb from a linux client (solaris server)
<ivoks> never the less, unzipping 100gb of mail is a slow process
<knutmithut> but client uses kerberos also
<ivoks> couse you are unzipping lots of small files
<ivoks> not one big
<Jeniczek> yupp
<gkahla> is hald enabled on ubuntu server? I need automount of USB drives...
<Jeniczek> but some of the are big as well
<ivoks> and most of those are just text
<Jeniczek> yupp
<ivoks> that won't utilize your i/o to the maximum
<ivoks> check out how your CPU is holding :)
<RoyK> knutmithut: check the krb things - perhaps something wrong in there
<ivoks> if you are getting 60MB/s in average, that's actually quite good, considering everything :D
<Jeniczek> well, the cpu is a weak component on the server, our company things, that IT is the last thing to spent moeny for, so am tryin to do my best... event the cars is from ebay ;)
<ivoks> try copying that archive to different name
<Jeniczek> the cpu is opteron 248
<ivoks> and then watch how fast it writes
<Jeniczek> well now its still uznipping
<knutmithut> RoyK: thanks, i will
<Jeniczek> id rather keep this
<ivoks> Jeniczek: let it unzip
<Jeniczek> i need to turn the mailserver on asap
<ivoks> Jeniczek: just do 'cp archive.zip someothername.zip'
<ivoks> Jeniczek: and what how fast does it writes
<Jeniczek> yeah I understand what you mean
<ivoks> just for 10 seconds
<Jeniczek> well
<Jeniczek> the unzipping is done ;)
<Jeniczek> ok lets try it
<Jeniczek> hm
<Jeniczek> occasionaly 170MB/s
<Jeniczek> but then i see another waits for pdflush and so
<ivoks> yep... raid5
<ivoks> man
<ivoks> i told you
<ivoks> pdflush writes data
<ivoks> of course you wait for it
<Jeniczek> hm
<ivoks> you can't read data that's not there
<Jeniczek> so everythin is ok?
<ivoks> yes
<Jeniczek> well, when the pdflush is not active, the speeds hops after a second from 34MB/S to 160 to 180 MB/S
<ivoks> what kind of disks are there?
<Jeniczek> then keeps at 180MBs and then after 3s falls back
<Jeniczek> WD Black
<Jeniczek> 1TBs
<ivoks> Jeniczek: correct, cause then you are copying to the buffer
<ivoks> when pdflush flushes data, you are doing intensive process on the memory
<ivoks> so it's slower
<Jeniczek> the mail array consists of 4 500GBs WD Blacks
<Jeniczek> the storage array consists of 4 1TBs WD Blacks
<ivoks> that's sata, right?
<Jeniczek> yupp
<Jeniczek> 7.2kRPM
<ivoks> that's maximum
<ivoks> i get 220MB/s on my laptop
<ivoks> :)
<ivoks> but that's SSD :D
<Jeniczek> well, but RAID5 should do a lot more I thing
<Jeniczek> especially with BBU and 356MB cache
<Jeniczek> 2
<ivoks> 256 isn't a lot
<ivoks> and that's why you get 170MB/s
<ivoks> when you are filling that cache :)
<knutmithut> RoyK: seems like it was a problem with libnss-ldap or libpam-ldap.. it's still mapped to nobody, but my user now can access the folder
<Jeniczek> hmm
<ivoks> anyway, i have to go now
<Jeniczek> well, I have to give you a HUGE thanks!
<Jeniczek> now am gonna set it up when i know that its ok
<ivoks> run hdpart -tT /dev/...
<ivoks> hdparm
<Jeniczek> wont it destroy any data?
<ivoks> 9650, right?
<Jeniczek> 9550SX
<ivoks> hdparm -tT is testing
<ivoks> 9550?!
<ivoks> that's slow, dude :D
<Jeniczek> well, thats the best for 133Mhz
<Jeniczek> our board doesnt have PCI-X
<Jeniczek> you know what I mean
<ivoks> run hdparm -tT /dev/sda or whatever
<ivoks> sdb
<Jeniczek> in progress
<Jeniczek> /dev/sdb:
<Jeniczek> Timing cached reads: 1834 MB in 2.00 seconds = 917.60 MB/sec
<Jeniczek> Timing buffered disk reads: 132 MB in 3.04 seconds = 43.40 MB/sec
<ivoks> that's slow
<ivoks> very slow
<ivoks> and this has nothing to do with filesystem
<ivoks>  Timing buffered disk reads:  302 MB in  3.00 seconds = 100.54 MB/sec
<ivoks> this is on my 9650
<Jeniczek> hm
<RoyK> ivoks: what block size?
<RoyK> on the raid controller
<ivoks> no time
<ivoks> take care
<Jeniczek> so does it mean that its bad for mail server?
<Jeniczek> on my previous we had much more worse raid card it it was fine
<Jeniczek> am confused a bit right now
<RoyK> it means your raid is slow
<f1yback> dell cerc 6 channel sata?
<f1yback> aka adaptec 2410sa?
 * f1yback ducks
<Jeniczek> well, I dont get why is it slow
<Jeniczek> it cost a lot
<Jeniczek> with the BBU
<f1yback> what raid mode
<Jeniczek> 5
<f1yback> that's why
<f1yback> how many disks
<Jeniczek> 4
<f1yback> ugh
<f1yback> switch to raid 10
<f1yback> you will only have about 50% of your disks as storage
<f1yback> but much better performance
<Jeniczek> but am planning 6 in a week or two
<Jeniczek> 6 disks I mean
<Jeniczek> not RAID 6 ;)
<f1yback> i'd still go raid 10
<f1yback> 5 has health write penalties and random i/o penalties
<f1yback> health/heavy
<Jeniczek> hmmm
<bG303> hello and err help!  got a box that refuses to startup, last message is that mountall cannot mount an nfs volume (nfs isnt there so not suprissing) how can i find out what is going on? how can i get a shell so i can fix this? (sorry first linux box for years and struggling to find out how to diag boot issues)
<Jeniczek> well, it seems the server is runnin
<f1yback> bG303,
<f1yback> raid?
<bG303> yea, md0
<f1yback> oh good
<f1yback> sata? ide? scsi?
<bG303> sata
<f1yback> ok first thing I would do is burn a system rescue cd
<f1yback> and check the drives smart tables
<RoyK> f1yback: that's bullshit - he should be getting better performance with that
<f1yback> if the reallocated counts are higher than threshhold or there's pending
<RoyK> Jeniczek: what block size are you using?
<f1yback> or you see UNC or ATMF or TZNF
<RoyK> on the raid controller
<f1yback> the hd is CANUCKED
<f1yback> RoyK, sorry it's true
<f1yback> raid 5 is a hog
<bG303> ok cant see that being the case as its booting.  i.e. its booting from md0
<bG303> i think something is blocking
<f1yback> yes you can
<bG303> but thanks and i'll start there
<f1yback> it's a sw thing
<RoyK> f1yback: I've been using raid5 on several controllers and it gives good performance
<f1yback> smartctl -a /dev/sda etc
<f1yback> RoyK, depends on the load
<RoyK> f1yback: don't spread too much fud
<f1yback> for basic storage stuff it's fine
<f1yback> dude
<RoyK> his load is pretty basic
<f1yback> WE FOUND OUT THE HARD WAY AT WORK
<f1yback> ok
<f1yback> I don't spread fud
<f1yback> and I threaten to kill people who fuck with people asking for help
<f1yback> know that about me
<RoyK> how nice of you
<bG303> where do i get a system rescue disc from ?
<RoyK> the install cd works for taht
<RoyK> that
<bG303> ok coolio, thankw
<f1yback> yeah the install cd isn't bad
<f1yback> but sysres has more stuff
<f1yback> but up to you
<bG303> mother fucker, samba is up, the box is running, ssh is missing and the no gdm
<bG303> this is fucked up.
<RoyK> if you know linux a little, the install cd suffices quite well
<RoyK> bG303: just boot into single
<f1yback> I been using linux since 96 bro
<f1yback> I used to walk newbies thru kernel compiles etc :P
<RoyK> 94
<Jeniczek> f1yback well, correct me if am wrong, but I cant turn RAID 5 into RAID 10 without data loss, right?
<f1yback> systemrescuecd still is better suited for any data recovery etc
<f1yback> actually some controllers can convert it
<f1yback> as long as you don't exceed the space shrink but you have to shrink your filesystem first
<Jeniczek> hmm, ill investigate mor, but cant see that option in there
<Jeniczek> yeah, thats what i understand
<bG303> RoyK, its actually better as a bunch of Isos are on that volume, saves downloading them, just confused about what its bitching about.  Normally admin solaris and *bsd, this linux malarky screws with my head (quite like the performance those) :)
<Jeniczek> but its 20% full of data, so that wont be the case
<RoyK> bG303: just select recovery mode in the boot menu
<bG303> RoyK, doesnt do anything, cant get a shell on the server or any sort of login
<RoyK> it doesn't boot?
<bG303> well it does but hangs
<RoyK> you said some stuff was running
<bG303> it gets passed networking obviously and is bringing up some services
<RoyK> how do you know?
<bG303> cus i can access them across the network
<f1yback> btw
<RoyK> did you try to boot into single user mode?
<f1yback> DON'T USE FSCK IF YOU HAVE A DYING DISK
<f1yback> :P
 * RoyK takes f1yback's coke
<bG303> RoyK, no idea how to do that with grub
<f1yback> no dude I am serious
<f1yback> I have done like 20 or so hard drive data recoveries
<RoyK> bG303: just press escape, choose recovery mode
<f1yback> it's best to use a tool like ddrescue etc and clone all the sectors to another disk or file
<bG303> RoyK, i tried that, didnt work, got the same console with the error, tried alt+<num> and got nothing but blank screens, the debug??? screen and a rolling ubuntu graphic on the X psuedo
<bG303> but samba is up ?!?!? responds to pings ?!?? odd ness.
 * f1yback goes back to building his ubuntu server vm buildhost
<RoyK> samba shouldn't start if you start in single
<RoyK> X neither
<bG303> no this was a punt let it boot, see what happens
<bG303> i cant get a shell at all RoyK,
<RoyK> did you choose single?
<bG303> recovery gives the same
<RoyK> what error?
<bG303> no login prompt
<bG303> no errors, thats the problem
<RoyK> recovery/single should start in plaintext
<bG303> last think i saw is an error on pts7 with mountall cant mount an nfs volume
<Jeniczek> hm, is there a service that allows me to send a mail with a harmless virus in it so I can test if the antivirus plugin on the mailserver works?
<bG303> s/think/thing
<RoyK> bG303: nfs mounts aren't mounted in single
<bG303> RoyK, there are in my config hahah ;)
<RoyK> bG303: enter grub, edit the kernel line, add "single", boot
<RoyK> bG303: not in single
<bG303> RoyK, sound, brb :)
<RoyK> unless you've fucked up badly
<RoyK> remove splash and so on
<RoyK> doesn't help much for debugging
<bG303> ok grub, 'e', got some insmod etc, guessing i add that to the vmlinuz line ?
<bG303> heh getting memoris yadraskil on a 486 here ho ho
<bG303> ok must have got that wrong as its still booting nfs etc
<bG303> ok 10.4 is fucked.  Definely booted single then but it still fires X
<bG303> cock this, off for food, i'll try fix this later or rm the whole thing and do something else.
<bG303> my life is too short for toy OS's
<ziesemer_> !language | bG303
<ubottu> bG303: Please watch your language and topic to help keep this channel family friendly.
<RoyK> excuse me, ziesemer_, but what is this bitching about language?
<bc> can someone tell me where on the ubuntu site the support timelines are for the various versions? E.g. when does support for 9.04 end?
<jpds> !releases | bc
<ubottu> bc: Ubuntu releases a new version every 6 months. Each version is supported for 18 months to 5 years. More info at http://www.ubuntu.com/ubuntu/releases & http://wiki.ubuntu.com/TimeBasedReleases
<bc> jpds: thank you. I tried every seach keyword BUT releases heh jesus
<jpds> bc: I tend to look at https://wiki.ubuntu.com/Releases myself.
<bc> do-release-upgrade should probaly have a manpage, shouldn't it, even though it wouldn't have much substance? Having it show up in `man -k upgrade` would be helpful.
<RoyK> bc: it's a lot more convenient if people can tell you to RTFM without there being an FM :Ã¾
<bc> RoyK: :D
<uvirtbot> New bug: #581016 in samba (main) "package samba-common (not installed) failed to install/upgrade: sub-processo script post-installation instalado retornou estado de saÃ­da de erro 1" [Undecided,New] https://launchpad.net/bugs/581016
<imjustmatthew> Does anyone know if the lucid server CD runs serial console when you first boot with it? I'm not getting a serial console, but it might be a hardware problem.
<RoyK> imjustmatthew: try console=/dev/ttyS0 on the kernel line
<imjustmatthew> RoyK: you're saying I need to edit the ISO to change the boot options?
<RoyK> what sort of computer is this?
<imjustmatthew> an ALIX from PC Engines
<RoyK> cpu?
<imjustmatthew> Geode LX800
<RoyK> doesn't it have a video card?
<imjustmatthew> nope, only serial
<RoyK> my best guess is to create a boot usb thing and edit grub there
<imjustmatthew> okay, I'll give it a shot, thanks.
<RoyK> given it can boot from usb, that is
<imjustmatthew> yes it can, it's actually a usb cd-rom drive
<imjustmatthew> that I'm booting with now
<RoyK> imjustmatthew: changing a boot cd is a bit of a hassle, but changing a usb stick is easy
<f1yback> imjustmatthew, why not setup serial console to it
<imjustmatthew> flyback: that's actually what I want to do. am I going about it the wrong way?
<f1yback> ok
<f1yback> on the kernel command line
<f1yback> do you know what serial port is it
<f1yback> I assume com1 if it's the only one
<imjustmatthew> COM1
<f1yback> it's
<f1yback> console=ttyS0,speed
<f1yback> console=ttyS0,9600
<f1yback> console=ttyS0,38400
<f1yback> etc
<f1yback> I dunno if the installer will work though in text mode
<f1yback> well you need to force the text mode installer
<f1yback> oh you are
<f1yback> sorry forgot where I am
<imjustmatthew> yes, and I'm dumping it to a USB stick to modify the boot parameter and do the install, unless you have an easier way, which would be awesome
<f1yback> nope that's how I do it
<MTecknology> How can I figure what's causing this and fix it?  WARNING: /etc/ssh/moduli does not exist, using fixed modulus
<penguin42> MTecknology: It's a file that's part of the openssh-client package - it should be there
<penguin42> MTecknology: Uninstalling openssh-client and reinstalling it should fix it
<MTecknology> penguin42: it is there..
<RoyK> floown: how do you go to the kernel command line without a console?
<MTecknology> err.... wrong system
<MTecknology> penguin42: I ran aptitude reinstall openssh-client and it's still not back..
<penguin42> MTecknology: Is the file actually there?
<MTecknology> nnope
<penguin42> I'd uninstall the package and then reinstall it
<MTecknology> I can't without removing openssh-server though - and that would kill my connection :P
<penguin42> MTecknology: According to man moduli(5) you can regenerate one with ssh-ketgen -G and then -T  never done it though
<MTecknology> penguin42: thanks
<incorrect> apt-mirror wtf! can't beat downloading locally
<incorrect> ftw :D
<celeborn999> looking for help on ufw, for some reason i think ufw is mysteriously blocking incoming SMTP traffic despite a rule allowing it
<celeborn999> nmap isn't seeing smtp on 25, nor can i netcat to the server on 25, even though i have a rule that says "25/tcp ALLOW IN    Anywhere". when ufw is off it says "25/tcp  filtered smtp". am I doing it wrong?
<celeborn999> (it says = nmap reports)
<SpamapS> celeborn999: iptables -L -n -v   .. you should see counts go up wherever your SMTP packets are hitting
<celeborn999> with or without ufw enabled?
<celeborn999> and right now i'm not mailing anything, just trying to verify a connection with netcat or telnet
<RoyK> with
<celeborn999> so it's not smtp traffic
<RoyK> iptables -Lvn won't show much unless the rules aren't there
<celeborn999> i'm not sure what i'm looking for...i think i see the line in iptables reflecting the ufw tcp 25 rule. packet count is 0
<celeborn999> do the iptables rules logically go from top to bottom?
<celeborn999> btw i was able to successfully enable an allow rule for ssh, or at least, i can ssh into the server while ufw is supposedly working
<foxbuntu> celeborn999, yes, rules are applied top down
<celeborn999> man, i'm just not seeing the answer here
<celeborn999> my ssh and my smtp rules look identical but one works and the other doesn't
<foxbuntu> celeborn999, pastebin the whole conf
<celeborn999> which file, specifically? i'm working with ufw through the command line e.g. sudo ufw whatever whatever. do you want the output of ufw status verbose?
<foxbuntu> celeborn999, ufw status numbered | pastebinit
<celeborn999> http://pastebin.com/Sj4RjcWf
<celeborn999> i changed the rule from 25/tcp (which is the default for ufw allow smtp) to just 25 (ufw allow 25)
<celeborn999> thinking, who knows, why not
<foxbuntu> celeborn999, well ufw allow 25/tcp is more correct
<foxbuntu> or ufw allow smtp
<celeborn999> well, i might as well change it back then.
<foxbuntu> celeborn999, yes
<foxbuntu> celeborn999, also you can just type "sudo ufw allow ssh"
<celeborn999> that's what i did for ssh
<celeborn999> i did that originally for smtp too but it wasn't working, so i fiddled with it
<foxbuntu> celeborn999, ok, are you sure sshd is running on the target machine then?
<celeborn999> i'm sshing into it right now
<celeborn999> it's remote
<foxbuntu> celeborn999, then what is the problem?
<celeborn999> nmap isn't seeing smtp on 25, nor can i netcat to the server on 25, even though i have a rule that says "25/tcp ALLOW IN    Anywhere". when ufw is off it says "25/tcp  filtered smtp".
<celeborn999> this is nmap from my remote client. if i netcat from the server to port 25 on itself, it connects
<foxbuntu> celeborn999, do you have anything listening on port 25?
<celeborn999> postfix should be listening. when i netcat on the machine to itself and ehlo, it responds with mail messages
<foxbuntu> ok
<celeborn999> and when i disable ufw totally, as i mentioned, nmap will detect smtp
<celeborn999> though nc still doesn't work even with ufw off. really not sure about that
<celeborn999> netstat reports smtp listening
<foxbuntu> celeborn999, can you "telnet remotehost.com 25"
<celeborn999> no, it times out
<foxbuntu> celeborn999, can you do it on the remote machine?
<celeborn999> i don't have a telnet client there and don't want to install one but i can netcat to 25 from the remote machine to itself
<foxbuntu> celeborn999, sounds to me like a postfix config issue not a ufw issue
<celeborn999> how so?
<foxbuntu> celeborn999, postfix has rules to bind to the local address
<foxbuntu> celeborn999, or to accept mail from only x.x.x.x
<foxbuntu> celeborn999, and by default its the loopback
<celeborn999> it could be. i'm not a postfix expert. i followed the guide here https://help.ubuntu.com/10.04/serverguide/C/email-services.html as close as i could, it didn't mention anything about that
<foxbuntu> your ufw rule appears correct
<foxbuntu> celeborn999, yeah, Im no postfix expert myself and it took allot of trial/error to get mine working
<foxbuntu> celeborn999, however, let me poke my cfg and see if I can find the correct section
<celeborn999> this seems to be the key line sudo postconf -e "inet_interfaces = all"
<foxbuntu> celeborn999, thats the main one i think
<foxbuntu> celeborn999, smtp_bind_address =
<foxbuntu> smtp_bind_address6 =
<celeborn999> i don't have that one
<foxbuntu> celeborn999, postconf -v | pastebinit
<celeborn999> i don't want to pastebin my whole conf...what are we looking at specifically?
<foxbuntu> celeborn999, not sure, like I said, Im no expert but looking at yours vs mine could provide insight
<foxbuntu> celeborn999, I understand not wanting to post the whole thing...no biggy
<celeborn999> thanks
<foxbuntu> celeborn999, you could ask around in #postfix too
<celeborn999> thanks again
<foxbuntu> np
<halvors> I get this: "SMTP<< 450 4.7.1 Client host rejected: cannot  find your reverse hostname error" from my postfix server, how to set reverse hostname in postfix
<halvors> ??
<mcas> halvors: that means, that postfix cannot resolve the hostname of your client
<celeborn999> hey foxbuntu, it turns out the postfix problem was the port 25 block some ISPs do. i got around it
<halvors> of the client?
<celeborn999> yeah, blocking destination-port-25 traffic from my client behind a consumer ISP
<celeborn999> totally lame
<celeborn999> halvors btw this is for a problem i reported earlier, nothing to do with the problem you reported
<halvors> but an other problem, th eepost client cant send email with my server, and i get nothing in the logs :(
<axisys> is there a live upgrade like procedure for ubuntu to upgrade server with 100% fall back ?
<penguin42> axisys: No, fall back isn't supported - you may be able to do it if you're running lvm mirrors and take a snapshot
<axisys> liveupgrade in solaris allows to detach a mirror and upgrade the inactive disk and boot from it .. all in three to four commands.. and let you go back to original setup should a fall back is necessary
<penguin42> axisys: Feel free to file a wishlist bug for it - it would be a good feature
<penguin42> (and probably not that hard to do with a good lvm setup)
<storrgie> I am user id 1000 on my laptop, and user 1001 owns a folder on my server that I am sharing via NFS.... is there a way to specify uid in my fstab on my laptop?
<axisys> penguin42: with solaris 10 you can do it even with 1 disk .. you just take a zfs snapshot and then upgrade.. and roll back to snapshot within same disk if have enough space..
<axisys> penguin42: i guess theoretically lvm can be done even with one disk
<penguin42> axisys: Yeh you should be able to do the same on Linux with an LVM snapshot on the same disk - but that does assume you were using LVM and had spare space; and I doubt that the boot loader stuff is smart enough
<axisys> penguin42: hmm
<mcas> storrgie: i mean i read that you can map uids with nfs
<penguin42> axisys: But it would be good to have it automagically set up by an ubuntu install so you could do that
<axisys> at this age in technology that ougta be available.. just thinking out loud
<axisys> penguin42: exactly!
<storrgie> mcas: can i specify uid in the mount line as an option?
<penguin42> axisys: So a wishlist is probably the right thing to do
<axisys> penguin42: with todays technology no i dont want lvm would be the option .. not the other way around :-)
<axisys> penguin42: where do I submit it ?
<penguin42> axisys: from a command line run   ubuntu-bug  ubiquity   (ubiquity is the installer)
<axisys> penguin42: in the meantime i am afraid to upgrade my ubuntu server jaunty to lucid (two upgrades)
<axisys> penguin42: oh ok
<penguin42> axisys: Still, it would be better to get an upgrade done!
<mcas> storrgie: here is a good howto about it http://www.troubleshooters.com/linux/nfs.htm
<axisys> penguin42: yeah.. but.. just in case.. :-(
<storrgie> mcas: so... change my uid on the client
<penguin42> axisys: Are you running md raid ?
<axisys> penguin42: i think so.. forgot to how to check
<penguin42> axisys: Well, would you know how to cope if one of the drives failed in your mirrored pair?
<axisys> penguin42: i have the steps somewhere.. it did not get to the point yet ..
<axisys> penguin42: only done it few million times in solaris..
<penguin42> axisys: Well you see if you were comfortable with doing that I would have suggested a somewhat risky strategy - pull one of the drives and you have a fall back!
<axisys> so in solaris i am expert.. but it is little different with linux.. i remember when i read it first time
<axisys> penguin42: i gotcha
<penguin42> yeh its one of these things that takes some time to get used to
<axisys> penguin42: so wasnt there a command to show md status.. forgot it
<penguin42> axisys: cat /proc/mdstat   will show it
<axisys> pwnguin: nothing there.. checking few servers.
<axisys> one server has this
<axisys> /dev/mapper/nvidia_eeffhbef1
<axisys> so thats dmraid i think.. no?
<penguin42> ah dmraid that's not mdraid (duh obvious?!!!)
<axisys> df -h / btw
<penguin42> it's really dumb we have two similarly named things like that
<axisys> lol
 * penguin42 doesn't no dmraid, only mdraid
<penguin42> kw
<axisys> cat /proc/mdstat
<axisys> Personalities :
<axisys> unused devices: <none>
<axisys> penguin42: found one
<axisys> http://pastebin.com/AN8Uid5G
<axisys> /dev/md1               71G  2.4G   65G   4% /
<axisys> except that one is already lucid
<penguin42> yeh that's a happy two drive mirror
<uvirtbot> New bug: #576233 in samba (main) "package portmap 6.0.0-1ubuntu2 failed to install/upgrade:" [Medium,New] https://launchpad.net/bugs/576233
 * f1yback would like to find the people who invented CAPTCHA and inject them with a poison that will kill them in minutes if they don't get the anidote which is protected by a fucking CAPTCHA
<dominicdinada> Does anybody know of a site with some downloadable Iptables examples that i could learn from ?
<celeborn999> have you considered using UFW?
<dominicdinada> i was working with ufw
<dominicdinada> but i found a nice tool called firewall builder which lets me build firewalls and was giving a hand
<celeborn999> ah ok, sorry no good iptables at hand, i only found out about ufw recently though and find it a lot easier than iptables
<dominicdinada> celeborn999: I know with iptables you can lock everything down and well ufw might be to general.... ie sudo ufw allow samba   allows samba but doesnt specify what remoteaddress's
<dominicdinada> ie sudo ufw allow dns      you get the hint you cant specific who to allow and who to close out...
<celeborn999> according to man ufw it looks like you can specific destination and source ranges
<dominicdinada> really?
<celeborn999> looks like it. no personal experience though
<dominicdinada> well the other problem with ufw is you cant deploy the rule sets either :/
<celeborn999> once you set ufw rules, it looks like iptables gets updated. so you could -- i guess, i haven't done this -- use ufw to set things up and then use iptables to transfer
<dominicdinada> that sounds quite redundant.... www.fwbuilder.org
<dominicdinada> fw builder also configures pix fw's :P
<dominicdinada> configure ufw rules > export > import to iptables > export for deployment > import to each machine
<penguin42> heck fwbuilder looks pretty neat
<celeborn999> the ufw process is kind of a mess
<celeborn999> thinking about it
<dominicdinada> you can export your iptables-save and import it to workon .... in fwbuilder you can make each fw right in one file but configure each machines fw then deploy it...
<dominicdinada> oh i missed a step once you import it the first time from ufw you have to configure the iptables :)
<dominicdinada> !ufw
<ubottu> Ubuntu, like any other Linux distribution, has firewall capabilities built-in. The firewall is managed using the 'ufw' command (see https://help.ubuntu.com/community/UFW), or 'iptables' (https://help.ubuntu.com/community/IptablesHowTo). GUI frontends such as Firestarter/Gufw (Gnome) or Guarddog (KDE) also exist.
<dominicdinada> celeborn999: still playing with fw builder
<celeborn999> dominicdinada: any luck?
<dominicdinada> well No i am looking at something else atm... pre configured  iptables exist i just gotta look more in depth...
<celeborn999> i always found iptables to be obscenely complicated
<dominicdinada> well ufw is a dummies front end but really fwbuilder is awesome you can build a fw for 1 or 100 machines right in the same file :P
<ermo>  Upstart question - I see no services-admin in gnome-system-tools. If I want smbd to start on boot (into the default runlevel), should I use update-rc.d or is there another equivalent tool for upstart?
<jpds> ermo: bug #94065
<uvirtbot> Launchpad bug 94065 in upstart "init: add non-destructive means to disable a job" [Wishlist,Invalid] https://launchpad.net/bugs/94065
<ermo> jpds: (not wishing to be a support vampire) If I want smbd to start on boot, should I use update-rc.d instead of the Upstart related service files? If both are present, which has the
<ermo> 'highest priority'
<ermo> I can't seem to find any clear documentation on help.ubuntu.com in the serverguide, nor on the upstart wiki. But maybe I'm looking in the wrong places?
<jpds> ermo: Is smbd a shell script in /etc/init.d/ ?
<ermo> there is both a SysV style init script (/etc/init.d/smbd) and an Upstart service script (/etc/init/smbd.conf), yes.
<enav> ermo ubuntu server guide is too vague
<ermo> enav: ... I cannot say that disagree. But then again, maybe I'm not in the target audience for that guide '^^
<jpds> ermo: Ah, that's... interesting.
<ermo> that *I disagree ..
<diabolical_> what the hell is the problem i did sudo ufw enable...... reboot and it reverts to inactive upon reboot
<jpds> diabolical_: /etc/ufw/ufw.conf has ENABLED=yes ?
<ermo> jpds: Guess I need to do some more poking around for documentation. *sigh* - I hoped that someone here would have a quick answer <g>
<diabolical_> prob not but why does it state that "diabolical@diabolical:~$ sudo ufw enable
<diabolical_> Firewall is active and enabled on system startup
<diabolical_> " then not change the file.... anyother broken thing
<diabolical_> another*
<diabolical_> ermo: what documentation are you looking for
<ermo> how to autostart services on boot using Upstart, and which file takes precedence if there is both a sysV style init script (/etc/init.d/smbd) and an Upstart service configuration (/etc/init/smbd.conf)
 * ermo has *zero* experience with upstart
<diabolical_> ermo i used ebox and well it took care of it for me
<diabolical_> !upstart
<ubottu> Upstart is meant to replace the old Sys V Init system with an event-driven init model.  For more information please see: http://upstart.ubuntu.com/
<diabolical_> although i personally dont recommend using ebox it is way to buggy
<ermo> Usage scenario: I have an 'always-on' PC which serves as both my internet PC and my SqueezeBox Server. I want to offer access to it via Samba and have samba start up on each boot.
<diabolical_> ermo:  you sure want alot. I will see if i cant get what you need... didnt you install samba when you installed server?
<ermo> diabolical_: I have it all installed and set up and working already. What I want is to have samba start automatically after reboots.
<diabolical_> ermo: i thought it should... especially when bundled in with server :(
<ermo> i.e. I already have samba, but it doesn't start automatically. And the 'services-admin' tool doesn't seem to be shipped with gnome-system-tools (which is maintained by a Ubuntu developer, btw.)
<ermo> Hm. I need to exercise my APT-fu to get a listing of the files installed by gnome-system-tools ...
<diabolical_> although gnome isnt shipped with server
<ermo> Right. I'm in the server channel because I figured that a server channel would have users who knew how to turn on services at boot.
<ermo> I actually have the desktop version of Ubuntu installed. But if that's unsupported or out-of-scope for this channel, I'll get my coat and be off :)
<jpds> ermo: services-admin was removed because it didn't work with upstart jobs.
<jpds> ermo: I would remove the init.d script wiht update-rc.d and then comment out the "start on" line in the init/ file.
<ermo> jpds: Ah, so you suspect that the event that the /etc/init/smbd.conf listens for is never fired?
<jpds> ermo: I understand from that bug report that that's the way to disable upstart jobs.
<jpds> [Until a better disabling tool is created; which is a target for upstart 0.10 which will be in maverick.]
<diabolical_> ermo: http://ubuntuforums.org/showthread.php?t=1235863
<ermo> diabolical_: Thank you. That post implies that I should use Sys V init scripts to control the start up of smbd. I was under the impression the correct way to start services with 10.04 is to use Upstart.
<ermo> (i.e. that post contradicts jpds' advice)
<ermo> start on local-filesystems
<ermo> stop on runlevel [!2345]
<ermo> jpds: I would assume that the above to lines means that Upstart should start smbd after the event 'local-filesystems' is fired and that it should stop smbd in the event that the current runlevel is not 2|3|4|5 ?
<jpds> ermo: I think so.
<diabolical_> ermo:  funny i run samba, gnome etc and my samba starts fine every time i wonder what you changed
<ermo> jpds: a simple grep reveals that /etc/init/mountall emits 'local-filesystems'
<ermo> and that dbus, networking, network-manager and smbd+nmbd all listen for that event.
<ermo> Verrry strange.
<ermo> I'll delete the Sys V init script.
<diabolical_> ermo you could just back up your smb.conf
<diabolical_> and reinstall samba
<diabolical_> why make things more difficult
<ermo> diabolical_: Yes, I could. And I could also fiddle with the config files first and understand the root cause and *then* re-install. If re-installing doesn't fix it, I will know why and can file a (hopefully) useful bug reprt :)
<ermo> report, even
 * diabolical_ says in his best ermo impression *HELP* guys i deleted my mount points, cpufreq and fansettings from sys V now my computer wont boot
<ermo> diabolical_: Uh, I fail to see how that has anything to do with my question.
<ermo> I haven't *deleted* anything. And the suggestion that I delete the Sys V init script was jpds', not mine.
<diabolical_> the answer to your question is you muffed the samba daemon
<diabolical_> while you were prob tinkering
<ermo> diabolical_: You are making assumptions that do not hold up to closer inspection. I installed the samba daemon. I have not 'tinkered' or deleted anything. Since I installed samba, it has not autostarted, although the Upstart service script implies that it should. I'm here trying to understand why.
<ermo> diabolical_: thanks for offering your help, btw.
<diabolical_> well i sent ya the link to get you pointed in the right direction
<ermo> diabolical_: Yes. And I'm telling you that the link you sent me concernts Sys V init scripts from Ubuntu 9.04. In the mean time, Ubuntu has moved to Upstart as its preferred init system, making that post obsolete.
<jpds> ermo: lrwxrwxrwx 1 root root 21 2010-05-15 23:58 /etc/init.d/smbd -> /lib/init/upstart-job*
<jpds> smbdd.conf has trumps.
<ermo> jpds: yeah, I noticed that. I had a look at the source and noticed that it said 'upstart-job' at the top.
#ubuntu-server 2010-05-16
<ermo> jpds: I could try to emit the 'local filesystems' event manuall as per the Upstart wiki.
<ermo> *manually
<enav> need some orientation pleas....   i chrooted a user using these steps http://is.gd/c9lXs  .... SFTP works perfect  but  when i try to initiate a SSH connection its just froze
<penguin42> enav: I *think* that's the ForceCommand internal-sftp line
<enav> hum let me google that line
<penguin42> enav: I think it's trying to force all ssh connections for that user to be only sftp
<enav> nop
<enav> i got 2 accounts  admind and webmaster
<enav> admin have all powers (SSH, SFTP)  but webmaster is chrooted to a specific folder.... so webmaster only can connect via sftp
<enav> i thought chroot an user will jail that user to an specific folder on SSH and SFTP... but for some reason this is disabling SSH cessions
<penguin42> my suspicion is that ForceCommand does more than just the chroot
<ermo> jpds: Right, I think I know how to proceed. Thanks for your time.
<ermo> diabolical_: and thanks for your time too.
<jpds> ermo: No worries.
<ermo> Next up: A forwarding only postfix setup adapted from my previous gentoo configuration. This should be 'fun'.
 * ermo does his *NINJA VANISH* trick
<enav> how do you do that funny trick?
<ruben23> hi guys
<ruben23> happay weekedn to all
<ruben23> happy weekend i mean
<ruben23> hi anyone here a ubuntu a senior sysadmin i would like to ask if i can apply as an apprenttice or trainee...
<ruben23> :)
<SpamapS> ruben23: best way to do that is probably get a lot of real world experience... sign on as a jr. admin at a hosting company maybe?
<ruben23> SpamapS: its not actually areal job but i want to learn the ways and expertise of senior sysadmin..
<ruben23> SpamapS: but thte one your suggesting, hope its possible that would be a good learning ground
<dominicdinada> by  default does the ufw send its firewall rules to iptables and if so when?
<enav> why a folder to jail some SFTP user need to be owned by root?????
<enav> cd /
<RoyK> testing a 16 system live is quite niccce
<chewbranca> so I setup UEC and got everything configured with a node controller as well, but I have not been able to install an image from the store yet
<chewbranca> everytime I do, it downloads and then errors out with: "socket.error: [Errno 110] Connection timed out"
<chewbranca> any ideas?
<chewbranca> same error as here: http://open.eucalyptus.com/forum/store-image-installation-erro
<chewbranca> and http://ubuntuforums.org/showthread.php?t=1444503
<owen1> after upgrading to lucid i can't login. instead of the text-based login i had, i see a wallpaper. the mouse is working, keyboard does not. (it's a desktop that i removed the gdm)
<chewbranca> I get that same error if I try installing M/DB appliance
<owen1> chewbranca: r u talking to me?
<chewbranca> owen1, no, talking about this: http://ubuntuforums.org/showthread.php?p=9306716#post9306716
<chewbranca> bah... getting the same socket timeout when I try and bundle manually as described here: https://help.ubuntu.com/community/UEC/BundlingImages
<chewbranca> nice, managed to figure it out, was a configuration error on the keyboard side of things
<owen1> is it possible to install lucid server from a usb?
<ScottK> owen1: Yes.  Use usb-creator to make a USB key from the server iso.
<owen1> ScottK: will do. is there a way to know in advance if my machine support install from usb? it's a few years old desktop
<xrol> hello, I'm having problems installing server 10.04 64bits, when base install reach 75% it stops reading the cd, and ask me to change media, however, i still can see the content of the disk, any ideas?
<SpamapS> xrol: did you select some special options that maybe aren't on the main cd?
<xrol> no, normal install. I check the ubuntu forum, and the bug is reported some days ago, but there is not an answer yet, I also reburn the disk just in case, but nothing
<xrol> in some place I read that may be a Sony DVD issue with the new ubuntu
<xrol> I mean sony dvd drive
<xrol> here is the link to the ubuntu forum where the problem is presented: http://ubuntuforums.org/showthread.php?t=1468718&page=1
<SpamapS> reading..
<xrol> thanks
<SpamapS> xrol: kind of looks like that link suggests your DVD is a bit suspect
<xrol> the dvd drive?
<SpamapS> thats what everybody seems to be suggesting
<SpamapS> not necessarily the reader, but the burner too.. could be either
<xrol> the problem with that is that I can pess Alt+F2, access the console, and access the dvd contect, from the same server I'm installing, and it doesn't present any read errors, how is taht the installation can't read what I can from the same disk?
<SpamapS> Possibly a checksum fails on a package install.
<xrol> I'll try another burner and another reader, thank you
<owen1> i just installed lucid and noticed that during the installation i got message about no connection to the internet.
<owen1> the installation is completed. how to establish connection(wired at first)
<fbc-mx> Is there any kind of monitoring service that I can install on my server that will email me when certain thresholds are broken, like CPU goes over 9 for more than 10 seconds, etc
<SpamapS> damn.. munin is the perfect answer for fbc-mx
<SpamapS> he waited a whole 2 minutes for an answer
<Iceman_B|nbk> greetings, im having issues installing 10.04 server on a system with an MSI KT4V mobo
<Iceman_B|nbk> has anyone heard of this?
<Iceman_B|nbk> disc integrity checks out, I tried a different optical drive on another system (Dell Dimension), setup program seems to run fine
<Iceman_B|nbk> when I transfer the dvd drive to the other system, it hangs again at the keyboard select screen
<Iceman_B|nbk> whats going on ?
<Iceman_B|nbk> nobody? wow
<Iceman_B|nbk> oh, https://help.ubuntu.com/10.04%20LTS/installation-guide/ 404's
<KurtKraut> I have a transparent Squid cache and behind it severak Ubuntu desktop computers. Will Squid cache package updates and save bandwith? Are APT repositories cachable by default?a
<uvirtbot> New bug: #581193 in ntp (main) "ntp init script fails to start ntpd" [Undecided,New] https://launchpad.net/bugs/581193
<owen1> every rebbot i have to run 'sudo dhcp eth0' to have internet connection. how to tell ubuntu to do it for me?
<uvirtbot> New bug: #581196 in postfix (main) "package postfix 2.7.0-1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 75" [Undecided,New] https://launchpad.net/bugs/581196
<owen1> what package do i need so i can have a wireless network plugin on my panel? (using xfce)
<RoyK> you mean like X?
<owen1> RoyK_wrk:solved it already..
<owen1> i can't see my any wireless network. how make ubuntu 'discover' my wireless?
<owen1> (iwconfig shows me wlan0)
<Schmidt> owen1: iwlist wlan0 or something like that
<uvirtbot> New bug: #581240 in dhcp3 (main) "cannot connect to router via ethernet - lucid" [Undecided,New] https://launchpad.net/bugs/581240
<uvirtbot> New bug: #581246 in c3p0 (main) "Sync c3p0 0.9.1.2-4 (main) from Debian unstable (main)" [Undecided,New] https://launchpad.net/bugs/581246
<RoyK>  11:48:27 up 1 day, 19:52,  1 user,  load average: 20.40, 20.18, 20.11
<RoyK> ubuntu runs quite well on 16 cores :D
<Iceman_B|nbk> I wish I could get Ubuntu to run ._.
<realV> hi all
<realV> someone know some good tutorial for heartbeat?
<RoyK> I think that's heartbeat's been superseeded by pacemaker
<Mikey^> Hey
<Mikey^> I have a 6.06.2 installation
<Mikey^> Why is there no mplayer in the repos ?
<RoyK> is there a good reason to run 6.06 these days?
<Mikey^> I dont have X installed, only commandline.
<Mikey^> yes, I just have it for fun
<Mikey^> nothing serious
<RoyK> upgrading to 8.04 or 10.04 might help
<Mikey^> Why cant I use what I want
<Mikey^> isnt that the policy of opensource, no forceful updates
<Mikey^> I can use what I want
<RoyK> of course you can :)
<Mikey^> thank you :)
<RoyK> but don't complain about the lack of packages in ancient distros
<Mikey^> no. I was just asked
<Mikey^> asking *
 * RoyK installs slackware 2.3 on Mikey^'s box
<Iceman_B|nbk> can I use the cd installer to upgrade a 9.10 machine to 10.04?
<RoyK> Iceman_B|nbk: it's easier to just run do-release-upgrade
<Iceman_B|nbk> doesnt that break all sorts of things?
<Mikey^> RoyK: Thank you, I want someone to install slackware :)
<Iceman_B|nbk> last time I did that I ended up with 6 kernels
<Iceman_B|nbk> and a face that looked like this:  Â°_Â°?
<Mikey^> 6.06 is not that old.. Its not like I am using debian 1.0 or something
<RoyK> it installs a new kernel, yes
<RoyK> but it doesn't break things
<RoyK> well, mostly it doesn't :)
<RoyK> hasn't broken any of my boxes yet
<Iceman_B|nbk> okay
<Iceman_B|nbk> well I guess it shouldnt, im using very little additional packages
<RoyK> the online upgrade will also use the latest packages
<RoyK> meaning less bugs
<RoyK> or newer bugs :)
<RoyK> newer bugs are always better than old ones
<Iceman_B|nbk> but, say I do want to delete all other kernels and just use the latest 32-bit server kernel, how would I do that
<Iceman_B|nbk> (on 9.10, with aptitude)
<RoyK> just apt-get remove them
<RoyK> dpkg -l will list install packages - remove the ones you don't want
<Iceman_B|nbk> yeah but, I never know which package I need
<Iceman_B|nbk> for each kernel, there are 2 or 3 packages
<Iceman_B|nbk> some of em are meta
<RoyK> pastebin the output of
<RoyK> dpkg -l|grep linux-image
<Iceman_B|nbk> gimme 5 minutes, need to move my server to its dark hole again and boot it
<RoyK> black hole server :)
<Iceman_B|nbk> cupboard box :p
 * Iceman_B|nbk <-- poor ex-student turned NEET
<Iceman_B|nbk> Linux Rin-chan 2.6.31-21-generic-pae #59-Ubuntu SMP Wed Mar 24 08:47:55 UTC 2010 i686 <-- it says this when I log in
<Iceman_B|nbk> dpkg paste coming up
<RoyK> Iceman_B|nbk: no, it says when the kernel was built
<ivoks> that will be removed in maverick
<Iceman_B|nbk> RoyK: http://dpaste.com/195207/
<ivoks> from motd
<RoyK> ivoks: what will?
<ivoks> timestamp when kernel was built
<RoyK> why?
<ivoks> users wouldn't get that info when they log in
<ivoks> it's useless
<RoyK> ah, in motd, yes
<RoyK> Iceman_B|nbk: is this a server?
<ivoks> he doesn't have latest updates, fwiw
<Iceman_B|nbk> RoyK: ya
<ivoks> current kernel is -22
<Iceman_B|nbk> I installed it with 9.04 server edition I believe
<Iceman_B|nbk> then at some point I did an online upgrade
<RoyK> Iceman_B|nbk: uname -r
<RoyK> oh
<RoyK> I guess it's 2.6.31-21-generic-pae
<RoyK> why not -server?
<Iceman_B|nbk> I have no clue :)
<RoyK> well, just run the upgrade
<RoyK> you can clean up later
<ivoks> well, you obviously installed ubuntu-desktop package
<ivoks> you can't hide from us
<Iceman_B|nbk> which I didnt want to ._.
<ivoks> we know everything :)
<Iceman_B|nbk> noes!
<RoyK> you can run, but you can't hide
<Iceman_B|nbk> I'll just smoke then :p
<Iceman_B|nbk> right so, upgrade time
<ivoks> i doubt it got installed by it self :)
<Iceman_B|nbk> ivoks: I want the server to run with as little stuff as possible, its running on an 9y/o Dell Dimension
<Iceman_B|nbk> "do-release-upgrade" is it?
<RoyK> yes
<Iceman_B|SSH> well, this machine is upgrading now
<RoyK> shouldn't take too long
<ivoks> well
<ivoks> since he installed ubuntu-desktop, it might take long :)
<Iceman_B|nbk> 285 megs
<ivoks> maybe you just installed the kernel
<ivoks> hm...
<ivoks> question; what cpu is that?
<ivoks> if it's an older CPU
<ivoks> it might not support PAE
<ivoks> and, afaik, all -generic and -server package are now pae enabled
<ivoks> meaning, you won't be able to boot those kernels
<ivoks> fear not, there's -386 version, for those old CPUs
<Iceman_B|nbk> ivoks: P4 1.6 Ghz
<storrgie> i can log into my machine with my rsa key once, but once i log out it denies me access until I restart the machine.....
<Iceman_B|nbk> 256meg RDram
<ivoks> right
<ivoks> so, it doesn't support pae
<Iceman_B|nbk> nope
<Iceman_B|nbk> I dont think that existed 9 yrs ago :)
<ivoks> there you go
<ivoks> now you know why you have -generic kernel
<Iceman_B|nbk> okay
<Iceman_B|nbk> wait, not okay
<Iceman_B|nbk> there are only server kernels with PAE support?
<ivoks> server kernels work only on CPUs that support PAE, that's right
<ivoks> we have only one kernel now, anyway
<ivoks> and that's -generic
<ivoks> there's -386 for those with non-pae cpus
<Iceman_B|nbk> there it goes
<RoyK> on lucid?
<Iceman_B|nbk> Linux Rin-chan 2.6.32-22-generic-pae
<Iceman_B|nbk> oh
<Iceman_B|nbk> ravi@Rin-chan:~$ uname -a
<Iceman_B|nbk> Linux Rin-chan 2.6.32-22-generic-pae #33-Ubuntu SMP Wed Apr 28 14:57:29 UTC 2010 i686 GNU/Linux
<Iceman_B|nbk> seems like it
<Iceman_B|nbk> oh fsck
<Iceman_B|nbk> well the welcome message said 10.04 LTS
<ivoks> it is
<ivoks> 2.6.32 is in lucid
<RoyK> Iceman_B|nbk: lsb_release -a should show most of it
<RoyK> Iceman_B|nbk: there you are - no bugs yet :)
<Iceman_B|nbk> well, I only started irssi so
<Iceman_B|nbk> lets see if my samba share is still dancing
<Iceman_B|nbk> Lady Gaga says yes
 * Iceman_B|nbk sings along with "Bad ROmance"
<storrgie> How do I set it up so that my home directory is NOT encrypted?
<RoyK> don't enable encryption :)
<storrgie> I just deleted my user and created him again
<storrgie> what a pain
<storrgie> using encryption means you cant use key login ssh
<storrgie> unless you are logged into the system and your home is mounted
<storrgie> :(
<RoyK> not for first login, no
<RoyK> which is quite understandable
<Iceman_B|nbk> bbl
<_ruben> storrgie: there's "tricks" to store your pub key in both the encrypted and non-encrypted homedir, or just move the pub key to some place outside your $HOME .. it remains a nasty issue however though :)
<uvirtbot> New bug: #581304 in ntp (main) "ntpdate doesn't work by default in karmic" [Undecided,New] https://launchpad.net/bugs/581304
<penguin42> storrgie: I guess full disk encryption rather than home directory encryption might be easier in that case
<penguin42> (Can the standard installer do that?)
<storrgie> penguin42: yeah dont do home dir encryption if you want to ssh in with pubkey access
<storrgie> penguin42: i am having another ssh issue, mind taking a peek?
<penguin42> can try, don't know that much about weirder corners of ssh
<storrgie> well have you set up key based auth with ssh?
<RoyK> penguin42: I think you should be able to ssh in based on key auth the second time you try
<RoyK> iirc linux keeps the encrypted volume mounted after first login
<storrgie> RoyK you are correct
<RoyK> I'm not entirely sure that's a good thing, though, security-wise
<echosystm> honest opinions - how do you guys find ubuntu server in comparison to centos et al ?
<echosystm> it seems to be getting taken a lot more seriously these days as a server distro (unlike the past)
<echosystm> im curious about it
<RoyK> I've been using a lot of distros over the years, but I'm quite confident with using ubuntu
<echosystm> i guess my main concern...
<penguin42> echosystm: I'd still use Centos/RHEL for a server
<RoyK> I guess a lot boils down to taste or even religion for some, but our ubuntu servers work well
<echosystm> ive always found quality to be a bit hit and miss in ubuntu as a desktop os, in comparison to debian for example
<penguin42> echosystm: Well for a public facing one, for myself I'd use Ubuntu
<RoyK> ubuntu is very good for servers
<RoyK> we have about 20 ubuntu machines now
<RoyK> moving the redhat stuff to ubuntu when we can
<echosystm> but things like installing java are about a metric bajillion times easier than on centos
<echosystm> and thats a scientific fact
<echosystm> ;)
<RoyK> I know
<echosystm> im drawn to ubuntu for this reason alone really
<RoyK> echosystm: we have a bunch of scientists using lots of libraries that aren't even thought of in the redhat camp
<RoyK> installing those by hand is a bitch
<echosystm> yeah
<RoyK> in ubuntu they're all in the repository already
<echosystm> yeah, thats what i love about ubuntu
<echosystm> everything is in the repo
<RoyK> less work, more time off
<penguin42> yeh apt and the ubuntu/debian repos are way better than the centos/rhel ones
<echosystm> ive noticed parallels have started supporting ubuntu too
<echosystm> for plesk
 * RoyK just uses vbox
<echosystm> so i figure ubuntu can't be too bad
<RoyK> I'd recommend using 8.04 for critical servers
<RoyK> 10.04 was just released - there might be bugs still
<echosystm> isnt 8.04 almost EOL now though?
<storrgie> echosystm: i think it has a couple more years
<RoyK> supported until april 2013
<echosystm> ah, cool
<penguin42> it's worth waiting a little while until we all figure out how to debug lucid
<echosystm> tbh, i
<echosystm> i'd really like to see ubuntu LTS based off debian stable
<echosystm> then the 6 month releases off testing/sid
<echosystm> i guess that was the idea behind trying to sync the freezes
<echosystm> anyway
<echosystm> so the basic rule is to only use LTS releases and wait a little while between them, yes?
<RoyK> yes
<echosystm> ok
<echosystm> easy
<RoyK> 8.04 is really rock stable
<echosystm> im using it at work as my desktop
<echosystm> and i notice some bugs still
<echosystm> but it could be virtualbox
<penguin42> echosystm: But the bugs are known
<RoyK> perhaps with X - I don't know many people still using 8.04 for their desktop
<penguin42> echosystm: Known bugs, none of them too bad
<penguin42> yeh for a desktop I'd move on
<echosystm> ive been trying to find the time to update, but work... priorities :P
<RoyK> we only have one server in production with 10.04 - just installed - numbercruncher thing - so I don't know yet - seems stable so far, running at a load of about 20
<penguin42> RoyK: Does it do anything other than crunch? Does it do any servery like things - e.g. NFS or smb serving heavily?
<wortbit> I try to get uec running for the first time. So far I can run "euca-describe-availability-zones verbose" but I get for free/max always 0. I think it has todo with the storage/lvm - does the SC require a special name for the volumegroup?
<RoyK> penguin42: not this box
<RoyK> penguin42: 16 core baby with 64 gigs of RAM
<RoyK> penguin42: modelling volcanic ash transport
<penguin42> RoyK: Yeh you said - we can blame you now for our closed airports
<penguin42> :-)
<RoyK> heh - not really - we're just trying to make the models better so that you can keep them open a little longer
<RoyK> one of our scientists have even developed a sort of camera that can be installed in aircraft to detect volcanic ash so they can navigate around it
<penguin42> nice
<RoyK> http://www.nicarnica.com/
<ChaosR> hello people, for some reason my server thinks its a good idea (or just thinks its funny to annoy me) to go into standby mode, does anybody knows how this is possible, and how to disable it?
<penguin42> ChaosR: Is it just a power management setting ? (A bit odd for a server, but maybe not if it started off as a desktop install)
<ChaosR> I don't even know where to configure power management on a server, and there is no desktop environment installed
<Mkools> I want to deploy .war file on tomcat6 for that I have created my own instance I have put up .war file in my instance's webapps directory but still not working. Any suggestions.
<Mkools> Can any one please review my PATH settings.
<penguin42> ChaosR: It does sound a bit unusual
<Mkools> Also added virtual host in server.xml.
<penguin42> ChaosR: Does it do it when idle or when busy or no difference?
<ChaosR> no difference, and the only way to wake it is to press any key on the attached keyboard
<penguin42> weird
<Mkools> Using CATALINA_BASE:   /home/mukul/practimp.private
<Mkools> Using CATALINA_HOME:   /usr/share/tomcat6
<Mkools> Using CATALINA_TMPDIR: /home/mukul/practimp.private/temp
<Mkools> Using JRE_HOME:       /usr
<ChaosR> although it might have to with me leaving the ssh session idle
<ChaosR> but that would be even more odd :P
<ChaosR> what happens is that the screen blanks and the network connection is paused (but not dropped)
<ChaosR> every new connection from my end to the server times out, and every existing connection will resume as soon as I return the server to the normal state
<penguin42> ChaosR: It's sitting at the console?
<ChaosR> penguin42: what do you mean?
<penguin42> at the text console
<ChaosR> yes, asking for user/pass
<penguin42> you could try logging in on the console and doing setterm -powersave off  -blank 0           and I think that sohuld disable any monitor powersaving/blank (although I'm not 100% sure-blank 0 is the disable rather than instant!)
<penguin42> at least if anything more subtle is happening it might let you see it
<penguin42> ChaosR: Is there anything in the logs?
<ChaosR> what logs specifically
<penguin42>  /var/log/messages
<ChaosR> nothing interesting
<ChaosR> "possible SYN flooding on port 54289. Sending cookies.", but I guess thats just bittorrent
<Mkools> hey can any one help.
<ChaosR> penguin42: how can you see the current setterm settings?
<ChaosR> Mkools: sorry, I know nothing about tomcat
<sommer> ScottK: quick question about opendkim... does it just need to be installed like the older dkim-filter package?
<penguin42> ChaosR: Not sure
<ChaosR> stty -a does not show any of the power features
<teddy> what is a cms for ubuntu-server that uses less memory and fast? I do not want to install joomla or drupal
<penguin42> teddy: apt-cache search   is a good way of finding packages - e.g. apt-cache search cms   and then weed out things that are a different meaning of cms
<penguin42> does anyone understand what drives /etc/init/bridge-network-interface.conf - I can see that I've got an instance called virtbr0 that must have come from kvm but I don't quite see how it got started (and similarly I don't see what started dnsmasq from libvirt)
<penguin42> perhaps a more general question is how do multiple instances work in upstart
<egsome> How to share a USB Printer connected to Ubuntu Server with another Ubuntu Computers ?
<penguin42> make sure it is shared by cups
<egsome> penguin42, how to do ?
<penguin42> and then you should be able to give the ipp url of the printer to the other machine
<penguin42> egsome: How have you configured it locally?
<egsome> penguin42, using hp setup tool
<penguin42> hmm, I've not got an hp printer so I'm not too sure what it does - are you running gnome?
<egsome> penguin42, No, it's a server as i mentioned, and no Gnome installed there as there's no display device
<penguin42> the hp setup tool is command line?
<penguin42> ok
<egsome> penguin42, yeah
<penguin42> check /etc/cups/printers.conf
<penguin42> shared should be Yes
<egsome> penguin42, already set to Yes
<penguin42> check cups is running, check /etc/cups/cupsd.conf allows remote printer sharing
<hihihi100> can u help me with an IBUS issue?
<egsome> penguin42, cups is running
<penguin42> egsome: OK, it may or may not be setup to allow connections from remote machines, but I'd try it - the other machine should be able to browse that machine
<egsome> penguin42, i can browse the machine, but i see a folder named "print$", and it ask for password, when i enter the password of my user on the server, it ask again ( means wrong )
<penguin42> egsome: Oh, this is sharing to a windows box?
<egsome> penguin42, No, All Ubuntu
<penguin42> egsome: So in new printer go to network printer and then ipp and put in the host name there
<egsome> penguin42, i got "This print share is not accessible."
<penguin42> egsome: my guess is it's something in /etc/cups/cupsd.conf  but it's a while since I've fought it - I'd probably use a webbrowser on the serving machine and connect to localhost:631 and go through the config there (I think somehting like w3m or links should be enough)
<egsome> penguin42, how to configure using that web interface ?
<penguin42> egsome: I can't remember, it's quite a while since I did it - you might prefer to edit /etc/cups/cupsd.conf
<penguin42> egsome: /var/log/cups/error_log is also useful to debug
<ScottK> sommer: re opendkim, you'll also need to make the same config file changes as you had with dkim-milter.  Be sure to look at the sample as the options are not 100% identical (it's close).
<uvirtbot> New bug: #384762 in rabbitmq-server (main) "rabbitmq-server has excessive dependencies" [Undecided,Fix released] https://launchpad.net/bugs/384762
<egsome> penguin42, solved ! , only used http://www.cups.org/documentation.php/doc-1.4/sharing.html
<penguin42> cool
<Igramul> Hi, how can I install misdn in Ubuntu 10.04 server? There seem to be kernel modules (which are also loaded for my AVM FritzCard) but no tools to generate /etc/misdn.conf.
<RoyK> Igramul: not using asterisk, are you?
<Igramul> RoyK, I want to use asterisk.
<RoyK> well, good luck
<RoyK> I work with the crap for some years
<RoyK> it's not good
<RoyK> the misdn drivers are also buggy
<RoyK> most of asterisk is buggy
<RoyK> since digium doesn't really want to spend money on fixing the code
<Igramul> Well, buggy software is used all over the world. I already have a prototype for my phone system. However, that's based on Ubuntu 9 server and chan-capi.
<Igramul> Should I stick with chan-capi or use misdn?
<RoyK> is Klaus Peter's code still alive? :)
<RoyK> I guess capi will be better
<RoyK> that is, I don't know
<RoyK> I haven't been in that business for two years
<RoyK> and I hope I won't go back there
<Igramul> hmm - it's not for business in my case, I want to use it for the phone system in my new house.
<RoyK> asterisk is a piece of shit
<Igramul> Anything better in sight?
<RoyK> freeswitch is probably better
<funkyHat> RoyK: watch your language please â¢)
<RoyK> funkyHat: watch my hat
 * funkyHat watches
<RoyK> is funkyHat some sort of christian bot in here?
<RoyK> last I checked I wasn't using any words not in the Oxford dictionary
<ScottK> RoyK: No.  In Ubuntu channels we do prefer to keep language a bit milder that is common in non-Ubuntu channels.
<RoyK> I keep my language to what's in the dictionary
<funkyHat> RoyK: in Ubuntu channels we try to keep the discussion family friendly, that includes not swearing.
<RoyK> if any religious prats want me to afrain from using the whole of it, be my guest
<RoyK> how many kids are using ubuntu servers?
<RoyK> and of those kids, which of them aren't used to "swearing"?
<funkyHat> RoyK: this is not the proper place for discussion of the rules. If you want to do that please join #ubuntu-ops
<ScottK> RoyK: You don't get a special exception from the rules.  There are adults that are uncomfortable with it too.  We want to be open to as broad an audience as possible.
<RoyK> ScottK: so stopping people's mouths are opening up the scociety?
<RoyK> is ubuntu religiously founded or something?
<ScottK> RoyK: Your right to freedom of speech does not include the right to be an ass.
<ScottK> No.
<RoyK> being an ass is not the same as utilising the English language
<RoyK> I didn't accuse anyone for anything
<RoyK> I just said my meanings about a certain piece of software
<RoyK> using other words won't make it better
<RoyK> just worse
<ScottK> RoyK: You could have communicated the same thing in other ways.
<RoyK> why?
<ScottK> Because using language that is offensive to some is not how we do things here.
 * ScottK is done.
<ScottK> As funkyHat said, this isn't the channel to debate the standards.
<RoyK> it doesn't matter which words that are used
<SuperLag> wow.
<uvirtbot> New bug: #581391 in samba (main) "package samba 2:3.4.0-3ubuntu5.6 failed to install/upgrade:" [Undecided,New] https://launchpad.net/bugs/581391
<uvirtbot> New bug: #581415 in squid (main) "package squid 2.7.STABLE7-1ubuntu12 failed to install/upgrade: sub-processo script post-installation instalado retornou estado de saÃ­da de erro 2" [Undecided,New] https://launchpad.net/bugs/581415
<dthacker> Hello.  I've built a postfix server with virtual domains that gets it's account info from MySQL.   The last three users I've added have not had their virtual directories created under /home/vmail/example.org   I'd like to get a pointer to the component that's failing?
<dominicdinada> !hostname
<ubottu> Use hostname <somehostname> to set the hostname, or to do it permanently: edit /etc/hostname and /etc/hosts . WARNING! Make sure that your current hostname and /etc/hosts match, otherwise sudo may not work properly.
<dominicdinada> !fstab
<ubottu> The /etc/fstab file indicates how drive partitions are to be used or otherwise integrated into the file system. See https://help.ubuntu.com/community/Fstab and http://www.tuxfiles.org/linuxhelp/fstab.html and !Partitions
<metalf88011> isn't there a command that will show me the path to a file?
<metalf88011> never mind I was thinking of pwd...  I can't think straight right now
<ne7work> hello all please someone help me with proftpd
 * SpamapS waves magic wand over ne7work's proftpd
<ne7work> SpamapS?
<SpamapS> ne7work: well thats all I can do if I don't know what your issue is. :)
<dominicdinada> ne7work: i see you asking in both channels whats the problem ne7work
 * SpamapS actually must be going
<SpamapS> bbl
 * SpamapS is afk
<ne7work> how to choose directory /var/www
<ne7work> to home directory for ftp clients?
<dominicdinada> your using proftpd ?
<ne7work> dominicdinada yes
<ne7work> i install proftpd
<dominicdinada> also why would u wanna give the webroot as the home directory
<ne7work> yes
<dominicdinada> is this for your personal use in the home network to edit web files ?
<dominicdinada> if so use samba
<dominicdinada> !samba
<ubottu> Samba is the way to cooperate with Windows environments. Links with more info: https://wiki.ubuntu.com/MountWindowsSharesPermanently and https://help.ubuntu.com/10.04/serverguide/C/windows-networking.html - Samba can be administered via the web with SWAT.
<dominicdinada> need a hand with fstab :/
<sh1ny> dominicdinada, shoot, i'm not very good with it, but still :)
<dominicdinada> well then Id rather wait i am trying to mount a fat32 external drive :)
<dominicdinada> hopefully by drive label
<sh1ny> so what's stopping you ?
<ne7work> dominicdinada i have ftp user
<ne7work> where i can see the password for user ftp
<dominicdinada> you still missed my question ne7work if you are running a ftp-server pointing at your webroot it seems you are trying to set it up so you can remote edit or make files correct?
<sh1ny> dominicdinada, you can see the device labels with blkid and mount it as vfat ?
<dominicdinada> sh1ny: because I want to make sure I am getting the right line for fstab cause the server has no moniter/kb/mouse and if it goes down well...... you get the idea
<sh1ny> http://www.technixupdate.com/mount-ntfs-fat32-windows-drive-in-ubuntu/
<dominicdinada> not in fstab it needs to be mounted at boot... otherwise it requires a user login
<sh1ny> mount -t vfat -o umask=000 /dev/sda1 /media/disk
<dominicdinada> sh1ny again stop typing your missing the entire point... on server at reboot it doesnt even acknowledge the drive is there until a user logsin
<sh1ny> dominicdinada, yea i get the idea, i support over a hundred debian/ubuntu servers ....
<dominicdinada> so it needs to be loaded in fstab
<sh1ny> well
<sh1ny> the command i pasted above can be put in fstab accordingly ?
<dominicdinada> ok
<sh1ny> like the UUID ( you get it from blkid ) /mountpoint type options pass
<sh1ny> so it will be like
<sh1ny> UUID=6e94f1fc-e990-406b-a9f8-bc5f9c9981a9	/somewhere	vfat	umask=000	0	0
<dominicdinada> /dev/sdb1: LABEL="meinna" UUID="A6B8AE51B8AE1FB3" TYPE="ntfs"
<dominicdinada> !fstab
<ubottu> The /etc/fstab file indicates how drive partitions are to be used or otherwise integrated into the file system. See https://help.ubuntu.com/community/Fstab and http://www.tuxfiles.org/linuxhelp/fstab.html and !Partitions
<sh1ny> this is what i have for my windows partition
<sh1ny> UUID=FE50CA0F50C9CF19	/media/disk	ntfs-3g	defaults,locale=en_US.utf8	0	0
<sh1ny> works for me
<dominicdinada> you dont need defaults.... right ?
<dominicdinada> brb
<SlipperyChicken> anyone looking at the prices of hard drives on Newegg.[com][ca] ?
<SlipperyChicken> debating whether to get a cheap 1.5 or a WD/Seagate 2.0TB
<sh1ny> first, i'd go with WD, then i am not sure how tested 2TB drives are atm
<GoremanX> I have Ubuntu 10.04 setup as a test web hosting server that I'm evaluating for migrating our sites to. Our current server is Ubuntu 9.10. But this new server, while sitting idle, is giving me some strange load numbers (when I check "uptime"): load average: 0.76, 0.70, 0.66. The old 9.10 server never shows numbers that high. It's a single-core system.
<SlipperyChicken> sh1ny, what about seagates 1.5 ?
<sh1ny> SlipperyChicken, i am biased :)
<dominicdinada> SlipperyChicken: www.pricewatch.com
<SlipperyChicken> dominicdinada, noted.
<sh1ny> SlipperyChicken, i use WD only, so far 1TB's , but as i use stuff for mission critical servers, i'd rather stick with things that are well tested
<SlipperyChicken> samsung has a 1.5 for 105 CAD... like..
 * SlipperyChicken sighs
<dominicdinada> samsung i dont like
<dominicdinada> the best drives i ever had were maxtor
<SlipperyChicken> arn't they in those Dell PowerEdge server ?
<sh1ny> SlipperyChicken, join the dark si...errr WD side :P
<GoremanX> the most failed drives I've ever had were from Maxtor :) experiences vary greatly when it comes to hard drives
<sh1ny> dominicdinada, did it work ?
<dominicdinada> sh1ny i am also not impressed with WD either :(
<SlipperyChicken> interesting how HD's becoming the ATI vs Intel debate.
<GoremanX> my best experiences so far have always been with WD drives
<dominicdinada> GoremanX: I say the same thing in regards to WD also most corrupted drives i ever owned so i went to all Maxtors
<sh1ny> dominicdinada, lately i get hwraids blowing up way more often than the drives themselves :(
<dominicdinada> HD debates have always been around
<GoremanX> it's all a big lottery
<SlipperyChicken> WD's green tech is pretty nifty.
<sh1ny> dominicdinada, on the interesting side i have a samsung in my desktop, working 24/7 for the last 7 years...still 0 bad blocks
<dominicdinada> depending on the enviroments and etc.... but ya Im pro Maxtor for live....
<GoremanX> my 1 TB Green drive continues to function flawlessly as a backup recipient in my home server after 2 years
<SlipperyChicken> anyone tried a "green" drive and benchmark it ?
<dominicdinada> life*
<GoremanX> it gets countless gigs written to it every day
<sh1ny> so yea, to sum it up, it's 2 kinds of people - those with fried hdd's and those whos hdd's are about to fry :P
<GoremanX> meanwhile, can someone help me with my Average Load issue? :)
<sh1ny> GoremanX, what's causing the load ?
<GoremanX> I have no clue, the system is idle
<GoremanX> top shows nothing
<sh1ny> GoremanX, i still haven't upgraded my servers to lucid , i usually wait till mid summer
<dominicdinada> sh1ny: maybe me being anti Samsung came years back when they were horrible drives and chose never to use them again after losing entire drives
<GoremanX> well, nothing interesting
<dominicdinada> but on the brighter note when my WD drives went down I could at least externally access them to get the data
<guntbert> GoremanX: "top shows nothing" but top shows the same system load values?
<sh1ny> GoremanX, hm , no idea, as far as my testing goes, i only know that lucid behaves weird when run in KVM on a karmic host, that's all :(
<GoremanX> they're EC2 instances. I have monitoring enabled. The 10.04's monitor shows almost no CPU activity, but the "load average" reported by uptime is consistently in the 0.75 range
<SlipperyChicken> dominicdinada, i've got some data at home that needs to be redundant, basicly putting all my work docs, media, vm's, everyhting into a raid.  would it be most cost effective to get one descent drive (WD 2,0TB) and a cheaper samsung 2.0 to back up to.... or get 2x 1.5's that are medium and keep them in RAID-1 all the time ?  Opinions open to all. :)
<GoremanX> meanwhile, the instance has 1.7 GB of ram, and apparently only 300 MB of that is free despite the server sitting idle
<dominicdinada> SlipperyChicken: well i dont know why that was towards me but you shouldnt backup everything to  1 drive :/ kinda defeats the purpose because if that 1 drive fails you still loose everything
<SlipperyChicken> GoremanX, take your used subtract your cached from it.  that will be you actual in use RAM.
<SlipperyChicken> i think.
<sh1ny> SlipperyChicken, never, and by that i mean NEVER get cheap stuff for backup
<sh1ny> SlipperyChicken, i learned that the hard way, so i don't recommend it to anyone
<SlipperyChicken> dominicdinada, sh1ny, agreed.
<GoremanX> ah, that makes a little more sense. Forgot about the cached memory
<dominicdinada> sh1ny: you can also make hard copies ie DVD's
<sh1ny> SlipperyChicken, if you really have to, make sure it's on a pc that doesn't spin all the time
<sh1ny> dominicdinada, agreed, i use tape for that where appropirate
<dominicdinada> unless your working with CAD, Movie software, etc 4.7gigs is alot to back up docs etc...
<dominicdinada> sh1ny tape is so 80s
<SlipperyChicken> sh1ny, it's going to be a little homemade NAS box, hopefully be able to spin the drives down.
<dominicdinada> tape = 30hds backup/restore    ungodly slow
<dominicdinada> 30hrs*
<sh1ny> dominicdinada, tape is standards and i got companies that must comply with their rules and standards
<GoremanX> top - 16:11:52 up 16:00,  1 user,  load average: 0.94, 0.83, 0.74
<GoremanX> Tasks: 107 total,   1 running, 106 sleeping,   0 stopped,   0 zombie
<sh1ny> GoremanX, 0.94 is pretty low loadavg :P
<dominicdinada> sh1ny dvd would write the data 100% faster
<sh1ny> dominicdinada, i agree
<GoremanX> I thought 1.0 was maxed out core
<sh1ny> dominicdinada, but most of the time the choice is not mine
<dominicdinada> sh1ny also with tape you run risk to damage of the tapes
<GoremanX> my 9.10 instance consistently shows 0.15 or less
<dominicdinada> sh1ny: you could suggest a new technology to them :)
<SlipperyChicken> i recently took on the responsibilty of the head admin at this company i work for.
<SlipperyChicken> asked them if they tested their tapes.
<dominicdinada> think of all the cost savings.... time saved
<SlipperyChicken> they didn't.
<sh1ny> dominicdinada, not when you use new tapes every time then post them to a bank deposit safe :S
<SlipperyChicken> so i checked them....
<SlipperyChicken> 4 of 5 had bacd blocks.
<SlipperyChicken> bad *
<sh1ny> hehe
<dominicdinada> SlipperyChicken: well we all know the lesson learned tape backups are outdated and often unreliable
<SlipperyChicken> tapes just can't do it anymore.
<SlipperyChicken> indeed.
<SlipperyChicken> you drop them on the floor and they're prolly junk.
<sh1ny> ok , bedtime for me, have a good night
<dominicdinada> dvds are a cheap and reliable solution provided you use proper care IE dont have a stack of dvd's sitting there burn and put each into its own jewel case and protect
<SlipperyChicken> meanwhile, my 16GB usb has gone through the wash 3 times... and still works.
<SlipperyChicken> dominicdinada, they don't last long.
<guntbert> GoremanX: no, 0.94 is not maxed out in any way (even on a single core) but I agree that the value is high for an idle machine - I once was able to explain, but today ....
<dominicdinada> SlipperyChicken: what doesnt last long ?
<SlipperyChicken> 5 years or something ?
<guntbert> !ot | SlipperyChicken, dominicdinada
<ubottu> SlipperyChicken, dominicdinada: #ubuntu is the Ubuntu support channel, for all Ubuntu-related support questions. Please use #ubuntu-offtopic for other topics. Thanks!
<dominicdinada> guntbert: we are talking about server backups and what should be used
 * SlipperyChicken sighs
<GoremanX> I'm a bit concerned about migrating my sites to a server that's behaving this oddly
<dominicdinada> GoremanX: like you said you wait till summer and it should be fixed by then
 * GoremanX looks out window... looks like summer to me! :)
<guntbert> GoremanX: it might be better anyway to wait until the first "point" release comes out (should be around july, I heard)
<GoremanX> *sigh* I was really looking forward to running php 5.3 :(
<GoremanX> oh well
<dominicdinada> GoremanX: poor guy :)
<GoremanX> thanks for the feedback!
<elspru> how do I check to see if postfix is working?
<SlipperyChicken> one final question:  right now ... 1.0TB , 1.5TB, 2.0TB to last for at least 1 year.  which one everyone ? :)
<elspru> like send or receive an email?
<elspru> SlipperyChicken: the lower density, the longer life expectancy, general rule
<dominicdinada> SlipperyChicken: how often are you doing backups and what kind of backups ? full or ?
<dominicdinada> !devicekit
<dominicdinada> !udisk
<SlipperyChicken> dominicdinada, weekly diff.
<SlipperyChicken> if i put a drive into existing RAID.
<Jenni0> hi
<Jenni0> our admin group got removed from /etc/sudoers by accident
<Jenni0> how can we get sudo? :p
<SlipperyChicken> Jenni0, log in with root
<SlipperyChicken> or boot into single user.
<Jenni0> i thought root was disabled on ubuntu
<Jenni0> only sudo users?
<SlipperyChicken> not if you boot into single.
<SlipperyChicken> it bypasses.
<Jenni0> root doesnt have a password...
<Jenni0> how can we login
<elspru> so any idea how to test postfix?
<SlipperyChicken> it won't ask you for one.
<elspru> like how to send mail using it from command line?
<SlipperyChicken> elspru, mutt.
<SlipperyChicken> or mail -s "blah"
<poningru> elspru, telnet into 25
<poningru> and then speak smtp to it
<elspru> hmm well it doesn't work
<elspru> i didn't receive the email
<dominicdinada> !udisks
<elspru> so where are the logs kept?
<elspru> i'm having a tough time finding them.
<elspru> for postfix
<elspru> is there any easy way of getting a mail server working on ubuntu?
<elspru> maybe there are simpler more reliable mail servers? that work
<xomp> hi, I was instructed to ask my question in here so here goes :) could someone please help me with SFTP'ing into my ubuntu VPS? I'm getting an error in WinSCP of http://img580.imageshack.us/img580/323/sftp.jpg
<elspru> xomp: try putty http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html
<xomp> I can use putty to SSH into the server fine
<elspru> psftp
<xomp> it's just when I try to use WinSCP to SFTP into it is where the problem comes :(
<elspru> well scp is different from sftp
<xomp> oh ok
<xomp> "Out of Memory" error when trying to use psftp
<elspru> check your hardisk, and that of the serve,r, to see which is "out of memory"
<xomp> everywhere I turn it points to some sort of .login or .profile issue
<xomp> there is plenty of resources on the server
<xomp> I guess there is no figuring this one out
<xomp> tried touch ~/.hushlogin
<xomp> same thing
<xomp> out of memory
<elspru> hmmm
<elspru> might be permision on ~/.profile
<elspru> or ~/.login
<elspru> needs to be writeable
<xomp> I actually don't have a ~/.login
<xomp> -rw-r--r--  1 root root  141 Oct 20  2007 .profile
<elspru> sometimes when it can't write, it claims it's full
<f1yback> xomp, I have noticed winscp has some bugs
<f1yback> also about a 2-3 meg/sec transfer speed limit
<elspru> xomp: ya certainly seems like permission issue
<xomp> f1yback, happens in WinSCP, psftp, Filezilla :(
<f1yback> oh
<elspru> unless that's the root users .profile
<xomp> elspru, it's the root users .profile :3
<xomp> Oct 20 2007 though?
<elspru> it's okay then
<xomp> I just signed up with this host yesterday lol
<elspru> well then get them to fix it :-). even if server has lots of resources, doesn't mean you've been allocated much.
<xomp> they won't fix because it's an unmanaged server :P
<xomp> I guess I can live with not having SFTP access and edit files for the 2 websites I run all via command line making it such a cumbersome chore that I'll likely kill my whole family over out of pure frustration :P
<elspru> so did you try psftp.exe?
<xomp> or try to use their god awful filemanager to edit small files and pray it doesn't hang on uploading :/
<xomp> elspru, yeah, got out of memory error with it too
<xomp> Filezilla also uses psftp.exe for it's SFTP connections and it throws the same error too
<elspru> hmmm, well it seems like a server side issue.
<elspru> sftp might have been disabled.
<elspru> can try resinstalling openssh and restoring default config files
<xomp> The error message seems to indicate that the service is not properly configured on the server.
<xomp> Yes, You will have to contact your server admin to resolve this issue as we do not provide technical support for unmanaged services.
<xomp> I am the server admin :3
<elspru> so reinstall
<xomp> would a reinstall really work you think?
<elspru> did you install it?
<xomp> no, it was installed already
<elspru> so it might help, especially if someone was using it beforehand.
<xomp> ok, how would I reinstall it?
<elspru> it would be good to have a fresh installation for yourself anyhow.
<xomp> it should have been a fresh install to be honest
<xomp> it's an unmanaged ubuntu VPS heh
<elspru> sudo apt-get remove openssh-server; sudo apt-get install openssh-server
<xomp> ok it's reinstalled :)
<xomp> lets see what this gets us
<xomp> argh.. exact same thing :(
<xomp> oh wait
<xomp> it failed in WinsSCP but is working with Filezilla/psFTP :D
<xomp> oh wait now
<xomp> no*
<xomp> Error:	Out of memory!
<xomp> Error:	Could not connect to server
<xomp> I connected to my other working VPS and thought it was fixed earlier haha
<xomp> looking at ~/.bashrc for my working VPS compared to this new non-working VPS shows them to be identical
<xomp> so it shouldn't be a .bashrc issue
<xomp> same exact .profile between the 2 servers too haha
<xomp> sorry if I sound a bit frustrated, I've been trying to fix this for the past 11 hours now and have made no progress at all
<xomp> 10 hours spent waiting in #ubuntu for someone to help while trying to research it on google myself :(
<f1yback> CANUCK
<f1yback> CANUCK
<jpds> f1yback: Hi.
<f1yback> hi
<enav> i got noob question   when i run  ls-l  on terminal....  what is the meaning of the "d"  on this output   drwxr-xr-x
<jpds> directory.
<enav> is just and indicarto really?
<enav> indicator
<jpds> Yep.
<enav> d for directoryes and  -   for  files
<enav> thanks mate
<jpds> l for symlinks, etc.
#ubuntu-server 2011-05-09
<Ronnie> where can i find good and easy documentation about running a testserver in virtualbox with subdomains. The testserver is for testing settings and apps before launching on the real server (no vm). currently i have one website (django+apache) running in the vm and edited my /etc/hosts with the guest IP and hostname. But running into problems with the second site
<uvirtbot> New bug: #779669 in php5 (main) "package php5-cli 5.3.5-1ubuntu7.1 [modified: usr/bin/php5 usr/share/man/man1/php5.1.gz] failed to install/upgrade: Package is in a very bad inconsistent state - you should  reinstall it before attempting a removal." [Undecided,New] https://launchpad.net/bugs/779669
<uvirtbot> New bug: #779670 in mysql-dfsg-5.1 (main) "The usage of --defaults-file is undocumented in the man" [Undecided,New] https://launchpad.net/bugs/779670
<lenios> Ronnie, what's the problem with the second site?
<fastveg> could anyone help me out with a couple beginner questions?
<fastveg> first, I'd just like to fgure out the version of ubuntu server I'm running...
<fastveg> I tried uname-a and got back this: Linux ubuntu 2.6.38.3-linode32 #1 SMP Thu Apr 21 20:08:53 UTC 2011 i686 GNU/Linux
<fastveg> but 2.6 doesn't sound correct at all..
<fastveg> shouldn't it be like 10 or something?
<fastveg> nevermind, logged into linode and apparently it's 10.10.
<fastveg> Is there a way to check this from the command line though?
<jmarsden> fastveg: cat /etc/lsb-release    or    lsb_release -ircd
<jmarsden> fastveg: 2.6.38-3-linode32 is the kernel version, not the distribution version.
<fastveg> jmarsden; totally worked, thank you.
<jmarsden> You're welcome.
<fastveg> jmarsden:  One more question if you are still on, I am trying to install postgres 9.0.4 -- but if I do apt-get install postgresql it tells me that the newest version is installed (8.4.8).  How do I install 9.0.4?
<jmarsden> fastveg: You dont in 10.10, unless you want to (a) backport it from oneiric or (b) install it by hand outside the packaging system.
<jmarsden> What apps do you run that *need* 9.0.4 and will not work with 8.x ?
<fastveg> ugh, I don't know, I'm a little new to all this, and trying to learn django and postgres.  Current prblem is that my mac has 9.02 and the server has 8.4.8.
<jmarsden> Since you say you are a beginner, I'd strongly advise you install the postgresql that comes packaged by Ubuntu for your distro, i.e. for 10.10
<fastveg> So I'm not entirely sure, but I'd assume that I want to keep developement and server synched up
<fastveg> version wise
<jmarsden> I don't know enough about 9.x to know if it can pg_dump files that 8.x will import, but I'd hope it can.
<fastveg> makes sense..
<jmarsden> fastveg: Then develop in Ubuntu 10.10 in a virtual machine on the mac, or something, if you really need the two 'in sync' :)
<fastveg> so is running two different versions in development and production not a huge deal / fairly common?
<jmarsden> If you are doing basic web stuff, the db version shouldn't matter hugely.
<fastveg> it's pretty basic yeah'
<jmarsden> If you are doing serious database work and using the latest db features... you care about versions.
<fastveg> right on
<fastveg> thanks for the help and info
<jmarsden> I'd try using the one 10.10 has packaged, it is easy and you will get security updates for it, etc.  Only do more work if you find out that more work to get 9.x is really needed.
<jmarsden> You're welcome.
<Ronnie> fastveg: for syncing the database you can also use django's dumpdata and loaddata: http://docs.djangoproject.com/en/dev/ref/django-admin/#django-admin-dumpdata
<Ronnie> i have used that to port my data from mysql to postgres
<ruben23> hi does ubuntu server have deafult iptables..?
<jmarsden> ruben23: sudo /sbin/iptables -L -n     # to find out :)
<ruben23> http://pastebin.com/K9794iei
<ruben23> jmarsden: where do i set the iptables to make it permanent
<ruben23>  jmarsden: si that an indicator i have one..? where do i set it on text file to make it permanent
<jmarsden> ruben23: If you don't know what you are doing, use ufw instead of raw iptables.   man iptables-save and man iptables-restore for one way to save and restore iptables information
<ruben23>  jmarsden: i just wanted to make it permanent - tried with rules when rebooted its gone
<atdprhs> anyone uses ubuntu 11.04 here and synaptic multi touch click pad here?
<jmarsden> synaptic multi-touch click pads?  On a *server* ?
<greppy> jmarsden: I can see that being done :) touch pads in a rack mount keyboard/mouse setup :)
<twb> I know a few idiots who repurpose their old netbooks are bastion routers
<twb> Putting a USB ethernet card in or some shit
<jmarsden> twb: Yes, but they you don't care if the touchpad isn't working, you ssh into them :)
<twb> oh right
<twb> I didn't read the scrollback
<RoyK> https://bugs.launchpad.net/ubuntu/+source/upstart/+bug/592114 <-- anyone seen this?
<uvirtbot> Launchpad bug 592114 in upstart "upstart doesn't start cron automatically on boot in lucid for server on amd64" [High,Confirmed]
<Shadow_aok> hello
<Shadow_aok> Does someone has its do-release-upgrade stopped by an error with ubuntu-minimal which can't be found although its already installed ?
<Shadow_aok> (running maverick x64)
<bigDog> sorry - my 3G internet disconnected
<Shadow_aok> nobody tried to upgrade to natty around here ?
<andygraybeal> my desktop is natty, my server is 10.04
<bigDog> i'm on 11.04 - but did a fresh install
<andygraybeal> yea, i'm still afraid of upgrades :)
<Shadow_aok> well, it doesn't work on my server
<Shadow_aok> complaining about ubuntu-minimal
<Shadow_aok> alhtough this package is installed
<Shadow_aok> but do-release-upgrade can't find it :(
<Shadow_aok> i found nothing useful on the forums, so i'm trying here
<bigDog> no ops here now?
<Shadow_aok> seems not
<bigDog> weird.... spooky
<bigDog> on installing dnsmasq i get: failed to create listening socket for port 53: Address already in use do i need to worry?
<qman__> mine are all 10.04, if it ain't broke, don't fix it
<greppy> bigDog: do you have another dns server installed?
<bigDog> only bind9
<greppy> so yes :) they are both trying to use port 53 to serve dns
<bigDog> but need dnsmasq for IP masquerading - unless bind9 can be used with iptables MASQUERADE
<greppy> I don't think you need dnsmasq for setting up NAT
<bigDog> ok
<greppy> dnsmasq is just a lightweight dns proxy and dhcp/tftp server
<bigDog> hi everyone - i have successfully installed ubuntu server 11.04 without a problem. i use iptables for nat (sudo iptables -t nat -A yadda yadda yadda -j...) the problem is, every time the server reboots, the custom iptables commands are lost. i tried an ubuntu iptables tutorial and it didn't work - so i reformatted the server and started again. tried another tutorial - still no joy so i
<bigDog> am now on my 3rd reformat & reinstall (almost finished now). has anyone succsessfully been able to do an auto-executing startup script for custom iptables setup at boot? could you share how you did it? the server is just a firewall, squid server, and IP masquerading (internet connection sharing) box.
<nijaba> bigDog: https://help.ubuntu.com/community/IptablesHowTo#Configuration on startup
<greppy> bigDog: two steps, do an "iptables-save > /etc/firewall-rules", then in /etc/network/interfaces, add "pre-up iptables-restore < /etc/firewall-rules" before the auto eth0 line
<bigDog> ahhh, ok!
<bigDog> finally - a straight answer from someone who knows what they are talking about! humanity lives on!
<greppy> sorry, I'm just a shell script running as an IRCII bot :)
<fastveg> Is there a way to change the default user on ubuntu-server?
<fastveg> I just used my first name when I first set it up and that's not ideal anymore... ;)
<greppy> just add another user and give it access to sudo
<fastveg> k thanks greppy
<bigDog> so, i do sudo -s and get a root shell. I type in custom commands line-by-line: ** iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -o eth0 -j MASQUERADE** {ENTER} iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 ! -s 192.168.0.254 -j REDIRECT --to-port 3128 {ENTER} then do the iptables-save command including quotation marks?
<greppy> don't have to have the quotes
<bigDog> in squid, is this the correct squid.conf syntax - http_port 3128 transparent
<bigDog> i am trying to make a transparent proxy
<progre55> hi guys. I've just updated/upgraded a remote lucid server, but after a restart, it still says "xx packages can be updated." on ssh-logon, although there's nothing more to update. Any suggestions, please?
<bigDog> apt-get update
<progre55> bigDog: yeah I've already done that, and even "apt-get dist-upgrade", and even restarted the server
<progre55> but it still says there are packages to be updated, and you run "apt-get update" again, there's nothing to updated
<bigDog> hmmm
<progre55> to be*
<progre55> apparently I'm not the only one http://ubuntuforums.org/showthread.php?t=1473965
<progre55> let me read on =)
<bigDog> 11.04?
<progre55> nope, lucid
<progre55> server
<bigDog> sorry man i'm new to linux - maybe someone here can help...
<progre55> no problem, thanks for the attention
<andygraybeal> progre55, i have the same problem, i just ignored it :)
<progre55> andygraybeal: I've just fixed it =)
<andygraybeal> but yea, i'm sure someone else here can elaborate, and i would be interested
<andygraybeal> oh nice
<progre55> just clean /etc/motd.tail
<andygraybeal> aah nice
<andygraybeal> i've not heard of the clean command
<progre55> no no, I mean, just clean the contents =)
<progre55> echo "" > /etc/motd.tail
<andygraybeal> ah like.. rm /etc/motd.tail ?
<andygraybeal> aah ok
<andygraybeal> nice
<andygraybeal> nice
<andygraybeal> will this have to be cleaned often?
<progre55> no, just once afain
<progre55> afaik*
<pythonirc101> does anyone use canonical here for their servers?
<pythonirc101> I just selected it, and not sure if i have to pay for anything?
<pythonirc101> does anyone know of a tool that will help me manage 10 ubuntu-servers from 1, mostly patches and package installs...
<twb> pythonirc101: puppet
<pythonirc101> twb: Thanks. Looking it up
<twb> You may just want the unattended-upgrades and a ssh loop
<pythonirc101> twb: is there a good gui for puppet?
<twb> 10 is not a big number
<twb> No, GUIs are for wankers
<pythonirc101> twb: i selected canonical landscape while installation, no idea how that works...doesit?
<Pici> Well thats a bit of a harsh way of putting it.
<twb> pythonirc101: landscape only works if you buy a support contract from canonical or something
<twb> pythonirc101: basically, don't pick it unless you routinely add an extra zero when charging your client
<pythonirc101> sucks
<pythonirc101> I selected it, can i uninstall it?
<twb> Oh, and the landscape hub is proprietary software, so don't pick it if you're a longhair treehugger lefty like me
<twb> pythonirc101: dunno; I know a fresh install will fix it :-)
<pythonirc101> damn
<pythonirc101> i hope they dont use my resources using a timer
<twb> Eh?
<pythonirc101> well to contact their server
<pythonirc101> how can i not uninstall it...lemme see if i can find that package
<twb> It'll surely use your internet connection to TRY to talk to the internet
<pythonirc101> how can i uninstall it, without reinstalling?
<twb> Unless you're a UUCP jarhead, the bandwidth is probably minimal
<twb> I don't know.  There is probably a package like "landscape-client", but I don't know if removing it will suffice
<pythonirc101> i dont want it on my machine -- if they charge for managing 10 machines... :)
<bigDog> anyone remember where squidGuard.conf lives? /etc?
<alamar> bigDog: find does
<twb> pythonirc101: unless you gave them your credit card, they will probably just ignore you, rather than charging you
<alamar> or locate
<twb> bigDog: probably /etc/squid; IIRC it hooks into squid's post-hook doohickey
<pythonirc101> landscape-client/common
<bigDog> how do i enable root login?
<twb> bigDog: set priority=low during install, and pick "yes" when prompted
<twb> bigDog: otherwise I *think* you can simply run "passwd" as root
<bigDog> i'll try that
<bigDog> that worked!
<bigDog> interesting... CTRL + ALT + DEL will reboot an ubuntu server at the login prompt - yet shutdown -r now requires root privaleges...
<Pumpkin-> bigDog: CTRL-ALT-DEL requires physical console access. Shutdown doesn't. I think thats the logic on things like that.
<bigDog> i get that, guess when your dell poweredge 2850 is in a rack in a locked room with no keyboard attached - a non sysadmin has a problem rebooting the thing
<patdk-wk> heh, contrl-alt-del will not reboot my servers
<patdk-wk> they all have a keyboard password lock on them
<patdk-wk> keyboard will not work, without the password
<bigDog> opensuse 11.4 has NOTHING on ubuntu 11.04!
<bigDog> can't believe i put up with that crap
<uvirtbot> New bug: #779930 in bacula (main) "package bacula-director-mysql 5.0.1-1ubuntu1 failed to install/upgrade: el subproceso instalado el script post-installation devolviÃ³ el cÃ³digo de salida de error 1" [Undecided,New] https://launchpad.net/bugs/779930
<bigDog> linux is case sensitive right? /usr/bin/myProgram is different to /usr/bin/MyProgram
<patdk-wk> depends on the fs used, but basically yes
<bigDog> ext4
<bigDog> what does this mean at login? System informaton disabled due to load higher than 2.0? CPU is running beyond 100%?
<zoopster> bigDog: yup
<bigDog> hmmm what command shows system load
<zoopster> bigDog: I use "top"
<Pici> uptime will show it as well.
<bigDog> 99.8%id = idle?
<Pici> Yes.
<bigDog> might put 2 more GB in the box - seems unstable atm
<shauno> that text is a little misleading; it doesn't mean the load is too high when it prints that message.  it means the load was too high when the motd was regenerated (iirc)
<uvirtbot> New bug: #779968 in nis (universe) "dpkg: error: version 'nis_3.17-18' has bad syntax: version number does not start with digit" [Undecided,New] https://launchpad.net/bugs/779968
<bigDog> can i ask 1 more final question?
<Pici> Ask as many questions as you want.
<bigDog> i need to forward some ports to masqueraded IP addresses. what iptables syntx can achieve this?
<bigDog> *syntax
<bigDog> for example: a packet arrives on eth0 (port 8888) it needs to be forwarded to 192.168.0.18 on eth1
<uvirtbot> New bug: #779977 in mysql-5.1 (main) "text is displayed improperly for non-english languages" [Undecided,New] https://launchpad.net/bugs/779977
<hobbsc> i had a server running server 10.04, did do-release-upgrade to 10.10 without any problems, then to 11.04 and my networking stopped.  `ip link show` states that all interfaces are down and 'lshw -class network' shows all links down even when i plugin each interface one by one (i get link lights on most interfaces)
<hobbsc> any ideas as to why ubuntu isn't catching those links?
<hobbsc> the nic that this was connected with is a pci nic and it won't give me link lights anymore, so i'm trying to work off embedded nics
<hobbsc> i set all interfaces for dchp, hoping one of them would pick something up, but no dice
<ddw17> Hello...anyone have experience w/ vsftpd on an Ubuntu server that could help me real quick? Uploads are failing from the client and I'm not sure how to configure
<RoyK> hobbsc: sounds like a bad driver to me
<ddw17> hm
<ddw17> i've gotten this far
<ddw17> maybe?
<ddw17> whoops, nevermidn
<alamar> someone asked earlier what to use for central management for a bunch of ubuntu servers (to keep them in synch in regards of installed packages and updates etc.) I'd be interested in that too, and further what's a good way to automatically install security updates? (cron-apt?)
<alamar> (is puppet a good idea for central management?)
<hobbsc> RoyK: i think it's my persisten rules in udev, actually.  chasing that one down right now
<hobbsc> alamar: we've been looking at both puppet and cfengine here at work, i think both are decent
<RoyK> hobbsc: what does ifconfig -a tell you?
<hobbsc> RoyK: not what it should :D
<RoyK> lol
<hobbsc> shows me the interfaces in question are up, lshw and ip link shows differently
<hobbsc> i think i'm on the right track here, though
<RoyK> hobbsc: but does it show eth0/eth1 etc, or does it skip a few?
<hobbsc> it shows them all
<hobbsc> as well as my virtual interfaces
<hobbsc> does lshw list devices in order?
<RoyK> hobbsc: if ifconfig shows from eth0 and on, it shouldn't be udev
<hobbsc> RoyK: noted
<uvirtbot> New bug: #780054 in postfix (main) "package postfix 2.8.2-1ubuntu2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 75" [Undecided,New] https://launchpad.net/bugs/780054
<Pici> Anyone happen to know if its possible to move the location of byobu's status notifications?
<Pici> Or change their order?
<uvirtbot> New bug: #780070 in postfix (main) "package postfix 2.8.2-1ubuntu2 failed to install/upgrade: Ð¿Ð¾Ð´Ð¿ÑÐ¾ÑÐµÑÑ ÑÑÑÐ°Ð½Ð¾Ð²Ð»ÐµÐ½ ÑÑÐµÐ½Ð°ÑÐ¸Ð¹ post-installation Ð²Ð¾Ð·Ð²ÑÐ°ÑÐ¸Ð» ÐºÐ¾Ð´ Ð¾ÑÐ¸Ð±ÐºÐ¸ 75" [Undecided,New] https://launchpad.net/bugs/780070
<resno> lxc is the approved hypervisor right?
<xcalibur> hello guys, can someone help me on a mail server wich is not recieving any mails?
<The-Kernel_> xcalibur, what email deamon?
<xcalibur> postfix
<xcalibur> i can telnet to my domain on port 25 and port 110
<The-Kernel_> run this command, paste the output to pastebin and send it:
<The-Kernel_> tail -f /var/log/mail.err & tail -f /var/log/mail.info
<The-Kernel_> when that is running, try to replicate the issue and put the output into pastebin
<xcalibur> one sec then ;)
<xcalibur> nothing is logged, only old output......
<xcalibur> maybe my records arent good?
<The-Kernel_> try another command
<The-Kernel_> tail -f /var/log/mail.log
<xcalibur> ps i'm just a amateur
<The-Kernel_> thats fine
<The-Kernel_> you gotta learn somehow
<xcalibur> http://pastebin.com/c4SBpdyy
<xcalibur> thats right
<xcalibur> by the way, when sending mail internaly (to me@localhost) it works good
<xcalibur> but when sending mail from the outsite (in this example from gmail) it doesnt work like it is supposed to be :
<The-Kernel_> xcalibur, that indicates incorrect MX settings usually
<k3strel> xcalibur, when telneting to server is that from inside the firewall? Or publicly?
<xcalibur> http://www.mxtoolbox.com/SuperTool.aspx?action=mx%3ahoornfive.nl
<xcalibur> from inside but with the outside adres (hoornfive.nl)
<k3strel> I suspect your firewall is blocking 25/110.
<xcalibur> ill try from outside, one sec please
<k3strel> my telnet to 25 is not connecting.
<BrixSat> i need some help, i have a server with lamp, and i have defined 3 users each one has its site on their public_html but apache keeps geting 403 :S what permissions should the folder have and apache group should have the user in it?
<xcalibur> ok telnet to port 110 works
<xcalibur> telnet to port 25 doesnt :(
<The-Kernel_> BrixSat, drwxr-xr-x
<xcalibur> can i test if port 26 is closed by my provider?
<BrixSat> The-Kernel_:  and about groups?
<xcalibur> port 25 i mean
<The-Kernel_> BrixSat, 755
<The-Kernel_> BrixSat, any group should work
<BrixSat> The-Kernel_:  but with 755 if the user installs like joomla on it then php wont be able to create folders or files
<guntbert> xcalibur: a word of caution: please don't run a publicly vailable mail server when you have no experience
<guntbert> ISPs close port 25 with good reasons :)
<xcalibur> yes i understand
<xcalibur> port 25 is for sending out mails....
<xcalibur> ?
<The-Kernel_> BrixSat, then that means you'll need to change it to 775 or even 777
<The-Kernel_> BrixSat, its a security risk, but if thats what it takes
<BrixSat> The-Kernel_:  Not the best option 777 :(
<xcalibur> i'm just using it for programming (php)
<BrixSat> do you know how does cpanel manages users and groups?
<xcalibur> my server is not always available and i added a few limitations for sending mails
<The-Kernel_> BrixSat, probably googling for what joomla wants/needs is best
<guntbert> xcalibur: then keep it strictly within your network
<BrixSat> The-Kernel_:  regular cpanels for hosting takes files to 644 and folders to 755 and it works but i dont know the users and groups (who bellongs to who)
<xcalibur> guntbert i understand the risks i take
<xcalibur> guntbert: but i still want to be able to receive mail from outside my domain
<guntbert> xcalibur: do you also understand the risks the internet community takes? (look up under "mail relays") :-)
<xcalibur> yes i understand
<xcalibur> im working in the email business and know how bad spam is!
<xcalibur> trust me ;)
<xcalibur> but i got smtp working, only pop3 is not working atm
<xcalibur> and that port should not be closed by my isp
<The-Kernel_> BrixSat, all mine are owned by root
<xcalibur> can you guys please help me on the "not recieving mail" issue?
<BrixSat> The-Kernel_:  but that is not very secure
<BrixSat> and about uploading files trought ftp, can the user make it?
<BrixSat> The-Kernel_:  files at 764 i get on firefox 403 - Forbidden :( (file is owned by user1 and group www-data
<uvirtbot> New bug: #780149 in net-snmp (main) "net-snmp FTBFS on oneiric (eval: 1: base_compile+= gcc: not found)" [Undecided,New] https://launchpad.net/bugs/780149
<xp2> Holla, Is anyone here ever played with SNMP on Ubuntu Server 10.10?
<xp2> Im trying to setup a monitoring solution for my asterisk with SNMP trap but I always get: Cannot find module (SNMPv2-TC) when I try to connect with snmpwalk. I tried to google this error with out any luck!
#ubuntu-server 2011-05-10
<rpaddock> I can add a script to run on server start.. but how do I have it run as a specific user?
<JanC> rpaddock: use 'su' ?
<uvirtbot> New bug: #780251 in samba (main) "Directory listing truncated on CIFS mount" [Undecided,New] https://launchpad.net/bugs/780251
<uvirtbot> New bug: #780277 in apache2 (main) "package apache2.2-common 2.2.17-1ubuntu1 failed to install/upgrade: no se puede borrar de forma segura `/etc/default/apache2.dpkg-new': Error de entrada/salida" [Undecided,New] https://launchpad.net/bugs/780277
<twb> kirkland: ping
<twb> I'm using libvirt-bin on lucid; it looks like you wrote the upstart job
<twb> Apparently when the dom0 gets a "shutdown -h now" or so, the domUs aren't told to start a clean shutdown
<twb> I want the same behaviour as e.g. vmware-server, where dom0 shutdown will wait until the guests have finished shutting down before the dom0 itself shuts down
<twb> Surely someone has already sorted this out?
<Roxyhart0> hi There, i installed ssh server, but it is not working ...I cant not connect from other computers to the server, just locally. Somebody know hot to do cheking to this
<Roxyhart0> it was working before...I did just installed NAT and it stop to work, but I am not sure if it had something to do with this configuration
<uvirtbot> New bug: #780314 in samba (main) "package samba 2:3.5.8~dfsg-1ubuntu2.1 failed to install/upgrade: le sous-processus script post-installation installÃ© a retournÃ© une erreur de sortie d'Ã©tat 1" [Undecided,New] https://launchpad.net/bugs/780314
<amero> if the softlimit for nproc not specified, does it become unlimited?
<mithran> hi all, i am trying to use this appliance that uses ubuntu server to support virtual machines, ive created a virtual machine, and need to boot from the network , but its not getting an address that is on the local network, i have NAT and bridged as the options to setup the nic, any suggestions?
<mithran> does someone have a good link for the different options to set for a nice on a virtual machine?, i was trying to do the same thing with virtual box, with no sucess :(
<twb> Define "nice"
<mithran> nic* sorry :)
<kaushal> Hi
<kaushal> Please guide me about http://pastebin.ubuntu.com/605598/
<amero> any idea why ssh keeps booting me off at login after setting nproc limit for the user i tried to log in
<amero> but the num of current proccess of that user is nowhere near the nproc limit i've set though
<kim0> hey guys, is there some wiki page describing the process to get some software into universe
<lynxman> kim0: I think this is what you're looking for https://wiki.ubuntu.com/SponsorshipProcess
<kim0> lynxman: thanks
<lynxman> kim0: np
<tunic> hi
<tunic> I've have a NFS export... if I md5sum a 500Mb file ina server shell I got a value, if I md5sum that same file in a NFS client I got another value
<tunic> what's is strange is that the md5sum in the NFS client is always de same, so I guess is not because corrupted transmission, because then I'll got different md5sums
<tunic> I use sync option in export file (async may cause corruption)
<tunic> any ideas?
<twb> lynxman: not sure
<twb> lynxman: unless md5sum algo is different on each?
<tunic> also, I'm using lucid binaries in the 10.10 Maverick Meerkat clients because Maverick binaries have an ugly bug
<tunic> may be related?
<tunic> no
<tunic> md5sum is the same in client each time
<Guest60484> hi
<w00> i'm a very new Ubuntu user, played with cobbler on my natty-server vm and all worked fine with importing/installing/etc another natty-server but hit a bug while trying to import the mini.iso.. it seems the bug got fixed in cobbler-2.1.0-0ubuntu8 but i don't see it in my apt-get upgrade, what am i missing?
<w00> :s
<RoAkSoAx> w00: you need to import the mini ISO specifying breed and release
<RoAkSoAx> w00: and then assign a preseed file
<w00> RoAkSoAx, i did specified breed/release
<RoAkSoAx> w00: so what's the failure you've face when importing a mini ISO?
<w00> Anyway i read that it should work, didn't tested though as i thought that if a fix is available i could install that
<w00> RoAkSoAx https://bugs.launchpad.net/ubuntu/+source/cobbler/+bug/765224/comments/4
<uvirtbot> Launchpad bug 765224 in cobbler "Creation of repo mirro fails when importing mini.iso" [Medium,Fix released]
<RoAkSoAx> w00: ah no, the error shown on importing a ISo when specifyin breed/release is not really an error related to the ISO itself, but rather something different
<RoAkSoAx> w00: that happens to affect the mini.iso import
<RoAkSoAx> w00: I have fixed that in Oneiric though, hasn'
<RoAkSoAx> hasn't yet been SRU'd back to Natty
<RoAkSoAx> w00: I mena, the ISO import doesn't really fail
<w00> RoAkSoAx, yeah i read that, and was wondering how to install it in my natty-server.. as i said i'm a very new Ubuntu user and not accustomed yet with apt* stuff
<RoAkSoAx> w00: youcould install the PPA packages
<RoAkSoAx> w00: 1. sudo apt-get install python-software-properties 2. sudo add-apt-repository ppa:ubuntu-virt/ppa 3. sudo apt-get update
<RoAkSoAx> 4. sudo apt-get install cobbler cobbler-web virtinst
<RoAkSoAx> ahh ignore virtinst
<w00> Noted, will try after lunch :) thanks a lot
<RoAkSoAx> w00: hold on, if you PXE boot you don't even the latest fixes
<w00> eh?
<RoAkSoAx> w00: if you use koan to install VM's, you do need the latest
<RoAkSoAx> w00: https://help.ubuntu.com/community/Cobbler/Deployment#Deploying via PXE
<w00> I don't use koan and the vm is an esxi
<w00> RoAkSoAx, yeah i read it, got it working ok with an natty-server.iso as i said earlier :)
<w00> It's all good
<RoAkSoAx> w00: yeah the import of the MINI iso will *not* fail but will still show the error
<RoAkSoAx> w00: but if you install the latest as explained above, then the error will no longer be thrown
<w00> RoAkSoAx, understood, thanks again :)
<RoAkSoAx> w00: np ;)
<RoAkSoAx> kirkland: ping
<andygraybeal> morning :)
<sky1> kann mir jemand sagen,  ob ich bei einem linux client ein zertifikat installieren muss, wenn ich als CA einen windows 2008 server benutze? und wenn ja wie installiere ich das zertifikat auf dem linux rechner ?
<twb> What is that, deutsche?
<qman__> yep
<twb> !de
<ubottu> In den meisten ubuntu-KanÃ¤len wird nur Englisch gesprochen. FÃ¼r deutschsprachige Hilfe besuchen Sie bitte #ubuntu-de, #kubuntu-de, #edubuntu-de oder #ubuntu-at. Geben Sie einfach /join #ubuntu-de ein! Danke fÃ¼r Ihr VerstÃ¤ndnis.
<twb> Oh, he's gone
<twb> NICHT GEFINGERPOKEN UND MITTENSGRABBEN!
<jpds> Schade.
<wmp> anyone know how to make false load?
<twb> I don't know the punchline to that one
<uvirtbot> New bug: #780445 in mysql-5.1 (main) "package mysql-server-5.1 5.1.54-1ubuntu4 failed to install/upgrade: Ð¿Ð¾Ð´Ð¿ÑÐ¾ÑÐµÑÑ ÑÑÑÐ°Ð½Ð¾Ð²Ð»ÐµÐ½ ÑÑÐµÐ½Ð°ÑÐ¸Ð¹ post-installation Ð²Ð¾Ð·Ð²ÑÐ°ÑÐ¸Ð» ÐºÐ¾Ð´ Ð¾ÑÐ¸Ð±ÐºÐ¸ 1" [Undecided,New] https://launchpad.net/bugs/780445
<jpds> wmp: apt-get install spew
<wmp> thx
<sky1> muss man zertifikate zur authentifizierung von einem ad server auf einem client   installieren?  ( das CA ist auf einem windows rechner
<truncatedTree> hello, I need to resize a qemu2 file (the primary partition) that I manage through virsh using KVM. What is the best method to do this? Thanks.
<elb0w> Where is the root mail? I dont see /var/spool/mail/root
<resno> having some issues geeting the configuration right with lxc, any tips or guides that are clear?
<_ruben> elb0w: check /etc/aliases
<elb0w> _ruben, I dont have a etc aliases
<_ruben> elb0w: then you don't have a standard (mail) setup
<elb0w> So where to cronjob errors go?
<felimwhiteley> can anyone help me out sith mdadm not activating a second disk in a soft raid 1 setup. I had to mark sdb failed and removed it, work fine, but adding a new disk in it seems to ressurect disk id 1 and adds my new sdb as disk 2 and set as a spare
<felimwhiteley> http://paste.ubuntu.com/605703/
<hallyn> resno: depends what you're trying to do.  http://s3hh.wordpress.com/2010/06/18/lxc-0-7-0/  is the simple get-started giude
<resno> thanks hallyn.. have you worked with it at all?
<hallyn> yup
<hallyn> i use it daily to set up test environments for bugs
<hallyn> (fast cloning w lvm)
<resno> hallyn: did you create your own containers or just mod openvz ones?
<ARTSIOM> when I ssh to my ubuntu-server 10.04 it says "30 packages can be updated. 23 updates are security updates.", but when I run sudo apt-get upgrade it doesn't update anything. Can someone please explaine how to fix this. Thanks!
<RoAkSoAx> TREllis: ping
<hallyn> resno: i make my own as pe that blog entry
<hallyn> openvz ones don't likely convert very well
<resno> hallyn: ah, i see. just curious how most people do it, ive read alot about how to do it
<hallyn> resno: that's bc it usd to be a lot harder
<hallyn> if you're on natty especially
<resno> im still on lts
<hallyn> i recommend using the templates and then customizing as needed
<resno> ah ok
<resno> openvz templates?
<resno> or otherwise
<hallyn> no,
<hallyn> 'lxc-creaz
<hallyn> feh
<resno> ah ok
<resno> i know what you meant ;)
<hallyn> lxc-create -t ubuntu -n lxc1 -f /etc/lxc.conf'
<hallyn> ok :)
<hallyn> have fun
<resno> hallyn: i can run other oses right?
<hallyn> distros yes.  os's no
<hallyn> need kvm for that
<hallyn> and the templates for other os's don't work well, actually
<resno> heh, yea. sorry thats what i meant hallyn
<hallyn> so  aybe best to read the ubuntu one, grok it, and repeat what it doe for other distros in thed right way.   sorry haven't done much of that
<hallyn> which distro?
<resno> hallyn: most interested in doing centos
<resno> by default its going to be ubuntu right?
<hallyn> you'll need to yank stuff like udev out of /etc/init?d
<hallyn> that's just the template that works
<resno> great!
<hallyn> if you can write a tedmplate for centos thagt works, we could put up a reppo
<hallyn> gotta go, bbl
<link011> hi all
<link011> does anybody know how /etc/cloud/* things work ?
<TREllis> RoAkSoAx: pong
<ph8> A bit of a random question, i'm trying to create an 'ultimately resilient FTP cluster' - a couple of load balanced machines with a shared disk sounds OK but how can I eliminate the shared disk as a single point of failure? Raid1 of two shared disks sounds really sketchy, is there a better solution?
<_ruben> ph8: drbd
<Pumpkin-> make sure you have resiliant network
<Pumpkin-> resiliant power
<Pumpkin-> resliant location
<Pumpkin-> depending on how "ultimatley resiliant" you want it to be
<ph8> yes i thought drbd
<ph8> i used it about 3 years ago
<ph8> it looks pretty sexy now as well
<ph8> if i physically distribute the cluster, all on gig infrastructure, that should be fine right?
<lynxman> ph8: should be alright yeah, just be aware that it'll add some additional latency to your disk writes, and drbd doesn't work active-active afaik
<ph8> hmm i thought i used master master a while ago
<ph8> but heartbeat with master-switch would be fine i guess
<_ruben> active-active is possible, but the split-brain risk sure aint fun, active-passive with automated/manual failover tends to be a lot safe
<_ruben> r
<RoAkSoAx> TREllis: too late :P
<TREllis> RoAkSoAx: what was up?
<RoAkSoAx> TREllis: mini iso import
<RoAkSoAx> :)
<fastveg> hey guys, new to ubuntu server here... can navigate around but that's about it..
<fastveg> I'm giving myself a project to get used to things, just install wordpess on linode
<fastveg> but, uh,
<fastveg> I can't figure out even how to download and install wordpress
<TREllis> RoAkSoAx: ah ok, let's chat about it later then
<RoAkSoAx> TREllis: sure
<felimwhiteley> fastveg: sudo apt-get install wordpress
<fastveg> oh really?  I don't need to manually download the tar gz?
<felimwhiteley> no that way you get security updates etc. applied by ubuntu
<fastveg> omg, this is so much better
<fastveg> did all the dependancies too
<fastveg> felimwhiteley: So where exactly did it install it?  It's not in the folder I'm already in
<JanC> fastveg: dpkg -L wordpress
<mand0> you could do a whereis search
<JanC> fastveg: maybe useful to read https://help.ubuntu.com/11.04/serverguide/C/index.html
<fastveg> janc: that command was sweet.  very helpful.  i'll check out the link
<JanC> fastveg: most commands have documentation when you do "man <commandname>"
<JanC> e.g. "man dpkg" gives documentation about dpkg
<JanC> also, many packages have additional documentation in /usr/shar/doc/<packagename>
<fastveg> janc: yeah, this is a lot different than doing it on shared hosting, for sure..
<JanC> just make sure you keep your system safe!  âº
<felimwhiteley> fastveg: ah sorry was called away.. see you are sorted now though :)
<fastveg> np ;)
<pisco> Hi, can anyone point me to a tutorial on how to configure raid and LVM on an existing installation?
<andygraybeal> does searching for: ubuntu raid lvm ... turn anything up?
<DW-10297> Whenever I install 11.04 on a server, when the server boots up it boots to a cursor and I have to hit alt-f2 or whatever to get a shell to login.. anyone know what gives?
<fastveg> So having an issue with the wordpress installation...
<fastveg> I'm following this guide: https://help.ubuntu.com/community/WordPress
<fastveg> and get to this point:  Then install WordPress using the supplied script  sudo bash /usr/share/doc/wordpress/examples/setup-mysql -n wordpress localhost
<fastveg> I replaced localhost with my sitename
<fastveg> but just get back: ping: unknown host sitename.com
<andygraybeal> fastveg, is it a real registered name in dns?  can you do a dig on the name?
<fastveg> andygraybeal; sorry that is a little over my head
<andygraybeal> i'm not smart enuogh to ask the right questions; but is your site fully qualified domain name?
<cloakable> fastveg: sounds like sitename.com isn't registered in DNS, so you get unknown host.
<cloakable> fastveg: the script won't do that for you, it just sets up wordpress :P
<fastveg> hey guys, getting an apache error and the httpd room said it is caused by ubuntu:  apache2: bad user name ${APACHE_RUN_USER}
<MarkusT> With any php5 update, Ubuntu (10.04) tries to install libapache2-mod-php5. Since I run fcgid, this would break my system. If I install/update package by package, I'm able to move around this issue. Why does Ubuntu try to install this new package? And what is a nice (clever/clean) way to discourage this behavior in future updates?
<fastveg> Anyone have any experience with installing wordpress / mysql on ubuntu-server?  Not having much luck here.
<_johnny> anyone who've used ejabberd2 on ubuntu?
<alan> How would i rebuild my initrd how it would be by default?
<eagles0513875> hey guys quick question if i need perl-Net-SSLeay  what perl module or package should i install
<JanC> eagles0513875: I guess taht would be libnet-ssleay-perl
<eagles0513875> JanC: nope cuz it also wants it but its not sending an email with this sendemail script
<jeremyn> is an amazon micro ec2 instance totally the wrong answer if i just want a low-end vps to use as a vpn and maybe an irc bot or something? it seems significantly more wacky than (for example) linode
<_johnny> jeremyn: depends on what you need the bot for, consider that a ec2 is ram only, so lost after restart
<jeremyn> just something that's perma-logged in
<_johnny> you need a way to deploy your files, with say s3
<_johnny> jeremyn: should be fine yes
<jeremyn> i'm pretty confused though, i assumed it would be just like a vps where it'd give me an IP and i could log in and stuff, but i'm not seeing an ip i can ssh to on the ec2 admin page...am i just missing it or do i not understand how this works?
<Pumpkin-> jeremyn: you do end up with one. The EC2 admin page should have the hostname on it
<Pumpkin-> it is some giant string ending in amazonaws.com
<Pumpkin-> I can't remember exactly where it is
<jeremyn> there's a field like that labeled "Public DNS"
<hallyn> jdstrand: do you have any objection to my marking https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/345485 'opinion'?
<uvirtbot> Launchpad bug 345485 in libvirt "libvirt does not remove interfaces on stop" [Low,Confirmed]
<hallyn> (or invalid)
<jeremyn> any ideas about why i'm getting a timeout trying to connect to my instance? i found some random forum that said i needed to open port 22, but i didn't see anything about that in the amazon documentation so i dunno.
<Pumpkin-> AWS instances come with a firewall that by default blocks everyting
<Pumpkin-> you need to sort that, but again I can't remember exactly how
<Pumpkin-> (and I'm at home so I can't login and look)
<jeremyn> there seems to be something about that in the instructions now that i'm reading more closely. always the last place to look
<jeremyn> ok, now we're getting somewhere
<JanC> "blocks everything"?
<Pumpkin-> JanC: inbound anyway, from memory. Yeah.
<Pumpkin-> the default is deny everything
<JanC> Pumpkin-: heh, so how do you change that if you can't access it?
 * JanC has never used AWS...
<Pumpkin-> it isn't your machine thats doing the firewall, it is the amazon infrastructure
<Pumpkin-> you your web control panel lets you make chagnes to that policy
<Pumpkin-> so even
<jeremyn> seems fine now btw
<jeremyn> it was the security group tthing
<NightDragon> hello
<NightDragon> haaalp
<NightDragon> i just installed ubuntu server 11.04
<NightDragon> and for some reason, my monitor is displaying "CANNOT DISPLAY THIS VIDEO MODE"
<NightDragon> i dont know what conf file to edit to fix this :(
<NightDragon> no ideas?
<hallyn> cjwatson: do you care at all to reproduce your more precise testing for bug 747090?  (the breakpoints appear to have moved, your recipe wasn't working for me).  I've verified that the original symptoms are fixed.
<uvirtbot> Launchpad bug 747090 in linux "wrong return address sometimes pushed for INT in kvm (not qemu)" [High,Fix committed] https://launchpad.net/bugs/747090
<jimbobco> Does anyone have a good way to get support for Intel 82576 GigE adapter into Lucid?
<jimbobco> I can get drivers from Intel and build, but I would rather not if there is a better way
<JanC> jimbobco: it doesn't work with the e1000e driver?
<JanC> I have a bug report for e1000e & Intel 82566DM-2 GigE only working at 100 Mbit/s...
<JanC> and seems like there are several other e1000e bug reports like that...
<andygraybeal> jimbobco, JanC: are you guys using 10.04?
<uvirtbot> New bug: #780740 in samba (main) "package smbclient 2:3.5.8~dfsg-1ubuntu2 failed to install/upgrade: lectura insuficiente en buffer_copy para error en dpkg-deb durante `./usr/bin/smbclient'" [Undecided,New] https://launchpad.net/bugs/780740
<JanC> andygraybeal: maverick & natty (and IIRC I tested lucid too, but not sure anymore)
<JanC> https://bugs.launchpad.net/ubuntu/+source/linux/+bug/655967
<uvirtbot> Launchpad bug 655967 in linux "Intel 82566DM-2 gigabit NIC incorrectly autonegotiates at 100 Mbit/s" [Undecided,Confirmed]
<andygraybeal> cool, i want to buy a intel nic... prolly the same thing
<JanC> there are *lots* of bug reports about e1000e not working or not working properly
<JanC> this is on-board
<JanC> but I guess it all uses the same driver...
<andygraybeal> yea, i want to get one of those 4 port M boards
<andygraybeal> yea
<JanC> this is just a home system, so it's not critical
<andygraybeal> that's sad.. i think it works great FreeBSD i think... but i'm ignorant.. i have one in a FreeBSD box and everythign registers as GBit
<JanC> other Gbit devices seem to work fine
<JanC> I think e1000e probably works fine for others too
<jimbobco> thank you for the answers
<jimbobco> we are using 10.04.2, and I have another machine that has a different chipset for the onboard nics that I was able to update to get the 82576s working after an update
<jimbobco> just trying to figure out the easiest way to do it at install time because these machines only have 82576s
<kaushal> Hi
<kaushal> How do i clear squid cache in ubuntu
#ubuntu-server 2011-05-11
<Ronnie> i get an error when using vhosts in apache: http://pastebin.com/1LGuUDc5
<Ronnie> [Wed May 11 00:41:50 2011] [alert] [client 84.86.207.22] /var/www.myapp.nl/.htaccess: Invalid command 'myapp:mysupersecretpass', perhaps misspelled or defined by a module not included in the server configuration
<Ronnie> never mind, solved with local help
<kaushal> is there a way to know where does squid deb proxy resides  ?
<kaushal> I have cleared squid cache in squid
<kaushal> I am still unable to reach the global ubuntu mirror
<kaushal> I am still unable to reach the global mirror inside LAN
<uvirtbot> New bug: #780820 in krb5 (main) "kadmin: IPv6 support binds IPv4 socket leading to EAFNOSUPPORT." [Undecided,New] https://launchpad.net/bugs/780820
<resno> having issues getting a lxc container going.
<resno> im getting failed to setup the mounts and container
<uvirtbot> New bug: #780826 in mysql-5.1 (main) "package libmysqlclient16 5.1.49-1ubuntu8.1 [modified: usr/lib/libmysqlclient.so.16.0.0 usr/lib/libmysqlclient_r.so.16.0.0] failed to install/upgrade: trying to overwrite '/usr/lib/libmysqlclient.so.16.0.0', which is also in package mysql-shared-compat 5.1.47-1.rhel5" [Undecided,New] https://launchpad.net/bugs/780826
<twb> ps auxf  lists all the kernel threads
<twb> Is there an easy way to tell it not to?
<twb> Currently I'm doing ps auxf | grep -v ]$, which is lame
<twb> &%&^%#.  On a scratch host, I did "/etc/init.d/apparmor teardown" and libvirtd's qemu *still* can't access- oh wait, maybe it's cgroups doing it?
<twb> Nope, it's apparmor
<DinVitamin> I'm trying to run an extremely light GUI for a server being used for a digital-signage application, which should I pick? I need to be able to display in 1920x1080 resolution.
<twb> I'm trying to expose an LV to a KVM VM temporarily without bothering with all the LSM nonsense
<SinnerNyx> hello
<SinnerNyx> I have a development VM running Ubuntu Server 11.04. When I do a PHPInfo it says that it is protected by the suhosin patch. I need to remove this 'protection'. I'm told I have to build PHP myself in order to do this
<SinnerNyx> However I have no successfully done a build. How would I go about doing this?
<SinnerNyx> *never successfully
<resno> i thought suhosin was a manual install? you can just remove it?
<SinnerNyx> really?!?
<SinnerNyx> the guys a #php told me I'd have to rebuild
<resno> im not a 100%, but i didnt think it was default..
<resno> SinnerNyx: were they ubuntu people?
<SinnerNyx> No clue. I'm gunna try to check now if I can just remove it
<SinnerNyx> "dpkg --get-selections | grep suhosin" does nothing...
<SinnerNyx> any ideas?
<SinnerNyx> should I be trying this: http://kusnier.net/config/how-to-remove-suhosin-patch?
<SinnerNyx> without the ? at the end however I imagine that shouldn't make a difference
<SinnerNyx> ?
<DinVitamin> Xfce or Fluxbox for a lightweight window manager?
<SinnerNyx> ok so I'm using http://kusnier.net/config/how-to-remove-suhosin-patch
<SinnerNyx> and the last line gives me an error
<SinnerNyx> the reason is there is no .deb file!
<SinnerNyx> how do install the custom package I made?
<SinnerNyx> never mind. the build failed I think :(
<SinnerNyx> Could sure use help guyz
<uvirtbot> New bug: #780886 in samba (main) "package samba 2:3.4.7~dfsg-1ubuntu3.5 failed to install/upgrade: ErrorMessage: package samba is not ready for configuration  cannot configure (current status `half-installed')" [Undecided,New] https://launchpad.net/bugs/780886
<uvirtbot> New bug: #780901 in dhcp3 (main) "package dhcp3-client 3.1.3-2ubuntu3.2 failed to install/upgrade: ErrorMessage: subprocess installed post-installation script killed by signal (Segmentation fault)" [Undecided,New] https://launchpad.net/bugs/780901
<uvirtbot> New bug: #780896 in libvirt (main) "Needs recompile after update of bridge-utils to 1.5-1 and higher" [Undecided,New] https://launchpad.net/bugs/780896
<uvirtbot> New bug: #780906 in postfix (main) "package postfix 2.7.0-1 failed to install/upgrade: ErrorMessage: subprocess installed post-installation script killed by signal (Segmentation fault)" [Undecided,New] https://launchpad.net/bugs/780906
<uvirtbot> New bug: #780907 in samba (main) "package samba-common 2:3.4.7~dfsg-1ubuntu3.6 failed to install/upgrade: ErrorMessage: subprocess installed post-installation script killed by signal (Segmentation fault)" [Undecided,New] https://launchpad.net/bugs/780907
<draven> when i do a package upgrade kernel packages are held back by default why is this?
<uvirtbot> New bug: #780955 in samba (main) "/etc/dhcp3/dhclient-enter-hooks.d/samba is not executed" [Undecided,New] https://launchpad.net/bugs/780955
<j1mc> Daviey: Sorry I didn't get to touch on much of Server docs. I want to talk to you or a member of your team about server-specific stuff.
<j1mc> Daviey: thanks for dropping in on the docs session, though
<j1mc> Daviey: the docs session tomorrow at 11:00 is particularly relevant for server and cloud folks. This group is building a platform that might be particularly helpful for server docs.
<j1mc> Daviey: https://blueprints.launchpad.net/ubuntu/+spec/desktop-o-documentation-pronovix-dita-drupal-demo
<uvirtbot> New bug: #781036 in apache2 (main) "authnz_external module load order matters for GroupExternal and Require file-group" [Undecided,New] https://launchpad.net/bugs/781036
<e-DIO-t> INIT: udevmonitor main process (367) killed by TERM signal << any idea about that?
<e-DIO-t> no one here ? INIT: udevmonitor main process (367) killed by TERM signal
<NCommander> /re/load
<uvirtbot> New bug: #781101 in cloud-init (main) "race condition with ssh keys" [Undecided,New] https://launchpad.net/bugs/781101
<Blinkiz>  I have succesfully already built my deb package in pbuilder for Maverick. I now want to build for 11.04, 10.04 and 09.10. How should I create my package so that launchpad understand what distro OS it should build for? A wiki/guide maybe?
<Pici> Blinkiz: This seems to explain it: https://help.launchpad.net/Packaging/PPA#Supported series
<e-DIO-t> And again: any idea about a 10.04 locking at boot time on "INIT: udevmonitor main process (367) killed by TERM signal" after an upgrade?
<Blinkiz> Pici, Thanks. In the changelog it says. Okay.. Hmm.. <distribution>.. Hmm.. Can I just say "all" instead of example "natty"?
<Pici> Blinkiz: Probably a better question for #launchpad
<Blinkiz> Pici, Yes, great. Thanks!
<Blinkiz> join #launchpad
<Blinkiz> ops :)
<pangrazi> anyone here have any experience with iptables on a bridge?
<ajmak> hi guys, looking for some advice to get usage/mail stats from a ubuntu mail 10.04 relay server (postfix, amavisd-new, clamav, spamassassin).  anyone recommend a good package for this?
<RoyK> ajmak: shouldn't be very hard to just parse /var/log/mail.info
<RoyK> ajmak: or google postfix stats
<ajmak> RoyK: just found mailgraph, looks like what i need :)
<Xeli> On a server i've just created a new user with : useradd -d /home/testuser -m testuser
<Xeli> i've added this user to sshd.config, but not when i connect via ssh it seems bashrc doesn't load. la for instance doesn't work
<Xeli> have i created the user in a wrong way?
<RoyK> Xeli: dunno if /etc/skel is copied if you use -d - it should, but then, if you don't use -d, it'll default to /home/${username}
<Xeli> Royk, I've checked, it's copied
<_ruben> check /etc/passwd to see if does use bash as login shell ?
<Xeli> _ruben: it did not, i've changed it to /bin/bash and it works, thanks! :)
<uvirtbot> New bug: #781195 in samba (main) "Winbind service stops often" [Undecided,New] https://launchpad.net/bugs/781195
<pangrazi> i am having some problems with iptables and NFQUEUE, anyone here gotten that to work on 10.04LTS?
<pangrazi> is there a channel specifically for networking and Ubuntu?
<uvirtbot> New bug: #781265 in samba (main) "package samba-common 2:3.5.8~dfsg-1ubuntu2.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/781265
<hallyn> is anyone working on libvirt merge?
<tiemonster> How should Sun/Oracle/whoever Java be installed in Natty?
<hallyn> apt-get install sun-java-jdk ?
<hallyn> (depends what you're trying to do)
<tiemonster> nm. I found it. I was looking for the Natty partner repo.
<hallyn> is htere a way to force lp to import from the package?  libvirt is two versions behind...
<hallyn> sorry, probably a ubuntu-devel question
<_ruben> or launchpad :)
<uvirtbot> New bug: #781282 in postfix (main) "package postfix 2.8.2-1ubuntu2 failed to install/upgrade: el subproceso script pre-installation nuevo devolviÃ³ el cÃ³digo de salida de error 128" [Undecided,New] https://launchpad.net/bugs/781282
<amero> if i were to allow only certain ip to access ssh port in permissive input chain(-P ALLOW), should i put that rule before of after drop rule?
<RoyK> yes
<w00> lol
<amero> s/of/or/
<RoyK> after the drop rule, well, the packet will be dropped already
<amero> hm? so, allow then drop?
<RoyK> amero: drop is the last line
<RoyK> amero: if I give you some eggs, and a rule of how to distribute them, and at the end, tell you to drop them, the next line won't make much difference, will it?
<bastidrazor> can fail2ban also ban those who connect to postfix/smtp?
<w00> Good comparison RoyK :)
<amero> i guess so but the drop line is for other ip that tries to connect to the ssh port
<Dobuntu> Hi all!  Newbie server admin here...  I have a question about setting up dns settings.  On my local machine I go to "network settings -> hosts" tab to add a new entry in the dns settings.  What should I read up on to learn how to do this on a remote server?
<Dobuntu> This is on a Slicehost server btw, if that helps.
<Dobuntu> Sorry if my question seems dumb but I am just today trying to set up a virtual host and I am looking for good info on the correct way to add dns settings on a remote server.  Before today I have only worked on my local machine.
<m_tadeu> hi...I need to run a script every 30secs...is there a cron like tool to do this?
<_ruben> m_tadeu: to crontab entries, * * * * * yourscript, and * * * * * sleep 30 && yourscript, nasty but works ;)
<guntbert> s /to/two/
<_ruben> packetloss ;)
<m_tadeu> :)
<_ruben> and s/ // for you ;)
<guntbert> _ruben: :)
<_ruben> Dobuntu: what do you mean by "add dns settings"?
<Dobuntu> well, on my local machine, after I get the vhost set up I go to network settings -> hosts tab to route the name to the localhost.
<Dobuntu> I am just looking for how to accomplish dns setings on a remote server
<Dobuntu> I think I may have found something though
<_ruben> Dobuntu: sounds like altering the /etc/hosts file, which would only apply to the host itself, not for external requests
<Dobuntu> yes I need to create a dns entry for a new domain on my slicehost slice.  So I presume it needs to work for external requests ;-)
<_ruben> depends on how dns is handled for your (new) domain
<Dobuntu> well I am sharing space with other sites in one slice as it were
<Dobuntu> does that help?  Please forgive me I am very new to server admin
<Dobuntu> I just found out today that I need to set up a real server by Saturday!
<_ruben> which dns entry do you want to create ?
<Dobuntu> but I have a series of steps that work on the local machine and I am told will work on remote as well, save for the dns bit
<Dobuntu> Just one to allow people to type http://example.com and go to my Drupal site in the proper folder
<Pici> How many people?
<_ruben> depending on who maintains the dns servers for "example.com", you'll need to contact them (or their control panel) to make the changes
<m_tadeu> so there is no less dirty solution to run a script every X seconds or every X minutes?
<Dobuntu> Um, well the site is just going to be a dev site where I help teach some people how to work with Drupal
<_ruben> m_tadeu: there's alternative cron implementations that do per second 'accuracy' i think
<m_tadeu> _ruben: what is it?
<_ruben> m_tadeu: dunno any names of specific ones, but i know they're out there ;)
<Dobuntu> I guess I simply need to map an ip addy to a hostname
<Dobuntu> In help.ubuntu I see some info there so perhaps I am already looking at what I need to learn
<_ruben> Dobuntu: the procedure for a single local host is quite different compared to a hostname that should be resolvable on the internet
<guntbert> m_tadeu: see http://www.linuxquestions.org/questions/programming-9/seting-cron-to-run-a-script-every-second-425623/#post3319818 for the "hack"
<Dobuntu> I figured it would be vastly different.  If you could point me to a help doc or something where I could learn the process I would be very grateful.
