#ubuntu-server 2006-05-01
<spike> neuralis: I have my points against cyrus, but what's so wrong with courier? and I do like dovecot, just cant see what's so bad about courier
<neuralis> spike: the security track record is just as bad, iirc.
<curado> hi
<curado> i'm trying to migrate some sarge box at my job to ubuntu.. but i need information to justify it
<curado> could someone give me some tips?
<h3sp4wn> curado: don't if there was a reason you would already know it
<curado> it would not be a reason.. it would be something to prove ubuntu being better to a server...
<curado> h3sp4wn: do you admin ubuntu servers or just sarge ones?
<infinity> curado: To be honest, there's very little difference between an Ubuntu or Debian server.
<infinity> curado: If you plan to move to Ubuntu when dapper releases, however, perhaps some people will be happy to know that we will provide security support for dapper (on the server-side) for 5 years.
<infinity> Nice to know if you don't particularly like upgrading every 18 months (I know I can never be bothered)
<curado> but what about security team for ubuntu server?
<curado> i already admin some ubuntu servers.. but this is the first time i need to consider migrating a sarge machine to ubuntu
<infinity> What about the security team?... It's the same security team as for all of Ubuntu.
<curado> that's why i ask for help..
<infinity> And we do our best.
<infinity> As for migration, the best adive I can give is "do full backups, pin your apt preferences, and jump in"
<curado> :)
<infinity> Basically, to get a complete migration, you need to "sidegrade", which can mean forced downgrading of some packages.
<infinity> The following in /etc/apt/preferences should do it:
<infinity> Package: *
<infinity> Pin: release a=breezy
<infinity> Pin-Priority: 1001
<infinity> (A pin-priority over 1000 will force downgrades to respect the pin)
<curado> but would you migrate a server from sarge to breezy?
<curado> i really want that..
<infinity> I did not that long ago.
<infinity> But, then again, I develop for both Debian and Ubuntu, so I had my own personal reasons for doing so, and obviously some good idea as to how well it would wrk.
<infinity> (For the record, sarge->breezy goes pretty smoothly, generally.  Some packages will get a forced-downgrade, but they're all close enough in version that everything seems okay once the dust settles)
<curado> so both would be a good option..
<curado> and when dapper releases i should consider migrating..
<curado> that's right?
<h3sp4wn> curado: some sarge / some woody / a ubuntu test machine - if its working properly there is no reason to upgrade (In my opinion) if you are going to upgrade you might as well do it onto new hardware and just migrate the data
<curado> thanks for you advice..  :)
<curado> and what about new servers?
<curado> breezy or sarge?
<h3sp4wn> what running ?
<curado> apache, nagios, mysql, openldap
<curado> some other services too
<curado> like dns, dhcp..
<h3sp4wn> wait for dapper or sarge - dapper seems to run faster (in my admittedly quite limited testing) I don't know about reliability - even though it probably will work fine (and you will receive no praise etc)if it doesn't then you will get the trouble
<curado> ok  :)
<curado> thanks a lot
<Vaske_Car> hello
<Vaske_Car> anybody here willing to answer few questions?
<xerophyte> can i able to split the tar archive file into small parts ?? i have huge folder which has 12G of data
<allee> xerophyte: command split.  But that's more #ubuntu question, isn't it
<xerophyte> does anybody know why do i get this error ount: block device /dev/sda5 is write-protected, mounting read-only the fstab entry for that /dev/sda5 /       ext3    defaults 1 1 and when i  try to  mount -o remount  / does anybody know does that mount is mounting with read-onley
<ivoks> that's an usb stick?
<xerophyte> ivoks, nope its sata drive
<xerophyte> with root partion
<xerophyte> mounted with rw but i am not able to create any file only on the root partition
<ivoks> remount should mount it rw
<ivoks> unless there is some hardware write protection or filesystem is corupted
<xerophyte> EXT3-fs error (device sda5) in start_transaction: Journal has aborted
<xerophyte> EXT3-fs error (device sda5) in start_transaction: Journal has aborted
<xerophyte> how can fix that
<ivoks> fsck-ing
<ivoks> grab an install or live CD, and fsck that partition
<jurjenst> When I take the time of create a 'ubuntu_webserver' or 'ubuntu_firewall' meta- & configuration-package. Is there a chance that somebody would include it in the ubuntu repository? I have send some ideas about it on the mailinglist.
<jurjenst> The idea is to install a combination of packages and to make them work together.
<jurjenst> So ubuntu_mailserver will install a working amavisd-new and spamassassin.
<ivoks> i doubt that will enter dapper
<ivoks> jurjenst: and clamav-daemon i hope :)
<jurjenst> That is no problem... it would not be stable enough before end of the month ;)
<ivoks> but wait a sec...
<jurjenst> ivoks: naturally
<ivoks> there is allready spec for that
<jurjenst> ivoks... where?
<jurjenst> I would like that ;)
<ivoks> sec...
<ivoks> https://launchpad.net/products/ubuntu-instant-server/+spec/ubuntu-instant-server-manager
<jurjenst> ivoks... thanks that looks a lot like it... I will try and contact Mario about the ideas...
<jurjenst> I am building a package for my work to create a complete mailserver automagically. But to debug this work an official package would help quite a bit.
<ivoks> jurjenst: mario is online ATM
<ivoks> let me contact him...
<ivoks> jurjenst: meet mario (pygi) :)
<pygi> hi jurjenst
<jurjenst> Hello.. it looks like the instant server option is a bit more abigious that my plans ;)
<pygi> jurjenst: hehe 
<jurjenst> I want to install some software (small sets) and configure them together.
<jurjenst> So people have some guidance to install servers...
<pygi> well, have you read the specs? (at least what's left of it)
<pygi> There are docs about server configuration on the way
<jurjenst> But it is some extra work to provide php interfaces for all the software... it's fun to create but it is a lot of effort
<pygi> php interface??? who was talking about php interface?
<jurjenst> I like to create a script that configures postfix - spamassassin - clamav together.
<jurjenst> 1: Ease of use (we used a php interface on a seperate server from the main apache
<jurjenst> it's in the docs ;)
<jurjenst> I will try to create a first version of the packages this weekend... I will mail the result for comments.
<pygi> what kind of scripts are you going to provide?
<pygi> wait, don't work on anything until we agree what is to be done -P
<jurjenst> ubuntu-webserver, ubuntu-mailserver, ubuntu-sqlmailserver, ubuntu-firewall ;)
<jurjenst> these are just mega packages and some configuration to glue them together.
<jurjenst> And a good sample configuration ... but still very close to the current packages
<pygi> No, I would suggest you don't do that =P
<jurjenst> why?
<pygi> Are you familliar with python?
<jurjenst> meta... instead of mega ;)
<jurjenst> yes..
<pygi> well, why not write python scripts for configuration according to u-i-s specs?
<jurjenst> is ok..
<jurjenst> I was thinking about some really ugly bash scripting but python is a good alternative ;)
<pygi> hm, lemme dig up the specs and try to explain it to you
<pygi> I'll also try to be of some help, but I can't promise any of coding at this time
<pygi> oki, were you looking at this?
<pygi> <ivoks> mislio sam da ce to biti rasulo
<pygi> <ivoks> na kraju je prilicno dobro ispao
<pygi> bah, wrong paste :P
<pygi> https://wiki.ubuntu.com/UbuntuInstantServerSpec
<pygi> also this
<pygi> https://wiki.ubuntu.com/UbuntuDownUnder/BOFs/UbuntuInstantServer
<pygi> ???
<pygi> jurjenst: still alive? 
<visik7> hi
<visik7> iptables is a ubuntu-server related question ?
<fabbione> no
<fabbione> -> #ubuntu
<visik7> ok
<pygi> o, fabbione is alive 
<fabbione> barely
<fabbione> i am recovering
<spike> fabbione: about this "is it related". I added some stuff to the ServerFaq page, if you wanna have a look at it
<pygi> ugh :-/ what happened?
<fabbione> spike: what was the url?
<fabbione> pygi: have been ill
<spike> fabbione: some guy with nick redguy came asking for something to include in the ubotu bot's factoid for server
<fabbione> ok
<spike> fabbione: https://wiki.ubuntu.com/ServerFaq
<spike> fabbione: ssee "Where can I get help?"
<fabbione> yeah
<fabbione> there is #ubuntu-server
<fabbione> that should really say #ubuntu
<fabbione> and join #ubuntu-server if you want to help
<spike> the guy never showed up again, so I dont know how to get it in the factoid
<fabbione> we also need to change the url to the seeds
<fabbione> that one is obsoleted
<fabbione> http://people.ubuntu.com/~cjwatson/seeds/dapper/server
<fabbione> this is the new url
<spike> k
<J_P> hi all
<J_P> people, I have ubuntu 5.10, and I am using redir program and doing this : "redir --laddr=200.xxx.xxx.xxx --lport=9000 --caddr=192.168.0.195 --cport=80  --debug", but this isn't working, but I test this comand in debian sarge and are working, version is equal (2.0). In ubuntu redir receive conection but cannot redirect it... Anyone have anyone idea ?
<J_P> anyone here ?
#ubuntu-server 2006-05-02
<Plug> hello
<Plug> having trouble creating LVM snapshots under dapper-beta-server
<Plug> best suggestion so far was http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=343671#msg20
<Plug> basically, it just hangs
<Plug> anyone seen this/got any suggestions?
<Plug> which also seems to be
<Plug> https://launchpad.net/distros/ubuntu/+source/lvm2/+bug/38409
<Plug> (...so, seems not to be that at all; its hanging at suspending the LV, even though I've done that already with xfs_freeze)
<Plug> and if I xfs_freeze -u - it wakes back up
<Plug> strange. ;)
<hokatichenci> pretty quiet, anybody alive?
<Plug> yep
<Plug> but just me, it would seem
* fabbione yawns
<hokatichenci> I've got mysql client 4.1 installed and running (connecting manually to the srever works fine), but when I connect through mediawiki which is php it doesn't work
<hokatichenci> its like php5-mysql is 4.0 only
<fabbione> hokatichenci: -> #ubuntu
<fabbione> this isn't a support channel.. really
<hokatichenci> ah
<hokatichenci> whats it for really
<fabbione> for ubuntu-server development discussion
<hokatichenci> ah
<hokatichenci> i figured it was sort of all purpose, and i'm running ubuntu server, its nice so far
<hokatichenci> once I can get this stuff working that is :-p
<theCore> fabbione: that isn't what the /topic say
<fabbione> for general support see #ubuntu  <-
* ..[topic/#ubuntu-server:fabbione] : ubuntu-server discussions | for general support see #ubuntu | U. S. (stable) at http://tinyurl.com/b3jek | U. S. (Devel) at http://tinyurl.com/cllfu | U. S. dapper specs: http://tinyurl.com/aen9b | U. S. forums at http://tinyurl.com/b77qg | ubuntu-server@lists.u.c is up and running | searchable packages list: http://packages.ubuntu.com
<fabbione> there
<theCore> hehe
<hokatichenci> whats so different anyways between u-s and normal ubuntu besides the fact that it doesn't come with the bells and whistles
<fabbione> wiki.ubuntu.com/ServerFAQ
<fabbione> or something like that
<fabbione> there are goodies in the -server work too
<fabbione> U. S. dapper specs: http://tinyurl.com/aen9b
<fabbione> but there is no diff between ubuntu and ubuntu-server if not what's on CD
<fabbione> the archive is shared
<hokatichenci> nods
<hokatichenci> I'm coming from a gentoo background where typically the server group is hardened and wildly different
<hokatichenci> so my apologies for not seeing the topic hehe
<fabbione> no problem
<fabbione> just read the FAQ, it's a page and it will give you a good overview
<fabbione> if the FAQ are not clear, just ask
<theCore> fabbione: the FAQ say that for server related questions, we can ask here ;)
<fabbione> theCore: php+mysql interaction is not server related.. keep reading
<fabbione> i can run php+mysql on my ws
<fabbione> oh actually.. i do
<hokatichenci> fabbione, are you running 4.1?
<fabbione> 4.0
<hokatichenci> heh bloody hell
<hokatichenci> I really wouldn't want to have to compile my own php binary
<theCore> fabbione: what is the reason why this channel isn't for server software support?
<fabbione> theCore: because there is #ubuntu for general support. and people tend to confuse what -server support is with general support
<theCore> fabbione: ah, ok
<infinity> hokatichenci: 4.1 is in universe and unsupported.  php5-mysql /can/ connect to it just fine, though.
<infinity> hokatichenci: If you want a supported (and supportable) confuguration, though, use mysql-server, which will pull in the supported version (4.0 in breezy, 5.0 in dapper)
<hokatichenci> infinity, yeah i would think it would be able to connect, but for some reason its not, it depends on libmysqlclient-12 but 4.1 is -14 i think
<infinity> client12 can connect to any MySQL version.
<infinity> (Unless you changed the configuration on the 4.1 server, or if it's not a Debian/Ubuntu versoin of the server)
<hokatichenci> its not a debian/ubuntu version of the server
<infinity> Ahh.
<hokatichenci> its gentoo atm
<infinity> From the Debian/Ubuntu /etc/mysql/my.cnf
<infinity> # For compatibility to other Debian packages that still use
<infinity> # libmysqlclient10 and libmysqlclient12.
<infinity> old_passwords   = 1
<infinity> That's the only change that should be required to allow older clients to connect to the newer servers.
<hokatichenci> that goes anywhere in the config file?
<hokatichenci> hrm I'll have some ubuntu/debian gurus look at it tomorrow
<infinity> That goes in the server's config file (on the Gentoo box)
<infinity> Nothing Debian/Ubuntuish about it.
<hokatichenci> I know nothing about configuring debian/ubuntu still, so I'm lost as to whats installed now heh :)
<hokatichenci> am I right to assume at least it would require a custom php compile to get it working without old passwords
<infinity> hokatichenci: Or an upgrade to dapper, yes.
<infinity> (which uses client15, from MySQL 5.0)
<hokatichenci> I do not understand how that works :p I really need to read about debian more
<infinity> Again, it has nothing to do with Debian/Ubuntu.
<infinity> Just compiling in general.
<infinity> The php5-mysql in dapper is compiled against libmysqlclient15, which is the client library from MySQL 5.0
<ivoks> not with 15off?
<infinity> You're used to the Gentoo world where any ABI change is met with the lovely advice to "recompile everything".
<ivoks> :)
<infinity> ivoks: Semantics.  Don't confuse the boy.
<ivoks> ok :)
<ivoks> diff beetwean ubuntu and gentoo/redhat is that programs are "compiled" against packages
<infinity> "15off" is just "15 with upstream's official symbol versioning script" (which was, unfortunately, incompatible with OUR symbol versioning script, hence the forced ABI change)
<hokatichenci> infinity, yes, I actually like that recompile everything because it keeps everything in check, just takes a while :) The binary speed though is really, really nice.
<ivoks> that's hoax
<ivoks> how much faster can your app be?
<infinity> hokatichenci: You wasted more time compiling than you'll ever regain from speedier binaries, trust me.
<ivoks> it's compiled against libc-686 and on kernel-686
<ivoks> that's what matters
<hokatichenci> Er, I meant from the time compiling vs time installing binaries
<infinity> oh. :)
<hokatichenci> Its much quicker to install binaries than to compile from source, hah
<hokatichenci> I'm well aware theres no speed benefit, I like the flexibility mostly, but thats a whole nother story.
<infinity> Anyhow, "recompile the world" is a pretty painful way to handle things like security updates, where we fix the security problem, Gentoo tells you to "just upgrade to the latest version".
<infinity> And other such things.
<hokatichenci> yeah
<hokatichenci> thats what I'm looking forward to if I can get this working, just gotta figure out how to upgrade to dapper now
<infinity> The flexibility of use flags is cool, but you find that "flexibile" turns into "painful" when you have a lot of machines to administer, and you're like them all to be identical.
<hokatichenci> yeah it can be problematic
<ivoks> gentoo is nice to play with your system
<infinity> The fact that all Debian/Ubuntu packages are identical, even across architectures, is a pretty big win when you have a large datacentre to look after.
<ivoks> it's useless when you need our system for work
<infinity> I tihnk Gentoo is great toy for a home user.
<hokatichenci> gentoo-hardened project is super nice though, I don't know much about adamantix (debian equiv)
<ivoks> s/our/yours/
* ivoks is typing in bed, so ignore his typos :)
* infinity needs to get back to work and stop babbling on IRC.
<ivoks> eh, it's 8AM here :)
<infinity> 4pm here.  Catch up. :)
<ivoks> i'm not sure who needs catching up :)
<ivoks> unless you are in australia :)
<infinity> I am.
<allee> fabbione: [06:34]  <fabbione> for ubuntu-server development discussion
<allee> fabbione: but in topic 'ubuntu-server discussions ...'  why not explicitly ubuntu-server development discussions
<allee> makes a huge difference IMHO
* ..[topic/#ubuntu-server:fabbione] : ubuntu-server development discussions | for general support see #ubuntu | U. S. (stable) at http://tinyurl.com/b3jek | U. S. (Devel) at http://tinyurl.com/cllfu | U. S. dapper specs: http://tinyurl.com/aen9b | U. S. forums at http://tinyurl.com/b77qg | ubuntu-server@lists.u.c is up and running | searchable packages list: http://packages.ubuntu.com
<fabbione> there
<allee> now 50 % can surely leave the channel ;)  Not yet sure which half I am in.
#ubuntu-server 2006-05-03
<xerophyte> with rsync how can i say to delete file which are not in the source location to the remove location .. i mean i wanna delete file which are not in the current location
<infinity> --delete
<yves> hi
<neuralis> xerophyte: may the man page be with you!
<neuralis> nictuku: how's nwu coming?
<nictuku> neuralis, well it's kinda stalled. I really need to discuss things with you guys
<nictuku> I love the project but I wonder what is its priority. Should I work on other projects instead? I have to manpower to deliver a stable version for edgy, I think - I haven't even worked on testing infrastructure.
<nictuku> besides I'm dedicated to dapper i18n and bug reports
<nictuku> s/I have to manpower/I don't have enough manpower/
<nictuku> I was also thinking about a revamp on that spec
<nictuku> Besides NetworkWideUpdates, nwu could also deploy "NetworkWideInformation"
<nictuku> neuralis, anyway, my current focus is to make a test structure
<neuralis> nictuku: will you be able to make it to the dev conference in june?
<nictuku> maybe. In what country will it be held? you mentioned somewhere in Europe before
<neuralis> yes, i don't believe it's been announced yet
<nictuku> air ticket to certain countries will be quite expensive in june, I presume
<neuralis> canonical does offer limited sponsorships
<nictuku> I'd be interested. do you know how should I proceed to apply for that?
<neuralis> the conference announcement, once posted, will contain sponsorship instructions
<neuralis> perhaps not directly, in which case they'll be listed on the wiki page
<ajmitch> it's definitely worth applying in any case
<nictuku> hmm I hope the announcement doesn't take too long.
<rstrit> join #cisco
<tarvid> php5-imagick is missing in dapper
<tarvid> a bug report generated an error
<tarvid> a bug report about the bug report succeeded
<tarvid> i have the urge to install php5-imagick today
<tarvid> it is in debian testing but the dependencies appear different
<tarvid> should I compile the source?
<J_P> hi all
#ubuntu-server 2006-05-04
<jguenth> Because it is in universe, clamav will not receive security updates by the security team.
<jguenth> Am I right?
<ivoks> it should get casual update :/
<ivoks> i hope it will get them in dapper
<jguenth> Using Ubuntu on a server without security updates for clamav and other important packages is not possible, imho.
<jguenth> :-(
<J_P> hi all
<J_P> people, anyone have setup cluster with Ubuntu Linux ? Do you know some tutorial for this ?
<Nafallo> is /dev/md0p1 supposed to be automagically created when I add it to the partition table or do I have to do something else?
#ubuntu-server 2006-05-05
* jmg notices a bug in the ubuntu-server guide
<xerophyte>  If i understood correctly if i wanna setup small business envoriment with file server + printer server i need samba on the linux server .. is there any other way to setup ??
<spike> xerophyte: it of course depends on the small business environment
<xerophyte> spike, it has apple osx and windows boxes including linux
<spike> xerophyte: then yes
<xerophyte> with apt-cache search how can i only search apple not applet ??
<spike> xerophyte: I guess the topic says it pretty clearly: "ubuntu-server development discussions | for general support see #ubuntu |"
#ubuntu-server 2006-05-06
<Flannel> hey guys, I'm having problems moving courier(imap)'s mail folder from ~/Maildir to ~/.maildir, Ive switched the paths in /etc/imapd and -ssl, and reloaded them both with the initd script, anywhere else I need to be looking?  my imap clients still look at the old directory.
<neuralis> Flannel: please see the topic. this is a development channel; for support, see #ubuntu.
<Flannel> hmm, when did that change?
<neuralis> that's how it was meant to be since the beginning
<Flannel> right, well, a year ago it was support, or at least claimed to be in the topic. anyway.
<Flannel> I'll then ask why ubuntu's mail utilities use ~/Maildir/ as their default mail paths.
<Flannel> since, it seems like a bug-type thing.
<neuralis> it's probably inherited from debian.
<Flannel> right, except the choice was made to change a few years ago : https://wiki.ubuntu.com/MailStorageStandardisation
<Flannel> so, I don't know if it's just that they've been overlooked, or...
<neuralis> that seems to be an unofficial, non-spec writeup.
<Flannel> fair enough.  I hate that fact about the wiki.
<neuralis> well, Blueprint is pretty good these days; if you're looking for official specs, look there.
<Flannel> is that at launchpad? or..
<neuralis> yeah.
<Flannel> thanks, Ill check it out
<Flannel> and, both chanserv, and the wiki, list this channel as support.  so, you'll want to fix that sooner or later.
<Flannel> anyway, thanks for your time.
<neuralis> sure.
<Plug> With respect to the topic, asking for any kind of server support in #ubuntu will get lost in "how do I get wobbly windows and make wireless go"
<neuralis> that's probably true.
<neuralis> but we don't have the manpower to make this into any kind of a proper support channel.
<xerophyte> if i wanna configrue network card using ifconfig eth0 192.168.1.0  on boot how can i edit /etc/network/interface file
<spike> xerophyte: man interfaces
<xerophyte>  when you setup internet connection share why do you need to install dnsmasq ipmasq  these to packages.. does the forward and masq rule on the iptable good enough to do the work just wondering why  do i need them ??
<neuralis> xerophyte: please take general support questions to #ubuntu.
<J_P> Anyone here use or did use OpenMosix on Ubuntu for setup cluster ?
<J_P> I need setup one cluster with 15 machines, I am using actually debian, but I am like use software more newly, so I think in use ubuntu for this, anyone haz experience with this ?
<neuralis> openmosix requires a 2.4 kernel. ubuntu+2.4 can be tricky -- i wouldn't recommend trying it unless you really know what you're doing.
<J_P> neuralis: you don't recommend use ubuntu as cluster or what ?
<neuralis> J_P: no, i'm just telling you that it's not a task for someone who's not experienced.
<infinity> J_P: Note that as of edgy, we don't intend to support kernel 2.4 on any arch in glibs.
<infinity> glic, even.
<infinity> We already only support it on i386 at this point.  The rest are 2.6-only.
<infinity> Argh.  G-L-I-B-C.  Stupid fingers.
<neuralis> infinity: seriously. it's 2006, you'd think we'd be able to jack a firewire cable into the back of our necks already.
<ivoks> openmoxis has 2.6 version
<ivoks> and very very slow development
<neuralis> ivoks: it's (pre)alpha.
<ivoks> it's good tool, but they need to catch up
<ivoks> neuralis: i know, i tried to use it
<ivoks> i have 60 node openmosix cluster
<ivoks> and i'm planing a switch to something else
<neuralis> ivoks: yeah, we had that conversation
<ivoks> ivan :)
<nictuku> so, when will we have an annoucement about "Oracle certifies Ubuntu Server" ? :-)
<neuralis> ivoks: there you go ;)
<ivoks> hehe
<neuralis> J_P: look at openssi (http://openssi.org); there are packages for sarge, and dapper packages are in the works.
<ivoks> they are? :)
<neuralis> yeah. most of the userspace is ported to dapper already.
<ivoks> glad to see you are stil among us, neuralis :)
<neuralis> eh, vaguely
<ivoks> time for bed...
<ivoks> see you
<neuralis> ivoks: i'll be in zagreb after may 27, let's get a drink
<ivoks> or two :)
<neuralis> good deal.. g'night
<ivoks> bye
<pygi> neuralis: we've got someone that wants to implement n-a as part of SoC *but you probably already know it*
<nictuku> what's SoC?
<neuralis> summer of code.
<neuralis> pygi: i saw the post on u-d, haven't heard anything else about it
<pygi> neuralis: yup, mithrandir will write a response tommorow
<neuralis> cool.
<pygi> hopefully he is skilled enough
#ubuntu-server 2006-05-07
<neuralis> well, it's probably a month's work for a very talented developer
<neuralis> so if someone spends an entire summer on it, he should have a comfortable margin for error
<pygi> yup, we've already talked about it
<neuralis> yeah, time to take a nap. take care.
<pygi> night neuralis
<Plug> What's n-a?
<lionelp> network authentication
<J_P> neuralis: I am not have much experience with Linux cluster, but I am studyng to have :-)
<J_P> neuralis: well, so you don't recommend use ubuntu with openmosix beocuse need 2.4 right ? So is better use openmosix + 2.4 in sarge right ?
<infinity> J_P: dapper+2.4 will work fine on i386.  For other arches, it won't work at all.
<infinity> J_P: If your whole cluster is i386, go ahead and use dapper... Keep in mind that you need modutils (not installed by default) to use modular 2.4 kernels...
<J_P> infinity: hummm well, my cluster will be amd k7, p4 and amd64 ...
<infinity> Right, the amd64 machines won't run 2.4 on dapper, at all.
<infinity> Though, I suspect they may not run it on sarge either.
<infinity> Unless you intend to use 32-bit kernels on them.
<J_P> infinity: so There aren't solution for linux cluster kernel 2.6  ?
<infinity> Probably lots (I'm not a cluster guy, I recommend asking maswan), just not likely to be OpenMosix.
<J_P> infinity: thanks man!
<Plug> I'm intrigued to see a rc.local in Ubuntu Server
<Plug> that was a useful redhatism that Debian lost
<ajmitch> afternoon
<nictuku> Plug, that will be avaliable in ubuntu 6.06
<Plug> yeah, i'm running the preview
<J_P> why ubuntu server will have /etc/init.d/rc.local and /etc/rc.local ?
<J_P> why not equal as debian ?
<fabbione> Plug: it's already there
<fabbione> bah these are all FAQ
<fabbione> clearly you need to have ini.d/rc.local to run rc.local
<Plug> sorry fabbione, i'm intrigued to see that there is one, not "I'd like to see one there"
<fabbione> oh ok
<fabbione> i misunderstood your wording
<ajmitch> must be the accent
<fabbione> i blame gkt
<fabbione> gtk
<fabbione> ajmitch: so... did you put your hands on the T2000 ?
<ajmitch> yes, but I still need to take photos for you
<Plug> Isn't that a Terminator? :)
<ajmitch> 4 of them lined up in the racks
<fabbione> ajmitch: eheh neat...
<fabbione> ajmitch: did you install Linux???
<ajmitch> of course
<fabbione> or are you still running slowlaris?
<fabbione> eheh
<fabbione> cool
<ajmitch> I said I got ubuntu on there last wednesday :)
<fabbione> oh right
<Plug> is the T2000 the one that Sun send you for freE?
<ajmitch> and found the installer unbearably slow with the console through ALOM
<fabbione> Plug: yeah that kindof box
<fabbione> ajmitch: that's an hw design issue
<ajmitch> I know
<fabbione> ajmitch: already discussed with sun
<fabbione> ah ok
<fabbione> ajmitch: where are they hosted again?
<fabbione> what uni
<ajmitch> just with ncurses visibly repainting the whole screen, it was a good exercise in patience
<ajmitch> otago uni, NZ
<fabbione> ajmitch: ahah yeah
<ajmitch> we had linux.conf.au here this year
<fabbione> right
<ajmitch> just got ubuntu on 1 so far, will get it on another this week
<fabbione> did you try raid install?
<ajmitch> not hardware raid
<fabbione> i didn't even check how to make hw raid
<fabbione> that's something to test
<fabbione> i mean software raid
<ajmitch> currently just using 1 disk, ran into a problem on sw raid in partitioning that I have to report
<fabbione> what problem?
<fabbione> i know what problem you found
<ajmitch> that it didn't let me create a raid partition on the 2nd disk for no obvious reason
<fabbione> ahhaha
<fabbione> wrtong
<fabbione> the problem is that md/lvm overwrites the first 512bytes of the disk
<fabbione> that is BAD on sparc
<fabbione> so the installer blocks you to create a raid/lvm partition as first partition on the disk
<fabbione> it is for your own sake
<fabbione> so what you do:
<ajmitch> interesting
<fabbione> leave a 1MB partition empty at the beginning of the disk
<fabbione> on both disks
<fabbione> say sdX1
<fabbione> sdX2 bacomes a 200MB /boot
<fabbione> sdX3 lvm ro wahtever
<fabbione> note that /boot can be on raid1 now :)
<fabbione> i fixed that at easter
<fabbione> :)
<fabbione> but the first partition is limited
<ajmitch> excellent, thanks :)
<fabbione> there is really nothing i can do about it :(
<ajmitch> doing the partitioning does take awhile in the installer
<fabbione> ajmitch: btw did you figure out how to make hw raid?
<ajmitch> probably best if I can just use fdisk
<ajmitch> no, I haven't found that out yet
<fabbione> ajmitch: well you can.. but it's better if you do it with the partitioner
<fabbione> ajmitch:  i will not ensure a mixed install
<ajmitch> alright
<fabbione> also note..
<fabbione> there is an interesting issue with OBP/silo interaction when booting from a raid device
<fabbione> i *think* i did fix it
<fabbione> basically you might see an error on boot that says that "$random_numer is not elf executable"
<fabbione> it looks like tha OBP keeps in it's data structure to boot for diskX
<fabbione> when with a rait /boot you need to tell the OBP to boot from diskX:$partition
<fabbione> the weird thing is that i got this issue in both direction
<fabbione> meaning that i had diskX:$partition and i had to revert to disk
<fabbione> it's probably OBP version dependent
<fabbione> but i don't have enough OBP's around to make that sure
<fabbione> (all of these is going in the release notes.. there is no way i can get it properly fixed for dapper=)
<ajmitch> at the moment I'm hampered with the machines with lack of decent net access
* ajmitch will put all the various things about it on a blog or similar :)
* neuralis got the 8-core, 8gb ram t2000 yesterday
<ajmitch> what's currently working with the hypervisor on the niagara? I saw something mentioned about xen, but haven't looked into it much
<ajmitch> neuralis: nice
<neuralis> SunOS gawain 5.10 Generic_118822-20 sun4v sparc SUNW,Sun-Fire-T200
<neuralis> ubuntu installation pending, after we're done with solaris benchmarks
<fabbione> tsk
<fabbione> http://www.stdlib.net/~colmmacc/category/niagara/
<fabbione> http://www.stdlib.net/~colmmacc/mv-res.html
<fabbione> here are your benchmarks
<fabbione> now .. go install ubuntu
<ajmitch> heh
<ajmitch> tune it, and watch it fly :)
<fabbione> there is a reason why the guy did not tune it
<fabbione> raw benchmarks out of the box is what most users will get because they do not know how to tune it
<neuralis> fabbione: we're having benchmarks done by a guy who wrote his thesis on large-system benchmarking, so i'm curious what his tools will come up with
<fabbione> neuralis: fair enough :)
#ubuntu-server 2007-04-30
<foo> I am trying to mount a partition on fiesty. I want to mount, say, /dev/sdb1 to tmp. So, I do vol_id -u /dev/sdb1 .. take that, then I plug it into fstab like: <whatever vol_id returned here> /tmp ext3 defaults 0 0 - right?
<Scunizi> I have a "permission" problem on a file I copied from my server's ftp directory to the /var/www directory. It's a mov file.  Does it need execute permisssions to play it from FF?
<Scunizi> permissions are currently -rwxr-x--x
<dj-fu> Anyone familiar with apache? I'm trying to do AliasMatch ^/~(.*) /var/www/virtual/$i/htdocs/
<dj-fu> but can't seem to get it going.
<mralphabet> Scunizi: sounds like you need to properly set the mime type so firefox knows it needs to play the file, but seeing as this isn't the apache support group . . .
<dj-fu> uh
<dj-fu> stupid question
<dj-fu> I just deleted all of /etc/apche
<dj-fu> /etc/apache2
<dj-fu> which package creates the directory structure in there?
<TTT_Travis> anyone here know anything about using PAM
<TTT_Travis> I am using Samba + Winbind + PAM to authenticate a ubuntu client to my Active Directory 2003 server, I am trying to figure out how to make PAM generate a kerberos TGT at login
<maek> is there a way to see the compile time options of a given pkg?
<levander> I just removed a network card from my machine that was eth0 and I'm using the other card that was (and still is) eth1.  Anyone know how to change it so that the one card that's still in there is now eth0?
<ajmitch> see /etc/iftab, it maps mac address to interface name
<levander> interesting, even though eth1 is working, it's not listing in iftab
<levander> know how I regenerate that file?
<ajmitch> what does the kernel detect the interface as?
<levander> Well, dmesg reports that it sees this network card as eth0
<levander> eth1 doesn't show up till the very last few lines of the dmesg output
<levander> where it says "eth1: link is not ready" and seems to fail bring up a connection
<levander> I've seen a couple of ubuntuforums posts suggesting to remove eth0 from iftab, reboot and see if it's regenerated correctly, gonna try...
<levander> bbl
<levander> Well, I took that line outta /etc/iftab and rebooted.  My NIC is now eth0.  But, iftab was not regenerated.  It's just blank.  
<levander> Do I just not need that file?
<ajmitch> no, you don't really
<levander> my OCD though, don't wanna just blank out a system file
<`6og> the file doesnt need to be there, so if its blank it doesnt matter
<levander> yeah, okay
<levander> i'm looking at a launchpad bug that says they're going to stop using that file altogether in feisty anyway
<levander> which i'm just about to upgrade to
<levander> Okay, great.  My NIC seems all good as eth0, with a blank /etc/iftab.
<levander> Now, where can I check to see if my Marvell Yukon 88E8053 NIC is supported in Feisty?  It was in Dapper and wasn't in Edgy (you had to d/l a driver from the manufacturer's web site and compile it).
<Scunizi> apt-get upgrade is holding back an upgrade to a new kernal.  From 2.6.15.24 to 2.6.15.26.  Does this mean I did something inadvertently to hold it back or should this new kernal not be installed?
<ivoks> dist-upgrade
<Scunizi> k.. I'll try
<ivoks> upgrade will not install new packages; dist-upgrade will install new packages if needed
<Scunizi> Thanks... dist-upgrade won't take it from DApper to edgy will it?
<Scunizi> I know.. nOOb questions.  The learning curve is steep sometimes.
<ivoks> nope
<Scunizi> Thanks.
<ivoks> dist-upgrade will only work with that what's in sources.list
<ivoks> if there is dapper only, then it will dist-upgrade to dapper
<Scunizi> That makes sense...
<ivoks> same thing is with upgrade
<ivoks> if you have edgy repos in sources.list
<ivoks> both upgrade and dist-upgrade will install packages from edgy
<ivoks> first will only upgrade exsisting packages, sencond will install full edgy system
<Scunizi> Good to know.. This is a basic Dapper LAMP install I'm playing with on the lan via ssh.
<sahafeez> if i want to have syslog as the centeral msg receiver for my network, i just need to edit the init.d file for it an add -r to let it listen, correct?
<ivoks> i wouldn't edit init.d files
<ivoks> you have /etc/default/syslogd
<ivoks> and there is exactly the thing you need :)
<sahafeez> hum, i do not see that dir
<sahafeez> just looked
<sahafeez> is it created by default on the install
<ivoks> it's a file
<ivoks> oh... dapper doesn't have it
<sahafeez> lets backup, i have no /etc/default dir...on 7.04
<ivoks> you must have /etc/default
<sahafeez> i do not
<ivoks> it is created by default, during install
<sahafeez> hum. once sec. i should learn how to type
<ivoks> it's in base-files package
<sahafeez> ok, found it. it is like the rc.conf.local on bsd. do not edit the defaults, put it here. ok, cool. called by the init script
<ivoks> right
<ivoks> it is easier to upgrade it afterwards
<sahafeez> makes sense. thanks. hum, do i need to setup a logger for a remote device or will it be dumped into * by default
<ivoks> never tried that, but i guess it will go under *
<sahafeez> cool it works
<sahafeez> now i need to see how to create a device for it as i do not want it all in *
<sahafeez> thanks!
<ivoks> np
<h4wk0> Why is my apache idle using so much memory?
<shawarma> Probably because it's there.
<shawarma> if there's plenty of memory available, it'd be a waste of time to swap it out.
<shawarma> h4wk0: ^^
<h4wk0> So other programs will take proity over it?
<shawarma> h4wk0: That's one way to put it.
<shawarma> Sort of.
<h4wk0> shawarma; http://www.b4tch.co.uk/info/
<h4wk0> My sysinfo
<shawarma> anything in particular I should see?
<h4wk0> Physical Memory usage
<h4wk0> And the breakdown
<shawarma> Well, it looks like you've got 318 MB free memory.
<shawarma> Which means you've got plenty of RAM available.
<h4wk0> 636 used on nothing so it seems, got a bnc, ircd, services - apache ftp mysql postgre webmin
<h4wk0> main processes
<shawarma> mysql can easily take several hundred megabytes of RAM. Apache probably somehwere around the same depending on what sort of modules you've got loaded.
<shawarma> As I said: It's completely and utterly pointless to waste time on removing stuff from RAM, when there's plenty of free space.
<shawarma> The only thing it will do is make it slower to use it the next time you need it.
<shawarma> I have idea how That Other OS[tm]  does this, but I'd be surprised if they did it differently. If they do, they're even sillier than I thought.
<shawarma> Er.. I have *NO* idea how...
* shawarma wanders off for a little while
#ubuntu-server 2007-05-01
<PF|WSTP> Im trying to set up Squid proxy server
<PF|WSTP> Went through, did what the documentation said
<PF|WSTP> changed to 3128 port to 8888
<PF|WSTP> but still cant access the proxy server
<ivoks> did you start it?
<PF|WSTP> and restarted it
<ivoks> and is running?
<PF|WSTP> indeed
<ivoks> telnet localhost 8888 is ok?
<ajmitch> connection refused? acl errors? what do you mean by can't access?
<PF|WSTP> sec
<PF|WSTP> ERROR
<PF|WSTP> The requested URL could not be retrieved
<PF|WSTP> The following error was encountered:
<PF|WSTP>     * Invalid Request 
<ajmitch> right, so squid is running & giving errors back to the browser
<PF|WSTP> yes
<PF|WSTP> i have a hunch my ISP may be blocking it
<PF|WSTP> Generated Mon, 30 Apr 2007 22:38:07 GMT by server.lexcominc.net (squid/2.6.STABLE5)
<PF|WSTP> Lexcom is my ISP
<ajmitch> ah
<PF|WSTP> i tried 3128 and 8888
<PF|WSTP> changed, restarted, tried
<PF|WSTP> changed, restarted, tried
<PF|WSTP> no dice
<PF|WSTP> https://help.ubuntu.com/6.10/ubuntu/serverguide/C/squid.html
<PF|WSTP> im following that guide
<ivoks> squid is on computer from which you are browsing?
<PF|WSTP> no
<PF|WSTP> it's at my house
<PF|WSTP> ive got the ports forwarded too
<ivoks> oh, proxy over NAT...
<PF|WSTP> it's a test server
<PF|WSTP> old HP box sitting in my living room
<PF|WSTP> got it hooked into my router
<PF|WSTP> forwarded though
<ivoks> squid has logs
<ivoks> check them out
<PF|WSTP> command?
<ivoks> log is a file
<PF|WSTP> oic
<ivoks>  /var/log/squid/cache.log
<PF|WSTP> k
<PF|WSTP> checking
<PF|WSTP> do i need to bind an ip/port on squid?
<ivoks> squid binds on port, not other way around
<PF|WSTP> it said something similar to "starting HTTP on 0.0.0.0 port 3128
<ivoks> meaning it listens on port 3128 on all IPs
<PF|WSTP> ok
<ivoks> and you are proxy for whole internet :D
<ivoks> very soon your IP will get blacklisted :)
<PF|WSTP> huh?
<PF|WSTP> oh
<PF|WSTP> gonna take care of that soon
<PF|WSTP> just trying to set it up now
<PF|WSTP> actually
<PF|WSTP> i just killed Squid
<PF|WSTP> thanks for the help though
<dj-fu> Hi there
<dj-fu> anyone familiar with chrooting apache in Ubuntu?
<h4wk0> http://www.linux.com/article.pl?sid=04/05/24/1450203
<dj-fu> well, that was entirely uselss
<dj-fu> thank you for nothing
<h4wk0> well seeing as it took me two minutes to find a article on ubuntu forums.. and with that respone from above
<dj-fu> anyone familiar with mod_chroot / mod_security for apache in Ubuntu?
<fumbalah> Hi, I'm having trouble getting the disc to boot, i keep getting a cant access tty error
<fumbalah> I found a solution, but i'm not having much luck finding a way to tell grub to boot /dev/hda1
<foo> Hm, it is possible that 1 query can hit the disk 100%, right? (eg. disk utilization, as reported by iostat -dkx)
<Skaag> hi guys
<Skaag> I have a debian box I want to replace with an ubuntu server box
<Skaag> can I do this without erasing the data?
<Skaag> I mean install the software on top of the drives, without formatting
<PinkFloyd> someone help me with setting up VSFTPd?
<r00tintheb0x> sure
<r00tintheb0x> whats the prob PinkFloyd ?
<PinkFloyd> Trying to set it up where I can login to it
<PinkFloyd> Disabled anon only
<PinkFloyd> is there a users file or something?
<r00tintheb0x> hmm.
<r00tintheb0x> oh, not IRCd FTPd.
<r00tintheb0x> You dont want to use ProFTPD?
<PinkFloyd> i just followed the guide :/
<PinkFloyd> https://help.ubuntu.com/6.10/ubuntu/serverguide/C/ftp-server.html
<PinkFloyd> is that one better?
<r00tintheb0x> well
<r00tintheb0x> its easier to configure
<PinkFloyd> ok
<PinkFloyd> I'll get it then
<r00tintheb0x> you can just install it, and whenever you create a user
<PinkFloyd> is it in the Ubuntu reps?
<r00tintheb0x> they have a ftp login
<r00tintheb0x> and the root of the ftp server is their /home/user directory.
<r00tintheb0x> ye
<PinkFloyd> oh good
<r00tintheb0x> yep :)
<PinkFloyd> it's like what I use on my shell
<r00tintheb0x> super simple.
<PinkFloyd> good good
<foo> Not as super simple as this!
* foo pulls out pop guns and pops r00tintheb0x 
<PinkFloyd> haha
<r00tintheb0x> LOLO
* r00tintheb0x stabs foo
<r00tintheb0x> whats up brothern!
<PinkFloyd> r00tintheb0x
<PinkFloyd> is ProFTPD in the ubuntu reps?
<r00tintheb0x> yes
<PinkFloyd> ok
<r00tintheb0x> Version: 1.3.0-9ubuntu0.1
<r00tintheb0x> "aptitude show proftpd"
<PinkFloyd> oh
<PinkFloyd> it's on the CD
<PinkFloyd> :)
<r00tintheb0x> it may be.
<PinkFloyd> it is
<PinkFloyd> my CD-ROM spooled up
<r00tintheb0x> I'd use the one online though, its newer probably.
<PinkFloyd> I can upgrade it if need be
<r00tintheb0x> hey foo, you want a login to my torrentflux?
<PinkFloyd> inetd or standalone?
<r00tintheb0x> sure thing PinkFloyd 
<r00tintheb0x> standalone
<PinkFloyd> 1.3.0-21ubuntu1
<PinkFloyd> that's the version on it i think
<PinkFloyd> ok it's installed
<PinkFloyd> now what... >_>
<r00tintheb0x> /etc/init.d/proftpd restart
<r00tintheb0x> then whenever you add a user, it adds a ftp account.
<r00tintheb0x> for instance 
<r00tintheb0x> my user is mike.
<r00tintheb0x> so mike is my ftp username, and my login password for my machine is my ftp password.
<PinkFloyd> oh
<PinkFloyd> ok good
<r00tintheb0x> and my FTP root is /home/mike
<PinkFloyd> my shell acts the same way
<r00tintheb0x> :)
<r00tintheb0x> right
<PinkFloyd> it's a FreeBSD box
<r00tintheb0x> same login info as the shell
<PinkFloyd> ok cool
<PinkFloyd> but
<PinkFloyd> got an error
<r00tintheb0x> what error.
<PinkFloyd> IPv6 getaddrinfo 'server.lexcominc.net' error: Name or service not known
<PinkFloyd> lexcominc is my ISP
<r00tintheb0x> something along the lines of "r00tinthebox needs a cig"?
<r00tintheb0x> yeah ignore that pink.
<PinkFloyd> ok
<r00tintheb0x> it'll still work.
<PinkFloyd> thanks a lot :)
<r00tintheb0x> root@malakai:~# netstat -l
<r00tintheb0x> do a netstat -l
<PinkFloyd> is there a certain port I need to use?
<r00tintheb0x> and it'll show you what services are lisening.
<r00tintheb0x> /etc/proftpd/proftpd.conf = the config file.
<r00tintheb0x> brb
<Skaag> r00tintheb0x: do you know if you can install ubuntu-server 7.04 on top of a drive that has data in it, without formatting?
<Skaag> oh ok
<r00tintheb0x> Skaag, i'll answer in a minute.
<r00tintheb0x> brb
<PinkFloyd> ftp, ssh, bootpc, 192.168.1.5:ntp, *:ntp, my mac addy, ip6-localhost:ntp, *:ntp
<PinkFloyd> that's netstat resultes
<PinkFloyd> i made an ntpdate crontab to sync up the clock
<PinkFloyd> got it from the server guide also >_>
<r00tintheb0x> ok Skaag 
<r00tintheb0x> Skaag, you mean... like on your windows drive?
<r00tintheb0x> Yes.
<Skaag> no i have a box that had debian on it
<Skaag> I want to replace debian with ubuntu-server
<r00tintheb0x> on
<r00tintheb0x> lol
<r00tintheb0x> i've done it, it depends on how good you are with hacking at linux.
<r00tintheb0x> gettin things to work when they're broken.
<Skaag> well the drives went bork
<Skaag> that is, corrupt, not physically broken
<Skaag> during the last debian update to etch
<Skaag> something went wrong with the e2fslibs
<PinkFloyd> r00tintheb0x, is there anything you can recommend for me
<PinkFloyd> Im playing around with Server Edition
<r00tintheb0x> ok back
<r00tintheb0x> sorry Skaag.
<r00tintheb0x> what were you asking again?
<r00tintheb0x> oh
<r00tintheb0x> debian >> ubuntu
<Skaag> install over existing data
<r00tintheb0x> yeah, ive done it... a clean install is always best.
<PinkFloyd> r00tintheb0x, is there anything you can recommend for me
<PinkFloyd> Im playing around with Server Edition
<r00tintheb0x> Yeah man, i just reinstalled my server today http://www.rootinthebox.com
<r00tintheb0x> hold on, i'll get you the link i used.
<r00tintheb0x> PinkFloyd, http://www.digg.com/linux_unix/The_Perfect_Setup_Ubuntu_Feisty_Fawn_Ubuntu_7_04
<r00tintheb0x> no wait
<r00tintheb0x> wrong link
<r00tintheb0x> http://www.howtoforge.com/perfect_setup_ubuntu704
<PinkFloyd> ive got Feisty Desktop too ;)
<r00tintheb0x> there you go.
<r00tintheb0x> what one are you running
<r00tintheb0x> desktop or server?
<PinkFloyd> both
<PinkFloyd> Im working on Server now
<PinkFloyd> 2 different computers
<PinkFloyd> Desktop isnt on my router right now, Server is
<foo> r00tintheb0x: What's up = just troubleshooting some mysql stuff, finally got this figured out ... after a few weeks, it feels good. 
<foo> hehe
<r00tintheb0x> cool man.
<r00tintheb0x> im working on MySQL database replication.
<r00tintheb0x> fun fun.
<r00tintheb0x> cool pink.
<r00tintheb0x> The Perfect Setup is a great guide to get some basics working.
<r00tintheb0x> PinkFloyd, http://www.howtoforge.com/perfect_setup_ubuntu704
<PinkFloyd> got it
<foo> r00tintheb0x: Nice, what kind? 
<PinkFloyd> r00tintheb0x, do you know of CPanel is free or costs?
<foo> PinkFloyd: It costs
<PinkFloyd> oh
<foo> PinkFloyd: Knowing r00tintheb0x, he'd tell you to use webmin.
<PinkFloyd> this guide recommends ISPConfig
<r00tintheb0x> foo, mysql
<PinkFloyd> I'll test webmin
<r00tintheb0x> lol
<r00tintheb0x> foo, what do you mean what kind.
<r00tintheb0x> PinkFloyd, dont use ISPconfig
<foo> r00tintheb0x: What kind of setup
<PinkFloyd> ok
<r00tintheb0x> i use webmin + virtualmin GPL
<PinkFloyd> r00tintheb0x: Is there a way I can set up a hostname for my box to where I dont have to use the IP everytime?
<r00tintheb0x> oh, primary and secondary oracle/sql servers with HA failover and replication.
<r00tintheb0x> :)
<r00tintheb0x> PinkFloyd, lemme log into my server real quick.
<r00tintheb0x> hold on.
<PinkFloyd> ok
<PinkFloyd> I actually need to reset my router
<foo> r00tintheb0x: oracle? Nice
<PinkFloyd> I had more computers on it, but they're gone now
<foo> r00tintheb0x: What's HA? 
<PinkFloyd> this computer has .2, server has .5
<PinkFloyd> with no other computers, lol
<r00tintheb0x> high availability 
<r00tintheb0x> (spelling
<r00tintheb0x> foo, http://www.linux-ha.org/
<r00tintheb0x> all about redundancy!
<r00tintheb0x> :)
<PinkFloyd> r00tintheb0x: If it helps, I chose LAMP on install
<r00tintheb0x> yeah, thats what i do too PinkFloyd 
<r00tintheb0x> PinkFloyd, you need to change /etc/hosts
<r00tintheb0x> and...
* r00tintheb0x checks what else.
<PinkFloyd> so add in
<r00tintheb0x> /etc/hostname
<PinkFloyd> "127.0.0.1     name"
<PinkFloyd> ?
<foo> r00tintheb0x: so, master/slave setup? Or, master/master ?
<r00tintheb0x> primary & failover.
<r00tintheb0x> connected w/ a serial cable.
<r00tintheb0x> and CAT5.
<foo> You have some hardware inbetween there?
<r00tintheb0x> PinkFloyd, you're just trying to change your hostname right?
<r00tintheb0x> foo, 
<r00tintheb0x> no, just two servers.
<PinkFloyd> yeah
<r00tintheb0x> if one goes down, the other takes over.
<r00tintheb0x> :)
<PinkFloyd> so i dont have to enter the dang IP all the time
<r00tintheb0x> PinkFloyd, "hostname whateveryourhostnameis"
<r00tintheb0x> do it like that.
<PinkFloyd> Do I need to have a specific host or can I just make one up to use
<r00tintheb0x> oh, you need to add it to your other machines /etc/hosts file.
<r00tintheb0x> like... 
<r00tintheb0x> hold up
<r00tintheb0x> i'll pastebin it for you
<PinkFloyd> k
<r00tintheb0x> PinkFloyd, 
<r00tintheb0x> http://pastebin.ca/raw/466706
<r00tintheb0x> 172.16.30.60    malakai.petris.com      malakai
<r00tintheb0x> thats the format
<r00tintheb0x> so you'd do like.
<PinkFloyd> so id put 192.168.1.5
<r00tintheb0x> 192.168.0.100  yourhostname.localhost yourhostname.
<r00tintheb0x> yeah.
<PinkFloyd> k
<r00tintheb0x> :)
<PinkFloyd> ok
<PinkFloyd> i put
<PinkFloyd> 192.168.1.5     box
<PinkFloyd> would that work?
<r00tintheb0x> yeah
<r00tintheb0x> if you ping box.
<r00tintheb0x> it'll resolve to that IP
<PinkFloyd> ok good
<PinkFloyd> simpler now
<r00tintheb0x> /etc/hosts = a mini-dns server kinda
<r00tintheb0x> :)
<PinkFloyd> ah ok
<PinkFloyd> and...hostname?
<r00tintheb0x> umm
<r00tintheb0x> look
<r00tintheb0x> paste me the IP's and hostnames you want.
<r00tintheb0x> and i'll make you a /etc/hosts file.
<r00tintheb0x> :)
<PinkFloyd> <r00tintheb0x> /etc/hostname
<PinkFloyd> no i mean that
<r00tintheb0x> oooh
<r00tintheb0x> /etc/hostname is the hostname of each individual machine.
<PinkFloyd> editing now
<PinkFloyd> do i need to add the same thing?
<PinkFloyd> 192.168.1.5   box
<r00tintheb0x> Ok
<r00tintheb0x> 1st. how many machines do you have.
<r00tintheb0x> B. what are their names
<PinkFloyd> in all?
<r00tintheb0x> i.e. mine is malakai.
<r00tintheb0x> and 3.
<r00tintheb0x> what are their internal IP's
<PinkFloyd> all of my computers?
<r00tintheb0x> the ones your assigning hostnames to.
<r00tintheb0x> the 3 or whatever
<PinkFloyd> just the server
<PinkFloyd> for right now
<PinkFloyd> box
<r00tintheb0x> ok
<r00tintheb0x> type
<r00tintheb0x> at the bash prompt
<r00tintheb0x> what do you want to call it?
<PinkFloyd> i put in "192.168.1.5    box"
<PinkFloyd> in the hostname file
<r00tintheb0x> "hostname exit out of the hosts file without saving.
<r00tintheb0x> if you make a mistake you could REALLY sc5rew things up.
<r00tintheb0x> You're going to call your server "box"
<PinkFloyd> yes
<r00tintheb0x> Why not "datawhore" or something
<r00tintheb0x> heh
<PinkFloyd> I'll change it if I come up with something clever
<PinkFloyd> ;)
<r00tintheb0x> ok
<r00tintheb0x> type: hostname box
<r00tintheb0x> then
<r00tintheb0x> hostname.
<r00tintheb0x> w/o the .
<r00tintheb0x> hmm
<PinkFloyd> ok
<PinkFloyd> did
<PinkFloyd> hostname  box
<PinkFloyd> hostname
<r00tintheb0x> it should have replied with box.
<r00tintheb0x> PinkFloyd, http://ubuntuforums.org/search.php?searchid=19226790
<r00tintheb0x> ive gotta do some work
<r00tintheb0x> sorry
<r00tintheb0x> :(
<PinkFloyd> it's ok
<r00tintheb0x_wrk> foo, whats anoter word for quote, or bid.
<r00tintheb0x_wrk> ?
<r00tintheb0x_wrk> foo, foo foo !
<foo> Where do you guys store your server passwords? I have an encrypted vim file, but I know that's not too secure. Gah. What's the best way to do this? 
<Burgundavia> I use LDAP and have a single password
<foo> Nice. I'm talking about root/user passwords for several servers...
<Burgundavia> that is what ldap is for
<Burgundavia> and I don't use root
<Burgundavia> it is a dangerous thing to play with, if you ever have more than one admin
<foo> I typically don't ... and yes, "He who play at root may kill the tree."
<foo> ... but I still have to store passwords somewhere
<foo> heh, I guess ubuntu doesn't have a root password.
<foo> I forgot about that
<Burgundavia> with ldap you only have one password
<foo> I manage some other systems that are a different flavor, gah. 
<Burgundavia> which is easy to store in your head
<Burgundavia> you can auth any unix against an ldap server
<foo> So, you're saying to tie up all the servers to have one central ldap server?
<Burgundavia> yep
<foo> hmmm
<foo> Alright, thanks
<Burgundavia> sso is a life saver
<levander> I've got a bunch of audio files that I want to share between my users.  I don't want them in my HOME directory because I do regular backups of that directory.  Where do they go on the file system?
<levander> I'm thinking in /var somewhere.
<levander> Wow, people really aren't sure where something like that goes: http://ask.metafilter.com/51237/Help-me-pick-the-best-location-for-my-MP3s-on-Linux
<jsgotangco> well you can put them in /opt i guess
<jsgotangco> its actually your call
<levander> I typically put programs that I didn't install from Ubuntu's repositories in /opt.  So that these unmanaged files don't get all mixed up with the managed files...
<levander> I'm look at /var now.
<levander> Web pages that are "kind of" shared between users go in /var/www, so I'm thinking /var
<jsgotangco> you can just pile them up even on /mp3 if you want to, just create your own
<levander> jsgotangco: Yeah, but I'm trying to figure out some kind of UNIX standard way of doing it.
<Skaag> I can't get grub to install on my drive
<Skaag> it's a SATA raid solution
<Skaag> with 4 drives
<Skaag> How do I go about fixing this?
<arturaz> hello. ubuntu-server release cycle is 6 months, right?
<kjaer> I am looking at the employment page. http://www.ubuntu.com/employment#head-9a9627b56fd16e9c958afc0774a78ef29d3c9098
<kjaer> What is the goal ? A wysiwyg setup tool, like yast2 (but better) ?
<kjaer> Hmm, I probably meant a graphical interface instead of a wysiwyg tool.
<ethan> Hi all.  I found a suspected bug on line 47 the /etc/init.d/apache2 on Dapper.   The conditional is if [ $? = 0 ] ; then, and it should probably be if [ $? == 0 ] .  Is this the right place to report this?
<Ries> Hey guys, what tool can I use that can monitor services... in this case apache.... when apache stops responding I want a service to detect it and restart apache...
<h4wk0> Ries; You can use a crontab!
<Ries> I know I can use crontab... but I don't want to write a complete toolset
<Ries> I have monit installed now
<sahafeez> i am trying to confirm something. i setup mrtg on my server, installed via apt. it seem that under ubuntu it is setup by default to run as a cron job ever 5 mins? i am used to setting it up as a daemon
<dj-fu> hey uh
<dj-fu> running feisty, apache 2.2
<dj-fu> I can't seem to see mod_security in apt-cache
<lionel> dj-fu: there is no more mod_security in Debian and Ubuntu
<dj-fu> why not
<lionel> (due to some licensing issues)
<dj-fu> ffs
<dj-fu> is it not free?
<lionel> some files were not allowed to be redistributed
<lionel> let me find the bug
<ajmitch> license incompatibilities
<dj-fu> rage
<dj-fu> can I build it manually, I wonder
<ajmitch> no doubt you can
<lionel> https://bugs.launchpad.net/ubuntu/+source/libapache-mod-security/+bug/19832 for the details
<dj-fu> stupid licensing
<dj-fu> what a pain
<dj-fu> what about
<dj-fu> mod_unique_id ?
<dj-fu> nm
<dj-fu> found it
#ubuntu-server 2007-05-02
<dj-fu> Is there anyway I can tell apt-get to install stuff to a specific directory
<shawarma> no
<dj-fu> heh
<dj-fu> sweet
<shawarma> that would violate the entire idea of our packaging.
<sahafeez> I added a question to this doc - https://help.ubuntu.com/community/LDAP-Samba_PDC_%28for_Linux_and_Windows%29#preview
<dj-fu> It wouldn't violate my idea of packaging
<dj-fu> being a community focused distro and all
<sahafeez> at the bottom. anyone here have any thoughts as it has not been answered
* dj-fu grudgingly copies all of the installed php files
<dj-fu> s/php/perl/
<shawarma> dj-fu: Just symlink it?
<dj-fu> move it and then symlink to it, symlinking to it is an inapplicable idea unfortunately
<dj-fu> (chroot)
<dj-fu> w00t
* dj-fu rejoices @ apache 2.2, php, perl, mysql in mod_security chroot
<dj-fu> It's a shame that the licensing difficulties are restricting Ubuntu from moving forward, mod_security is pretty gangsta
<r00tintheb0x> hey all
<r00tintheb0x> Anyone know how to keep SSHd from being hammered.
<r00tintheb0x> Like setting a retry timeout?
<pschulz01> I am looking to install an IRC server with SSL. Does anyone here have any preferences? There are the following packages to choose from dancer-ircd, ircd-hybrid,ircd-irc2, ircd-ircu, ngircd, rageircd  
<[miles] > morning guys
<[miles] > I've put apt-proxy on a 6.06LTS server
<[miles] > it's working for the clients that are feisty
<[miles] > but for edgy clients, nope
<[miles] > :-\
<[miles] > any ideas please?
<Kamping_Kaiser> what 'doesnt work' about it?
<[miles] > it just sits there when trying to get the headers
<[miles] > it's connecting
<[miles] > I can do a telnet from the edgy client to the proxy...
<Kamping_Kaiser> drat. dinner. 30-60 minutes and i'll be back
<[miles] > also when I do the update, I can see in the server that netstat shows the tcp connection
<[miles] > np
<[miles] > :)
<[miles] > enjoy
<foo> http://news.com.com/Dell+picks+Ubuntu+for+Linux+PCs/2100-7344_3-6180419.html
<foo> Now if only dell sold servers with ubuntu LTS :)
<[miles] > jeje
<Kamping_Kaiser> [miles] , are you sure your sources are set correctly for edgy on the apt-proxy/client, and are you sure the mirror your pointing to is currently online/working?
<[miles] > yep
<[miles] > there correct
<Kamping_Kaiser> so if you let the edgy system connect directly to the repository it works/
<[miles] > nod
<[miles] > it just waits for headers on the client
<[miles] > and it's not logging anything to the server
<[miles] > it's real weird
<Kamping_Kaiser> that is odd - works connected directly to the repository, but not the proxy
<[miles] > nod
<[miles] > sorry, it's dapper clients, not edgy
<[miles] > that fail
<[miles] > mmm
<[miles] > http://pastebin.ca/467071
<[miles] > :O
<Kamping_Kaiser> hm. bug of some sort perhaps. are you doing fancy stuff with custom python packages?
<[miles] > mmm nope 
<[miles] > any good alternative to apt-proxy ?
<Kamping_Kaiser> A. try reinstalling it, and or B, have you checked its log files?
<Kamping_Kaiser> if you have anotehr 'normal' proxy use it, but not sure about apt-proxy replacemnts
<[miles] > nope, don't have a normal proxy
<[miles] > real weird init
<[miles] > I'll reinstall it
* Kamping_Kaiser tries to work out hwo to use gpg-agent
<[miles] > nope.. 
<[miles] > it still dumps that python bug in the logs
<[miles] > damn it
<Kamping_Kaiser> filea  bug.
<[miles] > gonna have to I guess
<[miles] > so strange :-|
<[miles] > I'm asking in #apt-proxy also
<[miles] > see if they come up with anything
<Kamping_Kaiser> good idea
<[miles] > then I'll file a bug
<[miles] > but... coffee and smoke calls me...
* [miles]  pisses off to the bar
<[miles] > ;)
<[miles] > bbiab
<Kamping_Kaiser> :)
<[miles] > https://bugs.launchpad.net/ubuntu/+source/adept/+bug/69551
<[miles] > mmm
<[miles] > nope
<[miles] > sorry miss read
* [miles]  needs more c0ff33
<[miles] > BUGGER
<[miles] > found it
<[miles] > https://bugs.launchpad.net/ubuntu/+source/apt-proxy/+bug/66042
<[miles] > Found a work around here:
<[miles] > http://www.ubuntuforums.org/showpost.php?p=1104006&postcount=3
<[miles] > Delete the line
<[miles] > Acquire::http::Proxy "false";
<[miles] > from apt.conf.
<[miles] > For whatever reason, apt-proxy now works just fine from localhost, as well as the second scenario in which it's a different VM on the same machine.
<[miles] > nasty!
<[miles] > nasty nasty!
<Kamping_Kaiser> why does your apt.conf have the false line?
<[miles] > no idea
<[miles] > dapper clients have it
<[miles] > feisty clients dont
* Kamping_Kaiser is sure his clients dont :|
<[miles] > weird, but fixed
<[miles] > now just to get pyzord server setup
<[miles] > lol
<Kamping_Kaiser> anyone know how to undo this? my hdd throws out an error when i try and run a sertain comand - i asume its trying to write to some bit of the hdd it shouldnt. it mounts the drive read only. how can i remount it r/w so its usable again?
<Kamping_Kaiser> and how can i fsc it? will i have to live cd?
* Kamping_Kaiser reboots server for fsk
<[miles] > Kamping_Kaiser: wait
<[miles] > Kamping_Kaiser: it's mounting it read only yeah
<Kamping_Kaiser> hm?
<[miles] > boot it with a live cd
<[miles] > and mount it rw no?
<Kamping_Kaiser> thers a way to remount on the fly, i was thinking someone might know
<[miles] > mount -w
<[miles] > well if the partition is in use, you can't unmount it
<[miles] > obviously
<Kamping_Kaiser> well the kernel managed, so i think i should be able to as well
<[miles] > personally I find the best live cd for shit like this is GRML
<[miles] > then just mount -w /dev/sdaXX /mnt
<Kamping_Kaiser> hm.
<[miles] > nada mas
<[miles] > I would'nt recommend actually having the system running if the HD is giving errors mate
<[miles] > no way jose
<Kamping_Kaiser> i dont have spare 40 gig drives, unfortunately
<[miles] > for what?
<[miles] > I'm saying..
<[miles] > boot a live cd, and then go about finding out whats up with the partition
<Kamping_Kaiser> to replace the one thats failing.
<[miles] > is it genuinlly fucked tho?
<[miles] > do you feel confident it's really got bad errors
<Kamping_Kaiser> no, i think its just a filesystem thing.
<Kamping_Kaiser> since it only does this when it tries writing certain files 
<[miles] > then
<[miles] > do what I said
<[miles] > and fschk it
<shawarma> You can remount stuff with "mount -o remount,ro /dev/whatever /whereeveritsmounted"
<shawarma> (for remounting read-only, of course)
<shawarma> Not all mount options can be changed that way, though.
<mzungu> Hi all, not sure if this is the appropriate chan - but here goes:  i've a dapper server, with a telephony card, and am trying to install bayonne.  I have a customised ver, which compiled no probs on the old server, but i get errors when compiling on dapper - ok, step back - let's try the dapper version - sudo apt-get source bayonne - sudo apt-get build-dep bayonne - and this also has the same failure, which i find strange as surely th
<Kamping_Kaiser> whats the error (and are we missing some of that comment?)
<mzungu> ok - and no, i just meant my q is long ;)
<mzungu> bayonne.h:2084: error: ISO C++ forbids declaration of Conference with no type
<Kamping_Kaiser> so the source downloads ok, but wont build? thats a bug then probably (if its the source from ubuntu)
<mzungu> i understand the error is caused by declaring type out of a block, but that would mean modifying a mass of code
<mzungu> which i can't believe is the case
<mzungu> yeah - i get the same error with both my source and the standard ubuntu source
<Kamping_Kaiser> better file a bug then
<mzungu> :(
<Kamping_Kaiser> :(
<mzungu> i was hoping it was me doing something stupid (usually the case ;) )
<Kamping_Kaiser> from what you describe its not, but i couldnt say for sure ;)
<mzungu> have you tried compiling a std ubuntu source pkg? or anybody on chan? - i figure this must be a common prob
<Kamping_Kaiser> i have built from source yes. quite a few packages.
<Kamping_Kaiser> firefox+thunderbird+hals gui+others
<Kamping_Kaiser> and apt-get build dep app; apt-get source app worked a treat
<mzungu> yeah - i also built the telephony card driver from source with no prob
<Kamping_Kaiser> what release was that?
<mzungu> i wonder if i'm missing a dependancy
<Kamping_Kaiser> i'd bet on yoru compiler myself.
<mzungu> the server? dapper
<Kamping_Kaiser> looks like (to a non-coder) that ISO C++ is being treated differently this time to when it worked
<mzungu> yeah - but i wonder how the binary got into dapper universe?
<mzungu> surely the souce was compiled on dapper?
<Kamping_Kaiser> not sure what the buildd's run, but the packages are meant to be biult in a clean chroot each time
<mzungu> ah well
* Kamping_Kaiser forgets whats the app is called
<mzungu> yes, i saw that - debootstrap?
<Kamping_Kaiser> pbuilder or similar
<mzungu> i think more headscrathing in order before i file a bug report ;)
<mzungu> s/scrath/scratch/
<mzungu> thanks for the help
<maek> how do I restart services in 7.04?
<sahafeez> ... /etc/init.d/serversname restart
<maek> I thought there was some new service manager?
<sahafeez> there is something called launchpad however it is not the default
<maek> ah. thanks. I should have looked before I asked. sorry. I just figured it was all different now.
<slackwarelife> maek: you can use gksu services-admin, or install bum
<sahafeez> what is gksu?
<sahafeez> ah, ok
<maek> oh yeah, bum. I dont have a gui on these boxes though.
<sahafeez> does anyone know anything about the start for ldap changing between 6.x and 7.04
<Nafallo> ehrm... launchpad? :-)
<Nafallo> that's an odd context to see that word in.
<Nafallo> I use sudo invoke-rc.d service action anyway :-)
<slackwarelife> sahafeez: I'm using ldap on a my personal server 7.04  with LDAP e kerberos, I don't find changing, my configuration works fine, I find new gui tool, gtk-authtool to set the clients, but i don'y like it many. 
<sahafeez> thanks.
<kjaer> Are any of you part of the soho server project ? https://wiki.ubuntu.com/UbuntuDownUnder/BOFs/SmallBusinessServer?highlight=%28SmallBusinessServer%29
<shawarma> kjaer: I'm doing SOHObuntu.
<shawarma> Which is kind of the same.
<shawarma> Only it's an SoC project.
<shawarma> kjaer: Hvad da? :-)
<kjaer> Herligt :-)
<kjaer> Jeg s bare at canonical sgte server folk, og tnkte det kunne vre et udemrket arbejde, i sr fordi man kunne arbejde hjemmefra.
<shawarma> English is still the proper language, though. :-)
<kjaer> Roger
<shawarma> Anything in particular you'd like to know?
<ajmitch> hi shawarma 
<shawarma> ajmitch: Ahoy there!
<kjaer> Well, I have used ubuntu to make what is described at that link.
<shawarma> ajmitch: Shouldn't you be on a plane by now?
<ajmitch> hah
<ajmitch> no, I leave tomorrow night
<kjaer> Then I saw http://www.ubuntu.com/employment#head-9a9627b56fd16e9c958afc0774a78ef29d3c9098 , and thought that I could get involved in creating a gui for just that, if canonical would employ me.
<kjaer> But first of all, I wanted to know how far the project is.
<shawarma> The one you linked to was never really done.
<ajmitch> funny
<ajmitch> another one wanting to apply
<shawarma> https://wiki.ubuntu.com/UbuntuEasyBusinessServer on the other hand is going to be done.
<shawarma> ajmitch: Yeah.
<shawarma> Please form a queue behind me. :-)
<ajmitch> shawarma: we'll have to talk about these specs in seville
<kjaer> ajmitch, Plenty of us ?
<ajmitch> so that we don't overlap
* ajmitch is doing plenty of ldap/kerberos related stuff right now
<shawarma> ajmitch: Indeed.
<ajmitch> fds ftw :)
<shawarma> ajmitch: Did you finally mail hr?
<ajmitch> yeah
<shawarma> woot!
<ajmitch> we'll see how long it takes to get a rejection email :)
<ajmitch> anyway, I have to run off to work, back later :)
<shawarma> cheers
<kjaer> :-)
<kjaer> shawarma, What needs to be done, where can I help ?
<shawarma> kjaer: Well, UDS is nex week where we decide what to focus on for the next release.
<kjaer> In Sevilla ?
<shawarma> kjaer: As I said, I'll be doing https://wiki.ubuntu.com/UbuntuEasyBusinessServer . I'll feature a nifty plugin architecture so that you can easily help out once the framework is done.
<shawarma> kjaer: right.
<kjaer> Do you have any thoughts on, how to create the user interface and its tools ?
<kjaer> I really think yast2 is great, since it is both ncurses and graphical. A web frontend, and a curses frontend would be great.
<shawarma> kjaer: It'll be web based (using nevow).
<shawarma> Never used yast.
<slackwarelife> kjaer 
<shawarma> The basic idea is that each plugins define a number of fields that it needs for configuration. These fields will be presented on the web, and the plugin will generate configuration files. The web interface will handle conflicts (in case of manual edits) in a clever way.
<slackwarelife> kjaer: openSuse yast2 ??? Yes it's very good to management clients !!!
<kjaer> slackwarelife, I like that I can ssh into the box, and run yast2 from there. I honestly don't like web frontends for administrivia.
<kjaer> shawarma, I had some of the same ideas.
<shawarma> kjaer: I don't particularly like web frontends for stuff either. I prefer configuration files. But I'm not the target audience. :-)
<kjaer> shawarma, Have you had a look at longhorn home server, or apples equivilant ?
<shawarma> Nevertheless, I've got a ton of stuff I need to have done by tomorrow morning, so /me --> afk
<shawarma> kjaer: Nope.
<kjaer> shawarma, http://www.apple.com/server/macosx/leopard/
<kjaer> They have some nice tools, you could borrow some ideas from.
<shawarma> It's okay to say "steal". :-)
<kjaer> Sure.
<kjaer> But they kind of suck for some things. So don't just copy blindly ;-)
<shawarma> Looks shiny.
* shawarma really goes afk now
<kjaer> http://apcmag.com/5973/preview_gallery_windows_home_server_beta_2
<sahafeez> anyone point out to me why i cannot get phpldapadmin working
<slackwarelife> Sorry, I'm not so expert, but I don't like web php admin interfaces, these require apache and some other modules which are to big for my clients, for example to manager my ldap I use gq, a little front-end gtk based, it's very fast (it is the reason beacuse I like gtk yast2). Sorry :(
* ajmitch wanders back in
<sahafeez> how do i see what version of php apache thinks it is running?
<kjaer> sahafeez, In a php document, you can do <?php phpinfo(); ?> and run it.
<sahafeez> thanks. just figured out that the docs are wrong an i had to enable php in apache 1st ;)
<kjaer> Else you can check in /etc/apache/mods-enabled/ which version is loaded.
<sahafeez> cool
<sahafeez> yes! it works. thanks!
<kjaer> You're welcome.
<sahafeez> is it bad form to edit a doc/howto that someone put up in the help section - or should i just add it as coments at the bottom?
<kjaer> Depends.
#ubuntu-server 2007-05-03
<kjaer> What would you like to edit ?
<sahafeez> https://help.ubuntu.com/community/LDAP-Samba_PDC_%28for_Linux_and_Windows%29#preview
<sahafeez> they forget a few little things, like make sure php is enabled ;)
<kjaer> That should definatly be added to the article.
<sahafeez> ok, doing it now
<sahafeez> ok, is it just me or does that doc above seem to require you to have a root user setup
<sahafeez> ok, i just did something really dumb. i nuked my /etc/group file.
<sahafeez> can anyone pastbin theirs to me less the users.
<Nafallo> hmm
<Nafallo> I should have looked here earlier and mentioned group- :-P
<bigredradio> I'm trying to setup postfix thru webmin. It appears postqueue -p is hanging. Anyone run into this problem?
<Skaag> i've installed mysql-server-5 in my ubuntu server, and I told it to bind to all interfaces
<Skaag> but my other servers can't connect to it
<Skaag> any ideas?
<Nafallo> netstat -ltn | grep whatportmysqluses...
<Skaag> tcp        0      0 0.0.0.0:3306            0.0.0.0:*               LISTEN
<Nafallo> Skaag: firewall?
<ivoks> so, you can telnet to 3306?
<Skaag> yes I can telnet and telnet connects
<Skaag> no firewalls
<ivoks> did you set up a user to be able to conect from other hosts?
<Nafallo> well, I use psql, so have no idea :-)
<Skaag> yes
<Skaag> actually!
<Skaag> ssh to that host does not work as well
<ivoks> not ssh
<ivoks> mysql user
<Skaag> so this now seems more like a general problem
<Skaag> yes there is a mysql user
<Skaag> darkstar is my new ubuntu-server machine
<ivoks> Skaag: does that user has % or localhost for host?
<Skaag> fry can not connect to darkstar 
<Skaag> it has %
<Skaag> (any host should be able to connect)
<ivoks> oh, you said ssh doesn't work also...
<Skaag> yes
<Skaag> they are on the same switch
<Skaag> and there is no firewall
<ivoks> network problem? can you access to you network from that computer?
<Skaag> must be some networking issue
<ivoks> (ubuntu doesn't have ssh service by default)
<Skaag> the world can access both computers, and both can access the world
<Skaag> but not each other
<Skaag> I installed openssh-server
<ivoks> netmask?
<ivoks> can you ping/traceroute/nmap other host?
<Skaag> PING google.com (64.233.167.99) 56(84) bytes of data.
<Skaag> 64 bytes from py-in-f99.google.com (64.233.167.99): icmp_seq=1 ttl=238 time=171 ms
<Skaag> this is for darkstar: inet addr:80.179.151.1  Bcast:80.179.151.255  Mask:255.255.255.0
<ivoks> not google
<ivoks> other host
<Skaag> and this is for fry: inet addr:80.179.151.50  Bcast:80.255.255.255  Mask:255.255.255.0
<ivoks> fry/darkstar
<Skaag> nmap from .50 to .1 correctly lists the open services
<ivoks> Bcast:80.255.255.255 - are you sure you want this?! :)
<Skaag> probably the problem then!
<ivoks> probably not, but still a bad idea
<ivoks> i guess it worked
<Kamping_Kaiser> when running fsck.ext3, is fsck.ext3 -fcvF a good thing to run?
<ivoks> well...
<ivoks> i don't see what harm it can do
<ivoks> except -f
<ivoks> don't fsck mounted volume
<Kamping_Kaiser> i ran with -D and was going 26 hours later, so i thought i'd check
<ivoks> heh
<ivoks> anyway... have a good day :)
<Skaag> i'm back
<Skaag> buggery...!
<Skaag> ok so it was not a problem with the broadcast
<Skaag> I still can not connect from 80.179.151.2-255 -> 80.179.151.1
<Skaag> or the other way around
<dj-fu> lol
<dj-fu> learn2netowrk
<Skaag> teach me oh master
<Skaag> 80.179.151.1 : eth0 = 212.199.212.220 (external nic)
<Skaag> the 80.179.151.1 is on eth1 and is an internal nic
<Skaag> ip_forward = 1
<Skaag> and it works - hosts in the 80.179.151.1/24 network can access the internet, and be accessed
<Skaag> but they can not connect to 80.179.151.1 to services
<dj-fu> is it natted?
<dj-fu> what kind of network are you tryin to setup?
<Skaag> it's not natted
<Skaag> 80.179.151.x is a real network, routed through 212.199.212.220
<dj-fu> ah
<dj-fu> acls, firewalling?
<Skaag> no firewall
<Skaag> no acls
<Skaag> I can ssh from the world to 80.179.151.1
<Skaag> but not from the network
<Skaag> the network can also be ssh'd into
<Skaag> it's just between my ubuntu server and the rest of the boxes on that network
<dj-fu> checked your configure for netmask/network/broadcast settings?
<dj-fu> configuration*
<Skaag> yes they seem fine, I will show them here:
<Skaag>           inet addr:80.179.151.1  Bcast:80.179.151.255  Mask:255.255.255.0
<Skaag> this is for my ubuntu-server box
<Skaag>           inet addr:80.179.151.50  Bcast:80.179.151.255  Mask:255.255.255.0
<Skaag> this is for one of the other boxes
<dj-fu> and network address? configured that?
<dj-fu> nopaste your /etc/network/interfaces
<Skaag> ok
<Skaag> what's a paste server you prefer?
<mzungu> sorry guys - just to jump in - you have a whole class 'c' range?
<Skaag> yes
<mzungu> your mask is for 256 addys
<Kamping_Kaiser> /24
<mzungu> lucky you!
<Skaag> yep
<Skaag> why?
<mzungu> sorry for interupting
<Skaag> that's ok
<mzungu> i thought that was possibly the mistake
<dj-fu> Skaag: rafb.net/paste is fine
<Skaag> http://rafb.net/p/nVMVNY78.html
<Skaag> two files in there
<Skaag> top one is the gateway
<dj-fu> Skaag: put network 80.179.151.0
<dj-fu> in the client configuration at the bottom there
<Skaag> and broadcast?
<ivoks> still network problems?
<ivoks> network 80.179.151.0
<Skaag> yah
<ivoks> broadcast 80.179.151.255
<ivoks> netmask 255.255.255.0
<Skaag> how do I apply this without rebooting the box?
<ivoks>  /etc/init.d/networking restart
<Skaag> will it disconnect me?
<Skaag> ok it did not disconnect me
<Skaag> now what?
<ivoks> check status with ifconfig
<Skaag> looks mostly the same
<Skaag> the client can connect to other clients on the network, by the way
<Skaag> also, it used to be able to connect to this machine before it became an ubuntu-server
<ivoks> so, from other machine you can see open ports on ubuntu server?
<Skaag> yes if I nmap it
<Skaag> if I do networking restart on the ubuntu-server it tells me this:
<Skaag>  * Reconfiguring network interfaces...
<Skaag> SIOCSIFFLAGS: Cannot assign requested address
<Skaag> SIOCSIFFLAGS: Cannot assign requested address
<Skaag>    ...done
<Skaag> I think it does this for the eth1:5 and eth1:6 entries I have in there
<ivoks> Skaag: ok, so you can see open ports on ubuntu-server
<Skaag> and in dmesg, related to this, I get this:
<Skaag> [157270.606962]  eth0: no IPv6 routers present
<Skaag> [157270.756498]  eth1: no IPv6 routers present
<ivoks> Skaag: did you try telneting to those ports?
<Skaag> yah I can see the ports are open
<Skaag> yes, I can telnet but no communication occures
<ivoks> i see...
<Skaag> it accepts the connection and then drops it
<ivoks> could you comment out all other connections except the one you are trying to connect
<ivoks> ie dsiable eth1:x
<ivoks> and leave only eth1
<Skaag> that will stop my mail services :-(
<ivoks> ok
<ivoks> could you then add output of ifconfig somewhere so i could take a look at it?
<Skaag> sure
<Skaag> http://rafb.net/p/HfNufi56.html
<ivoks> and which address doesn't work?
<ivoks> eth1:5?
<Skaag> any of them, from the network
<ivoks> and output of route -n is...? :)
<Skaag> route -n:
<Skaag> http://rafb.net/p/peGt1F12.html
<ivoks> i guess none of your servers trying to connect to ubuntu is on .60-.65
<Skaag> no
<ivoks> this looks ok...
<ivoks> well... tcpdump?
<Skaag> ok
<Skaag> ok I used netcat
<Skaag> nc -l -p 70
<Skaag> I then connected from fry -> darkstar
<Skaag> I type test on fry, I see it in darkstar!
<Skaag> I type ACK on darkstar, I do not see it on fry!
<ivoks> firewall, must be
<Skaag> there are the only rules in the FW:
<Skaag> Chain FORWARD (policy ACCEPT)
<Skaag> target     prot opt source               destination         
<Skaag> DROP       tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:445 
<Skaag> DROP       tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:16536 
<Skaag> the other chains are ACCEPT and empty
<ivoks> this is forward, nothing to do with your problem
<ivoks> and on that non-ubuntu server?
<Skaag> there the FW is completely empty
<Skaag> and all on ACCEPT policy
<[miles] > guys, anyone with a large quanity of spam in one mbox?
<Skaag> I use Maildir
<Skaag> no mbox here
<ivoks> Skaag: could you upload your /etc/network/interfaces?
<ivoks> [miles] : i had, but killed it very nicely
<[miles] > lol
<[miles] > I've just setup a pyzor server
<Skaag>  http://rafb.net/p/nVMVNY78.html
<[miles] > but I need submitters of hashes to it
<ivoks> i do it with postgrey
<Skaag> [miles] : I will be happy to help! I do have tons of spam somewhere
<[miles] > ok
<[miles] > In exchage, u can clear via the server if u wish
<[miles] > one moment
<ivoks> ubuntu is gateway?
<[miles] > ...
<Skaag> yes
<Skaag> clear?
<Skaag> ivoks: yes the gateway is the ubuntu-server
<Skaag> [miles] : let me know how to set it up
<[miles] > ok, back
<[miles] > Skaag: just do a simple : sudo apt-get install pyzor
<Skaag> I already have pyzor
<[miles] > ah
<[miles] > ok
<[miles] > well
<ivoks> Skaag: add network 80.179.151.0 to all your eth1*
<[miles] > do everything as normal user yeah
<Skaag> ivoks: ok sec
<[miles] > mkdir ~/.pyzor
<[miles] > then create a file called ~/.pyzor/servers
<ivoks> Skaag: and broadcast 80.179.151.255
<[miles] > and put in it
<[miles] > 195.77.190.21:24441
<[miles] > then do a
<[miles] > pyzor ping
<[miles] > and tell me the response
<[miles] > 1178200907,Thu May  3 16:01:47 2007,anonymous,212.199.xxx.xxxx,ping,'',200
<[miles] > ok
<[miles] > cool
<[miles] > jeje
<Skaag> miles:
<Skaag> 66.250.40.33:24441      (200, 'OK')
<Skaag> 195.77.190.21:24441     (200, 'OK')
<[miles] > perfect
<[miles] > right, Skaag I'm gonna add authentification to it shortly
<Skaag> [miles] : you want to join forces on a project I am doing called DoNotPost.com? :)
<[miles] > but ftm, it's open ok
<[miles] > Skaag: tell me about it
<Skaag> ok the idea is that on the web page for that project, javascript produces a SHA-1 of your email address
<Skaag> so we never really keep email addresses of people
<Skaag> to this SHA-1 + password, you keep "bits" 
<[miles] > k
<Skaag> such as: age below 18, age below 16, no spam at all, no pills, no pharma, no casino, etc.
<Skaag> then telemarketers can consult us with SHA-1's and get those bits
<Skaag> not really get, just ask the status of a specific bit
<ivoks> and spam whole world? :)
<Skaag> well, look at it this way..:
<[miles] > lol
<Skaag> they ALREADY have your email!
* [miles]  head is spinning
<Skaag> at least if they come and ask, they might not email you
<ivoks> maybe, but i don't get spam
<Skaag> because they don't want complaints
<Skaag> you'r right, I don't get spam either :-)
<[miles] > Skaag: this is your company, NSA?
<Skaag> spamassasin, pyzor, and fuzzyocr are doing a great job
<Skaag> yes
* ivoks will stop helping you :)
<[miles] > Skaag: ok, 1st... lets try this server
<Skaag> ivoks: why? :)
<[miles] > Skaag: jeje, cos I must test it out... also, I'm not the owner of the company I work for.. just a SA and programmer
<[miles] > Skaag: but they're very very open to all my sugestions
<[miles] > Skaag: you have SA and a box full of spam?
* ivoks thinks spamers are worst than pedofils :)
<ivoks> so anyone helping them is spamer too
<ivoks> :D
<Skaag> I have the domain for a long time
<Skaag> I bought it around the time the US presented the DoNotCall law & program, remember that?
<Skaag> but I never really did anything with it
<[miles] > Skaag: can you do a report on your spam, and it should automatically report to my server
<Skaag> how do I do that?
<[miles] > Skaag: ok, you have an IMAP folder or mbox?
<Skaag> a Maildir folder
<[miles] > Skaag: the messages are in indervidual files?
<Skaag> with lots of email files in it
<[miles] > ok
<Skaag> yah individual files.
<[miles] > try this:
<[miles] > pyzor report </some/file
<Skaag> done
<[miles] > yep
<[miles] > worked
<[miles] > so
<Skaag> that's real spam
<[miles] > ok, now
<[miles] > if you have a folder full of it
<[miles] > do that for all the messages
<[miles] > u know I only get the hash yeah...
<[miles] > not the email
<Skaag> yah it's spam anyway who cares :)
<[miles] > ok, now to confirm it registered in our DB
<[miles] > with the same message, do:
<[miles] > pyzor check </that/file
<[miles] > Skaag: I'm just gonna run out to take a coffee.... I'll be back shortly ok
<Skaag> i'm going to report all my files
<[miles] > to my server?
<Skaag> yah
<[miles] > Skaag: ok, thank you
<[miles] > Skaag: can I query u when I come back?
<Skaag> 66.250.40.33:24441      (200, 'OK')     1       0
<Skaag> 195.77.190.21:24441     (200, 'OK')     1       0
<Skaag> what does this mean?
<[miles] > that means it registered in both servers
<[miles] > the message
<Skaag> sure man and my email is skaag@skaag.net if you ever need any help with this!
<Skaag> in case i'm not here when you'r back
<[miles] > ok nice
<[miles] > lionel: dude, wake up and read above :P
<[miles] > lionel: bonjour ;)
<lionel> hi !
<lionel> I just arrived in from of my computer :)
<lionel> let me read :)
<lionel> [miles] : what I should see ?
<Skaag> he's gone to drink
<[miles] > lionel: you doing much anti spam fighting up there north of me
<Skaag> ah back
<[miles] > ayeeeee
<[miles] > Skaag: did you do reporting?
<lionel> I use amavis-new for antispam
<lionel> with pyzor, razor, spamassassi
<[miles] > ah ok
<[miles] > lionel: I've setup a pyzor server
<[miles] > lionel: I'm in need of hashes
<[miles] > lionel: of known spam tho
<Skaag> [miles] : do you see me reporting now?
<lionel> [miles] : I may have some :)
<[miles] > Skaag: no
<Skaag> [miles] : help me out, I did this but it wait for something:
<Skaag> find . -type f -exec pyzor report < '{}' ;
<[miles] > find . -type f -exec pyzor report < {} \;
<Skaag> ah without the ticks..
<Skaag> bash: {}: No such file or directory
<Skaag> oops sec
<[miles] > :-\
<Skaag> no, same problem
<Skaag> weird one
<[miles] > one sec
<ivoks> find . -type f -exec pyzor report < {} ';'
<[miles] > find . -type f -exec pyzor report {} \;
<[miles] > Skaag: ensure that it's not finding non-email files tho!
<Skaag> there's only email files in that directory
<[miles] > k
<Skaag> do you see reports now?
<[miles] > nope
<Skaag> so it's not working
<Skaag> pyzor needs the emails piped into it I guess
<[miles] > Skaag: whats pyzor showing u on screen?
<Skaag> with <
<Skaag> nothing
<Skaag> it waits for input
<[miles] > :-\
<Skaag> from stdin
<ivoks> right
<ivoks> find . -type f -exec echo {} | pyzor report ';'
<ivoks> no
<ivoks> find . -type f -exec cat {} | pyzor report ';'
<ivoks> or xargs
<[miles] > or try pyzor report < *.eml    for example
<[miles] > or whatever extension they have
<[miles] > lionel: anything you can supply me with?
<lionel> I have a folder full of spam. How can I help you ?
<lionel> (full meaning about 2500)
<[miles] > ok, lionel
<[miles] > is it in mbox format?
<lionel> non, it is a maildir
<[miles] > you got a pyzor client installed?
<Skaag> why would somebody use mbox format... so dangerous...
<lionel> yes !
<[miles] > ok, if you add 195.77.190.21:24441
<[miles] > to your servers file
<[miles] > then do a pyzor report < file
<[miles] > then do a pyzor check < file
<[miles] > Skaag: it's still used
<Skaag> yah I know, too bad for the users...
<[miles] > nod
<Skaag> I remember 6 years ago I had an mbox, it got corrupted and I lost mail
<[miles] > jeje
<[miles] > Skaag: you still can't get the mail hashes sent no?
<Skaag> still
<Skaag> but just a sec.
<[miles] > Skaag: did u try < *
<lionel> [miles] : running
<[miles] > lionel: ok, I'll look at the logs
<[miles] > lionel: mmm nothing
<[miles] > lionel: did u do a ping?
<Skaag> [miles] : yah <* will never work...
<Skaag> lionel: what did you use to send him the hashes?
<[miles] > Skaag: I ain't got any off him yet
<lionel> [miles] : rah, it took another server...
<[miles] > jeje
* [miles]  knows Lionel will get it sorted...  guru ;)
<[miles] > actually, lionel if u want to check also, you can... I'll be adding auth to it shortly, but if u create a user and key, I'll add it
<[miles] > same goes for u Skaag
<[miles] > lionel: with you being not so far away, it should be quite quick
<lionel> when I will try why it took the bad server, it should be quick :)
<[miles] > ?
<lionel> \o/
<lionel> running on your server now
<[miles] > ah
<[miles] > now
<[miles] > yeh, that looks a frenchish IP if ever I saw one
<lionel> :)
<[miles] > u getting any time outs?
<lionel> I have seen none
<[miles] > jaja
<[miles] > I am
<[miles] > I'm reporting atm also from a mbox
<[miles] > lionel: hows france today, it's pissing it down and dark here in Barcelona
<lionel> same here
<[miles] > :-|
<[miles] > I was thinking of going to france last weekend, just to pass a night
<lionel> I am thinking of going to spain next week for vacations :)
<[miles] > ah yeah
<[miles] > which part?
<lionel> Sevilla :)
<[miles] > wooo nice
<[miles] > very very nice indeed
<[miles] > fly yeah?
<lionel> yeah, car is tooo long
<[miles] > nod
<[miles] > very very long
<[miles] > takes me 5 hours from here to Alicante / Valencia border
<[miles] > so, sevilla.. pfff
<[miles] > shit man
<[miles] > mmmm
<lionel> mappy.com told me 13h :-(
<[miles] > 24 years, 5 months, 3 days, 2  hours and 49 minutes
* [miles]  prods Skaag
* [miles]  prods him a bit more
* [miles]  stops prodding Skaag
<[miles] > what I could reallllllllly do with, is a method of importing a pure hash file..
<[miles] > you can create one with pyzor 
<[miles] > but you can't import it from what I see
<[miles] > much easier than all this reporting malarky
<[miles] > for bulk
<[miles] > evening spam hash drops, etc
<[miles] > theres the digest command
<Skaag> sorry i'm back
<Skaag> what's up
<[miles] > I want your hashes
<[miles] > jeje
<Skaag> ;-)
<Skaag> i'm checking how to do this
<[miles] > lionel has just completed his I think
<lionel> [miles] : you're right :)
<Skaag> how?
<[miles] > Skaag: I have no idea what your doing wrong
<[miles] > can you paste bin the dir your trying to report , a brief sample of the filenames or somthing?
<[miles] > lionel: thanks for the reports btw
<lionel> [miles] : no problem. My pleasure :)
<[miles] > lionel: when u come to barcelona one day, I'll buy you a drink
<lionel> :)
<[miles] > lionel: you want to genkey ?
<[miles] > lionel: and I'll add u as an autharized user
<lionel> [miles] : why not!
<[miles] > lol
<Skaag> hey ivoks 
<ivoks> hi
<[miles] > any python programmers here?
* ivoks hides
<[miles] > ivoks: 
<[miles] > out u come
<[miles] > :-)
<ivoks> i'm not a python programmer
<ivoks> i just program in python stuff i need; i don't know it very well to call my self programmer
<[miles] > ivoks: mmm I program also, but not in python
<[miles] > ivoks: not overly keen on what I see of the language to be honest
<[miles] > ivoks: I'm trying to work out what parts of a email pyzor digests, and what it does not
<ivoks> no, i will not download pyzor source :)
* [miles]  ssh's into ivoks box and wgets it
<[miles] > damn predigest command fails
<[miles] > on both my build, and ubuntu servers build
<ivoks> ok, i downloaded
<ivoks> so, what's on your mind?
<[miles] > ivoks: well
<[miles] > ivoks: I want to see how the hashes are created, so I can make other clients that can create the same hashes
<[miles] > ivoks: create a file, which I can then import into pyzor servers db
<ivoks> beh...
<ivoks> as i said, not a python programmer :)
<[miles] > ivoks: jeje
<[miles] > ivoks: me neither
<[miles] > ivoks: it's using sha1
<[miles] > ivoks: http://pastebin.ca/469128
<ivoks> ok...
<ivoks> it's opening /dev/random
<ivoks> generates salt out of it
<[miles] > http://milesbarry.info/COCINA.eml
<[miles] > ivoks: can you try pyzor predigest < COCINA.eml
<[miles] > please?
<[miles] > it *should* show the lines that have been hashed
<[miles] > but mine fails here as you saw
<ivoks> mine too
<[miles] > ivoks: see any reason why?
<[miles] > http://www.mail-archive.com/debian-qa-packages@lists.debian.org/msg17607.html
<[miles] > ah
<ivoks> there you go
<[miles] > mmm cunt is, I've applied other patches
<[miles] > :-\
<ivoks> heh, i got something...
<ivoks> but i don't know if it is correct
<ivoks> http://pastebin.ca/469136
<ivoks> i doubt that's what you are looking for
<[miles] > aye
<[miles] > done it, patched my desktop client
<[miles] > mmm
<[miles] > still dont see what part of the .eml it uses to hash
<[miles] > ivoks: wot u recon?
<ivoks> i think i'm going to hit the bed now :)
<[miles] > shite, it's 18:00
<[miles] > ok, thanks ivoks lionel Skaag
<ivoks> \wii [miles]  
<[miles] > cuall2moro
<ivoks> oh lol
<[miles] > adios
<ivoks> time for bed :)
<bensherman> Hi all.
<Nafallo> haha
<ph1zzle> hey all
<Nafallo> same people here :-)
<lionel> :)
<ph1zzle> I have a server running feisty, and I haev just setup lvm across three hard disks, I was wondering if there is a way I can make /etc/init.d/lvm recognize my setup and set it up for me upon system start?
<shawarma> ph1zzle: It's not working that way now, you think?
<Nafallo> ph1zzle: what version of Ubuntu is it? :-)
<ph1zzle> feisty
<ph1zzle> and shawarma no it is not
<shawarma> ph1zzle: What goes wrong?
<ph1zzle> I ran /etc/init.d/lvm start
<ph1zzle> and then I looked and the drive was not mounted
<shawarma> Is it in /etc/fstab ?
<ph1zzle> I am not even sure where I tell it to mount to
<ph1zzle> uh, no
<shawarma> then it can't know where to mount it.
<ph1zzle> if it was in /etc/fstab I though it might confuse mount
<shawarma> ADd it to fstab and that's it.
<Nafallo> ph1zzle: so your lvm isn't assembled when you arrive at the prompt?
<shawarma> No, that's where that stuff is.
<ph1zzle> Nafallo, I just set it up manually, I ran pvcreate/ vgcreate etc
* ph1zzle sets it up in fstab
<Nafallo> yea, so? that wasn't my question :-)
<Nafallo> and use UUID for LVM now btw :-)
<ph1zzle> so for the drive in fstab I just enter /dev/<vg>/<lv> ?
<Nafallo> it actually WORKS! :-D
<ph1zzle> How do I get the UUID ?
<shawarma> Nafallo: Why?
<ph1zzle> nm
<Nafallo> shawarma: because it TheRightWay(tm) ? :-)
<ph1zzle> I just got it with blkid
<shawarma> Nafallo: Meh.. The lvm path is almost a UUID. :-)
<Nafallo> shawarma: :-P
<ph1zzle> I just added "UUID=6944090d-1ceb-4030-a757-9ead7bd52798       /home/data      ext3    defaults        0       0" into fstab and re ran lvm and it still was not mounted
<Nafallo> shawarma: with UUID I wouldn't need to edit fstab if I want to rename vg och lv ;-)
<Nafallo> ph1zzle: sudo mount -a
<Nafallo> ph1zzle: lvm doesn't do mounting.
<shawarma> ph1zzle: lvm is not supposed to mount anything.
<ph1zzle> ok, that worked
<ph1zzle> now I am about to do a reboot, it should mount automatically after reboot?
<ph1zzle> oh and lvm is not in /etc/rc[*] .d
<Nafallo> yes
<Nafallo> no, lvm is in initramfs.
<ph1zzle> and lvm does not need to be in /etc/rc[*] .d?
<ph1zzle> oh ok
<ph1zzle> fair enough
<Nafallo> or no, it's not.
<Nafallo> it's in udev :-)
* ph1zzle waits for the reboot
<ph1zzle> ah
<Nafallo> or something like that :-)
<ph1zzle> ok
<ph1zzle> yeah ok, it workedlol
<ph1zzle> great, I appreciate the helpguys
<ph1zzle> *help guys
<Nafallo> np
<ph1zzle> is there a way to tell feisty server not to load ipv6 module?
<Nafallo> blacklist it
<ph1zzle> where?
<ph1zzle> I have done it about a year ago
<ph1zzle> but I am looking over etc atm
<Nafallo> /etc/modprobe.d/blacklist-ipv6 or something like that maybe? :-)
<ph1zzle> I just simply have to touch that file
<Nafallo> you have to write ipv6 in it to :-)
<ph1zzle> ok
<sahafeez> so now that i have a better understanding of ubuntu i figured i would do a new install and start fresh. booted the cd and told it to mount the existing lvm setup. it has been 20 mins now..
<shawarma> sahafeez: Did you manage to salvage your group file?
<sahafeez> hum, no idea. just booted the install prg. and it asked me if i wanted to use the current lvm setup. it is the lvm delay bug i think. 3 mins per and 7 slices so..
<shawarma> sahafeez: Er, no, didn't you talk about you nuked /etc/group yesterday?
<sahafeez> yes, got that back
<shawarma> 01:10 < sahafeez> ok, i just did something really dumb. i nuked my /etc/group file.
<sahafeez> yah. sorrry. long day and it is only 1333. i got that back
<shawarma> Good. Not just by copying it from another machine, I trust?
<sahafeez> yes, thats how. same ubuntu setup. same users
<shawarma> Well, if you're sure everything was installed in the same order on those machine, you should be fine.
<shawarma> Otherwise, you might run into... well.. funny issues along the way.
<sahafeez> hum, well i am nuking that box right now so it does not matter. i have found 4 docs on ldap+samba on ubuntu and they are all wrong or missing something. i have put together what works and i will write it up and add it to the wiki when done
<sahafeez> are the gid not the same per service
<sahafeez> ?
<shawarma> sahafeez: No.
<shawarma> sahafeez: Not necessarily.
<sahafeez> wow. i would call that a bug
<shawarma> sahafeez: Some things run "adduser --system" or "addgroup --system" in their postinst script.
<sahafeez> in *BSD the gid for servers are standard for 90% of the stuff
<shawarma> 0-99 are always the same.
<shawarma> Stuff like root, bin, news, admin..
<shawarma> Generally stuff that doesn't belong to one single service, but are more administrative in character.
<shawarma> http://www.debian.org/doc/debian-policy/ch-opersys.html#s9.2.2
<shawarma> There you go.
<sahafeez> ok, thank you for the information. i am looking forward to getting this up and running. i am hoping to cut over from the w2k3 box this weekend.
<shawarma> Cool.
<sahafeez> we will see. i have even started on testing the groupware bit. 
<nictuku> do you guys know any software for sharing internet connection that's focused on non-technical users ?
<nictuku> I have a friend that lives in a Uni dorm with 100 computers, and they're all sharing an internet connection using a "Windows XP Server"
<nictuku> so I guess if there was a very simple program that let a person 1) setup a local IP network 2) distribute IP's 3) share connection in a safe way 4) let the "administrator" mark a checkbox that would activate a QoS fair algorithm 5) create nice usage statistics
<nictuku> if there isn't, I would consider creating one
<nictuku> it could be either a simplified control panel using PyGTK, or a web control panel
<sahafeez> 29mins to read the lvm. nasty bug.
<sahafeez> or buy a linksys for $40
<nictuku> yeah, agreed, although a linksys router won't have a stochastic fair queueing algorithm
<sahafeez> depends. there is qos on some of them
<sahafeez> the $70 one
<nictuku> :-)
#ubuntu-server 2007-05-04
<sahafeez> how do i tell aptitude to remove everything and not remember configs so when i reinstall it ask all the questions again
<dj-fu> you can just tell dpkg to ask you the questions again
<dj-fu> dpkg-reconfigure <packagename>
<dj-fu> but do dpkg --purge package to uninsall it and remove the configs
<sahafeez> ok, thanks
<PinkFloyd> Anyone help me get Webmin on my server?
<PinkFloyd> nevermind, found a guide
<Kamping_Kaiser> i just reinstalled ubuntu on a server, and i cant work out how to rebuild the LVM i had running before.
<Kamping_Kaiser> can someone lend me a hand?
<[miles] > morning gentlemen
<[miles] > guys, anyone know the base Ubuntu Server install size?
<[miles] > in mb
<[miles] > a clean install
<Burgundavia> 200 or 300mb?
<[miles] > aye
<[miles] > I recon
<buk> Good day.
<Burgundavia> hello
<buk> [miles]  said ubuntu-server is damn good, is that correct? ;^)
<[miles] > :D
<[miles] > welcome buk
<buk> :)
<buk> Can squid do reverse proxying?
<buk> err, wrong window ;)
<Burgundavia> yes
<[miles] > buk: did u download the 32bit version by mistake?
<buk> not by mistake :)
<buk> we have some older hw here ;^)
<[miles] > ah ok
<[miles] > when you doing your 1st install (test, or whatever)?
<[miles] > today?
<buk> maybe
<buk> just installed 3 suse-10.2 
<[miles] > lol
<buk> one more or less on the vmware-server wont make a difference ;^)
<[miles] > servers?
<buk> yeah
<buk> upgrading the dmz-boxes
<[miles] > k
<buk> and moving them to virtual appliances
<buk> zypper got pretty usable too btw.
<buk> though still pretty slow I'd say
<[miles] > zypper?
<[miles] > wtf is that
<buk> apt4suse ;^)
<[miles] > I can't believe your installing 10.2 for servers
<buk> what else should I use?
<buk> we are suse-based
<ivoks_> i can't belive anyone is instaling any version of suse :)
<[miles] > yeah
<[miles] > but
<[miles] > why not SLES?
<buk> ivoks_: :oP
<[miles] > ivoks_: SUSE is good also, I used it for many many years
<[miles] > ok, no distro bashing here
<[miles] > ;)
<buk> [miles] : we got along with the boxes pretty well in the last years
<[miles] > buk: do you feel u depend on YaST tho when setting up the servers?
<buk> I rarely use it
<[miles] > buk: better
<buk> I configure with vim :)
<[miles] > h4rdc0r3
<[miles] > now, I must go a script something... bbl
* [miles]  goes all digitally imported
<buk> is the server installation always without X?
<[miles] > yes
<[miles] > buk: lol, what u need X for
<[miles] > gui junky
<[miles] > buk: none of my servers here have x... theres no need for it what so ever
<buk> I just talka bout the installation
<buk> desktop-installation was X based from LiveCD
<[miles] > lol
<[miles] > alternate is'nt
<[miles] > I dont use the live cd's for desktop
<[miles] > I use alternate
<buk> mmmh, k
<buk> I just got the first link I saw. ;^)
<[miles] > aye
<[miles] > -rw-r--r-- 1 miles miles 730697728 2007-04-26 11:27 kubuntu-7.04-alternate-amd64.iso
<[miles] > -rw-r--r-- 1 miles miles 728449024 2007-04-26 10:35 kubuntu-7.04-alternate-i386.iso
<[miles] > -rw-r--r-- 1 miles miles 730056704 2007-04-19 13:06 ubuntu-7.04-alternate-i386.iso
<[miles] > -rw-r--r-- 1 miles miles 503633920 2007-04-19 13:28 ubuntu-7.04-server-amd64.iso
<[miles] > -rw-r--r-- 1 miles miles 516335616 2007-04-19 13:19 ubuntu-7.04-server-i386.iso
<[miles] > :P
<[miles] > and of course the reset jeje
<buk> how does ubuntu differ users and adminusers?
<buk> I create a user during installation, I guess he is allowed for all sudo stuff
<[miles] > nod
<[miles] > if you want root
<[miles] > sudo su -
<buk> yeah
<[miles] > but, obviously, sudo when you can
<buk> we have a bunch of boxes here without any "users" at all
<buk> web-, proxy-, mailserver for example
<buk> bit uncommon to me
<buk> Perfect, how long does he wait until giving up reaching a mirror?
<[miles] > wot?
<[miles] > buk: whats your sources... modify em if your having probs... gb.
<[miles] > for example
<buk> I'm installing.
<buk> From CD.
<buk> I didn't configure any sources
<[miles] > buk so what you babaling on about waiting to reach a mirror..
<buk> I tried to reach some mirror and later the update server
<[miles] > no problems here
<buk> tsk, asla installed on a server
<[miles] > wot?
<[miles] > why u got the sound enabled in the bios
<[miles] > lol
<[miles] > buk: amateur
<[miles] > :P
<[miles] > you'll be asking if your joystick will work next
* [miles]  runz
<[miles] > buk: you winning?
<buk> Configuring Squid atm :)
<[miles] > nice nice
<[miles] > your used to apt and aptitude yeah?
<buk> not really
<buk> but I'm used to man ;^)
<[miles] > lol
<[miles] > aptitude is well sweet
<[miles] > I love it
<BoostedSS> YO
<BoostedSS> ok, I'm running the server dapper version, how do I enable bigmem support?  or how do I tell if it has it enabled?
<BoostedSS> I have 5 gig mem in a box and it only shows 3.2
<BoostedSS> any clues
<[miles] > sorry, no idea
<[miles] > but that is a lot of mem
<[miles] > lol
<BoostedSS> It a vm server
<BoostedSS> lol
<BoostedSS> seems like I'm inheriting problems lol
<BoostedSS> I tried to add another vm to that box and it choked
<[miles] > jesus, a vm server with 5gb
<[miles] > ?
<buk> memory is all you need in a VM-Host.
<BoostedSS> Virtual Machine, not voice mail lol
<[miles] > :)
<buk> CPUs usually idle :)
<BoostedSS> yep, do you know buk?
<BoostedSS> bios shows the 5 gig, kernel shows 3.2
<buk> I joined here 2 hours ago :)
<buk> SuSE has a seperate kernel for bigmem
<buk> Thats all I can say. *G*
<BoostedSS> :(
<BoostedSS> lol
<[miles] > BoostedSS: you checked the wifi
<[miles] > erm
<[miles] > wiki
<BoostedSS> I'm on my way there now.
<[miles] > mmm I dunno if it's shipping with a bigmem kernel
<BoostedSS> I just found out some dumb dumb used the desktop version
<[miles] > lol
<[miles] > ok
<BoostedSS> for sure it doesn't have big mem
<[miles] > BoostedSS: Im only finding bigiron
<[miles] > on 6.06LTS server
<[miles] > BoostedSS: what kernel is running atm?
<BoostedSS> 2.6
<BoostedSS> something
<BoostedSS> I'm going to tell my boss to rebuild it LOL
<BoostedSS> brb
<[miles] > BoostedSS: wait
<BoostedSS> kkk, give me a sec, brb
<[miles] > BoostedSS: sudo aptitutude install linux-server
<BoostedSS> what will that do?
<[miles] > install the linux-server kernel
<[miles] > it's still available
<[miles] > u don't need to do a full reinstall lol
<[miles] > why would u need to do that?
<[miles] > this ain't windows ;)
<[miles] > BoostedSS: then reboot the server, and choose linux-server in grub menu
<[miles] > BoostedSS: also check the config 
* [miles]  blows his ears out with Tiesto - In The Dark
<[miles] > damnnnnnnnnnn fine toon
<[miles] > BoostedSS: http://pastebin.ca/470774
<BoostedSS> got ya, I'll probably be back :)
<[miles] > jeje ok Miranda
<BoostedSS> huh?
<BoostedSS> Where does that sho?
<BoostedSS> I'm a router/ voice/ cisco guy by the way lol
<[miles] > yeah yeah
<[miles] > in a dress :P
<[miles] > with a girls name
<[miles] > jeje
<[miles] > don't worry, buk 's an alien
<BoostedSS> lol
<BoostedSS> I haven't worked with linux in a few years lol
<[miles] > BoostedSS: ok
<[miles] > BoostedSS: try what I'm recommending
<[miles] > BoostedSS: did you read the pastebin btw?
<[miles] > http://pastebin.ca/470774
<BoostedSS> I am going to in about 5 minutes, I just warned users :)
<[miles] > BoostedSS: aye, warn em that it wont work :P
<[miles] > gonna take coffee
<[miles] > ciao
<BoostedSS> TY
<[miles] > np
<[miles] > BoostedSS: work?
<BoostedSS> I'm getting hammered right now, give me about 20 more min lol
<BoostedSS> I just had a banks IPS module just flip out and started shutting thier network down LOL
<BoostedSS> you still there miles?
<BoostedSS> anyone know how to get the himem installed?
<BoostedSS> yo
<mralphabet> bah
<BoostedSS> YO, I'm back :)
<mralphabet> BoostedSS: sudo apt-cache search linux-image
<mralphabet> that will show you all available kernels
<BoostedSS> not sure, sorry
<mralphabet> BoostedSS: type that in a console
<BoostedSS> oh
<BoostedSS> hrm.  let me look.
<mralphabet> you are on dapper?
<BoostedSS> yea, but I think it is the desktop ver, not server
<BoostedSS> I did a linux-server install on it , but kinda lost.  I'm a router / cisco guy lol
<BoostedSS> the only linux exp I have is asterisk
<BoostedSS> I don't see anythign in there that says bigmem or himem in there
<mralphabet> in a console, do "cat /boot/config-2.6.15-27-server |grep -i mem" without the quotes (as miles suggested)
<mralphabet> in a console, do "dmesg | grep -i version" without the quotes
* mralphabet sighs
<BoostedSS> ok, back
<BoostedSS> next question, I have the right boot config, how do I set grub to boot to it?
<mralphabet> how do you know you have the right boot config?
<BoostedSS> by doing a cat /boot/"whatever config" |grep -i mem
<BoostedSS> it shows that I have the highmem configured on that
<mralphabet> sudo vi /boot/grub/menu.lst
<mralphabet> there's a default option
<mralphabet> it's probably set to 0
<mralphabet> set it to whatever line the server kernel is
<foo> Besides cutting edge technology with ubuntu, better hardware support - what else does ubuntu have to offer over debian? Quick, I'm trying to convince my employer :)
<foo> (and I'm not trying to start a flame war)
<ivoks> foo: predictable support cycle
<foo> I love ubuntu, just always trying to better my reasoning
<foo> ivoks: ah, debian doesn't? Haha. ok, thanks
<ivoks> and big companies support it more and more
<ivoks> technicaly, there isn't a big difference
<foo> You're talking like ubuntu is based off debian or something
<foo> What do you mean no big difference?
<foo> :P
<foo> ivoks: ok, that should be good. Thanks!!
<ivoks> ubuntu is based on debian
<BoostedSS> mralphabet: if the title is on line 175 of the file instead of the default 0 it should be 175 or should it be the kernel line?
<foo> ivoks: oh, </sarcasm>
<mralphabet> BoostedSS: it is 0 for the first kernel, 1 for the second kernel, 2 for the third kernel, etc
<BoostedSS> ty :)
<VR_> hey guys, i can't find the server ISO
<ivoks> where did you look for it?
<VR_> http://releases.ubuntu.com
<VR_> gah!
<VR_> i'm blind
<VR_> actually, i didn't look there, i looked at cdimage.ubuntu.com
<VR_> but.. yeah, found it
<VR_> thanks for that subliminal hint, ivoks
<ivoks> heh, np
<ivoks> it would be great if that would be biggest problems :)
<VR_> oh yeah
<VR_> i cant decide which desktop environment to use
<VR_> for my other machine, that is
<ivoks> as we are on -server, i would suggest no-GUI option :)
<foo> ivoks: thanks for your input, btw
<ivoks> np
<foo> ivoks: "Congratulations to all people involved in this deal. Great job everybody! Now, let's take servers too! :)" - hehe, agreed :)
<ivoks> :)
<r00tintheb0x> Hello all, i have a Intel s845wd1-e motherboard with a onboard RAID controler on it. When i create a RAID array with the hardware RAID software, and try to install RHEL, its seeing two drives instead of one. Any ideas?
<ivoks> not a hardware raid
<sahafeez> so i just installed a server, but left lvm off. i now want to use it but i cannot find the normal lvm tools. what am i missing
<sahafeez> hum, lvm2
<sahafeez> wow. this is a pain.
#ubuntu-server 2007-05-05
<amigamia> hello
<amigamia> is it possible to use slax creator and write the ubuntu server 6x to a memory stick?
<amigamia> usb memory stick
<amigamia> does ubuntu server automatically detect needed updates and retrieve them and install them as needed??????
<sahafeez> question, i see apache-ssl and apache2 in the packages - does apache2 have ssl?
<Pumpernickel> sahafeez: Yeah, it does, through the apahce2.2-common dependency.  apache-ssl is from the 1.x branch of Apache.
<sahafeez> thanks!
<Pumpernickel> s/apahce/apache/
<amigamia> hello
<amigamia> is there a problem with downloading the server?
<amigamia> i have tried all day with no luck
<foo> Hm, try a different mirror?
<amigamia> tried all of them on the list
<foo> What! Haha. Sounds like something on your end, I doubt they are all failing. hmm
<amigamia> umm
<amigamia> i just downloaded centos and SME with not difficulty
<amigamia> just downloaded looking glass from sun with no difficulty
<amigamia> but absolutely no success with ubuntu-server
<amigamia> ?
<dj-fu> Length: 516,335,616 (492M) [text/plain] 
<dj-fu> 18% [========================> ]  97,740,200 7.31M/s ETA 00:57
<dj-fu> --14:46:29-- http://ftp.citylink.co.nz/ubuntu-releases/feisty/ubuntu-7.04-server-i386.iso
<dj-fu> => `ubuntu-7.04-server-i386.iso'
<dj-fu> looks fine here..
<amigamia> umm
<amigamia> new zeland :D
<dj-fu> the web interface link didn't work
<dj-fu> it seems to be replacing :// with HTTP encoded characters
<dj-fu> which throws up a 404.
<amigamia> yes
<dj-fu> I just edited the URL manually. Do that ;)
<amigamia> thank you dj-fu
<dj-fu> mmm... fast.. 14:47:37 (7.22 MB/s) - `ubuntu-7.04-server-i386.iso' saved [516335616/516335616] 
<amigamia> :)
<amigamia> i'm wireless in a hotel
<amigamia> how is ubuntu-server?
<dj-fu> We don't run 7.04 on our production servers yet
<dj-fu> still pushing Edgy around.
<dj-fu> I run 7.04 on the VPS servers though, it seems nice.
<dj-fu> still, I prefer another distribution but am told to use Ubuntu.. so..
<amigamia> well i am switching to centos. we just went thru some real bad experiences with blackhats and we decided to look into centos 
<amigamia> we were using a derivitive of SME 
<amigamia> the os in all reality was not the issue it was the add-ons that were the problem. vulnerabilitiues in metadot and horde. ruined the trustability of the servers.
<dj-fu> I don't even know what SME is.
<dj-fu> I've only ever ran Gentoo for servers, sure, they take a little while to setup
<dj-fu> but they're easy to lock down.
<amigamia> yeah
<amigamia> but this was out of control and we could not trust anything any longer being uncompromised.
<dj-fu> heh, that sucks
<amigamia> who you telling.
<dj-fu> I have all my shit secured with mod_security, jails and stuff
<amigamia> really bitter and angry about the whole thing.
<dj-fu> so all web frontends are secure as.
<dj-fu> sometimes even too secure
<amigamia> mod_security?
<dj-fu> yeah, it's an apache module that does POST/GET filtering.
<dj-fu> regex matches mostly, PCRE, precompiled
<dj-fu> throughput suffers a bit, but with enough hardware it's an easy way to lock down web interfaces
<amigamia> that is what got me 
<amigamia> get
<dj-fu> ;)
<amigamia> i was got ;)
<dj-fu> unfortunately Ubuntu isn't offering it in the repositories
<dj-fu> so you have to compile it manually
<dj-fu> due to licensing issues
<amigamia> if we could find those people we would beat them down to a pulp
<dj-fu> (GPL vs. APL)
<amigamia> ahh
<amigamia> ok
<dj-fu> compiling it manually is no issue though
<dj-fu> just a matter of installign the right deps (apache2-dev, libxml2-dev) and enabling mod_unique_id, then you just edit the makefile and press make ;
<dj-fu> I found a nice tutorial on google somewhere searching for mod_security ubuntu
<dj-fu> no,the official mod_sec docs are very good
<amigamia> i just found the website
<amigamia> this whole security thing is nuts
<dj-fu> it can even take care of chrooting apache automatically
<dj-fu> I have a chrooted apache,php,mysql,mod_perl server on our main webserver at work
<dj-fu> all due to mod_security
<dj-fu> it's very nice xD
<amigamia> ;)
<dj-fu> for what it's worth
<dj-fu> http://gentoo-wiki.com/Apache_chroot:_the_mod_security_way
<dj-fu> Is very useful also
<dj-fu> I can answer questions too, if you want to use it and ask me stuff ;]  (have it running on Feisty and Edgy)
<amigamia> ahh ok
<amigamia> thanks so much
<amigamia> let me look at it
<amigamia> dj-fu i never heard of this jail business lol
<amigamia> this is deep
<sahafeez> anyone using ubuntu server as a replacement for a window AD controllor?
<dj-fu> LDAP and all? no
<dj-fu> I've used a distro to replace a basic fileshare/domain w/ Samba
<dj-fu> not Ubuntu also ;] 
<sahafeez> is there a list of the virtual packages for things - like gnome-minimal or xorg-min - i have seen it somewhere but i cannot find it
<herman> hi
<herman> do some people here have experience with the ultra poor performance of software RAID1 in Ubuntu?
<herman> we tested different ubuntu versions on our servers and the breezy release was still OK but after that dapper has a throughput of like 15MB/s and up to feisty its still really poor not passing the 25MB/s
<herman> and thats just with copying large files, with many small files (regular use) its even much smaller
<sahafeez> what filesystem and are you copying from one drive to another, same to same, etc..
<herman> same to same
<herman> with JFS
<sahafeez> so moving on the same drive. hum.
<sahafeez> ide or scsi
<sahafeez> if you cp a file to /dev/null hows the speed
<foo> ivoks: mornin'
<ivoks> morning
<foo> ivoks: so, you said that with RAID5 + 6 500GB drives... I would need to have 1 of those drives be the OS, or something similar. Is this because of a 1.5TB restriction on ext3 or something?
<herman> sahafeez: i'll try later but it are sataII disks
<herman> sahafeez: oh sorry i remembered falsely i got those speeds with /dev/zero to the drive
<herman> so write only
<ivoks> foo: no
<ivoks> foo: if you create raid field bigger than 2TB, you can't create msdos partition table on it
<ivoks> foo: therefor, partition table on it should be GPT
<ivoks> foo: if it's GPT, than you have to have EFIloader, instead of BIOS; which is available only on Itanium2 hardware
<foo> ivoks: ah, that was it
<ivoks> foo: so, if you don't have Itanium2, you need aditional boot disk with msdos partition table
<ivoks> foo: where you would have your /boot and that disk would be first disk in bios (ie, bootable disk)
<ivoks> foo: in MBR of that disk would be grub/lilo
<foo> ivoks: Gotcha, ok. Itanium2. Hmm, is that on any dell hardware?
<ivoks> lol
<ivoks> you know what's itanium?
<ivoks> itanium2 is intel's processor
<ivoks> fully 64bit one
<ivoks> no 32bit instructions
<ivoks> very expensive
<foo> Hehe, actually, no, I wasn't sure
<foo> Hmm, I see
<ivoks> you need special motherboard for it
<ivoks> i really doubt dell has anything from itanium collections
<foo> ivoks: And this issue is an issue with all distributions?
<ivoks> foo: that's not an issue with operating system
<foo> Hardware
<ivoks> foo: that's an issue with bios and partition table
<foo> aha, I see
<ivoks> there is no MBR on GPT partition table
<foo> GPT = gparted, right?
<ivoks> so, i386 bios can't boot from it
<ivoks> no
<foo> ah
<ivoks> http://en.wikipedia.org/wiki/GUID_Partition_Table
<ivoks> http://www.microsoft.com/whdc/device/storage/GPT-on-x64.mspx
<foo> mhmm, ok, thanks.
<ivoks> Because the x64 and x86 architectures do not provide support for an EFI boot partition, you cannot use a GPT drive to boot an x64-based computer or an x86-based computer with a legacy BIOS. Therefore, computers running these operating systems must be equipped with more than one physical driver to allow the use of the GPT disk format.
<foo> So, it's safe to say that on the Dell 2950s with 6 500GB drives on RAID5 is impossible, right? (with no other drives)
<ivoks> no :)
<ivoks> you can boot from CD
<ivoks> your problem is booting; nothing else
<ivoks> you can boot from CD, floppy, USB, additional disk
<foo> gotcha, I see.
<ivoks> standard PC partitions table can contain partition <2TB
<foo> ivoks: I'll just boot off a 2GB USB key
<ivoks> be sure to have at least two copies :)
<foo> :D Sure, 2 USB keys. Redundant OS
* foo laughs
<ivoks> and a backup on disk
<foo> yeah
<foo> Hm, is that actually plausible?
<ivoks> not 2 kyes in the same time
<ivoks> but on in computer, and one in secured safe :)
<foo> (taped under the server)
<ivoks> what? boot from usb?
<foo> yeah
<ivoks> yes
<ivoks> depends on BIOS
<ivoks> most modern MB can boot from usb
<foo> yeah
<ivoks> if your MB supports it
<ivoks> create raid, plug in key, start installation, create / on raid and /boot on key, and install grub in MBR of key
<foo> yup
<ivoks> after the installation, start the system, plug in another key, copy content of /boot to it, and install grub on the second key (grub-install /dev/whatever)
<ivoks> then you are safe to go to bed
<foo> Cool, thanks man
<foo> Really appreciate that bit
<ivoks> np
<ivoks> with disks geting bigger every day, this problem grows too
* foo nods
<herman> does that mean if you create a small root partition on the 3TB array that it can boot anyway?
<ivoks> right
<foo> Only the MBR, I believe
<ivoks> cause that array is on GPT partition table
<ivoks> eerrr... GPT is on that array :)
<herman> well i'll try it myself in the not so distant future 
<herman> nice to know where i can expect some trouble
<ivoks> :)
<herman> i thought my xeon board has efi as well
<ivoks> what board?
<herman> 5000 series
<herman> intel
<herman> but i think the 3000 series board i have lying around now has it as well
<herman> i'll check 
<herman> at least you can find efi shell in the bootoptions
<herman> IIRC
<ivoks> http://www.intel.com/products/motherboard/D945PLNM/index.htm
<ivoks> looks like this one has EFI
<ivoks> well, that's great!
<herman> http://www.intel.com/design/servers/boards/s3000ah/index.htm
<herman> i got that one
<ivoks> well, if it has EFI, then you shouldn't have that problem
<ivoks> but...
<ivoks> ubuntu installer doesn't offer instalation of elilo, IIRC
<herman> well i probably don't use it, but i remember seeing it on the boards non ia64, since you said it was itanium only
<ivoks> yes, it's intel inovation
<ivoks> but it's reasonable to port it to i386 arch
<herman> i like the 3000 series, its a lot cheaper then the 5000 but still quite fast :)
<ivoks> since disks are really big these days, and 2TB isn't a problem
<herman> quite easy to get more then 2TB:)
<ivoks> herman: well, be sure to try with elilo
<ivoks> i'm interested in results :)
<herman> i'll remember when the time comes :)
<slackwarelife> any idea ???
<edistar> I have a question, I need to logon clients non-locally, via a server
<edistar> is there a solution for linux?
<ivoks> yes
<edistar> any more information?
<ivoks> you can have a server and diskless clients
<edistar> I have that already..
<ivoks> or you are asking for user login?
<edistar> I have a terminal server
<edistar> I need to somehow have something like a radius server
<edistar> cause I need to get user/password from a central server for 2 terminal servers and one ftp server
<ivoks> openldap?
<edistar> something like a radius server, but is that the best solution?
<ivoks> or freeradius
<edistar> which is easier?
<ivoks> depends on what you have on central server
<edistar> ?
<ivoks> depends on your need
<ivoks> do you have users on central server?
<edistar> no
<ivoks> then setup a ldap server on server
<ivoks> and make clients authenticate over ldap
<edistar> okey
<edistar> thank you
<slackwarelife> edistar: there some problem with ldap and dbus
<edistar> what do I have to watch out for then?
<ivoks> slackwarelife: ?
<slackwarelife> yes, when force pam to use ladp dbus stop to works
<edistar> hm
<slackwarelife> pam_ldap.so
<slackwarelife> in this case
<slackwarelife> auth suffiient pam_ldap.so
<edistar> can I just install openldap on debian to test?
<slackwarelife> but the problem is on the clients
<slackwarelife> i'm using ubuntu 6.10 ldap + samba
<edistar> ok
<slackwarelife> and 50 clients ubuntu 6.10
<slackwarelife> to works dbus you must
<edistar> I'm trying ubuntu 7.04 +slapd or something? looked like an openldap server..
<slackwarelife> edit /etc/dbus-17system.d/hall.conf
<slackwarelife> sorry /etc/dbus-1/system.d
<edistar> ok
<slackwarelife> there a very good post on dbus mail-list
<ivoks> and hal.conf :)
<slackwarelife> yes
<edistar> thanks :)
<slackwarelife> I spent 5 week to understand because the dbus sto
<edistar> oh
<slackwarelife> nothing
<ivoks> and change what? :)
<slackwarelife> wait
<ivoks> https://answers.launchpad.net/ubuntu/+question/5136
<slackwarelife> yes
<slackwarelife> but this pam config are so sure
<slackwarelife> I'm now try to do some other configuration using cracklib
<slackwarelife> but if you want it works fine
<slackwarelife> I have found it on the net
<slackwarelife> if you want change hal.conf
<slackwarelife> you must change this
<slackwarelife> <!-- You can change this to a more suitable user, or make per-group -->
<slackwarelife> I change it using user group
<slackwarelife> in this line
<slackwarelife> form <policy user="0"> to <policy user="user">
<ivoks> ok
<slackwarelife> some other problems are the passowrd change on ldap server
<slackwarelife> i don't know how I can change it in local and in ldap using one tool
<slackwarelife> now i'm using two tool
<slackwarelife> the ubuntu user tool
<slackwarelife> and the smbldap-tool
<slackwarelife> but i know it is possible using correct pam configuration
<ivoks> right
<ivoks> server has to use pam too
<ivoks> doh.. ldap
<slackwarelife> yes my server use pam
<slackwarelife> now in my pam i have "password	requisite	 pam_ldap.so		md5 use_authtok"
<slackwarelife> use_authlok is a derctive which must use the data insert in pam_un
<slackwarelife> pam_unix.so
<slackwarelife> this is client config
<slackwarelife> see you late
<Skaag> My box loads the sky2 driver for my syskonnect yukon card but it's buggy, I noticed the older sk98lin driver is also supplied, how do I tell my box to use that instead?
<Skaag> And where do I set ip forwarding to automatically be set on boot time?
<\sh> Skaag, ip forwarding in /etc/sysctl.conf
<\sh> Skaag, and sk98lin you can add to /etc/modprobe.d/ you can blacklist sky2 and add sk98lin to autoload
<Skaag> thanks
<Skaag> I think sk98lin doesn't work, I just tried.
<Skaag> it's strange
<Skaag> on debian it used to be my driver
<\sh> Skaag, but sk98lin is autoloaded for my toshiba r200 
<Skaag> I have a weird problem with sky2
<Skaag> after a while I get a strange message in dmesg
<Skaag> and then, connections hang at the 4th packet
<Skaag> I thought at first it was a conntrack problem
<\sh> that was the behaviour of sky2 during breezy development,..that's why we included syskonnects sk98lin drivers
<Skaag> also, can you tell me if there is a new convention for virtual interfaces in ubuntu-server instead of eth1:1, eth1:2...?
<Skaag> oh I see
<Skaag> a modprobe sk98lin gives no results
<Skaag> nothing in dmesg
<\sh> Skaag, well..not that I know that there is a different behaviour...actually I don't use virtual interfaces for any box I have...but looking at the avahi interfaces opened up by NM, I think it didn't change for feisty
<Skaag> it's giving me weird behavior
<Skaag> can you help me verify the format is correct?
<\sh> eth1:<something>
<\sh> 2: eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
<\sh>     link/ether 00:10:c6:e3:4b:65 brd ff:ff:ff:ff:ff:ff
<\sh>     inet 169.254.7.107/16 brd 169.254.255.255 scope link eth0:avahi
<Skaag> http://rafb.net/p/ivZDcg64.html
<\sh> should work, yes
<Skaag> gives me strange warnings once in a while
<Skaag> and I can't ifup eth1:1
<\sh> I would cound from 1 to x and not starting with 5
<Skaag> hm...
<Skaag> I do that to keep a certain logic in the interfaces against ip addresses
<Skaag> can you help me find out why sk98lin does not work when I modprobe it?
<\sh> lsmod says what?
<\sh> pastebin it
<\sh> if not, please ask in #ubuntu for those questions...it's plain support
#ubuntu-server 2007-05-06
<amigamia> hello
<amigamia> anything special i need to be wary of when i install ubuntu server 6.x?
<amigamia> which should i run 6 or 7?
<amigamia> ?????
<foo> 6 or 7? 
<foo> Oh, nevermind.
<foo> amigamia: You should run what you want ... 
<foo> 6 is recommended due to its 5 year support cycle
<foo> I would do that, anyways
<amigamia> ok
<amigamia> i made the cd today at work
<foo> oh, nice
<amigamia> i will install it tomorrow.
<foo> ok :)
<amigamia> yes :)
<amigamia> i want to install ubuntu on all the workstations 
<foo> Does everyone know how to use ubuntu?
<amigamia> run wine and keep a couple laptops around there for windows but i want to rid the place of windows. 
<foo> hehe
<amigamia> well i will have a class on the use and create some cheat sheets and/or pages for them to use for instructions online.
<amigamia> i'll see.
<sahafeez> question - if i am running 6 and do a aptitute update then upgrade will i be around the same software levels as 6
<sahafeez> as 7 that is
<amigamia> is horde included in the installation?
<foo> sahafeez: Nope
<sahafeez> so i have the issue of the drivers for my server are not in 6 and i cannot install it
<foo> amigamia: hmm, looks like horde2 and 3
<amigamia> i was looking at the perfect install pages and i was wondering whether the install is fully scripted? secondly it says to run an update however i just downloaded the iso today and i am not sure if it is up to date or not?
<amigamia> cool
<foo> amigamia: I'd run the update
<amigamia> 2 has some severe vulnerablilites
<amigamia> yes
<amigamia> i will
<amigamia> is the backup automated?
<amigamia> will it backup to a usb hdd?
<foo> amigamia: It'll do whatever you tell it to :) Welcome to linux
<amigamia> i need to get it right this time. tired of rebuilding the server over and over.
<amigamia> foo ;)
<foo> Although, you probably want to have some shared network system and backup files to that, maybe.
<foo> Depending on the environment
<amigamia> what about the firewall, should i have like ipcop in front of it or that pfsense?
<amigamia> or is the one included sufficient?
<foo> Hm, not too sure about the one included. I actually don't use anything. I have a firewall on my router.
<foo> Remember, this is linux, not windodws ;)
<foo> windows*
<amigamia> ;)
<amigamia> i want to have as much as possible on that baby :)
<amigamia> i was looking at this today. 
<amigamia> http://cgi.ebay.com/Microway-MW-1U-Dual-Pentium-4-Xeon-2-6GHz-Server_W0QQitemZ290111523196QQihZ019QQcategoryZ1484QQrdZ1QQcmdZViewItem
<amigamia> think that is a good deal?
<foo> You buy it?
<amigamia> thinkig to
<amigamia> will contact the man 
<foo> It was already bought
<amigamia> yes but he has 3
<foo> ahh, I see
* foo looks 
<sahafeez> is not 64 bit
<sahafeez> so not worth it
<foo> amigamia: To be honest, not too sure. I usually don't have to deal with that kind of stuff.
<amigamia> ahh your right! i forgot about that! :D
<amigamia> ohh
<amigamia> are you a foo fighter?
<foo> :D 
<amigamia> i knew it!!!!
<amigamia> a foo fighter!
<amigamia> ;D
<amigamia> brb
<levander> Anyone here use moinmoin?  I'm trying to figure out what the hell happened to it during my Feisty upgrade.
<foo> Well, what's it doing?
<levander> I know I was using it under Edgy, and I only had the "moin" package installed (according to a log I kept).  And packages.ubuntu.com doesn't even show a moin package for Edgy.  python-moinmoin is apparently what you're supposed to have to have moin installed.  It's not installed on my machine.
<levander> When I pull up the URL that it used to run from, I get some "Internal Server Error" message from Apache.
<levander> I just went back to previous distros.  Apparently, back in breezy there was a package just called moin.
<levander> I must have had that package in there back from those days, the upgrade to dapper didn't remove it...
<levander> And finally, when I got to Feisty, somehow that moin package was removed...
<levander> That's what I'm betting happened (something like that, I wasn't very specific)
<levander> Man the upgrade issues...
<levander> I've been upgrading this box since Warty
<levander> Upgrading to Edgy, they dropped an old meta-package for kernels that I was using.  So, my kernel wasn't upgraded.
<levander> My old kernel didn't play with the new udev in Edgy.
<levander> Took three days to get my system back.
<amigamia> i have an external Backpack CD-Rewriter, will ubuntu be able to access this? it uses the 25pin serial port.
<hansin321> hello\
#ubuntu-server 2008-04-28
<osmosis> 3ware raid controller seems slow on hardy 2.6.24-16-server
<timboy2> for some reason php pages aren't being served... When I try to go to my roundcube site I get: you have chosen to open which is a: application/x-httpd-php anyone know why this is happening?
<timboy2> figured it out. I had to sudo apt-get purge libapache2-mod-php5 then reinstall it!
<cellofellow> hello
<cellofellow> would it be safe to upgrade a production server from Gutsy to Hardy?
<ScottK> cellofellow: It depends a lot on the specifics of your configuration.  I've had no trouble upgrading my servers.  Others have.  I recommend a test server to try out.  This is something that's generally a good thing to have in any case.
<cellofellow> It's got Apache, MySQL, PostgreSQL, DNSMasq (very important).
<cellofellow> Just a home server.
<timboy2> anyone know anything about mod_rewrite? I'm trying to set it up for my mail server... this is my config: http://pastebin.ca/999907
<eklof> Hi guys.
<eklof> I noticed the update-script warned about trying to upgrade my server using ssh? Anyone had problems?
<eklof> I'm not keen on going 200km just for the fun of it.
<eklof> :)
<ScottK> I've done several via ssh with no problems, but mine are on a different floor in the same building, so the risk level is different.
<osmosis> how do I apply my hostname to the prompt after edit /etc/hostname  ?
<dthacker> osmosis: logout and login again
<osmosis> dthacker: i think its a matter of calling init or something
<dthacker> osmosis: your prompt is set by reading the hostname when you log in.  If you've changed your hostname, logging in (or sourcing your .profile) will re-read the hostname and change your prompt.
<osmosis> dthacker: ok
<sls> I have hardy installed with likewise, and joined to a domain. How can I make it so that the admins in the domain are able to 'sudo'?
<cyris||> Hello everyone. I just started tinkering with AppArmor and I have a profile loaded for samba (enforcing). Does anyone know where AppArmor logs to?
<ferfactor> Hi someone here can give me support in Spanish please???
<NineTeen67Comet> Hello, I've got a Hardy powered server here that seems to have difficulty with the transfer of large files (500mb+) in either direction. It simply locks up, no errors (syslog, messages or dmesg) that I can see. Ideas on what I can check out for the failures? (PIII 450, 368mb ram, 1x10gig, 2x320gig headless).
<NineTeen67Comet> so far the only way to get it back is powerbutton hold down or reset button.
<NineTeen67Comet> The box wont even ping once it's locked up so keeping ssh'ed in with tail running the logs results in nothing ..
<a> hey
<kraut> moin
<a> I cant find any guides on creating a raid  0 after ubuntu server has been installed
<lucent> a: it's not automated
<lucent> a: I haven't tried it myself yet, but I was looking for a way to do RAID1 last night and found that "Manual Partitioning" should include the means to set this up
<a> Well I have ubuntu server installed and working on an old sun server, it was 4 extra disks in it that Id like to set up in raid 0
<a> it has*
<lucent> 4?  don't you want 0+1 or 5?
<_ruben> raid0 .. eeewwww
<a> nah it wil be for very unimportant data
<a> i just want to combine them into one giant disk, but not jbod
<lucent> raid5 would be beneficial on read, penalty on write
<a> then I only get half the space
<lucent> what?
<a> as opposed to raid 0
<lucent> If I'm not mistaken, then you're confused about raid levels
<lucent> four drives at 200mb each, you'd have 600mb accessible
<a> ohh I was thinking of something else
<lucent> in raid5 configuration it's the size of the smallest drive times the number of drives minus one
<a> Ill take raid 5 then
<lucent> and unless I'm confused, I thought raid0 was number of drives divided by two
<a> so then back to the original question, how do I create a raid 5 array inside of ubuntu server
<lucent> using Manual partitioning
<lucent> it's one of the installation prompts
<lucent> Automatic use entire disk, Guided partitioning using available space, Manual partitioning
<a> Well its already installed
<lucent> I've done live migrations before
<lucent> it's not real easy to explain
<a> well I wouldnt be changing the disk that linux is installed on
<a> I have 5 disks in it total, the first one is holding ubuntu
<a> Id like to raid 5 the remaining 4 disks
<lucent> hm
<lucent> LVM would be far easier
<a> lvm?
<lucent> Logical Volume Management, I think
<lucent> there's two well known subsystems for grouping storage devices, LVM and md
<lucent> md is the oldest and is specifically for implementing raid levels as software
<a> http://www.howinthetech.com/quick-and-dirty-linux-software-raid5/
<a> I found that
<lucent> LVM is relatively new and does some more fancy things like migrations, labelling, and pseudo-raid
<a> well keep in mind im pretty much brand new to linux
<lucent> ah
<lucent> LVM is simple to explain
<a> btw thanks very much for helping me
<lucent> if you don't like it you could always toast it and go with something else
<lucent> it's good to learn about
<a> dont like what, lvm or linux?
<lucent> Volume Group comprised of several Logical volumes which are made from Physical volumes which are formatted block devices (partitions on a drive)
<lucent> so, to make this simple, each of your target drives should have a single partition on the whole disk
<lucent> the type I think is 0x8e, I'd have to check
<a> well this is kind of where Im stuck
<a> a guide tells me this:
<a> Type $ cat /proc/diskstats. Mine were detected as /dev/hda and /dev/hdc.
<a> To set up a partitition, run fdisk twice, each one for each disk and do the following:
<a> $ fdisk /dev/hdX
<a> how do I know which disks are which? that command gives me about 15
<lucent> err
<lucent> it's tough to say an answer
<lucent> what makes them different to you?
<a> I have no idea
<a> theres sda1-4
<lucent> 'fdisk -l' may give you a list as root user
<a> sdc1-7
<lucent> bad as this sounds, I'd be sort of interested to log into your box and peek around :P
<a> I was actually about to ask you if youd like to do that, I really am lost here
<a> its a really old sun server, finally wiped slow solaris 10 off of it and installed ubuntu server
<lucent> it's cool, make sure there's nothing important on it and privmsg me the ssh details
<a> nothing on it whatsoever, fresh install since about 15 minutes ago
<lucent> will need "apt-get install openssh-server" to get sshd running, and a portforward to 22 tcp from your border
<a> oh I know I know, ive already been sshd into it from this pc
<a> changing my portforwards now, 22 was forwarded to my other server
<lucent> a: whenever you're ready
<a> i sent you a pm
<lucent> I lost it :(
<lucent> a: are you on a registered freenode nickname?
<a> nope
<lucent> users must have a registered nickname to talk to me
<a> oh
<a> hold on then
<lucent> keeps spam bots out of my pants.
<a> hehe
<Fohdeesha1> its making me wait 2 minutes before using the register command
<Fohdeesha1> stil lnot getting them lucent?
<dna_> why isn't there apache2-mod-security in 8.04?:
<lllegal> hello, I'm wondering if theres a iscsi target for ubuntu with support for scsi-3 pf (persistent reservation)
<lllegal> also which iscsi target is preferred ?
<piti> hi. I want to put a mail server (postfix courier) on my server, which provides a website too, and this website should send emails through the php mail() function. Will theses mails be sent without problems ? (for the moment, I only have put the original sendmail, without any other configuration.)
<ScottK> Postfix provides sendmail binary that should be compatible.  I don't do that, but I expect it should work.
<\sh> piti, it works out of the box
<\sh> piti, postfix + php works really like a charm...
<piti> thanks
<sommer> happy monday
<sls> I have hardy installed with likewise, and joined to a domain. How can I make it so that the admins in the domain are able to 'sudo'?
<piti> sls: you should just add them to /etc/sudoers, don't you ?
<piti> sls: ldap ?
<nealmcb> Ubuntu Open Week starts in 10 minutes in #ubuntu-classroom - https://wiki.ubuntu.com/UbuntuOpenWeek
<ScottK> nealmcb: Isn't it an hour and some minutes?
 * nealmcb was just about to correct
<nealmcb> make that 70 minutes :-)
<ScottK> Which is still, rough order of magnitude, 10 minutes.
<ScottK> ;-)
<nealmcb> off by one?  :-)
<nealmcb> I wonder if anyone has kept track of the average number of people in #ubuntu-server - seems to be growing nicely over time
<ScottK> Since joins and departures are in the logs, with wget and some log parsing you could find out.
<sls> piti, yes but how? whats the syntax for adding a group DOMAIN\domain admins?
<piti> sls: have you lokked at this package ? >> http://packages.ubuntu.com/hardy/sudo-ldap
<nealmcb> ScottK: true - you could probably get some pretty good data.  And the network partitions would help correct for missing events during logging outages that would otherwise spoil the data
<gegema> I am trying to upgrade our server from dapper to hardy. I have enabeled the dapper-updates and dapper-proposed repositories for main restricted and universe >> did an aotitude update, upgrade and dist-upgrade , installed update-manager-core and now that I am trying to "do-release-upgrade", I am getting a message that there is no new version of Ubuntu available
<gegema> should I paste my sources.lst for someone to have a look at, maybe I am missing an important repo?
<piti> gegema: what " cat /etc/lsb-release | grep CODENAME "gives to you ?
<gegema> DISTRIB_CODENAME=dapper
<ScottK> gegema: It was recommended that Dapper -> Hardy upgraders wait until 8.04.1 next month.  Dunno if that's why update manager isn't yet aware of it.
<sls> piti, no I have not... I will.
<gegema> maybe I still need the -d flag then...was assuming since hardy went live, -d was not necessary
<rgl> is there a ubuntu jeos for amd64?
<gegema> I had tried the awstats package on a VM hardy install which didn't work with my configuration.. and I wanted to do a dist-upgrade before going ahead and compiling awstats, just in casew
<gegema> case**
<nealmcb> ScottK: where did you see that recommendation?
<ScottK> IIRC it was in the release announcement.
<nealmcb> rgl: yes
<rgl> nealmcb, where should I get the iso?
<nealmcb> oops - maybe not...
<nealmcb> spoke too soon - http://cdimage.ubuntu.com/cdimage/jeos/releases/8.04/release/
<rgl> yeah, I only found the i386 there :D
<nealmcb> but you can use ubuntu-vm-builder to build your own custom image in a few minutes
<rgl> nealmcb, neat.  thx :)
<nealmcb> there is a bug with setting locales that you can check out
<nealmcb> you just have to set one up yourself right now
<nealmcb> rgl: yeah - ubuntu-vm-builder is sweet
<nealmcb> if still a bit rough around the edges
<ScottK> gegema: http://www.ubuntu.com/getubuntu/upgrading#head-e059d5452a24b50d09c64df48058ef2d834eb197-2 suggests do-release-upgrade -d.  Did you try with the -d option?
<ScottK> sommer: This thread: http://archives.neohapsis.com/archives/postfix/2008-04/1343.html has some discussion on Debian (and Ubuntu) specific cyrus-sasl setup stuff.  It might be worth looking to see if this is correctly documented for Ubuntu.
<sommer> ScottK: cool, I'll check it out
<ScottK> Thanks.
<_ruben> hmm .. trying to figure out how syslogd-listfiles determins if a logfile is to be rotated daily or weekly ..
<sommer> _ruben: look into logrotate
<sommer> _ruben: specifically the scripts in /etc/logrotate.d
<_ruben> logrotate is what im used to .. but syslog comes with its own mechanism .. then again, i might just trash those and go with logrotate as im used to using that :)
<sommer> ah, sure either way... heh
<_ruben> syslogd-listfiles is nice because you dont need to keep track of which files to rotate .. downside is: no per logfile 'rules' ;)
<_ruben> ah well .. time for dinner and do some thinking in the background
<_ruben> if only my ears hadnt tricked me into thinking girlfriend was home already .. back to work for a bit then :p
<blueyed> Is there any reason why the "root" account does not get created when installing mysql-server?
<blueyed> Only "debian-sys-maint" is in mysql.user (when started with --skip-grant-tables)
 * delcoyote hi
<mathiaz> dendrobates: do you know symas Openldap directory ?
<dendrobates> mathiaz: nope.  is it a commercial ldap?
<mathiaz> dendrobates: don't know - I was just reading a blog post about using mysql ndb cluster engine as an openldap backend
<dendrobates> mathiaz: oh, nevermind, I think this is where most of the openldap developers work.
<dendrobates> howard chu works there and is coming ot uds.
<zul> ach launchpad is painful today
<ScottK> Even more than usual.
<_CitizenKane__> hi everyone, i've been looking into network monitoring software (nagios, zenoss, etc.) and I was wondering if anyone knew of a website that had a good comparison or had a personal preference?
<_CitizenKane__> I did some googling but I turned up empty handed
<sommer> I'm a nagios fan :)
<sommer> if nagios was peanut butter I'd put it on a sandwhich and eat it with jelly
<_CitizenKane__> sommer: be playing with nagios, not exactly in love with configuration but it seems to be pretty solid
<_CitizenKane__> gah, been playing with nagios, i really need to get more sleep
<erimar77> look into opennms, that's pretty nice too
<erimar77> and self discovering
<giovani> _CitizenKane__: nagios is the standard, takes some getting used to, but is the most scalable of any free monitoring software I've seen
<bamed> OpenNMS is designed more for Enterprise-level infrastructures than nagios is
<_CitizenKane__> well, not for a huge network, mostly just need something that has good notifications when things go down, or when certain conditions, like hard drive space running out occur
<bamed> either one should do that
<giovani> and smaller ones will too
<giovani> if it's really not a large network, and you need something up quick ... jffnms meets your requirements
<_CitizenKane__> alright, i'll look into everything, thanks for the help everyone
<stiv2k> Apparently you do not have both the openssl binary and openssl development libraries installed.
<stiv2k> what packages are these named ?
<stiv2k> openssl and openssl-dev or something?
<giovani> yes
<giovani> apt-cache search is your friend
<giovani> libssl0.9.8 and libssl-dev
<giovani> or use openssl
<giovani> if you want all the tools, etc
<Vlet> Anyone know if 7.04 supports 'multiplying' esata controllers at all?
<rpop> Could someone help me configure virtual hosts on Apache? It's not intuitive for me.
<rpop> Is there someone here who can help me figure out how to configure Apache virtual hosts on Ubuntu 7?
<seanh> rpop: there are quite a few good articles on that on the net
<seanh> http://www.devshed.com/c/a/Apache/Configuring-and-Using-Virtual-Hosts-in-Apache/
<seanh> what are you getting hung up on?
<seanh> http://httpd.apache.org/docs/1.3/vhosts/name-based.html
<seanh> or for apache2, http://httpd.apache.org/docs/2.0/vhosts/name-based.html
<rpop> I've been checking several articles (it's Apache 2.0), and I'm getting hung up because when I restart Apache, it tells me VirtualHost overlaps with some other VirtualHost
<rpop> After I installed Apache, httpd.conf was blank, but I understand it needs to have a config in there. The Ubuntu docs say nothing about that file though.
<rpop> They tell me to edit the config in /etc/apache2/sites-available
<rpop> So I set up an additional host, edited its config file, put includes in the http.conf file, and yet I still can't restart apache properly.
<rpop> I'm new to Apache configs, and I can't seem to find definitive documentation.
<rpop> I need something I can use with two virtual hosts, the default one, and an additional one.
<faulkes-> http.conf is deprecated, well, to a point for apache2, you do wnat sites-available but you need to enable those sites once created using en2site
<faulkes-> which will create symlinks to sites-enabled
<rpop> see, it's confusing, because I haven't seen anywhere in the docs that httpd.conf is deprecated. so frustrating...
<rpop> do I even need the includes in httpd.conf?
<rpop> should it just be blank?
<Mimi> rpop:  Read the topic, there's so much documentation there https://help.ubuntu.com/7.10/server/C/  oh and ofcourse http://httpd.apache.org/docs/2.0/
<rpop> I've been going through the Apache.org documentation. It's confusing to me, honestly.
<rpop> I'm used to IIS, where I have a nice, intuitive GUI. I have to set up a site in Apache, and I've already wasted a few days trying to sort through confusing documentation.
<Mimi> Security and freedom isn't easy :D
 * Mimi winks.  
<rpop> Well, I wish it were, for the sake of those of us who aren't used to Terminal and obscure Linux commands and config files.
<blue-frog__> rpop: apt-get install apache2    copy your site to /var/www  is difficult?
<rpop> I'm trying to configure a separate site, not use the default one.
<rpop> I want to learn how to do that properly, not just blindly use what's there.
<faulkes-> it's a little more than just a cp depending on his setup
<faulkes-> especially if he's coming from IIS
<faulkes-> and he is here asking questions
<faulkes-> so, lets do our best
<rpop> what I want to do is to set up a wordpress site. you wouldn't happen to know of a GUI for Apache/MySQL/PHP for Ubuntu?
<rpop> I've already installed all three.
<rpop> Now I need to configure the site.
<rpop> Then make sure PHP can run on that site.
<rpop> Then I think I can take it from there, because I've used WordPress and MySQL already.
<ScottK> rpop: Hang in there.  The transition is painful, but at the end of it you will understand what your system is doing and be able to control it much better.
<rpop> I'll try, but in the meantime, you wouldn't happen to know what this means? "[warn] VirtualHost 172.16.3.217:0 overlaps with VirtualHost 172.16.3.217:0, the first has precedence, perhaps you need a NameVirtualHost directive"
<rpop> I tried the NameVirtualHost directives, and I got errors with that as well.
<rpop> What gives?
<ScottK> Sorry.  I know about mail servers, not web servers.
<Nafallo> :-)
<faulkes-> rpop: you have two choices, which would be named virtual hosts, or ip based virtual hosts
<rpop> Right.
<faulkes-> :0 typically indicates a port #
<Nafallo> I don't use virtual interfaces so... :-)
<Nafallo> ah.
<Nafallo> dooh
<faulkes-> so
<rpop> I'm naming each site by IP
<Nafallo> I read bad today :-D
<faulkes-> rpop: those ip's do not appear to be globally routed
<Nafallo> rpop: what ports are you trying to listen on?
<faulkes-> i.e. 1918 space
<rpop> Not naming ports, so it's listening on all, not just 80. Should I name them?
<rpop> faulkes-, not understanding that.
<rpop> I edited the hosts file to map IP addresses to host names.
<rpop> Is that what you mean?
<Nafallo> rpop: /etc/apache2/ports.conf
<rpop> Okay, that lists 80 and 443
<Nafallo> rpop: also, you should have ip:port in your virtual host's conffiles :-)
<faulkes-> rpop: that is entirely different, 172.16 is rfc 1918 space, it is not globally routed, so I'm assuming this is on your local lan
<rpop> faulkes-, right, it is.
<Nafallo> rpop: i.e. for the first virtual host something like this:
<faulkes-> there are several things which must occur
<Nafallo> NameVirtualHost *:80
<Nafallo> <VirtualHost *:80>
<rpop> i have two conf files under sites-available: default and blogs
<faulkes-> 1. you must have virtual interfaces setup, i.e. eth0:1 = 172.16.x.x, eth0:1 = 172.16.x.y, etc. etc.
<rpop> I do
<Nafallo> faulkes-: that's not how I do it :-)
<Nafallo> faulkes-: I have multiple IPs per interface instead.
<rpop> I have two IPs for eth0 interface.
<faulkes-> 2. you must setup individual config files for each site, each site should like the IP and only the IP - ignore dns / host resolution and only deal with ip's
<rpop> And each of them is mapped to a host name in the host file.
<rpop> okay, i'll remove host names from site configs.
<faulkes-> hosts file on the client, or server?
<rpop> i'll do it right now.
<rpop> hosts file on server.
<rpop> on the ubuntu machine where i have apache installed.
<faulkes-> wait, what?
<rpop> ?
<faulkes-> the server is ubuntu, which is where the /etc/hosts file is
<rpop> right, that's the file I edited to map the two IP addresses to the host name
<rpop> Here's what I said there:
<rpop> 172.16.3.217 lamp.domain.com lamp
<rpop> 172.16.3.218 blogs.domain.com blogs
<rpop> is that wrong?
<rpop> domain being our domain, of course.
<rpop> Okay, just replaced host names in site configs with IP addresses.
<rpop> But when I restart Apache, I still get the error about VirtualHost overlapping.
<faulkes-> well, I will be back in about 45 minutes, I have to head home
<rpop> i'll probably still be here, banging my head against my desk...
<seanh> i can help you with that rpop, just give me a moment to finish a few other things
<rpop> Thank you!
<seanh> can you send me your httpd and site config files
<seanh> via paste bin or something
<seanh> http://pastebin.com/
<seanh> and the last error you got when you tried to restart apache
<rpop> okay, will do
<rpop> Almost done pasting all the stuff, just a sec
<rpop> seanh, here it is: http://pastebin.com/d6eb19fad
<seanh> can you put port numbers after you ip addresses
<rpop> Will do and restart Apache, then let you know what happens
<seanh> can you also send the output from httpd -s
<seanh> you may have to give it the full dir
<rpop> what's the full directory?
<seanh>   /usr/local/apache2/bin/
<rpop> still getting same error on apache restart
<seanh> not sure where it is on your machine, i don't have an ubuntu system up right infront of me right now to check
<rpop> no such file or directory
<rpop> I have /etc/apache2/
<rpop> and /var/www
<seanh> that's config files only
<seanh> "locate httpd"
<rpop> just got a boatload of locations
<rpop> most of them in /usr/share/doc
<rpop> one in /usr/lib/apache2/modules/
<seanh> hold on, let me look up where it's kept
<blue-frog__> seanh: there is no httpd, only apache2
<seanh> is that what ubuntu installs it under?
<seanh> i have trouble remember all this stuff, everybody does it there own way :-p
<seanh> ok
<seanh> rpop: apache2 -S   should work
<seanh> it looks like it's in /usr/sbin/apache2
<rpop> okay, it works
<rpop> gives me the same virtualhost overlapping error, then lists the two virtual hosts. says syntax is OK.
<seanh> is the error any more infomative?
<rpop> no, same exact wording. hold on, I think there's a way to update the pastebin posting. i'll let you see it.
<seanh> in reading though the config docs, i'm not sure you can do "servername #.#.#.ip"
<seanh> i think it needs to be a domain
<seanh> i'm still looking at that
<rpop> okay, here's the new link, and the output is at the top: http://pastebin.com/d3015eab8
<rpop> faulkes- said to stick to ip addresses and to take out the domain names, that's why I did that.
<seanh> Syntax:	ServerName fully-qualified-domain-name[:port]
<seanh> that's off of the apache webpage
<rpop> okay, I'll switch it back
<rpop> but I'm still getting the virtualHost overlap error.
<seanh> out of curiosity, what happens if you put something like "namevirtualhost *" in the httpd.conf?
<seanh> (i'm trying to replicate your setup on a machine)
<rpop> i get the following additional error: NameVirtualHost *:0 has no VirtualHosts
<rpop> This is the sort of thing that makes it so confusing. According to the documentation, it should be straightforward, but it isn't. I haven't touched any other config files, and yet it's still not working properly.
<seanh> meh, it's one of those things that is very specific about syntax, so one little thing throws it off
<rpop> i'm going to reboot the machine, just in case.
<rpop> i'm using irc on a different machine, so i'll remain online here
<lllegal> <lllegal> hello, I'm wondering if theres a iscsi target for ubuntu with support for scsi-3 pf (persistent reservation)
<lllegal> <lllegal> also which iscsi target is preferred ?
<lllegal> anyone ?
<rpop> another thing I just noticed is that the VM where Ubuntu is running has been using 100% CPU all along.
<rpop> ugh. as if i didn't have enough problems.
<seanh> lllegal: i'm not sure, i haven't messed with it inside ubuntu, only in esx
<seanh> rpop: what's using the cpu?
<seanh> rpop: "top"
<rpop> have no clue
<rpop> restarted it, will see if it still occurs afterwards. don't know where to look for something like Task Manager in Ubuntu.
<seanh> top
<seanh> or ps
<rpop> you mean i should type that in terminal?
<rpop> typed it, and also monitoring VM's cpu graph externally
<rpop> right now, it's definitely nowhere near 100%, like it was before.
<rpop> it's more like 100-300 MHz
<seanh> ps aux | sort -n +2 | tail -1
<seanh> should give you the top cpu user
<rpop> it's root
<rpop> at 2.3%
<rpop> wish i'd ran that command before restarting...
<seanh> what process though?
<seanh> to thr right of the date should be the process that's running
<rpop> Xorg (remote desktop?)
<seanh> X
<seanh> the gui
<rpop> i'm using TightVNC to get to it
<rpop> oh
<rpop> okay
<rpop> well, CPU is back to normal now.
<seanh> i can not for the life of me get my machine to give me the same error you're getting :-p
<rpop> any more ideas about Apache?
<rpop> bummer
<rpop> what should i do? can I start over with Apache?
<rpop> what should I do to "reset to factory settings"? :-)
<seanh> you added the namevirtualhost setting right?
<seanh> what does it say right now?
<rpop> same error
<rpop> [warn] VirtualHost 172.16.3.217:80 overlaps with VirtualHost 172.16.3.217:80, the first has precedence, perhaps you need a NameVirtualHost directive
<rpop> and...
<rpop> [warn] NameVirtualHost *:0 has no VirtualHosts
<timboy> apache was working for me fine and I got rid of some ssl stuff now  i'm having an apache issue: all I see is a white page with Index of / then below that I see Name Last Modified Size Description and nothing under there even though there are things in that directory. how do i track this down?
<timboy> rpop, open up your /etc/apache2/httpd.conf and put this line in it: NameVirtualHost your ip address:80
<seanh> rpop: no, i meant what's the config set to
<seanh> namevirtualserver something
<seanh> i was going to say *:80
<rpop> well, you said to put in NameVirtualServer *, and that's what I did.
<seanh> but, sure
<rpop> i mean NameVirtualHost *
<rpop> That's what it has right now
<rpop> (the httpd.conf file)
<timboy> rpop, try putting your ip address after NameVirtualHost followed by :80
<rpop> Okay, now I have two entries there, one for each IP address
<rpop> Saving file, rebooting apache
<rpop> Now getting fewer errors, but still same annoying error message: "[warn] NameVirtualHost 172.16.3.217:80 has no VirtualHosts". I get this error message twice and that's it.
<timboy> you only need it for ip's that you'll be doing name based virtual hosting. not for the ones that are ip based. IE if you have a page that has it's own ip address you do it a different way
<timboy> rpop, that means that you don't have any virtual hosts set to 172.16.3.217
<timboy> create one and you won't get that
<rpop> I thought I did. I created them in the hosts file. Do I have to name them somewhere else?
<timboy> shouldn't. did you set them to port 80?
<rpop> I specified the IP addresses in the site config files as well, and set them to port 80
<timboy> i just went through that myself. I started creating individual files for each site...
<rpop> so where do I specify the virtual hosts, if not in the site configs and in the hosts file? is there another place?
#ubuntu-server 2008-04-29
<rpop> I take it I'm still up the creek without a paddle?
<timboy> rpop, join the apache users crowd!
<rpop> I think I may have figured it out, not sure yet.
<timboy> rpop, that makes one of us
<timboy> i think my box is homosexual
<rpop> Trick for me was to leave httpd.conf blank, and to name the virtual hosts inside each site config
<rpop> without port numbers
<rpop> because ports are already specified in port.conf
<timboy> good job rpop
<owh> Greetings. I was doing some general house keeping and reading up on the recommended NTP setup here: https://help.ubuntu.com/7.10/server/C/NTP.html - it suggests to install ntp-simple which I cannot locate in gutsy. Apart from a documentation bug, what is the correct procedure for a gutsy server?
<Nafallo> owh: ntp
<owh> Nafallo: Same configs etc?
<Nafallo> I would guess. didn't follow that.
<owh> Ah, just located the hardy docs which have been updated to reflect this. Thanks Nafallo.
<Nafallo> I did do nothing! :-P
<Nafallo> ah. de rien.
<owh> Then I thank you for doing nothing Nafallo.
<owh> Indeed, de rien :)
<Nafallo> hehe
<owh> Nafallo: Je parle un petit peu de francais, mais tres lentement :)
<timboy> is there somewhere in apache that gives it a chroot or something. This is completely abnormal
<Nafallo> owh: moi aussi :-)
<owh> And to make that even more fun, Je suis an Aussie :)
 * owh cannot recall if je suis means I am.
<owh> timboy: GIYF: "apache chroot"
<domare> quick question
<domare> what is command to install webmin
<domare> fresh install of server here.
<owh> domare: You should consider looking at ebox instead.
<Cahan> I'd take a guess at "sudo apt-get install webmin"
<Nafallo> ehrm
<Nafallo> !webmin | domare
<Nafallo> GOOD DAMN IT
 * Nafallo fixes bot
<Mimi> Yeah, thanks :)
<domare> !webmin
<owh> domare: When the bot is working again you'll learn all about the evilness that is webmin :)
<domare> ah
<jiqiren> webmin, the poor mans cpanel
<owh> domare: Stick around, it will be worth the wait.
<domare> yeah sudo apt-get install webmin says no installation candidate
<domare> u mean like stick around for the next few minutes?
<domare> as it somebody is workin on it now
<Nafallo> ugh. broken replacement bot and dead bot without owner.
<domare> ah
 * owh goes to dig up a link to the factoids.
<owh> Lovely, the ubotu factoid page seems borked as well :(
 * owh is trolling through meeting logs to find the relevant factoid for domare.
<nealmcb> is there a good way to set nic names during install, e.g. via a boot option?  or is some sort of preseeding needed?
<owh> Nafallo: Hmm, the online factoids are also borked. I wonder what happened?
<Nafallo> owh: I bet they read them from the bot :-P
<owh> Nafallo: Nah, the page is returning a 404
<Nafallo> owh: yea... so if the bot is dead, why would the page exist? :-)
<owh> domare: Nearly there.
<owh> domare: This is from a cached page, so it's possibly slightly out of date: webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system. See !ebox instead.
<domare> dont strain yourself man ;)     this box is going noplace
<domare> emm k
<owh> Was that worth it :)
<domare> this is my first ubuntu server.  im just looking to get it going under some form of gui
<domare> for now.
<owh> So, to add to Cahan's suggestion, the command to install webmin (tounge in cheek) is: apt-get install ebox
<domare> sure it was worth it ;)   if im trying to install an old thing. ha
<owh> domare: Let me dig up a more useful link for you.
<owh> domare: Which version of OS?
<domare> ebox is trying to install... so im going to go for it
<Cahan> owh, meh, I'm more of an ssh type person
<owh> domare: Here's a useful search tool for you (in trial, so don't depend on it yet) http://people.ubuntu.com/~kirkland/search.html
<nealmcb> domare: hardy or gutsy?
<owh> domare: Use that to search for ebox.
<domare> hardy
<nealmcb> good - the ebox in gutsy is far less useful
<domare> is there another gui?  or is server mostly cli
<owh> nealmcb: Hmm, where are the Hardy server docs?
<nealmcb> domare: there are also x-based guis, but most folks discourage x or desktops on servers
<nealmcb> owh: I don't think they're up - I filed a bug
<owh> nealmcb: That sort of makes support a challenge :)
<owh> domare: We've just released hardy, not all links have been updated yet.
 * nealmcb nods and is puzzled
<domare> no biggy
<Cahan> when does support for Feisty end?
<nealmcb> 18 months after release
<Cahan> 18 months for server?
<nealmcb> yup
<nealmcb> only lts releases have different, or longer, support periods
<Cahan> phew, it's still supported for 6 months
<domare> well i got an "It works"
<owh> domare: Hold tight, I've got the hardy docs on my HDD here but that won't help you. I'm trying to locate a link so you can read some stuff.
<timboy> apache was working for me fine and I got rid of some ssl stuff now  i'm having an apache issue: all I see is a white page with Index of / then below that I see Name Last Modified Size Description and nothing under there even though there are things in that directory. how do i track this down?
<owh> domare: the application ebox-all is a meta-package that will install all modules. After installation of ebox you can reach it via https://yourserver/ebox
<owh> domare: There is a whole discussion in the docs about modules, which is why I'm trying to locate an online version for you.
<owh> sommer: Is there an online version of the hardy server docs?
<owh> sommer: Other than in BZR :)
<domare> nice
<Nafallo> owh: http://help.ubuntu.com surely?
<owh> Nafallo: No, as nealmcb pointed out, it's not there yet.
<Nafallo> FAIL
<nealmcb> https://help.ubuntulinux.org/community/eBox
<Nafallo> ubuntulinux.org :-O
 * Nafallo stabs
<nealmcb> owh: I didn't see ebox-all - thought it got removed (and I took it out of the wiki) - please correct if I fouled it up
<nealmcb> http://doc.ubuntu.com/ubuntu/serverguide/C/index.html
<nealmcb> that looks like a recent version, but it still has old copyright stuff - I think I filed a bug on that also....
<jiqiren> very annoying, as the main ubuntu site has a dead link to where the docs SHOULD be... http://www.ubuntu.com/products/whatisubuntu/serveredition/documentation
 * nealmcb wonders what some people would think of his current karma: 666
<jiqiren> so ghetto to click on a link and get a Not Found
<domare> heh
<domare> well its working..  now i just need to install some modules
<nealmcb> domare: :-)
<nealmcb> domare: please do report problems and experiences - you're just the sort of person to help ebox folks understand how to improve it....
<nealmcb> broken link to server documentation - https://bugs.edge.launchpad.net/ubuntu-website/+bug/222657
<owh> Sorry about vanishing like that, had a little thunder storm interrupt my satellite uplink: http://mirror.bom.gov.au/products/IDR122.loop.shtml
<owh> Hmm, that rain shower on the radar is not representative :)
<owh> Did domare get some read access to the remote-administration text?
<domare> well first problem i ..dont see.  is the modules.. heh should be a link to them
<nealmcb> huh - this says fix released, but the bug is still there - copyright dates not being upda  https://bugs.edge.launchpad.net/ubuntu-doc/+bug/192202
 * owh hugs nealmcb, that bug had a link to the server guide :)
<owh> domare: http://doc.ubuntu.com/ubuntu/serverguide/C/index.html
<nealmcb> sommer: any idea why that would be? ^
<nealmcb> owh: I posted that a few minutes agow....
<owh> domare: Read the section on ebox.
<domare> thanx
<owh> nealmcb: Ah, but I was offline :)
<nealmcb> owh: ahh - a relativity problem - according to my browser's location in spacetime you were here....
<nealmcb> :-)
<domare> nice.. thers my modules
<owh> nealmcb: If you look at the box, does the cat die too?
<nealmcb> owh: I deny reports of having an evil eye :-)
<nealmcb> that's "eagle eye"....
<owh> nealmcb: Nah, I was talking about quantum states and Schroedinger :)
 * nealmcb heads out for a meeting
<domare> "the ebox-all meta package will install all the modules"
<domare> whats a meta package
<owh> domare: It's a package that refers to other packages. If you install it, it will automagically install the rest.
<domare> sudo apt-get install ebox-all   ?
<owh> Yup
<domare> hrm.. cant find package ebox-all
<Mimi> Is there a way to install a very barebones desktop in the server?
<domare> well ebox-all does not work.  but i can install one  at a time
<owh> Mimi: I'm not sure if there is documentation for it, but when I did it for a gutsy server, I installed this: sudo aptitude install gnome-core  usplash  usplash-theme-ubuntu  gdm  xserver-xorg-core  gnome-system-tools  compiz-gnome
<domare> these web admin are not bad Mimi.
<Mimi> aye, worth a try, thanks :)
<owh> Mimi: IIRC it made all the expected stuff work, but please test this before you deploy it.
<domare> eBox i am workin on
<Mimi> owh:  yeah don't worry, im playing around with VirtualBox :)
<domare> hold up
<Mimi> I woudlnt use desktop on a real server ^^
<owh> Mimi: The reason I used aptitude is that it calculates dependencies differently from apt.
<Nafallo> ?
<Nafallo> does it?
<Mimi> Oh yeah?
<owh> Nafallo: It deals with recommends in a different way IIRC.
<Nafallo> owh: depends if you turn it off :-)
<Mimi> I would install using tasksel but but but... it just gets stuck at 0%
<owh> Mimi: Tasksel will install a full desktop, including office and other stuff.
<owh> Mimi: Perhaps that should be: s/will/is supposed to/
<Mimi> uggh great, ubuntu is using the default apt server :P its going to take all week :P
<owh> Mimi: Just stop it, update the sources.list, update it and try again.
<domare> hrm.. file server is workin
<domare> i kinda like this ebox.
<timboy> FIXED IT!!!!!!!
<sls> is there a guide to fully implementing likewise in ubuntu? It works great for logging on but I can not longer use the system tools.
<mathiaz> sls: which system tools are not longer working ?
<sls> any tool that required sudo access...
<mathiaz> sls: so sudo doesn't work anymore
<sls> only if I log on using a local account
<sls> not if I log on using a domain account
<sls> so I probably need to add a group or username to the /etc/sudoers file... but I have no clue as to the syntax.
<mathiaz> sls: but you can still log on using a local account
<sls> yes of course...
<mathiaz> sls: to summurize - local account : sudo doesn't work - domain account: sudo works
<sls> the case is the inverse.
<sls> the oposite
<mathiaz> sls: ok - so domain accounts are not part of the local admin group
<sls> local : sudo OK - domain : sudo no
<mathiaz> sls: which is the default group authorized to access sudo
<sls> correct... i guess I do not know how to add the domain\domain admins group to the admin group
<sls> %admin ALL=(ALL) ALL
<sls> so the admin group can sudo...
<sls> bu I am having trouble figuring out how to add "HADES\Domain Admins"
<sls> I suppose that it is a problem when the Domain group has a \ and a space
<sls> mathiaz, would you have an idea?
<mathiaz> sls: hum - not really
<mathiaz> sls: what is the output of the groups command or id on the system ?
<sls>  groups hades\\stephans
<sls> HADES\domain^users HADES\domain^install HADES\remote HADES\enterprise^admins HADES\domain^admins
<mathiaz> sls: try Hades\domain^admins
<mathiaz> sls: make sure you use visudo to edit the sudoers
<sls> just add it like that in the /etc/groups:admin
<sls> why visudo?
<mathiaz> sls: hum - I was thinking about edit the sudoers file
<sls> ok
<sls> I cant use vim?
<mathiaz> sls: and create another line below %admin ALL=(ALL) ALL
<sls> ok
<mathiaz> sls: visudo will check if the syntax is valid
<mathiaz> sls: if you break the sudoers file you won't be able to edit it anymore as sudo won't work
<mathiaz> sls: and there isn't any root account enabled by default in ubuntu
<mathiaz> sls: so you'd lock yourself out of the system if you try to edit the sudoers file and it doesn't work
<mathiaz> sls: which may happen here as I've never tried to use domain groups in a sudoers file
<sls> ok -- visudo is kindof wierd... as soon as i use the arrow keys to move around it types A.B etc...
<mathiaz> sls: I'd also open another root shell - just in case
<mathiaz> sls: don't use arrows keys
<mathiaz> sls: use the h,j,k,l keys to move around
<sls> ah ok .
<sls> well it did not complain.
<sls> that means it may be ok?
<mathiaz> sls: it may work
<mathiaz> sls: it seems that the syntax is correct
<owh> Hmm, don't we show the MD5 on the download page any more?
<mathiaz> owh: which download page you referring to ?
<owh> Sorry, the main one: http://www.ubuntu.com/getubuntu/download
<sls> mathiaz, it did not complain that sudo does not have my name in it, or that the sytax was bad...
<mathiaz> owh: hum... there is an MD5SUMS file on the releases.ubuntu.com website
<owh> sls: Open another window with the appropriate user and try it.
<sls> but sudo vim prompts as it should, but simply returns to the terminal prompt after...
<mathiaz> owh: you may file a bug in LP against ubuntu-website or something like that
<owh> Yeah, mathiaz, as soon as I figure out where it should link to, I will :)
<mathiaz> sls: is there an error message ?
<sls> mathiaz, not at all... ill see if I can tail a log file.
<mathiaz> owh: https://launchpad.net/ubuntu-website/
<owh> mathiaz: Yeah, I meant *in* the bug report :)
<mathiaz> sls: you should see something in the log files - /var/log/syslog or /var/log/auth
<owh> mathiaz: I figured I'd help the poor bugger needing to fix it :)
<mathiaz> owh: oh... you're way ahead then ;)
<mathiaz> owh: http://releases.ubuntu.com/releases/8.04/MD5SUMS
<owh> mathiaz: Nah, look behind you :)
<sls> mathiaz, interesting...
<owh> mathiaz: Funny URL, looks a lot like the one in my address bar ;)
<sls> mathiaz, several lines though.. can I paste them here?
<mathiaz> !pastebin | sls
<sls> k
<owh> Last time we looked the bot was borked.
<mathiaz> sls: http://paste.ubuntu.com/
<mathiaz> sls: usually the bot gives good answers - apparently he is still on weekend
<sls> mathiaz, here: http://pastebin.com/dfeab258
<owh> mathiaz: Seems there are quite a few people pointing out that the MD5sums are not simple to get to.
<sls> mathiaz, what do you make of it?
<owh> sls: Looks like you logged in to me.
<sls> owh, yeah, except vim did not start...
<mathiaz> sls: is this when you tried to run a sudo command ?
<sls> mathiaz, sudo vim
<owh> sls: Did you log out and back in again?
<sls> while loged in as HADES\stephans
<sls> owh, log out of what?
<sls> can i just ssh again?
<owh> sls: The account that you are trying to give permission to.
<owh> Yes
<mathiaz> owh: when his groups are already correct - he is already part of HADES\domain^admin
<sls> owh, do I rally need to do that? seems a little Windows ish... ?
<mathiaz> there is this line: pam_lwidentity(sudo:auth): failed to get GP info
<owh> mathiaz: Yes, but don't you need to go through the whole login again to reinitialise it?
<mathiaz> sls: your groups command show that you're a member of the domain^admin group - so I don't think to relog
<mathiaz> owh: to reinitialize sudo ?
<owh> Doh
<owh> Yes, my bad, ignore me.
<mathiaz> owh: he's modified the sudoers files
<owh> Yeah, not his credentials.
<sls>  the domain chat seems OK: /usr/bin/lwiinfo -i HADES\\stephans
<sls> HADES\stephans:*:1495270491:1495269889::/home/HADES/stephans:/bin/bash
<owh> mathiaz: As I said, ignore me :)
<sls> owh, how do I reinitialize sudo?
<mathiaz> sls: you don't need to
<owh> sls: You shouldn't need to.
<owh> sls: I was mistaken.
<mathiaz> sls: the other option is to add your username to the local admin group
<sls> mathiaz, do I use  the same syntax/
<sls> ?
<owh> mathiaz: The way I read that error is "failed to get group information", but I've been trying to locate a reference to the error.
<mathiaz> sls: you could try: sudo adduser 'HADES\stephans' admin
<mathiaz> owh: may be - GP could also mean Group Policy
<sls> ok I will try that. With the ticks '
<sls> ?
<mathiaz> sls: yes - so that you don't have to escape the \
<mathiaz> sls: other wise, it would be: sudo adduser HADES\\stephans admin
<mathiaz> sls: that should also work
<sls> mathiaz, would that not create a local user calles hades\stephans?
<mathiaz> sls: nope - not in that form
<sls> ok
<mathiaz> sls: If  called  with two non-option arguments, adduser will add an existing user to an existing group.
<sls> mathia, ok it looked like it worked...
<sls> mathiaz, OK I am now able to run tools with root privs...
<sls> this looks like an adequate work around for now...
<mathiaz> sls: yes - if sudo would work with network groups it'd be even better
<mathiaz> sls: it makes more sense
<sls> It would be better if I could integrate by adding a group to the admin group (local)
<sls> do you think that might work?
<mathiaz> sls: you cannot have groups of groups in the default system
<sls> mathiaz, hmmm...
<mathiaz> sls: the correct way to do it IMO is that sudo should work with domain groups
<sls> mathiaz, the only problem with this approach is that it will only scale to a handful of systems before it would kill me
<sls> mathiaz, right.
<sls> mathiaz, I agree...
<mathiaz> sls: right - IIRC in windows, you'd add the domain admins to the local administrators group
<mathiaz> sls: or something like that
<mathiaz> sls: IIRC this is automatically done when joining a windows machine to a domain
<sls> mathiaz, do you know if it is possible to accomplish the same on ubuntu?
<sls> mathiaz, right.
<mathiaz> sls: not that I know of - as I said, groups of groups are not supported in linux
<mathiaz> sls: you didn't get an error with sudo when you just added domain^admins to the sudoers file ^
<mathiaz> sls: I'm filing a bug report right now about this
<sls> mathiaz, visudo did not complain when I added %HADES\Domain^Admins
<mathiaz> sls: https://bugs.launchpad.net/ubuntu/+source/likewise-open/+bug/224024
<mathiaz> sls: right - but sudo failed silently
<mathiaz> sls: it didn't ask for a password
<sls> mathiaz, oddly addin my user account to the group admins using the adduser command worked.
<sls> mathiaz, sudo vim: prompted for my password and when i gave it my pass it exited silently.
<sls> mathiaz, sudo vim: the expected result was that vim should launce with admin provs
<sls> privs
<mathiaz> sls: mhh. I wonder if you should be prompted for your password
<sls> mathiaz, sudo vim: works as expected when my individual domain account was added to the admin group
<sls> mathiaz, I think that it should...  that is a configurable option as I understand it...
<mathiaz> sls: well - the whole point of having a kerberos infrastructure is to not have to enter your password whenever you want to use a service
<sls> mathiaz, sudo vim: the only problem with individual account in the local admin group is [ admin pain, and corp policies usually forbid that these days - citing SOCS, VISA, CISSP]
<sls> mathaz, right.. single sign on is something that most people have come to expect these days.
<lucent> ran into a bit of a snag installing Ubuntu Server Hardy LTS 8.04, the grub install-to-mbr failed to work
<lucent> I have a 3ware card in that box
<lucent> Ubuntu installer comes up thinking that the mobo onboard IDE is /dev/sdb, and the 3ware card as /dev/sda
<lucent> but Grub sees them differently
<sls> lucent, try clearing the boot record and initializing the partition table before you begin.
 * mathiaz calls it a day here
<lucent> hd0 is onboard IDE, hd1 is 3ware
<lucent> sls: that's not it at all
<lucent> grub and Ubuntu do not agree about which drive is first
<sls> lucent, what is the name of your board.
<sls> ?
<mathiaz> kees: would it make sense that if you have kerberos ticket, you shouldn't be ask for your password when using sudo ?
<lucent> sls: I'll find out chipset info in just a moment
<kees> mathiaz: only if sudo were kerberized
<kees> mathiaz: I mean, I guess a kerberos ticket proves who you are, but sudo is a tighter restriction (per-tty, time limits)
<kees> mathiaz: I would ask slangasek -- he uses kerberos for his home network, IIRC.
<mathiaz> kees: right - I was just thinking about the security model
<mathiaz> kees: why is sudo asking for your password ?
<mathiaz> kees: to authenticate you (which is what a kerberos ticket does IIUC)
<kees> mathiaz: it's just more paranoid that a ticket -- it has lower timeouts
<mathiaz> kees: right - I'm out of here - bye :D
<nealmcb> kees: on the other hand, how about an alternative to sudo that does take kerberos?  and that logs like sudo (unlike a root shell)
<kees> nealmcb: I've got nothing against it.  :)
<nealmcb> kees (and mathias): kerberos and sudo http://www.securityfocus.com/bid/24368/discuss
<Mike2008999> hello
<Mike2008999> what is the meaning of gtk?
<Mike2008999> nvm
<nealmcb> kees: but that is actually unrelated to the question mathias had - more about a vulnerability with sudo on kerberized systems in general
<lucent> sls never came back
<lucent> oh well
<Mike2008999> hello..... how can i open activate compiz in Hardy Heron 8 LTS
<lucent> Mike2008999: it should be on by default in Ubuntu Desktop installs
<lucent> why are you asking about this in #ubuntu-server ?
<Kamping_Kaiser> hm. the bots are gone. *thought he should check*
<stefg> Hi, i would need to understand the difference between a nested raid 1+0 and the raid 10 mode of mdadm. Since it's possible to create a raid 10 on only 2 disks there must be something special about that. Anyone can point me to a read about that ? (skimming google does not turn up in-depth info on that)
<_ruben> http://cgi.cse.unsw.edu.au/~neilb/01093607424 .. i think i had a better url open though .. having 100 tabs open in firefox isnt helping
<_ruben> but the linux raid10 is indeed a "smart" variant which can work on less than 4 disks
<_ruben> even on a odd number of disks
<stefg> thanks, at least that will get me started
<Jeeves_> Why would someone want to do raid-10 on two disks?
<lucent> o-kay
<lucent> Ubuntu consistently screws up the order of my drives
<lucent> I've tried the installer now on two completely different machines, each with different hardware, in the same configuration
<lucent> onboard mobo PATA to 40gb OS drive, PCI controller with two drives for software raid use
<lucent> what is happening is the PCI controller drives get set up as sda,sdb
<lucent> the onboard PATA drive shows up as sdc
<lucent> this is getting to annoy the piss out of me :(
<lucent> bug #16824
<lucent> similar
<soren> so..
<soren> what problem is this causing for you?
<Kamping_Kaiser> anyone else noticed that during a server install it checks the mirrors several times?
<Kamping_Kaiser> lucent, is it softwares fault or hardwares?
<\sh> lucent, what comes first (PCI ID viewing), the onboard or the external pci card?
<\sh> lucent, I had a similar issue with onboard nics and an external nic on a separate card...somehow I got the imagination that it has something to do with the PCI IDs and first come first serve principle
<_ruben> nic order can be solved by looking at mac .. same for disks with their uuid
<\sh> _ruben, well, actually you can resolve the issue with setting correct macs and eth names in udev rules..but that's something which doesn't work, when you have already your config handy and just install the system and push the config onto the system automatically...
<\sh> _ruben, not using udev that is..but e.g. /etc/network/interfaces only...because you trust your system to come up with the same order as before ;)
<NineTeen67Comet> Hello. I recently had a power blip (dog kicked the strip out of the wall) and MySQL seems to have really got messed up. I don't see errors in /var/log/mysql.log but it w/not start (sudo /etc/init.d.mysql start) it simply says fail!! .. help?
<_ruben> \sh: dunno about older versions, but gutsy and hardy make proper use of udev to 'stick' the if names
<\sh> _ruben, using dapper upgrading to hardy but will give problems...actually we should support also old world orders :)
<_ruben> true :)
<Kamping_Kaiser> how long should 'cleaning up' take? i'm over an hour so far, and i'm getting a little cross :|
<Fohdeesha> what shall i name my laptop
<lucent> Fohdeesha: gabriel
<lucent> after the hot Xena companion
<Fohdeesha> heh your'e awake already?
<lucent> rawrrr
<lucent> \sh: erg, oay
 * lucent pokes Ubuntu
<Fohdeesha> lolol
<Kamping_Kaiser> Fohdeesha, name it Asuka :)
<Fohdeesha> hmmm
<Fohdeesha> If I was gunna go with female anime charectars I think I'd have to go with Lain
<Fohdeesha> or CentOS
<lucent> ha name it centos
<Fohdeesha> wait no thats not what Im thinking of
<Fohdeesha> whats the OS in Lain
<Fohdeesha> centos is real lol
 * Kamping_Kaiser is |<->| this far from snapping and installing debian
<Fohdeesha> Copland OS
<Kamping_Kaiser> ffs. i shouldnt have to wait like this :S
<lucent> Kamping_Kaiser: what are you waiting for?
<Kamping_Kaiser> chroots arnt as nice, but they'll work
<Kamping_Kaiser> lucent, for the installer to stop "cleaning up"
<lucent> oh kick its ass
<lucent> grab an old F24 key gateway AT axe and have at it
 * Kamping_Kaiser has had nothing but bad luck with 8.04 :(
<lucent> the server install has all the stuff I'd want on the desktop
<lucent> the desktop install has all the stuff I never cared for anyways
<lucent> but I'm not joe average computer user
<lucent> I mean, encrypted filesystem
<Kamping_Kaiser> the server install was meant to be a quick way of getting 8.04 installed so i could do some dev work
<lucent> you'd want encryption on a desktop, not on a server
<Kamping_Kaiser> then agian, it only includes debian-cd 3.0.3 which means it wasnt updated after hardy
<Kamping_Kaiser> *guts
<Kamping_Kaiser> y
<lucent> Kamping_Kaiser: :/
<Fohdeesha> LOL kamping kaiser are you on 4chan right now?
<Kamping_Kaiser> Fohdeesha, negative :o why?
<Fohdeesha> I made a thread asking what to name the laptop, somebody answered Asuka also
<Kamping_Kaiser> rofl
<Kamping_Kaiser> Fohdeesha, /a/ or /b/?
<Fohdeesha>  /g/
<Kamping_Kaiser> bah. sneaky :p
<Fohdeesha> heh
 * Kamping_Kaiser checks thread
<Kamping_Kaiser> ROFL @ 5th post
<Fohdeesha> lolol
<Fohdeesha> "You're the only one that doesn't think CHILD_PORNOGRAPHY is a sensible name." hahahaha
<Kamping_Kaiser> hehe. your the only one who has to live with it ;)
<lucent> b-tards.
 * lucent facepalms
<Kamping_Kaiser> looks like they escaped to /g/ for a day out too ;)
 * Kamping_Kaiser terminates install and tries again... sigh
<Fohdeesha> hehehe
<Kamping_Kaiser> bbs
 * delcoyote hi
<kgoetz> may as well join from here while i try the install :)
<Kamping_Kaiser> ubot5, hello
<ubot5> Kamping_Kaiser: Error: "hello" is not a valid command.
<ubot5> Hi! Welcome to #ubuntu-server!
<Kamping_Kaiser> !info libc
<ubot5> Package libc does not exist in gutsy
<kgoetz> ubot5: hardy
<ubot5> kgoetz: Error: "hardy" is not a valid command.
<ubot5> hardy is Hardy Heron is the code name for the next release of Ubuntu (8.04-LTS), due April 2008 - For more info, see: https://wiki.ubuntu.com/HardyHeron - CONSIDER IT TO BE PRE BETA (ALPHA) SOFTWARE - Discussion and support in #ubuntu+1, NOT #ubuntu
<kgoetz> !hardy
<kgoetz> hm.
<Kamping_Kaiser> i thinki just worked it out.
<Kamping_Kaiser> if you type on the keyboard (random crap will do) while it installs, it buggeres up and fails to install properly
<Kamping_Kaiser> now thats a wierd bug :|
<lucent> USB or PS/2?
<lucent> Kamping_Kaiser: what type of keyboard interface, is it USB or PS/2 ?
<Kamping_Kaiser> usb
<RockHound> hi everyone. I have always wondered how I am able to prevent an immediate startup of a package after installation. anyone have a suggestion?
<lucent> there's a known bug in common Dell hardware and a few others where AT or PS/2 keyboards will cause a panic
<lucent> that's why I ask
<lucent> RockHound: why would you not want it to start up?
<kgoetz> its not dell, but thats interesting to know
<RockHound> well... my perticular example is that I have unmounted a lvm partition containing the mailboxes ... and I would like to upgrade to LTS and don't want postfix to started and then bounce mails back due to the missing storage
<RockHound> but never the less, I just don't like the thought of a system starting a service which is not fully configured to my licking upon install
<RockHound> but that is just my personal feeling about this
<lamont> RockHound: for postfix, I'd either set 'soft_bounce = yes' in main.cf, or use an iptables rule to block access to port 25....
<RockHound> lamont: why not just stop it from starting up? there must be a way to tell apt to not start things
<RockHound>  /s/stop/prevent
<lamont> divert invoke-rc.d?
<RockHound> hmm ...
<RockHound> might be a solution
<kgoetz> does postfix have a default file you can disable it in?
<ScottK> kgoetz: Define disable?
<kgoetz> ScottK: 'not start'
<ScottK> Leave it out of the appropraite rc*.d dir
<lamont> kgoetz: you could abuse init.d
<lamont> postfix makes the assumption that if you installed it, you want it running
<kgoetz> lamont: you could,but that seems rather ugly
<lamont> and that is where diverting invoke-rc.d comes in
<ScottK> Except init.d is telling it to start and you want it not to do that.  Get init.d to not tell it to start and it won't.
 * Kamping_Kaiser crosses fingers and hopes the server comes up right
<kgoetz> sigh. it failed
<kgoetz> useless :(
<kgoetz> here it goes :) <3
<ScottK> kgoetz: If master.cf is missing (renamed) it would, I except, try to start, but I'm confident it won't actually manage it.
<ScottK> except/expect
<_ruben> man .. snmp v3 is a bitch
<sommer> hey all
<soren> bug 1
<kgoetz> ello :)
<LjL> bug #1
<LjL> lp bug #1
<ubot5> Launchpad bug 1 in ubuntu "Microsoft has a majority market share" [Critical,Confirmed] https://launchpad.net/bugs/1
<soren> ubot5: config plugins.Bugtracker.snarfTarget lp
<ubot5> soren: Error: You don't have the owner capability. If you think that you should have this capability, be sure that you are identified before trying again. The 'whoami' command can tell you if you're identified.
<ubot5> soren: Error: I am only a bot, please don't think I'm intelligent :)
<soren> Figures.
<Hobbsee> heh
<Hobbsee> it won't talk to you, i don't think
 * kgoetz waves
<Hobbsee> heya!
<kgoetz> hello :)
<LjL> soren: moment, we'll fix that
 * kgoetz wonders if ubuntu server ed hates him, or if hes just not modern enough to use it
<soren> kgoetz: Wazzup?
<kgoetz> soren: its causing me non-stop headaches. currently it wont pull a dhcp address on boot. seems to pick up an ipv6 address, but not an ipv4. i have to manually run dhclient eth0 to get an ipv4 address (and i'm not convinced the ipv6 address is one it should be getting either)
<soren> kgoetz: ifupdown calls dhclient, too. No magic there.
<kgoetz> soren: i know. theres already a bug about similar behaviour to this (which i dont remember off th top of my head).
<kgoetz> soren: but i've managed to wind up in an imposible situation :p
<LjL> bug #1
<Fohdeesha> kgoetz: I had this exact same problem yesterday, would never grab an ipv4 address
<ubot5> Launchpad bug 1 in ubuntu "Microsoft has a majority market share" [Critical,Confirmed] https://launchpad.net/bugs/1
<kgoetz> Fohdeesha: did you find a fix? (or file a bug?)
<Fohdeesha> after i ifdown then ifup, it went away
<Fohdeesha> everytime I reboot now it grabs one right away
<Fohdeesha> doesnt make any sense
<kgoetz> sounds like the oposite of me *grin*
<Fohdeesha> hehe
<Fohdeesha> have you ifdown then ifup?
<kgoetz> not yet. just editing something before i can do that
<kgoetz> Fohdeesha: yes! my ip disapears  when i ifdown -a && ifup -a
<Fohdeesha> hehe
<Fohdeesha> after I did that the problem went away forever
<kgoetz> went away meaning?
<Fohdeesha> now every time I reboot it it grabs an ipv4 address right away, no more problems
 * kgoetz reboots it
<kgoetz> i restarted networking and it hasnt helped, so perhaps a reboot ...
<kgoetz> dnsmasq's logs dont say its giving out ipv6 addresses :\
<Fohdeesha> odd
<Fohdeesha> m rather new to the whole linux deal
<kgoetz> wonder if no ipv6 logging is a feature
 * kgoetz is otherwise quite enamaoured with dnsmasq
<kgoetz> no ipv4 address :/
<Fohdeesha> thats odd
<Fohdeesha> what versin are you running of ubuntu
<RockHound> so I went with soft_bounce = yes ... was the quickest solution I guess
<kgoetz> 8.04
<Fohdeesha> ah
<Fohdeesha> 7.10 here
<Fohdeesha> havent found any sparc distro of 8
<kgoetz> there is none
<kgoetz> well, its in ports, not the main releases
<Fohdeesha> yea thats what I meant
<Fohdeesha> heh
<RockHound> is there a meta-package to strip a normal server down to a jeOS?
<RockHound> a normal server install running in a VM that is
<kgoetz> dont think so
<kgoetz> loony. its working on ipv6, ut wont do dns lookups, because the server in resolv.conf is ipv4
 * kgoetz wonders what he broke, and how fast he can unbreak it
<Fohdeesha> hehe
<kirkland> zul: ping
<kirkland> zul: I saw you had a fix for Bug #222761 ...  are you working that through the SRU process for hardy?
<ubot5> Launchpad bug 222761 in nut "[SRU] upsd doesn't start NOT 221737" [Undecided,New] https://launchpad.net/bugs/222761
<kirkland> zul: nevermind....  i cleared my cache and refreshed the page
<kgoetz> stuff is working over ipv6.:|
 * kgoetz feels uneasy
<kgoetz> now my ipv6 has gone :| wth?
<nijaba> RockHound: you could start by installing the -virtual kernel
<nijaba> RockHound: then remove the packages you do not need
<RockHound> nijaba: k
<RockHound> thanx
<zul> kirkland: its been uploaded just needs to be accepted
<kirkland> zul: well, i saw some back and forth with pitti
<nijaba> zul: did you fix the comment as pitti pointed? ;)
<zul> nijaba: yep
<nijaba> zul: yeah! ;)
<Kamping_Kaiser> i think ubuntu is confused... it keeps renaming my OS drive
<Kamping_Kaiser> it was sdf, sde now sda
<Kamping_Kaiser> equally the usb external drive was sdf now sdb
<Kamping_Kaiser> so the internal drive must have been sde, sdf, sda
<spiekey> hi
<seisen> usually it only does that for usb drives or usb keys
<mathiaz> soren: what's the irc channel about the ubuntu virtualization ?
<LjL> #ubuntu-virt
<mathiaz> LjL: thanks
<ScottK> lamont: Where did sendmail on gutsy hppa wonder off to? https://launchpad.net/ubuntu/gutsy/+source/sendmail/8.14.1-8ubuntu1
<ScottK> It used to be there because clamav-milter is built in the release pocket.
<lamont> ScottK: bummer
<lamont> gutsy's door slammed before hppa caught up
<lamont> and gutsy was building on hppa with a "I'm lazy" bootstrap archive that _was_ current, so things got built for gutsy that, uh, don't build in gutsy.
<lamont> hppa is special. :-(
<zul> hppa: it rides the small bus right? ;)
<lamont> deb http://people.ubuntu.com/~lamont/hppa gutsy-stage0 main restricted universe multiverse
<lamont> if you care
<lamont> zul: something like that
<lamont> there was confidence that it'd get done in time.  poorly placed confidence, it turns out
<ScottK> lamont: Thanks.
<ScottK> I'll put on my "It's only backports" filter and move on then.
<ninkendo> So I just upgraded to hardy on a test box, and nss-ldap doesn't seem to like users that belong to a group with a gid >65535
<ninkendo> anyone aware of a config option anywhere that may have changed from gutsy->hardy?
<Fawzib> question: I have 2 email servers (main,backup) and I want to have all emails received by main to processed normally and have a copy forwarded to backup. Is there any program (or recommendation) on how to do that? Using postfix+dovecot
<RockHound> after backgrounding debconf  "to inspect the situation", how do I get back in? fg tells me no processes
<RockHound> ctrl+d did that
<_ruben> ctrl-d isnt background .. you most likely just killed it
<lamont> RockHound: if you said 'd' to inspect the situation, it actually forked  a shell, so exiting the shell gets you back
<RockHound> lamont: thanks for clearing that up
<RockHound> _ruben: I exited the forked shell
<RockHound> with crtl+d
<mathiaz> soren: what's the state if iSCSI root in hardy ?
<soren> -ENOTSUPPORTED
<soren> What on earth does ${*-*} mean in bash?
<ScottK> You just stepped from a dark room into bright sunlight?
<ScottK> Sorry.  No idea, but I couldn't resist.
<soren> :)
<zul> soren: it looks kind of dirty
<nxvl> we are having meeting tomorrow at 18 UTC, did't we?
<nijaba> nxvl: at 21UTC if I am not mistaking (but I won't be there)
<nxvl> oh yes, you are right
<nxvl> thanx
<reya276> ï»¿can some one help me out with this | Failed to start apache : Apache does not appear to be running :  * Starting web server apache2 apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1 for ServerName    ...done.
<spiekey> hi
<spiekey> any idea why it claims about "Give root password for maintenance" here?
<spiekey> if i then exit the system starts up fine
<gregbuntu> I'm planning to load hardy server on a sun e250. Any tricks I should know?
<gregbuntu> I'm planning to set up software RAID-5 and use LVM (no hardware RAID on this machine)
<zul> spiekey: the machine probably didnt shutdown properly and there might have been problems with the filesystem
<gregbuntu> I read that it is a good idea to keep the OS on a separate RAID-1 and keep data on a RAID-5 - any thoughts on that?
<spiekey> sounds good :)
<spiekey> fsck.ext3 says that my root fs is clean, and it still prompts for my pwd :-/
<spiekey> any ideas?
<spiekey> spiekey: check your boot options
<spiekey> spiekey: okay
<spiekey> spiekey: ah!! [17179569.184000] Kernel command line: root=/dev/mapper/root devfs=mount ro console=tty0 console=ttyS0 single
<spiekey> spiekey: see ;)
<spiekey> where does dapper map nic<-->mac again?
<spiekey> in some dev file?
<mathiaz> spiekey: in /etc/udev/rules.d/
<mathiaz> spiekey: 70-persistent-net.rules IIRC
<spiekey> thanks
<mathiaz> kees: I've seen you're following me with your security team session for Ubuntu Openweek
<jcastro> mathiaz: it's almost your turn!
<mathiaz> jcastro: yop - I'm already there
<rZr> hi, if it maters, a course session about u-s  is happening now in #ubuntu-classroom
<melter> when i'm configuring the network during installation, what hostname do i enter if it's dynamically assigned by the dhcp server?
<melter> rZr: thanks
<kees> mathiaz: I am, yes, in 45 min
<ScottK> leonel: What have you been testing your clamav 0.93 package with?
<ScottK> leonel: The clamav 0.92.1 backports for Feisty/Gutsy are done, so all we need now are your patches ...
<RoAkSoAx> mathiaz, you've mentioned that "The last role in the Server Team as the Developpers" and that they develope new features.... If someone wants to help with this, is he able too? and for example, is there a way that CS Students (that don't know much of programming) can get involved in this?
<mathiaz> RoAkSoAx: sure - before developing a feature you need to plan it
<mathiaz> RoAkSoAx: that involves doing preliminary research on what projects already exists, if they could be used, etc...
<mathiaz> RoAkSoAx: that's the state of the art part
<mathiaz> RoAkSoAx: then you need to write up a specification to outline what should be done
<mathiaz> RoAkSoAx: it will discuss with other developers and further refined
<mathiaz> RoAkSoAx: once we've agreed on what should be done, then someone can do the actual work :)
<RoAkSoAx> yeah but for example, if a CS Students wants to start developing for the server team, but he does not know much of programming languages and stuff... is that possible?? let's say to be a part of a project already running in the server team
<mathiaz> RoAkSoAx: yes - you always need to get started somewhere
<RoAkSoAx> mathiaz, an were can i find info about that :)?
<mathiaz> RoAkSoAx: if you're not interested in programming, you could help with testing or documentation ?
<mathiaz> RoAkSoAx: if you don't know to program, it's a great way to get started
<mathiaz> RoAkSoAx: we'll have some spec ready and you can learn while contributing
<mathiaz> RoAkSoAx: not having previous experience in programming is not a drawback to start contributing
<mathiaz> RoAkSoAx: we'll list our spec on the Roadmap
<_CitizenKane_> i'm having an interesting, just installed snmpd on ubuntu server 7.10, but for some reason when i grep for the process it is being bound to loopback interface, i check /etc/init.d/snmpd and it doesn't look like it's in there, does anyone know how to change this?
<mathiaz> RoAkSoAx: https://wiki.ubuntu.com/ServerTeam/Roadmap
<RoAkSoAx> well actually i'm a BS in Systems Engineer (Equivalent to CS), but i'm not much of a programmer because i oriented myself to network administracion as well as sysadmin, but i would like to help and getting involved in a programming project... but anyways.. i will start contributing on doing some packaging and specially merging, since nxvl gonna help me on that :)
<mathiaz> RoAkSoAx: you should also watch for the uds sessions and topics - https://blueprints.launchpad.net/sprints/uds-intrepid
<mathiaz> RoAkSoAx: that's a great choice - system administration may lead to maintaining your own package
<mathiaz> RoAkSoAx: for your own infrastructure
<mathiaz> RoAkSoAx: so having a clue about how the project works, how to package fixes helps a lot
<RoAkSoAx> mathiaz, yep that is what i'm aiming for :). i would like to contribute on packaging and that stuff and maybe getting involved in a project that involves programming
<RoAkSoAx> but well. first things first... and i'll start with packaging, merging and bug fixing ;)
<RoAkSoAx> thanks for your help =)
<mathiaz> RoAkSoAx: you're welcome - now is the best time in the release cycle to get involved in packaging
<mathiaz> RoAkSoAx: you could focus on -server related merges
<RoAkSoAx> mathiaz, yep, that is what nxvl is telling me.. and i would definitly like to focus on server related packages
<melter> what hostname should i enter during installation if the hostname is assigned by a dhcp server at boot time?
<jimcooncat> opinion from anyone here, please: ebox vs. webmin?
<good_dana> jimcooncat: webmin is being replaced by ebox in ubuntu-server
<mrpoundsign> allo. :)
<mrpoundsign> I am trying to find a page that describes how to add a new disk to my ubuntu server.
<osmosis> trying to start guest with virsh,  bind() failed
<osmosis> not sure why. first ive seen this.
<nealmcb> !ebox > jimcooncat:
<osmosis> anyone running phussion passenger ?
<osmosis> is there any info or docs on the 'rails' package?
<osmosis> I dont even see like, a doc, on what type of rails setup it assumes.
<osmosis> anyone know what the 'rails' package in ubuntu hardy is exactly ?
<osmosis> maybe this: http://doc.ubuntu.com/ubuntu/serverguide/C/ruby-on-rails.html
#ubuntu-server 2008-04-30
<mohamed_> hello all, i have strange behaviour with network :)
<mohamed_> i have one eth card and wlan  at the same pc ...
<mohamed_> when eth connected wlan working if i disconnect eth0 wlan stop working
<soulc> so should one upgrade to 8.04 server or what?
<mohamed_> anyhelp ?
<Cahan> soulc, not unless you have problems that will be solved by upgrading
<owh> I have an rsync server which stores backups created with --link-dest. This means that the vast majority of the backup is actually a hard-link. I am trying to determine the actual disk space used by each backup. If I run du across one backup, I get the full size as if each file is real. If I run du across multiple, I get 22Mb for all but the first.
<owh> 22Mb seems like a lot of space for a tree of hard links.
<owh> How do I confirm that it is really 22Mb?
<pschulz01> Greetings.. anyone know how to get the kernel to re-read a partition table?
<pschulz01> (without rebooting)
<pschulz01> What are 'audit' messages telling me in /var/log/messages?
<pschulz01> I am trying to get slapd to use a different directory for it's database.
<sommer> pschulz01: those are probably apparmor messages
<sommer> pschulz01: yep, that'd do it
<pschulz01> Ok.. how do I change them? This is a hardy alternate install.
<sommer> pschulz01: you can either edit /etc/apparmor.d/usr.sbin.slpad for the new directory or put the profile into complain mode
<sommer> I'd suggest editing the file ;-)
<pschulz01> sommer: Then what? (is there an /etc/init.d/apparmor restart?
<pschulz01> sommer: What about sub-directories? eg. there is the line "/var/lib/ldap/* rw"
<pschulz01> sommer: I have added to "/var/lib/ldap/<domain>"
<pschulz01> sommer: Reading https://wiki.ubuntu.com/AppArmor
<sommer> pschulz01: ya, there's also information in the server guide about apparmor
<sommer> if you edit the file then do /etc/init.d/apparmor restart it should reload
<pschulz01> sommer: That link wasn't too helpful.
<pschulz01> sommer: Excellent.. as expected then.
<pschulz01> sommer: Reading http://doc.ubuntu.com/ubuntu/serverguide/C/apparmor.html
<sommer> pschulz01: cool, you can also find the guide on help.u.c :)
<pschulz01> sommer: Ok.. putting it into 'complain' mode allowed slapd to run... now to edit the file. :-)
<pschulz01> Aha.. double *
<pschulz01> sommer: Is that worth submitting as a bug?
<sommer> I think that's intended behavior
<pschulz01> sommer: I'm now getting a message.. operation="file_lock" requested_mask="wk::" denied_mask="k::"
<pschulz01> sommer: Looking to lock the file /var/lib/ldap/<domain>/alock
<sommer> pschulz01: it's probably apparmor again, did you add all your changes to the apparmor profile file?
<Xabriel> Hi guys, I need some help getting started. I want to set up a server to do two things: 1. act like a networked hard drive for my XP laptop. and 2. Create a web page that a few of my friends and I can use to access files over the internet. I'd like to know how the initial partitions should be, as well as what applications/services to use.
<pschulz01> sommer: It is apparmour.. there is no mention of 'k' in the exisitng file, so I;m wondering if this is a bug in the exisitng profile.
<Xabriel> I had started using debian, but I don't know enough about linux yet, and ubuntu has been less difficult for me to grasp so far
<Kamping_Kaiser> Xabriel, you want samba+apache installed, a large /home/ and (depending on how you setup apache) a large /var/www
<sommer> pschulz01: the existing profile covers the default files and behavior of slapd, if you change that then you need to edit the file
 * Kamping_Kaiser wonders how much easier apt-get install is on ubuntu vs debian
<pschulz01> Xabriel: Are you worried about messing up the system if you run out of disk space?
 * pschulz01 stares at Kamping_Kaiser.. 
<Xabriel> pschulz01,not particularly, I just got a 500 gig drive
<pschulz01> Xabriel: Then the default partitioning is suitable.
 * Kamping_Kaiser looks at pschulz01 - yu' aint from around here, are you boy?
<Xabriel> pschulz01, should I have separate partitions for the files I will access through my home network and the ones I will use over the internet?
<pschulz01> Xabriel: You could slice off a 5 or 10G partition if you wanted to, for the OS ('/').
<pschulz01> Xabriel: Not necessary.
<pschulz01> Xabriel: The file and web server will look after that for you.
<Xabriel> pschulz01, how much swap should I set aside?
<pschulz01> Xabriel: How much memeory do you have?
<Xabriel> pschulz01, well I'm putting this together from old parts, I think I have about 768K
<pschulz01> Xabriel: In the old days, the rule was 'double it'.
<Xabriel> *mb
<Xabriel> oy, big diff
<pschulz01> Xabriel: You shouldn't end up getting into swap-ing (ie. use up all physical memeory) so 1G would be ample.
<Xabriel> pschulz01, one thing I wanted to do, to keep people from messing w/ my server if they happen to find it, is have it so if they incorrectly enter the username and password more than 3 times, they get a permanent IP ban
<Kamping_Kaiser> hope you dont try and log in drunk then ;)
<pschulz01> Xabriel: fail2ban ? Kamping_Kaiser is that the package?
<Xabriel> eh, if I screw up I can just go back in and remove it from the list :)
<Kamping_Kaiser> pschulz01, its a package. looks fairly complex to setup (but i only had a quick look)
<Xabriel> I figgure that will help to keep out brute force attacks
<pschulz01> sommer: Adding 'k' the to apparmor profile stopped the message.. but there is no mention of it in the documentation as far as I can see.
<pschulz01> sommer: Not even in the man page for apparmor.d
<pschulz01> Time to submit some bugs.
<sommer> pschulz01: hrmm, ya, there's a page in the wiki troubleshooting apparmor, or something similar, is it mentioned there?
<pschulz01> sommer: link?
<sommer> one sec
<sommer> pschulz01: https://wiki.ubuntu.com/DebuggingApparmor
<cyris||> anyone around using ddns behind a PAT router? ez-ipupdate listens and updates on eth0 but then updates my ddns host with my private IP.
<sommer> pschulz01: meh, I don't think that's the link I was originially thinking of, if you could create a bug against ubuntu-serverguide, I'll add it to the docs
<pschulz01> sommer: No mention.. :-/ (Pion: Off I go then.)
<Xabriel> what exactly are mount options?
<pschulz01> Use 'default'
<pschulz01> Xabriel: eg. 'ro' for read only.
<Xabriel> pschulz01, but what if I want to write? hehe
<pschulz01> Xabriel: Where is this mentioned?
<pschulz01> Xabriel: 'rw' for read-write.
<Xabriel> pschulz01, there's no "default" option
<Xabriel> pschulz01, it was on relatime
<pschulz01> Xabriel: Wha?
<pschulz01> Xabriel: I am goin gto need more context.
<Xabriel> pschulz01: "relatime - update inode access times relative to modify time"
<Xabriel> pschulz01, (this is for "/")
<pschulz01> Xabriel: Are you looking at the 'mount' man page?
<Xabriel> pschulz01, yes
<pschulz01> Xabriel: Using no options at all generally also works :-)
<Kamping_Kaiser> Xabriel, any reason your not trusting Linux to sort out the mount options?
<Xabriel> Kamping_Kaiser, no reason, just curious
<Xabriel> what file system should I use for the main data partition
<Xabriel> (where I'll dump all my stuff)
<Kamping_Kaiser> ext3. always
<Xabriel> will my XP computer be able to access that on?
<Xabriel> *ok
<pschulz01> Kamping_Kaiser: What.. not Rieser?
<Kamping_Kaiser> pschulz01, he doesnt need dancing trees :p
<Kamping_Kaiser> Xabriel, filesysetm is irrelevent to your xp box. samba is what'll make the difference
 * Kamping_Kaiser afk lunch
<Xabriel> I see
<Kamping_Kaiser> copying 80bg of ubuntu mirror over usb is a good chance fora break :O
<Xabriel> bg?
<Xabriel> billion gigs?
<fujin> how can I adjust $PATH system wide? having some funny isues with Gem packages.
<nealmcb> fujin: /etc/environment and/or /etc/login.defs look likely
 * nealmcb sighs
<Kamping_Kaiser> heh
<pschulz01> sommer: ping
<RockHound> hi ... is there a way to install a 2.3 openldap on hardy?
<zul> apt-get install slapd?
<RockHound> that merges 2.4
<RockHound> eerr ... installs
<pschulz01> Kamping_Kaiser:
<pschulz01> Kamping_Kaiser: ping
<jay2> <jay2> hello I need to know if there is anyway that I can redo a download when ether it fails or is paused?
<jay2> <jay2> that is on ubuntu server 7.10
<soren> What sort of download?
<soren> Which application are you using?
<jay2> I well find out I am helping a friend out on undernet so its not me
<jay2> sorry about that
<jay2> mite take some time a dissconnect or net split :(
<pschulz01> sommer: Thanks for your help earlier.. it wasn;t really a bug in apparmor
<Fohdeesha> goooood mornin
 * ogra waves 
<ogra> is ayone of the server team looking after updating the docs on help.ubuntu.com to match new procedures introduced in hardy ?
<ogra> i.e. https://help.ubuntu.com/community/LDAPClientAuthentication
<ogra> seems people have probs when following it on 8.04
<Fohdeesha> lucent ding ding ding
<jimcooncat> Can someone tell me why the following is the default? It seems so unsecure to me:
<jimcooncat> By default, user home directories in Ubuntu are created with world read/execute permissions.
<jimcooncat> I take it that if you're using a ltsp server that this would still hold true for each user that logs in from a thin client (?!?)
<ogra> thin clients dont have anything to do with the homedir
<soren> I would assume so, yes.
<jimcooncat> I guess I should rephrase that: installing ubuntu's ltsp package won't fix directory permissions to ensure user privacy.
<ogra> ltsp doesnt touch homedirs or user setups
<ogra> you can set it yourself in /etc/login.defs
<ogra> look for umask
<\sh> wasn't there an option in d-i these days, d-i was asking if you want world readable/executable home dirs or not
<jimcooncat> thanks ogra
<ogra> might be in expert mode
<jimcooncat> \sh: good, I'll check that out, since I'm using netboot installs
<\sh> or did I mix it up now with the debian os install...I saw it the last time I installed ubuntu or debian...
<blue-frog_> jimcooncat: for ne wusers ot depends how you create them
<jimcooncat> I see i can fix it for new users in /etc/adduser.conf
<ogra> right
<blue-frog_> useradd cretaes home dir with rx for others while adduser creates it with x only
<ogra> dont use useradd, adduser is what you want
<jimcooncat> iirc, useradd is a wrapper for adduser anyway
<ogra> other way round :)
<blue-frog_> on the sie how do you adduser in a script?
<ogra> useradd is something to use from scripts etc ...
<jimcooncat> oh, I guess I didn't iirc :-)
<blue-frog_> how do you use adduser in a script?
<blue-frog_> then it would be nice if by default useradd was giving same defaults as adduser
<ogra> blue-frog_, you dont, thats what you have useradd for  ...
<ogra> adduser is a maintenance tool, useradd is a backend
<blue-frog_> ogra: yes but default for useradd have changed a while ago and it is a bit annoying
<ogra> if you do normal maintenance tasks never use useradd
<jimcooncat> When using ltsp or other shared access, how do you keep firefox memory usage from being a problem? I doubt my users would get in the habit of killing firefox-bin once in a while to restore memory like I do on my machine.
<blue-frog> sorry got disc... one more question about adduser
<blue-frog> in adduser.conf we have DIR_MODE=0755 so if I understand correctly the homedir should be created with 755 but  it is created with 751, any explanation?
<ogra> jimcooncat, ff3 handles ram way better than the -2 version did, general rule of thumb for ltsp is to have 128M per session on the server plus 256M for th server itself
<jimcooncat> ogra, that's good to hear. I haven't tested hardy yet, I could see that was going to be a problem with ff2. I was hoping to avoid replacing the one familiar program they had with epiphany or something else.
<jimcooncat> \sh: found it! # Do you want system wide readable home directories?
<jimcooncat> adduser	adduser/homedir-permission	boolean	true
<venil> hi, how do i add dns lookup ip?
<venil> my network is up and running, but no DNS lookups work
<venil> anyone?
<jords> venil: try dig
<jords> might need to google for the package it's in, can't remember....
<venil> whats dig?
<ogra> ogra@osiris:~$ dpkg -S /usr/bin/dig
<ogra> dnsutils: /usr/bin/dig
<ogra> its installed by default
<venil> is it not just enough to add dns to /etc/network/interfaces
<ogra> depends what you want to achive with your server
<ogra> but you should rather add it to resolv.conf
<venil> arghh!!! thanks orga, resolf.conf is what i was looking for
<zazuge> hello
<zazuge> I got a problem with postfix ,can anybody help me?
<lamont> not without knowing what the problem is
<zazuge> thanks for replying, it's about sender relay maps
<venil> guys, how can i bind mysqld to more than one ip address
<venil> can i just bind-address in my.cnf several ip adresses?
<zazuge> to be exact I've setup a the mail server correctly to relay throught yahoo and gmail smtp servers it worked well with , but the problem is with smtp_sender_dependent_authentication it seems that postfix use only the relayhost parametre and not sender_dependent_relayhost_maps
<zazuge> I'll reformulate the question
<zazuge> have two account one on yahoo ,and the other on gmail
<zazuge> I configured postfix and fetchmail to send and recive mail throught
<zazuge> my yahoo account , with proper adress rewriting and all.
<zazuge> after that I did the same with gmail and added the certificate to let me send and recive throught gmail but the side effect is that i can no longer send with yahoo smtp server.
<zazuge> next i wanted to cohabitate the 2 setups
<zazuge> I used these line
<zazuge> smtp_sender_dependent_authentication = yes
<zazuge> sender_dependent_relayhost_maps = hash:/etc/postfix/sender_relay
<zazuge> but nothing it just seem that the only effective line is relayhost = smtp.mail.yahoo.fr:25
<zazuge> and if I try to comment it I get connect to yahoo.fr[217.12.6.29]: Connection timed out (port 25)
 * lamont hasn't used sender_dep_auth
<zazuge> connect to gmail.com[72.14.253.83]: Connection timed out (port 25)
<lamont> worst case, one could use transport maps to force the config diffs between them, although it does sound lik sender_dep_auth could be talked into doing what you want
<zazuge> thanks lamont i'll check this one :-)
<gaouzief> hi people
<gaouzief> i have an issue maybe someone can help
<gaouzief> while installing 8.04 server i misspelled host name
<gaouzief> ounce installed i went in /etc/hosts and corrected spelling manually
<gaouzief> now sudo won't work, even after reboot
<gaouzief> how can i fix this?
<blue-frog> gaouzief: you need to fix /etc/hostname aswell
<ogra> did you fix /etc/hostname too ?
<gaouzief> nope
<gaouzief> can't access that anymore
<ogra> boot into recovery mode and fix it :)
<gaouzief> okay, in recovery mode i should mount th / partition?
<ogra> no
<gaouzief> what then
<ogra> just boot into recovery mode f the installed system
<ogra> *of
<ogra> the one grub offers
<gaouzief> ok not the CD recovery mode
<ogra> nope
<gaouzief> ok i'll try that
<ogra> hit esc if you see the grub countdown
<gaouzief> worked
<gaouzief> thks
<zazuge> exit
<gaouzief> but this should be fixed somehow, it's a common mistake
<phil_> how should one fix that people forget to change /etc/hostname accordingly? :)
<phil_> ah nevermind, he left..
<dendrobates> morning all
<sommer> morning dendrobates
<ScottK> sommer: clamav 0.92.1 backports to Feisty/Gutsy are done.
<zul> morning
<ScottK> Good morning.
<venil> how can i permanently setup env. variable, so that it remains after reboot
<dthacker> venii: for a login shell?
<dthacker> venil: Are you setting this variable for a login shell?
<venil> i need to set JAVA_HOME for tomcat to work properly
<zul> venil: you can edit /etc/profile
<ogra> you shouldnt set JAVA_HOME though, the java packages set it up properly
<ogra> (JAVA_HOME isnt supposed to be used on debian based systems)
<venil> well, tomcat gives an error if its not setup
<ogra> not here
<ogra> at least with the package
<dthacker> that was my next question.  Did you install with the package?
<venil> nope, just downloaded from their website
<venil> i should have probably done apt-get install tomcat5.5 ??
<ogra> yeah :)
<venil> well, i tried that before, its kinda different from what original tomcat55 has to offer, it runs on a different port for example
<ogra> thats easy to change in the config file
<dthacker> venil: In my experience,  the advantages of working within the package management system outweigh the disadvantages.
<venil> so if i do apt-get, will it also download jre for me??
<venil> as i already have it installed, not thru packages
<ogra> ouch
<dthacker> ewww
<ogra> it would default to the already installed java on your system that comes with the default install
<ogra> you could install the sun java engine from multiverse to make it work with that
<ogra> no clue how to make it work with manually installed java
<venil> no worrie, its easy to uninstall, ( ii guess o_O ??)
<venil> can you walk me thru the right way please?
 * ogra has no clue where the java installer puts what or which files of the original java it replaces blindly without asking
<ogra> so no, i cant
<venil> i know how to enable multiverse, how do i install the JAVA package though??
<sommer> ScottK: cool, does that version need backported to dapper as well?
<ScottK> Already done.
<ScottK> Since we'd already got the libclamav3 transition done in Dapper, it was simple.
<ogra> venil,  apt-cache search sun-java
<ogra> make your pick
<ScottK> sommer: libclamav4 and clamav 0.93 is here, so no rest for the weary.
<venil> i just discovered that multivesre is enabled by default in 8.04 is that ruight??
<ScottK> Yes.
<ScottK> Nothing is installed from it in any default installation though
<ScottK> IIRC it's been that way since Feisty.
<sommer> ScottK: ah, just let me know when it needs testing :-)
<ScottK> sommer: What really needs doing is looking in the Fedora 9 repository for patches.  They had a klamav patch, but I haven't looked at the rest.
<sommer> ScottK: sounds intersting, so you mean patches for applications that use clamav or clamav itself?
<ScottK> sommer: All the packages that build against libclamav.  See the team wiki page.  I just updated it.
<sommer> ScottK: okay, I'll take a look today
<shashi>  I am using Ubuntu 8.04 64-bit version, if i install any 32-bit applications like browsers, datbase clients ...etc. The 32-bit based applications not able to reach /etc/resolv.conf file to communicate to the network. Any one tell me how to resolve this issue ?
<Viper111> guys when i am connecting to my ubuntu server through VPN PPtp i will be disconnected from the network
<ScottK> shashi: Spamming multiple channels will get you fewer answers, not more.
<venil> what is the default port tomcat55 is running on (not 8080), i cant even check whether its running or not
<venil> which conf file do i edit, to change the default port??
<phil_> /etc/tomcat5.5/server.xml should have some connectors defined
<phil_> I think it is 8180 per default for non-ssl
<wo0f> yo guys
<wo0f> does anyone know a good tutorial for setting up a terminal server with ubuntu?
<wo0f> cant find anything decent on google
<wo0f> with tight vnc tbh
<\sh> wo0f, https://help.ubuntu.com/community/VNC ?
<\sh> I wonder for what someone needs a terminal server on linux/unix while there is ssh or a network protocol named Xwindow
<venil> ssh rulz
<oxtub> Using libnss-ldap and libpam-ldap to authenticate users on a 2003 Microsoft AD, anyone have any clues why logins would just hang forever? Users show up in `getent passwd`, and incorrect passwords are rejected, but correct passwords and su's to ldap accounts just hang forever.
<sommer> oxtub: do you have pam configured to use ldap, and winbind?
<sommer> oxtub: also, likewise-open greatly simplifies the configuration
<ikonia> is there any senario where an ubuntu-server installl will install lilo instead of grub as default. I have a user in #ubuntu saying thats what happened
<sommer> ikonia: not that I've ever seen
<ikonia> as I suspected also
<ikonia> thank you
<wo0f> \sh: cheers man.
<\sh> wo0f, helped?
<wo0f> ikonia: no i don't think so
<wo0f> ikonia: theres not even an option for that anymore
<wo0f> unless your using a really old version, but tbh, has ubuntu ever used lilo?
<wo0f> \sh: yeh cheers mate.
<Kamping_Kaiser> nope
<Kamping_Kaiser> silo on sparc, but not lilo
<klaf> Humm, where can I find jeos to download?
<bamed> http://cdimage.ubuntu.com/jeos/releases/
<klaf> bamed: Thx, trying it out now.
<ikonia> wo0f: thank you
<klaf> What do you think. Is ebox the thing to use for colleagues  that not want to use bash? On our old physical debian servers we used webmin...
 * Kamping_Kaiser recomends a cluebat
<ScottK> webmin was removed from both Debian and Ubuntu because it's config file management system is incompatible.
<ScottK> You can think of ebox as a more reliable replacement for webmin for someone who would want such a thing.
<klaf> ScottK: That is why I am looking at sumfink else than webmin.
<ScottK> Then ebox is likely what you're after.
 * ScottK doesn't use it personally.
<klaf> ScottK: We used to manage bind with webmin. I need to find sumthing else, beq ppl here do not want to edit the zone files themself. :)
<faulkes-> hrmm, it would appear the forum team removed our moderation privileges when the installed the new forum stuff
<faulkes-> as well as assuming ownership of the post we had there
<\sh> klaf, powerdns?
 * faulkes- has been up all night fixing a downed PDC
 * faulkes- is not impressed today
<ScottK> Not sure if a bind module made it into Hardy or not.
 * ScottK bets soren knows.
 * ScottK runs off to a meeting....
<\sh> klaf, or mysqlbind (http://freshmeat.net/projects/mysqlbind/)
<klaf> \sh: is it a wrapper around bind?
<\sh> klaf, powerdns is a DNS Server with webfrontend
<klaf> ScottK: Thanx for the hel
<\sh> klaf, mysqlbind is a webfrontend for bind
<klaf> \sh: Ah, I'm a bind9 fella :p
<klaf> !mysqlbind
<virtbot`> klaf: Error: "mysqlbind" is not a valid command.
<ubottu> Factoid mysqlbind not found
<\sh> actually, webmin was a cool solution in the early days of the internet boom, early to mid 90ties
<\sh> I installed in on several customer servers..and wrote these days the qmail webmin module
<klaf> \sh: Well, you know that debian servers are stable. It it works don't touch it.. Except security fixes :p
<\sh> klaf, debian is stable...but not the admin who works on those servers...;) after all, normally you have many cases where web-admin-stuff doesn't work as expected
<klaf> \sh: Oh, I've used the qmail module further back in time
<\sh> klaf, the qmail.wbm or the qmailwebmin module..there are two of them...:)
<klaf> \sh: Exactly, some modules really fscked up the configs. On the qmail module, I don't really remember, lately I mostly use postfix.
<klaf> \sh: Have you used mysqlbind?
<\sh> klaf, nope...I'm using some selfmade scripts to add hosts etc. to my zone files...but in our company we are using mysqlbind...(well, actually we hacked some stuff into it, so it fits with our special setup)
<\sh> klaf, I'm waiting for a new root server for my private fun, and I wanted to setup powerdns to see how it works ... it could be a good solution for customers who wants to self-admin their dns zone files
 * faulkes- prefers vi for zone files
<\sh> faulkes-, yes..for single zone files...that's nice ;) for several hundreds or more manual editing is a pain in da ass, when you are e.g. a webhoster ;)
<faulkes-> Subject: Launchpad: changes to your project's licence record
<faulkes-> ORLY
 * faulkes- eyes Canonical
<soren> ScottK: A "bind module"? -ENOCONTEXT
<faulkes-> soren: for eBox iirc
<soren> Oh.
<soren> ebox-dns should to that.
<klaf> soren: Ah, thankx..
 * klaf looking it up now
<elventear> I have a small problem, on 8.04-server. When the box finishes booting the services it doesn't show the login prompt in tty0. Any ideas what might cause this?
<\sh> elventear, press enter ;)
<elventear> Nothing happens, really
<\sh> hmm?
<\sh> elventear, and on tty1?
<ogra> but you have login promps on the other consoles ?
<elventear> I have login in the other ttys
<elventear> Yup
<elventear> And full network access and everything
<elventear> That is why I say it's minor, but weird
<ogra> that the prompt scrolls away on tty0 is a known upstart bug
<ogra> but you should get to it once you hit enter
<elventear> ogra: I had set the system to wait until the service startup was done
<elventear> So that didn't happen
<elventear> But now I don't get the the prompt at all
<elventear> I have reverted the setting, but still it does the same
<melter> i'm trying to install openssh from the installer, and it's failing, is this a known problem?
<zul> failing as in how?
<melter> Installation step failed: "An installation step failed. You can try to run the failing item again from the menu, or skip it and choose something else. The failing step is: Select and install software"
<ogra> did you check the CD ?
<melter> no
<ogra> sounds like a corupted iso
<melter> i'll do that now
<melter> "The CD-ROM integrity test was successful. The CD-ROM is valid."
<melter> are there MD5 sums somewhere?
<melter> nm, found em
<melter> "ubuntu-8.04-server-i386.iso: OK"
<rarn> is there a way to install a paravirt ubuntu image from cd? I looked at  jeos and it doesnt seem to do xen. i'm running on an opensolaris dom0
<good_dana> rarn: i believe that all ubuntu kernels are paravirtualized
<rarn> hmm - will they be set for a serial console?
<rarn> I'll try that now
<Malbojia> I'm looking for someone who has completed a samba migration from distro y to distro x. Having issues with logins associated to folders
<rarn> good_dana, using virt-install, it doesn't like the server iso
<rarn> unless i do a HVM
<phaidros> hi, whats the tool / way of choice to handle webapps for multiple users on ubuntu?
<phaidros> like mediawiki installed via dpkg ..
<phaidros> I am usually giving each user the unpacked tarball to their space ..
<phaidros> under gentoo there is webapp-config
<uvirtbot> New bug: #224791 in nut (main) "nut upsmon not observing it's config file" [Undecided,New] https://launchpad.net/bugs/224791
<ubottu> Launchpad bug 224791 in nut "nut upsmon not observing it's config file" [Undecided,New]
<mathiaz> soren: uvirtbot ?? why do we start to receive new bugs notification in here ?
<soren> It's bugs that the server team is subscribed to. I thought it'd be a nice way to get notified about new bugs.
<morick> so you never went bowling with goebbels either?
<soren> mathiaz: You don't like it?
<morick> so you never went bowling with goebbels either?
<mathiaz> soren: hmm.. Wouldn't that start to clutter the channel ?
<mathiaz> soren: ubotu was removed from #ubuntu-bugs for that specific reason
<mathiaz> soren: we can discuss that in the meeting later today
<melter> i started the install over, and now it works ok
<uvirtbot> New bug: #224428 in munin (main) "munin-node not restarted after plugin installation" [Undecided,Confirmed] https://launchpad.net/bugs/224428
<ubottu> Launchpad bug 224428 in munin "munin-node not restarted after plugin installation" [Undecided,Confirmed]
<faulkes-> mathiaz: won't be at the meeting today
<nxvl> did someone know's who is in charge of shop.canonical.com?
<soren> mathiaz: Do we get that many bugs, you think?
<soren> The fact that ubottu repeats them all is a bit much, though.
<mathiaz> soren: well - I'm not sure we gain so much by announcing bugs here.
<mathiaz> soren: I tend to be against clutterring the channel with useless information
<mathiaz> soren: I already receive bug notification by email
<mathiaz> soren: I get them in one place, and that's enough
<mathiaz> soren: I'm not sure what is the advantage of being notified in real time about new bugs
<soren> I find it rather handy, actually.
<nealmcb> mathiaz: it makes it easier for folks to discuss it - no one needs to manually paste them
<nealmcb> but one copy is enough....
<mathiaz> nealmcb: oh - I don't say that ubottu should not be here
<mathiaz> nealmcb: I question the need to announce *new* bugs
<soren> I just like to get notified about new bugs. I need to really work up an attitude to look through my bug mail, but I'd still like to know about *new* bugs quickly.
<soren> It's only server bugs, after all. It's not like ubuntu-bugs that announces a new bug each minute.
<nealmcb> mathiaz: and I think that having the bot help to start conversations about new bugs is handy
<mathiaz> nealmcb: hmmm - good point
<zul> I find it handy as well to be honest as well
<mathiaz> I guess it's a matter of persnal taste and how one gets organized
<mathiaz> we should give it a try
<Ludwik> Hi, I just reported two new bugs connected to NIS/NFS and Ubuntu 8.04 on Launchpad, but I'm new to the Launchpad thing so I would appreciate if someone would take a look at them, for example I'm not sure what do they affect. If somebody know some workarounds for my problems that of course would also be very appreciated ;)
<Ludwik> The first one - https://bugs.launchpad.net/ubuntu/+source/ubuntu-meta/+bug/224820
<ubottu> Launchpad bug 224820 in ubuntu-meta "Gnome Appearance Properties doesn't work when /home folder mounted using NFS; affects the log out dialog" [Undecided,New]
<Ludwik> The second one - https://bugs.launchpad.net/ubuntu/+source/nis/+bug/224828
<ubottu> Launchpad bug 224828 in nis "NIS demon fails during startup if the roaming mode is turned off" [Undecided,New]
<ogra> wow, NIS ?
 * ogra wouldnt have thought there are still people using it 
<ogra> Ludwik, the first one is rather a bug for the desktop team
<zul> ogra: we still used it at my old workplace for some cadence stuff
<Ludwik> We use NIS/NFS for quite a long time. What are a goot alternatives?
<ogra> Ludwik, i fixed the ubuntu-meta assignment to properly point to gnome-control-center
<ogra> so the right people get notified
<Ludwik> ogra - thank you :)
<Ludwik> Ogra - so what do people use now insted of NIS?
<ogra> usually LDAP
<zul> ldap
<nelydajo> Hi All. Does any one know of a tool to manage (add/edit/delete/import) many users in a school lab environment? GUI tool would be preferable.
<Ludwik> nelydajo: I use NFS/NIS for this task, but they've just told me I should use LDAP instead
<Ludwik> (those technologies let you synchronize accounts from a central server)
<ogra> Ludwik, we didnt tell you you *should* use it :)
<ogra> i was just surprised to see someone still using NIS :)
<ogra> i personally would rather set up a central machine and have ssh warpped rsync scripts syncing up the passwd/groups/shadow files than using an ldap server ;)
<ogra> (at least up to a certain amount of users)
<carignou> Hello
<mathiaz> ogra: numbers of machines would be the limiting factor rather than users IMO
<nelydajo> My understanding is that ldap is a central 'database' of user details. What front-end would you used to edit these details? How do these get translated into actual accounts on the user's computer.
<mathiaz> ogra: you'd also have to handle machines that are not available when you update your central database
<carignou> I installed ubuntu server yesterday and i have a weird internet problem : I can ping www.google.com but i can't wget www.google.com and i can't "sudo apt-get update" but i can wget www.sedoparking.de. Does it inspire you ?
<ogra> mathiaz, well, with > 1000 users a passwd file gaets tricky to handle
<mathiaz> ogra: ldap is more a pull model - rsync scripts is more a push model
<nelydajo> I'm talking about a thin-client environment, so the users are actually only logging onto the central server.
<ogra> mathiaz, i had such a setup when i worked at an ISP for 200 servers with about 600 users
<ogra> the machines all had poll scripts
<ogra> (back in '96 btw :) no ldap at that time )
<Ludwik> ogra - it wouldn't work very well in our envirement, because some of our machines are laptop computers, and I can't count on them being turn on on a given time
<mathiaz> ogra: right - did you have a way to notify machines that they should pull new info ?
<ogra> no we had cron scripts
<mathiaz> Ludwik: in a pull model it wouldn't matter - laptop would just pull info when they're available
<ogra> polling all 5 mins
<ogra> it were all servers not workstations it didnt need to be fast
<mathiaz> ogra: right - so changing a user password or group info would take up to 5 minutes to propagate
<ogra> right
<mathiaz> ogra: correct - depending on which services you're running that can be an option
<ogra> but still you only have to maintain one file and drop the script and keys into new machines
<mathiaz> ogra: some services may require instaneous accurate account information
<ogra> yeah, indeed
<mathiaz> ogra: OTOH the script approach is handy because it makes servers working in standalone mode
<mathiaz> ogra: if the ldap server goes down, you're screwed :/
<ogra> yup, that was the plan
<ogra> xactly
<ogra> the prob we had back then was that shadow wasnt properly overwritable without fiddling
<ogra> that forced is to  a plain passwd file which is rather not optimal
<Ludwik> For example when a student comes to you on a begining of the lesson that she've forgotten her passoword and wants to change it you don't want her to wait not following your instrucion until the passowrds propagate ;)
<ogra> s/is/us/
<mathiaz> Ludwik: right - this is why you need to have pull function also
<ogra> Ludwik, you can adjust the cron scripts
<ogra> to shorter cycles
<mathiaz> Ludwik: a manual pull script
<nealmcb> nelydajo: hmm - doesn't ebox manage things via ldap - it has a (web-based) gui
<ogra> or you can even push
<nealmcb> https://help.ubuntu.com/community/eBox
<nelydajo> nealmcb, Tx - I'll have a look at ebox.
<mathiaz> correct - you need to have an infrastructure to push/pull automatically/manually
<mathiaz> the problem in the push model is how to handle machines that are not available
<Ludwik> So in the push/pull scenerio both server and desktops would have ssh demons installed?
<mathiaz> Ludwik: oh yes -
<nelydajo> I'm trying to help a school teacher who new to linux, and has 35 classes with about 20 students each. Class lists available from admin in spreadsheets.
<mathiaz> Ludwik: implementing a push/pull infrastructure is based around ssh and public keys
<Ludwik> nelydajo - I'm a school teacher and my current NIS/NFS configuration is preaty simple (doesn't have frontend, though). I just followed the instrukction in Ubuntu wiki.
<Ludwik> And than you have one central computer in which you add new accounts
<Ludwik> and the rest of them just use those
<ogra> mathiaz, btw do you get these many ltsp users every day in here ?
<mathiaz> ogra: nope - it's a first - what did you do ?
<ogra> i'm quite surprised, i dont think i ever spent a day in this channel and notice today that its full of thin client users
 * carignou is crying
<nelydajo> Ludwik, could you give me the URL for NIS/NFS wiki?
<Ludwik> nelydajo: https://help.ubuntu.com/community/SettingUpNISHowTo
<_ruben> hmm .. wonder if the open-vm-tools package is still available somehow
<nelydajo> Ludwik, Thanks!
 * mathiaz pictures the crowd of ltsp users following ogra wherever he goes
<nelydajo> Is someone poking fun at ltsp users? :-D
<ogra> lol
<Ludwik> nelydajo: and for the NFS component - https://help.ubuntu.com/community/SettingUpNFSHowTo?
<nelydajo> Ludwik, thanks again.
<ogra> mathiaz, i added -server to my default channels now ... feel free to point ltsp probs in my direction
<mathiaz> ogra: sure :)
<nealmcb> how can I search from the command line by keyword for packages in main, or in the server seed?  (e.g. supported ldap-related packages)
 * nealmcb notes that there are some nice searches at http://packages.ubuntu.com/)
<nealmcb> nelydajo: I haven't used any of these - but also notice  ldap-account-manager
<nealmcb> !info ldap-account-manager
<uvirtbot> nealmcb: Error: I couldn't retrieve that RSS feed.
<ubottu> ldap-account-manager: webfrontend for managing accounts in an LDAP directory. In component universe, is extra. Version 1.3.0-1 (gutsy), package size 1628 kB, installed size 6352 kB
<blue-frog> nealmcb: I would say enable only main in sources.list, update and then apt-cache search should do the trick
<blue-frog> apt-cache search ldap
<nealmcb> blue-frog: interesting.  a bit drastic....
<mathiaz> nealmcb: isn't there an option on apt-cache or rmadison to specify which component to include ?
<blue-frog> ther is a madison option in pat-cache but I do not know what it is for
<Fishscene> Does anyone know where I can find the recommended requirements for Ubuntu Server HH (8.x)?
<Ludwik> IMO aptitude search ~Amain ldap should work...
<nealmcb> mathiaz: I was looking.  I think part of the issue is that apt-cache is agnostic in relation to distros, so it doesn't mention "universe" in the doc, or even "component"
<nealmcb> they seem to creep in in terms of parallel trees of the "section" value
<mathiaz> nealmcb: right - debian has the equivalent of component, they're just called differently
<nealmcb> but apt-cache man page doesn't even mention "section"
<nelydajo> nealmcb, Thanks - ldap-account-manager looks like it may do the job. I will give it a try.
<nealmcb> nelydajo: we'd love to hear your experiences also....
<blue-frog> nealmcb: apparently aptitude search main ldap will only look in main
<nealmcb> blue-frog: interesting....
<blue-frog> no
<blue-frog> does not
<nealmcb> but it has some fancy patterns and parameter searches: http://algebraicthunk.net/~dburrows/projects/aptitude/doc/en/ch02s03s01.html
<nealmcb> blue-frog: well, this is close - aptitude search "! ~suniverse ldap"
<blue-frog> nealmcb: think I have it. let try a loop
<blue-frog> yes working, there you go
<blue-frog> for i in $(apt-cache search ldap); do apt-cache madison $i | grep "/main"; done
<blue-frog> only packages in related to LDAP and in main
<nealmcb> somehow this is not the friendly ubuntu I think we're shooting for, if it is this hard to help people find LTS supported packages....
<nealmcb> I love playing with grep, but don't want to explain that to the non-profit business manager down the street....
<blue-frog> ?
<blue-frog> why would a manager put his hand in a server?
<ivoks> one more hour?
<ivoks> uff... :/
<Sylphid|work> im sure this is the wrong place to ask but im not sure where to look .... is it possible to run an ssh server on windows and export the display to an X server
<blue-frog_> the real question being what do you need to do?
<Sylphid|work> i have an application that my company uses that will not run on linux... even with wine
<Sylphid|work> there are approximatly 5 of us that would prefer running soley linux on our workstations but cant because of this app
<blue-frog_> so access your windows with ts client
<ivoks> remote desktop?
<blue-frog_> oh but this apps is not on a windows server?
<Sylphid|work> that would only allow 1 person to be on at a time though
<blue-frog_> no other apps can replace this apps?
<Sylphid|work> not at this time
<Sylphid|work> its billing software
<blue-frog_> blling as in accounting?
<Sylphid|work> correct
<blue-frog_> or client billing
<Sylphid|work> platypus
<blue-frog_> shoot it
<Sylphid|work> client billing
<blue-frog_> maybe it's time to insvestigate an open source solution
<Sylphid|work> agreed
 * delcoyote hi
<Sylphid|work> we are however that solution is 2 years down the road or more...according to management
<Sylphid|work> so what im hoping to do in the mean time is run an ssh server on a windows box and just have the users start an instance with the display exported to there local box.... if its possible
<mathiaz> Sylphid|work: you'd have to use rdesktop and a terminal server
<blue-frog_> ask management (well be subtle) what is best pay softwares, get no support lose time and money or don't pay softwares (eventually you can pay for it as well) pay for support so that you can focus on your job
<ivoks> too tired... good night
<mathiaz> bye ivoks
<blue-frog_> even with ssh server you will have a problem, if I understand well how would you launch two instances of your software from the same windows
<blue-frog_> as in windows PC
<Sylphid|work> the software seems to handle multiple instances fine
<Sylphid|work> as far as i can tell
<mathiaz> Sylphid|work: may be - but you may need multiple instance of Windows running
<mathiaz> Sylphid|work: IIRC remote user are limited according to which version of Windows you're using
<Sylphid|work> mathiaz, i see what your saying but thats if i use a rdesktop solution
<mathiaz> Sylphid|work: like XP Home can handle 1 remote user, XP Professional up to 3 concurrent remote users (or something like that - I don't know the numbers)
<Sylphid|work> mathiaz, im looking to aviod rdesktop if possible
<mathiaz> Sylphid|work: yes - rdesktop is the only solution AFAICT
<mathiaz> Sylphid|work: windows apps don't understand the X architecture
<mathiaz> Sylphid|work: you cannot run a Windows App on a X server
<Sylphid|work> to bad..... ok thanks for the help mathiaz and blue-frog_
<_ruben> whats wrong with remote desktop?
<Sylphid|work> nothing per say... just was wanting to avoid it if possible
<_ruben> which doesnt make sense .. why avoid smth when there's no apparent reason to do .. especially with seamless remote desktop (exporting single windows, not complete desktop)
<mathiaz> right - rdesktop really works well - even over VPN and internet links
<Malbojia> good afternoon
<mathiaz> soren: I've tried to install fedora9 on my server with kvm - it leads to a DOS error call: http://people.ubuntu.com/~mathiaz/fedora9_install.png
<soren> Yeah, there's a bug about it already. I haven't had a chance to look into it yet.
<melter> has anyone here ever switched from Gentoo to Ubuntu for servers? are there any resources to help make the move easier?
 * owh tests the bot.
<owh> !webmin
<uvirtbot> owh: Error: "webmin" is not a valid command.
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system. See !ebox instead.
<owh> !ebox
<soren> ubottu is a different bot.
<uvirtbot> owh: Error: "ebox" is not a valid command.
<ubottu> ebox is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/eBox
<ubottu> soren: Error: "is" is not a valid command.
<soren> Having two bots here is disturbing, though.
 * soren would like to find a reasonable compromise
<RoAkSoAx> should change the special character that they responde to
<RoAkSoAx> one should be like @ something and the other ! or something like that
<soren> I'm already doing that :)
<owh> melter: The only document I came across was this: https://help.ubuntu.com/community/FromGentooToKubuntu, it talks about moving to Kubuntu, not to ubuntu-server, but it might get you started.
<owh> melter: And of course GIYF.
<soren> bug 1
<melter> owh, i've been googleing, and i see lots of blogs about switching, but nothing that even comes close to being technical
<soren> uvirtbot: config plugins.Bugtracker.bugSnarfer True
<uvirtbot> soren: The operation succeeded.
<soren> bug 1
<melter> just garbage like, "i just switched, and i've never been happier"
<owh> melter: Well, the link I gave you provides some "flyover" level information, but what specific issues did you have?
<soren> bug 1
<uvirtbot> Launchpad bug 1 in ubuntu "Microsoft has a majority market share" [Critical,Confirmed] https://launchpad.net/bugs/1
<soren> There we go.
<owh> !ebox
<ubottu> ebox is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/eBox
<owh> Yay!
<soren> Yeah, that's what I was trying to say. uvirtbot will do the bug stuff, and I'll leave the factoid stuff to ubottu.
<owh> soren: So, do we have a specific role-set for the twins?
<soren> owh: uvirtbot: bug announcement and the bug lookup thing. ubottu: everything else ubotu used to do.
<owh> All good. Should we document that somewhere?
<melter> owh, i'm looking for the ubuntu version of this page: http://www.gentoo.org/doc/en/list.xml?desc=1
<melter> i want to search at ubuntu's wiki, and not get documents in languages i don't understand
<melter> i have no problem with them existing, i simply want to filter them out
<melter> i want to search, and not find documents for old versions of ubuntu that no longer apply
<melter> when i enter a search term and hit reply, i don't want my search limited to titles, and want to search the text, by default
<melter> *hit return
<owh> melter: Well, help.ubuntu.com is the document server, broken down into versions of distributions. There are several search tools, one made by kirkland recently: http://people.ubuntu.com/~kirkland/search.html
<melter> when i go to the "8.04" tab, i want the 8.04 version of the document i'm currently looking at, and not something completely different
 * owh is checking to see if melter is reporting a bug with the documentation server.
<owh> Hmm, that does seem to be a usability issue of some sort.
<melter> i hate to complain, i know everyone does the best they can
<melter> but i've been struggling all day just to get ubuntu server to set my hostname correctly, and i'm losing my mind
<owh> melter: You raised an interesting point. I'm just glad that the ubuntu-server guide is up: https://help.ubuntu.com/ubuntu/serverguide/C/index.html
<melter> why does ubuntu have so many different hosts and pages?
<Centaur5> Could anybody recommend the best brand for well supported hardware SATA raid controllers?
<owh> melter: Because it's been organically grown.
<melter> so help.ubuntu is completely different then wiki.ubuntu?
<owh> melter: Yup
<hads> Hi all. I'm looking at getting a new colo box with Hardy on it as a xen dom0 running Hardy domU instances. Anyone have any thoughts about the support of Xen in Hardy and in the future?
<owh> melter: The search link I gave you searches all that.
<melter> that is completely unexpected
<melter> go to wiki.ubuntu.com, enter "dhcp" in the search box, hit return, and you'll understand my frustration
<owh> melter: To blow your mind, those are both different from docs.ubuntu, where pre-release stuff lives. There's launchpad.net where bugs live and bazaar.launchpad.net where code lives.
<owh> melter: I see what you mean :)
<melter> where's the search box at the top of help.ubuntu.com?
<owh> melter: For your purposes the server guide should get you started: Ubuntu Server Guide <https://help.ubuntu.com/ubuntu/serverguide/C/index.html>
<melter> why does that page show "5.10" and "6.06 LTS"?
<uvirtbot> New bug: #224945 in apache2 (main) "memory leaks in apache2 when running mod_ssl" [High,New] https://launchpad.net/bugs/224945
<owh> melter: Which page?
<melter> the one you just linked
<owh> melter: Ah, that looks like a bug.
<owh> melter: The new server docs are still drying, they went up only recently.
<melter> and why, when i click the "5.10" tab, don't i get a 5.10 version of the same document? and why does it then add a new "6.10" tab?
<owh> sommer: Who do we poke about the server guide? At the moment melter points out that the tabs are showing 5.10 and 6.06?
<nealmcb> so soren, tell us the story of the bots.  pretty please?
<ajmitch> owh: bug against ubuntu-website, perhaps
<soren> Seveas got mad and left.
<sommer> owh: hrm, from which site?
<melter> and clicking the 6.10 tab adds new tabs for 7.04 and 7.10
<soren> nealmcb: It's about as simple as that.
<owh> sommer: Ubuntu Server Guide <https://help.ubuntu.com/ubuntu/serverguide/C/index.html>
<owh> ajmitch: I just wondered prior to doing that if sommer was already across it.
<nealmcb> so which bot does what?  you run uvirtbot?
 * hads waves to ajmitch 
<sommer> owh: that's definitely the wrong link, try: https://help.ubuntu.com/8.04/serverguide/C/index.html
<nealmcb> and jussi01 does ubottu?
<ajmitch> hello hads :)
<sommer> owh: I think that's left over from dapper
<owh> sommer: It's what documentation search threw up in the air.
<owh> Hmm
<owh> I'll log a bug.
<sommer> owh: ya, there's been a bug about that for quite a while, and I think there's blueprints about the wiki.u.c and help.u.c naming confusion
<owh> sommer: Ah, so no need then?
<mathiaz> wiki.u.c is the developer wiki
<mathiaz> help.ubuntu.com/community/ is the user/documentation wiki
<nealmcb> soren: and do we have the same code base and/or configuration/factoid base in one of the other of those bots?  If I want what ubotu did for #ubuntu-us-co who do I talk to or what help is needed?
 * owh heads off to breakfast.
<soren> nealmcb: Ask in #ubuntu-bots
<hads> The topic could be updated with the 8.04 serverguide link.
<sommer> mathiaz: yep yep, but seems new comers get confused
<melter> help.ubuntu.com really needs a search engine
<Nafallo> it has two?
<hads> Is KVM the recommended virtualisation software on a Hardy server over Xen these days?
<mathiaz> melter: use google
<hads> I know it's great for the desktop, haven't run it in a server environment though.
<mathiaz> hads: yes
<mathiaz> hads: kvm is in main, xen in universe
<mathiaz> hads: you need to have the proper hardware though
<hads> Yeah
<hads> I just thought KVM/Qemu was more for things with a graphical environment. I guess I need to do some more looking into it.
<melter> mathiaz, that's what i've been doing, but it's a pain to have to switch back and forth
<owh> soren: Can you update the /topic to fix the server guide link?
<owh> soren: To save you searching: https://help.ubuntu.com/8.04/serverguide/C/index.html
<soren> owh: Sure.
<owh> soren: Tah
* soren changed the topic of #ubuntu-server to: Ubuntu Server discussion and support || For general (not server specific) support visit #ubuntu || Get involved: https://wiki.ubuntu.com/ServerTeam/GettingInvolved || Guide to asking questions on IRC: http://www.sabi.co.uk/Notes/linuxHelpAsk.html || http://www.catb.org/~esr/faqs/smart-questions.html ||  Be patient.  Don't ask to ask, just ask.  || server guide: https://help.ubuntu.com/8.04/serverguide/C/index.html || https://wiki.ubuntu.com/Serve
<owh> soren: Now if you can drag a ubuntu-server vps out from somewhere I can stop working for the day :)
<soren> I'm afraid my magic hat is empty right now
<owh> Ah well, I'd better go and find a rabbit then.
 * ajmitch thinks the topic looks a little truncated now
<owh> It is, well spotted.
<owh> soren: We've been here before :)
<owh> ajmitch: That's interesting in itself. Last time it happend, it was at the same place IIRC.
<soren> owh: Not all that interesting. There's just limited space available, and we're cutting it close.
<owh> soren: I wondered if that was it. Isn't the wiki link for developers anyway?
<soren> Well... Mostly, I guess. So?
<owh> Well, I'm thinking they'd already know the link, where visitors here, the ones that would care about the topic, would not need it readily.
* soren changed the topic of #ubuntu-server to: Ubuntu Server discussion and support || For general (not server specific) support visit #ubuntu || Get involved: https://wiki.ubuntu.com/ServerTeam/GettingInvolved || Guide to asking questions on IRC: http://www.sabi.co.uk/Notes/linuxHelpAsk.html || http://www.catb.org/~esr/faqs/smart-questions.html ||  Be patient.  Don't ask to ask, just ask.  || server guide: http://tinyurl.com/65jzxw || https://wiki.ubuntu.com/ServerTeam
<owh> Perhaps I should finish that thought, soren, what I mean is that perhaps it's appropriate to delete the last link, rather than provide a tiny URL to official documentation.
<ajmitch> so is there anything to do for intrepid, or are you aiming for hardy bugfixes for a week or two?
<soren> ajmitch: I'll be working on hardy bugfixes for a bit. Intrepid's not even properly open anyway.
<ajmitch> I know, I haven't even upgraded yet :)
<owh> Do we have an ETA on vmware-server for Hardy?
<soren> ajmitch: To intrepid? Sheesh, man! Get with the programme! :)
<ajmitch> you're right, at the moment I'm not even using ubuntu
<soren> Oh, dear.
 * owh is reluctant to confess that the keyboard here is being processed by Gutsy :)
<ajmitch> but sid isn't all that bad...
<owh> ajmitch: ROTFL
 * ajmitch looks at the bug list & spots bug 12296
<uvirtbot> Launchpad bug 12296 in php5 "PHP5 or PHP4 for apache2-mpm-worker" [Wishlist,Confirmed] https://launchpad.net/bugs/12296
<ajmitch> ugly php non-threadsafe libs
<soren> fastcgi ftw
<ajmitch> if only I could just remove php from the servers here
<owh> ajmitch: But what is the alternative?
<ajmitch> rewriting our main application in python or some other sane solution :)
<ajmitch> more than just a weekend's work
<owh> ajmitch: No kidding.
<owh> ajmitch: I've written software in over 20 languages - I lost count at some point - and for some reason PHP just "fits", mind you I'm spending more and more time with bash - Python never came above the radar. Any comments as to why you suggest this?
<ajmitch> it has a number of inconsistencies & issues, and I'm also a big fan of more dynamic languages like python, which can be more flexible
<ajmitch> especially when you've got an old codebase that's designed around working with php4 and its 'less than adequate' OO model
<owh> ajmitch: You don't need to convince me that PHP has - let's put it kindly, "quirks", but why Python?
<ajmitch> because it has a lot of the features in the language that I like to use, is well-documented, clean to both read & write, and there's a lot of supporting code for it out there
<owh> ajmitch: This indicates to me that there is another player around: http://www.google.com/trends?q=php%2Cpython
<ajmitch> oh quite likely, but google trends is only 1 view of how things are :)
<owh> ajmitch: Of course :) ROTLF
<owh> s/LF/FL/
<ajmitch> it helps that there is good support for python in ubuntu, and use of it is encouraged :)
<owh> ajmitch: I had noticed that.
<owh> ajmitch: Another factor that had me looking around was that the meraki devices were running python.
<ajmitch> you won't find many of the ubuntu team saying good things about PHP
 * ajmitch watches soren wince
<Deeps> what's wrong with php?
<owh> ajmitch: No, I understand completely, I'm not even disagreeing with you. It's no longer evolving in a - "system administrator" - way, that is, there seems to me to be a grab for features, rather than maintainability. Mind you, the major issue with PHP is the end-users, the "script authors" who write abominations.
<Deeps> it's well documented, clean to both read and write, and there's a tonne of supporting code for it out there
<owh> Deeps: ROTFL
<ajmitch> owh: part of the problem there is that the language has made it so easy for them to do so, and the php runtime itself hasn't been particularly stellar with security
#ubuntu-server 2008-05-01
<Deeps> owh: which bit are you disagreeing with?
<owh> ajmitch: Yes, the threshold to entry is low, which is both good and bad. I suspect it just means more work for me in the long-run. I've seen "secure" code that made me blanch - Credit Card details stored in clear text in a database table, no user password, really scary stuff.
<owh> Deeps: No, I was laughing because ajmitch used the same phrase for Python.
<Deeps> owh: hehe, yeah, it was intentional ;)
<owh> Deeps: I knew that, and it drew a laugh :)
<Deeps> :)
<infinity> ajmitch: I beg to differ on one point.
<ajmitch> why certainly
<infinity> ajmitch: PHP's security record is much better than the world believes, in that 99% of PHP CVEs are based on the assumption that PHP should hold a user's hand WRT input validation, etc.
<infinity> ajmitch: So, while it's true that these are bugs in PHP (because it attempts to do the hand-holding, and occasionally messes up), no other language I know of does the hand-holding in the first place.
<infinity> ajmitch: Of course, if we had it my way, all web apps would be CGIs written in C, and all programmers would be literate, and capable of tying their own shoes...
<ajmitch> sadly sometimes trying to do a task & failing can be worse than not trying at all
<infinity> ajmitch: And PHP upstream is realising that as well, which is why they've dumped things like register_globals on the floor and such in recent releases.
<ajmitch> I'm glad of that
<infinity> "We can't validate this correctly, no matter how hard we try, so don't use it at all, and validate your own damned input."
<infinity> In the end, my biggest complaints about PHP are twofold.
<owh> infinity: Yes, I agree, most of the issues I come across are script based.
<infinity> 1) I've had numerous arguments with upstream over the course of the last 6 years or so about thread-safety, and even when I provide patch after patch, they still refuse to "officially" support their TSRM backend.
<infinity> 2) The barrier for entry for script writing is so low that people seem to literally stumble over it, and these are often not the people you want writing your software.
 * ajmitch would never say that the barriers of entry are low for something like Zope
<infinity> No, I wouldn't either.
<owh> infinity: Think of 2) as an employment incentive for you :)
<infinity> But I'm not positive that makes it "better", it just makes it more likely that the people using it successfully are, on average, a bit brighter.
<ajmitch> sorry, some of my bitterness of struggles with plone in recent days are leaking through
<infinity> PHP is a double-edged sword.  I love how easy it is to get into, I love how quickly one can bang out a surprisingly complex web app, I hate that most of the people doing so are doing so because it's the only language they're capable of learning, rather than doing so because they COULD use something harder, and decided not to.
<owh> infinity: Not always. Because of integrated IDE's, it's just getting easier everywhere. Most of the "programmers" I come across have never heard of XOR and don't understand what a stack is, pretty basic concepts that they've never mastered. These are the people who write our current crop of end-user visible software.
<infinity> The job I held before Canonical was writing PHP extensions in C for a company that wrote complex in-house PHP applications.
<ajmitch> not requiring having long-running processes has been quite a bonus for PHP deployment
<infinity> I was asked repeatedly by coworkers why I worked on anything PHP-related if I was obviously capable of working with lower-level languages, something they seemed rather jealous of.
<owh> infinity: Heh
<infinity> It just seemed odd to me, I guess.
<infinity> I'd been doing "prototype in a RAD language, then reduce to C for speed" in Perl for ages, and no one asked that question there.
<infinity> They'd never say "dude, why write perl modules when you clearly know C?!", it just made sense to prototype in perl, then drop down to C.
<owh> I think we're actually seeing a dumbing down of our industry. I have spent the last week working with an embedded satellite tracker. The manufacturer refused to provide the message DTD without a 5-year NDA, and told me it was encoded. I spent 2 days decoding it. Just bits and bytes, simple.
<infinity> But for PHP, the very idea of doing anything in C seems to scare people.
<owh> And this wasn't the sales department either, this was their seniour software guy.
<owh> infinity: But it's not limited to software development, it's right here, in server administration too.
<infinity> I see the same pushback from the Python community, though for different reasons, I think.  I'm pretty sure Python programmers just think that Python is so whizz-bang and can do no wrong, that when you suggest rewriting a complex Python library as a C module, they can't fathom why you'd want to make their code "ugly" in such a vicious way.
<ajmitch> owh: now you'll probably end up with legal action due to circumventing access restrictions or similar :)
<owh> ajmitch: Well, we purchased the tracker, it sends messages to us which we need to use and we couldn't run Windows to do it. They can come and get me. I'm not in their country. I resisted temptation to email their DTD back to them :-)
<ajmitch> I think it's partly due to a language becoming more popular, and less experienced programmers get involved
<jiqiren> hardware is cheaper then people, why pay for expensive people when you can just buy 4 or 10X the hardware?
<infinity> jiqiren: And, yes, that's generally the crux of the issue, at the business level, you're right.  Very little code these days should be profiled, because profiling costs more than hardware.
<owh> jiqiren: Because that is rubbish. The cost is not in writing the code, the cost is in maintaining it.
<jiqiren> owh: so can you maintain C or Python easier?
<infinity> But this also means that the number of programmers CAPABLE of profiling code is slowly diminishing to the tiny subset of "crazy kernel and toolchain hackers" and such.
<owh> jiqiren: I'm not saying that management agrees with my assessment, but that's the reality of it - mostly in "hidden costs".
<owh> jiqiren: Well in the case of C, yes. It's much more structured and required to be so. That means that simple script authors cannot get started without training, something which PHP lacks.
<owh> jiqiren: I cannot yet speak for Python.
<infinity> owh: From a business POV, "maintenance" is largely a question of "how many people can I hire to replace you?"... It's way easier to find a PHP hack to look at your code when you quit than a C hacker to maintain your tree.
<owh> infinity: Yes, but the hack will cost more money in the long run. Most issues are generated as a result of "results now" business model.
<owh> infinity: I see less and less businesses wanting to be here 10 years from today.
<infinity> owh: While possibly true, this line of reasoning will lead to all software being written in LISP. :)
<jiqiren> owh: so I can hire a whole team of php kids - who bang away and get it going - or pay "too much" to get 1 good coder... If I pay for 1 good coder he should be figuring out new qiz-bang aps... not wasting his time tweaking a loop
<owh> jiqiren: No, a heard of monkeys will never write Shakespeare.
<owh> infinity: Well, that or COBOL :)
<jiqiren> Well I don't hire a heard of monkeys, I hire a heard of college dropouts or fresh-out-of-college kids
<owh> jiqiren: And in what way are they better than monkeys?
<jiqiren> and I don't need Shakespeare, I need American Idol
<owh> jiqiren: No, you just think you do.
<owh> jiqiren: You illustrate my point exactly.
<owh> jiqiren: The world does not progress with American Idol, but it does with Shakespeare.
<jiqiren> with your narrow definition of progress
<owh> jiqiren: Yesterday I was having a discussion about why Science Fiction is different from all other genres. Ideas are what matter.
<owh> jiqiren: No, I mean where the world gains skills and insights into itself.
<infinity> In the end, your business decisions will be dictated by what you need to get done, how quickly, and who you can hire to do it.
<jiqiren> owh: you're talking academics. the business world has a bottom line
<owh> I was just saying that the way it looks to me at the moment is that the world is becoming dumber.
<infinity> At Canonical, we write a LOT of software in Python.  Some of that may have to do with a seemingly company-wide love affair with the language, but the other equally valid reality is that we can't hire 100 Colin Waton clones to do it all in C.
<owh> jiqiren: But the academic view and the business view are not separate, they're a different side of the same coin.
<jiqiren> I (and others) can argue it is becoming more efficient
<infinity> Good programmers are hard to find, and even harder to hire.  Mediocre ones are reasonably plentiful.  Bad ones are a dime a dozen.
<owh> infinity: And PHP attracts the latter :)
<infinity> If I was still involved with PHP upstream, I might pretend to take offense at that. :P
<owh> infinity: To clarify, I wasn't talking about upstream as such, but if the shoe fits :)
<jiqiren> language doesn't directly relate to quality of software or the programmers
<infinity> But, yes, I agree.  Making things simple invites the simple-minded to use it.  Not a fault of the language, so much, but it does make reading resumes and hiring people who aren't complete morons a bit tougher.
<jiqiren> PHP and Python are popular, so there is just a bigger pool to go fishing in
<jiqiren> RoR is next
 * owh has to wave farewell from this stimulating conversation and be off.
<Deeps> PHP is just as easy to pick up by the wrong people as Ubuntu
 * owh resolves to check the irc logs :)
<infinity> I once spent an entire afternoon trying to explain bitmasking to a CompSci grad.  It's a sad world.
<owh> Later all.
<jiqiren> l8r
<Deeps> heh
<Deeps> as a recent compsci grad, i hate to do this but...
<Deeps> infinity: bitmasking?
<jiqiren> lol
 * ScottK really likes being able to go back to code he hasn't touched in two years and understand it and pick up work.  
 * infinity cries.
<ScottK> Another reason to like Python.
<Deeps> infinity: gimme the short version
<infinity> Deeps: PERMS=127; can_login=8; PERMS && can_login = let_him_in.
<Deeps> ScottK: i get that with my java and my php
<Deeps> infinity: gotcha
<infinity> Deeps: Boolean logic seems to confuse... Everyone.
<Deeps> ScottK: good coding practices mean you can do that with almost any language (i dont know C(++) so i cant comment)
<infinity> This is a fine example of how people complete miss the point:
<infinity> http://thedailywtf.com/Articles/Boolean-Integers.aspx
<Deeps> infinity: I'm less confused than I was before your example
 * Deeps waits the eternity firefox takes to load
<infinity> (Note that those are all strings, there's no binary comparisons there AT ALL)
<zul> I for one would welcome the monkeys
<infinity> Err, integers actually, but then using string comparisons.
<Deeps> lmao
<jiqiren> Deeps: time to run FF3 Beta - much improved!
<Deeps> jiqiren: time to run FF0.7, much quicker!
<jiqiren> boooo, then all my plugins will break
<Deeps> I run enough beta software on my laptop as it is without sticking a beta firefox on there on top (I run XP on my laptop ;)
<Deeps> Ahh, booo me with my XP bashing, XP's actually pretty good, as far as an OS can be
 * Deeps lulz
<Deeps> 00:40:07 < twigathy_> http://www.uploadthis.co.uk/uploads/Twigathy/VirusesOnLinux.png <-- wine has got so good I have a fucking windows virus on my ubuntu machine
<infinity> I think the limit of XP's usefulness to me can be summed up by its title in my GRUB menu.lst: "World of Warcraft OS 5.1, Service Pack 2"
<Deeps> You're a wowfag? :/
<infinity> Everyone has to have a vice.
<Cahan> mine is excessive cruelty
<Deeps> Cocain's less adictive
<Deeps> and less of a vice
<Deeps> srsly. I doped for 6 months and quit on the spot when I wanted to
<Deeps> WoW, i played 1 week, and took me a month to quit :/
<infinity> WoW's moderately cheaper, though.
<Deeps> and drastically less fun!
<jiqiren> Deeps: so you don't use like .... half+ of googles products? they are all in beta still! :)
<Cahan> that's lack of willpower tbh, I've just right up quit WoW for months at a time before getting badgered to heal for some raid or another
<Deeps> jiqiren: none of them run on my machine ;)
<jiqiren> touchÃ©
<Deeps> I've never looked back on wow, smoking or cigarettes, so I'm pleased enough with myself. I'm still hooked on crisps though (they were my cig substitute)
<infinity> My wife plays, so it's a cheap way to spend "family time" together when bored.
<Deeps> haha, nice
<Deeps> I had a friend who communicated mostly with his wife over IRC
<Deeps> She was deaf mind, so it made sense...
<kneeki> Is there a way to get a GUI on ubuntu-server? The command line is frightening!
<Cahan> the command line is warm and comforting
<soren> Boo!
<soren> :)
<ScottK> kneeki: Look into ebox is you must.
<ScottK> is/if
<Cahan> but if you insist, "sudo apt-get install ubuntu-desktop"
<ScottK> Cahan: In the long run command line will lead you to better understanding of your system.
<ScottK> Yes, that too, but then you have to be physically at the server.
<kneeki> ebox huh?
<Cahan> Cahan, I know, but he asked for a GUI, no need to be elitist and refuse to help just because you prefer the CLI
<Cahan> ScottK*
<Nafallo> !ebox | kneeki
<ubottu> kneeki: ebox is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/eBox
<kneeki> awesome!
<ScottK> I didn't.  I suggested ebox.
<kneeki> thanks :)
<kneeki> downloading now :)
<Cahan> is there any reason to upgrade? are there bug fixes that you can only get by dist-upgrading? performance improvements?
<mhm_jr> Cahan: I seem to have more free RAM since the upgrade
<mhm_jr> I had to stress test my server just to make sure it used swap too. lol prior to my upgrade I usually had a little swap after log rotation and such...not since
<Cahan> I'm actually still on Feisty >.>
<kneeki> ï»¿mhm_jr, what does your server do? Home server, or Work?
<mhm_jr> home server, but semi-well used for a home server
<kneeki> Ah, mine is a home server as well :)
<mhm_jr> I use it from work too to troubleshoot our servers from off the network
<kneeki> I'm pretty excited to microwave my windows disks. -_-
<kneeki> mhm_jr: lol! I do the same thing. :)
 * mhm_jr hasn't used windows since 98...and thats 1998 not windows 98
<mhm_jr> :D
<kneeki> haha!
<mhm_jr> except the few times I'm forced to look at a windows server at work
<kneeki> I decided to make the full switch yesterday.
<kneeki> I was in such nerd rage, I even wrote a post on my Blog about it
<kneeki> lol
<mhm_jr> how long have you used it in general?
<kneeki> Windows? Probably for the last uhm.... 16 years? Since Win '95
<mhm_jr> no, linux
<kneeki> Oh, off and on for the last 10 years. I'd install it, get confused, remove it, and I've been testing every version of Ubuntu since Edgy to see how easy it's become
<kneeki> Now that I can play games (I'm a gamer) on 'nix w/o too much difficulty, I decided to make the full time switch
<mhm_jr> ubuntu is certainly more friendly than most as a desktop...and it doesn't cripple the cli at all
<kneeki> yeah :)
<kneeki> I like the cli, but I'm still very new to it, so it is painful
<mhm_jr> its the first distro I have more than a year straight without switching to something else just to see what it was like lol
<kneeki> lol
<kneeki> Good to hear :)
<mhm_jr> been running it almost 2 years now :)
<kneeki> ebox = 73% :(
<pschulz01> G'day.. anyone here using openldap(slapd)?
<dthacker> hi:  I've sethi: Iv'e set up an open vpn tunnel between my home and office.  I can successfully ping and login to the office over the tunnel.  I can't seem to hit the apache server running at the office using http://10.8.0.1.  Apache is up, and the default ubuntu config doesn't look like it's listening on an ip address.  Ideas to troubleshoot?
<uvirtbot> New bug: #225061 in munin (main) "munin should depend on (or at least recommend) "cron"" [Undecided,New] https://launchpad.net/bugs/225061
<omnz0r> will a dos attack cause a firewall to shutdown/reboot?
<_ruben> is possible, but doesnt have to happen .. (d)dos is rather wide subject
<jiqiren> any xen users for the 8.04 release around?
<jiqiren> I got xen "working" except for networking - is quite annoying
<fromport> jiqiren: take a look at this bug report/thread which includes a workable solution: https://bugs.launchpad.net/bugs/204010
<uvirtbot> Launchpad bug 204010 in xen-3.2 "networking not working (dup-of: 218126)" [Undecided,Confirmed]
<uvirtbot> Launchpad bug 218126 in linux "xen guest  kernel bug:  'kernel BUG at /build/buildd/linux-2.6.24/debian/build/custom-source-xen/drivers/xen/netfront/netfront.c:785'" [Medium,In progress]
<jiqiren> fromport: reading now
<fromport> jiqiren: there have been some harsh words regarding this issue, least thing they could have done with the hardy release is mentioning there is a problem and refer to the solution. Missed change from canonical...
<jiqiren> It took me forever to get the loop bs working
<jiqiren> the annoying thing about loop disks is there is a patch in one of the bug reports... but I guess they want to sit on it for.... a long time.
<fromport> is your hardware capable of KVM ? if so: switch. It's worth it.
<jiqiren> nope, old machine
<fromport> pitty ;-) same here only 40% of our machines are VT capable,so rest has to run with xen till it get's replaced
<jiqiren> well I'm stuck with 100% of machines that can't run KVM. :(
<jiqiren> (until I get around to buying new hardware)
<jiqiren> but even when I do get new hardware - I'll likely keep the old around until they die
<fromport> exactly what we do. but i must admit, i'm currently looking at http://www.supermicro.com/products/system/1U/6015/SYS-6015TW-T.cfm
<fromport> with 4 quadcores i could probably replace 50% of our current servers ...
<jiqiren> http://8anet.com/ <- much cheaper and compact
<fromport> and free a lot of rackspace. I'm still figuring out powerconsumption. use iscsi box (trying openfiler at the moment) for storage.
<jiqiren> specifically http://8anet.com/listprod.ihtml?parent=35
<jiqiren> I used a lot of supermicro before, they are also good bang for buck
<jiqiren> I guess I'll just run a kernel from some dude in Japan...
<fromport> thanks for the info, will read the link when i have some spare time ;-)
<fromport> the japanese kernel works, that's the good news ;-)
<jiqiren> still installing, will let you know soon
<fromport> hmm just took a quick peek at the site you mentioned, but those look exactly like the supermicro chassis. are those rebranded/oem sm's ?!
<jiqiren> they sell supermicro
<jiqiren> the chassis I like is the .5U
<jiqiren> you can cram them in back to back
<Deeps> wow, that xen bug's pretty bad
<jiqiren> and they are only ~$400 for chassis/motherboard
<jiqiren> once you put RAM/CPU, you are looking at a pretty badass server that takes up no room - and hecka cheap
<fromport> :-) thanks a lot. and with the current euro <-> $ it's so cheap ... ;-)
<jiqiren> you should also take a look at GlusterFS, screw buying nas/iSCSI
<jiqiren> just cluster/replicate your filesystems into one big pool
<jiqiren> if you lose a server... no problem the file is replicated somewhere else
<fromport> looking at the wiki right now ;-)
<jiqiren> well, the japanese dudes kernel works perfect... woot!
<fromport> thanks a lot for you eye-openers ;-)
<jiqiren> no problemo
<jiqiren> I'm thrilled xen is working now
<fromport> great ! both happy ! ;-)
<owh> I've never worked in a no-swap environment and need to select a VPS capable of running Apache, PHP and either postfix or exim to hand incoming email over to a PHP script. The site is not expected to receive a high server load, but I'm unsure how I would go about selecting memory requirements. Other than TIAS, how do I do this?
<hads> I'm playing around in the same sort of area myself so I don't know or have practical experience but I don't think I'd go for anything under 256MB
<owh> How did you arrive at that figure?
<Deeps> TIAS is probably the best approach. Set it up, throw 5-10x more load than you expect to recieve (if it's low load, this is still going to not be much), and monitor the memory usage
<Deeps> nobody can tell you how much memory your scripts need
<owh> Having never run out of memory, how can I expect it to react if I do?
<hads> owh: From a completely unscientific approach of running bare metal servers for hte same sort of thing.
<Deeps> try it and see on a machine that has enough memory ;)
<hads> OOM killer :)
<Deeps> btw, why cant you run swap?
<owh> I can do better than that, create a VM locally, but I was trying to avoid that.
<owh> Deeps: The VPS I'm looking at provides OpenVZ without swap and XEN with swap. I'm not informed enough to choose, so I'm looking at worst case scenario.
<Deeps> Unless google has the answer, you'll probably need to do your own testing to determine your personal memory needs
<Deeps> I'd pick the Xen over the OpenVZ
<owh> Deeps: Why?
<Deeps> mainly because you know whatever ram you get is actually permanently allocated to you, whereas with openvz you'll get contended ram
<jiqiren> owh: you'll likely be on an oversold VPS anyway, so just hit the limit - and be sure your VPS provider has an option to "upgrade" your allocation.
<Deeps> with xen, you cant oversell the ram (afaik)
<owh> Deeps: The supplied documentation tells me that I get a guaranteed chunk of RAM, but that there is no swap or burst RAM.
<owh> jiqiren: Fair point.
<Deeps> owh: With OpenVZ, you'll be taking their word for that
<Deeps> and eitherway, you should on both cases be able to create your own swap storage as a file.. less efficient than using a separate partition but it'll still do the job
<owh> Deeps: Will there be a performance penalty for selecting Xen over OpenVZ?
<Deeps> i think xen will give you better performance, google knows more though
<hads> I'd agree in my limited knowledge
<hads> BTW file based swap is apparently as good as partition based these days (on bare metal).
<Deeps> the opinion of the internet at large is almost always better than the opinion in an irc channel
 * owh is a vmware child :)
<Deeps> vmware also lets you oversell ram
<Deeps> and is significantly less efficient as you're virtualising an entire machine
<owh> Deeps: I've never hosted anything on a VPS to date. I use VMware locally to test, that's all.
<Deeps> vmware workstation is pretty good for that, aye
<owh> server, but yes.
<Deeps> linked clones baby and snapshot histories, absolutely vital, heh.
<owh> Deeps: Yes, I do miss that a little :)
<Deeps> it's worth every penny imo
<owh> I purchased v3.x a long time ago. Since then my requirements have changed.
 * owh is doing a TIAS, thanks all for your comments.
<dthacker> hi:  I've sethi: Iv'e set up an open vpn tunnel between my home and office.  I can successfully ping and login to the office over the tunnel.  I can't seem to hit the apache server running at the office using http://10.8.0.1.  Apache is up, and the default ubuntu config doesn't look like it's listening on an ip address.  Ideas to troubleshoot?
<dthacker> I should say that apache looks like it would listen on any ip address.
<dthacker> It just occured to me I need to telnet to port 80 on the target server to see if it's listenin. It is.  Must be an apache config issue.
<zul> morningn
<sommer> hey zul
<ctx144k> hello all
<ctx144k> how to install postgresql 8.2 (server) on "ubuntu 8.04 server" ?
<sommer> ctx144k: sudo apt-get install postgresql-8.2
<ctx144k> ah, yes i already saw, really easy
<Vlet> How does one get a saved iptables ruleset to automatically restore after restart?
<ogra> use ufw
<ogra> (well in hardy that is)
<Vlet> Gonna have to do some reading I guess :)
<ogra> on former systems: sudo sh -c 'iptables-save > /etc/my_iptables.conf
<Vlet> hmm, does ufw support ip masquerading?
<ogra> and add a line to /etc/network/interfaces: up iptables-restore < /etc/my_iptables.conf
<gcleric> Vlet: http://www.faqs.org/docs/iptables/iptables-save.html
<Vlet> super, thanks folks!
<ogra> ufw does masquerading as well afaik
<jdstrand> ufw doesn't inhibit masquerading, as it stores its rules in standard iptables-restore syntax
<ogra> http://doc.ubuntu.com/ubuntu/serverguide/C/firewall.html
<ogra> :)
<jdstrand> ufw's cli doesn't help much though-- however, it has all the infrastructure to deal with anything iptables-restore can do
<jdstrand> see 'man ufw' particularly the NOTES section if using ufw for more than a host-based firewall
<Vlet> information overload :)
<jdstrand> heh
<ogra> Vlet, the doc i pasted has a nice explanation of doing masquerading with ufw (it says still "draft" though)
<jdstrand> ogra: thanks! I forgot about that :)
<stabeno_> I have an apache web server set up with an SSL certificate signed by VeriSign.  When connecting from Firefox with https I get an error: Secure Connection Failed
<stabeno_>       
<stabeno_>       
<stabeno_>       
<stabeno_>       
<stabeno_>       
<stabeno_>         
<stabeno_>         
<stabeno_>           
<stabeno_> An error occurred during a connection to www.curvessmart.com.
<stabeno_> SSL received a record that exceeded the maximum permissible length. (Error code: ssl_error_rx_record_too_long).  The apache error log returns: [client 0.0.0.0] Invalid method in request \x80L\x01\x03\x01.  Any ideas of what is wrong.
<leonel> stabeno_: do you have  ssl enabled on apache ?   what error shows in your log files
<stabeno_> leonel: I do have SSLEngine turned on.  The error in the log file is  The apache error log returns: [client 0.0.0.0] Invalid method in request \x80L\x01\x03\x01.
<melter> is the dhcp client installed by default?
<slangasek> nxvl: so, bug #189616 is still here... what more can we do to try to track this down?
<uvirtbot> Launchpad bug 189616 in dovecot "connection problems under load with hardy dovecot" [Undecided,Incomplete] https://launchpad.net/bugs/189616
<tonyyarusso> melter: yeah, dhcli<tab> should show it
<tonyyarusso> I'm doing an upgrade (command line, with do-release-upgrade) from 7.10 to 8.04, and it's giving a bunch of helpful messages (NIS, MySQL, and PostgreSQL stuff) - will these be written to a file as well?  (I'm writing them on dead trees right now.)
<sommer> tonyyarusso: they should be in /var/log/dist-upgrade/, there's a couple of different log files
<tonyyarusso> sommer: all right, thanks.
<sommer> np
<melter> tonyyarusso, the documentation implies that it needs to be installed by the user
<tonyyarusso> melter: Really?  Lemme try actually looking on a real machine instead of in my head.
<melter> "Ubuntu is shipped with both DHCP server and client. The server is dhcpd (dynamic host configuration protocol daemon). The client provided with Ubuntu is dhclient and should be installed on all computers required to be automatically configured. Both programs are easy to install and configure and will be automatically started at system boot."
<melter> i couldn't remember if i installed it, or if it was installed automatically
<tonyyarusso> melter: /sbin/dhclient3 is there on my server, and wasn't manually installed.
<malcolmpdx> Morning.  I'm about to purchase a Dell SC1430 with a PERC 5/i card, and noticed that there were some forum posts from a year or so ago that indicated problems.  Can anyone tell me if Hardy supports this card?
<uvirtbot> New bug: #225333 in cyrus-sasl2 (main) "Should use /dev/urandom instead of /dev/random" [Undecided,New] https://launchpad.net/bugs/225333
<nealmcb> ho ebox users (sommer?) - https://help.ubuntu.com/community/eBox  says to go to https://yourserver/ebox    but http://ebox-platform.com/usersguide/en/html/ebox-userguide-book.html says the B is capitalized.  My ebox vm is on a machine that is down.  But looks like a typo....
<nxvl> slangasek: i can't reproduce it
<nxvl> slangasek: even is a problem with the configuration or somthing else is wrong
<nealmcb> looks like a problem at http://doc.ubuntu.com/ubuntu/serverguide/C/ebox.html  and https://help.ubuntu.com/8.04/serverguide/C/ebox.html also.  And can we refrain from closing urls with a period, e.g. at the end of a sentence?  Causes copy/paste problems.
<sommer> nealmcb: sure, can you file a bug to remind me :) ?
<nealmcb> sure - I just wanted someone to confirm it before I fix the wiki page
<slangasek> nxvl: well, the configuration in question was provided in the bug report, so hopefully that's what you were using to try to reproduce it?
<slangasek> nxvl: anyway, we seem to have a running theory now that's being pursued with IS
<sommer> anyone have a second to check my blueprint https://blueprints.edge.launchpad.net/ubuntu-doc/+spec/intrepid-server-guide?  just wondering if I need to adjust/add anything :)
<sommer> my first blueprint and all, heh
<dendrobates> sommer: looking...
<sommer> dendrobates: thanks, I modeled it on kirkland's doc-search blueprint
<kirkland> dendrobates: btw...  newz2000 is taking my code from the doc-search and implementing it on search.ubuntu.com
<kirkland> dendrobates: he's going to make it more user-friendly searching
<dendrobates> kirkland: great news.
<kirkland> dendrobates: he and mdke didn't like the code/manpage searching
<kirkland> dendrobates: so, they're going to take what I started, and make a user search
<kirkland> dendrobates: i'm going to pick that up, and make a "developer search" tool, which searches the user stuff, plus some developer resources
<kirkland> dendrobates: such as code, manpages, packages, etc.
<kirkland> dendrobates: in the end, i don't think we need to dedicate a lot of UDS time to this one
<sommer> kirkland: that sounds cool
<kirkland> dendrobates: as newz2000 is not attending UDS, and he's running with it
<kirkland> dendrobates: i'll pick up the developer search in my spare time
<kirkland> dendrobates: i do still think we should have one on manpages
<kirkland> dendrobates: or just elmo/cjwatson/myself can discuss it over a beer?
<kirkland> sommer: yeah, i think it will be good
<dendrobates> kirkland: there are many websites with searchable manpages, do you think that it adds that much?
<dendrobates> sommer: looks good
<kirkland> dendrobates: um, point me to one that has Ubuntu's manpages....
<kirkland> dendrobates: there's manpages.debian.net
<sommer> dendrobates: cool, thanks for taking a look
<kirkland> dendrobates: and a couple of RH/SUSE ones
<kirkland> dendrobates: but neither I nor cjwatson (man upstream maintainer) know of one for Ubuntu's packages
<kirkland> dendrobates: I do think it adds an important dimension to the sum total of our documentation
<kirkland> dendrobates: especially on the server
<kirkland> dendrobates: if you need to look something up, but you don't have the docs installed
<kirkland> dendrobates: docs take up a lot of room ;-)
<lamalex> Is there a way to install the LAMP meta-package after an install has completed?
<Deeps> lamalex: tasksel -h
<kirkland> jdstrand: hey, you around?
<jdstrand> yep
<jdstrand> kirkland: what's up?
<kirkland> jdstrand: hey, per our conversation last week, i'm creating a meta package to install (kvm, virt-manager, libvirt-bin)
<jdstrand> cool
<kirkland> jdstrand: 1) was thinking of calling it ubuntu-vm-server
<kirkland> jdstrand: 2) anything else necessary I should throw in there?
<kirkland> jdstrand: thoughts?
 * kirkland notes soren is out today
 * kirkland also notes that jdstrand kicks butt as soren's backup :-)
<jdstrand> kirkland: my first thought is that the meta package is really for desktop users, so the -server part in the name seems odd to me
<jdstrand> heh, thanks-- I try :)
<kirkland> jdstrand: okay
<kirkland> jdstrand: i was thinking "server" because it's serving vm's
<kirkland> jdstrand: ie, you can install virt-manager, and not serve the vm's
<jdstrand> kirkland: just my opinion, but I think the name should more discoverable
<kirkland> jdstrand: okay
<jdstrand> kirkland: oh sure, but the point is so that some can do it *all*, not just server
<jdstrand> s/some/someone/
 * jdstrand thinks
<kirkland> jdstrand: i'd like to meta-package together everything you'd need to host virtual machines
<kirkland> jdstrand: manage them effectively
<kirkland> jdstrand: use them efficiently (kvm)
<jdstrand> kirkland: this is for universe?
<kirkland> jdstrand: well, i was thinking main
<kirkland> jdstrand: which is why qemu is not in there
<kirkland> jdstrand: but universe does expand our possibilities (qemu, xen)
<jdstrand> kirkland: then there isn't as much you can put in there, of course :)
<jdstrand> xen is main isn't it?
<kirkland> jdstrand: well, (kvm, libvirt-bin, virt-manager) are all main
<kirkland> jdstrand: oh, is it?
<zul> jdstrand: no just libxen for virt-manager
<jdstrand> zul: ah, so that is why the source is in main
<jdstrand> gotcha
<kirkland> jdstrand: linux-image-xen is universe
<jdstrand> kirkland: virt-viewer is a really nice vnc client that would be cool to have, but it is universe
<kirkland> jdstrand: hmm, right
<zul> kirkland: always has always will be.
<jdstrand> kirkland: not strictly needed if using virt-manager, mind
<jdstrand> kirkland: oh, and of course, ubuntu-vm-builder
<kirkland> jdstrand: yeah
<jdstrand> but again, universe
<jdstrand> that one is handy
<kirkland> jdstrand: i modeled the name on ubuntu-vm-builder
<jdstrand> :)
<kirkland> jdstrand: ubuntu-vm-host ?
<kirkland> jdstrand: and ubuntu-vm-host-extras (being it's universe cousin with more fun stuff like ubuntu-vm-builder) ?
<jdstrand> kirkland: maybe it's cause I mentioned it the other day, but I like ubuntu-virt
<jdstrand> kirkland: oh I like the -extras idea
<kirkland> jdstrand: ubuntu-virt and ubuntu-virt-extras ?
<jdstrand> kirkland: I do like that, but I'm not sure I'm impartial
<kirkland> jdstrand: hmm, i think the host bit is important, though, perhaps...  this is really meant to be the machine that hosts vm's
<jdstrand> I might just be in a rut :)
<kirkland> jdstrand: is ubuntu-virt-host too wordy?
<jdstrand> kirkland: well, it will serve vms, it'll run vms, it'll create vms-- so a more general name might be good
<kirkland> jdstrand: my concern is that ubuntu-virt to me implies just kvm
<kirkland> jdstrand: as you said, serve/run/create
<jdstrand> hmm, not to me *shrug*
<jdstrand> kirkland: let's get others to weigh in
<kirkland> jdstrand: should we move this to #ubuntu-virt ?
<jdstrand> kirkland: I really like the -extras idea though
<kirkland> jdstrand: i was thinking this was a server item
<kirkland> jdstrand: thanks!  i think it'll work nicely
<jdstrand> kirkland: hold on
<kirkland> jdstrand: ?
<jdstrand> kirkland: I think you may want to Depends on python-virtinst. While virt-manager will pull that in, in case virt-manager is removed, python-virtinst is very handy
<kirkland> jdstrand: good advice
<kirkland> jdstrand: i'm also hoping that we can do some debconfery that will setup group membership appropriately to.  perhaps pose a question, "which of these users do you want to add to kvm?  to libvirtd?"  explaining what each will do
<kirkland> i understand soren's concern about doing that with the other packages
<kirkland> but if this meta package is intended to ease install pain, i think this would be a good place to put it
<kirkland> ie, not in the atomic packages
<kirkland> but in this meta package
<jjesse> wow atomic package that sounds dangerous
<jdstrand> kirkland: I think that sounds reasonable.  I have seen at least one package that did something similar. you may want more of soren's opinion on that-- as you know, he is not a huge fan of packages updating groups
<jdstrand> I can't remember what that package is though...
<jdstrand> kirkland: there is a potential problem though, which is that this package is adding users to a group supplied by another package. what happens to the groups when the packages are removed?
<jdstrand> kirkland: that may very well be solved in delgroup or similar, but I haven't done it
<jdstrand> just something to think about
<kirkland> jdstrand: good ideas
<slicslak> kirkland, thx
<slicslak> oops, wrong channel
<nealmcb> sommer: re: https://wiki.ubuntu.com/IntrepidServerGuide - last I heard they recommended this for a spec template: https://wiki.ubuntu.com/SpecSpec
<nealmcb> but I don't know why that wasn''t named SpecTemplate so it would show up as an option when creating specs - see e.g. https://wiki.ubuntu.com/HelpOnPageCreation
<sommer> nealmcb: bonus, that's what I was looking for.  thanks
<nealmcb> :-)
<nealmcb> no response from the #ubuntu-doc folks about moving it yet.
<sommer> ya, it may take a while before someone is around with rights to move the page
<jay2> I tell you guys some people are really sick and think they can emulate what they think some of you guy well say :(
<Fohdeesha> lucent
 * delcoyote zztop
<telexicon> how can i have grub install the base config files (menu.lst and the stages) but not install the bootloader into the MBR?
<elventear> Hello. I am trying to convert an old isakmpd.conf setting to racoon.conf but I haven't been able to make it work. Anyone have any experience with both?
<cyris|> for some reason, my users home directory permissions are owned by not there name, but there ID. The group is correct. Any ideas why this is?
<soren> cyris|: The filesystem always stores ownership as the id's. If ls shows it as these id's instead of names, your nss settings are probably b0rken.
<telexicon> ouch
<cyris|> well, some of the users :S
<telexicon> that sucks that this critical bug with xen got into ubuntu server LTS
<soren> Oh, "this critical bug"?
<telexicon> dang, and i was hoping to convince management that we could use 8.04 too
<telexicon> yes
<telexicon> this one: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/218126
<uvirtbot> Launchpad bug 218126 in linux "xen guest  kernel bug:  'kernel BUG at /build/buildd/linux-2.6.24/debian/build/custom-source-xen/drivers/xen/netfront/netfront.c:785'" [Medium,In progress]
<telexicon> basically, DomUs kernel panic when loading the network driver
<soren> telexicon: There's a fix in hardy-proposed.
<telexicon> yea
<telexicon> i understand
<telexicon> but its broken on the ISO
<soren> You presence on IRC suggests that you have internet access..
<telexicon> ...
<telexicon> this is for server deployments, its not like im testing all this on my own workstation
<soren> Well, I don't know how you interact with your servers, but I'm guessing there must be some sort of means for you to move data from your workstation to your servers?
<telexicon> yeah.. ssh
<telexicon> the Dom0 is rhel 5
<telexicon> so of course that works
<soren> Yeah. Only Ubuntu can have bugs.
<telexicon> i didnt say that
<telexicon> but apparently only rhel can have QA
 * soren goes back to being useful
<telexicon> its just frustrating because i want linux to do well, i want ubuntu to do well
<telexicon> but when i get people to try ubuntu, a lot of the apps are buggy or crash often, and that makes me look bad
<infinity> telexicon: Dude, bugs happen, we fix them.  We're not going to re-roll CDs on every bug-fix, that's why -security and -updates exist.
<telexicon> ok, i understand
<infinity> telexicon: RHEL also releases bugfixes after they press CDs without shrinkwrapping a whole new set every week.  Honest.
<telexicon> hmm, that kernel from proposed still doesnt work, its not the same error.. it just crashes the domain and doesnt tell me why now
<telexicon> +
<telexicon> er.. s/\+//
<infinity> telexicon: Did you try Takahito's pre-compiled kernels from the bug log, rather than the one in -proposed?
<telexicon> i haven't yet, but i plan on doing that
<infinity> telexicon: AIUI, the one in -proposed is still partially broken, and was missing a commit.
<telexicon> ah ok, cause it looks like the same bug still according to the kernel anic
<telexicon> panic*
<infinity> (Hence why it's in proposed, and not updates yet...)
<telexicon> should i report that i still get the panic?
<infinity> Can do, but the bug log already notes that the bug was only half-fixed.
<infinity> "Tim, the current fix in the hardy git tree by Chuck is not complete.
<infinity> This still causes the kernel BUG() in some environments."
<infinity> "Drat. I'll pick this up on the next upload cycle, probably next week." - Time
<telexicon> oh ok
<infinity> s/Time/Tim/
<telexicon> oh i just saw the last message and thought they did it early
<infinity> Well, if Takahito's kernel works and the one in proposed doesn't, it won't HURT to add another comment to the bug to clarify that.
<infinity> If not for the Stable Release Team, then at least for other users.
<telexicon> ok
<zul> no there was a bug in the patch, the patch to my patch was applied today you can check it out of the git tree if you want
<telexicon> ok, Takahito's kernel works
<Nafallo> patch to patch to patch to... :-)
<Nafallo> ...infinity ;-)
<telexicon> ok the kernel boots, but its hanging on the initscripts... im not having any luck today.. :-(
<telexicon> hanging right after: * Reloading OpenBSD Secure Shell server's configuration sshd
#ubuntu-server 2008-05-02
<telexicon> should the entries for /etc/event.d/tty1 really be 'start on stopped rc2' ?
<soren> Yes?
<telexicon> ok, well still, /bin/login isn't coming up
<jiqiren> Takahito's kernel worked for me
<jiqiren> I can ssh into a xen vm no problem
<AtomicSpark> tell me something interesting you have done with a ubuntu server
<soren> telexicon: I don't know how Xen handles terminals :/
<telexicon> AtomicSpark, im running an ejabberd xmpp server on one
<telexicon> a postgres database on another
<telexicon> one of them is acting as an nfs gateway to our SAN
<telexicon> another one is running apt-proxy to speed up updates for our workstation deployments
<AtomicSpark> i just have a unused hp netserver 4 at home (duel p2 someghz 256MB pc100), just getting ideas for it. :P
<telexicon> one of them is running squid + dansguardian
<telexicon> im trying to set up one now, to test java web app frameworks
<AtomicSpark> after you set up a squid proxy server, do you have to set clients to use that as their proxy server or is it automatic?
<telexicon> we want it to be transparent
<telexicon> but the cisco ASA is making that unnecessarily difficult
<AtomicSpark> yes. transparent would be best. :P
<AtomicSpark> cisco makes everything difficult imo
<telexicon> its certainly doable, i have the squid side all set up properly
<telexicon> but the cisco asa wont cooperate
<AtomicSpark> what is the asa for? i'm reading the cisco page but it doesn't really explain much
<telexicon> its a firewall, nat, VPN.. thing
<AtomicSpark> ah kindof an all-in-one
<telexicon> sure
<telexicon> but i dont see whats so special about it
<AtomicSpark> well they like making themselves feel special. trust me. i tried to get certified. haha.
<telexicon> i dont like this :-/
<telexicon> ssh is letting me login without a password
<telexicon> and sudo doesnt work and login doesnt work
<telexicon> i think pam is broken
 * telexicon sighs
<AtomicSpark> that is very interesting. i'm doing a little side research myself.
<telexicon> oh nevermind, doh
<telexicon> i forgot i put my pubkey in the image
<telexicon> hehe ok that one was my fault
<AtomicSpark> it happens. i love when you reinstall a server and can't ssh into that machine anymore lol.
<AtomicSpark> i suppose it's nice for security. no man-in-the middle attacks.
<telexicon> eh
<telexicon> but it limits usefulness
<AtomicSpark> need a better way to remove the server from the .ssh file. i suppose you could just comment out the line. i usually just end up deleting the file.
<nealmcb> sommer: on that ebox url, I was trusting the official ebox documentation, and a hint of a problem from a forum post, but someone in #ebox folks say it is  https://yourserver/ebox not  https://yourserver/eBox but hasn't responded with a clarification - huh....  anyone have ebox installed?  I don't want to reboot to get it up and lose all my web page context....
<sommer> nealmcb: I think it's /ebox, but I don't have it installed any longer
<AtomicSpark> haha. firedrill. i took my laptop with
<nealmcb> sommer: my firefox url memory concurs.  too bad that their doc doesn't....
<soren> AtomicSpark: Remove the file?!?
<AtomicSpark> yes? it clears your stored keys
<soren> AtomicSpark: I usually just remove the line manually, but ssh-keygen can do it for you, too.
<soren> AtomicSpark: Yeah. That's a bad plan.
<AtomicSpark> ah. well i usually do bad things. ill try ssh-keygen next time.
<soren> There's a reason it stores them :)
<AtomicSpark> true. which is why i said there should be a better way then just removing the file.
<nealmcb> soren: thanks for the tip on ssh-keygen - that is always a pain.  good procedures (e.g. when building virtual machines) to just keep the original host key would be even better
<HS-L> how can i keep the time on my 6.06 LTS server up to date? every few weeks the time is off.
<infinity> HS-L: Install ntp.
<HS-L> is already installed.. :/
<AtomicSpark> you manually installed ntp? only ntpdate is installed by default.
<AtomicSpark> you could try adding another time server if ubuntu.com gets off once in awhile. i never really checked after i insatlled it.
<domare> <--nub
<domare> need some help
<domare> i have setup server.  with ebox.    i have server running and can connect from other pc.
<domare> now i need to set some shares.
<domare> anybody have a link or command to start me off?
<domare> anybody know where i can find info on setting up shares for samba
<domare> ?
<gregbrady> I have a wonderful system setup here for ssh access to my server, my question is how do I setup a dual boot thin client for a remote X session?
<gregbrady> domare, I gave up on samba and now use ssh....no problems ther
<domare> and your shares are win systems?
<gregbrady> No, I had problems between two linux systems.
<gregbrady> sorry
<domare> ah.. yeah im trying to use this as a media server for my home pcs.
<domare> i need to get it running here before i think of trying at my biz
<gregbrady> domare, I got your idea.....I am kind of doing the same except with all ubuntu systems
<domare> yeah, i can connect to my fileserver.. but i have no shares setup!
<domare> i also have ebox running for web administration
<gregbrady> Yeah, I tried that route before.....to no good end
<gregbrady> ssh was my solution
<domare> that seems a more solid way to do things with this.. i should try that
<gregbrady> domare, I think so!  I use it over the internet with no issues as well.
<domare> do u have a link to some instructions?
<gregbrady> hmmm.....geeze. I forget now, let me review my notes
<domare> have u thought about trying VMware for you needs?
<gregbrady> I don't use windows anymore....I just need to remotely run X windows sessions.
<domare> maybe you could load whatever it is your trying to duel boot
<gregbrady> I finally kicked the windows habit as of yesterday
<gregbrady> Ah, I want my thin clients to have the option to run a local version of ubuntu with ssh, or a remote X session.
<gregbrady> Get the idea?
<domare> yeah, similar to what im thinking in the end
<domare> i would like to try some different setups in VMs also.. not sure if i can do that from server though
<domare> like a terminal server in one.. file in another
<erimar77> im getting the "following features not present on the CPU" after the server install
<erimar77> i know i need a generic kernel
<erimar77> network is not linking up from rescue mode, any ideas?
<domare> i think everybody here is asleep here man
<erimar77> ha, good stuff
<gregbrady> domare, you could be right.
<domare> heres somebody who got VMware up.. http://www.bauer-power.net/2008/04/installing-vmware-server-on-ubuntu-804.html
<{Roger}> vmware server is sweet
<domare> under xp i have small business server and some other VMs running nicely.   Im kinda trying to replicate that with better performance results
<erimar77> i can get it working in parallels and vmware, the laptop i'm doing this on won't connect with the network, so i need different options
<domare> yeah... fun stuff
<gregbrady> I guess I just don't understand how vmare would help my application out
<erimar77> moving from the virtual environment to the real thing
<erimar77> oh, not me.. nevermind
<domare> u guys seen the new cisco modules that u can install linux on..
<domare> runs on the backbone of your network
<erimar77> yeah, for like a million dollars
<domare> yeah.. heh..   but the network virtualization is very coo.
<erimar77> i just got a quote for two 48port switches with 10GbE uplinks, $25k
<domare> damn
<erimar77> probably the cx4 modules that threw it over the top
<domare> this is a good read for some 101 network virtualization info
<domare> http://www.petri.co.il/server-virtualization-network-virtualization-storage-virtualization.htm
<domare> i guess 3com already has some modules that run a linux system.. u can set sniffers and whatnot right on backbone
<soren> nealmcb: "the original host key"?
<Viper111> i connect to my ubuntu server through VPN since connection is established i loose route to internet to everyhting, anybody can help in soloving such  prob
<torben> I'm having some trouble with 'automiunt' during reboot. I have checked my /dev/fstab file, but it all looks fine (except from all the encrypted shit concerning the /boot partition etc. ). Should I look anywhere else ?!
<soren> torben: You could perhaps explain what your problem is..
<soren> You fix "some trouble" by "changing some stuff".
<soren> If the problem description becomes more clear, the solution can too.
<torben> soren : *Cough*, well... It seems that wen I reboot my box it automounts two partitions 'on top' of each other. Very annoying !?...
<torben> ... It does run 24/7 as a server, and I can offcourse manually unmount the stuff etc., but it would be nice if I could 'just' reboot and have a working system :D
<soren> When you say "automounts"... Are you talking about nfs automounting or just regular mounting done at boot?
<torben> Hrm... Good question !?.
<soren> If you don't know, then it's not about the nfs things.
<torben> ... I'll just check dmesg...
<soren> You don't accidentally set up nfs automounting. Really.
<soren> What do you mean by "'on top' of each other"? Can you put your fstab somewhere?
<soren> !pastebin
<ubottu> pastebin is a service to post multiple-lined texts so you don't flood the channel. The Ubuntu pastebin is at http://paste.ubuntu.com (make sure you give us the URL for your paste - see also the channel topic)
<torben> soren, Well, thanx a bunch... I am bit of a noob on IRC (as you probably guessed)... The link is : http://paste.ubuntu.com/9413/
<torben> Hm... nfs... ?!
<soren> And what seems to be the problem, exactly?
<soren> ...and you really should be using UUID's for the last filesystems, too.
<torben> Well, the problem is that hda1 is mounted in /home/apach2/domains, and not /home /ftp/data/webservices...
<soren> torben: How is that "'on top' of each other"?
<torben> Heh, my To-do list regarding Linux, and my server is really full ;o)
<Viper111> when i connect to my server through VPn i loose connection can anybody guide me
<jay2> hmmm
<torben> soren, Well, I run Ubuntu server from a USB-stick
<soren> Ok..
<torben> ... On the stick I have a directory for Apache, containing the simple (and small) parts of a website
<torben> ... I also have a IDE-HD containing some ftp stuff etc, and experimental websites... When I boot the server mounts my 'ftp-directory' (on the IDE drive) on top of my 'Apache-directory' (on the stick)
<soren> That makes no sense. Your fstab doesn't even mention the apache directory.
<soren> You say you can fix this by running some command.. Which one is that?
<torben> soren, that's what puzzles me
<torben> 'umount /home/apache2/domains'
<torben> offcourse that removes my 'ftp-directory' from the mountpoint at my stick....
<torben> ... Revealing the underlying 'domains'-directory'...
<torben> ... It's not a real 'big' problem... But had to reboot a couple of times yesterday, and it began to bother me alot :)
<_ruben> i'd check if thre's a boot script that does the mounting .. grep mount /etc/init.d/* or so :)
<soren> torben: So your ftp directory is mounted twice, then? Once on /home/apache2/domains and once somewhere else?
<torben> _ruben, Hm... Actually U might be ritht there...
<torben> soren : Exactly :)
<torben> _ruben, well there it was :o)... ThanX a bunch
<owh> I've just logged into a VPS with Ubuntu for the first time. For starters it's running with a root account. How do I find out how else this "virgin install" differs from a standard ubuntu-server installation?
<owh> Other non-standard things are that it's running ReiserFS, has wifi tools installed etc.
<_ruben> wifi is standard i think
<_ruben> torben: glad to have helped :)
<owh> _ruben: Not on the hardy install on my local vmware instance.
<jay2> hello _ruben
<owh> This VPS also has x11-common marked as 'rc' and comes with things like make etc.
<_ruben> owh: well, atleast the wpa_* tools are standard
<_ruben> owh: they probably tried to make things easy for their customers by providing extra stuff by default
<owh> So, back to the original question, how do I actually compare it with a ubuntu-server install, or can I "install" ubuntu-server and remove all the rest in some sane way?
<_ruben> take "dpkg -l" from the vps and from a clean install and run diff over it .. probably requires some extra scripting to "ignore" the versions
<_ruben> dont think there's a "remove all but the core" option :)
<owh> _ruben: Yeah, but that won't catch any "manual" editing.
<_ruben> as that would kill ssh and stuff as well
<_ruben> owh: to cactch manual editing you'd first have to get a reference system with the exact same versions installed .. and then diff/md5sum each file to see if it has been changed .. not that easy ;)
<owh> _ruben: Wonderful. Just what I didn't need today.
<_ruben> owh: depending on the disk layout .. you *could* debootstrap a clean install on it :p
<owh> _ruben: Yeah, but that really feels like a scary option :)
<soren> owh: That's what I've done with all my colocated servers.
<owh> soren: The last time I did a debootstrap it ended in tears.
<owh> I suppose the out I have here is that I can just reinstall another OS over the top if I'm lucky. I suppose I could try that before I really break it :)
<owh> Is there a way, like lsb_release, that would show me which installation was completed?
<owh> As in, Ubuntu Server, Desktop, Alternate, JEOS, etc?
<_ruben> there might be some hints in /var/log/installer
<owh> Bloody good idea, tah.
<owh> _ruben: Crap, no longer exists.
<omnz0r> Hi guys, maybe this is a silly question, but here it is anyways. Can a (d)dos attack cause a server to reboot?
<owh> _ruben: And dpkg.loh is empty, yay :|
<owh> omnz0r: Well, it is possible.
<omnz0r> owh: Do you know of any "documentation" or examples of this, that is accessible via web?
<_ruben> dos is denial of service .. so getting a box to crash sure qualifies as being a dos
<owh> omnz0r: Not specifically no, but a ddos could cause all manner of issues, caches filling, drives filling, memory filling, network services crashing, each of those could cause a reboot in itself.
<omnz0r> _ruben: sure :) The question was not what a dos attack is, but more what a dos attack can cause :)
<omnz0r> owh: thank you very much, it seems intuitive when you put it that way :)
<owh> In this VPS I need to receive small emails that are sent to a single account where a .forward file pipes the email to a script. What email package is likely best suited - probably in memory footprint more than anything - to achieve this?
<_ruben> owh: i think i'd just go for the default: postfix
<_ruben> then again, smtp is rather simple, could write your own daemon for it ;)
<owh> _ruben: I'm canny, but not stupid :)
<_ruben> hehe
<owh> _ruben: Next you'll be suggesting that I get out the soldering iron and the magnifying glasses to repair any broken memory cores :)
<ewook> you'll need a spare core for that ;)
<owh> ewook: You raise a valid point, spares for that would be hard to come by :)
<owh> ewook: Mind you, finding the diagrams and the actual board would be probably just as complicated >:-)
<ewook> owh: true enough =o).
<_ruben> hehe
<owh> Does apt support wild-cards, like apt-get --purge remove *mysql* ?
<owh> In case anyone else was wondering, not as far as I can tell.
<owh> Workaround: apt-get --purge remove mysql-common
<jay2> mysql I am really interested in learning that owh!
<\sh> owh, apt should support regexp...apt-get install ^claws-mail e.g. works
<Payo> good morning
<_ruben> g'day
<Payo> hi _ruben
<Payo> quick question:
<Payo> i was wondering if there was an easy way to swap from the desktop version of ubuntu to the server version
<_ruben> apt-get remove ubuntu-desktop ; apt-get install ubuntu-server .. might do the trick .. but doing a clean install sure is prefered
<_ruben> what's the idea behind to move from dekstop to server?
<Payo> i've been playing around with dekiwiki on my desktop ubuntu - and will shortly have a 64bit server free to move into production
<Payo> i just wanted to have a look at the server version while waiting for the server to arrive
<Deeps> apt-get install ubuntu-server, and shit+alt+f1 to switch to a console
<Payo> thanks Deeps
<_ruben> Payo: i usualy use virtualization software (vmware/xen/kvm/vbox/etc) for that
<_ruben> for testriding software/os's that is
<Payo> yeah - i should get to grips with virtualisation
<Payo> which of those packages are open-source
<_ruben> xen and kvm are afaik, vmware and vbox arent, but are free (depending on which exact product)
<_ruben> i prefer vmware myself
<c1|freaky> hi all. is someone familiar with openvpn? i own a dedicated server. it only has one ethernet card. can i still use ethernet bridging? the howto says i shouldnt use it with a normal ethernet card which is connected to the internet but we want to be able to play lan games and use windows filesharing and that's not really possible without the ethernet bridging as it wont send any broadcasts and stuff without ethernet bridging.
<Payo> mindtouch offer a vmware image of dekiwiki - time to start learning!
<_ruben> c1|freaky: i am familiar with openvpn, but never tried it on a single homed machine
<_ruben> or actually, i think i did
<c1|freaky> it has 6 IP Addresses, - 6 virtual interfacces on eth0 but only one NIC
<c1|freaky> (the server)
<c1|freaky> clients should only connect to it and see each other
<c1|freaky> there is no LAN behind the server only the vpn network
<_ruben> c1|freaky: i think that should be doable, its unlike any setup i've done though
<c1|freaky> _ruben: i have currently set up the server using tap but still using the normal server config directive and not the ethernet-bridging stuff
<c1|freaky> it's working
<c1|freaky> but it says i must use ethernet bridging not the server directive
<c1|freaky> if i do that it wont work anymore
<c1|freaky> so now i have no idea if i can put that bridge up on the interface or if i should because the howto says i'd open a security hole
<c1|freaky> and in #openvpn noone answers
<_ruben> the mentioned security hole is probably that the clients can reach eachother, which is exactly what you're trying to achieve
<c1|freaky> ok thank you
<c1|freaky> :D
<_ruben> wonder if i shoudl create a ppa for my open-vm-tools packages for hardy/gutsy
<c1|freaky> umm, if i just put a ethernet bridge on that interface, will it mean other clients from the internet can send netbios packages?
<c1|freaky> and wont it take the interface down? oO
<c1|freaky> _ruben ;D
<_ruben> wouldnt dare to say, never worked with bridgin (other than with vmware) .. and a decent firewall should keep "the internet" out of your bridge
<_ruben> i dont think you need to create a bridge though
<_ruben> since you only want inter-client connectivity
<_ruben> which is up to openvpn to take care of
<c1|freaky> Make sure to use an interface which is private and which is connected to a LAN which is protected from the internet by a firewall. <-- this is waht the howto says, nothing applies to that ethernet card
<c1|freaky> ok and what's the bridge for then?
<c1|freaky> i really need the tunnelling of bridging but it really works allready
<c1|freaky> just unsure what the bridge then does if it's usually required
<c1|freaky> This example will guide you in configuring an OpenVPN server-side ethernet bridge. Multiple clients will be able to connect to the bridge, and each client's TAP interface will be assigned an IP address that is part of the server's LAN. <-- maybe only for this then
<c1|freaky> but as i have no lan behind the server only through openvpn
<c1|freaky> i think it's ok to leave it like that
<c1|freaky> i hope
<_ruben> c1|freaky: i *think* so too, but dont know for sure, try and find out ;)
<c1|freaky> what should i try to find out? i've allready played lan games, used windows filesharing etc.
<jay2> well I finally found information on how to set up a gui for ubuntu server edition
<c1|freaky> so that's working
<jay2> :)
<c1|freaky> :)
<c1|freaky> how do i set up samba to not require user authentication - ill search google
<_ruben> c1|freaky: if it was already working, then what was the problem? :P
<_ruben> gui on server .. yuck
<c1|freaky> _ruben: the problem was, im using ethernet bridging, so i wondered why it works without the ethernet bridge. ive setup without the bridge before. i thought maybe it was using that interface in a completely wrong way
<_ruben> ah
<uvirtbot> New bug: #225608 in postfix (main) "Upgrade to 8.04" [Undecided,New] https://launchpad.net/bugs/225608
<_ruben> nice bug description
<c1|freaky> hehe
<jay2> well I like using a gui but also as well just the command line to comes in quite handy too there _ruben
<_ruben> gui's are a waste of resources on a server imo
<_ruben> not to mention the security implications
<jay2> true
<jay2> resources is what alot of people need these days esspecally when it comes to demanding applications
<jay2> there are always thouse ups and downs to things
<jay2> I think I well have a better home for using ubuntu then microsoft there _ruben
<jay2> :)
<ctx144k> hello all
<ctx144k> iam searching a time-daemon, which willbe run as daemon, and willbe check and control time all view minuts with my own timeserver. which program should i use for that?
<_ruben> ctx144k: not really sure what you mean, but i think the answer is ntpd?
<lamont> _ruben: apport is _so_ helpful sometimes, isn't it?
<ctx144k> _ruben, ill look for it, thx
<_ruben> huh? .. ow that bugreport i guess, didnt look at it, so wouldnt know the 'source' either :)
<_ruben> lamont: ^^
<lamont> _ruben: yeah 225608 is a "upgrade failed, kthx" report.  of course, I haven't managed to duplicate it in my gutsy->hardy transitions, so the lack of information, mixed with the non-english error message makes it, uh, a conversation starter at best
<_ruben> lamont: heh, indeed
<fisfia> hello everybody =) now I successfully installed ubuntuserver because nothing else is working. but how do I get into X and xfce or something else? or is it only CLI?
<Deeps> ubuntu server doesn't feature a desktop component
<Deeps> a GUI component, even
<Deeps> apt-get install ubuntu-dektop if you want the standard ubuntu desktop environment
<Deeps> ubuntu-desktop even
<fisfia> ok Ill try that thanx
<fisfia> everyting I try with sudo apt-get is giving me "the package could not be found"
<fisfia> maybe I have no connection...?
<_ruben> try sudo apt-get update
<fisfia> I did ifconfig and there is only info about lo nothing about eth0
<_ruben> and what does "ip addr" show? ifconfig is ancient
<fisfia> I have no ipaddress but now eth0 is shown in ifconfig
<dendrobates> morning
<uvirtbot> New bug: #225661 in samba (main) "Typo in /etc/samba/smb.conf (nsuccessful)" [Undecided,New] https://launchpad.net/bugs/225661
<sommer> dendrobates: morning
<nealmcb> soren: "original host key" - i.e. the problem is that people reinstall an os, use the same name for the machine, but don't save the old /etc/ssh/ssh_host_dsa_key and/or /etc/ssh/ssh_host_rsa_key and reuse that on the new os.  maybe ubuntu should make it easier to preserve these across reinstall.
<Fohdeesha> lucent home?
<\sh> zul, ping bacula :)
<\sh> zul, could you add the drop-mysql-tables script from the bacula source to bacula-director-mysql ? it's missing somehow, but it would make sense, when we ship create-tables-mysql  script from the very same dir
<zul> \sh: sure
<zul> patches also welcomed :)
<\sh> zul, I'm just on my way to a working build infra at home again ;)
<zul> heh
<\sh> zul, another thing is, I'll try to fix the qt4 bacula console, too...it has some issues when editing the media files (e.g. it's not possible to set a file to max 100GB size, the input line has wrong max values somehow)
<zul> \sh: thats weird can you open issues in launchpad so we can track them for a possible SRU as well
<\sh> zul, yes..I'm working on a fix, as said, I stepped upon this bug last week when I setup bacula for the company ;)
<zul> ok
<\sh> zul, manually editing the volmaxsize inside the db tables works :) but not from the qt4 console
<zul> interesting we will have to talk to upstream as well
<\sh> zul, for sure...when I have a patch ready for applying I'll push all the stuff towards debian+upstream
<zul> thanks
<zul> mathiaz: Ive added the dovecot bug to the stablereleasetracker wiki page
<mathiaz> zul: great - thanks
<nealmcb> hmm - I hadn't seen this before:  https://help.ubuntu.com/community/WebMin   seems like some information on why it was dropped based on https://answers.edge.launchpad.net/ubuntu/+question/2873 would help, along with an ebox pointer
<nealmcb> !ebox
<ubottu> ebox is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/eBox
<nealmcb> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system. See !ebox instead.
 * nealmcb starts taking a stab at it....
<nealmcb> comments welcomed on https://help.ubuntu.com/community/WebMin  and/or my post just now to the list, with more specifics on the config file issues requested
<Siph0n> if I do a data dvd with gnomebaker, will that burn image files as an image? or just as data?
 * nealmcb also notes WebminWithoutARootAccount
<nealmcb> https://help.ubuntu.com/community/WebminWithoutARootAccount
<mathiaz> nealmcb: are you hunting down all the webmin occurence on w.u.c ?
<mathiaz> nealmcb: and help.u.c
<mathiaz> nealmcb: ?
<nealmcb> slowly....
 * mathiaz hugs nealmcb 
<nealmcb> :-)
<nealmcb> but it would really help to have something more substantial to point at when folks talk of incompatibility with policy - I hate just passing on pretty vague complaints
<mathiaz> nealmcb: agreed
<mathiaz> nealmcb: you could do search on irclogs.ubuntu.com about webmin and #ubuntu-server
<mathiaz> nealmcb: sometime ago there was a discussion about it and IIRC infinity gave some reasons about the configuration files issues
<nealmcb> mathiaz: that's a painful prospect....  much heat, little light
<mathiaz> nealmcb: I agree with you - we should really come up with a good answer on this one
<nealmcb> if we collectively spent as much time actually improving ebox (or even fixing webmin) that we do complaining about webmin, we'd be much better off :-)   and have fewer complaints....
 * mathiaz nods
<zul> nealmcb: eBox should be getting better since they are basing their stuff off of hardy starting their next development cycle
<eghjaytee> Hello I am trying to use IP based hosting on apache2 but my DocumentRoot is not being used within the configuration file within sites-available, it is using the default path from the default site. Can anyonehelp me with this?
<eghjaytee> excuse me, I meant DocumentRoot
<_ruben> eghjaytee: did you enable the site (symlink in sites-enabled)
<eghjaytee> _ruben: yes I did
<eghjaytee> this is so weird
<eghjaytee> this is for a second apache instance
<eghjaytee> I copied over the entire /etc/apache2 dir and changed the IPs
<_ruben> 2 instances on same host?
<eghjaytee> no different hosts
<_ruben> ah ok
<eghjaytee> load balanced
<mathiaz> nealmcb: it seems that the only reason why webmin was dropped was the lack of maintainers
<eghjaytee> _ruben: can you thinkn of a reason why DocumentRoot would be picked up from within a VirtualHost conf file?
<_ruben> eghjaytee: apparently apache thinks the default is the best match for the request .. no errors or wahtever in the logs? (during both restart/reload and request of the url)
<mathiaz> nealmcb: webmin upstream provide packages for debian/ubuntu - http://www.webmin.com/deb.html
<eghjaytee> _ruben: no it is so weird, it is like the VirtualHost isn't being picked up
<nealmcb> mathiaz: for debian that seems the reason.  for ubuntu it seems that some admins hated it with a passion.  but the concrete reasons for hating it are hard to find.
<eghjaytee> and so it uses the default document root
<eghjaytee> I will up the logging
<mathiaz> nealmcb: right - we'll wait for infinity to wake up and we'll know why ;)
<nealmcb> mathiaz: yeah - that is the point of that wiki page on webmin.  I'd love for someone who knows debian policy to review the current webmin and point out some issues (or maybe they fixed them)
<CannibalM> oh dear god, help!
<CannibalM> I have a presentation in an hour or so,
<mathiaz> nealmcb: I'm not totally convinced by "webmin munges your config files"
<CannibalM> and my linux server which was working fine when I left last night,
<nealmcb> it is painful going thru the complaints here....  http://www.google.com/search?num=50&hl=en&safe=off&client=firefox-a&rls=com.ubuntu%3Aen-US%3Aofficial&hs=dUb&q=site%3Airclogs.ubuntu.com++webmin++%23ubuntu-server+infinity&btnG=Search
<CannibalM> I come in and am able to connect to it through SSH but yet it cannot get any outside access.
<_ruben> eghjaytee: try: apache2 -S
<CannibalM> So then I turn around and reboot the box,
<CannibalM> and now it can't even see it's eth0 or IP!
<mathiaz> nealmcb: that's the role of webmin - editing configuration files
<mathiaz> nealmcb: I fail to see how ebox and webmin are different on this point
<mathiaz> nealmcb: expect that ebox takes care of not overwritting localy modified files
<CannibalM> i can't even use webmin on mine as I cannot connect to it!
<Asad2005> i have made a raid 5 of 3 disks and will soon expand to 6 (sata 3G), how can i tell if all disk working in 3GB or 1.5 GB i.e. Sata I or II
<nealmcb> the only specific I got was from ScottK:... There was a funny bit today about an Ubuntu user writing in with a Postfix problem that turned out to be webmin adding 'sudo' to their smtpd_recipient_restrictions. - http://archives.neohapsis.com/archives/postfix/2007-11/1330.html
<lamont> heh
<nealmcb> but I don't know what that is about - lamont?
<ScottK> I'm not sure why it added that, but fundamentally it corrupted the config file.
<uvirtbot> New bug: #225741 in mysql-dfsg-5.0 (main) "/usr/bin/mysql_config --libs_r reports incorrect link flags" [Undecided,New] https://launchpad.net/bugs/225741
<nealmcb> ScottK: can you clarify the implications of that a bit more?
<eghjaytee> _ruben: hey man, I thought theat a2ensite created a link
<eghjaytee> this is creating a file
<mathiaz> so it seems that webmin adds options when it modifies a configuration file
<eghjaytee> man that is messed up
<ScottK> nealmcb: Use webmin and eventually you will cry is my summary.
<mathiaz> nealmcb: you'd edit a service, and the generated configuration file ends up with non-viable options
<ScottK> I've never used it, so I have no idea exactly how that happened, but it's consistent with the don't use it advice I've seen given.
<eghjaytee> jesus that was the problem
<mathiaz> ScottK: right - that's what we've always heard -
<_ruben> eghjaytee: my understanding is that a2ensite would create symlink as well..
<eghjaytee> thanks _ruben
<eghjaytee> I dont knwo why it isnt linking
<eghjaytee> I will look into it
<_ruben> eghjaytee: heh, no problem :)
<mathiaz> ScottK: I'd like to know what are the problems exactly - if this hasn't turned into an urban legend
<nealmcb> i.e. postfix won't start up? or won't work?  remember we're trying to clarify this for the newbies, not hardened postfix wizards
<ScottK> mathiaz: In that particular case it corrupted the postfix config file and broke Postfix.  I've no idea how or why.
<lamont> "DO NOT USE WEBMIN"  there..  that's simple. :0)
<nealmcb> I think webmin ensnares baby penguins and eats them also
<mathiaz> If the postfix module in webmin generates a incorrect postfix configuration file, the postfix module in webmin should be fixed
<lamont> mathiaz: sure.
<lamont> but that's not a postfix bug
<ScottK> mathiaz: Sure.  Have fun with that.
<nealmcb> and it makes all the people who can help walk away from you
<nealmcb> ScottK: lamont: do you think ebox will be better?
<lamont> nfc
<ScottK> nealmcb: Same with me.  At least ebox are working with a Debian environment in mind.  Odds are better, but it's a hard problem.
<[LMJ]> hi
<nealmcb> lamont: nfc?
<ScottK> hi [LMJ].
<mathiaz> ScottK: have fun with that -> do you suggest that the webmin code is of bad quality or hard to work with ?
<ScottK> mathiaz: I'm suggesting it's not a problem I'm interested in solving.  I think it's better to invest time in documentation and training to make it easier for people to properly administer their systems.
<[LMJ]> I'm really stuck right now : I can't find a way to see my 2 network card on my fresh Hardy server install : 1 eth is nvidia gigabit (forcedeth) onboard who works fine, the other one, an old 100Mbits D-link one is not seen by the kernel, nor during the boot or via lspci. I through the card was day, i've tried another one who I know it works, same issue, I can get this second eth card working please ?
<[LMJ]> hi ScottK
<ScottK> lamont: Any suggestions on what to ask for (in terms of more information) in Bug 225608?
<uvirtbot> Launchpad bug 225608 in postfix "Upgrade to 8.04" [Undecided,New] https://launchpad.net/bugs/225608
<nealmcb> ScottK: I encourage you to work on what you like, and that is the sort of thing I like too.  But I think documentation actually has limited impact on solving bug #1.  Microsoft didn't get where it is by having good documentation - they leveraged people's preference for guis.   I think it would be nice if we could expect that a significant fraction of the folks we want to be adopters of ubuntu server to read documentation and become wise in the 
<uvirtbot> Launchpad bug 1 in ubuntu "Microsoft has a majority market share" [Critical,Confirmed] https://launchpad.net/bugs/1
<lamont> nealmcb: nfc is short for "no clue"
<mathiaz> nealmcb: the problem with webmin may be that it gives to much power to the targeted audience
<nealmcb> lamont: Ahh :) :)
<lamont> ScottK: for starters "exactly how did it fail" :-)
<nealmcb> mathiaz: good point
<ScottK> lamont: Yeah.  I was hoping you might have some suspects I could point them at.
<mathiaz> nealmcb: if we assume that the target audience for a web interface is up to junior sysadmin, they should not be able to edit secondary dns zone in bind9 for example.
<nealmcb> lamont: nfc about what "smtpd_recipient_restrictions" are or what "sudo" would mean there?
<lamont> ScottK: well, a translation of the error message to something I know would be helpful
<ScottK> lamont: OK.
<lamont> nealmcb: about whether ebox would work better than webmin
<lamont> as in "what's ebox?"
<ScottK> nealmcb: If we replicate Windows sysadmin culture in Ubuntu, we won't have accomplished much.
<mathiaz> ScottK: agreed.
<lamont> nealmcb: while knowing enough of an answer to know that, like webmin, it assumes a level of clue on the part of the user that is not generally present in the target audience
<mathiaz> nealmcb: so we could say that standard tasks should be available through a web interface
<nealmcb> lamont: ok.  anyone care to help me flesh out that one reported webmin error I've heard about?  Is it a random thing to do, or does adding sudo make it insecure, or is it a syntax error?
<ScottK> Any ace translators recognize what language "paketti postfix on jo asennettu ja konfiguroitu" is in?
<ScottK> nealmcb: Syntax error.  Postfix will die, restart, and die without delivering mail (IIRC).
<ScottK> The issue isn't that it's sudo, but that it's some unrecognized restriction.
<zul> ScottK: finish maybe?
<ScottK> If it had been 'bob' it would fail the same way.
<mathiaz> nealmcb: for this particular bug, the webmin module generated a wrong configuration file
<mathiaz> nealmcb: I don't think it's a good example why webmin is bad - ebox could lead to the same error, or a any other document
<_ruben> indonesian and the likes are an option as well i think :p
<kirkland> ScottK: google concurs with zul, Finnish
<nealmcb> ScottK: thanks!  ouch!!
<CannibalM> seriously, I need help. I just went through a rescue mode boot and could get it working,
<nealmcb> mathiaz: right
<CannibalM> but when finished and rebooted it stops functioning again.
<ScottK> kirkland: Thanks.
<CannibalM> When I ifconfig I am getting hex, NOip
<CannibalM> if I check the interfaces file, it shows everythign fine.
<ScottK> lamont: That's the reporters first Ubuntu bug report ever, so I don't hold out a lot of hope.
<CannibalM> I cannot get an IP through DHCP so I must set it by hand which it works fine.
<CannibalM> however after reboot, nothing.
<CannibalM> Anyone, for the love of god.
<_ruben> CannibalM: probably an error in the interfaces file .. no errors on sudo invoke-rc.d networking restart ?
<lamont> ScottK: atm, it's +moreinfo :-(
<lamont> dear oo.o  why do you take focus?
<lamont> I didn't put my mouse in your window
<CannibalM> _ruben, the interface file is mint, even checked it against three other systems. no issues, the networking restart never gets an IP, just loops forever. Can't even break it.
<_ruben> loops ? put the output on a pastebin
<CannibalM> can't copy and paste.
<CannibalM> lol no net
<ScottK> lamont: The error message translates at "the package postfix is already installed and configured".
<_ruben> CannibalM: then describe in what way it's looping
<ScottK> zul and kirkland: Thanks.  Finnish it is.
<ScottK> lamont: Does that mean it's update-manager and we shift the blame to mvo?
<rhineheart_m> hello. how's hardy doing in server deployment? anybody has a feedback?
<Asad2005> How can i tell if disks  working in 3GB or 1.5 GB i.e. Sata I or II
<uvirtbot> New bug: #225600 in php5 (main) "[Hardy][Regression] PHP 5.2.4 symlink bug breaks TYPO3 default setup" [Medium,Confirmed] https://launchpad.net/bugs/225600
<_ruben> Asad2005: check output of dmesg .. there should smth like: [   19.298661] ata1: SATA link up 1.5 Gbps (SStatus 113 SControl 300)
<_ruben> might depend on driver tho
<Asad2005> _ruben, and if it is showing 1.5 while drive and controller is 3 GB is there away to alter it from linux or bios
<_ruben> Asad2005: i know certain maxtor drives have a jumper for sata1/sata2 mode
<_ruben> other than that i dunno
<CannibalM> Server deployment = the suxor.
<CannibalM> anger comes from it when networking randomly works
<CannibalM> grrrrrr
 * _ruben uses his psychic powers to see which errors CannibalM is getting
<CannibalM> lol
<CannibalM> in short, DHCP never can pull an IP while everything else can, this is on most hardware we have tried and trialed the software on.
<CannibalM> so setting by static it works,
<CannibalM> worked beautifully, came in this morning and went to update repos and download a tarball onto the system through webmin,
<CannibalM> no access to the net.
<CannibalM> the internal network, no problem.
<CannibalM> wtf? So I check the interfaces file, check ifconfig etc etc.
<CannibalM> all looks fine.
<CannibalM> I reboot, and now no network found
<lamont> ScottK: heh
<CannibalM> Ihave to use rescue mode and hand configure the info,
<CannibalM> (Which matches the interfaces file EXACTLY)
<ScottK> lamont: I don't think Postfix can make that error.
<lamont> ScottK: ok.  so what exactly did it didn't do?
 * nealmcb doesn't need psychic powers to guess what the reaction here will be to the mention of webmin and random networking problems....
<ScottK> Dunno.
<CannibalM> and then start all the services through the shell loaded through the rescue boot.
<_ruben> i have no idea what you mean by : DHCP never can pull an IP while everything else can, this is on most hardware we have tried and trialed the software on.
<CannibalM> Webmin has been great for me.
<CannibalM> Well, we use a DHCP network here for most items,
<CannibalM> from there we set all static IP's on the reserved IP's for servers etc.
<CannibalM> well, with Ubuntu, it can never get an IP
<CannibalM> ever.
<lamont> I use DHCP almost exclusively on the network I'm sitting on, with no issues.
<CannibalM> I have to always set it by hand.
<lamont> but only since warty
<_ruben> dhcp works like a charm here as well
<CannibalM> Yeah, its really wierd because I have used a couple different ubuntu releases,
<CannibalM> on other machines with no issues at all.
<CannibalM> but for the last two,
<CannibalM> even desktop machines can't get it.
<lamont> CannibalM: I've been using ubuntu with dhcp since before it released.
<lamont> both upgraded and freshly installed machines for feisty/gutsy/hardy, and probably earlier
<Kamping_Kaiser> CannibalM, i've been having issues with a hardy system and dhcp too
<CannibalM> its wierd, just the last two releases. Our servers, ranging from old DL350's up through new dual quad cores.
<CannibalM> I'm starting to think its our DHCP server.
<CannibalM> but everything else works mint so I'm boggled.
 * Kamping_Kaiser blames nm, just because
<rhineheart_m> Kamping_Kaiser, I took your advice before not to do with hardy yet :)
<CannibalM> and at the same time, the desktop's for dev work with the desktop edition,
<CannibalM> same thing.
<CannibalM> Well, through rescue boot I got apache and everything else running with the network functioning again, so I'm gonna do a drop of all my files onto something else,
<Kamping_Kaiser> rhineheart_m, :) hopefully its going to be helpful advice
<CannibalM> then do a full wipe and see if the last LTS server can handle the task of holding a network interface and IP to function properly.
<Kamping_Kaiser> it was 8.04-server that wasnt working. my 8.04 laptop is fine
<CannibalM> Oh,
 * Kamping_Kaiser has had issues with 8.04 on both server installs hes done
<CannibalM> and any other early adopters download the desktop version of 8 and have it not be a bootable disk?
<rhineheart_m> Kamping_Kaiser, yeah.. I just play around with debian etch.. to tell you honestly.. ubuntu helped me a lot to learn the debian way :)
<CannibalM> yea, I was thinking of Debian, not sure what would be the best distro for a server setup
<CannibalM> I would hate to move to RH
 * ScottK has done one fresh install of 8.04 and several upgrades without problems.
<CannibalM> althought we already have an enterprise boc going.
<CannibalM> *box
<Kamping_Kaiser> ScottK, oh good, it works for someone then ;)
<ScottK> I suspect it works for almost everybody.
<CannibalM> great OS, amazing distro, just small things that happen.
<Kamping_Kaiser> me to. but for once i'm the one with problems, so i get to be the whiny one
<rhineheart_m> mmm.. I'm running virtualmin on a fresh debian box... and so far it works like a charm! I love it! :)
<CannibalM> I just can't have somehting go wrong at random times,
<CannibalM> its a test box and I can't be ready to have a presentation and have something randomly go out on me.
<Kamping_Kaiser> ScottK, is network manager installed on server, or just desktop?
<ScottK> Just desktop.
<ScottK> I'm pretty sure.
<ScottK> All my servers are on static IP, so I don't use dhcp on servers.
<Kamping_Kaiser> thats what i thought.
<Kamping_Kaiser> i've tried one dhcp system (because its on a desk next to me if stuff breaks), and one static. i should really get the hdd from the "doent work" install and file bugs
<rhineheart_m> can you then say that the release of hardy is premature?
<ScottK> rhineheart_m: Anyone who wants to can say that.  I think they'd be wrong, but they can say it.
<nealmcb> !ldap
<ubottu> LDAP is the Lightweight Directory Access Protocol. For more information and installation instructions, see https://help.ubuntu.com/community/OpenLDAPServer
 * Kamping_Kaiser says it (wrongly :P)
<nealmcb> someone want to comment on this *cough* old page and how it relates to the latest mail advice?  https://help.ubuntu.com/community/MailScanner
<ScottK> nealmcb: I suggest just delete the page.
<ScottK> MailScanner is defective by design when integrated with Postfix.
<nealmcb> ScottK: what part of the design are you referring to?
<ScottK> The part where it integrates with postfix via unpublished postfix internal interfaces (queue file format) and so each time postfix makes internal changes, it has to be updated, but will lose mail in the mean time.
<lamont> ScottK: Total H9
<ScottK> Integrating via public documented interfaces is a pretty fundamental software engineering priciniple.
<nealmcb> great- for now I'll just say that - I think page deletion should get some wiki review
<ScottK> nealmcb: To go with it, the Postfix upstream strongly recommends against using Mailscanner with Postfix.  It's not just us.
<lamont> "dear crackheads.  die. kthx"
<lamont> ok, I'll admit that Wietse would never say it in quite those words.
<ScottK> nealmcb: If you aren't frightened enough, the MailScanner developers describe this as a "Political" problem.
<ScottK> nealmcb: If they believe that, I'm not using their software.
 * nealmcb nods
<lamont> ScottK: rotfl
<ScottK> leonel: You can stop working on Dapper clamav debdiffs.  pitti just copied clamav 0.92.1 from dapper-backports to dapper-updates.
<ScottK> jdstrand: ^^^ Thanks for looking into it.
<jdstrand> \o/
<jdstrand> ScottK: thanks for doing it :)
<leonel> ScottK: stopped since  wednesday  when we talked about it   yesterday I was  out all day  and  today afternoon  I resume the gutsy / feisty patches
<ScottK> Great.
<ScottK> jdstrand or kees: Now that pitti has copied clamav from dapper-backports to dapper-updates, would one of you do dapper-security (there are security fixes in there)?
<ScottK> I'd hate to see someone who has security, but not updates not get the security fixes.
<jdstrand> ScottK, kees: I'll do it
<ScottK> jdstrand: Thanks.
<ScottK> jdstrand: One lingering clamav concern I have is that you can't currently build clamav on hppa for Gutsy.  Apparently sendmail existed for a while and then vanished, so clamav will always FTBFS on hppa in Gutsy.  Not sure what the best thing to do is to deal with the security issues in that package.
<jdstrand> ScottK: ok-- I'll talk to the archive admin and get some more info
<ScottK> jdstrand: Thanks.
<kees> missing hppa shouldn't block us from updating the other archs.
<ScottK> Agreed, but the lack of libmilter-dev in hppa means you can't build a fixed version for hppa.
<ScottK> Personally I'd suggest removing all the clamav binaries for hppa in gutsy, but that's just me.
<ScottK> Actually, now that I think more about it ...
<ScottK> kees: You still build security updates on a separate dak instance, right?
<kees> ScottK: unfortunately
<ScottK> kees: Would you check and see if perhaps dak magically still has sendmail for gutsy/hppa?
<ScottK> We've done gutsy security updates before and IIRC they built for hppa.
<ScottK> kees: Nevermind.  The security updates FTBFS too.
 * ScottK sticks with the remove it it can't be supported vote.
<Orbixx> Does anyone have a Directadmin lifetime licence for sale?
<DBAmethyst> ok I don't know if to put this in #ubuntu or here.  But I am doing an installfest and I have to have a server as a router.
<uvirtbot> New bug: #225818 in php5 (main) "PHP/5.2.4-2ubuntu5 + xdebug" [Undecided,New] https://launchpad.net/bugs/225818
<ScottK> DBAmethyst: Server setup questions are on topic here.
<DBAmethyst> ok
<DBAmethyst> well just asking for help.  need some dns and some dhcp help
<DBAmethyst> as I have never done this to a box.  normally use a wrt54gl
<sommer> ScottK: I played around with clamtk early this morning, and was able to build it after setting (>=0.93) in the deps
<ScottK> Great.  sommer: See the mail I just sent to the motu ML.
<sommer> yep, I wanted to double check that is the correct way to update the package?
<gregbrady> is it possible to run a ssh -X session but have the sound play locally?
<ScottK> sommer: Did you add the PPA to your sources.list so it would have clamav 0.93 to build against?
<sommer> ScottK: yeppers, even built and scanned a virus successfully
<ScottK> Yes.  Then that'll do it.  You didn't actually need to bump the depends.  Just build it and run it with 0.93.
<sommer> heh, gotcha should I change it back?
<ogra> gregbrady, read up about pulseaudio TCP forwarding ... its pretty easy to set up
<ScottK> No need.  What that says is that we don't need to do anything special with clamtk.
<ScottK> sommer: Just update the wiki.
<gregbrady> ogra, thanks.
<sommer> cool, will do
<ScottK> sommer: FYI, you can upload stuff to the PPA since you are a team member.
<sommer> ScottK: ya, I was wondering about that... I upload the .changes file correct?
<ScottK> Yes.
<sommer> cool, just need to configure dput :)
<ScottK> I don't think uploading clamtk is needed, but if you get a package that needs changing, feel free.
<gregbrady> hmmm, I can't seem to find anything about forwarding on the pulseaudio website
 * delcoyote hi
<ogra> gregbrady, google for puseaudio and module-native-protocol-tcp or module-esound-protocol-tcp
<gregbrady> ogra, thanks but the returns are way above my level of understanding.
<sommer> ScottK: hrmm... fedora doesn't seem to have a pyclamav package
<sommer> ScottK: I also attempted to build that package, but it kept wanting to use clamav-0.92
<ScottK> Odd.
<ScottK> sommer: They may call it something different.
<ScottK> Other distros may have patches too.
<furicle> From what I can tell KVM is Ubuntu's 'preferred' virtualization choice - right?   I see lots of people talking about Xen, is anybody *using* KVM in production?
<gregbrady> ogra, I ended up searching by "ssh" and "local sound" and it according to the returns, it does not appear to be all that easy and requires that each program be setup individually.
<ogra> gregbrady, essentially you only need to set pulse locally to listen to tcp ... and then set PULSE_SERVER or ESPEAKER in your ssh session pointing to the local pulse
<furicle> and by production I mean people get fired if it dies too often :-)
 * ScottK notes http://archives.neohapsis.com/archives/postfix/2008-05/0080.html and suggests that packaging the additional clamav signatures might be a useful thing for someone interested in getting involved in packaging for Ubuntu to do.
<seany> is there a good write up some where about raid performance tuning, as far as best practices go?
<sommer> ScottK: sure, I'll give it a try :)
<nealmcb> furicle: you can also try #ubuntu-virt
<furicle> Ah - ok - didn't know about that one....  I'll take a wander.
<nealmcb> furicle: what sort of use case are you looking at?  production means different thing
<nealmcb> *things
<gregbrady> ogra, thanks for the tips but it appears as though I have a ton of research to do before I understand this stuff.
<seany> does anyone know anything about raid performance tuning? or best practice methods for bottleneck tracking?
<jackfruit> hi guys, has anyone got a problem with ssh frozen in hardy ?
<jackfruit> i would connect to the remote box, do things for about 10 secs, and it would be frozen
<faulkes-_> ssh only or the entire box?
<ScottK> jackfruit: Wired or wireless network?
<jackfruit> jackfruit: from laptop to wired remote box
<jackfruit> faulkes-_: what do you mean ?
<jackfruit> faulkes-_: the only thing i run on the box now is ssh
<faulkes-_> I mean if you try to reconnect, does it allow you
<jackfruit> yes it does
<ScottK> jackfruit: I experience periodic networking freezes on my laptop that sound like what you are experiencing.
<jackfruit> and i'm in, i can run commands
<jackfruit> 10 secs, boom, frozen
<ScottK> Does it come back if you wait?
<jiqiren> seany: make sure your think about blocksize / etc when creating filesystem on raid
<jackfruit> ScottK: i waited for about 2 -3 ' w/o anything so i break the connection
<seany> jiqiren: in so far as matching up raid blocks with FS blocks in relation to the files being created?
<jackfruit> ScottK: weird thing is i've used ssh on my laptop before w/o any problems
<ScottK> That's not the same problem I'm having.
<jackfruit> wireless
<zul> mathiaz: does the open-iscsi bug about sysfs deserve an SRU? im thinking about it and no
<jiqiren> seany: what i mean is when you create your filesystem, make sure the stripe size (raid) and stride size (ext3 or whatever) match
<seany> jiqiren: right
<jackfruit> ScottK: it's bugging the crap out of me, since i cannot do anything w/o ssh
<jiqiren> seany: so if you have raid with 64k stripe, you'd pass this to make a fs (ext3): -E stride=16
<ScottK> I'd suggest trying plugging the laptop into a wired network and see if that makes a difference.
<jiqiren> (assuming your blocksize is 4096)
<ScottK> jackfruit: ^^
<nikolaj> Do anyone knows why wvdial is not on ubuntu 8.04 server? or am I doing something wrong?
<jiqiren> seany: are you using ext3 or something else?
<jackfruit> ScottK: i mean i'm talking on here right, and irc time out is what, 120 sec ?
<seany> jiqiren: right now i'm just playing around :). ext3 and NTFS over iscsi
<jackfruit> hmm is there a timeout value in ssh
<ScottK> jackfruit: Yes, but ssh is a different protocol with different sensitivities.  I'd suggest try it.
<seany> jiqiren: i've got 9 250g disks in a raid6 vg at the moment
<jiqiren> seany: in that case you might want to make sure the vg/lv layer is also using correct matching sizes (I assume you are using software raid in linux then lvm on top?)
<seany> jiqiren, yes
<seany> jiqiren: are there any good docs about this online some where?
<seany> jiqiren: there's lots of stuff about raid config, but not alot about performance
<jackfruit_> ScottK: i'm wired up, still not letting me connect
<jackfruit_> now it's not letting me connect instead of letting me in for 10 sec
<jackfruit_> :))
<ScottK> OK. Not sure what to tell you then.
<jiqiren> seany: I don't think so... in the end default values are not that bad - software is getting better about already taking care of things like this
<jackfruit_> this is weird as crap
<furicle> jackfruit:   any chance of duplicate IP numbers on that LAN?
<jackfruit_> furicle: on my local one or remote one ?
<furicle> jackfruit_:   your laptop....
<jackfruit_> nope, i'm pluged into directly to the modem
<furicle> so much for that brainwave :-(
<seany> jiqiren: have you heard anything about iscsi performance numbers? vs nfs/local ?
<jiqiren> jiqiren: back when I was cursed with taking care of exchange, iscsi sucked - there would always be timeouts long enough to force a failover with an active/standby config of exchange
<jiqiren> hehe... i mean seany
<jiqiren> seany: typically happened when everyone in the office checked their mail at the same time
<seany> jiqiren: what was your storage sitting on?
<jiqiren> seany: but this was MS, I've never used iscsi on anything else
<jiqiren> it was a dediated iscsi nas
<_ruben> MS's iscsi initiator is actually quite decent these days
<_ruben> "too bad" its even better than vmware esx's initiator
<seany> _ruben:  i havn't had too many problems with it
<seany> the ms one, haven't had a chance to play with iscsi as a back end for esx
<seany> seems like using NFS is "all the rage" :-p
<seany> :( my last bonnie test segfaulted
<jackfruit_> ahh it is my laptop connection after all
<jackfruit_> this is weird
<jackfruit_> i've had had problem with it before
<_ruben> i kinda prefer iscsi over nfs (block device versus directory sharing) .. then again, dont have much experience with either, yet
<seany> _ruben: well you have obvious issues pushing block devices around when you're trying to do something shared (clusting)
<seany> hence the plug for NFS in some instances
<_ruben> seany: true
<hollman> hello, how cant i upgrade my ubuntu 7.10 to 8.04 ???
<Nafallo> hollman: do-release-upgrade
<hollman> Nafallo: thnaks, now... they say me that it's not recomendable upgrade in a session of ssh
<Nafallo> oh? well. I thought it had magic for that stuff.
<Nafallo> dunno then.
<Deeps> hollman: it's not, you should connect to the machine locally and/or using an IP KVM / terminal server
<hollman> Deeps: thanks
<hollman> upgrading... :P
<mathiaz> zul: which open-iscsi bug ?
 * faulkes-_ is loving iscsi
<KL3B3R_Brazil> hi all
<KL3B3R_Brazil> I have just installed Ubuntu 8.04 (desktop) on a 4GB RAM based computer. Do you guys know how can I install (apt-get) a "server" kernel for PAE support ?
<KL3B3R_Brazil> /ping $m
<KL3B3R_Brazil> /ping $me
<KL3B3R_Brazil> No one?
<KL3B3R_Brazil> so, goodbay
<nealmcb> damn - cupsd apparmor problem: audit(1209761208.193:16):  type=1502 operation="inode_permission" requested_mask="rw" denied_mask="rw" name="/dev/tty" pid=6667 profile="/usr/sbin/cupsd"
<nealmcb> no files in /var/log/apparmor ...
<mathiaz> nealmcb: http://www.mail-archive.com/cooker@linux-mandrake.com/msg107191.html
<nealmcb> happens every time I try to print a particular document from evince, but not a different one
<mathiaz> nealmcb: webmin is mentionned
<mathiaz> nealmcb: the first paragraph is a good summary
<mathiaz> nealmcb: The reason they all suck worse than vi is because they all aim far too
<mathiaz> nealmcb: low
<mathiaz> nealmcb: that goes back to the argument of webmin gives to much power to the targeted users
<nealmcb> well, it is still less power than a shell, which they know less about and can do more damage with.  does ebox keep a change history?
 * nealmcb continues to read
<mathiaz> nealmcb: not yet - there is a save change  button - but you cannot review the change
<mathiaz> nealmcb: this is the thing I like about xwrt
<mathiaz> nealmcb: I can review the changes to be made before applying them.
 * nealmcb just puts all of /etc under bzr
<mathiaz> nealmcb: I've downloaded the latest version of webmin fron webmin.com and poked around
<nealmcb> does bzr have a perl api ( !! )
<nealmcb> mathiaz: in a virtual machine I bet :-)
<mathiaz> nealmcb: I only use virtual machines ;)
<mathiaz> nealmcb: For example, I went to the ssh server module, didn't make any change and saved
<mathiaz> nealmcb: the result was that sshd_config was modified
<nealmcb> did it ask or warn?
<mathiaz> nealmcb: since webmin deals with config files, that could you lead to configuration prompts during a package upgrade
<mathiaz> nealmcb: no
<mathiaz> nealmcb: considering the target audience of webmin it isn't the best thing to do
<mathiaz> nealmcb: if you use webmin, that you'd be ask for configuration prompts on package upgrades
<mathiaz> nealmcb: the other issue with that is that there are now 2 package on the system that have different ideas about what at configuration file should look like
<nealmcb> that is a good point.  will we get any advice from ebox before doing an upgrade (say yes to xyz, and no to def)
<mathiaz> nealmcb: the package version and the webmin version
<mathiaz> nealmcb: in the ssh example, webmin thinks that 'IgnoreUserKnownHosts no' should be part of the default sshd_config
<mathiaz> nealmcb: whereas the default sshd_config doesn't have the option set (which default to no)
<mathiaz> nealmcb: so although webmin reads the configuration files, it adds default values in the process, which are written back to the configuration file
<mathiaz> nealmcb: you still need to have defaults set somewhere, but they shouldn't be imposed on the configuration file
<mathiaz> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system. See !ebox instead.
<foolano> guys, regarding the change history in eBox, we have almost implemented the "log admin" module, which will tell you before saving all the changes you have done
<foolano> you will see a list of the modules changed and what has been changed
<mathiaz> nealmcb: this may be the reason behind the statement: It is not compatible with the way that Ubuntu packages handle configuration files,
<foolano> stuff like: module firewall -> added rule to output table, module network -> change configuration in interface eth0 from static to dhcp
<mathiaz> foolano: great - so you'll be able to review which changes are going to be applied ?
<foolano> exactly
<foolano> and that's something we want to add by default in the framework, so the module developer doesn't have to worry about it
<nealmcb> foolano: how about keeping actual diffs?  helpful at upgrade time or for invoking help from better admins
<mathiaz> foolano: agreed. that should be part of the framework.
<mathiaz> nealmcb: you mean something like rollback option ?
<foolano> nealmcb: what do you mean exactly by keeping diffs
<foolano> ?
<mathiaz> hm.. rollback is probably more complicated than just a diff
<nealmcb> well rollback would be nice also, but detailed info on what it did is a prerequisite for any sort of troubleshooting or getting assistance
<mathiaz> foolano: if you're updating a list of files, you could keep a diff between the file before and after the update
<nealmcb> I want ebox to keep a log of all changes to any config file (especially those which aren't internal to ebox)
<mathiaz> foolano: you know which files are going to be rewritten, so you can generate the diff
<nealmcb> at a level of detail that allows rollback at least outside ebox if not within it
<foolano> i c, that would be very easy to implement if you find it useful
<mathiaz> nealmcb: right
 * nealmcb is on the phone now
<mathiaz> foolano: yeah - nealmcb use cases is much better than a rollback
<mathiaz> foolano: knowing what happened to your system makes troubleshooting much easier
<mathiaz> foolano: having a log of which action has been done on the system is great
 * nealmcb ... and will be for 30 min or so....
<mathiaz> foolano: having a diff of the actual changes in the configuration file is even better :)
<foolano> coming up for the next release :)
<mathiaz> !ebox
<ubottu> ebox is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/eBox
<foolano> the "admin log" was scheduled for release 0.12. We already had some parts of eBox using it, but we disabled it for 0.11.99 because there were some modules which needed to be slighltly  modify in order to use it
<foolano> modified
<foolano> *
<foolano> the only thing is there are some actions that, with the current design, take action immediataly, things like changing the password for a user within ldap is done immdiataly
<mathiaz> foolano: the ebox factoids states  "It is designed to work with Ubuntu/Debian style configuration management" - could you elaborate on that ?
<mathiaz> foolano: I know you haven't written the ebox factoids
<foolano> i think what that means is we have tried to stick to the debian policy when it comes to modifying configuration files
<foolano> stuff like asking the user beforing overwriting a conf file if it has been modified by him and so on
<foolano> before*
<foolano> and there's also a software module to install system packages which is based on apt
<mathiaz> foolano: right - I've seen that in webmin too.
<mathiaz> foolano: how do you handle debconf questions ?
<foolano> right now, we don't manage them, we install packages with DEBIAN_FRONTEND=noninteractive
<mathiaz> foolano: ok
<foolano> by the way, do you guys think that openldap in ubuntu will ever use the new configuration schema?
<mathiaz> foolano: are you refering to the config backend 2.4 ?
<foolano> mathiaz: exactly
<mathiaz> foolano: probably - that should be discussed at UDS :)
<foolano> we sent this email: https://lists.ubuntu.com/archives/ubuntu-server/2008-February/001141.html
<foolano> mathiaz: hehehe, alright. It would be nice to have that by default, although i dunno how many things it could break :)
<foolano> i mean, how-to's and stuff which expects the old-fashioned config backend
<mathiaz> foolano: we'll probably have a discussion about openldap during UDS - your request is not the only one
<mathiaz> foolano: having a way to insert schemas in a ldap tree could be useful to any application
<mathiaz> foolano: re debian policy and configuration files, I'm not sure how ebox isn't compliant
<mathiaz> IIUC the sections about configuration files in the debian policy define how packages and maintainer scripts should behave
<mathiaz> it doesn't apply to application
<foolano> mathiaz: i thought so too
<mathiaz> otherwise any text editor would be subjected to the same policy
<foolano> yeah, exactly what it states is you cant mess around other config file in maintainer scripts
<foolano> but it doesn't say anything about upstream itself
<mathiaz> foolano: as the purpose of ebox is to modify the configuration files, it can do it whithout being non-policy compliant
<foolano> mathiaz: i agree on that
<foolano> but i also think it's nicer to warn the user if it's going to overwrite stuff modified by him
<mathiaz> foolano: yes - I totally agree with that
<mathiaz> foolano: there are some ideas that can be taken from the debian policy and tried to adapted to ebox
<foolano> mathiaz: i hope that the time i spent modifiying that is worh it :P
<foolano> i would be pleased to discuss them :)
<mathiaz> foolano: are you coming to UDS ?
<foolano> yeah, but just a couple of days
<mathiaz> foolano: great - we'll meet there and discuss it then.
<mathiaz> foolano: when will you be there ?
<foolano> i haven't booked my ticket yet, i was waiting to see when it would be better if you guys wanna talk about ebox
<mathiaz> foolano: how long do you plan to be in Prague ? one day ?
<foolano> mathiaz: two days
<foolano> plus one for my journey
<mathiaz> foolano: as you may know, there are two events: one is FOSSCAMP and then UDS
<mathiaz> foolano: FOOSCAMP is more for upstream talking to us
<mathiaz> foolano: UDS is more contrained in terms of time available
<mathiaz> foolano: we have one hour sessions to talk about topics
<foolano> yep, i attended the last FOSSCAMP
<mathiaz> foolano: ok - did you see parts of UDS ?
<foolano> nope, i couldn't cuz i had to catch my plane on monday
<mathiaz> foolano: right - I remember now
<foolano> my bloody plane was rescheduled and i had to leave earlier
<mathiaz> foolano: so FOSSCAMP has less time constraint
<mathiaz> foolano: we're busier during UDS as we focus on what we want to achieve for intrepid
<foolano> i c
<mathiaz> foolano: did you like the session you had at FOSSCAMP ?
<foolano> so it's better if i go during the fosscamp?
<foolano> mathiaz: yeah, it was  useful
<mathiaz> foolano: yeah - it may be better for you to target FOSSCAMP then.
<ScottK> foolano: If you want to be there to have influence over what's planned for Intrepid, you ought to be there for at least part of UDS.
<mathiaz> foolano: well - you'd only be interested in one topic
<mathiaz> foolano: or session
<mathiaz> foolano: OTOH if you plan to base your work on ubuntu, it's better if you can be at UDS
<foolano> ok, understood
 * nealmcb returns
<mathiaz> foolano: also, FOSSCAMP is friday and saturday - UDS is monday to friday the following week
<paneo> Hi, I instaled ubuntu server 8.04 on virtual pc. But I don't know how to configure internet.
<foolano> mathiaz: i'll check if i can extend a little bit my days in Prague
<foolano> i can't i guess i'll attend FOSSCAMP for sure
<foolano> if*
<mathiaz> foolano: there will probably a session about system administration from a GUI/web interface
<mathiaz> foolano: during UDS - that would be relevant to ebox
<foolano> do you know when the schedule will  be published?
<mathiaz> foolano: it's the number one feature asked on brainstorm.ubuntu.com
<mathiaz> foolano: nope
<mathiaz> foolano: however since you're relevant to the topic, we could make sure that the session is schedule while you're available
<foolano> that would be perfect
<hangthedj> I have an Ubuntu 8.04 Server, is it possible to take the hard drive out and move it to a different server?
<Nafallo> yes
<hangthedj> Thanks
<foolano> mathiaz:  i think I could be in Prague from saturday to monday, so we could have a session in FOSSCAMP, and I could attend UDS on monday
<foolano> mathiaz: anyway, i'll see if i can attend more days so you dont have to reschedule based on my attendance
<mathiaz> foolano: I think saturday to monday would be the best option
<foolano> cool, i'll try that
<Vlet> Hey, is it possible to set up software raid on a device without booting off the CD?
<Vlet> in other words, on a live system
<sommer> Vlet: I'd think so as long as you're not wanting to make / part of the raid
<Vlet> sommer: nope, just storage... how would I go about doing so? what do I look into?
<Vlet> sommer: I've only done it from the installer, so I'm not sure what to look into :)
<sommer> google, linux raid howto
<Vlet> duh :)
<Vlet> sommer: thankya
<sommer> also, you might try raid+lvm linux
<sommer> Vlet: np
<ScottK> dendrobates: Congratulations.
<cpare> Hello all
<dendrobates> ScottK: thanks.
<cpare> trying to install 8.04 64 bit, and finding the install is unable to mount the CDROM
<cpare> any suggestions?
<cpare> This is a T-105 Dell Server
<cpare> has anyone reported problems with this, I seemed to read something about the 64bit having this, and the 32 not
<cpare> can anyone verify?
 * nealmcb cheers for dendrobates
<sommer> cpare: does it boot from the cdrom?
<sommer> dendrobates: congrats from me as well :)
<Nafallo> ?
<cpare> sommer - it does boot from the cd without issue
<cpare> only one CD-Rom drive
<Nafallo> dendrobates: what did you do now? :-)
<cpare> I tried to check the disk, but it needs to mount there as well
<dendrobates> Nafallo: finally became MOTU.
<sommer> cpare: is there any errors
<Nafallo> dendrobates: ah! good to have you onboard :-)
<cpare> if I hit the space bar rapidly, I can see soemthing about Invalid Parameter
<sommer> cpare: if you hit alt+f2 you'll get a console, and alt+f4 is the installer output, is there anything there?
<sommer> cpare: also, have you tried a different CD?  maybe it's just a bad disc?
<soren> soren 1, iptables 0.
<soren> \o/
<matt____> does anyone know about setting up mysql server with jdbc?
<sommer> heh, did you play table tennis agains iptables?
<soren> sommer: I'm not sure what kind of games iptables thought we were playing.
<cpare> I am getting ready to burn the Desktop 64bit, then convert to server
<soren> I won. That's what matters :)
<cpare> and see if that helps
<sommer> heh, iptables plays for keeps!
<cpare> it could be a bad disk
<sommer> cpare: ya, I'd give it a try at any rate
<cpare> there were threads about that online, but it seemed bunk
<cpare> will do, thanks!
<sommer> cpare: welcome
<matt____> does anyone know about setting up mysql server with jdbc?
<sommer> matt____: I've done it once... if I remember correctly
<sommer> matt____: are you getting a specific error?
<matt____> sommer: if by specific, here one is...
<matt____> sommer: *recreates error
<matt____> when using openoffice to try and connect to it, i get "unexpected exception encountered during query"
#ubuntu-server 2008-05-03
<matt____> sommer: btw, i'm simply wondering, after installing the lamp server hardy 8.04 disk server thing, do i need to do anything to mysql to make it "compatible" with jdbc?
<matt____> sommer: i've setup a remote user for mysql, and i've even logged into if from this machine...
<matt____> sommer: is there something better than openoffice i could use to connect?
<sommer> matt____: yeppers, you'll need the libmysql-java package, and a jvm, but there might be one by default
<matt____> sommer: jvm?
<matt____> sommer: like sun-java-***
<sommer> matt____: what are you trying to do?  what's your end goal?
<sommer> matt____: yep jvm == java virtual machine
<matt____> sommer: you know, that may be one thing that i've not did...that will work. but just wondering...which sun-java should i install?
<matt____> a jre? a jdk? version 5 or 6? they make it so confusing
<sommer> matt____: whichever one meets your needs... I'd probably go with 6
<sommer> are you developing something?
<matt____> 6 jde or jdk?
<matt____> sommer: umm...i don't think so
<matt____> sommer: my end goal is to setup a simple contacts database...
<sommer> matt____: mmmm... if you're looking for simple then why java?
<matt____> sommer: well..by simple, i mean using mysql...so that i can access it remotely via ssh
<sommer> matt____: ah, but why do you want to use java?  I only ask because you don't seem to know much about it
<sommer> matt____: for a simpler solution I'd suggest python, perl, ruby, etc
<matt____> sommer: i know nothing of it...i just want to be able to connect open office base to mysql, and jdbc and odbc are the only two options, i believe...
<sommer> oh, now I see... have you searched linuxjournal.com or linux.com?  I believe one, or both, of those sites have a guide for setting that up
<jiqiren> matt____: did you try this: http://dba.openoffice.org/FAQ/specific.html#connectmysql
<sommer> matt____: I've only setup mysql and java for a developers perspective
<matt____> sommer: i've found (and used) about 4 of them. But openoffice keeps giving me problems...
<matt____> sommer: jiqiren i'm wondering...on the server end, do i have to do something to mysql to make it compatible with jdbc?
<sommer> jiqiren: bonus, thanks for the link
<jiqiren> matt____: no, it is the driver that is jdbc, it will communicate with mysql using mysql-lingo
<matt____> jiqiren: so a default mysql server is compatible with jdbc, correct? because the driver talks in mysql. gotcha. so it is something i am doing wrong...
<matt____> sommer: jiqiren that link, i've seen it, but i don't know about one thing. let me try it, and then i'll tell you
<jiqiren> mysql server doesn't understand jdbc, that's why you need the driver
<matt____> jiqiren: so i need jdbc on the server?
<matt____> jiqiren: libmysql-java?
<jiqiren> no, the driver is what openoffice will use to talk to mysql, openoffice only talks ODBC or JDBC, so you get a driver that will in turn talk to mysql
<jiqiren> mysql has this driver available for free as a .jar
<matt____> jiqiren: yes, that is the same as libmysql-java i believe, it installs that java, but i am using the jar...
<jiqiren> http://dev.mysql.com/downloads/connector/j/5.1.html (also has a library... but openoffice just wants the .jar)
<matt____> jiqiren: already got that
<matt____> using the jar
<matt____> in oo
<jiqiren> matt____: ok, then you should be good
<matt____> jiqiren: when i try to connect oo to mysql, i get "unexpected exception during query"
<jiqiren> either java is misconfigured on your box - or the driver is throwing an exception (like it is getting access denied)
<jiqiren> what is the exception?
<matt____> *unexpected exception encountered during query. that's all i get
<nasa> Hi, I am trying to setup a raid sever.  I am using a highpoint rocketraid 2320 pci express card.  I have that all setup and have a JBOD drive setup.  Syslog shows the device, but I can't get fdisk, parted, or gparted to see it
<jiqiren> you need to find where that is logged - or turn on logging somehow
<nasa> What am I missing?
<matt____> jiqiren: ok...here something is...
<jiqiren> nasa: why would you setup a raid as jbod?
<matt____> "the connection to the data source "New Database6" (open office save file thing) could not be established. Access denied for user 'matt'@'192.168.1.102' (using password:YES)
<jiqiren> ok, so you have some mysql access problems - that is the exception
<matt____> jiqiren: but...i can log into mysql remotely from this client, i JUST did this... mysql -u matt -h 192.168.1.250 -p
<jiqiren> on the command line, try "mysql -h 192.168.1.102 -u matt -p "New Database6"
<nasa> jiqiren: I have a 2nd raid setup (previously done) which is 4 drives setup as a raid 5.  This drive (only a single one) is a TB drive.
<jiqiren> on the commandline you are just connecting to mysql without using a DB
<matt____> jiqiren: umm..won't work...the New Database thing is the thing that open office saves so that you can open it up and access the database on the server without having to retype all the info
<jiqiren> I bet jdbc is trying to connect to a DB that doesn't exist - or you don't have access to
<jiqiren> like try mysql -h 192.168.1.102 -u matt -p mysql
<matt____> jiqiren: the database i'm trying to connect to is BOOKS, and i just logged into mysql as matt and use BOOKS worked
<matt____> jiqiren: well.. use BOOKS;
<jiqiren> ok, is openoffice aware of BOOKS as the DB to connect to?
<matt____> jiqiren: yes..it asks for it...
<jiqiren> so something is getting dropped by oo
<matt____> jiqiren: mind explaining the difference between the jdk and jre?
<jiqiren> jdk is jre+dev tools
<matt____> java develepmont kit and java runtime environment?
<matt____> so would i need to jre?
<matt____> 6? lettme install that on my client, i'm not sure what's installed now, but something is...
<jiqiren> they are both the same, you need 1 of them for running jars
<matt____> jiqiren: ok...so i've already got that installed..but do i need that installed on the server as well?
<jiqiren> no the server doesn't care about java at all
<nasa> I am keeping the 1tb a JBOD until I can aquire some more closely matched drives
<matt____> jiqiren: hmmm...ok.
<matt____> lettme try to connect oo to mysql db
<jiqiren> nasa: ah ok, so you can't access the 1 disk that is jbod?
<matt____> jiqiren: its weird, it is telling me that access is denied...
<nasa> jiqiren: correct
<matt____> and sometimes it tells me the exception error
<jiqiren> matt____: i don't understand that if it works fine from the commandline - maybe the password is getting dropped? or you mistyped it when setting it up in OO?
<matt____> jiqiren: nope, i type it everytime in oo and cli. cli always works, surely i don't type it wrong everytime in oo?
<jiqiren> nasa: is this jbod disk on the same raid card as the existing raid5?
<jiqiren> matt____: have you tried restarting oo? maybe the drive likes to cache things - even when broken?
<matt____> jiqiren: do you know of any other "database" type things like openoffice and access that are opensource that perhaps i could try?
<matt____> jiqiren: i restart oo everytime i try...
<jiqiren> matt____: I'm going to try setting up a OO connection real quick... hold on
<nasa> jiqiren: yes
<jiqiren> matt____: crap, I don't have oo - i'm on a mac
<matt____> jiqiren: alright...but lettme ask you this: i notice that the java connector is like version 5.1.6...would it make a difference between jre 5 or jre 6?
<matt____> jiqiren: hmm...you've got the equivalent, right?
<jiqiren> matt____: i have plenty of DB's but don't have oo
<jiqiren> I have neooffice
<matt____> but yeahh...the jre 5 or 6 question...?
<matt____> jiqiren: alright...but lettme ask you this: i notice that the java connector is like version 5.1.6...would it make a difference between jre 5 or jre 6?
<jiqiren> matt____: I don't know, have to look at the docs for the driver
<matt____> jiqiren: i'll uninstall 6 and try 5...
<matt____> jiqiren: btw, i don't need to use openoffice, anything that will alow me to paste into tables will work for now...
<jiqiren> i don't know what you mean by past into tables
<jiqiren> s/past/paste
<matt____> jiqiren: paste...umm...edit tables by typing into them...instead of using the cli to edit tables...
<jiqiren> matt____: ah... well, I think there are some db gui tools that can help you with that
<matt____> jiqiren: i downloaded something from sun..but i can't figure out how to run it
<matt____> gui tools
<matt____> jiqiren: and openoffice would do it, right?
<jiqiren> but it sounds like you really want to be using a spreadsheet
<matt____> jiqiren: umm...sorta. I want to spreadsheet i've got into a database...
<matt____> lots of records..
<matt____> *want the spreadsheet
<matt____> jiqiren: ??
<jiqiren> matt____: i just got neooffice to work fine with mysql
<matt____> jiqiren: hmm...ok...
<jiqiren> using the java jdbc driver
<matt____> jiqiren: in openoffice, when connecting to a database, i hate the option of "mysql THEN selecting jdbc within that, OR just jdbc upfront..
<jiqiren> I do mysql
<matt____> *have
<jiqiren> then select jdbc
<matt____> that is what i've been trying...
<jiqiren> have you tried "test" db and then no user/password?
<matt____> jiqiren: no, didn't know it existed... :(
<jiqiren> oh btw
<jiqiren> are you running mysql on the same machine as OO?
<matt____> jiqiren: no
<jiqiren> ah - then test db won't work
<matt____> jiqiren: well...sorta.not sure what you mean.
<matt____>  i installed me some sorta client thing...not sure if that means anything.
<jiqiren> are you running mysql on the same computer as mysql is running?
<jiqiren> errr
<jiqiren> openoffice
<matt____> jiqiren: hmm
<jiqiren> if so, you should use "localhost" for the hostname
<matt____> jiqiren: here is something interesting..i can test the driver for jdbc...and it says "the jdbc driver could NOT be loaded"
<matt____> i overlooked "not" The many times i tested it..
<jiqiren> matt____: did you do the steps on http://dba.openoffice.org/FAQ/specific.html#connectmysql ?
<jiqiren> where you add the jar file to oo?
<matt____> jiqiren: i did that..but lettme try "again"
<matt____> while installing sun-java6-jre, i noticed that there is a sun-javadb-client
<matt____> just wonders*
<matt____> jiqiren: default port should work, right?
<jiqiren> ye
<matt____> jiqiren: btw, this time i got a really weird error
<matt____> jiqiren: ....
<nasa> btw: gparted does see the raid 5 array just fine....
<matt____> jiqiren: *wonders if i can send jiqiren the screenshot of the error over irc...
<matt____> jiqiren: how can i send a file over irc?
<jiqiren> nasa: but you don't see the jbod disk? sometimes jbod disks need to be marked "export" in the bios
<andrew-2> im having trouble installing live usb with ubuntu. the command is ;cp -aR casper disctree dists install pool preseed .disk /mnt/usb_disc. it returns with ;cp: cannot stat `disctree': No such file or directory . does anyone know what i may be doing wrong?
<jiqiren> nasa: I mean in the raid-card bios
<jiqiren> matt____: dcc
<matt____> usage? in irssi
<matt____> you get anything?
<matt____> "/dcc jiqiren /path is what i tried
<jiqiren> i didn't get a request
<andrew-2> any one a guru at live usb installs?
<matt____> jiqiren: know how to use dcc?
<jiqiren> jiqiren: of course! :)
<matt____> jiqiren: then tell me!
<matt____> :)
<jiqiren> i don't use irssi.
<matt____> oh, ok
<matt____> do you know of how to use it using cli?
<matt____> instead of fancy buttons?
<jiqiren> i like nice friendly gui irc
<matt____> jiqiren: ok..i know how...watch this
<jiqiren> commandline is for doing real work - like DB!
<matt____> you get a request?
<nasa> jiqiren: I get a bunch of messages about the JBOD in my syslog file -- I just can't do anything to mount it, fdisk it, or use parted...
<jiqiren> no, I'm natted twice so I bet it won't work
<matt____> anything jiqiren ?
<nasa> from syslog:  scsi 0:0:1:0: Direct-Access     HPT      DISK_0_1         4.00 PQ: 0 ANSI: 0
<jiqiren> matt____: nope, sorry
<matt____> jiqiren: ok..hold on
<nasa>  sd 0:0:1:0: [sdb] Very big device. Trying to use READ CAPACITY(16).
<jiqiren> nasa: but when you try to access sdb you get a io error?
<nasa> sd 0:0:1:0: [sdb] Write cache: disabled, read cache: enabled, doesn't support DPO or FUA
<nasa> jiqiren: no, I can't even access it....
<jiqiren> nasa: no /dev/sdb exists?
<matt____> jiqiren: HTTP, for when all else fails! http://linuxhack3r.com/Images/snapshot2.png
<nasa> it exists, but when I try to fdisk it I get "Unable to open /dev/sdb"
<jiqiren> matt____: looks like java hell, that is beyond me - i'm just a dba
<nasa> gparted && parted does not  find sdb at all
<jiqiren> nasa: are you using lvm by any chance for your raid5?
<matt____> jiqiren: i hate java, who needs it? lol
<matt____> jiqiren: so any experience with linux and odbc?
<nasa> No, not yet (I plan to move stuff from the raid 5 onto the JBOD, so I can setup LVM on it)
<jiqiren> matt____: I have years of LAMP stack experience
<jiqiren> nasa: are you using labels in /etc/fstab ?
<matt____> jiqiren: LAMP....i installed that the other day..it's nice. but how about odbc?????????????
<jiqiren> matt____: nope
<matt____> jiqiren: lol
<jiqiren> matt____: very minimal
<nasa> labels?  I haven't added anything to fstab
<matt____> jiqiren: i'm going to give it a try...perhaps i'll tell you if it works or not. thanks for the help, not once did you tell me to RTFM
<jiqiren> nasa: so in your /etc/fstab, do you have LABEL=/ / .... ?
<jiqiren> nasa: I'm wondering if your sda/sdb swapped after you added the jbod disk
<nasa> No
<nasa> however, I do have this line in syslog...
<nasa> sd 0:0:1:0: Attached scsi generic sg1 type 0
<matt____> jiqiren: default port? 3306?
<jiqiren> nasa: hmmm that is weird
<jiqiren> matt____: yep
<nasa> and a bunch of errors for fd0:  "end_request: I/O error, dev fd0, sector 0"
<nasa> I don't have a floppy drive at all
<jiqiren> nasa: what does this give you: lshw -businfo -C disk
<jiqiren> nasa: this might be better: lshw -businfo |grep scsi
<matt____> jiqiren: it works. i have tried setting up odbc before, but i clicked the usr button instead of the system button.
<nasa> scsi@0:0.0.0      /dev/sda   disk        959GB DISK_0_0
<matt____> jiqiren: so now...it works..looks like odbc is simpler than java stuff
<nasa> scsi@0:0.1.0      /dev/sdb   disk        DISK_0_1
<nasa> ide@0.0           /dev/hda   disk        60GB ST360021A
<nasa> strange....  sdb doesn't have a size associated with it
<jiqiren> so sda is your raid5
<matt____> jiqiren: even though now...in the mysql table, column host and name etc,  all i have is <object> instead of actual values...
<nasa> Yeah
<jiqiren> matt____: sounds like a oo thing. :)
<matt____> jiqiren: perhaps. perhaps indeed. i think i'll create another database and try some stuff.
<jiqiren> nasa: yea i don't get that
<nasa> 0 512-byte hardware sectors (0 MB)  -- from syslog.....
<jiqiren> nasa: see if you can export the disk in some other way with calling it a jbod - maybe the card isn't doing somethign right
<matt_____> jiqiren: do you know the whole "show where =" stuff?
<matt_____> jiqiren: mind showing me an example of one with the database and table format ?
<matt_____> jiqiren: the contents of my database are going to be slightly confidential and sensitive...
<matt_____> jiqiren: so if i encrpt a directory with truecrypt, and mount it, ie the database dir, will this work? securely i mean..
<osmosis> any help with this?  http://dpaste.com/48066/
<jackfruit> uhm guys , i changed the host name and now sudo is borked, any suggestion ? it's a remote box :/
<jackfruit> anyone ?
<jackfruit> :(
<nealmcb> jackfruit: perhaps this will help https://bugs.edge.launchpad.net/ubuntu/+source/hostname/+bug/113778
<uvirtbot> Launchpad bug 113778 in hostname "Changing hostname using "hostname" breaks sudo (dup-of: 32906)" [Undecided,Incomplete]
<uvirtbot> Launchpad bug 32906 in sudo "sudo fails if it cannot resolve the local hostname and no MTA is installed" [High,Fix committed]
<nealmcb> fixed in hardy-proposed - thanks pitti!!
<stiv2k> hello I am having trouble forwarding my mysql over ssh
<jackfruit> nealmcb: so basically my box is hosed until i can get to it ?
<jackfruit> :(
<jackfruit> a major pita just because of  a wronged /etc/hosts file
<jackfruit> nealmcb: is there a way to fix it w/o having to physically access the machine ?
<_ruben> havent read the bugreports, but im afraid it involves booting in recovery mode?
<jackfruit> yes
<jackfruit> one way to fix it
<jackfruit> i wonder, how far out of the network does sudo go ?
<jackfruit> does it do a full DNS lookup ?
<jackfruit> or does it just look in /etc/hosts
<jackfruit> can't sudo w/o right host, and can't change hostname w/o sudo
<jackfruit> lol
<jackfruit> after this i'm gonna enable root with a random pass and sticky it somewhere
<jackfruit> hahahaha
<Deeps> sudo -s wont let you get a root shell?
<Deeps> i've found sudo complain about unable to lookup hostname, but never actually stop me from getting my root shell
<jackfruit> nope
<Deeps> wow, haha, that's pretty piss poor
<jackfruit> Deeps: it's so stupid
<jackfruit> and i feel stupid too
<jackfruit> one guy in the bug report said it right
<jackfruit> it shouldn't do the lookup at all since by default sudoers works for ALL
<_ruben> i always have a local mta, thus wont be affected by this bug :)
<jackfruit> seriously after this i'm gonna enable root with  a 100 digit random string and stash it on my local machine
<jackfruit> lol
<jackfruit> i've never missed it more than now :(
<Deeps> heh, on my local machines, i enable no password su auth to root for wheel group
<jackfruit> i'm gonna do that from now on with every machine, root + a default useraccount stashed away like backdoor
<jackfruit> lol
<fromport> aptt
<fromport> ouch , ww
<nealmcb> jackfruit: I think in the bug report I referenced said that for one person it worked to try sudo over and over - see 2 references to Pat72's comment.  seems odd - may not be the same bug, but maybe worth a shot
<jackfruit> nealmcb: i got it worked out
<jackfruit> ended up changing the a record for the wrong hostname to 127.0.1.1
<jackfruit> =)
<jackfruit> saved me 2 hours of driving
<nealmcb> jackfruit: excellent!  you mean you changed it on the dns server which that box used, elsewhere in your network?
<jackfruit> yes
<jackfruit> i happened to use a fqdn hostname
<nealmcb> could you add that to the main bug report?
<nealmcb> (bug 32906)
<uvirtbot> Launchpad bug 32906 in sudo "sudo fails if it cannot resolve the local hostname and no MTA is installed" [High,Fix committed] https://launchpad.net/bugs/32906
<jackfruit> nealmcb: hostname shouldn't be fqdn should it ?
<jackfruit> now come to think of it
 * delcoyote hi
<nealmcb> jackfruit: I usually set it up as fqdn, and put that in /etc/hosts
<jackfruit> nealmcb: ok i added the comment
<nealmcb> :-)
<xeorex_> Hi
<xeorex_> Is it possible to make a xubuntu server that will boot itself during the night (via the Bios, that's possible), wake on line other Windows workstations attached to the network, do a backup of selected files (do I need to login into Administrator for this?), shut down the Windows systems when finished, keep track in a log files, shut the server down when all processes are completed?
<xeorex_> Query me if you know please
<xeorex_> xubuntu or ubuntu server
<Deeps> simple script run at runtime
<Deeps> shove it in /etc/init.d and update-rc.d to make it run on startup
<xeorex_> Is it for me Deeps?
<Deeps> yep
<xeorex_> So it's possible. Will I need to login as an Administrator on the Windows systems from the Ubuntu server? Will I need Samba?
<Deeps> you'll probably need a tool to do the WOL event, then a delay to wait for the machines to boot
<nealmcb> xeorex_: or put it the script in /etc/rc.local
<Deeps> moounting the filestores using samba would probably be a good idea
<nealmcb> (i.e. call the script from there....)
<Deeps> rsync (or any other tool) to backup the relevant files from the mounted shares
<Deeps> another tool to issue the shutdown commands to the windows machines when backup operation's complete
<Deeps> have all output redirected to a file ( >> /var/log/script/time.log 2>>&1)
<Deeps> and then shutdown -h now at the end of the script
<Deeps> it's certainly doable, but you're gonna need to work out the process doing it manually first, before you try scripting it
<xeorex_> Thanks a lot, you just boosted my confidence in this project
<Deeps> and yeha, you could just call it from rc.local instead of making an init script + using update-rc.d
<Deeps> although i think rc.local is called in single user (recovery mode) too, which you probably wouldn't want
<Deeps> you might find it makes more sense to have it as a cronjob rather than a boottime job
<Deeps> and/or have it check the time before running
<Deeps> otherwise every time you  boot it'll run
<Deeps> which may not be desired behaviour
<Deeps> good luck!
 * Deeps heads out
<xeorex_> Thanks again
<nealmcb> Deeps: rc.local "This script is executed at the end of each multiuser runlevel"
<nealmcb> but I agree, you won't *always* want it to be run even multiuser
<xeorex_> What you call "mounting the filestores", you mean "mounting the windows ntfs partition"?
<nealmcb> sounds right
<xeorex_> Would you go for Ubuntu or Xubuntu for this task?
<xeorex_> Yep, Ubuntu server will do. There is no Xubuntu-server.
<jcastro> soren: ping
<xeorex_> Will a ubuntu-server 8.04 x64 run properly on a Dell Precision 360? How could I check this?
<vanberge> i'm a windows server guy - trying to learn a little about what cool things ubuntu server edition can do.  anyone have ideas?  (i.e. i just installed eBox)  just looking for suggestions, thanks in advance
<xeorex_> Yeah, I am working on a server to backup nightly data from Windows networked workstations switching on the Windows client by WoL and switching them off when processes are done. That's a suggestion
<vanberge> i was thinking of centralizing my files too... like i have documents on 1 computer, pictures on another... music and videos on a third.  is there a way in ubuntu server i can do that?
<vanberge> i guess i could use samba and just do a windows file share
<xeorex_> You mean a File Server?
<Nafallo> NFS?
<xeorex_> Sure you will find plenty of How To if you Google it
<vanberge> Nafallo, can winbloze clients connect to NFS ?
<vanberge> i was considering that
<Nafallo> ah. you had those as well...
<vanberge> i have 1
<vanberge> that my wife won't let me get rid of
<Nafallo> I'm not at all into Windows myself, so can't answer that.
<vanberge> lol... me neither
<Nafallo> have you considered changing wife? ;-)
 * Nafallo hides
<vanberge> lmao...
<vanberge> not as of now
<vanberge> i will talk her into at least letting me dual boot it
<vanberge> then i can use ubuntu, she can use vista
<Nafallo> anyway. samba would probably be the best option for you then :-
<Nafallo> )
<Nafallo> OR!
<Nafallo> you could run NFS and she would have no access to the media :-)
<Nafallo> that might get her to switch over? ;-)
<xeorex_> Vista, Oh dear. I got the fastest Laptop possible and Vista was still crawling on it. I have to admit I didn't that the Boost system of Vista put itself in place before uninstalling it.
<vanberge> i spend a good week removing bloat
<vanberge> it was using 1.6 gigs of ram just running
<vanberge> i have that down to 600 megs ish
<xeorex_> I have 4 Gigs on this laptop. I think Vista needs more.
<vanberge> holy cow... they got one thing right on vista
<vanberge> Services for UNIX has been renamed "Subsystem for UNIX-based Applications," and is included with the Enterprise and Ultimate editions of Vista. Network File System (NFS) client support is also included.
<vanberge> Nafallo, looks like NFS is an option
<Nafallo> :-)
<xeorex_> you could possible get a small linux installed on the computer and get Vista and Ubuntu running under vmware? Would that works? It would then be easy to do backup/images of each system.
<vanberge> well, atm my wife is in a 'dont touch this computer' mode
<xeorex_> install a virus
<vanberge> she wants to at least have 1 computer that i dont 'mess with'
<vanberge> lol
<xeorex_> that why vmware would be good for you. You can mess as much as you want.
<xeorex_> But it's quiet slow to use vmware under windows.
<xeorex_> since you get a GUI working under another GUI (20% resources lost)
<vanberge> Nafallo, you still around?
<Nafallo> yes
<vanberge> i got nfs working - thought id bounce a question off you... do you know NFS ?
<vanberge> i can mount it but its read only.. i want to do it read/write
<Nafallo> have used it before, but not in the last few years. do you have the same ids on both machines?
<Nafallo> I would check the permissions and see if that gives any more info
<vanberge> i believe so... and my export file has:  /nfs/shared *(rw,sync,no_root_squash,sno_subtree_check)
<vanberge> nvm... apparently works now
<vanberge> lol
<vanberge> now i just have to figure out my fstab so it mounts at boot every time
<ere4si> vanberge: 192.168.0.2:/media/wd20g/movies /filet nfs soft,rsize=8192,wsize=8192,timeo=14,intr  - is my nfs mount in fstab
<vanberge> ere4si, /filet is necessary?
<vanberge> ere4si, also, does moutning it this way put an icon on the desktop for the mount?
<ere4si> vanberge: just what I called the mount point - the previous was /files
<ere4si> vanberge: no
<vanberge> ok..
<ere4si> vanberge: I made an icon on my dock for them
<ere4si> vanberge: you need to make a file to mount it to - I called mine filet
<ere4si> on the other comp the file I wanted to mount was /media/wd20g/movies
<vanberge> i have a /home/username/nfs for the mountpoint... i just wanted to make sure it didnt put an icon on the desktop.  it does put one there do it manually
<ere4si> manually to get a desktop icon
<vanberge> ok... im gonna try now
<vanberge> thanks!
<vanberge> ere4si, that worked perfectly... it mounted automatically
<vanberge> however, it did put an icon on my desktop. :-(  anyone know of a way to take that off?
<ere4si> vanberge: great:)
<ere4si> vanberge: I never get the icon - try gconf-editor  aps- nauatilus
<ere4si> *apps
<ere4si> bugger me - nautilus -apps
<vanberge> good call
<vanberge> 'show mounted volumes' is checked
<ere4si> got it wrong again....apps-nautilus
<ere4si> uncheck it for no icon
<vanberge> roger that... got it
<vanberge> that's awesome...  thanks man
<ere4si> np
<AtomicSpark> !kerby
<ubottu> Factoid kerby not found
<ere4si> !info kerby
<ubottu> Package kerby does not exist in hardy
<AtomicSpark> it exists in ubuntu-offtopic
<ere4si> spelling right?
<AtomicSpark> no. haha.
<AtomicSpark> !kirby
<ubottu> Factoid kirby not found
<AtomicSpark> -_-
<ere4si> hehe
<ere4si> I tried that in a /msg ubottu
<LeChacal> ok i have a drive that i cant remember/not totally sure where it came from but it has a LVM file system on it and i cant seem to mount i have gone through the normal lvm2 stuff i did search vgscan and lvscan dosnt find it and yes i loaded the dm-mod so i am wondering if there is away to tell if there is anything really on there because it might be empty and i just need to do a lvcreate/pvcreate or if there is data on there if i d
<AtomicSpark> is it encrypted?
<LeChacal> AtomicSpark: like i said i dont know much about the drive i just found it in our web server the other day when i did a 'fdisk -l'
<LeChacal> AtomicSpark: is there a way to tell if it is encrypted?
<AtomicSpark> no idea. i haven't explored lvm much. just used it. they need a better guide on how to use it if you set it up during install, not after. so basically howt o manage lvm volumes.
<LeChacal> yes i have tried reading the man files and google on lvm and didnt come up with much help
<ere4si> !lvm
<ubottu> Tips and tricks for RAID and LVM can be found on https://help.ubuntu.com/community/RaidConfigurationHowto and http://www.tldp.org/HOWTO/LVM-HOWTO
 * AtomicSpark bookmarks
<AtomicSpark> hmm. it's sortof outdated. just mentions lvm1 commands and ext2
<LeChacal> i have actuly read through all that when i was working with another LVM drive that i found. i another guy just took over maintance on a web/mail server and beowulf cluster and the last guy was not so nice to leave notes so we have to just explore stuff
<akuma55> whats up ppl
<ere4si> if the point of encryption is to make it hard to access and you have to access an encrypted drive then...
<AtomicSpark> when you mount it, it should ask for the passphrase
<ere4si> send the other bloke money
<AtomicSpark> take him to small claims court! lol
<ere4si> hehe
<LeChacal> what if he dont want money? haha
<ere4si> LeChacal: is the patition mounted?
<ere4si> *partition
<LeChacal> ere4si: i cant get it to mount i cant actuly find it (with vg/lvscan) for that matter the only reason i know it is there is because i see it in fdisk and i physically see it in the box
<ere4si> LeChacal: fdisk -l will list it with a /dev folder - then mount -v /dev/folder should get some output?
<AtomicSpark> maybe it's just a volume and hasn't been formatted with any file system? could be a mistake. how big is it?
<ere4si> df -h
<LeChacal> well fdisk says it is pretty close to 40GB but since it isnt mount 'df' dosnt tell me anything about it and the error that when i just try to mount it normally is  unknown filesystem type 'LVM2_member'
<LeChacal> i cant find the volume group name, which i know is what i need to mount a lvm partition
<ere4si> time to send cash or beers to the other bloke
<LeChacal> that could be easyer said then done with this guy
<LeChacal> but thanks for the help, i just hope there isnt anything important on the drive
<ere4si> if everything works as it should leave it for a while then consider it free space
<LeChacal> yea i might just look at the hex of the drive and see if there is anything on it, if there isnt i am pulling and putting it in the cluster with non lvm filesystem
<LeChacal> lvm is a really pain the behind
<ere4si> nothing in /etc/fstab about it/
<ere4si> *?
<LeChacal> nope i look there
<ere4si> k
<ere4si> good luck
<LeChacal> thank you
<dramr4ever> i need (linuxfirewall IDS Bandwidth control web caching is that possible with linux
<domare> questions..   im lost.    When i have HH server up & running.     Can i run VMware on top?
<dramr4ever> ubuntu linux
<domare> or should i try to get a server running on desktop verson of HH
<dramr4ever>  i need (linuxfirewall IDS Bandwidth control web caching is that possible with ubuntu linux )
<dramr4ever> if please any body can help
<domare> i know those things are possible.  i do not know how though
<LeChacal> dramr4ever: for the firewall part i would look at a firewall vesrion of linux and look at them for your other stuff because a lot of them have that kind of stuff
<torkel_> I just ran 'aptitude install slapd' and now it's running 'Reloading AppArmor profiles'... and it has said that for a very long time.
<torkel_> What should I do? =)
<ere4si> how long has it been?
<torkel_> long
<torkel_> an hour
<torkel_>   702 root      20   0 10996 4824  936 R  100  0.2  52:03.76 apparmor_parser
<torkel_>   702 root      20   0 10996 4824  936 R  100  0.2  52:03.76 apparmor_parser
<ere4si> that does seem long - on dialup by any chance?
<torkel_> 702 root      20   0 10996 4824  936 R  100  0.2  52:15.76 apparmor_parser
<torkel_> nope
<torkel_> it seems like it froze
<ere4si> less than a min by what you posted there
<torkel_> 52:15
<torkel_> it's from 'top'
<torkel_> invoke-rc.d apparmor restart also freeze, either with usr.sbin.mysql or slapd
<ere4si> can't offer more - maybe someone else an chime in
<ere4si> *can
<sommer> torkel_: are there any error messages in /var/log/syslog or /var/log/daemon.log when you try to start slapd?
<torkel_> sommer: don't think so, but I'm unable to check atm. It is a remote server and I just lost the connection while I did 'invoke-rc.d apparmor restart' :)
<torkel_> up again in a couple of minutes... if it doesn't freeze on apparmor startup
<torkel_> sommer, no error messages on openldap in the logfiles
<torkel_> sommer: it is apparmor that is freezing
<sommer> torkel_: are there any specific errors?
<torkel_> sommer, let me check the logfiles once more
<torkel_> syslog:May  3 21:13:06 renzor kernel: [1912596.398432] BUG: soft lockup - CPU#0 stuck for 11s! [apparmor_parser:702]
<torkel_> syslog:May  3 21:13:06 renzor kernel: [1912596.398511] Pid: 702, comm: apparmor_parser Not tainted 2.6.24-12-server #1
<sommer> torkel_: is the cupsd profile in enforce mode?  sudo apparmor_status will tell you
<akuma55> if i woukd like to learn networking and how to work a server is ubuntu good for a start
<akuma55> ?
<sommer> akuma55: as good as any I'd say
<torkel_> sommer: apparmor_status returns many zeros
<sommer> torkel_: are you running hardy?
<torkel_> yeah
<sommer> torkel_: can you pastebin the apparmor_status output?
<akuma55> sommer: so you think it wold be a good idea to start with ubuntu instead of feora or redhat
<torkel_> sommer: ok
<torkel_> sommer: I haven't touched apparmor yet, only some packages that have done something with it I guess.
<sommer> akuma55: sure, I like ubuntu better :-)... but really the distro isn't quite as important as the service you're trying to learn
<sommer> torkel_: gotcha, that's why it seems strange to me that apparmor is causing problems
<torkel_> sommer, which pastebin?
<sommer> torkel_: was your system upgraded from gutsy, or a new install?
<sommer> !pastebin
<ubottu> pastebin is a service to post multiple-lined texts so you don't flood the channel. The Ubuntu pastebin is at http://paste.ubuntu.com (make sure you give us the URL for your paste - see also the channel topic)
<sommer> should work :)
<torkel_> sommer, new install.. upgraded from the release candidates
<akuma55> i know i wont to learn the hard way butsome time the hard way nobody like to get me support help?
<akuma55> .
<torkel_> http://paste.ubuntu.com/9803/
<sommer> akuma55: from my experience it's best to learn the cli, and if you have a specific question people are willing to help
<sommer> torkel_: looking
<akuma55> cli?
<sommer> torkel_: ah, try "sudo apparmor_status"
<sommer> akuma55: command line interface
<akuma55> oh ok
<akuma55> kool
<torkel_> sommer, same output
<akuma55> did not know
<akuma55> as cli
<sommer> torkel_: do you have profile files in /etc/apparmor.d ?
<torkel_> sommer, i moved usr.sbin.mysqld and slapd out of /etc/apparmor.d before the reboot... a bit troublesome if that should lock up again :-)
<torkel_> remote server
<sommer> torkel_: did you restart apparmor after moving them?
<torkel_> sommer: invoke-rc.d froze.. but I didn't loose connectivity. Then I tried moving usr.sbin.slapd out first and restart it... same problem. Then I did move usr.sbin.mysqld out and I lost connection
<torkel_> won't do more errorresolving before I'm at the location physically myself :)
<ere4si> akuma55: you can install desktop ubuntu and run server from that while you learn
<sommer> torkel_: ah, I'd suggest reading the apparmor section in the serverguide: https://help.ubuntu.com/8.04/serverguide/C/apparmor.html
<sommer> torkel_: I'd try moving the profiles back, then placing apparmor into complain mode
<sommer> torkel_: I've never tried simply moving the profile files, so I'm not sure what effect that has
<torkel_> sommer, thanks will do! After I'm finished reading this openldap documentation. I haven't checked apparmor yet, but it seemed similar to something openbsd had/has
<sommer> I'd think it wouldn't be a big deal though
<torkel_> sommer: something that profiled applications and a set of rules you could build out of that profile... some sort of
<sommer> torkel_: sort of, it's a mandator access control security app
<sommer> similar to selinux, but not quite the same... as I understand it
<torkel_> a bit simpler and therefor more effective
<sommer> basically it keeps daemons that are profiled from accessing directories and files that it shouldn't
<sommer> torkel_: yep :)
<sommer> but one disadvantage is that if you're learning a new app it's one more thing to troubleshoot, heh
<torkel_> true, you can allways start with not so tight rules and tighten  them as time goes on
<torkel_> selinux seems to complicated for my taste, to much hassle. AppArmor looks good enough and maintainable
<sommer> yeppers, plus once you've learned the app and apparmor it's probably better for the long run
<torkel_> but first openldap! :) trying to get postfix, courier, apache, trac and zope all authenticating against the same tree
<sommer> there's a pretty basic openldap section in the ubuntu serverguide, and I'd recommend the ldap sys admin book from oreilly
<torkel_> got one from packt publishing, mastering openldap
<sommer> torkel_: heh, was just going to mention that one :-)... that's a great book as well
<sommer> more updated than oreilly's
<torkel_> each time I visit openldap I h ave to find documentation, will try to learn it  better this time :D
<sommer> I found that once you get your configs down, and learn the cli utilities it's not too bad
<sommer> also very usefull to know a scripting language perl, python, etc and how to manipulate ldap entries using scripts
<torkel_> sommer: know of any documentation on how to structure your ldap database? addressbook, dns, email, etc..
<sommer> torkel_: aside from those books not really, but I think the default schemas in /etc/ldap/schemas will give you those attributes
<sommer> in my production ldap server I use the samba and sendmail schemas also, but you may not need those
<torkel_> sommer: I'll figure it out then :) Was more think like best practices or something similar. Will try to store as much information as possible in the database.
<sommer> torkel_: ah, for mine I put similar accounts into ou's... ou=faculty ou=students ou=computers etc
<sommer> but as long as your objects have the attributes you need, you should be good to go
<kettlepot> hi
<kettlepot> can anyone reccomend me some free xwindow software to use with my ubuntu server?
<kettlepot> i'd like to have access to the gui every now and then when i remote in
<ere4si> I like fluxbox - it's light
<Deeps> on windows, xming
<Deeps> on linux, xorg
<gouki> I think he wants remote connection.
<Deeps> alternatively, use vncserver + vnc
<kettlepot> actually i am probably using the wrong word :) In work I'd use exceed on solaris
<kettlepot> which is listed as xwindows
<Deeps> xming
<kettlepot> great, thanks:)
<AtomicSpark> so when i installed the server this time, i put a random un-routable domain (.local) in when it asked for it. i'm curious, is it really necessary to set up dns on the server if you're only using it in a workgroup environment? my network is a mix of linux and windows clients and they just use the server as a samba file share.
#ubuntu-server 2008-05-04
<prey_alone> RubyGems runs really slowly on my Ubuntu server. I've done gem update --system, but it still takes some thirty minutes to get SQLite or even JSON.
<flyingparchment> i'm having problems install 7.10 on a sparc enterprise T5120 - it's hung twice during package installation.  is this a known issue?
<Deeps> urr
<Deeps> i dont think sparc is supported, only x86 and 64bit amd/intel
<flyingparchment> if it wasn't supported i think the installation would stop a little bit earlier than that ;)
<flyingparchment> it's not supported in 8.04, but 7.10 is
<Deeps> true
<flyingparchment> hmm.. maybe this time it didn't hang, it just took an hour to get past whatever it was doing
<Deeps> alt+f4
<Deeps> switches you to the logging vt
<flyingparchment> serial console
<Deeps> oh, heh
<flyingparchment> the system doesn't even have a graphics card ;)
<flyingparchment> heh, managed to install it, now i get segfaults while compiling php.  guess the T2 isn't quite supported yet ;)
<cody-somerville> Woot. :)
<cody-somerville> I got work to use Ubuntu on its two new servers. <g>
<cyris|> Hey everyone.  I've just finished installing cups. I've added a printer and now want to push drivers to windows clients. i'm running the command cupsaddsmb -a but it seems to just hang after I enter my root password, any ideas?
<cyris|> The server is a p3 900mhz
<cyris|> running 8.04
<cody-somerville> cyris|, I've never set that up before but I found a pretty comprehensive tutorial: http://www.enterprisenetworkingplanet.com/netsysm/article.php/3621876
<cyris|> cody-someville thanks I will take a look.
<cody-somerville> Where is the survey described at https://wiki.ubuntu.com/ServerTeam/Survey/Launch ?
 * nealmcb hopes atomicsparc doesn't run into avahi problems with his own .local domain....
<osmosis> what time would /etc/logrotate.d/apache2  run?
<hads> osmosis: It's run from /etc/cron.daily/ which is defined in /etc/crontab as 25 6    * * *
<hads> (it being logrotate)
<hads> In case you arent familiar with cron, that means 0625 every day.
<hads> What's the way to keep guests clocks in sync with KVM?
<hads> s/the way/the recommended way/
<osmosis> hads:   can you tell me what this means?
<osmosis> 0,10,20,30,40,50 * * * * www-data [ -x /usr/lib/cgi-bin/awstats.pl -a -f /etc/awstats/awstats.conf -a -r /var/log/apache/access.log ] && /usr/lib/cgi-bin/awstats.pl -config=awstats -update >/dev/null
<osmosis> I dont understand what the whole part in brackets is for.
<hads> osmosis: [ is an alias for the test command (a builting in bash or executable in sh). You can get information about builtin commands by using help, e.g. help [ or help test
<hads> Basically it's doing a bunch of tests before it runs the script (after the &&). Making sure files exist and are executable etc.
<osmosis> hads: I had to remove that block because it was stopping it from working.
<hads> I assume one of the tests was failing then. They're probably there for a reason :)
<osmosis> hads: good point
<osmosis> hads: it was just bugging me that it wasnt working, but now that I know it works, maybe ill reinvestigate
<osmosis> hads: one of the issues im having right now is if the first cron process doesnt finish within 10 min, it launches another and they start overlaping.
<hads> osmosis: I don't know that much about awstats really.
<sten_> Hi.  anyone here?
<LMJ> question around fetchmail/procmail : fetchmail pick up my emails from a remote pop3 server but delivery them on /var/mail/~ instead of the rule i've put in /etc/procmailrc to put them in ~/mail/INBOX  do you know where could be the issue ?
<_ruben> LMJ: apparently fetchmail is doing the local delivery itself, and not using procmail to do so, its probably a configuration setting somewhere (in fetchmail)
<LMJ> hum, let me see _ruben , thanks
<Kamping_Kaiser> \o/ got anonftparchive syncing
<LMJ> strance _ruben, I can't see any fetchmail information to configure it on that way
<_ruben> http://www.ilkertemir.com/document/fetchmail-procmail.html .. first link on google for "fetchmail procmail"
<_ruben> the "mda" option seems to be what you're looking for
<Kamping_Kaiser> is packages.u.c running like treakle for anyone else?
<nrpil> hello people, i'm trying to install ubuntu server edition but the installer cannot find the package efi-modules
<nrpil> i've looked on the cdrom and it's indeed not there, it's not even an ubuntu package, it is however a debian package
<nrpil> could someone help me ?
<Deeps> !info efi-modules
<ubottu> Package efi-modules does not exist in hardy
<Deeps> sounds like it could be a bug assuming you're attempting to install a hardy server
<Deeps> have you looked on launchpad to see if there are any other reports of thi?
<nrpil> Deeps: yes i did, one moment
<nrpil> Deeps: https://bugs.launchpad.net/ubuntu/+source/debian-installer/+bug/144207
<uvirtbot> Launchpad bug 144207 in debian-installer "gusty installation failed with "Hash Sum mismatch"" [Undecided,Invalid]
<nrpil> Deeps: same error so i can conferm it's still valid
<nrpil> confirm
<Deeps> same error? "DEBUG: resoluver (efi-modules): package doesn't exist (ignored)" ?
<Deeps> that's not actually the error being reported btw
<Deeps> and infact, that's not a show-stopping error
<Deeps> "Failed to fetch cdrom:[Ubuntu 7.10 _Gutsy Gibbon_ - Release i386 (20071016.1)/pool/main/x/auth/xauth_1.0.2-0ubuntu1_i386.deb Hash Sum mismatch" is the error being reported here, and chances are that's due to a defect on the CD
<Deeps> (the physical media)
<nrpil> Deeps: i've tested the cdrom
<Deeps> you need to find your actual error
<nrpil> Deeps: and it is a showstopper, since i cannot continue
<Deeps> as that efi-modules line, if it's as mentioned in the bug report you've listed, is not an error
<Deeps> but rather some debug output (notice the "ignored" at the end of the line)
<Deeps> look higher up for what's stopping you
<nrpil> ok, one moment
<nrpil> i also see a bad md5sum but i tested the cd ?
<Deeps> it's all about context, if the md5sum error results in more significant failures, then i'd recommend reburning
<Deeps> compare the md5 of the iso with that listed on the download page
<Deeps> before reburning
<nrpil> Deeps: ok, i'll download it again, md5sum it and burn it, seems like the cd test isn't doing what i expected
<nrpil> Deeps: thanks !
<Deeps> np
<digitalspaghetti> Hey folks, I'm trying to upgrade my remote server to 8.04, but at the moment I keep getting this issue:  http://dpaste.com/48175/
<digitalspaghetti> i've run aptitude clean and i also ran  dpkg --configure -a
<ogra> did you use th eupdate-manager as recommended ?
<digitalspaghetti> orga, i used do-release-update, as it's a CLI server, no X on it
<ogra> apt and aptitude wont do the right thing here, its expected that you have to install stuff manually alongside and work aournd probs
<ogra> right
<ogra> thats the cli variant
<ogra> (still update-manager though :) )
<digitalspaghetti> i did try that first, but when i broke, i tried to use aptitude full-upgrade
<digitalspaghetti> when i do update manager, i get a different, but similar error:
<ogra> did you update to the patest packages before starting (from gutsy-updates) ?
<ogra> *latest
<digitalspaghetti> http://dpaste.com/48176/
<digitalspaghetti> yes
<ogra> hmm, that looks like the volid package was corrupted during download or so
<digitalspaghetti> i've cleared out the package cache
<ogra> (the locale warnings are ok)
<ogra> well, the package cache only hodls the debs
<ogra> *holds
<digitalspaghetti> also, i had issues yesterday because my server is only 256mb, and i kept getting a seg fault when running it
<digitalspaghetti> i had my server upgraded to 1gb today to run the upgrade
<ogra> what you look for is the .list file for volumeid in /var/lib/dpkg/info/
<digitalspaghetti> ok
<ogra> hmm
<cody-somerville> If there is a website that has register globals enabled and there is a page that checks to see if "sql" is set in $_GET and if so doesn't set $sql but later executes $sql, what is the quantified risk acknowledging that there are no form inputs that pass sql via GET to this page?
<ogra> but such a package doesnt even exist
<digitalspaghetti> you want me to remove it?
<ogra> i wonder where it comes from first place
<ogra> apt-cache madison volumeid
<ogra> what does that give you ?
<digitalspaghetti> nothing
<ogra> weird
<ogra> do you get it as well if you try to remove evms-ncurses manually ?
<digitalspaghetti> yes :/
<ogra> grep volumeid /var/lib/dpkg/info/evms-ncurses.list
<ogra> ?
<digitalspaghetti> nope, nothing - the file just contains some paths, thats it
<ogra> dpkg -l evms-ncurses ?
<ogra> grab the package with the right version  from http://archive.ubuntu.com/ubuntu/pool/main/e/evms/ and manually install it with dpkg -i, then try again
<digitalspaghetti> http://dpaste.com/48177/
<ogra> could it be that you ran out of diskspace or so during the upgrade ? that would explain the corruption
<digitalspaghetti> no, got unlimited diskspace
<digitalspaghetti> i downloaded the .deb for my system, still getting the error
<digitalspaghetti> http://dpaste.com/48178/
<ogra> the thing is that there is never been a package like "volumeid" ever in ubuntu, i dont understand why it looks for it
<ogra> do you have any non ubuntu entries in your sources.list ?
<digitalspaghetti> i'll check
<digitalspaghetti> nope, just standard hh updates
<ogra> hmm, could be realted to https://bugs.launchpad.net/ubuntu/+source/update-manager-core/+bug/217574
<digitalspaghetti> i just pointed my sources back to gutsy, and tried aptitude update && aptitude upgrade, and now i get the same error with a different package :/
<uvirtbot> Launchpad bug 217574 in update-manager-core "Could not calculate the upgrade" [Undecided,New]
<digitalspaghetti> removing /var/lib/dpgk/info seemed to do it
<dmnd> hi
<dmnd> are there vserver kernel images for 64 bit cpu's available?
<dmnd> hi
<ctx144k> hello all
<ctx144k> is there a way to start own scripts while startup/shutdown in ubuntu-server?
<ctx144k> something like autoexec.bat under dos
<Kamping_Kaiser> crons @reboot option?
<Kamping_Kaiser> or create an init script
<ctx144k> is there existing a ready script for that?
<ctx144k> cause, i dont want create something what is already existing
<AlexC_> hey all
<Kamping_Kaiser> yes. .. crontab
<AlexC_> if I get something like this in my logs: 'su[28535]: Successful su for tangocms by root' that means that 'root' switched user to 'tangocms' correct?
<Kamping_Kaiser> and perhaps /etc/rc.local
<mralphabet> AlexC_: yes
<AlexC_> mralphabet, thanks
<ctx144k> Kamping_Kaiser, thx
<Kamping_Kaiser> ctx144k, np
<AlexC_> how can I get the disk-space usage via CLI?
<Nafallo> df -h
<AlexC_> thanks,
<osmosis> how do I get the uuid for a disk, for the fstab ?
<blue-frog>  vol_id /dev/sda1
<AlexC_> guys, I've got a really weird problem with 'tar'. I am running this as root:  # tar -xzf php-5.2.6.tar.gz  and I am getting an error similar to this for every single file in the archive:  tar: php-5.2.6/CREDITS: Cannot change ownership to uid 1002, gid 1002: Disk quota exceeded
<AlexC_> why on earth is it trying to change the ownership to 1002?
<hattrick> why is your disk quota exceeded?
<hattrick> guys...is munin not working out of the box on ubuntu 8.04?
<AlexC_> hattrick, no, it is no where near. I am using 2.1gb out of 30gb
<hattrick> usermod -u 1002
<hattrick> usermod: user 1002 does not exist
<AlexC_> ...
<hattrick> anyone using munin?
<blue-frog> AlexC_: what is   quota    saying?
<AlexC_> blue-frog, Disk quotas for user root (uid 0): none
<AlexC_> blue-frog, this is on a VPS, I have contacted them and they are looking into the issue. I just thought I'd ask here to see if I can help solve it
<Deeps> AlexC_: any quotas for uid 1002 and/or gid 1002?
<AlexC_>  /dev/simfs   51200*  51200   51200            5619       0       0
<Deeps> that'll be the problem then
<Kamping_Kaiser> anyone here used anonftpsync? i was wondering if you'd customised it to only mirror selected releases
<fromport> kamping_kaiser: i'm using anonsync. But it's all in the script itself, isn't it ? I'm basically mirroring only i386/amd64.
<Kamping_Kaiser> fromport, my problem is i only want to mirror dapper+hardy, but it seems i can only filter out arches, not releases
 * Kamping_Kaiser is trying to think of the best way to hack around it
<Kamping_Kaiser> i think i have one, but it'll be ugly :)
<Kamping_Kaiser> fromport, i assume your mirroring all releases?
<AlexC_> hey,
<AlexC_> Deeps, sorry, lightning took out my router. Did you get my message?
<Deeps> nope
<AlexC_> Deeps, I said that is only half the problem - why is it trying to change ownership to 1002?
<Deeps> that'll be defined within the tar file
<Deeps> and being root, it's able to do that
<AlexC_> wait, what? The tar file can specify what ownerships the files should have, if it can do?
<Deeps> i believe so
<AlexC_> O_o
<Deeps> there'll be a flag (archive i guess) to preserve ownership and permission settings
<AlexC_> ah
<AlexC_> ok, that makes sense - going to work with that now
<fromport> kamping_kaiser: yes all releases: 125G    /archive/pub/mirror/ubuntu/
<Kamping_Kaiser> fromport, ok. thanks for that :)
<AlexC_> Deeps, thank you so much, this was the cause. Applying the --no-same-owner flag worked great on the tar command
<Deeps> :)
<_ruben> Kamping_Kaiser: dunno about anonftpsync, but debmirror can filter on arch/release/pool/etc
<Kamping_Kaiser> _ruben, thats what i've used so far, but i need all the extra dirs like /tools/ /doc/ etc for cd building
<_ruben> ah
<Kamping_Kaiser> so i'm going to try and leetly haxor (read: ugly hack) anonftpsync so it only downloads the releases i want
<_ruben> ;)
<Kamping_Kaiser> ;)
<AlexC_> where would be the best place to put PHP 5.2.6 in? /usr/local/php-cgi and /usr/local/php-cli ?
<mouser25> Hello, Im looking at setting up an e-mail server to replace microsoft exchange and was wondering what my options where on keeping personal address books synced to the server?
<carignou> hello
#ubuntu-server 2009-04-27
<uvirtbot> New bug: #366691 in openldap (main) "package slapd 2.4.11-0ubuntu6.1 failed to install/upgrade: " [Undecided,New] https://launchpad.net/bugs/366691
<storrgie> how can I update from 8.10 to 9.04?
<storrgie> what command
<zoopster> storrgie: http://doc.ubuntu.com/ubuntu/serverguide/C/installing-upgrading.html
<furythor> can anyone help me to see if my lan http server works now as intented
<furythor> please visit this http://88.113.71.221/index.php and say if you see a drupal site behind it
<ScottK> furythor: It says test site ..... Welcome to your new Drupal website!
<uvirtbot> New bug: #367683 in php5 (main) "php5 not installing properly on 9.04 Jaunty  Jackalope" [Undecided,New] https://launchpad.net/bugs/367683
 * lamont is pretty sure that 367635 isn't postfix
<captainkirk> Hey, anyone know where I can get OpenNAS download from?
<Asphalt>  Hey all, yesterday I setup a Samba server which authenticates over LDAP (basically emulating a Windows DC) Everything is going well, but excel files are not saving with the permission that they are being opened with.  I am sure this has to do with a setting in Samba config, can anyone point me in the right direction to help?
<captainkirk> Has anyone had any experience building a NAS using ubuntu?
<captainkirk> i have been looking for  a prebuilt distro for a nas system, but have not found anything that will run samba as PDC for windows clients...?
<captainkirk> can anyone give suggestions for web based admin for ubuntu server... i have been using webmin successfully, but any thing else to consider?
<ScottK> ebox
<friartuck> captainkirk don't use webmin. https://help.ubuntu.com/community/eBox
<captainkirk> ok... looking into ebox now.. thanks.
<captainkirk> is ebox a complete distro... or an add on?
<dholbach> hi guys
<dholbach> thought you guys should know that ivoks is on http://hall-of-fame.ubuntu.com and might want to click on the "Thank Ante!" link :)
<ajmitch> done
<dholbach> :-)
<uvirtbot> New bug: #367769 in freeradius (universe) "freeradius init script not consistent with radiusd.conf" [Undecided,New] https://launchpad.net/bugs/367769
<cybersplice> Morning.
<uvirtbot> New bug: #296673 in samba (main) "Nautilus failes connecting to IOMEGA NAS Drives!" [Undecided,New] https://launchpad.net/bugs/296673
<NineTeen67Comet> Hi all. I'm helping a friend get a music studio up and he would like to provide G and N wifi to his customers (with login) as well as run his web server in house (building) via fiber ISP provided internet. Does anyone have suggestions for how to hook this up? I suggested the WRT54GL with Tomato inside for G, what ever he wants for an N router and a switch connected right to the fiber box. Good? bad?
<cybersplice> You want the switch connected to the router / firewall, and the firewall / router connected directly to the fiber.
<cybersplice> Generally, fiber is provided as raw ethernet if it's not presented as bare fiber.
<cybersplice> You could do it all with an Ubuntu server, if you wanted. :)
<NineTeen67Comet> Yeah the fiber comes in then goes to a CTU (basically a router) with 4 ports on the back. In my house (We're in Japan) I only use one port to my WRT54GL then that goes to a WRT54G v6, web server, 8 port HUB and our Vonage.
<NineTeen67Comet> GRIN I told him we could build a router box/computer for him. He said an Ubuntu-server web server would be fine (He has heard about my up times and loved it).
<cybersplice> You could, for example, use a box for firewall / router /webserver, firewall it with fwbuilder (nice gui), and use some kind of simple radius setup for NAC if your wireless APs support it.
<cybersplice> Also: Lucky git for having fiber at home :D
<NineTeen67Comet> Well, the only hardware he's purchased so far is the WRT54GL (I just love that thing with Tomato) and a web server (couple year old HP). I told him I would pick you guys brains for network ideas to get his building setup.
<cybersplice> Wouldn't need any more hardware.
<NineTeen67Comet> Yes fiber in the house .. AWESOME! .. Setting it up took some magic and a little PPPoE action (hate that but it's nice).
<cybersplice> iptables is built into the kernel, and is probably one of the most competent firewalls on the market, even when compared to things like FW-1 and Pix.
<NineTeen67Comet> He wants N service too .. so we'll need an N router (WRT310N is what I suggested to him)
<NineTeen67Comet> cybersplice: I'll peek into it. I tried using RH8 back in 2002'ish as a router and failed miserably .. ended up using some gui to get it up but it never worked "great".
<cybersplice> NineTeen67Comet: It's really quite simple these days.
<cybersplice> google fwbuilder.
<NineTeen67Comet> huh, think I might take one of my extra boxes and built a router test box. The more *nix in my life the better ..
<NineTeen67Comet> cybersplice: so basically I could go fiber/Ubuntu Server - fwbuilder with several NICs inside then hook an N router, G router and the web server to it? .. that'd be a nice one.
 * NineTeen67Comet maybe 3 NICs .. web server, n router and g router
<kinkie> Hi all. I have a kubuntu jaunty installed on a physical partition (/dev/sda1) which I'd like to move to a lvm-backed rootfs. So far I'm failing, any hints on how to do it? Thanks!
<kinkie> (note: the LV is already set up and filled with data. The part I'm having trouble with is initramfs)
<cybersplice> why do you want seperate N and G routers?
<cybersplice> NineTeen67Comet: Yes, you could.
<cybersplice> It'd be fairly simple.
<NineTeen67Comet> well if he uses an N router and a G person hooks on it'll drop all to G .. if he uses one each he can keep his N notebooks on the N and the G on the G ..
<NineTeen67Comet> His studio is all Mac (well, the occasional MS stalker peeks in, but usually not for long) .. and I'm the Linux guy so he's getting an Ubuntu server and two Ubuntu workstations.
<NineTeen67Comet> minimal .. then he'll all his stuff after I'm done
<cybersplice> Fair enough. dnsmasq for dns requests, iproute for routing, fwbuilder on a workstation for firewall policy config
<cybersplice> there are loads of guides and examples on the fwbuilder website, and some ready made policies in there
<cybersplice> oh and you'll want a dhcp server i suppose
<NineTeen67Comet> doesn't the fwbuilder box need several network cards though? to act as a router anyhow?
<cybersplice> Yes, but that's not a problem.
<cybersplice> :)
<cybersplice> Especially in Japan
<NineTeen67Comet> thanks for the ideas cybersplice .. I'm on the lookout now .. hehehe .. I've got a lot of extra computers laying around .. perfect candidates for a router ...
<NineTeen67Comet> I've got to go for a bit but thanks again.
<NineTeen67Comet> oh, and thanks for the PM .. headed there now
<incorrect> auth-client-config profiles don't seem to have the same file format any more,
 * kinkie is away: Stuff to do, people to see...
<Doble> im trying to install ubuntu server 9.04 on a Dell PowerEdge R200 server, and at the end of the install I recieve the error "Unable to install grub in (hd0) - Executing grub-install (hd0) failed. This is a fatal error"
<Doble> I'm new to linux but have done a few installs before and have never seen this so I don't have a clue what to do ... help anyone?
<Doble> it seems that installing the LILO boot loader doesn't have a problem, could a BIOS setting cause that?
<Doble> could it have something to do with the fact that I'm using LVM?
<Kamping_Kaiser> why did grub install fail?
<soren> Doble: Did you use the guided partitioning thing?
<Doble> soren: yes
<soren> Doble: So you have a separate boot partition.. Then it should work fine.
<Doble> Kamping_Kaiser: Sorry, it doesn't give me any more information than what I gave above
<Doble> soren: yes, a 255mb /boot partition
<soren> Doble: Could you jump to vt4 (by pressing alt-f4) and see if there's any interesting error messages there?
<Doble> soren: I just used LILO to see if it would work, so I'm just loading the install again, give me a minute and I will try that
<Doble> should I use LVM? my server is already at capacity, it has room for 2 hard drives, and im already using 2x 1.5tb drives, is there any benefit to using LVM as I have no experience with it
<Doble> 2x1.5tb in a RAID 1 controlled by a SAS card I should note
<soren> Yes.
<soren> You want lvm.
<Doble> alright, it's formatting now
<Doble> Kamping_Kaiser: okay i have the error now, it reads "The file /boot/grub/stage1 not read correctly." - "error: Running 'grub-install --no-floppy "(hd0)"' failed."
<Doble> there's also one a bit further up the log that reads "You shouldn't call /sbin/grub-install. Please call /usr/sbin/grub-install instead!"
<Kamping_Kaiser> Doble, where are you seeing that error?
<Doble> i hit Alt+F4 and its the most recent entry in the log
<Kamping_Kaiser> ok. good.
<Kamping_Kaiser> if its grub1 , afaik it doesnt support LVM
<Kamping_Kaiser> so unless /boot/ is off the lvm, you'll need to learn lilo
<Doble> .
<Doble> boot is off the LVM - I used guided partitioning and it created the lvm with two partitions and then /boot was on a partition of its own outside the LVM
<Kamping_Kaiser> grub should handle that then. if you hit ctrl+2 you'll get a console. does 'mount' show /target still mounted?
<Doble> how do i get back to the installer ? I'm still in the alt-f4 menu
<Doble> ctrl+2 just gives me weird characters
<Kamping_Kaiser> er, alt+f2 sorry.
<Kamping_Kaiser> alt+f1 will get you back to the installer
<Doble> okay, i've got 'busybox built in shell'
<Doble> when i type 'mount' I get about 10 lines of info, what do you need to know?
<Kamping_Kaiser> is /target moutned
<Doble> yes, there's a few references to target
<Kamping_Kaiser> if you `ls /target/boot/` is there anything in there?
<Doble> yes, about 10 files again, one of them is grub
<Kamping_Kaiser> thats probably a folder
<Doble> yep, it is, has a lot of files in it too :)
<Kamping_Kaiser> i'm bemused that /boot/ has 'about 10 files', 5+grub directory is the norm. wonder if its grub 2
<Doble> well when I was running the installer before, it gave me the option to try grub2, but I picked grub1 and it still didn't work
<Doble> so any ideas ?
<Kamping_Kaiser> fraid not. I've not used 9.04 , so i'm not at all familiar with its eccentricities.
<Doble> i might try it without LVM
<Doble> are there any downsides to using LILO instead of GRUB? I dont know much about either.
<Kamping_Kaiser> lilo is close to EOL
<Kamping_Kaiser> (in debian)
<cybersplice> People still use lilo?
<Doble> Kamping_Kaiser: sorry, that doesnt mean a lot to me :)
<Kamping_Kaiser> Doble, End of Life
<Kamping_Kaiser> cybersplice, indeed, some by choice!
<cybersplice> Wow!
<Doble> Kamping_Kaiser: ahh ic, thanks
<cybersplice> It took me ages to make myself switch to grub.
<Doble> interesting - if i run the install without LVM, the grub bootloader installs without any errors
<timmillwood> I have just got a new dell rackmount server and want to put Ubuntu on there, is the best way of doing it to plug a monitor, keyboard and mouse up to is and pop the CD in.
<sommer> timmillwood: that's what I usually do
<Doble> while we're on the topic of dell servers, i have a poweredge R200 at home, I'd like to be able to put it into standby or power it down in some way when I'm not using it, but I need to be able to power it back on again remotely when I need to, is there a way of doing that with ubuntu?
<uvirtbot> New bug: #367959 in postfix (main) "Issue if installed by gdebi as a dependency" [Undecided,New] https://launchpad.net/bugs/367959
<Omahn> Could anyone tell me what the correct format is for the grub-installer/bootdev line when preseeding a RAID1 install?
<Omahn> (in Hardy LTS)
<ehazlett>  i am testing eucalyptus on ubuntu-server and keep getting this error when trying to start: An attempt by a client to checkout a Connection has timed out. any ideas?
<timmillwood> sommer: thanks, guess I'll have to look for a cheap monitor, keyboard and mouse as everyone in the office either has laptops or iMacs.
<zoopster> ehazlett: might be better off asking that in #ubuntu-cloud
<ehazlett> zoopster: thx
<a_c_m> i have a mount command (to mount a folder, instead of using ls) which i need to run at startup, but it needs to run after other mount commands. If it just put it in rc.local that should be fine right?
<ball> a_c_m: why not put it in fstab?
<a_c_m> ball: could do, not that familar with fstab :)
<a_c_m> + little confused as the other mounts in the system dont seem to be there
<a_c_m> its on a xen cloud
<Doble> how can i check my server's vital info like CPU temperature ?
<a_c_m> which may add to the confusion
<ball> a_c_m: I'm new to Linux, but in most unices that would be the place to put it.
<a_c_m> thanks ball, its where i would assume you put it too - but the disk its mapping the folder for, isnt there and i dont want to try to map a folder on a drive which hasnt yet been mapped itself :)
<ball> I'm a bit confused by "folder" too.  What are you doing?
<ball> Is this a network share from a Windows machine?
<ball> ...or an actual disk drive?
<jurjenst> Doble: cat acpi/thermal_zone/THRM/temperature
<jurjenst> does that help?
<jurjenst> in /proc
<ball> temperature:             33 C
<ball> woohoo!
<ball> I never had that work before.
<ball> jurjenst: thanks a lot for that.
<jurjenst> ball: np
<Doble> jurjenst: sorry, when I go to /proc/acpi/thermal_zone the directory is empty
<jurjenst> doble: staat /etc/init.d/acpid gestart? die is waarschijnlijk hiervoor nodig
<jurjenst> doble: sorry was reading the site in dutch.. the deamon is probably needed for that
<Doble> okay, i've started the daemon
<Doble> still nothing in the thermal_zone directory
<ball> Doble: is this an old machine?
<Doble> ball: no, its a brand-new Dell PowerEdge R200
<ball> Doble: so much for that theory then
<Doble> :)
<Doble> nevermind, i have to head to bed
<Doble> thanks folks, ciao
<henkjan> bah, nrpe ignores ""
<jurjenst> hmm.. there is a open bug: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/120615 about other people with this problem
<uvirtbot> Launchpad bug 120615 in linux-source-2.6.20 "/proc/acpi/thermal_zone/ folder empty" [Undecided,Won't fix]
<jurjenst> the won't fix is for an older kernel version :)
<reid> hmm, can anyone give me an idea why my server load would be 18.91, yet neither of my processor's seems to be working very hard?  lol
<reid> ie. under 20% capacity according to htop
<cybersplice> reid: isn't load an average of memory, cpu, and free disk space?
<ikonia> reid: it's an average snapshot
<ikonia> reid: it will go down with time if your server is no longer busy
<_ruben> cybersplice: not free disk space, but disk io does play a role :)
<cybersplice> _ruben: I can never remember.
<cybersplice> I just hit it until it works...
 * cybersplice has been hitting pacemaker for days.
<uvirtbot> New bug: #367993 in ipsec-tools (main) "nfs howto under ubuntu  has a bug in the Client section" [Undecided,New] https://launchpad.net/bugs/367993
<uvirtbot> New bug: #368036 in php5 (main) "php5-gd imagecolorset no longer working properly after upgrade to 9.04" [Undecided,New] https://launchpad.net/bugs/368036
<uvirtbot> New bug: #368044 in openldap (main) "slapd crash when using SQL backend" [Undecided,New] https://launchpad.net/bugs/368044
<uvirtbot> New bug: #366078 in likewise-open (main) "likewise-open breaks all logins during/after upgrade to Ubuntu 9.04" [Undecided,Incomplete] https://launchpad.net/bugs/366078
<bn43> hi all I have removed ebox from my intrepid server and having a problem logging in - takes a while to log in after password entered - auth log shows something along the lines of CRON[#] for various lines before session opened - can someone help?
<uvirtbot> New bug: #366064 in samba (main) "package samba-common 2:3.3.2-1ubuntu3 failed to install/upgrade: " [Undecided,Invalid] https://launchpad.net/bugs/366064
<c_korn> hello, this is the output of ssh -vvv when I want to connect to a server with pubkey authentification. I transfered the public key to the server using ssh-copy-id. http://paste.ubuntu.com/159515/ especially the line "we did not send a packet, disable method" confuses me
<genii> c_korn: Does ~/.ssh/identity                    file exist? (lin 94 of paste suggests not)
<c_korn> genii: local or on the server?
<genii> c_korn: On the box you are ssh-ing out from
<c_korn> genii: no, it does not exist
<Ethos> Can anyone recommend a decent irc bouncer for ubuntu?
<awkfu> ..
<bn43> hi I am redoing a server that had software raid on it - I now want to resize the raid partitions but partitioner is not allowing me to remove/delete existing partitions - why is this?
<Nafallo> because they are in use? :-
<Nafallo> )
<bn43> Nafallo: but I am boot off a cd
<Nafallo> ah. was just guessing based on the information I had :-)
<bn43> ok how do I get them off use?
<Nafallo> check that I was right first? :-)
<bn43> oh ok - no - I am boot off a server cd and redoing the partition tables
<bn43> is there a way I tell the partitioner to wipe the existing partition tables and start afresh?
<jmedina> bn43: use wipe command :D
<jmedina> or you can use dd
<jmedina> :D
<bn43> I am currently on the install screen
<bn43> go into another console?
<jmedina> why not remove the partitions from the partition tool?
<bn43> jmedina: it is not allowing me]
<bn43> 'there was an error deleting the multidisk device. it maybe in use'
<jmedina> multidisk device?
<jmedina> what is htat?
<bn43> yeah I previous had a software raid setup on the disks
<Nafallo> hmm
<Nafallo> I need to do some funky stuff with my raid stuff once I get a sane quote
<Nafallo> I guess a plan would be to degrade the current mdraid and then create a degraded hardware raid and start moving stuff over.
<Nafallo> then make the new hardware raid rebuild with the information on there.
<Nafallo> and hope customers won't overload the server during the rebuild ;-)
<bn43> ok discovered that if I redid the patitions in new size software raid and did not touch existing software raid configuration it went ahead
<bn43> strange
<bn43> hi I'm using software raid on a pc and have gotten right the disabling drive and system boots off the remaining disks - I've read however that disconnecting a drive while live does not keep system live - you have to reboot -anyone had experience here?
<hagedorn> hey, its possible to suppress apache2 internal server error delivery and instead of error 500 sent nothing ?
<gewt> i find it weird i have no flopy block device.
<gewt> i have no /dev/fd0...
<gewt> any clues why I wouldn't?
<gewt> the floppy kernel module doesn't exist...
<gewt> er
<gewt> it says no such device rather
<gewt> oh eyah...
<gewt> i disabled the floppy drive
<uvirtbot> New bug: #367679 in nagios3 (main) "/etc/init.d/nagios3 status returns 0 if nagios isn't running" [Low,Confirmed] https://launchpad.net/bugs/367679
<johnny5> Hi guys. I'm getting some slow network response from an ubuntu server running inside vmware. Anyone know if I can test if it's reverse ip lookups or something to that effect that's causing it?
<jcastro> mathiaz: ~23 minutes?
<mathiaz> jcastro: I'm all set :)
<jcastro> \o/
<ar> wello
<theuser1_> i just purchased a domain . i want to link it with  my website and then creat a link for my ircd irc server . how do i do that?
<jmedina> theuser1_: configure a DNS server, you can use bind9
<jmedina> theuser1_: there are instructions in ubuntu server guide
<dasunsrule321> I could use some help with POSTFIX & DOVECOT
<dasunsrule321> I try and run telnet hostname 25 and immediately get kicked
<theuser1_> jmedina:  how to configure. whats bind9?
<dasunsrule321> Have ran through the guide in chap 12
<dasunsrule321> 13
<jmedina> theuser1_: read ubuntu server guide
<theuser1_> jmedina: iam talking about the .com dsn end. not the server
<theuser1_> jmedina:  how to control the control pannel
<theuser1_> jmedina: how to make records. or enter host names/ips
<jmedina> control pannel?, this is not cpanel support
<theuser1_> where cani ffind one
<mathiaz> theuser1_: you should probably ask the company you've purchased your domain from.
<theuser1_> ok
<jmedina> theuser1_: I think I dont understand, probably you need to ask your registar about that
<uvirtbot> New bug: #368273 in samba (main) "Jaunty 9.04 Blind to XP's Shared Network Printer" [Undecided,New] https://launchpad.net/bugs/368273
<friartuck> how to automagic install suggested packages with apt-get?
<jmedina> friartuck: are you sure you want that?
<friartuck> jmedina just for one time, don't want to edit apt-conf. is there a switch? can't find one.
#ubuntu-server 2009-04-28
<tchough> i need to run a process at boot.  is there i guide somewhere that can help me determine the appropriate combination of runlevel and sequence numbers to feed init?
<tchough> also, is there a log that records the success/failure of init scripts at boot time?
<W8TAH_2> hi guys -- this is prolly a super dumb question --but im stressed and not able to figure it out --- i just compiled charybdis-IRC on a ubuntu server -- i assumed it was going to put an init script in which it didnt -- now im a bit unsure how to start the thing -- can someone lend a hand?
<W8TAH_2> nm -- found it
<W8TAH_2> sorry for the noise
<captainkirk> how easy (or difficult) is it to relocate ubuntu server to new hardware.... or should i build a virtual machine as server
<captainkirk> i need to build a new temporary server to be relocated to new hardware in the future
<captainkirk> is it easy enought to do a direct install and relocate, or should i use a virtual machine platform?
<ScottK> captainkirk: Easy enough.  When I've had older hardware that woulnd't boot a CD, I install in one machine and move the hard drive.  I've never had a problem with it.
<captainkirk> scottk: ok, so the 'old' hardware i will be using is PATA hdd, but i will be relocating to SCSI system... does this become a problem?
<ScottK> You'd need to move the image to a new drive, but I'd guess not.  No guarantees from me though since I've never done it.
<captainkirk> scottk: thanks for the advice. i think i will do a normal system install and config, with all shared data on seperated drive and system and config etc on system PATA drive
<captainkirk> where do i configure samba data shares in the samba.conf file?
<uvirtbot> New bug: #368323 in dovecot (main) "dovecot refuses connection after upgrade" [Undecided,New] https://launchpad.net/bugs/368323
<PleXuS> whats the best way to fix broken packages?
<PleXuS> sudo apt-get install -f wont work :s
<ScottK> It depends a lot on how and why it's broken.  There isn't a one size fits all answer.
<storrgie> anyone familiar with kimsufi?
<billybigrigger> hello all
<billybigrigger> ok, i just was informed in #ubuntu that i can install dovecot-postfix for my mailsystem, is anyone here familiar with the 9.04 mailserver metapackage dovecot-postfix?
<billybigrigger> i installed the package
<billybigrigger> now what? :P
<billybigrigger> how do i manage my users? is there a gui say phpmyadmin-like gui frontend for postfix or anything like that? thats easy to manage mail settings and users and such? or am i dreaming
<PhotoJim> billybigrigger: for a very small server you can just manage users manually.  login name/password for email matches local username/password.  you can disable the login shell in /etc/passwd if you don't want the user to be able to login.
<slestak> question, i have an old decrepit dell 2350 that i just added a pci sata controller to.  the bios on this thing is a pita.  i am having trouble booting off the hard disk.  i tried booting off the 1T sata drive, no such luck.  put a PATA drive back on teh ide controller to give it sth easy to boot off of, and no luck there either
<slestak> when i boot w a livecd, grub identifies the sata drive as hd(0) and the pata as hd(1)
<slestak> i get a grub error 2 when i try to boot
<PhotoJim> I have a 2450, but I boot it off SCSI.  my SATA drives are for my network shares.
<PhotoJim> I haven't tried booting it off SATA, but the SATA "RAID" menu pops up during POST, so I'm guessing it's possible.
<PhotoJim> I assume you mean a poweredge 2350.
<slestak> i wish i was so luck, no dimension 2350, CL find
<PhotoJim> ahh.
<slestak> it actually just worked.  wth.
<PhotoJim> well, that's a good sign.
<slestak> if its gonna break, at leastbe consistent
<PhotoJim> make sure everything is tightly seated.  press down any chip or card that is socketed/removable.
<billybigrigger> PhotoJim, so just using local system users for mail will have their username @ hostname? ie my username would be billybigrigger@thefrozencanuck.ca
<billybigrigger> ?
<PhotoJim> billybigrigger: yup, although you can use different addresses if you have multiple domains.  e.g. for user photojim@metol.ca, I create a photojim_metol account on my server and create a forwarding entry to forward all mail from photojim@metol.ca to photojim_metol@photojim.ca
<PhotoJim> there may be better ways to do it but that's how I do it
<PhotoJim> technically they'll be billybigrigger@yourmachinename.thefrozencanuck.ca but if you make machinename.thefrozencanuck.ca the mail DX for thefrozencanuck.ca, that address will work too.  that's how I do it.
<billybigrigger> brb
<billybigrigger> gotta switch to gnome
<TimReichhart> hey guys can anybody tell me how big of a hard drive I should use for a email server?
<PhotoJim> that depends on a lot of things.
<PhotoJim> how many users, how much traffic they will generate, whether you're permitting imap...
<TimReichhart> well lets say for small business with 20 or so employees
<PhotoJim> a few gigabytes ought to be tons
<PhotoJim> but again, depends on how much traffic they generate...
<PhotoJim> and how often they clean out their inboxes
<TimReichhart> would 250gb hard drive will work?
<PhotoJim> and whether you have IMAP which lets them save messages in folders on your server
<PhotoJim> depends what else you have running on it, but as long as you don't eat up too much of the space on other stuff, sure
<TimReichhart> alright that is all I needed to know
<PhotoJim> if in doubt, guess high :)
<PhotoJim> I have only 3 users on my machine and 250 gigs was enough for everything including our entire music library, until I put about 300 gigs of video files up (on my new server) :)
<PhotoJim> and I have imap, and all my mail is stored on the server (that I have archived)
<PhotoJim> so 250 gigs should be plenty
<TimReichhart> now could can I do quotes on email boxes also
<PhotoJim> a friend has 150 users onto his system, uses 110 gigs.
<TimReichhart> also what is the best anti virus program to use on the email server?
<PhotoJim> I don't run any AV on mine, I run them on client Windows machines only
<PhotoJim> there are a few options, but I'm in no position to recommend
<TimReichhart> well like which ones because I only know one and that is clamav
<PhotoJim> that's a well-known one
<TimReichhart> any others?
<PhotoJim> I think so but I can't think of them off the top of my head.
<TimReichhart> well thanks for your help photojim
<uvirtbot> New bug: #368153 in kerberos-configs (universe) "Kerberos, NFS4 and autofs issue" [Undecided,New] https://launchpad.net/bugs/368153
<PhotoJim> np Tim
<slestak> anyone using screen-profiles?  does it have capability to present running screens to the user on reconnect?
<barty> Hi guys, I have a little question on Jaunty and VMs... anyone able to help on that?
<barty> I have the server CD (64bit) here, and want to create a VM in VMWare Fusion. I did that with 8.04 (separate JeOS CD) and 8.10 (use F4 at CD boot time), but there seems to be no such option anymore in Jaunty.
<barty> I could install the minimal install, and then use vm-builder to make the vm, but that seems kind of odd and cumbersome.
<foxbuntu> barty, I dont think VMWare has been updated to support the 2.6.28 kernel yet.
<barty> Aj. thats a pity.
<barty> but why did they remove the option at all? The server guide still mentions the F4 option...
<captainkirk> hey all, what part of samba.conf do i edit / add to share folders?
<PhotoJim> [nameofshare]
<captainkirk> hey all, what part of samba.conf do i edit / add to share folders? - anyone
<PhotoJim> See above.
<PhotoJim> [homes] for individual home directories.  and specific discreet shares by whatever name you like, e.g. my /public is [public] comment=Public Stuff       path = /public     etc
<captainkirk> photojim: hi, thanks i will try that now
<PhotoJim> np
<captainkirk> what command do i enter to restart the samba d after editing the smb.conf?
<captainkirk> why cant i type anything.
<captainkirk> i entered /etc/init.d/samba restart  and seems to have worked
<slestak> im having difficulty mounting 2 xfs filesystems.  they are not /, i hav ext3 for that.  i have installed xfsprogs, and have then addressed by UUID, only option is defaults
<captainkirk> can anyone suggest a web based gui for manageing samba shares and users?
<slestak> may be fixed, im rebooting
<captainkirk> what does 'etc' stand for when refering to the etc folder...?
<slestak> etcetera, i would assume
<captainkirk> hmmm sounds plausable...
<slestak> captainkirk: swat maaybe
<captainkirk> slestak:  swat.... samba web admin tool... looking into it now
<slestak> captainkirk: for restarting services, did you use sudo?  also i have started using invoke-rc.d recently, little easier to bash complete that the path to /etc/init.d
<captainkirk> i have enabled and logged in as root... so no need for sudo...( i am still testing )
<slestak> sudo is a good habit to pickup.  once you type your passwrod once, it is cached for a time. it is good in the work environement not to get in the habit of everyone runnning around as root, and leaving root sessions unatttended
<captainkirk> slestak... i agree totally  but while testing it is a right royal u know what.... :)
<slestak> i didnt see your initial question, are you trying to make a smb share,our mount an existing share?
<captainkirk> slestak: if you asking me... i was trying to share an existing folder /data/public through samba to windows workstations.... i have succeeded in that
<captainkirk> slestak: now I am looking for a web gui (like swat) to manage samba users and shares
<billybigrigger> when setting up a mailserver do i have to forward my 25(outgoing) and 110(incoming) ports to my mailserver?
<twb> billybigrigger: that doesn't make any sense.
<billybigrigger> well i can recieve mail but can't send mail
<captainkirk> billybrigger: no
<twb> You need to set up an MTA on every server (and ideally, every workstation) you run.
<twb> These MTAs need to be configured to relay all outbound mail to the "smarthost", i.e. what you call your "mailserver"
<billybigrigger> nmap shows my smtp port 25 and my pop3 110 ports are open
<billybigrigger> i used ubuntu server's metapackage dovecot-postfix to get my mailserver running
<billybigrigger> all seems to be well except for sending mail, so what step did i miss?
<billybigrigger> what do i need to install? mta mail transfer agent right?
<twb> dovecot is an IMAP server, you shouldn't be using POP3
<twb> MTA is the Mail Transport Agent, e.g. postfix or exim4.
<billybigrigger> dovecot-postfix opened up ports for smtp/imap/pop3
<billybigrigger> so dovecot-postfix is for sending mail only then or what?
<twb> postfix is an MTA.
<twb> dovecot is an IMAP server, and apparently also a POP3 server.
<billybigrigger> looking in the dovecot.conf i see this for protocols....protocols = imap imaps pop3 pop3s
<billybigrigger> so ya apparently it does support both
<captainkirk> trying to install swat, but getting unmet dependencies errors.... anyone help with this issue?
<captainkirk> apt-get install swat      openbsd-inetd and inet-superserver is not installable
<billybigrigger> so postfix does all the sending/recieving of mail?
<twb> Postfix sends mail to, and receives mail from, other mail servers.
<twb> Dovecot gives users access to their mailboxes.
<billybigrigger> so where would my problem be then?
<billybigrigger> i can recieve mail but not send it, should i start looking at postfix for my problems?
<ScottK> Postfix has very good logs.  Look in /var/log/mail.log
<captainkirk> cant copy files to a samba share.... probably a permission issue... can anyone advise
<billybigrigger> hmm
<billybigrigger> looking through postfix logs doesn't give me any errors as to why they wont send
<captainkirk> how do i install a .deb file in ubuntu?
<ScottK> billybigrigger: Use tail -f /var/log/mail.log and then try to send.  That will show you the new log entries from the sending attempt as they happen.
<billybigrigger> i did
<billybigrigger> they are timing out
<ScottK> Can you pastebin something?
<captainkirk> can someone help me with my apt sources.list file.... i seem to have problems accessing and installing basic things
<billybigrigger> k ill paste from the moment i press the send message button in thunderbird
<billybigrigger> http://pastebin.ubuntu.com/159806/
<ScottK> billybigrigger: What happens if you do "ping mx4.hotmail.com" from the server?
<ScottK> If that works, try "telnet mx4.hotmail.com 25" (if that connects, just type quit to get out of the connection).
<billybigrigger> billybigrigger@alixandria:/etc/postfix$ ping mx4.hotmail.com
<billybigrigger> PING mx4.hotmail.com (65.54.244.104) 56(84) bytes of data.
<billybigrigger> nope
<billybigrigger> just sits there
<ScottK> billybigrigger: Both of them?
<billybigrigger> why can't i send to hotmail?? this is odd, i can login to hotmail and send/receive no problem through hotmail
<billybigrigger> telnet times out too
<billybigrigger> i can telnet to my mailserver if that helps at all
<ScottK> billybigrigger: Did both ping and telnet fail or just the telnet?
<billybigrigger> both time out
<ScottK> You have either a basic networking problem on that box (obviously not too basic as you're connecting to it) or there is a firewall between you and hotmail for those ports.
<billybigrigger> so this is a problem with my outbound mail only, so postfix/smtp are the culprit here no?
<ScottK> Nothing to do with your postfix/mail server setup.
<ScottK> Absolutely not.  You just replicated the problem with postfix not at all involved.
<billybigrigger> right, by pinging and telneting to the hotmail mailserver
<billybigrigger> ok i get ya
<ScottK> Yes.  Thos both work from here.
<ScottK> Thos/Those
<ScottK> So leave the mail server along and work on the more basic networking problem.
<billybigrigger> maybe my isp is blocking my port 25 outbound?
<ScottK> Yep
<ScottK> If you're on a residential connection there's a good chance they are.
<billybigrigger> bah
<billybigrigger> sob
<billybigrigger> hehe well that sucks
<billybigrigger> that is like the only port i've ever had blocked, is there a surefire way of finding out?
<billybigrigger> they let me run port 21/80
<captainkirk> where can i find an apt sources.list file for ubuntu server 8.04.2?
<captainkirk> my machine hardly ever finds whatever i want to install
<ScottK> billybigrigger: Blocking port 25 is specificaly done as an anti-spam measure.  Blocking the other ones are relevant for that.
<billybigrigger> ahh
<ScottK> Bottom line is if you want a real internet connection, you'll have to pay for it.
<billybigrigger> can i run smtp on port 26?
<ScottK> You can, but no one listens on port 26, so it wouldn't help
<ScottK> Which is why blocking port 25 works.
<billybigrigger> but dont i just need to run my outgoing mail on port 26?
<billybigrigger> why would it matter if everyone else is on 25?
<billybigrigger> never mind
<billybigrigger> dumb question :P
<captainkirk> :P
<captainkirk> lol
<billybigrigger> its time for bed me thinks
<captainkirk> almost ready to strangle ubuntu.....  apt-get install (any simple package) not working - no installation candidate - what is going wrong
<twb> captainkirk: insufficient data.
<captainkirk> twb: what do u mean?
<ScottK> captainkirk: There are two possibilities: 1. Installing new packages is horribly broken in Hardy and no one can do it.  2.  Something is wrong with your system.
<ScottK> Personally, I'll go with 2.
<captainkirk> scottk:  thanks for your invaluable advice :P   i have added some new sites to the sources.list and i am having some success now
<ScottK> captainkirk: Great.  My main point is until you give some specifics, we really have no idea what's going on with your machine.
<ScottK> Good luck.
<ScottK> I'm going to bed.
<captainkirk> scottk.... im still at work.... cheers :)
<ar> Hi
<ar> stupid question you guys, why is this wrong? EDITOR=Nano visudo
<twb> !u
<ubottu> U is the 21st letter of the modern latin alphabet. Neither 'U' or 'Ur' are words in the English language. Nor are 'R', 'Y', 'l8', 'Ne1' or 'Bcuz'. Mangled English is hard for non-native English speakers. Please see http://geekosophical.net/random/abbreviations/ for more information.
<twb> !ur
<twb> Aw, I like dpkg's "ur" entry
<twb> ar: Nano doesn't exist; nano does.
<twb> ar: also, strictly speaking, you should set VISUAL=nano not EDITOR=nano
<ar> hee hee, someone just pointed that out on slicehost =o) Thank you twb, I appreciate it
 * twb knows all!  Tell your friends!
<ar> LOL
<captainkirk> cant write to a public samba share... access is denied
<captainkirk> new install and i guess it is not configured correctly. can anyone help
<Master_Taco> anyone around?
<blue-frog> wanna dance?
<Master_Taco> I try to SSH into my distant remote server and get this - debug2: we sent a publickey packet, wait for reply     Connection closed by 12.345.678.90  - It's because something is eating up 100% of my 4GB ram.
<Master_Taco> What am I supposed to do?
<blue-frog> ask support where you rent your server
<Master_Taco> um?
<Master_Taco> my house
<twb> OOM kill, increase swap, turn on ulimits
<Master_Taco> http://pastebin.ubuntu.com/159844/
<twb> Uninstall the offending program
<blue-frog> then go onto your server physically and see what's goign on
<Master_Taco> twb: you missed the remote part
<twb> Master_Taco: ring up the NOC monkey
<Master_Taco> huh>
<twb> That part was implied
<Master_Taco> I'm the NOC monkey
<Master_Taco> but I'm hours away from that system
<twb> If SSH doesn't let you in and you have no other remote acces mechanism (such as KVM over IP or remote power cycling), then you have to get physical access to the system.
<Master_Taco> is there any way to make ssh hold a connection longer so it doesn't time out waiting for the reply?
<twb> Master_Taco: stop typing into it
<twb> -o BatchMode=yes might also help
<twb> That turns on TCP keepalives
<Master_Taco> I'll try it
<twb> I doubt it will help in your case.
<twb> ssh is hanging up on the other end because e.g. it can't spawn the login shell
<Master_Taco> I'm 99.99% sure it's hanging because of 100% mem usage
<Master_Taco> which is probably keeping it from being able to do that - or something else similar
<twb> Master_Taco: are you saying there's *nobody* on site -- you can't even call someone and tell them to hard-reboot it?
<Master_Taco> nope
<blue-frog> then it will wait for your return...
<Master_Taco> I just tried to call the only dick that could do it for me
<J-_> Can someone help me set up ny LAMP server? I've mucked up /etc/hosts, and I don't know if /etc/resolv.conf is set up proper.
<blue-frog> J if it not then you cannot ping a domain name
<cemc> Master_Taco: you should insist some more on getting in with ssh ;)
<Master_Taco> cemc: how?
<twb> J-_: I don't know why you would need to mess with either of those files.
<cemc> Master_Taco: try it some more
<Master_Taco> I'm trying with what twb said and I'm waiting for
<Master_Taco> "debug1: Checking blacklist file /etc/ssh/blacklist.DSA-1024" right now
<J-_> twb: static IP, and using afraid.org's nameservers.
<twb> ssh -vvv will not tell you anything useful about the server side
<twb> Because that [wc]ould constitute disclosure of information to potentially untrusted parties.
<Master_Taco> twb: I know - I know what's going on over there though
<Master_Taco> It's just useful to see where it dies
<Master_Taco> or how far it is
<Master_Taco> to go and have no energy for the class I'm failing in tomorrow - or not to go
<Master_Taco> I can't pass it anyway.... I'm going
<Master_Taco> I'd need 101% in the final exam and final project
<J-_> I can ping both my internal IP, and my domain name. But, I can't ping google from the server. What can I do to fix it?
<blue-frog> J- can you ping grc.com
<J-_> If I can't ping google, I can't ping grc.com
<blue-frog> of sry can't ping google
<blue-frog> then put the dns namerserver in /etc/resolv.conf
<J-_> I have.
<blue-frog> nameserver IP-of-your-DNS
<blue-frog> what about the  routes
<blue-frog> netstat -rn
<J-_> Should I include the DNS of my ISP, and DNS from afraid.org?
<blue-frog> J whatever DNS as long as you can ping its IP
<blue-frog> ping 4.2.2.2   gives what?
<J-_> 100% packet loss
<blue-frog> then you do not have access at the internet at all. check your routes
<blue-frog> can you ping your router?
<J-_> Yes
<J-_> My routes are messed up
<J-_> bah, I don't know
<MTecknology> well - I hard reset. I'm going to restore some stuff to a very distant backup. reinstall the package. and hope to god things work
<MTecknology> perhaps an at job to reboot the thing at some point tomorrow
<MTecknology> If I was smart enough to start things in screen I could be getting back already for some sleep. Even though I'm going to fail that class
<MTecknology> ssh on a mac is such a pain too
<MTecknology> GR! I'm getting 120K/s from the other server and it should be throwing up 2M/s
<MTecknology> I HATE SERVER DOWNTIME!
<MTecknology> I just made a heck of a strong white cactus
<cybersplice> What's a white cactus?
<uvirtbot> New bug: #368420 in samba (main) "You have 1 broken package on your system!" [Undecided,New] https://launchpad.net/bugs/368420
<jpds> MTecknology: Trial by fire rocks.