<_ruben> Dobuntu: it depends a fair bit on who maintains the domain's dns servers, most dns providers offer a web interface to make changes. do you even have (purchased) a domain yet btw? :)
<Dobuntu> I have domains that I can map to yes
<Dobuntu> though I did forget that when setting up the new addy
<Dobuntu> which will need to be purchased
<Dobuntu> or I will scrap that and just use a subdomain
<_ruben> figure out which domain you'll use, then contact the appropriate registrar (the party where you bought the domain), and ask them how to do dns record changes
<Dobuntu> thanks _ruben for your input.  I realize that it would probably be best for me to take care of the new name rather than scrap what I have already done.  I will come back to this later on.  Thanks again!
<Dobuntu> I added the vhost before purchasing the name as you so rightly pointed out!
<Dobuntu> what can I say im a total newbie!
<_ruben> gotta start somewhere to get rid of that status ;)
<Dobuntu> awesome...  I will be working on it.
<Dobuntu> thanks again
<_ruben> np :)
<toddnine> Hi guys.  Having an issue with mdadm and raid 0 on AWS.  I'm using chef to create a raid 0 array of 10 drives.  I then shut down the instance attached to the drives (EBS volumes) start a new one, and use "madam --assemble /dev/md0 /dev/sdi1 ... /dev/sdi10"  90% of the time this works.  Occasionally I get "failed to add /dev/sdix to /dev/md0: Device or resource busy" or "bad superblock on device /dev/sdx" Yet if I wait a few 
<_ruben> raid0 over partitions on a single drive ??
<_ruben> (never used aws tho)
<toddnine> Correct, I create the block devices which are basically empty hd's
<_ruben> partitions arent disks
<_ruben> oh, and you line got cut off at "if I wait a few"
<RoyK> heh - setup 10 partitions and run raid0 over them and wait for the final prize
<m_tadeu> _ruben: thanx
<toddnine> Yet if I wait a few minutes and run it again, it will either work or I'll get a different error. This is server 10.10 64 bit.  *then I create the raid array with this command "mdadm --create /dev/md0 --level=0 --raid-devices=10  /dev/sdi1 .... /dev/sdi10"  And it's worked for data storage
<RoyK> toddnine: for a start - use LTS releases for servers
<toddnine> RoyK:  Ok, so use 10.04 instead
<_ruben> could very well be an aws specific issue, some race condition for instance, or setup delay
<_ruben> or wait a bit for 12.04 ;)
<toddnine> That's what I thought too.  I was seeing it directly after attach
<RoyK> toddnine: as a second, using 10 drives for striping may perform well, but it's rather chancy - when one of them dies, the whole raid set goes down
<toddnine> however I left these drives attached and un assembled for 24 hours
<toddnine> came in this morning and it won't assemble
<_ruben> presumably aws' storage has redundancy underneath it...
<toddnine> that's ok, it's for cassandra data.  It's replicated to another node locally, and another node halfway around the world.  If I have to re-create it, it's not a big deal, but this issue has been plaguing us for a month now and it's driving me nuts!
<RoyK> toddnine: just don't do it - period
<_ruben> or get nike, then you can just do it ;)
<toddnine> RoyK:  It's the recommended setup for squeezing the best performance out of Cassandra :).  Like I said, it's replicated at the service tier, so I'm not as worried about data loss since it exists on 3 nodes in 2 DCs
<RoyK> _ruben: if you're stupid enouh
<toddnine> however, this random fail, then wait 10 minutes and it works is making me nervous.  I either expect it to fail consistently, or work consistently
<RoyK> toddnine: i'd use zfs for that
<toddnine> Can I pause and snapshot it like xfs?
<toddnine> We use that for fast backups of the block storage raid devices
<toddnine> Ahh, got old wikipedia
<_ruben> is zfs in linux even ready for production?
<_ruben> which reminds me, still gotta take nexentastor for a test drive
<toddnine> _ruben:  Any ideas what may be going on?
<toddnine> Yeah, after a reboot now it's telling me that /dev/sdi6 has a bad superblock.  Wait 5 minutes and it works
<toddnine> really frustrating....
<_ruben> toddnine: not really, tho it wouldn't surprise me if it's pretty asw/esb specific
<_ruben> could be that the aws/esb backends are lagging behind or something, dunno really ;)
<toddnine> My mechanism for creating the raid from physical devices is correct right? It's been working for a month or so, we've only recently started having issues
<_ruben> no obvious errors there at elast
<_ruben> least
<toddnine> plus mdadm -E /dev/sdi6 shows it's fine.
<toddnine> then assemble. works.  time to head over to the AWS forums :)
<toddnine> Thanks for your help guys
<toddnine> oh one last question
<toddnine> in order to attach these disks to a new server instance, do I need to add any special meta data storage parameters to the mdadm create ?
<_ruben> don't think so, if i understand correctly what you're trying to say that is :)
<toddnine> Yeah, 10 disks on instance A.  Kill instance A then start instance B.  Assemble the same 10 disks on instance B
<_ruben> if the partition types are raid autodetect, and the meta data is there, it should be fine
<_ruben> if there's lvm on top of it, you'll need to import that tho
<toddnine> Nah.  Just Xfs for fast snapshots.  If I need a larger array I'll just creat ea new array and copy the data over
<toddnine> _ruben: cool.  Thanks a lot for your help man, it's really appreciated
<MTecknology> does tcpdump default to capturing all packets including ucp and icmp?
<pangrazi> mTecknology: yes
<uvirtbot> New bug: #781386 in postfix (main) "package postfix 2.8.2-1ubuntu2.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 75" [Undecided,New] https://launchpad.net/bugs/781386
<hallyn> jdstrand: would you care to doublecheck my libvirt sync for oneiric?  A locally compiled version for natty works fine for me, and it builds in a oneiric schroot...  changelog should list every detail
<uvirtbot> New bug: #781405 in postfix (main) "Sync postfix 2.8.3-1 (main) from Debian unstable (main)" [Wishlist,Confirmed] https://launchpad.net/bugs/781405
<Lenhix> Hello. I installed PHP5 with the LDAP extension (apt-get install php5 php5-ldap), downloaded phpLDAPadmin 1.1.0.7 from Sourceforge, untar in /var/www but when I access phpLDAPadmin I get some error and phpLDAPadmin shows "Unrecognized error number: 8192: Function eregi() is deprecated". Is there any configuration in Ubuntu Server's php.ini that could be making this happen?
<lechon> hello, does anyone know how to connect to a bluetooth device from the command line?
<lechon> or pair with a device via command line, so no future connections need to pass a pin passkey around?
<MTecknology> pangrazi: thanks
#ubuntu-server 2011-05-12
<mateo> Hallo
<znfrazier> so i need help peeps haha is this the help chan?
<twb> znfrazier: that rather depends what you want help *with*.
<davidjr621> #r2gb
<twb> Certainly this isn't the "English as a second language" channel.
<znfrazier> im trying to get my ftp server up and running but i didn't know which irc chan to go to lol
<twb> http://mywiki.wooledge.org/FtpMustDie
<znfrazier> nice then what is the next best thing?
<twb> Read-only anonymous access, or read-write authenticated access?
<znfrazier> how would you do the read-write with no anonymous access?
<twb> sftp
<twb> "authenticated" means "no anonymous"
<znfrazier> hmm i see nice. im still learning all this crap
<znfrazier> i just want my main comp to have everything on it and allow my father and brothers plus college buddies to have access to it
<znfrazier> so sftp is the way to go
<znfrazier> what is the diff between sftp and ftp?
<znfrazier> ssh?
<twb> While it looks similar to the user, the underlying implementation is totally different -- much cleaner, and the security layer is built on top of SSH, which is widely used, well-understood and unlikely to be compromised (if used properly)
<znfrazier> i see
<znfrazier> so then we go to how to access remotely. like if my dad and bro want to get on.
<znfrazier> i've tried doing port forwarding but its driving me crazy
<twb> If SSH is working, then SFTP will be working (unless you specifically disable SFTP).
<jmarsden> znfrazier: http://portforward.com/
<twb> If you are behind a NAT, then you need to ensure that traffic to tcp/22 is DNATted to your SSH server.
<twb> The RIGHT solution to is to use IPv6 instead of NAT, but that's probably beyond your capabilities right now.
<znfrazier> lol
<twb> jmarsden: cute
<znfrazier> k well i have a vizio router and it isn't on portforward.com
<znfrazier> i had access to just my network but when i went to my buddies comp it wouldn't let me access it
<jmarsden> znfrazier: Read the portforwarding guide for any well known router and use it as a starting point.  Your "vizio" router is likely to have more or less similar screens with more or less similar names and concepts in them.
<twb> jmarsden: can't get past the fpadvert.html page in w3m :-(
<jmarsden> znfrazier: If you need detailed help with setting up your router, you could try asking in ##networking.
<znfrazier> thanks for the help
<jmarsden> twb: Maybe try links2 -g    instead?  Most folks who need it will use IE or FF, anyone using w3m probably doesn't need the help it offers anyway :)
<twb> I was just bitching
<lifesf> hi, i have just installed the os; i would like to configure it for wifi; it does not require huge amounts of data to be pulled at a time. I cannot find any answers on this so far on the internet
<lifesf> any help would be truly awesome :)
<jmarsden> lifesf: There is a really old blog article about doing this which, if you can re-interpret it for 2011, might help somewhat, at least as a pointer to the general principles: http://modelr.wordpress.com/2009/06/01/how-to-get-wireless-network-on-ubuntu-server/
<lifesf> i will surely check this out right away; i am not quite the high tech on this tho; quite a noob to be honest
<lifesf> scanning quickly through the page,.. using natty, i should just follow this step by step right?  and concerning the part where is asks to convert it to hex...
<lifesf> i changed my wireless password recently because i was having difficulty getting a different version of ubuntu on a diff machine to actually get the passphrase
<lifesf> please allow me a few minutes to temporarily tranfer router in here, i will mention when back for your reply!
<lifesf> I am back now
<twb> jmarsden: does that use wpa_supplicant alone?
<twb> Oh, no, that's a horrible ndiswrapper thing
<jmarsden> twb: Is there a more official doc for adding wireless stuff to Ubuntu Server somewhere?
<twb> lifesf: if you have a headless server and want it to associate with a known WPA AP using symmetric crypto ("pre-shared key"), you can simply use wpa_supplicant.
<twb> jmarsden: the documentation is within /usr/share/doc/wpasupplicant itself
<twb> jmarsden: unfortunately it's not very step-by-step
<lifesf> well, all i really want to do is connect a plain lamp server on a home wireless
<jmarsden> twb: OK... a wiki page that pops up in google searches and was somewhat straightforward might be good... (maybe I'll write it one day, but I have a lot of other stuff I'd liek to get around to...)
<twb> http://paste.debian.net/116698/ <-- interfaces(5)
<lifesf> it wont be needing much data transfer and makes it easier to put it anywhere and still use it to learn
<twb> http://paste.debian.net/116699/ <-- /etc/wpa_supplicant.conf
<twb> lifesf: those two files should suffice for any WPA2-PSK or WPA-PSK
<twb> jmarsden: feel free to write it :P
<jmarsden> twb: Oh, that looks straightforward, thanks... copied for possible later conversion to a wiki page :)
<lifesf> ok, so i go step by step on 98 and 99?
<twb> jmarsden: to use WEP is longer wpa_supplicant.conf
<twb> lifesf: I don't know about any "steps
<lifesf> auto lo wlan0 isnt' a step?
<jmarsden> lifesf: Those are text files to put on your machine :)
<jmarsden> The first is /etc/network/interfaces and then second is /etc/wpa_supplicant.conf
<lifesf> alright :)
<lifesf> thnx alot :D
<twb> lifesf: oh, you're seeing lines number in a pastebin?
<lifesf> yeah, i am seeing 7 lines of code on the first page you gave me
<lifesf> but when i even do ifconfig, the wlan0 doesn't show up :S
<jmarsden> lifesf: Do you know what chip your wifi NIC uses?  And whether Ubuntu suppoorts it?
<twb> http://paste.debian.net/116700/
<lifesf> on a regular ubuntu desktop install it has always worked by default; it a 2yo hp machine
<lifesf> 3yo sry
<jmarsden> lifesf: That does not really answer my question, though :)
<lifesf> no, I do not remember what chip driver usually has showed up normally :S
<twb> jmarsden: FWIW I'm assuming an mac80211 driver
<twb> jmarsden: I do not cover wifi NICs that require older/sillier drivers
<jmarsden> lifesf: I don't really have the time to work through all that with you right now, I'm afraid... You can use sudo lspci -vv to fnd out more, probably.
<twb> lifesf: pastebin the output of "ip a"
<lifesf> http://paste.debian.net/116701/
<lifesf> http://paste.debian.net/116702/
<lifesf> first is the lspci -vv result, second is ip a
<lifesf> and with ip a, i don't see my wlan0 which would normally appear with a desktop install
<lifesf> if it gives the same results apprx as ifconfig
<ejv> fellas, I have ubuntu-server and would like to load a light-weight gnome desktop environment. which package should I fetch that is the *most minimal*? thank you.
<lifesf> the regular ubuntu desktop environment is ubuntu-desktop but otherwise you'll have to wait for a better reply from a tech as i am not one of them lolll
<ejv> hehe
<ejv> thanks
<twb> lifesf: your wifi device is not visible to the system.
<twb> lifesf: until that happens, there is no point trying to configure it
<twb> ejv: there is no such thing as a "light-weight gnome desktop environment"
<lifesf> that's odd :S if i install ubuntu desktop it shows,.. if i run a live cd of ubuntu and get info from there would that help?
<twb> lifesf: I have no idea.
<twb> lifesf: I only work with supported hardware, as a rule
<lifesf> ok, i will load the desktop and try to find the driver running from there,.. from that i should be able to install straight off of apt-get right?
<twb> lifesf: I have no idea.
<twb> I don't use ubuntu desktops.  perhaps they install non-free software by default.
<lifesf> hmm
<lifesf> alright
<lifesf> thnx
<lifesf> i thought hp and ubuntu were associated tho,.. unless that was dell.. my memory is lagging i think lol
<twb> That its not listed in lspci is suspcious, unless this is a USB dongle or something
<lifesf> no
<lifesf> it's a linksys N pci
<twb> Even if you have no driver, a PCI card should still be visible in lspci
<lifesf> i just remembered it's my card in there
<lifesf> frick it's late
<twb> That suggests that the card isn't properly seated or powered
<lifesf> holy crap i apologise for this time waste figuring out the card; i never thought i budged the pc that much!!!!
<lifesf> http://paste.debian.net/116705/        result from ip a
<twb> OK, so it should just work with my last pastebin instructions
<lifesf> http://paste.debian.net/116706/     lspci -vv
<lifesf> ok,.. so that was the command lines you told me to insert in the document right?
<lifesf> the .conf?
<twb> 13:22 <twb> http://paste.debian.net/116700/
<lifesf> i keep the " ?
<lifesf> in ssid and psk?
<twb> Yes
<lifesf> cool :D
<lifesf> will there be conflict if i do not comment out eth0?
<twb> Only if eth0 is plugged in
<twb> If both are connected and enabled they will fight over who is primary gateway
<lifesf> ok :) thank you so much! i am trying to complete this as we're speaking :)
<lifesf> ps nano isn't letting me do a forward slash..........
<lifesf> found a workaround but that's not cool lol
<twb> I wouldn't know about nano
<lifesf> psk must be in hex right?
<lifesf> it's wpa2
<twb> lifesf: no
<twb> WPA and WPA2 only differ in the underlying crypto algorithm (AES vs. some intermediary shit)
<twb> The psk, at least in wpa_supplicant.conf, will be a string like psk="I like big bottoms"
<lifesf> lmfao
<lifesf> k
<lifesf> now all is left is reboot i guess
<lifesf> and see if it connects
<lifesf> isn't connecting :S
<twb> OK, then "sudo ifdown --force wlan0"
<twb> Then "sudo wpa_supplicant -dwext -iwlan0 -c/etc/wpa_supplicant.conf" and look at the output
<twb> Sorry, -Dwext
<lifesf> firmware file not found:  b43/ucode11.fw
<lifesf> and
<lifesf> b43-open/ucode11.fw not found either
<twb> Sounds like your hardware is not supported by Free drivers
<lifesf> OMG I LOVE YOU TWB :D
<lifesf> haha
<lifesf> i just hooked up a dlink usb wireless adapter modified some of the things
<lifesf> and i'm wAY connected :D
<lifesf> only thing i'm curious about right now tho... is, since i just changed my wlan0 to wlan1 as both are still connected physically to the pc... to the interface i still left all of the rest as wlan0
<lifesf> i am not exactly positive if they are getting them as sort of strings and should just leave it as it is or not
<twb> If you're running wpa_supplicant by hand, then it won't be using interfaces(5)
<twb> But nor will it be doing DHCP over the configured line
<lifesf> well.. it's running the way you've told me in the pastebin; the only thing is that it still states wlan0-default etc
<twb> lifesf: oh that part
<twb> wlan0-default is an arbitrary string
<lifesf> ok, i simply wasn't sure, i came to that logic thought when i noticed it worked so i wasn't sure if i should modify or not
<twb> It's there so that you can have multiple APs, so for example if you take your server to work, and it has static networking, you can have wpa-roam with "iface home inet dhcp" and "iface work inet static"
<twb> And it will pick them based on which AP it associates with
<twb> THe ifupdown / interfaces(5) scripts are pretty old and stupid by modern standards.
<twb> Someone ought to rearchitect them to use ip(8) and tc(8)
<lifesf> so in that sence i'd have to make it switch from one string to the other?
<lifesf> i think i'm gonna print your pastebin and stick it to the side of my pc and print out our conversation lol, i truly want to keep this on hand! I thank you very much for you help :D
<twb> Whatever
<lifesf> lol
<Roxyhart0> hi there. somebody know about tool to be able to send sms from my ubuntu server?
<uvirtbot> New bug: #781478 in samba (main) "package samba 2:3.5.8~dfsg-1ubuntu2.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/781478
<uvirtbot> New bug: #727837 in dhcp3 (main) "dhcp3-server fails to drop privileges properly" [Undecided,Confirmed] https://launchpad.net/bugs/727837
<xperia> hello to all. i have installed roundcube on my ubuntu server in /usr/share/roundcube and wat to use it from a domain that works in /var/www/mydomain/subdirectory
<xperia> subdirectory is a symlink that point to /usr/share/roundcube now the problem is that i get allways this error message here => Unknown: Failed opening required '/var/www/mydomain/subdirectory/index.php' (include_path='.:/usr/share/php:/usr/share/pear') in Unknown on line 0
<xperia> from what i have researched i need to use openbase_dir instruction somehow but i have this allready set for /var/www/mydomain
<lynxman> xperia: you should go at the problem the other way around and you should add config to your apache config file on that domain as specified by the roundcube documentation instead of using soft links
<xperia> ahhh i should use apache config well that is allready a great help need to look to find that part in the roundcube documentation. thank you a lot
<lynxman> xperia: np :)
<xperia> lynxman i am allready nearly to solve the problem with the help of your tip. have created this apache config here and it load fine. dont have anymore the error messages about php usr share and such stuff
<xperia> http://pastebin.com/Sm3cWGNL
<xperia> still something is bad as i get this error here allways
<xperia> [Thu May 12 10:51:12 2011] [error] [client 127.0.0.1] PHP Fatal error:  Unknown: Failed opening required '/usr/share/roundcube/index.php' (include_path='.') in Unknown on line 0
<xperia> okay looks like i need the include path directive
<RoAkSoAx> adam_g: ping
<adam_g> RoAkSoAx: hi
<xperia> okay could solve the problem with a other solution thanks a lot still for help
<uvirtbot> New bug: #781581 in php5 (main) "package php5-cli 5.2.10.dfsg.1-2ubuntu6.10 failed to install/upgrade: subprocess installed post-installation script returned error exit status 10" [Undecided,New] https://launchpad.net/bugs/781581
<uvirtbot> New bug: #781595 in openvpn (main) "Certificate verification fails with "error=invalid CA certificate"" [Undecided,New] https://launchpad.net/bugs/781595
<igjohn> hello ubuntu server , i need help with setting up my dedicated server , i have issues with NIC and IP addreses
<_ruben> be more specific
<igjohn> i have an ubuntu dedicated server , my dc asingned 8ip addrese , but i have access to only one
<igjohn> i want to add the 7 ip addreses to the NIC
<igjohn> can i get help from anyone please ?
<RoyK> igjohn: do you want 8 addresses on the same NIC?
<RoyK> igjohn: if so, just edit /etc/network/interfaces and at the end of the eth0 block, add a line like 'up ip addr add 192.168.0.0/24 dev eth0'
<RoyK> 24 being the bits in your netmask
<RoAkSoAx>  19
<iclebyte_work> if i rebuilt a slave name server, then obviously it has a new rndc.key file - how do I authorize this key on the master nameserver?
<Pumpkin-> I've got a bond interface configured on Ubuntu, and it comes up fine with the config I've got in /etc/network/interfaces, but with the wrong netmask. http://clive.fibrecat.org/~dwg/files/bonding.txt is the contents of /etc/network/interfaces, but bond0 comes up as a /8
<Pumpkin-> any ideas ?
<ph8> hi all, i'm trying to configure my server to send snmp traps to our 'solarwinds' system - how can i define traps to send and conditions to send them in? Strangely there's hardly any docs on it!
<joschi> ph8: grab the snmpd docs and get going ;)
<joschi> ph8: some applications can also send snmp traps directly. it all depends on what your really want to do
<mouseclone> what is the main difference between freeradius and radius-server packages?
<ph8> i guess i'm just after disk space and load average joschi
<ph8> but also things like when power is removed? :-o
<joschi> ph8: in this case you're good with snmpd
<joschi> ph8: when power is removed. either you'll get an event from your UPS or your UPS can generate a trap directly
<Pumpkin-> mouseclone: radius-server is just a virtual package, which can be fufilled by a number of different radius servers (of which freeradius is one)
<mouseclone> Pumpkin: so if I install radius-server, how will i know what server I would get?
<Pumpkin-> try and install it, it will tell you what to do
<mouseclone> seems because I install freeradius already that radius-server doesn't do anything
<ph8> joschi:  I'm fighting a battle with windows guys
<ph8> ah sorry i see i mean when one power is removed, on a two power system
<ph8> so the system should send the trap
<uvirtbot> New bug: #781088 in ntp (main) "Time is not syncronized with NTP-server" [Undecided,New] https://launchpad.net/bugs/781088
<ph8> any idea how i add a host to the allowed hosts to contact snmp?
<ph8> joschi:  thanks though, that fixed it - the 'trapsink' directive was what i needed
<jeremyn> am i correct in understanding there is no standard tabbed terminal emulator/ssh client for windows?
<jeremyn> only thing i can come up with is putty + one of a zillion dodgy add-ons
<Dr_Jekyll> you are correct
<Dr_Jekyll> maybe byobu/screen/tmux does what you want on the server side
<jeremyn> screen is kinda-sorta but of course only works on one server
<jeremyn> i cannot believe this is still an unsolved problem in 2011
<Pici> jeremyn: I was trying to get terminator to work under Windows here, but didn't have any luck.  My cygwin install is a bit messy though.
<uvirtbot> New bug: #781695 in mysql-5.1 (main) "package mysql-server-5.1 5.1.54-1ubuntu4 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/781695
 * _ruben uses securecrt for tabbed ssh sessions
<jeremyn> this is for my own personal use and it looks like the cheapest price is about $100, though, to be fair, securecrt does seem to be very popular
<uvirtbot> New bug: #781696 in openldap (main) "package slapd 2.4.23-6ubuntu6 failed to install/upgrade: subprocess new pre-removal script returned error exit status 2" [Undecided,New] https://launchpad.net/bugs/781696
<_ruben> on an average $workday i have about 6 windows with like 10 tabs each open ;)
<_ruben> give or take a few windows and tabs :)
<_ruben> right now i only got a single window with 13 tabs
<jeremyn> i only have like two or three sessions open at a time but even fishing through that small number is very annoying
<_ruben> for that ammount, the cost of securecrt is a bit overkill i guess :)
<_ruben> really shame that there's no proper putty add-ons for it .. tried numerous, one more broken than the other
<Pumpkin-> jeremyn: I know lots of people that use putty connection manager for that
<Pumpkin-> but it has some annoying defaults, like CTRL-U for a new window, which I always use for deleting the current line
<_ruben> stuff like that is actually one of the reasons i have my irssi in a putty window and not securecrt ;)
<jeremyn> Pumpkin-: i heard about that, and yeah that it was buggy, and then their commonly given website http://puttycm.free.fr/cms/ gives some plain MySQL error. there's a sourceforge page but i dunno, it just seems kinda off. i know this is petty.
<jeremyn> i used ubuntu on my laptops for a long time, i didn't realize GNOME terminal emulator was some kind of unique triumph
<_ruben> i've been using konsole over remote-x for ages prior to getting $work to pay for securecrt ;)
<aubre> I want to get all the packages I have installed on one server into a file I can use to install the exact same packages on another server - what's the best way to do that?
<ry> humm
<ry> there is a bot that has the command
<ry> i dont know the syntax touse it, i'll try to find it
<ry> aubre, .:ubottu:. To replicate your packages selection on another machine (or restore it if re-installing), you can type Â« aptitude  --display-format '%p' search '?installed!?automatic' > ~/my-packages Â», move the file "my-packages" to the other machine, and there type Â« sudo xargs aptitude --schedule-only install < my-packages ; sudo aptitude install Â» - See also !automate
<aubre> ty
<Pici> ry: ubottu is in this channel too
<ry> Pici, i've never actually used him before
<ry> i saved that months ago
<ry> lol
<ry> i remember seeing someone ask a similar question, and it was like #9745 on my "things to lookup" list
<ry> quote an awesome bot though
<uvirtbot> New bug: #781727 in mysql-5.1 (main) "package mysql-server-5.1 5.1.54-1ubuntu4 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/781727
<uvirtbot> New bug: #781763 in bind9 (main) "package libisccc60 1:9.7.0.dfsg.P1-1 failed to install/upgrade: arquivo tar do sistema de arquivos corrompido - arquivo de pacote corrompido" [Undecided,New] https://launchpad.net/bugs/781763
<jerrad> yo
<GeorgeNada> quick question
<GeorgeNada> i'm trying to install ubuntu server (11.4, and now 10.4) on my poweredge 6650, and the damn thing wont recognize the networking cards in the machine.
<GeorgeNada> they are broadcom 5700 series
<lifesf> hi, when setting a static ip in /etc/interfaces I become unnable to access the server through my external ip
<ajmak>  hey guys, can anyone help with amavisd-new + spamassassin custom rule weighting?
<ajmak> can I modify the rule weights directly in sa or does this need to be done through amavis?
<koolhead17> hi all
<wmp> hello, how to install only phpmyadmin (from apt of course), without apache and other packages>?
<cemc> The requested URL /~chucks/SRUTracker/sru-tracker-bugs.html was not found on this server. - what happened to it? :)
<RoyK> wmp: last I checked, phpmyadmin relied on apache
<wmp> RoyK: reliaed? I dont understand, english isn;t my first language
<jimbobco> wmp: you're best off accepting dependencies when using apt, that's kind of its mission in life
<wmp> jimbobco: bÅeh... i have nginx and apt want to install apache...
<RoyK> wmp: depended upon
<RoyK> wmp: if you want to use nginx, just install phpmyadmin from source - it's not that hard
<wmp> so, i musi install from source?
<wmp> must*
<wmp> ok ;)
<RoyK> it's just php - no compilation needed
<wmp> yes, i know ;)
<wmp> but with apt i have auto upgrades
<RoyK> sure, but the package in apt relies on apache, so if you want to use something else, well, do it the hard way :P
<wmp> yes, maybe phpmyadmin shoudn't have in depends apache?
<RoyK> don't blame me :)
<jimbobco> wmp: http://royal.pingdom.com/2011/01/04/apache-web-server-hit-a-home-run-in-2010/
<RoyK> I guess it should depend on a metapackage, being 'webserver' or something, but then, it'll be a bit hard to autoconfigure all possible webservers
<RoyK> I guess they chose apache, since 99.lots% will use that
<jimbobco> roky: agree
<wmp> bÅeh... ok
<RoyK> wmp: out of curiosity, why do you use nginx?
<wmp> RoyK: becouse i can configure this what i want
<wmp> in apache, i cant
<wmp> and nginx is better
<wmp> speed, less memory
<RoyK> well, apache works
<wmp> and, firstly: i know how to configure nginx ;)
<RoyK> configuring apache isn't really that hard
<wmp> maybe
<wmp> nginx this same ;)
<jimbobco> i try to go with the market, apache has more eyeballs and therefore should be more secure, robust, etc
<jimbobco> but maybe the lines of code between the two evens things out
<wmp> jimbobco: nginx also is security
<wmp> and i have problems with apache in my small hosting
<wmp> but maybe other admin can't know how to cnfigure it
<jimbobco> right tool for the right job...
<wmp> with nginx i have 0 problems
<wmp> in nginx i have: http_auth with PAM, serwer/download -> /home$USER/download; serwer/www -> /home/$USER/www; i have SSL and other features ;)
<RoyK> wmp: you get those for apache as well
<wmp> RoyK: maybe ;)
<RoyK> apache has been around for 15 years or so
<wmp> RoyK: wait, i show you statistic from webmin
<RoyK> there's a lot you can do with apache...
<wmp> on serwer with 50k unique users
<wmp> s/webmin/munin/ ;)
<wmp> RoyK: http://wstaw.org/m/2011/05/12/ss.png
<wmp> nginx use 2MB memory
<wmp> sorry, 160mb
<wmp> ;)
<RoyK> not a lot, though
<RoyK> it's better if it uses that memory wisely than reading everything from disk
<TheKernel[work]> if you're ssh'd into another box and the connection drops but the session doesn't know it yet, is there a way to force the SSH session to stop so you can go back to your local terminal?
<w00> kill the ssh from another session?
<wmp> TheKernel[work]: kill shell opened in this sh
<wmp> ssh
<TheKernel[work]> lets say I'm consoled in
<TheKernel[work]> its the only tty I can use
<w00> ..wait for timeout then
<TheKernel[work]> lol yeah
<TheKernel[work]> that's what I do
<w00> And next time use the ssh in screen
<jimbobco> byobu is nice for basic screen functionality
<uvirtbot> New bug: #781853 in bind9 (main) "package bind9 1:9.7.0.dfsg.P1-1ubuntu0.1 failed to install/upgrade: sub-processo script pre-removal instalado retornou estado de saÃ­da de erro 1" [Undecided,New] https://launchpad.net/bugs/781853
<uvirtbot> New bug: #781859 in samba (main) "package samba 2:3.5.8~dfsg-1ubuntu2.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/781859
<DinVitamin> I'm installing Ubuntu Server. What would be the command for installing the bare minimum packages I need to have a minimal GUI so that I can do something like play a video or look at a picture?
<jimbobco> you can install the ubuntu-desktop metapackage, but I wouldn't call it minimal
<marcanthony81> does anyone have any bind9 experience and has a moment to answer some questions
<marcanthony81> ok i guess not
<Pumpkin-> well
<Pumpkin-> if he had waited around I'd have helped
<Pumpkin-> but he didn't
<pmatulis> next time Pumpkin-
<uvirtbot> New bug: #781899 in samba (main) "package samba 2:3.5.8~dfsg-1ubuntu2.1 failed to install/upgrade: il sottoprocesso nuovo script pre-removal ha restituito lo stato di errore 100" [Undecided,New] https://launchpad.net/bugs/781899
<marcanthony811> does anyone have any BIND9/DNS experience that could help with an issue I'm having
<marcanthony811> hello btw
<marcanthony811> is there anyone out there
<marcanthony811> does anyone know anything about bind
<marcanthony811> ok how about this
<marcanthony811> does anyone know what could possibly be the problem if you can ping the hostname of a machine but can not ping the FQDN
<marcanthony811> for example
<marcanthony811> i can ping host1
<marcanthony811> i can not ping host1.example.local
<andygraybeal> stick aruond and maybe we can get to yuo :)
<pmatulis> he's gone again?
<teddyb> when i boot ubuntu server on my laptop should i see anything?
<teddyb> like should i be seeing a prompt or anything like when i ssh into one
<w00> Of course
<teddyb> cool, something must have gone wrong :)
<w00> Well what do you see?
<teddyb> a black screen
<teddyb> no prompt no nothing
<w00> And if you do alt-f1 for example?
<teddyb> ill give it a try
<uvirtbot> New bug: #781929 in nmap (main) "Zenmap doesn't have an icon" [Undecided,New] https://launchpad.net/bugs/781929
<uvirtbot> New bug: #781934 in nmap (main) "Zenmap should launch with gksu" [Undecided,New] https://launchpad.net/bugs/781934
#ubuntu-server 2011-05-13
<kellnola> having a bizarre problem here ... I have a server I can ssh into, guest virtual machines running on it work fine, but the server can't initiate any sort of network traffic or even open a socket, not even ping anything. There aren't any firewall rules at all and apparmor is off ...
<kellnola> a ping just recieves
<kellnola> "EAGAIN (Resource temporarily unavailable)"
<njbair> since my upgrade to natty, my development server no longer displays PHP error messages.
<toddnine> Hi guys.  is there a command to list all currently installed ppa sources?
<toddnine> I need to see if one is present via grep in an automated script
<uvirtbot> New bug: #781982 in mysql-5.1 (main) "Format string bug in mysqldumpslow" [Undecided,New] https://launchpad.net/bugs/781982
<uvirtbot> New bug: #781985 in mysql-5.1 (main) "Format string bugs in mysqlhotcopy" [Undecided,New] https://launchpad.net/bugs/781985
<lifesf> Hi, my ubuntu natty server works then cannot access, then can access then cannot.......................
<arleslie> speratic network card?
<lifesf> using a wireless dlink
<lifesf> it does not require much traffis
<lifesf> traffic*
<arleslie> signal?
<lifesf> yup
<arleslie> how good?
<lifesf> it connects fine
<arleslie> just because it connects doesn't mean it has good enough signal
<lifesf> umm.. is there a way to view the signal strenght on the server through terminal?
<arleslie> iwconfig might show it
<lifesf> well.. all my pcs from where i am have a rather good signal
<arleslie> I would recommend just running a line to the server
<arleslie> either way I g2g, good luck
<lifesf> impossible at the moment
<lifesf> oh ok but thanx
<lifesf> does anyone else know how to fix this issue? sometimes can connect sometimes cannot,... and from memory,.. when it was still hooked up right after install,... it still did taht
<lifesf> i thought it was because it would go in sleep mode which is completely absurd
<lifesf> and it always states being connected
<lifesf> in all times
<Juv1228> toddnine, you could just read out /etc/apt/sources.list and parse for it there
<toddnine> Thanks JUv1228.  I was able to check for the existence of the file in /etc/apt/sources.d
<koolhead11> RoAkSoAx,
<RoAkSoAx> koolhead11: yes?
<koolhead11> were you supposed to put cobbler community documentation ?
<RoAkSoAx> koolhead11: help.ubuntu.com/community/Cobbler
<koolhead11> RoAkSoAx, kool :)
<w00> That doc works wonders, god it working from first try pretty quick
<w00> *got
<w00> Never touched cobbler before :)
<twb> Is cobbler one of those puppet clones?
<twb> Ah, not quite.
<twb> More like di-netboot-assistant or FAI
<twb> (only shit)
<uvirtbot> New bug: #780486 in ubuntu-cdimage "rename Ubuntu Enterprise Cloud to Ubuntu Cloud" [High,Triaged] https://launchpad.net/bugs/780486
<uvirtbot> New bug: #782052 in postfix (main) "package postfix 2.8.2-1ubuntu2.1 failed to install/upgrade: ErrorMessage: å­è¿ç¨ å·²å®è£ post-installation èæ¬ è¿åäºéè¯¯å· 75" [Undecided,New] https://launchpad.net/bugs/782052
<twb> Why is plymouth still loading when "splash" is not in grub's cmdline on my lucid VM?
<twb> Also, what is the option to blacklist vga16fb?
 * twb tries nomodeset
<twb> Nope, that's not it.
<shirgall> twb I just put it in the /etc/modprobe.d
<shirgall> twb: in fact, blacklist-framebuffer.conf in there should already have it
<twb> shirgall: what, "blacklist vga16fb" or "install vga16fb /bin/false" ?
<twb> shirgall: no, vga16fb is the one ubuntu *wants* me to load; they leave it in by default because they hate me
<twb> shirgall: they only default to blacklisting stuff that breaks non-free nvidia and ati drivers
<shirgall> twb: ah, I generally force vesafb instead
<twb> shirgall: see, I don't want *any* framebuffer
<twb> It breaks kvm -curses
<shirgall> understood, you can certain uncomment vesafb in that file too
<twb> Ugh: /usr/share/initramfs-tools/scripts/init-top/blacklist
<twb> OK, "blacklist vga16fb" appeared to work.
<twb> WTF is ntfs-3g doing in the ubuntu ramdisk?
<twb> Like, just because ubuntu-standard recommends people have NTFS support, they need it *to boot*?
<koolhead11> RoAkSoAx, shall i add 2 things in case we are using a dhcp sever on same system on which cobbler is running?  in the configuration section?
<koolhead11> also the 3ed error can be escaped :P
<koolhead11> jdstrand, hello
<uvirtbot> New bug: #782071 in ntp (main) "Add current local time to configuration" [Undecided,New] https://launchpad.net/bugs/782071
<Tensibai> Can someone help me with preseed file ? (mainly for the proxy in mirror selection)
<uvirtbot> New bug: #782092 in openssh (main) "ssh server extremly unresponsive" [Undecided,New] https://launchpad.net/bugs/782092
<TampiKo> help
<TampiKo> /etc/init.d/postgresql restart
<TampiKo> command?
<TampiKo> restart
<Guest72460> hi - i need some help please, i need to forward ip protocol 47 to the a masqueraded op address on my lan
<Guest72460> *masqueraded ip address
<koolhead11> TampiKo, >
<koolhead11> ?
<TampiKo> I reset the postgresql-8.1.4 as I do?
<TampiKo> ?
<Guest72460> *masqueraded ip address
<RoAkSoAx> koolhead11: yeah just follow what is says after sudo cobbler check
<koolhead11> RoAkSoAx, i meant adding the modification bit if am running DHCP server on the same cobbler server apart from the 3ed error we get at time of sync. Also adding content inside the custom cobbler dhcp template file which over writes default dhcp config :)
<koolhead11> TampiKo, i thought your asking something :)
<TampiKo> ?
<koolhead11> <TampiKo> help
<koolhead11> <TampiKo> /etc/init.d/postgresql restart
<TampiKo> gnuworld@srcarloncasmi:~$ /etc/init.d$ sudo ./postgresql restart
<TampiKo> -su: /etc/init.d$: No such file or directory
<TampiKo> gnuworld@srcarloncasmi:~$ /etc/init.d/postgresql restart
<TampiKo> -su: /etc/init.d/postgresql: No such file or directory
<koolhead11> TampiKo, have you compiled postgres from source?
<TampiKo> gnuworld
<TampiKo> o user postgres ?
<koolhead11> jdstrand, the dhcp apparmor issue/bug i reported it is not a bug i suppose because am using the configuration file of dhcp via dhcp.template file of cobbler which overwrites dhcpd.conf
<novitololo> I've a file inside /etc/apache2/sites-available that has the following line: ServerName www.mytest.com.  DocumentRoot /path_to_index.php  -- I also have /etc/hosts defined a line with 127.0.0.1 www.mytest.com.  My question is: Why do I have to have that line in /etc/hosts, if I'm already declaring what's the servername for that VHost?
<shauno> the line in /etc/hosts isn't for the apache configuration.  it overrides the name resolution so when you stick www.mytest.com in your browser, it doesn't ask your isp's nameserver what the IP for mytest.com is.  it uses the one from /etc/hosts in preference
<shauno> without it, apache knows that you want to answer requests for mytest.com, but nothing else on the machine does
<novitololo> this explanation is awesome
<novitololo> thanks a lot.
<Guest72460> hi - i need some help please, i need to forward ip protocol 47 to the a masqueraded op address on my lan
<Guest72460> *masqueraded ip address
<RoAkSoAx> koolhead11: sorry, can't look at it at the momento
<RoAkSoAx> koolhead11: but ping me next week
<RoAkSoAx> as I'm in a business trip
<koolhead11> RoAkSoAx, will do. thanks
<twister004> hi guys...... can my NIS client settings vanish after a reboot on a linux client?... there is no dir under /var/yp/binding.... it was present before the reboot.. how is this possible?... please advise!
<twb> twister004: ubuntu sucks at nis IME
<twb> First of all, make sure network manager isn't installed or running
<twister004> twb.. can a directory just disappear like that?
<twb> Dunno
<twb> If you had an outage, fsck could've removed it due to brkage
<uvirtbot> New bug: #782179 in autofs5 (main) "user and group not shown on nfs mounted directories" [Undecided,New] https://launchpad.net/bugs/782179
<TeTeT> SpamapS: Hi Clint, is there any chance to get bug 561750 fixed in Lucid soonish? LVM (customer) is requesting this
<uvirtbot> Launchpad bug 561750 in squid "squid starts and stops immediately (after upgrade from karmic to lucid)" [Medium,Fix released] https://launchpad.net/bugs/561750
<uvirtbot> New bug: #782192 in postfix (main) "package postfix 2.7.0-1ubuntu0.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 75" [Undecided,New] https://launchpad.net/bugs/782192
<jdstrand> koolhead11: interesting. if this is a standard cobbler configuration, please note it in the bug-- it would be good to support that out of the box
<morbidwar> hello, i have a little problem, i
<morbidwar> hello, i have a little problem, i'm trying to run a custom script from crontab and it's not executed
<morbidwar> and in the syslog everything's look fine
<morbidwar> can somebody help me
<uvirtbot> New bug: #782203 in samba (main) "package samba 2:3.5.8~dfsg-1ubuntu2.2 failed to install/upgrade: sub-processo script post-installation instalado retornou estado de saÃ­da de erro 1" [Undecided,New] https://launchpad.net/bugs/782203
<elb0w> why cant I find sudo apt-get install courier-pop
<elb0w> sudo apt-get install courier-imap on ubuntu 10.10
<uvirtbot> New bug: #782204 in postfix (main) "Apport hook needs to provide more information on hostname rejection" [Wishlist,Confirmed] https://launchpad.net/bugs/782204
<morbidwar> hello, i have a little problem with crontab and a script i made, if i run the script from the console with sh script.sh it runs but the crontab doesn't read it. the script is set to be executed (0755) and in the crontab i tryied to change the way the script was executed 0 * * * * ./location/script.sh and /bin/bash /location/script.sh and sh /location/script.sh but with no luck
<koolhead11> elb0w, apt-cache search courier*
<elb0w> I had to enable universe
<sky1> ine frage, wenn ich vom system her ubuntu sagen soll, dass er bei einer anfrage zertifikate mit gibt, wie mach ich das? reicht es die zertifikate in /etc/ssl zu kopieren ? ...  ich weiÃ das sind wenig infos.. aber ich muss erstmal grundlegend wissen, wei in linux die zertifikate aktiviert werden ...
<johnny2k> hello. any one have console localization experience? i see nice squares instead of words on last ubuntu serv
<johnny2k> i try dpkg-reconfigure console-setup and see letters as me need, but after reboot they disappear
<johnny2k> plz help me
<johnny2k> any docs?
<pr3nt1c3> if I have kvm2... is virtualBox redundant?
<soren> kvm2? What the heck is kvm2?
<soren> pr3nt1c3: ^
<pr3nt1c3> I meant LVM2
<pr3nt1c3> typo
<pr3nt1c3> logical volume mgmt
<pr3nt1c3> I have 2x1.5TB drives, and I want the system to recognise an unbroken 3TB drive... then after this is done... I want to make sure that users can log into vBox VM's and have their session forwarded via network
<pr3nt1c3> ok... the VG is 2.73TB in size... but only 1.3 is initialized... but the 'uninitialized' portion is my main filesys... where did I go wrong? I can't initialize the device as a) it's mounted... and b) hosts my server filesys and my user directories
<pr3nt1c3> ideas?
<hallyn_> pr3nt1c3: I think you need to give us some more info on what you had before, what you just changed, and what your problem now is.  Near as I can decipher you had an LVM on one drive, now you added another drive to the pv and want to extend the lv to include the new drive.  <shrug>
<pr3nt1c3> which I've now done
<pr3nt1c3> it just looks weird
<bencc> whe editing /etc/ssh/sshd_config, can I just add my lines at the end of the file? will it overwrite previous lines?
<bencc> or do I have to edit each line in the body of the file
<netrat> bencc, i don't understand your question... are you talking about commenting lines out? why would it overwrite previous lines?
<bencc> netrat: instead of commenting lines I just want to paste new lines
<bencc> if my lines at the end of the file will take effect it's easier to maintain
<bencc> for example, the line "Port 22"
<bencc> I want to put a line "Port 22345" at the end of the file but without changing the previous line so it's faster to add and remove my changes
<Err404NotFound> I have added something to cron with &>> /tmp/log but even though /var/log/cron says that cron was executed and i can otherwise verify that the script executed fine, i can't see anything in the /tmp/log
<pmatulis> bencc: why don't you just try it?
<bencc> pmatulis: because it might work by accident and be insecure and unreliable
<RoyK> bencc: removing the # in front of a line doesn't take very long :P
<uvirtbot> New bug: #782283 in samba (main) "package samba 2:3.5.8~dfsg-1ubuntu2.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/782283
<Doonz> Hey guys, Im having trouble tracking down a straightfoward howto. What i did was expand an hardware array from 5tb to 10tb. now im trying to resize /dev/sdc1 to use the newly created free space any guides would be appreciated
<RoyK> Doonz: did you replace smaller drives with bigger ones?
<Doonz> RoyK: its a 16port raid controller just added more drives to the array
<RoyK> so why do you try to resize sdc1?
<Doonz> because drive /dev/sdc1 is only 5tb
<RoyK> oh - hardware raid?
<Doonz> yes
<Doonz> sudo fdisk -l
<Doonz> crap
<Doonz> Disk /dev/sdc: 9999.9 GB, 9999891824640 bytes
<RoyK> gparted is rather nice
<Doonz> /dev/sdc1             5.4T  4.1T  1.1T  79%
<Doonz> im running a headless server so cli only for me
<RoyK> remote X should work, though
<Doonz> wich would mean i would have to install it ....
<RoyK> why not?
<Doonz> not sure how to /me hangs head in shame
<RoyK> fiddling with parted can be rather dangerous if you don't know how to
<RoyK> apt-get install gparted
<RoyK> if your workstation runs windoze, you'll need something like xming
<RoyK> if not, it should be a trivial logout/login
<Doonz> ok ima gonna
<Doonz> try that
<RoyK> Doonz: what OS on the workstation?
<Doonz> win xp
<RoyK> ok, then download xming, start it, configure putty to do X11 forwarding and you should be game
<Doonz> ok
<Doonz> lets see if i can do this
<RoyK> :)
<battle_warrior> hi, im trying to host a dedicated server of garys mod or css from steam off my linux pc which is linux mint 10 kde ive downloaded all the files  needed.. ive ported http://oi52.tinypic.com/14e00ee.jpg  can anyone explain on what to do next?
<pr3nt1c3> if anyone is using transmission 2.13 and you know how to set-up the proxy so it's encrypted... let me know... it's no longer obvious in the pref's
<uvirtbot> New bug: #782298 in mysql-5.1 (main) "command injections in mysqld_multi" [Undecided,New] https://launchpad.net/bugs/782298
<Doonz> HOLY SHOOOT i did it
<RoyK> :)
<RoyK> wasn't that hard, was it? ;)
<Doonz> ive tried a bunch of times
<Doonz> and never go it to work
<RoyK> xming?
<Doonz> and x11 forwarding
<RoyK> and now it took 5 minutes?
<Doonz> yeah
<Doonz> awesome!
<RoyK> did you get gparted up?
<Doonz> yeah i need to unmount the drive tho
<RoyK> obviously, yes :P
<pr3nt1c3> alternatively: ssh -X user@host works also
<Doonz> yeah but im on windows
 * RoyK stopped using windoze some 12 years ago and only uses it at gunpoint
<Doonz> ive got proprietary apps that do not run virtualized so im stuck
<RoyK> don't run virtualized?
<RoyK> what sort of apps would that be?
<Doonz> Control system apps
 * RoyK uses a few very propritary apps in his Windoze VM
<RoyK> proprietary, even
<Doonz> yeah ive tried but it wont
<RoyK> shouldn't be much difference for an app to run on a VM as compared to running on a dedicated machine
<RoyK> that is - unless they do some nasty hardware or BIOS calls
<RoyK> but I thought that was out of line a long time ago
<Doonz> has to do with the security protocol they use for locking down the files
<Doonz> the controlers to the pc communication will not work
<RoyK> bad coding, then :P
<RoyK> did you get the partition resized?
<Doonz> just getting to it now
<Doonz> resizing wont dstroy the data tho right
<RoyK> hopefully not
<Doonz> its not supposed to tho
<Doonz> unless it buggers up right
 * RoyK advices Doonz to keep a backup
<RoyK> Doonz: btw, zfs is brilliant for such setups ;)
<Doonz> yeah i have all the important stuff  mirrored both on another local server and an offsite server as well as stored in the cloud
<RoyK> ok
<Doonz> see i came from the windows world.... so back ups are a must
<Doonz> lol
<RoyK> backups are needed even in the unix world, beleve me ;)
<Doonz> yeah but unix doesnt decide that you dont need your data
<Doonz> windows likes to help clean up the drives
<RoyK> that's rather nasty
<Doonz> yea ut at least windwos is trying to be helpful
<Doonz> lol
<RoyK> an operating system shouldn't be helpful in that sort of terms
<Doonz> it was just making sure i optimize my storage structure
<RoyK> Doonz: I just got a message about a crash on one of the backup storage servers - server reported a 100TB zpool was inaccessible - that hurts
<RoyK> a cold restart fixed it, though
<Doonz> Heh
<Doonz> we had a helpful electrician unplug our fiber link between sites one day
<Doonz> lol
<RoyK> heh - no harm done, I guess?
<Doonz> kinda
<RoyK> some hours of downtime is mostly acceptable
<Doonz> that link was the connection to a datacenter wich host our simulation server
<RoyK> hehe
<Doonz> we were in the middle of showing the customer their new 5billion dollar plant
<Doonz> :/
<RoyK> :D
<RoyK> how many compute nodes do you have there?
<Doonz> its an interesting setup
<RoyK> and what sort of parallelisation tech?
<Doonz> Its a cluster of 15 heads units with 1857 gpus
<Doonz> 1847*
<RoyK> nice
<RoyK> for what use?
<Doonz> process simulation
<Doonz> pretty sweet
<RoyK> Doonz: I work for nilu.no - we still haven't had the FLEXPART model rewritten so it can support GPUs
<Doonz> this is running idea's
<RoyK> and currently, we only have about 120 CPUs running it
<Doonz> wich has native gpu support and sacles liniar
<Doonz> we only have 30 cpus in the node obviously
<RoyK> idea?
<Doonz> process simulation package
<Doonz> brb ssboilers down
<Doonz> well that was fun
<Doonz> wow this x11 forwarding is pretty cool
<lifesf> my server has an intermitent response problem... i can't figure out why; sometimes i can access it from local and external, and sometimes not at all yet it is still connected and everything up and running; and like right now, i cannot access it from external but i can from local
<lifesf> and sometimes everything works perfect
<lifesf> especially after a restart,... and then 10minutes later,... problem start appearing again
<Doonz> i wonder how long it takes to do a filesystem check on 5tb
<RoyK> Doonz: the filesystem won't grow automatically
<Doonz> eh?
<RoyK> Doonz: resize2fs is your friend
<Doonz> yeah
<koolhead17> hi all
<RoyK> hi, koolhead17
<koolhead17> hey RoyK
<lifesf> can anyone help me out? :S
<RoyK> lifesf: pastebin dmesg output
<lifesf> ok
<lifesf> i forget the site, my history isn't on this pc
<RoyK> !pastebin
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imagebin.org/?page=add | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<lifesf> http://paste.debian.net/116877/
<lifesf> i'm connected via wireless at the moment but wether i was wireless or not it would still stop working local sometimes
<uvirtbot> New bug: #782322 in munin (main) "plugin iostat_ios looses track of its state" [Undecided,New] https://launchpad.net/bugs/782322
<lifesf> does it help?
<wmp> hello
<wmp> is possible to diplay what proces is in swap?
<wmp> ok, i found: http://stackoverflow.com/questions/479953/how-to-find-out-which-processes-are-swapping-in-linux
<lifesf> nobody know?
<Doonz> so 5tb takes how long with e2fsck .........
<Doonz> im thinking 18 hours
<Doonz> any bets?
<FK3> can someone recommend server software which can stream videos through web, not media tomb
<Doonz> sorry FK3 i have now idea
<FK3> no prob think ive found one
<lifesf> sometimes can somtimes can't access server,...why? 11.04 install
<Doonz> lifesf: sorry man i dont have an answer
<jMyles> So, is there a way to deploy the OpenStack-powered UEC today?  Does it make sense to put new UEC deployments on hold for a bit?
<pmatulis> jMyles: give it at least 6 months
<jMyles> pmatulis: So what in the mean time?  Stick with Eucalyptus?
<Doonz> ok i was way off on my guess only 2.5 hours for the filesystem check
<CppIsWeird> does the latest version of ubuntu-server have a firewall installed by default? i did an do-release-upgrade and now openvpn wont work for anything. i've run over everything in openvpn about 10 times. im at a loss.
<remix_tj> CppIsWeird: use tcpdump -p
<remix_tj> to view if traffic is being dropped
<remix_tj> CppIsWeird: or try with
<remix_tj> iptables -L -n
<remix_tj> and look if there is any rule
<CppIsWeird> doesnt look like theres rules in any of the three sections
<JanC> CppIsWeird: nothing in openvpn logs?
<CppIsWeird> nothing that would indicate error. openvpn both in client and server thinks everything is okay. im suspicious of either something ran amock in windows networking or the server upgrade as it seemed to fail right around the upgrade.
<matt_keys> I'm trying to move a web server over to ubuntu from centos. The previous admin used dbm=db:/path/to/rewrite.db in the rewrite configuration. I have enabled mod_rewrite, and moved the config over and enabled rewrite logging. When I rm the log and restart the server it gets created again, so I know it's reading the config but it doesn't appear to be pulling in the rewrites from those db files
<RoyK> matt_keys: hi
<matt_keys> RoyK: hello
<matt_keys> Also, I've tried the AllowOverride all as suggested in the forums
<matt_keys> I also have dbd, authz_dbm, and authn_dbd loaded
<matt_keys> Does anyone have any suggestions as to what may be the problem?
<uvirtbot> New bug: #782421 in postfix (main) "package postfix (not installed) failed to install/upgrade: subprocess new pre-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/782421
<Doonz> RoyK: you kicking around
#ubuntu-server 2011-05-14
<draven> for 10.04 what is the current kernel?
<Doonz> so if im running an app through x when i close my connection will that app stop running?
<Datz> draven: I think it is 2.6.32-31
<Guest37947> hi!
<Guest37947> can any one no a good program recording and maneging my cctv cam's?
<Max-P> Hi, there, does someone know why an empty Ubuntu-server (freshly installed) uses as much as 200 Mb RAM, with only the base processes running (rsyslog, cron, getty) while a fresh Debian install only takes <50 Mb?
<draven> why do i have to use dist-upgrade to get kernel updates for server but not for standard?
<julian_c> Hmm... never really thought there was a difference. On non-server installs, I've had to do dist-upgrade to get newer kernels.
<draven> julian_c, might just be a difference between the gui update manager and the command line apt tool
<qman__> Guest37947, zoneminder
<Guest37947> qman__: I found zoneminder, but i can't install :/ I user isp config in my servers.
<qman__> Guest37947, zoneminder is fairly difficult to install, I'd definitely say it's for advanced users
<qman__> but it is the best CCTV software for linux
<qman__> far as I know, anyway
<Guest37947> yep, i know. But what's the next, maybe u now a good tutorial? (zoneminder.com tutorials or install man is not help much. ... it's just say sudo apt-get install zoneminder .... after u have to do what u want ... )
<qman__> their wiki has some tips on getting it to work in ubuntu
<qman__> I spent a good two days or so getting the one I set up going
<Guest37947> thx, i watch it
<qman__> it was a while back, on 9.10, so I don't really remember what I did
<qman__> and it may not even be relevant in current versions
<el_seano> does anybody know of a quick command to tell which release of ubuntu you're using?
<el_seano> nevermind.  lsb_release -a
<jeeves_moss> what syslog server will allow me to make a directory for each device, and allow for slave servers (so if the remote connection goes down, the logging keeps going on my cisco equipment)
<ChmEarl> pastebin: Oneiric kernel xen config - grep -ic xen /boot/config-2.6.39-2*
<n2deep> hi can anyone help with nx flag reporting: http://pastebin.com/u4zkDB4M
<n2deep> this is a virtual machine.
<n2deep> the nx bit was disabled when I installed the operating system, it's enabled now.
<n2deep> ..enaabled in the physical host bios now
<PryMaL> I'm currently trying to recover a MySQL root password for a friend, can anyone help with the syntax error that it's giving me please.  UPDATE user SET password=PASSWORD('newpassword') WHERE user="root"; is the string I'm using but have a generic "you're using bad syntax on mysql" error
<lambda_x> why lvm volume groups created during installation dont have /dev/mapper/[name] entry while volume groups created by hand do have?
<uvirtbot> New bug: #782569 in samba (main) "package samba-common 2:3.5.8~dfsg-1ubuntu2.1 failed to install/upgrade: ErrorMessage: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/782569
<mithran> hi all, im trying to configure webmin on ubuntu server 10.04. but im not able to access the webmin page, i installed all the packages, and the port 10000 is open on the server, im able to ping the server as well, but the webpage is not loading
<mithran> please help
<mithran> im getting a net::ERR_TIMED_OUT error
<uvirtbot> New bug: #782583 in etckeeper (main) "Please merge etckeeper 0.53 (main) from Debian unstable (main)" [Wishlist,Confirmed] https://launchpad.net/bugs/782583
<uvirtbot> New bug: #782597 in postfix (main) "package postfix 2.8.2-1ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/782597
<uvirtbot> New bug: #782614 in bind9 (main) "make configuring DNSSEC validation easier" [Undecided,New] https://launchpad.net/bugs/782614
<Doonz> RoyK: you around buddy
<uvirtbot> New bug: #782654 in samba (main) "Cannot Share Printer with 11:04 / Windows 7" [Undecided,New] https://launchpad.net/bugs/782654
<maxb> Is there any special gotcha to trying to run an isc-dhcp-server on a Linux bridge interface? (bridging a bunch of tap interfaces used for QEMU; the DHCPD never seems to do anything)
<randomuser> maxb, works for me
<maxb> oh :-(
<maxb> Wonder why it hates me
<maxb> So, you have a bridge, have tap interfaces, added them to the bridge, got an IP address configured on the bridge, told the dhcpd about the IP subnet, and it just works?
<maxb> My dhcpd doesn't do anything, even though I can see the DHCP Discover messages in wireshark
<maxb> It all works fine when I have a single tap interface, no bridging - but I want to allow for multiple VMs at once
<randomuser> i have a line in dhcpd.conf to tell it to listen on virbr0
<maxb> randomuser: What does that line look like? Is virbr0 a standard "brctl addbr" bridge? Any special settings associated with it?
<randomuser> it says DHCPARGS=virbr0;
<randomuser> it appears to have STP enabled
<randomuser>  other than that, a bridge is a bridge
<randomuser> how did you create yours? is your virtualization platform running dnsmasq or some other competing service?
<randomuser> (mine tries to do dnsmasq)
<incorrect> is the a cli client for ubuntu one file sync?
<JanC> incorrect: u1sdtool ?
<incorrect> maybe there is a ppa for that
<JanC> incorrect: it's part of the 'ubuntuone-client' package
<JanC> no need for PPAs
<JanC> at least in 11.04
<incorrect> my server is on 10.04
<JanC> incorrect: maybe also ask in #ubuntuone or such
<incorrect> ah thanks
<JanC> incorrect: there might be a backport of the more recent U1 stuff in lucid backports
<JanC> although it also provides/needs a new couchdb version IIRC, so I hope you don't use that for anything else on that 10.04 server
<Doonz> hey guys im having trouble iwht my server. It locks up on me i cant access the websites nor can I access it through ssh. But i can ping it and the data that is being pipesd through the website continues to flow any idea where i can look in the logs for ideas?
<Doonz> and it crapped out again
<dougb> when i've logged into my machine over SSH, on a certain user account when I press the up arrow key it just prints ^[[A and not the previous command, is there a way to fix this?
<dougb> i fixed it, my shell was sh
<winsen> i had problem with ubuntu i can not update it
<winsen> it says (-5- no adress associated with hostname, so it seems problem with DNS, thanks
<winsen> for helping
<uvirtbot> New bug: #782776 in cobbler (universe) "cobbler buildiso fails" [Undecided,New] https://launchpad.net/bugs/782776
<mynameistux> I'm getting the message "network autoconfiguration failed" when install. My router handles DHCP, and I'm using a PCI-E gigabit ethernet card with a realtek RTL8111/8168B. ubuntu-server 11.04 amd_64
<mynameistux> found http://forums.hardwaresecrets.com/installing-realtek-rtl8111/3906?s=54601af5ec9ee62636d482bf1fa42193&amp; but ... uggh, easier to buy another network card
<_ruben> the brand alone oughta be enough to buy another :)
<Henriquez> ok, i have my (sub)domains setup correctly now but i want to serve content from a different server in my LAN to ldap.domain.TLD (phpldapadmin) is that possible with virtualhosts?
<guntbert> gmcdonald: did you try with apt-get or with aptitude?
<gmcdonald> apt-get
<gmcdonald> 20 packages can be updated, it says, it also says system restart required
<gmcdonald> so I apt-get update/upgrade then reboot
<gmcdonald> then it tells me same 20 packages can be updated, system restart required
<guntbert> gmcdonald: I've seen the "system restart required" remain after the update - you could thank you it with aptitude for once - sometimes it makes a difference - use aptitude update, then aptitude safe-upgrade
<gmcdonald> I'll try that thanks
<gmcdonald> I've done update/upgrade/reboot 4 times so far with no effect
<guntbert> gmcdonald: and try aptitude -vv safe upgrade  (makes it more verbose)
<gmcdonald> interesting, an aptitude safe-upgrade did not add anything, it removed old kernels
<gmcdonald> no difference on reboot
<mynameistux> I just bought this card for 25 dollars, and I don't have the box anymore so I can't return it
<mynameistux> :(
<guntbert> as I said: don't put too much weight in the "system restart required" message
<gmcdonald> guntbert: true, but it always tells me I have 20 packages to update, 8 of them security updates
<gmcdonald> I've updated them 5 times now
<guntbert> gmcdonald: look into /var/log/aptitude and /var/log/dpkg
<gmcdonald> will do
<gmcdonald> note apt-get update/upgrade is upto date, it doesnt actually update anything any more
<guntbert> then let it lie and ignore the "system restart required" message
<gmcdonald> the concern is the constant message I get on logging in/rebooting telling me I need to update 20 packages, 8 of them security
<gmcdonald> if it has updated them , fine. Hopefully the next message needed will clear this one out the way
<guntbert> gmcdonald: yes, as I said I've seen that before, something like motd not getting corrected
<guntbert> /etc/motd (or so)
<gmcdonald> right
<gmcdonald> ok
<gmcdonald> guntbert: thanks for your help, off now to free up some channels/keyb shortcuts :)
<Henriquez> ok, i have my (sub)domains setup correctly now but i want to serve content from a different server in my LAN to ldap.domain.TLD (phpldapadmin) is that possible with virtualhosts?
<_ruben> Henriquez: what do virtualhosts have to do with that? just a dns issue
<Henriquez> well because the server is on a different ip adress and the requests go to another internal ip adress
<Henriquez> and i don t know what directive to make a request from the webserver go to the other physical server in my lan
<Henriquez> i already created ldap.domain.TLD  so that is not the issue
<_ruben> ldap.domain.tld currently points to serverA but needs to go to serverB, change dns to point to serverB instead of serverA
<Henriquez> server a and server b have the same wan ip. It is about lan ipÅ
#ubuntu-server 2011-05-15
<chroot> ciao
<uvirtbot> New bug: #782842 in bacula (main) "package bacula-director-pgsql (not installed) failed to install/upgrade: el subproceso instalado el script post-installation devolviÃ³ el cÃ³digo de salida de error 1" [Undecided,New] https://launchpad.net/bugs/782842
<n2deep> Hi I just a did a new installation of 10.04.2  After install I did a aptitude update ; aptitude safe-upgrade
<n2deep> after rebooting, it still says "40 packages can be updated" "21 are security fixes" when I login
<n2deep> I've never seen the login dialog do that before on 10.04 server machine.
<n2deep> any ideas?
<RoyK> it's a big with motd uppdates
<RoyK> seems to me canonical has less than sufficient resources these days
<n2deep> RoyK: Hi! yes, seems like a bug to me too.
<RoyK> I have 20+ servers and all of them have that thing
<n2deep> it seems there is another bug with motd and the CPU/BIOS NXflag bit being disabled
<n2deep> I enabled the NX bit in the bios, and motd still tells me, "hey enable that in the bios"
<RoyK> it's rather alerming - a cron bug which affects a large number of users hasn't been fixe
<n2deep> and now when I run the suggested check that motd tells me to do, it says all is well!
<n2deep> RoyK: tell me about the cron bug. I already reported the root crontab bug in OI!
<RoyK> n2deep: it's a startup issue - cron doesn't start with a lot of setups
<n2deep> I see
<n2deep> I'm looking at /etc/cron.daily/apt on a 10.04 desktop machine that does not have this motd issue
<n2deep> though I'm not sure I'm looking in the right place
<uvirtbot> New bug: #782890 in backuppc (main) "no ping response on all hosts after upgrade" [Undecided,New] https://launchpad.net/bugs/782890
<Daviey> Wooohooooo!
<auscoder> list
<pilleslife> Hello together...is S.o. here who can help me with mdadm?
<pmatulis> !ask | pilleslife
<ubottu> pilleslife: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-)
<pilleslife> Ok...I've got a soft-raid5. 2 out of my 6 drives degraded, but I think 5 devices are ok. Then I tried to assemble the raid and I got this messages (http://forum.ubuntuusers.de/topic/soft-raid-5-degraded/). After that I tried to create a new array over the old, but it doesn't work. If I set the disk-size mdadm says that the drive ist smaller than de given size. (I hope you understood it. If not I will try to explain it again.)
<tdn> I do not beleive this is kubuntu specific
<tdn> wrong channel :)
<tdn> I have just installed kubuntu 11.04, when I start up, it says: error: no video mode activated. So nothing happens. I beleive it is already in grub it fails.
<Henriquez> ok i have server a and server b in my LAN and i have 1 WAN ip adress. Server A has virtualhosts setup for webmail and a website. I wnat to have another subdomain to point from server a to server b with another web application. I that possible ? and if so how?
<_ruben> Henriquez: mod_proxy
<Henriquez> ok thank you _ruben\
<Henriquez> so as far as i can see it is ProxyPassReverse
<peta> hello guys
 * RoyK wonders why the fuck the cron/upstart bug hasn't addressed yet - bug #592114
<uvirtbot> Launchpad bug 592114 in upstart "upstart doesn't start cron automatically on boot in lucid for server on amd64" [High,Confirmed] https://launchpad.net/bugs/592114
 * IdleOne wonders why the only time I see cursing in here it is from RoyK 
<RoyK> IdleOne: I generally don't curse too much, but this bug is rather bad, but still seems to be ignored
<qman__> I had pretty much exactly that problem with squid after I upgraded to lucid
<qman__> a couple reboots and manual start/stops fixed it
<peta> I'm developing a distributed system that involves multiple independent machines. I'm developing/testing with virtual machines using VMWare Fusion on a Mac. Now I'm faced by the decision how to manage the machine images. Up to now I simply duplicated a cusotm vm image I set up. However, such an Image is 9GB in size (only the bare os from the ubuntu server install image). What would you recommend in order to reduce the size of the a
<peta> (e.g. by stripping out all unnecessary packages, asf.) And is there a way to produce system "diffs" ... so that once the base vm image changed, I can simply move that "diff" to another base vm image?
<RoyK> 9GB sounds rather a lot for a base install - it should be 10% of that or so
<qman__> yeah
<RoyK> perhaps a bit more
<qman__> I've installed ubuntu server inside 2GB before
<qman__> with not much extra room, but still
 * RoyK runs Debian on a guruplug with 256MB flash and still has 100MB or so free
<RoyK> ubuntu base includes a bunch of things you don't really need that much - in the install page, you can choose to install the minimised version
<qman__> if you're trying to shave megabytes off a configured image, you can remove logs and /var/cache/apt/archives/*.deb
<RoyK> or the JEOS version if you like
<qman__> but if you're at 9GB, something is wrong
<RoyK> apt-get clean
<RoyK> 9GB is large for even a basic workstation setup
<RoyK> a JEOS install should fit into 100-200MB
<qman__> and a fresh off the disc, regular server install should be under 900MB
<RoyK> peta: check the logs - du -sh /var/log
<peta> Thought that too ... 9GB is pretty large. I just created a minimal vm in Fusion and did a default install from ubuntu server cd image.
<RoyK> peta: is the image 9GB? whatdoes df say?
<peta> RoyK: http://pastebin.com/NSA8CVwz
<RoyK> so 3 gigs in use...
<peta> RoyK:  strange ...
<qman__> that's still a lot
<qman__> did you update or install any extra packages?
<RoyK> peta: try apt-get clean
<RoyK> anyway - last I checked, vmware images grow when needed, but never shrink
<peta> aah ... maybe its a Fusion-specific behaviour that the virtual hdds has a given size at minimum
<peta> I'll try apt-get clean first ...
<peta> great ... now I have a usage of ~900MB
<RoyK> peta: most hypervisors allow for either pre-allocated images or growable ones
<qman__> that's more like it
<peta> RoyK: just checked the Fusion settings ... the virtual hdds are growable and chunked at 2GB parts
<RoyK> peta: if you install JEOS (F6 and something in the initial grub menu IIRC), it'll be even lower
<peta> RoyK: "Just Enough Operating System" .. sounds useful. WIkipedia says that its included in the vanilla server version since 8.10 ... must I select the JEOS option in the installer?
<RoyK> make that F4 - "Install a minimal system"
 * RoyK tests to see how large that one gets :)
<aljosa> whats the device name for /dev/sda in natty for amazon ec2/ebs?
 * RoyK has no friggin' idea
<RoyK> I would guess /dev/vda, but I may be wrong
<RoyK> peta: just tested 'minimal install' on a vbox vm here - 630MB
<RoyK> vbox image size is 832MB
<RoyK> that's with lucid
<peta> okay. stupid question: how did you chose "minimal install" ... I don't have this option in my installer menu (10.04, 64bit image)
<RoyK> press F4
<peta> i did ... only the choice "Normal"
<peta> I'll work that out by myself ... thanks for your help
<RoyK> it really should show up....
<RoyK> http://karlsbakk.net/ubuntu-install1.png
<peta> wtf!? when language is set to german, only the option "Normal" appears :D
<peta> now I chose english and it works
<RoyK> lol - file a bug :)
<RoyK> and btw, choose minimal _virtual_ system
 * RoyK loves his mac - after the upgrade to an SSD instead of spinning rust, it's blazingly fast :D
<peta> RoyK: I did
<RoyK> ubuntu base install in 3 minutes :D
<RoyK> minimum virtual (+ssh) is now down to 515MB
<peta> Which SSD do you use?
<RoyK> it's a Crucial C300
<RoyK> make that Micron - they bought them recently
<RoyK> not top-of-the-line, but still very much better than spinning rust ;)
<peta> nice. performance values look good
<peta> I'd like to buy one too, however, i need at least 500gb (using macbook pro) ... and its definitely too expensive
<RoyK> indeed - I had to clean up some old stuff before going down to 256GB
<peta> I saw a classic hdd that uses 4GB of integrated SSD cache ...
<RoyK> it's well worth it, though
<RoyK> just get a home server or something for the large stuff :)
<RoyK> we have some QNAP boxes at work for that - small linux-based things
<RoyK> stuff some 2TB drives in them and you have room enough for some time :)
<shauno> my plan's to move the hdd into the optical bay, and ditch the dvdrom. have a fast drive for things that benefit from speed, and a slow drive for things that require bulk
<RoyK> I know people that have done that - should work rather well
 * RoyK still wants the optical for watching^Wripping movies etc
<shauno> I used to think that, until I broke the dvd on my last laptop.  never bothered replacing it for 3 years
<RoyK> my old MBP, 1st gen, eventually lost its optical - checked with the apple vendor and they told me a new one would cost NOK 5k from apple!
<peta> sure, small fileservers at home/office are great for loading off data. some nas devices even offer media streaming capabilites ootb.
<RoyK> got one from ebay for 6% that price
<RoyK> peta: this qnap was rather nice - no limits - ssh directly into it and I was root :)
<peta> yeah ... there are many ecosystems with 3rd party plugins for qnap atl.
<RoyK> seems it's using raid1+0 for the system partitions (on the data drives) and whatever you choose for the data
<peta> however, mature solutions (with redundancy and failure checks) are still a pricy affair
<RoyK> for power redundancy etc, you'll need a bit more
 * RoyK uses ZFS for big storage
<RoyK> openindiana with a truckload of drives
<RoyK> we have a couple of 80-drive boxes at work - 100TB net storage each
<peta> wanted to buy me a thecus n4200 for some time now ... but as soon as i had the money anything else happened ^^
<peta> RoyK: http://www.thecus.com/product.php?PROD_ID=41   this thecus even has an mini ups included
<peta> and usb ports where one can plugin a usb stick and get them backed up automatically ..
<RoyK> not badly priced either :)
<peta> and no hdds included yet :D
<RoyK> but with 2TB drives below the $100 mark, that shouldn't be much of a problem ;)
<peta> hmm ... let's see. my next invest is definitely a larger hdd for my mbp (~15GB free space right now). maybe with internal ssd cache as said above.
<RoyK> peta: better use external storage for the big stuff
<RoyK> btw, anyone seen the pandaboard? http://www.pandaboard.org/
<RoyK> looks rather amazing :)
<peta> indeed. but check out "Raspberry Pi" a minimal platform for 18 bucks http://www.raspberrypi.org/
<RoyK> wtf can I get that?
<peta> dunno. the platform was released to the public this week. they should be broadly available soon.
<peta> RoyK: haaa, my new minimal 10.04-64bit installations has 576MB :D
<RoyK> :)
<RoyK> why 64bit if it's minimal?
<RoyK> not that it matters much...
<peta> well, the later production machines will use 64bit os too and in order to replicate the production env in my vm for testing/developing it chose this
<RoyK> k
<Proz01d> Hi Guys, I installed ubuntu server 10.04 LTS 64bit and it completed successfully however when i try to boot i can't get passed the "Starting Apparmor profiles [OK]"  the system just seems to hang  (i do have encryption on my volumes enabled).
<peta> Proz01d: The next service that should be initialized is cpufreq (cpu throttling, energy saving, asf.). So maybe its a problem related to that.
<peta> At least in all 10.04 32/64bit versions i have installed. I know that because inside my vm supervisor cpufreq isn't supported and thus this service always fails on sys init
<Henriquez> ok i am struggeling with mod_proxy from the apache package in ubuntu 10.04 server and have looked all over to find an answer. Where do i put the ProxyPass and ProxypassReverse? in the virtualhost file? in the apache2.conf file?
<Henriquez> do i need to change something else like hostnames to point to the server that the request is forwarded too?
<Henriquez> and do i need to create another virtualhost file on the server acceptin the request?
<Proz01d> peta: is there a way to bypass it? How do i get around this?
<peta> Henriquez: at the beginning of every directive sections, it is told where this directive may appear (vhost conf, server config): http://httpd.apache.org/docs/2.2/mod/mod_proxy.html
<peta> Proz01d: do you run your installation as vm or on a real box?
<Proz01d> vm
<peta> which one?
<Henriquez> thank you i will examin the document more closely then (already found that one)
<peta> Henriquez: np
<Proz01d> peta: may i pm?
<peta> sure
<Proz01d> ubuntu server 64bit with encrypted partitions... should i still be able to run the CLI only?
<Proz01d> (with only 128mb of ram
<Proz01d> )
<w00> 128ram? i have more on my phone ;/
<pilleslife>  /msg frostschutz hi, jemand da?
<Proz01d> yes... i'm running a vps. trying to keep cost down
<jpds> Proz01d: I don't see why not.
<peta> Proz01d: still the same problem?
<RoyK> Proz01d: I just tested a minimal VM here - boots ok with 32MB RAM
<RoyK> no encryption, though
<peta> RoyK: it's weird, because he uses a vanilla default-vm provided by his hosting company. the system starts up, AppArmore is started (status message shown) but after that it freezes.
<peta> I said that normally directly after AppArmor cpufreq is initialized ...
<RoyK> peta: what hypervisor?
<peta> xen
<RoyK> no idea - sorry
 * RoyK doesn't use xen
<Superchicken> Where is the best place to get support for serial passthrough for the libvirt-bin/qemu-kvm versions on server 10.04 LTS? I have been unable to get my guest's fax software working with USB or serial passthrough.
<RoyK> Superchicken: from virt-manager, it's rather trivial
<RoyK> Superchicken: just add physical host device, choose the serial port and you should be done
 * RoyK likes easy configs
<RoyK> Superchicken: from there you can choose a PCI ID - you'll find that in lshw
<Proz01d> Just an updated.... i had my hosting provider assign another 128mb and it started up correctly.
<Proz01d> (total of 256mb)
<RoyK> prolly the encryption part needing some ram
<RoyK> not all can be swapped out...
<Superchicken> I can connect it, but I've tried: USB passthrough with another USB fax modem, USB passthrough with a Keyspan, direct serial passthrough for the serial port on the host, and serial passthrough via the tcp option with ser2net running on the host for my USB modem, my serial modem, and with a Keyspan. I have differing results with differing methods and the TCP is most promising with what appears to be a perfect fax document (versus di
<Superchicken> rect serial passthrough which causes artifacts and and fax job errors), unfortunately even with ser2net, something goes wrong and my fax program on the host reports an error from the modem. I believe it's a timeout issue, which seems to indicate that nothing is making it back to my host from the modem after the data part of the transmission.
 * RoyK is currently programming a 16MHz processor with 4kB RAM and 16kB flash and is having good fun with it
<Proz01d> i heard all vps providers have access to the HDs and can look at the files without your knowledge so to protect the data on there i encrypted it..
<RoyK> theoretically, they can, of course
<Proz01d> but not with encryption right?
<RoyK> but then, as long as the VPS is running, they can always barge in and read the data from the mounted filesystem
<Proz01d> so then this is pointless to have encryption
<RoyK> depends - if you're paranoid, add encryption for certain parts and mount them when needed
<RoyK> if a volume stays mounted, you can always get in, given console access
<RoyK> that is - not really...
<RoyK> you'll need passwords etc
<jpds> Proz01d: If you don't trust them, move to something else. ;-)
<RoyK> but if you're automounting the volume, you need to hardcode the key, and that's like hanging our doorkey at your door
<RoyK> jpds: indeed - or get your own box :P
 * RoyK has a private server
<wmp> hello
<RoyK> or two...
<wmp> i looking for tool to make statistic what country my serwer have most connections
<RoyK> web server?
<wmp> no
<wmp> shell
<RoyK> perhaps you can hack awstats to do it
<RoyK> it works well with other services
<wmp> no, i havent logs to network
<wmp> maybe vnstat?
<jpds> wmp: That only does data traffic, not countries.
<wmp> true, in this database isn't ip
<wmp> maybe nestat?
<wmp> maybe iptables? :)
<RoyK> iptables???
<RoyK> the lastlog should be sufficient for shell access
<RoyK> as in /var/log/lastlog
<wmp> RoyK: how to read lastlog?
<wmp> RoyK: hmmm, ubuntu bug: May 15 06:38:20 cardinal rsyslogd: [origin software="rsyslogd" swVersion="4.2.0" x-pid="2735" x-info="http://www.rsyslog.com"] rsyslogd was HUPed, type 'lightweight'.
<wmp> RoyK: no, lastlog isn't good idea
<RoyK> or /var/log/auth.log
<RoyK> that should show the IPs etc
<wmp> i have torrents on server, and i want to check this transfer ;)
<RoyK> then you'll need some support in the app
<RoyK> transmission or whatever you're using
<wmp> but i have http, ftp... I need this on network level ;)
<wmp> http://software.inl.fr/trac/wiki/EdenWall/NuLog
<RoyK> well, I don't know
<JanC> I'm sure there is a way to log all IPs with netfilter
<wmp> JanC: netfilter generate big load?
<wmp> i have 200mbps IO
<RoyK> iptables -i INPUT --ctstate NEW -j LOG
<RoyK> perhaps
<jmarsden> I missed the initial question, but argus generates a summary of all network connections, ra is the client to view the info it creates... is that what you are interested in?
<JanC> netfilter is the part of the kernel that you use to set up a firewall with iptables   ;)
<JanC> it's basically a framework for inspecting IP packets & acting on their properties
<wmp> ok, i must read about it
<JanC> I'm pretty sure iptables can create logs that you can parse to generate the info you need
<Proz01d> @royk and @jpds i'm just a little paranoid..... I have no reason not to trust them
<JanC> but there might also be something that causes less load...
<Proz01d> except i don't know them
<RoyK> what sort of data is it there? planned terrorist atttack? :)
<Calif> Anyone got experience running nagios on windows?
<Calif> the nsclient++
 * RoyK uses nsclient++ quite a lot
<Calif> I keep getting an access is denied error when I try to edit the NSC.ini file
<Calif> I'm an administrator, I've taken ownership of the entire directory and sub objects
<Calif> I shut down the systray icon, and stopped the service in admin tool
<Calif> s
<Calif> Is there something I'm missing? Do I have to reboot into safe more to edit the file? I'm over RDP incase that matters
<RoyK> try manually with setfacl or something
<Calif> Its windows 7 too btw
<Calif> I heard of cacls, not setfacl though
<RoyK> there are some tools for showing which files are open too - don't remember their names, though, but available from http://www.sysinternals.com/
<RoyK> erm - sorry - cacls, yes
 * RoyK doesn't use windoze too much these days
<RoyK> setfacl is linux/posix
<Calif> ah, I see
<JanC> yeah, I remember SysInternals had a good free tool to see open files in the past
<Calif> that seems to have done it. I did it from cmd directly on the folder (I tried just program files it was giving an access denied error as well, but not the nsclient folder)
<Calif> One thing I'm a bit uncertain about...
<jmarsden> JanC: Process Explorer.  There is also an open source equivalent called ProcessHacker on SourceForge now.
<jmarsden> But this is #ubuntu-server ... :)
<Calif> I just got it to properly monitor my services on windows. Thanks for your help.
<uvirtbot> New bug: #783193 in openssh (main) "package openssh-server 1:5.8p1-1ubuntu3 failed to install/upgrade: subprocess new pre-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/783193
<missil> hi
<missil> i heard this was the kick ass chan for server help
<missil> im getting an error running virtual servers - after getting the servers to start and run using virsh i cannont connet to them via ssh or virsh console any help would be apreciated
<missil> virsh # console ubuntu
<missil> Connected to domain ubuntu
<missil> Escape character is ^]
<missil> error: internal error cannot find character device (null)
<missil> addict@TeraFora:~/virtual$ virsh 'list --all'
<missil> Id Name State
<missil> ----------------------------------
<missil> 1 addicts running
<missil> 2 ubuntu running
<missil> any help would be awsome
<missil> ty
<Mean_Admin> anyone have experience with online backup services Ã  la spideroak or crashplan ?
<greppy> Mean_Admin: I'm using spideroak currently.
<Mean_Admin> greppy: thumbs up?
<Mean_Admin> greppy: or rather, have you any reason to not recommend it ? I'm happy if it just backs the data up, not looking for fancy interface (as it'll run on a server, obvioiusly)
#ubuntu-server 2012-05-07
<EvilResistance> how do you tell what package contains which command?
<astrostl> i have a dummy entry in my hostfile: 10.0.0.242 fake.derp
<astrostl> my nsswitch is configured to search files first: hosts:          files mdns4_minimal [NOTFOUND=return] dns mdns4
<astrostl> getent hosts 10.0.0.242 returns what i expect: 10.0.0.242      fake.derp
<astrostl> host 10.0.0.242 (a generic reverse lookup) fails: Host 242.0.0.10.in-addr.arpa. not found: 3(NXDOMAIN)
<astrostl> any ideas?
<astrostl> wondering if host doesn't call gethostbyname...
<astrostl> got it, nm.  i was looking at this to investigate a mysql rdns issue, for some reason the client was reaching out via its vpn rather than its lan ip.  it was failing because that (understandably) didn't have rdns.
<axisys> T_A_N_K: http://paste.ubuntu.com/972745/ <-- is there to shrink it?
<twb> Is your question "how do I shrink an LV" ?
<axisys> twb: yes.. i like to shrink the swap lv
<twb> First do "swapoff /dev/vg0/swap" so that it doesn't show up in /proc/swaps anymore
<twb> Then, once you're sure it's not in use, you can "lvreduce --size 2g /dev/vg0/swap" or whatever.
<axisys> swapoff success.. top shows 0 swap total
<virusuy> before swapon your swap LV again, remember to execute mkswap
<axisys> http://paste.ubuntu.com/972795/ <-- should I use -f ?
<twb> virusuy: oh good point, thanks
<twb> You will also need to update /etc/fstab to have the new UUID after a mkswap
<virusuy> twb: you're very welcome
<axisys> twb: so use -f ?
<twb> axisys: yes, I think so, lvreduce -f before mkswap
<virusuy> axisys: that's not necessary
<virusuy> just swapon your swap and see if it's 2G
<axisys> virusuy: thanks
<virusuy> no problem :)
<axisys> virusuy: yep 2g
<virusuy> :)
<virusuy> as you can see in your mkswap output
<virusuy> at the end says something like
<virusuy> "Setting up swapspace version 1, size = 2097148 KiB"
<virusuy> that size it's 2G
<axisys> virusuy: right
<axisys> virusuy: what's the don't erase bootbits sector for ?
<virusuy> axisys: not sure
<twb> axisys: where do you see that?
<virusuy> twb: when he execute mkswap
<twb> It probably just means that the first few blocks are not used in case they contain boot information
<twb> e.g. if you did mkswap on a whole disk
<twb> But that's just a guess
<virusuy> yes, seems like that
<virusuy> and also, it's a warning message
<virusuy> philipballew: are you at UDS ?
<philipballew> virusuy, yeah. you at the hotel?
<philipballew> Im on the first floor
<virusuy> nop... just at home
<virusuy> far, really far away
<philipballew> ahh man
<virusuy> philipballew: i hope to be there next cycle
<philipballew> where do you live?
<virusuy> Uruguay, South America
<philipballew> Ive never been there!!!
<virusuy> you should!
<philipballew> wanna fly me out there?
<virusuy> you should be here for next UbuconLA
<philipballew> if you fly me out i will
<virusuy> http://www.ubuconla.org/
<virusuy> philipballew: i would love .. but i can't
<virusuy> would be great have you here givin a talk
<philipballew> virusuy, on what exactly?
<virusuy> i don't know.. ubuntu is the main topic
<virusuy> could be community, your own experience at UDS
<philipballew> I have several topics I can do them on. If you want to fly me out there, I will do them
<virusuy> i'm not part of the organization team.. but i'll talk to them to see what they can do
<virusuy> this year is in Buenos Aires, Argentina
<virusuy> next one, in my city, Montevideo, here in Uruguay
<philipballew> what times throughout the year
<virusuy> this year is June 1st and 2nd
<virusuy> and next year will be someday near those
<philipballew> i can do that. I can do that this year
<virusuy> next one ?
<philipballew> yes. I can
<virusuy> well, i'll send an email to ubunconLA staffs to see what can they do
<philipballew> haha, sure
<virusuy> this year or next one
<philipballew> well, have a good time!
<philipballew> i gtg
<virusuy> you too
<virusuy> http://eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/
<uvirtbot> virusuy: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1823)
<virusuy> for those of you who manage apache + php + cgi servers
<virusuy> please, update your php :-)
<twb> http://me.veekun.com/blog/2012/04/09/php-a-fractal-of-bad-design/
<twb> IMO the correct solution is to remove (not upgrade) PHP
<virusuy> :)
<virusuy> the "sad" part here is, php release a bug fix, and the bug fix itself has a bug
<virusuy> that's really weird
<twb> Brooks says the chance of introducing a new bug, in a bug fix, is 20% to 50%
<virusuy> well, PHP is in between those percents :-=
<virusuy> :-)
<twb> Adding a remote execution attack when they tried to fix the md5 checksum issue was pretty pathetic though
<virusuy> yeah
<virusuy> true
<virusuy> well, seems like php folks will have a rough time
<koolhead17> ?
<virusuy> http://me.veekun.com/blog/2012/04/09/php-a-fractal-of-bad-design/ koolhead17
<virusuy> ups, wrong link
<virusuy> http://eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/
<uvirtbot> virusuy: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1823)
<virusuy> gents, it's 2:20 am here in Uruguay
<virusuy> time to bed
<virusuy> see you tomorrow
<virusuy> time for* bed
<Auckla> I would just like to say, that I am pretty sure there is something incompatible with 12.04 and my AMD Sempron 1.5ghz machine. :*(
<Auckla> Checked MD5, downloaded via HTTP and torrent, and three USB keys. Gets stuck looking for linux kernal.
<Auckla> Not that it really matters, it is a dated machine. Just thought I would say.
<sh_t> has anyone noticed any issues with precise and the ixgbe driver/10GE cards? my fresh install "times out" and drops to a busybox shell at boot immediately after some ixgbe messages during boot
<twb> What evidence do you have that the 10g cards are the issue
<twb> i.e. couldn't they just be the last *working* thing before the unrelated failure?
 * kokyu waves
<Ztane> PostgreSQL: FATAL:  could not load private key file "server.key": key values mismatch
<Ztane> why on earth the pg package STILL tries to use the snakeoil key by default, when it never works
<kokyu> Hey. I still don't actually get what *MAAS* is there for. I know that it means "Metal as a Service" and that it is meant to be some kind of server provisioning system, but what does it mean? Is it a OpenStack/etc competant, like manager for virtual machines (KVM/LXC/XEN/etc) on it or what?
<journeeman> kokyu: MaaS helps you install an OS and other software like Openstack on top of it (using Juju) remotely, using the web GUI on the MaaS server. For eg., you can remotely install Ubuntu Server + Openstack on say 5 machines using the MaaS web GUI.
<kokyu> ah
<kokyu> so speaking of layers, MaaS is for setting up machines (remotely)
<lifeless> more or less
<lifeless> and tearing them down
<twb> kokyu: pfft, that's what PXE and cunning preseeds are for
<Destreyf> anyone have an idea on how long juju initalizes? i can ssh the node but juju -v status hangs on "DEBUG Environment still initializing. Will wait."
<blendedbychris> anyone in here using glusterfs?
<blendedbychris> i can't get my drive to mount without it hanging when trying to access the mount point
<Jernej_Work> hello everyone
<Jernej_Work> i need to upgrade whois
<Jernej_Work> how do i do this?
<Jernej_Work>  whois 37.35.9.155
<Jernej_Work> Unknown AS number or IP network. Please upgrade this program.
<Jernej_Work> apt-get install whois
<Jernej_Work> Reading package lists... Done
<Jernej_Work> Building dependency tree
<Jernej_Work> Reading state information... Done
<Jernej_Work> whois is already the newest version.
<Jernej_Work> so i need to update whois somehow, because it's causing large amout of issues.
<oCean> Jernej_Work: what is you current version? I have no issue doing that whois in ubuntu 12.04
<Jernej_Work> if i knew how to check..
<oCean> Jernej_Work: for whois:  apt-cache policy whois
<oCean> for your ubuntu version: lsb_release -a
<Jernej_Work> Distributor ID: Ubuntu
<Jernej_Work> Description:    Ubuntu 10.10
<Jernej_Work> Release:        10.10
<Jernej_Work> Codename:       maverick
<Jernej_Work> whois:
<Jernej_Work>   Installed: 5.0.7ubuntu1
<Jernej_Work>   Candidate: 5.0.7ubuntu1
<oCean> Jernej_Work: Ubuntu 10.10 is end of life
<oCean> so no upgrades provided
<oCean> eh, updates that is
<Jernej_Work> well i just need to get a new whois
<Jernej_Work> apparently
<oCean> Jernej_Work: yes, those updates are no longer provided, since the release is end of life
<Jernej_Work> can't i get a whois from newer release?
<Jernej_Work> i need just that
<oCean> Sure you could try, but remember mixing software versions might get you in all kinds of trouble (dependencies and all....)
<Jernej_Work> it's just a whois tool
<Jernej_Work> i don't get it why it even needs updating
<oCean> See, the whois from most recent ubuntu version: http://packages.ubuntu.com/precise/whois
<Jernej_Work> how would i install just whois from that package?
<oCean> however, it depends on a more recent glibc6 version than available in 10.10
<oCean> !info libc6 maverick
<ubottu> libc6 (source: eglibc): Embedded GNU C Library: Shared libraries. In component main, is required. Version 2.12.1-0ubuntu10.4 (maverick), package size 3836 kB, installed size 9484 kB
<memoryleak> I get \e[1;31mnot running:\e[0m instead of colored "not running" - what I'm doing wrong?
<Jernej_Work> so how do i install those 2 specific things?
<oCean> Jernej_Work: you don't update your glibc6 package, it is one of the core packages of your system
<Jernej_Work> well
<Jernej_Work> i'll consider a upgrade with the owner of the server then
<oCean> that is probably wisest thing to do :)
<Jernej_Work> NO IT IS NOT
<Jernej_Work> it's a whois program
<Jernej_Work> why does it even need updating?!
<Jernej_Work> seriously
<oCean> I have no idea, maintainers of whois databases might know
<Jernej_Work> they need a demonstration of napalm.. :(
<oCean> Jernej_Work: no need for that kind of attitude here
<Jernej_Work> attitude..altitude..aptitude.. :D
<Jernej_Work> it was a joke anyways
<elspuddy> hi each time i run the command byobu on my ubuntu server it keeps drawing the stats bit and makes the page go up, how do i fix this ?
<benji> elspuddy: what terminal are you using?  I've seen that happen under some very odd circumstances relating to poor terminal emulation
<gary_poster> elspuddy, try making sure your terminal is in utf8 encoding?
<elspuddy> sorry about that, my desktop boz ent funky
<elspuddy> boz - box
<elspuddy> benji, putty
<benji> elspuddy: hmm, wild guess: run it under screen and see if it behaves better
<elspuddy> screen run fine
<elspuddy> just trying to find out if putty is useing utf8 enconding
<benji> elspuddy: running screen and then byobu didn't cause the unwanted scrolling?
<elspuddy> sorry i missunder stood, iv just ran byobu still give's me the unwanted scrooling
<hex20dec> Hey everyone.
<hex20dec> So I'm just testing my site, and I sent myself an email and suddenly, the email was not received on my gmail.
<hex20dec> So I looked at the mail reports and it says: http://paste.ubuntu.com/973532/
<hex20dec> By the way, it was working fine for a few months and it just now stopped.
<patdk-wk> stop sending so much junk to gmail, and they won't block you :)
<patdk-wk> that is exactly what it tells you
<hex20dec> patdk-wk: I realized that, but my site isn't just at all, it's not even fully running, and the only email address that emails were sent to is mine, because I'm testing it.
<hex20dec> junk***
<patdk-wk> are you *sure*?
<hex20dec> 100%
<patdk-wk> you haven't been hacked? or abused?
<hex20dec> 100% sure
<hex20dec> No one even knows about my site.
<patdk-wk> gmail doesn't do that unless someone keeps clicking *spam* to All your emails
<patdk-wk> if it's on the internet, someone knows about it
<hex20dec> patdk-wk: You're right about that.
<hex20dec> But, my site does not even send emails randomly, it only sends emails to either verify email address or forgot password function.
<reide> Could someone help me with an install and setup? It's a question that has been asked a million times on the internet, but I can't seem to get things to work.
<hex20dec> So it can never be abused.
<patdk-wk> your positive there is no possible way for someone to crack that code?
<hex20dec> Yes.
<jandrusk> You can never have 100% assurance in security.
 * RoyK mumbles something about famous last wods
 * RoyK mumbles something about famous last words
<patdk-wk> dunno, I'm used to locating hacked websites multible times a day
<hex20dec> jandrusk: You're right, but it's not the case.
<xranby> reide: i think this is what you are looking for https://help.ubuntu.com/12.04/serverguide/installation.html
<patdk-wk> I'm not sure what the offical gmail unusual rate is, but it's not low, it's a few hundred emails per hour, min
<hex20dec> Lol, I haven't touched my site for about a month and all of a sudden this happened.
<hex20dec> Meaning, emails weren't sent out for a month.
<hex20dec> Can I check to see all the sent emails from my server?
<patdk-wk> nope
<patdk-wk> you can only check for emails sent via your mta
<patdk-wk> you can't check for ones sent via some scriptkiddie
<danp_> Hello, I was having some trouble setting up FastCGI with apache2. I have the module loaded but when I attempt to execute any kind of FastCGI script the request hangs
<urthmover> Am I able to look at the date/timestamp on dmesg.0 to identify when the last reboot occurred?
<hex20dec> patdk-wk: One more thing I forgot to mention that might help solve this case. Whenever I looked at the headers of the emails that were sent from my site, it was always on "Received-SPF: neutral", I tried getting this to work properly, but I don't have much knowledge about this.
<danp_> At the very least is there any way I can view packages that depend on a package? I found the command dpkg-deb -I but you are apparently supposed to give it a .deb file as an argument and I installed the package through apt-get
<hex20dec> patdk-wk ?
<elspuddy> going mack to my scrooling byobu problem, it runs fine if i log into my desktop pc, so it cant be putty
<benji> interesting; as a workaround you could disable the status line (if that's even possible with byobu, I don't know much about it)
<urthmover> I'm having trouble with the nouveau driver and my monitor.  nouveau 0000:0a:00.0: DDC responded, but no EDID for DP-1  Thinking that I could just change "nouveau" to "vesa" in /etc/X11/xorg.conf would fix it.  But there is not xorg.conf.  Will someone give me some help with resolving this?
<xranby> urthmover: you can add a xorg.conf
<urthmover> xranby: I'm doing that now actually. maybe this will help
<urthmover> xranby: thanks for speaking up
<kpettit> Is there any good tools for monitoring the number of active users and/or pages Apache is doing?
<kpettit> I'm getting some complaints about a website not working good so I want to monitor load and such.  Top just isn't doing it for me.  Any suggestions?
<ahxcjb> sure
<ahxcjb> kpettit: opsview.com
<jsmith-argotec> Having a problem upgrading slapd... using some proposed fixes but there's a dependency issue I don't understand... if someone has a moment to discuss
<kpettit> ahxcjb, thanks I'll check it out
<ahxcjb> http://www.opsview.com/whats-new/blog/website-monitoring-opsview
<ahxcjb> you can monitor apache internals also with it
<ahxcjb> number of hits per second, threads, etc
<kpettit> ah cool. thanks.
<jsmith-argotec> says to run apt-get -f install to correct but that fails with dependency problem
<jsmith-argotec> now I'm stuck halfway upgraded from 10.04 to 12.04
<jsmith-argotec> "slapd depends on libperl5.10 (>= 5.10.1); however:
<jsmith-argotec>   Package libperl5.10 is not installed."
<jsmith-argotec> Depends: libperl5.10 (>= 5.10.1) but it is not installable
<jsmith-argotec> libperl5.14 is installed...
<xranby> thats odd.. since the latest slapd   depend on libperl5.14  https://launchpad.net/ubuntu/precise/amd64/slapd/2.4.28-1.1ubuntu4
<xranby> jsmith-argotec: you can possibly try remove  slapd     then upgrade the rest of your system and finnaly install the latest slapd
<jsmith-argotec> xranby: still have slapd 2.4.21-0ubuntu5.7 installed... because it couldn't upgrade it on first try of release-upgrade
<jsmith-argotec> xranby: ok - no way to force the upgrade of slapd to clear up the issue?
<xranby> jsmith-argotec: maybe.. might be someone here with a better suggestion than mine
<jsmith-argotec> xranby: I don't mind removing and reinstalling... just not sure if I'll have reconfigure it after if I go that route (hope not)
<xranby> jsmith-argotec: take a backup of your ldap config, thats the only tip i can give you
<jsmith-argotec> xranby: ok thanks
<fixxxermet> Hey guys, how I can use ubuntu-vm-builder (or virsh) to specify which bridged adapter the vm should use?
<koolhead17> hi all
<discopatrick> fresh install of ubuntu server 10.04 - what's the default state of the firewall?
<discopatrick> i'm using an install given to me by a hosting provider, which on first load is opening port 22 and nothing else. i'm trying to figure out if that's the default, or something that the hosting provider have configured
<patdk-wk> discopatrick, as the default state of ubuntu install, is not to have any firewall at all
<discopatrick> patdk-wk: i guessed as much. so my hosting provider have added custom configuration.
<patdk-wk> or just installed something that does that, like ufw
<discopatrick> right.
<oCean> ufw is installed by default, just disabled
<lynxman> morning o/
<NobodyHere> Greetings - I just upgraded a natty server to oneric and then precise, and now SSH is broken: "openssl version mistamtch. Built against 1000007f, you have 1000100f"
<NobodyHere> I tried doing an apt reinstall of ssh, no go.
<NobodyHere> same with re-installing libssl and openssl
<discopatrick> so, seeing as my new server automatically boots with firewall on, my hosting provider must have written in a script to do this. unfortunately, they're not being very good so far at telling me where this script is... it's not too much to expect really... is it?
<discopatrick> i'm currently looking through the contents of /etc/rc2.d
<discopatrick> does anyone have an idea of where a default firewall configuration might be located?
<med_> At UDS, what's the format of the IRC channels for the rooms?  I didn't see it on my badge.
<frankban> hi hallyn, I am preparing a diff for bug 994752. I have build lxc 0.8.0~rc1 with my changes, and seen that the shared library (liblxc) is now under /usr/lib/x86_64-linux-gnu/lxc/. Is this an error in my build or should I assume the path will change in quantal? In the latter case, I should fix lxc-ip to reflect the change.
<uvirtbot> Launchpad bug 994752 in lxc "lxc-start-ephemeral's use of dhcp lease table is fragile" [High,Triaged] https://launchpad.net/bugs/994752
<Pici> med_: Its all in the topic of #ubuntu-uds: http://paste.ubuntu.com/964790/
<med_> Pici, thanks.
<NobodyHere> unnnnnbelievable.  the precise upgrade failed - I can't get openssh to install because it has unresolved dependencies with libc6 versions and more
<NobodyHere> it looks like I was half upgraded
<NobodyHere> any ideas?
<NobodyHere> is there anyone actually in this channel?
<ogra_> many are, but many also are sitting at UDS in marks opening talk atm
<ogra_> http://summit.ubuntu.com/uds-q/
<ogra_> so be patient
<med_> NobodyHere, how did you do the upgrade?  What version were you upgrading from?
<NobodyHere> nevermind, I figured it out on my own.  I was able to use the dependency list in aptitude to install the missing packages...but I have no idea why, say, libc6 wasn't the right version.
<NobodyHere> or why apt-get refused to do anything at all, claiming it couldn't download the package.
<NobodyHere> the whole mess may have been caused by the hpn-ssh PPA we were using.
<NobodyHere> I don't know.
<NobodyHere> don't care.
<NobodyHere> it's working.
<philpem> Is there any way to force Cobbler/Orchestra to discard the cached ISO images and redownload them? I seem to have a Precise Pangolin beta mini-ISO from December which won't run the installer
<philpem> I'm getting a "no kernel modules were found" error when the installer boots
<philpem> Syslog: <12>May  7 16:29:05 anna[8269]: WARNING **: no packages matching running kernel 3.2.0-7-generic in archive
<ogra_> use a more recent build
<ogra_> the installer images are closely tied to the kernel version, use the final release, not something from december
<philpem> um, yeah, I'd like to. EXCEPT: this is being installed from Orchestra.
<philpem> which is why I asked: how do you make Orchestra ignore the fact it already has the ISOs, and force it to re-download mini.iso
<philpem> and update all the PXE netboot images too
<philpem> orchestra-import-isos just bails out because it already has the isos :(
<philpem> ok, short answer: you can't. long answer: you can, but only if you can live with the fact you'll lose your entire Cobbler configuration
<philpem> solution:   sudo rm -rf /var/lib/cobbler/isos/* /var/www/cobbler/ks_mirror/* ; for i in $(distro-info --supported); do for j in i386 x86_64; do sudo cobbler-ubuntu-import -v $i-$j; done; done
<some1_2> Should MAAS work running on VirtualBox?
<oal> I need a quick way to set up a simple mail server so that I can see/send mails. Either if they're sent for real, or if they're just stacked up in /var/mail or whatever. Any tips?
<some1_2> It seems to install the MAAS server just fine, have that all set up according to docs, but when I try to add a MAAS node using installer as soon as I select to enlist the vm powers down
<oal> The only thing I need is to be able to somehow see mail contents
<hex20dec> So I'm officially desperate for help with my mail server, I need to setup SPF and secure it somehow. I will pay. Anyone?
<some1_2> The master NAAS lists the nodes in the web interface, but the nodes won't start, and if I try to start them manually they have no OS installed
<apetrescu> I feel stupid for asking this, but how do I add user accounts for the OpenStack Dashboard in 12.04? It won't take my normal user credentials. What does it auth against?
<apetrescu> I can't log into it at all
<HIGG5_BO5ON> Hey, guys! Can any of you help me with a problem I'm having with installing utorrent on ubuntu 11.10?
<Delemas> Anyone else running check_mk on Ubuntu 12.04 out there? I'm trying to setup a server but I'm only getting content encoding errors from /check_mk/ in my browser...
<aboSamoor> is maas ready for usage? what does maas-enlist mean? \
<hallyn> frankban: hey - yeah the move to //usr/lib/x86*/lib is hurting me...  but yeah, lxc-ip should change in q to use the new location
<cwillu_at_work> !info linux-generic
<ubottu> linux-generic (source: linux-meta): Complete Generic Linux kernel. In component main, is optional. Version 3.2.0.23.25 (precise), package size 1 kB, installed size 31 kB
<Delemas> Sweet fixed it. Never mind...
<LMJ> hi
<LMJ> kinda tricky question here : I have a domain foo.com, my local machines are configured in resolv.conf to search .foo.com and domain foo.com. I have a machin called netstation, ping netstation works, ping netstation.foo.com works also. BUT I'm not hosting my DNS server so, on my registar DNS, i've configured  computer2.foo.com which is out of my localnetwork. My PC try to find it in local, it can't, it says it doesn't not exist, is there a w
<LMJ> ay to make this configuration resolving local first and if it doesn't find it, try public DNS ?
<hallyn> stgraber: what was the lxc-ubuntu change you were saying you needed to make?  (some bug-fix)?
<hallyn> oh i see it, nm, sorry
<stgraber> hallyn: did you have a chance to poke Daviey to reschedule the LXC session
<hallyn> stgraber: i couldn't find him, talked to Michelle.  It's now set for 9am fri
<hallyn> should be locked
<hallyn> stgraber: care to review a lxc debdiff?  it's gotten bigger than i intended as i keep finding little bugs
<stgraber> hallyn: sure, can do a review
<aboSamoor> can someone help me with maas? I would like to access the nodes, I can not find the credentials of the usernames and passwords!
<hallyn> stgraber: thanks, it's http://people.canonical.com/~serge/lxc.debdiff3   last set of tests is running but it finally seems good
<hallyn> stgraber: if you think it's worth keeping the scripts dash instead of bash i'm fine with that, but it broke your macaddr fix to lxc-clone :)
<hallyn> (or was that my fix?  maybe it was mine)
<hallyn> (either way, it broke with switch to dash)
<stgraber> hallyn: quick spot check looks good, I tend to prefer writting posix shell script when possible, but we'd have to run all of upstream through checkbashims and fix them if we want to use dash
<stgraber> so for now, bash sounds safe
<hex20dec> Hi, can someone please help me. I contacted my hosting company, but I don't really understand. http://pastebin.com/dajZV0TP
<hallyn> stgraber: i guess this is worth mentioning at the friday session:  i agree switch to dash would be nice, maybe we should send the debian patch upstream?
<hallyn> then we should be safe :)
<hallyn> anyway, thanks, i'll push it then - ttyl
<Resistance> hex20dec:  they're offering you a service to set up a mail sending relay, since google's blacklisted your cloud based IP
<Resistance> hex20dec:  as for setting up a relay, that'd normally require an additional (secondary) machine, or routing all your emails through a separate smtp server
<hex20dec> Resistance: Oh, I see.
<Resistance> but i'm also not the most knowledgeable on that one, but that's the general gist of what they're saying
<Resistance> (in more technical terms)
<Resistance> they also tell you how to (a) register for their email sending relay system
<Resistance> and (b) that you need to configure your system to send via that relay
 * Resistance can't help you much more than that
<Resistance> since there's not much other info there
<Resistance> (you should probably read how to sign up for their service that they mentioned, as they tell you where to look)
<hex20dec> Resistance: My biggest question is, how did I get black listed, meaning why? I didn't do anything wrong.
<Resistance> hex20dec:  the cloud servers IP blocks are blacklisted/greylisted
<Resistance> they say that
<Resistance> "Cloud Server" IP blocks are normally blacklisted/greylisted
<Resistance> at least, by Google they are
<aboSamoor> can someone help me with maas?
<hex20dec> Does that means that all of their IPs are blocked by Google by default?
<Resistance> hex20dec:  for their cloud servers, yes
<Resistance> thats probably why the offer a mail relay service
<Resistance> which sits on a different IP (non-cloud, probably)
 * Resistance isnt an expert on google, though, he's only interpreting what the rackspace people are saying
<hex20dec> You think they did it on purpose to make me buy the relay thing?
<Resistance> hex20dec:  i recommend you look into the service they told you to look at
<Resistance> since its a free service
<Resistance> (according to theM)
<Resistance> as for Google blacklisting...
<Resistance> that's at google's end
<Resistance> not rackspace's
<Resistance> so you cant make that comparison/relationship between the two
<hex20dec> Any way to get the IP  whitelisted by Contacting google?
<hex20dec> Would you know?
<hex20dec> Resistance:
<Resistance> hex20dec:  nope
<Resistance> they rarely whitelist IPs, because they use reliable DNS blacklists or greylists in their spam filtering
<Resistance> so you'd have to get a removal on those DNS blacklists, and its impossible to tell which one(s) they're using
<Resistance> hex20dec:  see privmsg
<elspuddy> hi i got a  byobu problem, each time i use it on my ubuntu server box it scrools each time the sats update, any one know how to stop this ?
<JonEdney> Any word on when 12.04 will be available for openvz?
<Destreyf> anyone got an instance of juju working on 12.04?
<Destreyf> hmm
<Resistance> Destreyf:  patience :P
<med_> smoser, you're being pinged in the openstack charms in junior-ballroom-1
<med_> perhaps you could pop-over
<med_> I guess hallyn could be helpful as well.  (LXC, local charms, etc.)
<aboSamoor> how can I install a package on a cluster of nodes running ubuntu?
<Destreyf> like th5....
<Destreyf> that*
<Destreyf> when my nodes install they try to go to ubuntu-mirror.localdomain is this normal??
<Destreyf> for their apt source
#ubuntu-server 2012-05-08
<aljosa> i'm getting "/usr/lib/lxc/templates/lxc-ubuntu-cloud: line 240: type: ubuntu-cloudimg-query: not found" when using "lxc-create -t ubuntu-cloud -n box2"
<aljosa> any ideas?
<resno> im considering splitting my server into mysql db and web server... which machine needs to be beefer?
<resno> or would it be better to just get a better server and be done with it?
<aljosa> resno: it's usually database that needs a good hw but depends on your case. do you actually have perfromance issues?
<smoser> Deathvalley122, your issue is that you have wildcard domain for that
<smoser> i think.
<resno> aljosa: nah... just setting it up so, im curious if im just being silly or or not
<smoser> basically, cloud-init tried looking up 'ubuntu-mirror' in the domain was found in metadata server's local-hostname.
<resno> aljosa: im moving from a shared host to vps... so im unsure what my needs really are, but these are low inboxes
<smoser> and got a hit.
<Deathvalley122> smoser: was that a tab error?
<mariooo> hi all. having consistent network issues with an upgraded 11.04 > 11.10 VM.
<mariooo> hoping for some help as to how to debug/diagnose the issue, lots of googling but not really sure where to go from here.
<mariooo> some system info + things i've tried: http://pastie.org/3876605
<twb> Define "issues"
<mariooo> basically all networking seems to work fine until any significant traffic occurs, most notably apt-get update/upgrade. this seems
<mariooo> to crash the network adapter (if i'm SSHed my connection gets dropped) and can't do anything till networking is restarted
<Bronze> twb++ :)
<mariooo> I was intending to upgrade to 12.04LTS but wasn't aware of the required -d flag on do-release-upgrade, so now am stuck (do-release-upgrade fails as network crashes randomly while trying to get packages)
<qman__> mariooo, release upgrades must be done incrementally; you'd have to go 11.04 -> 11.10 -> 12.04 regardless
<qman__> the exception is that LTS can upgrade directly to LTS
<mariooo> qman__: damn. was fearing that might be the case.
<qman__> 8.04 -> 10.04 -> 12.04
<mariooo> sure. well in that case guess I really can't avoid this issue, all our VMs are on 11.04 =(
<twb> mariooo: is the VM running a GUI?
<mariooo> twb: no, headless server VMs
<twb> mariooo: is network manager (the backend daemon) installed?
<mariooo> twb: I'm unsure. how would I check?
<twb> mariooo: dpkg -l | grep network, I guess.  I forget if there's a hyphen in the package name
<qman__> there is
<qman__> network-manager, network-manager-gnome, etc
<twb> qman__: package is network-manager, process is NetworkManager, right?
<qman__> yes
<qman__> couldn't tell you why, makes about as much sense as the rest of it
<twb> mariooo: pastebin output of "cat /etc/network/interfaces; ip a; ip r"
<twb> mariooo: and tell us if NM is installed
<qman__> and now 12.04 has mandatory resolvconf, even more headaches
<twb> qman__: apparently if you rm the symlink it goes back to traditional mode
<ScottK> Not on servers.
<twb> ScottK: ubuntu-standard isn't installed on servers?
<qman__> it is on all the servers I installed
<ScottK> It is.
<mariooo> pastie updated. network manager doesn't appear to be there
 * twb digs out a precise box to check the exact deps
<qman__> when I first experienced the issue I used chattr +i to stop it, but the next update broke it
<ScottK> Nevermind.  I was wrong.
<mariooo> had an idle connection crash on me for the first time, so I guess I retract what I said before about high traffic. high traffic just seems to make it happen sooner.
<twb> qman__: dpkg-divert --rename
<qman__> granted that was a weak hack with no real research put into it
<twb> Anyway wtf how could chattr +i be subverted
<qman__> I don't know!
<virusuy> mariooo: that issue only happens in your VM ??
<virusuy> not in other VM .. or somewhere else ?
<twb> mariooo: I cannot see anything wrong there.  When it crashes, what still works?  e.g. does ping still work?  What VM technology (KVM, ESX, ...) are you using?
<mariooo> virusuy: not sure what you mean... I've only got 1 VM that i've upgraded atm. I had a previous VM that had the exact same issues, but I trashed it in hopes of upgrading straight to 12.04, but have ended up on 11.10 again with exact same issues
<virusuy> and you're using ..... KVM? XEN? ESXI ?
<mariooo> twb: I'm unsure what our underlying system is, I know what our hardware is but the guys at the colo are managing the VM pltform
<twb> eek
<virusuy> so.. let me see if i understand the issue...
<mariooo> I could probably ask & find out, but it might take a while. Any way I can do it from the system?
<twb> "Unassigned class [ff80]: XenSource, Inc. Xen Platform Device (rev 01)" sounds like xen
<mariooo> oh yeah deffo Xen
<virusuy> eek
<mariooo> sorry, it wasn't in the list so thought you were talking abotu something lower level
<twb> xen doesn't do full virtualization, it does some magic hacks in the kernel
<twb> So you probably aren't running a stock 11.10 kernel
<mariooo> right, so it's an issue the colo guys will need to help resolve?
<twb> Oh wait, I take it back -- current kernels can be domU without any extra changes
<mariooo> hrm.
<twb> mariooo: it is definitely worth talking to them about it, since they have access to the dom0 and can check things we can't
<twb> But it's a stock ubuntu kernel, going by the uname -a
<mariooo> yeah well I've mentioned it before but they've not been very helpful about it, so I have a feeling they have no idea
<virusuy> if you suffered this issue before in other VM ... looks like a issue with that eth
<qman__> you might try booting the old kernel after the upgrade
<twb> mariooo: get a better colo provider ;-P
<virusuy> twb: :)
<qman__> or a newer one
<mariooo> twb: haha, they have been pretty awesome for everything aside from this. we're in australia so our choices seem pretty limited =(
<mariooo> qman__: sorry to noob-out on this, but any pointers for how I'd go about this? something to do with grub? =D
<qman__> yep
<twb> mariooo: I'm in .au too
<twb> mariooo: most people I know don't bother hosting within .au because it's so fucking stupidly expensive
<mariooo> twb: financial clients. legal implications. yada yada.
<qman__> connect to the 'local' console, use shift during boot, select old kernel
<twb> mariooo: sorry to hear that :-(
<twb> qman__: can he do that without dom0 access?
<mariooo> twb: thing ping is glorious though, our colo is like 2 streets away from work. nobody works locally
<qman__> if you can't do that, you can modify grub config, but I don't know how to do that specifically in grub2
<twb> mariooo: you in sydney?
<mariooo> twb: indeedy
<twb> Who is the provider?
<mariooo> qman__: hrm ok, I'll go poking around
<mariooo> twb: spectrum networks
<mariooo> twb / qman__: thanks for the pointers btw, really appreciate it!
<Tohuw> How can I add a second image to my Ubuntu PXE server? I have the first one working, but am unclear on how to add the second and how to pick the image. I setup PXE per https://help.ubuntu.com/community/PXEInstallServer
<TenLetters> I had a question if someone wouldn't mind answering...
<virusuy> !ask
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<virusuy> !ask TenLetters
<TenLetters> thanks
<TenLetters> I was just trying to get somebodys attention
<TenLetters> I found an old computer in my parents storage unit, Celeron 2.7 Ghz, 512 mb, 40 gb hd. I was wondering if you would think I would have significant problems running a server on it. I don't plan on anything major, I just wanted to learn to connect to and operate a server, and learn linux.
<Tohuw> TenLetters: I have successfully run Ubuntu 9.04 on a Pentium MMX. You will be fine, provided you don't overburden it. I'd consider picking up >= 512MB more RAM, but overall you should be fine as a starter. Some server applications/platforms will considerably slow performance, though.
<Tohuw> TenLetters: A base install of ubuntu server with OpenSSH server will run "fine" though.
<TenLetters> Tohuw: Thank you so much! Will have to see what I can find in the way of ram, could probably bump it to 1 GB..
<Tohuw> TenLetters: not a must, but it will certainly help if you start tooling around with Apache, SQL, etc.
<Resistance> TenLetters:  a Celeron is kind of old... you might not be able to get 1GB of RAM in something that old
<Resistance> you'd have to check the specs for that board
<Resistance> for that system (and that may be hard to find)
<TenLetters> Resistance: Good point, will have to look and see. It's a DDR400 board
<Resistance> oh god, DDR?
<TenLetters> yeah >.>
<Resistance> i highly doubt you'll be able to even *FIND* RAM for that
<TenLetters> I know a few places
<Resistance> at least not within a normally-affordable range
<TenLetters> I used to work at a computer store, I know they had a lot laying around.
<Resistance> i'd still go search the specs up for that board, it sohuld have information about the maximum amount of RAM those systems can have
<Resistance> if i remember when i worked on boards with Celeron in those days
<TenLetters> ah
<Resistance> they had 2 or 4 slots for memory, and could handle 128MB per slot
<Resistance> which normally maxes out at 512
<TenLetters> Well
<Resistance> what's the make/model of the system
<TenLetters> I have 2 slots with 256 in them
<Resistance> i *might* be able to find it
<TenLetters> I have to open it up
<TenLetters> I replaced the mobo
<TenLetters> give me a sec
<Resistance> Desktop / Server?  or Laptop?
 * Resistance assumes Desktop / Server for something that old
<TenLetters> Desktop
<TenLetters> I could find a better use for a laptop
<Tohuw> Resistance: in my experience, motherboards supporting 2+ GHz Celerons rarely failed to support at least 1 GB maximum.
<Resistance> ah, if you replaced the mobo, give me those specs
<Resistance> Tohuw:  depends on the board, some could, others couldnt
<qman__> TenLetters, it depends entirely on what you want to run -- but as another example, my shell server is a K6 200MHz with 256MB EDO and a 10GB hard drive
<Resistance> i.e. mobo manufacturer and model (in case, i'll check what the max memory is in that, if possible)
<TenLetters> well damn qman__
<qman__> if it ain't broke
<TenLetters> Resistance: Prescott 800 model P4i65G
<TenLetters> Manufacturer: Asrock
<TenLetters> my old POS when I was a little kid...
<TenLetters> running it makes it feel like opening a time capsule.
<Resistance> this one?  http://www.asrock.com/mb/overview.asp?model=p4i65g
<Tohuw> qman__: K6's are indestructible processors. It's scientifically proven. I still have a working K6/128 MB RAM box sitting around, running some antiquated Slackware. I think it will outlast all my other systems... combined.
<Resistance> TenLetters:  see my last message
<qman__> that's why I use it
<qman__> it's never going to stop
<qman__> at least not before everything else I have
<TenLetters> Resistance: That's it
<Resistance> TenLetters:  mem specs of relevance: 2 x DDR DIMM slots, dual channel tech.  Supports DDR400/333/266 non-ECC, un-buffered memory.  Max. capacity of system memory: 2GB
<TenLetters> Tohuw, qman__: I wish things were like the old days, all of these old products seem to last much longer than the newer ones. SNES are still going while XBox's and PS3 are dropping out of the sky
<TenLetters> Resistance: Thanks, Supports 2 GB, which will cost an arm and a leg for DDR :/
<qman__> plus the fact that it can literally only handle about 20 SSH login attempts a minute turns out to be a feature
<Resistance> TenLetters:  indeed.
<TenLetters> wow...
<twb> qman__: you can simply tell sshd to do that
<Resistance> TenLetters:  you *might* find some on ebay, or that shop you mentioned, but for all intents and purposes, i dont think you'll affordably find any
<TenLetters> here's some on newegg
<twb> qman__: MaxStartups 8:16:32
<TenLetters> $25 :/
<mariooo> twb: oh sorry, when you were asking if network-manager was installed, was it a good or bad thing for it to not be?
<qman__> I use iptables to cull it further and stop the disk activity I was getting during brute force attempts before
<TenLetters> which isn't terrible, but I don't think it's worth buying for an experiment Resistance.
<twb> mariooo: NM causes problems, it should not be installed
<twb> mariooo: at least not on a server
<mariooo> right. ok
<qman__> it's convenient on a laptop with wifi
<Tohuw> <qman__> plus the fact that it can literally only handle about 20 SSH login attempts a minute turns out to be a feature <-- okay, that made me actually laugh out loud
<qman__> that's about the only time it should be used, ever
<Resistance> TenLetters:  its not *bad*, but its not experiment-like costs :P
<Tohuw> qman__: any system with mobile broadband is also easier with nm, and any system that has to readily support multiple wired settings (for whatever reason) is also easier.
<qman__> for multiple wired networks I usually just configure them all simultaneously as subinterfaces
<qman__> I can see how that would be useful though
<Destreyf> I was wondering if anyone had a recommendation for setting up openstack up and running with only having 4 machines (1 machine as MAAS/juju). https://help.ubuntu.com/community/UbuntuCloudInfrastructure <- says 10 machines, though i don't have that many on hand at the moment.
<qman__> Destreyf, I don't know why exactly that is, but it does use 'minimum' twice in once sentence, so I assume that's important
<qman__> then again, it appears to contradict itself, implying you need different machines for the juju and MAAS, then saying you can install juju on the MAAS a couple lines later
<Destreyf> well i know you can use lxc to create virtual containers and deploy them, but i have near zero experiance getting there, i was trying to enter ubuntu-cloud channel, but it requires an invite apparently lol
<qman__> I really don't know much about it, never used it
<Destreyf> dang.
<qman__> I run all my stuff bare metal, mostly on old junk, just don't have those kinds of requirements
<Destreyf> lol my work has a bunch of powerful servers, that sit around 90% of the time idle, and we're trying to migrate into a cloud infastructure/virtualization so we can use those environments so we can utilizes only what's needed on the smaller machines.
<qman__> good in theory, though I'd be interested to see at what point it actually pays off
<qman__> in my case I'd have to buy a bunch of new hardware to do it, so a few extra kilowatt hours are cheaper for me
<Tohuw> I'm baffled at why the example deployment they provide requires a "minimum of 10 machines" -- OpenStack itself doesn't really care. Juju might somewhere in there, though I don't know why...
<qman__> a few grand can power the old K6 for a looong time
<Tohuw> qman__: I usually argue virtualization/private cloud infrastructures not based on power savings, but balanced resource consumption. Being able to spike key services across more underlying hardware is nice.
<twb> Tohuw: the main benefit of VMs is not having to deal with stupid hardware issues anymoer
<twb> e.g. if a HDD dies, that is someone else's problem, not yours (the VM maintainer's)
<twb> Your OS suddenly only has to care about a little old ne2000 and an ISA bus ;-)
<Tohuw> twb: to an extent, yes. But I'm usually proposing virtualization to the parties for whom the dead HDD is a problem.
<qman__> don't get me wrong, it's great tech, just wondering at what point it's worth doing, just how many servers you have to have to see the value
<twb> qman__: IMO it's not worth the extra infrastructure hassle for less than, oh, five, ten or twenty boxes
<twb> If you are at the end of a hw/os cycle ANYWAY, it might make sense for the next build to consolidate several boxes onto a single beefy one using VM tech to partition that hw
<qman__> I've only got six, and a few of them wouldn't virtualize well anyway
<Tohuw> qman__: That answer has been downshifting as the solutions get cheaper. I have clients of < 25 employees/~5 servers who see significant returns on their virtualized infrastructure, and that's with VMWare, so licensing is in the mix.
<qman__> one's the router, one's the file server, and one's a game server (needs the performance)
<twb> Tohuw: but you probably aren't including the cost of upskilling someone (i.e. you) to know how to deal with VMs, because you already know
<Tohuw> I theorize qman__ is the last professional Quake 2 Deathmatch host in the world.
<twb> That extra training can be a non-negligible cost
<twb> qman__: yeah I wouldn't bother
<qman__> counter strike was always more my thing
<twb> qman__: esp. since the first two can run on your old laptop
<Tohuw> twb: Certainly a fair point: the clients in question use my employer for outsourced IT resources, so we're there in some capacity to help.
<qman__> but this one actually runs minecraft
<twb> I don't "get" minecraft
<Tohuw> twb: Though, to play devil's advocate, VMWare offers support as part of the licensure (yes, the support will make your eyes bleed sometimes, but it is there)
<Tohuw> You and me both, twb
<twb> That's about as useful as normal upstream support
<qman__> it's fun for a while, I actually haven't played it in quite some time, I've got a bunch of friends who do
<twb> Is it a C4 game or what
<qman__> I'm the only one with the experience and infrastructure to actually run a 24/7 server for it, though, so I do
<TenLetters> twb: "C4"?
<twb> And why does a c4 game include a 16-bit CPU building block
<twb> TenLetters: like civilization
<TenLetters> twb: Ah, no. Think interactive legos
<qman__> not really
<qman__> it's more of a sandbox
<twb> qman__: so like GTA?
<TenLetters> twb: every played with legos?
<TenLetters> :o
<qman__> yes, except with less gangsters and more garry's mod
<qman__> in cubes
<twb> Never heard of garry's mode
<TenLetters> Pretty much do whatever you feel like twb. Build crap, blow it up...
<twb> TenLetters: yes, but never with any that had electronics
<TenLetters> twb: You poor poor person...
<qman__> it's part generic survival and part collaborative construction tool
<qman__> in an infinitely large world of cubes
<TenLetters> qman__: actually, there are problems if you go too far out
<qman__> and that last part is why it needs a decent server
<qman__> combined with the fact that it's written in java
<TenLetters> poorly written java
<TenLetters> has hella memory leaks from what i've seen.
<twb> all java is poorly written java
<TenLetters> good point...
<twb> The only time I've seen anything on the JVM that wasn't poorly done, was because it was compiled down from something else
<Destreyf> lol i'm off reading, and you guys had a massive conversation
<Destreyf> We have the hardware infastruture to do a cloud, i just dont have all of it available now.
<Destreyf> using LXC to substitute the other "5-6" boxes i need.
<Destreyf> until i can move stuff onto the virtualized enviroments.
<Destreyf> So anyone in here have any experiance with Juju?
<Deathvalley122> pdtpatrick: fixed it turns out that the install for ubuntu installed resolvconf package
<Deathvalley122> its resolving fine now
<eagles0513875_> hey guys i think there is an issue with the 12.04 server documentation when it comes to dovecot :( the configuration file is different compared to whats mentioned on the 12.04 server guide for it
<SpamapS> eagles0513875_: https://bugs.launchpad.net/ubuntu/+source/ubuntu-docs/+filebug
<eagles0513875_> ty SpamapS
<KM0201> is there a command to list all installed packages?
<twb> dpkg --get-selections
<KM0201> thanks
<abo> anybody here able to help with juju?
<Farith> good day peeps. Looking for some assistance on troubleshooting wakeonlan issues. Anyone?
<Farith> wake from pm-hibernate seems to have disabled my eth0
<henkjan> ethtool -s eth0 wol g
<henkjan> does that help?
<Farith> if done heaps of stuff...including that...and it aint working....
<Farith> well...WOL works....
<Farith> the server wakes fine...but eth0 is disabled.
<Farith> running sudo ethtool eth0 gives me a link down status
<Farith> im on 12.04 lts btw
<Farith> this only happens after a reboot followed by a pm-hibernate
<Farith> the next pm-hibernate ran in the same session wakes the server perfectly
<Barbo91> Hi guys! Need help with the new ubuntu 12, i need to configure dns on my ubuntu server. resolv.conf file change everytime i reboot and i don't know how to configure the resolvconf package. Someone can help me?
<tsimpson> Barbo91: have a look at http://www.stgraber.org/2012/02/24/dns-in-ubuntu-12-04/
<Barbo91> tsimpson, thank you, i'm going to read it and i will come back if i cant fix it :)
<tsimpson> you basically do the same edits, but in one of the files in /etc/resolvconf/resolv.conf.d/
<Barbo91> yep just fixed it :) Thanks for help! Nice work with 12.04 i'm loving it! :D
<jsmith-argotec> what is the best way to change the default i/o schedular back to deadline persistently in 12.04?
<jsmith-argotec> s/schedular/scheduler
<jsmith-argotec> nevermind found it - looks like adding to /etc/default/grub is probably best
<mgw> is there a way to set the ldap rootpw from an already encrypted value?
<jsmith-argotec> mgw: ldapmodify with replace: and use the old encrypted value
<jsmith-argotec> mgw: what type of encryption?
<jsmith-argotec> mgw: err should I say setup with whatever for a password then after replace with the correct value.  That is if I'm understanding your question properly
<philsf> can anyone please help me debug an annoying issue? I have a single lucid box that I can't get ssh public key authentication to work, and it refuses silently, asking for a password instead. I configured .ssh/authorized_keys correctly, and synced all ~/.ssh/* from another lucid box that accepts pubkey auth with the same user config files, and the same configs in /etc/ssh/sshd_config. Where else should I look? Here is the debug information from a
<philsf> connection attempt: http://paste.ubuntu.com/975923/
<patdk-wk> did you check permissions?
<patdk-wk> and file ownership
<philsf> patdk-wk, yep, they are all the same. I synced with rsync
<patdk-wk> all the same sounds like *broken*
<philsf> http://paste.ubuntu.com/975949/
<philsf> it's the same files, and permissions. both for files and the ~/.ssh dir itself
<philsf> I use these same keys in several machines, but this is the only one that ignores them. And doesn't even give me an informative error
<philsf> oh, wait. I see now the error in sshd log. bad permissions on home dir. :/
<philsf> thanks anyway
<eagles0513875> hey guys i have nfs setup and exporting just fine on my local machine. My problem now is actually allowing the user to have write access to /mnt/iso to put some iso images in that directory. can someone help me and point me to what i am missing
<patdk-wk> eagles0513875, nfs 3 or 4?
<eagles0513875> patdk-lap_: this is the way i have the export setup /mnt/iso *(rw,sync,no_root_squash)
<eagles0513875> i dunno if thats nfs2 3 or 4
<eagles0513875> patdk-lap_: i followed what was in the 12.04 server guide online
<jsmith-argotec> trying to start up samba after upgrading to 12.04 and getting a failure on nmbd - not finding much in the logs
<jsmith-argotec> root@xx:~# service nmbd start
<jsmith-argotec> start: Job failed to start
<jsmith-argotec> init: nmbd pre-start process (19425) terminated with status 1
<halvors1> I'm trying to configure DNS Client on my server.
<halvors1> But resolv.conf keep overwriting my config.
<halvors1> What do i do?
<iunruh> I have a reprepro-backed repository and I'm trying to add a 3rd party (signed by them) package and reprepro complains it can't find the key for said package
<eagles0513875> jsmith-argotec:
<jsmith-argotec> eagles0513875: yes
<eagles0513875> oops sry bout that
<eagles0513875> track pad on my netbook is very sensitive with no way to turn it off
<jsmith-argotec> :-) you got me excited that you might have had an answer
<jsmith-argotec> hehe
<halvors1> How add nameservers?
<halvors1> I am using static ip configuration.
<halvors1> But i can't set static nameservers in resolv.conf :(
<eagles0513875> sigh
<Naglik> hello everyone
<patdk-wk> halvors1, if you cant set static nameservers, you can't use static
<patdk-wk> eagles0513875, dunno, either you mounted via nfs4, and didn't setup kerberos
<patdk-wk> or you just have user mismatchs or something
<eagles0513875> patdk-lap_: well friends server wasnt saving the name servers on reboot
<eagles0513875> patdk-lap_: its probably users but is there an nfs user and group that the folder should be set to?
<ikonia> nfs is shared out on a per user basis
<ikonia> you set the permissions/user list when you export the file system from sharing
<ikonia> it's not a "defualt user"
<patdk-wk> by default, nfs works on uid and groupid
<patdk-wk> nfs4 adds all kinds of other stuff also
<ikonia> it's the same as local permissions
<halvors1> patdk-wk: The problem is that when i set the nameservers in resolv.conf, they are being overwritten when system reboot.
<eagles0513875> ikonia: would you like me to show you what i have in my /etc/exports?