<MTecknology> cybersplice: white tequila, ginger ale, lime juice, usually sweetener
<cybersplice> MTecknology: sans the sweetner: om nom nom nom
<MTecknology> cybersplice: can be, I have really cheap tequila in it
<cybersplice> MTecknology: With really cheap vodka, you can run it thorugh one of those water filter jugs to clean it up. Works a treat.
 * cybersplice checks on the status of his bug.
<MTecknology> I hate vodka
 * cybersplice is alarmed to find his bug has disappeared.
<uvirtbot> New bug: #367878 in samba (main) "segfault in pam_smbpass.so (reported in syslog) (dup-of: 303458)" [Undecided,Incomplete] https://launchpad.net/bugs/367878
<cybersplice> does anyone else use Ubuntu for clustering?
<_ruben> clustering in which sense?
<frippz> does aptitude have the ability to email me a list of available upgrades after doing a scheduled update of the repos?
<atomic__> frippz: apticron
<frippz> atomic__: great, thanks!
<atomic__> yw
<frippz> well, hmm... something went missing I think. got a local mail to my account saying "Mailing to remote domains not supported". guess something needs configuring?
<uvirtbot> New bug: #368510 in mysql-dfsg-5.0 (main) "the daemons don't work when are launched in startup, but they do when u restart them manually" [Undecided,New] https://launchpad.net/bugs/368510
<cybersplice> !libltdl3
<ubottu> Sorry, I don't know anything about libltdl3
<cybersplice> dfs
<cybersplice> !info libltdl3
<ubottu> Package libltdl3 does not exist in jaunty
<cybersplice> !info libltdl7
<ubottu> libltdl7 (source: libtool): A system independent dlopen wrapper for GNU libtool. In component main, is optional. Version 2.2.6a-1ubuntu1 (jaunty), package size 286 kB, installed size 376 kB
<uvirtbot> New bug: #363275 in postfix (main) "package postfix 2.5.5-1.1 failed to install/upgrade: " [Undecided,Incomplete] https://launchpad.net/bugs/363275
<stefanlsd> Is it possible to use vmbuilder with apt-cacher?  I use --install-mirror=   and it seems to want to look for dists_jaunty_Release - which apt-cacher doesnt have
<uvirtbot> New bug: #368141 in openvpn (universe) "openvpn init script contains invalid variable declarations (dup-of: 271777)" [Undecided,New] https://launchpad.net/bugs/368141
<TheOpenSourcerer> Hi all, what do people use for backup tools on their servers
<henkjan> TheOpenSourcerer: rsync
<Kamping_Kaiser> nothing \o/ (I love having a machine where every byte is disposable)
<TheOpenSourcerer> I have used rdiff-backup at home but I want something for a customer that is "easy" and the backup data can be dumped to a remote machine which might not be Linux.
<slestak> for the package selection in jaunty jeos install, how can I tell what is included in each selection?  Particularly "Basic Ubuntu Server"?
<Kamping_Kaiser> TheOpenSourcerer, unison-gtk perhaps (depending on complexity), or backuppc
<slestak> i have looked in teh server docs at Ubuntu.com
<TheOpenSourcerer> Thanks Kamping_Kaiser I will investigate those.
<slestak> and tried google.
<Kamping_Kaiser> TheOpenSourcerer, backuppc does (or did) have quite a setup cost (eg, effort), but after that its easy.
<Kamping_Kaiser> slestak, check its tasksel task (sorry, cant recall how off the top of my head though)
<slestak> Kamping_Kaiser: ty
<slestak> can I do that during the install, or at packages.ubuntu.com?
<slestak> Kamping_Kaiser: nm, you just said you couldnt recall :)
<Kamping_Kaiser> slestak, during install perhaps, but not sure. p.u.c probably not.
<slestak> found a link, the tasksel selections are stored in /usr/share/ (forgot the rest) and that dialog can be brought up after install with sudo tasksel
<pmatulis> i'm having trouble mounting an iSCSI device during boot time.  during boot i get "waiting for iscsi devices" and then times out.  once up, the device is present and ready to be mounted.  plus, putting an entry in fstab crashes everything (i drop to a root shell).  i'm running Jaunty.  any ideas?
<Brazen> do many people here use pidgin for irc?  I'm using it now, for the first time, and liking it so far.
<uvirtbot> New bug: #283811 in cups (main) "cups says "can't promp for authorization" when printing to my samba printer" [High,Confirmed] https://launchpad.net/bugs/283811
<ivoks> kirkland: have you seen my comment on your blog?
<kirkland> ivoks: just saw it
<kirkland> ivoks: i agree 100%
<kirkland> ivoks: i'm planning on pushing this hard for karmic
<ivoks> kirkland: great!
<kirkland> ivoks: as much as ubuntu=gnome, kubuntu=kde, xubuntu=xfce, server should =screen
<kirkland> ivoks: we should use it in the same way
<ivoks> server=screen|ebox|some-cool-ldap-desktop-app-for-workstation
<ivoks> :)
<kirkland> ivoks: sure
<kirkland> ivoks: those are welcome to play too
<scapor> I'm trying to instal ubuntu on a USB stick. After install of both desktop or server versions, after some/one reboots the filesystem is always corrupted, leading to unreadable system files. Is this a known issue ? some fix for this? some clue ?
<kirkland> ivoks: https://blueprints.edge.launchpad.net/ubuntu/+spec/server-karmic-screen-window-manager
<kirkland> ivoks: you're welcome to add your thoughts/support to the whiteboard
<ivoks> sure
<ivoks> kirkland: but i wouldn't launch screen by default on login...
<henkjan> launching screen by default... for which user?
<ivoks> kirkland: i would rather launch it by default when loged in via ssh
<kirkland> ivoks: so not on the tty?
<ivoks> hm... no :/
<kirkland> ivoks: actually, keybuk has been talking about replacing the tty manager with screen
<ivoks> it should be configurable
<kirkland> ivoks: that's fair enough
<ivoks> some programs won't start if screen isn't 80x24
<ivoks> so, if we push 'panel' in the window... and we can't get out of it... then we have a problem
<kirkland> ivoks: like what programs?
<ivoks> some ncurses based
<ivoks> i don't recall exactly which one, but they do exist
<ivoks> maybe sniffit
<kirkland> ivoks: then i think we should bug those programs and fix them
<kirkland> ivoks: 80x24 is pretty draconian in modern linux, honestly
<kirkland> ivoks: i mean, i don't mind writing code that fits in 80 columns
<ivoks> nope, it's not sniffit
<kirkland> ivoks: and even when i did my demo yesterday, i made my demo window 80x24
<ivoks> kirkland: i know... i'm just reminding... they exist :)
<kirkland> ivoks: but that was out of convenience and not necessity
<kirkland> ivoks: fair enough, but I don't think that should be a blocker
<ivoks> i agree
<kirkland> ivoks: we should bug any programs that institute such an ancient requirement
<kirkland> ivoks: and fix those in main
<kirkland> ivoks: and try to fix those in universe
<kirkland> ivoks: you're welcome to note that on the whiteboard ;-)\
<mib_z3mjzb6b> p6pt	I just installed the new ubuntu 9.04 "dovecot-postfix" package on my slice--how do I figure out what and how it defines email accounts in this turnkey setup?
<billybigrigger> mib_z3mjzb6b, i just installed the same metapackage last night
<billybigrigger> mib_z3mjzb6b, and its ready to go out of the box, its uses your system users for email accounts
<billybigrigger> mib_z3mjzb6b, i just had to setup my MX records with my domain provider and i was ready to go i accepted emails out of the box with no config, except for in my case my ISP blocks port 25 so i can't send email out through my mailserver
<mib_z3mjzb6b> billybigrigger, hmm...  I'm using a user I created but it is rejecting me on the password
<billybigrigger> odd..
<mib_z3mjzb6b> I usually use this user over ssh without using a password, wonder if that matters?
<billybigrigger> you use ssh without a user password?
<mib_z3mjzb6b> using a key
<mib_z3mjzb6b> it is good to get a point of reference from you
<mib_z3mjzb6b> knowing that it should work out of the box helps--now I can look at the user and try making a new one to see
<RoAkSoAx> ivoks, any other package that you have in mind? https://bugs.launchpad.net/~ubuntu-ha/+packagebugs
<ivoks> RoAkSoAx: ocfs
<ivoks> RoAkSoAx: that's ocfs2-tools
<RoAkSoAx> ivoks, just added it
<ivoks> RoAkSoAx: so i had an idea of replacing redhat cluster suite with linuxha
<ivoks> RoAkSoAx: since no one has good knowledge of rhcs and it's hard to support it
<RoAkSoAx> ivoks, that would differentiate us if we manage our *own* cluster stack
<ivoks> RoAkSoAx: correct; having ubuntu cluster suite would be great
<RoAkSoAx> ivoks, indeed, i think the maintainer was unable to keep with them right?
<ivoks> RoAkSoAx: well, maintainer was hiered by redhat :D
<RoAkSoAx> ivoks, yeah it would be a nice idea, keep in mind that the CRM for Heartbeat is now migrated to another project called Pacemaker
<ivoks> RoAkSoAx: well, i'm a big rusty as far as linuxha goes
<ivoks> it's been a while since i used it last time
<RoAkSoAx> ivoks, haha ok, well.. last heartbeat version that includes the cluster resource manager is 2.1.4, the latest i think it is 2.99.0 and it does not include the CRM... and that's the new project, Pacemaker
<RoAkSoAx> ivoks, http://clusterlabs.org/wiki/Main_Page
<ivoks> hm...
<ivoks> openais
<ivoks> rhcs uses openais
<RoAkSoAx> ivoks, well i'm currently working with Heartbeat 21.4... but we'll have to start thinking on having heartbeat 2.1.4 and heartbeat 2.99.0 or up with Pacemaker
<RoAkSoAx> ivoks, yeah, now the CRM supports both heartbeat and openais
<ivoks> pacemaker looks promissing
<RoAkSoAx> indeed
<RoAkSoAx> ivoks, maybe we could provide a ubuntu cluster stack with both heartbeat or openais
 * jmedina is interested with HA topic..
<ivoks> RoAkSoAx: we should decide on one tool
<ivoks> otherwise, we will have hard time to support it
<ivoks> i don't have strong feelings about openais
<RoAkSoAx> ivoks, indeed... but actually it will depend on what type of cluster we'll like to implement
<ivoks> failover, load balancing
<ivoks> gfs can't work without rhcs, right?
<RoAkSoAx> ivoks, in case of loadbalancing, we could use keepalived instead of heartbeat if we are implementing lvs based clusters, since it failovers way faster than heartbeat
<ivoks> that leaves us with ocfs as only clustered filesystem
<RoAkSoAx> ivoks, we could also think about glusterfs
<ivoks> is that thing alive?
<henriquelm> Hello there
<RoAkSoAx> ivoks, yeah, there's a new version coming soon, version 2. It looks promising
<henriquelm> I have Ubuntu Server 7.10, What's the best way to upgrade to 8.04?
<ivoks> henriquelm: do-release-upgrade
<RoAkSoAx> it allows us to do active / active without using ocfs2 since it's already a cluster filesystem
<ivoks> RoAkSoAx: glusterfs isn't in the kernel
<ivoks> RoAkSoAx: so, ocfs would be easier approach
<henriquelm> ivoks, Do I get to choose which version will I upgrade to?
<RoAkSoAx> ivoks, no, it's just userspace
<ivoks> henriquelm: it upgrades to the next one - that's 8.04
<henriquelm> ivoks, ok
<ivoks> henriquelm: you can't skip releases
<ivoks> henriquelm: so it always upgrade to the next release
<RoAkSoAx> ivoks, well at work we've been discussing the utilization of glusterfs vs drbd, and they've seen that glusterfs since it's easuy to maintain, upgrade.. because it works on userspace
<henriquelm> ivoks, I already downloaded the cd of ubuntu server 8.04, can I upgrade from the .iso file?
<ivoks> henriquelm: you can, but you have to do lots of dirty hacks... if you have network link, just do it over the network
<ivoks> userspace = slow, kernel = fast
<ivoks> :)
<RoAkSoAx> ivoks, yeah that's true too.. i'm a fan of DRBD aswell :)
<ivoks> RoAkSoAx: we have to check all options
<RoAkSoAx> yes
<RoAkSoAx> i'm a fan of linux ha clusters
<ivoks> it's good to know there's more people that use ubuntu in clustered env
<ivoks> i have couple of rhcs+drbd clusters
<ivoks> on ubuntu
<RoAkSoAx> ivoks, yeah!! when i was thinking what thesis could I do... I was amazed with HA... so i decided to do my thesis about it... and ended up using Heartbeat, LVS, DRBD to design my architecture
<ivoks> RoAkSoAx: ok... so for start
<ivoks> RoAkSoAx: for karmic, we should define cluster set
<ivoks> RoAkSoAx: and for karmic+1 have a production usable cluster system
<ivoks> we can't continue having rhcs in the state it is now in next LTS
<RoAkSoAx> ivoks, i see.. well my personal opinion is to use linux-ha, though i've not used rhcs... i've been working with linux-ha for more than a year know and i do not have complaints at all
<ivoks> RoAkSoAx: i'm in favour of replacing rhcs with linux-ha
<RoAkSoAx> btw... i had this idea: http://brainstorm.ubuntu.com/idea/13315/ with it, I intended to have an easy way to install and configure clusters based in linux-ha and LVS for loadbalancing
<ivoks> RoAkSoAx: let's build fondations first, and then create management console
<RoAkSoAx> ivoks, haha yeah, i had that idea for hardy UDS
<RoAkSoAx> anyways, yeah! i go for linux-ha rather than rhcs
<ivoks> ok :)
<ivoks> it would be great to have rhcs->linuxha migration tool
<ivoks> :)
 * jmedina downloading RoAkSoAx thesis
<RoAkSoAx> ivoks, indeed
<ivoks> too many plans = no realization
<RoAkSoAx> ivoks, for example, this bug https://bugs.launchpad.net/ubuntu/+source/heartbeat/+bug/332043 addresses the issue of the separation of heartbeat with the CRM
<uvirtbot> Launchpad bug 332043 in heartbeat "provide pacemaker on hardy 8.04 as heartbeat-3" [Undecided,New]
<ivoks> so, let's create basic foundation for karmic ;)
<RoAkSoAx> and for example, instead of creating a package heartbeat-3 we could start having like: ubuntu-cluster-stack or something like that
<RoAkSoAx> which will be a metapackage for latest heartbeat (2.99.0 and Up) + pacemaker
<ivoks> jmedina: link? :)
<jmedina> http://roaksoax.files.wordpress.com/2009/03/thesis.pdf
<ivoks> spanish?
<jmedina> it is in spanish
<jmedina> yeap
<RoAkSoAx> ivoks, yes
<ivoks> ok, let's try :D
<RoAkSoAx> ivoks, here's a summary: http://www.roaksoax.com/2008/07/ubuntu-in-my-thesis-part-2
<jmedina> RoAkSoAx: looks really good your thesis, im researching for a outgoing project, so that will help me a lot
<ivoks> heh, spanish is easy :)
<RoAkSoAx> jmedina, awesome.. i'll soon update part of the implementation with Jaunty. since I think I used  Gutsy for it
<jmedina> RoAkSoAx: good, im suscribing to you rss :D
<henriquelm> ivoks, the upgrade over the internet is way to slow, can I stop in the middle of the download?
<RoAkSoAx> ivoks, my thesis should help us decide a cluster stack and as a sample implementation
<ivoks> henriquelm: yes, you can
<henriquelm> ivoks, where does ubuntu keeps these downloaded files?
<ivoks> henriquelm: /var/cache/apt/archives/
<RoAkSoAx> ivoks, should be announce the creation of the ubuntu-ha team and accept members to it that would like to contribute or something?
<ivoks> RoAkSoAx: sure
<RoAkSoAx> ivoks, ok i'll do a blogpost later today
<jmedina> ivoks: are you using any vacation/autoresponder program for your postfix/dovecot/ldap setup?
<ivoks> jmedina: i'm looking at gnarwl
<jmedina> ok, I think it is the only one :D
<ivoks> :)
<jmedina> I used maildrop with mailbot, but that requires manual creation of .maildrprc files
<jmedina> using gnarwl it is better, now we need a web interface so users can change their vacation info
<XiXaQ> does Ubuntu DVD contain all the server-stuff too?
<ElecBoy> I think yes some os the repo's
<XiXaQ> what does that mean? :)
<ElecBoy> It includes some of the packages that are in the synaptic
<XiXaQ> right. I know that, I hope it includes serverstuff too.
<ElecBoy> Remember that using packages from the DVD or CD is not using some of the latest realeses
<XiXaQ> I seem to remember that it does.
<ElecBoy> So maybe you can isntall them but rember to do and upgrade later on
<XiXaQ> it doesn't include updates, I know. There aren't any big differences though.
<ElecBoy> Security Updates must be a consern
<XiXaQ> yes, but what has that got to do with anything?
<XiXaQ> I'd have to install updates if I installed from the net too.
<ElecBoy> The thing having the packages in the DVD are that you don't have to connect to the net because, maybe you are out of the net
<ElecBoy> but still when you connect you need to upgrade
<XiXaQ> exactly. Or just to save some gigabytes of bandwidth.
<XiXaQ> yesyesyes :)
<ElecBoy> of course if the computer is not connected to any networks you don't have a problem
<ElecBoy> yes
<lzantal> hi, does ubutnu 9.04 runs fine on quad core xeon xpu?
<lzantal> I have never installed it before on quad core
<jason_froebe> Izantal - yes
<XiXaQ> lzantal, the number of cores is mostly irrelevant.
<lzantal> great, the server comes with 3 sata II raid 5. On 8.04 sometimes I had issue with sata raid. Is 9.04 would recognize the hdd without much hassle?
<XiXaQ> I'd think so. Alot of people prefer to use linux' raid functionalities, but I don't know much about it.
<lzantal> I usually end up using software raid on them.
<lzantal> It would be nice if it would just work.
<lzantal> Thank you for all the pointers. I guess I just have to get the server and try it :D
<ElecBoy> Good luck.
<XiXaQ> the chance I'll say something stupid is directly proportional to the number of messages I send regarding this topic. :)
<XiXaQ> however, I think jaunty server has enhanced its LVM setup options, if that's something you can benefit from.
<lzantal> XiXaQ: thank you i will look into that.
<lzantal> May be somewhat off topic question:: Last week I did a mass local network install of 9.04 desktop on old icompaq desktops without cd-rom drive
<XiXaQ> I'm going to install a 64bit desktop server at home tonight. I'm very excited about it. I haven't used 64bit desktop in a couple of years. I guess the server stuff should be the same as in 32bit, but I'm curious to see how well the desktop stuff will work.
<orudie> can Oracle Database XE and MySQL run in parallel ?
<XiXaQ> orudie, I see no reason why not. If they use the same ports, then you'd have to configure one of them to use a different port, but other than that, there should be no conflicts. I also doubt that they would use the same ports.
<ar> Morning
<slicslak> i require a new version of ImageMagick than is currently avaialble in the default repos.  Is there a untested or beta repo i can use to obtain the latest?
<orudie> E: Couldn't find package oracle-xe :(
<slicslak> ok, I am running 8.04 LTS.  can i use IM from the jaunty repo without actually moving to jaunty?
<genii> slicslak: You could add the deb-src of a later dist and then apt-get source <package> and build it
<slicslak> it seems i'm don't have the right packages to compile things with yet.  is there a meta package for this?  or should i just isntall gcc, etc.
<slicslak> nvm, found https://help.ubuntu.com/community/CompilingSoftware
<orudie> just installed oracle-ex , no problems during installation, trying to access oracle by going to http://my.ip.adr:8080/apex geting page load error
<cr3> hi folks, I have a virsh xml question for you guys: when I specify a <kernel>, <initrd>, <disk>, etc. the paths given are relative to what exactly?
<ElecBoy> orudie try another browser
<ElecBoy> check that's the correct port
<ar> My port is plugged
<ar> need drano
<uvirtbot> New bug: #368851 in bacula (universe) "package bacula-fd 2.4.4-1ubuntu5 failed to install/upgrade: subprocess post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/368851
<cr3> mathiaz: when you use your iso testing scripts, are you able to virsh -c qemu:///system "console [id]"? I'm getting: No console available for domain
<Sam-I-Am> anyone around?
<Sam-I-Am> i'm getting random kernel panics in 7.10 lts server running on vmware...
<ar_> I-Am-Sam
<ar_> :)
<ar_> lol
<Sam-I-Am> err, 8.04
<Sam-I-Am> hardy
<Sam-I-Am> anywho, it likes to randomly panic
<ar_> randomly panic/
<ar_> ?
<Sam-I-Am> yeah
<Sam-I-Am> like... poof, panic
<Sam-I-Am> it'll work fine for a few hours
<ar_> what do you mean by panic?
<ar_> resources?
<Sam-I-Am> kernel panic
<Sam-I-Am> and halt
<Sam-I-Am> the usual 'killing interrupt handler' bit
<Sam-I-Am> halt and catch fire, etc :)
<foxbuntu> Am-I-Sam, you should look into /var/log/syslog /var/log/messages, also what other software is installed of importance (mysql, apache, ect)
<Sam-I-Am> its just serving NFS
<Sam-I-Am> and is an ldap client
<foxbuntu> Sam-I-Am, did you recently pull updates?
<foxbuntu> Sam-I-Am, also, do you like green eggs and ham?
<Sam-I-Am> yeah... the box was installed recently too
<Sam-I-Am> hahaha
<Sam-I-Am> depends
<foxbuntu> Sam-I-Am, which kernel are you using?
<foxbuntu> uname -r
<Sam-I-Am> lemmie reboot it from its panic, one moment...
<Sam-I-Am> 2.6.24-23-server
<TimReichhart> hey guys I am having problems logging into squirrelmail I have used this setup :http://flurdy.com/docs/postfix/
<foxbuntu> TimReichhart, I would go ask the postfix guys #postfix they helped my fix mine sometime ago
<jmedina> in squirrelmail there more issues regarding to IMAP server than SMTP (postfix)
<foxbuntu> Sam-I-Am, sudo apt-get update && sudo apt-cache policy linux-image-server
<foxbuntu> jmedina, correct but the postfix guys sure know allot about both
<jmedina> foxbuntu: of course :D
<Sam-I-Am> foxbuntu: 2.6.24.23.25 ... installed and candidate
<TimReichhart> well I can send out just fine but i cant login to squirrelmail
<Sam-I-Am> i'm seeing some sunrpc oops throughout the day before it panicks...
<Sam-I-Am> probably me restarting nfs parts
<foxbuntu> Sam-I-Am, you on a sun server?
<Sam-I-Am> but those still shouldnt happen
<foxbuntu> Sam-I-Am, what hardware are you on?
<Sam-I-Am> nope... this is a 64-bit VM inside vmware esx
<foxbuntu> ah
<foxbuntu> yeah that shouldnt be an issue
<foxbuntu> i assume you have vmware tools installed?
<Sam-I-Am> yup
<Sam-I-Am> build 153875
<Sam-I-Am> precompiled modules worked ok
<foxbuntu> and in vmware you have ubuntu selected as the os
<Sam-I-Am> yup
<foxbuntu> k
<foxbuntu> well back to the logs then
<Sam-I-Am> all of my other ubuntu servers are in VMs too... 8.10 and 9.04... no problems yet, although none of them have served NFS either
<foxbuntu> just have a poke around in all the logs and see if anything sticks out
<Sam-I-Am> the actual panic data is not in any logs... so it dies pretty hard.
<foxbuntu> you could try shutting NFS down for awhile to see if it panics without that running
<Sam-I-Am> that'd probably work... just need to stop my clients for a bit.
<foxbuntu> yea
<foxbuntu> thats prob the easiest thing to try
<Sam-I-Am> mmmkay...
<Sam-I-Am> should i just make sure nothings mounting it or stop the NFS daemons too?
<foxbuntu> stop the daemons
<foxbuntu> I have my doubts that its going to be the problem, but its an easy test
<Sam-I-Am> sure
<foxbuntu> well gl...I have to run for awhile
<Sam-I-Am> foxbuntu: thanks
<mathiaz> cr3: I'm using virt-viewer to connect to the console
<jmedina> anyone used ConVirt (formerly xenman) ?
<cr3> mathiaz: I need to jet but I found vncviewer to work quite well too, cheerio
<ar_> Bhooooo!
#ubuntu-server 2009-04-29
<captainkirk> so... im trying to mount an external usb drive to ubuntu.... i need help :)  (suprise suprise...)
<captainkirk> device has id of sdb
<captainkirk> currently has no partitions...
<Iceman_B|SSH> okay so, Ubuntu 9.04 has been out for a while, but my 8.10 server is working just fine. Should I still upgrade or leave it as is ?
<jmedina> captainkirk: well you need to partition it and create a File system in order to mount it
<jmedina> Iceman_B|SSH: do you need anything in new release?
<Iceman_B|SSH> no clue whats in the new rel-
<Iceman_B|SSH> brb, checking release notes
<captainkirk> jmedina: i am using webmin... is type linux the best option?
<jmedina> Iceman_B|SSH: so?
<jmedina> Iceman_B|SSH: how do you want to upgrade to something unknown?
<jmedina> I would create a test machine (thanks virtualization :D), and do some testing
<Iceman_B|SSH> I assume that having a newer version of a certain program/distro is generally a good thing
<Iceman_B|SSH> hm, not really a possibility
<Iceman_B|SSH> im using sortof old hardware, and only a CLI
<captainkirk> jmedina: okay, i have created a partition of type linux
<captainkirk> jmedina: using full disk capacity
<captainkirk> jmedina: does the 'mount as' directory need to exist already, or does the process of mounting create it?
<jmedina> Iceman_B|SSH: well not always, somethimes there are things that brakes becase config changes, bad upgrade procedures,
<jmedina> I always check change logs for every upgradable critical service in my sistem
<jmedina> create a copy of that machine, upgrade, and start testing
<jmedina> this way I never had a problem upgrading remote servers
<Iceman_B|SSH> hm hm
<Iceman_B|SSH> thats wise
<rayne> Is there a way to Xfer the ssh-rsa key text that the eucalyptus-cc gives you to type into the eucalyptus node for auth ? besides typing and prying you have typed the 3 hundred keys correctly ?
<jmedina> captainkirk: 'mount as" what you mean?
<Iceman_B|SSH> maybe Im dense, but where can I find a list of things that have changed and/or are new with Ubuntu server 9.04 ?
<jmedina> you need an existing mount point in your filesystem tree
<jmedina> captainkirk: did you create a filesystem on the partition?
<captainkirk> jmedina: i am using webmin and is has a 'mount as' option listing different file types, ext2 ext3 etc
<captainkirk> jmedina: yes i chose 'linux'
<jmedina> captainkirk: well I dont use webmin sin 2002 :D
<jmedina> linux is not a filesystem, that is the partition type
<jmedina> by "create a filesystem" I mean "Format the partition"
<captainkirk> oooo so i need to create a partition still
<jmedina> partitions and filesistems are different things
<jmedina> for example
<captainkirk> yes, i understand that
<jmedina> mkfs.ext3 /dev/sdb1
<jmedina> where sdb1 is the new linux partition you create in your usb drive
<captainkirk> system show sdb with 1 partition
<jmedina> that will create a ext3 filesystem on /dev/sdb1
<jmedina> then create a mount point
<jmedina> mkdir -p /media/usbdrive
<jmedina> and mount it
<jmedina> mount /dev/sdb1 /media/usbdrive
<jmedina> that's all
<captainkirk> kk. it is now creating the ext3... could take a whil on 500G drive
<captainkirk> jmedina: thanks for ur help.
<rayne> using the cli how could i move an ssh-rsa output from computer 1 to computer 2 ?
<IvanCostaJr> Hello, guys!
<IvanCostaJr> Can you help me with some Samba configurations?
<jeiworth> hi guys, i am setting up a sugarcrm-server in a vm and as to question of partitioning, how much space will the db in /var/lib/ take for a customer with an existing customer base of around 125 clients (being imported) and lets say he aquires 200-300 more, this should still be in the 2-digit  mb area, right?
<captainkirk> hey ivancostajr:  i know little but am also setting up samba, maybe able to help...?
<jeiworth> since using sugar, it will be a basically standard LAMP, so if you have some general advice on a good partitioning solution for that it will of course be highly appreciated too :)
<UKnow> CaptainKirk: I installed a Ubuntu server 8.10 with Samba. I made the shares in smb.conf and I created the user by (1) adduser --disabled-login --no-create-home (2) smbpasswd -a. But the users can't use the shares. They don't have permission.
<UKnow> What I missed?
<captainkirk> uknow, i had this problem just yesterday.... not saying this is the best solution but i had to change the ownership of the shared folder to nobody
<captainkirk> uknow... let me check my current config
<captainkirk> unkow, i was configuring a public free for all share with guest access allowed via samba, but as root owned the folder, i still got permission denied
<UKnow> Do you configuring the owner nobody.nobody?
<captainkirk> uknow, nope, got it wrong... had to change folder access to 777
<captainkirk> uknow folder owner is still root root
<captainkirk> uknow, i could be wrong, but it seems that samba permission sit on top of the linux file system permissions, so for a samba user to access the file, they must meet both samba permissions and file system level permissions
<UKnow> CaptainKirk: worked! But I used openSUSE two years with the same shares and I don't have this problem. The folder have 750 mod and it was ok. I going to study this problem...
<UKnow> Thanks!
<captainkirk> uknow, i have been experimenting with webmin, and it has a funciton to link samba users to linux users (two seperate user databases).
<kriel> would a copy of 8.10 that was fully updated have the same version of apache, vsftpd, samba, etc as a copy of 9.04?
<kriel> I'm about to try and franken-style two servers' worth of config files together, and I want to make sure I'm not about to start breaking stuff.
<nekostar> hey whats up
<nekostar> any of yall running high-avaliability servers?
<nekostar> !ha.d
<ubottu> Sorry, I don't know anything about ha.d
<nekostar> !high availability
<ubottu> Error: I am only a bot, please don't think I'm intelligent :)
<twb> kriel: no.
<kriel> nekostar: you can PM ubottu to get info like that
<kriel> twb: erf. I guess I get to manually splice the config files. Thanks.
<nekostar> kriel but then i dont get ppl in the channel knowing what i'm looking for without spitting out far more lines
<nekostar> ;)
<twb> kriel: an intrepid install, updated from intrepid-security, will have the versions that shipped with intrepid, plus security updates to those versions.  It won't have versions from newer releases.
<twb> kriel: I highly recommend using etckeeper to see what has changed and why.
<twb> kriel: theoretically, you can even pull patches from one etckeeper repo to another, but I have yet to try this.
<kees> !heartbeat
<ubottu> Sorry, I don't know anything about heartbeat
<kriel> twb: I just have the HDD for one server, the other server has it's own box. (Techinically, i'm migrating the server from one set of HDDs to another). but I need the drivers on the 9.04 disc to install it (new RAID controller) and the old server is 8.10
<twb> Just another reason I prefer md RAID
<nekostar> wow this install seems to be longer than before - however there are some VERY nice upgrades - more encryption stuffs - kudos
<nekostar> but when it's talking about virtual machine host, what vm format?
<nekostar> virtualbox, vmware, etc/
<nekostar> s/"/"/?
<twb> The virtualization technology supported by Ubuntu and Linux is KVM.
<nekostar> KVM?
<nekostar> !kvm
<ubottu> kvm is the preferred virtualization approach in Ubuntu. For more information see https://help.ubuntu.com/community/KVM
<nekostar> ty twb
<nekostar> hm
<nekostar> twb are you aware of any high-availability kvm projects?
<twb> No.
<nekostar> thats exactly what i'm looking for - and damn its nice being built in ;)
<nekostar> thanx.
<twb> AFAICT if your underlying hardware node is HA, then so will be the child VMs
<slestak> what is the "off" suffix in libmysqlclient15off mean?
<twb> slestak: the debian/changelog might say
<slestak> thx, lemme look
<kriel> ... -.-; Okay, so I try installing using the 8.10 cd. It says it can't autodetect the drive. I pull out my 9.04 desktop live CD, and it autodetects and decides it should use the sata_sil driver. I put in the 9.04server cd, try and install and... it asks me what driver to use. sata_sil isn't a choice. Help?
<twb> kriel: support for installing from a SATA CD drive is very recent.
<kriel> twb: SATA HDD, not SATA CD
<twb> I'm not surprised that 8.10 doesn't support it.
<twb> Oh.
<kriel> actually, RAID controller. But still. since ubuntu9.04live figured out to use sata_sil, shouldn't 9.04server?
<twb> Probably, but not necessarily.
<twb> There may not be a udeb for that driver, or it might be non-Free or something.
<kriel> twb: is there any way I can coax the liveCD into installing the server version?
<twb> The easiest thing is to do the install from a different card.
<twb> Unless you're actually using the fakeraid, which is probably a bad move.
<kriel> ... omg this is gonna be such a hack. I have a sata-to-usb converter, what I'll do is install ubuntu-server using the usb-sata thing, and then put it into the computer and let the raid controller sync the disks.
<twb> kriel: what makes you think you have a raid controller?
<twb> AFAIK Silicon Image only make fakeraid controllers.
<kriel> twb: because it's already set up to mirror the two drives. I think. I went into the sata setup thing and told it to mirror them.
<kriel> is that fakeraid?
<twb> Unless you paid at least $100 (more like $300) for the card, it's fakeraid
<twb> And IMO fakeraid is not worth the hassle -- just use md RAID, which is nicely portable.
<kriel> kay. mdadm it is. but still, I need to get the damn thing recognized first.
<twb> kriel: you should be able to set the controller to "just show the damn disks, you slut"
<Mal3ko> guys how do i display all partitions info of a hd..along with their filesystem, size in gb/mb
<twb> Unless it's a *really* cheap fakeraid controller -- I heard some rumours about some of those not even supporting that.
<Mal3ko> fdisk -l failed
<twb> Mal3ko: that depends on what kind of partitioning you have on the disk, and whether you're using RAID and/or LVM.
<kriel> twb: I'll try that out. I read reviews of this controller working on linux though.
<twb> kriel: just because it works, doesn't mean it isn't fakeraid
<Mal3ko> twb: i need a cmd..
<friartuck> Mal3ko did you sudo?
<kriel> twb: wouldn't i need sata_sil to see the disks in "just show the damned things" mode anyway?
<Mal3ko> or is there some nice tools that could display a complete info of all parttions?
<twb> kriel: that depends.
<Mal3ko> friartuck: i mean fdisk -l didnt display what i want or lack of info
<twb> Mal3ko: /proc/partitions
<Mal3ko> twb, that display just basic info either
<nekostar> is there no openvz for intrepid?
<nekostar> er jaunty i mean
<twb> nekostar: looks like it
<Mal3ko> nekostar..starscalling?
<kriel> twb: ... now it's not booting. -kicks it- I'll just go and buy a mobo with sata instead of dealing with this stupid controller. so much for trying to reuse graveyarded computers.
<twb> Yeh, that's a lesson I learnt the hard way
<twb> My time is more valuable than $200 of new components
<Mal3ko> lol
<kriel> twb: all I want is a freaking file server -.-; and I'm a college student, so $200 is pretty damned valuable. but this is day three of arguing with this bitch of a server.
<twb> kriel: find some Windows gamer that is throwing away near-new equipment, then
<kriel> twb: ... not a bad idea, actually. o.o; especially since my school is in the rich neighborhood.
<twb> Or ask around at your local LUG for the equipment recycling company.
<twb> Here in .vic.au there's a not-for-profit that gets donated old computers, puts linux on them, then sells them very cheaply to low-income types.
<kriel> There's a huuuuuge graveyard somewhere, sells old towers for like $50 each. Not sure where it is, I was tempted to go buy four or five and then resell them to customers who want 'faster' computers (all they really need is a wipe/reload)
<twb> kriel: put their gear in a bigger case, reinstall windows, charge $200? ;-)
<twb> Eh, the real money is in consultancy for software, not hardware.
<twb> And anything that involves dealing with individuals instead of government or large corporations has a shitty ROI.
<kriel> twb: I ususally don't even bother with the new case. XD Just reinstall windows, grab the drivers, install whatever else they happen to have disks/keys for. Comes out to about $70/hr
<twb> That's not bad for a one-man operation.
<twb> You could probably make it faster by automating the Windows and driver install
<nekostar> lmfao
<nekostar> just image fool
<nekostar> total time 12 minutes
<kriel> twb: probably, but I don't do it often. I'm trying to find a way to image windows so that it can deal with resized hard drives
<nekostar> + drivers == 30
<nekostar> use acronis with universal restore
<nekostar> yw
<slestak> +1 acronis
<twb> Bleh, imaging blows for heterogeneous hardware.
<nekostar> now anyone know how to use openvz on the new distro?
<nekostar> not so twb
<nekostar> spcifically acronis with universal restore i said.
<nekostar> do some research its killer
<twb> I'm not familiar with non-Free software, sorry.
 * nekostar shrugs
<kriel> okay, back to Linux now... mdadm is when you set up a raid via the ubuntu install, and is the recommended way to do things unless i'm gonna pay out the ass for a raid controller, right?
<slestak> can fog do this?
<nekostar> i'm familiar with getting the job done quickly
<slestak> or clonezilla?
<nekostar> dont know slestak
<nekostar> if i found something else that would i'd use it ;)
<nekostar> but being able to insert chip drivers and ethernet etc while installing into very different hardware is PIMP
<twb> Regarding OpenVZ, I don't know how you can get it correctly on 8.10 or 9.04, as they don't appear to have patched kernels in the Ubuntu tree.
<slestak> yup
<nekostar> twb yeah i saw the lack of packages just figured maybe i was missing something - thanx
<twb> nekostar: I'm guessing that's Windows-only, though.
<nekostar> bad guess
<nekostar> lol
<nekostar> its not cheap tho
<nekostar> if you intend on paying and all
<nekostar> but you will make it back fast
<nekostar> that 4 hr windows job is done in one
<nekostar> you charge for two
<nekostar> and they effing love u
<twb> nekostar: you can make images of e.g. OpenBSD and while copying the "image" across, change the MAC addresses that it expects for the NICs?
<nekostar> i like to tell them, i would do it here but it takes 4-6 hrs or i can take it home do on my own time for 150
<nekostar> or i can do bulletproof for 300 - reboot to remove virii
<nekostar> twb ive never looked if it could i doubt it
<nekostar> ive not seen an option like that
<twb> nekostar: that's what I meant by "windows-only"
<nekostar> twb
<nekostar> when i say it works
<nekostar> i mean that anything can be copied
<twb> nekostar: that's the case for dd.
<nekostar> so what if ive got to redo one config
<nekostar> no twb dd doesnt do any changes
<nekostar> look
<nekostar> rather than arguing just go dl a damn copy
<nekostar> 1 sec lol
<twb> That would be a violation of copyright law.
<nekostar> mm
 * nekostar shrugs
<nekostar> its POSSIBLY a violation
<nekostar> have you actually read the elua's?
<kriel> !enter | nekostar
<ubottu> nekostar: Please try to keep your questions/responses on one line - don't use the "Enter" key as punctuation!
<nekostar> in any case - it is regular practice to try before buying and i would assume that you would purchase something like that if it did indeed do some nice things
<nekostar> so again sir
<nekostar> rather than quibbling just go check it out
<nekostar> kriel please learn to enable timestamps each line is from a different thought.
<twb> nekostar: EULAs have nothing to do with it.
<nekostar> twb they have everything to do with it
<kriel> yes, but having an entire page prefixed by the word <nekostar> is annoying. There's this thing called a period, you can use it to seperate sentences. Sentences can hold seperate thoughts. See this post for an example.
<nekostar> that IS the liscense as it applies to the user
<nekostar> which is specifically what is broken when copied supposedly
<slestak> nope, the acronis trial is not crippled, (iirc)
<nekostar> ok there you go
<nekostar> DOWNLOAD IT
<nekostar> i'd also like to point out here that YOU were the one suggesting an illegal download
 * nekostar shakes finger at twb
<nekostar> ;)
<twb> nekostar: I just assumed it was illegal to download it, because it's not Free software.
<kriel> so, about mdadm. Is it the preferred form of RAID besides having a hardware raid controller?
<nekostar> twice bad assumptions lol but hey
<twb> kriel: there's not really any "form"; you generally just have either RAID1 (with two disks) or RAID5 (with more than two disks).
<kriel> twb: -nods- Kay.
<twb> kriel: usually you allocate a 256MB sd[ab]1 for md0 for /boot, and the rest (sd[ab]2) for md1 for LVM.
<kriel> twb: I've usually stopped allocating a seperate /boot, it seems superfluous to me since ubuntu works without it. Of course, I'm still a noob in most respects.
<twb> Er, not if you use both RAID and LVM
<twb> Unless you *like* lilo, and your boot breaking when you change extent allocation
<kriel> you... lost me. O.o I just use whatever the ubuntu setup uses to set up raid. It does it automagically for me.
<ajmitch> grub can't read LVM, so you need a separate /boot if you want to use grub, RAID & LVM together
<twb> ajmitch: grub2 can read either LVM or RAID, but not both.  I *thought* that was also the case for grub legacy (which is what Ubuntu uses).
<twb> (Well, technically you can use grub2 with RAID *and* LVM, but you have to manually select the module list.)
<ajmitch> right, I'm just talking about the usual case of what's on the install cd
<twb> ajmitch: well, I *know* d-i won't let you use grub if /boot is on LVM on RAID.  But I don't know if that's an underlying limitation, or if it's imposed by d-i because it's 1) difficult; and 2) stupid.
<twb> Aaanyway
<ajmitch> fairly sure it's an underlying grub limitation still :)
<kriel> it... worked for me before. O.o on 8.10 I had a single partition, set up raid1 using mdadm
<twb> kriel: you probably aren't using LVM
<twb> Grub is too clever for its own good by half.
<ajmitch> raid1 metadata is at the end of the partition, so it can be read just like a normal filesystem, I believe
<twb> ajmitch: yep
<twb> md raid5 is harder, obviously.
<twb> As far as Grub is concerned, a md RAID1 node is just an ordinary filesystem.
<J-_> When I reinstall my server, should I just turn /etc/hosts dhcp to static and leave it as is? Then change the nameservers, commenting out my ISPs nameservers since I'm using afraid.org's services?
<J-_> I'm just doing a basic LAMP installation.
<twb> J-_: er, /etc/hosts contains name information (DNS/LDAP/NIS), not network configuration (DHCP).
<J-_> Bah, I got it mixed up. It's not in front of me
<twb> You can use DHCP without blowing away resolv.conf
<twb> See /etc/dhclient3/dhclient.conf (and its manpage), IIRC
<njustin3000> I have a very small subnet that I would like to set up a server for, for use with my buisness.  Theres only going to be about 15 cliens that will be connecting to it.  I am fairly new at this stuff, so I am wondering what specs I should be looking for when buying my server.  It is going to be hosting a basic webserver and mysql database, and well as being a file backup server for my buisness.
<njustin3000> What should i be looking for?
<slestak> what you just listed isnt too tough of a workload, imo
<njustin3000> its not
<slestak> i like the dell poweredges, you can get them with multiple cpu sockets, and just buy one cpu, yu have room ato add more
<slestak> like a 1950 or 2950
<njustin3000> i would only need one cpu for that tho, right? what about RAM?
<slestak> ram is cheap
<slestak> you can start really low and just plan for growth.  is budget an issue?
<njustin3000> yes
<njustin3000> we've just started using the application we have this past week, and right now Im using my personal PC to run it, but its not really fast.....  and we need a full time one
<slestak> what you listed is not a very tough workload.  if you just need to get started, i wouldnt be afraid of using any p4 or better class machine.  dont load xorg
<njustin3000> i have set up ubuntu-server on it and gotten the webserver and mysql server going, thats not an issue, (I'm just learning all this) I was looking for suggestions as I wouldnt know what kind of server
<njustin3000> but thank you
<njustin3000> p4 class
<njustin3000> ?
<njustin3000> pentium 4?
<slestak> pentium 4
<njustin3000> xD
<njustin3000> thank you
<slestak> if your webapp involves java, all of what i said is off :)
<njustin3000> no java
<slestak> this is a great market to get used hardwar
<pygmalion> best method for virtual domains with ubuntu + postfix/dovecot = mysql?
<njustin3000> its all on computers in my office, I just need server to host database.  I will access it away from the office only like once a week
<slestak> you could break this up on several older machines, run mysql on a diff box than apache
<slestak> really flexible
<njustin3000> yea
<njustin3000> well i only have budget for one small server right now
<njustin3000> its growing, but slow rightn now
<njustin3000> buisness that is
<njustin3000> :P
<slestak> check this out  $329 http://www.dell.com/content/products/RBIredirect.aspx?rbi=EESJuqJJunKzV5pVrEFOw3wYxiHXb2uK9L/JIV67WOU3UkEJeYpQS9tWl0gNmEwJ0Xe8yPZtImZjAj6diHBL4v7McdpLL00EW5bBnT3j/N44Qbm+05flVU1IDkE9WrE8hlQc0U11Jwj62+DdTk1gkShBukZkuBvPsVsTTKrhTNw=
<njustin3000> cool, i just went through that and i wouldnt even change any of those defual options :D
<timburke> lol pentium dualcore
<njustin3000> you said used slestak, like this: ? http://cgi.ebay.com/DELL-POWEREDGE-2650-2U-SERVER-DUAL-2-4GHZ-XEON-RAID-2GB_W0QQitemZ260401449064QQcmdZViewItemQQptZCOMP_EN_Servers?hash=item260401449064&_trksid=p3286.c0.m14&_trkparms=72%3A1234|66%3A2|65%3A12|39%3A1|240%3A1308|301%3A1|293%3A1|294%3A50
<slestak> when i do used, i like to deal locally, that way you can see what your getting.  dell refurbs were reteurned for some reason
<slestak> i'd look at craigslist or find a local hardware reseller.  ive got a good one near me in Michigan that always has good stuff coming off of lease.
<njustin3000> allright thanks :)  im think im going to have to go with used tho
<njustin3000> im in Michigan too
<slestak> cool
<slestak> Grand rapids here.
<slestak> im going to pm you the contact info for my local guy
<njustin3000> ok
<slestak> crap, i dont remember how to do that in irssi
<njustin3000> im about hour away from there
<slestak> come on up for the wmlug meeting tommorrow in Cascade
<slestak> the guy im talking about will prob be there
<slestak> wait, Thirsday night, not Wed
<slestak> Thursday i mean
<njustin3000> wmlug?
<slestak> lets take this to pm, off topic
<njustin3000> ok
<slestak> njustin3000: gl with your venture  our economy needs it
<njustin3000> :D
<slestak> im trying to get nagios working with digest auth.  ive got my htdigest file, but apache is throwing " configuration error:  couldn't check user.  No user file?: /nagios"
<foxbuntu> slestak, does apache have rights to read the htdigest file?
<slestak> my apache conf has "mods-enabled/nagios.conf:       AuthUserFile "/usr/local/nagios/etc/htdigest"" and that is the location of the file
<slestak> good idea
<VK7HSE> foxbuntu: Gah ya bet me to that! :P
<MTecknology> Is this channel being used as a classroom or support room?
<foxbuntu> MTecknology, support
<foxbuntu> VK7HSE, yeah...you'll have that :P
<VK7HSE> ;-)
<MTecknology> foxbuntu: Last I knew that's not what this channel was for
<slestak> foxbuntu: yeah, it does. 640 www-data:nagios.
<slestak> MTecknology: what is the difference?
<MTecknology> That's what #ubuntu and #ubuntu-server are for
<foxbuntu> MTecknology, this is #ubuntu-server
 * MTecknology looks down at the channel name.....
<VK7HSE> Oopps :D
<MTecknology> sorry...
<foxbuntu> MTecknology, at least it wasn't me making the gaff ;)
<foxbuntu> heh
<twb> What's the ldap schema Ubuntu uses by default for unix accounts?
<twb> ISTR it's an RFC, but I can't remember which one.
<foxbuntu> slestak, hrm... ddi you copy paste that autdigest line from your vhost?
<VK7HSE> I've doe the same on a general chat IRC myself !!! (now I don't feel so bad!)
<J-_> http://www.howtoforge.com/perfect-server-ubuntu8.04-lts-p3 Will step 7 mess up the server?
<MTecknology> foxbuntu: this is #23 and the channel I thought I was in was #22
<foxbuntu> MTecknology, tis ok. Everyone makes an oops now and then :D
<MTecknology> :)
<J-_> Should: "127.0.0.1       localhost.localdomain   localhost
<J-_> " be exactly that?
 * MTecknology walks off
<twb> J-_: it'll do
<njustin3000> slestak: so you dont recomend buying used from someone not locally? like ebay: http://cgi.ebay.com/Dell-Poweredge-2650-Dual-XEON-3-2gHz-4GB-Server_W0QQitemZ230338838521QQcmdZViewItemQQptZCOMP_EN_Servers?hash=item230338838521&_trksid=p3286.c0.m14&_trkparms=72%3A1234|66%3A2|65%3A12|39%3A1|240%3A1318|301%3A0|293%3A1|294%3A50
<twb> Hmm, RFC 2307?
<slestak> njustin3000: i wouldnt.  but that is just me.  at least with CL you can see the person your dealing with.
<njustin3000> yes :)
<slestak> foxbuntu: i have to find it.  this was installed by a script for me.
<slestak> its not in sites-enabled/000-default
<foxbuntu> slestak, ah
<slestak> seen EZnag, pretty cool.  nagios, perf2rrd, nagvis, soup to nuts
<J-_> Guess I'm gonna go to sleep on that then, and wake up and try to get my server going again. Once it's up, i'll be sure to copy the configuration files, I'm not going through this bullcrap again.
<captainkirk> i just bought a used dell 2650 via ebay, and it has a EMS error on boot.  Techinically it still works, but its useless as it required user input every time it boots.....  so try b4 u buy
<slestak> would it def be in /etc/apache2/* soewhere, or could the vhost info be in the cgi-bin stuff in /usr/local/nagios?
<foxbuntu> captainkirk, I bought a HP DL380 on ebay no long ago and havent had a lick of trouble with it
<foxbuntu> slestak, it should be, but might be symlink'd or configured elsewhere
<slestak> let me grep over there
<captainkirk> foxbuntu, i also have purchased many IT items via ebay with exceptional results, but this time.... not so lucky i guess  anyway was not a lot of money
<slestak> maybe that is the issue.  i cannot find a line like that.
<foxbuntu> captainkirk, indeed, but you can end up with that on any used system
<slestak> new too, but at least you have a leg to stand on dealing w a business
<foxbuntu> slestak, its gotta be configured somewhere for apache to complain about it
<captainkirk> foxbuntu, i guess what i am saying is that if i was able to power it on and test it prior to purchase, i would not have purchased it :)
<slestak> is there a good livecd for testing a used pc?
<foxbuntu> captainkirk, yup..im just driving at not making broad statements and generalizations about IT, nothing does what its supposed to all the time ;)
<slestak> im going to look back at my screen scrollbackand see if i see any output wrt digest
<captainkirk> foxbuntu:  even me :P
<foxbuntu> captainkirk, nor me :)
<VK7HSE> captainkirk: is all the firmwares/bios... current ???
<captainkirk> VK7HSE: i have updated the bios to the current version.  I received an error when trying to update the EMS bios, but the sticker on the EMS card shows the current bios version anyways....
<slestak> is there a handy way to get a whole conf file in your buffer (for pasting at pastebin) without haveing to make 4 passes for each screen?
<slestak> can i direct stdout to clipboard?
<VK7HSE> captainkirk: just a thought!... my server here was being tossed from my former employer, all it needed was some TLC! and now its mine! :D
<foxbuntu> slestak, cat /etc/file | pastebinit
<slestak> captainkirk: is that card expensive?  replaceable>
<mattt> pastebinit ... neat :)
<slestak> http://pastebin.com/f10e0bfdc
<slestak> the AuthName directive is capfirst.  wonder if that should be lower case
<captainkirk> slestak: not sure, have not looked into it yet...
<slestak> pastebinit is cool.
<foxbuntu> slestak, like that eh?
<slestak> excellent use of some python
<VK7HSE> captainkirk: I just googled your issue, this may help... http://en.community.dell.com/forums/t/19178632.aspx
<cvw> I currently have Ubuntu Server 8.04 installed, and I'd like to update to 9.04.  Is there a proper way to do this without editing sources.list?
<captainkirk> VK7HSE: looking now
<foxbuntu> cvw, sudo apt-get update && sudo apt-get do-release-upgrade
<slestak> dont forget the backup
<slestak> any of you guys use screen at your sites with non-technical users?
<cvw> foxbuntu: already tried both, tells me "No new release found".  lsb_release -a tells me I am running 8.04.2
<slestak> gnu screen?
<njustin3000> slestak: I have a great* deal on a '07 Dell PC, but with adequate RAM and CPU speed, possible to go with that?  I mean, a personal PC for what im using it for should be fine, i dont really need* a server, right?
<VK7HSE> njustin3000: it all really depends on what your wanting to do with it...
<slestak> yeahyou can always scale up if needed
<foxbuntu> cvw, perhaps try sudo do-release-upgrade -p
<njustin3000> ok, I mean theres really no difference,  PC isnt stackable, but theres only one, and my serverload is extremely small anyway
<slestak> what you ge with servers is sometimes redundant power supplies, better disks systems, raid controllers
<cvw> foxbuntu: still no new release found
<foxbuntu> cvw, perhaps try sudo do-release-upgrade -d
<cvw> aha, now we have something
<VK7HSE> cvw: your release will be locked to LTS versions only....
<slestak> foxbuntu: does he have to tell, man, i was abt to type that
<foxbuntu> VK7HSE, yeah...forgot about lts
<cvw> I'm quite OK with LTS
<slestak> stoopid netbook keyboard.  too small to type well on
<foxbuntu> cvw, then why are you upgrading?
<VK7HSE> slestak: he he I have that problem too !! :P
<foxbuntu> cvw, 8.04.2 is LTS
<slestak> gotta be screen-profiles
<slestak> thats the killer app
<slestak> VK7HSE: what you using, mini9 here
<cvw> hrm, apparently I've been misinformed on 9.04
<cvw> ctrl-c and time to write an email
<VK7HSE> I have an Eee701 (not currently using it as it's alias is VK7HSE-Eee)
<foxbuntu> cvw, someone tell you 9.04 was LTS?
<cvw> yessir
<foxbuntu> whoops
<cvw> should've done my hw first though
<foxbuntu> always :)
<cvw> backups ftw :)
<slestak> when are we due another lts?  2011?
<foxbuntu> 2012 i thinks
<VK7HSE> the next LTS will be 10.04
<foxbuntu> oh right
<foxbuntu> they over lap
<foxbuntu> 8.04 lts goes out of support in 2012 right?
<VK7HSE> remember for LTS the desktop has a 3yr life & server has a 5yr life
 * foxbuntu is not thinking tonight obviously
<slestak> on my htdigest issue, i have a Limit directive. "Require valid-user"
<foxbuntu> k
<slestak> id reports nagios is a valid user
 * VK7HSE I'm surprised I remembered !!!
<VK7HSE> slestak: that still sounds like a permission thing...
 * foxbuntu agrees
<VK7HSE> slestak: But I'm sorry I don't have an answer for you!
<cvw> ok guys, ty for your help. o/
<slestak> thx, hmm.
<slestak> well, its 1:30am here.  thinki'll research it later
<slestak> thx also
<VK7HSE> slestak: Ahh good another person who believes in not going to bed the same day you get up !!! :P
<mattt> um?  :)
<slestak> cant say i'll work on it tomorrow, that means taking a day off
<slestak> gnite guys
<twb> VK7HSE: how does Canonical distinguish between LTS being used as a desktop vs. server?
<twb> VK7HSE: they're both just packages from main, and I thought "support" meant support for anything in main.
<VK7HSE> twb: in your /etc/update-manager/ there's a file there called release-upgrades it's specified there...
<twb> VK7HSE: sorry, I don't understand that file at all.
<twb> I've never used anything called "release manager"; only aptitude and friends.
<twb> What I'm saying is that after the three-year EOL of "LTS desktop", how do I know which packages from main that I have installed, are supported by Canonical as part of the remaining two years of "LTS server" support?
<VK7HSE> twb: this relates to do-release-upgrade  normal = releases every 6 months (eg, 8.10 9.04) lts = 6.06 8.04 10.04)
<twb> Per your comment of 15:26 <VK7HSE> remember for LTS the desktop has a 3yr life & server has a 5yr life
<VK7HSE> twb: security updates are discontinued for them after this time period...
<twb> Security updates of what?
<VK7HSE> twb: all packages in the repository for that version...
<twb> VK7HSE: that doesn't make any sense.
<twb> "all packages in the repository" is the same for both ubuntu-desktop and ubuntu-server.  So how can they have a different lifetime?
<VK7HSE> twb: although a little dated this should explain a little...  http://ubuntuforums.org/showthread.php?t=578014
<twb> VK7HSE: that article does not say anything about five-year releases.
<twb> Sorry, it doesn't say anything about five-year *lifecycles*
<VK7HSE> twb: ok try this.. https://wiki.ubuntu.com/Releases
<twb> Huh, OK.
<twb> So now I believe that you're reporting the truth, but I still don't understand it :-)
<maxb> This is a good point, I don't think I've ever seen a precise definition of which packages fall into the "Desktop" and "Server" categories for LTS purposes
<maxb> I mean, it's probably a safe bet that if it needs X, it's Desktop
<twb> maxb: that's why the distinction sounds like a crock of shit to me.
<twb> But now I suspect it's Canonical PR bullshit rather than some guy on IRC being wrong :-)
<foxbuntu> hmm, intresting, that wiki is out of date
<twb> My default assumption is that there will be <codename>-security updates for an LTS release up to the date that the next LTS release ships
<twb> So e.g. 6.06 was supported until April 2008, and after that you're on your own as far as security updates go.
<twb> (Of course this is only for 'main' -- universe is always "you're on your own".)
<VK7HSE> twb: So you don't upgrade your distribution is that the problem ? Now I don't quite understand  what you mean... :-/
<twb> VK7HSE: my point is that there is no clear distinction between "LTS for desktops" and "LTS for servers"
<VK7HSE> twb: What in the repositories ???
<twb> VK7HSE: anywhere.
<VK7HSE> twb: Ok... well I can only go be the information that is distributed! But there has to be a way of defining the "difference" or such information would not exist!  ;-)
<twb> VK7HSE: unless Canonical are lying.
<foxbuntu> twb, how is there not a distinction?
<twb> foxbuntu: do you have contradictory evidence?
<foxbuntu> twb, what are you asking for?
<twb> foxbuntu: https://wiki.ubuntu.com/Releases says "Ubuntu LTS releases are supported for 3 years on the desktop, and 5 years on the server."
<twb> foxbuntu: what is the distinction between desktop and server?
<VK7HSE> twb: the only way that I know that defines a LTS from a normal release is via the /etc/update-manager/release-upgrades
<foxbuntu> twb, kernels
<foxbuntu> twb, and backports
<VK7HSE> twb:  and by uname -a
<twb> foxbuntu: how did you determine that?
<VK7HSE> twb: or lsb_release -a
<twb> (I assume by backports you mean -updates.)
<foxbuntu> twb, determine what?
<foxbuntu> twb, no I mean backports
 * VK7HSE Now feel this is a pointless debate! ;)
<twb> foxbuntu: how did you determine that the above quoted text means that the three-year lifecycle is for -desktop kernels, backports (whatever that means) and nothing more (or less)?
<twb> VK7HSE: it's not pointless -- how do I know whether, for example, vim will receive 5 or 3 years of support on LTS?
<twb> !backports
<ubottu> If new updated Ubuntu packages are built for an application, then they may go into Ubuntu Backports. See https://help.ubuntu.com/community/UbuntuBackports - See also !packaging
<foxbuntu> twb, its the defined life cycle of the product, new patches and backports for the core Ubuntu (ie 'main' repo) will be supported to that release until its EoL in 3 or 5 years
<twb> foxbuntu: I don't understand.
<foxbuntu> twb, ok...think of it like this
<foxbuntu> twb, windows xp has been around for 5 years+ now, windows update still provides security patches for it
<twb> If I apt-get install vim, I get the same thing regardless of whether I installed my OS from ubuntu-server LTS or ubuntu-desktop LTS.
<twb> So how can it have a different EOL on those two systems (-server and -desktop)?
<foxbuntu> twb, Ubuntu 8.04 will have that same level of support for the repos pertaining to the desktop based kernels (i.e. -generic, -i386, -amd64 ect) for 3 years from its release, and like wise the server based kernels (ie -server ect) will have main repo support for 5 years for its original release
<foxbuntu> twb, because the packages in the repos get built for the kernels
<foxbuntu> twb, at EOL they stop being built in and provided in the 'main' ubuntu repo for those kernels
<twb> Er, that's patently false.  There isn't a different vim .deb for the -server and -generic kernels.
<twb> If there was, there'd have to be a different deb entries in sources.list for -server as compared to -generic
<foxbuntu> twb, while it may have the same code and same version, its built for the kernel and arch
<twb> foxbuntu: then where is the -server variant of the vim .deb for 8.04 i386?
<foxbuntu> twb, I think you need to see the debian/control file in a source package to understand
<twb> I'm a DD.  I understand how debian/control works.
<foxbuntu> twb, have you ever built in a ppa before?
<twb> If you're talking about Architecture: any, that is *just* the CPU architecture.  It has nothing to do with the kernel.
<twb> Not a launchpad ppa, no.
<twb> I assumed we were talking about official ubuntu packages, since we're talking about official Ubuntu support.
<foxbuntu> twb, its the same type of build system
<foxbuntu> twb, for Mythbuntu we build packages in the LP PPAs all the time and then have canonical spin our isos
<twb> foxbuntu: what does that have to do with LTS support?
<foxbuntu> twb, LTS support is a commitment and process
<foxbuntu> its not actually in the packages
<foxbuntu> I think you are confused on two seperate issues
<foxbuntu> twb, you think canonical is lying about LTS existing?
<foxbuntu> thats its just marketing fluff?
<twb> No, I think they're lying about there being a distinction between LTS support "for desktops" and LTS support "for servers".
<twb> That is, about them being different.
<twb> Or less emotionally, that the distinction is ill-defined.
<foxbuntu> well the line is gray because there is allot of overlap in the two, but there is a distinction
<twb> So *effectively* most of the LTS desktop has a five-year lifetime?  That it's only a few desktop-specific packages like the kernel and kernel modules, that are EOLd after three years?
<foxbuntu> twb, take the desktop kernel for example, when it goes EOL no more security updates and so fourth will be provided for it
<foxbuntu> twb, I wouldnt say most
<twb> Would, say, gedit continue to receive security updates in the fourth year?
<foxbuntu> twb, but some yes, anything that is included in the -server distro main repos
<foxbuntu> twb, likely not, because gedit is not part of -server
<twb> foxbuntu: nor is vim
<twb> Suppose that it's the end of the third year.  How can I audit my server and find out which packages, if any, I'm using will stop being supported?
<twb> Even better, how can I make apt-get TELL ME when I'm trying to install a package on my server that will not receive five years of support?
<twb> If this distinction wasn't just marketing crap, I'd expect corporates to be clamouring for that information.
<foxbuntu> twb, I think if you want the intimate details of that, you might want to talk to someone that works for canonical
<twb> I wouldn't have called that "intimate" detail, but fair enough.
<foxbuntu> twb, easiest way is to see if a package is in main/universe/multiverse, ect
<twb> foxbuntu: LTS does not extend to anything but main, AFAIK.
<foxbuntu> right
<twb> packages in universe don't get security updates at all.
<twb> Therefore that is not an accurate test.
<foxbuntu> it rules out allot of packages that will/wont be supported in your audit
<twb> AFAICT I can't safely install anything but packages from main on my security-conscious servers, and as I can't tell what packages *in* main will receive five year support, I have to assume that none of them do.
<foxbuntu> twb, I dont think thats a fair assessment of LTS packages, there are processes in the background (that some at canonical could prob shine a light on) that allow for the LTS to work.
<foxbuntu> however, I have used up all my time for the night...so Im off. Hope you find the answer you are looking for.
<a|wen> twb: http://tw.archive.ubuntu.com/ubuntu-releases/hardy/ubuntu-8.04.2-server-i386.list ... all the udeb files on that list is on the cd; so those packages is at least part of the server release
<twb> a|wen: udebs are only used in the ramdisk during installation.
<twb> a|wen: they are never installed onto a disk
<a|wen> twb: i know, but they have .deb equivalents ... it was just for looking at the name
<a|wen> twb: i suppose you are looking for this script: http://www.mail-archive.com/ubuntu-server@lists.ubuntu.com/msg02334.html
<a|wen> twb: https://launchpad.net/ubuntu-maintenance-check
<twb> Thanks.
<a|wen> that should enable you to check the support status of all packages on the server
<twb> That works quite well, thanks
<a|wen> np ... that one should really be easier available somewhere
<uvirtbot> New bug: #369088 in mysql-dfsg-5.0 (main) "install crashes while adding mailody software" [Undecided,New] https://launchpad.net/bugs/369088
<twb> a|wen: it should be set up like vrms on Debian
<twb> i.e. a cron job that each month warns you if any installed packages will become unsupported in the next (say) month.
<durt> anybody get boot logging to work
<durt> ?
<a|wen> twb: just having it installed as default on the system would be a good start ... but a quick wrapper around that script should be able to provide that
<twb> I intend to set one up internally, anywya
<twb> durt: what do you mean by "boot logging"?
<durt> getting /var/log/boot to be used, ie. userspace boot logging
<twb> Why would there be a /var/log/boot when that isn't defined in syslog.conf?
<durt> it used to be used by bootlogd.
<twb> Never heard of that.
<twb> Just syslogd and klogd
<_ruben> bootlogd has been broken for a long time now i think
<T-Hawk> hey ppl... yesterday amavis started sending me updates every 3 hours like this: bayes: synced databases from journal in 0 seconds: 298 unique entries (717 total entries)
<T-Hawk> i've looked in the cron job, and in amavisd-new-cronjob and it should pipe stdout to /dev/null, anybody know how i can get rid of these messages?
<AlexC_> g'morning
<AlexC_> I've got a very odd problem with curl/wget - they will just sit there for certain domains waiting for a response. They do connect perfectly fine, just never ever get a response, because of this I also can't update via apt-get update or aptitude (same issue, I assume they use wget/curl internally)
<AlexC_> I can telnet into the domains on port 80, I can traceroute, ping etc. The sites are up and running, can verify this from other computers. Just this just server has decided enough is enough and given up
<uvirtbot> New bug: #369090 in samba (main) "smbd and nmbd wont run" [Undecided,New] https://launchpad.net/bugs/369090
<uvirtbot> New bug: #246314 in dhcp3 (main) "NTP doesn't update DHCP client configuration" [Undecided,Fix released] https://launchpad.net/bugs/246314
<ZipmaO> Hi, some ubuntu webserver admins here?
<ZipmaO> I'm a bit curious about web host setups
<ZipmaO> Not the usual LAMP setup but as a web host provider
<AlexC_> ZipmaO, do you have a more specific question?
<Doble> hey folks, im trying to get apache working and am having a problem with my virtual server, I have set it up on port 12341 but when I go to http://192.168.2.10:12341 I recieve a connection failure message. My other default site works fine, can anyone help? it's probably something simple I'm missing ...
<andol> Doble: Have you changed everywhere you should. Except the global apache settings (usually set i ports.conf) there are usualy also port settings in your vhosts.
<andol> Doble: By the way, I'm on my way out for lunch now, so I probably won't respons to any follow up questions right away.
<Doble> andol: thanks i will check now
<Doble> andol: great, I checked the config files and it seems webmin didn't add the port to the ports.conf file for some reason ... this is why I hate webmin!! cheers!
<AnAnt> Hello, is there a tool that eases configuration of an LDAP server ?
<AnAnt__> Hello, is there a tool that eases configuration of an LDAP server ?
<andol> Doble: If you hate Webmin, why do you use it? :)
<andol> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system. See !ebox instead.
<AnAnt__> !ebox
<ubottu> ebox is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/eBox
<Doble> andol: thanks, i wasn't aware of that ... I used webmin because I am looking for a way to host sites for clients, and have a managable interface for them to use to manage their virtual site in apache. I was hoping webmin/usermin would be the answer
<Doble> im trying to keep it as simple as possible though, and i find that most web interfaces give me too many options and choices, when all i want is simplicity
<Doble> i find it easier to work with the shell!
<andol> Doble: Perhaps ISPConfig is what you'r looking for? (Heard about it, no personal experiences)
<AnAnt__> can ebox configure ldap service ?
<AnAnt__> oh, it does
<AnAnt__> thanks
<Doble> andol: thanks, I am looking at it now
<mrwes> I've install the unattended-upgrades packaged and edit the conf file for security updates only -- do I need to do something else to enable it to run? Does it get invoked from cron.daily?
<AnAnt> Hello, ebox is not installable in Intrepid, is there a way around that ?
<mrwes> I've install the unattended-upgrades packaged and edit the conf file for security updates only -- do I need to do something else to enable it to run? Does it get invoked from cron.daily?
<dayo> i've set up and ldap server, setting up and nfs server, and want my nfs clients (which will automount from the nfs) to authenticate via ldap. following this guide, where do i run the installation of the ldap auth modules?  https://help.ubuntu.com/community/LDAPClientAuthentication
<dayo> setting up an* nfs server
<sommer> dayo: on the clients
<dayo> sommer: i need to install the ldap stuff on the clients? not the ldap server or the nfs server? is that right?
<sommer> dayo: here's a link to the server guide section on LDAP: https://help.ubuntu.com/9.04/serverguide/C/openldap-server.html
<sommer> dayo: basically you setup an ldap server, then each client needs the libnss-ldap, libpam-ldap, etc to authenticate to the LDAP server
<sommer> dayo: there's a subsection on client authentication towards the bottom
<Fumoh> hi!
<_ruben> bye? ;)
<dayo> sommer: great, thanks a lot. :-)
<sommer> dayo: np, if you have specifc issues feel free to ask
<Fumoh> Anyone know what I can do if I get a segfault trying to su/sudo?
<Fumoh> I've never had this happen before... everything else (generally) works, but I can't elevate my rights or log in as root.
<IvanCostaJr> Hello, guys!
<IvanCostaJr> Is there anybody here that can help me with some Samba problems?
<dayo> sommer: i got a 'command not found' error for `sudo pam-auth-update`
<IvanCostaJr> It's my first time with Ubuntu server (I've been used openSUSE...)
<dayo> sommer: i'm doing this on hardy, btw.
<dayo> IvanCostaJr: hi
<IvanCostaJr> Hi, dayo.
<sommer> dayo: ah, then pam-auth-update won't work :-)
<sommer> dayo: the Intrepid instructions should work with hardy though: https://help.ubuntu.com/8.10/serverguide/C/openldap-server.html
<dayo> ok, i'll try those
<IvanCostaJr> I have a big problem with Samba shares. Yesterday nobody can have access to the shares. Now, after I create some users with disable login in group USERS, everybody gets access to all shares.
<sommer> dayo: the server instructions are slightly different as well... hardy uses /etc/ldap/slapd.conf instead of cn=config, so you might want to use the hardy section for the server setup
<IvanCostaJr> Seens that samba isn't respect the "write list"
<dayo> sommer: damn. ok, then
<dayo> i wonder what impact that's gonna have when upgrading to the next lts
<sommer> dayo: should be migrated fine... the migration from hardy to intrepid worked fine with slapd
<J_P> default ubuntu-server is now amd64. why?
<dnaumov> heh, minimal jeos installation doesnt have "man" but still manages to take 500mb of space, way to go
<incorrect> I am looking for a console tool to give me network info
<incorrect> i used to use something, but i can't remembers its name
<dayo> incorrect: iptraf?
<incorrect> thanks
<incorrect> i tried iftop that is pretty cute
<dayo> incorrect: i use iftop, too
<dnaumov> picking installing "openssh server" installs x11-common.....
<Kamping_Kaiser> dnaumov, yes, its a set of keymaps (and various bits)
<uvirtbot> New bug: #369133 in squid (main) "Squid does not reload when DNS settings change" [Undecided,Incomplete] https://launchpad.net/bugs/369133
<uvirtbot> New bug: #369197 in openldap (main) "error installing SLAPD" [Undecided,Incomplete] https://launchpad.net/bugs/369197
<RoAkSoAx> o/ ivoks
<ivoks> RoAkSoAx: hi
<RoAkSoAx> ivoks, how's it going?
<ivoks> RoAkSoAx: trying to clean up some bacula bugs... hopefully, i'll nail 10 of them in one go :D
<RoAkSoAx> awesome
<RoAkSoAx> ivoks, i've made you admin of ubuntu-ha in launchpad.. and btw.. how do you think we should handle membership?
<ivoks> after that i'll take a look at ubuntu-ha bugs
<ivoks> i think it would be better to leave it open
<ivoks> we don't have any special privileges, so it isn't a threat to... anything :)
<RoAkSoAx> ivoks, ok
<RoAkSoAx> ivoks, i guess that at the UDS you'll present the idea of creating a ubuntu cluster stack based in linux-ha + heartbeat
<RoAkSoAx> oh and btw.. the launchpad list has been created
<ivoks> RoAkSoAx: yes
<RoAkSoAx> ivoks, awesome
<uvirtbot> New bug: #369274 in liferea (universe) "Liferea did receive signal 11 (Segmentatiefout). (dup-of: 286119)" [Undecided,New] https://launchpad.net/bugs/369274
<RoAkSoAx> ivoks, btw... would you be interested in being a motu mentor?
<ivoks> i could try... i'm not that great in packaging, but i could try :)
<ivoks> too many 'i could try'
<RoAkSoAx> ivoks, but you are a motu... so you do have experience... cuz.. i was about to ask again for a motu mentor
<ribo> anyone using UML get this when starting the VM: Kernel panic - not syncing: Operation too long
<ribo> oh. buggy UML + COW
<ribo> lame.
<hollman> hello all, i have a question, recently i install u server 9.04, and i goin to install apache2 php2 and mysql-server-5.0, the apt installme too postfix
<ivoks> probably php5, not php2
<ivoks> you've probably installed something else too, cause none of lamp packages pools mta
<ivoks> hollman: ^^
<hollman> ivoks, :P php5
<hollman> but i dont install more, only this packages,
<ivoks> try removing postfix
<ivoks> it will tell you that it needs to remove the package that depends on it
<ivoks> that way you'll know which one pulled postfix
<ScottK> ivoks: Even better is aptitude why postfix
<hollman> ivoks, y remove postfix manually ..., well i have one more question
<ivoks> ScottK: or that :)
<hollman> y installed mysql-server-5.0 and later i install mysql-server, this p[ackage install me mysql-server-5.1 and i have some problems :S
<jmedina> ScottK: good aptitude tip :D, I was just about asking about a similar feature :)
<ScottK> There is also whynot
<ScottK> Those are the only things I use aptitude for.
<jmedina> Im not used to aptitude because I can write apt-get faster :(
 * a|wen notes aptitude mark-auto
<ivoks> mysql-server installs mysql-server-5.0, not 5.1
<ScottK> I rather prefer apt-get's approach of giving up when it's too hard to aptitude's I'll try anything no matter how insane as long as it gets me there approach
<a|wen> pay attention when aptitude starts asking you question ...
<hollman> i try to resolv the problems with sudo apt-get -f install and Ubuntu show me this error
<hollman> Aborting downgrade from (at least) 5.1 to 5.0.
<hollman> dpkg: error al procesar /var/cache/apt/archives/mysql-server-5.0_5.1.30really5.0.75-0ubuntu10_i386.deb (--unpack):
<hollman>  el subproceso pre-installation script devolviÃ³ el cÃ³digo de salida de error 1
<hollman> Se encontraron errores al procesar:
<hollman>  /var/cache/apt/archives/mysql-server-5.0_5.1.30really5.0.75-0ubuntu10_i386.deb
<hollman> E: Sub-process /usr/bin/dpkg returned an error code (1)
<jmedina> a|wen: I think that is one of the reasons I prefer apt-get
<a|wen> jmedina: well, aptitude was the only way i got rid of gnome again (after fluxbox pulled it in)
<MagicFab> hollman, remove 5.1 first
<hollman> MagicFab, if impossible "i think" because the apt and aptitude show me a dependencies error
<MagicFab> paste the error here ?
<MagicFab> the error you pasted before is not dependencies.. also check you free space (sounds obvious but..)
<hollman> in a pastebin, its to long
<hollman> MagicFab, http://ubuntu.pastebin.com/d6bb44311
<MagicFab> remember the "pastebinit"package is your friend :)
<mrwes> I installed the unattended-updates package and uncommented         "Ubuntu hardy-security"; is there something else I need to do to make this run?
<RoyK> hi all. I'm looking for a way to setup an automated install of certain servers. We have some researchers that need a certain set of packages ranging from imagemagick to scipy and there's quite a few of them. Is there a way to create a custom, automated installation like that easily?
<hollman> MagicFab, http://ubuntu.pastebin.com/m670b67c9
<MagicFab> RoyK, take a look at ubuntu-vm-builder (if you want to use VMs).
<MagicFab> or use preseeding if installing on baremetal... which one do you want ?
<RoyK> MagicFab: mostly bare metal
<RoyK> some VMs as well on xen
<MagicFab> hollman, first sudo apt-get remove --purge mysql-server-5.0
<hollman> MagicFab, the second pastebin ;)
<MagicFab> hollman, yes I am looking at that one
<RoyK> MagicFab: but not these boxes, really, those researchers drink cpu time like a drunk
<MagicFab> RoyK, so which is it ?
<RoyK> amd64 iron
<MagicFab> RoyK, this may get you started: https://help.ubuntu.com/9.04/installation-guide/amd64/automatic-install.html
<RoyK> some 50 researchers doing all sorts of mathematical models for air and whatnot research
<RoyK> MagicFab: thanks
<MagicFab> RoyK, I'd advised practicing on VMs :)
<RoyK> well, of course
<RoyK> :)
<RoyK> or some test box
<MagicFab> also check this for easy(er) vm testing: http://people.ubuntu.com/~kirkland/ubuntu-vm-builder.html
<MagicFab> try it, you may change your mind and *only* provide access to a bigger box with only VMs :)
<RoyK> is that usable for installing on real iron?
<RoyK> MagicFab: not really - most boxes we setup these days have a minimum of two cores, and the overhead for virtualizing SMP systems are too high a price to pay
<RoyK> s/are too/is too/
<MagicFab> Your host could be 8.04 LTS
<RoyK> we're only running 8.04LTS atm
<RoyK> on servers, that is
<MagicFab> correct, LTS host, other version guests.
<RoyK> on workstations, we're using whatever the user wants
<uvirtbot> New bug: #369413 in nagios3 (main) "submit_check_result script fails when called by another script" [Undecided,New] https://launchpad.net/bugs/369413
<RoyK> MagicFab: if you have a hundred servers, you want to stick to something _stable_
<MagicFab> hollman, what's up
<RoyK> we have a couple of hundred
<MagicFab> RoyK, all bare metal ?
<RoyK> most of them
<hollman> MagicFab, http://ubuntu.pastebin.com/m57bef788
<RoyK> some virtual solaris zones, some xen stuff, but mostly bare metal
<MagicFab> Then PXE + kickstart + MAC address-based seeds would make sense
<RoyK> that's what I was thinking about... :)
<MagicFab> I haven't done it myself but I know it's part of the labs we prepared for the Ubuntu Server course
<RoyK> ok
<RoyK> I'll just boil down the requirements to a minimum, I guess, and make that a standard
<MagicFab> Start from the docs I pointed - we also have a whitepaper on mass deployment.
<RoyK> MagicFab: I haven't setup automated installs since redhat 7.2 or something
<MagicFab> Sadly, we need to know who you are :) -> http://www.ubuntu.com/contact/whitepaper
<MagicFab> *discalimer* I am employed by Canonical - don't get the wrong impression ;)
<RoyK> do you work for Canonical?
<MagicFab> disclaimer*
<RoyK> ok
<MagicFab> Also take a look at OEM mode installs on server - it's new in 9.04: https://wiki.ubuntu.com/OemConfigServer
<RoyK> sorry - need 8.04 for this
<ivoks> kickstart + preseed
<RoyK> servers tend to last for some time
<ivoks> + apt-cacher on server
<RoyK> I think the oldest boxes we have running are a Sun Ultra 5 and an Ultra 450
<RoyK> that stuff is in production
<RoyK> MagicFab: see pm, please
<MagicFab> ivoks, apt-cacher-ng
<ivoks> MagicFab: what's the diff?
<RoyK> btw
<RoyK> after registering, http://www.ubuntu.com/contact/whitepaper-thankyou turns up an empty page
<ivoks> mathiaz: could you create ppa for ubuntu-bacula?
<MagicFab> ivoks, rewritten, optimized
<ivoks> MagicFab: so, buzzwords :D
<MagicFab> RoyK, heh - interesting.
<MagicFab> ivoks, don't take my word. Check.
<ivoks> MagicFab: i was kidding
<mathiaz> ivoks: sure
<mathiaz> ivoks: I wonder if you'd be interested in being an administrator of the team?
<Knirgh> Hey, i'm setting up ubuntu server atm and going to need some guidance
<ivoks> mathiaz: yes :)
<mathiaz> ivoks: hm - I can't do that
<mathiaz> ivoks: Only the administrator of the team can do it
<MagicFab> ivoks, I wasn't :) hard to tell but I am using it without problems for a few months now
<mathiaz> ivoks: hm -only the team owner
<ivoks> mathiaz: well, you are an admin
<ivoks> oh
<ivoks> i'll contact kern
<Knirgh> What's the best bet at the moment, ext3 or ext4?
<mathiaz> ivoks: what would be the PPA short description?
<ivoks> mathiaz: Testing packages ?
<mathiaz> ivoks: done
<ivoks> mathiaz: thank you!
<ivoks> hopefully, i can upload there :)
<MagicFab> hollman: remove mysql-server
<hollman> MagicFab, the same error
<IvanCostaJr> Hi, guys!
<hollman> cogito@server:~$ sudo apt-get install mysql-server
<hollman> Leyendo lista de paquetes... Hecho
<hollman> Creando Ã¡rbol de dependencias
<hollman> Leyendo la informaciÃ³n de estado... Hecho
<hollman> mysql-server ya estÃ¡ en su versiÃ³n mÃ¡s reciente.
<hollman> Tal vez quiera ejecutar `apt-get -f install' para corregirlo:
<hollman> Los siguientes paquetes tienen dependencias incumplidas:
<hollman>   mysql-server: Depende: mysql-server-5.0 pero no va a instalarse
<hollman> E: Dependencias incumplidas. Intente 'apt-get -f install' sin paquetes (o especifique una soluciÃ³n).
<MagicFab> hollman, REMOVE
<hollman> :-o, done
<mrwes> I installed the unattended-updates package and uncommented         "Ubuntu hardy-security"; is there something else I need to do to make this run?
 * jmedina doesnt trus in unattended-updates
<jmedina> *trust
<mrwes> that's another discussion
<mrwes> I don't get to worried on the security updates only
<Knirgh> Can anyone help me with setting up a FTP server with accounts locked to /var/www? I'm very new at this
<mrwes> I believe it's default now in Ibex and up
<rjune> I have a handful(10 or so) of ubuntu systems locally, I would like to self host the jaunty repositories. Is there an easy way to do this short of mirroring the entirety of  http://us.archive.ubuntu.com/ubuntu/pool ?
<MagicFab> hollman, remove any affected packages one by one... then install mysql-server, see what happens - come back and tell us :)
<MagicFab> rjune, are you wanting to save bandwidth or anything else more involved (such as complete offline access to all packages) ?
<hollman> MagicFab, i do that, thanks
<hollman> i'll be right back
<rjune> want to save bandwidth and want to have everything locally for complete offline access.
<rjune> I thought it would be trivial to do, but was surprised to find all updates coming from /pool
<MagicFab> rjune, one way to quickly save bandwidth is setting up one of those machines as a package cacher. apt-cacher-ng will do that.
<rjune> then point the others to it.
<rjune> not quite what I was looking for, but probably good enough.
<MagicFab> look at all the apt- related packages, many will help with offline access caching, proxying etc.
<slestak> i am looking at kpass methods of making a keytab enable AD auth to apache on a couple of ubuntu server machines.  The keytab that is created on the domain controller, can that keytab be exported to several webservers, or is a diff one needed for each apache install?
<hollman> MagicFab, i remove all the packages one by one
<hollman> i y have this problem
<hollman> http://ubuntu.pastebin.com/m6060acb3
<MagicFab> Did you update before attempting the reinstall ?
<MagicFab> and I'd dpkg --configure -a too
<RoyK> anyone that knows a good way to solve single sign-on and file services between linux, solaris and windows?
<RoyK> I thought of using LDAP, but will this work with NIS?
<RoyK> no
<RoyK> not nis, nfs
<rjune> RoyK, yes, LDAP + NFS works
<rjune> LDAP + SMB works.
<rjune> LDAP or NIS are \almost required when using NFS
<RoyK> ok, so using a win2k8 server in the center and clients and servers around?
<RoyK> I don't know much about how NFS auth works, sorry, I'm new at this
<rjune> are you using NFS in this setup?
<rjune> or are you using SMB?
<RoyK> we have a bunch of clients on solaris, linux and windows, and the same mix with the servers
<RoyK> the unices use nfs
<rjune> uhhh...Hrm.
<rjune> I *think* MS used to support unix attributes in AD. You might look into that.
<rjune> Services for  Unix or some such IIRC
<rjune> that would likely be easiest.
<RoyK> what unix attributes will I need?
<rjune> uid, gid, passwd, home dir
<rjune> You're new to unix, eh?
<RoyK> right
<RoyK> nah
<RoyK> been working with unix systems daily since 1998 or so, but I'm quite new to ldap in unix
<rjune> if you can't do that... you might be able to get away with winbindd on one system and have it update an LDAP store.
<RoyK> hrmf
<rjune> basically, once NFS comes into the mix, you need to make sure uid and gid are the same across systems
<RoyK> ok
<rjune> which is where LDAP or NIS looks good
<RoyK> seems unix attributes should be part of AD
<rjune> different systems with different concepts of users.
<RoyK> I know, but we have a LOT of different users
<slestak> there is also likewise-open, that ships with ubuntu now.  basically it is winbindd
<RoyK> anything from office people that get a nervous breakdown if they see a linux box, to the climate researchers that get violent if you mention windows vista
<RoyK> slestak: guess it doesn't work too well with solaris
<RoyK> or could an ubuntu box relay/sync this with nis?
 * RoyK really doesn't want to try this on the old HPUX box
<RoyK> rjune: unix attributes came with win2k3 or so, it seems
<rjune> slestak, his problem is relaying that in a unix format for the linux/unix systems
<rjune> RoyK, but does it still?
<slestak> i thinkit might.  we have it installed on an aix box. check their site for hpux and solaris
<RoyK> rjune: even microsoft have opened up a little on the server side, so I guess so
<RoyK> better check tomorrow
<rjune> RoyK, if it does, you should be all set
<RoyK> yup
<RoyK> just got a little job to do making the old solaris 8 boxes understand ldap
<RoyK> or an easier job moving the services onto another box and ditch the old crap
<ivoks> mathiaz: have you looked at https://code.edge.launchpad.net/~ahasenack/openldap-dit/trunk
<ivoks> ?
<oruwork> ivoks-> where you been man ?
<ivoks> ?
<mathiaz> ivoks: nope - first time I saw that
<ivoks> mathiaz: well, it looks like a very good start :)
<ivoks> it's almost finished :D
<mathiaz> ivoks: right - it's andreas work from the Mandriva Directory Server.
<ivoks> i could provide some MTA stuff
<ivoks> like amavis per user config, aliases etc...
<ivoks> ahasenack: i was looking at the dit you are working on
<ivoks> ahasenack: i have some ideas for MTA part
<ahasenack> ivoks: cool
<ivoks> aliases, forward and vacation for a start
<ivoks> maybe even amavis schema at some point
<ahasenack> ivoks: i would be happy enough to get a consensus on aliases :)
<ahasenack> ivoks: for example, do you prefer something like ou=aliases,... which mimics the /etc/aliases file or
<ahasenack> ivoks: email aliases inside the user entry itself?
<ivoks> in side user entry
<ahasenack> ivoks: with ou=aliases, I can do an alias like "webmail: foo@gmail.com", which I can't do when they are inside user entries without creating a "webmail" user first
<ivoks> hehe, i just noticed that problem :)
<ivoks> still
<ivoks> i'm in favor of having it under user entry
<ivoks> having it all in one place
<ahasenack> ivoks: using the refint overlay can help with ou=aliases
<ahasenack> ivoks: in fact, I used that once, worked fine
<ahasenack> ivoks: but there are pros and cons, as usual
<ahasenack> ivoks: maybe using both
<ivoks> we could create a difference between a user with a mail and a system ('fake') user
<ivoks> ou=System Aliases
<ahasenack> ivoks: that seems a workaround
<ivoks> postfix could read both...
<ahasenack> yep
<ahasenack> ivoks: I tended to favor ou=aliases (I mean, a separate branch) because it's more flexible, and the refint overlay helps maintenance
<ivoks> i don't have a clue what refint is :D
<ivoks> http://linux.die.net/man/5/slapo-refint
<ivoks> already reading
<ahasenack> ivoks: if the user is removed, the alias entry is automatically updated
<ivoks> ahasenack: one more thing... you went with dc=example,dc=com
<erik78se> For all of you who knows about the Pirate party in Sweden, the party is the fourth biggest atm!? Do you know about it ?
<ivoks> ahasenack: is it possible to have o=example1,o=server_name?
<ivoks> erik78se: i couldn't care less about pirated software...
<ivoks> ahasenack: that way there would be logic in having couple of organizations under same DIT
<erik78se> ivoks: its not about pirated software
<ahasenack> ivoks: server name? That doesn't sound wise
<ahasenack> ivoks: I don't think we can come up with a tree for all needs, but i'm all ears
<ahasenack> ivoks: since in all discussions about DITs people tend to say "what if the organization changes", or "what if the domain changes", or ..., and then the discussion always stalls
<ahasenack> ivoks: I decided to come up with one of those and not try to solve the all problem
<ivoks> i see
<ahasenack> the bigger problem, I mean
<ahasenack> having something is better than nothing, that's what I thought
<ahasenack> and this something could already apply to lots of people, might even be the more common case
<ivoks> i agree, i was just thinking about the ways we could solve it...
<ahasenack> ivoks: in real life, what I think happens when one org buys another one and two DITs have to be merged, is that people use links between the trees
<ahasenack> ivoks: but it's complex, every case is different
<ahasenack> ivoks: it's usually a consultant's job in that case
<ivoks> i've been in that situation
<ivoks> that's why i was looking how to solve it :D
<MagicFab> hollman, sorry, I was in a meeting. Brb ~5
<ahasenack> there are even overlays that translate attributes on the fly from one tree to the other
<hollman> MagicFab, ok, np
<ivoks> ahasenack: the problem i had was that we had different people in different organizations, but with a same name and lastname
<ivoks> ahasenack: so, if we merged ou=users from one dit to the other, that wouldn't work
<ahasenack> right
<ahasenack> ivoks: so the rdn was the same, but not the dn if you think of both dits coexisting
<ivoks> well, since we wanted to have them all in the same ou=users, dn's where the same
<ivoks> dns
<ivoks> rdns
<ivoks> bah
<ahasenack> :)
<ahasenack> what I need to do in that openldap-dit project is to check what is available in ubuntu and what isn't (for example, bind with ldap patch, I don't know if it's available), check if the import scripts are there too (usually in /usr/share/doc) and finish adjusting the docs
<ahasenack> the script works, at least the last time I tried
<ahasenack> and there is a request to have it use the config backend instead of creating a slapd.conf file
<ahasenack> but that's just a conversion away
<ivoks> right
<ivoks> well, you shouldn't do it without pushing us to change bind/whatelse to work with it :)
<ivoks> i could help with dovecot and postfix
<ahasenack> oh, and add the default ubuntu admin dn to the ldap administrators group
<ahasenack> unless it's rootdn itself, I didn't check that yet
<ivoks> anyway... it's getting late over here...
<ivoks> i'll test your dit these days
<ahasenack> cool, thanks
<ivoks> and provide patches for MTA part
<ivoks> you'll have to help with that refint stuff
<jmedina> ivoks: where you  live?
<ivoks> jmedina: croatia
<jmedina> :O
<jmedina> ivoks: what time?
<ivoks> 21:32
<jmedina> too late
<ivoks> take care
<uvirtbot> New bug: #369470 in update-manager (main) "error starting slapd during dist-upgrade (dup-of: 369197)" [Undecided,New] https://launchpad.net/bugs/369470
<phreestyle-work> I have a question I can'
<phreestyle-work> can't seem to get google to answer for me
<phreestyle-work> after installing hardy (with lamp setup) what other configurations should I make to the server to make it secure and permormant under stress
<jmedina> phreestyle-work: that depends of your setup, your applications, and you current load
<jmedina> you can play with threads/childs config for apache
<phreestyle-work> jmedina: well, I'm going to writing a php application in cakephp that will probably run on a postgresql database, but I'm concerned about the php performance
<jmedina> some applications bennefit from multi threaded apps using apache2-mpm
<jmedina> some php modules dont understand threading and work better with apache2-prefork (old style in apache1)
<phreestyle-work> well, i read that I should install an optcacher or something like that, so I installed xcache, but do I need to do anything special, or does xcache work automagically?
<oruwork> jmarsden-> disable root login and disable password logins
<oruwork> errrr
<oruwork> phreestyle-work-> that was for you
<phreestyle-work> oruwork: yea, I gotta figure out how password-less authentication works with ssh
<oruwork> with a 1024 bit key
<phreestyle-work> oruwork: right, but do you take that key with you on a flash drive or something
<oruwork> you are using putty right ?
<oruwork> yeah you can do that
<phreestyle-work> im on a mac, using the terminal
<oruwork> ooooh
<oruwork> for mac ....
<oruwork> dont really know how to obrain a key for mac
<phreestyle-work> i mean the ssh server runs on ubuntu but I would be connecting from eiter a mac or a another ubuntu machine
<oruwork> yeah the process is very simple, i just never done it for mac or linux desktop
<oruwork> i'm connection from win xp
<phreestyle-work> well with putty, you supply the key as a file in the gui...I'm sure there's a command-line equivelent
<oruwork> sec
<oruwork> the steps i took was download puttyget.exe which let me generate a key
<phreestyle-work> actually it would be really cool if I could get password-less ssh access working because I have some scripts that could use it
<oruwork> then in addition to putty.exe i use pageant to import key in
<oruwork> pageant.exe that is
<phreestyle-work> right....I just gotta figure out how to generate one of those keys on the server....but anyways, what other steps can be taken to secure and speedup the server?
<oruwork> i can find out for you though, so primarly you will be connection from MAC right ?
<oruwork> not speedup
<phreestyle-work> mostly....I'm sure someone has written an article on it
<oruwork> just secure from attacks such as brute force
<oruwork> some boys are telling me about ssh-keyben
<oruwork> you should be able to use that internally
<phreestyle-work> I'll have to check that out
<oruwork> phreestyle-work-> ssh-keygen
<phreestyle-work> oruwork: gotcha
<DoyleChris> hello
<DoyleChris> wuestion about samba
<DoyleChris> could somebody help
<DoyleChris> anybody
<jmedina> DoyleChris: just ask
<DoyleChris> i have samba up and running
<DoyleChris> and i have a 250 gig drive shared on the network
<DoyleChris> what i would like to do is have Home directories for my girlfriend and i that we can access and also music, pictures, and movies.  but have a directory that has programs and other directories i can only access
<DoyleChris> i was able to create a account for me and my girlfriend
<DoyleChris> and i can access the drive with no problem but not sure how to set her account or access up
<jmedina> DoyleChris: the same way you did your your account
<jmedina> DoyleChris:what kinkd of account did you create for your gf?
<DoyleChris> i have the drive mounted as Server250 and i just create access to folders in it or do i haft to create a mount in side that
<DoyleChris> user
<jmedina> linux user or samba user?
<DoyleChris> set it up as a linux user then converted over though webmin
<DoyleChris> in the samba module part
<jmedina> :S I dont know webmin
<jmedina> ok try this
<jmedina> pdbedit -L
<jmedina> what will list your samba accounts
<DoyleChris> nobody,server,Amanda,Christopher
<DoyleChris> Im Chris and Amanda is my girlfriend
<DoyleChris> should i create a seprate mount and share for each folder
<jmedina> ok
<jmedina> no
<DoyleChris> i dont know
<jmedina> so you already share /home?
<jmedina> you want to share /home for amanda and chris
<jmedina> and another directory where you have multimedia files
<jmedina> where is that directory?
<DoyleChris> well when i created there accounts i put there homes on Server 250
<jmedina> DoyleChris: how?
<DoyleChris> the share path is from the mount point /Server
<DoyleChris> i can see under the mount /Server
<DoyleChris> the Amanda and Christopher folder
<jmedina> and home directories are under /home?
<DoyleChris> under /Server
<jmedina>  /home/amanda, /home/christopher ?
<jmedina> ok
<DoyleChris> no /Server/Amanda /Server/Christopher
<jmedina> and where are the multimedia files?
<DoyleChris> They would be under /Server/Music ,/Movies, /Programs ,/Pictures
<DoyleChris> Amanda can only access amanda,Music,movies,pictures
<DoyleChris> and i can access everything
<uvirtbot> New bug: #368145 in mythtv (main) "myth-backend wants to start in runlevel2 while mysql is not ready yet" [Undecided,New] https://launchpad.net/bugs/368145
<DoyleChris> i started over
<DoyleChris> removed the origanial share
<DoyleChris> created directories in linux for music pictures.... and trying to share that directory and having problems
<DoyleChris> why cant this be simple
<DoyleChris> has anybody on here worked with webmin
<phreestyle-work> webmin = bad
<DoyleChris> what do you recommend then webmin
<phreestyle-work> ebox
<phreestyle-work> it should be pretty easy to set up file sharing using it
<phreestyle-work> since you're using the server edition of ubuntu, you don't get the same nice gui tools that you would if you were using gnome, which is good if you're running a server....but I have a proxy/web filtering server setup using ebox...it's makes a lot of things very simple
<DoyleChris> well i install gnome to do some things
<DoyleChris> ebox mentions hardy or interpid
<DoyleChris> which one
 * mattt doesn't like webmin
<phreestyle-work> which ubuntu version are you running? I run hardy here
<DoyleChris> the latest 9.04 i think
<phreestyle-work> btw, this link may be helpful to you: http://www.howtoforge.com/running-a-file-and-print-server-with-ebox-on-ubuntu8.04-server-p3
<DoyleChris> can i also setup ftp and webserver though it
<phreestyle-work> well, there's not a whole lot of gui settings for a webserver in ebox other than enable/disable, but yes
<phreestyle-work> as for ftp, they are working a module for it, but I don't think there is one just yet
<DoyleChris> do i wnat hardy or interpid
<phreestyle-work> run this command: lsb_release -a
<phreestyle-work> it will tell you what version you are running
<DoyleChris> jauntry
<DoyleChris> jaunty
<phreestyle-work> haven't gotten a chance to play with jaunty server yet, but it should be similar to the other versions: sudo apt-get install ebox
<phreestyle-work> then from there, you will prolly want to do this so you can see what modules are available for install: sudo apt-cache search ebox-
<phreestyle-work> good luck with that...gotta run
<DoyleChris> thanks
<phreestyle-work> if nothing else, google helps now that you have a good path
<jgoguen> question about https://launchpad.net/bugs/367943 - fetch public key from LP rather than set password...I want to say that this is Invalid because first, private keys go in ~/.ssh/authorized_keys, and second that the user must have a password for console logins and sudo anyway
<uvirtbot> jgoguen: Error: Could not parse data returned by Launchpad: The read operation timed out
<jgoguen> is this good enough or is there something else I'm missing?
<phaidros> hi, can it be true, that ldap-server in hary is broken ?
<phaidros> ok, installing slapd directly works
 * jmedina only uses hardy slapd servers in production
<jmedina> although openldap team dont recomend use debian version :S, they recommend use stable relasee
<jmedina> 2.4.16
<jmedina> compiled by hand
<jmedina> most fixes are about GNUTLS and syncronization
<phaidros> jmedina: I am trying to understand ldap right now. it seems to be not that easy :)
<jmedina> phaidros: is not easy tu understand
<jmedina> I recommend this book: Mastering OpenLDAP: Configuring, Securing and Integrating Directory Services from Packetpublishing
<jmedina> Mastering OpenLDAP: Configuring, Securing and Integrating Directory Services
<jmedina> http://www.packtpub.com/OpenLDAP-Developers-Server-Open-Source-Linux/book
<jmedina> it has good ldap fundamentals, it is something like "all you want to know about ldap and openldap "
<jmedina> :D
<phaidros> ok, I want LDAP only as backend to manage users and groups for a number of services ..
<phaidros> all the directory service knowledge is eating my brain :/
<phaidros> or better, my breain refuses to absorb it :D
<jmedina> phaidros: I have a document about openldap +samba to centrally manage users and groups for mixed enviroments: linux+unix and windows
<phaidros> jmedina: yay!
 * jmedina dont understand "yay"
<phaidros> yay = sounds good :)
<jmedina> Configurar un servidor Controlador de Dominio con Samba y OpenLDAP en Ubuntu Server Hardy 8.04
<jmedina> http://tuxjm.net/docs/cursos/Samba+OpenLDAP+PAM+NSS-4Ubuntu/html/
<jmedina> it is in spanish
<jmedina> you can copy paste almost everything, and after a few minuts you have a domain controller running :D
<phaidros> thanks jmedina, as I do not understand spanish .. I try to read the examples there :)
<jmedina> phaidros: you can use google translation that will help
<phaidros> jep
#ubuntu-server 2009-04-30
<Vog-work> Quiero una version de eso en ingles.
<jmedina> Vog-work: ayuda a traducir :D
<Vog-work> Mi espanol, es muy "rusty" . I haven't been fluent since 1993-94
<Vog-work> Hasta todos
<MagicFab> How do I *disable* update checks from command line ?
<MagicFab> 9sorry wrong channel)
<genii> MagicFab: Enthusiastic ubuntu-ing from you earlier in -classroom was interesting to see, by the way :)
<MagicFab> genii,
<MagicFab> :)
 * genii hands out a round of coffees
<uvirtbot> New bug: #369575 in libpam-krb5 (universe) "Why is /usr/share/pam-configs/krb5 specifying minimum_uid= ?" [Undecided,Invalid] https://launchpad.net/bugs/369575
<genii> Because min uid is supposed to be 1000 if you don't want system uid and root names logging in
<janauss> anyone here know how to get grub to install on a nvidia fakeraid/dmraid? jaunty install borked the grub configuration
 * mattt could use a coffee
 * genii hands mattt a large coffee in an Ubuntu mug
 * mattt ^5s genii
<ajmitch> genii: as long as you've got enough for everyone
 * genii hands ajmitch an Ubuntu mug as well, filled with life-giving coffee
<ajmitch> excellent
 * ScottK goes for a life giving Scotch
<ajmitch> a bit early in the day for that here
<ajmitch> as nice as it would be
<PhotoJim> good time of day for it here :)
<PhotoJim> but I'd have to crack a fresh bottle of 18-year-old Tallisker to do it
<genii> Nice
<ScottK> Tallisker is good.
<PhotoJim> I've not tried it yet... thought I should.
<PhotoJim> I was really close to the distillery a year and a half ago.  should have visited it.
<carmony> Question: I have a Ubuntu 8.04 server running apache and php, we just moved from another ubuntu server, but for some reason top is showing 90% wa cpu usage during peaks times
<carmony> what can I do to debug what is causing such a huge IO issue?
<twb> Isn't wa idle?
<twb> Rather, waiting for I/O.
<twb> "wa -- iowait    Amount of time the CPU has been waiting for I/O to complete."
<twb> So basically what that's telling you is that your PHP crap is highly I/O bound.
<|dthacker|> carmony: what is your storage on the new server?
<mattt> carmony: and what changed hardware-wise?
<|dthacker|> carmony: are you connecting to the same DB instance.?   Is the DB tuning different?
<carmony> k, we have a db server and a web server
<carmony> we moved the web server to a beefier dual quad core machine
<mattt> and what's changed?
<carmony> it was on a dual dual
<carmony> it was on a 8.10 Ubuntu server machine, now its on a 8.04 server
<mattt> sure you're running an SMP kernel and that all procs are recognized?
<carmony> lol,
<twb> mattt: how will that help with his I/O problem?
<carmony> I'm a developer first, and sys admin second, so I'm not sure what that all means
<mattt> twb: won't directly, but it's a new box ... these are simple things to check
<mattt> carmony: on that note, has the disk configuration changed?
<mattt> twb: wb :)
<carmony> new HD
<mattt> carmony: what was it before and what is it now?
<carmony> but nothing fancy
<carmony> no raid or anything
<carmony> it was on virtual machine before
<twb> mattt: fbi crashed my laptop :-(
<mattt> twb: :(
<captainkirk> is anyone aware of some app that will allow me to sync data from a W2K server to drives on ubuntu server?
<twb> captainkirk: Samba
<captainkirk> ok, so I already running samba in my ubuntu server on the same subnet
<captainkirk> ok. another q. how do i rename my ubuntu server?
<PhotoJim> captainkirk: sudo hostname newhostname
<micahf> hi, I'm sort of new to TCP/IP but here is my question: I've set up my ubuntu-server box as a gateway using iptables forwarding.  The computer picks up internet and sends it to the WAN port on my wireless router.  The problem is that I cannot access the gateway using its local domain name from the router's LAN.  How can I get this to work?
<micahf> the address is "server.local" but it doesn't resolve
<micahf> avahi is set up and it worked before when the computer was part of the LAN
<micahf> it just doesn't resolve when the computer is the gateway for the router
<captainkirk> how do i restart the network after changing the static ip in interfaces?
<micahf> captainkirk: you could do "sudo /etc/init.d/networking restart"
<micahf> captainkirk: that way you would also know that it should work on reboot
<captainkirk> micahf: thanks. i was using network instead of networking.... :)  lots to learn
<micahf> I hear you
<uvirtbot> New bug: #369634 in openldap (main) "package slapd 2.4.15-1ubuntu3 failed to install/upgrade: " [Undecided,New] https://launchpad.net/bugs/369634
<Kamping_Kaiser> captainkirk, i'd suggest restarting networks from inside screen
<micahf> any ideas why I can't access my router's gateway by hostname?
<captainkirk> i restarted from ssh console.... it froze (of course) but now logged back in with new ip and all good
<captainkirk> twb: where should i look to find info to configure samba to sync data files from W2K server?
<twb> It depends what you mean by "sync data"
<captainkirk> twb: i would like to have a realtime sync if possible (like a networked mirror) otherwise a schedule file sync arrangement
<captainkirk> twb: so main data store is on w2k server, using ubuntu and samba as a backup data store via sync
<twb> Eh, I don't know too much about that.
<twb> You could try asking #samba
<captainkirk> kk
<captainkirk> is that on freenode?
<captainkirk> dont worry... found it
<captainkirk> can anyone tell what command line to use to search for file on the server?  like a wildcard all folder type search
<captainkirk> or maybe someone could just tell me where to find the rsync conf file
<twb> captainkirk: the rsync client config file, or the rsync server config file?
<twb> rsyncd is basically an FTP server, but using the rsync protocol.
<captainkirk> twb... i am looking for the rsync server config file
<captainkirk> is it correct that the 'server' is the computer storing the copy of the files?
<twb> The rsync server config file is in /etc/rsyncd.conf or so, but I don't think you want the rsync server.
<captainkirk> twb: well i have files on a w2k server that i want backed up to ubuntu via rsync (or any other method if you have a suggestion)
<twb> That would be the rsync *client*.
<captainkirk> so the server is the one sending the files?
<twb> You write a cron job that runs rsync with particular options.  The "config file" is then just that cron job.
<twb> captainkirk: it's a pull-based operation.
<twb> rsync connects to your windows server using ssh, and copies files from it.
<twb> Note that due to brokenness in Windows' design, you cannot copy files that are in use (e.g. the operating system).
<captainkirk> ok, so just invoke the rsyncd with command line options scheduled via cron
<twb> captainkirk: not rsyncd.
<twb> rsync.
<captainkirk> i only intend to copy data files at night.
<captainkirk> twb: and the rsync software on the w2k server runs in server mode then?
<twb> You may also want to look at rsnapshot, which is a wrapper for rsync intended to help you use it for incremental backups.
<captainkirk> twb: wrapper for windows or linux?
<twb> captainkirk: yes, but the rsync "server" on windows is only launched on demand.
<twb> On linux, the cron job runs "rsync windows:/foo" and that in turn calls "ssh windows rsync -serve /foo"
<captainkirk> i have found a prog called deltacopy which runs on w2k as a service
<captainkirk> twb: Hey!! great excitement... i actually got it to work!!
<billybigrigger> why does every openvpn howto i read seem like a pain in the arse to setup? is there no quick and dirty way to setup a vpn?
<billybigrigger> vpn's seem very complex, maybe its just 12am and i dont have the patience right now, am i right?
<twb> The quick and dirty way is to use ssh instead of openvpn
<Scix> I have to change olcSizeLimit, but I'm a bit confused about where this settings is stored. When using ldapmodify -x -D cn=admin,cn=config -W, which dn am I supposed to connect to?
<Scix> using ubuntu server 8.10
<Scix> god morning, day and evening from noway by the way :)
<Scix> found it. It wasn't that hard after all :)
<sluimers> Hi, dovecot is an imap server right?
<sluimers> I've got a server-computer running ovecot and I would like to reach my imap server it on my desktop computer using thunderbird
<sluimers> However, I'm at a loss on how to accomplish this
<soren> sluimers: dovecot is both an imap and pop3 server (and a bit more, but that's probably not really important for you right now).
<soren> sluimers: If you want it to serve imap, you need to install dovecot-imapd
<oh_noes> I just created a new filesystem
<oh_noes> how do I find it's UUID to add an entry into fstab
<oh_noes> found it, blkid
<sluimers> soren, I have that already installed
<soren> sluimers: Ok. then what exactly is the problem?
<sluimers> I try to mail to this server and get this errror:
<sluimers> Google tried to deliver your message, but it was rejected by the recipient domain. We recommend contacting the other email provider for further information about the cause of this error. The error that the other server returned was: 550 550 sorry, mail to that recipient is not accepted (#5.7.1) (state 14).
<soren> sluimers: "mail to this server"? How so?
<sluimers> server-computer
<sluimers> sorry
<sbeattie> sluimers: that's not a dovecot issue, that's an issue either with your mail server (likely postfix) or with your dns setup (i.e. the mx record pointing to the wrong machine)
<sluimers> ah
<sluimers> I'm such a newbie with this :/
<sbeattie> sluimers: you want to look in /var/log/mail to verify that its getting to your server and see what errors are reported there.
<sbeattie> sorry /var/log/mail.log
<sluimers> the only thing I read is me logging in and out of mutt I think
<sluimers> Login... Disconneced.. Login.. Disconnected
<sbeattie> sluimers: can you connect to the mail server's smtp port? e.g. 'nc [servernameorip] smtp'
<sluimers> Like I said, I'm very newbie, I don't know what my servernameorip is
<sluimers> I tried 'nc localhost smtp' but connection is refused
<sbeattie> while logged in to the server?
<sluimers> yes
<sluimers> I have managed to send an e-mail from my server-computer to my gmail though, using mutt
<sluimers> and exim4
<sluimers> wait... I should tell you a bit more. I want this to work because I want to make a contact page on my website. I bought a domain-name. The website is running on my server-computer
<sluimers> I typed in nc <mail server from where I bought the domain name from> smtp and it's giving me:
<sluimers> 220 rblsmtpd.local
<sbeattie> sluimers: is the hostname returned by "host -t mx your.domain.name" the same as your server-computer?
<sluimers> no it's the <mail server from where I bought the domain name from> hmmm... I should just mention it. it's 0 smtp.secureserver.net
<sluimers> and 10 mailstore1.secureserver.net
<sluimers> I typed in smtp.secureserver.net as server name in thunderbird
<sluimers> username as <e-mail adress I get when sending to my gmail adress>
<sluimers> secure connection as TLS, as I find that in the mail.log
<sluimers> port 143
<sluimers> oh and e-mail name is the same
<sluimers> as my username
<Knirgh> What is the command to add a user with it's home in /var/www and able to use ftp services?
<sbeattie> sluimers: there's two elements to receiving email: (1) getting your dns set up so that other mail servers know how to find the ip address of your server and (2) configuring your mail server (exim4 in your case) to accept mail; at a minimum it needs to listen on port 25 and accept mail for your domain.
<sbeattie> I assume secureserver.net (lightedge?) is handling dns for you, so you'll need to figure out how to get them to set up an mx record that points to an A name record for your server.
<sbeattie> then you'll need to figure out why exim isn't listening on port 25 on your server; port 143 is imap, which is strictly for clients wishing to pull mail off of the server, not for sending.
 * sbeattie needs to head to bed.
<simplechat_> hey, i have a few issues
<simplechat_> my server just stopped booting about 15 minutes ago
<simplechat_> its having issues finding /dev/md0
<simplechat_> it complains that it can't fsck it
<simplechat_> but the md0 array won't build
<simplechat_> because it can't find any devices
<simplechat_> it says
<simplechat_> Assembling MD array md0 failed (no devices found)
<simplechat_> then it fails to read it
<uvirtbot> New bug: #368585 in php5 (main) "php5 crashed with SIGSEGV in _Unwind_ForcedUnwind()" [Undecided,New] https://launchpad.net/bugs/368585
<simplechat_> anyone?
<sluimers> no idea, I'm here with problems myself
<ploum> Hello
<ploum> I'm using Dovecot and postfix
<ploum> and I want the user+folder@email feature described here : http://blog.init.hr/?p=3
<ploum> but I don't want to install dovecot-postfix as I already have a working configuration with LDAP
<ploum> I've tried to read the whole file provided by dovecot-postfix but I can't find where the "email extension" (or "subaddress") is declared
<ploum> nor how I can put this feature in my setup
<ploum> (I suppose it's a sieve feature but I'm not sure)
<sluimers> oh cool, maybe you can help me ploum, I'm a newbie with dovecot and use exim4. I'm trying to send mail fom my gmail account to my imap server dovecot-imapd
<sluimers> drat
<sluimers> wb ploum
<ploum> sluimers: can you repeat ? Pidgin crashed
<sluimers> ah
<sluimers> I'm a beginner with mail servers, so I thought you might be able to help me.
<sluimers> I don't really know how to set it up
<sluimers> I've got dovecot installed though
<sluimers> and dovecot-imapd
<sluimers> and exim4 and I managed to send an e-mail to my gmail-account
<sluimers> but not the other way aound
<sluimers> around
<ploum> where do you want to store your users
<sluimers> I have no idea
<sluimers> <- complete newbie
<ploum> Ok, is there any reason for you to choose exim4 over postfix ?
<sluimers> it was already running when I installed ubuntu on it
<ploum> ok
<ploum> so it means that any of your packages needed a mail sender
<ploum> not a big deal
<ploum> My advice would be to use postfix
<ploum> install dovecot-postfix
<ploum> (be sure to remove exim4)
<ploum> and see if it works
<ploum> in theory, it should work out-of-the-box
<ploum> If later you want to switch to LDAP, I advise you to keep the following howto somewhere :
<ploum> http://www.vogelweith.com/debian_server/07_postfix.php
<ploum> it's really really good
<ploum> but more avdanced
<ploum> try to get basic stuffs working first
<ploum> (sorry, I just realized it was in french)
<sluimers> lol, yeah, my french isn't that good
<sluimers> bonjour ploum, ca va? :P
<sluimers> <- all I remember from french lessons
<ploum> bien merci :-D
<ploum> I'm sorry, as I'm always switching from french to english, I don't always know the language of something I've just finished reading
<sluimers> je suis un hollandaise
<sluimers> errmm... is there a package called dovecot-postfix or did you mean to install them both?
<sluimers> hmmmm... wait a second, shouldn't exim/mutt be enough?
<ploum> (Ik ben sorry maar mijn Nederlands slecht is. Ik moet het meer gebruiken)
<sluimers> (want?)
<ploum> There's a package called dovecot-postfix (on Jaunty)
<ploum> mutt is a mail client
<ploum> just like evolution or thunderbird
<sluimers> Ah, I still use intiprid
<sluimers> Jaunty is still in betaphase right?
<ploum> no
<sluimers> ah
<ploum> it was released last week
<ploum> and one of the big improvement for mail servers is this new packages "dovecot-postfix" which enable a working configuration "out-of-the-box"
<marthe> PLEASE !!! can anyone help me with my postfix-procmail? How to configure UNOCONV with a mail server ?
<twb> marthe: if you get no help here, try #postfix
<marthe> i have try it, but it's not explain how to configure UNOCONV
<marthe> twb:  i have try it, but it's not explain how to configure UNOCONV
<marthe> twb: thanks
<dayo> i'm trying to set up ldap authentication, so clients can access their home dirs on the nfs server. i'm following this guide https://help.ubuntu.com/8.10/serverguide/C/openldap-server.html and when i tried to run `sudo ldapadduser...` i got this error: http://paste.ubuntu.com/161360/   can someone help me with this?
<simplechat_> dayo, did you install ldap?
<dayo> on the client? no
<simplechat_> that could be the issue
<dayo> i need to install ldap on the clients??
<dayo> but it's already installed on the ldap server
<dayo> :-/
<dayo> or maybe i should be running `ldapadduser` on the server...
<dayo> says command not found
<simplechat_> hmmmm
<TarBar> I'm trying to install ubuntu server, I select my NIC from the list and it does the DHCP autoconfig but fails it, My NIC has a cat5 cable going to router and the lights on the nic show that its connected. any ideas?
<ploum> can someone help me to have address extension on my dovecot/postfix setup ?
<ploum> postfix is refusing user+folder adresses telling me that the use doesn't exist
<ploum> (which is true, only "user" exists)
<lamont> ploum: set recipient_delimiter = + in main.cf
<ploum> lamont: it's already done
<ploum> that's why I don't understand
<ploum> but I'm using ldap
<ploum> and postfix-ldap
<lamont> ploum: it could be that it's rejecting the address in one of the early user maps
<lamont> local_recipient_maps maybe
<lamont> not sure without diving into the rathole
<TarBar> Can anyone help me get networking setup in ubuntu server?
<ploum> lamont: it could be, indeed
<ploum> do you know how I can test that ?
<lamont> ploum: a goodly scattering of -v options in master.cf should do the trick, once  you wade through the possibly thousands of lines of logging
<ploum> I don't understand the following lines :
<ploum> 127.0.0.1:10025 inet n  -       -     -       -  smtpd
<ploum>     -o content_filter=
<ploum>     -o local_recipient_maps=
<ploum>     -o relay_recipient_maps=
<ploum> (in master.cf)
<TarBar> Right, I've tried a gui version of ubuntu and the internet works, however it fails setting up on the ubuntu server install?
<ploum> TarBar: wifi or cable ?
<VK7HSE> ploum:  127.0.0.1:10025 inet n  -       -     -       -  smtpd  This is setting postfix up to listen on localhost on port 10025 for mail re-injection once it has passed through external filtering... like Amavis, Spamassassin, clamav etc...
<TarBar> cable mate.
<ploum> lamont: Final-Recipient: rfc822; ploum+bugzilla@ploum.net <https://mail.fritalk.com/src/compose.php?send_to=ploum%2Bbugzilla%40ploum.net>   so it looks like it doesn't even try to use the recipient_delimiter
<ploum> I don't understand why
<ploum> TarBar: without GUI, you don't have NetworkManager
<TarBar> mmm
<VK7HSE> ploum: there are many ways to configure postfix... ;)
<ploum> you have to configure /etc/network/interfaces and do /etc/init.d/networking restart
<ploum> VK7HSE: a bit too much, indeed
<ploum> But if I put a recipient delimiter, it should work
<VK7HSE> ploum: It also depends on just what & how your want it all to work!...
<ploum> VK7HSE: I really think that 99% of people want to have mails but it's a tradition in the software world to be flexible that even the basic needs are nearly impossible to understand
<ploum> that's why I like the principle of dovecot-postfix
<ploum> It makes the most frequent typical really easy
<ploum> (the most typical usecase)
<ploum> I admit that here, it's not a basic need
<ploum> just a nice feature
<VK7HSE> Yeah I had to wade through quite a bit of documentation to get my head around it! but I'm by no means an "expert" in this field!
<ploum> me neither
<VK7HSE> like I haven't setup my postfix to use mysql etc.. just for local accounts only...
<ploum> but here, I'm really frustrated. It's a feature that should be, on the paper, really easy to have with dovecot-postfix but I cannot make it works without this package
<ploum> VK7HSE: I use it with LDAP and it was *not* nice to set up ;-)
<VK7HSE> as I have just upgraded from 8.10 to 9.04, and haven't done a fresh install, does the dovecot-postfix duo include amavis ??? or any filtering by default?
 * VK7HSE just topping up the teacup!
<ploum> not that I'm aware of
<ScottK> VK7HSE: No.  We're looking at that for the future.
<kwork> dont take the fun out of it by making it easy :P
<ScottK> There is a postfix-filter-add (IIRC) script shipped in the postfix package that should make integrating amavisd-new quite easy.
<VK7HSE> Ok! cool thanks ScottK  ... I had fun sorting mine out!.. :P
<ploum> I've the following postfix maps with ldap : http://www.vogelweith.com/debian_server/07_postfix.php#x1-180003.3
<VK7HSE> ScottK I have mine working just fine... but I will compare the new info once its complete...
<ploum> maybe the /etc/postfix/ldap-aliases.cf in the link refuse the user+folder@domain ?
<ScottK> I had it backwards.  It's /usr/sbin/postfix-add-filter
<ScottK> If you just execute /usr/sbin/postfix-add-filter it will explain what it does
<VK7HSE> ScottK hey that pretty neat!... you guys have been hard at it!... :D
<ScottK> That's actually been there in Intrepid too, but didn't get the press that dovecot-postfix is getting.
<VK7HSE> ScottK... gee that would have saved me many hours of "learning" !!! but hey I needed to understand just what it was I was attempting to do... not just cut'n'paste the whole config!
<ploum> (damm, it looks like it's a old problem : http://www.irbs.net/internet/postfix/0611/0115.html )
<ivoks> ah, ploum :)
<VK7HSE> I now "understand" why I left ldap alone !!! :P
<ivoks> i don't see why ldap/passd/sql would make any difference with delimiter
<ivoks> if postfix knows what the delimiter is, then it knows what is the username
<ivoks> and will ask ldap/sql/passwd for a correct username
<VK7HSE> for me, I just didn't understand it! plus for a home server it was just overkill !!!
<ivoks> easy with '!'
<ploum> ivoks: I don't understand it more than you
<ploum> what you say is logical
<ploum> but I think I've tried all logical solutions
<ivoks> ploum: it doesn't work for you?
<ploum> so I'm trying the non-sense approach
<ploum> ivoks: no
<ivoks> ploum: do you use dovecot as MDA?
<ploum> yes
<ploum> with sieve and everything working fine
<ivoks> you configured both dovecot and postfix to do that, right?
<ivoks> ok
<ploum> ivoks: how do you configure dovecot for that ?
<ivoks> ploum: you have to enable mda in its configuration
<ploum> this is just that **** recipient_delimiter which is not taken into account
<ploum> ivoks: yes
<ivoks> (protocol lda)
<ploum> my config is working for nearly one year
<ivoks> ok then
<ivoks> how does mailbox_command looks like?
<ploum> empty
<ivoks> so, let's start again
<ivoks> ploum: do you use dovecot as MDA?
<ivoks> correct answer on this question is: no
<ivoks> unless you made serious changes to master.cf
<ploum> virtual_transport = dovecot
<ploum> master.cf :
<ploum> dovecot    unix  -       n       n       -       -       pipe
<ploum>   flags=DRhu user=vmail:mail argv=/usr/lib/dovecot/deliver -d $recipient
<ploum> so I really believe that I'm using dovecot as MDA
<ivoks> you do, but you didn't set it up to look at extensions
<ploum> really interesting
<ploum> How can I do that
<ploum> ?
<ivoks> http://wiki.dovecot.org/LDA/Postfix
<ivoks>   flags=DRhu user=vmail:vmail argv=/usr/local/libexec/dovecot/deliver -f ${sender} -d ${user}@${nexthop} -n -m ${extension}
<ivoks> notice the -n -m ${extension}
<ivoks>  /usr/lib/dovecot/deliver --help
<ivoks> doh, no --help
<ivoks> http://wiki.dovecot.org/LDA
<ivoks> -m <mailbox>: Destination mailbox (default is INBOX). If the mailbox doesn't exist, it's created (unless -n is used). If message couldn't be saved to the mailbox for any reason, it's delivered to INBOX instead.
<ivoks> so, you aren't exporting mailbox name to dovecot's MDA
<ivoks> that's why it can't deliver in specified mailbox
<ploum> ivoks: but there's another problem
<ploum> It doesn't even try
<ploum> <ploum+bugzilla@ploum.net <https://mail.fritalk.com/src/compose.php?send_to=ploum%2Bbugzilla%40ploum.net>>: user unknown
<ivoks> of course it doesn't; you didn't tell it to try
<ivoks> have you added -n -m ${extension} ?
<ploum> yes
<ploum> and reloaded postfix
<ploum> and it's still the same
<ivoks> so, how does that line in master.cf looks like now?
<ploum> flags=DRhu user=vmail:mail argv=/usr/lib/dovecot/deliver -d $recipient -n -m ${extension}
<ploum> doesn't work (user unknonw)
<ploum> flags=DRhu user=vmail:mail argv=/usr/lib/dovecot/deliver -d ${@user}@{nexthop} -n -m ${extension}  :
<ploum> mails are not coming
<ploum> status=deferred (mail system configuration error)
<ploum> I'm sure there's something I don't understand
<ivoks> sorry, phone
<ploum> (I always said that master.cf is the limit of my intelligence)
<ploum> no problem ! You are helping me ! Thanks :-)
<ivoks> so... correct line would be:
<ivoks>   flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -d ${recipient} -n -m ${extension}
<ivoks> save it, restart postfix
<ivoks> send your self a mail on email+existing_folder@domain.com
<ploum>  user unknown
<ploum> I've a "bugzilla" folder
<ploum> my mail is ploum@ploum.net
<ploum> so I send to ploum+bugzilla@ploum.net
<ploum> user unknown
<ivoks> ok
<ivoks> postconf recipient_delimiter
<ivoks> ?
<ploum> recipient_delimiter = +
<ivoks> and how about ldap filter?
<ivoks> have you looked at ldap to see which user postfix is requesting
<ploum> virtual_mailbox_maps = ldap:/etc/postfix/ldap-accounts.cf
<ploum> virtual_alias_maps = ldap:/etc/postfix/ldap-aliases.cf, ldap:/etc/postfix/ldap-maildrop.cf
<ploum> the .cf files are here : http://www.vogelweith.com/debian_server/07_postfix.php#x1-180003.3
<ploum> basically :
<ploum> query_filter = (&(objectClass=mailAccount)(mailalias=%s)(mailenable=OK))  result_attribute = mail
<ploum> so, of course, ploum+bugzilla will not match any ldap alias
<ploum> but that's the goal of the stuff
<ploum> Postfix should only ask for "ploum@ploum.net"
<ploum> http://www.irbs.net/internet/postfix/0611/0189.html
<ivoks> er...
<ivoks> what's the username, ploum or ploum@ploum.net?
<ivoks> bah, never mind
<ploum> that's maybe the problem. The username is "ploum@ploum.net"
<ploum> so maybe it looks for "ploum" only
<ivoks> probably
<ivoks> try mailalis=%s@ploum.net
<ivoks> mailalias
<ploum> but I'm hosting several domains so it's not a possible solution
<ivoks> propagate_unmatched_extensions = canonical, virtual, alias, forward, include
<ivoks> er...
<ivoks> make that only canonical, virtual
<ploum> mmm
<ploum> no
<ploum> it doesn't help
<ploum> But anyway, thanks for taking the time to help me :-)
<ivoks> hm...
<ivoks> we have a error in our logic :)
<ivoks> result_attribute = mail
<ploum> ?
<ploum> I should put that in main.cf ?
<ivoks> what's mail attribute?
<ivoks> an alias or mailbox?
<ivoks> i'll have to investigate this
<ploum> an alias
<ivoks> i'm planing on having ldap as a backend for karmic, so i'll have to tackle this
<ivoks> ?
<ploum> wait
<ploum> ivoks, are you ante ?
<ivoks> yes
<ploum> oooh !
<ploum> thanks for your time *and* your mail :-)
<ivoks> hehe np
<ploum> I've tried to write a spec about that : https://wiki.ubuntu.com/LdapIntegrationSpec
<ploum> I'm using an Ubuntu server with LDAP for mails, Jabber and webservices : it works great but was really hard to set up
<ploum> ivoks : If you work on LDAP and you want to see some specific bit of my configuration, don't hesitate to drop me a mail
<ploum> ivoks: thanks a lot for your time and everything else (your blog, your work)
<ploum> I will try it again another time
<Hungry> hello there.
<Hungry> Think I may have got myself into a bind.
<Hungry> Is there a way to get hold of the update-manager-core and other packages required to upgrade a server from gutsy to hardy? Or now the repository is gone is the only option to reinstall from cd (with a train journey to visit the server)?
<ScottK> Hungry: old-releases.ubuntu.com (or something similar) has it.
<Hungry> will check that out. thanks.
<Sam-I-Am> wow, nfs4 infinitely fails on 8.04 lts...
<Sam-I-Am> foxbuntu: figured out the problem... already a bug reported on it.
<Sam-I-Am> foxbuntu: reported last july, still not fixed in LTS, but fixed in intrepid.
<Sam-I-Am> actually, using nfs4, LTS is totally unusable
<Sam-I-Am> nice to see :)
<Faust-C> i thought cyrus was being taken out of repos?
<Faust-C> or was that courier
<Sam-I-Am> i'd hope cyrus isnt leaving...
<foxbuntu> Sam-I-Am, Im not really sure at this point what I helped you with, but if there is a fix in intrepid for it, you could submit a backport request on it
<Sam-I-Am> would they consider backporting a kernel?
<Sam-I-Am> foxbuntu: we were talking about the kernel panic
<foxbuntu> Sam-I-Am, no, but you might get them to backport the fix
<foxbuntu> Sam-I-Am, but it would need regression testing and such
<foxbuntu> Sam-I-Am, what is the panic related to?
<Sam-I-Am> i set up a serial console on the VM and traced it to an NFSv4 problem... which is documented as https://bugs.launchpad.net/debian/+source/linux/+bug/253004
<uvirtbot> Sam-I-Am: Error: Could not parse data returned by Launchpad: The read operation timed out
<Sam-I-Am> a recent post indicates that they're considering fixing it in hardy
<Sam-I-Am> but nothing official
<Sam-I-Am> i could just toss the intrepid/jaunty kernel on hardy but that sorta defeats the purpose of running LTS
<foxbuntu> Sam-I-Am, that bug report shows its been nominated for backport already
<Sam-I-Am> yeah
<Sam-I-Am> thats what i was thinking
<Sam-I-Am> except its been a looooooong time since it was reported
<foxbuntu> Sam-I-Am, so its likely just a matter of time till it shows up in one of the lts kernels
<Sam-I-Am> considering it makes lts unusable if you run nfs4
<foxbuntu> yea
<ScottK> Bug nomination doesn't mean more than someone thought it would be an appropriate thing to fix post release if there was a fix.  It doesn't mean someone is actively working on it.
<jmedina> nfs is importan in today virtualization systems,
<foxbuntu> Sam-I-Am, my only suggestion is to try to bump it and get the fix backported
<foxbuntu> find out what was actually fixed
<Sam-I-Am> foxbuntu: how would i 'bump' it?
<foxbuntu> Sam-I-Am, on the kernel, I am not totally sure, you might want to go ask someone on the kernel team for advice. #ubuntu-kernel
<Sam-I-Am> not a bad plan...
<AnRkey> can i create an lpr queue for our as400 to print to with cupsys on ubuntu?
<AnRkey> if so how?
<Hecate> AnRkey, i dont know exactely what your as400 is, but it sounds pretty much like a printer and since that would disqualify the question from being asked in this channel, i'd recommend asking it somewhere else.
<AnRkey> Hecate, as400's are a kind of server
<LHC> hey all
<AnRkey> the as400 server must print send a print job to a server here running ubuntu desktop for our noobs to work on
<AnRkey> Hecate, thanks anyway :)
<Hecate> oh, sorry for "showing you off", then. ;)
<soren> AnRkey: Doesn't cups-bsd also run an lpd?
<soren> AnRkey: It certainly provides the lpr-like cli tools, but I think it also runs a corresponding daemon.
<AnRkey> soren, now we are talking
<jmedina> yeap cups supports lpd
<AnRkey> i want to simply set up a queue
<AnRkey> jmedina, how do i create a queue then?
<AnRkey> jmedina, save my life please!!!! :P
<soren> I would expect cups-lpd to expose a queue for each of cups' configured printers.
<soren> http://www.cups.org/doc-1.1/sam.html#8_2
<jmedina> use cups-lpd daemon
<jmedina> http://www.cups.org/documentation.php/doc-1.4/man-cups-lpd.html
<jmedina> you can launch it from xinetd
<jmedina> so you point your as400 lpr cliento to cups
<AnRkey> jmedina, where do i send the beer to?
<jmedina> mexico city plase
<jmedina> I dont have incluensa
<jmedina> XD
<AnRkey> oh geez, ok a bit far
 * AnRkey gives jmedina a noddy badge instead
<AnRkey> :D
<AnRkey> ok that was about as korny as i should be today
<AnRkey> bbl
<AnRkey> jmedina, now i just need to get this company to switch to ubuntu server from that blasted as400 server
<jmedina> AnRkey: wahat is as400 function?
<jmedina> only print server?
<jmedina> file sharing?
<jmedina> XD
<AnRkey> no it's a server that runs there accounting stuff
<AnRkey> it's terminal based
<AnRkey> text
<AnRkey> runs over a telnet type session
<AnRkey> they are getting ripped off
<AnRkey> i have already saved them a boatload of cash with ubuntu desktop deployments
<AnRkey> we just got a call that they are considering ubuntu server and getting in a new package
<stas> hi, why after editing motd.tail and running bootmisc.sh my motd doesn't change? have you modified something again?
<genii> !info update-motd
<ubottu> update-motd (source: update-motd): Modular framework to dynamically generate the message of the day. In component main, is standard. Version 1.11.1 (jaunty), package size 7 kB, installed size 120 kB
<jbernard> stas: that should work, is /etc/motd a symlink to /var/run/motd?
<stas> jbernard: yes it is
<stas> I mean it's a symlink to /var/run/motd
<stas> but it doesn't change on running /etc/init.d/bootmisc.sh start
<stas> genii: it worked, thx
<jbernard> stas: ahh, the updating of motd is no longer done by bootmisc.sh for jaunty
<jbernard> that was removed, probably in favor of installing update-motd
<stas> jbernard: yeah :)
<jbernard> i think i was the last one to actually realize that ;)
<stas> I just wanted to know what changed :)
<theuser1>  what are the ports used by irc. ?
<infinity> theuser1: 6667 is the most common one, but IRC networks tend to run on a range of ports, to allow people to get out of permissive firewalls.
<theuser1> need all ports used. i have to run ircd
<infinity> theuser1: It's entirely up to how you configure your ircd.
<infinity> theuser1: But, like I said, 6667 is the most common default.
<theuser1>  6665, 6666, 6667, 7000, 7070, 8000, 8001, 8002 ?
<ichat> what whould be the  best way to (remote or local)  control  a ubuntu server instance - for home use -  ?
<jmedina> ssh
<ichat> sorry - i should have said other than ssh - cause im not verry fond of  cli command al the time
<ichat> i googled for webmin instead but its said to have issues with ubuntu
<kirkland> mathiaz: around?
<kirkland> mathiaz: regarding bug #360825 ...
<uvirtbot> Launchpad bug 360825 in kvm "kvm 0.84 doesn't create three drives in the guest" [Medium,Fix released] https://launchpad.net/bugs/360825
<uvirtbot> New bug: #370000 in mysql-dfsg-5.1 (universe) "package mysql-server-5.1 5.1.31-1ubuntu2 failed to install/upgrade: el subproceso post-installation script devolviÃ³ el cÃ³digo de salida de error 127" [Undecided,New] https://launchpad.net/bugs/370000
<mathiaz> kirkland: yes - bug 360825
<uvirtbot> Launchpad bug 360825 in kvm "kvm 0.84 doesn't create three drives in the guest" [Medium,Fix released] https://launchpad.net/bugs/360825
<kirkland> mathiaz: so i've been talking with upstream about this issue, trying to get him to take our patch
<kirkland> mathiaz: but he says that it's wrong
<kirkland> mathiaz: wrong to use index= anything, with virtio
<kirkland> mathiaz: because with virtio, the indexing is misleading
<kirkland> mathiaz: it doesn't actually correspond to the order as seen by the guest
<mathiaz> kirkland: hm ok.
<kirkland> mathiaz: and uuid should be used instead
<kirkland> mathiaz: my question for you ...  where did those index= entries come from?  libvirt?
<mathiaz> kirkland: right - so if I define a virtio devices as being hda in the libvirt file it doesn't mean that it will be seen as hda in the guest
<kirkland> mathiaz: well, vda you mean
<kirkland> mathiaz: but, yes, exactly
<mathiaz> kirkland: yes - in my libvirt definition, I have device=vda, device=vdb
<mathiaz> kirkland: the libvirt definition goes like this: <target dev='hda' bus='virtio'/>
<mathiaz> kirkland: then I guess that libvirt translates that to index option when it launches the kvm process
<kirkland> mathiaz: gotcha
<kirkland> mathiaz: okay, we'll need to fix that in libvirt
<jimcooncat> anyone here use freenac?
<jmedina> it is totally free?
<jimcooncat> not if you use their consulting service :-)
<jmedina> have you tried http://netreg.sourceforge.net/
<jimcooncat> not sure that fits my scenario -- want to provide guest access in our conference room. I want them to see only a proxied gateway, not the other machines on the LAN
<jimcooncat> ... wireless access (I've got a couple WRT54GL's handy) would be a bonus
<jmedina> I use WPA2 Enterprise with FreeRADIUS
<jimcooncat> I thought originally I'd make very small subnets and hand each guest their own via dhcp
<jmedina> and FreeRADIUS with EAP-PAP or EAP-TTLS
<jmedina> usring windows autentication or ldap auth
<jmedina> you can add a user to a specific vlan depending of their authtentication credentials
<jimcooncat> jmedina: does that require anything for the client to configure or install?
<jmedina> it is much simple to setup a captive portal server :D
<jmedina> like in hotels
<jmedina> your user connect to a open wireless
<jmedina> assigned a IP
<jmedina> when taht user opens a browser it will apear a registration form
<jmedina> so you can auth that user and give privileges
<jmedina> I like ZeroShell distribution for that
<jmedina> it has ldap and kerberos auth integrated
<jmedina> it is easier
<jimcooncat> thanks jmedina, I'll look into that -- it does sound simpler
<jimcooncat> looks very feature-rich, but not simple to update. Shouldn't need much updating though
<jimcooncat> I'm so spoiled with apt
<captainkirk> does anyone know where i should look to find the rsync logs?
<andol> captainkirk: from rsyncd? Well, unless otherwise specified it should go into syslog.
<captainkirk> andol... just looking now
<captainkirk> andol. details i am looking for are not in the system log, but I did find something else interesting.....
<andol> You always find something interesting when you peak at your syslogs :)
<captainkirk> andol: i have changed the hostname of the computer from emerlad2 to emerald but all the log entries are still showing the old hostname of emerald2?
<captainkirk> andol: ok, i found a 1 line entry in the syslog of where the cron job has run the rsync command.  Is there some way of piping the rsync output to a file somewhere and then have a cron to email it to me as an attachment?
<captainkirk> anyone ?  ^^^^^^^
<andol> captainkirk: Since you were talking about logs I figured you were running a rsyncd, but obviously not.
<andol> captainkirk: if you have a MTA set up properly all cron output will be sent as mail, to the user running the job.
<captainkirk> andol: rsyncd is the server side of rsync right?
<andol> captainkirk: If you want more rsync output, use the --verbose flag
<captainkirk> andol: yes, i am using the --verbose flag and if i run the rsync command from cli, i get 'los' of info... :)
<andol> captainkirk: Yes, but not neccesary the one you use. Often today you simply pipe rsync through a ssh tunnel, spawning a rsync session on the other wise.
<captainkirk> andol: ok, my problem is the other host with the 'live data' to copy is a w2k server
<andol> captainkirk: Another option, unless you have your mail working, is to simply add a ">> /path/to/logfile" after the command in your cron file.
<captainkirk> andol, as this machine is not my site mta, it is not configured so i like the >>etc option just to capture the output of the most recent run event
<captainkirk> andol: is the ssh tunnel option difficult to configure, or even necessary if both machines are in the same room?
<andol> captainkirk: Actually, the ssh tunnel one is usually the easiest one, it only requiers the other server to be running an openssh-server and have the rsync client install
#ubuntu-server 2009-05-01
<andol> captainkirk: When you to a "rsync filename user@host:path" that is nowdays using ssh by default. In the early days it used rsh instead.
<captainkirk> andol: is this still possible though if the other machine is w2k server?
<andol> captainkirk: It's always possible :) That said, I have no idea what's the easiest way to handle rsync in regards to windows server.
<captainkirk> andol: i have installed a prog called deltacopy on the w2k server, it is running in server mode and configured to serve certain folders:
<captainkirk> andol: the rsync command on my ubuntu server is able to connect and pull the data from the w2k server.... seems to be working ok
<andol> Then it should be all good :)
<captainkirk> andol: so far so good :)
<phaidros> hm, just fiddling with fastcgi init scripts.
<phaidros> is there a known solution for multiuser fastcgi init scripts, maybe configurable via /etc/default ?
<phaidros> so, that the owner (unix user) is able to restart his own fastcgi script?
<leonel> phaidros: you can try cherokee web server  it starts your  fcgis now with the owner you want  in case the daemon ends  cherokee restarts for you
<dsuch> Hey
<dsuch> is it normal that I cannot find drbd8-utils package on a fresh Jaunty server?
<dsuch> apt-cache search tells me there's nothing related to "drbd"
<andol> dsuch: Strange, I can find it using the exactly same method. Does an apt-get update help?
<dsuch> *blush*
<dsuch> Yea, it does :)
<dsuch> Thanks andol
<andol> np
<rayne> is there an easier way to get the ssh-rsa key to the node without typing it? it is so long i cant seem to type it correctly
<phaidros> rayne: just scp a textfile containing the key to the machine ;)
<phaidros> leonel: ic, that sounds good. but I'm nailed to nginx :/
<rayne> phaidros: would i not still have to type the key... is there a file that contains the key that i may xfer with a usb stick ?
<phaidros> rayne: actually I don't know about what kind of key you speak
<rayne> i am seeting up the node for ubuntu 9.04 eucalyptus, when i --addnode <node name> it prints on screen the ssh-rsa key to type into node
<Rafael> anybody can give me help on software raid
<phaidros> rayne: I am no expert, but have used mdadm before
<rayne> mdadm ?
<phaidros> rayne: rayne software raid in linux is usually done with mdadm (see man mdadm)
<phaidros> irk, I wanted to say that to Rafael
<phaidros> sry rayne ;)
<rayne> :)
<phaidros> rayne: I have no idea about eucalyptus, but you can echo that key to a file, transfer that file onto the target, and cat the content of that file into your commandline
<rayne> ummm.. thats just might work
<phaidros> like 'somecommand --tell-key >> keyfile', scp keyfile to server, 'somecommand --mykey=`cat keyfile`'
<rayne> let me see. rbr
<rayne> i man brb
<rayne> nope...
<rayne> since the screen does the output the echo command will not work
<rayne> but that was a good idea
<rayne> i must find the file that has the auth keys
<phaidros> ack
<Trebacz> Okay I screwed up upgrading Ubuntu Server from 8.10 to 9.04. I accidently merged  (experimental) my /boot/grub/menu.lst and lost my raid configuration.
<phaidros> irks
<Trebacz> When merging is a backup copy of the file kept anywhere?
<phaidros> umh, /boot/grub/menu.lst~ or /boot/grub/menu.lst.dkpg.something ?
<Trebacz> There is a menu.lst~ but it's the same as menu.lst
<phaidros> ouch, then I dunno
<rayne> phaidros: i am installing [apt-get] gnome on both servers and going to copy and paste :)
<Trebacz> The sad thing is there are four drives and I can't remember the arrangment I had them in. Two were mirrored, but I can't remember the last two...
<phaidros> rayne: why not cut and paste in your terminel o.O
<phaidros> rayne: gnome on servers .. *sheesh*
<phaidros> Trebacz: see your mdadm config
<phaidros> Trebacz: in grub you need imho only the device file .. but you can reconstruct that from mdadm config imho
<Trebacz> Cool. Can you give me a location or file name. Is it /etc/init.d/mdadm-raid? Sorry new at this.
<phaidros> /etc/mdadm/mdadm.conf
<phaidros> uhm, but maybe only the entry for the root is wrong in your menu.lst
<phaidros> did your overwrite /boot/grub/device.map? if not, just check the root= entry
<phaidros> (in menu.lst)
<Trebacz> Unfortunately the mdadm.conf is empty and modified at the time of upgrade.
<Trebacz> Root entry is there for the primary hard drive, but for none of the mirrors root            (hd0,1)
<phaidros> Trebacz: irks
<phaidros> no idea how to detect an former software raid
<PhotoJim> you should still be able to reassemble the RAID, no?
<phaidros> Trebacz: mdadm --assemble --auto might be of help
<phaidros> but read the manpage!
<PhotoJim> especially if you can remember what devices were in the RAID.
<phaidros> afk, gtg.
<Trebacz> Will do -thanks for all your help
<Trebacz> Judging from what I'm reading I'll be very careful...
<twb> Trebacz: do you still have a correct partition table on each disk?
<twb> Trebacz: was it an md RAID1 or RAID5?
<Trebacz> I'm sure two of the disks were RAID1. The other two may have been striped RAID0.
<Trebacz> Not sure how to check the partition table on the drives, but only one is mounted. I'm assumming the other ones are just as they were before they were dropped from the array.
<twb> cfdisk /dev/sda
<twb> If it's a RAID1, you *can* mount the nodes directly (i.e. independent of the array), but shouldn't.
<Trebacz> Using cfdisk all 4 drives are identical and the file system is listed as Linux raid autodetect.
<twb> Good.
<twb> So you know where the nodes are and how big they are.
<twb> You only need to determine how many arrays there are, what level they are (RAID1, RAID0, etc.) and which nodes belong to which arrays.
<Trebacz> So I'm pretty sure the first array was RAID1 (partition SDA2 and SDB2) both are bootable.
<Trebacz> The second was RAID1 (partition SDA1 and SDB1) both not bootable.
<Trebacz> The third was SDC1 and SDD1 RAID0.
<twb> Then attempt to assemble those.
<Trebacz> Running mdadm --examine --brief --scan --config=partitions gave me:
<Trebacz> ARRAY /dev/md0 level=raid1 num-devices=2 UUID=ef93e149:63b87da5:2ae5e72e:eca9ce0b
<Trebacz> ARRAY /dev/md1 level=raid5 num-devices=4 UUID=52124232:55c69294:9e58b9e7:324a27fd
<Trebacz> ARRAY /dev/md2 level=raid0 num-devices=2 UUID=5f1fde30:e8b82ce2:aea75784:f4e5b623
<Trebacz> Do I interpret this as there was one RAID0, one RAID1, and a RAID5 utilizing four partitions?
<Trebacz> If I intreprete this correctly I may have had the boot partions RAID5 on all drives (SDA2,SDB2,SDC2,SDD2) RAID1 (SDA1 and SDB1) RAID0 (SDC1 and SDC2)
<sluimers> Hello, I'm trying  to setuo an e-mail server. I use dovecot and dovecot-postfix. Now when I try to send mail from my gmail account I don't see what happens.
<sluimers> errrmmm... nothing happens I mean
<sluimers> the e-mail gets send
<sluimers> but where it arrives is a mystery to me
<sluimers> I do not get a mail delivery failure though
<sluimers> Since I bought a domain, this is my setup:
<sluimers> A RECORD
<sluimers> @ my.ip.address.numbers
<sluimers> C RECORD
<sluimers> mail @
<sluimers> smtp @
<sluimers> email @
<sluimers> pop @
<sluimers> www @
<sluimers> MX (Mail Exchange)
<twb> Plonk (flood).
<sluimers> @ my.ip.address.numbers
<sluimers> plonk?
<sluimers> oh wait, the last one is: @ mail.mydomainnme.com no my ip address
<Taco24501> any one know ant thing about avantfax
<VK7HSE> if he had of hung around I could have help Taco24501 .... :-/
<uvirtbot> New bug: #370271 in mailman (main) "During dist upgrade from 8.10 to 9.04 with mailman got exit status 1" [Undecided,New] https://launchpad.net/bugs/370271
<_ruben> damn .. my home file server's system disk started doing the clicking-before-death rirtual
<ivoks> that's a 'hope you have a backup' song
<_ruben> i dont .. which aint such a big a deal anyways .. its "just" the system disk ;)
<_ruben> i have this odd effect on server i work with .. whenever i decide to upgrade or replace a server, it dies just before i get the replacement/upgrade in place :p
<XiXaQ> ivoks :)
<TeLLuS> Just got similar disk, turning readonly here.. Turned it off now, letting it rest for a day..
<XiXaQ> my 2.5" usb disk is singing the heavy metal version of the "hope you have a backup song", and loudly.
<aljosa> is it possible to setup eucalyptus on a laptop to create a development environment?
<mattt> aljosa: xen/kvm wouldn't be more suitable?
<aljosa> mattt: i'm working with amazon services so i need something local to test things before i upload to production. also it would be perfect when i don't have internet access
<AndroidData> i've got a question: is it possible to create a chroot jail which has its own users? it's own uids and gids with different access within the jail?
<uvirtbot> New bug: #369737 in php5 (main) "preg_replace_callback segfaults" [Undecided,Incomplete] https://launchpad.net/bugs/369737
<RoAkSoAx> ivoks, heya-!
<ivoks> RoAkSoAx: hi
<RoAkSoAx> how's it going
<ivoks> not so well
<ivoks> my ISP canceled my ADSL and phone line
<ivoks> without explanation or any form of information
<RoAkSoAx> oh that's awful... they do whatever they want whenever they want
<ivoks> and i can't talk with them till monday, since it's a holiday and they don't work till then
<RoAkSoAx> yeah
<ivoks> f...k as...ls
<RoAkSoAx> hahaha
<RoAkSoAx> that happens here a lot too and they always tell you "Opss we made a mistake..." or "It was a technical error you should have everything back in a few days"
<ivoks> i'm fine with errors
<ivoks> mistakes happen, and i would be stupid to get angry cause of that
<ivoks> it's their attitude that's wrong and will make me turn my back on them
<RoAkSoAx> ivoks, that's true... they should notify someone at least before doing something that affects the costumer...
<ivoks> an they shouldn't do anything like that 5 minutes before 4 day holiday season
<RoAkSoAx> yeah!!
<ivoks> now i'm uploading bacula source to ppa over umts :/
<ivoks> lame
<RoAkSoAx> here happens things like you lose internet connectivity after 6pm.. where all the sysadmins from the ISP go home.. so weird huh?? just after they go home...
<RoAkSoAx> hahaha
<RoAkSoAx> ivoks, btw... would you like to start discussing Linux-HA vs RHCS?
<ivoks> well, what we should discuss are features of both
<ivoks> i know what rhcs has to offer
<ivoks> but i haven't worked with linuxha for years
<ivoks> canwe setup clustered filesystem with linuxha?
<ivoks> i guess ocfs2 shouldn't be a problem; how about gfs2?
<RoAkSoAx> ivoks, yes.. of course
<ivoks> gfs2 works with linuxha?
<ivoks> are you 100% sure?
<ivoks> hm...
<ivoks> gfs2 should work with openais
<ivoks> and since linuxha now supports openais
<ivoks> !! that would be awsome
<ubottu> Error: I am only a bot, please don't think I'm intelligent :)
<RoAkSoAx> i don't think there'll be a problem ... i have not used GFS2.. let me browse some documentation...
<RoAkSoAx> ivoks, and actually.. Pacemaker support OpenAIS and Linux-HA
<ivoks> gfs2, unlike ocfs, depends on cluster infrastructure
<ivoks> right... pacemaker
<RoAkSoAx> ivoks, should we start a discussion in the ML?
<ivoks> http://www.mail-archive.com/pacemaker@clusterlabs.org/msg00074.html
<ivoks> GFS2 will eventually work with Pacemaker as well.
<ivoks> sure
<RoAkSoAx> btw... i do think we should also think about what's gonna happen with heartbeat and pacemaker in the repos, since right know, installing heartbeat  + pacemaker at the same time, will generate some conflicts
<ivoks> packaging will be much easier once we decide on all components
<ivoks> just ignore packaging problems now, since we could make them even bigger if we don't get idea right in the start
<RoAkSoAx> indeed, but currently, installing both heartbeat and pacemaker there are conflicts.. right know... you'll only are *allowed* to use pacemaker and openais if you isntall them from the repo's... since the heartbeat version on the repos is 2.1.4 and that version still has the CRM into it
<RoAkSoAx> ivoks, indeed. how will you like to proceed then?
<ivoks> RoAkSoAx: karmic development just started
<ivoks> RoAkSoAx: so, there's plenty of time to fix that...
<ivoks> what i see linux-ha is missing is quorum disk
<ivoks> that might be a deal breaker
<ivoks> how do we restore from split brain situations then?
<RoAkSoAx> ivoks, I do think that PaceMaker handles that now
<ivoks> oh... that would be great
<RoAkSoAx> ivoks, http://pastebin.ubuntu.com/162281/
<RoAkSoAx> ivoks, http://hg.clusterlabs.org/pacemaker/dev/file/tip/xml/crm-1.0.dtd
<ivoks> hm... that doesn't sound like quorum disk
<RoAkSoAx> ivoks, in the linux-ha timeline says that they added a: Added a membership/quorum subsystem (CCM)
<ivoks> quorum disk is a feature where you can take some block device which is accessibile from both machines in cluster
<ivoks> then we network link is broken between machines, they still know which one is most recent
<ivoks> and they don't kill each other
<ivoks> quorum is not remotly the same thing as quorum disk
<ivoks> without quorum disk, in two node cluster without network link, they'll just try to kill each other
<ivoks> that's quite important in virtualized enviroments
<uvirtbot> New bug: #349179 in cups (main) "Cannot print on network Windoze printer" [Undecided,Confirmed] https://launchpad.net/bugs/349179
<RoAkSoAx> ivoks, but wouldn't that be resolved with STONITH?
<RoAkSoAx> ivoks, or that will be only in case there's not a fencing device?
<ivoks> no
<ivoks> that's when you have network independent STONITH
<ivoks> what happens when both nodes in two-node cluster lose network connection?
<ivoks> they think the other node died
<ivoks> the problem is that both think the other one died
<ivoks> so they both try to stonith the other node
<RoAkSoAx> ivoks, yes
<ivoks> and you end up with both machines powered down
<ivoks> just cause of network failure
<RoAkSoAx> ivoks, something similar happened to me while doing my thesis.. but what heartbeat did was to restart heartbeat on both nodes
<RoAkSoAx> ivoks, and btw.. those are things that I actually want to experiment on "what will happen in the event of a network failure"... but because I lack of hardware resource i'll not do it just yet
<ivoks> i have one client which has network problems in his clustered environment
<ivoks> i don't know why and i can't fix it
<ivoks> but...
<ivoks> that's a two node cluster, and without quorum disk, rhcs just refuses to connect to the cluster
<ivoks> with quorum disk, those situations are irrelevant, cause it does everything for me
<ivoks> i guess we'll have to test how this works with heartbeat
<ivoks> i'll create a testing enviroment in my office
<RoAkSoAx> ivoks, ok awesome.. btw. i've also found this: http://www.linux-ha.org/QuorumServerGuide
<RoAkSoAx> unfortunately it will not be shipped in heartbeat 3
<ivoks> and it's a broken by design
<ivoks> if i would need 3rd machine for quorumd, why not have all three in cluster and avoid split-brain situation for ever :)
<ivoks> split brain can happen only in two-node cluster
<ivoks> well, it can happen in n-node cluster, but only when network switch dies, so then you'll have more to worry about than which one is master
<ivoks> well, rhcs is open source
<ivoks> i don't see why we shouldn't look at it and myabe create something for pacemaker
<RoAkSoAx> ivoks, indeed
<RoAkSoAx> ivoks, anyways.. instead of using quorum disk, why don't just use multiple communication paths?
<RoAkSoAx> it's unlikely that all the communication paths fail...
<ivoks> RoAkSoAx: now we are entering into the 'what will sysadmin do...'
<ivoks> we should provide something that doesn't require multiple network paths :)
<ivoks> quorum disk is ideal for that :)
<ivoks> i'm sure some will create full tolerant environment
<ivoks> and that's great
<ivoks> but most will not :)
<RoAkSoAx> ivoks, i see... btw... i've found this answer: "That heartbeat does not need a quorum disk is actually a _feature_, you know. " I don't know how much of this is true
<ivoks> hehe
<ivoks> there are cluster solutions, like microsoft which *require* quorum disk
<ivoks> there are cluster solutions, like heartbeat which don't have quorum disk
<ivoks> and there are cluster solutions, like rhcs that *offer*, but do not require quorum disk
<ivoks> i'd argue rhcs has the best approach on this one :)
<RoAkSoAx> ivoks, yes in case we're handling those scenarios you've mentioned above... and yes it seems that heartbeat/pacemaker don't have quorum disk support...
<ivoks> well, we will workout something ;)
<RoAkSoAx> ivoks, btw.. you have plenty of experience in HA Clustering :)
<ivoks> hehe :)
<ivoks> well, i have couple of clusters in production, so i had to investigate all options
<ivoks> RoAkSoAx: i don't think we should give up on pacemaker cause of quorum disk
<ivoks> i'm all for moving to pacemaker
<RoAkSoAx> ivoks, I don't either!! and yes.. my preference is still on heartbeat/pacemaker
<ivoks> we just have to know all disadvantages
<RoAkSoAx> indeed
<RoAkSoAx> ivoks, btw.. what's what you're going to talk about this subject in the UDS?
<ivoks> mail server, maybe clustering
<ivoks> and maybe even more :)
<ivoks> the biggest problem we have with clustering in ubuntu is that we praticly have only one supported architecture
<ivoks> and that's rhcs
<ivoks> now, there aren't many ubuntu rhcs users and that's visible in bugs
<ivoks> basicaly, only two people apear there and none of us knows rhcs that much to solve all situations
<ivoks> so, giving up on some featuers wouldn't be that bad, if we would have you and maybe more people to work on pacemaker in ubuntu
<ivoks> not that long ago, we had one ubuntu-server member that was very good with rhcs
<RoAkSoAx> ivoks, yeah... i see the problem.. and yes i've much more people working with linux-ha / pacemaker based clusters rather than rhcs
<ivoks> i'm sure there is
<ivoks> but you know, the guy that took care of rhcs in ubuntu is now one of leading rhcs developers... so, at that time that was great deal :)
<RoAkSoAx> ivoks, indeed.. but having rchs without someone to maintain it, is useless
<ivoks> i agree
<ivoks> that's why i wanted to propose move to linux-ha/pacemaker
<RoAkSoAx> ivoks, you should do that.. since i'm not attending the UDS?
<ivoks> i will
<ivoks> you could also attend discussion
<ivoks> over irc or gobby
<RoAkSoAx> i will be there to support you :)
<ivoks> :)
<RoAkSoAx> ivoks, btw... you are going to be my motu mentor right ?
<ivoks> i just have to figure out all the details of pacemaker before proposing that :D
<ivoks> RoAkSoAx: yes
<RoAkSoAx> ivoks, awesome!! i relly look forward to start working on it
<ivoks> me too
<ivoks> i have couple of production clusters and it scares me that it's on rhcs with a blury future in ubuntu :)
<RoAkSoAx> ivoks, unless someone with a lot of experience in rhcs would like to maintain it
<RoAkSoAx> which i do think it's very unlikely
<ivoks> we will see :)
<ivoks> does pacemaker support lots of stonith devices?
<RoAkSoAx> i do think that fully supporting one cluster stack is the best thing to do... and having the other one in the repos
<RoAkSoAx> s/and/while
<ivoks> i agree
<ivoks> qood question on ml; hopefully we will get some feedback
<RoAkSoAx> ivoks, yeah... we'll need anyone who uses linux-ha/pacemaker and rhcs to give us feedback.. since we could learn lots from other people before having to start testing ourselves
<ivoks> hm
<ivoks> good news
<ivoks> http://lists.fedoraproject.org/pipermail/fedora-server-list/2009-January/000071.html
<ivoks> all our
<ivoks> stacks (Novell - pacemaker, Oracle - ocfs2-tools and Red Hat cluster)
<ivoks> will converge into one, killing the whole decision problem at the root.
<ivoks> that's why pacemaker supports openais
<ivoks> and rhcs had some big changes in 3.x series
<RoAkSoAx> let's see
<ivoks> Fabio was the guy i was talking about
<ivoks> s/was/is/
<RoAkSoAx> ivoks, that's awesome!
<RoAkSoAx> so now we'll have heartbeat/pacemaker and pacemaker/openais that will actually become rhcs right?
<ivoks> well, they should all merge into one, i guess
<jbernard> RoAkSoAx, ivoks: i'd be happy to help out if you need it, i work with linux in enterprise environments and HA solutions fairly regularly, is there a roadmap or wiki page i can use to come up to speed?
<ivoks> we should include ubuntu into this process
<ivoks> jbernard: we are just starting :)
<ivoks> jbernard: there's ubuntu-ha team
<RoAkSoAx> jbernard, https://launchpad.net/~ubuntu-ha
<jbernard> ill check that out, what are the immediate goals?
<ivoks> create ubuntu cluster stack
<jbernard> we'll use rhcs as the base?
<ivoks> for start, we have to decide which architecture to use
<ivoks> jbernard: rhcs or pacemaker
<ivoks> jbernard: what do you use?
<jbernard> ivoks: architecture?
<ivoks> red hat cluster suite or linux-ha?
<jbernard> ivoks: i have more experience with linux-ha
<RoAkSoAx> jbernard, we are leaning towards it too
<RoAkSoAx> btw i've just created the wikipage: https://wiki.ubuntu.com/UbuntuHighAvailabilityTeam
<RoAkSoAx> we can start putting some ideas into it
<RoAkSoAx> and creating a roadmap
<jbernard> i think that's a great idea
<ivoks> we should also be aware of the fact that there's a process of merging them all into one
<ivoks> and we should, as ubuntu-ha, get involved in that
<RoAkSoAx> indeed
<jbernard> ivoks: you mean an existing effort to merge them?
<ivoks> jbernard: yes
<RoAkSoAx> jbernard, http://lists.fedoraproject.org/pipermail/fedora-server-list/2009-January/000071.html take a look at the end of the post
<ivoks> the fact that pacemaker supports openais is one step
<ivoks> you can already have parts of linux-ha (pacemaker), rhcs (openais) and ocfs2 (ocfs2-tools) working as one stack
<jbernard> ahh, so we could become involved in that collaborative effort
<ivoks> right :)
<RoAkSoAx> what we'll need to find out is if they are considering linux-ha (heartbeat specifically) into this merging process
<jbernard> i would think we would have to have heartbeat, or some replacement to provide a complete stack
<ivoks> anyway... going offline
<ivoks> take care
<RoAkSoAx> see ya ivoks
<RoAkSoAx> jbernard, yeah... i do think that this merge process is only considering pacemaker  with openais
<RoAkSoAx> and not heartbeat
<jbernard> ill go through the list threads and see what i can gather
<jbernard> and put it up on the wiki page
<RoAkSoAx> awesome
<RoAkSoAx> well i'm off too see ya jbernard
<oruwork> i followed this to install oracle xe, not sure how to uninstall it http://www.cyberciti.biz/faq/howto-install-linux-oracle-database-xe-server/
<a|wen> oruwork: it looks to be a package you installed ... sudo aptitude uninstall oracle-xe should do the trick
<oruwork> a|wen-> yup that worked, how can i undo the swap space ?
<a|wen> oruwork: instead of swapon you use swapoff on the file
<a|wen> if that goes good, you should be able to delete the file
<oruwork> a|wen-> nope:( says invalid file
<oruwork> swapoff didnt work
<oruwork> swapoff: /swpfs1: Invalid argument
<oruwork> oh wait, system was restarted so might be able to just delete it ?
<a|wen> oruwork: does "swapon -s" list the file?
<a|wen> oruwork: if not you can just delete it
<oruwork> invalid option -- 's'
<a|wen> oruwork: you need a dash before s
<oruwork> yup
<oruwork> only lists the real swap
<a|wen> oruwork: then let go of the file
<oruwork> nice ....
<oruwork> thanx man
<a|wen> :)
<ClaytonG> Hi, I'm new to using ubuntu(previously using rhel4) and just set up a new server.  I'm attempting to integrate it into my backup software which requires a inetd(or xinetd) to be running on the server to be backed up.  Any recommendations to use on ubuntu 9.0.4?
<a|wen> ClaytonG: you probably want to start by installing "xinetd" in that case
<ClaytonG> Thanks for the tip :)
<Hancok> i just purchased a domain on godaddy.com and set the names servers to n1.atspace.com  . a hosting site that iam using with a free hosting account to test. now i got back to godaddy.com and its has disabled the option of 'total dns control' as says. 'site hosted elsewhere'   i want to  make an 'A' record for irc.mydomain.com as iam planning to run an ircd. any help?
<PhotoJim> Hancok: unfortunately that's really an issue with godaddy, so it's out of the scope of this channel.  I host my own DNS so I can't offer any advice.
<a|wen> Hancok: as PhotoJim says it is a bit out of scope ... but as you now use atspace.com for your DNS hosting, that is where you need to get it changed
<IvanCostaJr> Hi, guys.
<a|wen> hello there
<IvanCostaJr> I'm with permission problem with /var/www/webpages. Does anyone know about apache2 configuration?
<a|wen> IvanCostaJr: just try to ask your real question ... then people can determine if they know the answer
<IvanCostaJr> Thanks, a|wen! How can I gave access to webpages (localized in "/var/www/name_of_webpage") with apache2?
<a|wen> IvanCostaJr: with the default installation it should just be http://localhost/name_of_webpage
<IvanCostaJr> Yes, I know that... But when I try to access, Apache respond access dened. And in the /var/log/apache2/error.log is writen "(13) Permission denied: access to /name_of_web/index.php denied"
<IvanCostaJr> a|wen: I need to have permission to read and write to those websites
<a|wen> IvanCostaJr: what is owner/permissions of that file?
<Hancok>  http://img206.imageshack.us/img206/19/29972958.jpg    where do i put irc.mydomain.com    (that points to the dyndns address given to me. e.g  eg.dyndns.com) that makes irc.eg.dyndns.com
<IvanCostaJr> The owner is root.root and the permission is 755.
<IvanCostaJr> a|wen: I looked now in /etc/groups and there is a "www-data". The Ubuntu have a user called www-data.
<IvanCostaJr> What's the Apache's user?
<a|wen> IvanCostaJr: it should be okay for accessing the file with those permissions ... try checking your 000default permissions
<a|wen> IvanCostaJr: you probably have an allow/deny rule somewhere that denies the access
<IvanCostaJr> I'm going to check now.
<IvanCostaJr> a|wen: do you know if the apache server users a real "user" to access and manipilate the pages?
<a|wen> IvanCostaJr: the apache process runs as www-data
<IvanCostaJr> Ok!! "It's works!".
<a|wen> :P :)
<Vog-work> Ok I got a funny sys admin problem.... I have a large (5 gb) compressed file that when I attempt to uncompress it  (to 26 gb) I get a file size limit exceeded error. I did a ulimit -a and I basicallu have a file size limit  that is unlimited.  Am I running into some other limitation with gunzip?
<a|wen> Vog-work: which file-system do you try to uncompress it on?
<Vog-work> ext3
<Vog-work> sorry linux lvm
<a|wen> Vog-work: and what is your block-size?
<Vog-work> I have 144g  open
<a|wen> Vog-work: sudo tune2fs -l /dev/<whatever>
<a|wen> and check "block size"
<Vog-work> 1024
<a|wen> Vog-work: then your file-size limit is 16G
<Vog-work> Method for increasing that?
<oruwork> how to unzip a .zip file ?
<a|wen> Vog-work: i'm not 110% sure, but i think it is pretty static after the filesystem is created
<Vog-work> shit....
<Vog-work> oke... looks like I'm going to ftp to another box and uncompress and send it back uncompressed...
<Vog-work> thx for the help alwen
<a|wen> Vog-work: well if one of the files is more than 16G (it looks like it) then you're in trouble anyway
<a|wen> oruwork: install "unzip"
<Vog-work> Yeah, I was sent this file from a remote site. I'm going to get them to split up the directories..
<a|wen> it is quite a large file in any case
<Vog-work> Yeah, I htink it is a database.
<a|wen> Vog-work: if you get the chance to make a new ext3 system with 4kb blocks, the limit will increase to 2TB
<Vog-work> a|wen: I think it was setup that was dur to the RAID system it was on. I'm not the primary admin on this system. Just filling in for someone on vacation.
<a|wen> Vog-work: the "good" position ... make things work; but please don't change anything
<Vog-work> Yep
<oruwork> what is the default chmod for all files ?
<oruwork> how can i make a directory and all files in it writable ?
<henriquelm> hello there
<oruwork> is there a way to find out what group apache2 server belongs to ?
<genii> www-data
<blime> http://pastebin.com/d2f58693e  <-- 30 line configuration from name-based virtual host configuration file in sites-available/
<blime> Was wondering if there are any security issues in the configuration.
<andol> What do we think about bug #370445? Is it a bug or not?
<uvirtbot> Launchpad bug 370445 in mysql-dfsg-5.1 "MySQL-server-5.1 indirectly installs postfix" [Undecided,Incomplete] https://launchpad.net/bugs/370445
<genii> If I had some other mta I'd be slightly (if not more) upset if postfix got installed as some dep
<andol> genii: No, no, the recommendation from bsd-mailx is postfix, or other mta. In other words it won't install postfix if you already have another mta installed.
<andol> (At least it shouldn't. If it does, then that definetly is a bug)
<a|wen> andol: it doesn't (i have the exim mta-thingy and that makes it happy enough)
<uvirtbot> New bug: #370542 in apache2 (main) "Accessing http://localhost gives without reason a 403 Forbidden error page" [Undecided,New] https://launchpad.net/bugs/370542
<netdur> perhaps am doing something stupid, I have installed php5 and apache2, I browse to .php but instead of normal "executing php script", firefox try to download the page (which the php file with source)
<a|wen> netdur: you probably want libapache2-mod-php5
<netdur> a|wen: it is installed
<andol> netdur: You might have to restart apache2 sometimes for those changes to take effect. Also, firefox might cache some responses, so restart you'r web browser never hurts.
<a|wen> restart (or at least reload) is needed
<netdur> thanks guys
<andol> netdur: worked?
<netdur> andol: yes, restarted apache and worked just fine
<andol> netdur: Great. Sometimes apt, depending on the packages, will restart apache automaticlly if concidered needed, but not always.
<andol> netdur: In other words, if possible, a restart or a reload of apache never hurts when you've done some changes to the system.
<netdur> andol: thank you
<simplexio> May  2 00:46:44 4tune smbd[17803]: Mount of private directory return code [256]
<simplexio> and samba mount fails
<TimReichhart> hey guys I need to know how to repoint my domain name for email server do I point it to my ip address or to this mail.kustomjs.com
<alice583> is ubuntu server appropriate for high load web servers or is it not secure enough for that?
<TimReichhart> join #postfix
<andol> alice583: Well, do you concider wikipedia as high load web servers?
<simplexio> like anny server its good as its admin is
<alice583> andol, yes
<alice583> andol, wikipedia runs on ubuntu server?
<andol> alice583: http://arstechnica.com/open-source/news/2008/10/wikipedia-adopts-ubuntu-for-its-server-infrastructure.ars
<andol> Besides that, I'd tend to somewhat agree with simplexio.
<alice583> yeah. makes sense. except that I heard that ubuntu tends to have many more exploitable bugs than other servers, but I guess this may have just been mindless bashing by someone with no clue.
<ScottK> alice583: It's mindless bashing.
<andol> alice583: Well, on that area I wouldn' say that there is too much diffrence between diffrent Linux distributions. After all, it is basically the same software. Following a bunch of announce- lists I would say security fixes get commit about the same, on average.
<andol> alice583: Of course, if you run the latest Ubuntu or Fedora you won't get as well tested software as if you run an older LTS version of Ubuntu, or CentOS/RHEL for that matter.
<ScottK> Ubuntu has gone to some trouble to compile with hardening options that make it more difficult to exploit some classes of issue.
<ScottK> issue/issues
<alice583> so, you would recommend using an older LTS version like 8.04 instead of 9.04?
<andol> alice583: Unless there is some specific feauture/version you need is 8.10 or 9.04, yes.
<simplexio> and actually what actually means something is not how much bugs/exploits systems has, its how you prepared to them and what you do when shit hits the fan, as it does sooner or later
<andol> simplexio: You have to stop saying things I agree completly with :-)
<alice583> "as it does sooner or later"... you'd think that as long as wikipedia or twitter or whatever stays online it has not been exploited (of course, a naive assumption)... do such services get hacked from time to time (in the sense of, someone malicious gets root access), and the only reason they're still alive is because they make frequent backups and hash passwords (instead of storing them in plain text), and similar things?
#ubuntu-server 2009-05-02
<kees> I recommend staying on latest ubuntu, but then I like all the toolchain hardening that started in 8.10.  :)
<andol> kees: What version of Ubuntu does www.ubuntu.com run on? :-)
<kees> andol: I actually don't know.  :P
<PlaneCrazy1> hello
<andol> kees: Well, the netcraft respons does suggest an Ubuntu 8.04 :P
<alice583> btw, does ubuntu server support mandatory access control similar to that found in selinux? and if not by default, is it possible to install that later on?
<PlaneCrazy1> has anyone had any experience installing Wolfenstien: ET on Linux 9.04 server???
<sbeattie> alice583: apparmor is available by default, and selinux is available in the archive.
<andol> alice583: There is a gradualy improving support for MAC using Apparmor.
<infinity> andol: Pretty much the entire Canonical DC runs on LTS releases.
<andol> Yet, I'd say RHEL/CentOS have come a bit further with the selinux deployment.
<andol> s/the/their/
<PlaneCrazy1> has anyone had any experience installing Wolfenstien: ET on Linux 9.04 64 server???
<PlaneCrazy1> I have tried to install and keep getting this error message:
<PlaneCrazy1> I have tried to install and keep getting this error message: ./setup.sh: 278: /home/username/. setup 2723: not found
<PlaneCrazy1> wow 176 people in the room and no one answers?!?!
<PlaneCrazy1> cool
<TimReichhart> could anybody help me out I have a webserver and mail server  my problem is they are on 2 different servers with 2 different ip addresses how would I get the subdomain to work
<TimReichhart> anybody?
<alice583> what commands would I use to update my server and keep it patched with all the latest updates?
<TimReichhart> its apt-get update and apt-get upgrade
<uvirtbot> New bug: #370445 in mysql-dfsg-5.1 (universe) "MySQL-server-5.1 indirectly installs postfix" [Undecided,Incomplete] https://launchpad.net/bugs/370445
<matt> Hi, I am wondering how to give the sox package mp3 encoding support.  I installed the sox and lame packages, but sox still cannot encode mp3 files.
<mikegriffin> any chance that i can use php-apc.deb on hardy? its not in apt
<TimReichhart> can I have 2 different servers with 2 different internal ip addresses?  like one for webserver and other one for mail server?
<TimReichhart> both using virtual hosting?
<mikegriffin> TimReichhart: not sure what you are asking really
<TimReichhart> ok how would I get 2 servers to work on one domain but they are on 2 seprate internal ip addresses
<TimReichhart> lets say my webserver is on ip of 192.168.20.5 and my mail server is on 192.168.30.196  how would I get both of them to work as one for one domain
<mikegriffin> define work as one
<TimReichhart> well I just said
<TimReichhart> get 2 server to work on one domain
<TimReichhart> servers*
<TimReichhart> is there some kind of virtual hosting I need to setup on both machines
<TimReichhart> ok i guess nobody knows
<mikegriffin> i am really struggling to understand what you mean
<mikegriffin> it sounds like you aren't really sure what you are trying to achieve
<TimReichhart> yes I do know what im trying to achieve
<mikegriffin> are you hoping to have both servers respond to http requests?
<TimReichhart> no
<mikegriffin> what are you solving for?
<TimReichhart> ok i will explain
<TimReichhart> i have 2 servers doing to different things for one domain    I want one server doing the email and the other one doing the website but they are on 2 different machines with 2 different internal ip addresses
<TimReichhart> i know you can do that
<foxbuntu> TimReichhart, you just need to change your ip schema on your network to a 16 bit (or class b) network to support your goal
<mikegriffin> foxbuntu: not necessarily
<TimReichhart> yea that is what i was thinking
<mikegriffin> TimReichhart: can you ping one from the other?
<foxbuntu> mikegriffin, no it can be done with routing as well
<TimReichhart> well I was able to ping to both of them
<TimReichhart> I can ping all machines on my network
<foxbuntu> mikegriffin, but using a 16 bit subnet is usually the easiest vs static routes
<mikegriffin> a static route is completely unrelated as is routing subnets, etc if the hosts can currently ping each other
<mikegriffin> its just a matter of configuring a smart host and mx
<foxbuntu> mikegriffin, agreed, I didnt see that until after my previous statement
<TimReichhart> but how would I do the mx then?
<mikegriffin> foxbuntu: this is why i was asking for clarification instead of goose chasing
<mikegriffin> TimReichhart: both servers running postfix? does an mx record exist currently?
 * foxbuntu goes away to do something else
<mikegriffin> foxbuntu: sorry didnt mean to be rude
<TimReichhart> no only one machine is doing the postfix
<mikegriffin> TimReichhart: with the terms mx and smarthost, you have everything you need to research this or ask your provider
<mikegriffin> if you have a specific question shoot
<TimReichhart> not much help here
<pmatulis> boggles
<TimReichhart> so would I need to setup virutal hosting on my mail server
<mikegriffin> TimReichhart: are you kidding me?
<TimReichhart> no im not kidding you
<mikegriffin> pmatulis: your turn
<pmatulis> nah, way too tired
<mikegriffin> pmatulis: any help for me?
<TimReichhart> so your telling me there is noway I can do this then
<mikegriffin> tried to get php-apc on hardy, tried hardy-backports
<mikegriffin> TimReichhart: no, its quite easy to configure
<TimReichhart> i dont see how its easy
<pmatulis> mikegriffin: fewer words is best
<uvirtbot> New bug: #370655 in samba (main) "package samba 2:3.3.2-1ubuntu3 failed to install/upgrade: package samba is already installed and configured" [Undecided,New] https://launchpad.net/bugs/370655
<TimReichhart> so can i setup a virutal host on my email server then
<mikegriffin> TimReichhart: do you know what 'smart host' means?
<TimReichhart> not really please explain mike
<mikegriffin> no
<TimReichhart> alright
<TimReichhart> then whats the use of telling me about it if you cant explain it
<mikegriffin> i gave pretty good advice i thought. do you not have a hosting provider that helps you with this sort of thing?
<TimReichhart> i got crappy godaddy
<TimReichhart> and i am hosting the sites on my own servers
<mikegriffin> TimReichhart: so you want to have all mail handled by the second server, not the webserver
<TimReichhart> that is correct
<mikegriffin> what do you hope to accomplish by doing that?
<TimReichhart> all i wanted to do to see how this all works because i know isp's do this
<TimReichhart> is there a problem doing that?
<mikegriffin> by making changes that you do not understand, you introduce complexities that make debugging harder perhaps
<TimReichhart> you probley come back saying that is stupid
<mikegriffin> no, it can make sense to have a different server handle mail
<mikegriffin> but it does not always make sense to do so
<TimReichhart> alright
<ar> Hey guys
<ar> if your home directory name changes to some wierd name does that mean Ive been hacked?
<genii> Could be filesystem corruption
<jmarsden> ar: I'd say either (a) you did it, (b) someone else with appropriate authority did it, (c) a hardware or software problem mangled the filesystem... or (d) you got hacked.
<jmarsden> Did its name change in /etc/passwd and in the actual filesystem?
<genii> Also is it /home got renamed or /homename
<genii> Rather /home/somename
<genii> Could be /home is mounted on wrong partition also. Had this happen before
<mpathy> Hi there.. I have a general question because I am set up a Ubuntu-Server now.. I have 4 GB of RAM so I think about using the 64bit version.. Are ALL server specific packages are also available as 64bit packages or only a subset? If last one is yes, what percentage is available?
<jmarsden> mpathy: As far as I know, all server-related packages in Ubuntu itself are available for amd64; there may be some commercial software for Ubuntu that is not, though.  For Ubuntu software in main and universe, the answer really should be 100%.
<mpathy> Okay.. So would you suggest to use a 64bit installation, when I have 4 GB of RAM on a AMD Athlon 64 X2 5600+ Dual Core? It is some kind of 50:50 if I should do or not, in my opinion, so I wanted to ask someone more experienced..
<mpathy> jmarsden: What do you think about that?
<jmarsden> It's probably fine to use 64bit on that machine.  I run 64bit here on Intel E5200 with 8Gb RAM (several of virtual machines!)
<mpathy> jmarsden: You said for main and universe 100% - is there a possibilty to easily compare this also for multiverse?
<jmarsden> You can look; I just have no experience with multiverse.
<jmarsden> What is there in multiverse that you are expecting to use on your server?
<mpathy> jmarsden: Okay, but do you think there is a big speed difference between 32bit and 64bit with server specs?
<jmarsden> No, very little difference.
<mpathy> jmarsden: Perhaps some additional tools for sieve, or something
<mpathy> jmarsden: Okay then to being on the secure side I stay with 32bit :) THANKS :)
<jmarsden> No problem.
<jay3> ok I am here chalcedony
 * chalcedony smiles
<chalcedony> jay3: ask :)
<jay3> ok
<jay3> Yes I was wondering with the new ubuntu server does it automatically install amazon clud and if so is there any way a person can uninstall it?
<jay3> clud=cloud
<jay3> ok
<jay3> ubuntu
<uvirtbot> New bug: #370784 in openldap (main) "cn=config is not documented in README.Debian" [Undecided,New] https://launchpad.net/bugs/370784
<mpathy> Hi There.. How big can a /boot get on a Ubuntu Server? Is 256 MB sufficient or is 512 MB more secure?
<mib_l6ub2tbm> hey guys
<dantalizing> morning mib_l6ub2tbm
<mib_l6ub2tbm> my server will not pickup an ip address from my router
<mib_l6ub2tbm> i want to give it dynamic ip address
<mib_l6ub2tbm> anyone
<IvanCosta> Hi
<IvanCosta> I installed Apache2 and configure some web (for intranet only) and when I use "a2dissite name_of_site" the site still available in "http://machine_ip/name_of_site". Is it normal?
<maxb> IvanCosta: Did you restart apache?
<IvanCosta> Maxb: yes.
<IvanCosta> I don't understand that
<IvanCosta> Maxb: The webpages are in the "/etc/www/name_of_web". Until now, I used only one webpage with openSUSE and Apache. I didn't use enable control because is only one webpage. But now, I use Ubuntu Server and I need to use many webages (just for intranet).
<IvanCosta> Maxb: So, I have to enable and disable one or other to do some changes. How can I do this?
<maxb> I'm afraid I don't completely understand what you're saying
<maxb> Perhaps you are misusing the word "webpage" when you actually mean "website" or "virtual host" ?
<maxb> Also I have no idea what you mean by "I didn't use enable control"
<IvanCosta> Maxb: I'm sorry about the terms, I'm newbie in Apache. Until last week, I was use one server with Apache2 (in openSUSE) with a wiki inside (just for me and other computers in my house). So, I installed Apache and put the wiki folder in /htdocs and it worked!
<IvanCosta> Maxb: Now, I make another webpages, in php, and I wan't to do the same processes, but I decided to use Ubuntu Server. I installed Apache2 and made some configuration in /etc/apache2/sites-available/name_of_site. I have just one server for 5 websites (just for intranet). Is this "websites" or "virtualhosts"?
<maxb> Virtualhosts are when you have http://something.mydomain.tld/ and http://somethingelse.mydomain.tld/ be different websites but served from the same server
<maxb> If you find the 'sites' configuration infrastructure added by Debian/Ubuntu to be unwanted complication, you don't have to use it
<IvanCosta> Maxb: I normaly use http://server_ip/name_of_the_folder_site to access.
<IvanCosta> Maxb: How can I do to make the access like you said (http://something.mydoman/), but just for intranet?
<maxb> What do you mean, just for intranet?
<IvanCosta> I have six computers in my house (one more for samba-apache server). The Apache2 webpages is only to use with this computer. The "sites" isn't registred in www.
<beawesomeinstead> does anyone know hot to propagate /etc/environment changes without reboot?
<beawesomeinstead> *how
<pace_t_zulu> beawesomeinstead: have you read https://help.ubuntu.com/community/EnvironmentVariables
<pace_t_zulu> ?
<mac9416> Hey, ya'll! When installing 8.10 server in expert mode, I get to Installing additional components, about 24% in and all a sudden the screen goes to blinking black/white fitfully. After about 30-40min. I see a screen lined with "failed" down the left side. :-(
<mac9416> I did the disc-checker-thinger successfully.
<jmarsden> mac9416: (a) Try using the normal (non-expert) install? (b) Try 9.04 server instead?
<mac9416> I can't really try 9.04 yet. I will try the Normal mode, though.
<wizardslovak> hello people
<wizardslovak> i need help with partitioning
<mac9416> Go ahead, wizardslovak.
<wizardslovak> well i am about to install server with LAMP as my study server
<wizardslovak> right now i want to partition disk
<mac9416> BRB...
<mac9416> Don't go away.
<wizardslovak> but problem is i dont really know how many gbs i should use fo what lets say Swap,/,bott and home
<wizardslovak> ok
<wizardslovak> so till you come ill write what i have so far
<wizardslovak> its 80gb hard disk and i primary is 79.3 logical (swap) 756
<wizardslovak> all of this partitioning system did
<pmatulis> wizardslovak: swap = 2 x RAM, but more than 2 GB is usually wasteful
<wizardslovak> so 1024
<wizardslovak> should be good
<pmatulis> wizardslovak: what will your server be doing?
<pmatulis> wizardslovak: LAMP only?
<wizardslovak> its test server for LAN
<wizardslovak> i just want to learn servers
<wizardslovak> i am noob to it tho
<pmatulis> wizardslovak: so 1 GB swap is plenty
<wizardslovak> for now i want to be able to host web site
<wizardslovak> with some storage for files
<wizardslovak> and mysql
<wizardslovak> so far i have 79.3 for /
<wizardslovak> and 756 for swap
<pmatulis> wizardslovak: 79.3 GB?
<wizardslovak> yes , default system partition
<wizardslovak> swap is logical or primary?
<pmatulis> wizardslovak: if you have only 2 partitions (/ and swap) then make swap be primary
<wizardslovak> how  many partitions i need ?? is 2 enough?
<wizardslovak> i want to do my own partitioning
<pmatulis> wizardslovak: for you, yes.  in a real setting you would almost always set up a partition for /home and /tmp
<wizardslovak> well real setting? lets do that
<pmatulis> wizardslovak: then set up /, /tmp, swap, and /home
<wizardslovak> ok
<wizardslovak> so swap 1024mb primary?
<pmatulis> wizardslovak: /tmp (512 MB), swap (1 GB), /home (50 GB), and / (the rest).  calculate / in advance and beging by creating it
<wizardslovak> all of them as primary partitions?
<pmatulis> wizardslovak: or just put 20 GB for /, 1 GB for swap, 512 MB for /tmp, and /home will take the rest
<pmatulis> wizardslovak: sure, you get four of them
<wizardslovak> ok give me sec
 * pmatulis goes to do something else, will be back in 30
<JoeliousCeasar> Sorry, wizard, do you still need help partitioning?
<mac94163> I reckon that looked a little funny.
<mac94163> The benifits of having too many accounts.
<mac94163> And now I get a charming little "3" on the end of my name.
<wizardslovak> well partitioning is done hehe
<wizardslovak> still hang on i will have more questions
<mac94163> Okee-dokee will do.
<wizardslovak> shoul i install LAMP by intalation or manually install it later?
<JoeliousCeasar> My wireless internet signal is perfectly atrocious.
<wizardslovak> lol
<wizardslovak> i never couldnt make my audio and wireless work tho
<mac941621> Whoever I am. :-P
<wizardslovak> so i just left it as it is
<wizardslovak> on desktop pc i did , however on laptop i couldnt
<wizardslovak> right now server is installing
<mac941621> Cool
<wizardslovak> i am happy for it too
<wizardslovak> ok
<wizardslovak> so right now i have choice of installing LAMP '
<wizardslovak> should i install it now or later?
<wizardslovak> whats openssh server?
<JoeliousCeasar> Stupid wireless.
<JoeliousCeasar> I'll just keep this nick for now.
<JoeliousCeasar> :-P
<JoeliousCeasar> So, you're about to install LAMP?
<wizardslovak> yes
<wizardslovak> it asks me if i want to do it now
<wizardslovak> should i do it or install it manually later?
<JoeliousCeasar> I would do it now, but it's your call.
<wizardslovak> well i am noob in it so i am asking pros lol
<JoeliousCeasar> I'm certainly not a apro, but I think installing now is about the same as later. I'd go for it.
<wizardslovak> well i did LAMP and Samba
<wizardslovak> so another question
<wizardslovak> question is how will i be able to connect to server tru LAN??
<wizardslovak> i will set up server and let it be by itself
<wizardslovak> so i want to be able to install and maintin server from my laptop
<JoeliousCeasar> OK, you will want to use a thing called SSH.
<wizardslovak> so i should install that openssh?
<wizardslovak> did u ever done it??
<JoeliousCeasar> The SSH server comes with Ubuntu Server, I believe.
<JoeliousCeasar> Yup, actually have.
<wizardslovak> if yes i will need help  how to install and connect to it
<JoeliousCeasar> :-D-
<wizardslovak> damn i didnt
<JoeliousCeasar> I believe the SSH client is shipped with the normal Ubuntu (your laptop)
<wizardslovak> lol my laptop didnt come with kubuntu preintslled
<wizardslovak> i did it myself
<JoeliousCeasar> Yeah, that's cool, the SSH client should be on there.
<wizardslovak> lol so installation finished but i got an error
<wizardslovak> GRUB loading error 18?!
<JoeliousCeasar> Crud, what was it?
<JoeliousCeasar> Oh, I think that's easy to fix.
<JoeliousCeasar> Hold on...
<wizardslovak> ok
<JoeliousCeasar> http://wiki.linuxquestions.org/wiki/GRUB#Error_18
<JoeliousCeasar> Try that...
<JoeliousCeasar> Let me try something a little more pithy...
<JoeliousCeasar> "You've run into the BIOS cylinder limit. This is most probably an older machine with a newer disk... In any case, you have to set things up so that the grub first stage is below the BIOS limit."
<JoeliousCeasar> http://ubuntuforums.org/archive/index.php/t-77042.html
<JoeliousCeasar> I looked to that thread the very firat time I installed Ubuntu on a computer.
<JoeliousCeasar> A 2g hard drive. :-D
<wizardslovak> so i gotta go to bios and fix what?
<JoeliousCeasar> "The easiset way is to create a small 'boot' partition (only a few meg needed) at the beginning of the disk.
<JoeliousCeasar> If you have a DOS (FAT16 or FAT32) partition on at the beginning of your disk, you can actually use that to install your boot data in -- just specify that partition as your boot partition (/boot), and remember to set it so that the partition is NOT formatted (i'm presuming you don't want to lose your Windows data -- if you do, then you'd probably be better off to reformat the partition to ext3 than leave it as FAT)
<JoeliousCeasar> "
<JoeliousCeasar> Um...
<JoeliousCeasar> Wait a min...
<wizardslovak> i dont have no dual boot
<wizardslovak> this machine will be linux only
<JoeliousCeasar> Right. Is your HD very old?
<wizardslovak> they are (pc and hd) same age
<wizardslovak> actually they come together
<JoeliousCeasar> Is the computer very old?
<wizardslovak> yes 7 years
<wizardslovak> its old dell dimension 2400
<JoeliousCeasar> Hmmm. Try setting the HD mode to LBA in the BIOS.
<JoeliousCeasar> lol
<wizardslovak> i dont see it nowhere
<mac9416> You're in the BIOS?
<wizardslovak> yes
<mac9416> OK, go to the first option ( top left) in the BIOS.
<mac9416> (I haven't done this for awhile)
<mac9416> I believe you will see a list of drives.
<wizardslovak> drive configiration?
<mac9416> I think. Maybe.
<mac9416> Do you see anything that says "mode"
<mac9416> Maybe a column in a table of drives.
<mac9416> ?
<wizardslovak> no
<mac9416> Hmmm. I wish I had an extra computer beside me...
<wizardslovak> hmmm
<wizardslovak> so i quess i wont be able to have server on this old crap
<mac9416> Just a sec...
<mac9416> Now hang with me, I've installed Ubuntu on what has to be the oldest computer in the county....
<wizardslovak> lol
<wizardslovak> ok
<mac9416> In the BIOS, what info is at the top of the screen...
<mac9416> Should be BIOS info name/version etc.
<wizardslovak> bios version A03
<mac9416> "Award" BIOS?
<wizardslovak> it doesnt say only a03
<mac9416> OK...
<mac9416> I'm looking at screenshots, trying to refresh my memory.
<mac9416> OK, go to standard CMOS features...
<wizardslovak> give me sec
<IvanCosta> Hi, guys.
<mac9416> Hiya
<IvanCosta> How can I test the mysql port?
<mac9416> Heavens, IDK.
<IvanCosta> My MySql is working but I can't access from other computers...
<wizardslovak> lol
<wizardslovak> mac9416:  i changed my jumper to master ANd it works now lol
<mac9416> wizardslovak, hehe, I am a dummy.
<wizardslovak> lol i just found it on ubuntuforums heheh
<mac9416> Master w/slave present (cdrom)?
<wizardslovak> ok now i am logg on to my new server
<wizardslovak> hd master cdrom master
<mac9416> Cool.
<wizardslovak> hihi so how should i check/imnstall ssh?
<mac9416> Just a min...
<wizardslovak> should i get gui for server?? i mean i will use it as standalone server and point is to learn command lol
<mac9416> OK, try "sudo apt-get install openssh-server"
<mac9416> A GUI isn't necessary...
<mac9416> But it could be nice.
<wizardslovak> ok so i have openssh installed
<wizardslovak> it would be lol
<mac9416> Alright, hold on...
<mac9416> OK, what kind of network connection do you have between your laptop and your server?
<wizardslovak> if laptop in on linux its LAN if on windows its wireless , server will be connected with Cat5e enthernet cable to the router
<wizardslovak> router runs dd-wrt
<pace_t_zulu> wizardslovak: good choice on dd-wrt...
<wizardslovak> i always used dd-wrt
<mac9416> Hey, I'll have to talk to you about dd-wrt later, but right now...
<mac9416> (I have a new router)
<wizardslovak> this is my 3rd router i flashed
<wizardslovak> ok mac you help me with server ill help you with router
<mac9416> Cool. OK, so run "ifconfig" on the server...
<mac9416> This will tell you its IP address.
<wizardslovak> ok i got ip adress
<mac9416> Alright, now on your laptop type "ping <IP address>"
<mac9416> Just to make sure the connection is there.
<wizardslovak> ok its pinging
<mac9416> No errors?
<wizardslovak> no
<mac9416> Cool. Now type (on the laptop) "ssh <IP address>"
<wizardslovak> how to stop ping?
<wizardslovak> ctrl+s?
<mac9416> ctrl-c
<mac9416> :-D
<wizardslovak> ok no errors
<wizardslovak> ssh ip -> error
<mac9416> Did it ask for a password?
<mac9416> Uh-oh.
<wizardslovak> the authenticity of host ip cant be established
<mac9416> That's alright.
<wizardslovak> i clicked yes now it asks password
<mac9416> OK, cool...
<wizardslovak> ok i typed password and now i am in
<wizardslovak> lol
<wizardslovak> lets try update it true ssh
<mac9416> OK
<wizardslovak> sudo apt-get install update?
<wizardslovak> right?
<mac9416> Yup
<mac9416> Wait...
<mac9416> Yeah, try it.
<wizardslovak> "couldn't find package update"
<mac9416> Oops. Try "apt-get update"
<mac9416> Silly me
<mac9416> :-P
<wizardslovak> done
<mac9416> Very cool.
<mac9416> :-D :-D
<wizardslovak> what if i want to connect to server from Wlan??
<wizardslovak> lets say from my friends house/
<wizardslovak> ssh wlanip:lanip
<wizardslovak> ??
<mac9416> Wirelss? Should be the same way.
<wizardslovak> no wireless
<wizardslovak> somewhere out of range of my LAn
<mac9416> Internet?
<mac9416> Hmmm.
<wizardslovak> ??
<wizardslovak> how to check if lamp is working?
<mac9416> For the SSH over internet: http://ubuntuforums.org/archive/index.php/t-271036.html
<mac9416> Well, to see if the web server is working, go to your laptop...
<mac9416> open Firefox and type: "<IP address>" in the address bar.
<wizardslovak> lol
<wizardslovak> "it works"
<mac9416> Yup.
<mac9416> :-D
<wizardslovak> niceee
<wizardslovak> what if i want to upload web site from laptop to server?
<mac9416> What form is the website in? One html page?
<wizardslovak> well i didnt make it yet
<wizardslovak> i will use probably quanta+/dreamweaver
<mac9416> OK. Well, IDK much about it, but navigate to /var/www on your server...
<wizardslovak> hmm i read here that i should add port to the server
<mac9416> ?
<mac9416> I think it's already serving on port 80
<wizardslovak> ok i am there , now how should i upload web site?
<mac9416> Hold on...
<mac9416> "ls" and tell me what you see.
<wizardslovak> nothing
<mac9416> Not eve "." and ".."?
<wizardslovak> so i made quick web site with html
<wizardslovak> no
<mac9416> Hmmm. Try "ls -a"
<wizardslovak> shouldnt it be "ls -l"??
<mac9416> -a lists even hidden files.
<wizardslovak> ok it says bash_history , sudo_as_admin_successful,bash_logout .profile
<mac9416> OK, did you cd into /var/www?
<wizardslovak> no
<mac9416> Alright, type "cd /var/www"
<wizardslovak> ok i changed to /var/www and ls -a ------- ondex.html
<wizardslovak> index.html
<mac9416> Alright, that's the "It Works!" web page. If you replace it, Apache will serve that out.
<wizardslovak> ok now my question is how to upload web site from laptop to server over ssh?
<mac9416> Alright you have to use "scp" whick I only vaguely remember how to use...
<mac9416> "scp SourceFile <IP Address>:directory/TargetFile "
<mac9416> Oops...
<mac9416> "scp SourceFile <IP Address> Directory/TargetFile "
<wizardslovak> this i should type in my laptop
<foxbuntu> wizardslovak, scp FILE user@host:/path/to/dir/
<wizardslovak> let see
<mac9416> "scp SourceFile <IP Address>:/directory/TargetFile "
<mac9416> foxbuntu, thanks
<mac9416> Use foxbuntu's line. "host" is the IP address
<wizardslovak> error permission denied
<mac9416> Hmmm.
<wizardslovak> i used "sudo acp file user@IP:/var/www
<mac9416> Now, you're not doing this from within the SSH are you?
<foxbuntu> mac9416, your user has to have write permissions to the dest directory, and usually a nomal user doesnt to /var/www
<foxbuntu> wizardslovak, ^
<mac9416> Right...
<wizardslovak> so first i gotta change permissions
<wizardslovak> and that what i am not good at
<wizardslovak> mac9416: all of this i do true ssh
<foxbuntu> wizardslovak, no, move it to /tmp on the server first then ssh into the server and place it with sudo cp
<wizardslovak> i have server next to me
<wizardslovak> aha so scp file user@ip:.tmp
<mac9416> I believe you have to be outside the SSH shell to use scp properly, though
<mac9416> Yeah.
<mac9416> Or /tmp/file
<mac9416> Maybe
<wizardslovak> done
<wizardslovak> moved to /tmp/index.html
<mac9416> OK, back in the SSH: "sudo cp /tmp/index.html /var/www/index.html"
<foxbuntu> wizardslovak, then sudo chmod root:www-data /var/www/index.html
<wizardslovak> it works!!!!!!!!!!!!!!!!!!!!!!!!!1
<wizardslovak> heheh
<mac9416> Too cool!
<wizardslovak> hehe now i gotta make note in order to remember it later
<wizardslovak> give me sec
<mac9416> Alright.
<mac9416> Hey, man, my laptop's about to go dead.
<wizardslovak> cant you plug it?
<mac9416> I'm afraid not. I'm in a car with a friend driving and I forgot the adapter :-D
<mac9416> :-P
<mac9416> If you PM me on ubuntuforum I'll meet you back here later. I've still got to talk to you about dd-wrt :-D
<wizardslovak> lol
<wizardslovak> ok
<mac9416> My nickname there is mac9416 too.
<wizardslovak> i am not on ubuntu forums
<wizardslovak> i did send you pm tho
<wizardslovak> foxbuntu:  sudo chmod??? what for?
<mac9416> Alright, I just sent my email address.
<mac9416> Cya!
<wizardslovak> ok peace and thank you
<foxbuntu> wizardslovak, the group that owns the www files should be www-data
<wizardslovak> i am getting error
<foxbuntu> on what?
<wizardslovak> chmod invalid mode :"root:www-data"
<foxbuntu> oh sorry not chmod
<foxbuntu> chown
<wizardslovak> ok done
<wizardslovak> so i can do everything true ssh?
<foxbuntu> yup
<wizardslovak> so right now i am ready to put server in its place
<wizardslovak> heheh
<wizardslovak> what is the best text editor on server??
<foxbuntu> wizardslovak, I prefer nano
<wizardslovak> nano
<wizardslovak> what is the command to shut down server?
<wizardslovak> ??
<orudie> sudo shutdown now
<wizardslovak> lol it reset
<giovani> wizardslovak: what reset?
<wizardslovak> sudo shutdown now
<wizardslovak> i shows "recovery menu"
<giovani> that's not "reset"
<giovani> sudo shutdown -P now
<giovani> will power down the server
<giovani> this is not default, because servers are rarely intended to be shut down
<wizardslovak> ok thank you
<wizardslovak> server is down
<wizardslovak> hehe
<wizardslovak> do  you guys by any chance know how to make work wireless on laptop??
<wizardslovak> my doesnt work :(:(
<giovani> wizardslovak: this is not the appropriate channel for that, try #ubuntu
<wizardslovak> sorry
<wizardslovak> i asked but noone answers
<giovani> that happens
<giovani> it's community support
<giovani> and you probably didn't ask the question in a helpful way (i.e. how you did just now -- with no details on card, driver, etc)
<giovani> you can also try http://www.ubuntuforums.org/
<wizardslovak> i dont really know what card i got
<giovani> well then nobody will help you
<giovani> if you can't figure out things like that ... then you're probably not ready for linux
<wizardslovak> wel i always used desktop
<giovani> anyway, no more about this in #ubuntu-server ... it's the wrong channel
<wizardslovak> month ago i got llaptop
<wizardslovak> ok
<wizardslovak> ok back
<foxbuntu> giovani, try to ask the questions the average new user doesn't know how to ask, don't just tell them "they aren't ready for linux"
<giovani> foxbuntu: we all have our opinions ... if a user doesn't have the fortitude to determine their wireless card model ... I don't believe they're ready for linux
<giovani> you may disagree ... feel free to
<foxbuntu> giovani, you are welcome to hold that opinion, however do not say that to new users, users are part of the community too, no matter what skill level they are at. Remember, everyone started learning linux sometime.
<giovani> foxbuntu: I don't believe this issue is related to whether or not they're starting linux
<giovani> but I'm leaving this there, have a great day
 * foxbuntu is tired of this attitude inside the linux community
<giovani> and likewise the linux community is tired of those that coddle users no matter how little effort they put in, and how lazy they are
<foxbuntu> giovani, advocating for the community and maintaining the user cannot be helped attitude is not possible
<giovani> it certainly is
<giovani> users can be helped, it happens all the time
<giovani> but not every user, no matter what the request, and no matter what their level of laziness should be catered to
<giovani> that's what differentiates working for a customer, and the real world of individuals
<giovani> if a user needs that level of help, they're best served by a corporation that pays employees to cater to those who refuse to make an effort
<foxbuntu> giovani, nor did I say they should, but I did say that rather than taking this attitude with them, you should ask questions like "which card to do have, if you arent sure, you can try to google for it or use lspci"
<giovani> it wasn't attitude, after he complained that "they didn't answer me" we came to understand why
<foxbuntu> giovani, most new users to linux dont know the rules of irc either
<giovani> I asked which card he has, he didn't know -- and didn't seem to want to figure it out himself, so, I'm not going to aid in that, especially in this channel, where such support is forbidden
<giovani> foxbuntu: that, I explained to him in a clear manner
<foxbuntu> giovani, why is it such a problem that you ask questions a leave the snide comments out? If you don't want to help, excuse yourself from the conversation.
<giovani> foxbuntu: there were no snide comments, that's why
<foxbuntu> "then i don't like you are ready for linux"
<giovani> and if no response is given to a user, they continue to complain, rather than understand why nobody is responding to their unanswerable question
<giovani> so I explained why
<foxbuntu> my only problem with anything you said was that one comment, its exactly why we loose new users
<giovani> I stated what I believed to be true ... I don't share your goal of getting as many people to join the linux community as is possible ... that's not beneficial imo
<foxbuntu> giovani, then perhaps you should review the goals and rules of Ubuntu
<a|wen> hmm... so if the user doesn't know the lspci command in advance he is not ready to linux
<giovani> a|wen: lspci is far far far from the only, or even the best way to determine your wireless card model
<giovani> in fact, with newer cards, it's often inaccurate
<giovani> looking at the card itself is often the best way to determine its model number -- if it is a special case where it's been rebranded, and is being misidentified by its labeling on the card itself, absoltuely, pci id numbers can be useful, and no, I wouldn't expect a beginner to know that
<foxbuntu> giovani, so your suggestion to a user is to crack open their laptop to get the model number of their wireless card?
<giovani> foxbuntu: absolutely
<giovani> relying on the pciid list provided with linux distros is a mistake
<giovani> they're easily wrong 10-20% of the time
<giovani> with moden wireless cards
<foxbuntu> giovani, rather than googling either the information gathered by lspci, or their laptop model number?
<giovani> foxbuntu: those are other options, usually netting less reliable results than physically looking at the card
<giovani> unless the card has been specially rebranded
<giovani> a beginner should have the knowledge and desire to google their laptop model number
<a|wen> giovani: my experience in most cases is that the user don't know what info they need to provide, or where to get it ... that is the extra one-two lines with a question-sign at the end that is needed
<giovani> if they have to be instructed and walked through a non-linux task like that ... they're not ready, in my opinion
<foxbuntu> giovani, well I, along with likely several others here, would disagree with your view points on these issues...and I really think you should consider why Ubuntu is called "Linux for Humans" before propagating them further
<giovani> foxbuntu: and disagreement is part of what makes life life ... I'm not trying to insist that you agree with me, you however, are doing that
<giovani> we don't all need to believe exactly the same things to be in one place
<foxbuntu> giovani, nope, just stating the facts of what Ubuntu's goals are
<giovani> #ubuntu-server is very separate from #ubuntu, that's been made clear by many users here, to me and to others
<giovani> no desktop questions are to be asked or answered here
<giovani> I decided to bend that a little to make sure he wasn't being ignored, and understood WHY he wasn't going to get an answer
<foxbuntu> giovani, I never once said I had an issue with anything you said other than telling a new user he isnt ready for linux
<a|wen> giovani: it is ... so direct them to #ubuntu or their loco-channel
<giovani> a|wen: I did ... did you actually read the conversation?
<giovani> foxbuntu: and that's my opinion, and I maintain it -- I don't need to conform to your stance on the issue, and I'm not asking that you do to mine
<giovani> so there's no reason to keep bringing that up
<giovani> if you wanted to walk him through that, I wouldn't stop you, or say anything about it
<giovani> that's your time, and your effort to do with as you please
<a|wen> giovani: i did read the conversation ... but then stop after that
<giovani> a|wen: then you would've seen my effort to get him to ask the question in #ubuntu, where it's relevant, he said he had, and had been ignored, I explained why he might have been ignored, after learning that he provided #ubuntu with zero details
<a|wen> giovani: well, that is his choice ... he didn't provide the info, he wont get any help to get it to work
<a|wen> giovani: no need to get the person to feel extra stupid that he is not "ready/good enough for linux"
<giovani> a|wen: exactly ... I never said it wasn't his choice, I was simply explaining why, so he'd understand, because he clearly didn't understand why
<Thirsteh> screen-profiles is pretty great, but what's feeding the up/down bandwidth meters in the prompt? Mine don't seem to budge from 0kbps
<Thirsteh> and on that note, any recommendations for a good curses-based network traffic monitor Ã¡ la jnettop?
<foxbuntu> giovani, so if a user cann't do somethig you consider to be simple, they don't deserve help because they aren't ready for linux is your point of view?
<giovani> foxbuntu: if a user cannot make a certain amount of effort (something that will be required regularly for them to learn to use linux), then I will not expend my time and effort to help them complete a task that is not special, or linux-related, because I do not believe it will benefit them, or me, or the community, they need to find that interest/drive on their own, it cannot be taught or instructed
<giovani> doing it for them is the old teach a man to fish adage
<giovani> and instructing them to open up their laptop is not linux-related, nor is googling for their laptop model
<giovani> so I will not offer that
<a|wen> Thirsteh: i don't know jnettop ... but iptraf ?
<foxbuntu> giovani, had you bothered to notice that particular user was willing to learn because he was able to get LAMP working to the point that he could be shown how to use scp and ssh, he was taking notes and attempting to learn
<giovani> foxbuntu: his question and bewilderment at no response proved otherwise to me, if you disagree, for the 10th time ... I'm not stopping you
 * giovani &
<Thirsteh> a|wen: that one is great, thanks!
<a|wen> Thirsteh: great
 * foxbuntu goes to be productive, because this conversation obviously will never be...it only proves my previous point
<duvnell1> is there a GUI/point-and-click setup-my-ubuntu-server-as-a-network-router tool?   or do I continue forward with installing bind, dhcpd, enabling ipv4 forwarding, etc myself?
<sam_> how can i have lighttpd  host a different site on a different port but same ip ?
<duvnell1> I believe you can specify multiple ports to listen on
<duvnell1> but you'll need to vhost too
<sam_> ok ill try make it clearer what i want to do as i wasnt very clear before
<sam_> i have a dynamic ip
<sam_> so im usin a ddns
<sam_> when someone visits my site on port 80 i want them to go to the normal version of the site (hosted at /var/www
<sam_> and if they visit my server on port 81 i want them to go to the testing version (/var/www2)
<thirsteh> you can set up vhosts that only care about ports, and respond to any hostname/IP
<thirsteh> if you want the exact syntax for your lighttpd config, you should ask in #lighttpd
<sam_> ok i have never used linux as a server so i dont nmo how to do much
<giovani> duvnell1: I don't know of any such tool, and if it exists, GUIs and tools that use them aren't supported in #ubuntu-server
<thirsteh> sam_: This thread might be helpful: http://forum.lighttpd.net/topic/958 - basically add $SERVER["socket"] == ":81" and server.document-root = "/path/to/testing/version"
<giovani> duvnell1: there is, however, a pretty good tutorial on the wiki, have you read that? honestly, routing is pretty simple, presuming you're just handling 2 or 3 interfaces
<sam_> thirsten: i have don that and restarted lighttpd but i just get a connection refused from firefox
<sam_> could i put my config on pastebin for you to take a look?
<sam_> http://pastebin.com/d621bcf95
<giovani> sam_: your config file doesn't have a server.port designation in it that's not commented out
<giovani> server.port = 80 will run it on port 80
<giovani> server.port = 81 will run it on 81
<giovani> lighttpd doesn't cleanly support listening on multiple ports in a single process
<giovani> you can use $SERVER["socket"]
<giovani> but I don't find that clean
#ubuntu-server 2009-05-03
<duvnell1> giovani: yeah.. I'm comfortable doing it manually.. just asking if there was an easier way
<giovani> I don't see why you'd want/need two different ports anyway -- just use two different ddns names, and use name-based virtual hosting
<duvnell1> what file(s) is being updated when I'm running services-admin and enable/disable a service?
<giovani> duvnell1: what's services-admin?
<thirsteh> or use something like nginx ;-)
<duvnell1> I have dhcpd enabled, and it's starting on boot, but it's apparently dying because it's not in the ps list after booting.. starting it manually fixes things
<sam_> giovani: this is my first time using linux as a server so i thought that would be the best way
<duvnell1> giovani: System->Administration->Services
<giovani> sam_: the proper way would be to register two dns names with your ddns provider
<giovani> duvnell1: we don't support guis in here
<duvnell1> and I do see dhcpd start in /var/log/messages
<duvnell1> ok.. no more GUI talk
<duvnell1> how do I enable/disable a service?  update-rc.d?
<giovani> sudo /etc/init.d/service start|stop|restart
<duvnell1> ..umm.. start a service at boot
<giovani> you can do it manually
<giovani> or using the tools provided
<duvnell1> the tool name is my questio
<duvnell1> what tool do I use to arrange for a service to start at boot?
<pmatulis> duvnell1: red hat's chkconfig is being imported into ubuntu.  i believe it started with 8.10.  it doesn't do a great job right now (not very intelligent) but you may want to check it out
<giovani> update-rc.d works fine
<duvnell1> so update-rc.d is creating the symlinks for me.. that's cool
<giovani> duvnell1: yeah, it's a standard SysV tool, not ubuntu-specific
<duvnell1> is upstart still being used on server edition ?
<giovani> yes
<duvnell1> and upstart is following the rc dirs ?
<giovani> yes, upstart is supporting the legacy rcX.d style setup
<giovani> I don't believe upstart has a fully working replacement yet
<ScottK> giovani: It does, but there's no compelling case to rework packages to use it.  It's used some, but generally only in Ubuntu specific stuff.
<duvnell> ok.. this server is flaky..
<duvnell> my server
<giovani> duvnell: be more specific than "server is flaky" please
<duvnell> last thing I said was "what is non-legacy for upstart"
<duvnell> did you get that and answer it?
<giovani> no, I didn't get that
<giovani> your internet is probably having issues
<duvnell> by flaky, I mean I've got it acting as a router doing NAT.. and it's fine until no body does anything and it kinda dies.. went and looked and dhcpd was no longer running.. I think my machine attempted to lease again and that's what killed it
<duvnell> no it's not
<duvnell> from the server I can do things fine
<giovani> duvnell: the bottom-line re: upstart is ... we're still using the legacy rcX.d files
<ScottK> duvnell: For Upstart, lots of stuff from http://upstart.ubuntu.com/
<duvnell> cool.. good to know
<giovani> but upstart can be used in the more-upstarty way if you'd like
<giovani> check out /etc/event.d/
<duvnell> dhcpd server is dying at boot (it does start in /var/log/messages), but then it's not running after boot is done.. and now apparently it's dying just on occasion.. restarting manually fixes it (for a time)
<duvnell> I was gonna see if I can get some debug logging out of it
<giovani> which dhcpd are you running?
<giovani> I'd recommend dnsmasq for any small setup
<duvnell> dhcpd3
<giovani> I'd recommend dnsmasq
<duvnell> am I still here?
<a|wen> duvnell: looks like it
<duvnell> dang.. happened again
<duvnell> increasing lease time.. the example had 600 seconds.. I think that was the problem
<duvnell> and it would be dead after 600
<duvnell> afk.. got 2 eat
<duvnell> back
<duvnell> dhcpd still alive
<duvnell> surprised.. well of course nothing's been requesting anything.. lemme force that
<mac9416> Hi ya'll! While installing 8.10 server edition, I get to "Installing additional components" and about 24% of the way in the screen goes to fitfluuy blinking black/white and after about 10min I get a whole column of "Failed" down the left side of the screen.
<mac9416> Hehe, there's a bit of a draft in here.
<mac9416> I hope mdelaur closed the door behind him.
<mikegriffin> mac9416: checked another console? usually dmesg and logs end up there
<mac9416> OK, I'll do that...
<mac9416> Well, the "failed" messages were coming on so fast that I could only get a fleeting glimpse of the messages, but one of them said something about running out of memory.
<mac9416> I'm not even sure how much ram is in the machine.
<mac9416> I think there is a lowmem option in the installer?
<android60> I just built a lightweight machine for a NAS but when I go to install ubuntu server from the cd menu, I just keep seeing errors like this http://pastebin.com/m7c9abf9a
<duvnell> okay, so my problem is that eth0 is not configured at the time that dhcpd starts..
<duvnell> so it's a startup issue.. I'm finding ubuntu-server not as friendly as the desktop.. just a perception at the moment.. so If I want dhcpd to start later than it is starting, how do I do that>
<duvnell> ?
<duvnell> I found this out by noticing dhcpd's error in syslog and then logging ifconfig -a during boot. .which showed no IP on eth0 and it caused dhcpd to not start
<duvnell> I ran chkconfig and it completely rewrote the rc.d directories
<duvnell> wasn't too happy about that, but I figure there's either a fix to reorder it back or I can just work with chkconfig
<mac9416> android60, I'm a n00b, but that looks like a hard drive error. IDK what to do about it...
<duvnell> maybe I should be running ubuntu desktop on this machine :)
<duvnell> er.. that machine
<mac9416> Well, devnull, have you tried starting the daemon by hand?
<android60> mac9416: ive tried 4 hard drives and all same error, im trying a diff cd drive right now
<android60> its a new mobo so im wondering if the ide connection is bad on it
<android60> ya same error w.e hard drive connceted and diff disk drive
<duvnell> mac9416: yeah.. I'm continuing a convo from earlier on here
<duvnell> yes it works manually
<android60> w.o** without
<duvnell> I changed the init script to start after NetworkManager
<duvnell> but I'm guessing whether I should even use that tool on server
<mikegriffin> i would not use dhcp on a server
<duvnell> and it doesn't fix it
<ScottK> Generally you don't use NetworkManager on a server
<mac9416> android60, are you sure the cable is good?
<mikegriffin> unless i had a really impressive config
<duvnell> what does NetworkManager do anyway
<mikegriffin> configure wireless and dhcp generally
<mikegriffin> automagically
<duvnell> so I am running dhcp client here also
<duvnell> for the cable modem
<duvnell> would that cease to work if I removed that service?
<android60> mac9416: yup, tried a known working cable to
<duvnell> does starting networking in general run dhclient?
<mikegriffin> /etc/network/interfaces controls that
<mac9416> androin60, Hmmm. It looks like a drive issue, but hav you checked the disk's integrity?
<mikegriffin> duvnell: to be fair, networkmanager requires X, which I would also not put on a server
<duvnell> ok.. so I'm gonna guess I should remove NetworkManager and just use the /etc/init.d/networking script instead? cause I don't see it in rc.3 or 5
<duvnell> arg.. chkconfig -e.. changing networking to "on" and it's refusing to change.. chkconfig -e again shows it back to 0S
<duvnell> is that an "automatic"?
<android60> mac9416: yup and tried an unopen lts 8.04 server disk to
<mac9416> android60, I'm Googling your error message. I admit, it's got me stumped...
<android60> ya ive been at it all day
<android60> im thinking its the ide connector on the motherboard
<giovani> duvnell: NetworkManager shouldn't be on your server -- your network settings should be configured in /etc/network/interfaces, which is read by /etc/init.d/networking
<mac9416> androin60, Under waranty? :-(
<android60> mac9416: brand new motherboard, got it yesterday
<mac9416> android60, Well, I'd send it back. I mean, you seem to have given it enough chance to prove itself innocent...
<android60> ya
<android60> :/
<android60>  i just returned a different brand board that the bios wouldnt even recognize 2 of the sata ports
<mac9416> Look at this maybe? http://www.linuxquestions.org/questions/linux-hardware-18/ahci-dvd-drives-542784/
<mac9416> That's bad.
<sam_> does lighttpd support .htaccess
<sam_> ?
<mac9416> android60, what brand MB is it?
<giovani> sam_: no
<giovani> sam_: all configuration is done inside lighttpd.conf (or other confs you include in there)
<android60> mac9416: biostar
<mac9416> android60, from Newegg?
<android60> ya
<sam_> giovani:ok thanks
<android60> a760g m2+
<android60> ya
<android60> from newegg
<mac9416> Well, if there's no reson to do otherwise, I'd go Gigabyte. One time I had to acll their tech support (due to my own ignorance) and the guy that answered my question sounded as if he had built the board himself. :-D
<giovani> sam_: by the way, lighttpd has its own irc channel on freenode; #lighttpd
<sam_> ok
<android60> ha ya
<android60> thats what i get for trying to save some money
<mac9416> Well, when you're trying to go for a low price machine...
<android60> ya
<mac9416> I mean they built it to work didn't they, so it should.
<android60> exactly
<mac9416> But, anyway, at least you can get your money back.
<mac9416> duvnell. Clever nickname.
<duvnell> so, if there's not a supported GUI tool that writes out the /etc/network/interfaces file, is there a CLI tool that I should be using.. or should I be trying to create everything by hand?
<ScottK> Generally the installer writes a good one for you and they aren't very hard to edit by hand.
<giovani> duvnell: by hand ... it's what everyone does
<mac9416> Everyone's doing it :-D
<mac9416> All the cool guys.
<PhotoJim> Even the uncool guys.
<PhotoJim> Except for Blake.
<PhotoJim> He doesn't use networking.
<mac9416> Haha
<genii> Hm. Is there some different set of preseed values for Xubuntu vs Ubuntu preseeds? I used one which worked there and just changed all "ubuntu-desktop" and so on to "xubuntu-desktop" but after automated PXE install no gui
 * genii makes more coffee
<genii> Maybe it's some gdm package name thing. Is it named differently for xfce?
<jmarsden> genii: xdm ?
<genii> jmarsden: I'm dumping an installed package list now off a good box and gonna do a compare
<genii> I can  startx so it must be window manager
<wizardslovak> hello people
<wizardslovak> i am new to ubuntu server
<wizardslovak> i want to put web site on server with couple pictures
<wizardslovak> should i put everything into /var/www
<giovani> wizardslovak: that's the default location for web files, yes
<wizardslovak> ok so if i want to make new location then i will have to change location in apache right?
<giovani> yes
<mikegriffin> wizardslovak: or use the default
<giovani> except that he said he wanted to use a different location
<giovani> if you want to use a different location, apache's config will have to be changed to reflect that
<wizardslovak> where is apache config located?
<genii> Or do userdirs or something
<giovani> wizardslovak: /etc/apache2/apache2.conf
<jmarsden> wizardslovak: /etc/apache2/*   # But it will be easier by far to use the default as it is if you are not already familiar with configuring apache.
<giovani> please refer to https://help.ubuntu.com/9.04/serverguide/C/httpd.html
<jmarsden> Hmmm, someone should probably update the /topic to point to that guide not the older one in its tinyurl, I think.
<giovani> jmarsden: well the topic refers to 8.04, so I don't think it's there by mistake
<giovani> if it was refering to 8.10, I'd agree
<giovani> but they're clearly wanting to stick to LTS
<wizardslovak> well i am browsing apache2.conf and i dont see nowhere directory
<wizardslovak> "/var/www
<jmarsden> wizardslovak: That's why I said it is easier to stick with the defaults unless you are already familiar with configuring Apache... and why i said /etc/apache2/* ... try looking in /etc/apache2/sites-available/default if you really want to see that.
<giovani> yeah, jmarsden is right ... just don't forget the 000 -- /etc/apache2/sites-enabled/000-default
<jmarsden> giovani: No, that is a symlink to the file I mentioned earlier :)
<giovani> point taken :)
<duvnell1> anyone a postfix wiz?  I would like to reject any email except to an allowed list of names on my server
<mikegriffin> duvnell1: that is a pretty normal goal
<duvnell1> currently I'm getting spam on common users like root, avahi, etc
<duvnell1> would just like to reject
<mikegriffin> i would not reject mail to root but you might take a look in /etc/aliases
<mikegriffin> duvnell1: keep things like root, postmaster abuse etc
<duvnell1> well, root is fine from the inside.. but it's the outside I'd like to reject it from
<mikegriffin> #postfix
<duvnell1> goood idea :)
<mikegriffin> i would not ever reject mail to root
<duvnell1> reason?
<duvnell1> this is just my home server
<mikegriffin> i think its rfc to accept it but i may be wrong and its only best practice
<duvnell1> of course processes tend to email root.. and so like I say, that's fine from the inside
<duvnell1> I know we're not supposed to talk about GUIs in this channel.. but do you know of a GUI tool for configuring postfix, or should I just continue with vi..
<duvnell1> ?
<pmatulis> duvnell1: who made this rule about not talking about a gui?
<duvnell1> giovani did :)
<pmatulis> duvnell1: as long as the discussion pertains to ubuntu server it should be ok
<duvnell1> pmatulis: does ubuntu server make available a GUI for editing postfix config
<duvnell1> that you know of
<pmatulis> duvnell1: more often than not, however, such discussions become less and less about the server and more about the tool.
<mikegriffin> duvnell1: often times, using a gui will make very complicated changes to solve a small problem, introducing complexity
<pmatulis> duvnell1: no such tool is shipped in the base system
<pmatulis> duvnell1: there was discussion about integrating ebox or puppet but this has not happened
<pmatulis> duvnell1: many people use webmin but i do not recommend it.  as i do not recommend any such tool
<pmatulis> duvnell1: what i do recommend is learning how a mail server works
<duvnell1> k thx... editing text is oka
<duvnell1> GUI just lays out your options more easily some times
<pmatulis> duvnell1: they're dangerous and they don't teach you anything.  you still have to know what you're doing
<quizme> is it better to run 8.10 on or 9.04 on a server?
<bulllp> Hi, my debian server can't boot after loading the lilo. It stops on the screen "loading lilo ............."
<bulllp> nothing continue
<bulllp> so what's the problem
<bulllp> no, it's "loading linux ..............."
<TeLLuS> bulllp: I guess you have to select or add a boot option to see what error you get. And later maybe start from cd if it can't be fixed with a option or selection with lilo
<corsair__> hey, what flag do i need to get make-kpkg to build a kernel headers deb?
<Ramblurr> i've upgraded to 9.04 and i'm having issues with the klogd service
<Ramblurr> it hangs when starting: "* Starting kernel log daemon..."
<TeLLuS> Ramblurr: start it from commandline and watch where it hangs with strace or something..
<Ramblurr> http://rafb.net/p/nWkhXP12.html
<Ramblurr> hum
<TeLLuS> Ramblurr: Problem with the pid file?
<super_hacker> hi to all
<super_hacker> I have one problem with Postfix Mail Server
<Bananaman> so people, any assistance about the Postfix :S
<Bananaman> :S
<Padhu> Any simple backup tool for backup files whenever USB drive is instered?
<Padhu> inserted
<twb> Padhu: udev and rsync.
<twb> You write a udev rule that reacts to the insertion of that particular USB drive by running mount and rsync commands.
<uvirtbot> New bug: #371218 in dhcp3 (main) "No DNS servers whith dsl-connection using pppoe" [Undecided,New] https://launchpad.net/bugs/371218
<acron17> hi there. after upgrading mysql to 5.1 (in jaunty) the readline abilites (eg Ctrl-r to search) stopped working in the mysql client
<acron17> any hints whats going wrong there? can someone verify that issue on his system?
<twb> acron17: that sounds like someone decided libreadline couldn't legally be linked against mysql.
<twb> But that's just a guess; try looking at the changelog.Debian.gz in /usr/share/doc
<thirsteh> Do not question the Oracle
<TeLLuS> Is that not DO question the Oracle now..
<acron17> twb: thanks for your answer.
<acron17> twb: you may be just right. from the changelog:
<acron17> Replaced --without-readline to --with-libedit to configure options, as --without-readline doesn't seem to do the right thing anymore.
<acron17> twb: how about libedit? doesn't it support features from readline Ctrl-r for example?
<thirsteh> TeLLuS: Nobody questions the Oracle and lives to tell of it
<twb> You would need to ask #OpenBSD about that, I guess
<twb> I link to libedit, too, but I know nothing about it :-)
<twb> I assume you understand what I meant by readline (GPL) being incompatible with non-infective stuff.
<twb> acron17: oh, btw, see also rlwrap, which gives you generic readline support on an arbitrary CLI
<acron17> twb: yeah i heard about readline being not compatible with GPL...
<twb> No no, readline *is* GPL
<twb> But if you want to use it, you have to make your thing GPL, too.
<acron17> twb: ah ok
<twb> This is different from *L*GPL, which can be used with proprietary software.
<acron17> twb: ok. i got the point
<twb> And I assume that mysql is licensed under the LGPL.
<acron17> twb: so all in all there is nothing to fix this issue apart from rewritting a mysql client with GPL license or readline with LGPL?
<twb> Basically, the readline authors have *deliberately* arranged things so that if you want to use their package, you have to make your software as free as their software.
<twb> They did this because at the time (and arguably, still) there is nothing as good as libreadline.