<ikonia> halvors1: are you aware of the new annoying dyndns config that is being used
<ikonia> eagles0513875: not really
<patdk-wk> halvors1, then you failed to read the 12.04, how to handle resolv.conf in the resolvconf world
<eagles0513875> halvors1: i can confirm that and this is on a dedicated server im having the same issue
<eagles0513875> seems like though adding dns-nameservers to /etc/network/interfaces solved the issue on my friends dedicated though
<Naglik> i'v got a lil problem writing my thesis (Master) with peformance: nginx, apache, iis, can i rely on already existing articles covering this topic?
<patdk-wk> do people never read the upgrade notes?
<ikonia> patdk-wk: no
<ikonia> Naglik: how is that anything to do with #ubuntu-server ?
<Naglik> hmm, good question
<Naglik> bad search algorithm
<patdk-wk> you can install nginx/apache (and iis via kvm) on ubuntu-server? :)
<Naglik> yep :)
<Naglik> nvm then, though here are ppl who can help me :)
<Naglik> bb
 * patdk-wk would ask your teacher
<terinjokes> i'm running 11.04, can I still upgrade to 11.10?
<ikonia> eagles0513875: go on then, pastebin your exports file
<terinjokes> nvm, looks like the standard do-release-upgrade will handle it
<patdk-wk> terinjokes, only if you go to 11.10 -> 12.04
<patdk-wk> oh, yes :)
<patdk-wk> for another 6months or so
<jsmith-argotec> anyone know how I could troubleshoot an upstart job - it's pre-start process is terminating with status 1
<halvors1> eagles0513875: Should i use "dns-nameservers" on inet6 (ipv6) interfaces too?
<eagles0513875> halvors1: sadly i dunno as we are using ipv4 only
<pdtpatrick> jsmith-argotec, pastebin ur pre-start script
<eagles0513875> ikonia: the exports file i only added this line the rest is commented out /mnt/iso *(rw,sync,no_root_squash)
<jsmith-argotec> pdtpatrick: http://pastebin.ubuntu.com/976054/
<Daviey> stgraber: hey
<ikonia> eagles0513875: ok, so start setting some users/groups
<Daviey> hallyn: hey
<Daviey> hallyn / stgraber: you wanted a session re-scheduled?
<eagles0513875> ikonia: set them to do what though? and how to do that
<ikonia> eagles0513875: set them to the permissions you want
<stgraber> Daviey: we'd like to ensure the user namepsace session scheduled for tomorrow won't move
<eagles0513875> if i want my user i use on this netbook to have access i would need to add that user account to the system in order for it to work?
<Daviey> stgraber: i can do that.
<ikonia> eagles0513875: you need to the users you want to assign permissions to to exist on the machine doing the auth
<stgraber> Daviey: cool. I think the other LXC sessions are already locked so if you can lock that one too, we'll be all good
<eagles0513875> ikonia: ok thanks will do that now :)
<jsmith-argotec> pdtpatrick:  seems to work ok until I start smbd with pacemaker then nmbd wont start
<pdtpatrick> jsmith-argotec, so what happens when u run those commands manually? btw I think upstart runs shell with -e so if there's an error it exits
<jsmith-argotec> pdtpatrick: they work fine
<pdtpatrick> jsmith-argotec, so pacemaker blows it up ?
<pdtpatrick> jsmith-argotec, are there anything in /var/log/syslog ?
<jsmith-argotec> pdtpatrick: with smbd running under pacemaker control: -f exits 0, install exits 0, loading NMBD variable exits 1 and loads No into it, NMBD test exits 1
<jsmith-argotec> pdtpatrick: seems that pacemaker does blow it up... however it worked fine under 10.04
<jsmith-argotec> pdtpatrick: I have one server upgraded and one not.. still works on lucid but not yet on precise
<jsmith-argotec> pdtpatrick: this is what I get in syslog: kernel: [ 4900.048887] init: nmbd pre-start process (25312) terminated with status 1
<jsmith-argotec> pdtpatrick: this is what I get when trying service nmbd start: start: Job failed to start
<pdtpatrick> jsmith-argotec, interesting. So it is testing whether it is disabled. If it is then the script exits and the service never starts? why do u need to check whether it is disabled if ur exiting 0 right after it anyway ?
<pdtpatrick> jsmith-argotec, seems like ur prescript exits before it gets to exec nmbd -D
<terinjokes> patdk-wk: i'm going 11.04 to 11.10 to install a working libc PPA to then do 11.10 to 12.04
<jsmith-argotec> pdtpatrick: this upstart job is default that comes when you install samba - I haven't modified it.
<jsmith-argotec> pdtpatrick: I believe it checks if netbios is disable and if it (exit 0 on test) then there's the stop before exiting
<jsmith-argotec> pdtpatrick: otherwise the prestart exits 0
<jsmith-argotec> pdtpatrick: I agree it never gets to exec... don't get where it's getting the exit 1 from though
<pdtpatrick> jsmith-argotec, add -x to ur script
<pdtpatrick> and that should allow debug mode
<jsmith-argotec> pdtpatrick: in the prestart part?
<pdtpatrick> yup
<pdtpatrick> jsmith-argotec, so u would add "set -x "
<pdtpatrick> atop
<pdtpatrick> jsmith-argotec, http://pastie.org/private/bez20phme9bmn14yevypka
<pdtpatrick> something like that
<pdtpatrick> so change -e to -x
<jsmith-argotec> pdtpatrick: no change. no more output in syslog or terminal
<pdtpatrick> jsmith-argotec, does pacemaker log anything ?
<jsmith-argotec> pdtpatrick: I've been trying to start nmbd manually to rule out the pacemaker side of it
<jsmith-argotec> pdtpatrick: but the first time I tried with pacemaker controlling the start of nmbd it did...
<pdtpatrick> jsmith-argotec, just curious - make sure there's no process already running and pacemaker is not trying to control it or is controlling it. "crm_mon --one-shot"
<jsmith-argotec> pdtpatrick: http://pastebin.ubuntu.com/976093/ - output when pacemaker tried to start nmbd
<pdtpatrick> jsmith-argotec, also you can add set +e to turn off set -e which is by default with scripts. And then add set -x under the set +e to see if it does any better.
<roaksoax> jsmith-argotec: is that with the upstart ra?
<jsmith-argotec> roaksoax: yep
<roaksoax> ivoks: ^^
<roaksoax> ivoks: http://pastebin.ubuntu.com/976093/
<jsmith-argotec> roaksoax: samba has been upstart since 10.04
<jsmith-argotec> or earlier
<roaksoax> jsmith-argotec: ivoks is the man for that ;)
<jsmith-argotec> roaksoax but it was fine under 10.04
<roaksoax> jsmith-argotec: so I'm guessing that if you start nmdb with upstart directly it doesn't fail but it does with pacemaker?
<jsmith-argotec> roaksoax: no it fails either way when I have smbd under pacemaker control
<jsmith-argotec> roaksoax: but when I migrate everything *samba* away then nmbd starts fine
<jsmith-argotec> pdtpatrick: crm output: http://pastebin.ubuntu.com/976098/
<jsmith-argotec> roaksoax: ^^^
<roaksoax> jsmith-argotec: isn't there any logs in /var/log/upstart/etcetc.log
<roaksoax> s/etcetc/by the job
<jsmith-argotec> roaksoax: shouldn't matter that pacemaker won't start nmbd due to failcount when I'm trying to manually start nmbd should it?
<roaksoax> jsmith-argotec: for what I can read in the fail log before (The last reference on a connection was dropped without closing the connection), it seems that there's an open connection for the daemon on dbus
<roaksoax> and trying to open a new one, fails
<jsmith-argotec> roaksoax: there is a nmbd.log in /var/log/upstart but I don't understand it
<pdtpatrick> jsmith-argotec, so maybe "crm resource stop <servicename> && crm resource cleanup <servicename> "
<jsmith-argotec> roaksoax: http://pastebin.ubuntu.com/976115/
<roaksoax> jsmith-argotec: http://upstart.ubuntu.com/cookbook/#debugging
 * roaksoax will brb
<ivoks> jsmith-argotec: so, once smbd is started, nmbd won't start?
<jsmith-argotec> pdtpatrick: I have a meeting in a couple minutes I just realized... thanks for the help!  I'll be back in a bit to try again
<jsmith-argotec> roaksoax: I have a meeting in a couple minutes I just realized... thanks for the help!  I'll be back in a bit to try again
<jsmith-argotec> ivoks: once smbd is started under pacemaker yes
<ivoks> run nmbd -d 10 -D
<jsmith-argotec> ivoks: I've only tried to start nmbd with smbd stopped when pacemaker wasn't controlling smbd
<jsmith-argotec> ivoks: that worked
<ivoks> while smbd was managed by pacemaker?
<jsmith-argotec> ivoks: yes
<jsmith-argotec> ivoks: the upstart nmbd.conf has changed slightly in 12.04 vs 10.04
<jsmith-argotec> ivoks: I thought maybe the -f smb.conf test failed due to my using a pacemaker symlink for it but i tested that line in terminal and it worked fine
<jsmith-argotec> ivoks: because the -f smb.conf test in the nmbd.conf definition is new
<jsmith-argotec> ivoks: you going to be around in about 45 minutes?
<jsmith-argotec> pdtpatrick: btw I tried the stop/cleanup and then manually start nmbd with no change
<pdtpatrick> jsmith-argotec, looks like ivoks fixed :) Learned something myself.
<jsmith-argotec> pdtpatrick: well yes and no... that made it start but didn't fix pacemaker/manual starting of nmbd
<pdtpatrick> oh
<jsmith-argotec> ivoks: when you asked "while smbd was managed by pmkr" you where referring to when I ran nmbd -d 10 -D right? 'cause that's what I answered
<ivoks> jsmith-argotec: yes; it works for me
<ivoks> jsmith-argotec: my guess is that starting nmbd is racing with your linking
<jsmith-argotec> ivoks: links are up before smbd or nmbd...
<ivoks> then it's something else
<ivoks> starting smbd and nmbd works for me
<ivoks> primitive nmbd upstart:nmbd
<ivoks> primitive smbd upstart:smbd
<ivoks> clone cloneS smbd
<ivoks> clone cloneN nmbd
<ivoks> both start
<jsmith-argotec> hmm
<hallyn> Daviey: thanks, we should be all set (I asked Michelle for help yesterday)
<jsmith-argotec> thanks for testing.... I have to go to a meeting but when I get out I'll pick up where I left off
<hallyn> Daviey: http://summit.ubuntu.com/uds-q/meeting/20363/servercloud-q-lxc/ is rescheduled and should be (i hope) locked to the 9am friday spot
<ivoks> jsmith-argotec: works as a group too
<jsmith-argotec> ivoks: tested starting smbd and nmbd manually on that node without any pcmkr and worked fine... grrrr :-)
<jsmith-argotec> ivoks: I gotta run - be back in 30 or so
<roaksoax> Daviey: ping?
<some1_2> Hi, trying to install 10.04 64bit as a guest on a Xen (XCP 1.1) host, but during install the guest doesn't receive DHCP. The vif seems to be assigned to xenbr0 correctly (and xenbr0 is associated with eth0, which is the only network device). Any ideas what I might try?
 * jkyle is at the cloud summit
<jkyle> some cool talks
<CowBoyVV> hello..
<CowBoyVV> this place help me with my ubuntu server?
<Pici> Yes.
<CowBoyVV> hello everyone..hi Pici..
<CowBoyVV> I am new to this ubuntu server..
<CowBoyVV> I need to learn from very begginning..
<CowBoyVV> help me at much as you can...
<bluefrog_> CowBoyVV, http://doc.ubuntu.com/ubuntu/serverguide/C/
<CowBoyVV> I need to set up my website...where I can access all the features of ubuntu server...how to set up ...
<CowBoyVV> like chatroom
<CowBoyVV> like security network
<CowBoyVV> thanx bluefrog..I check it out
<CowBoyVV> yes..
<CowBoyVV> I do all of that already..but I need more how to set up from my own website
<iggi> I'm having a very odd error. After reboot one of my virtual machine hosts no longer responds to ping (IP or hostname) and SSH connections. The virtual machines it is running are accessible, the router sees it's entry in the ARP table (even the router can't ping it though). I've turned off ufw and flushed iptables rules, but it's still not accessible, any ideas?
<iggi> I've also checked netstat and it is listening for SSH connections
<bobweaver> Hello there I am making a package for ubuntu server and the upsource code was real bad re-righting apache ect I have now re-wrote the files and what too see if there is a better way to write this into the package. the bug is located here https://bugs.launchpad.net/zpanelcp/+bug/996282   Code is located here http://bazaar.launchpad.net/~josephjamesmills/zpanelcp/zpanelcp/files/head:/etc/zpanel/configs/apache/      I will be trying too
<bobweaver> push to /var/www/ and make avilble during build but I do not know the steps too link sites-enabled How too link ? any tutorial would be great thanks for your time
<uvirtbot> Launchpad bug 996282 in zpanelcp "Turning on zpanel should not re-write /etc/apache2/apache2.conf" [High,Triaged]
<Captain_Proton> Need some help I upgrade my 10.04 server to 12.04 running postfix + dovecot w/managesieve now none of the filter work watching the logs it looks like it getting passed to lda which dumps it right in the Inbox
<bobweaver> I am making a package for ubuntu server and the upsource code was real bad re-righting apache ect I have now re-wrote the files and what too see if there is a better way to write this into the package. the bug is located here https://bugs.launchpad.net/zpanelcp/+bug/996282   Code is located here http://bazaar.launchpad.net/~josephjamesmills/zpanelcp/zpanelcp/files/head:/etc/zpanel/configs/apache/      I will be trying too
<bobweaver>  push to /var/www/ and make avilble during build but I do not know the steps too link sites-enabled How too link ? any tutorial would be great thanks for your time
<uvirtbot> Launchpad bug 996282 in zpanelcp "Turning on zpanel should not re-write /etc/apache2/apache2.conf" [High,Triaged]
<bobweaver> sorry wrong channel
<Captain_Proton> nm I found the problem Thanks anyway
<terinjokes> anyone have suggestions for how to upgrade to 12.04 on an OpenVZ host correctly?
<terinjokes> I read this: http://askubuntu.com/questions/125742/upgrade-to-ubuntu-server-12-04-brings-error-glibc-not-found
<terinjokes> I haven't started the upgrade, but I also don't want to screw everything completely up
<terinjokes> do I upgrade, fail, then add the PPA?
<terinjokes> i added the ppa here on 11.10, but it gets disabled during the upgrade
<Captain_Proton> terinjokes, unless there is a real good reason I would not.
<Captain_Proton> terinjokes, most of managed by pearl and you will run into all cans of problem when the perl lib upgrade
<Captain_Proton> terinjokes, if you are hell bent on 12.04 start a new vm with 12.04 and move your data
<terinjokes> Captain_Proton: well I can't, the provider won't upgrade the kernel
<Captain_Proton> terinjokes, will they create a vm with 12.04
<terinjokes> Captain_Proton: maybe. would have to install it somewhere else, switch out the libc then package it up
<Captain_Proton> terinjokes, if they will not help you move vps providers are cheap and everywhere. Are you running just web apps ie.. Lamp or a custom app
<terinjokes> running some lamp stuff, but also some custom stuff
<Captain_Proton> I would ask them I do not see why that would not. I have down my whole VPS trying to upgrade it, will not do that again  lol
<Zanzacar> I am trying to know when someone is connected to my ftp server,sftp,or ssh but cant figure it out.
<Zanzacar> lastlog will output ssh. auth.log might show me who tried to login. anyways i dont know where to go from here.
<jsmith-argotec> pdtpatrick: figured out that nmbd startup issue (with lots of help from ivoks) - my smb.conf had warnings when running testparm which resulted in exit 1 on the line checking for NMBD disabled
<jsmith-argotec> pdtpatrick: default smb.conf tested fine so it would work fine when it wasn't trying with pacemaker
<jsmith-argotec> pdtpatrick: thought you might like to know the final outcome
<RichardRaseley> Hello all. I am interested in setting up a test Apache Cassandra box on Ubuntu 12.04 but am having difficulty figuring out how to get Java installed (sun-java6-bin doesn't appear anywhere in the repositories). Can anyone assist with this?
<lifeless> juju would be a good way to get cassandra up and runing
<lifeless> it can run against lxc on your local machine
<RichardRaseley> I am not familiar with LXC
<RichardRaseley> I thought JuJu could only run against MaaS and AWS compatible services?
<lifeless> http://askubuntu.com/questions/65359/how-do-i-configure-juju-for-local-usage
<Firebolt> RichardRaseley, Sun has forced Canonical to remove sun-java6* from the repos
<lifeless> thats includes info for oneiric, precise should be similar
<lifeless> RichardRaseley: juju has an LXC backend for local development
<RichardRaseley> Firebolt: Can you suggest the best way to get it at this time?
<Firebolt> There's a ppa for it
<RichardRaseley> lifeless: I appreciate your suggestion, but I would like to just run through the standard setup on this particular box (learning experience).
<lifeless> RichardRaseley: juju *is* the recommended standard setup, FWIW.
<RichardRaseley> lifeless: Recommended by Canonical or the Apache Cassandra project?
<lifeless> Ubuntu
<Firebolt> RichardRaseley, if you have your heart set on using sun-java6, sudo add-apt-repository ppa:ferramroberto/java && sudo apt-get update && sudo apt-get install sun-java6-bin
<lifeless> cassandra is extremely hard to package
<lifeless> because of intricacies around java local library versions and so forth
<RichardRaseley> Firebolt: You say that like I should be using something else?
<Firebolt> I don't know if you *should* be using something else
<RichardRaseley> lifeless: When you say package, you mean like a .deb? I was going to just download the source from their site.
<Firebolt> I said it in such a manner because lifeless has proposed that
<RichardRaseley> dddddddddddddAh
<RichardRaseley> Ah*
<RichardRaseley> lifeless: The LXC method will not work the best for me as I'd like to deploy it across several physical nodes as a test.
<lifeless> RichardRaseley: you could use the lxc approach on each node and then hand configure them
<lifeless> or you could bring the nodes up via maas, or openstack, and let juju do it all
<RichardRaseley> Hmm...
<RichardRaseley> If I use MaaS though I have to mess around with the DHCP infrastructure in my environment, correct?
<RichardRaseley> That would be a mess (different team)
<RichardRaseley> Or can I manually enroll to a MaaS server?
<lifeless> you can manually enroll using avahi, though I don't know how much heavy-duty work that that has had
<RichardRaseley> I am not familiar with avahi...
<RichardRaseley> (Reading Now)
<RichardRaseley> Is apt-add-repository not part of 12.04 server?
<slide> RichardRaseley, its like in some python utils package
<slide> which is really weird lol
<RichardRaseley> Yeah, I see that now.
<RichardRaseley> Hmph
<aboSamoor> how can I setup the default kernel logging level?
<ninjai> hey guys... so I ran usermod -a -G group2 user.  When I run groups user, it shows groups: user group2.  When I try to modify files in a folder owned by the user and group (group2:group2), where permissions are set 770, I get permission denied.  What gives?
<rockets> Psi-Jack, hey dude. So I've got a server now running with kvm
<rockets> eth0 = 192.168.1.49
<rockets> virbr0 = 192.168.122.1
<rockets> but theres effectively nothing in my /etc/network/interfaces
<rockets> any thoughts on "transforming" virbr0 to bridging instead of NAT?
<Psi-Jack> rockets: You don't.
<Psi-Jack> rockets: You replace eth0 and put that into a bridge, like vmbr0
<rockets> Psi-Jack, so how does one get a bridged network so that I can place VMs on my local lan
<Psi-Jack> virbr0 is a virtual bridge, not actually attached to a real NIC.
<rockets> ok
<rockets> Psi-Jack, I have a dual-nic system. Would it be possible to configure my second NIC as the bridged-nic
<Psi-Jack> Of course.
<Psi-Jack> As long as it'll be the NIC that has the connection you need.
<rockets> Psi-Jack, does the ethernet card im bridging to need to have a real IP of its own?
<rockets> id rather it didn't
<Psi-Jack> No
<Psi-Jack> but it has to be connected to something.
<rockets> Psi-Jack, of course
<rockets> thanks!
<rockets> Psi-Jack, the official Ubuntu 12.04 server guide actually has some nice docs on this
<Psi-Jack> They actually have 12.04-specific server guides?
<rockets> Psi-Jack, https://help.ubuntu.com/12.04/serverguide/serverguide.pdf
<rockets> yessir.
<rockets> Maybe they only do them for LTS releases?
<Psi-Jack> No, they don't..
<rockets> Psi-Jack, the above link is a 12.04 specific guide sir,.
<jvargas> I need to configure a network interface (eth1) neither in dhcp neither in static mode.
<jvargas> I just want it to be always UP but with no IP address configured. How can I do that using /etc/network/interfaces?
<rockets> Psi-Jack, would something like this be appropriate? http://pastie.org/3881688
<rockets> jvargas, I don't know the answer, but why, out of curiosity?
<jvargas> rockets: I have a virtualbox machine that is reserved to use a unique IP in that address because is it a 255.255.255.252 netmask.
<rockets> jvargas, so?
<rockets> so you DO want it to have an address
<jvargas> rockets: so, the host must not be configured with an IP, but have the interface UP so that it could be bridged to vbox machine.
<jvargas> No, I do not want it to have an address, just to keep UP. I can do it, but manually using ifconfig eth0 up. I wondered how to do it automatically at startup
<rockets> jvargas, ifconfig eth0 auto
<rockets> wont do dhcp
<rockets> or rather
<rockets> auto eth1
<rockets> but no iface blah blah
<rockets> just auth eth1 in /etc/network/interfaces should do it
<rockets> it will bring it up but set no address
<jvargas> it is in auto mode, but it remains OFF.
<rockets> that's odd.
<rockets> jvargas, why not just assign it a dummy private IP
<rockets> 172.31.0.1 or somethign
<rockets> no gateway
<jvargas> rockets: Will try.
<rockets> jvargas, I just tried auto eth1 on my server
<rockets> with no IP
<rockets> it works
<rockets> http://pastie.org/3881723
#ubuntu-server 2012-05-09
<jvargas> rockets: found a solution in: http://wiki.debian.org/NetworkConfiguration#Bringing_up_an_interface_without_an_IP_address
<rockets> jvargas, it's working fine for me *right now* just using auto eth1
<tkeith> After upgrading to Ubuntu 12.04, all my MySQL servers have an empty "test" database. Is that normal?
<fosterdv> That don't sound normal to me....
<fosterdv> Are you missing anything else?
<cowboy> hello
<EvilResistance> hiya
<cowboy> anyone there pls point me to specific ubuntu server talking specific top pls?
<cowboy> I like to talk about webpage development that can access Ubuntu server
<cowboy> hello
<cowboy> hello
<cowboy> anyone there?
<cowboy> help
<cowboy> any expert ubuntu server help solve problems here...FORUM???
<jsmith-argotec> cowboy: best off asking your question and waiting a bit and see if anyone responds
<cowboy> okie..thanx jsmith
<cowboy> beside install applications on chat ircd..is there a forum that help me step by steps from webpage to server...pls help
<twb> cowboy: I don't understand your question.
<sparc_> Hey hey.  Is reprepro still the way to manage your own apt-repositories?
<sparc_> or maybe there are better tools now ...
<mgw> sparc_: you just want a few .debs in a repo?
<sparc_> yeah, there will probably be 20 to 30 of components of our in-house apps
<sparc_> some perl modulse converted to packages, some whole web apps, some standalone python daemons
<mgw> let me paste something for you
<sparc_> i'm not trying to mirror any of ubuntu's major repos
<sparc_> ok cool, thanks for the input!
<mgw> https://gist.github.com/5faccb703054afdbbcae
<mgw> then just use apache to serve that directory
<sparc_> interesting, it's using dpkg to operate on an existing repo ...
<mgw> yeahâ¦ but you don't need the whole dpkg-devel pacakge
<mgw> one sec
<sparc_> yeah, that makes sense.  you make the repo and then serve it over http
<sparc_> creating it initially and then modifying the contents, are the processes that probably need management
<sparc_> reprepro did that i think ...
<qman__> that's what his script does
<qman__> just dump the .debs in that directory and run it
<sparc_> oooh
<sparc_> ok
<mgw> yeah, exactly, what qman_ said
<qman__> it generates the repository based on what debs it finds
<mgw> you can of course script that too
<qman__> yeah, could cron it or automate it some other way
<mgw> You'll have to set up gpg, or comment out that part and deal with an unauthenticated repo
<sparc_> no problem, this looks pretty cool
<mgw> I'm going to use ansible to script upload & run (could also use fabric or some such)
<fosterdv> quit
<sparc_> thsi blows away the repo every time?  i guess i should read the script
<fosterdv> sorry
<mgw> sparc_: just the Release and Packages files
<sparc_> aah okie
<qman__> it overwrites it with what's there
<mgw> for 20 or 30 debs that shouldn't matter
<twb> dpkg-scanpackages should not be used in that script; the apt-ftparchive script should simply be called multiple times
<mgw> twb: thanks, I'll update it
<twb> http://paste.debian.net/167967/ is mine, I run it in cron.hourly.  A beginner should stick to reprepro.  The apt-ftparchive technique is useful only if you are supporting a single release.  if you have >1 release it becomes unpleasant quickly.
<twb> I also strongly recommend adding NotAutomatic: yes to your Release until you're confident it's production-ready.
<twb> That attribute will cause it to be pinned to -1, the same as Debian's experimental repo.  IOW stuff from it won't accidentally be installed.
<sparc_> thanks much for the input and background you all.  it's much appreciated.
<twb> No worries.
<pmp6nl> Hey everyone.  I am looking to backup my server to my home computer.  What are good folders to rsync, what is not needed? Thanks
<twb> pmp6nl: /
<pmp6nl> twb, that was my initial thought.  But thought I would check
<pmp6nl> Thanks
<twb> pmp6nl: if you care about user data, you want /home and maybe some things like /var/mail, depending on what services you're using.
<twb> pmp6nl: for the OS itself, /etc is critical, and databases and things generally live in /var.  But if you have the space, back it all up.
<qman__> it depends on what's important to you
<twb> pmp6nl: recommend you use -xdev and list filesystems explicitly, to avoid backing up things like /proc/kcore which is 16TB
<qman__>  /etc and a list of installed packages are needed to rebuild a lost server, /var is usually a good idea
<qman__> but if you want everything, / is it
<twb> -xdev is more reliable than --exclude, although -xdev leads to false negatives instead of false positives.  YMMV etc.
<twb> Also strongly recommend you deploy rsnapshot or similar, so you get incremental backups for free.
<pmp6nl> twb and qman__ ok thanks.  Right now I am rsyncing / .... so I should skip /proc?
<twb> Definitely
<qman__> yes
<pmp6nl> woops.
<twb> And probably some other things like /sys and /dev and /run
<qman__> and /dev, and all the other virtual and temporary filesystems
<twb> Which is why I said just use -xdev
<pmp6nl> so -xdev will skip /dev and /proc
<twb> xdev limits it to the specified filesystem
<twb> So e.g. if / and /home are separate and you rsync -xdev /, it will skip /proc but it will also skip /home
<qman__> yeah, you limit it to one filesystem, and configure a backup for each filesystem you want backed up
<twb> RTFM is advisable, too :-)
<pmp6nl> ah ok. So I should do separate for each filesystem ... /home /var etc
<qman__> if you have those as separate filesystems, yeah
<linocisco> I want to have myname@ubuntu.com
<qman__> IMO it's easier to do it that way then to attempt to exclude all the other filesystems and locations you don't need
<twb> Agreed.
<qman__> because there's only a few filesystems to back up (sometimes just one) while there's dozens of things to exclude
<pmp6nl> ok, html/php files etc. are in /home    databases are in /var  ... what is in all of the other random folders?  Anything else important to backup?
<qman__> no, user data is in /home, which may or may not contain html and php files depending on your configuration
<qman__>  /etc is crucial, it contains all the config for the server, otherwise you'll be reconfiguring from scratch
<twb> qman__: if /home contains a web app, you screwed up
<twb> pmp6nl: note that you cannot rsync RDBMS databases, because they are not guaranteed coherent/quiescent
<qman__> it shouldn't, but I was referring to userdir config
<twb> pmp6nl: to back up a db correctly you must dump it to .sql and rsync that
<pmp6nl> qman__, twb I have public_html in home  I will add /etc.  Any others?  RDBMS?
<twb> I also strongly recommend etckeeper
<qman__> yeah, etckeeper is cool
<qman__> I haven't actually tried to restore anything from it, but auto saving everything at the right times is great
<twb> qman__: it's not about restore, it's about blame
<qman__> having a nice list of everything that changed after updating is nice too
<linocisco> I want to have myname@ubuntu.com
<pmp6nl> twb, and qman__ ok. thanks. :)
<pmp6nl> Hello, is it possible to rename a site in /etc/apache2/sites-enabled ?  If so how?  Thanks
<twb> Go edit the file?
<pmp6nl> I mean the name of it.  Its called example.com
<twb> So rename the file?
<pmp6nl> twb, its that easy.  Is the command just rename?
<twb> No mv
<twb> You probably want to a2dissite first, edit the master version in sites-available, then a2ensite it
<linocisco> hi all
<weallknowit> morgen :)
<linocisco> I want to have myname@ubuntu.com
<linocisco> i have two VSAT networks on each office. according to Teleport's ISP infrastrure, we can ping each other with ping time 2000ms. I would like to know how to establish VPN between it
<linocisco> i have two VSAT networks on each office. according to Teleport's ISP infrastrure, we can ping each other with ping time 2000ms. I would like to know how to establish VPN between it
<owh> linocisco: With great patience - having done it myself.
<owh> linocisco: You need to make sure that the VSAT isn't blocking VPN traffic which some do. I ended up using an ssh tunnel.
<linocisco> owh, really? where is your country?
<owh> linocisco: AUS
<linocisco> owh, how can I make sure or check if VSAT or ISP is blocking VPN traffic?
<owh> In my experience the quickest way is to ask them.
<owh> Normally the IP range is internal to the VSAT operator. If both VSAT terminals are from the same provider. If not, you generally have a problem because they generally don't expose the IP address to the outside world.
<linocisco> owh, here it is not legal to ask official. but according to their struture, ping is ok and some org said they can establish VPN between two VSAT sites
<owh> I'd start with attempting to ssh to the other end.
<owh> What traffic are you hoping to share?
<linocisco> owh, boths sites are from the same ISP
<linocisco> owh, web, mail, telephony
<owh> Yeah, that's really not going to work well.
<linocisco> owh, the priority is web and mail.
<owh> What is happening for most VSAT traffic is that it goes from your terminal to the satellite, then down to the ground station, then back up to the satellite, then to the other terminal. Gilat offers VSAT to VSAT functionality, but most countries block that because it prevents monitoring.
<owh> (Which is why you're seeing 2 second ping times)
<linocisco> owh, yes
<ome> Does ubuntu comes with a preinstalled alternative to 'sysv-rc-conf or sysvconfig' ?
<ikonia> ome: it uses upstart, so it works different
<railsraider> what should i check for if a 8 servers on rackspace went down all on the same time? can it be d-dos attack?
<railsraider> i see a lot of AIF:PRIV connect attempt: on th elogs
<ikonia> railsraider: contact rackspace and ask them what happened
<sonne> greetings!
<sonne> what is the ubuntu equivalent of debian's "locales-all"?
<sonne> and.. anyone knows why cron is started when building a chroot?
<sonne> i think it has something to do with upstart not respecting policy-rc.d
<sonne> i think i got it
<brainysmurf> What sort of tools are available if I want to modify headers of emails sent to particular addresses. My ubuntu server is using postfix
<sonne> to anyone that might be interested in what i was tlaking about: https://bugs.launchpad.net/ubuntu/+source/xen-tools/+bug/997063
<uvirtbot> Launchpad bug 997063 in xen-tools "xen-create-image fails to effectively prevent daemon startup on roles execution" [Undecided,New]
<mardraum> brainysmurf: modify them how?
<mardraum> your mua can modify the usual things. otherwise people will generally assume you are a spamming dick.
<brainysmurf> My boss wants "to: group@" changed to "to: undisclosed"
<mardraum> just send to bcc
<brainysmurf> mardram: I know...
<mardraum> oh?
<brainysmurf> We don't want this group's addy publicized, and users have been known to avoid the bcc like the plague
<brainysmurf> Just wondering if there is some sort of filtering tool that can be used (and that wouldn't make you look like a spamming dick)
<mardraum> you want to give users your address, but then hide it from them?
<brainysmurf> (I work at a very busy school)
<brainysmurf> This address is actually an alias, not a human account
<mardraum> an address is an address. if the mta accepts mail, it's all the same thing.
<mardraum> I guess I don't really have a clue what you are trying to do that bcc doesn't already do.
<brainysmurf> hehe I share your frustration :) I'm trying to make it so that if I send to group@ (which is an alias to several people) when the indiviuals get it they don't see the address
<brainysmurf> I know that bcc is what we're supposed to use, but my users keep insisting on using to
<mardraum> they won't see it, the MTA expands it
<mardraum> they'll see you address, and their address
<mardraum> your*
<brainysmurf> I tested this. I see the group address though.
<mardraum> right now I suspect you want #postfix
<mardraum> if that's the MTA you are choosing to handle the mail
<brainysmurf> I am using postfix
<brainysmurf> they said that postfix doesn't touch the content of the email, I need something else
<mardraum> you're probably going to have the most luck telling your boss that your MUAs need to be configured to send from a "donotreply" address
<mardraum> otherwise you'll need to use some sort of custom software that can do the expansion itself
<brainysmurf> Okay thanks mardraum that's what I thought
<mardraum> find a new job :p
<sanderj_> Is there any known prodecure to follow.. to upgrade from 10.04 to 12.04?
<sanderj_> ? upgrade
<koolhead17> !upgrade
<ubottu> For upgrading, see the instructions at https://help.ubuntu.com/community/UpgradeNotes - see also http://www.ubuntu.com/desktop/get-ubuntu/upgrade
<rockets> Psi-Jack, So, I have my old virtual machine imported and booted via kvm now, and I have it set up with a bridged interface, but for the life of me I cannot get networking working properly. Also, virt-manager doesn't actually show the "br0" I set up as an available interface, it still only shows "Default". I had to enter it manually.
<rockets> I can ping the bridge, but nothing using it is reachable.
<Psi-Jack> rockets: YOu can ping the host's endpoint IP?
<rockets> Psi-Jack, I can ping the ip I assigned to the bridge interface
<Psi-Jack> Which is on the host OS?
<rockets> yes
<Psi-Jack> Okay, then it's likely a networking or firewall issue in your guest.
<rockets> but i cannot reach the IP assigned internally to the guest
<Psi-Jack> Or possibly even host if you're running firewall there.
<rockets> no firewall
<Psi-Jack> OKay, so what exactly did you do, network-wise?
<rockets> I did this:
<rockets> http://pastie.org/3884753
<Psi-Jack> OKay. That tells me literally nothing.
<rockets> And the guest is set to use br0
<rockets> which I set by using virt-manager
<Psi-Jack> ok
<rockets> and then inside the guest I assigned an IP to eth0 as I would normally and to eth1 as i would normally
<rockets> and neither are reachable
<Psi-Jack> "normally?"
<rockets> As I would in any normal ubuntu linux host, via /etc/network/interface
<rockets> auto eth0, iface etc etc
<Psi-Jack> Uh huh.
<Psi-Jack> Think of me as a blind man.
<Psi-Jack> DESCRIBE EVERYTHING!
<rockets> lol
<rockets> inside the guest there is a standard interfaces file describing the network config
<rockets> just like this: http://pastie.org/3884762
<Psi-Jack> I only see eth0 in this.
<rockets> That's correct, I'm just giving you an example
<rockets> hold on
 * Psi-Jack closes that "Example." Don't give me examples. I'm a blind man.
<Psi-Jack> I know what a Debian interfaces file is. :p
<rockets> I know you do!
<rockets> Hold on, I'll get the guest's interfaces file
<Psi-Jack> Welp, taking too long, and it's lunch time. Though I will be back afterwards.
<rockets> Psi-Jack, sorry heh. I really do appreciate your time. I'm going to try a few things and come back in a bit.
<rockets> Psi-Jack, ok, so here's something more concrete for you. I'm attempting to set up a brand new virtual machine. I set it up using virt-manager to use the br0 bridge for the guest's ethernet cards. E.g. http://i.imgur.com/Hn6vC.png
<rockets> And yet the guest vm (which is running the ubuntu 12.04 server installer) cannot get an IP via dhcp. This is during the install process, no actual OS installed yet. My network definitely has a DHCP server, we're all using it.
<rockets> So I'm sure I have the bridge set up wrong somehow, I just don't know how.
<billybigr> hey all, anyone alive? just need to talk to someone about the serverguide and openvpn
 * Psi-Jack sighs/.
<Psi-Jack> Seriously wish people would stop giving their "status" away through nick changes.
<patdk-wk> changes nick to patdk-wk-away-from-psi-jack
<billybigr> can someone here help me with an openvpn install problem?
<billybigr> trying to follow the serverguide and i hit a wall
<billybigr> trying to contact someone on the -doc team isn't working either
<bananapie> I have a server running ntpd. The clock is currently 4 seconds out of alignment. I want to see a status from ntpd to make sure that ntpd knows about the descrepancy and how long it will take before the clock is resynchronized
<RoyK> bananapie: first, check the logs
<bananapie> I checked both debug, boot.log, syslog and dmesg. I don't see anything of used in there
<bananapie> other than max descriptors, but that's not useful
<bananapie> I uncommented the statsdir line
<bananapie> I can see that my server is now aware of the 4 second difference
<bananapie> But I don't see where it says how long it takes to resynch
<Pici> bananapie: ntpdc -p and ntpq -p  should be helpful.
<Pici> Its been forever since I needed to fix that on my server, but I remember those outputs being very handy.
<bananapie> ok
<bananapie> it's the first time it's happened to me in about 3 years
<cultavix> what are you trying to do
<RamJett> If I have 4 ethernet interfaces and I want one to be set to dhcp but not change the, name servers, default gateway, ntp.conf, etc. How would I do that? Basically I just want it to set the IP address only
<patdk-wk> RamJett, edit dhclient.conf
<RamJett> There is no way to do it per interface. Like in the interfaces file? It has to be a global dhcpclient ?
<rockets> What's a good way of backing up live kvm VMs?
<pdtpatrick> RamJett, you just want one interface to be dhcp right?
<pdtpatrick> RamJett, in /etc/network/interfaces - just set that interface to something like "iface ethX inet dhcp"
<pdtpatrick> RamJett, or you can do "dhclient ethX"
<patdk-wk> pdtpatrick, one interface with dhcp, for IP only, no dns/ntp/....
<patdk-wk> no gateway even
<pdtpatrick> patdk-wk, good catch. Thanks
<RamJett> Right. I want to pick which interface does the degalt gateway etc .. Like in Gentoo you just do eth0_dhcp="nodns,nogateway". I think I understabd how to do in in the dhclient.conf file. But is I use dhcp on eth1 but want it to use the gateway .. I just globally disabled that
<pdtpatrick> i don't understand that last sentence
<pdtpatrick> nvm s/is/if
<RamJett> if I do it in the dhcpclient.conf. I'm doing it on all interfaces, right ?
<RamJett> Sorry bout the typing
<Pici> RamJett: Per the manpage use: interface "name" { declarations ...  }
<patdk-wk> that depends on *how* you modify dhclient.conf
<pdtpatrick> is it possible to use post-up if u use inet dhcp?
<Pici> man 5 dhclient.conf
<RamJett> ok. Didn't see you could do it per interface. Thanks
<axisys> how to clean up /boot ? it is 86% now
<axisys> what's the recom way to remove old kernels?
<axisys> i want to remove all but last 3 kernels
<axisys> i think i have 10+ of them now
<ogra_> dpkg -l|grep linux-image ....
<ogra_> and remove the old versioned packages you dont need
<axisys> whats the one without numbers?
<axisys> http://dpaste.com/745683/
<jmedina> hi there
<jmedina> anyone is able to use vmbuilder in precise with lvm storage?
<resno> is 10x1 fast enough to run a few sites?
<jmedina> I cant create machines with file images
<jmedina> but not with lvm :S
<jmedina> anyone here using kvm in 12.04 server?
<StevenR> jmedina: yes
<jmedina> StevenR: do you use lvm for vm storage?
<jmedina> In trying to create a vm using vmbuilder with --raw=/dev/vg/lvx and fails
<jmedina> with image files works fine, it only fails with lvm
<jmedina> I have seen a few bugs with similar errors
<jmedina> Im using this command:
<jmedina> vmbuilder kvm ubuntu --hostname server5 --suite precise --flavour server --arch i386  -o --libvirt qemu:///system --raw=/dev/poolb2/storage5 --addpkg=acpid --addpkg=openssh-server --user=administrador --pass=123456 --tmpfs=-
<StevenR> jmedina: sorry, I don't use LVM with it.
<jmedina> StevenR: thanks, I just tried the same in a second machine and same result
#ubuntu-server 2012-05-10
<alusion> Does anyone know where this picture comes from ? http://i.imgur.com/NCkp3.jpg
<blendedbychris> anyone know how to use strace to watch file operations like stat calls?
<stgraber> hallyn: hmm, I seem to have a conflict with the lxc session on Friday, any chance of having the session moved a bit?
<stgraber> hallyn: IIRC steve tried to move my conflicting session (archive reorg) and it wasn't possible due to the number of people involved, so hopefully moving the lxc one will be easier
<twb> alusion: clearly it's a comms room that's not yet in production ;-)
<linocisco> any experienced VPN geek?
<Peetz0r> Hi, I just upgraded from ubutnu server 10.04 > 12.04, and now apache isn't doing https anymore
<twb> Peetz0r: what have you already done to isolate the fault?
<Peetz0r> II restarted apace, but I wouldn't know where to look
<twb> Peetz0r: did you look at any log files?
<Peetz0r> Not yet :p
<twb> You are more likely to get help if you demonstrate willingness to help yourself (e.g. mentioning "I already tried ...")
<Peetz0r> But I wouldn't actually know where to look for this problem
<twb> You could also try reproducing the problem with a simplified apache config
<fakhir> hello. I have an ubuntu server 12.04 box that I am trying to get working as a router. With everything setup as I believe it should be clients on the network are getting all the correct settings with DHCP and my windows 7 computer says it is connected to the internet. I can ssh into the ubuntu box, and ping google getting responses but any other connections to the internet such as HTTP fail.
<twb> You should also be testing with curl, not a browser, and testing over the loopback interface
<Peetz0r> Well, I think I just isolated the problem
<twb> fakhir: ip_forward is on?
<Peetz0r> It's sslh, which I use to run both apache and ssh over port 443
<fakhir> twb, "net.ipv4.ip_forward=1" yes and I rebooted the system.
<Peetz0r> https is still working on port 444 and ssh is still working on port 22
<twb> Peetz0r: OK so investigate sslh, its log file, config, change history since upgrade &c
<Peetz0r> Doing that right now
<twb> fakhir: if appropriate, have you set up NAT ?
<twb> fakhir: it not using NAT, do hosts on both sides of your router know they must use your router to get to the other side?
<twb> fakhir: similarly, have you tried tcpdumping on the router (both ifaces) to see how far packets are getting?
<twb> fakhir: suggest testing w/ICMP echo-request and -reply, rather than TCP.  ICMP is connectionless so triangle routing &c is more obvious
<fakhir> "iptables -t nat -A POSTROUTING -s 10.77.1.0/16 -o eth0 -j MASQUERADE"
<twb> No -s needed
<fakhir> hmm ok will try removing that.
<railsraider> running on rackspace i get error: "net.netfilter.nf_conntrack_udp_timeout" is an unknown key
<railsraider> anyone knows how to fix?
<patdk-wk> railsraider, do you have nf_conntrack installed?
<railsraider> patdk-wk:  i donna? how do i check that?
<patdk-wk> lsmod
<railsraider> nope, its not there
<railsraider> how do i add it patdk-wk :
<patdk-wk> well, no wonder :)
<patdk-wk> why do you need it?
<railsraider> arno firewall is winning about it
<patdk-wk> well, your going have to figure out why that arno thing isn't loading it then
<patdk-wk> cause there are a whole lot of modules you need to load for a firewall, and if that program doesn't load the ones you need, heh, life isn't fun
<railsraider> k
<railsraider> i'll check
<bananapie> I am running the bind9 server that came with ubuntu 10.04. The server does lookups only for the local network. I want bind to check if the host is set in /etc/hosts, if so to return that IP if not to act normally. Can this be done ? I tried googling it, and all the results I found speak of DNS/DHCP integration
<railsraider> anyone knows how to write a debconf answer files
<koolhead17> railsraider, http://serverfault.com/questions/19367/scripted-install-of-mysql-on-ubuntu
<koolhead17> see if this example helps you to understand stuff
<railsraider> i have pre seeded the file like that example but i think something is being skipped cause the values are not being passed from it
<railsraider> debconf-show arno-iptables-firewall shows the correct settings
<railsraider> i think i missed an attribute
<koolhead17> railsraider, good luck :D
<railsraider> koolhead17:  how can i find out what options the installer is asking for?
<railsraider> i mean on the wizard, perhaps i don' t write the attributes for the installer correctly
<_ruben> install it, answer manually, use debconf-getselections to query the debconf db
<koolhead17> as _ruben mentioned :)
<railsraider> _ruben: thanks!
<railsraider> _ruben: no such file debconf-getselections do i need to install something?
<railsraider> i have debconf-utils
<railsraider> i also tried debconf-get-selections
<_ruben> i think it's not installed by default indeed
<_ruben> been ages since i used it (when i set up my preseeding stuff)
<railsraider> its is running if i just type debconf-get-selections
<railsraider> ok i got it now
<railsraider> thanks
<koolhead17> railsraider, http://www.rndguy.ca/2010/02/24/fully-automated-ubuntu-server-setups-using-preseed/
<koolhead17> u need 2 install a pkg
<rye> hello, two times after using kvm snapshots through libvirt my 30G windows vms disk were truncated and thus unbootable. Has anybody else experienced this? One failure had qemu-img segfaulting during snapshot deleting, another one went cleanly
<rye> but truncated the file nevertheless
<drcode> hi all
<drcode> if I run ubuntu server 10.04 inside vmware esx , do I need to install vmware tools?
<drcode> or ubnuntu installed it by default?
<drcode> any idea?
<jpds> drcode: Probably not by default.
<drcode> how can I install it ?
<drcode> is it in repostory?
<drcode> or somthing?
<drcode> I don't want to do smtihng wrong
<plm> people, I intall rcconf and when start show this:
<plm> # rcconf
<plm> rcconf needs dialog or whiptail.
<plm> why?
<plm> I'm connected to server via ssh
<drcode> jpds, how can I install vmware tools inside ubuntu 10.04?
<jpds> drcode: I don't know; I've never done it.
<drcode> ok
<drcode> thankyou
<jsmith-argotec> drcode: usually you mount the vmware tools iso image inside the vm and install from there
<jsmith-argotec> drcode: assuming you're accessing the vm through vSphere client...
<drcode> yes , I am
<drcode> is there repostory that I can use
<drcode> of vmware?
<jsmith-argotec> drcode: use connect/disconnect CD...
<drcode> I am not admin in vsphere
<jsmith-argotec> drcode: connect to ISO image on datastore option...
<jsmith-argotec> drcode: so you can't connect to CD/DVD?
<drcode> yes
<drcode> I see that vmware have repostory for ubuntu
<drcode> apt-add-repository 'deb http://packages.vmware.com/tools/esx/4.1latest/ubuntu lucid main restricted'
<drcode> I ask before my server will not load
<drcode> it will work ok
<jsmith-argotec> drcode: This is better than me trying to explain:
<drcode> apt-get install vmware-open-vm-tools-kmod-source
<jsmith-argotec> drcode: http://kb.vmware.com/selfservice/microsites/search.do?cmd=displayKC&externalId=1022525
<jsmith-argotec> drcode: should tell you everything you need
<drcode> ok
<drcode> thankyou
<_ruben> bah .. why arent 1TB drives getting any cheaper :( .. 2TB drives are nearly same price as 1TB, and 3TB aren't even that much more expensive
<_ruben> sucks for expanding my 1TB drive based raidvolume
<Resistance> _ruben:  they're expensive because the factories for them got hit by horrendous weather and natural disasters
<Resistance> all hard disk prices are on the rise as a result
<_ruben> Resistance: that doesn't explain why both 1TB and 2TB are ~100 euro
<Resistance> kinda does ;P
<_ruben> if prices go up, wouldnt both go up?
<_ruben> and not converge
<_ruben> tempting that 3TB far less than twice the price of a 1TB
<patdk-wk> if demand was the same for all sized disks, sure
<Resistance> mhm
<patdk-wk> guess depend for 1tb is higher
<Resistance> 3TB's kind of a less-demanded size
<patdk-wk> 3tb is still too unreliable for my personal use
<Resistance> mhm
<Resistance> i mean, i keep a 3TB drive around for temporary backups, such as for when i make a duplicate of my 1TB server's drive, but only so i have backups/clones in case updates/upgrades explodify :P
<patdk-wk> the largest I have, is huge arrays of 1tb disks, and smallish arrays of 2tb
<esuave_> anyone know why i can run my shell script just fine manually.. but cron doesnt run it when i set it up?
<patdk-wk> esuave_, cron is completely different :)
<Pici> esuave_: What does the line in your crontab look like?
<esuave_> 00 10 * * * /var/log/test/scripts/tarlogs.sh
<Pici> esuave_: And thats your user's crontab? i.e. edited via crontab -e ?
<esuave_> yep
<esuave_> the shell script permissions are set as follows -rwxr-xr-x
<esuave_> its owned by root, and im running the cron as root too
<Pici> esuave_: That was my next question.  Anyway, does the script rely on any environment variables?
<Pici> esuave_: Specifically, you may need to provide the full path to executables referenced inside the script as cron will not have the same $PATH as your user.
<esuave_> ahh i think you found the problem
<esuave_> damnit.. overlooked
<esuave_> thank you Pici
<Pici> esuave_: sure, no problem.
<myhrlin> aha, correct channel
<myhrlin> hi, all; I have ubuntu 11.10 server 32 bit installed on a machine here and after executing do-release-upgrade to 12.04 the screen goes dark some of the time after grub
<myhrlin> sometimes text appears and I can type in passwords etc, but other times nothing displays after grub
<myhrlin> sorry I mispoke, after playing around with it again here I realized the screen displays nothing after the kernel begins to boot. So some text appears from the kernel then disappears and nothing more displays
<gary_poster> hallyn, hi.  I'm in an awkward spot in which I have almost no privileges on a machine and something is going wrong there.  I've never seen an error like lines 3-5 of http://pastebin.ubuntu.com/979976/ before.  The lxc package is up to date precise.  Have you/do you have any ideas?  My only idea is that the base container is old in some way that the script does not expect, or perhaps the kernel is not up-to-date (una
<gary_poster> me -r reports 3.2.0-16, but I don't know if ksplice updates that) or something else is old.
<JonEdney> Windows Update, brb
<hallyn> stgraber: as i thought - there's actually still another lxc sitting in unapproved for precise (https://launchpad.net/ubuntu/precise/+queue?queue_state=1)
<hallyn> so i think i'll ask for that to be rejected so i can add the apparmor depends there
<hallyn> gary_poster: one sec, looking
<gary_poster> thanks
<hallyn> gary_poster: was lxc-clone at all involved in the creation of the original machine?
<gary_poster> hallyn, not sure; I'll ask.
<hallyn> GAH
<hallyn> no i see the problem
<hallyn> lxc-start-ephemeral has the same unquoted bug that lxc-clone had
<hallyn> for now, you can probably just make sure you don't have any files matching "*:*" in your cwd
<hallyn> or, if you can get someone with privileges, have them put quotes around $line in line 203 of lxc-start-ephemeral
<hallyn> opening a bug...  thanks gary_poster
<gary_poster> ack ok hallyn thank you!
<hallyn> pitti: stgraber: could one of you kick the lxc -55 version from the unapproved queue for precise-proposed?  I'd like to add two more little (but crucial) bugfixes to it
<wh0theyou> hi @
<wh0theyou> habe ubuntu server auf meinem NAS und bekomme cmus nicht ans laufen habe als mainboard das asus e35m-i deluxe
<wh0theyou> error: opening audio device: internal error
<KM0201> wh0theyou: english
<stgraber> hallyn: you can upload a new version of lxc to -proposed without someone rejecting it, just make sure to use -v<last published version> so that all changelog entries are included
<stgraber> hallyn: in this case, you'll want to upload 0.7.5-3ubuntu55 and use -v0.7.5-3ubuntu53 so that your changes from 0.7.5-3ubuntu54 are visible in the notification e-mail
<Myx0x3> hi. a friend of mine cant install Linux on hes computer he gets the error: "Failed to copy  file from CD-ROM. Retry?".. he made an boot usb from unetbootin if it helps..
<KM0201> Myx0x3: use the tool that ubuntu recommends, it will get you past that error, if it doesn't (it should)... google will tell you how to trick the installer into thinking you're using a cd
<Myx0x3> KM0201: hi again, lol.. where do find that tool?
<KM0201> Myx0x3: it's linked on ubuntu's website
<Myx0x3> KM0201: http://www.ubuntu.com/download/help/create-a-usb-stick-on-windows but its for the desktop version.. is it the same?
<KM0201> Myx0x3: it should work fine for server edition (at least it did for me)
<Myx0x3> okay, thanks KM0201
<RoyK> same thing, yes
<Myx0x3> KM0201, last thing, did you download the iso or did you download it inside Pen drive linux thing?
<KM0201> Myx0x3: i downloaded the iSO
<Myx0x3> okay, cheers mate
<Myx0x3> have a nice evening :)
<colon_D> Anyone here have knowledge of the Ubuntu private cloud solution?  I'm trying to figure out how all this goes together.  How complete of a solution is AWSOME in comparison to CloudStack?
<Myx0x3> KM0201: http://www.memecreator.org/static/images/memes/147386.jpg
<Myx0x3> hahaha :D my friend made it, made my laugh :)
<KM0201> guess it went over my head..lol
<Myx0x3> hehe
<hallyn> stgraber: I don't think that's what I actually want
<hallyn> straber: I don't want 54 to be rejected;  it's verification-done, just waiting for its 7 days regression testing to be done
<hallyn> stgraber: I want the 55, which has not yet been accepted into -proposed, to be kicked, and i've added two more fixes to a new 55
<stgraber> hallyn: ah, ok.
<hallyn> (gr, i frequently hit the thinkpad pointer dot in stead of 'g')
<stgraber> hallyn: just upload a new -55 then, the archive admin processing it will just reject the older one
<hallyn> oh, i figured it would reject my new one as it has new contents.  ok ii'll do that, thanks :)
<JonEdney> When installing a monitor service lik Munin - when it says server01 and server02, I'm only monitoring 1 server, does anyone have a reference for doing it that way?
<patdk-wk> JonEdney, reference? and when it says server01 and server02?
<patdk-wk> munin comes in two parts, the munin-main that you install on the *collection* and *graphing* server
<patdk-wk> and the munin-node that you install on all servers to be monitored
<patdk-wk> in a single server, you install both, and call it done
<JonEdney> Okay, they helps.
<JonEdney> I was unsure.
<patdk-wk> well, you have to edit the configs alittle, maybe
<JonEdney> Right.
<patdk-wk> the defaults might be fine though
<JonEdney> I ran it ona  test server a few weeks back and was getting a permission error, so i didnt know if there was an additional way to go
<JonEdney> I'll have to play a little bit.
<jsmith-argotec> is it possible to use a 2.6 kernel on 12.04?  if so is there an easy way to install a 2.6 kernel on 12.04?
<jsmith-argotec> I have some software I run on the server that is incorrectly calculating memory if using a 3.x kernel with mor than a couple GB of RAM.  Can't get the software fixed so I'm trying to workaround without downgrading back to 10.04
<jsmith-argotec> s/mor/more/
<Kyle__> is there a command-line installer app for ubuntu-server, that can be run from a working installation?  Slackware used to let you do that (you'd run installer /path/to/root), was quite usefull.
<andol> Kyle__: a) debootstrap a chroot or b) boot the net-installer from grub
<Kyle__> andol: debootstrap sounds more like what I need.  I'm going from netbooted to local installs for about 20 machines.
<Kyle__> Thanks
<andol> Kyle__: Well, with 20 machines I would probably myself prefer a pxe booted preseeded install, but that might very well just be a personal taste.
<Kyle__> andol: Googling... Looks pretty nice.  Not all that difficult either.
<wh0theyou> i have ubuntu server 12.04 lts on my nas. Mainboard is asus e35m-1 deluxe. i want to hear webradio with cmus. Cmus get error: opening audio device: internal error
<wh0theyou> what should i do?
<ThunderFace> Hey everyone. Does anybody have experience with the Xen hypervisor and Ubuntu 12.04 server?
<ThunderFace> I'm trying to set up a Windows 7 HVM in Xen, but I can't figure out how to view the HVM from the same machine that's running it. In other words, I'd like to be able to view and control the virtual machine from the same computer that is running the hypverisor server. I'm 90% sure this is possible as I've seen what look like demonstrations of it on YouTube, but I haven't been able to find the right combination of words to get
<resno> ThunderFace: you are trying to run windows 7 inside of xen?
<ThunderFace> haha resno. Hello again. Yes I'm trying to run it as an HVM
<ThunderFace> I didn't have much trouble setting everything up. And the guides filled in the gaps, but they didn't explain how to view it locally. Just through a vnc client from another machine.
<resno> ThunderFace: i cant offer a solution, im just curious about the problem, maybe someone else while chime :)
<resno> ive never used xen, so does xen run ontop of ubuntu?
<guntbert> ThunderFace: (no help from me either): do you have X running on the host?
<ThunderFace> no I don't. I figured it would be unnecessary because the HVM wouldn't be using X
<ivoks> pmatulis: ping
<resno> ThunderFace: i see a guide on xens site.. have you seen that?
<ThunderFace> Xen doesn't really run on anything. It runs directly on the hardware.
<resno> ThunderFace: im just curious why you came to ubuntu and not xen
<ThunderFace> Yeah I've seen it, but while it is very thorough, it doesn't address this one issue. Haven't found a guide that does yet, but I have seen videos of people doing it (although they offer no explanation)
<ThunderFace> Because it does interface with Ubuntu
<guntbert> ThunderFace: and how (without X) do you intend to display a W7?
<ThunderFace> basically, you install ubuntu server (or debian etc.) and then you configure Xen and install Xen with it.
<ThunderFace> You wouldn't need it to control a dumb-client vnc so I figured you wouldn't need it locally either.
<ThunderFace> But if I am wrong (which is entirely possible), where would I go from there after installing X
<ThunderFace> What I mean is, I could start X up, but then how would I interface with the virtual machine? Xen is entirely CLI
<guntbert> ThunderFace: (I'm still trying to understand) - IF you have X Window running THEN you could start your vnc locally too, couldn't you?
<ThunderFace> Ahh. So you're suggesting I start X and VNC through localhost?
<guntbert> ThunderFace: I'm not suggesting anything here - because I never used XEN myself, I'm only thinking loud :-)
<ThunderFace> haha. No no. I wasn't taking it as THE solution. Just an idea I hadn't thought of guntbert ;)
<guntbert> ThunderFace: thats what talking is for :-)
<ThunderFace> I've never actually vnc'd locally, is it as simple as just doing "localhost:4356" -- if the port was 4356
<guntbert> ThunderFace: yes
<ThunderFace> Guntbert: Thanks. I'll give that a shot. Have a good day!
<resno> guntbert: you are more seeminly helpful then you thought lol
<ThunderFace> resno: haha
<ThunderFace> have a good one guys.
<guntbert> resno: :)
<shortdude> hi, i am trying to create a bash sciprt.  In the script i call a python script.  One of its arguments is "print".  Since this is a reserved command, the pything script does not run.  How to i run the command w/o it going for the reserved command.
<urda-web> I'm having a huge problem with Ubuntu 12.04 Server as a VMWare guest, my network performance is just DEAD. I can't download or upload any large files, apache2 won't serve stuff up, scp transfer die if larger than a few kb
<ChmEarl> echo '127.0.0.2 $HOSTNAME' >> /etc/hosts
<benji> shortdude: will you pastebin a small example script so we can see what, exactly, it is you're trying to do?
<virusuy> gents!
<zaitzev> hey folks
<virusuy> zaitzev: howdy
<zaitzev> I'm sitting here installing Ubuntu Server 12, and I'm at Software selection
<zaitzev> I'm curious about what "Basic Ubuntu server" implies?
<zaitzev> I'm gonna run the server from home, use it for basic stuff, a website, a gameserver (source-games), voice chat and the like.. simple stuff
<zaitzev> so from the list I was thinking about choosing OpenSSH, LAMP and perhaps Basic Ubuntu server, depending on what that is
<virusuy> zaitzev: that's a good choice
<virusuy> basics are neccesary things
<zaitzev> so I want to install all of the above then?
<virusuy> yes
<zaitzev> I got a 1U Dell PowerEdge SC1425 to play with
<zaitzev> 2x3.2 GHz Xeon in it
<JonEdney> Is there a way to get Munin to monitor Memory usage?  It don't by default and I can't seem to find any reference to how to enable it.
<PleXuS> anyone know how I can install a node ?
<PleXuS> I added a node but I guess I need to install ubuntu on it ?
<PleXuS> into the ubuntu server maas :-)
<JonEdney> Would anyone know why 12.04 server works in VirtualBox on Windows, but when I open it on Ubuntu (currently) and use the same .vdi hard drive file, I've got no networking?
<sideup66> hello room
<sideup66> can anyone help me with a ubuntu problem
<sideup66> with ubuntu server 12.04.  I know this is a known bug but does anyone know how to tell mdadm or whomever is mounting to continue booting when a non boot raid array drops to degraded
<sideup66> mind you this isnt the boot drive, this is a second data only drive
<sideup66> anyone?
<sideup66> or not
#ubuntu-server 2012-05-11
<Gallomimia_> okay. i'm trying to get phpmyadmin up and running on a ubuntu server using apt-get to install all the fun things. i still get a 404 error and i'm really quite sure i broke it all. anyone who wants to try and help me? i feel it is hopeless but perhaps you will help me see the light
<nathwill> man i'm stoked. just ordered an n40l for home :) dropping 12.04 on it as soon as it arrives
<billybigr> whats an n40l?
<billybigr> ahh home nas
<virusuy> http://h10010.www1.hp.com/wwpc/uk/en/sm/WF06b/15351-15351-4237916-4237917-4237917-4248009-5163346.html?dnr=1
<twb> Bleh, not a fan of HP
<virusuy> twb: me neither
<patdk-lap> it's ok, just seems pricy for it's performance
<twb> After all they bought compaq and we all remember what compaq units were like
<mgw> how can I get dhclient to override the local hostname?
<mgw> just delete /etc/hostname?
<twb> mgw: only if you want to break everything.
<mgw> ok, that's what I thought
<mgw> what's the right way
<mgw> ?
<twb> live-config does it, but I don't remember how
<twb> BCP is to do it the other way around -- the machine has a name and it tells the DHCP server what it is
<mgw> hmmâ¦ okâ¦. I'm bringing up a number of VMs and the DHCP server (cobbler) knows their hostnames from the MACs
<mgw> (isc actually, but controlled by cobbler)
<mgw> If that's really best practice, I can do it the other wayâ¦ I'm pushing configs out in my bootstrap script
<twb> If they're all VMs provisioned from the same base image, that's the same class of thing as live-config
<twb> My BCP remark is about normal hosts that you install and then they run until they explode, not this new-fangled cloud shit where hosts are born and die automagically without any babysitting
<IdleOne> twb: Please keep the language clean.
<mgw> bug 90388 has this posted: "We solved it by putting "hostname $new_host_name" into a file at /etc/dhcp3/dhclient-exit-hooks.d/"
<uvirtbot> Launchpad bug 90388 in dhcp3 "hostname supplied by dhcp server is not used" [Low,Fix released] https://launchpad.net/bugs/90388
<twb> mgw: how does it know the FQDN, unless you also edit /etc/hosts ?
<twb> Maybe if you are executing "hostname foo.example.net" instead of just "hostname foo", that becomes irrelevant?
<mgw> twb: yeah, that's the other side
<twb> mgw: oh sorry, I thought you were one of the regulars, didn't realize you were the OP :-)
<mgw> twb: lolâ¦ I'm a 'regular' once or twice a week
<mgw> I think I'll just template out /etc/hosts & /etc/hostname
<mgw> And not worry about dhcp
<mgw> These VMs do keep the same hostname for life
<Zanzacar> how can i list who is connected via ftp or sftp?
<Zanzacar> who -a seems to be a dead end. lastlog seems to only be for ssh.
<twb> Zanzacar: look at the process table
<twb> pgrep internal-sftp or something
<Zanzacar> well thats just going to give me the process id wont it. it wont really tell me who is connected or anything like who would do for ssh
<twb> Zanzacar: so then find out who owns the process
<lickalott> hello all.  I have an issue I was hoping someone could assist with.
<lickalott> I just upgraded to 12.04 and it randomly dies.  the machine stays on, but I can't access it, either directly or ssh
<lickalott> i have to constantly cold boot it to get it back.
<lickalott> anyone else having this issue or know what's going on?
<lickalott> so.......no
<Zanzacar> twb: I think I figured everything out ps aux | grep ftp
<Zanzacar> this lists both the sftp through openssh and the ftp through vsftpd
<Zanzacar> thank you for your help
<twb> Whatever
<agnostic> hello
<kantlivelong> when someone logs into a server behind a router via SSH it always shows the routers WAN ip as the connected from address.. is there a way to fix that?
<mardraum> are they using a rfc1918 address (using NAT)?
<mardraum> unless they are specifically proxying via that IP, that's all I can think you want to "fix". And you can't.
<_ruben> it's a "bug" in the router .. it should only touch the destination address, not the source address
<mardraum> sounds pretty rare, source?
<_ruben> mardraum: common sense :)
<kantlivelong> mardraum: i figured it out :P some doofus translated the srcaddr
<mardraum> common sense says that lots of routers have bugs where they modify the source address?
<kantlivelong> yeah
<kantlivelong> was driving me mad
<mardraum> kantlivelong: translated how
<kantlivelong> in the NAT
<_ruben> mardraum: i didn't say lots, i said it does happen, wouldn't know anything about the scale of it :)
<mardraum> ...
<mardraum> kantlivelong: that's what NAT is, you know right?
<kantlivelong> its a crummy sonicwall :O
<kantlivelong> yes but they translated what the sourceaddr was
<mardraum> _ruben: if it does happen, show some evidence
<kantlivelong> instead of keeping the orig
<_ruben> mardraum: kantlivelong did
<mardraum> did he?
<mardraum> he said a doofus, not a bug.
<kantlivelong> yeah
<_ruben> i said "bug" .. as in: crappy implementation of router software
<kantlivelong> a doofus set it up wrong
<kantlivelong> translated it to the WAN ip
<kantlivelong> dunno why :(
 * kantlivelong hates sonicwall
<gary_poster> hallyn hi.  I don't think you filed a bug for the lxc-start-ephemeral quoting issue (the one like lxc-clone).  I couldn't find it in Launchpad.  IS is asking me to give them a bug number.  I could file it myself, but I'm not sure what the quoting issue is exactly.  I did some experiments with echo $line and couldn't seem to get it to misbehave.
<kantlivelong> granted any router can do it..
<_ruben> some routers have it hardwired, others have it configurable through the settings
<kantlivelong> i got a nice shiney new router to replace it soon anyway
<kantlivelong> 8 port gbe pfsense running box
<kantlivelong> *winning*
<mardraum> kantlivelong: if you are using NAT, the source address is *always* translated.
<_ruben> mardraum: wrong
<kantlivelong> going out.. it typically is
<kantlivelong> inbound no
<_ruben> if you are using SNAT, sure .. if you are using DNAT, no
<kantlivelong> atleast now i can run fail2ban again :)
<mardraum> oh jeez
<mardraum> SNAT, DNAT
<kantlivelong> SNOT
<kantlivelong> :)
<mardraum> SNAT is a bullshit term, first thing
<_ruben> how so ?
<kantlivelong> perhaps time to resume this in #networking
<mardraum> hah! even wikipedia agrees
<kantlivelong> :)
<Psi-Jack> Does Ubuntu have any CLI tools to see if there's any currently-installed packages against the security advisories, kind of like Gentoo does?
<mardraum> "The meaning of the term SNAT varies by vendor. Many vendors have proprietary definitions for SNAT. A common expansion is source NAT, the counterpart of destination NAT (DNAT). Microsoft uses the acronym for Secure NAT, in regard to the ISA Server. For Cisco Systems, SNAT means stateful NAT."
<mardraum> SNAT is meaningless.
<kantlivelong> mardraum: aka SNOT
<_ruben> NAT should be meaningless
 * _ruben welcomes our IPv6 overlords
<kantlivelong> Psi-Jack: unsure :)
 * kantlivelong misses gentoo
<mardraum> NAT is a fact of life
<kantlivelong> indeed
<kantlivelong> even without computers :)
<iggi> I'm having a problem with a virtual machine host running Ubuntu 12.04, the machine can ping the outside word and I can run a apt-get update/upgrade successfully, the virtual machines connect to the internet just fine, but I still cannot SSH or ping from outside the machine. I have turned off ufw and flushed iptables, but still cannot get it to work.
<iggi> fwiw, it worked prior to a reboot.
<ikonia> iggi: it's probably your routing
<ikonia> iggi: the setup is to masqurade or nat out, not nat back in
<iggi> ikonia, it would have to be on the machine itself as it is a globably routeable IP and the router on the other end of the cat5 cable can't even ping or SSH to the machine
<ikonia> iggi: can you connect to the host (not the virtual machines) from the outside world ?
<iggi> nope
<ikonia> ok, so then it's nothing to do with the virtual machiens
<ikonia> your public IP address is not setup to route to the physical machine
<iggi> I was just using them as an example of traffic moving across the interface. As for it not routing, I'm not sure why it wouldn't the router sees the interface's MAC in the ARP table entry.
<hallyn> gary_poster: bug #997687
<uvirtbot> Launchpad bug 997687 in lxc "lxc-start-ephemeral needs to quote $line when echoing" [Critical,Fix released] https://launchpad.net/bugs/997687
<ikonia> router seeing a mac doesn't mean it's setup to route/nat traffic to that device
<ikonia> iggi: sorry that was for you
<gary_poster> hallyn, yeah, sorry, was just about to say that we found it.  Sorry, was looking in https://bugs.launchpad.net/ubuntu/+source/lxc and it is not there
<hallyn> right bc it's fixed released in q
<hallyn> unfortunately the fix isn't even in precise-proposed yet, bc the existing SRU lxc package is waiting for its vetting period to end
<hallyn> (so it's in the unapproved queue for precise-proposed)
<gary_poster> ah ok hallyn, gotcha
<gary_poster> thank you
<iggi> ikonia, If you don't mind I'll PM the routing info, I'd prefer not to post the IP in a public channel
<ikonia> iggi: have you set it up to route the public IP address to your servers physical interface ?
<gary_poster> Psi-Jack, I was curious about your question.  I haven't tried this so it may be useless, but have you checked out tiger and its "deb_checkadvisories" command? sounds close to what you want.  http://www.nongnu.org/tiger/tiger.8.html OTOH, you could maybe just enable unattended-upgrades if that's all you really want.  http://askubuntu.com/questions/194/how-can-i-install-just-security-updates-from-the-command-line
<Psi-Jack> gary_poster: No, I want to be able to check IF specific packages currently installed have been pacthed against known security advisories, because one thing about Ubuntu LTS is, you may be running older versions of specific software, but they have security patches applied to them constantly when advisories are out. This makes a LOT of false posatives from IDS/Analysis systems like Alert Logic that don't know this.
<gary_poster> ah I see Psi-Jack.  Sorry couldn't help.
<Psi-Jack> hehe
<Psi-Jack> Gentoo has this handy dandy tool that used the Gentoo security advisory system they have setup, against all the packages you have installed from the ebs.
<oCean> Psi-Jack: not entirely the same, but you are not alone: http://ubuntuforums.org/showthread.php?t=1962129
<oCean> there is apt-get changelog <packagename> but I don't think there is an automated checking tool :(
<Psi-Jack> Hmmm
<Psi-Jack> Wow... That's quite surprising that there is no such tool that at least utilizes even the Ubuntu Security Notices.
<oCean> there is CVE tracker from the securit team, but I guess that is the software that actually is the tracker
<Psi-Jack> Heh yeaaah...
<Psi-Jack> Pretty darned bad, IMHO!
<eein> sorry first time using ubuntu server, where do you set static dns? i would have thought /etc/resolv.conf but it warns me it will be overwritten
<Psi-Jack> eein: dns-nameservers entry in /etc/network/interfaces
<eein> Psi-Jack, thanks
<sanduz2> every time i start up, i get a few errors and cant login. '[drm] nouveau 0000:00:0d:0: === misaligned reg 0x0060081D' and '[drm] nouvea 0000:00:0d.0: unknown connector type: 0xff!!'
<sanduz2> not sure what it means or why it happened, i was able to login fine a few minutes ago
<sanduz2> im on 12.04 amd64
<kpettit> in Apache can I make it so each one of my virtualhosts have a same subdirectory.  For example I'd like it so I have a "/docs" that's the same for every virtualhost.  ANy ideas?
<altj> kpettit: you can add this line to each vhost config...   Alias /docs /path/to/docs/dir
<kpettit> Ah, Alias.  THat's the command I was forgetting.  Thanks!
<dimitrig> hi, i was using fdisk -l command to see some new disks ive added, can anyone tell me why the "disk ident" is 0x00000000
<dimitrig> when the live used disks have numbers..
<zaitzev> anyone around?
<zaitzev> what do I do to have my server eth0 act as dhcp client, instead of static ip which it has now?
<zaitzev> and how do I "refresh" the DHCP ip? It gets .142, but in my router I have reserved its MAC to get .100
<nathwill> zaitzev: sudo dhclient -r to release, sudo dhclient to renew
<nathwill> er. might be sudo dhclient ethX where X is whatever
<zaitzev> hm, i tried
<zaitzev> but it keeps getting .142..
<zaitzev> even though my router has defined a static lease to the server eth0 MAC, to .100
<nathwill> zaitzev, cat /etc/network/interfaces?
<nathwill> bbiaf, gotta grab some food
<zaitzev> http://paste.ubuntu.com/982157/
<zaitzev> I might as well just drop the whole idea of using dhcp on the server, and set it back to static..
<nathwill> generally best if you want it to be
<zaitzev> I get another issue now tho
<zaitzev> can't login with ssh
<zaitzev> "permission denied, please try again" even though I do use the correct password
<zaitzev> I did ssh-keygen -f here, do I need to do something similar on the server?
<lickalott> hello all.  I have an issue I was hoping someone could assist with.
<lickalott> I just upgraded to 12.04 and it randomly dies.  the machine stays on, but I can't access it, either directly or ssh
<lickalott> i have to constantly cold boot it to get it back.
<lickalott> anyone else having this issue or know what's going on?
<Resistance> zaitzev:  you need to get your publickey info from your system to the remote server's authorized_keys file for your user
<Resistance> but you'd need to be logged in first on the remote server
<smb> stgraber, Where art you?
<zaitzev> Resistance: I'm at the server console
<med_> stgraber, LXC in Jr ballroom 2
<zaitzev> Resistance: but the rest of the stuff you said is sort of greek to me xD
<Resistance> zaitzev:  did you generate the key pair on your end?
<zaitzev> I didn't manually generate anything tho
<Resistance> hmm, i might have misread the backlogs then
<zaitzev> I'll try reinstalling openssh
 * Resistance glances as his local server monitoring panel, realizes a primary server cluster went down.
<Resistance> darn, i'll have to fix that...
 * Resistance disappears
<zaitzev> I reinstalled openssh-server
<zaitzev> so I'm back to where I was before messing with the ip settings :)
<nathwill> zaitzev
<nathwill> on your remote system, if you've generated your ssh keys
<zaitzev> I purged openssh-server and reinstalled it, that made it work again :)
<nathwill> run ssh-copy-id -i ~/.ssh/id_{rsa,dsa}.pub user@server
<nathwill> from the remote system
<zaitzev> in case the same thing happens again, I can do that instead?
<nathwill> ?
<nathwill> that's how you authorize access w/ that key
<nathwill> ssh-copy-id copies your pubkey into ~/.ssh/authorized_keys on the server
<nathwill> so that the ssh server can verify you when you try to log in
<stgraber> med_, smb: sorry was leading another session before that took a bit longer than it should have ;)
<med_> no worries.
<med_> someone said ping you in this channel, so I did.
<nathwill> zaitzev, don't disable password-based logins until you've verified that key-based logins work :)
<hazmat> smoser, what's the name of device-id that cloudinit searches for
<smoser> its in that script that i sent you
<smoser> 'cidata' maybe
<smoser> probably
<hazmat> smoser, yup thanks, got it
<hazmat> tis cidata indeed
<jkyle> attempting to uninstall haproxy with apt-get remove results in the daemon being started in the foreground and hanging. no joke. http://pastie.org/3897015
<jeeves_moss> what causes postfix (and dovecot) not to log to mail.log and mail.err?
<lickalott>  hello all.  I have an issue I was hoping someone could assist with.   I just upgraded to 12.04 and it randomly dies.  the machine stays on, but I can't access it, either directly or ssh
<lickalott> I have to constantly cold boot it to get it back. Anyone else having this issue or know what's going on?
<lickalott> lemme try a different way...  is there a command to roll back the version?
<cc77> I assigned a static ip to my server but dns is not working. opening resolv.conf in nano the comment shows I should edit that file. But if I do anyway it works. What file should I edit for dns then?
<cc77> correction: the comment shows that I SHOULD NOT EDIT that file
<mahmoh> does anyone know if qemu-arm-static can be called via libvirt in precise? hallyn?
<mahmoh> qemu-system-arm that is
<poseidon> So I'm new to ubuntu.  Any suggestions for a getting started with server guide, or a suggestion for firewalls?
<JonEdney> Is there a specific command to update 12.04 server?  I run apt-get update, and it's still indicating 18 packages and 1 security update, even after I run the update.
<Firebolt> JonEdney, you'll want apt-get upgrade, not update
<Firebolt> update just reads new entries in your sources.list/ppas you've added
<JonEdney> Firebolt, I didn't know that, thank you
<Firebolt> np
<Firebolt> I remember that confused me thoroughly when I was new to ubuntu
<JonEdney> Yeah I can see why.  Desktop is different, the update manager pops up, it dont for the server since it's console-based.
<JonEdney> If I run apt-get upgrade on a 11.10 server, will it try and upgrade to 12.04?
<JonEdney> I have an 11.10 server on a VPS, and the host runs openvz and isn't supporting 12.04.
#ubuntu-server 2012-05-12
<nathwill> poseidon: https://help.ubuntu.com/12.04/serverguide/
<cc77> JonEdney, I alway do aptitude update then aptitude safe-upgrade
<JonEdney> cc77, whats the difference if you dont mind me asking?
<cc77> update lists the newest packages. And mind asking, found you something btw: https://help.ubuntu.com/community/AptitudeSurvivalGuide
<cc77> JonEdney, basically safe-upgrade just updates all packages. And full-upgrade will also latest ubuntu version.
<cc77> so safe-upgrade is what you need.
<JonEdney> Okay, I get that.  Thanks for the link also.
<cc77> I assigned a static ip to my server but dns is not working. opening resolv.conf in nano the comment shows I should edit that file. But if I do anyway it works. What file should I edit for dns then?
<cc77> oops same mistake as before editL
<cc77> correction: the comment shows that I SHOULD NOT EDIT that file
<pdtpatrick> Question - would someone please explain/help me with .deb packaging. I'm using deb helper and i've gone through the PackagingGuide.pdf -- and i still cannot understand how you move files around. For instance, if i want the .deb file when installed to have files in /etc/ and then /home/user/.filename   .. where/how do i do that ?  would this be the dh_installdeb helper script ?
<virusuy> pdtpatrick: you should ask that kind of question in #ubuntu-motu
<pdtpatrick> Good point. THanks
<virusuy> you're welcome
<poseidon> I don't suppose there would be a gitorious package
<poseidon> I've been having the hardest time installing it
<randomDude> i need to totally purge and remove all config files for apache2, why doesn't apt-get remove apache2 remove the config files... why doesn't apt-get purge remove the config files. why doesn't apt-get install apache2 --reinstall rewrite the config files? why doesn't  dpkg-reconfigure apache2 rewrite the config files... none of the above rewrites the config files even if /etc/apache2 doesn't exist
<randomDude> unhappy with apt-get
<randomDude> none of the above rewrites or creates fresh config files if /etc/apache2 does or does not exist.
<DigiDaz> Hi all, I'm looking for help with an SSH problem, anyone here?
<mah454_> Hello
<mah454_> i need run sample bash script when postfix server send message
<mah454_> How can do this ?
<DigiDaz> You may well be far better asking in a postfix channel
<DigiDaz> I'm sure that will be simple
<tarvid> mysqld won't start
<tarvid> dumped an 11.10 reloaded on 12.04
<tarvid> Plugin 'FEDERATED' is disabled.
<tarvid> mysqld  now started but drupal cannot connect
<RoyK> Does Ubuntu Precise support TRIM on LVM?
<Patrickdk> hmm
<Patrickdk> yes
<Patrickdk> has since 10.10 it looks like
<Patrickdk> oh opps, 11.04 :)
<Patrickdk> looks like it's automatically/always enabled, for all dm devices, except for crypt, that you have to manually enable it for
<Patrickdk> https://www.redhat.com/archives/dm-devel/2011-January/msg00035.html
<RoyK> hrmf - just started installing precise server from usb stick, and it gives an error "unable to mount cdrom"
<RoyK> any idea what that might be?
<Patrickdk> nope :( wonder if it has to do with that new combined iso/usb image thing
<Patrickdk> I haven't done a usb install since 10.04 came out
<JonEdney> o/
<SpamapS> I did a USB install of 12.04 last week
<SpamapS> on a Mac, no less. Worked fine.
<mikeh_> anybody running mysql 5.0.96 on ubuntu 8.0.4?
<mikeh_> sorry mysql 5.0.96 on ubuntu 12.04
<Psi-Jack> Ermm..
<Psi-Jack> Why would you be running THAT old of MySQL on Ubuntu 12.04 so current?
<Psi-Jack> MySQL 5.0 is NOT recommended for use.
<carroarmato0> hello, I'm having some trouble with importing templates in Maas. When I issue the command "maas-import-isos" I get "mount: Could not find any loop device."  and then "failed to import precise-x86_64  profile precise-x86_64 not found, inheritance not possible".  I'm running the Node on which Maas is installed in an LXC container.
<stgraber> carroarmato0: that's because mounting .iso files isn't allowed by default in the container
<stgraber> carroarmato0: easiest way to allow it is (sorry it's going to be a bit long):
<stgraber> 1) sudo cp /etc/apparmor.d/lxc/lxc-default /etc/apparmor.d/lxc/lxc-default-with-iso
<stgraber> 2) edit /etc/apparmor.d/lxc/lxc-default-with-iso, rename the profile from lxc-container-default to lxc-container-default-with-iso
<stgraber> 3) still in /etc/apparmor.d/lxc/lxc-default-with-iso, add a "mount fstype=iso9660," to the profile (or whatever fstype you want)
<stgraber> 4) sudo /etc/init.d/apparmor reload
<stgraber> 5) edit your container configuration (/var/lib/lxc/<container>/config) and uncomment the lxc.aa_profile line and set it to lxc-container-default-with-iso
<stgraber> 6) restart your container
<stgraber> I tested that solution for someone else with the same need at the Ubuntu Developer Summit and it worked as expected
<carroarmato0> stgraber: thank you very much, I was also suspecting it had to do with apparmour, will give it a try!
<stgraber> carroarmato0: you can usually confirm it by looking at the bottom of the "dmesg" output, apparmor blocking specific calls are listed in there
<carroarmato0> stgraber: hmm tried what you said but I'm not noticing anything from apparmour, but it still fails on the mounting part
<stgraber> carroarmato0: oh, right, I forgot one step, sorry. You also need to allow lxc to access /dev/loop*
<stgraber> carroarmato0: grabbing the exact line now
<carroarmato0> stgraber: thx :)
<stgraber> #loop
<stgraber> lxc.cgroup.devices.allow = b 7:* rwm
<stgraber> add that to your /var/lib/lxc/<container>/config
<carroarmato0> stgraber: jup, magic seems to be happening
<stgraber> hehe :)
<carroarmato0> stgraber: aan't maas isn't complaining about missing templates :)  thank you very much
<carroarmato0> *and
<carroarmato0> trying to run a poor man's cloud on my laptop to play around with maas, juju and charms
<carroarmato0> aspiring to become a witch doctor casting voodoo on servers
<stgraber> cool, good to hear it all works fine now
<poseidon> Anyone know of a package for installing gitorious, or a complete walkthrough for installing it on ubuntu 12.04.  The ones I followed with 11.04 seem to throw errors
<DigiDaz> As anyone had any problems using ssh to ubuntu servers?
<carroarmato0> DigiDaz: nope
<DigiDaz> I've been having a lot of problems and I've seen a few recent posts popping up whilst googling for an answer but if there was anything happening on a large scale I would expect you would have seen activity here
<DigiDaz> I'm beginning to think its some sort of hack or malware
<carroarmato0> DigiDaz: what kind of problem are you experiencing?
<DigiDaz> Basically, SSH not connecting, its timing out, this has just started happening in the last couple of weeks but to a number of servers
<poseidon> DigiDaz: Do you have a firewall running?
<DigiDaz> If the timeout in sshd config file is upped to about 10 minutes it eventually gets there, keys work fine, someone elsewhere did say they solved it but didn't specify how, they said it was something to do with pam_unix
<DigiDaz> I may well have IP tables running on them
<poseidon> ssh is working fine for me
<poseidon> I have the default config, though I only let whitelisted ip addresses connect
<DigiDaz> This is wierd, the first alert that I am getting is when servers start failing nightly backup using ssh, thing is these boxes have been running a long time, sometimes never even get logged into for weeks, perhaps months at a time
<DigiDaz> Its not like anything at all has changed
<DigiDaz> Its also happened on a couple of Debian squeeze boxes too, again this has been the last couple of weeks on boxes that have been running for months
<carroarmato0> DigiDaz: have you checkt the logs on those boxes? People who have recently logged in, the commands they issues?
<carroarmato0> *checked
<DigiDaz> No, one logs in, except me, I have checked logs, done searches for modded files etc
<DigiDaz> I have one now I can't get into, I'm just gonna reboot it into safe mode in a minute and then change the ssh timeout, I know I will get back on but its wwhats causing this thats beginning to bother me
<carroarmato0> is it just ssh which takes a lot of time?  As in: does the network feel slower?
<DigiDaz> It will probably take about best part of 10 minutes to log in
<poseidon> How long does it take you to ping the host
<DigiDaz> If I then change it to using keys to log in it back to fast as ever
<DigiDaz> ping times are fine, everything is fine, its just password based login thats turned mega slow
<poseidon> ah, probably isn't network connection then
<poseidon> I have password login disabled
<DigiDaz> No, its also multiple servers, multiple data centers etc
<DigiDaz> I'm thinking of dong that myself, I know I have been lazy security wise
<poseidon> heh
<DigiDaz> Moreover, even ssh@localhost fails to so its definitely not network related
<poseidon> I'm lazy and use keys and ssh-agent for everything
<poseidon> I don't even know what my root password is
<DigiDaz> lol
<poseidon> I have it written down somewhere
<poseidon> Some long ass thing
<DigiDaz> There are a couple of posts flying around with exactly the same problem and they are recent too
<poseidon> http://askubuntu.com/questions/134298/how-do-i-set-up-gitorious-server-on-ubuntu
<poseidon> gahh, hope this one works
<DigiDaz> I want to try and reinstall pam, see if that fixes it but I don't know how to do it properly, apt get remove it gives some badass warning that you are just about to trash your system
<carroarmato0> stgraber: have you encountered the problem where nodes would stay in Commissioning permanently?
<Psi-Jack> Anyone here using the dovecot-postfix/mail-delivery-stack packaged setup? I'm having a complication with it not being able to deliver mail to subfolders in the mail using username+extension@mydomain
<Psi-Jack> It gives me errors trying saying the directory doesn't exist, yet, it does.
<Patrickdk> Psi-Jack, never used the combined package, I use them both though
<Psi-Jack> Hmmm.
<Patrickdk> why not use sieve?
<Psi-Jack> Patrickdk: It's supposed to be, actually. heh
<Patrickdk> hmm? what lda are you using?
<Psi-Jack> dovecot-lda currently.
<Patrickdk> what line for it in your master.cf?
<Psi-Jack> It's not, it's setup as a mailbox_command, by that mail-stack
<Psi-Jack> mailbox_command = /usr/lib/dovecot/deliver -c /etc/dovecot/conf.d/01-mail-stack-delivery.conf -m "${EXTENSION}"
<Patrickdk> oh, your using only local users
<Psi-Jack> Correct.
<Patrickdk> seems too simple
<Psi-Jack> I'm /also/ trying to get Dovecot to actually use Kerberos binded LDAP connections for userdb+passdb
<Psi-Jack> but, I'm failing that too, it seems. heh
<Patrickdk> odd
<Patrickdk> that usecase isn't in the dovecot config for local users
<Patrickdk> and I can't believe that is an accident
<Psi-Jack> heh
<Patrickdk> http://wiki.dovecot.org/LDA/Postfix
<Patrickdk> are you actually using deliever? or dovecot-lda?
<Patrickdk> cause they are largely different
<Psi-Jack> Yeah.. That particular mailbox_command was setup by the mail-delivery-stack package.
<Psi-Jack> Ahh, deliver
<Patrickdk> like I said, I configure dovecot and postfix, myself
<Patrickdk> you don't have a dovecot-lda program at all?
<Psi-Jack> I have it, yes.
<Patrickdk> then your using dovecot-lda, not deliever
<Patrickdk> using dovecot 2.x
<Patrickdk> http://wiki2.dovecot.org/LDA/Postfix
<Patrickdk> best use those examples
<Psi-Jack> Err, wait.
<Patrickdk> dovecot-lda is a 2.x thing, it replced deliever, from 1.x
<Psi-Jack> I just have dovecot-lmtp
<Psi-Jack> d
<Patrickdk> lmtp is a 2.x thing :)
<Psi-Jack> This is all Ubuntu 12.04, so it's all very current stuff.
<Patrickdk> 12.04 is a dovecot 2.x :)
<Psi-Jack> heh
<Psi-Jack> So, no dovecot-lda, just deliver and optionally lmtpd, cause I was considering, once I get this all working, having front-ended smtpds to deliver mail by lmtpd
<Patrickdk> heh?
<Patrickdk> are you sure?
<Patrickdk> the file /usr/lib/dovecot/dovecot-lda doesn't exist?
<Patrickdk> dovecot --version
<Patrickdk> it should be like 2.0.13 I think
<Psi-Jack> Hmmm
<Psi-Jack> Yeah, it does.
<Psi-Jack> Heh
<Patrickdk> deliever is only a symlink anymore, as it doesn't exist in 2.x
<Psi-Jack> And deliver is a symlink yeah
<Patrickdk> I would change that config to the 2.x format, instead of the old 1.x format
<Patrickdk> atleast
<Patrickdk> mailbox_command = /usr/lib/dovecot/dovecot-lda -c /etc/dovecot/conf.d/01-mail-stack-delivery.conf -f "$SENDER" -a "$RECIPIENT"
<Patrickdk> but I still dunno if that -m ${extension} would work or not
<Patrickdk> most likely not cause of permissions
<Psi-Jack> Hmmm, or maybe it needs to be INBOX/${EXTENSION}
<Patrickdk> as local users normally go into /var/mail/, where as the extention thing, would require putting it into the user home folder
<Psi-Jack> No.
<Patrickdk> that depends on your dovecot config and folder layout
<Psi-Jack> All my mail is Maildir in their homes.
<Patrickdk> I don't put it into INBOX/* atleast
<Psi-Jack> Hmmm
<Psi-Jack> I think I found my problem with LDAP/GSSAPI ;)
<Psi-Jack> Suwheeeeet!
<Psi-Jack> So far, it works, but I wonder if it'll properly renew it's Kerberos ticket now.
<Psi-Jack> May 12 17:23:09 testmail01 dovecot: lda(psi-jack): msgid=<4FAED4BF.5070606@hostdruids.com>: save failed to open mailbox testpool: Mailbox doesn't exist: testpool
<Psi-Jack> That's the error I get though with delivery.
<Psi-Jack> May 12 17:23:09 testmail01 dovecot: lda(psi-jack): msgid=<4FAED4BF.5070606@hostdruids.com>: saved mail to INBOX
<Psi-Jack> That's the end result.
<Patrickdk> and what does your maildir folder look like?
<Psi-Jack> It's got .INBOX.Testpool, and .Testpool directories in it.
<Patrickdk> with uppercase?
<Psi-Jack> Correct
<Psi-Jack> Oh sheash..
<Psi-Jack> May 12 17:27:07 testmail01 dovecot: lda(psi-jack): msgid=<4FAED5AC.7030902@hostdruids.com>: saved mail to testpool
<Psi-Jack> Why the heck is it case sensative!?
<Patrickdk> cause your filesystem is :)
<Patrickdk> or just make it sane, and tell dovecot to lowercase everything :)
<Psi-Jack> it should be smarter than that!!
<Patrickdk> use zfs?
<Psi-Jack> Hmmm
<Psi-Jack> Well, I /do/ intend to hook this up to my NAS storage home directory.
<Psi-Jack> But.. That also shares out my /home/& through autofs
<Psi-Jack> Bah.. That's just silly though..
<Psi-Jack> I mean, the idea of using +extensions is for like, signing up to mailing lists with that and not having to bother with actual filtering.
<Patrickdk> heh, I don't use it for that
<Patrickdk> I use sieve for filtering
<Patrickdk> I defently don't want my +stuff autofiltered
<Patrickdk> the idea of it though, is so I can easily filter it later if I wanted to though
<Patrickdk> atleast the way I use it
 * Psi-Jack nods.
<Patrickdk> I think you can make a simple sieve command to autofilter it like that
<Patrickdk> not sure, but I think my brother uses it that way
<Psi-Jack> Heh
<Psi-Jack> Well, I just installed a sieve extension to Thunderbird.
<Psi-Jack> Course, I have NO idea how to do manual sieve. ;0
<Patrickdk> heh, it's hard to get the handle on all the options
<Patrickdk> but not hard after that
<Psi-Jack> Well, I'll be learning it. I'm trying to replace my Zimbra mail server solution with my own more managable, upgradable solution.
<Psi-Jack> And a /lot/ less resources required for it. heh
<Patrickdk> dunno
<Patrickdk> my mail server requires 10gigs of ram these days :(
<virusuy> Patrickdk: 10G ?
<virusuy> how many users ?
<Patrickdk> normally, about 800 imap sessions active
<Patrickdk> about 60 active pop
<Psi-Jack> Patrickdk: heh, mine would never need that much. ;)
<Patrickdk> I never looked to see how many per day or whatever
<Psi-Jack> But, so far, finally have my Kerberos+OpenLDAP solution, with autofs on most of my servers now, even my desktop has Kerberos auth and autofs mounting. :D
<glosoli> What anyone would recommend for usage with VDS for Ubuntu Server ? I mean some kind of web interface or what ?
<virusuy> glosoli: and VDS stands for ?Â¡
<glosoli> Virtual Dedicated Server
<Psi-Jack> Yay!
<virusuy> great, thanks
<Psi-Jack> A new bling acronym.
<Patrickdk> what exactly is a virtual dedicated server?
<Patrickdk> just by it's name, it can't happen :)
<glosoli> another version Of CLoud Server, virtual private server or whatever, some kind of market trick
<glosoli> anyway, what web interface anyone of you recommend  ?
<qman__> recommend not using a web interface
<glosoli> qman__: hmm just curious why
<glosoli>  ?
<qman__> because they're almost universally broken and insecure
<glosoli> hmm sounds fair, thanks for advice then
<glosoli> qman__: do you use virtualenvs for server or something like that ?
<glosoli> I am thinking to deploy OpenERP, not sure if VirtualENV would be smart
<glosoli> or not
<qman__> sounds like buzzword of the month to me
<qman__> what are you really trying to accomplish?
<glosoli> qman__: well, I need to deploy OpenERP in server,  with basic modules, and then develop some in some kind of period, the whole thing will be used for production :)
<qman__> glosoli, still doesn't mean much to me, I'm not a software developer and ERP is just another buzzword to me, but I see no reason why virtualenv would give you trouble, it's a dev tool
<glosoli> qman__: well I never did something with clouds servers, I see the dir tree, there is a home dir, and I am not aware if it would be good to create something like /home/workspace
<glosoli> :?
<qman__> but web interfaces for general server management like webmin and friends or website managers like plesk are generally crap, see also !webmin
<glosoli> qman__: well I trust you, won't even check it :P
<glosoli> anyone can help me with locales problem "http://dpaste.org/bcrwO/" ?
<glosoli> http://dpaste.org/bcrwO/
<glosoli> I can't seem to find in which file they are located to fix the errors
<qman__> glosoli, iirc, you need language-pack-en and any other language packs you wish to have installed
#ubuntu-server 2012-05-13
<ubuntu_> Hello, I am trying to install 12.04 on a Raid0 array and I get the following error: "Executing 'grub-install /dev/mapper/isw_jddjaejcg_ARRAY1' failed."
<ubuntu_> Can anybody help?
<pdtpatrick> https://help.ubuntu.com/10.04/serverguide/advanced-installation.html
<Patrickdk> heh
<Gallomimia> has anyone ever experienced problems installing phpmyadmin and related packages such as php and apache2 and mysql? i did the mysql and php prior to apache2 actually, and i suspect it messed something up
<ChmEarl> Gallomimia, tasksel -> LAMP Server
<Gallomimia> er... looks scary. what are the other things that are checked? basic ubuntu server and openssh server. should i uncheck them?
<Gallomimia> still no admin
<pdtpatrick> Gallomimia: what problems are u having ?
<Gallomimia> ah, i think my first problem is i don't know wtf i'm doing :/
<Gallomimia> but what i've been trying to get working is phpmyadmin
<pdtpatrick> have u seen this page?
<pdtpatrick> https://help.ubuntu.com/community/phpMyAdmin
<pdtpatrick> does "dpkg -l phpmyadmin" show it installed?
<Gallomimia> no i'll give that a read first thanks
<pdtpatrick> np
<Gallomimia> hm it does
<Gallomimia> i have some conf swimming to do i think.
<pdtpatrick> does /etc/apache2/apache2.conf have "Include /etc/phpmyadmin/apache.conf"
<Gallomimia> apres parachute i will check
<Gallomimia> pdtpatrick: that was it exactly. i was lead to believe there were all sorts of scripts to make sure that happened. so certain i ran a bunch of them...
<pdtpatrick> so ur all set now ?
<Gallomimia> nah i have to spelunk for where i want to accept any domain name or expressly require one..
<Gallomimia> gotta be 10 years since i did apache cfg's
<pdtpatrick> i c
<Gallomimia> wasn't even version 2. i better read the whole damn manual again :)
<Gallomimia> hey pdtpatrick i really appreciate the handholding. i don't know how i get by without irc :/
<pdtpatrick> np - Glad to have helped
<miceiken> Hey, anyone around?
<miceiken> Can't seem to be able to send mails from my server, although I can receive them perfectly fine
<alix1> hi
<alix1> I am using 12.04 on which vmbuilder fails with
<alix1> Failure trying to run: chroot /tmp/tmpoqZJXv mount -t proc proc /proc
<alix1> did anyone experienced anything similar ?
<idealities> Hi, has anyone come accross a server simetimes auto reboot, and lighttpd without reponse after start about one hour, and sometimes the server didn't reponse for all services like kernel panic, but can not find any message about this in /var/log/* ?
<ahxcjb> you wouldn't
<ahxcjb> you will need to attach a remote debugger to the server in question
<ahxcjb> contact ubuntu support for details on how to perform this if you are unaware
<idealities> remote debugger?
<JonEdney> When I log into my 12.04 server, it says "6 packages can be updated".  I run sudo apt-get upgrade and I get this "The following packages have been kept back: linux-headers-server, linux-image-server, linux-server.  3 not upgraded"
<JonEdney> Is sudo apt-get upgrade not the command?
<idealities> sometimes you need to mannuly sudo apt-get install them
<qman__> no
<qman__> you need apt-get full-upgrade or apt-get dist-upgrade
<qman__> the normal upgrade leaves those out as they require the installation of new packages
<JonEdney> Ah, I didn't know that.
<JonEdney> full-upgrade pulled invalid operation, dist-upgrade worked.  Thanks.
<txomon|home> can anyone explain me what is the aim of putting a "manual package selection" entry in the mini iso install, if it makes the installation fail ? (doesn't configure some packages correctly)
<txomon|home> how can I fill a bug against that?
<qman__> txomon|home, that's not really a bug, manual package selection is an advanced option, and manually selecting the wrong packages can result in a broken system
<Resistance> indeed
<Resistance> !crosspost | txomon|home
<ubottu> txomon|home: Please don't ask the same question in multiple Ubuntu channels at the same time. Many helpers are in more than one channel and it's not fair to them or the other people seeking support.
<txomon|home> qman__, I marked lubuntu-core
<txomon|home> and just that
<txomon|home> nothing more
<qman__> in that case, everything that lubuntu-core does not depend on, was not selected
<txomon|home> I marked "Openssh-server" "Lubuntu minimal installation" and "Manual package installation"
<qman__> undoubtedly leaving a lot of stuff missing
<txomon|home> then aptitude came to me
<txomon|home> and I pressed g
<txomon|home> qman__, dependencies where satisfied
<txomon|home> you can replicate that
<txomon|home> was something wrong with xorg, but dont know exactly what
<txomon|home> more over, aptitude is designed in theory to satisfy dependencies, so unless you select incompatible packages, it should not crash
<qman__> txomon|home, my point is, you didn't select other needed things
<txomon|home> qman__, do we agree that when you select something "Selecting Installation Components" dependencies are going to be satisfied?
<qman__> txomon|home, yes, but just because dependencies are satisfied, doesn't mean your system will work as intended
<txomon|home> and that if you want to, apart from that, select manually one more package (for example git), you have to check the "Manual package installation"
<txomon|home> qman__, ... git package makes crash?
<txomon|home> _any_ package makes crash!?
<txomon|home> moreover, if you don't touch anything, it crashes?
<txomon|home> its a nonsense
<JonEdney> Is there a 12.10 daily build for server?
<Resistance> 12.10...?
<Resistance> Quantal?
<JonEdney> Yeah.
<Resistance> !12.10
<ubottu> Ubuntu 12.10 (Quantal Quetzal) will be the 17th release of Ubuntu, Discussion and support until final release in #ubuntu+1
<Resistance> ^
<Resistance> having said this i havent seen any quantal isos yet, but i'm not exactly looking actively
 * Resistance points at the system he's slowly restoring from an old drive
<txomon|home> Resistance, any idea on my question?
<JonEdney> I was just curious really, have no real need for it.
<JonEdney> Thanks Resistance
<Resistance> txomon|home:  i think qman__ is a better candidate to help you
<txomon|home> oki
<Resistance> i'm strongly busy trying to get data off a mostly-crupted drive atm
<txomon|home> qman__, I am once more in the
<txomon|home> fuck ESC == enter
<IdleOne> !language | txomon|home
<ubottu> txomon|home: Please watch your language and topic to help keep this channel family-friendly, polite, and professional.
<txomon|home> component installation menu
<txomon|home> IdleOne, I pressed a key that screw up the last 10 minutes of my life
<Resistance> txomon|home:  nevertheless
<Tm_T> txomon|home: there's no excuse for bad behaviour.
<Resistance> we try to keep this a "family friendly" environment
<txomon|home> ok, sorry
<IdleOne> txomon|home: Well, in that case, to hell with the community guidelines.
<kakabesola> need help please!
<txomon|home> !ask
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<kakabesola> need help about port nating please
<txomon|home> be more specific, say what you want to do, which resources have you found. And you can also formule a question
<Gallomimia> pdtpatrick: why might i now be seeing this message? ssh: connect to host ***** port 22: Connection refused after last night's installation i feel like ssh has been halted. need a way to turn that back on
<pdtpatrick> make sure ssh is running
<pdtpatrick> on the server you are trying to connect to .. you can run "dpkg -l openssh-server" to see if it installed. And also check whether port 22 is listening "netstat -lanp | grep :22"
<pdtpatrick> if it isn't installed, then install the package. If it is installed and not listening, then run "sudo service ssh restart"
<Gallomimia> ah yes. how am i to do this when i have no ssh access
<ahxcjb> use a lights out card
<Gallomimia> the server is 4000 miles away. YOU use a lights out card
<ahxcjb> then more fool you for putting yourself in that position
<Gallomimia> pretty sure i managed to uninstall it last night using tasksel
<ahxcjb> Gallomimia: is this for a business?
<Gallomimia> not.... really
<ahxcjb> oh, so it is
<Gallomimia> yes but it's not a business
<Gallomimia> it's just a club
<ahxcjb> so then you have no excuse; you should have a server with an iLO / IPMI card
<ahxcjb> DRAC etc, whatever.
<ahxcjb> expecting to manage a server remotely without a lights out card shows naivety of the highest order
<Gallomimia> its a rented vds. there won't be too much trouble i think
<ahxcjb> VDS?
<ahxcjb> what is this?
<Gallomimia> virtual dedicated server
<ahxcjb> oh, a VPS
<ahxcjb> so you'll have lights out capability then
<qman__> any decent VPS provider gives you a 'local' shell recovery option
<qman__> godaddy isn't a decent VPS provider, and they're the only one I know of that calls it VDS
<ahxcjb> Gallomimia: so basically, message is, don't buy cheap
<Gallomimia> i actually dont control the account under which it's rented. so i'll ask that guy what options there are
<JanC> actually, some dedicated server / VPS providers use a cheaper alternative to iLO/IPMI cards: PXE booting of a rescue image...  ;)
<qman__> yeah, that's fine too as long as it works
<qman__> there's plenty of options with much better service in the same price range as godaddy, and there's plenty of cheaper ones with the same or better service
<qman__> they're selling on the name alone
<JanC> since when godaddy has a good name ?  ;)
<Gallomimia> haha
<Gallomimia> all those big titted girls in white t shirts did that
<JanC> I always new them as the place to go to when you want to be ripped off
<Gallomimia> certainly not with good business practices, customer service, or community engagement
<Resistance> !topic
<ubottu> Please read the channel topic whenever you enter, as it contains important information. To view it at any time after joining, simply type /topic
<JanC> knew them*
<Resistance> bah
<Gallomimia> sorry
<Gallomimia> so back on topic the bug in tasksel is awesome.
 * Resistance needs to dig around the factoids again
<Gallomimia> "no i don't want to install something called openssh. ssh works fine" turns into " remove all ssh servers from the system"
<qman__> not a bug, tasksel shows already selected tasks
<Resistance> ^
<qman__> if you deselect something, that means remove it
<Resistance> yep
<Resistance> openssh is required for SSHd
<Resistance> (ssh daemon, aka SSH server)
<Resistance> or rather... the package openssh-server is needed... last i checked, anyways
<qman__> yes, that's the provided and supported sshd
<JanC> well, there are at least 3 other ssh server implementations available in Ubuntu, I think  ;)
<JanC> but openssh-server is supported & most used
<JanC> OTOH, is tasksel still supported?
<JanC> outside of initial install maybe?
<qman__> not sure
<qman__> I heard that it was being deprecated but it's still in there and it still works
<Resistance> in iptables / ip6tables, can IPv4 rules be applied to IPv6?
<Nafallo> depends on the rule, I'd say.
<Resistance> Nafallo:  take, for example. this IPv4 rule: iptables -A INPUT -p tcp --dport 2222
<Resistance> -j ACCEPT
<Resistance> blah, evil keyboarxd
<Resistance> Nafallo:  take, for example. this IPv4 rule: iptables -A INPUT -p tcp --dport 2222 -j ACCEPT
<Resistance> would that rule be able to be applied to ip6tables?
<Nafallo> looks fine to me.
<Nafallo> why don't you just try it somewhere?
<Resistance> because iptables is on the fritz locally
<Resistance> (segv-ing, i think its not completely installed or something)
<Resistance> and if i'm using iptables-persistent, where do i store the rules?
 * Resistance likes persistent rules :P
<JanC> Resistance: does your FritzBox device have (proper) support for IPv6?
<JanC> most home routers have no or only broken support for IPv6, unfortunately
<JanC> you might be able to fix that using OpenWRT or such (if the device has enough RAM & CPU power)
<Resistance> JanC:  my home network doesn't support IPv6, but the University networks do
<Resistance> so i need Ipv4 and IPv6 rules
<Resistance> and i need em to match :P
<tarvid> I have drupal installed at /var/www/drupal and 7 virtual sites symlinked at /var/www/drupal/sites; 6 work but the one virtual with the same name as the server throws an error;
<tarvid> HTTP Error 500 (Internal Server Error): An unexpected condition was encountered while the server was attempting to fulfill the request.
<tarvid> is that because the virtual has the same name as the server?
<JanC> Resistance: by "on the fritz", ar you referring to a Fritzbox device (something quite common in Europe), or something else like saying it's broken...? ;)
<Resistance> JanC:  sigsegvs
<Resistance> <Resistance> because iptables is on the fritz locally
<Resistance> <Resistance> (segv-ing, i think its not completely installed or something)
<Resistance> to show you the logs of exactly what i said
<JanC> Resistance: what I mean: is your PC segv'ing or a home router?
<Resistance> JanC:  the system itself, PC
<Resistance> the router isnt using iptables :P
<Resistance> (because the router's a linksys entry-level router and i really dont have any method to control what software it uses)
<JanC> "Fritz" happens to be the brand name of a range of linux-based broadband routers in continental Europe  ;)
<tarvid> iptables is part of the kernel and is always installed
<Resistance> tarvid:  its glitching up, with segvs, on here
<Resistance> JanC:  lol, 'fritz' is American slang for "It's not behaving"
 * Resistance should have been more precise
<JanC> Resistance: https://en.wikipedia.org/wiki/FRITZ!Box  ;)
<Resistance> heh
<Resistance> JanC:  before this router, i had a server box sitting as the gateway, but then it went and fizzled (it literally caught fire because there's not enough AC here at this location)
<Resistance> AC = Air Conditioning
<JanC> ugh
<Resistance> yep, that wasnt a fun day
<JanC> Resistance: did you try using ufw ?
<Resistance> JanC:  nope, dont like UFW.  not precise enough for my uses of iptables.
<JanC> (it should do the right thing for IPv6, after you enable it in the ufw config
<JanC> ah
<Resistance> JanC:  i think i'll just reinstall, this might be a botched upgrade-in-place causing iptables to explode
<JanC> I'd say iptables exploding is a security issue no matter what
<JanC> so please report it before doing a e-install
<Resistance> yeah, but it didnt do this on my clean-install Ubuntu 12.04 desktop
<JanC> re-install
<Resistance> so i know the iptables works normally
<JanC> doesn't matter
<JanC> it should never ever segfault
 * Resistance doesnt have the time to report this as a bug right now
<Resistance> indeed
<Resistance> but i've had this happen with most programs 85% of the upgrade-in-place upgrades
<Resistance> this is why i prefer clean installs :P
<JanC> maybe make a backup of your config and report from a VM in the future, or something
<Resistance> mhm
<Resistance> actually, i dont think its segv=ing on iptables at all...
 * Resistance just noticed a new issue
<Resistance> even if i type 'sh' it segv's
 * Resistance wonders if this is a really botched upgrade in place
<JanC> Resistance: my main system has been upgraded in place since 2006 or so  ;)
<JanC> Resistance: broken glibc or such?  ;)
<Resistance> JanC:  well this is the sandbox environment, not the production server :P
<Resistance> might be
<Resistance> (the production server's still Lucid)
<JanC> might be some plugin too
<Resistance> hmm
<Resistance> could be
<JanC> try to find that out
<Resistance> might do that, but as this sandbox needs to be online in Precise to test the migrations from Lucid to Precise that were ordered from someone far above my pay-grade, i have to get this operational by work-day tomorrow
<Resistance> (so before morning otmorrow)
<JanC> pam, nsswitch, etc. all support plugins that might cause issues possibly
<JanC> so if your server has anything custom...
<Resistance> shouldn't, apart from hardware
<Resistance> which might be a breaking point
<JanC> bugs can be subtle & weird
<Resistance> i know right?
 * Resistance is on the BUgSquad and has some really oddball bugs in his triage duties
<JanC> I remember there was a bug in Ubuntu that only showed up on certain thursdays or something like that, for example  ;)
<JanC> haha, you sure must have seen weird stuff then
<Resistance> mhm
<Resistance> few things that were caused by the leftovers from Debian that were synced to Precise but never checked
<Resistance> :P
<Resistance> s/few/and a few/
<JanC> the bug I'm talking about was because of the way OOo created PDF files triggered a bug in CUPS (or ghostscript?) on certain file creation dates, or something like that  ;)
<Resistance> ah lol
<JanC> the people who ever found that bug should get a medal for it  ;)
<Resistance> that's a wierd one :P
<Resistance> and i agree
<Resistance> although i've got a few bugs in my day
<Resistance> and gotten a few feature-request bugs pushed into Debian :P
 * Resistance refers to the patch he made that closed an LP and a Debian bug/feature request to have PHP use unix sockets by default instead of listening on 127.0.0.1:9000
<Resistance> and it was included in Debian :P
<JanC> nice
<Resistance> well... for the 5.4.x series
<Resistance> (which isnt in Ubuntu yet, but should be)
<Resistance> (since 5.3.x is semi-oldish)
<JanC> maybe you can request it for -backports?
<Resistance> nah, i'm talking for Quantal
<Resistance> i've got a version of 5.4 in a PPA
<Resistance> but QUantal should update
<Resistance> s/PPA/private repository/
<JanC> if it's in Debian, it should go into Quantal automatically
<Resistance> its not in Sid though
<Resistance> last i checked at least
<Resistance> can ubottu check debian repos?
<JanC> you can check yourself on packages.debian.org  ;)
<Resistance> yeah, but i'm lazy :P
<Resistance> (and i'm upgrading ffox plugins)
<Resistance> testing: 5.4.0-3
<Resistance> unstable: 5.4.3-1
<Resistance> imo that should have been included in Precise, but it wasnt included
<Resistance> well. now i have to get Windoze back on this system </annoyed> to do the sharepoint dev stuff i have to do >.>
 * Resistance shall return later
<Resistance> whoops wrong channle sorry
<pangolin_dns_cra> anyone been able to figure out the new DNS settings in 12.04 LTS ?
<pangolin_dns_cra> I am having a nightmare..
<pangolin_dns_cra> the dns-search string in the /etc/network/interface file is completely ignored
<pangolin_dns_cra> really really frustrated with 12.04 server...
<pangolin_dns_cra> anyone here ?
<JanC> are you using network-manager?
<pangolin_dns_cra> no.. its' the server
<pangolin_dns_cra> I do not understand how ubuntu knows that I am running a dns server on 127.0.0.1 without any entries in interfaces file, or resolv.conf
<pangolin_dns_cra> somehow it knows!!!.. very frustrating.
<pangolin_dns_cra> and I cannot get ubuntu to honor the "search xzy.local xzy.com" lines in resolv.conf
<pangolin_dns_cra> complete frustrated..
<ikonia> yeah, you said that
<pangolin_dns_cra> going to have to switch to debian soon and sumd ubuntu.
<pangolin_dns_cra> "dump ubuntu"
<JanC> .local is used by mDNS
<JanC> if you have Avahi installed (or some equivalent)
<pangolin_dns_cra> but.. i am using ".xyz.local" internetall
<ikonia> pangolin_dns_cra: ok, good luck with debian
<pangolin_dns_cra> :)
<pangolin_dns_cra> no avahi.... unless it is installed by default
<JanC> pangolin_dns_cra: avahi will try to handle all of *.local (if it's installed)
<pangolin_dns_cra> no avahi ..
<JanC> okay, so that's not the issue (still, using *.local for anything but mDNS/SD is probably not a good idea)
<JanC> but that probably is a legacy thing  ;)
<JanC> pangolin_dns_cra: what does your /etc/nsswitch.conf look like?
<ikonia> pangolin_dns_cra: I assume you've looked at the new dnsmasq setup ?
<pangolin_dns_cra> hosts:          files dns [NOTFOUND=return] mdns4_minimal mdns4
<pangolin_dns_cra> how to check dnsmasq
<pangolin_dns_cra> where are the config files for dnsmasq
<JanC> hm, I have: files mdns4_minimal [NOTFOUND=return] dns mdns4
<ikonia> as I recall (I've not got my head fully around this yet) it points at a local dns masqserver that then forwards your dns requests based on connection (it's to help with vpn solutions)
<pangolin_dns_cra> I tried it both ways... no effect
<JanC> ikonia: then localhost should be in resolv.conf?
<ikonia> JanC: I think that's right
<ikonia> I checked it out a few days after release, but lost interest in it as I didn't like the concept
<JanC> well, localhost or another local IP/domain
<pangolin_dns_cra> wierd part is that somehow ubuntu knows that there is bin9 runnign on localhost and it uses it.. even if there are no entries in the /etc/network/interfaces files or resolv.conf
<pangolin_dns_cra> .. somehow ubuntu knows..
<ikonia> JanC: yeah, you get the idea
<ikonia> pangolin_dns_cra: it knows because of dnsmasq
<ikonia> dnsmasq is querying
<pangolin_dns_cra> @ikonia.. that is no dnsmasq
<JanC> ikonia: dnsmasq shouldn't be able to do that unless configured in resolv.conf
<pangolin_dns_cra> I check the entire etc filesystem
<pangolin_dns_cra> find /etc | grep -i masq ----- gives me no listing
<JanC> and the same is true about BIND  ;)
<pangolin_dns_cra> @JanC , I can give you access to my machine... I truly am frustrated.
<pangolin_dns_cra> ubuntu 12.04 is using magical glue.
<JanC> there are other ways top resolve addresses outside DNS
<JanC> to
<JanC> /etc/hosts, NIS, LDAP, databases, etc.
<pangolin_dns_cra> i know
<JanC> caches
<pangolin_dns_cra> vanilla install
<pangolin_dns_cra> no NIS
<pangolin_dns_cra> no LDAP
<pangolin_dns_cra> no databases
<pangolin_dns_cra> ... vanilla install with SSH / LAMP / BIND enables on install screen
<JanC> hm
<JanC> weird
<JanC> and I have no 12.04 server installs
<pangolin_dns_cra> ok wait a sec..
<pangolin_dns_cra> you got ssh ?
<JanC> ssh is installed by default on all Ubuntu systems AFAIK  ;)
<JanC> so yeah
<pangolin_dns_cra> ok.. fire up ssh and login to this box.
<pangolin_dns_cra> is there a place I can send you the password  ?
<JanC> PM ?
<JanC> or jabber if you prefer
<pangolin_dns_cra> .. err.. not very good at IRS..
<pangolin_dns_cra> .. ok.
<pangolin_dns_cra> gmail chat ?
<pangolin_dns_cra> IRC ..
<pangolin_dns_cra> not good at IRC .. send me a chat request at my gmail.. plz.
<pangolin_dns_cra> ragarwal74
<pangolin_dns_cra> anyone.. wondering if thera are other IRS resources.
<pangolin_dns_cra> i am burned the bluk of my weekend on this.
<pangolin_dns_cra> i need to get this running.. or switch os
<Klackon> anyone here knowledgeable about resolv.conf ?
<Klackon> or dns ?
<Klackon> hello
<Klackon>  ?
<Klackon> anyone here ?
<RoyK> yep
<RoyK> what about it?
<Klackon> I installed 12.04 LTS, vanilla install.. and I cannot configure it to honor "search" paramater in the resolv.conf file
<RoyK> can you pastebin resolv.conf?
<Klackon> are you familier with resolv.conf and the /etc/network/interfaces file ?
<RoyK> !ask
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<RoyK> yes, I am :)
<Klackon> I need to know what you mean by pastebin ... new to irs
<RoyK> !pastebin
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imagebin.org/?page=add | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<Klackon> !pastebininit
<Klackon> !pastebinit
<ubottu> pastebinit is the command-line equivalent of !pastebin - Command output, or other text can be redirected to pastebinit, which then reports an URL containing the output - To use pastebinit, install the Â« pastebinit Â» package from a package manager - Simple usage: command | pastebinit -b http://paste.ubuntu.com
<Klackon> http://paste.ubuntu.com/986209/
<RoyK> looks good - what happens if you try to resolve a dns entry? try 'host somehost' where 'somehost' exists in that zone
<Klackon> the "xxxx.yconnect.local" hosts are not accessible with their names
<RoyK> can you resolve them with 'host xxxx'?
<RoyK> that's a direct dns request
<RoyK> start there
<Klackon> the "xxxx.yconnect.net" work just fine.. in face they work even if I were to take out the "search" line... and even the "nameserver" line.. which is really weird.
<Klackon> see here: http://paste.ubuntu.com/986215/
<Klackon> so the dns server is working and responsing to the query, but resolv.conf is not able to do it's magic
<RoyK> song.yconnect.local.yconnect.local has address 10.1.10.10 <-- do you administer this dns server? looks like it's misconfigured
<Klackon> a .ha.. so a bind mistake then ?
<RoyK> looks like you have $ORIGIN yconnect.local and then given song.yconnect.local as the hostname, so that $ORIGIN is added after that
<Klackon> bind files: http://paste.ubuntu.com/986218/
<Klackon> should I delte line 33 fron my db.yconnect.local  ?
<Klackon> OMG... I am missing a trailing "." in my $ORIGIN directive.
<RoyK> :)
<Klackon> OMF*********G.  I wasted my whole weekend on a ".".. 4 reinstalls.
<Klackon> I will never forget this!
<RoyK> :)
<RoyK> single character errors are classic
<Klackon> I am humbles RoyK
<Resistance> RoyK:  i know, right?
<Resistance> :P
<Klackon> I am humbled!!! thank you!
<RoyK> np :)
<Klackon> it took you 15 seconds.... thank you.. really... you are a genius!
<Resistance> RoyK:  who decides what gets included in ubuntu server, in terms of server packages (such as php5)?  and if you can answer, do you believe php5 will be synced to Quantal at some point?
<Resistance> version 5.4.x of php5
 * Resistance was not specific enough
<RoyK> erm - I don't quite follow what parts of php5 thaat gets in
<RoyK> seems 5.3 is in precise
<Resistance> mhm
<Resistance> but a few days later 5.4.x appeared in sid
<Resistance> so since 5.4.x is in sid, would that get included into Quantal?
 * Resistance isnt certain which the dev-release repos sync from during the scheduled syncs
<RoyK> to be honest, I don't know
<Klackon> I do hav another question for you.. however... even if I delte all references to my 127.0.0.1 local bind server from the /etc/network/interfaces file, and /etc/resolvconf files.., ubuntu is still able to tell that a dns server i srunning locally.  how does ubuntu know
<Resistance> i'll poke -devel, then, they might know
<Resistance> or +1
<RoyK> Klackon: no idea :Ã¾
<RoyK> Resistance: what's new in php5.4?
<Klackon> Question 1: Ubuntu uses the 127.0.0.1 as dns server, even if it not specified in the /etc/resolv.conf file (or config files) or even in the /etc/network/interfaces file.
<Resistance> RoyK:  apart from some security updates, and changes in the default confs for fpm?
<RoyK> fpm?
<Resistance> !info php5-fpm
<ubottu> php5-fpm (source: php5): server-side, HTML-embedded scripting language (FPM-CGI binary). In component universe, is optional. Version 5.3.10-1ubuntu3 (precise), package size 3055 kB, installed size 8135 kB
<RoyK> k
<Klackon> Question 2: Even if I use the directive "dns-nameserver 127.0.0.1 8.8.8.8" in the /etc/network/interfaces file, /etc/resolv.conf only gets the "nameserver 127.0.0.1" entery... ubuntu chews out the 8.8.8.8 entry.. any ideas ?
<RoyK> Resistance: perhaps someone has a php 5.4 ppa?
 * RoyK just bought a new watch http://karlsbakk.net/bilder/ny-klokke.jpg
<jacobwg> Does anyone know how to set the default gateway interface?  My laptop (running Ubuntu server) keeps choosing eth0 as the default gateway and I want it to choose wlan0
<jacobwg> Basically, eth0 connects to a LAN-only network with no internet access and wlan0 connects to a wifi network with internet access.
<jacobwg> But, it keeps choosing eth0 as the default gateway
<RoyK> jacobwg: hm.. usually it should choose the nic automatically after the network on which the default gateway is situated
<RoyK> jacobwg: what are the ip addresses of eth0/wlan0?
<jacobwg> RoyK: eth0 - 10.0.1.3, wlan0 - 192.168.137.132
<jacobwg> RoyK: local traffic works as expected, however route -n shows 0.0.0.0 -> eth0
<RoyK> and default gateway is set to what?
<jacobwg> RoyK: I would assume eth0 as there's that 0.0.0.0 -> 10.0.1.1
<jacobwg> I tried adding a gateway line in /etc/network/interfaces, but as wlan0 is configured via dhcp, I'm not sure if that did anything
<RoyK> jacobwg: can you pastebin 'netstat -rn'?
<jacobwg> RoyK: Sure, one sec
<jacobwg> RoyK: http://pastebin.com/d2xgsNeW
<jacobwg> I think I want that first line to read 192.168.137.1 instead of 10.0.1.1
<RoyK> yep, that makes perfectly sense
<RoyK> 10.0.1.1 is available on eth0 because that's the nic that has access to that network
<jacobwg> Right, but don't I want that first line (default route) to go to 192.168.137.1 on wlan0 instead of eth0
<RoyK> then set default gateway to 192.168.137.1
<jacobwg> RoyK: I tried changing it via ip route add default via 192â¦ but it reset on reboot
<RoyK> it's set to 10.0.1.1  now
<RoyK> ip route is a runtime thing
<RoyK> is this machine configured with dhcp?
<jacobwg> Yes
<RoyK> then change that
<jacobwg> Go static on the interface?
<RoyK> yep
<jacobwg> Hmmâ¦ I guess that's okayâ¦ we shall see how my network likes it.
<RoyK> dhcp and lots of nics doesn't mix very well
<jacobwg> RoyK: okay, so now it won't create the network - it is a wifi network
<jacobwg> RoyK: I'll pastebin the interfaces file
<jacobwg> RoyK: still working to get it back on the network so I can copy and paste the file...
<RoyK> jacobwg: there's some iwconfig/interfaces magick that needs to be done to make it work without dhcp
<jacobwg> RoyK: Here's the file http://pastebin.com/14ufeiT8
<jacobwg> RoyK: if I take eth0 down via ifdown eth0, then internet worksâ¦
<RoyK> jacobwg: I don't think using dhcp in combination with static will work too well
<jacobwg> RoyK: so, set both static?
<RoyK> yep
<jacobwg> RoyK: and so I suppose the eth0 sec ion would not have a gateway line?
<RoyK> there should be only one gateway
<RoyK> default gatway is like "if you don't know what to do, go here!"
<jacobwg> RoyK: WOW, it works (with both static) - thanks for all the help!
<RoyK> :)
<jacobwg> Knowing the wifi network setup, something will probably explode in the next few hours (we're using a Win7 computer with internet connection sharing to a cellular card and a wifi router acting as a bridge with routing disabled), but for now it's working.
<jacobwg> Every time we want to make changes to the wifi network settings, we have to reset the router so we can login to the admin area again :)
<jacobwg> Here's another question - can I setup an autofs mount of a network share of of / ?
<jacobwg> I want /folder to be mapped to a network share
<jacobwg> I can get /folder/folder working, but not just /folder
<jacobwg> Basically trying to do what someone is asking here: http://ubuntuforums.org/showthread.php?p=7739863
#ubuntu-server 2013-05-06
<skraito> hi guys
<skraito> anyone alive
<skraito> where is /etc/motd script located
<skraito> someone said update-motd
<skraito> but i cant found it
<justizin> says it's replaced by pam_motd in libpam-modules
<qman__> pam_motd calls update-motd
<qman__> the scripts are located in /etc/update-motd.d/
<justizin> ah, depends on the distro ver
<justizin> i'm on precise, in lucid it's probably still there, i think it changed somewhere between the last two LTS
<skraito> thx qman
<skraito> where to find the document for ubuntu server
<skraito> i am coding the hardening script now
<skraito> well nothing
<skraito> there
<skraito> in etc/update-motd.d
<skraito> which script is that
<skraito> root@ubuntu:/etc/update-motd.d# ls
<skraito> 00-header     50-landscape-sysinfo  91-release-upgrade  98-reboot-required
<skraito> 10-help-text  90-updates-available  98-fsck-at-reboot   99-footer
<skraito> ah found it
<skraito> is 00-header
<qman__> it's all of them, in order
<roasted> hello friends
<roasted> I'm planning on taking my HDD out of my server and putting in an SSD in place of it. I got to wondering if using swap on that SSD for the server would be a good or bad idea. Any insight from the pros?
<julian_c> I am not the most expert of pros.
<patdk-lap> whatever makes you feel good
<julian_c> SSD technology has gotten better in the past few years. SSD disks can take more of a beating than they used to be able to take. However, it is still always good to set up the SSD in such a way to limit the number of writes.
<patdk-lap> really rather pointless
<patdk-lap> and if your swap has a lot of writes, you have larger issues
<roasted> like, too little ram?
<patdk-lap> depends
<patdk-lap> might be you told your database to hold too much stuff in ram when there is no need
<roasted> I understand.
<roasted> thanks for your insight!
<stemid> could a high IOwait cause high load?
<stemid> very high, like between 20 and 60 IOwait, constantly
<stemid> and high cpu load in htop
<stemid> 1.30 load avg on single core VM.
<stemid> ubuntu 12 LTS
<RoyK> stemid: high iowait generally causes high load
<stemid> thanks, I suspected as much but wasn't sure.
<RoyK> high iowait means your disk(s) aren't fast enough :P
<stemid> in this particular situation I am suspecting storage problems. it's a mysql server, mytop shows no more than 2-3 simultaneous queries, no slow queries logged. iowait avg from this morning is 16.87.
<stemid> I only activated the sysstat service this morning
<stemid> CET
<stemid> single core VM with an emc SAN. but the storage is not my responsibility. I only want to point the finger at the person with the right competence :)
<RoyK> iscsi? fc?
<stemid> I don't know
<stemid> I'm only responsible for the server instances
<RoyK> I'd stop mysql if possible and run a disk i/o test against that storage
<RoyK> benchmark it
<RoyK> see http://www.cyberciti.biz/tips/linux-disk-benchmarking-io.html or similar
<stemid> it's a live service, but we could run that from another esx host.
<stemid> thanks for the tip
<stemid> another thing I find interesting, but this is a question more suited for #maria, is that there are in fact two identical ubuntu servers. one acts as the master, and is exhibiting all this IOwait. the other is a replication passive slave and exhibits nothing of the IOwait the master does.
<stemid> but still, the slave must do the same writes
<stemid> and it's mostly write queries, read would be easy with cache
<stemid> read queries would not affect IOwait as much
<stemid> and the two VMs are on different esx hosts.
<stemid> so what I mean is that if they use iSCSI
<stemid> maybe it's a network issue
<stemid> but thanks for your help RoyK
<stemid> I will keep investigating and pointing fingers
<RoyK> if you don't use replication, the binlog can be stopped
<RoyK> (or should be stopped imho)
<stemid> we can temporarily shutdown replication for service, but I would not be comfortable doing so.
<RoyK> stemid: ok, so you use replication between several mysql servers?
<RoyK> I'd start by benchmarking that SAN, though
<stemid> no only the two.
<stemid> yes I will schedule a benchmark
<RoyK> then don't disable the binlog ;)
<stemid> yeah
<stemid> =)
<RoyK> I thought you weren't using replication...
<RoyK> the storage guys can possibly move your volume to faster drives in the SAN (of such a thing exists)
<RoyK> we use smallish 15k drives on a dedicated shelf for stuff that need high iops
<RoyK> perhaps SSDs one day will replace them
<stemid> one can hope =)
<stemid> we have 15k sas
<RoyK> ok
<RoyK> should be fine ... but then, depends how heavily that SAN is loaded
<RoyK> anyway - how is the general mysql performance?
<stemid> just checked the graphs in vsphere, seems like the db server could be to blame. it's writing 85MB a second and 0 latency to the SAN.
<RoyK> if it's ok, then really, you don't have a problem...
<stemid> so I have to investigate what it's doing to the db
<RoyK> ouch
<RoyK> with other VMs around, that could be sufficient to fill up a 1Gbps iSCSI link
<resno> i need some advice on how to manage server backups. i originally wanted to go bacula, but now its a bit overcomplicated, and i'm considering rsync.
<chilicuil> resno: I do it with rsync to avoid overcomplexity, I do backup of several files over 10 servers or so: https://pastee.org/fyv2r
<resno> chilicuil: ok, cool. bacula just looks like to much/ to complex, etc
<resno> i was looking at paid solutions, but for a 10 servers, i wasnt sure it was worth the expense
<irossi> Does anyone know if juju jitsu has a way to specify more than one particular machine to deploy multiple service units?
<irossi> <irossi> For instance, I have ceph-mon deployed on three machines, but I want to deploy ceph-osd on the same three machines. As far as I can see, with jitsu I can only specify ONE machine for a particular service. I would like to do something like add-unit and add in the other two machines.
<Corey> irossi: Not sure, I use a full-on configuration management system.
<irossi> Corey: Are you talking about Chef or Puppet? Anyone here used juju or jitsu?
<irossi> We use Chef too, but we're trying to deploy Openstack using MAAS and Juju.
<Corey> irossi: Salt.
<Corey> (www.saltstack.org)
<Corey> ppa:saltstack/salt, for the curious.
<sudobash> I've transferred a backup of /etc config files in tar, tar.gz, and zip, when I transfer the files to another Ubuntu Server I cannot extract the files, I can extract them on the server that I created them on... What could be causing this? RAM on the 2nd server?
<shauno> is there a specific error message it's giving you?
<Corey> sudobash: That would greatly depend upon the error message you're getting.
<sudobash> for tar / gz it says this does not seem to be a tar / gz archive
<sudobash> but I can extract it on the pc I created it on
<Corey> sudobash: sha1sum or md5sum the file in both places.
<Corey> sudobash: If the signatures are different it was corrupted in transit.
<sudobash> hmmm multiples times then
<sudobash> I transferred it multipe times and tried it each time with same results so something is messed up on the 2nd server
<Corey> sudobash: Again, is the file intact?
<sudobash> checking
<Corey> sudobash: There's a process here, if you'd like to jump to the "speculate wildly" stage we can do that. :-)
<three18ti> hey all, how do I configure apparmor to allow libvirt to run as another user?  The open nebula docs say "add: owner /var/lib/one/** rw, to the end of /etc/apparmor.d/libvirt-qemu" but etc/apparmor.d/libvirt-qemu doesn't exist.  I tried adding that stanza to /etc/apparmor.d/usr.sbin.libvirtd to no avail.  the vm fails to start because it is unable to load the apparmor profile.
<sudobash> hmm that's strange it's showing the same md5sum on all 3 archives (which are different)
<sudobash> on the 2nd server (corrupted side)
<jdstrand> three18ti: they mean /etc/apparmor.d/abstractions/libvirt-qemu
<sudobash> it's showing the same md5 for each archive: 5b6d74f1453e20c09d6a20d909779ad7
<three18ti> awesome thanks jdstrand !
<sudobash> but this is not the correct hash value
<Corey> sudobash: What's your untar command?
<sudobash> tar xvf filename.tar
<Corey> sudobash: Ah, then if it's incorrect, we've found your issue.
<shauno> sudobash: I'd try either "file filename" and see if that throws you any clues?  (also, how did you transfer these?  is it possible the files you have are a copy of a http error message?)
<Corey> shauno: Ooh, good call.
<sudobash> durrrr it's an html file since I used wget and pointed it at the reverse proxy instead of the correct webserver thanks
<shauno> been there, done that.  easiest way to get identical files :)
<sudobash> I forgot I put nginx in front and it pulled the index for that since I didn't specifiy the correct webserver port
<Corey> sudobash: I generally would not advise using a webserver for that.
<Corey> If it's sensitive config files, rsync is preferred.
<sudobash> ok thanks
<leowt> i got a mdadm raid 10 with 4 500gb disks. One of them have failed, and the system booted up with ~500gb partition instead of 1TB and mdadm is recovering. Do this means that ive lost data on half of the partition?
<LargePrime> RoyK: are you free?
<kerframil> leowt: not likely. you don't lose data in a raid 10 array on account of the absence of one disk.
<leowt> kerframil: so why is that ~500gb instead of 1tb?
<RoyK> LargePrime: free as a bird - why do you ask?
<LargePrime> I want to ask you questions
<LargePrime> my noobish wears on me
<RoyK> well, just ask
<kerframil> leowt: I don't know what "that" is. what's mounted now and how does it differ from the usual arrangement?
<LargePrime> 1) I have to pachages I am told I can upgrade, but i cant upgrade them
<RoyK> pastebin apt-get output
<leowt> kerfamil, there are 4 disks (500gb each) in raid 10
<leowt> so there is 1TB normally
<leowt> if one fails, shouldnt that be 1TB still?
<RoyK> it will
<LargePrime> http://paste.ubuntu.com/5638996/ RoyK
<kerframil> leowt: yes. but this boils down to filesystems and mount points. how are you guaging the reduction in space? for example, which mount point and currently mounted from where?
<RoyK> I prefer raid-6 over raid10, though, because the lack of flexibility in raid10
<RoyK> LargePrime: iirc linux-image-server isn't in use anymore - linux-image-generic is used instead
<RoyK> linux-image-server is just a metapackage
<LargePrime> what des that mean to me?
<RoyK> it means it shouldn't be a problem removing it
<LargePrime> how do i remove?
<RoyK> apt-get remove
<RoyK> if it tells you it's going to remove other packages, please pastebin again
<leowt> kerframil: the raid 10 is at /
 * RoyK generally uses small drives for the root and larger ones for data, mounted elsewhere
<leowt> RoyK: i only learned that later, nothing to do now
<leowt> =P
<LargePrime> wait, could me kernal be  linux-image-server
<RoyK> LargePrime: try dpkg -L linux-image-server
<kerframil> leowt: how big does blockdev --size64 /dev/<md-device> say it is? and how big does df say your / filesystem is?
<LargePrime> http://paste.ubuntu.com/5639019/
<RoyK> LargePrime: no kernel in there
<leowt> blockdev: Unknown command: --size64
<kerframil> leowt: also, is / really mounted from /dev/md* or is it mounted from something else?
<leowt>  --getsize64??
<kerframil> leowt: yeah, sorry
<leowt> 494765342720
<RoyK> leowt: pastebin /proc/mdstat
<leowt> yes it is
<LargePrime> RoyK: second question?
<RoyK> !ask | LargePrime
<ubottu> LargePrime: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<kerframil> leowt: hmm, the array is about 460GiB so that ties up with the 500GB observation
<leowt> http://pastebin.com/fzw3QciF
<leowt> but it was 1TB
<RoyK> leowt: you only have two drives in that array
<leowt> i dont understand that
<kerframil> yep
<RoyK> or two partitions, even
<LargePrime> what is preferred desktop environment for a dedicated hosted server.  If it is up to me I guess light weight and secure are importnat
<kerframil> leowt: for two members, you should be using raid1 - not raid10
<leowt> i only removed the failing drive
<LargePrime> I only need it for very few things from time to time
<RoyK> leowt: md1 seems to have four drives
<RoyK> uh
<leowt> yes, md1 is a raid of swap that ive done LOLOL
<RoyK> no, two
<leowt> ignore that
<sw> installed vncserver on a 13.04 server, connects ok but just see the RealVNC box on the desktop, no title bar, no Unity
<leowt> but following that example
<leowt> md0 should be in the same setup
<RoyK> leowt: guess I'd get a smallish ssd if I were you and used that for the root and rather use the remaining drives in raid6
<leowt> so, something automatic on boot removed the 2 devices from md0
<RoyK> LargePrime: I'd say the preferred desktop environment for any server is *none*
<kerframil> leowt: basically, you can use raid 10 usefully with a minimum of 4 devices. I'm not sure what md raid 10 does when told to build with 2 devices - I don't see how it could implement redundancy.
<RoyK> LargePrime: what would you need it for anyway?
<kerframil> leowt: and that, I fear, may explain your problem
<LargePrime> we have to work with some bad data on the server
<leowt> kerframil: i know that, thats why is strage that ive only removed 1 drive
<kerframil> leowt: will be interesting to see what happens when the resync has completed
<LargePrime> and it saves us downing and upping a few giges
<leowt> and the array removed 2
<LargePrime> it happes from time to time
<kerframil> leowt: oh, I see
<LargePrime> so a very light desktop we can turn on and off would be great
<kerframil> leowt: how many members did it have before this happened?
<leowt> 4
<LargePrime> so no recommendation RoyK ?
<Aison> RoyK, markthomas: maybe you remember my problem with the upgrade to raring. After upgrade the machines no longer boot
<sarnold> LargePrime: look into lxde, they claim to be lightweight..
<markthomas> Aison: I remember.
<Aison> RoyK, markthomas: I found the reason why
<Aison> it is because of LDAP
<Aison> and NSS
<Aison> if the nsswitch.conf contains entries with ldap like: passwd:         files ldap
<markthomas> Aison: really?  That interrupted the boot process?  What was needing to authenticate?
<Aison> the machine no longer boot
<RoyK> LargePrime: you read me wrong - I wold recommend *not* using a desktop environment on a server
<Aison> well, it boots, but no longer startup :P
<RoyK> LargePrime: you can run X apps remotely over ssh
<sarnold> Aison: how did you get it to boot?
<Aison> sarnold, the machines always bootet, but the system deadlocked during startup
<RoyK> Aison: looks like a bug to me - please report
<LargePrime> ok, so aggain noobish showing ... is tightvnc a desktop enviroment?
<Aison> on a running system, I can change back nsswitch.conf to ldap and it works, but never reboot :)
<sarnold> Aison: so, the mkinitramfs or whatever step was just a red herring?
<markthomas> Aison: Indeed.  Please file a bug against initramfs-tools
<sarnold> Aison: yes, please file a bug. ;)
<RoyK> LargePrime: what sort of x apps do you need to run?
<Aison> sarnold, mkinitramfs no longer works with ldap entries in nsswitch.conf
<sarnold> LargePrime: I'd just assume from 'vnc' in the name that it is just a viewer
<RoyK> LargePrime: you'll stay a noob far longer if you hunt for the easiest solutions ;)
<sarnold> Aison: maybe you need to file two bugs. :)
<markthomas> Aison: I have to step away for a few, but I'm leaving the window open to catch up on the discussion when I come back.  And I'm most interested to see the outcome of the bug report(s)
<kerframil> leowt: with a default near layout, my best guess would be that the two disks - containing data and a replica of the same data - have been removed (which would be half of all of the data). though, if that's true, I really don't know why. let's hope for the best after the recovery concludes.
<LargePrime> So then i guess I just need a viewer.
<LargePrime> there is some python software i need to run server side
<Aison> I guess the problem is, that during boot there is no network connection but the system is trying to get some stuff over ldap
<kerframil> leowt: if the devices were specfied as sda*,sdb*,sdc*,sdd* in that order when originally creating the data then sda and sdc should *not* contain the same data. in that case, I would expect things to return to normal when both disks come back online.
<kerframil> leowt: i.e. after recovery. I sincerely hope that is the case.
<Aison> sarnold, yeah :) but first I need to figure out if it is a specific entry in nsswitch.conf that causes the system to block
<RoyK> LargePrime: and it can't run headless?
<RoyK> LargePrime: if so, try freenx
<sarnold> Aison: who knows, your description as it stands may be enough to remind someone of a change that shouldn't have been made, or should have been done differently
<LargePrime> RoyK:  I am not sure what you mean
<RoyK> LargePrime: if it can be run headless, do that instead
<RoyK> what's the name of this software?
<sarnold> Aison: you can amend your bug report after filing it :) I'd hate to miss this bug report if you get tired of debugging it further before filing.. :)
<LargePrime> http://www.mcedit.net/  RoyK
<leowt> kerframil: so you say after the recovery i might be able to mount the unsued disks with the ones now paired
<kerframil> leowt: well you only have one disk active now, which is a problem. what I'm saying is - assuming a default layout - the distribution of data should look like this: http://www.bpaste.net/show/s29Lkn7Z90l8oH0y8wEa/
<RoyK> LargePrime: is that a server thing or just a builder/editor?
<LargePrime> RoyK:  it is an editor.  we use it on the server to save down and upping rather large files
<kerframil> leowt: in that example, you need sda+sdc or sdb+sde at least
<RoyK> LargePrime: then just ssh -X <server> and run it from there
<kerframil> leowt: or any other applicable combination
<kerframil> leowt: e.g. not just sda+sdb
<RoyK> LargePrime: that is, what sort of client are you on?
<LargePrime> several users use putty
<RoyK> then install xming and configure putty to do x11 forwarding
<RoyK> x11 forward works that way too
<kerframil> leowt: wait out the recovery and see what happens. looks like sda+sdc should both be online at the end of it.
<LargePrime> xming  is a windows client
<LargePrime> and I need to install nothing on the server?
<LargePrime> is that right?
<RoyK> no, X11 forwarding is standard
<RoyK> so no extra software involved
<LargePrime> sexy
<RoyK> for the putty users, install xming and add it to the startup folder on the users start menu, create an entry for the server in putty and configure it to enable x11 forwarding
<RoyK> login - start x11 app
<kerframil> leowt: best of luck as I must be off
<leowt> kerframil: thanks
<LargePrime> Thanks RoyK
<RoyK> np
<RoyK> leowt: to clean up things, I would suggest reinstalling on a separate drive for the root (or two in a mirror if uptime is critical) and rather use the 500GB drives in RAID-6 or something - far more flexible in all ways
<leowt> RoyK: there is what i am going to do
<leowt> ;)
<RoyK> leowt: you should be able to migrate the current raid-10 to raid-0 and from there to raid-4 and then to raid-5 or raid-6
<RoyK> although reinstalling after backup and then restoring the lot would be a bit easier
<RoyK> also - no need to use partition tables on drives in a raid if they're dedicated for the use
<RoyK> leowt: do you have space somewhere for a full backup?
<leowt> yep
<leowt> i am already copying the most important stuff
<RoyK> goodie - then choose that path
<RoyK> if you have a small drive around for the root, use that. if you want to use it in a mirror later, create a broken mirror and install on that. for simplicity, better use lvm on top of the mirror if you choose that path
<LargePrime> RoyK:  Server is saying i need xauth?
<RoyK> apt-get install xauth
<LargePrime> RoyK:  so i think i have to configure xauth, and change sshd conf to allow x11
<RoyK> it should allow that by default
<RoyK> and no, you don't need to configure xauth, it's used automatically
<RoyK> you'll need to log out and in again, though, to have xauth and the environment setup correctly
<LargePrime> HEY I GOT A ZOMBIE
<RoyK> !caps | LargePrime
<ubottu> LargePrime: PLEASE DON'T SHOUT! We can read lowercase too.
<LargePrime> ya, i was excited
<LargePrime> http://paste.ubuntu.com/5639181/  How do i see the zombie?
<sarnold> LargePrime: which zombie? I don't see any zombies there..
<LargePrime> motd says i have a zombit
<LargePrime> now it gone
<LargePrime> I tried to catchs
<LargePrime> it must be a fast zombie
<sarnold> ah, I see :)
<LargePrime> sarnold: What would be the identifying  marks of a zombie on that output?
<RoyK> LargePrime: no zombie there
<RoyK> LargePrime: you see a zombie by the process status Z
<RoyK> LargePrime: ps axfv perhaps
<sarnold> LargePrime: first you need to use ps arguments that show process status; it'd show as Z
<sarnold> LargePrime: I learned 'ps aux' by rote, others prefer 'ps -ef'. ps arguments are frustrating, I think I wind up swearing every time I try to do something slightly different. :)
 * LargePrime is off to the man pages
 * LargePrime prepares for fustration
<RoyK> sarnold: ps is about as userfriendly as tar http://xkcd.com/1168/
<sarnold> RoyK: hehe, funny enough, I don't mind tar.
<markthomas> Aison: I'm back.  Did you get the bug(s) filed?
<sarnold> I don't mind ps so long as my problem can be solved with ps auxw or ps -ef or ps -opid,stat,comm, etc. But changing that last command from 'my processes' to 'all processes' .. that's horrible. :)
<roaksoax> ScottK: howdy!
<ScottK> roaksoax: Hello.
<roaksoax> ScottK: sorry for the delay on getting back to you on the maas SRU, but to answer your question, yes maas after the upgrade will continue to work without having to do manual configuration
<ScottK> OK.
<roaksoax> ScottK: now, however, I wanted to discuss something with you. There's a few dependencies that need MIR
<roaksoax> ScottK: those dependencies were promoted to main in Quantal
<ScottK> That's a bit out of the ordinary.  I'm not sure if we can change overrides post-release.
<roaksoax> ScottK: right. so as I had understood the MIR of these dependencies would not really be a problem in precise because we are committed to maintain them and they were promoted to main in quantal
<roaksoax> so I was told that those dependencies would be promoted to main once the sru landed
<ScottK> By who?
<roaksoax> ScottK: people within my team
<ScottK> I'm not interested in anonymous "I've been told".
<ScottK> If you choose not to work transparently, it's your choice.
<roaksoax> ScottK: -_-'! It's not that I don't it just doesn't make any difference. What I'm trying to say is that I either way plan to go ask the TB for a exception
<ScottK> I think if you're talking about promoting stuff to main, you need to discuss it with the MIR team.
<roaksoax> ScottK: true. Anyway, what I wanted to get to really was that I need to drop a build-dep for celery in precise, so that the MIR doesn't pull in unwanted stuff
<roaksoax> ScottK: this build-dep is not necessary really, and was dropped in quantal: https://launchpad.net/ubuntu/+source/celery/2.5.3-1ubuntu1
<roaksoax> ScottK: so I wanted to ask you whether this is SRU'able, or what would the process be?
<roaksoax> ScottK: or should I go to the TB to request approval to drop this build-dep so it can ultimately be MIR'ed?
<roaksoax> ScottK: this is the MIR bug for celery: https://bugs.launchpad.net/ubuntu/+source/celery/+bug/1020267 (which was requested in quantal, and I added the tasks for Precise)
<uvirtbot> Launchpad bug 1020267 in python-redis "[MIR] celery, pyparsing, python-cl, python-gevent, python-mailer, python-pytyrant, python-redis" [High,Fix released]
<ScottK> MaaS was already approved to use embedded code copies in SRUs when needed.
<ScottK> Can you just do that and leave the distro package alone?
<roaksoax> ScottK: So ship maas with a code copy for celery? I can't really say we could do it that easily... i would have to check with upstream maas
<ScottK> That would avoid causing a regression in the archive copy.
<roaksoax> ScottK: right, I see. Ok, I need to discuss that with upstream MAAS and see how easy/convenient it would be for us to do that
<roaksoax> ScottK: ok I guess I'll also have to discuss this with the security team
<ScottK> roaksoax: It ends up the same for them.  celery in the archive to support or celery in MaaS to support.  One copy either way.
<roaksoax> ScottK: right! I see your point. Ok cool then. Thanks for the input!
<roaksoax> ScottK: oh!! but doing that would still mean that celery dependencies would still need to be MIR'd
<ScottK> Embed those too.
<roaksoax> ack!
<ScottK> It's code copies all the way down.
<roaksoax> thanks
<bugzc> Hello
<bugzc> I was wondering if one of you has any suggestions for the following issue. I have an ubuntu server box which has a COM port. It's a headless system. I want to get a bash terminal via the RS232 port. I don't want to SSH into it. I tried to run getty to link a term with the com port. But when I connect to it from another system with putty, I dont seem to be getting anything, no output on client side.
<Jeeves_> bugzc: Do you get any output from `cat /dev/ttyS0` when you type anything on the other machine?
<bugzc> Nope, zero
<bugzc> this is the service im running on the server side: exec /sbin/getty -L ttyS0 115200 vt100
<genii-around> Maybe you need a nullmodem cable
<bugzc> im using a straight f/f rs232 cable
<bugzc> you reckon I cant use that?
<genii-around> Not for direct connection
<bugzc> I will try it with a null modem one now, lets see..
<bugzc> sweet, it worked. Thank you.
<roaksoax> ScottK: btw.. dropping the depndency I was talking about does not create any regressions in the package: http://pastebin.ubuntu.com/5639666/ the binaries have no difference whatsoever
<ScottK> If you don't get the same packages installed, you get a different result.
<roaksoax> ScottK: i've build both in clean pbuilder environments, if that's what you mean
<LargePrime> I finaly got this tool installed and it says it wants opengl
<LargePrime> can i install opengl on a headless server
<LargePrime> and will the application still use x11?
<LargePrime> is there a openGL to x driver?
<LargePrime> does that even make sense?
<ScottK> roaksoax: No, I mean at runtime if you have a different set of packages installed, you get different behavior.  Why is the thing you want to drop a dependency to begin with?
<roaksoax> ScottK: is a build-dep for doc related to "reference issues in issue tracker (git in case of celery)". So it is a build-dep that's not really required for the correct functioning of celery
<ScottK> I see.
<ScottK> And the docs are identical?
<roaksoax> ScottK: yes! docs don't really get affected by the drop
<ScottK> "Don't really" or not at all?
<sk1pper> hi all, is there a way to access directory owned by root via samba?
<roaksoax> ScottK: so say in the doc they reference an issue with '<some text> #10'. So, at the end of the document they list the references like '#10: http://github.com/<bug-link>', So what issuetracker does is to make that '#10' in the text be a link rather than only a reference
<roaksoax> ScottK: so when dropping it, the doc's are exactly the same
<ScottK> That doesn't sound like "exactly the same"
<ScottK> It might be a trivial different, but it's not exactly the same
<roaksoax> ScottK: right
<ScottK> Sigh.
<ScottK> I think I'm done.  You'll need to talk to someone else in SRU.
<roaksoax> ScottK: so for example "See issue #209", issue tracker adds a <a href=http://XYZ> etc etc when generating the docs.
<roaksoax> ScottK: ok, will do
<roaksoax> thanks :)
<streulma> hello, my server asked to replace /etc/grub.d/10_linux, what to do?
<streulma> no one?
<genii-around> If it's asking you to replace that file during an upgrade/update it's safe to say yes
<streulma> grub-probe: warn: disk does not exist, so falling back to partition device /dev/xvda1.
<RoyK> streulma: some xen-based vm?
<streulma> yes
<RoyK> no idea - I don't use xen
<streulma> see if it boot...
<streulma> no, server is down
<streulma> ok, problem solved, had to say N on Linux 10...
#ubuntu-server 2013-05-07
<gustav> Gmail doesn't accept e-mails from my exim4 host. Wat do kil self?
<gustav> Oh, it deblacklisted me now. That's awkward.
<RoyK> hm... on precise, where can I find why a reboot may be required? /var/run/reboot-required doesn't give any hits
<zokko> hello folks
<student-2013> hello
<student-2013> Can i run an application on  amazon EC2?
<student-2013> Why no answer?
<premera> student-2013: what appllication ?
<greppy> premera: they left the channel.
<premera> k
<pmatulis> using resolvconf on 12.04, say i make a change to interfaces file by adding dns-nameservers line.  is restarting networking service the only way to enable that change (update the resolv.conf symlink)?
<SpamapS> pmatulis: I think you can just re-run 'ifup ethX'
<adam_g_> zul: http://people.canonical.com/~agandelman/ca/grizzly/libvirt/
<DasIch> I'm running the latest ubuntu and would like to serve my website using spdy with nginx. I'm already using nginx and ssl but following the nginx documentation I get '[...]invalid parameter "spdy"[...]' in the error.log
<DasIch> Does the nginx version in the repositories not support spdy?
<DasIch> If so is there are reasonable and secure way to get a more recent nginx version without compiling nginx myself?
<jacobw> DasIch: see if someone else has packaged it or use the vendor's binaries
<Nafallo> DasIch: launchpad has a ppa for latest stable.
<DasIch> Nafallo: if I understand https://launchpad.net/~nginx/+archive/stable correctly the ppa was last updated in february, there have been several nginx releases since then
<Nafallo> DasIch: looks like you're correct. might be worth mailing the maintainer and ask what's up?
<hallyn_> jjohansen: hi, have apparmor controls on setns() been considered?  (sorry i haven't read your email yet, so sorry if it's answered in there)
<jjohansen> hallyn_: yes
<DasIch> Nafallo: yeah, I will try that
<hallyn_> jjohansen: cool, considered as in it's on the roadmap?
<jjohansen> hallyn_: we have a work item for it
<hallyn_> cool, thanks.
<jjohansen> I'm not sure which bp its in, probably july or august
<hallyn_> awesome
<hallyn_> stgraber: for cloning ubuntu-cloud images, smoser would like to have a lxc.clonehook, which could point to a script to be executed (with all arguments passed to lxc-clone after '--') at clone time to update the rootfs.  Do you see any issues with that/
<stgraber> hallyn_: I'm fine with lxc.hooks.clone though the arguments part will make it a bit different from the other hooks, do we actually have variable arguments for lxc-clone or could we get away with a few additional env variables?
<smoser> lxc-clone -o orig -n new -- --my-clonehook-arg1=value ...
<smoser> then "my-clonehook" gets passed:
<smoser>   /var/lib/lxc/orig /var/lib/lxc/new --my-clonehook-arg=1value
<hallyn_> stgraber: yeah it would be a bit different, and i'm not entirely comfortable with it, but it's doable
<hallyn_> confile would just store it as one long char*, and lxcapi_clone() would parse it
<stgraber> hallyn_: I think I'd rather add a LXC_CLONE_ARGUMENTS env variable that we pass to the hook. That way we keep the hook parameters consistent.
<stgraber> hallyn_: so basically have the clone() call in the API take the extra parameters (similar to create and start) and just push those into LXC_CLONE_ARGUMENTS before calling the hook (if there's one set)
<stgraber> (remember that I just got back from a week of doing client stuff, I haven't yet had time to catchup on the various patches, so the above is solely based on what I read on IRC ;))
<hallyn_> feels hacky though.  Perhaps these should be kept semantically separate from container startup hooks.  So we have container create hooks (which right now is just the template) and clone hooks, and heck maybe destroy hooks
<hallyn_> anyway, it's something to think about and hopefully discuss at vUDS next week
<hallyn_> stgraber: there's a way around this, at any case - using a pre-start hook which checks whether /var/lib/lxc/$c/NOTNEW exists, if so exits, if not creates it and does the update.  But that doesn't have the arguments, so it's not quite sufficient
<stgraber> hallyn_: nah, I think adding more hooks makes sense, it's just that we need to expose the arguments to the hooks and we should do that in a generic way for all hooks (as in, I should be able to get the arguments of lxc-start ... -- ARG in some environment variable in our current hooks)
<stgraber> that way we could also have pre-start/mount/... hooks that vary based on init arguments (for example)
<stgraber> so it sounds like a thing we can generically apply to all hooks with no special casing for the clone usecase
<oDiafanos> Hello! I run ubuntu server x86 12.04.1 and mysql refuses to start. On reboot it hanged so i tried 2 different backups. Mysql refuse to start.error seems to be dpkg: dependency problems prevent configuration of mysql-server:
<oDiafanos> <oDiafanos>  mysql-server depends on mysql-server-5.5; however:
<oDiafanos> <oDiafanos>   Package mysql-server-5.5 is not configured yet.
<hallyn_> to be clear i misspoke before, the lxc.clonehook entry in /var/lib/lxc/$c/config would not list the extra arguemtns, they'd be listed on the lxc-clone command line.
<hallyn_> but yeah
<sarnold> oDiafanos: try sudo dpkg-reconfigure -a
<stgraber> hallyn_: right, that's how I understood it
<hallyn_> stgraber: btw i haven't yet pushed Dwight's last 6-patch set to staging.
<stgraber> hallyn_: I did
<hallyn_> thx
<hallyn_> can't believe i did some of those...  <blush>
<stgraber> hallyn_: I'm a bit lost with the lxc-devel backlog, so if there's anything that I should be reviewing, let me know, I completely lost track...
<hallyn_> stgraber: i think i pushed everything up to those 6
<stgraber> ok good. I'll probably send an e-mail post-vUDS asking for anyone who submitted patches that didn't get applied to speak up, there are always a few we miss...
<hallyn_> yeah
<oDiafanos> sarnold, thanks but no..same error
<sarnold> oDiafanos: try sudo dpkg-reconfigure --force mysql-server mysql-server-5.5   ?
<oDiafanos> 1 sec I'm on ssh so i trying instantly
<oDiafanos> nope..I even tried to del and install again the pkg
<oDiafanos> any other suggestions?
<pmatulis> does kexec/kdump/linux-crashdump work on 12.04?
<hallyn_> stgraber: so i've updated lxc-snap, it now snapshots under $lxcpath/snapshots, but as a result it supports lvm, btrfs and zfs, not just overlayfs.  (I figured I"d test the limits before considering putting it in the api)
<stgraber> neat
<bcessa> hi there, any recommendations for a CLI tool to manage a custom CA, yes I know OpenSSL is just enough but I'm just curious if there's already a tinyCA0-like CLI alternative
#ubuntu-server 2013-05-08
<hallyn_> stgraber: have you considered rewriting lxc-ps in python?  (not asking you to, just wondering)
<Fieldy> I installed xchat which pulled in a bunch of X11 libraries and so on which I no longer need since I uninstalled xchat... how do I get all those no longer needed depdnancies cleaned up and removed?
<qman__> apt-get autoremove
<Fieldy> qman__: i've done that and it lists a few things, but they are the same things as before I installed xchat and removed it, do I need to run something else to update that list?
<qman__> no
<Fieldy> hm
<qman__> if it's not finding any more to auto remove
<qman__> something is left that depends on them
<qman__> did you manually mark any additional packages as installed?
<qman__> as in, did you apt-get install anything else?
<Fieldy> nah. i'll figure it out tomorrow, long work day, i could have very well made a mistake... one of many many systems :) thank you though I'll try with a clear mind later
<Fieldy> thank you
<oDiafanos> hello :) I have ubuntu-server 12.04.1 x86 with mysql problem(refuses to start) I found that it couldn't update mysql-server-5.5 so a moved /var/lib/mysql to a new location and I purged and reinstalled mysql-server.Installed and runing correctly. How can reinsert my sites dbs in the mysql again "the right way"??
<ppisati> dude, is there an easy way to install a swift instance? e.g. juju/charm/etcetc
<Enich> I am having a minor melt down here..   update-rc.d freeradius enable     seems not to be working,  my radius server needs to be manually started via sudo service freeradius start  after each reboot..   google and i have been all over it, but i cant seem to find the right solution.. anyone ?
<Enich> https://bugs.launchpad.net/ubuntu/+source/freeradius/+bug/1081509 <-- it seems there is more people with the problem..  anyone got a recommendation to how i can handle this issue.  it's starting to get to me
<uvirtbot> Launchpad bug 1081509 in freeradius "freeradius + mysql fails to start" [Undecided,Expired]
<Enich> i saw that it expired, but the problem still exists.  i cant fiigure out what is going on
<Enich> it verymuch seems like freeradius is starting before mysql  and therefor fails because it cannot connect and therefore shuts down or doenst finish the startuo
<Enich> up
<Braden`> Hello
<Braden`> I have Ubuntu 12.10.x, and I am trying to upgrade to 13; however, when I do:  do-release-upgrade, it tells me that there are no new releases; however, I have it set correctly ("normal") in /etc/update-manager/release-upgrades.  How do I fix this?
<RoyK> Braden`: it really should work
<RoyK> Braden`: try apt-get update first
<RoyK> I've tried 12.10 -> 13.04 a few times without issues
<roy2098> Hello! Can I ask opinion here of Ubuntu-Xen-ZFS all-in-one "mega-server" (12 drive bays for 6 zfs mirrors, two  internal bays for OS mirror)
<RoyK> roy2098: zfsonlinux or zfs-fuse?
<roy2098> RoyK: hmmm - let me check
<irv> i have a hyperv VM with ubuntu server in it, i want to expand the VHD and then expand the partition mounted at /
<irv> what's the correct way to do this? i know how to make the VHD larger
<RoyK> roy2098: if you haven't installed zfsonlinux kernel, it's fuse
<RoyK> roy2098: and I'd recommend not using that in production - write speeds are rather on the low side
<roy2098> RoyK: Setting up Xen and XAPI (XenAPI) on Ubuntu Server 12.04 LTS
<RoyK> no idea
<roy2098> RoyK: write speeds low compared to what? I have VMWare hypervisor with interconnect to NAS - THAT is slow
<RoyK> irv: google parted - then use resize2fs (given you're on extN)
<irv> yeah i believe it's ext4
<irv> thx
<RoyK> roy2098: write speeds with fuse are generally rather low compared to kernel-based drivers
<RoyK> but then - zfs is cool :)
<RoyK> only problem with zfs is that it doesn't re-balance the pool if you add more VDEVs
<roy2098> RoyK: i think it is kernel-based - actually i know it is as i have installed on my current Ubuntu workstation and i need to pick xen kernel in order to use it
<roy2098> RoyK: this all in one is only combination i know of (besides open indiana, illumos, smartos) that will enable zfs under everything
<RoyK> then it's probably zfs-fuse
<RoyK> freebsd has native zfs
<RoyK> linux doesn't
<RoyK> license issue
<roy2098> RoyK: yes i know this but xen on fbsd not yet there
<RoyK> ok
 * RoyK uses KVM 
<roy2098> RoyK: kvm good stuff also i think
<roy2098> RoyK all comes from same place
<RoyK> I decided to run md over zfs on my home server because of MDs flexibility
<roy2098> RoyK: not sure what md is... my whole thing is that zfs and large virtual machines are made for each other - ease of backup
<RoyK> personally, I'd rather setup a dedicated storage box on native zfs and then use kvm/zen/vmware/something on another machine for virtualisation
<roy2098> RoyK: well i have done just that elsewhere - nas4free as zfs storage
<RoyK> and - don't enable dedup on zfs unless it's in a strict testing environment
<roy2098> RoyK: dedup not enabled
<RoyK> good
<roy2098> RoyK: but performance of my setup not the same as if i had all vm machines on the hypervisor box itself
<RoyK> roy2098: but really - better separate the functions - some omnios install for storage and linux for virtualization
<RoyK> scales better
<RoyK> multipath over separate 1Gbps links should scale well enough, we even use it for exchange
<RoyK> over iscsi
<bejer> Hi, anyone run into problems with apparmor, slapd and /etc/ssl/private ? - when I change the ownership of /etc/ssl/private to openldap it works correctly but when keeping it as root, slapd is not able to properly access the private key and will not start properly)
<roy2098> RoyK: my nas4free mounts via nfs, it could also use iscsi - but consensus seems to be no perf diffs
<RoyK> roy2098: shouldn't be much of a diff, although NFSv3 has more overhead - NFSv4 should be good
<RoyK> local drives will always be faster, though, but the flexibility of using separate storage is the win
<roy2098> RoyK: I just know from my initial testing that a vm right on vmware hypervisor data store very different than mounting storage
<roy2098> RoyK: you are certainly correct
<RoyK> roy2098: testing will probably show it's slower than local storage, but then, is it fast enough?
<RoyK> it probably is
<roy2098> RoyK: good enough for everyday database reads/writes, not great for large data loads though
<RoyK> perhaps try with 10Gbps ethernet
<roy2098> RoyK: 10G ether sure, when money's no object
<RoyK> or aggregated 1Gbps links
<roy2098> RoyK aggregated links may be better
<roy2098> RoyK but here's the other thing - server will start out in basement of residence
<roy2098> RoyK to move in 1 yr to datacenter
<roy2098> RoyK "mega server" only 2U
<RoyK> then the single 1Gbps link should suffice ;)
<roy2098> RoyK = less cost in datacenter
<Psi-Jack> How do you kill the status of an upstart job that claims to be in the state, start/killed, process 659?
<RoyK> even if it's slightly slower than local drives for bulk transfers
<Psi-Jack> I
<Psi-Jack> I'm trying to write an upstart job, so I'm in the process of mangling it to work as expected, but I can't proceed since I can't get it to clear that state,.
<roy2098> RoyK: thanks for your help
<RoyK> roy2098: just happy to help a roy - good luck :)
<ntzrmtthihu777> question. I have ubuntu 12.04.2 server installed, but dpkg --get-selections | grep linux-headers shows linux-headers-generic-lts-quantal
<ntzrmtthihu777> so whats the deal with that?
<sarnold> ntzrmtthihu777: 12.04.2 was a hardware-enablement release that included the quantal kernel, xorg, and some other pieces, to provide better hardware support
<ntzrmtthihu777> sarnold: ah, thankya. was not really concerned, but was curious about the reasoning.
<GrueMaster> The real critical components to an LTS release are the gcc/glibc api and the kernel stability.  By switching up to the 3.5 kernel, but having it built on the 12.04 stack, you get more platform support without sacrificing overall stability (and I see it's benefit daily here at work).
<GrueMaster> The rest of the package updates are mainly security updates and major bug fixes (rare, but happens).
<jonconley> If I want to save a copy of pretty much every config file on all my linux servers along with all the changes, would that be looking into something like chef/puppet with a git repository for the config storage?
<sarnold> jonconley: chef or puppet is if you want to -manage- all those files on all your systems. as I understand them, they wouldn't help much for the ones not managed within the system
<sarnold> jonconley: look into etckeeper, see if that may be a better fit for what you want to do
<mariop> Hi, i have to install ubuntu server 12.04.2 on an headless machine (no monitor, no keyboard). Lets say the machine is configured to boot anything (usb, cdrom, hd), how can i do this?
<jonconley> sarnold: Thank you. That looks perfect. I was feeling chef/puppet might be overkill, at least for now. Is RANCID still the standard for networking device configs?
<sarnold> jonconley: no idea on rancid, never heard of it :) but that probably says more about me than about rancid..
<jonconley> sarnold: LOL. You are fine. It is old like me.
<sarnold> haha
<SpamapS> jonconley: you're kind of doing it backwards. Rather than duplicating all of the weirdness on one server onto another, what you want is to define what you want with something like puppet/chef/salt and then apply it to servers.
<jonconley> SpamapS: They seem to have a rather steep learning curve. Which I am not opposed to, but I am taking on logstash+redis+git+elasticsearch for the current project and I am sick of trying to tweak a config here or there and later not being able to revert to what was working.
#ubuntu-server 2013-05-09
<jasonmsp> hey all..  I have a strange occurance.  I copied .bashrc from one of my servers to another one and in the old instance it works fine, but in the new one when I fire up screen all of the data I have at the prompt is underlined.
<sarnold> jasonmsp: screen/tmux can modify how bold/underline/reverse/colors are interpreted.. those are exactly fun problems to track down :(
<sarnold> jasonmsp: chances are your PS1 environment variable  has control sequences in it that are handled funny in screen..
<jasonmsp> both servers are running the same version of screen.  Screen version 4.00.03jw4 (FAU) 2-May-06
<jasonmsp> server a = 10.04 ; server b =12.04 (unbuntu)
<sarnold> it could be a new terminfo file for screen on 12.04..
<jasonmsp> that sounds like it could be it.; i'll have to go back and rewrite the PS1 line another day but not tonight!  Thanks!
<sarnold> good luck :)
<jasonmsp> 8-)
<Legend2013> Hello
<Legend2013> is there a difference between a LAN and setting up a local network using a server?
<sarnold> Legend2013: what do you mean?
<Legend2013> The way LANs are explained, it fails to mention anything about a local server being used
<sarnold> indeed, you do not need a "server" to have multiple machines connected on a LAN
<sarnold> if you statically assign IPs to your machines, they'll just know how to talk with each other
<sarnold> if you choose to nominate one computer a dhcp server so you can put the network information in one place, once, and let them allocate IPs on their own, that's fine too :)
<Legend2013> ok well that means I dont want a LAN. I want everything to route via a server.
<Legend2013> I want to have a master device overseeing all the other devices. What would that be called?
<sarnold> Legend2013: do you really intend for the different hosts on the network to only communicate via a router?
<sarnold> you might call that a star topology, with your server as router..
<Legend2013> arnold have you heard of Novell's Open enterprise server?
<sarnold> yes, but it's been a while, I've forgotten most details..
<sarnold> .. something like re-implemented netware services as linux daemons
<sarnold> .. or netware running alongside linux using xen. I forget the details..
<Legend2013> I want something like that. its damn hard to explain
<Legend2013> about 12 linux pcs connected to a linux server through ethernet
<Legend2013> they have full system power but the server can track their activities, and internet access is routed through the server
<sarnold> chances are good you -do- want a LAN, and use that machine as a router between the LAN and the internet. (You probably don't want to buy 13 NICs for this server. :)
<Legend2013> I think im missing some vital piece of info that doesnt explain networking as it should
<sarnold> could be could be
<Legend2013> do you know any reliable info sites?
<Legend2013> i found this, but not sure if it fits:
<Legend2013> http://www.benamy.info/guides/setting-up-a-small-linux-network
<sarnold> this book is now a bit old (bad for services configuration details..) but ought to still be good for laying the tcp/ip groundwork.. http://shop.oreilly.com/product/9780596002978.do
<sarnold> that looks like a decent enough 'cookbook' style copy-and-paste sort of source, but it misses a huge piece on the description of tcp/ip networking...
<Legend2013> but is the application appropriate? you mentioned the NICs which is a specific piece of redundant hardware for a local network
<Legend2013> I better read up on it. Thanks for the guidance arnold
<Legend2013> bye
<jkyle> how can I get the gpg key/server for the ubuntu cloud archive so I can install directly instead of with the ubuntu-cloud-keyring package?
<eltigre> hey, I tried to remove plesk from an ubuntu server and now I am stuck with broken dependencies
<eltigre> http://pastebin.com/EreeGSkR
<eltigre> most forum posts etc recommend doing apt-get install -f but that fails miserably...
<eltigre> any idea what I can do short of wiping the server (which I can't do ...)
<RoyK> anyone seen the Current_Pending_Sector value on a disk been *reduced*? I thought that wasn't possible, but a drive in this server showed Current_Pending_Sector 41 yesterday, and now it's zero... :s
<qman__> while I haven't seen it before, that does match the definition of "pending"
<patdk-wk_> royk, your suppost to not have current_pending_sectors
<patdk-wk_> when it's >0, it means you had a read failure from that location
<RoyK> I know
<patdk-wk_> it's removed when you write to that sector, and it relocates it
<RoyK> but now it's reduced to zero, http://paste.ubuntu.com/5647819/
<patdk-wk_> and your relocated count went up
<RoyK> it didn't - see above
<patdk-wk_> then it must have gotten a good read then
<RoyK> but - 41 to zero in a day?
<RoyK> 41 pending sectors is rather a lot
<RoyK> and the drive is still giving errors http://paste.ubuntu.com/5647827/
<RoyK> ata4 here
<patdk-wk_> maybe you just have bad firmware
<patdk-wk_> hmm, you have offline-uncorrectables too
<RoyK> just waiting for the raid to rebuild to r6 - a friend's home server - told him to get new drives
<RoyK> sda, sdd and sdf shows errors :s
<patdk-wk_> no idea why that count vanished though, it shouldn't have
<patdk-wk_> what I normally do, to fix them up
<patdk-wk_> is a long smart scan
<patdk-wk_> followed by writes to the lba_of_first_error locations it finds
<patdk-wk_> that normally remaps them to new locations
<RoyK> I'll run a test once the raid is rebuilt...
<patdk-wk_> might have a cable issue too, but that would be a seperate issue
<patdk-wk_> the udma crc errors
<RoyK> any idea what Multi_Zone_Error_Rate is about?
<patdk-wk_> multible sectors in a row had errors
<RoyK> guess sdd is going out the window, then
<RoyK> http://paste.ubuntu.com/5647847/ <-- do you see any particular bad drives here?
<patdk-wk_> WD-WCAVY0219138 looks like it could use a badblocks run on it
<patdk-wk_> same for WD-WCAVY0462201
<patdk-wk_> probably the samsung also, thought badblocks on it could be considered overkill
<patdk-wk_> not sure what the abrt errors are though
<RoyK> sd[ab] are IDE drives for the root, in a mirror, so I guess a few errors can be handled - probably possible to get an old drive from somewhere to replace sda
<RoyK> for sd[bf], I guess new drives like wd red or something should do
<LargePrime> My Fast Zombies are back and i caught them
<LargePrime> http://paste.ubuntu.com/5647943/
<RoyK> I don't think minecraft zombies are well supported by ubuntu :P
<Chris_W_> can anyone help me with monitor resolution?
<Chris_W_>  i have the monitor saying it is currently using 1600x900 resolution, i have added GRUB_CMDLINE_LINUX="video=VGA:1600x900" to /etc/defaults/grub  but the monitor is still only using 3/5 of the screen
<mdeslaur> Daviey: happy birthday :)
<ivoks> smoser: https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/604717
<uvirtbot> Launchpad bug 604717 in ntp "Please convert init script to upstart" [Wishlist,Triaged]
<ivoks> jamespage: ^
<pythonirc1013> I've 10 servers that I just created  sudo user in. I would like to setup my laptop to passwordless ssh to these boxes and run commands automatically on these 10 boxes. What should I do?
<ivoks> create ssh key
<chilicuil> pythonirc1013: after configuring the passwordless settings (with the ssh keys) you may want to use this quick & dirty script: https://pastee.org/m24yg , that's how I do it
<pythonirc1013> ivoks: I've to type the password 10 times for that
<ivoks> pythonirc1013: for ssh key? no... no passwords
<ivoks> ssh key + sudo NOPASSWD
<ivoks> http://www.ducea.com/2006/06/18/linux-tips-password-usage-in-sudo-passwd-nopasswd/
<pythonirc1013> ivoks: to place the ssh key on the 10 machines I've to type in passwords
<pythonirc1013> I actually have more than 10 machines right now.
<ivoks> pythonirc1013: what, you'd like anyone to be able to put ssh keys on servers?
<med_> pythonirc1013, cry me a river...
<pythonirc1013> ivoks: I would like my script to type the password for me. Without learning expect please :)
<ivoks> sigh
<ivoks> have you tried typing 'expect ssh' into google?
<ivoks> first links is 'Expect with SSH - Ubuntu Forums'
<Pici> Its very bad practice to do that.
<ivoks> i agree
<pythonirc1013> ivoks: looked painful
<GrueMaster> pythonirc1013: You might also look at python's pexpect.  They have good examples on http://www.noah.org/wiki/pexpect.
<GrueMaster> passmass.py specifically on that site is a good eample of how to do this.
<Quest> I have a dsl modem (192.168.1.1)  -> server for QoS and monitoring (192.168.77.10)   -> clients (192.168.77.1-255) .    Now in the clients ip configs, I have to add 192.168.77.10 as gateway and 192.168.1.1 as DNS . I want the clients to make 77.10 as the DNS and not 1.1  as then clients would be independant and see only the server. I can change the dsl of 1.1 and say plug in the 2.1 and the client w
<Quest> ont have to change their ip config.   how it can be
<Quest> done as right now I cant just use 77.10 as a DNS in clients. why?
<shauno> Quest: would the sensible answer not be to just change the domain-name-servers option on your dhcp server?
<GrueMaster> Quest: First, it looks like you have an overlap in your client ip range "server for QoS and monitoring (192.168.77.10)   -> clients (192.168.77.1-255)".  Your dns should be moved out of the way of the clients (i.e. move the clients to 77.15-255).   Also, you are trying to span two separate subnets (77.* and 1.1).
<Quest> shauno,  I never installed a dhcp server
<Quest> GrueMaster,  yes. i agree. its a type . its actually 50.255
<Quest> shauno,  I never installed a dhcp server. i mean i never installed a dhcp software specifically. iam just shairing internet between eth0 and eht1  of server
<Quest> GrueMaster, ^
<GrueMaster> Quest: If you have the dsl connected to one system, and the clients have to go through that system to get outside, why not configure the dsl modem as a pass-through and have your firewall system do all the work?
<Quest> sure. how
<Quest> ?
<Quest>  nor i installed a DNS software
<GrueMaster> That setup is exactly how i have my home network.
<Quest> do i need a dhcp software or DNS software?
<GrueMaster> Give me a sec and I'll pastebin my dhcp setup.
<shauno> it sounds like you're going to need something on .10 to answer/relay those requests if you want it to answer dns.  either a small proxy like dnsmasq to answer, or just that port on your internal if to your existing service
<shauno> but personally, I'd move the clients onto dhcp.  the problem of re-writing all the client configs was solved eons ago
<Quest> shauno,  ok. so what do i need. ? (i need simple most setup)
<Quest> shauno,  clients use static ips. not by dhcp
<GrueMaster> Quest: http://paste.ubuntu.com/5648313
<Quest> GrueMaster,  ok. do i need a DNS software?
<GrueMaster> Quest: I use dhcp for every system, then assign them a static IP in my dhcp config (above link).
<Quest> GrueMaster,  i have setup the clients to use a static ip. (for each client)
<GrueMaster> I have bind setup as well, just for internal dns resolution.
<Quest> GrueMaster,  so i need bind?
<Quest> GrueMaster,  how hard is to configure bind on ubuntu. for the 77.10 server to pass on client requests to 1.1 ?  then i can just put 77.10 for dns and gatway in clients config
<GrueMaster> YOu oinly need bind if you need to connect between systems internally.
<Quest> GrueMaster,  i only need the clents to have gateway and dns as 77.10 (server ip) and the clients should not worry about the ip of the dsl modem.
<GrueMaster> i.e. If I want my PS3 to resolve to my master media server.
<GrueMaster> right.
<GrueMaster> I assume 77.10 is configured as some sort of proxy for external dns resolution on the internet?
<GrueMaster> I.e. each machine can ping google.com through it?
<Quest> no
<Quest> 77.10 has just traffic monitoring tools . i have shared its eth1 and eth0 with each other. eth1 is Wan. eth0 is Lan
<GrueMaster> Ah.
<GrueMaster> So no real firewall?
<Quest> there is but i dont use it much
<Quest> well i have done the sharing with the firefwall
<Quest> firestarter...
<GrueMaster> I.e. one system that blocks and routes incoming packets.
<Quest> GrueMaster,  yes i gues
<GrueMaster> Most "firewall" programs for Linux are just a series of scripts that configure the Linux IPTables.
<GrueMaster> But it sounds like you have something in place.
<Quest> GrueMaster, either way. it works
<Quest>  it works with 1.1 .but i want to give it 77.10 as dns for clients. so if i change the dsl from 1.1 to 2.1 . the clients wont have to be reconfigured
<GrueMaster> (I use shorewall).
<GrueMaster> I honestly can't remember all the details that I did when I initially configured my system (Ubuntu 10.10, upgraded from Mandriva 9).  It sits in a rack in my basement and just works.
<GrueMaster> Looking at my configs, I have bind setup to forward dns requests to my isp.  That gives me internet resolution to my home systems.
<shauno> I honestly think insisting on static IPs is causing the problems you're trying to solve.  you're trying to manage the clients instead of managing the network
<GrueMaster> I agree.  Easier to have a master ip list on the dhcp server.
<Quest> shauno,  GrueMaster  i have to recognise clients by their ips.....
<Quest> so i have to give static ips
<shauno> you can still do this with dhcp, as GrueMaster's config is doing.  but it means if you need to change your dns server, for example, you change one line in dhcpd.conf
<GrueMaster> My dhcp server automagically updates dns, so the only time I need to change anything is when I want to move a new system into a defined range.  This also makes it easier to spot and control leaches on my network (wifi drive-by, neighbors, etc).
<shauno> I know it doesn't answer your question, but it is the fix that keeps on giving.  like when you decide your phones need to be on their own subnet, you just match option vendor-class-identifier in dhcpd.conf and the phones will all move themselves
<shauno> you can also hand out configs and firmware updates to your phones that way, it really is sanity++
<GrueMaster> In my case I was doing a lot of Ubuntu testing on arm, which required a LOT of reimaging (sometimes 10x/day).  My setup required less configuration, as I could have a generic preseed that worked on all systems, regardless of system name/architecture.
<shauno> the easiest way to do what you're actually trying to do, just so that I'm not preaching, is to put dnsmasq on .10
<jacobw> Preseed are hostname/architecture dependent?
<GrueMaster> jacobw: Only if you have static ip's and arch specific kernels (in the case of omap4 testing).
<jacobw> I see
<GrueMaster> The whole point of preseeding is to automate installation without interaction.  I could just nuke the bootloader on a system, reboot, and it would do a new install via pxe.  After 10-20 minutes (depending on system speed and package selection), the system would reboot to a login, complete with user ssh keys preinstalled and everything was fresh.
<GrueMaster> My preseeds were extremely generic, and I had scripts that would customize them as needed on the fly for testing.  So if I wanted to build a glusterfs cluster with all my panda boards (7 at the time), 1 would be imaged as the controller, one as the client, and 5 as teh redundant fs cluster.
<GrueMaster> 20 minutes after launching the job in Jenkins, I had a GlusterFS cluster comprised of (essentially) a cluster of cell phones.  :P
 * GrueMaster enjoys the geek moment in that.
<jacobw> GrueMaster: :)
<pythonirc1013> how can I ask apt-get upgrade not to ask a "Y/n"?
<pythonirc1013> -y , thanks
<Pici> np
<Chris_W_> anyone here?
<sarnold> Chris_W_: a few hundred people..
<Chris_W_> huh. i only saw you respond.
<shauno> if 'anyone' got 400 replies each time, it'd be quite unbarable
<Chris_W_> true
<Chris_W_> im having video issues and i could use some help.
<Chris_W_> im using a laptop with a broken screen to run the server, but the vga output is shrunk to like 2/3 of the screen
<Chris_W_> if i booted into windows it would think i have two monitor, but im only using the VGA output, so i think ubuntu is doing the same thing.
<Chris_W_> is there any way to disable one of the 'outputs' ?
<sarnold> Chris_W_: many laptops have a key that let you swap between video outputs for easy use with projectors
<justizin> Chris_W_: also worth a shot, plug in a keyboard and mouse and close the laptop lid.  also try booting that way, so it never initializes the LCD.
<Chris_W_> ive tried using the fn-f8 combo which would change between lcd/vga output, but id doesnt do anything now.  but the lcd is removed and there are no lcd cables connected to the motherboard.  it still thinks its there, but it forces video out through vga without me pressing the button combo
<Chris_W_> is there a command to see what displays or outputs it is currently using?
<sarnold> Chris_W_: xrandr without arguments dumps a huge pile of display information
<Chris_W_> sarnold: im not using x.  im on ubuntu server, with only command line
<sarnold> Chris_W_: ah :) dmesg may have details on the video devices being used..
<mathaino> hi all, i am new, so sorry if my question is stupid...how can i install html5 on ubuntu server?
<sarnold> mathaino: html5 is a specification, not a specific thing that you can install
<sarnold> mathaino: if you want html5, hire html programmers and tell them what to write :) hehe
<mathaino> i see, lets say i want to learn html5, do i have to install something on the ubuntu server?
<shauno> a text editor would be handy
<shauno> try it the other way around.  just starting learning, and go looking for tools if & when you find something you're lacking.  this isn't something that requires any kind of toolbox to get started
<sarnold> mathaino: you'll want firefox and chromium-browser, so you can test what you write; you should test your code via a webserver, rather than just accessing files on the filesystem, to prevent silly mistakes from making it through to the code; apache or nginx are useful there, but setting up a full-featured webserver can take some effort
<mathaino> sarnold: i have already an apache2 running so that is not such a big deal, just want to start playing with html5, that's why i asked if i need to install any package for that. thanks for the hints :)
<sarnold> mathaino: aha, good :)
<justizin> are there any plans to make ufw transactional, like iptables-save and iptabes-restore? we're using the opscode's community firewall cookbook for chef, which currently only supports the ufw provider, and when chef runs and reconciles the firewall, all connectivity fails for a brief period.  obviously, this is not our preference on prod boxen. ;)
<jdstrand> justizin: ufw runs iptables-restore under the hood
<justizin> hm.
<justizin> i thought it might, i'll have to dig a bit deeper before casting blame ;)
<justizin> i'm basically just trying to figure out if there's a bug somewhere that i can fix, rather than abandoning ufw
<jdstrand> justizin: so you could supply your various *.rules file and then just run /lib/ufw/ufw-init reload at the end
<justizin> could be opscode's cookbook
<justizin> hm..
<Blinkiz> Hello. I have a libvirt+kvm server with bridge interface. I do not want the bridge to forward tagged VLANs to every machine (vnetX), how can I filter this?
<bekks> Blinkiz: Using a bridge, thats not possible.
<bekks> Blinkiz: A bridges bridges all traffic.
<Blinkiz> bekks, I found the solution. It is to use ebtables to control the bridge. Like dropping all frames, "ebtables -t broute -A BROUTING -i eth0 -p 802_1Q -j DROP "
<Blinkiz> I can control which virtual machine gets what VLAN without having to set up a bunch of virtual vlan interfaces in the /etc/network/interface file.
<Blinkiz> It was a nice feature.. Did not know about ebtables. Am used to setting up everything in the interface file and the default br0 bridge do not forward tagged VLANs. That was changed some kernel ago..
<bekks> Good to know. :)
<pythonirc1012> ubuntu 10.04 LTS was supposed to e supported till 2015 or so, right?
<sarnold> parts of it, yes
<pythonirc1012> sarnold: so I can run it safely in production?
<pythonirc1012> sarnold: or do I need a reinstall?
<sarnold> pythonirc1012: yes, you can run it in production
<pythonirc1012> I just updated the 10.04 lts. nginx got updated. And now it won't start
<sarnold> pythonirc1012: see here for details on how long which pieces are going to be supported: https://wiki.ubuntu.com/LucidLynx/ReleaseManifest
<pythonirc1012> anyone uses nginx+ubuntu here that could help?
<sarnold> pythonirc1012: nginx-extras or something?
<pythonirc1012> no just pure nginx - It won't start after the latest update
<sarnold> pythonirc1012: hrm, this page suggests that last update for nginx on 10.04 was in June, 2012: https://launchpad.net/ubuntu/+source/nginx
<pythonirc1012> sarnold: I had not run updates for a long time. I ran update today and got to 1.4.1. now when I try to start nginx - nginx: invalid option: "/var/run/nginx.pid"
<pythonirc1012> Even though that option is commented out in nginx.conf
<sarnold> pythonirc1012: that makes me think perhaps you've got a local configuration error of some sort..
<pythonirc1012> ngingx configtest -> says OK
<pythonirc1012> the same config used to work well before the upgrade
<sarnold> 1.4.1?? lucid's nginx was version 0.7.65-1ubuntu2.3 ..
<sarnold> even our devel release just has 1.2.6-1ubuntu4
<pythonirc1012> mine says nginx version: nginx/1.4.1
<TheLordOfTime> pythonirc1012:  are you using the PPA
<TheLordOfTime> sarnold:  they're probably on the PPA, it has 1.4.1-1
<sarnold> TheLordOfTime: ahhhhh.
<TheLordOfTime> see, weird nginx questions like that are why I'm here.
<sarnold> well, I guess it doesn't much matter one way or another, it's not like it's in main..
<TheLordOfTime> sarnold:  no it's not in main :P
<sarnold> (probably should be, but that's another matter :)
<pythonirc1012> seems like long time back I added the ppa and then removed it :(
<pythonirc1012> readded and then trying to update everything again
<TheLordOfTime> (oh there's an active merge request to merge 1.4.1 into saucy, sarnold)
<pythonirc1012> hopefully I don't break anything
<sarnold> TheLordOfTime: woot
<TheLordOfTime> pythonirc1012:  if you want something "stable" for production you might want 12.04
<TheLordOfTime> but nginx will be 1.4.1 regardless if you stick to the PPA
<TheLordOfTime> (it's supported through Saucy)
<sarnold> TheLordOfTime: he's on 10.04, he's still got two years for most of it..
<TheLordOfTime> s/PPA/stable PPA/
<pythonirc1012> TheLordOfTime: I'll stick to 10.04 for another year
<TheLordOfTime> sarnold:  he's OK then but there won't be any updates past 1.4.1 for nginx
 * TheLordOfTime manages the nginx stable PPA and is not going to update past nginx 1.4.1 for Lucid
<sarnold> TheLordOfTime: ahhhhhh :)
<TheLordOfTime> just for their reference :)
<pythonirc1012> TheLordOfTime: as long as if there are no security hazards that are patched.
<TheLordOfTime> pythonirc1012:  if there's any new CVEs I may or may not patch them
<pythonirc1012> TheLordOfTime: when was the PPA last updated for lucid?
<TheLordOfTime> pythonirc1012:  yesterday
<TheLordOfTime> with 1.4.1-1 from Debian
<pythonirc1012> that is what broke my machine I think
<TheLordOfTime> pythonirc1012:  define "broke"
<pythonirc1012> k
<pythonirc1012> after update - nginx won't start at boot
<TheLordOfTime> check the logs
<TheLordOfTime> it should throw errors about why
<TheLordOfTime> probably a conf thing
<sarnold> is that the ipv6_only=on bug or whatever that was?
<TheLordOfTime> or me forgetting to apply a patch to the default conf...
<TheLordOfTime> ... crap.
<pythonirc1012> when I try to start /etc/init.d/nginx start, it gives me: nginx: invalid option: "/var/run/nginx.pid"
 * TheLordOfTime facedesks
<TheLordOfTime> sarnold:  probably
 * TheLordOfTime checks something
<pythonirc1012> I commented out the line in my conf --> pid /var/run/nginx.pid  -- still there was a problem
<TheLordOfTime> pythonirc1012:  you can't comment that out
<TheLordOfTime> that's a required line
<TheLordOfTime> but...
<pythonirc1012> k
<pythonirc1012> I'll uncomment after reboot
<TheLordOfTime> pythonirc1012:  can you do `sudo nginx restart` and pastebin the EXACT ERROR MESSAGE
<pythonirc1012> yes, will do in a moment, brb
<TheLordOfTime> sarnold:  probably that bug and the fact that the lucid one doesn't check the right pid location
<pythonirc1012> TheLordOfTime: http://bpaste.net/show/FpJHJwUaM4CInWpo04v4/
<pythonirc1012> uncommenting: pid /var/run/nginx.pid;
<pythonirc1012> exact same error before uncommenting
<TheLordOfTime> hmm...
<TheLordOfTime> that shouldn't happen even on normal updates and upgrades
<TheLordOfTime> ... and my last lucid VM died a week ago...
<TheLordOfTime> hmm...............................
<TheLordOfTime> pythonirc1012:  and this is in a production environment?
<pythonirc1012> TheLordOfTime: yes :) Well it doesn't have that much traffic yet.
<pythonirc1012> I still have my job :)
<TheLordOfTime> pythonirc1012:  the only thing I can think is you're using an invalid conf file
<TheLordOfTime> but that file there...
<pythonirc1012> TheLordOfTime: configtest passes
<TheLordOfTime> or rather the error
<TheLordOfTime> the error doesn't say WHERE it's erroring
<TheLordOfTime> and there's no reason for it to be erroring
<TheLordOfTime> the program is direct from debian
<TheLordOfTime> no other modifications
<TheLordOfTime> and it works on every other release
<blackthor> hmm... is anyone running a file system with >1 billion of files ?
<TheLordOfTime> sarnold:  now you know why I don't like working with really old releases :/
<TheLordOfTime> lol
<TheLordOfTime> pythonirc1012:  which nginx did you install, nginx-full, nginx-light, or what?
<pythonirc1012> I don't remember
<pythonirc1012> how can I find out?
<TheLordOfTime> someone else might be able to answer that one better than I
<sarnold> dpkg -l 'nginx*'
<pythonirc1012> TheLordOfTime: http://bpaste.net/show/TPAbbFKnkBAjGvJrksvk/
<pythonirc1012> sarnold: thanks
<TheLordOfTime> so you're on nginx-full i guess
<pythonirc1012> I guess so
<TheLordOfTime> did you try to reinstall the nginx web server software after backing up your site configs?
<TheLordOfTime> actually better question have you modified the default config files at all, for the sites-available and such
<pythonirc1012> yes
<TheLordOfTime> back those up
<pythonirc1012> k
<TheLordOfTime> save them somewhere, because i'm going to walk you through reinstalling the nginx webserver software
<TheLordOfTime> because that looks like a runtime error I've never seen before
<pythonirc1012> you want me to backup /etc/nginx?
<TheLordOfTime> (also did I mention how much I hate working with old releases?)
<TheLordOfTime> pythonirc1012:  i want you to back up what you've modified substantially from there yes.
<TheLordOfTime> in fact back up everything :p
<TheLordOfTime> from /etc/nginx
<pythonirc1012> done
<TheLordOfTime> `sudo apt-get purge nginx-full nginx-common nginx`
<TheLordOfTime> without the ` of course
<pythonirc1012> done
<TheLordOfTime> pythonirc1012:  sudo apt-get install nginx-full nginx-common nginx
<pythonirc1012> done
<TheLordOfTime> now restore your configuration files
<TheLordOfTime> the ones i had you back up
<TheLordOfTime> (you may need to overwrite the default ones)
<pythonirc1012> done
<TheLordOfTime> sudo /etc/init.d/nginx stop
<TheLordOfTime> sudo /etc/init.d/nginx start
<pythonirc1012> same error:  * Starting nginx nginx                                                                                    nginx: invalid option: "/var/run/nginx.pid"
<sarnold> TheLordOfTime: I wonder if it would help to see the entire config..
<pythonirc1012> Lemme do one thing. Lemme just run it with the default config and see if that starts it?
<TheLordOfTime> whoopsies
 * TheLordOfTime exploded
<TheLordOfTime> pythonirc1012:  yeah see if it can run with the defaults
<TheLordOfTime> it SHOULD
<pythonirc1012> yes it runs with the defaults
<pythonirc1012> ah, no it does not
<TheLordOfTime> hmm...
<TheLordOfTime> i wonder if this is a lucid problem
<pythonirc1012> nginx stop; nginx start; nginx status -> nginx is not running
<TheLordOfTime> and JUST a lucid problem
<TheLordOfTime> oh i know that one
<TheLordOfTime> pythonirc1012:  that one's my fault and a known bug
<TheLordOfTime> because the pid isn't in the right locatoin
<TheLordOfTime> pythonirc1012:  lemme push an update to fix that one
<pythonirc1012> k
<TheLordOfTime> pythonirc1012:  do me a favor: pidof nginx
<pythonirc1012> TheLordOfTime: no output
<TheLordOfTime> okay yeah that's a KNOWN bug
<TheLordOfTime> lemme push an update, but we'll have to wait for it to build
 * TheLordOfTime shall return after food
<pythonirc1012> I'll leave for food as well
<pythonirc1012> will be back later
<markthomas> Anybody here proficient on LVM storage underneath KVM volumes?
<TheLordOfTime> pythonirc1012:  try again, `sudo apt-get update; sudo apt-get upgrade`
<TheLordOfTime> then try and run again
<TheLordOfTime> whoops hang on
#ubuntu-server 2013-05-10
<petey> if you're doing something like sudo find you wont need to do it recursively right
<petey> a sudo find chmod since it's finding all of those file types
<sarnold> hallyn_: hey, how do I test this new libvirt package in quantal? :) I don't recall exactly the steps I had to take to trigger the bug in the first place...
<sarnold> petey: indeed, find recurses down directories and mountpoints by default
<petey> okay cool thanks
<sarnold> hallyn_: I've got a suspicion that it's something like (a) start from precise (b) install a specific SRU release of libvirt and dnsmasq (c) upgrade to quantal...? (d) install new libvirt from proposed and see if the link is repaired?
<sarnold> hallyn_: (in other words, I'm not very confident in my ability to provide good verification of your package... I'm hoping you or stgraber have an easy way to reproduce the problem and verify the fix. :)
<hallyn_> sarnold: apt-get install libvirt-bin; apt-get rm libvirt-bin; apt-get install libvirt-bin should do it
<sarnold> hallyn_: oh, keen, that's easy to try
<hallyn_> you shouldn't have to start from precise.  it was the act of removing the package which removed the /etc/dnsmasq.d/libvirt-bin, and installing it then didn't recreated it
<hallyn_> then apt-get purge libvirt-bin; apt-get install libvirt-bin; add quantal-proposed; apt-get update; apt-get rm libvirt-bin; apt-get install libirt-bin
<hallyn_> i *think* that's all it is, though there were a few bugs along the way there weren't there...
<hallyn_> sarnold: thanks  (heading out)
<sarnold> hallyn_: have a good night :)
<Free99> hey everyone. Having an issue where someone on my network keeps trying to nab my server's IP address. Can't tell if its malicious or accidental, but... any suggestions on what to do?
<sarnold> Free99: tcpdump or ethereal ought to show you the MAC address involved. if you have managed switches, you can drop packets from that MAC before they cause problems.
<pythonirc1012> TheLordOfTime: Any pushes yet?
<Free99> sarnold, my organization is big enough where I'd have to loop the network guy in, and he's very busy (but I know that's the actual solution). Until then, I seem to recall some app or something in the repos that would hold on to your ARP registration really tightly
<Free99> like it'd block anyone else from stealing your ip pretty effectively
<pythonirc1012> does anyone have a good backup script/software for backing up /home?
<sarnold> pythonirc1012: investigate rsnapshot and duplicity
<Free99> sarnold, how would I do that with tcpdump? I know arping can do that kind of thing
<sarnold> Free99: add enough -e switches to see ethernet macs..
<pythonirc1012> sarnold: thanks
<Free99> sarnold, what if they are spoofing my MAC address? I'm sorry if these are obvious questions, never dealt with this before
<pythonirc1012> sarnold: in my case, my users have copies of exactly the same file stored multiple times. I was hoping that the backup sofware was good enough to not backup multiple copies of the same file.
<Free99> pythonirc1012, the ZFS filesystem supposedly does this pretty effectively, it's called data deduplication
<Free99> try looking around to see if anyone has ported just the data dedup part into a utility or something
<sarnold> Free99: sorry, I can't recall the name of the tool you're thinking of.. and no idea what to do if they clone your mac, you're in trouble at that point, you'll need to mac-firewall every port, I expect. :/
<Free99> crud-butter
<Free99> so wait a sec, I thought the networks were a lot more resilient to this kind of thing
<sarnold> rsnapshot is decent at not duplicating files itself, but I doubt it recognizes duplicated files in homedirs :)
<Free99> is that the type of issue that ipsec was supposed to handle?
<sarnold> .. and I don't know how well it would manage, even if you hardlinked them all
<pythonirc1012> sarnold: perhaps dar would help?
<sarnold> Free99: ipsec would prevent the new machine from impersonating yours, but yours would be every bit as offline..
<sarnold> pythonirc1012: maybe? never heard of it before :)
<Free99> (facepalm)
<agu10^> Hello. I had a software running on https (443 port) but after installing Nginx, it stops answering on that port. Any idea why?
<sarnold> agu10^: perhaps your nginx is configured to listen there? check the output of sudo netstat -nlpt
<agu10^> sarnold, http://paste.ubuntu.com/5649815/
<TheLordOfTime> wheee i missed things
<TheLordOfTime> pythonirc1012:  yeah i did
<TheLordOfTime> pythonirc1012:  not sure if i broke it or not, but it builds... :/
 * TheLordOfTime yawns
<sarnold> agu10^: hrm, I don't even see :443 ...
<agu10^> yeah, i don't know what happened
<pythonirc1012> TheLordOfTime: Trying it out now
<TheLordOfTime> agu10^:  what did you have installed on that port?
<TheLordOfTime> or rather what were you running before nginx
<agu10^> iredmail
<pythonirc1012> TheLordOfTime: This time it stared and the pid error is gone.
<agu10^> ooooh. iredmail is set up to apache and has a virtualhost.conf for apache. I'm running nginx :/
<TheLordOfTime> pythonirc1012:  yeah that was the idea :P
<pythonirc1012> TheLordOfTime: this time it starts with the default config, but not with my config - complains invalid option /var/run/nginx.pid
<TheLordOfTime> pythonirc1012:  pastebin your ENTIRE config file
<TheLordOfTime> agu10^:  and that's your issue
<TheLordOfTime> agu10^:  does iredmail run as its own native application?
<agu10^> no, it doesn't
<agu10^> i don't know
<TheLordOfTime> sarnold:  whenever there's a weird question about nginx, you're free to ping me
<TheLordOfTime> agu10^:  here's an example conf file for iredmail on nginx: http://wiki.nginx.org/IRedMail
<TheLordOfTime> can't guarantee it works though, I don't use IRedMail
<sarnold> TheLordOfTime: thanks :)
<TheLordOfTime> sarnold:  especially when there's a huge version difference between what's in Ubuntu and what they're running :P
<TheLordOfTime> case in point pythonirc1012's situation (sorry for the ping!)
<sarnold> TheLordOfTime: indeed, that'd have been supremely confusing without you :)
<TheLordOfTime> sarnold:  xD
<TheLordOfTime> sarnold:  lucky random appearance i guess xD
<pythonirc1012> TheLordOfTime: do you recommend running ubuntu's nginx instead of the PPA nginx? I think the problem was that I was using some of the new features of nginx at the time I configured it
<TheLordOfTime> pythonirc1012:  i stick to what's in the PPA, but meh
<TheLordOfTime> pythonirc1012:  new features in 1.2.x are probably standard features in 1.4.x
<TheLordOfTime> pythonirc1012:  but your error was unrelated to features
<TheLordOfTime> so IDK what's with that
<TheLordOfTime> pythonirc1012:  the stable PPA's updated based on whatever's in Debian, so...
<TheLordOfTime> ... yeah, i stick with debian stuff.
<Free99> TheLordOfTime, I have several nginx servers to manage. Having a lot of trouble supporting webdav though, do you have any tips?
<pythonirc1012> Free99: ubuntu? what OS?
<Free99> yeah, ubuntu
<Free99> I had to make a really weird config file so that WPMU and Owncloud would work together
<Free99> but the webdav doesn't work
<Free99> *webdav part of owncloud
<pythonirc1012> Free99: what are you using owncloud for?
<Free99> file hosting/sharing
<pythonirc1012> Free99: with? at work or personal?
<Free99> work. It's a server for engineering students to share/backup large CAD files
<pythonirc1012> ah cool
<Free99> as well as make websites for their respective organizations easily
<pythonirc1012> how do deal with the authentication part then?
<agu10^> Why is my email taking so long into my inbox? I'm using postfix with iRedMail.
<Free99> what do you mean? little hackery of the backend keeps the same credentials in the database for both of them
<Free99> agu10^, stop posting in several rooms at once, that's pretty annoying
<agu10^> Free99, what do you suggest instead?
<Free99> not everyone is at their keyboard waiting for someone to talk to bro. Just wait a little, try somewhere else when you think you've waited enough and nobody helped you
<agu10^> okay, i guess i should code a delay for cross-posts ?
<pythonirc1012> Free99: how many people are using this thing that you are setting up?
<Free99> a bunch? at least 8 clubs, each has their own account and the club president delegates the user/pass to each member
<Free99> each club has at least 5 users
<Free99> (they have to, to become a club)
<Free99> everything works so far but the webdav
<pythonirc1012> so 40 users
<TheLordOfTime> Free99:  which nginx package are you using
 * TheLordOfTime doesn'
<TheLordOfTime> bleh
 * TheLordOfTime doesn't use WebDAV on his deployments, but might be able to tell you if you're using the wrong nginx binary package
<Free99> TheLordOfTime, nginx 1.1.19 I believe
<TheLordOfTime> Free99:  i meant nginx-light, nginx-full, etc.
<TheLordOfTime> Free99:  wait 1.1.19...
<TheLordOfTime> that's... either precise or quantal...
<TheLordOfTime> !ping
<ubottu> pong!
<TheLordOfTime> !info nginx precise
<ubottu> nginx (source: nginx): small, but very powerful and efficient web server and mail proxy. In component universe, is optional. Version 1.1.19-1ubuntu0.1 (precise), package size 6 kB, installed size 84 kB
<TheLordOfTime> yep precise
<Free99> precise it is
<Free99> I did nginx-naxsi
<Free99> haven't setup the naxsi part yet, its disabled
<axisys_> how should one install multiple perl modules ? one way is cat list-of-perl-modules | cpanm --interactive ..  is there a better way to do it?
<TheLordOfTime> Free99:  I don't think the naxsi version of nginx ships with webdav support
<Free99> hmm. how would I get naxsi along with the full module support then?
<TheLordOfTime> but i'm on the nginx PPAs, so i have to dig in the 1.1.19 version instead...
<TheLordOfTime> Free99:  a customized version of the naxsi package maybe, i don't see WebDAV and naxsi together in any of the binaries
<Free99> (shrug) I guess I can live without naxsi, I have zbblock on the server too
<TheLordOfTime> but remember i'm working with 1.4.x i don't have the 1.1.19 stuff around
<Free99> let me check
<Free99> ah cripes. my ssh server is acting up again
<Free99> TheLordOfTime, I'll have to ask you tomorrow if you don't mind
<Free99> maybe even monday
<TheLordOfTime> Free99:  i am pulling a copy of 1.1.19 right now
<TheLordOfTime> if you can hold on a sec i can double check
<TheLordOfTime> Free99:  yeah, none of the packages ship with both naxsi and webdav
<TheLordOfTime> and that won't ever be changed for precise, because it's kinda frozen that way
<TheLordOfTime> the only way to get webdav + naxsi is to either build from source or have someone build you a customized version of nginx
 * TheLordOfTime would do that but meh
<Free99> lol
<Free99> it's not a big deal, I'm fine with compiling myself and using checkinstall
<Free99> heading to bed, thanks guys
<shwaiil> hi
<shwaiil> Q: My server is setup in a VM (virtualbox). I'd like to start apache2 automatically whenever the VM is started or the user logins. What's the best way to do it ? The best practice ? Any suggestion are appreciated! Thank you ;)
<shwaiil> I heard about "upstart" script
<bekks> Just install Apache, and it is started by default.
<shwaiil> bekks: thanks for looking. not really, whenever I restart the VM, apache is off
<shwaiil> adding: service apache2 start, to /etc/rc.local and restarting my VM, I mean my ubuntu server it still doesn't auto init apache2
<Shogoot> Hi guys i got this little php file im running on my webserver. itss supoised to load somexml file  and loop troguh and echo/frite to file somdata...     but my opendir is failing....       must be the relative path i think, but my combination of  solutions are not working. HOW CAN i see from wich relative path the file is calling from?       I know its from a /var/ww/html/etcx etc etc, but what is the visiility of the file?
<oDiafanos> hello:) what monitoring system do you propose for monitoring web server with databases irc server and icecast ?
<bekks> Nagios.
<oDiafanos> is there any how to article to help me set it up on 12.04 server? I know the basics but I need it on a "live" srv and I can't experiment a lot
<bekks> oDiafanos: http://www.nagios.org/documentation
<jacobw> Icinga
<yobro> hello
<yobro> I can't seem to mount my dvd-rw, I'm getting an error message :"wrong fs type, bad option, bad superblock on /dev/sr0
<bekks> yobro: Then how do you try to mount it?
<gyre007> is there a way how I can tell which repo takes priority over which for certain package?
<gyre007> there was some apt command but I canf seem to find it even in man pages...
<Pici> The one with the latest version.
<gyre007> not really
<gyre007> if you have multiple sources...
<gyre007> which provide same packages...
<gyre007> how does apt figure out which one to get the package from ?
<Pici> Are the packages the same version?
<gyre007> not necessarily
<gyre007> they can be diffrerent
<Pici> I'm not sure how apt treats packages that are the same version, but the highest version number will always be pulled in the other case.
<Pici> maybe I'm misunderstanding your question.
<gyre007> lets say you have 5  nginx repos...and you decide to install nginx
<gyre007> which repo will the nginx be installed from ?
<gyre007> Pici: apt-cache policy nginx-full
<gyre007> apt-cache policy <pkg_name>
<gyre007> now the question is, how do you change the priorities...
<Pici> gyre007: aha! found it.  according to the apt_preferences manpage, the entry earliest in the sources.list file will be used for packages with the same version in different repos.
<Pici> I think the manpage also has information on how to set the priority for those
<gyre007> im checking this now https://help.ubuntu.com/community/PinningHowto
<gyre007> actually this wont prioritise the source over another..mm
<kearneykid> does anyone know about smoothwall firewall (linux)
<kearneykid> A ping is getting through the network and into the web but for some reason websites are being blocked
<sarnold> kearneykid: sounds like you allow icmp but block tcp
<kearneykid> u see it has been working all along and suddenly it just refuses my connections
<kearneykid> sarnold: i cant find anything in the control pannel that would let me block TCP
<sarnold> kearneykid: I think you've already blocked tcp..
<slide23> Does anyone know of a way to limit ssh accepting connections to a specific hostname? I have many virtualhosts setup that people attempt to connect to all the time and I dont want to limit ssh to just my IPs (because they may change or I may need to access it from somewhere else)
<kearneykid> sarnold how will i un-block TCP?
<andol> slide23: The ssh protocol doesn't really deal with hostname that way. There is (obviously) a DNS lookup on the client side, but that is a about it. The server has no idea what hostname the client went for.
<slide23> hrm dang
<slide23> any other ideas for reducing login spam heh, I am using fail2ban which is helping
<sarnold> kearneykid: sorry, I've never used smoothwall, can't suggest how to unblock a protocol..
<sarnold> slide23: something hokey like port knocking?
<andol> slide23: One option, especially if you are the only one connecting to the server, is to have sshd listen on an alternate port. While it might not matter much security wise, it will keep your log files a bit more clean.
<kearneykid> sarnold: just looking at the firewall logs and there are connections blocked about 2 every second. most of them are odd ports like 53099
<sarnold> kearneykid: src ports or dst ports?
<slide23> hrm port knocking seems interesting
<kearneykid> sarnold: its a different src ip going to my ip.
<kearneykid> sarnold: there are both UDP and TCP ports
<sarnold> kearneykid: note that outgoing requests from web browsers will use a randomly-selected port, often in the range 40,000-65535, for the source port..
<kearneykid> sarnold: could this be the problem so; its blocking the websites for no reason
<sarnold> kearneykid: hrm, can you pastebin your rules? perhaps someone here will be able to spot the issue
<kearneykid> I'm sorry i can only post it here as the web isn't working
<kearneykid> 11:12:12 IN=ppp0 OUT= MAC= SRC=189.222.24.70 DST=*****(MY IP) LEN=131 TOS=0x00 PREC=0x00 TTL=114 ID=22709 PROTO=UDP SPT=43731 DPT=25732 LEN=111
<kearneykid> that is just a random one i picked out of the list
<sarnold> that's just a blocked packet, not rule. but you can _irc_ fine but not http?
<sarnold> how about https?
<kearneykid> yes both http and https
<kearneykid> the error is saying "connection refused"
<kearneykid> also a nslookup works
<winterpk> Hi I'm having a problem with my ubuntu webserver.  I have multiple sites set up with virtual hosts and one has an SSL cert.  However, my client is getting an ssl cert error on a different site (even though I have no links to https on that site) where its trying to use a differet domain ssl. Does anyone know the best practice when setting up mulitple sites on the same server where some
<winterpk> use SSL and others dont?
<kearneykid> sarnold: actually for http; i get the error connection refused
<kearneykid> sarnold: and for https; it just times out
<sarnold> kearneykid: ah, perhaps a REJECT for http and DROP for https?
<sarnold> winterpk: investigate SNI: http://en.wikipedia.org/wiki/TLS/SSL#Support_for_name-based_virtual_servers
<kearneykid> mabye, how could i fix that?
<sarnold> kearneykid: perhaps I could pastebin your firewall rules for you, if you /query me, then paste them in, it wo'nt flood the channel..
<winterpk> sarnold thank you.  I will look into it directly
<winterpk> So I can only use one cert per server?!
<kearneykid> thanks very much for your help sarnold query opened
<winterpk> or a different IP
<winterpk> ugh, this is not good
<sarnold> winterpk: different IP is the usual approach, but I think SNI lets you get there, with newer clients anyway
<winterpk> well what If I only really care about one cert.  I just dont want to get a cert error on the other sites.
<sarnold> ah. I don't think there's anything you can do about that :/
<winterpk> oh  man this is not good
<RoyK> SNI should work with most clients these days
<winterpk> client = browser?
<RoyK> yes
<winterpk> hmm ok I'll try it.
<winterpk> its still trying to use the default ssl darnit
<gyre007> anyone here understands how package pinning works ? arrrgh...major headache
<winterpk> is there someway to just turn of SSL for the sites that dont use it?
<gyre007> I have the following preferences set https://gist.github.com/milosgajdos83/5555584
<gyre007> YET they are totally ignored
<gyre007> nginx-full is being installed from the second source..
<gyre007> arrrgh..
<sarnold> winterpk: you only get to open a port on an ip address. you can't selectively 'close' that port for requests coming in with one name vs another name -- it can't know which hostname the request is intended for until it has accepted the connection and read some bytes from it.
<winterpk> I see ok
<winterpk> its a chicken before egg paradox
<sarnold> hehe, yeah
<winterpk> SNI is supposed to hint at the right domain
<sarnold> or, one more motivating factor behind ipv6 :)
<winterpk> before the connection actually happen
<winterpk> I'm just having trouble with my config now I suppose
<sarnold> .. but sni assumes all domains you're hosting on that IP are supposed to have SSL :)
<sarnold> you _could_ segregate your hosts onto two IPs: the first IP for ones with ssl, the second one for hosts without ssl
<winterpk> ugh this is getting worse
<sarnold> most providers will sell you a second IP for sometihng like $5/mo. not too bad.
<winterpk> hmm I don't think I can assign two IPs to myu server.  I'm on AWS
<sarnold> winterpk: that might be "elastic IPs" in the console..
<winterpk> right, but I think I can only assign 1 per
<winterpk> stupid
<sarnold> oh? hrm. that is stupid.
<sarnold> winterpk: oh, check out the section titles "Assigning an Elastic IP Address to the Secondary Private IP Address" here http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-instance-addressing.html
<kearneykid> sarnold should i leave smoothwall and use a different firewall/router ?
<winterpk> hmm ok
<sarnold> kearneykid: maybe? :)
<kearneykid> what would ye recommend because this is really annoying me.
<kearneykid> any ideas on what to try?
<winterpk> hmm so aws has this virtual nic i need to implement. weird
<ppetraki> hallyn_, can you do me a favor and mark this triaged until we learn different? Thanks. https://bugs.launchpad.net/ubuntu/+source/multipath-tools/+bug/1178721
<uvirtbot> Launchpad bug 1178721 in multipath-tools "multipathd fails to create mappings when multipath.conf is present" [Undecided,Confirmed]
<jkyle> e
<slide23> Can anyone see anything wrong with this rule for allowing ssh in from a specific ip?
<slide23> /sbin/iptables -A INPUT -s 192.168.0.99 -p tcp --dport ssh -m state --state NEW,ESTABLISHED -j ACCEPT; /sbin/iptables -A OUTPUT -d 192.168.0.99 -p tcp --sport ssh -m state --state ESTABLISHED -j ACCEPT
<bekks> It doesnt allow new connections to be established (outbound in return to inbound new)
<kathy1> Holaaa
<RoyK> kathy2: hi
<RoyK> slide23: not really
<kathy2> How are you?
<RoyK> fine, thanks
<kathy2> emmm
<kathy2> ok
<kathy2> ;)
<RoyK> so what up?
<hxm> i configured smtp and all mails are marked as spam
<hxm> i have defined the spf in the txt dns record
<hxm> and configured openkim
<hxm> what do i miss
<sarnold> hxm: which tool said your mails are spam? did it give you any reasoning?
<hxm> gmail and hotmail, they just redirect to a generic page for many reasons
<sarnold> hxm: you could try this.. https://ers.trendmicro.com/reputations/index
<coalwater> I want to build a clustered/distributed web server using virtual boxes for learning purposes, is there a good link/book i could read ? thanks.
#ubuntu-server 2013-05-11
<hallyn_> ppetraki: done - did you want a particular priority?
<phunyguy> hey, seems like a slow channel tonight but I will ask anyway.   Still working on my Ubuntu router, and I wrote up a nice script with help from some ubuntu docs, that I would like to run on eth0 up.  With that being said, the very first like gets the IP of eth0, and if it has no IP, will obviously not work.  when using "up" in /etc/network/interfaces, does it wait for the interface to have an IP before it runs the  command specified by "up"?
<ppetraki> hallyn, nah, thats more work, this will end up being a support request
<hallyn> ok
<sarnold> phunyguy: interfaces(5) says "If this command fails then ifup aborts, refraining from marking the interface as configured (even though it has really been configured), ...
<sarnold> phunyguy: I take that to mean that it'll wait until the interface is configured before running your command
<phunyguy> sarnold, thank you for the info
<phunyguy> but that wording makes it sound like if the script fails.... but I want it to wait until it has an IP before actually running the script..
<phunyguy> answered my own question.   ran a test and it most definitely waits until a valid IP is assigned.
<_anARCHist_> any one ever have the issue where ubuntu server 12.10 wont connect with a static ip
<Serhad> hey folks
<hfase> what are you trying to set subdomains up on?
<hfase> like apache, nginx or just having routing problems
<jacobw> hfase: Hmm?
<Serhad> hfase i solved the problem, dns server is not up to date on my hoster.. got the trick wie the local hosts on my windows machine
<Serhad> thx...
<Litecoin_Messiah> <Litecoin_Messiah> i have a serrver with remote kvm axx any chance i can change the root pass its in a remote location I.e datacenter?
<slide23> Not sure where else to ask this, but I have a rackmount server with an IPMI port however I can't seem to get it to work and was wondering if anyone could help. Here is the manual for it
<slide23> https://encrypted.google.com/url?sa=t&rct=j&q=quanta%20s45&source=web&cd=1&cad=rja&ved=0CDEQFjAA&url=ftp%3A%2F%2Fftp.rackable.com%2Fpublic%2FTechnical%2520Support%2FQuanta%2520S45%2FQuanta_S45_Users_Manual.pdf&ei=82-OUeWtOcWxygHPhIHoCQ&usg=AFQjCNEQtxOIwu-1Ci4mUZxBeqoRwEV7Tw&sig2=C58r-YotnQIpN08N49LA3w&bvm=bv.46340616,d.aWc
<slide23> or rather, ftp://ftp.rackable.com/public/Technical%20Support/Quanta%20S45/Quanta_S45_Users_Manual.pdf
<slide23> I've tried setting it to use a static IP (192.168.1.199/255.255.255.0) and also using DHCP but it never shows up in my dhcpclient list
<gdeeble> Does anyone have a good tutorial to convert from single disk to raid1 after installation has been done? I've been running on single disk for a year and now want to convert to a raid 1 since it's becoming more of a vital machine with a lot of records.
<qman__> gdeeble, you can't really "convert" it
<qman__> what you have to do is create a new mirror with a missing disk on your second drive
<qman__> copy your data over, install grub
<qman__> then format and add your old drive to replace the missing disk
<gdeeble> Ahhh That makes sense, I just guess it's now to read up about creating a blank raid to start with
<mollerup_> gdeeble, if you have a proper raidcontroller it can convert it for you. but as always keep a backup before doing anything like this :9
<gdeeble> See this is just a home server so it's using a standard desktop MB in it. so only controller I have is one board which means fake raid
<slide23> Anyone dealt with IPMI before?
#ubuntu-server 2013-05-12
<p7ank5te7> I'm trying to change my hard drive out on my home server, which is just a single disk, and trying to go to a Raid 1, but I'm not understanding how I can do this.
<p7ank5te7> Can anyone give me a few pointers?
<p7ank5te7> Also to top it off, when the server was built, it appears that only 2 partitions were made, 1 being the root( / ) and 1 being the swap. Does that pose additional problems
<RoyK> p7ank5te7: create a new raid-1 with a missing drive on the other drive and copy the data over
<RoyK> you can't convert a normal partition to a raid-1
<p7ank5te7> See my problem is with the tutorials, they say I'm supposed to have root, boot, and swap partitions but I only have root and swap?
<RoyK> then create a small boot partition on the new drive
<RoyK> copy /boot there
<RoyK> use lvm for the rest
<RoyK> if  you're new to linux, ask, it may take some turns to get it fixed right
<RoyK> or - just use partitions - one for /boot, one for the root, and one for swap
<p7ank5te7> I am still a bit new to it, at least for the partitions and stuff, I have been learning slowly but surely.
<RoyK> then just use partitions for now
<RoyK> fdisk /dev/whatever
<RoyK> create a small boot partition, max 1GB
<RoyK> then the swap, then the root
<RoyK> swap should be on the start of the disk, since that's fastest
<RoyK> but start with the boot partition
<RoyK> then mount the lot in /mnt or smoewhere and rsync -avPHAx / /mnt
<RoyK> as in, mount the root on /mnt
<RoyK> create /mnt/boot
<RoyK> mount /boot there as well
<RoyK> and then do the rsync
<RoyK> then install grub on the new drive
<RoyK> try to reboot into it
<p7ank5te7> RoyK, I appreciate it, so let me make sure I understand, create the partitions on the "Extra" drive, then rsync the content from the current to the new one, install grub, and try it?
<RoyK> p7ank5te7: erm
<RoyK> p7ank5te7: I think you'll need to do this slowly
<RoyK> p7ank5te7: first, create a partition for boot, swap and root
<p7ank5te7> Sorry for being a complete idiot with this.
<RoyK> no, I was giving wrong advice
<RoyK> create these partitions as raid partitions
<RoyK> then create raid devices on them with something like "mdadm --create --level=1 --raid-devices=2 /dev/sdXY missing"
<RoyK> meaning you create a degraded raid on each of them
<RoyK> then create raid devices on them with something like "mdadm --create --level=1 --raid-devices=2 /dev/md0 /dev/sdXY missing"
<RoyK> etc
<RoyK> md0 md1 etc
<RoyK> one for each partition
<RoyK> then mount the root on /mnt or somewhere and create /mnt/boot, mount the boot partition there, and do the rsync
<RoyK> then install grub on the new system
<p7ank5te7> So mount my current setup on mount then mount md0(boot) as /mnt/boot is that right?
<RoyK> p7ank5te7: yes
<RoyK> p7ank5te7: just make sure you mount the new raid on -mnt first
<RoyK> p7ank5te7: /mnt/even
<RoyK> p7ank5te7: /mnt even
<p7ank5te7> Ok. So I follow now, mount the raid root as "/mnt" then the raid boot as "/mnt/boot"
<RoyK> p7ank5te7: mount raid root on /mnt, mkdir /mnt/boot, mount raid boot on /mnt/boot, do the rsync
<RoyK> install grub
<RoyK> try to reboot into that - should work
<p7ank5te7> Let's see if it works
<p7ank5te7> RoyK, i'm up to the Rsync part. As far as install grub, when I do that, just purge it and reinstall it and have it set to the secondary drive?
<RoyK> p7ank5te7: install-grub /dev/blah
<RoyK> typically /dev/md0
<p7ank5te7> Will that work with grub 2?
<RoyK> yes
<RoyK> but gotta go - time's like 4:15
<amarcolino> Hi, I have added myself to the web group (www-data), when creating a directory the ownership goes to the user then the group (foobar:www..) is there a way to set it to the group then owner or what I would like is to keep it as the group but still permit me the user to add, delete and read files?
<heyman> I have an emergency for work! I'm having problems mounting devices so I decided that I'll try wget or curl or something to retrieve the files from another location.
<heyman> Are we able to use ubuntu one with server, or even dropbox? I just need a simple solution to get two small files on my ubuntu server vm
<amarcolino> dropbox has a command interface so yes, n a quick check on google has given me to support what I thought http://rbgeek.wordpress.com/2012/08/19/how-to-install-and-configure-dropbox-on-ubuntu-server-12-04-lts/
<amarcolino> I assume ubuntu one would be the same but I havent checked
<heyman> thanks amarcolino
<Komplex> Can anyone answer a question?
<Komplex> Considering moving multiple services that are currently running on winblowz servers presently.  Does anyone know if 12.10 or 13.04 server edition fully utilizes the RAM on a machine?
<Komplex> for some reason I am only seeing 8 gigs out of 16 on a box I installed it on... just seemed odd... wanted to see if anyone ran into the same issue or not... thanks for your time.
<Quest> i dont see any /var/log/fail2ban.log . the  iptables and service  fail2ban status says that fail2ban is running fine.. any clue?
<Quest> i would say then which distros are best for servers if wanted to be free and maintain our selfs?
<Quest> ports can be forwarded by routers/switches and NATing can be done. how to do that if the thats a linux server instead?
<dassouki> what is the terminal command that goes through the folder / file sizes and let's you go through them like if it were explorer
<dassouki> i remember it starts with "n" ?
<bekks> dassouki: "find" and "du -sh" :)
<dassouki> ya i use those two but there was a command app, that cycles through your folders and displays the info in a tree, so you can go deeper into a folder, etc
<amarcolino> Hi, I have added myself to the web group (www-data), when creating a directory the ownership goes to the user then the group (foobar:www..) is there a way to set it to the group then owner or what I would like is to keep it as the group but still permit me the user to add, delete and read files?
<qman__> amarcolino, www-data is the user the web server runs as and should not own any files; you should create a new group for website file ownership
<qman__> take note that, out of the box, all files in /var/www are owned by root, not www-data
<amarcolino> I've already changed ownership to the www directory as well as adding myself to the www-data group, however, the issue is when I add files or directories www-data gets second ownership, which is not helpful because some directories and files can't be auto-updated since the web group is meant to have full access, so I am wondering how I can solve this and if it is possible other then manually changing ownership?
<RoyK> anepanal1ptos: chmod +t /var/www
<RoyK> that should make group ownership stick
<amarcolino> RoyK, will try that even knowing it was intended for someone else
<RoyK> heh - sorry ;)
<RoyK> chmod g+t, perhaps
<amarcolino> RoyK, no good, if I were to create a test directory ownership would be my username and group would be www-data, however, I just thought that wouldn't be a problem if everytime something is created it would be given read and write permission by default, which it isn't
<amarcolino> Royk, thanks I will work on this when I have more time
<RoyK> then the umask is wrong
<amarcolino> Royk, how would I check the umask?
<userr> chat clients disconnect (after a while) when i switch to another Xorg server (by using ctrl+alt+F8). how does the former Xorg server ("at F7") tell that i switched away from it? i need to suppress that.
<RoyK> amarcolino: depends on how you upload things
<bjrohan> In my home directroy in Ubunty server, I have a file "=" what is this file?
<bjrohan> cat "=" gives 13.04 12.10
<jacobw> bjrohan: That's not part of the distribution
<shauno> seems a pretty sane guess that it's a mistake somewhere.  something that's directing when its meant to be comparing
<bjrohan> Hmm. I installed the distro fresh, installed KDE, and alfresco (with tomcat, sql etc) that is all
<jacobw> There's might be an error in the Alfresco installer that creates that file in $PWD
<jacobw> bjrohan: Did the installer exit successfully?
<bjrohan> Yes
<jacobw> In that case, I'd remove the file and carry on
<bjrohan> Ok. I am the owner of the file
<jacobw> If you ran the script as your user, you'll be owner of any files created by the script
<bjrohan> What would the ownership look like if it was something that was created during the dist install?
<bjrohan> Also, I encrypted the user home directories on install. Given this, can I using sudo 1.) see, or 2.) access files in another users encrypted directory?
<bjrohan> Say the file and dir both do NOT have not permissions granted to anyone but the user
<jacobw> sudo ecryptfs-recover-private
<bjrohan> jacobw: If I am understanding right, that is a way to recover encrypted data if one knows the passphrase (say a hdd craps out and you can no longer boot from it, use this command from a livecd to recover the date)?
<jacobw> That's right
<jacobw> bjrohan: ecyptfs volumes are mounted when the user logs in and unmounted when the user logs out
<bjrohan> To get down to brass tacks, if users home directories are encrypted, I as the sys admin, can not use sudo to access their files b/c I don't have their passphrase, whereas if it is NOT encrypted, I can use sudo to access the files.
<jacobw> That's right
<bjrohan> Nice, I understood it correctly :-)
<jacobw> bjrohan: You can see their files when they're logged in because you have root access to the filesystem and their encrypted data is mounted in the filesystem
<jacobw> bjrohan: When they're logged out, their encrypted data is just an encrypted file that you don't have the passphrase to
<bjrohan> That makes sense :-)
<bjrohan> Thank you for the info
<jacobw> bjrohan: However, there's the passphrase and the encryption key, the passphrase is just a wrapper around the encryption key. If you have the encryption key you can always decrypt the file
<jacobw> bjrohan: The encryption key cannot change after the file is created, if you log the encryption key when the ecryptfs is created, you can access it whenever you want
<jacobw> bjrohan: The passphrase is just a way of accessing the encrypted encryption key on disk with the login password
<bjrohan> Very similar to GPG
<jacobw> It's the same scheme
<Jeeves_Moss> what would cause a SSH session to hang during a write to a new ZFS tank?  I just made a new tank with RAIDZ2, and now when I move anything larger than a 1Gb file, it locks up
<RoyK> Jeeves_Moss: zfs-fuse?
<three18ti> do apparmor profiles use "#" for comments?
<three18ti> this is my /etc/apparmor.d/libvirt/TEMPLATE: http://paste.scsys.co.uk/247709
<three18ti> #include <abstractions/libvirt-qemu>
<Jeeves_Moss> RoyK, no, native
<three18ti> is that actually including anything?
<Jeeves_Moss> RoyK, there dosen't look to be any disk activity
<RoyK> Jeeves_Moss: ubuntu doesn't have native zfs
<Jeeves_Moss> apt-get install ubuntu-zfs
<RoyK> no such package
<Jeeves_Moss> RoyK, and have they fixed the expand features so you can add disks to a pool to expand the sapace?
<Jeeves_Moss> RoyK, ubuntu-zfs is already the newest version.
<RoyK> Jeeves_Moss: it's not in the repos
<Jeeves_Moss> RoyK, I literly just ran it
<RoyK> E: Unable to locate package ubuntu-zfs
<RoyK> that's on raring
<RoyK> and quantal
<Jeeves_Moss> https://launchpad.net/~zfs-native/+archive/stable/
<RoyK> yes, it's a ppa
<Jeeves_Moss> yea
<RoyK> not official ubuntu
<Jeeves_Moss> hummm
<Jeeves_Moss> I'm wondering if I should roll the data out of the tank and fire up the fuse version
<RoyK> I've been working with zfs for some years
<RoyK> on opensolaris/openindiana
<RoyK> and it's brilliant for its use, but I chose md for my home server
<RoyK> zfs lacks flexibility
<blkperl> how does zfs lack flexibility?
<blkperl> zfsonlinux works rather well on ubuntu
<jacobw> It depends what you need, most of the components of ZFS are available in other stacks
<jacobw> RAID/LVM is simple, COW isn't
<Jeeves_Moss> ugh, this lockup is pissing me off
<Jeeves_Moss> how can I track IO issues
<jacobw> Jeeves_Moss: iotop
<jacobw> Jeeves_Moss: Also, see IO wait/delay in top and other things
<Jeeves_Moss> jacobw, shows nothing moving
<jacobw> Jeeves_Moss: Do you see anything in syslog/dmesg/kernlog?
<Jeeves_Moss> jacobw, checking.  I've tried moiving from USB to the root disk, and everything works.  It just locks up when I try to write to the ZFS tank
<Jeeves_Moss> jacobw,  failed: use vmalloc=<size> to increase size.
<RoyK> blkperl: you can't add more drives to a VDEV
<RoyK> blkperl: you can't rebalance a pool if more VDEVs are added
<RoyK> blkperl: really, it's just fixed - it's good for well-planned long-term storage, but not if you want it flexible
<RoyK> blkperl: and you can't change RAIDz levels either
<RoyK> nothing can be changed
<Jeeves_Moss> yea.  once it's built, you're kinda effed
<Jeeves_Moss> this one is for a storage pool for VMs
<RoyK> zfs rocks - but it's not very flexible - that's my motto
<jacobw> It's flexible if you have a large array
<RoyK> no, it's not
<RoyK> you can add a new VDEV, ok, but it won't rebalance the raid
<jacobw> vdev being a block device?
<jacobw> LV/whatever the ZFS term is
<RoyK> that'll require the block pointer rewrite, which was posted as an idea some four year back
<RoyK> but never implemented
<RoyK> a vdev is a mirror or a raidz?
<RoyK> zpool create mirror d1 d2 mirror d3 d4
<RoyK> makes two vdevs
<jacobw> I haven't heard the term vdev before
<RoyK> heh
<RoyK> then you don't know zfs
<jacobw> Well, I don't
<jacobw> Now Unity has crashed :|
<RoyK> zpool create asdf raidz2 d1 d2 d3 d3 d4 raidz2 d5 d6 d7 d8 d9
<RoyK> two vdes
<RoyK> vdevs
<RoyK> (albeit bad syntax)
<blkperl> RoyK: ah ok, yep those things will probably be around for a long time
<jacobw> OK, so vdevs are PV in the LV group in ZFS terminology?
<jacobw> http://pthree.org/2012/12/04/zfs-administration-part-i-vdevs/
<jacobw> :)
<RoyK> jacobw: really, I've been working with zfs for 3 years or so :P
<jacobw> OK
<RoyK> no, in LVM terminalogy, a PV is a disk, a VDEV is a group of disks set in a mirror or raidz-something
<jacobw> I see
<RoyK> better use MD if you want flexibility
<RoyK> chances for silent errors are rather low with small volumes, as in <20TB
<RoyK> or <100TB even
<jacobw> Agreed
<jacobw> Er, silent errors? As in write holes?
<RoyK> silent errors are when the drive doesn't report an error but delivers bad data
<jacobw> I see
<RoyK> whenever they get bp rewrite into zfs, it'll be fun
<jacobw> What do you mean by rebalance the RAID?
<jacobw> BP?
<RoyK> block pointer rewrite
<RoyK> if you add another drive to an md raid, it'll re-balance the data
<RoyK> if you add another vdev to zfs, it won't do much, just try to smear the data over the lot
<RoyK> rebalancing means moving the data over the existing vdevs to make performance better
<jacobw> I see
<jacobw> What kind of performance difference does that make?
<jacobw> I didn't know mdraid did that
<RoyK> jacobw: it means new writes will only go to the new vdev
<RoyK> earlier it would make the zfs performance almost halt, but that's been fixed
<jacobw> I see
<jacobw> It sounds as if rebalancing is different the RAID and ZFS contexts
<jacobw> I'm trying to find references to it and hitting a lot articles about distributed filesystems like GlusterFS and proprietary SAN stuff
<RoyK> glusterfs comes on top of zfs or md
<RoyK> zfs is fine if you have a fixed set of disks and can plan things well
<RoyK> if you want to add more disks, it gets complicated
<Quest>  In Linux, how is it possible to merge/combine 3 internet connections (Dsl/fiber) (actually by eth1,2,3) and supply those to eth4. many client can be connected on a switch that is connected to eth4 of the server. The server does the load balancing and if one eth of 1,2,3, goes down. it shifts traffic to remaining 1,2. I have seen this in microtck router.  How is it possible in Linux?
<RoyK> Quest: see http://www.lartc.org/
<RoyK> Quest: it's not trivial, but quite doable
<Quest> RoyK,  hm. thats how microtick did it?
<RoyK> Quest: well, just try
<Quest> where to start
<RoyK> read the docs, for a start
<Quest> oh ok
<codepython777> is there a way to put a network bandwidth quota on each user when the network usage reaches above certain threshold? (something easy to use compared to ip tables)
<jacobw> Quest: Mikrotik RouterOS can bond interfaces using LACP, if that's what you want to do
<Quest> jacobw,  what is lacp?
<jacobw> Quest: If you want to balance sessions over 3 subnets read those docs, and have a look at this, http://parkersamp.com/2010/03/howto-using-linux-as-a-simple-load-balancer-nat-router-firewall/
<jacobw> Quest: Link Aggregation Control Protocol, it combines Ethernet ports in to channels, like port channel
<Quest> hm\
<Quest> jacobw,  i thought they used http://lartc.org/howto/lartc.rpdb.multiple-links.html
<Quest> jacobw,  and i think you have experience with mikrotick OS. its linux of their own? or theres some underlying os they use like centos or ubuntu?
<jacobw> Quest: I wasn't sure what you were talking about at first
<Quest> jacobw,  and i think you have experience with mikrotick OS. its linux of their own? or theres some underlying os they use like centos or ubuntu?
<jacobw> Quest: RouterOS is Linux based, but Mikrotik have replaced parts of the networking stack and included in house implementations of things like MPLS
<jacobw> Quest: If you look at the firewall interface, it's quite clearly iptables
<Quest> hm
<Quest> jacobw,  i was wondering if it uses a known os underneath so i can use a package manager and install apps further in it?
<jacobw> Quest: No, that's certainly not possible :)
<Quest> :(
<jacobw> Quest: RouterOS uses the Linux kernel only, it uses Mikrotik own userspace
<Quest> hm. thanks
<Quest> it will take quite long for me to do what mikrotik doesn, in pure linux and iptables
<jacobw> Quest: http://wiki.mikrotik.com/wiki/Manual:IP/Route#Multipath_.28ECMP.29_routes
<jacobw> Quest: The page you just linked from LARTC has everything you need for your scenario
<Quest> jacobw,  thanks!
#ubuntu-server 2014-05-05
<Kawaiola> Anyone set up a static Ip in a virtual instance of ubuntu server?
<patdk-lap> define, virtual instance
<Kawaiola> patdk-lap, I'm running ubuntu server in vmware the web interface version
<patdk-lap> the web interface version?
<patdk-lap> never heard of any such thing
<Kawaiola> patdk-lap, Uhh hold on let me look at what it is actually called
<Kawaiola> patdk-lap, I guess I'm just using the regular vmware
<patdk-lap> well, set a static ip just like you would, on any other ubuntu install
<Kawaiola> paterfacesdk-lap, I did that but for some reason it keeps falling back to dchp which doesn't make sense because I totally took that out of my int
<Kawaiola> patdk-lap, I went and made it static in nano /etc/network/interfaces
<Kawaiola> patdk-lap, and everytime I restart the interface it fails and rolls back to dhcp
<bopper1_> I set up a file server using samba, ubuntu 14.04 LTS, command interface only. I can't access my server from win 8.  Please Help :(
<bopper1_> I set up a file server using samba, ubuntu 14.04 LTS, command interface only. I can't access my server from win 8.  Please Help :(
<bopper1_> wow wow wow
<bopper1_> can anyone help me?
 * [gnubie] waves
<[gnubie]> # uname -r && lsb_release -d && sysctl -a | grep -i swappiness
<[gnubie]> 3.13.0-24-generic
<[gnubie]> Description:	Ubuntu 14.04 LTS
<[gnubie]> vm.swappiness = 10
<[gnubie]> given the above information, i'm wondering why my system is already swapping when i still have around 50% of physical memory that is still free..
<[gnubie]> anyone?
<[gnubie]> is there am i missing with this new version?
<[gnubie]> hello..?
<ghostlines> hi, i have a bridged nic called br0. I use it for my vm's that I run with kvm. However as soon as I enable a 6in4 tunnel that also uses the bridge(br0) I lose ipv4 connection on the vm's but the physical host is fine(ipv4 and ipv6 work)
<ghostlines> how can I troubleshoot this? It seems as if I can't use a 6in4 tunnel and bridge at the same time
<owh> ghostlines: I do not know the answer, but are there any hints in any logs or dmesg?
<ghostlines> owh double checking those now
<ghostlines> ok looks like the vm's are getting an ipv6 address that I configured with radvd. Maybe the ipv6 config in radvd is incorrect
<ghostlines> but I would still expect ipv4 to still work, it seems as if a misconfigured ipv6 address is being preferred / used by default if it's set and ignored the ipv4 address
<mardraum> yes, ipv6 is preferred in dual-stack.
<ghostlines> ahh
<linocisco> hi all
<linocisco> how to ensure secure connection between windows clients and ubuntu server in client-server architecture?
<owh> linocisco: To do what?
<linocisco> owh, to deploy asterisk like deployment in the network
<linocisco> owh, sorry
<linocisco> owh, to avoid hacking
<owh> Huh?
<linocisco> owh, make sure secure connection between clients and servers in office network
<owh> What are the Windows Clients getting from the Ubuntu server?
<owh> linocisco: Are they getting files, print queues, database connection, terminal, x-windows, what?
<linocisco> owh, basically, clients will access file folders/ authentication like LDAP,
<linocisco> owh, database also in future
<owh> linocisco: So, we're talking file and print sharing?
<linocisco> owh, terminal also for remote access to server to create/troubleshoot users accounts
<owh> linocisco: So, ssh to provide terminal access, user accounts to provide samba access, disallow guest access, remove services that you're not using.
<owh> linocisco: https://help.ubuntu.com/community/Samba/SambaServerGuide
<vedic> What is the fastest but safest way (safe in terms of data security) to transfer a file stored on one Ubuntu server to send to another Ubuntu server?
<err-or> vedic: scp?
<vedic> err-or: Can this be automated?  As soon as file arrives, it is tranferred to another server?
<ogra_> use rsync via ssh ... and create an upstart job that watches the dir
<ogra_> i.e. http://paste.ubuntu.com/7398001/ is an example job ...
<vedic> ogra_: thanks
<vedic> err-or: How about NFS and then local system send file to remote server when new file gets created? Upload will be handled automatically?
<vedic> ogra_:
<ogra_> NFS is fine, but not secure indeed (no encryption)
<vedic> NFS over vpn
<vedic> ogra_:^
<ogra_> sure, that would work ...
<andol> ogra_: *cough*Kerberos*cough*
<dassouki> any ideas on how i can fix the errors .. I'm trying to upgrade from 10.04 to 12.04 http://pastie.org/private/nnwgfqvpsojoweeiq50xta
<dassouki> any ideas?
<pmatulis> morning
<_ruben> bah, cant find any proper open-iscsi/lio related performance tuning guides .. for some reason w_await is ~0, while on the initiator it sometimes ramps up to 2000ms
<_ruben> the setup is far from ideal currently, so dont really know where to start digging :p
<lordievader> Good afternoon.
<patdk-wk> _ruben use a faster network
<_ruben> patdk-wk: i admit that this setup is using only a single 1gigE .. which i plan to improve "some day" .. still wondering what the actual bottleneck is though
<_ruben> doesnt appear to be bandwidth, as it sometimes fills the gigE using writes
<_ruben> with low iowait
<patdk-wk> so, taking your random infomation, you can conclude that?
<_ruben> it's the read/write (random?) io that's suffereing from waits
<patdk-wk> cause they have nothing at all to do with each other
<_ruben> bandwidth and latency not being related sure, but bandwidth being the bottleneck is what i tried to rule out
<patdk-wk> what does writes not having i/o wait have to do with any of this?
<patdk-wk> ofcourse writes won't have much
<_ruben> actually, reads/writes should be irrelivant here .. as on the iscsi target i dont see any issues, disk wise .. so it's either network or the iscsi stacks
<_ruben> io sched on target is deadline, on initiator it's noop .. guess it's getting about time to redo the network at that location, to make it at least a little bit sane
<onorua> Guys, I'm trying to have HDD->RAID1 -> LVM -> LUKS -> EXT4
<onorua> but it doesn't boot, what kernel parameters should I set to decrypt root?
<onorua> I've tried a lot from different sources in internet but not luck
<onorua> does anyone has working configuration like this?
<onorua> in my case it stop with mdadm create group disk not found
<pmatulis> yeah, bug #1316124 , was inevitable.  i wonder if -backports is the way to go
<uvirtbot> Launchpad bug 1316124 in openldap "Actual Ubuntu Slapd totaly useless for "serious" use" [Undecided,New] https://launchpad.net/bugs/1316124
<mzarella> I'd like to create the symbolic link, rm /usr/sbin/node, and then update my path. How would i update my path without logging out of the ssh session and logging back in?
<Princesa> Hi people!
<Princesa> can you help me with zoneminder in ubuntu 12=???
<Princesa> help me with ubuntu server and zoneminder=??
<pmatulis> what is zoneminder?
<zotta> Using apache server: It
<zotta> is possible to allow the server to read a directory without granting access to every user on the server?
<zotta> I added www-data to the group wich owns that folder. but I still get 403 error
<sarnold> zotta: did you restart your apache server to pick up the group change?
<zotta> nope
<zotta> now it works: Thanks sarnold!
<zotta> But why do I need to restart a program to change user groups?
<sarnold> zotta: it isn't so much 'restart a program' as much as 'log that user in again'
<sarnold> zotta: .. and services are funny, restarting them is the moral equivalent of logging them in again
<zotta> ok...
<sarnold> sorry it's hard to describe :) right now I'm even curious where in the startup procedure for apache it would know about the supplementary groups. it's funny that I've never thought of it before.
<Ri881> Hi, I want to isolate just one process. What's the best way? Do I always have to emoulate the whole OS?
<Ri881> ...emulate
<sarnold> Ri881: depending upon your goals in isolating that one process, you have a handful of options; since I know apparmor best, I'd probably aim for an apparmor profile first, but you could also use lxc to provide it a 'clean machine' ..
<plm> hi all
<plm> are there a way to do a link of "arm-linux-gnueabi-gcc -V" to "arm-linux-gnueabi-gcc -v" ?
<lordievader> plm: An alias?
<plm> lordievader: yes
<plm> lordievader: any idea?
<lordievader> Add "alias arm-linux-gnueabi-gcc -V='arm-linux-gnueabi-gcc -v'" to your bash profile or somewhere else where it gets loaded.
<lordievader> Personally I put aliases in ~/.alias and then source it from my zsh config.
<plm> lordievader: $ alias arm-linux-gnueabi-gcc -V='arm-linux-gnueabi-gcc -v'
<plm> bash: alias: arm-linux-gnueabi-gcc: not found
<plm> $ arm-linux-gnueabi-gcc
<plm> arm-linux-gnueabi-gcc: fatal error: no input files
<plm> that is strange..
<lordievader> Hold, on it needs some more quotes.
<lordievader> Hmm I spoke to soon, the alias itself cannot have arguments it seems, but you could name it arm-version or something.
<plm> lordievader: how?
<lordievader> alias arm-version='arm-linux-gnueabi-gcc -v'
<plm> lordievader: ohh problem that i need that, becouse I have a bug in autotools I thing, look the error compiling python:  configure:3509: arm-linux-gnueabi-gcc -V >&5
<plm> arm-linux-gnueabi-gcc: error: unrecognized command line option '-V'
<plm> lordievader: So I was thinking to change that -V to -v
<lordievader> Seems to me like that is a problem with autotools. x86_64-linux-gnu-gcc doesn't know -V either.
<lordievader> (I might be very wrong at this ;) )
<plm> lordievader: yes, becouse that problem in autotools I'm trying use other way to cheat it?
<plm> s ?/.
<plm> lordievader: or how I to change that in autotools, do you know?
<lordievader> I don't know autotools. Is this for the RPi btw?
<lordievader> If so, I have cross compiled a kernel for it with help from http://elinux.org/RPi_Kernel_Compilation#Ubuntu
<plm> lordievader: not, a arm9 embedded linux
<plm> lordievader: is not way with power of linux to do a kind of that alias/link? =D
<plm> lordievader: I will to a script with thaat name and inside put the -v =D
<plm> and original I change the name
<plm> not works :-(
<jsmitsnl> after upgrading to 14.04 from 12.04 my amavisd-new is not running in normal (background) mode. only in foreground or debug mode. Any pointers?
<hehe> hey folks
<hehe> how I can see which service is using secondary ip?
<sarnold> hehe: netstat -anp or ss
<hehe> ty
<hehe> sarnold: localhost on box with many ips usually uses just 1?
<hehe> it seems here it uses 2 :(
<sarnold> hehe: all of 127.0.0.0/8 routes to localhost
<sarnold> hehe: normally 'localhost' resolves to 127.0.0.1 and the machine's hostname resolves to 127.0.1.1.
<hehe> ok i got box with many ips I want 1 ip to be used for website and 1 for another service
<hehe> I added 1 more ip to eth0:0 but someone nginx starts using in
<hehe> it
<hehe> since nginx using localhost I presume localhost somehow grabs ot?
<hehe> very bizzare
<sarnold> hehe: what does your nginx  'listen' line look like?
<hehe> listen 80 default_server;
<hehe> I tried to change it to ip and it rejects it
<sarnold> hehe: something like: "listen   192.168.1.14:80;" should work fine
<sarnold> (I don't know what "default_server" does, I haven't seen that before)
<hehe> nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
<hehe> it seems for some reason both nginx and service nr 2 cant yet to sit nicely
<hehe> on their ios
<hehe> ips
<hehe> ok just have to find where 00000 isd
<hehe> is
<sarnold> hehe: 0.0.0.0 is a wildcard bind; it'll fail if something else has a specific IP bound on :80 ..
<hehe> ok
<hehe> I was thinking since I got multiple ips
<DenBeiren> u-oh
<DenBeiren> think i did something terribly wrong
<hehe> i can run many services on 80
<DenBeiren> purged all of the kernels and rebooted
<sarnold> hehe: one per IP :)
<hehe> lol I got 5
<hehe> i told dumb  nginx use separate it
<hehe> IP
<hehe> as per u howto :d
<hehe> what da it wants :)
<DenBeiren> now my server won't come up,.. any ideas on where to check or what to do first?
<hehe> backup
<hehe> restore from it
<hehe> why da u purged kernels?
<DenBeiren> no backups as far as i know
<sarnold> DenBeiren: probably easiest is to boot a rescue environment off a CD or something, mount your old system somewhere, chroot there, use apt-get to install a kernel, sync, umount, reboot, and hope it works :)
<DenBeiren> ik had 99% of /boot filling up
<DenBeiren> so i purged a few of the (very) old kernels
<hehe> well then gix it
<hehe> fix :D
<hehe> if u smart enough to purge kernels u can fix it
<hehe> :P
<DenBeiren> accidently i pasted a (incomplete) command and purged them all :s
<DenBeiren> hehe: you really give me too much credit :p
<hehe> u aimed to do u done
<sarnold> everyone's got to kill their server at least once :)
<hehe> :D
<hehe> now u fcked it
<hehe> hahaha
<DenBeiren> i've killed it multiple times :-)
<hehe> thats why I like aws amis
<hehe> Den!!!!!!!!!!!!!!
<hehe> multiple? :D
<hehe> hehe
<DenBeiren> but i've been killing it since 6.04 :-)
<hehe> me 0 times
<hehe> sarnold: started nginx and socket.error: [Errno 98] Address already in use
<DenBeiren> "learing" from each kill :-)
<sarnold> hehe: you'll have to configure all your services to ensure that no two want to use the same IP:port
<hehe> i got nxinz and 1 more
<hehe> so I got to tell  it to nginx somehow
<DenBeiren> sarnold: mounting, syncing, etc is not something i am feeling cozy with,..
<hehe> then service 2 uses whats available
<hehe> DenBeiren: then install windows? :P
<DenBeiren> maybe faster/better/cleaner to do a reinstall?
<hehe> its like car parts
<hehe> simple
<sarnold> DenBeiren: re-install is drastic overkill for this problem but if it what you feel comfortable doing, don't let me stop you
<hehe> put new engine in - start - go
<DenBeiren> hehe: pls don't go there,.. my car is in the garage :'(
<hehe> so fix it
<DenBeiren> and no, i didn't do anything to it :-)
<hehe> be  a man :)
<sarnold> well you didn't buy a new car, right? :)
<hehe>  LAST_ACK   whats that?
<hehe> 1 pesky last ask on ip I want
<hehe> :D
<hehe> ok means flushed soon
<hehe> and then ip is free!
<sarnold> hehe: oh man, that's reaching back too many years, but iirc it's when you've received a FIN but haven't yet sent your own FIN ACK combination...
<hehe> how I kill it on my side?
<hehe> :d
<sarnold> ah, looks like FINs have been sent on both sides and you're just waiting for the ACK from the remote peer: http://tangentsoft.net/wskfaq/articles/bitmaps/state-diagram-small.gif
<hehe> trash nginx took second ip again
<hehe> :D
#ubuntu-server 2014-05-06
<DenBeiren> i'll be looking into it tomorrow with a fresh mind,.. 02:00 here atm
<sarnold> DenBeiren: not a bad idea. good luck. :)
<DenBeiren> tia
<hehe> fixed
<hehe> sarnold: I missed some server blocks
<hehe> now works
<hehe> ::)
<sarnold> hehe: excellent :)
<hehe> its like a girl
<hehe> once put 100% in it
<hehe> often yields
<hehe> :D
<hehe> listen to men to become hero and women will love you
<hehe> omg so simple :D
<rostam> HI is there a support for systemTap on ubuntu? thx
<freeflying> rostam: Depends on what do you mean by support
<rostam> freeflying,  debian package to start with.
<freeflying> rostam: Then yes
<rostam> freeflying,  thx
<freeflying> rostam: There also are articles on wiki you may refer to
<rostam> freeflying, thank you.
<freeflying> Np
<lordievader> Good morning.
<dodgerblue> hello, I have a question about timers on 12.04 - I can't seem to get the high resolution timers working
<dodgerblue> I enabled CONFIG_HIGH_RES_TIMERS in the kernel, yet /proc/timer_list displays 3 clocks for each of the 4 cpus, each clock having 4000000 nsecs freq
<dodgerblue> I am running on an Intel i5
<dodgerblue> grepping dmesg for "/dev/rtc" or "high resolution" yields nothing
<dodgerblue> any suggestion of related things I could look at, or how I can debug this is very much appreciated, thanks!
 * [gnubie] waves
<[gnubie]> [OT] any recommended enterprise SSD that is fully supported by smartmontools? thanks.
<ServerSage> Hey folks, a few hours ago I ran 'sudo do-release-upgrade' and things were flying along.  About 10 minutes ago it go to the mdadm stuff and has hung on "Found kernel: /boot/memtest86+.bin".  The load is 0, no CPU is being used, and there is no drive IO.  What does one do when this happens?  This is going from 13.10 to 14.04.
<xnox> ServerSage: known bug, fixed in trusty-proposed. You are using grub1 still?
<ServerSage> xnox: It would appear so.  I'm looking at the grub2 upgrade page right now.
<xnox> bug #1285312
<uvirtbot> Launchpad bug 1285312 in grub "Setting up mdadm (3.2.5-5ubuntu3) freezes after calling grub1's update-grub from postinst" [Wishlist,Confirmed] https://launchpad.net/bugs/1285312
<xnox> ServerSage: ^
<ServerSage> That was actually the page that lead me to the upgrade page.  Hehe.
<xnox> =)
<xnox> ServerSage: in this current state you may want to kill mdadm postinst process, fetch mdadm from trusty-proposed and install that, and redo do-release-upgrade.
<xnox> ServerSage: or upgrade to grub2.
<ServerSage> xnox: I'll just upgrade to grub2.  I didn't realize it wasn't an automatic upgrade.  I can think of no reason to *not* upgrade at this point.
<xnox> indeed.
<ServerSage> That was the ticket.  Upgraded to grub2, and blamo - it's now past the mdadm stuff.
<DarkStar1> Hi all. I setup anonymous upload for vsftpd server and created a subdir in ftp root dir. Now I want all files uploaded into that directory to have group rw perms
<DarkStar1> How can I do this?
<soren> DarkStar1: I'm pretty sure vsftpd lets you set a umask, doesn't it?
<soren> DarkStar1: Ah, no, you want this: chown_upload_mode
<soren> The file mode to force for chown()ed anonymous uploads. (Added in v2.0.6).
<DarkStar1> soren: I saw the setting for local users. but not for anon
<DarkStar1> soren: thanks
<soren> np
<pmatulis> morning
<lordievader> Hey pmatulis, how are you?
<Tazmain> hi all how do I get apache2 to redirect a url to another with a different port ?
<InFierno> vhost :)
<Tazmain> InFierno, vhost ? So what setup a redirect under apache2/sites-enabled  ? I tried that I keep getting a error saying the page does not exist
<DonRichie> If I establish a connection via tcp. Which numbers are the Source and Destination port numbers? The port for the destination "Client->Server" ist clear. But which Source port the Client uses and on which ports the Server answers?
<rbasak> smoser: I see utopic daily images, but they're not listed in http://cloud-images.ubuntu.com/daily/streams/v1/com.ubuntu.cloud:daily:download.json
<DonRichie> Client->Server Source-Port: ? Destination-Port: App Port e.g. 80 for http ;;;   Server->Client: Source-Port: ?, Destination-Port: ?
<rbasak> Do you need to amend your simplestreams generation stuff with knowledge of utopic?
<smoser> rbasak, pushed to know about that. not sure it will actually fix the problem completely. utlemming would be able to watch that through thou.
<rbasak> smoser: thanks!
<smoser> rbasak, it looks (in local test here) that that will get data generated. next time that runs.
<smoser> bad smoser for hard coding ubuntu releases. :-(
<rbasak> OK. Thanks!
<rbasak> smoser: use distro-info. That gets SRU'd every cycle.
<rbasak> (well, distro-info-data does)
<smoser> rbasak, yeah, i'm not sure why i didn't do that there.
<BLZbubba> got a major major bug here in 14.04 - it is installing a package called "biosdevname" by default
<BLZbubba> who is able to fix this?
<BLZbubba> this is going to hose a lot of people
<BLZbubba> looks like el7 has the same broken behavior, ugh
<BLZbubba> at least they don't have upstart
<ogra_> BLZbubba, send flowers to redhat ... iirc it was their idea
<ogra_> https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Deployment_Guide/appe-Consistent_Network_Device_Naming.html
<mdeslaur> BLZbubba: what's wrong with biosdevname?
<ogra_> mdeslaur, all the scripts that work based on guessed dev names will break
<K4k> Anyone know why I might be getting a message about needing to be +i in #ubuntu all of a sudden?
<fun> :)
<fun> why is ubuntu on +i?
<K4k> yes
<fun> and also any idea how I can check berkley db version?
<K4k> I see that too
<mdeslaur> ogra_: well, that's the real problem :)
<ogra_> we should have kept aliases in place ;)
<fun> or do they have channel  on irc?
<fun> ???
<fun> :)
<fun> o well u seems as mad as ubuntu
<fun> :D
<Scunizi> I'm trying to create a txt file of just directory names and the subdirectory names that are underlying starting at a specific directory in my /home. No file names. Any suggestions welcome.
<lordievader> Scunizi: Something with find and filtering for folders?
<Scunizi> lordievader: or a ls command of some sort.. that's what I'm trying to figure out.  any ideas?
<lordievader> Scunizi: [1] tells me -type d is an option for find. [1] http://www.cyberciti.biz/faq/howto-find-a-directory-linux-command/
<Scunizi> lordievader: interesting I"ll give it a play.  my google-fu failed me this morning with this.
<BLZbubba> mdeslaur: biosdevname is renaming all the interfaces from eth0.  it's tolerable if it is optional, but it is a horrible default setting
<mdeslaur> BLZbubba: why is it horrible? it now matches the actual label on your server's port, and the device name no longer changes arbitrarily when you replace hardware
<mdeslaur> BLZbubba: it's an improvement
<mdeslaur> BLZbubba: you can boot with biosdevname=0 as a kernel parameter if you don't like it
<patdk-wk> mdeslaur, if it did it reliably, sure
<patdk-wk> but it keeps renaming everything to rename2 or rename3
<mdeslaur> patdk-wk: have you filed a bug about that?
<patdk-wk> yes
<mdeslaur> what's the bug#?
<patdk-wk> #1315218
<patdk-wk> some kind of concurrency race condition
<patdk-wk> causing a rename to fail, so it just leaves it in an odd state
<mdeslaur> patdk-wk: if that's happening to you on 12.04, it has nothing to do with biosdevname
<patdk-wk> no, didn't say biosdevname had anything to do with it
<patdk-wk> the interface renaming does
<patdk-wk> and 12.04 also renames interfaces, for it's persistant naming
<mdeslaur> yes, that's normal, because it's matching mac addresses
<patdk-wk> it's just, with 14.04 and biosdevname it happens a lot more often
<patdk-wk> the failure is more consistant
<patdk-wk> where in 12.04 it wasn't, as it was unlikely interfaces moved around that much
<patdk-wk> till I did all those swaps and moves on my nic's atleast
<patdk-wk> but the fix, is likely to be the same for both
<xibalba> is `denyhosts` pkg no longer in the 14LTS repo?
<mdeslaur> patdk-wk: I don't really understand...the behaviour you describe in the bug is perfectly normal and expected
<mdeslaur> you definitely don't want a nic that got changed to assume the name of the nic it replaces
<patdk-wk> that interfaces are named rename2 and rename3
<mdeslaur> yeah, that's normal
<patdk-wk> no, it's not
<patdk-wk> if I say, I want this mac address to be eth1
<patdk-wk> and this other mac to be eth2
<patdk-wk> I would expect that to be the case
<patdk-wk> not for it to be called, rename2
<mdeslaur> patdk-wk: how are you setting that?
<patdk-wk> 70-persistant-net.conf
<patdk-wk> ubuntu set it up itself
<patdk-wk> I removed eth0
<patdk-wk> so then on boot, eth1 is now eth0, and eth2 is eth1
<patdk-wk> and ubuntu fails to rename them how it used to be
<patdk-wk> cause it cant rename eth0 to eth1, cause eth1 exists
<patdk-wk> so it gets hung as rename2
<patdk-wk> but eth1 gets renamed to eth2
<patdk-wk> why this happens for 14.04, I dunno
<patdk-wk> cause there is no naming conflict
<patdk-wk> or, I'm assuming the rename conflict is the issue
<mdeslaur> you shouldn't get ethX names at all with 14.04
<patdk-wk> ya, on 14.04
<patdk-wk> I should have, em0 and em1
<mdeslaur> right
<patdk-wk> but I get em1 and rename3
<mdeslaur> but that's because you've removed em0, right?
<patdk-wk> no
<patdk-wk> new install on a new system
<mdeslaur> you install 14.04 on a new system and one of your nics is called rename3?
<patdk-wk> the whole udev renaming just doesn't seem to be as stable as it should be
<patdk-wk> yes
<patdk-wk> I had 4 nics in that system
<patdk-wk> em0 em1 p5p0 and p5p1
<mdeslaur> OK, I'll change your bug from "udev" to "systemd" because the udev package no longer exists.
<mdeslaur> ok, so they got proper names
<mdeslaur> then what, you rebooted and they change by themselves?
<patdk-wk> except for the random rename3 one
<patdk-wk> has happened on two systems, then I removed biosdevname to fix it
<patdk-wk> then I had the issue on 12.04
<patdk-wk> for 12.04, I just went in and undid all the mapping
<patdk-wk> so atleast my systems could boot
<mdeslaur> that's weird
<patdk-wk> ya, something I should dig into
<patdk-wk> but I have no mind set to do that, and not much knowledge of where to start
<patdk-wk> as I normally care to find where the issue is, exactly
<mdeslaur> there doesn't seem to be any other bugs about that issue, so perhaps it's related to something about your hardware configuration
<patdk-wk> 12.04 are all vmware systems
<patdk-wk> 14.04 where all read hardware, as I haven't started moving it into production yet
<patdk-wk> real
<mdeslaur> huh
<xibalba> how can i login to root w/out a password? i copied my public key to ~/.ssh/authorized_keys, but its still asking for a password on root, where no password is set
<lordievader> xibalba: Does ~ refer to /root or to some user's home dir?
<xibalba> root, yes
<lordievader> xibalba: Is root login allowed in the sshd config?
<xibalba> it is set as : PermitRootLogin without-password
<xibalba> which i presume means keys are Ok
<xibalba> reading the output on my client side of ssh -v
<xibalba> oh well thats funky...my authorized_keys file is gone
<xibalba> well that was a stupid issue
<xibalba> resolved
<lordievader> xibalba: Good to hear :)
<xibalba> weird, i touched, then cat >, then chmod 600, logged out, tried key, no worky, check again, file gone
<xibalba> gremlins are in the system
<lordievader> Perhaps it was written to your standard user
<xibalba> my 8192 key size is rediculous :)
<patdk-wk> depends on it's usecase
<xibalba> my personal shell boxes
<xibalba> takes a few seconds to login
<xibalba> i couldn't find the denyhosts pkg in the ubuntu14lts repo
<xibalba> do you guys know of something else to use in its place?
<lordievader> xibalba: Fail2ban.
<xibalba> k
<xibalba> hmm, trying to remembe rthe config for keys only
<xibalba> PasswordAuthentication no
<xibalba> coolio
<sarkis> what does it mean when i see a version as 1:5.3.5-foobar in dpkg?
<sarkis> 1: specifically
<sarnold> sarkis: that's an epoch; it's introduced when version numbers of the underlying package have changed drastically enough that the packager needed to pick a new version number that is strictly larger than all the others
<sarnold> sarkis: it is often introduced when a package switches from yyyymmddhhmm versioning to x.y.z versioning
<patdk-wk> or if one wants to override the default ubuntu package
<patdk-wk> like in ppa's
<sarnold> hadn't thought of that. that seems a bit drastic compared to package pinning, but won't rely on setting up package pinning on each host..
<patdk-wk> package pinning is too annoying for me
<patdk-wk> I would have to pin the package on all of my systems
<patdk-wk> easier to pin it in the ppa :)
<sarnold> :)
<rostam> hi I have installed ubuntu 12.04 LTS. The issue is I am not able to download any package from launchpad. I keep getting 403 error. Any help greatly appreciated. thx
<patdk-wk> why would you be downloading stuff from launchpad?
<rostam> patdk-wk I am trying to install "saltstack"
<rberg_> rostam: did you add the ppa?
<rberg_> eg 'apt-add-repository ppa:saltstack/salt'
<rostam> rberg_, : yes I did add the ppa, and changed and add export https_proxy, I still get the same error.
<rberg_> did you add it with apt-add-repo? or manually? I am trying to figure out if ther emight be a typo or something..
<tgm4883> This could be the completely wrong way to go about this, but is there a sales@canonical.com email address? I'm trying to get some info on landscape, and talked with some british lady at the end of april, but she has forgotten to email me the information
<sarnold> rostam: I don't think apt-get uses the http_proxy environment variable, I think you need to set its proxy manually -- see apt.conf for details
<rostam> sarnold,  thanks
<sarnold> tgm4883: I believe this is the easiest way to get ahold of someone http://www.ubuntu.com/management/contact-us
<tgm4883> sarnold: yea I did that, and that is how I got the original call from sales
<tgm4883> I just want the info that we had discussed though :/
<sarnold> tgm4883: oh :(
<tgm4883> I suppose I could try that again
<tgm4883> I think that they just forgot about me. I'm west coast USA, so when I talked to them it was like 6:00 PM their time
<sarnold> we really ought to have someone over on our side of the world :)
<tgm4883> yes, you would think there would be someone in the boston office at least
<tgm4883> oh well, just filled out that form again, we'll see what happens
<sarnold> thanks tgm4883
<Lightsword> for provisioning a server I need to script the download of a file only available through a torrent, what would be the best way to do that?