<twb> Now, you could build your own mysql packages that use readline instead of editline, but you would not be allowed to distribute them.  That's why Debian's binaries use editline.
<twb> Sorry, s/Debian/Ubuntu/
<acron17> twb: thanks for these informations...
<twb> No problem.
<benc> is there a way to automate a server installation? For example, apache + vhosts, postgresql + db user...?
<uvirtbot> New bug: #371269 in mysql-dfsg-5.0 (main) "mysql server 5.0 crashes on installation" [Undecided,New] https://launchpad.net/bugs/371269
<giovani> benc: sure, a script
<benc> giovani: do I put complete config files in the script?
<foxbuntu> benc, its kind of up to you how to script it...thats the beauty of scripts
<foxbuntu> benc, you can have the script edit confs or create them, copy them in from elsewhere
<benc> foxbuntu: ok .thanks
<uvirtbot> New bug: #364811 in mysql-dfsg-5.0 "5.0.51a-3ubuntu5.1 installation failed (dup-of: 291987)" [Undecided,New] https://launchpad.net/bugs/364811
<mpathy> Hey, there is a package in the repositories with not one line of documentation..
<mpathy>  libapache2-redirtoservname
<mpathy> got to look at the sourcecode to find one line of information: RedirectToServerName must be either \"On\" or \"Off\"."
<mpathy> Thats the ONLY ONE information in the whole internet..?
<giovani> mpathy: I'm unclear ... what's the problem?
<dangerseeker> Hi! I have got a question about the integration of samba.
<dangerseeker> Samba and Linux keep seperate passwods, but when I set my password in Linux and never set up Samba passwords, Samba seems to know the passwords... can this be?
<giovani> dangerseeker: I don't know specifically -- but I remember there being a sync tool for keeping those files the same
<dangerseeker> giovani: it did surprise me. that's because I ask. And glancing over the documentation and ubuntu wiki I did not found anything yet.
<dangerseeker> I just added a Linux user, logged him in via ssh and *bam* there he is in the samba user database (/etc/smbpasswd)... but WHY?
 * andol suspects PAM
<andol> dangerseeker: What version of Ubuntu are you running?
<dangerseeker> andol: PAM seems to be a good place to look. I am running 8.04.1
<andol> dangerseeker: Well, taking a quick peak I'm pretty sure you'll find the culprint in /etc/pam.d/common-auth and the way it calls pam_smbpass.so.
<andol> dangerseeker: Of course, I'm mostly making an educated guess right now. Don't have time to look up the specific details right now.
<dangerseeker> andol: many thanks! Now I have a sensible starting point for further research.
<tsrk> Have any of you done the 8.10 -> 9.04 upgrade on a server? If so, how did it go? Any problems?
<Hecate> tsrk, did it on two servers. no trouble at all.
<Hecate> anyhow, a backup might be quite useful, as shit always happens, when you're not prepared for it.
<tsrk> yeah, i always have a backup
<tsrk> just making sure there isn't any shit that's gonna happen for sure :)
<Hecate> at least nothing i ran into.
<tsrk> that's good to hear
<tsrk> is it ok to keep my server online while it upgrades?
<thirsteh> tsrk: yes, this is Linux :-)
<thirsteh> although MySQL and Apache might stop and then ask you some questions during the upgrade
<tdn> How do I set up Ubuntu so that security updates are installed automatically?
<tsrk> thirsteh, when I installed mysql it had a blank root password for a little while didn't it?
<tsrk> I'm worried about something like that
<tsrk> tdn, server?
<tdn> tsrk, yes.
<tsrk> not sure then, sorry. I just selected that option when I installed.
<thirsteh> tsrk: not when you upgrade
<tsrk> Ok, that's good
<Hecate> the upgrade won't mess with you mysql users/databases, so there shouldnt't be any security leaks during the installation.
<Hecate> you might wanna shut down the apache mysql, etc daemons though, just to be sure.
<Hecate> since you'll need to restart the box anyway, this will only increase the downtime, but not cause it in the first place.
<thirsteh> the biggest 'danger' is if you have Apache listening on ports other than 80. You'll have to create duplicate port entries in /etc/apache2/ports.conf after the upgrade, and then restart it
<tsrk> i don't, it shouldn't be a problem
<tsrk> i could just block incoming connections before the upgrade on my router
<tsrk> anyone know what the changes in /etc/mysql/my.cnf are?
<Hecate> can't tell
<Hecate> in case you made any changes ot the file, you'll be asked what to do during the upgrade.
<Hecate> (it will also show a diff if you ask for it)
<tsrk> yeah i just got that message
<tsrk> i think the only thing i changed was listen on other than local
<exeoeoe> http://3x3cut10n3r.mybrute.com/ <-- have fun & good luck
<igor47> my system failed to create /var/run/utmp on startup - what rc script is supposed to do that?
<igor47> is there a script which changes /var/run permissions also?
<igor47> ah found it it was bootmisc
<uvirtbot> New bug: #333504 in php5 (main) "php5 crashed with SIGSEGV in _Unwind_ForcedUnwind()" [Undecided,New] https://launchpad.net/bugs/333504
<uvirtbot> New bug: #352648 in php5 (main) "php5 crashed with SIGSEGV in _Unwind_ForcedUnwind()" [Undecided,New] https://launchpad.net/bugs/352648
<uvirtbot> New bug: #324313 in php5 (main) "php5 crached" [Undecided,New] https://launchpad.net/bugs/324313
<uvirtbot> New bug: #350183 in samba4 (universe) "evolution crashed with SIGSEGV in krb5_cc_destroy()" [Undecided,New] https://launchpad.net/bugs/350183
<uvirtbot> New bug: #357047 in php5 (main) "php5 crashes without doing anything" [Undecided,New] https://launchpad.net/bugs/357047
<uvirtbot> New bug: #362720 in samba (main) "gvfsd-smb crashed with SIGSEGV in llistxattr@plt()" [Undecided,New] https://launchpad.net/bugs/362720
<uvirtbot> New bug: #363270 in php5 (main) "php5 crashed with SIGSEGV in clone()" [Undecided,New] https://launchpad.net/bugs/363270
<ajmitch> that's a lot of old php bugs to suddenly come up as 'new'
<pace_t_zulu> a lot of dupes
<pace_t_zulu> ajmitch: are they dupes?
<ajmitch> a number of them could be, though it's hard to say at a glance
 * ajmitch bets a number of them could be due to bug 343870
<uvirtbot> Launchpad bug 343870 in php5 "php-cli segmentation fault with mysql extension" [Medium,Confirmed] https://launchpad.net/bugs/343870
<ajmitch> which is more of a threading bug with mysql libraries
<uvirtbot> New bug: #368189 in bind9 (main) "host crashed with signal 7 in dns_lib_initmsgcat()" [Medium,New] https://launchpad.net/bugs/368189
#ubuntu-server 2010-05-03
<dominicdinada> How long does it take to Gpart a 750 gig hard drive lol been going on 30 mins still step 1 of 3
<cclausen> what are you doing with gpart?
<cclausen> moving data around?
<Kaprenakis> i did a 500gb and took 1hour to reformat
<cclausen> moving partitions can take days or weeks
<dominicdinada> it is wiping the files from a previous persons backup making a 700 ext4 primary and a 30 gig primary fat32
<dominicdinada> Although it doesn't make sense why this ever takes so long because the file tables are stored in a file and unlinking the filetable = free then just set it to ext4 in the filetable blah
<CaptainTrek> question:
<CaptainTrek> using Apache, how can I designate a subdomain?
<CaptainTrek> such as sub.foo.com
<CaptainTrek> assuming my site was foo.com
<dominicdinada> fqdn.conf ?
<dominicdinada> !fqdn
<CaptainTrek> yes, but how can I map that to a specific folder
<CaptainTrek> such as, say, /var/www/sub
<CaptainTrek> or summat
<CaptainTrek> sorry, i'm new to Apache xd
<CaptainTrek> xD *
<cclausen> CaptainTrek: look at the example in /etc/apache2/sites-available
<dominicdinada> sorry Not sure how specify that you asked how to designate a subdomain and you should be able to just register it in the fqdn
<cclausen> I copy the default one, remove teh NameVirtualHost line at the top and add teh correct virtualhost in there
<cclausen> then just point that site at its own docroot (and probably its own set of log files too)
<dominicdinada> are you FAWKING kidding me
<dominicdinada> now my lost and found has all this drives contents BLAH
<CaptainTrek> um...
<cclausen> that appears to be unrelated to apache...
<CaptainTrek> cclausen: what about redesignating the root for that new entry?
<CaptainTrek> would I change the entry for /var/www to /var/www/foo?
<CaptainTrek> where foo is the filestore for the subdomain
<cclausen> are you adding an additional subdomain?
<cclausen> or changing the default one?
<CaptainTrek> adding an additional subdomain
<CaptainTrek> so my domain is trekweb.org
<cclausen> b/c people could still get to the content on the original just /foo
<CaptainTrek> and subdomain could be foo.trekweb.org
<cclausen> do you really want to allow that?
<CaptainTrek> no, i'm thinking of moving default to /var/www/mainsite
<CaptainTrek> or summat
<cclausen> yeah, that is a good idea
<CaptainTrek> cclausen: i used to use web hosting from a company, i'm trying to run it all off of my own systems now so I pay far less each year xD
<CaptainTrek> so my question is still unanswered
<CaptainTrek> in default AND the new subdomain
<CaptainTrek> i specify what?
<CaptainTrek> that the directory it has written into its entry now routes to somewhere else?
<cclausen> CaptainTrek: hold on, let me get you some examples
<CaptainTrek> or would i need to set up something fancy DNS-side?
<CaptainTrek> thanks
<cclausen> are your sub-domains on the same IP?
<CaptainTrek> mhm
<CaptainTrek> only running on one server right now
<CaptainTrek> although it has two IPs connected to it
<CaptainTrek> its dually connected to two static IPs through two ethernet NICs
<CaptainTrek> regardless, trekweb.org routes to both
<dominicdinada> can't you just make a new line mirroring the first with the second nics ip?
<CaptainTrek> you've lost me
<CaptainTrek> the NICs run in a way so if one dies the other picks it up
<CaptainTrek> i manually set which is active
<CaptainTrek> regardless, the nics are in the same server
<CaptainTrek> Apache needs to make the differentiation
<CaptainTrek> not the IPs
<CaptainTrek> hence why i'm here to ask if its possible
<CaptainTrek> if it were possible DNS side, i wouldn't be here
<dominicdinada> ok Now i need help the other person helping isnt here
<dominicdinada> i copied over Server as a "livecd"
<dominicdinada> brb dinner
<cclausen> CaptainTrek: https://lsecure.admin.illinois.edu/~cclausen/apache/
<CaptainTrek> okay, so from what I can see there...
<CaptainTrek> you made a second entry
<CaptainTrek> ?
<CaptainTrek> and messed where one's root directory is located
<cclausen> each site is in its own sub folder
<CaptainTrek> ah
<cclausen> (I only listed two files, but there are several)
<CaptainTrek> and each entry for the configs specifies where its own individual directory is in?
<cclausen> I also have logging set to go into the log folder per user
<CaptainTrek> ah i see
<CaptainTrek> NOW i got it
<cclausen> yep, pretty much
<cclausen> bascially, doc root for all of my sites is /var/www/SITEUSER/public_html
<cclausen> (this way I can abuse the apache userdors module to serve content as well)
<CaptainTrek> heh
<cclausen> I actually created home diretories for each account under /var/www instead of in /home
<CaptainTrek> well, assuming I'm not doing anything super fancy
<cclausen> b/c suexec gets stupid with paths otherwise and I wanted process isolation
<cclausen> only trick is that the default one needs to be loaded first when apache starts
<CaptainTrek> GENERALLY SPEAKING...
<cclausen> in general it is symlinked 000-default so that it loads first
<cclausen> b/c default has the NameVirtualHost in it
<cclausen> and the other files do not
<CaptainTrek> ah okay
<CaptainTrek> i got that now
<CaptainTrek> i think...
<CaptainTrek> :/
<cclausen> try it
<cclausen> worse case is that you break your web server :-)
<CaptainTrek> heh
<CaptainTrek> then i just kill the files, reinstall, boom, its fixed xD
<CaptainTrek> i'm not near the server box just now, i'll test it later\
<CaptainTrek> thanks for the info though
<cclausen> if you want some help in the future, you can enable http://httpd.apache.org/docs/2.0/mod/mod_info.html so that we can easily see your server config
<CaptainTrek> alrighty, its quite likely i'll be asking for help then.  :)
<CaptainTrek> seeing how I'm new to Apache
<cclausen> the actual docs are at: http://httpd.apache.org/docs/2.2/vhosts/
<CaptainTrek> although I was really happy when I got the damn thing to show the "It works!" default page in /var/www
<CaptainTrek> xD
<cclausen> for virtual hosts
<CaptainTrek> i'm running a test of Apache on a separate Ubuntu partition on my laptop, so if I mess up I ccan just nuke the partition and start over
<CaptainTrek> xD
<dominicdinada> what does manage updates in landscape mean
<cclausen> !landscape
<ubottu> Landscape makes the management and monitoring of Ubuntu systems simple and effective by combining world-class support with easy to use online management tools. https://landscape.canonical.com/
<dominicdinada> cclausen:  Getting server installed this was is pretty easy
<cclausen> cool
<dominicdinada> how to install/start gnome on server ?
<dominicdinada> !gnome on server
<ubottu> Error: I am only a bot, please don't think I'm intelligent :)
<scar> has anyone been able to change the console resolution in 10.04?  i tried adding GRUB_GFXMODE=1024x768 to /etc/default/grub and running 'sudo update-grub' but that only seems to be adjusting grub's resolution and not the console's
<cclausen> scar: I have that same problem.  console is insanely slow under Hyper-V
<cclausen> dominicdinada: aptitude install ubuntu-desktop ?  although I'd ask why do you want to install gnome on a server?
<scar> cclausen, Hyper-V?
<cclausen> scar: Microsoft Hyper-V is the hypervisor for some of my Ubuntu VMs
<dominicdinada> well i prefer a GUI and after this is all set up gui i would and need to remote admin it i have 3 pcs 2 linux 2 macs
<cclausen> dominicdinada: you don't need gnome for remote admin work.  you can just ssh in
<dominicdinada> true...
<scar> and with X11 forwarding, you can run gui apps... but it will be quicker to learn the command line
<dominicdinada> scar I grew up on command lines but dont know linux in and out...
<cclausen> dominicdinada: aptitude upgrade is basically the general way to do updates
<dominicdinada> yes but one problem i am at is copy and paste or lack of in commandline
<cclausen> you should be able to copy and paste into an ssh session
<cclausen> scar: for your grub issues, edit /etc/default/grub and enable GRUB_TERMINAL=console and run update-grub
<scar> really? disable graphical terminal? what is that?
<scar> i'll give it a shot
<scar> cclausen, him it didn't work and it is showing the splash screen for a split second
<scar> i even have "nosplash" in the /etc/default/grub lol
<cclausen> did you run update-grub
<cclausen> doesn't get rid of teh frame buffer console though...
<cclausen> need to figure that out...
<scar> cclausen, yes i did.... it is strange the splash screen is coming up too
<dominicdinada> what file contains the subnet information for my wireless ?
<storrgie> is keyserver.ubuntu.com down? How do you check on it
<cclausen> scar: hmm.. I see what you mean.  a brief splash of something shows up
<cclausen> even with kernel options nosplash nofb nomodeset
<scar> cclausen, it is the purple "Ubuntu 10.04" screen
<cclausen> yeah, need to look into getting rid of that...
<scar> if you turn back on "quiet" does it go away?
<scar> brb
<d6chung> Hi, I'm tryin out Ubuntu server for the first time and does the 10.04 server edition boot into some graphical mode?
<d6chung> The problem I'm getting is that after what I think is file systems are mounted, my monitor complains that the resolution is out of range.
<cclausen> I think I fixed it
<d6chung> I thought I installed an ssh server but it's refusing ssh connections... so I need a display.
<cclausen> I edited /etc/init/plymouth-splash.conf and changed the start on to start off
<d6chung> cclausen: Hey, what's the first thing that's normally displayed when you boot Ubuntu server?
<cclausen> I also edited /etc/default/grub and enabled the GRUB_TERMINAL=console and ran update-grub
<cclausen> d6chung: I now get 3 2 1 0 count down b/c I told grub to do that
<d6chung> How about when the boot is complete? What's displayed after all that?
<cclausen> scar: not sure, I want to see the kernel messages at boot myself
<cclausen> d6chung: I just get a login prompt once it is booted
<d6chung> In text mode?
<cclausen> yep
<cclausen> told kernel to use nosplash nofb nomodeset and that seemed to fix the stupid fbconsole
<cclausen> I'm not sure who though adding a graphical console to a server OS was a good idea, but someone needs to fix this
<d6chung> cclausen: Okay, will try that, thanks.
<cclausen> I'm not even sure where to file that as a bug
<storrgie> anyone have time to help me troubleshoot some networking?
<cclausen> storrgie: sure
<storrgie> ever use kvm?
<cclausen> oh no, not again...
<cclausen> someone had crazy problems last night with that
<storrgie> trying to do what?
<dominicdinada> whats the command to get the desktop again   sudo aptitude install ubuntu-desktop      ?? correct?
<mikelifeguard> The package libapache2-mod-fastcgi disappeared - what do I need to do to use fcgi? (there is libapache2-mod-fcgid, which I guess is very similar)
<cclausen> had bridge and 3 other virtual interfaces
<storrgie> ahhh
<storrgie> yeah
<cclausen> dominicdinada: yeah. that should work
<storrgie> im trying to get a bridge to work
<dominicdinada> ok thanks
<mikelifeguard> dominicdinada: yes
<storrgie> if you know of an easy route that wont make me die
<storrgie> then I would love you
<cclausen> mikelifeguard: does mod-fcgid work for you instead?  (I realize its not the same thing)
<mikelifeguard> I'm not sure yet
<cclausen> mikelifeguard: I'll warn that I'm having some problems with fcgid in lucid, but I'm not sure if that is an fcgid problem or a php5 problem
<storrgie> cclausen: did the kvm guy ever get straitened out?
<cclausen> mikelifeguard: one of the apache config I use for fcgid is at: https://lsecure.admin.illinois.edu/~cclausen/apache/www-acdis
<mikelifeguard> I'm using perl, actually
<cclausen> mikelifeguard: php5 wrapper is: https://lsecure.admin.illinois.edu/~cclausen/apache/php5
<cclausen> mikelifeguard: Perl wrapper I use just execs.  no other config needed
<storrgie> cclausen: I have some pastebin for you
<cclausen> in fact, only reason I have a wrapper is for suexec and file ownership
<storrgie> http://pastebin.com/EtjmqkAE
<cclausen> storrgie: ok, loking at it
<mikelifeguard> yeah, I don't need that :)
<storrgie> not picking up a DNS?
<storrgie> err
<storrgie> gateway?
<cclausen> storrgie: you seem to have only internal connections
<storrgie> yes...
<cclausen> are you behind a router?
<storrgie> yep
<cclausen> storrgie: what is the router's IP?
<mikelifeguard> hm, "It is a binary compatibility alternative to Apache module mod_fastcgi." sounds promising
<cclausen> storrgie: can you ping the router?
<mikelifeguard> but I still wonder where mod_fastcgi went
<storrgie> cclausen: yes i can
<storrgie> 192.168.1.1
<storrgie> tomato
<storrgie> wrt54gl
<cclausen> mikelifeguard: it works for me.  serves a few web sites, although my production system is still running hardy.  my test box seems to be freaking out since I upgraded though.  keep getting out of memory errors, not sure why yet
<cclausen> storrgie: pastebin ip route
<cclausen> storrgie: you running lucid?
<storrgie> yes lucid
<storrgie> how do I print out iproute?
<storrgie> one moment
<storrgie> rebootingrouter
<storrgie> might drop
<mikelifeguard> AHA! mod_fastcgi is in multiverse; fcgid is in universe
<cclausen> mikelifeguard: I see libapache2-mod-fastcgi in apt-cache search
<cclausen> mikelifeguard: did you try just installing it?
<mikelifeguard> I don't have multiverse on that machine, apparently O_o
<cclausen> mikelifeguard: its in multiverse/web now
<cclausen> do you have that enabled in sources?
<mikelifeguard> I will shortly
<storrgie> cclausen: ok back
<storrgie> iproute?
<storrgie> one thing confusing
<storrgie> on my router
<cclausen> storrgie: ip route ?  or netstat -r
<storrgie> I see two ip addresses come up for the same mac
<scar> cclausen, GRUB_GFXMODE=1024x768 <-- is that right?
<cclausen> e.g. print your routing table somehow
<cclausen> scar: I just ignored that.  the GRUB_TERMINAL=console is aboe that
<cclausen> storrgie: that is possible.  that might be how the bridge works
<storrgie> nope
<storrgie> mind a PM?
<cclausen> storrgie: although if they are actually on the same subnet, that will cause problems
<cclausen> storrgie: I'd prefer to keep things in the channel
<cclausen> to help others
<storrgie> just for all my macs
<storrgie> sent it to you in PM
<scar> cclausen, yes but i want increased resolution
<cclausen> scar: oh, yeah, try increasing it then
<storrgie> scar: I tried some of those fixes... I would be careful you can corrupt grub and get a kernal panic
<storrgie> I couldnt get 1920x1200 to work
<cclausen> storrgie: I'm not sure that is a standard that can be supported by default.  that is fairly high resolution
<scar> cclausen, that's what i've been doing! it won't go into 1024x768 tho.... if i push SHIFT before boot and enter the grub interface, it is in 1024x768 but as soon as i boot the kernel it goes back to whatever... 80 colums x 24 rows
<cclausen> err
<cclausen> that was for scar
<cclausen> storrgie: start basic troubleshooting which interfaces can communicate.  do you have firewalls?  If so, disable them
<scar> on my 9.10 desktop, setting that GRUB_GFXMODE is all it took to change the console resolution also
<storrgie> cclausen: no firewalls
<storrgie> it may be my router but here
<storrgie> I removed all static routes inside my router
<cclausen> storrgie: can you login to the router and access stuff?
<storrgie> yep
<storrgie> I am sysowner
<storrgie> i removed the static routes
<storrgie> and did a /etc/networking/interfaces restart
<cclausen> can you access the clients from the router?
<storrgie> now I have this
<storrgie> http://pastebin.com/NxWAFKFc
<storrgie> yea the router is tomato firmware (linux)
<storrgie> still no outbound
<storrgie> even though I got DHCP IPs
<cclausen> storrgie: try a traceroute and see where teh traffic stops
<storrgie> 50 and 51
<storrgie> traceroute6?
<cclausen> that is ipv6 so probably not useful here
<storrgie> not sure what command you want me to run
<storrgie> tracepath?
<cclausen> you don;t have a traceroute command?
<storrgie> I'm in lucid 10.04
<storrgie> i dont have a traceroute command
<cclausen> wow, I don;t either
<storrgie> yep
<cclausen> well, lets find one...
<storrgie> thats not been standard for a while
<storrgie> well
<storrgie> i dont have network...
<storrgie> so i cant install it
<cclausen> download the deb to your router
<storrgie> hey check PM
<cclausen> and copy it from there
<storrgie> sent you my 'tracepath'
<cclausen> storrgie: tracepath might work then
<cclausen> storrgie: looks like it gets to your router and your router isn't routing it.
<storrgie> I could specify my IP's manually in the interfaces
<storrgie> that may work
<storrgie> I just wanted to do it from the router
<cclausen> looks like a problem on the router
<storrgie> i'm talking to you through this router
<storrgie> from my laptop
<storrgie> and it wasnt a problem with 9.10
<cclausen> run the same commadn from your laptop
<cclausen> does it work correctly from there?
<storrgie> hrm no
<storrgie> weird....
<storrgie> but i can get internet and everything
<cclausen> well, that isn't a valid test method then
<cclausen> something is blocking ICMP, probably your router
<storrgie> i dont think I have ever had this issue
<cclausen> you need to be able to get the "TTL expired in transit" responces back from traceroute
<cclausen> or, could be your ISP
<cclausen> makes it very hard to debug without actual info...
<storrgie> I am using opendns
<storrgie> 208.67.222.222
<storrgie> you know what
<cclausen> dns would have nothing to do with outbound connections
<storrgie> hrm
<storrgie> then how can my laptop get outbound
<storrgie> its dhcp
<storrgie> just like my server
<storrgie> and its also 10.04
<storrgie> just like my server
<cclausen> storrgie: let teh command run longer
<storrgie> it just has ubuntu-desktop
<cclausen> maybe just a few hosts are clokcing ICMP
<storrgie> ok letting it run
<cclausen> also, IRC is TCP not ICMP traffic
<storrgie> what is icmp
<cclausen> !icmp
<cclausen> hmm... ok, I tried
<storrgie> I know what it is kind of
<cclausen> storrgie: http://en.wikipedia.org/wiki/Internet_Control_Message_Protocol
<storrgie> isnt it the protocol for asking dns record?
<cclausen> it is an internet protocol
<cclausen> has nothing to do with DNS
<storrgie> send another PM
<storrgie> looks... not good
<dominicdinada> Blah I couldnt get my wifi to work ah well
<cclausen> storrgie: can you access the desktop from your laptop?
<scar> cclausen, only way i have been able to increase resolution is by editing /etc/grub.d/00_header
<cclausen> both interfaces? 50 and 51 ?
<cclausen> scar: that seems reasonable if it works
<storrgie> cclausen: that is affirmative
<storrgie> both interfaces
<storrgie> can ssh in
<scar> cclausen, no we aren't supposed to edit that file ;)
<cclausen> storrgie: and from there back to your laptop?
<cclausen> scar: says who?
<storrgie> cclausen: yep i can ping back
<storrgie> no sshd on laptop
<cclausen> storrgie: ping is fine, ok
<storrgie> internal network is fine then
<storrgie> should i go kill my modem?
<cclausen> storrgie: your router can access all the boxes too?
<storrgie> checking
<storrgie> yes it can
<storrgie> pings them
<cclausen> storrgie: do you have a third macine you can test with?
<storrgie> i have more but i think were dealing with a router issue
<storrgie> or modem?!
<cclausen> try putting a third machine on the same IPs as the desktop (with the destop network unlugged)
<storrgie> multiple people on it right now using the internet
<cclausen> I;d say to use your laptop, but that might disconnect you from the channel
<cclausen> storrgie: ah, ok, well, no problem
<scar> what was uncommenting GRUB_TERMINAL=console  for?
<cclausen> storrgie: are teh MACs in the router's allowed list?
<storrgie> yep
<cclausen> scar: enables text mode for grub.  I wanted text mode to work myself and NOT the framebuffer graphic mode
<storrgie> all are
<scar> bbl
<cclausen> storrgie: pastebin output of route command so that we can see the routing table
<storrgie> so here is where we are at
<storrgie> pm
<cclausen> default route appears to go to the router...
<cclausen> looks good to me
<storrgie> yep
<storrgie> works now
<storrgie> but only 1 interface
<cclausen> I assume you have NAT enabled on the router and this system isn't blocked or anything?
<cclausen> what do you mean only one interface works?
<storrgie> i only brought one up
<storrgie> commented out eth1
<flatface> While upgrading my server from 9.10 to 10.04, postfix was unable to upgrade by itself, and the entire upgrade process seems to have halted. Is there any way to salvage this? (last bit of upgrade at http://pastebin.org/198862 )
<cclausen> ah, ok
<storrgie> restarted with only eth0 left un-commented
<storrgie> so now it works
<flatface> Or was postfix just the last package that was to be installed?
<storrgie> tracepath still goes poop
<cclausen> flatface: if you run apt-get upgrade, are there more packages available?
<cclausen> flatface: I think the upgrade process bailed on you in the middle...
<storrgie> not sure what is going on with traceroute.....
<storrgie> its going forever
<flatface> 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
<flatface> 2 not fully installed or removed.
<storrgie> http://pastebin.com/qdZcEXHS
<cclausen> storrgie: yeah, that happens when people don't send ICMP back
<flatface> checking what these two are
<cclausen> flatface: oh, that is promising.  I'd move the edited file out of the way, let the process continue and then trya and re-add your customizations
<flatface> Ah, great. Thanks
<cclausen> storrgie: can you run a tracepath / traceroute from teh router itself?
<storrgie> lemme see
<flatface> just postfix and postfix-pcre are the missing ones
<cclausen> storrgie: try makcing the 2nd interface NOT dhcp. assign the .3 IP only DO NOT give it a gateway
<storrgie> ok
<storrgie> on router
<storrgie> doing traceroute
<storrgie> same thing as the laptop
<storrgie> every hop is ***
<storrgie> * * *
<cclausen> storrgie: yeah, ok, your ISP is mean
<flatface> 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
<storrgie> its ATT
<flatface> So the upgrade is completely done at this point?
<storrgie> U-Verse
<storrgie> :(
<cclausen> flatface: I think so
<storrgie> we lost power a while back
<storrgie> maybe i need to go cycle my modem?
<flatface> Great, thanks a bunch.
<cclausen> flatface: you can try running it again, just to be sure
<flatface> I think I'll do that.
<cclausen> storrgie: no, I don't think so if you are behind it right now
<storrgie> well hrm
<storrgie> what is the issue then?
<storrgie> this seems like a problem
<storrgie> I resolve websites very fast
<cclausen> storrgie: did you bring up the 2nd interface as just a static without a gateway?
<storrgie> i could
<storrgie> want me to do that now?
<cclausen> storrgie: yes
<cclausen> storrgie: also, if the interfaces are going to be on the same network, why do you need two in teh first place?
<storrgie> i want to set a bridge up on one of them
<cclausen> storrgie: you don;t need to bridge them.  they are on teh same network
<storrgie> i want to use KVM on one
<storrgie> as a bridge
<cclausen> can't you just use eth0 for both the bridge and the host?
<cclausen> I think you are making it more complicated then it needs to be
<storrgie> i dunno
<storrgie> i'm afraid i will ruin things using a single interface
<storrgie> eth1 wont come up....
<storrgie> this is infuriating
<storrgie> the whole /etc/init.d/networking doesnt do jack
<cclausen> storrgie: paste your interfaces file again
<storrgie> one moment
<storrgie> alright
<storrgie> so lemme show you my interfaces
<storrgie> cclausen: pmed you my interfaces on accident
<storrgie> http://pastebin.com/mXeZpWtz
<cclausen> so for anyone else with networking issues, interfaces on the same subnet can't all have the same default gateway. things break with routing
<storrgie> yeah
<cclausen> just only assign a gateway to a single interface
<storrgie> like a baus
<cclausen> and it should work
<cclausen> storrgie: if you ever want redundant network connections, take a look at this for setting up bonding: http://ubuntuforums.org/showthread.php?t=864657
<cclausen> it appears as a single interface and you should be able to bridge to it too
<storrgie> yeah i have checked out bonding
<storrgie> I dont really need it I guess
<storrgie> i wanted to seperate the duties of my interfaces
<cclausen> I think you can bridge it and not even assign an IP to it if you want to just use it for virtual machines
<storrgie> yeah kvm though
<storrgie> its a tricky bitch
<cclausen> set it to "manual" instead of static and see if that works
<cclausen> I just click buttons in Hyper-V to setup networking.  no problems at all :-)
<scar> cclausen, the GRUB_GFXMODE is most likely ignored if GRUB_TERMINAL=console is used
<scar> cclausen, so we are in text mode now.... and resolutions like 1024x768 don't mean much... we need to find how to increase from 80x24 i bet
<cclausen> scar: yes, that is exactly what I wanted to happen
<cclausen> scar: oh, I see.  you want a high res text mode
<cclausen> scar: try booting with vga=796 passed to linux
<twb> cclausen: I just walked in.  What's the end goal here?
<cclausen> twb: scar wants a high resolution console, I think
<cclausen> said he was using 1920x1200 previously but that doesn't work now in lucid
<cclausen> I wanted to do the opposite myself and turn off all the graphics modes as they don't work well in my hypervisor
<twb> scar: what class of GPU do you have?
<twb> scar: lspci | grep VGA
<cclausen> I get 00:08.0 VGA compatible controller: Microsoft Corporation Device 5353 if that means anything...
<twb> cclausen: that means your lspci database is out of date.
<twb> sudo update-lspci, IIRC
<twb> sudo update-pciids
<cclausen> twb: no, I'm pretty sure it is up to date.  that is what I get under Hyper-V
<cclausen> Downloaded daily snapshot dated     2010-04-29 10:07:33
<scar> 01:0b.0 VGA compatible controller: ASPEED Technology, Inc. ASPEED Graphics Family
<twb> cclausen: Hyper-V?
<cclausen> Microsoft Hyper-V
<cclausen> have people really not heard of that?
<twb> I don't use proprietary software.
<cclausen> well, I live in the real world
<twb> scar: urk.  I do not recognize that manufacturer.  I was hoping for "Intel i915", "nvidia" or "ati".
<scar> twb, it's a sun fire server :P
<twb> scar: ah, right.
<scar> tsb; it can support 1024x768... i had gotten that in the graphical mode.. but now with GRUB_TERMINAL=console defined it is back to 80x24
<twb> You want 1024x768, specifically?  That's easier than these new-fangled 6:9 and 9:10 aspect ratios.
<scar> twb, something around 1024x768 would be great for console work
<twb> video=vesafb:1024x768-8, where 8 is the depth
<twb> That corresponds to the historical vga=773, 790, 791, 792
<scar> i add that to GRUB_CMDLINE_LINUX_DEFAULT= ?
<twb> cclausen: you should probably report that PCI ID to the pciutils people, so they can put it in their database.
<twb> scar: I'm not too familiar with grub2, but I believe it goes in /etc/default/grub somewhere
<cclausen> scar: yeah, that line should work for grub2
<scar> so that is preferred over vga=773?
<scar> cuz i can't seem to get vga= option to work
<scar> maybe it was removed?
<twb> scar: are you running Lucid?
<scar> yeah
<twb> That should work.
<twb> Note that grub *itself* will (probably) not be 1024x768, but the kernel should be.
<twb> IMO this is a Good Thing, because the bootloader should be dumb and simple, not messing with video modes.
<scar> fine with me... let's see, rebooting it now
<twb> I was just clarifying in case you seeing grub, and then rebooting in a huff before you got past it :-)
<twb> Oh, also, you will need to run "update-grub" to propagate changes from /etc/default/grub to /boot/grub/grub.conf
<scar> i did update-grub.... still no change though
<cclausen> scar: anything in dmesg out put about video / framebuffer modes?
<cclausen> and check the Kernel command line in dmesg output to see that the option actually got passed in
<twb> Perhaps this GPU is not VESA compliant?
<cclausen> I have Console: colour VGA+ 80x25
<scar> [    0.000000] Command line: BOOT_IMAGE=/vmlinuz-2.6.32-21-server root=/dev/mapper/pointsource-root ro nosplash video=vesafb:1024x768-32
<dominicdinada> anyone have experence working wire wireless interfaces on server
<twb> scar: let's check some obvious things.  Are you connecting a monitor directly to a D-sub socket on the motherboard?  You don't have a KVM or anything in the middle?
<twb> cclausen: that should probably be -24, not -32.
<cclausen> and later on I get fb0: VGA16 VGA frame buffer device
<scar> twb, yeah i have KVM
<cclausen> Console: switching to colour frame buffer device 80x30
<twb> cclausen: that means it's ignoring your video= call and playing silly-buggers :-/
<cclausen> yeah...
<scar> twb, i am also looking at the console through the ILOM
<twb> I noticed that my lucid images ALWAYS load vga16fb, even when I try to tell them not to.
<twb> scar: the KVM might interfere with autodetection.  If you can try with the monitor connected directly, that might help.
<cclausen> I think nomodeset did something for me on a different system
<twb> Also, I'm *pretty* sure it's video=vesafb, but it *might* be video=vesa.
<twb> cclausen: the VESA driver doesn't support modesetting as at .32
<scar> twb, shouldn't it do it even if the monitor isn't plugged in and i am looking through the ILOM?
<twb> scar: generally, yes, but I'm paranoid and it's not working
<cclausen> twb: in my case, I wanted the normal 80x25 text mode
<twb> cclausen: likewise (in qemu)
<dominicdinada> anyone have experence working wire wireless interfaces on server
<twb> dominicdinada: no, but my laptop has no GUI, and I use wifi there.
<twb> dominicdinada: what is your real question?
<scar> twb, so you think i should try plugging the monitor directly in?
<dominicdinada> twb: I have a laptop wifi card RTL8101E/8102E rev1 and i think I did everything correctly but the dhclient is not finding the network
<twb> scar: that's what I said.
<twb> dominicdinada: does "ip addr" list the interface?
<dominicdinada> it defaults to a 32bit netmask when searching
<dominicdinada> uh I gotta boot into it seperatly while not on here :( i will check though
<dominicdinada> and my network is a 24 bit
<scar> twb, monitor directly plugged in.. no change
<cclausen> twb: I am still seeing a biref flash of an ubuntu logo at bootup though.  any idea how to get rid of that?
<scar> cclausen, i thought it went away with the 'start off'
<dominicdinada> twb, it looks as though the virbr0 is trying to set the ip address to 192.168.122.1   the eth0 and wlan1 interfaces are in down mode... only the virbr0 is up ?
<twb> cclausen: I never saw that.
<twb> cclausen: did you install from the server CD?
<dominicdinada> ??
<dominicdinada>  it looks as though the virbr0 is trying to set the ip address to 192.168.122.1   the eth0 and wlan1 interfaces are in down mode... only the virbr0 is up ?
<twb> dominicdinada: I don't know what virbr0 is; it sounds like something a virtualization subsystem would set up.
<dominicdinada> yes it was to run remote desktops
<dominicdinada> i am assuming but hmmm
<twb> dominicdinada: is wpa-supplicant installed?  Pastebin the contents of /etc/network/interfaces
<dominicdinada> i will do so in a bit waiting to get other laptop back
<dominicdinada> but when i check it only had auto lo in it :/
<twb> That sounds like you installed the server from the desktop CD
<scar> no change with -24 ;)
<twb> dominicdinada: did you install from the server CD?  Is network-manager installed?
<twb> scar: I'm afraid I can't help more without digging through ubuntu's /usr/share/initramfs-tools spaghetti, which I don't have time to do right now.
<twb> scar: what I've told you definitely SHOULD work if your GPU is VESA compliant and supports 1024x768 resolution
<dominicdinada> ok I did it like this .... I got a hd that is going to go in a server but not ready so... I gparted an Ext4 and fat32 system and made it a usb startup disk... used the fat32 to install to the ext4 .... linked the swaps....
<dominicdinada> sooo it was a usb startup live cd ?
<dominicdinada> opps this drive is in an external housing for the time being also
<scar> twb, it must support 1024x768, because i got it in that resolution with the graphical grub (but i had to add a line to /etc/grub.d/00_header). it's just with GRUB_TERMINAL=console defined that i can't seem to increase the resolution
<twb> dominicdinada: what ultimately matters is whether you used ubiquity or d-i, and what the d-i preseed values were.
<twb> dominicdinada: assuming you don't want NM (NM is yukky), you'll need to write an /etc/network/interfaces
<dominicdinada> ok i did some of it but no luck
<dominicdinada> i only wrote in auto wlan1
<dominicdinada> is also ran the wpa_supplicant.conf   with the essid and key but it is defaulting to a psk ?
<dominicdinada> ok about ready to switch to my other laptop to bring the server back up
<twb> dominicdinada: just "auto wlan1" is not correct.
<dominicdinada> ok
<twb> You shouldn't be running X on a server.
<dominicdinada> no this is my ubuntu lucid
<dominicdinada> the other was windows 7
<twb> OK
<dominicdinada> trying to get it to boot now
<cclausen> twb: actually, I installed from a netinst mini iso.  manybe that is my problem
<twb> cclausen: re. vga16fb?
<dominicdinada> twb:  ok i am booted
<cclausen> twb: yeah, that and the brief 2 second splash screen
<cclausen> scar: it partially went away, but I think it just flashes quicker now
<twb> cclausen: possibly, but I doubt it
<cclausen> I'll take a closer look tomorrow when I get back to the office
<cclausen> (at home now)
<dominicdinada> :O
<scar> how can i tell if the gpu is vesa compilant?
<dominicdinada> google it ? honestly ?
<dominicdinada> must be a compatability list
<twb> scar: any PC from about 1995 onwards will be
<twb> scar: but sun can be weird.
<cclausen> scar: is this an x86 system?  or SPARC?
<twb> From context I was assuming x86
<dominicdinada> where should I begin now :/
<twb> Hmm, apparently "Sun Fire" is UltraSPARC III
<cclausen> yeah, that is what I thought
<twb> dominicdinada: first you need to answer my earlier questions
<dominicdinada> what ip addr says ?
<twb> dominicdinada: first of all, if NM is installed
<scar> twb, yes x86
<scar> sun fire x2250
<twb> Mea culpa, "Sun Fire" *was* UltraSPARC III, but it became "whatever CPU is cheapest this week"
<scar> hehe
<dominicdinada> twb: E: unable to locate network-manager so it is not installed
<twb> dominicdinada: http://pastebin.com/6zNEpQma you want something like this
<twb> Cf. interfaces(5) and /usr/share/doc/wpa-supplicant/README.Debian
<dominicdinada> twb: typed it all in switching wlan0 for wlan1 my internal nic
<scar> using GRUB_TERMINAL=console is faster, especially for scrolling text, for example?
<twb> dominicdinada: now write an /etc/wpa_supplicant.conf
<dominicdinada> twb: right now mine says network=( ^M ssid="HomeNetworks505"   ^M  #psk="(mykey)" psk="longlonghash" ^m {
<dominicdinada> twb:  If you have wpa_supplication, then run "wpa_passphrase essid key | sudo tee /etc/wpa_supplicant.conf"
<dominicdinada> twb: then "wpa_supplicant -B -i eth1 -D wext"    is what i ran before
<twb> dominicdinada: OK, and did that work?
<dominicdinada> opps not eth1 i used wlan1
<dominicdinada> no then when i ran sudo dhclient i get these errors
<dominicdinada> siocdifflags unknown error 132
<dominicdinada> keeps trying dhcpdiscover on a /32 network....
<twb> You ran "dhclient wlan1" ?
<dominicdinada> no
<dominicdinada> ill try that
<twb> In any case, before you do that, you should see what the output from wpa_supplicant is
<twb> It should talk about associating with the SSID
<dominicdinada> what command should i use ?
<twb> The one you meantioned before: 15:29 <dominicdinada> twb: then "wpa_supplicant -B -i eth1 -D wext"    is what i ran before
<dominicdinada> ok
<twb> Oh, but not -B
<dominicdinada> ok
<scar> i want to setup drbd/heartbeat to replicate virtual machines, anyone experienced with that?
<twb> And before that, do "pkill wpa_supplicant; pkill -9 wpa_supplicant" -- otherwise the older one will fight it.
<dominicdinada> It just scrolled the wpa supplicant "help file"
<dominicdinada> I ran sudo wpa_supplicant -i wlan1 -D wext
<twb> Hm.
<twb> Oh, you need -c/etc/wpa_supplicant.conf, too.
<dominicdinada> oh at the end it gives this example    " wpa_supplicant -Dwext -iwlan1 -c/etc/wpa_supplicant.conf
<twb> And probably -d
<dominicdinada> what i just typed was exactly what it said
<twb> "sudo wpa_supplicant -d -Dwext -iwlan0 -c/etc/wpa_supplicant.conf"
<twb> ...that works for me
<dominicdinada> ok
<dominicdinada> Error 132         Could not set up interface 'wlan1' UP
<twb> dominicdinada: uh, what gave that error?
<dominicdinada> Failed to initialize driver interface    failed to add interface wlan1
<dominicdinada> no other errors besides those...
<twb> dominicdinada: uh, what gave that error?
<dominicdinada> when i just ran  "sudo wpa_supplicant -d -Dwext -iwlan1 -c/etc/wpa_supplicant.conf
<twb> That's saying that wlan1 doesn't exist.
<twb> Does "ip addr" list wlan1?
<dominicdinada> yes it does... wlan1 <broadcast,multicast,up,llower_up) mtu 1500 qdisc  noop state down qlen 1000
<twb> dominicdinada: OK, then I'm confused.  Try "ifdown --force wlan1", then confirm there are no wpa_supplicant processes running, then retry with -d
<dominicdinada> how do i check if the process' are running with ptree -ps ?
<dominicdinada> nope :(
<dominicdinada> hmmm
<twb> I would use pgrep, but I'm old-school.
<dominicdinada> ok i plugged in my external wireless nic... and it is trying and trying to connect
<dominicdinada> but with the errors trying to find WPA-enabled AP
<dominicdinada> I use WEP
<twb> If you use WEP you need to tell wpa_supplicant.conf that
<twb> The configuration you showed me was for WPA
<dominicdinada> oh I asked the other person and they said it was ok :( lol
<dominicdinada> thats why i wondered about the PSK keys
<twb> But don't use WEP for encryption, because it's known to be insecure.
<twb> (cryptographically weak)
<dominicdinada> As of right now I dont have a choice
<twb> For WPA, you need to do some extra dancing in wpa_supplicant.conf.  The manpage should be clear.
<twb> Let me see if I still have a record...
<twb> Here we go...
<twb> network={ ssid="Hugo76" key_mgmt=NONE wep_key0="thomasandfina" wep_tx_keyidx=0 }
<dominicdinada> ok
<dominicdinada> STATE: ASSOCIATED -> COMPLETED
<dominicdinada> but it didnt drop back to command line should i ctrl c it
<dominicdinada> wpa_driver_wext_set_operstate: operstate 0->1 (UP) WEXT: Operstate: Linkmode=-1, operstate=6
<twb> dominicdinada: no.
<twb> Now that you know it's working, you can use ^C to turn off networking.
<Theravadan> I have tried everything but I keep getting "kernel source for this kernel does not seem to be installed." what the heck does it expect? strace shows it's looking at the debian list of files for the linux-source package. the source package includes a tarball. I have no idea what it expects
<twb> Then, use "ifdown --force wlan1; ifup wlan1" which will restart it normally.
<twb> Theravadan: what is giving you that error?
<Theravadan> twb, pt-get install --reinstall bcmwl-kernel-source bcmwl-modaliases
<dominicdinada> ok
<twb> Theravadan: you should probably be using module-assistant or DKMS
<dominicdinada> Permission denied :/ used sudo
<Theravadan> twb, hmm i'll research those but this is for a very new mainline kernel, hopefully that works
<dominicdinada> typed sudo ifdown --force wlan0; ifup wlan0
<twb> Theravadan: why aren't you running Ubuntu's kernel?
<twb> dominicdinada: you need a "sudo ifup wlan0"
<dominicdinada> ok now i should be able to reboot and auto connect?
<Theravadan> twb,  because i need the new one to get suspend working on my intel i5 430 m
<twb> Why would a server need to suspend?
<Theravadan> twb, http://ubuntuforums.org/showthread.php?t=1460681 .. it's for a desktop but no one else is savvy enough to help so i asked here.
<twb> Sorry, I won't help you with a mainline kernel, nor with desktops in a server channel.
<uvirtbot> New bug: #574206 in postfix (main) "package postfix 2.7.0-1 failed to install/upgrade: error exit code 75, reason: newaliases: fatal: file /etc/postfix/main.cf: parameter myhostname: bad parameter value: (hostname contains a hyphen)" [Undecided,New] https://launchpad.net/bugs/574206
<twb> kirkland: thanks for actioning that acpid fix
<Jeeves_> Pff. Launchpad is too slow!
<twb> No kidding
<twb> I hate this new-fangled trend of moving everything into the browser
<Jeeves_> Yeah
<Jeeves_> I thought bughugger would allow me to create bugs without the slowdown of launchpad.
<twb> I prefer to just reproduce bugs under Debian and then report them with reportbug(1)
<Jeeves_> But I don't get bughugger to do anything else besides showing bugs per package (which launchpad cannot easily do :))
<twb> Last time I looked, on Ubuntu, reportbug sent mail to a subscriber-only list
<Jeeves_> :)
<Jeeves_> PHP Deprecated:  Comments starting with '#' are deprecated in /etc/php5/cli/conf.d/mcrypt.ini on line 1 in Unknown on line 0
<twb> And as a DD, I like that I can configure reportbug to perform extra interactions with the end user before letting them send a report
<twb> I was really impressed the other day, when "reportbug opera" automatically talked to opera's BTS instead of Debian's (using opera's is a third-party deb).
<Jeeves_> Yeah
<Jeeves_> Hmm, my bug allready exists, and the fix is released in march 19'th
<Jeeves_> too bad it didn't make it in the release :)
<ElMarcDeVeritat> Hello, I'm looking for a papper or instructions on how to prepare ubuntu deployment using preseed. I already have the pxe server and preseed working on 9.04 and 9.10. Just want something to read about 10.04 and check if there is somenthing that I'm not doing well enough and learn a bit more. Any advice?
<twb> ElMarcDeVeritat: the installation guide has an appendix on preseeding
<twb> apt-get install installation-guide-amd64
<Cromulent> hmm would you use dovecot or courier for a small mail server? trying to decide between the two
<_ruben> dovecot
<alien1> Hello
<ElMarcDeVeritat> twb: can I download a pdf from somewhere?
<twb> ElMarcDeVeritat: I don't know.
<alien1> Can anyone help me debug a network problem?
<alien1> in ubuntu?
<alien1> server
<twb> !anyone
<ubottu> A large amount of the first questions asked in this channel start with "Does anyone/anybody..."  Why not ask your next question (the real one) and find out?
<twb> !enter
<ubottu> Please try to keep your questions/responses on one line - don't use the "Enter" key as punctuation!
<alien1> Ok thanks. I'm new here sorry
<twb> No problem.
<ElMarcDeVeritat> twb : many thanks, I've found it as a package. (https://launchpad.net/ubuntu/lucid/+source/installation-guide/20081208ubuntu7/+files/installation-guide_20081208ubuntu7.tar.gz)
<dugger5688> How hard is it to set up a machine to control network logins to windows clients?
<twb> dugger5688: define "network logins"
<twb> dugger5688: are you talking about centralized authentication?
<dugger5688> twb: yes
<alien1> My problem is ... I have a network interface configured ... 217.156.27.81. Yesterday was working perfectly. Now I cannot access anymore internet. I've put my laptop in the same switch with ip 217.156.27.80 and worked properly on internet. I can connect to 217.156.27.81 directly from my laptop but server cannot go on internet anymore. When I try to ping the gateway it says "Connect: network is unreachable
<twb> dugger5688: what versions of Windows?
<dugger5688> twb: Windows XP clients.
<twb> That's possible, but I don't know all the details
<twb> The key package you want is Samba.  Try lurking here and in #samba, and reading the Ubuntu server guide.
<dugger5688> twb: Yeah, I found a few guides. As far as I understand it the most important thing is something that can manage the file permissions.
<dugger5688> twb: Samba is easy, I don't have much OpenLDAP experience though. Thought I'd ask in here and see if anyone got it.
<dugger5688> twb: thanks for the tips though, will go lurk around in Samba.
<halvors> Somone can help me setup my Ubuntu 10.04 mail server?
<uvirtbot> New bug: #574343 in ntp (main) "mknod fails for /var/log/ntpstats/sysstats.2010w17" [Undecided,New] https://launchpad.net/bugs/574343
<halvors> :-D
<PixelDJ> I suck at mail servers
<PixelDJ> =(
<halvors> OK, but do you have setup one???
<halvors> I have tryed for 2 years ;(
<PixelDJ> Nah I gave up on Postfix and got a Rollernet account.
<PixelDJ> For some reason I hate mail servers.
<PixelDJ> and DNS servers.
<PixelDJ> Necessary evils.
<halvors> Can you help me if i give you acces to my ssh?
<halvors> Also about emailserver?
<halvors> :-D
<PixelDJ> Probably if it was something besides mail servers haha
<halvors> OK, so do you not want to try help me with the email servers?
<halvors>  I will use Postfix+ Dovecot
<_ruben> read the server guide .. it should get you started just fine
<halvors> I have done it, but it does not work, i followed this http://help.ubuntu.com/community/Postfix
<_ruben> tell it to get a job the
<_ruben> n
<PixelDJ> I usually follow the Perfect Server guides. http://www.howtoforge.com/perfect-server-ubuntu-10.04-lucid-lynx-ispconfig-2
<PixelDJ> without the ISPconfig part
<halvors> I hvae try it too but it does not work ;(
<halvors> And i want to use Dovecot instead of Courier
<halvors> But do you want to help me? I can give you access to SSH and webmin login
<uvirtbot> New bug: #574352 in apache2 (main) "package apache2.2-common 2.2.14-5ubuntu8 failed to install/upgrade: sub-processo script post-installation instalado retornou estado de saÃ­da de erro 1" [Undecided,New] https://launchpad.net/bugs/574352
<uvirtbot> New bug: #574358 in dhcp3 (main) "package dhcp3-server 3.1.2-1ubuntu7.1 failed to install/upgrade: el subproceso script pre-removal instalado devolviÃ³ el cÃ³digo de salida de error 100" [Undecided,New] https://launchpad.net/bugs/574358
<Pirate_Hunter> morning how do I go about disabling the combination key control-alt-delete in lucid server, apparently the location has been changed and I have no clue where?
<TeTeT> Pirate_Hunter: I think it's upstart'ed now, /etc/init/control-alt-delete.conf
<Pirate_Hunter> TeTeT, ok I guess that makes it easier to remove, no need to edit the file no more
<soren> TeTeT is right. upstart emits control-alt-delete when that key combo is pressed. /etc/init/control-alt-delete.conf triggers on this event and acts accordingly.
<Pirate_Hunter> TeTeT, thanks got it sorted ignore what I said earlier was thinking of ...init.d/ :s
<uvirtbot> New bug: #574366 in eucalyptus (main) "private ip address assigned twice" [Undecided,New] https://launchpad.net/bugs/574366
<uvirtbot> New bug: #574367 in mysql-dfsg-5.1 (main) "package libmysqlclient16 (not installed) failed to install/upgrade: trying to overwrite '/usr/lib/libmysqlclient.so.16.0.0', which is also in package mysql-cluster-client-5.1 0:7.0.9-1ubuntu7" [Undecided,New] https://launchpad.net/bugs/574367
<Mkools> Hi, I want to virtually host my domain on Tomcat6. For that I have configured my private DNS using bind9. I am using Ubuntu 9.10 Karmic. Can some one please help by providing necessary information like which file to edit (e.g. server.xml), necessary links, books names etc.
<Mkools> In all, first I want to access first page ( It works !) using firefox web browser by typing URL of my domain name.
<Mkools> server
<pmatulis> Mkools: https://help.ubuntu.com/9.10/serverguide/C/tomcat.html
<halvors> Some here know how to setup a working emailserver with Postfix and Dovecot in Ubuntu 10,04 Lucid Lynx?
<Pirate_Hunter> Is it worth uncommenting net.ipv4.tcp_syncookies=1 from /etc/sysctl.cong? I am wondering because the file states that those were found in previous version of netbased, so are they not needed no more?
<halvors> :-D
<Pirate_Hunter> huh?
<halvors> I only asked about who could help me with setup a email server ;)
<halvors> Can somone hel me????????????
<Pici> halvors: Have you seen this? https://help.ubuntu.com/9.10/serverguide/C/postfix.html
<zul> morning
<Pirate_Hunter> Pici, can you answer that not sure if its worth using them if they are depreciated
<halvors> I hav etryd it , but i t does not work?
<halvors> I need someone who can login and fix it for me ;)
<Mkools> pmatulis: Where can I find conf/ directory.
<halvors> You will get the SSH and Webmin Password
<halvors> Someone can help me?
<Pici> Pirate_Hunter: I don't know, sorry.
<Pici> halvors: Thats not a service that we provide here.
<halvors> Please :-D I have tryed for 3 years :'(
<Pirate_Hunter>   halvors that is also more work than required, also there are many tuts online for the previous lts that you can use as a base
<Pirate_Hunter> Pici, no worries, will review it again and decide than
<pmatulis> Mkools: look under /etc/tomcat6
<pmatulis> Mkools: 'dpkg -L tomcat6' to show files installed by the tomcat6 package
<halvors> But i have dont find som good ;( When vwill the 10.04 server guide be posted?
<halvors> And how can i show system logs in webmin?
<halvors> Do you know about some good wehb based admin panels?
<Mkools> pmatulis: There is no directory /conf in /etc/tomcat6 but there is one like /var/lib/tomcat6/conf is it the one.
<halvors> :)
<pmatulis> Mkools: could be, not sure
<Mkools> pmatulis: But why there is no conf file under /etc/tomcat6
<Mkools> Does I have not installed it properly.
<halvors> What is tomcat?
<Mkools> Or not set the java path.
<pmatulis> Mkools: i'm sure it's installed ok.  you now need to learn how to use it.
<Mkools> pmatulis: Yeah sure, Just asking as a precaution.
<Mkools> pmatulis: Does virtual hosting means virtual host creation?
<Pirate_Hunter> is there any tuts on pam_cracklib just checking it on lucid and it has changed a lot, wondering if anything has been released on it
<Pirate_Hunter> or anyone has attempted altering the file common-password under lucid?
<uvirtbot> New bug: #574416 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.37-1ubuntu5.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Low,Incomplete] https://launchpad.net/bugs/574416
<alien1> I have a server with ip 217.156.27.81. The problem I encountered is that I can access the server from 217.156.27.80 which is in the same switch but I cannot access from 217.156.27.2 for example which is in other switch.
<alien1> the two switches are linked in cascade.
<andol> alien1: proper netmask and/or default gateway settings?
<andol> alien1: ruled out faulty setting in the switches?
<alien1> the mask is proper and gateway
<alien1> I cannot access gateway from the server because of a switch problem I think ...
<halvors> I got this in my email log:
<halvors> May  3 14:17:38 ss1 postfix/postalias[11709]: warning: /etc/aliases, line 58: need name:value pair May  3 14:22:53 ss1 postfix/smtpd[11990]: warning: dict_nis_init: NIS domain name not set - NIS lookups disabled May  3 14:23:53 ss1 postfix/postmap[12329]: warning: /etc/aliases, line 2: record is in "key: value" format; is this an alias file? May  3 14:37:36 ss1 postfix/postqueue[13588]: warning: Mail system is down -- accessing queue d
<halvors> What should i do?????
<zul> set your NIS domain
<halvors> How set NIS domain and what is it?
<halvors> Should it be done in the Postfix mancf or?
<halvors> sry main.cf
<joschi> halvors: check your /etc/aliases file
<joschi> there is most probably an error on line 2 ;)
<halvors> OK, but what is NIS domain?
<joschi> halvors: that's only needed if you are using NIS
<halvors> But What is it?
<joschi> halvors: http://en.wikipedia.org/wiki/Network_Information_Service
<halvors> Anbd whay i get the error about NIS
<halvors> Here is my log file:
<halvors> # See man 5 aliases for format
<halvors> postmaster:    root
<halvors> skymia.net@skymia.net	skymia.net
<halvors> skymia.net	skymia.net
<halvors> abuse@skymia.net	skymia.net@skymia.net
<joschi> that's a warning and no error
<joschi> and that's obviously a wrong syntax for your aliases file...
<Pici> and he excess flooded
<halvors> Is the error  this: postmaster:    root ?
<Pici> !paste | halvors
<ubottu> halvors: For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://tinyurl.com/imagebin | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<halvors> Sorry here is my paste: http://paste.ubuntu.com/427004/
<joschi> halvors: read http://www.postfix.org/aliases.5.html
<joschi> halvors: and then use postalias (or newaliases) instead of postmap with this file
<halvors> The aliases file is generated by Virtualmin.
<halvors> Is the error  this: postmaster:    root ?
<halvors> Online 2
<halvors> sry on line
<halvors> 2
<joschi> yes
<halvors> will try now ;)
<halvors> but what about dovecot killed by signal 15?
<joschi> either you want a real alias file, then this is the only correct entry (and it's included wrong in your main.cf), or you want a virtual(5) file, then line 2 is the only wrong line
<halvors> ok
<zul> hggdh: heh...help..
<halvors> Now i only get this errors:
<halvors> http://paste.ubuntu.com/427006/
<joschi> halvors: make sure /etc/ssl/private/smtpd.key is accessible for postfix
<halvors> ok
<joschi> and make sure it actually contains a X.509 private key
<halvors> but i think it are somerrors here: https://help.ubuntu.com/9.10/serverguide/C/certificates-and-security.html#creating-a-self-signed-certificate
<halvors> 'ifollowed this
<halvors> but got som errors in my log file
<joschi> $ ls -ld /etc/ssl/private
<joschi> drwx--x--- 2 root ssl-cert 4096 Apr 10 07:09 /etc/ssl/private
<joschi> so you should add your postfix user to the group ssl-cert
<halvors> my smtpd.key fil does not kontain anyting :S
<halvors> What does this command $ ls -ld /etc/ssl/private ?
<halvors> And i checked ostfix is member of group ssl-cets
<halvors> sry ssl-cert
<halvors> So...
<halvors> This command does not work:
<halvors> openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
<halvors> will i need to cd to /etc/ssl first?
<hggdh> zul: waiting for bughugger to return me a list... but I am on it also
<zul> hggdh: sweet
<halvors> :-D???
<joschi> halvors: with the openssl command you posted, you'll get 3 files in your current working dir:  server.{csr,key,crt}
<joschi> actually server.key and server.csr already have to exist
<halvors> but i get the error: server.csr: No such file or directory
<halvors> unable to write 'random state'
<halvors> So what sould i do?
<joschi> halvors:  you should first generate a csr and a private key before you try to generate a certificate out of both ;)
<ivoks> helo
<ivoks> ts
<halvors> Yes, now i understand, should i do the things at the bottom of this guide?
<halvors> https://help.ubuntu.com/9.10/serverguide/C/certificates-and-security.html#creating-a-self-signed-certificate
<halvors> ??:-D
<uvirtbot> New bug: #574474 in openldap (main) "Dist-Upgrade Karmic->Lucid: Upgrading slapd fails with "chown: invalid argument: `'"" [Undecided,New] https://launchpad.net/bugs/574474
<halvors> ??
<halvors> Now...
<federico> hi, I've installed UEC following the guide in the page. The first time I could run an ubuntu image and login it via ssh. But now I cant, I've this error ssh -i mykey.priv  ubuntu@192.168.2.140
<federico> Warning: Identity file mykey.priv not accessible: No such file or directory.
<federico> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
<federico> @    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
<federico> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
<federico> IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
<federico> Someone could be eavesdropping on you right now (man-in-the-middle attack)!
<federico> It is also possible that the RSA host key has just been changed.
<Pici> !paste | federico
<ubottu> federico: For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://tinyurl.com/imagebin | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<joschi> halvors: you don't need a CA
<zul> hggdh: do you want to take eveyone before 572105
<joschi> halvors: and please: don't just copy&paste the commands from the guide but *read* the guide
<federico> sorry
<Pici> federico: If the UEC instance is different, then the host keys will not match.
<federico> so, what Can I do?
<halvors> ok, i will drop the CA
<federico> here is my error http://paste.ubuntu.com/427019/
<halvors> I have now tested send mail from server work but i can not get email
<halvors> ;(
<halvors> :'(
<federico>  hi, I've installed UEC following the guide in the page. The first time I could run an ubuntu image and login it via ssh. But now I cant, I've this error http://paste.ubuntu.com/427019/
<Pici> federico: Either disable strict host key checking for this instance, or not save the public key, or delete it after use. This will do both:  ssh -o UserKnownHostFile=/dev/null -o StrictHostKeyChecking=no user@host
<federico> I'll try
<halvors> Some ideas about dovecot?? I cant get email :'(
<federico> another error: command-line: line 0: Bad configuration option: UserKnownHostFile
<federico> <Pici>  another error: command-line: line 0: Bad configuration option: UserKnownHostFile
<uvirtbot> New bug: #437512 in apache (universe) "mod-ssl should support OCSP Stapling" [Wishlist,Confirmed] https://launchpad.net/bugs/437512
<Pici> federico: Sorry, its UserKnownHostsFile
<halvors> Can someone help me with my email problem?
<halvors> I am a noob and i need help:-D
<federico> now I have this problem: Permission denied (publickey).
<Pici> federico: Well, are you using the -i mykey.priv thay you were using before as well?
<federico> mmm, I think I did the comand to get that key again
<federico> how can I delete all and get again the keys?
<federico> AAA
<federico> it works
<federico> yeaaa
<federico> thank you very much Pici
<Pici> federico: you're welcome
<TeTeT> soren: has execscript replaced firstboot in vmbuilder on Lucid?
<Italian_Plumber> what logs might be kept for me to see if someone is doing a brute force attack on my server?
<soren> TeTeT: No.
<soren> TeTeT: execscript is a script that runs during build.
<hggdh> zul: I am going from oldest to newset
<hggdh> newest
<zul> cool
<TeTeT> soren: so firstboot is gone for good?
<hggdh> kirkland: can you signoff on the UEC testing blueprint?
<soren> TeTeT: No, it's just...
<soren> Um..
<kirkland> hggdh: sure
<halvors> Somone can help me?
<soren> TeTeT: I'm going to do an SRU for VMBUilder to fix a bunch of stuff. firstboot is one of them.
<soren> TeTeT: I meant to fix it before release, but then my whole family was sick for two weeks.
<TeTeT> soren: sorry to read, hope you are all up and running again!
<kirkland> hggdh: done
<zul> kirkland: there is a bunch of new eucalyptus bugs can you have a look at them
<kirkland> zul: sure
<astroboy> I have a problem. I have installed ubuntu 10.04 on my server, and it boots fine, but it seems not to get the network. ifconfig says I've got an ip and everything but every request gives "Temporary failure resolving"
<ivoks> soren: did you have time to look at that qemu-only issue?
<ivoks> soren: ah, i've just noticed your reply to TeTeT :)
<ivoks> soren: all the best to you and your family
<astroboy> is there something I can do to test the network in other ways?
<lil_cain> astroboy: Is there anything in /etc/resolv.conf?
<astroboy> lil_cain: yeah I have the dns servers. I also tried with google dns just to be sure and it doesn't work
<lil_cain> can you ping 8.8.8.8?
<uvirtbot> New bug: #569865 in php5 (main) "gallery2 installation fails" [High,Confirmed] https://launchpad.net/bugs/569865
<astroboy> lil_cain: "Destination host unreachable"
<lil_cain> do you have a route for it?
<lil_cain> (is there a default route set in the output of netstat -rn?)
<astroboy> lil_cain: what should I run to guess :P
<lil_cain> netstat -rn
<lil_cain> should print your routing table
<lil_cain> you should have a route for 0.0.0.0
<astroboy> it just gives a list of possible commands
<halvors> I need help with my Ubuntu 10.04 email server, here is my log file: http://paste.ubuntu.com/427048/
<lil_cain> You're typing 'netstat -rn' and you're getting a list of commands?
<halvors> no
<lil_cain> astroboy: try 'route' with no arguments
<astroboy> lil_cain: ok
<lil_cain> what does it have for 0.0.0.0?
<halvors> ??
<halvors> ??
<halvors> ?
<halvors> ?
<lil_cain> halvors: sorry, no idea about postfix. I'm an exim person.
<halvors> And exim?
<halvors> it is easyer than postfix?
<lil_cain> depends. It's not the ubuntu default however.
<astroboy> lil_cain: this is the result: http://i43.tinypic.com/23m4xlg.png
<astroboy> (sorry but I can't copy/paste because I am controlling the server through a java applet...)
<lool> Hey folks
<lool> Who usually cares for php5 in Ubuntu>
<lool> s/>/?
<lil_cain> ok, can you ping 87.98.219.254?
<halvors> But some other can help me?
<astroboy> lil_cain: just a second, the applet is freaking out...
<federico> Hi, I've installed UEC and I've running an image, but I can only ping it from the pc which I start it. how Can I do to ping from any pc on the subnet?
<lool> zul: Heya
<zul> lool: hi
<lool> zul: I see you triaged some php5 bugs, who is usually testing/updating php5 in the server team?
<stas> hi, I'm trying to install mysql-server on lucid and the process hangs, anyone else had the same issues?
<zul> lool: that would be me...you are going to ask about the gallery one right?
<lool> stas: I installed it earlier today in a vm, and it worked flawlessly
<lool> zul: Yup
<lool> zul: I've identified what I think is a fix, albeit I didn't confirm it
<zul> lool: the fix is in my one of my ppa
<lool> zul: But the analysis of the bug points at the fix as a likely, well, fix
<stas> lool: did you use a password for root?
<lool> zul: Ah do you had picked it up already?
<lool> stas: No
<zul> lool: yep
<lool> But that's not recommended   :-)
<stas> lool: i don't care it just doesn't install
<zul> lool: yeah im just have to do the sru
<ivoks> stas: you could run the install with debug
<astroboy> lil_cain: I can't ping 87.98.219.139
<lil_cain> astroboy: There's your problem. Is that the correct gateway? Or is it firewalled in some way?
<ivoks> stas: sudo DEBCONF_DEBUG=developer apt-get install mysql-server
<stas> ivoks: let me try, anyway it hangs on `service mysql start|stop`
<lool> zul: Ok; do you think you would be able to test a gallery2 install for the SRU stuff?
<zul> lool: thats the plan
<astroboy> lil_cain: yeah it should be the gateway
<Italian_Plumber> wow the default sshd setting for "AllowRootLogin" is "yes"?
<lool> zul: Ok thanks; I didn't see myself going through the process another time, it's great that you're taking it care of it all
<lool> zul: cheers!
<ivoks> Italian_Plumber: yes!
<zul> lool: no problem
<cclausen> Italian_Plumber: that is a feature, not a bug
<astroboy> lil_cain: I have always configured network/interfaces with that gateway (following the instructions of my host) and it worked
<cclausen> Italian_Plumber: and isn't it called PermitRootLogin ?
<astroboy> using debian
<lil_cain> cclausen: It's a lot of things. A feature is not one of them.
<ivoks> i had a hard time keeping it 'yes' on one of last UDS
<ivoks> :)
<lil_cain> astroboy: What is the ip address/netmask of the box?
<astroboy> the ip address is 87.98.219.139
<Italian_Plumber> well it just seems like the default should be a little more secure.  I supposed this has probably been discussed ad nauseum before.
<Italian_Plumber> supposed = suppose
<astroboy> lil_cain: and the netmask is 255.255.255.0
<stas> ivoks: http://dpaste.com/190351/ it hangs on frontend
<lil_cain> astroboy: There's your problem.
<lil_cain> your default gateway and IP address cannot be the smae.
<astroboy> lil_cain: ?
<lil_cain> *same
<astroboy> no my gateway ends in 254
<astroboy> my ip address in 139
<lil_cain> sorry, my bad, misread that. If you can't ping your own interface, there's something badly wrong. Can you ping localhost?
<daimoni> hello. is documentation for 10.04 anywhere yet? help.ubuntu.com doesn't have docs for 10.04... more specifically i would like to see how virtualization tools have been advanced since hardy, if 10.04 would be 'good enough' as VPS host instead of RHEL
<astroboy> lil_cain:just a sec, I don't know why at some point the applet loses my keyboard and I have to reboot....
<federico> Hi, I've installed UEC and I've running an image, but I can only ping it from the pc which I start it. how Can I do to ping from any pc on the subnet?
<astroboy> lil_cain: I can ping localhost
<daimoni> anyone know when the server documentation is coming?
<sommer> daimoni: what do you mean?
<daimoni> https://help.ubuntu.com/ <- i mean it's not available here
<sommer> daimoni: should be up this week, probably the next day or so
<halvors> I wait for it to i need to setup my email server ;)
<halvors> ok
<astroboy> lil_cain: no ideas? I am really getting desperate lol
<sommer> daimoni: the html files are avialable in the ubuntu-serverguide package
<pmatulis> halvors: don't think much has changed for mail servers since 9.10
<lil_cain> astroboy: Not really. Can you get a screenshot of the output of ifconfig, and sudo iptables -L?
<astroboy> sure
<daimoni> sommer: haven't installed it yet - just in process to decide wether to use 10.04 or rhel as a VPS host :-)
<astroboy> lil_cain: this is ifconfig
<astroboy> lil_cain: http://i40.tinypic.com/14dploh.png
<astroboy> and apparently I don't have iptables installed :P
<sommer> daimoni: not sure there's much in the serverguide that would help you with that decision... I'd doing testing on both and decide after some comparison
<sommer> daimoni: that being said I would definitely use Ubuntu :-)
<lil_cain> astroboy: no idea then, sorry.
<sommer> daimoni: works well for me
<daimoni> sommer: well, i'm just investigating how to manage KVM etc, previously used rhel boxes with openvz
<daimoni> and since 10.04 is a recent release, it would be quite long-living as a host os
<astroboy> lil_cain: where should I look for answers :P?
<sommer> I use libvirt which gives you virsh cli tool and from remote hosts I sometimes use virt-manager and virt-viewer
<sommer> I only have around 10 VMs though
<daimoni> jeos builder scripts look easy at least
<pmatulis> daimoni: yes, vmbuilder can get you a slim server vm in under 4 minutes
<sommer> ya I use vmbuilder and virt-install to create the images then once they're on the network good old ssh takes over
<soren> TeTeT: Yeah, everyone is fine now. It was just really bad timing. :(
<daimoni> hm.. documentation doesn't seem to quite explain how to manage cpu resources with kvm though
<daimoni> (reading 9.10 docs)
<pmatulis> daimoni: don't think there is cpu throttling in kvm yet
<daimoni> seems to be so... but if i understood this right, nice and other usual fellows will work with kvm as it doesn't use any custom kernel?-)
<daimoni> for setting up priorities etc
<failover> daimoni, try #kvm
<soren> daimoni: Yeah, anything you can use to throttle a regular user process, you can use to throttle kvm.
<soren> daimoni: cgroups, nice... Whatever.
<daimoni> yup, that's nice
<federico> Hi, I've installed UEC and I've running an image, but I can only ping it from the pc which I start it. how Can I do to ping from any pc on the subnet?
<smoser> federico, nothing should limit reaching it to the system which started it.
<federico> no, from I started no
<federico> from other machine
<smoser> if its public IP address is  reachable, then it should be reachable from anywhere. unless you've set up some other vpn or something to that network.
<smoser> basically, nothing special is done with public ips
<federico> the ip adress is 192.168.2.140
<federico> I dont set up nothing else
<federico> what can i do?
<smoser> i'm sorry, but i dont have any ideas.  there is nothing speical done to the networking that would allow "the pc which i start it" to reach the instance.
<smoser> it just relies on "regular" networking, which "should" serve any other systems also
<federico> wait
<federico> the pc that starts it can ping/ssh
<federico> but only that one
<federico> I wanna connect it from another pc in the LAN
<smoser> federico, right.
<smoser> what i'm saying is that nothing special was done to make "the pc that starts it" able to reach it.
<smoser> well, via ping at least.  via ssh, you will need access to the private key that the system was launched with from the second system.
<federico> I dont understand what I have to do
<smoser> for "ping", you shouldnt have to do anything.
<federico> but doesnt work
<smoser> for ssh, you have to get the private key (that you created with euca-add-keypair) to the other pc, and then tell ssh to use it there.
<federico>  but ping doesnt work
<smoser> if ping is broken, federico, i'm sorry i don't really have any solutions.
<federico> u.u
<federico> thank anyway
<failover> frederico, tell-me the ip from host and ip from guest !
<smoser> its a general networking problem i would think, not much related to the eucalyptus.
<federico> I have my NC on 192.168.2.103, CC 192.168.2.100, and I want to access from the 192.168.2.104
<federico> the ping only works from the 192.168.2.103
<federico> I started the image from there
<uvirtbot> New bug: #574547 in mysql-dfsg-5.1 (main) "Installation of system tables failed" [Undecided,New] https://launchpad.net/bugs/574547
<federico> any idea?
<failover> federico, the vm get the ip from where? and who is acting as gw for the vm ?
<federico> from the router?
<zul> lool: SRU filed
<federico> I don't know well
<failover> federico: could you check this ?
<federico> what?
<federico> how do I check
<federico> ?
<failover> the gw of vm !
<federico> gw?, whats that?
<failover> gateway
<federico> ahh
<failover> type route in vm console !
<federico> Kernel IP routing table
<federico> Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
<federico> 172.19.1.0      *               255.255.255.224 U     0      0        0 eth0
<federico> default         172.19.1.1      0.0.0.0         UG    100    0        0 eth0
<daimoni> 8)
<federico> is not configured ?
<failover> now do the same in machine 192.168.2.104
<federico> Tabla de rutas IP del nÃºcleo
<federico> Destino         Pasarela        Genmask         Indic MÃ©tric Ref    Uso Interfaz
<federico> 172.19.1.0      *               255.255.255.224 U     0      0        0 eth0
<federico> 192.168.2.0     *               255.255.255.0   U     0      0        0 eth0
<federico> default         192.168.2.1     0.0.0.0         UG    100    0        0 eth0
<federico> how can I fix it?
<failover> federico, rebuild in VM  the file /etc/network/interfaces to looks like the one in machine 182.168.2.104!
<federico> ok, Iwill do that
<federico> thank you very much
<smoser> federico, thats a hack to do that.
<smoser> the guest instances boot and get IP information via dhcp
<federico> so?, it's ok if I change the  /etc/network/interfaces in the image?
<failover> you could try!
<federico> ok
<federico> thanks I'm going to lunch right now
<federico> thanks again
<failover> ok!
<lool> zul: Cool thanks
<uvirtbot> New bug: #574557 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.41-3ubuntu12 failed to install/upgrade: Package is in a very bad inconsistent state - you should  reinstall it before attempting a removal. Reinstall goes so far then freezes." [Undecided,New] https://launchpad.net/bugs/574557
<pmatulis> nasty
<federico> failover: are you sure that I have to change /etc/network/interfaces in the VM? and not in the pc from I want to access it?
<failover> yeap, im sure !
<failover> yout VM is getting the network by nat or bridge ?
<federico> bridge I suppose
<federico> ok, how can I set up that confguration?
<failover> i don't now how this work in UEC, sorry...
<federico> ok
<failover> but try my suggestion, write the interfaces file to looks like the one in .104 machine...
<federico> ok
<failover> just change the ips and set the correct interface!
<failover> keep the same gw, mask, dns etc.
<federico> wait, when I enter to the /etc/network/interfaces  there is nothing like that
<failover> in .104 or in VM ?
<federico> in both
<federico> where I can change the route?
<VirtualDisaster> route
<failover> type ifconfig  in CC, did you see this ip: 172.19.1.1 ?
<federico> yes
<federico> eth0:priv Link encap:Ethernet  direcciÃ³nHW 00:24:8c:8c:39:e6
<federico>           Direc. inet:172.19.1.1  Difus.:172.19.1.31  MÃ¡sc:255.255.255.224
<federico>           ACTIVO DIFUSIÃN FUNCIONANDO MULTICAST  MTU:1500  MÃ©trica:1
<federico>           InterrupciÃ³n:16
<failover> ok, i believe you are using nat
<failover> you could try just change the route, but i don't think this will work !
<federico> where is that file?
<failover> try this: route add default gw 192.168.2.1
<SpamapS> mathiaz: Hi there!
<failover>  type route and past the result !
 * SpamapS is Clint
<mathiaz> SpamapS: hi!
<mathiaz> SpamapS: that's an interesting nickname!
<federico> ubuntu@172:~$ sudo route add default gw 192.168.2.1
<federico> SIOCADDRT: No such process
 * failover is Eastwood !
<SpamapS> mathiaz: yes, something left over from high school that I really should change. :)
<mathiaz> SpamapS: I thought it was related to email spam at first
<federico> failover: it doesn't work
<failover> :s
<SpamapS> no, email spam is from the dark side of the family.. I'm closer to the cheap lunchmeat. ;)
<SpamapS> mathiaz: looking forward to meeting everybody next week. :)
<federico> u.u
<federico> :(
<mathiaz> SpamapS: me too! - it's gonna be an exciting week
<federico> failover are you there?
<failover> yeap
<federico> thanks anyway
<failover> try to del de default route first
<federico> I'm a noob, how Can I do that?
<failover> sudo route del default gw 172.19.1.1  &&  sudo route add default gw 192.168.2.1
 * VirtualDisaster thinks someone should read help.ubuntu.com
<mathiaz> SpamapS: I can give you some tasters of what we'll talk about next week
<areay> hi all... after upgrading from karmic to lucid, autofs no longer reads maps from ldap... i get about 6 errors in my syslog every time i restart autofs. i'm currently installing from scratch to see if that makes any difference... i've checked the release notes for 10.04, and also looked for (but didn't find) a server guide for 10.04, and googled for a solution also... it seems like maybe the ldap syntax has changed in the upgrade f
<areay> rom autofs4 to autofs5, or the schema maybe?
<mathiaz> SpamapS: I'm doing some research for some of the blueprints we'll be discussing and I wouldn't mind a bit of help for some of them :)
<federico> no
<federico> thanks
<federico> failover
<failover> dosen't work ?
<federico> the image is not respondig
<failover> hum!!
<SpamapS> mathiaz: I was just looking through the list actually. Monitoring/Graphing integration is very near and dear to my heart
<mathiaz> SpamapS: great - that's one of my idea :)
<mathiaz> SpamapS: I've got some ideas about it and how to integrate that in the cloud
<failover> federico: this mean that the change happen !
<mathiaz> SpamapS: we'll discuss that next week :)
<failover> the vm dosen't reply a ping ?
<federico> mm, but I've finished it and now I cant login :s
<SpamapS> mathiaz: indeed.
<federico> no
<federico> it doestn
<federico> thanks
<areay> has anyone else had experience with autofs/ldap when upgrading to lucid?
<failover> :s
<uvirtbot> New bug: #574602 in nmap (main) "package nmap 5.00-3 failed to install/upgrade: " [Undecided,New] https://launchpad.net/bugs/574602
<mathiaz> SpamapS: one thing I'd like to investigate in the monitoring discussion is which open source monitoring framework are available today
<mathiaz> SpamapS: ie: have an overview of the monitoring frameworks out-there and which one would be best suited for cloud computing
<zul> mathiaz: munin and nagios are already in main ;)
<hggdh> re. bug 434799 why was /etc/defaults/ssh support dropped from upstart?
<uvirtbot> Launchpad bug 434799 in openssh "X11 forwarding via SSH does not work after upgrade to karmic" [Low,Confirmed] https://launchpad.net/bugs/434799
<mathiaz> zul: right - it doesn't we should review other packages on a regular basis
<mathiaz> zul: right - it doesn't *mean* we should not review other packages on a regular basis
<zul> mathiaz: of course not
<SpamapS> Those do happen to be my two favorites though. ;)
<SpamapS> On a much bigger scale, I'd like to see some revisiting of RRD. It seems so rigid.. seems nearly impossible to migrate between graphing systems.
<cjs> Hm. What does it mean when my installer in a KVM, after I approve the disk partitioning, just gives me a blue screen with no dialogue boxes and the kernel says "info: task parted_server:7314 blocked for more than 120 seconds"? Also, I got "buffer IO error on device vda".
<cjs> (This is a 10.04 64-bit server install.)
<Theravadan> any major issues going from 8.04LTS to 10.04LTS?
<sbeattie> hggdh: I've seen it claimed that /etc/default/ shouldn't be used and that options should be added to /etc/init/ conf files directly.
<sbeattie> hggdh: I don't agree with this, but it's what I've seen claimed.
<pmatulis> cjs: what are you installing?
<cjs> Ubuntu 10.04 server (64-bit).
<sbeattie> hggdh: cjwatson is the person who does primary maintenance of our openssh package, so you may wish to ask him.
<Hypnoz> Theravadan: That is a great question, I had considered testing that today. What would be your method of doing that upgrade?
<axisys> i like my windows users to connect to our network.. what is a good vpn tool that would make it simple? i am guessing as far as the server openvpn is the way to go?
<Hypnoz> Theravadan: I would think maybe copy the sources.list, and run "apt-get dist-upgrade"
<pmatulis> cjs: what other load does the host have?
<cjs> Hm. The sector is of the error is very close to the end of the disk. (I don't know how close exactly.)
<cjs> pmatulis: Pretty much nothing. There's another kvm running, more or less idle, and the host itself is pretty much idle.
<sbeattie> Hypnoz|Theravadan: no! please use do-release-upgrade for upgrading server installs.
<pmatulis> cjs: any LVM stuff?
<cjs> The disk device the kvm is using is an LVM partition that is then encrypted.
<Hypnoz> sbeattie: can I have do-release-upgrade do the whole upgrade without prompting me?
<cjs> (The other kvm is using exactly the same thing, except the partition is 50 GB instead of 1.7 TB.)
<Hypnoz> sbeattie: I would be upgrading a lot of servers at once
<pmatulis> cjs: can you try a smaller partition?  to test
<cclausen> Theravadan: if you are running PHP, a lot of things do not work with PHP 5.3 yet, otherwise I upgraded from 8.04 on several systems without other problems (so far)
<cjs> pmatulis: I have done this with a 50 GB partition, which worked fine. How much smaller should my new partition be?
<sbeattie> Hypnoz: I *think* do-release-upgrade --frontend=noninteractive is what you want.
<hggdh> sbeattie: thanks
<Hypnoz> sbeattie: that might just press enter to all the defaults during prompts?
<pmatulis> cjs: depends how much you want to test and help out
<cjs> Well, I've got some spare time. What's the overall plan to test this?
<Hypnoz> sbeattie: also, do we have to download and install do-release-upgrade from a website? I don't see it in apt
<sbeattie> Hypnoz: do-release-upgrade is part of the update-manager-core package, it should already be present.
<Theravadan> cclausen, thx, i dont use PHP so I feel better
<pmatulis> cjs: if it's a size issue then increasing to 500 GB could be a next test.  then go to 1 TB.  come back down if you hit the snag.  we're looking for some magic size where it might consistently barf
<halvors> What could i do about this: http://paste.ubuntu.com/427126/
<Hypnoz> sbeattie: ah you're right. I can't "man" it
<cjs> pmatulis: Ok.
<pmatulis> cjs: maybe also stay with 1.7 TB but w/o LVM.  to see if LVM is always involved
<cjs> I can't go without LVM; that 1.7 TB is carved out of an LVM partition.
 * pmatulis nods
<cjs> But wait: are you talking LVM on the host or on the KVM machine?
<sbeattie> Hypnoz: presumably because the manpage is provided by the update-manager package, which isn't installed on servers. :-(
<pmatulis> cjs: on the guest
<Hypnoz> sbeattie: do you think do-release-upgrade is the same as "update-manager --dist-upgrade" ?
<cjs> pmatulis: Oh, I wasn't using LVM on the guest.
<cjs> Though, hmmm, let me give it a quick try and see what happens.
<cjs> Well, LVM on the guest has the same problem, except that the error is much earlier on the disk: about 215 MB in from the start.
<halvors> My Postfix does not work i have 5950 customers in the que =-O Here is my log: http://paste.ubuntu.com/427126/
<Theravadan> how does ubuntu server handle say postgres upgrades? Does it do an auto dump/restore or does it simply just no upgrade from say 8.3 to 8.4 unless you tell it to do so
<ivoks> halvors: what did you do?
<sbeattie> Hypnoz: do-release-upgrade is the cli equivalent of update-manager --dist-upgrade, yes.
<ivoks> halvors: run newaliases
<sbeattie> Theravadan: it leaves both postgresql 8.3 and 8.4 installed, and tells you to uninstall the 8.3 packages after you've converted your databases, IIRC>
<halvors> is the run newaliases in terminal
<Mkools> Is there a way that we can check clashing of ports between tomcat and other servers like dhcp and dns.
<halvors> I have some problems with TLS: http://paste.ubuntu.com/427140/
<halvors> On postfix
<ivoks> halvors: you have 5000+ clients in postfix and you don't know what newaliases are?
<ivoks> halvors: postfix is chrooted, it can not read files outside of /var/spool/postfix
<cclausen> ivoks: I think he means he has ~6000 queued emails
<ivoks> oh
<ivoks> halvors: restart postfix
<ivoks> if /etc/ssl/private/smtpd.key exists
<ivoks> exists
<Theravadan> sbeattie, thx
<halvors> I could edit the master.cf and edit postfix to not make chroot?
<ivoks> don't do that
<ivoks> just restart postfix
<kirkland> smoser:
<kirkland> smoser: ping
<cjs> pmatulis: Sorry about taking so long; getting set up to do installs easily took a bit of time. Anyway, a 550GB "disk" works fine.
<cjs> pmatulis: As does 1024GB.
<cjs> Though the installer calls that "1.1TB".
<cjs> pmatulis: 1532GB has the problem. Thoughts?
<smoser> kirkland, here
<kirkland> smoser: found it; nevermind
<zul> hggdh: PING
<hggdh> zul: consider yourself ponged ;-)
<hggdh> or PONGED?
<zul> hggdh: can you nominate #572262 for lucid for me, i seem to have lost that ability.
<smoser> bug 572262
<uvirtbot> Launchpad bug 572262 in nut "[SRU] libusb_get_report: error sending control message: Operation not permitted" [Medium,Incomplete] https://launchpad.net/bugs/572262
<hggdh> zul: doing it now
<zul> hggdh: thnaks
<hggdh> zul, done. You *should* be able to... weird
<zul> hggdh: yeah i know
<zul> hggdh: thanks
<halvors> Now i have restarted postfix noting happend
<halvors> same error: http://paste.ubuntu.com/427140/
<halvors> ? :-D
<ivoks> halvors: does the file exist?
<ivoks> /etc/ssl/private/smtpd.key
<halvors> i check wait ;)
<halvors> yes it exist
<ivoks> is it a certificate key?
<ivoks> is it readable by root?
<cjs> pmatulis: I found the problem: http://sourceforge.net/tracker/index.php?func=detail&aid=2933400&group_id=180599&atid=893831
<cjs> It would probably be a good idea to warn people not to use virtio with kvm in 10.4.
<halvors> Wait, i hav enot created it by the totourial: https://help.ubuntu.com/9.10/serverguide/C/certificates-and-security.html, it may be from a older thing
<halvors> so how could i regenerate it?
<zul> lool: can you test the php package in proposed when it becomes available
<ivoks> halvors: i didn't undestand you
<ivoks> understand
<lool> zul: Well that's what I was asking about earlier
<lool> I'm not too excited about reinstalling gallery2
<zul> k
<lool> zul: But if there's no other choice, I will do it
<zul> thanks
<lool> things are a bit packed with UDS preps too
<zul> lool: thats fine...priorities ;)
<ttx> mathiaz: yo
<mathiaz> ttx: o/
<halvors> What do you nt understand?
<ivoks> halvors: you didn't set up certificates?
<smoser> hggdh, what are you and the dc cloud up to these days ?
<ivoks> halvors: if you didn't, stop talking and create certificates :)
<smoser> i'd like to run some tests in the setup where you saw the most errors and see if we can't improve some of it.
<hggdh> smoser: right now it is idling...
<smoser> ttx, ping.
<hggdh> smoser: usually topo2 will give out the errors
<halvors> I done all thing in this guide https://help.ubuntu.com/9.10/serverguide/C/certificates-and-security.html, but the postfix main.cf file need smtpd.key, but i have not generated it in the guide
<smoser> hggdh, could i hvae it put into topo2 then ?
<ttx> smoser: yo
<hggdh> smoser: let me check, I think it is already there (due to the -proposed tests
<smoser> ttx, what bug was it that cjwatson was seeing with plymouth ?do  you know ?
<smoser> i'm hoping that might explain some of our errors.
<ivoks> halvors: you do know what private key is?
<ttx> smoser: it's one of hggdh's
<smoser> ttx, bug 567592
<uvirtbot> Launchpad bug 567592 in plymouth "rm: cannot remove `/var/lib/urandom/random-seed': Read-only file system" [Undecided,New] https://launchpad.net/bugs/567592
<ivoks> halvors: to make things short; you probably call it /etc/ssl/private/server.key
<halvors> I know it is someting to authenticate clients for th email server ;)
<hggdh> yes. I was wondering about it also, smoser
<ivoks> halvors: and certificate is, probably, /etc/ssl/certs/server.crt
<hggdh> smoser: http://pastebin.ubuntu.com/427168/ it is already in topo2, and running
<ivoks> halvors: if you want smtp/imap/pop with ssl, install dovecot-postfix package
<smoser> hggdh, ok. and where is the best version of the test suite ?
<ivoks> halvors: it will set up everything for you
<ttx> smoser: checking
<halvors> i have installed it
<halvors> dovecot postfix also
<hggdh> smoser: heh. the one under my login will work fine. I will tar it up, then you just untar it
<ivoks> dovecot-postfix is the name of package
<ttx> smoser: yep
<halvors> yes
<halvors> i have it installed
<smoser> hggdh, k
<halvors> So should i delete all the crt and key files and make new
<halvors> ?
<ivoks> halvors: no
<ivoks> halvors: just copy server.key to /etc/ssl/private/mail.key
<hggdh> smoser: sorry, it is all ready to use -- you will have to login as 'ubuntu' on cempedak
<ivoks> halvors: and server.crt to /etc/ssl/certs/mail.crt
<halvors> Are the ok for you to get my ssh login and do it for me?
<hggdh> smoser: then cd uec-testing-scripts, and play with it
<halvors> i are confused now :-X
<cjs> What's the ubuntu developers channel called?
<ivoks> halvors: sudo cp /etc/ssl/private/server.key /etc/ssl/private/mail.key
<halvors> smtpd_tls_key_file = /etc/ssl/private/smtpd.key
<halvors> smtpd_tls_cert_file = /etc/ssl/certs/smtpd.crt
<halvors> smtpd_tls_CAfile = /etc/ssl/certs/cacert.pem
<halvors> postfix main.cf
<ivoks> halvors: sudo cp /etc/ssl/certs/server.crt /etc/ssl/certs/mail.crt
<ivoks> halvors: dovecot-postfix didn't do that
<halvors> ok, but i think i have to reinstall the package dovecot postfix
<ivoks> no, you don't have to
<ivoks> look
<ivoks> there are two files
<ivoks> one is key file
<ivoks> the other is certificate file
<ivoks> key file is names .key, while certificate is named .crt
<halvors> but i did not undrestand postfix call these files
<halvors> smtpd_tls_key_file = /etc/ssl/private/smtpd.key
<halvors> smtpd_tls_cert_file = /etc/ssl/certs/smtpd.crt
<halvors> smtpd_tls_CAfile = /etc/ssl/certs/cacert.pem
<ivoks> you created those
<ivoks> halvors: so, change those lines
<halvors> Do you have a ssh client installed?
<ivoks> i won't ssh to you machine :)
<halvors> you can get ssh login details
<halvors> whay?
<ivoks> i created dovecot-postfix just for guys like you :)
<ivoks> you just had to install it and that's it
<cloakable> :)
<cloakable> ivoks: Any chance of a postfix-amavis package? ;)
<ivoks> cloakable: there's amavis-postfix patch
<ivoks> cloakable: it will be in 10.10
<halvors> can i get your email for later problems if you created dovecot-postfix you're expert
<ivoks> halvors: i can help you over IRC
<wack47> having some problems installing mysql and php5 properly on my server. I get this error http://pastebin.com/5VQpdyqf when i try to install mysql-server
<ivoks> halvors: but if you want, i could sell you support :)
<ivoks> bah...
<ivoks> halvors: give me ssh access
<halvors> Ok, but i will send you private email not over the IRC
<halvors> i dont want all to know my passwords :S
<ivoks> ivoks@ubuntu.com
<cloakable> ivoks: awesome :)
<wack47> lol why not over halvors?
<wack47> lol
<ivoks> cloakable: bug 524341
<uvirtbot> Launchpad bug 524341 in amavisd-new "[FFE] Add amavisd-new-postfix package" [Undecided,Confirmed] https://launchpad.net/bugs/524341
<penguin42> anyone tried the iscsi target mode on lucid server? I'm getting 'The length of the target name is zero'
<halvors> mail sent to you ivoks ;)
<halvors> maybe i should reinstall my server and take all from scrath
<halvors> ?
<ivoks> lol
<ivoks> no
 * penguin42 also hasn't quite figured out if the ubuntu built iscsi_trgt is the same module that would be built by iscsitarget-source
<halvors> Do you got the email ivoks
<halvors> ?
<halvors> Do you got logged in to ssh?
<ivoks> halvors: i got email
<halvors> ok and you got logged in=
<halvors> ?
<halvors> do you need webmin loggin and webmail for test?
<ivoks> yay, i'm root :)
<halvors> yes
<halvors> you are
<RoyK> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system. See !ebox instead.
<cloakable> !ebox
<ubottu> ebox is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/eBox
<halvors> can ebox administrate domain?
<halvors> like webmin?
<RoyK> halvors: try it :)
<RoyK> halvors: also, using the commandline is rather neat when you get into it :Ã¾
<ivoks> use ispconfig for that
<halvors> i cant try on my server it need testing first
<RoyK> halvors: use a VM
<halvors> ivoks do vm?
<halvors> sry
<halvors> i mean use VM, what is it?
<RoyK>  virtual machine
<RoyK> use kvm or xen or virtualbox or something
<halvors> ivoks, do you got logged in?
<RoyK> vbox is trivial to setup
<ivoks> halvors: there, solved
<ivoks> halvors: send an email now
 * RoyK hands ivoks a few rootkits
<oru_work> how can i check which version of clamav i have installed ?
<halvors> ok
<ivoks> RoyK: already implemented :)
<halvors> wait a little bit
<RoyK> ivoks: :)
<ivoks> argh...
<wack47> anyone know about mysql/php5? Im having some problems installing mysql and php5 properly on my server. I get this error http://pastebin.com/5VQpdyqf when i try to install mysql-server
<halvors> i got these errors instead: http://paste.ubuntu.com/427180/
<ivoks> halvors: try now
<halvors> so sorry ivoks it does not work :(
<ivoks> as i said
<ivoks> try now
<halvors> ok
<ivoks> you don't have to paste logs; i'm on your server, remember? :)
<wack47> lol
<RoyK> wack47: did you pastebin "No apport report written because MaxReports is reached already stalled."?
<halvors> the email comes to my other email but i cant get email from other.
<RoyK> wack47: no, did you google it?
<halvors> do you got som errors now?
<halvors> ok, i should not past logs more ;)
<ivoks> halvors: you're from norway?
<wack47> Royk: I have tried googling a couple things, but not really getting anywhere with it
<RoyK> wack47: there are a few bugs listed with that error message
 * RoyK thinks halvors is from .no
<ivoks> halvors: anyway, tls on smtp is working
<halvors> Yes, how do you know that?
<RoyK> halvors: nextgentel doesn't have much customers outside norway :Ã¾
<ivoks> halvors: do you have friends that like to paddle? :)
<ScottK> oru_work: dpkg -l clamav
<ivoks> halvors: kayaks and stuff
<ScottK> ivoks: I'm glad you clarified.
<halvors> Yes someone ;)
<ivoks> ScottK: eh?
<halvors> but i didn't do that myself ;)
<ScottK> ivoks: Paddle has more than one meaning in English.
<RoAkSoAx> kirkland, ping?
<ivoks> oh :)
<wack47> Royk: see that after googling that specific phrase, was focused more on searching "mysql not installing". Guess my vision was to narrow on the situation
<oru_work> is it a good idea to do apt-get upgrade every so often ?
<halvors> were are you from ivoks?
<ivoks> halvors: so, now that i helped you
<ScottK> oru_work: Generally yes.
<ivoks> halvors: you could at least point your friends to www.jamming-adventures.com :)
<RoyK> wack47: mysql not installing is quite a broad thing to google
<zul> ivoks: meh
<ivoks> zul: :D
<halvors> thanks, can i recive mail to and send from evolution?
<wack47> yes i agree, i was beeing more specific, but yeah nm lol
<ivoks> halvors: you should be able to, try
<halvors> ok ;)
<halvors> i will try now
<halvors> no i cant recive email using squirrelmail ;(
<halvors> :'(
<ivoks> you installed dovecot-postfix
<halvors> In the log before dovecot was killed by signal 15
<halvors> yes
<RoyK> halvors: wierd - it also uses imap - or did you use pop from evolution and delete the messages?
<ivoks> and then changed almost everything that package setup
<halvors> yes, maybe :(
<ivoks> why?
<RoyK> halvors: Do Not Use POP3
<RoyK> it's a PoS
<halvors> in desperatly try to get things work and create new sertvicates (i understand it does not work to do i again)
<penguin42> ooh iscsi working - I've got one kvm guest u-s lucid installing over iscsi to an lvm lv on another kvm guest running on an lvm lv on my host :-)
<ivoks> wwwwwwwwww
<ivoks> that's webmin?
<ivoks> you are on your own
<halvors> i not understand, "you are on your own" what do you mean?
<oru_work> penguin42, cool
<halvors> and what abotu wwwwwwwww
<RoyK> halvors: det betyr at du ikke fÃ¥r mer hjelp
<qman__> !webmin | halvors
<ubottu> halvors: webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system. See !ebox instead.
<oru_work> halvors, that means he refuses to help anymore
<halvors> ok
<halvors> i understand
<penguin42> oru_work: I don't think I have a way of booting from iscsi yet though!
<halvors> RoyK er du norsk?
<RoyK> halvors: use supported software - otherwise "you're on your own", and yes, I'm Norwegian :)
<ivoks> sigh...
<halvors> but i only followed the guide on help.ubuntu.com
<ivoks> any reasons to use procmail?
<RoyK> ivoks: not really - sieve is better
<halvors> it was in the guide i followed
<ivoks> RoyK: i know, i was asking halvors :)
<ivoks> RoyK: i'd say lda is even better :)
<RoyK> halvors: it doesn't take too much to learn the commandline, and you'll have far more control that way
<RoyK> !lda
<RoyK> hm. what's lda?
<uvirtbot> New bug: #574685 in php5 (main) "php5-cgi installs duplicate executables, should use symlink" [Undecided,New] https://launchpad.net/bugs/574685
<ivoks> RoyK: dovecot's delivery agent
<oru_work> penguin42, what kind of host ?
<penguin42> oru_work: core i7 lucid 64 host
<RoyK> ivoks: ok - thought dovecot also used sieve
<kirkland> RoAkSoAx: yo
<RoAkSoAx> kirkland, howdy!! http://me.roaksoax.com/testdrive.png
<ivoks> RoyK: right, as a plugin for lda
<RoyK> ic
 * RoyK pats his zimbra VM
<oru_work> penguin42, nice. I thought you were talking about virtual host initally that's why I thought it was kind of impossible
<ivoks> halvors: did you kill connection to the server?
<penguin42> oru_work: anyway, time to go - challenge for next week is to set up a netboot - so it can boot into the iscsi install!
<halvors> no
<oru_work> penguin42, ok good luck
<RoyK> ivoks: probably your rootkit kicking in :D
<kirkland> RoAkSoAx: looks okay;  you don't prefer the wizard approach?
<halvors> ivoks do you lost connection?
<halvors> try to reconnect
<halvors> ivoks, who guide should i follow for setup a working emailserver?
<ivoks> halvors: this one: sudo apt-get install dovecot-postfix
<ivoks> halvors: there, i've fixed your setup
<ivoks> halvors: try now
<halvors> will it do all postfix configuration
<RoAkSoAx> kirkland, I do like it too, though I was kinda thinking to use that for  *Other*. Either way, we can discuss that during UDS. Or probably, first version of testdrive-gtk can be my approach, and second version can be your approach. Concentraiting in coding first version fro GSoC, and second version for future releases
<kirkland> RoAkSoAx: okay
<hggdh> ttx, kirkland please have a loog at bug 574665
<uvirtbot> Launchpad bug 574665 in qemu-kvm "kvm + virtio disk corrupts large volumes (>1TB)." [High,Confirmed] https://launchpad.net/bugs/574665
<halvors> now webmail works fine, thanks ivoks, i wil check from thunderbird now wait a little bit ;)
<ivoks> halvors: don't forget... www.jamming-adventures.com :)
<ivoks> ccc
<RoAkSoAx> kirkland, or probably, the wizard approach can be used for initial/later configuration of which ISO's to list
<ivoks> halvors: you have to use SSL for pop3/imap
<halvors> Yes should tell it to my friends ;)
<halvors> ok
<ivoks> halvors: dovecot-postfix doesn't allow cleartext passwords
<ivoks> over cleartext protocol
<halvors> ok
<halvors> but all are fixed now or?
<ivoks> pop3-login: Disconnected (tried to use disabled plaintext auth)
<ivoks> ")
<RoyK> just disable pop4
<RoyK> pop3, even
<halvors> SSL/TLS
<RoyK> pop3 is evil
<halvors> right?
<ivoks> SSL
<RoyK> not TLS?
<halvors> STARTTLS
<halvors> None
<halvors> it are all options in thunderbird
<ivoks> what port are you connecting to?
<RoyK> halvors: use imap, not pop3
<RoyK> imap is a decent protocol, pop3 is not
<halvors> whay?
<RoyK> pop3 was designed _after_ imap, just to get something that was simpler to implement
<RoyK> just beleive me, please
<RoyK> it'll take some time to describe the protocol differences
<ivoks> hm...
<halvors> ivoks, i get password failure
<halvors> cant understand :(
<ivoks> there you go
<halvors> now it works ;)
<halvors> but what was it you done?
<RoyK> halvors: tried with imap?
<RoyK> halvors: to put it short - with imap you connect to your mailbox, whereas with pop3 you download each message, which is ugly
<ivoks> halvors: i've fixed your postfix's configuration
<uvirtbot> New bug: #574704 in munin (main) "munin-node after update to Lucid still in /etc/rc*.d, invoked twice" [Undecided,New] https://launchpad.net/bugs/574704
<RoyK> what's this about lucid moving things out of /etc/rc*.d?
<halvors> I only will know if i need to setup a new server, so i dont need to ask here
<RoyK> I don't really see the point in that
<halvors> Install dovecot-postfix, it is only that?
<halvors>  or more?
<kirkland> RoAkSoAx: true
<halvors> and i is behind a NAT :(
<halvors> who ports need to be forwerded for my email server?
<halvors> ivoks?
<RoyK> halvors: fix the nat router to forward in or use something on the outside with fetchmail
<RoyK> halvors: port 25 is smtp, but most ISPs block that, and I guess nextgentel is one of them
<halvors> port 25 works, but i think about ssl
<halvors> 993 is imap?
<RoyK> !smtps
<ivoks> 25, 110, 143, 993 and 995
<halvors> ok
<jrwren> what about the submission port?
<jrwren> 587
<halvors> but ivoks, now i use webmin (who is not suported), to manage domains, can ispconfig do all the same?
<halvors>  or
<halvors> need i 587 too?
<ivoks> keep using what you are using now
<ivoks> cause you can't do migration your self
<ivoks> and nobody would help you with that for free :)
<RoyK> halvors: read the ubuntu admin guide
<RoyK> there's a lot of nice stuff in there
<halvors> but ivoks, can you tell me what i need to do for setup the mailserver i have now? Maybe i should setup one new a day =)
<RoyK> halvors: it starts with an R and is followed by T and F and ends with M
<halvors> but i cant use webmin if it is not suported by the system
<ivoks> i'm tired
<RoyK> halvors: les manualen - les mer om systemet - les og les
<halvors> ok
<halvors> i understand
<ivoks> just keep it as it is
<halvors> yes yes
<halvors> i will
<ivoks> you can't easily transform from webmin to ispconfig
<RoyK> ivoks: got a root account for me on his box? :D
<ivoks> ispconfig uses databases
<ISBB> afternooon all
<ivoks> RoyK: :)
<ISBB> anyone got a download link for 8.0.4LTS
<ivoks> www.ubuntu.com?
 * RoyK is curious to play with dd and urandom and stuff
<ISBB> will only let me download 10 now
<ISBB> 2 days ago i could
<halvors> but maybe i need to know how to setup a emailserver a other day
<RoyK> halvors: https://help.ubuntu.com/8.04/serverguide/C/index.html
<ivoks> http://releases.ubuntu.com/
<halvors> do you have some good goude i can read?
<RoyK> halvors: https://help.ubuntu.com/8.04/serverguide/C/index.html
<incorrect> hi, who is a good ubuntu VPS provider in the USA?
<jpds> incorrect: Linode?
<soren> incorrect: Rackspace.
<incorrect> thanks jpds
 * jpds hugs soren.
<incorrect> aren't rackspace uber $$
<soren> 1.5 cent per hour.
<ISBB> perect thks ivoks
<halvors> And ivoks, thanks, for the good help! And i will tell my friends about www.jamming-adventures.com ;)
<soren> That's about $11 a month.
<soren> For 256 MB RAM, 10 GB space.
<zul> heh
<ivoks> 'night
<incorrect> i would like to find a vps, firstly for rsync'ing backups, secondly to run small websites
<soren> 4 cores in the 2.5GHz-ish class. If noone else on the physical host are doing anything, you can pound like crazy.
<ivoks> http://fghaas.wordpress.com/2010/05/03/ubuntu-10-04-with-full-cluster-stack-support/
<ivoks> i'm famous :D
<jrwren> that is not a lot of ram.
<soren> jrwren: You can go up to 16 GB if you want.
<soren> ...and want to pay.
<RoyK> what's the diff between pacemaker and heartbeat?
<oru_work> i need some help with clamav, not sure why it won't upgrade to the latest version with apt-get upgrade
<ScottK> oru_work: What Ubuntu release are you on?
<ivoks> RoyK: heartbeat is gone
<ivoks> RoyK: pacemaker is new generation cluster stack
<oru_work> ScottK, 9.10
<RoyK> ivoks: even for dual setups with drbd?
<ScottK> oru_work: We didn't package clamav 0.96 for 9.10 yet.  I've got a few bugs to work out with 10.04 first.
<ivoks> RoyK: it uses parts of old heartbeat (<3), but it can use new hearbeat (3) as a messaging layer
<ivoks> RoyK: yep
<RoyK> ok
<RoyK> gotta look into htat
<RoyK> that
<ivoks> RoyK: https://wiki.ubuntu.com/ClusterStack/LucidTesting
<ivoks> that should be a good start
<oru_work> ScottK, are you one of the developers of clamav?
<ivoks> tv time...
<ivoks> by all
<ScottK> oru_work: The 0.95.3 version available through karmic-updates and karmic-security includes all the security fixes released with 0.96.
<soren> jrwren: Basically, they're quad core boxes, 64 GB of RAM, and 640 GB of hard drive space. All of that will cost you $0.96/hour. You can choose a fraction (1/(2^X) where X is an integer between 0 and 6) of a server, and the price is reduced accordingly.
<incorrect> damn, why do vps providers give you such a small amount of disk space
<ScottK> oru_work: No, but I'm the primary packager of it for Ubuntu.
<soren> incorrect: How much do you need?
<oru_work> ScottK, not sure what you mean by The 0.95.3 version available through karmic-updates and karmic-security
<incorrect> soren, ideally around 50gb
<ScottK> oru_work: There are updates available in those repositories (they are enabled by default so you should have them already) that fix some security issues in the packages.
<nxvl> mathiaz: is this what we were discussing for GSoC? https://blueprints.edge.launchpad.net/ubuntu/+spec/server-maverick-puppet-bootstrap
<oru_work> ScottK, look http://pastebin.org/199735
<ScottK> oru_work: Yes.  That's the version with the fixes in it.  It's the latest available for 9.10.
<oru_work> ScottK, so if I upgrade to 10.04 it will not give me that warning anymore ?
<ScottK> oru_work: It won't, but if that's the only reason you're updating, I'd recommend waiting.
<oru_work> ScottK, you know that about 2 weeks ago i came to work and there were no new emails in anyone's mailbox
<incorrect> hmm i guess i should upgrade my firewall
<oru_work> ScottK, do you know the reason why ?
<ScottK> oru_work: If you were on an older release and hadn't installed updates, you might have had clamav 0.94 that upstream remotely disabled on April 15.
<ScottK> There were updates available for all currently supported Ubuntu releases well prior to that, so if you'd installed all updates, that won't be it.
<oru_work>  exactly. I panicked
<oru_work> i didn't install any updates since i installed it
<incorrect> anyone else noticed that http://www.ubuntu.com/getubuntu/upgrading says upgrading to 9.10 in the title?
<oru_work> i believe i now have cron checking hourly for updates
<ScottK> oru_work: You should install the updates in -security and -upates.  Those are tested and supported.  Updating is never risk free, but not updating has it's risks too.
<ScottK> upates/updates
<jpds> incorrect: That is incorrect.
<jpds> incorrect: Nah, only joking, it's been fixed.
<oru_work> ScottK, i have this entry in crontab -e 0 * * * * /usr/bin/freshclam
<oru_work> ScottK, is it good / correct ?
<Kaprenakis> What is the best web-based system configuration tool?
<incorrect> jpds, i always find one mistake on the website after a release, last time i think i pointed out everything was still 9.04 :D
<ScottK> oru_work: You shouldn't need to make any crontab entries for freshclam.  The way it works by default is to check for siganture updates every hour.
<oru_work> ScottK, so are you telling me that virus definition files / database is updating anyhow ?
<ScottK> oru_work: Should be.  You can confirm this in the freshclam log in /var/log/clamav.
<oru_work> ScottK, nice
<incorrect> right, now, will my firewall upgrade without anything breaking? place your bets now
<oru_work> ScottK, do you mind looking at this really quickly? one of my sales guy fwded this email to me, i never actually believe these. I still think that its a bunch of BS http://pastebin.org/199756
<ScottK> oru_work: There is always a virus coming and if you use an operating system that is predictably vulnerable to them, then you should always be concerned.  I've seen hallmark.com mails forged before to hide a virus payload, so it wouldn't be suprising.  That said, such specific emails are either in my experience either hoaxes or years old already.
<Kaprenakis> Does anyone what the best web-based system configuration tool is for ubuntu server?
<ScottK> The general recommendation seems to be for ebox, but I don't use one, so I don't know.
<smoser> hggdh, piung
<smoser> ping
<ScottK> soren: Are you going to UDS after all (I saw you put some specs in)?
<smoser> i ran an instance on cempadek, but can't reach it via ssh
<soren> ScottK: Sure am.
<ScottK> Ah, good.  I should see you there then.
<Kaprenakis> is webmin a good web-based system configuration tool?
<ScottK> No.
<Kaprenakis> ScottK: are you answering my question? Do you have any other suggestions?
<lil_cain> !ebox
<ubottu> ebox is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/eBox
<ScottK> At least it's the only web based admin tool I've every had to help people fix their postfix config with because the web thing ate it.
<Kaprenakis> ScottK: So its better to go with something like ebox than webmin.
<ScottK> Kaprenakis: As I said, I don't know because I don't use one, but that's what I seem to see people mostly saying here.
<smoser> hggdh, help ?
<hggdh> smoser: of course, what can I do for you?
<smoser> i ran an instance from cempadek
<smoser> i can't get there via ssh
<smoser> clues ?
<hggdh> let me get there
<hggdh> smoser: should be accessible, unless you hit one of the bugs we found. What happens?
<smoser> no ping, no ssh. just gone.
<smoser> console output seems to show life is good.
<hggdh> hum. It is running on sapodilla. Did you try to ssh from there?
<smoser> i can get to sapodilla
<smoser> but from there, 'ping 10.55.55.100' fails the same as it does from cempadek
<hggdh> darn!
<smoser> i just fired another and it looks the same
<smoser> (this time with the unmodified release ami)
<smoser> hggdh, ^^
<hggdh> weird
<hggdh> marula is the CC, I will try from there
<hggdh> no same thing. Really weird
<smoser> hggdh, suggesteions ?
<uvirtbot> New bug: #574741 in php5 (main) "php5 segfault using gallery2" [Undecided,New] https://launchpad.net/bugs/574741
<hggdh> smoser: I can open the session to the second instance (10.55.55.101) from marula
<hggdh> smoser: I think you hit one of the issues we are havoing there
<smoser> hggdh, oh really, wow.
<hggdh> welcome :-)
<smoser> hggdh, what is maurla ?
<smoser> thats neither the CC or the NC
<smoser> why would it have specific luck
<hggdh> marula
<hggdh> it is the CC
<hggdh> I have noticed that *sometimes* I still can manually ssh into an intance from the CC
<smoser> hggdh, gah.
<smoser> so , how can i get this into a working system so that i can try to test some of my changes ?
<hggdh> The only thing I can suggest is to bounce all, in the hopes that it will start fresh and happy
<hggdh> (when nothing else works, power it off, count ot ten, power it on again)
<hggdh> or... go to topo1, or topo3, where almost no problems appear
<hggdh> smoser: it sounds like part of the routing got lost
<smoser> hggdh, i want topo 2
<smoser> as i want to see the bugs.
<hggdh> well, there you are, then
<smoser> hggdh, see pm
<hggdh> smoser: interesting that from cempedak a 'sudo traceroute -T -p22 10.55.55.101' resolves on first hop
<incorrect> wow i managed to reboot my firewall after upgrading to lucid and i didn't have to reconnect
<incorrect> how on earth did it manage to do that
<uvirtbot> New bug: #574669 in bind9 (main) "E: bind9: subprocess installed pre-removal script returned error exit status 1" [Undecided,Incomplete] https://launchpad.net/bugs/574669
<uvirtbot> New bug: #292588 in virtualbox-ose (main) "VirtualBox can't operate in VMX root mode." [Medium,Triaged] https://launchpad.net/bugs/292588
<RoAkSoAx> kirkland, still around?
<kirkland> RoAkSoAx: sup?
<RoAkSoAx> kirkland, when testdrive --version, it shows if virtualization is supported... is that a desirable feature to keep?
<hggdh> kirkland: a Q on ecryptfs -- is it required that ~/.ecryptfs point to a *full* path (as opposed to a relativeone)?
<hggdh> this blew me when I had to change my harddrive
<kirkland> hggdh: yes, should be a full path, ideally
<kirkland> RoAkSoAx: i think so, yeah
<kirkland> RoAkSoAx: or you should create apport hooks, if you're going to get rid of it
<RoAkSoAx> kirkland, http://pastebin.ubuntu.com/427245/
<RoAkSoAx> kirkland, But the apport hook will only appear on failure
<RoAkSoAx> and it would be unnecessary when just obtaining the version
<RoAkSoAx> kirkland, unless we might wanna check that to: testdrive --check-virt
<RoAkSoAx> s/check/change
<RoAkSoAx> kirkland, if you have some time please review/test the modularized code: lp:~andreserl/testdrive/module to propose it for merging
<hggdh> kirkland: why a full path? if the user directories are moved to another mountpoint, it will not work anymore
<maddhat> hi everyone. got a WOL question.  My card says it supports magicpacket but i cant get the damn thing to start remotely.
<cclausen> maddhat: most routers block "directed broadcasts" which is typically what WOL needs to be used across the internet
<cclausen> maddhat: can you connect to another machine on the same subnet to send a magic packet?
<cclausen> or, can you setup something like Intel vPro for actual remote management?
<mathiaz> nxvl: hi - yes - https://blueprints.edge.launchpad.net/ubuntu/+spec/server-maverick-puppet-bootstrap is what we were talking about for GSoC
<kaprenakis> Does anyone know if this guide will work with Ubuntu Sever 10.04? http://t3.woodel.com/my-linux-how-to/debian_howto_start_to_finish_using_webmin.pdf
<nxvl> mathiaz: great!
<cloakable> !webmin | kaprenakis
<ubottu> kaprenakis: webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system. See !ebox instead.
<kaprenakis> cloakable: So should i just use 8.04?
<kaprenakis> cloakable: or just use debian?
<JanC> kaprenakis: webmin hasn't been supported by Ubuntu & Debian for 4 or 5 years at least
<JanC> and didn't work well before that either
<maddhat> cclausen: i am on the same subnet sending. sorry shouldve specified. im actually sending it from my pfsense box (same subnet) to the destination machine.  also tried using etherwake from another peer on the subnet
<storrgie> cclausen: you know samba well?
<maddhat> cclausen: here is my output from ethtool: http://pastebin.com/0zi8yrZd  (wake-on is disabled because i reboot the machine. it wont save the change to "enabled" statically.. but i did enable before powering off the machine
<cclausen> maddhat: try enabling wake on lan in your computer BIOS/  I doubt ethtool would work for that
<cclausen> it is entirely possible that your computer doesn't actually have wake on lan support
<cclausen> storrgie: no, I don't run samba ever since I managed to break the campus network with it
<cclausen> maddhat: try using the wakeonlan package.  it works me
<cclausen> (to actually do the waking, not enabling the bios option)
<cclausen> oh, pfsense.  is that a bsd derivative?
<cclausen> etherwake should be equiv to wakeonlan command so that likely isn't the problem...
<cclausen> probably just your computer not actually waking up
<storrgie> haha
<storrgie> wide links?
<lil_cain> pfsense is openBSD iirc
#ubuntu-server 2010-05-04
<maddhat> cclausen: yes, pfsense is BSD based as cain stated.  ive tried etherwake from an ubuntu peer though.  and yes, WOL is enabled in BIOS
<maddhat> cclausen:ii have other machines working with WOL on the subnet so i know that my tools are working correctly.. jsut not the destination machine.
<reckoner> can i get support here for ec2?
<erichammond> reckoner: Go ahead and ask your question
<RoAkSoAx> mathiaz, in server-maverick-uds-cloud-loadbalancing means to set up lighttpd/nginx/apache as loadbalancers/proxys or to have loadbalancing for those services?
<mathiaz> RoAkSoAx: how to use lighty/nginx/apache as load balancers
<RoAkSoAx> mathiaz, ok. Why not IPVS?
<mathiaz> RoAkSoAx: the use case is that you have apps servers running into the cloud and need to distribute http request among them
<mathiaz> RoAkSoAx: that's another option
<mathiaz> RoAkSoAx: you're welcome to add more options to the Blueprint
<RoAkSoAx> mathiaz, will do :)
<mathiaz> RoAkSoAx: as we'll be discussing what's the best option
<RoAkSoAx> mathiaz, i was planing to talk about that (loadbalancinhg for web apps in the cloud) in the cluster-stack session
<mathiaz> RoAkSoAx: seems like there is a dedicated session to load balancing
<mathiaz> RoAkSoAx: make sure you attend the session as well :)
<RoAkSoAx> mathiaz, I will for sure, and I guess that what I planned to talk at the cluster stack session will fit better in the load balancing session :)
<mathiaz> jiboumans: https://blueprints.launchpad.net/ubuntu/+spec/server-maverick-aws-client-libraries
<mathiaz> jiboumans: ^^ AWS client library seemed to be missing from the roadmap
<mathiaz> jiboumans: I've just creating a blueprint for it
<jiboumans> mathiaz: very good
<jiboumans> the mail-stack and cluster-stack ones that carried over from last cycle aren't showing up either
<jiboumans> jcastro's looking into that
<smoser> mathiaz, that was already present
<smoser> https://blueprints.launchpad.net/ubuntu/+spec/server-maverick-cloud-libs
<mathiaz> smoser: hm - ok - I hadn't found it
<mathiaz> smoser: I'll update my blueprint then
<smoser> it was linked off https://wiki.ubuntu.com/ServerTeam/MaverickIdeaPool
<smoser> :)
<smoser> where did you look ?
<mathiaz> smoser: https://blueprints.launchpad.net/~jib/+specs?searchtext=server-maverick&role=approver
<smoser> ah...
<smoser> i called it 'cloud-libs'
<smoser> so it didn't have aws in the blueprint name
<jiboumans> smoser, mathiaz: the summit system doesn't actually show me what i have scheduled and not and what fell through the cracks
<jiboumans> so please be vigilant
<smoser> hggdh, still around ?
<Daviey> jiboumans: If summit isn't doing what you want/expect, you can raise a bug :)
<smoser> i think that cloud install needs a full kick
<jiboumans> Daviey: can i have it fixed before tomorrow? ;)
<smoser> i can't even run an instance now
<Daviey> jiboumans: well tommorrow for me is the 5th.. so perhaps :)
<jiboumans> Daviey: heh
<mathiaz> Daviey: o/
<Daviey> mathiaz: \o
<jiboumans> Daviey: amidst my massive multi-tasking; specs that were in previous sprints don't show up. specs have to be manually assigned to the server track, it says 'oops' a whole damn lot, tracks with spaces in the name don't work and i can't see what fell between the cracks (items that are uds-m' but not scheduled to a track, or in LP, but didnt make it to summit)
<Daviey> jiboumans: last time i had an oops, i seem to remember some colourful language in the error box :)
<jiboumans> Daviey: this is when dragging/dropping in the organizing window
<jiboumans> it says 'oops' and then loads the lp blueprint page of the thing youw ere moving
<jiboumans> not useful :)
<Daviey> jiboumans: Is this for blueprints that were defered from a previous UDS?
<jiboumans> Daviey: simply not completed
<jiboumans> renamed to server-maverick-*
<Daviey> ^^ sorry, for the missing specs
<uvirtbot> Daviey: Error: "^" is not a valid command.
<jiboumans> Daviey: https://blueprints.edge.launchpad.net/ubuntu/+spec/server-maverick-cluster-stack
<jiboumans> for example. i 'declined' it for uds-l now on jcastro's suggestion
<jiboumans> but it doesn't seem to make it show up (yet)
<jiboumans> made the change about an hour ago
 * Daviey looks
<jiboumans> mathiaz, smoser: do we now have a duplicate session for cloud-libs/aws or do we need both? please check summit.ubuntu.com
<smoser> do not need both
<Daviey> hmm, certainly not imported.. server-lucid-cluster-stack is only in summit for uds-l
<smoser> page does not exist ?
<smoser> did we already go over that ?
<mathiaz> jiboumans: server-maverick-aws-client-libraries is a duplicate BP
<mathiaz> jiboumans: I've removed you as the approver
<mathiaz> jiboumans: but cannot decline it from the uds-m sprint
<jiboumans> mathiaz: i think i already hit accept. not sure how to unaccept
<mathiaz> jiboumans: yeah - there may be a link to decline the BP afterward - I don't know :/
<jiboumans> Daviey: ^ suggestions? :)
<jiboumans> or just remove the 'uds-m' from the blueprint itself?
<Daviey> jiboumans: no idea of the LP side i'mafraid
<mathiaz> jiboumans: right - declining a BP for a sprint is done in LP
<Daviey> jiboumans: LP API and summit, i can help with..
<jiboumans> mathiaz: mark it superseded with smoser's spec please? that way it doesn't show up as 'dangling'
<mathiaz> jiboumans: have you tried to make a BP superseeded in LP?
<jiboumans> mathiaz: i have not
<mathiaz> jiboumans: it's pretty much impossible
<mathiaz> jiboumans: the UI isn't working well
<mathiaz> jiboumans: done
<jiboumans> thank you
<jiboumans> cloud-libs isn't in the summit system either
<jiboumans> smoser: propose it for uds-m please?
<smoser> done
<jiboumans> ta
<smoser> and i verified the others that i wrote are
<smoser> but i'm out now
<zain> hi there. I'm running ubuntu 10.4 server, and for some reason, nothing in /etc/hosts is being picked up. I add something there and ping says "unknown host" when i try to ping it. ideas?
<zain> i've tried restarting /etc/init.d/networking, no good.
<bc> anyone have any experience getting ubutnu server to install as a guest under Xen?
<MTecknology> Is there anything I can use to keep track of my servers as far as their uptime and heartbeats and such?
<MTecknology> landscape look snice but the cost is way out of the question
<MTecknology> $150/node/year * 25 nodes...
<erichammond> Thanks to the Ubuntu Server Team for the great work on Lucid.  The day after it was released a group of friends used it to build a prototype of http://CrowdPhoto.com which we launched over the weekend (running on EC2): http://alestic.com/2010/05/crowdphoto-net
<uvirtbot> New bug: #574867 in samba (main) "package samba-common-bin 2:3.4.7~dfsg-1ubuntu3 failed to install/upgrade: subprocess installed post-installation script returned error exit status 2" [Undecided,New] https://launchpad.net/bugs/574867
<zul> jiboumans: server-maverick-addtional-stacks didnt make it?
<zul> jiboumans: its the vscan zafara etc spec
<zul> jiboumans: sorry didnt read the email
<imjess> Hello...?
<lifeless> !ask
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-)
<imjess> Is everyone else afk? lol...
<handheldCar> wat
<lifeless> imjess: no, but you don't want 200 people all saying hi; it would be very low signal
<lifeless> imjess: this isn't a chat channel, its ubuntu-server assistance-and-development
<imjess> Ah I see. Ok, well I'm new to ubuntu server stuff. My company are going to use ERP system under open source server. So I not sure if Ubuntu going to be right choice considering we might use "Active Directory" etc
<imjess> And do we actually need Cloud?
<lifeless> cloud is entirely up to you; it depends on what you're doing
<lifeless> UEC can be great for deployment of many related systems and/or test labs and/or dynamic load scaling
<imjess> What I have in mind is LTS server / virtualization / cloud , Hmm wondering which one should I go for the first time on ERP..
<imjess> Am I asking too general? #Ubuntu eh?
<lifeless> well
<lifeless> you're not really asking questions
<lifeless> all that you say sounds plausible ;P
<imjess> Hah! Ok, say we want to set up an ERP system with "Active Directory logins" for the staffs..  and in the future we might host a web server as well... So should we go for virtualization using Ubuntu server of course.. hmmm :D
<lifeless> virtualisation sounds unrelated to this
<lifeless> like, it won't make it easier or harder
<lifeless> it would bring its normal benefits
<lifeless> we have pretty good AD integration via ldap
<lifeless> which AD speaks
<imjess> No, I thought separate the LDAP(ERP) and the web server by using virtualization would be easier to implement in the future eh?
<lifeless> consider the difference between a vm and real hardware
<lifeless> in a vm you usally use NFS or something for persistent storage
<lifeless> you can do that with real hardware (and should if you're trying to run separate servers for different tasks)
<handheldCar> The purpose of virtualization is to utilize the unused power of one's server.
<imjess> lifeless: I don't want get another physical server to keep the IT budget low :P
<lifeless> handheldCar: or provide dynamic deployment of different images - to shuffle around tasks more easily than having every server configured to do everything.
<lifeless> imjess: you'll need 2 machines to run UEC anyway
<lifeless> imjess: *and*
<qman__> yeah, if you're in a one or two server deployment, you don't need virtualization
<lifeless> imjess: databases can be an issue on VM environments [depending on load/optimisation needs]
<qman__> it doesn't show most of its benefits until you get into at least half a dozen
<lifeless> qman__: I'd say its really domain specific - some domains are a win with just 2 vm's, others need many more [e.g. clustered static ubuntu archive mirrors] :)
<imjess> I see. I guess UEC out of question since we got only 1 machine lol
<qman__> yeah, it's software specific
<qman__> if you wanted to run a whole bunch of services that don't really belong on the same machine for security/manageability reasons, but don't want/need a bunch of physical servers, virtualization is great
<qman__> but you've only listed two
<imjess> Two?
<qman__> LDAP and web
<lifeless> ERP server, web server
<qman__> how many clients are you intending to serve? and is the web server public-facing?
<imjess> Yes to be excat.. ERP+LDAP , web server maybe next year.
<imjess> Not many in the beginning, like 10 staffs.
<qman__> if you're just looking to serve an intranet site, I would just install both on the same physical server
<imjess> Yes public web. Company's home page.
<qman__> in that case, I suggest two physical servers, or getting a VPS for the website
<qman__> either of those would be much easier to set up and maintain than a virtual configuration
<imjess> Hmm I see.
<imjess> Because the OpenERP has this integrated ecommerce, that's why we might need a web server aahh lol
<qman__> if the ERP needs to interact with a web server, it would not be any more difficult to configure it to use a VPS running the web half over a virtual machine running the web half
<qman__> or another server in your closet running the web half
<qman__> now, it may be easier if both run on the same machine without virtualization
<qman__> but security concerns come into play
<qman__> having your user database on a public facing server is a risk
<handheldCar> is it possible to install a virtual machine in a command-line environment like ubuntu-server?
<imjess> Hmm so if we want to use a web server for public viewing, its not recommended on same machine..
<qman__> handheldCar, of course
<qman__> imjess, yes, because if the web server were to be compromised, it enables access to all that data
<ChmEarl> handheldCar, apt-get install Vnc4server tightvnc  then you have vfb for xen
<imjess> I guess we will put LDAP+ERP using LTS server on a single machine at the moment... but what about ERP to other branches of company>
<imjess> Linking*
<qman__> I'd probably use a VPN setup
<imjess> Oh
<qman__> openVPN is pretty easy to use and very secure
<qman__> you could configure a site to site VPN, and have it 'just work'
<qman__> there are other ways to do it, I'm sure
<qman__> and probably SSL-enabled
<imjess> So all I need is LDAP+ERP+VPN for ubuntu server... for now :)
<imjess> Hows the reliability of using ubuntu as production server?
<lifeless> good
<lifeless> we run all our stuff on it :)
<qman__> very reliable, only downside I ever run into is semi frequent reboots because of kernel updates
<imjess> lol they kept advise me on Redhat
<lifeless> who?
<qman__> I honestly can't stand to work with redhat/fedora, just don't like the system at all
<qman__> but that's my personal preference
<fbc-mx> hi all!!!
<imjess> Some linux forums, forgot which.
<imjess> Oh
<handheldCar> Does Debian have less kernel updates?
 * fbc-mx ducks are random things a thrown at his way!
<qman__> handheldCar, debian stable perhaps
<lifeless> handheldCar: should be identical
<qman__> not sure, I don't use it on a regular basis
<lifeless> handheldCar: releases in both distros only changes kernels on security updates
<qman__> but ksplice is honestly very cool
<qman__> haven't run into any problems with it yet
<imjess> How good is ubuntu.. can we run server 365 days without restarting it lol..
<fbc-mx> Yes, it's me again guys with another question that probably requires another brainlessly easy solution..
<qman__> and I haven't had to reboot my router machine yet
<qman__> imjess, yes
<imjess> Router?
<qman__> I get power outages here frequently, so my longest uptime is ~156 days
<qman__> but there's no reason it couldn't run longer
<fbc-mx> How do I enable ACPI shutdown on my server again? Before I upgraded to LUCID I used to be able to press my power button and shut down my server. now I can't any more. What might be the issue?
<qman__> yes, my router runs ubuntu
<qman__> Jaunty, that was the latest when I set it up
<qman__> haven't rebooted it
<qman__> ryan@gatekeeper:~$ uptime
<qman__>  22:54:17 up 208 days,  8:14,  4 users,  load average: 0.00, 0.00, 0.00
<imjess> Never seen people use server as router lol...
<handheldCar> is this an actual routing device or a computer that's routing?
<qman__> a computer that's routing
<qman__> four NICs, nice long iptables script
<qman__> vnstat
<imjess> What's the advantages compared to those regular router?
<qman__> cheaper for the feature set
<qman__> a professional grade router with four interfaces and the kind of software I'm using would be pretty pricey
<imjess> Load-balancing eh
<qman__> as opposed to a low-power PC with a few extra NICs, loaded up with free software
<qman__> nah, operating three separate internal nets
<qman__> one's a public wifi
<handheldCar> what protocol if u don't mind telling
<qman__> protocol?
<handheldCar> no RIP, OSPF?
<qman__> no, no other routers
<qman__> just separate internal nets, sharing one net connection
<qman__> firewall rules between them, bandwidth tracking
<qman__> and a few other little things
<qman__> my ISP's network is a total mess
<qman__> messages coming from everywhere
<qman__> like their whole network is just hubbed together
<imjess> Oh, by the way, once the LDAP server established, should we reinstall client's PC...
<qman__> not sure why you would, but I've never set up an LDAP outside a lab setting
<imjess> What do you mean...?
<qman__> my network doesn't have enough users to justify LDAP
<imjess> I see.  The Client PC's data all will automatically stored in LDAP server.. right?
<qman__> not with just LDAP
<qman__> you'd need to set up a file server and configure the clients to store the user data on the server
<imjess> So no files will stored in Client PC.
<imjess> Oh file server
<qman__> LDAP only manages the users and authentication
<imjess> Right.
<qman__> your ERP package may handle that, but LDAP alone does not
<imjess> Got it.
<imjess> So this file server will restrict user to store any data on thier client PC eh
<qman__> no, that needs to be configured separately
<qman__> the file server just stores the files
<qman__> are your clients running windows or linux?
<imjess> 2 Windows, others Linux.
<handheldCar> redirect profile and home folders to server
<qman__> yeah, that's going to be quite a bit of work
<qman__> you're probably going to need to set up security policies for the windows clients
<handheldCar> wsus
<imjess> Can Windows client PC connect to LDAP server...? Or I need another apps
<qman__> you're going to need to configure samba+winbind most likely
<qman__> on the server, to allow the windows clients to join the domain
<imjess> What is this Zimbra?
<fbc-mx> where can I find the menu-lst for grub in lucid?
<qman__> zimbra is basically an alternative to microsoft exchange
<qman__> fbc-mx, lucid uses grub2, and doesn't have a menu.lst
<qman__> !grub2
<ubottu> GRUB2 is the default Ubuntu boot manager since Karmic. For more information and troubleshooting on GRUB2 please refer to https://wiki.ubuntu.com/Grub2
<imjess> Ok. So by steps, I should install LTS>LDAP>SAMBA>Winbind>File>ERP...
 * handheldCar think when you install #ubuntu-server , there is an option for file server, which is samba.
<imjess> File server = samba?
<qman__> well, not necessarily
<qman__> but samba is the tool for windows-compatible file sharing
<qman__> there's also things like nfs, sshfs, sftp
<imjess> Should during install Ubuntu server, I should go for file server option?
<imjess> What's nfs, sshfs, sftp?
<qman__> samba also is used for integrating with windows clients in a domain-style environment
<fbc-mx> qman__, I'm kinda lost with this new grub. I've found the new config file that generates the one in  /boot, but how or where do I put in acpi=force?
<imjess> Do I need those as well?
<qman__> probably not, depends on what you want
<qman__> those are other ways to share files, that are less windows friendly
<fbc-mx> qman__, disregard... found it
<imjess> So even I install them randomly, it won't messed up the setting huh
<qman__> no, when you install them, they will install dependencies
<qman__> so generally, it doesn't matter
<imjess> Right.
<qman__> but be prepared, setting this up is not a simple task
<qman__> you're going to want to find some guides and do research on it
<qman__> and don't do it in your production environment until you know it's going to work
<imjess> The ubuntu website for guides is sufficient for newbies eh?
<qman__> getting windows to play nice can be quite difficult
<qman__> setting up a directory server and clients is definitely an "advanced" task
<qman__> where a simple file server or web server is "easy", and email is "intermediate"
<imjess> I'm screwed lol
<imjess> Well I got like 2 months to put it into production.. operation
<imjess> I'm going bug this channel in the mean time.
<qman__> unfortunately ubuntu doesn't have an easy single-checkbox directory server yet
<qman__> it's definitely high on my wish list
<imjess> Oh another thing, is this LTS ubuntu server is GUI?
<qman__> no, ubuntu server does not have a GUI
<qman__> you can install one if you really want, but that's not a supported configuration in this channel
<imjess> Without GUI is all right, but would OpenERP able to run under non-GUI format
<qman__> it looks to be web-based, so yes
<imjess> I tried on ubuntu desktop, couldn't find the server guides.
<imjess> So during the installation, should we pick file server(Samba) or install it right after.
<qman__> looks like the 10.04 guide isn't up yet
<qman__> but don't worry, it should be soon
<qman__> lucid just released
<imjess> This latest LTS version is Lucid?
<qman__> the 9.10 guide should be mostly accurate
<qman__> yes
<imjess> How long this Lucid LTS will last..?
<ScottK> Five years for servers.
<qman__> and an LTS to LTS upgrade path is supported
<qman__> so you don't have to upgrade to each release in between
<imjess> I see.
<handheldCar> lts every 2 years
<imjess> It is wise to choose latest version of Ubuntu's considering new bugs may arise..
<qman__> well, the main releases can be bleeding edge, meaning there are some issues
<qman__> but the LTS is designed to avoid that as much as possible
<qman__> while still providing new and useful software
<qman__> right now lucid is still a bit up in the air, because it just released a few days ago
<qman__> but give it a week or two and it should get much better
<handheldCar> it's not too bad in my case, a couple bumps
<twb> Five years for *some server packages*
<imjess> So we should stick with 8.04 LTS for now
<twb> AFAICT it's non-trivial to avoid packages with less-than-five-years support
<twb> You can't e.g. apt pin based on support lifetime
<qman__> no, only if you're already running 8.04
<qman__> on a new setup, start with 10.04
<imjess> Right.
<qman__> documentation and such will be a little hard to find right now, but it'll be easier than upgrading after you get it set up
<twb> Especially given Ubuntu's track record for upgrading
<uvirtbot> New bug: #574901 in bind9 (main) "package liblwres60 1:9.7.0.dfsg.P1-1 failed to install/upgrade: ErrorMessage: subprocess installed post-installation script returned error exit status 2" [Undecided,New] https://launchpad.net/bugs/574901
<qman__> I haven't upgraded any of my servers yet, should be interesting
<qman__> I upgraded my laptop, and it broke my fingerprint reader
<qman__> otherwise fine, once I fixed the window buttons
<twb> There's no way I will trust do-release-upgrade on a server without making a block-level snapshot first
<twb> I tried it in an 8.04 VM in early April, and it fell over hard
<twb> I'll stick to aptitude safe-upgrade, which I know how to use.
<imjess> It seems Dell monitors can't function properly on Xscreen
<twb> Xscreen?
<imjess> The dual screen thing. I had to disable special effects.
<twb> Xinerama breaks hardware acceleration, yes.
<imjess> Oh
<twb> (Unless matters have improved in the last six years...)
<qman__> I've always had trouble with compiz
<qman__> I still don't use it, because every time I tried, it leaks memory
<qman__> fancy effects are not worth having your computer crash every week or so
<imjess> Excatly.
<twb> That's how I feel about X
<qman__> for the most part, I agree
<qman__> need it for some things, but servers are not one of them
<imjess> Seem interesting, like learning to write ABC again lol
<imjess> Does anyone here using ERP on ubuntu server....
<twb> !anyone
<ubottu> A large amount of the first questions asked in this channel start with "Does anyone/anybody..."  Why not ask your next question (the real one) and find out?
<qman__> to be perfectly honest, I couldn't figure out what it was for through all the buzz words
<twb> ERP is something you don't need to care about unless you're big business
<imjess> I will do that. Just curious. Take it easy.
<qman__> zimbra is interesting because one of the major stopping blocks I see, when getting windows based businesses to switch, is that they use outlook and outlook's calendars
<qman__> I'll have to try that out
<twb> Zimbra is extremely Not Fun
<twb> Wait until it's packaged properly
<qman__> ah, good to know
<imjess> Good to use on Evolution Mail as well?
<twb> The current install process involves installing Zimbra's custom-patched versions of stuff like postfix and openldap in /opt/zimbra
<qman__> yuck
<twb> imjess: Evolution is the only FOSS client I know of with Outlook calendar support
<twb> (Maybe if mutt supported calendars, I'd actually give a shit about them...)
<qman__> I use thunderbird, but I don't really like it
<RoAkSoAx> kirkland, ping
<qman__> slow, features I don't need, etc
<qman__> though it's nothing compared to Flash
<uvirtbot> New bug: #574906 in clamav "Clamav 0.96.0 clamd fails to start on powerpc" [Undecided,New] https://launchpad.net/bugs/574906
<drusepth> I downloaded a 32-bit ubuntu install cd and have booted to it to try to follow the steps at http://www.ubuntu.com/cloud/private-steps, but I never get the menu in step 2, I'm thrown directly into the usual ubuntu server installer -- is this.. normal?
<LynXnz> Hey Can Anyone Help Me With Getting a startup daemon to run as a user that i select?
<twb> !anyone
<ubottu> A large amount of the first questions asked in this channel start with "Does anyone/anybody..."  Why not ask your next question (the real one) and find out?
<twb> LynXnz: simply pass the appropriate arguments to start-stop-daemon.  --runas, IIRC.
<_eagles0513875_> hey guys is there a 32bit version of ubuntu server floatin around
<_eagles0513875_> as it seems on the site that there is only 64bit available for download
<_eagles0513875_> nm
<LynXnz> Still having issues with starting an init daemon as a specified user :(
<twb> LynXnz: without detail, it is impossible to help you further.
<twb> !smart questions
<twb> Grmph
<LynXnz> how about i post my init config up somewhere so you can have a look?
<twb> Sure.
<LynXnz> http://www.tactical-response.net/cod4.txt
<twb> Any reason you aren't using metainit?
<LynXnz> whats metainit?
<twb> Ask apt.
<LynXnz> roger
<twb> For that matter, why aren't you using upstart?
<LynXnz> dunno, this is always the way that has been taught
<twb> Yes, well, Ubuntu is helpful and annoying and likes to do things differently just to annoy me
<LynXnz> do you segest me using upstart?
<twb> I don't really care.
<LynXnz> okay, what can i put into that init script to excucute it as a specified user?
<twb> 15:12 <twb> LynXnz: simply pass the appropriate arguments to start-stop-daemon.  --runas, IIRC.
<yasuhito> Hi I have a question about python-vm-builder
<yasuhito> when I executed "sudo vmbuilder xen ubuntu --ec2", I met an error: "vmbuilder: error: no such option: --ec2"
<yasuhito> my ubuntu version is 10.4
<yasuhito> any idea?? thanks in advance
<yasuhito> Hi I have a question about python-vm-builder
<qman__> hey, does lucid still have a 386-compatible kernel? I've got a machine that doesn't work with the generic kernel (i686) running hardy
<twb> qman__: check /boot/config
<twb> But I think it's unlikely that lucid would run on a genuine 386
<qman__> yeah, this one's i586 IIRC, I had to install linux-image-386 to get it working
<twb> Huh.
<qman__> I know they changed around the kernels and naming schemes
<qman__> since hardy, that is
<qman__> just wondering if I should try to upgrade or not
<qman__> I need to just replace the thing, but it's still running
<qman__> hard to argue with results
<twb> If you're still running an i386, I'd say leave it the hell alone
<qman__> yeah, it'll still get security updates for a while yet, so might as well
<qman__> see if the hardware outlasts hardy
<imjess> Hey guys, is encrypted LVM do any good?
<twb> If you go down to your local hardware recycling place, you can probably get a complete, second-hand Pentium4 of Celeron system for $20
<twb> imjess: define "good"
<twb> qman__: unless you're in China or India or something
<qman__> nah, the only thing is
<qman__> I've got lots of dead P4s and celerons
<qman__> but this old thing just keeps going
<imjess> I don't know. I mean do we need encrypted LVM?
<qman__> that's entirely up to you
<qman__> more work than it's worth in most cases, if you ask me
<imjess> Oh we do not need it then lol
<qman__> according to http://packages.ubuntu.com/lucid/allpackages?format=txt.gz there is still a linux-386
<qman__> surprised they haven't dropped it, frankly
<qman__> I must not be the only person still using 14 year old hardware
<twb> Most of them wouldn't be using ubuntu, though
<twb> What with it being targeted at schmucks running the latest bleeding-edge powerbook or whatever
<lifeless> heh
<imjess> If we don't use multiple partition or drives..  I guess we could ignore LVM perhaps
<imjess> ?
<qman__> you don't have to use LVM at all if you don't want to, it's entirely optional
<qman__> makes some things easier, like encryption or resizing partitions
<twb> "do we need encrypted LVM" depends on whether you need block-level encryption
<imjess> Normal guided entire disk with raid 1...
<twb> What security cert do you need to qualify for?
<qman__> encrypted LVM makes sense on a laptop, but otherwise it's not very useful
<qman__> or perhaps removable backup disks or something
<imjess> I see.
<twb> qman__: that depends on whether the laptop contains confidential information, whether you take it offsite, etc.
<qman__> but if your server isn't in a secure location, that's a bigger problem
<twb> imjess: with security, you should start by working out what attack vectors you care about, rather than looking at what techniques you can use.
<twb> For example, there is not much point learning about iptables if your host isn't connected to a network.
<imjess> Got it.
<qman__> also keep in mind, in order to use encrypted LVM, you will either need to type in a password or insert a removable storage device containing a key every time you boot
<qman__> not very convenient
<imjess> Not going to use encrypted LVM...
<twb> block-level encryption is most useful when your physical security is weak (i.e. your disks aren't bolted into a rack behind a locked door.
<twb> qman__: that's assuming the root device is encrypted.
<twb> You could conceivably encrypt your "user data" filesystem but not your root filesystem.
<qman__> yes, but it would be difficult to use the server without unlocking said filesystem
<qman__> and if your swap isn't encrypted, that's a pretty big hole in the scheme
<twb> But yeah, any kind of encryption should have multi-factor authentication
<twb> qman__: well, I think you've heard my policy on swap :-)
<imjess> Reconfigure partition with LVM..  it stopped at 33% like 20 mins now...
<qman__> my general policy on that matter, RAM is cheap
<imjess> Without*
<qman__> that's normal
<qman__> the progress bar only goes by the steps themselves
<qman__> the first step is quick
<twb> qman__: you could conceivably have a /srv/customers encrypted, but /home not encrypted.  That way you could do web browsing and suchlike, while your customers' data is relatively safe.
<qman__> the second step is slow
<twb> qman__: e.g. if the laptop has a combined work + personal role
<imjess> Is this encrypted LVM is a new thing on Lucid or just server only?
<qman__> it's not very new
<qman__> but it's not in the desktop CD, only the server and alternate CDs
<qman__> the desktop CD supports encrypted home directories though I think
<imjess> Oh no wonder I haven't encountered em before.
<qman__> the desktop CD doesn't support RAID at all either
<qman__> if you want features like that on a desktop, use the alternate disc
<twb> That's because Ubuntu makes the desktop CD, and they lag behind Debian :P
<qman__> I'm not really sure why it doesn't
<qman__> since it apparently uses the same partitioner
<qman__> and other than the GUI-fication, it looks the same as the menus
<twb> I hear that ubiquity backs onto d-i, but that doesn't mean that ubiquity is just a GUI for d-i
<twb> Otherwise, ubiquity would be g-i, which is Debian's GTK-based d-i GUI
<imjess> The server documentation doesn't show the installation proccess doh..
<twb> imjess: apt-get install installation-guide-amd64
<imjess> Cool thing we do not need install drivers for Raid software
<baffle> Hum, "service <not running service> status" returns with 0, not 4.
<baffle> That's quite shitty.
<baffle> :-)
<twb> baffle: isn't that for compatibility with broken RHEL/LSB service(8)?
<imjess> twb: After install the guide, how to retrieve it lol
<twb> imjess: dpkg -L will tell you where files are installed.
<baffle> twb: Well, /etc/init.d/upstart-job status also returns 0.
<baffle> (I.e. a upstart-job wrapped upstart-service)
<twb> I hate upstart
 * baffle too.
<twb> At least cinit didn't embed sh in a completely non-sh DSL
<baffle> This means that a cluster is now unable to check if deamons are running! \o/
<twb> (Yes, I realize that it was job-based not event-based)
<twb> baffle: just use pgrep like the muck-dwellers
<baffle> twb: Well, I don't really want to change all kinds of agents just because upstart is stupid; I'd rather fix upstart. :-)
<twb> Good luck with that
<imjess> Listfiles needs at least one package name argument..
<imjess> Oh no, it seem without LVM, can't configure Raid lol...
<baffle> twb: https://bugs.launchpad.net/ubuntu/+source/upstart/+bug/552786
<uvirtbot> Launchpad bug 552786 in upstart "initctl: lacks proper exit codes" [Medium,Invalid]
<twb> baffle: thanks
<baffle> twb: So it seems I'm not the first. :-)
<baffle> twb: But this will lead to data loss at some point, I'm quite certain.
<twb> Yeah, well, my plan is to get shit-faced tonight
<twb> I've been dealing with oracle and sybase and sles all day.
<twb> Annoying as ubuntu is, at least I can RTFS and sometimes fix stuff by in-house monkey patching
<baffle> twb: Well, to be honest, I prefer Ubuntu over SLES/RHEL any day.
<twb> Me too
<twb> I'd just prefer it to be more anal and less cool, i.e. debian
<baffle> twb: But there are some quite critiacal bugs that slips thru the cracks, I feel that the Canonical server team does not have the resources to test enterprise grade solutions. Not enough manpower, possbily not enough experience (not in general, ofcourse) and not the lab environment.
<baffle> Wow, that sentence was broken.
<baffle> those sentences. \o/
<willemb> Hi there.  I have spent the morning reading documentation about uec, eucalyptus, etc, and I am still unsure how some of it works.
<baffle> willemb: How it works?
<imjess> willemb: Make it two of us.
<willemb> What I want to know is:  If I have a cluster of servers with cloud packages installed, can I instantiate what is effectively a single vm combingin the resources of all of them?
<baffle> willemb: That's why they call it cloud; You're not supposed to understand. :-)
<baffle> willemb: No, a VM runs on one machine. But you have a pool of server resources that you can deploy your VMs to.
<willemb> ok, so I can run apache with multiple vhosts 'on the coud' ?
<baffle> willemb: It doesn't really solve your scaling problems; You just have a bit simpler deployment.
<willemb> :-( so i can't just install a cloud version of apache, set up 2000 web sites and point all their a-records to my node controller?
<baffle> willemb: Nopes. It is not magic. :-)
<willemb> adding more nodes as demand increases
<willemb> right, so it is called cloud cause it solves nothing and is merely nice to look at?
<baffle> willemb: That's cloud for you.
<willemb> ie, i could do the same thing with xen/kvm anyway
<baffle> willemb: Yup.
<imjess> Very cloudy if you ask me.
<baffle> willemb: But it has a nice webinterface. And you kindof can't use nice enterprise features.
<willemb> right, so ubuntu cloud services is to xen and kvm what gedit is to vi
<baffle> willemb: You have cool distributed storage, tho'. Wich ofcourse isn't as fast as a nice SAN. And probably not as reliable. And you kindof loose control of the network. And basically you just loose control.
<baffle> s/loose/lose/
<baffle> In my not so humble opinion, ofcourse.
<willemb> So what is everyone so excited about?
<baffle> I'm not?
<twb> willemb: kool-aid
<willemb> looks like an easy way to get into virtualization if you don't want to spend any time figuring out how any of it works.  like an mcse's fast-track to consolidating resouce usage
<baffle> willemb: If you buy into the amazing cloud thingy, it's kindof neat. If you design your applications from the start to be deployed on a cloud it is kindof neat. But it has to be done from the ground up. :)
<soren> willemb: Trust me... This is not the easy path to virtualisation.
<twb> I think the excitable weenies are just the usual kids running a server in their dowm
<twb> s/dowm/dorm/
<willemb> right, so as a web hosting company, I can't move my mom and pop clients with joomla/wordpress into a cloud
<soren> Sure you can.
<willemb> without rewriting their sites?
<soren> It's just not going to magically make stuff scale better.
<soren> Sure.
<twb> I'd be more inclined to use jails than full VMs for those
<baffle> In other news, our web based KVM management software is kindof progressing. :-) I'm thinking about opensourcing it.
<twb> baffle: just remember that "let's open-source it!" doesn't mean "then our developers will work for free!"
<baffle> willemb: It's nice if you just think of it as a nice way to deploy VMs. For simple VMs without high demands for high availability it is probably cool.
<willemb> i was really hoping all the vm's would kind of share disk space and connection handlers
<lil_cain> we have something already partly written (and open source)
<twb> willemb: that sounds like a jail to me
<soren> willemb: Cloud (in this context) means that you have a programmatic interface to server provisioning. If your application can make good use of that, you win.
<lil_cain> altough, ours is far more for !centrally managed VMs.
<twb> lil_cain: where "!" means "non-" ?
<willemb> ok, so maybe migrating our 1300 web servers (each with hundreds of sites on it) onto vm's first, then worry about a nice cloud interface for managing it afterwards
<baffle> twb: Yeah, I know that. I'm thinking about open sourcing it to share our work for free, basically. Because it is something people want. A nice web GUI, that can talk to a cluster of KVM machines, that can use a proper cluster backend, where there is access control so you can give customers remote control of their VMs. :)
 * twb grumbles about web interfaces
<baffle> twb: I.e. a free VMWare VirtualCenterish application.
<lil_cain> twb: Aye.
<twb> Sounds more like cpanel backed onto euc
<baffle> twb: Hey, you're free to do everything from commandline, it just uses libvirt and the cluster (pacemaker/corosync) tools. :)
<lil_cain> pretty much. A cpanel backend is handy for a lot of things though.
<baffle> Ye of little faith.
<twb> baffle: that's nice in theory, but I have had to fight too many sites running stuff like sysconfig-blah and webmin, where you can *technically* use the CLI, but you're instructed not to because it'll webmin will either break or delete your changes
<twb> Not that I much like libvirt's UI as it stands
<baffle> twb: All state lives in libvirt and the clustering software.
<twb> I'm used to just using qemu's user-space networking with dnats and curses and maybe no disks at all, but libvirt wants to be in charge of brctl and run everything as root and suchlike
<larsemil> are there any public PXE servers that i could use to install ubuntu?
<Jeeves_> larsemil: Not that I know off
<Jeeves_> It is on my todo-list, for about a year and a half now :)
<larsemil> Jeeves_: would be cool.
<baffle> larsemil: Hmm, I seem to remember there being a public TFTP server for all kinds of distros actually..
<twb> You can't PXE boot off a remote network
<twb> PXE starts with a DHCP broadcast
<Jeeves_> No
<Jeeves_> Your dhcp server needs to be local
<soren> tftp can be routed.
<twb> Right
<soren> So yeah, what Jeeves_ just said.
<Jeeves_> But you can tftp from somewhere else
<twb> Personally I found di-netboot-assistant to be pretty awesome, though a highly available tftp.debian.org would be awesome
<twb> *more awesome
<larsemil> any news in 10.04 server edition except newer packages?
<twb> larsemil: I don't understand the question
<halvors> I have heard it is simple to setup a emailserver on Ubuntu using the package "dovecot-postfix" but what more will i need to done?
<halvors> ??
<twb> halvors: have you read the Ubuntu server guide?
<larsemil> twb: are there any new feats? like in 8.04 its easy to make your machine virtual host etc..
<twb> larsemil: did you read the release documentation?
<larsemil> twb: actually not
<larsemil> twb: :)
<larsemil> what service is a gpg key server running, cant find when searching
<jpds> larsemil: SKS.
<larsemil> thanks
<halvors> Yes, i have tryed but it didn't work, i only wounder if i only need to install dovecot-postfix or need i to do more?
<halvors> ??
<halvors> ??
<uvirtbot> New bug: #575040 in tftp-hpa (main) "tftpd-hpa.postinst keeps hanging with a Password: prompt" [Undecided,New] https://launchpad.net/bugs/575040
<baffle> Regarding me complaining about upstart-job not returning 3 (or, well, not 0) when doing "/etc/init.d/service status"; I made a small change to upstart job that makes it at least report 1, so stuff works. https://bugs.launchpad.net/ubuntu/+source/upstart/+bug/552786
<uvirtbot> Launchpad bug 552786 in upstart "initctl: lacks proper exit codes" [Medium,Invalid]
<baffle> In upstart it is by design, but in the LSB-wrapper it should support it...
<andriijas> are there any known issues in lucid with php5 and apache segfaulting??
<zul> andriijas: yes please use the version in lucid-proposed
<andriijas> zul: how?
<zul> andriijas: https://wiki.ubuntu.com/Testing/EnableProposed
<andriijas> ty
<andriijas> zul: any eta when this will be published to lucid?
<zul> andriijas: after it gets some testing
<andriijas> zul: but i can disable proposed after upgrading php again?
<zul> andriijas: yep
<halvors> It is possible to make self maded sertficates for Webmin??
<soren> halvors: Ubuntu does not support webmin.
<halvors> How admin panels should i use?
<lil_cain> !ebox
<ubottu> ebox is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/eBox
<zul> admin panels?
<zul> ttx: ping
<smoser> hggdh, are you around ?
<hggdh> smoser almost ;-) what can I do for you?
<zul> *sigh* if it was only that easy
<ahasenack> smoser: hi
<ahasenack> smoser: just noticed that the lucid AMIs don't have a ramdisk
<ahasenack> smoser: so, that was unexpected. What's the change, how does it work? The kernel has all the drivers and stuff?
<smoser> ahasenack, yes, that was a feature we chased.
<smoser> they just dont' need one.
<smoser> the kernel can mount the root filesystem.
<ahasenack> smoser: ok, so that's going to be the norm from now on, if possible
<smoser> thats the goal, yeah.
<ahasenack> smoser: also for the other distros you think?
<smoser> i dont know about other distros. it works here, its always been possible, its just that ramdisks are more generic, and "standard"
<ahasenack> ok
<smoser> but since the cloud environments (UEC and ec2) have well known hardware profiles we dont really need them.  the ramdisk never actually did much.
<smoser> hggdh, i was going to ask about the order of powering up topo2
<hggdh> smoser: still looking for me?
<smoser> i turned on cempedak first
<hggdh> heh
<hggdh> yes
<ahasenack> smoser: thanks
<hggdh> smoser: when cempedak is up, copy the SSH key to the mabolo and marula preseeds
<hggdh> then up both
<hggdh> smoser: the docs are up-to-date, BTW
<smoser> hggdh, sorry, how to copy ssh key ? what key ?
<smoser> hggdh, sorry, please point me to TFM
<hggdh> smoser: under mathiaz tamarind bzr, README.testing
<hggdh> smoser: the SSH keys I am talking about are the eucalyptus user keys
<smoser> yeah, i can read. i didn't open README.testing. sorry . i'll bother you if i have more
<smoser> hggdh, wiat. i'm sorry.
<smoser> i didn't do "lucid-amd64-multi"
<smoser> i set topo to lucid-amd64-topo2
<smoser> is that not right ?
<halvors> Does ebox provide adminpanel for domains?
<hggdh> smoser: yes, lucid-amd64-topo2 is the correct one
<smoser> i didn't realize this was 4 steps
<hggdh> you need to copy the keys anyways (at least this was my experience)
<smoser> yeah.
<hggdh> so you copy the bloody CLC key to Walrus and CC preseed, then copy both CLC and CC keys to the SC/NCs
<hggdh> smoser: oh, I follow you now. The README.testing states you only need to copy on -multi...
<halvors> I installed ebox, but how access the interface? I tryd https://myip/ebox but it does not work
<smoser> hggdh, would be nice if that could be a single 'go' command.
<smoser> (which i'm sure is no new thought to you)
<hggdh> smoser: you bet... but it might be possible
<smoser> well its definitely possible
<henkjan> hmm, disabling ipv6 autoconfiguration
<henkjan> net.ipv6.conf.all.autoconf = 0
<henkjan> that should be enough i thouhgt?
<henkjan> on lucid I still get my eui-64 address
<_ruben> henkjan: might need to change default as well?
<_ruben> (not just all)
<Mkools> Hello, I want to add a virtual host in tomcat6 for that I have read doc on tomcat6, from which I concluded that I have to add three elements namely: 1. Engine 2. Host 3. Context in my server.xml. I have also created one instance of tomcat. I wanted a review on my above statements that is whether they correct or not or any further addition is needed. Do I have to defaultHost= 'ip of dns or name of dns'?
<Mkools> I am using bind9 and I have created domain prctimp.private.
<Mkools> I am using Ubuntu 9.10 Karmic
<uvirtbot> New bug: #575175 in apache2 (main) "apache running at 100% indefinitely" [Undecided,New] https://launchpad.net/bugs/575175
<henkjan> _ruben: didnt help..
<_ruben> henkjan: http://marc.info/?l=linux-kernel&m=123599691025508&w=2 (havent fully read it myself yet)
<smoser> hggdh, ping
<aurigus> pong!
<ttx> jdstrand: https://blueprints.edge.launchpad.net/ubuntu/+spec/security-m-apparmor-profile-packaging is currently scheduled in the cloud_and_server track, I suppose it's a misplacement ?
<jdstrand> ttx: yes, that would be. kees? ^
<ttx> jdstrand: want me to fix that ?
<jdstrand> ttx: sure
<ttx> Will mark it a "security" track
<jdstrand> ttx: should be in the security track (semi-obviously)
<hggdh> smoser: I am here
<ttx> and let kees carry on from there
<jdstrand> ttx: thanks
 * ttx tests admin superpowers
<smoser> hggdh, pm
<Mkools> It is written in the docs that Engine should have one default host as localhost. Now I want to add a virtual host is there any other syntax like <virtualHost> in apache 2.0 or <Host name = > will do it?
<Mkools> Please reply.
<henkjan> _ruben: thnx for that url. Enabling forwarding helps to disable autoconf. ugly
<kees> ttx: the scheduler is so strange... why did it mark it as cloud?
<ttx> kees: someone must have marked it as such in the summit admin system
<ttx> kees: takes special power to assign a session to a "track"
<kees> ttx: well, they're supposed to be auto-marked on creation.
<ttx> kees: ?
<kees> ttx: yeah, you (or I) can change it, though.
<halvors1> Can i make new domains on my server with ebox?
<ttx> kees: auto-marked based on what ?
<ttx> kees: natural language analysis ? spec name ?
<kees> stuff named $WHATEVER-m-$NAME is supposed to be automatically marked by the summit system into track $WHATEVER
<ttx> kees: first time I heard such a thing :)
<kees> anyway, thanks for fixing it.  :)
<kees> ttx: hm, well maybe there is some quiet human doing it, but most of my BPs were already in the right track when I did scheduling.
<kees> and the rest lacked any track at all.
<ttx> kees: I suspect some quiet human interaction yes
<uvirtbot> New bug: #570648 in libubuntuone (main) "rhythmbox crashed with SIGSEGV in _nss_wins_gethostbyname_r() (dup-of: 529714)" [Medium,New] https://launchpad.net/bugs/570648
<bondiblueos9> after booting the 9.10 server cd and select rescue system, how can I get my tape drive into /dev ?
<bondiblueos9> maybe I'll just start downloading the 10.04 cd to do a clean reinstall in the meantime
<AlexMax> I've just updated to ubuntu server 10.04.  My IP Aliases aren't working anymore.  What am I missing?  http://bpaste.net/show/9lHotcyYnGQh7LaiuMPc/
<AlexMax> Hrm, I added the netmask and it works....but restarting networking doesn't seem to bring them up automatically
<AlexMax> i still have to use ifup
<clintb> AlexMax: maybe 'auto eth0:0' ? I haven't tried aliases in lucid yet
<AlexMax> I have that
<clintb> I see 'auth eth0:0'
<clintb> mispelled?
<jiboumans> moring clintb
<SirDerigo_> hello people, i just installed ubuntu 8.04 server edition, i ran apt-get upgrade, and it decided to download grub-pc, the problem is that when it is installing gives this error msg and dies: grub-probe: error: cannot find a GRUB drive for /dev/cciss/c0d0p1.
<SirDerigo_> it is and hp proliant ml150G6 server
<pmatulis> SirDerigo_: sounds like we are pushing GRUB2 on people
<arthurjohnson> I'm not a big fan of grub2, the failcount thing scares me
<htc> anyone familiar with server 10.04 / cannot set static ip problem?
<pmatulis> htc: no, tell us about it
<htc> pmatulis, well i was in main there, but ok.
<htc> hm.. apparently my new host is incapable of setting a static network ip with server 10.04
<htc> now this sounds rather redonculous to me, but i figured i'd check in and see if it was a bug, as i've seen a few vm's do this
<htc> vm images rather, build by some faulty humans i'm assuming, or more likely deployed by some faulty human logic that we dont need to check :)_
<htc> any decently common nic's not included these days? some odd realtek or so? but something that would still have very large scale sales.. say the odd desktop board?
<pmatulis> htc: seems good over here
<htc> hm, depressing... i might have to teach this guy to host then. thx for the input
<pmatulis> htc: maybe get more details at the very least
<bondiblueos9> I often boot up my system without some drives connected; after upgrading to 10.04, I have a prompt that tells me they are not present and wants me to wait or press a key to continue; how can I disable this prompt (as though I hit S to skip)
<htc> pmatulis, wish i could :P
<pmatulis> bondiblueos9: you've changed your nick.  i believe we've gone over this
<bondiblueos9> pmataulis: this is the first time I've gotten an answer about it, though I have asked a couple times the past couple days in #ubuntu
<htc> that was only with 64bit host/vm's btw
<bondiblueos9> pmatulis: but it was with this nick
<htc> ttyl o/
<pmatulis> htc: ok, i've just tested with 64-bit lucid server (kvm guest)
<federico> hi, I want to login via ssh to an UEC instance with credentials that I've downloaded from the firefox
<htc> pmatulis, and let me guess, its fine :P
<pmatulis> htc: yeah, like i said before
<htc> i dont doubt YOUR competence
<htc> :)
<federico> What I have to do?
<htc> nor mine - unfortunately no real-time connection to host, so lame
<htc> but cheap heh
<htc> l8 and thx again m8
<pmatulis> bondiblueos9: ok, your nick is getting truncated, looked different
<federico> hi, I want to login via ssh to an UEC instance with credentials that I've downloaded from the firefox
<neverblue> ok, in attempting to setup eth0, statically, I need to enter a search domain, what is that going to be, the address of my router?
<pmatulis> neverblue: no
<neverblue> i setup the IP, mask and gateway, and the DNS Server, but no idea on what to set the Search domain to
<pmatulis> neverblue: it should be optional but if it's not just put in your local domain name (ex: 'example.com')
<neverblue> and I am unable to get outside my netwoek
<bondiblueos9> pmatulis: do you have a quick tip to bypass this prompt? or can you at least point me in the right direction to search for the answer?
<pmatulis> bondiblueos9: what kind of device again?  usb or sata
<bondiblueos9> sata, ide, and firewire; all of them prompt unless I remove them from the fstab
<pmatulis> bondiblueos9: what kind of device is troubling you?
<neverblue> ok, something else is messed
<neverblue> cannot get online at all
<chasmanrors__> New to list, How do I move my setup to better hardware?   Do I need to reinstall everything?
<bondiblueos9> pmatulis: external firewire drives if they are not turned on at boot time, and internal sata drives if they are disconnected at boot time
<pmatulis> bondiblueos9: try the 'nofail' option in /etc/fstab
<federico> alguien habla espanol, porque quiero preguntar  algo de una traduccion
<mathiaz> bdmurray: hi - could you investigate why http://qa.ubuntu.com/reports/ubuntu-server-team/fixedbugs.ubuntu-server.2010-05-03.html is empty?
<mathiaz> bdmurray: running the script from a lucid chroot works correctly
<bdmurray> mathiaz: of course, thanks for letting me know
<federico> hi, I don't undestand this sentence(I'm learning english),     * Source eucarc script to make sure that the environmental variables used by euca2ools are set properly. To validate that the euca2ools are able to communicate with the UEC,  try fetching the local cluster availability details.
<federico> $ . ~/.euca/eucarc
<federico> what . ~/.euca/eucarc does?
<pmatulis> federico: "sources" the specified file
<Alan> Hmmm, things like VirtualBox are pulling in a crapload more on Lucid than they used to on Intrepid, for the same VirtualBox repo and version
<Alan> Is this something to do with a change towards installing all recommended stuff instead of not?
<pmatulis> federico: usually used to import variables
<Alan> Because it's resulting in getting X for a server, which is pointless...
<federico> that copies to the enviroment variables of the sistem?
<pmatulis> Alan: isn't virtualbox a desktop application?
<Alan> pmatulis: it works for server too
<Alan> i swear it never used to pull in x11-common...
<pmatulis> federico: well, for your current user
<pmatulis> Alan: you're x forwarding it?
<Alan> hmm, on the other hand, i could probably use the new virtualisation stuff, since I actually have a virt-capable CPU now....
<Alan> pmatulis: no
<federico> pmatulis: thanks
<Alan> i'm using the command-line VBoxManage etc.
<pmatulis> Alan: ok, so you can actually use vbox like that, good to know
<Alan> pmatulis: yup, been doing it for the last 8 months or so
<pmatulis> Alan: nice
<Alan> I might switch to using KVM stuff now though
<Alan> Previously i couldn't because my server hardware was too old to support hardware virt
<Alan> also, i think maybe having those extra deps won't be a problem
<Alan> prunes it a lot if i use --without-recommends
<ttx> mathiaz: in case there were any doubts, you should run the meeting
<Alan> pmatulis: my usecase is using a virtualised server so I can have a public-facing webserver that is somewhat isolated from my important data-carrying server
<mathiaz> ttx: ok
<bogeyd6-> I am getting a download request for  application/x-httpd-php  (in firefox) but it should be serving the php page instead. How do I go about fixing this?
<lenios> bogeyd6-, you should serve the page as html, not php
<bogeyd6-> lenios, please describe how to fix
<uvirtbot> New bug: #575303 in tomcat6 (main) "tomcat6 has two webapps/ directories" [Undecided,New] https://launchpad.net/bugs/575303
<lenios> i don't remember where, but it's related to apache
<lenios> apache should serve the content as html mime type
<Alan> What is the suggested method for server virtualisation?
<jpds> Alan: KVM.
<Alan> jpds: are there any comprehensive guides on it?  most of the stuff I find in the ubuntu wiki is patchy and for older versions
<bogeyd6-> lenap_, turns out it is a firefox bug
<Alan> and is it still necessary to screw around with bridging manually?
<bogeyd6-> lenios, turns out it was a firefox bug
<lenios> bogeyd6-, your apache is most certainly wrong too
<lenios> there should be no sign of php to the browser
<bogeyd6-> IE loads it fine
<bogeyd6-> clear the FF cache and it now loads fine too
<failover> Alan, setup kvm with ubuntu is not so difficult !
<failover> but still need manually work !
<Leblinux> Hello, anyone configured subversion on ubuntu-server? I have a problem with adding a group to to the svn group.
<failover> Alan, https://help.ubuntu.com/community/KVM is a good start !
<oru_work> how do I login to mysql ?
<pmatulis> bondiblueos9: well?
<bondiblueos9> pmatulis: I'm having other issues
<bondiblueos9> pmatulis: that I thought I had fixed when I posed the question
<oru_work> ERROR 1046 (3D000): No database selected
<oru_work> how can I select a database ?
<pmatulis> oru_work: www.google.ca/search?sourceid=chrome&ie=UTF-8&q=mysql+how+can+I+select+a+database+%3F
<Alan> failover: yeah, i've been looking there, but I'm still not entirely sure what's going  on :|
<Alan> trying out ubuntu-vm-builder right now
<oru_work> pmatulis, thanks
<failover> Alan, if you have doubts just ask for a explanation :)
<atomic__1> ugh, anyone from the Netherlands? need to settle an argument here...
<hggdh> mathiaz: sorry, my reminder failed
<mathiaz> hggdh: no problem
<mathiaz> hggdh: it's the begining of the release cycle
<mathiaz> hggdh: and the meeting time has moved
<mathiaz> hggdh: did you have anything important to report?
<hggdh> mathiaz: no, nothing new
<hggdh> I will beef up the blueprints
<bdmurray> mathiaz: fixed
<mathiaz> bdmurray: great! -thanks
<failover> Hey, i'm using kvm with lucid, but i can't load the kvm-amd module, http://paste.pocoo.org/show/209864/ ! Someone know why ?
<smoser> failover, what does 'kvm-ok' say ?
<failover> smoser, kvm is disable in bios ! i'm working on this now ;)
<failover> but, tanks !
<RoAkSoAx> kirkland, ping?
<smoser> kirkland is travelling to UDS RoAkSoAx
<RoAkSoAx> smoser, oh thought he was already there... thanks :)
<smoser> he told me he'd arrive Wednesday mornig
<halvors> Somone know a good hosting panel i can use on my server? Who manage and create new domains?
<RoAkSoAx> smoser, ok will have to wait for him until tomorrow then. thanks :)
<gregcoit> in lucid server, I'm seeing rsyslog Recommends logrotate, logrotate Depends fcron, fcron Recommends sysklogd but rsyslog and sysklogd conflict
<guntbert> gregcoit: are recommendations automatically installed? I think that is configurable somewhere
<gregcoit> guntbert: oh, that would be nice to be able to control
<guntbert> gregcoit: I found "Recommendations are standard installed with apt. This can be prevented using the switch --no-install-recommends"
<guntbert> gregcoit: it was on http://superuser.com/questions/70031/what-is-the-difference-between-recommended-and-suggested-packages-ubuntu
<bondiblueos9> my boot fails after "init: plymouth-splash main process (xxx) terminated with status 1"
<gregcoit> guntbert: thank you!
<guntbert> gregcoit: you're welcome :-)
<uvirtbot> New bug: #575381 in bacula (main) "package bacula-director-mysql 5.0.1-1ubuntu1 failed to install/upgrade: le sous-processus script post-installation installÃ© a retournÃ© une erreur de sortie d'Ã©tat 1" [Undecided,New] https://launchpad.net/bugs/575381
<bondiblueos9> pmatulis: thanks for your help; I never got that prompt again, but it was probably because the system hung on boot when the drives weren't connected, heh; I ended up putting noauto in fstab, so it works, I just have to mount manually every time
<uvirtbot> New bug: #575387 in chkrootkit (main) "support excludes in the sniffer test" [Undecided,New] https://launchpad.net/bugs/575387
<kirkland> RoAkSoAx: here, briefly
<kirkland> RoAkSoAx: whats up?
<Pirate_Hunter> any python programmers can help me with this bug found in denyhosts - http://sourceforge.net/tracker/index.php?func=detail&aid=2898723&group_id=131204&atid=720419 looking for a fix as the edit in line 47 doesn't fix the problem and python 2.6 is intalled in ubuntu 10.04
<dvheumen> hi, is there anyone who can help me with my ticket refreshing issues that winbindd has. I have this thing where, after rebooting the Windows server, winbindd loses access to the server and consequently can't check access for users accessing its samba file shares
<dvheumen> I have searched on the internet via google and such, but I keep getting the same settings that simply do not seem to do the job in my case.
<dvheumen> And I'd like to know where exactly the error occurs because 'wbinfo -t' keeps failing, and I'm wondering why
<dvheumen> or how to force a ticket refresh from winbind
<dvheumen> the server is Windows SBS 2008
<storrgie> cclausen: You around? I have some questions regarding the network config we worked on on sunday
<cclausen> storrgie: I am sort-of here
<cclausen> I'm at work, so if I go afk I have actual work happening
<pwnguin> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system. See !ebox instead.
<plavcik> hello, I had intention to upgrade my old ubuntu server LTS (8.04?) to 10.04 LTS, I did firstly apt-get update && apt-get upgrade, but during reboot, I'm can't boot again even with old kernel and getting busybox
<viezerd> !ebox
<ubottu> ebox is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/eBox
<cclausen> plavcik: you be upgrading using do-release-upgrade, not directly using apt like that.
<plavcik> that's option on live CD?
<cclausen> plavcik: you should do the upgrade from the existing system.  I'm not sure what happened nor how to recover your current system.  Maybe try reinstalling grub or something?  Do you get any additional information?  Or do you just end up in busybox?
<plavcik> mounting /dev/sda2 on /root failed: No such devices (I noted udev upgrade, may be its related)
<plavcik> grub is ok, sda is not recognised anymore (SCSI)
<plavcik> /root/dev on /dev/.static/dev failed
<pwnguin> ok, so why exactly is webmin bad?
<viezerd> someone told me (onces) webmin might be insecure
<cclausen> viezerd: in general anything that makes administration easier for you, makes it easier for an attacker as well
<pwnguin> well then
<pwnguin> better throw out ebox!
<cclausen> pwnguin: wedmin doesn't follow Debian/Ubuntu policy for config file updates and doesn't use apt correctly to install packages
<cclausen> yeah, I'd consider that insecure as well
<pwnguin> cclausen: which policy does it violate?
<pwnguin> it wasnt dropped from debian for violation
<cclausen> if you want secure management, I'd setup single sign on with Kerberos and possibly use remctl
<cclausen> pwnguin: I think not using pat would be a policy violation in itself.
<cclausen> err, apt
<pwnguin> all i want really is for a specific user to be able to reboot apache. not concerned about package installation
<cclausen> remctld can do that
<cclausen> you could setup: remctl <host> invoke-rc.d apache2 restart
<pwnguin> you're assuming specific user is capable of dealing with remctl
<cclausen> or do the same thing with sudo and a forced SSH command
<pwnguin> and not say, a professor of interactive media
<cclausen> you can make a button that they click call the correct command from their computer
<cclausen> or do they need to be able to do this from anywhere in the world?
<pwnguin> well, the last ticket came in on friday at midnight
<pwnguin> campus closes at midnight
<pwnguin> so i assume they were not actually on campus
<cclausen> well, allowing login from untrsuted systems is its own problems
<cclausen> again, if its easy for end users, its easy for attackers
<pwnguin> who might what
<pwnguin> reboot the server
<pwnguin> i think im sticking with my reboot every 30 plan
<cclausen> buffer overflow -> root access
<cclausen> just run invoke-rc.d apache2 reload from cron every 30 minutes
<pwnguin> right
<cclausen> unless you actually need to stop and restart
<cclausen> hmm
<cclausen> actually
<pwnguin> probably restart graceful
<cclausen> why does apache need to be restarted in the first place?
<pwnguin> i dont know
<pwnguin> because he's breaking wordpress
<cclausen> invoke-rc.d reload does a apache2ctl graceful
<cclausen> breaking it how?
<cclausen> and how does restarting apache fix that?
<pwnguin> so lets start there: we're running wordpress. anything security related you want to address has to be more scary than that
<cclausen> yeah, true
<cclausen> I'd run wordpress under mod_Fcgid
<cclausen> and actually, I DO run wordpress under mod_Fcgid :-)
<pwnguin> he installed some wp plugin
<cclausen> oh, I see
<cclausen> you are using mod_php
<pwnguin> and when i came in on sat, his wp install was broken
<cclausen> yeah, the fcgid stuff can be restarted per app instead of per-server
<pwnguin> interesting
<cclausen> just pkill -9 php5-cgi as the wordpress user
<cclausen> or if wordpress the only thing running on here?
<cclausen> e.g. is it his server?
<cclausen> if its just that user's stuff, go for ebox
<cclausen> if its a shared system, you probably can't do that...
<pwnguin> it's for him and his students
<storrgie> cclausen: I pmed you a dmesg file
<storrgie> you may share it with the group if it is necessary
<storrgie> I am the one who had that bridged interface to eth1
<storrgie> and another interface to eth0
<pwnguin> im willing to take him at face value when he says he can totally handle apache and mysql
<storrgie> we had some issues with gateway
<cclausen> pwnguin: sounds like ebox could work for that.  as the prefessor if he thinks the risk is ok
<pwnguin> cclausen: he's already asking for 'phpmyadmin or similar software'
<storrgie> pwnguin: use webmin?
<pwnguin> heh
<pwnguin> and the circle is complete!
<jpds> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system. See !ebox instead.
<storrgie> yes it has issues, especially as the ubuntu distro changes over to things like upstart
<storrgie> jpds: is there alternatives?
<storrgie> sometimes it is very nice to see all the options, instead of config file madness
<cclausen> storrgie: did you read that message that said to see !ebox ?
 * clintb never liked webmin even when he was a padawan learner sysadmin .. 
<storrgie> ahh I didnt
<storrgie> sorry
<cclausen> :-)
<clintb> !ebox
<ubottu> ebox is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/eBox
<storrgie> cclausen: if you have some time
<storrgie> cclausen: having some werid stuff with that network configuration
<cclausen> storrgie: I'm not sure what I'm looking at here?
<storrgie> well ok
<storrgie> eth0 is still connected
<storrgie> but no route to outside world
<storrgie> only internal network
<cclausen> storrgie: pastebin ipconfig -a
<cclausen> and netstat -r
<storrgie> one moment
<storrgie> http://pastebin.com/2tXLiFxh
<storrgie> http://pastebin.com/U9G5R2Py
<storrgie> cclausen: i am a little confused about the vnet interfaces
<storrgie> I think kvm is making those
<storrgie> I would prefer it didnt
<storrgie> and just left me with eth0, eth1 and br0
<RickyWh1> is hardy heron considered too old?
<cclausen> RickyWh1: for servers, hardy will be supported for 5 years from release, so there are still 3 years of support
<cclausen> RickyWh1: I still have servers running dapper
<RickyWh1> is it rock solid?
<storrgie> RickyWh1: thats qualitative, we are dealing with deterministic machines
<cclausen> RickyWh1: depends what you mean by that.
<RickyWh1> i'm interested in running an amazon ec2 instance that runs ubuntu server, any recommended AMIs?
<cclausen> storrgie: br0 and eth1 have the same IP address.  that looks wrong
<storrgie> br0 is bridged to eth1
<storrgie> lemme send my ifconfig
<cclausen> you did
<storrgie> i meant my /etc/network/interfaces
<storrgie> apologies
<storrgie> http://pastebin.com/MhpYh6V1
<cclausen> try giving the br0 interface .4, if its available on the laptop
<storrgie> ?
<storrgie> on the laptop?
<storrgie> i'm confused
<cclausen> storrgie: on whatever machine you sent where br0 and eth1 are both .3
<cclausen> sorry, I assume it was a laptop
<storrgie> ahh its my server
<storrgie> so wait
<cclausen> I am probably wrong
<cclausen> yeah, ok
<storrgie> i;m a little confused
<storrgie> if you look at my interfaces
<storrgie> eth1 is set manual
<storrgie> but has it all commented out
<cclausen> oh, I see
<cclausen> it is commented out
<storrgie> yeah so... this is the way ubuntu docs said to do a bridge
<cclausen> I guess I am confused why it shows up in ifconfig with the same IP then
<cclausen> maybe that is how it is supposed to work
<storrgie> but something about this config is making eth0 not route to the outside world
<Pirate_Hunter> anyone care to help me with this daemon message - ubuntu mdadm[1655]: DeviceDisappeared event detected on md device /dev/md1, component device Wrong-Level - checked online and got nada, this is on lucid with raid0+lvm
<cclausen> storrgie: did you paste netstat -r ?
<cclausen> yes you did
<cclausen> see that you have TWO default routers
<cclausen> that is the problem
<storrgie> ?
<storrgie> whaaa?
<cclausen> I'm not sure how that happened, but if you figure it out and just get one default route, I bet it will start working
<storrgie> hrm well
<cclausen> storrgie: "default" in the netstat -r output
<storrgie> I'm noteven sure where to start
<cclausen> storrgie: there shouldn't be two of them
<storrgie> I don't know much about networking
<storrgie> haha
<RickyWh1> what package manager does ubuntu use?
<cclausen> storrgie: try downing the br0 interface and see if it starts working
<storrgie> aptitude
<RickyWh1> ahh sweet
<storrgie> RickyWh1: aptitude, apt-get
<storrgie> RickyWh1: what distro are you from?
<cclausen> RickyWh1: apt and aptitude is the command line interface to it.  I believe synaptic is the GUI
<storrgie> cclausen: sorry for being so newb, what is best way to down interface?
<storrgie> sudo ifdown br0?
<cclausen> storrgie: that should work.  I use ifconfig br0 down, but I am old school
<Pirate_Hunter> never mind found it here http://man-wiki.net/index.php/8:mdadm apparently raid0 can't be monitored :p
<cclausen> Pirate_Hunter: basically if it goes down, it IS down
<cclausen> and you would know b/c its broken :-)
<storrgie> took it down
<storrgie> netstat is same
<cclausen> storrgie: hmm
<storrgie> cept no br0 line
<storrgie> maybe a gateway in the br0 config?
<cclausen> storrgie: can you safely run /etc/init.d/networking restart ?
<Pirate_Hunter> cclausen yup and its bye bye everything
<cclausen> storrgie: looks like you had the gateway commented out, except for eth0 ?
<storrgie> cclausen: yep i can
<storrgie> yep
<storrgie> cept for eth0
<cclausen> storrgie: that should be the only thing adding a default route then
<storrgie> Pirate_Hunter: any other messages around that pirate hunter?
<storrgie> like ata messages?
<cclausen> storrgie: or dose the bridge_up rule do something funky with routing?
<storrgie> I have no idea on that...
<storrgie> I am new to bridging...
<storrgie> server is down hard....
<storrgie> no network now
<storrgie> with the gateway on br0
<storrgie> lemme run down to the basement and log in via tty
<storrgie> brb
<Pirate_Hunter> storrgie, nope it is as cclausen stated if it goes down I will know straight away as I will lose everything, hopefully before that happens the other machine will be ready
<clintb> jiboumans: belated "good afternoon" :)
<plavcik> cclausen: I used ubuntu server CD / selected recovery, then fdisk -l /sda and noticed, that root shall be sda3 not sda2, I don't understant, how grub-update get confused and putted sda2 to menu.lst (now I'm back, the system is 6.06.02 LTS)
<cclausen> plavcik: upgrading directly from dapper to lucid is not supported.  is that what you did?
<plavcik> not, I did last apt-get update && apt-get upgrade before going to study, how to upgrade
<plavcik> how to dist-upgrade
<plavcik> what is the recommendet/supported path?
<cclausen> plavcik: you need to use do-release-upgrade to go hardy first
<cclausen> and then reboot
<cclausen> and then go to lucid from there
<plavcik> is do-release-upgrade part of upgrade-manager-core? this package is seen by apt
<cclausen> yes
<cclausen> oh, right.  I don't think that dapper has that installed by default
<plavcik> the upgrade-manager-core package even not exist
<cclausen> there is a work-around
<cclausen> hold on... let me find the upgrade notes for dapper -> hardy
<cclausen> https://help.ubuntu.com/community/HardyUpgrades
<cclausen> 1.Enable the "dapper-updates" repository
<cclausen> 2.Install the new "update-manager-core" package
<cclausen> 3.Run "sudo do-release-upgrade"
<cclausen> also read the "Troubleshooting" section
<plavcik> cclausen: thx, will follow that
<plavcik> cclausen: i see, I did typo, package update-manager-core exist, I wrote upgrade-manager-core :(
<cclausen> ah, ok
<storrgie> cclausen: server wont boot.....
<storrgie> cclausen: I did a reboot just to make sure everything would come up alright
<storrgie> its been rebooted multiple times over the last 2 days
<storrgie> now it says something along the lines of:
<storrgie> lemme dredge it up
<storrgie> https://bugs.launchpad.net/upstart/+bug/522197
<uvirtbot> Launchpad bug 522197 in upstart "init: shouldn't log a warning/error when a job fails with a status in "normal exit"" [Low,Triaged]
<storrgie> there I posted at the bottom
<storrgie> I dont know what the issue is
<storrgie> i dont know how to fix it
<storrgie> I fear I have to re-install tonight
<storrgie> so i can even use my system in the coming days
<storrgie> getthing this in terminal:
<storrgie> init:ureadahead-other main process (1004) terminated with status 4
<storrgie> and cannot boot
<storrgie> wont boot beyond that point
<storrgie> anybody?!
<dominicdinada> !bcm440x
<dominicdinada> !bcm
<ubottu> Wireless documentation can be found at https://help.ubuntu.com/community/WifiDocs
<dominicdinada> !bcm 44
<dominicdinada> Hi, Does anybody know about the Broadcom 440x NIC ? Which drivers are needed. I have my Winblows drivers but somehow I doubt they will work
<dominicdinada> The only documentation I can google refers to the BCM440x chipset and wireless always shows up however it is not a wireless
#ubuntu-server 2010-05-05
<cclausen> storrgie: hmm... I am not sure what happened
<uvirtbot> New bug: #575452 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.41-3ubuntu12 failed to install/upgrade: subprocess new pre-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/575452
<dominicdinada> Hi, Does anybody know about the Broadcom 440x NIC ? Which drivers are needed. I have my Winblows drivers but somehow I doubt they will work
<dominicdinada> The only documentation I can google refers to the BCM440x chipset and wireless always shows up however it is not a wireless
<gop1> what a good hypervisor that would work in a 32 bit system with 3.0 ghz and 3 gigs of ramn
<gop1> I want for test lab
<uvirtbot> New bug: #575458 in ntp (main) "/etc/dhcp3/dhclient-exit-hooks.d/ntp breaks local NTP server (patch)" [Undecided,New] https://launchpad.net/bugs/575458
<lifeless> gop1: kvm
<gop1> lifeless KVM runs widnows 2003 server
<lifeless> gop1: don't know, don't care!
<cclausen> gop1: I think xen is the only hypervisor that runs on 32-bit.  Note that you probably cannot run windows guests though, just Linux ones due to how the 32-bit version works
<dominicdinada> The only documentation I can google refers to the BCM440x chipset and wireless always shows up however it is not a wireless
<dominicdinada> Hi, Does anybody know about the Broadcom 440x NIC ? Which drivers are needed. I have my Winblows drivers but somehow I doubt they will work
<dominicdinada> Hi, Does anybody know about the Broadcom 440x NIC ? Which drivers are needed. I have my Winblows drivers but somehow I doubt they will work
<dominicdinada> shoot sorry wrong order
<cclausen> dominicdinada: I take it it doesn't just work by default?
<dominicdinada> well when I run ifconfig my eth0 is not listed
<dominicdinada> so I assume not
<dominicdinada> and Dmesg reports it using Network-Msanager :/
<Maleko> what's new in ubuntu 10.04 server ed
<dominicdinada> Hi, Does anybody know about the Broadcom 440x NIC ? Which drivers are needed. I have my Winblows drivers but somehow I doubt they will work
<dominicdinada> The only documentation I can google refers to the BCM440x chipset and wireless always shows up however it is not a wireless
<neverblue> i would like to better understand my apache2 layout in Ubuntu
<neverblue> if I want to setup a site, is it best to just use the default /var/www ? or use a folder within a users' dir ?
<cclausen> neverblue: if you will onlt setup a single site, yes, just use /var/www
<cclausen> dominicdinada: asking the same thing many times doesn't make people want to help you
<neverblue> and what about the sites-enabled dir ?
<dominicdinada> cclausen:  No but if someone was shelled or on a different window well then they will see it
<neverblue> for virtual host configs
<dominicdinada> That is neither Spam not flooding
<dominicdinada> There are no rules against asking a legitament question until someone either acknowledges it and or the problem has been solved
<dominicdinada> Thanks
<neverblue> should I look into using sites-enabled ?
<neverblue> or just leave it, as I am just using a single site...
<cclausen> neverblue: just use the sites-enabled/default config file
<cclausen> err, I guess it would be 000-default
<neverblue> ok, what about reading my .php, rather than index.html when going to my site, is that managed in apache2.conf of the default conf ?
<neverblue> or the*
<npope> my google foo is failing me right now
<npope> anyone remember how to redirect local user mail to another address?
<cclausen> npope: aliases file do that?
<cclausen> neverblue: you can probably set it in either location
<neverblue> ok, ill google it
<neverblue> thanks
<npope> cclausen: thats it
<npope> thanks man
<npope> cclausen++
<cclausen> neverblue: DirectoryIndex index.php index.html index.shtml
<cclausen> neverblue: if that doesn't exist in apaceh2.conf right now, I'd add that to your sites-enabled/000-default file and NOT add it to apache2.conf
<dominicdinada> Hi, Does anybody know about the Broadcom 440x NIC ? Which drivers are needed. I have my Winblows drivers but somehow I doubt they will work
<dominicdinada> The only documentation I can google refers to the BCM440x chipset and wireless always shows up however it is not a wireless
<cclausen> dominicdinada: modprobe b44
<cclausen> lsmod | grep b44
<cclausen> does the module load?
<dominicdinada> ok let me check
<dominicdinada> cclausen: ummm after reboot it is working I can ping www.google.com
<dominicdinada> I found the problem :(
<cclausen> dominicdinada: so you don't have a problem with your network?
<dominicdinada> Well we will see I ran sudo aptitude update
<dominicdinada> The problem was in the networks file....
<dominicdinada> cclausen: Although I will have problems once I start configuring this to be a WAP also since it detects my wireless cards and can connect but doesnt have internet access
<cclausen> dominicdinada: did you actually setup something to route traffic between wireless and wired?
<dominicdinada> I am getting to that point to grab the packages :(
<dominicdinada> Right now I am grabbing the gnome enviroment
<dominicdinada> blah shoulda got gnome-core
<dominicdinada> cclausen: which package would i grab for the wired to wireless ?
<cclausen> dominicdinada: I do not now know.  what was your plan to make your system a wireless access point?
<dominicdinada> I was getting to that point I know I read or saw the howto guide to allow it I will search after i get things configured
<dominicdinada> !wireless access point
<ubottu> Error: I am only a bot, please don't think I'm intelligent :)
<Jeeves_Moss> what would be causing this error?  http://pastebin.com/ZyCt11BL
<dominicdinada> !remote
<storrgie> how do i specify route?
<dominicdinada> !ssh
<ubottu> SSH is the Secure SHell protocol, see: https://help.ubuntu.com/community/SSHHowto for client usage. PuTTY is an SSH client for Windows; see: http://www.chiark.greenend.org.uk/~sgtatham/putty/ for it's homepage. See also !scp (Secure CoPy) and !sshd (Secure SHell Daemon)
<dominicdinada> !ssh config
<dominicdinada> Can someone give me a hand with ssh ?
<storrgie> dominicdinada: whats up
<storrgie> i'll try
<storrgie> but im insane busy with my servah
<dominicdinada> ok I read the Faq and I am still baffled on some things
<storrgie> start shooting questions
<storrgie> i will try to help
<storrgie> if i dont respond, include my name in the message
<storrgie> storrgie: like this
<dominicdinada> storrgie,  I know that... Basically from the default config file... is this set at this moment to allow ( users ) to login... Like any user of this computer?
<storrgie> if you have a default config
<storrgie> then yes
<storrgie> your machine, without any firewall rules... or external firewall like router will allow log in on port 22
<dominicdinada> so any user of this machine is able to login via remotly
<dominicdinada> Well at this point I have to switch computers and still want access to continue to configure this computer
<storrgie> I believe so
<storrgie> ahh
<storrgie> yeah so switch to another computer on the nework
<storrgie> ssh -p <port> <servername>
<storrgie> your port is 22
<dominicdinada> ok i will i still have a little bit left
<dominicdinada> well i am going to use putty
<dominicdinada> I am used to putty with cisco routers however I want to choose tty correct?
<storrgie> http://blog.agdunn.net/?p=54
<storrgie> i dont think so
<storrgie> just use defaults
<storrgie> that link is my blog, has a decent setup
<storrgie> not the best ofcourse... but I typically use some variation of my own advice
<dominicdinada> ok one more important question... by default it is binded to this machine ?
<dominicdinada> i noticed in the config it says 0.0.0.0 and i will read your blog on the other computer
<billybigrigger> does anyone here run a jabber server?
<storrgie> yep
<storrgie> bound to local
<storrgie> anyone familiar with specifying static routes in /etc/network/interfaces ?
<cclausen> billybigrigger: I help run http://chat.illinois.edu
<cclausen> storrgie: what static routes do you need?  I thought you had everything on one subnet?
<storrgie> I am
<storrgie> but it keeps getting two gateways remember?
<storrgie> its ok right now
<storrgie> but it screwed up earlier
<cclausen> storrgie: in your case, I think you can just use the route command to remove the bad route
<storrgie> I would like to add a line to /etc/network/interfaces to specify the proper route
<storrgie> which should be to my gateway right?
<billybigrigger> cclausen, hmm...well i have configured jabber as per the doc on the wiki, and when i fire up empathy i can't seem to login to my server
<billybigrigger> either using my system username, or trying to create a new one via empathy
<cclausen> billybigrigger: what jabber server?  ejabberd?  can you get more debug info?
<cclausen> storrgie: http://www.cyberciti.biz/tips/configuring-static-routes-in-debian-or-red-hat-linux-systems.html
<billybigrigger> jabberd2
<cclausen> storrgie: but I don't think you need to add a route
<storrgie> hrm
<storrgie> well i can let it run for the night and try it out later
<storrgie> but i think it dropped the route
<storrgie> or picked up two 'defaults'
<TuxIce> Can I use bzr to manage non-open source projects?
<ScottK> Certainly.
<ScottK> Launchpad, not unless you pay them.
<cclausen> TuxIce: probably
<TuxIce> But, If I were to roll my own server, I could definatly use it for closed source projects?
<cclausen> billybigrigger: did you try creating an account from your jabber client?
<billybigrigger> yup
<billybigrigger> empathy is giving me network connection errors
<storrgie> cclausen: suggest i let the thing run for a while?
<cclausen> storrgie: if something is dynamically changing your routing table without your knowledge, you have bigger problems
<storrgie> cclausen: are you familiar with things that blog brute force attemps via logs?
<cclausen> storrgie: you mean block ?
<cclausen> storrgie: I use fail2ban to stop ssh brute force attempts
<storrgie> !fail2ban
<storrgie> hrm
<storrgie> i know there are others
<ScottK> TuxIce: Yes.
<TuxIce> Okay
<cclausen> billybigrigger: are you sure the server is running?  use netstat -ant to look for open ports.  I think 5223 for XMPP maybe?
<billybigrigger> 5222
<cclausen> 5223 is for SSL
<billybigrigger> tcp        0      0 0.0.0.0:5222            0.0.0.0:*               LISTEN
<cclausen> I hope you aren't sending your machine login and password over non-SSL
<billybigrigger> havent setup ssl
<cclausen> but yes, it looks like you have something listening on 5222
<billybigrigger> just trying to get this to work
<neverblue> if someone requests to view index.html, can I just have that request forward to my page index.php instead ? (in apache2 under Ubuntu)
<storrgie> cclausen: thanks for your help again tonight
<storrgie> ill catch you tomorrow
<storrgie> well see what happens in 24 hours
<cclausen> neverblue: you can, but is that REALLY what you want?
<neverblue> cclausen: well, I just want my localhost/ to go to ONLY my index.php page
<neverblue> even if another page, like index.html, is requested
<cclausen> try this: ErrorDocument 404 /index.php
<cclausen> (I'd put that in a .htaccess in /var/www)
<neverblue> under sites-enable/default ?
<neverblue> ah
<neverblue> i really need to understand .htaccess
<cclausen> that way ANY page requested goes to index.php assuming it doesn't exist otherwise
<cclausen> of course, if PHP breaks on your system, you could have real problems as 404 errors won't work
<cclausen> neverblue: a .htaccess can contain most of the options in the apache configs
<cclausen> it just goes in the directory with the web files
<cclausen> so that end-users can add to the configs themselves
<neverblue> well
<neverblue> can I ask a question about that then?
<neverblue> so I have apache2.conf, default under sites-enabled and now .htaccess
<neverblue> they can each share the same settings ?
<billybigrigger> cclausen, is there any better xmpp server than jabberd2?
<cclausen> billybigrigger: I use openfire myself, but you'd have to mess with getting java installed.  last I tried it didn't actually run with openjdk and I had to get the actual Sun/Oracle Java
<neverblue> for example, I can set DirectoryIndex index.php in any of the three ?
<cclausen> neverblue: sort-of  you can't define everything in .htaccess files
<cclausen> neverblue: yes, you can
<neverblue> .htaccess just applies to the one site
<cclausen> well, no
<neverblue> whereas apache2.conf will apply to all sites ?
<cclausen> .htaccess applies to a file path
<cclausen> multiples sites can reference that same path though
<neverblue> but since I just have a single site, the level at which i configure it, doesn't actually matter (in this case) ?
<neverblue> cclausen: true
<neverblue> let me try these changes
<cclausen> neverblue you have a single site NOW.  could change in future
<neverblue> do I need to restart the apache2 service, when I edit .htacces ?
<neverblue> .htaccess*
<cclausen> neverblue: you shouldn't
<neverblue> cclausen: thank you
<neverblue> didn't work
<cclausen> get error 500 ?
<neverblue> i had to create .htacccess
<neverblue> i was able to go to localhost/index.html
<cclausen> oh, that option didn't work?
<neverblue> no error...
<neverblue> then I tried localhost/bob.html
<cclausen> you might need to Allow Override to get .htaccess to work
<neverblue> and received an error
<cclausen> 404 error?
<neverblue> nope
<neverblue> oh sorry
<neverblue> yes, 404
<cclausen> hmm... do you have an AllowOverride none in default config file?
<neverblue> define: default config file ?
<neverblue> apache2.conf ?
<neverblue> 000-default under sites-enabled ?
<neverblue> i see it in 000-default
<neverblue> under the Directory /var/www/ directive
<neverblue> AllowOverride None
<cclausen> try AllowOverride FileInfo
<cclausen> and invoke-rc.d apache2 reload
<cclausen> more info here: http://httpd.apache.org/docs/2.2/mod/core.html
<neverblue> failed.
<cclausen> failed?
<cclausen> to work?  or to reload?
<neverblue> didnt do it as su :(
<cclausen> you changed the Directory /var/www/ part and not the Directory / part in the Directory tags ?
<storrgie> cclausen: quick question before i go to bed
<cclausen> ah, yeah, you need that
<storrgie> how can i test fail2ban
<neverblue> ah nice
<neverblue> works!
<cclausen> storrgie: install it
<storrgie> i got it
<storrgie> configured for ssh
<storrgie> i want to see if it will email me
<cclausen> storrgie: tell me your IP and I'll try and login a few times :-)
<neverblue> one last question: what is invoke-rc.d apache2 reload ?
<storrgie> excellent
<storrgie> pmed
<cclausen> neverblue: invoke-rc.d calls scripts in /etc/init.d
<neverblue> ah
<neverblue> so its just the same as /etc/init.d/apache2 restart
<neverblue> thanks for the patience cclausen
<neverblue> appreciated
<cclausen> neverblue: yes, exactly
<gregcoit> anyone have a suggestion how to figure out what's pulling a package in when aptitude why doesn't tell me?
<ScottK> That's my usual method.
<cclausen> gregcoit: apt-cache rdepends package ?
<dominicdinada> !samba
<ubottu> Samba is the way to cooperate with Windows environments. Links with more info: https://wiki.ubuntu.com/MountWindowsSharesPermanently and https://help.ubuntu.com/9.10/serverguide/C/windows-networking.html - Samba can be administered via the web with SWAT.
<gregcoit> cclausen: I'll try that one - thanks
<storrgie> cclausen: what is best default action for ufw?
<cclausen> storrgie: forget ufw
<cclausen> use iptables to view rules
<cclausen> and there should be a fail2ban log file somewhere in /var/log ?
<storrgie> yep i saw it
<cclausen> should log when IPs get blocked
<storrgie> but i was thinking i would use uwf to drop all by default
<cclausen> blocks them for 1 hour by default I think
<storrgie> cept for ones to my ssh
<cclausen> yeah, you can use ufw
<cclausen> !ufw
<ubottu> Ubuntu, like any other Linux distribution, has firewall capabilities built-in. The firewall is managed using the 'ufw' command (see https://help.ubuntu.com/community/UFW), or 'iptables' (https://help.ubuntu.com/community/IptablesHowTo). GUI frontends such as Firestarter/Gufw (Gnome) or Guarddog (KDE) also exist.
<storrgie> cclausen: wrote this:
<storrgie> http://blog.agdunn.net/?p=205
<storrgie> but didnt know if it was good
<cclausen> yeah, that looks good
<gregcoit> strange, klogd and sysklogd are getting pulled in and replacing rsyslog (lucid's default) and I can't figure out what's pulling them in
<storrgie> uh oes
<cclausen> storrgie: you have a Norco 4220 ?  nice case?
<storrgie> cclausen: how do i allow samba via ufw?!
<storrgie> cclausen: yes sir!
<storrgie> cclausen: bought it and enough drives to fill it as a graduation gift
<cclausen> storrgie: hmm... samba probably requires much pain.  many ports and such.  I'd search around for someone's script for samba
<storrgie> 8 Hitachi 2TiB and 9 WD 1TiB (1001FALS)
<cclausen> storrgie: cool
<cclausen> storrgie: any idea how much power that uses off-hand?
<cclausen> have a kill-a-watt handy?
<storrgie> ahh
<storrgie> well
<storrgie> i do
<storrgie> I could check
<storrgie> I have not checked since I installed the Hitachi drives
<storrgie> lemme check my APC
<storrgie> http://pastebin.com/TX3ZCTYr
<storrgie> i can do a killawatt tomorrow if you email me
<storrgie> otherwise i will forget
<storrgie> and it will let me test unplugging my UPC
<storrgie> :D
<cclausen> looks like around 320 VA for load then?
<storrgie> yeah
<storrgie> the drives are not cranking right now
<cclausen> I'd like to know the wattage measured on kill-a-watt
<storrgie> i was doing a diff earlier
<storrgie> over 1000MBs
<cclausen> yeah, an idle and a max running a benmark on all drives would be good to know
<storrgie> that makes the consumption increase a little
<cclausen> yeah
<storrgie> well email me, I'll send you the info
<storrgie> root@agdunn.net
<dominicdinada> storrgie: well ssh is working local
<TuxIce> Say I had a php script, and I wanted to create a deb that made a vhost for apache2, and installed this php script. How would I go about doing that?
<cclausen> TuxIce: http://www.debian-administration.org/articles/336
<TuxIce> THank you.
<pwnguin> that link wasn't actually very helpful that i can see
<pwnguin> beyond just making a .deb package
<cclausen> isn't that what he asked?
<pwnguin> you should also consider the draft webapp packaging guidelines
<pwnguin> ive been considering this very same queestion myself to get a persoal weave server packaged in debian
<pwnguin> http://webapps-common.alioth.debian.org/draft/html/
<pwnguin> TuxIce: don't forget to set permissions and ownership for apache
<TuxIce> pwnguin: ?
<pwnguin> your php script
<TuxIce> Oh, script ownershipt?
<pwnguin> bingo
<TuxIce> Like www-data and such? Yes yes, of course :)
<pwnguin> theres also http://webapps-common.alioth.debian.org/draft-php/html/
<pwnguin> they're both drafts, but perhaps they can jog your memory / thought process
<TuxIce> Thanks very much :D
<pwnguin> actually, it looks like the php one is crap
<TuxIce> I'm very novice, so the more the marrier.
<cclausen> TuxIce: I'd apt-get source on some other php package and look at how things are setup
<TuxIce> Seems like its an ever ending novice. :/ So much to learn, been at it 3 years and am still scratching the surface.
<cclausen> I can't think of a small one that would be good though
<TuxIce> Yea, I'm looking at the drupal one right now.
<TuxIce> What would be the best way to distribute deb packages? A roll your own repo?
<cclausen> maybe
<cclausen> you coul also just copy the deb file around
<cclausen> depends how many machines you need to deploy to I guess
<TuxIce> Hmm
<TuxIce> Okay, last question for the night.
<TuxIce> Anybody have a link to the launchpad doc on how to install launchpad server on ubuntu?
<ScottK> It's non-trivial.
<ScottK> If you want to roll your own repo, that's not the way to do it.
<TuxIce> Different issue.
<TuxIce> And, nevermind, found the announcement.
<ScottK> OK.
<TuxIce> Alright, so long, and thanks for all the fish
<pschulz01> Greetings... I have just installed and upgraded 9.10 and I'm getting the 'motd' file displayed twice when I login... anyone seen this before? how do I fix it?
<cclausen> pschulz01: is teh same info in /etc/motd twice?  or is it literally being displayed twice?
<pschulz01> cclausen: same info in /etc/motd twice.
<cclausen> pschulz01: edit the file, remove duplicate info
<pschulz01> eg. running 'run-parts update-motd.d > motd' doesn't solve the problem.. the fileitself is OK.
<pschulz01> cclausen: (Does that make sense?)
<cclausen> pschulz01: yep
<cclausen> pschulz01: just edit yourself
<cclausen> its just text.  shouldn't harm anything
<pschulz01> Hmm.. the file will still be shown twice though.
<pschulz01> I mis-understood your question.
<pschulz01> It's being displayed via pam.. but maybe by 'profile' as well somewhere.
<cclausen> ah, ok
<chillindave> Is there a chance that someone here has experience with reverse proxy?  I keep getting re-directed to different channels and no one will answer my question, so I'm hoping someone here can.  I want to run an application (php) on one server, but send the file uploads straight to a backend server.  I'm just not sure how to direct the file being uploaded to the backend server.
<dominicdinada> not sure
<twb> Reverse proxy of what?
<cclausen> chillindave: you should be able to do that with mod_proxy under apache
<cclausen> twb: I assume he means reverse proxy between web servers
<dominicdinada> cclausen, ok I am having a slight problem with my network
<chillindave> cclausen, What I'm having a hard time with is figuring out how to send the file to the backend server without the script also sending the user to the backend server.
<cclausen> chillindave: ProxyPass and ProxyPAssReverse
<prestonc> anyone here know how to easily setup ubuntu to run PHP under fastcgi?
<twb> cclausen: wouldn't nginx or something be easier?
<cclausen> twb: how so?  for simple configs its like 8 lines for apache
<cclausen> prestonc: I'm using fcgid right now, not exactly the same as fsatcgi though
<prestonc> hmmm
<twb> cclausen: shrug.  I guess just don't like apache.
<twb> +I
<cclausen> this is old, but I think it is still applicable today: http://www.apachetutor.org/admin/reverseproxies
<uvirtbot> New bug: #575572 in quagga (main) "Ospf6d aborts on start if 'ipv6 ospf6 advertise prefix-list' is applied to an interface" [Undecided,New] https://launchpad.net/bugs/575572
<dominicdinada> can i auto say eth1, wlan1, wlan2 ? with out them conflicting ?
<lifeless> yes
<twb> You can even put them on the same line: "auto eth0 wlan0 wlan1"
<twb> I believe they're still booted in sequence, not parallel, though :-(
<dominicdinada> ok :P
<uvirtbot> New bug: #575573 in nut (main) "libusb_get_interrupt: Connection timed out" [Undecided,New] https://launchpad.net/bugs/575573
<jetole> Hey guys. I am setting up or, well changing my preseed on a server and one item I just changed is that hostname is assigned via dhcp however the installer is still asking me to set the hostname. It shows the dhcp assigned hostname by default but how can I make it auto use this hostname without asking me about it?
<\sh> moins
<twb> jetole: are you using "auto" to make it defer most options until DHCP is done?
<twb> jetole: do you *know* (i.e. packet sniffing) that DHCP is providing a host name?
<jetole> twb yes I am using auto and yes I know it's providing the hostname because it's not the default hostname. for example if you install without preseeding and when it asks you for a hostname, it says ubuntu there as the hostname and you just backspace and type in whatever hostname you like however for this host the hostname appearing is static1 which is whats set in dhcp however it's still asking me and having me hit enter to accept
<jetole> twb. I just found this while reviewing the example preseed file for 10.04 d-i netcfg/get_hostname string unassigned-hostname
<jetole> d-i netcfg/get_domain string unassigned-domain
<jetole> which I didn't have as previously I was using the boot parameters for setting a hostname
<jetole> so let me try that
<jetole> nope. It's still asking me
<jetole> twb: if you don't mind, can you look at this and see what I am missing? This is happening with both 9.10 (the one I used previously) and 10.04 (the one I haven't completed a preseed install on. http://pastebin.org/202563
<twb> Sorry, I was asleep
<twb> Looking...
<twb> Oh, I won't know what's missing off the top of my head
<twb> You want to apt-get install installation-guide-amd64 or so, and look at the appendix on preseeding
<jetole> thanks
<jetole> twb: do you happen to know where I can get a list of all preseed options?
<jetole> d
<twb> the source
<twb> It changes from release to release, too
<twb> Obviously most options are just debconf, so you only really need to consider d-i's preseed options as a special case
<uvirtbot> New bug: #575603 in vsftpd (main) "package vsftpd 2.2.2-3ubuntu6 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/575603
<uvirtbot> New bug: #569524 in rhythmbox (main) "Rhythmbox crashes on start with segmentation fault (dup-of: 529714)" [Undecided,Invalid] https://launchpad.net/bugs/569524
<noaXess> hi all
<noaXess> what about this cpu and ubuntu server? Intel Xeon W3540: QuadCore
<noaXess> no problem, right?
<teep_> Hello all. I have a problem logging in on an Ubuntu 8.04 server. Via SSH I get a timeout after entering a password; via console I don't even get the password prompt, it just sits after I enter my username. HTTP and FTP daemons seem to work fine.
<teep_> anybody any idea what might be up?
<noaXess> teep_: have you searched the logs.. or tailed them, while you are loggin in with ssh?
<teep_> I couldn't... couldn't log in... anyway, I rebooted (the hard way) and I can login again... now trying to find what the hell was up
<teep_> Searching the logs I find a lot of failed login attempts on SSH... looks like a brute force attack... could that have locked ssh AND the console up?
<Jie_Sheng> Hi, i am on ubuntu server 10.04_64. i got apache2 and openssh running. i expose both 22 and 80 through port forward (router working ok as port8080 forward to win xp working fine) but when i attempt to access from external network, connection timed out occurred. currently checking the port with canyouseeme.org
<Pirate_Hunter> can someone help me understand why bonding as mode=4 isn't working correctly in lucid, I have followed the intruction found in /usr/share/doc/enfslave/example/... combining two wired nics just as stated in the release notes yet only one card actually sends and receives data in contrast to both working at the same time?
<Jeeves_> Pirate_Hunter: How many clients are using it?
<Jeeves_> It does some hashing
<Jeeves_> so if you're just using one client, you might always end up on the same nic
<Pirate_Hunter> Jeeves_, huh... hashing, one clinet/server
<Pirate_Hunter> client*
<Jeeves_> Pirate_Hunter: it 'selects' a nic per client
<Jeeves_> so if you're only using one client, you will only be using one nic
<Jeeves_> it's not possible to do 2gbit between two boxes using lacp/bonding
<Pirate_Hunter> nope both nicks are seen as slaves but when testing only one nic is actually receiving signal , the kernel log states that one of the nics keeps being put down which is annoying
<Pirate_Hunter> I will never fully achieve such speeds but having two nics as lacp should improve the sending and receiving data over the lan and internet
<Jeeves_> Pirate_Hunter: And the switch on the other side is configured the right way?
<Pirate_Hunter> hmmm, I have no switch using a modem router which should allow lacp, most is set up through the kernel
<Jeeves_> Pirate_Hunter: A modem which does lacp? :)
<Jeeves_> That's unusual :)
<Jeeves_> (or at least useless, for most routers)
<Jie_Sheng> Jeeves_: i got a server box (10.04_64) which block (connection timed out) external access to it (ssh and apache2), you have any idea what causing it? any idea any log i could see if there a error? (router working ok as i got another 8080 port forward to win xp machine)
<Pirate_Hunter> I dont actually have an lacp switch im just trying to achieve better speeds with two nics through the modem router
<Pirate_Hunter> I would have expected it to work, it did with bond 0 on 8.04
<Jeeves_> Pirate_Hunter: You will probably end up with a bond0, with one usable interface.
<Jeeves_> Your router/modem will probably be your bottleneck anyways
<Jeeves_> Jie_Sheng: Is apache running?
<Jeeves_> Can you reach it from the inside?
<Jeeves_> Does it have a default gateway?
<Jie_Sheng> apache is running
<Jie_Sheng> eth0 gateway?
<Jie_Sheng> i didnt configure any
<Jie_Sheng> my router modem does dhcp
<Jeeves_> Can you ping anything on the internet?
<Jeeves_> (from that specific server, that is )
<Jie_Sheng> yes, it is able to ping
<Jeeves_> do you have a firewall configured?
<Pirate_Hunter> Jeeves_, hmm so the bond0 is actually working the hardware im currently working with is what's the problem... hmmm in that case might go back to mode 0 as that would seem as the best choice at the moment
<Jie_Sheng> ufw is disabled
<Jie_Sheng> when i ifconfig -a it show this
<Jie_Sheng> inet addr:192.168.1.68  Bcast:192.168.1.255  Mask:255.255.255.0
<Jie_Sheng> does it still need a gateway?
<Jeeves_> Jie_Sheng: pastebin `sudo ip ro list`
<Jie_Sheng> 192.168.1.0/24 dev eth0  proto kernel  scope link  src 192.168.1.68
<Jie_Sheng> default via 192.168.1.254 dev eth0  metric 100
<Jeeves_> !pastebin
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://tinyurl.com/imagebin | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<Jeeves_> Jie_Sheng: That's what pastebin is :)
<Jie_Sheng> ok sry
<Jeeves_> Jie_Sheng: I would expect an issue with your router than
<Jeeves_> if the box is ok, and apache is running
<Jeeves_> than the portforward must be broken
<Jie_Sheng> erm
<Jie_Sheng> i check the portforward rule, is correct and there is a portforward to my winxp machine which is working fine
<Jeeves_> ok
<Jeeves_> than everything if fine, and working.
<Jeeves_> Right?
<Jie_Sheng> i can access from external network still =(
<Jie_Sheng> but as of what it is now, the server should be alright correct?
<Jeeves_> So it isn't ok.
<Jeeves_> if apache is running, and reachable on the internal network on port 80, i'd expect the server to be ok, yes
<Jie_Sheng> does running on vmware affect anything? the network if bridged
<Jeeves_> You're running vmware on your XP box?
<Jie_Sheng> erm
<Jie_Sheng> win7 box
<Jeeves_> Ah, no clue than
<Jeeves_> No clue what Windows or Vmware might be doing in between
<Jie_Sheng> erm
<Jie_Sheng> ok thanks for the help! =D
<Jeeves_> np
<tdn> What do I need in order to have a blank machine boot up via the network, so that I can give it an iso or something to boot from? What packages should I look into?
<pmatulis> tdn: do you want a diskless client?
<tdn> pmatulis, no, but is only has a blank disk from start.
<tdn> pmatulis, I want to install it from network.
<pmatulis> https://help.ubuntu.com/community/Installation#Installation without a CD
<tdn> pmatulis, thanks.
<halvors> How can i install all ebox modules?
<halvors> from apt?
<halvors> i typed "sudo apt-get install ebox"
<pmatulis> halvors: aptitude search ebox-
<pmatulis> that will give the modules
<pmatulis> example: p   ebox-dns                                                               - eBox - DNS Service
<pmatulis> so then,
<pmatulis> aptitude install ebox-dns
<thesheff17> is anyone here using pxeboot with a preseed.cfg...I have everything working except when the server has more than one drive it prompts me to write changes to disk
<halvors> thanks
<halvors> I need a hosting panel like Vitrualmin with runs unser webmin, some ideas?
<halvors> ???
<halvors> ???
<halvors> ???
<halvors> ???
<halvors> ???
<zul> as said before webmin is not supported under ubuntu
<jetole> Hey guys. In ubuntu 10.04 I am getting prompted to confirm I want to write to my partition when I do a preseed install on a server however this exact same preseed config on ubuntu 9.10 didn't require me to do that. Am I missing something in my config or is there a new option I need to know about? I can't find much googling it but here is my config: http://pastebin.com/bJdnwAAB
<halvors> I ask you, do you know about some good hosting panels LIKE virtualmin?
<halvors> i dont ask if it supported by ubuntu:P
<jetole> halvors: you're in the wrong room
<TuxIce|Idle> bbl, going to install Ubuntu
<technovert> Does anyone know how to disable processor scaling (cool n quiet) without using the bios
<technovert> i don't want to request an IP KvM to do it, but its causing issues with some gameservers
<jetole> technovert: I kinda doubt that
<jetole> Processor scaling should... on second thought I don't know enough about it to comment
<jetole> so yeah. retract what I said about doubting it
<technovert> i'll keep looking through the forums
 * jetole runs a small cluster of ubuntu vm host servers each running between 6 and 18 hosts and I have never had an issue with processor scaling 
<technovert> i'm fairly certain its causing me issues with source dedicated server (steam)
<jetole> halvors: you haven't left yet?
<jetole> technovert: how come?
 * jetole wonders what scaling support the server edition even has. Seems like something that would probably be disabled on a server edition of the OS
<soren> technovert: Sure.
<soren> technovert: Just removing powernowd should do it.
<ScottK> jetole: Encouraging people to leave who've asked on topic questions is not something we generally encourage.
<technovert> which isn't installed
<technovert> cat /sys/devices/system/cpu/cpu0/cpufreq/scaling_available_governors
<technovert> conservative ondemand userspace powersave performance
<technovert> i'm thinking i can just change it to performance
<technovert> and be good to go lol
<technovert> for each core
<soren> technovert: Sure, if you want to do that every time  you boot.
<jetole> wtf @ program debconf-get-selections. It gets the selections made from when I installed ubuntu but afaik it's in a complete random / non sequenced order. Like I'm deleting all bits not related to disks / partitions in the output so I can look at the output for disks but it's intermixed with all parts of the rest of the install
<jetole> ScottK: no I was refering to halvors. The guy who asked the specifically off topic question
<technovert> Package powernowd is not installed, so not removed
<jetole> 09:02 < halvors> i dont ask if it supported by ubuntu:P
<technovert> its the kernel doing this
<jetole> ScottK: they are the people you do encourage to leave
<ScottK> jetole: It was still a server related question,  In any case encouraging him to leave, isn't really the way things are generally done.
<CrummyGummy> Ohiya, I'm trying to install ubuntu server. I got a similar issue as this guy and #8 fixed the problem. Just mentioning it...
<CrummyGummy> http://ubuntu-virginia.ubuntuforums.org/showthread.php?t=1412115
<technovert> solved my issue :)
<technovert> didn't end up needing an IPkVM
<jetole> ScottK: well first off a server in general question especially when they say it's not for ubuntu in a ubuntu server room is deliberately off topic and no. People don't typically ask off topic to leave but instead just tell them they are in the wrong room and we don't discuss that here but I thought I would try a different approach since his question seemed almost aggresive in nature. As much so as coming here to ask about active directory on windows ...
<technovert> hopefully this solves my ingame slowness
<jetole> ... server 2k8
<technovert> thanks everyone
 * jetole goes for a smoke
<soren> jetole: He asked for alternatives to virtualmin, clarifying that he wasn't asking whether virtualmin was supported on Ubuntu. That's both on topic and not aggressive as far as I can see.
<Error404NotFound> is there something like freebsd jails in ubuntu? I want to create a jail of hardy inside lucid to test some php stuff. Or is my best bet vbox?
<jetole> Error404NotFound: chroot
<soren> jetole: And for the record: Comments like these are not acceptable: 13:09 < jetole> halvors: you haven't left yet?
<jetole> soren: I'll refrain
<soren> Please.
<jetole> however he was asking for something that doesn't have to be supported by ubuntu which sounds to me like he's not using it
<soren> jetole: a) I already explained, and b) that doesn't justify your behaviour.
<jetole> soren: I've been working on a preseed problem for about 10 hours now. Maybe I'm just agrevated
<jetole> soren: I didn't say it justified my behaviour
<jetole> as per my behaviour I said I would refrain from doing it again
<soren> ...and then you went on to attempt to justify it.
<soren> Anyway, just don't do it again.
<soren> halvors: I don't think we have anything in the Ubuntu archive that does what virtualmin does, I'm afraid.
<jetole> no I didn't. I was referring to halvors . My behaviour and his comment are not directly related. If I am wrong about something it doesn't make the other person right. So while my comment may have been out of line it doesn't mean I now I have to assume everything he said was magically right
<jetole> anyways. This has gone on too far. I said I would refrain so let's consider the issue settled please
<soren> Quite.
<ScottK> Fair enough
<jetole> me goes back to trying to fix preseed
<jetole> s/me/\/me/
 * drusepth bursts from the shadows and licks soren 
 * drusepth goes back to lurking
<pmatulis> wow
<jetole> I was just about to say "wow" too
 * ScottK hopes they are on good terms
 * soren blinks
<jetole> Is anyone familiar with debconf-get-selections?
<soren> Sure.
<jetole> soren: if something is not a comment line and does not start with d-i, is that an option?
<jetole> I am trying to figure out why my preseed.cfg is asking me to confirm the partition writes on 10.04 when the same preseed.cfg doesn't on 9.10
<jetole> soren: for example is "partman-xfs     partman-xfs/no_mount_point      boolean" something I can include in my preseed.cfg?
<soren> The first word on the line is the package that owns the question. Usually. The installer is a bit special this way.
<jetole> so partman-xfs is the package and d-i is a package?
<soren> jetole: Hmm... It's been a while. Let me think.
<jetole> actually, well wait
<jetole> I am looking at my current preseed now (as opposed to the debconf-get-selections) and I see the postfix lines start with postfix
<jetole> so I think you're right
<soren> I am. It says so in the docs. :)
<jetole> which doc are you reading?
<CrummyGummy> Wasn't there an ubuntu-server package at one point?
<jetole> CrummyGummy: there still is
<soren> jetole: debconf-set-selections
<jetole> it's the base install for the server
<soren> jetole: No, there's not.
<jetole> no?
 * jetole looks
<soren> CrummyGummy: I don't believe there ever was. It's been a loooon time, if there has.
<CrummyGummy> oh
<CrummyGummy> Is there an equvalent package?
<soren> CrummyGummy: You can use tasksel or "apt-get install ubuntu-server^" to install the server task, if that's what you want.
<soren> CrummyGummy: Depends. Since it doesn't exist, it's hard to say what an equivalent package would look ike.
<soren> like.
<CrummyGummy> Thaks
<jetole> soren: I guess you're right but I was under the mistaken impression there was... that it was like the antonym to ubuntu-desktop
<CrummyGummy> That was my impression too. Just trying to pick up the pieces after this disaster of an installation.
<Omahn> I've just done my first preseeded build of 10.04 and I've got an ext2 /boot partition, is that expected?
 * jetole looks at his. one min
<jetole> Omahn: yes it is
<jetole> I have it too on mine
<Omahn> Strange. I wonder if this is a concious decision or a regression..
<jetole> Omahn: did you get prompted to confirm writes to partitions when you did the preseed
<jetole> ?
<jetole> I'm having an issue with that now on 10.04 that didn't exist with the same script on 9.10
<Omahn> jetole: Yes, I did funnily enough. I need to preseed that out :-)
 * jetole sighs
<jetole> yeah I am looking for the answer now
<jetole> I'll share if I find it
<Omahn> Likewise :-)
<jetole> Is that like the only thing that popped up?
<Omahn> Yes, everything else went through fine.
<jetole> ha
<jetole> yeah we're both up the same creek
<Omahn> I'm just about to run through the installer with debugging enabled, this should show us the question that needs preseeding: http://d-i.alioth.debian.org/doc/internals/ch02.html#id319503
<jetole> there's a debugging option?