<bekks> Lightsword: Setup an ubuntu server and script your download?
<Lightsword> bekks yeah, just wondering what the best torrent client for command line would be and if there is one that can autoterminate after downloading a single file
<sarnold> Lightsword: hrm, it feels like there used to be 'dumb' bittorrent clients that could run just on a dumb terminal..
<sarnold> Lightsword: I know you can configure rtorrent to quit after downloading but it may not run without a pty to connect to. :/
<Lightsword> right now I'm trying to get it to work with transmission-cli but not sure how to have it auto-terminate
<Lightsword> don't want it to be running in the background
<roadmr> hello folks! I'm doing a utopic server installation over the network (pxe), but it's failing because it thinks mirror/suite is "trusty". I'm not setting mirror/suite in my preseed so maybe this is borked somewhere in the server daily image?
<bekks> roadmr: current daily is trusty, actually.
<roadmr> bekks: oh that would explain it :) that's odd though because the image already calls itself utopic: rsync://rsync.cdimage.ubuntu.com/cdimage/ubuntu-server/daily/current/utopic-server-amd64.iso
<roadmr> bekks: but I defer to your knowledge, if this is known/expected I can wait, just thought I'd mention this in case it's a bug that needs action
<bekks> Why would that be an error at all?
<sarnold> it makes testing utopic a little harder.. :)
<bekks> There are no repos for utopic until now, arent they? :)
<roadmr> bekks: 1) I download and try to install a utopic image, 2) it fails because it thinks it's trusty, 3) i can't really install
<sarnold> at least some packages have already diverged, e.g. mariadb-5.5...
<roadmr> bekks: again, at this point it's not a big deal, but it may be as simple as changing some strings from trusty to utopic in the image
<bekks> That wont help, as long as there arent repos for utopic.
<Lightsword> transmission-cli has a flag for running a script when it finishes downloading, is there a script that does the equivalent of ctrl-c to end the running application in the shell?
<sarnold> Lightsword: there is probably an easier way to get it to die, but if you can't find one, pkill transmission-cli  will probably do it
<roadmr> bekks: where will the utopic repos be when they become available?
<bekks> On the official server, I guess.
<sarnold> bekks: they've been live for a while http://archive.ubuntu.com/ubuntu/dists/
<bekks> Neat :)
<bekks> Time to setup a test vm and fire up do-release-upgrade -d :)
<sarnold> or try out the daily isos? :)
<bekks> :P
<rberg_> Lightsword: aria2 is something to look at as well
<Lightsword> rberg, I think that works
<illsci> hey whats up...
<illsci> I'm getting an error trying to use the ubuntu ami's apt repos in aws...  I saw a post online that said there's someone in here that knows who talk to to get it fixed?
<illsci> Failed to fetch bzip2:/var/lib/apt/lists/partial/us-east-1.ec2.archive.ubuntu.com_ubuntu_dists_saucy-updates_main_source_Sources  Hash Sum mismatch
<illsci> anyone know how to get this fixed...?
<sarnold> illsci: are you using apt-cacher-ng?
<illsci> no... just apt-get update
<illsci> im not sure what that is
<sarnold> illsci: apt-cacher-ng is a local cache; I ran it for a while, right up until it started returning corrupted archives all the time :/
<sarnold> illsci: you'd probably know if you were running it
<sarnold> illsci: thanks, it's being investigated :)
<illsci> thanks!
<jpds> sarnold: You don't use squid-deb-proxy ?
<sarnold> jpds: I use squid-deb-proxy now :)
<sarnold> jpds: I miss the handy little stats screen but I love the fact that it doesn't destroy my debs :)
<jpds> Who needs debs anyway.
<Patrickdk> heh, squid kills so many things
<Patrickdk> sarnold, really?
<Patrickdk> Ive been using apt-cacher-ng for since I dropped squid years ago
<Patrickdk> been working great
<sarnold> Patrickdk: acng worked fine for two or three releases and I didn't do much investigation, just switched to squid, and kept going...
<dw1> /usr/share/mdadm/mkconf says ARRAY /dev/md1 UUID=xxxxx:xxxxx:xxxxx:xxxxx but the default in /etc/mdadm/mdadmconf set up by my provider is ARRAY /dev/md1 level=raid1 num-devices=2 devices=/dev/sda1,/dev/sdb1 -- unattended-upgrades warns me about my array UUID not existing in mdadm.conf .. so.. which is better?  the mkconf or the provider one?
<dw1> is there any benefit to specifying the level, num-devices and devices explicitly?
<patdk-lap> squid kept killing me on 10.04, changed out to apt-cacher-ng, haven't had any issues since
<patdk-lap> dwl, to help it autodetect, if you use older version metadata
<jpds> Patrickdk: I too switch from apt-cacher-ng (and seen so many problems with it with customers) to s-d-p.
<dw1> patdk-lap: hmmm
<sarnold> patdk-lap: when you get problems with it, here's the bug to me-too  :) https://bugs.launchpad.net/ubuntu/+source/apt-cacher-ng/+bug/1234946
<uvirtbot> Launchpad bug 1234946 in apt-cacher-ng ""Size mismatch" caused by writing wrong data" [Undecided,Confirmed]
<patdk-lap> I only have that version installed in one place, here at home
<patdk-lap> it's not overly used
<illsci> its fixed... thanks!
<pmatulis_> anyone else on trusty kvm host failing to have libvirt dnsmasq resolve guest names?
<sarnold> pmatulis_: heh, I had that problem, but realized it was because I had taken libvirt's dnsmasq out of resolv.conf ages back and just hard-coded IP address in /etc/hosts. major egg on my face when my co-workers said it all worked for them. sigh. :)
<pmatulis_> sarnold: but resolv.conf is not managed directly since precise
<pmatulis_> sarnold: on my working saucy host i have static tcp address and dns-nameservers points to a dns server (so resolv.conf points to it).  on my busted trusty i am using dhcp and my resolv.conf contains 127.0.0.1.  at any rate, 'host <guest name> 192.168.122.1' does not work
<patdk-lap> sarnold, maybe it's just fixed in 14.04? apt-cacher-ng is 7.26
<patdk-lap> so far I haven't seen that issue at all
<patdk-lap> any idea how to replicate it better?
<patdk-lap> I normally update one machine at a time
<Kawaiola> Has anyone had any problems connecting to the outside world after setting up a static ip
<Kawaiola> I removed the DHCP packages and still can't get out
<Ben64> sounds more like a networking problem than an ubuntu problem
<Kawaiola> Ben64, Could very well be the ubuntu server I'm building is virtual could that be the issue
<Kawaiola> Ben64, I can connect to the server ssh and see it on my network I only have issues connecting to the outside world.
<Ben64> yes, could very well be the fact that it is a VM that is causing it. they normally have strange network setups and dhcp is the easiest way to get them working
<Kawaiola> Ben64, Hmmmm I wonder if there are other packages I need to remove because I know you can't remove virtual packages you have to remove the packages they are linked too.
<Kawaiola> Ben64, You think I need resolvconf?
<Ben64> why are you removing a bunch of stuff anyway?
<Kawaiola> Ben64, Well when I was looking on the internet they said there is a DHCP client that does DHCP no matter what which explained why my static interface would always fail when I would resart the network interfaces
<dw1> how can I suppress the error message from unattended-upgrades about mdadm.conf not containing my raid array?  (the array is defined, but not using UUID that it checks for)
<Kawaiola> Ben64, So then I removed the DHCP packages and the static IP took and I could connect to it on my network.
<Ben64> ok, but why static ip on a VM anyway
<Kawaiola> Ben64, Because it is still a server I will use to host web based applications.
<Ben64> you should read more into the guide for whatever you're using to create the VM, I'm sure they have a big section on networking.
<Kawaiola> Ben64, I run virtual windows servers and they work great I have dedicated linux servers that are wonderful but trying to make a virtual linux server seems to be difficult haha
<Kawaiola> Ben64, yeah I'm doing that right now.
<sarnold> pmatulis_: do you have a dnsmasq listening on e.g. 192.168.122.1?
<sarnold> patdk-lap: I quite often updated a dozen or so machines at once with my apt-cacher-ng
<paco1> hello guys
<paco1> on my servers i have 12.04. i migrated from 3.8 kernel to 3.11 kernel. So, how can i clean all from 3.8 kernel? it eats me some disk space.
<paco1> thanks very much!
<sarnold> paco1: apt-get purge linux-headers-<version> linux-image-<version> linux-image-extra-<version> for each version that you want removed
<sarnold> paco1: I recommend keeping at least two versions installed -- at least the version you're currently running, and the newest -- or, if you're running the newest, then the newest and the next newest.
<sarnold> having two kernels can help you recover from some kinds of accidents
<paco1> sarnold: ok, but i want delete/remove completly the 3.8 kernel, i don't want more actualization of this kernel.
<Ben64> then remove whichever packages you deem unnecessary
<sarnold> paco1: ah, then you may also wish to remove the linux-source-3.8, linux-headers-3.8, linux-image-3.8, etc. packages
<paco1> sarnold: one thing to move on a config file?
<sarnold> paco1: more apt-get purge commands
<pmatulis_> sarnold: yup
<sarnold> pmatulis_: crazy, so it's listening but can't provide reasonable answers? ;/
<pmatulis_> dnsmasq    2815 libvirt-dnsmasq    6u  IPv4  18611      0t0  UDP 192.168.122.1:53
<sarnold> pmatulis_: do you have lxc and libvirt installed at the same time? I found that gave me real issues in previous releases, I haven't been brave enough to try both again
<pmatulis_> sarnold: indeed i do
<paco1> sarnold: ok, thanks
<sarnold> paco1: you're welcome :) have fun
<pmatulis_> sarnold: and the resolution for containers works (dnsmasq server ip being 10.0.3.1)
<pmatulis_> stgraber: any idea? â
#ubuntu-server 2014-05-07
<phuh> how do you properly create a backup of a Ubuntu server? /var/log and /etc? anything else?
<sarnold> phuh: depends heavily upon what the server does; /home if it serves as a shell host for your users, or if you run a database server you'll want to find out how to get a consistent database dump out of it..
<phuh> sarnold: what about system specific ones?
<phuh> are /etc and /var/log the only ones important for backup purposes?
<sarnold> phuh: for every service that your server runs, figure out what you'd be sad to lose if it dissapeared, and go track it down. :)
<sarnold> phuh: I keep /home/ /etc/ /usr/local/ -- I'm not too worried if I lose my logs.
<phuh> sarnold: why isn't log important for you/
<sarnold> phuh: I only ever investigate them if something seems broken and I want to find out why. I wouldn't care to restore them.
<sarnold> phuh: if you want to keep your logs safe from intruders or something similar, probably a separate log host would make more sense
<phuh> sarnold: do you at least save them somewhere like S3 just in case you'll be interested?
<phuh> sarnold: what's the benefit of a separate log host?
<sarnold> phuh: no, but that makes sense..
<sarnold> phuh: it's updated real-time, so you can examine logs immediately when problems happen -- if you only back up the logs every six hours, you'll probably miss the most important logs when something does happen
<sarnold> phuh: I'm off, have a good night :)
<phuh> thank you sir sarnold
<sarnold> phuh: you're welcome :) have fun!
<geowany> bacula is wonderful!
<wazer> Hello all! I'm having a slight issue getting vnc4server working on Ubuntu 14.04
<wazer> I have the VNC server running, but when I access it I just get 3 check boxes saying: "Accept clipboard from viewers"
<InFierno> Anyone around who has used bind in the not to distant past
<ikonia> InFierno: be better if you just stated what you needed help with
<InFierno> True dat; configs for a clients site that is just pointed to my nameservers (i setup mine just fine) but clients gives errors - ive forgotten something really obvious
<InFierno> For client I created @, mail - A records - ftp, www CNAME records and MX records
<InFierno> what did i forget
<InFierno> and for NS IN records i created mynameservers IN NS domain
<InFierno> I think its on the NS in i have the problem
<TJ-> InFierno: Added the zone file to them main config file, configured any allowed slaves, etc?
<InFierno> yup
<InFierno> Found it
<InFierno> forgot to add an exception for that domain to the firewall
<InFierno> (hardware one)
<lordievader> Good morning.
<InFierno> TJ-, can you take a look at the ns records and see if you can spot the issue
<TJ-> InFierno: Sure
<InFierno> rtrproject.com
<k1ng> can anyone help me install samba client on ubuntu server?
<TJ-> You're missing the ns1.rtrproject.com A record
<InFierno> its ponted to ns1.blacksail.software
<InFierno> so i shouldnt need its own NS record?
<TJ-> You have the SOA pointing to "ns1.rtrproject.com" which has no A record
<InFierno> Ah cheers
<InFierno> it shouldnt be :)
<TJ-> maybe you want that to be "ns1.blacksailsoftware.com."
<InFierno> yea :)
<InFierno> Gonna swap something else at the same time --> just seeen some stuff in the code of zpanel i dont like
<TJ-> And I usually have the SOA contact being the hostmaster@ the actual domain that manages the SOA
<InFierno> You tried vesta cp by any chance ?
<InFierno> I have 2 clients who need a CP so any ideas
<TJ-> Unless you can guarantee the DNS administrator will see emails to the email address currently set
<TJ-> CP?
<InFierno> control panel
<TJ-> oh... I prefer terminal shells
<InFierno> me also
<InFierno> But they are pretty dumb and need a cp
<xnox> dw1: that's interesting, can you open a bug number and pass it to me?
<InFierno> k1ng, What do you mean?
<InFierno> k1ng, : http://www.debian-administration.org/article/340/Using_Samba_on_Debian_Linux
<InFierno> TJ-, u here?
<dw1> xnox: ok https://bugs.launchpad.net/ubuntu/+source/initramfs-tools/+bug/1316989
<uvirtbot> Launchpad bug 1316989 in initramfs-tools "update-initramfs not finding UUID-less raid arrays in mdadm.conf" [Undecided,New]
<xnox> dw1: thanks, i'll correct the package though =)
<xnox> dw1: do you have control over /etc/mdadm/mdadm.conf? a long time ago ubuntu has switched to UUID based assembly.
<dw1> xnox: yeah I can add the UUIDs
<xnox> dw1: i would do backups of the config
<xnox> dw1: and then ddo /usr/share/mdadm/mkconf > /etc/mdadm/mdadm.conf
<xnox> dw1: however, just adding UUIDS to the existing stanzas should also work.
<dw1> xnox: I was told the explicit non uuid declarations would "help it autodetect, if you use older version metadata" so I felt more comfortable keeping them. but if it doesn't matter, well i can go to what mkconf suggests
<dw1> xnox: kind of new to raid stuff :)
<xnox> dw1: it is weird that we complain though.
<xnox> dw1: both should be equivalent.
<dw1> xnox: error gone when using either the mkconf one or adding UUID= parameter to end of others
<dw1> xnox: as expected
<xnox> dw1: good. if you want to keep all options, then by all means just add UUID= parameter at the end.
<dw1> xnox: sounds good, thanks
<DenBeiren> Hi, I destroyed my system by accidently erasing all kernels and rebooting. I have found a nice help page http://to.ly/xgZ4 , but i ran into a problem.
<DenBeiren> i have a software raid setup
<DenBeiren> so mounting the partitions as described doesn't work
<OpenTokix> DenBeiren: you have to assemble the raid in the livesystem to
<OpenTokix> DenBeiren: with mdadm and then mount the partitions fomr the raid
<OpenTokix> DenBeiren: check out the manpage for mdadm
<DenBeiren> ok will try
<DenBeiren> thanks for the tip!
<OpenTokix> mdadm --assemble --scan might be the command you are looking for
<DenBeiren> seemed to work out
<DenBeiren> only the boot partition raid array has en error
<DenBeiren> when i try to mount, the device doesn't exist
<DenBeiren> nm, i made a syntax error
<DenBeiren> http://pastie.org/9148436   what am i doing wrong here?
<onorua> guys, my crypted devices are not getting booted
<onorua> I mean not getting mounted during boot without manual intervention
<onorua> boot complains about some serious errors were found while checking the disk drive for all ecnrypted devices
<onorua> have someone seen such an errors?
<onorua> how did you overcome?
<fun> hey folks, how I can upgrade 13.10 64 bit server to 14.10 64 bit server?
<fun> I mean 14.04
<cfhowlett> fun wait until point release #1 in July.  then sudo do-release-upgrade
<fun> point?
<cfhowlett> fun 14.04.1
<fun> how come?
<fun> i though 14.04 already pretty good
<cfhowlett> fun OR download 14.04, make a USB, boot USB and install
<Pici> cfhowlett: You shouldn't need to wait if you already have 13.10
<fun> what usb lol its remote server
<cfhowlett> Pici do-release-upgrade unavailable until point release
<Pici> cfhowlett: Sure it is.  Just not for 12.04 to 14.04
<cfhowlett> Pici NOT true.  LTS to LTS is allowed.
<fun> Pici so how to I do it? just run do-release-upgrade?
<fun> nope there is more to it
<fun> http://ubuntuhandbook.org/index.php/2014/01/upgrade-ubuntu-13-10-saucy-to-ubuntu-14-04-trusty/#comments
<fun> bingo :D
<Pici> fun: you shouldn't need to use the -d switch at all.
<Pici> cfhowlett: 13.10 to 14.04 should work just fine right now using do-release-upgrade.  12.04 to 14.04 will not work until 14.04.1 is released.
<fun> Pici so do-release-upgrade will make sausy 14.04?
<cfhowlett> Pici ah!  good to know!
<fun> and do I need to edit /etc/update-manager/release-upgrades ?
<fun> to change normal to lts?
<Pici> fun: It should work as long as prompt is not set to none.
<fun> :) running update
<Pici> yay
<fun> some minor warnings however overall seems fine
<fun> :)
<fun> unable to delete some old dirs
<fun> lol grub now
<fun> saying local version modified but it has new version
<MTughan> I'm having some trouble with cloud-init. Is there a list somewhere of the steps cloud-init goes through and somewhere where I can see what data it's all using?
<MTughan> I'm using a local installation of OpenStack. If I launch a VM manually with my own cloud-config script, everything works as intended. If I launch the VM using Heat (OpenStack's orchestration tool) with the same cloud-config file, stuff breaks.
<fun> no idea
<MTughan> Most notably, if I specify a custom username for cloud-init, the created home directory when using Heat is owned by root:root.
<fun> Pici: ok upgrade done, some minor warnings for some soft overall seems fine :D
<Pici> huzzah
<fun> I am suprised OVH dont have 14.04 in its CP yet :D I could promt them to add it :)
<fun> Ubuntu 14.04 LTS haha
<fun> done :D
<patdk-wk> suprised people use ovh
<fun> its great
<fun> who do you use?
<patdk-wk> if you don't care about being blacklisted
<fun> blacklisted where?
<fun> lol
<patdk-wk> most mailservers have most of ovh blacklisted
<patdk-wk> they made a huge statement, about fixing the issue
<patdk-wk> but nothing ever came of it
<fun> patdk-wk: simply use sendgrid
<fun> :)
<patdk-wk> http://www.spamhaus.org/sbl/listings/ovh.net
<fun> re read above :D
<fun> aws similar well many ips :)
<fun> also who do u use then :)
<patdk-wk> aws blocks you, if you send more than just a few emails per day
<patdk-wk> personally?
<patdk-wk> I bought my own hardware, ip address space, and asn
<fun> so here u go
<fun> :)
<fun> also aws allows to send tons of emails if u pay
<fun> ;)
<patdk-wk> spammers aren't into paying
<fun> patdk-wk: lol well aws is well known company
<fun> and ovh same
<patdk-wk> but the reputations of both, are widely different
<fun> to you yes
<fun> ovh is going on roadshow worldwide feel free to visit and voice your concerns there :)
<fun> hehe
<MTughan> I'm having some trouble with cloud-init. Is there a list somewhere of the steps cloud-init goes through and somewhere where I can see what data it's all using?
<MTughan> I'm using a local installation of OpenStack. If I launch a VM manually with my own cloud-config script, everything works as intended. If I launch the VM using Heat (OpenStack's orchestration tool) with the same cloud-config file, stuff breaks.
<MTughan> Most notably, if I specify a custom username for cloud-init, the created home directory when using Heat is owned by root:root.
<budman_> anyone have any ubuntu 12.04 servers with netextreme broadcom cards? trying to figure out a speed issue
<davidwebb> I need to install dropbox on my headless 12.04 Server for multiple users - does anyone have experience with this? I can't find a tutorial focused on using dropbox with more than 1 user...
<budman_> davidwebb: does it need to be dropbox? maybe "owncloud" might work
<davidwebb> budman_: that looks interesting.  My clients already have dropbox, but it looks like setting this up would be pretty easy too...
<budman_> I know someone that just set it up and is loving it, I think the only downfall he said was you have to pay for the apple/android app$1 or so
<patdk-wk> for dropbox or owncloud?
<budman_> owncloud
<davidwebb> so does this mean all the data stays on my server?
<davidwebb> I'm pretty sure one of my clients will want it sync'd elsewhere as well...
<patdk-wk> as long as you don't download it
<patdk-wk> or back it up somewhere
<davidwebb> Does it work just like dropbox, where if he's running it on his desktop, it'll download / sync files to his desktop automatically?
<budman_> yea it might not meet your needs, just throwing it out there, while I wait for help :) hoping someone runs ubuntu with broadcom cards
<patdk-wk> the world attempts not to run anything with broadcom cards
<budman_> yes i know, it just happens to be what I have to work with. im thinking about just ordering some 4 port intel cards
<budman_> but seeing my options if I can fix it, with a different driver or similar, has to be 1 lone ranger out there ha.
<davidwebb> owncloud has packages for xUbuntu - are they the same as what I'll need for Ubuntu?
<davidwebb> (I don't know the differences between xUbuntu and Ubuntu....)
<sarnold> davidwebb: just skimming their opensuse build service page, I actually think they mean 'xUbuntu' as a placeholder for 'ubuntu, kubuntu, xubuntu, lubuntu, edubuntu, etc.'
<davidwebb> gotcha. thanks sarnold
<sarnold> (and probably it'll work for derived distributions such as mint..)
<pseudo> is there any reason whatsoever for a ubuntu 14.04 server - freshly installed - not to reply to icmp requests coming from certain ip addresses?
<sarnold> pseudo: probably it won't reply to broadcast packets
<pseudo> sarnold - it is seeing, but not responding to icmp echo packets coming from a certain ip address from the 10.x subnet
<patdk-wk> that is a pretty large subnet
 * patdk-wk blames routefilter
<pseudo> the server is on 10.30.0.0/24, but another box connected to the same switch is on 10.10.10.40. it responds to about 10% of the icmp packets coming from that ip
<patdk-wk> well, that won't work
<patdk-wk> not without a router
<pseudo> same switch
<pseudo> i.e. layer 2 packets
<pseudo> no reason it shouldnt work
<patdk-wk> ya, should not work
<patdk-wk> sure it does
<patdk-wk> it's not in the same subnet
<patdk-wk> not in same subnet == must be routed
<patdk-wk> did you skip networking 101?
<pseudo> apparently i did
<pseudo> i guess that makes sense
<pseudo> give me a sec to rethink a few things
<pseudo> okay, you are right about the layer 2 thing - i believe that the network is setup such that the 10.10.10.40 router connects to an upstream router and then hairpins back into the 10.30.0.0/24 network.
<pseudo> the tl;dr is that packets origininating from 10.10.10.40 make it to the 10.30.0.x machine
<pseudo> i can see the icmp request's come into that box with tcpdump
<pseudo> but it never sends out a reply
<pseudo> i other ubuntu 14.04 machines in the same subnet that respond just fine to icmp requests
<sarnold> pseudo: compare their routing tables, perhaps that one machine doesn't know how to route to 10.10/16 ?
<pseudo> the routing tables are identical
<pseudo> again - the packet makes it to the box. the box just never tries to send a reply
<sarnold> wb pseudo_, you missed nothing while you were gone
<patdk-wk> how many nics does that box have?
<pseudo_> ty :)
<pseudo_> one nic
<patdk-wk> where are you running tcpdump?
<pseudo_> on the node that i am trying to ping
<pseudo_> omg, this is so frustrating - it just started working again. literally nothing has changed.
<patdk-wk> arp issues?
<sarnold> o_O
<sarnold> that would be bloody annoying to track down :)
<pseudo_> that's what i thought, but i flushed my arp tables earlier, plus - i was seeing EVERY icmp request packet
<sarnold> I wonder if those packets are arriving with broken checksums?
<patdk-wk> request doesn't mean anything
<patdk-wk> if the server doesn't know the arp entry for the gateway/router
<patdk-wk> therefor it never makes a reply
<pseudo_> patdk-wk: there is one gateway router and networking was fine everywhere else
<patdk-wk> everywhere else != this switch port
<pseudo_> i could ping out through that router
<patdk-wk> ok
<pseudo_> patdk-wk: actually, i lied. i don't know that for sure
<pseudo_> thinking back - i was able to ping within my subnet, but i don't think that i tried pinging upstream
<pseudo_> patdk-wk: although. this node is just a kvm image who's nic is a bridged card. and other vms were working fine
<patdk-wk> oh?
<patdk-wk> could be lots of fun then
<pseudo_> yeah, there are alot of moving parts - i still think it needs to be an ubuntu/kernel thing though - the fact that tcpdump saw a request and did not respond says that networking is all right
<pseudo_> at the same exact time that it was not responding to that ip, it would repond to a ping from a local ip
<sarnold> does tcpdump automatically report back packet checksums?
<patdk-wk> and you are doing it inside the vm right? not on the host?
<pseudo_> yes, inside a vm
<pseudo_> and sarnold, i think it will report a bad checksum by default, but im not sure about that
<sarnold> aha :) --dont-verify-checksums
<sarnold> bugger. i liked that theory.
<pseudo_> idk what to say guys, it seems to be working now - i guess i will chalk it up to some sort of arp caching issue. i really don't think that was the problem, but i'm out of theories and it unfortunately just started working again
<sarnold> pseudo_: good luck, and if you figure it out I'd be curious to learn why :)
<pseudo_> sarnold: yeah, if i figure it out i will definitely report back. thanks for taking the time to help. you too patdk-wk.
<pseudo_> sarnold: i have a theory - i think that our upstream firewall/switch was trying to preventing arp spoofing by disallowing unsolicited arp replies. before this problem started, i took down a vm that had the same ip address and brought a new one(with a different MAC) up in it's place.
<sarnold> pseudo_: ooh, seems plausible enough. the best part is you've got something you can test now :)
<zealj> ubuntu server liveCD doesn't include fdisk
<zealj> anyone know if this is intentional? is there are substitute?
<lordievader> zealj: I suppose parted is available.
<lordievader> Fdisk for gpt disks is useless.
<zealj> does parted allows you to view the partition table without changing them?
<lordievader> Yes.
<zealj> cool, thanks
<lordievader> zealj: man parted ;)
<zealj> yep :)
<dasjoe> Hi, VMs created with uvt-kvm are not persistent, correct? What are possible use cases for uvtool, is there a way to make a VM persistent?
<stoned> oh here it goes
<stoned> finally
<stoned> I tried to join this channel like 5 times
<stoned> it wouldn't join
<Jordan_U> stoned: What ended up actually working? Going through GUI buttons rather than "/join"?
<stoned> Yes!
<stoned> Jordan_U, my friend yes
<stoned> I got join to work now. The command was broken for /
<stoned> I am on ZNC so I restarted my client and now it works
<stoned> Thanks
<MTughan> You also have to be identified with NickServ to join here, I believe.
<MTughan> Huh, nevermind actually.
<replman> Hi! I would like to create a sftp user for a www folder. This works if the folder belong to root, but if i set the owner to root, the webserver cannot read it. Isn't it possible to have a sftp user which doesn't need the folder to be owned by root?
<stoned> sure
<stoned> addgroup web
<stoned> adduser www-data web
<stoned> adduser root web (optional)
<stoned> chown -R www-data:www /var/www
<stoned> chmod -R ug+srw /var/www
<stoned> 1) you create a group called 'web'
<stoned> 2) you put the apache www-data user (and files in /var/www belong to root) so you do #3
<stoned> 3) you add root to group web
<stoned> 4) you make everything inside /var/www owned by www-data (apache user) and owned by group 'www' you just created
<stoned> 5) you set permissions for user and group to be able to read and write ug+rw
<stoned> 6) permission 's' is sticky bit. New files created in /var/www /will take parent directory permissions
<stoned> for example after all this
<stoned> touch /var/www/tmp
<stoned> ls -l /var/www/tmp will report same permissions as /var/www minus d and x
<stoned> I hope that helps/explains.
<stoned> replman, ^^
<verdeP> sticky bit is so nice, let me quickly drop files from my user account into /var/www
<replman> stoned: thank you very much! I will try it this way...
<stoned> replman, you are most welcome
<replman> stoned: I always get a "fatal: bad ownership or modes for chroot directory component" in auth.log when trying to login through sftp
<budman_> http://d.pr/i/2r6y - wth is it just ubuntu 14.04 doing something special? I even tried a 3.11 kernel on the 3.2 kernel boxes.
<fridaynext> what's the proper location for a subdomain, if I currently have /home/fridaynext/public/site.com/public, and I want sub.site.com.
<fridaynext> where does the 'sub' folder go?
<webfox> hello guys!
<webfox> I was trying to download the ubuntu server for pc-64bit version but all I found was the amd64, is that all right if I install it on a intel processor?
<sarnold> webfox: yup, that's expected :)
<webfox> sarnold: why amd64 then?
<sarnold> (the long story is, intel's 64 bit instruction set was the "itanium" cpu, which took off nearly nowhere and not at all. amd invented the 64 bit extension to the x86 instruction set, so it got called amd64, and then intel capitulated and made clone chips...)
<webfox> right, thank you.
<rostam> Hi I have a server with two internet interface , eth0 and eth1. I have installed Ubuntu 12.04. The eth1 is connected to internal network and the server acts as dhcp server on that interface. I like the configure the dhcp server so anything the server reboots it remove the lease file and start again. Is this possible? thx
<sarnold> rostam: I'm curious why you want that.. it feels like the kind of thing that wil lcause all kinds of confusion, so I'm hesitant to suggest anything..
<rostam> sarnold,  agree with you. This is a condition was asked from me, and if you think it is not correct then I will not follow on it. Thanks
<sarnold> rostam: well, until I know more about it I don't want to say it is wrong -- but I think the clients that have been handed addresses might not expect their lease to be revoked when the server reboots.
<rostam> sarnold,  in our test bed, we are experimenting on network configuration, so anything they change something they expect the dhcp request to be honored but the system does not since it has already leased the available IPs. I hope this is clear. However, if I want to just test this condition (renew lease time) is there a option? thx
<sarnold> rostam: okay, that's good enough for me :) hehe
<sarnold> rostam: the first thing I'd try is adding some lines to the dhcpd upstart or sysv-init file to delete the leases database
<rostam> sarnold, any pointer  how I can investigate this? thx
<sarnold> rostam: sure, check the manpage for the dhcpd for the path to the leases database; if it doesn't say, look around in /var/lib/, it probably lives there.
<sarnold> rostam: then look in /etc/init/dhcpd or /etc/init.d/dhcpd or something similar for the script that starts the service -- just add a 'rm /var/lib/whatever || true' command in the right place -- the || true will make the command exit with success even if the file doesn't already exist, which might be handy
<rostam> sarnold, thanks
#ubuntu-server 2014-05-08
<twb> Quick question -- as at 10.04, apparmor doesn't work inside LXC.  Anybody remember offhand if that got fixed later on?
<sarnold> twb: you can't currently nest apparmor profiles -- if you want to use apparmor within lxc, you'll need to configure lxc to not use apparmor to confine the container
<sarnold> twb: lxc currently relies upon apparmor to provide some aspects of the confinement, you'll need to either reproduce those inside the container or understand that it isn't as secure as it could be
<twb> okey dokey
<fun> hey folks what the best way to reload app on the start?
<fun> init?
<sarnold> fun: what are you trying to do?
<fun> sarnold: i run some python app I want to make sure it will start in case host happen to restart server for maintance
<fun> maintenance
<sarnold> fun: would you consider a system service or is it a 'user application'?
<fun> its important service
<fun> got to be up 24/7
<sarnold> fun: then an init script is going to be a good approach :)
<sarnold> fun: there is some advice in writing upstart scripts here: http://upstart.ubuntu.com/cookbook/
<fun> yes then I add ssh via pam only and server is secure:D
<fun> sarnold: have u ever used ssh with smart card?
<fun> even better than pam but not sure yet how to do it
<sarnold> fun: no :( I've wanted to try a smartcard for a while
<fun> can it be open pgp?
<fun> to auth?
<sarnold> fun: I've also thought about using a 2fa token like a yubikey or duo security..
<fun> https://www.gnupg.org/howtos/card-howto/en/smartcard-howto-single.html#id2456489
<Nyle> I just came back.
<Nyle> Oh
<Nyle> That replguy left.
<Nyle> I wonder if he got his issue resolved
<Nyle> www file permissions etc.
<lordievader> Good morning.
<gdi2k_> hi, not really a ubuntu-specific question, more a hardware question, but maybe someone here has a good idea: I'm going to buy a couple of Lenovo Thinkserver TS140 servers. I need to add a dual NIC. They say I should only use Intel I350-T2 NICs, but they're $130+...can I not just use older gen cards like this? http://www.ebay.com/itm/HP-NC360T-PCI-Express-Dual-Port-Gigabit-NIC-Network-Adapter-412651-001-High-/111342044670?pt=US_Internal_Network_Cards&
<gdi2k_> hash=item19ec80c5fe
<gdi2k_> link again as it was split: http://www.ebay.com/itm/HP-NC360T-PCI-Express-Dual-Port-Gigabit-NIC-Network-Adapter-412651-001-High-/111342044670?pt=US_Internal_Network_Cards&hash=item19ec80c5fe
<yossarianuk> hi - having an issue with the 2nd LAN NIC in an Ubuntu 14.04 server - on reboot eth1 keeps getting renamed - sometimes to em2, sometimes to rename4
<yossarianuk> how can I prevent this ?
<yossarianuk> previously it would use info in /etc/udev/rules.d/
<yossarianuk> in 14.04 how can I ensure the device name for eth1 stays constant ?
<yossarianuk> on previous version of ubuntu there would be the file generated - /etc/udev/rules.d/70-persistent-net.rules
<yossarianuk> that doesn't exist any more
<Ben64> it doesn't?
<yossarianuk> it could be really bad if the other NIC changed - thats part of a BRIDGE used for KVM..
<yossarianuk> no - not on ubuntu 14.04 server
<yossarianuk> it does on my kubuntu 14.04 desktop
<Ben64> my servers are still on 12.04, so i'm not sure what to suggest
<yossarianuk> is there a way to generate the file  /etc/udev/rules.d/70-persistent-net.rules anyone ?
<owh> Copy it from a previous install?
<Ben64> https://bugs.launchpad.net/ubuntu/+source/biosdevname/+bug/1284043
<uvirtbot> Launchpad bug 1284043 in biosdevname "udev renaming the same hardware network i/f to different name, breaks networking and firewall" [High,Confirmed]
<Ben64> i havent read through all the responses, not sure if theres a fix yet
<yossarianuk> Ben64: thanks
<Ben64> maybe here? https://bugs.launchpad.net/ubuntu/+source/biosdevname/+bug/1284043/comments/15
<uvirtbot> Launchpad bug 1284043 in biosdevname "udev renaming the same hardware network i/f to different name, breaks networking and firewall" [High,Confirmed]
<yossarianuk> is there a way also with ubuntu so that when you reboot the KVM host server the guests just suspend rather than shutdown?
<yossarianuk> i.e on centos there is the deamon libvirt-guests which you  can set to suspend or shutdown guests when the kvm host reboots.
<yossarianuk> is there anything similar in ubuntu server ?
<owh> yossarianuk: apt-cache search libvert
<yossarianuk> did you mean libvirt ?
<owh> yossarianuk: I did. Sorry.
<yossarianuk> owh: thanks - did that already can;t see the same type of deamon.
<owh> yossarianuk: I'd be *very* surprised if it's not in Ubuntu. It may be called something else, or done slightly differently.
<Ben64> !find libvirt
<ubottu> Found: libvirt-bin, libvirt-dev, libvirt-doc, libvirt0, libvirt0-dbg, libvirtodbc0, nova-compute-libvirt, python-libvirt, gir1.2-libvirt-glib-1.0, libvirt-glib-1.0-0 (and 8 others) http://packages.ubuntu.com/search?keywords=libvirt&searchon=names&suite=trusty&section=all
<yossarianuk> sure - its just a config thing -
<InFierno> MM guys anyone know of a website that lets u make *.bla subdomains which u can set DNS on (like old co.cc /co.nr)
<yossarianuk> the 'fix' from https://bugs.launchpad.net/ubuntu/+source/biosdevname/+bug/1284043/comments/15 did the job thanks
<uvirtbot> Launchpad bug 1284043 in biosdevname "udev renaming the same hardware network i/f to different name, breaks networking and firewall" [High,Confirmed]
<yossarianuk> it seems to be just HP hardwaere ?
<pmatulis_> morning
<yossarianuk> morning!
<yossarianuk> how do I make ksm for KVM enabled at boot on Ubuntu ?
<yossarianuk>  it not enabled in /sys/kernel/mm/ksm/run  - i can enable it via 'echo 1 >  /sys/kernel/mm/ksm/run' just wondering if one of the init/upstart scripts had the option.
<MTughan> Is there a way I can see what cloud-init data or other configuration task data is being passed to Ubuntu 14.04? I've got an issue with a specific module of OpenStack.
<MTughan> If I specify a custom user for creation instead of ubuntu, everything appears fine if I create an instance on its own. But if I create that instance through Heat, the orchestration tool, with the same cloud-config file, the home folder permissions are not set correctly.
<MTughan> /home/user ends up being owned by root:root and with rwxr-xr-x permissions.
<MTughan> Actually, the permissions may or may not be an issue here. But the ownership is.
<sync0pate> am I allowed to ask a server-unrelated question, as it's quiet?
<sync0pate> I'm wondering what people use for e-mail client
<sync0pate> thunderbird is starting to drag
<MTughan> Don't think you'd be able to use it, but I use Apple Mail.
<sync0pate> no, I wouldn't
<sync0pate> looking for something on ubuntu
<sync0pate> which is why I asked in here
<sync0pate> even though it's unrelated :\
<mardraum> sync0pate: mutt or die
<sync0pate> lol ok...
<rberg_> I started using kmail as search in thunderbird was so bad
<sync0pate> yeah, it's partly the search that's getting to me
<sync0pate> and partly that it seems to not connect to mail after waking from hibernation
<sync0pate> and just starts taking up more and more memory until I close it
<rberg_> that said I keep mutt configured just in case I get any akonadi freak outs
<xperia> hi all. i have several spare dell power-edge server and would like to create a ubuntu cluster with them mainly for calculating stuff. my idea is to have one server as a hub with lot of Disk Storage that all other nodes can access also. good would be if the nodes could boot the operating system over the network at the startup like over pxe. my question is what for cluster software do you...
<xperia> ...recommend for such a case ? what for possibility exist with ubuntu to use spare server mainboards without harddisk but with network card to create a powerfull cluster ? thanks in advance for the suggestions.
<MTughan> Is there a way I can see what cloud-init data or other configuration task data is being passed to Ubuntu 14.04? I've got an issue with a specific module of OpenStack.
<MTughan> If I specify a custom user for creation instead of ubuntu, everything appears fine if I create an instance on its own. But if I create that instance through Heat, the orchestration tool, with the same cloud-config file, the home folder permissions are not set correctly.
<MTughan> /home/user ends up being owned by root:root, which causes many problems with various programs.
<medberry> jamespage, does the Ubuntu CI stuff test OpenStack Nova live migration (w/ CEPH) and/or does it test OpenStack Nova Image Resize (which appears to require working nova accounts and shared ssh keys)?
<medberry> or is there somewhere I can go read up on which tests you guys are doing on commits/releases? (zul, jamespage , roaksoax )?
<zul> medberry: not really since thats going to be changing in utopic as well
<medberry> zul, 'k, thanks. I may ask more ??? next week.
<zul> medberry:  sure come hunt me down ;)
<medberry> :-)
<medberry> zul, what you test is changing or how nova does live mig and resize is changing in utopic?   I guess you meant the former.
<zul> medberry:  still tbd
<medberry> nod thanks
<jamespage> medberry, we don't test live migration or resize yet
<jamespage> and resize does require ssh keys for the nova accounts
<medberry> jamespage, many thanks.
<medberry> that's certainly what we've found
<jamespage> medberry, this is an optional feature in the charms
<medberry> even if it is ceph backended
<jamespage> juju set nova-compute enable-resize=true
<medberry> jamespage, cool
 * medberry is not , erm, um, using the charms....
<jamespage> medberry, lol
<jamespage> medberry, bad boy :-)
 * medberry hides
<jamespage> medberry, you can of course use the charms as a reference on how to set this up
<jamespage> medberry, they use root SSH for live migration and nova SSH for resize ops
<medberry> jamespage, yep, I've done that for sure in some instances. And should have pointed folks therein yesterday.
<jamespage> both disabled by default for security reasons
<medberry> we don't need root ssh for live migration (it just works with a ceph backend and shared filesystem on /var/lib/nova/instances )
<medberry> shared fs could be NFS, CephFS, sshfs, tin cans and string
<rtg> zul, so I'm kind of cranky that sysvinit cannot get past autopackage testing 'cause neutron is not installable (so says infinity).
<zul> rtg: on utopic?
<rtg> zul, yup
<zul> rtg: need to fix sqlalchemy today
<zul> rtg:  im working on it
<rtg> zul, ok, though it has been blocked for 10 days or so. dunno if neutron has been the root of the issue all along, but autopackage tests are failing for reasons outside of sysvinit changes.
<zul> rtg: yeah its not the root of the issue
<redir> where are bugs filed against ubuntu-cloud?
<medberry> launchpad?
<redir> medberry: any pointer to a project there?
<redir> looking but not seeing cloud specific projects
<medberry> redir, not sure what problem you are seeing. Probably specific to a package. What issue/package has an issue
<medberry> ?
<medberry> ie, ask more plainly about the issue and we'll get you to file a better bug
<medberry> "ubuntu-cloud doesn't work" isn't going to get much eyeball traction
<redir> creating an ubuntu-cloud instance with LXC doesn't create the /etc/ssh/ssh_host_ed25519_key
<redir> medberry: which prevents login
<redir> an known issue in OpenSSH_6.6p1 solution is...
<redir> just don't know where to file it
<redir> or see if it is already known
<medberry> so file it with LXC but I thought that worked fine.
<medberry> hallyn may have more advice on where/what to file
<redir> OK. I'll put it in LXC to capture the info, can refile later if necessary
<redir> filed
<Term1nal> So.. I'm playing with MAAS, but having an issue with trying to commission nodes. They PXE boot ok, and the status in the nodes list changes to "Ready", but I don't have WOL capability on these boards (despite the supermicro motherboard manual stating that it should work despite not having any option to enable it). So the MAAS controller can't turn the nodes on, which is fine I can turn them on myself, but when they boot to PXE after being
<Term1nal> commissioned, they just hang on "trying to boot to blah-blah-blah"
<Term1nal> I tried not booting to PXE post-commissioning but nothing's been loaded on the hard drive to boot to.
<Term1nal> I tried using the ubuntu server install DVD and doing a MAAS setup, but after putting in the MAAS URL, it sigkills and turns off doing nothing productive that I can tell.
<Term1nal> What am I doing wrong?
<webfox> How do I install ssh-server?
<cmircea> Is it possible to join an Active Directory domain for centralized authentication? Is there an recommended way? (searching the web I can find many variants in blog posts) This is for 14.04.
<cmircea> Actually I'll ask this in #ubuntu since it's probably not server specific.
<patdk-wk> there are many ways to do it
<patdk-wk> likewise, sssd, samba, ...
<RoyK> ldap
<RoyK> +kerberos
<RoyK> and automount if the home is on a samba/windows/smb/cifs thing
<stephank> I'm seeing something similar to this on 14.04 LTS running on EC2: https://bugs.launchpad.net/ubuntu/+source/linux-lts-raring/+bug/1195474
<uvirtbot> Launchpad bug 1195474 in linux-lts-raring "xennet driver reports "skb rides the rocket" under moderate load" [Undecided,Confirmed]
<stephank> Messages are the same, and there's dropped tx packets in ifconfig output.
<stephank> Notably, between 13.10 and 14.04, MTU seems to have gone from 1500 and 9000. I've reversed it to 1500 on one of the redundant machines we have deployed and will monitor tonight as we get more load to see if that's the problem.
<Term1nal> Alright, it turns out I got it working, I had to hit "Start node" then boot it quickly by hand. Now I have 2 nodes "Allocated to <user>"
<Term1nal> Which is great! But now attempting to bootstrap juju, I get this error: ERROR bootstrap failed: cannot start bootstrap instance: cannot run instances: gomaasapi: got error back from server: 409 CONFLICT (No matching node is available.)
<Term1nal> Anyone?
<Phibs> so 14.X moved udev rules to /lib/udev/rules.d from /etc ?
<sarnold> hey Phibs :) I thought they lived in both for years?
<Phibs> well the /etc is empty now :)
<sarnold> ah, perhaps my laptop has some holdovers just because it had them before?
<Phibs> nod
<Phibs> shoulda symlinked the damn dir but hey
<Phibs> ubuntuyolo!
<Phibs> hmm maybe it was biosdevname
<Phibs> once I did biosdevname=0 and rebooted /etc/udev/rules.d was populated with the 70-persist ;0
<Phibs> weird
<stephank> So, the EC2 machine whose MTU I adjusted to 1500 is running smooth. The one with the default MTU of 9000 is dropping a lot of connections.
<stephank> And adjusting the bad one to 1500 just stabilized it.
<bekks> stephank: So dont use jumbo frames.
<bekks> The switches in the datacenter need to support that too, for reliable connections.
<stephank> I'm not really requesting them. This appears to be normal behavior, the MTU on EC2 defaults to 9000 as of 14.04
<stephank> The app is requesting regular tcp sockets
 * Term1nal sigh
<sarnold> Term1nal: sorry, I missed your question..
<Term1nal> So I worked through the issue I had before with no one paying any mind. Now I've got something new. I have the MAAS cluster managing DNS, but when I attempt to run juju status, it can't resolve the host.
<sarnold> Term1nal: you may wish to ask in #juju or #maas
<sarnold> oh :)
<fun> hey folks
<fun> how do you do?
<fun> I get message shutdown system down  3.11.0-19-generi Thu May  8 04:53 - 04:57  (00:03)
<fun> seems like host maintenance?
<sarkis> hey guys how often is the motd updated via update-motd
<fun> what is motd
<MTughan> fun: Message of the Day
<sarkis> message of the day
<MTughan> You know you're dealing with a Perl programmer when he writes a shell script and the first line is "die() { echo "$@" >&2; exit 1; }"
<fun> oki well I dont know, so far I learned to to use apache, nginx, mysql, maria db some php
<fun> :)
<fun> MTughan: lol
<fun> who here is equally good at IT and fixing car?
<fun> I wonder
<sarkis> wtf
<fun> sarkis: you?
<fun> well both require logical thinking
<fun> I am making a bit of a research lol
<kirkland> sarkis: it's updated at login
<mgw> anybody know a workaround for getting python3.4's urllib to honor http_proxy env var?
<Term1nal> Hmm.... ok
<Term1nal> so I downloaded 14.04, installed it, configured MAAS, deployed juju. Now I was going to install openstack, it says to go add-apt-repository cloud-archive:icehouse
<Term1nal> but I get the error: cloud-archive only supported on precise
<parallel21> Term1nal: apt-get update && apt-get -y upgrade
<parallel21> apt-get install python-software-properties
<parallel21> add-apt-repository cloud-archive:havana
<fridaynext> anyone running time machine to Ubuntu 12.04 Server via AFP with no issues?
<Term1nal> parallel21: the instructions given on the 14.04 download page specify using icehouse release?
<parallel21> Oh... then replace havana with icehouse?
<fridaynext> All my incremental backups to my NAS box are huge, like 5-10GB, after only an hour of working (and nowhere near that many changed files), and the backups become corrupt about once a month.
<Term1nal> ok, I'll try it
<sarnold> Term1nal: the cloud archive may not be 'supported' until 14.04.1 is released; that's when the updater tool will start suggesting 12.04 LTS users to upgrade to a newer release
<Term1nal> =/
<parallel21> :(
<sarnold> but still, one hopes that there's something available to help ensure 14.04.1 is ready for prime time..
<sarnold> Term1nal: perhaps you don't need to use it because the openstack packages in 14.04 LTS are already 'new enough'?
<Term1nal> Pretty cool documentation then....
<Term1nal> to spend 3 hours getting all this infrastructure all working step by step and dealing with out-of-date and invalid instructions every step of the way
<Term1nal> then to be told to do something that isn't yet ready either.
<jhobbs> /wg 3
<sarnold> please file bug reports :)
 * Patrickdk files a bug report
<Patrickdk> sarnold irc bot seems defective lately
<sarnold> Patrickdk: my pandaboard is unhappy :/ I'm ircing from my laptop until I figure out a solution
<sarnold> Patrickdk: of course my 'solution' in the back of my mind is building a zfs machine of doom with 9-14 drives ...
<parallel21> I have a comp that keeps dissapearing on the network. It has a valid ip address, no firewall. I keep trying to rsync files over and thats when the computer suddenly goes off the network
<parallel21> The computer is unable to ping anything and I'm unable to ping it. The network card appears to be fine though. And I can't find anything in the logs to show some sorta misbehavior or shutdown
<sarnold> parallel21: do other computers on the same switch have any issues? can you stick another computerinto that switch's port and make sure that the port on the switch is alright? does tcpdump on either this machine or other machines at the time of network stopping show naything interesting?
<Patrickdk> I had a network card that was broken, unless it was in promisc mode, it wouldn't receive packets correctly
<Patrickdk> always fun to diagnose those issues
<sarnold> Patrickdk: ha, how'd that happen? o_O
<Patrickdk> dunno
<sarnold> "runs tcpdump" *gee looks fine now boss*
<Patrickdk> yep :)
<sarnold> so.... did you leave it in promisc or did you replace the thing? :)
<Patrickdk> ran it for a few months in promisc, till  Ireplaced it
 * sarnold ^5s Patrickdk 
<Patrickdk> this was back in like 97 or 98
<Patrickdk> gigabit cards where expensive
<sarnold> oww
<sarnold> 100 was still hotness at that point
<Patrickdk> ya, 100 didn't last long for me
<Patrickdk> < a year
<Patrickdk> ya, what was it back then, 3c595 goodness :)
<Patrickdk> gigabit isa card
<sarnold> :)
<parallel21> Switch is fine
<parallel21> tcpdump doesn't show anything
<parallel21> I can reboot the machine and everythign will return to normal
<parallel21> And then rsync will kill it
<sarnold> does another machine try to steal this machine's IP address?
<parallel21> no, in fact this machine that dies is the dhcp server
<parallel21> but yeah, I'm certain no other machine is stealing the ip.
<GrantK> Hello.  I've a machine running Ubuntu Server 12.04.4 LTS (GNU/Linux 3.2.0-61-generic x86_64).  Its installed sshd is : OpenSSH_5.9p1 Debian-5ubuntu1.4, OpenSSL 1.0.1 14 Mar 2012
<shauno> parallel21: that sounds sneakily like a duplicate mac address
<GrantK> I need to enabled elliptic curve algorithm use, which requires openssh v>= 6.5
<GrantK> is it possible to upgrade just the Openssh on the existing server using some upgrade repo?
<parallel21> shauno: could you elborate?
<parallel21> *elaborate
<shauno> if you have more than one machine with the same mac (it shouldn't happen, but it does), it'll confuse switches when they have to decide which port to route to
<parallel21> So override the mac-address to something new and see happens?
<shauno> just something to keep in mind if you're trawling tcpdump - when it's unreachale, do you see things even arriving on its interface?
<parallel21> I've rebooted the machine
<sarnold> shauno: nice guess
<parallel21> Let see if I can kill it once more
<sarnold> parallel21: the ipwatchd, arpwatch, and arpalert packages may help catch this in the act if this is what is happening
<shauno> oh it is completely a guess.  it just sounds very familiar to something I've hit before.  if you can't see packets arriving addressed to it, something elsewhere is intercepting them
<shauno> a duplicate IP address will make the source machine send them to the wrong place - a duplicate mac address will cause switches in between to act unpredictably
<parallel21> And now everything suddently works
<parallel21> I have arpwatch arpalert ipwatchd running
<parallel21> Haven't rotated the mac-address...
<fun> hey folks I made bash script and added path to it in rc.local
<fun> when I run bash script.sh it works
<fun> on box restart it yet to start
<fun> using ubuntu 13.10
<sarnold> fun: rc.local runs using 'sh' instead of 'bash' -- is that a potiential source of trouble for your script?
<sarnold> fun: the PATH and other environment variables may not have the values you expect; your script should set the variables it needs at the start
<fun> sarnold: oo lol I read online tutorial
<fun> it said make bash script and add path to rc.local
<sarnold> fun: oh, heh, did you set the permissions on the script to include execute privileges?
<fun> http://serverfault.com/questions/543138/bash-script-execution-through-rc-local
<fun> chmod +x
<fun> I even added exit 0 to the script
<fun> just in ace
<fun> case
<shauno> you seem to be using an absolute path (/metadata) in the first instance, and a relative path (just metadata) in the others.  are you sure it's running from / ?
<sarnold> fun: well, that example looks tolerable enough.
<sarnold> fun: can you pastebin your code?
<fun> yes
<shauno> oh hah, 7 months ago, it's not the same script.  I'll be quiet :)
<fun> http://pastebin.com/DeFidSkx sarnold
<sarnold> fun: aha ;) yeah this has a fair number of issues..
<fun> lol like what?
<fun> it worked fine from terminal when I run bash script.sh
<fun>  but as rc.local uses sh not bash hmm
<sarnold> fun: first, the path to your bitcoind may not be in your PATH at the time this executes; give it the full pathname. second, your current working directory will be / so your 'cd bitcoin-abe' command is likely going to fail -- you should give the full path to this directory, too.
<fun> i have copied bitcoind to /usr/local/bin/
<sarnold> fun: the 'sleep 10' is a race condition, but it might be the best you can do. you might want to make it 20 or 30 or something when you finally run this thing for real, just to reduce the chances that you lose the race :)
<fun> so usually I can call it from anywhere but yes can add full path to it
<sarnold> yeah, /usr/local/bin make not in the PATH at the time this runs during boot
<fun> got it
<fun> roger :D
<fun> remaking
<sarnold> does that 'python -m Abe.abe --config abe.conf' command return quickly?
<fun> pretty quick
<fun> 1 to 3 seconds
<fun> rebootin
<fun> btw sarnold have u tried to use smart card today? :)
#ubuntu-server 2014-05-09
<fun> yes works now
<fun> was path stuff
<fun> :P
<sarnold> fun: heh, no, I still haven't tried a smartcard :) you?
<fun> well I got reader
<fun> now if I can find card locally :D
<fun> http://askubuntu.com/questions/111334/login-using-fingerprint-reader
<fun> :)
<vonsyd0w> i cant figure out why bind won't load my zone files. bind says "zone 10.10.20.in-addr.arpa/IN: loading from master file /etc/zones/10.10.20.in-addr.arpa failed: file not found" but the file is there. anyone know whats going on?
<vonsyd0w> that error is from syslog when restarting bind
<sarnold> vonsyd0w: any chroot games going on?
<vonsyd0w> not that i'm aware of. i just rain aptitude install bind9, so whatever the defaults, thats what im using.
<vonsyd0w> no, i didn't setup a chroot. that requires additional steps, and i followed the server guide for bind9.
<vonsyd0w> the only additional thing i did was create a separate directory for my zones at /etc/bind/zones.
<vonsyd0w> i corrected my name.conf.local file so each zone points to "/etc/bind/zones". The error above says /etc/zones, which was incorrect
<sarnold> vonsyd0w: the error message just says /etc/zones/ not /etc/bind/zones -- grep -r /etc/zones /etc/   ? :)
<vonsyd0w> sorry about that, i copied an older syslog error
<vonsyd0w> im going to try to put the zone files in /etc/bind and see what happens brb
<vonsyd0w> i used named-checkzone to check each zone file; each file passed with "OK". I moved the zone files back to /etc/bind with the other default zones that load OK, and I'm still getting the error stated above.
<vonsyd0w> I completely wiped "purged" bind9 and its configs and now have done this twice. no luck
<vonsyd0w> same exact problem. im not sure what im doing wrong
<vonsyd0w> could be permissions? files aren't owned by bind or a member of the bind group
<sarnold> vonsyd0w: it should work so long as the bind user has read permission on the files; the error says "file not found", not "permission denied" or "operation not permitted"
<vonsyd0w> true OK, I'll keep hunting. pretty determine to get this working
<rostam> hi I am using ubuntu 12.04. for some tasks we need to use sudo command. I would like to know whether it is possible to limit usage of sudo to selected command for specific users? thx
<sarnold> rostam: 99.99% of the sudoers(5) manpage describes how to make that happen :) the downside is that the sudo configuration language is -very- flexible.
<mun24> want to understand process of services in ubuntu
<Armadillos> mun24: Like how?
<mun24> I want to install ftpd server
<mun24> how can I know it is using init.d or xinted
<Armadillos> See if there's a file in the /etc/init.d directory for ftp (most likely vsftp, or ftpd)
<Armadillos> err... vsftpd
<jgee> mun24: remember also that xinet uses inetd.conf as well as its own xinetd.conf and files in xinetd.d
<jgee> mun24: I also check /etc/default (some services make it clear in a settings file there whether to run as daemon or under inetd)
<mun24> ok
<mun24> somehow ftpclient makes the conection and then connection get close. Any idea why
<vonsyd0w> wow sarnold, I'm an idiot bind/named was looking for a filed called "10.10.20.in-addr.arpa" when it should of been "db.10.10.20"
<vonsyd0w> i fixed it and now have a new error message
<vonsyd0w> off to fix that now
<sarnold> vonsyd0w: thanks for reporting back :) I always like to find out what it was..
<vonsyd0w> sarnold, no problem! I can officially resolve hostnames and caching works! now i need to get dynamic dns working (with a Ubiquiti EdgeMax Router/DHCP) fun!
<sarnold> vonsyd0w: oooh, how are those ubiquiti routers? :) I've been wanting an excuse to buy one.
<vonsyd0w> $100 and i love it
<vonsyd0w> i'm learning so much with it
<sarnold> nice :)
<eagles0513875> hey all
<eagles0513875> lordievader: hey
<eagles0513875> hey guys what is the best way to implement a user password policy? would something like LDAP be needed?
<lordievader> Good morning.
<stephank> Well, hope I did this correctly: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1317811
<uvirtbot> Launchpad bug 1317811 in linux "Dropped packets on EC2, "xen_netfront: xennet: skb rides the rocket: x slots"" [Undecided,Incomplete]
<rostam> sarnold thx
<hxm> hello I have a dedicated server with ubuntu 13.04 and it is deprecated right? I would want to upgrade it but, is it safe?
<hxm> will I lose data or configuration files or services?
<cfhowlett> hxm safer than running a non-supported server for certain
<hxm> what you mean
<xnox> hxm: $ do-release-upgrade
<cfhowlett> xnox nope.  13.04 is end of life
<cfhowlett> !eolupgrade|hxm
<ubottu> hxm: End-Of-Life is the time when security updates and support for an Ubuntu release stop, see https://wiki.ubuntu.com/Releases for more information. Looking to upgrade from an EOL release? See https://help.ubuntu.com/community/EOLUpgrades
<xnox> cfhowlett: i believe 13.04 is still on master archives, and didn't move to old-releases yet.
<ogra_> oh, man ... aptitude ...
<hxm> that is the theory, but I want to know the practice, is a production server
<ogra_> why is that still in so many docs :(
<xnox> hxm: (a) don't use non-lts on production servers (b) over the past year everyone did upgrade to 13.10, and 2/3 of 13.10 users have already upgraded to 14.04
<hxm> i started with this when it was already mounted
<hxm> i blame the last employee
<xnox> hxm: blaming people, is not so good. Test the upgrade on a non-production server you have (if you don't - set up a clone).
<xnox> hxm: it's production server, nobody but you knows how critical it is, or what procedures it needs..... if you don't, it's for you to find out and document for future self =)
<hxm> im not saying I did it well, I just said I got the trouble by surprise
<hxm> cloning the os and trying will be the safest way
<nikolam> I started installing Ubuntu Server 14.04  LTS 32-bit in VirtualBox VM 4.3.8 and it started installing and then just display Lilla colored screen and does nothing...
<nikolam> also not using much of an CPU, just sits there.
<apw> jamespage, yo ... seems that openvswitch is lagging wrt debian, but it is not clear if the bits you did are included ... wonder if you could have a look
<hxm> is still posible to upgrade to 13.04 to 13.10 safely and then 14?
<DarkStar1> morning guys. I created a user like so : sudo adduser --system --no-create-home playservice but when I try to run a script under that user I get a passwd prompt
<DarkStar1> except I thought system users were created without passwords
<pmatulis_> morning
<DarkStar1> hoowfy
<DarkStar1> howdy*
<med_> Daviey, happy birthday!
<med_> Are you old enough to drink now?  (j/k)
<Daviey> med_, hah. Thanks
<kaffien> did the rules for bonding nic interfaces  change from  ubuntu server 12.04 and 14.04?  I cannot seem to get LACP working for the life of me
<kaffien> also what would cause ubuntu to rename my network interfaces?
<sarnold> kaffien: that second issue is the 'biosdevname' package; I believe you can just remove the package and rebuild your initrds
<kaffien> it doesn't seem to like my 4 port nic i installed hehe
<kaffien> then again im guessing bonding is difficult if you nic keep renaming
<kaffien> how can i rebuild my initrd?
<sarnold> kaffien: I think that'd be "update-initramfs -u"
<kaffien> that is what i just found to.
<kaffien> have you any experience with  4 port nic cards?
<sarnold> hah, I wish :)
<kaffien> The interface for this network card goes like so   p7p1 p7p2 p7p3 etc
<kaffien> maybe this will help with the names staying put
<kaffien> bonding really isn't that complicated darnit.
<sarnold> the idea is to make it easy to see a NIC name on a machine and know where exactly -on- the machine that NIC is -- and have it keep that name no matter if you add more cards or remove cards. the goal seems laudable, but it seems some people wind up with 'renamedX' kinds ofinterface names
<kaffien> yep
<kaffien> i might just subscribe to ubuntu advantage for this server.
<kaffien> ahhhh proper eth addresses
<hxm> what is the package name which contains mod_authz_default.so
<hxm> or how can I find it trought the package manager
<sarnold> hxm: the apt-file package is wonderful for answering those kinds of questions
<hxm> ah -bin
<ogra_> dpkg -S /path/to/the/file.so
<sarnold> hxm: it'd be apt-file search mod_authz_default.so
<hxm> thanks
<sarnold> (ogra's answer is better if the file is installed; mine will help when the file isn't yet installed)
<ogra_> right :)
<kaffien> once you have your  /etc/network/interface setup nice for bonding you still need to run   ifenslave bond0  eth2 eth3  etc.   It is now all working. Thanks for your help sarnold!
<sarnold> kaffien: ah :) cool! thanks
<kaffien> i wish i could control my network though
<kaffien> I cannot seem to reset the networks now
<sarnold> kaffien: let me guess, you tried service networking restart  and watched your computer hang?
<kaffien> ie  /etc/init.d/network restart doesn't work nor does  service network restart.
<kaffien> it just doesn't do a damned thing
<sarnold> kaffien: the 'right way' is ifup and ifdown
<kaffien> ...
<sarnold> kaffien: oh, nice, it used to seriously upset upstart or dbus or something. hehe.
<kaffien> *twitch*
<sarnold> kaffien: so ifup bond0 and ifdown bond0 ..
<kaffien> they need to stop screwing with stuff that's been working for the last 10 years.
<kaffien> I will attempt that   ifconfig bond0 down basically deleted bond0
<kaffien> ie i could not ifconfig bond0 up  as the device was no invalid.
<sarnold> ifdown, not ifconfig down ..
<kaffien> se previous comment
<sarnold> kaffien: no kidding, I swore at a hung desktop more than once as a result of that..
<kaffien> I will attempt ifdown next
<kaffien> I sure am glad we invested in a second NAS.
<kaffien> well that was fun.   ifdown bond0   interface is 'not configured'
<sarnold> gah
<kaffien> lol for th record it starts up on boot just fine now ... sooo
<Baluse> hello
<Baluse> when is swap memory used ?
<bekks> When all RAM is actively used by applications.
#ubuntu-server 2014-05-10
<budman> I have 4 servers, 2 pairs, same hardware/software/firmwares/drivers except for 2 are ubuntu 12.04 and 2 are 14.04... the 12.04 scp's are limited to 50MB/sec. 14.04 gets 112M/sec+, if I enable compression "-C" with scp I get 80M/sec on both versions... what is different from 12.04 and 14.04 ssh/compression? or am I making sense ha.
<syeekick> hey peeps
<syeekick> burning question im having trouble to google
<syeekick> i want my headless server to have a permenant ethernet connection, but want to connect to wifi on different ocassions. when i set wifi up it temporarliy defaults to wifi and doesnt use ethernet again. Is there a bash script i could setup for such a mess?
<syeekick> when i use wicd-curses it turns off the ethernet conenction and uses the wifi. thats no good as i still need to ssh into the server
<zorgshanker> When i type "sudo mount /" and press tab
<zorgshanker> it only returns / and /proc
<zorgshanker> Therefore i cannot mount /dev/xxx, i feel like something obvious is going on here
<Ben64> then just type /dev/xxx ?
<bekks> "sudo mount /" will not cause anything to be mounted, since / is already mounted
<bekks> What are you actually trying to do?
<zorgshanker> "sudo mount /d" + tab should auto compelte to /dev/ shouldn't it
<bekks> Depends on your shell.
<zorgshanker> I see, well i'm trying to mount /dev/sdb2 which is ext4
<zorgshanker> sudo mount -t ext4 /dev/sdb2 /mnt/sdb2
<zorgshanker> Interesting, if i ommit sudo it will auto complete like i would expect
<h3LL0> hi
<ciastek> i have user without password. sudo doesn't ask for password, when invoked in console, but asks, when invoked from tmux or ssh. why?
<ciastek> https://gist.github.com/ciastek/d496ac00ad68f5367db7
<ciastek> Solved, thx. https://gist.github.com/ciastek/d496ac00ad68f5367db7
<chrisrer> hi guys i have one prolbem wit my ubuntu server.. iwant to install
<chrisrer> Yeti File Hosting Script.v3.3 script but i have this error Could not find the .htaccess within the root of your script install. This is used to rewrite the urls within the site. If you can't see the file within the root of the script zip download, your operating system may be set to hide it. Change your OS to show files starting with a dot and you should see it. any ideas?
<beliq> Can someone explain me how juju is different from OpenShift for example ?
<xpistos> Hey all. I need a hand changing my ubuntu server from static IP to dhcp. My brother set it up but I need to change out my router and my lan IP scheme so roku will work on it correctly
<xpistos> I am using ubuntu server 10.04
<fun> hey folks
<fun> how I can force close tcp connections?
<fun> tcp    CLOSE-WAIT 362    0    those one
<fun> its msn and google bots. I already tried restart networking
<fun> ok reboot done
<fun> I am also running some daemon and it claims address it wants to use is in use
<fun> but its on
<fun> not
<fun> any idea what may cause it?
<teward> without the specific error we can't really diagnose that
<teward> (not easily anyways)
<fun> teward: i run just nginx on 1 ip
<fun> and daemon on ip 2
<teward> what port do you bind them to
<teward> does the daemon bind to the same port as 80 or w/e nginx is listening on and vice versa
<fun> both to 80
<teward> if so that's your problem
<fun> ip1:80 ip2:80
<fun> it worked before
<teward> fun, if it's trying to bind and failing, something's listening on whichever bind it is
<fun> I use ss to check
<fun> nothing
<teward> netstat -tulpn | grep :80
<teward> erm... just grep 80
<teward> or :80, that'd work too
<teward> pastebin the output
<chrisrer> 4:59:58 Î¼Î¼ - chrisrer: hi guys i have one prolbem wit my ubuntu server.. iwant to install
<chrisrer> 4:59:58 Î¼Î¼ - chrisrer: Yeti File Hosting Script.v3.3 script but i have this error Could not find the .htaccess within the root of your script install. This is used to rewrite the urls within the site. If you can't see the file within the root of the script zip download, your operating system may be set to hide it. Change your OS to show files starting with a dot and you should see it. any ideas?
<fun> teward: ok I see what happen, when I rebooted box my upstart script started to work
<fun> and invoke daemon
<fun> so it was already running
<teward> there you go.
<fun> teward: is there some way to check when file was changed but not just lastest change but say dates of last 3 changes?
<teward> I don't know of any out of the box method for doing that...
<fun> oki
<Saur0> hi can someone help me out with a dovecot related question?
<Saur0> i've got it working and tested via command line
<Saur0> but i can't seem to set up thunderbird to work with it
<Saur0> is this out of date --> https://help.ubuntu.com/community/Dovecot
<Saur0> does the thunderbird stuff still need adding to dovecot.conf
<AivarasK> Any way to control HP DL380 G4 fans from Ubuntu server?
<mun24> how to apply diff file to a directory?
<andol> mun24: patch -pN < patchfile, where N is a number, depending on the patch file, what working directory you standing in, etc. See the patch(1) man file for a better explanation.
#ubuntu-server 2014-05-11
<weather_forecast> :)
<weather_forecast> whats the best safest way to mass rename files is following way - all files containing text 'sample' are having this part of their name renamed to 'samk'
<Macer> hello. i was just a bit curious. i have a box with 4x3TB drives and wanted to start using btrfs or zfs .. is btrfs stable enough nowadays to use it in a similar fashion to raidz?
<cridenour> So I tried to reinstall util-linux and now get a "mount: not found" - I managed to get a USB version into rescue mode for the system. What's the best way to fix this?
<Macer> hm. i'm getting a blanked out screen when ubuntu server 14.04 boots
<dw1> video driver issue ?
<dw1> using a GUI on it ?
<Macer> no
<Macer> rather fresh install .. seemed to get past the fb part.. was starting up services and then just went blank
<Macer> does ubuntu-server install allow you to configure a raid5 btrfs from the install?
<Macer> maybe i'll just try to install directly to the hdds instead of using a thumb drive to boot it
<Macer> i know i didn't see the option earlier when i tried to install it to a thumb drive but i doubt it would show it considering there was only the thumb drive to install to
<dw1> might wanna check the logs
<Macer> it seems more like a crash than a fb issue
<Macer> i can't check the logs because i can't ssh to the box and the console is blanked
<dw1> recovery mode or liveusb + mount ?
<Macer> i'm actually going to try to run it from a liveusb in a minute
<Macer> to see where it went wrong
<dw1> yea you can check logs from there
<Macer> it could be because i installed using a laptop then moved it to another pc to try to boot.. but i don't see why that should be an issue
<dw1> :)
<Macer> and it seems that btrfs installed as root doesn't do it cleanly
<Macer> you need an ext(2/3/4) partition
<Macer> which is why i was trying to boot from a thumb drive
<dw1> may be beyond the scope of official support :p
<Macer> booting from a thumb drive and using btrfs?
<dw1> btrfs is 'experimental'
<Macer> oh
<Macer> is zfs on the same boat?
<dw1> according to wikipedia at least
<dw1> dont know
<Macer> i thought btrfs was supposed to be stable as of late
<dw1> im sure people will help anyway, just sayin' you might take some flak for it :p
<Macer> but first let me try to boot this install thumb drive heh
<Macer> well.. these things don't get fixed until someone uses them ;)
<Macer> the random blanking/crashing is problematic
<Macer> heh
<dw1> yes
<Macer> problem reading data from the cdrom?
<Macer> wth? :)
<Macer> not sure what happened there. i just did a straight dd from the iso
<Macer> to a thumb drive
<xzavier> hello everyone ,
<xzavier> i got a problem, my ubuntu 14.04 can not save the brightness setting.
<xzavier> when i reboot computer, the brightness back to 100%, does anyone has this problem?
<dw1> xzavier: hrm, lots on google http://google.com/search?q=ubuntu+not+saving+brightness -- sorry, no personal exp
<xzavier> i just searching that with google,
<xzavier> thanks
<dw1> i expect you will win soon. :)
<dw1> hehe
<xzavier> haha
<h3r1> hello there... i have a strange issue with samba shared folders... some folders are always accessible while otheres are only accessible (visible) after accessing the server via ssh... could anybody help me?
<ranno> i believe my ubuntu server got hacked a few hours ago
<ranno> i got an email from digitalocean. : We've had to unfortunately reboot your Droplet graafik due to an issue on the underlying physical node where the Droplet runs.
<ranno> i managed to login via digitalocean online console. found out that all connections were dropped from ssh, http, https etc
<ranno> i investigated the bash history, where i saw some weird commands that didnt ring a bell to me
<ranno> http://i.imgur.com/CHJ9MIw.png
<ranno> starting from iptables save
<ranno> seems that someone has hacked into the server and turned off the prots
<ranno> ports *. cpu load is nearly 100%. two-three processes that take the most memory are labelled "sh"
<dw1> if so then they had root access which means the only way to clear them out is re-image
<ranno> they change their pid's every few seconds
<ranno> yes, i thought about re-imaging the system and it is my next step
<ranno> BUT
<ranno> i need to get a database dump before
<dw1> :(
<ranno> now the interesting part starts
<ranno> nearly every command i type in fails
<dw1> should do that daily ideally if not too big
<dw1> hmm
<ranno> yes, from now on i will do it :D
<ranno> mysqldump would help me out BUT http://i.imgur.com/T12cBjK.png
<dw1> well if youre on a console connection then i would shut dwn the networking asap
<dw1> so the guy cant do stuff anmore
<ranno> i believe it is used for bitcoin mining
<dw1> and find and kill the processes
<dw1> whatever they are
<ranno> the process id changes every few seconds
<dasjoe> That's unusual for mining
<ranno> here is the output of top
<ranno> http://i.imgur.com/Sp6bJ6W.png
<dasjoe> Paste a "ps aux", like "ps aux | pastebinit" or manually on a pastebin
<dw1> you can get the parent process id
<dw1> ps -f
<dw1> umm
<dw1> ps -ef
<dw1> anyway you should shut off networking until you want to send off your backup
<ranno> yeah im trying to get the results to you. but the online-console does not have mouse interactivity and the keyboard layout is really weird. i can not find the | character. copy/paste does not work also
<dw1> just in case the boogeyman is watching you and decides to destroy everything
<h3r1> hello there... i have a strange issue with samba shared folders... some folders are always accessible while otheres are only accessible (visible) after accessing the server via ssh... could anybody help me?
<ranno> how to turn off the networking the right way _
<dw1> ifdown <iface>
<ranno> done
<dw1> now do you dumps and zips and stuff
<dw1> tar czfp to maintain permissions
<ranno> i only need the mysql database backup
<ranno> but yeah, i can not execute nearly anything
<ranno> i try to get the ps aux response to you
<dw1> h3r1: dont know bout that
<dw1> ranno: iptables -F will flush the firewall
<ranno> ps aux output
<ranno> http://i.imgur.com/vJec9AY.png
<dw1> ranno: ps -ef will show PPID = parent process
<ranno> ok ps -ef output
<ranno> http://i.imgur.com/o4CNqPN.png
<dw1> ranno: if you do iptables -F the rules he added to /etc/iptables/rules.v4 wont be re-run until reboot .....
<ranno> http://i.imgur.com/MFheFCz.png
<dw1> ranno: youre just looking for the parent of the processes using 100% cpu if you care to kill them
<dw1> ranno: otherwise just ignore them get your dump, offload it and reimage
<ranno> i will probably save the current image for later investigation
<ranno> but the main problem is that i can not make the dump
<dw1> ranno: easy answer is they brute forced your root pw
<ranno> executables do not work
<dw1> ranno: or they stole your private key from home comp
<dw1> hmm
<ranno> this is what i get when i try to execute something
<ranno> http://i.imgur.com/T12cBjK.png
<dw1> what if you just type bash
<ranno> nothing happens
<dw1> prob opened a new shell
<dw1> might seem like nothing happened :)
<dasjoe> What makes you believe you got hacked, anyway? DigitalOcean told you they had to reboot your system
<ranno> bash_history commands that i do not recall
<dw1> what about things like echo does that run
<ranno> echo displays a new line
<ranno> yeah
<ranno> echo works
<dw1> what about mysql
<ranno> bash: /usr/bin/mysql: cannot execute binary file
<dw1> does it still have executable flags
<dw1> ls -al /usr/bin/mysqldump
<dasjoe> Also, they're probably using a US layout, see https://en.wikipedia.org/wiki/File:KB_United_Kingdom.svg for an approximate mapping to a ISO layout
<ranno> yeah i even chmodded 777
<dw1> well
<dw1> you can always copy the mysql files directly
<dw1> if they havent been destroyed
<dw1> look in /var/lib/mysql/databasename
<dw1> MyISAM tables?
<dw1> im an innodb noob :p
<ranno> yeah , the files still exist
<dw1> tar work?
<ranno> seems so
<dw1> well then just tar up your /var/lib/mysql/*
<ranno> i have to admit i have never really understood the tar flags
<dw1> may be able to skip some things.. like ib* .. not 100% certain
<dw1> tar czfp /path/to/archive.tgz /var/lib/mysql
<dw1> -c create -z gzip -f filename -p keep permissions
<dw1> also note your mysql version ..
<dw1> if you can
<dw1> dpkg -l | grep mysql
<dasjoe> I seriously doubt you got hacked, ranno. You probably installed some package for the wrong architecture, thus a script can't execute a binary and retries, this are the sh processes which consume 100% cpu
<ranno> i havent logged in for a week or so
<ranno> but tbh, i now also doubt the hacking
<dasjoe> Yeah, DigitalOcean told you they rebooted the system
<dw1> maybe they ran teh iptables stuff
<ranno> i get errors like \read-only file system
<ranno> when trying to tar
<dw1> wtf mode did they reboot into :)
<dw1> http://askubuntu.com/questions/175739/how-do-i-remount-a-filesystem-as-read-write
<ranno> http://i.imgur.com/uWtvK0G.png
<dw1> is there anything malicious in /etc/iptables/rules.v4 ?
<dw1> 'cause thats all the bash history says was modified
<dw1> not too nefarious really
<bekks> ranno: remount the filesystem read-write.
<dw1> not like they wrote echo "haha you got owned" > /i-am-the-best
<ranno> iptables rules
<ranno> http://i.imgur.com/9EdQLfW.png
<dw1> hehe
<dw1> yea that looks not so bad
<bekks> quite wrong actually.
<bekks> There are no ports above 65535 :)
<dw1> still not obviously malicious
<bekks> Indeed.
<dw1> tell them they rebooted wrong and to fix it :p
<bekks> I second that.
<ranno> when trying mount -o remount /
<h3r1> i cannot access some samba sheres until i connect to the server via ssh. i want the samba share folders to be alway visible, without ssh connection... can somebody help me out?
<bekks> ranno: Thats not the correct command.
<ranno> remount,rw ?
<bekks> ranno: Read the link given.
<dw1> a proper boot should be rw.. dont know why it booted ro
<dw1> but that likely explains all the stuff like no ssh
<ranno> after reboot now
<ranno> it said that there is something to fix
<ranno> pressed F
<dw1> drive failing? :/
<ranno> and some indodes had something of value 2 that had to be 1
<bekks> dw1: It perfectly does. No PID file can be written on a ro fs. So almost every daemon, including sshd, fails to start.
<h3r1> please, does anybody have at least a hint for me?
<dw1> h3r1: http://askubuntu.com/questions/274138/samba-only-works-if-logged-in-over-ssh ?
<dw1> google ftw? :)
<ranno> i try to umount as shown in the article
<ranno> but i get "device is busy
<dw1> ranno: if it mounts properly on boot shouldnt need to do that.....
<dw1> ranno: if it doesnt mount properly on boot.. tell your provider they broke it, if they're mildly responsive, and especially if its managed
<bekks> ranno: you cannot umount /
<dw1> ranno: report the inode thing too
<ranno> so okay the partition identifier is /dev/vda
<ranno> what should the mountpoint be _
<h3r1> dw1 thanks for the link... indeed, my share is an encrypted one... does it mean, that i have to be connected via ssh always that i want to access this share? how can i automatically mount it via ssh?
<bekks> ranno: look at your /etc/fstab
<bekks> h3r1: Yes, it means you need to connect using ssh prior using samba.
<h3r1> bekks thank you
<dw1> h3r1: or move it out of the encrypted folder
<h3r1> dw1 is it convenient at all to hacve my home-folder encrypted on the server? i did it for security reasons...
<dw1> h3r1: maybe you can hack it http://google.com/search?q=automatically+mount+encrypted+samba+share
<lak-kal> hi, some soft for nikon D3200 to control from computer?
<dw1> h3r1: i encrypt at home and on laptop mostly to prevent physical access
<bekks> lak-kal: Define "control" a bit further please.
<dw1> h3r1: you may not be able to protect against a snooping provider.. not sure
<dw1> h3r1: at least not while youre logged in
<dw1> h3r1: so it may or may not be beneficial
<h3r1> dw1 so encryption only helps in case of phisical access?
<bekks> h3r1: Actually yes.
<lak-kal> bekks: control = manage,
<ranno> etc/fstab shows two mount points> /proc and /
<bekks> ranno: And?
<ranno> first has a file system proc and the second has UUID=3107///
<bekks> ranno: So look at the UUIDs your system: sudo blkid
<bekks> lak-kal: I'd say "digikam", but it more for managing your photos.
<dw1> h3r1: id say its unlikely your provider will snoop or have your server stolen.. :)
<dw1> h3r1: but if someone brute forces some account or something i guess encryption could be good
<dw1> h3r1: dont know :)
<ranno> bekks: okay i get /dev/vda and LABEL and UUID values
<ranno> bekks: i still dont get where do i get the mount point value
<dw1> h3r1: assuming you have a remote server btw
<dw1> h3r1: in a standard secure facility :)
<bekks> ranno: the mount point is /
<bekks> ranno: Just call your ISP to fix that issue. They broke it, they have to repair ir.
<lak-kal> take pictures from computer : http://www.lmscope.com/produkt22/Nikon_Camera_Control_Pro_2_es.shtml
<bekks> *it
<lak-kal> bekks: take pictures from computer : http://www.lmscope.com/produkt22/Nikon_Camera_Control_Pro_2_es.shtml
<ranno> ok thats it
<ranno> opened a digitalocean ticket
<h3r1> dw1, thank you for your advice
<ranno> actually i now remember this is already the second time when i have problems with DO disks.
<ranno> thank you for helping me
<Macer> wow. i have no idea what is going on here
<Macer> ubuntu just crashes when i try to boot it to install
<Macer> weirdest thing ever
<cfhowlett> !md5sum|Macer verify your ISO , verify the boot media
<ubottu> Macer verify your ISO , verify the boot media: To verify your Ubuntu ISO image (or other files for which an MD5 checksum is provided), see http://help.ubuntu.com/community/HowToMD5SUM or http://www.linuxquestions.org/linux/answers/LQ_ISO/Checking_the_md5sum_in_Windows
<Macer> ubottu: it isn't the media
<ubottu> Macer: I am only a bot, please don't think I'm intelligent :)
<Macer> cfhowlett: i used the same one to install to another SD using a laptop
<Macer> worked fine... would boot
<zorgshanker> Macer: do you have multiple monitors plugged in by any chance?
<Macer> no. just one.
<Macer> it completely crashes the system tho. the usb turns off.. strangest thing ever heh
<cfhowlett> Macer so ...  you did NOT take the 90 seconds required to verify the integrity of your the ISO.  right.
<Macer> cfhowlett: no.. but the integrity should be proven by the fact i just used the same exact SD to install it onto another system?
<Macer> the install media is fine
<cfhowlett> Macer garbage in/garbage out
<zorgshanker> Do it to rule it out
<Macer> 01545fa976c8367b4f0d59169ac4866c *ubuntu-14.04-server-amd64.iso
<Macer> it matches
<Macer> it tries to boot.. reaches a certain point... then just crashes the entire system
<Macer> and i can't even check the logs on it
<Macer> either way tho. a fresh install simply crashing "just because" ... :/
<Macer> maybe an issue with the amd apu stuff?
<Macer> hm. let me try debian.
<Macer> wow it's really the weirdest thing.. debian boots. ubuntu boots but reaches a certain point and crashes the whole box
<Macer> yeah i'm at a loss. amazing.
<Macer> there seems to be some awkward module that is loading that is making it crash. when going into recovery mode it boots fine
<Macer> :/
<Macer> wth
<Macer> it just got to a login.. then the screen goes blank... and it crashes
<Macer> ah.. ok. well.. nomodeset seems to have fixed the not booting problem :)
<Macer> so what is the best way to do a swap when you are booting from an sd and want to create a raid5 btrfs across 4 disks?
<Macer> do i just partition a couple GB per disk and add all the swap partitions to fstab?
<Macer> then make the remainder btrfs partitions and create the raid5 btrfs?
<h3r1> hello there... i made a  reinstall of ubuntuon my laptop... i have an encrypted home folder... i used to share the desktop folder via samba without problems. now after the reinstall it says it cannot mount it... any idea how i can fix this?
<Macer> nice. set up the swap space and zfs on the 4x3TB drives
<Macer> hopefully it survives this reboot
<cloudman> Hi is Ubuntu server secure??
<cloudman> What I mean is every core program vetted?
<cloudman> Can we trust the very core of Ubuntu??
<cloudman> Who checks these things??
<cloudman> Who vefifies that Ubuntu is secure???
<cloudman> Verifies sorry.
<cloudman> I think security is to be a big thing and if any problems should be brought before the so called law big time
<cloudman> who verifies all the software withing ubuntu???
<cloudman> within
<cloudman> Is Ubuntu secure??  If so who says so??
<bekks> cloudman: Isnt it? Who says so?
<cloudman> whatever dude
<cloudman> who verifies ubuntu as secure software
<cloudman> or any other distro
<cloudman> I run bunt 12.04
<cloudman> And I mean verify so that you can sue them later
<cloudman> if not so
<shauno> who does that for any OS?
<cloudman> So, the main question is, is Ubuntu secure software and who says so
<cloudman> Officially
<cloudman> So does Ubunt give no promise of its core security???
<cloudman> Ubuntu sry
<Macer> cloudman: the nsa does
<bekks> And the DoD, and the US Army, and and and.
<bekks> Oh, and the NATO as well.
<cloudman> Macer: dont make light dude on a important issue
<Macer> yeah. they verify windows and osx as well
<cloudman> Oh so we just piss it off
<Macer> cloudman: depends on what you mean by "secure"
<Macer> i don't think there is some govt agency that verifies that an OS is secure
<cloudman> Macer:  all core software, who verifies it, simple question
<shauno> I'm not aware of anyone who does this for any platform.  it's a fairly unrealistic expectation
<dasjoe> It's open source, feel free to verify it
<Macer> i an only assume there is some sort of private org within ubuntu that does it... i mean other than that it's pretty much "use our free stuff at your own risk"
<cloudman> dasjoe: so they jus add it without looking at the code?
<Macer> but then again who verifies if windows is secure as well?
<cloudman> Macer:  just talking about Ubuntu here dude
<jrwren> there are agencies who will take $$$ and verify an OS as FIPS compliant
<jrwren> of course, FIPS is not very secure at all.
<cloudman> geez guys just abswer the question
<Macer> cloudman: nobody.
<cloudman> answer sorry
<jrwren> I do. i verify it secure.
<cloudman> worked up as it is
<jrwren> see. I looked at it, and I verified it.
<Macer> like i said. i'm sure there are some internal testers...
<cloudman> jrwren:  ;) lol
<Macer> all it takes is one snowdenesque dev to make everything come off the rails
<cloudman> Macer:  sure but who official and accountable??
<jrwren> who verifies ANY os as far as your question goes. Windows or Mac or Android or Other?
<Macer> cloudman: nobody
<cloudman> GEEZ
<Macer> any OS is use at your own risk. i'd assume even more so for something that is free and opensource
<jrwren> ^^^
<Macer> the faith based operating systems
<cloudman> Macer:  is that a window for big shit
<jrwren> all are faith based, aren't they?
<dasjoe> cloudman: http://www.ubuntu.com/about/about-ubuntu/governance
<Macer> freebsd probably has CS students checking code
<cloudman> jrwren: quiet dude
<jrwren> Also, the original Q can only be answered with more questions. Secure from what?
<shauno> there are no other questions.  he's already stated "And I mean verify so that you can sue them later".  which means nobody.
<cloudman> Geez I think there are a lot of sysadmins here
<Macer> cloudman: i'd guess that ubuntu is secure based on the fact that it has so many users that a flaw would be quickly found and fixed
<Macer> obviously things get through like that little openssl debacle
<cloudman> yeah like heart beed
<cloudman> bleed
<bekks> It was found and fixed within three hours.
<jrwren> and that isn't open in the default ubuntu install.
<bekks> What do you expect. Dude. Geez.
<cloudman> but ran for 2 years
<Macer> but anyways.. i finally finished setting up ubuntu-server and the zfs so i'm happy heh
<Macer> good stuff
<Macer> just need to set up samba in a bit and i'm done
<jrwren> desktop OR server, heartbleed wasn't there OOTB, someone had to install an https server
<Macer> oh.. and virtualbox i guess
<cloudman> geez guys dont be so niave
<bekks> cloudman: geez guy. dont make a drama out of nothing.
 * Macer puts on his tin foil hat
<jrwren> cloudman: what do you need?
<cloudman> sure, greatr and helpful comment
<Macer> you can always use option b... write your own OS :D
<Macer> then you KNOW it's perfectly secure
<bekks> cloudman: like all your rants before.
<cloudman> so protective man
<cloudman> bekks what rants??
<Macer> and even then someone will find an exploit heh
<jrwren> openbsd is great. I like a lot of what they do. I still use ubuntu.
<bekks> cloudman: read your own backlog.
<dasjoe> <Â°)))o><
<cloudman> yawn as they gang up
<jrwren> cloudman: what do you need?
<cloudman> lol
<bekks> *plonk*
<cloudman> dick
<cloudman> whats up
<dasjoe> You? Yes
<cloudman> just asked a basic question
<shauno> "nobody" is a pretty basic answer.  so why drag it out?
<cloudman> and you all came back and said basically that Ubuntu is not monitored for security lol
<jrwren> that is what you did. that is not what was replied.
<shauno> you've said you're looking for someone to accept legal liability.  no such party exists.
<jrwren> monitoring for security is different than a formal verification.
<jrwren> a quick duck duck go gives me this: https://wiki.ubuntu.com/SecurityTeam
<cloudman> So Ubuntu does not take any security measures at all or even tries??
<jrwren> cloudman: there is a security team.  https://wiki.ubuntu.com/SecurityTeam
<cloudman> Tried they were out to lunch
<jrwren> tried what?  What do you need?
<cloudman> besides just asking questions here
<cloudman> typical irc jump on someone
<cloudman> jrwren:  lol duck duck, you have security issues?
<jrwren> not right now.
<jrwren> everyone has security issues at one time or another.
<cloudman> duck duck wont let me access if I have peerblock running
<cloudman> so much for not tracking
<jrwren> i'm not familiar with peerblock
<cloudman> obviously
<jrwren> so you need to access duckduckgo while peerblock is running?
<cloudman> so much for duck duck bull shit
<IdleOne> Please keep the language clean
<cloudman> thay dont track you, why they want to know my IP??
<cloudman> IdleOne: sry
<jrwren> who? duckduckgo?
<cloudman> jrwren:  your quite a person
<cloudman> very prevocative
<jrwren> That was not my intention. I only want to help.
<cloudman> no, you just wanted to troll
<jrwren> no.
<cloudman> on a subject you no nothing about
<cloudman> Tell me
<IdleOne> Seems to me you are the one trolling. I suggest you change your tone.
<cloudman> how do you secure your Ubuntu servers??
<cloudman> IdleOne:  not trolling here, came with some serious questions, all I got was hostility
<cloudman> and that jrwren who is a troll
<jrwren> cloudman: i'm sorry.
<cloudman> np
<cloudman> sorry here as well, only asked some questions
<cloudman> irc is like that I guess, gets heated very quicly
<cloudman> too quicly at times
<cloudman> quickly
<lordievader> Good evening.
<xeno_> Just tried to install fvwm-crystal on ubuntu-server, then rebooted, and still got no window manager.
<xeno_> So now I have a fully installed gnome shell and it just comes up a gray screen with no menus.
<fun> hey folks
<fun> is it relatively tricky to mass rename parts of files names?
<fun> I got soft to do it in win via regex but maybe in Linux its also easy?
<Patrickdk> rename
<Patrickdk> I know, it's kindof magical
<Patrickdk> but it does do what it's name suggests
<fun> well i want to rename part of file names
<Patrickdk> so?
<Patrickdk> are you telling me rename doesn't support that?
<Patrickdk> cause I'm pretty sure I use it daily for that purpose
<fun> I dont know how to do it, any ideas?
 * Patrickdk wonders off to look for a better rename tool :(
<Patrickdk> use rename?
<fun> and syntaks?
<fun> :D
<Patrickdk> rename - renames files based on the perl expression passed to it
<Patrickdk> works using standard pcre
<Patrickdk> I dunno anything more powerful than that
<fun> hmm I am googling syntaks
<fun> yet to find
<Patrickdk> no idea what a syntaks is
<Patrickdk> you don't have man installed?
<fun> man is too long
<fun> I use google usually to find command I need
<xeno_> I still don't have my complete desktop environment.  Anyone have a suggestion?  I just installed ubuntu-desktop, and there is no menu bar.  Nothing but a dropdown.
<xeno_> There must be a step to make this work.  Obviously nobody wants it to be in documentation, because I cannot find it on google.
<fun> hey xeno
<fun> what do u want to do?
<xeno_> I just have an ubuntu server install, and I want to have a desktop that works, that has basic tools.  It doesn't need to have all the bells and whistles, just a functioning desktop, with basic stuff.
<xeno_> Like a search for apps.
<xeno_> So I tried fvwm, and it was completely functionless.  Not even a window manager.  I tried gnome shell, and all I got was a gray screen with no function
<xeno_> Then I tried ubuntu-desktop, and I have a right click dropdown, but no other function.
<xeno_> It says installing ubuntu-desktop gives you everything.  Well, it doesn't.
<xeno_> Not only does it not work, but it takes forever not to work.
<xeno_> And the instruction I see has no other statement about giving you a fully functional desktop.
<fun> ok
<fun> I can help u
<fun> but when u install desktop server gets slower
<fun> which ubuntu u use?
<fun> version
<xeno_> I just need the latest ubuntu server with a desktop.  I am going to do development work on it using virtualbox.
<xeno_> It doesn't need to be fast.  It just needs to be a good internal tools development box.
<fun> sudo apt-get install update-manager-core
<fun> do-release-upgrade
<fun> that goes to latest 14.04
<xeno_> I just wish I'd installed debian server, which comes with what I need.  But my pin drive broken and I'm stuck with this now.
<fun> then sudo apt-get install ubuntu-desktop
<fun> simple :D
<xeno_> And yes, I know I should have started with desktop, but again, my usb drive broke, and I need to get this done.
<xeno_> I did do apt-get install ubuntu-desktop, and it didn't work the first time.
<xeno_> I went back and forth trying things, and it kindof works now.
<xeno_> Ok.  I'll try the update--* sequence you describe.  Thank you.
<fun> xeno :)
#ubuntu-server 2015-05-04
<IronDev> Hey guys so I just installed Ubuntu Server and I hooked it up to my MacBook via ethernet then I ran ifconfig, but the only thing I saw was lo
<PryMar56> IronDev, is the linux box now connected to a router and to the MacBk?
<IronDev> PryMar56 Directly to the mac
<PryMar56> IronDev, you might need to make a static config for the NIC on Linux to match the subnet for Mac.. like 10.0.2.0 or ?
<IronDev> PryMar56 Can I use a DHCP server
<harushimo> for the openstack installation on ubuntu-server, I was going to setup 3 node cluster
<harushimo> what is the best way to setup openstack?
<IronDev> harushimo theres an iso
<harushimo> I have the ubuntu server iso
<harushimo> I installed it on VM
<PryMar56> IronDev, I can't grok your setup
<IronDev> prymar56 grok?
<PryMar56> picture it
<harushimo> IronDev: is there a openstack iso just for ubuntu?
<PryMar56> IronDev, what was supposed to happen? Is the Mac on Wifi, then you used the spare ethernet port to bridge the Linux to internet?
<IronDev> harushimo http://www.ubuntu.com/cloud/ubuntu-openstack
<IronDev> prymar56 exactly theres a feature in mb settings
<PryMar56> IronDev, do you know all the config files for Ubuntu?
<PryMar56> */interfaces, fstab, resolv.conf
<IronDev> PryMar56 interfaces only
<vonsyd0w> Internet sharing on Mac OSX has little to do with ubuntu
<IronDev> vonsyd0w A small bit of info wont change the topic will it?
<harushimo> IronDev: do I have to create seven VMs?
<harushimo> IronDev: http://www.ubuntu.com/download/cloud/install-ubuntu-openstack
<harushimo> i'm looking at these instructions
<IronDev> harushimo I dont think so but 3 is good
<harushimo> IronDev: Right now, I setup node 1, node2, node3
<harushimo> thanks
<harushimo> I'm reading the documentation on openstack site too
<harushimo> IronDev: thanks for the help
<IronDev> harushimo no prob
<harushimo> IronDev: Can I ask you one other small question?
<IronDev> ye
<harushimo> IronDev: from step 2 onwards, does those repos need to be install on every node?
<harushimo> IronDev: then I'll do it on all the nodes
<IronDev> harushimo Ya I think
<harushimo> IronDev: I'll keep you to update
<harushimo> thanks again
<IronDev> harushimo I gtg soon
<IronDev> harushimo But you can memoserv
<harushimo> IronDev: I'm good right now
<harushimo> what's memoserv?
<stooj> Hi all. I'm putting together a mail server but must have messed up somewhere. Using postfix + spamassassin + spamass-milter, communicating through a socket. But my mail.log contains the following every time the pipe is used:
<stooj> May  2 05:44:41 myhostname postfix/smtpd[15597]: warning: milter unix:/spamassassin/spamd.sock: unreasonable packet length: 1397768525 > 1073741823
<stooj> May  2 05:44:41 myhostname postfix/smtpd[15597]: warning: milter unix:/spamassassin/spamd.sock: read error in initial handshake
<stooj> Anyone seen this before and recognise the problem?
<Alina-malina> hello all, i need to forward ssh tunneling when someone connecting to my server from outside? i need to proxychain that connection to 127.0.0.1:777 how can i do this?
<lordievader> Good morning.
<swizgard> hi. the local dnsmasq thing does not really work out for me (it's flaky, sometimes hostnames don't get resolved for some tries and then they do. problems i don't have when the dns is in /etc/resolv.conf directly)
<swizgard> any solutions for keeping networkmanager for the most part but not for dnsmasq?
<lordievader> swizgard: Change the NetworkManager's config.
<lordievader> swizgard: In Gentoo you add dnsmasq by doing [1], so I guess try to find that and remove it. [1] https://wiki.gentoo.org/wiki/NetworkManager#Dnsmasq
<swizgard> lordievader: i changed "dns=dnsmasq" to "dns=none", but this just makes dns stop working completely
<lordievader> swizgard: Try commenting the line ;)
<swizgard> huh!
<swizgard> that almost sounds as if it might work (-:
<Alina-malina> how to forward user ssh connection to proxychains on server side?
<OpenTokix> Alina-malina: proxy chains?
<Alina-malina> yes
<Alina-malina> proxychains
<OpenTokix> Never heard the term before
<OpenTokix> what is it?
<Alina-malina> a chain of proxies
<OpenTokix> for ssh?
<Alina-malina> no
<Alina-malina> tcp connection
<OpenTokix> You have [ client - proxy - proxy - proxy - proxy - destination ]
<OpenTokix> And the proxy is a simple forwarder, ie. a router?
<OpenTokix> If that is the case, client only knows about the first proxy/router
<Alina-malina> no its not the case
<Alina-malina> i have a client
<Alina-malina> he connects to over ssh to my server via tunneling browsing webpages
<Alina-malina> so what i want is to forward his browsing over proxychains and not my server ip directly
<Alina-malina> got it?
<OpenTokix> Alina-malina: I have no idea what you are saying, you are mixing up techologies in your explaination until it makes no sense.
<Alina-malina> i want to controll his access
<Alina-malina> wow ur stupid
<Alina-malina> its basic stuff
<OpenTokix> Alina-malina: Maybe ask the question to someone who speaks your native language, since clearly english is not yours.
<lordievader> Alina-malina: Insulting people won't help you. Please be respectful. Are you trying to string along ssh tunnels?
<Alina-malina> string?
<lordievader> client -> ssh tunnel -> ssh tunnel -> ssh tunnel -> destination.
<Alina-malina> nah
<Alina-malina> client->ssh tunnel->proxychains -> destination
<Alina-malina> and allow ONLY TCP connections for that user and nothing else
<lordievader> So forward localhost:some-tcp-port to the beginning of the proxychain?
<Alina-malina> from where?
<lordievader> That depends on your configuration, I suppose.
<Alina-malina> so why i cant just portforward that specific user to proxyhchain directly?
<lordievader> You can? Portforward the endpoint of the ssh tunnel to the beginning of the proxychain, that was what I was trying to say with the line above.
<Alina-malina> so the client have to do this from his side, i dont get it? or i can do that as root, to force him to use it so he cant do anything else rather then browsing webpages over proxychain i provide to him?
<lordievader> If you have access to his box, you can control anything. (Given you have the rights)
<Alina-malina> yes root
<lordievader> So you have full control ;)
<Alina-malina> so i need to do this forwrading on iptables level or what? you just speak theoretically, no sense
<Alina-malina> or user access control?
<lordievader> Alina-malina: Iptables it probably easiest, yes.
<Alina-malina> yes i already figure it out
<Voyage> HI
<Voyage>  I have apache on my vps and I was thinking to make a user named "developer" and put the website directory in his home dir. By this way, he would have access to the files via ssh, sftp and I dont have to give root password to him. Is that a good idea?
<lordievader> Voyage: Yes, also look into apache's mod_userdir, or however it is called.
<Voyage> hm
<Voyage> lordievader,  should I just set apache root to /home and allow each site to a different developer. for instance         apache root as /home         and site-1 at /home/developer1-name/site-1-files         and site-2 at /home/developer2-name/site-2-files
<lordievader> That doesn't sound like a good idea. Since www-data then needs access to all those home-dirs.
<Voyage> hm.. you mean www-data needs to be owner or those files or just a chmod 777 would do ?
<lordievader> No, it needs read (and perhaps execute) rights. Chmodding things to 777 is allways a bad idea.
<Voyage> lordievader,  yes, agreed.
<Voyage> lordievader,  it would need to write in many cases as well.
<Voyage> so what is the best solution here?
<lordievader> Voyage: Make dir in /var/www/ that is owned by your user with group www-data which has rx rights?
<Voyage> how about i do it in home dirs?
<Voyage> lordievader,  should I just set apache root to /home and allow each site to a different developer. for instance         apache root as /home         and site-1 at /home/developer1-name/site-1-files         and site-2 at /home/developer2-name/site-2-files
<Voyage> If I have to live with conventions, what should be done. I was thinking to add the user in the other group. dev to www-data group or www-data to dev group.. what should it be. (I have many devs and many sites...)
<lordievader> Then www-data needs x rights to the home-dir, I personally do not like that.
<Voyage> no, I will not give x to full home
<Voyage> only to the site dir
<Voyage> eg.:
<lordievader> Voyage: www-data cannot get to a subdir if it cannot acces a parent dir ;)
<Voyage>  .  /home/username/site-dir
<Voyage> oh..
<Voyage> then I cant make chroot jails either
<Voyage> right?
<lordievader> Err, I have no experience with chroot jails.
<Voyage> chroot jails is something that wont allow a user to get out of his home dir. this is a security . the user will not see whats outside. the system is invisible
<lordievader> I know what it is, but never used it ;). So I cannot judge if that will accomplish your goal.
<Voyage> hm
<Voyage> lordievader,  when you said the following, what did you meant by group? I mean which user to add in which group? Make dir in /var/www/ that is owned by your user with group www-data which has rx rights
<lordievader> Voyage: Every dir is owned by a user and a group, noted usually like $user:$group, in many cases they are both your username or root (root:root). For all groups see /etc/group.
<Voyage> ok.
<Voyage> so you want me to give the directory as the developer:apache-group ?
<Voyage> or what?
<Voyage> will developer-name:www-data do for any dir?
<Voyage> lordievader,  there are groups and users. each user hase a group.   so If I give permission, for a file, to a user: some-other-group-that-user-is-not-a-member-of          but the required www-data user is. will do ?
<lordievader> Yes. The user does not need to be a member of www-data.
<Voyage> but if I just do chown -R a:b /dir           and then 'a' comes and creates some new files. those files will have permission to what? == to 'a' and 'a's group, not ' b' group and its users. correct?
<lordievader> Make the group sticky, read the chown man page ;)
<Voyage> sticky?
<Voyage> hm ok
<Voyage> if you run "id" it will say your primary group. If you create new files and don't change the owner, it'll be owned by your user and your primary group
<Voyage> ok. I will read
<Voyage> thanks!
<jrwren> Voyage: see the "Sharing Write Permissions" at the bottom of https://help.ubuntu.com/14.04/serverguide/httpd.html
<Voyage> hm
<jrwren> It does not really explain the sticky bit though. We should update that.
<Voyage> would I have to chmode everytime I make an update/create a new file?
<Voyage> chmod/chown
<Voyage> jrwren, ^
<jrwren> no, that is the point of the sticky bit or ACL
<Voyage>  I cant come to a final conclusion...  I want 3 people to have access to a dir and subdirs, create files, read/write but also want www-data:www-data to read/write those dirs.  I dont want to chmod/chown evertime theres a change in dir. so what should I do?     will this help?https://help.ubuntu.com/14.04/serverguide/httpd.html#http-directory-permissions
<Voyage> jrwren, hm ACL. how to do that?
<jrwren> I think sticky group will do everything you want.
<jrwren> try it.
<Voyage> ok
<Voyage> wait. how about i just make a new user an add him to www-data group as his pri group?
<jrwren> try it.
<lordievader> Voyage: You don't really want to give the www-data too much write access ;)
<Voyage> lordievader,  ya, but those users will be only for website management.
<Voyage> how about I make pri group of www-data for all the 3 users?
<lordievader> I was more talking about the security aspect of giving www-data, read apache, read the world, write acces ;)
<Voyage> ya but ultimately the site content should be r/w by apache. so what ever dir it is.
<lordievader> Why write?
<jrwren> no, write by apache is generally not a good idea.
<Voyage> wordpress and other stuff needs write access
<Voyage> so www-data should have write access
<jrwren> and wordpress has a vulnerability every week :)
<Voyage> true
<Voyage> but have to live with it
<jrwren> indeed.
<patdk-wk> I thought it had 3 last week
<jrwren> patdk-wk: lol
<Voyage> it does a lot of things. .htaccess writes, configs, plugins install etc
<Voyage> so need write access
<Voyage> so...
<patdk-wk> you should not give write access to apache
<patdk-wk> run wordpress as a different user
<lordievader> Voyage: Give very specific write access.
<patdk-wk> atleast limit it's damage it can do
<Voyage> patdk-wk,  run? the apache runs the site/wp not the user and apache is ran by www-data
<lordievader> For as far as I know it needs write acces to a couple of tmp folders.
<patdk-wk> apache doesn't run crap
<patdk-wk> php runs wordpress
<patdk-wk> lordievader, autoupdates
<Voyage> patdk-wk,  isnt php ran by apahce?
<lordievader> On most of my wordpress stuff ww-data can only read.
<Voyage> patdk-wk,  isnt php ran by apahce/www-data?
<lordievader> patdk-wk: That is broken here ;)
<patdk-wk> Voyage, only if your insanely lazy, and use mod_php
<Voyage> patdk-wk,  actually I did... well, In installed apt-get apache2 php5 and it all went by itself
<patdk-wk> use php5-fpm
<jrwren> and then there is this: https://insights.ubuntu.com/2015/04/22/rewriting-wordpress-juju-charms-for-security-and-ha-on-openstack/
<Voyage> fpm?
<jrwren> ut oh, sounds like the wordpress chapter of the server guide needs some rewriting too.
<Voyage> hm.. this sounds sane but I have read a lot
<Voyage> so there are no simple things.
<Voyage> I wonder how cpanel and web hosts do stuff. they deliver my theory in practical terms
<patdk-wk> if things where simple, everyone would be doing it, and no one would have problems :)
<patdk-wk> I would say, making a nice apparmor wrapper for wordpress would work great
<patdk-wk> but would also be annoying to make and maintain
<lordievader> And so no one does it ;)
<patdk-wk> I did, it worked, till 4.1.2 last week
<patdk-wk> I have to work on it again
<lordievader> Hihi ;)
<patdk-wk> and now we are on 4.2.1
<Voyage> hm
<Onionnion> I'm trying to add rules to UFW to deny some IPs that are showing in our logs, but when I add them I still get traffic from them
<Onionnion> I'm using 'sudo ufw deny from <ip>'
<Onionnion> and in ufw status it is loaded
<Voyage> no rewrite logs appearing. did LogLevel        alert rewrite:trace5. I dont think rewrite is even working. How can I redirect every page to google.com?
<lordievader> Onionnion: Could you paste the output of 'iptables-save' and state the ip you are trying to block?
<jpds> Onionnion: Pastebin: sudo ufw status verbose
<Voyage> I am only redirecting by .htaccess file. do I need to enable mode_rewrite?
<patdk-wk> you can't redirect in .htaccess without mod_rewrite
<maxb> Voyage: Which modules you need depends on which functions and configuration you want to use - *not* which file you put the configuration in
<Onionnion> jpds, http://pastebin.com/6Zv0EZQp
<Onionnion> trying to block 24.123.82.46 and a couple others
<maxb> patdk-wk: Why do you say that? Redirect is valid in .htaccess scope
<patdk-wk> does that not depend on rewrite mod?
<maxb> no
<patdk-wk> oh he was using wordpress though
<jpds> Onionnion: Which port are you trying to block?
<patdk-wk> that does depend on mod_rewrite
<lordievader> Onionnion: Could you pastebin the iptables-save too :)
<Onionnion> jpds, trying to drop anything from it
<Onionnion> lordievader, on that now
<lordievader> \o/
<jpds> Onionnion: Your problem is that the DENY comes AFTER the allows.
<Onionnion> ahh
<lordievader> Ah, yes. Indeed.
<Onionnion> ufw instert ?
<Onionnion> insert*
<jpds> Onionnion: Yep.
<jpds> Onionnion: Also, blocking by individual IP like this is never going to scale.
<lordievader> Onionnion: Take a look at ipset.
<Onionnion> jpds, we've been getting hard traffic from these 4 specific IPs over the weekend
<jpds> Onionnion: On specific ports?
<Onionnion> jpds, haven't checked ports, but they're requesting a wpad.dat and it's been so hard that it's brough apache down a few times
<Onionnion> over 5000 times within the most recent access.log
<jpds> Onionnion: You could try something like: sudo ufw delete allow 80/tcp && sudo ufw limit 80/tcp
<Onionnion> not familiar with limit
<jpds> Onionnion: 6 new requests/IP/30 seconds.
<Onionnion> well it's only been from 4 specific ips
<maxb> A limit that strict sounds like it could impact normal website serving
<patdk-wk> it would
<maxb> wpad == web proxy auto discovery - therefore this sounds like it could just be incompetent config rather than malicious activity
<lordievader> maxb: The point there is that it only limits sources which show a lot of connection in a short period. Normal serving should not show that behaviour.
<lordievader> But as allways, it's a trade off.
<patdk-wk> why not just add a rewrite 403 rule to the wpad?
<patdk-wk> apache can easily handle thousands of those per second
<maxb> All you need is a couple of users behind a NAT browsing a site with a moderate amount of images / css / js files, and you'd trivially hit [B[B[B[B[B[B[B6 new requests/IP/30 seconds
<patdk-wk> I routinely hit 50 connections per ip
<patdk-wk> and giving a single browser will only do 6
<patdk-wk> Philippines have a huge /24 of just proxy servers that just blast out requests
<patdk-wk> smaller, block, but more traffic, than aol
<maxb> 6? I thought the common browser connection limits were 4 or 2?
<patdk-wk> 4-6
<OpenTokix> Onionnion: If it is a problem, rate-limit port 80
<OpenTokix> with iptables
<frickler> anyone into systemd here yet? I'm having trouble with my rc.local being run before network is up on vivid. And yes, I know it is kind of legacy to use that :-"
<lordievader> frickler: Convert the actions taken there to a systemd script?
<frickler> yes, might be possible, but this comes from an auto-install system that at the same time still should work with 12.04
<jkyle1> I'm seeing the hostname service is masked in ubuntu 15.04
<jkyle1> why's this?
<cluelessperson> Hey guys
<cluelessperson> I must have moronically typed a command wrong, my user doesn't appear to be sudo anymore.
<cluelessperson> How can I add myself to sudo again without root access?  Can I boot into a recovery mode or something?  I do have console
<balloons> cluelessperson, without root you'll need to boot via recovery and access root that way, re-edit the file, then continue
<diegoaguilar> lordievader,
<diegoaguilar> good morning
<swizgard> lordievader: commenting the dns= line in NetworkManager.conf was exactly the right thing!
<swizgard> thank you 1000x
<K4k> I have a question about running an Ubuntu release mirror. I've got it all set up and it works great but there is a small stylesheet issue with the page. When I look at any release mirror page it has background colors and font colors to match the Ubuntu color theme but my Ubuntu release mirror does not have the background colors.
<K4k> The CSS is coming from an @import in the <style> tag in the header and the page is formatted correctly w/ the exception of the colors.
<K4k> Does something need to be enabled in apache2 to make this work?
<t4nk842> ola
<diegoaguilar> Hello, I have an issue while running a ssh server on a new 14.04 server
<diegoaguilar> I reviewed everything, from ports, firewall and daemon but cant login
<diegoaguilar> I posted a question here with whole extended details http://serverfault.com/questions/687019
<teward> diegoaguilar: sshd is listening on 127.0.0.1
<teward> diegoaguilar: that's localhost, and that means local to the system only.
<teward> you need to tell sshd to listen on a different IP, either the internal IP on the system or 0.0.0.0
<teward> (which is AnyIP)
<teward> diegoaguilar: can internal traffic reach the box?
<diegoaguilar> teward
<diegoaguilar> that was it
<diegoaguilar> god damn it
<diegoaguilar> BUT before, the new brand installed ssh HAD *
<diegoaguilar> ListenAddress *
<diegoaguilar> and wasnt working
<teward> yeah that's not nice
<diegoaguilar> any reason why it would be like it
<teward> but ListenAddress LocalIP    or ListenAddress 0.0.0.0 and ListenAddress ::   might solve it
<teward> diegoaguilar: no idea, I usually don't use a default config file for SSH
<teward> i have one that i just copy into place
<teward> (with a lot of additional configuration needed on my servers)
<teward> diegoaguilar: i answered that question as well, you may want to check
<diegoaguilar> thanks teward
<diegoaguilar> I accepted ur answer
<teward> is there a server team meeting this week>
<jkyle> when installing wireshark on 15.04 I get errors from policykit
<sarnold> jkyle: can you pastebin the command you ran and the errors you got?
<lordievader> swizgard: No problem ;)
<jkyle> sure
<hallyn> utlemming: smoser: when I fire up a vivid image using uvtool (i.e. cloud images), the image doesn' tseem to send its hostname to dhcp.  After a reboot, it does.  (so i can query the hostname of my 192.168.1.1 ns)
<hallyn> with trusty it immediately works.  i'm not sure with cloud-init in the pictur where th eproblem would be
<jkyle> sarnold: https://gist.github.com/jameskyle/6b182a013814d4e2f3f2
 * teward waves at sarnold
<sarnold> jkyle: please file a bug against systemd for that
<sarnold> jkyle: I don't know what it hsould be doing but probably not that :)
<sarnold> heya teward :)
<teward> sarnold: got a few minutes for a PM?
<sarnold> teward: sure
<jkyle> sarnold: triggers are a apt packaging stage, right?
<sarnold> jkyle: I think dpkg
<jkyle> right. so this isn't a systemd error
<sarnold> I'm assuming it is an error in systemd's triggers or pre/post inst/rm hooks
<jkyle> it's a packaging error, if I recall systemd doesn't need policykit anymore. so probably shouldn't be triggering any changes in policykit
<smoser> hallyn, how does uvtool set its hostname ?
<sarnold> jkyle: either way, pitti will nkow what to do :) the easiest way to get it on his plate for a fix is a bugreport against systemd
<smoser> hallyn, i think its just a race condition
<smoser> i think you were just lucky on trusty
<smoser> pretty sure that in both cases, ifup eth0 is not blocked on finding the datasource which provides cloud-init its hostname
<hallyn> rbasak: offhand do you recall how uvtool sets the hostname on create?  Doe sit do it through user-data?
<hallyn> maybe setting the hostname triggers an action under upstart which it doesn't under systemd?
<smoser> hallyn, it uses NoCloud dataosoruce
<smoser> pretty sure.
<smoser> so i'm pretty sure you were just lucky before
<hallyn> then how should that be fixed so we are always lucky?
<Vasquez2> Anyone heard of a mobo with dual nic swapping the mac addresses when the eth cable is swapped to the other port?
<rbasak> hallyn, smoser: through userdata. The datasource that cloud-localds creates.
<rbasak> I'm not sure how I feel about dhclient sending hostname from cloud-init. It means the logic has to be the other way round when the hostname is picked up from DHCP+network metadata. So it seems like a nice-to-have for development and debugging perhaps, but nothing should rely on it, and it'd have to be a feature in cloud-init to cope well with both cases.
<rattking> Vasquez2 the bonding driver can do that now
<Vasquez2> Neat, thanks
<rattking> (if your switch supports it)
<Vasquez2> some kind of magic packets to re-auth?
<rattking> I am not sure how active-backup works off the top of my head
<diegoaguilar> Hello, Im running a linux server, on every ssh login I get a message at server like
<diegoaguilar> FAT-ds (sdb1): FAT read failed (blocknr 34)
<diegoaguilar> what should I do
<xcyclist> I'm getting a warning when trying to upgrade an AWS ubuntu Ubuntu 12.04.5 LTS \n \l, and it warns me not to do it on an SSH connection.
<xcyclist> What is recommended instead?  We only have ssh connections to this cloud server?
<sarnold> xcyclist: I think I'd try it in tmux or screen so if your ssh connection dies, you can at least try to re-attach
<xcyclist> Ok.  I'll look at those.  Thank you.
<jrwren> why does a cloudimg install OOTB not ask me for a password to sudo as ubuntu user, but lxc does?  shadow entry for ubuntu is same and sudoers file is same on both.
<xcyclist> Okay, I am in tmux, but perhaps I don't understand.  It still seems to require ssh access on top of tmux, right?
<xcyclist> Oh, I guess that is implied in your statement.  Sorry.
<xcyclist> It also makes the statement:  If you continue, an additional ssh daemon will be started at port  '1022'.
<sarnold> xcyclist: be sure to run tmux on the aws instance, not the local machine :) well, nothing wrong with running it locally, too, if you want...
<jrwren> last time I ran do-release-upgrade it automatically started a tmux or screen for me. FYI
<sarnold> jrwren: check the /etc/sudoers.d/ directory?
<sarnold> jrwren: oo nice ;)
<jrwren> sarnold: yes, that is it. strange that #includedir /etc/sudoers.d
<jrwren> looks like a comment. its NOT a comment ;(
<sarnold> heh especially bad with a grep -v ^# ...
<jrwren> thanks sarnold
<sarnold> *ahem* I'm halfway guilty of the same bad decision elsewhere, though... "but #include is standard cpp, it'll be familiar:
<jrwren> yes. looks like cpp, still odd when # is a commnt. I get it. it is still surprising.
<jrwren> I don't know that I've ever seen #include work in a language where # is a comment :)
<jrwren> I have now :)
<sarnold> apparmor, too. fwiw we also support plain 'include' but.. no one uses it. go figure. :)
<hallyn> rbasak: uvt-kvm switch which sets a userdata bit which says sned the hostname?
<jrwren> hallyn: you could likely ifdown eth0; ifup eth0; instead of reboot to restart dhclient and trigger the hostname send.
<tyler_wy1ie> Greetings; I am wondering if anyone here has done a preseed.cfg for any of the newer releases of Ubuntu Server(we're using 14.04 specifically) and can help point me in the right direction
<hallyn> jrwren: i'd have to get inside to do that :)  yes i could use cloudinit to do that, but i'm looking for a "it just works" way
<jrwren> hallyn: --run-script-once when you uvt-kvm create ?
<jrwren> hallyn: or is that not IJW enough?
<hallyn> right, it's not IJW at all
<tyler_wy1ie> Or if someone knows of a better way to deploy a large amount of Ubuntu servers with the same config; pretty barebones install actually
<hallyn> if it was only for myself i'd be ok with it, but i can't be the only one who spins up a new fm then ssh's to '<vm-name>.lu'
<sarnold> tyler_wy1ie: I know a channel regular used FAI -- fai-server, fai-client, fai-doc packages, http://fai-project.org/ -- you can also try to use maas (not really it's main purpose) or landscape (commercial)
<tyler_wy1ie> sarnold: thanks, we will be checking out a few of these options :)
<xcyclist> It finished without a disconnect anyway.
<sarnold> xcyclist: nice :)
<rattking> tyler_wy1ie: FWIW I use FAI on a wide variety of hardware with great success
<tyler_wy1ie> rattking: I'm reading through the documentation right now, seems like it will do what we want.  C
<tyler_wy1ie> rattking: Checking out Landscape too
<rattking> cool. good luck. you can do about anything with fai and scripts.
<tyler_wy1ie> Yea we'll just be doing barebones OS installs for clients; but manually doing it through iLO is a pain in the ass
<rbasak> hallyn: the awkward thing is that although in the uvtool case the userdata (and thus the hostname set in there) can be known before DHCP, in the general case it cannot.
<rbasak> Unless I'm mistaken about that.
<rbasak> I'm assuming that there exist datasources which require DHCP to have happened to be able to retrieve userdata.
<rbasak> Anyway, it's a cloud-init thing.
<rbasak> uvtool will do whatever cloud-init does.
<rbasak> I have no objection to uvtool setting userdata by default causes cloud-init to send the hostname set by userdata in the DHCP request.
<mojtaba> Hi, Is there any web based monitoring tools for servers? (I have three servers and I want to monitor them all at once.)
<sarnold> mojtaba: i've heard good things about elasticsearch and kibana, e.g. http://blog.trifork.com/2013/11/28/use-kibana-to-analyze-your-images/ -- but it all looks bit .. dashboardy to me, it's hard for me ot see the utility there.
<mojtaba> sarnold: thx, I will check them
#ubuntu-server 2015-05-05
<zaggah> Greetings
<zaggah> new here
<zaggah> can anyone tell me if vnc works on latest ubuntu server
<zaggah> It loads at startup but I cant seem to connect to it
<zaggah> I am trying to run a headless server for mythtv
<harushimo> http://www.ubuntu.com/download/cloud/install-ubuntu-openstack
<harushimo> does this need to be on every node?
<sarnold> harushimo: no; maas and landscape will know how to install ubuntu and openstack on the other nodes
<harushimo> those instrucations are reflecting for the main node
<harushimo> I mean instructinos
<harushimo> I mean instructions
<sarnold> harushimo: yeah; thanks for the link, that looks really useful :)
<harushimo> not a problem
<harushimo> This is my 6th attempt at openstack
<harushimo> I get closer everytime
<sarnold> I know the feeling.
<harushimo> one tip about maas.ip
<harushimo> to get the page: you need the ip of the VM and load it in the browser
<sarnold> whenever I lose one of my machines, I always use nmap to find it again; nmap 192.168.1.0/24 -p 80   or something like that, to scan the subnet for port 80
<harushimo> interesting
<sarnold> (I almost always scan for ssh on 22 instead of httpd on 80, since the machines I care about more often have ssh open, but 80 might be faster to find a machine with web control thingy live..)
<harushimo> right
<boukmandutty> Need some help configuring a headless server
<boukmandutty> cant seem to get vnc to load properly at boot
<sarnold> boukmandutty: what errors are you gettting?
<boukmandutty> I get this
<boukmandutty> Active: active (running) since Mon 2015-05-04 22:40:59 CDT; 10min ago
<boukmandutty>   Process: 933 ExecReload=/bin/kill -HUP $MAINPID (code=exited, status=0/SUCCESS
<boukmandutty> oops
<boukmandutty> typo
<boukmandutty> vncserver.service - (null)
<boukmandutty>    Loaded: loaded (/etc/init.d/vncserver)
<boukmandutty>    Active: active (exited) since Mon 2015-05-04 22:41:06 CDT; 11min ago
<boukmandutty> I notice it exits when booting up
<boukmandutty> I had set it to load at boot
<sarnold> boukmandutty: anything in the logs?
<boukmandutty> But I am then able to load it once I log into lxde
<boukmandutty> 04/05/15 22:41:05 Xvnc version TightVNC-1.3.10
<boukmandutty> 04/05/15 22:41:05 Copyright (C) 2000-2009 TightVNC Group
<boukmandutty> 04/05/15 22:41:05 Copyright (C) 1999 AT&T Laboratories Cambridge
<boukmandutty> 04/05/15 22:41:05 All Rights Reserved.
<boukmandutty> 04/05/15 22:41:05 See http://www.tightvnc.com/ for information on TightVNC
<boukmandutty> 04/05/15 22:41:05 Desktop name 'X' (ubunserver:1)
<boukmandutty> 04/05/15 22:41:05 Protocol versions supported: 3.3, 3.7, 3.8, 3.7t, 3.8t
<boukmandutty> 04/05/15 22:41:05 Listening for VNC connections on TCP port 5901
<boukmandutty> Font directory '/usr/share/fonts/X11/Type1/' not found - ignoring
<boukmandutty> Font directory '/usr/share/fonts/X11/75dpi/' not found - ignoring
<boukmandutty> Font directory '/usr/share/fonts/X11/100dpi/' not found - ignoring
<boukmandutty> ** Message: main.vala:99: Session is Lubuntu
<boukmandutty> ** Message: main.vala:100: DE is (null)
<boukmandutty> ** Message: main.vala:110: No desktop environnement set, fallback to LXDE
<boukmandutty> Xlib:  extension "RANDR" missing on display ":1".
<boukmandutty> ** Message: main.vala:131: log directory: /home/boukmandutty/.cache/lxsession/Lubuntu
<boukmandutty> ** Message: main.vala:132: log path: /home/boukmandutty/.cache/lxsession/Lubuntu/run.log
<boukmandutty> I am running ubuntu server 15.04
<boukmandutty> The full message when I run "systemctl status vncserver.service -l" is as follows
<sarnold> .. please use a pastebin :)
<boukmandutty> http://pastebin.com/nfAdbkyC
<sarnold> thanks :)
<boukmandutty> Sorry about the flooding above
<boukmandutty> Havent used irc in a bit
<sarnold> what's in /home/boukmandutty/.vnc/ubunserver:1.log
<boukmandutty> http://pastebin.com/QV66TZFK
<sarnold> boukmandutty: it looks like it shuold be working fine; it starts an X server on :1 listens for connections on tcp port 5901, starts the lxde window manager / environment..
<sarnold> boukmandutty: does netstat -anp | grep 5901 show it listening?
<boukmandutty> Xtightvnc as listening but I am wondering if that is because I restarted it after loggin into lxde
<sarnold> ah could be
<boukmandutty> i am going to reboot and try again
<boukmandutty> Interesting it still shows  cp        0      0 127.0.0.1:5901          0.0.0.0:*               LISTEN      1048/Xtightvnc
<boukmandutty> but I cant connect from another machine
<sarnold> hmm
<sarnold> it's bound to localhost; I wonder if a public IP is available when it is starting?
<boukmandutty> Do you think I should try setting a static ip instead of DHCP ?
<sarnold> boukmandutty: check the configs, see if it is set to bind to localhost or if it is set to bind to * or 0.0.0.0 -- this one may be a bug...
<sarnold> boukmandutty: not yet
<sarnold> boukmandutty: if you want to for other reasons, go ahead, but this might be easier to reproduce with dhcp..
<boukmandutty> ok
<boukmandutty> You mean the configs for vncserver?
<sarnold> yeah
<boukmandutty> Neither .vnc/xstartup nor /etc/init.d/vncserver have say anything about an ip address
<sarnold> is there an /etc/defaults/*vnc* or /etc/*vnc* that would have such an address?
<boukmandutty> I dont seem to have either of those folders
<boukmandutty> trying to search to see where ubuntu server keeps the equivalent
<sarnold> boukmandutty: time for me to bail, have fun, good luck :)
<boukmandutty> hey
<boukmandutty> thanks for the help man
<boukmandutty> appreciate it
<sarnold> you're welcome, I just wish we'd cracked this one first.
<boukmandutty> know of any other way to adminsiter headless server?
<boukmandutty> any other program i can use?
<sarnold> I just ssh in
<boukmandutty> ok will try that
<sarnold> ssh X forwarding suffices for the handful of times I might want a GUI running on another machine..
<sarnold> ssh -X -Y hostname virt-manager &    for example
<boukmandutty> i will  try ssh in and then running the vnc for now
<boukmandutty> since it loads after startup
<Voyage> I just created an amazon ec2 which requires me to login to ssh via a key.pem. that I am able to but now I want to add new users but not share the key. What I did was, created a new user and gave him password. Tried to login by ssh again but now it says  "Permission denied (publickey)." why so?
<cluelessperson> so I rm  ed a log file, mail.log and it doesn't seem to have come back yet
<cluelessperson> I'm trying to troubleshoot an issue
<Voyage>  I wonder WHY everyone can read a file that I created......-rw-rw-r--  1 developer developer-group        5 May  5 06:36 abc . I just used nano. if this is default behaviour of linux to give world wide read persmissions to any file that is creatd by any user; its bad. no?
<bradm_> Voyage: its configurable - read up about umask.  umask 006 will make it not world readable.
<ogra_> no, it is good in collaborative multiuser environments ... you can always create a folder that only you can read and put your secret stuff in it as a user ... or as a sysadmin you can change the systemwide umask
<Voyage> hm. but I though everything in /home/<user> is private and should not be implicitily    r   by all
<bradm_> what makes you think that?
<ogra_> see /etc/login.defs there is an explanation in the comment section above the UMASK option
<Voyage> I created a file, it has -rw-rw-r-- <-- this makes me thingk
<bradm> that makes you think its private?
<Voyage> the /home/user. is always private.. thats what home means
<bradm> no, it really doesn't.
<Voyage> hm
<ogra_> it only means it is your space on the filesystem, nothing more
<bradm> you're making an invalid assumption, things are default setup as world readable - if you want to change it, fix the umask - either in /etc/login.defs, or in your private login files or similar
<ogra_> if it is private or not is up to the sysadmin to decide
<lordievader> Good morning.
<jamespage> morning
<caribou> Hi, is there a way with upstart to force a job to run before runlevel jobs kick in ?
<caribou> I need to make sure that kdump runs before the Runlevel 2 jobs start, otherwise CEPH OSD start during a kernel dump
<ozanhazer> hey... anybody know where the lxc container config files are when lxd is used?
<william_home> jamespage: I'm not always online but have you seen the bug report for the duplicate manpage in the cloud archive repository for ceph and ceph-deploy?
<Teduardo> hmm, i'm still having throughput issues.. ahhhh lol
<ozanhazer> Hi.. Where should I put my custom init script in ubuntu 15.04? /etc/systemd/system/my-custom.service or ..?
<rbasak> ozanhazer: I believe that's the right place, yes. I'm not sure though.
<ozanhazer> hmm /etc/systemd/system/multi-user.target.wants is better maybe.. thanks rbasak
<Teduardo> I'm copying from one NVMe drive to another NVMe drive over NFS @ 10Gbps and I'm only getting 426MB/sec
<Teduardo> boo
<lordievader> Teduardo: To me that is still quite impressive ;)
<Teduardo> unless you were the one that paid $2k each for the NVMe drives
<Teduardo> should easily be able to saturate 10G
<patdk-wk> heh?
<patdk-wk> why?
<patdk-wk> you have nvme speed to worry about, network latency, and tcp
<patdk-wk> did you tune your tcp for 10gbe?
<Teduardo> No, I assumed that 14.04 was pretty much tuned
<OpenTokix> Teduardo: it is not
<OpenTokix> Teduardo: What 10Gnics do you have?
<Teduardo> still iperf shows sustained line rate
<patdk-wk> tuning for 10gbe would cause 1gbe to suffer
<Teduardo> X710DA-2
<OpenTokix> Teduardo: For filecopy I would use dd and nc
<OpenTokix> if its single, very large files
<Teduardo> im still just testing/benchmarking everything
<OpenTokix> Teduardo: And your subsystem can handle suntained writes/reads at 1GByte/sec?
<Teduardo> One of the servers is dual E5 2620 and the other is a dual E5 2620v3
<Teduardo> i would imagine that the PCIe in those can do 1GB
<OpenTokix> But you said you copied files?
<OpenTokix> over nfs
<Teduardo> yes.
<patdk-wk> oh, nfs
<OpenTokix> Where does those files end up?
<Teduardo> mounted nvme => nfs => mounted nvme
<patdk-wk> that changes things a good amount
<OpenTokix> nfs isnt exactly superfast, and it is the nfs-kernel-server?
<Teduardo> but even doing dd bs=8m if=/run/shm/testfile of=/nvme/testfile it only does 500MB/sec
<Teduardo> which is insane
<Teduardo> from ram to an nvme
<Teduardo> 500MB?
<Teduardo> (locally I mean)
<Teduardo> on one of the systems
<patdk-wk> doesn't sound like your using nvme
<OpenTokix> Teduardo: you are talking about the PCIe SSD from intel? Newly released?
<Teduardo> yes, the DC P3700
<patdk-wk> what slot in your motherboard is it in?
<patdk-wk> and what motherboard?
<OpenTokix> ok, 400GB?
<Teduardo> yeah, its the 400GB cause those were the only ones I could get.
<OpenTokix> That has 900MB/s sekvential write theoretical max
<Teduardo> on subsequent runs writing from local ram to local NVM sped up to about 685MB/s
<Teduardo> okay, reading from the NVM to the ram went at 1.3GB/s
<OpenTokix> Where they will shine is for random writes and reads at the time time
<OpenTokix> yes
<OpenTokix> 2,2GB/sec theoretical max
<Teduardo> okay so at least i know the NVM is reading at least 10Gbps
<OpenTokix> yes
<Teduardo> now i just need that to go through the NIC to the other machine.