 * jetole reads the url
<jetole> I've been tryin to parse the output from debconf-get-selections --installer which is a mess of a file it makes
<jetole> Omahn: do you have any experience debugging? Any advice you want to give on how to set this up and manage it?
<Omahn> jetole: I've done it before and IIRC it writes details regarding each debconf question to the syslog so it's relatively easy to track down the question at fault.
<Omahn> jetole: Adding that 'debconf/priority=medium' to the boot kernel parameters should be enough.
<jetole> Omahn: thanks. Also I just found adding BOOT_DEBUG=2 to the boot options should work too. I'm gonna do both knock on wood and try again right now and see what happens
<Omahn> jetole: Cool, it's worth a try.
<Omahn> jetole: I've just posted to the ubuntu server mailing list about /boot on ext2.
<jetole> Omahn: I believe you can set it to whichever FS you like through custom partition layouts and what not but I have always sided with ext2 on /boot since I don't need journaling. Except for the occasional update that partition isn't too active after I boot on any system from server to workstation to laptop to home pc
<jetole> so yeah. ext2 is fine on /boot for me
<Omahn> jetole: It's probably fine here too but I'm just curious if this was a policy decision or a regression.
<jetole> I don't know about regression. It uses ext2 by default on my 9.10 preseeds as well but I don't know about policy decision either and all my systems from before 9.10 didn't use preseed so I don't know but letting you know what I see from what I have
<jetole> Omahn: https://help.ubuntu.com/10.04/installation-guide/amd64/boot-parms.html
<halvors> OK, thanks ;)
<jetole> I'm going for another smoke. bbiab
<Xperianer> having problem with dmraid in lucid. with dmraid -ay everythings working finde, raid activated und functional. but the drive appears three times under nautilus. 2nd problem dmraid didn't start during system power up. any ideas how to solve?
<Xperianer> ... using mirror raid on fakeraid adapter
<jetole> now I need to find a way to send ctrl+alt+f2 over vnc
<hggdh> smoser: ping
<smoser> hi
<hggdh> morning, sir. Can I use the rig for a bit?
<smoser> indeed.
<smoser> hggdh, i think i'm done with it for a while. we need to get some hard debugging done on what is going on with the 200OK response from the data center.
<smoser> bug 566792
<hggdh> smoser: thanks. I want to check on the [null] we were getting there
<uvirtbot> Launchpad bug 566792 in eucalyptus "UEC guests sometimes fail on consuming user data (metadata service isn't ready)" [High,Confirmed] https://launchpad.net/bugs/566792
<smoser> i think that my changes might have helped with that.
<smoser> maybe
<smoser> oh wait.
 * hggdh is waiting
<jetole> does anyone know how I can send ctrl+alt+f2 over VNC? I'm having some issues finding it.
<cclausen> jetole: you want to get to a console tty from VNC ?
<smoser> hggdh, do you know, when you see 'null' , do you see a 'Started' info message with 'null' ?
<smoser> i dont think so
<hggdh> this is one of the things I want to check, I will be running in debug, with your changes in
<cclausen> jetole: I don't think you can do that as it would take you out of X and out of the current video mode, likely messing up VNC and your connection.  Just ssh in and run commands that way.  should be mostly the same
<jetole> cclausen: I'm not in X
<jetole> this is a virtual machine running on one of my servers in the data center and it's doing a new ubuntu server install which is console already running on tty1
<smoser> hggdh, so one (somewhat legit) scenario where you can get 'null' is when the printstats fires after 'Starting' but before the output is collected
<cclausen> jetole: so you use VNC to connect to the VM?  What virtualization technology?
<SirDerigo> hi guys, good morning.
<jetole> kvm though any virtualization supported via libvirt will work
<jetole> just run virt-install with the --vnc --no-autoconsole options
<SirDerigo> did any of you guys have created an active directory like domain using samba?
<smoser> that explains 'not-tested' nulls
<hggdh> smoser: yes, but they should be replaced as time goes by
<smoser> yes
<hggdh> and they do not seem to
<jetole> cclausen: then when I want to connect to a host, I connect to the virt host, do a "ps -FC kvm | grep hostname" and then "netstat -tpeln | grep pid" to know which port that particular vm is running on and then I disconnect from the host and reconnect again with ssh -L 5900:localhost:5905 (if 5905 is the port) and it forwards 5900 on my machine to 5905 on the remote machine.
<jetole> SirDerigo: I want to but am waiting on samba 4 (if it ever gets here) since active directory on samaba 3.x is only win2k and below compatible
<jetole> samba for has been in alpha for at least 8 months maybe longer
<jetole> *samba 4
<jetole> probably longer
<SirDerigo> jetole, now i understand why my windows 7 test box dont conect with the domain
<smoser> hggdh, on failed start, the instance isn't deleted at all
<smoser> errStarted doesn't clean it up.
<smoser> i think it should move the state to 'failed'
<jetole> SirDerigo: Probably not. As far as I know a windows 7 box can connect to windows 2k server running AD
<smoser> or maybe a new state 'failed-to-start'
<SirDerigo> there is another way of getting something like an active directory domain under my ubuntu server machine?
<jetole> SirDerigo: nope
<hggdh> probably failed-to-start, since we do not have an  instance-id at this point
<jetole> at least not as far as I know
<cclausen> jetole: actually, samba 3.x emulates an NT4 domain and NOT a Windows 2000 or newer active directory.
<jetole> their are lots of client applications for AD
<smoser> hggdh, yeah.
<jetole> cclausen: win2k uses the NT4 AD tech
<hggdh> will look at it
<jetole> cclausen: just as win2k8 uses win2k3 tech
<SirDerigo> i dont want to buy a windows 2008 server license!
<jetole> win2k3 was basically a new AD release from the old revision
<jetole> SirDerigo: windows 7 can connect to a windows 2k active directory server afaik
<jetole> windows 2k AD doesn't have all the features of win 2k3 AD (i.e. you still need a PDC with no options for multi master) but it should do everything you need
<cclausen> jetole: uhh, sort-of, but not really.  Windows 2003 AD introduced Kerberos support.  an NT4 domain is NTLM authentication only
<cclausen> jetole: I think you are confusing NT4 and windows 2000
<jetole> cclausen: that sounds right. I know use kerberos but I have never used a NT4 domain
<cclausen> err, sorry, windows 2000 introduced Kerberos support
<hggdh> smoser: do you need the logs saved?
<jetole> cclausen: no I am discussing AD. The only diff between NT4 and win2k is a schema update same as the only diff between 2k3 and 2k8
<smoser> hggdh, no.
<jetole> cclausen: I don't think kerberos was before 2k3
<jetole> in fact I am pretty sure 2k used NTLM
<jetole> I vaguely remember discussing that with a coworker back when 2k was still new
<Omahn> jetole: That boot parameter we needed was 'DEBCONF_DEBUG=developer' from this page: https://wiki.ubuntu.com/Installer/FAQ
<Omahn> jetole: And the preseed question is critical partman-lvm/confirm_nooverwrite I think, or at least that's the last question logged in syslog.
<jetole> Omahn: ok. Thanks. Let me look at it quickly
<jetole> Omahn: I'm still not sure how to access syslog during the boot since I access my VM's via VNC
<Omahn> jetole: Ah, that might be a problem :-)
<jetole> yeah it seems to be
<jetole> I'm going to try that option
<Omahn> jetole: Bugger. Still prompts.
<hggdh> smoser, which image is what there, right now?
<jetole> Omahn: that should be true? I see it set to false in my debconf-get-selections so I am thinking it should be true
<Omahn> jetole: I just tried:
<Omahn> d-i partman-lvm/confirm_nooverwrite boolean true
<Omahn> and it still prompts.
<smoser> release-20100427.1 is the release, pristine
<jetole> :(
<smoser> if you're running tests, i'd prefer you to run with debug-20100427.1-1
<smoser> its the same, just with longer timeouts and some debug to the console (which shows the '[200] OK' problem)
<Omahn> jetole: I'm out of time for today unfortunately so I'll pick this up again tomorrow, if you manage to get it cracked I would *really* appreciate a quick PM with the details :-)
<jeiworth> hi
<cclausen> jetole: Windows 2000 definately used Kerberos.  I remember dealing with Kerberos IV -> Kerberos 5 password problems when we implemented AD here.  Windows 2000 also introduced group policy, which is a major feature that NT4 domains do not have.
<hggdh> smoser: will run the debug version, then
<smoser> its kind of required to get the overall improvement on waiting longer
<smoser> as if the image doesn't wait longer, the test is going to fail
<jeiworth> we are now having 3 ubuntu servers and 2 desktops running in the company so i was thinking arming anotheer 4th server as local repo. now i have been googleing a bit but not found a really good howto on how to implement this.. e.g. how can i mirror a public repo regularly, a friend suggested a simple rsync-script triggered by cron?
<mcas> jeiworth: do you want a mirror or a cache?
<jetole> cclausen: ok. I will take your word for it since I wasn't certain
<cclausen> jetole: you don't have to believe me: http://technet.microsoft.com/en-us/library/bb742431.aspx
<jeiworth> mcas: good question, what is the difference? i suppose cache just holds the packages actually being asked for by the systems and mirror well mirrrors everything, so in this case i would like a cache to not waste too much space
<jetole> cclausen: I am certain however though that win2k was essentially the same version of AD as NT4 where 2k8 is the same version as 2k3
<cclausen> there was no AD in NT4
<jetole> cclausen: I don't have to but I already told you I did
<mcas> jeiworth: apt-get install apt-cacher-ng
<mcas> :-D
<cclausen> but whatever.  I guess it does not matter, other than using samba 3 is not a replacement for using AD
<jeiworth> mcas: X-D
<jeiworth> mcas: ok thx, will take a look, i feared it was just as simple as that ;)
<mcas> jeiworth: echo âAcquire::http { Proxy âhttp://localhost:3142â³; };â | sudo tee /etc/apt/apt.conf.d/01proxy
<jetole> It also doesn't matter because I don't care that much. I'm still trying to get ubuntu preseed to work on ubuntu 10.04
<mcas> on your clients you have to substitue localhost ;-)
<mcas> you can use this with any repo ...
<jeiworth> mcas: right, and if i understand you correctly the 01proxy-file i can just copy to all systems and it will automatically pull it on the next update?
<mcas> yes
<mcas> but you have to change localhost to your "server-ip"
<jeiworth> mcas, righto, sounds very interesting :)
<mcas> jeiworth: it is very nice... i use this on work, too. and you save lot of time by using your cache
<jeiworth> <mcas> but you have to change localhost to your "server-ip" n<-- yes, obviously ;)
<gswain> so i tried to install the latest LTS last night with software raid 10 with LVM for / and when I tried booting it said it couldnt find my volum Group (I suspect it coiuld not have possibly had time to synch my 1 tb raid 10) any ideas?
<gswain> im just not sure what the issue could be
<gswain> i use this config on lots of servers
<gswain> but this is my first try with ubuntu
<jeiworth> mcas: ok, skimming through the man page and some whotos this pretty much seems like exactly what i am looking for, thanks a bunch! :D
<mcas> jeiworth: yw
<icullen> hi, is anyone familiar with LTSP in 10.04?  I can't boot clients.  It says "Error: failed to connect to NBD server" then dumps the client to a busybox shell.  9.10 worked OK
<gswain> is raid 10 and lvm just not recommended during server setup?
<pmatulis> icullen: #ltsp might be better
<gswain> hello?
<pmatulis> gswain: hello
<stephank> I'm using reprepro to build a local repository, but for some reason apt is not picking up the repository's Origin, Label, Suite, etc. (ie. "apt-cache policy" doesn't show a "release ..." line for my repo. I use it for pinning.) What am I missing in my reprepro setup?
<gswain>  i tried to install the latest LTS last night with software raid 10 with LVM for / and when I tried booting it said it couldnt find my volum Group (I suspect it coiuld not have possibly had time to synch my 1 tb raid 10) any ideas what i could have done wrong?
<cclausen> gswain: grub install could have gone wrong or RIAD itself.  did you read the release notes?
<smoser> zul, around ?
<gswain> no im not sure how, im kind of new to ubuntu\
<zul> smoser: perhaps
<zul> smoser: whats up?
<smoser> i'd like a sponsor/review of http://bazaar.launchpad.net/~cloud-init-dev/cloud-init/lucid/revision/21?start_revid=21
<smoser> oops
<smoser> https://bugs.launchpad.net/ubuntu/+source/cloud-init/+bug/571271
<uvirtbot> Launchpad bug 571271 in cloud-init "uec images should wait longer for metadata service" [High,In progress]
<zul> smoser: sure lemme point you at https://wiki.ubuntu.com/StableReleaseUpdates#Procedure
<smoser> zul, have i missed something ?
<zul> lemme go check
<smoser> because i've walked through that.
<smoser> up until step '4'
<smoser> which is 'upload fixed package'
<zul> smoser: didnt see that just saw the branch
<zul> smoser: ill upload it now
<zul> smoser: done
<smoser> zul, thanks
<zul> no probs
<halvors> I got some problems with my email server:
<halvors> 'http://paste.ubuntu.com/428366/
<halvors> http://paste.ubuntu.com/428366/
<halvors> No answers?
<cclausen> halvors: what does your /etc/hosts file look like?
<cclausen> err, nevermind, that is just a warning.  I suspect the real problem is the: Fatal: Plugin cmusieve not found from directory /usr/lib/dovecot/modules/lda
<cclausen> perhaps you need to install that plugin?
<icullen> thanks pmatulis, i'll try there
<gswain> alright i just tried again and right after installer it fails to mount my raid10
<gswain> it tries to boot it in degraded mode
<gswain> but says the device is busy or it doesnt have /init
<uvirtbot> New bug: #575878 in samba (main) "package winbind 2:3.4.7~dfsg-1ubuntu3 failed to install/upgrade:" [Undecided,New] https://launchpad.net/bugs/575878
<gswain> what gives, seems like it should just work
<gswain> just bots?
<cclausen> gswain: try installing without RAID, just to see if the problem is RAID related or not
<MTecknology> How do I kill a message that is trying to be sent?
<MTecknology> smtp*
<MTecknology> My system is trying to send email to this guy@domain.com. The MX record for domain.com is mail.domain.com. The system is trying to reach mail.domain.com. But... mail.domain.com only has 22 and 80 open....   So my logs are filling up rather nicely.
<npope> MTecknology: delete it from the queue
<MTecknology> npope: that's what I'm asking how to do :)
<npope> sendmail or postfix?
<ScottK> MTecknology: What MTA?
<MTecknology> sendmail
<npope> MTecknology: /var/spool/mqueue
<MTecknology> thanks :D
<MTecknology> now.. is there any way to put a maximum retries on it?
<stephank> I'm using reprepro to build a local repository, but for some reason apt on the client is not picking up the repository's Origin, Label, Suite, etc. (ie. "apt-cache policy" doesn't show a "release ..." line for my repo. I use it for pinning.) What am I missing in my reprepro setup?
<maxb> stephank: Have you actually entered an Origin,Label,Suite in the reprepro configuration?
<stephank> maxb: Yes, and they also appear in the Release files, which look more or less the same as ubuntu's official repositories'.
<maxb> this is starting to sound like potentially local apt weirdness
<RoAkSoAx> kirkland, ping
<maxb> But to be sure, perhaps pastebin the content of the Release file?
<stephank> maxb: here we go: http://www.privatepaste.com/6989b5011d
<stephank> I added the repository on two fairly fresh 10.04 installs, and both have the same issue
<maxb> stephank: Try deleting /var/cache/apt/*.bin, and trying 'apt-cache policy again'
<maxb> uh, misplaced quote, but you get what I mean
<stephank> maxb: it still looks the same, there's no 'release' line :/
<stephank> (and the pin doesn't work either)
<maxb> well that's mysterious, because when I overwrote one of my local /var/lib/apt/lists/*_Release files with your paste, and deleted those cache files, it showed up here
<stephank> hmm...
<stephank> maxb: the Release file for the repository in question exists, but under /var/lib/apt/lists/partial/
<maxb> hmmm
<maxb> What's the content of the file in partial?
<maxb> Try moving the file in partial away, deleting any files relating to that repository in /var/lib/apt/lists/, and running apt-get update
<stephank> trying that now. fwiw, the content was the same as the paste (checked with diff)
<stephank> maxb: same result, and the file again ends up in partial/
<maxb> odd
<maxb> Something must be broken with that download for you, locally
<Error404NotFound> is there something like freebsd jails in ubuntu? I want to create a jail of hardy inside lucid to test some php stuff. Or is my best bet using something like virtualbox?
<stephank> maxb: well, it's pulled from the same machine, but not localhost. I see a get line in the apt-get output that matches the size on the server. And there are no errors, but some ignores because there is no Release.gpg.
<dominicdinada> !samba
<ubottu> Samba is the way to cooperate with Windows environments. Links with more info: https://wiki.ubuntu.com/MountWindowsSharesPermanently and https://help.ubuntu.com/10.04/serverguide/C/windows-networking.html - Samba can be administered via the web with SWAT.
<mcas> if i want to build a software raid on a ubuntu server for 200 users... which software do i want to use?
<ScottK> Software RAID is built in.
<dominicdinada> in server 10.4 samba doesn't share correctly is that because webmin is outdated ? trys to call samba when the command is now smbd?
<mcas> ScottK: yes but dmraid lvm?
<mcas> any suggestions?
<ScottK> !webmin | dominicdinada
<ubottu> dominicdinada: webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system. See !ebox instead.
<dominicdinada> !ebox
<ubottu> ebox is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/eBox
<ScottK> mcas: It's been long enough since I set up RAID I don't know.
<stephank> maxb: Moving the Release file from 'partial' to '../', deleting the '*.bin' cache, and then running 'apt-cache policy' did the trick. So at least that's one more hint in the right direction. Thanks for helping. :)
<mcas> hmm... which one do you use and do you had any problems? ;-)
<uvirtbot> New bug: #575919 in qemu-kvm (main) "no sound: pulseaudio connection refused" [Undecided,New] https://launchpad.net/bugs/575919
<dominicdinada> ok getting ebox
<dominicdinada> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system. See !ebox instead.
<failover> Hey about kvm/qemu, at Lucid what is the diference between /usr/bin/qemu-system-x86_64 and /usr/bin/qemu ?
<halvors> my etc/hosts?
<RoyK> failover: possibly a symlink?
<failover> not !
<failover> kvm is a symlink for qemu-system-x86_64
<failover> but qemu is another file !
<RoyK> ok!
<failover> man and help show the same for both, but the file size is different !
<RoyK> perhaps qemu runs the other?
<halvors> cclausen: My etc hosts fil look like this: http://paste.ubuntu.com/428453/
<halvors> ???
<dominicdinada> wow ebox  is trash would rather keep webmin and just configure manually
<halvors> I need a hosting panel simply create new domains.
<halvors> some ideas?
<dominicdinada> !domain
<halvors> !domain?
<ubottu> Error: I am only a bot, please don't think I'm intelligent :)
<halvors> whay not?
<cclausen> The ebox-webserver package manages Apache2
<cclausen> halvors: take the "localhost" part out of ::1 entry in there.  You ahve TWO localhost entires and I think that is confusing various things
<cclausen> MTecknology: you really shouldn't be trying to send mail to a domain that doesn't work.  I'm guessing there are already retries built into SMTP, but you just didn't want to wait several days for it to stop retrying
<MTecknology> cclausen: somebody screwed up - it was a client that screwed up - I forsee that happeneing more in the future.
<halvors> what?
<MTecknology> cclausen: now I'm having that on another system - one system trying to send mail to another. A is trying to send to B when it should be trying to C
<halvors> si i shuld only have the first line an drop the 10.0.0.2 ss1?
<cclausen> MTecknology: it sounds to me like the MX record is wrong.  fix the MX record and then the message will be delivered
<cclausen> halvors: you might need that, I am not sure about your setup
<MTecknology> cclausen: its internal systems - no MX; should just send directly to tat system..
<dominicdinada> !ebox
<ubottu> ebox is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/eBox
<cclausen> MTecknology: then set the MX to go elsewhere and allow the email to deliver.  or, just wait for it to time out and get "frozen"
<j0nr> can i just apt-get install pulse-audio on my server to make it play sound
<j0nr> ?
<cclausen> j0nr: I don't think just installing that will actually cause your computer to play sound
<j0nr> i am trying to get my server (old laptop) to play music with mpd
<cclausen> just add some capabilities to enable it
<j0nr> cclausen: what do you mean capabilities?
<cclausen> j0nr: locally?  Or across the network?  Or what?
<j0nr> cclausen: the laptop is plugged into the router. it contains my music. I can go to a php web interface player to see my music and play it. Except when its playing no sound is coming out the server
<MTecknology> cclausen: there is no way to set internal MX right now and I don't want to set it up.. I don't care about purging what's there - I care about why it's not sending to the right system - there's no reason it should try to send to that system...
<cclausen> j0nr: does just running mplayer locally on that server play sound?
<j0nr> cclausen: can mplayer be used on the command line?
<cclausen> MTecknology: if someone addresses an email to a system, it will look for MX and if its not there, attempt to connect directly to port 25 for delivery
<cclausen> j0nr: it can on my system, at least for audio.  obviously playing video would be a problem
<MTecknology> cclausen: exactly.. but it's not broken there - it's broken before that
<cclausen> MTecknology: I'm not sure what you mean by "not sending to the right system" then
<MTecknology> cclausen: it's doing exactly what I said - but it's getting screwed up prior to anything DNS - I'm figuring out how to script vm creations - sounds like more fun
<j0nr> cclausen: i am playing with mpg321 and nothing is coming out
<j0nr> i dont think server ed. comes with audio
<cclausen> j0nr: that is possible, but I think unlokely.  you can use lspci to look for sounds cards and then use lsmod to see if the module is loaded
<cclausen> its possible your hardware just isn't supported
<j0nr> im sure it played audio when it was installed with a desktop version
<cclausen> MTecknology: okay, well, figure out what and then fix it.  is it a wrong DNS server?  Is it a bad /etc/hosts entry?
<cclausen> j0nr: same version?
<j0nr> no
<j0nr> older version
<j0nr> it had 9.04 on it and now it has 10.04 server
<cclausen> j0nr: well, that isn't really a fair comparison then.  can you try booting to a Live CD and teying there?
<j0nr> there is no pulseaudio or alsa installed
<cclausen> pulse audio isn't strictly required to play audio
<halvors> Si it should be like this
<cclausen> j0nr: who are you trying to play audio as?  does the user not have access to a specific sound device?
<halvors> http://paste.ubuntu.com/428471/
<MTecknology> cclausen: even before that..... :P - I need to figure out why it's flipping the system name
<cclausen> halvors: no, you didn't remove the duplicate localhost entries
<cclausen> you can'y have "localhost" on 127.0.0.1 and on ::1
<cclausen> MTecknology: the system mailname?  Or host name?
<soren> Err.. Why not?
<j0nr> cclausen: not sure tbh
<cclausen> soren: b/c apparently postfix gives crazy warnings about localhost
<j0nr> i guess www-data?
<j0nr> as i am using a php web interface
<cclausen> j0nr: can you try mplayer or whatever player as root on teh system and see if audio plays?
<MTecknology> cclausen: dest addy - it's getting muffed up that far back - I send to server@domain.com; when it hits queue it flips to difserver@domain.com
<MTecknology> HOSTNAME=""; vmbuilder kvm ubuntu --mem=768 --rootsize=10240 --swapsize=256 --cpus=2 --hostname="$HOSTNAME" --domain="kalliki.com" --destdir=/virt/images/$HOSTNAME --user="michael" --name="Michael Lustfield" --pass="CHANGEme" --mirror http://archive.ubuntu.com/ubuntu/ --components main,universe --addpkg=vim --addpkg=openssh-server --addpkg=screen --addpkg=apparmor-utils --addpkg=apparmor-profiles --addpkg=ufw --addpkg=cur
<MTecknology> How does that look? :)
<MTecknology> I didn't reaslize how long that was... maybe shoulda pastebinned
<cclausen> MTecknology: as the hostname?  that looks wrong :-)
<j0nr> cclausen: no sound as root
<cclausen> j0nr: hmm...
<MTecknology> here we go - http://paste.ubuntu.com/428473/
<cclausen> j0nr: check lspci for sound hardware info and then look for loaded sound modules
<soren> MTecknology: What's the question?
<j0nr> 00:1f.5 Multimedia audio controller: Intel Corporation 82801CA/CAM AC'97 Audio Controller (rev 02)
<cclausen> ac97 should have a module
<cclausen> soren: he's getting this: http://paste.ubuntu.com/428366/
<j0nr> cclausen: there are several entries for lsmod | grep snd
<MTecknology> soren: If you think that's nice and pretty :)
<cclausen> the warning: ::1: address not listed for hostname localhost is likely caused by bad reverse lookup due to two entiries in /etc/hosts
<soren> What's that got to do with that whole vmbuilder thing?
<cclausen> j0nr: could it be not a sound card problem?  maybe volume is truned down?  ir speakers not plugged in?
<halvors> What is ::1
<cclausen> maybe I have confused people I was helping..
<MTecknology> ya
<j0nr> cclausen: http://pastebin.com/QDVWAZv6
<cclausen> in which case, sorry about that
<MTecknology> soren: ignore me - help j0nr  :)
<j0nr> cclausen: how would you control the volume on a server?
<cclausen> j0nr: so that looks like you should have functioning sound.
<cclausen> j0nr: can you run aumix or some other volume control ?
<MTecknology> alsamixer
<soren> What do you need sound for?
<soren> j0nr: ^
<j0nr> im trying to use an old laptop as a music server, using mpd, controlled via a web interface. so the laptop is plugged into speakers and i can control it from any networked device
<j0nr> soren:
<halvors> cclausen: what do ::1? and what is it?
<j0nr> i have no aumix or alsamixer installed
<cclausen> halvors: ::1 is the IPv6 equiv of 127.0.0.1
<cclausen> e.g. the local loopback interface on your system
<cclausen> j0nr: apt-get install aumix
<cclausen> I don't think that alsamixer works in a console and that is needs gnome.  Or at least that ginme version is the only pacakge that I can find
<soren> j0nr: Ok. alsamixer it is then.
<j0nr> cclausen: \o/ top man!
<soren> Don't use aumix.
<j0nr> aumix did it!
<soren> Yes, but..
<soren> Bah, whatever.
<j0nr> but...?
<soren> aumix is for OSS. alsamixer is for ALSA.
<halvors> so i should have 3 records in the file?
<halvors> ::1
<halvors> too
<soren> and since you're actually using ALSA, it's probably better to use alsamixer (avoiding the translation layer)
<soren> cclausen: Having both 127.0.0.1 and ::1 called localhost in /etc/hosts is fine.
<j0nr> thank you all for you help!
<soren> cclausen: Not only fine. It's correct.
<dominicdinada> that is what is in my hosts file as well
<uvirtbot> New bug: #575945 in chkrootkit (main) "chkrootkit falsely flags files owned by Firefox 3 and Sun Java 6 valid packages" [Undecided,New] https://launchpad.net/bugs/575945
<halvors> Like that: http://paste.ubuntu.com/428480/
<cclausen> soren: yes, it is.  that isn't what I was saying
<j0nr> Severed Fifth now blasting out the stereo controlled by my php web interface :D
<cclausen> soren: having "localhost" on both ::1 and 127.0.0.1 lines can cause problems
<cclausen> you'll note that ::1 is named ip6-localhost and NOT "localhost" by default
<soren> cclausen: That's /exactly/ what I'm saying is the correct thing to have.
<soren> cclausen: both.
<cclausen> halvors: make the ::1 line just have the two ipv6-local* entires.  does the warning go away?
<cclausen> soren: other suggestions on what could be causing: "warning: ::1: address not listed for hostname localhost" then ?
<cclausen> oh, hmm... I wonder if the system hostname is set to localhost.  that could probably cause weirdness...
<zul> mdeslaur: you are taking care of the chkrtootkit bug?
<soren> cclausen: I haven't seen the hosts file in question.
<cclausen> soren: it was pasted...
<soren> cclausen: http://bazaar.launchpad.net/~vcs-imports/netcfg/main/annotate/head%3A/netcfg.h#L39 for ye of little faith.
<cclausen> http://paste.ubuntu.com/428471/
<soren> Ok.
<cclausen> soren: ok, well, that is broken
<mdeslaur> zul: yeah, I'll look at it
<zul> mdeslaur: k thanks
<soren> cclausen: Why?
<cclausen> you'll get non-matching reverse and forward lookups for localhost, depending upon how it is queried
<cclausen> in hardy, I do not have "localhost" on the ::1 line
<soren> How so?
<dominicdinada> I am having trouble wget'n eboxes Release.gpg :( can anybody help?
<soren> What will not match?
<cclausen> forward and reverse lookups
<soren> cclausen: Which ones?
<dominicdinada> cclausen: hardy is not ipv6 compliant is it
<cclausen> dominicdinada: I have been told to disable IPv6 for security reasons.  I don't have a way to test.
<cclausen> soren: ones on localhost, ::1, 127.0.0.1
<dominicdinada> cclausen: i see from my understand by default ipv6 is more secure by nature
<cclausen> dominicdinada: really?  how so?
<dominicdinada> understanding*
<soren> cclausen: Yes, those are the names and addresses of which we speak. Now, how, why, and which lookups will not match?
<cclausen> soren: whatever postfix is doing to cause the warnings here: http://paste.ubuntu.com/428366/
<dominicdinada> because of the way they address things
<soren> cclausen: If I call getaddrinfo("localhost", NULL, blahblah), I'll get two results, one AF_INET and one AF_INET6.
<halvors> here is error:
<halvors> Reporting-MTA: dns; ss1.skymiastudios.com X-Postfix-Queue-ID: 7695C480B7F X-Postfix-Sender: rfc822; halvors@skymiastudios.com Arrival-Date: Wed,  5 May 2010 21:06:00 +0200 (CEST)  Final-Recipient: rfc822; halvors-skymia.net@ss1 Original-Recipient: rfc822;halvors@skymia.net Action: failed Status: 5.4.4 Diagnostic-Code: X-Postfix; Host or domain name not found. Name service error     for name=ss1 type=AAAA: Host not found
<cclausen> soren: yes, makes sense to me
<dominicdinada> all ::1 is is an loopback but say prefixed ff00 -ff02 are only allowed locally eg 192.168.* class
<cclausen> halvors: that error appaers to be a failed lookup for "ss1"
<soren> cclausen: It's trying to look up and ipv6 address for ss1.
<halvors> so
<soren> What's ss1?
<halvors> áºhat should i do?
<garymc> anyone know anything about PPTP vpn servers?
 * soren should
<cclausen> dominicdinada: how is that a securiry feature?
<garymc> im connecting to it fine via my iphone. But once I disconnect I canr reconnect ?
<halvors> ss1 is the name of my server, it was that i entered in the installation of ubuntu
<dominicdinada> then they have a multi cast address.... but only certain classes will be able to address the internet vs's local networks
<cclausen> garymc: I run a PPTP VPN on Windows.  Really easy to setup :-)
<garymc> yes i got it working, but I have one problem now
<halvors> PPTP server, i have tryd it works fine easy to setup =)
<garymc> I connect to it VIA my iphone. Works great.
<halvors> also on ubuntu
<soren> halvors: Perhaps your postfix only does ipv6 for some reason?
<halvors> can post my config file
<garymc> Then if I disconnect VPN and use normal wireless then need to reconnect to my VPN it wont let me
<soren> garymc: You can only connect once and then not again until you've restarted the vpn server?
<dominicdinada> cclausen: because of how they class the address's and unless i see an rfc document otherwise i tend to believe network++ server 2008 client for wins.... and cisco all saying the same thing
<garymc> why is that?
<garymc> soren is there a way around that?
<halvors> here are postfix main.cf
<halvors> http://paste.ubuntu.com/428484/
<soren> garymc: I'm not saying, I'm asking :)
<garymc> As im going away and if my phone goes off or need recharging
<soren> garymc: Is that what you are experiencing?
<garymc> yes
<garymc> exactly
<halvors> ?
<halvors> some answers?
<soren> halvors: You need to put your hostname in /etc/hosts.l
<soren> /etc/hosts
<soren> Like:
<garymc> soren : is there a time limit that has to pass b4 it will let me reconnect or something?
<soren> garymc: Don't know. What sort of errors do you see in the logs?
<halvors> i have done it
<soren> halvors: Add this to your /etc/hosts:
<halvors> what?
<halvors> ss1
<halvors> ?
<j0nr> darn it. i have the server working playing music out my sound system, but the tv wont play sound. I used a spliter on the input to the stereo so that there are two sets of phono leads going into the stereo. the laptop goes in and plays but the tv doesnt. unless i unplug the cable from the headphones jack on the server
<cclausen> needs an AAAA record, right?
<soren> 127.0.1.1 ss1.skymiastudios.com
<soren> sorry, I mean:
<soren> 127.0.1.1 ss1.skymiastudios.com ss1
<halvors> whay 127.0.1.1
<cclausen> j0nr: so its not a software problem?
<halvors> ?
<garymc> soren just looking now
<j0nr> cclausen: no... i said up there ^ i got it working :)
<soren> halvors: If you have a static IP, you can use that instead ifyou like.
<halvors> can you post exemple at paste.ubuntu.com for me
<halvors> ok
<j0nr> but i thought i could use RCA splitters to feed both tv and laptop into the sound system and either or both would just play
<halvors> so it will be first lin like it
<j0nr> but the tv wont play unless i unplug the server
<soren> halvors: Doesn't matter. Just somewhere on a line by itself.
<halvors> 127.0.0.1 ss1.skymiastudios.com
<soren> No.
<halvors> how+
<garymc> soren : heres my log from last attempt http://pastebin.com/AA5bbDdb can you shed some light?
<halvors> ?
<soren> 127.0.1.1 or your static IP (if you have one)
<soren> halvors: I just told you.
<soren> 19:12 < soren> 127.0.1.1 ss1.skymiastudios.com ss1
<halvors> so 127.0.0.1 should be my external ip?
<soren> No! Don't touch that line.
<halvors> 84.49.231.146 ss1.skymiastudios.com ss1
<soren> Just add the one line I told you. No more or less.
<soren> Err.. Is that the IP of the server?
<halvors> yes the external ip
<halvors> static
<soren> Does the server have that address configured?
<cclausen> j0nr: yeah, that makes sense too me.  apparently does not work though, huh?
<soren> ..or is that being NAT'ed or port forwarded somehow?
<halvors> NAT ;)
<halvors> port foward
<halvors> r
<soren> Then no.
<soren> It needs to be an IP the server HAS.
<soren> Not one by which you can reach it.
<j0nr> cclausen: no, for some odd reason
<halvors> so i tshould be like this: http://paste.ubuntu.com/428486/
<soren> halvors: What's 10.0.02?
<soren> Sorry, 10.0.0.2, I mean.
<halvors> my locaL NETWORK IP
<halvors> sry caps lock
<soren> Is it static?
<halvors> yes
<soren> Fine. Use that.
<halvors> ok
<halvors> so it should be
<halvors> 10.0.0.2 ss1.skymiastudios.com
<soren> ...
<soren> no.
<halvors> i hav ethis line 10.0.0.2 ss1
<soren> 10.0.0.2 ss1.skymiastudios.com ss1
<halvors> like this right? http://paste.ubuntu.com/428489/
<garymc> soren did my log file tell you anything?
<halvors> ???
<soren> halvors: That should do the trick.
<halvors> ok i will try ;)
<soren> garymc: Is that from when it fails?
<garymc> yes after ive disconnected then try to reconnect
<garymc> its the reconnect part only
<halvors> ansd this:  apache2: Could not reliably determine the server's fully qualified domain name, using 10.0.0.2 for ServerName
<soren> Do you still have that after this change?
<soren> garymc: Don't know. Looks like the client doesn't like what it's seeing.
<halvors> No, it have been there since the installation of my server
<garymc> damn where could I get some more debug help for this?
<halvors> server works i only wounder if i should correct it?
<garymc> if it works leave it be
<soren> halvors: It's just a warning. It doesn't really matter, but do you still have that error after we made these changes?
<dominicdinada> I am having trouble wget'n eboxes Release.gpg :( can anybody help?
<dominicdinada> err adding the key
<soren> dominicdinada: Try #ebox
<dominicdinada> soren:  i got the key but having trouble adding it
<dominicdinada> to the repos
<halvors> soren: i got error now to :(
<halvors> no this is now about our changes =)
<garymc> just tried turning Iphone off and back on but still wont connect to the PPTP VPN server
<garymc> I need to restart the PPTP server manually everytime
<garymc> this is no good to me
<cclausen> dominicdinada: I was getting that too just running apt-get update.  update server is over loaded I suspect
<dominicdinada> I got the key
<dominicdinada> sudo apt-add Release.gpg ? correct ?
<halvors> soren??
<halvors> are you there?
<halvors> do you know the error
<drusepth> Installing a Eucalyptus cloud controller like a boss
<halvors> i get this error
<halvors> May  5 21:06:10 ss1 postfix/postfix-script[8928]: warning: /var/spool/postfix/etc/hosts and /etc/hosts differ
<halvors> ???
<halvors> ???
<halvors> some answers
<dominicdinada> cclausen: sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 342D17AC
<j0nr> finally sorted with a lot of mixing and swapping of various av cables
<dominicdinada_> !ebox
<ubottu> ebox is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/eBox
<dominicdinada_> W: GPG error: http://ppa.launchpad.net hardy Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 5F99A088342D17AC
<uvirtbot> New bug: #575987 in samba (main) "package samba 2:3.4.0-3ubuntu5.6 failed to install/upgrade: " [Undecided,New] https://launchpad.net/bugs/575987
<garymc> I managed to get it working and I can connect to my PPTP VPN server via my iphone. But once I close the connection Iam unable to reconnect to my PPTP VPN server unless I ssh into the server and restart PPTP
<garymc> anyone knwo ANYTHING?
<incorrect> hi, i was wondering if anyone here has any experience with the vps service from five bean?
<dominicdinada> need a hand with some ebox problems
<joe234> anybody can help
<joe234> my server 10.04 wont boot
<joe234> it says
<joe234> init: ureadhead-other main process (572) terminated with status 4
<joe234> init: networking main process (584) terinated with status 4
<dominicdinada_> Are there any mods to get Webmin to work correctly with lucid ?
<dominicdinada_> this Ebox is Crap
<dominicdinada> Webmin = 100000x < Ebox
<incorrect> i have a really good replacement for both webmin and ebox
<incorrect> ssh
<jeiworth> hehe
<dominicdinada> yea ssh but in a server enviroment with many servers webmin < ssh
<RyanP> incorrect: I really don't want to do LDAP user creation via ssh.
<incorrect> dominicdinada, i have 200 servers,
<dominicdinada> really ?
<incorrect> yes
<incorrect> i just wrote a bunch of scripts to manage them
<dominicdinada> think of what the boses knew about you wasting so much time when webmin can do all the managing via cp in minuates vs u all day
<incorrect> RyanP, i use the ldapscripts package
<dominicdinada> well yea that,...
<joe234> anybody help me?
<incorrect> all day?
<incorrect> poor dominicdinada can't script
<dominicdinada> without those script
<incorrect> took me 30 seconds to write scripts to manage them all
<dominicdinada> ah nice for you, want a cookie and a trophey?
<incorrect> maybe he has gone to learn to script
<dominicdinada> but really back on topic my question was what is the work around for webmin and the incompatibility ?? is it just that it calls samba and not smdb?
<dominicdinada> !SWAT
<ubottu> Samba is the way to cooperate with Windows environments. Links with more info: https://wiki.ubuntu.com/MountWindowsSharesPermanently and https://help.ubuntu.com/10.04/serverguide/C/windows-networking.html - Samba can be administered via the web with SWAT.
<kirkland> RoAkSoAx: pong
<RoAkSoAx> kirkland, how's belgium?
<kirkland> RoAkSoAx: completely knackered right now; about to crash
<kirkland> RoAkSoAx: do you have a quick question, or something deep?
<RoAkSoAx> kirkland, not really, I jsut wanted to let you know that the UDS session has been approved if you didn't know that... and I made some more mockups here: https://wiki.ubuntu.com/TestdriveFrontend
<kirkland> RoAkSoAx: awesome!
<kirkland> will check them out
<RoAkSoAx> kirkland, ok, other than that, the code *should* be mergeable, but haven tested enough due to I have been doing paperwork to obtain the work permit of the GSoC due to the issues explained in the e-mails
<kirkland> RoAkSoAx: awesome;  ....  do this ....
<kirkland> push to a PPA
<kirkland> RoAkSoAx: and publish a call for testing on your blog
<kirkland> RoAkSoAx: ask people to poke and prod and test it a bit
<RoAkSoAx> kirkland, yeah I was actually planing to do so :)
<kirkland> RoAkSoAx: rock on
<RoAkSoAx> kirkland, aight then. Will do so *hopefully* before going to belgium.
<kirkland> RoAkSoAx: perfect, thanks
<kirkland> RoAkSoAx: submit a merge proposal in the mean time, and i'll review
<RoAkSoAx> kirkland, ok will do
<kirkland> RoAkSoAx: cheers
<RoAkSoAx> kirkland, ok then I'm off. Have fun over there :)
<kirkland> RoAkSoAx: thanks, later
<erichammond> smoser: The <title> of http://uec-images.ubuntu.com/releases/10.04/release/ still says "Daily Build"
<ScottK> As long as it doesn't say which day, it's not wrong ....
<jeiworth> say, errrm, dare i ask this here? *g* is there a way (or an alternative) to run virt-manager on a windows box?
<dominicdinada> !wireless
<ubottu> Wireless documentation, including how-to guides and troubleshooting information, can be found at https://help.ubuntu.com/community/WifiDocs
<storrgie> ufw is blocking my bridge interface
<storrgie> what to do?
<npope> storrgie: allow your bridge interface
<storrgie> npope: looking for the convention to add tha
<storrgie> that*
<dominicdinada> i am going to be working on that soon storrgie
<npope> ufw is a pretty interface to iptables
<storrgie> npope: how do I allow that br0 interface?
<npope> sudo /sbin/iptables -A INPUT -i br0 -j ACCEPT
<storrgie> http://pastebin.com/X7aA2S4V
<npope> but i know there is a way your suppose to input that into uwf foo
<npope> i think in /etc/ufw/before.rules
<storrgie> possibly:
<storrgie> sudo ufw allow in/out on br0
<jdstrand> storrgie: bridging needs to be handled differently cause it is at a lower layer. see bug #573461 for details
<uvirtbot> Launchpad bug 573461 in ufw "UFW blocks libvirt bridged traffic" [Undecided,Invalid] https://launchpad.net/bugs/573461
<cclausen> oh, wow.  I should leanr to read bug reports before trying to help people...
<cclausen> I was wondering how a layer 3 firewall was blocking layer 2 traffic...
<cclausen> oh, wait.  that was the person I was helping :-)
<storrgie> yeah!
<storrgie> just saw your name from IRC
<storrgie> hrm
<storrgie> so wait
<storrgie> easiest way to solve this is add it to the /etc/ufw/before.rules file?
<cclausen> "The final step is to disable netfilter on the bridge"
<cclausen> I think the sysctl stuff is the better solution
<storrgie> oh really?
<storrgie> for 'performance'?
<cclausen> yeah, I think just turning it off should give better performance than working around the problem in iptables.
<storrgie> so just add
<storrgie> Â net.bridge.bridge-nf-call-ip6tables = 0
<storrgie> Â net.bridge.bridge-nf-call-iptables = 0
<storrgie> Â net.bridge.bridge-nf-call-arptables = 0
<storrgie> i dont have ip6 enabled
<cclausen> shouldn't affect anything giving hte ipv6 entry then
<cclausen> I'd do it anyway in case you end up using IPv6 in the future
<storrgie> true
<storrgie> I did it, marked the config with reference to this bug number
<storrgie> thanks!
<storrgie> didnt killawatt the server yet
<cclausen> is there a way to list all bugs filed against lucid packages in the last week or so?
<storrgie> I'm actually considering selling my WD1001FALS and getting 8 more Hitachi 2TiB drives
<cclausen> how big are they?
<cclausen> and how much do you want for them :-)
<storrgie> well
<storrgie> they are all 1TiB
<storrgie> caviar blacks
<cclausen> hmm..
<storrgie> TLER enabled
<storrgie> how many do you need
<storrgie> you can warranty them all
<storrgie> i think they all have like 2 years left or more
<cclausen> oh, cool
<storrgie> 5 of them have 2 years, 4 of them have 3 years
<storrgie> I have 9
#ubuntu-server 2010-05-06
<dominicdinada> Hmmmmm I gots a Question :)
<jetole> don't we all
<dominicdinada> haha
<dominicdinada> My Questions is how the hell do I modify webmin to work with samba
<dominicdinada> isnt it just calling the old samba and not smdb
<jetole> well the first step is to join the #webmin room since it's not a ubuntu package
<jetole> someone in here may know but you will probably have a quicker response there
<dominicdinada> 2 people in the webmin room
<jetole> really? wow
<jetole> I don't like webmin but thats just a personal quip
<dominicdinada> doubt it and considering there are more chances that other users of ubuntu server have encountered this problem...............
<dominicdinada> i dont like ebox the same as you
<jetole> yeah maybe. Can
<akgraner> smoser, ping - since kirkland can't lead the Ubuntu Open Week server Q&A tomorrow at 1600 UTC  - could you or zul or maybe mathiaz?
<jetole> yeah maybe. Can't believe there are only 2 in #webmin
<jetole> I guess I'm not the only one who doesn't like it
<dominicdinada> ok there is 4 now sorry
<jetole> dominicdinada: try #webmin on irc.undernet.org
<jetole> I think thats the official channel
<dominicdinada> ok...
<jetole> or maybe not
<jetole> I just googled it and not sure it's official but look there and let me know
<dominicdinad> ok forget that
<jetole> actually it looks like the official channel may be on freenode
<jetole> maybe just ditch webmin
<dominicdinad> either way some user here has prob run into the problem and gotten around it
<cclausen> dominicdinad: I assume you you have seen !webmin and know about ebox?
<dominicdinad> ebox is trash
<dominicdinad> yes
<cclausen> well, ok
<cclausen> I consider samba trash, but whatever
<jetole> imho webmin is a gui for people afriad of either the command line of the man page. It doesn't offer anything but a prettier interface, again, imho
<jetole> cclausen: thats harsh
<dominicdinad> jetole: of course i am going to learn the command line.... but for starters the web gui is alot easier
<jetole> cclausen: people need either smb or pdc and I don't know of another product sans windows server
<cclausen> jetole: what about the cifs server in likewise open?
<jetole> ok, I stand corrected on one front. Haven't used likewise open
<dominicdinad> and not to be to far off topic ubuntu-server or any linux server is awesome .... but Server2008 did alot right and that stuff is so powerful now... i guess MS is making a serious effort to compete
<jetole> actually I kinda agree
<jetole> I hate windows but I am moderately impressed with 2k8
<cclausen> I assume the main reason people try to use non-Windows is the non-trivial license cost
<dominicdinad> Yea and since its all MS related its support is easy but I am trying to learn ubuntu-server and i find that gui is easier for starters for me... there is always a shell or ssh once you get the basics down
<cclausen> I work at a university so we get pretty good discounts
<dominicdinad> cclausen: yeah MS is so expensive and well Mysql is the most widely used DB and of course ms wants their own DB...
<jetole> Actually, one area where micsorsoft has really impressed me is sql server 2k8. I still have some issues with it (cannot do non transactional database if I want to, cannot provide cluster for scalability / failover cluster only, some other things) but then again I don't know any RDBMS that got it all right
<dominicdinad> Academic Alliance gave me everything free... for personal use of course
<cclausen> Microsoft's SQL server is significantly better for anything more than a simple web site backend
<cclausen> MySQL doesn't even handle external authentication.  I have to create accounts for each user in MySQL.  its really annoying.  Of course with the Microsoft products one just grants access to an existing user account
<dominicdinad> Correct like their DB for say companies using it for employee db's or a store using it for product db blah
<cclausen> I wish I could use MySQL to replace FileMaker though..
<cclausen> FileMaker is not fun to deal with...
<dominicdinad> cclausen:  but anyhow like i  was saying i am trying to learn ubuntu and well need to haxor the webmin maybe
<jetole> cclausen: yeah but again, can't do a scalable cluster and can't create a non transactional database. The transactional aspect isn't that vital but with HA on sql server it comes down to a max of 3 servers where only 2 can be used and neither at the same time
<cclausen> dominicdinad: I think it will end badly tying wedmin on ubuntu as per the warning
<dominicdinad> I remember using Filemaker back in highschool and that crap was horrible ....
 * jetole agrees with cclausen @ webmin warning
 * jetole has never used filemaker
<cclausen> jetole: yeah, true, we have Oracle stuff for our main campus-wide systems.  That has all kinds of fancy options
<jetole> cclausen: I think linux handles mass configuration in clusters much better then active directory (see cfengine (although I wouldn't) or or preferably puppet)
<dominicdinad> I have not used oracle in over a decade myself either :(
<cclausen> but for my purposes, a single database server that uses AD permissions, MSFT SQL works fine.  Account management is the only big issue I have with MySQL actually.
<jetole> ah I wish I had oracle. I haven't used it but I do use ocfs file system for clustered shared disks
<cclausen> jetole: really? group policy scales across the world
<dominicdinad> cclausen: with Server 2k8 yea
<jetole> cclausen: perhaps but when it comes to configuring applications it becomes limited
<cclausen> jetole: not really, just write your own templates for registry changes
<jetole> yeah thats where
<jetole> lol
<cclausen> yep, dealing with FireFox is a problem
<jetole> no. If you become familiar with puppet then you will see the difference
<cclausen> there is no MSI version and no easy way to enforce policies like with IE
<jetole> I run a mixed environment windows and linux
<cclausen> cfengine, bcfg2, and puppet still manage individual config files though.  this is not as granular as having group policy change ONE specific config item in teh registry on a case by case basis
<cclausen> and then there are management systems for Mac OS ...
<jetole> cclausen: well puppet can be granular but when it comes to application files, for the most part you are right
<jetole> puppet == OSX
<jetole> afaik puppet is everything sans windows
<cclausen> well, yeah
<cclausen> I meant more end-user config management for OS X with Open Directory
<jetole> but I don't run OSX anywhere
<jetole> I'd honestly like a single sign on system for windows, linux and everything else that isn't windows dependent
<jetole> samba pdc is a joke though and samba 4 has been in alpha state forever even though MS is contributing to it
<dominicdinad> jetole: i honestly thought that 2k8 addressed that I could take the time to check my textbook
<jetole> dominicdinad: addressed what?
<dominicdinad> of course if it was a win domain controller
<jetole> well I can install a pdc through samba but that's old school
<jetole> or I can install a 2k3/2k8 domain controller through samba 4 if I want to use alpha code
<dominicdinad> addressed a single login system ofcourse that would only be if it was under a win domain
<dominicdinad> :)
<dominicdinad>    blah gotta learn samba
<dominicdinad> I just wanna create like 4 shares god
<jetole> I don't know how I can add a user to linux and then plug windows into the lan and have it auth against windows except through a samba pdc
<dominicdinad> using my user name login to access with full write priv.....
<jetole> dominicdinad: how long have you been working on this?
<dominicdinad> of and on since lastnight.... took a break and finally hooked up a thumb and copied the files to the server where i wanted them to be
<dominicdinad> but:(
<jetole> too long. Time to pick up the samba manual and do this by hand
<jetole> check out #samba. They can help direct you to some good readmes
<dominicdinad> yeah I guess I see what their samples are
<cclausen> jetole: one can use some non-standard stuff on windows to allow for LDAP and Kerberos logins
<cclausen> see pgina for instance
<jetole> dominicdinad: but yeah. been 24 hours working on installing the gui that isn't needed. thats too long
<jetole> cclausen: I know of it
<cclausen> if you need a cross-platfomr filesystem, I'd look at OpenAFS
<dominicdinad> no it has been installed... but Then i was looking at other options for the gui then... I read the how tos but I don't get why shares need to have specific users written into the smb.conf file why wont it just inherit user groups etc
<jetole> I would look at OpenAFS more closely first
<dominicdinad> brb
<jetole> dominicdinad: don't know. I don't use samba but I have set it up before
<jetole> cclausen: openAFS is not a general purpose file system
<jetole> you need to know openAFS and need to justify why you are installing it first
<cclausen> jetole: actually, it IS a general purpose filesystem.  what general case are you thinking of does it not handle?
<cclausen> or do you simply mean native support from OS vendors?
<jetole> that afaik it's read only on all openAFS clients
<cclausen> uhh, no
<cclausen> that would be wrong
<cclausen> replicas are read-only
<jetole> well a admin in openAFS mentioned that to me last week
<cclausen> but you just don't replicate things like user home directories
<cclausen> an admin in #openafs ?
<cclausen> (I am one such person)
<jetole> oh so you're saying like install openafs on my thumb drive for moving files between computers
<cclausen> its a network file system
<cclausen> would you use samba for that?
<jetole> maybe it was you who mentioned it.
<jetole> yes but samba is NAS.
<jetole> I don't follow the correlation but to be honest I don't care right now
<jetole> no offense but I really don't. I need to solve a preseed problem
<cclausen> oh, I am not offended
<cclausen> I am searching through the channel logs though.  if someone (including myself) provide wrong info, that should probably be fixed
<dominicdinad> ok how would i share /var/www so that the share requires the user to login. so that it inherits any of the system users which have access via group ? can someone pastebin an example
<dominicdinad> !domain
<jetole> dominicdinad: #samba
<dominicdinad> already there
<dominicdinad> Ahhh dead channels
<dominicdinad> ebox != active, samba != active = ubuntu-server has the answers ::P
<bogeyd6> lol
<bogeyd6> care to paste your original problem?
<bogeyd6> dominicdinad, ?
<dominicdinad> hang on
<zul> akgraner: sure
<bluethundr_> what means the 'A' in an aptitude search?        "i A courier-imap"
<akgraner> zul, awesome :-)
<zul> akgraner: if smoser can take the cloud questiosn
<akgraner> zul, I hope smoser will see your request :-)
<zul> akgraner: as do i
<akgraner> I'll get you both added to classbot :-)
<zul> akgraner: when is it again?
<akgraner> 1600 UTC tomorrow
<akgraner> https://wiki.ubuntu.com/UbuntuOpenWeek
<zul> akgraner: whats that EST?
<akgraner> 1200
<zul> akgraner: sure
<akgraner> well right now we are in EDT
<zul> same difference ;)
<akgraner> :-)
<akgraner> yeah the kernel session kicks off at 1100 EDT
<akgraner> followed by server :-)
<zul> coolio
<jetole> I'm running the install of a server in a vm (kvm via libvirt on my workstation). Does anyone know anyway I can somehow mount or view the installers filesystem from my workstation?
<akgraner> zul - classbot makes it easy
<akgraner> when you want to post a question - you pm classbot with !q
<zul> akgraner: sounds good...ill dodge the questions then ;)
<zul> gotcha
<akgraner> if you want to answer it you pm with !y
<akgraner> or !n
<akgraner> and they show up in -classroom from -chat
<zul> okies
<zul> i should be saving this then ;)
<zul> bbl
<akgraner> I'll be voiced as well
<akgraner> k thanks
<dominicdinad> bogeyd6:  sorry had a collect call and well I am trying to create a share
<dominicdinad> ok how would i share /var/www so that the share requires the user to login. so that it inherits any of the system users which have access via group ? can someone pastebin an example
<bogeyd6> actually quite simple
<bogeyd6> dominicdinad, in  your samba configuration you put security = user
<bluethundr_> what package provides libauthmysql.so ?
<dominicdinad> ok
<dominicdinad> and that inherits the users read write access?
<bogeyd6> it will require  a username/password of the local system and inherits if the user is part of the group www-data
<bogeyd6> you need to change any perms in /var/www/ to be group r/w
<bogeyd6> dominicdinad, https://help.ubuntu.com/community/SettingUpSamba#File%20Sharing%20%28Basics%29
<dominicdinad> ok now I was working with webmin before and manually changed the permission to 777 of the www dir and it stopped working
<dominicdinad> i read that but was unsure
<bogeyd6> 777 is everyone r/w
<bogeyd6> depending on your setup you might want 770 in /var/www/
<dominicdinad> so it would make sense that server blocked it until the r/w was set to a safe mode
<dominicdinad> ok
<bluethundr_> why when I aptitude search courier-authlib-mysql I get nothing, nada, zilch?
<bogeyd6> bluethundr_, which version
<BluDragyn> Is upgrading from hardy lts to lucid lts (server on both) as simple as "Sudo apt-get dist-upgrade"?
<bluethundr_> hardy.. 6.0.6 .. management decision to use this version
<bogeyd6> bluethundr_, sudo apt-cache search courier-authlib-mysql
<bogeyd6> thats a horrible decision
<bluethundr_> agreed
<ScottK> bluethundr_: No.
<bluethundr_> that apt-cache turns up nothing
<dominicdinad> bogeyd6: there is no security line in the global that i can see so i just append it to the last line correct?
<dominicdinad> nevermind it is there
<bluethundr_> ScottK: no, what?
<bogeyd6> dominicdinad, near the top, you should do a search for "security"
<dominicdinad> I see the line their hmmm
<bogeyd6> bluethundr_, its not on your system
<ScottK> bluethundr_: No it's not just a matter of apt-get dist-upgrade.
<bluethundr_> ScottK: ah ok.
<dominicdinad> I know the users I am logged in as is apart of the www-data group
<ScottK> Hardy is 8.04 in any case.
<bluethundr_> whoops
<ScottK> Are you on Dapper, 6.06 or Hardy 8.04?
<bogeyd6> courier-authlib-mysql is not available in 6.06
<bluethundr_> 6.06 is dapper,
<bluethundr_> I am on dapper
<bogeyd6> dominicdinad, can you pastebin your smb.conf ?
<bluethundr_> bogeyd6: thanks for the tip.. I guess I can download it
<bogeyd6> bluethundr_, courier-authlib-mysql is not available, you will need to steal another package from the earliest release and attempt to force it to install without requirements
<ScottK> bluethundr_: LTS to LTS upgrade to Lucid, 10.04 is not recommended until 10.04.1 comes out in ~3 months.
<bluethundr_> bogeyd6: ah, good idea
<dominicdinad> bogeyd6: will try
<bogeyd6> ScottK, he already stated he cant change the 6.06
<bluethundr_> ScottK: good tip
<ScottK> OK.
<bogeyd6> 6.06 is end of life bluethundr_ :(
<bluethundr_> bogeyd6: gotcha!
<bogeyd6> !pastebin | dominicdinad
<ubottu> dominicdinad: For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://tinyurl.com/imagebin | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<bogeyd6> :)
<dominicdinad> bogeyd6: Im connected via SSH :/
<bogeyd6> dominicdinad, putty?
<ScottK> bogeyd6 and bluethundr_: 6.06 has another year and a month of support for servers.  It's not end of life.
<dominicdinad> yes
<dominicdinad> !putty
<ubottu> PuTTY is an !SSH client for Windows. Please see: http://www.chiark.greenend.org.uk/~sgtatham/putty/ for it's homepage and downloads. See also !scp (Secure CoPy)
<bogeyd6> ScottK, https://wiki.ubuntu.com/Releases
<dominicdinad> !scp
<ubottu> SCP is a secure way of copying files across networks using !SSH. Usage: scp filename user@host:filename - WinSCP is a client for Windows, available at http://winscp.net/
<bluethundr_> ScottK: understood. thanks for the clarification
<bogeyd6> dominicdinad, please just sudo cat /etc/samba/smb.conf and then highlight the text press cntrl + c then go to pastebin and paste it
<ScottK> bogeyd6: That page says June 2011 (Server) as EOL for Dapper server.
<bogeyd6> I stand corrected, you are right ScottK
<bogeyd6> bluethundr_, look what i found, http://packages.ubuntu.com/dapper/courier-authmysql
<bluethundr_> bogeyd6: dude, you rool! \m/
<ScottK> Universe wasn't enabled by default in Dapper.
<ScottK> You have to enable it before packages from it are visible.
<bluethundr_> bogeyd6: muchas gracias and a margarita for your cinco de mayo
<bluethundr_> ScottK: excellent
<ChmEarl> on lucid server, I fire wget from /etc/rc.local but network is not up yet
<ChmEarl> so I think maybe fire an #at script to delay now+30 seconds
<ChmEarl> by the time I get the login, network is up
<ChmEarl> any suggestions? the rc.local works on karmic on the same box - network comes up a few seconds earlier on karmic
<dominicdinada> bogeyd6, http://pastebin.com/cuCCKHnz
<bogeyd6> dominicdinada, starting on line 348
<dominicdinada> ok
<ChmEarl> is it a bad idea to build an #at job with shell via rc.local
<bogeyd6> dominicdinada, changes submitted
<dominicdinada> ok
<bogeyd6> http://pastebin.com/NHb9fZJk
<bogeyd6> line 351 being most important
<dominicdinada> correct that is what I was asking about the user inheritance ? or just add user1,user2
<dominicdinada> or security = user
<bogeyd6> you want to deinfe a create mask?
<bogeyd6> well security = user allows you to authenticate
<dominicdinada> ok I will try adding 2 users that are created on here
<bogeyd6> see like create mask = 0774
<bogeyd6> would allow any users in the group and including the owner to r/w the files
<jetole> does anyone know how to see all options of a d-i line in preseed. For example, right now I am looking at d-i partman-auto/init_automatically_partition and I don't know what possible values I can place there are
<dominicdinada> so i could add the create mask to the smb.conf in that share?
<dominicdinada> or chmod the folder
<dominicdinada> ok my www folder is owned by www-data.... the file permissions are drwxrwx--- which is 773 right ?
<dominicdinada> eer 770
<ScottK> jetole: There is and #ubuntu-installer channel.  IDK if they take support questions in there or not, but I expect most people who'd know are either recovering from last week's release or getting ready for next week's Ubuntu Developer Summit.
<ScottK> is and/is an
<jetole> ScottK: thanks
<jetole> didn't know said channel was there
<ChmEarl> wow problem solved. Its easy to script the #at cmd with here-is literal
<smoser> akgraner, i'm actually on a swap day tomorrow. I dont have any big plans at the moment. i'll see if I can't make it in. no promiess though :-(
<akgraner> smoser, ok  - any suggestions for who else can field cloud questions?  zul ^^^
<akgraner> smoser, appreciate it if you can - but enjoy some time off  - :-D  no worries
<smoser> i dont know :-(
<akgraner> smoser, okie dokie :-)
<AdamDV2> Does anyone have a working mysql+Apache solution?
<twb> !anyone
<ubottu> A large amount of the first questions asked in this channel start with "Does anyone/anybody..."  Why not ask your next question (the real one) and find out?
 * ajmitch would assume that there are a few people with a working apache & mysql
<twb> Probably mysql.com and apache.org do, at least :-/
<ajmitch> mysql.com probably runs on an oracle DB by now
<twb> Server: Apache/2.2.13 (Fedora)
<twb> Does Oracle even support Fedora (as opposed to RHEL)?
<AdamDV2> Okay, lets rephrase.
<AdamDV2> Can anyone link me to a guide to getting apache work with mysql auth?
<twb> AdamDV2: did you try the Ubuntu server guide?
<AdamDV2> I'm not looking to install mysql+apache
<AdamDV2> I'm looking on how to setup libapache2-mod-mysql, so that httpauth can be verified against a mysql db.
<twb> Oh, I missed "auth", sorry
<ajmitch> but you want libapache2-mod-auth-mysql ?
<AdamDV2> So far, it looks like its been broken since gutsy.
<AdamDV2> s/libapache2-mod-mysql/libapache2-mod-auth-mysql
 * ajmitch sees no bugs open against it
<twb> AdamDV2: if there's a specific issue that you're experiencing, you should report it.
<AdamDV2> Bug report is already filed.
<AdamDV2> It was filed back in '07, and has never been fixed
<ajmitch> bug # ?
<AdamDV2> 150649
<ajmitch> yeah, that's for apache 1.x
<ajmitch> probably why noone saw it
 * AdamDV2 facepalms
<Kaprenakis> Question about installing webmin
<lifeless> "don't" ?
<ajmitch> and he didn't even stay around long enough to see that
<lifeless> I know
<lifeless> I would not have said it otherwise ;)
<AdamDV2> Webmin is now not advocated?
<ajmitch> it never has been
<AdamDV2> I've never liked it, but I notice alot on UF love it.
<bluethundr_> I found an ubuntu deb of courier-authlib-mysql which I _really need_ to get this imap server authenticating. I tried installing it with dpkg -i to no avail... http://pastebin.com/mWK9AJxq
<twb> Nothing people like is any good
<bluethundr_> I would appreciate some help getting past this error
<twb> Hm, I meant: Nothing is any good if other people like it.  -- Diesel Sweeties #861
<lukehasnoname> I remember someone suggesting MariaDB take over MySQL as the default MySQL-fork database. Any actual chatter about that?
<twb> bluethundr_: you are getting that error because you're trying to dpkg -i "some deb I found", rather than using the normal apt infrastructure.
<twb> lukehasnoname: you'd have to talk to #mysql about that.
<lukehasnoname> I mean, in Ubuntu
<bluethundr_> well, management has mandated standardization on a rather old 6.06 dapper install... apt knows not of this package sadly with this release
<twb> lukehasnoname: as for me, I've yet to see a use case for MySQL for which postgres or sqlite wasn't more compelling.
<bluethundr_> unless there is a repo I can add that will know of it
<twb> bluethundr_: you need to explain to management that "installing some shit I found" will totally invalidate the point of sticking to an old release.
<twb> bluethundr_: but you might find that dapper-backports has what you need (if you're allowed to use it).
<bluethundr_> twb: I will.. tho they are hard headed and illiterate on these issues
<bluethundr_> yes I can use backports as long as I don't go to a newer release
<twb> Hmm, can rmadison check foo-backports?
<ScottK> Yes
<twb> What's the URL?  My (Debian) rmadison has -uubuntu and -ubpo, but no -uubuntu-bpo
<ScottK> It's included in the regular Ubuntu results
<twb> OK, so I can assume that courier-authlib-mysql isn't available in dapper-backports
<ScottK> Try clamav if you want a package known to have packages in backports
<twb> Thanks.
<twb> ScottK: yup, I see it.
<bluethundr_> ah! with backports I now see this entry with an aptitude search... BB  courier-authlib-mysql  what means the BB if I may ask?
<bluethundr_> I also see this entry: ci  courier-authmysql
<twb> bluethundr_: that's the thing you just tried to install.  BB means "broken, broken"
<bluethundr_> twb: ah, understood
<twb> IIRC ci means configured, installed.  "dpkg -l foo" will tell you the exact mapping
<bluethundr_> now I see:  c   courier-authlib-mysql  and ci  courier-authmysql
<bluethundr_> ah ok
<bluethundr_> thank you
<bluethundr_> dpkg -l tells me this: http://pastebin.com/G0C45a1V
<twb> So "rc" means "Desired=Remove, Status=Config-files"
<twb> i.e. it has been removed, but its config files remain (not purged).
<bluethundr_> oh man.. I just did a purge on courier-authlib-mysql and then tried to reinstall it.. but aptitude is not finding it now for some reason
<bluethundr_> why would purging this package cause apt to no longer know about it? how can I make it aware of it again?
<ScottK> It won't.
<bluethundr_> ScottK: purging makes apt permanently unaware of an app?
<ScottK> No
<ScottK> It doesn't affect that.
<bluethundr_> ScottK: ok, then I am unclear as to why after purging courier-auth-mysql issuing aptitude search courier that package no longer turns up as a result
<cclausen> bluethundr_: its in universe.  do you have that repo enabled?
<bluethundr_> cclausen: I believe so, let me check
<bluethundr_> yes I do have deb http://us.archive.ubuntu.com/ubuntu dapper universe
<twb> bluethundr_: apt only knew about that package because you partially installed it out-of-band with dpkg -i
<twb> cclausen: he's on dapper
<bluethundr_> twb: oh I see
<bluethundr_> so it appears that I am stuck with the problem of finding a dapper repository that is aware of this library
<twb> bluethundr_: unless you want to learn about how packaging works in dpkg/apt, you probably won't get anywhere.
<bluethundr_> twb: I am willing to learn.
<twb> Even if you did know that stuff, you might find that it's practically impossible to get <new package> onto <old release>.  I once tried to do that with mysql for a similarly stupid customer.
<bluethundr_> twb: right.. understood... it is very trying dealing with untechnical folks who describe themselves as "able to speak the language of tech" as in my particular case
<twb> BTDTBTTS
<ScottK> Note that Dapper ships with Courier 0.47 and the oldest courier-authlib-mysql we have in the archive is from Courier 0.60.1.  There is essentially a zero percent chance of those working together.
<ScottK> If you hope to do this at all, I'd grab the courier source package from Hardy and try to build it on Dapper.
 * ScottK is off to bed, so good luck.
<cclausen> bluethundr_: do you really want the courier-authmysql package?
<cclausen> that appears to be in dapper
<cclausen> bluethundr_: the actual deb might also still exist in: /var/cache/apt/archives
<deslector>  hi, anyone here with webdav experience?
<twb> !anyone
<ubottu> A large amount of the first questions asked in this channel start with "Does anyone/anybody..."  Why not ask your next question (the real one) and find out?
<deslector> he he, ok...
<deslector> have you had good experience using webdav (lucid server, apache dav module) from windows XP through the Internet?
<clintb> deslector: I've used webdav w/ mod_dav in a custom built apache ... not on Lucid. Are you having issues w/ ubuntu or just curious about mod_dav?
<deslector> clintb, just curious... never used it before, and want to know what to expect if I put the server in production, he he
<clintb> Its pretty much the reference implementation for webdav so it works very well.
<deslector> clintb, is not the dav module i
<deslector> 'm worried about... is the windows xp clients :-)
<clintb> well what are you going to have them doing?
<deslector> clintb, basically, I want to have a shared folder
<clintb> oh, you know you can use samba for that, right?
<deslector> clintb, yes, but the clients and the server are not in the same LAN
<deslector> clintb, they will be using Internet to communicate
<deslector> clintb, I know I can make samba work through firewalls, etc. but seems more complicated
<deslector> clintb, and I read webdav was supposed to be a good replacement for that scenario
<clintb> Yeah it works.
<deslector> clintb, ok, thanks for the info :-)
<forger> Hi, I've tried to install 10.04 on raid1 + lvm (/dev/md0 is /dev/sda1 + /dev/sdb1 (ext4, root); /dev/md1 is /dev/sda2 + /dev/sdb2 (swap) and /dev/md3 is lvm), and everything seems configured ok until reboot - cat /proc/mdstat shows two first raid arrays as degraded, without any member disks and /dev/md3 is rebuilding with /dev/sda and /dev/sdb as members.
<uvirtbot> New bug: #576255 in apache2 (main) "can't install apache2.2-common (2.2.14-5ubuntu8)" [Undecided,New] https://launchpad.net/bugs/576255
<lambrecht> mornin
<coffeedude> morning lambrecht
<jwoods> any way to resize a live ext3 partition?
<uvirtbot> New bug: #575917 in samba (main) "Cannot setup remote printers to Windows XP from Ubuntu 10.04" [Undecided,New] https://launchpad.net/bugs/575917
<twb> Under what circumstances would a Hardy system boot enough to be sshable, succeed in mounting swap and /boot by UUID, fail to mount /home and /srv by UUID, and return "unknown" when I run runlevel(1)?
<twb> Make that runlevel(8).
<twb> jwoods: you can grow an ext3 filesystem online, but you cannot shrink it.
<jwoods> twb: thought it was something like that
<twb> Thus, my boss has *finally* learned not to allocate 100% of the LVM to a single root filesystem.
<jwoods> heh
<tdn> I am trying to make an initrd with an init script that boots up and does the following: boots up; partitions the harddisk to one big partition; mkfs a root fs; mounts this fs; rsyncs some basic files to this partition; installs boot loader; reboots. I have created a proof of concept initrd with an init script that just echoes hello world and the exits. How can I partition the disk from this init script? How do I get acccess to tools such as fdisk
<uvirtbot> New bug: #576307 in samba (main) "error (bashism?) in postinst" [Undecided,New] https://launchpad.net/bugs/576307
<uvirtbot> New bug: #576314 in nagios3 (main) ""+" character in service_description causes causes web interface error" [Undecided,New] https://launchpad.net/bugs/576314
<PC_Nerd101> Hi,  is there any application that will change the mirror that aptitude uses to get updates?  Package manager on desktop version has a drop down from memory...  so is there an equiv on server ?
<Jeeves_> PC_Nerd101: 'vi' :)
<kamil> Hi! I've got problem with apache
<kamil> i have Listen on 80 but it dosen't listen on port 80 on nmap localhost port 80 it dosen't show and from external i have 80/tcp   closed http
<kamil> someone have idea what is wronh?
<kamil> wrong?
<PC_Nerd101> jeeves: Righteo... I might try a sed solution as an alternative.
<uvirtbot> New bug: #576332 in mysql-dfsg-5.0 (universe) "package mysql-server-5.0  not installed  failed to install/upgrade: subprocess new pre-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/576332
<uvirtbot> New bug: #576339 in rabbitmq-server (main) "package rabbitmq-server (not installed) failed to install/upgrade: ErrorMessage: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/576339
<jetole> Hey guys. unlike 9.04, 10.04 installs puppet with a no run set in the /etc/default/puppet. Now I install my OS via preseed and in 9.10 when puppet was run it automatically configured the OS however thats not happening in 10.04. Does anyone have some suggestions on how to have puppet start on new installs that can be setup from preseeding?
<zul> morning
<bluethundr_> I am trying to delete a record from a table in MySQL but failing to do so for some odd reason: http://pastebin.com/PWE5SirC
<Pici> bluethundr_: get rid of that * between DELETE and FROM
<bluethundr_> Pici: That did it... thank you! ;)
<mianosm> Hey would you guys mind looking at this: http://ubuntuforums.org/showthread.php?t=1474414
<bogeyd6>  mianosm https://help.ubuntu.com/community/Installation/LowMemorySystems
<bogeyd6> same concept
<bogeyd6> but you can build up from the cd and skip the embarassing archive timeouts
<mianosm> Not really embarrassing - just odd that you _have_ to have a network connection in order to install an OS.
<bogeyd6> it auto checks for updates
<mianosm> So I need to build my own ISO to install an OS offnet?
<bogeyd6> and really the norm is you have an internet connection
<bogeyd6> no
<bogeyd6> you just do a command line install
<bogeyd6> edit the apt sources
<bogeyd6> then apt-get install whatever you want
<mianosm> I'm fairly sure the command line install also had the same hangup, I will try again though.
<fauxhawk> anyone else having problems installing 10.04 without an internet connection?
<mianosm> fauxhawk: If the target PC has no internet access, you may want to prepare an AptOnCD iso before to continue.
<mianosm> I'm reading that as: Create your own iso, as the alternate/server installs require a network connection.
<fauxhawk> i don't have cdroms on these servers...
<cclausen> fauxhawk: so how are you installing then?
<failover> pendrive !
<fauxhawk> cclausen: usb and UNetbootin
<mianosm> I tried the pendrive way of creating a usb as well, it can't find the cdrom or drivers for the nonexistent cdrom.
<failover> mianosm, you don't need, there is a workaround !
<fauxhawk> failover: what is that
<fauxhawk> failover: I'm having the same issue as mianosm
<failover> you can pass a options too start install looking for files in usb instead cdrom !
<fauxhawk> failover: cool story bro, what are they
<failover> i will find, givme a moment !
<fauxhawk> failover: awesome!
<failover> https://help.ubuntu.com/community/Installation/FromUSBStick
<failover> go to "Know Issues" section
<failover> also use "usb-creator-gtk" instead of unetbootin !
<failover> If you get "Incorrect CD-ROM detected" error on detection stage, reboot, press F6 and then ESC to go to manual boot line editing, and add the option 'cdrom-detect/try-usb=true
<cclausen> kamil: could a firewall be blocking port 80?  does port 80 show in netstat -ant output?
<fauxhawk> failover: the issue isn't detecting the CDROM, it's that the installer is looking for a network mirror
<fauxhawk> i do not have a network connection on the server
<fauxhawk> *internet connection
<fauxhawk> it's in a test server farm
<failover> fauxhank, my tip is for mianosm !
<fauxhawk> failover: mianosm and i are having the same issue
<failover> <mianosm> I tried the pendrive way of creating a usb as well, it can't find the cdrom or drivers for the nonexistent cdrom.
<fauxhawk> oh ok
<mianosm> failover: I'll give it a try, do you have a link for the usb-creater.exe I can't seem to find the one that is mentioned in the documentation.
<failover> usb-creator-gtk comes with ubuntu !
<mianosm> I need usb-creator.exe
<failover> fauxhawk, you can use a pendrive to install ubuntu-server from a dvd iso maybe !
<mianosm> Sadly, I have to use exe's and such for work.
<ScottK> mianosm: It's on both the Ubuntu web site and pretty much all the current ISOs.
<mianosm> ScottK: can you paste in a link, I'm really bad at Internets today I guess. :(
<failover> mianosm, i don't think there is a usb-creator-gtk for windows, but you can run from a livecd :)
<ScottK> Sorry, I don't know where exactly.
<ScottK> failover: There is a usb-creator for Windows.
<mianosm> I don't know where either - the 10.04 iso definitely did not have any *.exe in it when I unzipped it.
<cclausen> tdn: you probably need to either copy the tools you need (and dependencies) into an initrd.  Or, I would look at making your own modified installer and using that instead.
<failover> Ok, now i think there is a usb-creator-gtk, i just never saw one !
<failover> :)
<failover> * for  windows !
<ScottK> I'm not sure if it's on the server ISO.  I know it's on desktop and kubuntu.
<mianosm> I find it odd that alpha and beta went by without anyone having this issue. :( Setting up cluster nodes with NFS I would think would replicate this issue.
<fauxhawk> ScottK: http://en.wikipedia.org/wiki/Ubuntu_Live_USB_creator
<fauxhawk> ScottK: says there is not windows version but it is planned
<ScottK> fauxhawk: Then it needs to be updated.
<failover> :)
<fauxhawk> ScottK: cool, someone should update it and point to the windows versin
<fauxhawk> *version
<ScottK> I agree.  Someone should.
<SlipperyChicken> we're deploying a new server into a data center.  i'm torn between using RAID10 or using LVM over a bunch of RAID-1's
<SlipperyChicken> all opinions welcomed. :)
<SlipperyChicken> it's going to be your basic LAMP with postfix and file storage.  we'll want to grow storage as needed.
<_ruben> SlipperyChicken: I'd use LVM either way .. and if it's truly hardware raid, I'd go for raid10
<_ruben> then again, it also depends on the capabilities of your raid controller
<bogeyd6> does it _ruben , does it?
<bogeyd6> its probably fakeraid and we all know how linux feels about that
<bogeyd6> and i quote
<_ruben> whether or not it support growing your luns
<bogeyd6> FakeRAID is not supported by Ubuntu. Trying to install Ubuntu on such a partition could easily result in the loss of all your data.
<SlipperyChicken> it's a supermicro board coming in.
<_ruben> i would never recommend fakeraid
<bogeyd6> yah see
<bogeyd6> fakeraid
<SlipperyChicken> it's got a MegaRaid controller on it apperently.
<_ruben> doesnt have to be .. we have supermicro systems with adaptec hardware raid controllers in em
<bogeyd6> AOC-LPZCR2  is a real raid card from super micro
<bogeyd6> Problem is, if the raid card is not a completely separate (plug that sh*t in) card it is fakeraid IMHO
<bogeyd6> any integrated raid is too risky to trust in production, again IMHO
<SlipperyChicken> they're just a seperate SATA controller that the driver connects do, arn't they ?
<SlipperyChicken> to *
<SlipperyChicken> SUPERMICRO MBD-X8DTi-LN4F-O Dual LGA 1366 Intel 5520 Extended ATX Dual Intel Xeon 5500 and 5600 Series Server Motherboard
<_ruben> check the specs, when in doubt, go with software raid
<SlipperyChicken> if that helps
<bogeyd6> its fakeraid :(
<SlipperyChicken> that's what we're thinking, i'll check.
<_ruben> either way, i'd keep the "raid" stuff in the same place, so no raid0 (hw or mdadm) + striping in lvm, just do it all in hw/mdadm then
<Pici> software raid is fakeraid
<bogeyd6> ubottu disagress
<_ruben> i'd say fakeraid is (an implementation of) software raid .. software raid doesnt have to be fakeraid
<SlipperyChicken>     *  Intel ICH10R SATA 3.0Gbps Controller
<SlipperyChicken>     * RAID 0, 1, 5, 10 support (Windows)
<SlipperyChicken>     * RAID 0, 1, 10 support (Linux)
<_ruben> in my book atleast
<SlipperyChicken> mind the flood.
<_ruben> ich10r, fakeraid
<_ruben> go with mdadm raid10 then
<SlipperyChicken> fork.
<bogeyd6> SlipperyChicken, https://help.ubuntu.com/community/FakeRaidHowto
<Pici> _ruben: right, sorry.
<tdn> cclausen, ok.
<jeiworth> hi all, looking for a decent howto to enable vnc server on a machine that has no display attached to it but it seems a bit hard to find, the ubunutu-desktop package is installed so it has x and gnome but i can't activate a display for x, so startx doesn't run...
<SlipperyChicken> what's RAID-10 like to manage using mdadm ?   i've only used RAID-1
<SlipperyChicken> jeiworth, tightvnc.
<_ruben> SlipperyChicken: the debian/ubuntu installer doesnt support raid10, but you can create a mdadm raid10 volume with the mdadm command yourself just fine (even during the install and the installer will pick it up)
<_ruben> man mdadm
<SlipperyChicken> _ruben, what's it like to expand ?
<SlipperyChicken> say, if we needed another 2TB's 6 months from now.
<_ruben> SlipperyChicken: should also be in the manpage, i never needed to do that myself
<_ruben> it is supported though afaik
<_ruben> well, i did do it years ago, when it wasnt really supported yet
<SlipperyChicken> what about performance ?
<_ruben> what about it?
<_ruben> "it's good"
<SlipperyChicken> how do they compare.  i've only been reading opinions, and can't find cold hard data comparing them.
<SlipperyChicken> i guess.. we'll be using LVM regardless, it's just the matter of RAID-1 vs LVM mirroring.
<jeiworth> SlipperyChicken thx, will check it out, although i'd prefer preinstalled vino-server...
<SlipperyChicken> RAID-1 you have to use the exact same drive, right ?
<SlipperyChicken> bogeyd6, any thoughts to the above ?
<bogeyd6> i am unsure how to proceed, we dont use physical drives here, everything is on iscsi
<_ruben> LVM does mirroring? thought it only did (basic) striping
<bogeyd6> SLES servers setup in a SAN
<jeiworth> SlipperyChicken: well, anyway, tighvnc worked like a charm right from the start so thanks :)
<jeiworth> +t
<_ruben> those SANs dont use physical drives either ? ;)
<bogeyd6> _ruben, storageworks
<SlipperyChicken> jeiworth, no problemo, check out the resolution and bit depth too, turning them down will make it run faster over DSL and junk.
<SlipperyChicken> looks like LVM over a bunch of RAID-1's is my best option.
<jeiworth> SlipperyChicken, yeah, i directly initialized with those params, now trying to figure out how to use display 0 by default ;)
<_ruben> SlipperyChicken: be sure to look into LVM's striping options then, not sure how flexible and all they are
<SlipperyChicken> jeiworth, use this.... :0
<SlipperyChicken> or localhost:0
<SlipperyChicken> whichever.
<jeiworth> SlipperyChicken: good point, it says so in the short help as well ;) say, to have it autostart with boot it should be enough to make an entry in rc.local, right?
<SlipperyChicken> yep
<jeiworth> SlipperyChicken: ok, thx, now i just have to figure out why the keyboard is all screwed up *g*
<halvors> how can i fix that? May  5 17:02:23 ss1 dovecot: deliver(halvors-skymia.net): Fatal: Plugin cmusieve not found from directory /usr/lib/dovecot/modules/lda
<hggdh> smoser: ping
<wack47> good morning all
<zul> hggdh: i think he has the day off today
<melrokz> the ubuntu server 10.04 has no GUI???
<savid> What's the "proper" directory under which to store database backups that are transferred via NFS?
<melrokz> how do i install one?
<cclausen> melrokz: you can install packages from aptitude.  I'd say that installing a GUI on a true server can lead to problems though
<melrokz> no, I'm just learning it... so i need a GUI to start with... right?
<melrokz> what kind of problems, btw?
<halvors> it it posible to have gui on server?
<melrokz> are those packages on the install cd?
<cclausen> halvors: it is possible
<cclausen> melrokz: that I am not sure of.  I don't think the gui packages are on the server cd.
<melrokz> hmm.. I think i have to go 4 a course on ubuntu server then...
<cclausen> melrokz: you can have security problems with X, etc.  the more things on your server means the more things you need to patch and better chances of something causing some weird compatibility problem with their other software or hardware
<melrokz> will RHCE do? or will i have to learn anything extra?
<cclausen> Is that a Red Hat source?
<cclausen> err, course
<melrokz> yup
<melrokz> red hat certified engineer
<hggdh> zul, thanks
<cclausen> certain commands are specific to distros.  Learning how rpms work in Red Hat won't help you with debs and apt in Ubuntu
<TeTeT> melrokz: you can install the GUI on Ubuntu server, but the GUI components will only be supported for 3 years, not for 5 years as server components for Ubuntu 10.04 LTS
<cclausen> certainly the course can't hurt when learning general Linux commands, but some of the information taught won't be applicable on Ubuntu
<cclausen> TeTeT: yeah, true.  that is the other reason not to install the GUI
<TeTeT> melrokz: there are Ubuntu specific courses available from Canonical, see http://www.ubuntu.com/training/certificationcourses
<melrokz> In India?
<TeTeT> melrokz: we're looking currently for training partners there, but some courses are e-learning, others are taught via the Internet
<TeTeT> melrokz: so you might go with UCP e-learning, and then take the Deploying Ubuntu server online course (just for example)
<halvors> how can i fix that? May  5 17:02:23 ss1 dovecot: deliver(halvors-skymia.net): Fatal: Plugin cmusieve not found from directory /usr/lib/dovecot/modules/lda
<melrokz> hmm... how come red hat has a GUI then? Does it mean that red hat is less stable?
<melrokz> i've to make thechoice.
<melrokz> the choice
<TeTeT> melrokz: check https://help.ubuntu.com/community/ServerGUI for reasons why it is not enabled by default on Ubuntu
<melrokz> k, thanks.
<melrokz> but i think u could provide it as an option on the CD (if harmless :-))
<bogeyd6> i cant keep using the mirror.anl.gov. i need to setup my own mirror i think
<melrokz> hmm... i see... "user-friendly" brings in more problems!
<cclausen> halvors: the plugin is missing.  find out which one and install it, or configure dovecot to not use it.
<melrokz> just for learning... can i get an ubuntu server cd image with a GUI???
<cclausen> I would do it the other way
<cclausen> get the normal desktop cd
<cclausen> and just install the server packages that you need
<cclausen> you can install packages from botn cds on the same system if you do it right
<cclausen> or, just download from the online repositories
<jcastro> zul, ok so the bot will message you
<jcastro> and then !q to the bot shows you the question the person is asking
<jcastro> then you can !y or !n if you want to answer it or not
<zul> gotcha
<jcastro> and the bot will paste the question into the channel
<skrite99> someone know of a good up-to-date info on tuning mySql tables (especailly MyISAM)  i am finding lots of info but on old equipment. 'if your server has more than 256 megs of RAM..... etc..'
<Mrsome1> hello
<Mrsome1> how I can go to bugzilla admin panel ?
<zul> server q+a going on at #ubuntu-classrom right now
<uvirtbot> New bug: #576413 in samba (main) "smb:// in nautilus stoped working with DNS domain after upgrading to lucid" [Undecided,New] https://launchpad.net/bugs/576413
<halvors> cclausen: how can i install it?
<cclausen> halvors: I'm not sure what package you need.  if you know the package name, use aptitude to install it.
<halvors> i dont know what the package name is so what should i do then?
<cclausen> halvors: check this bug report
<cclausen> https://bugs.launchpad.net/ubuntu-release-notes/+bug/516040
<uvirtbot> Launchpad bug 516040 in ubuntu-release-notes "dovecot sieve plugin renamed from cmusieve to sieve" [Undecided,Fix released]
<uvirtbot> New bug: #576501 in vm-builder (universe) "vmbuilder doesn't recognize --ec2 flag" [Undecided,New] https://launchpad.net/bugs/576501
<thesheff17> anyone good with pxeboot settings here?  I'm looking to run a post command that gets a python script from a local web server with wget and it never works?
<thesheff17> I have tried d-i preseed/late_command string wget http:/10.1.1.1/PostInstall.py; in-target chsh -s /bin/zsh
<savid> Hi.  getting this error when starting nfs-kernel-server:  * Not starting NFS kernel daemon: no support in current kernel.
<thesheff17> which version?
<savid> thesheff17,  1:1.2.0-4ubuntu4
<thesheff17> hmm..it should be like 9.04, 9.10, 10.04 etc
<thesheff17> have you installed these packages? sudo apt-get install nfs-kernel-server nfs-common portmap
<savid> thesheff17,  oh, ubuntu version?   10.04
<savid> thesheff17,  yes, all of those are installed
<thesheff17> well then you may have to modprobe it
<thesheff17> odd that it isn't built in by default
<savid> I modprobed "nfs",  didn't do anything
<savid> I may just install unfs3 instead.
<thesheff17> yea that looks good to
<thesheff17> make sure you are root
<thesheff17> I just did modprobe nfs and no problem
<thesheff17> w/ ubuntu 10.04 amd desktop
<thesheff17> also lsmod | grep nfs
<thesheff17> works fine
<Hypnoz> thesheff17: I am using a kickstart type file with pxe, and at the end of it I have it wget a lot of files
<Hypnoz> thesheff17: wget -q http://10.1.48.1/pxe/linux/etc/resolv.conf -O /root/pxe/resolv.conf
<thesheff17> installing ubuntu?
<Hypnoz> thesheff17: yeah, 8.04 LTS.
<mneptok> after an in-place upgrade from Karmic to Lucid my thttpd daemon no longer launches from init. there's no interesting output in /var/log/messages|thttpd.log|syslog|etc. any thoughts?
<thesheff17> well I'm wondering if it works with 10.04...and I'm running amd64 bit....
<thesheff17> doe thttpd have its own log files?
<mneptok>  /var/log/thttpd.log
<thesheff17> Hypnoz could you post that file somewhere so I can see it?
<thesheff17> this preseed.cfg file is a pain
<mneptok> there's no output at all there. there's onlt http access logs from the previously working instance in /var/log/thttpd.log.1 etc etc
<thesheff17> I would check permissions
<thesheff17> or also a higher debug level....I do hate when you don't get no indication what is going on.
<Mkools> For using tomcat6 I have edited my .bashrc file, do I also need to edit /etc/environment file?
<mneptok> thesheff17: i'd be very, very displeased if a permissions issue happened on an *upgrade*
<tesseracter> hi. im trying to add a user to a server that only allows ssh key access, they are getting permission denied. i added them as a user, added .ssh dir, added a pubkey to authorized_keys, chmod is set to 600. they are connecting with ssh username@dev.host.com. I currently log in the same way, to the default ubuntu user account.
<Mkools> Can any one please help?
<SlipperyChicken> if anyone has one of those IBM Netfinity 5000 servers and has the administrator password locked out, pull the BIOS/CMOS off and turn it on.  It'll boot without the chip in.  Problem solved. :D
<SlipperyChicken> tesseracter, are you using the same key ?
<tesseracter> SlipperyChicken, no, its a different user, so its their key, and they cant connect.
<SlipperyChicken> but you can connect ?
<tesseracter> yes, I connect, they get permission denied, so ssh is configured correctly, at least for the default user.
<SlipperyChicken> can you connect with a key and log in without a password ?
<tesseracter> SlipperyChicken, yup. it asks me once the first time after a reboot, but after that, no password.
<mianosm> I had a question earlier, and have figured out the work around for it, if someone is looking for it (now or in the future): http://ubuntuforums.org/showthread.php?t=1474414
<SlipperyChicken> are the permissions the same for both accounts in .ssh/ and authorized_keys ?
<mianosm> Also, to use keys with ssh - your home directory can not have +write for group/others.
<SlipperyChicken> mianosm, are you sure ?
<SlipperyChicken> a server at work is like this.
<mianosm> Yes, I made my home directory writable to my group - and ssh will not allow me to use a key with that permission.
<Mkools> mianosm: Can you help me?
<SlipperyChicken> with read/write/exec on owner and group
<mianosm> ~ can not be 77?
<mianosm> Make it 755 and test it ;)
<SlipperyChicken> oh i see what you're gettin' at. :)
<SlipperyChicken> nvm . :)
<tesseracter> SlipperyChicken, no, interestingly enough. ubuntu .ssh is set to 700, auth_keys to 755, newuser is 644 for .ssh, 600 for auth_keys.
<tesseracter> and everything in ls -Al /home/ is 755.
<SlipperyChicken> set everything to the same as yours.
<tesseracter> SlipperyChicken, changed the permissions. the only thing left that is different is the key values, and the user:group names.
<tesseracter> still perm denied.
<SlipperyChicken> ask the user to debug the ssh connection
<SlipperyChicken> see what's failing
<tesseracter> (just checked /etc/ssh/sshd_config. no allow or deny user lines or anything either.)
<zul> interesting smbfs is gone from debian unstable
<tesseracter> SlipperyChicken, -v gives a bunch of stuff, ending with the user offering id_rsa and id_dsa, then saying not more keys to try. permission denied. am I missing something dead simple, or is this puzzling?
<stanman246> i've got 4 disks, one of them is faulty. Pulled them off a Buffalo Terastation Nas. How do i access the array when i put them into a 10.04 livecd?
<mcas_> stanman246: which type of array?
<RoyK> stanman246: md or hw raid?
<stanman246> software
<stanman246> if i run mdadm -E /dev/sdb6 i can see that from the 4 disks one is faulty and removed
<RoyK> cat /proc/mdstat should show if it's detected
<stanman246> it's not
<stanman246> no personalities an <none> unused devices
<RoyK> hm.. are the drives tagged?
<stanman246> kinda new on this, how do i see if they
<RoyK> should be automatically detected if they were
<stanman246> are tagged...
<RoyK> the old box - did that see the array?
<stanman246> well i had to apt-get install mdadm with the livecd
<RoyK> do you have access to its root dir?
<stanman246> it's from a terastation nas
<stanman246> as in mount the sdb6 to /mnt/disk6?
<RoyK> I guess sdb6 is only one of four drives?
<RoyK> or sdb
<stanman246> sdb is
<stanman246> have got sda ... sdd
<stanman246> being the disks
<RoyK> can you install ubuntu onto something and boot from it while the drives are attached?
<stanman246> not really, only got 4 sata ports
<RoyK> an usb pen?
<stanman246> if i try to mount sdb6 i get: mount: unknown filesystem type 'linux_raid_member'
<RoyK> you need md to see them
<stanman246> am running of an usb pen (ubuntu livecd 10.04)
<stanman246> md?
<RoyK> multiple devices
<RoyK> the linux raid thing
<RoyK> https://raid.wiki.kernel.org/index.php/Autodetect
<stanman246> could i assemble the array with mdadm without using the faulty disk?
<stanman246> md isn't in the ubuntu livecd?
<RoyK> can't remember - thought it was, though, but not sure
<stanman246> is there some mdadm command to check if it is?
<stanman246> mdadm 'sees' the raid array 0 through 3
<stanman246> err...
<stanman246> it sees 3 active devices
<skrite99> hey all, i have a server that doubles as an IVR server with asterisk. Durring peak times, when the procs are all maxed out, the voice quality on asterisk suffers. Is there a way i can dedicate resources to asterisk that will not be used by anything else?
<stanman246> and one failed
<thesheff17> skrite99 you can use nice command
<thesheff17> put asterisk as a higher priority
<RoyK> skrite99: first of all, asterisk sucks. next, try to nice out the other stuff. asterisk can be started in 'real time priority' (-p iirc), but this can make the system hang completely if (or when) asterisk fucks up
<RoyK> skrite99: also make sure the jitterbuffer is enabled
<thesheff17> haha I had no idea what asterisk is.....
<RoyK> it's a PoS VoIP solution
<RoyK> I used to work with it for some years
<thesheff17> and as soon as I saw pbx I shuttered a little.
<RoyK> it's so pbx you can't use it for anything bigger than a small in-house thing
<RoyK> they even refuse to fix the RTP stack, because 'it's not meant to be a softswich'
<RoyK> try to bridge 200 calls through ass-trix and the box is likely to die
<RoyK> 100 calls will make them all sound like micky mouse
<thesheff17> hehe
<codecowboy> hi. do any / all of these EC2 Lucid Lynx instances include a LAMP stack? http://uec-images.ubuntu.com/releases/10.04/release/
<mcas_> stanman246: no md on live cd only alternate or server cd
<RoyK> if asterisk was run as an open source project, things would be fixed quite quickly, but alas, it's not. its controlled by digium.com and they don't let any code in unless you sign their disclaimer, which is like giving away your fist-born
<stanman246> darn.... well i did an apt-get install mdadm and tried mdadm --assemble /dev/md0 /dev/sda6 *and so on
<wack47> i upgraded my distro from 8.10 to 9.04 and now for some reason i get this error in my kernel log http://pastebin.com/FRL35Zpm
<wack47> it happens no matter which kernel i try to boot
<RoyK> see http://karlsbakk.net/fun/asterisk_architecture.jpg for an architectural overview and http://karlsbakk.net/fun/asterisk-installation.wav for what'll happen next
<stanman246> it said mdadm: /dev/md0 has been started with 3 drivers (out of 4)
<RoyK> thesheff17, skrite99: those were for you :)
<stanman246> in /dev md0 is visible
<RoyK> can you mount /dev/md0?
<stanman246> next i tried to mount m0, but got me a "mount: structure needs cleaning" back
<skrite99> RoyK, thanks
<thesheff17> haha
<skrite99> RoyK, looking up the jitterbuffer
<stanman246> now i need to clean md0?
<RoyK> clean?
<mcas_> stanman246: do you have a new disk to replace the faulted one?
<stanman246> not now
<RoyK> skrite99: I ordered the jitterbuffer to be written some time back and it was included in asterisk 1.4. not sure if it'll help you, though
<stanman246> i thought i'd copy the content to an usb disk
<RoyK> skrite99: check the i/o load - that's the worst beast on linux
<skrite99> RoyK, what alternative to asterisk should i look into?  Asterisk is what we are using now with a digium card, but  i am not married to it.
<RoyK> freeswitch is quite good
<skrite99> RoyK, and thanks for your help
<stanman246> can i assemble anyway with one disk missing?
<stanman246> or somehow clean the structure?
<RoyK> stanman246: you should have access to your data even with a disk missing
<RoyK> that is, if this is raid5 or raid6
<RoyK> one drive missing from a stripeset (aka raid0) means you're fucked
<codecowboy> hi. do any / all of these EC2 Lucid Lynx instances include a LAMP stack? http://uec-images.ubuntu.com/releases/10.04/release/
<mcas_> stanman246: perhaps this link can help you out
<mcas_> http://www.linuxquestions.org/questions/linux-general-1/raid5-with-mdadm-does-not-ron-or-rebuild-505361/
<skrite99> RoyK, how do i see i/o load?
<RoyK> sar / top / vmstat
<RoyK> sar is quite nice
<RoyK> apt-get install sysstat
<skrite99> cool, thanks
<RoyK> skrite99: if you enable it in /etc/default/sysstat and start it /etc/init.d/sysstat start - it'll run periodically and you can run 'sar' to see the load over time
<wack47> i upgraded my distro from 8.10 to 9.04 and now for some reason i get this error in my kernel log http://pastebin.com/FRL35Zpm
<wack47> it happens no matter which kernel i try to boot
<RoyK> does it start?
<wack47> royk: you asking me if it starts?
<RoyK> does the box start?
<wack47> royk: yes it starts and runs fine, but restarts on my 3 times a day
<wack47> sometimes i have to manually restart it
<RoyK> that's a bitch
<RoyK> find anything in the logs before the restart?
<wack47> yeah you are telling me, the boss doesnt like it either
<wack47> nope
<RoyK> I doubt that problem in the logs are related to this
<RoyK> possibly a faulty driver
<RoyK> can you attach a serial console to this?
<Pirate_Hunter> hi people if I wanted to encrypt all data communication on my box what are the options available?
<blinkin21> hello
<Pirate_Hunter> RoyK, sounds like something is overheating on your box at least that was a problem I had with another box
<blinkin21> i was wondering if you could help me with a matter regarding SASL AUTH
<RoyK> Pirate_Hunter: not my box :)
<blinkin21>  i am performing some tests
<Pirate_Hunter> RoyK, the positive side less of a worry for you
<blinkin21>  and i couldnt say why different results
<wack47> Roky: yes i can
<blinkin21> root@mail:/etc/default# testsaslauthd -u andrei@sama.ro -p andrei
<blinkin21> connect() : No such file or directory
<wack47> oops sry RoyK
<wack47> not Roky
<wack47> lol
<blinkin21> root@mail:/etc/default# testsaslauthd -u andrei@sama.ro -p andrei -f /var/spool/postfix/var/run/saslauthd/mux -s smtp
<blinkin21> 0: OK "Success."
<RoyK> wack47: attach a serial cable and use minicom or something on another station - log it all
<wack47> gotcha
<Pirate_Hunter> encrypting data communication on a webserver can anyone suggest ways to do so specially on sending and receiving requests
<thesheff17> Pirate_Hunter just use SSL
<Pirate_Hunter> thesheff17, hmmm thought their were more options...
<RoyK> Pirate_Hunter: why?
<[diablo]> hi, good evening. Does anyone know please when 10.04 JEOS will surface please?
<RoyK> [diablo]: doesn't installing jeos 8.04 and do-release-upgrade help?
<Pirate_Hunter> RoyK, huh...? is that why, to my last post to you?
<[diablo]> mmm aint tried that actually
<[diablo]> however an ISO would be nicer ;-)
<wack47> Royk: also cant update anything related to apache, php5, or mysql! http://pastebin.com/xTnZcSVU
<CaptainTrek> how can I reboot apache?
<CaptainTrek> whats the command?
<RoyK> Pirate_Hunter: there aren't any other good ways of encrypting web traffic than (a) SSL or (b) VPNs
<Pici> CaptainTrek: sudo service apache2 restart
<RoyK> CaptainTrek: apache2ctl restart
<RoyK> CaptainTrek: apache2ctl graceful
<RoyK> something
<dominicdinada> anybody using ebox in here?
<Pirate_Hunter> RoyK, awww ok at least now I know
<CaptainTrek> holy hell, Pici, you're literally everywhere, huh?
 * RoyK prefers the commandline
<thesheff17> Pirate_Hunter...yea everyone just use SSL no reason not to...are you looking for a specific feature?
<Pici> CaptainTrek: I'm in ~50 ubuntu related channels.
<CaptainTrek> Pici: o.O
 * RoyK is in one ubuntu-related channel
<Pirate_Hunter> thesheff17, at this moment I can't really say, I guess just seeing what is available for encrypting data communication on different level, i.e. admins working together, or requests from other boxes (other than ssh) etc
<dominicdinada> Anybodyusing Ebox in here ? that can help with module errors
<RoyK> Pirate_Hunter: just use ssl
 * RoyK still prefers the commandline
<RoyK> web-based administration ftl
<CaptainTrek> Pici: can I ask you to do me a favor via PM?
<thesheff17> yea I just use SSL and SCP/SSH....there are other encryption methods like http://code.google.com/p/cryptsetup/
<thesheff17> for encrypting actual files
<Pici> CaptainTrek: go ahead
<Pirate_Hunter> RoyK, sure that is my main option
<dominicdinada> RoyK: I dont care that you prefer to use the command line im asking about problems with web interface
<Pirate_Hunter> thesheff17, will check that link out doubt I will ever use it
<thesheff17> I use it when I offsite hard drives
<thesheff17> to whatever backup company
<thesheff17> I guess if you where really paranoid you could encrypt the files and then transfer them over scp & ssl....but there is really no reason
<dominicdinada> there is sftp also
<thesheff17> as long as your ssh keys are big enough you have nothing to really worried about.
<dominicdinada> sftp is built into ubuntu-server just make sure you are using a client that supports sftp
<thesheff17> and good passwords
<thesheff17> I prefer to use rsync tunneling through scp....very fast transfers
<RoyK> thesheff17: passwords? why not keys?
<Pirate_Hunter> ooooh ok that may be helpful, I think I did read about luks somewhere or at least the name I think it was something about how heavy it was and not light at all... maybe... not sure any more but will definitely look at it now
<thesheff17> even if your ssh keys are very long and someone gets your password....they have access to your system.
<Pirate_Hunter> thesheff17, rsycn tunnelling through scp how you do that
<thesheff17> when I used luks I actually encrypted the whole drive....and then you just mount it
<RoyK> thesheff17: if someone gets your password, you're fucked anyway
<thesheff17> it was pretty fast
<Pirate_Hunter> considering how unstable in a way is the current box setup errrh raid 0s with lvm, that may be helpful for full storage backups
<thesheff17> rsync uses ssh by default
<RoyK> Pirate_Hunter: raid0 is quite a sport
<thesheff17> rsync also has compression
<thesheff17> built int
<RoyK> -z
<RoyK> or --compress-level=something
<thesheff17> yup
<RoyK> but nothing by default
<CaptainTrek> how can I change the ports that Apache listens on?  so that I can only allow access through say port 80 and not 8080?
<RoyK> unless you enable gzip in ssh
<CaptainTrek> excluding firewall-side settings
<RoyK> CaptainTrek: ports.conf
<thesheff17> CaptainTrek the default port is 80
<CaptainTrek> okay, so port 8080 isnt used?
<CaptainTrek> unless configged?
<RoyK> no
<thesheff17> usually tomcat uses 8080
<Pirate_Hunter> RoyK, :p it makes sense considering the box will be running with two/three more boxes etc with a distribution file system
<thesheff17> and jboss
<RoyK> Pirate_Hunter: which fs?
<Pirate_Hunter> RoyK, at the moment its been stuck between gluster and mogilefs as preferred choice. Ceph looks really good but under heavy testing :(
<Pirate_Hunter> Hadoop also showed up but... (I'll leave it as that)
<skrite99> RoyK, hey, got some sanity back into my  IVR system, have the stats monitor, great help.
<RoyK> skrite99: np
<RoyK> skrite99: I'd recommend using something else than asstrix, though
<stanman246> RoyK: got a bit further with the raid issue
<stanman246> RoyK: but when i try to mount i ge a "structure needs cleaning"
<stanman246> xfs_repair wants me to destroy the log, but am a bit scared to do so. Don't know i i'd lose data
<RoyK> the log may contain new data not written to disk
<RoyK> but probably not very much
<stanman246> so if i'd dd if=/dev/md2 of=/media/largeDisk and then xfs_repair -L i would be safe wouldn't I
<stanman246> ?
<RoyK> I'd backup the separate disks if I were you
<RoyK> if you have space for it
<RoyK> dd if=/dev/sda of=somelargefile1
<RoyK> etc
<stanman246> i can mount it with -o ro,norecovery
<RoyK> then it should be safe - but then - just my two cents
<stanman246> and when I df -H i can see the amount
<stanman246> of data sitting in the mnt dir
<RoyK> do you have sufficient space to back it up?
<stanman246> the mounted dir?
<dominicdinada> !master
<ubottu> This bot is owned by jussi01 and kindly hosted by mFabrik - http://mfabrik.com/ - Questions about ubottu should be asked in #ubuntu-bots
<dominicdinada> !master mode
<dominicdinada> !mode
<ubottu> There are many different channel and user modes on Freenode (see !freenode). Here's a list: http://freenode.net/using_the_network.shtml
<RoyK> stanman246: yes
<guntbert> !askthebot | dominicdinada
<ubottu> dominicdinada: Please investigate with me only with "/msg ubottu Bot" or in #ubuntu-bots.  Search for factoids with "/msg ubottu !search factoid".
<stanman246> it's 530G I can put that to the 1T usb
<RoyK> stanman246: if you have, back it up first, then try to recover
<RoyK> back it up, play with it later
<dominicdinada> !ot | guntbert
<ubottu> guntbert: #ubuntu is the Ubuntu support channel, for all Ubuntu-related support questions. Please use #ubuntu-offtopic for other topics. Thanks!
<stanman246> but if i enter the dir and ls -la i get false data
<RoyK> stanman246: rsync -avP /source /dest
<RoyK> then, after that has made a copy of what can be done, move on
<guntbert> dominicdinada: ?? please don't send random commands to ubottu in the channel
<dominicdinada> I was asking a question
<stanman246> i'd be copying the false data right?
<RoyK> possibly, yes
<RoyK> but better than losing the whole set
<dominicdinada> about how to tell if my cards support master mode
<stanman246> ur right
<dominicdinada> of the 3 that is
<guntbert> dominicdinada: what question? I saw only several bot commands
<dominicdinada> guntbert: about an hour ago i asked along with ebox
<stanman246> what if i'd dd all the /dev/sdX6 to the 1T usb, all except the broken one, would i then be more save?
<dominicdinada> Ok I am working on setting up a wireless access point and trying to see if there is a simple way to tell which wireless cards support master mode
<stanman246> or would it be enough to dd the /dev/md0 (the raid array) to the 1T?
<guntbert> dominicdinada: master mode?
<dominicdinada> to use as a wireless access point
<cclausen> stanman246: if you need more space, you can dd | bzip2 -9 or similar to compress the data first
<RoyK> stanman246: just dd the devices to the new disk
<RoyK> stanman246: you can assemble the data if you have the devices
<guntbert> dominicdinada: I have obviously no idea :-)  -  but I would think you have more luck in ##networking
<RoyK> stanman246: xfs will probably clean it up, but you can't be sure
<stanman246> righto
<dominicdinada> this was a topic in here yesterday so i will disregard your helpful input
<stanman246> it'll take a lot of time, but better be safe then sorry
<stanman246> gonna dd the sdX6 partitions to the usb disk.
<guntbert> dominicdinada: do as you please :-)
<RoyK> stanman246: try that first
<RoyK> stanman246: then, when they're safely backed up, try xfs fsck
<RoyK> the backup will hopefully remain untouched, but then, you never know
<stanman246> k, thanks a lot RoyK
<dominicdinada> I cant find the pastebin someone sent me of their network and for some reason something overwrote my interfaces :(
<RoyK> stanman246: there's a reason I use zfs for large volumes these days :)
<stanman246> xfs is running in the stupid buffalo terastation... :(
<thesheff17> haha I have a terastation that totally crashed and they wouldn't help me
<cedwards> I've setup a number of kvm guests (ubuntu 10.04 server), all bound to br0. this works as expected.
<dominicdinada> iface eth1 inet dhcp          so just change this to static 192.......... right to keep this machine wired interface a static like right ?
<RoyK> the problem with xfs is there's a low number of users
<cedwards> I now need one of these guests to bind to a second bridge, connected to a separate network and I'm having issues.
<RoyK> ext[34] has far more users, meaning faster bug fixing
<dominicdinada> cedwards: i have virbr0 ? why no br0 ?
<stanman246> thesheff17: lost ur data? (don't make me scared here, heheh)
<cedwards> dominicdinada: I have br0 and br1, configured as per this example: https://help.ubuntu.com/community/KVM/Networking
<RoyK> vibrat0r?
<cedwards> dominicdinada: the problem is once I activate br1 my routing gets all screwed up.
<stanman246> a new machine, running ubu with raid5 on zfs.....
<dominicdinada> no
<RoyK> stanman246: ubuntu and zfs??
<stanman246> not?
<dominicdinada> royk: n0 y0ur n0t funny
<RoyK> stanman246: how can you make that work? zfs is not compatible with gpl
<thesheff17> yea the device had a red light and out of support and they wouldn't help....luckily I had a copy of that data that went offsite every week.
<dominicdinada> cedwards: oh i thought you were talking to me cause I am taking on the task of making my server an access point also
<RoyK> and running zfs in fuse wastes a lot
<cclausen> RoyK: openafs isn't GPL and it runs on Linux
<cedwards> dominicdinada: looks like we've got the same issue then.
<RoyK> cclausen: is it in the repositories?
<dominicdinada> cedwards: actually i got 3 wifi cards and well which to use for me so far lol
<cclausen> RoyK: apt-cache search openafs-fileserver
<RoyK> afs != zfs
<cclausen> well, no
<stanman246> righto, sorry
<stanman246> need to read more...
<Pirate_Hunter> can some help me out just tried command  netstat -atun | awk '{print $5}' | cut -d: -f1 | sed -e '/^$/d' |sort | uniq -c | sort -n and ip 140.211.166.3 is in the list however I have no clue why and who are they
<stanman246> thanks anyway and i will come back to let someone know
<stanman246> cya
<Pirate_Hunter> iut doesnt seem to be part of canonical hmmm...
<cclausen> RoyK: there is also the nexenta stuff that uses a GNU userland on a Solaris kernel
<cclausen> that does have zfs
<RoyK> cclausen: it's like "my dick is so long it gets all the way from a to z when I lay it on the keyboard"
<RoyK> cclausen: nexenta uses debian userland, but osol is a little better
<dominicdinada> cedwards: you saw this ?   https://help.ubuntu.com/community/WifiDocs/WirelessAccessPoint
<cedwards> dominicdinada: mine is all wired, so I don't think that applies.
<dominicdinada> oh dont mind me then
<cclausen> RoyK: I was just trying to say that the "GPL compatible" isn't an outright limiting factor
<RoyK> cclausen: zfs works in fuse atm
<RoyK> cclausen: but an FS in fuse limits performance
<cclausen> RoyK: ah, right.  just can't be in mainline kernel due to GPL, right?
<RoyK> yes
<cclausen> (same problem openafs has actually, so some people are working on writing a GPL compatible afs client)
<uvirtbot`> New bug: #560075 in virt-manager (main) "virtual machines freeze on boot (dup-of: 559896)" [Critical,New] https://launchpad.net/bugs/560075
<diabolical> ok
<diabolical> !wifi
<ubottu> Wireless documentation, including how-to guides and troubleshooting information, can be found at https://help.ubuntu.com/community/WifiDocs
<diabolical> i have having trouble getting my card into mastermode :(
<jjjjj> hey guys.  i have a friend who upgraded to Lucid Lynx.  afterward, his resolution is very high.  how can i change the res of the bash shell?
<jjjjj> any ideas?
<cclausen> jjjjj: a console tty?  not X ?
<jjjjj> tty
<cclausen> jjjjj: I edit /etc/default/grub and change GRUB_CMDLINE_LINUX_DEFAULT=  to include nofs nomodeset
<cclausen> and it got me a normal text 80x25 console
<cclausen> you can actually choose specific resolutions though
<jjjjj> how?
<cclausen> look in /etc/default/console-setup, I think
<jjjjj> what do i look for?
<diabolical> jjjjj, the resolution if it is high you should be able to spot it with settings like 1200x800
<diabolical> jjjjj, 640x800 is low res
<jjjjj> what line?  sorry, but this is not my computer with the problem, but a friend's, so i can't see the file
<diabolical> jjjjj, IDK whats the problem with the high resolution just increase the font size
<cclausen> FONTFACE="VGA" FONTSIZE="16"
<cclausen> maybe just try increasing the FONTSIZE until its something that works for you?
<diabolical> GRUB_GFXMODE=640x480
<uvirtbot`> New bug: #576633 in bacula (main) "package bacula-director-pgsql 5.0.1-1ubuntu1 failed to install/upgrade:" [Undecided,New] https://launchpad.net/bugs/576633
<diabolical> gfxmode is the resolution also
<cclausen> diabolical: that only affect grubs though, right?
<diabolical> Ya ....
<diabolical> as it is commented out on mine
<cclausen> I think they wanted the linux console changed
<diabolical> since i am using gnome-desktop
<cclausen> but yes, that might be worth trying too
<cclausen> I am trying to disable the graphical console myself
<garymc> anyone know why all of a sudden my ping to my PPTPD VPN server is really slow
<diabolical> well if grub is set with 1000x800 or 1200x800 or something else that is the problem
<diabolical> remove the console?
<cclausen> it messes up Ubuntu under the MSFT Hyper-V hypervisor
<cclausen> garymc: over loaded?  internet connection actually that slow?
<garymc> no internet isnt that slow
<cclausen> diabolical: no, just force a text mode 80x25 like how it worked in hardy or dapper
<garymc> I changed a setting rebooted server
<diabolical> garymc, did you limit the the Tx - Rx ?
<garymc> It didnt work so I changed back and now its fuked
<cclausen> diabolical: disable just the graphics mode, not the consoles
<garymc> I changed a setting in /etc/ppp/firewall-masq
<garymc> rebooted server
<garymc> then changed it back and rebooted server but didnt correct it
<cclausen> garymc: maybe that settings wasn't the problem in the first place?
<garymc> maybe not
<garymc> you know anything about PPTPD VPN ?
<diabolical> cclausen,  not sure :( about forcing resolution if i had my iso's i could look into the boot file to see what sets mode
<diabolical> wait i think i have an iso for a different linux that has the reso in lemme look
<jjjjj> can anyone post their /etc/default/console-setup ?
<jjjjj> ...
<dominicdinada> how to connect to a remote desktop :(
<handheldCar> dominicdinada: what are you saying about remote desktop?
<dominicdinada> oh i set another computer to allow remote desktop and have downloaded some clients but they all seem to just login to a command shell via ssh
<dominicdinada> wtf why do i need 10 ssh tools when putty > all
<handheldCar> what kind of operating system is this other computer?
<bogeyd6> it is true, putty > all
<dominicdinada> well it is ubuntu server 10.04
<dominicdinada> the machine i wanna connect and well im on lucid here but my other computer is win7
<dominicdinada> Server = Remote Desktop Server     Clients will be = Ubuntu and win7
<bogeyd6> ill let lucid mature and marinate for a few months before i switch the 9.10 servers
<handheldCar> not a bad idea bogeyd6
<dugger5688> Anyone in here ever set up Samba on Ubuntu and set up roaming profiles for windows XP boxes? I could use some help if anyone has a good guide, or wants to PM me. I think I have everything working as far as ubuntu goes... but I'm having some trouble on the XP side.
<handheldCar> dominicdinada: i don't think you use rdesktop or vino for ubuntu server since it has no gui. just ssh or putty.
<dominicdinada> handheldCar:  that i use it or can use it ?
<dominicdinada> handheldCar: i put gnome on it :/
<handheldCar> did you put vino?
<dominicdinada> i dont think so./..   ssh   sudo apt-get install vino ?
<handheldCar> yep might be up there by default. sudo aptitude install vino
<dominicdinada> brb need to reboot from updates
<dominicdinada> ok it is installing now
<dominicdinada> what about clients then ?
<handheldCar> for win7 you'll need a vnc viewer
<handheldCar> not sure about ubuntu
<dominicdinada> ok :(
<cclausen> you could install freenx on both ends
<cclausen> I consider it "better" than VNC
<dominicdinada> from aptitude ?
<cclausen> not sure if there are packages available or not
<cclausen> there appaer to be debs on the nomachine site: http://www.nomachine.com/download-package.php?Prod_Id=1888
<cclausen> you can just use VNC, but last I saw, it wasn't all encrypted and that could end badly if you aren't using it purely over an internal network
<handheldCar> sounds good. here's a tutorial https://help.ubuntu.com/community/FreeNX
<cclausen> oh, cool
<cclausen> you can get it from apt, just not the default repo
<dominicdinada> cclausen:  ok thanks
<AmokPaule> Hello, when i try to start mysql on lucid i get the following message: Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (111)
<garymc> anyone able to help me setup an ipsec server?
<garymc> im just bashing my head off the floor now
#ubuntu-server 2010-05-07
<nph0rm> hi room
<nph0rm> i've just installed ubuntu 10.4 server on my old P2 machine
<handheldCar> cool deal
<nph0rm> it didn't work with carmic
<nph0rm> i still have to configure wireless network and find out how to mount my usb flash drive, but this i will do tomorrow
<nph0rm> it is late here
<nph0rm> gn8 room
<quentusrex> soren, I'm highlighting you in both channels. Are you around?
<dominicdinada> Anybody good with working with wireless mastermode
<D4mi4n> hi all
<D4mi4n> did someone connect a blackberry as modem in ubunto 9.10?
<dominicdinada> any help with somebody usingebox ?
<dominicdinada> any help with somebody using ebox ?
<qman__> !anybody
<ubottu> A large amount of the first questions asked in this channel start with "Does anyone/anybody..."  Why not ask your next question (the real one) and find out?
<jnss> should i get this new version or not
<jnss> are you happy with you cd?
<twb> On a hardy system, does upstart log events anywhere?
<cclausen> twb: is there upstart on hardy?
<twb> There is.
<twb> It was pretty useless, since all the init scripts were still in sysvinit
<cclausen> oh, ok
<dominicdinada> god ebox suck a fat one :
<dominicdinada> :)
<cclausen> so it wasn't used by default
<twb> It was used by default
<dominicdinada> !samba
<ubottu> Samba is the way to cooperate with Windows environments. Links with more info: https://wiki.ubuntu.com/MountWindowsSharesPermanently and https://help.ubuntu.com/10.04/serverguide/C/windows-networking.html - Samba can be administered via the web with SWAT.
<twb> It basically replaced /sbin/init, but none of the init scripts.
<SirDerigo> hi guys! got two questions: in my house i have 2 machines playing server
<twb> Two too many :-/
<SirDerigo> and Intel core I5 with 3 Gb Ram and an Amd Sempron 1.9, they are plugged into an dlink dir-300 with dd-wrt
<SirDerigo> i want to make them both accessible through from internet, i got a domain pointed to my IP,
<SirDerigo> i want to know how i set up a subdomain for every server? like srv1.example.com
<SirDerigo> and srv2.example.com
<dominicdinada> !lynx
<ubottu> Browsers available for Ubuntu: Firefox (GTK, Gecko engine), Konqueror (KDE/Qt, KHTML engine), Epiphany (GTK, Gecko engine), Dillo (GTK), w3m (terminal-based), Links2 (terminal-based or graphical, see !man page), edbrowse (command-line), Opera (Qt, proprietary)
<SirDerigo> is this possible?
<twb> dominicdinada: is there a reason you're trying to talk to ebox from lynx instead of just managing the system normally (i.e. from the command line)?
<SirDerigo> luis_lopez, !hola!
<luis_lopez> greetings SirDerigo
<SirDerigo> how r u luis_lopez ?
<dominicdinada> twb: learning via gui is easier Ebox is the worst effort at an front end for server and well Ubuntu doesnt support webmin
<twb> Sorry, I don't agree.
<dominicdinada> Someone told me to...to try SWAT but it will not allow me to run it
<dominicdinada> on the brighter note i am learning about samba editing the configs for my shares...
<dominicdinada> twb: maybe my ebox install is corrupted.... firewall and dhcp says its down when it is up... I try to add the modules for user and groups and i get "Nasty Bug occured"
<twb> I wouldn't know.  AFAICT all attempts to provide a GUI to ignorant admins result in a ridiculous farce.
<twb> I'd rather admins learn how a system works than how to click on things.
<dominicdinada> funny you should say that i know how server 2k8 core works
<dominicdinada> but this isnt 2k8 so i am learning things
<dominicdinada> A nice little GUI will write these useless lines of text in smb.conf and I can change it and review it and do nifty little things... while learning how settings and variables should be written
<ScottK> twb: I agree with you generally, but I think as long as the web U/I is used as a learning tool for transition, it's reasonable.
<twb> ScottK: I'd agree, if there was a GUI/web UI wrapper that did much good.
<dominicdinada> i am game if you wanna teach me twb:
<ScottK> One thing I can say for sure about Ebox I can't say about Webmin is I haven't seen a postfix bug filed in Ubuntu due to parts of main.cf getting eaten.
<twb> I suppose the one OpenWRT ships is pretty solid, but that's because they mangle all their services to accept a UI-friendly intermediary layer
<twb> If I was commissioned to build one, I'd use an intermediary layer like puppet; the web UI would just generate manifests and leave the system itself alone.
<dominicdinada> ok i am running into a problem here :/ my share is set .. writable = yes ^M read only = no, Security = user     and If i remotly try to edit a file say in eclipse it will not let me save to the directory
<dominicdinada> yet i can copy and create... do i need to add a modify = yes
<twb> Just pastebin the whole file to start with
<dominicdinada> http://pastebin.com/MJ2dsh3s
<dominicdinada> changed the max shares and default drive letter and the network adapter to eth1
<twb> Have you restarted samba since changing the file?
<dominicdinada> yes
<dominicdinada> smbd restart
<twb> Wrong.
<dominicdinada> ok
<twb> It should be /etc/init.d/samba restart, or possibly something like "restart samba" in new upstart-based systems
<twb> In theory you could say "force-reload" instead of "restart", but I never trust that.
<dominicdinada> Cough cough WRONG
<dominicdinada> they changed samba to smbd
<dominicdinada> nmbd
<dominicdinada> in lucid
<twb> Ugh
<twb> You realize I'm talking about the init script, not the daemon itself?
<dominicdinada> yes there is no samba in init.d
<twb> Yeah, you're right.
<twb> http://packages.ubuntu.com/lucid/amd64/samba/filelist
<dominicdinada> 32 bit
<twb> http://packages.ubuntu.com/lucid/i386/samba/filelist, then.  It'll surely be the same for init file names.
<dominicdinada> maybe the cron daily ? or
<twb> dominicdinada: well, in sysvinit land you would normally just run the init script in init.d with the appropriate argument ("restart", in this case).
<twb> But I think the upstart clowns have a specific /sbin/restart(8) program to generate restart events.
<dominicdinada> i did smdb which restarted correctly i assume it didnt throw errors
<twb> Well, OK.
<dominicdinada> dominicdinada@diabolical-fs:/etc/init.d$ smbd restart
<dominicdinada> dominicdinada@diabolical-fs:/etc/init.d$
<twb> Um, if . is in your PATH, it shouldn't be.
<dominicdinada> for init.d ?
<twb> What does "which smbd" say?
<dominicdinada> dominicdinada@diabolical-fs:/etc$ which smbd
<dominicdinada> /usr/sbin/smbd
<twb> Sigh.  Never mind.
<twb> Let's just assume it's restarted and try to talk to it.
<twb> Try "smbclient //127.0.0.1/"
<dominicdinada> ok it logged me in and returned me to the shell
<twb> Make that "smbclient -L 127.0.0.1"
<twb> The goal is to make sure that samba's responding, listing the share and allowing you to access it at all.
<dominicdinada> http://pastebin.com/9huDdFST
<dominicdinada> oh sorry i paste binned the results
<twb> OK, good
<twb> So you should be able to say smbclient //127.0.0.1/www, and get an FTP-like prompt.
<dominicdinada> yes i have
<dominicdinada> smb:>
<twb> OK, now try a "PUT" to upload something
<dominicdinada> ok
<dominicdinada> now get
<twb> If the PUT worked, then the *samba* part of things is working.
<dominicdinada> ok
<twb> ...which means that the problem is probably your firewall, or centralized authentication (if any), or perhaps Samba's machine accounts.
<dominicdinada> I didnt add samba machine accounts I thought it inherited the accounts from ubuntu
<twb> The pam system has no concept of machine accounts, so it won't inherit those
<dominicdinada> ok
<twb> For user accounts, it depends on how it's set up, but I think it can either just look at pam, or take a static copy which you have to keep in sync and is a major pain in the arse.
<dominicdinada> it is taking from my pam i believe cause i can login as many users
<twb> So things you can do next is look at the samba logs; try to connect from windows without eclipse (i.e. start > run > \\diabolical-fs\www), try to use netcat or smbclient from another linux machine.
<Guest31208> Ubuntu really needs a better office suite.
<dominicdinada> As for this server it is a File-server, Wireless Access Point, Dev Webserver
<dominicdinada> open office
 * Guest31208 curses at NickServ
<dominicdinada> lol
<AdamDV> heh
<twb> dominicdinada: you should probably first confirm that a remote host can see the port open at all.
<AdamDV> OpenOffice is no match to Office 2007.
<AdamDV> No offense.
<dominicdinada> yes it opens ip
<AdamDV> (Well, in my opinion its no match)
<dominicdinada> up*
<twb> AdamDV: I don't care; I don't use an office suite.
<AdamDV> Other people might?
<twb> Well, they're welcome to improve the situation
<dominicdinada> Adam Open Office is one of the few Office suites that came from the gitgo to read all microsoft formats
<twb> dominicdinada: Microsoft Office can, too
<dominicdinada> Yea but Open Office is Free... And MS OFFICE is like 200$
<twb> Unless the document is in a newer format than the Microsoft Office install you're running...
<dominicdinada> i have both
<twb> I had a lot of problems with that in a heterogeneous organization, once.
<dominicdinada> awhile back nothing could read microsoft's .docx mdb etc formats
<dominicdinada> you could decompress .docx files as any other compressed file but whatever
<AdamDV> No no, the underlying code for OOo is great. Hate the interface.
<AdamDV> Anyway. I'll stop complaining now.
<dominicdinada> You can change the looks i believe ( dont have OO on this pc ) so i cant guide ya
<twb> Pay someone to fix it.  It'd probably only cost a couple of hundred Microsoft Office per-seat licenses.
<dominicdinada> He is talking about OO
<dominicdinada> lol
<twb> dominicdinada: you can make it look a bit like gnome or a bit like KDE, but you can't really change it's look-and-feel.
<dominicdinada> twb: ya true
<twb> dominicdinada: yeah, but what I'm saying is that instead of licensing the latest Microsoft Office every three years, he could invest that money in getting exactly what he wants bolted onto OO
<AdamDV> Thats actually not a bad idea.
<dominicdinada> Oh well yeah but then he will either miss out on updates or get the custom code over written when it updates
<twb> I am hand-waving away the gory details :-)
<ScottK> dominicdinada: Or get the patch done and then convince Ubuntu to include it and it's not your maintenance headache anymore.
<twb> dominicdinada: I'm not suggesting a fork, I'm suggesting hiring people to contribute directly to the mainline project.
<dominicdinada> Well AdamDv: what do you think
<twb> Forking is not worth doing unless upstream is being a total jackass.
<AdamDV> Yea.
<AdamDV> I'll have to talk to accounting.
<AdamDV> Not a bad idea though.
<kaushal> hi
<kaushal> I have a weird issue about logrotate utility slowing down the server running ubuntu linux 8.04 hardy server. My logrotate runs at around
<kaushal> 12:30 pm everyday and during this time it slows down. The load is high on the box.There is no error in dmesg and as well as syslog service.
<kaushal> Please suggest/guide me how do i go about in fixing this issue.
<wsuthomas> I am having problem with $PATH, any ideas why is deferent  from one ssh to another http://paste.pocoo.org/show/210933/
<ScottK> wsuthomas: Because the Python path is not the same as the system path.
<ScottK> You can see this with (in Python)
<ScottK> import sys
<ScottK> print sys.path.
<ScottK> (without the last .)
<wsuthomas> so I need to change the sys.path on the node server
<ScottK> That's why they are different.  Since I don't know what you're trying to do, I can't say.
<ScottK> Bedtime for me anyway.
<wsuthomas> ls and df work though
<lukehasnoname> Night ScottK. Hope you live in the US...
<wsuthomas> thanks for the idea
<ScottK> Yes.  East coast unfortunately.
<lukehasnoname> Not terrible. I'm hitting the hay in Texas, so I'll be sleeping Thursday night. :)
<lukehasnoname> Seeya
<wsuthomas> where is /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games
<wsuthomas> set
<wsuthomas> i think the problem is that I change the .rcbash file and it is not reading it
<Callum__> okay, what is the difference between Samba in Ubuntu 9.10 and 10.04? because my Samba config I used for 9.10 doesn't want to work properly at all
<clintb> Callum__: can you be more specific as to "doesn't want to work properly at all" ?
<clintb> prints errors
<clintb> drops clients?
<Callum__> nothing can access its shares at all
<clintb> somethign?
<Callum__> they come up but no machines can access it, Windows OR Linux
<Callum__> well, the machine itself, the share list won't even work properly
<Callum__> NFS works fine but Samba doesn't >_>
<clintb> any errors in the logs?
<Callum__> no idea
<Callum__> .........
<clintb> I don't know where the logs are exactly .. but probably somewhere under /var/log there is an 'smb' dir or an 'smbd.log'
<clintb> or could be in one of the other files like 'daemon' or 'messages'
<Callum__> nevermind, found my issue, god damn it >_>
<Callum__> somehow the "guest account" configuration got uncommented, and yeah, the guest account mentioned didn't exist... recommented, now works
<clintb> Callum__:   :)
<clintb> Callum__: sometimes just talking to somebody else helps you to think about a problem. :)
<Callum__> yeah =P
<Callum__> NFS > Samba, always =(
<clintb> I dunno
<clintb> NFSv4 maybe .. but even then... samba does seem to work well...
<kaushal> hi
<kaushal> checking in again for my query ?
<clintb> kaushal: you might want to re-state it
<cclausen> kaushal: run logcheck more often, or get fewer logs
<cclausen> it apparently just takes that long to compress your old logs and rotate them
<clintb> shouldn't that be niced?
<cclausen> do you have dedicated spindles for the log files themselves?
<cclausen> nice doesn't nice I/O
<cclausen> (or does it now?)
<clintb> no
<clintb> there was some progress on an ionice though
<clintb> Linux supports io scheduling priorities and classes since 2.6.13 with the CFQ io scheduler.
<clintb> according to 'man ionice'
<cclausen> that might help
<cclausen> although it probably means logrotate will take longer
<cclausen> and that may not be desirable
<kaushal> I did nice -n 19 too it didnot worked
<cclausen> kaushal: try and figure out if the process is cpu-bound or disk I/O bound
<cclausen> if disk I/O is the problem, get faster disks
<cclausen> I guess actually, could also be memory contrained.  is your system swapping when logrotate runs?
<kaushal> nope
<cclausen> are things actually going slow?
<cclausen> or are you just seeing high load and freaking out?
<clintb> or maybe log less. :)
<kaushal> cclausen: yes the system becomes very slow
<kaushal> The load is high too
<clintb> kaushal: do you have sysstat running? if you type 'sar -b' do you get numbers? if so, pastebin.com them
<kaushal> clintb: sure
<sveinse> After I upgraded a server to karmic, ssh-server seems to allow login for the users even before fsck is done checking the disks with the user's home. How can I change the order, or delay ssh login?
<billybigrigger> anyone aware of a graphical stats generator for denyhosts?
<twb> tcpwrappers keeps logs of hosts it denies?
<billybigrigger> i meant like something like awstats or webalizer for denyhosts
<billybigrigger> also, just started reading up on ossec, any comments on it? or will denyhosts be fine for me?
<billybigrigger> running on a non-commercial server, just used to host my blog
<clintb> I use denyhosts, and it has definitely reduced the number of attempts quite a bit
<clintb> the website for the project does export some aggregate stats..
<billybigrigger> yeah i wanted to see that for my site
<billybigrigger> oh well, i have it set to email me on a denied host....
<clintb> you could write a munin plugin for it
<billybigrigger> time to setup a new folder and message filter :)
<clintb> but I bet the rate is so low.. graphs wouldn't be all that useful
<billybigrigger> i expect a ton of emails from denyhosts now...just went through auth.log....what a nightmare...didn't even bother with .0 .1 .2 .3 .4 ....etc :P hehe
<billybigrigger> lol
<billybigrigger> just had denyhosts running for all of 10 mins
<billybigrigger> 4 emails already
<clintb> the bigger part is that you get all the hosts that others have already identified as evil
<billybigrigger> 18 hosts denied lol
<clintb> its really a great project
<billybigrigger> yeah, i have it set to download/upload to the central server...that is such a great feature
<billybigrigger> don't know why its disabled by default on a ubuntu server install!!! geeeez
<twb> I think you're talking about RBLs
<twb> Oh, oops.  denyhosts as in denyhosts.sf.net, not hosts.deny(5)
<twb> That stuff's only useful if your sshd can't be configured passphrase-only, or whitelisted-IPs-only, or at least netfilter -m recent and -m hashlimit.
<soren> quentusrex: I am now.
<soren> quentusrex: I try to be asleep at 02:43 at night. Usually I manage.
<twb> Then you're a bigger man than I
<twb> I usually knock off at 3AM
<RickyWh1> what is the command to check how much freespace ?
<twb> df
<quentusrex> soren, I was going to ask if you could role an updated version of glusterfs
<quentusrex> I'm trying to use glusterfs on lucid, and having rather difficult problem with ip auth.
<RickyWh1> is there a quick and easy way for me to test if my server has open relay turned on?
<RickyWh1> nm
<soren> quentusrex: If you can hunt down the patch that fixes it, I can sponsor an upload, sure.
<Mkools> Hi, I want to add a virtual host to tomcat6. Can someone please verify the steps that I followed?
 * abogani waves
<abogani> Sorry for really stupid question but Google don't had help me and I unfortunately missed the server session at OpenWeek.
<abogani> If Desktop and Server share the same components (deb archives) How can discover if a package will be supported for 5 years (instead of 3)?
<abogani> Thanks in advance!
<soren> abogani: apt-get show <package name> shows it.
<soren> Err...
<soren> apt-cache, I mean.
<soren> e.g. apt-cache show apache2 says:
<soren> Supported: 5y
<abogani> soren: Thanks a lot!
<Mkools> When I am shutting down my instance of tomcat6 server I am getting: SEVERE: Parse Fatal Error at line 1 column 1: Content is not allowed in prolog.
<sveinse> After I upgraded a server to karmic, ssh-server seems to allow login for the users even before fsck is done checking the disks. How can I change the order, or delay ssh login until fsck is done? It is pointless to allow users to login if their homes are not mounted yet
<Mkools> hey, Can any one help?
<jherrlin> hey folks!
<jherrlin> i have a question about connect a Ubuntu Server 10.4 to a OS X Server 10.6 Open Directory
<jherrlin> i want to share the Open Directory from my OS X Server to the Ubuntu Server
<jherrlin> i gues my Ubuntu server would act as a Replica=
<jherrlin> ?
<uvirtbot`> New bug: #576910 in php5 (main) "Regression: getPathInfo() doesn't return parent info" [Undecided,New] https://launchpad.net/bugs/576910
<uvirtbot`> New bug: #576913 in dovecot (main) "Backport dovecot 1.2.11 to Lucid?" [Undecided,New] https://launchpad.net/bugs/576913
<uvirtbot`> New bug: #576949 in mysql-dfsg-5.1 (main) "[lucid] LOAD DATA INFILE fails in replication, simple patch available in 5.1.43" [Undecided,New] https://launchpad.net/bugs/576949
<stanman246> anyone running ubu as an openvz host?
<ScottK> mathiaz: Would it be possible to repost my last post to planet Ubuntu onto the server blog so it gets wider viewing?
<cclausen> jherrlin_: I don't think you can get non-Mac OS to act as an Open Directory replica and have everything work correctly.
<cclausen> sveinse: you can change it so that init launches sshd last
<sveinse> cclausen: How?
<uvirtbot`> New bug: #576805 in samba (main) "Samba machine not browseable from windows ( 7, XP, ... )" [Undecided,New] https://launchpad.net/bugs/576805
<npope> hello fellow server people.  I am trying to use sed to search for a word, and if that word is there i want to append text to the end of the line
<npope> so far i have no success
<npope> sed -i '/^kernel/s|$|/ rdblacklist=nouveau vga=0x318/g'
<cclausen> npope: try and simpler command to make sure you are using sed correctly first
<npope> well i can do sed -i s/$/ replacementtext/g' filename just fine
<npope> but that appends to everyline
<npope> which is not useful to me
<cclausen> can you pastebin teh file in question?
<npope> sure
<cclausen> or if its a default ubuntu file, let us know which one?
<npope> its just a grub.conf file from an old distro
<npope> i want to append a kernel setting to the end of the kernel line
<cclausen> ah, ok
<cclausen> well, paste it then
<npope> http://paste.ubuntu.com/429563/
<cclausen> you are tryint to append to line 2 ?
<npope> yep
<cclausen> you have LANG= in there twice?
<npope> cclausen: that is unimportant to the question
<cclausen> well, whatever.  I just wanted to make sure that sed wasn't duplicating thigns
<cclausen> sed -i -e "s/quiet$/quiet rdblacklist=nouveau vga=0x318/g"
<cclausen> appears to append to that line for me
<cclausen> although is it safe to assume that the line ends with quiet all the time?
<npope> cclausen: yea that works for me as well, however i can not be sure that quiet will always be there thats why i want to look for kernel
<jherrlin_> cclause: okey :/ i have to think something out then
<cclausen> npope: do you have to use sed ?
<cclausen> I think I can do this with perl
<npope> no i can use awk or something
<npope> ah perl might be tricky because it needs to run in the %post of a kickstart
<npope> i am pretty sure perl is not avail during that point
<cclausen> hmm... ok
<npope> cclausen: i know i like it complicated :)
<npope> cclausen: how would you do this in perl?
<npope> i could write an init script that would run the perl code, then force a reboot, that way perl is avail
<cclausen> sed -i.backup '/^kernel/ {s/.*/& rdblacklist=nouveau vga=0x318/}'
<cclausen> try that
<cclausen> (although you might not need the .backup file created)
<npope> uh, that doesnt seem to do it?
<cclausen> really?
<cclausen> it appears to work for me
<npope> yea
<npope> hmmm
<cclausen> do the lines actually start with kernel ?
<cclausen> in teh first column?
<cclausen> the pastebin adds spaces so I'm not sure if matching on ^kernel works or not
<npope> i think there might be a space
<npope> let me take a llook
<cclausen> well, put a space in if needed
<npope> ah that works man!  the problem is a tab in the front of kernel
<npope> your awesome!
<npope> cclausen++
<wack47> i upgraded my distro from 8.10 to 9.04 and now for some reason i get this error in my kernel log http://pastebin.com/FRL35Zpm
<wack47> it happens no matter what kernel i load
<halvors> I have a problem with my email server, here are the log: http://paste.ubuntu.com/429576/
<cclausen> wack47: do you have a different /boot partition?
<ScottK> halvors: What does the mail log have to say about it?
<cclausen> wack47: what is your patition layout?
<cclausen> halvors: didn't we go over this before?  you need an /etc/hosts and/or DNS entry for ss1 added
<wack47> cclausen: i just did default: 143GB linux  used by /
<wack47> 5.42 GB linux swap for virtual memor
<wack47> and then there is a 5.42 extended
<jrwren> skip teh swap partition and install swapd :)
<cclausen> wack47: does ls -l /boot list the files?  are you suing default ubuntu kernels?
<cclausen> jrwren: what does swapd do?
<wack47> ls -l /boot ---> http://pastebin.com/7SSAhRiv
<wack47> and yes default kernels
<halvors> cclausen: We have talked about this before but the problem is not svolved ;)
<warlock_mza> hi everyone, I'm trying to enable mod_rewrite without success. apache2ctl -l doesn't list the module although it's already symlinked in mods-enabled dir
<warlock_mza> enabled with a2enmod rewrite
<warlock_mza> what am I missing ?
<cclausen> wack47: hmm... that looks ok to me.  try running update-initramfs -v and see if you see any odd errors
<npope> cclausen: seriously thanks man that works out great for my needs
<npope> cclausen++
<cclausen> warlock_mza: did you restart apache2 after enabling the module?
<warlock_mza> yes sir
<cclausen> what is in /etc/apache2/mods-enabled/rewrite.load ?
<warlock_mza> LoadModule rewrite_module /usr/lib/apache2/modules/mod_rewrite.so
<cclausen> warlock_mza: does that file exist?
<warlock_mza> yes
<cclausen> warlock_mza: is this on lucid?
<warlock_mza> yes
<wack47> do i need to be in the /boot directory?
<wack47> or does it not matter
<cclausen> wack47: no, shouldn't.  update-initramfs should work from anywhere.  I usually run things from /tmp, just in case they dump random files into the current directory
<wack47> b/c when i run it, it says "You must specify at least one of -c, -u, or -d."
<cclausen> oh, right
<cclausen> I forgot
<cclausen> -u should work for you
<cclausen> seeing as you have an existing initrd
<warlock_mza> cclausen, does lucid have any specific thing about mod_rewrite ?
<wack47> so update-initramfs -uv
<wack47> ?
<cclausen> warlock_mza: no, I'm just looking at a lucid system myself
<cclausen> wack47: yes
<cclausen> warlock_mza: it loads for me.  anything in /var/log/apache2/error.log ?
<wack47> ok no errors when i ran that
<wack47> ill see if it shows up in the logs now
<cclausen> wack47: ok, that is good.  maybe check your grub config then?
<cclausen> wack47: did you change any partition layouts during the upgrade?
<cclausen> halvors: pastebin your /etc/hosts file again
<wack47> ok will do, nope didnt touch the partitions
<warlock_mza> cclausen, nothing strange there
<cclausen> warlock_mza: are you just testing using apache2ctl -l to look for the module?  Did you actually try to use it?
<cclausen> warlock_mza: I think apache2ctl -l  just lists compiled in modules
<halvors> ok
<wack47> cclausen:i am getting that error on the hour, so i should no in about 17 min or so
<warlock_mza> cclausen, ok, thanks cclausen It might be a gallery2 config problem ...
<halvors> cclausen: here is my /etc/hosts file: http://paste.ubuntu.com/429585/
<dominicdinada> so
<cclausen> halvors: try adding a fe80:0:0:0:0:0:10.0.0.2 ss1.skymiastudios.com ss1 entry to your /etc/hosts file
<dominicdinada> fe80:0:10:2
<dominicdinada> fe80::0:10:2
<halvors> is fe80:0:0:0:0:0:10.0.0.2 ss1.skymiastudios.com ss1 right?
<halvors> trying now ;=
<halvors> ;)
<dominicdinada> What exactly are you trying to do because that is an address thats not routeable ?
<cclausen> dominicdinada: yes, just like the 10.0.0.2 entry currently in his host file
<cclausen> its just hte IPv6 version of it, right ?
<halvors> cclausen: Its doesn't work :(
<cclausen> same error
<cclausen> ?
<halvors> yes
<cclausen> halvors: did you restart postfix?
<halvors> rebooted whole server
<cclausen> or whatever program that is
<dominicdinada> that is a link local address... in ipv6 the only routable address' are 200*
<dominicdinada> yeah its a local address the ssl.skymiastudios.com threw me
<cclausen> dominicdinada: just trying to get rid of "Name service error for name=ss1 type=AAAA: Host not found"
<dominicdinada> o
<wack47> cclausen: still did it! :/ it should require a reboot should it?
<cclausen> I assume that "AAAA" is a IPv6 record, right?
<dominicdinada> 2001 -2003 are the only routable ipv6 address's
<npope> cclausen: yea
<halvors> so???
<cclausen> wack47: I am not sure what is causing that error.  probably some legacy code left over from the upgrade
<cclausen> dominicdinada: so what do you suggest?
<cclausen> halvors: do you need IPv6 support in that program?  Can you just turn it off?
<halvors> It is not an upgrade i installed clean version of 10.04
<dominicdinada> well what is the ip he is actually trying to route it to ? the ssl.skymiastudios.com ?
<cclausen> halvors: that was for wack47
<cclausen> dominicdinada: 10.0.0.2, but it is trying to do AAAA record lookup for some reason and there isn't such a record
<halvors> Will i need ipv6 support for be a emailserver for ipv6 customers?
<wack47> cclausen: ok, thanx for the help
<halvors> Maybe i can turn it off
<cclausen> wack47: purge and try clean install of grub and the initramfs tools ?
<halvors> Do you need my Postfix main.cf file+
<halvors> ?
<cclausen> (note that could be dangerious)
<wack47> yeah, its the webserver for the business
<Pici> !who
<wack47> so i cant risk that
<ubottu> As you can see, this is a large channel. If you're speaking to someone in particular, please put their nickname in what you say (use !tab), or else messages get lost and it becomes confusing :)
<cclausen> halvors: postfix config files wouldn't help me.  I install exim4 so I don't have to deal with these issues
<wack47> i been thinkin about doing a new web server anyway :p
<dominicdinada> 2001:db8::1
<dominicdinada> is what i came up for 10.0.0.2
<halvors> What is this?
<wack47> :/topic #ubuntu-server
<dominicdinada> http://www.sixxs.net/forum/?msg=apps-35201
<wack47> crap sry
<dominicdinada> lol
<wack47> :/topic #ubuntu-server testing
<wack47> hmm
<Pici> wack47: What are you trying to do?
<wack47> lol idk
<halvors> cclausen???
<wack47> just playing around really
<wack47> what irc client do yall use?
<Pici> wack47: Well, this channel is for support, if you're bored, you can join #ubuntu-offtopic
<wack47> im in here getting support pici
<dominicdinada> wack you are working with your ipv6 correct ?
<wack47> nope
<dominicdinada> hmmm where did that guy go
<wack47> it was halvors i think
<wack47> and cclausen was helping him
<wack47> i believe
<dominicdinada> halvors: ??? your working with your ipv6 and a forest dns server ?
<dominicdinada> fe80: is not a routable address... when i googled for 10.0.0.2's ipv6 I came up with 2001:db8::1   per http://www.sixxs.net/forum/?msg=apps-35201
<halvors> nO IT SHOULD BE A SIMPLE EMAIL SERVER
<halvors> sruy caps lock
<halvors> So will i need IPV6 then?
<dominicdinada> ok i guess i missed the conversation when you said that
<dominicdinada> You really shouldnt.... but a record in your file might be causing the problem. While ipv6 is all around last i heard it is not widely implimented
<_ruben> 2000::/3 are the routable addresses, 2000:: till 4000:: (exclusive)
<Wack479> cclaussen you still there?
<halvors> cclausen??
<Wack479> i guess he is gone
<halvors> Should my MX record in DNS look like this: skymia.net	MX	1 ss1.skymiastudios.com ?
<dominicdinada> _ruben: only 2001 - 2003 are routable :/
<dominicdinada> 2000*
<_ruben> dominicdinada: nope
<_ruben> http://www.iana.org/assignments/ipv6-unicast-address-assignments/ipv6-unicast-address-assignments.xhtml
<_ruben> or even simpler: http://www.iana.org/assignments/ipv6-address-space/
<dominicdinada> I was going off of rfc 5156 :/
<Wack479> when running apt-get upgrade i get these errors, and im not sure why, sense they all seem to be working properly! http://pastebin.com/2YZpWAYj
<halvors> Have the new kernel for server been keept back?
<halvors> your working with your ipv6 and a forest dns server ? No i dont to
<dominicdinada> ok cclausen told me you were trying to use 10.0.0.2 a AAAA forest dns server
<dominicdinada> While you mentioned something in regards to email when i googled it I came up with this http://www.sixxs.net/forum/?msg=apps-35201  ( I googled it because the fe80 is a local link only address which is unroutable ) As for the 10.0.0.2 MX the ipv6 is 2001:db8::1
<halvors> I only try to setup a simple email server
<halvors> only b8::1
<halvors> ?
<halvors> But need i ipv6 for a email server?
<dominicdinada> no like i was saying before unless you changed things by default they should have been set...
<dominicdinada> The address's set i mean...
<halvors> yes so my /etc/hosts file should look like?
<cclausen> dominicdinada: halvors is getting this error: http://paste.ubuntu.com/429576/
<halvors> Yes :(
<cclausen> I was just trying to get rid of it by giving the program an AAAA record to lookup
<dominicdinada> Shouldnt your hosts file be set with your own routers ip addy to use you IPs DNS ?
<cclausen> Wack479: you had just upgraded right?  did teh upgrade fail?  b/c it looks liek a lot of stuff is half installed
<halvors> So how can i disable ipv6 lookup in postfix?
<lamont> inet_protocols = ipv4
<lamont> I expect
<npope> halvors: sorry i missed most of your problem here want to give a quick overview of whats wrong
<dominicdinada> sorry phone call
<halvors> I get this message when send a email to the server: http://paste.ubuntu.com/429576/
<Wack479> no, it said it was successful
<npope> are you trying to do ipv6 or is it a side effect?
<Wack479> cclaussen: and it said it was successful, and apache and php and mysql are all working
<npope> you should try adding "options single-request" to /etc/resolv.conf
<Wack479> cclause: but when i apt-get update it gives me that
<halvors> clausen: some ideas about solotions?
<npope> halvors: you should try adding "options single-request" to  /etc/resolv.conf
<npope> halvors: on the postfix server
<halvors> ok
<dominicdinada> halvors have you read this ?
<dominicdinada> http://skymiastudios.com/index.php?option=com_content&view=article&id=48&Itemid=30
<Wack479> cclausen: your just too popular! lol
<halvors> yes i writed it for a week ago it worked on my other email server
<dominicdinada> Ok...  lol i am dumb
<halvors> I too ;)
<halvors> But whay i get this error?
<dominicdinada> well the error 5.4.4 refers to Cannot find the next hop, check the Routing Group Connector.  Perhaps you have Exchange servers in different Routing Groups, but no connector.
<npope> halvors: did you try what i suggesteD?
<halvors> no but it should be fine by default?
<halvors> It the Ubuntu configuretion files wrong?
<dominicdinada> well what does you resolv.conf look like
<npope> halvors: obviously you are trying to lookup a ipv6 address.
<halvors> here: http://paste.ubuntu.com/429615/
<halvors> But WHAY?
<cclausen> Wack479: hmm.. well, try and remove the packages and reinstall
<Wack479> cclaussen: i have removed some, but not all and reinstalled and it didnt work
<npope> halvors: why is the final-recipient halvors-skymia.net@ss1?
<Wack479> cclausen: i might have to remove all and reinstall
<Wack479> hmmm
<cclausen> Wack479: you can try doing an apt-get install listing all of the packages that are missing
<halvors> becaouse it is the user i send it to ;)
<dominicdinada> @ssl isn't proper
<dominicdinada> is it ?
<Wack479> cclausen: that gives me the same "error"
<cclausen> Wack479: hmm... well, I am not sure what to do then
<dominicdinada> ok halvors are you on a home IP?
<dominicdinada> ISP*?
<Wack479> cclausen:  yeah thats prob why im gonna end up having to just build a new one :/
<dominicdinada> http://paste.ubuntu.com/429617/
<halvors> Home is behind NAT?
<dominicdinada> your resolv.conf in my opinion is wrong there is no gateway ( your isp ) to route the traffic correctly
<halvors> the traffic goes via the router hvo have the dns option
<halvors> also 10.0.0.1
<dominicdinada> you are issuing the command to use 10.0.0.1 BUT.... you list no gateway while npope suggested that there might be another problem...
<dominicdinada> but in your resolv.conf    it doesnt refer to your routers gateway/dns
<halvors> Maybe i should reinstall the emailserver?
<halvors> ???
<dominicdinada> remember the error 5.4.4 ( cant find next hop ? ) you can just comment out or change your resolv.conf to (routers ip ) and ummm you are running dns on your server?
<halvors> Yes
<halvors> only for get more domains on my server
<dominicdinada> ok like i said 4x you have no route specified to the internet...
<halvors> so
<halvors> what should i do?
<dominicdinada> change your 10.0.0.1 to your routers gateway
<stgraber> why would changing a resolv.conf make any change to the routing ? it's only the DNS that's configured in resolv.conf, if the route is wrong it won't change a thing ... and it's only in limited cases that the router is also the DNS server and only in that kind of case that it should be in resolv.conf (haven't read the whole backlog though)
<dominicdinada> because in your network that is the next hop to the internet from there it can be routed correctly
<halvors> 10.0.0.1 is the router and the gateway :)
<dominicdinada> are you sure  ?
<halvors> yes
<cclausen> halvors: can you ping 10.0.0.1 ?
<halvors> whay
<halvors> ok
<cclausen> stgraber: I concur.  resolv.conf shouldn't affect routing at all
<halvors> i can ping is
<halvors> works fine
<cclausen> halvors: ok then, now try and see if 10.0.0.1 is a DNS server too
<cclausen> halvors: dig www.google.com @10.0.0.1
<cclausen> (is that the correct syntax for dig?)
<failover> I'm  got this error when try to install a vm with virt-install: libvirtError: internal error unable to start guest: libvir: QEMU error : cannot set ownership on /root/ubuntu-10.04-server-i386.iso: Permission denied - I'm  trying to install as root, someone has a idea, about what i'm doing wrong ?
<cclausen> failover: is that mounted right now?  probably can't change a mounted iso file
<stgraber> halvors: can you get me the output of "ip route get 1.2.3.4" then to make sure your local routing table is ok
<failover> not mounted !
<cclausen> failover: can you run chown on it manually?
<stgraber> that and cclausen's dig command should tell us if the routing and DNS is working, if 10.0.0.1 doesn't work as DNS, then the easiest will be to try again with a public one (like google's)
<failover> yeap!
<halvors> it is a dns server it worked
<halvors> so???
<dominicdinada> cclausen: http://www.fots.nl/index.php/ndr-and-smtp-reply-and-error-codes/ ??? idk
<failover> cclausen, to test i already set to chmod 777 and nothing...
<cclausen> dominicdinada: wouldn't a DNS failure cause the 5.4.4. error too?
<halvors> so???
<halvors> what should i do?
<dominicdinada> yeah it could be this is causing the problem.... Final-Recipient: rfc822; halvors-skymia.net@ss1
<dominicdinada> that is what npope pointed out
<halvors> but what should i do now?
<dominicdinada> halvors why is it trying to send mail to halvors-skymia.net@ssl ?
<halvors> ss1
<halvors> not ssl
<halvors> it is the domain on my server and i will send email to it
<halvors> right
<dominicdinada> ok let me try to email that address once
<dominicdinada> blah
<dominicdinada> cclausen: so what do you think is the problem ?
<Insyte> I set up a (Hardy) server to use LDAP authentication.  Worked great.  Now I need to switch it back.  I'd like to revert completely to the default auth config.  Is there a package I can just dpkg-reconfigure to make that happen?
<l3dx> Is this a reasonable disk/raid/lvm setup? http://pastebin.com/egVWAm9h
<cclausen> l3dx: what makes you think it isn't?
<cclausen> Insyte: you can probably just edit /etc/nsswitch.conf and put it back to its original state to disable LDAP auth.  Might be some PAM changes needed as well though.  uninstalling the packages should revert changes in these configs
<Insyte> Yeah, I can manually put it back pretty easily.  I'm hoping for an easily automatable task that will revert to the original state.
<l3dx> cclausen: it's my first lvm setup, so I just wanted to get a warning if I'm on my way heading for failure :)
<deslector> l3dx, is there any reason why you have a separate /boot partition ?
<deslector> just curious
<jpds> l3dx: Can /boot be on LVM?
<l3dx> I'm just used to creating a separate /boot and formatting it as ext2
<l3dx> jpds: you tell me :)
<jpds> Maybe it can with GRUB2, haven't checked.
<deslector> jpds, I believe so
<jpds> Neat.
<deslector> jpds, at least with lucid
<deslector> (grub 2, as you said)
<jpds> deslector: Very interesting.
<deslector> jpds, yes... it's a nice feature
<hggdh> jpds: yes, /boot can be under LVM (mine is)
<hggdh> er. *was*. Latest reinstall I forgot to put it there
<jpds> hggdh: Hehe.
<deslector> l3dx, hmm... encrypted swap may be a problem with hibernating...
<deslector> hmm... wait, this is #ubuntu-server... you probably don't want your server to hibernate :-)
<l3dx> deslector: guess not ;)
<halvors1> I should some domains with Ubuntu, how can i create the domains on the server?
<cclausen> halvors1: what do you mean by "domains" ?
<halvors1> Yes, so the server can have serval websites email ftp.
<halvors1> How can it be done?
<halvors1> Do you host on your server?
<halvors1> Like a WebHotell
<halvors1> ???
<halvors1> cclausen: Where are you from?
<l3dx> hm, ext2 + lvm = no good?
<halvors1> :-D
<l3dx> I bet norway!
<deslector> l3dx, no good in what sense?
<halvors1> Jeg er fra Norge jeg ogsÃ¥, hvor bor du?
<l3dx> no wait, I bet halvorsen = norway. sorry
<l3dx> deslector: I get "The attempt to mount a file system with type ext2 in LVM VG SYstem, LV boot at /boot failed."
<Pici> !no
<ubottu> Hvis du vil diskutere pÃ¥ Norsk, vennligst gÃ¥ til #ubuntu-no. Takk!
<deslector> l3dx, hmm... weird I thought LVM was filesystem agnostic...
<halvors1> For setting up a working email server is all i need this: https://help.ubuntu.com/10.04/serverguide/C/postfix.html ?
<cclausen> halvors1: I work at UIUC
<cclausen> halvors1: I run some web sites on computers here on campus.  are you using apache?
<cclausen> halvors1: are you running your own DNS?
<guntbert> halvors1: do you intend to connect the server to the internet?
<halvors1> What is UIUC?
<halvors1> cclausen er du norsk?
<halvors1> cclausen are you Norwegian?
<guntbert> !ot | halvors1
<ubottu> halvors1: #ubuntu is the Ubuntu support channel, for all Ubuntu-related support questions. Please use #ubuntu-offtopic for other topics. Thanks!
<Wack479> halvors1: er du norsk?
<Pici> !no | Wack479 halvors1
<ubottu> Wack479 halvors1: Hvis du vil diskutere pÃ¥ Norsk, vennligst gÃ¥ til #ubuntu-no. Takk!
<Wack479> lol im not even norwegian!
<Wack479> Pici: wow dont get your panties in a wad
<Pici> Wack479: How would I know that? I'm just letting you know that there is a norwegian channel.
<Wack479> Pici: NO is norway/norwegian! i thought you were yelling at me saying NO, as in no talking norwegian
<Wack479> Pici: lol
<Pici> Wack479: 'no' is the country code for norway :)
<mdasilva> has anyone had a problem where deleting a file with rm doesn't reclaim the disk space?
<Wack479> Pici:  haha yeah i figured it out!
<Wack479> Pici: sry
<Wack479> mdasilva: you sure it wasnt just a symbolic link?
<halvors1> Ja Wack479 jeg er norsk vet du ;)
<npope> mdasilva: are you sure a running program does not have it open still
<mdasilva> Wack479 im sure
<npope> mdasilva: sudo lsof | grep filename
<mdasilva> im reading something that the kernel wont free the space until file handles are closed?
<Wack479> mdasilva: ok that was my only thought!
<npope> mdasilva: sudo lsof /location/of/rmed/file
<npope> mdasilva: that will list the processes that currently have it open
<mdasilva> ya
<Wack479> halvors1: haha Vel jeg er ikke norsk, men jeg bruker google oversetteren Ã¥ skrive pÃ¥ norsk!
<npope> mdasilva: the only way to get the space back is to remove the lock on that file (usually done by restarting said process)
<mdasilva> yah they have filehandles on them
<halvors1> mmmmh,
<mdasilva> ah its trickling back
<mdasilva> thanks npope
<uvirtbot`> New bug: #577165 in vsftpd (main) "Typo in etc/init/vsftpd.conf" [Undecided,New] https://launchpad.net/bugs/577165
<npope> mdasilva: no problemo
<cclausen> halvors1: UIUC is a university in the USA: http://www.uiuc.edu/
<cclausen> halvors1: to add virtual hosts for your website domains, take a look at how /etc/apache2/sites-available is setup and add additional config files, one per domain, as needed
<marshall> i've got 2 domain names, i want all mail sent to one domain name to go to another domain name. i think i've set up the dns properly, but how do i get postfix to accept messages addressed to this other domain?
<mikelifeguard> How can I nominate something for the server-papercuts project?
<halvors> Will i need to open port 587 in my firewall for running a email server?
<cclausen> you probably should
<ScottK> marshall: Needs to be in mydestinations.  See the Ubuntu Server Guide for details.
<marshall> ScottK: ok
<ScottK> halvors: If you want people to submit mail via the submission port, yes (this is a good thing).
<guntbert> halvors: please don't run a publicly connectd mail server if you are not *very well knowing what you are doing*
<cclausen> guntbert: that is good advise
<cclausen> for the record, I don't run a public mail server from linux b/c I don't know what I am doing
<cclausen> (do have Exchange server though...)
<guntbert> cclausen: then you even have no chance of knowing what you are doing ;-))
<cclausen> yeah, I know :-)
<bogeyd6> halvors, why port 587?
<cclausen> bogeyd6: see RFC 2476 -> http://www.mostlygeek.com/tech/smtp-on-port-587/
<bogeyd6> cclausen, i wanted to get a feel for what he wanted it for
<cclausen> bogeyd6: I think he is trying to run email for some domains
<bogeyd6> prob should just get turnkey linux zimbra
<cclausen> if that even.  IMAP works for a lot of people too.  don't need the hassle of zimbra
<bogeyd6> ease of use and everything being graphicaol
<bogeyd6> we cant just tell people ITC to not do something because they dont know. that is in fact why they came here
<cclausen> Thunderbird is graphical too
<bogeyd6> server side*
<cclausen> can one apt-get install zimbra?
<bogeyd6> n
<cclausen> bogeyd6: sometimes advising them not to do it themselves is the best advice we can offer
<cclausen> I'm not here to provide free tech support
<bogeyd6> !codeofconduct
<ubottu> The Ubuntu Code of Conduct is a community etiquette document to which we ask all Ubuntu users to adhere, and can be found at http://www.ubuntu.com/community/conduct/ .  For information on how to electronically sign the CoC, see https://help.ubuntu.com/community/SigningCodeofConduct .
<guntbert> bogeyd6: but it makes a big difference if you run a local mail server (to get your feet wet) or if you run a publicly connected one
<bogeyd6> My conservatism knows no bounds
<cclausen> bogeyd6: if that document says that we should help people do whatever they want, its clearly wrong and I'm not going to bother reading it
<bogeyd6> cclausen, just wow
<bogeyd6> When we are unsure, we ask for help. Nobody knows everything, and nobody is expected to be perfect in the Ubuntu community. Asking questions avoids many problems down the road, and so questions are encouraged.
<cclausen> bogeyd6: telling people not to run services they don;t understand also avoids problems down the road
<guntbert> bogeyd6: cclausen: please cool down again :-)
<bogeyd6> cclausen, you are right about being in the wrong channel
<bogeyd6> <cclausen> I'm not here to provide free tech support
<cclausen> ok
<cclausen> good bye
<bogeyd6> this whole channel is for tech support
<bogeyd6> oh, he left
<halvors> I cant recive email on my email server, in the logs i got this: May  7 22:18:43 ss1 dovecot: deliver(halvors-skymia.net): Fatal: Plugin cmusieve not found from directory /usr/lib/dovecot/modules/lda
<halvors> What should i do?
<bogeyd6> halvors, did you mean to use the cmusieve plugin
<halvors> i got this in logs and i can not recive email
<halvors> So what do you think i should do?
<bogeyd6> !english | halvors
<ubottu> halvors: The #ubuntu, #kubuntu and #xubuntu channels are English only. For a complete list of channels in other languages, please visit http://help.ubuntu.com/community/InternetRelayChat
<bogeyd6> !de
<ubottu> In den meisten ubuntu-KanÃ¤len wird nur Englisch gesprochen. FÃ¼r deutschsprachige Hilfe besuchen Sie bitte #ubuntu-de, #kubuntu-de, #edubuntu-de oder #ubuntu-at. Geben Sie einfach /join #ubuntu-de ein! Danke fÃ¼r Ihr VerstÃ¤ndnis.
<halvors> !dovecot
<ubottu> IMAP and POP are protocols for fetching email. The officially-supported server in Ubuntu is Dovecot (packages "dovecot-imapd" for IMAP, and "dovecot-pop3d" for POP) - See also !MailServer for information on the SMTP protocol
<halvors> I talk english
<bogeyd6> halvors, https://bugs.launchpad.net/ubuntu-release-notes/+bug/516040
<uvirtbot`> Launchpad bug 516040 in ubuntu-release-notes "dovecot sieve plugin renamed from cmusieve to sieve" [Undecided,Fix released]
<halvors> ok will try
<dominicdinada> Blast it stupid @ Ebox...
<bogeyd6> where do you go see what ubuntu has relased for new packages in 9.10
<dominicdinada> bogeyd6: wouldnt that be like update?  apt-get update ?
<bogeyd6> yeah but they dont tell you why they got upgraded
<dominicdinada> then check the internet for the changelogs?
<bogeyd6> trying to find it obviously dominicdinada
<dominicdinada> Google (package name+version) changelog ?
<dominicdinada> I cant get my stupid network configured correctly I tried setting it via Ebox.... Broke... Undid what I set in ebox... then I configured it manually then nothing wow
<dominicdinada> I cant get my stupid network configured correctly I tried setting it via Ebox.... Broke... Undid what I set in ebox... then I configured it manually then nothing wow
<bogeyd6> dominicdinada, ubuntu 9.10 ?
<dominicdinada> 10.04
<dominicdinada> Im think that Ebox needs to go it is really a Piece of crap. While webmin is better...... Ubuntu decided to go a different route
<bogeyd6> dominicdinada, www.turnkeylinux.org
<dominicdinada> Ok looking at that
<dominicdinada> ok not looking at that.... Garbage but thanks for the offer
<uvirtbot`> New bug: #576957 in libpam-ldap (main) "passwd crashed when the password is changed through pam_ldap" [Undecided,New] https://launchpad.net/bugs/576957
<dominicdinada> Im think that Ebox needs to go it is really a Piece of crap. While webmin is better...... Ubuntu decided to go a different route
<dominicdinada> opps
<JanC> dominicdinada: webmin doesn't work correctly with Ubuntu/Debian package management
<dominicdinada> JanC: yeah it doesnt and well Ebox is not done breaking my system
<JanC> I don't know about ebox, it might have other bugs
<dominicdinada> sudo aptitude install dhcp   = 0 upgrade 0 install 68remove and 0 updated lovely
<JanC> there is no package named 'dhcp'
<dominicdinada> dhcp3-common ?
<JanC> that one exists, but really, you should know what you want and act accordingly
<JanC> and I have no real experience with ebox, so can't really help with that
<dominicdinada> Well lets see I followed directions using ebox to bridge my network connection and set everything correctly but at that point it would not allow any other machine to communicate with the server so I undid the changes
<JanC> but AFAIk it will pull in all dependencies of the module you need
<dominicdinada> afaik ?
<JanC> as far as I know
<JanC> I use the commandline for my servers  ;)
<dominicdinada> Yea once ebox killed the system it took all of the depends... dhcp3 etc
<dominicdinada> I made a correct interfaces file but ebox still left everything binded... so.... no network connection on the other machine to grab the packages i need
<dominicdinada> cd bind
<dominicdinada> Note to self Blacklist ebox
<dominicdinada> I have a question in regards to network bridging. All the documentation refers to the bridge as br0. But I have an interface virbr0 ???
#ubuntu-server 2010-05-08
<JanC> dominicdinada: virbr0 is the default name used by libvirt for bridging network from virtual machines AFAIK
<dominicdinada> JanC:  ok and hmm I got the network back up .... just gonna work on bridging correctly noe
<dominicdinada> now*
<mininessie> um how do i download server kernel for regular ubuntu 32bit 10.04
<mininessie> can someone help me
<mininessie> um how do i download server kernel for regular ubuntu 32bit 10.04
<dominicdinada> !lucid
<ubottu> Ubuntu 10.04 LTS (Lucid Lynx) is the current release of Ubuntu. Download http://releases.ubuntu.com/10.04/ - Release Info: http://www.ubuntu.com/getubuntu/releasenotes/1004
<dominicdinada> mininessie: http://releases.ubuntu.com/10.04/ubuntu-10.04-desktop-i386.iso
<ziesemer_> I think the question being asked is how to install / use the server version of the kernel on a previous (desktop) install?
<viezerd> aptitude has an option "-d" to download only
<dominicdinada> to reinstall iptables    sudo aptitude reinstall iptables
<dominicdinada> ?
<ScottK> mininessie: There isn't an i386 server kernel anymore.  Use generic.
<mininessie> ziesemer_: correct
<mininessie> ScottK: okay i just want the best kernel type
<dominicdinada> Orville Reddenboker type ? =)
<JanC> mininessie: install linux-server
<JanC> mininessie: but best kernel might depend on what you want of your system
<mininessie> JanC: well i'm running mac i want the best graphics sound and battery life
<ScottK> Probably not on a server though
<JanC> mininessie: that doesn't sound like a server
<mininessie> JanC: which one does it sound like
<JanC> well, I have no servers witrh graphics, sound or a battery really  ;)
<qman__> my servers have batteries, but not internally
<qman__> no graphics, no sound
<qman__> the server kernel is not going to be tuned for the best performance of those things
<dominicdinada> !ufw
<ubottu> Ubuntu, like any other Linux distribution, has firewall capabilities built-in. The firewall is managed using the 'ufw' command (see https://help.ubuntu.com/community/UFW), or 'iptables' (https://help.ubuntu.com/community/IptablesHowTo). GUI frontends such as Firestarter/Gufw (Gnome) or Guarddog (KDE) also exist.
<dominicdinada> !bridge
<dominicdinada> someone please kill me now :(
<dominicdinada> !ebox
<ubottu> ebox is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/eBox
<iclebyte> any known issues with bridging of a KVM host controlled by libvirt on 9.10 server?
<ziesemer_> I have a virtual machine (in VirtualBox) that I installed lucid (desktop) into.  I then installed linux-image-virtual , which is apparently based on server - and apparently even uses the same headers.  However, after rebooting, I get "Giving up waiting for a root device", and it drops to a BusyBox root shell.
<iclebyte> i can get to the host from the guest via the bridge but i can't seem to get out any further than that
<iclebyte> it's had me for 3 days
<ziesemer_> It notes that /dev/disk/by-uuid/... doesn't exist.  Sure enough, I have /dev/disk/by-path, but I don't even have a by-uuid folder.  Rebooting using the old generic kernel works just fine.  Ideas?
<mannyv> i just  installed lucid server with the os on a raid1 with lvm and it will not boot. I am getting the error no init found abda busybox prompt
<mannyv> can anyone help with this?
<gauravk> Hello, all, I had a question about partitioning. I have a few internal HDDs that I want to set up as samba shares that are going to contain media. I was wondering where I should mount them (I'm installing Ubuntu-server now).
<iclebyte> gauravk, under /media seems to be the general ubuntu convention.
<iclebyte> traditionally it would have been under /mnt/
<iclebyte> but this is 2010 - so /media/ it is.
<gauravk> Okay, sounds good, thanks for the help.
<iclebyte> np.
<ScottK> ziesemer_: My suggestion would be use the kernel that works.
<kaushal> hi
<ziesemer_> ScottK:  Yeah - but I want to get it working / know why.  :-)  It's just a trivial VM, so even if I loose it - no big deal.
<ziesemer_> I did find that there is not even a /dev/sd0 or /dev/hd0 - so thinking a driver issue.
<ScottK> No idea.  Sorry.
<ziesemer_> Maybe linux-image-virtual has too few drivers.  :-)
<ziesemer_> I'll try linux-image-server just for kicks.
<kaushal> I get this http://fpaste.org/cyhT/ on the console of Ubuntu Linux 8.04 server
<kaushal> Please suggest
<kaushal> I did some troubleshooting by replacing the RAM with the new ones
<kaushal> didnot help
<kaushal> Any clue ?
 * ziesemer_ Aha!  https://bugs.launchpad.net/ubuntu/+source/linux/+bug/570542
<uvirtbot> Launchpad bug 570542 in linux "linux-image-virtual does not include ahci module, prevents virtualbox from booting minimal vm install" [Medium,In progress]
<dominicdinada> ok kids need a hand :(
<dominicdinada> Aha!
<datz> hi, I'm actually using xubuntu, but the box has no monitor.. I'd like to get the latest kernel update, but apt-get upgrade doesn't do it. Can anyone lend me a hand?
<qman__> datz, use apt-get dist-upgrade
<qman__> 'upgrade' will not install new packages or remove old ones, only upgrade in place
<qman__> updating your kernel requires the installation of new packages
<qman__> which dist-upgrade will do
<datz> ah... humm.. that will not move me from say.. 9.10 to 10.04 though, will it?
<ziesemer_> I _think_ you need do-release-upgrade for that to happen.
<datz> ok, I'll try dist-upgrade and see what happens.. thanks guys
<qman__> yes, dist-upgrade will not do a release upgrade
<datz> thanks, running it now
<billybigrigger> can someone lend a quick hand...im trying to report an attack on my site to a company, and i want to parse all the lines from my auth.log that contain a certain ip address so i can easily paste it into a txt file...
<billybigrigger> cat auth.log |grep xxx.xxx.xxx.xxx > abuse.log
<ziesemer_> grep x.x.x.x auth.log > attack.txt
<billybigrigger> am i close?
<billybigrigger> ooooh
<ziesemer_> Yours works, too.
<billybigrigger> really?
<billybigrigger> heh, i'm smarter than i think :P hahaha
<billybigrigger> thanks ziesemer_
<billybigrigger> cat would actually display all of auth.log first though, wouldn't it?
<ziesemer_> You wouldn't see it, as it would all be consumed by grep.
<mannyv> i just install lucid server with a raid1 and it wont boot I  am getting no init found and a busybox prompt
<mannyv> anyone have any ideas on how to fix this?
<uvirtbot> New bug: #577264 in libvirt (main) "libvirt failed to start vm: internal error Unable to find cgroup for" [Undecided,New] https://launchpad.net/bugs/577264
<yaboo> trying to install samba and get package samba is not available
<yaboo> how can i resolve this please
<ScottK> yaboo: We'd need to see the exact error.
<bambang> can u solve my problem: Ctrl + L = "$echo -e \\033c", do u know Alt + F9 = ??????
<yaboo> Reading package lists... Done
<yaboo> Building dependency tree
<yaboo> Reading state information... Done
<yaboo> Package samba is not available, but is referred to by another package.
<yaboo> This may mean that the package is missing, has been obsoleted, or
<yaboo> is only available from another source
<yaboo> However the following packages replace it:
<yaboo>   samba-common-bin smbclient samba-common
<yaboo> E: Package samba has no installation candidate
<qman__> !pastebin | yaboo
<ubottu> yaboo: For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://tinyurl.com/imagebin | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<yaboo> ok
<ScottK> What release are you on?
<yaboo> lucid
<yaboo> http://paste.ubuntu.com/429831/
<yaboo> is my error
<ScottK> yaboo: Would you please pastebin the contents of /etc/apt/sources.list
<yaboo> ok
<ScottK> samba exists in Lucid and is certainly a real package.
<ScottK> What architecture are you running?
<yaboo> http://paste.ubuntu.com/429833/
<ScottK> (give me the output of uname -a if you don't know)
<yaboo> dual core intel
<yaboo> Linux mackie 2.6.32-22-generic-pae #33-Ubuntu SMP Wed Apr 28 14:57:29 UTC 2010 i686 GNU/Linux
<ScottK> Your sources.list is missing main and restricted.
<yaboo> ah ok
<AdamDV> lol
<yaboo> can you send me the missing stuff
<ScottK> Yes
<ScottK> yaboo: http://paste.debian.net/72496/ add that and then apt-get update
<ScottK> You should be able to install it then.
<yaboo> thanks, wil do now
<yaboo> thanks installs
<yaboo> hmm when it installs is there a /etc/init.d/samba, think mine is missing
<ScottK> yaboo: You will also want http://paste.debian.net/72497/ in there too.
<ScottK> I don't know much about samba, so that's probably all the help I can give you.
<yaboo> thanks ScottK
<mbt> Hi, is there some reason that upgrading from hardy server to lucid server isn't working?  "sudo do-release-upgrade" says "no new release found" when I run it on an 8.04.3 box
<qman__> IIRC, you need to update first
<mbt> That's already been done; it's fully up-to-date
<qman__> and 8.04.3 is not the latest 8.04
<mbt> Oh, sorry, I typed the version wrong; it is 8.04.4
<qman__> ok
<qman__> in that case, I'm not really sure
<qman__> I haven't tried any yet myself
<qman__> and I don't know what it uses to determine if there are new releases
<mbt> yeah, it's as if lucid wasn't an LTS
<qman__> other than running sudo apt-get update to get the latest lists
<mbt> Interestingly enough, if I 'sudo do-release-upgrade -d' it finds lucid.  But it shouldn't require the -d, correct?
<ScottK> mbt: The recommendation for hardy to lucid upgrades is to wait for 10.04.1, so it's not being offered as a regular upgrade yet.
<ScottK> What you are seeing is what is currently correct.
<mbt> ScottK: Oh, okay.  I thought the -d was for development
<ScottK> It is.
<jturek> mbt, you need to edit the "/etc/update-manager/release-upgrades"
<ScottK> Continuing to use it this way is overloading it slightly, but it has the right effect.
<jturek> and set Prompt=normal
<ScottK> jturek: No.  He doesn't.
<mbt> Color me confused.  :-)  I will just use the -d switch then.
<mbt> Thanks much!
<ScottK> mbt: Please be sure to file bugs on any upgrade issues you see.
<jturek> if he installed desktop instead of server when he started...
<mbt> ScottK: No problem.
<jturek> ScottK, sorry, its what I had to do to go from a LTS release to another release
<jturek> my release-upgrades file was set to "none"
<ScottK> sudo do-release-upgrade -d
<yaboo> whats the best ubuntu howto doc to setup a firewall so i call allow machines in the network surf out to the net?
<mbt> Anyone know if do-release-upgrade logs all of its output somewhere?
<jturek> /var/log/dist-upgrade/main.log and /var/log/dist-upgrade/apt.log
<mannyv> if anyone has any idea I am trying to boot a raid1 array in lucid and it keeps failing claiming it cannot find /dev/md0
<mannyv> it can find /dev/md1 but not /dev/md0 for some strange reason
<yaboo> should i use ufw?
<ScottK> yaboo: For a firewall, that's the standard one for Ubuntu.
<dominicdinada> lol
 * ScottK can't say much more than that.  I've got my own iptables scripts that work for me, but that I wouldn't recommend for anyone else.
<dominicdinada> ScottK:  My hostname is listed as blah-trvue0uir   when i check nslookup but I cant seem to find out where it is stored :/ /etc/hostname looks correct
<dominicdinada> ScottK: i was laughing if he enabled the firewall on and all of a sudden lost all outbound traffic
<ScottK> I'd try sudo grep -r blah-trvue0uir /etc/*
<dominicdinada> can I use a wildcard search in for the name because it is blah-   but then random characters maybe I was tired when I wiped this machine the last name
<ScottK> Yes.
<ScottK> But I need to go check laundry and pack.
<dominicdinada> tc/alternatives/gconftool matches
<dominicdinada> welcome back yaboo
<yaboo> dominicdinada: hoping after this reboot ufw works
<dominicdinada> sudo ufw enable ?
<dominicdinada> sudo ufw allow http
<dominicdinada> etc
<yaboo> yep done thats, need to get masquerading done
<dominicdinada> Heh it should work! you just gotta configure it right... still learning it myself
<dominicdinada> !gconf
<yaboo> ok, seems ufw works with masquerade
<kaushal> is there a mailing list of ubuntu kernel ?
<ScottK> Check lists.ubuntu.com.
<yaboo> can't believe samba is bjorked on ubuntu, might compile my own version
<mbt> ScottK: My upgrade went okay. The only bumps were on some /etc/init.d things that I customized that don't exist there anymore, so I had to port the changes to the upstart jobs
<CaptainTrek> where's the Apache mod_security thing located at?  what package(s)
<sherr> CaptainTrek: mod-security appears to be in the repos (for karmic anyway).
<yaboo> i don't need to allow samba for samba to work internally
<uvirtbot> New bug: #359301 in clamav (main) "klamav can't download virus database on jaunty" [High,Fix released] https://launchpad.net/bugs/359301
<Russ> http://www.NewSexyEmilie.com?605387
<uvirtbot> New bug: #310737 in clamav (main) "klamav update dies unexpectedly in intrepid with apparmor active" [Medium,Fix released] https://launchpad.net/bugs/310737
<dominicdinada> !ops | russ
<ubottu> russ: Help! Channel emergency! soren, lamont, mathiaz or tom
<uvirtbot> New bug: #312695 in clamav (main) "freshclam blocked by apparmor" [Medium,Fix released] https://launchpad.net/bugs/312695
<uvirtbot> New bug: #346397 in clamav (main) "apparmor denies freshclam access to /var/run/samba/gencache.tdb" [Undecided,Fix released] https://launchpad.net/bugs/346397
<dominicdinada> !ops | Russ Spamming
<ubottu> Russ Spamming: Help! Channel emergency! soren, lamont, mathiaz or tom
<Russ> what language is that?
<Russ> oh
<Russ> wrong channel
<Russ> :P
<dominicdinada>  2 channels in a row
<dominicdinada> i doubt it im in both Ubuntu and here
<Russ> i amsg'd it to all the chans i'm in
<Russ> i wanted to see if it was for real
<Russ> guess so :P
<dominicdinada> Well you can spread your crap else where
<Russ> my friend warned me not to, i guess he was right
<Russ> lol
<yaboo> ok got issues seems i cannot connect via the browser to port 901 swat, any reason why, can telnet to the port and it is ok
<dominicdinada> yaboo:  I couldnt either last night :(
<yaboo> ok
<dominicdinada> yaboo: the shares are actually easier to set up than I thought
<yaboo> dominicdinada: i can setup the shares, but my windows 7 cannot see them
<dominicdinada> I am on windows 7 also :) not a problem
<dominicdinada> but I used the same user scheme etc... just out of habbit
<yaboo> yeah do not know why i cannot win 7 cannot see the shares
<dominicdinada> how are you sharing them ? Browsable, Read, ??
<yaboo> yes
<dominicdinada> here ill post a share of mine on pastebin
<yaboo> cool
<Edwin_ach> hi everyone, I want to download an older .iso version of Ubuntu Server (8.04 32bits) from ubuntu.com but I don't found any useful link, do you know where I can? Â« thanks :-) Â»
<dominicdinada> yaboo: http://pastebin.com/7pJGXMPg
<dominicdinada> sorrry stupid ssh on unbuntu desktop doesnt capture that is one share of mine
<dominicdinada> brb
<yaboo> thanks loading
<dominicdinada> dont forget      sudo /etc/samba/smbd restart
<dominicdinada> wait
<dominicdinada> lol
<yaboo> thought it was server smnb restart
<dominicdinada> it is sudo /etc/init.d/smbd restart
<dominicdinada> well on lucid for me it is smbd :/
<yaboo> dominicdinada: in 10.04 that file is gone
<dominicdinada> I am on 10.04 server and laptop the smbd file is still there
<dominicdinada> in init.d
<halvors> I cant recive emil with dovecot the musieve plugin missing :(
<dominicdinada> Brb now
<halvors> Hwat should i do?
<RoyK> Edwin_ach: I use ftp.uninett.no
<Edwin_ach> hi RoyK, I can't still find the download link on ftp.uninett.no :-(
<Edwin_ach> RoyK, from here: ftp://ftp.uninett.no/pub/linux/ubuntu/dists/hardy/ where can I find the link to download 32 bits server edition?
<halvors> ???
<dominicdinada> yaboo: what did you come up with
<Edwin_ach> RoyK, fortunately I have just remember that some years ago I downloaded another distro image from http://ftp.belnet.be and just there I have found that I was looking for, so if it can be considered for future reference about older releases this site is cool!! :D
<dominicdinada> halvors: still didnt fix your email problem ?
<Edwin_ach> http://ftp.belnet.be/mirror/ubuntu.com/
<halvors> No, but i think te problem is that postfix missing museive
<Edwin_ach> thanks anyway community, bye...
<dominicdinada> http://releases.ubuntu.com/
<RoyK> Edwin_ach:   ftp://ftp.uninett.no/linux/ubuntu-iso/hardy/
<dominicdinada> Edwin_ach: http://releases.ubuntu.com/10.04/ubuntu-10.04-server-i386.iso 32bit
 * RoyK sticks to 8.04 for a few months more
<dominicdinada> 32bit lucid right ?
<dominicdinada> 8.4 is on there also
<halvors> But some ideas about my email problem?
<RoyK> Edwin_ach: ftp://ftp.uninett.no/pub/linux/ubuntu-iso/ for all of them
<dominicdinada> halvors: I still think it is the either addressing :/
<dominicdinada> the link i posted is for the direct download to lucid 10.04 32bit server
<halvors> no, i reinstalled the server  and it is now sieve
<dominicdinada> sieve?
<Edwin_ach> thnak you dominicdinada :D but I couldn't found the link in the main page, neither using the search button :(
<dominicdinada> i posted the direct link to the download *face palm*
<RoyK> Edwin_ach: did you find the iso from my link?
<dominicdinada> Edwin_ach: http://releases.ubuntu.com/10.04/ubuntu-10.04-server-i386.iso 32bit
<dominicdinada> Edwin_ach: http://releases.ubuntu.com/10.04/ubuntu-10.04-server-i386.iso 32bit
<halvors> I think it is that bug, but i cant fix it: https://bugs.launchpad.net/ubuntu-release-notes/+bug/516040
<uvirtbot> Launchpad bug 516040 in ubuntu-release-notes "dovecot sieve plugin renamed from cmusieve to sieve" [Undecided,Fix released]
<halvors> Can somone help me?
<halvors> https://bugs.launchpad.net/ubuntu-release-notes/+bug/516040
<jpds> dominicdinada / Edwin_ach: http://www.ubuntu.com/getubuntu/download-server actually. ;)
<dominicdinada> what is the message errors you are getting now ?
<dominicdinada> jpds: a couple of days ago that page only listed the 64bit versions no link to 32bit you had to hunt i gave him the exact link to lucid so if he opens it will download
<Edwin_ach> yeah RoyK, I found a link for 8.04.4 I don't know what is the difference with just 8.04, but anyway, in http://releases.ubuntu.com I found the link for 8.04 server ed. 32 bits :)
<Edwin_ach> thank you RoyK ! :)
<viezerd> Edwin_ach: updating 8.04 will eventually give you 8.0.4.4
<Edwin_ach> dominicdinada, thank you for the link http://releases.ubuntu.com because actually I need the 32bits of 8.04 LTS because I want to proof zimbra as they recommend 8.04 LTS (http://wiki.zimbra.com/wiki/Ubuntu_8.04_LTS_Server_(Hardy_Heron)_Install_Guide)
<Edwin_ach> thank you viezerd for the info!!!
<dominicdinada> No problem I wasnt sure which one but ya thats the entire repo
<dominicdinada> halvors: Your using IMAP?
<Edwin_ach> guys... for people like you (your help) Ubuntu is still growin up :D
<halvors> I have tested with IMAP and POP3 noting works
<dominicdinada> well
<Edwin_ach> instead the help for other distros in irc channel :-/
<dominicdinada> halvors:  pop3 is a to get mail smtp is to send
<Edwin_ach> thanx dominicdinada, RoyK, jpds, viezerd !!!
<halvors> i know
<dominicdinada> Edwin_ach: welcome
<halvors> Here is my error in the log (mail.warn): May  7 22:18:43 ss1 dovecot: deliver(halvors-skymia.net): Fatal: Plugin cmusieve not found from directory /usr/lib/dovecot/modules/lda
<halvors> May  7 22:49:23 ss1 dovecot: dovecot: Killed with signal 15 (by pid=2048 uid=0 code=kill)
<Edwin_ach> bye, bye...
<dominicdinada> Sigh
<yaboo> dominicdinada: can you send me your setup, think its the globals that are wrong
<uvirtbot> New bug: #577375 in openldap (main) "package slapd 2.4.21-0ubuntu5 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/577375
<dominicdinada> My globals are not standard as I installed server via external hard drive while server is in pieces so my drives and eth0s messed up...
<dominicdinada> yaboo: have you tried to add an exception in the firewall also ? sudo ufw allow sftp
<yaboo> ok
<dominicdinada> sudo ufw allow samba ....
<yaboo> ufw allow sftp
<dominicdinada> well ya u gotta sudo it
<dominicdinada> on your server.
<dominicdinada> halvors: have you tried reinstalling the packages once again ?
<yaboo> hang on allow samba from the outside world
<uvirtbot> New bug: #577379 in mysql-dfsg-5.1 (main) "mysql command line broken (relocation error)" [Undecided,New] https://launchpad.net/bugs/577379
<dominicdinada> yaboo:  got it ?
<yaboo> dominicdinada: why should i open the samba port on my firewall
<yaboo> got what
<dominicdinada> to communicate with the share? samba is a file service
<yaboo> but those that open samba to the outside world
<yaboo> my ubuntu box is my gateway also
<dominicdinada> you not behind a rou
<yaboo> no
<yaboo> my ubuntu is my all in one box
<halvors> dominicdinada: I have not reinstalled no, packages. But who will i need to reinstall?
<dominicdinada> ahhh i am not the best with the firewall yet but i believe you can add specific exceptions to certain machines
<dominicdinada> halvors: well i was wondering because before it was sending but was getting a 5.4.4 error not it wont even try to send
<dominicdinada> !iptables | yaboo
<ubottu> yaboo: Ubuntu, like any other Linux distribution, has firewall capabilities built-in. The firewall is managed using the 'ufw' command (see https://help.ubuntu.com/community/UFW), or 'iptables' (https://help.ubuntu.com/community/IptablesHowTo). GUI frontends such as Firestarter/Gufw (Gnome) or Guarddog (KDE) also exist.
<twb> Bleh, that page tells people to use -L instead of iptables-save.
<dominicdinada> twb: L is to list
<dominicdinada> i thought it saves it right away
<dominicdinada> yaboo: sudo ufw allow from 192.168.0.4 to any port 22?   <~ an example to allow specific ips on ports
<RoyK> 22/tcp
<dominicdinada> well ya if you want to be really specific mine is behind routers :) so i get time to harden it
<twb> dominicdinada: iptables -L is a single-table, non-machine-readable, lossy output format.
<twb> dominicdinada: iptables-save emits a comprehensive dump of all loaded tables, in a format that can be read back in.
<dominicdinada> ya it is how to better real it
<dominicdinada> oh ok
<dominicdinada> default in etc?
<twb> Certainly for anything more than trivial -s/-d/--dport, I find it easier to read iptables-save than -L.
<dominicdinada> well any how i killed my network a few times today but ahhh well
<halvors> No it isnt that i reinstalled an di not get this error now
<halvors> so it must be
<halvors> musieve
<jo-erlend> I need some help. I tried to install qemu-kvm and libvirt-bin, but while it was installing, the system froze. Now, the package is half-installed and I can't install or remove anything. How do I proceed?
<RoyK> jo-erlend: dpkg --configure -a ?
<jo-erlend> nei, det funker ikke.
<jo-erlend> sorry :)
<jo-erlend> no, that doesn't work.
<jo-erlend> that is to say, it doesn't give me any error messages, but I still can't install or remove anything.
<RoyK> apt-get remove --purge xxx && apt-get install xxx ?
 * RoyK gir jo-erlend en ny installasjon-cs
<RoyK> cd
<jo-erlend> that doesn't work either.
<RoyK> no error message?
<jo-erlend> I refuse to reinstall. There has to be a way to fix it.
<jo-erlend> yes
<RoyK> apt-get update && apt-get dist-upgrade
<RoyK> what does that tell you?
<jo-erlend> dpkg (subprocess): unable to execute post-installation script: Exec format error
<jo-erlend> among other things.
<RoyK> tried strace -f that?
<jo-erlend> no...
<RoyK> dpkg has some issues with hung packages
 * RoyK goes shopping
<echosystm> does ubuntu server have selinux or equivalent by default?
<penguin42> echosystm: It has apparmor
<twb> It supports several MACs, but the default is apparmor.
<uvirtbot> New bug: #573853 in squid (main) "Cannot control squid "Unknown instance"" [Undecided,New] https://launchpad.net/bugs/573853
<guisepe> unbuntu.es
<guntbert> guisepe: /join #ubuntu-es
<guisepe> Error
<guntbert> !es | guisepe
<ubottu> guisepe: En la mayorÃ­a de canales de Ubuntu se habla sÃ³lo en inglÃ©s. Si busca ayuda en espaÃ±ol o charlar entra en el canal #ubuntu-es. Escribe "/join #ubuntu-es" (sin comillas) y dale a enter.
<RoyK> !no
<ubottu> Hvis du vil diskutere pÃ¥ Norsk, vennligst gÃ¥ til #ubuntu-no. Takk!
<RoyK> hehe
<RoyK> !is
<RoyK> how can I add stuff to ubottu
<RoyK> ?
<RoyK> or change stuff
<guntbert> RoyK: you can submit suggestions (best in a query window with ubottu) in the form !factoid is .........., but first please read
<guntbert> !brain
<ubottu> Hi! I'm #ubuntu-server's favorite infobot, you can search my brain yourself at http://ubottu.com/factoids.cgi - Usage info: http://wiki.ubuntu.com/IRC/Bots
<RoAkSoAx> kirkland, ping
<RoyK> submitted something for Icelandic and Norwegian - "pÃ¥ Norsk" is ok, but "norsk" shouldn't be capitalized
<coffeedude> #launchpad
<Mkools> Hi, I am using tomcat6 can someone tell me what does this means: Attribute name "docBase" associated with an element type "Context" must be followed by the ' = '
<Mkools> I am also getting unable to connect with: http://127.0.0.1:8080/
<mcas> Mkools: did you edit a config file before this error?
<Mkools> mcas: Yes.
<mcas> have you changed the docBase path?
<Mkools> mcas: Actually I am trying to add a virtual host on it. For that I have created a docBase path. Would you like to review my server.xml
<mcas> yes could you pleaase post it to a pastebin service?
<Mkools> mcas: Before you review I would like to tell you that I am trying to use dns server( which I have configured with bind9) to use with tomcat6.
<mcas> ok
<mcas> i hope i can help you ;-)
<Mkools> mcas: pastebin is giving me problem it's not pasting the code.
<mcas> hmm
<mcas> you could try http://pastbin.kubuntu-de.org
<Mkools> mcas: It's saying server not found.
<mcas> http://pastebin.kubuntu-de.org/new
<mcas> sorry my fault
<Mkools> http://pastebin.com/4efpK5uh
<Mkools> mcas: I am not getting the previous error but I am now getting a warning  No rules found matching 'Server/Service/Engine/Host/Host/Valve'.#0129 May, 2010 12:07:25 AM org.apache.tomcat.util.digester.Digester
<Mkools> mcas: Do I need to edit /etc/environment for tomcat to work properly.
<mcas> Mkools: afaik not
<Mkools> mcas: Means what can you elaborate.
<mcas> hmm
<mcas> do you have any webapps installed?
<Mkools> mcas: No I am basically trying to show the starting page of tomcat IT WORKS! typing my domain name on URL
<dominicdinada> Yawn :P
<Mkools> mcas: Now tomcat is running on 192.168.0.1 which is the ip of my dns.
<mcas> Mkools: i do not have much experience with virtual hosts and tomcat but i think you have you have to put it under the </host> of localhost
<dominicdinada> !tomcat
<dominicdinada> If I plug a usb external hard drive into my server I will have access to it correct? transfering 50 gigs over the network is well time consuming
<Mkools> mcas: Can you please tell me what should be the path set for docBase and context element in server.xml?
<Mkools> mcas: Basically I am lot more confused about path structure used in tomcat
<mcas> Mkools: i would try path="" and docBase="ROOT"
<mcas> dominicdinada: yes should work
<mcas> dominicdinada: you should first check if you "see" the usb hard drive with dmesg and then mount it manually
<dominicdinada> Ok after this 3 gb transfer is done ill give it a shot... then I am gonna break my server for the 4th day in a row :P
<dominicdinada> mcas: will do
<mcas> dominicdinada: i don't think pluging in an usb hard drive will break your server ;-)
<Mkools> mcas: What's your opinion on port, i.e. because dns uses 53 and it is using I think 8080. If I need to edit the port then where do you think the it should be done in server.xml
<mcas> Mkools: there should be no problem with ports while running your bind and tomcat on the same host
<dominicdinada> mcas: No but when I go to follow through the steps to turn the server into a WIFI-access point well it messes everything up... Alone I cant even get the server to set statically :(
<mcas> statically?
<dominicdinada> Static ip...
<dominicdinada> I set it to what it should be....
<mcas> ah ok
<Mkools> mcas: If this thing should be run on LAN that is client wants to access IT WORKS using firefox the what editing should be done?
<dominicdinada> somewhere I got the saved attempts but i think it was the problem with ebox so i removed ebox and it took everything with it
<uvirtbot> New bug: #577552 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.41-3ubuntu12 failed to install/upgrade:" [Undecided,New] https://launchpad.net/bugs/577552
<mcas> Mkools: you have a server "A" where you have a bind and tomcat for your lan.. you set up your clients to use your server "A" as name server
<mcas> right?
<Mkools> mcas: Which server dns or web? I have a entry for my dns in bind conf files. Which files should be edited on clients?
<dominicdinada> it auto mounted correctly
<mcas> your tomcat is not running on the same host your bind is running?
<mcas> dominicdinada: great
<Mkools> mcas: Running on same. But what if it happens.
<mcas> so you can access tomcat by ip right?
<Mkools> mcas: Now when I type domain name: 8080 I can see my page. But I want to only access it using my domain name.
<mcas> ah ok
<mcas> only name not ip?
<Mkools> mcas: yep
<Mkools> mcas: dns will take care of ip
<dominicdinada> WTF haha now that this external drive is plugged in the transfers are even slower
<mcas> Mkools: now i understand what you want to do ;-)
<Mkools> mcas: So what to do?
<mcas> let me think about it for a moment
<mcas> Mkools: i found a very good howto for you
<mcas> http://www.ex-parrot.com/pete/tomcat-vhost.html
<Mkools> mcas: Yeah tried that but got confused with the directory structure in it. Can you please tell me what and where to edit.
<webroasters> has much been changed between Ubuntu 8.04 and 10.04, in regards to basic server issues?
<webroasters> my server is currently 8.04 and i'm thinking of upgrading
<mcas> Mkools: which paths?
<Mkools> mcas: Where this conf comes from there is no file naming this in /etc/tomcat6
<Mkools> sorry not file folder.
<mcas> so where is your server.xm located?
<Mkools> mcas: it's in /etc/tomcat6
<Mkools> What's this $tomcatdir
<mcas> where do you have your webapps folder located?
<dominicdinada> ok 512kbs via usb or 1.4mb via network... dam it i guess server doesnt come with usb 2.0 drivers
<\sh> tomcat6 webapps folder in a standard setup of ubuntu should be /var/lib/tomcat6/webapps
<mcas> thanks \sh
<mcas> so Mkools $tomcatdir should be /var/lib/tomcat6
<Mkools> mcas: webapps in /usr/share/tomcat6
<mcas> ok than this is your tomcatdir
<Mkools> mcas: Then how to remove this extra :8080 in the URL
<Mkools> mcas: Because I thing rest of the things have been done.
<\sh> Mkools, you want to use tomcat as webserver? you can just get rid of the port 8080 when you remove the port number and change it to 80 in the web connector in server.xml
<\sh> but then you need to start tomcat6 as root, which is bad
<\sh> therefore you should think about using apache2 + mod_jk and using ajp3 connector on tomcat6 side
<mcas> you can use iptables and portforwarding
<Mkools> mcas: More about it. Links?
<mcas> http://www.klawitter.de/tomcat80.html
<Mkools> mcas: Is it the only solution besides that of apache.
<\sh> Mkools, you can use tomcat6 as standalone webserver, but it's not recommended, because of speed, and security
<\sh> apache is the better way..
<\sh> and much better to scale
<mcas> \sh what about running apache as a reverse proxy for tomcat? could this be a solution?
<Mkools> \sh: Ok thanks but I am really running out of time.
<mcas> i think you have more experience with tomcat ;-)
<\sh> mcas, yes, but then you have a one to one connection to your tomcat...which is the same as running it as standalone
<\sh> using mod_jk gives you NxAJP channels which performs much better
<mcas> ok
<\sh> mcas, on one apache that is...(you could use lighty as well woth a ajp modul)
<Mkools> mcas: \sh: thanks for your help I will talk to you later can you give me your appointments on the IRC. Because I live in India.
<\sh> mcas, oh well...I'm not an expert...but we are running 4 frontend apaches and behind them are 30 tomcats :) and the apaches are not the bottleneck ;)
<Mkools> The people in US have time zone problems.
<Mkools> \sh: great :)
<\sh> Mkools, I'm on german time..but from tomorrow on I'm at the UDS in brussels so I don't think I have so much time to lurk ;)
<dominicdinada> Mkools: Time Zone problems ?
<mcas> Mkools: i am from german timezone too
 * \sh should write something on his blog about apache + tomcat scaling ...
<mcas> \sh would be great to read about it ;-)
<Mkools> \sh: Can you provide me the URL?
<Mkools> for your blog.
<\sh> Mkools, http://shermann.name/ but when I write something it will be aggregated on planet.ubuntu.com as well...so have a look there first ;)
<\sh> so...I need to go to bed tomorrow is a  long travelling day..
<Mkools> mcas: \sh: Thanks so much for your time and support :)
<mcas> Mkools: yw
<mcas> \sh have fun at uds and good journey
<\sh> mcas, thx :)
<RoyK> in zfs there is a zero intent log (zil) that can be placed on an SSD to speed up things - does ext[234] have something like this?
<penguin42> RoyK: You can put the journal from ext* on a separate device
<RoAkSoAx> kirkland, ping?
<RoyK> penguin42: is that similar to the zil? as in - things are written there first and then flushed?
<penguin42> RoyK: I think so, but I don't know much about the zil
<RoyK> are data written to the ext[34] journal and then flushed?
<mcas> RoyK: i cannot tell you the exact function of ext[34] but puttin the journal on a different device speeds things up
<RoyK> too bad btrfs is (still) late
<RoyK> it'd be nice to run linux on some high-volume boxes here, but now we're on osol for them
<_Trullo> just added 2 drives to my server, do I have to add them to fstab to get them mount each time I start the server?
<JanC> RoyK: does it write to the disk in a location mapped as belonging to the journal and when it succeeds, moves that location to the main diskspace?
<penguin42> _Trullo: Probably
<mcas> _Trullo: yes
<_Trullo> ok
<RoyK> JanC: zfs zil?
<JanC> RoyK: yeah, trying to understand what it does?  ;)
<JanC> IIRC some FreeBSD filesystem supports that
<RoyK> zfs on freebsd, yes
<JanC> I mean, not ZFS
<JanC> just trying to understand what functionality exactly you're talking about...
<JanC> http://www.solarisinternals.com/wiki/index.php/ZFS_Evil_Tuning_Guide#Disabling_the_ZIL_.28Don.27t.29 --> this?
<RoyK> that's the ZIL
<RoyK> it'd be nice if Oracle went bankrupt and gave away their code
<RoyK> about as likely as a meteor striking
<JanC> if I understand correctly it's a written log of operations that might take some time to finish, so that if there is a power down before they finish, the kernel/fs can finish them after a reboot, or something like that?
<penguin42> sounds pretty similar to the ext journal to me
<RoyK> like a database log
<RoyK> very much like it
<JanC> penguin42: it's a bit more than ext journal I think
<RoyK> except ext3 doesn't deal with checksumming and raid and dedup and so on
<JanC> but I might be wrong  ;)
<penguin42> RoyK: Yeh the responsibilities are split on linux where as zfs mushes them altogether a bit
<RoyK> JanC: I think you might be quite right
<JanC> RoyK: from what I understand ZFS dedup isn't exactly scientifically sound ;)
<RoyK> penguin42: yeah, and with them all "mused" together, consitency is quite easy
<RoyK> JanC: it's ok so for you have tons of memory and l2arc and nothing bad happens
<RoyK> say 4GB plus 1GB per 1TB storage plus a little more - then add l2arc SSD devices and som Zil SSD devices
<RoyK> but if you're doing a 100TiB setup, it's quite nice
<ibrandt> Greetings all.  I'm new to Ubuntu and EC2 (but not Linux otherwise).  If I launch one of the server AMIs, install, configure and use some apps (e.g. a database), and then shut down is all data lost, or do the AMIs mount certain paths from the EBS?  I'm trying to understand if I should read up on deriving new AMIs and reconfiguring mount points to EBS before I take my firs
<ibrandt> at the cloud.  Thanks to any takers.
<RoyK> that is, unless you try to remove a 10TiB dataset and the server reboots. Then it'll probably hang until it's finished the removal of that dataset
<jherrlin> hi folks!
<RoyK> hi nerds!
<viezerd> I like zfs
<jherrlin> i have a little question, i have an Apple OSX 10.6 server, with FTP
<jherrlin> and a ubuntu server
<RoyK> viezerd: we have a couple of 30TB osol boxes with it
<RoyK> works like a charm
<jherrlin> i whant to connect to my OSX FTP and have the possebilety to find my ubuntu shared folder from that ftp
<jherrlin> any ideas?
<RoyK> it's just ftp
<RoyK> should work well
<jherrlin> but how RoyK?
<viezerd> RoyK: nice :)
<erichammond> ibrandt: Start with EBS boot AMIs and your root file system will be stored on an EBS volume.  This volume persists through stop/start, but by default will be destroyed if you "terminate" the EC2 instance.  You can read more here: http://ec2-downloads.s3.amazonaws.com/BootFromEBSGSGGuide.pdf
<RoyK> jherrlin: ncftp -u user ip.of.the.box
<jherrlin> mount my AFP shares from the Ubuntu server to my OSX server and then share them on the OSX FTP?
 * erichammond steps out
<RoyK> viezerd: we might get another 20TB for those and another dual 130TB setup for backup :Ã¾
<viezerd> :D
<scar> i configured the disks on my server as AHCI, then installed ubuntu. now after it has rebooted, the BIOS is stuck on 'detecting SATA channel 0'.  i can't enter the BIOS because it's stuck on this....
<RoyK> viezerd: with supermicro hardware, it's really not very expensive
<scar> if i unplug the drives and reboot, then i can get into the BIOS... when i put them back to "IDE" it will detect the disks again... wtf?
<penguin42> scar: Sounds like a bios bug
<RoyK> scar: seems like a bad bios to me
<scar> the thing is, i have another server of the exact same type with same BIOS version and it's been working just fine with AHCI
<RoyK> same ubuntu version?
<scar> yeah both with 10.04
<RoyK> anyway - it's not really an ubuntu question, since linux never gets booted
<penguin42> still say it sounds like a bad bios
<scar> so do i try to reflash the BIOS?
<JanC> scar: same BIOS version?
<scar> JanC, yeah
<penguin42> I doubt that will help
<RoyK> it's worth a try
<RoyK> since it never reaches grub, something must be fscked up in the BIOS
<penguin42> scar: My guess is the bios isn't clearing some state out on the hardware on reboot and is confused by the state ubuntu has left it in
<RoyK> penguin42: aren't those supposed to be reset on reboot?
<RoyK> or at least a powerdown?
<penguin42> RoyK: They *should* be reset on reboot
<RoyK> not stored in nvram?
<RoyK> scar: have you tried to power down the system and let it rest for a minute or two?
<penguin42> RoyK: Well it should reset the hardware to a decent state before probing
<scar> penguin42, i tried using 'load failsafe defaults' as well as 'load optimal defaults' it will work when in IDE mode but when i put it back to AHCI it still is stuck on detecting SATA channel 0
<RoyK> if the firmware isn't buggy :Ã¾
<scar> RoyK, no... maybe i did for about 30 seconds
<penguin42> oh so you've tried unplugging - very odd
<viezerd> RoyK: those Supermicros quality , same as , lets say HP Proliants ?
<penguin42> viezerd: The chassis on the supermicros tend to bend a bit on some of the models :-) But what's inside tends to be pretty good
<viezerd> cool
<RoyK> viezerd: can't complain
<RoyK> it works
<RoyK> probably made in the same asian factyory :Ã¾
<RoyK> 35-drive hotplug 4U server is nice
<JanC> I have a SuperMicro workstation motherboard  ;)
 * scar tries clearing the CMOS according to the Service Manual
<halvors> I get this error in my mail log, and how can i fix it? http://paste.ubuntu.com/430202/
<RoyK> viezerd: we have a bunch of HP stuff too - can't really compare with it - it all works, just as supermicro
<penguin42> RoyK: How the heck do you get 35 drives in 4u?
<RoyK> 24 in the front and some in the back
<viezerd> so then the price makes the difference :)
<RoyK> viezerd: yes, that's why we've bought a bunch of supermicro stuff lately :D
<viezerd> I got a dual P3, 1266 mhz proliant G2 , needs to be replaced someday :P
<halvors> ??? ;)
<RoyK> G2 is P4, right?
<penguin42> RoyK: Oh, the back - neat
<viezerd> P3
<viezerd> G3 is P4
<RoyK> I'm quite sure I have a G2 DL320 with P4
<RoyK> no, I'm certain
<viezerd> RoyK: http://edsel.nu/sysinfo/
<viezerd> its a DL 380
<JanC> same socket?
<RoyK> perhaps the DL380 hung back
<RoyK> DL320 is entry level stuff
<viezerd> could be, after all,its been working for years :)
<viezerd> but, its getting really old now
<RoyK> supermicro has a neat 1U box with 4 x 12core Athlons supporting half a terabyte of RAM - I guess that box could replace most of our servers :D
<viezerd> couple years ago only dreams existed of having haf a terrabyte lol
<JanC> viezerd: depending on your budget...
<scar> huh... i removed the battery for 30+ seconds... but the CMOS didn't get cleared
<uvirtbot> New bug: #352987 in lm-sensors (universe) "lm-sensors report incorrect values of CPU temparature" [Low,Confirmed] https://launchpad.net/bugs/352987
<fbc-mx> hi somehow I have thousands of cron instances... How do I kill'em all (metallica style)
<efleming969> fbc-mx: have you looked at the killall command?
<fbc-mx> efleming969, I didn't know one existed
<viezerd> thats through JanC, with enough money :
<viezerd> :)
<JanC> viezerd: ?
<scar> damn proprietary vendors. i can't download a BIOS update for this server without a Sun contract
<fbc-mx> efleming969, yup that did it...
<fbc-mx> efleming969, I had some command in my crontab for moodle that was spawning zombie cron jobs.
<ibrandt> erichammond: Thanks for the EBS boot AMI pointer and link.  That's got me finding a lot of great info from your alestic.com site and elsewhere.
<uvirtbot> New bug: #577592 in qemu-kvm (main) "qemu-kvm dependencies require X" [Undecided,New] https://launchpad.net/bugs/577592
<viezerd> JanC: nevermind :) , what I meant to say was about the price of hardware, like 10 years ago you had to be a millionair to have the same hardware as now
<scar> at least the Sun/Oracle forums are free to access
<RoyK> it'd be nice if zfs was GPLed
 * ziesemer_ agrees!
<RoyK> I have a coule of 30TB osol boxes and it would be very nice to run them on linux
<ziesemer_> I guess there is work to make ZFS available through FUSE - but I'm not sure what all the implications of that are - including performance.
<kirkland> RoAkSoAx: hi
<kirkland> RoAkSoAx: ashes?
<RoyK> ziesemer_:  performance issues and no newer zfs versions
<ZachK_> Ah hello?
<penguin42> ziesemer_: I thought it already was wired up to fuse by someone
<RoAkSoAx> kirkland, ashes
<RoAkSoAx> indeed
<kirkland> RoAkSoAx: bummer dude
<RoAkSoAx> kirkland, im scheduled to arrive on tuesday morning though
<kirkland> RoAkSoAx: okay, better than nothing
<kirkland> RoAkSoAx: http://www.jonobacon.org/2010/05/08/important-ash-cloud-travel-problems-and-uds/
<RoAkSoAx> kirkland, yeah been through that... we've been trying to get a flight for tomorrow is all packed!!
<RoyK> ah - EyjafjallajÃ¶kull
<kirkland> RoAkSoAx: here's to hoping you make it, dude
<RoAkSoAx> kirkland, i do hope so to!! I could have changed to other flights departing today though.. btu the counter at the airport messed up real bad and didn't tell us that there there were other flights available (through different airports) and when we came to see online, we tried to call every apparent avaiable flight but everything got packed
<cemc> is there a problem with dovecot in Lucid?
<cemc> I just tried to install dovecot-imapd dovecot-pop3d, and I'm getting an error, hostname: name or service not known, or something like that
<RoAkSoAx> kirkland, btw.. I'll probably request the change of the TestDrive session to another day since I'll prolly get there pretty tired on tuesday
<dominicdinada> Is there a known bug for lucid gnome crashing while file transfer ?? Or basically doing anything it has happened 8-10 times since I have installed and when it crashes I lose the Minamize,Maximize,Close the whole window controls
<dominicdinada>  plus Any window that is not in focus is not listed on the taskbar only all the windows from when the desktop crashed... even when a system monitor kill the process
#ubuntu-server 2010-05-09
 * penguin42 wonders if theres a  way to get kvm/libvirt to reload its networking settings
<uvirtbot> New bug: #516040 in ubuntu-release-notes "dovecot sieve plugin renamed from cmusieve to sieve" [Undecided,Fix released] https://launchpad.net/bugs/516040
<dominicdinada> If i do iptables-save where does it save the file to ?
<ziesemer_> dominicdinada:  Per the man page, nowhere - but to stdout.
<dominicdinada> is that a file that contains the firewall then to import elsewhere
<ziesemer_> Try "man iptables-save".  It mentions using IO redirection, as well as iptables-restore.
<ziesemer_> So by default, it seems that every user account has a same-named group created, of which is the primary group for each user.  Should I do the same if using LDAP?  What would an advantage be over just using a generic "users" group?
<dominicdinada> Hmm i still am not able to export it to bring it into firewall builder
<ziesemer_> What is "firewall builder"?
<ziesemer_> Maybe you just want "iptables -L >someFile" ?
<dominicdinada> got it i think :P
<dominicdinada> except it is a empty file :(
<ziesemer_> sudo ?
<dominicdinada> yes
<dominicdinada> i take that back
<dominicdinada> http://www.fwbuilder.org is the proggy btw
<ziesemer_> I just setup LDAP for authentication, and ran "auth-client-config -t nss -p lac_ldap".  Why is pam_groupdn not working in /etc/ldap.conf ?
<chewbranca> anyone have any thoughts on ubuntu server 10.04? I'm going to setup UEC tonight and I'm wondering if 10.04 is a good way to go, or if I should go with 9.10?
<chewbranca> 10.04 on the desktop has not been very pleasant so far, for me and most everyone I know who has upgraded to it
<owen1> does it make sense to use MinimalCD as a server? or should i just use the server and remove stuff i don't need? where can i see list of packages for each one?
<KurtKraut> owen1, I don't think you'll find a list of packages installed by default. Only very small Linux distributions (like tinycore, puppy linux and damn small linux) bother to create such list
<owen1> KurtKraut: but ubuntu has minimalCD as well. i am curious to know if it's used for servers?
<KurtKraut> owen1, the minimal CD is minimal for Ubuntu but not a minimal Linux distribution.
<KurtKraut> owen1, it is not like Damn Small Linux that provides you a full featured system in a 50mb ISO.
<FrankLee> Hi. I'm looking to set up a solid home server base, that is also capable of running desktops/xserver on top. Basically want a server and desktop in one. Any one keen to share some ideas?
<owen1> KurtKraut: ok. after i install minimalCD, i can't install ssh server and login to my new machine?
<owen1> FrankLee: i am doing the same.
<FrankLee> ahh that's handy
<owen1> FrankLee: i am debating between ubuntu server+x or minimalCD+x
<KurtKraut> owen1, if you install and configure openssh-server later, yes.
<FrankLee> yes I was wondering the same. btw how do i direct a comment towards someone? not a big irc user.
<owen1> FrankLee: what client do u use
<owen1> try irssi. it's the best
<FrankLee> quassel
<owen1> i just start the nick of someone, and hit tab
<owen1> and that the message
<FrankLee> owen1: ah huh, very cool, cheers
<KurtKraut> FrankLee, IRC clients tend to have autocompletion just like bash.
<FrankLee> KurtKraut: thank-you
<showmeurOface> ok
<ziesemer_> What else could be caching authentication info?  I had configured LDAP, and I shutdown the only LDAP server.  A login for a user that exists only in LDAP is still working.  I don't have nscd installed.  Even rebooting the client host doesn't help - login still works.
<KurtKraut> owen1, Have you seen the Ubuntu JeOS images? JeOS stands for 'just enough OS'. I think it is the minimium you can get with Ubuntu
<owen1> KurtKraut: so if i really want lean machine (server or desktop) i should start with MinimalCD?
<owen1> KurtKraut: let me google
<KurtKraut> owen1, why are you so worried to get a minimum set up? Are you planing to install in a pendrive or in a small storage device?
<owen1> http://www.ubuntu.com/products/whatisubuntu/serveredition/jeos
<owen1> KurtKraut: no, but that's a good idea. i just don't need all kind of stuff, like apache. i want nginx for example.
<KurtKraut> owen1, the regular Ubuntu Sever install doesn't install Apache by default.
<owen1> KurtKraut: interesting. so maybe i can stick to server then
<KurtKraut> owen1, yes.
<showmeurOface> stupid question but whats a good windows front end to build iptables firewalls ?
<KurtKraut> showmeurOface, I wouldn't rely in any.
<showmeurOface> Hmmm I was under the understanding iptables was ez :/
<showmeurOface> maybe I should rephrase the question because firewall builder is awesome... but you gotta pay for it...
<FrankLee> KurtKraut: So if I set up a ubuntu-server, what is the best way to ensure that remains running whilst being able to change between xservers?
<showmeurOface> !ufw
<ubottu> Ubuntu, like any other Linux distribution, has firewall capabilities built-in. The firewall is managed using the 'ufw' command (see https://help.ubuntu.com/community/UFW), or 'iptables' (https://help.ubuntu.com/community/IptablesHowTo). GUI frontends such as Firestarter/Gufw (Gnome) or Guarddog (KDE) also exist.
<KurtKraut> FrankLee, sorry, I don't understand your question.
<FrankLee> KurtKraut: ie. If ubuntu freezes or something now. I end up needing to reboot the whole system to restore the xserver.
<FrankLee> KurtKraut: So how to I kill x without killing the server side of things?
<KurtKraut> FrankLee, press CTRL+F1 or access the server remotely by SSH and them run sudo gdm-restart
<FrankLee> KurtKraut: ok, do you think running a solid server and a desktop on the same machine is visible?
<KurtKraut> FrankLee, what kind of use you expect it as a server and what use as a desktop?
<FrankLee> KurtKraut: At the moment I'm running freenas on an old box, that is pretty much flawless. But I feel that because my desktop is on 4-8hours a day anyway, why not combine the two.
<KurtKraut> FrankLee, if it is for personal use, why do you describe it as 'solid', like something that you could not expect it to fail?
<FrankLee> KurtKraut: Well I guess I just mean reliable. The main point is that shared folders, torrents etc don't go down because xserver has died etc.
<KurtKraut> FrankLee, I think you won't find problems, but I suggest you to use a regular ubuntu desktop install for the job
<FrankLee> KurtKraut: In that case, can I run nfs shared directories and torrents outside of ubuntu xserver/desktop?
<KurtKraut> FrankLee, the easiest approach would be just using sshfs or mounting the folders via SSH in Gnome in the other LAN computers
<FrankLee> Alright, I think what I'm getting is that a std ubuntu install will provide me with all I need because those needs are fairly basic. Yes?
<KurtKraut> FrankLee, no. Because the desktop usage will require more packages that isn't bundled with the server install.
<KurtKraut> FrankLee, I mean: it is easier to turn a regular desktop Ubuntu install into a server than the opposite direction
<FrankLee> KurtKraut: Ah ok, I think that's what I meant but was not clear. My fault.
<resno> is it possible to run a scsi server off sata or ide?
<FrankLee> KurtKraut: Thanks for your time.
<bogeyd6> FrankLee, wat
<bogeyd6> xserver on my ubuntu servers?!?!?
<Pirate_Hunter> can someone tell me where I can get info on the pam modules as I have just read the man for pam and pam.d and no reference is made of the actual modules?
<bogeyd6> FrankLee, if you are trying to run xserver you should be in #ubuntu asking your questions
<bogeyd6> resno, iscsi?
<yaboo> installed ubuntu server 10.4 and the screen does not show or the sync is to high for my lcd
<yaboo> during bootup, can i get top the grub screen
<ziesemer_> yaboo: Hold down shift during boot?
<yaboo> ziesemer_, thanks
<yaboo> ziesemer_, thanks that works, what are the commands to make it just vga, and 60hz
<yaboo> or do i use recovery mode
<bogeyd6> resno, im leaving but you should look at openfiler if you are interested in running an iscsi server
<ziesemer_> yaboo:  You're loading a GUI, that you're having the video issues?
<ziesemer_> If so, try just using Ctrl+Alt+F1 to go to a text console.
<yaboo> ziesemer_, get to get, then boot and lose video synvc
<yaboo> tried that no go, its just default from a fresh install
<ziesemer_> Are you running server or desktop?
<yaboo> server
<yaboo> cannot even install ssh to remote in
<yaboo> clean fresh install, when booting lcd loses sync
<ziesemer_> Not sure why you would be loosing sync for a text only console...
<dominicdinada> yaboo:  Did you get it samba working correctly ?
<dominicdinada> http://www,fwbuilder.org
<dominicdinada> www.fwbuilder.org
<yaboo> dominicdinada, no, does not work, seriously thinking going back to 9.1, that works
<yaboo> ziesemer_, vbe mode is 101
<dominicdinada> eh :(
<yaboo> now that 10 does not give me console, cannot even log into the box
<dominicdinada> sigh
<dominicdinada> yaboo: stop breakin stuff :)
<yaboo> dominicdinada, then ubuntu should work, not me it ubuntu, badly built
<uvirtbot> New bug: #577681 in lm-sensors (universe) "sensor applet does not fully support 9300 nvidia igp (zotac 9300-itx)" [Undecided,New] https://launchpad.net/bugs/577681
<yaboo> never had issues with debian, but spents weeks configuring debian
<owen1> i cancel capslock with xmodmap command. i want it to apply on boot so i put it in .xinitrc  it's not working on boot. what am i doing wrong?
<yaboo> dominicdinada, ziesemer_ used another monitor it wored, but went to 1920x1600 res, does it auto detect console
<yaboo> openssh-server is not on the cd, but need to get it off the net
<dominicdinada> correct
<dominicdinada> not sure about the monitor it should auto detect
<yaboo> shows ubuntu is not ready for prime time
<dominicdinada> heh
<bogeyd6> LAWL
<bogeyd6> yaboo, o rly?
<dominicdinada> what did you set to  wake the cron up at prime time :O
<yaboo> bogeyd6, if it does to me, imagine how much of a idiot i would be at work
<bogeyd6> ignorance is the only enemy of ubuntu
<dominicdinada> there actual were commands before about waking up cron at tea time, Prime time.......
<yaboo> bogeyd6, its not ignorance its that it just does not work
<bogeyd6> yaboo, so you installed ubuntu server and the console would not load on the monitor?
<yaboo> yes bogeyd6
<bogeyd6> but all of the install worked just fine
<bogeyd6> rebooted and all the sudden no monitor?
<yaboo> bogeyd6, yes
<uvirtbot> New bug: #577683 in tomcat6 (main) "tomcat6 directory structure broken" [Undecided,New] https://launchpad.net/bugs/577683
<bogeyd6> yaboo, are you absolutely sure you were not trying to run the desktop
<yaboo> bogeyd6, yes, been running server for the last two months
<ziesemer_> What are you seeing now with the new monitor when you login?  Just a plain-text terminal?
<bogeyd6> i didnt even know tha was possible
<bogeyd6> all monitors accept default vga input
<yaboo> bogeyd6, yes
<grantbow> bogeyd6: I think I can find an exception in my closet
<bogeyd6> i guess if the HW is old enough it might not work as expected
<ziesemer_> yaboo:  Can you confirm that you are now seeing only a plain-text terminal?
<bogeyd6> i one time had a problem with a kvm network switch not showing the monitor, turned out to be a bad cable
<uvirtbot> New bug: #577686 in backuppc (main) "package backuppc 3.1.0-9ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/577686
<yaboo> ziesemer_, absolutely
<bogeyd6> ziesemer_, :P
<ziesemer_> I guess it may be too high of a mode?
<yaboo> ziesemer_, one assumes so
<bogeyd6> yaboo, you should be in #ubuntu asking for support
<ziesemer_> Which I'm guessing can be manually specified on the grub command line - though I don't recall what it is exactly.
<bogeyd6> we dont support xserver/gnome/kde/etc
<yaboo> bogeyd6, thought it was a server issue
<yaboo> bogeyd6, only use the commandline
<grantbow> can you ssh after rebooting?
<yaboo> grantbow yes once i configured ppoe and installed openssh-server
<grantbow> you said above you couldn't log in, now you can?
<yaboo> yes via ssh once i alsp changed the lcd monitor on the box
<yaboo> ok server working, now to fix samba
<yaboo> anyone using samba under 10
<jpds> yaboo: Children using Samba?
<uvirtbot> New bug: #577693 in squid (main) "squid restart fails" [Undecided,New] https://launchpad.net/bugs/577693
<sporedi> which is simple  mail server comes with ubuntu 10 server
<claudiouss> hello
<claudiouss> can anybody help me??
<claudiouss> i just installed Ubuntu Server 10.04, but i have a problem
<blue-frog> if you don't say the problem you might wait forever the answer
<ziesemer_> !ask
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-)
<quentusrex> Anyone know about the apport bug: Error connecting to Launchpad: 'NoneType' object has no attribute 'makefile'
<claudiouss> ok, i'm sorry
<quentusrex> apport is unable to connect to launchpad, and I can't seem to get more debug output than that.
<jpds> quentusrex: Try #launchpad.
<claudiouss> i just installed ubuntu server 10.04, with a RAID 1 config, following this instructions: https://help.ubuntu.com/10.04/serverguide/C/advanced-installation.html - tthe installation completed successfully, but when the computer restarts, MOUNTING errors appear and it says "No init found. Try passing init=bootarg.  BusyBox v1.13.3
<blue-frog> wow first line I read about the raid description and horrified am I. "reducing ... data loss" almost saying backup is no use when you have raid.
<jpds> blue-frog: Are you reading RAID0's description?
<blue-frog> the link you gave us yes
<claudiouss> RAID 1... mirror disk
<blue-frog> claudiouss, don't know. need to install one with 10.04. might be a bug. might be something went wrong. try again once.
<claudiouss> what if i try with a old version of Ubuntu Server... maybe 9.04, if it works, can i update after and get someting like 10.04??
<yaboo> think 10.04 is buggy
<claudiouss> yaboo, So what version do you recommend?
<yaboo> 9.04, everything worked for me, upgradec to 10.04 and nothing works
<yaboo> squid, samba
<claudiouss> 64bits?
<yaboo> 32bits
<claudiouss> my computer is an Intel Core i3
<claudiouss> should i use 64bits right?
<yaboo> claudiouss: do not know
<claudiouss> ok.. i'll try ubuntu server 9.04
<yaboo> going to downgrade now
<claudiouss> thanks yaboo
<jpds> claudiouss: I would use 10.04 as it's an LTS release.
 * jpds reads scrollback.
<blue-frog> claudiouss, do you really need raid?
<claudiouss> that's what i installed
<claudiouss> hmmm, there ir other method to auto backup de disk into another disk??
<claudiouss> hmmm, there ir another method to auto backup the disk into another disk??
<blue-frog> claudiouss, well raid is definitely not a backup solution
<claudiouss> is not??
<blue-frog> not
<blue-frog> has nothing to do wiht backup
<blue-frog> unfortunately the server guide page is misleading
<claudiouss> but, RAID 1?
<blue-frog> http://en.wikipedia.org/wiki/RAID
<claudiouss> "RAID 1 mirrors the contents of the disks" that's what i need
<claudiouss> in case of failure of one
<blue-frog> ah good one one that page. search for RAID is not data backup on that link
<yaboo> claudiouss: go 9 10 is faulty
<yaboo> does ufw block traffic outside the machine
<yaboo> other than ufw how does one setup iptables in ubuntu
<lingm> My computer is connected online via eth0. I want other devices to be able to connect to it via wireless and use it's connection to go online. How do I do this? (or is this the wrong channel to ask in?)
<Ellement> upon installation of ubuntu server 10.04 is get the following "starting system log daemon: syslogd, klogd" it then hangs. any work arounds?
<Tweeda_> media wiki depends on mysql server... context switch much?
<yaboo> need to take back afew bad things i sad about server 10
<dominicdinada> yaboo: what did you mess up and then fix
<yaboo> dominicdinada: seem ufw is the culprit switch off ufw and samba works
<dominicdinada> well i told you just add an exception last night for it
<dominicdinada> lol
<yaboo> tried that did zero
<dominicdinada> hmmm its not accepting the changes?
<dominicdinada> check out this program it might help
<yaboo> went back to my custom iptables scrit it works
<dominicdinada> http://www.fwbuilder.org
<dominicdinada> can i check your script out ? trying to get a general idea for mine
<yaboo> nope gui, avoid on the server
<yaboo> yeah sure
<dominicdinada> you can make then then import them i believe
<yaboo> http://paste.ubuntu.com/430474/
<dominicdinada> ok thanks
<sporedi> can you please tell me which is simple mail server comes with ubuntu  ,for soho office
<Tweeda_> sporedi, I think postfix is the default these days.  mail isn't simple tho
<sporedi> ok
<sporedi> Tweeda_: do u have any idea on postfix ,do u use it .....
<Tweeda_> sporedi, I know enough to get myself into trouble.
<sporedi> can i trouble u some more ,to help me
<Tweeda_> sporedi, just ask.  somebody may know
<sporedi> ok
<_Trullo> I have 3 fans, red/blue/black wire, the blue one is for the rpm.. can I attach only the blue on to the motherboard?
<penguin42> where were you going to connect the red and black
<_Trullo> directly to the psu
<_Trullo> I don't think the motherboard can power the 120x120x38 highspeed fan
<_Trullo> and I got more of them
<penguin42> I think that should be OK
<_Trullo> do you think I can connect 3 fans to the same motherboard pin?
<penguin42> doubt it
<_Trullo> yeah I have no idea really..
<penguin42> you don't have to connect the rpm pin at all - but you won't be able to tell if it fails
<_Trullo> the fan is really noisy now so i need to lower the rpm
<_Trullo> and I thought I should connect 3 fans to the same motherboard pin
<_Trullo> the power is all from the psu anyway..
<penguin42> oh that won't work - get yourself a fan speed controller
<_Trullo> yeah, I guess that's the only option
<uvirtbot> New bug: #577852 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.37-1ubuntu5.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/577852
<slackster> hi, I get a message "Your CPU appears to be lacking expected security protections."
<slackster> /usr/lib/update-notifier/check-bios-nx --verbose <- command not found
<slackster> something I should worry about?
<slackster> http://pastebin.com/mdX1cwUn  cat /proc/cpuinfo
<halvors> Somone know how to fix the dovecot musieve bug? https://bugs.launchpad.net/ubuntu-release-notes/+bug/516040
<uvirtbot> Launchpad bug 516040 in ubuntu-release-notes "dovecot sieve plugin renamed from cmusieve to sieve" [Undecided,Fix released]
<halvors> ???
<handheldCar> u triggered a helpful bot
<jo-erlend> cjwatson, I just tried to install a kvm guest with lucid server and then desktop using alternate. I added some raid devices and even though the install seems fine, it's not able to boot it. I only get "error: no such disk." and then a grub resque prompt.
<jo-erlend> cjwatson, I've been reading some bug reports on lp, which is why I'm telling you. I though these bugs were supposed to have been fixed? Is it just for virtio-disks, perhaps, that it still doesn't work?
<cjwatson> jo-erlend: I tested with virtio not that long ago and it seemed ok
<cjwatson> jo-erlend: I'd need you to extract /var/log/installer/syslog and /var/log/installer/partman from that installation and attach them to a bug, I guess
<cjwatson> at least for starters
<cjwatson> "reading some bug reports on lp" - probably best not to, it'll only be confusing :)
<jo-erlend> indeed :)
<jo-erlend> but I'll extract those files immediately.
<cjwatson> so I did have to patch grub2 a bit to get raid-on-virtio to work
<cjwatson> maybe that fell out by mistake due to a subsequent patch, or something
<cjwatson> it's not impossible as that was all very delicate
<Smaakage> Hi,
<cjwatson> basically what I need is a clear reproduction recipe so that I can go and repeat your procedure
<Smaakage> Can somebody help me with install mysql server.. Can't get it working after updating to 10.04
<jo-erlend> cjwatson, if I were on something other than a 3g connection, I could've uploaded the entire vm or at least given you access to it. :)
<jo-erlend> but if all you need are those files, then you'll have them shortly.
<cjwatson> those files and a step-by-step description of what you did
<cjwatson> since it's kvm I assume it's repeatable
<cjwatson> the log files are basically just in case there's something obvious in them, and also so that I have a machine-readable description of your partitioning layout
<Smaakage> no body there can help me with my buged mysql-server install?
<Smaakage> I used apt-get install mysql-server
<Smaakage> then it got stuck with:
<Smaakage> Setting up mysql-server-5.1 (5.1.41-3ubuntu12) ...
<Smaakage> Have ben stuck in 10 minuts now.
<ikonia> what's up ?
<Smaakage> And it frosend..
<ikonia> have you killed it and attempted to re-install it ?
<Smaakage> Yes, and i also tryed to apt-get -p remove mysql-server but when i type mysql then it says that it could't connect to the mysql..
<Smaakage> Is there any way where i can delete all files mysql are using and then install it again?
<Smaakage> it stops with:
<Smaakage> Setting up mysql-server-core-5.1 (5.1.41-3ubuntu12) ...
<Smaakage> Setting up mysql-server-5.1 (5.1.41-3ubuntu12) ...
<Smaakage> and when i see the prosecc tree it stops with:
<Smaakage> start mysql
<Smaakage> then i killed it:
<Smaakage> Setting up mysql-server (5.1.41-3ubuntu12) ...
<Smaakage> Processing triggers for libc-bin ...
<Smaakage> ldconfig deferred processing now taking place
<jo-erlend> cjwatson, http://pastebin.com/wMFNcdk6
<cjwatson> jo-erlend: please file a bug about it, I'll lose it if you just put it on IRC I'm afraid
<cjwatson> jo-erlend: use the debian-installer source package in Ubuntu
<Smaakage> start mysql
<Smaakage> start: Job is already running: mysql
<Smaakage> mysql
<Smaakage> ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)
<jo-erlend> cjwatson, oh, ok. :)
<ikonia> Smaakage: look if that socket file is there and if mysql is actually running
<Smaakage> there is no files in /var/run/mysqld/
<Smaakage> And i can't see the mysql server online in webmin
<JanC> ugh, webmin
<jo-erlend> cjwatson, what package should I attach the bug to?
<jo-erlend> heh, sorry... :)
<jo-erlend> I just read your message above.
<Smaakage> any?
<AdamDV> Smaakage: Try sudo apt-get remove mysql-server mysql --purge && sudo apt-get install mysql mysql-server
<uvirtbot> New bug: #491955 in libssh (main) "remote crash via ssh kills local machine" [Undecided,Invalid] https://launchpad.net/bugs/491955
<Smaakage> deon.
<Smaakage> done*
<Smaakage> service mysql start
<Smaakage> start: Job is already running: mysql
<Smaakage> then i:
<Smaakage> service mysql stop
<Smaakage> and now it is stuck again.
<ikonia> Smaakage: webmin ??? that won't work with ubuntu's current config style
<ikonia> Smaakage: check if mysql is actually running with ps
<ikonia> Smaakage: also look for a run file
<Smaakage> ps?
<AdamDV> ps -A
<AdamDV> Try ps -A | grep mysql
<AdamDV> Also,
 * AdamDV hisses at webmin
<AdamDV> brb, reboot
<Smaakage> 1288 ?        00:00:00 pure-ftpd-mysql
<Smaakage> Only that one there is showed
<ikonia> Smaakage: ok - so it's not running, so it must be a run file
<Smaakage> ok, what can i do then?
<ikonia> find the run file and remove the wrong pid from it
<Smaakage> how?
<ikonia> look in the init script for where it stores the pid file (/var/run I think) and remove it
<halvors> Somone know how to fix the dovecot musieve bug? https://bugs.launchpad.net/ubuntu-release-notes/+bug/516040
<uvirtbot> Launchpad bug 516040 in ubuntu-release-notes "dovecot sieve plugin renamed from cmusieve to sieve" [Undecided,Fix released]
<Smaakage> i can't find it ikonia
<jo-erlend> cjwatson, it seems that my internet connection is too slow to file bugs on launchpad. I keep getting timeouts.
<jo-erlend> cjwatson, can I send you an email instead?
<cjwatson> jo-erlend: you can e-mail me, cjwatson@ubuntu.com
<jo-erlend> great. Thanks.
<Smaakage> PID=$
<ikonia> Smaakage: where in the init script does it say the pid file is kept
<JanC> /var/run/mysqld/mysqld.sock is the default, not sure if webmin does weird things with the config though  ;)
<JanC> Smaakage: normally you can find it in /etc/mysql/my.cnf but check out whether webmin doesn't use its own config file instead
<znuff-mobile> Hi
<znuff-mobile> I'm stuck installing ubuntu 10.4 on server
<znuff-mobile> The partitioner doesn't want to mount and format ext4
<znuff-mobile> I'm using hardware raid
<znuff-mobile> Only thing that works is ext2, but that fails at the mount step: (
<halvors> How can i fix the bug?
<halvors> Somone know how to fix the dovecot musieve bug? https://bugs.launchpad.net/ubuntu-release-notes/+bug/516040
<uvirtbot> Launchpad bug 516040 in ubuntu-release-notes "dovecot sieve plugin renamed from cmusieve to sieve" [Undecided,Fix released]
<jo-erlend> cjwatson, you have mail. Please let me know if there is anything more you need.
<JanC> halvors: it's explained in the bug report how to fix that?
<JanC> as well as in the release notes: https://wiki.ubuntu.com/LucidLynx/ReleaseNotes#Dovecot%20cmusieve%20plugin%20renamed%20to%20sieve
<halvors> but i can find the file
<halvors> i have not the
<halvors> mail_plugins = sieve
<halvors> in my dovecot.conf
<halvors> so with command should i run?
<JanC> did you read https://bugs.launchpad.net/ubuntu-release-notes/+bug/516040/comments/6 ?
<uvirtbot> Launchpad bug 516040 in ubuntu-release-notes "dovecot sieve plugin renamed from cmusieve to sieve" [Undecided,Fix released]
<halvors> I got it, thanks ;)
<Smaakage> there is no file in /etc/mysql/
<Smaakage> any?
<mcas> Smaakage: i have my.cnf and conf.d folder in there
<mcas> hi txwikinger :-)
<txwikinger> hi mcas
<Smaakage> I do not..
<Smaakage> how do i make a total reinstall of all files mysql are using?
<mcas> have you tried to reinstall mysql-server?
<Smaakage> i have done apt-get remove -purge mysql-server
<Smaakage> many times..
<Smaakage> Do not help.
<mcas> have you make an apt-get update before reinstall?
<Smaakage> yes
<mcas> you could try to remove the mysql-server package from /var/cache/apt/archives
<mcas> this should let you download the package from the server
<Smaakage> It did. But diden't help.
<mcas> Smaakage: which ubuntu version?
<mrlemao> I would like to have ubuntu+all my development tool in a memory stick: plug that guy on any computer and use it as it were yours without touching the host HD/etc. Is there a Ubuntu distribution that can help me with that?
<Smaakage> the news. 10.04
<Smaakage> new*
<mcas> mrlemao: you could use a vmware player on usb stick
<Smaakage> I updated from: 8.10 to 9.04 to 9.10 and then 10.04
<Smaakage> And mysql worked on 9.10
<Smaakage> but when i updated to 10.04 it diden't work.
<Smaakage> :sÂ¨
<Smaakage> nobody?
<mcas> Smaakage: sorry i am running out of ideas
<Smaakage> ok :/
<ikonia> Smaakage: find the pid file, that's key
<ikonia> Smaakage: stop using webmin - that's also the key
<Smaakage> I have another servere where i updated from 9.10 to 10.04 and the mysql server works fine on that. There is also webmin on..
<ikonia> webmin is not the problem (probably) however it will cause you problems as it's not supported by ubuntu, has a tone of security issues, and compatible with a lot of ubuntu's config files layouts
<Smaakage> Ok, what if i uninstall it then?
<ikonia> I don't think that will resolve your issue
<ikonia> your current issue is that the init script thinks the pid file exists and has a valid pid in it, you need to remove that file or the contents of that file
<Smaakage> How do i find the name of the pid file?
<ikonia> Smaakage: it should be referenced in the init file, or in the my.cnf file
<Smaakage> I deleted the my.cnf file :s
<ikonia> in the init script sorry - or the my.cnf file
<ikonia> Smaakage: why did you delete that ?
<Smaakage> Don't know :s
<ikonia> that's simpley stupid
<ikonia> more so if it's for no reason
<ikonia> search the file system for mysql.run (as I recall it's called that)
<mcas> Smaakage: i think i have not read everything about your problem ;-)
<Smaakage> conf.d  debian.cnf
<ikonia> errr no
<Smaakage> That all the files in /etc/mysql# ls
<Smaakage> whereis mysql.run
<Smaakage> mysql: /usr/bin/mysql /etc/mysql /usr/lib/mysql /usr/share/mysql /usr/share/man/man1/mysql.1.gz
<mcas> Smaakage: find / -name mysql.run
<Smaakage> root@localhost:~# find / -name mysql.run
<Smaakage> root@localhost:~#
<Smaakage> No output
<Smaakage> :s
<pmatulis> Smaakage: please study this bug, you might be affected by it
<pmatulis> https://bugs.launchpad.net/ubuntu/+source/mysql-dfsg-5.1/+bug/566736
<uvirtbot> Launchpad bug 566736 in mysql-dfsg-5.1 "mysqld does not start reliably..." [Low,Won't fix]
<Smaakage> Do not help me :s
<Smaakage> dos*
<Smaakage> How can i backup the databases then?
<Smaakage> ?
<pmatulis> Smaakage: did you run the init script manually?
<Smaakage> by /etc/init.d/mysql ?
<pmatulis> Smaakage: or upstart, whatevery mysql uses in lucid
<JanC> it uses upstart
<Smaakage> upstart?
<pmatulis> Smaakage: yeah
<JanC> and I won't be surprised if webmin doesn't work well with it  ;)
<Smaakage> I have removed webmin
<Smaakage> Removing mysql-server ...
<Smaakage> Removing mysql-server-5.1 ...
<Smaakage> stop: Unknown instance:
<Smaakage> Removing mysql-server-core-5.1 ...
<Smaakage> Processing triggers for man-db ...
<Smaakage> Processing triggers for ureadahead ...
<pmatulis> Smaakage: you're removing mysql now?
<Smaakage> yes
<Smaakage> And when i try to install again it get stuck at
<Smaakage> Setting up mysql-server-5.1 (5.1.41-3ubuntu12) ...
<JanC> oh, and your databases are in /var/lib/mysql/ in case you need them
<Smaakage> Yes, but when i try to restore them on another server it, it says there are no tables in there.
<pmatulis> Smaakage: do you have a backup of your data?
<Smaakage> Yes i have a backup of alle the files in /var/lib/mysql/
<Smaakage> all*
<chewbranca> hey I'm getting: "ubuntu4_amd64.deb was corrupt" while installing UEC, any ideas?
<chewbranca> this is on 10.04 btw
<Smaakage> :s no ideers?
<pmatulis> Smaakage: one option is to start fresh then
<Smaakage> start: Job failed to start
<Smaakage> Setting up mysql-server (5.1.41-3ubuntu12) ...
<Smaakage> Processing triggers for libc-bin ...
<Smaakage> ldconfig deferred processing now taking place
<Smaakage> start fresh?
<pmatulis> Smaakage: you said it hung on 'Setting up...', now you have different output
<Smaakage> No..
<chewbranca> lame
<chewbranca> definitely corrupt
<chewbranca> trying to download again
<Smaakage> Setting up mysql-server-core-5.1 (5.1.41-3ubuntu12) ...
<Smaakage> Setting up mysql-server-5.1 (5.1.41-3ubuntu12) ...
<Smaakage> start: Job failed to start
<Smaakage> Setting up mysql-server (5.1.41-3ubuntu12) ...
<Smaakage> Processing triggers for libc-bin ...
<Smaakage> ldconfig deferred processing now taking place
<pmatulis> chewbranca: you need to clean out your package cache
<Smaakage> I have tryed that ones?
<chewbranca> pmatulis, package cache?
<pmatulis> chewbranca: 'apt-get clean'
<chewbranca> pmatulis, I was installing this fresh in a new virtual box vm
<chewbranca> would my local package cache on the host os mess with that
<pmatulis> chewbranca: but you have a corrupt package apparantly
<chewbranca> pmatulis, this is just from the 10.04 iso, just running through the base install process, hit this during 'install base system'
<pmatulis> chewbranca: ah
<Smaakage> How do i restare the files from /var/lib/mysql/ on another ubuntu 10.04 server?
<chewbranca> I just redownloaded the image, giving that a try, otherwise going back to 9.10 because that works on here
<Smaakage> restore*
<pmatulis> chewbranca: alright, make sure to verify the checksum
<Smaakage> How do i restore the files from /var/lib/mysql/ on another ubuntu 10.04 server?
<chewbranca> pmatulis, that would be a good idea, don't even see a checksum on http://www.ubuntu.com/getubuntu/download-server
<chewbranca> oh well, just did the test-integrity option on the new iso and it checks out
<chewbranca> so should be good to go
<chewbranca> there we go
<chewbranca> base system is chugging along
<Smaakage> #1017 - Can't find file: './wiihosting_gcp/billing.frm' (errno: 13)
<Smaakage> but the file is there? :s
<rapha> Hi all!
<rapha> How do you upgrade Ubuntu Server 9.10 to 10.04?
<RoyK> do-release-upgrade
<rapha> thanks RoyK ! :)
<RoyK> or you can do it the redhat way - purchace a CD and reinstall
<rapha> well i only have remote access to them
<rapha> the hoster doesnt install anything else but 9.10
<RoyK> it was meant to be a joke :)
<rapha> interesting ... started the upgrade on 3 identical servers at the same time, but they progress at different speeds
<rapha> oh now i get it sry RoyK :)
<Smaakage> How do i remove mysql-server total?
<RoyK> wouldn't it be better to just upgrade one first to see if it works out?
<RoyK> apt-get remove --purge?
<rapha> RoyK: if it doesnt i'll just hit the "reinstall" button in the web interface *shrug*
<rapha> it's a fresh minimal install though, so why wouldn't it work
<RoyK> it probably will
<Smaakage> start mysql
<Smaakage> start: Job failed to start
<RoyK> apt-get remove --purge
<RoyK> also, check the logs
<rapha> RoyK: it says /etc/sysctl.conf was modified ... keep, replace?
<RoyK> if you haven't changed anything yourself, just replace
<Smaakage> Diden't work at all RoyK
<RoyK> same with all files
<rapha> k thx
<RoyK> Smaakage: pastebin errors
<Smaakage> I have send the link in PM
<Smaakage> Can you see it?
<RoyK> no, you didn't. just give the pastebin link here
<Smaakage> http://pastebin.com/YtqHY2F4
<slackster> hi, I get a message "Your CPU appears to be lacking expected security protections."
<slackster> I ran  -> /usr/lib/update-notifier/check-bios-nx --verbose <- command not found
<slackster> anyone have any ideas?
<slackster> http://pastebin.com/mdX1cwUn  cat /proc/cpuinfo
<penguin42> slackster: I'm not sure where that was supposed to come from - it's not in the apt-file list for lucid
<slackster> penguin42: I see..
<penguin42> oh I lie, it's part of cpu-checker
<rapha> hmmm i have 4 servers to run a rails app (will need about 5 x 10 thins) ... one of them is already fully set up, also with lighttpd and mysql. i wonder if it would make sense to have the three others run *only* the thins and be served the requests by proxying from the first one and access the mysql database of the first one as well
<penguin42> rapha: I'd make sure you can cope with a failure of the one running mysql
<Smaakage> Can you see it RoyK?
<rapha> penguin42: it has a pretty redundant setup and is known to be very reliable, whereas the other three are brand new (i'll only have them during the World Championship 2010, for about 3 months from now on)
<rapha> penguin42: they're all interconnected with 100 MBit - i could maybe get GBit networking between them but not sure about that
<RoyK> Smaakage: why install mysql-server* ?
<RoyK> you probably just need the base install
<RoyK> not all the other crap
<Smaakage> I can start the server manualy?
<Smaakage> sudo -u mysql mysqld
<Smaakage> But not with start mysql
<penguin42> rapha: I don't know about setting up something of that size, sounds like a fun little project :-)
<RoyK> /etc/init.d/mysql-server
<RoyK> start
<rapha> penguin42: yeah, every World or European Championship again ... 2006, 2008, and now for 2010 in South Africa
<halvors> I have a problem, aliases does no0t work on my email server
<halvors> when i send email to an emailadrss who should resend it to a other email i get the error
<halvors> http://paste.ubuntu.com/430717/
<halvors> ???
<halvors> No ideas?
<mcas> your server cannot relay mails for your domain
<halvors> how can i fix it
<halvors> should i remove relayhost=
<halvors> paramenter in postfix main.cf
<halvors> ??
<rapha> cool
<rapha> set all three of the new servers up and made cool Huey, Dewy and Louie ASCII art /etc/motd's
<halvors> ?
<rapha> :-)))
<halvors> I mean about my problem
<guntbert> halvors: is your mail server publicly reachable?
<halvors> yes
<halvors> i think so
<halvors> who port need to be forwerded?
<halvors> also all email ports
<halvors> should it relayhost = or noting to send direcly?
<halvors> ?
<halvors> ?
<guntbert> halvors: as I already suggested: please take it off the internet immediately  -- play with it /read docu in a private environment until you know what you are doing -- only then connect it to the internet again
<halvors> who docs should i read?
<halvors> when i take it off internet, i cant test it
<halvors> only ask: should it relayhost = or noting to send direcly?
<guntbert> halvors: you do have an internal network, don't you? if not you probably don't need a mail server anyway, you can start reading https://help.ubuntu.com/10.04/serverguide/C/email-services.html  -- smtp servers are problematic beasts to handle  -- open mail relays can get you into a lot of trouble
<halvors> should postfix have chroot?
<rapha> what the heck?!?! where do the rubygems from the repository but the installed gems' binaries to?!
<federico_> Hi, I've installed mysql server in a ubuntu server, but I can't access it from a pc of the LAN. I've changed the bind-address = 0.0.0.0 in /etc/mysql/my.cnf, but still doesn't work.
<federico_> Hi, I've installed mysql server in a ubuntu server, but I can't access it from a pc of the LAN. I've changed the bind-address = 0.0.0.0 in /etc/mysql/my.cnf, but still doesn't work.
<bc> federico_: `telnet localhost 3306` to see if it's listening.
<bc> federico_: also `sudo iptables -L -n` and make sure you aren't dropping connections.
<federico_> I'll try
<federico_> <bc>: telnet works
<federico_> <bc>and iptables says ACCEPT in everywhere
<bc> federico_: try it targeting eth0 instead of lo
<bc> federico_: try it from another machine also (telnet) and make sure you do not get 'x.x.x.x isn't allowed to access this mysql server'. if you do, then you need to grant access in the mysql database.
<rapha> f***! wife kept stressing me, accidentally rm -rf'd /usr/bin/*
<rapha> i got a backup ... anybody know of a good way of how to restore them without local access?
<rapha> (still logged in via ssh)
<federico_> bc: Trying 192.168.2.140...
<federico_> telnet: Unable to connect to remote host: Connection refused
<federico_> that's my problem
<bc> federico_: two computers on the same network? anything in between you and 192.168.2.140? if you telnet to 3306 on 192.168.2.140 from 192.168.2.140 does it work?
<lenios> federico_, does "netstat -nat | grep LISTEN" shows it's listening from any source address?
<federico_> bc: the telnet doesn't work
<federico_> I did
<federico_> telnet 192.168.2.140 3306
<federico_> and didn't work
<bc> federico_: check the IP address in ifconfig eth0 | grep inet
<federico_> <bc>: for what?
<bc> federico_: well it should say 192.168.2.140. If it doesn't then...
<federico_> bc: the telnet works from 192.168.2.140 to 192.168.2.140
<dominicdinada> \
<bc> federico_: and iptables is accepting all? what other devices are between 192.168.2.140 and the other LAN clients?
<federico_> UEC
<bc> federico_: also make sure you've granted access to the remote IP. http://dev.mysql.com/doc/refman/5.0/en/connection-access.html
<bc> federico_: although I don't think you should be seeing 'connection refused' if it's listening on 0.0.0.0
<federico_> how can I turn down the firewall(iptables)?
<bc> federico_: if `sudo iptables -L` says 'policy ACCEPT' for them all, and no reject or drop rules, then you have no active firewall.
<federico_> check this output
<federico_> http://paste.ubuntu.com/430744/
<dominicdinada> bc: what is a good site with iptables for download like preconfigured so i can take a look ?
<bc> federico_: just do this and then test the connection: sudo iptables -F
<federico_> there is no output
<dominicdinada> sudo iptables-save
<dominicdinada> check that output
<bc> federico_: right, now look at sudo iptables -L
<bc> dominicdinada: https://help.ubuntu.com/community/IptablesHowTo
<dominicdinada> save is printed so he can better read it
<dominicdinada> bc yeah thats the howto but i am looking for real world working examples from networks
<federico_> http://paste.ubuntu.com/430745/
<federico_> it's empty now
<bc> dominicdinada: I don't know of one. Maybe google for iptables gateway
<dominicdinada> ok
<bc> federico_: good, now test the telnet to 3306, and if it doesn't work, then iptables isn't the problem
<federico_> from what pc?
<bc> federico_: any pc on the same network
<federico_> federico@ubuntuCloud:~$ telnet 192.168.2.140 3306
<federico_> Trying 192.168.2.140...
<federico_> telnet: Unable to connect to remote host: Connection refused
<rapha> woah
<rapha> got it running again
<rapha> all hail sftp
<bc> federico_: did you restart mysql after changing bind address?
<federico_> yes, but I'll do it again
<bc> federico_: I'm at a loss then. if it's listening on all interfaces, and iptables isn't blocking the connection, then something else between you two are blocking the connection.
<rapha> bye all!
<federico_> I'm testing this on UEC, the mysql is running in an UEC instance
<RoyK> does anyone use telnet login these days?
<federico_> no
<RoyK> we have some crappy solaris 8 machines with it
<bc> federico_: are you able to acces any other services remotely? like port 80?
<RoyK> too old to support decent openssh
<bc> federico_: I'm assuming direct port 22 access is working from another local IP address
<federico_> yes
<federico_> I'm using ssh fien
<federico_> fine
<bc> federico_: I'm completely clueless about any cloud access problems though. on the lan here, if I bind to 0.0.0.0, flush iptables, and then telnet to the server from a local IP, I get a response from mysql.
<federico_> u.u
<bc> federico_: check the mysql log to see if there are any errors, like problems with writing somewhere
<bc> federico_: outside of that, I'm out of ideas
<federico_> bc: thanks for all, I think it's the UEC, because I did the same steps and it works in another pc
<bc> federico_: I googled a bit, and some people seem to have had problems with other services. one problem was permissions on /tmp, and there was some other problems with eucalyptus, but, again, I have no idea what I'm talking about when it comes to UEC.
<RoyK> mysql normally doesn't listen to anything but localhost iirc
<bc> RoyK: he changed bind address
<RoyK> check netstat -ln --tcp
<RoyK> ok
<RoyK> and removed skip-networking in the cf?
#ubuntu-server 2011-05-02
<storrgie> Why is my login MOTD saying I need to perform updates when my system is up to date? (10.04.2
<SinnerNyx> Was working in 10.10, not working in 11.04. Running "sudo /etc/init.d/networking restart" gives the following output: (deprecated message)... SIOCSIFADDR: no such device   eth0: Error while getting interface flags: no such device
<qman__> means you don't have an eth0
<jenkinSear> does eth0 show up if you do a /sbin/ifconfig -a ?
<qman__> might be a driver issue or a udev one
<uvirtbot`> New bug: #775239 in samba (main) "loop device over samba breaks filesystem" [Undecided,New] https://launchpad.net/bugs/775239
<DAVdaBRAV> Anyone actually here?
<JanC> maybe
<jenkinSear> I'm not
<DAVdaBRAV> Sounds promising
<DAVdaBRAV> anyone here or not know where to go from "it works" to get to phpbb?
<MTecknology> how can I check available updates?
<MTecknology> I've always been in the habit of just updating everything
<jenkinSear> https://help.ubuntu.com/community/PhpBB2
<qman__> DAVdaBRAV, sudo apt-get install phpbb3
<DAVdaBRAV> that easy? really? 0_0
<DAVdaBRAV> oh my it appears to be working! :O
<qman__> FYI, I found the existence of that package by running 'apt-cache search phpbb'
<qman__> you should do this whenever you intend to install software, just to see if someone else did the hard work for you
<DAVdaBRAV> :D Thanks so much.
<JanC> MTecknology: you aren't using byobu on your server?  âº
<MTecknology> JanC: no.. never got into playing with it and most systems i work with can't even get it
<JanC> why can't they get it?
<JanC> anyway, if you use it, you get a useful indicator at the bottom that shows up when there are upgrades available
<MTecknology> JanC: systems are too old
<MTecknology> JanC: what command would i run to see the packages available for update and which are security updates?
<JanC> update-manager-text
<MTecknology> JanC: anything that wouldn't make me install 85 packages?
<JanC> âº
<MTecknology> eh.. update-manager-core instead of update-manager :P
<MTecknology> lied - it's not available from that
<MTecknology> that's just too many deps
<JanC> update-manager-text is a package here, but probably not available in older versions
<MTecknology> oh, 5 deps, still a bit
<MTecknology> definitely not the list I was looking for...
<MTecknology> I'm looking for something I can use in scripts
<JanC> well, wajig has a command to list available package upgrades
<JanC> cat /var/lib/dpkg/status | egrep '^(Package|Status|Version):' | awk '/^Package: / {pkg=$2}      /^Status: / {s1=$2;s2=$3;s3=$4}     /^Version: / {print pkg,$2,s1,s2,s3}' | grep 'ok installed' | awk '{print $1,$2}' | sort -k 1b,1
<JanC> thats' what it uses to get that  :P
<JanC> eh, more or less
<MTecknology> woah
<MTecknology> I was hoping something like.... aptitude available-updates :P
<JanC> "apt-get upgrade -s" will list what packages it would normally upgrade
<JanC> you'll have to parse that though  âº
<JanC> MTecknology: you could also use python-apt of course
<MTecknology> JanC: âº
<MTecknology> python-apt may be a pretty good idea for this
<JanC> or update-manager-core
<JanC> which should contain everything you need to get that list
<DAVdaBRAV> Question: does Ubuntu have a modified package for phpbb?
<tonyyarusso> Okay, I give up.  Can someone explain virtual networking with KVM / libvirt / virt-manager to me?
<DAVdaBRAV> nope. apparentally not.
<tonyyarusso> The goal:  Have my VMs directly-connected to the network, getting IP addresses from the same DHCP server & pool as all of my physical machines.
<qman__> then you want a bridged configuration
<koolhead17> https://help.ubuntu.com/community/KVM
<tonyyarusso> qman__: I know that much, but can't manage to get it working.
<tonyyarusso> yeah...already read that.
<qman__> I haven't dealt much with virtualization in a while
<qman__> only used KVM once, briefly
<tonyyarusso> also, it's unclear how current that wiki page is.
<twb> Is it safe to run pvck on an active LVM PV?
 * kthomas_vh_ searches for how to install prce.h for APC
<Azelphur> Is there any way in ubuntu-server to do a rebootless distribution update/kernel update?
<kthomas_vh_> *pcre
<tonyyarusso> It seems like virt-manager tries (and fails) to create its own bridges and stuff, thus breaking everything you had set up.
<qman__> Azelphur, yes, with ksplice
<qman__> the update service isn't free for servers, though
<Azelphur> hmm, why would you have to pay for it?
<qman__> because writing kernel patches takes time and effort
<qman__> the technology is open source, it's the update service they charge for
<Azelphur> do they have to do something majorly special to do rebootless updates?
<qman__> it requires writing binary kernel patches
<qman__> it's different from compiling a new kernel
<Azelphur> I see :p
<Azelphur> what's the difference between desktop and server?
<Azelphur> or do they just charge for server for the hell of it :p
<qman__> the package set
<qman__> the free service requires the GUI app
<Azelphur> I see :p
<qman__> though I'm not sure on the legalities and their terms of service
<Azelphur> No FOSS alternatives to it?
<qman__> it is FOSS
<qman__> the software they use is all open source
<Azelphur> oh :p
<qman__> they simply charge for the patches and service
<qman__> like how canonical charges for support services
<qman__> if you want to write your own patches, you can
<Azelphur> would ksplice allow me to go through a complete distribution upgrade without a reboot?
<Azelphur> or would it only get me through kernel updates
<qman__> ksplice only applies to kernel updates
<qman__> but kernel updates are the only ones that require a reboot
<qman__> all other updates can be applied by restarting services
<Azelphur> so that's a yes? :)
<qman__> I used it on 9.04 before they started charging, didn't reboot my router for well over a year
<Azelphur> fun
<Azelphur> I have a server that really wants 24/7 uptime, so it's interesting to me :p
<Azelphur> still on 10.04 would like to update it :)
<qman__> well, the service isn't very expensive, it's just a matter of whether that feature is that valuable to you or not
<qman__> if I was running a business that depended on uptime, I'd buy it
<Azelphur> yea, I'm tempted to, I'm mostly just being a cheap-ass at this point xD
<qman__> but a few minutes to reboot on occasion is perfectly acceptable for what I'm running
<Azelphur> I pay $150 a month in server hosting, I should really invest $3 xD
<qman__> well, I can tell you it works well and it's very convenient
<Azelphur> it sounds it :)
<MTecknology> what would a person generally pick for an rpc port?
<qman__> people generally don't pick RPC ports, that's how the protocol works
<qman__> and that's why it's a huge pain and should be avoided if possible
<twb> portmapper is pre-internet tech, so it assumes that it's expensive to set up a new computer on the network, and you'll be the only one with root on any machine
<twb> (I assume by "RPC" you mean portmapper and not, say, ajax.)
<DAVdaBRAV> help! how to open a tar?!
<DAVdaBRAV> sudo tar -xvjf file /dir isn't working... :(
<shauno> -j is specifically for tar.bz2; does that match the file you're trying to open ?
<DAVdaBRAV> yes
<shauno> do you get any error messages?
<DAVdaBRAV> Record size = 8 blocks
<DAVdaBRAV> tar: /var/www: not found in archive
<DAVdaBRAV> exit with failure due to errors :/
<twb> DAVdaBRAV: by passing /var/www you are asking it to extract only /var/www from itself.
<twb> DAVdaBRAV: to specify a destination, pass -C
<DAVdaBRAV> OH
<twb> DAVdaBRAV: or simply cd to it first
<DAVdaBRAV> facepalm**
<DAVdaBRAV> :D :D :D :D :D :D :D :D :D :D :D :D
<twb> Yes, quite.
<DAVdaBRAV> thank you, twb!
<jgould> Ok, here's an odd one: I just ran sudo apt-get update, and then sudo apt-get upgrade on my server running 10.04. there were no updates. when I logged back in, I was greeted with: 45 packages can be updated, 30 updates are security updates.  What am I doing wrong?
<twb> jgould: I have that behaviour
<twb> jgould: for some reason my motd update isn't happening
<twb> jgould: I haven't investigated yet; let me know what you find
<twb> The virsh manpage says "For remote access see the documentation page on how to make URIs." -- which document is it referring to?
<twb> I have users running virt-manager on their laptops.  I'm trying to work out if/how to give them read-only access -- virt-manager doesn't seem to have an option for this, where virsh does
<uvirtbot`> New bug: #775343 in tftp-hpa (main) "package tftpd-hpa 5.0-11ubuntu2 failed to install/upgrade: ErrorMessage: el paquete tftpd-hpa no estÃ¡ listo para configurarse  no se puede configurar (estado actual `half-installed')" [Undecided,New] https://launchpad.net/bugs/775343
<Macer> wow bind is a pain
<Macer> took me forever to realize that ubuntu-server and apparmor automatically change write permissions to dirs
<Macer> i couldn't figure out why i couldn't to the log file.. ugh
<Macer> couldn't write
<twb> Macer: +1 for nsd and unbound
<twb> Oh wait, bind is isc dhcpd
<twb> I was thinking named
<Macer> bind = named ;)
<twb> Right right
<twb> MOAR COFFEE
<Macer> the apparmor stuff was making me pull my hair out
<twb> me love nsd3
<jgould> Coffee is good
<twb> jgould: one too many o's
<jgould> Heh
<Macer> this tyan board is flawed
<Macer> Core1 Temp:  +80.0Â°C
<Macer> it is hovering 5C below its thermal shutdown temp
<twb> probably worse if you turn it on
<twb> O'course it could just be that lm-sensors is poorly calibrated for that unit
<twb> It's not uncommon for sensors to report with a 20 degree offset or so
<Macer> that is maxed out
<Macer> i was runnning boinc on it to burn it up a bit to make sure it would stay up under a heavy load
<twb> Not cpuburn?
<Macer> cpuburn? :)
<Macer> didn't even know there was such a thing
<Macer> i figured boinc would use the cpus maxed out
<Macer> which it did.. one cpu hovers in the low 60s which is pretty normal.. cpu2 hovers around high 70s
<Macer> ah well. i will just run boinc full speed for a day or two and see if it melts.. if it doesn't then hopefully it can stay up
<twb> Unless it's a hot day or the A/C dies or the fan dies...
<Macer> yeah i suppose that can happen. ah well. it will give me a reason to make a new one ;)
<Macer> it's a dual opteron 285... clocking about 6 years old now
<huats> morning
<_johnny> any users of mod_python? i have a question about embedded python, which - according to docs - is <% # code %> - however this is not recognized by my setup (i only have .py added as a handle). <?php ?> tags work, so my question is, how do i enable this for mod_python?
<_johnny> i've tried adding .psp and using that extension, however those file are reported as not found (and yes, the filename is correct)
<_johnny> as per http://www.modpython.org/live/current/doc-html/pyapi-psp.html
<soren> _johnny: Have you done any configuration at all?
<_johnny> yes. http://pastebin.com/j6k4BaAz
<soren> _johnny: I think you need an "AddHandler mod_python.psp .psp" line.
<reisi> hi everyone! after the last upgrades on 10.04 the tools have automounted (mount -a during boot process) an lvm2 snapshot instead of the logical volume (they have the same blkid UUID); any ideas how to fix this permanantly?
<soren> reisi: Wow, that still happens?
<soren> https://bugs.launchpad.net/ubuntu/+source/lvm2/+bug/460906
<uvirtbot> Launchpad bug 460906 in lvm2 "disk/by-uuid/foo symlink points to snapshot rather than the origin" [Undecided,Confirmed]
<soren> reisi: Oh, on Lucid?
<reisi> soren: this is in 10.04
<_johnny> soren: thanks! :)
<_johnny> eller tak ;)
<soren> velbekomme :)
<_johnny> soren: you wouldn't happen to know if it's possible to add *two* handlers, or a generic handler which supports both .py and .psp would you? i could of course add the dir twice, but it's a bit messy ;)
<_johnny> ah, sorry, nevermind. just needs a pipe seperator
<_johnny> PythonHandler mod_python.publisher | .py
<_johnny> for delegating
<reisi> while doing rsync --dry-run [to] [from]; is it possible to get a file listing what should go to->from and from->to etc?
<reisi> aah, itemize-changes
<uvirtbot> New bug: #775572 in cyrus-sasl2 (main) "Sync cyrus-sasl2 2.1.23.dfsg1-8 (main) from Debian unstable (main)" [Wishlist,New] https://launchpad.net/bugs/775572
<kirkland> airtonix: hiya!  if you're using the latest byobu (either in 11.04, or from the ppa:byobu/ppa), you can use "shift-f2" and "ctrl-f2" to split your terminal
<kirkland> airtonix: and then you can use shift-f3 and shift-f4 to move between the terminal splits
<airtonix> kirkland: pimping!
<kirkland> airtonix: and shift-f5 will collapse all of the splits back down to one single pane
<kirkland> ;-)
<airtonix> kirkland: is that all in the byobu docs installed by the ppa ?
<kirkland> airtonix: definitely in the manpage
<kirkland> airtonix: http://manpg.es/byobu
<kirkland> airtonix: scroll down to keybindings
<lynxman> hey kirkland, morning
<lynxman> kirkland: did you action into this merge? http://bit.ly/kW4ls7 Brian is asking for a SRU
<uvirtbot> New bug: #775596 in php5 (main) "package libapache2-mod-php5 5.3.5-1ubuntu7.1 failed to install/upgrade: ErrorMessage: underproces installerede post-installation-script returnerede afslutningsstatus 1" [Undecided,New] https://launchpad.net/bugs/775596
<zul> lynxman:  that needs to be fixed in oneiric first as well
<lynxman> zul: I imagine so, was waiting for 1.2.0 release (which will happen next week)
<zul> lynxman: hopefully the debian maintainers will package it ;)
<lynxman> zul: yeah, they're pretty fast
<RoAkSoAx> zul: how did they like the powernap idea at the openstack?
<zul> RoAkSoAx: good i think, it was the very last session of the week so it wasnt well attended
<RoAkSoAx> zul: cool
<RoAkSoAx> kirkland: ping
<RoAkSoAx> zul: and were you present in the HA session?
<zul> RoAkSoAx: for a bit of it, it was more of a presentation
<RoAkSoAx> zul: oh ok! so nothing interesting there then
<zul> RoAkSoAx: not that i remeber ;)
<reisi> hmm i just installed 8GB more ram, bringing the system total to 13GB; now i'm seeing that 6GB is used to buffers; is this ... normal? under no load?
<patdk-wk> reisi, define, normal :)
<patdk-wk> if you have 6 gigs of ram, not being used for something else, linux will claim it for disk cache
<reisi> patdk-wk: well the system does not have a *lot* of connections
<patdk-wk> and even if it's used for something else, it could swap it out and claim it for disk cache
<reisi> patdk-wk: but that's the 'cached' value from free?
<reisi> patdk-wk: i've got 3GB cached, but 6GB in buffers
<patdk-wk> cached is read disk buffers
<patdk-wk> they can be instantly reused
<patdk-wk> buffers are write caches, mainly, they need to be cleaned, before reuse
<reisi> aah; well my system most definetly is not capable of flushing 6GB in anywhere near instantly
<reisi> we only write peaking somewhere between 150..200 MBps
<ssureshot> the grub menu that will appear after a failed shutdown ,, is this considered the recovery menu?  Screen is all black and will not bypass without user intervention?
<reisi> ssureshot: grub menu is the menu of grub, it'll allow you to for example select a different kernel image to start; recovery mode is implemented through kernel parameters and as such is selectable as a different menu item
<reisi> ssureshot: you'll automatically enter the recovery menu upon kernel and minimal services startup when you select a "linux ......... (recovery)" grub menu item
<ssureshot> reisi: my problem is this... I had a power outage over the weekend and the server stopped at the grub menu... Black with grey lettering ect.. why does it just decide to do that sometimes?
<ssureshot> I needed to come in to reset the server when it should have just booted
<JasonMSP> how do i keep the color highlighting available after piping 'less' at the end of this 'find . | grep string'
<reisi> ssureshot: hmm not sure; you'd have to know more about what happened; with the info you just gave me, it'd think that the computer came back too early, perhaps there still was some electricity problems and not all components (hard drives) started properly; who knows
<reisi> ssureshot: buy an ups
<reisi> ssureshot: disable automatic power-on from bios if you wont buy an ups
<ssureshot> reisi: as far as the ups thats what blew up lol.... when I had the systems all plugged into a backup ups I started the server... .. I know this contradicts what I said before but I said that just to get the easy point across.. point bing I have proper power ,, this happens I've noticed after an improper shutdown..
<reisi> ssureshot: hmm have to admit that now when i think about it, i've never seen a unclean shutdown on 10.04 ubuntu servers; it's been a while since we last let ups shut down the servers but that went clean as well
<reisi> ssureshot: perhaps there's some grub feature in use with the latest ubuntu servers, but i doubt it; i'd still blame electrical problems (i've got a box that has 4 hdd's, and psu cannot afford to boot them instantly, and as such, powering up fails some times, especially with suspend to ram)
<reisi> (md does not like if not all harddisks wake up instantly :D)
<patdk-wk> if you have 4 drives, that start up, overload the psu
<patdk-wk> you are seriously underpowered
<patdk-wk> cause 4 drives starting up doesn't take much power
 * SpamapS stretches and prepares for the final push of blueprints
<reisi> patdk-wk: i haven't diagnosed it any further, that's my home "workstation", just a hunch again.. perhaps it could be that some of those drives just have a difficulty of starting up?
<reisi> patdk-wk: actually the hunch is based on some article discussing the consumer psu's having low per line capabilities
<patdk-wk> low per line?
<reisi> per voltage lines
<patdk-wk> na, a 800watt psu, will give you 800watts, be it a server psu, or not
<patdk-wk> now if you go buy a 4 channel psu, and load all your drives on one channel, that is your issue :)
<patdk-wk> personally I would only buy single channel ones
<SpamapS> >: damnit, do they have to use the loudest possible weed eater *every* monday, right outside my window?
<reisi> patdk-wk: have to admit that i haven't had any energy to tinker with that box, just threw it together from parts that i was able to get the day i decided to get a new one
<ssureshot> I found this in the /etc/default/grub file #GRUB_DISABLE_LINUX_RECOVERY="true" wonder if that would stop that meny from displaying,, I guess Ill have to test it
<reisi> ssureshot: i'm pretty 99.99999% sure it's a switch for generating the recovery items to the list or not, defaults to true
<ssureshot> I am not too familiar yet with grub2 so I've found this to read http://www.dedoimedo.com/computers/grub-2.html
<ssureshot> ah roger that
<reisi> /etc/default/grub is read by the update-grub (or something like that) script .. its pretty straightforward to read
<ssureshot> that would make sense since that probably isn't mounted yet when the menu is displayed
<amokpaule> Hello, i have an ubuntu hom server and a non linux network printer. if i install windows 7 or windows server 2008 as an ve on my ubuntu server could i make it that my printer is installed on that ve and can i give it free over something like samba so that my linux clients can print?
<uvirtbot> New bug: #775676 in quagga (main) "Please sync quagga 0.99.18-1 from Debian Unstable." [Undecided,New] https://launchpad.net/bugs/775676
<kpettit> is there anything on a default ubuntu server setup that tries to send out emails?
<nealmcb> kpettit: well, there are internal things like cron will mail root with errors
<kpettit> do you know where I can find those things?  I'm trying to audit system to see what would try to email.  I'm going through cron now but it's slow
<RoAkSoAx> kirkland: ping?
<kirkland> RoAkSoAx: pong
<RoAkSoAx> kirkland: so it works!! squid-deb-proxy + preseed
<kirkland> RoAkSoAx: :-)  you da man!
<kirkland> RoAkSoAx: how long does an install take?
<RoAkSoAx> kirkland: not much on nqa
<RoAkSoAx> kirkland: it seems a bit slower as if we were using a local mirror though
<kirkland> RoAkSoAx: can you time it?
<RoAkSoAx> kirkland: sure, let me start another install
<kirkland> RoAkSoAx: cool
<kirkland> RoAkSoAx: also, is it ext3 or ext4?
<kirkland> RoAkSoAx: note that ext3 will be 2x faster
<RoAkSoAx> kirkland: ext3 as per your preseed
<kirkland> RoAkSoAx: cool
<RoAkSoAx> kirkland: I'm using your nqa preseed with the modifications required for the mirror
<kirkland> RoAkSoAx: hopefully we'll get that dpkg/ext4 bug fixed one day
<nealmcb> kpettit: I just mean that the cron system itself will send mail when there is any output (presumably to stdout or stderr?)
<RoAkSoAx> kirkland: hehe... yeah!! anywyas, there's seems to also been some kind of weird behavior
<kirkland> RoAkSoAx: how so?
<RoAkSoAx> kirkland: i got it working friday night, and today I tried to do it again and couldn't install
<RoAkSoAx> kirkland: appeared that it didn't pass through the proxy
<RoAkSoAx> kirkland: after a will of try/retry checking if config was ok and restart squid-deb-proxy then
<RoAkSoAx> kirkland: it started working again
<kirkland> RoAkSoAx: hmm, weird... do you have logs from both?
<RoAkSoAx> kirkland: so I'm not sure what might be going wrong
<RoAkSoAx> kirkland: the installation logs show that couldn't download from the specified mirror
<RoAkSoAx> kirkland: the proxy's didn't show any logs
<kirkland> RoAkSoAx: do you have instructions for me to test it here?
<ScottK> robbiew: I would appreciate it if you would accept https://blueprints.launchpad.net/ubuntu/+spec/server-o-postfix-enhancements for UDS.
<RoAkSoAx> kirkland: yeah
<kpettit> nealmcb, thanks.  Gives me a good spot to look
<RoAkSoAx> kirkland: install squid-deb-proxy in youir cobbler server
<robbiew> ScottK: ack
<RoAkSoAx> and I'll paste you the preseed
<robbiew> ScottK: seems to be already approved...I'll make sure it's scheduled
<ScottK> Thanks.
<RoAkSoAx> kirkland: http://pastebin.ubuntu.com/602369/
<RoAkSoAx> kirkland: so jsut either netboot or use koan
<kirkland> RoAkSoAx: okay, and where exactly do i put that?
<kirkland> RoAkSoAx: are you testing this on real hardware, or in vm's?
<RoAkSoAx> kirkland: cobbler/squid-deb-proxy is real hw
<RoAkSoAx> kirkland: installations are in VM's in two different laptops
<kirkland> RoAkSoAx: cool
<kirkland> RoAkSoAx: okay, so i'll give that a try in a little bit
<RoAkSoAx> kirkland: paste the preseed in /var/lib/cobbler/nqa-mirror.seed
<RoAkSoAx> kirkland: and modify the profile of the imported mini ISO you'll use
<kirkland> RoAkSoAx: my main laptop is really hosed, so i'm going to reinstall 11.04 from scratch
<RoAkSoAx> and point to that seed
<kirkland> k
<RoAkSoAx> kirkland: ok ;)
<RoAkSoAx> kirkland: ok, so it took almost 4 mins and 30 secs since. This is in a VM on my x201, and takes way less time than mother laptops thanks to the SSD
<kirkland> RoAkSoAx: perfect, that's what i was hoping for ... 4-5 minutes
<RoAkSoAx> kirkland: I'd like to see how it would behave when there's various systems using the proxy though!
<RoAkSoAx> kirkland: I guess that the only thing now is to generate a template preseed, that automatically sets the proxy IP/port and archive to be used. And obviosly install squid-deb-proxy by default to use the proxy after installation
<koolhead17> hi all
<Nikolasr> Hello, i got problem on ubuntu server 11.04 anyone can help me?
<rizzuh_laptop> How suitable is btrfs on top of mdraid 5 for four drives (up to 3TB each) on a media/storage home server, in comparison with ZFS?
<Macer> zfs is most likely better than md any day
<Macer> butt in your config you may wish to go true hw raid
<Macer> a 4 drive raid card isnt that expensive
<Macer> and they have nice things like a backup battery to keep writes in memory so  nothing is damaged on powering back up
<Macer> honestly... other than a couple features zfs  doesnt really offer much compared to a real raid minus the cost of the controller
<Nikolasr> Anyone having problem with graphich...after installation LOGIN SCREEN isnt readable..Whats that?
<_johnny> Macer: compression?
<_johnny> and dupes
<Macer> well... dedupe too
<ppetraki> rizzuh_laptop, I've lost data with btrfs before, keep backups (I do)
<Macer> all the other stuff you can already do
<rizzuh_laptop> ppetraki, in what scenario?
<Macer> although datasets are also nice
<rizzuh_laptop> ppetraki, eg, your failure, btrfs` failure or a combination?
<ppetraki> rizzuh_laptop, plain desktop usage, corrupted itself, was also using compression
<ppetraki> rizzuh_laptop, circa 2.6.32, it's better now but it still has bugs
<Macer> but in linux without zfs you can just bind mount if it is that serious
<_johnny> Macer: so your selling point has become a jibberish subjective statement? :(
<Macer> well.. zfs does  have cpu overhead
<rizzuh_laptop> ppetraki, alright.
<rizzuh_laptop> Macer, should have highlighed me, just saw your messages.
<ppetraki> rizzuh_laptop, I agree with Macer for the most part. It's easy to get distracted by storage bling. remember, it's all about the integrity of your data
<_johnny> you shouldn't use zfs on mac, obviously
<rizzuh_laptop> Macer, hardware RAID doesn't address silent data corruption, which on 2-3TB drives can be a pig PITA. And it's far too expensive for a home server.
<_johnny> ppetraki: every zfs maillist agrees
<ppetraki> rizzuh_laptop, you can use MD as the backing store for LVM BTW
<Nikolasr> Anyone to help on my question?
<Macer> rizzuh_laptop: solar winds?
<ppetraki> rizzuh_laptop, MD has a "check" function for bit rot
<Macer> gamma rays? :)
<rizzuh_laptop> ppetraki, true, but I need the filesystem to support data checksums, so data corruption is detected.
<Nikolasr> Guys?
<rizzuh_laptop> ppetraki, I can't check every day, gotta have it automatic when the file is accessed.
<rizzuh_laptop> Macer, no, with big drives it's a noticeable issues, more so on big files.
<Macer> journaling doesnt catch bitrot"
<_johnny> Nikolasr: what's the question?
<ppetraki> rizzuh_laptop, basic checksums are already written to disk
<ppetraki> rizzuh_laptop, again, a good HW raid covers you pretty well
<rizzuh_laptop> ppetraki, nope, they're blissfully unaware of bit rot.
<Nikolasr> @_johnny: Anyone having problem with graphich...after installation LOGIN SCREEN isnt readable..Whats that?
<rizzuh_laptop> Macer, not journaling. ZFS does data integrity tests.
<ppetraki> rizzuh_laptop, netapp?
<Nikolasr> _johnny: Anyone having problem with graphich...after installation LOGIN SCREEN isnt readable..Whats that?
<Macer> uhm
<_johnny> bad gfx driver mabye? only noticed it a time when i had a buggy disk inserted, but onlye 1 time on startup
<rizzuh_laptop> ppetraki, home media/storage server.
<Nikolasr> When its booting from cd its requring to choose what display mode i want to choose..
<rizzuh_laptop> Macer, ZFS checksums on block level and upon hash failure it restores from redundant locations.
<Nikolasr> I have tried 11.04 server edition disk..But i have 8
<ppetraki> rizzuh_laptop, can't have it all :), and a fancy filesystem is no substitute for regular backups
<Nikolasr> But i have 8.10 and its readable screen
<rizzuh_laptop> ppetraki, yeah, you go tell Joe to backup. Best alternative is to make the storage part very solid.
<ppetraki> rizzuh_laptop, I do storage at the kernel level for a living, for years, I can't remember the last time I encountered a bit rot event
<Nikolasr> _johnny ?
<ppetraki> rizzuh_laptop, yes, it happens, but it doesn't keep me up at night
<ppetraki> rizzuh_laptop, perspective is everything, just having a MD based raid puts you ahead of most
<rizzuh_laptop> ppetraki, I have today in fact.
<_johnny> Nikolasr: which one's readable?
<ppetraki> rizzuh_laptop, backups?
 * ppetraki backs up weekly to cloud and local storage
<Nikolasr> that one 8.10 server edition
<Nikolasr> but i want newer one
<ppetraki> rizzuh_laptop, SATA?
<rizzuh_laptop> ppetraki, well it was from a freshly ripped disk. After-rip check passed, then a few hours later it went kaput.
<rizzuh_laptop> yes
<rizzuh_laptop> ppetraki, not really. All decent NAS solutions use mdraid.
<Nikolasr> @_johny Its like having phyroglipies..
<_johnny> probably bogus gfx driver
<Nikolasr> What you prefer to do
<_johnny> get the latest driver. install with aptitude or some other ssh way
<_johnny> try booting in safemode, maybe that'll give you a gnome way in
<ppetraki> rizzuh_laptop, sorry to hear about the loss, but using SATA is basically asking for bad things to happen
<Nikolasr> My driver is on my compaq onboard vga..so i dont think its driver..I have compaq deskpro EN
<_johnny> oki, dunno :>
<rizzuh_laptop> ppetraki, why? What would you suggest?
<ppetraki> rizzuh_laptop, the quality gap is deliberate, it's not because SAS/SCSI is a superior protocol, sure that helps, but the field has decided to put lower quality everything on the ATA side of the fence
<rizzuh_laptop> ppetraki, because it's cheaper. SAS isn't an option in this though - home media/storage server.
<ppetraki> rizzuh_laptop, really? It doesn't cost what it used to
<rizzuh_laptop> it does abotu $100, which is not an option.
<rizzuh_laptop> (for LSI 1068e, which is like... dirt cheap)
<ppetraki> rizzuh_laptop, yeah, nice old design :)
<rizzuh_laptop> And SATA drives with SAS controllers don't help.
<Nikolasr> Anyone other to help me?
<rizzuh_laptop> The geeks might stick in a SAS card and use nice drives, but Joe won't care.
<RoyK> rizzuh_laptop: SATA drives work well on SAS...
<ppetraki> rizzuh_laptop, SATA on SAS controller is literraly a forked device, there's a separate firmware stack that does just ATA, I don't recommend it, the support varies
<rizzuh_laptop> RoyK, but you don't get the SAS advantage.
<rizzuh_laptop> ppetraki, LSI has good support for that.
<rizzuh_laptop> But I know that.
<ppetraki> rizzuh_laptop, yeah they do, earlier adaptec SAS didn't, up until the aic94xx
<RoyK> rizzuh_laptop: you don't get the full SAS advantage, no, but support for SAS expanders etc is good
<Macer> tigerdirect sells fake plants
<Macer> wth?
<Moobyfr_> sata drives aren't made to work 24h a day 365...
<ppetraki> that's right
<rizzuh_laptop> RoyK, for home media/storage server... that's useless, heh.
<RoyK> Moobyfr_: some of them are, but not all
<ppetraki> the "enterprise" SATA ones
<rizzuh_laptop> Moobyfr_, some are, eg hitachi's 7K line is the same as the Ultrastar, except warranty.
<rizzuh_laptop> 7K3000 == A7K3000 - warranty
<Macer> my wd 1TB drives have been running since 2007
<ppetraki> I literrally refer to SATA as just another 4 letter word, it's caused me so much grief with customers cutting corners.
<Macer> 24 hrs a day without a hiccup
<ppetraki> seen people buy 12K servers only to populate it with the worlds cheapest disks. insane
<RoyK> Moobyfr_: I read a test done over several years with about 100k drives of all sorts of makes, from desktop to enterprise, SATA, SAS, FC etc, and the end result was there wasn't possible to determine which drives were better in terms of reliability
<Macer> haha
<RoyK> Moobyfr_: we're using desktop drives for some 350TB net storage, and it works
<Moobyfr_> I can provide my stats about HD :)
<ppetraki> that's wonderful, it doesn't compare to my first hand experience :)
<Moobyfr_> on several yers there is no choice :)
<RoyK> Macer: no haha - that was the numbers - several very large datacentres were involved - the same result came from google's internal report a few years ago
<RoyK> imho the only way to be safe, is to have good redundancy
<ppetraki> rizzuh_laptop, so I get where you're coming from, you want to do more with less. If ZFS is that important to you, and this is basically a well purposed appliance you could go with one of those open sourcy solaris distros and call it done
<RoyK> enterprise drives fail just as quickly as desktop drives
<RoyK> say WD - the only difference between a WD Black and the 'raid level' aka 'enterprise' drive, is the firmware - same build, same production line
<Macer> RoyK: money talks
<RoyK> perhaps some burn-in for the enterprise, but you can do that easily yourself
<Macer> which is why datacenters are redundant
<RoyK> and which is why many datacentres uses desktop drives, because they work just as well
<rizzuh_laptop> ppetraki, it's important because it offers a solid advantage over competitors, and is a legitimate need.
<Macer> cheaper short  term to replace a cheap disk here and there than to pay for the more expensive ones in one shot
<ppetraki> rizzuh_laptop, Linux has been doing "we need a super FS" for almost a decade now, XFS, JFS, reiser, and  now finally btrfs
<RoyK> for our 350TB setup, the price would be more than doubled if we chose enterprise drives, so we didn't
<RoyK> ppetraki: you need ZFS :)
<Macer> RoyK: no point with proper redundancy
<rizzuh_laptop> ppetraki, yeah, I've seen that.
<ppetraki> RoyK, I need multipath to work better
<ppetraki> rizzuh_laptop, at the high end, they just throw an EMC or NA at it and call it done
 * RoyK has moved to openindiana for storage - linux simply isn't good enough
<Macer> oi was a letdown
<ppetraki> rizzuh_laptop, but with everything getting cheaper, more can be done in software to bridge that gap
<Macer> i loved osol
<Macer> oi is stunted
<ppetraki> rizzuh_laptop, so btrfs/zfs have arrived at the right time
<Macer> damn you  oracle!
<RoyK> Macer: really?
<RoyK> works for me (tm)
<ppetraki> I have to get going, hope you get your data sorted out
 * SpamapS starts the neverending erlang compile
<andygraybeal> RoyK, i agree with you about openindiana for storage.  i've been considering nexentastor for a while now.  (it's opensolaris now. but they are moving to openindiana)
<RoyK> andygraybeal: nexenta is ok, but nexentastor is incredibly overpriced
<andygraybeal> true, i don't have that many resources, so it was free for me
<RoyK> with 100TB, you'll pay more for the license than for the hardware, and you won't get any guaranteed support or onsite help, so imho it's rather worthless - better spend more money on redundancy
<andygraybeal> i'm not at the point where i have the knowledge to do any of that stuff with out a webform prompting me.
<andygraybeal> i was proud when i got ZFS permssions working!!@ (not posix pos in linux)
<RoyK> andygraybeal: if you're using zfs, whatever platform, and the shit hits the fan, you need knowledge and good support personenl inhouse, not someone to call
<andygraybeal> it worked like a dream,and just like the documentation said.
<RoyK> zfs-fuse is ok, but it's a bit on the slow side on writes, last I checked
<_SHuN_> after upgraded my kernel, the motd is showing dupplicated...
<ignarps> _SHuN_, edit /etc/motd.tail ?
<ruben23> hi guys
<ruben23> hi guys do i need x server installed on my ubuntu server to used virt-manager..?
<ruben23> for KVm virtualization..?
<pmatulis> ruben23: i use virt-manager remotely (over ssh) and the remote host does not have a desktop interface.  just install 'virt-manager' on the remote host
<ruben23> pmatulis: ok thanks
<_SHuN_> ignarps: thx
<uvirtbot> New bug: #775810 in mysql-5.1 (main) "package mysql-server-5.1 5.1.54-1ubuntu4 failed to install/upgrade: Ð¿Ð¾Ð´Ð¿ÑÐ¾ÑÐµÑÑ ÑÑÑÐ°Ð½Ð¾Ð²Ð»ÐµÐ½ ÑÑÐµÐ½Ð°ÑÐ¸Ð¹ post-installation Ð²Ð¾Ð·Ð²ÑÐ°ÑÐ¸Ð» ÐºÐ¾Ð´ Ð¾ÑÐ¸Ð±ÐºÐ¸ 1" [Undecided,New] https://launchpad.net/bugs/775810
<RoyK> someone should teach bug reporters to post in English
<genii-around> Or internationalize the bug reporting or something
<RoyK> heh - run it through google translate? that can introduce a few issues :P
<genii-around> Yeah maybe
<bsodmike> hello :)
<RoyK> EHLO
<bsodmike> hey RoyK
<bsodmike> I had to run mount -t devpts /dev/ptmx /dev/pts on my box
<bsodmike> any ideas how I can get this to persist at boot?
<bsodmike> this was to get screen working right again
<bsodmike> else it'd whine about no more PTYs
<RoyK> bsodmike: strange - the ubuntu servers I've installed haven't had a problem with PTYs
<bsodmike> mine's running as VPS @ media temple
<bsodmike> just had this one issue after a container restore
<RoyK> well, add it to /etc/fstab
<_johnny> hi. i officially give up so now i come to ask for help. i've installed apache2, php5(.3.3) and phpmyadmin. apparently php5.3.3 packaged with ubuntu packages isn't built with mysql support (built-in for 5.3+). any ideas how to fix this? i've tried compiling myself and installing... however, apache2 still loads the 5.3.3 one (as opposed to 5.3.6)
<RoyK> _johnny: apt-get install php5-mysql
<RoyK> you may have to restart apache after that one
<_johnny> RoyK: i already have that
<bsodmike> RoyK: it's listed in mtab already?
<RoyK> php5 mysql support has been working for ages
<RoyK> bsodmike: mtab shows what's mounted, fstab shows what's supposed to be mounted at boot
<bsodmike> this is my fstab
<bsodmike> proc  /proc       proc    defaults    0    0
<bsodmike> none  /dev/pts    devpts  rw          0    0
<RoyK> !pastebin
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imagebin.org/?page=add | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<bsodmike> apologies
<bsodmike> is that correct?
<bsodmike> none should be /dev/ptmx ?
<_johnny> RoyK: i'm aware. and it works on my mac just fine, however, not on ubuntu. and judging from phpinfo() my best guess is that php isn't built with mysql native driver enabled
<hallyn_afk> yes there's no device
<RoyK> bsodmike: never seen that issue, sorry
<hallyn_afk> bsodmike: it's correct
<bsodmike> oh
<RoyK> _johnny: check /etc/apache2/mods-enabled
<RoyK> _johnny: there should be a symlink there to /etc/apache2/mods-available for the php module
<RoyK> _johnny: on which ubuntu version are you running?
<_johnny> 10.10, and which module should i look for? the "php5" is enabled, there is no php5-mysql
<RoyK> _johnny: mysql is part of php
<_johnny> i know! :P
<_johnny> but the apt-get install php5 does NOT have mysql built in
<RoyK> _johnny: also, keep in mind that most servers should be running LTS releases unless there is some cutting edge software needed
<bsodmike> johnny, a2enmod rewrite don't forget that too
<RoyK> bsodmike: which is the same as changing symlinks......
<bsodmike> ok nn all
<bsodmike> RoyK
<bsodmike> indeed :)
<_johnny> bsodmike: i have that enabled (and working) too, but thanks
<_johnny> RoyK: sorry, LTS?
<RoyK> !lts
<ubottu> LTS means Long Term Support. LTS versions of Ubuntu will be supported for 3 years on the desktop, and 5 years on the server. The current LTS version of Ubuntu is !Lucid (Lucid Lynx 10.04)
<_johnny> fair point, but the php i have is not experimental, and it hardly looks like a bug
<_johnny> you have to enable mysql when you compile php, so it looks (to me) more as if it just isn't built-in the "php5" package
<kpettit> Can you have multiple apache ssl virtualhosts on the same IP address?  I keep hearing you can and that you can't.  Would love to find some good docs for it
<_johnny> which gives merit to php5-mysql. however, the output from php is the same with or without
<ruben23> hi guys i have a linux server with a publci ip of 123.222.13.14 - then i have a domain of itselction.com = how do i configure my server to used those domain since its already pointed to my server ip
<JasonMSP> ruben23: google apache virtual server
<ruben23>  JasonMSP: do i need to setup virtual server to used the domain..?
<ppetraki> ruben23, if its just the web, then yeah vhost is what you need, however you should already be able to ssh to your box using the DNS name
<_johnny> RoyK: i took this screenshot in case it sheds any light on things (note the missing A) for php5-mysql
<ChrisBuchholz> Hey guys. On ubuntu 11.04 server, when i add a ppa with add-apt-repository and then apt-get update, it doesnt list the ppa in the output of the repositories it reads, and i cant install the software from the ppa either. Its like it "ignores" it. Isnt add-apt-repository the way to do it?
<ppetraki> ChrisBuchholz, it is, but not all PPAs support the distro you're running
<ChrisBuchholz> ppetraki: but this one does: https://launchpad.net/~jerome-etienne/+archive/neoip?field.series_filter=natty
<ppetraki> ChrisBuchholz, so what does your /etc/apt.d look like then?
<ppetraki> ChrisBuchholz, err, /etc/apt/sources.d
<ChrisBuchholz> /etc/apt/sources.list.d?
<ruben23>  hi guys if i create a guest VM on kvm- and its using NAt to guest VM are ther any chances i can access the guest Vm outside network or remotely..? how do i do that..?
<ppetraki> ChrisBuchholz, yeah, that one :)
<ChrisBuchholz> ppetraki: theres a jerome-etienne-neoip-natty.list and jerome-etienne-neoip-natty.list.save files inside
<ChrisBuchholz> ppetraki: and they seem to contain what they should
<ppetraki> ChrisBuchholz, so it's deb.... natty main ?
<ChrisBuchholz> ppetraki: yes indeed
<ppetraki> ChrisBuchholz, then the cache would be the next diagnostic step
<ChrisBuchholz> ppetraki: can i do a "update-no-cache"?
<ppetraki> ChrisBuchholz, I'm no apt expert :(
<ppetraki> ChrisBuchholz, I think it's apt-get clean && apt-cache gencaches
<ppetraki> Hmm... what would be the right channel for this particular question?
<ppetraki> ChrisBuchholz, #ubuntu-packaging ? that's a guess
<ChrisBuchholz> ppetraki: hmm, i will google a bit for how to empty cache first
<ChrisBuchholz> the commands you gave didnt work
<ChrisBuchholz> or, yes, they worked, but ... :P
<ppetraki> ChrisBuchholz, that's odd, yeah, if you can resolve that URL (I can), and the list file is correct and you don't see it in the updates then something silly is going on
<ChrisBuchholz> yeah, indeed
<ChrisBuchholz> havent had this problem before
<ppetraki> ChrisBuchholz, an strace of apt-get update would be useful, dump it to a file. atleast then you would see if it actually opened the new list file or not
<ChrisBuchholz> ppetraki: https://gist.github.com/952345
<ChrisBuchholz> ppetraki: you see?
<ppetraki> ChrisBuchholz, yeah
<ppetraki> ChrisBuchholz, try this instead, "strace -o out.list apt-get update"
<ppetraki> ChrisBuchholz, http://pastebin.com/rQ5mXiSk
<_johnny> ok, i give up. i'll run the interface for mysql on a different OS :P
<ppetraki> ChrisBuchholz, so there I can verify that it's actually read my ppas
<ChrisBuchholz> ppetraki: http://paste.ubuntu.com/602496/
<ppetraki> ChrisBuchholz, what language locale are you running?
<ChrisBuchholz> ppetraki: i would guess english?
<ppetraki> ChrisBuchholz, I'm just trying to make sense of this, it finds your sources file, allocs a fd to it and does real work
<ppetraki> ChrisBuchholz, open("/etc/apt/sources.list.d/jerome-etienne-neoip-natty.list", O_RDONLY|O_LARGEFILE) = 4
<ppetraki> read(4, "deb http://ppa.launchpad.net/jer"..., 8191) = 140
<ppetraki> read(4, "", 8191)                       = 0
<ppetraki> close(4)
<ppetraki> ChrisBuchholz, that's around line 183
<ChrisBuchholz> ppetraki: yeah. So it should wok?
<ChrisBuchholz> work
<ppetraki> ChrisBuchholz, correct
<ppetraki> ChrisBuchholz, so this could be a gpg fumble (silently) or something else, but apt knows it's there, and it's been discounted for some unexplained reason
<ppetraki> ChrisBuchholz, sounds like you've got an interesting little puzzle :)
<ChrisBuchholz> in this case, i dont like puzzles! :P
<ChrisBuchholz> just tried with another ppa - some thing
<ppetraki> ChrisBuchholz, well, atleast it's consistent
<ppetraki> ChrisBuchholz, I think bringing this to more of an admin channel would be of better use to you
<ppetraki> ChrisBuchholz, seeing that no one has jumped up to help you except for a kernel engineer who has a disdainful relationship with userspace :-p
<ppetraki> ChrisBuchholz, it got the distro right too, see natty in the filename
<ChrisBuchholz> yes i see that
<ppetraki> ChrisBuchholz, <05:15:25>tmp$ echo "deb http://ppa.launchpad.net/jerome-etienne/neoip/ubuntu natty main" | wc -c
<ppetraki> 68
<ppetraki> <05:15:29>tmp$ echo "deb-src http://ppa.launchpad.net/jerome-etienne/neoip/ubuntu natty main" | wc -c
<ppetraki> 72
<ppetraki> ChrisBuchholz, 72+68=140, so the read is probably accurate
<ChrisBuchholz> ppetraki: alright. Dont know what that mean but i trust you :)
<ppetraki> ChrisBuchholz, see this? read(4, "deb http://ppa.launchpad.net/jer"..., 8191) = 140
<ChrisBuchholz> ppetraki: yes
<ppetraki> ChrisBuchholz, it means the read call succeed in acquiring 140 chars
<ChrisBuchholz> ppetraki: ah right
<ppetraki> ChrisBuchholz, I went to the PPA and replicated what the deb, deb-src lines should look like if they're correct, and the two lines add up to 140
<ppetraki> ChrisBuchholz, simple checksum :)
<ChrisBuchholz> yes ;
<ppetraki> ChrisBuchholz, so we know apt isn't ignorant of the data, it's discarded it for some reason. You might have found a bug :)
<ChrisBuchholz> ppetraki: but i dont need a bug right now! :D
<ChrisBuchholz> aah:D
<ChrisBuchholz> ppetraki: well, thank you so far. Have to get to bed now, school tomorrow!
<ChrisBuchholz> bye
<dob_> what will i have to allow in iptables to remove this log message: IN= OUT=eth0 SRC=46.6.19.231 DST=217.222.221.76 LEN=84 TOS=0x00 PREC=0x00 TTL=64 ID=47324 PROTO=ICMP TYPE=0 CODE=0 ID=15983 SEQ=2
<ppetraki> ChrisBuchholz, bye
<dob_> SRC is my servers address, dST is the host i ping from
<dob_> Tried iptables -A OUTPUT -p ICMP 		--icmp-type echo-request -j ACCEPT
<ppetraki> dob_, -A INPUT ?
<david5345> Can I set asterisk global variables from /etc/default/asterisk ?
<dob_> tried that too
<alamar> dob_: dont append but insert
<alamar> if you somewhere above the new rule already -j DROP icmp stuff the rule will never be reached within your input chain
<dob_> ah alright
<uvirtbot> New bug: #775906 in openldap (main) "package slapd 2.4.21-0ubuntu5.4 failed to install/upgrade: le sous-processus script post-installation installÃ© a retournÃ© une erreur de sortie d'Ã©tat 1" [Undecided,New] https://launchpad.net/bugs/775906
<dob_> alamar: thanks! that was the reason *sigh*
<alamar> np
<dob_> if i have a -P OUTPUT ACCEPT and create a -j LOG, will then the accepted connections be logged?
<dob_> is that correct?
<Macer> why doesnt the motd change?
<Macer> i changed it  with sudo and it keeps going  back to the default
<Macer> seriously? must motd be this complicated?  lol
<soren> Macer: Look at /etc/update-motd.d
<soren> Macer: Short version: Put something in /etc/motd.tail and it'll get appended to motd. That's probably the easiest, but may not be what you're looking for.
<Macer> ok thanks
<Macer> :)
<uvirtbot> New bug: #775946 in cobbler (universe) "debmirror fails to execute due to not set HOME env variable" [Low,In progress] https://launchpad.net/bugs/775946
<RoAkSoAx> kirkland: ping
<reyeryshs> I need help on my ubuntu E. cloud
<reyeryshs> I've try entering my server ip and :8443 and it gave me "Invalid Server CertificateA request failed because the server's certificate was invalid."
<uvirtbot> New bug: #775965 in dnsmasq (main) "package dnsmasq-base 2.52-1ubuntu0.1 failed to install/upgrade: corrupted filesystem tarfile - corrupted package archive" [Undecided,New] https://launchpad.net/bugs/775965
<SpamapS> ugh we need to get on our Triage horses
<RoAkSoAx> lynxman: ping
#ubuntu-server 2011-05-03
<reyeryshs> what is the differnces between ubuntu-server vs ubuntu enterpise cloud server???
<SpamapS> reyeryshs: there's no real difference. UEC is just the integration of Eucalyptus with Ubuntu Server
<reyeryshs> anyone know  a guide/pdf for free on web for ubuntu server and for ubuntu epnterpise cloud
<reyeryshs> I've guess I should just install ubuntu server
<habriel>  hello i am installing mrtg and i have it problem Use of uninitialized value $first in hash element at /usr/bin/indexmaker line 353
<habriel> could you any help me please
<uvirtbot> New bug: #775993 in apache2 (main) "package apache2.2-common 2.2.17-1ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/775993
<uvirtbot> New bug: #776020 in bacula (main) "package bacula-director-mysql 5.0.3-0ubuntu2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/776020
<DAVdaBRAV> Hello. I got another stupid question.
<DAVdaBRAV> anyone on the channel?
<andygraybeal_> i'm here but most likely i am to new to help
<andygraybeal_> shoot though.. i got nothing else going on.
<andygraybeal_> i want to hear your problem
<twb> andygraybeal_: a veteran would just say "!anybody" :P
<andygraybeal_> nice, is it a prompt for someone not to ask about anybody?
<twb> !anybody
<ubottu> A large amount of the first questions asked in this channel start with "Does anyone/anybody..."  Why not ask your next question (the real one) and find out? See also !details, !gq, and !poll.
<DAVdaBRAV> how come whenever I login to my server it displays a time that isn't correct even thought it gets the last logged in time perfect?
<twb> timezone?
<twb> What does date --rfc-3339=seconds report?
<DAVdaBRAV> the correct time.
<DAVdaBRAV> eastern US
<Angryfurby> good evening guys i loaded up my site on ubuntu 10.10 server with a godaddy cert upload and configured the sites-available to the best i could and i still get the selfsigned cert not the gd oone
<twb> DAVdaBRAV: not sure which time is wrong, then
<DAVdaBRAV> well it seems to know what time it is at least.
<twb> Angryfurby: /etc/apache2/conf.d/security
<Angryfurby> twb: ok what do i look there
<twb> Angryfurby: er, where it refers to snakeoil certs?
<Angryfurby> twb: want me to pastbin it
<twb> Maybe it doesn't by default
<twb> Mine apache2 config is a little odd
<qman__> it used to be in the ssl site config
<qman__> but I don't know on the latest stuff
<DAVdaBRAV> twb: it says: Linux computername 2.6.32-28-generic-pae #55-Ubuntu SMPP Mon Jan 10 22:34:08 UTC 2011 i686 GNU/Linux
<DAVdaBRAV> I guess that's not reporting the time. :S what is it?
<twb> DAVdaBRAV: that's UTC time
<twb> UTC = GMT = +0000
<DAVdaBRAV> Any idea why I can't do: sudo /etc/init.d/mysql stop ?! >:{
<qman__> not without the error message
<qman__> also, that method is being deprecated
<qman__> the service command works with both sysvinit and upstart, so that's what I recommend
<DAVdaBRAV> well what am I supposed to do then? I have no idea how to use the service command to stop mysql I try and it returns unrecognized instance or some such.
<qman__> then it's not running
<qman__> at least not as a service
<qman__> also, `sudo service [service] [start|stop|restart|...]`
<DAVdaBRAV> any idea how to show running sevices so I can get what it's called?
<qman__> ps aux | grep mysql
<qman__> also, service has tab completion
<qman__> in fact, most things have tab completion now
<qman__> it's incredibly convenient
<Macer> qman__: i noticed that heh. pretty nice to have
<Macer> tab ftw
<DAVdaBRAV> what is tab completiong?
<qman__> start typing something in a shell and press tab
<DAVdaBRAV> :O
<qman__> it's only the most useful thing ever
<DAVdaBRAV> wow
<qman__> tap it twice to show ambiguous results
<DAVdaBRAV> you're a freaking genius qman! :D
<qman__> that's just shell 101
<qman__> though if you've never learned from a book, class, or another person, I guess you wouldn't have known
<DAVdaBRAV> true
<Macer> haha
<Macer> it  is odd because i am right in front of my kubuntu desktop and i am still using my phone  for irc
<DAVdaBRAV> now: mysqld_safe --skip-grant-tables & doesn't work.
<qman__> I prefer screen + irssi, and I use an ssh app on my phone
<Macer> me  too
<qman__> running xchat here because I'm too lazy to configure it on this computer
<Macer> that is what im doing
<Macer> ew
<Macer> i havent used a  ui irc client in  years
<qman__> set it up like five years ago and haven't touched it
<Macer> ever since ircii
<DAVdaBRAV> any ideas how I can start mysql server w/o password now?
<qman__> IIRC there is an external password reset command
<qman__> but I haven't used it in a while, don't know off the top of my head
<Macer> DAVdaBRAV: try  #mysql
<Macer> they might know more than us
<DAVdaBRAV> ok
<DAVdaBRAV> thanks
<Macer> other than setting up a quick db for wp i never really  used it
<Macer> but i have been where you are and it sucks to lose the root pw to mysql
<qman__> for future reference, "it doesn't work" isn't very useful without the error message or other output you get
<qman__> that's critical to finding out why
<Macer> android sure has come along since my old g1 :)
<DAVdaBRAV> for future reference, it was "command not found"
<qman__> find / | grep mysqld_safe
<qman__> or
<qman__> locate mysqld_safe
<qman__> it's probably /usr/sbin, but it could be somewhere else
<qman__> I don't have time to look for it myself right now
<DAVdaBRAV> it is there
<qman__> then try it with the full path, `sudo /usr/sbin/mysqld_safe --skip-grant-tables &`
<DAVdaBRAV> it says starting :D
<DAVdaBRAV> I tried without sudo the first time. thanks.
<qman__> ah, yeah, daemons need root
<DAVdaBRAV> (How can I be such a noob not to always do sudo when it doesn't work the first time)
<DAVdaBRAV> thanks qman_. there's no one in #mysql, and this tutorial (http://www.cyberciti.biz/tips/recover-mysql-root-password.html) didn't work, so unless you have a clue why, do I need to re-install Ubuntu or just mysql?
<qman__> if you purge and reinstall mysql, it should solve the problem
<qman__> simply removing it will not, though
<DAVdaBRAV> what's the difference?
<qman__> removing software leaves configuration files and databases behind
<qman__> purging deletes them
<DAVdaBRAV> can you please tell me how to purge mysql and phpmyadmin so that I can reinstall them correctly?
<qman__> pastebin the output of `dpkg -l | grep mysql`
<qman__> or just list the package names
<DAVdaBRAV> O_O pastebin?
<qman__> !pastebin
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imagebin.org/?page=add | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<DAVdaBRAV> dpkg -l | grep mysql
<DAVdaBRAV> dang wrong keyboard
<qman__> you just need the package names it lists
<qman__> then `sudo apt-get purge [those package names] phpmyadmin`
<DAVdaBRAV> ok
<qman__> then install again after that's done
<qman__> it should start the debconf bit over and ask you for a new root mysql password
<DAVdaBRAV> ok... this will take a while... but thanks :)
<DAVdaBRAV> wait
<DAVdaBRAV> ""
<DAVdaBRAV> " then `sudo apt-get purge [those package names] phpmyadmin`" including phpmyadmin?
<qman__> yes
<qman__> if you want to start over with phpmyadmin as well
<qman__> if not, don't
<DAVdaBRAV> wait, don't I have to purge mysql and phpmyadmin separately?
<qman__> nope
<DAVdaBRAV> :O
<qman__> you can apply any number of package changes in one action
<qman__> that's the benefit of a good package management system
<qman__> it's not bulletproof, bugs do happen
<DAVdaBRAV> Even if I didn't use apt-get to get myadmin?
<qman__> but it's designed so that you should be able to
<qman__> if you didn't, you should delete the files you installed and use apt to reinstall it
<DAVdaBRAV> everywhere except here says not to use apt-get
<qman__> the biggest benefit to doing it that way is when updates happen, you get them
<qman__> that's because most other places aren't ubuntu and debian centric
<qman__> and most other distributions don't have a nice package to make it easy
<DAVdaBRAV> so even though the project hasn't been updated if 4 versions apt-get is actually better for updates o.O ?
<qman__> as a system administrator, the more you can use apt-get, the better
<qman__> that's not always black and white
<qman__> it may be an older version, but it's likely that the ubuntu package has been patched separately
<twb> Not so much using apt-get, as using apt and dpkg with official packages
<qman__> for example, php
<twb> You lose a large part of the benefits if you go around installing PPAs from e.g. webmin or zimbra
<DAVdaBRAV> ok then. :)
<qman__> the current PHP version in ubuntu is not the same version as on PHP's site
<twb> Because they do not adhere to the strict packaging policies that Debian has created to ensure that packages work well together
<qman__> it's a couple behind, but it has a -ubuntu1 or -ubuntu2, etc on the end
<qman__> because the ubuntu maintainers patched the holes
<twb> qman__: and performed integration testing
<qman__> once in a while you run into something that is packaged but horribly out of date
<qman__> but it's not very often, and it's definitely not the case for popular software like phpmyadmin
<DAVdaBRAV> phpbb3 guys said the 4 versions thing.
<twb> IMO you shouldn't be performing administration from a web UI
<twb> Especially not for a database, especially not from PHP
<qman__> you can go the other route, but then it's up to you to update the software manually each time a patch comes out
<qman__> with apt, you can just run it in one sweep with your system updates
<qman__> less work and still reasonably up to date and secure
<DAVdaBRAV> so you think I should ditch the wget version of phpbb3 too?
<qman__> I would, but I have a lot of servers to maintain, and not much time to maintain them
<DAVdaBRAV> I will do the easy way too then.
<qman__> most of the security holes that get patched can be mitigated by good practice anyway
<qman__> and if you're really paranoid, just pull the admin panel out of the web root when you're not using it
<qman__> or use some other authentication method, or restrict hosts that can connect
<qman__> something like that
<qman__> anyway, I must be going, good luck with your server
<DAVdaBRAV> thank you.
<Angryfurby> good evinging guys i am having a issue with apache loading the default self signed cert and not the cert i configured for. on ubuntu 10.10
<ckrailo> all: for ubuntu server 11.04, what's the best way to start a program in screen on boot?
<wjlafrance> Yo
<wjlafrance> Is there a way to install Ubuntu Server on a headless box?
<twb> wjlafrance: yes
<wjlafrance> twb: care to give me a pointer?
<twb> http://www.debian.org/releases/stable/amd64/apb.html.en
<twb> Or just install it normally then transplant the HDD
<wjlafrance> Cool, thanks.
<micahg> is there a metapackage to install ubuntu-server from a minimal install?
<twb> micahg: er, just don't install anything.
<twb> micahg: it probably enables ubuntu-standard by default, but you can opt out of that
<twb> The ubuntu-minimal package, plus a kernel, should be enough to boot and install additional packages
<micahg> yeah, I've got minimal and I can install stuff
<twb> Oh, I misread your question
<twb> servers are diverse enough that a single "server" metapackage wouldn't be helpful (cf. "ubuntu-desktop").
<twb> You can run tasksel or aptitude to see separate tasks for e.g. www or dns server
<micahg> twb: ok, was just a misconception in my head then, np
<DAVdaBRAV> can I use apt-get to install to a particular directory? like: /var/www so that I can use URL: Http://<domain>/phpBB3/ and actually see phpBB3?
<twb> DAVdaBRAV: /var/www is not used in Ubuntu
<twb> DAVdaBRAV: rather, apache2 (assuming you use that httpd) will be told in /etc/apache2/sites-available/ to serve specific filesystem trees for specific HTTP dirs/vhosts/whatever.
<DAVdaBRAV> twb: Huh?
<uvirtbot> New bug: #513486 in unixodbc (main) "select query did not return correct uid datatype" [Undecided,Fix released] https://launchpad.net/bugs/513486
<DAVdaBRAV> ok, but how?
<twb> DAVdaBRAV: so for example phpbb3 will install itself to somewhere like /usr/lib/phpbb3/bin and /usr/share/phpbb3/data, and apache will be told to serve the former as cgi-bin and the latter as /
<twb> exactly how will depend on how the package maintainer has set it up
<twb> Try reading the README.Debian in /usr/share/doc/<package name>/
<DAVdaBRAV> ok.....
<DAVdaBRAV> wouldn't I need to read apache docs instead?
<twb> Those too
<STF> hi i even installed ubuntu-server, when start the system i have now the problem, that i have the english layout, but i need the german one
<STF> how to change this now (and permanently)
<twb> STF: on the console?
<twb> STF: dpkg-reconfigure console-setup
<STF> yes
<twb> Good luck typing it tho :-)
<STF> ehm that doesn't help me
<STF> there i cannot change the language, i need qwertz support not qwerty
<twb> STF: there should be an option to pick the keyboard type
<STF> is the change immediately?
<STF> or does it need a reboot
<STF> ?
<twb> It's immediate if you're in the tty
<twb> If you're in screen, no
<twb> Run "tty" and see if it reports /dev/tty[1-6]
<STF> it do
<twb> Not sure then
<STF> "/dev/tty1
<twb> It should be immediate
<STF> it isn't and it is not after restart
<twb> I suppose you might not have the relevant packages installed, but unless you've gone through removing things, you should have them
<twb> IIRC they would be console-setup, xkb-data, and kbd or console-tools
<STF> i chat with you over the secondary pc
<twb> Whatever
<STF> i give it up
<twb> Too bad
<twb> Sorry I couldn't help
<STF> twb; you wasn't totaly wrong, but it is console-data, which need to be installed an reconfigure ;)
<twb> Ah, sorry
<STF> wait, it wasn't permanent, oh man that so stupid#
<twb> It's console-setup in debian sid
<lynxman> RoAkSoAx: pong
<twb> When using libvirtd on a headless server, and a remote virt-install with qemu+ssh://twb@theta/system, how do you convince virt-install the disks are on the server, not the client?
<twb> AHA
<twb> --disk pool=default,format=qcow2,size=1
<uvirtbot> New bug: #776194 in ntp (main) "Error mails after changing the ntp server" [Undecided,New] https://launchpad.net/bugs/776194
<ChrisBuchholz> Hey guys. On my ubuntu 11.04 server, when i add a ppa, via add-apt-repository, apt-get doenst use it. Or, not fully anyways. As you can see here: https://gist.github.com/952345 I add the repository and update, but its not on the list over loaded repos. I did a strace that shows it actually does "see" the repo: http://paste.ubuntu.com/602496/
<ChrisBuchholz> Can you guys help me out?
<uvirtbot> New bug: #776202 in mysql-5.1 (main) "package mysql-server-5.1 5.1.54-1ubuntu4 failed to install/upgrade: Ð¿Ð¾Ð´Ð¿ÑÐ¾ÑÐµÑÑ ÑÑÑÐ°Ð½Ð¾Ð²Ð»ÐµÐ½ ÑÑÐµÐ½Ð°ÑÐ¸Ð¹ post-installation Ð²Ð¾Ð·Ð²ÑÐ°ÑÐ¸Ð» ÐºÐ¾Ð´ Ð¾ÑÐ¸Ð±ÐºÐ¸ 1" [Undecided,New] https://launchpad.net/bugs/776202
<twb> Please make logs with LC_ALL=C so they're in English
<pracrash> how to make a bootable usb drive for windows 7 from ubuntu
<twb> pracrash: last time I looked, Windows did not support booting from USB
<pracrash> twb, really but my cd rom doesnt works is there any other solution
<ChrisBuchholz> pracrash twb: sure you can make a windows 7 usb pen (or drive)
<ChrisBuchholz> but i dont know about doing it from ubuntu
<pracrash> ChrisBuchholz, twb i searched in google there r but im a new user n ubuntu so i don kno
<ChrisBuchholz> pracrash: but it can be done. This guide shows how to make an usb-pen installer for windows, and how can you make an usb pen "bootable": http://www.intowindows.com/how-to-install-windows-7vista-from-usb-drive-detailed-100-working-guide/
<ChrisBuchholz> maybe it can help you
<pracrash> ChrisBuchholz thanks man
<pracrash> ChrisBuchholz, but is there any way to make it from ubuntu
<pracrash> ChrisBuchholz, cuz the link u gave only has how to make from windows
<twb> Really oneiric ?  Do you expect the unwashed to even be able to SPELL that correctly?
 * twb grumles
<twb> *grumbles
<maxb> Mark Shuttleworth is expanding our vocabularies, one adjective at a time? :-)
<twb> At least it's not another synonym for dapper
<twb> GOod heavens, natty's installer has a magenta background instead of blue
<maxb> That amused me too :-)
<ChrisBuchholz> pracrash: as i said, i dont know how to make from ubuntu. But it can might give you some ideas
<twb> I would use lucid except fb=false is broken in lucid d-i :-/
<twb> Can you do an oem install from d-i?
<twb> Where's the syslinux file from a conventional install CD...
<twb> Looks like I just ensure the preseed installs oem-config
<uvirtbot> New bug: #776226 in mysql-5.1 (main) "package mysql-server 5.1.54-1ubuntu4 failed to install/upgrade: Ð¿ÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð·Ð°Ð²Ð¸ÑÐ¸Ð¼Ð¾ÑÑÐµÐ¹ -- Ð¾ÑÑÐ°Ð²Ð»ÑÐµÐ¼ Ð½Ðµ Ð½Ð°ÑÑÑÐ¾ÐµÐ½Ð½ÑÐ¼" [Undecided,New] https://launchpad.net/bugs/776226
<twb> OR, I include oem-config-udeb in the installer component list
<pimperle> after installing 11.04 server and selecting de:nodeadkeys during installation, the keyboard layout is set to us per default. How can i fix this?
<pimperle> is this a known issue (i couldn't find anything related on lp)
<twb> 16:37 <STF> twb; you wasn't totaly wrong, but it is console-data, which need to be installed an reconfigure ;)
<twb> pimperle: dpkg-reconfigure console-data
<pimperle> twb: console-data is not installed
<twb> Then I guess you need to install it
<pimperle> twb: after installation i could select the correct layout, but it didn't change / fix the problem
<twb> Shrug
<pimperle> now i tried reconfigure and it worked... lets see, if it sustains a reboot
<pimperle> after a reboot the changes are gone
<twb> 16:18 <twb> I suppose you might not have the relevant packages installed, but unless you've gone through removing things, you should have them
<twb> 16:18 <twb> IIRC they would be console-setup, xkb-data, and kbd or console-tools
<pimperle> the box was freshly installed, so i can say i didn't manually remove them
<pimperle> i'll check if they are installed
<pimperle> all are there
<pimperle> i already noticed this behaviour on the betas and it didn't vanish
<pimperle> #740818 is the same issue
<pimperle> but it doesn't seem to get a lot of attention
<Kream> Hi all, when I try and boot Ubuntu Server 10.04.02 LTS I get the error : No common CD-ROM drive was detected . anyone know how I can fix this?
<twb> put a CD in?
<Kream> lol
<Kream> its a bug
<Kream> that first came up in 8.04
<uvirtbot> New bug: #776297 in libgoogle-collections-java (main) "Sync libgoogle-collections-java 1.0-2 (main) from Debian unstable (main)" [Wishlist,New] https://launchpad.net/bugs/776297
<amero> does anyone have any idea why rsync seems to always fail to files/dirs permission
<amero> --chmod=Da+rwx,Fa+wr
<amero> am i missing something?
<pmatulis> amero: dunno, never tried --chmod with rsync, i'm guessing you don't have the permissions to do that
<amero> don't have the permission? im syncing folders in the same user acc as i run rsync with
<pmatulis> amero: use --verbose to get more info
<pmatulis> amero: --chmod will have no effect if --perms is not also used
<amero> not much useful info. just list of folder/files being synced
<amero> and these
<amero> sent 31787052 bytes  received 755 bytes  21191871.33 bytes/sec
<amero> total size is 31780310  speedup is 1.00
<amero> that's what it showed with the verbose flag
<pmatulis> amero: what is the complete command you're using?
<amero> nice -n 19 rsync -r --chmod=Duo+rwx,Fa+wr --delete --delete-excluded --size-only --verbose --exclude-from '/home/user/serverfiles/sync_exclude.txt' syncthis/ /home/user/rsynctest/
<pmatulis> amero: right, so use --perms
<pmatulis> amero: this is the global directive to manage permissions
<pmatulis> amero: usually used to preserve source permissions
<pmatulis> amero: but if you're creating your own, you still need that option
<amero> aha it works now :)
<amero> is it possible to exclude or auto delete empty dirs in the dest dirs?
<amero> their contents get excluded by the exclude list but rsync created those folders anyway
<pmatulis> amero: probably, read the man page (that's how i answered your first question)
<amero> :p
<zul> morning
<hggdh> moi zul
<zul> hey hggdh you are up early
<hggdh> aye
<liekzomg> anyone tried luks on raid5? i'm getting like 1/6th non-encrypted performance. any pointers in the right direction would be appreciated.
<patdk-wk> liekzomg, luks is limited to a single cpu, per luks volume
<liekzomg> patdk-wk: it's only using like 5% cpu in top
<STF> how can i manipulate the keymap.sh in that way that i have my german layout
<RoAkSoAx> lynxman: howdy! So I was looking into the orchestra stuff and I was wondering if the import script should be setting the preseed automatically?
<lynxman> RoAkSoAx: hey :)
<lynxman> RoAkSoAx: it does set the preseed automatically afaik
<lynxman> RoAkSoAx: there's an import-isos script that takes care of that, I think it's not running on install though
<lynxman> RoAkSoAx: we're working towards having orchestra stable for next week's event
<RoAkSoAx> lynxman: cool. I have installed it yesterday (only the provisioning server) and seems stable enough to me so far
<lynxman> RoAkSoAx: we're still missing some pieces, rsyslog and collectd and also polish a bit the puppet integration
<RoAkSoAx> lynxman: and importing mini ISO's is not setting the preseed automatically because the script imports mini.iso's. But I'll take care of that ;)
<lynxman> RoAkSoAx: yeah, that's the bug we filled up, I think you're following that one up right?
<RoAkSoAx> lynxman: yeah but i've seen you guys have done quite a bit already so I don't think you'll have major issues.
<lynxman> RoAkSoAx: yeah the week with kirkland was extra fruitful
<RoAkSoAx> lynxman: yeah I already release a fix for the mini iso import though, the issue is given when trying to create repos. Since the mini.iso does not have any info about it, then we still have to import it by specifying breed and os_version, and we need to speicfy kickstart too
<STF> hi i need to know how to manipulate my ubuntu-server that i have my de-latin1-nodeadkeys and not the stupid, through bugs in the install routine setted, qwerty-default
<STF> can anyone of you give me a step-by-step introduction, cause reconfigure console-data, or sth else doesn't work
<zoopster> STF: "sudo dpkg-reconfigure console-setup" will allow you to select the keyboard you want if you chose the wrong one during the install
<dob_> somebody using mysql with ipv6?
<dob_> I am using ubuntu 10.04 and want that my mysql server listens on the ipv6 interface.
<STF> zoopster: you don't listening to me that doesn't work, and i am do not know why, in the procedure of console-setup, i won't get the question after layout it self
<zoopster> STF: you are right. I'm reading and you never said you used dpkg-reconfigure console-setup so good luck.
<STF> zoopster: sry for failing information
<Steve[cug]> question for you guys.  anyone happen to know the success rate offhand of upgrading from 10.10 to 11.04 using do-release-upgrade?
<zoopster> 50% - either it works or it doesn't
<zoopster> just kidding...doubt there are metrics on it - it's word of mouth
<Steve[cug]> >.<
<zoopster> in testing they likely need a pretty high success rate
<Steve[cug]> yeah well I have been burned in the past when trying to go LTS to LTS
<Steve[cug]> im hoping going from release to release is a bit easier
<zoopster> there are many factors as you know so your mileage may vary
<Steve[cug]> yeah
<zoopster> I've not had much trouble, but my setup is rather simple
<Steve[cug]> most of my VMs are pretty simple.  the only thing even marginally complex is the KVM server
<Steve[cug]> KVM + LVM for disk
<zoopster> it's impractical to test all of the possible scenarios
<zoopster> STF: if you know the layout, then just change /etc/default/console-setup and restart it
<STF> zoopster: where need i change /etc/default/console-setup
<zoopster> STF: in my 10.10 server the last section is the keyboard configuration section but I don't know the exact syntax you need for your keyboard layout so you'll need to search on it  - that's why using the reconfigure option helps with it's picklist
<STF> zoopster: i am not sure if did the right things in the right order, or if had only luck. now i have my german layout
<zoopster> STF: well...computers don't know about luck so you must have done the right thing.
<STF> zoopster: first i had edit the /etc/default/keyboard, than i run dpkg-reconfigure keyboard-configuration, after this i run dpkg-reconfigure console-setup, and now it is fine
<STF> zoopster: maybe and here i am not sure, but i also the reconfigure of console-setup at beginning, but this i think should not have any effects on the following commands
<uvirtbot> New bug: #488696 in autofs5 (main) "syntax error in nsswitch config near [ syntax error ]" [Undecided,Fix released] https://launchpad.net/bugs/488696
<dob_> is there already any 5.5 backport for mysql?
<MTecknology> Is there much difference in performance between Ext4 with journaling turned off and Ext2?
<patdk-wk> damn :( imp 5.0.2 broke :(
<patdk-wk> mtecknology, yes, but not much, mainly just extents
<patdk-wk> oh, performance :)
<patdk-wk> dunno
<ikonia> well, my session with Ungika went nowhere, it ended with him saying "I'll hack the ban and change ip"
<ikonia> dissapointed
<ikonia> oops, wrong channel
<ppetraki> MTecknology, you're assuming that EXT4 hasn't made any improvements in other areas in the meantime.
<ppetraki> MTecknology, best way to find out is test
<ppetraki> MTecknology, just for the sake of supportability, you might want to stick with the newer incarnation of the filesystem
<MTecknology> ppetraki: the system we're dealing with defaults to installing with ext2; that's why the curiousity
<ppetraki> MTecknology, it's a curious observation, though short of an FS expert, the next best way to get the requisite data is to test, or ask on the ext mailing list
<Angryfurby> morning guys i am having a issue of apache on ubuntu 10.10 not loading the correct certificates
<Angryfurby> even though the  configs are correct
<axisys> it does not look like motd gets updated..
<axisys> it is showing old message
<axisys> 20 packages can be updated.
<axisys> 7 updates are security updates.
<axisys> I already updated them few days ago
<axisys> it is 10.04.2 LTS
<Angryfurby> does anyone know what ubuntu renamed the httpd binarys too
<zul> apache2
<Angryfurby> how do i run the httpd -S command on ubuntu
<Angryfurby> sorry newbie question
<zul> apache2 -S
<tsrk> When I try to "modprobe amd64_edac_mod" I get this error: "FATAL: Error inserting amd64_edac_mod (/lib/modules/2.6.38-8-server/kernel/drivers/edac/amd64_edac_mod.ko): No such device". Why is this happening?
<RoAkSoAx> kirkland: where you able to test squid-deb-proxy?
<kirkland> RoAkSoAx: arg, no, i had to reinstall my desktop yesterday
<kirkland> nijaba: are you filing (or have you filed) blueprints for PaaS stacks for UDS?
<Angryfurby> anyone know how to fix apache2: bad user name ${APACHE_RUN_USER}
<RoAkSoAx> kirkland: no worries ;). just let me know if you want me to work on something related before UDS
<kirkland> RoAkSoAx: how about a wiki page in http://help.ubuntu.com/community/Cobbler ?
<kirkland> RoAkSoAx: with a step-by-step how-to on getting Cobbler running on 11.04?
 * RoAkSoAx checks
<kirkland> RoAkSoAx: *that* would be outstanding before UDS ;-)
<RoAkSoAx> kirkland: sure I can do that
<kirkland> RoAkSoAx: poke me as soon as you do, and I'll walk through the instructions and enhance as necessary
<RoAkSoAx> kirkland: will do
<kirkland> RoAkSoAx: rock
<koolhead17> zul: ping
<zilleplus> any1 who could help with configuring a ircd-hybrid server?
<zul> koolhead17: pong
<koolhead17> zul: saw your blog regarding cobbler install on natty.
<zul> koolhead17: cool
<koolhead17> I am also following http://michaeldehaan.net/2009/09/17/travelling-linux-lab-controller-in-a-box/ blog. i wanted to know do i have to manually install dhcp server?
<koolhead17> i am not touching koan as of now :P
<koolhead17> i just need to see PXEinstall running via virtualbox enviornment
<koolhead17> i find the GUI for the same overloaded with infos so what will be your suggestion :)
<RoAkSoAx> koolhead17: as a matter of fact I'm in the process of writing documentation on how to get cobbler up and running, and importing ISO's
<RoAkSoAx> koolhead17: deploying VM's with koan in KVM
<RoAkSoAx> etc
<koolhead17> RoAkSoAx: cool. when is it coming?
<koolhead17> wanna give it a try on virtualbox right away :P
<RoAkSoAx> koolhead17: I expect it to have it finished in the next couple of days
<koolhead17> RoAkSoAx: nice. but can you suggest me if i really need to install dhcp server saperately? i don`t want koan to run pxe install i suppose. koan creats a virtual bridge as well
<Blulix> Um hey.
<RoAkSoAx> koolhead17: koan uses a virtual bridge
<koolhead17> RoAkSoAx: yes. i want to know in order to use simple PXEinstall(without koan) do i need to install dhcp server as well on system which has cobbler installed?
<RoAkSoAx> koolhead17: in KVM for example, you need to PXE from a VM that uses br0 (the bridge), while with koan, we can make the VM use both, the bridge (br0) or NAT (virbr0)
<RoAkSoAx> koolhead17: yes you would need a DHCP server somewhere, not necessarily in the machine running cobbler
<RoAkSoAx> koolhead17: however, you need to tell that dhcp server that the PXE is the machine running cobbler
<koolhead17> RoAkSoAx: /etc/cobbler/settings
<uvirtbot> New bug: #776558 in tomcat6 (main) "Sync tomcat6 6.0.32-3 (main) from Debian unstable (main)" [Wishlist,New] https://launchpad.net/bugs/776558
<koolhead17> and i can use the dhcp template available with cobbler to run my dhcp server at same time
<RoAkSoAx> koolhead17: by default in the installation you won't need a dhcp server
<RoAkSoAx> koolhead17: for example, in my case, my DHCP server is a router running dd-wrt. For it to allow me to PXE, I need to tell my router's DNSMasq that the PXE server is *another* machine
<koolhead17> hmm but when am defining my system i have to tell it the IP it should use?
<RoAkSoAx> koolhead17: so, I added this as additional DNSMasq options = "dhcp-boot=pxelinux.0,,192.168.X.X" where 192.168.X.X is the address of my cobbler server
<RoAkSoAx> koolhead17: so, I added this as additional DNSMasq options = "dhcp-boot=pxelinux.0,,192.168.X.X" where 192.168.X.X is the address of my cobbler server
<koolhead17> it mean i should not install saperate dhcp server
<RoAkSoAx> koolhead17: if you don't have a DHCP server already somewhere in the network, yes you need one
<RoAkSoAx> koolhead17: if you *do have* one already, then you don't need one. You just need to tell it to use the cobbler server as the PXE server
<koolhead17> RoAkSoAx: i will install one, then and put the same credentials in inside the cobbler settings file.
<RoAkSoAx> koolhead17: i haven'
<koolhead17> RoAkSoAx: https://answers.launchpad.net/cobbler/+question/155633  i also have this issue
<RoAkSoAx> koolhead17: i haven't personally used cobbler with DHCP, but let me know how it goes!
<koolhead17> RoAkSoAx: doing right away
<koolhead17> i will simply install cobbler not koan though :P
<RoAkSoAx> koolhead17: that's nothing to worry about
<koolhead17> ooh ok
<koolhead17> lemme install cobbler then
<koolhead17> RoAkSoAx: aah. my modem has dhcp server running. :)
<Blulix> Is there anyone here with the time to help me sort of a problem or two with this cloud/cluster setup?
<RoAkSoAx> koolhead17: ahh that might be a problem if you are not able to tell your DHCP server that the PXE server is your cobbler machine
<RoAkSoAx> @ask | Blulix
<RoAkSoAx> !ask | Blulix
<ubottu> Blulix: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-)
<Blulix> Uh okay? Just wondered since this is ubuntu-server, but there's not many active people in ubuntu-cloud
<RoAkSoAx> Blulix: yeah just ask your qestion and if someone knows the answer we'll be happy to help ;)
<koolhead17> Blulix: :)
 * koolhead17 is on ubuntu-cloud too :P
<Blulix> Ehehe, I'll try to summarise then.
<koolhead17> sure :P
<marrusl> RoAkSoAx, o/
<Blulix> Basically I have my controller and node controller connected to my router which is on the internet but during node controller install it refuses to see the controller and if i type in the controller host name it then sees it but says that walrus isn't running or something, even though the controller has everytbign except the node-controller installed.
 * Blulix just realised that isn't actually a question. xD
<koolhead17> is it eucalyptus
<Blulix> Yup
<RoAkSoAx> marrusl: o/
<RoAkSoAx> Blulix: have you tried to register everything manually?
<RoAkSoAx> marrusl: how's it going?
<Blulix> RoAkSoAx: Yes, and that causes another myriad of problems where it sees the node but refuses to connect to it becuase the creds are missing even though they arent. >.>
<RoAkSoAx> Blulix: what ubuntu release are you running?
<Blulix> 10.04
<RoAkSoAx> Blulix: uhmmm I think that the keys are synced in the wrong place then
<RoAkSoAx> I remember seeing something similar
<RoAkSoAx> though I don't recall what was the exact fix
<marrusl> RoAkSoAx, things are good.  busy but good.  you?
<RoAkSoAx> marrusl: pretty good actually, not as busy as you I pressume :) (at least not yet)
<marrusl> RoAkSoAx, haha.  well, it comes in waves sometimes.  it's gotten quieter since our sprint.  if only there were no customers calling.
<koolhead17> RoAkSoAx: by any chance i have to disable apparmor in order to get dhcp working without any issue :D
<RoAkSoAx> marrusl: hehehe I guess that's one of the benefits of being in my position (not having to deal with customers as much as ytou do :))
<RoAkSoAx> koolhead17: I don't really think so
<marrusl> actually, speaking of that I have a question (for anyone really)...  /etc/network/if-up.d/ethtool.  it seems like it's not running at all or at the right time on boot up.
<jdstrand> dhcp should work just fine with apparmor enabled (client and server). if not, file a bug
<Blulix> Actually, is there possibly another system I could use for a cluster running client VM's?
<marrusl> they're trying to apply HARDWARE_DMA_RING_ rx 512 via /etc/network/interfaces
<uvirtbot> New bug: #776579 in samba (main) "package samba 2:3.5.8~dfsg-1ubuntu2.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/776579
<marrusl> it doesn't apply on boot, but if you ifdown and back up, they apply.
<marrusl> might be a question for #upstart :)
<koolhead17> jdstrand: sure
<marrusl> ugh.  i didn't even look for a bug first.  maybe I should do that first. :)
<koolhead17> RoAkSoAx: are you using web interface for your work? i find it with soo many options :)
<RoAkSoAx> koolhead17: I use both (command line and the web interface)
<koolhead17> ok
<RoAkSoAx> marrusl: you going to UDS this time?
<InYourGroove> can anyone help me with a ubuntu server ec2 instance?
<patdk-wk> InYourGroove, dunno
<marrusl> RoAkSoAx, yes!  leaving on saturday.
<RoAkSoAx> marrusl: cool, same here
<marrusl> excellent.
<RoAkSoAx> marrusl: I'm actually flyiung to NY first
<marrusl> RoAkSoAx, are you flying from JFK saturday night?
<RoAkSoAx> marrusl: morning... flight to budapest leaves afternoon
<RoAkSoAx> marrusl: flight to budapest leaves at 6:40, maybe we are in the same flight?
<marrusl> RoAkSoAx, aha.  yup.  same flight.
<RoAkSoAx> cool
<marrusl> RoAkSoAx, Roberto from presales will be there too.
<marrusl> RoAkSoAx, so we'll have company trying to figure out what the heck is going on when we get there :)
<RoAkSoAx> marrusl: there's quite a few other ppl
<RoAkSoAx> marrusl: I know of at least 2 other ppl from florida in the same flight. One is community member though
<marrusl> RoAkSoAx, ah, right... makes sense.  i'm so lucky I have a single direct flight  :-D
<RoAkSoAx> marrusl: hehe yeah you're lucky as most flights to europe are either from JFK or Ohare
<marrusl> JFK++
<RoAkSoAx> marrusl: as long as my bags don't get lose I'm fine with layovers
<RoAkSoAx> marrusl: last time coming from austing I left like 9.30 and arrived to MIA like 10.30
<marrusl> RoAkSoAx, that's the danger I guess.
 * RoyK just setup a nice quad-server-box, 2U thing from supermicro with 4 mobos with 64GB and 2 x 12-core opterons - COOL
<marrusl> RoAkSoAx, yes.   I also had a *grueling* 43 minute flight from NY to MTL for the sprint.  so tired after that.  ;)
<RoAkSoAx> marrusl: hehe well I guess those just oour "occupational hazards"
<RoAkSoAx> hehe
<RoAkSoAx> s/our/our only
<marrusl> RoAkSoAx, yep.  actually UDS this time will be my first big jet lag for work.  i've been lucky so far.
<RoAkSoAx> marrusl: don't sleep when we get there. Try to stay awake you wont be jetlagged the rest of the week
<RoAkSoAx> marrusl: I did that when we went to Belgium...
<RoAkSoAx> and had an amazing, not jetlagged week
<marrusl> RoAkSoAx, nice.  I will give it a try.
<marrusl> I can't reproduce my customer's ethtool error it seems.  grrr.
<RoAkSoAx> the weirdness of upstart
 * marrusl zips lip.
<remix_tj> hi guys! anyone working with vmware esx?
<remix_tj> every time i upgrade kernel of a vm i need to reinstall vmware tools... any idea on how to avoid this?
<zul> marrusl: i usually go walk around the hotel when i get there
<RoAkSoAx> marrusl: btw.. where you guys able to test the CLC HA??
<marrusl> zul, my walk will probably go as long as it takes to find a good bar.
 * RoAkSoAx wants to check the city
<zul> marrusl:  to each their own ;)
<marrusl> RoAkSoAx, I haven't.  You might ask TREllis or TeTeT.
<marrusl> :-/  sorry!
<RoAkSoAx> marrusl: well I guess it doesn't make muchg sense now since Eucalyptus will release their own HA stuff
<marrusl> zul, maybe I'll hold off right off the plane though, it will be morning.  :)
<zul> marrusl: heh hasnt stopped me before
<marrusl> RoAkSoAx, well, there's that.  bet you learned more than you wanted to know about Euca working on it!
<RoAkSoAx> marrusl: yeah you can say that hehe
<RoAkSoAx> marrusl: i think they probably learned more about HA after doing that
<RoAkSoAx> (after I released the blogpost and saw that it is simple to do HA ;) )
<marrusl> ok, off to do some dishes before my wife gets home!
<RoAkSoAx> marrusl_afk: hahah enjoy!!
<uvirtbot> New bug: #768296 in cloud-init "Setting hostname via config is not reflected in /etc/hosts" [Medium,Confirmed] https://launchpad.net/bugs/768296
<uvirtbot> New bug: #776632 in samba (main) "package samba 2:3.5.8~dfsg-1ubuntu2.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/776632
<bastidrazor> i'm using unbound to serve my LAN with dns resolving.. if i get a servfail on a well known website *facebook.com ..how do i tell it, hey stupid facebook is at IP: ......
<ahs3> bastidrazor: there's probably several ways to do that with unbound.  i think i'd find out why you got a servfail first, though.
<bastidrazor> ahs3: how might i accomplish that?
<Defusal_> hi everyone, can anyone tell me how you deal with your servers dns suddenly dying, even though the dns servers are still functional?
<ahs3> bastidrazor: dig is your friend -- e.g., dig @server A www.facebook.com
<uvirtbot> New bug: #776642 in php5 (main) "segfaults from  5.2.4-2ubuntu5.15" [Undecided,New] https://launchpad.net/bugs/776642
<bencc> I think I'm hitting max open file descriptors limit in my server
<bencc> "sudo cat /proc/sys/fs/file-nr" gives me "1024 0 38001" and it doesn't go over 1024
<bencc> I thought that the 1024 limit is per user
<bencc> on my server several users are using the file descriptors so how do I hit the limit?
<alamar> depends on your configuration? limits.conf or cgroups
<bastidrazor> ahs3: weird. all is working well now. i was using dig beforehand as well.
<bencc> alamar: in /etc/security/limits.conf I have "root hard nofile 30000" and "root soft nofile 30000"
<bencc> alamar: "ulimit -a" gives me 1024
<alamar> did you login as root?
<bencc> alamar: no, but I'm using sudo
<ahs3> bastidrazor: very possible.  unbound does pre-fetching of some entries and does some other optimizations so it's possible that it took a bit for the cache to fill
<alamar> bencc: as root you can change the ulimits anyway. as user you cannot define your ulimits. ulimits are set on LOGIN. so sudo doesnt change your limits
<bencc> alamar: I didn't know that
<bencc> alamar: I still don't understand why am I hitting the 1024 limit if each user uses only part of it
<bencc> I thought the 1024 limit is per user and not a global limit
<bencc> "more /proc/sys/fs/file-max" gives me 38001
<alamar> bencc: depends on the limit configuration in your limits.conf
<alamar> and or other restrictions by your environment (like openvz/cgroups or whatever)
<bencc> in /etc/security/limits.conf I have "root hard nofile 30000" and "root soft nofile 30000"
<bencc> I'm running ubuntu on slicehost. not sure about openvz/cgroups
<RoyK>  21:45:48 up  5:00,  2 users,  load average: 24.51, 24.42, 22.64
<JanC> RoyK: cool  :P
<JanC> (well, probably things are getting hot instead)
<RoyK> JanC: it took those scientists a couple of hours to fill all the new compute nodes to the rim
<RoyK> 96 cores in 2U is rather nice :D
<JanC> RoyK: wait, how many cores do you have?  :P
<JanC> lol
<RoyK> it's four 2x12core + 64GB RAM servers in 2U
<JanC> so 24 is 30% usage or so?  âº
<RoyK> JanC: no, that's per node
<JanC> ah
<JanC> right
<RoyK> so a total of 96 cores and 256GB RAM in 2U
<RoyK> pretty dense
<JanC> uhu
<JanC> 24 cores & load 24 is nice
<RoyK> we have another 24core pizzabox and an older 16core pizzabox (1U both)
<JanC> so, you playing Doom on it?  :P
<RoyK> nah - met models, mostly
<RoyK> backed by 60TB of storage, perhaps half of it in use atm
<JanC> RoyK: when I talked to some guy from sara.nl some years ago, they also did "mostly" scientific stuff, but also an occasional game of Quake in their VR room to "test" it  ;)
<RoyK> lol
<RoyK> perhaps I should try that ;)
<JanC> they do have slightly more computing power than you have though
<RoyK> I can guess - I'm working for nilu.no - not too much compute power needed here yet
<RoyK> but the more they get, they more they crave....
<JanC> haha
<JanC> RoyK: not using graphics cards for computation?
<RoyK> a year back, we had something like 10% of what we have now, but then, the more power, the better the models get, and the more data they feed the models, the more CPU power they need, et cetera, et cetera, ad infinitum
<RoyK> JanC: we're not there yet, a lot of the models are still based on old f77 code. they're working on rewriting that
<soren> Jevons paradox
<soren> When you acquire or discover more efficient ways of doing "stuff" you just end up doing more of it.
<JanC> http://www.engadget.com/2009/12/14/university-of-antwerp-stuffs-13-gpus-into-fastra-ii-supercompute/ --> 12 teraflops on a 6000 â¬ "supercomputer"
<soren> Not *exactly* the same, but very much similar.
<RoyK> soren: well, I'm not sure that's the case - in a met model, if you can use smaller cells, you get far better results
<RoyK> but I know - GPUs are the best way as of now - we just don't have the code for it (Yet)
<adam_g> window 6
<RoyK> adam_g: add a / to that
<adam_g> of course!
<RoAkSoAx> lol
<JanC> RoyK: in theory GPUs aren't as fast as possible, but they easily beat other vector processors in price/performance because of volume
<JanC> because of volume of sales
<RoyK> JanC: I know, and modelling windfields, which is the thing they mostly do, is the perfect application for GPUs
<JanC> putting a GPU-like processor on a multiprocessor bus instead of on PCI/PCIE would make them even more performant  ;)
<RoyK> pci-e is pretty fast, though
<RoyK> so long as you have enough local memory for the GPU
<RoyK> hm... running at 100% for an hour or so, these half-width 1U units show a system temperature of 53 degrees C (2x12-core opterons)
<RoyK> not that bad
<JanC> that's inside the case?
<JanC> not bad
<RoyK> JanC: as reported by IPMI
<RoyK> aka ILOM aka ALOM aka iLO
<RoyK> aka BMC...
<RoyK> supermicro ILOM is pretty neat - remote console to all four machines earlier today with vitual media - an .iso file with ubuntu 10.04 server x64 - installing all of them in less than an hour - all at once
<RoAkSoAx> kirkland: is the approach to use cobbler assuming that there's already a DHCP server on the network, or use cobbler as the DHCP too?
<JanC> RoyK: my SuperMicro board doesn't have ILOM, but then again, it's a workstation board, not a server board  ;)
<RoyK> all (or most) of supermicro server boards have IPMI
<JanC> there is software-based IPMI for the workstation boards
<RoyK> I have two supermicros without it, one is two years old, the other with a desktop board
<RoyK> that doesn't count :P
<JanC> right
<JanC> hardware-based would have been cool, but probably somewhat uncommon for a desktop  ;)
<RoyK> no need for that for most desktops, though
<JanC> RoyK: it could be useful in large companies
<JanC> with centralised IT
<koolhead17> RoAkSoAx: around
<RoyK> JanC: there are some systems for that - centralised desktops - get a 1U system with  VGA over TP and centralise it all
<RoyK> even for high-end graphical workstations
<RoAkSoAx> koolhead17: yes
<koolhead17> RoAkSoAx: am having strange issue in configuring the standalone dhcp server
<RoAkSoAx> koolhead17: how so
<JanC> RoyK: well, I have played FPS games on a multiseat...  ;)
<RoyK> hehe
<koolhead17> RoAkSoAx: no subnet declaration for eth0(ip) and also not configured to listen on any interface.
<JanC> unfortunately that's getting more & more complicated since XGL is abandoned...
<RoAkSoAx> koolhead17: you might wanna follow: https://help.ubuntu.com/11.04/serverguide/C/dhcp.html and add the following to point to the cobbler server:
<RoAkSoAx>  next-server 172.28.1.103; filename "pxelinux.0"
<RoAkSoAx> ;
<RoAkSoAx> koolhead17: in different lines. anyways I'm off to lunch
 * RoAkSoAx starving
<koolhead17> ok.
<RoyK> JanC: what about aigxl?
<JanC> RoyK: that's not a nested X server that supports GL
<RoyK> JanC: sorry, I don't get it - what's the difference?
<JanC> RoyK: putting different users on each head of a multi-head graphics cards
<RoyK> IC
<JanC> current max. is 14 users on 7 dual head nvidia cards; and only Asus has a mobo with 7 16x PCIE slots
<RoyK> perhaps redhat comes up with a solution for that for just $1k per user per year :P
<JanC> AFAIK  ;)
<RoyK> JanC: IIRC supermicro has one too
<RoyK> or at least 6x
<RoyK> we have a few of those
<JanC> there are several that have 6x
<JanC> but my knowledge might be outdated
<JanC> I remember telling the owner of the company that sells Ubuntu multiseats here in Belgium about the 7x mobo last year
<JanC> (he's a sponsor of our locoteam)
<RoyK> that current max, is that om XGL or AIXGL?
<JanC> XGL
<RoyK> on AIXGL, what would you get?
<JanC> probably 7
<RoyK> wtf did they change that?
<JanC> AIGLX never was a nested X server
<RoyK> I'd guess you could go even further with a proper board
<RoyK> ic
<JanC> and xephyr & xnest don't support GL
<JanC> and ATI graphics cards don't support XGL (they have triple head cards)
<JanC> http://www.multiseatcomputer.be/multiseat-voor-twaalf-gebruikers.html to see some pics of a 12-seat machine  ;)
<RoyK> I don't get it - what's the point of something with X not supporting GL nowadays?
<JanC> it's not that simpel I guess
<JanC> simple
<JanC> 410 W for 12 users
<RoyK> if XGL did it, and the source is open, it should be pretty simple to redo it
<RoyK> heh so < 40W per user (minus the monitor, I guess)
<JanC> well, somebody was working on GL support in Xephyr last year, but...
<JanC> RoyK: including the monitors AFAIK
 * RoyK still guesses redhat will come up with a 'genuine solution' soon that will cost a lot
<talcite> hi. Is there any way to show the differences between a config file from a repo package and the current config file?
<RoyK> talcite: if you've installed the package and then changed the config, not directly, but you could move the config file to somewhere else and reinstall the package (apt-get remove --purge xxx; apt-get install xxx), or perhaps install the source code for the package (apt-get source xxx) and find the config file and look for changes
<talcite> RoyK: ah. Can't do that. It's a production server
<RoyK> talcite: then install the source and look for the config file
<talcite> RoyK: hmm I can do that. Thanks!
<RoyK> the source will install in current directory (from where you run apt-get source)
<talcite> I see. I'll keep that in mind.
<vorlov> hello
<vorlov> can anyone help me w/ a slight problem on aws>
<vorlov> ?
<vorlov> there seems to be a problem with the new natty ami
<JanC> !help
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-)
<vorlov> I have an ec2 setup with natty ami , 64bit EBS... whenever i "stop" (shutdown) the instance, it can never recover again
<vorlov> it loads up with mounting problems and then kills itself restarting again and again...
<vorlov> here's the startup log excerpt: http://pastebin.com/Acv87Cdr
<vorlov> any ideas how to battle that?
<vorlov> reboots work fine, until the first shutdown... from the first shutdown one cannot recover...
<vorlov> i forgot to mention this is done on an "m1.large"
<koolhead17> jdstrand: apparmor is creating the issue with permission denied mknod
<teb7030> hi. I was wondering if anyone had some input on my installation problem : Im trying to install ubuntu server 11.04 on a brand new HP DL380G7 via a usb key. Under the installation menu, if i select installl or boot via usb, i get a screen blink, then nuthing happenes.. anyone have any idea?
<metalf88011> teb7030 how long are you waiting and what did you use to make the USB installer?
<teb7030> metalf88011 : i used that tool ubuntu linked on their website
<teb7030> metalf88011 : the menu came up straight after boot, install, boot via usb.. etc.. both blink with a flash (tried 10.4 too) same issue
<metalf88011> There are 2 did you use Unetbootin?
<metalf88011> did the flash driving come with U3 on it?
<RoyK> http://www.youtube.com/watch?v=zP0sqRMzkwo
<teb7030> metalf88011 : used Universal usb installer
<teb7030> metalf88011 : no u3 on it
<jdstrand> koolhead17: ok, please file a bug against the source package (dhcp3 or isc-dhcp) and add the 'apparmor' tag. please include your dmesg/kern.log as well and if it is a non-standard configuration, your dhcpd.conf
<metalf88011> teb7030: Did you check the MD5SUM of the Ubuntu ISO after you downloaded it? This is most likely not the problem since you tried 2 different version but it still worth looking at
<koolhead17> jbernard: i will confirm it once from my side before reporting it as bug :)
<teb7030> metalf88011 : ill check that, and ill check with another usb key and another "burner" program
<metalf88011> I've had problems using USB drives for installing software in the past when with the same hardware a CD has work just fine
<vorlov> have you guys encountered a "no instance data found in start-local" trying to start ec2 w/ ubuntu
<vorlov> ?
<RoAkSoAx> kirkland: ping
<metalf88011> vorlov: I haven't sorry
<RoAkSoAx> kirkland: never mind :)
<vorlov> metalf88011: thanks anyways!
<metalf88011> sure thing good luck
<kirkland> RoAkSoAx: howdy
<RoAkSoAx> kirkland: haven't yet finished but is comming together
<RoAkSoAx> https://help.ubuntu.com/community/Cobbler
<kirkland> RoAkSoAx: sweet ;-)
<RoAkSoAx> kirkland: should be assume a DHCP server is in the network or should cobbler be the DCHP serveR?
<kirkland> RoAkSoAx: hmm, well, that's a toughie
<kirkland> RoAkSoAx: i don't think we can automatically be the DHCP server
<kirkland> RoAkSoAx: we should debconf that, eventually
<kirkland> RoAkSoAx: perhaps even check on the network if there's already a DHCP server
<RoAkSoAx> kirkland: i;ll just add a pointer that if there's an external DHCP to configure it to point to cobbler as the PXE then for now
<kirkland> RoAkSoAx: and set the default answer in debconf accordingly
<kirkland> RoAkSoAx: right
<kirkland> RoAkSoAx: we could put a screenshot for something like dd-wrt, and pointers to how to configure other DHCP servers
<RoAkSoAx> kirkland: will do
<RoAkSoAx> kirkland: and yeah, maybe autodetecting a DHCP server and configuring accordingly would be awesome
<metalf88011> teb7030 Ubuntu has it's own program for making Live USB keys called " Startup Disk Creator" but I think you need to be running Ubuntu or another version of Linux to be able to use it
<apocalipsys> Hi everyone
<apocalipsys> have anyone tried to install mysql cluster?
<apocalipsys> anyone?
<apocalipsys> noone?
<SpamapS> apocalipsys: yes
<SpamapS> apocalipsys: I'm guessing you had problems because it conflicts w/ the mysql clients / libraries
<apocalipsys> actually i'm wondering to have a good guide to beging a test with 3 mysql server
<apocalipsys> s
#ubuntu-server 2011-05-04
<apocalipsys> as much as i read 1 will be the master and the other 2 are storage
<madwill> is there an official way to make a file like index.html point to another file say zenlive.html ?
<SpamapS> madwill: several ways
<SpamapS> madwill: the most flexible way is to use mod_rewrite
<SpamapS> madwill: or, another simple one, just use a symlink (and turn on FollowSymlinks
<tsrk> How do I add kernel boot parameters?
<hallyn> tsrk: best is to add them in /etc/default/grub, then run update-grub
<hallyn> (add them to GRUB_CMDLINE_LINUX)
<tsrk> hallyn: Ok, thank you. What's the difference between ..._LINUX and ..._LINUX_DEFAULT?
<Calif> g
<Calif> er
<Calif> oops
<Calif> wrong win
<sjm> (Ubuntu 11.04) I don't know if this is exactly a "server" issue, but I started with the server install.  I then installed lxde on top, but every time I try to change the background on the lxsession, I get a segfault from X: http://pastebin.com/Gc9Jct0m
<hallyn> oh no, tsrk has skeedaddled
<hallyn> sjm: yeah best to go to #ubuntu-desktop with that
<sjm> hallyn, ok, thanks.
<habriel> hello i need help in this cfgmaker --output=/etc/mrtg/mrtg.cfg public@192.168.10.1
<habriel>      have set my ip from router
<habriel> i am setting mrtg in ubuntu server
<Macer> wow. eyeos2 seems to have come a long way
<Macer> think i am going to have to it up soon :)
<Macer> i just hate that it requires openoffice in order to export to odt
<Macer> well.. od*
<twb> Macer: eyeos?
<twb> habriel: you may prefer something newer, like collectd or munin or cacti
<twb> habriel: mrtg is pretty old-school
<Macer> twb: web based "OS"
<twb> Oh, one of those DEs in js
<Macer> well.. more of a UI than OS.. supposed to be open source cloud computing
<Macer> yeah
<twb> Bugger that shite
<Macer> they did quite a bit of work on it since i last tried it
<Macer> twb: i don't know it seems to work fairly well :)
<Macer> it is good for idiot proofing the way employees use their workstations heh
<Macer> zimbra was actually supposed to be good for that but wow has it just gotten worse and worse
<Macer> i think of all the things i have tried to figure out a web based solution for employees.. zimbra had to be about the biggest let down i have ever seen
<Macer> especially nowadays.. where they can't seem to get things to work right.. like the Instant Messaging.. so their solution was to simply eliminate it
<Macer> i hear they are removing their docs section too
<habriel> twb so you recommended cacti
<Macer> so i suppose it is just a glorified imap server with a web ui? :)
<twb> habriel: no because it's PHP
<twb> habriel: I definitely recommend collectd
<twb> Macer: the main things that non-free exchange clones provide you is calendaring and an outlook connector (outlook is crap at IMAP).
<habriel> i am looking a tool monitoring easy
<twb> Macer: unfortunately they also like to reinvent the distro in /opt
<Macer> twb: well zimbra concentrated on fixing their connectors than actually turning into something that was actually useful
<twb> Macer: I would recommend first looking at apple calendarserver (which is FOSS and in Ubuntu already), and replacing outlook with tbird.
<Macer> which was a shame because it had so so so much potential.. i was a huge fan up until right before 7.0
<Macer> twb: i would never use zimbra again
<twb> I've rolled out zimbra and scalix a few times, and I would never ever do so voluntarily
<Macer> not in the direction it is going now
<twb> Right!
<Macer> heh
<Macer> it seriuosly could have given exchange a run for its money if it didn't cnocentrate so much on trying to get it to work with exchange and only worked on its own thing as an alternative to exchange
<Macer> but they wanted to bite into the ms customers
<habriel> twb: do you have any guide for set collectd in ubuntu sever
<Macer> which i think was a poor business decision. they should have pushed their web interface and its ability to IM, file share, etc all in one spot.. along with fixing their docs
<Macer> instead they are eliminating im and docs... and i mean.. i don't see what good it is anymore as a "collaboration suite" without its ability to actually communicate and share documents. :)
<Macer> it was supposed to be a one stop interface requiring nothing but a web browser and even a slower small powered client .. it could have been amazing.. i would have used it for everything and pushed it onto everyone i came across .. but now they totally suck
<twb> habriel: I don't, but basically you install collectd-core (without rrdtool) on your spokes, and collectd-core (with rrdtool) on your hub.
<twb> habriel: then you instruct the spokes to send to the hub, and the hub to accept info from spokes
<Macer> so i am looking for alternatives and eyeos seems the closest to what zimbra should have been... :) need to set it up tomorrow and give it a real test run on my ubuntu server
<twb> habriel: then you instruct them as to what information to collect
<Macer> if i can figure out how to get it to properly export od* then i am happy
<twb> habriel: finally, you set up collection3 or some other visualization, so you can browse to a web page and see graphs of the data
<habriel> thanks twb i will try
<Calif> Is there a default dhcp server included in ubuntuserver, if so where can I find it?
<genii-around> !info isc-dhcp-server
<ubottu> isc-dhcp-server (source: isc-dhcp): ISC DHCP server for automatic IP address assignment. In component main, is optional. Version 4.1.1-P1-15ubuntu9 (natty), package size 392 kB, installed size 980 kB
<genii-around> Calif: Is not installed by default.
<Calif> I installed natty, does that mean I have it?
<Calif> ok
<Calif> crap
<Calif> I gotta do something real quick ill be right back to ask some more questions about tihs... namely how to do I get it? And further is there a simple way to derive the download link from something without gui, in cli?
<twb> Calif: (most) services are not installed by default.
<twb> Calif: try running "tasksel"
<twb> Calif: you should also read the Ubuntu Server Guide
<Calif> Brb sorry.. gotta step away for one min
<Calif> brb,..,
<ruben23> hi guys i have a domain name pointed to my server public ip adn i wanted it somehow to be mydomain name for myweb server using publci ip any idea how do i do it with Vhost
<julian_c> More of an Apache question (see #httpd), but...
<julian_c> Are you trying to run multiple sites with different domain names on the same running instance of httpd?
<lambda_x> how can i tell multipathd to recheck volume sizes?
<koolhead11> hi RoAkSoAx
<twister004> hi guys... im using mysqldump to backup some databases on my ubuntu server.... can I view some logs to ensure if the backup went through without any issues??.. please advise!
<dc5ala> twister004, you mean automated via cronjob?
<twister004> dc5ala...yes.. can I do a --log-error=filename?
<dc5ala> twister004, in your crontab you can put a line like MAILTO=twister004...
<twister004> dc5ala... what can I mail?.... which log file?
<dc5ala> twister004, you will get the output of the command via mail
<dc5ala> twister004, or you just redirect output of mysqldump into a file via ">" yourself when you run it
<dc5ala> or better, append it with ">>"
<twister004> dc5ala... can I just do a "sqldump -u <uname> -p <password> --opt --skip-lock-tables --databases info_schema > /mnt/.../test.sql >> test.txt"???
<dc5ala> ops, sorry, think i did mistake, let me see :)
<kaushal> hi
<dc5ala> twister004, i just see there is a --log-error=name parameter for mysqldump, may give that a try
<twister004> dc5ala.. i tried that.. i get the following error "mysqldump: unknown variable 'log-error=test.txt'"
<twister004> looks like mysql maybe an old version
<kaushal> can i know the history of iotop application ?
<twister004> output of  'mysqldump -V' is "mysqldump  Ver 10.10 Distrib 5.0.24a, for pc-linux-gnu (i486)"
<dc5ala> you did prepend "--" ?
<twister004> yes
<dc5ala> i only checked the parameter list of mysqldump on a server of mine, says mysqldump  Ver 10.11 Distrib 5.0.51a
<twister004> dc5ala... will >> work?
<twister004> yup.. so it's a version problem.. mine's old... I dont wanna update mysql coz this is production environment
<dc5ala> have a look in the help if there is an log-error parameter
<twister004> nop
<twister004> ot's not there
<twister004> it's*
<dc5ala> that one is old server too :)
<dc5ala> maybe there is a generic logging parameter?
<twister004> nothing... only flush-log
<twister004> nothing to do with logging error
<twister004> willl the mysql.log or mysql.err file under /var/log/ help?
<dc5ala> i have a look on another machine, what version is running there
<bencc> how can I make changes in /etc/security/limits.conf take effect without restarting the server?
<bencc> I need to increase the max allowed file-descriptors
<twister004> dc5ala.. there's another machine with sql version "mysqldump  Ver 10.11 Distrib 5.0.51a, for debian-linux-gnu (i486)"... hee I see the '--log-error' parameter
<twister004> it's a version problem
<twister004> here**
<dc5ala> hehe, guess so
<dc5ala> you may try redirect "stderr" maybe, e.g. mysqldump ... > out.sql 2>>error.log
<dc5ala> twister004, the logs under /var/log/mysql are probably only used by the server and not by msqldump, not sure
<twister004> dc5ala... 2>>error.log doesn't seem to be working
<dc5ala> how comes? :)
<dc5ala> if mysqldump writes anything to stderr it should end in that file
<twister004> thanks
<twister004> dc5ala.... 2>>error.log is working
<twister004> !!!
<twister004> thank you!!!
<twister004> atleast it's getting redirected to a log file.
<dc5ala> could you force and error to test it?
<dc5ala> twister, oh, just see another thing i used in a script, mysqldump ... > db-$(date +%Y%m%d).sql
<dc5ala> twister004, puts a nice timestamp in your filename
<bencc> does "sudo more /proc/sys/fs/file-nr" give me the total used file descriptors on my server?
<koolhead11> hi all
<koolhead11> jdstrand, i have reported the bug as you suggested.
<juliux> hi, does somebody knows how i can use clusterssh with ssh agent forward?
<uvirtbot> New bug: #777022 in mysql-5.1 (main) "package mysql-server-5.1 5.1.54-1ubuntu4 failed to install/upgrade: sub-processo script post-installation instalado retornou estado de saÃ­da de erro 1" [Undecided,New] https://launchpad.net/bugs/777022
<uvirtbot> New bug: #777033 in postfix (main) "installation lacks RELEASE_NOTES-2.6 documentation file" [Undecided,New] https://launchpad.net/bugs/777033
<lambda_x> how can i tell multipathd to recheck volume sizes?
<jdstrand> koolhead11: thanks!
<jamespage> ttx: around?
<jamespage> ttx: just wondered how etherpad had held up at the OpenStack summit?
<zul> jamespage: it didnt blow up :)
<jamespage> zul: thats good :-)
<jamespage> thinks are looking OK for using it at UDS as well
<zul> jamespage: \o/
<uvirtbot> New bug: #777096 in bind9 (main) "package bind9 1:9.7.0.dfsg.P1-1ubuntu0.1 failed to install/upgrade: el subproceso instalado el script post-installation devolviÃ³ el cÃ³digo de salida de error 1" [Undecided,New] https://launchpad.net/bugs/777096
<uvirtbot> New bug: #777103 in groovy (main) "Merge groovy (1.7.10-1) from debian unstable" [Medium,In progress] https://launchpad.net/bugs/777103
<cemc> on 10.04 when do the rc2.d/S* scripts start, before, after or durint the stuff in upstart?
<uvirtbot> New bug: #776299 in apache2 (main) "package apache2-mpm-prefork (not installed) failed to install/upgrade: subprocess dpkg-deb --control returned error exit status 2" [Undecided,New] https://launchpad.net/bugs/776299
<Vanuatoo> Hello, I've got Gigabyte GA-H67MA-UD2H-B3 motherboard and have 2 disks configured as RAID 1 from BIOS. When I boot Ubuntu Server 11.04 64 bit on my computer it cannot find the disks. I manually go to Detect Disks step and system prompts me to select Driver. Can you tell me what driver should I select?
<RoAkSoAx> kirkland: ping
<RoAkSoAx> kirkland: is the dell laptop we tested powernap back in January a 4 core?
<kirkland> RoAkSoAx: nope, dual core
<ppetraki> Vanuatoo, I believe that's "fakeraid"
<ppetraki> Vanuatoo, dmraid package is what you need
<uvirtbot> New bug: #777193 in ethtool (main) "ethtool settings may not apply on boot with separate /usr" [Undecided,New] https://launchpad.net/bugs/777193
<RoAkSoAx> kirkland: k thanks
<ppetraki> Vanuatoo, caution, I'm not aware of many folks who use fake raid in production environments. Mostly it's used as a compatibility bridge for users who are dual booting from an existing Windows installation.
<Vanuatoo> There is no fake raid in the list
<ppetraki> Vanuatoo, that's the slang name, see https://help.ubuntu.com/community/FakeRaidHowto
<marrusl> SpamapS, the ethtool bug above is mine.  thought you might be interested from a boot perspective.
<Defghanistan> Hello, I am looking for any documention or information regarding Ubuntu server MPIO. Can anyone here point me in the right direction or give me any useful advice?
<ppetraki> Vanuatoo, I don't know if dmraid support ever made it into the installer.
<ppetraki> Vanuatoo, wish I could give you more direct assistance though I don't have any first hand experience settiing up these fakeraid deployments. I've been avoiding them like the plauge, MD is a more robust and better supported option
<Vanuatoo> What is MD?
<miceiken> For some reason I get this error in my apache log: "[Wed May 04 17:51:36 2011] [error] [client 192.168.10.105] File does not exist: /var/www/~rt", any way to narrow it down to the file I've stated that in
<ppetraki> Vanuatoo, Linux's defacto software raid stack, managed by mdadm
<ppetraki> Defghanistan, MPIO deployments are SAN specific, what are you trying to deploy? No, we don't have Ubuntu centric MPIO docs but the general available ones for other distros are applicable, for the most part.
<Defghanistan> We're working with a netapp fibre channel SAN, deploying ubuntu server to fulfill web and database roles
<koolhead17> hi all
<bluethundr> quick question, guys.. if a server has just apache2-mpm-prefork installed is it an apache server? or would that be only machines with apache2 installed?
<bluethundr> dumb question I know
<marrusl> Hey guys...  any opinions on replacing dash with bash?  I don't mean in general, I have a customer who wants to do that on their systems.
<marrusl> actually they asked specifically about what upstart uses for script stanza's.  but i assume the more relevant question is what you link /bin/sh to.
<ghostlines> hi all, I'm setting up a bridge I've configured br0 I'll also still have to configure one of my real interfaces also for example eth0 right?
<uvirtbot> New bug: #777261 in librdmacm (main) "Sync librdmacm 1.0.14.1-1 (main) from Debian unstable (main)" [Undecided,New] https://launchpad.net/bugs/777261
<robo> to change an IP do I just edit /etc/network/interfaces and restart networking?
<robo> That's what the doc's say but this is a remote machine and I'd hate for it to not come back up
<hggdh> smoser: I *know* you already told me, but I am afraid I forgot: how does one boot a karmic EC2 kernel? With --kernel? And where are the kernel lists?
<BCS-Satori> Hello,  I installed "linux-scst" which installed linux-image-2.6.32-29-scst on my ubuntu 10.04 server, however when the system boots its selecting 2.6.32-31-server.  I do not see the scst kernel in my grub configuration either.  Any ideas on how I can boot the system to the scst kernel?  Thanks
<Nikolasr> Hello, can someone help me with bridging connections..when i type ifconfig i get listed only primary device
<patdk-wk> Nikolasr, use brctl
<Nikolasr> yes..but when i type eth0 its says invalid device ignoring..
<Nikolasr> :)
<patdk-wk> man brctl :)
<Nikolasr> i mean when i type brctl addif "primary" "eth0"            (without quotes)
<Nikolasr> I got notting.
<Nikolasr> Please help me.
<kirkland> RoAkSoAx: ping
<RoAkSoAx> kirkland: pong
<kirkland> RoAkSoAx: i have a small but significant fix to powernap's load monitor
<kirkland> RoAkSoAx: i'm wondering if you mind doing the sru?
<RoAkSoAx> kirkland: sure
<RoAkSoAx> kirkland: just commit it to lp:powernap and I'll grab it from there
<RoAkSoAx> kirkland: or better yet, commit your fix, release a new version in oneiric, and I'll SRU your fix
<kirkland> RoAkSoAx: yeah, that's what i was thinking
<kirkland> RoAkSoAx: here's the fix i'm testing: http://paste.ubuntu.com/603409/
<kirkland> RoAkSoAx: basically, if the load threshold is "n", we need to count the number of processors every time we run
<kirkland> RoAkSoAx: because if we're powernapping, and we're down to 1 processor, then we want to wake if load gets above 1
<kirkland> RoAkSoAx: rather than wait until load gets to 16 (if we have 16 processors)
<kirkland> RoAkSoAx: i don't like the commands.getoutput("getconf _NPROCESSORS_ONLN") every time this runs though
<kirkland> RoAkSoAx: i want to do it more cheaply than that
<kirkland> RoAkSoAx: http://stackoverflow.com/questions/1006289/how-to-find-out-the-number-of-cpus-in-python
<RoAkSoAx> kirkland: yeah makes sense to me all of it
<RoAkSoAx> kirkland: though will importing the multiprocessing module be really cheaper?
<kirkland> RoAkSoAx: hmm
<RoAkSoAx> kirkland: and may be subject of errors
<kirkland> RoAkSoAx: hmm
<kirkland> RoAkSoAx: let me test
<RoAkSoAx> kirkland: let's just try it out for now, I don't think it will really make any difference
<kirkland> RoAkSoAx: my testing says you're wrong
<kirkland> :-)
<kirkland> kirkland@x201:/tmp$ time python 1.py
<kirkland> real    0m0.834s
<kirkland> kirkland@x201:/tmp$ time python 2.py
<kirkland> real    0m16.143s
<kirkland> 1.py: http://paste.ubuntu.com/603416/
<kirkland> 2.py: http://paste.ubuntu.com/603417/
<kirkland> :-)
<RoAkSoAx> kirkland: cool then! Let's just use multiprocessing then :)
<ghostlines> hi all, I'm trying to point virt-install to my cdrom drive but -c /cdrom isn't working how should this be done?
<RoAkSoAx> ghostlines: this works in Natty
<RoAkSoAx> not before
<RoAkSoAx> at least it shouyld
<ghostlines> hmmm, otherwise I must make an image of it?
<RoAkSoAx> ghostlines: and you might have to make the cdrom available through HTTP
<ghostlines> damn, seems like I have to jump through hoops to use a local device
<RoAkSoAx> ghostlines: the thing is that virt-install does not correctly determine that a cdrom is an ubuntu source/distro
<RoAkSoAx> ghostlines: so this was fixed patched in Natty
<ghostlines> ahhh
<RoAkSoAx> ghostlines: however, I've only tested this when making the loop mounted cdrom available through HTTP, not through /cdrom
<ghostlines> I could swear that virt-manager allowed me to select devices after a vm was installed, real strange that I can't do it with virt-install
<ghostlines> thanks for your help though, think I'm just gunna try and make an image of the dvd
<RoAkSoAx> ghostlines: virt-manager uses libvirt while virt-install uses python-virtinst AFAIK
<ghostlines> ubuntu's docs needs to get updates as well the python-virtinst pkg doesn't exist in 10.10 it's just virinst
<RoAkSoAx> ghostlines: upstream is python-virtinst in ubuntu it is just virtinst
<kirkland> RoAkSoAx: we should also use os.getloadavg()[0]
<kirkland> RoAkSoAx: it's over twice as fast as reading /proc/loadavg
<ghostlines> RoAkSoAx, and since when did /dev/cdrom move to /cdrom ? I gotta really keep up
<RoAkSoAx> kirkland: cool then. I guess we'll have to look throughout the code for tricks like this
<RoAkSoAx> ghostlines: I don't know actually
<kirkland> RoAkSoAx: yeah
<kirkland> RoAkSoAx: well, it might be my fault after all :-)
<kirkland> RoAkSoAx: i'm listed as the author of that file :-P
<RoAkSoAx> kirkland: hehe nah well neither you nor are/were python experts to know all the tricks and functions python already provides
<RoAkSoAx> hehe
<RoAkSoAx> kirkland: btw.. take a look at it, and tell me what you think: https://help.ubuntu.com/community/Cobbler
<uvirtbot> New bug: #777356 in postfix (main) "[fixed upstream, regression] Postfix smtp does not skip unknown XFORWARD attributes, causing SMTP syntax errors" [Undecided,New] https://launchpad.net/bugs/777356
<ttx> jamespage: re:etherpad -- no problem at all
<ttx> jamespage: though I'd admit that not everyone was using it, and that we had only 2 sessions in parallel
<RoAkSoAx> kirkland: just thought of something. the idea of scale the threshold should only work when using the script that turns off the cores right?
<RoAkSoAx> kirkland: never mind it doens't really matter
<kirkland> RoAkSoAx: nah
<kirkland> RoAkSoAx: okay, my load monitor fixes work great
<kirkland> RoAkSoAx: i'm about to release powernap 2.7
<kirkland> RoAkSoAx: are you happy with the other features you've merged for oneiric?
<RoAkSoAx> kirkland: yes, please release it
<kirkland> RoAkSoAx: done
<RoAkSoAx> kirkland: i was planning to switch to source format 3.0 but that can be left for 2.8
<RoAkSoAx> as it is not high priority right now
<kirkland> RoAkSoAx: hmm, when you do, you'll need to fix a bug somewhere, either in bikeshed:release-build or somewhere else
<RoAkSoAx> kirkland: I've attached a debdiff for natty, could you please sponsor it?
<RoAkSoAx> kirkland: how so?
<kirkland> RoAkSoAx: as bzr bd fails for me when i do source format 3.0 and try to release-build
<kirkland> RoAkSoAx: you'll see :-)
<RoAkSoAx> kirkland: hehe ok
<kirkland> RoAkSoAx: are you doing the SRU justification or am i?
<RoAkSoAx> kirkland: just did it :)
<kirkland> sweet
<smoser> hggdh, karmic images were never moved to pv-grub.
<smoser> so you can't really boot a karmic ec2 kernel other than the one associated with the image.
<Macer> eyeos 2.x was bust.. 1.9 is awesome
<someguy> hi here
<someguy> anybody willing to help me with phpmyadmin problem
<someguy> i'm running fcgi as parser
<hallyn> kees: mk-sbuild oneiric is failing for me, bc awk isn't being installed so dpkg -i basefiles fails.  Is this anything you know about offhand?
<RoAkSoAx> kirkland: so release-build should not do the first bzr bd?
<kirkland> RoAkSoAx: hmm
<kirkland> RoAkSoAx: well, that's always worked before
<kirkland> but, yeah
<kirkland> okay
<kirkland> RoAkSoAx: it needs to move that bzr bd to the end
<kirkland> RoAkSoAx: after everything else
<kirkland> RoAkSoAx: and it'll build the -0ubuntu1.deb
<RoAkSoAx> kirkland: ok cool!
<kirkland> RoAkSoAx: uploaded powernap_2.6-0ubuntu2.1_source.changes
<RoAkSoAx> kirkland: thanks
<hggdh> smoser: any chance of generating a karmic ec2 kernel for the -29?
<hallyn> Daviey: what do you think about dropping https://blueprints.launchpad.net/ubuntu/+spec/server-o-kvm-document-suggested-changes ?
<hallyn> zul: this is funny - the scheduler is working *so* hard to keep me out of convenient afternoon sessions (i have none in the last two hours) that i'm double-booked for the lxc session
<zul> hallyn: doh...talk to robbie
<hallyn> zul: yeah the one that's 3am central time may have quite a few ppl attending remotely from US so that one should be moved if possible
<zul> what you dont wake up that early?
<hallyn> zul: i may still be awake at that point, but unsure
<soren> hallyn: Not coming to UDS?
<hallyn> soren: alas, not this time
<soren> That was getting really annoying.
<soren> hallyn: But you'll miss out on all the Hungarian... err... stuff!
 * soren can't think of anything uniquely Hungarian
<hallyn> soren: not to mention all the uds camaraderie.  i'd love to be going.  c'est la vie.
<adam_g> anyone know if libvirt supports CoW cloning of qcow2 based VMs via virt-manager?
<someguy> hi people
<someguy> anyone up here to stress their brain ?
<zul> soren: umm...hungarian gulash?
<lynxman> zul: Hungarian gulash is yummy
#ubuntu-server 2011-05-05
<SpamapS> soren: there's the Hungarian Phrase Book
<Italian_Plumber> Is there some magic I need to do so that Ubuntu doesn't take up gobs and gobs of CPU time when copying, moving, or deleting files?  Just deleting a bunch of files has bumped my load average to close to "3".
<mrroth_> any good ubuntu based email appliance distrubution
<Calif> I'm using this tutorial to configure a dhcp server
<Calif> http://www.howtoforge.com/dhcp_server_linux_debian_sarge
<Calif> However, I'm not sure how to start it, the command in the tutorial didn't work.
<Calif> 'no such file or dir'
<ChmEarl> Calif, cause its called dhcp3-server?
<Calif> well, I'm sure its sometihng stupid like that
<Calif> I've got dhcpd.conf
<Calif> I don't know, maybe this isn't even the right tutorial, I thuoght that was what they had promoted
<ChmEarl> Calif, dhcpd.conf is used here on lucid-server, but in /etc/dhcp3
<Calif> ok, let me try something
<Calif> one sec
<Calif> ok, I've messed this up good
<Calif> I should probably start over
<Calif> I just want a simple dhcp server, whats something that I can get with apt-get, that you would recommend?
<Calif> is this dhcp3-server good? Would you have used something else?
<Calif> fuck it, I made a backup ill just start over
<JanC> Calif: dhcp3-server is good, but if you only need a simple DHCP/DNS server for a small LAN, you can also look at dnsmasq
<Calif> Here's another question
<Calif> # No service will be given on this subnet, but declaring it helps the
<Calif> # DHCP server to understand the network topology.
<Calif> #subnet 10.152.187.0 netmask 255.255.255.0 {
<Calif> #}
<Calif> What is this subnet - is this the external, internal, whats the point of this part?
<ChmEarl> Calif, that only applies if you have a 10.x.x.0 private lan
<Calif> what if I have a different address, but it's still a private address scheme on the lan I wish to use dhcp with?
<Calif> eg: 192, or 172
<ChmEarl> Calif, keep reading the samples, they show an example
<ChmEarl> /usr/share/doc/dhcp3-server/examples/dhcpd.conf
<Calif> I'm looking at a few under that
<Calif> So the purpose of these lines is just to show different config examples, the above one being the simplest?
<Calif> further more, the above one can remain commented without affecting anything?
<Calif> I'm running this on a linux box thats doubling as a router/fw for my network
<Calif> so I want to offer dhcp services to the internal
<Calif> that said, the external interface is dhcp as well, but it gets its address from an upstream router
<Calif> I'm sorry for all the questions, I'm just trying to wrap my head around this.
<JanC> Calif: for a small LAN, dnsmasq is much easier to set up & includes a DNS relay server (but lacks several more advanced features that dhcp3-server & bind support)
<ChmEarl> Calif, your internals are limited to certain nics: in dhcp.conf I have - INTERFACES="eth1 eth2"
<ChmEarl> eth0 is for my WAN
<Calif> dhcpd.conf doesnt allow me to specify the interfaces
<Calif> That said, if I just uncomment one of these, and give it the addresses of my internal interface, can I expect that to work?
<Calif> Or is there some other place I specify the interface I want to use?
 * ChmEarl slaps Calif with a trout: I just gave you the line
<Calif> you said dhcp.conf
<Calif> So i have to edit that file as well?
<Calif> or did you typo it
<Calif> and meant dhcpd
<Calif> I swear, I wish I knew this stuff like you guys do ;p
<Calif> I'm like 10 years behind or something until a month ago, the most advanced thing I did was setup an eggdrpo
<Calif> now im running a server with a firewall, and dhcp, I'm setting up nagios
<Calif> but I am fairly challenged by these tasks, it's going to be a long time before I understand nix like some of you guys
<JanC> Calif: reading up on basic networking and what DHCP does might be useful  ;)
<Calif> I've got basic networking, and I understand dhcp, but I'm coming from windows so there's a disconnect
<JanC> it works exactly the same in Windows  ;)
<Calif> it works the same, but the setup is radically different  ;p
<Calif> it's similiar in the physical settings
<Calif> but how you put it all together, and knowing what to edit where, I get confused easily
<Calif> I can set this up on windows server with my eyes closed - setting up reservations, static assignments, ranges, all sorts of stuff
<Calif> And I've read stuff on linux too
<Calif> You all probably know the 'linux newbie administrator guide;
<Calif> I've read that twice over the years, (not to say I'd not benefit from another round mind you.)
<Calif> with me, I think, the trouble is I read stuff and it makes sense, but I need to _do_ it for it to sink in
<Calif> and half the tutorials I find on stuff leave things out, or expect and assume you know some small detail... You can't ask a tutorial a question... so I wind up here
<Calif> anyway, so back to this - I think if I can figure this out, I'll be able to do the rest and run this thing in a few minutes
<Calif> I'm going to go look at your dhcp.conf, and see if that answers my question
<Calif> well, my dhcp.conf ;p
<Calif> ok, so using the locate command, I found a copy of that in the /etc/samba dir
<Calif> is it supposed to be an empty file ?
<Calif> probably..
<Calif> ChmEarl, I just add the INTERFACES="ethx" - x being the interface going out to my internal network that I want to offer dhcp services on?
<JanC> I suggest you don't go looking for similarly named files in random other directories  ;)
<Calif> lol
<Calif> So was he meaning to tell me to edit dhcpd.conf with that line, or did I miss something entirely here, because locate only came up with one file
<Calif> if it is dhcpd.conf where in the file do I stick that line at?
<Calif> I'm sure once I get the interface and that line I pasted earlier figured out, that would be all my questions for tonight ;p
<Calif> There is an end to the madness I promise ;p
<Calif> I know im close, it'd suck to abandon this 70% through to pick another dhcp server, that I'll probably likewise have dumb questions about...
<Calif> chm, I didn't pm you without asking, I used notice - I'm making an effort :P
<JanC> Calif: I configured my first gateway with dnsmasq in less than 30 minutes  ;)
<JanC> less than 15 maybe
<Calif> If I can figure out what I need to do next I'd be done in 2
<JanC> and I suppose dhcpd.conf is the file for the DHCP server config
<Calif> I believe so
<Calif> I can paste you the contents in a pastebin if you think you could help
<Calif> I think it's simple, but I know there's something to what chm said too about defining my interface
<Calif> I know the info I want to put in for my network, but there's some stuff it says mainly for the examples that confuses me as to why they worded it like that
<Calif> I'm tempted to ignore that part and just uncomment one of teh examples, change some stuff to my info, but that leaves the interface thing chm spoke of, that I can't figure out where to put it "INTERFACES="eth1 eth2""
<Calif> Sorry, lost my connection
<Calif> My room mates coming home soon, I may have to give up soon
<JanC> well, 3am here, so I give up now  :P
<twb> dnsmasq ROCKS
<Calif> Cool, thansk for your help JanC
<twb> Calif: interface lines go in dnsmasq.conf
<Calif> I'm not using dnsmasq I don't think
<twb> Oh sorry
<Calif> dhcpd.conf
<twb> Then I can't help :P
<Calif> crap :/
<Calif> lol
<Calif> ok, I promise if I don't figure this out in a day or so
<Calif> that will be the first thing I try
<Calif> I'm already mostly through this one
<Calif> so I'm hoping to finish it before I jump to another one
<Calif> it'd be nice to figure out both in the end
<twb> Is there a way to tell nmap to operate over an ssh hop (e.g. SOCKS with ssh -D) ?
<twb> nmap is on my laptop, I can ssh into bastion.example.net, and from there I can connect to foo.example.net -- but I can't reach foo.example.net directly from my laptop, and I can't install nmap on bastio
<RoyK> ssh -I
<goddard> how can i setup a default pipe for email that doesn't have a real account?
<goddard> like a catch all
<twb> goddard: with postfix?
<uvirtbot> New bug: #777541 in php5 (main) "package libapache2-mod-php5 5.3.5-1ubuntu7.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/777541
<goddard> yes
<Calif> ok, I read a bit about dhcpd
<twb> goddard: dunno, try #postfix
<Calif> I'm a bit confused with declaring a subnet/interface
<Calif> I'm going to run dhcp on a box which acts as a gateway/firewall, and the external interface is a public address but it dynamically changes.
<Calif> So how would I declare such a subnet in dhcpd.conf (isc)?
<twb> Someone please explain this: /bin/sh: hardcopy.7: not found
<twb> Someone please explain this: http://paste.debian.net/116054/
<twb> Ah, -h
<twb> never mind
<blahdeblah> Any grub experts out there? I've got a client getting grub error 24 "Attempt to access block outside partition" on a server that was previously running perfectly. Bug #353071 seems to be related, but it is for much older versions, and i've tried all the suggested remedies.
<uvirtbot> Launchpad bug 353071 in grub "grub error 24 with Jaunty beta" [Undecided,Invalid] https://launchpad.net/bugs/353071
<blahdeblah> And i forgot to mention that there's no ext4 involved - all filesystems are ext3
<ScottK> blahdeblah: What release were you using when the systems were initially installed?
<blahdeblah> I don't know - i am only new on the site.  I think it was hardy.
<blahdeblah> Certainly it was upgraded from hardy
<ScottK> Then you at least have grub and not grub2.
<blahdeblah> yes, definitely
<blahdeblah> The upgrade from hardy was fine for a few weeks, then something happened (don't know what, since i am only on site when required) and on the next reboot it exhibited this problem.
<uvirtbot> New bug: #777585 in bacula (main) "package bacula-director-mysql 5.0.3-0ubuntu2 failed to install/upgrade: ãµããã­ã»ã¹ ã¤ã³ã¹ãã¼ã«æ¸ã¿ã® post-installation ã¹ã¯ãªãã ã¯ã¨ã©ã¼çµäºã¹ãã¼ã¿ã¹ 1 ãè¿ãã¾ãã" [Undecided,New] https://launchpad.net/bugs/777585
<blahdeblah> ScottK: I wondered whether i should upgrade to grub2, but i don't like to do upgrades in the middle of an unexpected downtime.
<ScottK> I wouldn't.
<ScottK> You're sure some enterprising young admin didn't decide these file systems should be converted to ext4?
<ScottK> I'd guess not.
<blahdeblah> yes
<blahdeblah> Very sure
<twb> blahdeblah: grub2 is a downgrade
<blahdeblah> I also ran a full fsck which came back with no errors
<blahdeblah> I've reinstalled grub a few times, using both the /dev/sdX devices, and the /dev/md0 device, and all result in the same behaviour.
<twb> extlinux FTW
<ScottK> Sorry, no idea.
<twb> You've used it on CDs, you've used it from PXE, now use it for normal booting!
<_ruben> hooray for co-workers not showing up for planned maintainance.. grr
<talntid> What is your favorite file system for hosting/scaling a large MySQL database and why?
<AphisOne> talntid: That may be a better question for the mysql room.
<uvirtbot> New bug: #777626 in php5 (main) "package libapache2-mod-php5 5.3.5-1ubuntu7.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 10" [Undecided,New] https://launchpad.net/bugs/777626
<twb> I removed the stupid NAT interface from libvirt, because I only want bridging
<twb> I just upgraded libvirt, and the postinst has recreated libvirt/qemu/networks/autostart/default.xml -- why?
<twb> That is not how conffiles are supposed to behave
<rafalk42> hello, I'm trying to upgrade ubuntu server to 11.04 and I get following errors: http://pastebin.com/9whvVhs1 . Can i throw out one of those offending packages?
<twb> Try dpkg -i /var/cache/apt/archives/console-setup_....deb /var/cache/apt/archives/keyboard-configuration_....deb
<rafalk42> ok, I'll try that
<twb> It's trying to upgrade keyboard-configuration first due to bad dependency declarations, I think
<twb> Note that you should be upgrading only one version at a time
<twb> e.g. 10.04 directly to 11.04 is not supported
<rafalk42> oh, that could be the problem
<th0mz> can some1 tell me where i can find the changelog for  libapache2-mod-php5 last night update please ?
<th0mz> DISTRIB_DESCRIPTION="Ubuntu 8.04.4 LTS"
<th0mz> i had some trouble with various CMS since last w.e. which has been corrected last night.
<taneli> th0mz: aptitude changelog libapache2-mod-php5
<th0mz> xampart: great, thanks.
<twb> Did you know that in d-i, if you drop to a shell and do "mkfs.ext2 /dev/sda", you can convince d-i that you don't need a partition table?
<twb> This is especially good for /dev/vda VM virtual disks
<twb> Oh, NICE.  Warning: Permanently added 'example-natty' (ECDSA) to the list of known hosts.
<twb> natty has ECDSA host keys OOTB
<dany_> can anyone help with a virtual host configuration? I have 2 internal ip Å with 2 webservers. I want mail.domain.tld to refer to webmail and domain.tld to my website.
<dany_> and both are port 80
<xampart> dany_: http://httpd.apache.org/docs/2.0/mod/core.html#servername
<dany_> thank you
<xampart> dns should be properly configured of course
<RoyK> any idea what might cause this? http://paste.ubuntu.com/603635/
<RoyK> dany_: you don't need two IPs either - it's easier to just use VirtualHost with host header (ServerName / ServerAlias)
<jkakar> Hi!  I've got a server running my application.
<jkakar> I've created an Upstart script to start it.
<dany_> well i cannopt get zarafa an a joomla website to play nice on an OpenVZ container
<dany_> so thats why i am trying this way
<RoyK> ok - never tried openvz
<jkakar> Previously, we were using start-stop-daemon, but I've removed it (because I made some changes and it was causing problems), so Upstart is starting the service directly now.
<jkakar> I notice that the Debian guidelines recommend start-stop-daemon, but is this the recommendation for Ubuntu+Upstart?
<RoyK> jkakar: both work
<jkakar> RoyK: I guess they're kind of equivalent.
<RoyK> just different ways to do things
<jkakar> In this case my application is Twisted based and started by twistd.  I guess the reason to use start-stop-daemon would because (apparently) twistd's ability to switch to the right user can be dodgy.
<RoyK> but - anyone that knows what might cause this? http://paste.ubuntu.com/603635/
<soren> jkakar: start-stop-daemon is used to daemonise things that aren't very good at daemonising on their own. upstart is a proper process supervisor. You don't need start-stop-daemon with upstart.
<jkakar> soren: Cool, that's my impression.
<jkakar> I just need to test my application to make sure it switches users properly.
<soren> jkakar: If not, I use su to do that in upstart.
<soren> e.g.:
<soren> exec su -c "nova-api --flagfile=/etc/nova/nova.conf" nova
<jkakar> soren: Ah, interesting.
<jkakar> soren: Thanks for the advice.  It helps. :)
<soren> jkakar: It's not pretty, but until upstart learns how to do this natively, that seems to be the common pattern.
 * soren wanders off for lunch
<soren> jkakar: np
<tim_s> I'm using ubuntu on ec2, one of my instances has stopped being able to connect to the apt repo.. anyone had this before?
<tim_s> actually it can't even connect to google
<jkakar> tim_s: Have you done something to the security group the instance is in that could cause such breakage?
<tim_s> I can however see pages from it's apache server from my laptop.
<tim_s> jkakar, not that I know of.
<tim_s> jkakar: we haven't
<jkakar> tim_s: Hrm, I'm not sure what to suggest then. :/
<jkakar> tim_s: I've seen my EC2 instances (in eu-west-1) occasionally lose connectivity to the archive, but never to the internet in general.
<jkakar> tim_s: Maybe something b0rked DNS on that machine?
<tim_s> sounds like dns
<tim_s> it can ping things
<tim_s> oh I can ping google.com
<hw> can anyone help me with updating apache and mysql on a 10.04.2 box? I ran apt-get update and apt-get upgrade but it doesnt pick up the newer version
<hw> apache 2.2.14 is the latest it has, and that apparently has some security issues that are causing it to fail a PCI scan
<JanC> doh, now hw is gone...
<RoyK> apache failing to do a PCI scan...
<RoyK> oh well
<JanC> RoyK: "Payment Card Industry" scan; you know "security experts" certified by credit card companies who are too stupid/lazy to test for actual vulnerabilities but just compare version numbers instead...  ;)
<_johnny> hey, i use pubkey for my login to a box i have. now i'm adding another user (but still me who will use it), and i've added the same pubkey (from my computer obviously) to that users .ssh/authorized_keys. however, i'm thrown to password being the only allowed method http://pastebin.com/x3L6s8Uq
<_johnny> can anyone help me debug this?
<_johnny> there are no different rules from sshd to this new user. and the old user works fine with pubkey.
<_ruben> _johnny: check the logs of the ssh daemon, and verify the permissions/ownership of the keys
<_johnny> ownership might be wrong, good point
<webwurst> Hi! I did a fresh installation of Ubuntu Server Natty, choosed btrfs for '/' and wanted grub to reside in /dev/sda
<_johnny> _ruben: should i set it to verbose first? auth.log just tells me the pw is wrong (no mention of the pubkey attempts)
<webwurst> installation finished, but booting does not work. i can chroot into the natty-server via live-usb
<_johnny> _ruben: turns out my screen isn't found (although it exists). thanks for the help :)
<webwurst> and now "# grub-install /dev/sda" gives me:
<webwurst> /usr/sbin/grub-probe: error: cannot find a device for /boot/grub (is /dev mounted?)
<webwurst> dev is mounted and i can see /boot/grub .. Any idea someone? ;)
<_johnny> _ruben: oh no. now it's even harder to debug :( http://pastebin.com/6WYHpEVp i just get failed, and client mentions no reason for failure either
<_johnny> ok, the bad perms might be due to encrypted homedir. my bad
<_ruben> encrypted homedirs and key auth aren't best friends, you'll need to store you key in both your encrypted and unencrypted homedir
<JanC> webwurst: is the live usb also natty?
<webwurst> JanC: yes
<JanC> well, I guess it doesn't really matter when you chroot into the server
<JanC> I think btrfs.mod is rather new though
<webwurst> JanC: boot is a directory. would it maybe help to make it subvolume and put it indo /etc/fstab? is grub-installer searching for something like that?
<JanC> grub installer should work either way
<webwurst> ok
<JanC> webwurst: /dev is mounted in the chroot too?
<webwurst> yes: i mounted proc, dev, sys with --bind
<webwurst> JanC: grub-installer fails at this line:
<webwurst> /usr/sbin/grub-probe --device-map=/boot/grub/device.map --target=device /boot/grub
<webwurst> JanC: ..and there ist no device.map in /boot/grub/
<webwurst> JanC: ist --target=device right in this case?
<JanC> webwurst: eh, I guess not
<webwurst> JanC: changed it to "fs" but same error ("cannot find a device for /boot/grub")
<Aison> where can I find mac-fdisk for ubuntu?
<pmatulis> Aison: is it packaged?
<Aison> no idea, maybe I can also get the sources somewhere
<Aison> I need to fix a mac partition table on an external drive
<pmatulis> Aison: i cannot find such a command anyway
<uvirtbot> New bug: #777820 in mcollective (universe) "mcollective does not start." [Undecided,New] https://launchpad.net/bugs/777820
<Aison> pmatulis, maybe there are other tools to manipulate hfs partitions with linux, no idea
<Egonis> Recently, I had an attack on my wordpress site, which relayed over 160,000 e-mails through www-data using a PHP form. Is there a way to specify that www-data@mydomain.tld can only send to mydomain.tld? Any suggestions otherwise? Any help is greatly appreciated.
<rafalk42> ok, so in fact you CAN dist-upgrade directly from 09.04 to 11.04 ... altough with a few issues
<Pici> rafalk42: Just because you can doesn't mean you should.
<rafalk42> yeah, but I didn't knew about that before i started
<hw> hey
<rafalk42> hi
<hw> anyone have any ideas on this one? I have a U 10.04.2 box that needs apache and mysql updated... when I run apt-get update, apt-get upgrade it doesnt pick up the newer versions
<hw> it has apache 2.2.14, and the latest is 2.2.16
<hw> any ideas? this one is kicking my butt :-(
<hw> I see I could go to 10.10, but this has 10.04.2 LTS, not sure if I can upgrade... looking at this for a friend
<Pici> 2.2.14-5ubuntu8.4 is the latest version in 10.04.
<hw> so, when will this get updated? 2.2.14 has some security holes that make it fail a PCI scan
<hw> or is really my only option to install 10.10?
<hw> 10.10 I saw has apache 2.2.16
<pmatulis> is there anything that would limit the number of concurrent SSH connections to a Lucid server?  (besides h/w resources)
<Pumpkin-> the maximum number of PTY's (assuming the SSH connections have PTY's) is one thing.
<Pumpkin-> think the default is 4096
<pmatulis> i'm seeing disconnections after about 80
<genii-around> The default number per connection I think is like 10
<Defusal> Hi everyone, can anyone tell me why aptitude would tell me the following, or how i can get it to install mplayer on ubuntu server? http://pastie.org/1868062
<pmatulis> genii-around: default number per connection?  isn't each session a separate connection (unless using multiplexing)
<_johnny> how come update-motd doesn't have a /usr/sbin executable anymore?
<_johnny> i mean, sure, in the long run anyone can wait 10 mins, but if you were to debug/edit, then waiting 10 mins for each change could get boring ;)
<uvirtbot> New bug: #777868 in postfix (main) "Postfix smtp can no longer resolve localhost - regression from maverick." [Undecided,New] https://launchpad.net/bugs/777868
<ScottK> hw: No, actually it doesn't have security holes.  What's happening is some brain dead security tool is looking at version numbers and not checking for actual vulnerabilities.  Ubuntu backports security patches.
<genii-around> pmatulis: From manpage: " MaxSessions - Specifies the maximum number of open sessions permitted per network connection.  The default is 10."
<genii-around> ( sshd_config )
<hw> ScottK Yea, basically the issue is securitymetrics did a quarterly PCI scan, and that failed.
<hw> Is there documentation of that somewhere? I can throw that back at securitymetrics
<JanC> hw: the changelog and the cve tracker?
<kees> hw: https://wiki.ubuntu.com/SecurityTeam/FAQ#Versions
<ScottK> hw: http://changelogs.ubuntu.com/changelogs/pool/main/a/apache2/apache2_2.2.14-5ubuntu8.4/changelog
<patdk-wk> on this note, anyone see that postfix security question, allowing the use of EHLO is a security issue, according to some scanners :)
<ScottK> I did.
<hw> kees: ScottK: thank you!! let me review what the tool reported
<ScottK> Clearly I'm not leveraging other people's ignorance nearly hard enough.
<kees> use of EHLO is not a security issue. :P
<patdk-wk> these whole security scan things seem so silly, the more I see people use them
<ScottK> kees: It was on postfix-users.
<hw> yea, I agree. I've had to call the security scan providers a few times to get them to remove bogus stuff
<hw> usually they do it without any issue, as long as you are technical enough
<patdk-wk> now that, make me even more scared :)
<patdk-wk> your paying them to be technical enough to do the scan
<patdk-wk> not for you to tell them how to scan
<kees> indeed.
<patdk-wk> if your a 3rd party in this, then ya, I can understand :( (customer hired x to scan their hosting stuff on your equipment)
<JanC> patdk-wk: you pay them to get some stupid worthless piece of paper that some financial company requires, I guess
<patdk-wk> janc, pretty much :(
<JanC> nice way to create new jobs for the economy  :P
<hw> heh
<patdk-wk> it's what burocrates are good at
<hw> ok, the PCI scan says CVE-2010-1452 and CVE-2010-0425 are the issue.. the changelog says CVE-2010-1452 was fixed, but the other one is not on there
<uvirtbot> hw: The (1) mod_cache and (2) mod_dav modules in the Apache HTTP Server 2.2.x before 2.2.16 allow remote attackers to cause a denial of service (process crash) via a request that lacks a path. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1452)
<uvirtbot> hw: modules/arch/win32/mod_isapi.c in mod_isapi in the Apache HTTP Server 2.0.37 through 2.0.63, 2.2.0 through 2.2.14, and 2.3.x before 2.3.7, when running on Windows, does not ensure that request processing is complete before calling isapi_unload for an ISAPI .dll module, which allows remote attackers to execute arbitrary code via unspecified vectors related to a crafted request, a reset packet, and "orphaned callback pointers." (http://cve.mitr
<uvirtbot> hw: The (1) mod_cache and (2) mod_dav modules in the Apache HTTP Server 2.2.x before 2.2.16 allow remote attackers to cause a denial of service (process crash) via a request that lacks a path. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1452)
<patdk-wk> hw, CVE-2010-0425 is an IIS issue, not linux :)
<uvirtbot> patdk-wk: modules/arch/win32/mod_isapi.c in mod_isapi in the Apache HTTP Server 2.0.37 through 2.0.63, 2.2.0 through 2.2.14, and 2.3.x before 2.3.7, when running on Windows, does not ensure that request processing is complete before calling isapi_unload for an ISAPI .dll module, which allows remote attackers to execute arbitrary code via unspecified vectors related to a crafted request, a reset packet, and "orphaned callback pointers." (http://cv
<patdk-wk> so no, it won't be *fixed*
<JanC> not an IIS issue, but in Apache's compatibility for IIS plugins or something like that
<JanC> in any case, it's Windows-only
<JanC> and shows how stupid that scan is  :P
<pmatulis> genii-around: interesting, thx
<genii-around> pmatulis: np
 * patdk-wk never realized you could run apache as an iis isapi
 * patdk-wk doesn't think he would ever want too
<JanC> patdk-wk: I think it's the other way around, you can run ISAPI plugins on Apache  ;)
<patdk-wk> oh?
<patdk-wk> guess for .asp and .net stuff then
<JanC> maybe
<patdk-wk> shows you how much I run apache on windows :)
<hw> patdk-wk: LOL I just read that a bit closer. Too Funny. Gotta love the security scan protecting this server from the dangers of Windows
<JanC> hw: tell them you didn't put "Wine" on your server, see if they understand   ;)
<hw> lol
<patdk-wk> damn server is drunk again :(
<_ruben> patdk-wk: using alcohol instead of watercooling? :)
<patdk-wk> for *freeze* protection :)
<_ruben> heh, hadnt thought of that one ;)
 * patdk-wk would also assume alcohol fumes would smell nicer :)
<_ruben> assuming you'd be concious still ;)
<hw> Hey, thanks everyone for your help! I really appreciate it. I checked all of the "security issues" on the PCI scan, and they were patched a long time ago.
<hw> For some reason, securitymetrics.com started failing these versions in the last few months
<hw> going to call them today to get this fixed, I'm armed with the changelogs :-D
 * patdk-wk hands hw a larger bat
<hw> seriously
<hw> what was that comment about helping the economy?
<hw> lol
<JanC> helping the economy is when you pay somebody to go over there with a bat  ;)
<robo> hi: if i add a mount to /etc/fstab and it's options are .... nfs ro 0 1 -- the mount doesn't get added at boot. Any suggestions?
<oCean> robo: the mount options should be separtated by comma nfs,ro -not sure if that's your entire issue though. You don't have to reboot to test. Just run 'sudo mount -t nfs -a'
<oCean> *separated
<JanC> eh, nfs is not an option but the fs type  ;)
<oCean> oh right :)
<oCean> heh
<robo> oCean, mount -t nfs -a mounts it
<robo> just not after a reboot.
<robo> so the console is showing errors about how mountall failed. Before I get into why I'm trying to figure out how I get that same error when I'm ssh'd in to the machine
<robo> I would think dmesg would have that, but it doesn't
<SpamapS> robo: dmesg only has kernel messages (for now)
<SpamapS> robo: you want /var/log/boot.log
<robo> ah, ty
<robo> oh, that doesn't exist
<robo> (ubuntu 9.10)
<robo> there is a /var/log/boot that only has "(Nothing has been logged yet.)"
<dany> I have configured my virtual host like this but my subdomain mail.domain.TLD will only refer to my website and not the webmail as you can see in the config > <VirtualHost WAN IP>
<dany> ServerName mail.domain.TLD
<dany> DocumentRoot /usr/share/zarafa-webaccess
<dany> </VirtualHost>
<dany>  
<dany> Am i just being a complete noob or is something else a problem
<djbello> can somebody assist me with debugging an email issue with postfix?
<djbello> i have a user running Apple Mail on a Mac. He quite often receives emails that don't show the attachments but some email source code instead (looks like attachment boundaries).
<djbello> I am trying to figure out if his Mac is butchering the email (or doesn't display it right)
<djbello> or if the email is somewhat malformed
<djbello> darnit. Just got pulled away by my boss. Need to bring this up later.
<djbello> Bye
<robo> is there a way to show what programs are going to start at which runlevels? A centos chkconfig --list equivalent is what I'm searching for
<patdk-wk> there are no runlevels :)
<robo> ?
<robo> patdk-lap, that's something that confuses me too that I need to look into. It shows I'm in runlevel 2 -- that's strange to me
<Calif> Hi, I'm attempting to run dhcpd - I'm running it and getting the following error: http://pastebin.com/TRp4TiQC
<patdk-wk> ubuntu only has runlevels to keep compatability with old stuff
<patdk-wk> but it doesn't *use them*
<patdk-wk> the same with almost every distro now
<Calif> RIP run levels :/
<robo> hmm
<robo> so how do I know if my server is booted into a gui?
<robo> normally if I see runlevel 3 I know I'm all text. Runlevel 5 I know I have X booted
<patdk-wk> heh, a server with a gui is just pure evil :)
<robo> i know. That's why I'd like to figure out if a gui is running
<robo> i just inherited these servers and I know next to nothing about ubuntu :-/
<patdk-wk> service gdm status?
<robo> says un-recognized. Good thing!
<patdk-wk> heh?
<patdk-wk> what is un-recognized?
<Defusal> Hi everyone, can anyone tell me why aptitude would tell me the following, or how i can get it to install mplayer on ubuntu server? http://pastie.org/1868062
<robo> gdm: unrecognized service
<patdk-wk> ah, not installed
<robo> so it's not running, which is good :-)
<robo> So, if ubuntu doesn't use runlevels how do I know which scripts are executed at boot?
<Pici> Defusal: What release of Ubuntu is that?
<Defusal> 10.04
<robo> i guess if runlevel shows i'm in runlevel 2 then I look in /etc/rc2.d ?
<patdk-wk> heh, I'm lazy to figure it out :) 'grep ^start /etc/init/*'
<Pici> Defusal: Can you pastebin the output of: apt-cache policy mplayer  ?
<robo> man patdk-wk, ubuntu is so confusing
<patdk-wk> heh, I don't think so :)
<robo> i need to learn it
<patdk-wk> I ran slackware for decades
<patdk-wk> hated centos/redhat
<robo> is ubuntu-server and debian pretty much the same?
<Defusal> Pici: http://pastebin.com/4vZVcRQ0
<ScottK> Defusal: You aren't trying to install the 10.04 version of mplayer.
<Defusal> is it because it didnt remove the debian-multimedia source yet?
<ScottK> You need to remove that.
<ScottK> From /etc/apt/sources/list or list.d
<Defusal> ah, thanks, my bad :)
<Defusal> needed some packages and forgot to remove it earlier
<dany> Does anyone know if Can i change the default url froom /webaccess to mail.domain.TLD ?
<ScottK> robo: In many ways.   Ubuntu Server will generally have newer packages than the most recently Debian release.  Ubuntu uses apparmor by default instead of selinux.  Ubuntu has also implemented a number of security features that aren't in Debian yet:  https://wiki.ubuntu.com/Security/Features
<dany> in zarafa
<iggi> Anyone able to help me make a murmur upstart job? I run mine and it says murmur starts, but infact does not. This is the line I am using "exec /home/user/murmur/murmur.x86"
<zul> SpamapS: ping upstart question for you
<SpamapS> zul: sure in a bit
<uvirtbot> New bug: #777972 in dhcp3 (main) "package dhcp3-server 3.1.3-2ubuntu3.2 failed to install/upgrade: Unterprozess installiertes post-installation-Skript gab den Fehlerwert 1 zurÃ¼ck" [Undecided,New] https://launchpad.net/bugs/777972
<hallyn> kirkland: around?
<Xpistos> Hello. When I log in to my server it says there are 50+ updateds but when I try to upgrade or dist-upgrade it says there are no updates?
<robo> hi: I'm getting this error on boot: mount.nfs: rpc.statd is not running but is required for remote locking
<robo> any suggestions on why this is happening?
<RoyK> start portmap
<RoyK> or even - enable it
<robo> I see rpc.statd running
<robo> service portmap status shows portmap start/running, process 898
<RoyK> perhaps portmap is started after the nfs mounts?
<robo> yeah, seems that way RoyK
<robo> any suggestions on how to figure this out?
<RoyK> which version are you on?
<robo> 9.10
<RoyK> that's not supported anymore
<robo> i know :-/
<RoyK> I'd upgrade to 10.04LTS
<robo> guess as of last week
<robo> that's where I was trying to decide if 11.04 or 10.04LTS
<RoyK> there are far more users on LTS releases, so bugs are found and fixed quicker
<robo> oh? Nice to know
<RoyK> if it's just a server, I'd suggest 10.04LTS
<robo> cool; ty for the suggestion
 * RoyK has 20ish 10.04 servers running
<robo> nice!
<robo> i have closer to 50 servers that will soon be ubuntu
<RoyK> :)
<robo> a bunch of solaris, ubuntu and centos right now
<Pici> I use the latest Ubuntu release on all my personal computers (including my VPS), but for work stuff I stick with 10.04
<robo> I prob have around 15-20 ubuntu but they are all running 9.10
<RoyK> robo: we still stick with solaris^WOpenIndiana for storage
<RoyK> ZFS FTW!
<robo> We use Netapp here
<RoyK> heh - that costs a bit more ;)
<robo> yes, yes it does
<Xpistos> I found the answer. motd not updateing so I deleted /etc/motd.tail - problem solved
<RoyK> cost us some EUR 20k per 100TB box with supermicro hardware and openindiana on the top
<robo> I just inherited all these ubuntu servers. I don't have a clue what i'm doing
<RoyK> 100TB _net_ storage after a load of redundancy
<robo> load of redundancy? Is that data de-duplication?
<RoyK> no dedup - that's not really stable yet
<robo> gotcha
<RoyK> but redundancy as of small RAIDz2 VDEVs
<robo> oh, right
<RoyK> and with SSDs for caching, the boxes can sustain 10Gbps throughput, which is rather neat for a machine at that price
<RoyK> s/a machine/machines/
<robo> so RoyK, any ideas how i can get portmapper to start before nfs?
<robo> i'm not really sure how to adjust this type of thing in ubuntu. I don't think it's as easy as editing files in /etc/rcx.d
<RoyK> robo: upgrade to 10.04 first - it might be fixed there, and it'll give you updates
<robo> so you think it's just a bug?
<RoyK> robo: ubuntu uses upstart for most stuff
<RoyK> robo: yes
<robo> upstart, let me look into that
<RoyK> robo: it won't take too long to upgrade, though
<robo> is there a recommended way?
<RoyK> do-release-upgrade
<robo> i was thinking I'd have to build a fresh O/S and move everything over
<robo> oh, nice
<RoyK> upgrading is trivial
<JanC> just check the release notes etc.
<robo> nice! :-)
<JanC> and maybe try first with the least important one  ;)
<patdk-wk> janc that is defently not any fun
<RoyK> patdk-wk: why?
<robo> there is nothing fun. We use vmware
<patdk-wk> to test it? before attempting it on production? :)
<robo> So snapshot -> upgrade :-D
<RoyK> yeah :)
<RoyK> patdk-wk: coward!
<JanC> if you have vmware you can probably just test on a copy too...
<patdk-wk> ya, I'll clone, then test
<patdk-wk> but only if I feel something will break
<patdk-wk> and my guts don't work most of the time :)
<RoyK> patdk-wk: for most servers, an upgrade won't even need a clone, so long as you have a snapshot
<patdk-wk> well, it depends on how you test
<patdk-wk> I'll play with it for a week or so
<RoyK> depends more of what sort sort of server
<robo> all our servers are N+1. So I snapshot it and pull it out of the F5 pool for testing
<patdk-wk> so formal :)
<RoyK> robo: where do you work?
<robo> in the US for a medium sized corporation
<RoyK> how specific ;)
<robo> we have cool toys here
<robo> :-D
<robo> F5, Netapp, getting some EMC storage
<robo> vmware
<RoyK> what's F5?
<patdk-wk> firewall/loadbalaner company
 * RoyK has some rather nice toys as well - just setup this new 2U box with four servers, each with a dual 12-core opteron and 64GB RAM
<patdk-wk> mine are the other way around
<RoyK> s/a dual/dual/
<patdk-wk> dual quadcore 5630's with 192gb ram
<patdk-wk> and still keep running out of ram :(
<RoyK> patdk-wk: virtualisation?
<patdk-wk> yep
<patdk-wk> never really overload the cpu's ever
<RoyK> what hypervisor?
<patdk-wk> esxi
<RoyK> ok
<RoyK> mine are just compute nodes
<patdk-wk> this is 50+ win2003/8 machines :(
<robo> I'd quit :-)
<patdk-wk> have two other clusters that are almost all ubuntu
<RoyK> setting up mpich2 on them these days...
<RoyK> dosen't ESXi support memory overcommit?
<patdk-wk> royk, yep
<patdk-wk> and memory dedup
<robo> and does it nicely too
<RoyK> for some stupid reason (price, that was, we're an institute, and get rather good prices from MS), my boss chose hyper-v over vmware
<patdk-wk> but when each vm is running 4-8gigs of ram
<RoyK> hyper-v is not for the faint-hearted
<patdk-wk> oh, I setup hyperv once, cause well, we had win2008 lic
<patdk-wk> the application failed to work properly in a win2003 hyperv guest
<patdk-wk> really strange issue
<patdk-wk> it was a webserver
<RoyK> excessive network traffic seems to bring down the VMs on hyper-v
<patdk-wk> ya :)
<RoyK> there's a hotfix available now, though - the MS guys installed that on one of the nodes today
<patdk-wk> the hyperv guest would get the http headers, and send a reply, but the reply would never make it to the network wire
<patdk-wk> I dumped hyperv after that
<RoyK> hehe
<patdk-wk> between that and lack of memory overcommit
<patdk-wk> my san just arrived at my house last week, haven't had any time to set it up though :(
<RoyK> I don't get why MS hasn't figured out memory overcommit
 * patdk-wk starts playing with 8gb fc at home :)
<RoyK> patdk-wk: probably useful in the winter, if you live in a place where it gets cold :P
<patdk-wk> hehe
<patdk-wk> I already hack a shelf of servers that are all poe
<patdk-wk> thinking about converting them all to san boot, diskless poe test machines
<patdk-wk> hmm, not poe, but wol
<adam_g> \
<RoyK> wol?
<Pici> Wake On Lan
<RoyK> k
<RoyK> but poe can't really drive a PC, can it?
<JanC> maybe if it's an ARM blade, but AFAIK those are not available yet  ;)
<RoyK> 25.5w for a PC seems a little low
<JanC> RoyK: depends on what "PC"
<RoyK> for an ARM or Atom, perhaps
<JanC> there are x86 SoCs that run at 1 W (GPU included)
<RoyK> SoCs?
<JanC> but I doubt those are used a lot in servers, outside of small home servers
<JanC> SoC = System-On-a-Chip
<JanC> basically most of your motherboard integrated in 1 chip, like they also use in smartphones etc.
<RoyK> ah - ok - but I don't think those will be much fun if you try to start a 3D game on them
<JanC> well, old 3D games should be possible  ;)
<JanC> and the x86 SoCs I know have much worse 3D GPU than high-end ARM SoCs
 * RoyK likes ARM
<RoyK> this guruplug is rather neat
<JanC> RoyK: you can play Full HD video on some ARM SoCs nowadays
<RoyK> I know
<RoyK> HTC Desire HD with HDMI output....
 * RoyK goes to find his old C128
<JanC> or a PandaBoard  ;)
<JanC> but there is a company working on 4-core & more ARM SoCs for blade servers AFAIK
<RoyK> aren't ARMs rather slow on FP?
<JanC> I guess that depends
<RoyK> also, even if you can pack them more densely than, say, Opterons, there's still a cost of splitting jobs into smaller and smaller pieces
<JanC> ARM just defines the main CPU architecture, and in recent designs they have some SSE-like instructions, but you could probably use specialised co-processors if you need heavy FP (similar to the DSP they use to decode video)
<JanC> RoyK: that depends on the type of job of course
<RoyK> met stuff
<RoyK> windfield simulations etc
<JanC> your users probably know best how well they can parallellize that  ;)
<patdk-wk> royk, I didn't mean poe, I meant to say wol instead, keep the rack of computers off, unless I need them :)
<RoyK> :)
<patdk-wk> but the ones I'm using are 2.6ghz p4's, and use about 46watts
<JanC> except on boot, I guess?  :P
<patdk-wk> why?
<patdk-wk> no harddrives :)
<patdk-wk> shouldn't use *that* much more on boot, I think the psu on them is 90watts
<JanC> then you are wasting a lot probably
<RoyK> wasting what?
<JanC> 90 W PSU's (and certainly older ones) probably aren't very efficient at 45 W
<patdk-wk> well, lets say it this way
<RoyK> IIRC most PSUs are most efficient at about 50% load
<patdk-wk> I dunno how much power the computer is using
<patdk-wk> the PSU draws 45 watts :)
<RoyK> or was that 30%?
<patdk-wk> my watt meter on the 120v line going to the psu says 45watts :)
<patdk-wk> how strange of me also, my workstation runs on 230v, but I haven't ran a 230v line to the *rack*
<RoyK> most PSUs today take anything from 100 to 250V
<patdk-wk> yep
<patdk-wk> I have always found 120v power annoying, and neutral wires even more annoying
 * RoyK just read about the .jp power grids - there are two of them! 50Hz and 60Hz
<patdk-wk> oh? are they converting to 50hz?
<patdk-wk> japan has always been a strange mix of usa and eu standards
<RoyK> the north runs on 50Hz, where the south runs on 60Hz
<RoyK> both on 110V, though
<RoyK> I don't see the point of running 110V systems when 380/400V systems are so much flexible
<patdk-wk> I don't see the point of 110v since a neutral is a waste of a power wire
<aBs0lut30> hey guys, anybody had any luck getting any of the newer(SCST,LIO) iscsi targets working??
<aBs0lut30> on natty that is...
<aBs0lut30> I can get SCST running but as soon as I attach vmware to a lun it wigs out... lio, well I cannot even come close to making that one work
<Calif> Hi, I'm trying to get dhcpd running. I am getting a permissions error when attempting to create the pid file. See: http://pastebin.com/TRp4TiQC
<ppetraki> aBs0lut30, how about a Linux client? does it react the same way?
<Calif> I have done a chmmod 777 /var/run
<Calif> removed the old pid file
<Calif> and i still get the permission error when I run dhcpd
<aBs0lut30> ppetraki: havent tried a linux client, but the win7 client seems to work just fine...
<patdk-wk> well. lio is new, I don't believe it's suppost to be that *stable* till kernel 2.6.42
<aBs0lut30> ppetraki: and I should clarify, I can connect vmware to the target, but as soon as I try and format a lun to VMFS it just hangs the server
<ppetraki> aBs0lut30, so LUN discovery, with any transport, is usually free of block level access
<aBs0lut30> am a bit curious as to why IETD is still the "default" iscsi package at this point... its a complete POS... IMHO
<ppetraki> aBs0lut30, e.g. connecting and writing to it are two separate things
<ppetraki> aBs0lut30, the win7 client, can you perform IO?
<aBs0lut30> not much, but I partitioned and formated a lun with no problems
<aBs0lut30> on the vm side, I do see a TON of command aborts once it tries to start writing to the lun
<ppetraki> aBs0lut30, well, that's sufficient, a handful of reads and writes
<ppetraki> aBs0lut30, so that tells me the Linux iSCSI server side of things isn't disfunctional
<aBs0lut30> yeah its really odd...
<aBs0lut30> ohh, there is one more thing... let me pastebin this real quick...
<ppetraki> aBs0lut30, I was just about to ask for logs :)
<aBs0lut30> http://pastebin.com/4Xszaxs5
<aBs0lut30> that is a fault I saw pop up once...
<aBs0lut30> let me grab some of the regular logs and throw out there as well...
<ppetraki> aBs0lut30, oh, vmware running on Linux, I automatically thought ESX :-p
<aBs0lut30> well it is ESX
<aBs0lut30> that fault is from the SCST side
<ppetraki> yeah, that looks real
<aBs0lut30> http://pastebin.com/cLrBkbB2 there is a snap of the dmesg output from SCST after I connect to the lun
<ppetraki> aBs0lut30, task wakes up to process a command and looks like it dies doing some refcount housekeeping
<ppetraki> aBs0lut30, bug it
<ppetraki> aBs0lut30, sorry :(
<aBs0lut30> me too :( stuck with the crappy IETD I guess... which sucks cause ESX is killing it like once a day...
<ppetraki> aBs0lut30, IETD? what's that?
<aBs0lut30> the old iscsi enterprise target...
<aBs0lut30> aka the iscsitarget package
<patdk-wk> I have only started playing with scst last week
<patdk-wk> plan on doing a lot of it soon, but didn't plan on much iscsi with it, mainly going use it for fc lun's
<aBs0lut30> if I could get it to work, SCST looks pretty easy to use...
<aBs0lut30> and from what I read/hear it works pretty well too...
<ppetraki> aBs0lut30, I know lots of about SCSI, haven't really had the opportunity to play with iSCSI yet though
<ppetraki> aBs0lut30, I can tell you though, that emulating a SCSI target is one of the most difficult things you can attempt in storage
<aBs0lut30> heh, and I am pretty much the other side of that coin...
<aBs0lut30> yeah... I can tell, hah
<ppetraki> aBs0lut30, this doesn't sound like a terrible bug, I'm surprised we didn't catch this in regression testing
<patdk-wk> oh? scst is included in natty?
<aBs0lut30> well, wouldnt be supprised to find out its something strange in my setup that is causing it...
<aBs0lut30> patdk: not really...
<ppetraki> aBs0lut30, if your clients obey the SCSI spec well enough, which I expect as much from VMware, then it's likely the target emulator screwed up somewhere in the translation
<aBs0lut30> based on what I am seeing that would sound about right... would love to know what the win7 client is doing that lets it work...
<ppetraki> aBs0lut30, that lets the win7 client run up until this point :). put some stress on that with iometer and I think you'll come to the same conclusion
<aBs0lut30> plus I had to jump through a number of hoops to get SCST to build/load... and one of the patches for the 2.6.38 kernel wont apply correctly... so there is no telling
<ppetraki> aBs0lut30, ooooh, now I get it :)
<aBs0lut30> yeah, forgot about that patch not going on until just now...
<SpamapS> adam_g: <impression voice="korn">ARE YOU READY?</impression>
<uvirtbot> New bug: #778076 in setserial (main) "package setserial (not installed) failed to install/upgrade:" [Undecided,New] https://launchpad.net/bugs/778076
<hallyn> SpamapS: regarding bug 280421, did you push my proposed package already?
<uvirtbot> Launchpad bug 280421 in ethtool "ethtool not available in post-ifup script" [Undecided,Confirmed] https://launchpad.net/bugs/280421
<SpamapS> hallyn: no I didn't see it in the queue. I suppose I can sponsor and then approve.. ;)
<hallyn> SpamapS: no, no
<hallyn> SpamapS: it's no good, pls reject
<SpamapS> hallyn: there's nothing to reject
<hallyn> <frown>
<hallyn> SpamapS: new one comin' atcha
<hallyn> SpamapS: oh, right, that's right.  you must have not seen my other irc msg.  I couldn't push, no perms.
<SpamapS> hallyn: hurry I want to go eat lunch. :)
<hallyn> well you can do this after lunch if you like
<hallyn> http://people.canonical.com/~serge/ethtool-src.tar.gz
<hallyn> has the src pkg
<SpamapS> a debdiff is fine
<hallyn> http://people.canonical.com/~serge/debdiff
<SpamapS> alright, will review later.. might be a while. :-/
<robo> hi: so I installed ubuntu but didn't have a network interface setup in vmware. It's now there but after I reboot it doesn't look like ubuntu detects it (dmesg |grep eth shows nothing and no eth0 in /etc/network/interfaces.) Is there a way to get ubuntu to detect the nic? lspci does show the vmware vmxnet3 ethernet controller
<hallyn> SpamapS: np, i consider myself done, if you dont' like how i did the changelog pls just hack it right in the debdiff since the two of us seem to have horrible communications latency :)
<Andre_Gondim> to use webmin I need to unlock root? if not what is the default user/passwd after instalation?
<guntbert> !webmin | Andre_Gondim
<ubottu> Andre_Gondim: webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system.
<Andre_Gondim> thanks
<WilliamHuffleswo> lol i put debian server on my old ubuntu server box to try it out and the load is so much less
<patdk-lap> load?
<WilliamHuffleswo> it's 0.01 now but with ubuntu server it was always around 0.80
<WilliamHuffleswo> confused :p
<patdk-lap> load means nothing :)
<patdk-lap> what was running?
<patdk-lap> using all the cpu time?
<WilliamHuffleswo> I just had a clean install and it never seemed to work very well, but debian is much better
<WilliamHuffleswo> does ubuntu put extra stuff on it that you don't really need?
<ScottK> The default install is similar for servers
<elliot_just_for_> :)
<JanC> if you have a load of 0.8 on an idle system, you should investigate what's wrong...
<WilliamHuffleswo> it's weird though it only did that with ubuntu
<WilliamHuffleswo> idle with debian is from 0.00 to 0.01
<ScottK> Some of the security features (see https://wiki.ubuntu.com/Security/Features ) do cause some marginal CPU usage increase, but nothing like that.
<robo> does ubuntu use /etc/resolv.conf? I don't see it
<robo> oh, looks like i have to manually create it. All because i didn't have a ethernet card added
#ubuntu-server 2011-05-06
<Macer> er
<SpamapS> hallyn: Uploaded your patch to lucid-proposed, with an additional symlink from /usr/bin/ethtool to /sbin/ethtool so that peoples' scripts won't be broken if they've explicitly set the path.
<hallyn> SpamapS: thanks, since I had to respin anyway I shoulda done that!
<Jeffsi> hey guys, no matter what i do im not able to install ubuntu server, ive tried on 2 diferent pc's and in vmfuion on a mac and nothing is working, anyone have any experiance with ubuntu server?
<Jeffsi> anyone in here that could possibly help?
<jmarsden> Jeffsi: It might help if you said what happens when you try to install it, what error message you see, or something specific like that? :)
<Jeffsi> ive had so many problems, the major one probably being that i cannot install on my old win 98 or me computer(it just shows a black screen with a blinking curser)
<jmarsden> Jeffsi: That's likely to be a VERY old PC... what sort of CPU and how much RAM does it have, and what version of Ubuntu Server are you trying to install?
<Jeffsi> this happens when i throw in the install disk i burnt
<Jeffsi> 1 moment
<Jeffsi> http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00191402&lang=en&cc=us&taskId=&prodSeriesId=96393&prodTypeId=12454
<jmarsden> Jeffsi: So 500MHz Celeron and 64MB RAM, I think I am reading??  64MB is too little RAM for Ubuntu Server, see https://help.ubuntu.com/community/Installation/SystemRequirements#Ubuntu%20Server%20%28CLI%29%20Installation
<jmarsden> Minimum stated there is 128MB, even that may be too little now.
<Jeffsi> theres 2 in there so 128
<jmarsden> Does this CD you created boot Ok on other (more modern) PCs?
<Jeffsi> all i want is a somewhat simple print server/ backup box
<Jeffsi> i have like 3 or 4 now with diferent versions and some do
<Jeffsi> i was trying to install this on to the main HDD on a different computer and i am able to boot up the installer but always run in to trouble before i can install
<jmarsden> "always" and "run into trouble"?  Be specific please.  "When I boot a CD containing Ubuntu Server 10.04 (i386), it does *this*"  would at least give us a chance of helping you out.
<jmarsden> Do you have the other PC, the one you can get the installer to boot on, available now to attempt an install?
<Jeffsi> well on my compaq that i want this to eventually be on it is always with every disk i have tried(both LTS/ newest and i think i was using 64 and maybe a 32) giving me a black screen with a blinking text curser
<Jeffsi> and im atempting to install it on the other computer right now
<Jeffsi> is it possible that im just being impasiant with my compaq? if i remember correctly i have been waiting like 10-20 min then hard reseting
<jmarsden> On an old Celeron from 10+ years ago, an amd64 (64bit) ISO is not going to work, more or less by definition.  Use the i386 (32bit) version for older machines.
<twb> Jeffsi: unless you have some burning desire to make this hardware work, you REALLY should just lay down $200 and get a much better machine
<jmarsden> I think it is more likely the CDROM drive of the old machine is flaky, but it is hard to say.  You should at least see the installer menus in less than 10 minutes.
<twb> Even compared to contemporary hardware, compaqs were a right pain in the arse -- completely non-fungible
<Jeffsi> eventually i may but right now i cant afford that so i do really want to get this working for now
<jmarsden> Even just $60 or $70 should get you a P4 with 512MB and 80Gb HD on ebay :)
<Jeffsi> The CD-ROM does not seem to contain a valid 'release' file, or fie could not be read correctly.
<Jeffsi> what should i search on ebay for something like that?
<jmarsden> Jeffsi: Sounds like a bad CD or a bad CDROM drive.  If you boot it and run the Test this CD menu item does it pass?
<jmarsden> http://cgi.ebay.com/HP-COMPAQ-PAVILION-DX2200-P4-3-06GHZ-1G-80G-HDD-NO-OS-/290560612338?pt=Desktop_PCs&hash=item43a6c317f2 is one ending in 10 minutes :)
<Jeffsi> id prefer to attempt to bring back this old dinosaur i have now and buy one later in the summer if needed
<jmarsden> Jeffsi: I'd search for "desktop pc" and then narrow the search by price and specify at least 512MB RAM and see what you can find.  Try asking for only a dualcore CPU if you think you will get lucky :)
<jmarsden> Jeffsi: On the machine you burned the CD on, did you verify the md5sum of the burned disk?
<jmarsden> See https://help.ubuntu.com/community/HowToMD5SUM
<Jeffsi> no, should i try n do that?
<jmarsden> Yes.  It helps to know the CD is good :)
<Jeffsi> i have tried like 4 of em id think at least 1 would work
<jmarsden> Why guess, when there is a clearly documented way to test and be certain?!
<Jeffsi> where can i download it?
<jmarsden> Dowload what?  Read the HowToMD5SUM page.  It has links to md5sum tools for Windows and Mac OSX etc. etc.
<Jeffsi> says the windows program is being updated?
<Jeffsi> or the site is
<qman__> it'll work with 128, just
<qman__> if you want to run anything on it you'll need at least 256 though
<jmarsden> Jeffsi: Yes, and on the page saying that is also has a link saying "Download WinMD5Sum" -- use that link :)
<qman__> my shell server is a K6 200MHz with 256MB, and it's just barely hanging in there
<qman__> only reason I'm still using it is its dead reliable
<qman__> more reliable than all the junk P4-ish things I have laying around
<Jeffsi> any other os's i could maybe use?
<jmarsden> I need to go eat, may be back later on.
<Jeffsi> ok
<qman__> nothing that's really up to date
<twb> You can't install current debian/ubuntu with qemu's default ram allocation, though you can boot that way
<qman__> windows 2000 or older will work, as will most linux 2.4 kernel based distros
<twb> When I tried it finished the install, but only because (AFAICT) dpkg had been OOM-killed a few times, so some things weren't actually installed
<qman__> or anything where you compile your own reduced feature set kernel
<twb> qman__: openwrt has 2.6 builds that run on 16MB NV, 32 V
<qman__> yeah, 2.6 isn't the problem, it's just that most 2.6 distros have everything turned on for compatibility
<twb> Of course, they aren't running desktop-y stuff :-)
 * twb hugs "make localyesconfig"
<qman__> and the kernel alone is about 10MB
<twb> -rw-r--r-- 1 root root 2.0M Jan  8 03:51 /boot/vmlinuz-2.6.37
<twb> That's a module-less targeted kernel
<qman__> nice
<qman__> my shell server is running the 386 kernel in the repos
<qman__> 3.9M kernel, 7.7M initrd
<twb> Current kernels you can say "make localyesconfig; make localmodconfig" and it'll turn things off/off to target the current system
<twb> qman__: oh, and that was x86-64
<qman__> of course you have to get the system installed in the first place to do that
<twb> right
<qman__> plus ubuntu has a pretty fancy userspace
<qman__> the memory used is negligible on modern systems, but trying to cram it into 128MB isn't going to be fun
<twb> IMO it is WRONG to just assume a "modern" system has gigabytes per user :-/
<twb> Java people do that out the wazoo
<qman__> yeah
<twb> Or for init(8) to need a userspace IPC daemon before it can actually start doing its job :-/
<twb> Bloody kids
<twb> Get off my lawn
<qman__> wow
<qman__> removing four old kernels from my server, apt says 397MB will be freed
<qman__> a bit much is an understatement
<twb> Yeah, debian kernels are around 100MB each
<twb> Most of that is [M] drivers though
<qman__> fair enough
<qman__> the drive is only 10GB though
<qman__> wish it would just automatically remove kernels it's not going to use, and just keep two
<qman__> the currently running one and the latest one
<twb> qman__: it would if you allowed it to
<twb> qman__: that behaviour is specifically disabled in /etc/apt/apt.conf.d/ to prevent an upgrade making the system unbootable
<qman__> ah
<twb> 01autoremove here
<qman__> I thought it used to at some point, and it stopped
<twb> Obviously, edit that with care :-)
<crazifyngers> hey guys i'm having an issue with mdadm seeing my raid array after a reboot.  anyone available to help out?
<brannig> Just noticed my 10.02 VPS host is running the *.32-22 kernel instead of the *.32-31. Reboot didn't fix after safe-upgrade. Also noticed that I have two grub.cfg's. One in /boot/grub and the other in /boot/boot/grub. (http://paste.ubuntu.com/603975/) It is the latter that seems to be loading the -22 kernel. I'm thinking of aptitude removing linux-image-2.6.32-22-generic-pae to resolve this: That a decent idea?
<noaXess> good morning
<noaXess> if i ssh/login into my 10.04.2 servers i get the welcome message twice... one without information about updates, the other with inforation about updates.. the second one is wrong, cause all updates are installed..
<twb> noaXess: that's been happening a lot lately
<twb> noaXess: the junk to update motd isn't working for some reason
<noaXess> twb: how to fix that?
<twb> I dunno yet
<twb> If you work it out tell me
<noaXess> twb: ok.. nop....
<noaXess> twb: which script creates this information?
<twb> noaXess: /etc/motd-update or something
<noaXess> twb: ok thanks...
<twb> I remember because some idiot decided to introduce it into Debian right before a release, and pissed me off
<jmarsden> /etc/motd-update.d/*    # I think
<noaXess> motd: http://pastebin.com/Zi6EMeVD
<uvirtbot> New bug: #778305 in bacula (main) "package bacula-director-mysql 5.0.3-0ubuntu2 failed to install/upgrade: le sous-processus script post-installation installÃ© a retournÃ© une erreur de sortie d'Ã©tat 1" [Undecided,New] https://launchpad.net/bugs/778305
<Guest29395> hey
<Guest29395> i'm using ubuntu 11.04, since a day or 2 evolution doesnt send my mails anymore
<Guest29395> receiving is no problem
<dave_> can anyone help me
<dave_> ??
<slim_> hello all, is there how to configure dns server for ipv6 ?
<jamespage> slim_: try this - https://wiki.ubuntu.com/DHCPv6
<slim_> thanks jamespage
<jamespage> bah - no thats DHCP - I should read things prop before responding
<slim_> dhcpv6 already working , the needed is dns, i search for it now
<twb> jamespage: you don't need DHCPv6 to configure DNS (IIRC)
<twb> Most of it's built into ICMPv6 now
<jamespage> twb: yeah I know - I was just having one of those morning moments....
<uvirtbot> New bug: #778392 in eucalyptus (main) "[UEC 2.0+bzr1241-0ubuntu4.1] Unstable state for the iscsi daemon" [Undecided,New] https://launchpad.net/bugs/778392
<Ztripez> i have set up our production server with ldap pam.. what would be best practis to give the members of the "developers"-(ldap)-group write access to /var/www/projects?
<talntid2> Can someone help me test my fail2ban configuration? All I need you to do, is try to connect to my server and give it some bad login credentials about 5 times. the hostname is: SpokanePCRepair.com
<talntid2> SSH, of course
<ppetraki> talntid2, so what should the failure look like on my side?
<ppetraki> talntid2, it's not even prompting me for a password after 3 login attempts
<ppetraki> talntid2, so I guess it's working?
<ppetraki> talntid2, http://pastebin.com/Mkp4TVny
<talntid2> perfect
<talntid2> exactly what it should be doing
<talntid2> much appreciated, ppetraki.
<ppetraki> talntid2, np
<zul> SpamapS: im going to hold off the mysql merge ;)
<SpamapS> zul: Yeah, probably a good idea. I was talking w/ Norbert about possibly getting 5.5 into Debian soon .. he wants to work on it starting next week.
<zul> SpamapS: sweet
<ergonaut> EC2 or cloud specific question.  Where can I find documentation on the cloud-specific packages installed on the Ubuntu server images in Amazon EC2?  E.g. cloud-utils, etc.
<scalability-junk> you mean the uec?
<scalability-junk> ask in #ubuntu-cloud
<econ> I have a question about iptables if anyone can help me out. I set up my server so I can route my internet browsing from a wifi hotspot to it through ssh. I got this working, and then went to set the iptables. I allowed ssh, port 80, loopback and then set it to drop the rest. Now I can't load web pages. I think I need to allow the port for my SOCKS Host, which is 9999. I tried the command "sudo iptables -I INPUT -p SOCKS Host --dport
<econ> 9999 -j ACCEPT" but get the response "Bad argument 'SOCKS'". Can someone help me with how to enter this in correctly, or tell me if what I'm doing in general makes sense? Thanks.
<lynxman> econ: -p is the protocol in iptables, so -p tcp --dport 9999 should do the trick for you, if you want to specify the socks host use -d xx.xx.xx.xx
<uvirtbot> New bug: #778588 in libcommons-fileupload-java (main) "[BLOCKED] Sync libcommons-fileupload-java 1.2.2-1 (main) from Debian unstable (main)" [Wishlist,Incomplete] https://launchpad.net/bugs/778588
<uvirtbot> New bug: #778589 in mysql-5.1 (main) "package mysql-server-5.1 5.1.54-1ubuntu4 failed to install/upgrade: underprocess installerade post-installation-skript gav felkod 1" [Undecided,New] https://launchpad.net/bugs/778589
<robo> hi: so in vmware I cloned a machine to a new machine. When I bring up that new machine it says that udev renamed network interface eth0 to eth1. I'm guessing it's because of the new mac address of the NIC?
<robo> is there a way to bring eth0 up?
<robo> n/m, i think i need to nuke /etc/udev/rules.d/70-persistent-net.rules
<robo> hmm, fresh ubuntu 10.04LTS install. If i type apt-cache search apache or apt-cache http no apache packages return. Do I need to enable some respository?
<aBs0lut30> how do you view the CPU affinity for a process?
<morecheese> hi all. getting a segmentation fault when using medusa... "error 6 in libc-2.11.1.so". tried reinstalling libc6 and medusa, still getting it.
<aBs0lut30> anybody know of a good iSCSI channel?
<dassouki> I just got meself a linux host. What I'd liek to do is move my email and website to it as well as build some form of file access. I have about 8gb of CAD files from my company that i'd liek to mvoe to the web as I work from different locations and coutnries
<dassouki> How can I set up my server to have such file system with a relatively secure manner
<aBs0lut30> dassouki: your linux host, you mean as in a hosted server, or hardware you have?
<dassouki> aBs0lut30: linode that i've been using for a year or so
<aBs0lut30> gotcha... well there are probably a thousand diffrent ways to do what you want, but the quickest, easiest, and most secure would be to use SCP/SFTP
<aBs0lut30> runs over SSH so if you have shell access no extra setup required(unless its turned off in the config...)
<dassouki> aBs0lut30: I'm using sftp now on a folder outside of /var/www obviously, I'd like to move to something more user friendly
<aBs0lut30> gotcha... well... let me think...
<aBs0lut30> tell me what you have in mind by "more user friendly"
<aBs0lut30> one thing that comes to mind would be to use WEBDav
<aBs0lut30> would let you open it in windows explorer and browse/open/move(etc) files... a bit slow IMHO though
<dassouki> Something like dropbox I guess, but with a local mirror
<jetole> Does anyone know if there is a way for me to install a previous version of a package through apt-get or aptitude?
<dassouki> aBs0lut30: i guess the issue is with sftp i end up stuck with local and remote copies, I'd like to eliminate that. Second I'm not looking for source control, as a lot of times I need to open up all versions of a design/doc and look at them
<aBs0lut30> so, basicly something to store the data backend and then sync changes to/from the client?
<dassouki> jetole: i'm not sure that's possible
<dassouki> jetole: but try #ubuntu perhasp
<dassouki> aBs0lut30: automatic syncing as in if the version is different don't write over, just write a new file with a time stamp
<jetole> dassouki: well I tried there last night but this is for a server and you do get better answers in here so
 * jetole shrugs
<dassouki> jetole: how about ubuntu.stackexchange.com
<dassouki> i think that's teh address anyways
 * jetole looks
<aBs0lut30> jetole: try giving it a full package name with version and the force option
<aBs0lut30> dass: one thing that also comes to mind would be rSync... not sure how well that plays with windows though
<jetole> aBs0lut30: do you know how I can see the list of version names. I did a force upgrade with libldap on hold since I custom compiled the package to use openssl instead of gnutls. this force uninstalled openldap server though which requires version X or higher of libldap
<aBs0lut30> dass: take a look at this... never used it myself, but may be along the lines of what you want http://www.cis.upenn.edu/~bcpierce/unison/
<aBs0lut30> jet: http://blog.andrewbeacock.com/2007/03/how-to-install-specific-version-of.html
<jetole> dassouki and aBs0lut30: I think I found the answer: http://www.skorks.com/2009/07/downgrading-a-ubuntu-package/
<jetole> aBs0lut30: thanks
<aBs0lut30> np
<dassouki> i wish there were a dropbox implementation
<aBs0lut30> well one other thing to look at(I really have stayed away from it cause i just dont like the idea...) the Ubuntu Cloud setup might have something that could help you... from the bit I have read its really meant to deliver apps/data over the net...
<dassouki> ya i'm not sure I want to be on the cloud
<dassouki> a lot of the data I use is client confidential
<aBs0lut30> well, they have some "cloud" software designed for private cloud setups
<aBs0lut30> I hear ya there, I am the financial sector so thats the main reason I have stayed away from it...
<aBs0lut30> plus just dont have the time to learn something new
<robo> do I need to enable some repository to get apache2? Fresh 10.04lts install
<robo> if I run apt-cache search apache2 nothing returns
<NoqturnalX> Can you run squid-deb-proxy alongside regular squid?
<ruben23> hi guys any idea on setting up a jabber server on my ubuntu-server..
<giovani> ruben23: ejabberd is pretty popular
<robo> oh, i had to run apt-get update. I need to do that after a fresh install?
<ruben23> giovani:any how to do it..?
<giovani> ruben23: plenty of documentation online
<aBs0lut30> hey guys, anybody know if there is a way to slave nic's without ifenslave? got a box that I reloaded and the switch is already setup for LACP, and wont bring up the interfaces so i cannot get to apt to install ifenslave :(
<hallyn> zul: are you around?
<hallyn> zul: do you mind uploading http://people.canonical.com/~serge/lxc_0.7.4-0ubuntu8-package.tar.gz ?
<zul> hallyn: sure
<hallyn> zul: thanks
<hallyn> zul: now i really have got to look into getting upload rights to the debian lxc package
<zul> hallyn: yes tell me about it
<hallyn> i've not the slightest clue how, but time to start googling (and email guido)
<zul> email guido i think
<zul> hallyn: done
<stgraber> hallyn: yeah!
<uvirtbot> New bug: #778701 in samba (main) "package samba-common 2:3.5.8~dfsg-1ubuntu2.1 failed to install/upgrade: le sous-processus script post-installation installÃ© a retournÃ© une erreur de sortie d'Ã©tat 1" [Undecided,New] https://launchpad.net/bugs/778701
<Juv1228> hello
<Juv1228> im having trouble installing 11.04 from the release CD
<Juv1228> i managed to get to installing base system then it asked for the cd labeled Ubuntu-Server 11.04 _Natty Narwhal_ - Release amd64
<Juv1228> where my cd is labeled Ubuntu-Server 11.04 "Natty Narwhal" - Release amd64
<Juv1228> also, the CD passed the integrity checks
<guntbert> Juv1228: I'm a little confused - now you said "after the installation" and before you said you are in the middle of install ?
<Juv1228> guntbert, let me clarify
<Juv1228> following the install CD's prompts i get to the "Install Base System" step
<Juv1228> hit enter, it starts doing its thing, then at roughly 90% of the way through that step is when it asks for the other CD
<guntbert> Juv1228: I see .. I haven't installed server in a while it seems - so no help from me - sorry, but it looks like your CD drive might be faulty
<Juv1228> i guess, it was the CD image from the main download page for ubuntu server and has passed integrity checks on the boot menu
<alaing> I have a headless ubuntu-server and I'm running php 5.1 who do I upgrade it from shellprompt?
<Juv1228> http://www.ubuntu.com/download/server/download
<Juv1228> its the ISO from there, i just hit "download"
<guntbert> !md5sum | Juv1228
<ubottu> Juv1228: To verify your Ubuntu ISO image (or other files for which an MD5 checksum is provided), see http://help.ubuntu.com/community/HowToMD5SUM or http://www.linuxquestions.org/linux/answers/LQ_ISO/Checking_the_md5sum_in_Windows
<guntbert> and Juv1228 : might the *drive* be faulty?
<Juv1228> not to my knowledge, its fairly new and ive installed several OS's using it
<Juv1228> also, isnt that what the integrity checks do on the CD's boot menu?
<guntbert> Juv1228: the integrity check runs check on the files, you can run one on the whole iso too, and about the drive - I'm just trying to find a cause
<Juv1228> idk, it seems more like the image was built incorrectly or something
<Juv1228> or one single part of the installer is looking for a CD labeled Ubuntu-Server 11.04 _Natty Narwhal_ - Release amd64
<Juv1228> and wasnt updated or some such
<Juv1228> seems like im not the only one
<Juv1228> http://ircanswers.com/ubuntu/629471/installing-scratch-ubuntu-server-20110426-mediacdrom
<guntbert> Juv1228: *blush*  - only now I see the real difference - sorry for the fuss about md5sum -- if there are more please consider filing a bug report
<Juv1228> guess ill just use the mini iso
<Juv1228> that guy said it worked, so here we go!
<Juv1228> just to confirm for anyone wondering, the ubuntu 11.04 amd64 release CD does not work for me, but the mini cd does
<Juv1228> so it appears some house-keeping needs to be done on the 11.04 server cd images
<guntbert> Juv1228: please consider filing a bug report
<Juv1228> sorry for my stupidity, but ive never had to file one
<Juv1228> where exactly do i do it? lo0l
<guntbert> !bug | Juv1228
<ubottu> Juv1228: If you find a bug in Ubuntu or any of its derivatives, please file a bug using the command Â« ubuntu-bug <package> Â» - See https://help.ubuntu.com/community/ReportingBugs for other ways to report bugs - Bugs in/wishes for the IRC bots (not Ubuntu) can be filed at http://bugs.launchpad.net/ubuntu-bots
<Juv1228> thanks
<guntbert> Juv1228: you need to create a launchpad account
<Juv1228> i assume my ubuntu sso thing will not work?
<guntbert> Juv1228: it should
<bencc> how do I uninstall a server I installed with ./configure && make && sudo make install
<Pici> bencc: there isn't a standard way of removing things like that.  You could check if the makefile specified an uninstall or remove target. Or next time, use checkinstall and usually you'll be able to somewhat cleanly remove it by removing the package.
<Pici> !checkinstall
<ubottu> checkinstall is a wrapper to "make install", useful for installing programs you compiled. It will create a .deb package, which will be listed in the APT database and can be uninstalled like other packages. See https://help.ubuntu.com/community/CheckInstall - Read the warnings at the top and bottom of that web page, and DO NOT interrupt CheckInstall while it's running!
<bencc> Pici: I will, thanks
<Pici> bencc: If you're really in a bind, I guess you could reinstall the program using checkinstall this time and then remove it.  Its all a bit iffy though.
<bencc> Pici: I agree
<bencc> deb packages rock
<Juv1228> Pici, wow, thanks for that link
#ubuntu-server 2011-05-07
<aBs0lut30> hey guys, was just looking at the HA stacks available, didnt realize that there had gotten to be so many... any thoughts on which one is best? am using heartbeat on a cluster now and am just not that impressed with it...
<adam_g> aBs0lut30: You have choices as to what you can run for the lower-level messaging layers, but at the top you'll probably want pacemaker
<aBs0lut30> adam_g: was just doing some more reading on the subject... looks like the main contenders for the messaging layer are still heartbeat(didnt realize that it was just that part, as I am using it for the while thing on my old, and very unreliable cluster) and OpenAIS, OpenAIS seems to be the better way to go??
<adam_g> aBs0lut30: you're running which version/style of heartbeat? v1 / haresources or v2 / CRM?
<aBs0lut30> great question... let me check
<adam_g> aBs0lut30: in other words, do you configure the clustered services via /etc/ha.d/haresources or via the CIB ?
<aBs0lut30> looks to be 2.1.3
<aBs0lut30> ahh, haresources
<adam_g> yeah, old school
<Jasonn> What is a load average?