<OpenTokix> How are they connected? p2p or via switch?
<Teduardo> just a da2 cable
<OpenTokix> ok
<Teduardo> seems like from nvme to the raid-10 fs locally it does about 480MB/s which i doubt is a real number
<OpenTokix> Why not?
<Teduardo> 8x4TB drives with default stripes...
<OpenTokix> Raid-10 on mechanical drives, have very fast sequential write/read performance.
<Teduardo> i thought it would be like ~300
<Teduardo> or i would be happy with a sustained 300
<Teduardo> the actual issue I am having is sustained throughput between a 8x4TB R-10 on machine a and a 8x4TB R-10 on machine B. the throughput in rsync stops at 200MB/s
<Teduardo> and drops down to 80MB regularly
<OpenTokix> Teduardo: What switches are you using for rsync?
<OpenTokix> And how much data and how many files?
<Teduardo> just rsync -a --progress src_file dst_file
<OpenTokix> ok
<Teduardo> but like i said it's over nfs
<OpenTokix> rsync is not so good for transfers of very large files 1Gbyte+ - since its hashing will use a lot of resources then
<OpenTokix> so try to slap on --whole-file
<OpenTokix> and see if its more liniar
<patdk-wk> 8 4tb disks should be approx 4*120MB/sec
<patdk-wk> sounds like 480MB is valid
<patdk-wk> rsync depends on filesize
<patdk-wk> the smaller the files, the slower it will go
<Teduardo> OpenTokix: it started at 218 then dipped down to 80 and now it's just bouncing between 218 and 80 every few seconds. it's a single 50GB file for this test.
<OpenTokix> Teduardo: ok, try --whole-file  - but rsync is not the best tool for that
<Teduardo> 174.32MB/s
<jrwren> iirc rsync doesn't rsync on a local system. it becomes copy.
<jrwren> if you are copying 1 file, using cp is going to use much less resources and be faster.
<Teduardo> yea, this is just a test to see what the hardware is capable of
<Teduardo> so that i can then yell at the software provider to see why it runs at 30MB/sec
<jrwren> from the man page for the -W option: "This is the default when both the source and destination are specified as local paths"
<jrwren> bonnie++ is a nice at telling of what hardware is capable
<Teduardo> well, its a client/server setup
<jrwren> ok. sounded like src_file and dst_file were both local paths. rsync doesn't know that one of those is NFS and do any magic.
<Teduardo> ah
<jcastro> jamespage, ping
<hallyn> rbasak: ok, i'll take a look at the code (next time it bugs me, which should be soon), thanks
<jamespage> hey jcastro
<jcastro> http://summit.ubuntu.com/uos-1505/2015-05-05/
<jcastro> there are two openstack sessions today
<jcastro> (they are currently white on the schedule, I am trying to make them green)
<jamespage> jcastro, hmm - not sure these are really uds topics?
<jcastro> well they were submitted and pat had me approve them
<jcastro> not sure what to do now
<jamespage> jcastro, who by?
<jcastro> https://launchpad.net/~su-zhang submitted the congress one
<jcastro> https://blueprints.launchpad.net/rally/+spec/rally-neutron-metering-scenarios is the other one
<jamespage> jcastro, I think these are confused - they should be targetting the openstatck design summit
<jamespage> not the ubuntu developer summit
<jamespage> rally is an upstream openstack project
<jamespage> and the congress/keystone conversation is similar to that - upstream oriented
<jamespage> william_home, hello
<william_home> jamespage: hello
<jamespage> william_home, this one - https://bugs.launchpad.net/cloud-archive/+bug/1450175 ?
<jcastro> jamespage, should I cancel them then?
<jcastro> and mail the individual folks?
<jamespage> jcastro, I would yes
<jcastro> ok on it
<william_home> jamespage: yes
<jamespage> redirect them to the openstack design summit submissions process
<jcastro> ack, I'll sort it
<jcastro> jamespage, are there any sessions you plan to have?
<Teduardo> i wish there was a way to know what resource it's running out of when the throughput backs off
<jamespage> jcastro, we have two on thursday
<jamespage> for openstack
 * jcastro nods, ok
<jamespage> jcastro, just checking with the ceph guys to see if they want to have one
<jamespage> william_home, I guess we could include an updated ceph-deploy - I am making the assumption that the newer version does not exhibit the same problem :-)
<william_home> jamespage: I have created from github a new package https://github.com/ceph/ceph-deploy
<william_home> but I guess that it woul be better that ceph-deploy gets its man page in its own package rather then that it is deployed in here: https://github.com/ceph/ceph/tree/master/doc/man/8
<william_home> oh and the package from github does not contain any man page :)
<smoser> rbasak, or anyone, i'm looking at getting python2 out of cloud-image
<smoser> i know that landscape-client and landscape-common are one of the reasons.
<smoser> i apt-get remove them.
<smoser> then,
<smoser> apt-get remove libpython2.7 python
<smoser> http://paste.ubuntu.com/10990424/
<smoser> how can i know why each of those things is there.
<smoser> as for example, i can:
<smoser> apt-get remove python-twisted-web
<smoser> and there are no additional things removed.. ie, it doens't look like its depended on.
<smoser> but 'apt-get autoremove' doesn't clean anything
<smoser> i know that vim is holding some stuff, but owuld like to know what else...
<smoser> looking for a way to do such a thing.
<rbasak> smoser: http://people.canonical.com/~ubuntu-archive/germinate-output/ubuntu.vivid/rdepends/python2.7/libpython2.7 maybe?
<smoser> but how do i know why 'python-serial' was there in the first place
<Odd_Bloke> smoser: http://people.canonical.com/~ubuntu-archive/germinate-output/ubuntu.vivid/cloud-image ?
<rbasak> python-serial isn't in that pastebin
<rbasak> http://people.canonical.com/~ubuntu-archive/germinate-output/ubuntu.vivid/rdepends/twisted/python-twisted-core though shows how that got in.
<rbasak> If you want libpython2.7 out of main, then http://people.canonical.com/~ubuntu-archive/germinate-output/ubuntu.vivid/rdepends/python2.7/libpython2.7 shows you what you need to clear.
<rbasak> (I think it follows both a and b for "a | b" though, so there will be some extra stuff in there)
<rbasak> If you only care about particular seeds, then just search the file for instances of the seed you're after.
<rbasak> 'apt-get autoremove' won't work because IIRC all the default stuff gets marked as "manually installed".
<rbasak> http://people.canonical.com/~ubuntu-archive/germinate-output/ubuntu.vivid/rdepends/twisted/python-twisted-core suggests that python-twisted-web got installed because of landscape-client.
<rbasak> But since autoremove doesn't work, I think a better approach is to follow the tree from germinate-output rather than trying to follow it with apt on a live system.
<Odd_Bloke> You could potentially write a 'for installed package { if package not in seed { mark package as automatically installed } }' sort of a script, but I don't know if that actually gains you anything.
<Onionnion> is there a way to see what packages would be upgraded and to what version with a do-release-upgrade without any changes made to the system?
<smoser> Onionnion, i dont know if theere is a dry-run for it or not. but you could:
<smoser>  back up /etc/apt/sources.list /etc/apt/sources.list.d
<smoser>  sed 's,<release-1>,<release-2>' -i /etc/apt/sources.list /etc/apt/sources.list.d/*
<smoser> apt-get update
<smoser> apt-get dist-upgrade --dry-run
<smoser> replace backd up sources.list
<Onionnion> so to just adjust the sources file to point to the newer release and dry-run in apt-get?
<Daviey> smoser: do-release-upgrade -s ?
<smoser> that'd ake sense.
<smoser> i didn't know if that worked any more
<smoser> but that'd do a ton of download and such if it id id
<DeMiNe0> I hate how vmware workstation's virtual network nat service will just randomly shit on you.
<mbroadst> hey is jeos and ubuntu-vm-builder dead? is there a tool that supersedes that combo?
<rbasak> mbroadst: cloud images, uvtool and mount-image-callback.
<rbasak> mbroadst: or alternatively the ubuntu core images I suppose
<rbasak> and snappy.
<ogra_> yeah, snappy ubuntu-core
<mbroadst> I got the impression snappy was sort of a coreos + docker competitor?
<jeffreylevesque> if i have a virtualbox instance of ubuntu server 14.04, can i access the default webcam of the server?
<bekks> Depends on how it is connected to your computer, technically.
<mbroadst> rbasak: I guess what I'm looking for really is something that allows me to automate the creation of a raw ubuntu-baed disk image
<mbroadst> ubuntu-server based image that is
<ogra_> mbroadst, snappy is embedded, cloud ... soon the base for desktop and phone too ... and yes, you can use a docker framework on top of it
<ogra_> essentially it is the future design of ubuntu
<rbasak> mbroadst: start with a cloud image. Use mount-image-callback to modify it. Create /var/lib/cloud/seed/nocloud/ inside it, and userdata and metadata files for cloud-init.
<rbasak> mbroadst: then just boot that image.
<rbasak> mbroadst: see the output of "cloud-localds" for an example of userdata and metadata files
<mbroadst> rbasak: so you're suggesting cloud images + uvtool over snappy then
<rbasak> mbroadst: depends on what you're trying to do.
<rbasak> snappy is a great new model with many improvements over the traditional model.
<ogra_> snappy currently still means you will have to roll your own project snap packages
<rbasak> But it involves having maintained snaps for everything you need (or you maintain them yourself)
<rbasak> Right.
<rbasak> If you already have stuff that fits the traditional model, you can use cloud images instead.
<ogra_> if you are willing to invest into that, snappy should be your choice, else use cloud images
<mbroadst> well what exactly constitutes a snap in this context, a single app like mysql, or a segment of the file system (/opt/something)
<rbasak> mbroadst: if you just want to fire up a VM, uvtool wraps that all for you.
<ogra_> a bundle ...
<rbasak> A segment of the file system
<rbasak> I suppose you could bundle everything you want into one snap.
<rbasak> (that you maintain yourself)
<ogra_> you can see a snap like a bundle of services confiugured in your preferred way
<mbroadst> and each of the snap are like a ro aufs overlay or something
<rbasak> But, for example, I don't want to maintain my own mysql snap - I want to use existing mysql packaging
<ogra_> i.e. i could roll lamp_ogra.snap which has my personal setup of mysql, apache etc in it ... and always re-use it ... installing it will run it in a confined corner of the filesystem ... if i messed up security or whatever nothing can break out of it ... if i add a fix and the fix is broken, snappy allows me seamless rollback of the whole snap
<rbasak> ogra_: anything on the roadmap for Juju integration?
<rbasak> I want separate snaps with relations between then :)
<rbasak> them
<ogra_> i guess so, i dont know the snappy roadmap yet (just changed teams)
<jeffreylevesque> so, if i have ubuntu 14.04 server in virtualbox, can i access the webcam?
<jeffreylevesque> ;'(
<patdk-wk> dunno, ask virtualbox
<rbasak> For a USB webcam? USB passthrough is not uncommon. KVM can do it I think. Maybe virtualbox can too?
<mbroadst> ogra_: seems like snappy requires a decent amount of user interaction. I'm trying to automate the build of reproducible images. Ideally I'd be using something like bitbake/yocto, but ubuntu certification is required by the customer
<ogra_> well, snappy surely comes closer to a bitbake or yocto binary result here
<mbroadst> okay maybe I'm missing the automated integration of snaps
<mbroadst> I'm checking out the webcam example
<ogra_> but it definitely is at a point where you have to do a bit more work still
<mbroadst> it seems like I can automate the building of the snaps
<mbroadst> but actually loading them in is manual
<mbroadst> I can't just pop out a raw disk image with the snaps in them right?
<rbasak> I presume the ability to build a snappy+snaps image is a primary use case for IoT. I would assume that you can do that.
<rbasak> mbroadst: so maybe try #snappy? They know far more about this than just me and ogra_ :)
<mbroadst> ah, right :)
<mbroadst> sorry got a little lost in the twenty tabs of concurrent reading over here :)
<rbasak> I am curious about the answer though
<YamakasY> has anyone a preseed template for softraid ?
<jrwren> is it me, or is this documentation simply wrong? http://upstart.ubuntu.com/cookbook/#pre-start
<sarnold> jrwren: what part/
<jrwren> it does not seem to mix with dpkg
<jrwren> i have a debian/upstart script and the stop; exit 0; causes the invoke-rc.d to return a non-zero exit which dpkg hates
<jrwren> I'd thought this was a common pattern, but it seems it isn't.
<sarnold> ahh :)
<jrwren> any suggestions or places to look?
<sarnold> no, sorry
<jrwren> decided to override the dh_installinst generated postinst. it works.
#ubuntu-server 2015-05-06
<harushimo> i'm running MAAS. I'm trying to get the images.  It doesn't show up
<sarnold> heya harushimo; what do you mean by "it doesn't show up"?
<sarnold> harushimo: note that downloading images can take a long time..
<harushimo> its starts loading the images and then it goes away
<harushimo> it says nodes deployed: 0
<harushimo> I'm trying to setting up on my master node
<sarnold> you won't be able to deploy nodes until the image imports finish, I don't think
<harushimo> how do I know when its finished? Is there an button?
<harushimo> I see a button to apply changes
<sarnold> dunno, I only ever saw the image importing at the command line..
<harushimo> can you teach me how to do it in the command line or refer to me a good document on it
<harushimo> No Ubuntu images have been imported. Ubuntu images are required to allow nodes to enlist, commission, and install.
<harushimo> I get this message every time
<sarnold> harushimo: it's been a few months since I tested, but I used "sudo maas-import-pxe-files" to import the images
<harushimo> its been awhile since I've seen that command
<harushimo> does anyone how to setup maas-region-controller
<harushimo> ?
<harushimo> The images aren't still importing
<lordievader> Good morning.
<Craig4who> Hi Guys
<Craig4who> does anyone know when Ubuntu will be supporting 32BIT EFI? really need to use ubuntu on some Atom Tablets, but finding it tricky
<Walex> Craig4who: "really need" usually means that you would be willing to pay Canonical to do custom work for you, or else it is not "really need".
<Craig4who> ok so currently its not supported but i would need to contact Canonical for support
<Craig4who> would they cover me under a paid subription, or would it be classed as a project, with a one off payment?
<Walex> I am not related to Canonical.
<Walex> note that "really need" could mean also that you or a contractor you hire would roll your own.
<Craig4who> ok. Can you recommend anyone contractor?
<Walex> anyhow I think that Canonical have a consulting arm
<Walex> can't recommend contractors...
<Craig4who> ok mate. Thanks for your response appreicate it
<Walex> but also note that Caonical have a definite interest in tablets as well as (mainly) phones.
<Craig4who> ok thats good to know
<Walex> see this typical photo: http://www.canonical.com/products
<Craig4who> yea..
<Craig4who> makes sense
<Craig4who> ill have to contact them to see if they can help
<Walex> Craig4who: also note that a tablet is a bit of in-between: Ubuntu for phones is somewhat different from Ubuntu desktop, as to app delivery, and GUI, and a tablet could plausibly run either.
<Walex> Craig4who: probably Canonical are more interested nowadays in Ubuntu for phones running on a tablet.
<Craig4who> yea
<OpenTokix> What prevents you fro msending an email to them?
<Craig4who> nothing at all. Thought i would ask experts in here first see if anyone has experience
<Walex> http://partners.ubuntu.com/programmes/phone
<Craig4who> cheers
<samba35> i want to boot ubuntu pxe boot from another ubuntu pxe server
<samba35> i want to boot laptop from ubuntu server ,laptop has no harddisk/cdrom
<samba35> i have dhcp/dns server and laptop can boot with pxe
<genii> samba35: In your dhcp server config, use the next-server option to specify what machine it should boot from if it's not the one handing out the IPs
<samba35> yes but what other changes i have to make
<genii> samba35: You might find https://help.ubuntu.com/community/PXEInstallServer informative
<samba35> ok ,thanks
<Vexena> Anyone got some knowledge about upstart? I've got this script so far: http://pastebin.com/uDwFdVdz but would like to make that the jar runs under a unprivileged user instead of root
<Vexena> how could I implement that?
<jrwren> Vexena: http://upstart.ubuntu.com/cookbook/#setuid
<jpds> Vexena: https://superuser.com/questions/213416/running-upstart-jobs-as-unprivileged-users
<Vexena> will check that out, thanks
<kully3xf> how to change dns settings on startup on aws ec2
<jrwren> kully3xf: I called resolvconf from cloud-config cloudinit userdata script.
<jrwren> kully3xf: http://pastebin.ubuntu.com/10999046/
<kully3xf> righteous. Thanks!
<pedahzur> Well, this is frustrating. I just tried to upgrade my border router box from Ubuntu 10.04 to 12.04, and got this message from do-release-upgrade: "Your system uses an i586 CPU or a CPU that does not have the 'cmov' extension. All packages were built with optimizations requiring i686 as the minimal architecture. It is not possible to upgrade your system to a new Ubuntu release with this hardware."  Any recommendations for a Linux distro that
<pedahzur> doesn't require 'cmov' or other i686 specific instructions?  Really don't want to throw out the hardware, and 10.04 is no longer supported, so...
<dasjoe> pedahzur: you might have more luck with some BSD, maybe take a look at pfsense for a router?
<pedahzur> dasjoe: Possibly. Just wanted to remain with something familiar.
#ubuntu-server 2015-05-07
<stanford_drone> able from July to October (inclusive, preferably), please let me know! Send a resume at roitman@cs.stanford.edu or message me.
<stanford_drone> <stanford_drone> Our startup got funded! We're going to Shenzhen, China to build a personal gaming drone. This is a flying robot that you can play with. It mostly uses computer vision and Artificial Intelligence. We're looking to hire one or two more linux C++ programmers to join us during the summer. If you know any good programmer available from July to October please let me know! Send a resume at roitman@cs.stanford.edu or message me.
 * sarnold mumbles something about not even good at spamming, must be a crack team..
<mgriffin> How can I tell why this update urgency=medium vs the previous urgency=low:
<mgriffin> http://changelogs.ubuntu.com/changelogs/pool/main/l/linux-meta/linux-meta_3.19.0.16.15/changelog
<rbasak> mgriffin: urgency is ignored in Ubuntu. I think the default produced by dch changed at some point, so you see different things depending on what release the developer used to write the changelog.
<sarnold> mgriffin: huge guess, the .14 version was the release version, the .15 version is an update: https://launchpad.net/ubuntu/+source/linux-meta
<sarnold> mgriffin: but I think the urgency field is moreor less ignored by everyone and everything
<sarnold> rbasak: ah :) that makes more sense
<sarnold> 'cause really, I'm surprised it changed
<rbasak>  It has some effect in Debian. Something to do with unstable->testing migration timing maybe?
<rbasak> I guess they wanted the default changed for something related to that.
<mgriffin> rbasak: thanks
<jak2000> hi all why cant add a user? see please: http://pastie.org/10174924  any advice how to fix it?
<sarnold> jak2000: I bet the user was created; check /etc/passwd and /etc/shadow to see if the records are there
<sarnold> jak2000: -maybe- it tries to create the group first, and dies if it can't create the group.. but that's not quite what the log says.
<jak2000> not exist
<sarnold> jak2000: if the user doesn't exist in /etc/shadow and /etc/passwd, then look for an /etc/group.LCK file or something similar; I forget the name but it ought to be easily visible if it is still there
<jak2000> the user
<jak2000> exist 2 files: group   group-
<sarnold> dang, that's just a backup file. nothing special there.
<sarnold> jak2000: try it again?
<jak2000> sarnold: http://pastie.org/10174932
<jak2000> http://pastie.org/10174947
<jak2000> sarnold: http://pastie.org/10174956
<sarnold> jak2000: that
<sarnold> that's crazy.. anything in dmesg?
<lordievader> Goodmorning.
<kevinde> I've got a upstart script for a bot that connects to my teamspeak server that's running after network adapters started, but it only starts after about 60 seconds cause the first connect my teamspeak server isn't up yet, is it possible to run a upstart script after a init.d script started?
<remix_tj> kevinde: why you don't convert teamspeak init script to upstart?
<remix_tj> kevinde: check this, in case http://serverfault.com/questions/370417/upstart-start-service-after-non-upstart-process
<remix_tj> could be useful.
<kevinde> well i have pretty basic knowledge about scripting, but I guess that should be the best option
<kevinde> thanks for the help
<hariom> How to know which dns server name my server is using?
<hariom> I have setup a DNS server and in the interfaces file of another server, I have given dns-nameservers ip as the ip of DNS server. But How can I verify that it is working fine?
<lordievader> hariom: cat /etc/resolv.conf and nslookup?
<davegarath> hariom: try to use dig to resolve something
<hariom> lordievader, davegarath: Thanks. dig and nsloopup worked fine
<hariom> on my one of the servers, I have firewall off (IP table flushed, ufw disabled). I am able to ping this server from other servers and other servers are also able to ping this server. But from remote server if I ssh into this server, it says 22 connection refused
<hariom> From local server, I am able to ssh into remote server but from remote server I am not able to ssh into local server. Both servers are able to ping each other
<hariom> nmap <localserver ip>  shows that all 65535 ports are closed
<Sling> hariom: what does lsof -i:22 show?
<hariom> Sling: "lsof -i:22" doesn't give any output
<Sling> hariom: then there is no sshd running on this server
<Sling> sudo apt-get install openssh-server
<hariom> Sling: I have openssh-server installed. I see ssh directory in /etc/ with sshd_config file. Also on my remote server, If issue the "lsof -i:22" I don't get any output but I am able to do ssh from remote server to another remote server
<hariom> Sling: "sudo service ssh status" shows Service ssh/running
<Sling> hariom: ah you should do lsof as root, or sudo lsof -i:22
<hariom> Sling: ok, I purged openssh-server and installed again and now I am able to ssh from remote server to local system. Looks like something was wrong in openssh-server package
<hariom> Sling: Yea, "sudo lsof -i:22" gives output
<arcsky> anyone know a file integrity manger (FIM) for linux machines?
<xnaveira> hi, i'm installing ubuntu 14.04 with preseed and my network config gets overwritten: https://bugs.launchpad.net/ubuntu/+source/netcfg/+bug/1361902 Any solutions?
<zul> jamespage:  do you know what happened to the glusterfs MIR stuff?
<jamespage> zul, I think at a minimul we should have autopkgtest for installing packages in universe openstack components
<zul> jamespage:  so like trove, designate, etc?
<jamespage> zul, yah
<jamespage> zul, I also thing we should be aiming for functional test execution via autopkgtest as well
<zul> jamespage:  good idea
<zul> hallyn:  https://launchpad.net/~zulcss/+archive/ubuntu/libvirt-testing when it builds
<arcsky> anyone know a file integrity manger (FIM) for linux machines?
<Walex> arcsky: there are many, depending on what you mean with that.
<arcsky> i want it to sends (mail) if changing a file
<arcsky> or a report at least
<antix> you want "watch"
<hallyn> zul: if you don't hear from me can you remind me tomorrow?
<zul> hallyn:  of course
<hallyn> thx
<tyler_wylie> Does anyone here have experience with FAI?
<tyler_wylie> I've gotten insane progress on this just need help with some tweaking
<tyler_wylie> rattking: greetings; as well as you too sarnold
<sarnold> good afternoon tyler_wylie :) glad to hear it's working out alright :)
<tyler_wylie> it's almost there, right now it boots into a barebones ubuntu install with almost nothing included, even sudo... I can't get to root!
<sarnold> no sudo? wow.
<sarnold> that's .. brutally barebones :)
<tyler_wylie> yea and I don't know what root pw is or if it even exists XD
<tyler_wylie> followed this howto: http://wiki.fai-project.org/wiki/Installing_Ubuntu_Linux_with_FAI
<tyler_wylie> I was wondering if you guys might be able to help me finalize this
<rattking> tyler_wylie: you will need to make sure everything you want is in a package_config for your class
<tyler_wylie> rattking: within the PACKAGES aptitude UBUNTU section?
<rattking> I just have "PACKAGES aptitude" but yes
<tyler_wylie> is there an ubuntu-server metapackage?
<tyler_wylie> I don't see one; hrm
<genii> tyler_wylie: No, because it's a set of tasksel jobs
<sarnold> _maybe_ you can use ^ubuntu-server notation, apt at least understands that
<sarnold> but installing just the packages you need seems like the easier long-term approach; add in sudo, your favorite flavor of vim, nmap, nc, etc...
<tyler_wylie> sarnold, rattking looks like we're good now that I specified sudo I can get root; thanks so much for the help
<rattking> cool. NP
<sarnold> tyler_wylie: sweet :D
<tyler_wylie> I do need to convert DHCP from a per host to a pool;
<bekks> Someone may help me clarifying the use of puppet please? I'm stuck somewhere on how to setup a puppet server which should be used to deploy Ubuntu server instances, retiring the existing customaziation script used in a PXE server.
<bekks> Any ideas on this?
<bekks> Or did I get it wrong and puppet is for administering and customizing boxes AFTER they were deployed (however that happened)?
<tyler_wylie> bekks: I just actually set up a FAI server to deploy Ubuntu instances
<tyler_wylie> puppet is usually used after the fact for configurations, you are correct
<tyler_wylie> much like cfengine
<bekks> I just read it up - that involves the setup of another PXE/TFTP server, right?
<tyler_wylie> aye
<bekks> Well, I already have all that up and running :)
<tyler_wylie> However it also includes base packages to install, you can specify configurations
<bekks> I guess I'd just elobarate on my customazation scripts.
<bekks> The point is, that I have a lot of servers to deploy, which I'll never see again after deployment.
<sarnold> bekks: dd their drives?
<bekks> dd is the slowest of all chances.
<sarnold> I suspect it depends where the drives are coming from :)
<bekks> My PXE setup deploys my customized setup with 239s (measured).
<sarnold> if they are already in a server, I'd agree. if they're in a mylar bag ...
<tyler_wylie> you should puppet your pxe with a pxe puppet pxe
 * tyler_wylie makes inception noises.
 * bekks slowly drowns tyler_wylie - keep calm, it'll be over soon ;)
<bekks> I guess I'll just start scripting a post-install customization script collection, for keeping the PE setup simple and just deploying whatever the technician wants to deploy, after staging the server.
#ubuntu-server 2015-05-08
<tyler_wylie> hallo anyone up
<Patrickdk> !ask
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<tyler_wylie> rattking or sarnold you guys got a few to chat about fai? first server worked fine, following ones are failing nfs mount (can't parse ip addr '')
<harushimo> question about maas
<harushimo> Set the âRouter IPâ to the default gateway for this private network
<harushimo> what does this mean? I'm not following
<harushimo> Is it done when you use ifconfig?
<speck84> Hiya all
<speck84> I'm a student and I have never experiences the server version can somebody have a look on my assesment, and help me to decide can I use this service to comlite the scenario?
<speck84> You are working as a network server engineer. You have been assigned a new project to design,
<speck84> implement and support the network of a financial company which was established in 2014 in
<speck84> London.
<speck84> The company planning to use 60 client computers, two servers and four network printers, so that they
<speck84> can meet the company requirements. They should have a capability of sharing the printers, files in
<speck84> the file servers, and control all users according to the users needs and requirements, the company as
<speck84> well need to include Remote access services for employees required to access documents remotely.
<speck84> The company data should be treated on high level of security in terms of confidentiality and
<speck84> availability. So, all the machines within the network should be up-to-date with the new patches and
<speck84> service pack and latest security patches to avoid any security related issues. The company as well
<speck84> forecasting an expansion in the foreseeable future and hence you have to put in mind the capability to
<speck84> expand the network when needed (Scalability).
<speck84> The IT manager of the company decided to use a private IP address Range of 172.16.0.0 /12 to be
<speck84> distributed on all the network devices including the servers, workstation and printers, the network
<speck84> manager specifically asked for the following criteria to be fulfilled (Software availability, Scalability,
<speck84> maintainability and Technical support)
<speck84> Thats the project and I just don't know th eubunutu server can handel this job?
<speck84> My teacher sad it can not but I dont belive him
<maxb> I see no reason why not, but the use of "service pack" in the problem definition suggests it was written by a Microsoft devotee
<arcsky> anyone know a mangment tool for my ubuntu servers like windows SSCM ?
<Sling> arcsky: http://www.ubuntu.com/server/management
<maxb> Though, I can see that meeting that design brief with Ubuntu would require more up front work including probably writing some code
<arcsky> Sling: i have landsacpe isnt so good
<hackeron> hey, question - when I do dpkg -i ffmpeg_latest.deb - a package I created, dpkg says: downgrading ffmpeg from 7:2.5.6-0ubuntu0.15.04.1 to 20150507-git-1 -- why downgrading? - how do I make it think it is upgrading?
<jpds> hackeron: Because the epoch 7 is greater than epoch of none.
<jrwren> hackeron: what jpds said. the version number is less
<jpds> hackeron: Do a version string like: 7:2.5.6-0ubuntu0.15.04.1+git20150507
<hackeron> jpds: ah, ok, I changed the version to "999:20150507-git-1" :)
<hackeron> or is that not very sensible? - I don't want to ubuntu to ever upgrade over this package
<jpds> hackeron: Not really.
<hackeron> jpds: what would you do to prevent this package from being upgraded?
<OpenTokix> hackeron: read on apt-pinning
<jpds> hackeron: Better to just set a sane version string and hold it with: apt-mark hold ffmpeg-latest
<hackeron> ah, ok, thank you, reading up on it now
<zul> hallyn:  ping libvirt ;)
<jamespage> zul, juno nova is still not showing in proposed for utopic?
<zul> erm....lemme look
<hallyn> zul: oh, yeah, will set htat up thi safternoon.  url again?
<zul> gimme a sec on the phone
<hallyn> zul: (no worries, foudn it, setting up tests)
<zul> hallyn:  sorry
<hallyn> zul: i said no worries :-)
<foxbuntu> hey all, hoping someone might have some help with NFSv4 client. I have an export from a NAS mounted to a Linux server and Windows server. The windows server is setup to map to the same UID/GID as the Linux one. I transfered some data from Windows to the NFS share but it is not visable on the Linux server, any thoughts?
<thesheff17> anyone using snappy core? how does it handle people that use pip everywhere?  I'm guessing it doesn't.
<Voyage>  I started openvpn by service openvpn start on ubuntu but its not starting up. No errors shown. How can i debug?
<rsully> is the max open file descriptor limit still set to 1024 by default?
<sarnold> thesheff17: you may wish to ask in #snappy -- I think the general idea though is you vendorize it all, you pip download all your deps, package them up, and ship them in one big blob
<thesheff17> sarnold: cool yea I'm reading this doc http://www.wefearchange.org/2015/04/creating-python-snaps.html pretty sure this is what I want to do
<sarnold> Voyage: check /var/log/. there's usually something logged when things don't work
<sarnold> rsully: probably; the select() API isn't safe to use with more than 1024 descriptors, so raising the limit withut inspection is dangerous
<rsully> sarnold is that limit per-user or system wide?
<sarnold> rsully: per process
<Voyage> sarnold  modprobe: ERROR: ../libkmod/libkmod.c:507 kmod_lookup_alias_from_builtin_file() could not open builtin file '/lib/modules/2.6.32-042stab106.4/modules.builtin.bin'
<Voyage> run not enabled
<Voyage> it was working fine before
<sarnold> Voyage: 2.6.32?? what on earth...
<Voyage> dont know..
<Voyage> sarnold how can I enable tun
<wiredfool> I've got a trusty server, headless, that's hanging on reboot waiting for plymoutn-show-splash.  It's one of thee that appear to be setup similarly, but it's the only one that's doing this.
<wiredfool> an excerpt from the ps listing: http://pastebin.com/4puBZC1c
<sarnold> wiredfool: I think you can uninstall plymouth withuot any real consequences.
<wiredfool> There's a bunch of stuff that requires it
<sarnold> oh :/
<wiredfool> like openssh-server, linux-image-* ubuntu-minimal and ubuntu-standard
<Onionnion> so this weekend I'm doing a mail server upgrade from 10.04 to 14.04 which also has FTP. For mail it uses postfix and has a couple web interfaces via Apache. Of course full system backups will be made prior, but can anyone think of any specific changes I should have a concern about when upgrading through to 12.04 then 14.04?
<pmatulis> Onionnion: any special reason you need to continue to 14.04?
<Onionnion> pmatulis, for the most part, to guarantee the longest support
<Onionnion> without needing downtime for another major upgrade
<sarnold> Onionnion: apache 2.4 in 14.04 LTS drastically changed the authentication and authorization interfaces; it'd be worth spending some time with those docs before you start
<pmatulis> Onionnion: got it, but 12.04 is good for another 2 years.  anyway, there might be a grub problem going from 10.04 to 14.04.  while on 12.04 ensure grub2 is actually deployed on-disk (reboot and enter grub menu is a good way to check) b/c grub1 is not compatible with 14.04.  i have seen reports of unbootable 14.04 systems
<Onionnion> sarnold, thank you
<Onionnion> pmatulis, true, and there's been talks of moving the server from in-house to AWS, so going to 14.04 may not even be necessary when I think about it
<wiredfool> sarnold: I've moved /etc/init/plymouth-shutdown.conf to /etc/init/disabled, and that's solved it.
<wiredfool> (well that and ipmi chassis power cycling)
<sarnold> wiredfool: ha! I like it. :)
<wiredfool> And while I'm at it, when there are manually setup interfaces, networking hangs for 2 minutes waiting for them to be configured
<wiredfool> e.g: br0 inet manual, br0:1 inet static
<dasjoe> <wiredfool> like openssh-server, linux-image-* ubuntu-minimal and ubuntu-standard â Only ubuntu-standard *recommends* plymouth, so it should be safe to remove
<dasjoe> also, set your br0 to allow-hotplug instead of (allow-)auto
<hallyn> zul: well, tests seemed to pass fine until nested kvm hung.  i thought qa-regression-tests didn't use kvm itself
<zul> so +1?
<wiredfool> dasjoe: thanks, I'll give that a shot
<hallyn> zul: well i'm rebooting to see if i can easily commen tout the kvm test
<hallyn> (rebooting my server should also fix it, but then i lose a lot of containers :)
<zul> hallyn:  okies
<zul> hallyn:  containers are suppose to be short lived ;)
<smtp_not_working> Hi everyone, I'm having some trouble with smtp on an ubuntu+zimbra server
<smtp_not_working> Basically, I can send e-mail from the web interface, but if I configure thunderbird it won't let me send any mail
<smtp_not_working> It just pop up error with "4.3.0 temporary lookup error"
<smtp_not_working> Can you give any hints on how to solve this?
<sarnold> smtp_not_working: on whatever machine is running thunderbird, run "host <smtphostname>" for whatever you set the smtp hostname in thunderbird..
<smtp_not_working> Thunderbird is running on a windows machine
<sarnold> oh.
<smtp_not_working> Do you think it's that machine problem and not the server?
<sarnold> ping the hostname then? that should do a name lookup anyway..
<smtp_not_working> The ping return the correct IP address (ping mail.domain.com)
<smtp_not_working> Also, I can receive mail from thunderbird with that account
<smtp_not_working> I just can't send them
<sarnold> receive uses imap or pop, completely different protocol than sending
<smtp_not_working> Yeah, right
<smtp_not_working> I just don't know what to try
<smtp_not_working> Or what to test
<sarnold> ahh, 4.3.0 is coming from the smtpd server anyway. okay, then it's probably nothing to do with the thunderbird config or machine :)
<smtp_not_working> Ok, so it's a server problem. Damn.
<sarnold> smtp_not_working: well, good and bad.. good, in the sense that servers leave logfiles :) you might be able to spot the problem in the smtpd logs..
<smtp_not_working> smtpd you say, I'll go check where that logfile is
<sarnold> check /var/log/mail* or /var/log/syslog ..
<smtp_not_working> In zimbra I usually check logs of /opt/zimbra/log/mailbox.log
<smtp_not_working> But there's nothing there
<smtp_not_working> Will check your two options
<sarnold> I'm going to guess the mailbox.log is for local delivery or imap/pop rather than incoming ..
<smtp_not_working> there's this strange message: May  8 20:50:50 mta postfix/smtpd[63956]: warning: non-null host address bits in "192.0.0.41/24", perhaps you should use "192.0.0.0/24" instead
<smtp_not_working> 192.0.0.41 is the internal IP of the mail server
<sarnold> was an ACL set along the lines of allow_from = 192.0.0.41/24 ?
<smtp_not_working> I miss the meaning of ACL
<sarnold> access control list
<smtp_not_working> I've got that IP on my zimbraMtaMyNetworks
<sarnold> I think it would be worth changing that variable to 192.0.0.0/24 -- but it's just logged as a warning. it's probably not relevant to the problem at hand.
<aitiba> i
<sarnold> normally when you use CIDR notation to refer to a network, the bits that specify hosts _within_ the network should be zero; at least for /8 /16 and /24 networks that's easy, it's just having zeros in the last quads, but for other networks it requires math :)
<aitiba> doing a "lxc exec d1 -- /bin/bash" I get "websocket: bad handshake" error Â¿any ideas?
<sarnold> aitiba: any errors from lxc list?
<aitiba> no
<sarnold> aitiba: how about lxc info d1 ?
<aitiba> RUNNING with ip
<smtp_not_working> There's something here: May  8 20:29:14 mta postfix/smtpd[54048]: NOQUEUE: reject: MAIL from unknown[$MYTHUNDRBIRDIP]: 451 4.3.0 Temporary lookup error; proto=ESMTP helo=<[$MYTHUNDRBIRDIP]>
<aitiba> sarnold: all ok
<aitiba> on info too
<sarnold> stgraber: aitiba has a problem that's beyond me :) ^^^
<aitiba> sarnold: thanks for try
<sarnold> aitiba: stick around.. when he returns he might know :)
<sarnold> smtp_not_working: stackoverflow has a few similar questions and twice the answer was to build an aliases table. it seems unrelated to me but I'm really not a postfix expert.
<smtp_not_working> I also found this: http://www.unix.com/ubuntu/250558-noqueue-reject-relay-access-denied-postfix.html
<smtp_not_working> So I'm checking my main.cf config
<stgraber> aitiba: bad handshake is usually a sign that your source and target LXDs are not running the same version
<smtp_not_working> Am I wasting my time?
<stgraber> aitiba: we unfortunately had to push a change (I believe in 0.8) which changed the websocket protocol a tiny bit, resulting in that error
<stgraber> aitiba: we usually try not to do things like that, but well, that's why we're not calling it production ready yet, our API isn't entirely set in stone yet.
<aitiba> stgraber: we  use lxc 0.7
<TheEternalAbyss> hi can someone help me with apache2 issues on my ubuntu server? I keep getting an error when trying to restart it and I can't seem to solve it. Keeps saying [Fri May 08 19:20:37.962625 2015] [ssl:emerg] [pid 9134] SSL Library Error: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch
<aitiba> so what you say in on lxc version 0.8 and up right? stgraber
<TheEternalAbyss> I don't know why it keeps saying that as I took out any reference to a .key file in my conf, yet it keeps trying to check it
<TheEternalAbyss> so I am very confused here
<aitiba> lxd 0.8.1 ...
<stgraber> aitiba: should work fine if you have 0.7 exclusively everywhere (all servers and all clients) but that error suggests your client is running something more recent than 0.7
<TheEternalAbyss> nevermind got it working
<ciscam> Hi! Can automatic security updates break a production apache server?
<sarnold> ciscam: it's always possible, but we try hard to avoid regressions
<ciscam> sarnold, Okay, so I'll enable it and be sure to be always awake on patch day. Was just wondering on what the conventional setting is
<sarnold> ciscam: we don't really have a "patch day"..
<ciscam> I'm building a new webserver infrastructure from scratch and want to be sure to follow the ubuntu way
<ciscam> It's supposed to become the sandbox
<ciscam> I guess enabling automatic system updates is the way to go then
<sarnold> one less thing to think about :)
<ciscam> Is it desirable to modularize apache/php and mysql in such an environment?
<bekks> the LAMP stack is modularized already.
<ciscam> bekks, thanks for the info. I understand that putting each into an individual VM would be nonsense then
<bekks> ciscam: It is nonsense, because you cant separate apache and php.
<toothe> Hi! When I ssh in, I don't see a message that says "You have X packages that need to be updated" How do I set that as my motd?
<rattking> does anyone here know much about aide?
<hallyn> 18:53 < zul> hallyn:  containers are suppose to be short lived ;)
<hallyn> that's conflating cloud and containers :)
<hallyn> zul: groan.  kvm locked up again.  going to try in a container
<toothe> Hi! When I ssh in, I don't see a message that says "You have X packages that need to be updated" How do I set that as my motd?
<sarnold> toothe: that's managed by update-motd -- see the update-motd manpage, the pam_motd manpage, and /etc/update-motd.d/
<genii> sarnold: Interestingly, dpkg -S on any files in /etc/update-motd.d/   do not resolve to a package
<sarnold> genii: dpkg -S reports files there owned by base-files update-notifier-common ubuntu-release-upgrader-core  for me
<genii> Interesting, not here. But it may be because I continuously upgraded from 12.04 to current 14.10
<sarnold> genii: could be; this is 14.04 LTS
<toothe> i think i have to update /etc/issue.net
<toothe> but...I don't know how..
<genii> toothe: What's wrong with it?
#ubuntu-server 2015-05-09
<hallyn> zul: all right, screw it.  systemd in the container doesn't want to restart jobs.  ship it!
<Abe_> hey, i booted the ubuntu server installation iso from a usb flash drive but it's trying to detect and mount a cd-rom, possible to do it to the usb flash drive?
<zul> hallyn: first thing monday
<collizion> Odd. I've got a 14.04.2 server (fresh install) where resolvconf isn't creating any entries in /etc/resolv.conf. The symlink exists, and it will place the "this file gets clobbered by resolvconf" header in it every time, but it won't insert the nameservers specified in /etc/network/interfaces.
<Patrickdk>  well, then your /etc/network/interfaces isn't set right
<collizion> Patrickdk: Please enlighten me as to how you came to that conclusion, considering the ubuntu installer configured it itself, and I haven't touched those lines.
<Patrickdk> what does any of that have to do with it?
<collizion> Patrickdk: ... The Ubuntu installer configured the contents of /etc/network/interfaces, and one would assume the installer knows how to do it properly. Thus your statement that it isn't set right seems a bit presumptuous.
<Patrickdk> heh?
<Patrickdk> there are only two options
<Patrickdk> resolvconf is broken
<Patrickdk> or /etc/network/interfaces is not right
<Patrickdk> both resolvconf and installer can have bugs
<Patrickdk> and someone has to tell the installer what to put into it
<Patrickdk> be it dhcp or static config
<collizion> Patrickdk: Then it would seem that resolvconf isn't functioning properly in this instance.
<Patrickdk> heh? I can't claim that, I cannot see your interfaces file
<collizion> Patrickdk: You haven't asked to see it, either. You're making assumptions.
<Patrickdk> yes, due to the lack of supplied infomation
<Patrickdk> what did you want me to say? nothing?
<Patrickdk> and let you not have any help at all?
<Patrickdk> based on the information supplied, your /etc/network/interfaces is probably not right
<collizion> Patrickdk: Or... ya know... Ask. That's why there's a question mark on your keyboard. "Hey, I'd like to help. Can I see your interfaces file?"
<Patrickdk> na, no point, you told me twice it's perfect
<Patrickdk> and can't be wrong
<Patrickdk> and you never asked for help
<collizion> Patrickdk: I think you need to get some sleep or take a vacation or something.
<Patrickdk> so why would I respond assuming you wanted that
<collizion> Patrickdk: if you're curious, the answer seems to be that if there is a secondary IP address specified for the interface in /etc/network/interfaces, resolvconf seems to latch on to that stanza for configuration rather than the previous. Because there isn't any DNS information specified for the secondary entry, it sets an empty /etc/resolv.conf file.
<collizion> Does Ubuntu prefer a specific method for adding a secondary IP address other than the iproute2 method of adding a second "iface eth0 inet static" stanza with just an address?
<Patrickdk> that is not valid
<collizion> Patrickdk: It works just fine in terms of setting the addresses, but resolvconf doesn't like it.
<collizion> Manual /etc/resolv.conf it is.
<Patrickdk> ya, cause the parser is forgiving, but resolvconf isn't as much
<Patrickdk> iface eth1:7020 inet static
<collizion> Patrickdk: I believe that interface aliases are deprecated.
<Patrickdk> likely
<Patrickdk> but then the arp command has been deprecated for >10years
<Patrickdk> and ip neigh has been deprecated for 5years
<Patrickdk> so there is no non-deprecated to do proxyarp or arp stuff anymore in linux
<collizion> Patrickdk: iproute2 is fine with multiple stanzas with the same interface name, treats them as one. resolvconf just doesn't like it all. I think the present alternative is to add up/down lines to the interface stanza so that ip addr adds/deletes the secondary IP on ifup/ifdown.
<collizion> Patrickdk: Which did solve the issue.
<Patrickdk> yes, you can do ip addr add
<Patrickdk> that works
<Patrickdk> but if you atleast use depreciated ifconfig, like lots of tools still use
<Patrickdk> you will never see it
<Patrickdk> unless you use, label eth0:xxxx
<Patrickdk> and then your back to aliases
<collizion> Patrickdk: It's fixed/working now without using an alias.
<Patrickdk> but then, ifconfig is depresiated too
<ReScO> hey people!
<collizion> sup
<arcsky> anyone know a mangment tool for my ubuntu servers like windows SSCM ?
<bekks> Whats "SSCM"?
<Patrickdk> bash
<Patrickdk> puppet?
#ubuntu-server 2015-05-10
<Onionnion> that embarrassing moment when you overwrite your level-0 tar backup with an incremental tar.
<hadifarn_> I have about a thousand static html vhosts site on subdomain. I want to add Analytics code into those html pages. is there a way of doing this with a script?
<game0> hi guys, I'm new to ubuntu server
<game0> I have two questions:
<game0> first: I want to know how to modify the ubuntu server to be able to configure it without using the same machine that's running ubuntu
<bekks> use whatever other computer and SSH in to your server.
<game0> do you have a specific tool for that?
<game0> bekks
<bekks> I am using one of the various SSH clients.
<game0> bekks, how to modify it and be able to use it?
<bekks> How to modify what?
<bekks> !ssh | game0
<ubottu> game0: SSH is the Secure SHell protocol, see: https://help.ubuntu.com/community/SSH for client usage. PuTTY is an SSH client for Windows; see: http://www.chiark.greenend.org.uk/~sgtatham/putty/ for it's homepage. See also !scp (Secure CoPy) and !sshd (Secure SHell Daemon)
<game0> bekks, ubottu thanks for the informations
<game0> bekks, ubottu it asked to a port number what should I right?
<bekks> 22
<game0> bekks connection refused
<bekks> Youneed to install and start the ssh server first, as the article, which you did not read, suggests ;)
<game0> bekks, you mean on my ubuntu server
<game0> ?
<bekks> game0: Yes.
<bekks> game0: It's described in the article.
<game0> bekks, thanks I have learned a new thing today
<game0> second: I have modified the hostname on my machine as test.com but when I type test.com it's working. why?
<game0> it's just working by the ip address but not with the hostname
<game0> I'm connecting to the server throw my local network
<game0> did I missed something here?
<hadifarnoud> if I recompile nginx with PageSpeed support, would that change any of my configs? or is it straight forward?
#ubuntu-server 2016-05-09
<Odd_Bloke> wolflarson_: I don't know anything specific, but I do know that there was a major version change of PHP in 16.04.
<yossarianuk>  Hi - I am going to be using KVM for VM's  (16.04_- I tried creating the network bridge using network-manager I can see the following constantly  the following messages in dmesg
<yossarianuk>  br0: port 1(enp3s0f1) received tcn bpdu - br0: topology change detected, propagating
<yossarianuk> howwever if I add the bridge by the old method - i.e editing /etc/network/interfaces manually I do not
<yossarianuk> however I want to use network manager to easly change network profiles and vpn links.
<yossarianuk> anyone know how to prevent this - stp was enabled in nm and the interfaces file
<yossarianuk> sorry rebooted
<yossarianuk> can anyone say why I get the following in dsmeg when I setup a network bridge using network-manager (for bridge br0)
<yossarianuk> [ 1271.540537] br0: port 1(enp3s0f1) received tcn bpdu
<yossarianuk> [ 1271.540548] br0: topology change detected, propagating
<yossarianuk> with stp enabled?
<yossarianuk> > however if I add the bridge just by editing /etc/network/interfaces (old ubuntu method) I do not see anyh messages
<yossarianuk>  i.e - if I use this method (and enable stp) I do not see the messages -> https://wiki.ubuntu.com/KvmWithBridge
<yossarianuk> however I want to use network-manager do easily change netowrk profiles
<marsje> Hi. I'm running 2 machines with Ubuntu 14.04.4 LTS and kernel 4.2.0-35-generic (x86_64). On both machines there is a python script running that is copying files to the cloud. Only one machine uploads 2-5 times slower than the other
<marsje> is there any way I can debug this?
<marsje> I already switched the cables and that doesn't make a difference
<marsje> the NIC are Intel 10-Gigabit X540-AT2 (on 1 Gbit switch)
<yossarianuk> I have made a forum post here -> http://ubuntuforums.org/showthread.php?t=2323900&p=13486188#post13486188
<marsje> both machines have the same driver ixgbe 4.0.1-k
<jamespage> ddellav, hey - hows the testing looking for bug 1569502
<jamespage> ?
<ubottu> bug 1569502 in Ubuntu Cloud Archive liberty "[SRU] liberty point releases" [High,Fix committed] https://launchpad.net/bugs/1569502
<caribou> Hi, do you people think it's a good idea to use ~ubuntu-server-dev to host the ubuntu-specific makedumpfile source git tree ?
<caribou> usually, I keep it in sync with upstream debian, but sometimes there are delta that I wish I could host on Launchpad
<caribou> FYI makedumpfile source contains the kdump-tools + makedumpfile binaries
<rbasak> caribou: I have no objection. I wonder if there's a better team, but maybe it's better to put it whether other trees are.
<caribou> rbasak: the only other think I could think of was foundation but I don't think they have a specific userspace
<caribou> I'll ask in #ubuntu-devel
<rbasak> caribou: sorry, what I mean is that perhaps ~ubuntu-server-dev is a good place because it's where other trees are.
<caribou> rbasak: that's what I think also
<caribou> rbasak: most of the time it is a straight sync from debian so there shouldn't be much delta but yet I think that this is the most coherent place
<caribou> I'll put it there & I can always move it away if needed later
<rbasak> caribou: sure. nacc's work on an importer should be showing up soon, too.
<caribou> cool
<caribou> If someone has a minute to review this very simple merge request so I don't do it for myself : https://code.launchpad.net/~louis-bouchard/ubuntu/+source/makedumpfile/+git/makedumpfile/+ref/fix_lp1571590
<rbasak> caribou: lgtm
<caribou> rbasak: thanks!
<jonah> hi can anyone help. I've just had a nasty accident with chmod on my server and now I can't run any commands. I was trying to chmod a directory but accidently did the root!
<rbasak> jonah: best to restore permissions from a backup.
<jonah> rbasak: hi thanks, I do have backups but just not sure how to actually restore them
<jonah> rbasak: I managed to stop the command when it was running but now I can't run ls or apt or other commands as I get a 'Permission denied' error
<Sling> jonah: can you still run cp?
<jonah> rbasak: also all my apache sites are showing internal server error
<caribou> jonah: was it a recursive chmod ? (-R)
<jonah> caribou: yes it was the owncloud permission fix script! but it ran from the root / dir instead of the directory I should of been in!
<jonah> https://doc.owncloud.org/server/8.0/admin_manual/installation/installation_wizard.html#strong-perms-label
<jonah> so where ocpath is, I accidently just had it as /
<jonah> instead of the right path which should of just been empty and not a forward slash!!
<jonah> Sling: no cp also giving permission denied
<Sling> jonah: mount the disk in another linux system then
<Sling> and at least restore permissions to all the binaries in PATH
<jonah> Sling: ah ok so if I run a live usb flash drive on the server
<caribou> jonah: yeah, you need to boot off the USB flash & mount your server's HD
<jonah> Sling: what permissions/ownerships do I then set from the live cd
<jonah> caribou: ok I'll dig out a live usb, would any of you be kind enough to help me out if I can try load it up now?
<Sling> jonah: ideally you would boot/mount it from the same ubuntu version
<jonah> Sling: ok I'll download a unetbootin now and try load it up...
<Sling> then restore permissions based on that
<Sling> tip: getfacl/setfacl can be used to make dumps/imports of filesystem permissions
<jonah> Sling: ok how do I shut down the server so I can boot the livecd safely?
<Sling> alt-sysrq r e i s u b
<Sling> with a few secs inbetween each letter
<Sling> https://en.wikipedia.org/wiki/Magic_SysRq_key#Uses
<jonah> Sling: hi again, sorry just on a different laptop
<jonah> Sling: found my original ubuntu server install usb flash drive but when i load it up there is no live environment, it has the installer and boot into rescue mode. is there any way to boot into a live shell?
<jonah> Sling: ubuntu server 14.10 lts is what I'm using...
<Pici> 14.10 wasn't an LTS...
<Sling> jonah: the install cd should have an option 'try ubuntu without...'
<jonah> Sling: i think because it's server edition it doesn't have that. shall i just download desktop edition?
<Sling> sure
<jonah> Sling: if I can mount the disks using the livecd is there anyway to see what the permissions used to be?
<jonah> Hi can anyone help. I'm trying to restore some accidently changed chmods and permissions on my server which locked me out. I've booted a livecd and managed to mount the raid array. does anyone know how I now get the permissions back?
<ddellav> jamespage coreycb kicked off the testing, im not sure how to look up the status and he's on swap today.
<jamespage> ddellav, I'm sure beisner would be delighted to show you around that side of SRU's
<maswan> jonah: it depends on what was changed. if it was a recursive one on / or /etc, you're probably out of luck
<ddellav> jamespage ack, i will inquire
<beisner> o/ ddellav :-)
<ddellav> beisner on top of it as usual :)
<maswan> jonah: if it is just your homedir, 755 on directories and 644 on files will likely be sufficient, assuming you have no private data there (thne you'd not want world readable)
<jonah> maswan: hi thanks I ran this but it ran from / rather than the directory I meant it to run from!
<jonah> maswan: https://doc.owncloud.org/server/8.0/admin_manual/installation/installation_wizard.html#setting-strong-directory-permissions
<beisner> jamespage, ddellav - looks like we'll need to re-test those, after resolving some issues @ stable bundles for wily-liberty.  ie. we don't currently have a good baseline, though i suspect those are not pkg or charm issues.  pxc in o-c-t bundles appears to still be wonky.  i'll pong in a bit.
<ddellav> beisner ack, let me know if i need to debug any breakages.
<beisner> ddellav, we're still settling a few corners on the mysql-->pxc switches in the full deploy test bundles.  i suspect i've got something to adjust here re: that.
<maswan> jonah: Ok, I'll recommend a reinstall
<beisner> ddellav, thx will do
<ddellav> beisner :)
<jonah> maswan: what do you think the script has changed? currently I can't run any commands or I get permission denied? would rather save the system than reinstall if possible?
<maswan> jonah: the permissions of pretty much all files
<jonah> maswan: i have a backup but I will lose loads of work from the last couple of days. is there anyway to set back some of the main permissions to at least see if we can get something working again? I did hit ctrl C as soon as I realised the script was running in the wrong place and it had already given out quite a lot of "file not founds" for things it was trying to adjust
<spidernik84> hey there. Any idea of when the "predictable interface names" feature has been introduced, officially? I have installed a couple of 14.04 servers in a period of 3 months. The first one still has the ethX format. I wonder what differs between the twos and if this change has been introduced recently
<maswan> jonah: this will make some commands work, but you are very unlikely to get a sound system again: chmod +x /usr/bin/* /usr/sbin/*
<jonah> maswan: Is there any commands that can pull up what was last modified on the raid and all the ones that match I could go through trying to chown/chmod perhaps?
<ducasse> I need to set up a few containers for various services at home. Should I be learning LXC or LXD?
<patdk-wk> there is a difference?
<jonah> Hi can anyone please help with some permission problems
<jonah> maswan: when I run ls -lRt I can't see any files really that have been updated today at the time it happened... So I don't think it would take too much to repair if I knew what to fix or change the permission back to. I have different partitions. Do you know where this script would start https://doc.owncloud.org/server/8.0/admin_manual/installation/installation_wizard.html#setting-strong-directory-permissions
<jonah> maswan: if you ran it from /
<jonah> maswan: I remember a lot of errors popping up saying can't find //certain-file can't find // does not exist etc
<jonah> can anyone help study that script to see what might have been altered if ran from /
<jonah> or at least changed first...
<sdeziel> ducasse: lxd is a daemon. You can use the lxc command to interact with it
<sdeziel> ducasse: https://linuxcontainers.org/lxd/introduction/
<ducasse> sdeziel: ok, thanks. I just noticed that the tools that come in the lxd package don't seem to 'see' the containers created with the lxc tools.
<sdeziel> ducasse: correct. The lxc tools are ~legacy
<ducasse> sdeziel: ok, but will they still be developed/maintained?
<jonah> hi could anyone please help with restoring some broken permissions or chowns... I've ran a script from root by mistake and it's locked me out, the thing is it sprung a lot of erros up for "directory doesn't exist" etc when I ran the script and I quickly hit ctrl-c so I don't think much has been altered, but just trying to track down how to put it right again if anyone can please help me?
<sdeziel> ducasse: https://linuxcontainers.org/lxc/introduction/: "LXC 1.0 will be supported until June 1st 2019 and LXC 2.0 until June 1st 2021."
<ducasse> sdeziel: ok, thanks. I should have noticed that when I was reading.
<sdeziel> ducasse: np. I can only recommend trying lxd at some point, it's worth the detour
<ducasse> sdeziel: thanks, I guess I'll migrate what I have now before I've invested a lot of time in lxc.
<EmilienM> coreycb, jamespage: hi! any ETA on newton packaging?
<nacc> rbasak: ping?
<jamespage> EmilienM, will probably open the UCA archive this week, but probably no initial packages until first milestone
<EmilienM> jamespage: ok, cool.
<jamespage> might be earlier but we'll see how that goes :-)
<rbasak> nacc: o/
<rbasak> nacc: sorry I missed you on Friday. I have a DMB meeting in 8 minutes though :(
<EmilienM> jamespage: we already gate on Newton, thanks to RDO repos. Let me know when I can do the same with UCA
<nacc> rbasak: np, would you be free after that?
<rbasak> nacc: yes. Shall I ping you then?
<nacc> rbasak: perfect, thanks!
<spidernik84> ducasse, although they are different technologies I'd say go with LXD, which leverages LXC heavily. It is a future proof approach to containers: unprivileged containers by default, complete restful api, distributed. And it works pretty neatly I'd say. We are using it in prod and we're very happy.
<spidernik84> keep in mind that LXC is more supported by automation tools like Ansible and the likes, since LXD final (2.0) has only been released a couple of weeks ago.
<ducasse> spidernik84: thanks! yes, I'll start migrating what little I already have - fortunately I had just started migrating stuff out of kvm guests.
<jeeves_moss> hey guys, what is the best/easiest way to make my own repo?  I have a bunch of dev systems in VMs, and I'm getting kinda sick of updating from the net.
<beisner> ddellav, ok, *-liberty test reruns have completed and are ready to review.  holler with any ?s
<Slashman> hello, is there a list of all default system user uid somewhere? when updating from willy to xenial, the updater is telling me that the uid 26 (from the postgres user) may be in conflict with a default uid, but it doesn't tell me which system user would use this uid...
<bekks> Slashman: It is a warning, not a "that will happen".
<bekks> Slashman: For being sure there is no conflict, investigate your /etc/passwd and /etc/groups files.
<Slashman> this won't tell me if the uid 26 is used for an other system user by a package for ubuntu
<sarnold> Slashman: I think this is the list of hard-coded http://sources.debian.net/src/base-passwd/3.5.39/passwd.master/
<Slashman> sarnold: that's the basic list on anew system :p
<sarnold> Slashman: yes :) all others are dynamically allocated in postinst or similar
<Slashman> I'm looking for "which package use the uid 26"
<sarnold> https://www.debian.org/doc/debian-policy/ch-files.html
<Slashman> sarnold: if system uid are dynamically allocated, then the warning is simply wrong ^^
<sarnold> Slashman: it may be :)
<dasjoe> Oh there is passwd.master
<dasjoe> I was looking for how it gets generated a few days ago
<Slashman> dasjoe: bekks linked it, there is only the default system uid, or did you find an other one?
<dasjoe> Slashman: no, sarnold linked. Anyway, rlaager was updating his Xenial on ZFS-HOWTO, so we were looking for the default UIDs
<Slashman> oh yes, sorry, was sarnold
<Slashman> but nothing at uid 26 on it
<bekks> Slashman: As the warning states, it is a warning only.
<bekks> Its purpose is to warn you, to check correct functionality of a specific service after updating.
<Slashman> bekks: well, a wrong warning that advice to remove the current user (in this case postgres) with a default choice at "yes" seems dangerous
<Slashman> I did not follow it, but I guess someone will
<bekks> Slashman: There is not a single word about removing.
<bekks> At least you didnt tell us until now.
<Slashman> sorry, my bad, here is the message : http://apaste.info/7vA
<Slashman> there is link to a doc lol, did not see it at first
<bekks> That message is totally different frmo what you told us until now.
<Slashman> well, I was just asking to see the default list of uid on ubuntu...
<Slashman> so I could see which was uid 26
<sarnold> hah, nice README
<bekks> You have problem X but asked about problem Y.
<Slashman> well, asking to see if uid 26 is somewhere in a package seems relevant here
<bekks> It isnt, unfortunately. Your problem isnt uid 26, but the mentioned difference between your system accounts and the current defaults, as stated in the first sentence.
<sarnold> now the question is, -why- is it reporting this difference? feels odd.
<Slashman> beardface: yes, I see it now, I didn't read it properly at first, sorry about that
<Slashman> wrong highlight, oh well
<sdeziel> Slashman: I check on a couple of systems and it seems that system accounts are dynamically allocated with UID >= 100 (and < 1000)
<bekks> Slashman: How about starting your current /etc/passwd? :)
<beardface> sdeziel: good
<Slashman> bekks: http://apaste.info/UaP (uid 1000 hidden)
<Slashman> I'm looking at an other ubuntu box and postgres uid is > 100 indeed, dunno what happened on this box, didn't do anything special
<kpettit> I've got a customer that had some CC stolen.  Some sort of exploit on their PHP app so I was asked to take a look.  Any good tools or CLI commands for finding CC numbers in files?  I've got a good one for grep in text files.  But not sure about word and pdf type files.
<bekks> grep
<kpettit> Bad thing is it's not just plain text type of files but I have to deal with PDF and Word docs that are on the server as well.
<bekks> Since word and pdf files arent text files, you'll have noc chance.
<kpettit> I know I can do pdf2text or tools like that, but not sure anything that's a little more automatic
<teward> kpettit: I'll give you an almost guarantee they're not stored in files anymore
<bekks> And most like thse tools will remove the content you are looking for.
<kpettit> is there a way to say "find/grep" only plain text and not binary files like PDF and doc type stuff?
<teward> kpettit: keep in mind if it's a PHP application that's been breached, the application could have transmitted the data, not stored it
<kpettit> teward: any ideas of where to look?  I know they had a PHP shell and lots of junk PHP files.  We got rid of those.
<teward> and if they're stored in binary-form or encoded-form you're out of luck
<bekks> kpettit: So you deleted the files you want to search in.
<kpettit> But not sure how they were getting CC info since it's never stored in database or in files (that we know of )
<teward> kpettit: if you've deleted the junk files you've already lost
<teward> your recovery option is NUke From Orbit and start over
<teward> and your customer has to call the CC company and have their cards frozen, and reissued due to the theft
<kpettit> teward: I've still got the shell files.  But there was no CC in the shell files.  That was just a PHP exploit to upload new files and port scan.  It was actually pretty damn impressive.  But no CC in the PHP file.
<teward> kpettit: you missed my information
<teward> [2016-05-09 14:51:46] <teward> kpettit: I'll give you an almost guarantee they're not stored in files anymore
<teward> [2016-05-09 14:52:13] <teward> kpettit: keep in mind if it's a PHP application that's been breached, the application could have transmitted the data, not stored it
<teward> kpettit: I will bet money at some point that the exploit breached the system, and injected some type of code which would then store the data offsite or transmit it offsite
<kpettit> yeah that's what I was thinking.  I'm just trying to nail down the method
<kpettit> we know the range, and the initial exploit.  But that's as far as Iv'e got
<bekks> kpettit: Then you have to analyze the code you got.
<teward> ^ that
<teward> kpettit: as well as take the exploited *system* offline and load a replacement in its place
<kpettit> yeah we did all that.
<kpettit> Just tryint to nail down how it happend so it doesn't happen again
<teward> kpettit: you said you know the initial exploit method
<teward> that's your attack vector
<teward> mitigate that vector
<teward> if impossible, determine if 'Acceptable Risk' can be done with the application as is
<teward> if the risk is not acceptable, then they have to start looking for a different application solution that doesn't have this attack vector as a risk
<teward> secondly, if there's an update for the PHP application that patches against this risk, update.
<kpettit> yeah I've already got it locked down hwo they initially got it.  Just tyring to dig more
<kpettit> it's a homegrown app which makes it more painful.
<teward> this is why i keep all PHP applications updated, and ROUTINELY run a full powered Nessus scan that checks everything on my servers that's webfacing
<kpettit> it's a total front to back home grown PHP thing
<teward> kpettit: then you have to run the code analysis yourself
<kpettit> yeah that's going to be fun.
<teward> if you've locked down how they got in in the first place, you are now beyond the protection/mitigation phase and 'exploit analysis'
<teward> since it's home grown only you can do that
<teward> and this channel can't really help much more than that
<kpettit> I'm more trying to figure out how to search/find if any text sort of file still has CC info.  The grep's I've been using having been matching well with my tests
<kpettit> this is what I've been using.  http://kudithipudi.org/2011/08/17/how-to-use-grep-to-search-for-credit-card-numbers/
<teward> kpettit: i'm going to give you a suggestion: if they're .doc and .pdf you never will
<teward> and chances are things aren't plain text
<teward> and if they are they're encrypted or encoded
<teward> or, already transmitted and rm -rf'd
<kpettit> that's fine.  If I can rule out text files for now that gets me farther
<kpettit> for sure.  that's a good suggestion.
<kpettit> trying trying to get a better grep command for now.
<bekks> I guess randomly grepping gets you nowhere, not farther.
<JanC> searching .doc & (some) .pdf isn't so hard
<JanC> not sure why they would put CC in those though
<kpettit> my guess is it was transmitting CC as things processed, but I don't know for sure
<kpettit> Im just trying to rule out them being stored and if I can do a quick grep that helps.
<hallyn> arges: smb: zul: should i wait on you guys to take a look at the libvirt yakkety merge, or just push when i think i'm happy?
<hallyn> my main concern is once i start the package-rename game, we can't turn back :)
<teward> kpettit: i'll bet you a dollar they were in an 'intercept-and-transmit'
<teward> kpettit: that's how I see most of those types of exploits, at least that i've observed
<kpettit> teward: that's my guess too
<teward> kpettit: in which case you'll have to examine your home grown application, and note any discrepancies from the last-good copy
<kpettit> yeah, it's always fun for sure.  thanks for the advise
<teward> kpettit: you're welcome.  unfortuantely though I can't give any more insights than that
<kpettit> no worries.  Just seeing if there was something obvious I was missing to check on.
<teward> kpettit: I've learned that there's never anything obvious with these types of breaches
<teward> 'obvious' can only be observed if it's a well known breach of a well known software
<kpettit> for sure it's looking that way
<teward> since you're working on a home grown solution, that's not an option
<kpettit> the PHP shells were obvious at least.  Beyond that...
<kpettit> yeah.  I'm so impressed with those PHP shells though.  They'd make great little admin tools.  Might hack one up and protect it to use it that way.  Great little utilities in some of them
<zorbsone> If I want people to be able to access a folder called "school" from my Ubuntu-Server /var/www//html/ directory, it should simply be: sudo chmod 755 -R /var/www/html/school -- or is that not correct? the file permissions are set to:  4 drwxr-xr-x 3 root root    4096 May  9 15:20 school
<c00lbard> zorbsone: Access it from what?
<zorbsone> I want other users to be able to access the directory from the web.
<c00lbard> zorbsone: Then the above permissions should work fine
<SierraKomodo> Anyone happen to know if there's a way to setup a web interface for iptables/ufw on ubuntu that can be set to only accept localhost connections?
<JanC> sure, why not?
<rbasak> nacc: I guess my publishing history traversal algorighm fails unless you store highest_series_seen between invocations.
<nacc> rbasak: yeah, that's the advantage of the generator function, though, the state is saved :)
#ubuntu-server 2016-05-10
<Sachiru> For NAS boxes for remote sites, (which run one or two Nginx + PHP-FPM + MariaDB + Ruby stack VMs), what's a good lightweight log collection and analysis tool? These boxes are lightweight, Core i3s with 16GB of RAM only.
<nacc> Sachiru: i have no idea on the details, but maybe look at logwatch?
<arges> hallyn: make it so
<hallyn> arges: oh ye of too much faith
<zorbsone> how do I show directory files in say /var/www/html/school on the internet. I keep getting error 403. I've chmodded it and it looks like this: (4 drwxr-xr-x 3 root root    4096 May  9 15:20 school) -- Inside the directory the files are set as:  -rwxr-xr-x 1 root root; any ideas?
<SierraKomodo> zorbsone: For apache (Not sure on other web server software), the director and files should be owned by www-data:www-data
<SierraKomodo> directory*
<sarnold> SierraKomodo: the ownership doesn't matter so long as the modes allow the web server process to read the files
<SierraKomodo> Fair point; usually easiest to provide ownership to directories/folders in /var/www in my experience though
<SierraKomodo> Better response probably would've been 'The directory and files should be readable by www-data, and the directory executable by www-data'
<SierraKomodo> In hindsight, should also have checked .htaccess to see if indexes was denied.
<smb> hallyn, Meh, no fun without some risk. And I would not really expect us to want to go back anyway. :)
<danbuntu> Hi all I'm trying to get some eyes on #1579818
<danbuntu> The recent samba upgrade has borked winbind/ mod_auth_ntlm
<danbuntu> This is causing a fair bit of grief in the moodle/ education community as it's broken single sign on
<Takumo> Hi all, anyone got a workaround for installing PHP 5.6 on Xenial?
<cpaelzer> nacc: did you look at samba recently? - any idea about bug 1579818 mentioned above by danbuntu
<ubottu> bug 1579818 in samba (Ubuntu) "Samba 4.3.9 causes winbind/ mod_auth_ntlm to segfault" [Undecided,Confirmed] https://launchpad.net/bugs/1579818
<sexytime> say i got a new box. and i installed ubuntu server on it. i would like to remove everything that i wont be using the server for. in this case. all im going to run in this box is a nodejs server
<sexytime> keeping this in mind. how would you recommend i go about removing the stuff i do not care for
<sexytime> i heard in #ubuntu that just doing a minimal install is fine enough. is that correct?
<rbasak> Define what you want removed.
<rbasak> A default server install is fine enough, too.
<rbasak> If you don't want the default, then you need to say what you want removed.
<sexytime> everything that does not hinder my ability to run with the nodejs server
<sexytime> sorry
<rbasak> So things like bash autocomplete?
<sexytime> anything that does not relate with the nodejs server
<sexytime> ok maybe not that
<rbasak> And less, to view manpages?
<rbasak> It's all these little things that we make sure the default install has. So a sysadmin is comfortable.
<sexytime> hm. i think i'll be fine with the minimal install. + sshd
<rbasak> There's also http://cdimage.ubuntu.com/ubuntu-core/xenial/daily-preinstalled/current/ if you want to start from an absolutely minimal filesystem. The only thing that works is the package manager so you can install packages to do things. But many things aren't present - eg. no DHCP client support.
<sexytime> hm nice. i'll give it a thought
<sexytime> thank you rbasak
<sexytime> sorry im a bit noob with ubuntu servers. what other package managers etc are on there in a default minimal install? i know there is apt-get and pip. any other i should be aware of and keep upgrading?
<sexytime> i wish to keep my software updated at all times for security reasons. thats why
<rbasak> On a default install, apt is sufficient.
<sexytime> alright thank you so much. i appreciate the help
<rbasak> If you use a third party package manager, then updates for what you install through there are up you to use that tool, eg. pip.
<sexytime> yeah. i was trying to ask what comes with the default that i may not be aware of
<sexytime> the stuff i add i try to remember the best i can
<lovetruth> hello :)
<lovetruth> I am looking for some good ERP software which: *is opensource; *uses sql; *can do document management/tracking -> preferably, using the already in use samba server as storage (already have a directory/file structure for the files...); *has some web interface; *if possible, with email notification of users that they have new document to review/approve
<lovetruth> ubuntu server 14.04 here
<lovetruth> taking a look at Alfresco and OpenKM right now...
<hateball> lovetruth: there is odoo, dont remember if it has all those bits. also it was a bit of a pain to setup, docs are scarce
<lovetruth> one of the most important requirements for the erp software is to be able to do tracking (where the doc is)/review (view and change something if needed, with any software the user chooses - this is why the ERP should have cifs/samba support for file storage, with directory structure of documents chosen by me)/approval (view and eventually send/etc the document). I should be able to set some serial workflow for the document, 
<lovetruth> like: document created on samba server, folder X/y/Z. User A notified, has to review. User A finnished, User B notified. User B now reviews... etc, User C, etc. Some admin users can view at least where the document is, where the workflow stoped, etc...
<bigon> hi
<bigon> are there any objections if I'm hijacking the "selinux" package name in debian?
<bigon> ATM we have a selinux-basics package in debian an I was thinking about renaming it
<bigon> in ubuntu I see that there are some upstart scripts there
<bigon> do you actually care?
<bigon> last upload of that package is 2012, so...
<pirx_> hello! how do i go about fixing apt dependency problems like this? any idea? http://pastebin.com/i8zzgnRf
<rbasak> pirx_: do you have apt repositories for both lucid and precise enabled? That can cause problems like this.
<rbasak> pirx_: if apt complains that something is needed and is not going to be installed, you can add that to the install line explicitly, and then apt should tell you why it cannot be installed.
<pirx_> will try!
<pirx_> No apport report written because MaxReports is reached already
<pirx_> rbasak: how can i see if repos are enabled for both lucid and precise?
<pirx_> when that server was originally installed, an external repo for postgres was added
<pirx_> sources.list.d/pitti-postgresql-lucid.list
<pirx_> but that repo is commented out in that file now
<pirx_> now i removed it even
<pirx_> doing apt update again
<pirx_> same thing
<rbasak> pirx_: perhaps you don't still have the repos enabled, but you shouldn't be using any packages from that repo still. Can you upgrade those packages to ones available from precise's official repo?
<pirx_> i would like to try, but how? :)
<pirx_> dpkg -i manually?
<rbasak> apt-get install the right package names. It should use only enabled repos, so precise ones.
<rbasak> Make sure you take a full backup first.
<pirx_> luckily this is a virtual staging server
<pirx_> so i can just snapshot it
<pirx_> but i cant do "apt-get -f install postgresql-9.1" anyway
<pirx_> http://pastebin.com/u9RbFqH0
<pirx_> i wonder if i can uninstall and reinstall postgres
<pirx_> will the data survive? who knows...
<rbasak> So try: apt-get -f install postgresql-9.1=9.1.21-0ubuntu0.12.04 postgresql-client-9.1=9.1.21-0ubuntu0.12.04
<pirx_> i did a remove and then install on the postgresql packages
<pirx_> it worked!
<pirx_> the data survived
<pirx_> it was a hot standby replicated server
<pirx_> now i will try the same on the master
<pirx_> and i can install java just fine
<pirx_> good!
<pirx_> rbasak: thanks!
<pirx_> rbasak: worked like a charm with the master server too:)
<rbasak> Great!
<ktosiek> Hi! I have a server with postfix doing basic checking and proxying. Now I want that server to be able to send mail from cron.
<ktosiek> Is there any good way to setup something like that? Postfix's next hop does not handle the addresses I want to send to
<caribou> rbasak: remember my makedumpfile MP of yesterday ?
<caribou> rbasak: is the merge actually done through the LP's web interface or from the CLI on the git repo ?
<dasjoe> sarnold: hey! I've got a somewhat new problem. I have to run a php cli cronjob as user x, and serve some php as www-data. Both php scripts need access to a single id_rsa (and execute stuff). What's the recommended way to do this, without running the cronjob as www-data directly
<hallyn> arges: smb: zul: ok so we're all ok with bumping libvirt in yakkety i think;  do any of you want to test anything more before i really ship?  smb, a xen test perhaps?
<hallyn> if not that's fine - i'll ship :)
<smb> hallyn, I still have to set up yakkety xen hosts so ... just go ahead
<hallyn> kewl, will wait on zul response the hit go
<hallyn> then let the bugpage floodgates open
<devster31> hi people, where can I find the .config file used to build the kernel of my current ubuntu installation?
<sdeziel> devster31: /boot/config-$(uname -r)
<jesk> when trying to install Ubuntu Server 16.04 LTS the installer says "Failed to retrieve the preconfiguration file.....file:///cdrom/preseed/ubuntu-server.seed".
<jesk> when I skip this error I have to install manually but then it fails to detect my NICs
<jesk> its a standard HP DL380 machine
<jesk> gen9 I believe
<devster31> sdeziel: thanks
<nacc> cpaelzer: only in the context of the server guide, not bugs themselves (yet)
<cpaelzer> nacc: ok, just saw it scrolling by this morning and wanted to see if you might know more
<cpaelzer> nacc: did you complete the smaba section already last week?
<cpaelzer> nacc: because I have thre mp's submitted and I think it is about time they do another release
<cpaelzer> nacc: but we wanted to wait for samba to be refreshed
<nacc> cpaelzer: yes, i did, doug was going to review
<cpaelzer> nacc: great
<nacc> cpaelzer: i belive i marked it that way on the wiki, but i might have forgotten to updated
<cpaelzer> nacc: I'll send doug a reply on my last mail and set you on CC
<nacc> cpaelzer: sounds good, thanks
<cpaelzer> nacc: might you have a mp link for me to refer to ?
<nacc> https://code.launchpad.net/~nacc/serverguide/samba/+merge/293442
<nacc> in reply here, he did say he might have to wait  aweek or so
<cpaelzer> nacc: yeah just read it - thanks for the link
<cpaelzer> nacc: your inbox should just have grown by one
<nacc> cpaelzer: ack and thanks
<hallyn> zul: though i'm stil worried about how bug 1579922 affects libvirt upgrade
<ubottu> bug 1579922 in init-system-helpers (Ubuntu) "dh_systemd_enable fails due to 'preset' when service file is renamed" [Undecided,New] https://launchpad.net/bugs/1579922
<hallyn> meh.  i guess i can't push until that's fixed in one pkg or the other
<zul> hallyn:meh
<rbasak> caribou: I'm not sure if LP can do it. I don't see a button. Could it do it with bzr? Pushing with git from the CLI should certainly work. I believe LP will pick up that it happened, too.
<caribou> rbasak: ok, just wanted to be sure that I wasn't chasing the obvious
<cebalrai> Is there a reason, why nfs4.1 is not used by default with ubuntu clients?
<hallyn> zul: wait, upgrade went fine this time.  lemme try a few more
<hallyn> hm, can't get it to fail now.
<nacc> cpaelzer: looks like upstream and marc have that one under control, fwiw
<cpaelzer> nacc: about doc?
<nacc> cpaelzer: that samba bug, sorry
<cpaelzer> nacc: np, ok
<LostSoul> hi
<LostSoul> Is there chance to do sub search in nss_base_passwd ?
<LostSoul> Like when I want to check if user is memberof=XXX or member of subgroups of that group?
<jesk>  
<LostSoul> ?
<LostSoul> So I'm trying to setup libnss/ldap login to server based on AD membership
<LostSoul> Problem is I can force it to allow login members that are member of X group or that are member of GROUPS that are member of thix X group
<LostSoul> I'm only allowed when user is member of X group, but not when he is member of group that is member of that group
<LostSoul> Any ideas?
<patdk-wk> that is a limitation of AD
<patdk-wk> same issue when I use groups in sharepoint
<patdk-wk> users in a subgroup of a group, don't work
<LostSoul> patdk-wk: So there is no workaround on that?
<patdk-wk> via ldap? dunno
<patdk-wk> it works fine for me
<patdk-wk> my user is a member of groups of subgroups works fine in ubuntu with AD user
<patdk-wk> but I do not use ldap to interface to AD for that
<LostSoul> Hmm
<LostSoul> So how do you check it?
<LostSoul> I mean line that verify it
<patdk-wk> I am using sssd
<sarnold> dasjoe: normally you'd make the key file owned by a group and have both the cgi and the cli programs run with that group ownership, but that might be annoying for one or the other of these tools. You could use posix acls to give both www-data and the cli user access to the file, see setfacl manpage for details
 * patdk-wk wonders when that question was asked
<sarnold> patdk-wk: four hours ago? heh
<patdk-wk> dunno, count time by scrollback pages :)
<sarnold> oh I'd never find it -that- way, /lastlog -hilight 10  :) heh
<patdk-wk> I just use scrollback, and have it set to autohighlight keywords
<arooni> what logs would i check in /var/log if my server unexpectedly restarted
<patdk-wk> probably none
<patdk-wk> normally unexpectedly restarted == wasn't able to log why
<arooni> but wouldnt there be some indication of the last things that were happening
<arooni> before it restarteed?
<arooni> restarted *
<patdk-wk> if whatever was last happening logged stuff? sure
<patdk-wk> if the disk flushed the write buffer? sure
<patdk-wk> or, if the kernel flushed the write buffer
<patdk-wk> but we wouldn't know what was happening
<patdk-wk> so dunno what log to look in, it's your server
<patdk-wk> the only *generic places to look is dmesg and syslog
<patdk-wk> other than that, heh, depends on how you configured and what your running
<arooni> well thanks for breaking it down
<arooni> i'm a bit noob to linux sysadmin ;; coming at it as an app developer
<qman__> Usually if a server restarts on its own, it's a hardware problem
<qman__> Software problems produce errors and crashes, not reboots
<qman__> Unless you intentionally configured it otherwise, of course
<belea> hi, i've got an ubuntu server 16 on 3x120gb ssd disks ... the partitioning is quite weird a total of 180 gb ... http://pastebin.com/5duPiwzX
<belea> anyone has any ideas why this happens? :-?
<sarnold> what's weird?
<patdk-wk> I don't see any partitioning, only filesystems
<patdk-wk> 20g, and 91gigs
<sarnold> when I installed on a system with 120 gig hard drive and 128 gigs of ram, the installer gave me 900 megabytes for / and 120 gigabytes for swap
<belea> i dont get why it's broken into 16gb filesystems
<sdeziel> belea: those 16GB mounts are tmpfs
<belea> and the total is 180gb not near to 300+
<belea> so i actually just have 1 x 120 gb mounted ?
<belea> in the dmesg i see sda sdb and sdc each 120gb
<belea> [sda] 234441648 512-byte logical blocks: (120 GB/111 GiB)
<coreycb> arges, testing has completed successfully for bug 1569502
<ubottu> bug 1569502 in Ubuntu Cloud Archive liberty "[SRU] liberty point releases" [High,Fix committed] https://launchpad.net/bugs/1569502
<dasjoe> sarnold: thanks, I'll read about that. I had hoped for something automagically, like running the cgi as the normal user when serving files from that user's public_html
<Executioner> Is it a problem if I get [pcilib: Cannot open /proc/bus/pci; lspci: Cannot find any working access method.] output to the terminal during the init of do-release-upgrade?
<sdeziel> dasjoe: I'd be curious to know if the SSH client will accept to use a key file owned by someone else (even if the an ACL allows it to). So please let us know how it goes :)
<Executioner> This is where it asks me to continue even if I'm connecting thru SSH
<Executioner> err
<Executioner> "The required dependency 'apt (>= 1.0.10.2ubuntu2)' is not installed." During a do-release-upgrade, what?
<arges> coreycb: i'll promote tomorrow since its only 6 days. that ok?
<coreycb> arges, definitely, thanks.  I lost count. :)
<bc2946088> I've tried multiple times to deploy openstack using autopilot and though the environment does deploy, nagios shows a ceph health-warn that i've been unable to resolve.  I currently have a fresh deployment in that state after it was freshly deployed, has anyone else experienced that with ceph/ceph and autopilot?
<roaksoax> dpb1_: ^^
<sarnold> dasjoe: you might be able to do something like that via php-fpm
<dpb1_> bc2946088: do you know how to get access to the underlying environment?
<dpb1_> bc2946088: basically this: http://askubuntu.com/questions/606422
<dpb1_> bc2946088: do that, then do juju ssh ceph-mon/0, and show me 'ceph status' as the root user please
<bc2946088> Sorry, went to grab a pizza, @dpb1_.  I havne't had much success connecting to any juju enviroment, but I'll give it a whirl following that link.
<dpb1_> bc2946088: ya, that is where the real magic is
<bc2946088> dpb1_: http://paste.ubuntu.com/16353352/
<bc2946088> Do I need to add the containers to bind?
<bc2946088> oh, nevermind, didn't realize I was connected, regardless of the error
<bc2946088> Here is the relevant, ceph status, http://paste.ubuntu.com/16353372/ dpb1_
<bc2946088> It's amazing how helpful it is when you can connect to the lxc containers.  Ha, I really couldn't get anywhere from the physical machines.  http://paste.ubuntu.com/16353393/
<bc2946088> any idea where I set 'mon pg warn max per osd = 500' the changes didn't stick after restarting the service or the host.. So I am assuming it's getting ceph.conf from somewhere.
<sarnold> bc2946088: may grep around in https://jujucharms.com/ceph/xenial/0  ?
<patdk-lap> lhmm, having a most horrible issue with sendmail and lxc
<dpb1_> bc2946088: you need to be root
<dpb1_> sudo ceph status
<dpb1_> you will get something more interesting
<bc2946088> yeah, figured that, shortly after and then did another paste, http://paste.ubuntu.com/16353393/
<dpb1_> bc2946088: https://bugs.launchpad.net/charms/+source/glance/+bug/1492742
<ubottu> Launchpad bug 1492742 in nova-compute (Juju Charms Collection) "too many PGs per OSD" [Medium,Triaged]
<dpb1_> bc2946088: could you add your experience there (sorry, I'm not a ceph expert)
<dpb1_> bc2946088: if you add debugging details, I'll get someeone to chime in tomorrow
<bc2946088> yeah, will do, I did read that over the past couple minutes, and it matches my issue.  There is a work around in changing a ceph mon value to increase the pgmax, but sadly, I'm unsure where to set it.  By setting it in ceph.conf on the container, the changes are lost when the service restarts, or the instance reboots.
<bc2946088> I previously deployed the same setup with one less physical node, which has 3 less drives and I didn't have any troubles.
<dpb1_> bc2946088: where you can see all the openstack services with 'juju status'
<dpb1_> bc2946088: do 'juju get ceph-mon'
<dpb1_> or 'juju get ceph-osd'
<dpb1_> then, you can change things with 'juju set ceph-mon "key=value"
<bc2946088> oh wonderful!  I just accidentally marked one of the nodes as broken and now it's no longer deployed.  I'll redeploy and give that a try, thanks for all your help.  For the life of me, I couldn't figure out how to connect to the juju instances, so I'm leaps and bounds ahead
<dpb1_> bc2946088: yes, everything is 'juju get' 'juju set' once you know where to look.  and please do mark your findings in that bug.  Thanks!
<bc2946088> I will certainly add them once I can test further!
#ubuntu-server 2016-05-11
<ruben23> hi guys anyone can help with this error if i do apt-get update, i get this error ---> W: GPG error: http://extras.ubuntu.com precise Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 16126D3A3E5C1192
<ruben23> how do i removed that key so it wont bother anymore
<RoyK> ruben23: http://askubuntu.com/questions/13065/how-do-i-fix-the-gpg-error-no-pubkey perhaps
<RoyK> ruben23: google usually knows more than people on irc ;)
<ruben23> RoyK: but i just want to remove the key..coz i dont need it anymore
<patdk-lap> removing keys are pointless
<patdk-lap> if it lists the key, you need it
<patdk-lap> if you don't need it anymore, remove the repo
<ruben23> how to do it somehow please
<ruben23> patdk-lap: how to removed th repo that causing the key error somehow...any help
<patdk-lap> dunno how you added it
<sarnold> find the http://extras.ubuntu.com line in /etc/apt/sources.list or /etc/apt/sources.list.d/ and edit it as needed
<patdk-lap> very strange
<patdk-lap> fixed my lxc sendmail issue
<sarnold> what was it?
<patdk-lap> dunno what happened, cause in my lxc template it is fine, but /var/spool was removed of all group and other permissions
<sarnold> o_O
<patdk-lap> it was the same way on 8 lxc instances
<patdk-lap> but my template is fine
<patdk-lap> and the update script I use to maintain them, doesn't touch /var
<patdk-lap> I'm cold
<patdk-lap> I should soak in some nice hot water
<ankitkulkarni> can any one help me with this question - http://askubuntu.com/questions/770601/could-not-add-sta-to-kernel-driver-hostapd-not-able-to-connect-more-then-10
<ankitkulkarni> I am getting "could not add sta to kernel driver" for kernel version 4.2.0.27 when i connect more then 10 clients to hotspot in AP mode. The wireless card is intel 3165
<ankitkulkarni> and hostapd version 2.1
<KlausedSource> hey, I have trouble getting network time to work on my server. I followed https://help.ubuntu.com/lts/serverguide/NTP.html
<KlausedSource> the problem is (thats why I was looking into it in the first place) that the time is about 6 minutes in the past
<KlausedSource> output of "date": Mi 11. Mai 11:11:35 CEST 2016
<hateball> KlausedSource: can you manually run ntpdate to update time?
<KlausedSource> hateball, I just fixed it. I ran service ntpd "restart" and then service ntpd "reload".
<KlausedSource> In the documentation it is only mentioning reload
<KlausedSource> but that wasnt enough
<hateball> :)
<KlausedSource> https://bpaste.net/show/5505b67a8074
<spm_draget> I used apt-add-repository to add a ppa. When upgrading, it wants to install stuff from this repository. But I only need one package. How do I tell apt to ignore this repository unless I install something epxlicitly from it?
<dasjoe> spm_draget: https://help.ubuntu.com/community/PinningHowto
<source47> hi guys, any ideas why i get problems with ubuntu 16.10 containers when i run 'systemctl reboot'
<source47> here is the log https://gist.github.com/developerinlondon/30efa347f13ac820dc5e533d32b4966e
<hrw> hi
<hrw> can someone tell me where I find docs about building https://uec-images.ubuntu.com/releases/16.04/release/ubuntu-16.04-server-cloudimg-arm64-uefi1.img image?
<rbasak> rcj: ^
<rbasak> or Odd_Bloke perhaps?
<Odd_Bloke> rbasak: I was gonna say. ;)
<Odd_Bloke> hrw: First thing to note is that uec-images.u.c is deprecated, you should use cloud-images.u.c in future.
<Odd_Bloke> hrw: Secondly, there isn't much documentation, unfortunately; do you have any specific questions that I can help you with?
<Odd_Bloke> rbasak: (Thanks for the ping! :)
<hrw> Odd_Bloke: I am trying to understand uefi boot stuff on aarch64 and this iamge boots. so would like to experiment a bit with it but it involves rebuilding it
<Odd_Bloke> hrw: Could you achieve what you want by modifying that image?  http://ubuntu-smoser.blogspot.co.uk/2014/08/mount-image-callback-easily-modify.html gives you an easy way of doing that without booting it.
<hrw> I know how to modify existing image. have fedora/debian/ubuntu/opensuse images on hdd now. ubuntu lacks any information on how to rebuild them.
<Odd_Bloke> hrw: (The original build uses Launchpad but, because the way it runs grants access to internal networks, only Canonical employees are allowed to run image builds)
<hrw> as 'ubuntu cloud' wiki pages are from <12.04 times
<Odd_Bloke> hrw: So, unfortunately, there isn't a good way to reproduce builds locally. :(
<hrw> Odd_Bloke: even launchpad servers run software. if build-ubuntu-cloud tool is not opensourced then just say it and I will go to other duties.
<hrw> ok, fine for me
<Odd_Bloke> hrw: I think everything involved is open source, but it's not really designed to run outside of the Launchpad environment, so you'd spend a lot of time getting it working elsewhere.
<hrw> ok
<hrw> worked at Canonical in past. got used to that some stuff is LP only
<Odd_Bloke> hrw: The relevant LP bit is https://launchpad.net/launchpad-buildd
<hrw> thanks Odd_Bloke
<Odd_Bloke> hrw: And the live-build and livecd-rootfs packages in the archive are used to do the build.
<Odd_Bloke> hrw: That might be enough to hack something up that works. :)
<source47> any ideas why localed has permission errors? I am running ubuntu15.10 container inside a ubuntu15.10 host. here is the syslog - https://gist.github.com/developerinlondon/b8be2a693cf33bdbd188a3725324e3f8
<hrw> bye
<FManTropyx> no idea really, but usually I solve such issues by running stuff as root :) such as launching all daemons, then let them chroot and/or change user, drop privs
<bc2946088> Is there a way to adjust the pg_num to a smaller value after a ceph pool is created?  I'm able to grow the number but that has the opposite affect as I want.
<mcdado> hello! i installed sshguard on my 14.04 server, is it enough or i need to configure it somehow?
<mcdado> and how to set it up? the instructions at http://www.sshguard.net/docs/setup/ are not clear
<Pici> mcdado: their FAQ suggests that you shouldn't need to make any configuration changes off the bat.
<ravenx> anyone done an upgrade from 12.04 to 14.04 via 'do-release-upgrade' and got stuck?
<ravenx> it keeps saying it's trying to install iproute2
<ravenx> since it's package name was changed
<bc2946088> I think I found my answer, and don't believe it's possible.  Once the pool is created in ceph, you're unable to shrink the placement groups.  You can make them bigger, but not smaller.
<mcdado> Pici: thanks for your reply! I took some time and am starting to see sshguard records in /var/log/auth.log with reports of it blocking IPs
<mcdado> now, i also see a lot of "reverse mapping checking getaddrinfo for {hostname} [ip address] failed - POSSIBLE BREAK-IN ATTEMPT!"
<mcdado> what does it mean exactly? the server is doing reverse lookups on connecting IPs and failing?
<Pici> sounds like it.
<mcdado> do i need to worry about it?
<Pici> I wouldn;t.
<mcdado> that POSSIBLE BREAK-IN ATTEMPT looks quite scary :D
<maswan> I think that's from back when hostname-based rules were more common
<Pici> I used to see that a lot on my logs when I was forwarding ssh traffic through my server.
<mcdado> if i were to change ssh port, are there best practices on a good value to choose? i read below 1024 on a serverfault answer, but basically any value will do?
<nick125> I'd probably avoid any commonly used ports (HTTP, HTTPS, SMTP, etc), but yeah, it doesn't really matter too much
<JanC> choosing a different port will likely only lower the number of break-in attempts by weeding out the script kiddies; it's less likely to confuse the professionals much...
<mcdado> thanks
<mcdado> yeah i guess that's okay
<JanC> at least, that's my opinion  :)
<mcdado> so far i disabled root password auth, installed sshguard.. thinking of changing ssh port.. any other low hanging fruit to strengthen a bit more my machine?
<ravenx> anyone had to deal with an iproute renaming to iproute2 problem here?
<ravenx> my do-release-upgrade is buggin' out
<JanC> mcdado: personally I disable all password authentication
<JanC> of course you must make sure key authentication works before you do that  :)
<mcdado> yeah that would be a good idea, i have already all the keys set up already, no point in having ssh password auth
<JanC> mcdado: also make sure you have a backup of important keys in a secure place
<patdk-wk> mcdado, changing ssh port doesn't strengthen anything
<JanC> especially if you don't have physical access to that server
<mcdado> patdk-wk: i agree, it just obfuscation
<JanC> or access through some sort of remote console
 * patdk-wk is paranoid about remote consoles
<patdk-wk> those are normally very insecure devices
<patdk-wk> and never get firmware updates, if it is even possible
<JanC> you don't want to lose access to a server because the PC that had the access key crashed  :)
<patdk-wk> yes, but you also don't want to expose those remote consoles/ipmi/ilo/... to the internet
<JanC> patdk-lap: they can be implemented in many ways
<JanC> patdk-wk: ^^^
<patdk-wk> yes, just very rarely find one that is trustworthy :)
<mcdado> what exactly are remote console?
<patdk-wk> a serial port console? ipmi access, ....
<mcdado> oh i see
<JanC> patdk-wk: also, my VPS/dedi hoster allows me to boot a rescue image, which is different, but can also be used to fix certain issues
<patdk-wk> ya, now with vps/vm's, a virtual console interface is easier for them to implement
<patdk-wk> but I have seen providers that have had security issues with those too
<JanC> they have that on their dedicated hardware too
<JanC> have had that for a decade at least
<patdk-wk> yes, have had issues with it on dedicated hardware being secure at hezlier or however you spell it
<patdk-wk> I have some of them for my old pre-ipmi machines
<patdk-wk> but I stil lwouldn't trust those devices on a non-secure network
<JanC> a secure network is always better indeed
<bc2946088> public facing ipmi would be a nightmare
<mcdado> well thanks for your feedback! have a nice day
<bc2946088> dpb1_: I got a response on the bug ( https://bugs.launchpad.net/charms/+source/glance/+bug/1492742 ) -- Do you know if I add some extra drives and redeploy openstack using autopilot, that would increase the number of OSDs which in theory would decrease the number of PGs?  Is that the theory?
<ubottu> Launchpad bug 1492742 in nova-compute (Juju Charms Collection) "charm needs a pg_num cap when deploying to avoid creating too many pgs" [Medium,Triaged]
<dpb1_> bc2946088: I believe it would
<bc2946088> dpb1_: Thanks very much, I'll give it a try.
<dpb1_> bc2946088: I ran into a similar issue where I started to oversubscribe my ceph cluster, I got these warnings, then a few more.
<bc2946088> That makes sense, dpb1_.  I was most confused that a month ago when I first deployed the test cloud, everything was working, but this was before Nagios could be included with autopilot.  At first I thought the warning may have been always there and I was just unaware of it, however, just ignoring the error, I was unable to create any instance volumes in horizon.  I've deployed this so many times making incremental changes, the people at the
<bc2946088> datacenter have no idea what I am doing, but i've been there so much, they obvioulsy think I don't know what I am doing.  :)
<dpb1_> bc2946088: nagios really helps.  Glad that it's showing you more data. :)
<RoyK> bc2946088: you might want to test munin too
<RoyK> or zabbix
<bc2946088> RoyK: I've dabbled with both, the nice part about nagios is, it's deployed automatically and all the instances are configured, it's turnkey, and gives enough information to satisfy my requirement for the moment.
<RoyK> which version of nagios is this?
 * RoyK hasn't been using nagios for years
<Pici>  /25
<bc2946088> I believe with 14.04 LTS the nagios openstack plugin is 1.2, RoyK.
<bc2946088> Actually, that's the plugin version, I think nagios is v3, maybe, but not certain.
<Kaylas> hi, i have ubuntu 15.04, and it will be restarted randomly
<Kaylas> on syslog the last line is "(root) CMD (command -v debian-sa1 > /dev/null && debian-sa1 1 1)"
<Kaylas> suggestion?
<codepython777> I'm trying to create a hotspot on a IntelÂ® Dual Band Wireless-AC 7265 - this is what is giving me trouble. Any suggestions on how to create a wifi-hotspot on ubuntu using this hardware? Or do I need to buy a usb -wifi dongle - if yes, which one?
<codepython777> I need to do this using the command line
<nacc> codepython777: why do you need to do it using the commandline (for reference, there is this: https://help.ubuntu.com/16.04/ubuntu-help/net-wireless-adhoc.html)
<codepython777> nacc: its a commandline server with no ui
<nacc> codepython777: http://dashohoxha.blogspot.com/2013/06/how-to-setup-wifi-access-point-on-ubuntu.html ?
<nacc> codepython777: or could you clarify what "this" is, that's giving you trouble?
<codepython777> nacc: need it for 14.04 or later
<nacc> codepython777: i'm guessing most of the steps will work (on cursory glance)
<codepython777> nacc: Let me try and tell you what happens, booting
<codepython777> AP is not supported by the driver of the wireless card. This script does not work for this driver.
<codepython777> nacc: Let me try another machine
<nacc> codepython777: what script?
<Kaylas> anyone?
<nacc> Kaylas: 15.04 is eol
<codepython777> nacc: the one you showed me for 12.04
<codepython777> http://dashohoxha.blogspot.com/2013/06/how-to-setup-wifi-access-point-on-ubuntu.html
<Kaylas> nacc yeah, i know but i need to investigate, could you gimme me suggestion about that?
<nacc> codepython777: i wouldn't ever run a random script, but that's just me; the steps there clearly state what to do, i would do them manually
<nacc> codepython777: it's possible your hardware doesn't support runing in AP mode
<nacc> Kaylas: syslog is probably not hte right place to look, as it's just the last recorded thing, but if ti's a kernel panic, e.g., then you're not going to record anything.
<codepython777> nacc: on another machine: error: cannot find a LSB script for hostapd
<nacc> Kaylas: if you have another computer, you could try and set up a console, but not sure that'd help -- but since 15.04 is eol, it's easily possible it's some random bug that is now fixed
<nacc> Kaylas: you should move to a supported release.
<nacc> codepython777: what emits that error? what version of ubuntu is on that machien?
<codepython777> nacc: install_wifi_access_point.sh: line 53: /etc/hostapd/hostapd.conf: No such file or directory
<codepython777> 14.04 LTS
<codepython777> sorry 15.10 actually
<nacc> codepython777: as i said, i woulnd't just blindly run the script, i would go through the steps, i don't know what the script they suggest does, although i assume it's similar to the blog post
<nacc> codepython777: weird that there's no /etc/hostapd , is hostapd instaleld?
<codepython777> nacc: http://paste.ubuntu.com/16365897/
<nacc> WARNING: The following packages cannot be authenticated!
<nacc>  hostapd
<nacc> E: There are problems and -y was used without --force-yes
<nacc> update-rc.d: error: cannot find a LSB script for hostapd
<nacc> not sure where you're getting hostapd from
<nacc> but since it didn't get installed, it can't proceed
<nacc> and that script does no error checking
<nacc> as i said, don't just run random scripts
<nacc> especially as root!
<codepython777> nacc: thanks
<nacc> codepython777: i would just go through the steps, so that you know what is being done to the system, from that blog page
<cabbage_hands> Can you guys help me,
<cabbage_hands>  Is there a way to stop effectively everything started by Supervisord ?
<codepython777> nacc: on a laptop I followed that recipe - everything went through , but no ssid! ?
<codepython777> nacc: dhcpd failed
<Heebie> Hello, I'm trying to downgrade a set of packages (ubuntu-zfs)  by a version.  Management wants a specific version that is no longer available in the ppa repository.
<Heebie> I'm having an impossible time getting things to install in-order, or even to install at all. (modules won't compile etc..)  Does anyone know of a good guide for installing specific versions with their specific dependencies?
<coreycb> beisner, the following are ready to promote to kilo-proposed in the UCA: ceilometer, cinder, glance, heat, horizon, keystone, neutron, neutron-lbaas, and nova
<rbasak> Heebie: apt-get install foo=<version> and let apt sort it out? It does need to have all the necessary versions available in its repositories, though, so you might need to create a local one.
<Heebie> the man page says =<package+version>, should it be  package=version ??
<Heebie> I have all the .deb files available to me on my "old" SAN that's borked.. the OS works fine.
<rbasak> Yes.
<rbasak> You can use apt-ftparchive (once for packages, once for release) to create a local apt repository from a bunch of debs in a directory.
<Heebie> hmmm.... never heard of that bit before :)
<RoyK> Heebie: I hope you haven't enabled new feature flags :P
<Heebie> RoyK: No... management is terrified of the fact that if we enable new feature flags, there's no way to roll that back.
<Heebie> rbasak: apt-get install (ubuntu-zfs=7 | ubuntu-zfs-7~precise | ubuntu-zfs-7~precise_amd64)  << all fail with "version <version> of <package> was not found" (even though the .deb files are in /var/cache/apt/archive)
<beisner> coreycb, ack, on it
<blizzow> Give us back UTC as a timezone choice in server!
<blizzow> *during the install.
<RoyK> blizzow: choose ReykjavÃ­k - it's the same
<coreycb> beisner, thanks
<blizzow> RoyK: You can't. It gives you the option based on your keyboard language choice.
<RoyK> blizzow: may even be a bit fun if you autoconfigure the language :)
<blizzow> That's effing moronic.
<RoyK> just a wee workaround :)
<blizzow> Not your suggestion, but the fact that the change has to happen after install.
<beisner> hey coreycb - do you know that status of libvirt-python @ kilo staging -> proposed? http://pastebin.ubuntu.com/16367926/
<RoyK> well, most people have something like configuration management, like ansible or puppet or chef or cfengine or something, and with those, it shouldn't be a big problem standardising things
<coreycb> beisner, I'm not sure of the status on that
<beisner> coreycb, ok, will leave it as-is
<coreycb> beisner, ok
<blizzow> RoyK: I use ansible and I agree it's trivial to make the change. The fact that the change has to happen is what's stupid.
<RoyK> blizzow: there are always stupid changes like that
<RoyK> blizzow: better setup your ansible right, and it won't be an issue
<blizzow> RoyK: That's just NOT how it should work! The installer functionality has been reduced to what end?
<RoyK> blizzow: not my choice - just saying that's the way things are - customisation of the system is better done with a vanilla system
<blizzow> On top of that, let's say I want to screw around and test a new release of ubuntu as a one off and don't want to use ansible/puppet/chef/jumpstart. The functionality to choose UTC as a timezone should be included as that's a pretty damn standard timezone to use on a server! It just makes the post-install process unnecessarily complicated.
<RoyK> blizzow: keep on blurting, or file a bug report - your choice
<blizzow> I will file a bug report but I will blurt in here because whomever made that decision should feel guilty and ashamed.
<beisner> coreycb, ok, pushed all of those to kilo-proposed
<coreycb> beisner, awesome, thanks
<rbasak> Heebie: /var/cache/apt/archive has nothing to do with it. You need to put the debs in a repository listed in sources.list.
<Heebie> rbasak: Oh. =O  I guess that's why you mentioned that ftp-repository bit.  Perhaps I should have looked it up!
<ddellav> coreycb mitaka sru complete: lp:~ddellav/ubuntu/+source/neutron lp:~ddellav/ubuntu/+source/neutron-fwaas lp:~ddellav/ubuntu/+source/neutron-lbaas lp:~ddellav/ubuntu/+source/neutron-vpnaas https://bugs.launchpad.net/ubuntu/+source/neutron-vpnaas/+bug/1580674
<ubottu> Launchpad bug 1580674 in neutron-vpnaas (Ubuntu) "[SRU] mitaka point releases" [Undecided,Invalid]
<coreycb> ddellav, thanks they look good, I made a minor change to the bug #.  do they build ok?
<ddellav> coreycb yep, all builds pass
<coreycb> ddellav, ok pushed and uploaded.  we're going to need that charm fix to test these.
<coreycb> ddellav, mind adding 8.1.0 to the master branches too?  we're in a weird point of the release where we haven't released anything for yakkety so yakkety is basically mitaka right now.
<ddellav> coreycb sure
<coreycb> ddellav, thanks
<coreycb> beisner, can you also promote oslo.messaging to kilo-proposed?  that's new in the past few hours.
<beisner> coreycb, ack, triggered:  oslo.messaging 1.8.3-0ubuntu0.15.04.2~cloud1 --> kilo-proposed
<coreycb> beisner, thanks
<beisner> coreycb, yw :)
<Darkman802> I'm looking to practice with cloud-init before using it on a cloud provider. I'm on a Windows host at the moment and I'm wondering if anyone knows how to get this set up using Virtualbox?
<Darkman802> Or maybe a better question is is it possible to use cloud-init on ubuntu server instead of the cloud images, since getting the cloud images to work on virtualbox is a bit of a pain.
<sarnold> Darkman802: the server team has a uvt-kvm wrapper around libvirt/qemu that you may find more friendly to the cloud images
<Darkman802> sarnold: Thanks, I'll give it a look.
#ubuntu-server 2016-05-12
<devster31> is IPMI equivalent to remote keyboard-video-mouse?
<nacc> devster31: IPMI is a protocol
<nacc> well, a specification of an interface, i guess
<nacc> devster31: it's more about system management (power, status, inventory) -- or at least that's all you can rely on existing by the standard. Implementations can do other things, I think
<nacc> devster31: although I think IPMI 2.0 introduced KVM over IPMI and serial console output
<nacc> via SOL
<devster31> so for example if I see this: IPMI 2.0 with virtual media over LAN and KVM-over-LAN support on a mobo spec, does it mean I can use it as IPMI and also as remote kvm?
<nacc> devster31: give or take how good that mobo's bios support is for IPMI, i suppose so -- i'm not that hw vendor or a hw certifier, though
<connor__> I have a server and it was working perfectly until I moved it to different home and connected it to the new router via ethernet. Now it doesn't seem to connect to the internet.
<connor__> Does anyone have any troubleshooting advice?
<mjmaisey> Hi, was just wandering if anyone was triaging bugs at https://bugs.launchpad.net/cloud-images ?
<mjmaisey> The process for building cloud images seems to have changed signficantly since Trusty and the current Vagrant image is nigh on unusable (IMO) due to https://bugs.launchpad.net/cloud-images/+bug/1565985, which has been in undecided/unassigned status for over a month
<ubottu> Launchpad bug 1565985 in cloud-images "vagrant vb ubuntu/xenial64 cannot mount synced folders" [Undecided,New]
<mjmaisey> Meanwhile according to stats at https://atlas.hashicorp.com/ubuntu/, approx 25k people per day are downloading the image and presumably having a rather poor experience
<mjmaisey> That relates to the Xenial Vagrant box, by the way
<jamespage> coreycb, https://bugs.launchpad.net/barbican/+bug/1580920
<ubottu> Launchpad bug 1580920 in Barbican "unit test execution requires oslo.messaging >= 5.0.0" [Undecided,New]
<jamespage> CI +++
<adac> Would you say that also SShH should only be accessibe trough VPN?
<adac> *SSH
<adac> I'm thinking of moving my server completely behind a VPN
<jamespage> coreycb, ddellav: aodh and ceilometer fixes for newton
<jamespage> barbican has an unexpressed minimum version requirement for oslo.messaging - bug raised upstream and noted in description of build records...
<jamespage> build testing cinder fixes now...
<coreycb> jamespage, thanks
<coreycb> beisner, when you get a moment, the following are ready to promote to liberty-updates in the UCA:  cinder, neutron, neutron-*aas, and nova
<coreycb> bug 1569502
<ubottu> bug 1569502 in Ubuntu Cloud Archive liberty "[SRU] liberty point releases" [Undecided,Fix committed] https://launchpad.net/bugs/1569502
<SpacePenguin> hi
<SpacePenguin> is there a way to install ubuntu server without a user account (root only)?
<SpacePenguin> i can't find that option in the installer
<rbasak> I don't remember the installer letting you do that either. You can always delete the user afterwards, or install without the installer.
<SpacePenguin> ok, thanks. i guess i'll have to delete the account after installation..
<jamespage> coreycb, this is interesting:
<jamespage> -cryptography>=1.0 # BSD/Apache-2.0
<jamespage> +cryptography!=1.3.0,>=1.0 # BSD/Apache-2.0
<jamespage> causes dh-python to barf
<jamespage> that's causing build failures for glance, keystone >= xenial
<coreycb> jamespage, that's strange, 1.3.0 isn't in xenail or yakkety
<jamespage> coreycb, no its the formatting of requirements that seems to be the problem
<coreycb> jamespage, so must be dh_python guessing dependencies doesn't like that for some reason
<jamespage> not the specific version
<jamespage> coreycb, dh_python is adding != 1.3.0 to the version it generates - not sure why...
<coreycb> jamespage, that's interesting, must be something new with dh_python because I didn't hit any issues like that in xenial
<jamespage> coreycb, think about that :-)
<coreycb> jamespage, yeah you're hitting it in xenial
<jamespage> coreycb, the change in requirements came in since glance released...
<jamespage> so 1.3.0 has security problems I guess - so upstream excluded it
<jamespage> dh_python in xenial reacts like this
<coreycb> jamespage, well right but other projects have != usage is what I'm saying
<rbasak> Odd_Bloke: FYI, I just filed bug 1581046 and bug 1581044
<ubottu> bug 1581046 in cloud-images "No CI for inadvertent conffile modifications" [Undecided,New] https://launchpad.net/bugs/1581046
<ubottu> bug 1581044 in cloud-images "Images ship with modified conffiles" [Undecided,New] https://launchpad.net/bugs/1581044
<Odd_Bloke> rbasak: Thanks, taking a look now. :)
<jamespage> coreycb, beisner: do those liberty updates still need shoving out of the door? can do them now
<coreycb> jamespage,  yes please
<jamespage> coreycb, running now - excluding qemu as that's not fix released in distro yet
<coreycb> jamespage, thanks
<jamespage> coreycb, I'll nudge up staging->proposed once these are clear as well
<coreycb> jamespage, thanks.  for the dh_python, there are other != in glance's requirements.txt too but they don't have any issues.  that is odd.
<jamespage> coreycb, yah poking now
<devster31> hi people, I'm having issues booting the ubuntu-cloud-image vmdk
<devster31> I downloaded it and imported in virtualbox but it tells me: failure writing sector 0x1a8830 to hd0
<jamespage> coreycb, poking at heat now - have a dh-python fix in the pipe as well
<coreycb> jamespage, awesome, what was the dh-python issue?
<jamespage> coreycb, not 100% sure but updating it to never use != as an operator
<jamespage> it already ignores ==
<coreycb> jamespage, well that should do it
<jamespage> coreycb, https://launchpad.net/~james-page/+archive/ubuntu/yakkety/+build/9732727 is the test build
<jamespage> coreycb, that fix for dh-python worked - I need to checkin with the debian maintainer
<jamespage> but we'll prob want to SRU that as well
<coreycb> jamespage, ok, yes that would be good.
<coreycb> jamespage, I'll take keystone for newton if you haven't touched that yet
<jamespage> coreycb, that will be a bigger piece - its needs the switch to apache wsgi by default
<jamespage> so thankyou :-)
<coreycb> jamespage, perfect, I have that done already locally
<rbasak> smoser: have you seen bug 1580534? I have a patch for you there.
<ubottu> bug 1580534 in simplestreams (Ubuntu) "Signature verification is too slow" [Undecided,New] https://launchpad.net/bugs/1580534
<smoser> rbasak, what is your system ?
<rbasak> smoser: that was on diglett
<rbasak> smoser: it should still be reproducible on diglett. My fix is only in a working tree (and I set PYTHONPATH)
<lfrlucas> Hi, I installed ubuntu server 14.04 2 years ago and then kubuntu deskop package
<lfrlucas> Today I upgraded to 16.04 and I want to remove kubuntu desktop stuff
<lfrlucas> is it possible to return to ubuntu server packages
<lfrlucas> what is the minimal set of packages that come with ubuntu server
<genii> !pureserver
<genii> Hm
<rantic> Hi everyone, with the introduction of ubuntu server 16.04, if I choose to setup a LAMP stack. What is the difference between install packages such as php, php-xml,php-gd and php7.0,php7.0-xml etc?
<rantic> it appears the php package is already at php 7.x anyways
<sdeziel> rantic: the packages without 7.0 in their names are virtual packages pulling the real ones (those with 7.0 in their names)
<jamespage> coreycb, fixed up swift for newton
<coreycb> jamespage, awesome. I just pushed nova for mitaka and started to rebuild it in jenkins.
<jamespage> coreycb, I can see our two executors are going to be a bottleneck
<coreycb> jamespage, yeah.. I see it's waiting now
<smoser> rbasak, pulled. thank you. and verified.
<smoser> http://paste.ubuntu.com/16377613/
<rbasak> smoser: interesting how much better Python 3 is!
<rbasak> smoser: I'm happy to drive a Xenial SRU. Shall I do that?
<smoser> i was surprised at python3 being faster too.
<smoser> SRU is good. yeah.
<Apocope> I'm trying to use Icinga under xenial. I install it and go to $SERVER/icinga and the menu on the left is visible and then disapears. Same thing if I do $SERVER/icinga/menu.html. Can anyone help? Is this the right place to ask?
<rbasak> smoser: I prepared an SRU, but I guess we should wait until it's fixed in Yakkety. No major rush, I can work around for now.
<smoser> rbasak, uploaded simplestreams_0.1.0~bzr430-0ubuntu1.dsc
<smoser> danilo was hoping to get srus for the other two bugs in that upload
<bc2946088> Anyone around that can help me debug why autopilot fails trying to deploy ceph?  Initially I've been able to deploy but ran into the pg limit which then was causing ceph to fail after openstack was deployed, so I broke down the systems, added another physical node with 3 hard drives, and have now tried to deploy openstack with autopilot and it fails.  http://imgur.com/R8DDt6B
<bc2946088> Actually I think it is related this this bug... https://bugs.launchpad.net/charms/+source/ceph/+bug/1420094
<ubottu> Launchpad bug 1420094 in ceph (Juju Charms Collection) "Ceph install fails by using removable devices" [Medium,Triaged]
<bc2946088> This particular server has a small drive listed that I removed from maas, hoping to avoid this issue but it still appears to grab all the disks in the machine even if they are removed from maas.
<bc2946088> It's picking up not a cdrom, but a virtual floppy.  Any work around?
<rbasak> smoser: thanks. I uploaded the SRU.
<rbasak> smoser: oh, and I just read your next message. Sorry.
<rbasak> smoser: I'm EOD. I can ask for a queue reject if you want?
<smoser> nah. i told danilo to write sru text and stuff if he wants to push.
<rbasak> OK, thanks.
<bc2946088> If anyone was reading my dilema, I have a feeling I have fixed it.  The virtual drives are controlled by the DRAC, I disabled them in that configuration and believe I'll be able to successfully deploy again.  I just needed to talk to myself for 10 minutes.
<hallyn> smb: arges: dude, so the libvirt 1.3.4 merge from debian was just a piece of cake (completely untested, mind  you :) using git cherrypicks from debian's git tree.  yay
<arges> hallyn: ah 1.3.3 is in proposed still?
<hallyn> arges: yeah, probably neds some admin love for the new binary packages
<hallyn> hm, odd, for some reason git wants to rewrite a bunch of stuff that should be commone with the sid tree i already uploaded.
<arges> hmm don't see it in the new queue... looking at excuses
<hallyn> i'm on a hotspot so will have ot wait then
<arges> yea see lots of regressions http://people.canonical.com/~ubuntu-archive/proposed-migration/update_excuses.html wonder if that's blocking it
<arges> i should probably update libvirt-python
<hallyn> has debian updated it?
<arges> yea my name is on the merge for now
<hallyn> ah.  but to 1.3.4-1.  i think with 1.3.3-2 they were still on th eold version
<trippeh> heh, bios update broke dmidecode in 16.04. too new smbios.
<hallyn> arges: in fact that's the one testsuite which did not fail right? :)
<arges> hallyn: yea oddly enough
<arges> hallyn: do we have a merge bug# for libvirt... miught be useful to track fixing the regressions
<hallyn> yeah someone probably opened one at some point
<hallyn> dpkg: error processing archive /var/cache/apt/archives/libvirt-dev_1.3.3-2ubuntu1_amd64.deb (--unpack):
<hallyn>  trying to overwrite '/usr/share/libvirt/api/libvirt-qemu-api.xml', which is also in package libvirt-daemon 1.3.3-2ubuntu1
<hallyn> surprising.  oh feh!  i guess i was testing libvirt-bin upgrades, but not really libvirt-dev
<arges> https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1558857
<ubottu> Launchpad bug 1558857 in libvirt (Ubuntu) "Upgrade to latest stable version v1.3.3" [Undecided,Confirmed]
<hallyn> sounds like a bad .install file
<hallyn> arges: well this will suck for branch mgmt, but 2016-05-12/yakkety branch of lp.net/~libvirt-maintainers/ubuntu/+source/libvirt has the new 1.3.4 merge
<hallyn> arges: i'm really happy with how trivial it was.  makes the last merge worthwhile
<hallyn> no really - why the heck is /usr/share/libvirt/api/libvirt-qemu-api.xml in libvirt-daemon ?  not supposed to be
<arges> hallyn: ok
<hallyn> ok what?
<hallyn> in fact our rules file has:
<hallyn>         # Don't ship api files in the daemon package
<hallyn>         rm -r debian/tmp/usr/share/libvirt/api/
<hallyn> oooh,
<hallyn> that is a bad delta from debian - supposed to be debian/libvirt-daemon/usr/share/libvirt/api/
<hallyn> and there's one other such line
<hallyn> arges: does the last commit in branch ubuntu/yakkety look right to you?
<arges> hallyn: let me take a look
<hallyn> hang on, git is being retarded
<hallyn> ugh it's jus thanging on talking to lp now
<hallyn> i just pushed 5m to another branch 5 minutes ago, so why...
<hallyn> huh, hangs on
<hallyn> [pid 23053] connect(3, {sa_family=AF_INET, sin_port=htons(22), sin_addr=inet_addr("198.105.244.64")}, 16
<sdeziel> hallyn: unable to get there either
<hallyn> i assume it's a dns issue ...  are you going to that ip address, or to git.lp.net?
<hallyn> arges: screw it, i'm just uploading what should be the fix - it's broken in archive anyway, let's see if this fixes it
<sdeziel> hallyn: I tried the IP. There are no a/aaaa for git.lp.net
<stgraber> stgraber@dakara:~$ host git.launchpad.net
<stgraber> git.launchpad.net has address 162.213.33.95
<stgraber> git.launchpad.net has address 162.213.33.96
<stgraber> stgraber@dakara:~$ ssh git.launchpad.net
<stgraber> No shells on this server.
<stgraber> Connection to git.launchpad.net closed.
<stgraber> so does seem to be responding fine here
<arges> hallyn: sounds good
<hallyn> yeah but at a different address
<sdeziel> works when lp is expanded :)
<sdeziel> hallyn: 198.105.244.64 seems to be related to search-error.com
<hallyn> stgraber: http://paste.ubuntu.com/16380088/
<sdeziel> I'd check your DNS
<hallyn> sdeziel: gr
<hallyn> thx
<bc2946088> good lord...  all that and I still don't have enough OSDs -- too many PGs per OSD (337 > max 300)
<ogra_> why would one want so many on screen displays anyway
<ogra_> :P
<hallyn> whiplash
<bc2946088> I wish that was my problem, I could do away with a couple on screen displays, no problem
<synchronet> whats happened to php5-curl guys
<synchronet> cant install it?
<bc2946088> are you using 16.04?
<synchronet> yeah, fresh install
<synchronet> -de and curl fine
<synchronet> gd
<bc2946088> you've removed php7 and put the ondrej ppa in and installed php5 that way?
<synchronet> wp sites need it
<synchronet> ouch
<synchronet> my fault
<bc2946088> you can just use php-curl I think
<bc2946088> if you;re actually on 7
<synchronet> thts probaly it
<synchronet> let me check
<synchronet> Zend Engine v3.0.0, Copyright (c) 1998-2016 Zend Technologies
<synchronet>     with Zend OPcache v7.0.6-dev, Copyright (c) 1999-2016, by Zend Technologies
<bc2946088> yeah, zend 3 is php7, 99% anyway
<synchronet> ty
<bc2946088> try php-curl
<synchronet> done that, its ok
<synchronet> life is a learning thing
<synchronet> just scared of sites breaking if I update clientd
<synchronet> will stick with 14.04
<synchronet> dont like surprises
<bc2946088> yeah, php5 is quite a leap to php7
<synchronet> slow down guys ;)
<bc2946088> however, performance gains show it's worth it...
<synchronet> ty you guys
<bc2946088> :)
<synchronet> 2019 eol on 14.04 is pretty cool
<synchronet> retiring soon anyway, things are getting well complicated :)
<bc2946088> It's funny, synchronet...  Things really are getting easier, but the field is widening, so much rapid development from every angle, more stuff to stay on top of.  Just look at the virtualization platforms, so many to pick from.  Luckily LXC makes the choice easy.  :)
<devster31> hi again, can anyone help me figure out what I'm doing wrong? I downloaded one of the cloud images from the ubuntu site, the one in vmdk format, I imported it with virtualbox but the boot process stops after random: nonblocking pool is initialized
<sarnold> that happens at more or less random times during the boot process; what happened before that/
<devster31> it goes very very fast and I don't know how to scroll up, but it seems it's looking for the hardware, searching for raid arrays and logical volumes and it consistently shows up last for me, right after a btrfs message, I'll boot again and copy it
<sarnold> shift page-up usually does the trick, but if it's -dead-, that might not do it :)
<devster31> it works but it keeps going back to the bottom where there is the cursor, the messages before relate to md Btrfs loaded, ahcpi and other hardware
<devster31> scsi ata and he rest
<sarnold> try ^S first, then the shift page up.. when you're ready to resume, ^Q
<coreycb> jamespage, nova mitaka is fixed but blocked on the dh-python failure. do you have an sru in progress?
<devster31> ^S doesn't stop the console, and that still isnt' the issue, cause every time it gets stuck at the same point
<devster31> ok, I managed to create a pipe from the guest to the host with putty, now I can debug
<devster31> alright, cloud-init is clogging the thing with "network is unreacheable"
<hallyn> arges: so how often does http://people.canonical.com/~ubuntu-archive/proposed-migration/update_excuses.html get updated?
<stgraber> once a publisher cycle which isn't a particularly fixed amount of time :)
<hallyn> hm k
<sarnold> oh: I thought publishers ran on :04 after the huor except around 4am UTC or something similar?
<hallyn> http://people.canonical.com/~ubuntu-archive/proposed-migration/update_excuses.html   what does "not considered" mean?
<hallyn> oh i guess jus tthat testing hasn't started yet
<hallyn> or, just noise :)
<arges> test is in progress
<hallyn> arges: yeah but those were not showing up yet.
<hallyn> there was only 'not considered' - which seemed weird
<hallyn> zul: https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-yakkety/yakkety/ppc64el/n/nova/20160512_193759@/log.gz   ugh, not sure what nova-compute-libvirt is
<hallyn> oh yay, some tests are passing
<hallyn> big step up
<arges> looks like nova aint' doing so good
<arges> its breaking my python-libvirt upload too
<hallyn> the failure seemed to be something about libeatmydata
<hallyn> new dependency needed for nova-compute-libvirt?
<hallyn> pinged zul on it a short while ago ^
<hallyn> what the....
<hallyn> function virTypedParamsAddString from /home/ubuntu/libvirt/docs/../include/libvirt/libvirt-common.h redeclared in /home/ubuntu/libvirt/debian/build/docs/../include/lib
<hallyn> virt/libvirt-common.h
<zul> hallyn: did the libvirt group change?
<hallyn> zul: yeah
<zul> hallyn: to what?
<hallyn> if it pre-exists then it continues as an alias, but th enew one is 'libvirt
<hallyn> and on new installs libvirtd does not get created
<zul> hallyn:nova-compute probably needs to be updated then
<zul> coreycb: ^^^^
<hallyn> ok - so obvious in retrospect :)
<hallyn> i'll take a look tomorrow if need be, but if coreycb can do it that would be awesome
<hallyn> i'm about to run out
<hallyn> \o
<lfrlucas> do you think that changing the list of "apt-mark showmanual" setting only the same packages as a new installed ubuntu, my 3 year old instalation will became clean with the same packages of a new ubuntu instalation?
<jayjo_> Sorry for off topic question, not sure where to ask this (I will go there if there is better place). Does anyone know how I would go about getting invited to the channel ##security ? I feel like there's a potential for a userbase in this channel
<ianorlin> !register |jayjo_ is what you need to do
<ubottu> jayjo_ is what you need to do: Information about registering your nickname: https://help.ubuntu.com/community/InternetRelayChat/Registration - Type Â« /nick <nickname> Â» to select your nickname. Registration help available by typing /join #freenode
<RoyK> !bfs
<RoyK> !cfs
<catbus1> Dear Ubuntu Server team, two of Canonical's technology partners encountered an issue with base-installer while they are setting up pxe servers to deploy 16.04. bug 1575652. Can someone please take a look?
<ubottu> bug 1575652 in live-installer (Ubuntu) "PXE install prefixes /cdrom to squashfs location, fails to find it" [Undecided,Confirmed] https://launchpad.net/bugs/1575652
<bindi> i just installed 16.04 on a hyperv vm (gen2), and used encrypted lvm partinioning, it booted fine, i did updates, and during the updates it said w: mdadm /etc/mdadm/mdadm.conf defines no arrays
<bindi> now it doesnt boot anymore :p
<bindi> well i got it into grub somehow
<RoyK> bindi: do you need md arrays with that vm?
<bindi> no, im gonna test out the setup that im gonna do on a physical box, encrypted root disk and zfs raidz1..
<bindi> but if this is what's going to happen, kinda scared to do it :p
<RoyK> then md isn't even related
<RoyK> that message from mdadm is normal
<bindi> you sure? i googled and found related problems that made things unbootable
<RoyK> yes, it's normal
<RoyK> most of my systems tell me that
<bindi> well it doesnt boot either way (and i've never seen that error before)
<sarnold> you shouldn't be scared to try things in a vm :) that's part of what its there for :)
<RoyK> md is just started by default, and gives that warning if it doesn't find any md devs configured
<bindi> no, i'm scared to do it to the physical box
<RoyK> bindi: it'll probably work fine
<bindi> pfft
<bindi> i haven't even got to try zfs in this vm :p
<RoyK> md won't be an issue
<RoyK> really
<bindi> it doesnt booooooooot
<RoyK> zfs might be one, though
<RoyK> ;)
<bindi> i ran zfsonlinux on 12.04 :D
<RoyK> tbh, I've never ran zfs on the root on linux, only on solaris/openindiana
<bindi> i'm not gonna run zfs on root
<bindi> lvm encrypted whatever the installer gives you
<sarnold> bindi: if you want to run zfs on root you should check out rlaager's howto
<sarnold> oh :)
<bindi> so, care to help me with the non-booting vm? :P
<bindi> oh now it boots
<bindi> lel
<bindi> i think it wanted a passphrase for the encrypt but i didnt see anything, i just typed the pw and hit enter and magic happened
<sarnold> ah that sounds familiar
<bindi> how complicated does it get if i want to ssh to type that password? :P
<bindi> found something
<bindi> meh cba :D
<RoyK> ssh keys?
<sarnold> catbus1: that's filed against live-installer, are you sure that's the right source package? should it be debian-installer or ubiquity instead?
<catbus1> sarnold: I think it should be debian-installer. but I was pointed to that bug that Leo and Jeffrey googled to find out.
<sarnold> cyphermox: is 1575652 filed against the right thing? is there a better package to blame? :) thanks
<nacc> LP: #1575652
<ubottu> Launchpad bug 1575652 in live-installer (Ubuntu) "PXE install prefixes /cdrom to squashfs location, fails to find it" [Undecided,Confirmed] https://launchpad.net/bugs/1575652
<bindi> hmm, I found a custom script for handling luks + zfs, how can I start some services after i've ran this script
<bindi> add service x start to the script and make them manual (how?)?
<bindi> echo manual | sudo tee /etc/init/SERVICE.override
<bindi> sounds good yes? :P
<sarnold> that's upstart
<sarnold> not systemd
<sarnold> https://wiki.ubuntu.com/SystemdForUpstartUsers suggests the closest thing to the manual directive is "systemctl disable foo.service"
<bindi> systemctl disable SERVICE.service and systemctl start SERVICE.service then :p
<RoyK> it'd be nice with zfs encryption one day :P
<bindi> imma try it out
<sarnold> RoyK: mmm that'd be nice.
<RoyK> or systemctl stop SERVICE.service
<RoyK> and systemctl start
<RoyK> that is - is luks started before zfs?
<RoyK> perhaps there's some messup in the systemd config
<bindi> hmm?
<bindi> i dont want to run transmission before i've unlocked the drives
<bindi> it goes apeshit if it runs and doesnt find the files :P
<RoyK> not talking about transmission
<RoyK> but luks - perhaps zfs tries to start before it
<bindi> works :p
<bindi> another question, can i have the automatic partitioner not make a swap partition?
<bindi> i really think there should be a simple tick box for that, i'd rather not run the whole process by hand
<bindi> http://askubuntu.com/questions/623814/install-ubuntu-15-04-with-full-disk-encryption-but-without-swap-partition
<bindi> guess i gotta try that in a vm as well :p
#ubuntu-server 2016-05-13
<LaserAllan> hey guys how do i check what kind NIC i have on my system?, i am gogin to install ESXI on the system and so i need to know what NIC i ahve exactly, iknows its not an intel so i need to downlaod the correct drivers the VMware iso so it will be supported.
<ianorlin> LaserAllan, what os do you have on there now?
<ianorlin> if it is ubuntu server or another unix I would use lspci
<LaserAllan> ianorlin: Well currently I have Linuxmint on it but I want to put ESXI on it so i can have more vms
<ianorlin> LaserAllan, well you can use lspci from linuxmint
<LaserAllan> oh you mean nic
<LaserAllan> I know its a realtek
<LaserAllan> ah thanks i got a blackout there for a second
<LaserAllan> :)
<ianorlin> ok you answered your own question
<bindi> how can i open a shell during the ubuntu server installation?
<ianorlin> bindi, alt f2
<bindi> ah, ctrl alt f2
<bindi> :p
<ianorlin> although that is a bit limited
<bindi> shouldve just tried it before asking <.<
<bindi> is it?
<bindi> i need to do some partitioning
<ianorlin> for example ubuntu-bug from there won't work
<ianorlin> ah command line partitioning might
<sdeziel> LaserAllan: there is also KVM/libvirt to run VMs if you want to stay in known territories
<bindi> fdisk not found :p
<sdeziel> bindi: IIRC parted should be available
<bindi> parted not found either
<sdeziel> oh
<nacc> you probably need to be far enough along in the installer that hte partitioner is loaded
<bindi> lets see
<sdeziel> that would explain why I could swear I was using parted at some point :)
<bindi> nope
<bindi> im in partman and nada
<sdeziel> with Xenial, I prefer fdisk now that it properly supports GPT
<nacc> parted might need to be installed in the installer environment, dunno what's there by default
<ianorlin> nacc not much
<nacc> ianorlin: ack, that's my recollection too
<bindi> udpkg -i /cdrom/pool/main/p/parted/parted-udeb_3.2-15_amd64.udeb
<bindi> hmm :p
<bindi> yey
<bindi> now how do i drive this
<bindi> ugh
<bindi> i've never used lvm before
<bindi> http://bindibox.net/ul/2016/05/13/5735203b076f0.png i did this and now im looking at http://bindibox.net/ul/2016/05/13/5735204b24919.png
<bindi> is this almost right? i think i want to resize the #2 under SCS3I to 5GB
<bindi> but how :P
<bindi> http://askubuntu.com/questions/623814/install-ubuntu-15-04-with-full-disk-encryption-but-without-swap-partition trying to apply this to server install
<bindi> oh i should've done that in parted
<bindi> derp
<bindi> i still dont get it, ugh
<bindi> You need to make an ESP (sda1) (if you use EFI+GPT), a boot partition (256MB for example, sda2), another partition (for example, sda3) that will hold the crypted container called LUKS.