<aBs0lut30> not supprised... its running openfiler as the distro...
<aBs0lut30> jasonn: as far as CPU load? or IO load? as its running as a iscsi target... am getting off it for SCST....
<Jasonn> aBs0lut30: CPU
<aBs0lut30> either way, load isnt that high most of the time on either front...
<adam_g> aBs0lut30: basically heartbeat was gutted. pacemaker is used now to manage the actual clustere resources, and can use either corosync or heartbeat for cluster communication.
<aBs0lut30> CPU stays fairly low, avg less than 10%
<Jasonn> What is a high load average?
<Jasonn> and why are there 3 of them?
<aBs0lut30> adam_g: in your opnion, which is best as far as functionality and community support??
<aBs0lut30> highest I have ever seen the CPU load is about 70% but only for a couple of minutes... really hard to get it that high
<Jasonn> Mine shows it as numbers
<Jasonn> like
<Jasonn> 0.25
<Jasonn> 0.90
<Jasonn> 1.25
<Jasonn> like in htop
<JanC> Jasonn: https://secure.wikimedia.org/wikipedia/en/wiki/Load_%28computing%29
<adam_g> aBs0lut30: both are currently supported and maintained. corosync is actively developed, heartbeat only recieves bug fixes and will eventually go away in favor of corosync. if you're doing a basic 2 node HA cluster, heartbeat would work fine. if you're doing larger, more complex installations you'd probably want corosync.
<aBs0lut30> jasonn: what you looking at for that?? I am just looking at top for my numbers
<Jasonn> JanC: Thanks :d
<Jasonn> aBs0lut30: htop
<aBs0lut30> jasonn: yeah, such an old/broken setup I dont even have that...
<Jasonn> lol
<Jasonn> How do I improve the performance of the processor?
<Jasonn> I want to run a virtual box
<aBs0lut30> adam_g: cool, thanks for the info... prob go with corosync as at this point it is a nice basic 2node setup, but who knows what tomorrow will bring
<Jasonn> and I have a dual core 2.8GhZ (per core)
<Jasonn> and its going REALLY slow
<JanC> http://serverfault.com/questions/67759/how-to-understand-the-memory-usage-and-load-average-in-linux-server might be useful too
<aBs0lut30> jasonn: does the CPU have VM extensions, and are they on in bios?
<Jasonn> aBs0lut30: no, and now
<Jasonn> no*
<Jasonn> well, if it does, I didnt set them
<aBs0lut30> ahhhh.... that sucks...
<aBs0lut30> intel or AMD?
<Jasonn> Intel
<aBs0lut30> Xeon?
<Jasonn> Hmm
<Jasonn> lemme see
<adam_g> aBs0lut30: np. you'll probably spend more time learning about pacemaker than the actual messaing system. but good luck..
<Jasonn> Pentium D
<adam_g> aBs0lut30: www.clusterlabs.org is a great resource, btw
<aBs0lut30> ahhh, prob not then...
<aBs0lut30> adam_g: cool, thanks, will check it out :) now if I can just get DRBD to behave I will be in good shape
<JanC> some Pentium D have hardware virtualisation
<Jasonn> How do I check if mine does?
<aBs0lut30> true... if memory serves not many...
<aBs0lut30> jasonn: see if you can track down the model number and you can look it up either on wikipedia or intel's site(if you want to spend hours digging :)
<Jasonn> xD
<aBs0lut30> all I can say is I am amazed at the performance difference between a REALLY strong box with no VMx and a ok box with :)
<Jasonn> Is there somewhere I can check to see if it has it?
<JanC> grep -l vmx /proc/cpuinfo
<aBs0lut30> there is, let me see if I can remember it.... or theres that
<Jasonn> JanC: Didnt give me anything
<Jasonn>  just went to the next line
<aBs0lut30> jasonn: shoot me the model and I can look it up real quick... try cat /proc/cpuinfo and see what it dumps
<JanC> then it has no hardware virtualization (or the BIOS disabled it)
<JanC> aBs0lut30: for intel the PU flag is "vmx"  ;)
<aBs0lut30> yeah, but like you said, only if its turned on :)
<Jasonn> aBs0lut30: http://pastebin.ubuntu.com/604281/
<JanC> CPU flag
<Jasonn> How do I check if BIOS disabled it? and roughly how much is a better processor
<Jasonn> JanC: How do I check if the processor is 2.80GhZ on the whole processor or per core?
<aBs0lut30> humm... actually dont see any of the pentium D's with vm...
<Jasonn> D:
<Jasonn> How much would a better processor with that be?
<aBs0lut30> yeah I hear ya...
<aBs0lut30> depends on the mobo you have and if it supports anything better
<Jasonn> IBM shitboard
<Jasonn> err
<aBs0lut30> also, what are you using for VM? Xen, VMWare...
 * Jasonn censors that 
<aBs0lut30> lol
<Jasonn> VB OSE
<Jasonn> I have the IBM thinkcenter
<Jasonn> I found it at some guys house
<Jasonn> he was moving out
<Jasonn> and I was like can I have this
<Jasonn> and he was like I dont care
<Jasonn> so I took it
<Jasonn> Added some more ram and it runs horribly
<Jasonn> D:
<aBs0lut30> ahhhhh... well I can tell you, to get better performance out of it, take it out, tie it up behind your car and floor it ;)
<Jasonn> lol
<aBs0lut30> never used VB actually... one thing you can try is running vmware server... might be a bit better...
<aBs0lut30> how much ram you got?
<shauno> I'm almost jealous. here I thought you couldn't give away a pentium D .. and someone managed it :)
<Jasonn> 2.5GB
<aBs0lut30> ROFL
<aBs0lut30> well not to bad...
<Jasonn> Dont worry, my laptop has 8GB
<Jasonn> xD
<JanC> ah, I found the command to check for HVM-support  :P
<Jasonn> quad core
<JanC> 'kvm-ok'
<aBs0lut30> well, if the mobo would take it, a core2 would probably be about the best you could do, maybe a low end xeon...
<aBs0lut30> if the mobo would hold a xeon, could probably get a used one from eaby for 70 bux or so...
<Jasonn> Hmm
<aBs0lut30> maybe less than that...
<Jasonn> shauno: Wait, are you saying that the pentium D is bad?
<Jasonn> I just took it cuz I was like oh, free computer,
<JanC> so if anybody needs to check HVM-support for their CPU, just run "kvm-ok"...  ;)
<Jasonn> aBs0lut30: And at a store?
<aBs0lut30> also, might want to see if you could find an amd chip that runs VM that could go in it...
<shauno> Jasonn: I'd probably have done the same.  but I've a celleron D here that's useful for keeping the door open.  I couldn't comment on the non-cellery models (but already did ..)
<aBs0lut30> janc: VERY cool! learn something new every day
<Jasonn> JanC: INFO: Your CPU does not support KVM extensions
<JanC> the Pentium D was a rather cheap CPU for desktop computers, several years ago...
<aBs0lut30> well, like I said, might get a *LITTLE* better performance out of vmware server... maybe
<Jasonn> Is it worth getting the processor?
<aBs0lut30> only one VERY small step above the crapERON
<Jasonn> I am getting a new comp in september
<aBs0lut30> well, if you could find one cheap that has vmx that will run in that box... I would say so...
<JanC> I think almost all new CPUs have HVM-support now
<JanC> except for Atom style ones  ;)
<aBs0lut30> yeah, but its an older thinkcenter, no telling what it will run
<Jasonn> Hmm
<Jasonn> I can get the model if you like
<aBs0lut30> HAH, can you believe they want to put vmx on those too??? how useless is that
<aBs0lut30> send it on
<aBs0lut30> I can take a look
<Jasonn> 8215-GCU
<Jasonn> MT-M
<JanC> aBs0lut30: if I understand correctly, WinXP compatibility mode in Windows 7 needs vmx  ;)
<aBs0lut30> yeah, think so
<JanC> (and some people with a Sony VAIO laptop which disabled that in the BIOS weren't too happy about that ;) )
<aBs0lut30> LOL, I bet
<JanC> as in disabled without opt ion to enable
<aBs0lut30> jasonn: looks like it will run a P4 let me see if I can find out which one
<Jasonn> aBs0lut30: Thanks :D
<JanC> yeah, Pentium D and Pentium 4 were used on the same motherboards
<JanC> and there certainly are a small number of Pentium 4s that have vmx
<aBs0lut30> jasonn: P4 661 support VMx and will run in that box
<Jasonn> :D
<Jasonn> Anything better?
<aBs0lut30> jasonn: http://cgi.ebay.com/Pentium4-P4-661-3-6GMHz-LGA775-2M-800MHz-Free-shipping-/140506422575?pt=CPUs&hash=item20b6d5dd2f#ht_1917wt_905
<aBs0lut30> nope, thats the top end it will run
<aBs0lut30> but not bad, its a 3.6ghz with 2MB
<Jasonn> dual core?
<Jasonn> And will I have to do a fresh install or change anything to upgrade it?
<aBs0lut30> nope... single core, but HT...
<Jasonn> And is that just as good?
<Jasonn> Oh yeah
<aBs0lut30> jasonn: if everything is stock, wouldnt think so...
<Jasonn> is my processor 2.80GhZ/core
<aBs0lut30> well dual core is better, but only by MAYBE 15%...
<Jasonn> is my processor 2.80GhZ/core??
<aBs0lut30> rule of thumb is HT is 1.5x rated CPU speed, dual core is like 1.7x
<aBs0lut30> umm, let me see
<Jasonn> Thanks :s
<Jasonn> :D
<Jasonn> Ill but it right now if it is not per core
<Jasonn> otherwise, Ill still buy it
<Jasonn> xD
<Jasonn> Its free shipping to Canada
<Jasonn> :d
<Jasonn> :D *
<aBs0lut30> ohh, I see what you mean... dont really think about it like that... the cpu itself runs at 2.8, and each core runs at 2.8, BUT its still time sliced, and on the same chip using the same bus, so your not gonna get 5.6...
<aBs0lut30> gonna get maybe 3.5
<Jasonn> Ohhh
<aBs0lut30> probably be about a wash... but you get VM :)
<Jasonn> ok
<Jasonn> :D
<Jasonn> Hmm
<Jasonn> lemme go see if I can talk my mom out of $58
<aBs0lut30> haha, good luck :)
<aBs0lut30> now, if I can get the guys to wake up over in #DRBD :(
<Jasonn> lol
<aBs0lut30> just make sure to update the bios, and go in and find the VM option and turn it on...
<uvirtbot> New bug: #778837 in samba (main) "package samba-common 2:3.5.8~dfsg-1ubuntu2 failed to install/upgrade: cannot access archive: No such file or directory" [Undecided,New] https://launchpad.net/bugs/778837
<uvirtbot> New bug: #778842 in postfix (main) "package postfix 2.8.2-1ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 75" [Undecided,New] https://launchpad.net/bugs/778842
<kellnola> anyone with experience crafting SLA's here?
<bmw123> hi all
<bmw123> question:  when I log onto ubuntu server, I get the following msg, "26 packages can be updated.  14 updates are security updates."  but I had already did a aptget upgrade and update and nothing is left to update???  any idea??
<kellnola> not sure how the motd gets updated ...
<kellnola> as in I mean not sure if apt-get updates /etc/motd, which is that message
<bmw123> ahhh...
<kellnola> it might be cron'd
<bmw123> normally it seems to work, just this time around, it still has that message there
<bmw123> somone told me i need to do a distro update
<bmw123> is that important
<bmw123> ?
<kellnola> bmw123, bad advice
<kellnola> do dist upgrade when you can
<bmw123> thats what i thought
<bmw123> doing a distro upgrade is a major thing right?
<kellnola> is it LTS or no?
<bmw123> 10.04.02 LTS
<kellnola> on a server, uh, YES. on a home desktop, probably not
<bmw123> what will a distro upgrade do to it?
<kellnola> that is supported for a few more years
<bmw123> ahh k
<kellnola> you can't dist-upgrade LTS since there isn't a new LTS to upgrade to until next April
<bmw123> ahhh....
<kellnola> 12.04 will be the next LTS
<bmw123> in unsupported webmin, it says there are 3 outstanding updates
<bmw123> linux-headers-server 	Linux kernel headers on Server Equipment. 	New version 2.6.32.31.37, linux-image-server 	Linux kernel image on Server Equipment. 	New version 2.6.32.31.37, linux-server 	Complete Linux kernel on Server Equipment. 	New version 2.6.32.31.37 	
<bmw123> but not sure if i want to upgrade them yet,....   looks majot to me, i'm new at linux
<bmw123> major*
<kellnola> and apt-get upgrade outputs nothing, that is, nothing to upgrade?
<bmw123> it outputs this exactly
<bmw123> Reading package lists... Done, Building dependency tree, Reading state information... Done
<bmw123> The following packages have been kept back: linux-headers-server linux-image-server linux-server, 0 upgraded, 0 newly installed, 0 to remove and 3 not upgraded.
<bmw123> but not the 26 and 14 it stated at login time
<kellnola> well there is some reason why it is holding those kernel packages
<bmw123> are they important to upgrade..
<kellnola> if you have some firmware kernel stuff or proprietary drivers or whatever that would do it, if they haven't been updated yet
<bmw123> its a vmware session..could that have any bearing
<kellnola> suyre, vmware has kernel modules. forcing a kernel upgrade if the vmware drivers aren't available for it would definitely hold the kernel
<kellnola> uggh. .. forcing a kernel upgrade could break your VM's
<kellnola> did you install them from a repository or ppa or by hand?
<bmw123> repository i think
<bmw123> i will hold off on it..
<bmw123> just annoying that it says stuff hase to be upgraded...
<kellnola> if that's true, the ppa devs are just lagging, that's all
<bmw123> fair enough, thanks
<bmw123> not too concerned
<kellnola> well, kernel updates should be taken seriously but production systems tend to have more pressing matters, like, stability
<bmw123> fair enough
<bmw123> makes sense
<bmw123> oh i just found this
<bmw123> http://velomatrix.net/2011/05/02/ubuntu-does-not-reset-motd-after-updating/
<kellnola> I use Virtual Box, prob not as good as ESX, but they're better about their driver rebuilds than VMware
<bmw123> i think this is the issue i'm having
<bmw123> how do u like virtual box?
<bmw123> esx is a fortune!   my company pays for it but expensive
<kellnola> it's a little funky, but so is vmware ... it's about as fast
<kellnola> and it's FREE
<bmw123> is it baremetal hypervisor
<bmw123> ?
<kellnola> not sure what you mean
<kellnola> it certainly does not have the features of ESX
<bmw123> do u run it after ubuntu boots
<bmw123> or does it have its own OS?
<kellnola> we use VBox for things like, when a client has an app that requires they run as admin, we quarrantine it in a VM terminal server
<jmarsden> bmw123: virtualbox runs inside a host OS such as Ubuntu or even Windows.
<bmw123> ahhh
<bmw123> i'm using it for production servers at the office... VSphere and ESXi on the servers
<kellnola> since the windows world is rife with this behaviour, we do it a lot
<bmw123> makes sense
<kellnola> it works out since it puts the pressure on the idiot windows dev and not us
<kellnola> hey, commercial UNIX devs do the same shit
<bmw123> hahahaha
<bmw123> it so retared my boiss that is, we pay like $2500 per ESXi licese per server and the server only cost $2000...what a rip off, i wish i owned EMC
<kellnola> it's crazy
<kellnola> how much basic infrastructure software can cost. The last place I worked use ESX heavily - about 50-60 of them, for almost nothing
<bmw123> ya
<kellnola> I mean the VM;s had very light duties
<bmw123> ya a waste
<bmw123> oh well
<kellnola> but they had so much money they didn't know what to do with it
<bmw123> atleast backup is easy with vm's...just image files
<kellnola> yeah
<uvirtbot> New bug: #778903 in backuppc (main) "package backuppc (not installed) failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/778903
<Rommel> Hi, I've got an Ubuntu box linked up to a VLAN trunk port on a Cisco 2950 switch, I've got it all working if I have a subnet per VLAN configuration. But is anyone aware if I would be able to have one subnet for multiple VLANs?
<Rommel> I guess the core of my question is: is it possible to have an interface with a single IP, which communicates on all VLANs which come through on the VLAN trunk, instead of a separate virtual interface for each VLAN tag?
<Rommel> Hi, I'm wondering if anyone has been able to setup an interface on their Linux server connected to a VLAN trunk port which communicates on all VLAN IDs? At the moment I'm having to configure one subnet per VLAN, but I'd really like to have one subnet for multiple VLANs.
<Rommel> So right now I have eth1.3 and eth1.4 defined, each with an IP in their own 172.16.3.0/24 or 172.16.4.0/24 subnet. But I want to have just the single subnet 172.16.0.0/16, with a single eth1 interface with an IP of 172.16.1.1, which servers in all VLANs can use as their gateway.
<Rommel> Seems like this is not the common way of doing things, but I'd much prefer it.
<Moobyfr_> Rommel: nonsense
<Moobyfr_> how can the kernel know which gw to use ?
<Moobyfr_> (and the mac associated )
<Rommel> Yeah, I suppose my thinking was that the server would just pass the traffic back out the interface, and the switch would then have to do something like,  based on the original MAC address, figure out which VLAN the traffic needs to go to.
<Rommel> But it won't work.
<Pupeno> This command seems to work fine when I run it by hand but generates a "/bin/sh: Syntax error: redirection unexpected" when I run it in cron, any ideas why: RAILS_ENV=production nice --adjustment=19 rake dnsk9:send_all_reports > /dev/null 2> >(grep -v default_executable)
<blahdeblah> Pupeno: You are trying to redirect standard output twice in one command - you can't do that
<blahdeblah> Pupeno: Are you trying to grep through standard error for "default_executable"?  If so, i think you want this instead: RAILS_ENV=production nice --adjustment=19 rake dnsk9:send_all_reports 2>&1 >/dev/null | grep -v default_executable
<blahdeblah> You have to redirect standard error to standard output first, then redirect the original standard out to null.
<blahdeblah> Then you need a pipe rather than >(grep ...)
<blahdeblah> Hope that helps
<amero> when blocking inbound access to a port, should i use do it at input or forward chain in iptables?
<amero> -use
<Rommel> INPUT chain for traffic inbound to the server itself. FORWARD for both inbound and outbound traffic to/from a device behind the server itself (the one running IPTables)
<incorrect> is there a server version for ubuntu one file system?
<miceiken> I seem to have some issues with getting mysql-server-5.1 set up at my fresh 11.04 install
<miceiken> I installed it with apt-get and now it's been stuck on "Setting up mysql-server-5.1 (5.1.54-1ubuntu4) ..." for 5 minutes.
<kellnola> ya'll, I have a bizarre networking issue. I'm stumped. A server I just installed, which is simply a VM host, cannot initiate any outbound traffic. The VM's running on top of it work fine (!?) I can ssh into it, etc., but I cannot even ping any other host on the subnet. There is no firewall, no apparmor, nothing like that. The network settings are correct. I'm a little stumped here ...
<kellnola> everything was fine before I changed its ip and installed it
<kellnola> any network activity errors out (from viewing strace output) with EAGAIN
<aBs0lut30> kell: you checked an ifconfig to see if the host still has its IP?
<kellnola> it does
<kellnola> I can ssh into it, ping it, etc.
<aBs0lut30> so can connect in, but not back out?
<kellnola> but once I'm logged in, I can't do anything
<kellnola> aBs0lut30, yes
<aBs0lut30> WOW... thats a good one alright, bonded nics by any chance?
<kellnola> nope, very simple setup
<kellnola> the VM's work fine, wtf
<aBs0lut30> what VM you using?
<kellnola> one interface
<kellnola> virtualbox
<aBs0lut30> humm... tried pinging something on the local lan?
<kellnola> yeah, no go. can't ping anything or otherwise initiate any sort of network connection
<aBs0lut30> humm... let me think about that one for a second...
<aBs0lut30> doubt it will make a difference, but you bounced the interface by any chance?
<aBs0lut30> might be worth a try...
<kellnola> unfortunately I can't unless I'm sitting in front of it .. it's in production at a clients site. I'd like to just reboot it, but the VM's won't startup correctly unless I log in and start them manually. (my bad)
<aBs0lut30> ahhhh
<kellnola> I'm horrified to do anything with it as a result
<aBs0lut30> umm, ok, when you ping something local, whats the return? dest net unreachable, host not found, etc
<kellnola> well, if I strace a ping, I get an EAGAIN error from the kernel
<kellnola> which tells me the kernel is blocking, but not why
<aBs0lut30> OHHHH, wow... anything more from dmesg on the network side?
<kellnola> nope, nothing. dmesg indicates all is well with the interface
<kellnola> and the VM's running on top of it work fine! (?!?!?!)
<kellnola> I first was pursuing "lack of resources" but I backed out of my limits.conf and sysctl.conf and still no go.
<aBs0lut30> ok, try pinging the loopback
<kellnola> yeah that's fine
<kellnola> but I cannot ping the VM's running on this very machine
<aBs0lut30> k, and pinging its local ip(the real Nic's ip) well, not sure how VB works(never used it) but that wouldnt supprise me that much...
<kellnola> oh, yeah I can ping the interface's 10.x ip
<kellnola> ip is working locally, then ...
<aBs0lut30> just for fun, add a second ip to your nic and see if it makes a diff
<kellnola> I wonder if this has something to do with zentyal
<aBs0lut30> ohhh, had never heard of that, and now you made me sad :( the linux equiv of SBS... *sniffel,sniffel*
<kellnola> it's an ease of use interface for servers which we deploy so our clients can easily add users and whatnot
<aBs0lut30> so a service?
<kellnola> yeah, but it kind of takes over the whole system, and puts all the config files in postgres
<kellnola> I dont usually have any probs with it
<aBs0lut30> ahh, well its a possibility... dpending on how deeply it digs in...
<kellnola> oh it digs in deeply
<kellnola> so I'm suspecting a bug there
<aBs0lut30> very possible...
<kellnola> but it's logs are pretty thorough in my experience and there's nothing there either
<kellnola> at this point I just want to confirm I am not an incompetent idiot :)
<aBs0lut30> nah... and even if it is something you did, dont feel bad, even the best of us flubs up from time to time, hell I blew away a whole raid array the other day, 2TB of data... *poof* gone
<kellnola> 'cuz I am new to the ubuntu way of doing things, on server at least. apparmor really threw me for a loop at first
<aBs0lut30> which version are you running?
<aBs0lut30> 11.04?
<kellnola> aBs0lut30, I've done that as well :/
<kellnola> 10.04LTS
<aBs0lut30> k... was playing with 11.04 the other day and am NOT impressed...
<kellnola> I'm not even considering it at this point. I need my computers to WORK
<aBs0lut30> well... like i said, might be worth throwing a second ip on the nic and see if you can get traffic out
<kellnola> yeah I could try that. would not be disruptive
<kellnola> but I can't try anything possibly disruptive with the box in production
<aBs0lut30> yup, and if that works, it could be that your "tick" of a front end has still got some out of date config data in there somewhere...
<aBs0lut30> completely understand... but yeah, should be pretty safe just adding another nic...
<aBs0lut30> and just in case, the box by any chance have a remote mgmt card?
<kellnola> I wish
<aBs0lut30> ehhh... sux
<kellnola> only Dell's have those ... or is there something else?
<kellnola> I looked into that but could not find anything
<aBs0lut30> well, now days most servers and some higher end desktops have it as an option... I know HP has something(never used it) even intel has a generic one for their mobo's (not very good,but still gets you a console when you need it.. :)
<kellnola> yeah those things are lifesavers for remote work
<kellnola> in my last job every server had one (all Dells) but we really didn't need to use them
<aBs0lut30> no kidding! and the intel ones are REALLY cheap, like 60bux
<kellnola> is it a card I can put into any server?
<kellnola> Dell has some special rigamarole going on
<aBs0lut30> I made a point to have them in every production box, I am a one man shop so never know when I am going to need to rescue something from anywhere... yeah, and to get anything useful you have to have that
<aBs0lut30> but no, has to be a supported intel mobo
<kellnola> yeah I don't think our little lenovo's support that
<aBs0lut30> that said, one of the VNC software companies makes the next best thing... its an IPKVM adapter, just hook it to a kvm, or directly to the console and BOOM remote control :)
<kellnola> I need to look into that shit more
<kellnola> I am used to a server room type environment this crap is new to m
<kellnola> w
<kellnola> me
<aBs0lut30> I hear ya, I actually just went the other way, out of the clients office back into the server room
<kellnola> where I used to work everything was incredibly restricted and stable
<kellnola> and now I have all these wild wild west clients
<kellnola> admin's dream, but it was kind of boring
<aBs0lut30> ugh, remember those days
<kellnola> well, the clincher was this: in such a stable environment, you would think the admins would devote their time to bettering the system. instead, the managers filled up our time with chores and idiotic tasks, and forced us to use software that was impossible to automate
<kellnola> but it was nice adminning 250 RHEL desktops
<aBs0lut30> ahhhh yes, the big corp enviroment... very cool...
<kellnola> aren't too many places that do that
<kellnola> in the US anyway
<aBs0lut30> no kidding...
<aBs0lut30> whish I could get away with that...
<kellnola> to tell the truth i LIKE desktop work, just not windows desktop work :)
<aBs0lut30> hahaha
<kellnola> unix desktop stuff is very interesting
<kellnola> we want ot push ubuntu desktops to some of our more "broke" clients
<kellnola> with some of them I'm like wtf do you need windows for?
<aBs0lut30> hah, yeah... generally the answer to that is NOTHING unfortunately for me, we use a web based for our core LOB and its IE only...
<kellnola> so, how can we push linux here? I really don't see a need ... worst comes to worst, crossover Office will them run MS Office on their desktops
<aBs0lut30> and based on how shitty the new versions of office are, probably run better than the real thing
<kellnola> we are moving to an SLA based structure and we are considering a discount for linux desktops, since they would take almost none of our time
<aBs0lut30> thats actually a really cool way to push it...
<kellnola> we have a lot of non-profit clients that could benefit if they would just use it
<kellnola> oh god the shit with profiles and windows is just ridiculous
<aBs0lut30> no kidding... with all the community projects and distros out there, I am really supprised someone has not sat down and come as close as possible to making a windoze replacement distro, mock up the UI as close as you can, and preload with wine for the stuff they have to run... would go over well I imagine
<kellnola> the whole thing is so unnecessarily tedious and painful
<kellnola> I haven't dealt with MS in 10 years and now that I am again I see they haven't progressed at all, aside from changing the location of the profile with every release ... /home has been the same since 1970
<aBs0lut30> ROFL
<aBs0lut30> yup
<aBs0lut30> ohhh and the new user account control stuff is just SO MUCH FUN!
<kellnola> we had to pass on a juicy client recently because none of us are acquainted with the "advanced" MS stuff (Exchange fail over and whatnot) this shit is so easy in UNIX
<kellnola> god why do people want to even use outlook
<aBs0lut30> hey, dont be knocking outlook now ;) love me some outlook, and I have to say, until they come up with a version of postfix that can do push email to my phone I am hanging on to my exchange ;)
<kellnola> aBs0lut30, actually, zimbra can do that just fine. It's a linux based exchange replacement
<kellnola> it works with outlook
<aBs0lut30> hate to say it, but I have used zimbra in the past, and would rather be subjected to the worst tortures that china/japan could come up with before I went back to that...
<kellnola> LOL we are OK with it
<kellnola> maybe at some point google will come up to speed. I think they will
<aBs0lut30> I will say its been a while, back before whoever took it over (saw the other day but cant remember) and it was just aweful! dont think a week went by where I was not doing something stupid to it either because our users would send a message to 500 people at once or the store would just too big...
<aBs0lut30> now that would be good!
<kellnola> because I think google has the interface down, they just need some more features worked in
<kellnola> outlooks interface is way too complicated
<kellnola> for average users
<aBs0lut30> yeah... one thing I would love to see, and they are the ones to do it, is a push away from the stupid x86/pc arch... its soooooo stupid that we have multi ghz cpu's that are timesliced...
<aBs0lut30> you got a good point there...
<kellnola> evolution is a much better client, it's just in search of a good backend
<kellnola> yeah, SUN was the shit. I miss solaris
<aBs0lut30> this is going to sound REALLY sad, but I have been working with linux since around 2000, and have actually never setup that, or any other email client on a linux box...
<aBs0lut30> ohhh yeah, love some sunSparc :)
<kellnola> it's like outlook , but much simpler. not so many menus and garbage
<miceiken> Is there any way to remove ALL packages, including config files? I just want openssh-server left
<kellnola> MS started using this collapsing menu crap with what, Office 2003? what does that really mean? your menus are too complicated
<aBs0lut30> haha, yup... really hate that feature too... you seen outlook/office 2010??
<kellnola> oh god
<aBs0lut30> haha, I take that as a yes
<kellnola> when I first saw that, I was like, where the FUCK is everything?
<aBs0lut30> I know, I actually had one of my girls start to cry a little cause she couldnt figure out how to do anything...
<aBs0lut30> they really need to get their shit together or get the hell out of the way...
<aBs0lut30> and intel too for that matter
<kellnola> yeah but ubuntu is doing that crap too now. they get away with it because their user base is mostly home desktops. If they had organizations using it on desktop they would be more wary of drastically changing the user interface
<aBs0lut30> tell me about it...
<kellnola> unity looks like a disaster to me so far. everyone seems to hate it
 * kellnola hasn't used untiy yet
<aBs0lut30> yeah, havent even seen that yet...
<kellnola> I think their devs are mostly young and a little reckless
<kellnola> the fact that unity requires a 3D card is totally insane
<aBs0lut30> you have got to be kidding me!!! well at least the rumors about MS developing a linux system makes sense ;) HAH
<kellnola> it is really meant for touch screens. I can see the use there. But for a workstation? hell no.
<aBs0lut30> yeah, thats just stupid
<kellnola> yeah. a geologist doing seismic interpretation has no use of dragging his/her finger around the screen
<kellnola> and that sort of thing is the traditional use of unix desktops
<aBs0lut30> but but!!!! tablets are the wave of the future! havent you heard, we all need touchscreens!!!! RIGHT NOW!
<kellnola> lawyers love them :)
<aBs0lut30> ohh I bet they do, now for doctors and nurses I can see where it could be VERY useful...
<kellnola> we are trying to come up with a radius solution for ipads with our linux servers
<kellnola> and the ipad wireless crap
<aBs0lut30> ehh, well have fun with that...
<kellnola> oh my I WILL :)
<aBs0lut30> well, I get to recompile my kernel AGAIN! happy happy joy joy
<kellnola> such nostalgia. I haven't done a kernel by hand in many years
<uvirtbot> New bug: #779058 in mysql-5.1 (main) "package mysql-server-5.1 (not installed) failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/779058
<aBs0lut30> well I really get pissed every time I have to, but I am trying to get SCST and DRBD working on a box, and the damn out of the box kernel is throwing all sorts of DRBD errors so am having to do it the hard way :(
<aBs0lut30> anyway, time for a smoke, biab
<aBs0lut30> good lord, building a kernel takes WAY to long these days...
<aBs0lut30> too many built in drivers!
<cloakable> Strip out the unneeded ones then :P
<aBs0lut30> I would, but I dont think i would live long enough to go through that whole list ;)
<AdamDV> I'm looking to recieve/send mail for one user, whats the easiest way to do it? I was going to have the user be a system account (he has a shell anyway) and have the server run a dovecot+postfix instance.
<zertyu> hi
<zertyu> i got very basic question
<zertyu> i got a group called devs and one user called James
<zertyu> how to place user James to group devs ?
<miceiken> Is anyone else having problems with installing mysql-server?
<zertyu> yes
<zertyu> oracle too
<uvirtbot> New bug: #779090 in samba (main) "package samba 2:3.5.8~dfsg-1ubuntu2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 128" [Undecided,New] https://launchpad.net/bugs/779090
<miceiken> zertyu: did you solve it some how?
<zertyu> solve what ?
<miceiken> zertyu: mysql install problems
<aBs0lut30> FINALLY!!!!!! scst and drbd playing nice together
<andygraybeal> drbd is clustering?
<aBs0lut30> well, block replication(generally used in a cluster...)
<andygraybeal> aah okay, that's what i'm thinking i guess.. i didn't know that
<andygraybeal> it all sounds so scary to me
<andygraybeal>  :)
<aBs0lut30> lol, well until your REALLY used to it and experienced with it, it is... 2x more so when your playing with real live production data
<aBs0lut30> without a current backup...
<andygraybeal> :)
<aBs0lut30> but its really cool, and VERY useful
<aBs0lut30> nothing like to live up to date copies of your data
<andygraybeal> are you using it to cluster?
<aBs0lut30> i am... its running a SMB share for user data and iSCSI targets for vmware backend storage
<aBs0lut30> actually in the process of rebuilding it now to get off of the old Openfiler and IETD builds...
<andygraybeal> ah you used openfiler  (i don't know what IETD is)
<aBs0lut30> well I am using openfiler for the next day or so, until I get the new cluster up and pull everything off of it... IETD is the iSCSI target
<andygraybeal> interesting
<aBs0lut30> yup, its a pain to setup, but once its up and running, worth its weight in gold
<andygraybeal> maybe one day, i'll get there :)
<andygraybeal> there is a lot of talk about clustering with the LTSP (linux terminal server project) and i would like to get to that point
<aBs0lut30> humm... never messed with that any...
<andygraybeal> it's a cheap way to run clients w/o a lot of overhead or $$
<andygraybeal> i guess terminal servers go hand-in-hand with clusters
<aBs0lut30> whats the client interface? VM, VNC, RDP???
<andygraybeal> it's x forwarding i believe
<andygraybeal> the guys in #ltsp know way more than i do
<andygraybeal> it's all automatic
<andygraybeal> i don't even have to think about it
<aBs0lut30> ahhh...
<andygraybeal> pxe boots like a 10MB image.. then x forwarding takes over
<aBs0lut30> wow, not bad...
<andygraybeal> it might nt be x forwarding, but something like this
<andygraybeal> yea, the guys that really know their stuff,.. they do what you did with drbd
<aBs0lut30> wonder how good the screen refresh is... could make a cool backend for like some in-wall home automation and control stuff...
<andygraybeal> that's the only reason i remotely knew what it was (not exactly obviously)
<andygraybeal> yea, yuo can run things as fat clients and thin clients.. so like if you had video.. you'd prolly want the video to run on a fat client; if you were just web browsing or something basic like word processing.. thin client is fine.
<andygraybeal> i don't really know the details.
<aBs0lut30> very cool, I will have to check that out, cause I was just thinking about trying to come up with something like that to push automation/media house wide :)
<andygraybeal> i'm on all thin clients right now and it takes to many resources from the server.  i bought all my clients reallycheap at an auction and they have atleast 1gb memory in 'em.  so i'm switching them over to fat clients asap
<aBs0lut30> cool
<andygraybeal> yea, the guysin #ltsp are awesome to .. so damn patient
<andygraybeal> good for people like me that have no clue
<aBs0lut30> well thats good, not something you tend to find on irc...
<andygraybeal> irc keeps getting better  :)  i've been on it for abuot 15+ years now
<Jasonn> Is it worth it to pay $6/mo more and get 16GB ram instead of 12 ??
<ScottK> Depends on what you're doing.
<ScottK> If the extra RAM will help in your use case, it sounds cheap.
<Jasonn> Hmm
<Jasonn> Its for a server
<Jasonn> not for my desktop
<Jasonn> ScottK: Will it improve the quality of the performance if I dont use that much?
<ScottK> No.  If you aren't using all the ram, then more just sits there and doesn't help.
<ScottK> So you need to know your use case.
<andygraybeal> i bet yuo end up using it :)
<aBs0lut30> for 6 bux, HELL yes its worth it... no such thing as too much ram
<andygraybeal> :)
<webistic> I need help with ftp from server to server using the terminal
<aBs0lut30> such as...
<andygraybeal> webistic,  if you can help it, scp is a better choice
<andygraybeal> but if yuo can't ftp works,but is insecure
<cloakable> Or sftp
<aBs0lut30> and a partridge in a pear tree.....
<andygraybeal> omg shuttup
<aBs0lut30> >:)
<andygraybeal> i hate that song
<webistic> cant really help it, sorry :) though i'm all about ssh when ever I can
<webistic> so what to i type to make the magic happen? something like.. cp my_site/ ftp://login:pass:server2.com/sites/ ?
<aBs0lut30> got ftp on server1?
<webistic> yes
<aBs0lut30> might want to try a FXP client... lets you run server to server ftp's from a client... probably be a bit easier... IMHO
<webistic> I got another tip about ncftp, same thing though, right?
<aBs0lut30> not sure...
<webistic> thanks :)
<webistic> could not find  FXP client in repo
<aBs0lut30> well, there are several that support it... cant remember the name though... I know for windows its WinFXP... but think the linux ones are named funny...
<cloakable> webistic: apt-cache search fxp
<cloakable> :P
<Jeffsi> hey guys, i am unable to boot to cd while the hard drive is connected so i cant get anything installed, any ideas why this may be happening?
<uvirtbot> New bug: #779157 in samba (main) "package samba 2:3.5.8~dfsg-1ubuntu2.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/779157
<andygraybeal> Jeffsi, is it IDE (PATA) or SATA ?   -- if it's ide, did you have a look at the jumpers... master / slave / single?
<andygraybeal> also make sure they are enabled in the bios
<cloakable> cable select
<miceiken> Is anyone else having problems with installing mysql-server?
<andygraybeal> also what cloakable said... i forgot that one...
<julian_c> Which version of mysql-server?
<Jeffsi> andygraybeal: they are ide and in the bios i only see 1 at a time never both, i also looked at the jumpers but i may have set them wrong
<cloakable> cable select is rarely a good idea >.>
<andygraybeal> Jeffsi, take a closer look at the jumpers, hopefully the drive and the cdrom have some type of documentation
<Jeffsi> they are on 2 diferent ide cables and both set as master
<miceiken> julian_c: mysql-server-5.1 with apt-get
<andygraybeal> set them to single if you can; also make sure both ide's are enabled in your bios.
<andygraybeal> or put them on the same ide .. set as master and slave... try all the configurations yuo can :)
<andygraybeal> are you sure they both work?
<Jeffsi> yup, they both work great on other computers and if only 1 is connected
<andygraybeal> is it clear how to set them as master and slave.. and then put them on the same ide ?
<andygraybeal> not that this is the best solution, but it is one way to do it
<andygraybeal> and if you haven't tried it yet, it's worth a shot
<andygraybeal> maybe one of the ide's on your board is shot?  or the cable?
<julian_c> miceiken: I can't say that I've had difficulty installing mysql-server. Which release of Ubuntu, and what specific problems are you having?
<miceiken> julian_c: 11.04, and it's just stuck at "Setting up mysql-server-5.1 (5.1.54-1ubuntu4) ...", I don't know what the underlying cause is. I thought that if I removed all traces of it completly and reinstalled it would work, but I don't know.
<Jeffsi> ill try to put them both on 1 ide but i am keeping them on the same ide cables and slots and alone they work great but together its a no go
<julian_c> Did you purge the package (and, if possible/feasible, its dependencies), or simply remove?
<Jeffsi> andygraybeal: should i set the cd drive as master or HDD?
<andygraybeal> hdd
<miceiken> julian_c: remove, but sometimes it says it's not install
<miceiken> ed
<miceiken> Is this what you want me to do? "sudo apt-get --purge remove mysql-server"
<julian_c> 'apt-get purge <packages>'
<julian_c> Hopefully, that will effectively clean up your previous installation of the package (including configuration files).
<miceiken> gonna try to install it now
<miceiken> nope, stuck again
<miceiken> is there anything I can do to diagnose it?
<Jeffsi> andygraybeal: do you think its really worth trying because the ide cable is too small and im using a cd drive in another computer and want to avoid taking it out if possible
<miceiken> An error occurred while setting the password for the MySQL administrative user. This may have happened because the account already has a password, or because of a communication problem with the MySQL server.
<miceiken> thats while installing
<miceiken> press enter, and it's in a deadlock
<andygraybeal> haha Jeffsi, don't be lazy and ask questions in irc at the same time :P  in all honesty.. i don't care.
<miceiken> julian_c: http://pastebin.com/0r4CTPu8
<andygraybeal> Jeffsi, get your screw driver out, and fix the computer  :)
<Jeffsi> lol alright, ill pull it out then
<miceiken> I think it's waiting for 9779 - start mysql to finish
<andygraybeal> how can you eff with the jumpers while the damn thing is still in the case.. you must have a nice case
<julian_c> Looks like it...
<julian_c> Somehow, apt-get is running twice.
<miceiken> julian_c: because i'm not root and I did sudo?
<miceiken> want me to kill one of them?
<Jeffsi> the case sucks, lol its not easy, i almost went to grab a small mirror its so hard to see and get back there
<andygraybeal> pull it outta there, you'll thank me :)
<julian_c> Recommendation -- kill all of the running processes related to starting and installing mysql; then, purge the mysql-server package.
<Jeffsi> omg soo much dust in here
<Jeffsi> alright so hdd=master and cd= slave, correct?
<miceiken> miceiken@celeste:~$ sudo apt-get purge mysql-*
<miceiken> E: dpkg was interrupted, you must manually run 'sudo dpkg --configure -a' to correct the problem.
<miceiken> julian_c: if i try to do that it just tries to set up mysql-server again
<andygraybeal> Jeffsi, yea
<julian_c> Had mysql been installed before you started getting errors?
<miceiken> julian_c: yes installed but not working
<miceiken> it was first installed through the boot cd as lamp-server
<andygraybeal> binaryhat, is your hat on or off?  i can't tell ;P
<Jeffsi> lol
<Jeffsi> omg, andygraybeal, i think its working!
<andygraybeal> awesome; i hope.
<julian_c> miceiken: What about trying to remove </var/lib/mysql> (or moving it elsewhere temporarily, and then running 'dpkg --configure -a'?
<miceiken> I managed to fix it now julian_c, I killed the process "start mysql" and it said it jsut failed to install it then I ran purge
<julian_c> Ah. Good.
<miceiken> now I just apt-get install again?
<julian_c> Yes.
<Jeffsi> andygraybeal: if i wanted to do backups/a print server, would you recomend dsl or ubuntu server, its a really old box btw
<andygraybeal> damn small linux? .. umm i don't know;  i say use ubuntu it's easy and apt-get works :)
<miceiken> julian_c: now I still get that error: An error occurred while setting the password for the MySQL administrative user. This may have happened because the account already has a password, or because of a communication problem with the MySQL server.
<miceiken> http://pastebin.com/cGHFbLEx -- there I was prompted that it could not set password, after that it's just stuck
<Jeffsi> andygraybeal: i dont really know the commands though and thats my drawback
<julian_c> Any chance that /tmp isn't set +t (permissions)?
<miceiken> how do I check
<miceiken> would I be able to install apache etc then? because I am
<andygraybeal> Jeffsi, well, ubuntu has great documentation, and a lot of people use it.  i'm bias :)  it's really up to you -- i'm not very smart, and finding answers on google is easy -- i read the server guide over and over.. and obviously this an other channels are very helpful
<andygraybeal> running apache and cups is a great way to run a print server;  what do you have in mind for backup software?
<julian_c> miceiken: Run 'ls -ld /tmp' and look at the permissions. Should be 1777 (drwxrwxrwt).
<miceiken> miceiken@celeste:~$ ls -ld /tmp
<miceiken> drwxrwxrwt 5 root root 4096 2011-05-07 21:24 /tmp
<julian_c> OK... so that's not the problem...
<andygraybeal> Jeffsi, i don't know - i run bsd for firewall and ubuntu for everything else :)  i do like solaris (openindiana) too
<julian_c> Seems like something was left over after purging mysql-server.
<miceiken> dpkg: warning: while removing mysql-common, directory '/etc/mysql' not empty so not removed.
<Jeffsi> andygraybeal: have you used dsl at all?
<andygraybeal> i haven't
<Jeffsi> hmm, well its telling me fattel error, cant open disk drive
<julian_c> miceiken: As long as you don't need any of the configuration, it should be safe to remove </etc/mysql> and its contents. Also, </var/lib/mysql> is gone after purging, right?
<miceiken> let me check
<miceiken> miceiken@celeste:~$ sudo ls /var/lib/mysql/
<miceiken> debian-5.1.flag ibdata1 ib_logfile0 ib_logfile1 mysql mysql_upgrade_info
<miceiken> had to sudo because I got permission denied
<miceiken> btw, can I list users somehow
<andygraybeal> Jeffsi, don't know what to tell yuo, try another media?
<miceiken> sudo users :P
<andygraybeal> Jeffsi, burn another cd.. just to do it?
<Jeffsi> i dont think that will help because i already have it loaded up as a live cd
<julian_c> All members of the 'admin' group can use sudo to get root privileges.
<miceiken> well julian_c, now what?
<miceiken> it's not empty as you can see
<julian_c> I'd move </var/lib/mysql> out of the way, and then try installing mysql-server again. The installation script will create the necessary directory, and populate the database.
<miceiken> can I just delete it?
<julian_c> Sure.
<miceiken> wtf
<miceiken> still not
<miceiken> julian_c: now it works :D
<julian_c> And it's all running properly?
<miceiken> seems like it
<julian_c> Installing Apache should be much easier...
<miceiken> julian_c: yeah it's all good now
<andygraybeal> jeffsi; verify that the iso you used to burn is correct... then verify the actual cd?
<Jeffsi> andygraybeal: alright, 1 moment
<AdamDV> I just setup a mail server stack w/ postfix and dovecot via the dovecot-postfix package in the ubuntu repos. Trying to connect to my account w/ my iPhone, I'm getting an error about the server not supporting SSL. Logs show nothing abnormal. Any ideas?
<cloakable> AdamDV: set up SSL :P
<AdamDV> doesn't the package already set it up?
<cloakable> Nope
<AdamDV> -__-
<AdamDV> how do i go about setting it up
<cloakable> AdamDV: http://www.linuxmail.info/postfix-dovecot-ssl/
<cloakable> About 1 seconds worth of goggling :P
<AdamDV> can I use dovecots certs for postfix?
<AdamDV> (aka the pem files that would be generated by a `openssl req -new -x509 -days 365 -nodes -out /etc/ssl/certs/dovecot.pem -keyout /etc/ssl/private/dovecot.pemÂ `)
<cloakable> Think so
<AdamDV> Thank you :)
<Jeffsi> andygraybeal: it seems fine
<AdamDV> cloakable: still not working D:
<axisys> can I have a PV a mirror of two disks ? if not can I have VG a mirror of two PVs then ?
<axisys> if none of them possible I guess I will create a software raid1 of the two disks and use LVM on top
<Jasonn> What are things I could do with a Ubuntu server?
<Jasonn> Like what programs can I install
<Jasonn> something that is REALLY cool
<axisys> Jasonn: LAMP
<Jasonn> what does that do, axisys
<axisys> Jasonn: http://lmgtfy.com/?q=ubuntu+server+lamp
<Pici> !lamp
<ubottu> LAMP is an acronym for Linux-Apache-MySQL-PHP. However, the term is often used for setups using alternative but different software, such as Perl or Python instead of PHP, and Postgres instead of MySQL. For help with setting up LAMP on Ubuntu, see  https://help.ubuntu.com/community/ApacheMySQLPHP - See also the Server CD installation process (different in Edgy+)
<Jasonn> Hmm
<Jasonn> How much would I be looking at for a dedi server?
<axisys> Jasonn: please explain "How much"
<Jasonn> How much money would I be looking to pay for...
<axisys> Jasonn: hmm.. pay to whom?
<Jasonn> nvm.
<axisys> Jasonn: it is all opensource and free
<axisys> Jasonn: welcome to ubuntu :-)
<Jasonn> No, I mean to rent a dedi server
<axisys> Jasonn: don't know.. if you want to rent.. you could start with amazon cloud ..
<Jasonn> What is "The Cloud?
<axisys> Jasonn: they may have lamp pkg .. i do not know
<Jasonn> Ok
<Jasonn> thanks :)
<axisys> !cloud > Jasonn
<ubottu> Jasonn, please see my private message
<jmarsden> Jasonn: For a dedicated real physical server, you would pay anywhere from about $100/month to... well, several times that :)
<Jasonn> Oh
<Jasonn> :S
<jmarsden> But if you are new, try a virtual private server which can be much cheaper, for example at http://www.linode.com
<Jasonn> I have a VPS, and linode is definitely not one of the best hosts ;)
<miceiken> Everytime I upload something into public_html folder, I need to chmod it for it not to get forbidden, how do I prevent that?
<jmarsden> miceiken: How are you uploading?  Are the permissions on the files 644 before the upload?
<miceiken> jmarsden: from ftp
<miceiken> idk what they are
<miceiken> :P
<miceiken> I just want everything to be visibl
<miceiken> e
<jmarsden> So, one way to prevent this is to set the permissions before you upload things :)
<miceiken> I tried chmod -R or+x public_htm
<miceiken> l
<axisys> miceiken: chmod -R o+rx public_html
<jmarsden> axisys: Making all files executable?  Why would you want .html files to be executable?
<axisys> jmarsden: just fixing his typo.. lol
<axisys> jmarsden: you don't want that
<miceiken> axisys: thats what I did
<jmarsden> I think    chmod -R a+r ~/public_html     # is more likely to be useful here
<miceiken> but whenever I upload something new
<axisys> miceiken: ^
<jmarsden> miceiken: So chmod a+r somethingnew   # and then upload it...
<miceiken> jmarsden: still the same issue
<miceiken> http://miceiken.net/~miceiken/ircTest.png - I just uploaded that
<miceiken> didnt work
<jmarsden> miceiken: Can you use scp -p somethingnew you@yourserver.example.com:public_html/     # instead of using FTP?
<jmarsden> scp -p retains permissions, FTP... doesn't always do so.
<miceiken> jmarsden: idk, but I had it working before, on my old setup
<jmarsden> Then look at the old setup and see what is different there.  or look at your notes from when you set it up :)
<miceiken> I have neither
<jmarsden> Lesson to learn: make notes on what you do to your servers, so you can refer to them later as needed :)
<axisys> miceiken: your ftp server is proftp?
<miceiken> vsftp
<miceiken> I used proftp before
<miceiken> maybe thats why
<axisys> miceiken: in proftp you need this
<axisys> Umask                           022  022
<axisys> looks for something similar in your ftp server setting
<axisys> s/looks/look/
<Jasonn> How do I install CPAN modules?
<Jasonn> Can I do that from the repos??
<RoyK> perl -e shell -MCPAN
<RoyK> or -m
<Jasonn> http://search.cpan.org/~adamk/DBD-SQLite/
<Jasonn> I am trying to install that one
<Jasonn> I just run that one command and they are all installed??
<Jasonn> RoyK: !
<Jasonn> ^^ ***
<uvirtbot> Jasonn: Error: "^" is not a valid command.
<axisys> Jasonn: so you think you have DBD::SQLite  missing ?
<Jasonn> yeash
<Jasonn> And a few more
<axisys> Jasonn: what makes you think that?
<Jasonn> I am installing a program and it tells me that they are missing
<axisys> Jasonn: gotcha.. apt-cache search dbd | grep sqlite is one way to install besides what RoyK suggested
<Jasonn> And that installs all of the CPAN modules?
<axisys> apt-cache search dbd | grep sqlite should match a lib pkg
<Defghanistan> Hello, I am trying to write a script that will do a mysqpdump that pipes to gzip. After the mysql dump has been gzipped I would like it to be scp'd over to a remote server. I have this much but dont know how to add in the scp part. Any help? mysqldump ---user admin --password=password mydatabase | gzip > /usr/local/mydatabase.gz
<axisys> Jasonn: like this libdbd-sqlite
<axisys> or even cpan DBD::SQLite another way
<Jasonn> axisys: I just type: cpan DBD... into the terminal?
<axisys> Jasonn: yes
<Jasonn> Ok :D
<axisys> Defghanistan: scp file remotehost:
<axisys> !scp > Defghanistan
<ubottu> Defghanistan, please see my private message
<axisys> Jasonn: sudo cpan DBD::SQLite, if you running as non-root
<Jasonn> Warning (usually harmless): 'YAML' not installed, will not store persistent state
<Jasonn> axisys: ^
<axisys> Jasonn: you could try apt-get install libdbd-sqlite .. might be easier
<axisys> Jasonn: that is ok as well.
<Jasonn> Thing is, I also need like 4 more modules
<axisys> Jasonn: sudo cpan YAML
<Jasonn> Ok :D
<axisys> both cpan and apt-get should install the dependent pkgs as well ..
<axisys> Jasonn: you could ask #cpan for more help
<Jasonn> Ok
<Jasonn> Ok
<Jasonn> alos, what is cpan ??
<axisys> Jasonn: http://lmgtfy.com/?q=cpan
<axisys> Jasonn: you suck at google :-)
<Jasonn> xD
<Jasonn> !google | axisys
<ubottu> axisys: While Google is useful for helpers, many newer users don't have the google-fu yet. Please don't tell people to "google it" when they ask a question.
<Jasonn> ;)
<axisys> Jasonn: you are getting free help here.. we all are busy .. this help is voluntary .. lets not abuse that ;-)
<Jasonn> xD
<Jasonn> !ot | axisys
<ubottu> axisys: #ubuntu is the Ubuntu support channel, for all Ubuntu-related support questions. Please use #ubuntu-offtopic for other topics (though our !guidelines apply there too). Thanks!
<Jasonn> axisys: What are the advantages of a dedi box, and how fast do you think I could use up 12GB of ramm?
<axisys> Jasonn: now that is for #ubuntu-offtopic ;-) ..
<Jasonn> xd
<Jasonn> But really, what are the advantages of a dedi box?
<soren> As opposed to what?
<Jasonn> VPS
<soren> Performance.
<soren> Access to virtualisation.
<Jasonn> Hmm
<soren> That pretty much sums it up.
<andygraybeal> i pay $50/mo for a KVM box
<andygraybeal> i make an image locally, upload it and boot it
<andygraybeal> then i can expand the resources as i need
<Jasonn> How do I make an sqlite database file
<Jasonn> ?
<jmarsden> Jasonn: man sqlite    # and read the example there
<Defghanistan> Another question regarding mysql scripting: if I do a mysqldump that pipes to mysql on a remote server, can I use --all-databases and will it then create and populate those databases on the remote server?
<soren> andygraybeal: You can get real hardware for less than that.
<DAVdaBRAV> How can I shutdown Ubuntu safely without logging in?
<DAVdaBRAV> Perferably with the power button on the front of the case?
<soren> DAVdaBRAV: Make sure acpid is installed. That should do the trick.
<DAVdaBRAV> ah. Is there any trick to using it? or just apt-get and it should work from startup?
<soren> DAVdaBRAV: Just install it.
<soren> DAVdaBRAV: Should "Just Work[tm]"
<Macer> does bonding multiply speed?
<Macer> or is  it just for network redundancy?
<qman__> Macer, not of itself
<qman__> it theoretically can sustain twice as much throughput
<qman__> but chances are you have both plugged into the same switch
<qman__> so said switch needs to be a good one to handle four saturated links (both bonded to both separate endpoints)
<Macer> wouldnt that only be a problem if the switch was handling a certain layer?
<Macer> i figured other than that all  it does is provide the physical link
<qman__> that's not how a switch works
<qman__> think of a switch like a computer with a whole bunch of network cards
<Macer> ah i see.
<qman__> a hub is simple physical connection
<Macer> so it has to process all the pkts going through it?
<qman__> and a hub is one huge shared link
<qman__> yes
<qman__> and direct them to the correct ports
<qman__> so consumer grade switches are not going to see any real gain with bonding
<qman__> but midgrade to high end stuff will
<Macer> hm. well. i am guessing my run of the mill 24 port netgear gbit switch will not work?
<qman__> $200-ish? probably a little, but not a full dual gigabit link
<qman__> if you're using all 24, you won't see a big improvement
<Macer> well.. it was $200ish back when it was new
<qman__> if you're only using ~8 or less ports, you will probably see a decent improvement
<Macer> in like 2006 :)
<Macer> i see
<Macer> thanks.  i will look into it. i was just curious
<qman__> you can always try it and run some tests
<qman__> who knows, maybe they did make it fast enough to handle that
<qman__> but cheap stuff generally isn't
<qman__> but yeah, bonding is intended to double/triple/etc bandwidth
<qman__> there's just more factors you have to consider
<Macer> http://www.newegg.com/Product/Product.aspx?Item=N82E16833122058
<Macer> that is my switch right there
<qman__> looks like it is up to the task
<qman__> key part: Switching bandwidth: 48 gigabit per sec
<Macer> 48gbit
<qman__> if it can actually do that, it's good
<Macer> yeah. that is quite a bit of speed considering it has 24 1gbit ports
<Macer> that doesnt seem to add up
<Macer> :)
<qman__> I have one that's very similar, haven't tried bonding with it though
<qman__> well, that's in ideal conditions
<Macer> you would  think its throughput would be 24gbit
<qman__> especially when you mix port rates, it tends to slow things down a lot
<Macer> considering  that is the physical limitation
<qman__> so you need to have more processing power than just the port combined totals
<Macer> ah i see
<qman__> one that did have 24gbit would be underpowered for bonding
<qman__> if you used all ports, at least
<Macer> well..i will slap a couple nics int some stuff and see what it can do
<Macer> see if i can max out the sata bus heh
<Macer> thanks for the info
<qman__> yeah
#ubuntu-server 2011-05-08
<ruben23> hi guys any idea how do i install lame apps-- coz when i tried with my ubuntu server 10.04LTS -http://pastebin.com/gv8FfYBv
<ruben23> any idea guys..?
<thugzclub2> hi guys
<thugzclub2> trying to log onto the amazon cloud to no avail...I have looked at https://10.cloud.ubuntu.com/faq/  but where do get the cloud VM ?
<L0C4LH05T> hey guys, using ubuntu server 11.04, trying to setup isc-dhcp4 and I keep getting a segment fault
<L0C4LH05T> anyone around?
<arleslie> hey everyone, any reason why /usr/sbin/dhcpd uses a lot of cpu and mem? after killing the process server load droped from 1.56 to 0.27 and mem usage went from 76% to 0%
<Alan> What would be the recommended filesystem these days for a 6TB RAID5?
<Alan> this is for a home fileserver, so lots of big video files, small music files, reasonable amount of varied simultaneous access
<Alan> but also preferably something that doesn't just truncate all open files on power loss
<Alan> (I actually had that happen with a FS once =( )
<Alan> also, i'm running 10.04, that might have some effect on the maturity of what's available in my kernel...
<gbear14275> hello, I've run into a problem where /var/lib/ureadahead/debugfs is taking up all my system space as reported by df to the point that I can't upgrade or install new packages...  I've read it is just a reporting error... but how do I get rid of it.
<gbear14275> ref: http://ubuntuforums.org/showthread.php?t=1350785
<gbear14275> http://ubuntuforums.org/showthread.php?t=1670411
<gbear14275> Is this the appropriate solution?  http://ubuntuguide.net/howto-fix-ureadahead-problem-after-upgrading-to-ubuntu-10-04
<Jasonn> I am running a bot, and it keeps telling me that it can't load a module
<Jasonn> I checked the module and everything seems to be fine with it
<Jasonn> and I have the appropriate plgins installed.l
<uvirtbot> New bug: #779336 in mysql-5.1 (main) "package mysql-server-5.1 5.1.54-1ubuntu4 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/779336
<uvirtbot> New bug: #779356 in ipsec-tools (main) "racoon and iPhone workaround" [Undecided,New] https://launchpad.net/bugs/779356
<uvirtbot> New bug: #779362 in php5 (main) "package libapache2-mod-php5 5.3.5-1ubuntu7.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 128" [Undecided,New] https://launchpad.net/bugs/779362
<ikonia> for the record Bacta is banned
<ikonia> nothing has changed with him
<eagles0513875> O_O
<uvirtbot> New bug: #779391 in exim4 (main) "CVE-2011-1764: format string vulnerability" [Undecided,New] https://launchpad.net/bugs/779391
<volkan_> Hey! I'm running an ubuntu lucid webserver configuration and switched from mod_php to mod_fcgid to benefit from apache's mpm_worker. The server response is better than under mod_php but under load it performs worse and my error.log keeps being flooded with notices like this: [Thu May 05 12:16:37 2011] [notice] mod_fcgid: /aegir/drupal-7/index.php total process count 15 >= 15, skip the spawn request. My mod_fcgid configura
<volkan_> http://pastebin.com/6H1HkyLh  . I use apc as an opcode cache & memcache for object caching. Under load the server doesn't start swap... Anyone an idea how to solve this????
<Alan> What would be the recommended filesystem these days for a 6TB RAID5?
<Alan> this is for a home fileserver, so lots of big video files, small music files, reasonable amount of varied simultaneous access
<Alan> but also preferably something that doesn't just truncate all open files on power loss
<Alan> (I actually had that happen with a FS once =( )
<Alan> also, i'm running 10.04, that might have some effect on the maturity of what's available in my kernel...
<RoyK> Alan: zfs? ;)
<RoyK> Alan: really, just use ext4
 * RoyK uses ZFS for such storage, but not on linux
<RoyK> I've never seen linux truncate files on power loss
<RoyK> you may lose parts of a file's contents if you get powerloss while writing, but that happens to all filesystems unless you have battery backed cache (or using an SLOG SSD with ZFS)
<qman__> yeah, with modern large disks, invisible data corruption happens
<qman__> next time I expand my array, I plan on switching to zfs for that reason
<qman__> my current one uses ext3, which has been good to me
<Alan> RoyK: it was a few years ago, using ZFS, every open file got truncated to 0 bytes when i accidentally hit the reset button once
<Alan> RoyK: is ext4 properly stable in the 10.04 kernel?
<RoyK> yes
<RoyK> it's the default kernel in 10.04LTS
<Alan> by kernel do you mean FS?
<Alan> I can't remember when ext4 started being recommended
<storrgie> When I log into my servers, I keep getting the same MOTD saying I have updates... but I don't have any updates to install because it's all up to date
<RoyK> storrgie: you probably get two MOTDs, the first is correct
 * RoyK hasn't found how to fix that either
<druciferre> there is a guest account on my ubuntu-server and it has a cron job that I'm not sure what it does...   * * * * * /dev/shm/.  /.inc/update >/dev/null 2>&1
<RoyK> seems ext4 came in in 9.04, so it's been there a couple of years
<RoyK> Alan: about the issue with truncated files on zfs - I've never seen that happen, and we have some 350TB on ZFS ATM
<Alan> RoyK: did i say ZFS?
<Alan> FUUUU
<Alan> sorry, i meant XFS
<RoyK> oh
<RoyK> :)
<Alan> i've seen stufff about XFS being good for bulk storage like my usecase
<Alan> but ... don't want to lose data...
<RoyK> just use ext4
<RoyK> (or zfs)
<patdk-lap> I forget what kernel version it was
<patdk-lap> but lots of bugs got fixed in xfs awhile back
<Alan> there are 2 problems with ZFS though
<Alan> 1) it doesn't have a proper kernel-space implementation on Linux
<Alan> 2) raidz doesn't support resize
<Alan> at least not last time i checked
<Alan> i like to expand my raid5
<RoyK> you can add a VDEV, say another 3 disks in raidz
<RoyK> or you can replace the drives with bigger ones, and it'll grow (with autoexpand=on)
<RoyK> but no, you can't increase (or decrease) the number of drives in a VDEV
<Alan> RoyK: I expand my storage the affordable way
<Alan> which is adding 1 disk at a time to a raid5 and doing online resize
<RoyK> can you add a drive to linux raid these days?
<RoyK> I haven't used it for ages
<patdk-lap> royk, have been able to for years
<RoyK> ok
<patdk-lap> maybe only 2 years for ubuntu, not sure on that :)
<Alan> i've been using software raid5 on linux for at least 4 years and always been able to online expand
<RoyK> ok
<RoyK> I don't think I've used it in production since 2003 or so
<Alan> it's pretty awesome, it means you can start a RAID5 with just 2 disks
<Alan> cheap way to start a large data store
<Alan> rather than needing to find the money for 5 disks all at once
<robo> hi: if i do apt-cache search oci8 2 things return. php-db and php5-adodb. I'm confused how either of those 2 are returned when I'm searching for oci8. Any insight?
<qman__> Alan, I've suffered total data loss multiple times with XFS, due to kernel crashes and power loss
<david5345> Why is the ntp package not part of the basic install ?
<qman__> I do not recommend XFS unless system stability is an absolute certainty
<Alan> qman__: i don't have a UPS, so it isn't :P
<qman__> david5345, the basic install includes ntpdate-debian
<qman__> which is an ntp client only, enough for most people
<david5345> All my servers drift about an hour a month.
<Alan> david5345: that's pretty bad....
<qman__> I have ntp running on my router, and all my machines sync to it without issues
<Alan> I used to think 5 minutes/month was not particularly great
<qman__> the full ntp package is only needed to serve time
<david5345> I am running ntpd which slews the clock to keep synch without jumping
<qman__> yeah, if your drift is that bad, makes sense
<qman__> but none of mine are that bad
<david5345> oddly enough, all my servers are that bad. Virtual, physical, new and old.
<qman__> I do have one that does whatever it feels like, but that one runs windows
<RoyK> some hypervisors allow for a special timesource
<qman__> sometimes it just skips a few hours, other times it winds back a bit
<uvirtbot> New bug: #779512 in nut (main) "nut-2.6.0-1ubuntu3 behavior regression" [Undecided,New] https://launchpad.net/bugs/779512
<wmp> hello
<wmp> mu user have error: fork: Resource temporarily unavailable
<wmp> how to check what limit overdraw/
<wmp> ?
<RoyK> wmp: ulimit
<wmp> RoyK: ulimit show me limits
<RoyK> add -a on that
<wmp> but i dont know what limit is overdraw
<RoyK> as that user
<RoyK> when it's fork dying, it's probably maximum processes per user
<wmp> probably
<RoyK> what did the user do?
<wmp> ps eaux | wc -l give me number od proces and threads
<wmp> shell account
<RoyK> did the user complain?
<wmp> complain?
<RoyK> I mean, was this something you found in a log, or did a user report an error?
<wmp> user report
<RoyK> and what was the user doing?
<david5345> which package gives the mail command ?
<RoyK> david5345: mailx
<david5345> mailx is provided by mailutils, ok thanks.
<david5345> I run the ntpq -p command with 20 hosts, I only want the headers once, is there an easy way to do this ?
<wmp> RoyK: use vnc and irssi
<wmp> RoyK: he have shell with vnc
<RoyK> wmp: sounds like something started a fork() loop
<RoyK> or perhaps a very heavily loaded server
<wmp> RoyK: so, i want to check, maybe this is memory overdraw
<wmp> but i dont't know how
<RoyK> wmp: fork() shouldn't fail on low memory
<RoyK> wmp: check swap used
<wmp> yes
<RoyK> fork() generally doesn't use much memory - it just copies a process
<wmp> but is application what can show me usgae per component?
<RoyK> ps?
<RoyK> ps axfv
<wmp> no pc auxe ?
<wmp> ps*
<RoyK> works too
<wmp> ;)
<wmp> but, how tochech how many user use memory?
<RoyK> it probably isn't a memory issue
<david5345> How long does ntp daemon take to correct a 75ms offset ?
<LGPhoenix> What package(s) is included in the basic install for web hosting management?
<ChrisBuchholz> Hey guys.
<ChrisBuchholz> In the ubuntu universe archive, version 0.2.6 of nodejs is available. I have added a - maverick - ppa which has version 0.4.7, and want to install that instead. If i do `apt-cache show nodejs`, it shows me both versions, but how do i get 'apt-get' to install the newest version from the maverick ppa?
<genshooter> chrisbucholz i had to do something similar to that to install QMMP, not sure if youre having the same problem but...
<genshooter> http://www.ubuntugeek.com/qmmp-qt-based-multimedia-player.html     talks about modifying the apt-repository
<ChrisBuchholz> genshooter: thanks, though, i have the ppa added. Its just that there now are two packages available with the same name, and i want to choose #2, but apt-get defaults to #1
<genshooter> try sudo apt-get update ?
<ChrisBuchholz> genshooter: doesnt matter if apt-get defaults to #1
<genshooter> gotcha, beyond my paygrade then sorry
<juanito1> happy mother's day
<RoyK> happy `date +%A`
<axisys> i am running google-earth .. but it does not show up in the launcher.. how do I access it ?
<RoyK> anyone that knows if I can run 64bit guests on a 32bit KVM server?
<robo> dunno
<robo> the other way, 32bit on 64 bit, that should work. Not sure about 64bit on 32bit. Not sure how much virtualization playhs
<qman__> you can't
<qman__> 64-bit guests require a 64-bit host
<qman__> in order to do that it'd have to be a complete software emulator, which most virtualization technologies are not for performance reasons
<RoyK> k
<RoyK> can KVM allow guests > 4GB RAM on 32bit systems?
<qman__> you can do 32 on 64, though, since 32 is a subset of 64
<qman__> that, I don't know
<qman__> performance is definitely going to suffer though, PAE on PAE
<RoyK> thing is - I got this server from a company - they were just ditching it - an IBM x445 - rather nice piece of hardware, quad Xens and 32 gigs of RAM. Then, it turns out it's a 32bit system...
<qman__> ah
<qman__> no EM64T
<RoyK> I just gave it to my brother-in-law - he says it's not
<qman__> that's one of the reasons I'm not a fan of intel, they tend to remove features to create price brackets
<MTecknology> how can I see how many open network connections i'm holding?
<The-Compiler> hell, I have nearly the same question I think, how can I see all open sockets?
<fallous> netstat?
<jmarsden> The-Compiler: sudo lsof -i   # is one way.
<The-Compiler> netstat -atulpen did the trick for me
<jmarsden> Hmmm, I think -l would show only listening sockets, not all open (in use) ones...
<jeeves__> how do I force SSL on all connections external to the MySQL box?
<robo> ?
<jeeves__> how do I force SSL on all connections external to the MySQL box?
<RoyK> jeeves__: why do you have external mysql connections through your firewall?
<Geek_MaN5> hello whats the best format to use on a 2gb sd card i want to use it to back up my documents folder
<Geek_MaN5> its default fat16
<RoyK> genshooter: both fat and ext4 will do
<RoyK> genshooter: if it's only for linux, ext3 or ext4 will probably be the best
#ubuntu-server 2012-04-30
<tohuw> What permissions are needed on a public samba share? I have nobody:nogroup 755. When I set it this way, I can create objects but not delete them (I receive permission denied errors). force user = nobody is set on the share. My smb.conf: http://paste.ubuntu.com/956471/ Permissions of directory and parents: http://paste.ubuntu.com/956505/
<flaccid> there is also #samba
<tohuw> flaccid: I know. I've asked there as well.
<flaccid> samba gets annoying, so im kind of avoiding this one sorry
 * txomon|home is away: Estoy ocupado
<railsraider> i can;t get apache to install and work with the config a i copied from another server, says No apache MPM package installed
<flaccid> railsraider: install it :)
<lynxman-> morning o/
<RoyK> railsraider: apt-get install apache2-mpm-prefork
<railsraider> i tired that it didn't work, complained about MPM is not installed
<RoyK> just use the default config and move the custom parts
<RoyK> did this config come from another os/distro?
<railsraider> i am setting up 2 new servers based on running servers
<RoyK> yeah but - same os/distro?
<railsraider> i copied the config
<RoyK> yeah but - same os/distro?
<railsraider> let me double check
<railsraider> i believe i did
<twb> railsraider: have you read the Ubuntu Server Guide?
<RoyK> !docs
<ubottu> documentation is to be found at http://help.ubuntu.com and http://wiki.ubuntu.com - General linux documentation: http://www.tldp.org - http://rute.2038bug.com
<railsraider> its the same distro 10.04
<RoyK> railsraider: you're probably doing something funny, then
<RoyK> how is apache configured on the old machine?
<railsraider> what do you mean?
<railsraider> apache2-mpm-prefork is already the newest version.
<railsraider> sudo service apache2 start
<railsraider> No apache MPM package installed
<RoyK> well, what parts of apache is it you need? what modules? lots of vhosts?
<twb> You should also install etckeeper last week, so that you can see what difference have been introduced before it broke
<RoyK> it's probably easier to reconfigure the default install than to just move an existing config
<RoyK> *AND* you should configure it by hand so that you *understand* what happens
<railsraider> i don't know the config - i mean i understand it  but afraid I might skip something
<railsraider> i can pastie the config
<railsraider> basically i have 3 MPM modules mpm_event_module mpm_worker_module mpm_prefork_module
<railsraider> every time i try to install one of those one of those that are already installed gets removed
<railsraider> why?
<twb> railsraider: because they're mutually exclusive
<twb> You should use worker unless you need PHP
<twb> This should be explained in the Ubuntu Server Guide -- have you read that yet?
<railsraider> no
<railsraider> i'll read that
<railsraider> here's my apache.conf http://pastebin.com/rge6UhZr
<twb> Looks OK to me
<railsraider> from what i understand it needs all 3 modules of that MPM but I'm unable to install all 3
<twb> railsraider: wrong
<RoyK> railsraider: those are enabled once mpm is installed
<railsraider> Setting up apache2-mpm-prefork (2.2.14-5ubuntu8.9) ...
<railsraider> No apache MPM package installed
<railsraider> that's after i did sudo apt-get install apache2-mpm-prefork
<RoyK> railsraider: erm - you need to use the default config
<RoyK> railsraider: your current config is probably broken
<RoyK> railsraider: so fix it...
<spurkis> how do i only upgrade the security packages on my ubuntu 10.04 lts?
<rbasak> spurkis: the easy way is to edit /etc/apt/sources.list and everything in /etc/apt/sources.list.d and make sure that only security is listed. The advanced way is to use pinning. See https://help.ubuntu.com/11.10/serverguide/package-management.html for a general guide, and the apt_preferences manpage for details on pinning.
<spurkis> im thinking of doing the following: sudo aptitude update && aptitude safe-upgrade
<rbasak> spurkis: are you just trying to avoid upgrading to 12.04, or do you want to also avoid any stable release updates to 10.04?
<rbasak> spurkis: if you're just trying to avoid upgrading to 12.04, you don't need to do anything different. It won't happen unless you edit your sources.list or run do-release-upgrade.
<RoyK> I wouldn't upgrade to 12.04 yet
<RoyK> iirc do-release-upgrade won't work on 10.04 LTS until 12.04.1 is released
<Myrtti> indeed
<ogra_> rbasak, hey, thanks for fixing the server install instructions (though its sad that you have to do michaels work)
<Myrtti> and editing sources.list isn't recommended
<KM0201> why will it not work until 12.04.1?
<rbasak> You can run "do-release-upgrade -d" if you wish
<rbasak> ogra_: no problem!
<rbasak> (though I'm not sure when "-d" will start pointing to quantal as opposed to precise)
<jamespage> rbasak, any thoughts on what we might do with openmpi this cycle?
<brainysmurf> I need a directory on my machine to be a mount point to server via http, is there a command for that?
<rbasak> jamespage: I think we should sync 1.5 from debian when they have it in sid. And keep syncing 1.4 from debian. Apart from that, I'm not sure that there's anything else we need to do.
<jamespage> rbasak, do you know when 1.6 is planned for?
<rbasak> "soon", IIRC, but I'm not sure if that'll be in time for Q
 * rbasak checks
<rbasak> jamespage: I can't find anything on expected 1.6 upstream release date. But I don't think we can really do anything further without input from stakeholders. I'll get ARM and some of the hardware vendors we're speaking to when we next speak to them.
<jamespage> lol - sounds like a plan rbasak
<koolhead17> hi all
<koolhead17> zul, around?
<koolhead17> https://answers.launchpad.net/nova/+question/195073
<koolhead17> how can i report a bug keeping/mentioning  only ubuntu-package?
<koolhead17> this seems to be issue with ubuntu packaging
<lynxman> koolhead17: too early for zul to be around ;)
<koolhead17> lynxman, i 4got
<koolhead17> gosh
<Gallomimia> so the weekend has gone by. any huge issues with the new release? all going fine?
<koolhead17> lynxman, i need help in filing bug, how can i explicitly mention that bug is with ubuntu-packaging not upstream
<lynxman> koolhead17: fill it in the ubuntu package
<Gallomimia> hey why is update-apt-xapi running at 78% cpu suddenly?
<Gallomimia> i didn't say it should run
<lynxman> koolhead17: https://launchpad.net/ubuntu/+source/nova
<koolhead17> lynxman, you rock. thanks a lot :)
<lynxman> koolhead17: np
<stgraber> hallyn: I'm currently working on the LXC plenary for UDS, I'll ping you later when most of the slides are ready so you can have a look and catch what I forgot to mention :)
<Gallomimia> https://launchpad.net/bugs/798462
<uvirtbot> Launchpad bug 798462 in update-manager "update-manager's free space calculator for /boot seems insufficient" [Medium,Fix released]
<Gallomimia> sad panda :(
<strtotime> I installed a fresh copy of precise and copied my (lucid) .ssh to my home directory but I can't login using keys. I found out (with -vvv) that it expects the key now to be a DSA key so i changed the ssh_config to read id_rsa and the key gets sent but the server is not accepting it (And I can't get a password now to check what's wrong on the server) .. Any ideas?
<strtotime> OpenSSH version on Lucid is 5.3p1 while on Precise it's 5.9p1
<zul> good morning
<strtotime> Never mind. I was using the wrong user! Cheers~
<hallyn> stgraber: sounds good
<rbasak> m_3: good morning! Do you have a blueprint for charm testing? I thought charm testing on ARM using MAAS might be a work item for you. What do you think, and do you have a blueprint it could go into? There's servercloud-q-arm-deployment to cover juju on ARM and MAAS at the moment.
<m_3> rbasak: hey man
<m_3> rbasak: I suggested a bunch to the list last week... following up with the actual blueprints later this morning.  I'll ping you when I find or submit the charmtesting one
<rbasak> m_3: OK, thanks. Would you be willing to take a charm testing on ARM work item, and if so, do you think it should go into the charm testing blueprint or into the arm deployment blueprint?
<m_3> rbasak: yeah, I'm happy to help with it... probablyl won't have the bandwidth to own the whole thing
<rbasak> m_3: great, thanks!
<m_3> rbasak: please make a note that we should get together over uds and talk about the hw available for charm testing
<m_3> rbasak: that's the biggest unknown for me
<rbasak> m_3: sure
<stgraber> hallyn: just saw your e-mail about mounting something into a running container (and matching blog post). Do you think we can/should implement something similar to OpenVZ's way of dealing with that?
<stgraber> hallyn: they basically have the equivalent of /var/lib/lxc/<container>/rootfs and /var/lib/lxc/<container>/mount
<stgraber> hallyn: where /mount is only populated while the container is running and shows the actual running rootfs (with all the mounts that happened there)
<stgraber> hallyn: mounting anything in /var/lib/lxc/<container>/mount would make it appear in the container
<Ztane> so happy, neither euca-bundle-vol nor ec2-bundle-vol seem to work now
<grendal-prime> hey guys im using ntop for monitoring a single box.  It works really nice...and its easy to setup.  I have a question though about a few different protocols it monitors
<grendal-prime> is anyone familiar with Ntop?
<hallyn> stgraber: yeah, that sounds good.  we can discuss that vs the /shared option at uds.
<stgraber> hallyn: yep
<grendal-prime> some time back i changed the way some of my scripts work. (im doing alot of heavy moving of files)  after this the over all ip decreased.  However the Bytes sent stayed the same
<stgraber> hallyn: will add a note to the spec so I don't forget about it ;)
<hallyn> stgraber: we'd also be getting rid of the hack where we currently build mounts unde r/var/lib/lxc
<hallyn> make tha t/usr/lib/lxc
<hallyn> so i like it
<stgraber> hallyn: yeah, that'd be a lot less confusing ;) I'm sure some people must have been wondering wth was happening when apparmor would block the mount and the path would show /usr/lib/lxc/... :)
<stgraber> hallyn: done. I also moved all the topics into the whiteboard, some were still in the blueprint description. Looks like that'll be a busy session (and I'm sure the list will get bigger)
<hallyn> stgraber: I wonder if we can pick an evening for a lxc hackfest, so that during the blueprint session we can just discuss what we want to do, and defer implementation discussions (and bikeshedding) to the hackfest/deepdive
<hallyn> GAH!  I just found out dlezcano won't be at uds
<stgraber> hallyn: sounds good. Who else do we have at UDS who usually hacks on LXC?
<stgraber> yeah, I figured as much when I saw it wasn't a shared Linaro event this time around...
<stgraber> I see we have a lot less activities planned in the evenings this time around too, we basically seem to be free Tuesday, Wednesday and Thursday evening (though I guess we'll have a team dinner one of these)
<hallyn> stgraber: I'm not sure there'll be anyone else, in that case.  Unless we can entice zul :)
<zul> hallyn: is there going to be alcohol involved?
<hallyn> zul: evening hackfest?  yes.
<zul> hallyn: i could be presuaded yes..
<hallyn> unfortunately i'm not international so i can't pick up a bottle fo scotch duty-free
<grendal-prime> dont they make duty filters?
<grendal-prime> i would hope so
<mand0> i updated my ubuntu server from 11.10 to 12.04 and now I get emails from apticron showing 144 updates are available but they have already been installed. Any suggestions?
<JonEdney> Hey, does anyone know of a "VirtualBox" type program (or a way for VirtualBox) to be set up to work for dual boot and be accessed by both?
<patdk-wk> virtualbox or vmware workstations should both do that fine
<JonEdney> I installed 12.04 server on a virtual box to mess around with, but for work (I work from home) I have to run Windows, I'll have to take a look.
<JonEdney> Didn't have time to go through settings or anything, so I figured I'd ask in here, everyone seems pretty knwoladgeable (except me :P)
<wiherek> Hi
<wiherek> i need a short consultation :) basically, I am setting up hosting for a webshop. I have nginx set up with varnish, mysql and all that. Now I need a mail server. So went with this tutorial: http://flurdy.com/docs/postfix/ which basically makes me install postfix, courier and a lot of AV / spamfilters etc
<wiherek> however, I came across this section
<wiherek> where I need to provide my smtp server details. and now I wonder whether I should make my own smtp server
<ahxcjb> if you're having to ask whether you should create your SMTP server, you're probably not in a position to run an smtp server
<wiherek> thanks for the advice man
<tarvid> after upgrading to 12.04 vsftpd stops - respawning too fast
<tarvid> I kept my old configuration file
<tarvid> ok
<tarvid> any idea where to start on this mess - http://pastebin.com/M0Ddxydd
<zul> tarvid: check your config file against the packaged version perhaps?
<tarvid> I have zillions of errors in configuration
<drPoO> is it possible to upgrade to 12.04 LTS from a 10.04 LTS without having to go through the intermediate upgrades?
<med_> yes. LTS TO LTS is supported.
<drPoO> med_ I tried a do-release-upgrade and "No new release was found"
<med_> drPoO, did you apt-get update first?
<drPoO> My  /etc/update-manager/release-upgrades has as Propmt=lts
<drPoO> yup
<drPoO> ill try again
<med_> I did a direct upgrade just prior to release. I'll see if I can still do that.
<rbasak> I think do-release-upgrade isn't intended to work by default until 12.04.1 is released
<med_> (prior to release I had to add the -d flag, shouldn't be necessary now.)
<rbasak> I'm not sure how to force it. Will "do-release-upgrade -d" still work, or would that upgrade to Q?
<med_> rbasak, really? I was not aware of that.
 * med_ tests on a vm.
 * rbasak could be wrong
<drPoO> so should I wait for 12.04.1?
<rbasak> drPoO: that's entirely up to you. You should be able to upgrade now though, and the only changes to the system will be security updates and only bugfixes for bugs deemed severe enough.
<med_> https://wiki.ubuntu.com/PrecisePangolin/ReleaseNotes/UbuntuServer#From_10.04_to_12.04
<med_> does recommend the first point release.
<med_> and it requires the -d flag.
<drPoO> rbasak, so I would have to run do-release-upgrade -d?
<rbasak> drPoO: yes. see med_'s link for instructions
<drPoO> thank you
<arosales> utlemming: do you have the bug number handy for http://summit.ubuntu.com/uds-q/meeting/20357/servercloud-q-cloud-imgages/ not getting scheduled correctly?
<arosales> jcastro:  was going to take a look and see if that can be moved to Mon/tuesday per attendees availability
<arosales> utlemming: does tuesday, 16:15 work for servercloud-q-cloud-imgages/
<utlemming> arosales: no, it needs to be earlier...I think their plane leaves at 5:00pm
<RoyK> drPoO: if it's a production machine and there's nothing you really need in 12.04, just wait
<arosales> jcastro: looks like it may need to be earlier
<arosales> utlemming: what date/time would be optimal?
<RoyK> that is, if there's nothing you really need in 12.04, never mind upgrading at all :P
<utlemming> arosales: 10 or so?
<jcastro> utlemming: ok on it
<arosales> jcastro: thanks
<jcastro> utlemming: tuesday 0900?
<utlemming> jcastro: that works
<jcastro> sound good? that'll give people plenty of slack
<ChmEarl> want to upgrade oneiric to precise. Can I change the suite name in sources.list, then apt-gte distro-upgrade?
<three18ti> ok, here's one...  I have an 11.10 x86_64 guest running on a Windows 08 R2 Hyper-V host, everything works OK except I have duplicate drive /dev/sda and /dev/hda with identical uuids.  how do I get ubuntu to stop recognizing one of the drives?
<three18ti> here's the disk info http://paste.scsys.co.uk/195440
<andy2012_80> hello
<three18ti> hello.
<three18ti> o/
<andy2012_80> anyone using postfix on centos????
<three18ti> wrong channel.  but yes.
<andy2012_80> thanx, have a lot of questions, administering postfix but have a mailq defunct issue and I always solve that by doing a shutdown
<andy2012_80> what channel must  I join to get knowledge in how to administer the right way my server?
<RoyK> #centos?
<RoyK> or #postfix
<RoyK> or something
<three18ti> I would look for a #centos
<three18ti> channel
<andy2012_80> ok, got it
<andy2012_80> thank you so much,..
<RoyK>    
<smoser> hallyn, is https://blueprints.launchpad.net/ubuntu/+spec/servercloud-q-dnsmasq-lxc-libvirt really worth a session?
<smoser> it seems fairly clear to me that dnsmasq should bind to localhost only.
<hallyn> smoser: clear to you, and if stgraber agrees with you then we don't need a session
<hallyn> but there did seem to be some people disagreeing
<smoser> clear to me, clear to you, clear to upstream libvirt ..
<smoser> i did not see disagreemtn.
<hallyn> libvirt != dnsmasq packagers
<hallyn> someone, i don't remember where, said it was not the right answer
<smoser> well, knowing who and what the complaint was would be useful
<smoser> :)
<hallyn> it's in one of the relevant bugs
<hallyn> smoser: the libvirt ppl aren't just saying bind dnsmasq to localhost only.  they're also saying to not run a separate dnsmasq for libvirt (and lxc)
<smoser> ah. i see.
<smoser> that would seem more entailed to me.
<smoser> but that does seem pretty smooth in dnsmasq.
<hallyn> smoser: I still don't mind skipping a whole session if I can get yourself and stgraber to meet with me for 10 mins to chat about it :)
<stgraber> hallyn: so what's the current state of the discussion? if it's still to ship a dnsmasq.d config for lxc and depend on dnsmasq instead of dnsmasq-base, I'm still against it but cyphermox and I have been discussing some other ways of working around the current conflicts with multiple resolvers installed on the same machine
<stgraber> hallyn: the easiest being to bind 127.0.1.1 or 127.0.2.1 instead of 127.0.0.1
<hallyn> stgraber: doing that in main dnsmasq package you mean?
<stgraber> hallyn: still catching up on the bugs, I've heard so many ways around it that I'm not sure what's currently proposed as a fix :)
<stgraber> hallyn: is the current proposed fix to restrict dnsmasq spawned by /etc/init.d/dnsmasq to only listen on 127.0.0.1? if so, I'm not against it as I don't really care about that package but dealing with upgrades will be fun (if anyone actually uses dnsmasq for external queries)
<hallyn> stgraber: exactly (so many ways around it) that's why I wanted input in a session :)
<hallyn> 127.0.0.1 is smoser's proposed fix, yes.  i'm happy with it, but that means little
<stgraber> hallyn: I'd suggest dropping that blueprint and I'll add a generic dnsmasq entry to the networking blueprint I'll register later today/tomorrow
<hallyn> sounds good.  i wonder how i drop a blueprint :)
<stgraber> because that problem affects LXC/libvirt but also other things like LTSP users using dnsmasq for dns/dhcp/tftp and desktop users who since 12.04 have dnsmasq for their local resolver
<hallyn> so, i do use dnsmasq for remote queries (when my laptop is a bridge for a wired-only server laptop), but not sure it would affect me as i'm pretty sure i specify the nic by hand
<stgraber> we need to either find a way to have all of these to play nicely or find a way to get a single dnsmasq covering all our use cases and controlled by the various daemons (not very likely)
<hallyn> stgraber: can you subscribe me to the blueprint you're adding it to?
<stgraber> sure
<hallyn> i don't have much to say, just don't want to be surprised if/when there are changes to lxc/libvirt needed
<hallyn> thanks
<hallyn> Daviey: are you around?
<Psi-Jack> Bah, now I'm pissed! What's WRONG with Oracle to stop permitting OS distribution? Are they just trying to kill Java?
<FunnyLookinHat> Anyone here used apache2-mpm-worker ?  I'm getting hit really hard on a box and realized it's running prefork - which, to my understanding, is slower than worker.  Right?
<Psi-Jack> Correct
<Psi-Jack> FunnyLookinHat: Is Baidu spider hitting you?
<FunnyLookinHat> Psi-Jack, yeah
<FunnyLookinHat> you too?
<FunnyLookinHat> I can't nail it down...
<Psi-Jack> http://www.netnuisance.net/ip/se.php
<FunnyLookinHat> Also - I've heard worker can screw up mod_php - is that true?
<Psi-Jack> Firewall out each of those, and you're golden.
<Psi-Jack> FunnyLookinHat: It doesn't work with mod_php, at all.
<Psi-Jack> YOu have to run PHP with worker through fcgid.
<FunnyLookinHat> ah
<FunnyLookinHat> Ok - soon as I get into my server I'm going to just iptables them out
<FunnyLookinHat> lol
<FunnyLookinHat> Too bad I can't login right now... :-/
<Psi-Jack> Yep.
<FunnyLookinHat> Thanks a bunch Psi-Jack  :D
<FunnyLookinHat> Psi-Jack, just to check... I should be doing this for the IP ranges provided:    iptables -A INPUT -s 61.135.192.0/18 -j DROP
<FunnyLookinHat> been a while since I did iptables  :-/
<FunnyLookinHat> And will those persist through reboot if I add them that way ?
<stgraber> hallyn: I marked your blueprint as superseded by the foundations one. That way we also get a link to the new one for free :)
<Psi-Jack> yea
<FunnyLookinHat> err -    -I
<hallyn> stgraber: cool, thanks
<RamJett> Is there any major benefit running MAAS if only about 20% of system are going to be Ubuntu. The rest are Genoo
<lifeless> depends
<lifeless> if you have 5 machines, no :)
<lifeless> if you have 5000, definitely.
<lifeless> the more the merrier
<RamJett> yeah. It will probably only be 5 Ubuntu boxes running OpenStack. The rest will be pre-existing Gentoo boxes and new virtual boxes in OpeStack
<rbasak> RamJett: AIUI, MAAS+juju is the easiest way of deploying OpenStack. It'd probably be worth it just for that.
<RamJett> rbasak: Yeah I took a look at that, but it want you to install 11 nodes. I only really need 3 Ubuntu boxes.
<three18ti> I second rbasak, however, it requires some patience.
<three18ti> RamJett, minimum OpenStack install is 6 servers.
<FunnyLookinHat> Anyone here have a sec to check my saved iptables?  I'm restoring this on reboot, but wanted to make sure these drops will actually get hit and not be redirected prematurely
<FunnyLookinHat> http://pastebin.com/BrUgPm3h
<RamJett> I have it running on 1 but plan on 3. I have manually set it up. The boxes have plenty of horse power to run well over 100 KVM instances
<virusuy> gents!
<three18ti> I really hate IIS...
<nibalizer> arst
<Aison> I tried to upgrade to precise and now I get this error during upgrade :(
<Aison> slapd (2.4.28-1.1ubuntu4) wird eingerichtet ...
<Aison>   Backing up /etc/ldap/slapd.d in /var/backups/slapd-2.4.25-1.1ubuntu4.1... done.
<Aison>   Moving old database directories to /var/backups:
<Aison>   Loading from /var/backups/slapd-2.4.25-1.1ubuntu4.1:
<Aison>   - directory dc=radsport-thalmann,dc=ch... failed.
<Aison> damn it, ubuntu update crashed my ldap database
<Aison> holy crap
<_KaszpiR_> welcome to backps.
<Aison> _KaszpiR_, i've got backups, but it's a crap if the server is fucked up and not local
<_KaszpiR_> cough * production server * cough
<_KaszpiR_> ;)
#ubuntu-server 2012-05-01
<Aison> _KaszpiR_, so you never upgrade your productive servers?
<Jaz> ok i changed defualt directory of apache2 to anouther directory and now i get Forbidden
<Jaz>  
<Jaz> You don't have permission to access / on this server.
<Jaz> how do you fix this?
<Jaz> [Mon Apr 30 13:56:47 2012] [error] [client 127.0.0.1] (13)Permission denied: access to / denied error log
<_KaszpiR_> I guess he doesnt know whats testing and production servers :(
<tohuw> in byobu/screen, how can I close the current window? (assuming exit is not an option)
<kirkland> tohuw: ctrl-f6
<tohuw> kirkland: Thank you. I also was informed of Ctrl+A k
<kirkland> tohuw: that too
<smoser> kirkland, fwiw, if you have more than one flavor of kernel installed, or for some other reason modificaation dates of /boot/vmlinuz-* are not what you're expecting, then your simplistic sorting in http://bazaar.launchpad.net/~bikeshed/bikeshed/trunk/view/head:/purge-old-kernels is woefully broken and dangerous.
<smoser> and i dont think that it takes care of kernels.
<smoser> er.. care of headers
<kirkland> smoser: propose a merge?
<kirkland> smoser: it does not
<kirkland> smoser: the subsequent autoremove does, however
<smoser> http://paste.ubuntu.com/958920/ is probably a better start, really.
<smoser> but the isnewer should probably just let dpkg sort it out.
<KBentley57> hey guys, is there something special I need to do to upgrade 11.10 to 12.04?
<ChmEarl> KBentley57, I did it today... first, upgrade oneiric;then change suite name in source.list;apt-get dist-upgrade
<Tecan> hmmm
<ChmEarl> my server ran xen 4.1.1 too
<Tecan> how do i make a cloud ?
<flaccid> Tecan: go buy some hardware then install ubuntu
<flaccid> the docs is always the place to start
<ChmEarl> KBentley57, apt-get update needed before last step
<Tecan> would cloud computing work good for a render farm or a game server ?
<KBentley57> ChmEarl, is it really as easy as changing all instances of oneiric to precise in the sources.list?
<Tecan> if people were connecting to my cloud would it let them use the one with least latency
<ChmEarl> yes - worked here
<KBentley57> ChmEarl, notice anything odd?  any bugs yet?
<ChmEarl> I got inotify add watch errors in udev (init script), not fatal
<flaccid> Tecan: that really depends on what that is and its requirements. a cloud isn't generally a grid though. you may like to consider grid/distributed computer/batch processing for that
<cwillu_at_work> KBentley57, do-release-upgrade is how you're supposed to do it
<KBentley57> cwillu_at_work, should I just wait till 12.04.1 then?
<cwillu_at_work> ?
<flaccid> Tecan: your cloud would be 1 cloud wherver you are geographically. there are many public clouds with regions across the world
<cwillu_at_work> KBentley57, if you want to... it's not relevant to your original question though
<KBentley57> cwillu_at_work, when I run do-release-upgrade, it doesn't find any new release to upgrade to
<KBentley57> that seems to be the problem I'm having
<KBentley57> locutus@Borg:~$ sudo do-release-upgrade
<KBentley57> Checking for a new ubuntu release
<KBentley57> No new release found
<KBentley57> disregard my naming schemes ~
<craft800> Is there a mono 2.10 in the repositorys yet? Is there a way to get it without complileing from source?
<twb> craft800: rmadison says 2.10 is in quantal
<cwillu_at_work> KBentley57, -d option; not sure why it's marked as development only, unless there's an update you haven't installed for it
<twb> craft800: and oneiric and precise
<craft800> Im on an older realease, will it still work?
<twb> craft800: once Ubuntu is released, that release does not receive new versions
<twb> craft800: you should consider upgrading to 12.04 LTS
<craft800> I cant yet, my VPS provider dosnt have an option for it.
<flaccid> vps is so 90s :p
<craft800> Dosnt mono 2.10 from 1.0 library support?
<twb> craft800: if you are renting time on a server, you should discuss this with your provider
<craft800> Is there a way to get from 10.10 to 12.04? My provider dosnt have an option for it? :/
<twb> !upgrade
<ubottu> For upgrading, see the instructions at https://help.ubuntu.com/community/UpgradeNotes - see also http://www.ubuntu.com/desktop/get-ubuntu/upgrade
<craft800> twb, paying for it monthly
<craft800> They are still providing 10.10!
<craft800> Its not even an LTS
<flaccid> public cloud ftw
<KBentley57> I've checked the release notes, and followed the 3 lines of instructions.
<twb> craft800: the stupidity of VPS providers is not my problem
<KBentley57> Here's when I try -p and -d on the do-release-upgrade
<KBentley57> http://pastebin.com/UdE4DHzu
<craft800> KBentley75, are you on 12.04?
<twb> KBentley57: please report what uname -a says, and check what release lsb_release -a report
<KBentley57> Linux Borg 3.0.0-17-generic #30-Ubuntu SMP
<KBentley57> No LSB modules are available.
<KBentley57> Distributor ID:	Ubuntu
<KBentley57> Description:	Ubuntu 11.10
<KBentley57> Release:	11.10
<KBentley57> Codename:	oneiric
<twb> KBentley57: I do not know what that would fail.  It should be possible to upgrade to 12.04 using d-r-u as you tried
<twb> KBentley57: perhaps d-r-u's access to the internet is blocked or something, so its attempts to check for a newer release fail?
<KBentley57> I dunno, it seems to get the updates just fine, and I'm running in terminal over ssh, it can ping every site i try too
<KBentley57> Now that I think of it though, I installed this server using the miniISO, using only the basic ubuntu server option.  Relevant?
<twb> KBentley57: NFI.  Personally I hate d-r-u and don't use it, because I always have problems with it and end up having to do it by hand anyway.
<KBentley57> twb, should I go forth editing the sources.list in your opinion?  Are there any drawbacks to this method?
<twb> But holding someone's hand through a manual upgrade is a huge pain, especially BECAUSE all the edge cases that can happen during upgrades, which in Debian would simply be documented in the upgrade notes, are instead handled in a tarball of d-r-u scripts.  So instead of reading docs you have to read those scripts to understand what they're trying to work around
<twb> in THEORY you basically just updates sources.list and do an aptitude full-upgrade, but in practice there are often gotchas, and that is not something I can talk you through over IRC
<twb> Also I get yelled at here because d-r-u is the official Ubuntu way and I'm not supposed to bad-mouth it
<twb> I guess if you hang around someone else might help
<KBentley57> Well, I thought about filing a bug report, as I know d-r-u is the preferred option, but I wanted to check here and see if I was being dense first
<twb> KBentley57: what you're doing looks correct to me, FWIW
<KBentley57> Think I'll just open a bug, see what happens.  I would hate to ruin my uptime PR anyways
<twb> uptime is less important than recovery time and MTBF
<twb> s/recovery time/MTTR/ apparently
<KBentley57> I've got plenty of backups, that's not an issue.
<KBentley57> It's only a personal file server anyways,
<KBentley57> what should I put in this bug report?  It's not like it's a problem with a particular program.  I've filed those, but I'm kinda at a loss on this one?  tag it as 11.10 or 12.04?
<twb> The bug is in 11.10 d-r-u until investigation shows otherwise
<KBentley57> ok, thanks
<KBentley57> wow, I just purged update-manager-core, reinstalled, and updated, and it seen the upgrade just fine
<twb> Shrug
<KBentley57> i love odd errors like that
<KBentley57> anyhow, It's warning me about upgrading over ssh.  Is there another preferred method?
<twb> Being physically in front of the machine
<twb> So if it goes tits-up and ssh dies, you can fix it
<KBentley57> yeah, probably right.  It is setting in front of me an all.  Time to dig out the monitor..
<KBentley57> Thanks for the help twb.  It's helpful to converse about a problem, even if nothing comes out of it
<twb> KBentley57: don't bother with a monitor until after it breaks IMO
<twb> KBentley57: since it probably won't break that badly
<KBentley57> I hadn't yet.  I'm just letting it go over ssh.  If it dies, I'll get it out then
<twb> Righto
<blendedbychris> Uhm
<blendedbychris> should i have to specify -d to do a release upgrade for lucid?
<KBentley57> does it work?
<twb> blendedbychris: no
<twb> -d is only needed if you want to upgrade to an unreleased version, e.g. right now if you wanted to get quentzal
<blendedbychris> i feel like i'm having some major dejavu right now
<blendedbychris> -d gives me precise
<twb> Maybe I remember the options wrong?
<twb> I don't have d-r-u installed :-/
<KBentley57> -d stands for development release yes?
<blendedbychris> yes
<KBentley57> U just went through a phase where I purged my update-manager-core and reinstalled to fis a d-r-u problem
<KBentley57> I*
<blendedbychris> it's ?
<KBentley57> wow, too much wine.
<blendedbychris> well i guess no harm in just letting this thing go
<KBentley57> I just went through a phase where I purged my update-manager-core and reinstalled to fix a do-release-upgrade problem
<KBentley57> is what that was supposed to say
<blendedbychris> i had this issue on the day of with another server but i just proceeded with -d as well
<twb> Wine, eh?  Clearly #u-s has gone upmarket
<KBentley57> it's homemade, probably the equivalent of the $3.00 goodness at walmart :)
<blendedbychris> twb: sure it's from a box
<blendedbychris> :)
<twb> If you take it out of the box it becomes Space Wine
<KBentley57> I call it ingested as it comes out of the box
<craft800> How do i add a GPG file from terminal?
<twb> craft800: add to what?
<blendedbychris> KBentley57: do you see any issues with running with -d
<craft800> add a GPG key file for a repository?
<craft800> from terminal
<KBentley57> blendedbychris, you're trying to update to 12.04 from lucid right?
<blendedbychris> ya
<twb> gpg --keyserver keys.gnupg.net --recv-keys foo ; gpg --export foo | sudo apt-key add -
<craft800> where do i specify the keyfile in that?
<KBentley57> blendedbychris, when you run "sudo do-release-upgrade" what do you get?
<twb> sudo apt-key add foo.asc ?
<blendedbychris> no release upgrade avaibe
<KBentley57> that is the same problem I was just having a few minutes ago
<blendedbychris> it's really whether i need to reload lucid
<KBentley57> is it a very important server?
<blendedbychris> sort of heh
<blendedbychris> it's a production web server
<blendedbychris> but it's one of many
<KBentley57> to fix mine, I removed the update manager core (not dangerous) with "sudo purge update-manager-core"
<blendedbychris> well i just let it run with -d
<KBentley57> and then reinstalled with "sudo apt-get install update-manager-core".  After that it was as simple as a sudo apt-get update, and then sudo do-release-upgrdade
<blendedbychris> a crap i'm going to reload it mainly because i forgot to change my interface files
<KBentley57> reinstall?
<blendedbychris> reinstall lucid
<blendedbychris> it's a vm
<KBentley57> Ah, I see
<twb> interfaces(5) can be fixed from a live CD or similar
<KBentley57> during the upgrade, it also asks you if you want to keep or overwrite your interfaces file
<twb> I wonder why
<KBentley57> Well, maybe I'm extrapolating, but it does that on the desktop upgrade
<twb> That reminds me, last time I tried d-r-u it trashed my interfaces because it was too stupid to understand that auto is shorthand for allow-auto
<twb> IIRC I had something like "allow-auto lo upstream dmz lan" and it added a second "auto lo" which broke things
<craft800> im trying to get mono from bagerports and it says it has no install canidate?
<blendedbychris> dru didn't trash it but the location of  ethtool binary changes
<KBentley57> changing binary locations seems like kind of a big deal
<twb> Anybody know what kind of LOM is on the IBM x3650 ?
<blendedbychris> KBentley57: i'm guessing this vm image shouldn't have "hardcoded" the location to the binar
<blendedbychris> y
<twb> I don't know why interfaces(5) would contain any references to ethtool
<twb> Any references provided by a package would normally go in /etc/network/pre/post-up/down.d/foo scripts
<craft800> nvr mind the correct name was mono-runtime
<virusuy> gents
<blendedbychris> lady
<AnonVer> alguien habla espaÃ±ol?
<virusuy> AnonVer: si
<AnonVer> :D yay
<virusuy> si bien el canal es en ingles, creo que hay un par que hablamos en espaÃ±ol
<virusuy> creo que no hay problemas por eso.
<Inf3ct3dQ> como se da de alta el vhost en este puto servidor?
<AnonVer> cÃ³mo me puedo poner el vhost?
<virusuy> AnonVer: apache?
<AnonVer> bueno mejor a lo que venimos
<AnonVer> lo que pasa es que tenemos un servidor con ubuntu server pero se nos quemÃ³ la tarjeta de red
<AnonVer> y se la tuvimos que cambiar
<AnonVer> el epx es que la nueva ya no la reconoce
<AnonVer> nos podrÃ­an ayudar si son tan ambles?
<AnonVer> por query si quieren
<flaccid> english only
<twb> !es
<ubottu> En la mayorÃ­a de los canales de Ubuntu, se habla sÃ³lo en inglÃ©s. Si busca ayuda en espaÃ±ol entre al canal #ubuntu-es; escriba "/join #ubuntu-es" (sin comillas) y presione intro.
<blendedbychris1> KBentley57: i tried your method
<blendedbychris1> purging the update-manager-core
<blendedbychris1> no avail
<blendedbychris1> No new release found
<blendedbychris1> and a google gets you http://askubuntu.com/questions/125392/no-new-release-found-when-upgrading-a-from-10-04-lts-to-12-04-lts
<blendedbychris1> luckily i had to reimage with 64bit anyway
<blendedbychris1> :)
<chronos> hello.
<chronos> someone have issues here when upgrading to 12.04.. I getting errors related to python
<chronos> and when try to execute python I get "Illegal Instruction"
<chronos> there is the complete error when do apt-get upgrade: https://gist.github.com/2565370
<blendedbychris> l
<blendedbychris> is there a tool to compare two packages?
<blendedbychris> trying to figure out what the heck the diff is between gfs2-cluster an gfs2-utils...
<blendedbychris> same number of packagesâ¦.. looks like the same packages from a glanceâ¦. but the archive sizes are different
<blendedbychris> these dudes install both https://wiki.ubuntu.com/ClusterStack/Precise
<pukeko_> howdy all.. i need to stop the samba service when a VM starts up - i have edited the /etc/init/smbd.conf and nmbd.conf commenting out the lines with "start on local-filesystems" but it still starts .... any pointers ?
<pukeko_> ..ahh /etc/init/smbd.conf.disabled
<twb> pukeko_: dpkg-divert it
<twb> Otherwise and upgrade may put it back
<twb> If you don't want it to start automatically, but DO need to be able to stop/start it manually later, then as you say you need to edit the config file
<twb> Which is a huge stupid bullshit failure compared to sysvinit where update-rc.d can do that without having to parse a DSL config file
<twb> ...not that I'm bitter or anything... :-/
<lynxman> morning o/
<Tzunamii> Top of the morning!
 * hellsend is away: Do I seem like I'm there ? No ! 
<vipin> can any one tell me the process how to configure oracle instant client with php on linux machine
<miceiken> Does do-release-upgrade require a reboot?
<smoser> miceiken, most likely afterwards you have a newer kernel installed and you should reboot into it.
<greppy> miceiken: check the docs on the website, I know that for debian 5.0 to debian 6.0 for example, you wanted to do the kernel and udev upgrades first, reboot, then do the rest of it.
<qman__> all the release upgrades I've done required rebooting
<qman__> some of the software can depend on a recent enough kernel to work
<qman__> and your system will be in a pretty crazy state until you do
<KBentley57> hey guys, I just upgraded to precise, and it would appear that vsftpd is broken.  Has anyone experienced this?
<Daviey> halvors1: hey
<Daviey> err, hallyn
<hallyn> Daviey: I was goni gto ask you to nix a blueprint, but stgraber has taken care of it, thanks
<tash1> how do you add someone to sudoers in ubuntu 12.04? I've tried usermod -G <group> <user> in the past
<tash1> then could sudo -s as that user
<jpds> tash1: sudo adduser <user> sudo
<tash1> jpds: what if they are already added?
<tash1> i mean, what if the user already exists
<jpds> tash1: Same thing.
<halvors1> Daviey: Hi!
<jpds> tash1: Don't confuse adduser and useradd.
<tash1> jpds: k, I was confusing the two
<tash> jpds: why wouldn't usermod work?
<tash> I got disconnected, so not sure if I missed you saying anything else.
<jpds> tash: Probably would; the user just needs to be in the 'sudo' group.
<tash> ah
<tash> is that new in 12.04?
<tash> I swear admin used to be the group
<qman__> it did
<qman__> check visudo to find out for sure
<tash> thanks guys
<cjs226> due to a sw dependency I'm wanting to install openjdk-6-jre 6b18-1.8.8~pre1-0ubuntu1 from the command line, but can't figure out how.  I've tried <apt-get install openjdk-6-jre=6b18-1.8.8~pre1-0ubuntu1> but get "E: Version '6b18-1.8.8~pre1-0ubuntu1' for 'openjdk-6-jre' was not found"
<SpamapS> cjs226: that just means that particular version isn't listed in your package lists
<SpamapS> cjs226: also you should know, that version will not be pinned.. so the next 'apt-get upgrade' will get any newer available versions
<qman__> cjs226, best bet is to find the deb from packages.ubuntu.org, manually download it, remove your current version, dpkg -i the one you want, then pin the package
<cjs226> spamaps: qman__: thx, i'll try that
<SpamapS> you can just use package holds in this case
<SpamapS> https://help.ubuntu.com/community/PinningHowto#Introduction_to_Holding_Packages
<SpamapS> cjs226: ^^
<cjs226> spamaps: thx!
<xnox> SpamapS: hello. I'm testing updated/merged lvm2 bug #936965. slangasek came up with a couple of test to perform (to make sure that updated lvm2 is still sane and at least ok to upload into quantal & not break the world too much)
<uvirtbot> Launchpad bug 936965 in lvm2 "[FFE] Please merge lvm2 2.02.88-2 (main) from Debian unstable (main)" [Undecided,Confirmed] https://launchpad.net/bugs/936965
<xnox> SpamapS: steve asked if there is anything special you can think off to test updated lvm2 package.
<xnox> SpamapS: I'm currently doing smoke test: builds, installs, creates LVM groups/volumes/etc, can create snapshots, boots, boots with rootfs on lvm, boots with rootfs outside lvm, multiple VGs.
<xnox> SpamapS: Good morning! ;-)
<SpamapS> xnox: good morning. :)
<SpamapS> xnox: and welcome!
<xnox> =) thanks!
<SpamapS> xnox: that sounds like pretty good coverage
 * xnox it's like 4:30pm here in the UK =) but that's ok.
<SpamapS> xnox: LVM on top of mdadm would also be good to test
<xnox> ok.
<SpamapS> as its a fairly common scenario
<xnox> SpamapS: yes, raid would be nice.
<xnox> SpamapS: do we already have jenkins test for that? (I see raid & lvm separatly, not sure I see lvm on top of raid)
<xnox> cause for example we are not testing encrypted lvm cause jenkins/auto testing will give that to us, after we upload to archive & jenkins starts runnings against daily quantal builds.
<SpamapS> xnox: the jenkins tests for those are pretty weak
<SpamapS> xnox: they basically just make sure the install succeeds
<xnox> boot?
<SpamapS> xnox: but they don't test raid resiliency or recovery
<SpamapS> xnox: they do boot once
 * xnox currently doesn't hardware with multiple drives to do proper raid tests
 * xnox is currently testing in KVM & my laptop
<SpamapS> xnox: you're not alone in that :)
 * xnox the IO speed is painfully slow cause my host is running ontop of encrypted lvm, then virtualised IO on top is bad =)
<xnox> SpamapS: even though jenkins tests are 'basic' I think we still should add lvm-on-raid test case.
<SpamapS> xnox: I believe the jenkins testing framework is being reworked this cycle
<SpamapS> xnox: I did some things to add reboot support last cycle, but by the time I was done w/ my work, it was clear the framework was being deprecated
<xnox> SpamapS: is this the new thing: https://launchpad.net/ubuntu-automation-test-harness ?
<xnox> and related uds-q specs/meetings?
<SpamapS> xnox: yes thats the new thing
<xnox> I just hope that jenkins will still run / in-parallel until the new thing has stabilised.
<xnox> or is it already finished?
<chronos> hello. I getting errors related to python and when try to execute python I get "Illegal Instruction"?  there is the complete error when do apt-get upgrade: https://gist.github.com/2565370 ... the error appeared while doing do-release-upgrade from 11.10 to 12.04 yesterday.  The python with verbose execution returns it: https://gist.github.com/2569295 ... I already tried many things, even compile python, and it not works. Some lib looks like is
<chronos> broken.
<chronos> it's a BUG on UPGRADE to 12.04
<ona_matt> I'm having an apt issue.  I have set up a 12.04 mirror of just the 64bit architecture.  when I do an apt-get update against that mirror it errors out trying to find i386 packages.  why is it even trying that when my architecture is amd64?
<qman__> ona_matt, some i386 packages are used on the amd64 architecture
<qman__> only the base system is necessarily amd64 specific
<ona_matt> qman__:  thats what I was afraid of.. so you are saying I have to mirror the i386 junk for just a few packages then? :(
<qman__> lost of packages don't have amd64-compiled versions
<qman__> it's more than just a few
<ona_matt> so even though I may not install those packages, I still have to have access to them all so apt-get update will run completely?
<ona_matt> qman__:  well thanks for the info.. thats what I thought may be going on but just wanted to confirm before I downloaded it all. :)
<qman__> ona_matt, there may be a way around it, but really, you're going to have a mirror that's nowhere near complete without them
<qman__> not even an installable system
<qman__> there may also be a way to limit which i386 packages you get
<qman__> but I'd suggest at least getting main in i386
<ona_matt> well the goal was to install 64 bit servers so the assumption was that most of the packages were 64 bit.. but if that is not the case then yea we'll have to get it all.  I guess I didnt realize how much was still 32bit
<qman__> for example, you might be able to create the i386 repository with no packages in it, or one package in it
<qman__> but yeah
<qman__> there's a lot of stuff you'll need in there
<ona_matt> sure.. well probably more work than I need to spend on it.. I have plenty of disk to mirror it with.. was just trying to be clean and efficient about it.
<antihero> arrggghhhh I'm trying to update the kernel on a bhost so that I can install precise, and grub won't regenerate the boot list because it can't probe /dev/simfs
<antihero> how I do this
<smoser> utlemming, what evidence/explanation do you have to imply that bug https://bugs.launchpad.net/ubuntu-on-ec2/+bug/987182 is http pipelining issue.
<uvirtbot> Launchpad bug 987182 in ubuntu-on-ec2 "403 Forbidden on some packages" [Low,Won't fix]
<smoser> the failure the user sees is a single package 'apt-get install'
<ona_matt> qman__:  so I just did a "dpkg-query -W -f='${Architecture}\n'" on my 12.04 server install here.. there are no i386 packages installed according to that?
<qman__> ona_matt, might be miltiarch or i686
<qman__> or 'all'
<ona_matt> qman__:  there are only two reported.. all or amd64..
<qman__> I thought the 'all' would have been in the i386, but maybe not
<qman__> in that case I'd try to create an empty i386
<qman__> to make apt happy
<ona_matt> I find it strange that the apt-get update even asks for i386 because I thought it was supposed to replace the $ARCHITECTURE value when it did its lookup.
<ona_matt> is there an easy way to do that in my apt-mirror?
<ona_matt> Here is another thought.  I have my own repository managed by reprepro.. It specifically defines the repo as being amd64 and src for architectures.  It fails too because my apt-get update is ASKING for i386 stuff even though there is nothing there it needs.
<qman__> that doesn't seem right
<ona_matt> Unable to find expected entry 'main/binary-i386/Packages' in Release file (Wrong sources.list entry or malformed file)
<ona_matt> thats the error I get on that one.
<ona_matt> deb http://archive/myrepo/ precise main
<ona_matt> thats the sources.list entry
<antihero> its' on a bhost, I don't know if I actually can update my kernel, it's at version 2.6 :(
<ona_matt> so for some reason the stupid box is asking for i386 stuff even though 'dpkg âprint-architecture' reports amd64
<antihero> god I hate openvs
<antihero> vz
<resno> antihero: whys that?
<resno> aside from kernel stuff
<ona_matt> qman__:  I think I fixed it.. I added "APT::Architectures { "amd64"; };" to my apt.conf.  it runs clean now
<ona_matt> apparently the default is to try both architectures
<smoser> utlemming, ^^
<utlemming> smoser: oh...I posted to the wrong bug
 * utlemming digs further on it
<mgz> adam_g: so, I've put some fixes I needed at lp:~gz/+junk/juju-deployer
<adam_g> mgz: sweeeet
<mgz> are the rest of the charms also going to go through the ~charmers/charms/precise/.. -> charms/.. rename?
<mgz> and alas the deploy to canonistack has resulted in a lot of machines in error state, but that was somewhat expected
<adam_g> mgz: im not sure, i just found out there was some problems upgrading them like that. im not really involved with that, i just reference the entire branch path
<mgz> right, which (generally) hasn't actually moved, though rabbit caught me out again
<adam_g> mgz: ill update the deployment cfg to point to current branches when i merge those changes of yours
<mgz> I've got a few more pending, a way of passing the environment name (I had multiple, which breaks just calling `juju status`),
<mgz> and you wouldn't mind if I cleaned up the logging/output a bit?
<adam_g> mgz: oh yeah, ive wanted to add that but have just been using sed on environments.yaml when switching in a script
<adam_g> mgz: no dude, go for it. i hacked that out of necessity and have only touched it when i needed to (it was broken)  kapil has come up with something similar last cycle to do charm testing, we might end up using his in the future if it suits our needs in the CI lab
<mgz> hm, unfortunately juju maps these error states to 'pending' so deployer doesn't know to give up
<adam_g> mgz: for provider errors? yah? though the output of juju status has changed at some point to provide better error reporting on relation errors
<mgz> as in the actual servers are in error state, canonistack likes breaking (and amazon doesn't actually have an error state...)
<adam_g> oh, right
<mgz> I'll see what can be done about that in their code.
<mgz> ...and a bug in txaws on terminate too
<mgz> seems to be fixed in trunk, yeay
<utlemming> smoser: S3 bug....if you access it via different URL's, it works
<utlemming> smoser: (works) https://s3-us-west-1.amazonaws.com/us-west-1.ec2.archive.ubuntu.com/ubuntu/pool/main/n/ntp/ntp_4.2.4p8+dfsg-1ubuntu2.1_amd64.deb
<smoser> utlemming, but it clearly did not work.
<utlemming> smoser: (doesn't work) http://us-west-2.ec2.archive.ubuntu.com.s3.amazonaws.com/ubuntu/pool/main/n/ntp/ntp_4.2.4p8+dfsg-1ubuntu2.1_amd64.deb
<smoser> utlemming, i'm not usre i understand what you're saying
<utlemming> if you use "s3-us-west-1.amazonaws.com/us-west-1.ec2.archive.ubuntu.com" over "us-west-2.ec2.archive.ubuntu.com.s3.amazonaws.com" then it work.
<smoser> utlemming, i'm stil confused.
<smoser> you said "doesn't work" to http://us-west-2.ec2.archive.ubuntu.com.s3.amazonaws.com/ubuntu/pool/main/n/ntp/ntp_4.2.4p8+dfsg-1ubuntu2.1_amd64.deb
<smoser> which i though twas the correct way
<utlemming> right...
<utlemming> the problem is that S3 is messing up the permissions when accessing via the correct way
<chronos> Someone can take a look on this BUG: https://bugs.launchpad.net/ubuntu/+source/python2.7/+bug/992760, I guess is important
<uvirtbot> Launchpad bug 992760 in python2.7 "Python stop to work on do-release-upgrade from 11.10 to 12.04 with "Illegal instruction"" [Undecided,New]
<erichammond> smoser, utlemming: Don't you have to specify the correct S3 region? E.g., http://us-west-1.ec2.archive.ubuntu.com.s3-us-west-1.amazonaws.com/ubuntu/pool/main/n/ntp/ntp_4.2.4p8+dfsg-1ubuntu2.1_amd64.deb
<erichammond> Also, if you want to use "https" then you pretty much have to use the "/bucketname" style of URL, or else you'll get SSL certificate errors because the hostname does not match the certfiicate.
<ruben23> guys how to run a perl script on ubuntu server..?
<SpamapS> ruben23: perl script.pl
<SpamapS> ruben23: perl is part of the "essential" set of packages, so its always available, though it is a minimal perl, so you might not have all the libs you need
<ruben23> oh ok..thanks..
<ruben23> SpamapS: i seen a per script which runs and email the specified email being put..is this out of the box in ubuntu server if i run this..?
<SpamapS> ruben23: its impossible to answer that without reading the script
<ZenMaster> Hi, I have a question. Anyone know why my Ubuntu-Server is dropping ftp connections?
<ZenMaster> UFW is off, I have it as the DMZ, and have tried 2 daemons now.
<SpamapS> ZenMaster: perhaps there's another firewall between you and the internet?
<ZenMaster> Nope. :*(
<SpamapS> ZenMaster: you probably should do some packet traces (tcpdump, wireshark, etc) and figure out what is happening to your connections.
<ZenMaster> I see nothing under netstat -ln. Local connections same machine are working, local network actively refused wan same thing.
<ruben23> SpamapS: this is the one----------------------->http://sites.google.com/site/kjalleda/mysqlreplicationconsistency
<SpamapS> ruben23: use DBIx::DWIW;
<SpamapS> ruben23: that will need to be installed, its not in the base system
<DrPOo_44> is there a way of getting how many RAM sticks are installed on a system?
<_ruben> look inside? :)
<DrPOo_44> _ruben, what if I cant?
<_ruben> i recall lmsensors being able to shed some light on that
<ihashacks> DrP: dmidecode -t 16
<ihashacks> -t 17 will give you detailed info about the RAM
<DrPOo_44> ihashacks, that did the trick
<DrPOo_44> thnx!
<ZenMaster> So I have come to the conclusion that iptables is blocking my ftp traffic. Is there anyway to verify this?
<ihashacks> Zen: "iptables -L -v" will show what iptables is configured to do.
<Tzunamii> iptables -vnL|less
 * _ruben votes for the -L option to be removed from ip(6)tables
<moooooo> hello, bit of a generalised question about ubuntu server...but in theory is it possible to create a server with ubuntu that could perform all the domain controller functions of something like windows small business server, with windows clients connecting to it? (e.g. i know samba would do file sharing, and an http proxy wouldn't be too hard to set up. but is it possible to create an
<moooooo> exchange-like email server that outlook could connect to and have all the calendar functions etc??)
<benjiedmund> moooooo: maybe zimbra?
<mdeslaur> moooooo: http://www.sogo.nu/english.html
<moooooo> thanks very much i'll have a look at those
<chronos> Ok guys, there is a REAL BUG happening on Upgrade to 12.04. That happened again and now I have all logs. The issue is https://bugs.launchpad.net/ubuntu/+source/update-manager/+bug/992842 and probably happening to more people. I can say it is URGENT to solve.
<uvirtbot> Launchpad bug 992842 in update-manager "update-manager dpkg: error processing python2.7-minimal (--configure)" [Undecided,New]
<tkeith> I just installed a server, but the RAID used metadata version 0.9 instead of 1.2. Why is that? All my other servers automatically used 1.2, and I set them up exactly the same.
<rbeez> hello
<rbeez> yesterday I hosed the debian firewall/nat/dns server I am setting up
<rbeez> I am trying to limit the amount of software on it
<rbeez> x11-common being one of those unneeded packages
<rbeez> I thought I might try ubuntu-server as it is debian based
<rbeez> not really interested in trying a non debian based system
<rbeez> my question;
<rbeez> will ubuntu-server drag x11-common into the base install like a debian base install?
<Patrickdk> it doesn't
<Patrickdk> but many program you install, could drag it in later
<rbeez> thanks guys
#ubuntu-server 2012-05-02
<flaccid> to enable root on 12.04 AMIs, is this the right practice? sudo cp /home/ubuntu/.ssh/authorized_keys /root/.ssh/
<erichammond> flaccid: Yes, as long as you ignore that allowing ssh as root is not a recommended practice on Ubuntu.  That's the command I list in http://alestic.com/2009/04/ubuntu-ec2-sudo-ssh-rsync
<erichammond> That article also lists a number of ways to do things without root ssh that you might normally think require ssh to root.
<flaccid> erichammond: thanks, i just wanted to make sure the implementation had not changed i.e. we direct this http://support.rightscale.com/12-Guides/RightLink/04-Creating_RightScale-enabled_Images_with_RightLink/RightLink_Installer_for_Ubuntu#SSH_into_the_instance
<flaccid> i think rs is working on non root support. there is limited support in some non ec2 clouds but it probably needs to be implemented via a tag on the MCIs
<flaccid> erichammond: let me put a link to your page on this
<flaccid> ok i linked it twice, thanks
<JonEdney> Hey, anyone around by chance?
<JonEdney> I just loaded Windows XP on an old PC, and I'm running VirtualBox, and I'm trying to install 12.04 LTS and I get this error:
<JonEdney> Thsis kernel requires the following features not present on the CPU: pae - Unable to boot - please use a kernel appropriate for your CPU.
<JonEdney> Answered my own question.
<JonEdney> Sorry - long day :|
<flaccid> this is ubuntu-server chan
<JonEdney> I know, it is server 12.04 I'm installing.
<Psi-Jack> Hmm
<Psi-Jack> Anyone know anything about krb5-users, and why it doesn't like default_tgs_enctypes = des-cbc-md5, giving No supported encryption types?
<_John-Doe_> hello everyone!
<_John-Doe_> anyone know how to troubleshoot PTR records in BIND9?
<_John-Doe_> need help with /etc/bind/db.xx records!!!!
<_John-Doe_> plz help!!!!
<cedr> !!!!!!!!!
<_John-Doe_> hey cedr, help a buddy out!
<cedr> i'm not sure with bind, but if you have patience someone might help you out
<_John-Doe_> OK  thanks,   i'll wait
<_John-Doe_> need help setting up reverse PTR records in bind9
<flaccid> zomgz!
<flaccid> rtfm
<flaccid> _John-Doe_: sorry couldn't find an issue in your ramblings
<flaccid> #bind also exists
 * cedr stimulates flaccid 
<cedr> (sorry that was horrible)
<flaccid> unpossible :)
<_John-Doe_> Im receiving an error on my "/etc/bind/db.127"  PTR zone file when i use named-checkconf.
<_John-Doe_> it tells me i have a sintax error, and im really not sure what the correct syntax is
<cedr> what's on line 127 for starters
<_John-Doe_> its gonna take a while for me to get it, im running on a VM.  please hold. lol
<flaccid> #bind
<flaccid> or preferably the docs
<cedr> oh, it's not line 127
<cedr> what was i using that uses file.linenumber
<flaccid> huh
<_John-Doe_> /etc/bind/db.127
<_John-Doe_> ;
<_John-Doe_> ; BIND reverse data file for domain.local
<_John-Doe_> ;
<_John-Doe_> $TTl 604800
<_John-Doe_> @	IN	SOA	localhost.	root.localhost.	(
<_John-Doe_> 	2012050100	;Serial
<_John-Doe_> 	604800		;Refresh
<_John-Doe_> 	86400		;Retry
<cedr> i thought "/etc/bind/db.127" was refering to /etc/bind/db line 127
<_John-Doe_> 	2419200		;Expire
<_John-Doe_> 	604800	)	;Negative Cach TTL
<_John-Doe_> ;
<_John-Doe_> @	IN	PTR	localhost.
<_John-Doe_> 1.0.0	IN	PTR	localhost.
<flaccid> no
<greppy> _John-Doe_: pastebin would have been a better solution.
<cedr> yeah that's my bad
<cedr> some software i was using did it that way, can't remember which though
<flaccid> fail x 2
<cedr> anyways, i'm off to bed - night all
<_John-Doe_> l8r cedr
<_John-Doe_> sorry greppy, still getting the hang of this comand line only environment
<flaccid> welcome to 'server'
<greppy> _John-Doe_: can you pastebin the exact error that you are getting from named-checkconf?  or does it literally give you just "syntax error"?
<_John-Doe_> yeah just looked it up thanks
<flaccid> URI, _John-Doe_ ?
<_John-Doe_> http://pastebin.com/UztZXEzv
<flaccid> hooray
<flaccid> _John-Doe_: fix your syntax error, done.
<flaccid> its on line 10
<greppy> _John-Doe_: looks like it is db.10 with the error and the error is likely on line 1
<greppy> can you pastebin your db.10?
<_John-Doe_> wow great answer!  thanks.
<flaccid> sorry yes, line 1
<flaccid> sweet, good luck with your DNS servings.
<_John-Doe_> ok gimme a sec
<flaccid> an error is sometimes hard to get. what is even harder to get is teh source. welcome to the life of a support engineer.
<_John-Doe_> http://pastebin.com/pc1KfDBT
<flaccid> Network 10.0.24.0/24
<flaccid> whats this crap?
<flaccid> did you not read the error?
<flaccid> don't know how to do comments?
<_John-Doe_> sorry no it start at the first ;
<flaccid> or read documents
<_John-Doe_> thats some extra stuff to help the process
<flaccid> doesn't help us
<yaboo> no matter what I do create passwordless ssh logins it always ask me for a password
<_John-Doe_> so flaccid , what would you have done differently?
<greppy> yaboo: are you using encrypted home directory?
<yaboo> tried dsa and rsa to no avail
<yaboo> greppy no
<flaccid> yaboo: priv key could be wrong. either way run sshd in debug so you can get the log output
<greppy> yaboo: did you put the contents of the .pub into ~/.ssh/authorized_keys ?
<flaccid> _John-Doe_: configured a real forward zone with bind correctly that is not on domain.local which is a foobar zone.
<yaboo> flaccid, done that and can see nothing wrong
<greppy> yaboo: ssh -v -v $hostname may give you more info.
<yaboo> grippy tried ssh -vvv hostname -p 2202 and same issue
<flaccid> yaboo: you would see at least a permission denied which is wrong in my boooks.
<yaboo> tried 12.04 and 10.04 had the gas issue, fixed that
<twb> The SSH server *will not tell* the ssh client why access was refused.  This is for security.
<twb> If your access is rejected, you must look at the sshd logs on the sshd server
<yaboo> so same on both servers
<flaccid> exactly, but the user claimes debug here heh
<yaboo> debug2: we did not send a packet, disable method
<twb> yaboo: on both hosts, pastebin the output of "find ~/.ssh -ls".  On the server, pastebin the output of "cat ~/.ssh/authorized_keys".
<yaboo> only thing I can see from debug is this
<_John-Doe_> any one know where to find a correct syntax format for a reverse PTR
<flaccid> _John-Doe_: besides what i already said in addition there is no A record
<flaccid> _John-Doe_: its in teh bind manual
<_John-Doe_> nevermind
<flaccid> _John-Doe_: don't think you did it right though
<flaccid> i'll always mind, coz you wasted my time
<twb> dig axfr 155.7.203.in-addr.arpa will show the correct syntax
<yaboo> twb the local is ubuntu, the remote is cents 6.2
<yaboo> http://pastebin.com/2N9Vy9ar twb
<flaccid> it looks ok but has no bearing if the authoritive on the reverse is not applicable, e.g. db.127:1.0.    IN    PTR    localhost.
<flaccid> oh no joh doe
<twb> flaccid: huh?
<flaccid> sorry that dude fucked off ages ago
<flaccid> wasting my time here
<twb> Sure, sorry to confuse you
<twb> Really "/home/nagios"?
<flaccid> now that  #ubuntu-cloud redirects to here, i don't think there is much point being here
<twb> system accounts should live in /var/lib or something
<flaccid> the question are just normal ubuntu stuff not related to cloud
<twb> flaccid: I wish the cloud would FOAD
<flaccid> i'm of no use and got out of helping normal ubuntu users years ago
<twb> I am sick of hearing cloud/maas/saas/cobbler bollocks
<flaccid> FOAD?
<twb> flaccid: fuck off and die
<flaccid> right
<flaccid> not sure why
<flaccid> thats what i do for a living
<flaccid> and this chan got redirected from #ubuntu-cloud and is just full of non cloud crap
<twb> Because it's boring buzzword gibberish and most people only want it because a trade mag told them they should
<greppy> yaboo: grep nagios /etc/passwd, let's make sure /home/nagios is actually the home directory.
<flaccid> to which i have no interest in
<flaccid> sure thats the masses
<twb> Right I don't care if you specialists want to keep doing it
<flaccid> different story for the real users
<flaccid> doing what?
<twb> cloudy stuff
<yaboo> greppy yes it is
<flaccid> but this channel now looks after cloud
<twb> IOW you and I both want the same thing -- for -server and -cloud chans to split up again so we can each get only one :-)
<flaccid> so how twb will you support it?
<twb> I'm not a canoical employee, I don't have to support anything
<flaccid> do you know aws/ec2,openstack.eucalyptus,openstack,cloudstack,opennebula etc. etc. ?
<twb> I'm here out of the goodness of my blackened and calcified heart
<flaccid> then your support is limited twb
<greppy> yaboo: pastebin: ssh -v -i ~/.ssh/id_dsa $remote_host
<erichammond1> !language |  flaccid, twb
<ubottu> flaccid, twb: Please watch your language and topic to help keep this channel family-friendly, polite, and professional.
<flaccid> erichammond1: sorry which word was not "family-friendly" ??
<greppy> flaccid: f... for one.
<flaccid> greppy: my text search couldn't find that
<flaccid> i found this though, twb: flaccid: fuck off and die
<twb> erichammond1: sorry about that
<flaccid> none of which of you have pulled twb up on
<greppy> flaccid: erichammond1 tagged both of you with it, not just you.
<flaccid> still waiting to find out what language i used which was not acceptable
<flaccid> i found no curse words in my scrollback
<flaccid> erichammond1 is wrong until he quotes.
<twb> yaboo: what is in the centos sshd logs re. nagios login attempts?
<greppy> flaccid: this is a support channel, if you don't want to support, leave or keep quiet, opining about how you hate that another channel redirects here and being confrontational with people asking for help doesn't help.
<erichammond1> flaccid: Not looking to get into an argument.  Just trying to remind you that the #ubuntu channels have guidelines that are not the same as the ##aws type channels.  fwiw, grep for "sorry that dude..."
<yaboo> twb restarted ssh on cents for some reason and it works
<twb> erichammond1: oh, this is getting hit on the head lessons
<yaboo> twb wtf how can it just do that, no changes have been made
<twb> yaboo: I do not know, but I suggest you run away before C falls over again ;-)
<flaccid> greppy: o
<flaccid> ve
<flaccid> greppy: i've been helping all day, you probably havnt observed that
<flaccid> erichammond1: i didn't breach any guidelines man, what are you talking about???????
<bazhang> flaccid, lets move on
<flaccid> no lets realize the facts.
<greppy> flaccid: correct, I just joined the channel again a little while ago, and all I saw was you giving someone a hard time about dns setup.
<flaccid> greppy: it wasn't a hard time. it was support.
<twb> Guys, just drop it and get on with life.
<bazhang> !ot | flaccid
<ubottu> flaccid: #ubuntu is the Ubuntu support channel, for all Ubuntu-related support questions. Please use #ubuntu-offtopic for other topics (though our !guidelines apply there too). Thanks!
<flaccid> guidelines are not off topic
<bazhang> well -server as well
<bazhang> flaccid, #ubuntu-ops to discuss not here
<flaccid> bazhang: i was an ubuntu op, sorry
<flaccid> now that #ubuntu-cloud has been consolidated into this chan i really have no use here
<flaccid> erichammond is your best man
<erichammond1> flaccid: You have a lot to contribute.  I think everyone would welcome your patient and considerate help on this channel.
<flaccid> not worth my time, thanks anyway Eric
<footvilla> hey guys having a bit of a problem
<greppy> footvilla: so ask your question, don't keep us in suspense.d
<footvilla> i think im having a harddrive issue
<footvilla> after about 10 min
<footvilla> my ubuntu goes into read only
<footvilla> and wont open anything
<footvilla> is there any logs that i could look into this?
<greppy> dmesg might show something.
<greppy> footvilla: /var/log/syslog may show you something as well.
<greppy> what kind of hdd is it and how old is it?
<footvilla> http://paste.ubuntu.com/961807/
<footvilla> two 128 SSD using softraid
<twb> init: failsafe main process (812) killed by TERM signal -- what is that?
<twb> An init job called "failsafe" ?
<twb> And why is GDM killed off ten seconds after boot?
<twb> footvilla: "softraid" as in mdadm, or as in fakeraid?
<footvilla> fakeraid
<twb> You would do better to use mdadm, although that's probably not your current issue
<footvilla> i know today it made me to a check /fix disk
<footvilla> when i rebooted
<footvilla> would any other logs help me find the issue
<twb> footvilla: is it wedged now?
<footvilla> what do u mean by wedged
<twb> footvilla: wait until it wedges, then examine /proc/mounts, dmesg, /var/log/syslog, /var/log/auth.log, &c -- before rebooting
<twb> wedged as in broken, hung, not responding -- whatever
<footvilla> gotcha
<footvilla> should wedge --whatever in around 5 min
<twb> rebooting will clear /proc/mounts and dmesg so you won't see what went wrong
<twb> You might find it in /var/log/kern.log, but only if it could write to that file after the problem occurred
<footvilla> i think when it wedges nothing is writable
<twb> Exactly
<twb> The most likely problem is filesystem corruption on the root filesystem, which causes the fs driver to lock it until the next reboot.  if that's the case, dmesg will show it
<footvilla> what commands would i run
<footvilla> when it wedges?
<twb> dmesg and cat /proc/mounts
<twb> And maybe other stuff after that -- depends what is wrong
<footvilla> hmm its not wedging
<footvilla> sigh
<flaccid> flaccid: flaccid: beside the fact that they are ONLY guidelines, what did I breach, specifically??? https://wiki.ubuntu.com/IRC/Guidelines?action=show&redirect=IrcGuidelines
<flaccid> [5:10pm] flaccid: i have done exactly that, so did you lie to me?
<flaccid> [5:10pm] flaccid: or what is the go sir?
<flaccid> [5:10pm] bazhang: I'm a bit busy at the moment, if it takes time between replies that is the reason
<flaccid> trying to find out what guidelines i specifically breached
<flaccid> bazhang is too busy atm, anyone sle?
<flaccid> *else
<bazhang> flaccid, this is not the place.  #ubuntu-ops please
<flaccid> nah, i take it up here
<flaccid> where it happened
<flaccid> that is not against the guidelines
<greppy> flaccid: please, take it to #ubuntu-ops, this is not the place.
<flaccid> no
<flaccid> twb: did you get lectured as well?
<footvilla> i gatta get to bed its very late here seems like its not wedging crossing my fingers that it will be fine
<bazhang> flaccid, lets move on, this is not the place, as you have been asked several times now
<flaccid> bazhang: no lets not move on. how about you process the issue?
<bazhang> flaccid, then join the appropriate channel to discuss, where we can gladly do so
<bazhang> flaccid, which is #ubuntu-ops not here
<flaccid> i already answered your question in PM
<flaccid> there is no obligation for me to join another channel
<footvilla> twb thanks for the help
<DoomGuy> hello all
<DoomGuy> I have some customized fonts installed in my web directory
<DoomGuy>  ./var/www/project/web/fonts
<DoomGuy> that fonts are not supported and wont work
<DoomGuy> how can I fix that please
<twb> DoomGuy: define "supported" and "won't work"
<DoomGuy> twb ok when I access the website from my browser that fonts are not applied to the website's text
<DoomGuy> but it work just fine in my local machine
<twb> AFAIK if your website says something like "use font Arial for <P> blocks", unless Arial is already installed on the desktop, where the browser can see it, you won't get arial.
<flaccid> font families
<flaccid> bye bye sh1tbuntu
<DoomGuy> twb I have no such errors
<DoomGuy> just the font is not showed correclty
<twb> DoomGuy: the browser won't give an error, it'll just fall back to the nearest font it can find
<DoomGuy> twb ok, now how can I check that error and fix it ?
<twb> I don't know
<twb> You probably want a web dev channel
<DoomGuy> ok thanks anyway
<lynxman> morning o/
<Talibu> hello - i nearly failed a dist-upgrade (10.04>12.04) because of 'fontconfig-config' can i consult other logs beside the /var/log/dist-upgrade stuff?
<hughessd> hello
<hughessd> if anyone can help, i would be very grateful
<hughessd> i tried to upgrade from 10.04 to 12.04 but now my / isn't being recognized on boot
<wonderman> its not recommended to upgrade distro right?
<wonderman> New release '12.04 LTS' available.
<wonderman> Run 'do-release-upgrade' to upgrade to it.
<hughessd> yes, i did that
<hughessd> but things didn't go as smoothly as i thought.
<hallyn> hm, it's supposed to not recommend until 12.04.1
<hallyn> hughessd: i don't know that i can help, but what was your root fs on?  was it raid+lvm?
<hughessd> def on RAID 0
<hughessd> but don't know about lvm
<hughessd> i have it booting int a liveUSB now
<hughessd> Dell PowerEdge 1950 Server
<hallyn> cool, ifyou're booted of usb that should help to file a bug with good details
<wonderman> well
<wonderman> im not risking anything
<wonderman> i dont agree with the notice though, if its only just been released
<hughessd> from what I read, it's still possible to safely upgrade to 12.04
<hughessd> you just have to make sure the dependancies are met
<hughessd> however, i must have done something wrong
<hughessd> bc my setup is busted as hell right now
<hughessd> i have fscked al lthe disks, but everything is clear,
<hughessd> they just won't mount when I boot
<qman__> it's supposed to work, but bugs happen
<hughessd> yeah
<qman__> based on the number of people I've seen complain, this has actually been pretty smooth
<hughessd> im just trying to get my set up back to normal
<hughessd> does anyone have any suggestions for me?
<qman__> well, without a more specific error message there's not a lot I can offer
<hughessd> please
<qman__> first make sure it mounts live, and that your grub is configured sanely
<hughessd> tell me what information i can give you
<qman__> and that your uuids match up
<wonderman> qman__: is a release upgrade straight forward with fully encrypted install?
<qman__> wonderman, far as I know
<hughessd> ok, well, I boot and everything posts fine. the ubuntu sequence starts with the splash screen, but then after a sec it says "The disc drive for / is not member:ready yet or not present""
<qman__> but I personally would not upgrade until at least a month after release, preferrably after .1
<wonderman> ok
<hughessd> it gives me the option of S (skip) or M (fix the error)
<hughessd> so if choose S
<hughessd> it skips /
<hughessd> then /tmp
<hughessd> then the swap partition and then hangs
<hughessd> if i choose M
<hughessd> i get dropped to a root shell, but i have to put in the password
<qman__> ok
<hughessd> then i can get around like (almost normal)
<qman__> from that root shell, is your / mounted?
<qman__> or is it a generic shell
<hughessd> it is mounted, that's what's weird
<hughessd> and it its mounted RO
<hughessd> so there must have been an error (or it thinks so)
<hughessd> and remounted it like that
<qman__> ok
<qman__> first, cat /proc/mdstat to make sure it's ok
<qman__> then try to remount rw, `mount -o remount,rw /`
<qman__> then exit the shell and see if it boots
<qman__> it may just be a race condition
<hughessd> ok, hang on while i try that
<hughessd> im in a liveUSB right now
<hughessd> fscking the discs
<qman__> ok
<xnox> any reason why python-software-properties is not part of default -server install? (it is part of cloud-image)
<xnox> i was surprised to *not* have `add-apt-repository' on a server install =(
<hughessd> cat /proc/mdstat
<hughessd> Personalities:
<hughessd> unused devices: <none>
<qman__> so your raid isn't showing up at all
<qman__> are you using software raid 0?
<hughessd> hm
<hughessd> yes i believe so
<qman__> because hardware raid and fakeraid are different
<hughessd> is there a way to check?
<qman__> how did you set it up?
<hughessd> i inherited the setup from the previous tech guy
<qman__> ok
<zul> good morning
<hughessd> it says 1 VD found on host adapter
<qman__> well, you can see if a fakeraid is running with `ls /dev/mapper/`
<hughessd> 1 VD handled by BIOS
<qman__> or you can fdisk -l to see what you've got
<hughessd> ls /dev/mapper/
<hughessd> "control"
<qman__> no fakeraid then
<qman__> fakeraids are assigned names in there, they look like random strings
<hughessd> ok
<hughessd> fdisk -l spit out a lot
<qman__> if you fdisk -l, it'll show you what your server sees
<qman__> you should see each hard disk, and then for the raid you should see an additional device
<hughessd> /dev/sda1 sda2 sda5
<qman__> or, if it's software raid, the disks will have partitions of type fd, linux raid autodetect
<hughessd> its hardware im pretty sure. there is no type fd
<qman__> ok, so it only shows one hard disk
<hughessd> sda1 is linux, sda2 is extended, and sda5 is swap
<qman__> but no sdb, sdc, or any other named things
<hughessd> but sda2 has a + after the blocksize
<hughessd> nope, the command 'fdisk -l' only outputs one chunk of data, and 3 lines of mounted devices
<qman__> ok, looks like it's a real hardware raid presenting as one disk, with a guided partitioning setup
<qman__> really simple
<qman__> go ahead and try remounting rw
<hughessd> ok
<footvilla> hey guys, having a serious issue with my ubuntu server
<hughessd> i did 'mount -o remount, rw'
<qman__> no space after the comma
<qman__> mount -o remount,rw /
<hughessd> ok
<hughessd> done
<qman__> verify with 'mount', it'll be near the bottom
<qman__> then see if you can touch a file, like /root/test
<hughessd> hm
<qman__> like /dev/sda1 mounted on / (rw)
<hughessd> this is odd
<hughessd> i can touch a file
<hughessd> and it sticks
<hughessd> touch /root/test
<hughessd> ls -l /root/test
<qman__> ok, looks like it's working then
<hughessd> shows my file
<hughessd> BUT
<qman__> if you exit the shell it will attempt to continue to boot
<hughessd> mount
<hughessd> has sda1 still as RO
<qman__> alright, try to edit the fstab
<qman__> just open it with your favorite editor, then save and exit
<footvilla> heres a recap of my issue http://paste.ubuntu.com/962314/
<hughessd> should i just comment the line out and give it defaults? or are there special commands for RAID
<hughessd> setups?
<qman__> nothing special, you shouldn't have to make any changes unless it looks wrong
<qman__> should have a UUID with a comment saying sda1
<qman__> I just want to see if the file is writable
<hughessd> there is a commented out line saying sda1
<hughessd> but it says #commented out by dropbox
<hughessd> file can be written
<hughessd> just wrote it
<hughessd> hm
<hughessd> strange
<qman__> yeah, I'd try exiting the shell and see what happens
<hughessd> if i exit it will reboot,
<qman__> no, it will resume boot
<hughessd> but dollars to donuts it reverts
<qman__> rebooting will probably not work
<qman__> but exiting the shell doesn't reboot, it just continues where it left off
<qman__> with your filesystem mounted rw
<hughessd> i just typed exit, and it rebooted
<hughessd> is it not supposed to do that?
<qman__> no
<hughessd> shit
<hughessd> doesnt that point towards anything?
<qman__> unless something changed with the new version, it's not
<hughessd> ok, so it rebooted back to the same point
<qman__> ok, drop to shell, remount rw, then exit
<qman__> see if it does it again
<qman__> actually, the last time I was working in a rescue shell, I tried to reboot and it intercepted it and continued booting
<hughessd> it got back to the splash screen, and not finding /.
<hughessd> asks for S or M
<hughessd> i choose M
<hughessd> get a shell
<hughessd> cat /etc/mtab show sda1 mounted RO
<hughessd> mount -o remount,rw /
<hughessd> exit
<hughessd> flashed a message about how ureadahead is busy
<hughessd> but couldn't catch it all....
<qman__> may not mean anything
<qman__> did it get anywhere?
<hughessd> grrr
<hughessd> nope
<hughessd> back to the same spash screen
<qman__> ok, I'd check dmesg for anything that looks bad, like hardware errors
<qman__> but that's probably not it
<qman__> also, I'd try to manualy boot rescue mode from grub, hold shift while booting and it'll give you the menu
<qman__> this really sounds like a race condition to me, like it's not waiting long enough for / to be ready, even though there's nothing wrong with it
<hughessd> that's what i was thinking (but didn't know the right words for...)
<qman__> when it reboots, does the raid re-initialize (full reboot)?
<qman__> if so, next thing to try would be holding shift to get a grub menu, waiting about 30 seconds, then booting the normal kernel
<hughessd> hang on, still checking dmesg
<qman__> just to give it more time to be ready
<hughessd> i see a spot where it mounts sda5, then 'EXT3 on sda1, internal journal'
<qman__> and if that works, you can reconfigure grub to, instead of booting instantly, wait X seconds and show the menu, then autoboot
<hughessd> hm, something else weird in dmesg.
<hughessd> after it finds the hdd, it says "EXT3-fs: write access will be enabled during recovery"
<hughessd> which suggests that it's turned off and they're already experienced soemthign that would break it
<hughessd> does this mean anything?
<hughessd> smbd respawning too fast, stopped
<qman__> no, unimportant
<qman__> I mean, it may be an issue later but for now it doesn't matter
<hughessd> k
<hughessd> can't get teh grub thing to work
<hughessd> when do i start pressing shift?
<qman__> the odd part is that, without doing anything else, remounting rw works
<qman__> basically just before your bios screen goes away
<hughessd> and it doesn't stick
<qman__> use left shift, press and hold
<hughessd> grub won't work
<hughessd> it asks me to push f1
<hughessd> or f2 to change settings
<patdk-wk_> that isn't grub, that is your bios :)
<hughessd> i know
<patdk-wk_> probably cause you held the key down too soon
<hughessd> grub only sits for 2 seconds
<med_> utlemming, smoser : Looks like cloud-init is hardcoded to archive.ubuntu.com in cc_apt_update_upgrade.py . What's the best way to override that for an ARM cloud-init.  ARM needs to point at ports.ubuntu.com currently
<patdk-wk_> so it thinks the keyboard is bad
<patdk-wk_> so push f1, then hold shift
<hughessd> i did
<hughessd> and it just booted normal
<hughessd> well
<hughessd> normal back to the broken place it was before.
<patdk-wk_> maybe try control? maybe your not on grub2?
<hughessd> to fill you in, my /dev/sda1 isn't ready at boot time and is causing problems
<hughessd> but there isn't any errors or anything....
<patdk-wk_> how can it not be ready?
<hughessd> i dont know
<patdk-wk_> that sounds like a bios/firmware issue
<patdk-wk_> your bios or hba firmware is suppost to make sure it's ready
<qman__> it remounts fine immediately with no changes
<qman__> so it sounds like a timing problem
<qman__> but that's as much as I know
<patdk-wk_> maybe, just for the hell of it, change your sata cable?
<patdk-wk_> might be throwing errors or timeouts
<hughessd> how do i check if the UUIDs are matching?
<qman__> it's a hardware raid appearing as one disk
<qman__> if the UUIDs didn't match you wouldn't get it mounted at all
<hughessd> oh ok
<qman__> if it's grub1 the keypress is escape, but it asks you to do it and gives you 3 seconds
<qman__> and I really doubt it is since grub2 has been default since 9.10
<qman__> well, I guess we need to reconfigure your bootloader from the rescue shell
<hughessd> im editing menu.cfg right now
<hughessd> but that's just for my own sanity
<hughessd> there are a lot of old entries
<hughessd> ok,
<hughessd> how would i reconfigure the boot loader?
<qman__> well, first find out what you have
<qman__> if there's a /etc/grub.d, it's grub2
<hughessd> ls /etc/grub.d/
<qman__> got files in there?
<hughessd> 00_header  10_linux   20_memtest86+    30_os-prober 40_custom README
<qman__> ok
<qman__> edit /etc/default/grub
<hughessd> hm
<hughessd> no file there
<hughessd> touch it?
<qman__> well, that's a problem
<qman__> first, collect your UUID for / from /etc/fstab
<hughessd> ok
<qman__> and create /etc/default/grub containing this: http://pastebin.com/TKV4Qcvp
<qman__> but with your UUID
<qman__> after that, run update-grub
<hughessd> ok
<hughessd> reboot?
<qman__> yes
<qman__> it should now display the menu for 20 seconds before booting your default option
<hughessd> hm
<hughessd> that's odd
<hughessd> it still stuck for 2 secs and then went into the sequence
<IPDude> need help setting up pptp or l2tp vpn server on ubuntu server 11.10
<IPDude> anyone here?
<hughessd> i am here but i don't know anything about the things you asked
<hughessd> im having troubles of my own getting my server to boot
<footvilla> i have a softraid question
<hughessd> qman_: any other ideas ?
<hughessd> i got it to drop to initramfs
<hughessd> but that might be because I disabled the hd....
<footvilla> is there any way to transfer a raid 0 (mdadm) 2x 128gig sdd  ubuntu server to 1 large  1TB HD?
<qman__> rsync
<qman__> hughessd, initramfs is actually less useful
<hughessd> yeah, im finding that out.
<hughessd> the UUIDs match up
<hughessd> but for some reason, grub isn't finding this time
<qman__> if the grub menu didn't show up that means it didn't actually install
<qman__> or update
<hughessd> that was the only thing taht changed
<hughessd> hm
<hughessd> how can i get bcak to the other shell
<hughessd> ?
<hughessd> why is it dropping to initramfs now?
<qman__> it does that when it can't load the kernel
<hughessd> hm, so before it could load the kernel?
<qman__> yes
<qman__> usually means it can't find it, or can't access the disk it's on
<qman__> honestly at this point I'd probably restore from backup, or if I don't have one, salvage my data and reinstall
<hughessd> well, it's tricky
<hughessd> this is an LTSP setup
<hughessd> terminal server
<hughessd> and so, remaking the system isn't just a reinstall,
<hughessd> there is a bunch of stuff that I don't know how to do, bc i didn't help set it up
<hughessd> and i don't want to have to reinstall everything
<hughessd> however........
<hughessd> i think you're right
<hughessd> btw, this is so weird
<qman__> if you're getting dropped to initramfs and don't know why, it's usually pretty bad
<qman__> there are some simple mistakes that can get you there but if you don't know what changed
<hughessd> it's not waiting the 20 secs that we wanted it to,
<hughessd> but it's still going there
<hughessd> says, 'gave up waiting for boot device'
<hughessd> and lists some common problems
<hughessd> the disk with the matching UUID isn't there in /dev/disk/by-uuid/
<qman__> well, if you can get into the grub menu
<qman__> you can manually specify /dev/sda1 instead of by uuid
<hughessd> you mean in fstab?
<qman__> no, in grub
<hughessd> oh ok
<hughessd> ill try to catch it before it times out
<qman__> highlight the line you're booting, hit e, change root=UUID= to root=/dev/sda1
<qman__> if that gets you booted again then the UUID in grub is wrong
<hughessd> this is bad
<hughessd> '/dev/sda1 does not exist!'
<hughessd> hm
<hughessd> so its going to initramfs, but if i mount /dev/sda1 in /tmp (or somewhere else), the old files are available.
<hughessd> can't figure out why its not finding the hdds
<qman__> well, you could try chrooting and redoing grub from a live environment
<frankban> hallyn: hi, I was trying to make lxc-ip able to search intefaces. Unfortunately I don't have access to the sysfs mounted inside containers, so I can not retrieve the list of interfaces from /sys/class/net/. Maybe I could try using ioctl again.
<hughessd> qman_ :
<hughessd> thank you for the suggestions and all your help
<hughessd> i don't know much about chrooting, and am not sure that i won't make things worse.
<hughessd> i think that I'll just have to wipe everything and start clean.
<hallyn> frankban: yes, ioctls would work, but are you sure you can't use /proc/<containerinitpid>/root/sys/class/net ?
<hallyn> really, ioctls is probably better...  except harder to do through python :)
<frankban> hallyn: cool, I was looking at /var/lib/lxc/[name]/rootfs/sys/... didn't know about  /proc/<containerinitpid>/root/sys/. Thanks!
<frankban> hallyn: moreover, what do you think about this ui: lxc-ip -n name will search interfaces and show results like: eth0: ip\neth1: ip ...
<frankban> while lxc-ip -n name -i eth0 will only show the ip address of eth0
<hallyn> i think that's best, yes
<frankban> cool hallyn, thanks again
<hallyn> frankban: will you be sending that for upstream lxc inclusion? :)
<hallyn> np, thank you!
<frankban> hallyn: that would be great!
<excalibr> Repository signed with key PGP key ID: 2EE7EF82
<excalibr> ^ how do you add this key to apt?
<uvirtbot> excalibr: Error: "how" is not a valid command.
<Pici> excalibr: sudo apt-key adv --recv-keys --keyserver keyserver.ubuntu.com 2EE7EF82
<excalibr> thanks
<ZenMaster> Anyone in here ever play with Cacti?
<hallyn> unbelievable.  preallocated qcow2 gave me the fastest write times.  did not expect that.
<fifthecho> Am I just missing something or has mkpasswd been removed from 12.04 LTS?
<EvilResistance> !info mkpasswd precise
<ubottu> Package mkpasswd does not exist in precise
<EvilResistance> guess its not there anymore
<EvilResistance> according to packages.ubuntu.com, 'mkpasswd' only exists in Lucid right now
<SpamapS> It probably has a better equivilent
<fifthecho> I have a bunch of automated VM deployment scripts that use itâ¦and just wasn't expecting a standard GNU util that I've used for like 10 years to disappear.
<fifthecho> I guess I'll just copy the binaries from a Lucid box into 12.04.
<SpamapS> I have it on my precise box
 * SpamapS waits eons for dpkg -S to return
<SpamapS> whois: /usr/bin/mkpasswd
<sbeattie> fifthecho: it's in the whois package. it got split out for just lucid to a separate package for reasons that I don't recall.
<SpamapS> sbeattie: ugh, and we didn't do a proper Replaces ?
<fifthecho> â¦that is possibly one of the strangest places to put it.
<SpamapS> Replaces: mkpasswd
<SpamapS> we did
<SpamapS> I don't know if its a "standard GNU utility"
<SpamapS> since whois owns it ;)
<Psi-Jack> Anyone here use Kerberos? I'm curious wether to go with MIT or Heimdal.
<SpamapS> Psi-Jack: I haven't deployed kerberos i years, but "back in the day" heimdal was lauded for being more modern. I don't know if MIT caught up or surpassed it at some point though, that was maybe 6-7 years ago
<Psi-Jack> Heh
<Psi-Jack> I don't think it has, personally.
<Psi-Jack> Heimdal still has all the fully integrated Samba support, MIT still doesn't.
<jkyle> I'm running into an issue in my pxeboot installs for 12.04 where the first reboot after install sticks at the grub boot menu (timeout is ignored). subsequent boots work as expected
<hattorihanzo> what might be a good channel to disscuss load balancing
<hattorihanzo> load balancing a web app
<fifthecho> hattorihanzo: Might depend on what you're using LB for and what you're using for LB.
<hattorihanzo> a custom c written json rpc server
<jkyle> hattorihanzo: paid or free as in beer?
<jkyle> if you've already solved the problem of consistency in backend data (db replication or what what not), dns load balancing with health tests and failovers are dead simple in Dynect
<hattorihanzo> paid if its not 1k
<hattorihanzo> im looking at haproxy
<jkyle> haproxy is not bad either
<jkyle> however, what I like about the dns solution is you get failover as well as load balancing
<hattorihanzo> but the app longpolls soo... configuring it to work without timing out is bugging me
<hattorihanzo> but wont people who have dns cached still point to the failed server for a while
<jkyle> but it depens on needs and intent, like fifthecho mentioned
<Bilge> Is there some way I can get PHP 5.4 on Ubuntu 10.04.4 LTS
<jkyle> hattorihanzo: perhaps, but a minute or two of temporary outtage with a few customers due to dns caching is better than a single point of failure requiring a new deployment or fixing the system ;)
<hattorihanzo> so does dynect use very short ttl's
<jkyle> you can configure dynect to serve multiple ip's too and set the ttl for what you'd like
<hattorihanzo> have u used dynect?
<jkyle> hattorihanzo: extensively...for a very high profile, very large user base scenario
<hattorihanzo> how about dynect lite
<hattorihanzo> 200 a month is pushing my budge
<jkyle> they're solid. got a rest api for automating records that's solid. only down point is you can't do public/private views. seems like a hard problem though
<jkyle> hattorihanzo: I've used lite personally, but can't do a hard core feature analysis. I jsut used it for janky personal blogs and such
<jkyle> never dug into it. shoot their customer service an email, they're responsive
<jkyle> hattorihanzo: it should be noted, you could do a lot of this yourself if you know bind9 well and a little scripting.
<jkyle> but then you have a project, not a solution
<hattorihanzo> yea
<TboatBKK> Hey all! Just setup 12.04, new to Ubuntu Server, can SSH over my local network, have static IP set, have port-forward and DynDNS setup, but can't access my server through the web address.  I believe it is either in my host file, or somewhere in the setting up of portforward.  Do I need to setup SMB before I am able to access my box through the webz?
<TboatBKK> Possibly in my resolv.conf file (DNS settings) also
<SpamapS> TboatBKK: SMB has nothing to do w/ the web
<SpamapS> TboatBKK: what would you expect to see at http://yourserver/ ?
<TboatBKK> an interface to allow me/roomates to login and access our files
<TboatBKK> when i "hostname -f" i get temporary name error
<qman__> have you installed this interface?
<TboatBKK> i should be able to also "ssh user@host.net" right?
<qman__> if you have port 22 forwarded, and your host.net resolves correctly, yes
<TboatBKK> i dont believe my host.net is resolving.
<qman__> though not necessarily from inside your LAN
<qman__> depends on your router
<TboatBKK> ive portforwarded before, so it is something in my configuration/setup
<TboatBKK> in the hosts file, would i use the external ip with the port, or the DNS address of my DynDNS host?
<qman__> have you tried from the internet?
<qman__> neither, the hosts file contains locally assigned addresses
<TboatBKK> so just the local default 127.0.0.1 and then my static right my hostname right?
<qman__> yes
<TboatBKK> so X.X.X.X                hostname.host.net                     hostname?
<qman__> it's a lot easier if you give us the actual values, it's not like anyone here is going to hack you, and we have your external IP anyway
<TboatBKK> 10.0.0.66        bkkcollection.sytes.net          BKKollection
<qman__> yes, that's a sane hosts entry
<qman__> that name does not resolve to an IP for me, if that's your actual dyndns
<TboatBKK> http://bkkollection.sytes.net/
<qman__> ok, that one resolves but does not open
<TboatBKK> its a fresh server, literally have SSH setup and nothing else
<qman__> port showing open
<qman__> so your application is probably broken
<qman__> well, there is no web server unless you installed one
<qman__> ssh is showing filtered
<qman__> probably not forwarded
<TboatBKK> oh no those are the next steps, was just trying to get ssh setup so i can stop plugging my keyboard in from one computer to the other, and before work tomorrow so i can work on it from how
<TboatBKK> there*
<qman__> you should be able to ssh 10.0.0.66 from your LAN
<qman__> to do it from the internet though, you need port 22 forwarded
<TboatBKK> can ssh locally, was trying to get the internet to work, haha sorry, was original question, poorly communicated.  just added the port forward for SSH, not working, but may take a minute to go through router and dns host
<qman__> dns doesn't care about your ports
<qman__> it's just name translation
<qman__> port 22 is still filtered
<qman__> getting 8.23.224.90 as the IP, is that correct?
<qman__> the IP you're connecting from has SSH open
<TboatBKK> How would I check my DNS hosts address, because that is what that is, not my actual router IP
<qman__> I'm not sure what you're asking
<qman__> but it seems to me your dynamic DNS is not configured correctly
<TboatBKK> haha just had my router logon appear, so i know the dynDNS works, just have to get the config right I guess
<qman__> huh?
<qman__> unless your server is available at 8.23.224.90, your dynamic DNS is the problem
<TboatBKK> hmm will keep playing around i guess.  If I am migrating a large bit of data from an old PC to this server, is git best? or should I just use an external HD?
<qman__> only if it's already stored in a git repository somewhere
<qman__> or you want it to be in a git repository
<qman__> if you're just transferring files, use rsync
<qman__> or scp, as appropriate
<jkyle> TboatBKK: git is not want springs to mind for transferring data
<TboatBKK> so HD over LAN?
<jkyle> or the suggestions qman__ made
<qman__> rsync works both locally attached and remote
<qman__> it's probably what you want
<jkyle> rsync avz /path/to/copy /path/copy/to
<TboatBKK> ok cool will look into that, thanks, it also seems that when I added my DNS server to my hosts, I placed it over my default, so that would explain why we were getting no connection haha.  thanks for all the help!
<qman__> that doesn't make any sense
<qman__> the hosts file only affects the local host's ability to do name lookups
<TboatBKK> I wasn't getting any internet connection on the server
<TboatBKK> just have LAN access
<qman__> and your DNS server doesn't need to be in your hosts file, it needs to be configured in resolv.conf, which these days is handled in /etc/network/interfaces
<qman__> in fact, most of the time, you don't need to edit the hosts file at all
<TboatBKK> even if I have a static IP set?  the hosts should say 127.0.1.1 BKKollection, not 10.0.0.66 BKKollection?
<qman__> ideally it should say the latter, but it will work either way
<qman__> apache will complain if it's set to 127.0.1.1
<qman__> but still work
<TboatBKK> my /interfaces BTW:
<TboatBKK> address  10.0.0.66
<TboatBKK> netmask  255.255.255.0
<TboatBKK> network  10.0.0.0
<TboatBKK> broadcast 10.0.0.255
<TboatBKK> gateway 10.0.0.1
<TboatBKK> unable to update, so seems I don't have internet access after setting the static
<plm> Hi all
<plm> people, I did a installation of 12.4 server, but in boot process I can't see anything, show just in monitor that not support that resolution and show nothing. after boot now show too.. how I change that?
<qman__> plm, during boot, press shift to load the grub menu, then edit the boot line
<qman__> and use nomodeset
<plm> qman__: thanks!
<qman__> as in, add nomodeset to the end of the kernel line
<qman__> this will only boot it once that way
<qman__> you have to change that in grub and save it
<plm> qman__: is just a file edit and save ?
<qman__> not exactly
<qman__> you have to edit it in /etc/default/grub, then run sudo update-grub
<plm> qman__: ok
<plm> thanks :-)
<qman__> that should do it but you may need other parameters
<plm> ok, I'll test that first..
<eutheria> i am currently using pfsense under kvm but i find freebsd based vm's a bit slow compared to running ubuntu, is there an ubuntu firewall type system like pfsense?
<plm> qman__: I tried press shift and not works...
<plm> qman__: show nothing.. not grub
<Guest68993> I am using server 12.04 lts,  how do I keep my display from going dark??
<resno> Guest68993: a server with a desktop?
<Tzunamii> He probably means the screen blanking in the console
<Guest68993> yes a server with GUI
<Guest68993> would like to run a screen saver of the photos I have on the server
<Guest68993> tzunamii, correct
<Guest68993> I have turn screen off when inactive for:  "never"
<Jeeves_> Hi
<Jeeves_> How do I make grub skip iscsi disks while updating?
<hallyn> is there a generic tag we can put on bugs to say they need translation?
<ZenMaster> So Ubuntu can be used to administer group policy just like Windows Active Dir with Domain Controller?
<SpamapS> hallyn: yes, its called 'translate.google.com' ;)
 * Resistance glances at SpamapS
<Resistance> google is evil
 * Resistance returns back to what he was working on
<hallyn> what he said :)
<jkyle> ZenMaster: ldap
<hallyn> but anyway, it's ok, a later bug by the same guy asks how to uninstall :)
<Resistance> hallyn:  you could poke the bugsquad about questions like that, or the bugs team
<Resistance> they might knkow what to do
<Resistance> hallyn:  this is in the triage guide: https://wiki.ubuntu.com/Bugs/HowToTriage#Bug_reports_not_in_English
<SpamapS> Right, google is super evil by giving us a free highly useful translation service which is perfectly usable in "incognito" mode.
<Resistance> basically it says to ask the poster of the bug to translate, or if you think its a critical bug, have the translations team translate it
<Resistance> SpamapS:  it gets the translations 50% wrong 95% of the time
<SpamapS> Thats generally enough to figure out the problem / mark it as dupe
<Dulcin> hi, I'm not sure where to ask this, but: if i were to set a A record, with mail.domain.com, and set this as my smtp server, would it then go to the ip and look for MX records? or does it not work like this?
<Dulcin> set this as my smtp server* in my mail client
<sarthor> I am trying to configure LSM, http://anilraut.blogspot.com/2007/07/installing-lsm-linux-socket-monitor-on.html , Do not know how to install it, where to put this directory? Any friend already familier with LSM please Guide me?
<Resistance> Dulcin:  normally mailservers for domains need to have MX entries
<Resistance> so in theory you could add MX entries for the mail.domain.tld
<Dulcin> and if the mx records are set to domain.tld? does an A record with mail.domain.tld redirect it ?
<murdock> I'm having trouble with accessing ports outside of my network. While on my home network, I can go to (servername):80 and access my webserver, but if I forward the port 80 to my server, it doesn't work with my dyndns domain (murderdock.dyndns.org:80). Is it possible to do this?
<mand0> murdock, does it work with the IP address externally?
<sarthor> I am trying to configure LSM, http://anilraut.blogspot.com/2007/07/installing-lsm-linux-socket-monitor-on.html , Do not know how to install it, where to put this directory? Any friend already familier with LSM please Guide me?
<murdock> You mean the ip address my ISP is giving me?
<mand0> ya
<Resistance> mand0:  are you behind a corporate firewall or a router?
<Resistance> oh wait
<mand0> heh, it's murdock
<Resistance> ah whoops
<Resistance> i just hit m[tab] so...
<mand0> he said home network
<Resistance> well the router needs to forward external traffic on port 80 inbound to the server then
<Resistance> otherwise you'll always get no traffic coming externally
<Resistance> to the server
<Resistance> bah, broken enter key
<mand0> he said he did. tho that could very well be the issue
<Resistance> that's more than likely the issue
<Resistance> 95% of the time (and I see this in Corporate networks too), people don't open the ports and send traffic correctly
<murdock> No, it's not corporate, it's my home setup. I had it working before on windows.
 * Resistance points out Windows and Linux are different
<Resistance> you still need to do port forwarding in your router for port 80
<murdock> I understand, and the port is forwarded.
<murdock> That's no different.
<Resistance> the other possibiliity is your ISP blocks port 80 inbound
<Resistance> some ISPs do that
<Resistance> (mine doesn't, but hey i'm on a Business class internet since yesterday, so... :P)
<mand0> try another port
<murdock> That's what I'm going to do. Now, for some reason, ssh isn't working.
<Resistance> sounds like your system may be dying
<Resistance> or the internal ip is changing
<Resistance> (which is entirely possible, given default home-router setups_
<murdock> I can ping it, and it's the same IP as before.
<murdock> It was an old computer I got for free, I just thought I'd have some fun with it. I guess I'll just wait until I can build a decent one myself.
<murdock> Yeah, now the webmin isn't even working.
<Resistance> ewww, did you say webmin?
<Resistance> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system.
<Resistance> just to put that out there ;P
<murdock> hah.
<murdock> I used linuxhomeserverguide.com or something to set it up.
<mand0> just reinstall with the latest iso
<murdock> Is there a sort of GUI like webmin, or should I just do everything terminal style?
<Resistance> terminal style is preferred nowadays, Linux sysadmins mostly need to know CLI
<mand0> you're in #ubuntu-server. terminal style!
 * Resistance is on a GUI right now :P
<Resistance> but for remote administration I use CLI
<mand0> i upgraded to 12.04 and now apticron is saying there are 144 packages pending an upgrade even tho they were already updated
<jkyle> what's the name for the package previously known as libmagick9-dev in 12.04?
<mand0> oh, i needed to do sudo apt-get dist-upgrade
<leimon> Hey all, I have setup my server, but now I can't not update.  sources.list is fine, I can SSH into the server (only installed SSH on install)  Has a static IP address.
<mand0> getting an error?
<leimon> Failed to fetch, Temporary failure resolving 'us.archive.ubuntu.com'
<leimon> route returns
<leimon> Kernel IP routing table
<leimon> Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
<leimon> default         10.0.0.1        0.0.0.0         UG    100    0        0 eth0
<leimon> 10.0.0.0        *               255.255.255.0   U     0      0        0
<leimon> ping: unknown host google.com
<mand0> what are you using for DNS?
<mand0> cat /etc/resolv.conf
<leimon> # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
<leimon> #     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
<leimon> nameserver 127.0.0.1
<leimon> search hsd1.va.comcast.net
<mand0> nameserver 8.8.8.8 (or whatever DNS you want) needs to be in there
<mand0> assuming your server is not running bind
<leimon> 8.8.8.8? or what my ip is?
<mand0> 8.8.8.8 is google's public DNS
<mand0> and 8.8.4.4
<leimon> if im running no-ip, how do i find the server address?
<leimon> or can i just use the google one no matter which dns host?
<leimon> i want to be able to access my server outside my LAN
<leimon> is http closed by default?
<leimon> Err http://us.archive.ubuntu.com precise-updates InRelease
<leimon>   
<leimon> Err http://security.ubuntu.com precise-security Release.gpg
<leimon>   Temporary failure resolving 'security.ubuntu.com'
<Pici> Did you update your resolv.conf?
<leimon> yes added the google ones
<leimon> is there any command to restart it, i did a network restart
<qman__> you probably overwrote it with a blank one
<qman__> resolvconf, as it says, overwrites it
<qman__> you have to add them to /etc/network/interfaces
<leimon> add what to interfaces?
<qman__> your DNS servers
<leimon> how do you add them to interfaces instead?
<qman__> see man resolvconf   http://www.linuxcertif.com/man/8/resolvconf/
<leimon> added them to interfaces, still not getting updates
<qman__> do sudo ifdown eth0; sudo ifup eth0
<qman__> provided eth0 is your interface
<leimon> wont that disconnect my ssh link?
<qman__> not if you do it quick enough
<qman__> helps if you put it in a script
<leimon> still nothing
<qman__> can you ping 8.8.8.8?
<leimon> yes i can
<qman__> and if you cat /etc/resolv.conf, does it show the right nameservers?
<qman__> if you run nslookup without arguments, it'll start interactively
<leimon> im not sure, how do i figure my correct name server for my ISP?  I have gateway etc, is it just 10.0.0.X?  or is it the 75.75.75.75 i looked up for comcast?
<qman__> 8.8.8.8 is open to the public
<qman__> it's google's DNS
<qman__> I don't know what your ISP's DNS servers are, they would have given you that information
<qman__> I also don't know if your router does DNS caching, you'd have to find out
<qman__> but if you set it to 8.8.8.8, it should work
<leimon> for updating?
<qman__> for internet access
<leimon> still nothing
<qman__> dig google.com
<leimon> unknown host
<qman__> more importantly, who did it ask
<leimon> google.com
<qman__> no, that's what it asked
<leimon> should there be something in hosts for my isp?
<qman__> no
<qman__> if you can ping 8.8.8.8 you're online
<qman__> you just don't have DNS
<qman__> and if your nameserver is 8.8.8.8, you have a good configuration, and it's being blocked somewhere down the line
<qman__> otherwise, your nameserver is not correctly configured
<qman__> that's all there is to it
<leimon> so i set my interfaces back to dhcp, still not getting anything
<leimon> just going to wipe and start over
<stgraber> hallyn: just started to work on a lxc python binding, looks like it's really quite easy to do and would be quite useful to write good management tools
<stgraber> hallyn: only problem is that lxc upstream will need to make liblxc public and version the api changes, but that shouldn't be to difficult to do
#ubuntu-server 2012-05-03
<Psi-Jack> So, it's almost a rarity these days that people even use Kerberos, isn't it?
<Resistance> i've seen it used on Unix systems, almost never on Ubuntu nowadays
<Resistance> and if I have seen it, its usually only on University networks and the occasional Corporate or Enterprise grade system
<Psi-Jack> I've gotten UP to getting krb5 mit working, except it throws me errors trying to create the realm in ldap.
<rocobruno> Hi, I was wondering if it advisable to install the ubuntu-desktop on a ubuntu server to use freenx. My concerns are of conserving as much of memory and cpu resources as possible.
<Patrickdk> if you install ubuntu-desktop, it becomes ubuntu-desktop, basically no different than using the ubuntu desktop iso
<Patrickdk> and it will use all the memory that it requires of that
<rocobruno> is there such a way that you can get the desktop on demand ? Without the machine always booted with gui ?
<Patrickdk> rocobruno sure? edit /etc/init/lightgm
<Patrickdk> and tell it to not start on boot
<rocobruno> Thanks Patrickdk
<ruben23> hi guys where we can find teh data of mysql on packages install in mysql..?
<Patrickdk> no clue what you just said
<EvilResistance> ruben23:  can you clarify what you mean by 'data'
<EvilResistance> and 'on package install' (same context)
<ruben23> becasue i ahve a script with this and dont knwo what commadn should i put coz this is source install but im using package install of mysql ----> `/usr/local/mysql/bin/mysql -uroot .p.password. -e 'show databases' |  fgrep -v  \  "Database" |  fgrep -v "information_schema"`
<ruben23> and also this ----> index_float=`du -amc  /usr/local/mysql/data/$i/*.MYI | grep total | awk '{print $1}'
<Psi-Jack> Bah!
 * Psi-Jack throws Kerberos out the window.
<ruben23> hi guys how do i install perl modules on ubuntu server..?
<matt_keys> I'm trying to bridge eth1 to virtual guests. i've got the bridge defined and working but the default was still virbr0. I virsh net-destroy default, then edited the default.xml to use the ip and bridge i want, but now when i virsh net-define the default.xml it says error: operation failed: network 'default' already exists with uuid e13c38e7-8679-b8ad-071a-3bd40d135af6
<twb> The name of the bridge is irrelevant
<twb> You could call it "arthur" and it would behave the same way
<matt_keys> is deleting the default network forbidden or something?
<twb> If it helps, this is a virsh dumpxml of a KVM instance, bridged to an existing bridge (set up in interfaces(5)) -- http://paste.debian.net/167078/
<greppy> ruben23: are the modules that you need not included in a repo?  most of the ones that I have needed I have been able to find by searching for the module, like 'apt-cache search XML::Tidy'
<matt_keys> twb : thanks, i had to restore default.xml like it was and then reinstall virt-manager to fix
<matt_keys> wouldn't connect to qemu or anything
<footvilla> I have 2 SSD 128 GIG running on Raid 0 Software Raid (mdadm)
<footvilla> every 30 min im getting bad sector errors, and it locks access to everything
<footvilla> how would i run fsck
<footvilla> on a raid 0?
<footvilla> sudo fsck =pcfv /dev/sda
<footvilla> ?
<twb> footvilla: fsck operates at the filesystem layer.  It doesn't give a shit about the underlying block device.
<twb> You would need to fsck /dev/md0 or whatever the RAID0 array is called.
<twb> Also, if no one has lectured you on this before: do not use RAID0 if you care about your data!
<footvilla> yea ive noticed
<footvilla> I went out and spent alot of money today
<footvilla> i picked up 4 WD Ae4 250 gig Harddrives
<footvilla> is it possible to transfer my raid0 and to those 4 harddrives to make it a raid 10 ?
<twb> Dunno why you'd get 250Gs unless they're on special.  The ideal price point at the moment must be around 1.5G range atm
<footvilla> i mean 500GB
<twb> Anyway, the obvious way to do it would be to create a new array on the new four drives, make LVM and filesystems there, then mount them and the old drives at the same time and copy files across.
<twb> If they're your boot drives as well, you'll also need to fiddle-fart around with fstab and grub so that the new disks will boot
<footvilla> LVM?
<footvilla> twb do you recommend using this tutorial ? http://www.numango.com/4653_linux-creating-configuring-raid.html
<twb> footvilla: have you read the Ubuntu Server Guide?
<footvilla> no
<twb> Do so
<twb> footvilla: you want the section "advanced installation" I think
<footvilla> yea however it only shows how to step by step configure raid 1 on two physical drives
<twb> RAID10 is just a mirror of striped drives (or a stripe of mirrored drives)
<twb> mdadm --create -n2 -l0 /dev/md0 /dev/sd[ab]2
<twb> mdadm --create -n2 -l0 /dev/md1 /dev/sd[cd]2
<twb> mdadm --create -n2 -l1 /dev/md3 /dev/md[01]
<twb> Something like that, anyway.
<twb> I do not know whether it is better to do 0+1 or 1+0.
<footvilla> yea reading up on google abou that
<footvilla> twb
<footvilla> server hd just wedged
<footvilla> http://paste.ubuntu.com/963838/
<twb> yeah that looks like the disks are dying
<twb> At this point I would be running SMART self-tests
<twb> (And obviously, making sure your backups are up-to-date)
<footvilla> how do i run smart self test?
<twb> install smartmontools, then smartctl -l and -t IIRC
<twb> smartctl -t short /dev/sda, then watch smartctl -l selftest, watch until the self test finishes
<twb> Good drives will give you an ETA on the self test; crap ones will not report anything about a test until it is either aborted or completes.
<twb> You can also do a long test.
<footvilla> thanks brb need to reboot this server
<jeeves_moss> just wondering....  Why after an update do all of my Outlook clients not connect to postfix?  I keep getting a dissconnect after EHLO
<footvilla> twb, i installed smartmontools
<twb> footvilla: 13:50 <twb> smartctl -t short /dev/sda, then watch smartctl -l selftest, watch until the self test finishes
<footvilla> http://paste.ubuntu.com/963854/
<twb> footvilla: so now wait for it
<footvilla> is the command window going to update?
<footvilla> with results?
<jeeves_moss> twb:  how's it going tonight?  it's been a while
<twb> Not very well as far as connectivity goes, it would seem...
<twb> footvilla: if you ran it in watch, it defaults to updating every 2s, as it says in the top-right
<footvilla> how do i run it in watch\
<twb> 13:50 <twb> smartctl -t short /dev/sda, then watch smartctl -l selftest, watch until the self test finishes
<twb> "watch smartctl -l selftest"
<footvilla> ERROR: smartctl requires a device name as the final command-line argument.
<twb> "watch smartctl -l selftest /dev/sda" then
<twb> Please exercise some initiative.
<shortdudey123> hi, i am running ubuntu 10.04 and i am trying to add JAVA_HOME as a permanent environment variable.  I added it to /etc/environment and also adjusted PATH, however only the adjusted PATH is being picked up.  Any ideas?
<twb> shortdudey123: why are you doing that
<shortdudey123> i googled it and quite a few places said thats how you do it... but obviously its wrong or i am doing something wrong
<twb> What is your actual goal
<twb> 15:03 <greybot> http://mywiki.wooledge.org/XyProblem -- "I want to do X, but I'm asking how to do Y..."
<shortdudey123> i am trying to start several services that require the JAVA_HOME var
<twb> If you are using the JRE that ships with Ubuntu, you shouldn't need to do that.
<shortdudey123> where would the JAVA_HOME var be pulled from then?
<twb> it's set somewhere in the nest of java wrapper scripts
<twb> I don't know where exactly.
<shortdudey123> i am using OpenJDK and not the started sun java
<shortdudey123> if that makes a difference
<twb> So you did apt-get install <java app> ?
<twb> Because that should Just Work
<shortdudey123>  sudo apt-get install openjdk-6-jre
<shortdudey123> and -jdk
<shortdudey123> this is the specfic error that i get: http://pastebin.com/D03mkige
<Smaug> hey all.  is there any way to restrict the commands a certain user can execute?
<twb> Smaug: not really
<twb> Smaug: if they are connecting via SSH keys, you can use a force command
<twb> Smaug: but e.g. if you give them vi, they can use vi's internal fork+exec to run arbitrary commands.
<twb> Er, s/vi/vim/
<twb> shortdudey123: how did hadoop get onto the server?
<shortdudey123> i installed it
<twb> shortdudey123: how
<shortdudey123> a repository from Clourdera
<twb> What you should probably do, then, is contact the clourdera people and report the problem and get them to fix the package
<Smaug> twb: okay, ignoring little workarounds like vi (which I guess I can restrict too), what is the force command you speak of?  what do you mean by SSH keys?  the user will connect by SSH, it is a bot actually, all it needs to do are run scripts with different inputs
<Smaug> maybe a couple other things but not much
<shortdudey123> twb: the repo is "http://archive.cloudera.com/debian lucid-cdh3 contrib"
<twb> Smaug: first go read up on how key-based SSH auth works.  You need to understand that before you understand forced commands.
<Smaug> right I thought that might be what you meant.  I am familiar with how key-based SSH auth works, though I only used it once, to learn how it works
<twb> Smaug: the Ubuntu Server Guide might cover it, I don't know offhand.  Check that first, otherwise try the sshd_config, ssh_config and ssh-keygen manpages, and google
<twb> Smaug: you should be using key-based auth always
<Smaug> twb: why? is using pws insecure?
<twb> https://en.wikipedia.org/wiki/Special:Search/Multi-factor_authentication
<twb> (That is assuming your keys have passphrases, of course.)
<Smaug> twb: ah i see.  cool, reading about it now thanks for the direction heading!
<twb> Here is a worked example:
<twb> command="nice ionice -c 3 rrsync -ro /",no-agent-forwarding,no-port-forwarding,no-X11-forwarding ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAsOX658HKuBNOy7X5UZPY8ogIKYaM1bQ/Nv04oFxyYj9i579fhn+gZ42fFnjMOXiTbSw6h8ZR+BF0smcDum2T6FANAdlQSanFIBMxbgAaYpNx/6qOsT1yECVzqqwEoOVqfGsb8iJwPJMJDGB40mxcvy++ESGLmgo9ivwhxdMbaS8= cyber-hosted-backup
<twb> You may wish to combine this with sftponly techniques in sshd_config for that account
<Smaug> do you know offhand if it's possible to  create keys for use in android (when I say bot, specifically it will be an android app)?
<twb> I do not
<twb> If that's your target, it may be better to simply expose the commands over an authenticated HTTPS connection with a simple REST app
<twb> Depends on the nature of the commands and so on
<Smaug> twb: that is not a bad idea, i suppose, is there a size limit on urls?
<Smaug> some fields may be a bit large, but maybe that's ok
<twb> I don't know
<Smaug> ok
<twb> web apps are for little girls IMO
<Smaug> all web apps :)
<Smaug> ?
<twb> Yes
<twb> arpanet for the arpans
<shortdudey123> twb: i am installing the sun version of java to see if that fixes the problem
<twb> Sigh
<shortdudey123> ya i know... but i am out of ideas
<shortdudey123> the sun java fixed the issue
<twb> Yuk
<twb> That'll only be because the app and sun jre are broken in the same way, so the broken halves fit together neatly :-/
<shortdudey123> lol true
<shortdudey123> twb, thanks for your help!
 * SpamapS wades into the forbidden realm of CentOS administration just to remind himself why Ubuntu Server is a bazillion times better
 * twb hands SpamapS the hip flask
<SpamapS> aye, I'll need a straw too
<greppy> not an IV?
<SpamapS> greppy: thats what got me to this place in the first place ;)
<twb> greppy: he's worried I doped the lip of the flash
<twb> *flask
<SpamapS> mainlining redhat's leftover crack
<twb> That or cooties
<twb> SpamapS: at least centos isn't using systemd yet
<SpamapS> twb: yeah, and at least it will take them 3+ years until RHEL7 which will most likely have systemd :-P
<SpamapS> or "the only daemon you'll ever need"
 * SpamapS is surprised they haven't suggested merging apache into it yet
<twb> FSVO they = lennart
<twb> I wish someone would just arrange for him to have an "accident" so things can go back to normal
<SpamapS> twb: careful. You likely have stalker fanbois who might think your serious. ;)
 * SpamapS curses his ' key for failing to fire and making him say 'your'
<_ruben_> your e key would to blame as well then
<SpamapS> helpless victim
<SpamapS> it's all ''s fault
<SpamapS> it's mad because it has no way to posess it
<SpamapS> ugh, decisions decisions..
<SpamapS> should I migrate off courier onto the sexier new "dovecot" ..
 * SpamapS used to think it was fun to run his own IMAP server. Now wants IMAP to die in a fire.
<_ruben> hehe
<greppy> SpamapS: for what it's worth, dovecot on debian/ubuntu has been way easier for me to deal with than courier was on the same.
<SpamapS> greppy: I'm sticking with courier just because I can rsync the config dirs and move forward.
<SpamapS> but I hate that. ;)
<SpamapS> and I have to build courier-imap and courier-authlib because epel doesn't have it
<SpamapS> why oh why do I run a CentOS IMAP server? (so you don't have to.. thats why)
<twb> SpamapS: why courier and not dovecot
<SpamapS> twb: rsync /usr/lib/courier-imap/etc newserver:/usr/lib/courier-imap
<SpamapS> thats about it
<SpamapS> laziness
<twb> inertia?
<SpamapS> It only has to support me.. though I am religious about using SSL for IMAP
<SpamapS> awesome, upstream's courier-imap packages now *force* systemd if you are on anything except suse
<SpamapS> stupid stupid stupid :-P
<rmk> Use dovecot instead
<twb> wtf
<twb> I didn't think courier was even maintained
<SpamapS> twb: it is. barely :)
<SpamapS> and yeah, at this point, with the systemd madness .. no point in even trying to use courier
<SpamapS> like.. awesome.. there are currently.. uh.. 0 RHEL or CentOS users with a /bin/systemctl command, and yet all new courier rpms depend on that.
<SpamapS> WTG courier... one less user to worry about. :)
<tdn> I maintain servers for a few customers. One of the regular tasks is to install security updates. A problem I face is that some updates require services to be restarted. This is no problem, if it is done outside of business hours. However, I prefer to do the maintenance work in business hours. So I figure there must be a way to install schedule an apt-get dist-upgrade to be run at night, without having to do it interactively? How to do this? I spe
<twb> Oh I just realized I was thinking of cyrus not courier
<twb> Whichever one provides the "sasl-bin" package so that stupid coworkers set it up as the sasl provider on postfix/dovecot mail servers
<SpamapS> cyrus
<twb> tdn: you can use invoke-rc.d to prevent automatic service restarts, but this will probably cause more problems than it solves
<twb> tdn: IME you just say "suck it up, the service will bounce at 10AM, nobody will even notice anyway so STFU"
<twb> Actually you can't use invokerc.d because stupid ubuntu uses stupid upstart which has no equivalent facility
<twb> invoke-rc.d only works for scripts that are still managed under /etc/init.d
<SpamapS> tdn: unattended-upgrades might be helpful
<SpamapS> twb: not true
<twb> SpamapS: it was true when I last checked as at 10.04
<SpamapS> twb: invoke-rc.d works for upstart jobs
<SpamapS> it worked then too
<SpamapS> though there were probably a few bugs
<SpamapS> because all upstart jobs from packages will also have a symlink from /etc/init.d/jobname to /lib/init/upstart-job
<twb> I guess I ran into a bug, then.  I wrote my normal invoke-rc.d which went something like #!/bin/sh \n exit 101, and upstart appeared to completely ignore it
<twb> argh, sorry
<SpamapS> twb: and you mean /sbin/policy-rc.d
<twb> I meant to say *policy-rc.d*
<twb> invoke-rc.d works fine but if the postinst calls "restart foo" because its an upstart job, then policy-rc.d was/appeared to be ignored as at 10.04
<twb> I had to do something hideous like replace initctl with /bin/true during package installation
<SpamapS> twb: that postinst is *in error*
<SpamapS> twb: I have fixed maybe 5 of those since 10.04
<SpamapS> twb: people need to use dh_installinit.. :-/
<SpamapS> stop inventing crap
<twb> I may have some details wrong, but it was definitely causing problems and I was definitely very annoyed by it
<Jeeves_> Morning
<Jeeves_> Does anyone know how I let Grub skip iscsi-disks while trying to find operatingsystems?
<twb> Jeeves_: grub or os-prober?
<twb> Jeeves_: in the latter case the easiest way is to simply uninstall it :-)
<Jeeves_> twb: Well, i upgraded a box to precise last night, and it looked into the iscsi disks as well
<Jeeves_> I think it was while 'Generating grub.cfg'
<twb> It'll either be code in os-prober or in /etc/grub/'s run-parts dir
<twb> I don't know if you can selectively disable os-prober's scans, because I usually just remove it
<Jeeves_> Nicely undocumented, btw. os-prober
<Jeeves_> No manual entry for os-prober
<twb> IIRC you also have to pin it to prevent kernel updates from reinstalling it
<twb> I think it's basically there to find the dual-boot Windows partition on ubuntu desktops
<Jeeves_> So don't install it on -server
<twb> Looks like os-prober's guts live in /usr/lib, so to selectively disable a scan you would dpkg-divert --rename /usr/lib/os-probes/mounted/10linux or whatever
<twb> It doesn't mention iscsi by name, so what is probably happening is it is simply iterating over everything in (say) /dev/disks/by-name/* and that happens to include iscsi on your system
<twb> I'm speculating quite a bit here, though -- you will need to do some tracing yourself
<Jeeves_> https://bugs.launchpad.net/ubuntu/+source/os-prober/+bug/797547
<uvirtbot> Launchpad bug 797547 in os-prober "os-prober interrupts device connection of kvm machines" [Undecided,New]
<Jeeves_> Nice ..
<SpamapS> alright, so dovecot is like a bazillion times easier to configure
 * SpamapS is now officially a courier hater
<Jeeves_> :)
<lifeless> SpamapS: \o/
<lifeless> SpamapS: dovecot is awesome
<twb> SpamapS: I haven't ever actually configured dovecot as such ;-)
<twb> Well, I have a liiiitle bit
<twb> I had to jump through a hoop to allow a stupid PHP script to talk to the IMAP server without giving it a full LDAP account
<twb> I wish it didn't have a hard-coded leading dot for subdirs though, because that annoys prayer
<twb> SpamapS: you probably want to change protocols = imap imaps to just = imaps, and maybe add ssl = required
<twb> Can't see anything else much interesting in etckeeper logs
<tdn> twb, I don't think that I can just restart samba with useres logged in without risking data loss :(
<twb> CIFS clients don't care
<twb> I'm pretty sure they recover seamlessly
<twb> Obviously you will want to test this, and not just believe some cowboy on IRC
<tdn> twb, I am pretty sure I have experienced problems with this before. This is the reason why I really want to avoid it.
<twb> Shrug
<tdn> And I cannot prove a negative by testing.
<twb> Sure sure
<lynxman> morning o/
<Jeeves_> I really hate how the boot proces of precise-server makes me wait for 'network configuration'
<Lazik> I feel you
<Jeeves_> 'Waiting up to 60 more seconds'
<Jeeves_> Looks like the person that thought of that 'feature' is unaware of pxe-install environments :)
<sarthor> Any one configure shorewall and LSM on Ubuntu-server, I have Ubuntu-server 12.04 installed. but do not know how to configure, Shorewall channel says "there is no .deb pkg, and you can Guess why there is only rpm " Any help please.
<jpds> sarthor: There's a shorewall package in the archive?
<jpds> sarthor: sudo apt-get install shorewall
<sarthor> jpds, shorewall already installed. problem with LSM. Link Status Monitor.
<sarthor> I want to compile lsm for shorewall on ubnutu-sever 12.04, How to do that, I never compiled anything before.
<Cirbri> I got something weird going on with my Exim4 config.
<Cirbri> I have Exim4 from package management -- where the config is all split, it's generated into a single file each time you run the init script -- I've replaced all this with a single, bare-bones config that doesn't do very much; now the parent Exim runs asDebian-exim instead of root. And it doesn't seem able to deliver mail locally.
<Cirbri> (presumably because it cannot access mailboxes owned by their specific users)
<Cirbri> Anyone have any idea what is going on?
<sarthor> I want to compile lsm for shorewall on ubnutu-sever 12.04, How to do that, I never compiled anything before.
<hallyn> stgraber: you've looked at ~frankban/lpsetup/lp-lxc-ip/ ?
<hallyn> stgraber: I can't decide whether to just turn the devicens blueprint into a non-discussion one with just a work item to discuss devicens at plumber's
<davmor2_> hey guys I am sure this is something I'm doing wrong I've followed the serverguide mail is up and running fine etc, I then went to setup roundcube  that displays a login page correctly but when I add the user and pass it says connection to imap server failed, what am I missing (this worked on 10.04)
<larsweb> davmor2_, Have you checked your firewall?
<davmor2_> larsweb: this is the first time running a firewall up and running I relied on my router firewall before, I have setup the firewall and as far as I know have opened the ports thunderbird can connect to it and send and receive mail it's just roundcube
<larsweb> I have an ubuntu server with apache 2.2.14 and drupal. When I test with "ab -c 1" it works fine. but it "halts" with "ab -c 2" or larger. How can I debug this problem?
<larsweb> davmor2_, are roundcube and imap on the same host?
<davmor2_> larsweb: yeap
<larsweb> davmor2_, which OS , mail, and imap?
<davmor2_> ubuntu server 12.04 64bit, imap is handled by dovecot, mail is postfix
<larsweb> and "iptables -L " says?
<larsweb> is there a guide to optimize apache/mysql/ubuntu for fast deliveries?
<stgraber> hallyn: I don't think there's much point discussing this at UDS as we won't have Eric or Daniel there, so making the blueprint non-discussion and adding the actual work items after plumbers is probably best.
<stgraber> hallyn: looking at the branch now
<hallyn> stgraber: so i wonder which state to use if not discussion.  drafting?
<stgraber> hallyn: I can probably decline it for uds-q, that should make it go away from the schedule
<hallyn> ok
<stgraber> hallyn: done
<hallyn> thanks :)
<stgraber> hallyn: that branch is interesting, especially the clone call in python, I didn't realize it was actually possible to do it without any C :)
<hallyn> say
<hallyn> yeah it's cool :)
<hallyn> stgraber: did you say you had blogged on lxc+apparmor?  I thought you did, but I don't see it.
<hallyn> (I was going to do a post just to explain that we don't have the stackign profile support and what that means, and reference yours first)
<stgraber> hallyn: didn't have the chance yet, my next blog post is going to be some kind of general overview of LXC in 12.04. So if you want to blog about apparmor specifically, go ahead.
<hallyn> cool.  if i don't get a chance before the flight to uds i'll do it then, but i'm hoping this week.
<stgraber> I'm planning on releasing my LXC in 12.04 post after the UDS plenary
<stgraber> hallyn: I'll add an item to the lxc blueprint whiteboard to discuss liblxc, ideally I'd like to use it for an upstream python-lxc, directly calling the C functions when it's easier and offering some nice python interface for the rest.
<hallyn> and a springboard to a bash-free lxc :)
<stgraber> hallyn: but for that we need to move quite some code around in the C side of things. I noticed that we have a lot of code that's in the tools but really should be in the library
<stgraber> hallyn: Implementing lxc_stop in the python module took me 5 minutes, but implemeting lxc_start would likely take me hours and lead to a lot of code duplication
<hallyn> and really I don't like the way templating is done
<hallyn> Sunday or monday evenign I think we should get together and break the items int he whiteboard into themes,
<hallyn> and decide which themes are most important during q cycle
<stgraber> hallyn: also, cleaning up liblxc to be easily usable by external tools will make it much easier to write a libvirt-real-lxc driver using it and stop that libvirt non-sense :)
<hallyn> perhaps restructuring lxc code is the thing we shoudl focus on now
<hallyn> heh.    sssssshhhhh, smoser will find you
<hallyn> and of course, adding hooks can be seen as part of restructuring (or as something to better add after restructuring)
<stgraber> adding hooks should be easy when we're already moving code around between the tools and library
<stgraber> hallyn, highvoltage: Added my thoughts on the library work and the python bindings to the blueprint
<stgraber> hallyn: oh, and having a good library will also make unit testing of the code much easier, which is probably something we should be adding to upstream lxc soon too
<hallyn> that'd be great
<hallyn> for higher level testing, i do need to sit down with jamespage about hooking my testsuite up to our jenkins instance (or whatever we can)
<highvoltage> stgraber: awesome.
<hallyn> i suppose maybe i should just set up my own jenkins instance in ec2 to do that
<hallyn> but i'll wait to talk to jamespage
<hallyn> stgraber: maybe we should flag ("(*)") items that would neatly fall in after a code rewrite
<hallyn> (like config file inclusion, etc)
<stgraber> hallyn: sounds good
<jamespage> hallyn, my bad - I've still not managed to help you do that....
<hallyn> jamespage: at this point we can perhaps best sit and chat next week
<jamespage> hallyn, agreed - we should also see how this fits into overall QA plans
<jamespage> then have some good stuff in pipeline ATM
<hallyn> if you care to look when you have a moment, it's at lp:~serge-hallyn/+junk/lxc-test
<hallyn> is there a qa session where this should be discussed, or is talking over lunch just as well?
<jamespage> hallyn, I'll try to find out
<ttx> adam_g: is there any OpenStack charm session scheduled for UDS ?
<ttx> adam_g: was wondering if we could make it a strong alternative to devstack for all-in-one development environments on ubuntu
<zul> ttx: there isnt one afaik
<ttx> zul: couldn't find it either
<aldo_> hi
<aldo_> can you help me?
<aldo_> ?
<Resistance> !details
<ubottu> Please give us full details. For example: "I have a problem with ..., I'm running Ubuntu version .... When I try to do ..., I get the following output: ..., but I expected it to do ..."
<aldo_> okok, so, i have 5 pc
<aldo_> and i use 1 pc for Ubuntu Server 12.04
<aldo_> how can I do to connect this pc with ubuntu server?
<Pici> Connect how?
<aldo_> this pc are connect with one router to internet
<aldo_> i wourd like share file in server
<aldo_> and use phpmyadmin in all pc (excuse me for my english)
<aldo_> (phpmyadmin of Ubuntu Server)
<aldo_> do you understand?
<Resistance> aldo_, so...
<Resistance> basically you want to be able to share files between your computers through your server...
<Resistance> and want to have phpMyAdmin accessible by your other systems from your Ubuntu Server system?
<aldo_> true
<aldo_> Work in Team on Web Project is my purpose, than all pc will see the work and the files and phpmyadmin
<aldo_> than all pc will also see the web page files in php
<aldo_> I installed php
<aldo_> can you help me?
<sbalneav> Hello, I'm having a problem setting up a new 12.04 server.  I've got 4 3TB drives, that I'd like to configure as software RAID10.  However, I can't ever seem to set up any partition as bootable.  In 10.04, I could create partitions as "Physical Raid Volume", and set the bootable flag.  Now, the flag stays "off", with the result that the grub install step fails.
<sbalneav> Has anyone seen anything like this?
<stgraber> hallyn: right, so jcastro told me I won't have the plenary slot for LXC at UDS (I guess that's the last time I propose a plenary considering how badly the last few went...). So I'll be blogging about it earlier than expected and will keep the talk for some other conference
<stgraber> hallyn: do you think there's sufficient interest to register a session for demo, q&a, ... or we'll have enough time for that in the lxc session
<hallyn> stgraber: not sure (i should think so) but you do remind me that at the last sprint, the kernel team asked for a lxc session showing more in-depth how it works, what kernel bits are used, etc
<hallyn> so perhaps even 2 such sessions - one high-level for people who want to use it,
<hallyn> and one low-level for kernel team and such.
<hallyn> (might also be good to have security team there to ask questions pointing toward the no-doubt-present security holes we haven't yet considered)
<stgraber> hallyn: I don't think we can really justify 3 hours worth of session for LXC but having one informational session and one development session would work. People should be technical enough at UDS that having some kernel questions during the session shouldn't disturb them too much :)
<hallyn> i'd think monday for the high-level one, and maybe wed or fri for the low-level one
<hallyn> stgraber: ok...  perhaps i'll ask apw if he still wants one and we can make it private
<hallyn> stgraber: oh, you were tinking informational blueprint
<hallyn> i was thinking evening sessions
<hallyn> sounds good, do as you planned :)
<stgraber> hallyn: right, I was thinking about registering a session and having it put on the main schedule
<apw> hallyn, i am interested in knowing whats coming at me down the pipe, whatever works for those of you throwing it :)
<stgraber> k, doing so now
<hallyn> apw: ok, i do give sort of (my view of) a general roadmap to 14.04 wrt to lxc and kernel features in my next blog post.  when i post it...
<hallyn> but i suspect getting together and starting with an lxc-create+lxc-start at a laptop, you all would think up some good questions
<stgraber> hallyn: https://blueprints.launchpad.net/ubuntu/+spec/foundations-q-containers-demo
<stgraber> jjohansen: would be great if you could attend for any security question ^
<wiherek> hi
<wiherek> i have a vps with only SolusVM and ssh access (no cpanel / directadmin)
<wiherek> I'd like to use google apps for mail. where do I set the MX nameservers?
<hallyn> stgraber: cool, thanks
<zul> hallyn: so...do you want to merge libvirt?
<jcastro> jamespage: ping
<hallyn> zul: is that a trick question?
<hallyn> it's on my list...  but happy to take it off my list if you want to do it
<jjohansen> stgraber: ack, marked myself as essential
<stgraber> jjohansen: thanks
<jamespage> jcastro: pong
<jcastro> jamespage: check your voicemail. :)
<jamespage> jcastro: just picked it up
<adam_g> ttx: i was hoping to cover the openstack juju charms during the openstack next steps session
<adam_g> ttx: i can propose something dedicated to those charms, but IMHO the session at last UDS didn't really accomplish much other than adding a bunch of wishlist work items that weren't really tied to the ubuntu release.  the essential charm stuff should align with openstack next steps nicely.
<adam_g> ttx: that said, both smoser and i have thought a lot about how to use juju to bootstrap openstack dev envs. but mostly multi-node setups, not all-in-one. i dont see much value in Juju doing that, it would mostly be a charm that just runs devstack?
<koolhead17> ttx, but devstack uses source pkgs i suppose
<adam_g> koolhead17: but hacking on source installed from debian packaging is a drag. we had toyed with the idea of extending the charms to optionally install from upstream repositories
<koolhead17> adam_g, well i will not think of writing charm 4 something which  whose changes everyday/hour/minute :)
<koolhead17> *source
<koolhead17> i see few launchpad bugs/questions asked on mailing list because of temporary commits and devstack failing
<insulina> hello, I am runing a ubuntu server with geoserver, and I realy need a good performance, all docs says that sun-jdk delvery better results than the openjdk, so I am thinking in trying oracle jre 7, does anyone have experience with this that like to share ? thanks
<roaksoax> smoser: http://wiki.flimzy.com/index.php/Install_Debian_on_USB
<mgw> hi, how can I remove a spurious entry from debconf-get-selections
<mgw> ?
<mgw> I accidentally added a line that does not correspond to any package
<mgw> I know it's probably harmless, but it's annoying all the same
<JonEdney> Is there a way to install Apache 2.2.22 and PHP 5.3.10 on 11.10?  My host isn't able to accomadate 12.04 on my VPS yet.
<Pici> JonEdney: Is there something that you need that isn't in 2.2.20 or 5.3.6 ?
<JonEdney> No, I don't really run much, just assume they would be more stable.
<Pici> JonEdney: I personally wouldn't worry about it.  Security patches are applied even if the version number doesn't seem to indicate that.
<Calif> hi, I have a server that won't accept a dhcp address
<Calif> actually let me try just one thing...
<JonEdney> Pici, that is good to know thanks.
<Calif> brb
<stgraber> hallyn: not sure if you noticed but your blog post is appearing as just plain text, none of the URLs in it are actual links
<hallyn> stgraber: hm, thanks - i'll have to look at it (later)
<mgw> Calif: do you have access to the dhcp server?
<stgraber> hallyn: just noticed we have a usernamespace session on the schedule for uds-q. Will that work without Eric present?
<erichammond> stgraber: What is a usernamespace? When I glanced at it, it looked like kernel stuff.
<stgraber> erichammond: it's kernel stuff :)
<hallyn> stgraber: i would try to get eric on the phone, but i would do the main presentation.  (it's an informational one)
<stgraber> erichammond: basically the most important missing namespace for containers, that allows the userid range in a container to be different from that of the outside
<hallyn> stgraber: i'm not yet decided as to wehther to cancel it
<stgraber> erichammond: so uid 0 in a container != uid 0 outside of it
<stgraber> hallyn: yep, if you can have him on the phone, that'd be fine indeed
<stgraber> hallyn: I'm doing a cleanup pass through the sessions as I've noticed there was a few duplicates and sessions that really shouldn't be there, so was wondering if user namespace was one of them. Good to hear it's probably going to happen
<erichammond> stgraber: If it is specific to running VMs with Ubuntu, then I probably have little contribute.  My interests are focused on running Ubuntu servers on Amazon EC2.  I have no interest in running my own hardware any more.
<stgraber> erichammond: it's specific to LXC containers, so won't affect VMs
 * erichammond looks up LXC.
<erichammond> Cool! but I'm still unlikely to have much to contribute, so don't schedule around me.
<rockets> Is there any decent documentation for configuring KVM on Ubuntu 12.04 Server? I've found a lot of documentation for KVM but it's all for 10.04 and older, and it doesn't seem to work.
<rockets> I found one document for ubuntu 12.04 beta 1, but that didn't work either
<terwine> Hi! I am having some trouble with SAMBA/AD shares since I upgraded from 10.04 to 12.04. Is there anybody familiar with this process who could provide some insight?
<hallyn> stgraber: erichammond: fwiw, there is potential for (mapping-free) user namespaces to be useful for protecting the host from qemu drivers
<hallyn> anyway the user ns session would be informational
<Psi-Jack> heh
<Psi-Jack> rockets: KVM is pretty much very easy. You install kvm, you use it. If you want management tools for it, libvirt, virt-manager, and virt-viewer are useful for desktop use tools.
<Psi-Jack> libvirt itself is useful also in a pacemaker-managed cluster of kvm-based hypervisor server clusters.
<Psi-Jack> terwine: I don't totally use 12.04 /yet/, but I do have some 12.04 server VM's I run. What about Samba/AD are you having issues with?
<terwine> Psi-Jack: I have a SAMBA share that I use to push nightly backups into. The share is hosted on my ubuntu server. The hosts that connect to it authenticate(or at least they used to) with their AD credentials
<Psi-Jack> I see.. And what are you using for AD integration?
<terwine> Also, I use a windows to unix user mapping for authentication.
<terwine> kerberos5, and winbind
<Psi-Jack> I see.. That's a painful combination. ;)
<terwine> indeed. Took me two days to get it working on 10.04 when I set it up
<Psi-Jack> Centrify, is one method I have heard works very well with AD integration, and doesn't have the same flaws winbind does.
<terwine> I have heard of this. Do you think it is worth a shot?
<smoser> tyhicks, http://paste.ubuntu.com/965549/
<smoser> you seen that ?
<Psi-Jack> terwine: I don't know yet. I've mentioned to my boss I'd be investigating into what is needed to centralize out authentication against their PITA ADS server. ;)   Ended up getting a Windows 2008R2 ISO from them with one of the company VLK keys for it to experiment with in non-production environments. ;)
<tyhicks> smoser: Yeah. For now, do a `find ~/ -inum 1279352`, verify that it is an empty file and then delete it.
<smoser> (i usually just delete it)
<terwine> Ah. I liked the fact that kerberos and winbind are free, and once I had it working before it was great for many months.
<tyhicks> smoser: I'm working on handling the error path better that causes that empty file to be created.
<smoser> but its annoying, and often i am made aware of it because something gets input/output errors when writing a file.
<smoser> i've not lost any data that i know of to it, so i'm not terribly upset.
<tyhicks> smoser: Is it usually the same file (or the same app) that causes it?
<smoser> and happy that you are aware and working on it. thats good enough for me.
<smoser> i dont knwo... recently its been offlineimap that i've been seeing it with i think.
<smoser> which is wrigint maildir style files
<tyhicks> ok
<smoser> so its probably an order of magnitude the highest file writing thing i do
<smoser> as in "lots of little files"
<rockets> Psi-Jack, the issue is i need to set up bridging. NAT isn't going to do it for me
<Psi-Jack> rockets: That's easy.
<rockets> Psi-Jack, yes, easy when you know how to do it :)
<Psi-Jack> Heh
<Psi-Jack> rockets: Well, pastebin your /etc/network/interfaces, and I'll transform it for you.
<rockets> lolol
<rockets> hmm
<rockets> is that all it really takes?
<rockets> hold on
<Psi-Jack> And having the bride-utils installed, yes.
<rockets> server is reinstalling, should be done in like ~5 mins
<Psi-Jack> bridge-utils even!
<pabelanger> So I have a few bugs related to openstack packaging, any suggestion on how I can get them merged faster?  Is it better to try and commit them into bzr (pull request) or debdiff?
<pabelanger> The work is done, just not merged
<Psi-Jack> rockets: Sure I'll still be here. :)
<Psi-Jack> rockets: Just make sure when you're ready, say my name as normal, letting me know, paying attention to multiple channels. ;)
<rockets> thanks Psi-Jack
<tyhicks> terwine: I recently set up Samba/AD on 12.04 for testing a security update. I took some rough notes I could forward onto you.
<terwine> That would be much appreciated. I'm also downloading the free version of centrify, but would love to stick with open source
<terwine> also, thatnks psi-jack
<tyhicks> terwine: pm me your email address
<terwine> thanks*
<Psi-Jack> tyhicks: Did you use Centrify?
<tyhicks> Psi-Jack: No, winbind
 * Psi-Jack shivers.
<terwine> I got stuck configuring PAM the last time, then to bind windows users to the unix user
<smoser> roaksoax, search for maas at https://docs.google.com/a/canonical.com/?tab=oo&pli=1#home
<rockets> Psi-Jack, bah I gotta go. Thanks for your offer of help. I'm sure I'll either figure it out, or wait until I can find you again :-D
<Psi-Jack> heh
<Patrickdk> hheh
<wiherek> If I don't have access to something like directadmin, cpanel or linode panel etc., I can only create a name - ip relation for my vps by assigning the specific hostname to it, right?
<wiherek> (I dont want to set up my own dns, just use my hosting providers dns)
<adam_g> roaksoax: if you care to help get this into -proposed, i'd appreciate. :)   theres a debdiff attached to bug and a branch linked. i seem not to have sufficient upload rights to do it myself. https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/990742
<adam_g> smoser: ^
<uvirtbot> Launchpad bug 990742 in openldap "slapd fails to upgrade: requires libsasl2-2 (>= 2.1.24) installed" [High,Fix released]
<roaksoax> adam_g: looking into it
<roaksoax> adam_g: forgot to update the maintainer :) http://paste.ubuntu.com/965751/
<roaksoax> adam_g: uploaded
<adam_g> roaksoax: dahh thanks
<wiherek> how can I check which processes start at system boot?
<thomas> I'm in a bit of a bind and I'm not even sure if this is were to ask but it's a start. I got a server with over 2k emails accounts (I'm trying to figure out how to find out when users last popped email from me so I can remove ones that are >6months old anyone got any advice? or point me in the right direction?
#ubuntu-server 2012-05-04
<fosterdv> @thomas What mail daemon are you using?
<pedahzur> Anyone here work on the Ubuntu Virtualization PPA?  Just went to install a VM on an Ubuntu 10.04 host, and got an error saying 'virt-install: error: no such option: --initrd-inject'  Went to https://launchpad.net/~ubuntu-virt/+archive/ppa Added the PPA.  Trying to update, I get this error from apt: qemu-common: Depends: vgabios (>= 0.6c-2ubuntu2) but 0.6c-2ubuntu1 is to be installed. Also, it looks like the packages are old:
<pedahzur> virtinst is at version 0.500 from a year ago. The CentOS 6.2 box I'm on has a virtinst package of 0.600.
<thomas> fosterdv, I'm assuming you mean sendmail. I'm a bit green just trying to do some leg work for my engineer
<fosterdv> Yeah, :)
<fosterdv> Are you using mbox or maildir?
<fosterdv> mbox = mailboxes show up as a single file...
<fosterdv> maildir = each email is a file to itself
<thomas> fosterdv, Sorry for the delay ribs finished :) Had to have some family time there. Anyways, I belive mailboxes show up as a single file.
<EduFrazao> Hi all
<thomas> o/
<jkyle> setting up rsyslog server on ubuntu. the server is receiving remote logs, but outputting them to /var/log/rsyslog instead of my specified /var/log/remote.log
<jkyle> here's the conf snippet: https://gist.github.com/2590703
<EduFrazao> im new on ubuntu. I need to install the libreadline5-dev, but I cant found it with apt-cache search. I have only libreadline5, libreadline6 and libreadline6-dev. I need to add another repos on apt-get? Im using Ubuntuserver 11.10
<thomas> jkyle, I did this before using some sort of 'finger' and doing something with the /etc/mail dir.
<jkyle> wut
<jkyle> should be able to do it all in rsyslog
<ruben23> hi guys any help regarding running a particualr script, what shoudl be done-------> http://sites.google.com/site/kjalleda/mysqlreplicationconsistency
<thomas> I can't find the rsyslog lol
<pedahzur> EduFrazao: What version? libreadline5-dev was only available in hardy through natty.
<EduFrazao> pedahzur, yes... On 11.10 it is deprecated... but it is needed by vmware vcap....
<EduFrazao> I think that I will need to downgrade my virtual machine...
<EduFrazao> =/
<pedahzur> EduFrazao: Are you locked in to VMWare?  Could you use KVM?
<EduFrazao> pedahzur, im using cloud-foundry =/
<pedahzur> EduFrazao: Ah.  They should have support for recent Ubuntu versions.
<EduFrazao> from vcap user manual: Note that the recommended version is Ubuntu Server 10.04-2 LTS.
<EduFrazao> =/
<jkyle> yay, got it
<wiherek> is the ssl private key bound to the machine that created it?
<jkyle> wiherek: no
<thomasu> anyone know the ls command which list list all the mail files by size and date last modified?
<fosterdv> thomas, did you ever figure it out?
<fosterdv> I also stepped away for lunch, sorry about the delay.
<bazhang> http://manpages.ubuntu.com/manpages/precise/man1/ls.1.html thomasu
<thomasu> Well, I figured out that I use dovecot for email and I have each email file in my /var/spool/mail directory. From there if I can ls it in a way to show date last modified I'd be set :P
<fosterdv> I didn't know that reflects logins.... well, that's cool :P
<fosterdv> I was trying to figure out how to do it myself, it's been a while since I checked for things like that... but, if you save your maillogs, future reference... when you're going through your users, you could also attempt using grep -r 'username' in the maillog, and look for anything showing the last time they accessed the account.
<fosterdv> or at least attempted... :P
<thomasu> yeah this is a pain but i'm close :)
<fosterdv> Nice, :D
<fosterdv> Mail is always a pain in my experience..
<Patrickdk> mail just takes time
<fosterdv> That it does.
<tohuw> When invoking ftp from the CLI, how can I get all files in a given folder?
<fosterdv> ls ?
<tohuw> I mean get, as in the command. In other words, I need to download all files, and I don't have access to the parent.
<qman__> mget
<tohuw> qman__: thank you.
<qman__> mget *, specifically
<twb> http://mywiki.wooledge.org/FtpMustDie
<qman__> or any other wildcard
<tohuw> twb: I hate ftp with bleeding daggers, but this isn't my server, or even my project. I'm merely stepping in to provide a few solutions, then exiting stage left.
<twb> Fair enough
<Datz> Could someone tell me what these dependency problems are about when trying to install php5: http://pastebin.com/eq8cpUq1  I have gnome-session-fallback installed as well.
<tohuw> qman__: Why, when I mget -i *, does it still ask me about every file?
<twb> Probably because the basic ftp client is crap -- you might get better behaviour with lftp or something
<twb> Or better would be rsync, scp, &c of course
<qman__> yeah, I don't know
<qman__> sftp's works better
<tohuw> ugh. I may just tell the vendor I'm not providing the solution to the client until they give me ssh access.
<tohuw> Seriously, ftp? Even the IIS teams I work with treat me better than this. :(
<twb> tohuw: +1
<slide> Im getting a cp: reading 'file': Input/output error but running fsck on the drive shows no errors
<twb> I'm about to email a customer saying "upgrade your switch so it supposed key-based SSH"
<qman__> sounds like a good plan to me
<slide> is there something more i can run to check it?
<twb> slide: did you check dmesg, system logs, smart self-test?
<tohuw> Hah... mget refused to download directories because they aren't regular files.
<tohuw> My path is clear.
<twb> tohuw: usually you need a client that can walk the tree a la -r
<qman__> slide, you can use dmesg or smartctl to find out if it's a hardware error or a filesystem one
<slide> twb, yes, i am getting an error in the syslog, gist.github.com/776739c3c680a9bbc2c5
<qman__> looks like the drive is dead
<qman__> grab what you can and hope you have a backup
<slide> hrm
<slide> its just that one file
<qman__> means that section of the disk is what's bad
<qman__> but it's only going to get worse
<qman__> ddrescue may be able to save some of it, but that's just gambling
<slide> is there a tool that will actually tell me what areas are bad etc?
<twb> slide: your drive is dead/dying; make sure your backups are up to date, and then schedule a replacement ASAP
<slide> k
<qman__> the error told you
<twb> slide: what that's saying is there are so many bad areas already, there are no spare areas left to allocate replacements from
<qman__> modern drives manage themselves, they decide where to store data on the actual disk and they automatically handle a certain amount of bad sectors
<qman__> when you start getting unreadable files, it's beyond that point
<slide> wow its been run for 14000 hours
<tohuw> Night all. Datz, If it's an option on that host, backup, purge apache (or at least apache-mpm* and apache-php*) and any php-* packages, install php5, see how it feels about that. Otherwise, figure out how to resolve the conflicts your installed apache-mpm packages are causing: dpkg -L name_of_package.
<qman__> slide, that's actually not very good, one of the disks in this machine is at 46319 hours
<twb> I bet it's a green drive
<Datz> thanks tohuw
<qman__> could be anything, my newly rebuilt file server, less than a year old, already lost three drives and a fourth will come soon, already has an offline uncorrectable sector
<qman__> fortunately this time around they didn't all go at once
<qman__> so I could RMA and replace
<qman__> and those are samsung hd103sj
<twb> See I buy whitebox junk so I don't have those problems ;-P
<slide> nah i dont think its a green drive
<slide> Seagate Barracuda LP
<twb> qman__: we used to explicitly request disks from different batches, and/or different manufacturers, to try to avoid them all dying at the same time
<twb> I don't think we bother anymore
<slide> ok backing up now
<slide> luckily had a drive with just about the exact amount of space free heh
<twb> You should consider using md raid in future
<slide> im poor
<grendal-prime> ok got about 100 or so servers at this point...some physical..mostly vm's
<twb> how much is your data worth?
<twb> How much is your TIME worth to try to recover it from a dead rive?
<grendal-prime> we want aaa type of server..nis...
<grendal-prime> im thinking nis..seems simple..
<twb> nis is dead
<grendal-prime> isnt there something that works directly with pam though
<slide> no im so poor i can barely afford food sooo extra hds arent really viable ha
<twb> You should not use nis on any untrusted network, because it allows ANYONE on the network to see ALL your passwords
<grendal-prime> slide where are you
<slide> louisiana
<grendal-prime> what kind of drives do you need
<twb> grendal-prime: you should look at LDAP, which is the only actively maintained solution.
<twb> grendal-prime: to do it properly you should be using kerberos, but that's a huge pain so at least use LDAP.
<slide> i dont NEED drives, ive got a few hundred gigs left, hopefully i can save up before they fully fill up
<grendal-prime> i have a pile if drives
<twb> I dunno about .us but in .vic.au there are recycling shops that take three-year-old machines and refurbish them with linux, and sell them too poor people for like $10
<grendal-prime> twb i do something similar
<grendal-prime> in my spare time..
<grendal-prime> which i dont have much of now
<grendal-prime> but i charge more like 100 or so
<grendal-prime> and people bring me their hardware
<twb> http://bytebackaustralia.com.au/
<twb> I think that's the site
<grendal-prime> slide you want me to send you some hd's
<twb> Maybe they just throw them away and there's a different mob, I'm not sure
<slide> hrm tempting heh but no thanks :)
<slide> thank you though
<seoaqua> has anyone used boa webserver? the server is not running,with no errorlogs
<twb> I think I used it for about three minutes
<seoaqua> has anyone used boa webserver? the server is not running,with no errorlogs
<grendal-prime> i got an adaptec filer sitting here
<grendal-prime> ok so ldap server...
<grendal-prime> slapd?
<grendal-prime> that filer by the way is  a noisy fkr
<grendal-prime> and heavy, prolly cost 100 bucks to ship to florida from cali
<twb> grendal-prime: yes, you will need to do some reading
<footvilla> is there some sort of application i think i heard of it that u can installed on your ubuntu server
<twb> grendal-prime: unfortunately most of the LDAP documentation is written by cargo-culters who don't know what they're doing
<footvilla> and external monitor like cpu usage, hd space and system health?
<twb> footvilla: there are many.  collectd is what I use.
<twb> footvilla: nagios and munin are also worth investigating
<grendal-prime> footvilla, there are hundreds of things for that
<grendal-prime> htop is probaly the easyest quickest most usefull
<twb> grendal-prime: ah, he said "external" which threw me off
<grendal-prime> but its curses based you log into the server and watch it
<grendal-prime> your probaly right...nagios though..man that thing scares people off like crabs.
<footvilla> nagios free?
<grendal-prime> we monitor all our ubuntu servers ..and i dont know why they never fail
<grendal-prime> nagios free ya..
<grendal-prime> so is zabbix
<grendal-prime> you need alerting?
<twb> zabbix is PHP though IIRC
<grendal-prime> php rocks
<twb> http://me.veekun.com/blog/2012/04/09/php-a-fractal-of-bad-design/
<Datz> tohuw: purged apache2, installed php5 without problem, then installed apache2 without problem; everything works.. Don't know what the problem was before. Might have purged some dep for a package I have installed and broken something I will find out about later. :)
<grendal-prime> anyone tells you other wise they are high
<footvilla> well running a webserver
<footvilla> alerting would be nice
<twb> footvilla: performance monitoring or availability monitoring?
<footvilla> also would like to see if the webserver gets overloaded or howmany people browsing the website
<footvilla> a little of both twb
<grendal-prime> id recommend ntop
<grendal-prime> network throughput and from where
<grendal-prime> easy setup web graphs..we use it alot
<footvilla> something simple that i can remotely log in
<footvilla> mem usage / network usage / cpu usage etc
<grendal-prime> it will give you very good statistics on nework traffic
<grendal-prime> footvilla, if you want to quickly see whats happening..very directly monitor..htop is the thang
<grendal-prime> apt-get install htop
<grendal-prime> then ssh into the box and type htop
<grendal-prime> see what it gives you..that may be exactly what you want..you want something that logs tracks and charts stuff..you will need to look into something else
<grendal-prime> orion..zabbix, nagios..
<footvilla> yea logs tracks and charts
<grendal-prime> much more setup usually
<footvilla> but also i could log into w/ username
<footvilla> gui interface
<grendal-prime> i would recomend you do the htop thing anyway..you can highlight processes and kill them
<grendal-prime> and see live..each proc how much is being used...what is top and you can scroll through all the processes with your arrow keys
<footvilla> yea installed htop
<grendal-prime> and run strace on any processs and see the actual data that is being processed by the kernel directly
<grendal-prime> and it runs from you smart phone as well.
<grendal-prime> anything that ssh's in
<grendal-prime> that thing has saved me a lot of hassle
<footvilla> nice! thanks grendal
<grendal-prime> np
<grendal-prime> its the first thing i install on all the linux boxes
<grendal-prime> in fact...heheh  if its not installed...i know i prolly didnt build the box
<grendal-prime> twb, soo im looking at the webmin module for ldap. looks pretty straight forward.  (the management and sups at my regular gig love that thing)
<twb> Do not use webmin.
<grendal-prime> you are just full of way to practical bummer type responces
<twb> Specifically regarding the webmin ldap users & groups modules, note that it requires full root bind privileges, and only speaks RFC 2307/bis -- which is manageable apart from password expiry.
<grendal-prime> unfortunatly,  there is something we do that has become amazingly simple with that tool.  to the point where it was required on most of the servers
<twb> RFC 2307 relies on the client to enforce locked/expired/needs-reset passwords, so anyone that has root on their own box can simply ignore them.
<twb> grendal-prime: we used to use webmin, too, for the same reason.  We fixed that by taking our webmin custom modules and just running them under a thin hand-written shim instead of under webmin.
<grendal-prime> we only use it on isolated networks though
<grendal-prime> also its one of those things were very few people have access to the admin of the tool..most have access to one module
<grendal-prime> we are security audedted regularly by an outside source..we pass all the time..you just have to lock that bitch down..
<grendal-prime> but i digress
<grendal-prime> soo you dont like the way that it works with ldap though
<grendal-prime> this is getting irratating
<grendal-prime> we got an emp that is leaving.
<grendal-prime> we have to change 100 or so admin passwords..
<grendal-prime> and that blows..and ..we may wind up with 100 more servers.