<bindi> i made the last two
<bindi> ahha, got it i think
<bindi> http://bindibox.net/ul/2016/05/13/57352abb5c75b.png
<bindi> i disabled my swap and now its stalling on the last command :p
<bindi> ahha, had to edit fstab
<coreycb> hallyn, arges, zul: I'll look at nova
<hallyn> coreycb: thx
<hallyn> coreycb: though at this point really it's the only holdup and yeah probably my fault.  i assume you'll need to check whether libvirtd exists, and if not use libvirt
<cyphermox> sarnold: live-installer sounds like the right place; I'll check this out.
<sarnold> cyphermox: heh, one of these days I swear I'm going to understand all the installers we've got :) thanks
<cyphermox> sarnold: if you take too long you're risking we add pieces ;)
<sarnold> ahhhhhhh!
 * sarnold runs away
<cyphermox> seriously though, don't sweat it, I'm taking care of the installers, I'm happy to reassign stuff as I find out that it calls some other piece somewhere else
<sarnold> cyphermox: which packages do you follow the bugs on?
<sarnold> (maybe that's too many... which -installers-? :)
<cyphermox> all the installers
<cyphermox> all your installers are belong to us.
<sarnold> heheheh
<sarnold> thanks cyphermox :)
<halvors> Hi. I'm trying to setup a VTI interface with IPv6.
<halvors> What i've done is that i've added a tunnel interface.
<halvors> ip -6 tunnel add vti1 local fd00::1 remote fd00::2 mode vti6 key 1
<halvors> I use strongswan for IPsec terminated in another VTI interface on the other end of the tunnel.
<halvors> Everything seems to work fine, the problem is that the tunnel keep dropping packets and is getting collisions.
<halvors> When doing the same for IPv4 everything works just fine.
<halvors> I also keep getting this message in dmesg: [31370.460037] vti7: Local routing loop detected!
<halvors> Where vti7 is my vti interface. vti1 in the command where i added the tunnel was just an example.
<halvors> Anyone able to help me with this?
<UbuntuDude> hey guys, I've couple of questions: Where can I find a 1st time installation ubuntu web server tutorial? is there a better apache server configuration tool than ApacheGUI?
<sarnold> halvors: check ip route output on all machines and see what you can see?
<sarnold> UbuntuDude: https://help.ubuntu.com/lts/serverguide/web-servers.html
<halvors> sarnold: Cannot find anything wrong here:
<halvors> Router01: http://pastebin.com/vajuequ4
<halvors> Router02: http://pastebin.com/MHq16Y0r
<halvors> 172.16.0.1 is router01 and .2 is router02
<sarnold> halvors: hmm. i've never done this before :) but I wonder if those shold be /32 routes instead
<UbuntuDude> I'm trying sudo apt-get install dkms in order to install Vbox guest additions but it keeps saying unable to locate package dkms!
<sarnold> UbuntuDude: did apt-get update give any errors?
<halvors> sarnold: How do i do that.
<sarnold> halvors: no idea
<LaserAllan> hey guys, if i have lets say a folder where half is 720p and the other half is lets say 480p those are in the actual filenames, can i do a command that will basically delete all the 480p files?
<thekrynn_> rm *480p*
<thekrynn_> i would do a ls *480p* first
<thekrynn_> just to make sure
<LaserAllan> thekrynn_: ok lemme do that then :)
<Guest22471> hello i am on ubuntu 14.4
<Guest22471> how can i had my own dns ?
<Guest22471> i need to configure my own dns
<Guest22471> something like ns1.dahliaco.com and ns2.dahliaco.com
<Guest22471> how can i do that ?
<Guest22471> someone please help me
<RoyK> Guest22471: just setup bind
<RoyK> !bind
<RoyK> https://www.howtoforge.com/tutorials/bind/
<RoyK> perhaps
<jrwren> there is also a bind chapter in server guide IIRC
<jrwren> https://help.ubuntu.com/stable/serverguide/dns.html
<jonah> hi can anyone please help. For some reason I can't start mysql on my ubuntu server. It was working great and then I updated a kernel, then I couldn't boot so I removed the latest kernel. But now my websites won't load up and mysql is reported to not be running!
<jonah> i get this error when I try to start it start: Rejected send message, 1 matched rules; type="method_call", sender=":1.11" (uid=1000 pid=5685 comm="start mysql ") interface="com.ubuntu.Upstart0_6.Job" member="Start" error name="(unset)" requested_reply="0" destination="com.ubuntu.Upstart" (uid=0 pid=1 comm="/sbin/init")
<rbasak> jonah: what do the logs say?
<JanC> jonah: Ubuntu 16.04 ?
<jonah> rbasak: which log should I check sorry?
<jonah> JanC: yes 16.04.3
<JanC> eh
<JanC> that doesn't exist
<JanC> I assume you mean 14.04.3 then
<jonah> JanC: sorry I meant 14.04.3, it's the last lts
<jonah> JanC: yes sorry!!
<rbasak> That error suggests that you are not root.
<jonah> rbasak: when I try with sudo on front I just get "Job failed to start"
<JanC> you probably need to look at upstart & mysql logs then
<jonah> JanC: can you please give me any help to guide me. I checked var/log/mysql.log but it's empty...
<jrwren> what does /var/log/upstart/mysql.log say?
<bindi> ello, i got iptables and dnsmasq up and running, but now dns doesnt work locally or on other boxes, they do get an ip from the machine though
<bindi> http://hastebin.com/alepanavaw.sm
<bindi> i dont even know how to tackle this :p http://hastebin.com/tivibiqovu.pas
<jonah> jrwren: ah looks like diskspace prob possibly??
<jonah> Checking for tables which need an upgrade, are corrupt or were
<jonah> not closed cleanly.
<jonah> /proc/self/fd/9: ERROR: The partition with /var/lib/mysql is too full!
<rbasak> /var/log/mysql/error.log is the usual place on Debian and Ubuntu.
<Guest22471> hello
<jonah> rbasak: 160513 14:18:58 [Warning] Disk is full writing './yorkshire/modx_session.MY
<Guest22471> how can i had my own dns while i am on ubuntu 14.04 my domain is dahliaco.com i need something like ns1.dahliaco.com and ns2.dahliaco.com
<Guest22471> please say me a reference for that
<jonah> does anyone know which temp folder I can clear out to get mysql back up and running?
<sdeziel> jonah: clearing out old/unused kernels and running 'apt-get clean' should reclaim some space
<rbasak> baobab is a nice tool to work out what is using space. Run it on a desktop machine and it'll speak ssh to your server.
<jonah> sdeziel: apt-get autoclean is already cleared out
<jonah> ah found the problem it was my tmp folder, I've cleared it out and backup and running now
<rattanakorn> help
<rattanakorn>  how i access horizon gui on lxd openstack with on another subnet ?
<bindi> I see my queries in syslog but still windwos says "query refused"
<hallyn> coreycb: so in addition to group libvirtd switching to group libvirt, we have libvirt-bin.service renamed to libvirtd.service
<coreycb> hallyn, ok
<hallyn> coreycb: are you working o this now?
<hallyn> coreycb: actually, the *upstart* job has not been renamed,
<coreycb> hallyn, yes, unfortunately nova finally just built with the first fix :)
<hallyn> so that may make things easier for you
<hallyn> doe snova even have a systemd service?
<hallyn> or do you have to fix it in sysvinit?
<coreycb> hallyn, yes it has upstart and systemd
<coreycb> let me check
<coreycb> hallyn, this will be interesting because we need support for both libvirt-bin.service and libvirtd-bin.service since we backport the the xenial cloud archive
<coreycb> unless we backport libvirt
<hallyn> well i assume you will backport libvirt :)  but, the libvirtd.service has 'Alias: libvirt-bin.service.'
<hallyn> so that *might* suffice
<hallyn> (except that in my test, 'systemctl status libvirt-bin' didn't work)
<coreycb> hallyn, so we can probably stick with libvirt-bin
<hallyn> coreycb: for now, though.  that alias is intended for transitioning.
<coreycb> why did that test fail?
<coreycb> hallyn, ok
<coreycb> hallyn, I'll leave it as is for now and sync with james on monday, he's out today
<hallyn> coreycb: bc http://paste.ubuntu.com/16390766/
<bindi> ugh, still no go with dnsmasq + iptables, server cant find addresses. anyone? :P
<bindi> dns doesnt work locally on the box with dnsmasq either
<hallyn> coreycb: ok...  it's preventing libvirt from migrating :(  and i might wanna push libvirt 1.3.4 :)
<hallyn> lemme ask pitti about the alias not working
<hallyn> thanks coreycb
<coreycb> hallyn, I guess I'm not sure why that test fails if there's an alias defined
<coreycb> hallyn, 'systemctl status libvirt-bin.service' should work right?
<hallyn> coreycb: i would think.  that's why i'm pinging pitti on #ubuntu-devel
<coreycb> hallyn, ok. sorry missed your previous comment about asking pitti.
<nacc> rbasak: looking at this bug, the issue for drupal7 seems mysql related, is this a 5.7 upgrade issue? LP: #1576969
<ubottu> Launchpad bug 1576969 in drupal7 (Ubuntu) "package drupal7 (not installed) failed to install/upgrade: subprocess installed pre-removal script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/1576969
<rbasak> nacc: yes, could be. I'll tag it and review with MySQL upstream.
<nacc> rbasak: thank you!
<hallyn> so far so good on the qrt run on libvirt 1.3.4...  mayb ei'll push it tonight
<Goug> Hi - can you please recommend a light and secure mail server easy to setup on Ubuntu 16.04 Server?
<Sling> Goug: postfix/dovecot is a nice combo
<Sling> finish it off with spamassassin, roundcube, sieve
<JanC> e-mail is never "easy to setup"
<Sling> and if it's easy, you probably are now hosting some open relay ;)
<Goug> Sling, I have a VPS with only 1gb ram - will I be able to set it up wit hthat and Apache and mysql ?
<Goug> open relay ?
<JanC> depends on what you want to do with Apache & MySQL
<Sling> Goug: thats plenty for a personal/testing setup
<Sling> don't use it for anything production-like or expect high performance though
<Goug> tbh - I just want to create more than 1 email as offered by the current .com bundle - set up a test website I am working on - php+sql+javascript
<Goug> jsut for testing purposes
<Goug> then I can upgrade to a bigger server
<JanC> should be fine then
<bc2946088> you'll be fine, however, imho running a mailserver for a single/couple users, rarely seems worth the trouble
<JanC> assuming more "than one" doesn't mean 1000 mail users ;-)
<Sling> i run my own mailserver just because I want to be in control of my own mailflow :)
<Goug> I think I will need the mail server also if the website I am creating will require email confirmations right ? like when you create new username and password resets ?
<Goug> can I use the same one ?
<Sling> sure
<Sling> you'd tell it to use 'localhost' to deliver mails
<JanC> yes, I do all that for a forum
<sdeziel> Goug: for those simple needs, I tend to use ssmtp that relays to Google or another provider
<Goug> sdeziel, can you explain like im 5 please :D
<JanC> sdeziel: that's not useful for receiving mail, I think
<bc2946088> You just need a smtpd installed, however, a outsourcing that will cost pennies on the dollar
<sdeziel> JanC: Goug: indeed, ssmtp is only for outbound
<JanC> and Goug wants to run an IMAP server for him/herself, it seems
<sdeziel> Goug: so if outbound only is good enough for you I'll explain a little more :)
<Goug> will this work on 16.04 ? https://www.digitalocean.com/community/tutorials/how-to-install-and-setup-postfix-on-ubuntu-14-04
<Goug> sdeziel, I need both outbound and inbound
<sdeziel> Goug: oh sorry, I misunderstood
<bc2946088> If the two aren't connected, you shouldn't treat the need as one.  :)  You want incoming and outgoing for yourself and outgoing for your server.
<JanC> Goug: I think there is some info in the Ubuntu Server Guide too
<sdeziel> so I second the recommendation for postfix (for the SMTP/submission/LMTP/sendmail part of it anyway)
<Goug> Great - thanks :) I will crack on reading now - will probabaly have more questions later - so will pop by ^^
<JanC> I use postfix & dovecot
<JanC> which have plenty of documentation & tutorials & how-to's for Ubuntu/Debian
<Goug> JanC, can you link me please?
<Sling> Goug: https://www.digitalocean.com/community/tutorials/how-to-configure-a-mail-server-using-postfix-dovecot-mysql-and-spamassassin
<Goug> silly question but would you recommend Debian in this case ?
<Sling> (if you need a guide)
<Sling> Goug: it doesn't really matter which distro you pick
<JanC> well, which ones you want to use also depends on your exact needs
<Goug> I will try the link from JanC
<Goug> thanks :)
<Goug> one more question please - it is recommended I create a new admin user instead of working with root right ?
<Sling> not really, but only use root if neccessary
<JanC> use sudo  :)
<Goug> can I do the entire operation on root then ?
<Sling> you can do anything as root
<Sling> including *breaking* anything
<Goug> lol - will create a new user :D
<bc2946088> A new user is no different than the default user you created when installing.  Except he won't be able to sudo by default, which you'll need.  It's just good habit to only sudo when you need elevated permissions.
<JanC> eh, why would a new user not be able to sudo?  :)
<JanC> (when done right, of course)
<mdeslaur> JanC: because new users are not in the sudo/admin group by default
<Goug> thanks
<bc2946088> Fair enough, JanC.  You could add him to the sudoers group at creation.
<bc2946088> wasn't there previously the ability to output juju status to an image?  Is that no longer?
<axisys> so I have request to add -f to the iptables to count all the fragmented udp packets. So is that really necessary for server.. I thought server drops fragmented packets?
<sdeziel> axisys: I never handled fragments in my rulesets. I assumed the were reassembled thanks to the nf_defrag_ipv4/ipv6 modules. I'm curious as to what others have to say about this
<bc2946088> So... This bug ( https://bugs.launchpad.net/juju-core/+bug/1534643 ) says it was fixed in 1.25.4, but here I am at 1.25.5, and it's still occuring.  Or is there some other problem with deploying JUJU Gui on 1.25.5?
<ubottu> Launchpad bug 1534643 in juju-core 1.25 "cookies file locked for too long" [Medium,Fix released]
<Goug> Hi - trying to isntall mysql : sudo apt-get install mysql-server libapache2-mod-auth-mysql php5-mysql
<Goug>  - I get error :
<Goug> This may mean that the package is missing, has been obsoleted, or
<Goug> is only available from another source
<Goug> E: Unable to locate package libapache2-mod-auth-mysql
<Goug> E: Package 'php5-mysql' has no installation candidate
<nacc> Goug: what version of ubuntu?
<Goug> 16.04
<nacc> Goug: php7 only
<nacc> Goug: 16.04 is php7 only
<nacc> Goug: so you would use php-mysql
<Goug> what about the  package libapache2-mod-auth-mysql ?
<nacc> Goug: that hasn't been available since vivid
<Goug> so just remove it ? installation wouldnt fail ?
<nacc> Goug: i don't know what you are installing, but that package does not exist anymore
<Goug> alright
<Goug> will try it - thanks
<nacc> Goug: c18 of https://bugs.launchpad.net/ubuntu/+source/mod-auth-mysql/+bug/1243076
<ubottu> Launchpad bug 1243076 in mod-auth-mysql (Debian) "libapache2-mod-auth-mysql is missing in 13.10 amd64" [Unknown,Fix released]
<nacc> Goug: are you trying to apache auth against mysql?
<Goug> I am following this tutorial
<Goug> https://www.digitalocean.com/community/tutorials/how-to-install-linux-apache-mysql-php-lamp-stack-on-ubuntu
<Goug> sudo mysql_install_db
<Goug> gives me an error : 2016-05-14 00:32:20 [WARNING] mysql_install_db is deprecated. Please consider switching to mysqld --initialize
<Goug> 2016-05-14 00:32:20 [ERROR]   The data directory needs to be specified.
<nacc> Goug: uh
<nacc> that's written explicitly for 12.04
<nacc> you just said 16.04
<Goug> someone else told me earlier here it would work wit hany version
<nacc> it even has a link to at least a more updated version
<nacc> isn't there a lamp-server metapackage?
<Goug> I will try this one
<Goug> http://www.unixmen.com/how-to-install-lamp-stack-on-ubuntu-16-04/
<sarnold> there's a lamp-server tasksel -- you ought to be able to use apt-get install ^lamp-server, iirc
<sarnold> (yes, with the ^)
<nacc> sarnold: thanks, couldn't remember the syntax
<Goug> E: Unable to locate package ^lamp-server
<Goug> E: Couldn't find any package by regex '^lamp-server'
<sarnold> ah, apt-get install lamp-server^
<sarnold> apparently I can't remember the syntax either, sorry.
<ogra_> sudo tasksel install lamp-server ;)
<ogra_> (saves you from remembering where the caret goes)
<sarnold> :)
<nacc> heh
<Goug> thanks - now its working
<Goug> will apache2 and mysql start automatically when I reboot the server ?
<JanC> if they are properly configured, yes
<nacc> i believe the default configuration of both does enable both as services, but i'm not 100%
<Goug> only one way to find out :D
<Goug> im going to try reboot
<Goug> is there an ftp server running by default on ubuntu server ?
<nacc> Goug: no
<nacc> i dont think so
<patdk-lap> depends on what tasksel you picked on install
<teward> Goug: if you're working on a default install and didn't select SSH Server or FTP Server, then no
<teward> if you selected SSH Server, 'sftp' exists, but that's not a pure FTP server per se
<teward> Goug: if you're working off a prebuilt image at a VPS provider, we can't really give insights to that
<Goug> its just to upload files to apache - winscp should do the trick
<Goug> thaks :)
<lynorian> although I wish I actually got more of sftp into the 16.04 server guide
<g3org3s> I am trying to use winscp to do that - I get a login error - acces denied - not sure what I should be doing
<g3org3s> googling
<teward> use your SSH credentials for the server
<g3org3s> what file protocol should I use ? if sftp shouldnt I install an ftp server before on my server ? like vsftpd ?
<teward> g3org3s: sftp *is* the protocol
<teward> it's provided as part of the openssh-server stuff
<teward> so, if you have SSH you should already have SFTP access via those SSH credentials
<g3org3s> it says access denied
<g3org3s> oh
<g3org3s> working - nevermind :D
#ubuntu-server 2016-05-14
<bindi> anyone tried https://github.com/firehol/netdata ?
<patdk-lap> I have seen people using it
<RoyK> patdk-lap: I wonder how well that scales
<RoyK> @bindi also, of course
<patdk-lap> ya, me also
<patdk-lap> I also tend to monitor a lot of custom stuff
<patdk-lap> and can't tell how that handles multible systems
<patdk-lap> but I have never seen someone monitor a whole network of systems using that
<patdk-lap> I do a lot of realtime monitoring with munin though
<RoyK> munin isn't realtime
<RoyK> and munin sucks rather hard on scalability
<RoyK> patdk-lap: btw, where are you located again?
<patdk-lap> heh?
<patdk-lap> munin supports realtime
<patdk-lap> not a single module it comes with, supports it though
<patdk-lap> you have to download or make your own
<patdk-lap> D.C.
<RoyK> ok
<RoyK> .no
<RoyK> as you may know
<patdk-lap> lets see, I have realtime cpu/network/mongo
<xibalba> i need a dns server for my home lab, but i dont want to manage bind zones. suggestions?
<sarnold> powerdns recursor can server from an /etc/hosts-style file
<xibalba> looking it up, but that sounds beautiful
<sarnold> https://doc.powerdns.com/md/recursor/settings/#etc-hosts-file
<xibalba> excellent, all done setting it up
<xibalba> this is perfectly simple for a home lab
<xibalba> thank you sarnold
<sarnold> and it also runs something like 30% of the DNS traffic in the world :)
<xibalba> thats nuts, i've never heard of it
<xibalba> at the ISP I was at we only used Bind for Recursive and Authoritative
<xibalba> not on the same boxes
<sarnold> #powerdns on irc.oftc.net has the real experts in case you run into anything
<Goug> hi - is this something that would work on 16.04 ? https://www.digitalocean.com/community/tutorials/how-to-configure-a-mail-server-using-postfix-dovecot-mysql-and-spamassassin
<xibalba> just grab zimbra
<Goug> xibalba, will it work if I want to create more inboxes for a certain domain ? and have automatic emaling out like for example when uers on my site reset passwords ?
<xibalba> www.zimbra.com
<Goug> is that a yes ?
<xibalba> hmm what should i do as a lab in linux to try and accomplish. got this fresh esxi box w/enough ram to run a few vms
<bekks> Install Ubuntu instead?
<sarnold> you could try lxd migrations from guest to guest
<bekks> live migrations, I suspect.
<sarnold> I knew I a word
<xibalba> i think im going to play with docker some and get a feel for it
<arcsky> can anyone be nice and help me out with my sources.list http://pastebin.com/WEZjhvQN
<bekks> Did you read line 7?
<arcsky> bekks: yes but i dont understand it
<bekks> Which part of line 7 is unclear to you then?
<arcsky> all
<arcsky> signature issue
<bekks> So which part of "The repository is not updated and the previous index files will be used. " is unclear to you?
<arcsky> why not help instead of give me hints
<sarnold> arcsky: can you get this file manually? http://security.ubuntu.com/ubuntu/dists/trusty-security/InRelease
<arcsky> sarnold: nice where do i save it?
<sarnold> arcsky: anywhere; once you've gt it, run gpg on it, save it again anywhere, and see what the signatures look like..
<sarnold> oh nce, if you run gpg with --verify it doesn't require yet another filename: gpg --verify /tmp/InRelease
<arcsky>  gpg --verify InRelease
<arcsky> bekks: sarnold http://pastebin.com/LTenpNt3
<sarnold> arcsky: are you using a proxy like apt-cacher-ng or squid-deb-proxy or are you behind a transparent proxy at your ISP or something similar?
<sarnold> arcsky: do you have any errors in your dmesg that might indicate e.g. dying hard drive or bad memory?
<sarnold> arcsky: hey wait a minute; that shows "Fetched 83 B" and your previous paste had "InRelease [83 B]"
<sarnold> arcsky: just read those files :) find out what those 83 bytes actuall are
<sarnold> time for me to bail, I expect that'll be enough to find the problem anyway :)
<sarnold> have fun
<dunaeth> Hi, any idea for partitioning a single machine for openstack testing ? There's a doc for automated cloud install but it does not recommand anything
<FManTropyx> postfix doesn't work
<FManTropyx> halp
<patdk-lap> since when?
<patdk-lap> postfix always works
<FManTropyx> since I installed it :P
<RoyK> FManTropyx: did you configure it? ;)
<FManTropyx> it tries to send with "<username>@<localhostname>" instead of the FQDN, even though I configured the external hostname
<FManTropyx> the /etc/mailname file contains the FQDN, but what did I screw up?
<patdk-lap> and you have postconf -n, posted somewhere?
<FManTropyx> http://c128.z80.guru/asdf/asdf.txt
<trick2g> anyone used virtualbox with ubuntu server and windows?
<FManTropyx> can someone tell me what I need to do to make postfix send mail out with not 'root@ubuntu-512mb-fra1-01' but rather 'root@c128.z80.guru' in the From field?
<UbuntuDude> I've installed a guest ubuntu server in a host ubuntu OS, the problem is with the network configuration I was able to bridge the guest nic to the host wireless card (because I don't have wired connection).. the problem is being unable to authenticate the guest to pass through the access point webApp in order to access the internet ... are there any suggestions to solve this issue?
<FManTropyx> so, nobody here knows that about postfix? :)
<teward> FManTropyx: ideally you'll be setting the "From" address in the email message
<teward> if it's an automated message, then you have to figure out what's sending that message and adjust accordingly (usually they tend to default to the hostname of the machine)
<teward> i'm not a postfix expert, but address rewriting also comes to mind
<FManTropyx> I tested with the 'mail' command
<teward> FManTropyx: i'm not familiar with your setup, but the way I've always tested my postfix is 'sendmail' from that server
<teward> namely, http://paste.ubuntu.com/16417887/
<teward> that sends with a From: field detailing what address to send with
<teward> (that doesn't work on my local home network postfix, though, because that routes through a GMail account for sending mail)
<teward> FManTropyx: where that isn't working, and you can't define the "From" field, then you have to use some type of rewriting to have Postfix handle one address and change it to the one you want to send from
<teward> alternatively, change the hostname on the box (and where that's not an option, well...(
<FManTropyx> I'd expect postfix to do it on itself, as the correct domain name is set and there is a config entry for it even
<asdf0> hi :) quick question: i set up a new home server with ubuntu-server and enabled samba (using the same config file i had on my previous installation so I'm sure nothing is wrong with that, testparm confirms). i see the share on my windows computer in the network, but i cant access it, it says the server doesnt accept the connection
<asdf0> is there some security thing i have to enable first to let outside computers access?
<asdf0> allowed ip range in smb.conf matches what the computer has
<UbuntuDude> how can I go through access point authentication with a newly installed ubuntu server that has no browser?
<UbuntuDude> I need a browser to submit my internet cridentials
<qman__> you need a browser, if you're not running X I suggest w3m
<UbuntuDude> qman__: how to get X or w3m when there is no internet connection?
<jrwren> you could get very crafty with curl.  -b to set a cookies file and then parse the html yourself, figure out to where you need to post the form AP auth, and make more curl calls.
<UbuntuDude> jrwren: that is not possible with AP using md5 token to verify the client. at least not for me with all the googling I did to do this.
<UbuntuDude> I've even went through the md5.js and login.html files to try to do something about it but I couldn't
#ubuntu-server 2016-05-15
<JanC> if you can get on IRC, then what is the problem?
<thekrynn_> trying to setup a usb ethernet dongle for an extra iface, but not showing up at all.. any ideas?
<g3org3s> Hi - would this be applicable on 16.04 ? https://www.digitalocean.com/community/tutorials/how-to-configure-a-mail-server-using-postfix-dovecot-mysql-and-spamassassin
<somix> hello
<somix> how install openstack or juju in vmware workstation
<somix> whay
<somix> how
<somix> whaaaaaaaat
<somix> hhh
<somix> thaaanx
<somix> $ sudo apt install conjure-up
<g3org3s> Can I install mail ina box on 16.04 ?
<g3org3s> or still not supported ?
<devster31> hi guys, what could be the reason I can lsusb and lshw an usb hard drive but I can't lsblk it and therefore cannot mount it?
<RoyK> devster31: dead disk?
<devster31> it works fine on windows
<devster31> and on OSX
<RoyK> devster31: what's in dmesg?
<RoyK> please !pastebin that
<RoyK> !pastebin
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imgur.com/ !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<devster31> http://paste.ubuntu.com/16439404/ there's lshw and lsusb too
<devster31> it seems to know exactly what's plugged in but doesn't know it's a hard drive
<RoyK> weird
<eatingthenight> anyone have any recommended software for managing a small setup of 3 machines running KVM?
<synchronet> why use KVM, what you using the box for?
<eatingthenight> nothing at the moment all i really want is a low cost way to manage a small VM cluster
<eatingthenight> esxi does what I want but I have to pay 1k a year for it otherwise it imposes limits on what kind of resources I can allocate.
<synchronet> ok, but for running what?  Websites!
<synchronet> if so Virtualmin GPL will do you fine
<synchronet> Nice install script as well
<synchronet> Needs a clean install of OS tho, I would go 14.04
<synchronet> and a good FQDN
<dasjoe> eatingthenight: define "cluster". Do you need automatic, managed failover?
<dasjoe> eatingthenight: I stuck with libvirt, neither Ganeti, nor ovirt delivered what I needed
<eatingthenight> yeah i guess cluster is a bad word. Downtime is completely fine.
<eatingthenight> looking at virtualmin gpl now
<synchronet> Try Virtualmin you might be surprised what it can do
<synchronet> I use it a lot
<synchronet> but just websites
<synchronet> nothing fancy
<synchronet> backup and restore module is second to none
<eatingthenight> hmmm, yeah i need a few more abilities then just website management, I think what I'll end up doing is just managing it from the commandline and then write my own web interface for it once I see what I all need. unfortunately I can't find anything in between apache openstack and cli that is halfway decent
<dasjoe> eatingthenight: https://help.ubuntu.com/lts/serverguide/libvirt.html
<eatingthenight> dasjoe: this looks like it will work for me, thanks!
<Goug> Hi - I think I messed up smth while isntalling mysql - how can I reset it to a fresh installation ?
<Goug> nevermind - got it to work again
<bekks> Goug: Why do you thing you messed up something?
<bekks> Reinstalling will not fix it.
<Goug> I couldnnt login to the database - acces denied - the I restarted the service - now its working again
<habibi> the app that i am going to be running will run as a certain user whos setuid and setgid permissions shall be stripped. but this app still needs to have the ability to open ports > 1024. will this work?
<habibi> because i have read somewhere long ago that to open sockets the computer sets id to root, opens the socket. then sets id back to user
<tarpman> habibi: you don't need any special permissions to open ports > 1024; did you mean < 1024?
<tarpman> habibi: either way: yes, what you are describing (start as root; perform privileged actions; drop permissions permanently) is standard practice
<habibi> tarpman, no i meant > 1024. i know that that is not allowed. i had like 1 link that showed the easier command that removes all perms from a particular user. but i lost it. do you know what is the easiest but safest way to do this ?
<tarpman> habibi: easiest and safest way IMO is to arrange for the init system to start your daemon as a unprivileged user (ideally, a user dedicated to that daemon)
<tarpman> habibi: or, if does need root privileges during startup for some reason, then man 2 setuid and man 2 setgid
<habibi> tarpman, and the security friendly way (just to check with you) would be to take off all the unnecessary perms of the scripts of that user in the bin folder yeah?
<habibi> or are there any other folder i have to think about as well?
<tarpman> I don't understand the question, sorry
<tarpman> habibi: if you want to go even further with restricting what your program is allowed to do, look into apparmor: https://wiki.ubuntu.com/AppArmor
<bekks> habibi: Which kind of permissions are you trying to strip off of that user?
<habibi> i need to find that link. one second let me try this
<habibi> ok i found it bekks and tarpman : http://linux-audit.com/finding-setuid-binaries-on-linux-and-bsd/
<bekks> habibi: And why do you want to tinker around with setuid for a specific user?
<bekks> habibi: Do you know what setuid is for?
<habibi> the idea was that i make a spearate user for a daemon. then i strip that user of access to all the scripts in bin folder. so that no hacker can get into this user through the daemon and on the off chance that they can. then they cannot use the gid and uid to trick the computer to give them root access
<bekks> habibi: that nonsense, actually.
<bekks> habibi: Do you know what setuid is for?
<habibi> bekks, some guy on ##security said it was a good idea. setuid is defined like this: Binaries with the setuid bit enabled, are being executed as if they were running under the context of the root user. This enables normal (non-privileged) users to use special privileges, like opening sockets.
<bekks> habibi: Do you understand what setuid is for?
<habibi> bekks, bro i just told you
<bekks> habibi: No you told me what someone else told you.
<habibi> Binaries with the setuid bit enabled, are being executed as if they are running under the context of the root user
<bekks> Which doesnt mean YOU understand what setuid is for.
<habibi> i understand what that line means
<bekks> And do you know why setuid is set for those specific binaries?
<habibi> because those specific binaries need some type of root access in their functioning
<bekks> Correct.
<bekks> So if you unset setuid, you will break those binaries and/or their functionality.
<habibi> yes bekks but i would argue that my user thats running that daemon may not need ALL those binaries. so removing their setuid may not be a good thing
<bekks> Which just have something to do with messing up your system, and not with securing it.
<bekks> If you dont want your user to have access to specific files, use ACL and disallow access.
<habibi> since thats just going to be one daemon
<habibi> bekks, and if my user is not running ALL those binaries. then removing them would be a good idea because then there is less things that a potential hacker could trick to give them root access
<habibi> to this understanding, i have set out to change the setuid and setgid values for the bin folder. and was asking if there are other binaries i want to change that could be tricked, but not really necessary for the running of my daemon
<bekks> Do you understand that removing setuid isnt possible for a specific user, but globally only?
<habibi> bekks, that part i did not actually know. but was going to look around for
<habibi> ACL hmm ok
<habibi> i'll look into that one
<habibi> i only want to give that user access to activities needed for its daemon. namely opening sockets > 1024. reading to its home directory. and writing to its home directory
<habibi> everything else i want to restrict. using ACL or AppArmor or w.e there is
<bekks> So do it. No need to mess up your system.
<habibi> alright awesome. thanks for the heads up bekks
<g3org3s> Hi - mysql issue - it's weird - I can login from the server console - I can also login from phpmyadmin - but when I use it in my php file - database connection unsuccseful - am I missing something in the config ?
<bekks> g3org3s: How are you trying to connect, using PHP?
<g3org3s> bekks, it's a user managemetn framerware - during setup they ask the database to connect to
<bekks> And what are you entering?
<g3org3s> Databasr host = IP , database user and pass - the ones I am successfully using to login via shell on server or phpmyadmin - Database name : Database I created in phpmyadmin for this project
<bekks> g3org3s: So did you configure your mysql server to accept connections on the IP? And why dont you use 127.0.0.1?
<g3org3s> bekks, it's working now - I thought it was requesting the remote access of that server - I completly forgot that it is local! my bad ; many thank
<bekks> you're welcome :)
<newbsie> New to systemd coming from upstart/14.04. Where do I place the conf file for systemd for gunicorn? In /etc/systemd/system with my own naminc scheme?
<xnox> newbsie, yes, more or less. Also note https://wiki.ubuntu.com/SystemdForUpstartUsers
<newbsie> xnox: If I need to run different processes of gunicorn for different websites, do they each go in their own conf file?
<xnox> read systemd units documentation on template units
<conrmahr> Is there any chat logs saved somewhere? I had someone help me re-image a disk but didn't write it down.
<RoyK> depends on the client
<conrmahr> limechat?
<RoyK>  l
<RoyK> no idea - sorry
<teward> maybe ask #limechat ?
<teward> conrmahr: ^
<conrmahr> How about I ask for help on re-imaging a secondary disk
<conrmahr> Can some one help remove all partitions on a WD Red 4GB harddrive that has RAID array on it?
#ubuntu-server 2017-05-08
<cpaelzer> good morning
<yossarianuk> hi - I have a question about the default KSM setting (i.e ksm/kvm)
<yossarianuk> i.e -> /etc/default/qemu-kvm - has '# Set to 1 to enable KSM, 0 to disable KSM, and AUTO to use default settings.'
<yossarianuk> What are the default (AUTO) settings ?
<yossarianuk> Hi - we are setting up an office squid proxy / gateway using Ipfire in a KVM vm (using ubuntu 16.04 as the KVM host) - as there is going to be a lot of network traffic through the vm is it a good idea to enable 'vhost_net'?
<yossarianuk>  I notice in Ubuntu the default setting in /etc/default/qemu-kvm is 'VHOST_NET_ENABLED=0'
<yossarianuk>  so logically should I set that to 'VHOST_NET_ENABLED=1'?
<lordievader> Good afternoon
<yossarianuk> ust wondering if it is more sensible to enable or disable in my situation (i.e a proxy/gateway vm that all office traffic will be flowing through)
<cpaelzer> hi yossarianuk - just realized I answered you in #ubuntu already
<cpaelzer> TL;DR yes I'd recommend vhost_net but it is very likely already loaded
<cpaelzer> the config you refer only checks if qemu-kvm loads it which is a failsafe mechanism, but some other triggers might load it anyway
<cpaelzer> so they do for me at least
<yossarianuk> again thanks
<cpaelzer> and KSM auto is enable it on bare metal but not in guests
<ezethnesthrown> Hello, I have a problem. Please see at http://paste.ubuntu.com/24536348/
<cpaelzer> nacc: not sure IIRC - have you reworked the samba sections back then? any idea ^^
<cpaelzer> rbasak: I'm trying to hunt down an issue with uvtool that tries to break my virt tests all too often - after a while I'm now down to systems not agreeing on the images available
<cpaelzer> rbasak: the systems share /var/lib/uvtool/libvirt (via container shared paths)
<cpaelzer> so what is in one is also in the other
<cpaelzer> that worked fine so far, but since I recently stared to have one more system that does stop sharing these paths by bindmounting something else over it things break too much
<cpaelzer> rbasak: I only now start to dive into uvtool for this trying to understand what other paths they might read in those cases
<cpaelzer> rbasak: but if something comes to your mind please let me know
<teward> rbasak: cpaelzer: powersj: nacc: any of you going to be at the server team meeting tomorrow?
<cpaelzer> teward: I would be there I think
<cpaelzer> there is a chair pointer pointing to me
<teward> cpaelzer: well i won't be able to be at the meeting tomorrow - i have a more important meeting at my job - make a note on the action item for me re: nginx release notes  to push it to the next meeting for a status checkin
<teward> i've got the bulletpoints on a notepad document, i've not gotten much further
<teward> please :)
<cpaelzer> ok, thanks teward for keeping us updated
<teward> yeppers.
<teward> Unrelated, anyone know how I can have a one-to-many SSH connection with one ingress and multiple backends based on the requested hostname?
<teward> i'm not 100% clear on how to multiplex SSH that way, but...
<teward> thought I'd ask :)
<cpaelzer> teward: I think cluserssh does what you want?
<teward> ooh prettu
<teward> pretty*
<cpaelzer> I'm not clear on "multiple backends based on the requested hostname" but it gives you one-to-many ssh
<teward> cpaelzer: i think it'd be best if I diagram it
<cpaelzer> That tool is my poor mans mass deployment helper
<cpaelzer> sometimes
<teward> I have a server with multiple LXD containers on it, each with SSH.  To get into it i have to first SSH to the host machine, then SSH into the specific container
<teward> i'd like to cut out one of the 'hops' in what commands i type, if possible.
<teward> s/into it/into one container/
<cpaelzer> yeah ok that works as well
<cpaelzer> you need a proxy ssh setup on your client
<teward> cpaelzer: any idea on how i'd go about that?
<teward> i've googled but am head-scratching
<cpaelzer> to pass any command to foo-container actually to the host and fromt here to the container
<cpaelzer> I can paste a snippet, let me search my notes
<teward> thank you kindly :)
<teward> i'm trying to take the fifteen or so VPSes and consolidate on one massive system heh
<teward> allllll the services >:D
<cpaelzer> teward: that matches what I did and has some nice text around https://www.cyberciti.biz/faq/linux-unix-ssh-proxycommand-passing-through-one-host-gateway-server/
<cpaelzer> combine that with cluserssh and you can do stuff on all containers at once
<teward> nice.
<teward> cpaelzer: that'll help because now i can create SSH configs for each 'container' heh.  I'll just have to set up some command evils for the SSH without-password part to the containers... but that shouldn't be too hard.
<teward> since the containers aren't directly SSH exposed to the 'net... :P
<cpaelzer> exactly
<teward> (CBA to buy a /24, wayyyyyyy too expensive)
<teward> s/buy/rent/
<teward> ah heck, my license for avast expired.
<teward> damn, that means my mailserver has no AV protection
<teward> ah well after my next big paycheck comes in that won't be an issue heh
<teward> (it's $150/yr.  Not bad but outside my current budget)
<ezethnesthrown> Hello, I have a problem, the text is quite long. Please see at http://paste.ubuntu.com/24536348/
<rbasak> cpaelzer: that's all that uvtool cares about. But it uses libvirt's API to manipulate everything inside images/, and libvirt has its own in-memory cache of what that directory contains IIRC. So that could fall out of sync.
<cpaelzer> rbasak: interesting hint, thanks
<rbasak> cpaelzer: libvirt does support multiple image pool types. There might be one that is sufficiently networked?
<rbasak> Then you'd only need to bind mount metadata/
<rbasak> Once uvtool-libvirt is installed I doesn't touch the pool configuration again IIRC.
<rbasak> (except perhaps on removal/purge)
<cpaelzer> that might be a workaround
<rbasak> If it is indeed the problem.
<cpaelzer> but surely implementing that is as work intensive as understanding what goes on with the current one
<cpaelzer> and understanding the current issue might reveal something that puzzles me some time now
<cpaelzer> here it seems reproducible
<rbasak> That makes sense
<cpaelzer> so I want to know
<cpaelzer> I can in that env e.g. show that query reports no images, and the subsequent sync fails because the file is already there
<cpaelzer> rbasak: so effectively an affected guest can not make it working again (other than rm'ing files)
<rbasak> IIRC, query reflects metadata/ exactly
<rbasak> Is it doing that in your failure case?
<cpaelzer> rbasak: output is different on two systems sharing the dir
<rbasak> The actual image can be there when the metadata is not. This is for images being removed while still being used.
<cpaelzer> I verified they are still in sync (md5sums, touched files appear, ...)
<rbasak> cpaelzer: that's puzzling. I can jump into a hangout to do some debugging with you if you can reproduce that difference right now?
<rbasak> cpaelzer: though can you just double check that /var/lib/uvtool/libvirt/metadata/ really is the same directory on both affected machines?
<cpaelzer> rbasak: it is active right now if you have a few minutes I'd be happy
<cpaelzer> surely faster with more eyes/brains
<ezethnesthrown> Hello, I have a problem, the text is quite long. Please see at http://paste.ubuntu.com/24536348/
<ezethnesthrown> Hello, I have a problem, the text is quite long. Please see at http://paste.ubuntu.com/24536348/
<cpaelzer> rbasak: fyi new test runs the shared screen is now gone due to cleanup
<ezethnesthrown> OK nevermind my bad
<rbasak> cpaelzer: np
<ahasenack> ezethnesthrown: sorry about your problem with the smbldap guide
<ahasenack> ezethnesthrown: I hope to get to that area of ubuntu-server pretty soon
<ahasenack> in fact, I want to update this to current ubuntu: https://github.com/panlinux/openldap-dit/tree/master/doc (just imported it from LP)
<nacc> ezethnesthrown: aiui, you have to create the file
<nacc> ezethnesthrown: an example is shipped with smbldap-tools
<nacc> ezethnesthrown: as documented in the README.Debian file
<nacc> ezethnesthrown: specifically SMBLDAP-TOOLS bit
<nacc> ahasenack: so i think a short term fix is to copy out those bits into server guide (that you need to take the example config and do stuff to it to match your local install)
<ahasenack> yeah
<ahasenack> I think I'll start on that after this samba fix
<nacc> ahasenack: thanks
<cpaelzer> ahasenack: nacc: but next serverguide release is way way out
<ahasenack> we can update the current one, right?
<ahasenack> i.e., fix it
<cpaelzer> ahasenack: nacc: I had another case which I wanted to fix in doc, but that will need time
<nacc> cpaelzer: agreed, i'm saying as a fix to the current release
<nacc> iirc, pmatulis has taken such thing with bugs
<cpaelzer> ahasenack: no it only updates the user readable html/pdf on explcit releases
<cpaelzer> yes you can "bug" them and ask
<nacc> that's how i got the original serverguide fixed
<cpaelzer> they will share doc release plans
<nacc> hrm, maybe i'm misremembering
<cpaelzer> nacc: yeah I pushed a few dpdk things that way as well
<cpaelzer> nacc: but
<cpaelzer> nacc: recently I wanted to add some libvirt things and got told that it will really take a while
<ahasenack> seems silly not to be able to correct docs. It's not a rewrite
<nacc> that policy seems less in the best interest of our users
<nacc> oh adding things is diifferent, imo
<ahasenack> right
<nacc> fixing bugs should be allowed, if it's not, i think we should bring it up to the doc team
<cpaelzer> I agree, but my case wasn't important enough to set me into the mood to punch this through
<ahasenack> it has to have the SRU spirit
<nacc> cpaelzer: ack, i think i saw your case
<cpaelzer> yeah, "SRU spirit" covers most of it
<cpaelzer> not random doc changes
<nacc> cpaelzer: right, in this case, a missing step (at least_) that causes the next step to fail
<cpaelzer> ahasenack: lets ask on ubuntu-doc ML how/if they would agree to handle those
<cpaelzer> and share/discuss the feedback in the IRC meeting
<cpaelzer> and drive via actions from there
<nacc> +1
<cpaelzer> ahasenack: would you do the initial mail to them or should I?
<ahasenack> cpaelzer: I think you have more context now
<cpaelzer> hehe
<cpaelzer> ok
<cpaelzer> leave a task open and you'll get it :-)
<ahasenack> np :)
<cpaelzer> ahasenack: nacc: I set you to cc
<ahasenack> thx
 * ahasenack -> lunch
<cpaelzer> I was in a hurry so enjoy my surely intersting fast writeup :-)
<nacc> cpaelzer: ack
<cpaelzer> nacc: I see you pushing all the merges to done, if you could take an eye on the three in the review queue for the importer that would be very kind
<nacc> cpaelzer: yep, im swtiching tack this week back to the importer and will review
<cpaelzer> nacc: in order of complexity dovecot, ntp, strongswan
<nacc> cpaelzer: tbh, for these three, on some level, im trusting you
<cpaelzer> I trust myself as well :-)
<nacc> cpaelzer: in that, you've done the merge, i just need to get them into the importer, right?
<nacc> cpaelzer: or do you need a full merge review as well?
<cpaelzer> nacc: the poitn I learned is that there are always issues - and we don#t need to stop the line but discussing them is step one
<nacc> cpaelzer: ack, ok -- one takes longer than the other :)
<cpaelzer> nacc: I don't need a formal review, yet on strongswan a pair of eyes would be nice
<nacc> cpaelzer: and, on some level, if you could upload these (and maybe you can?) you aren't technically gated by me normally
<nacc> cpaelzer: ack, strongswan was complicated before
<nacc> rbasak: what state is your linter in?
<cpaelzer> nacc: there is a lot of "known to drop delta" left that I made more clear in the MP and such
<cpaelzer> nacc: I'd want to upload them tomorrow, so getting them into the importer and tagged would be nice
<cpaelzer> nacc: tests are all good, so the issues left shoudl be easily possible as ubuntu2 or next-cycle as applicable
<rbasak> nacc: not really usable yet, sorry. I just have pieces.
<rbasak> nacc: it doesn't do merges at all yet.
<nacc> rbasak: np, just checking :)
<nacc> cpaelzer: ok, i'll bump it up my list
<rbasak> nacc: but the script in wip/review can be used for merges.
<cpaelzer> fyi I don't have merge bugs on these as they were trivial, but integrated that into my process so I'll in future open one in any case I think
<nacc> cpaelzer: i'm also tempted to just give you upload rights to the git repos
<nacc> or wait until we figure out where upload tags will live properly
<thatstevecena> Hello. I'm having problems with Ubuntu 14.04LTS, Postfix & DKIM failing to verify signatures. My install runs fine for a few hours but ultimately starts failing signatures due to "no padding data". Has anyone seen this?
<ezethnesthrown> What does this mean [[ bash: /usr/sbin/smbldap-populate: cannot execute binary file: Exec format error ]]
<nacc> ezethnesthrown: what does `file /usr/sbin/smbldap-populate` say?
<ezethnesthrown> Tried 'cat' it now the CLI broke
<ezethnesthrown> smbldap-populate is a command
<nacc> ezethnesthrown: yes, i know
<nacc> ezethnesthrown: can you please tell me what the command i asked for says?
<nacc> ezethnesthrown: if it's a binary, you don't wnat to `cat` it
<ezethnesthrown> It says exactly that. Straight up error
<nacc> ezethnesthrown: what?
<nacc> ezethnesthrown: it says "Straight up error"?
<ezethnesthrown> No
<ezethnesthrown> There's no prompt
<nacc> ezethnesthrown: `file` doesn't output such a thing
<ezethnesthrown> I'm sorry. I'm a bit lost here
<nacc> ezethnesthrown: so you ran `cat` on a binary? you probably need to start a new terminal session
<ezethnesthrown> Rebooted
<nacc> ezethnesthrown: ok, that was probably unnecessary
<nacc> ezethnesthrown: run `file /usr/sbin/smbldap-populate`
<ezethnesthrown> [[ /usr/sbin/smbldap-populate: gzip compressed data, max compression, from Unix ]]
<nacc> well you can't run a data file
<nacc> ezethnesthrown: what version of ubuntu?
<ezethnesthrown> nacc: 16.04.2 LTS
<ahasenack> rbasak: hey, where is the merge report output again?
<ahasenack> I had http://people.canonical.com/~rbasak/merges.html from before you had commit access
<nacc> ezethnesthrown: http://paste.ubuntu.com/24538078/ is what it should output
<nacc> ezethnesthrown: that's from a fresh 16.04 container
<nacc> ezethnesthrown: not sure what you're using
<nacc> ezethnesthrown: `apt policy smbldap-tools` in a pastebin please
<rbasak> ahasenack: http://reqorts.qa.ubuntu.com/reports/ubuntu-server/merges.html but it looks like the cronjob is still failing so it's very out of date. I'll need to sort that out :-/
<ezethnesthrown> nacc: http://paste.ubuntu.com/24538099/
<nacc> ezethnesthrown: hrm, that's worrisome, same version here
<nacc> ezethnesthrown: this is a VPS or anything? did you do any changes after installing?
<ezethnesthrown> nacc: I'm installing in Virtual Box
<ezethnesthrown> nacc: I followed the Samba and LDAP guide and the guide at the bug post
<nacc> ezethnesthrown: can you run `dpkg -V smbldap-tools` ? and/or `dpkg -C smbldap-tools`
<ezethnesthrown> dpkg -V smbldap-tools > [[ ??5??????    /usr/sbin/smbldap-populate ]]
<ezethnesthrown> dpkg -C smbldap-tools > [[ ]]
<nacc> ezethnesthrown: yeah so you've changed it from how it isinstalled
<nacc> ezethnesthrown: 5 is 'file contents have changed'
<nacc> ezethnesthrown: so ... what did you do? :)
<ezethnesthrown> I did 'sudo dpkg-reconfigure slapd' I few times
<ezethnesthrown> A few times*
<ezethnesthrown> nacc: Thank you for your time. I'll restart then
<nacc> ezethnesthrown: np, i don't thnk the dpkg-reconfigure should have changed the contents of an executable
<nacc> ezethnesthrown: something else must have happened, but i don't know what
<nacc> rbasak: do you have time this week for a importer/git sync?
<ezethnesthrown> nacc: Is it inside smbldap files? I don't think I tampered anything inside. But I'll report here if it happens again.
<nacc> ezethnesthrown: yes, that file (/usr/sbin/smbldap-populate) is fromm smbldap-tools afaict, and should be a perl script
<ezethnesthrown> nacc: I can't recall
<nacc> ezethnesthrown: you'd have to have been root to do so, and just imo, you should always konw what you did as root :)
<ezethnesthrown> nacc: Thank you. I'll keep that in mind
<cpaelzer> nacc: upload rights to the repos would help with trivial thigs at least
<cpaelzer> nacc: and I think I can decide when to push and when not to
<nacc> cpaelzer: yeah
<nacc> cpaelzer: our eventual goal is if you can upload a srcpkg you can upload the corresponding tag
<nacc> cpaelzer: but that needs lp stuff, etc.
<cpaelzer> nacc: and in the worst case it is easy for you to catch me :-)
<cpaelzer> nacc: I know the target
<nacc> cpaelzer: yeah :)
<cpaelzer> nacc: yet given that we mainly sync server and I have server + a few as upload rights ...
<nacc> cpaelzer: yep
<cpaelzer> nacc: the remaining subset isn't that big
<nacc> cpaelzer: yeah
<ezethnesthrown> nacc: Works magically now
<nacc> ezethnesthrown: did you reinstall?
<rbasak> nacc: yeah, let's arrange something.
<nacc> rbasak: thanks
<greenmanspirit> Hello all! I am trying to preseed NIS and when I reboot, rpcbind won't start. Is there something like networkmanager-wait-online that centos has? I am guessing the network isn't ready when rpcbind tries to start.
<sarnold> which release? 16.04 uses a different service framework than 14.04..
 * sarnold -> lunch
<greenmanspirit> sarnold, 16.04
<nacc> greenmanspirit: well on server, you wont' have networkmanager
<nacc> greenmanspirit: if someting depending on network it shoulbe After=network.target in the service file, i think?
<nacc> greenmanspirit: but i would thing rpcbind would be generally broken if it won't start becasue it needs networking and network isn't up in your case
<nacc> cpaelzer: i did dovecot just now, but let's do it at the same time, as there is a bit of an inherent race
<manukapua> im trying to delete a samba user after i deleted their unix account but get errors from smbpasswd - x and pdbedit -x , do i have to recreate the unix accoint before deleting the samba one ?
<nacc> cpaelzer: tmrw AM for the others?
<greenmanspirit> nacc, rpcbind doesn't have After=Network in the rpcbind.server file
<manukapua> answered my own question - apparently yes
<manukapua> have a fun mad day all : )
<greenmanspirit> sorry, After=network.target
<gartral> ok so i migrated my server from that half-ass VPS into a better host annd i'm still having issues with apache
<gartral> nacc  sarnold thank you by the way, for other day
<sarnold> hey gartral ;)
<gartral> sarnold: I figured it out
<gartral> it was a port collision between my vpn server and apache
<sarnold> gartral: woot
<Anonymes> hi
<gartral> sarnold: arrrrrrrrrrgh
<gartral> this is a game of catch 22 wrapped in a game of catch 22
<sarnold> uhoh :) I was hoping that was the 'argh' of "i can't believe that mistake was so simple" :)
<gartral> sarnold: I need a valid ssl cert, so I go through and try to use a let's encrypt cert for 'simplicity'... except certbot only uses port 443 and that port is already taken up by openvpn
<sarnold> gartral: can't LE do dns too?
<sarnold> gartral: and probably openvpn can be made to run on another port, if only temporarily
<sarnold> gartral: I know some people run their vpn on ALL PORTS, so a simple nmap from their hotel room or airplane or whatever can often find a way through that's... ahem... cheaper than usual :)
<gartral> sarnold: yea but I have ~30 or so devices on this vpn
<gartral> most of which are family, and I don't need my mother screaming at me that her internet broke (again, because I had to re-issue cert packets to everyone from the the server move)
<sarnold> gartral: ouch that's a lot of devices to reconfigure
<gartral> yes it is... everyone tells me I'm a good IT guy... I don't think so but meh
<sarnold> gartral: stand up a second server?
<gartral> sarnold: moneies
<sarnold> gartral: it's only got to live for an hour or something to get certbot to work; if you haven't used it already, aws's free tier may be enough?
<eatingthenight> Hey i am pxe booting an image and i see this passed in as the command line argument for /proc/cmdline root=live:/genesis.iso
<eatingthenight> what does that do specificly.
<eatingthenight> i'm puzzled where it's getting the iso from since it's booting over ipxe using the initrd and vmzlinuz
<eatingthenight> I read the kernel docs and it doesn't mention anything about live: and everything I have found is using live:http://....
<eatingthenight> which make sense
<nacc> eatingthenight: root= is not parsed by the kernel
<nacc> eatingthenight: it's parsed by the init process, i think
<nacc> eatingthenight: i don't where genesis.iso lives, because that's not ubuntu afaict?
<eatingthenight> nacc: correct sorry i just figured people here may know a bit more about the command line boot args
<eatingthenight> it's a custom image
<eatingthenight> but I belive /genesis.iso in this case would mean it was baked into the image.
<nacc> eatingthenight: i *think* that live: is just a prefix to something (init? not sure) that says it's a livecd rootfs. i'm guessing that if you're pxe booting, maybe it knows to alos look on the network for the iso
<nacc> it being the boot processe
<eatingthenight> aa ok, so might be looking it up on a sftp server on the network
<nacc> eatingthenight: yeah, i'm not 100% on that, but i'd believe it
<eatingthenight> hmm, darn. That does sound correct to me but the sftp server that it is using only contains the ipxe kpxe file.
<eatingthenight> just checked to make sure. very strange.
<nacc> eatingthenight: is it in the initramfs by any chance?
<eatingthenight> hmm i dont see that file but i see this pre-udev/30dmsquash-liveiso-genrules.sh which looks interesting
<eatingthenight> o ok https://www.redhat.com/archives/rhl-list/2009-December/msg01582.html looks to confirm that that is what does it
<eatingthenight> looks like some legacy stuff from the liveiso creator
<eatingthenight> nacc: thanks for the help! I'm somewhat satisfied knowing that it's custom to liveiso
<nacc> eatingthenight: yw
#ubuntu-server 2017-05-09
<nacc> cyphermox: smoser: doing the open-iscsi merge, how much do you want to keep in d/changelog from the tests churn?
<nacc> there's ... a lot :)
<cyphermox> nacc: if the tests in general are a delta, i would just mention the test, not each individual change to it
<nacc> cyphermox: yeah, i'm trying to consolidate it
<nacc> cyphermox: http://paste.ubuntu.com/24539999/ is still pretty verbose, but it does encapsulate i think what the tests are doing and why they are quirky
<nacc> cyphermox: i'm happy to trim it all the way down to just "add Ubuntu autopkgtests" but then developers have to go down into the history to see all that was added
<nacc> cyphermox: let me know if you'd like it changed, i'm running the tests now locally after the merge, if they pass i'm ready to upload
<nacc> cyphermox: smoser: why is 2 seconds used as the delay in test-open-iscsi::test_daemon?
<nacc> that test failed on my lappy, but logging into the kvm instance, iscsid is running
<nacc> test_tgt_boot also failed, but i'm guessing it's because of:
<nacc> qemu-system-x86_64: /build/qemu-GnDgkf/qemu-2.8+dfsg/target-i386/kvm.c:1805: kvm_put_msrs: Assertion `ret == cpu->kvm_msr_buf->nmsrs' failed
<nacc> will debug both tmrw
<chatter29> hey guys
<chatter29> allah is doing
<chatter29> sun is not doing allah is doing
<chatter29> to accept Islam say that i bear witness that there is no deity worthy of worship except Allah and Muhammad peace be upon him is his slave and messenger
<cpaelzer> good morning
<cpaelzer> nacc: yeah today is fine for the merges, get in touch with me when you are around
<cpaelzer> nacc: looking at the calendar I guess we start with some shared meetings anyway
<lordievader> Good morning
<TafThorne> Good morning.
<cpaelzer> hi lordievader and TafThorne
<TafThorne> I have done a poor job of getting through SRU testing on https://bugs.launchpad.net/ubuntu/+source/logrotate/+bug/1630516 but I will try and push forward with it either at lunchtime (in about 3 hours time) or at the end of the day (9 hours time).  I have got the linux container stuff installed and ready to roll at least.  It will all be good practise for me.
<ubottu> Launchpad bug 1630516 in One Hundred Papercuts "Logrotate doesn't clean old system logs, allowing them to fill the disk" [Critical,Triaged]
<cpaelzer> Thanks TafThorne, I was almost about to ask
<cpaelzer> but not for a poor job , really you are well within the average still and actually beating it on several metrics
<TafThorne> Please do bug me about it.
<cpaelzer> so heads up
<TafThorne> I'll add myself a task in outlook to remind me too.
<lordievader> Hey TafThorne, cpaelzer
<LarsErikP> hello! anyone maintaining here the ubuntu cloud archive ppa? or know where I can find them? :
<LarsErikP> ^ wow those words came out in a weird order....
<cpaelzer> LarsErikP: I still know who you want to ping
<cpaelzer> jamespage: beisner_: coreycb: ^^
<cpaelzer> LarsErikP: but just in case may I try to help in any way?
<cpaelzer> we can still give up if it is really that UCA ppa special
<cpaelzer> also that way the others will find what things are about when they read the backlog
<LarsErikP> cpaelzer: thanks! just a simple question really. Do you know when neutron 9.3.0 will be available in the newton/xenial uca ppa?
<cpaelzer> LarsErikP: and about where to find them, just go https://launchpad.net/cloud-archive in case no one is around
<cpaelzer> LarsErikP: that I must admit I don't know, but back to my former statement now those who know can answer you anytime later they come by
<LarsErikP> great :) thanks! specifically I need it because of this bug: https://bugs.launchpad.net/neutron/+bug/1570122
<ubottu> Launchpad bug 1570122 in neutron "ipv6 prefix delegated subnets are not accessable external of the router they are attached." [High,Fix released]
<cpaelzer> LarsErikP: for your last question on that bug the bug should get a different bug task
<cpaelzer> LarsErikP: it currently is against upstream neurton only
<cpaelzer> LarsErikP: I added the tasks there for you
<LarsErikP> ooh
<LarsErikP> Thanks! :D
<ezethnesthrown> I'm currently creating a Samba + LDAP server. But right now I can't access my server at all. What are the things that I should checklist? Or could you guide me to some forum for the same problem or something?
<ezethnesthrown> I'm trying to connect to the server from a Windows client
<hateball> connecting what? samba?
<hateball> http? telnet?
<TafThorne> Are you trying to get the Windows client to join the Samba hosted domain or are you trying to get onto the CLI of the Samba + LDAP server?
<ezethnesthrown> hateball: TafThorne: In order to access the directory of the Samba, I need to access the Server Machine first, correct?
<TafThorne> ezethnesthrown: That sounds likely.  To access the filesystem which contains the configuration you would need to access the server over ssh, telnet or via physical access to the console.
<ezethnesthrown> TafThorne: I don't think we're on the same page.
<ezethnesthrown> **On Windows Client** //(SERVER_IP)/
<ezethnesthrown> Accesses the server through Windows Client on Samba service in Server Machine
<ezethnesthrown> I can ping to and fro Windows Client and Server. But I can't access it with [[ //(SERVER_IP)/ ]]
<Palm_premium> @TaftThorne, how did you setup your samba share, using a graphical tool or did you edit the config file?
<Palm_premium> @tafThorne, and could you post your config to pastebin?
<Palm_premium> @tafThorne, also what Windows version are you running on the client?
<ezethnesthrown> Palm_premium: Is that supposed to be directed to me?
<Palm_premium> @ezethnesthrown, yes, my mistake
<ezethnesthrown> Palm_premium: Alright. Windows Client, Windows 10. Server, Ubuntu Server 16.04.2 LTS
<ezethnesthrown> Palm_premium: via editing the config file
<Ussat> is samba running ?
<Palm_premium> ezethnesthrown: and can you collect localy using the smbclient?
<Ussat> did you verify your config ?
<ezethnesthrown> Ussat: Samba is running. testparm returns no error]
<ezethnesthrown> Palm_premium: What do you mean 'collect'?
<Ussat> pastebin your config
<ezethnesthrown> http://paste.ubuntu.com/24542693/
<Palm_premium> ezethnesthrown: *connect
<Palm_premium> ezethnesthrown: if you log in to the ubuntu server, can you connect to localhost using the smbclient
<Ussat> ook, well, screw that, gluck, youre useing ldap with it.....
<Ussat> Thats a TON more complicated than we use....we just have a real simple config
<ezethnesthrown> Palm_premium: In a moment
<rbasak> ahasenack: thank you for triaging (and testing) bug 1455818! I have some extra knowledge on that as I wrote both the bug and the fix in mysql-5.6, so I've gone one step further and marked it Invalid with a comment.
<ubottu> bug 1455818 in mysql-5.6 (Ubuntu) "[SRU] mysql-server-5.6.postrm fails when /usr/share/mysql-common/configure-symlinks doesn't exist" [High,Fix released] https://launchpad.net/bugs/1455818
<rbasak> "I know it's not that bug because I wrote the bug" :-)
<Palm_premium> ezethnesthrown: what do the SMB logs say in /var/log/samba/* ?
<ahasenack> good deal
<Palm_premium> ezethnesthrown: You'r using LDAP so you might also want to check /var/log/auth for authentication errors
<ezethnesthrown> Palm_premium: /var/log/auth: no such file or directory
<ezethnesthrown> Palm_premium: /var/log/samba/log.smbd http://paste.ubuntu.com/24542715/
<Palm_premium> ezethnesthrown: Well thats a pretty clear error, there is an error connecting to the LDAP service. How did you setup the LDAP authentication?
<ezethnesthrown> Palm_premium: I don't recall if there is any. I followed the guide at https://help.ubuntu.com/lts/serverguide/samba-ldap.html along at https://bugs.launchpad.net/serverguide/+bug/1579209 posted by heidou
<ubottu> Launchpad bug 1579209 in Ubuntu Server Guide "Samba and LDAP is completely out of date" [Undecided,Confirmed]
<ahasenack> that guide :/
<Palm_premium> ezethnesthrown: is the ldap service runing on the same server as the SMB service?
<ezethnesthrown> Palm_premium: Yes
<Palm_premium> ezethnesthrown: were you able to setup a SMB user with the smbldap-useradd utility?
<ezethnesthrown> Palm_premium: Without an error
<smoser> nacc, i'm not familiar with that test at all. i agree it doesn't look right.
<Palm_premium> ezethnesthrown: something is baffeling me, you could connect localy to SMB using an ldap account? Can your windows machine connect to the ldap port?
<FilipNortic> oen of my server disks just got remouted as read only cause of journal coruption
<FilipNortic> one
<ezethnesthrown> Palm_premium: I can't connect locally with the account I created with smbldap-useradd utility. I'm sorry, 'ldap port'?
<FilipNortic> there is only log and temp files on that disk but what can i do to restore it?
<FilipNortic> EXT4-fs error (device vdb2): ext4_journal_check_start:56: Detected aborted journa
<Palm_premium> ezethnesthrown: In that case can you post your smb.conf to pastebin?
<ezethnesthrown> Palm_premium: http://paste.ubuntu.com/24542693/
<Palm_premium> ezethnesthrown: I think i found it, check line 124
<Palm_premium> ezethnesthrown: try changing that to "passdb backend = ldapsam:ldap://locahlhost"
<ezethnesthrown> Palm_premium: I guess that's what happens when you follow blindly
<Palm_premium> ezethnesthrown: Correction "passdb backend = ldapsam:ldap://localhost"
<ezethnesthrown> Palm_premium: That probably solved another problem
<Palm_premium> ezethnesthrown: I have had security aware customers that followed guides by digital ocean, I found out because  they wwere still using the default password :P
<Palm_premium> ezethnesthrown: after restarting samba try connecting localy and then from the remote client
<s7rawman_> hey all. I've got myself throughly confused. I've got a Ubuntu server running, 16.04.2 LTS. On this server I have 4 hdd, two I know to be mounted for sure, but a third should be mounted. This drive should up as mounted when I run lsblk. If a drive isn't mounted shouldn't I be unable to read the data off it(which I'm able to do). Here's the pastebin from the lsblk -o NAME, FSTYPE, SIZE, MOUNTPOINT, LABEL: http://paste.ubuntu.com/24542745/
<ezethnesthrown> Palm_premium: Connection to 127.0.0.1 failed
<Palm_premium> ezethnesthrown: could you check slapd is running and try to telnet to localhost port 636
<ezethnesthrown> Palm_premium: slapd is up and running. telnet: could not resolve 127.0.0.1:636/telnet: No address associated with hostname
<Palm_premium> ezethnesthrown: try "telnet localhost 636"
<ezethnesthrown> Unable to connect to remote host: Connection refused
<ezethnesthrown> Palm_premium: Unable to connect to remote host: Connection refused
<Palm_premium> can you check if there is a firewall running?
<Palm_premium> ezethnesthrown: see if there is an init script for the firewall and temprarily stop it and try to connect again.
<ezethnesthrown> Palm_premium: That should be [[ /etc/init.d/ufw ]] right? Connection refused again
<Palm_premium> ezethnesthrown: sudo ufw disable
<ezethnesthrown> palm
<ezethnesthrown> Palm_premium: Connection refused
<Palm_premium> ezethnesthrown: could your run "iptables -nL" and check if there are still rules being listed?
<ezethnesthrown> Palm_premium: Everything's empty
<Palm_premium> ezethnesthrown: could cou check with "netstat -tupan" that slapd is actually listening on port 636, also take note if it is ip4, ip6, or both
<ezethnesthrown> Palm_premium: I'm not really sure how to read it so here http://paste.ubuntu.com/24542903/
<ezethnesthrown> Palm_premium: So, it's listening on port 389?
<Palm_premium> ezethnesthrown: it seems ldap is listening on port 389 instead. Could you try "telnet localhost 389"
<ezethnesthrown> Connected
<ezethnesthrown> Palm_premium: Conencted
<Palm_premium> ezethnesthrown: Awesome
<Palm_premium> ezethnesthrown: Let me check the smb config, one moment
<Palm_premium> ezethnesthrown: Could you check what the current errors are in the samba logs when trying to connect?
<Palm_premium> ezethnesthrown: I looked up some examples and the backend config should be okay
<ezethnesthrown> Palm_premium: http://paste.ubuntu.com/24542939/
<Palm_premium> ezethnesthrown: check the reply on this post https://lists.samba.org/archive/samba/2016-February/197834.html
<ezethnesthrown> Palm_premium: Checking
<ezethnesthrown> Palm_premium: command 'net getdomainsid' returns error
<ezethnesthrown> Palm_premium: I added the 'ldapsam:trusted = yes \n ldapsam:editposix = yes'.
<ezethnesthrown> Palm_premium: smbclient still cannot connect. Same error. NT_STATUS_CANT_ACCESS_DOMAIN_INFO
<Palm_premium> ezethnesthrown: Did you also set the olcloglevel in the slapd config? It should start logging details to the /var/log/syslog.
<nacc> cpaelzer: ack, i'm online now
<nacc> smoser: ok, agreed :)
<nacc> smoser: new question, why in your ubuntu16 upload did you change the networking configuration?
<nacc> smoser: it doesn't seem to be mentioned in the changelog
<cpaelzer> nacc: good morning
<cpaelzer> nacc: good morning
<cpaelzer> nacc: how about the half hour before IRC meeting?
<cpaelzer> nacc: there we can discuss anything on the merges as needed
<cpaelzer> nacc: in case you found the time to look at them more deeply
<cpaelzer> nacc: otherwise just merge them but feel free to review/comment afterwards still
<cpaelzer> nacc: as I said an ubuntu2 / next-merge is always possible
<cpaelzer> nacc: to some degree I want to upload before I go to bed today as I'm sprinting the rest of the week
<cpaelzer> nacc: too much open tasks aren't good
<smoser> nacc, more context
<ezethnesthrown> Palm_premium: What should I look in '/var/log/syslog'?
<ezethnesthrown> look for*
<nacc> cpaelzer: ack, right after this meeting?
<nacc> smoser: one sec, will pastebin
<nacc> smoser: http://paste.ubuntu.com/24543155/
<cpaelzer> nacc: yeah right after the meeting
<nacc> smoser: 10.0.2.3 -> 10.1.1.4
<nacc> smoser: default kvm networking (user) will be 10.0.2.3?
<nacc> smoser: unless you also change how xkvm gets invoked i think
<nacc> smoser: oh i see it's supppoed to override the kvm invocation
<Palm_pre1ium> ezethnesthrown: You can just use tail -f on the log and try connecting to the smb share, you should see a bunch of entries appear from the slapd daemon
<ezethnesthrown> Palm_pre1ium: http://paste.ubuntu.com/24543240/
<Palm_pre1ium> ezethnesthrown: According to google that is username/password incorrect message
<ezethnesthrown> Palm_pre1ium: It shows that when I restart smbd daemon
<ezethnesthrown> Palm_pre1ium: Something wrong with samba configuration?
<Palm_pre1ium> ezethnesthrown: ezethnesthrown I think something might have gone wrong with setting up your ldap scheme
<Palm_pre1ium> ezethnesthrown: When you try to connect to smb there are no new log entries appearing?
<ezethnesthrown> Palm_pre1ium: No
<Palm_pre1ium> ezethnesthrown: this is getting a bit out of my league, either the samba or SLAPD logs should tell you what is going on. Since the SLAPD logging is not showing anything I'd suggest cranking up the logging for the samba service.
<ezethnesthrown> Palm_pre1ium: Is 10 a good idea?
<Palm_pre1ium> ezethnesthrown: what is the default setting? 3?
<Palm_pre1ium> ezethnesthrown: I would increment by 1 or 2
<ezethnesthrown> Default is 1.
<Palm_pre1ium> ezethnesthrown: documentation stats above level 3 is debug information so id recommend starting with level 3
<ezethnesthrown> Palm_pre1ium: Cranked up to 8. Doesn't seem to change much from 3
<cpaelzer> nacc: just stay in the HO after this
<nacc> cpaelzer: +1
<Palm_pre1ium> ezethnesthrown: But does it tell us more about the problem?
<ezethnesthrown> Palm_pre1ium: No
<Palm_pre1ium> ezethnesthrown: you did restart/reload smb?
<ezethnesthrown> Palm_pre1ium: Yes. I did
<ezethnesthrown> Palm_pre1ium: A long log. http://paste.ubuntu.com/24543373/
<Palm_pre1ium>  ezethnesthrown Reading from line 695 the first error is on line 840 Error: Invalid credentials
<ezethnesthrown> Palm_pre1ium: I swear that's what I did everywhere else. 'cn=admin,dn=nodomain'
<Palm_pre1ium> ezethnesthrown: Just reading up on Google and I found a post which stats that a password is set for slapd during the configuration step off the package, however I have not seen any credentials in your samba config. Do you remember if you entered a passowrd?
<ezethnesthrown> Palm_pre1ium: Password for samba?
<Palm_pre1ium> You could try to reconfigure slapd if it was installed from the repository using "sudo dpkg-reconfigure slapd"
<Palm_pre1ium> ezethnesthrown: no for SLAPD, it is protected with username and password.  Samba can't connect to SLAPD and therefore can try to log you on
<ezethnesthrown> Palm_pre1ium: The only password I entered for slapd is when I was prompted during the installation
<Palm_pre1ium> ezethnesthrown: Thats the one you need, that will be an admin account and I expect you can create new users with that account or use that account in your samba config.
<ezethnesthrown> Palm_pre1ium: Creating new users is not a problem
<Palm_pre1ium> ezethnesthrown: I need to go its the end of my shift and im going squashing :D
<ezethnesthrown> Palm_pre1ium: Thank you a lot for your time
<Palm_pre1ium> ezethnesthrown: No problem!
<ahasenack> Palm_premium: try "ldapwhoami -x -D cn=admin,dc=nodomain -W" and input the password you gave when you first installed the slapd package
<ahasenack> run that on the ldap server
<ezethnesthrown> ahasenack: Are you directing it to me actually?
<ahasenack> ops
<ahasenack> ezethnesthrown: yes, sorry
<ezethnesthrown> ahasenack: It prints out
<ezethnesthrown> ahasenack: dn:cn=admin,dc=nodomain
<ahasenack> so that's your "bind dn", and you got the password correct
<ezethnesthrown> ahasenack: What should I do next?
<ahasenack> sorry, I didn't follow your whole discussion, just saw that Palm_premium was wondering about whether your password was correct
<ezethnesthrown> ahasenack: Ah, it's alright. I'll probably restart all over from the beginning later
<greenmanspirit> Has anyone used realmd to set up sssd with active directory? It keeps telling me that packages aren't installed even though I installed them.
<coreycb> LarsErikP:  neutron 9.3.1 is awaiting sru review.  you can track it in bug 1688557
<ubottu> bug 1688557 in nova (Ubuntu Yakkety) "[SRU] newton stable releases" [Undecided,New] https://launchpad.net/bugs/1688557
<greenmanspirit> I figured it out, packagekit wasn't installed and it isn't set as a dependency for realmd
<nacc> greenmanspirit: maybe file a bug, seems important
<greenmanspirit> nacc, I haven't filed an ubuntu bug before, launchpad, right?
<nacc> yeah
<nacc> !bug | greenmanspirit
<ubottu> greenmanspirit: If you find a bug in Ubuntu or any of its derivatives, please report it using the command Â« ubuntu-bug <package> Â» - See https://help.ubuntu.com/community/ReportingBugs for other ways to report bugs.
<greenmanspirit> that is fantastic
<greenmanspirit> thanks!
<nacc> greenmanspirit: yw
<keithzg> Hmm is there any easy way to see which connections to smbd are hogging bandwidth? The central fileserver at work right now is slooowwww, and nethogs shows it's smbd being hammered, but , I can't see an easy way to drill down into that
<ahasenack> I don't have a samba server at hand now, but I vaguely remember an smbstatus command
<ahasenack> that maybe gives you port numbers, and then you can map that to the nethogs report
<ahasenack> ah, you will get machine ip in smbstatus definitely
<ahasenack> and pid of the smbd process servicing a client
 * ahasenack -> EOD
<nacc> rbasak: fun, just a trivial `ln -s bin/usd bin/git-ubuntu` in the importer git tree just works :)
<nacc> dpb1: --^
<nacc> will test it with the snap too after cleaning up documentation, etc.
<dpb1> nacc: interested if it works in the snap. :)
<nacc> dpb1: i think it should, it's the same underlying logic (and git is in my snap)
<nacc> dpb1: but yeah, to test
#ubuntu-server 2017-05-10
<Aison> i'm running two ubuntu server on two machines. Both systems are NUMA systems
<Aison> but on one system, numactl -H shows only one node
<Aison> I don't know why....
<sarnold> Aison: does your system bios allow disabling it?
<Aison> uhm, I have to check....    but I already used the motherboard with the OS that recognizing NUMA. And there it worked
<Aison> maybe there was a BIOS reset when I moved the motherboard to the new casing?!?
<nacc> Aison: i can try and help you debug if that isn't it, tmrw :)
<Aison> nacc, thx, just checking the bios now
<Aison> nacc, on boot, the BIOS posts 4 Nodes
<Aison> but ubuntu don't detect them
<sarnold> Aison: is there anything informative in dmesg output?
<Aison> that's all: [    0.000000] NUMA: Initialized distance table, cnt=1
<Aison> maybe it is some cpu setting in bios that produce that problem
<Aison> I don't understand all options, eg. IOMMU
<ezethnesthrown> Client: HexChat 2.12.4 â¢ OS: Microsoft Windows 10 Home Single Language (x64) â¢ CPU: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz (2.19GHz) â¢ Memory: 7.8 GiB Total (1.8 GiB Free) â¢ Storage: 483.3 GiB / 807.9 GiB (324.6 GiB Free) â¢ VGA: NVIDIA GeForce GTX 950M, Intel(R) HD Graphics 5500 â¢ Uptime: 4d 14h 6m 10s
<sarnold> that's interesting; my laptop spits out: [    0.000000] No NUMA configuration found
<sarnold> different from count=1...
<Aison> maybe it is worth updating the bios?
<nacc> Aison: bios updates may help (the numa table is in the firmware on the mobo)
<nacc> Aison: what type of hardware?
<nacc> Aison: also, there *might* be BIOS settings that turn a NUMA system into a UMA system for compatibility reasons
<nacc> Aison: there will be some more info than that normally
<nacc> Aison: i'm eod, but if you can pastebin your dmesg on boot, i can try and look
<nacc> Aison: the non-x86 arches have numa debug in the kernel
<Aison> bios update helped
<sarnold> woot? :)
<Aison> but now I get this error with grub:
<Aison> grub attempt to read or write outside of disk
<Aison> hd0
<Aison> when I select the first kernel
<Aison> the 2nd and 3rd one works
<sarnold> eww
<Aison> never ever had such a strange error
<LarsErikP> coreycb: thanks for updating me on newton 9.3.x for Xenial!
<ezethnesthrown> In smb.conf, where does 'auth methods' sit?
<lordievader> Good morning
<sarnold>        The letter G in parentheses indicates that a parameter is
<sarnold>        specific to the [global] section.
<ezethnesthrown> Okay thanks.
<ezethnesthrown> [[ sudo ldapmodify -x -D 'cn=config' -W -f config_loglevel.ldif ]] > Enter password > Invalid credentials (49)
<ezethnesthrown> [[ sudo ldapwhoami -x -D cn=admin,dc=testserver,dc=ord -W ]] > Enter password > Password is correct
<ezethnesthrown> Oh wait, it says no such user in the ldap log
<ezethnesthrown> Nevermind, found the solution
<sarnold> yay?
<ezethnesthrown> I'm currently having problem with Samba + LDAP. I can't access to Samba with 'smbclient' after adding user with 'smbldap-useradd' command.
<ezethnesthrown> log.openLDAP says > NT_STATUS_ACCESS_DENIED
<frickler> could someone take a look at https://bugs.launchpad.net/ubuntu/+source/libguestfs/+bug/1632405 and maybe bump priorities? it's sad to see openstack projects moving from xenial to centos because of this https://review.openstack.org/463677
<ubottu> Launchpad bug 1632405 in libguestfs (Ubuntu) "virt-customize enters infinite loop: dhclient-script: cannot open /etc/fstab" [Undecided,Confirmed]
<aaronr> nacc: are you around to help me learn how to create updated packages for Nagios? cpaelzer suggested I pop in here for the bug squashing event
<aaronr> bug report is https://bugs.launchpad.net/ubuntu/+source/nagios3/+bug/1686768 -- it's patched, I think I just need to get the new packages sorted?
<ubottu> Launchpad bug 1686768 in nagios3 (Ubuntu Zesty) "Restricted contacts can see servers that do not belong to them" [Medium,Triaged]
<teward> if i need to reach out to landscape support, and all the web methods are dead, how do I go about doing that?
<teward> (SalesForce SSO error, or "Connection Reset" to the generic "Contact Canonical" page)
<zioproto> coreycb: I guess you are in Boston at the moment
<zioproto> coreycb: I rebuild Horizon for stable/newton and I got into this bug again https://bugs.launchpad.net/horizon/+bug/1643964
<ubottu> Launchpad bug 1643964 in horizon (Ubuntu) "compressing static assets fails with xstatic-bootswatch 3.3.7.0" [Undecided,Fix released]
<Bert_2> Hi, I run a very typical PAM+LDAP setup with posixAccount and shadowAccount, we use shadowExpire to expire accounts that haven't renewed (yet), now I can't seem to find how I can check through CLI whether an account has expired without using ldap_search. I presume there should be some regular or PAM command to do this. Can anyone help me out?
<coreycb> zioproto: yes i'm at the summit so hard to dig into much but i think that may occur on newton if you generate new xstatic files
<zioproto> how could I reset ?
<zioproto> I tried deleting completely /usr/lib/python2.7/dist-packages/horizon/
<zioproto> and I deleted also /usr/share/openstack-dashboard/
<zioproto> but I am never able to reinstall Horzin
<zioproto> this is the staging system, dont panic :)
<CarlenWhite> Teasing the idea if I can set up rotating tar backups and use archivemount (in read only) to keep files presented to the user.
<CarlenWhite> Incremental rotating backups, sorry.
<CarlenWhite> Since tar has it built in from what I'm aware.
<CarlenWhite> And I think I can use tarcat on archive.0.gz.tar and archive.1.gz.tar to archive.0.gz.tar, then rename archive.n.gz.tar to shift them back a number before creating archive.x.gz.tar.
<CarlenWhite> But how successful and stable that will be is up to debate.
<ezethnesthrown> Is the 'man slapd.conf' is a little out of date? The example at the bottom of the page looks different to my non-existent slapd.conf
<ahasenack> ezethnesthrown: A config file called slapd.conf can still be used, that's why the manpage is still there. Doesn't mean it's the default configuration mechanism
<ahasenack> (it's not)
<ezethnesthrown> Oh, sorry about that.
<ezethnesthrown> Thank you
<CarlenWhite> Probably not wise of me to use tarcat on a file that I'll be overwriting with new information?
<ezethnesthrown> How do I connect to a Samba server with an smbclient using an LDAP user made by smbldap-useradd command?
<ahasenack> ezethnesthrown: a good test is smbclient. Use smbclient -L <server> -U <username>
<ahasenack> that will prompt for the password, and list all the shares of <server>
<ezethnesthrown> I have added an LDAP group to 'valid users' in smb.conf but I still can't login with a user inside that specific group.
<nacc> aaronr: sure! give me a bit (sorry didn't see it in my backlog until just now)
<nacc> aaronr: i'm around now, will be out for lunch, but around otherwise
<rbasak> smoser: I uploaded the latest uvtool to artful yesterday. It includes the new ssh public key stuff so --insecure is no longer needed. That feature had been siting in the daily builds for a long time.
<jrtappers> I'm trying to setup landscape with the free 10 server license, but I seem to have got stuck
<jrtappers> From what I can see of the source it is trying to use an SSH public key as a SSL CA, which seems wrong
<nacc> dpb1: --^ maybe you can help direct?
<jrtappers> The file is /usr/lib/python2.7/dist-packages/landscape/broker/transport.py, and the SSH key reference is in __init__, the SSL usage is in _curl
<jrtappers> But it does work on my laptop, so it might be a red herring
<dpb1> jrtappers: you probably want to back up a bit and state what problem you are hitting
<jrtappers> I am trying to get servers linked to an on-prem instance of landscape
<aaronr> nacc: great, thank you! so it was suggested i check in for the bug squashing event and learn how to build the updated packages myself. where should I start with that?
<jrtappers> I managed to enroll an ubuntu desktop client, but neither the server that runs landscape nor a secondary server can connect
<jrtappers> The log contains this > http://paste.ubuntu.com/24549951/
<dpb1> ok, how did you get your desktop to work?  is your key signed by a trusted CA, or is it self-signed
<nacc> aaronr:  np! let me take a look at the bug
<jrtappers> Trusted CA (LetsEncrypt)
<jrtappers> Using curl against the URL from the stack trace works
<nacc> aaronr: there are a couple of different approaches
<dpb1> jrtappers: the systems are xenial?
<nacc> aaronr: we have a git-based workflow for which i'm importing nagios3 rightnow but that will take a while to finish
<nacc> aaronr: we can start on the SRUs without it
<nacc> aaronr: so what i'd do first, is `pull-lp-source nagios3 xenial` in a place you want to download the source packge to
<jrtappers> dpb1, Yeah
<nacc> aaronr: (you might need to install ubuntu-dev-tools)
<nacc> aaronr: that will result in a directory like nagios3-<version> wherever you ran the command
<aaronr> okay sounds good, doing that now
<nacc> aaronr: (and we'll do similar for each release out there)
<nacc> aaronr: but the process will be repetitive
<aaronr> okay that makes sense
<nacc> aaronr: once you have the source package pulled down, you're going to cd to that directory
<dpb1> jrtappers: my first instinct is that's it's something to do with the CN.  Can you check that the certificate subject CN matches the hostname.  Check landscape.canonical.com for cross reference.
<nacc> aaronr: you're going to make whatever changes you need to the srcpkg
<nacc> aaronr: then run `dpkg-source --commit`, which will generate a quilt patch and open EDITOR on it
<nacc> aaronr: in that file, there will be a header that explains what to do to the patch, but basically, you want to follow the DEP3 specification (http://dep.debian.net/deps/dep3/)
<nacc> aaronr: which gives a well-formatted information about the patch (if it's a backport from upstream, e.g., where the upstream commit is)
<nacc> aaronr: and who wrote it, etc.
<nacc> aaronr: once you're satisfied with the patch, you'll save & quit as appropritae for your editor
<dpb1> jrtappers: I used this for checking: openssl s_client -connect landscape.canonical.com:443 2>/dev/null < /dev/null
<nacc> aaronr: then you'll use `dep3changelog debian/patches/<patchfilename>` (from devscripts)
<nacc> aaronr: (dpkg-source --commit will prompt you to name the patch file)
<nacc> aaronr: dep3changelog will insert a changelog entry appropriately
<nacc> aaronr: once it finishes, run `dch --edit`
<smoser> rbasak, horay!
<ahasenack> ezethnesthrown: did you prepend the group name with @ or +?, and is "valid users" in a share context in smb.conf?
<jrtappers> dpb1, It returns OK on both servers
<nacc> aaronr: verify the changelog entry looks ok, then, update the release from UNRELEASED to xenial (in this case)
<ezethnesthrown> ahasenack, with a +
<ahasenack> ezethnesthrown: check if "getent group <name>" returns the list of users you expect, on the samba server
<nacc> aaronr: dep3changelog should have incremented the version correctly too, but we'll check it before you provide the debdiff
<ahasenack> <name> without the +
<dpb1> jrtappers: and the CN...
<aaronr> okay, i'll run through that lot now. thanks so much!
<nacc> aaronr: in any case, once the changelog is done, you'll run `dpkg-buildpackage -S -nc -d -uc -us` (which builds a new source package, without running clean, ignoring build-depends, and not signing the result)
<dpb1> jrtappers: it matches what you are trying to contact?
<nacc> aaronr: that will generate a .dsc file in ..
<jrtappers> dpb1, It's an exact match
<ezethnesthrown> ahasenack, it doesn't
<ezethnesthrown> I'm pretty sure I added the user to the group
<nacc> aaronr: and then pastebin `debdiff <old dsc> <new dsc>` and we can review it :)
<nacc> aaronr: identical process (s/xenial/yakkety/ or s/xenial/zesty/) throughout for the other SRUs
<DK2> hmm
<DK2> ive had to put the harddrives of a ubuntu system to another server
<dpb1> jrtappers: ignore the landscape server itself, focus on the other server.  time is correct there?
<DK2> now i need to know the mac adress of the last server
<DK2> is there anyway to find out old mac-adress saved somewhere in the ubuntu system?
<jrtappers> dpb1, Yep
<DK2> or any other way, to identify the origin server ?
<nacc> DK2: um, mac address is on the physical device
<nacc> DK2: i mean, it depends on if you hardcoded it into /e/n/i, which would be uncommon
<nacc> DK2: otherwise the mac is not stored in state
<ahasenack> ezethnesthrown: then you may not have nss_ldap configured properly, or the new guy, sssd
<dpb1> jrtappers: then I'm not sure.  I would say file a bug on lp:landscape-client
<dpb1> so
<ahasenack> ezethnesthrown: I'm slowly updating the ubuntu guide about ldap, samba and kerberos, I think I'll get to samba by the end of the week
<dpb1> something you can do to workaround
<DK2> nacc: im just curious if there is anyway to identify the origin server of the old system the hdd used to be
<DK2> such as mac adress or smth like that
<nacc> DK2: i guess you could try looking in the logs -- but generally, i don't think so
<DK2> all i could think of was the netrules if it hadnt be deleted
<dpb1> jrtappers: openssl s_client -connect landscape.canonical.com:443 > /etc/landscape/server.crt 2>/dev/null < /dev/null
<DK2> which obviously was deleted
<ezethnesthrown> ahasenack, Any way for me to fix that or something? Can I add a user to a group?
<dpb1> jrtappers: then use the 'ssl_public_key = /etc/landscape/server.crt' config value in /etc/landscape/client.conf
<aaronr> nacc: thanks! crunching away at that now, will let you know how I get on
<nacc> aaronr: sure, i'll be headed to lunch in a bit, but i'll be back soon
<dpb1> jrtappers: this is what you would have to do if it was self-signed
<aaronr> nacc: No problem. I'll tackle Xenial only for now and if that goes well I'll replicate what I've done for the others
<dpb1> jrtappers: if that fails, it's also good data for the bug report.
<dpb1> jrtappers, ahasenack informs me that the ssl_public_key workaround I gave you wont work on a real cert.
<jrtappers> dpb1, Ah, ok
<dpb1> if he has other ideas, I'd love to hear them.
<dpb1> but, I think a bug report at a minimum is a good start
<ahasenack> what is the error?
<jrtappers> dpb1, I have added all the parameters to the deepest method, so I can include the parameters that were used
<dpb1> http://paste.ubuntu.com/24549951/
<jrtappers> *To the exception thrown
<dpb1> jrtappers: thx, that would be great data for the bug report.  even if it's not a pure bug in the code, at least that will get the right people looking at it
<ahasenack> jrtappers: was that server cert generated in-house? Or purchased from a non-custom CA?
<jrtappers> ahasenack, non-custom (LetsEncrypt)
<ahasenack> jrtappers: are wget and curl happy with contacting https://<yourserver>?
<dpb1> ahasenack: and it works on a desktop machine he has
<jrtappers> Yeah
<ahasenack> specifically curl, since landscape-client uses libcurl
<dpb1> but not on another server machine
<ahasenack> jrtappers: so curl https://server/ works without ssl errors on that same machine where landscape-client fails?
<jrtappers> ahasenack, Exactly
<ahasenack> jrtappers: try that curl as the landscape user, something like sudo -u landscape -H curl https://server/
<ahasenack> the landscape user has no shell by default, so "sudo -u landscape -i" and then curl won't work
<jrtappers> I have some more data now, 1 moment
<jrtappers> ahasenack, That worked
<ahasenack> sudo -u landscape -H curl?
<ahasenack> ezethnesthrown: can you show an ldif representation of your ldap group?
<jrtappers> ahasenack, That worked too
<ahasenack> jrtappers: try curl with --cacert /etc/ssl/certs/ca-certificates.crt
<jrtappers> ahasenack, Successful
<ahasenack> jrtappers: try starting the client interactively to see if it spits out more details about the error: sudo landscape-client
<ahasenack> it will not fork into the background in that case
<ahasenack> it will take a few seconds to try to contact the server, just hang on
<jrtappers> ahasenack, Method params for fetch -> http://paste.ubuntu.com/24550120/
<ahasenack> cainfo -> '/root/key.pem' <-- what's that?
<ahasenack> do you have a client.conf somewhere in $PWD perhaps?
<ezethnesthrown> ahasenack, http://paste.ubuntu.com/24550123/
<jrtappers> ahasenack, I used that folder for /etc/landscape/server.crt
<jrtappers> I'll try making it 777
<ahasenack> do you have ssl_public_key pointing at /root/key.pem in /etc/landscape/client.conf?
<jrtappers> Yeah
<ahasenack> dop that
<ahasenack> drop
<ahasenack> I mean, remove ssl_public_key from client.conf
<ahasenack> curl worked with /etc/ssl/certs/ca-certificates.crt explicitly, which is the default cafile, so let's let landscape try that too (the default)
<ahasenack> and yeah, landscape wouldn't be able to read /root/key.pem
<ahasenack> ezethnesthrown: that seems ok, are you using nss_ldap or sssd?
<ezethnesthrown> ahasenack, How do I check that?
<jrtappers> It seems to be working now, thanks
<jrtappers> No idea why it didn't work before I added that to try to fix it though
<ahasenack> do you have either packages installed? dpkg -l|grep -E "(libnss-ldap|sssd)"
<jrtappers> I think I re-installed ca-certificates
<ahasenack> jrtappers: what did you try now, landscape-config?
<ahasenack> to register?
<jrtappers> Yeah
<ahasenack> did it become a pending computer in the UI?
<ahasenack> (or even automatically registered, if you are using registration_key)
<ahasenack> ezethnesthrown: do you have either packages installed? dpkg -l|grep -E "(libnss-ldap|sssd)"
<ezethnesthrown> ahasenack, neither
<jrtappers> ahasenack, It added successfully, but adding the server that hosts landscape to landscape crashed the whole system
<jrtappers> Is there a way to manage that server from the same UI?
<ahasenack> jrtappers: sure, and it's common. What do you mean by "crashed"?
<jrtappers> Sent the load on the box to maximum and stopped the web UI working
<jrtappers> I get a message saying Sorry for the inconvenience. Please contact your system administrator for more information.
<jrtappers> Ok, did it again, the load stayed OK, but the UI was taken offline again
<ahasenack> ezethnesthrown: that wil need some work, I won't have ready answers for you now
<ahasenack> jrtappers: how much ram do you have in that box?
<ahasenack> jrtappers: if the UI is "offline", that means the appserver process isn't running, or not reachable
<ahasenack> you can check /var/log/landscape-server/appserver.log
<ahasenack> and/or dmesg if you suspect the OOM killer is being triggeed
<jrtappers> I think it could be a memory issue
<aaronr> nacc: I think I've done that right for Xenial now. debdiff at http://pastebin.ubuntu.com/24550198/
<jrtappers> I thought a VM with 1/2 GB per managed host should be ok?
<Bert_2> Hi, I run a very typical PAM+LDAP setup with posixAccount and shadowAccount, we use shadowExpire to expire accounts that haven't renewed (yet), now I can't seem to find how I can check through CLI whether an account has expired without using ldap_search. I presume there should be some regular or PAM command to do this. Can anyone help me out?
<ahasenack> jrtappers: hm, you mean half a gigabyte of RAM? or do you mean "1 or 2"?
<jrtappers> Half per managed server, (1.5 total). Is this too low?
<ahasenack> jrtappers: anyway, I would suggest 4Gb to start with landscape server. I assume you are using quickstart? i.e., all-in-one? Database, rabbit, landscape itself, etc?
<jrtappers> Ah oh
<jrtappers> Yeah
<ahasenack> for the clients, that depends what you run on them of course
<ahasenack> but the server needs more. Of course that also depends how many clients you have talking to it, i.e., how many registered computers
<sarnold> jrtappers: see also https://bugs.launchpad.net/ubuntu/+source/landscape-client/+bug/1685885
<ubottu> Launchpad bug 1685885 in landscape-client (Ubuntu) "Extreme RAM and SWAP usage" [High,New]
<ezethnesthrown> ahasenack, Anyhting that could guide me to make it work?
<ahasenack> ezethnesthrown: the users and groups need to show up in the output of "getent passwd" and "getent group", respectively
<ahasenack> ezethnesthrown: if they are only in ldap, then you need nss_ldap, or a more recent tech like sssd
<ezethnesthrown> ahasenack, Should I use nss_ldap or sssd?
<ahasenack> libnss-ldap has been dropped from main in favor of sssd
<ahasenack> and https://bugs.launchpad.net/serverguide/+bug/1479495 is about recommending sssd instead of nssldap
<ubottu> Launchpad bug 1479495 in Ubuntu Server Guide "Only recommend sssd for 16.04" [Wishlist,New]
<ahasenack> so sssd is the way forward, but I have no experience with it yet
<ahasenack> and my experience with nssldap is that it can be quite buggy and may be unmaintained nowadays
<ezethnesthrown> ahasenack, Thank you. I'll try using sssd then. Anything that I need to know of to get started?
<ahasenack> ezethnesthrown: just that your end goal is for the ldap users and group to appear in the output of those getent commands
<ahasenack> or maybe "getent passwd <user>" and "getent passwd <group>" explicitly (instead of listing all of them)
<ezethnesthrown> ahasenack, What kind of results or output should I be expecting? Right now I'm not getting anything.
<ahasenack> ezethnesthrown: the same type you get for a local user
<ahasenack> ezethnesthrown: which is essentially a single line, just like what is in /etc/passwd for the user (and /etc/group in the group case)
<ezethnesthrown> ahasenack, Thank you very much for your time. I'll be moving on then.
<ahasenack> good luck
<ezethnesthrown> Any problems arise, I'll find myself here
<ahasenack> yep
<speaker1234> I'm trying to install 16.04 server with raid. It keeps failing when installing grub.  I've googled a bit and have found a few references to the problem but no solutions
<drab> speaker1234: what error do you get? I do that routinely and found no problems with it
<drab> both on raid1, 6 and 10
<drab> s/both//
<speaker1234> warning is something about grub not being to be installed on /dev/sda
<sarnold> find exact error messages; you can search for those in source code
<drab> mmmh, so it doesn't ask you whree to install it? is this a manual install or preseed?
<speaker1234> manual install
<speaker1234> I tried hte default partitioning then changing hte swap and / partitions to swap.  when I tried to do the same with the second disk, the install hung.
<drab> how come that a tcpdump on tun0 shows no traffic but the traffic is going through?
<drab> trying to debug a vpn
<drab> in a container if that makes a diff
<drab> I don't see traffic from the vpn client neither on eth0 nor on tun0
<drab> but I see the traffic on the destination host
<drab> speaker1234: so you're doing manual partitioning?
<drab> or you tried that after default failed?
<drab> what happens if you let it just "use the whole volume"
<drab> in automatic
<speaker1234> drab, it does not let me raid.  I'll try it now
<speaker1234> s/it/it again/
<speaker1234> drab is tun0 a bridge?
<drab> no it's a tun/tap interface created by openvpn
<drab> it's strange because even then on eth0 I should see traffic since the traffic does reach destination and that's the physical interface
<drab> I think this is something else, I think I'm just not allowed to do tcpdump inside a container
<speaker1234> drab, I have experienced sometimes tcpdumping an openvpn connection does not always work
<speaker1234> context being a linux based firewall (ipcop/ipfire)
<ahasenack> drab: are you using tcpdump inside a lxd container?
<drab> this is definitely the container, I just can't tcpdump inside it
<drab> ahasenack: yeah
<drab> was trying to
<ahasenack> drab: there is a bug
<ahasenack> drab: tcpdump can't write to stdout/stderr
<ahasenack> drab: workaround: use -s 0 -w traffic.pcap
<drab> ah, I see
<drab> thanks
<ahasenack> let it capture, and read it elsewhere
<ahasenack> drab: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1667016
<ubottu> Launchpad bug 1667016 in apparmor (Ubuntu) "tcpdump in lxd container: apparmor blocks writing to stdout/stderr" [Undecided,Confirmed]
<ahasenack> it can capture the traffic, just not print to the console :)
<ahasenack> I was also hit by that the other day, very annoying
<drab> so glad you were here and saw this :)
<drab> thanks
<ahasenack> welcome :)
<speaker1234> ahasenack, great clue :-) I would have also beat my head against that problem for *hours*
<ahasenack> one would think that lxd/apparmor would have trouble letting tcpdump capture the traffic, not printing to stdout/stderr :)
<speaker1234> drab, guided part worked fine.  I just can't get a raid install to work grrr.
<drab> speaker1234: mmmmh, so it worked through the partitions, installed everything adn got to the last step and threw an error?
<drab> what's in Alt-f4 log terminal?
<drab> any clue what it's failing on?
<speaker1234> no. the guided install worked fine.
<drab> oh, you mean the whole thing, including writing grub
<speaker1234> yes
<drab> oh, eeeer, but you want a diff partition layout?
<speaker1234> diff partition in that it uses raid
<ahasenack> speaker1234: is this the text mode installer?
<drab> oh so when you say auto part you don't mean auto on a raid
<speaker1234> ahasenack, yes.  16.04.2 server
<drab> I guess there's no such thing, I'm just so used to preseed it's all "auto"...
<drab> speaker1234: can you specify the steps you take? I think I had to do it once or twice recently and it worked, altho I was on 16.4.1, but I doubt that makes a diff
<speaker1234> drab, ok here is what I do as far as I can recall
<drab> you said something about the installer freezing as well, when does that happen exactly? and you can't get any terminal at that point?
<speaker1234> drab, the freezing symptom first..  I selected manual partitioning,  new partition table, and then  automatic partitioning of the first drive
<speaker1234> I did the same thing on the second drive  except when I selected  automatic partitioning,  the system "froze"  and the screen displayed  the usual blue background  without any  text UI  information
<nacc> aaronr: back from lunch, reviewing it
<speaker1234> what I do when trying to make the install work  with raid at the very beginning,
<drab> speaker1234: ok, did you try manual on the first one and second one?
<speaker1234> I go to the normal install process,  choose manual partitioning
<speaker1234> manually  create  swap, root, and home partitions
<speaker1234> label each one first as a  raid partition
<nacc> aaronr: it looks good overall -- few nits
<nacc> aaronr: the patch Author should be the upstream author
<speaker1234> then go and build  the raid MD devices
<drab> speaker1234: that all sounds good
<speaker1234> after I have MD devices, I format them with EXT4 or swap as appropriate
<drab> and mark them to be used as root etc?
<speaker1234> then I finish the partitioning step and let the rest of the install continue
<drab> and bootable flag
<speaker1234> oh yes, I do assignment the appropriate mount points
<drab> ok
<speaker1234> but I'm not able to set the boot flag
 * drab scratches head
<drab> that all seems correct
<speaker1234> I've seen bug reports for this back with vversion 11 and occasionally version 9
<drab> I'm not sure the boot flag is even there, I seem to remember I had to do it, but not 100% sure
<nacc> aaronr: i would also not use the #diff suffix for the github URL, even if only backporting that bit
<ahasenack> speaker1234: wait, you create the swap, root and home partitions and label them as raid? Then you create the MD device?
<drab> I think he just meant he partitions the disks so he gets sda1/b1 etc for swap/root to make up the raid and then makes the raid swap etc
<drab> but good point, maybe that's not what he meant and I just read into it
<speaker1234> ahasenack, no, I create the partitions that will be used as swap, root and home. Then I label them as raid partitions create the MD device, format the MD devices as appropriate, and assigned to the appropriate mount points
<ahasenack> ok
<ahasenack> so in the end you have something like /dev/md2 for /home, etc
<speaker1234> ahasenack, md126 but yea
<drab> speaker1234: what happens if you try something simpler, create only root and swap, in that order? or even just /
<drab> are the disks of the same size?
<speaker1234> what puzzles me the most is I'm not allowed to set the boot flag and when I do an automatic partitioning, it gives me some sort of a boot dedicated partition eff??
<drab> and partitions of same size
<drab> oooh, are you booting in efi mode?
<speaker1234> discs are the same size, same vendor, within a month of manufacture of each other
<drab> booting/installing in efi mode?
<speaker1234> I thought I was selecting the not efi mode
<drab> well, what's the bios saying?
<drab> once the installer starts, if it booted in efi there's no selecting anymore afaik
<speaker1234> let me check
<drab> both the bios mode and the boot mode must be correct
<drab> like you could have bios mode, but then hit f9 or whatever to choose media nd pick an EFI boot mode
<drab> or the other way around
<speaker1234> UEFI and legacy
<drab> can you force to legacy to test?
<drab> and make sure that when you press f9 or whatever to choose boot media you don't pick from the EFI subtree
<drab> (at least that's how I've normally seen them presented, two sort of trees, oen for efi one for legacy)
<speaker1234>  interesting.  when I switched to Legacy boot mode,  the  USB flash boot image is no longer visible.
<drab> lol,it works \o/
<drab> (I'm connected over vpn to a container inside a desktop that gets me into a byobu session with irc open)
<drab> just getting ready for a little trip to censored-internet-land :)
<speaker1234> .cn?
<speaker1234> or .us
<speaker1234> USA, the newest 3ed world country on the planet
<speaker1234> (and I live there...)
<drab> bybou/tmux are pretty impressive, it even reorients as I put the phone landscape
<drab> it's pretty funny to see
<speaker1234> I'm out of time for the day.  Thank for the help, I have something to try tomorrow morning
<drab> or even when I minimize the phone keyboard it enlarges the console windows
<drab> speaker1234: yeah, give legacy only a go
<drab> it sounds to me like you're definitely booting in efi
<drab> and you have not created an efi partition
<drab> which would be mandatory if you were indeed botting efi and doing things manually
<speaker1234> effing partition you mean...
<speaker1234> ;-)
<drab> it's the future!
<drab> or so they say
<speaker1234> future arrives too soon and in the wrong order
<speaker1234> thanks and goodnight!!
<drab> nn
<jge> hey all, is it possible to have UFW (iptables) be active only for a certain interface? I have two interfaces one facing a public network the other private network, I would like to firewall only one.
<bindi> why dont you use iptables-persistent instead of ufw?
<nacc> jge: i believe it's in `man ufw` that you can specify the interface
<jge> bindi: iptables-persistent as far as I know makes your rules persistent, UFW is just a bunch of wrapper scripts to make administration of iptables easier
<DK2> what do you guys think about a software raid5 with 4x 6 TB drives?
<DK2> rather awful ?
<drab> jge: iirc you specify the interface in the rule
<drab> jge: ie ufw allow in on iface to ....
<nacc> drab: `man ufw` agrees with you
<jge> drab and nacc, I was reading that earlier but UFW has you set up default policies before you start using it.. would those default policies apply to all interfaces?
<drab> DK2: awful from which perspective?
<DK2> i suppose it will break when recovery is needed
<drab> now that the write hole is fixed I think it's relatively ok, but if you are needing better performances than a single disk kind of thing, then yeah, awful
<drab> so depends on criteria
<dpb1> DK2: I usually shoot for raid10 if I have 4 disks, but really, it depends on the application.
<drab> DK2: why?
<drab> jge: yes
<drab> it's amazing how nasty the hacks can get when you're short on time...
<drab> overlapping subnets ftl but openvpn working without firewalling and natting ftw
<DK2> drab: because of the high load on the drives when syncing the failed disk
<DK2> it can take a long time with 6 TB and this will likely make another fail
<jge> drab: how would that work then if you have multiple interfaces and you only want to enable firewall on one? that default policy is effectively turning on the firewall for all no?
<DK2> but i need to get atleast ~16TB of storage
<jge> unless there's an option to set default policy for a given interface
 * jge reads man page
<drab> DK2: it depends on MTBF and hrs on the disks but fair enough. that said it is what it is, if there's no budget for more disks etc then that's the best you can do and that's it
<drab> I don't think it's evil in any way, maybe not optimal in absolute, but nothing is, it's all about best based on conditions
<DK2> i guess so
<keithzg> ahasenack: Belated reply from yesterday, yeah, smbstatus gave me enough info to eventually puzzle it out, although it didn't give me actual bandwidth per IP and nethogs just gives teh PID of smbd so I couldn't correlate the two, but looking at smbstatus in the end there was only one likely culprit, heh.
<ahasenack> keithzg: cool
<qman__> keithzg: you can use lsof to bridge that gap - smbstatus gives you file names, nethogs gives you pids, lsof maps pids to open files
<bnoeafkUSA> Is there anyone here who can provide some insight into the FIPS certification that Ubuntu 16 has obtained - or can lead me into a network/channel where I can find out more?
<aaronr> nacc: sounds good, making those adjustments now. when adjusting the github url am I okay to truncate the SHA to the first 8 chars or so to shorten it even more?
<nacc> aaronr: probably fine, as long as the URL resolves
<aaronr> nacc: patch author -- should this be the github committer or the person they attributed the patch to? (I don't have an email address for the latter)
<nacc> aaronr: let me look again
<aaronr> https://github.com/NagiosEnterprises/nagioscore/commit/d1b3a07f if you need a fresh link
<nacc> aaronr: a lot of times, you can get an actual address from teh git repository (just not on github, that is clone it locally first and you'll see the correct authorship incl. email address)
<aaronr> I can get the committer's email address, but the patch looks like it came in from someone else
<nacc> aaronr: for this one, i'm not sure -- i think it's ok to refer to the commiter
<aaronr> okay
<keithzg> qman__: Hmm, but nethogs only gives a single entry for Samba server traffic, as smbd, unless I'm missing some option somewhere
<aaronr> necc: oh, one other thing I kind of guessed at earlier -- many of the non-CVE patches were numbered eg 99_some_description.patch ... is that a standard convention? And should I always use 99 to ensure my changes are applied after most others?
<nacc> aaronr: your patch is applied based upon where it is in the series file
<aaronr> ah right okay
<aaronr> so should i remove the 99_ prefix?
<aaronr> (also as this is security-ish issue but doesn't have a CVE should i have targeted this at xenial or xenial-security?)
<sarnold> bnoeafkUSA: we're just moving on this.. it may take another day or so to get some information prepared
<nacc> aaronr: you should always target xenial, the security team owns publishing to -security
<nacc> aaronr: you don't need the 99_ prefix, unless there is a file indicating what the prefix mens
<nacc> *means
<nacc> some srcpkgs have that
<aaronr> gotcha okay
<aaronr> nacc: here's an updated debdiff with all those changes: http://pastebin.ubuntu.com/24551178/
<nacc> aaronr: looks great, althogh d/changelog now doesn't have a release targeted (change UNRELEASED to xenial)
<aaronr> oh whoops, thanks for catching that
<nacc> aaronr: i didn't say this before, because i forgot, but `dch` takes the release as an argument (-r)
<aaronr> ah nice, i'll add that to my notes, thanks!
<aaronr> http://paste.ubuntu.com/24551196/ has that release fixed
<nacc> aaronr: looks great, so save that to a file (typcially ending in .patch or .debdiff) and attach it to the bug and subscribe ~ubuntu-sponsors to the bug)
<nacc> aaronr: you can do the last part after doing the same fix for Y and Z first
<nacc> (and attacching them)
<aaronr> okay sounds good. so i'll get them all attached. Just still-supported releases, right? (This issue exists as far back as trusty)
<nacc> aaronr: right, so t, x, y, z (unfortunately). y is maybe less pressing, since it's going eol
<nacc> soonish
#ubuntu-server 2017-05-11
<Polarcraft> Does anyone know of a free alternative for Ubuntu that is like cPanel?
<YankDownUnder> Polarcraft, For what...for doing individual admin of web sites, or for admin of a server itself...?
<Polarcraft> YankDownUnder, for webhosting of sites.
<YankDownUnder> Polarcraft, something interesting to look at: https://www.howtoforge.com/tutorial/perfect-server-ubuntu-16.04-with-apache-php-myqsl-pureftpd-bind-postfix-doveot-and-ispconfig/
<Polarcraft> I personally don't like ispconfig.
<YankDownUnder> Fair enough. I like the price tag.
<sarnold> btw, these kinds of tools are usually insanely baggy
<sarnold> buggy, too
<sarnold> please firewall the thing to only allow connections from your one computer
<sarnold> not its own internal controls
<sarnold> firewall
<Polarcraft> Eh I might just user serverpilot.
<Polarcraft> s/user/use
<Han> When I kickstart an 16.04.02 server and have "d-i clock-setup/ntp-server string george" the installer hangs at setting the time. That is, until I open a console. Then all of the sudden the installer continues.
<Han> I can ping 'george', grepping for rdate in /var/log/syslog shows it's asking the ntp server for a date and gets one at the moment I log in on a spare console.
<Han> What am I missing here?
<sarnold> Han: crazy. does the same hang happen if you use an ip?
<Han> worth a shot, just a minute
<lordievader> Good morning.
<Han> sarnold, it also hangs. Log shows the same, except that I used an ip this time.
<sarnold> Han: heh. i'm not sure if im' happy or sad about that. :)
<Han> I also tested the time server of course, also with rdate, works fine.
<Han> rdate called using NTP server 172.31.10.129\nrdate: adjust local clock by 0.105604 seconds.
<Han> And the first line is a minute ahead of the second.
<Han> So yes... crazy
<sarnold> .. it takes a minute to contact your ntp server?
<Han> Not at all. using rdate from an already installed host works fine. Instant response.
<sarnold> Han: i'm grasping at straws. long since out of ideas. maybe https://www.freedesktop.org/software/systemd/man/systemd-analyze.html ?
<Han> Does the d-i installer already run systemd?
<sarnold> hrm. good question. I had assumed it would but that's me making an assumption..
<Han> /lib/systemd/systemd-udevd --daemon --resolve-names=
<Han> I count that as a no.
<Han> When I manually run 'rdate george' I get 'george: servname not supported for ai_socktype'
<Han> with ip the same message.
<Han> weird... because it doesn't fail, it hangs until I do something else.
<Han> "rdate -u -n george" is what I should have used, but it gives the same error.
<zetheroo> I have Ubuntu server 16.04 here with Zabbix installed and I am trying to get the Email notifications to work - how can I test sending an email from the command line using username and password credentials?
<ikonia> mail
<ikonia> or mails
<ikonia> mailx sorry
<ikonia> or just telnet to the smtp servers port
<ikonia> and enter them as the agruments
<zetheroo> I tried 'telnet cyon.ch 465' which said it was connected .. but then it just hung there and disconnected after a little while
<ikonia> you have to issue commands
<ikonia> it won't offer you prompts
<ikonia> thats not how a mail server works
<zetheroo> ok
<zetheroo> I am trying to follow this https://technet.microsoft.com/en-us/library/aa995718(v=exchg.65).aspx
<ndee> what's the easiest way to have a command queue running? Something where I can put commands on to a queue.
<ahasenack> ndee: you mean like at(1)?
<ndee> ahasenack: I always want the commands to be executed immediately, just that no two commands are executed at the same time
<ahasenack> use a shared lock file then
<ahasenack> there is a lockfile utility in the procmail package you could take a look at
<ezethnesthrown> I can't seem to 'sudo apt-get update'
<ezethnesthrown> I can 'ping' just fine
<ezethnesthrown> Or maybe my DNS
<ezethnesthrown> Hang on
<ezethnesthrown> DNS problem. My bad
<pos>  Do apport and whoopsie phone home with "telemetry"/crash data by default on xenial server?
<m1dnight1> Guys, I've been trying to get opencl running on my ubuntu server without any luck
<m1dnight1> I've checked the driver version on nvidia.com (304 for a 690) and then installed nvidia-304, but still, no luck with clinfo
<m1dnight1> any tips?
<m1dnight1> derp, i purged and removed my nvidia driver, rebooted, and now it works
<m1dnight1> magic.
<m1dnight1> oh wait no, its something else.
<m1dnight1> it's NVE4, which is my CPU I guess
<bindi> nv would indicate nvidia
<m1dnight1> how odd that it only works after I purged my drivers
<bindi> 304 is quite old
<bindi> pretty sure a newer one would work
<m1dnight1> oh. I read that I should see what version nvidia.com gives me and use that one. hence this version
<m1dnight1> let me check supported devices on newer drivers
<oerheks> you would need the 346 or higher, http://www.nvidia.com/Download/driverResults.aspx/81252/en-us
<bindi> nvidia suggests 375.66 for me?
<m1dnight1> for a 690?
<bindi> when i picked linux x64 and gtx 690
<bindi> and that's what's in the ubuntu repos
<m1dnight1> huh, i just retried, still suggests 304
<m1dnight1> odd
<m1dnight1> http://www.nvidia.com/download/driverResults.aspx/114714/en-us
<bindi> hmm 375.39 actually
<m1dnight1> oooohhhh, I picked 6 series, and not 600 series *derp***
<bindi> lol
<m1dnight1> that's embarrasing
<m1dnight1> sorry guys :p
<m1dnight1> installing 777 mb of packages, hurray!
<nacc> aaronr: i totally forgot one thing, i'm not sure if you've already uploaded the debdiffs, but dch will not dtrt for the first SRU to a release, but this should help you determine the correct version: https://wiki.ubuntu.com/SecurityTeam/UpdatePreparation#Update_the_packaging
<greenmanspirit> I am having trouble finding with google so I thought maybe you all would have a suggestion. I would like to set up Ubuntu Server to use sssd I have tried what few articles I can find and nothing works. Do any of you know someone I could talk to about this?
<greenmanspirit> I tried using the realmd wrapper and it works very inconsistently
<help-im-stuck> ubuntu or beer
<compdoc> ubuntu and beer!
<help-im-stuck> why not.. i'll forget my password :$
<drab_> help-im-stuck: here's your solution: http://s2.quickmeme.com/img/3b/3b6199912965e3e396ab0b8caa88cfc38ee558dbfe3188fe0496cbdf6bab5b30.jpg
<hallyn> wtf.  why can't i get systemd to accept what's in /etc/domainname
<Kyoku> how do i get to a proper terminal during 16.04 server install? i thought it was ctrl-alt-f1 but that isn't working and f2 gives me some busybox thing
<sarnold> try the other f-keys?
<Kyoku> i did, no terminal to be found
<sarnold> try smacking 'enter' on some of them, maybe the message 'press enter to start a shell' just didn't get printed for some reason?
<zerick> Kyoku: Why not using the "try ubuntu" option at the beginning of the installer, to load the Desktop and use the terminal. Then launch the installer from the Desktop icon.
<nacc> Kyoku: alos, it's sort of frowned upon to crosspost
<nacc> but in any case, answered in #ubuntu
<Kyoku> zerick i was using server installer
<Kyoku> sorry about crosspost but didn't get a working answer here
<DammitJim> how do I find out the default version of mysql that would get installed on my Ubuntu 16.04 server?
<nacc> !info mysql-server xenial
<ubottu> mysql-server (source: mysql-5.7): MySQL database server (metapackage depending on the latest version). In component main, is optional. Version 5.7.18-0ubuntu0.16.04.1 (xenial), package size 10 kB, installed size 180 kB
<nacc> DammitJim: --^
<nacc> DammitJim: or look at the package page (http://pad.lv/u/mysql-5.7) or use `rmadison`
<DammitJim> thanks@
<DammitJim> what would be the harm in saying: sudo apt-get install mysql-5.7-server
<DammitJim> instead of saying: sudo apt-get install mysql-server ?
<DammitJim> does one lock you down from upgrading or something?
<drab_> apt-cache policy $package
<drab> or using the simulate flag in apt install
<DammitJim> sorry, that was mysql-server-5.7
<DammitJim> say if in 3 years, we want to upgrade ubuntu to 18
<DammitJim> would that mess up mysql?
<drab> anybody familiar with openvpn? I'm clueless about it and it seems like I can't share a client cert?
<DammitJim> I've done openvpn
<drab> I generated a client cert, put it on two phones/devices and if one is connected the other fails and viceversa
<drab> basically it seems I can't share the cert
<DammitJim> oh
<drab> even tho I don't get why... if the cert validates why does it care?
<DammitJim> I'm going to ask the annoying question of: why do you want to share it?
<drab> these are all my devices and
<drab> I'm taking a trip in censorship land, I have a bunch of devices and I'm trying to set up a quick vpn that will be tore down as soon as I come back
<stgraber> drab: add "duplicate-cn" to your server config
<drab> but if it's harder to share a cert than to make new ones, no problem
<drab> I was just wondering if I was doing something wrong
<DammitJim> I think you need to set the duplicate-cn flag
<drab> got it, thanks
<DammitJim> yeah, what stgraber said
<DammitJim> that's the default openvpn config... only 1 cert at a time
<nacc> DammitJim: yeah, i think you want the metapackage so that it will upgrade you across versions
<DammitJim> dammit
<DammitJim> I don't know why I made the mistake of specifying the version
<DammitJim> you see, we had ubuntu 14 and it was "required" to install mysql 5.7
<DammitJim> so, I specifically said: install 5.7
<DammitJim> then we started building servers with Ubuntu 16 and I also specified 5.7 instead of just letting the OS pick the package
<DammitJim> is there a way for me to change that?
<drab> because generally speaking the more specific the betterm, so that things aren't changed under your feet without breakage (not that I'd expect any in this case, but the principle still applies)
<drab> so imho it was good instinct
<DammitJim> hhhmmmm.... I guess I need to meditate on this some more
<drab> is there some known reason why I should not put openvpn on 443?
<drab> trying to make sure I don't get blocked
<DammitJim> I have openvpn on 443
<drab> but don't know if being hit by https traffic or something is going to make it funky or something
<drab> ok, great
<DammitJim> it's not a server with 100% uptime SLAs, though
<DammitJim> not that that matters
<drab> yeah that's not what I'm worried about, more like what opevpn is going to do if it starts getting https traffic thrown at it
<drab> by scanners and whatnot
<drab> didn't want it to crash or something
<nacc> DammitJim: there was no 5.7 in 14.04
<DammitJim> nacc, exactly
<DammitJim> I think they asked me to add some repos
<nacc> ah
<DammitJim> nacc, you just made me think of something
<DammitJim> we were actually not running 5.7, we were on 5.6 and the exact thing that drab said is what we went through
<DammitJim> we didn't want mysql to be upgraded
<DammitJim> but I think I have learned that for the same version 14, mysql wouldn't be upgraded to 5.7
<DammitJim> or for ubuntu 16, mysql wouldn't be upgrade from 5.7 to 5.8
<DammitJim> is that a safe assumption?
<nacc> DammitJim: right, major release changes are rare
<DammitJim> blah
<DammitJim> so, I think I'm ok
<DammitJim> thanks guys
<drab> stgraber: btw for openvpn in containers, it seems it's broken by default, don't know if there's a but about it or what, but since you were around I thought I'd mention
<drab> bug*
<raj> if I give my un/pw for someone else to login, is there an issue if I am also logged in at the same time?
<drab> stgraber: well the systemd part is, LimitNPROC specifically
<ahasenack> nacc: I troubleshooted a bit this bug: https://bugs.launchpad.net/ubuntu/+source/pam-mysql/+bug/1574900/comments/27
<ubottu> Launchpad bug 1574900 in pam-mysql (Ubuntu Yakkety) "libpam-mysql undefined symbol: make_scrambled_password" [Undecided,Fix committed]
<ahasenack> hm, maybe I should have commented on #1574911 instead
<nacc> ahasenack: thanks! i'll try and review tmrw
<ahasenack> I don't have a solution, just an explanation
<drab> fwiw, it seems there's problem in the do-release-upgrade from 14.04 to 16.04 related to predictable interfaces
<nacc> ahasenack: ack
<drab> interface name changes but /etc/network/interfaces is left pointing to eth0
<drab> just did a remote update and got locked out
<ahasenack> nacc: I'm on PTO tomorrow, I'll catch up on monday
<compdoc> drab, I hate when that happens
<nacc> drab: i'm not sure there is a sane way to do that
<nacc> drab: as the 14.04 instance hasnt' switched to systemd so can't know the predictable interface name?
<nacc> drab: you can pass a kernel parameter to disable it, iirc
<drab> nacc: yeah, that's what I normally do, just forgot on this host as I don't do many release-upgrades
<nacc> drab: ack
<drab> dammit jim is gone
<drab> for whatever reason the openvpn works on an android phone but not on iphone
<drab> I mean it connects and can ping local devices, but no internet on iphone
<drab> I take that back, iphone can only ping the gateway
<drab> nothing else on the lan
#ubuntu-server 2017-05-12
<ezethnesthrown> I created a simple Samba Server. From my Windows client I can access the server via " \\SERVER_IP " but not " \\SERVER_MACHINE_NAME ". I need to enter a credential. Is this because of my server or my client?
<ezethnesthrown> Does a user need a group that contains only itself? (Primary group)
<sarnold> no
<sarnold> the user must have a primary group but it could be a group of any sort
<sarnold> the use of per-user single-user groups was because far too many people didn't understand how permissions worked and would use e.g. 775 or 664 and never notice that they shared their primary group with a few thousand other users on the system..
<ezethnesthrown> sarnold: If I were to make a user then I should set it's group too then?
<sarnold> ezethnesthrown: that's the safest approach, yes
<ezethnesthrown> Thank you
<ezethnesthrown> How do I 'smbpasswd' a group?
<lordievader> Good morning
<EmilienM> coreycb, jamespage: all ubuntu jobs are broken for us
<EmilienM> http://logs.openstack.org/80/460080/25/check/gate-puppet-openstack-integration-4-scenario001-tempest-ubuntu-xenial/677b5d5/logs/neutron/neutron-server.txt.gz#_2017-05-12_11_20_58_737
<CarlenWhite> Is it me, or is anyone else having bad luck with Xenial's package system?
<CarlenWhite> Either way, I'm pretty sure my system's sources.list is FUBAR
<zul> EmilienM: just had a peak and it looks like it cant connect to the database
<EmilienM> zul: it sounds like apache fails to start correctly. everything was working on Wednesday, are you aware about changes in OpenStack packages?
<zul> EmilienM: hah no
<mwhahaha> http://logs.openstack.org/91/464191/1/check/gate-puppet-openstack-integration-4-scenario001-tempest-ubuntu-xenial/fbe28d8/logs/puppet.txt.gz#_2017-05-12_13_03_36
<mwhahaha> i'm not sure that db error is the right one
<EmilienM> zul: yes
<EmilienM> zul: https://www.diffchecker.com/fU8PV39r
<EmilienM> a lot of upgrades
<zul> EmilienM: thats to be expected though with artsy just opening....but i havent been pyaing attention
<zul> EmilienM: just commenting from the peanut gallery
<CarlenWhite> Sorted out my problem: https://askubuntu.com/questions/705895
<CarlenWhite> My system was attempting to pull binaries that it couldn't support.
<CarlenWhite> Well, it was trying to. But it didn't know where to get the binaries.
<caribou> nacc: I'm going to take ownership back for LP: #1676884 if you don't mind
<ubottu> Launchpad bug 1676884 in makedumpfile (Ubuntu) "kdump-tools uses the wrong crashkernel command line parameter in ppc64le" [High,New] https://launchpad.net/bugs/1676884
<caribou> nacc: I got a pretty good idea of what the problem is
<CarlenWhite> Is it a good idea to crontab `apt update; apt upgrade`?
<mdeslaur> CarlenWhite: you should install and configure unattended-upgrades instead
<mdeslaur> CarlenWhite: ie https://help.ubuntu.com/lts/serverguide/automatic-updates.html
<nacc> caribou: +1 -- i'll follow along (so if you can subscribe me tht'd be great) -- manjo basically subscribed me toa ll of them
<nacc> *assigned me
<caribou> nacc: done!
<caribou> nacc: on that topic, any reason why there is ppc64EL and ppc64LE (which is the root cause of this bug) ?
<manjo> caribou, nacc ack
<nacc> caribou: different distributions made different choices afaict
<nacc> caribou: RH/SUSE vs. Debian
<nacc> caribou: i believe for debian because of armel and maybe what is debian's manual, not sure
<caribou> nacc: ah, ok
<caribou> nacc: I can always filter on bothy
<caribou> both
<nacc> caribou: yeah, i would
<nacc> caribou: there were lots of bugs do that a while ago :)
<aaronr> nacc: if you get a few moments can you check if these look okay? (It's the nagios security patch I was working on the other day, repackaged for the other releases) Trusty: http://paste.ubuntu.com/24561043/ | Yakkety: http://paste.ubuntu.com/24561066/ | Zesty: http://paste.ubuntu.com/24561097/
<nacc> aaronr: on the phone, but will review right when i'm done
<aaronr> thanks! no rush. just drop me a mention here if they're okay and I'll attach them to the bug :)
<nacc> aaronr: ack, thanks
<nacc> aaronr: overall looks good, i think a few versions are a bit off
<nacc> aaronr: trusty looks fine
<nacc> aaronr: yakkety looks fine
<nacc> aaronr: but zesty is incorrect
<nacc> aaronr: for two reasons, 1) you want to follow https://wiki.ubuntu.com/SecurityTeam/UpdatePreparation#Update_the_packaging and 2) 3.5.1.dfsg-2.1ubuntu6 already exists in artful
<nacc> aaronr: i think you want 3.5.1.dfsg-2.1ubuntu5.1
<aaronr> ah right okay! I thought that looked weird when it gave me 1ubuntu6 :)
<nacc> aaronr: yeah, that's what i was mentioning (late) before, that `dch -i` doesn't know about the SRU pattern (as it doesn't know about released vs. in-development releases)
<aaronr> yeah that makes sense, I suppose it just increments whatever it sees
<nacc> aaronr: right
<aaronr> so if i just `dch --edit`, edit the version number, and recompile, and redo the debdiff is that sufficient to fix it?
<nacc> aaronr: yeah
<aaronr> great, here's that update then: http://paste.ubuntu.com/24561545/
<nacc> aaronr: looks good
<aaronr> great
<aaronr> i'll get these added to the bug
<aaronr> nacc: was it ubuntu-sponsors i'm supposed to subscribe to this bug now?
<nacc> aaronr: yep!
<aaronr> nacc: okay that's all done now
<DK2> raid5 mdraid on 4x 6TB drives on a E5 2407 seems to be too much haha
<DK2> load of 6 on a freshly installed ubuntu
<bindi> y u no zfs
<toyowheelin> can someone point me in the right direction to get assistance with echoping
<dmeijboom> What is it exactly you need assistance with?
<toyowheelin> it is throwing a strange error and Google is not being helpful in telling me what it means
<toyowheelin> I am trying to setup a new test in smokeping
<toyowheelin> but it seems that the echoping command for it is failing
<dmeijboom> What error?
<toyowheelin> HTTP error "H"
<toyowheelin> root@WP-SEA-vnetmon:/var/log# /usr/bin/echoping -P 0xa0 -p 6 -w 1 -t 20 -4 -C -h / -A -a -R -n 5 online2.khamsoft.com:443
<toyowheelin> HTTP error "H"
<toyowheelin> thats all of it
<dmeijboom> Then you're server is not working properly. I've looked at the source code of echoping and it throws that error if a wrong http status code is returned.
<toyowheelin> fantastic
<dmeijboom> The first line of the http response should look like this: "HTTP/1.x 200 OK" or something like that
<toyowheelin> hmm I wonder if echoping is sending a weird useragent or something
<dmeijboom> However the fact that it prints "H" as the error is kinda strange.
<toyowheelin> doubt its possible to change the string it sends
<dmeijboom> It's not. It sends "Echoping" as the user agent.
<toyowheelin> hmm alright
<dmeijboom> Maybe echoping doesn't support SSL? That could be the reason of the strange error string
<toyowheelin> -C tells it to use ssl
<oerheks> toyowheelin, see the manual, "-6 Use only IPv6 " as you have used "6"
<oerheks> http://www.ubuntugeek.com/echoping-small-test-tool-for-tcp-servers.html
<toyowheelin> -p 6
<oerheks> ... and you used -4 too, whqat is the use of '6' ???
<toyowheelin> socket priority
<oerheks> oh, my bad, i see it now
<toyowheelin> hmm I think I see the issue
<toyowheelin> had to use openssl s_client to figure it out
<toyowheelin> haha
<tomreyn> use curl / ab to test HTTPS
<toyowheelin> tomreyn: this is part of a bigger solution
<toyowheelin> smokeping is calling echoping to draw graphs
<tomreyn> i see
<toyowheelin> monitoring one of our vendors servers for SLA reasons
<tomreyn> i know smokeping for network link / route monitoring, not so much as an application omintoring tool
<tomreyn> maybe you're rather looking for something like nagios, cacti, zabbix ...
<toyowheelin> yeah I might setup another monitoring service as well
<yotux> looking to build a new home server anyone offer some insights on hardware?
<tomreyn> /j ##hardware
<cncr04s> i got a Dell Poweredge-C2100, works nice
<yotux> I have an old opti desktop was free, kvm is not supported on the intel E4500
<ikonia> doesn't it really depend on your requirements
<ikonia> as raspberry pi would be fine for a large many people for example
<nacc> yeah "new home server" doesn't actually describe anything
<yotux> nacc: sorry worried mostly about the kvm image hosting and running
<nacc> yotux: well, then you need new enough hardware to run kvm :)
<sarnold> i'm quite happy with my supermicro but i'm glad I don't have to live in the same room with it
<nacc> heh
<sarnold> i mean yeah you can hear it through the whole house
<sarnold> but it's worse in that room :)
<yotux> nacc: correct I do,  my current box doesn't support it :(
<nacc> yotux: i mean, i think all modern intel and amd do now?
<yotux> does one handle the load better than the other?
<sarnold> xeons are king of the datacenter for a reason
<sarnold> but maybe you don't need that
<sarnold> amd's rhyzons or whatefver they're called look alright but they feel limited in pcie lanes compared to the xeons
<tomreyn> and IF you need it, wait for naples and save a lot.
<ikonia> yotux: what sort of load
<ikonia> yotux: you could get a high end xeon - but then you'd end up with a monster power bill for example
<ikonia> it's all about requirements
<sarnold> cncr04s: oh yeah I looked at those for a while; I efventually got suckered by the 'newer chips run faster on less power' hehe
#ubuntu-server 2017-05-13
<ezethnesthrown> I need help with a bash script here. https://paste.ubuntu.com/24564576/
<ezethnesthrown> Thank you in advance
<nsss> Hey!
<nsss> I've given the fuck up on Docker.
<nsss> for now.
<nsss> Anyone here know how to use LXC?
<jge> nsss: got a specific question? I've used the lightly in the past
<jge> them*
<nsss> jge: just any good reads
<tash> is it possible to write a daemon that checks a file for # of ocurrences of a string, record the #, then check again in 5 minutes and count again to get the +/- in the last 5 minutes?
<Walex> tash: is that a real question?
<tash> based on that, let me do some research and read some docs =\
#ubuntu-server 2017-05-14
<Doow> Hi, I'm trying to figure out why my apache daemon doesn't start. I'm running on ubuntu 17.04. It times out when trying to start and I get no output other than that in syslog, journalctl, access.log or error.log. I removed all symlinks in sites-enabled, but no improvement.
<ikonia> what does a config file check say
<ikonia> you should get something in the error log
<ikonia> and you should get something from journalctl
<Doow> ikonia: how do I do a config file check? (I assume you're talking about something automatic)
<maxb> apachectl configtest
<ikonia> there you go, as max said
<Doow> AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1. Set the 'ServerName' directive globally to suppress this message
<Doow> Syntax OK
<Doow> I'm waiting for it to timeout so I can paste you the log for journalctl
<ikonia> so there is something you should fix to make life easier
<ikonia> it's got no FQDN so it's defaulting to the loopback address
<ikonia> thats going to make it pretty worthless unless you access it on localhost
<Doow> ikonia: I have that set up in two different virtualhosts that I disabled while trying to figure this out.
<ikonia> it's pointless then
<ikonia> becuase you're trying to figure out something that is broken
<ikonia> but something you're not going to use
<ikonia> test it properly
<ikonia> and even if you add two other virtualhosts, that base config will still be there
<ikonia> ServerName still needs to be set outside the virtualhosts
<maxb> Well.... you can get by with a wrong ServerName if the server isn't generating self-referential URLs a lot of the time. Not that you *should*, of course. But it's a relatively minor wart compared to the server not starting up cleanly
<ikonia> it's noise that's not needed
<maxb> That's true
<Doow> what would you recommend I set it to? in general terms of course. It won't be listening for anything on that adress, or should I reuse one of the virtualhosts domain name?
<maxb> If you're certain all your traffic is going to hit a <VirtualHost> and nothing is going to be processed by the default server, you can quite happily get by with "ServerName default.server.unused" or any other designator for the admin's eyes only
<Doow> maxb: ok, I'll use that =)
<ikonia> it needs to be resolvable though
<Doow> google.com?
<maxb> Eww
<ikonia> even if it's just resolvable by the hostfile
<ikonia> don't be silly
<ikonia> you're going to tell your server to listen on a google.com IP ?
<Doow> ikonia: something that's just resolvable locally sounds fine
<maxb> It needs to be resolvable? I have production stuff quite happily using a name non-existent in DNS or hosts to represent the unused base server
<ikonia> maxb: if it's not resolvable it drops back to localhost
<ikonia> x-ref the warning you see
<maxb> 'drops back to' ?
<ikonia> Could not reliably determine the server's fully qualified domain name using 127.0.1.1
<ikonia> it can't resolve the servers FQDN - so it drops back to using the localhost IP
<maxb> using the IP for what?
<ikonia> ServerName value
<ikonia> Doow: has it timed out yet ?
<Doow> ikonia: yeah, got occupied by the ServerName ;)
<Doow> https://paste.ubuntu.com/24573808/
<Doow> that's from journalctl -xe
<ikonia> PWD=/home/user/apache/mods-enabled
<ikonia> ??
<ikonia> what's that about
<Doow> ikonia: just a backup folder I was standing in when doing sudo systemctl start apache2.service
<ikonia> Doow: pastebin the apache error.log
<Doow> ikonia: it's 0 bytes long
<ikonia> ok - so it's not even trying to start
<ikonia> is this a clean/standard 17.04 install
<ikonia> or have you done anything with it / got external software etc
<Doow> no, it's an upgrade from 16.10
<Doow> and I added some mods, I'm running owncloud and a custom django site
<ikonia> pastebin the output of systemctl status apache2.service
<Doow> as well as set up https for those two sites
<Doow> https://paste.ubuntu.com/24573830/
<ikonia> do a manual start
<ikonia> httpd -f /where/your/config/file/is
<maxb> That won't work, rather, try 'APACHE_STARTED_BY_SYSTEMD=1 apachectl -e debug'
<maxb> Ubuntu renames the httpd binary to apache2, and supplies a configuration file which requires various environment variables set via apachectl to complete the configuration
<ikonia> you should still be able to do apache2 -f to get a base start up
<ikonia> and hopefully a bit of noise on problems
<ikonia> maxb: interesting that you can set APACHE_STARTED_BY_SYSTEMD
<ikonia> didn't know that
<maxb> 'apache2 -f /etc/apache2/apache2.conf' will just give you a complaint about 'Invalid Mutex directory in argument file:${APACHE_LOCK_DIR}' or similar
<maxb> (Unless of course you rewrite the Ubuntu default config file to avoid the use of environment interpolations - then your method would be OK)
<ikonia> maxb: thats intersting, I'd have not expected that
<maxb> The Ubuntu default config is a bit too complicated for the average user's needs, in my opinion
<ikonia> I'd not considered that, but yes, if t's going to depend on "system" variables to actually run over config file based variables, that would add confusion
<Doow> yeah, it complains about a number of settings that are in /etc/apache2/envvars (as you said maxb). Then it also have some problems with permissions, should I run this as www-data? or root? (everything in /etc/apache2 is owned by root:root)
<maxb> You should be doing this as root
<maxb> I'm sure the few people who want to run multiple isolated httpd processes with different configs on the same server are very thankful for all the hooks that Ubuntu provides to make that easy - but they can confuse the situation for majority who don't want that.
<ikonia> maxb: which to be fair will be a minority
<Doow> APACHE_STARTED_BY_SYSTEMD=1 apachectl -e debug: command not found
<maxb> The quotes I included were only for the benefit of showing the command in context in IRC - they weren't intended to be literally entered at the shell
<Doow> I assume it should set, or export or something before that? (my bash scripting is not up to par unfortunately
<Doow> maxb: ok, now it starts without complaining, let me check some logs =)
<Doow> maxb, ikonia: I tried enabling everything again, both sites, etc, and it seems to be working as long as I launch with -debug and APACHE_STARTED_BY_SYSTEMD=1 as per above
<maxb> First, swap the -e debug for -k start
<maxb> That changes the invocation of Apache to be as close as possible to what the default startup procedure is doing
<maxb> I'm guessing that's not going to change anything, at which point the problem has been localised to the interaction between systemd and apache, nothing to do with apache itself
<maxb> At which point, pastebin the output of the following so that we can see whether you have any local overrides in your systemd config for apache:
<maxb> # find /etc/systemd -name '*apache*' -ls
<Doow> Yeah, that works as well, brb with pastebin
<maxb> Also, does 'debsums --changed apache2' give any output? (I want to see if any of the apache-related files in /lib/systemd/system have been improperly modified)
<Doow> https://paste.ubuntu.com/24573950/
<maxb> I think we just found the culprit. /etc/systemd/system/apache2.service is a file locally defined on your system which is probably messing things up
<Doow> nope, no output from debsums, I'm keeping that though, very convenient
<maxb> Please pastebin the contents
<Doow> sure
<maxb> Additionally you seem to be missing an expected symlink, so you should run 'systemctl enable apache2' if you want it to automatically start after a reboot
<Doow> https://paste.ubuntu.com/24573963/
<Doow> maxb: how do you know what the expected config looks like? do you have clean machine set up, or is there some reference?
<maxb> I'm just looking at my desktop, which I know I haven't changed in this respect
<Doow> maxb: could be useful to solve my own problems in the future
<Doow> maxb: aha, that makes sense
<maxb> So, I don't know how /etc/systemd/system/apache2.service got there, but it's wrong and shadowing the correct version provided by the package in /lib/systemd/system/apache2.service
<ikonia> I suspect it may have come from one of the modules that was manually/externally installed
<maxb> You should delete or move away /etc/systemd/system/apache2.service - and then I don't remember whether systemd just notices automatically, or you have to run 'systemctl daemon-reload'
<Doow> maxb: It's probably a remnant of when I tried to get apache to start on boot, I wouldn't mind removing it
<Doow> I'll give it a try
<maxb> After which, pastebin the output of 'systemctl status apache2' so we can see what your systemd thinks the new status is
<Doow> maxb: looks fine from what I can see: https://paste.ubuntu.com/24573997/
<maxb> Mostly fine - but it does still say 'disabled' meaning it won't start at boot.
<maxb> Quite possibly because I suggested you ran enable before deleting the service file
<Doow> maxb: I hadn't ran enable yet at that point, it says enabled now
<maxb> all sorted then
<maxb> The lesson is to be wary of local customizations interfering with the operation of system packages :-)
<Doow> maxb: I'll try rebooting as well to see that everything is fine, but from what I can see everything is looking great :)
<Doow> maxb: yeah, I like systemd, but I still don't know how everything is working. thanks for all the help (you too ikonia)
<ikonia> you fixed it yourself, well done
<Doow> rebooting worked great as well, everything started without problems =D
<ikonia> well done
<teward> this'll sound like an insane question, but is there any way to get a desktop environment inside an LXD container, so that i could, say, VNC to it or X-Forward to it and then have it VPN outbound without affecting my host system?
<teward> I have it in a VM right now, but... just curious if I can do it with an LXD container.
<ArchaicLord> HI just instlaling 16.04 onto a usb drive from a cd. and got
<ArchaicLord> Exiting on error base-installer/kernel/failed-install
<ArchaicLord> What is this and how do I fix it?
<teward> ArchaicLord: did you verify the integrity of the LiveCD image before you burned it, by chekcing the hash sums against known good ones?
<teward> (to make sure your image was complete)
<ArchaicLord> No i didn't
<ArchaicLord> I downloaded the default lts from Ubuntu website
<ArchaicLord> not sure how I managed to get this but I have been given a list of kernals
<ArchaicLord> I guess I shouldn't use linux-generic as that just failed
<ArchaicLord> any suggestions which one to use instead
<ArchaicLord> ok so i checeked the md5 and it was fine there was a match.. i also re downloaded and burned again and still same issue. luckly i found an older server install disk and this is working fine so not sure why the current download won't work
<teward> i've got a question here, I've got multiple LXD containers, and multiple public IPs on this one box.  I'd like to route the public IP data to one of the LXD containers specifically, anyone know how I can do that for just the one LXD container?
#ubuntu-server 2018-05-07
<teward> so, I think there's a problem with bog-standard postfix...
<teward> i'll have to dig into it, but it's odd that a postfix server with no firewall rules at all and a base "local site" instance cannot receive connections on port 25...
<JanC> teward: "local site" only listens locally IIRC?
<lordievader> Good morning
<cpaelzer> good morning lordievader
<lordievader> Hey cpaelzer
<lordievader> How are you doing?
<cpaelzer> good, just too busy on most mornings to remember saying hi :-)
<cpaelzer> and 4 hours after I start or so it feels wrong to then say good mornign :-)
<lordievader> Good afternoon is a thing too ð
<cpaelzer> but I feel bad already for forgetting the community :-)
<cpaelzer> so I better stay silent
<lordievader> Hihihi
<Neo4> how it could be 43 000 dislikes and 26 734 views? :)
<Neo4> https://www.youtube.com/watch?v=DfNjAYilrFc
<Neo4> many Kremlin bots in ru-net
<OpenTokix> Neo4: a view is only caluclated after a specific % of the clip or time viewed. But you can dislike right away.
<Neo4> OpenTokix: no, here army of kremlin bots, they barely touch USA ellection, but here in local ru, they harder work, here factory of bots
<Neo4> OpenTokix: promotion, in runet better do video that support power, more chance that it will promoted by kremlin bots
<Neo4> about power say only good, or nothing )
<Neo4> is PTR record for server correctly customized?
<Neo4> https://paste.ubuntu.com/p/68k4tv5NHw/
<pr0con> hello everyone, So i believe i have a compromised ubuntu server, alot of [sync_supers] processes grinding the CPU, this server hosts many wordpress sites which seems to be the root of the cause. I found alot of malicious file removed those did a fresh ubuntu install reattached the drive and about a week later they appeared again.. is there any way outside of  using wordpress plugins to identify where and how and what is go
<pr0con> ing on?
<pr0con> thank you for any help in advance
<Squall5668> Well, for now, take it off the network. They will reappear again unless you can figure out how the keep getting in. You need to start reading log files unfortunately
<Squall5668> On web servers, outdated stuff are usually the culprit
<Squall5668> You should never just rebuild and redeploy unless you have found and mitigated the issue
<ahasenack> cpaelzer: I'm struggling whether to mark #1767886 as invalid or wontfix, see comment #3. tl;dr some settings changed their default values between 1.13 and 1.14. I updated the bionic release notes
<ahasenack> in terms of packaging fixes, I guess we could detect upgrades from < 1.14, check the config file, and adjust settings, but I'm not comfortable messing with config files on upgrades, not even sure we can
<ahasenack> any opinions?
<ahasenack> https://wiki.ubuntu.com/BionicBeaver/ReleaseNotes#SSSD my release notes update
<cpaelzer> ahasenack: only seeing your ping now
 * cpaelzer is reading
<cpaelzer> ahasenack: we can mess with config files, but I certainly would not recommend it
<cpaelzer> the release not entry is great
<cpaelzer> ahasenack: I'd think you can do a few things to make people realize, but not mess with the config
<cpaelzer> ahasenack: e.g. you could have a news entry on this that would pop up in some environments
<cpaelzer> OTOH I only see people immediately-close those :-/
<cpaelzer> so I'm not sure how useful that would be
<cpaelzer> if you think they actually watch the console you could detect your former version and warn there
<cpaelzer> but again - will it be read at all
<cpaelzer> ahasenack: you release notes entry is already great
<pedroj> hello, can anyone help me?
<TheEagerPadawan> !asktoask
<cpaelzer> pedroj: if you just need somebody answering you - yes, otherwise one would need the actual question :-)
<pedroj> haha, how can I do a incremental backup without change the folders and docs to one archive?
<ahasenack> cpaelzer: I think not many people are affected, or the other ones that were just figured it out themselvez
<ahasenack> themselves
<ahasenack> since this change was introduced in 1.14.0, and the first ubuntu release that had >= 1.14 was zesty
<ahasenack> cpaelzer: about console warnings, I think that's not applicable because people would hit this in release upgrades, not regular upgrades
<TheEagerPadawan> what seems to be the problem?
<cpaelzer_> ahasenack: then I think you have done all you can
<cpaelzer_> the bug is just another piece that will direct to the release notes
<TheEagerPadawan> can somebody file me in regards to bug you guys are talking about?
<ahasenack> cpaelzer_: ok, so "wontfix" or "invalid"? :)
<ahasenack> I always find "invalid" so rude
<cpaelzer_> TheEagerPadawan: bug 1767886
<ubottu> bug 1767886 in sssd (Ubuntu) "sssd-ldap breaks automount on bionic" [Medium,Incomplete] https://launchpad.net/bugs/1767886
<ahasenack> if there were a release notes task, I would add it to the bug
<ahasenack> and mark that task as fix released
<TheEagerPadawan> ah had issues my self with cryptsetup during my 17.10 -> 18.04 updated. Had to use a liveusb, decrypt the luks partition, decrypt the private desktop
<cpaelzer_> ahasenack: I thought there is such a task
<TheEagerPadawan> backup up everything :p
<ahasenack> tbh, I haven't searched
<ahasenack> wow, found ubuntu-release-notes
<ahasenack> cpaelzer_: ^ sounds good?
<pedroj> hello, how can I do a incremental backup without change the folders and docs a one archive? ^^ thanks
<lordievader> pedroj: What do you mean with 'without change the folder and docs a one archive'? Just a simple A -> B sync?
<pedroj> lordievader: I am trying to do the incremental backup with TAR but TAR change the files into .tar
<lordievader> Yes, that is what tar does. You might be interested in dirvish. Makes incremental backups using hardlinks.
<pedroj> ^^ nice, I'll try dirvish now, thanks
<cyphermox> blackflow: if you have issues with netplan, I invite you to please file bugs in Launchpad so we can address them...
<blackflow> cyphermox: my issue with netplan is the existence of it. I doubt you'd address that, but thanks. :)
<teward> JanC: i mistyped, i meant "internet site"
<teward> it was late when I posted :P
<teward> JanC: core issue is a POstfix listening on port 25, 587 wasn't accepting connections on this one system
<teward> but i've since ruled out Postfix and pointed at a networking issue where the server sits, so I have some tickets pending to upstream.
<teward> at the DataCenter
<cyphermox> blackflow: alrighty then. what would you prefer, we keep ifupdown?
<trippeh_> 25 is indeed often filtered upstream.
<blackflow> cyphermox: is it broken?
<cyphermox> yes
<trippeh_> (thank you spammers)
<blackflow> so why not networkd directly?
<blackflow> or NetworkManager for desktop installations.
<cyphermox> because you also have NM
<cyphermox> and that makes it hard for everyone having to deal with different setups
<cyphermox> (for one, with netplan you can copy settings across systems trivially)
<cyphermox> or switch the renderer to NM if you also need, say, some random wifi feature in extra
<cyphermox> my example is my own setup here: https://paste.ubuntu.com/p/5sMkW4S5DH/
<cyphermox> ^ this works with NM because I also want NM to deal with wifis when I travel, give conferences, etc.
<cyphermox> and this works the same on my server, with the renderer changed to networkd
<blackflow> I wonder what percentage of deployments are switching between networkd and NM so frequently that a third layer and increase in complexity is needed.
<cyphermox> it's not about switching
<cyphermox> it's about being able to have one single config file you can comprehend
<blackflow> the 15th standard? :)
<cyphermox> meh
<blackflow> https://xkcd.com/927/   in case the reference is  unclear :)
<cyphermox> I know that reference.
<blackflow> the funny thing about that comic is how true it is.
<blackflow> so that's my problem with netplan. addition of new complexity that does not solve any actual real world problems.
<blackflow> really this Canonical's invention of Canonical specific things is only being harmful to the community. creates more fragmentation and does not solve any problems. Systemd was supposed to be the one ring to rule them all, among distros, and what happened in reality is that different distros deploy different versions, with different features, and different abstractions atop of it. 15th standard all
<blackflow> over again. ;) Was snappy really needed? couldn't take flatpak and evolve it? now we  have vendors who AGAIN have to figure out which of the 15 standards to support.
<blackflow>  /rant.
<axisys> any idea why OS build comes up with em1 instead of eth1 for some HP servers?
<cyphermox> axisys: your system has embedded devices, they are detected as such so they are named that way to make sure things don't change name across reboot (there used to be issues where it might be eth0 or eth1 depending on scan order)
<axisys> cyphermox: how do I find out how ubuntu decides it?
<axisys> cyphermox: good to know .. thank you
<cyphermox> axisys: it's systemd work
<cyphermox> axisys: there's a list somewhere I think
<axisys> looking for it.. not in /etc/systemd or /usr/lib/systemd
<sdeziel> that https://github.com/systemd/systemd/blob/master/src/udev/udev-builtin-net_id.c#L20 ?
<axisys> trying to see which file in the system
<axisys> is the OS*
<Squall5668> there shouldn't be one, but I could be wrong
<ahasenack> nacc: hi, should I unassign you from https://bugs.launchpad.net/ubuntu/+source/logwatch/+bug/1644057 ?
<ubottu> Launchpad bug 1644057 in logwatch (Ubuntu) "Excessive Disconnect unmatched entries from sshd" [Undecided,Triaged]
<coreycb> frickler: if you get a minute, can you take a look at our testing results for 1750121?
<nacc> ahasenack: yeah probably :/
<ahasenack> nacc: thx, not a problem :)
<kevr> with the live 18.04 iso, i'm getting boot holds on a "Holds Snappy daemon refresh," after it finishes, it just seems to be sitting at the boot log (nothing else is happening)
<kevr> hm
<kevr> i see, about 5 minutes after, it did continue.
<compdoc> shouldnt pause tho, although ive only tried the minimal install
<kevr> how do i opt out of cloud-init?
<kevr> am i missing a minimal iso http://releases.ubuntu.com/18.04/ ?
<powersj> kevr: the traditional d-i based installer is available here right now http://cdimage.ubuntu.com/ubuntu-server/bionic/daily/current/
<powersj> although I'm confused as to why it is a "daily"
<powersj> and the minimal is available here https://help.ubuntu.com/community/Installation/MinimalCD
<kevr> powersj: AHA, thank you!
<mwhudson> kevr, powersj: i think http://cdimage.ubuntu.com/releases/18.04/release/ubuntu-18.04-server-amd64.iso is a better link btw
<powersj> ah yes it is
<powersj> thanks!
<kevr> okay
<kevr> thanks
<kevr> what does the -live- mean?
<kevr> a nightly build?
<powersj> live is using our new installer based on subiquity
<kevr> oh.. i see
#ubuntu-server 2018-05-08
<sancron> Hello fellows, i've struggled in a small problem with 18.04 Server. I want to setup a vServer and won't get netplan configured, because my Broadcast Adress is the same as my Gateway but this two are different from my assigned IP. Can someone point me how to setup manually broadcast adress on netplan?
<pankaj> I have set ssh server on my guest OS (ubuntu-server) but when I do 'ssh-copy-id hostname@IP address' I get 'permission denied (public key)'
<lordievader> Good morning
<lordievader> pankaj: Do you have access to the server?
<pankaj> lordievader: Sorry, for late response. Absolutely, I have access to server. I can ping to it.
<lordievader> I meant ssh access ð
<lordievader> See the man page, `ssh-copy-id` uses ssh to copy the key: https://linux.die.net/man/1/ssh-copy-id
<pankaj> lordievader: Yes, I can access it via my local account pssword.
<lordievader> And you  use that username for the copy command?
<lordievader> You could also go the manual route (log in, add ~/.ssh/id_rsa.pub to ~/.ssh/authorized_keys)
<pankaj> lordievader: You are right but I was looking for a standard procedure that work in every case.
<pankaj> lordievader: I have googled it (although not got fully satisfied with their answers) what is the cause of such types of errors?
<frickler> coreycb: ya, saw the notification for that. will try to reproduce upstream, possibly my fix is still incomplete
<lordievader> pankaj: That depends, take a look at `/var/log/auth`.
<trekkie1701c> Okay so I'm about at my wits end trying to get Ubuntu to reinstall on this server.  It doesn't have an internet connection.  Why does a several gigabyte ISO require me to choose a mirror to proceed through the install, and is there a way to bypass this?
<trekkie1701c> Google says to unplug the network cable.  I've done that.  And disabled the NIC in the BIOS, and the installer complains that it can't find one, but still insists that I choose a mirror of the Ubuntu archive.
<pankaj> lordievader: I checked it. IN case of 'openssh-server' package it does not show any sign of error or failure.
<lordievader> And you have/had?
<pankaj> lordievader: Their is no error I see.
<pankaj> What is the most common reason for this type of error to occour?
<lordievader> The systemlog (journalctl) may also contain hints as to why the permission is denied.
<trekkie1701c> Alright, apparently my problem is that creating the thumbdrive with YUMI causes it to assume you want to do a netboot, regardless of the ISO.  Rufus and DD mode works.
<lordievader> That sounds like a pretty dumb assumption -.-
<trekkie1701c> Yeah I was pretty upset about that.
<trekkie1701c> Also either Ubuntu 18 doesn't like my server's RAID setup, or one of these drives I got (or all of them!) isn't good.  It detected that a RAID existed, but didn't show a volume to install to.
<trekkie1701c> 16.04 does, but it's taking forever to get through paritioning.
<trekkie1701c> Though no errors so it could also just be that I'm doing this on mechanical hard drives with software RAID, on a dual-core processor.
<lordievader> Time for some SMART checking?
<trekkie1701c> If this doesn't work, yeah.
<trekkie1701c> It's figured out there's 9TB though available and it's sitting at 80% on computing partitions so...
<trekkie1701c> If it does get to the point where the system is bootable I figure hammering it with restoring 3TB of backups will probably give the drives a good test too.
<rbasak> ahasenack: should nvml now be removed from ppa:canonical-server/nvdimm?
<Neo4> what is means hostname and hostname -f?
<Neo4> I do hostname kselax
<Neo4> and in file /etc/hosts put this row
<Neo4> ip kddkdk.kelax.ru kselax
<Neo4> then when I type hostname -f I see kddkd.kselax.ru
<blackflow> Neo4: if only there was a manpage for `hostname`
<Neo4> I though in host was aliases
<Neo4> blackflow: hostname -f - FQDN
<Neo4> hostname simple hostname
<Neo4> blackflow: there is man
<Neo4> I don't know difference,
<Neo4> hostname kselax.ru
<Neo4> or better hostname kselax?
<Neo4> and what does this row means in /etc/hosts
<Neo4> 91.227.18.36 eeemail.kselax.ru kselax
<blackflow> "hosts - static table lookup for hostnames"    it's a file that maps IP addresses to names. like DNS, but local to the machine, and consulted first by glibc, before a DNS request is made through resolvers.
<blackflow> which means you can specify multiple names for one IP. it's intended to have the FQDN + aliases for it. in which case you should have something like this:
<blackflow> 91.227.18.36   eeemail.kselax.ru eeemail
<blackflow> which specifies both the short hostname and FQDN for the IP
<blackflow> you can of course add just "kselax" too, but the standard practice is to have both FQDN and hostname always listed
<Neo4> ok, that is alliases
<blackflow> it's also the way "hostname" resolves its (FQ)DN via the IP
<blackflow> by seeing the FQDN and short hostnname associated to it in hosts
<blackflow> (thought I think it's glibc doing that)
<Neo4> yes, syntax: IP hostname [aliases]
<Neo4> I thought this all hostname
<Neo4> one IP + [hostnames]
<Neo4> where we specify hostname -f for our computer?
<Neo4> hostname could be any, it doesn't matter
<Neo4> using host?
<Neo4> if I do hostname -f when /etc/hosts without aleases I got this
<Neo4> pxe1.host-food.ru
<Neo4> where is it placed?
<blackflow> probably rDNS which gets resolved because you don't have an entry in /etc/hosts, for your IP
<lordievader> Your nameservers also point to the host-food.ru domain.
<Neo4> ok, do I must use /etc/hosts for change?
<Neo4> and there exists a few IP 1.0.1.127 and 1.0.0.127
<Neo4> 127.0.0.1 and 127.0.1.1
<Neo4> 127.0.1.1 means my network,
<Neo4> if I put there my real IP address will my home webserver available over Internet?
<Neo4> https://askubuntu.com/questions/754213/what-is-difference-between-localhost-address-127-0-0-1-and-127-0-1-1
<blackflow> the entire 127.0.0.0/8 range is local to the host. putting a real ip address in /etc/hosts does not magically make the host available over internet.
<Neo4> blackflow: why?
<Neo4> I need customize router?
<Neo4> blackflow: I did it using windows
<Neo4> WAMP server, I forgot what I did, my server works, when user put there my ip he can see one page
<blackflow> to make your (home) server available to the (public) internet, its IP address needs to be accessible from the (public) internet. If its IP is in a RFC private range, then you need to set up port forwarding on the WAN/LAN router.
<Neo4> if there was DNS might they could have seen my server using domain
<Neo4> blackflow: my IP dynamic, I can't do home server
<Neo4> blackflow: it change always
<blackflow> so if your server is 192.168.1.10, and your WAN address (router's public address) is, say, 1.2.3.4, then you need to map ports from 1.2.3.4 (Accessible from public internet), and thus do forwarding of packets, to your 192.168.1.10 (not accessible from public internet). this mapping is done on the (public, WAN facing) router.
<blackflow> it's also called NAT - Network Address Translation, in this case it's dNAT - destination NAT, as the packets need their dest address changed from public to private, as they cross the WAN -> LAN barrier.
<blackflow> Neo4: there are services which can provide dynamic DNS for your dynamic IP.
<Neo4> for free?
<blackflow> there used to be, I think DynDNS was one of them. I don't know whta's available today, I haven't done dynamic DNS in many years.
<Neo4> I have 10Mb Internet speed
<blackflow> Neo4: check your router. It's quite possible that your router already integrates iwth some dynamic DNS providers, and you only have to set that up with a username & password. Check the router's admin panel.
<lordievader> The free 'domains' they offer are usually sub-domains. You need to pay if you want a regular domain.
<blackflow> that too.
<Neo4> can't find router IP where admin page
<Neo4> will check later
<blackflow> Neo4: the gateway IP most likely
<Neo4> I don't have gateway
<Neo4> dlink modem
<Neo4> it has ip where we can see admin page
<Neo4> now find instruction
<blackflow> you don't have gateway? I bet you do, unless each of the computers in your network has a public IP directly
<blackflow> Neo4: `ip route show`
<Neo4> blackflow: this ip http://192.168.1.1/
<Neo4> but I forgot password, have got ban for 180 seconds
<blackflow> it's likely that, yes. but ip route show will tell you the default  (Gateway)  ip
<blackflow> *default route via
<Neo4> yes show default the same
<Neo4> won't now customize, i need refresh modem for access to admin
<blackflow> Neo4: chances are the username and password are written on a label on the bottom side of it, unless you changed that default.
<ahasenack> rbasak: hm, yes (remove nvml from ppa), I thought I had done that already
<Neo4> blackflow: there default admin admin, I changed and forgot
<coreycb> frickler: thanks
<Neo4> not bad? :)
<Neo4> https://mxtoolbox.com/domain/mail.kselax.ru/
<Neo4> one black list, I have written to both
<Neo4> spamhouse banned all network, might not removed my ip
<Neo4> perfect web server )
<samba35> since yesterday  (today ?)ram usage is quite hight on 18.04
<Neo4> how I can edit files when write shell script?
<samba35> it was around 2 gb by default boot now it about 5 gb
<Neo4> I'm doing shell script that will install apache2 + php5.6 and this script should edit config files and put there variables
<samba35> in ubuntu 18.04 or in 16.04.x (???) how we can make rc.local ?  /etc/rc.local is not working on 18.04
<Neo4> this script should determine my server ip adress and add to /etc/apache2/apache2.conf in bottom row ServerName ip
<Neo4> how to make this simple shell script?
<nacc> samba35: how are you measuring? you want all your memory to be used
<Neo4> open in vim and do it manually?
<Neo4> I'm going to write shell scrip that will automatically install mail server and lamp without my interfering
<samba35> nacc, free -h ksysguard show alomost same
<samba35> Mem:           7.7G        4.9G        1.9G        162M        918M        2.4G
<samba35> even i have not open a browser
<Neo4> will start from simple sudo apt-get install apache2 and add phrase in bottom to file apache2.conf
<nacc> samba35: how experienced of a sysadmin are you? asking because `free` is not a reasonable way to measure much of anything :)
<samba35> i thought it was browser but i change firefox and chorme and idle it show same
<nacc> samba35: you can look in top or htop and sort by memory usage (RES is most relevant, but you can sort by VIRT)
<samba35> but i can check real time with ksysguard
<samba35> cat /proc/meminfo
<samba35> MemTotal:        8124804 kB
<samba35> MemFree:         2012688 kB
<samba35> MemAvailable:    2522028 kB
<nacc> samba35: you didn't answer my original question. I've never used ksysguard.
<nacc> samba35: have you read: https://www.linuxatemyram.com/
<nacc> samba35: in an ideal world, your system is using all of your memory, if it can
<nacc> samba35: idle memory is wasted memory
<samba35> sorry i am trying to understand top
<samba35> please wait
<samba35> what is res and virt ?
<sdeziel> free doesn't "measure" much but provides a good quick overview IMHO. I also find it easier to read than top's stats
<sdeziel> but I fully agree that RES is the thing that needs to be looked at in top :)
<nacc> samba35: Resident Set Size and Virtual Memory
<samba35> thanks
<samba35> how do i sort  memory usage or M or m ?
<nacc> < > to switch sorting columns, default is CPU%
<nacc> so < < <  will sort by RES
<nacc> one more will sort by VIRT
<RoyK> samba35: can you pastebin the whole output of "free"?
<Neo4> I have this, we can put in shell
<Neo4> vim /etc/apache2
<Neo4> and make
<Neo4> read -p "you need put to this fiel this row Servername your_ip" answer;
<Neo4> then in vim we can read all instruction that printed in console by ctrl+z
<samba35>  4907 xxx  20   0 1738.9m 173.8m  94.3m S   0.0  2.2   0:04.63 Web Content
<Neo4> and return back fg
<samba35> web content has many entryeies and it hogging lot of ram
<Neo4> after edit press exit from vim and shell will go on work
<Neo4> nice alhorithm?
<Neo4> I'm not going to copy past from instruction and input all commands, will use shell
<samba35> ok
<samba35> top plain or with some switch ?
<samba35> top
<Neo4> well, had better ask in #programming
<gabboman> Hi, does the conjure-up thing works in ubuntu 18 04?
<samba35> in ubuntu 18.04 or in 16.04.x (???) how we can make rc.local ?  /etc/rc.local is not working on 18.04
<gabboman> @samba35 I think that's a systemd thing. As a quick and dirty fix why dont you create a script and execute it with crontab at @reboot ?
<samba35> sorry i did not i understand crontab @reboot ? can you please explain
<trekkie1701c> You can set @reboot as a time in crontab and execute something on reboot.
<gabboman> yes. but I feel it's a little bit dirty to be honest
<gabboman> (ok, really dirty, santa would put you on a list)
<trekkie1701c> Yeah you can usually set up things as services to execute at boot
<samba35> honetly i am missing @reboot part can you please please explain
<trekkie1701c> I think my only @reboot entry is a script that connects to my local IRC server to post a message saying the server was rebooted, etc, etc, sorry for the inconvenience
<gabboman> in crontab instead of writing the numbers of a date/time you put @reboot
<samba35> is @reboot is command or script or a file ? or service ?
<trekkie1701c> https://en.wikipedia.org/wiki/Cron
<samba35> ok thanks
<gabboman> you can edit cron with the command crontab -e
<gabboman> its aper user thing, depending on what you wanna do you should use root or a regular user account
<gabboman> a per user thing*
<trekkie1701c> Never not run everything as root.
<samba35> ok
<trekkie1701c> (That was a joke, btw; best practice is to try and keep specific applications/services on their own user)
<samba35> if i want to add ip tuntap add mode tap vport1
<samba35>  at startup how i should at at crontab
<gabboman> well, that seems like a root thing
<gabboman> what are the commands you want to do?
<samba35> i am "trying " to configure openvswitch and use some kind of interface for quest  (but i am not sure how it will work and crateing tuntap unterface it is not showing in virt-manger)
<samba35> https://pastebin.com/Zb3x61Vx
<samba35> but after reboot i have to manull enter
<samba35> ip tuntap add mode tap vport2
<gabboman> ok then make this command: crontab -e
<gabboman> select nano
<gabboman> and in the last line write
<gabboman> @reboot ip tuntap add mode tap vport2
<samba35> ok  thank you !
<samba35> gabboman, do you have any idea on kvm ,openvswitvh ?
<gabboman> basic ideas with kvm to be honest
<gabboman> I use virt manager but thats it
<samba35> same here i also use virt-manger ,i create openvswitch with tap interface and i want to add that tap interface in quest but virt-manger does not show tap interface
<samba35> any idea how it can be done !
<gabboman> not at all sorry
<samba35> no issue .sorry common man
<samba35> sorry i should say
<samba35> for asking too many thing :)
<samba35> brb reboot and give try
<Pinkamena_D> Hi All, Ive come upon a system where systemd seems to be having some issue. journalctl is not running and I get "no such interface" messages when trying to check the status of any service. Is there any package I can reinstall to try to fix this?
<Pinkamena_D> (16.04)
<nacc> Pinkamena_D: you mean journalctl doesnt run (it's a process not a service)
<nacc> Pinkamena_D: can you pastebin the exact message and cmmand you tried?
<Pinkamena_D> what looks like happened is that someone installed upstart which messed up systemd
<nacc> Pinkamena_D: that'd do it ...
<Pinkamena_D> I have removed it but how can I get systemd back to the foreground?
<nacc> Pinkamena_D: you removed or purged upstart?
<nacc> Pinkamena_D: i *think* if you purged upstart, a reboot should allow systemd to start as init again
<ahasenack> nacc: hey, what was the workaround for this error again:
<ahasenack>   File "/snap/git-ubuntu/427/lib/python3.6/site-packages/gitubuntu/source_information.py", line 66, in derive_source_from_series
<ahasenack>     raise ValueError("Unable to determine distribution from %s" % series)
<ahasenack> ValueError: Unable to determine distribution from cosmic
<ahasenack> I thought there was a command-line option, but I can't find it, so maybe I was mistaken
<nacc> ahasenack: rebuilding the snap with a newer distro_info :)
<ahasenack> aha :)
<nacc> ahasenack: it's currently at 0.17 and needs bumping to 0.18
<nacc> rbasak: --^
<nacc> we should remember to do this more often :/
<ahasenack> I don't think distro-info-data was updated yet
<ahasenack> in bionic, that is
<ahasenack> I'll check with rbasak tomorrow
<ahasenack> thx
 * ahasenack -> eod
<nacc> it was
<nacc> both bionic and cosmic are at 0.18 per rmadison
<nacc> but we build from source (well dump from source)
<nacc> err, no we do build it, sorry
<nacc> ahasenack: i could do it, but i don't have access to store the tarball any longer
#ubuntu-server 2018-05-09
<sarthor> HI, I have ubuntu installed on PC, and have two NIC, one NIC is configured automatically when I was installing OS, and name as "ens18", I have other LAN card also plugged in the same box, How to find the name of that lan card, because the name are not like eth0/ eth1 and eth2 .... HELP
<sarnold> try 'ip link'
<sarthor> ifconfig -a shown that.. thanks
<cpaelzer> good morning
<lordievader> Good morning
<tobasco> jamespage: coreycb https://www.cvedetails.com/cve/CVE-2017-2592 is not in main python-oslo.middleware for xenial (mitaka)
<tobasco> https://review.openstack.org/#/c/425734/
<tobasco> python-oslo.middleware is already the newest version (3.8.0-2).
<tobasco> 500 http://se.archive.ubuntu.com/ubuntu xenial/main amd64 Packages
<tobasco> can see it triaged but the fix is not released
<joelio> yep
<rbasak> nacc: I think it's distro-info-*data* that needs updating, which is a separate source package.
<rbasak> The distro-info snap part has a stage-packages of ridsro-info, which is confusing
<rbasak> I suspect that if we need distro-info from source, we don't need it staged explicitly, but we do need distro-info-data staged as that comes from the archive perhaps?
<rbasak> So a rebuild might work.
<rbasak> nacc: do you remember why distro-info is built from the tarball?
<ahasenack> rbasak: hey, I got a distro-info-data update today in bionic, and it has a cosmic line in the ubuntu csv
<frickler> thedac: coreycb: updated https://bugs.launchpad.net/neutron/+bug/1750121 . I'll be mostly off for a long weekend now, will check back next week
<ubottu> Launchpad bug 1750121 in neutron-dynamic-routing (Ubuntu Bionic) "Dynamic routing: adding speaker to agent fails" [High,Fix committed]
<coreycb> tobasco: ok that is on our security team's radar, though I think I'll just give them a hand and do the SRU myself
<coreycb> frickler: thanks! i'll check in with david when he gets in.
<coreycb> frickler: he is thedac btw
<frickler> coreycb: yes, I found that out and highlighted him, too ;)
<coreycb> frickler: ah missed that, cool :)
<Neo4> Hi, I've done first shell scrip, it installs apache2, mysql, php, phpmyadmin and node.js nvm
<Neo4> https://gist.github.com/kselax/0b07445fba101e6b74732f64814070c0
<joelio> Neo4: I'd imagine most people in here use a configuration management too like ansible or puppet
<joelio> s/too/tool
<joelio> but fair play if it's yout first :)
<Neo4> joelio: that is not modern, better to use your own
<Neo4> joelio: your own script give you more flaxibility, you can put editing files there, as I did in mine
<joelio> no, it doesn't but anyway
<joelio> ansible and puppet allow you to create hierarchies of looups of configuration data
<Neo4> joelio: before editing file I output a tip and run vim with file, then user are able to press CTR+z an go to shell and read tip and then return back to file type fg
<Neo4> joelio: ok, I saved this names, ansible and puppet, and will look on youtube what they are
<joelio> ok, if it works for you fair enoiugh, just don't expect to get much traction in this channel... like I said, people use more specific tools
<joelio> they were bourne out of ssh in a loop with shell scripts ;)
<joelio> Neo4: I'd look at ansible first, it's probably easier to get into
<Neo4> joelio: I'm going to write a few my scripts that will create automaticaly virtual host, for example put this file ~/bin/newvh newvh - means new virtual host, and user do this newvh site.com
<Neo4> and he got /var/www/site.com and apache should be configured automatically and reload
<Neo4> joelio: and one script that will install wp
<Neo4> ~/bin/cpwp (copy wordpress) , cpwp site.com
<Neo4> and script should go to github and download from there wp to /var/www/site.com
<Neo4> joelio: is it cool? :)
<joelio> I'd just use nginx and ansible modules, but whatever you wish :)
<Neo4> joelio: it looks so cool, I used to do this all manually
<joelio> if you can work it and it looks good, then fair enough, that's the most important part - if you as an admin are comfortable with the tools
<Neo4> joelio: it will streamline your work
<Neo4> joelio: you will do more work for short time
<joelio> what will?
<Neo4> joelio: shell, how much time it will take to create virtual host? and put there wordpress tite?
<joelio> hah, well considering I never deploy wordpress (yuk) then no, it really woruild
<joelio> *wouldn't P:)
<Neo4> it takes much time if do it manually, sometimes you forgot commands, somtimes other errors
<Neo4> with shell it's one minute, type two row
<joelio> dude, I getcha, look at what configuration management tools do then come and speak to me again :)
<Neo4> joelio: it can be other CMS, doesn't matter,
<joelio> I don't depoloy CMS's mate, I write automation for cloud services
<Neo4> joelio: I don't thing they better than own tools?
<joelio> trust me, they are better than shell, for my usecases
<joelio> if you read up on them, then you will see why :)
<Neo4> joelio: in programming people to use frameworks only when they work in team for other people will able to understand what is going on, it might in linux people use general tools as well for other people understand it
<Neo4> joelio: no, I doubt
<Neo4> joelio: they should be worse, because they are made for common use
<joelio> dude, I do this everyday for a living, sure
<joelio> shell scripts have their place, but not for large scale system automation working with heteregenous environments
<Neo4> joelio: ok, I look there, but I really very impressed, how easy deploy apps using shell :)
<joelio> hell, then you ain't seen nothing yet :D
<Neo4> joelio: can't calm down...
<Neo4> joelio: yes, I'm a newbie
<joelio> heh, it's cool dude!
<joelio> being keen on tech is something to be encouraged :D
<joelio> also, http://timstaley.co.uk/posts/why-ansible/
<Neo4> joelio: I think  a mail server with shell also will be easy deploy and fast
<Neo4> joelio: if you want to send spam, you can buy servers and fast deploy a few mailservers
<Neo4> or VPN or others apps
<Neo4> it's very big possibilities
<Neo4> joelio: do you know about backup? I am thinking now. about theory
<Neo4> joelio: I read in book there we can write shell script that will remotely using ssh connect to our server and get from there data and store in our local computer, This is possible to do using scp command or srsynk
<Neo4> is this called backup?
<Neo4> I think write script that will connect to server, and take make database damp, make archaive from /var/www/site with this damp and put to my local computer, and this task should run in cron
<joelio> Neo4: sure, sounds fine. There are other tools available for backups btw.  Depending on your site and how busy it is, you may need to lock the tables before dumping the database too, so consistency is fine. I think mysqldump does that if you're using that
<joelio> can create a tar of the site and db backup etc and use ssh to pull that (look up ssh keys too, you'll need those)
<Neo4> joelio: yes, using, I have never done backup, I see on my shared hosting it had been set up, but I didn't know how it was working
<joelio> there are off the shelf solutions too like duplicity/backupmypc etc
<joelio> if your host does it, leverage that
<joelio> just be aware on checking the update timestamp of the backups etc.. to make sure you've got a valid, recent backuo
<Neo4> joelio: I read about remote backup in 'Linux bible', this was the main solution, make remote connection
<joelio> and *the* most important part of backups - TEST YOUR RESTORES! :D
<joelio> yea, that's fine, via ssh
<Neo4> joelio: no, now host nothing do, if you have VPS you have to do all yourself
<joelio> use an ssh key and then it's non-interactive
<joelio> there are loads of tutorials etc
<Neo4> joelio: yes, need to break down this theme on days
<nacc> rbasak: pong
<nacc> rbasak: you're right, we just need an updated d-i-d
<nacc> rbasak: which you'd get on a rebuild (which appears needed for USNs anyways)
<rbasak> nacc: thanks. Can distro-info just be used from the package now, rather than built from tarball?
<nacc> rbasak: I *think* so -- there were times where it wasn't up to date in enough time, possibly? I'm not 100%, but I think that should be safe. You'll need to add it as a stage-package in git-ubuntu, I think
<nacc> tbh, i would do it as two separate commits, cleanbuild each and diff the squashfs images
<nacc> rbasak: sorry I didn't comment that better
<nacc> rbasak: oh, we might have needed a newer python3-distro-info
<nacc> rbasak: that's what it was
<station> was I clumsy, hdd rack slipped directly into motherboard, the leg of an capacitor was injured and had Â  to replace the hall cap. but since its an eBay motherboard and I'm dealing with first timer Server Motherboard and apparently Im still very slippery. I'm still not out of the clouds. the MB supermicro A1SRi-2758F is cycling trough al kinds of code errors at System Initialising â¦ 71 is the most stubborn one and seems to be 
<station> ved by http://www.supermicro.com/support/faqs/data_lib/FAQ_18625.pdf
<station> with USB in â¦ for AMI.BIOS flash it stops at F2 code with seems to be Recovery process started
<station> mentioned in this PDF if I'm right F3 means it found it AMI.BIOS file https://www.supermicro.com/manuals/other/AMI_BIOS_POST_Codes_for_Grantley_Motherboards.pdf
<station> so on OSX I flashed as Microsoft FAT 16 , the keyboard is on at F2 so its functioning for CTRL+HOME
<teward> mail servers are FUN!  >.>
<teward> unrelated, server team: you've got a glowing report to the CC from me detailing how you all helping me was instrumental in helping to get NGINX ready to go for BIonic.  (I was talking to the CC on something else, and gave a "By the way" admiration of how helpful you all have been)
<nacc> dpb1: fyi, i'll work on getting as much of php* sync'd over the next few weeks
<nacc> I need to send a bunch of stuff to Debian first, I think
<dpb1> cpaelzer: ^
<dpb1> nacc: awesome!
<dpb1> :)
<sdeziel> nacc: https://bugs.launchpad.net/ubuntu/+source/php7.0/+bug/1770222 (HTH)
<ubottu> Launchpad bug 1770222 in php7.0 (Ubuntu) " [MRE] Please update to latest upstream release 7.0.30 / 7.1.17 / 7.2.5" [Undecided,New]
<nacc> sdeziel: I can probably help the team do it, but I'm no longer at Canonical (fyi)
<sdeziel> nacc: oh, I wasn't aware
<cpaelzer> big +1 nacc, thanks
<nacc> sdeziel: np
<nacc> cpaelzer: i can send MPs for PHP MREs, or just do them myself, which would you prefer?
<cpaelzer> nacc: I'd say decide case by case - if it is trivial/no-discussion - then I'd not want us to block you
<cpaelzer> nacc: if there is a reasonable change that needs to be considered make an MP
<nacc>  cpaelzer: yeah, typically the MREs are pretty straight forward; I may need to coordinate with mdeslaur though if there are CVEs
<nacc> cpaelzer: +1, thanks
<eshas>  I want to use the ubuntu cloud image for 18.04 on KVM ppc64le. I have done following:wget https://cloud-images.ubuntu.com/bionic/current/bionic-server-cloudimg-ppc64el.img
<eshas> <eshas> qemu-img convert -O raw bionic-server-cloudimg-ppc64el.img bionic-server-cloudimg-ppc64el.raw
<eshas> <eshas> how do I now create passwd, ssh to imag and use it then to boot?
<sarnold> eshas: probably best is to use cloud-init to perform the first-boot initialization tasks
<eshas> so cloud init should alread be there in the .img
<eshas> should I just boot it?
<eshas> what about user/login?
<nacc> eshas: cloud-init is a program that runs at init-time, it's what initialized (customizes) a cloud image, if you want it to
<eshas> yes,
<eshas> but cloud-init v18.2 should be there in image itself
<eshas> or do I need to apt-get install it?
<sarnold> http://cloudinit.readthedocs.io/en/latest/topics/modules.html#users-and-groups
<nacc> eshas: it will be there in the cloud images
<eshas> I was under impression after converting to raw I have to mount the image, chroot, passwd etc
<eshas> and then boot it so i can use the username/passwd
<eshas> but I am not sure how to mount and make changes to it
<eshas> let me just first try to use the .img as is
<sarnold> once upon a time that was probably the way things worked -- but the idea with cloud images these days is to have a single image that all the hosts can boot and a simple declaritive way to add users, ssh keys, install packages, etc., so when you start a cloud image, it comes up with the day's security updates already applied, your users and ssh keys as needed, etc, and is ready to use without manual
<sarnold> mucking
<eshas> how do I add my users?
<nacc> eshas: with cloud-init.
<nacc> eshas: as we've said a few times now :)
<eshas> hmm..cloud-init will run when I boot and do initialization to pick network info etc
<eshas> I dont know how to specify user/passwrd there
<eshas> you mean config drive data?
<sarnold> the trouble with cloud-init is how to supply the data to the thing at boot time. that's severely underdocumented.
<eshas> yes, thats what I am stuck at.. how to ssh or have a valid username/passwd on first boot
<nacc> there is also #cloud-init
<nacc> and lots of docs
<eshas> do I mount .raw / and chroot
<eshas> hmm
<eshas> this is more of cloud image usage
<sarnold> just set aside an hour to read all the docs and *then* try to solve problems ;)
<eshas> is there a channel for cloud image?
<nacc> eshas: no, i think it's just a matter of learning cloud-init
<nacc> eshas: i don't think it has much to do with 'cloud image usage', tbh
<eshas> ok, I do know about cloud-init and use it but mainly for network config etc
<nacc> eshas: you can do just about everything in cloud-init
<eshas> there is no default user/password for ubuntu cloud-image
<eshas> ?
<nacc> eshas: i would doubt it
<ahasenack> I don't understand lp's diff in https://code.launchpad.net/~ahasenack/ubuntu/+source/apache2/+git/apache2/+merge/345312
<ahasenack> it's too big, it has changes outside of debian/
<ahasenack> https://pastebin.ubuntu.com/p/jfvkf4vydR/ locally it's sane and as expected
<nacc> ahasenack: looking
<sarnold> guessing, it's showing everything different since 2.4.29-1ubuntu4.1
<ahasenack> my guess too, which would imply debian/sid is out-of-date in lp
<nacc> ahasenack: the branch is at 2.4.33-3
<ahasenack> debian/sid?
<nacc> yeah
<nacc> (per the web UI)
<ahasenack> that's correct then
<nacc> ahasenack: yeah, give me a sec
<ahasenack> oh, wait
<ahasenack> there was a warning about empty directories
<ahasenack> WARNING: empty directories exist but are not tracked by git:
<ahasenack> docs/manual/style/lang
<ahasenack> docs/manual/style/xsl/util
<ahasenack> could that be related?
<nacc> yeah
<nacc> all the changes are related to fully added files
<ahasenack> from docs/
<nacc> and modules/ maybe?
<ahasenack> the warning only mentioned the two dirs above
<nacc> hrm
<nacc> yeah docs/ for sure is all adds
<ahasenack> let me do a clean clone elsewhere
<nacc> did it go from empty to not?
<ahasenack> let me check 2.4.33
<nacc> ahasenack: and, afaik, the importer is keeping up right now (I don't have visiblity to the reports, but I periodically check and the git page is moving)
<zave> hi all, is this the place to ask a question about systemd unit files? i'm getting an error when trying to start a service. the error is code=exited, status=200/CHDIR ... that's a permission issue?
<ahasenack> nacc: those directories are still empty in 2.4.33: https://pastebin.ubuntu.com/p/DP8KT5Gbqb/
<ahasenack> they are the only empty dirs in both versions
<nacc> ahasenack: i can see in git properly tht the merge is normal
<nacc> ahasenack: i would ask in #launchpad what's going on
<nacc> ahasenack: there are bugs here, iirc
<dpb1> zave: likely directory not existing?
<ahasenack> nacc: ok, thanks for checking
<dpb1> zave: `journalctl -u <unit>` give any more?
<sarnold> zave: check the unit file to see if it instructs systemd to change directories or run only if a directory exists or something similar
<nacc> ahasenack: i didn't check the merge proper, but my diff matches your pastebin
<ahasenack> good
<nacc> ahasenack: tbh, i don't usually pay much attention to the web UI -- but I would still ping in #launchpad, just to see if it's something obvious
<ahasenack> nacc: it's just that, at first, I obviously selected "ubuntu/devel" as the target, which is incorrect for a merge. And the size of the diff is what alerted me to that
<ahasenack> nacc: so I resubmitted with the correct target, but the diff was still wrong :)
<nacc> ah
<nacc> did you fully repropose it?
<ahasenack> at first yes, then I saw it was still wrong, then I deleted it
<ahasenack> but it's still wrong
<nacc> hrm
<nacc> there were some known issues with libgit2 that cjwatson was aware of (I'm reviewing my IRC logs :)
<zave> unicorn_abm-demo-01.service: Main process exited, code=exited, status=200/CHDIR
<zave> unicorn_abm-demo-01.service: Control process exited, code=exited status=200
<zave> systemd[1]: unicorn_abm-demo-01.service: Unit entered failed state.
<zave> systemd[1]: unicorn_abm-demo-01.service: Failed with result 'exit-code'.
<zave> unicorn_abm-demo-01.service: Main process exited, code=exited, status=200/CHDIR unicorn_abm-demo-01.service: Control process exited, code=exited status=200 systemd[1]: unicorn_abm-demo-01.service: Unit entered failed state. systemd[1]: unicorn_abm-demo-01.service: Failed with result 'exit-code'.
<zave> sorry about that.
<nacc> ahasenack: ok, i hit this with apache2 some time ago, as well. pygit2 itself was generating that weird diff, even though it correctly found the merge_base being debian/sid
<nacc> i appear to have dropped it after that and not followed up :(
<zave> dpb1: that was the journalctl log entry
<ahasenack> nacc: ok, and about those two empty dirs, what care should be taken before uploading? The tarball that git ubuntu build-source generates, I noticed during that run that it rejected one method of obtaining the tarball because of a hash mismatch, and I think it then downloaded it from lp
<dpb1> zave: as seth said, I'd look at the unit file next
<ahasenack> would that be the telltale about this empty-dir problem?
<nacc> ahasenack: yes, i expect so, but I'm not 100%
<ahasenack> ok, thanks for sticking around :)
<nacc> ahasenack: i would obviously trust lp (even for debian tarballs) over our pristine-tar, if there is a mismatch
<ahasenack> that one I can upload, so if the mp gets approved, I'll be careful about that
<nacc> ahasenack: i'd like to see the log with the mismatch if you have it, though
<ahasenack> oh, sure, let me run it again
<ahasenack> the orig tarball is not a symlink in that case
<nacc> ahasenack: wht do you mean (sorry, only half here)
<ahasenack> like
<ahasenack> lrwxrwxrwx  1 andreas andreas   96 mar  6 12:25 sssd_1.16.0.orig.tar.gz -> /home/andreas/git/packages/sssd/.git/git-ubuntu-cache/ubuntu/sssd/1.16.0/sssd_1.16.0.orig.tar.gz
<ahasenack> that's what g-u usually gives us
<nacc> right, it puts it into the cache and symlinks it
<nacc> (when it downloads from LP)
<ahasenack> I can delete that cache safely, right? rm ./.git/git-ubuntu-cache/*
<nacc> yeah
<ahasenack> k
<ahasenack> nacc: I cleaned the cache, and the orig tarball in ../: https://pastebin.ubuntu.com/p/gPxnTbmC8T/ so far, still running
<zave> sarnold: do you have a sec to look at my unit file, please? i don't think there's anything there that fits that description ..https://pastebin.com/3qkzzfc1
<sarnold> zave: what's namei -l /home/deploy/apps/abm_staging/amb_demo_01/current   look like?
<nacc> ahasenack: it's technically possible for pristine-tar to do something funky to tarballs, but we should have complained about it at import time
<nacc> ahasenack: i'd file a bug, so we can figure out what happened
<ahasenack> I might also file a bug because it crashed after
<nacc> :)
<ahasenack> https://pastebin.ubuntu.com/p/9SjvRkJbYz/ whole output
<zave> sarnold: user was originally deploy, i just changed it a minute ago to root to see if that would affect this problem ... here's the output of what you asked ...https://pastebin.com/jTj9gpPz
<sarnold> zave: *curious*, I wonder if the symlink upsets systemd?
<nacc> ahasenack: ah it would appear pristine-tar is not cleaning up the generated tarball when it fails verification
<ahasenack> yeah
<sarnold> zave: can you try /home/deploy/apps/abm_staging/abm_demo_01/releases/20180501225458 directly and see what happens?
<sarnold> zave: .. I've got to run, good luck with this, and please report back :)
<zave> kthx
<plagerism1> We have a server which has bcm5709 cards in them, but I am unable to initialize the interfaces
<tomreyn> is ubuntu readily installed, yet, or is this while running the installer?
<plagerism1> tomreyn: it is installed
<tomreyn> how did you install it?
<tomreyn> you said it's "16.04", is it 16.04.0 or a different point release?
<plagerism1> Installed via USB media.  It was 16.04.4
<plagerism1> I will attempt to reinstall
<tomreyn> can you show lsb_release -ds and cat /proc/version ?
<tomreyn> should be just two lines, no need for a pastebin
<plagerism1> tomreyn: Ubuntu 16.04.4 LTS kernel is 4.4.0-116-generic
<plagerism1> Network wasn't initialized during the install
<plagerism1> Would that make a difference?
<tomreyn> well that'd explain why it doesn't try to bring them up, and why it didnt include things in initrd
<tomreyn> plagerism1: still, "modinfo bnx2" should not return an error
<tomreyn> does it?
<plagerism1> Tomeryn: for what it's worth, I did not install it
<tomreyn> it's a bit unusual that 16.04.4 would install with the GA kernel, also, normally it'd prefer the HWE one, i think (although it should actually prompt)
<tomreyn> !info linux-image-generic xenial
<ubottu> linux-image-generic (source: linux-meta): Generic Linux kernel image. In component main, is optional. Version 4.4.0.124.130 (xenial), package size 2 kB, installed size 14 kB
<plagerism1> Which kernel should I try?
<tomreyn> that's not the 16.04.4 GA kernel also
<sdeziel> tomreyn: server now defaults to the GA kernel
<sdeziel> https://wiki.ubuntu.com/Kernel/LTSEnablementStack#LTS_Enablement_Stacks: "Server installations will default to the GA kernel and provide the enablement kernel as optional."
<tomreyn> you should be on this https://packages.ubuntu.com/xenial/linux-image-4.4.0-124-generic (a dpeendency of linux-image-generic) or this https://packages.ubuntu.com/xenial/linux-image-4.13.0-41-generic (a dependency of linux-image-generic-hwe-16.04) kernel.
<plagerism1> Okay
<tomreyn> sdeziel: thanks, good to know. the one plagerism1 has is neother GA nor HWE, though.
<plagerism1> Weird
<sdeziel> tomreyn: by GA, I meant the latest 4.4.0-X :)
<tomreyn> sdeziel: are you saying https://packages.ubuntu.com/xenial/linux-image-4.4.0-124-generic is not the latest 4.4.0-X ?
<sdeziel> tomreyn: no, I'm with you, -124 is the latest and what everyone should be running if on 4.4
<tomreyn> thanks for clarifying
<tomreyn> plagerism1: i'm assuming that when you said "Ubuntu 16.04.4 LTS kernel is 4.4.0-116-generic" that you were reporting the kernel version your system is running?
<tomreyn> (since that's what i asked for, not an internet research)
<sdeziel> my point is that 16.04.2 and subsequent point releases will still default to installing a 4.4 kernel
<plagerism1> Yes you are correct
<tomreyn> sdeziel: alright, i got so much
<tomreyn> plagerism1: okay, chances are that 4.4.0-116-generic is just what the 16.04.4 installer comes with and you could not update it since for lack of network access.
<plagerism1> Yea
<tomreyn> plagerism1: i guess you could either reinstall while bringing the system online during installation, or you could boot from the installer image and chroot into the existing installation and just install the missing patches, this would get you an upgraded kernel, thus a new initrd, and since you'll have internet access at the time it should also include what's needed to bring up your nics this time.
<plagerism1> I don't know what I did, but nics are working now
<plagerism1> I installed the extras kernel and rebooted
<plagerism1> All 7 nics
<plagerism1> Gonna dist-upgrade and hope for the best
<tomreyn> how did you install it with out network access?
<plagerism1> Tomeryn: I mounted the USB drive.  The only thing I did install was linux-image-extra-4.4.0-116 and rebooted.
<plagerism1> Interestingly enough after dist upgrade and reboot to 4.4.0-224 nics were gone
<plagerism1> I suppose if I install linux-image-extra-virtual, this would keep dependencies with kernel updates?
<sdeziel> plagerism1: that's the theory :)
<Blueking> I wanna build filserver with ubuntu.. should I go intel xeon or ryzen ?
<plagerism1> sdeziel: thanks
<sarnold> fileservers don't usually need much cpu power, just enough to run whatever compression, hashing, and raid algorithms your filesystem needs .. ECC memory is a good choice
<Blueking> ecc are a requirement yes
<Blueking> gonna use it for mediaserver too
<sarnold> is that involving on-the-fly transcoding?
<sarnold> does that parallelize well?
<Blueking> maybe,  havn't dug into to really
<Blueking> into it
<sdeziel> I once made the mistake to build a smb/cifs server using an embedded type of CPU AMD C-60 ... that turned out to be too a little weak
<sarnold> heh
<Blueking> amd c-60 ?
<sarnold> yeah I've never heard of it either
<sarnold> I suspect there's areason for that :)
 * lyn||ian has not heard of that
<sdeziel> yeah, old one. You should be fine with Xeon/Ryzen
<Blueking> xeon or ryzen :P
<sdeziel> https://paste.ubuntu.com/p/bgSSP28yqz/
<Blueking> old is that cpu ?
<sdeziel> I went for it because of the 9W TDP
<sarnold> nice
<Blueking> ok I have apc with xeon dual core  xeon e3 v3 1230L  12,5 or 25W
<sdeziel> 2011
<sdeziel> makes a decent lxd server though :)
<Blueking> lxd ?
<sdeziel> not bad for VMs either
<sdeziel> https://help.ubuntu.com/lts/serverguide/lxd.html
<sarnold> sdeziel: I was thinking it'd probably make a nice little maas thingy..
<Blueking> would xeon E3 1230L be enough for filserver purpose ?
<Blueking> + some features
<sdeziel> that's the cool thing with AMD, they do not castrate their low-end models so it has all the smart of that generation
<sarnold> nice
<powersj> Blueking: I use a E3-1225 and it works just fine for file serving and hosts various lxd systems (e.g. grafana, influx, unifi software)
<Blueking> powersj -> on-the-fly transcoding?
<powersj> that I don't do
<sarnold> Blueking: yeah that looks nice. 32 gigs might be a bit tight depending upon what you want to do with it, but it certainly feels like it ought to be able to fill your NIC from your disks :)
<Blueking> would cpu do it ?
<Blueking> I am looking for a supermicro mobo with 10GBit nic onboard..
<Blueking> might go dual cpu mobo
<powersj> Blueking: a quick search and there is a thread on the freenas forums about the 1230l
<Blueking> powersj  link ?
<Blueking> mobo for xeon E3  with 10Gbit nic onboard have not enough pci-e lanes..
<sarnold> maybe xeon-d boards would be a good fit? iirc they've got more pcie lanes
<tomreyn> just like eypc's and threadrippers do
<nacc> ahasenack: rbasak: dug a bit, i think we assumed that if `gbp buildpackage` fails, it would clean up the tarballs that failed to verify, say. It does not.
<nacc> so that's the backtrace part
<nacc> cpaelzer: dpb1: fyi, i think i need to bootstrap phpunit again, unless slangasek or another AA wants to help untangle the builds from Debian.
<nacc> I have started sending stuff to Debian, for universe packages, which we will hopefully be able to sync
<kevr> what would be the best way to query if a service is set to start at boot, regardless of sysv or systemd
<kevr> ?
<sdeziel> systemctl is-enabled $foo
<sdeziel> I don't know if that would work for sysv scripts though
<kevr> there's a systemd-sysv-install script as well
<kevr> that helps with dealing with that
<kevr> thanks
<sdeziel> I can't find any sysv service to test with
<kevr> i tested
<kevr> works fine on bionic.
<sdeziel> which service was that?
<kevr> it's a custom init.d service script which no systemd port
<kevr> old school
<kevr> well of course systemd does do the porting for me
<kevr> ;)
#ubuntu-server 2018-05-10
<Doow> Hi, I'm trying to figure out which cloud image version of 18.04 I should be using. I'm using OpenStack.
<Doow> For instances that is, not for the virtualization environment, I'm not in control of that :)
<om26er> Hi! in Ubuntu 16.04-17.10 /dev/kvm had permissions 660, in 18.04 that changed to 600, that causes Android Emulator to not start
<om26er> We tested on multiple machines here in my office and people on SO are also reporting similar stuff https://stackoverflow.com/questions/37300811/android-studio-dev-kvm-device-permission-denied
<Neo4> sed is like function accept only regular expression
<Neo4> I want to add line in /etc/hosts using sed
<Neo4> I see it only uses editing by line
<Neo4> do grep and sed use equal regular expression
<Neo4> for words we use \bword\b
<Neo4> \s any empty symbol
<Neo4> \S - any symbol that isn't empty
<Neo4> .*? not greed
<Neo4> .* greed
<tomreyn> this is still not the place to hold self tutoring classes
<Neo4> ok
<Neo4> I go to #programming
<tomreyn> you can also go to #i-am-teaching-myself-ubuntu-talking-to-myself
<tomreyn> but that channel name might be too long
<Neo4> how to use sed?
<Neo4> I am looking on it like on a function, not like an editor
<tomreyn> you, like anyone, are welcome to ask questions when you can't solve them by other means. specific questions (this is one is very generic), and details need to be provided. ask in #ubuntu unless the very question you are asking is specifically server related (this one is not).
<tomreyn> and maybe read this http://www.catb.org/esr/faqs/smart-questions.html
<Neo4> tomreyn: I got ban in #ubuntu, I can go there but don't want :)
<Neo4> there are very newbies
<Neo4> and many questions relate to how to install app, how to customize something, or how  to install ubuntu, I more interesting VPS
<teward> rbasak: i have an answer from upstream nginx about --with-compat.  It allows you to build dynamic modules on the same binary version of NGINX but with different flags to the ./configure argument, the compiled dynamic modules can still be used on other NGINX servers of the same versions even if the configure flags were different.
<teward> so it 'relaxes' the requirement of the exact same set of `./configure` arguments in order to make the modules work, which allows you to just build the dynamic modules *without* first replicating the entirety of the configure string built up by our debian/rules for it
 * thresh ducks
<teward> JanC: i think it was you who asked about module ABI.  If the patch is 'simple' and doesn't alter the externally visible structures in a backwards incompatible way it shouldn't break the ABI, but with regards to the version in Ubuntu the only thing I can see really going on except from packaging changes is security patches, which may or may not introduce a breakage.
<teward> also i see you hiding there behind the plastic potted plant, thresh.
<ahasenack> can I use globbing with debhelper's -X?
<ahasenack> I've only seen substrings so far in my sample of debian/rules files
<ahasenack> I'm specifically looking at dh_missing
<ahasenack> I want to exclude static libraries from a specific path
<ahasenack> so just -X.a won't be explicit enough
<ahasenack> and there is no -ppackage option, so I can't filter via that
<Kutakizukari> The article here: https://www.digitalocean.com/community/tutorials/how-to-configure-secure-updates-and-installations-in-wordpress-on-ubuntu The status of the article is marked as deprecated.
<Kutakizukari> I'm using SSH Keys and in my Wordpress install when trying to update plugins, it's asking for: https://cl.ly/3G2m363d203A "Connection Information.
<Kutakizukari> Is there another way to solve this problem?
<sarnold> Kutakizukari: I think I heard that wordpress really *is* that terrible and you do need to run an ftp server for it.
<sdeziel> which adds to the terrible situation if you ask me
<sdeziel> self auto updates also require the web server to have a writeable documentroot...
<sarnold> yeah
<sarnold> all kinds of poor choices there
#ubuntu-server 2018-05-11
<cpaelzer> good morning
<Xpistos> Hello all. I was looking for some help. I have a script that runs a report and sends it to me over sftp, but I am not sure how to test if sftp is enabled on the local machine or if it is blocked. Any ideas on how to test for that?
<waveform> Xpistos, check /etc/ssh/sshd_config - usually there's a line something like "Subsystem sftp /some/path" near the end
<ahasenack> is there a standard tool to detect if I'm im some kind of virtual machine or container?
<Xpistos> waveform: I will look
<ahasenack> systemd-detect-virt herhaps
<genii> ahasenack: https://www.ostechnix.com/check-linux-system-physical-virtual-machine/ has some tips on how to figure this out
<genii> If hardware passthrough is being used it gets somewhat more difficult
<hallyn> rbasak: (since i gather you're on the umb :) do you know the right person to contact about @ubuntu.com mail fwds?
<rbasak> hallyn: I think it's done automatically through Launchpad. But #canonical-sysadmin I imagine for any issues or support with it.
<rbasak> (or RT)
<hallyn> oh i thought that was on the internal irc server - thx
<jbicha> could the Server Team look into bug 1630946 ? is there a team I should subscribe to bugs like that?
<ubottu> bug 1630946 in ubuntu-meta (Ubuntu) "ubuntu-server depends on open-iscsi and runs iscsid" [Medium,Confirmed] https://launchpad.net/bugs/1630946
<jbicha> oh it's an old bug. I noticed because someone edited the bug today
<dpb1> jbicha: looking
<dpb1> we looked into this.
<dpb1> it's a messy relationship between maas and early boot that led that to be put in there I think
<jbicha> I understand that sometimes Depends are necessary. My ping was more of a request for the Team to make a decision on the request :)
<dpb1> yes, I know
<dpb1> I added to our backlog, thanks
<v0lksman> https://dpaste.de/vObR <- any ideas why I would see this?  df reporting the drive is 94% full but du only seeing 19G of usage?
<sarnold> check lsof or fuser to see if there's a bunch of files deleted but still in use
<v0lksman> I rebooted to ensure nothing was in use and that du output is run as root so lost+found would be checked too
<dpb1> v0lksman: is anything eclipsing /media/sites?
<dpb1> like /media/sites/submount
<dpb1> ah, another good tip... mount -o bind /media/sites /mnt/foobar, then du -ms /mnt/foobar
<gartral> hey all, I have a vm that's throwing fits, can someone make heads or tails of this? https://paste.ubuntu.com/p/gsY7WFV8c5/
<sarnold> gartral: wow that looks pretty creepy
<v0lksman> dpb1: yeah that's what it was...gah
<gartral> sarnold: creepy how? because the NX bit tripping?
<sarnold> gartral: yeah .. and the dropped caches ..
<gartral> sarnold: I think I know *why* it's crashing, there's nothing directly malicious going on, there is however a substantially deficient daemon running that talks to another vm for command and control of my game servers on the crashing vm, I think that's my problem
<gartral> even if it were malicious, the attacker ain't getting anything except a bunch game stuff
#ubuntu-server 2018-05-12
<FarhaadN> hi every one
<FarhaadN> who this is happening?
<FarhaadN> df
<FarhaadN> /dev/sdb1      206423736 201995500         0 100% /var/spool
<FarhaadN> Filesystem     1K-blocks      Used Available Use% Mounted on
<FarhaadN> /dev/sdb1      206423736 201531352         0 100% /var/spool
<FarhaadN1> how this is happening?
<FarhaadN1> df
<FarhaadN1> Filesystem     1K-blocks      Used Available Use% Mounted on
<FarhaadN1> /dev/sdb1      206423736 201531352         0 100% /var/spool
<ikonia> spamming it doesn't help
<ikonia> a.) why do you have /var/spool on it's own device ?
<ikonia> b.) have you looked what's growing in /var/spool (most likley mail)
<FarhaadN1> ikonia: i now hard is full, but look at used and availeble on disk
<ikonia> what ?
<FarhaadN1> size is 206423736, used is 201531352
<FarhaadN1> but use% is 100%
<ikonia> that's just rounding
<FarhaadN1> is that right to show Available=0 ??
<ikonia> yes if you've used it all
<FarhaadN1> i clear some data
<FarhaadN1> and look at result now
<FarhaadN1> /dev/sdb1       197G  187G  755M 100% /var/spool
<ikonia> first of all, 200gb full on /var/spool - WOW
<FarhaadN1> its use for recording voice on voip server
<ikonia> that does look a little big to be rounding/offset
<ikonia> check you're not out of inodes
<ikonia> (just out of interest)
<ikonia> if you google "why does df show my disk full" you'll get a page normally on the first page with a basic formula to work out rounding,
<ikonia> check that out
<FarhaadN1> ikonia: thank you
<RoyK> FarhaadN1: if it's ext4, there's usually 5% reserved for root, so even if there is some free space, these 5% will make df tell you it's full. You can adjust this with tune2fs -m X /dev/something where X is the percentage
<Neo4> Hi!
<Neo4> look at my script that generates ssh key and place it to remote server
<Neo4> https://gist.github.com/kselax/b4f19cd0f1269b48c43b65866fcb28b1
<ikonia> Neo4: why do I need to look at this ?
<Neo4> ikonia: you can test
<ikonia> no
<Neo4> ikonia: how do you install ssh key on your server?
<ikonia> that script is shocking
<ikonia> and a security risk
<ikonia> I will not run it
<Neo4> ikonia: you can use this shell script and will put and generate key for 1 minutes
<ikonia> I don't want to run that script ever
<ikonia> and nor should anyone else
<ikonia> please don't ask people to run your scripts in this channel
<Neo4> ikonia: no, take it and run on one test server, it will save your time
<ikonia> no
<ikonia> it will not save my time
<ikonia> I can distribute keys just fine, thank you
<Neo4> ikonia: how do you set up ssh key to your server?
<Neo4> ikonia: you need generate key, than copy it to remote server, that put permission, it many works
<ikonia> depends on where I'm doing it
<ikonia> yes, I'm aware how to do it
<Neo4> my scripts do this in one line
<ikonia> as I've said twice, I do it all the time
<ikonia> your script is very poor and a security risk
<ikonia> so again - please don't ask people to run it
<Neo4> set_key.sh key_name remote_user_name remote_server_ip
<ikonia> I know how to do it
<Neo4> ikonia: and you get set up key
<ikonia> last time - enough
<xpistos> Hey all. What is the best method for trying to copy data from a failing drive? I don't know how much I will get but I would like to pull off what I can before the drive is done. DD, CP, CAT?
<ikonia> depends what you want to do on the other end
<ikonia> all of those options will come with risk
<kiokoman> ddrescue also
<trimpher54> TESTING TESTING
<Blueking> me want to build fileserver and mediaserver in a pc... looks like filserver + mediaserver in one pc are not a good combination ?
#ubuntu-server 2018-05-13
<Tahvok> Hey guys!
<Tahvok> I'm having some trouble with apt-get update: https://gist.github.com/Tahvok/1fa51bacde327791d24c1fe2e6383ad8
<Tahvok> telnet to us.archive.ubuntu.com 80 works just fine
<Tahvok> So I'm not sure why it's failing
<tomreyn> "500 Connection failure: Network is unreachable" is remote servers' error. this remote server can be either the us.archive.ubuntu.com server or, more likely, a proxy server in between you and the apt mirror.
<tomreyn> Tahvok: ^
<tomreyn> put simply: my guess is that you have a boken proxy server between the system throwing this error and the (us.)archive.ubuntu.com archive mirror servers.
<Tahvok> tomreyn: thanks for pointing me to this. I'm checking this now
<tomreyn> Tahvok: welcome. not that you can also run apt(-get) with -o 'Debug::Acquire::http="true"'
<Tahvok> It was indeed proxy issue. Fixed now. Thanks a lot!
<tomreyn> welcome. :) and in case you took note of the above hint, please make it this instead: -o 'Debug::Acquire::http=true'
<MonsieurBon> Hi
<MonsieurBon> how do I make iptables configuration persistent over a reboot?
<MonsieurBon> Ideally it would load the iptables rules before any network interfaces come up
<tomreyn> MonsieurBon: look into iptables-save and iptables-restore unless you use some other software for managing iptables, since those usually provide something else for this purpose.
<sruli> trying to install 18.04 server, cannot find a option to setup lvm for the install
#ubuntu-server 2019-05-06
<teward> OerHeks: yes, it can, but the two networks save for a few bits and pieces need to be split.  Hence ACLs and VPNs.  Load balancing isn't at play since they aren't equal speed.
<OerHeks> i need more experience with that, multiple lines, now i just have a backup via wifi neighbour, and he with mine
<lordievader> Good morning
<geodb27> People : hi ! I'm still trying to build an unattended install of ubuntu-18.04-server.iso. The only things I haven't been abble to preseed until now are the 3/4 first questions : language select at boot, language select on installer startup and keyboard layout. I've filled in the d-i options in the ubuntu-server.seed, but the installer proudly ignore them all. What am I doing wrong ?
<geodb27> https://pastebin.com/FDSEgGdG Here are the modifications I did in both ubuntu-server.seed and grub.cfg (before rebuilding the full iso).
<blinkiz> Hello. How do I install Ubuntu 18.04 server without needing to configure network configuration? I do not seem to be able to pass network connections dialog
<blinkiz> Nevermind. I got it to work now
<aditya> hi people, I am facing a strange issue I am unable to run apt-get update or anything on my server, I am getting an error sudo: unable to resolve host duggals: Resource temporarily unavailable
<aditya> something has severely hit my networking and I am unable to change any file in /etc/ as well as per the help on various help site
<aditya> I am not a network admin but I am running a ubuntu server at home for media server but it seems everything has just crashed can any one please help me since I have been trying to resolve this for hours now more like a day now
<ahasenack> aditya: are you saying that when you run sudo, even with that error message, you don't become root?
<bryce> aditya anything interesting when you run dmesg?
<aditya> ahasenack: and bryce: The problem it seems that my machine was reset with power and now the system has booted without r/w access
<ahasenack> what fs is it?
<aditya> ahasenack: what is FS?
<ahasenack> filesystem, I mean
<aditya> how do I find out, I think its ext4
<ahasenack> output of mount
<aditya> https://pastebin.com/Wxta4xYZ
<ahasenack> line 8, ext4, and it's read-only
<ahasenack> dmesg will probably give more details as to what happened, if it's a hardware issue for example
<aditya> I think its caused by power outage and now I cannot mount it on rw
<ahasenack> but you will have to run a disk check
<aditya> https://pastebin.com/j3dXyAgY
<aditya> ahasenack: The diskcheck can only be run with a live USB of ubuntu correct?
<aditya> btw the above paste was for dmesg
<ahasenack> to actually fix it, yes. It can also happen during boot, before / is mounted
<aditya> is it possible to do it without a live USB?
<ahasenack> [    6.333609] EXT4-fs (sda2): Couldn't remount RDWR because of unprocessed orphan inode list.  Please umount/remount instead
<ahasenack> since it's /, I fear not
<ahasenack> maybe a reboot fixes it, since it will be an umount followed by a mount
<ahasenack> but it's your data
<ahasenack> depends how critical all of this is
<aditya> so is it possible to have a permanent solution like have ubuntu-server on 2 HDD and then if one fails then load ubuntu from another one and then run fsck
<ahasenack> just for the case of an fsck? Sounds overkill
<ahasenack> much handier to have a pendrive around
<aditya> ok
<ahasenack> that being said, raid1 is definitely a good thing to have for a server, if you can afford it
<aditya> so basically whenever there is a power outage i should be ready with a pendrive
<ahasenack> no, I think this was just bad luck
<aditya> well it has happened to me now 2nd time in that many months so it can't be bad luck
<bryce> if this was caused by a power interruption, a ups with triggered safe shutdown might be an option.
<aditya> well the problem with UPS is that they are hardly reliable esp in India where we get UPSes without USB to tell the OS that the battery is about to die
<bryce> aditya, yeah I found USP's to be more annoyance than value for my home server, but fortunately I have few power interruptions
<jdr>  
<tomreyn> aditya: in my opinion, always having a way of booting the same (or at least a similar) ubuntu release from a different storage location than the main installation is actually mandatory.
<tomreyn> there are a lot of options, though, it doesn't need to be a usb stick, can be a pxe boot instead, or just a separate internal storage (but keeping this upgraded may be more work than the pxe, especially if you have multiple servers).
#ubuntu-server 2019-05-07
<soulseeker> hello I was using the mini.iso and the select and install software pretty much skips selection
<soulseeker> does the server iso have a software selection
<soulseeker> the alternate iso is nonexist for ubuntu 14 and higher
<soulseeker> it looks like alternate is on ubuntu 12
<soulseekr> hello which install method allows the installer to select which software is installed
<qpo> how to select which software to install during installation
<qpo> apparently a full iso is downloading installer components as if it were a netinstaller
<qpo> hello it is a simple question
<qpo> difficulty rating 3
<andol> If you don't know the answer, how can you then know the difficulty?
<qpo> foresee what is needed to find out
<qpo> somebody who has used a recent installer
<qpo> presumably anybody in the channel
<qpo> maybe one could expect that an ubuntu server support channel has users who are using ubuntu server
<qpo> yeah
<qpo> I dont see the purpose of having a full installer iso if it does the same thing as the netinstaller either
<qpo> I attempted to check for myself but it isnt efficient to download 300mb of installer components to look at the select software step
<qpo> with a netinstaller the selectsoftware step has no selections
<qpo> andol, what are you doing in ubuntuserver
<qpo> in the past the installers had a list of software at the select software step so the installer can install only what is needed
<qpo> that was maybe at lucid
<qpo> ubntu 1'
<qpo> ubntu 10
<Eickmeyer> !ops | qpo aka ubuntu1 aka soulseeker ban evading again
<ubottu> qpo aka ubuntu1 aka soulseeker ban evading again: Help! Channel emergency! infinity, soren, lamont, mathiaz, Pici, Daviey, Tm_T, Corey, IdleOne, ikonia, funkyhat, Myrtti, ocean, genii, phunyguy!
<bhuddah> is there a working guide for ubuntu with pci dss?
<alocer> hello guys. which packages do you exclude for production updates ?
<weedmic> I clone each machine before lvl 4 updates (like kernel), then test them after the update.  I have only excluded 3 products ever for a specific machine, mesa, hwdetect, and nouveau.  alocer
<weedmic> why would you want to exclude updates?
<weedmic> just do them controlled (not automatic) - imho
<alocer> weedmic: i don't have the time for clone things .. and updates are nessecary for the security stuff .. you know what i mean.
<weedmic> I update everything, but... know how to revert just in case I break something <(")
<alocer> weedmic: in other words . i like to update or install only the security updates ..
<alocer> current solution is enable only the security repository. don't know any other way :(
<weedmic> oic - thinking about that - certainly would prevent broken items
<alocer> weedmic: the unattended-upgrades never works .. why is it so hard ?
<alocer> one of the reasons you should exclude: linux-image* packages takes space on /boot. so it will fill if not carefull. ;-)
<alocer> if i upgrade apache2 package my webserver restarts right ?
<alocer> so it will be down for couple of seconds ..
<alocer> am i right ?
<alocer> ooh . what is apt-daily.timer ?
<alocer> is it customisable ?
<weedmic> alocer: I would set update-manager to never do automatic (I mentioned that above) - I research every update on impact and how to revert before I consider trying it.
<weedmic> some - never have negative impacts though, but level 4 for me - I clonezilla the sys volume first.
<alocer> weedmic: i should probably do the same.
<alocer> weedmic: clonezilla . yup . i totally forgot that. thanks.
<tomreyn> alocer: yes, daemons will be restarted when upgraded. but those outages are usually just seconds. if that's an issue, you need HA.
<weedmic> i like to compartmentalise - i have a sys volume for each machine (even PCs) and the data is either online in a container or separate volume.  I have a clone of each machine - something bad happens, turn machine off, swap out the sys vol, put it back up.  seconds
<tomreyn> alocer: enabling only ubuntu-security does not guarantee that you receive all security patches.
<weedmic> then I can figure out what went wrong later iin the lab.
<weedmic> I have been using clonezilla since my attempts to build a symantec ghost look a like from dd commands took tooo long, clonezilla is like 7 mins done
<tomreyn> security patches are only available via -security for a limited time before they move to -updates
<alocer> tomreyn: i trying to figure out how can reduce down time when i m upgrading apache2 and mysql server ... it may cause problems .
<tomreyn> high availability.
<alocer> HA. lol.
<alocer> tomreyn: thanks .
<weedmic> do you mean create a HAS tomreyn - i have always wanted to do that, but never had enough resources
<weedmic> suse enterprise - does not require rebooting - but... i found for most machines a reboot is less than 30 seconds (once I stopped using dell)
<tomreyn> many se3rvices can be setup in a high availability configuration. it can be somewhat costly, but if downtime is critical this is what you need to do.
<tomreyn> ubunt also doesn't require you to reboot. and the effect is the same as on SLES: no patches are applied, or only those available via live kernel patching, if enabled.
<alocer> tomreyn: do you recommend unattended-upgrades . in centos yum-cron ?
<tomreyn> alocer: depends, most of the time, yes.
<weedmic> wow - that is a really nice thing to know tomreyn - made my day
<tomreyn> alocer: note that just installing updates does not apply fixes to everything automatically. some daemons will restart, but there can be patches to e.g. shared libraries which do not cause all affected services to be restarted, causing those to remain vulnerable.
<tomreyn> so a full reboot is occasionally necessary.
<tomreyn> or restarting all processes (possbily including PID 1)
<alocer> how does facebook do it then ? HA ?
<tomreyn> !info needrestart
<ubottu> needrestart (source: needrestart): check which daemons need to be restarted after library upgrades. In component universe, is optional. Version 3.1-1 (bionic), package size 39 kB, installed size 241 kB
<tomreyn> this can help you better understand what needs to be restarted after patching
<tomreyn> i don't know much about how facebook operates, but expect them to do HA on everything.
<alocer> yea i m thinking clusters of containers and HA .. .
<tomreyn> they are a bad example, too large, too many custom solutions.
<alocer> thanks tomreyn. needrestart was really helpfull.
<tomreyn> !livepatch
<ubottu> Canonical Livepatch is a service offered by Canonical for 64 bit 14.04 and higher installs that modifies the currently running kernel for updates without the need to restart. More information can be found at https://ubottu.com/y/livepatch and https://www.ubuntu.com/server/livepatch
<lotuspsychje> welcome to ubuntu server aleksandrM
<aleksandrM> Greetings, I would like to implement auditD rules on most of my environment, can someone steer me in the right direction or documentation. This is more from a security point of view.
<alocer> doumentation for auditD ?
<aleksandrM> alocer: correct, I know its usually the man page.
<alocer> yeap . sry .
<aleksandrM> I'm looking at advacned rules that will make the load less on other systems like password managers etc...
<alocer> aleksandrM: github maybe ?
<alocer> for samples.
<aleksandrM> Got it, will build from there.
<leftyfb> So I reported bug #1820096 and it got fixed. The problem is, I cannot seem to recreate the issue and in fact, have found that adding the hosts entry back in breaks tools like dnsdomainname. So now I'm debating whether or not the fix should be reverted.
<ubottu> bug 1820096 in subiquity "/etc/hosts not populated, preventing dns registration with dhcp" [High,Fix released] https://launchpad.net/bugs/1820096
<AvidWolf43> Hi Everyone
<AvidWolf43> Im very new to SSL certs in general. I am trying to setup a webserver with SSL using letsencrypt, the webserver I'm trying to setup is canonical landscape, I have already successfully generated the certs using certbot, I need to know where do I need to change the conf files to point to these new certs, and if service apache2 restart would suffice in registering the change and letting my browse
<AvidWolf43> to my webserver with a secure connection
<cryptodan> AvidWolf43: https://community.letsencrypt.org/t/recommended-apache-config/58294
<ahasenack> rbasak: hi, is this a known issue with mysql on xenial?
<ahasenack> Checking if update is needed.
<ahasenack> Checking server version.
<ahasenack> Error: Server version (5.7.25-0ubuntu0.16.04.2-log) does not match with the version of
<ahasenack> the server (5.7.26) with which this program was built/distributed. You can
<ahasenack> use --skip-version-check to skip this check.
<ahasenack> mysql_upgrade failed with exit status 3
<ahasenack> sorry for the paste, didn't realize it was long
<rbasak> I'm familiar with the error message, but don't remember the details.
<rbasak> Ask Skuggen for help perhaps? He's in #ubuntu-devel.
<ahasenack> cpaelzer: I believe https://bugs.launchpad.net/ubuntu/+source/rdma-core/+bug/1827840 is a dupe of https://bugs.launchpad.net/ubuntu/+source/dpdk/+bug/1823836, can you confirm?
<ubottu> Launchpad bug 1827840 in rdma-core (Ubuntu) "Failed to create Receive Work Queue indirection table when the number of work handler equal 1" [Undecided,New]
<ubottu> Launchpad bug 1823836 in The Ubuntu-power-systems project "dpdk app is reporting: net_mlx5: probe of PCI device xxxx aborted after encountering an error: Unknown error -95" [High,In progress]
<cpaelzer> ahasenack: checking
<cpaelzer> ahasenack: yes
<ahasenack> cpaelzer: thx, marked as such
<AvidWolf43> cryptodan: thanks that was an easy fix
<cryptodan> AvidWolf43: welcome
<ixil> Hello, I'm a bit lost with configuring the network for the ubuntu container
<teward> lost how?
<ixil> I'm unsure which service / which config I should configure - since there's netplan, cloudconfig, the nspawn flags etc
<ixil> I want the hostname to be set from the .nspawn file, and for it to use the networking given. systemd-networkd times out however, and the hostname was reset to 'ubuntu'
<teward> ixil: to my knwoledge, Netplan handles the configuration for networking.  cloud-init is annoying so once your container is spun I would remove cloud-init because it can mess with the hostname.
<teward> not sure how to use the nspawn flags unfortunately
<cyphermox> wat?
<teward> cyphermox: i'm confused too :|
<ixil> I suspect actually it's that my flags on nspawn are being ignored, for removing cloud-init -> `apt purge cloud-init`?
<jelly> how does Canonical know which versions of device-mapper, lvm and friends to go with for LTS releases?  RedHat typically ports the latest of those to all currently support EL releases, together with kernel bits needed
<xibalba> with bash, how would i read a line from a file and use different elements as variables in a loop ? My file is "x.x.x.x hostname", and i just want to loop through those and place $ip and $hostname into another command
<xibalba> this did nothing for me;  while IFS=" " read -r value1 value2 /tmp/iplist.txt ; do echo "value 1 $value1" ; done
<xibalba> ah figured out my issue
#ubuntu-server 2019-05-08
<damascene> hello, as asked in #KVM I want to allow a virtual instance to use network in bridge mode. I'm on Ubuntu 18.04 which uses netplan. That confused me a lot if any one knows how to do it please advice. I read multiple articles but the setup didn't work for me. each one of the should have static IP
<damascene> headless server
<lotuspsychje> !netplan | damascene start here
<ubottu> damascene start here: Netplan is a network configuration abstraction renderer which uses YAML descriptions of a network to work with either a NetworkManager or Systemd-networkd "renderer". More information at https://netplan.io/
<lotuspsychje> damascene: im not the server expert myself, but netplan uses the yaml file to edit your routes in
<lotuspsychje> ask again here Rembo
<Rembo> hello, does one of the following patches require reboot? https://pastebin.com/GvPpQFi3
<Rembo> does grub patches require reboot after patching on Ubuntu 16.04 Server ?
<damascene> lotuspsychje, thank you for trying to help, I've tried many solution and edited the yaml file. I'm being locked out of PC
<lotuspsychje> as again here whitebyte
<lotuspsychje> also you might need to patient a bit, -server support wakes up more at US wakeup
<whitebyte> I have setup Kea DHCP on ubuntu-18.04 server and trying to set hostname for a client ubuntu 18.04 machine. The hostname is passed in the lease file provided by kea-dhcp server but that is not taking any effect on client machine.
<whitebyte> sure @lotuspsychje
<lordievader> Good morning
<gnomethrower> oh nice
<gnomethrower> i had no idea this was a channel
<gnomethrower> should the link in the topic be referencing 18.04? :)
<gnomethrower> (ping Pici )
<damascene> I wanted to setup network interface not to write python code what the hell with this yaml
<damascene> I'm unable to know if the issue is with indenting or wrong configuration it keeps complaining as if is saying anything smart
<damascene> how to modify this to add KVM bridge? https://paste.ubuntu.com/p/sQWcpKQdyN/
<damascene> ip for the bridge should be 192.168.1.121
<damascene> could you please me add a bridge to my netplan file? https://paste.ubuntu.com/p/yw8gpBgMN2/
<damascene> I've tried many configuration but I'm getting thrown out of the server
<lotuspsychje> re-ask here chl_ ; )
<chl_> i've set option 66 and option 67 in isc-dhcp, but its not appearing on the dhcp packets if I check by dhcpdump. Has anyone had that problem?
<leftyfb> So I reported bug #1820096 and it got fixed. The problem is, I cannot seem to recreate the issue and in fact, have found that adding the hosts entry back in breaks tools like dnsdomainname. So now I'm debating whether or not the fix should be reverted.
<ubottu> bug 1820096 in subiquity "/etc/hosts not populated, preventing dns registration with dhcp" [High,Fix released] https://launchpad.net/bugs/1820096
<patstoms> morning, is there any other service which do scheduling other than irqbalance?
<ahasenack> rbasak: hi, quick look? https://code.launchpad.net/~ahasenack/usd-importer/+git/usd-importer/+merge/367112
<leftyfb> ahasenack: any suggestions on what we should do about #1820096 and the 127.0.1.1 entry in /etc/host for Ubuntu server? Is this something you can test on your end as well?
<ahasenack> in principle I would remove it on a server
<leftyfb> That's what I'm thinking. But in my initial testing with 18.04 server using the subiquity installer, with the entry there, the system wasn't registering it's hostname with dhcp/dns. Now I can't seem to reproduce the issue.
<rbasak> I'm not sure I follow your exact problem.
<rbasak> The generally right thing that's needed is
<rbasak> 127.0.0.1 localhost
<rbasak> 127.0.1.1 hostname-without-dots fqdn
<rbasak> in /etc/hosts
<rbasak> and hostname-without-dots in /etc/hostname
<rbasak> And the system hostname set without dots (which happens from /etc/hostname on boot, or use the hostname command)
<rbasak> I believe that's the current Debian and Ubuntu standard.
<rbasak> The RH world is different I think.
<rbasak> fqdn in /etc/hosts can be missing if you don't have one
<leftyfb> well no, not with server. From what I understand, the 127.0.1.1 is only to work around a bug in some gnome applications that don't work unless we can do a local lookup of our hostname with no network or on a network without a local DNS server that will resolve it. Otherwise (server) it shouldn't be needed
<rbasak> dnsdomainname et al should then just work.
<leftyfb> rbasak: with the default 127.0.1.1 entry(no fqdn), dnsdomainname does not work
<rbasak> You can get away without 127.0.1.1 like in your example, but it requires an extra round trip to your DNS server so why have it set up that way? The one way that is (should be?) installer default works in all cases, including dynamic, no FQDN, etc.
<rbasak> leftyfb: with no fqdn, dnsdomainname returns empty, as expected.
<rbasak> Any machine should be able to look up its own name, and know its own FQDN, without resorting to the network.
<leftyfb> rbasak: but on the network, the system does have a fqdn, so it should return it's valid hostname. Just because the 127.0.1.1 entry fails at adding the fqdn, does not mean the system does not have one on the network
<ahasenack> rbasak: I don't recall how this works, should I merge https://code.launchpad.net/~ahasenack/usd-importer/+git/usd-importer/+merge/367112, wait for the bot to run tests, both, something else?
<rbasak> ahasenack: wait for the bot and if it passes go ahead and merge please
<ahasenack> ok
<rbasak> leftyfb: I don't follow your statement
<rbasak> leftyfb: what's the problem you're trying to solve? Do you have a failing or illustratively-bad use case?
<leftyfb> rbasak: if there's a 127.0.1.1 entry, without a fqdn, and the lookup says there is not fqdn, that is returning false information. There is a fqdn, but we're being forced to use the file as opposed to dns and not able to look it up properly
<rbasak> leftyfb: how is it that you ended up with a 127.0.1.1 entry without an fqdn? And what do you mean by "forced to use"?
<leftyfb> rbasak: On my network, my devices have fqdn's on the network per the local DNS server. I want to use dnsdomainname to lookup what the domain is. That fails when there is a 127.0.1.1 entry without a fqdn.
<rbasak> leftyfb: why haven't you told your machine its fqdn during installation?
<leftyfb> rbasak: forced per the nsswitch order. If "file" has an entry, we don't don't bother looking up "dns"
<leftyfb> rbasak: To start with, the fqdn can and will change depending on which network(domain) the machine connects to. Hardcoding it is not the right solution.
<leftyfb> rbasak: And there's no way to populate /etc/hosts with a fqdn with dhcp
<rbasak> leftyfb: why do you need the machine's idea of its "fqdn" to change as it moves around?
<leftyfb> rbasak: because it's on a different domain and we want to determine which domain we are on by using the tool meant to do so (dnsdomainname)
<rbasak> You're going to have to go through the five whys here, sorry.
<leftyfb> rbasak: what do you mean?
<rbasak> I don't see how it's a problem for the machine to consider itself to have a blank fqdn.
<leftyfb> rbasak: because it's not valid
<rbasak> As a road warrior laptop user, I don't want other networks to inject bad data into my laptop.
<rbasak> It's perfectly valid, and until someone persuades me otherwise, it's even preferable
<leftyfb> rbasak: In our particular case, we have robots that move between networks (customer sites) with different domains and we want to use dnsdomainname to determine which domain we are on in order to set some variables
<rbasak> It sounds like it might not be the right thing to be using dnsdomainname in that case.
<leftyfb> rbasak: If a device on a network has a valid fqdn that every other machine on the network knows about, then it is not valid for dnsdomainnam to lie and say there isn't one.
<rbasak> What happens if you have two NICs that both DHCP and get conflicting "FQDN"s?
<rbasak> Perhaps better for your software to do a reverse lookup on the IP of one network interface it's interested in.
<rbasak> That would more unambigiously identify "what network you're on".
<leftyfb> rbasak: so you're ok with broken tools? For what purpose? Because you want to keep an entry that was only put there to work around a bug in some Gnome applications which aren't relevant in a server install?
<rbasak> Who said it's broken?
<rbasak> I think you're making a false assumption here about what the tool is supposed to do for you.
<compdoc> biggest problem with 2 nics and dhcp, is getting two gateways set for the pc
<leftyfb> "dnsdomainname - show the system's DNS domain name"
<rbasak> See the manpage example that uses 127.0.1.1!
<rbasak> Via /etc/hosts
<leftyfb> The only way to populate /etc/hosts is manually. That is a bad way to use the tool to "show the system's DNS domain name" which has a valid fqdn on the network
<cryptodan> you could simply add it to the hostname config at install when you give the computer a hostname
<leftyfb> We're not talking about at install. The FQDN is going to change across multiple networks/domains.
<leftyfb> The only reason the entry exits in the first place is from https://www.linuxtopia.org/online_books/linux_system_administration/debian_linux_guides/debian_linux_reference_guide/ch-gateway.en_009.html
<leftyfb> which is for a desktop environment, not server
<rbasak> I'm saying that for the FQDN to dynamically change as you roam between networks is broken in the general case.
<rbasak> I don't think a default Ubuntu installation should be doing that by default.
<leftyfb> rbasak: why do you say that is broken?
<rbasak> Just because I'm connecting to some random wifi somewhere doesn't mean that my FQDN should change.
<rbasak> And on a server, an FQDN change should certainly only happen directly when a sysadmin wants it, and not automatically.
<rbasak> (by default)
<leftyfb> It 100% means it should change if you are on a network with a different domain.
<rbasak> I don't think that meets normal sysadmin expectations.
<rbasak> Networks don't have "domains".
<leftyfb> I don't even know how to respond to that
<rbasak> An individual IP address issued by a DHCP server may reverse lookup to something whose FQDN has something specific according to the DNS server provided by the DHCP lease issued by the DHCP server to that IP address.
<rbasak> That's something that's per-IP though, not per-network.
<leftyfb> rbasak: ok, so to be clear, you're saying the current state should be:  We want a bug workaround for Gnome applications to stay in Ubuntu server for ${reasons}, we don't want dnsdomainname to actually be able "show the system's DNS domain name" from DNS and "Networks don't have "domains".
<rbasak> leftyfb: no.
<rbasak> leftyfb: I make no reference to any workaround.
<rbasak> leftyfb: my reasons for supporting the long standing standard for how this work stand on their own merits.
<leftyfb> rbasak: and yet, before my bug report, the entry was removed from the subiquity installer
<leftyfb> So someone made the decision at some point in the past year to remove it
<rbasak> leftyfb: are you saying that the current state of the installers don't match my position?
<leftyfb> rbasak: The current state of the latest available Ubuntu live server installer iso does not match your position
<rbasak> leftyfb: what does it do instead?
<leftyfb> rbasak: it does not have an entry for 127.0.1.1
<cryptodan> but why should it
<rbasak> leftyfb: in what scenario? Manual IP entry?
<rbasak> leftyfb: what exactly does it do?
<leftyfb> rbasak: As basic of an install as you can do, with dhcp and only setting a hostname during the install
<rbasak> leftyfb: does it add a 127.0.0.1 entry? If so with what? Just localhost?
<leftyfb> yes and yes. But let me do a quick install to doublecheck
<leftyfb> Taking longer than expected. We moved the lab around yesterday and don't have a wired connection to my test devices at the moment. The live installer takes forever timing out trying to get to the repos and falling back to the usb
<rbasak> leftyfb: no worries. Feel free to ping me when you're ready. I appreciate the discussion, and would like there to be a consistent position and bugs open against installers as needed referring to that position.
<rbasak> leftyfb: seems that my position may need to change to accomodate the DHCP during install + no FQDN supplied during install case.
<leftyfb> rbasak: https://photos.app.goo.gl/FLDqgAy5VPfrfz4B9
<leftyfb> Using ubuntu-18.04.2-live-server-amd64.iso
<rbasak> leftyfb: is that with the fix to bug 1820096? Or does it describe bug 1820096 and it's pending release?
<ubottu> bug 1820096 in subiquity "/etc/hosts not populated, preventing dns registration with dhcp" [High,Fix released] https://launchpad.net/bugs/1820096
<leftyfb> Yes. Though the odd part is I can't seem to reproduce the issue now.
<leftyfb> I'm wondering if mwhudson was able to
<leftyfb> and if he still can
<leftyfb> and if the bug should be invalidated or the fix kept
<leftyfb> oh wait
<leftyfb> rbasak: no, that is NOT with the fix
<rbasak> OK
<leftyfb> rbasak: In order to get the fix, I would need to snap refresh and get the latest subiquity installer.
<rbasak> So my position is slightly different (but fundamentally remains the same IMHO)
<rbasak> In the case that DHCP is all that is used, and an FQDN is never provided at install time, then it makes sense to have a 127.0.1.1 line with the non-qualified hostname only.
<rbasak> (by default; the sysadmin can change later of course)
<leftyfb> I'd like to find the bug and/or discussion that was had to decide on removing the entry for the live installer. That would give us more insight into whether it's actually needed
<rbasak> Rationale: any FQDN provided indirectly via DHCP and DNS at install time cannot be trusted to be the correct FQDN for the final installation.
<leftyfb> rbasak: why do you say it cannot be trusted? I don't understand that reasoning. You're making decisions based on the assumption that the server install is running on untrusted networks providing "invalid" fqdn's to clients on the network.
<rbasak> leftyfb: it's quite common for non-automated installs to be done in some kind of non-production network with different settings.
<leftyfb> rbasak: ok. But why hardcode such that we do not have a FQDN and have no way of using the tool meant to look it up?
<rbasak> Hardcode how?
<leftyfb> rbasak: If you write an entry for 127.0.1.1 without the fqdn, you are hardcoding invalidating any fqdn lookups
<Ussat> rbasak, even some automated install will do install in a non-prod network if you are building replacement servers....build, change vlan/hostname/ip replace
<Ussat> we do that all the time
<leftyfb> rbasak: But again, I refer to the Debian documentation stating that the entry was only there in the first place to allow some gnome applications to not break when trying to do a fqdn lookup when we have no network or local DNS server which will resolve the client's fqdn. This does not apply to server installs. Especially ones running on a network with a local dynamic DNS server
<rbasak> leftyfb: OK. I call that "the system doesn't have a defined FQDN", which is IMHO correct.
<leftyfb> rbasak: the entry does not exist in any other linux distro other than Debian-based
<rbasak> Ussat: agreed
<rbasak> leftyfb: I think the current behaviour is sensible behaviour, barring that current subquity bug.
<leftyfb> rbasak: you cannot make that assumption if you don't look it up on the network
<rbasak> leftyfb: you're already on very strange territory to have a non-cloud server installation running DHCP that didn't know its own hostname and FQDN at installation time.
<rbasak> leftyfb: that the default doesn't work for you isn't surprising to me.
<rbasak> leftyfb: you can override default behaviour by changing /etc/hosts :-)
<leftyfb> rbasak: I disagree. And we do know our hostname. But for devices that join multiple networks with different domains, no, we do not yet know our FQDN until we are on the network that provides it.
<leftyfb> A FQDN should not be defined by the client but the network it's on
<rbasak> Sure. I mean you don't know your own (hostname and FQDN) :)
<rbasak> As I said before, that doesn't work for multi-homed hosts.
<rbasak> You can't make a general statement about what should define an FQDN.
<rbasak> It's up to the sysadmin in an individual environment who knows the type of network environment it'll be operating in.
<leftyfb> It does when you're not doing something stupid like looking up your FQDN across different DNS servers hosting different domains
<leftyfb> Just because your client likes to pretend it's FQDN is host.google.com in /etc/hosts, does not mean any other machine on the network is going to agree. The client does not decide what it's FQDN is
<rbasak> leftyfb: there's a difference between what a client considers its FQDN to be and what points to it via an A or AAAA record, and what reverse lookups via in-addr.arpa and in6.arpa say. They can all disagree.
<rbasak> leftyfb: therefore it's up to the sysadmin to decide which one is the canonical FQDN. You cannot infer it.
<rbasak> leftyfb: and therefore it is not a function of the network.
<rbasak> Though it is generally a misconfiguration somewhere if a machine's FQDN exists in DNS but points to some other machine.
<whitebyte> I have setup Kea DHCP on ubuntu-18.04 server and trying to set hostname for a client ubuntu 18.04 machine. The hostname is passed in the lease file provided by kea-dhcp server but that is not taking any effect on client machine.
<teward> !crosspost | whitebyte
<ubottu> whitebyte: Please don't ask the same question in multiple Ubuntu channels at the same time. Many helpers are in more than one channel and it's not fair to them or the other people seeking support.
<whitebyte> @ubottu Sorry. I will keep in mind
<ahasenack> whitebyte: check if you have the hostname in /etc/hosts
<ahasenack> maybe that's overriding it
<ahasenack> paride: around still?
<ahasenack> rbasak: any idea why ci hasn't run on my git-ubuntu branch yet?
<ahasenack> I'm not seeing errors in https://jenkins.ubuntu.com/server/view/git-ubuntu/job/git-ubuntu-ci/
<whitebyte> @ahasenack I have only `127.0.0.1 localhost` in /etc/hosts
<ahasenack> ok
<ahasenack> rbasak: I wonder if it's about an MP limit, I count 10 skips in the job logs
<ahasenack> https://jenkins.ubuntu.com/server/view/git-ubuntu/job/git-ubuntu-ci-trigger/57736/console
 * ahasenack wonders where launchpadTrigger comes from
<whitebyte> I am getting `Not connected to system bus, not setting hostname` in syslog from systemd-network.service. Can I force networkd to start after dbus.service is up
<leftyfb> rbasak: A FQDN is a function of the network regardless of what the client thinks it is. The rest of the network doesn't give one lick what the client thinks it is and will only resolve what the network(DNS server) thinks it is. Playing pretend in /etc/host is a workaround for lack of network connectivity or a DNS server which will resolve the hosts FQDN.
<rbasak> ahasenack: limit> yeah maybe. paride looks after the job, so he might know? You can manually trigger a job using https://jenkins.ubuntu.com/server/view/git-ubuntu/job/git-ubuntu-ci/build?delay=0sec
<ahasenack> rbasak: we found out, the mp was approved already, so ci didn't look at it
<rbasak> Ah
<ahasenack> rbasak: I merged it
<ahasenack> (after ci's approval)
<rbasak> \o/
<gislaved> guys does a tftp client check UDP and TCP both ?
<RoyK> tftp is udp only
<gislaved> RoyK you can configure it on TCP
<sarnold> I've never seen tftp on tcp
<gislaved> you can otherwise you cannot loadbalanc eit
<gislaved> *loadbalance
<gislaved> or less easy
<sarnold> it's tftp. I can't imagine that it is ever under that kind of load.
<gislaved> sarnold have you ever seen a tftp server crashing ?
<sarnold> no, they don't do anything complicated :)
<gislaved> sarnold I need failover, LB-er is most easy for that
<gislaved> then I can just cehck if the server is alive :)
<gislaved> heh maybe it's time for anycast
<sdeziel> gislaved: if you really need to LB multiple TFTP servers with healthchecks and what not, you can use keepalived/ipvs I think
<gislaved> sdeziel I think I can let HAproxy do that, it does not support UDP but I think it can just let it foreward
<sdeziel> gislaved: I don't know if HAproxy can handle UDP at all
<sdeziel> gislaved: for DNS, I've also used IPtables with random module to spread the load among multiple servers ... quick and dirty but it works
<gislaved> sdeziel normally not but I have doen DNS loadbalancing as well in the past, so let's see
<gislaved> sdeziel not that dirty :)
<sdeziel> you can get creative with how you do it with iptables so that you remove backends when they are down but there is no builtin healthcheck which is why I said it was dirty ;)
<gislaved> heh :)
<sdeziel> gislaved: that said, even under load, I wouldn't expect the service to crash, which package is it?
<gislaved> sdeziel me neither. xinetd
<rbasak> leftyfb: again, that's not generally true. Say for example I have a web server on AWS. In that case, the network the instance sees has nothing to do with the real FQDN of the server.
<sdeziel> gislaved: have you tried tftpd-hpa?
<gislaved> sdeziel not yet, not supported by foreman
<leftyfb> rbasak: and equally irrelevant is a fqdn entry in /etc/hosts on that instance
<rbasak> leftyfb: I'd want all services on that instance to see the "right" fqdn, so I would set it correctly in /etc/hosts. I don't see how that's irrelevant.
<leftyfb> rbasak: I would point the instance to a proper DNS server that knows about the fqdn to do the lookup. Hardcoding entries in /etc/hosts is a hack
<rbasak> leftyfb: that won't work, because the instance won't have its public IP address actually assigned to an interface
<rbasak> leftyfb: I don't think the server's _own_ entry in /etc/hosts against 127.0.1.1 is a hack.
<rbasak> In the general case for other hosts, yes.
<sdeziel> gislaved: I'd try that one first personally. It's the only tftpd I can see in 'main' and I've seen many deployments using it (although I don't know how many tftp clients you hit your server with...)
<rbasak> But for a machine to know its own name and fqdn, that's not a hack. It's the status quo.
<gislaved> sdeziel not that much but I hate to have things "down"
<rbasak> DNS isn't necessary for a host to have a name.
<leftyfb> No, you're right. It's a big fix for some desktop applications
<rbasak> (and fqdn)
<leftyfb> It is for anything else on the network to utilize the fqdn
<sdeziel> gislaved: I personally wouldn't trust xinetd for production stuff
<gislaved> sdeziel why not ? it's the most known one that alw ays work(s)(ed)
<gislaved> *always
<sdeziel> gislaved: I've only ever used dnsmasq and tftpd-hpa myself and the fact that the later is in main (while xinetd is in universe) speaks for itself
<gislaved> sdeziel it's supported by RH so I trust it :)
<rbasak> leftyfb: it's useful for various things. Like HTTP error pages being correct, etc.
<Aison0> hello, anybody experienced with freeradius and openssl 1.1.1b? since 1.1.1b freeradius logs these kind of messages: https://pastebin.com/SacLArvy
<Aison0> I upgraded my notebook to disco and now freeradius logs these kinds of errors on the ubuntu server
<sarnold> Aison0: might be worth a filing a bug with ubuntu-bug
<Aison0> sarnold, the problem is, I don't know if it is really related to that upgrade :-)
<Aison0> or is this a openssl-1.1.1b thing
<sarnold> it feels plausible anyway
<Disaster_Area> Hi! I'm used to using MS SQL Server at work and basically want to use something similar at home for fun. I managed to install SQL server at home on Ubuntu 16.04 but
<Disaster_Area> well a) recommended GUIs/CLIs
<Disaster_Area> b) why do I get some syntactical errors I don't get when using MS SQL Server, e.g. https://i.imgur.com/boLOU6C.png
<sarnold> hey Disaster_Area, you may have more luck in an ms-sql channel; someone here might be able to help with postgresql or mariadb or sqlite3, but mssql is pretty rare
<Disaster_Area> hmm I was pointed this way from #ubuntu ok I'll have a look over there
<sarnold> yeah, I can see how they would have aimed you this way :) but I *think* you're the first person I've seen use mssql :)
<OerHeks> oh, ms sql
<michael2> I have wanted to tinker with it, but haven't yet
<OerHeks> is this on WSL?
<Disaster_Area> yeah I picked up SQL at work first ever programming language or anything for me haha well touched python and R a little bit
<Disaster_Area> WSL?
<michael2> Windows Subsystem for Linux
<sarnold> OerHeks: MS releases MSSql *for* linux
<sarnold> no need to run mssql on wsl, you could just run it on windows windows :)
<Disaster_Area> so I'm on linux at home and I wanted to use something like I'm used to at work rather than having to pick up a different variant
<michael2> are you having trouble installing it?
<Disaster_Area> I've installed MS SQL server on linux fine but
<Disaster_Area> I was asking for advice on GUIs/CLIs and
<OerHeks> hardening?
<michael2> I have used dbeaver community edition
<Disaster_Area> I ran some code that creates a simple function with some while loops in that works on MS SQL Server Studio but didn't run at home
<sarnold> Disaster_Area: maybe try a much simpler function? something that just returns an integer?
<Disaster_Area> I'll have a stab at that sure
<Disaster_Area> that worked ok
<Disaster_Area> hmm what should I post my SQL output in, might be quicker than sharing a screenshot
<Disaster_Area> or is pastebin fine? \shrug/
<sarnold> the pastebinit tool makes pasting easy -- you can pastebinit /path/to/file  and then just copy-paste the URL you get back
<Disaster_Area> https://pastebin.com/h1EXGNeD
<sarnold> nice
<sarnold> now try a tiny loop.. one variable, small body..
<Disaster_Area> haha I keep fucking it up every time I try and code it, and this is why I need a better interface
<Disaster_Area> bc with this u cant go back and edit the same thing u can just scroll up to find lines you already wrote ....
<sarnold> ew :)
<sarnold> can you use a text editor like vim or emacs or whatever and feed that as input?
<michael2> Disaster_Area: Give dbeaver a try
<Disaster_Area> https://pastebin.com/RHA26uSL
<Disaster_Area> i've got no idea haven't tried & don't have experience with that stuff
<Disaster_Area> the MS doc mentioned azure data studio and a couple other interface options
<michael2> dbeaver is a lot like Sql Server Management Studio
<Disaster_Area> hmm
<Disaster_Area> i'll look it up
<michael2> the Community Version is free and works with sql server and many others
<Disaster_Area> looks neat thanks I'll try it I think
<michael2> I like it because I can use the same interface for ms sql, mysql, postgres, maria...
<Disaster_Area> ooh hm I need to install java or something hmmmmm
<Disaster_Area> I fucked up my java situation really bad so like
<Disaster_Area> I had downloaded openjdk when I moved to the OS so I could run minecraft
<Disaster_Area> then when I was applying for jobs outta uni one of them was for a java thing and the guy on the phone basically pushed me into trying to learn it
<Disaster_Area> which on linux meant a lot of effing around with uninstalling and installing stuff
<Disaster_Area> oops appears i disconneted >_>
<Disaster_Area> haha here we go installed it and tried to run and got the following error message:
<Disaster_Area> A Java Runtime Environment (JRE) or Java Development Kit (JDK)
<Disaster_Area> must be available in order to run Dbeaver. No Java virtual machine
<Disaster_Area> was found after searching the following locations:
<Disaster_Area> java in your current PATH
<Disaster_Area> --usr/share/dbeaver/jre/bin/java that was the location it gave
<Disaster_Area> buuut when I tried updating my java earlier:
<Disaster_Area> https://pastebin.com/EqX5NgeT
<Disaster_Area> would there be a better place for me to ask how to sort this issue out? lol
<OerHeks>  9 not to upgrade. run apt full-upgrade
<Disaster_Area> i'll try that see if it helps
<Disaster_Area> still same error msg
<Disaster_Area> hmm its weird it gives the usr/share/... since there is no jre folder in usr/share/dbeaver ...
<tomreyn> maybe dbeaver have a support channel? it's not part of ubuntu's software repositories, so unless michael2, who is apparently familiar with it, can help you out, you'll better look for a software specific community support channel
<Disaster_Area> hmm good idea
<Disaster_Area> though this might be more of a java issue honestly
<tomreyn> as long as you have apt package "default-jre" installed, this should be all that's needed if the software you're using was made to be ubuntu compatible.
<Disaster_Area> think I was missing that..........
<Disaster_Area> thanks!!
<tomreyn> it's really just a tracking package for the latest openjdk*-jre package, which you seemed to have already
<tomreyn> ahem, "default-jre-headless" is what you'd want on a headless server, sorry.
<Disaster_Area> it installed that one too
<Disaster_Area> aaaand dbeaver still same complaint
<Disaster_Area> on the other hand how do I find my java path?
<Disaster_Area> i think i can do it if I can find that?
<tomreyn> "apt depends <package_a>" lists the other packages package_a depends on.
<tomreyn> "dpkg -L <package>" lists the files (and paths) which belong to the given package
<tomreyn> you just reached the point where a moderate understanding of ubuntu's software management utilities could be useful.
<Disaster_Area> hm i found the path
<Disaster_Area> yeah I really could do with knowing the ins and outs of knowing my OS better at this point in time
<tomreyn> chances are you'd be better off with these (also normally unsupported here, just like the ones you have now, and mssql) dbeaver packages: https://launchpad.net/~serge-rider/+archive/ubuntu/dbeaver-ce?field.series_filter=xenial
<Disaster_Area> i dont think its a case of missing packages i think it just needs me to tell it where java is
<tomreyn> on linux it's common to build and package software multiple times for different distributions, to make the software apply to the different environments.
<tomreyn> e.g. one distro may have java binaries in one path, the other in another path.
<tomreyn> also by using apt repositories you get an easy and secure upgrade path
<Disaster_Area> well, I did install the default-jre and default-jre-headless and it didnt appear to have helped... anyway so i tried some things and
<Disaster_Area> https://pastebin.com/zVDiVs1q
<Disaster_Area> oh hmm this is good
<Disaster_Area> the filepath i found at the top
<Disaster_Area> doesn't exist any more
<Disaster_Area> >_>
#ubuntu-server 2019-05-09
<ShellcatZero> Does anyone here do a lot of configuration management?  Do you get much benefit of something like Ansible over shell scripts?  I've personally found the translation of scripts to Ansible to non-trival and rather redundant, and I've found no such tools which seem to assist in automatically creating such scripts or playbooks from an OS environment.
<hermande> ShellcatZero, Are you saying that transitioning to Ansible or Puppet from shell scripts are a PITA?
<rbasak> ShellcatZero: it's handy for sharing common things between multiple instances, shipping templated files to instances, and so on. Sure, you can use shell, but then you're just reimplmenting some library that configuration management tools already provide.
<Disaster_Area> i think typing dbeaver -vm /usr/lib/jvm/java-8-openjdk-amd64/jre/bin/java
<Disaster_Area>  into my terminal has worked! :o
<ShellcatZero> hermande: Just based on my experience, yes, and it seems redundant.  From my understanding, scripted provisioning at scale is just as well acomplished via ssh, rendering scalability benefits of Ansible or Puppet rather moot.
<hermande> ShellcatZero, And for what it's worth, A well configured Scripting system can be powerful.
<hermande> ShellcatZero, Ansible and Puppet have known interfaces that don't require special knowledge or code.
<hermande> ShellcatZero, If I showed you my old scripting system and asked you to deploy it across a set of servers, you would insist that my coding didn't fall into your box of "Good Things"
<hermande> With Puppet/Ansible, it's easier to describe using a common language.
<ShellcatZero> hermande: Ah, I see what you're saying.
<mybalzitch> did the docker snap break for anyone else? I get https://gist.github.com/thisisnotmyrealname/61f2215cb5dc23d2184d4c37474f7f92 after docker was running fine for ages
<hermande> In otherwords, you are making yourself replaceable....
<mybalzitch> removing the snap and readding it let me launch things again, but it seems the next day its broken
<ShellcatZero> hermande: Based on what you describe I don't think Ansible or Puppet is applicable to my use cases, because I need to enforce domain knowledge for those using my scripts, which must also be extended as the need arises.
<hermande> ShellcatZero, That's a fun topic.  So many tools enforce learning the API/UI over what is actually happening.
<hermande> ShellcatZero, I've seen people pull up a full UI to make a small change in the /etc.
<lordievader> Good morning
<loru> Hello. I'm on ubuntu 18.04, using netplan on a server. I have addresses: [ x.x.x.50/24, '2x:x:x:x::ffff/64' ] and I need to add one more ipv4 and v6 (currently in a container, attaching them on the host instead).
<loru> Would "addresses: [ x.x.x.50/24, y.y.y.51/24, 'x:x:x:x::ffff/64', 'y.y.y.y::ffee/64' ]" be fine?
<lotuspsychje> idle a bit here ok loru -server channel might wakeup more at US wakeup
<loru> lotuspsychje: sure
<loru> https://gurdeep.ninja/ovh-soyoustart-ip-failover-ubuntu-18-04/
<loru> I'm not using OVH but it seems to be it
<loru> looks simple, I'll try :)
<lotuspsychje> !netplan | loru see also
<ubottu> loru see also: Netplan is a network configuration abstraction renderer which uses YAML descriptions of a network to work with either a NetworkManager or Systemd-networkd "renderer". More information at https://netplan.io/
<loru> It works anyway, thank you :D
<paride> ahasenack, not sure why your git-ubuntu MP was being ignored by git-ubuntu-ci
<paride> I had a look at the code and couldn't spot a limit to 10 MPs
<paride> there are currently 11 active reviews in https://code.launchpad.net/usd-importer/+activereviews , the last one is from bryce and I can see it in the git-ubuntu-ci-trigger-job
<paride> e.g. https://jenkins.ubuntu.com/server/view/git-ubuntu/job/git-ubuntu-ci-trigger/57812/console
<paride> it's ce9afc69d8e6199ec96e1f28b68b23d3db9a8459
<ahasenack> paride: it's because the MP was in the "approved" state already
<ahasenack> paride: I switched it back to "needs review", kicked the job, and then it picked it up and voted
<paride> ahasenack, OK, good to know
<mason> Is there an apt(8) equivalent to "apt-get source" that I'm missing, or is there some tool that's preferred? Or is the goal for apt-get to always be there for its source-getting chops?
<albert23> mason: you mean apt source <package> ?
<mason> albert23: I don't know. Half a sec and I'll tell you if I mean that or not. :)
<mason> albert23: Well, look at that. I hadn't thought to try that since it's not listed in the man page.
<mason> albert23: I feel a docbug coming on.
<ahasenack> rbasak: what's the name of that tool that organizes d/control? Puts each depends in its own line, orders it alphabetically, etc
<mason> albert23: Thank you.
<rbasak> ahasenack: wrap-and-sort
<ahasenack> thx
<albert23> mason: np
<mason> albert23: Ah, and I guess my question is mildly confused, as when I snagged the apt source to whip up a patch, there was apt-get in the same package. Cough.
<mason> albert23: Do you know if -a/--host-architecture is vestigial? I wanted to check options before snagging the apt-get man page section on source intact, and I seem to be missing some clue about how to apply -a.
<mason> https://bpaste.net/show/25cb9c46b310 anyway - I'll defer the docbug until I know if what I'm using as a source is confused
<JanC> mason: not only missing from the man page but also from --help apparently
<JanC> but bash completion knows the 'source' command
<mason> JanC: Do you know about -a there? I haven't dug into the source, but it seems not to work, and copying bad info from one man page to another might not be optimal.
#ubuntu-server 2019-05-10
<koognod> i just tried to install 16.04 on my mac mini but I am only getting firmware error on boot ucode11 is this enough to be causing the boot up problem and how can I fix this if that is the case
<koognod> ... ucode11 not found
<Koognod> https://usercontent.irccloud-cdn.com/file/OH6ghVQR/Won't%20boot
<ricks_> Hey there. I'm setting up a VPS server that will be accessible through IP and (hopefully) mounted for media and document usage
<ricks_> The trouble I am having is selecting filesystem: what filesystem is r/w with Linux, MacOS, and Windows?
<ricks_> Does that matter? Or should I just be setting up NFS or a different network FS and the root filesystem doesn't actually matter
<lordievader> Good morning
<ahasenack> what's the meaning if a package name between () in the seeds?
<ahasenack> http://manpages.ubuntu.com/manpages/disco/en/man1/germinate.1.html explains it
<supaman> hi, trying to set up slapd here, when I query the slapd with ldapsearch I get a responce, but if I try to add data with ldapadd I am asked for the admin password and then I get this response: ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)
<supaman> I put the ldap debug level up to 8 as per instructions here: https://help.ubuntu.com/lts/serverguide/openldap-server.html.en
<supaman> still don't see anything in the logs when the connection fails
<supaman> sorry, not up to 8 .. that was some other software I was working with :-)
<supaman> put olcLogLevel: stats
<ahasenack> supaman: if you don't provide a hostname in the command line tools, it will use whatever is set in the client config file, /etc/ldap/ldap.conf
<ahasenack> are you using simple bind? -x -D <dn>
<supaman> ahasenack: the command to load data is like in that help guide: sudo ldapadd -x -D cn=admin,dc=ap,dc=local -W -f add-content.ldif
<ahasenack> no need for sudo there
<supaman> ok
<supaman> so it is perhaps missing a -H?
<supaman> ahhh, there something happened
<ahasenack> maybe you had an ~/.ldaprc in root's home, I think that can override the global config settings from /etc
<supaman> nah, dropping the sudo did nothing
<supaman> had to manually add the -H, so my ldap.conf does not contain the correct server
<ahasenack> looks like it
<ahasenack> wonder how search worked without it, though
<supaman> think I used the -H switch with all the searches
<supaman> the help serverguide might be updated to either tell people to add an URI to their config or add a -H switch to that specific command
<ahasenack> did you find out why the search worked, without -H?
<supaman> all my searches used -H ... just didn't click in my head that was the problem
<supaman> was following the serverguide blindly
<BrianBlaze> is it possible the update servers are down or something
<BrianBlaze> I have the weirdest issues trying to update
<teward> BrianBlaze: depends on what mirror(s) your server(s) use
<teward> most of the mirrors are up currently
<teward> but this doesn't preclude ISP level filtration to block things though
<BrianBlaze> scratching my head for 10 minutes...
<BrianBlaze> IP CONFLICT
<BrianBlaze> damn
<BrianBlaze> thanks teward
<teward> lol
<teward> BrianBlaze: yeah those suck don't they xD
<BrianBlaze> lol I am just exhausted
<BrianBlaze> it's starting to show
<teward> sleep beckons :P
<sarnold> gnight teward :)
<teward> sarnold: lol not for me
<sarnold> teward: oh. bummer. sorry.
<teward> i have another... *maths* ... 7 hours of wakeup
<teward> BrianBlaze, though, sleep beckons for them :P
<teward> sarnold: well it is only 15:34 here so I mean :P
<sarnold> teward: I know it sounded great :)
<BrianBlaze> yeah still have a good hour and a half before home to the baby to never sleep again lol
<BrianBlaze> I was just so frustrated over my own stupidity tho... fewf TGIF lol
#ubuntu-server 2019-05-11
<foo> I see OOM murdering processes in dmesg. However, I don't see a timestamp. Anyway to see timestamps here? I don't see this in /var/log/syslog, wondering if this is from an older issue
<foo> ah, dmesg -e ... yeah, this was from last month, that was taken care of. *wipes sweat*
<axisys> I have SSD disks .. but /sys/block/sda/queue/rotational says 1 for this server.. it says 0 correctly on another server .. what gives?
<RoyK> axisys: what sort of controller? what does smartctl -i /dev/sda have to say on those servers?
<axisys> RoyK: HP
<axisys> HPE Smart Array P408i-a SR Gen10
<axisys> This one Smart Array P440ar reports correctly on the other server
<RoyK> axisys: dunno about tht - those "smart" controllers run their own OS/firmware and what they report or not isn't really something we can control
<axisys> RoyK: gotcha..
#ubuntu-server 2019-05-12
<Greyztar> hello,my server seems to log some popularity contest something is this ubuntu stuff i may turn off?
<Greyztar> google to the rescue,so its a package ,however if i purge it also ubuntu-standard package gets removed,is it safe to remove?Dealing with small resources so everything i dont need i want to remove (,")
<blackflow> Greyztar: what package is tha?
<lotuspsychje> !info popularity-contest
<ubottu> popularity-contest (source: popularity-contest): Vote for your favourite packages automatically. In component main, is standard. Version 1.66ubuntu1 (bionic), package size 33 kB, installed size 118 kB
<lotuspsychje> might be this
<Greyztar> blackflow: popularity-contest is the actual package,but it depends on ubuntu-standard which also gets remove seems its a meta-package
<Greyztar> blackflow: you think its safe to remove?Have to admit i dont know what a meta-package is google says a sort of master list of packages
<blackflow> Greyztar: a meta-package is virtual dependency that pulls in other packages. It's to group packages around certain functionality so that you pull in one and it pulls in whatever else is needed to fulfill that functionality. there are some other uses as well.
<blackflow> Greyztar: you don't have to uninstall it. Edit /etc/popularity-contest.conf and set  PARTICIPATE="no". That's the default anyway.
<Greyztar> blackflow: thanks for the informations and help :)
<blackflow> yw
<blackflow> hrm I don't recall ubuntu installer ever asking me to enable popcon. frankly I thought that was a debian thing only.
<Greyztar> blackflow: its a preinstalled cloud vm so gets all the goodies i guess hehe
<lotuspsychje> blackflow: is that standard in -server too?
<lotuspsychje> or is it because Greyztar installed ubuntu-desktop?
<Greyztar> lotuspsychje: im using server,but its most likely due to it being a preinstalled vm from cloud provider im guessing :)
<lotuspsychje> on ubuntu desktop, its a welcome screen where the user has the choice to send or not
<lotuspsychje> so that would be real weird server has this installed by default, without a choice?
<Greyztar> i think ive seen that too,its not installed on my main server and dont recall getting prompted for it other than my Debian installs
<Greyztar> its a preconfigured/install image or so at a cloud provider,so its not a vanilla install
<blackflow> the package is installed by default yes, depended on by ubuntu-standard. But submission is disabled by default.
<lotuspsychje> tnx 4 confirm blackflow
<blackflow> PARTICIPATE="no" is default. And I don't remember Ubuntu ever asking me to enable it, like Debian installer does.
<lotuspsychje> blackflow: so server gives the choice at install somewhere?
<blackflow> dunno, I've been installing servers with debootstrap for long time now. Tried subiquity few months ago, but I don't recall it asking.
<lotuspsychje> !info ubuntu-report
<ubottu> ubuntu-report (source: ubuntu-report): Report hardware and other collected metrics. In component main, is optional. Version 1.3.0~18.04 (bionic), package size 1589 kB, installed size 4948 kB
<blackflow> lotuspsychje: I don't think _installing_ it is a choice, as it's a hard dep of ubuntu-standard. If anything is a choice, it's whether it's enabled, post installation, via /etc/popularity-contest.conf
<blackflow> yeah, buntu-report is different, that's hardware metrics. popcon is software installation ("popularity") metric.
<lotuspsychje> yeah thought they were different
<Greyztar> being that its default off ill think i want to send a mail to my cloud provider asking how come they enabled it
<Greyztar> any recommendation on services or so i could turn off to save resources?My server is hosting a few lxc containers and running tor service and thats it
<Greyztar> also im using zram =)
<Greyztar> is there any other way than systemctl status to find currently running services?
<blackflow> `ps axuf` will show you running processes
<Greyztar> thank you blackflow
<blackflow> as for turning off services, by default installing ubuntu-server will only run with most minimally required services. whatever your hosting company does, is out of scope of support here, we have no way of knowing.
<Greyztar> yeah i figured,i sort of answered my own question when started digging into what services i had running,next time ill start out with a normal install instead of preconfigure something ,though with your command i found an openvpn server i didnt need anymore so some resources gained hehe
<Greyztar> so weird ,their telling me popularity-contest is enabled upstreams,though my home server is same Ubuntu 18.04 and its not enabled,time to start migrating to another provider maybe
<blackflow> Anyone knows if it's possible to track TCP stream retries on the server side? I'd like to run some statistics about retried packets per client IP address for, say, all TCP flows to/from port 443
<blackflow> I know you can do it if the application supports it (like iperf), but I need this application-independent, perhaps at the iptables or some other in-kernel accountancy level
<blackflow> I suppose I could whip up a script around ss -o option
<noregret> I woke up with ubuntu server 18.04 unreachable, I had to up -> down its interface for it to connect again. I looked at syslog and found out when it stopped connecting to the internet but i don't know what happened, how can I troublshoot this further?
<compdoc> you have access to the console, then
<noregret> compdoc: yes I do
<noregret> that's how I down/up the interface
<compdoc> syslog can mean a couple things. have you looked thru other logs. the server was continuing to operate normally?
<compdoc> no reboots?
<patdk-lap> doesn't say anything about if dhcp failed
<noregret> compdoc: i actually just checked /var/log/syslog and dmesg, and yeah it operated normally after an interface down/up
<noregret> patdk-lap: it has a static ip set in /etc/netplan/01-netcfg.yaml
<patdk-lap> oh netplan
<compdoc> is it an intel nic?
<noregret> compdoc: not sure, it stays e1000e in dmesg
<noregret> says*
<noregret> (this is an old laptop)
<noregret> yeah intel I guess
<noregret> btw, I was copying data to it from a windows machine using sftp, and when the operation stopped, and it coudln't connect to the server, i knew something was wrong
<compdoc> I have no idea if its related, but recently a server had been running normally, suddenly started dropping connections to VMs running inside. I had to move one vm to run directly on hareware to make it work
<compdoc> could have happened after an update
<noregret> weird
<compdoc> *hardware
<compdoc> or, it could be the 2-port intel nic was dying
<noregret> https://bpaste.net/show/3efb8cf8d4b6 - i see this in dmesg, is it normal?
<noregret> I thought docker might responsible, but i'm not running any containers, so i was looking for a way to stop it
<noregret> couldn't find one yet, it doesn't have a daemon in systemd
<noregret> I recall I chose it to be available during ubuntu install, but I don't remember the details