<grendal-prime> i want to get this nailed down now.
<grendal-prime> was thinking about radius as well
<grendal-prime> but that seems somewhat complicated
<Knightwise> morning everyone
<Knightwise> hey pehden
<Knightwise> does anyone have an idea how to change the default port on Owncloud away from port 80 ?
<andol> Knightwise: A quick look at ownclouds suggests it just being PHP running from Apache, etc? Shouldn't it just be to change the Apache port config then?
<Knightwise> yeah , but i opened up the apache config in webmin and it doesnt show owncloud as a seperate virtual host.
<twb> 14:25 <grendal-prime> we have to change 100 or so admin passwords..
<twb> grendal-prime: key-based auth
<twb> With monkeysphere they can be revoked; alternatively you can cheat and use the ssh blacklist patches (but they're Ubuntu/Debian-specific)
<grendal-prime> ya its not that simple though
<twb> grendal-prime: not in your current setup, no
<twb> But here, when someone leaves, I add their SSH key to the blacklist .deb and it's automatically installed on all hosts by the unattended-upgrades package
<twb> When I get around to adding my PPA to my customer's machines, they'll get it, too
<twb> Of course, that won't stop a malicious staffer from adding back-doors in advance.
<grendal-prime> ya
<grendal-prime> on a side note ...did you know that margaritas at this hour (even in california) is something that is frowned upon?
<grendal-prime> and...there is no more wine
<grendal-prime> im going to sleep
<grendal-prime> i have to. because of this bezar social glitch
<grendal-prime> night all
<fosterdv> twb, are you still around?
<twb> fosterdv: what do you want
<fosterdv> I was wondering if you know anything about installing ProFTPD on Ubuntu Server 11.04, and why it might be hanging during installation?
<adam_g> roaksoax: if you get a min, would you be able to push the debdiff attached at https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/990742  against openldap into -proposed?
<uvirtbot> Launchpad bug 990742 in cyrus-sasl2 "slapd fails to upgrade: requires libsasl2-2 (>= 2.1.24) installed" [Undecided,Fix committed]
<twb> 12:45 <twb> http://mywiki.wooledge.org/FtpMustDie
<twb> fosterdv: last time I ran ftpd it was vsftpd
<fosterdv> Ah, okay... thanks anyways.
<ruben23> hi guys any helphow to make this run on my ubuntu-server do i need some additonal component to do this..? ---> http://sites.google.com/site/kjalleda/mysqlreplicationconsistency
<sht3> hi everyone. this is more of a generic linux question but here it goes.. I have a server with a large mdadm raid array used for a file server and the os (ubuntu) running off of a single SSD. what i notice when the server is under any load is that commands will hang when I run them. commands like df, who, ps.. pretty much anything. I thought it would be related to disk IO but the OS SSD is not used by the file server so this doesn'
<sht3> i can literally run "time who" like 20 times, and 8/10 times its < 0.1 real, sometimes up to 6 seconds though.
<Knightwise> anyone have any experience with Mumble server ?
<ttx> adam_g: the value would be have an environment that you can evolve
<ttx> adam_g: devstack is a start and an end to itself, it uses specific branches and installs in non-LHS compliant places
<ttx> I'd very much prefer if the devs (at least those running Ubuntu) would use Juju to bootstrap an all-in-one locally, which would use proper Ubuntu packages... and could potentially be made to evolve into a multi-node setup by adding new nodes and relations
<ttx> It sounds like a worthwhile target to encourage devs to run Juju & proper Ubuntu packages, as that's where the mindset starts
<ttx> adam_g: so I think it warrants its own session. Something like "Promote OpenStack charm as a dev/tester bootstrap environment"
<koolhead17> ttx, +1
<viegasfh> hello everyone
<viegasfh> I have just installed Ubuntu Server 12.04LTS and I have noticed that it takes longer to boot than 10.04LTS
<viegasfh> is there a way to get disable the logging that shows in the screen at startup?
<viegasfh> I have already tried to search on google but only found how to disable sound on startup
<viegasfh> can someone help me with this?
<twb> viegasfh: what kind of logging
<viegasfh> when you boot you get the screen where you can pick either normal boot or the safe mode
<twb> viegasfh: on a server install?
<viegasfh> after that all the dmesg logs show up on the screen
<viegasfh> I want it to go straigth to the login screen, and skip this one
<viegasfh> yes, server install
<viegasfh> ok with the desktop
<viegasfh> don't get that on the desktop
<twb> viegasfh: if you're getting that, there is something wrong
<viegasfh> and never noticed that on 10.04
<viegasfh> I am running it on vmware
<_ruben> and you cant *skip* it, as what you see is realtime
<viegasfh> well, not really skip, but stop it from showing on screen
<viegasfh> I can always go to the logs and see what went wrong
<viegasfh> I checked the logs and the system seems to be running ok
<viegasfh> it is just that it has been a long, long time since  I noticed all the logs on screen, in similar fashion to CentOS or Red Hat
<viegasfh> or FreeBSD
<lynxman> morning o/
<cultavix> good morning
<twb> I guess if you remove "splash" from grub options but keep "quiet" it will not output much
<twb> I remove both so that I actually see *useful* bootup messages
<Jeeves_> root@otrs:~# lsb_release -a
<Jeeves_> No LSB modules are available.
<Jeeves_> Distributor ID:	Ubuntu
<Jeeves_> Description:	Ubuntu 10.04.4 LTS
<Jeeves_> Release:	10.04
<Jeeves_> Codename:	lucid
<Jeeves_> root@otrs:~# do-release-upgrade
<Jeeves_> Checking for a new ubuntu release
<Jeeves_> No new release found
<Jeeves_> That's odd
<xnox> Jeeves_: lts->lts upgrades start with 12.04.1 (NB!)
<Jeeves_> wtf?
 * xnox it's always been like this.
<Jeeves_> Ehm, not that I know off.
<Jeeves_> But ok.
<xnox> lts->lts upgrades need testing & ironing upgrade bugs out.
<twb> xnox: oh is *that* why
<twb> I didn't realize that was official policy, I thought it was just me being sensible
<Jeeves_> xnox: I thought that was why we had beta's and stuff
<twb> Jeeves_: .0 releases are always bullshit
 * xnox and 0day SRU & updates....
<twb> I don't mean in ubuntu, i mean in anything
<ttx> Daviey, zul, adam_g: thread for you @ https://lists.launchpad.net/openstack/msg11152.html
<spajderix> hi
<spajderix> I broke my OS, and now I'm desperatly trying to fix this, to make long story short I made it to the point where apt-get install -f wants to fix a lot of packages but after retrieving them I get: E: Couldn't configure pre-depend libc6 for findutils, probably a dependency cycle. Anybody knows how to fix this?
<zul> good morning
<Sandbag> evening
<Sandbag> Can any one in here recomend an irc server daemon for ubuntu server?
<Sandbag> I read that ircd-hybrid is no longer updated
<zul> jamespage: https://bugs.launchpad.net/openstack-ubuntu-testing/+bug/994572
<uvirtbot> Launchpad bug 994572 in openstack-ubuntu-testing "Builds failing" [Undecided,New]
<jamespage> zul: not done that yet
<jamespage> need to switch to maas first - sorry
<zul> jamespage: yeah just filed a bug to nag you
<mardraum> Sandbag: the one you know best man. since you are interested in hybrid, which was popular on efnet, maybe you want to look at ratbox.
<Sandbag> Thanks mardum - thats the one I was lead to.  Here goes nothing...
<Sandbag> *mardraum even ;)
<xpistos> Hello all. I can't find the .torrent for Ubuntu Server 12.04. Can anyone put me in the right direction?
<hallyn> SpamapS: were you going to look at bug 988394 (upstart job woes)
<uvirtbot> Launchpad bug 988394 in autofs5 "Reboot hangs because /etc/rc6.d/S40umountfs chokes on non-existent mounts" [High,New] https://launchpad.net/bugs/988394
<xpistos> oh wait
<xpistos> I think I found it - http://releases.ubuntu.com/precise/ubuntu-12.04-server-i386.iso.torrent
<xpistos> sorry
<SpamapS> hallyn: looking now
<SpamapS> hallyn: looks like slangasek commented. I think he's right. the stop on should be 'stop on deconfiguring-networking'
<zul> hallyn: starting the libvirt merge now
<hallyn> zul: cool
<ttx> adam_g: around ?
<hallyn> kirkland: around?
<claude2> if i have a running process referencing a symlink, then change what that link points to, does anyone know what the still-running proceses sees?
<hallyn> kirkland: fwiw, for q i'm about to merge debian's seabios.  previously we always had our own.  but since we'll merge debian's qemu-kvm too (hopefully)...
<hallyn> well, maybe i should wait until after the uds session
<hallyn> all right you've convinced me, i'll wait :)
<hallyn> claude2: if by 'referencing a symlink' you mean it has opened the file it points to, then it won't see a change
<hallyn> the open file is to the target inode
<claude2> awesome. thanks hallyn
<JamesB> Howdy... I've used aptitude to add the apparmor package, but aa-status still says apparmor module is not loaded
<JamesB> This is with 12.04
<JamesB> Any idea why this might be?
<hallyn> JamesB: shouldn't even have needed to add apparmor package....  how did you install the system?
<JamesB> It's just a standard Linode install
<JamesB> Do you think they screwed it up somehow, then?
<hallyn> Dunno - what does 'grep -i apparmor /boot/config*' show?
<hallyn> and what is in /proc/cmdline
<JamesB> root=/dev/xvda xencons=tty console=tty1 console=hvc0 nosep nodevfs ramdisk_size=32768 ip_conntrack.hashsize=8192 nf_conntrack.hashsize=8192 ro  devtmpfs.mount=1
<JamesB> and there is no directory /boot/config
<JamesB> lsb_release -a shows 12.04... however oddly uname -a shows kernel 3.0.18
<JamesB> whereas Wikipedia suggests it should have kernel 3.2.14... very strange really
<hallyn> Yeah I'm guessing the xen kernel there doesn't have apparmor enabled
<hallyn> mount | grep security ?
<hallyn> then look under that directory.  (hopefully it's /sys/kernel/security)
<hallyn> if it doesn't have 'apparmor' then the kernel doesn't have it
<hallyn> ask linode if they can enable it i guess...
<JamesB> mount lists nothing
<JamesB> How very annoying. Rackspace didn't have these screwy kernel problems. Teach me to try saving $5 :P
<jkyle> how can I get the dependencies for a .deb?
<gary_poster> jkyle, look at apt-cache
<jkyle> for a .deb file?
<gary_poster> hm, of a .deb, jkyle; may or may not work, but worth a check
<gary_poster> yeah prob not sorry
<jkyle> :)
<jkyle> yeah, it searches for a package with name "foo.deb"
<Tzunamii> dpkg -I file.deb
<oal> I upgraded my server to 12.04 but it no longer connects to the internet after a reboot. Any ideas?
<resno> oal: does it have an ip/ nic is active and working?
<resno> can you ping it?
<oal> resno: nope
<resno> if its disappeared, can you login on the phyiscial machine?
<oal> resno: yes, I have logged in to the physical machine, ifconfig tells me it has no ip
<resno> do you know which eth is your connection on?
<oal> I'm not a command line ninja, so maybe this is just a one liner to get it fixed
<oal> resno: eth0?
<resno> ifconfig eth0 up
<resno> i think that should do it
<oal> resno: no difference, I'm afraid
<resno> how did it respond?
<oal> No errors or anything, it just ran the command
<Tzunamii> Sounds like a driver issue
<resno> and so it begins... :(
<Tzunamii> jkyle: Did you get my response earlier?
<oal> resno: This is a hp laptop (yes, a laptop, but I use it because it gives me an hour extra before it suddenly cuts off).
<oal> ... in case of a power outage
<gary_poster> hallyn, we had an unusual lxc-start-ephemeral issue today: dhcp leases file didn't exist.  We already wait up to 30 seconds for it to exist.  Should we just up the timeout, or would something like lxcip help, or would you be suspicious of something else?  If it helps, the pertinent bit in the script is http://pastebin.ubuntu.com/967318/ .  The last "if" in the excerpt was false.
<oal> I'll try to reboot it and see if it magically fixes itself
<oal> Wow, it did...
<resno> oal: cool
<stgraber> jjohansen: hey there. Are you aware that the kernel currently in quantal gives stacktraces when starting an LXC container (seems to be related to apparmor/audit), /etc/init.d/apparmor reload is also very slow and complains about the network rules
<stgraber> jjohansen: (I know it's very very early in the quantal cycle and I shouldn't be expecting things to be stable/working at this point ;))
<stgraber> I guess I'll just install Precise's kernel for now
<jjohansen> stgraber: nope I haven't poked at quantal at all
<jjohansen> stgraber: but thanks for the heads up, that means something upstream is probably broken
 * jjohansen hasn't checked that recently either
<stgraber> jjohansen: ok, let me pastebin my dmesg, maybe you'll see something obviously broken in there :)
<stgraber> jjohansen: http://paste.ubuntu.com/967351
<jjohansen> sigh, yeah audit. eparis pushed out a patch changing lsm audit that affected apparmor and /me never got a chance to look at/check it :(
<stgraber> jjohansen: http://paste.ubuntu.com/967358/ is what apparmor reload gives me on quantal :)
<jjohansen> stgraber: yeah it seems the kt dropped a patch when it failed to apply
 * jjohansen will kick them for not pinging /me to fix it
<stgraber> ok :)
<Gallomimia> can someone explain to me how to get an apache install going? i don't even know what to enter into apt tools to see if it's installed :/
<jpds> Gallomimia: sudo apt-get install apache2
<Gallomimia> ahhhhh twooooo
<Gallomimia> thanks
<Pinkamena_D> i am running ubuntu server for about half a year now and recently this has been happening maybe a day or so of server uptime : May  4 11:51:57 xseries kernel: [174049.008015] INFO: rcu_bh_state detected stalls on CPUs/tasks: { 7} (detected by 6, t=4653300 jiffies)
<Pinkamena_D> anyone know how to fix?
<Gallomimia> what release of ubuntu server is running?
<Pinkamena_D> the one before the most recent 11.something
<Pinkamena_D> i know thats not helpful uhh
<Gallomimia> no it is. it only came out 1 week ago
<Gallomimia> some people like to wait more than 1 week before upgrading
<Pinkamena_D> 11.10 generic
<Gallomimia> the more adoption a product has, the bigger upswing there is between tested bugs and found bugs upon release (as in, by users instead of testers)
<Pinkamena_D> anyways that error shows up every 15 minutes or so, and i cant do anything on the server. Background htings like the web server and ftp server keep working, but if i type any commands they do nothing. i have to reboot it
<hallyn> gary_poster: i think using lxc-ip would be best
<zul> hallyn: merging libvirt is not fun
<Pinkamena_D> i can paste the whole syslog is that would help
<hallyn> zul: i know :)  did you look at my old 0.9.9 merge for a start?
<hallyn> i assume you're doing 0.9.11 now or somesuch
<zul> hallyn: no i just went straight to 0.9.11
<hallyn> ok
<zul> hallyn: 32 lines for chanelog entry so far
<hallyn> zul: do you see any bits there that we can push back to debian?
<zul> one or two patches so far
<hallyn> why do we use libvirtd for group when debian continues to use libvirt, for instance?
<gary_poster> hallyn, that's what I thought.  We can make a version of lxc-start-ephemeral that does this.  That won't help Precise though, right?  Not sure if a fix for this kind of problem would even be considered SRU material, and if so, I's guess that a solution that added an entirely new script would not be an easy sell.
<hallyn> i think it greatly improves a bug in lxc-start-ephemeral to use lxc-ip for it, and therefore we may be able to get lxc-ip in as part of that fix
<hallyn> stgraber: ^ what od you think?
<stgraber> hallyn: reading backscroll
<Gallomimia> does this have anything to do with it? https://bugs.launchpad.net/ubuntu/+source/linux/+bug/855684
<uvirtbot> Launchpad bug 855684 in linux "The machine locks up hard on heavy load [SATA errors]" [Undecided,Invalid]
<Gallomimia> Pinkamena_D: seems this bug is related and possibly means it's a kernel bug
<stgraber> hallyn: not sure what's the qestion/problem here. AFAIK lxc-start-ephemeral doesn't currently provide you with the IP address, so I don't see how you'd justify adding lxc-ip through an SRU
<stgraber> unless I'm missing something here
<Pinkamena_D> so, is thewir anything i can do
<Pinkamena_D> that does look like almost the same bug
<Pinkamena_D> i assums the 0 is replaced with a 7 in mine because thats the cpu core that is stalled?
<gary_poster> stgraber, it needs to get an ip address, so it can ssh into the container, in the absence of lxc-attach.  it currently gets the ip address with a dhcp lease parsing hack.  using lxcip, we hope, would be less hacky and more robust.
<Gallomimia> Pinkamena_D: find more. perhaps someone who knows more about the cpu stall bug will pipe up in here
<gary_poster> (you are correct that it does not provide the user with the IP address; it is a consumer of the IP address)
<stgraber> gary_poster: right, but looking at the dhcp lease file isn't something the lxc package does at the moment, it's something you're doing. So you should be carrying lxcip if you want to have it reliable, I don't see a reason for us to SRU it in the lxc package
<stgraber> we certainly want that fixed in 12.10 though and hopefully we'll have an official python module then
<Gallomimia> Pinkamena_D: compare your kernel version to the versions discussed in that bug. i think it's ubuntu cause google got searched. but make sure. there seems to be a fix present
<stgraber> and can then backport 12.10's LXC to 12.04
<gary_poster> stgraber, lxc-start-ephemeral is in ubuntu's lxc; is the distinction you are making that it is not upstream?
<stgraber> gary_poster: no, the distinction I'm making is that lxc-start-ephemeral doesn't deal with IP addresses at all, so the fact that looking at the dhcpd lease file isn't reliable isn't an LXC bug
<stgraber> adding lxcip to lxc post-release would be adding a new feature, not fixing a bug
<hallyn> stgraber: i'd argue that ssh'ing into the container is a core part of lxc-start-ephemeral.  when that doesn't work it's broken/worthless
<gary_poster> right, that's kind of where I was about to go
<stgraber> hallyn: IIRC lxc-start-ephemeral gives you the container name and the matching lxc-console call, not it's IP and ssh command
<hallyn> stgraber: it does also do that, but it's main purpose was to be able to run a command in a ephemeral container as in 'lxc-start-ephemeral <args> -- dosomething'
<hallyn> still i certainly agree adding a new program is not to be taking lightly :)
<hallyn> gary_poster: any ideas on why the leases file wasn't created?
<stgraber> hallyn: oh, now that I actually looked at lxc-start-ephemeral code, what you two are saying makes sense :)
<gary_poster> :-)
<stgraber> hallyn: so yeah, adding lxcip instead of messing with the lease in
<stgraber> lxc-start-ephemeral sounds good
<hallyn> sru time might of course still disagree :)  but it's definately the less hacky fix
<stgraber> yeah, and I know some people will be happy to have lxcip in 12.04 ;)
<stgraber> highvoltage: ^ :)
<rockets> Psi-Jack, are you here :-D
<Psi-Jack> barely
<rockets> lol
<gary_poster> hallyn, the only thing I could figure was that the (EC2) machine was under heavy load (seven other lxcs initializing and running things inside them) and 30 seconds was not enough.  I've gotten two of those failures today so I'm trying to simply bump the timeout up to 60 to test that hypothesis.
<Gallomimia> Pinkamena_D: did you find out what kernel your server is running?
<gary_poster> hallyn, stgraber: fixing with lxcip: cool, we can make a first stab at it if that helps.  I'll file a bug now.
<Pinkamena_D> how do you find that out
<Gallomimia> hm. i'm not too sure. i'm a bit of a noob.
<Pinkamena_D> me too
<Pinkamena_D> ;)
<Pinkamena_D> be back in a little bit...
<Gallomimia> alright let's be noob together. go find out how in some manuals. i think a related command is called uname
<bazhang> uname -r
<Gallomimia> ty bazhang
<Gallomimia> amazing. i completely couldn't remember uname until you caused me to think about it Pinkamena_D.
<highvoltage> stgraber: hehe
<highvoltage> (indeed)
<RamJett> How do I make sure all the dependencies, like network, database, etc. are running before a service starts. I'm having a problem with glance-registry loading before the network dev and database is up. So I then have to go in and manually start after a reboot
<Patrickdk> just edit the upstart script in /etc/init to make sure it depends on networking and database
<Patrickdk> I did that for postfix, to depend on dovecot being up, works so much better now
<Patrickdk> since postfix won't start if dovecot auth file doesn't exist
<RamJett> Where do I get documentation on the /etc/init/*.conf syntax. I've messed with it, but something isn't right.
<RamJett> I changed "start on (local-filesystems and net-device-up IFACE!=eth2)" it was "start on (local-filesystems and net-device-up IFACE!=lo)" .. I still have the problem
<RamJett> It also has "respawn" set. Which seems to work for glance-api .. but not glance-registry
<JamesB> Is there any way with AppArmor to determine what file a DENIED dac_override capability is for?
<adam_g> RamJett: what version of glance are you using? that was fixed upstream to retry database connection on startup, to avoid what you are seeing
<Aison> after upgrade to precise, I get this error when I try to start mysql server
<Aison> init: mysql pre-start process (7861) terminated with status 1
<Aison> no idea what's up
<RamJett> adam_g: glance 2012.1 . It's what is latest LTS 12.04 . I will see what the upstream looks like
<adam_g> RamJett: its the same. what does /var/log/glance/glance-registry.log show during its failed startup?
<RamJett> adam_g: Not sure right now on exact error, but something about not being able to bind, syslog log says "init: glance-registry main process (1435) terminated with status 1" ..rep 11ist times "glance-registry respawning too fast, stopped"
<RamJett> glance-registry error .. Error configuring registry database with supplied sql_connection ... (OperationalError) could not connect to server: Connection refused"
<RamJett> adam_g: biggest difference than most I think. I'm running with postgresql instead of mysql that most online docs use
<adam_g> RamJett: hmm, yeah, the workaround to get glance started up with database retries is mysql-specific. can you file a bug? we should get get that fixed for postres too
<thomasu> anyone familiar with dovecot here?
<RamJett> So I put a 3 second sleep in there so the respawn won't fail because of respawn too fast. But I will see about filing a bug for it. I imagine all the openstack processes are complaining on startup
<RamJett> adam_g: Do you know where the mysql specific bug got filed? So I can do in the same place.
<adam_g> RamJett: https://review.openstack.org/#/c/5938/
<RamJett> thank
<adam_g> RamJett: the fix is outside of packaging/upstart and in the actual glance-registry itself
<adam_g> Daviey: around?
<stgraber> hallyn: hmm, I'm sure I saw someone mention this in the past, but why exactly isn't "lxc.aa_profile = unconfined" working in 12.04?
<hallyn> uh, it is.  should be.
<hallyn> not for lxc-execute
<hallyn> oh no, that is the only one that *does* work for lxc-execute :)
<stgraber> root@castiana:~# sudo lxc-start -n ubucloud-precise
<stgraber> lxc-start: No such file or directory - failed to change apparmor profile to unconfined
<hallyn> oh, right,
<stgraber> (noticed that when trying the examples from my upcoming blog post ;))
<hallyn> i think jjohansen was pushing a fix
<hallyn> jjohansen: ^
<stgraber> I'm talking about LXC nesting, but for cgroup-lite to work, I need to move to unconfined (easier than writing a custom profile for it)
<jjohansen> stgraber, hallyn: yep its one of the fixes that is coming
<stgraber> jjohansen: cool, I'll work around it for now by linking an apparmor profile that's working with nesting then.
<hallyn> stgraber: jjohansen: ppa:serge-hallyn/userns-natty shoudl soon have a new quantal kernel with eric's userns patches ready for testing, btw
<hallyn> jjohansen: what's the approx eta on the unconfined fixes/
<jjohansen> hallyn: hrmm, let me pester kt
<jjohansen> hallyn: well it will depend on the timing of the next kernel upload, I expect next week to mess things up a little
<hallyn> ok, thanks.  (i just ahd figured it would've happened this past week)
<stgraber> hallyn: still working on my apparmor profile for nested containers, I think we should include it in the lxc package for quantal once it's done, so people have an example of an alternate profile
<hallyn> stgraber: sounds great
<RamJett> Does anyone know a good Fiber 1000base NIC that works with Ubuntu? It needs to be Multi Mode
<Patrickdk> ramjett, pretty much any?
<Patrickdk> just get an intel one :)
<RamJett> Nice. I've always used ImageStream routers in the past if I needed them with fiber, but the company I'm working with now needs me to get it from Dell. Dell just told me .. the do not know any 1000base fiber .. let us know a part number and we'll see if they are one of our vendor. They did mention Intel being one
<stgraber> hallyn: http://www.stgraber.org/2012/05/04/lxc-in-ubuntu-12-04-lts/ <-- will be appearing on Planet Ubuntu in a few minutes
#ubuntu-server 2012-05-05
<hallyn> stgraber: i don't remember whether overlayfs based ephemeral contaienrs are actually working or not
<hallyn> with apparmor anyway
<hallyn> post looks great :)
<hattorihanzo> so i need some advice
<hattorihanzo> i have a custom c app server that crashes when its memcache connection to another box drops
<hattorihanzo> im thinking of a simple proxy to just hold the connection on the localhost, and forward to the other box
<hattorihanzo> and reconnect if it fails
<hattorihanzo> is there anything like this before I go an write my own
<Canadian1296> I'm setting up a VPN server (L2TP authenticating with IPSec) for my iPod Touch, and I have it basically set up, but it fails. auth.log: http://paste.ubuntu.com/968185/
<Canadian1296> I'm setting up a VPN server (L2TP authenticating with IPSec) for my iPod Touch, and I have it basically set up, but it fails. auth.log: http://paste.ubuntu.com/968185/ (Sorry if this is a double-post, the first isn't showing up in my client)
<Canadian1296>  /exit
<Canadian1296> oops
<stgraber> hallyn: just noticed a bug in lxc-ubuntu, my multi-arch trick hardcodes ":amd64" for most of the packages I'm installing instead of using ":${hostarch}" for all of them...
<stgraber> hallyn: apparently everyone who tried it were on an amd64 system...
<stgraber> hallyn: I'm pushing the fix to quantal now, but this should go as an SRU once the curent one (-3ubuntu54) hits -updates
<rcsheets> in a vnc session using gnome (gnome.session, not ubuntu.session), my power menu is empty. is that normal?
<intore> hi, am configuring pam_mount on my client ubuntu to mount home directories on the client from the server samba-ldap. I fear to make mistakes. Someone knows this subject and could follow me please?
<sarthor> Hi, In ubuntu-server 11.04, I used to write my dns forwarders in /etc/bind/named.conf.options, and that use to work fine for me. Now in the 12.04 where ia m writing entry in /etc/resolv.conf "nameserver 127.0.0.1", So whith the next reboot, computer wash that entry and then my name.conf.option is useless, How to solve this problem, where to put the forwarders and how to tell to /etc/resolv.conf not to delete the manual entries.
<remix_tj> sarthor: does the forwarders remain into the bind configuration?
<sarthor> remix_tj, yes
<remix_tj> so the problem is only resolv.conf that gets overwrited... are you using static ip'
<remix_tj> -?
<sarthor> yes. here is my network/interfaces file. I written dns later.. before it was not here, when i was asking.. http://paste.ubuntu.com/968661/
<sarthor> now this machine is resolving, but i wan to use as route, and that clients can resolve via thish computer.
<remix_tj> sarthor: i think the problem is dns-nameserver voice in interfaces overwrites resolv.conf
<remix_tj> you can remove the dns-nameservers voice, so the voices in resolv.conf does not gets overwritten
<sarthor> How?
<sarthor> remix_tj, I am not expert
<remix_tj> sarthor: you can disable that voice editing the file and putting a # before each dns-nameserver voice
<remix_tj> then you can insert the nameserver you want in the resolv.conf file
<remix_tj> then try rebooting, it should work
<sarthor> which file to edit and where to put "#" sign?
<remix_tj> /etc/network/interfaces ?
<sarthor> that interfaces file was like this http://paste.ubuntu.com/968672/ and then the /etc/resolv.conf was empty
<remix_tj> yeah that's correct
<remix_tj> you can do things:
<remix_tj> 1) return with the interfaces file that you posted 3 rows ago
<remix_tj> 2) insert into that file the voice dns.nameservers 127.0.0.1
<remix_tj> sorry
<remix_tj> dns-nameservers 127.0.0.1
<remix_tj> so the /etc/resolv.conf file gets populated with the correct nameserver
<sarthor> http://paste.ubuntu.com/968679/ remix_tj  In this case my /etc/resolv.conf remain empty nameserver 127.0.0.1 use to del automatically
<remix_tj> ok sarthor
<remix_tj> so insert
<remix_tj> dns-nameservers 127.0.0.1
<remix_tj> in that file on the correct place
<remix_tj> then you'll get the correct content for /etc/resolv.conf
<sarthor> remix_tj, http://paste.ubuntu.com/968684/ is good , this /etc/resolv.conf
<remix_tj> no! dns-nameservers is an option for /etc/network/interfaces file!
<sarthor> remix_tj, yes. i got now. I use to think sometime. but you guded me very soon
<koolhead17> hi all
<SpamapS> koolhead17: howdy!
<SpamapS> koolhead17: you bound for the US yet?
<koolhead17> SpamapS, am good. thanks :)
<koolhead17> yes am in HK waiting for my flight
<koolhead17> SpamapS, good morning to you sir. :)
<SpamapS> koolhead17: interesting place to stop over. :)
 * SpamapS reviews the latest updates to the SOLR charm
<koolhead17> SpamapS, waoo. SOLR charm. :)
 * koolhead17 has owncloud upgrade pending 
<SpamapS> yeah solr should be interesting
<airtonix> solr is kind of a pain in the rear to setup
<koolhead17> airtonix, thats why we will have charm to use :)
<SpamapS> airtonix: yeah, in theory, it will only be a pain for users who resist juju. ;)
<koolhead17> SpamapS, :P
<koolhead17> i see lots of Openstack+juju relative conversation for coming days :)
<koolhead17> hola lynxman
<airtonix> i don't really understand juju... does it spool up a new ec2 instance just for solr in this particular context of our conversation?
<koolhead17> airtonix, juju does much more stuff. check juju.ubuntu.com it has detailed info
<SpamapS> airtonix: It does have a tight coupling w/ provisioning right now yes. juju wants an infinite-ish cloud like EC2 to scale out your architecture. :) But it turns out its also pretty awesome for spinning up nodes on a more limited basis w/ MaaS or a private openstack cloud.
<airtonix> i already use ec2 for our business
<SpamapS> airtonix: one of the reasons it wants to spin up its own instances is that having a clean instance makes writing charms a lot easier
<airtonix> i understand
<airtonix> i'd like to use the concept, but it requires a restructure of how our code works
<SpamapS> airtonix: right, its abstracting away the cloud API to allow cross-cloud operation
<blendedbychris> any pacemaker / stonithd users around?
<SpamapS> airtonix: you wouldn't be the first person to ask for a way to just use juju w/ some other provisioning system
<blendedbychris> I dont have a kvm device for stonith to run power off on but i have an api from my providerâ¦ was trying to figure out how to make a script to run that instead
<SpamapS> blendedbychris: I believe you'd want to write a stonith plugin
<blendedbychris> SpamapS: oh?
<blendedbychris> that does make sense heh
<blendedbychris> SpamapS: are you aware of documentation to write this?
<blendedbychris> ooh found /usr/lib/stonith/plugins/external a bunch of scripts
<blendedbychris> :)
<koolhead17> SpamapS, see you soon
 * koolhead17 leaves for his flight :)
<blendedbychris> hey SpamapS quick file organization question if you don't mind â¦ where would you store something like http://sldn.softlayer.com/article/Perl for use in one of those stonith scripts?
<blendedbychris> the question is where do you store libraries like that
<blendedbychris> on the filesystem normally
<SpamapS> blendedbychris: no clue, its been *years* since I played with stonith
<SpamapS> blendedbychris: usually something like /usr/lib/programname/libexec/foo.so
<SpamapS> blendedbychris: but really, most of those types of systems will have some helper build tools for things like that
<blendedbychris> SpamapS: what do you mean?
<blendedbychris> helper build tools..
<blendedbychris> i'm having to write a stonith script with this http://sldn.softlayer.com/article/Getting-Started
<blendedbychris> so i was like well, step one, where to put the librar
<hallyn> stgraber: ok, thanks.  I need to sit down with paper and pen sunday night or monday and make a list of the things to queue up in SRU.  bc -54 is going to be 4 more days (i think) before clearing, and dont' want to serialize them all :)
<hallyn> stgraber: can you add a 'needssru' tag to that bug?
<hallyn> gotta go - ttyl
<clerk> I didnt have a storage device available during the ubuntu server 12.04 installation. Can I add a 500gb drive as the /srv data storage device after the install ?
<qman__> yes
<clerk> Thats good to know thanks
<clerk> Is there any documentation that could guide me through that process ?
<clerk> I suppose I could add gparted to the server partition?
<qman__> make partitions with fdisk or parted, format with mkfs, add to /etc/fstab
<qman__> the manuals for each should contain all the info you need
<clerk> are man available from the server os ?
<qman__> yes
<pmp6nl> Hello all, is it safe to have the owner of files be www-data for a server?
<qman__> pmp6nl, generally no
<pmp6nl> qman__, ok, I have set wordpress files to that otherwise it wont let me upgrade modules via the web interface
<qman__> well, wordpress generally isn't safe either
<pmp6nl> qman__, oh?
<qman__> pmp6nl, http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=wordpress
<pmp6nl> qman__, good to know.thnaks
<qman__> there are ways to mitigate the risk but it's just not written very securely
<qman__> you're taking a chance with it
<qman__> plan to get hacked
<pmp6nl> qman__, ok, thnaks
<pmp6nl> If I create a new user should they automatically have access via sftp or do I need to do something special?
<greppy> pmp6nl: by default, they should have access, unless you have put some restrictions in /etc/ssh/sshd_config
<pmp6nl> greppy, what would I look for in /etc/ssh/sshd_config that may cause issues?
<qman__> the default configuration allows it
<greppy> pmp6nl: look in the man page for the AllowUsers, DenyUsers
<qman__> you must have specifically changed the settings with some match rules and permissions
<qman__> if you can't SFTP with a default config, chances are the user's shell is not a valid shell
<qman__> if you want them to be SFTP only, change their shell to /usr/sbin/nologin
<qman__>  /bin/false will not work
<pmp6nl> greppy, qman__ ok. Thanks
<clerk> I have a 500 gb drive that is 2 partitions ,one fat32 one ntfs. Each partition, has files that I would like to save . Essentially I would like to just add the disk as a /srv device. Can I do this?
<clerk> Must I format to add a storaGE DEVICE ?
<clerk> Must a storage device be formatted before it can be added as a /srv device I guess would be my question...
<jkyle> anyone successfully creating 802.3ad bonds on 3.x kernels? e.g. 12.04
<chunk_> I've followed the instructions from https://wiki.ubuntu.com/ServerTeam/MAAS/Juju evrythinks working fine into I deploy the mysql server it install fine but won't startup using ubuntu 12.04 server
<guntbert> chunk_: no experience with juju here - but what does mysql say when you try to start it?
<chunk_> 2012-05-05 21:00:36,318 unit:mysql/2: hook.output ERROR:     except subprocess.CalledProcessError: NameError: name 'subprocess' is not defined
<guntbert> chunk_: sorry, thats definitely beyond my depth - you might want to send that (complete) log to a pastebin though for the next one who tries to help
<virusuy> gents
<guntbert> chunk_: I just had a look at the web site you mentioned: did you try to deploy (for instance) wordpress? (without mysql) - just to see if the deployment process works
<RoyK> I just installed sympa from the repo, and it grabbed sendmail on its way - would it be hard to make it use postfix instead?
<guntbert> RoyK: you could try to install postfix and then remove sendmail - or you could have a look at the dependencies
<RoyK> I'd guess installing postfix will remove sendmail
<stgraber> RoyK: sudo apt-get install sympa postfix
<stgraber> that works fine here, so it doesn't explicitly depend on sendmail
<stgraber> it only depends on default-mta | mail-transport-agent,
<stgraber> which is provided by all mtas providing the sendmail command (including postfix)
<chunk_> yeah wordpress works
<wlan3> Hi, I'd like to know how to have a bittorrent tracker up and running at my server.
<RoyK> stgraber: thanks
<chunk_> http://paste.ubuntu.com/970119/
<RoyK> !ask
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<Psi-Jack> Man alive!
<Psi-Jack> These OpenLDAP AND KerberosLDAP docs on ubuntu's wiki REALLY needs some work.
<Psi-Jack> heh
<RoyK> yeah
<Psi-Jack> It took forever to piecemeal it all together to get it all right.
<wlan3> !patience
<ubottu> Don't feel ignored and repeat your question quickly; if nobody knows your answer, nobody will answer you. While you wait, try searching https://help.ubuntu.com or http://ubuntuforums.org or http://askubuntu.com/
<Psi-Jack> Curious.
<Psi-Jack> When you have a few PPA's, is there any safe preparations to do to help insure a dist-upgrade is successful?
<Psi-Jack> Like, the only PPA I have on my storage servers (currently running 11.10 with the intention to upgrade to 12.04), is the ZFS PPAs because I use ZFS.
<cwillu> Psi-Jack, "don't use dist-upgrade"
<cwillu> do-release-upgrade handles quirks that would/could otherwise break a dist-upgrade
<Psi-Jack> Right.
<Psi-Jack> That's what I was doing.
<Psi-Jack> It just disables the PPA's it seems.
<Psi-Jack> Meaning, I'll have to manually update those after the system is already upgraded, to manually re-enable them and adjust them as needed before rebooting.
<cwillu> I believe it also yes
<cwillu> er, just yes
<Psi-Jack> Okay, well, here goes. ;)
<cwillu> I mean, if you have backups, it's pretty easy to recover from just about any screw up
<Psi-Jack> Thankfully, I trust my ZFS stuff. ;)
<cwillu> and if you don't have backups, you have no business running a server
<cwillu> zfs is not a backup
<cwillu> (no, really)
<Psi-Jack> And yes. I have backups. heh
<cwillu> if you can't take it with you to mexico while the server is still running, it's not a backup :p
<Psi-Jack> I actually got two little ReadyNAS boxes with 2TB Raid1's for the very purpose of backups.
<Psi-Jack> So far, so good. It's updating the replacement packages now. :)
<Psi-Jack> Storage servers basically just has JEOS with some extras added for network file shares.
<Psi-Jack> Heh. it's actually my desktop I'm most worried about. LOL
<Psi-Jack> Sweet!
<Psi-Jack> Flawless upgrade.
#ubuntu-server 2012-05-06
<ruben23> hi guys do we have packages..? ha on ubuntu server and also MON..?
<Psi-Jack> Huh?
<Psi-Jack> Totally made no sense, ruben23
<ruben23> Psi-Jack:sorry ---> i mean does ubuntu server 10.04 LTS have hearbeat packages also MON packages...?
<Psi-Jack> heartbeat? Deprecated, not supported, not recommended. Pacemaker has superceded heartbeat.
<jacobthetechguy> I tried a do-release-upgrade -d from 10.04 and it failed due a bug in slapd.  The server is in that state still. The fix has been put into proposed. How do I make the release upgrade use the proposed package?
<blendedbychris> i didn't think it made the upgrade process fail?
<jacobthetechguy> Yeah it did...
<jacobthetechguy> Bug number 990742
<timerseven> Question about ubuntu ec2 setup -- very n00b
<van7hu> hi everyone
<van7hu> what's the kdc package of kerberos that ubuntu using?
<van7hu> MIT, Heimdal or anything else?
<aljosa> i'm getting "/usr/lib/lxc/templates/lxc-ubuntu-cloud: line 240: type: ubuntu-cloudimg-query: not found" when using "lxc-create -t ubuntu-cloud ...". any ideas?
<koolhead17> hi all
<memoryleak> hi
<nibalizer> hi
<mattt> hai
<RoyK> hei
<EMKO> i upgraded ubuntu to 12.04 and now i cant figure out why mysql wont start i get this ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)
<RoyK> EMKO: check the logs
<EMKO> where can i find that logs? is it /var/log/mysql.log ?
<oCean> EMKO: there are several, but you might be interested in /var/log/upstart/mysql.log
<oCean> EMKO: you have tried restarting mysql, and then this error apears?
<EMKO> i tried removing mysql and reinstalling it
<oCean> and now?
<EMKO> failed on root password setup
<oCean> failed?
<EMKO> it said it could set the new root password
<EMKO> couldn't
<EMKO> im tried right now so i just restored my older ubuntu for now will try upgrade it later again :(
<oCean> is the mysql server currently running?
<oCean> ok, we could do some checks, but it sounds you already chose to restore
<EMKO> yea sorry
<oCean> no problem
<EMKO> i was trying to figure this out for a couple of hours
<EMKO> but thanks anyways
<oCean> welcome, and if it fails again, don't worry just ask here
<EMKO> i have a feeling it was something to do with my.cnf that i didnt choose to update when it asked
<Jwl81> Hi, I need help with Japanese filenames in ubuntu server. They're all showing up as ???? and my samba share sees them as alpbabets+numbers. I suspect i need to mount it correctly but I've used '	sudo mount -t vfat /dev/sdc1 /media/HERMES -o uid=1000,gid=1000,iocharset=utf8,dmask=027,fmask=137' and I've installed the fonts 'sudo apt-get install ttf-takao'
<Jwl81> what else do I need to do?
<miceiken> My server seems to be unable to resolve hostnames since I upgraded to v12. What do I do?
<andol> miceiken: I wonder if it might be resolvconf being used by default which bites you. Do you have your expected resolvers listed in /etc/resolv.conf?
<Jwl81> andol: can you see if i made a mistake with my mount command? '	sudo mount -t vfat /dev/sdc1 /media/HERMES -o uid=1000,gid=1000,iocharset=utf8,dmask=027,fmask=137'
<Jwl81> japanese file names are still showing as ?????
<andol> Jwl81: I really don't have any experience with FAT filesystems and charsets.
<Jwl81> alright. thanks.
<jsmith-argotec>  I tried to upgrade from 10.04 to 12.04 with do-release-upgrade -d but it failed due to slapd not installing properly
<jsmith-argotec> there is a bug on it and a fix in proposed but... how in the world do I get the server to do-release-upgrade using a -proposed package?
<jsmith-argotec> (server is in the failed to upgrade and tried to undo state right now - haven't rebooted or anything)
 * koolhead17 SpamapS "good morning from SF sir"
 * koolhead17 is feeling so lazy 
<blendedbychris> anyone around to explin iostat-x
<blendedbychris> does a consisten wkB/s of 429.96 mean it's writing that alot?
<blendedbychris> writing the the drive*
<pabelanger> Looks like we didn't do a good job testing keystone, bug 944684.  It looks like dbconfig-common doesn't even work properly
<uvirtbot> Launchpad bug 944684 in keystone "Error installing keystone selecting dbconfig-common and sqlite3 as the backend" [Medium,Confirmed] https://launchpad.net/bugs/944684
<Tohuw> What is wrong with my syntax here: ufw allow on eth0 from any to 10.254.7.5 smbd
<qman__> Tohuw, missing 'in' or 'out'
<qman__> i.e. allow in on eth0
<Tohuw> qman__: I tried ufw allow in on eth0 from any to 10.254.7.5 smbd and still get wrong number of arguments
<qman__> also missing proto
<Tohuw> Ah. what does "proto" mean?
<qman__> 'proto smbd'
<qman__> (assuming that's a valid protocol name)
<Tohuw> oh wait, protocol
<Tohuw> duh
<Tohuw> qman__: I found the issue. I mistakenly believed ufw read from init.d, it does not. It reads from /etc/service. I'll just have to make an app profile for smbd. Thanks.
<qman__> yeah, init.d is being phased out, part of the whole upstart thing
<pukeko_> hiya - i have got a degraded /dev/md0 and /dev/md1 but /dev/md2 is ok... (raid1 - two disks with three partitions each) - how do i "fix" this ?
<pukeko_> im pretty sure its an hardware prob
<pukeko_> but i would like to attempt rebuilding it
<jacobw> is logstash packaged for 12.04?
<ikonia> pukeko_: fail the disk and swap it out
<ikonia> or re-add the failed partitions
<ikonia> pukeko_: you sometimes get failed meta devices while others work if there is a lag spinning up the disk
<pukeko_> ikonia: i do not know the syntax to re-add the failed partitions
<ikonia> pukeko_: mdadm --manage /dev/md$ --add /dev/$disk
<pukeko_> ikonia: not "--re-add" ?
<ikonia> I'm not aware there is a "--re-add" option
<ikonia> never heard of that
<pukeko_> brb
<pukeko_> ikonia: ah thats better - it appears to be rebuilding ( the Dell BIOS alerted to a disk error also so /dev/sdb's days could be numbered )
<ikonia> understood
<ikonia> that option has always worked fine with me, so I wouldn't worry
<miceiken> My server seems to be unable to resolve some hostnames since I dist upgraded, any ideas?
<miceiken> Although from googling it seems like it may be a package error
<RoyK> check /etc/resolv.conf
<Aison> how can i temporary disable this check in the kernel? sd 10:0:0:0: ioctl_internal_command return code = 8000002
<Aison> oh, sorry
<Aison> I mean TCP: Possible SYN flooding on port 8080. Dropping request.  Check SNMP counters.
<Aison> I would like to test the server with flooding 8080
<miceiken> what about it RoyK
<miceiken> nameserver 81.167.36.3
<miceiken> nameserver 81.167.36.11
<RoyK> hm... and if you type "host asdf.com", does it look that up?
<miceiken> RoyK then it must be ZNC package
<Resistance> miceiken:  are you having trouble with ZNCs?
<ball> For an application where we want to be able to grow a filesystem with our data, is it sensible to have an lvm pool with underlying RAID-1 pairs?
<Resistance> miceiken:  what's the issue(s) you're having?  I may be able to help a bit
 * Resistance doesnt have backlogs
<Deathvalley122> hello can anyone tell me how the dns's stayed saved on boot up?
<Resistance> Deathvalley122:  can you be more specific?
<Deathvalley122> Resistance: the DC messed up my dns and the repos for my server is not resolving and when I put the nameservers in the resolv conf and I reboot the server it does not stay saved
<pdtpatr1ck> Deathvalley122: are u using static? if so -- in ur /etc/network/interfaces -- add dns-nameservers <ip addy>
<Deathvalley122> http://pastebin.com/DKSdCDt6
<Deathvalley122> yes
<Deathvalley122> I tried that
<Deathvalley122> and I when I rebooted it got erased
<pdtpatr1ck> pastebin ur interfaces file please
<pdtpatr1ck> if u don't mind
<pdtpatr1ck> Deathvalley122: so here's an example of mine
<pdtpatr1ck> http://paste.ubuntu.com/972462/
<Deathvalley122> does it stay saved on reboot?
<pdtpatr1ck> yup
<pdtpatr1ck> if u add it manually to /etc/resolv.conf -- it'll get wiped
<pdtpatr1ck> adding it to /etc/network/interfaces  is best idea
<pdtpatr1ck> Deathvalley122: you can read more here: http://manpages.ubuntu.com/manpages/lucid/man8/resolvconf.8.html
<Deathvalley122> ok
<Deathvalley122> I am trying again
<pdtpatr1ck> k
<Deathvalley122> http://pastebin.com/U4m0nFX0 pdtpatr1ck
<pdtpatr1ck> ur missing dns-nameservers and dns-search
<Deathvalley122> ya
<pdtpatr1ck> http://pastie.org/pastes
<pdtpatr1ck> so it would be something along those lines
<pdtpatr1ck> adjust to fit your environment
<Deathvalley122> well I dunno what to put as the dns search pdtpatr1ck
<pdtpatr1ck> when u do something like "nslookup google.com "
<Deathvalley122> oh
<pdtpatr1ck> it should give u a name of a server
<Deathvalley122> ok
<Deathvalley122> rebooted the server
<Deathvalley122> its set to static
<Deathvalley122> but I dunno
<pdtpatr1ck> k
<pdtpatr1ck> meaning ?
<Deathvalley122> pdtpatr1ck: http://pastebin.com/4cq8AwRJ didn't work still not resolving the repos
<pdtpatr1ck> please paste your correct interfaces file
<pdtpatr1ck> also ping yahoo.com
<pdtpatr1ck> does that work ?
<koolhead17> Daviey, lynxman ping
<Deathvalley122> pdtpatr1ck: http://pastebin.com/r9dDqT7S http://pastebin.com/ju6x4k4L
<pdtpatr1ck> your network settings aren't correct
<pdtpatr1ck> do this
<pdtpatr1ck> comment out the static entry
<pdtpatr1ck> change it to "iface eth0 inet dhcp"
<pdtpatr1ck> then save it
<pdtpatr1ck> and run "dhclient"
<pdtpatr1ck> once u get an IP
<pdtpatr1ck> take note of what is generated in /etc/resolv.conf
<pdtpatr1ck> then when creating your static entry, make sure you remember all those details, ur dns server, default gateway, the subnet mask etc.
<Deathvalley122> when you mean comment it out do you mean putting a #?
<pdtpatr1ck> yup
<Deathvalley122> ok do I reboot to find out what is generating?
<pdtpatr1ck> nope
<pdtpatr1ck> just save the interfaces file
<pdtpatr1ck> then type "dhclient eth0"
<pdtpatr1ck> it will take couple of seconds and then receive an offer
<pdtpatr1ck> once it is complete
<pdtpatr1ck> run "ip addr show eth0"
<pdtpatr1ck> this should give u the ip address and the subnet mask and broadcast
<pdtpatr1ck> then run "route -n" to get your default gateway
<pdtpatr1ck> you can see your dns settings in /etc/resolv.conf
<pdtpatr1ck> then put all that together and create your static entry
<Deathvalley122> I am not sure what its doing
<Deathvalley122> lol
<pdtpatr1ck> btw - u don't need to reboot each time. Once u make ur changes, ur free to test by trying to update. If they don't work, then u did something wrong
<Deathvalley122> no output just stuck on that command
<pdtpatr1ck> dhclient is going to request an IP from ur DHCP server or it will ask ur ISP for an IP
<Deathvalley122> nothing comes up
<Deathvalley122> its just stuck on there
<pdtpatr1ck> give it a second or two
<pdtpatr1ck> how is this server connecteD?
<pdtpatr1ck> is it directly connected to the public ?
<pdtpatr1ck> or is this internal and connect to a switch or a router ?
<Deathvalley122> I dunno its from a DC
<Deathvalley122> my guess is that they use vlan
<pdtpatr1ck> i c
<pdtpatr1ck> is there another server within the same VLAN ?
<Deathvalley122> I .... dunno pdtpatr1ck
<Deathvalley122> my guess is they really messed up something pdtpatr1ck
<pdtpatr1ck> well u gonna have to do some digging around or ask someone. U've got to know how the server is connected. If there's no DHCP server then it is not going to be able to just pull IPs. If it is directly connected to the public (which would be weird) then u need to know whether ur ISP gave u static address and if so, they'll usually give u more information along with the IPs to be able to properly setup your network.
<pdtpatr1ck> so ur going to have to do some leg work
<pdtpatr1ck> Goodluck
<Deathvalley122> thanks pdtpatr1ck I will just have the DC deal with it
#ubuntu-server 2013-04-29
<LargePrime> Hello.  12.0 server on a dedicated host.  what is the best way to add virtual hosts?  link or google?
 * Fieldy is confused
<azazel91> can somewho tell me why i am unable to connect to localhost
<patdk-lap> explain, connect to localhost
<azazel91> the main index page its suppose to show a message on the screen
<patdk-lap> then, there is atleast one of the following 3 issues
<patdk-lap> webserver not running
<patdk-lap> webserver not listening on localhost
<patdk-lap> firewall blocking localhost
<azazel91> well does restarting apache 2 count i tried it and i failed
<patdk-lap> that doesn't count for anything
<patdk-lap> have you check the output of netstat -atnp
<azazel91> no whats that for
<Calphool> Hello
<Calphool> Does anybody know how to disable the Super key over XRDP?  It seems to be stuck on, and I don't even care about it, but it prevents me from typing the letter L when running over RDP.
<Calphool> It also screws up the enter key
<patdk-lap> happens for me using rdp sometimes, I normally just hit the superkey a few times to unstick it
<Calphool> Unfortunately I remote with a thinkpad, and it doesn't even have a super key... I'm looking for a way to disable the super keys altogether.
<patdk-lap> heh?
<patdk-lap> I do also, and every thinkpad I have seen has it
<patdk-lap> it's kind of required, expecially for win8
<Calphool> Thinkpad T42 has no super key
<Calphool> When I remote with a Mac, I have the same problem, and nothing seems to make the Super key go away there either.
<Calphool> I've disabled every super key combination that's in the ccsm app, but apparently Super+L is something special.
<Calphool> How is it that I always end up with the bugs nobody has ever heard of?
<Calphool> :-)
<patdk-lap> well, super+l in windows is lock screen
<patdk-lap> in ubuntu, I forget exactly what it is, it changed recently though
<Calphool> Yeah, and apparently in 12.04 as well.
<patdk-lap> well, it changed before 12.04
<Calphool> It locks, and then asks me to give a password
<Calphool> ...but all I'm tying is an L
<Calphool> There are bug reports all over the place that are similar regarding the D key, but mine is the L key.
<Calphool> I've tried 3 different RDP clients on 3 different machines, and they all do it, so I'm pretty sure it's something wrong with xrdp.
<Calphool> ...but I've updated xrdp, and it doesn't fix it.
<Calphool> The D key work around is simply to unmap super-D in the keyboard applet, but that doesn't work for Super+L, because it's not in there.
<patdk-lap> it can be unmapped
<patdk-lap> I have remapped it before
<Calphool> Any idea how?
<Calphool> I've tried several things.
<Calphool> The only thing I haven't tried is a custom ~/.Xmodmap file, because I don't seem to have one, and I'm not sure how it gets created.
<patdk-lap> http://blog.angeloff.name/post/2012/08/08/ubuntu-12-04-super-key-not-working-in-shortcuts/
<Calphool> Sooo... that's saying I need to accept a new gnome-settings-daemon
<izanagisan> quick question: I selected PostgreSQL during the isntallation of UbuntuServer 12.04, and it installed Postgres 9.1. Should I not select it and manually install Postgres 9.2? I thought even if it was UbuntuServer 12.04, it would fetch the latest version of Postgres
<sarnold> izanagisan: not generally; within each release, we try to keep things stable so there are no surprises upon upgrades
<sarnold> izanagisan: firefox is the only exception I can think of off the top of my head, but that is a bit of a special case because it is too huge to select individual fixes for bugs _and_ upstream does not provide any support for older releases
<Calphool> Hmmm... doesn't appear to be a gnome-settings-daemon in precise-proposed....
<sarnold> izanagisan: there's a slightly similar story with e.g. mysql, where we ship the latest point release -- upstream does not provide support for older point releases, but at least they do support e.g. mysql 5.1, 5.5, and 5.6 for a little while simultaneously..
<izanagisan> sarnold: thanks for the info!. But then, there should be no problem installing Postgres 9.2 manually on 12.04, right?
<sarnold> izanagisan: I would expect that to work, yes :)
<Calphool> hmmm... looks like maybe there was a proposed patch for this bug, but maybe it got stomped.
<LargePrime> I have a user i added to www-data.  They cannot seem to edit files in /var/www.  Sorry for the noobish.  what did i do wrong?
<sarnold> LargePrime: I feel that 'www-data' is misnamed. You should not have your web data actually writable by the webserver -- the webserver should really only have write access to its log files, database sockets if you need them, and a directory for users to upload things if they need to upload things
<sarnold> LargePrime: if it were me, I'd make a new 'www' group and give _that_ group write access to the data. That way you can leave the www-data default alone, even though it is confusing.
 * Guest99994 Free Credit Card - join server IRC NeoIRC Com
 * Guest99994 Free Credit Card - join server IRC NeoIRC Com
<LargePrime> sarnold: that is an interesting oint
<LargePrime> also point
<LargePrime> crap i just blew up all my web pages
<sarnold> LargePrime: eek
<LargePrime> the guys over in apache saved my but
<Daviey> adam_g: approved :)
<Wiz_KeeD> hello everyone
<Wiz_KeeD> I've installed lamp on ubuntu 12.04 (virtual box) with sudo apt-get  install lamp-server^ phpmyadmin
<Wiz_KeeD> now i access the ip address an absolutely nothing happens, and the only thing in /var/log/apache2/error.log is [Mon Apr 29 09:57:51 2013] [notice] Apache/2.2.22 (Ubuntu) PHP/5.3.10-1ubuntu3.6 with Suhosin-Patch configured -- resuming normal operations
<Wiz_KeeD> does anyone have any idea what's wrong?
<greppy> Wiz_KeeD: define "nothing happens"
<sw> Hi, trying to connect to a server running VNC Server via VNC Viewer but getting the error 'VNC Server has no security types configured. Please check VNC Server configuration and try again.'. What's this mean?
<Wiz_KeeD> greppy, the access log doesn't show anything and it simply says page not found
<alanm_> hi al. I have a dell server with dual raid controllers and 10x4TB disks. I have configured two raid 5's with 5 disks each and am trying to use mdadm to raid them together in a raid1 mirror. both raid disks have gpt partition tables and a single maximum size partition (16TB) but no matter what I do, mdadm will only create a software raid of 690GB
<alanm_> i read that dmraid supports petabyte size raidsets
<alanm_> so why does this happen?
<alanm_> sdb: Number  Start (sector)    End (sector)  Size       Code  Name 1              40     31251759070   14.6 TiB    FD00  Linux RAID
<alanm_> sdc is the same
<alanm_> software raid created with:
<alanm_> mdadm --create /dev/md0 --level=1 --raid-devices=2 /dev/sdb1 /dev/sdc1
<alanm_> but results in 690gb raid :(
<alanm_> mdadm --grow max makes no changes
<Jeeves_> Hmm, that's odd
<alanm_> Jeeves_: indeed
<alanm_> it doesn't seem to be a software restriction.. according to google
<alanm_> but i could be wrong of course
<patdk-lap> alanm_, what ubuntu version?
<alanm_> patdk-lap: 12.04
<alanm_> i actually fixed it..
<alanm_> instead of using linux_raid as the partition type, it only seems to work with normal linux partition
<alanm_> which is odd
<alanm_> but it's working now and using the full size of the disks
<patdk-lap> it probably caused mdadm to use an older version
<alanm_> could be
<smoser> roaksoax, around ?
<roaksoax> smoser: here
<smoser> roaksoax, i was trying to follow : http://bazaar.launchpad.net/~smoser/maas/maas-pkg-test/view/head:/maas-ephemeral-test-quantal.txt for raring to test the daily ephemeral images for promotion of raring.
<smoser> it seems the 'node-group-interfaces' sub-command of maas-cli is gone now
<smoser> er..i i guess i'm more specifically interested in how i do the 'node-group-interface' on line 113
<roaksoax> smoser: huh? that cant be possible
<roaksoax> there hasnt been any major changes that prevent that
<smoser> hm.. i have to run. i guess its possible that broke / changed in quantal and i just didn't realize it.
<smoser> but it seems that i can only 'register' a node-group interface via 'node-groups' subcommand
<smoser> dont knwo how i'd upate.
<smoser> i have to run now. i want to get through this today.
<smoser> so i'll bug you later.
<roaksoax> ok
<Sharetel> Hi, as listed on the http://www.redmine.org/projects/redmine/wiki/HowTo_Install_Redmine_in_Ubuntu , I tried the option of usingWEBrick and added the file in /etc/init/redmine.conf . However, when I do service redmine start, I get this error: start: Job failed to start.
<wilmaaaah> hi all
<jamespage> rbasak, did you have another bit of arm goodness for mongodb 2.4.x?
<jamespage> I'm sure you passed me another patch but I can't find it.
<jamespage> xnox, http://paste.ubuntu.com/5616014/
<jamespage> not sure whether I'm looking at a boost 1.53 change or something gcc 4.8 ish - any ideas?
<wilmaaaah> i have a machine with two cpus, a kvm host, 12.04 server edition. now, after a "virsh nodeinfo" only one socket is shown with six cores but all twelve cores show up in /proc/cpuinfo. any ideas on how to go at this?
<mardraum> wilmaaaah: can you test with a newer release, ideally 13.04? libvirt is well known for fun bugs :D
<mardraum> if that's not easy, you should probably raise a bug
<eagles0513875> hey guys i am using amavis + spamassassin + clamav in my postfix + dovecot setup there are emails coming in on a daily basis which are blatent spam yet the server is failing according to the email header due to dkim, and its an amavis softfail.
<eagles0513875> is there a mechanism in amavis that i can set if softfails occur automatically flag them as spam then hardfails flag as spam as well for example
<wilmaaaah> mardraum: you think it's a bug not a config problem? upgrading is impossible, it's a production server. thanks for your opinion
<mardraum> wilmaaaah: I think you should probably raise a bug on launchpad
<wilmaaaah> i'll do so if i can't find anything like that on the webs
<wilmaaaah> first i thought it had something to do with the kernel merging both sockets into one but that doesn't seem to be true, it showed
<hallyn> zul: any reason not to push the 1.0.4 libvirt we were trying to FFE into saucy now?
<hallyn> (suppose we could instaed go straight to 1.0.5-rc1)
<zul> hallyn:  well 1.0.5 is out soon so why dont we wait until then?
<hallyn> we should jsut try not to lose the work we put into making 1.0.4 work is all :)
<hallyn> but ok, don't feel any need for busywork
<zul> hallyn:  shouldnt be busy work just take the stuff we had for 1.0.4 and then bump it
<hallyn> zul: no, pushing 1.0.4 might be busywork, is what i meant
<zul> ah yeah
<hallyn> Daviey: hey, http://cloud-images.ubuntu.com/released/streams/ doesn't exist ?
<utlemming> hallyn: http://cloud-images.ubuntu.com/releases/streams/
<Daviey> yah
<hallyn> Daviey: that was cut-pasted from your blog, fyi
<hallyn> utlemming: thanks
<eodchop> Hey guys. I have a 12.10 server installation. When I go to install mailtutils, it is dragging in a new version of mysql-common that is from 13.04, forcing a system update to 13.04. Is this a bug, any way around it?
<Daviey> hallyn: poop, thanks
<jamespage> adam_g, any chance you can review https://code.launchpad.net/~james-page/charms/precise/quantum-gateway/cond-restart/+merge/158791
<rbasak> jamespage: I don't remember right now. I definitely want to get this upstream, so I'll look at it again soon. Did you have a 2.4 package in progress anywhere?
<jamespage> rbasak, lp:~james-page/ubuntu/saucy/mongodb/merge-2.4.3
<rbasak> jamespage: thanks!
<oz0ne> Ok, this question might be ubuntu general, but got the lastest lts server running at a hosting center, i have no physical access to it. It got hacked thru a joomla extension, they escalated it to root. And now i wonder if it exist any guide to recover it over ssh. as i still got access to root. Does it exist any good guides or is the only option to call provider tomorrow and ask them to
<oz0ne> fresh install it and i have to use two days of configuring? Is it possible to rebuild a kernelimage, force it to boot with only the most nessescary modules. Or can i just forget about it, as my skill is way to low when i have to ask? : )
<rbasak> Wipe it and reinstall. That's the only way you can be certain that root doesn't remain compromised.
<rbasak> Two days of configuring? Look into configuration management so that it isn't so painful for you next time.
<resno> heh, when it happens again
<SpamapS> joomla is pretty much guaranteed to get hacked
<SpamapS> never seen such a crap dev model, they open holes as fast as they close them
<oz0ne> rbasak, i guess i will have to do that yeah. :) and resno hopefully that will be the last time they beat my server : ) (dreaming : )
<resno> SpamapS: ya, ive one install get hacked twice now
<resno> im not the sys admin on it, but ya
<oz0ne> SpamapS, i am not sure if wordpress is anybetter? Duno if it should be said load, but i am done with 3rd party (welcome to my server) extension, and have started to harden it with extra layers of security.
<resno> what are you using to secure it oz0ne ?
<resno> im just curious
<SpamapS> oz0ne: get a professional joomla or wordpress admin
<resno> SpamapS: you think its that serious to secure joomla?
<SpamapS> If you're not locking it down like crazy w/ apparmor, selinux, etc. .. you're just at the mercy of the horrible code
<SpamapS> resno: yes, there are quite affordable joomla and wordpress hosting places that will relieve one from having to waste time and resources securing/recovering
<resno> ah, something like that
<SpamapS> THe whole point of having a CMS like joomla or wordpress is to *NOT* spend time on these kinds of issues, and just publish content
<oz0ne> SpamapS and that point have failed so extremly
<SpamapS> oz0ne: I have some friends in that business. They can help, and there are others. If you're not going to run hundreds of joomla sites, just stop, and pay somebody who will do it right.
<oz0ne> yeah, i should maybeconsider it. but it kinda hurts some innerfeelings aswell. have 6 years of expirence with programming, but can't keep my joomla site safe :c
<oz0ne> i could ofc blame it on to little linux expirence, but i am far from a beginner there aswell : )
<resno> its your site oz0ne ?
<oz0ne> 2-3 company sites close related, and ofc email etc
<oz0ne> SpamapS ok, i guess i used the wrong tech last time, cause then was the server like a Swiss cheese, and it was mybe the reason for that i thought i couldn't do it much worse myself.
<oz0ne> tech company
<SpamapS> oz0ne: being a good programmer is not really related to being a good operator.
<SpamapS> often those two jobs sit at opposite ends of the "I want change/I want stability" spectrum
<SpamapS> oz0ne: you probably picked one that was hands-off
<SpamapS> you want a *joomla* shop
<SpamapS> people who know how to make it run and how to secure it.
<oz0ne> sure, pass me a link and i will have a look at it
<resno> SpamapS: is that to a good operator cant be a good programmer?
<SpamapS> resno: no, they can both be great at both jobs. See: devops
<resno> :)
<SpamapS> The idea is to get them talking and collaborating so that the tension caused by opposing desires doesn't cause backlash.
<oz0ne> i just feel sad, i "can" hack but i can't mange to recover from rootkits :s
<SpamapS> oz0ne: nobody can recover from rootkits
<resno> ya
<SpamapS> oz0ne: this is why you have data backups and code repositories
<resno> you never know how deep they go
<resno> beyond bacula are there other reliable backup systems?
<SpamapS> bacula is really heavyweight
<resno> rsync?
<SpamapS> rsync requires a lot of thought to get right
<SpamapS> I've had good luck w/ bacula, but again.. its really designed for high scale
<resno> whats high scale? thousands of servers?
<SpamapS> more about the amount and frequency of backup
<SpamapS> Like, I used it to backup 5 servers, but they had *millions* of files and hundreds of thousands of changes a day.
<resno> oh heh
<SpamapS> being able to take a path name and get it back rapidly was key
<resno> we've got a number of servers but really limited change day to day
<xnox> jamespage: thank's for the patch. Interesting if it's a boost change or gcc4.8ish strictness.
<bjrohan> How do I get the "last" command to print in reverse order? Currently when I do so, it prints the most recent logins first, which is then at the top of my terminal. I would like the mst recent logins displayed at the bottom so that they are clostest to the prompt
<sarnold> bjrohan: last | tac
<sarnold> (note, 'tac' is 'cat' spelled backwards. get it? haha.)
<bjrohan> sarnold: thank you, that does make sense, I was implementing it wrong by merely entering tac last
<ak5> hey how do I change my apaches umask setting?
<ak5> Im on 12.04
<RoyK> apache umask?
<ak5> RoyK: yeah, how do I do that?
<RoyK> for what use?
<ak5> www-data
<RoyK> apache itself doesn't create files, php scripts or some modules may, though
<ak5> I need group write permissions on all files created by www-data user
<RoyK> explain what you're trying to achive
<RoyK> how are they created?
<ak5> RoyK: I have various php webapps
<ak5> they create files
<RoyK> then normally it's up to the php script to set umask
<ak5> I need them to have g+w permissions
<ak5> RoyK: can I set it in the php.ini or something then?
<RoyK> no, but setting umask before starting the apache process (in the init script) should work
<oz0ne> SpamapS may i ask you a offtopic?
<ak5> RoyK: that seems kinda hacky - if I update initscripts it will need to be put back?
<ak5> I will do it this way, I just want to know ^_^
<RoyK> ak5: try to ask on #httpd
<ak5> ty
<ak5> RoyK: they told me about mod_umask how do I find which package this is in if at all? I tried the obvious (apt-cache search and google)
<SpamapS> oz0ne: ?? perhaps ask, and I can tell you if its offtopic :) privmsg if you are uncomfortable sharing w/ the group
<RoyK> ak5: perhaps there's a ppa somewhere - otherwise, you'll need to compile it
<ak5> thanks
 * resno lays down
<ak5> what is this whoopsie daemon? Can I get rid of it safely?
<sarnold> ak5: it's error reporting, see errors.ubuntu.com for a quick overview of what it does.. yes you can safely remove it
<LargePrime> sarnold:
<LargePrime> you gave me advise about www-data and ownership and modificatin of thoes files
<sarnold> LargePrime: yes
<LargePrime> are the loggs public?  i did not logg it
<sarnold> LargePrime: http://irclogs.ubuntu.com/2013/04/
<LargePrime> sarnold, can more than one group have access to a file?  ima a noob, but it seems the permissions are owner, group, and everyone.  If www-data is the group, would have 'www'  be the owner?
<RoyK> LargePrime: you can use posix ACLs
<RoyK> google it
<sarnold> LargePrime: there -are- complicated ways (ACLs) that you can have multiple groups with access to a file, but if I recall what you wanted to do, it shouldn't require anything that complicated
<LargePrime> what i was doing was trying to give users access to edit www-data files.  i added them to the group "www-data", but it seems they could not edit many of them.
<LargePrime> then you said http://irclogs.ubuntu.com/2013/04/29/%23ubuntu-server.html#t03:56
<sarnold> LargePrime: if it were me, I think I'd have all the files owned as root, group is 'www', mode 664. then users in group 'www' can edit without any hassle, and the webserver can still read the files
<LargePrime> but then all files can be publicly read?  is that not a problem?
<sarnold> LargePrime: it's a website, right? the whole point is to put them where they can publicly read, no?
<LargePrime> I am noticing it is a hapit of many web applications to put security information in web files that are not to be read by everyone
<sarnold> your database connection credentials should indeed not be readable by all :)
<hallyn> too many secrets!
<sarnold> hallyn :)
<RoyK> hallyn: :)
<adam_g> zul, where should i be comitting packaging changes now? for saucy/havana
<zul> adam_g:  i would just use the raring branches for now
<adam_g> zul, yeah, i can base off that but im not going to push abck there for a saucy update
<zul> adam_g: ack
<adam_g> zul, if you have access to do it, can you plz nominate for raring? https://bugs.launchpad.net/python-glanceclient/+bug/1157864
<uvirtbot> Launchpad bug 1157864 in python-glanceclient "Requests to https server can yield WantReadError" [Critical,Confirmed]
<tom_ilsinszki> I'm using Ubuntu 12.10 and trying to install apache2-mpm-worker. But when I do install it, the package libapache2-mod-php5 gets removed and httpd stops interpreting my PHP pages. How can I install apache2-mpm-worker with PHP support?
<sarnold> tom_ilsinszki: are you confident the worker mpm is supposed to work with in-apache PHP?
<tom_ilsinszki> sarnold: Actually, not really. How can I find that out?
<sarnold> tom_ilsinszki: I don't know if there is any reliable method, just a bit of googling seems like the best shot..
<sarnold> tom_ilsinszki: you might be able to use worker with fastcgi or something..
<tom_ilsinszki> sarnold: thanks a lot!
<tom_ilsinszki> I'll search around for a bit...
<BlindWolf> what is a good gui for a beginner first install of ubuntu for server
<BlindWolf> looking to learn as well as run a server using ubuntu
<BlindWolf> anyone alive?
<GrueMaster> Gui for Server?
<markthomas> BlindWolf: The server install is often done without an XFree GUI, if that's what you're asking.
<markthomas> BlindWolf: what are you planning to do with it?
<BlindWolf> looking for a gui to make running the server more noob friendly
<BlindWolf> running games. mostly
<BlindWolf> or storing for upload
<BlindWolf> have a lan that I am trying to get away from the windows server
<markthomas> The problem is, there isn't an overall GUI for everything.
<GrueMaster> Webmin is a decent choice, but not recommended for internet visible (security issues).
<GrueMaster> Won't help with game servers though.
<markthomas> I personally find Webmin takes 3x as much expertise to get working reliably as doing certain tasks by hand.
<BlindWolf> generally will be stand alone with brief internet connections for updating
<markthomas> ...unless it's improved some of late.
<BlindWolf> someone suggested one but I forgot the name
<rbasak> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system.
<markthomas> ubottu: that makes sense.
<ubottu> markthomas: I am only a bot, please don't think I'm intelligent :)
 * rbasak only knows what ubottu has to say about webmin
<BlindWolf> something that works with apps and ubuntu
<markthomas> BlindWolf: "apps" is too vague a target.
<BlindWolf> lol
<markthomas> For file sharing, study the samba config and use SWAT as a starting point, optionally
<GrueMaster> BlindWolf: For game servers, you probably want to start with Ubuntu Desktop and just use it to host games.
<markthomas> Also, NFS.
<BlindWolf> actually was warned to avoid the desktop ubuntu as a aerver
<BlindWolf> nfs?
<BlindWolf> lol
<GrueMaster> You'll find most of the server discussion here is around heavy duty servers (web, databases, etc).
<rbasak> If existing charms support what you want to do, then using the juju gui connected to either a local LXC environment or an IaaS provider might be a way forward. I'm not sure if it's quite there for beginners yet though
<GrueMaster> Why avoid desktop?  Same core.
<BlindWolf> juju was what was suggested before ... just forgot the name
<ScottK> By definition, an Ubuntu server doesn't have a GUI.
<BlindWolf> no idea.
<GrueMaster> It all really depends on what you define as a "server".
<BlindWolf> really the last time I was into linux ... unix was unix and linix was well new
<GrueMaster> AH
<BlindWolf> alright will look into it some more.
<BlindWolf> thanks
<BlindWolf> lol yeah redhat was the fancy site lol
<BlindWolf> got to go anyway wifes yelling to go get kid from school
<BlindWolf> thanks
<GrueMaster> fyi, I just came back from LinuxFest NW, and they had PostGreSQL and Minecraft servers running on Raspberry PI.
<GrueMaster> (not ubuntu though, Fedora I believe).
<GrueMaster> ANd they were desktop based installs.
<ScottK> Rasberry Pi is armv6 and we're armv7, so no Pi for you Ubuntu.
<GrueMaster> ScottK: I am VERY well aware of what Ubuntu supports on Arm.  I used to test it daily.
<ScottK> I know.
<ScottK> I have fond memories.
<GrueMaster> Not sure I would use "fond" to describe mine.
<ScottK> I can understand, but I was thinking specifically about the help you gave with Kubuntu testing.
<SpamapS> Kind of surprised that there hasn't been a "Piv2" created wih an armv7 chip.
<GrueMaster> Oh, that was purely voluntary (and I had to patch my butt many times after teh chewing stopped).
<ScottK> I know (it was voluntary) and it was much appreciated.
<GrueMaster> SpamapS: The pi is using a Broadcomm chip that they built a stockpile of after the rest of the industry moved to Cortex A8/9.
<GrueMaster> I'd be surprised if the Pi lasted longer than 4-5 million units.
<SpamapS> GrueMaster: yeah that all makes sense, but still surprised nobody has found a stockpile of something else.
<GrueMaster> Actually, I am starting to hear about Cortex A9 based systems with a very low price point coming down the pike.  $45 range.
#ubuntu-server 2013-04-30
<jamespage> adam_g, roaksoax: https://code.launchpad.net/~james-page/charms/precise/hacluster/v0-revert/+merge/161563 when you get a chance
<eutheria> hi i am trying to configure a vlan interface on 12.04, i think i haven't got my ubuntu config right as my pfsense router can be seen on the switch on the .1q tagged vlan
<eutheria> however my eth0.109 i assume .number is the vlan tag
<patdk-lap> normally, yes
<eutheria> i've made sure the port on the switch is on that vlan
<sonofzeus> Hey there
<sonofzeus> How do you find httpd.conf ?
<greppy> sonofzeus: on an ubuntu server?  it should be in /etc/apache2
<sonofzeus> I installed apache2 on a ubuntu desktop edition
<sonofzeus> forgot to mention that
<greppy> sonofzeus: should be in the same place.
<sonofzeus> I've conf.d , mods-available modsenabled sitesavailable apache2.conf envvars magic ports.conf?
<greppy> ah, most of what was in httpd.conf is now in conf.d, mods-available and sites-available.
<greppy> modular configuration makes things a little easier, most of the time :)
<sonofzeus> Open up httpd.conf (in your Apache/conf directory), find DocumentRoot and set it to be your the directory where you want your web site root.
<sonofzeus> someone explain waht this means pls?
<Aison> hello
<Aison> I upgraded one of my test-servers to raring
<Aison> now after reboot, I see grub and after choosing ubuntu, everything is black
<Aison> I also wonder, why I have to choose something in the grub boot menu. In past, this menu was automatically closed after a few seconds
<jamespage> yolanda, that bacula/mysql bug is a known issue; its because bacula only recommends mysql, not depends
<jamespage> so the configuration order is not guaranteed to be mysql->bacula
<yolanda> mm, so it should be a confirmed bug?
<jamespage> users need to install mysql first, and then bacula
<jamespage> yolanda, dupe it against the existing bug report
<yolanda> ok
<jamespage> yolanda, bug 321091
<uvirtbot> Launchpad bug 321091 in bacula "Bacula fails to install correctly if mysql wasn't installed before" [Medium,Confirmed] https://launchpad.net/bugs/321091
<jamespage> (yes that old)
<Daviey> jamespage: crikey, i thought that was fixed long ago
<jamespage> nope
<jamespage> the semantics of the relationship means there is really no good way to fix it
<jamespage> same applies on upgrades - if you get bacula and mysql in the same upgrade transaction == #bang
<yolanda> but why mysql cannot be forced in that case?
<jamespage> bug 1021067
<uvirtbot> Launchpad bug 1021067 in bacula "bacula-director-mysql *->5.2.5-0ubuntu6.1 fails to upgrade if installed alongside mysql-server and upgraded in the same transaction" [Medium,Triaged] https://launchpad.net/bugs/1021067
<jamespage> yolanda, the only way to make that happen is the make it a Depends
<jamespage> which is not good as it does not allow you to split bacula and mysql onto different machines
<jamespage> fwiw we only have this issue in Ubuntu; in Debian the default is sqllite
<jamespage> not mysql
<zul> bacula is fun isnt it?
<jamespage> Ursinha-afk, hey - I raised a merge proposal against ubuntu-reports for a bug in the cloud-archive reporting - any chance you could take a look?
<jamespage> zul, always :-)
 * jamespage ponders whether we should revert back to sqlite as default
 * rbasak thinks aloud
<rbasak> How about moving the database initialisation to a package like bacula-director-mysql-init? bacula-director-mysql would Recommend bacula-director-mysql-init. bacula-director-mysql-init would Depend on mysql.
<rbasak> Those wanting MySQL on a separate machine would break that recommendation.
<rbasak> This assumes that those wanting MySQL on a separate machine will need to set up the database themselves. Or they could just install bacula-director-mysql-init but only on the MySQL machine
<rbasak> What have I missed?
<rbasak> But then again, perhaps it's no longer worth differing from Debian here.
<jamespage> rbasak, worthy considerations
<zul> jamespage/yolanda: https://code.launchpad.net/~zulcss/python-keystoneclient/havana-fix/+merge/161599
<zul> jamespage/yolanda: https://code.launchpad.net/~zulcss/cinder/cinder-suacy-ftbfs/+merge/161603
<ckuerste> jamespage: i'm preparing a security patch for tomcat6 and want to test it. jdstrand said you might have had a look on the tomcat6 testsuite before?
<zul> jamespage/yolanda: https://code.launchpad.net/~zulcss/keystone/keystone-saucy-ftbfs/+merge/161606
<Daviey> zul / jamespage / smoser: fancy raisng a BP suggesion for mysql wsrep patchset inclusion ?
<zul> Daviey:  like percona?
<Daviey> zul: The patches that expose plugin support :), http://www.codership.com/products/mysql-write-set-replication-project
<zul> Daviey:  sure
<jamespage> Daviey, hmm
<Daviey> jamespage: ?
<jamespage> Daviey, zul: I'm against carrying the patches in mysql itself; I think it will make life impossible for the security team
<jamespage> we should go via percona or mariadb with fully upstream integrated galera support
<Daviey> jamespage: right, hence the reason to disucss it :)
<jamespage> Daviey, yep!
<jamespage> ckuerste, hey!  sorry I missed your ping the other day - was taking a bit of time out
<Daviey> jamespage: It might be that we can provide a supportable method in core. I don't know.
<jamespage> ckuerste, I've not looked at the tomcat6 testsuite but I did enable the tomcat7 one during quantal
<jacobw> Hi, I'm trying to preseed away everything except hostname, or set hostname as a boot paramter
<jamespage> ckuerste, what issues are you running into?
<eodchop> I have a new 12.04 server install. When I do the initial build, I install the mailutils meta package. Ever since 13.04 came out last week, I am unable to install mailutils any more. It has a dependency on libmysqlclient, which in turn drags in mysql-common that is incompatible with mailutils and it blows up.
<jacobw> I'm finding that the hostname is set to ubuntu if I don't set anything in the preseed or DNS, regardless of what I set as hostname= or netcfg/hosname= when I don't set anything in DNS
<jacobw> hostname is an alias to netcfg/hostname-unavailable, which is what is set if there's no hostname from DHCP
<jamespage> zul: you have cruft in your keystone MP
<zul> jamespage:  which cruft?
<jamespage> zul: test_keystoneclient.py.orig?
<zul> jamespage: grr...ill clean that up
<zul> thanks
<jamespage> zul: you also dropped the dep headers on that patch - was that intentional
<jamespage> ?
<zul> nope
<ckuerste> jamespage, no problem. i enabled the testsuite like in tomcat7 but get an error about tomcat-dbcp.jar and jasper-jdt.jar can not be found to copy.
<jamespage> ckuerste, hmm
<ckuerste> jamespage, i was not sure if i have to install them somehow. did you had anything like that in tomcat7?
<jamespage> ckuerste, not that I can see
<jamespage> tomcat-dbcp.jar is not shipped in the Debian/Ubuntu packages; its a patched version of commons-dbcp that gets munged by tomcat upstream
<jamespage> you should drop in commons-dbcp in its stead - maybe link it in or suchlike
<jamespage> jdt - hmm
<ckuerste> hmm, okay
<jamespage> ckuerste,     -Djdt.jar=/usr/share/java/ecj.jar ?
<jamespage> the debian/rules in tomcat7 appears to override the default
<jamespage> ${jdt.jar} might be a clue
<ckuerste> okay, will have a look
<jamespage> ckuerste, thanks for picking this up btw
<ckuerste> np
<zul> jamespage/yolanda: https://code.launchpad.net/~zulcss/glance/glance-sauce-ftbfs/+merge/161613
<Ursinha> jamespage, sure (sorry taking long to reply, I'm in Oakland in the client sprint)
<Ursinha> jamespage, this one? https://code.launchpad.net/~james-page/ubuntu-reports/ca-cloud-fix/+merge/161382
<jamespage> Ursinha, yes - although I note adam_g has commented on it
<zul> jamespage/yolanda: https://code.launchpad.net/~zulcss/quantum/quantum-saucy-fix/+merge/161630
<zul> adam_g:  when you get in can you push your python-glanceclient change into the saucy branch please
<hallyn> sarnold: there is no ability to block ioctls with apparmor right?
<sarnold> hallyn: not much; you can prevent opening the device file in the first place, and if the ioctl requires a capability you can also deny that, but not on a fine-grained level
<hallyn> sarnold: thanks
<smoser> jamespage, around?
<jamespage> smoser, yes
<smoser> oh carp
<smoser> i was going to ask you to review a change
<smoser> but i pushed it
<smoser> !
<jamespage> ooops
<smoser> https://code.launchpad.net/~virtual-maasers/charms/precise/virtual-maas/trunk
<smoser> i'll revert that and over-push
<jamespage> 'a change' ?
<jamespage> :-)
<arosales> any channel operators around to update the motd?
<arosales> specifically the bug link should be  Bugs: http://reqorts.qa.ubuntu.com/reports/rls-mgr/rls-r-tracking-bug-tasks.html#server
<SpamapS> wow, this channel's topic is.. ridiculously long
<parallel21> Trying to reinstall the grub bootloader to /dev/sda from an ubuntu-server disc in recovery mode. I've reinstalled grubâ¦ but grub still finds the same boot files in /boot
<parallel21> How to I rebuild the /boot folder
<parallel21> Dohâ¦ grub-install does not rebuild grub.cfg. update-grub does though
<parallel21> I think I solved the problem
<rbasak> roaksoax: may I take the facter merge from you to work on tomorrow please? I just want to merge 1.6.10-1 so that I can SRU bug 1173265 and thus bug 1170325.
<uvirtbot> Launchpad bug 1173265 in facter "facter fails to run from rebuilt source package" [High,Triaged] https://launchpad.net/bugs/1173265
<uvirtbot> Launchpad bug 1170325 in facter "Facter 1.6.X not considering Qemu/KVM virtual type" [Undecided,New] https://launchpad.net/bugs/1170325
<rbasak> facter 2.0.0~rc3-1 and puppet 3.1.1-1 are in experimental and can follow later
<roaksoax> rbasak: sure :)
<rbasak> Thanks!
<LargePrime> is there a toll for me to get an email when server load goes over a certian point?
<LargePrime> tool*
<RoyK> LargePrime: I've used icinga/nagios for that
<RoyK> you can probably script it easily, though, if it's only the load that matters
<LargePrime> ima scripting noob
<LargePrime> but i have done coding
<LargePrime> perhaps i should se
<LargePrime> e
<LargePrime> how do i get the server load?
<sarnold> LargePrime: uptime(1) or /proc/loadavg
<LargePrime> cat /proc/loadavg seems to have a list.  uptime seems to give a diff set of numbers.  uptime(1)  is not recognized sarnold
<sarnold> LargePrime: uptime(1) just shows which section of the manpages contains the documentation... in this case, a user command in section 1
<LargePrime> so if i was not a noob i would have known to do man uptime(1)
<sarnold> LargePrime: well, it'd be 'man 1 uptime', but in this case the '1' probably wouldn't be necessary. Including the manpage section is an old old habit that I've given up on trying to break... :)
<LargePrime> I am still having a problem giving my web users access to thier files, and super users access to all the web files
<LargePrime> how can thier not be ommong simple soluition for this?
<LargePrime> a common*
<LargePrime> I am thinking to make a SiteOwnerSiteName group owner of each virtual dir
<LargePrime> and a SiteOwnerSuperthat has all the groups in it
<robawt> hello
<robawt> is there a way to specify the basic linux server group of packages in a debconf answer file/
<zerick> Hi everybody, what is the latest recommended version of Ubuntu to work with corosync, pacemaker, drbd or heartbeat?
<sudobash> seriously, what is the point of taking protocols = imap pop3 in the dovecot config and splitting it into two files
<jcastro> smoser: if you have a second to explain that cloud images metadata stream thing ...
<smoser> :)
<smoser> for some time we've had data describing aws image ids at http://cloud-images.ubuntu.com/query
<smoser> the data there also described the .tar.gz files that could be downloaded.
<smoser> there were some issues with the format, though
<smoser> a.) it only described the .tar.gz files (not disk1.img files)
<smoser> b.) it couldn't easily be extended to cover other clouds
<smoser> c.) it wasn't easily  mirrorable
<smoser>    and wasn't signed , relying on secure transport (https) for security.  but that meant that if you mirrored the data, then the trust couldn't "pass through".
<smoser> d.) just not that nice of a format.
<smoser> now we have a much nicer set of data describing both image-ids on public clouds and image downloads.
<smoser> you can see it by browsing data at http://cloud-images.ubuntu.com/releases/streams/v1/
<jcastro> ok so basically, a way to programatically see what's published on cloud-images?
<smoser> because of the gpg signatures, you can mirror that data and trust of the cloud-image signer is still present (just like apt does that).
<smoser> so we have that data there.
<jcastro> ok so basically, a way to programatically and secure way to see what's published on cloud-images?
<smoser> which allows you to find images on public clouds (and we'll have additional public clouds data there)
<jcastro> whoops, butchered that sentence
<smoser> yeah.
<smoser> and then there is a sample client (that is still being worked on) in 'simplestreams' package.
<gartral> hey all, does Ubuntu Server have a set-up ssh for truly headless machines? or will I need to find another way to answer the questions at install time?
<jcastro> ok so this would make it easier for people to build tools to search the data, as opposed to say, that AMI search thing we built?
<smoser> that client and http://bazaar.launchpad.net/~smoser/simplestreams/example-sync/view/head:/README
<smoser> allows you to sync from cloud-image to your local cloud
<smoser> well, the ami search thing we built could be re-built on top of this data.
<smoser> and http://ubuntufinder.com/ is using (i believe) the newly formated data.
<jcastro> gartral: you can probably preseed that during installation
<gartral> jcastro: doesn't that preeseed configuration need to be specified at boot? or can that be automatically assumed? I'm dealing with a machine that literally has 1 usb port and 3 cat-5 ports. guess what's being put in the USB port? :P
<jcastro> no netboot?
<sarnold> usb hub?
<gartral> jcastro: not easily, what's going to happen with this machine is I'm going to put the hardware together, pop the thumbdrive into the usb port, then ship it to it's new home where some "technition" (I.E. some guy who knows about as much about Linux as a Penguin does about a Banana.) plugs it in, then about 30 minutes later I wan't to connect to it and set it up proper.
<gartral> ^wan't^want
<uvirtbot> gartral: Error: "wan't^want" is not a valid command.
<smoser> gartral, you can put a preseed configuration on the install media
<gartral> smoser: and that will automatically be read and run?
<smoser> yes.
<gartral> I've never used a preseed.txt before
<Quest> if i have a fiber optic but I have two separate ip pools of 8 ips each (the fiber optic wire will be still one), that is 2 separate threads (thats what i have been informed). Then each thread will be having its separate bandwidth limit. is it a fact that both threads will be unaffected by each other in terms of bandwidth and traffic? That is its almost same like I am having two fiber connections?
<gartral> smoser: I see a segment called "Network Console". can I preseed everything up to that point or must I fill out everything after?
<smoser> gartral, you can have completely unattended installation.
<genii-around> The only thing I don't like about preseed is the sparsity of documentation
<Quest> hello
<gartral> smoser: while I appreciate that, I much perfer actually answering the questions myself x.x
<smoser> i'm confused.
<smoser> i thought you said you wanted a penguin to be able to do it.
<dpb1> heh
<LargePrime> I am still having a problem giving my web users access to their files, and super users access to all the web files
<LargePrime> how can there not be common simple solution for this?
<dpb1> LargePrime: can you explain a bit more?
<LargePrime> and then i dc
<LargePrime> sorry
<LargePrime> did i miss anything?
<LargePrime> so to continue i need www-data to server sites, useres to have mod rights, and superuser to mod all rights
<LargePrime> it that usually how it is done?
<LargePrime> owner will be the web authers
<LargePrime> superusers will be members of all owners grups?
<LargePrime> dpb1:
<LargePrime> think that will work?
<LargePrime> anyone?
<dpb1> LargePrime: sorry, I'm not following.  What are server sites?  and what are "mod rights".  superuser (root) can do anything he wants whenever, so whatever you are asking there should work.
<LargePrime> please ping me if you have feedback
<LargePrime> i have several sites i host.  like mydomain.com and yourdomain.com
<LargePrime> I want you to have rights to yourdomain.com
<LargePrime> I want my web guy to have mydomain.com
<LargePrime> and i want my server admin to have rights to both
<dpb1> LargePrime: ok, and by "rights", you mean be able to modify/delete a set of files on the filesystem?
<LargePrime> yes.  sorry
<LargePrime> and this is all in /var/www/  so /var/www/yourdomian and /var/www/mydomian
<LargePrime> and www-data needs to be the group for all the files i think?
<adam_g> smoser, does 12.04's cloud-init support any of those fancy merging features?
<dpb1> LargePrime: who is the owner of the files right now?  root?
<smoser> adam_g, no.
<smoser> and 13.04 doesn't really... in any way that i want to advertise
<LargePrime> yes
<LargePrime> dpb1: yes
<dpb1> LargePrime: simply put, I would create one group per "site" you are hosting.  Add to that group www-data, and whoever you want to admin it.  Then, chown -R root:group /var/www/site
<LargePrime> if i add people to www-data, do they get all thoes rights?
<LargePrime> yes i think that is good
<dpb1> LargePrime: users are the ones who permissions are applied to, not groups.  Groups just... "broadcast" the permissions to multiple people.  www-data is a group, but it's also a user.  The user having the rights is what is important.
<LargePrime> wait no
<LargePrime> cant
<LargePrime> some of the www-data files cannot be written to by www-data
<LargePrime> cause it seems web server can be compromised
<LargePrime> they can only be read
<LargePrime> so the web admins can mod thoes files
<dpb1> LargePrime: doing a chown will not impact the read/write/execute bits.
<LargePrime> but the web admins SHOULD be able o mod thoes files
<LargePrime> to* dpb1
<dpb1> LargePrime: ok, gotcha
<LargePrime> so my idea is to replace root ownership with web site owners
<LargePrime> but this cant be that uncommon?  so what do people usually do?
<dpb1> LargePrime: so then, you have three options.  1) change the owner of the file to the specific admin you are interested in granting permission. (he will then be able to do whatever he wants with that file, regardless of permission).  2) grant limited sudo access to edit these files.  3) switch to ACLs which will grant you the flexibility of assigning multiple owners.
<LargePrime> how do i limit sudo?
<LargePrime> dpb1:
<markthomas> LargePrime:  Ubuntu grants access to group sudo out of the box.  You can restrict access to sudo in general by controlling membership in that group.  You can implement finer-grained control over Sudo by editing /etc/sudoers with the visudo command.
<dpb1> LargePrime: I've used something like this before: http://bencane.com/2012/02/sudoedit-securely-allow-users-to-edit-files/
<ScottK> jamespage: DFSG #8 (License must not be specific to Debian) is also applied to Ubuntu in http://people.canonical.com/~cjwatson/ubuntu-policy/policy.html/ch-archive.html#s-ulp so your Ubuntu specific exception to link mongdb to openssl lands it in multiverse.
<roll> if ubuntu was installed with dhcp, and i want to switch to using a static ip, say 192.168.2.33, in ubuntu server (no gui), how would i go about this (permanent as well, not having to do it each time i boot up)
<xnox> jamespage: re: mongodb  vs boost::size. Since boost1.51 it returns unsigned int. So mongodb needs fixing. Not sure which version of mongodb your patch is.
<xnox> as it doesn't apply to current package =)
<bradm> roll: https://help.ubuntu.com/12.04/serverguide/network-configuration.html#ip-addressing has an example of how to do static network config - basically you need to edit /etc/network/interfaces
<roll> bradm: thanks, i'll take a look
#ubuntu-server 2013-05-01
<Eitan> Hey gents, is there a way to change the outward facing IP address on my server?
<Eitan> i have bout 25 IP's configed and its using 1 as the outward and i need it to use another
<Eitan> seems to be using the last one on my list, as apposed to the first one that it should be using
<RoyK> Eitan: rfc1918 addresses?
<RoyK> nat?
<Eitan> So i have eth0 - eth17
<Eitan> and its using eth 17 as the external instead of eth0, i could just rename eth 0 to eth18
<RoyK> what addresses?
<Eitan> nat
<Eitan> vim /etc/udev/rules.d/70-persistent-net.rules perhaps?
<RoyK> same subnet?
<Eitan> yes
<RoyK> why so many NICs?
<Eitan> its a dedicated server... thats how the host set it up
<qman__> you shouldn't assign addresses in the same subnet to more than one physical adapter
<Eitan> i needed a lot of ip's
<RoyK> Eitan: you don't need a truckload of IP addresses
<Eitan> i agree,
<Eitan> but right now i cant get rid of all of them
<Eitan> i just need to change my outward facing ip
<qman__> there is no such thing; you're misinterpreting something else
<Eitan> so i can get through someones firewall, instead of asking them to change hte IP in their ACLs
<qman__> I assume you mean the IP your system is sending new connections out from
<Eitan> yes sir
<Eitan> my external iP
<Eitan> who people think i am
<qman__> all of your IPs are external
<Eitan> ok,
<Eitan> you are right
<Eitan> mispoke
<Eitan> the ip that my system is sending out connections from
<Eitan> its currently using the last eth instead of the first
<qman__> it's most likely using whichever one was most recently configured
<Eitan> qman: you are correct
<Eitan> it is using eth0:13 instead of eth0:1
<Eitan> it is using eth0:13 instead of eth0:0
<qman__> ok; those are virtual interfaces, not physical, and are different in both configuration and function
<Eitan> ok, that makes sense they are all running on eth0
<Eitan> and its using the last configured
<Eitan> so im just going to change it here /etc/network/interfaces
<qman__> do you have more than one default gateway specified?
<Eitan> no
<Eitan> same default gateway
<qman__> what I mean is, is it specified more than once?
<Eitan> yes sir
<qman__> that's incorrect
<Eitan> specified for every IP
<qman__> it should only be specified once
<qman__> on the first interface
<Eitan> pretty much everything is duplicated for every network int
<Eitan> only thing different is address itself
<qman__> that's wrong; the additional addresses should only be specified as address and netmask
<Eitan> ok, ill make that change
<Eitan> how should i go about making this stop using my last configured int as outgoing?
<Eitan> switch them in the config?
<qman__> no
<qman__> this will probably fix that
<Eitan> oh cool
<qman__> if not, you'll have to change some advanced routing settings
<Eitan> got it
<Eitan> ill give it a shot
<Eitan> thanks for the info
<qman__> after removing all those you will have to make that configuration apply, done easiest by rebooting
<qman__> or you could probably manually delete all the extra gateways
<Eitan> ok, ill just run a quick reboot
<Eitan> could also use ssh -b address to use a speciifc Ip
<Eitan> woops
<roasted> hello friends
<roasted> I have a server with a spinning drive for the OS. I got to thinking about taking it an dputting it on an SSD. If I would do that, should I exclude swap from the SSD?
<hachre> are you using swap a lot?
<roasted> hachre: I don't believe so... truth be told I haven't checked in quite a while.
<hachre> how much ram do you have?
<roasted> it's a home server... 4gb of ram.
<hachre> does it run anything?
<roasted> quite a bit, but all for personal use
<hachre> except samba
<roasted> subsonic, owncloud, apache, samba, motion video surveillance, mdadm raid
<hachre> dnot know that motion video thing
<hachre> apart from that
<hachre> they arent huge ram hogs
<hachre> anyway.. if you dont use it much i wouldnt care
<roasted> motion isn't a huge ram hog, but it taxes the cpu a little bit
<hachre> if you really trash it you could put it on the disks to spare the ssd
<hachre> i personally use linux as a desktop on my laptop with a ssd
<roasted> sounds good
<hachre> i dont have any problems
<hachre> laptop has been going for three years
<roasted> I just wasn't sure how swap + SSD would work
<hachre> swap on the ssd and i go way beyond the 4 gb sometimes
<roasted> like if that was a bad idea or anything
<hachre> nah
<qman__> I run swapless
<qman__> more RAM would have been cheaper
<hachre> just for the wear and tear
<roasted> do you guys know of a way to suck up the contents of my entire server OS and drop iton an SSD?
<roasted> 500GB HDD right now... want to go to 64GB SSD...
<hachre> I'd use rsync
<roasted> rsync for the OS?
<qman__> yep, rsync
<hachre> for everything
<roasted> wow
<roasted> I didn't think rsync would work
<qman__> rsync the files, then install grub to the SSD
<hachre> well you gotta reinstall grub and you have to do the partitioning on the ssd and mkfs
<hachre> thats it
<hachre> rest is rsync
<qman__> specifically
<roasted> I had the drive prepped already
<roasted> just hooked it up to a sata connector on my laptop and GParted it
<roasted> I just haven't swapped it out yet
<roasted> renovating the basement, so... been pre-occupied
<qman__> rsync -avh --exclude=/dev --exclude=/proc --exclude=/sys --exclude=/mnt/ssd / /mnt/ssd
<hachre> yup
<hachre> :)
<roasted> qman__: the server will be offline when I rsync. Would the excludes be needed then?
<qman__> assuming you mount the ssd to /mnt/ssd
<qman__> nope
<roasted> I can just do rsync -avh /media/hdd /media/ssd ??
<qman__> just mount both disks and rsync one to the other
<qman__> yes
<roasted> well dang
<roasted> that's freakin nice
<hachre> :)
<roasted> taking that down in my notes quick...
<roasted> k, done deal
<roasted> thanks again fellas
<hachre> np
<Falados> Is there a way to secure Tomcat using AppArmor on 12.04?
<Falados> or more generally, applications that run on the JVM
<qman__> yes, just like any other
<qman__> you need to configure a profile that allows it the access needed
<Falados> but 'it' is the java binary. which could be used to run other JVM apps - which should have different profiles.
<Falados> yet they all look like the same binary
<Falados> I saw something about ChangeHat, but i cant find much.
<Falados> it was in the SuSE docs
<qman__> looks like there used to be an apparmor_tomcat but it's been left to rot
<Falados> yeah, i saw that :(
<Falados> it would seem like i'd have to install a JVM per app and secure them that way, or combine the profiles into one (which kindof defeats the purpose)
<qman__> yeah, I don't really see a way around that; you could make linked copies of the JVM by different names
<qman__> still messy though
<Falados> AppArmor doesn't follow links to the underlying binary? I guess that would be another way it could work.
<qman__> given the nature of tomcat and applications that run on it, there probably aren't many people that have this specific need
<Falados> I don't have the specific need just yet - its more of an academic excercise.
<Falados> but i can see it being useful in general
<qman__> what people probably do in the real world is spin up a VM per tomcat application
<qman__> offers greater separation and security between them
<Falados> probably for the best then.
<Falados> but I can see if tomcat were to host more than one application, it would make sense to isolate at the servlet level too (like tomcat_apparmor provided)
<Falados> I wonder if it was abandoned due to lack of interest, contributions, or both.
<Falados> since nothing has replaced it
<qman__> that's likely
<qman__> there are other considerations when running applications that need to be separate, which are more easily achieved by separating servers
<Falados> yeah.  In a prod environment i'd be more inclined to have a single webapp per tomcat install
<qman__> plus the way things are headed these days is toward preconfigured instances that you fire up on the fly with your application preloaded
<qman__> "I need six more foos and three bars", click it in your openstack
<Falados> thx for the help qman__
<LargePrime> what are the downsides of root not being the owner of a file in www-data
<Falados> i think it may be because chgrp can be used to give it away. and if root owns it, then only root can chgrp
<Falados> may be other reasons, could also just be convention
<LargePrime> Falados: but what is the harm in it being given away
<Falados> LargePrime: it depends on what it was changed to and who has access to that new group.  It's unexpected behavoir, and should be avoided.
<Falados> LargePrime: but there may be other things that are not coming to mind. Its probably not a large attack vector - but its simple enough to enforce this convention anyway.
<LargePrime> do you have time to discuss more?
<LargePrime> Falados:
<LargePrime> i have several sites i host.  like mydomain.com and yourdomain.com and thierdomain.org
<LargePrime> I want you to have rights to yourdomain.com them to have rights to thierdomain, and my web guy to have access to all of them
<LargePrime> www-data need to have access to server the files, and some of the files cannot be made public
<Falados> depends on your particular constriants, but the owner/user permissions are not very granular like that.
<LargePrime> my plan is to create a group for each domain and add web authors to each group as needed
<LargePrime> and set the group as owner
<Falados> there is an ACL implementation i think, but that might be overkill.  I'd probably end up giving the web-guy sudo permissions
<LargePrime> sudo is going to be a pita over FTP?
<Falados> oh, these files are managed via ftp?
<LargePrime> yes
<LargePrime> did i miss something obvious?
<patdk-lap> other than ftp should never be used :)
<LargePrime> sftp then
<Falados> you can get more granularity with ACLs: https://help.ubuntu.com/community/FilePermissionsACLs
<Falados> but thats usually not what I see.
<Falados> YMMV
<LargePrime> ok so what is wrong with setting a group as the owner and adding peopel to that group
<Falados> or you can do what Hiroku does, and use git w/ hooks.
<Falados> that way no one owns the deployment files
<LargePrime> what is git with hooks?
<LargePrime> also, note the total noob
<patdk-lap> ya, I have a website that just does git pulls every minute
<Falados> git is source control management
<LargePrime> i know
<Falados> like mecurial, or bazaar
<Falados> and a post-receive hook is just a bash script that you can create that will deploy the files
<LargePrime> I think that is gonna be kinda tuff for my web guys
<Falados> actually, not just bash, could by py, perl, ruby
<Falados> Well, if dont want to change your workflow, then maybe you'll have to set up ACLs.
<Falados> they did that at my University for web hosting with FTP.
<LargePrime> because granting ownership to a group is an issue?
<Falados> yeah, it is not granular enough. You can't give multiple groups access to the same files
<LargePrime> i cant make one group owner and another the group?
<LargePrime> does a user have to be owner?
<Falados> the http server needs to have read (and in some cases write) access to the files and folders it needs. It can get this only though those 3 ways:
<Falados> user , group, other
<Falados> other is too broad
<Falados> gives every accoutn access - so thats a cop-out
<LargePrime> its user
<Falados> if its user is web-guy, then they have one set of permissions, and if group is www-data then www-data has another set of permissions, but you cant introduce a third into this without ACLs.
<LargePrime> and user cant be a group?
<Falados> correct
<Falados> a user is always a user.
<LargePrime> bah
<Falados> with ACLS you can give permissions to arbitrary users and groups
<LargePrime> but i have to take down teh server to implement acls
<Falados> yeah, you have to re-mount
<Falados> you can get by with playing with users and groups, but you'll find that its really too course and you'll end up giving too much permissions to people
<Falados> the only solution that doesnt need a remount would be a change in deployment process.
<Falados> using FTP as a staging area, and a script run as www-data to deploy from staging
<Falados> could be a simple as rsync or as sophisticated as triggering a job in a CI server like jenkins
<LargePrime> how can www-data deploy files it might not have read or write access too?
<Falados> well, you could also run the script as root too
<Falados> no one should be running that script besides cron anyway
<Falados> but your refresh-rate won't be immediate with cront. it will take about a minute
<LargePrime> there must be tonnes of websites that have virtual hosts.  How do tehy handel these things
<Falados> probably using jails/chroot
<LargePrime> and make webguy the owner?
<Falados> and the web-guy has total access to the server either via SSH, or cpanel, or something
<Falados> although I havn't set up a shared hosting server, so i dont have a specific implementation I can reference.
<Falados> perhaps solutions like CPanel hide all of these details for you.
<Falados> s/for/from
<Falados> there are probably open-source cpanel-like applications that can help in this regard.  Just a quick google search brings up a wikipedia page on it:
<Falados> en.wikipedia.org/wiki/Comparison_of_web_hosting_control_panels
<Falados> im out. hope this helps some
<jdstrand> Falados: while there probably won't be anyone there right now, you might bring up apparmor and tomcat in #apparmor on OFTC
<jdstrand> you can get a definitive answer on how it (used to) work, where it is now, etc
<billy_ran_away> Anyone up and active?
<azKennett> I'm new to Ubuntu Server but I'm trying to setup a dhcp server. Can anyone point me to a tut/guide. Or take the time to help me out. Thanks.
<billy_ran_away> azKennett: http://askubuntu.com/questions/140126/how-do-i-configure-a-dhcp-server
<azKennett> Thanks billy_ran_away
<azKennett> billy_ran_away, I followed the guide and I get error, "stop: Unknown instance: start: Job failed to start" any ideas?
<billy_ran_away> azKennett: Yea check /var/log/syslog and look for "dhcpd: Open a socket for LPF: Permission denied"
<billy_ran_away> azKennett: If you have that then refer to this bug: https://bugs.launchpad.net/ubuntu/+source/isc-dhcp/+bug/1107686
<uvirtbot> Launchpad bug 1107686 in isc-dhcp "dhcpd: Open a socket for LPF: Permission denied" [Undecided,Fix released]
<azKennett> billy_ran_away,I'll look
<azKennett> billy_ran_away: Didn't see it.
<ak5> hi, I get an error when doing `sudo apt-get update` it stalls at "Reading package lists... 99%" then prints out "Reading package lists... Error!"
<ak5> I am using amazon ec2
<SpamapS> ak5: "Error!" usually has a message with it.
<ak5> SpamapS: this time it doesn't. I have the same error as this guy http://askubuntu.com/questions/259114/reading-package-lists-in-update-apt-get-ubuntu-12-04-vps
<SpamapS> ak5: weird
<ak5> SpamapS: indeed
<ak5> SpamapS: any ideas?
<SpamapS> ak5: none I'm afraid. :-/
<ak5> SpamapS: I am going to change mirrors
<ak5> ls
<jamespage> xnox, great - I thought that was the case; I revised that patch to be backwards compat as well - its for 2.4.3 which I'm currently working on the merge for
<sies34> has anyone tested ZFS with Ubuntu Server 13.04?
<AfroMark> Hi all. I'm setting up ubuntu server for the first time and have a few general questions. Anyone around to help?
<sies34> I have no experience setting up a server with ubuntu, only with debian
<AfroMark> I'm hoping to use the server as a LAMP server, a printer server for home, and its main use will be as a minecraft server. What sort of security precautions should I take?
<AfroMark> Hi sies34. These are only general questions though, so perhaps you'd be able to help anyway.
<sies34> at what level?
<sies34> go ahead
<AfroMark> First question is above. What do you mean "at what level"? I know network/server security is an expansive subject, but I'm just looking for a simple "best practice" to ensure my home network isn't compromised.
<sies34> best first line of defense is a firewall
<AfroMark> So for example, a firewall is a given.
<AfroMark> Haha. Great minds...
<sies34> do you have a router?
<blkperl> AfroMark: or you can use iptables
<AfroMark> Yes - the server will have a wired connection to a wireless modem/router will serves the house
<blkperl> first thing you should do is disable root login via password, use ssh keys or disable it all together
<sies34> you can choose between iptablet (on your linux server) or your built-in firewall of the router
<AfroMark> I read something about disabling root password login. Does that only account for remote access? I don't want it to be a pain every time i try to "sudo" something
<sies34> usually to configure the firewall of the router better/easier
<sies34> yes
<sies34> afer you login with ssh you can 'su'
<sies34> it also helps if you forward port 22 to another port in your router
<sies34> for instance 45893
<blkperl> AfroMark: sudo is different, and yes in the ssh config for remote access
<rbasak> I feel that changing ssh port is cargo culting nowadays: http://bsdly.blogspot.co.uk/2013/02/theres-no-protection-in-high-ports.html
<sies34> there are many port scans on port 22
<rbasak> I lock down ssh users with AllowUsers in /etc/ssh/sshd_config. Then you don't have to worry about accidentally having a weak password on some other account.
<AfroMark> On the whole, how accurate is the information here? http://www.andrewault.net/2010/05/17/securing-an-ubuntu-server/
<rbasak> Then make sure you either have very strong passwords on the AllowUsers accounts, or disable password auth in sshd_config and use keys only.
<rbasak> I'd make sure that the minecraft daemon is running as its own special user, and constrain it with AppArmor.
<sies34> indeed better to use a ssh-key
<rbasak> LAMP servers are particularly vulnerable. I'd put that in a separate VM, or at least very carefully constrain it with AppArmor.
<AfroMark> Thanks all for the advice
<AfroMark> Obviously there are quite a few things i need to look into!
<AfroMark> One last question - I have a NAS attached to my router. Would I be able to run an ftp server allowing access to the network storage? Or is that opening up even more security concerns?
<nfrmatk> I wouldn't double dip like that if I had other options. Minecraft server/print server/FTP server is a lot to keep in mind when starting out.
<sies34> use NFS
<rbasak> Set up two VMs. One for services to the outside world, and one for services to your LAN.
<sies34> when you nas supported NFS
<nfrmatk> rbasak is thinking in the right direction. Separate out your tasks.
<sies34> or use smbmount on your server
<AfroMark> Will 2 VMs be a drain on resources? It may be that I'm trying to accomplish too much too soon.
<AfroMark> The computer I'm planning to use is fairly old. 2.4Ghz CPU and 2gig RAM.
<AfroMark> I apologise in advance if I'm being a massive newbie.
<nfrmatk> Don't even worry about it.
<nfrmatk> I wish I'd known there was an ubuntu-server channel when I started.
<nfrmatk> 2 VMs will probably be a bit much for that build...
<nfrmatk> You can just test and develop on that machine if you hold off forwarding any ports on your router til you have your ideal configuration.
<AfroMark> I'd better be off now. Thanks to everyone for the advice! It's given me plenty to think about.
<AfroMark> It's likely I'll be back soon though!
<ak5> hi guys, I have an ubuntu instance that gets an error at `sudo apt-get update` - anyone else have this? It outputs: Reading package lists... Error! And nothing else
<lotia> Is there a recommended way for conditionally setting envionment variable. To elaborate, files ending in .sh on /etc/profile.d are sourced by all users. What if I want to source some env vars in an init script.
<lotia> I don't want to set those vars directly, because several scripts may use them.
<jamespage> lotia, /etc/default/<NAME>
<Daviey> jamespage, rbasak, any other english folk - happy may day.  Will you be doing a may pole dance later?
<Daviey> I already have bells on my shoes, all set.
<jamespage> Daviey, already have me bells on
<jamespage> just about to go get my big stick
<Daviey> heh.
<lotia> jamespage: thank you
<zul> workers of the world unite!
<Guest98943> how often /var/tmp is cleared in Ubuntu?
<stan_0001> Is /vat/tmp cleared automatically in Ubuntu?
<jacobw> stan_0001: /tmp is a ramdisk, it exists in ram only. It's not that it's cleared on shutdown, it's that it doesn't survive shutdowns at all.
<stan_0001> jacobw, i see thanks.
<jacobw> stan_0001: /var/tmp isn't a ramdisk, it's just a directory in the filesystem on the disks, it's just like any other directory
<jacobw> stan_0001: Consider symlinking to /tmp or mounting /var/tmp as a ramdisk
<slestak> im seeing a strange screen artifact using byobo + tmux that doesnt occur when using straight screen.
<slestak> i dont use tmux outside of byobu,
<slestak> not sure if this would be a good channel to discuss this since byobu is an ubuntu creation
<slestak> sometimes when i resume a disconnected session, I have a {window|pane|whoknows} off to teh side that seems to be filled with period characters.  I dont think i can switch to it, and I cannto make it occur on demand, but it does occure pretty frequwently.
<slestak> It might be related to resuming a session with a terminal with a different windo size thatn the one detached
<slestak> anyone seen that on their installs?  I am using the current putty to connect to ubuntu 12.04.2
<slestak> i'll get a screenshot next time
<slestak> kirkland: ping, have you seen this happen?
<kirkland> slestak: hi
<slestak> good mornig man.
<slestak> thsi is not a big issue, just somethign im tryng to figure out.  if you think it is def a tmux thing i'll go talk to them
<kirkland> slestak: it's just like you say -- when you see the "periods", you're connecting from a terminal larger than some other terminal that's also connected
<kirkland> slestak: it is a feature/function of tmux
<kirkland> slestak: you can force disconnect the other client
<kirkland> slestak: let me find the command/key for that
<slestak> im trying to see where the feature part of that comes in.  for instance, doesnt gnu screen handle that a little more gracefully?
<slestak> i can look at the docs, thanks for the pointer
<kirkland> slestak: I prefer tmux's handling of it, actually
<slestak> cool, i'll check it out.
<kirkland> slestak: but that's probably just preference
<kirkland> slestak: okay, you can do this...
<slestak> just wasnt understanding the implemetation
<kirkland> slestak: if your escape key is ctrl-a, then try pressing ctrl-a-D
<kirkland> slestak: note that's a capital D
<kirkland> slestak: that will show you a list of attached clients
<kirkland> slestak: and the geometry of their screens
<kirkland> slestak: pick the one you want to kill (probably the smallest geometry)
<kirkland> slestak: and you'll detach that client's connection
<kirkland> slestak: I think there's a byobu feature request to add a hotkey to "detach all clients not myself"
<slestak> cool
<slestak> thanks for byobu
<kirkland> slestak: you bet!  thanks for using it!
<billy_ran_away> Can anyone explain why my pvscan isn't showing the correct volumes and it says something about "Incorrect metadata area header checksum" http://pastie.org/7746710
<pmatulis> billy_ran_away: prolly b/c lvmscan is looking at non-LVM partitions
<billy_ran_away> pmatulis: Yea I was hoping that was it, but it's not.
<billy_ran_away> pmatulis: I'm closer to solving I think, thanks for the suggestion though.
<pmatulis> billy_ran_away: ok, report back when you find out more
<billy_ran_away> pmatulis: Okay thanks
<RoyK> anyone here that can explain where and how md arrays are assembled? seems lucid assembles nested arrays fine, but precise and later does not. it assembles the base arrays, but not the ones on top (as in raid-5+0 etc). See bug 1171945 for details.
<uvirtbot> Launchpad bug 1171945 in mdadm "Nested RAID levels aren't started after reboot" [Undecided,Confirmed] https://launchpad.net/bugs/1171945
<parallel21> Anyone know how I can manage user's home directories across a series of machines?
<Corey> parallel21: Salt, ldap, puppet, chef, cfengine, spine, rsync, and NFS mounting, just to name a few.
<genii-around> My votes with rsync.
<Corey> Oh god that's horrible.
<Corey> genii-around: I use git / vcsh.
<genii-around> I've heard of using git for this sort of thing but never tried it myself.
<parallel21> I'm not so concerned about dotfiles, but stuff like text files and managing user profiles and passwords across machines. I'd like to be able to add an ssh user across a set of a machines
<Corey> parallel21: Yes, welcome to the world of either LDAP, or configuration management. Your pick.
<Corey> parallel21: And really, ssh keys make more sense in this decade.
<Corey> parallel21: How many servers are we talking?
<parallel21> Corey: Under 10â¦ I'd really like to use something like puppet. But I'd like something I could deploy more quickly, as I know little about puppet. LDAP would be OpenLDAP? Ssh-keys wouldn't just fix it would it? They'd need a home folder and the like?
<Corey> parallel21: saltstack.org is probably your best bet.
<parallel21> Corey: This looks awesome
<Corey> parallel21: Thank you. #salt is also a good resource here.
<resno> parallel21: look at ansible
<resno> #ansible also
<resno> its all ssh based command, but can build up if needed
<GeminiDomino> I'm trying to set up postfix with SMTP AUTH on 12.04 but the guide on help.ubuntu.com seems to be out of date with regard to dovecot configuration. Does anyone know of another resource?
<parallel21> GeminiDomino: I've been doing the same
<GeminiDomino> Any luck?
<parallel21> GeminiDomino: Where are you having a problem?
<parallel21> Going in worksâ¦ smtp auth out does not
<GeminiDomino> I'm not getting the "250-AUTH xxx" lines in the ehlo response
<parallel21> Hrmmm..
<GeminiDomino> Yep. Just did it from scratch again... I get the STARTTLS announce, but no auth...
<GeminiDomino> I never thought I'd miss Sendmail. <_<
<RoyK> postfix?
<GeminiDomino> That's what's making me miss sendmail. :)
<parallel21> Yeah, I was thinking about sendmail as well. What's the diff?
 * RoyK mumbles something about PEBKAC
<parallel21> pbkac?
<GeminiDomino> parallel21: Sendmails configuration files make perl look readable. :)
<psivaa> hallyn: hello :)
<psivaa> 'sudo kvm -hda test.img -monitor stdio' returns 'Could not initialize SDL(No available video device) - exiting' on our precise servers
<hallyn> psivaa: what happens when yo type 'xterm' ?
<hallyn> psivaa: shorter answer: add '-vnc :1'
<psivaa> hallyn: ok thanks, adding '-vnc:1' makes it work, xterm is not installed though
<bananapie> Can I unbond two network interfaces that were bounded at boot using network/interfaces without risking the stability of the production server or the second bonded interface without rebooting the server?
<bananapie> I tried ifenslave -d bond1 eth2 eth3
<bananapie> ok it worked, it just took a few seconds
<bananapie> there was probably a machine whose arp tables didn't update or something
<bananapie> thanks
<Aison> I upgraded my testserver to raring, now it no longer boots. In recovery mode I can see some output from the kernel, but after
<Aison> running scripts/init-bottom
<Aison> it hangs
<Aison> in ubuntu I heard that I should use nomodeset as kernel options
<Aison> but that don't help
<Aison> any hints? with grml I can boot into the system and changeroot
<Marlinc> What packages do you need to install on a MAAS node?
<Marlinc> In order to connect it to the MAAS server
<markthomas> Aison: can you boot it in rescue mode and mount the root filesystem?
<Aison> markthomas, no, the system hangs directly after printing the message
<Aison> Begin: Running /scripts/init-bottom ... done.
<Aison> then I can't do anything
<markthomas> Aison: That's from a cold boot?  Hmmm
<Aison> yes
<markthomas> Aison: how about a rescue CD?  We want to try to take a look at syslog.
<Aison> I think I have to create a rescue CD first :)
<sarnold> Aison: maybe try init=/bin/sh  before burning a CD? :)
<Aison> uhm, where should I try that? :P  (maybe stupid question)
<thesheff17> does anyone have any experience with the JMX and tomcat... I keep getting Debugger failed to attach: handshake failed - received >< - expected >JDWP-Handshake<
<Aison> grub?
<cydizen> Aison:  I might have missed an earlier post but have you tried to boot in Single User mode? (also from grub)
<Aison> cydizen, no
<sarnold> Aison: yes, from grub, you can add that init=/bin/sh to the kernel command line
<Aison> there I can also add single for single user mode?
<cydizen> Aison:   yes you can
<sarnold> single is more polite :)
<cydizen> I would only recommend trying one of our methods at a time though.  Process of elimination
<markthomas> Agreed.  Booting from a rescue CD while trying single-user and init=/bin/sh...overkill, perhaps.
<markthomas> ;)
<cydizen> thesheff17:  when you do a ps -ef  and look at your java line, does it explicitly state JMX and port number?
<Aison> cydizen, well, single was already the (because of recovery mode)
<Aison> so that is tested
<Aison> also nomodeset
<thesheff17> cydizen, it does
<Aison> with init=/bin/sh I get a kernel panic :)
<cydizen> Aison: What  version did you upgrade from?
<Aison> 12.something
<Aison> quantal?
<Aison> I also tested it on a second machine with a brand new quantal 12.10 installation
<Aison> same problem there
<Aison> on the other hand, it worked on my notebook
<Aison> but there it was xubuntu
<markthomas> Aison: If you can't get grub to boot into single-user mode in any variant, it's time to grab optical media.
<cydizen> I agree with markthomas on that
<Aison> markthomas, what should I do? download ubuntu server and then there is a rescue mode?
<cydizen> thesheff17,  in my experience you might have something conflicting on the specified port.  Can you change it and try again?
<cydizen> else that port is being block by a segment of your network
<thesheff17> its weird I tried port 8001 instead of 8000...same problem...I can telnet to the port fine...I even tried tunneling through ssh and it throws the same error
<markthomas> Aison: Try grabbing the desktop version.  The live CD that it launches will give you a comfy working environment to mount the server filesystem.  Assuming you don't have any obscure controller drivers compiled into your kernel...
<markthomas> thesheff17: you can't even tunnel and connect to localhost?
<thesheff17> markthomas, let me try
<thesheff17> markthomas, it connected then through a giant stack trace
<thesheff17> I wonder if it is because I'm using the openjdk vs  the sun jdk
<markthomas> thesheff17: I don't know.  I'm not a Java dev.  However, if the app can receive connections from localhost but not externally, then that does sound like a network issue.  Just to confirm: you tried turning off ufw and flushing the iptables rules?
<cydizen> let's check a couple of things
<cydizen> in your running process, -Dcom.sun.management.jmxremote.port=?????
<cydizen> what port is specified there
<thesheff17> markthomas, yea I can even telnet from my local machine to it....and it throws that handshake error...JMX just doesn't like me.
<markthomas> thesheff17: we're rapidly reaching the limits of my Java expertise, if we're not already there.  cydizen?
<sarnold> markthomas: btw, it is possible for an application to bind a port to the localhost ip address and thus only accept connections from localhost
<thesheff17> oh sorry cydizen I didn't see that message
<thesheff17> I have port 8000
<sarnold> markthomas: no firewall necessary
<thesheff17> JAVA_OPTS="${JAVA_OPTS} -Xdebug -Xrunjdwp:transport=dt_socket,server=y,address=8000,suspend=n"
<thesheff17> could my app make the JMX stack trace like that...maybe I should try to remove my app and try to connect again
<markthomas> sarnold: does that JAVA_OPTS look right to you?
<thesheff17> its the stock from /etc/default/tomcat7
<sarnold> markthomas: sorry, that's also beyond my java :( hehe, I just know POSIX API...
<markthomas> address=8000?  Is that right?
<thesheff17> well that it what was in the /etc/default/tomcat7 file...it stack traced even without my app loaded
<markthomas> thesheff17: guessing wildly, it sounds like you've got java runtime issues.
<thesheff17> yea its weird...I'm going to try and start up a new lxc container and do some testing...thx all for the help
<cydizen> thesheff17, im sorry I was disconnected.  Did you verify you are connecting to that port?
<cydizen> (whatever is listed)
<cydizen> If so the next thing we want to verify is: -Dcom.sun.management.jmxremote.authenticate=false
<cydizen> (unless you set up auth specifically )
<thesheff17> so the port is set to 8000...I'm forwarding X to my local machine and running jconsole
<thesheff17> and then I got a giant stack trace
<thesheff17> I'm loading up an lxc-container and verifying I didn't break something with the installation of tomcat
<cydizen> in the stack trace are you getting an X11 error?
<thesheff17> no it looks like a java.util error
<cydizen> boy, you have a good one brewing today dont you? :)
<sarnold> oh you get a stackdump? can you pastebin it?
<thesheff17> yea this is def one of those crazy days :)
<thesheff17> yea one sec for the pastebin
<thesheff17> I'm trying it in this new container
<thesheff17> and see if it fails
<thesheff17> wow it happened with the stock tomcat and openjdk6 http://paste.ubuntu.com/5624364/
<sarnold> darn, nothing obvious to me. that 99% used makes me wonder but I haven't got a clue how to read it
<thesheff17> yea I installed openjdk-6-jdk tomcat7 and uncommented JAVA_OPTS="${JAVA_OPTS} -Xdebug -Xrunjdwp:transport=dt_socket,address=8000,serve
<thesheff17> r=y,suspend=n" and it blows up
<cydizen> what port is tomcat listening on? (server.xml)
<thesheff17> it defaults to 8080
<cydizen> just curious thesheff17,  since you have access to the server, does catalina.out contain the information you are looking for to begin with?
<thesheff17> cydizen, well we are doing some load testing and third party company is coming in and wanted JMX access and I thought I could get this working....I'm just a sys admin
<cydizen> other than that, the only other thing I can see is setting tomcat to run with debugging via options in catalina.sh
<cydizen> export JPDA_ADDRESS=8000
<cydizen> export JPDA_TRANSPORT=dt_socket
<cydizen> bin/catalina.sh jpda start
<Aison> markthomas, how can I use now the disk to read the logs?
<Aison> or the rescue the system
<markthomas> Aison:  Have you booted to the live CD?
<Aison> yes
<Aison> I can also mount the harddisk
<Aison> chroot
<Aison> etc...
<Aison> but no I idea what is broken
<Aison> so no idea where to start
<markthomas> Aison: okay.  So, now cd into /mnt/var/log/ or whatever mount point you're using, and let's have a look at the syslog log file.
<Aison> well, syslog is not touched since the upgrade to raring
<markthomas> Okay.  Look for anything that has been.
<Aison> so when I boot the kernel now, the drive is not mounted and no logs a written
<sarnold> Aison: you're not that interested in new logs, just old logs
<markthomas> Okay.  Give me one sec.
<sarnold> markthomas: heh, how'd you upset services so badly?
<markthomas> Sorry?
<sarnold> markthomas: disconnected by services and so forth
<markthomas> Had to reboot.  On my tablet until it comes back up.
<markthomas> Stupid nickserv.
<sarnold> aha :)
<skraito> hellow
<skraito> anyone here
<skraito> is ubuntu server free
<skraito> 0x71 would like to code ubuntu server hardening script
<skraito> will the apt-get upgrade will be free ?
<sarnold> skraito: yes, completely free.
<skraito> ah ic so apt-get upgrade will work without license right ?
<skraito> i am trying to play with it now
<sarnold> skraito: well, everything is -licensed-, but with an opensource license that gives you rights and responsibilities. The different components can have different licenses...
<skraito>  http://0x71.org/2013/05/01/0x71-0day-bash-keylogger-release/
#ubuntu-server 2013-05-02
<skraito> we release this keylogger to the wild hope it help system admin
<skraito> never use it for your desktop it crash the gui
<skraito> only for server
<skraito> thx sarnold
<skraito> btw sarnold couple of month back i saw in ubuntu website the license is 300 buck
<sarnold> skraito: probably the most useful thing for a hardening script would be /etc/adduser.conf setting DIR_MODE. Old-time Unix admins often wish the mode were 0750 or 0700.
<skraito> but i cant find it anymore
<skraito> anyway thank you just check back 0x71.org for couple of weeks i start coding it next two week
<skraito> see ya guys have a great day
<markthomas> Ah, okay.  So, Aison, now to your question:
<markthomas> sarnold: are the init-bottom scripts stored in /etc/initramfs-tools?
<sarnold> markthomas: I see a pile of /usr/share/initramfs-tools/   http://paste.ubuntu.com/5624452/
<sarnold> markthomas: (that's an apt-file search command)
<markthomas> sarnold: let me rephrase:  my system has nothing in there at present, so I wasn't sure if they're kept there or if those dirs are for temporary storage only.
<sarnold> markthomas: ah, good question, don't know that either :( my /etc/.../init-bottom/ is also empty
<markthomas> Aison: Can you check your filesystem for init-bottom directories in /etc, or apparently in /usr/share, and see if you have any scripts laying around?  That's on the system we're troubleshooting.
<sarnold> markthomas: I'd bet those are for local customizing, and the ones in /usr/share/... are also copied into the initramfs, just not expected to be modified for any reason
<Aison> markthomas, ok
<markthomas> sarnold: that's reasonable.  If Aison 's boot was hanging there, I was going to see if any packages had placed anything there that might be having trouble.  If we can find it and disable it, we can regenerate initramfs and boot, then fix the problem.
<sarnold> markthomas: sounds like a good plan
<markthomas> Only thing I have under /usr/share/initramfs-tools/scripts/init-bottom is related to udev.  And the splash screen (plymouth)
<sarnold> markthomas: mine has udev and plymouth. as i understand plymouth, there's no _need_ for it. udev feels less likely to fail and more important...
<markthomas> Yeah.  I'm not sure how we'll troubleshoot udev with no visibility into the failure.
<markthomas> Aison: I'm going to branch off in pursuit of an undomesticated water foul: are you comfortable doing a pastebin of your /etc/fstab?
<Aison> markthomas, the initbottom in etc is empty
<markthomas> And don't worry if the joke doesn't translate.  Neither does "wild goose chase".
<Aison> the one in usr have got plymouth and udev files
<markthomas> Aison:  okay.  fstab?
<Aison> markthomas, http://nopaste.info/667ecbce2c.html
<markthomas> Were those nfs mounts commented out before?
<Aison> markthomas, yes
<Aison> that's the first i tried
<Aison> somehow update-initramfs hangs
<markthomas> Waitâ¦update-initramfs hangs?
<Aison> yes
<Aison> just noticed that
<markthomas> Are you running that chroot, or in your live environment?
<Aison> I chroot
<markthomas> Okay.  And you tried -vvv or some such?
<Aison> just running with -vvv
<Aison> well, it hangs at Building cpio /boot/initrd.img-3.8.0-19-generic.new initramfs
<markthomas> Okay.
<markthomas> ...
<Aison> what do I have to mount also before changeroot?
<Aison> dev, proc, sys?
<sarnold> /boot if that is a separate device
<Aison> it's not
<markthomas> I would mount those after chroot.   /boot, too
<markthomas> That being said, I'm a bit stumped.
<Aison> well, update-initramfs: Generating /boot/initrd.img-3.8.0-19-generic
<Aison> is not working
<Aison> the file /boot/initrd.img-3.8.0-19-generic.new is created
<Aison> but it remains 0 in size
<markthomas> Aison: thinking...
<qman__> Aison, I didn't see what your parent command is, but if you chroot into an install and want to run update-grub, you have to enxure that you first mounted /proc, /sys, and /dev, and rm /etc/mtab
<qman__> ensure*
<sarnold> markthomas: a few ideas, full filesystem, can't read source files, incorrect calling of cpio _may_ expect input data via stdin?, ...
<markthomas> sarnold: I think the last one is negative.  As for the others...
<markthomas> sarnold: what's the easiest way to revert to an earlier kernel nowadays?
<sarnold> markthomas: yeah, it seemed a longshot. but I've waited a long time for a 'grep' command waiting on stdin before... :)
<markthomas> Once upon a time, all the old kernels hung around indefinitely.
<markthomas> Good point.  Aison, can you rule out the full filesystem?
<sarnold> markthomas: distro upgrade is an odd situation for that, of course. /lib/cache/apt/..something normally has old packages around that you can dpkg -i
<qman__> /var/cache/apt/archives
<sarnold> sigh
<sarnold> thanks qman__ :)
<qman__> but yeah, lots of things won't work in a chroot if you don't do those things I mentioned
<Aison> markthomas, what do you mean? the fs looks fine here
<markthomas> Aison: df -h shows <100%?
<Aison> 13% :)
<markthomas> Aison: while we're grasping at straws, can you unmount the filesystem and fsck it?  It's one thing that the system won't boot, but for it to fail when building the initramfs...
<Aison> already done
<markthomas> Like sarnold said, we have to look for why cpio might fail.
<markthomas> Aison: nice.  And darn.
<markthomas> thinking...
<Aison> I also reinstalled cpio
<sarnold> markthomas: I wonder what tools you've got to watch cpio try to work; fatrace might be nice if available, but I don't think it is on any disks.. vmstat 1 would show at least disk traffic.. strace shows everything, but might not be the easiest
<markthomas> sarnold: ugh
<markthomas> That's all.  Just...ugh
<sarnold> markthomas: yes. ugh. :)
<Aison> let me try strace
<Aison> argh, im tired
<Aison> trying it tomorrow :P
<sarnold> good luck Aison
<Aison> well, there is a solution somehow :P
<markthomas> Aison:  Good luck.  My nick is registered, so send me a msg if I'm not around and let me know what happens.
<Aison> sure
<phunyguy> Hello, I hope I have a simple question here.  I run an ubuntu router with a few different subnets on a small home network.  Is it possible to do things like forward all multicast traffic out all LAN ports? I had to split up my network for stability reasons, but I still enjoy things like autodiscovery services (bonjour, etc) which afaik work over multicast.  Is something like this possible?
<sarnold> phunyguy: the warning at the top isn't encouraging, but perhaps .. http://lartc.org/howto/lartc.multicast.html
<phunyguy> sarnold: I did read something else about pimd, but the forum post was 9 years old so I wasn't too optimistic about that one.
<phunyguy> another unrelated question, I keep seeing these in syslog: "kernel: [   87.187907] br0: received packet on eth1 with own address as source address"
<phunyguy> eth1 is a member of br0
<phunyguy> should I be worried?
<lifeless> only if you don't expect that to be happening
<qman__> it generally means something is set up wrong, but not necessarily
<phunyguy> qman__: yeah I get that, and everything seems to work, I just don't like the message.
<phunyguy> and I don't like it because I don't /really/ know what it means.
<qman__> it means that packets are coming in on eth1 "from" eth1's IP address
<qman__> which, depending on how things are wired, means that either you're reflecting your own outbound traffic back at yourself
<qman__> or that you have an IP conflict
<qman__> or that you're being spoofed
<phunyguy> I was guessing mac, not IP.
<phunyguy> and I found a common theme with google searching.... a wifi AP on that subnet.
<phunyguy> I have a Linksys E1200 on that subnet with dd-wrt on it, with routing disabled, in a pure AP setup
<qman__> generally if you have a MAC conflict the switch stops working correctly
<qman__> and one end or the other can't get on the network at all
<phunyguy> I am going to try something
<phunyguy> also, not sure how I would be spoofed on eth1.. only a few things on my LAN currently, and it's not coming from WAN side.  xD
<agu10^> hey. i want to upload files to my ubuntu server from windows
<agu10^> fast and easy. what do you suggest?
<dpb1> agu10^: sftp is the easiest for me.
<agu10^> do you access root in your server?
<agu10^> i would like to edit the filesystem and text config files from windows too
<agu10^> like it was a network drive
<dpb1> agu10^: I would usually enable root login for something like that.  But some security experts would frown on it, I'm sure.  all the more reason to use sftp. :)
<agu10^> root login?
<agu10^> how can i see the whole filesystem from windows?
<dpb1> agu10^: 1) download filezilla 2) login with sftp (uses same transport as ssh).  If you want remote FS access as the super user?  See https://help.ubuntu.com/community/RootSudo, enable root logins, enable root ssh access, and use filezilla with the root user same as before
<Cyrus> I think we would do more than frown at that. There's a special place in hell for people that do what you're suggesting.
<Cyrus> ;)
<dpb1> agu10^: there are a lot of methods to do this is a more managed/secure way, but that is the shortest path to get root access to your whole filesystem remotely.  Just know that it is a security vulnerabilty. (your root password)
<Cyrus> I say that with love in my heart.
<dpb1> <3
<agu10^> i see
<agu10^> thanks
<agu10^> do i have to set up anything server-side to access my sftp from filezilla?
<dpb1> agu10^: try it with your regular user.  It should just work.  sftp is just a "fancy" ssh connection.
<agu10^> oh cool
<agu10^> there is a problem. in filezilla i can't edit files without downloading and re-uploading
<agu10^> i want to easily open files as if they were on a network drive
<Cyrus> agu10^, what you're really asking for is 1.) Not a good idea.
<Cyrus> 2.) A lot harder than you seem experienced to handle. (No offense.)
<agu10^> why would it be hard?
<agu10^> of course it's probably slow
<agu10^> but it's only hard if there aren't good tools for it
<Cyrus> Because what you really want is a system-wide samba server setup.
<Cyrus> And there lie dragons.
<agu10^> i don't think i want any of that :P
<agu10^> just do this over ssh and it'll be fine
<agu10^> just i don't want to DOWNLOAD, edit and then UPLOAD
<Cyrus> Well, I know of solutions to psuedo-mount ssh as a local hard drive through fuse.
<agu10^> i want to drag & drop files, and double click to open, edit, then save
<Cyrus> sshfs and all that.
<Cyrus> But for Windows? I have no idea. I doubt something like that exists.
<agu10^> okay
<agu10^> i give up
<dpb1> yes, there are explorer extensions for that.
<agu10^> for ssh?
<agu10^> I cannot login using filezilla
<Cyrus> Are you trying to log in as root?
<agu10^> i thought i didn't have to setup anything server-side
<dpb1> agu10^: you would need to get that working first.
<agu10^> no. as my user which i use through ssh
<Cyrus> Ah, then it should work.
<agu10^> ... it doesn't :(
<Cyrus> User error. :P
<Cyrus> Are you sure filezilla is set to SFTP?
<Cyrus> (Not FTP with SSL)
<agu10^> i don't know. i just used quickconnect
<Cyrus> Well you need to check, these things matter.
<Cyrus> Filezilla is a multi-protocol client.
<dpb1> agu10^: FYI, once you have mastered that, here is a more explorer-ish way to do things: http://www.swish-sftp.org/  -- but get filezilla working first. It's a good tool to master.
<agu10^> Error:	Disconnected: No supported authentication methods available (server sent: publickey)
<agu10^> Error:	Could not connect to server
<agu10^> how can i login using only my password instead of a key?
<dpb1> agu10^: how do you normally connect to this server?
<agu10^> using a public key, with putty
<Cyrus> I see.
<agu10^> but i just want to use my password instead
<Cyrus> Then you have to change your authentication settings in your sshd on the server.
<Cyrus> Or
<Cyrus> Alternatively..
<Cyrus> Use WinSCP instead of Filezilla.
<Cyrus> WinSCP can interface with putty's public key thing. It's been so long since I used Windows, so I don't remember the specifics.
<agu10^> just how do i change auth on my server?
<agu10^> i don't like putty
<Cyrus> You have to start editing /etc/ssh/sshd_config
<agu10^> and i don't care about safety
 * Cyrus backs away slowly and disappears into the night.
<dpb1> agu10^: search that file for "Password"
<agu10^> how do i search in vim?
<dpb1> agu10^: /
<dpb1>  /Password<enter>
<agu10^> PasswordAuthentication no
<agu10^>  ?
<dpb1> yup, change to yes.  sudo service ssh restart
<agu10^> okay great
<agu10^> Command:	open "ubuntu@potentialstudio.com" 22
<agu10^> Command:	Pass: ***********
<agu10^> Error:	Authentication failed.
<agu10^> Error:	Critical error
<agu10^> Error:	Could not connect to server
<dpb1> agu10^: did you restart the ssh service?
<agu10^> yes
<dpb1> are you sure the user and password are correct? :)
<agu10^> hmm not sure
<agu10^> maybe there was no password actually
<agu10^> should i make a new user?
<dpb1> you can change the password when logged in as the ubuntu user
<agu10^> how
<dpb1> agu10^: sudo passwd ubuntu    <- that will change the password for the user ubuntu without prompting for the current one
<agu10^> i don't know the current password
<agu10^> i better create a new user i think
<dpb1> sure, go for it.  no harm either way
<dpb1> the new user will not have sudo access by default, but that is ok.
<agu10^> useradd: user 'admin' already exists
<agu10^> ubuntu@domU-12-31-39-10-4A-43:~$ users
<agu10^> ubuntu
<agu10^> i want to add the 'admin' user and give it root access. but idk why it exists and is not in the list of users
<dpb1> agu10^: you used sudo?
<agu10^> yes
<agu10^> users only lists 'ubuntu'
<agu10^> though useradd throws an error... wtf
<dpb1> agu10^: try a different name, just to test
<agu10^> useradd: cannot lock /etc/passwd; try again later.
<agu10^> okay, sudo did it
<agu10^> for the user 'pepe'
<agu10^> it's still not listed with the 'users' command :(
<dpb1> k.  even for him, you will need to change the password
<agu10^> what? the user is not even listed
<dpb1> agu10^: I *think* users just gives back logged in users (going off memory)
<agu10^> ok
<Cyrus>        users - print the user names of users currently logged in to the current host
<agu10^> how do i list all users?
<dpb1> agu10^: cat /etc/passwd is the first step.
<agu10^> that is long
<dpb1> good. :)
<dpb1> cat /etc/passwd |grep pepe
<agu10^> that's what she said
<agu10^> okay i deleted pepe. how do i add root access to admin and change its password?
<dpb1> agu10^: sudo passwd <user> will allow you to change passwords.
<agu10^> great. :D
<agu10^> should i give it root rights?
<dpb1> agu10^: just to test your sftp, you shouldn't need to.
<agu10^> wow it lists folders
<dpb1> yes, you should be able to view most everything as a regular user in ubuntu.  changing things is typically restricted to just your home folder though.
<agu10^> dpb1, cool. what if i want to access root files but with a password?
<dpb1> agu10^: that is where you look at that SudoRoot link I gave you.  Basically do a similar process, but with the root user.  Read that page, it's a good one.  Toward the end is where it talks about how to enable the root user, and why you don't want to do that normally.
<agu10^> okay, great.
<agu10^> there is no way to get admin to be that root user?
<dpb1> agu10^: yes, there are always options (which is why ubuntu is so great), let me give you a link.
<agu10^> no, it's fine
<agu10^> i rather login with the root user when i want to do that
<agu10^> and keep the rest just in the admin folder
<dpb1> agu10^: that is really the safest way to do things.
<agu10^> i have a problem
<agu10^> the uploaded files aren't accessible by apache :S
<agu10^> i mean, index.html is, but the folders (js/css, etc) are not.
<agu10^> so it looks like this: http://alvid.com.ar/
<agu10^> without styles or images :(
<dpb1> agu10^: do ls -l <directory>, and use paste.ubuntu.com to paste back the results.
<agu10^> http://paste.ubuntu.com/5624901/
<dpb1> agu10^: so, best practice for files in that directory.  whenever you upload you want
<sarnold> agu10^: yikes!
<sarnold> agu10^: your index.html can be written to by anyone on the server
<sarnold> agu10^: and your directories can only be read by 'admin' and by 'root'. apache runs as neither admin nor root. it cannot read your other files.
<dpb1> what sarnold said. :)
<agu10^> sarnold, great. how do i fix this? should i make index.html be admin's and apache able to read all?
<sarnold> agu10^: first, chmod 644 index.html.
<sarnold> don't let that live for any longer.
<agu10^> ok
<agu10^> should i do that with all folders in the website?
<agu10^> i had to make it publically accessible because
<agu10^> i modify index.html with a php script
<agu10^> sarnold, how do i make my website work and only be modified by admin and php scripts?
<sarnold> agu10^:
<sarnold> sigh, lost internet for a while
<sarnold> agu10^: are you -sure- you want your website to be modifyable by running php scripts? I've seen far too many people hacked and their website content modified to send viruses or worms to the website users..
<agu10^> i made a php script that will modify my website
<agu10^> so i can do it on a web panel interface
<agu10^> so... i guess :P
<agu10^> can i do it so only THAT php script can do it?
<agu10^> and only some files
<agu10^> hmm nevermind, i think i only have to let apache read my admin-created files
<agu10^> and i leave the others public for my php script to modify freely
<agu10^> sarnold, how do i let apache read my files?
<dpb1> agu10^: so, your directories need "sudo chmod go+rx <dir>" run on them for starters
<agu10^> what is that?
<sarnold> agu10^: you've definitely got an odd situation there :) but something like chown -R admin *  followed by chmod 755 on all the directories and chmod 644 on all the files
<agu10^> :S when i upload files they are owned by admin admin. how do i make those accessible by apache so they can be shown online?
<agu10^> i don't think i need anything else than that for now
<dpb1> give them the right permissions and it should stick when you upload replacements.  just try it.
<agu10^> i don't want to upload replacements
<agu10^> i may upload new files aswell
<agu10^> i need to let apache read ALL new files i upload from filezilla
<dpb1> there are three sets of permissions, user, group and other.  If you upload new files, you will need to make sure permissions are correct.  FYI, filezilla will let you set permissions. :)
<agu10^> ok, which permissions should i set though?
<agu10^> i'll set them on filezilla, but what exactly?
<agu10^> it says the folder is 777!
<agu10^> oh but the children were not
<dpb1> user = rw, group = r, other = r is a good default.
<dpb1> for a directory, the execute bit should be set, or the directory will not be browsable.
<dpb1> This is a good page, FYI: https://help.ubuntu.com/community/FilePermissions
<agu10^> dpb1, i just want apache to show the website
<agu10^> dpb1, is apache "other" ?
<sarnold> do not set your permissions to 666
<sarnold> or 777
<dpb1> agu10^: because your files are owned by admin and in the admin group, other is how apache will be reading them, yes.
<sarnold> (stupid off-by-one fingers :)
<agu10^> ok, should i set other = r and x on folders?
<agu10^> or just r on folders?
<sarnold> rx
<agu10^> 771 or 77x ?
<sarnold> directories are strange; 'r' lets you see contents, 'x' lets you 'traverse' the directory to see lower directories or open files
<agu10^> ok
<sarnold> 755 or 775, depending upon the situation, would be better, yes
<agu10^> what does x do on files?
<dpb1> agu10^: also, a more typical setup is to have the group 'www-data' on all your web files.  just fyi.
<agu10^> what's the difference between 775 and 77x ?
<sarnold> agu10^: the 'x' on files allows you to execute files
<agu10^> i see
<sarnold> agu10^: well, 77x doesn't actually exist :)
<agu10^> oh it says that on filezilla
<sarnold> o_O
<sarnold> rather than 771?
<agu10^> yes
 * sarnold kicks silly filezilla
<dpb1> hehe
<agu10^> 774, if i check execute it's 775. if i check again it gets a different symbol and says 77x
<sarnold> baffling :)
<dpb1> ya, that has to be a bug.
<agu10^> okay i set it to 775 then
<agu10^> This works great! Thanks :D
<agu10^> i'm now trying to set up a simple mail server. I need to get info@domains.com email addresses. for many different domains. What is easy to set up for this? I installed citadel but it doesn't seem to be easy to handle this.
<sarnold> agu10^: most people would use postfix or exim as first choices..
<agu10^> okay
<agu10^> how do i uninstall citadel though?
<agu10^> i hate when i install lots of packages that never work... :(*
<sarnold> agu10^: it'd be something along the lines of apt-get purge citadel*
<agu10^> sarnold, thanks
<sarnold> agu10^: check out the serverguide listed in the /topic, it has good details on setting up mail servers
<sarnold> bed time :)
<agu10^> byee
<agu10^> I would like to install postfix to make info@mydomains.com emails and access them on gmail through imap or pop/smtp. do you think it can be easy to set up many many many user@randomdomain.com email accounts?
<ke7vyv> What would cause my NIC to connect at a slower speed then what the specs say?
<ke7vyv> All other devices connect fine but one.
<vedic> Hey guys, need advice. I am running 8 core xeon server with 8 GB RAM. I want to create 3 VMs on this to host different services. What software is good for that? I am familiar with VirtualBox and it has been working good for me on my desktop. I know how to setup VirtualBox from command line on a remote server. I would like to know from you if VirtualBox is suitable for medium load servers running 24x7 ? WHat is the best when it comes to create VPS on a physic
<rbasak> libvirt+KVM works well for me.
<ke7vyv> Could my OS be keeping my system from connecting to my lan at 1Gbps? The specs say 1 Gb.
<Ben64> ke7vyv: probably not
<ke7vyv> Ben64: Any ideas?
<Ben64> check chipset to see if any problems exist?
<Ben64> also, cabling and other devices are important to get the 1gbit link
<ke7vyv> Ben64: I'm new to this stuff. How would I check the chipset?
<Ben64> lspci | grep -i ethernet
<ke7vyv> All other devices connect at 1gbit.
<ke7vyv> Ben64: I'll give that a try.
<ke7vyv> Thanks.
<ke7vyv> Oh any ideas on why it would be 100mbit and not 1gbit like it should?
<Ben64> well some chipsets don't play nicely with linux
<ke7vyv> Ben64: I tried ethtool eth0 would that be the same?
<ke7vyv> OK
<rbasak> What does ethtool say?
<ke7vyv> It says 100mbit
<ke7vyv> That's all I can remember.
<rbasak> It says a lot more than that, surely?
<rbasak> It should tell you what the driver supports.
<ke7vyv> I'm not near the machine to see what else
<rbasak> You might want to fix that first.
<ke7vyv> What being near it?
<ke7vyv> I thought of that but figured I would get some things to try for when I am.
<ke7vyv> Well I'll come back when I'm near it.
<ke7vyv> rbasak, Ben64: lspci | grep -i ethernet 00:04.0 Ethernet controller: Silicon Integrated Systems [SiS] 191 Gigabit Ethernet Adapter (rev 01)
<rbasak> ke7vyv: please pastebin the ethtool output.
<ke7vyv> Heres my ethtool results  http://pastebin.com/mMWZwMvv
<rbasak> Looks like either your driver doesn't support gigabit or your NIC doesn't support gigabit or something between the driver and the NIC isn't configured for gigabit.
<rbasak> The name of your NIC certainly suggests that it supports gigabit :)
<ke7vyv> Well the cable I hooked up to another machine and gigabit worked fine.
<rbasak> The problem is not the cable. It's between the driver and your NIC.
<rbasak> (or so ethtool seems to say)
<ke7vyv> So on the system itself
<ke7vyv> If I transplanted the hdd from another system could that be causing it?
<mndo> hi
<mndo> i just added a new volume on my card and although the new volume appears on the scsi bus a new block device is not created
<mndo> how can i solve this?
<ke7vyv> rbasak: Would this apply to me? https://answers.launchpad.net/ubuntu/+source/network-manager/+question/66455
<agu10^> hello. what do you suggest for setting up a simple email forwarding server to get custom email addresses?
<ke7vyv> I read online to change the MTU to 1492.
<ke7vyv> Is that just to connect to the net?
<ke7vyv> rbasak: I found this but my kernal version isn't listed.   http://www.howtoforge.com/creating-the-sis191-gigabit-ethernet-driver-on-linux-2.6
<Walther> I have a zvol on which a virtual server is installed in lvm. However I need to change the names of the lvm partitions / the lvm group - how should I approach this?
<Walther> booting the virtual with a ubuntu server cd is not really helpful as it doesn't provide a "live-cd" -like environment
<ke7vyv> I'm following steps on a site and it says to goto kernel.net and download my kernel version. My kernel is 3.5.0-23-generic and it's not listed. What do I do?
<mardraum> use a "site" specific for your distro and release
<RoyK> ke7vyv: why do you need the kernel source?
<RoyK> ke7vyv: if you really need them, apt-get install linux-source
<ke7vyv> The page I found that tells how to fix my nic said to download them.
<ke7vyv> RoyK: Here is the site  http://www.howtoforge.com/creating-the-sis191-gigabit-ethernet-driver-on-linux-2.6
<RoyK> ke7vyv: I see - use the apt-get I gave you. you shouldn use the ubuntu kernel, not those from kernel.org
<ke7vyv> RoyK: OK I'll try that.
<RoyK> or
<RoyK> you may want to try the linux-image-3.8.0-19-generic kernel
<ke7vyv> RoyK: I don't see that on kernel.org
<RoyK> it's an ubuntu package
<RoyK> apt-get install it
<ke7vyv> OK
<ke7vyv> It won't let me
<agu10^_> how do i run a command on startup?
<jair> I have been hearing a lot about juju but have one specific question, is it free software?
<jair> just checking making sure this is not something like eucalyptus used only if you pay to canonical?
<highvoltage> jair: juju is free software
<highvoltage> jair: other distributions are even packaging it
<jair> highvoltage: thank you sir, I really appreciate it, chating with another ubuntu guy at #juju
<jair> ;)
<jair> but glad to hear that
<jair> thank you so much!
<agu10^_> I need to disable iptables. Yet i keep getting "service iptables stop". I need to disable it forever, not just until next reboot. Any clues?
<qman__> a better question is why; by default it's an accept all policy with no rules
<rbasak> agu10^_: I don't think any iptables rules are present by default, so disabling it depends on how you enabled it.
<rbasak> Did you install ufw perhaps?
<qman__> ufw is also accept-all by default
<agu10^_> rbasak, why do i care about the default rules?
<agu10^_> some sofware installed new rules without my permission
<qman__> then you need to fix/remove that software
<rbasak> There are multiple ways to "install new rules", so how to do what you want depends on exactly what the software did.
<qman__> when you "stop" iptables, you flush the rules and set accept policies, you don't actually remove it from anything
<qman__> because netfilter is compiled into the kernel
<agu10^_> how do i delete all iptables rules?
<agu10^_> i just want the default setup
<ak5> I have mongodb in qemu but it is failing to allocate more diskspace - any ideas?
<Arrick> hey all, in ubuntu 12.04, running apache2, and php5, where all do I need to change the max post size and max file upload size so that moodle (I've changed it in there) that I can upload the courses? I've changed /etc/php5/apache2/php.ini to reflect what I need, and it showed up in moodle as an option, but then when I try to upload a file, it says it is too big still.
<zul> did you restart apache?
<Arrick> yeah
<zul> hallyn:  ping
<vibedigital> Hi. I'm using 12.04 and trying to connect remotely to virtualbox using phpvirtualbox. all stuff look ok. but in web browser phpvirtualbox dont load only the background. someone can help please?
<hallyn> zul: .
<zul> hallyn:  do you still have your 1.0.4 stuff lying around?
<hallyn> zul: uh, isn't it in a few ppas?  i think i also had it on p.p.c.  hold on
<zul> hallyn:  supposedly ;)
<hallyn> zul: https://launchpad.net/~serge-hallyn/+archive/virt/+files/libvirt_1.0.4-0ubuntu1%7Eppa1.dsc    hopefully that's the latest i had
<hallyn> did you see 1.0.5 was released today?
<zul> hallyn:  cool thanks
<zul> hallyn:  chuck@homer:~/work/server/libvirt/libvirt-1.0.5$  (i did see ;)
<hallyn> +1 :)
<Daviey> zul: hey, would you have time to try openstack on our xen packages soon?
<zul> Daviey:  i did some last cycle, it almost works out of the box with libvirt-xen I didnt try with xcp
<Daviey> zul: is it a pain to check for you?
<zul> Daviey:  no i can do it no problem
<zul> Daviey:  xcp is a bit more of a pain
<Daviey> zul: if you can do both, that would make me super happy.. and document what you did :)
<plars> hallyn: ping
<plars> or jamespage
<plars> is lp:ubuntu-test-cases/server the right branch to be using for server smoke tests?
<hallyn> plars: sounds right to me
<plars> hallyn: I need to move everything in lib to the scripts subdir, it's breaking jobs with the current layout
<plars> hallyn: let me move things around and I'll propose a merge, I pinged you because it looks like you've done a lot of the recent commits
<hallyn> <blink>
<hallyn> plars: I only did the lxc testscases, don't knwo about the wider layout.  I would like to think that if utah changed, its users would be notified, so hopefuly jamespage knows about this
<bcessa> hi there, newbie question: if I have purchased a SSL certificate for abc.com can I create and sign valid email certificates for user@abc.com with it? Or do I need to setup a full CA for that purposes?
<hallyn> plars: thanks, hopefully it just works with your fix
<plars> hallyn: I don't think it's that utah changed, maybe the scripts they use to generate the jobs changed at some point, but I'm not sure of the history... I'm not sure why anything under scripts would have been useful if it weren't already like this before
<plars> hallyn: it's a simple fix, just give me a moment
<sarnold> bcessa: x509 certs have a list of constraints that limits how the certificate can be used. normally you cannot use a webserver certificate for further signing.
<sarnold> bcessa: the openssl x509 tool can help you see which constraints are set on your certificate.
<bcessa> sarnold: thanks a ton man, looking at it ;)
<bcessa> here are the extensions details http://pastebin.com/Hp4jiaiL I suppose the: "X509v3 Basic Constraints: critical CA:FALSE" prevents this right?
<sarnold> bcessa: that's probably the one, but it's been a decade since I've done this myself..
<bcessa> ok, thanks :)
<Aison> hello :)
<zul> Daviey:  sure but xcp only runs on precise basically but I can have a look
<Aison> i'm still working on fixing my broken two testmachines. Both are broken after upgrade to raring from quantal
<Aison> so far I noticed that update-initramfs is somehow broken, it hangs forever
<jamespage> adam_g, promoting folsom a grizzly stuff to updates
<xnox> Walther: just use lv / vg rename, make sure you edit fstab and update-grub after wards....
<xnox> no need to boot into live cd or anything like that.
<zul> hallyn:  1.0.5 building now
<RoyK> Aison: tried stracing it?
<hallyn> zul: cool
<markthomas_> Aison: same problem as yesterday?
<Aison> RoyK, markthomas: yes, still not working :)
<RoyK> what does strace have to say?
<Aison> hmm, there are endless many output lines :P
<Aison> I have to record it
<RoyK> strace -f ...
<Aison> -f is just following the client processes I think?!?
<Aison> or child processes
<Aison> ah yes, follow forks
<Aison> ahh, -o is the right option to record into a file
<RoyK> Aison: any output yet?
<RoyK> update-initramfs normally doesn't take 20 minutes ;)
<Aison> no, I lost the contact to the machine....
<Aison> and i'm not at home right now
<Aison> but i'm just upgrading a 3rd machine, maybe that fails also :P
<Aison> well, the upgrade itself terminated without any errors in all cases
<RoyK> what was this - lucid to precise?
<sarnold> RoyK: [6~[6~[6~[6~[6~[6~[6~[6~[6~[6~[6~[6~[6~[6~quantal to raring
<sarnold> sigh
 * RoyK wonders who would be running something with 9 months support for a server
<sarnold> RoyK: someone who intends to upgrade in nine months :)
<Aison> in all cases it was a quantal
<RoyK> well, obviously, but I don't really see the point for stuff in production :P
<Aison> one was a server, one a client
<Aison> both test machines
<RoyK> for test it's fun
<Aison> and both no longer boot after upgrade to raring
 * RoyK has a few raring VMs around already, and a work PC
<RoyK> my PC at work upgraded without issues
<Aison> I also upgraded my personal netbook with xubuntu
<Aison> that worked fine
<Aison> and now I upgrade a personal client with kubuntu
<Aison> luckily I have got dayli backups of all machines on tape
<parallel21> Anyone using salt?
<Aison> so I can playback and repeat
<RoyK> parallel21: salt?
<parallel21> saltstack
<Pici> #salt exists
<parallel21> They do not answer
<parallel21> So I thought I'd try here too
<parallel21> While I wait
<sarnold> they may also be waiting for a more specific question
<parallel21> Why don't things werk!?
<sarnold> parallel21: you may wish to re-read this before tring again :)  http://www.catb.org/esr/faqs/smart-questions.html
<parallel21> merci
<zul> hallyn:  builds fine the stuff that you did for 1.0.4 is not needed ill upload it to my ppa in a couple of minutes
<RoyK> Aison: what about strace?
<Aison> RoyK, I lost contact to the machine :(
<Aison> I have to got there first
<RoyK> ah
<RoyK> right
<Aison> but I'm going to provide the results here
<zul> hallyn:  one question for your though should we disable vbox in 1.0.5 though?
<markthomas_> Aison: I seem to have lost connectivity awhile back.  How goes the work on that initrd problem?
<sarnold> markthomas_: funny enough he also lost connectivity to his machine..
<sarnold> markthomas_: last I heard he aimed the upgade at a third system and also wedged _that_ one.
<markthomas_> sarnold: so, there could be something being repeated in the configuration that's causing a problem.  Or maybe a larger issue.  Less likelyi a random failure.
<Aison> markthomas_, well, I tried with strace to find reason why it hangs
<sarnold> markthomas_: he's got a touch :)
<sarnold> Aison: are you upgrading with cd or do-release-upgrade?
<Aison> nothing more
<Aison> sarnold, do-release-upgrade
<zul> hallyn:  https://launchpad.net/~zulcss/+archive/libvirt-testing/+packages
<markthomas__> Apparently, I need to change IRC clients.  This one keeps dying.
 * RoyK uses irssi
<RoyK> weechat should work well too, and supports proxying to mobile devices etc
<RoyK> irssi is a bit old-school (but so am I :P)
<dpb1>  /go 3
<sarnold> I use irssi only because the inertia required to switch to weechat is astonishing..
<markthomas__> xchat has always worked well...until today.
<sarnold> heh :/
<RoyK> xchat doesn't work too well over remote ssh :P
<markthomas__> I suppose not.
<plars> hallyn: ok, got it to all succeed in this branch, can you take a look and merge? I don't have access to push to your branch: https://code.launchpad.net/~pwlars/ubuntu-test-cases/server-fixlib/+merge/162222
<ke7vyv> OK on http://www.howtoforge.com/creating-the-sis191-gigabit-ethernet-driver-on-linux-2.6 it says I need to create thee driver for my sis191 nic. Can someone help me I'm lost.
<ke7vyv> It says to go to kernel.org and download my kernel version but mine isn't listed.
<RoyK> kermit: so 3.8 from ubuntu didn't work?
<RoyK> erm
<RoyK> kermit: not for you
<RoyK> ke7vyv: see above
<RoyK> ke7vyv: the versioning ubuntu and other distros uses isn't the same as with kernel.org. just download the latest kernel - should be 3.9
<ke7vyv> RoyK: I'm lost on how to do it.
<RoyK> ke7vyv: I guess you tried 3.8 from ubuntu?
<ke7vyv> RoyK: I did what you said to but it wouldn't install
<RoyK> any output?
<RoyK> pastebinit
<RoyK> !pastebinit
<ubottu> pastebinit is the command-line equivalent of !pastebin - Command output, or other text can be redirected to pastebinit, which then reports an URL containing the output - To use pastebinit, install the Â« pastebinit Â» package from a package manager - Simple usage: command | pastebinit -b http://paste.ubuntu.com
<ke7vyv> ok
<RoyK> ke7vyv: apt-get install linux-image-3.8.0-19-generic should do the job
<ke7vyv> nope
<ke7vyv> RoyK: http://pastebin.ubuntu.com/5626980/
<RoyK> apt-get update
<RoyK> erm
<RoyK> wait
<RoyK> this was precise_
<RoyK> ?
<ke7vyv> 12.04
<RoyK> linux-image-3.8.0-19-generic - Linux kernel image for version 3.8.0 on 64 bit x86 SMP
<RoyK> this should work for precise
<RoyK> (aka 12.04)
<RoyK> it's in the repos
<ke7vyv> I don't know.
<ke7vyv> I'm lost
<RoyK> well, run apt-get update first
<RoyK> then apt-get install linux-image-3.8.0-19-generic
<smoser> hallyn, ping
<ke7vyv> I tried that earlier but it works now
<RoyK> ke7vyv: good - try that kernel before trying to make your own
<RoyK> new chipsets sometimes require changes to the drives as well as pci IDs
<ke7vyv> RoyK: It's done now what do I do?
<RoyK> reboot
<ke7vyv> K
<smoser> is there some trick i need to do to  make kvm perform reasonably with ubuntu iso ?
<hallyn> smoser: what's up?
<smoser> i'm running raring and trying to boot a raring amd64 iso. and, wow. painful.
<ke7vyv> RoyK: It's back and it didn't fix it.
<hallyn> smoser: hm.  i had trouble with quantal on precise when i didn't use tap netif
<hallyn> but other than that, kvm has been speedy for me
<RoyK> ke7vyv: perhaps something from backports?
<hallyn> smoser: are you using /usr/bin/kvm, or adding -enable-kvm?
<smoser> i can't see the mouse move around inside the window.
<hallyn> sdl?
<smoser> i was using kvm.
<RoyK> ke7vyv: always easier with packets than hand-craftet stuff
<smoser> i suppose sdlk.
<smoser> kvm -usb -usbdevice tablet -net nic,model=virtio -net user -soundhw es1370 -drive if=virtio,file=disk.img -m 1024 -cdrom ubuntu-13.04-desktop-amd64.iso
<smoser> but i can drop just about all those arguments of modify them.
<hallyn> smoser: try adding cache=none?
<ke7vyv> RoyK: Is my kernel supposed to have changed.
<smoser> hallyn, i'm not writing anything
<hallyn> zul: i think we should drop vbox until 1.0.6, yes
<RoyK> paste uname -a output
<smoser> i think its graphics driver
<hallyn> smoser: hm.  if you use vnc is it faster?  can you try -monitor stdio and info graphics?
<RoyK> ke7vyv: that is, pastebin output from "uname -a" :Ã¾
<RoyK> or just paste it - it's only one line after all
<ke7vyv> RoyK: Linux ubuntu 3.8.0-19-generic #30~precise1-Ubuntu SMP Wed May 1 22:26:36 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux
<RoyK> you're running 3.8, yes
<hallyn> plars: looking
<smoser> hallyn, its not 'info graphics'
<ke7vyv> Webmin doesn't show the change.
<RoyK> ke7vyv: since that doesn't work, download the latest 3.8 or 3.9 from kernel.org and patch the driver, copy /boot/config-whateverthenameofthekernel to .config in the kernel source root and run make menuconfig (or oldconfig, but that's a bit disturbing if you don't know kernel)
<ke7vyv> RoyK: reopened webmin and it changed.
<RoyK> !webmin | ke7vyv
<ubottu> ke7vyv: webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system.
<zul> hallyn:  ack
<RoyK> ke7vyv: learn the commandline - it doesn't take too long and it gives you a deep insight into what really happens
<ke7vyv> RoyK: I'm trying to. lol
<ke7vyv> RoyK: How do I patch the driver?
<RoyK> it's in that page you posted yesterday
<hallyn> smoser: huh, thereno option for that.  drat.
<RoyK> edit a header file etc
<RoyK> ke7vyv: does ifconfig -a see the interface now?
<hallyn> anyway i'd say try -vga vmware, or -vga qxl with spice
<smoser> hallyn, /var/log/X tells me its cirrus_driv
<hallyn> drat, the kernel is supposed to not keep that from happening or something - plars was having bugs with cirrus (other than slowness)
<smoser> i have drawing issues too
<hallyn> maybe we need a patch to make vmware the default
<ke7vyv> Royk: Yes but the connection speed is wrong.
<RoyK> ke7vyv: what does dmesg say about the interface?
<RoyK> a bit strange if the interface is visible and the connection speed is wrong
<RoyK> if it's visible, it's not because of the lack of a pci id
<RoyK> rather a new driver needed
<ke7vyv> RoyK: http://pastebin.ubuntu.com/5627059/
<markthomas> Aison: when you can, should file a bug against initramfs-tools on launchpad.  If this problem has ocured >1 time, it needs looked at
<RoyK> ke7vyv: [   21.192009] sis190 0000:00:04.0 eth1: link on 1000 Mbps Full Duplex mode
<ke7vyv> RoyK: ethtool results  http://pastebin.ubuntu.com/5627066/
<RoyK> ke7vyv: eth0 doesn's seem to be connected
<RoyK> ke7vyv: wierd - is this for eth1?
<ke7vyv> RoyK: Yes
<hallyn> plars: pushed
<RoyK> it really should be consistent with what dmesg tells, which is 1Gbps
<RoyK> what does actual test runs across the cable tell you?
<ke7vyv> 100Mbps
<RoyK> well, post a bug
<ke7vyv> Don't know how.  lol
<RoyK> !ubuntu-bug
<ke7vyv> I'm just making the switch to ubuntu.
<RoyK> well, just run ubuntu-bug
<ke7vyv> OK
<RoyK> what sort of switch are you using?
<ke7vyv> what do you mean?
<RoyK> I guess your machine is connected to a switch?
<ke7vyv> Yes a 1Gbps 8 port.
<RoyK> ok, probably non-managed
<ke7vyv> No
<RoyK> but looks like autonegotiate showed 1Gbps
<RoyK> ok - can you force gigabit on the switch?
<RoyK> if so, do the same on the linux box
<ke7vyv> I have 4 other systems that work fine.
<RoyK> what sort of nic is this?
<ke7vyv> Not sure its on a HP mediaserver so I can't change it.
<RoyK> lshw
<ke7vyv> RoyK: http://pastebin.ubuntu.com/5627112/
<plars> hallyn: thanks!
<hallyn> smoser: for unity3d, i've had best behavior under spice.  Still not ideal, but worked best
<hallyn> jdstrand: mdeslaur: waht kvm graphics combo do you use when you boot desktop cd ?
<hallyn> smoser: separately, it's possible that 1.4.1 improves things.  was going to push that to saucy soon.  I had a raring version somewhere, but doesn't seemt obe in my virt ppa
<sarnold> hallyn: mdeslaur has some config stuff in uvt to turn off the worst of the graphics offenders, see around line 2180 in uvt..
<hallyn> sarnold: oh, very cool
<sarnold> I wouldn't say it's -quick-, but it's better
<hallyn> smoser: I'm trying out desktop here, kvm -vga qxl -spice port=5930,disable-ticketing -m 1024;  needs more memory, but it's doing ok
<hallyn> the mouse isn't staggering, really only the dash is painful to use
<hallyn> (this is on my 3 year old vaio)
<Aison> I wounder why I have got so many :i386 packets installed after upgrade to raring
<aMoniker> So, part of my application uses a JSON API to talk to a wordpress instance on the same box over HTTP
<aMoniker> Are there any big downsides to this?
<aMoniker> It's unlikely to be used by more than a thousand or so users at once
<aMoniker> and even then, probably not that many
<fhf> hello I was wondering if I can install MAAS node manualy ie. I have fresh Ubuntu Server 12.04 install and want to connect it to MAAS Clouster.
<sarnold> fhf: I think you've gone one step too far by installing something on it :) half the point is that the machine is off and unconfigured until you add it to the cloud...
<fhf> sarnold: So it's impossible? I wanted to try it if I can create Ubuntu MAAS cluster on VPSes and manage it with juju it will save me "some" time
<ke7vyv> RoyK: So I'm trying to edit the driver for my nic using the 3.9 kernel but I'm not sure where the info is I'm supposed to change is.
<sarnold> aw nuts... if fhf returns, someone please aim him at http://jujucharms.com/~virtual-maasers/precise/virtual-maas
<sarnold> fhf: check out http://jujucharms.com/~virtual-maasers/precise/virtual-maas
<fhf> k, ty
<smoser> hallyn, -vga qxl is significantly better than anything else i tried.thanks
<tedski> I'm attempting to follow https://help.ubuntu.com/12.04/serverguide/kerberos-ldap.html on a fresh 12.04 build.  Of course, since krb5_newrealm is never ran and the backend is ldap, /etc/krb5kdc/principal is never created.
<tedski> however, when i try to run kadmin.local, it fails with No such file or directory
<tedski> when i strace that, i see it's trying to open /etc/krb5kdc/principal
<tedski> ldap shows the proper entries after creating the realm there and running stashsrvpw
<tedski> http://paste.ubuntu.com/5627614/
<tedski> my krb5.conf points to the ldap backend
<tedski> oops
<tedski> db_library is missing :/
<tedski> ugh
<tedski> i hate careless mistakes that only show their face once you pastebin them :)
<sarnold> :D
#ubuntu-server 2013-05-03
<arrrghhh> hey all.  can I route packets based on the service used?  I have OpenVPN being used, but certain services like apache and ssh I would prefer to not tunnel so I can still access those from the WAN
<agu10^_> How can I disable all iptables rules? If i run iptables -F, when i reboot, the rules are working again! I just want to remove them forever! Or go back to initial iptables configuration.
<Chris_W_> is there a command to see progress when copying/moving a file?
<qman__> agu10^_, you need to find what script or software is setting them and disable it
<agu10^_> qman__, how do i do that?
<qman__> any software which is doing this is something that must have been installed or configured beyond the default
<qman__> so get a list of everything you've done and determine which one is setting firewall rules
<qman__> you may also be able to guess based on what the rules are
<agu10^_> there is no way to find out exactly which one is doing this?
<agu10^_> i know it was iredmail, but it installed many components
<qman__> there is no deterministic way to determine it in reverse like that
<agu10^_> something about a mail spam filter
<agu10^_> i'd have to monitor which software is writing to my iptables config files
<qman__> rules can be set with scripts, binary programs, or even libraries
<agu10^_> yes. can i change the permissions for the config files so that
<agu10^_> no malware can modify the files?
<agu10^_> i just want to BLOCK the rules so that nobody modifies them
<qman__> that is neither the correct way to address the problem nor is it possible in any reasonable fashion
<qman__> the only way to do such a thing would be to recompile your kernel without netfilter support
<agu10^_> wow that sucks
<agu10^_> i think iptables is working properly now
<agu10^_> how do i know if my script at /etc/rc.local was run or not? how do i see its output?
<qman__> please don't crosspost
<agu10^_> oh sorry
<qman__> rc.local is executed at the end of the boot sequence and unless otherwise directed prints to the console
<qman__> typically tty1
<qman__> if rc.local does not exit 0, you won't get a login prompt
<agu10^_> qman__, it exists 0
<agu10^_> i think the problem i have is in rc.local i do: cd mypath; ./mycommand
<agu10^_> and that is not working. am i not supposed to cd?
<qman__> well, first of all, you should use an init script instead
<qman__> but provided that you still want to use rc.local, you can't do it that way
<agu10^_> i was suggested to use rc.local
<qman__> it should only call the script and any arguments
<agu10^_> is an init script better? and how do i do this
<qman__> the script itself should cd to where it needs to be
<agu10^_> oh okay
<qman__> note also that even though rc.local is called at the end of the boot sequence, it may execute before all services start
<qman__> because the way upstart is designed, it fires off many things at once
<agu10^_> ohh okay
<agu10^_> then what should i do? my script starts a node.js web server.
<qman__> you should make an upstart script which depends on the network and other things you need
<qman__> if you've got a decent understanding of shell programming, have a look here: http://upstart.ubuntu.com/getting-started.html
<qman__> otherwise you may want to search for something to fit your purpose
<agu10^_> there is no upstart found
<qman__> you can also refer to existing upstart scripts as examples
<agu10^_> no upstart command
<qman__> no, there is not
<agu10^_> then what is the standard way to make scripts run such as apache service?
<qman__> upstart scripts are stored in /etc/init, and are called by using 'start [servicename]', 'stop [servicename]', etc
<agu10^_> where does apache make it start itself?
<agu10^_> "Once you've downloaded and unpacked upstart, you will need to configure the source tree, build and install it. The main question here is deciding whether or not you want to take the plunge and replace sysvinit immediately, or whether you want to test first." Seriously? I just want to start a server script.
<qman__> again, please don't crosspost
<qman__> you don't need to install upstart, it's the default init daemon in ubuntu and is already present
<qman__> you need only to create an upstart init script for your application
<qman__> which is probably going to be 10 lines, tops
<agu10^_> qman__, ohh okay, thanks
<qman__> you will want to skip down to the part about "writing jobs"
<qman__> and refer to existing scripts in /etc/init as examples
<agu10^_> qman__, thanks, it works i think
<jestillore> hi everyone .. can anyone of you help me setting up pxe server in ubuntu lucid lynx ?
<jestillore> hi everyone .. can anyone of you help me setting up pxe server in ubuntu lucid lynx ?
<arrrghhh> hey all.  can I route packets based on the service used?  I have OpenVPN being used, but certain services like apache and ssh I would prefer to not tunnel so I can still access those from the WAN
<dassouki> what's going on here http://pastie.org/7756113
<qman__> you broke your sources
<dassouki> this all happened as i was tryin to do a distroupgrade
<qman__> did you use do-release-upgrade?
<dassouki> nope
<qman__> there's the problem
<qman__> the correct and supported way to upgrade ubuntu releases is the do-release-upgrade tool
<qman__> if you're lucky it hasn't done much of anything and you can still fix your sources
<agu10^_> anybody familiar with amazon ec2?
<agu10^_> Hello. I am running bind and it was working fine, but now I cannot dig my own domains even from the same computer. it times out. what could be wrong?
<LargePrime> I have a few virtual web sites I am hosting for friends.  does anyone have good ideas on how to give them FTP-ish access to their sites and still keep my server safe?
<LargePrime> The problem I am having is Root is the owner, group is www-data, and I dont have any more permisions too assign
<LargePrime> I am looking at acls
<LargePrime> i am not sure how editing sudo will work out
<kevireilly> LargePrime: you can create actual users and then adjust your http entries to point to the document root of for instance /home/username/public_html
<kevireilly> i want to say the parameter on adduser was -h to create a home directory, but i cant recall
<LargePrime> ok.  sorry i forgot to say, how does that help me?
<LargePrime> i forgot to say i am a total noob
<kevireilly> because then you can have ftp users that only have access to their subset of files for their site(s)
<LargePrime> and i think my fingers hate me
<LargePrime> oh, so root wont have to own?
<LargePrime> how is that different from makeing a folder in /var/www that they own?
<kevireilly> I dont believe so. You can add a user and chown user.user files and test it before getting to deep in making that sort of change
<kevireilly> im not sure you can make for instance their default login directory be /var/www/user but you probably can
<kevireilly> it is just common to create a user with a home directory and give them a document root in there
<LargePrime> IF i can is that not functional equilivant?
<kevireilly> sure, that is just commonly the folder for the default site of the server in its entirety where a user's home directory is stuff particular to a user, which matches your goal it seems
<kevireilly> another reason is you want to be able to allow users to have non-public files sometimes such as .htpasswd or other various uploads that shouldn't be available
<kevireilly> in the /var/www/user scheme that wouldn't be possible
<kevireilly> *other various files that shouldn't be available
<LargePrime> Kevin that might work well
<LargePrime> is there a guide or something?
<LargePrime> or a search tearm
<kevireilly> one of the methods is the adduser command
<kevireilly> there was another one but i cant recall it
<kevireilly> oh, useradd haha ;)
<kevireilly> LargePrime: this one is decent enough http://www.howtogeek.com/howto/ubuntu/add-a-user-on-ubuntu-server/
<kevireilly> oh.. adduser and useradd.. thats not confusing at all
<LargePrime> I already added users
<kevireilly> with a home directory?
<kevireilly> ls /home
<LargePrime> and i game them ownership of /var/www/userdomain
<LargePrime> but this is giving them headaches
<LargePrime> then i make them owners of the dirs
<LargePrime> also headaches
<LargePrime> I finaly had to do 777 to make the headaches go away
<kevireilly> that is not a good idea
<LargePrime> i think i know it is not a good idea.  so i come here to say " this not good , right?"
<LargePrime> but if i can move them to /home
<LargePrime> and chroot or chjail them
<LargePrime> if that is what that is called
<kevireilly> ftp is relatively safe outside of what can potentially be uploaded with it, ssh is where it can get sticky
<kevireilly> do you have home directories for each user?
<LargePrime> so i should just make FTP users
<LargePrime> nope
<LargePrime> currently I am using ssh keya
<kevireilly> ah i see, and then you have them use sftp?
<LargePrime> ya
<LargePrime> mostly winscp
<kevireilly> they essentially have ssh access though
<LargePrime> yes
 * LargePrime is nervouse
<LargePrime> so i was reading about jailing them
<LargePrime> to the hom dir
<kevireilly> create a test user maybe real quick, like you created the others without a home directory
<LargePrime> but i did not know if sites available will reroute to hom dirs
<kevireilly> and then try -- usermod -d /home/username username
<kevireilly> yeah im pretty sure it will
<ScottK> Don't use ftp.  Use sftp or scp instead.  http://mywiki.wooledge.org/FtpMustDie
<kevireilly> ScottK: can use sftp and not allow ssh access at the same time?
<ScottK> Yes.
<LargePrime> ya you can
<kevireilly> sahweet
<LargePrime> there is a settng in .... something
<LargePrime> so may plan was to distribute private keys
<LargePrime> but sftp is screwing with me
<LargePrime> when it comes to people being able to do stuff on thier servers
<LargePrime> which is prolly me trying to keep root as owner
<Joel_re> hey, I'm unable to figure this out
<Joel_re> postgresql-9.1 installs and sets up the db with the SQL_ASCII encoding
<Joel_re> does anyone know what can fix this
<sazawal> I have a python script which authenticates me and connects to the internet. When I press Ctrl-C it logs me off successfully. I want to end this script (log off) automatically when I shut down/reboot my computer. How can I do it?
<rbasak> sazawal: you could add a script to /etc/rc0.d called S01killsazawalsscript which finds and sends your Python script a SIGINT if I understand your question correctly.
<rbasak> (pressing Ctrl-C is the equivalent of sending SIGINT to the process)
<rbasak> See kill, signal(7), pkill, killall
<sazawal> rbasak, yes that is what I need to do. Sending an interrupt signal to the python script would do it. Let me see the file /etc/rc0.d for a minute
<rbasak> sazawal: note that if you're running the script in a terminal window in a graphical login session, then the session might kill the terminal window which may kill the Python script with a TERM first, so I'm not sure it'll work in all cases.
<sazawal> rbasak, yes I am running it in terminal window. Let me check if it works
<sazawal> rbasak, great its working. I used kill -SIGINT <PID>
<sazawal> now I must write a script in /etc/rc0.d. So all the scripts in this directory are executed when system is shutdown/rebooted?
<rbasak> All the Sxx scripts, in order.
<rbasak> But that might happen after your terminal window is killed by your graphical session exiting. You might be able to avoid that by running your terminal window in a screen.
<rbasak> Speaking of which, if you're using a terminal window and this is a graphical system, then it's not really an #ubuntu-server problem.
<sazawal> rbasak, Well my terminal window was not killed when I did kill -SIGINT <PID>. I am using Guake terminal by the way.
<agu10^^> How do I make my second IP address in linux respond to ping?
<Joel_re> ?
<Joel_re> ping it?
<agu10^^> Joel_re, it doesn't answer
<Joel_re> traceroute?
<Joel_re> if its in the same broadcast domain arping
<agu10^^> how do i set up eth1 after i already have eth0 ?
<jamespage> agu10^^, you need to add an entry into /etc/network/interfaces
<agu10^^> jamespage, should i add: auto eth1, iface eth1 inet dhcp ?
<agu10^^> i already have that for eth0
<jamespage> agu10^^, if you have dhcp running on the network; then yes that should work
<jamespage> agu10^^, this is helpful - https://help.ubuntu.com/12.04/serverguide/network-configuration.html#ip-addressing
<sazawal> rbasak, The killscript is working but when I shut down the system, it doesn't. I think the guake terminal is killed before the python script. What to do now?
<Fudge> hi does anyone know how to get a root prompt up live on an ubuntu server image please?
<riz0n> I have Ubuntu Server with bind DNS. From my understanding, any time the "db" files for a zone are updated, bind9 has to be restarted. Is this completely neccessary? Is there an easier way to have bind9 automatically reload database files?
<rbasak> sazawal: try #ubuntu. Not sure how much help you're going to get here as this is a server channel.
<rbasak> riz0n: bind doesn't need to be restarted; it just has to be told to reload.
<sazawal> rbasak, ok I will ask the question in #ubuntu channel. Thank you.
<riz0n> rbasak: so let's say I have "john" on my host who has a domain.. john has created domain.com.db in his home directory and likewise I have included it in the bind configuration files. I do not want john to have sudo access to my host... what would be the appropriate way for john to tell bind to reload
<rbasak> riz0n: you could give john access to run sudo to reload bind ONLY. But I don't think it's safe to give users access to write their own zone files at will.
<riz0n> I trust him with his zone, in fact I created the zone file from a template and got it working for him. but his IP may change and he needs to be able to update it in the zone file accordingly so that he doesn't call me to do it.
<riz0n> so what would i need to do to set up john to be able to reload bind in sudo only
<rbasak> I don't recall. See the sudoers manpage - I think it has some examples at the bottom
<riz0n> Thanks, as some point maybe john can learn enough linux where I can trust him with full sudo access to my host (as I've known john for many years) but for now he just needs to be able to reload bind.. I'll check it out! Thanks for the info.
<rbasak> riz0n: security concerns are things like, for example, what if john includes "$INCLUDE /etc/shadow" in his zone file? Then he might be able to read out your root password over DNS, for example. Unlikely because I assume bind doesn't run as root and /etc/shadow won't be valid zone file syntax, but hopefully you can see the kind of area where security holes might exist. It isn't realistically possible to consider every single combination, so the only r
<riz0n> john knows I would be at his house with a baseball bat to give him a severe beating since he lives across town
<riz0n> What would be a better way of john being able to manage his dns records on my server?
<rbasak> riz0n: ah - but if you trust john, then you're OK. Just understand what you're potentially giving him access to. Also, consider that if his access is compromised in some way, then others could use the exploit as a crack to open wider. I've seen that kind of thing happen before - an innocent person had more access that he needed, and that was exploited.
<riz0n> Absolutely. john has password which meets complexity requirements.
<riz0n> john just has no dns for his domain, and likewise i am assisting him with setting it up. I am hoping its a relationship where riz0n can get some "backup dns" off john's server for the favor :)
<rbasak> riz0n: if it's just one IP address, then have John store that in a file in some common place that the bind user can read. Then write a script that checks that opens the file, checks that the opened file is one that john owns and is a regular file, and parse out the IP, permitting only the exact form of an IP, and writes out his zone file from a template with that IP replaced, and then reloads bind. Then give john access to sudo run that script as the
<rbasak> That's a reasonably secure way to do it. But of course security depends on writing that script securely.
<rbasak> (and that in itself is a risk; of course running a server is a risk. It's wherever you consider the appropriate trade-off to be)
<riz0n> yeah, and taking the time to write the actual script too..
<riz0n> I have no doubts that john would really do anything to compromise the host, being that it really doesn't host anything of any value (it is really more for educational use anyways)
<riz0n> but i do understand the security concerns.. i have fingered users i created and discovered they were SSH'ing in ... come to find out they have passwords like "test123" or something simple. The compromised accounts were dealt with accordingly, mostly by deletion. So all passwords must now meet complexity requirements to exist on this host from now on :)
<rbasak> If possible, I'd go further and require key only authentication
<rbasak> I understand that's not always possible. But even Windows clients can use keys.
<riz0n> Well I use PuTTY
<riz0n> And WinSCP.. that's the only ways I manage the server
<rbasak> PuTTY does support it. There's Pageant (?) that it integrates with.
<riz0n> I may have to check into that. It is something I have thought of.. and store said key in a safe place.
<riz0n> Push comes to shove I always have the console I can login to. :)
<rbasak> Keys are randomly generated, so they can't really be guessed (if they're big enough). Only compromised. That's still a big step.
<rbasak> I'm looking forward to *proper* 2-factor auth. Upstream openssh have it in their repo. Not sure if they've released it yet.
<riz0n> This Linux server has really been a great learning tool. Especially learning how to maintain apache, write php, and manage a mysql database.. it has been online since 8.04 in 2008 :)
 * rbasak should retire his 8.04 server at some point :-/
<riz0n> I have kept it up to date :)
<riz0n> I am running latest LTS
<riz0n> but yes it really needs retiring
<riz0n> I've replaced the actual "server" a couple of times with upgraded hardware but kept the same disk... same disk running 24/7 for 5 years... yep time for a replacement
<riz0n> i'm thinking... AMD 8-core/8-GB w/ 3 500GB SATA RAID5... I get Microsoft R2 through Software Alliance. I really want to dive into virtualizing this Linux server for long-term use
<riz0n> Let me clarify.. Windows 2008 Datacenter R2
<riz0n> Guess you can say that's one benefit of going to college. :)
<mardraum> hyper v is free, man
<riz0n> Yeah I know hyperv is free, but there are other plans in place for the R2... want to be able to run both virtually, along with Windows 7 in a virtual machine as a "cloud computer" ... all under one roof
<riz0n> We use it in class, and the more I can do / accomplish at home from a "lab component" side of things.. the less I have to travel to campus to use their crap computers :)
<riz0n> plus 'john' and i are discussing setting up exact configurations, with a VPN tunnel connecting servers together, to allow our web servers to have immediate replication... to test disaster recovery scenarios
<riz0n> but it will be a while before we can do the tunnels and stuff... we are waiting for the telco/cable provider to finish their upgrades so we can get Fiber
<riz0n> we also have 'jack' in denver... who will also upgrade to the necessary telco line when appropriate, who will also be in on this project.. the plan is to have a data contingency/disaster recovery plan in place where all the servers are replicating all data (so if john updates a file on his web site in his home folder, it automatically goes everywhere) or if jack gets email.. all servers
<riz0n> have a copy.. The plan is to be able to simulate an earthquake scenario (or some other major disaster) which would render Server A inoperable, but all other servers are online and can pick up the load. Conceptually it sounds good on paper and we can sit and read about it in class all day long... but unless we can implement it and have it working, concepts are useless.
<riz0n> The plan is to have servers purchased at end of September, operational mid-october, ready to demonstrate by end of semester at the end of November. But till then, john and jack have a lot of linux learning to do before they play russian roulette with riz0n's server :P
<riz0n> We will be simulating a corporation in production environment, where there will be an Intranet site, on both Windows 2008 and Ubuntu respectively, both interfacing with MS-SQL and MySQL. We also will learn about Exchange, and mail sevices in Linux (which I am already familiar with).. Need to be able to do Remote Desktop Services and allow the "production computers" to run software from
<riz0n> the R2 server, mainly Outlook. I think we can get most the software we need to do this project through the Software Alliance and open-source. But we also will be using the resources to serve our personal needs, like hosting personal web pages and each of us having a virtualized Windows 7 desktop environment we can work from. Right now we are just waiting on the financial grants to go in
<riz0n> the bank. We're all excited about this project. At least I know I am! I just wish I had the funding to get a head start on having my end of things ready.
<Daviey> jamespage: Hey, I think we want to keep blueprint assignees as ~ubuntu-server, but set the Drafter as the person on point for the blueprint.. no?
<jamespage> Daviey, probably  :-)
<Daviey> jamespage: We used the assignee field as way of tracking all of them previously.
<sander^work> Do anyone know common rasons  lsyncd have delays when transfering files?
<sander^work> I read default sync time is 15 seconds, but its taking way longer than that.
<jamespage> Daviey, I re-jigged that blueprint in terms of ownership
<zul> jamespage/yolanda: https://code.launchpad.net/~zulcss/swift/saucy-fix/+merge/162352
<jamespage> zul, lgtm
<zul> jamespage:  thanks
<resno> can someone tell me running ubuntu server 7.10 is bad. bad enough i should build a new server in its place. i just need to hear someone agree with my thoughts.
<genii-around> resno: It's past End-Of-Life and not even a Long Term Support version.
<resno> genii-around: my thoughts exactly. it was just handed to me to add to my server, and i shriked when i saw it
<jacobw> It's pretty gutsy to still be running 7.10 on a server
<resno> gutsy is putting it lightly
<resno> imo
<resno> i was just curious if i was the crazy one
<jacobw> See what I did there?
<genii-around> jacobw: You punster you.
<jacobw> :)
<resno> heh
<arrrghhh> resno, upgrading that box will not be easy.
<arrrghhh> i would definitely do a clean install
<resno> im only doing a clean install
<resno> the upgrade path would be not worth the hassle
<arrrghhh> good :)
<arrrghhh> no.  and it would probably break terribly.
<resno> i just want people to tell me, i am a sane person
<resno> for wanting to blast it away
<genii-around> !badident > trapni
<ubottu> trapni, please see my private message
<arrrghhh> nice there's a quick message for that haha
<arrrghhh> so anyone around can help with my openvpn issue?  I run openvpn as a client on my server, so I have eth0 and tun0.  Some services, like apache or ssh I would rather not tunnel... Now I assume I will need to do some trickery with route and iptables, but can someone poke me in the right direction?
<genii-around> trapni: Apologies, I sent the wrong factoid.
<genii-around> !doublejoin
<ubottu> Your IRC client is completing NickServ authentication after joining channels, which triggers a fake quit and rejoin to apply your cloak and increases channel noise. Please see https://freenode.net/faq.shtml#nocloakonjoin and use SASL or another method to prevent this.
<genii-around> The one above was the intended.
<jacobw> arrrghhh: route only the network the VPN provides through the tunnel
<arrrghhh> jacobw, yes, I would like to know how to achieve this :)
<arrrghhh> I'd like to route based on service or port, but I'm not sure this is possible
<Nafallo> arrrghhh: not without a bunch of fiddling on the console ;-)
<Nafallo> nothing is impossible :-)
<jacobw> arrrghhh: ip r add default via NOTVPNGATEWAY dev eth0; ip r add 192.168.0.0/24 dev tap0
<jacobw> arrrghhh: Where 192.168.0.0/24 is the network the VPN provides
<arrrghhh> jacobw, how does this enable me to route based on port/service tho?  Sorry, I'm not sure what to do with your commands.
<jacobw> arrrghhh: You can't route based on UDP/TCP port because routing is a function of IP, but you can NAT based on port and route from your NAT'd addresses differently to your not NAT'd addresses
<arrrghhh> ah, by marking packets?
<arrrghhh> I think I was reading about this, I probably need to do some more... still over my head
<jacobw> arrrghhh: You don't need to MARK, you can handle it all with NAT, but, you could MARK and it might make your rules more readable.
<arrrghhh> hm.  do you have some stuff you suggest I read to learn more?
<jacobw> arrrghhh: http://www.karlrupp.net/en/computer/nat_tutorial
<arrrghhh> sweet, thank you!
<Youssefk> Hello, does anyone of you guys know if the reboot problem in juju has been fixed or not?
<rbasak> Youssefk: I'm not sure what you're referring to. But if you can't get an answer here, try #juju.
<Youssefk> When you set up an environment using juju, for example wordpress and mysql, when you reboot your system the environment refuses to start again and you have to do everything again
<Youssefk> okay I'm gonna check #juju
<Heavenstorm> I am using wpa_supplicant to establish a wireless connection on bootup. After it boots up it won't connect but all I have to do is enter dhclient wlan0 and it works. Does anyone know how to fix that?
<Heavenstorm> (entering into the command line)
<GrueMaster> Heavenstorm: You can probably add a line in /etc/network/interfaces to set wlan0 to auto dhcp.
<hallyn> how are you starting wpasupplciant?  with a pre-up line in interfaces(5), or an upstart job?
<Heavenstorm> I have done that. I changed it to static to see if that would fix it.
<Heavenstorm> I have a pre-up line script
<Heavenstorm> So I've tried it both ways
<hallyn> hm.  dunno.  (i do it by hand, ahven't tried with interfaces(5))
<hallyn> might pastebin your interfaces file, someone might see something
<kantlivelong> is there a way i can upgrade 10.04 to 12.04?
<Heavenstorm> Thanks for your input on this. I'm not sure what interfaces(5) is. Is that the same thing as the /etc/network/interfaces file?
<sarnold> kantlivelong: look into do-release-upgrade(8)
<Heavenstorm> (Or the thing that parses the file)
<Heavenstorm> ?
<GrueMaster> Heavenstorm: That is the man page for interfaces.  "man interfaces".  Also, google found http://wiki.debian.org/WiFi/HowToUse
<kantlivelong> sarnold: oh haha i just noticed the LTS option durr
<GrueMaster> Might help
<markthomas> kantlivelong: make a good backup first :)  If you use LVM, do an LVM snapshot.
<Heavenstorm> Okay thanks again
<kantlivelong> markthomas: yup :)
<Heavenstorm> Here's a question (being new to linux) I see things like ifup(8), the command "ifup" usually isn't entered with the "(8)". What does that number mean?
<sarnold> Heavenstorm: that tells you which manual section contains documentation for that command or file
<sarnold> Heavenstorm: man man describes the different sections; 1 for user commands, 8 for admin commands, 2 for system calls, 3 for library calls..
<Heavenstorm> Thanks for pointing that out. I'm reading man man now
<sarnold> Heavenstorm: you can get different commands or syscalls; check out the difference between 'man 1 reboot' and 'man 2 reboot'
<sarnold> err, that'd be man 8 reboot and man 2 reboot   :)
<Heavenstorm> I get it now
<jamespage> zul, https://code.launchpad.net/~james-page/cinder/havana-pep8-deps/+merge/162309
<zul> jamespage:  i dont think we need the -v either
<jamespage> zul, OK - fixing that now
<zul> cool
<Heavenstorm> If I have set my interface (wlan0) to static why would dhclient have any effect on it?
<jamespage> zul: for some reason alot of git poll processed got stacked in the lab - I killed them and it freed stuff up
<zul> jamespage:  cool
<psivaa> jamespage: hallyn: The lxc tests on saucy have http://pastebin.ubuntu.com/5629624/ in https://jenkins.qa.ubuntu.com/view/Saucy/view/Smoke%20Testing/job/saucy-server-amd64-smoke-lxc/4/
<Heavenstorm> Thank you everyone for your help. It's still mysterious but I have some new ideas now.
<psivaa> jamespage: hallyn: whenever you have time to look at ^
<zul> jamespage:  +1
<lwizardl> I have a problem with comcast blocking a smtp server on port 25 on my service. Would swapping the Arris modem/router they gave me with my own bought modem stop that block? since I was reading the Arris modem allows them to block ports on the network
<sarnold> lwizardl: no, that does not help.
<patdk-wk> I have comcast, and they don't block port 25
<patdk-wk> the question is, did you sign up for a business class service?
<lwizardl> patdk-lap: not yet I still have to wait a few months for my current bs service to expire. then I can get it as business class
<hallyn> psivaa: looking
<hallyn> psivaa: oh, so that's not an error in the tests, but the bzr package importer...  i'll need to resolve manually
<psivaa> hallyn: ack, thank you
<GrueMaster> Has anyone figured out why 12.04.2 server (amd64) boots to tty7 instead of tty1 by default?
<arrrghhh> GrueMaster, I always ssh to the box... never really noticed.
<parallel21> GreuMaster: from what I understand 1 through 6 is reserved to text mode.
<parallel21> GrueMaster: but this look interestingâ¦ https://bugs.launchpad.net/ubuntu/+source/grub2/+bug/695658
<uvirtbot> Launchpad bug 695658 in grub2 "grub2 configuration has vt.handoff=7 even when X11 is not installed (dup-of: 700686)" [Medium,Triaged]
<uvirtbot> Launchpad bug 700686 in grub2 "unreadable black-on-black text with details plugin" [High,Fix released]
<GrueMaster> parallel21: This doesn't happen in 12.04, but does after updating to 12.04.2 (or installing 12.04.2 from scratch), suggesting a regression.
<GrueMaster> I really don't have time to be parsing and debugging Ubuntu bugs like this (not that it mattered when that was my job).
<Arrick> hey all, I am having issues getting vsftpd to allow users to connect (Internal web site) so that they can upload/download data from our 12.04 server... I'm reading the documentaiton here: https://help.ubuntu.com/12.04/serverguide/ftp-server.html#vsftpd-ftp-server-installation however, I cant connect to it for some reason.
<noxs> Servicetag
<Arrick> huh?
<Arrick> IdleOne, good afternoon.
<hallyn> psivaa: I think it should be fixed, please re-try the test when you get a chance
<psivaa> hallyn: the lxc tests have now passed, thanks
<hallyn> psivaa: awesome
<psivaa> :)
<adam_g> Daviey, any chance you could take a look at the python-glanceclient package in queue for raring-proposed ?
<Daviey> adam_g: Potentially
<adam_g> Daviey, nothing major, just a cherry-picked patch
<Daviey> adam_g: Are you wanting to upload it to the CA aswell?
<adam_g> Daviey, after its been SRU'd to raring, yes
<phunyguy> quick question.... I have a router that is ubuntu server, and there are several subnets attached that can all talk to each other freely.  Is there any (easy) way to get it to bounce multicast packets between networks? It's not a large network, so I am not worried about broadcast traffic becoming an issue.  I have installed pimd, but Others say it "just works", however I cannot get it to work.  Any ideas?
<phunyguy> I also read something about mangling the broadcast packets to have a ttl of +1
<phunyguy> which I did, no luck.
<adam_g> Daviey, thanks
<Heavenstorm> I am using ubuntu 12.10LTS and have been able to get my wireless interface up to the point that all I have to do is type in "dhclient" when it's booted. But how can I make it so it works without having to do that?
<sarnold> Heavenstorm: 12.04 LTS? Or 12.10? those are different things..
<Hitiek> my /boot is full. I'm trying to apt-get remove some of the old linux-image-* packages, but I can't because apt-get complains with "linux-image-server : Depends: linux-image-3.2.0-40-generic but it is not going to be installed". Anyone have a suggestion how I get around this?
<Heavenstorm> You're right I'm using 12.04.2 LTS
<Heavenstorm> I've been working on this issue for weeks. So far I'm using wpa supplicant and calling it from within the interfaces config
<sarnold> Hitiek: you could delete a file or two by hand.. just make sure you remove files you intend to remove via apt shortly
<Heavenstorm> It is called from a pre-up command and calls the wpa config file. The device is associated and the configuration data is there to give it a static ip.
<Heavenstorm> Honestly I don't understand why I need to run dhclient for that reason
<Heavenstorm> Do I need to somehow run dhclient during the bootup sequence or is there some obvious step I could be missing?
<genii-around> Heavenstorm: Maybe you need a post-up command calling the dhclient
<Heavenstorm> Problem with that is ifup won't work until dhclient is running. Will that affect it?
<Heavenstorm> I guess it won't hurt to try
<Heavenstorm> Right now I just tried it with a new pre-up command.
<Heavenstorm> It worked!
<Heavenstorm> But the ip address isn't want I set it to.
<Heavenstorm> I will change the order of the config file to declare it after the pre and post-ups and see what happens
<Heavenstorm> Do you know how to make it stop waiting for the network configuration? It always seems to time out and makes bootup a major drag.
<sarnold> Heavenstorm: are you confident you ca'nt just poke a hole in your dhcp for a static ip for your server? servers on dhcp are .. odd.
<Heavenstorm> I'm trying to make it a static ip. For whatever reason it won't work unless I run dhclient. It is the wireless side though and it goes to a wireless in-home router connected to the Internet.
<riz0n> I have my DD-WRT set to give my server a "static IP" through DHCP... works beautifully.
<Heavenstorm> The wired part is going to another router that will be an access point for my brother's kids with a transparent proxy used for a content filter and monitoring device.
<Heavenstorm> At least that is my plans for it. Now I'm just trying to get internet into it
<Heavenstorm> I just found out that the order in which things are declared in the config file seems to matter. It's all hosed now cause I switched things up. I hate cut and paste in nano!
<riz0n> Heavenstorm: use WinSCP and edit the files that way
<GrueMaster> Heavenstorm: Use vim.  It is easier.
<Heavenstorm> Yes, vim, if I only had the patience to learn it.
<GrueMaster> riz0n: In what universe is editing linux/unix config files on a Windows system easier?
<riz0n> well when your linux system has no keyboard, mouse, or monitor attached, they got to be edited somehow :)
<Heavenstorm> Good point but honestly I'd rather learn vim!
<GrueMaster> ssh->vim
<patdk-lap> rsh! :)
<sarnold> patdk-lap :)
<patdk-lap> oh wait, we are talking about cat
<patdk-lap> I'm glad I got to toss the server that *required* rsh access last year
<sarnold> patdk-lap: holy cow
<sarnold> patdk-lap: it's been over a decade since I've used a system that even supported rsh.. maybe even 15?
<patdk-lap> I had never used rsh ever, till that system
<patdk-lap> I had used telnet and ssh, but never before rsh
<patdk-lap> I did restrict rsh access to a single ip, but needed to use it to setup user quotas
<Heavenstorm> Later all I think I'm onto something. Thanks for your input.
#ubuntu-server 2013-05-04
<agu10^> Hello. I have a VPS in amazon ec2 cloud. It has two network interfaces with private IPs. Amazon routes two public IPs to those two private ones. How can I route my packets that arrive through eth1 so that they're sent back through eth1 instead of eth0?
<justizin> try enabling the rp_filter if it isn't already..
<agu10^> what is that? and how
<justizin> it's the reverse path filter, google rp_filter it's pretty easy to toggle via sysctl or somesuch
<justizin> i thought it was on by default, but check
<agu10^> justizin, why would i want to turn it on?
<Hitiek> sarnold: thanks. that got me started.
<Guest16799> hi everyone
<Guest16799> i really need help epoptes...
<Guest16799> on ubuntu 12.04 server with ltsp
<Guest16799> any1 here?
<Guest16799> hi
<Guest16799> hi
<hxm> hello
<hxm> please, how to install a imap/smtp server on ubuntu tls 12.04 server? i have multiple domains and i want to use roundcube, but i dont find the way to make dovecot or postfix work
<hxm> im already desesperated or closer
<Nafallo> hxm: seen https://help.ubuntu.com/12.04/serverguide/email-services.html ?
<hxm> i saw many howtos, but that not, thanks, there i go
<Nafallo> that's the official Ubuntu Server Guide, fwiw :-)
<Nafallo> it's a good first place to check usually.
<hxm> why the heck the official documentations are always the hardest to find in google
<hxm> btw i have multiple domains in the same machine
<Nafallo> *shrugs* too much noise. I tend to just type in help.ubuntu.com and be done with it :-)
<hxm> yes, too much noise
<Nafallo> the community part on help.u.c is also really helpful
<hxm> most of cases i find better professional support in the community than the helpdesk companies
<luis_> hi
<jacobw> Hi
<luis_> i like  help with Epoptes
<luis_> Basically I cant view the clients
<luis_> any ideas?
<jacobw> Sorry, I haven't used it before.
<Shogoot> Anyone to help me troubleshoot this? Forbidden You don't have permission to access /smn.php on this server. Apache/2.2.22 (Ubuntu) Server at 192.168.1.166 Port 80
<Shogoot> Seems i got the var/www direcotry messed up rightswise, and i can t mak emy web page dispaly....
<silo_> no? noone?
<shogoot> NickServ identify salsero
<shogoot> anyone taht can help
<shogoot> ?
<hxm> hello
<hxm> im trying to do this https://help.ubuntu.com/12.04/serverguide/postfix.html
<hxm> sorry i start over, i found a misstype
<hxm> in the part 2. mail.example.com i have multiple domains in the machine
<hxm> cant i manage all of them?
<hxm> or i create a hostname and then use spf TXT dns entry for each other?
<hxm> well after following this  https://help.ubuntu.com/12.04/serverguide/postfix.html and testing the smtp when  i use the ehlo command nothing appears
<SpamapS> hxm: check /var/log/syslog and /var/log/mail.log
<hxm> http://pastebin.com/bggsH5Af it says bad command startup no mecachism but is the last line (i added \n after it)
<LargePrime> my server has 32k zombies
<LargePrime> how do i fix?
<streulma> hello, is there a good tutorial how to set up postfix dovecot and postfixadmin with mysql?
<LargePrime>  also got a /usr/bin/lesspipe: fork: Cannot allocate memory
<LargePrime> and it seems i cannot reboot!  please help
<streulma> LargePrime: shutdown -r now ?
<LargePrime> it just hangs
<LargePrime> and the session locks up.
<LargePrime> I can immediatly reconnect with a new session
<LargePrime> i think it took
<streulma> kill your inodes first
<LargePrime> noob.  how? googleing
<streulma> sudo sync && sudo echo 3 | sudo tee /proc/sys/vm/drop_caches
<streulma> LargePrime: ^
<LargePrime> and now it wont come back up
<streulma> ?
<streulma> server is down?
<LargePrime> not responding
 * maxb observes that sudo-ing 'echo 3' is a bit redundant
<streulma> then it is rebooting...
<maxb> streulma: Why do you suggest drop_caches, that doesn't seem related to the problem here?
<streulma> clearing memory
<maxb> I think you are mistaken, those caches would be automatically shrunk if needed
<maxb> Also, the mention of 32k zombies and the fact that it's a fork call reporting that is highly suggestive that the system has run out of process IDs, not general memory
 * LargePrime listens
<maxb> LargePrime: Do you care more about just rebooting, or looking in to why this happened in the first place?
<LargePrime> first place
<LargePrime> and the server is down
<LargePrime> it seems dead
<maxb> Hrm. It will be next to impossible to deduce what happened without the output of 'ps -efH' or similar
<LargePrime> forcing hard reboot
<LargePrime> maxb:  can i get that after reboot?
<maxb> No
<maxb> What data did you have before to know there were 32k zombies?
<LargePrime> max, can you give a guide or chcklist i should do for nextime?
<LargePrime> upon ligin the server said there were 32k zombies
<LargePrime> login*
<maxb> The most important thing would be to capture some view of the process tree like 'ps -efH' gives you, to know what process the zombies are associated with
<maxb> "said" - where?
<LargePrime> no idea
<LargePrime> again, total noob.  server up
<LargePrime> what is the pastebinit command?
<LargePrime> heh, its pastebinit
<LargePrime> maxb: upon ssh login there is a small graph of server usage and a anvert from conical for landscape. under that it say there were 32k zombies.  it had specific number but i dont have it.
<LargePrime> advert*
<LargePrime> how do i send ps -efH to pastebinit
<maxb> Interesting, I guess it must be part of the dynamic informational motd generation
<maxb> I would never have thought that would be monitored there
<LargePrime> so you saying your servers never have zombies?  you that good?
<LargePrime> heh
<LargePrime> how does one monitor for zombies?
<maxb> People generally don't need to
<maxb> It takes a process misbehaving in very specific ways for it to ever become a problem
<LargePrime> well i think if i had 32k+ of them perhaps i shoul look for them?
<maxb> I don't have anything in my /etc/update-motd.d/ that would report on such things - but perhaps you have other packages installed
<maxb> Ah, it will be from landscape-sysinfo I imagine
<LargePrime> yes
<maxb> Anyway, I wouldn't worry about it much for now, but grab some ps -efH output for diagnosis if you find any zombies persisting for more than a few seconds in the future
<LargePrime> http://paste.ubuntu.com/5633389/
<LargePrime> are zombies named zombies?
<streulma> ha
<streulma> I think it's the Java process
<streulma> that eats your server
<streulma> your setting is high
<LargePrime> ?
<LargePrime> yes it is hosing java servers
<LargePrime> what is "your setting is high"
<streulma> yes
<streulma> Xmx and Xms
<streulma> Set it to half
<streulma> 1024M
<streulma> 4096M is that it uses 4GB of memory for each process !
<LargePrime> and?
<streulma> then your mem is not free anymore ?
<streulma> how many memory is in your server ?
<qman__> generally, having zombies is a bad coding decision but isn't directly harmful, as long as they're not flooding you out, which in this case, they appear to be
<LargePrime> are thier logs for this ?
<maxb> streulma: Sorry, but I have to say that you are giving bad advice. -Xms and -Xmx have ABSOLUTELY NOTHING to do with zombie processes
<hxm> im able to send messages, but the email is root@localhost
<hxm> where do i change that? i use mail() php
<hxm> ah found it
<nsaquatics> afternoon, I need help and so far nobody has been able to help me. I'
<nsaquatics> I'm running 10.04 LTS with mysql on it and mysql server will not start stating not being able to read/write to the PID file...
<nsaquatics> as far as I can tell it has all the required permissions, yet it still won't start for me.
<jacobw> nsaquatics: Can you pastebin the exact error that you see from the init script?
<nsaquatics> jacobw: will do.
<nsaquatics> this is from the error.log: http://pastebin.com/hyqsvB21
<nsaquatics> I'm tailing both the error.log and syslog...
<jacobw> Samba configuration error?
<nsaquatics> huh?... hangon..
<jacobw> nsaquatics: I don't think that's the right paste
<jacobw> nsaquatics: What do you see when you try to stop and start the service with init/upstart?
<nsaquatics> jacobw: woops.. hangon
<nsaquatics> jacobw: this is it: http://pastebin.com/hyqsvB21
<nsaquatics> I start and stop via "service mysql sart/stop"
<jacobw> Hmm, that's the same paste
<nsaquatics> dangit...
<nsaquatics> http://pastebin.com/jGh2j405 ??? Yeah, that's it... It didn't copy the new URL...
<jacobw> nsaquatics: It should be using something like /var/run/mysql.pid instead of that path
<nsaquatics> well I move the databases to that path because that's my datadisk. I wanted everything data to be on it. But it's been working since then
<nsaquatics> Only recently when we lost power and the server restarted did this crap start.
<jacobw> :)
<nsaquatics> :( so now I can't get to the email server... (zarafa)
<jacobw> See if that file exists and what the permissions are on it with 'ls -l'
<jacobw> If it exists, remove it and try to start MySQL again
<nsaquatics> NSAServer.pid right? Doesn't exist.
<nsaquatics> I tried touching it and then modifing owner/rights to no avail.. I can try it again though.
<nsaquatics> the folder mysql is owned by mysql:mysql
<nsaquatics> and, yes I know its bad but it has 777 permissions on it at the moment.
<jacobw> Let's see if putting the AppArmor profile for MySQL in complain mode helps
<nsaquatics> it already is... but I'll check again.
<jacobw> `sudo aa-complain /usr/sbin/mysqld`
<nsaquatics> ok, so I touched the file and chown'ed it and chmod'ed it...
<nsaquatics> also ran the aa-complain... restarting the server via "service mysql stop" and "service mysql start &"
<jacobw> Did you try removing it?
<hxm> after configure postfix if i send an email to hotmail is moved to spam folder, it says Microsoft SmartScreen has clasified this message as spam
<hxm> is because of the spf entry?
<hxm> i have a server with various domains
<nsaquatics> jacobw: it being the NSAServer.pid file?
<jacobw> nsaquatics: Yeah
<jacobw> hxm: You need DKIM
<nsaquatics> jacobw: I'll try that now.
<jacobw> hxm: https://help.ubuntu.com/community/Postfix/DKIM
<hxm> thanks, i was googleing
<jacobw> nsaquatics: Also check the AppArmor profile is in complain mode with `sudo apparmor_status`
<nsaquatics> jacobw: even though I stopped the mysql server it is still trying to respawn... I can see it in the logs...
<nsaquatics> 1 profiles are in complain mode.    /usr/sbin/mysqld
<nsaquatics> but no process is in complain mode...
<jacobw> nsaquatics: OK, make sure to kill all the mysqld and mysqld_safe processes
<nsaquatics> ok...
<nsaquatics> jacobw: "ps -ef |grep mysql" should show me all of them right?
<jacobw> Yeah
<nsaquatics> sure enough, it just keeps trying to start it..
<nsaquatics> jacobw: from the looks of it every 30 seconds it trys to respawn.
<jacobw> nsaquatics: what does `ps -ef` show?
<jacobw> nsaquatics: Um, that matches 'mysql'
<hxm> jacobw: in the config file i can only set up a domain, but i have 2
<nsaquatics> I was about to say, besides a shitload?
<hxm> i use one ip for manage 2 mail domains, is this incorrect?
<nsaquatics> root@NSAServer:/media/DataDisk/mysql# ps -ef |grep mysql
<nsaquatics> root      2178 21303  0 16:55 pts/1    00:00:00 grep --color=auto mysql
<nsaquatics> root     18714 12276  0 May03 pts/3    00:00:00 tail -f mysql.err
<nsaquatics> at the moment but everytime I see it logging and rerun the command I can see the mysqld process pop up again.
<nsaquatics> jacobw: here is what syslog and error.log pop out every 30sec's or so: http://pastebin.com/Ju3vxgCq
<jacobw> hxm: check out this blog post, http://blog.tjitjing.com/index.php/2012/03/guide-to-install-opendkim-for-multiple-domains-with-postfix-and-debian.html
<jacobw> nsaquatics: Does `service mysql stop` stop it respawning?
<nsaquatics> jacobw: nope.
<nsaquatics> jacobw: but trying it again just to make sure.
<jacobw> nsaquatics: Use `pstree -ps` to see what's spawning the mysqld processes
<nsaquatics> actually this time it looks like it did..
<jacobw> Cool, start it again and check apparmor_status
<nsaquatics> ok, at the moment it's like it was last time I checked it, so only the profile is in complain mode... starting it noe.
<nsaquatics> jacobw: ok, it stayed the same because mysql bombs out, but right as I saw it trying to respawn, I ran it again and apparmor showed the mysqld process as being in complain mode, so it IS catching that it is supposed to ignore the mysql server. So if I'm understanding it correctly, it's definately not apparmor that's causing the problem, correct?
<jacobw> That's right
<jacobw> My laptop is about to run out of battery
<nsaquatics> hmm no good...
<nsaquatics> plug it in? :)
<nsaquatics> where else can I look?
<jacobw> Try starting mysql with --pid-file=/var/run/mysql.pid or similar
<jacobw> Also check which user mysql runs as, and try operating on the file from the mysql user, etc.
<nsaquatics> jacobw: ok will do
<jacobw> o/
<nsaquatics> jacobw: how do I see under which user it is actually runnign?
<nsaquatics> anybody else care to help?
<maxb> Erm, you're running mysql using paths on removable media?
<maxb> That sounds a bit .... wrong
<nsaquatics> no, not removable media... Mirrored drive...
<nsaquatics> Mounted under /media/DataDisk
<maxb> Hm
<maxb> I suggest you not do that
<maxb> The /media directory is conventionally reserved for automounting things
<maxb> If you're statically configuring things in /etc/fstab, you should put them under /mnt
<nsaquatics> maxb: I'll keep that in mind... I'll move it o monday but for now, I just need mysql to come up for one to two hours so I can backup the data...
<maxb> That aside, the next obvious step would be to sudo to the mysql user and try touching a file in /media/DataDisk/mysql/
<nsaquatics> ah... never thought of that.. moment...
<maxb> And also do a pastebin of 'find /media/DataDisk/mysql -ls' so we can see the permissions in detail
<nsaquatics> ok.
<nsaquatics> maxb: pastebin: http://pastebin.com/CiYjih5Q
<nsaquatics> maxb: also, how do I sudo to mysql?
<maxb> sudo -s -u mysql
<nsaquatics> maxb: ahh...
<maxb> Note for the future: you might want to consider paste.ubuntu.com, it's not festooned with ads and prone to line-wrap things unhelpfully
<nsaquatics> maxb: ok... will switch to that.
 * maxb pauses to take a moment to shudder at all those mode 777 files
<nsaquatics> maxb: sudo'd to mysql as was able to create the NSAServer.pid file by touching it. it now exists and has the following permissions: "-rw-rw-rw-+  1 mysql   mysql             0 2013-05-04 17:47 NSAServer.pid" however I cannot run the "find" command as mysql I guess?
<nsaquatics> And yes, those will be changed back once this is figured out... :)
<maxb> oh, now that's interesting. You got a +
<maxb> Indicating extended ACLs are at work
<maxb> Hm
<maxb> I don't recall if find -ls shows those + signs
<nsaquatics> maxb: well... I just added acl to the disk like yesterday..
<nsaquatics> here is the output of find once I exited out from the mysql user:
<maxb> Try 'ls -l', are there more files besides the newly created one with + signes after the mode listing?
<nsaquatics> 60293221    0 -rw-rw-rw-   1 mysql    mysql           0 May  4 17:47 /media/DataDisk/mysql/NSAServer.pid
<nsaquatics> hang on
<nsaquatics> maxb: yes, all the other folders
<maxb> So, you added ACLs to the disk yesterday and now your DB has stopped working....? :-)
<nsaquatics> maxb: no cigar... I have been working on this for 4 days on and off.
<maxb> I suppose I should also ask: what is the filesystem being used here?
<nsaquatics> but I switched to working on upgrading to samba 4 in between sessions
<nsaquatics> maxb: Tried the old work on something else for a while trick... didn't work..
<nsaquatics> btw, ls -l shows the + but nothing more...
<maxb> Right, for a full display of the ACLs over the entire directory tree, you'll need 'getfacl -R /media/DataDisk/mysql'
<nsaquatics> maxb: this should be good...
<maxb> Although given you could create the file as the mysql user, and you've apparently already eliminated apparmor, I'm starting to run out of ideas
<nsaquatics> grrrr
<nsaquatics> ok, here is the output just for the NSAServer.pid file. http://paste.ubuntu.com/5633809/
<maxb> That ACL is a bit baffling. I'd like to see the nonrecursive (drop the -R) info for the containing directory
<nsaquatics> maxb: http://paste.ubuntu.com/5633813/
<maxb> Hm. Well, whilst I cannot point to any specific issues with these ACLs, given the general mystery that seems to exist here, I would be strongly inclined to remove all the extended ACLs from the mysql tree entirely, leaving just the traditional mode bits
<nsaquatics> hmmm and how does one go about doing that?
<maxb> Looks like it would be something like setfacl --recursive --remove-all /media/DataDisk/mysql
<maxb> Though for completeness you should also review and potentially remove the ACL on /media/DataDisk
<nsaquatics> maxb: thanks, I'll look at that... for now I'm trying to get someone to look at it first hand...
#ubuntu-server 2013-05-05
<DGMurdockIII> i have a Dell PowerEdge Server i was wondering if any of you new much about them
<n00b123> Hi Friends, I am setting an ubuntu server 12.04.1 with 2 x 2tb hard drivers wich I want to connect in RAID1. Also going to use encrypted LVM. What is best to do. Use the whole drive in one raid and one volume group and then differents logical volumes for /, SWAP, /var and /DATA or use 4 raids md , 4 vg and 4 lv ??
<maxb> n00b123: Unless you're deliberately trying to have some volumes encrypted and some not, I see no reason to use multiple md devices
<maxb> And even then maybe not, but I'm unfamilier with encrypted LVM
<maxb> However you will want to make sure you're absolutely confident how you want your bootloader to work before you start partitioning
<maxb> Actually, having read a few things about the encryption it seems like you probably want an unencrypted md0 for /boot and an encrypted md1 for LVM
<maxb> Hmm, although it seems you can nest the LVM and the encryption either way around
<n00b123> I was thinking if there is any advantage having parttions divided into diferent raids. just wondering what would be the best practice
<n00b123> Is there any way to grub-install /dev/md0 on busybox during instalation ??
<n00b123> because on ubuntu 12.04.1 server instalalation, grub-install always fail because it always tries to install on /dev/sda. No options to change. Consequently I can never boot after instalation and have to boot from a live cd and install it manually (wih I'm trying to do right now !!)
<kerframil> n00b123: 'installing' to md0 makes no sense. grub needs to write a master boot record, which belongs at the beginning of the first disk enumerated by the BIOS. that disk typically maps to /dev/sda in Linux.
<kerframil> n00b123: indeed, if you were to write out an MBR to the beginning of an md block device, you may very well corrupt your RAID metadata (depending on the superblock format used)
<n00b123> yes, i tried and it failed. So, it is not possible to have the /boot partition on a RAID ?? If one hdd failed I am oing to be stucked...
<n00b123> What is the best practice to be prepared for a disk fail ??
<n00b123> Have an independent /boot partition on both hdd and install grub on both ?? is that correct ?
<kerframil> n00b123: yes, you can have /boot on RAID. I would tend to use RAID-1 because it allows for /boot to be directly mounted from an md member in diaster recovery scenarios. however, grub-2 can handle other RAID layouts.
<kerframil> n00b123: for full bootloader redundancy, yes, would need to write out a boot sector to both disks. however, you don't need require two separate boot filesystems.
<n00b123> sorry, I can't understand (n00b)
<kerframil> n00b123: I used to do this back in the day. let's say you have sda and sdb, and the first partitions of each are members of a RAID-1 array, on which the /boot filesystem resides.
<kerframil> n00b123: I would enter the grub shell and type:
<kerframil> device (hd0) /dev/sda
<kerframil> root (hd0,0)
<kerframil> setup (hd0)
<kerframil> then I would repeat with only one change: mapping (hd0) to /dev/sdb (which controls where the MBR is written)
<kerframil> I've never tried with grub2 though. most of my machines are using hardware RAID these days.
<n00b123> but /boot is under raid ?? md0=sda1,sdb2(/boot)
<kerframil> that's awkward for grub-0.97 because they're different partitions. but Ubuntu uses grub2, which should be able to handle it fine (it has built-in modules to read Linux RAID volumes). but none of this comes into play until the bootsector is read and grub gets past 'stage1'. the bottom line is that installing to /dev/sda should be enough to get it booting, assuming the first disk remains online.
<kerframil> the boot filesystem is not involved in the earliest stage of the boot process
<n00b123> ok, so when installing, I can configure the first partition os both hard drives as /boot and raid1 (md0=sda1,sdb1) and just grub-install /dev/sda and grub-install /dev/sdb. Ubuntu can not mount encrypted partition but can "mount" the raid partition. That's it ??
<n00b123> I am a little bit confused because every instalation I tried, grub fail instaling on /dev/sda. When /boot was under raid and independent partitions
<kerframil> n00b123: I have no experience of setting up bootloader redundancy in grub2 but, yes, that's about right. I suspect grub-install won't do the right thing when installing to /dev/sdb. that's why I always used the shell in grub-0.97.
<kerframil> n00b123: that's curious. maybe you should run grub-install with the option to increase verbosity.
<kerframil> n00b123: it should work, based on what you've said
<n00b123> that's why i was trying to grub-install while installing the system (CTRL+ALT+F2).
<n00b123> because after that, it is hard to boot it like it is under encripted lvm and raid
<kerframil> n00b123: try grub-install --debug /dev/sda
<n00b123> grub-install does not work on busybox, and now I am having troubles mounting the partition under ubnutu 10.04 livecd (12.04 is failing the video config resolution under virtualbox)
<kerframil> n00b123: is it no present at all, or are you getting an error? iirc, the debian-installer gets grub from a lightweight udeb package which is installed-on-the-fly i.e.: http://packages.ubuntu.com/precise/amd64/grub-installer/download
<n00b123> not present
<n00b123> sudo apt-get install mdadm lvm2
<n00b123> and pvscan, vgdisplay, vgscan, lvscan finds nothing
<n00b123> cat /proc/mdstat show nothing to
<n00b123> last time i could mount it with ubuntu 12.04
<n00b123> but now... nop
<n00b123> on diskd utility it shows the array
<n00b123> but say it is not running, when i try to bring it up, it says: not enogh omponents to start raid array
<n00b123> do I need to install any more package than mdadm ??
<kerframil> n00b123: to assemble an array from userspace, mdadm is enough
<kerframil> n00b123: for example, mdadm -A /dev/md0 /dev/sda1 /dev/sdb2
<n00b123> oops
<n00b123> just mounted the array
<n00b123> noob problem, forgot the sudo... sorry
<n00b123> grub-install not working with live cd. Can't find /dev  bla bla bla.
<n00b123> I believe i will have to chroot
<kerframil> n00b123: if you do, remember also to mound --bind /dev <chroot-path>/dev (after mounting your normal filesystems there).
<kerframil> mount, rather
<n00b123> tried mounting it
<n00b123> when tried grub-install --root-directory=/media/47a...bla..bla /dev/sda
<n00b123> it gives me the error: usr/sbin/grub-probe: error: no mapping exists for 'vgtotal-lvroot'
<n00b123> auto detection of a filesystem module failed.
<n00b123> please specify the module with the option '--modules' explitly.
<daddioio> hey guys, I installed 13.04 server and I have 2 nics.  installer saw I have 2 nics, setup eth0; but not eth1.  I thought no biggie, added to etc/networks/interface.  Restart, but still no eth1.  Am I missing something?
<kerframil> n00b123: is lvroot encrypted/
<kerframil> ?
<yeats> daddioio: what happens when you do 'sudo ifup eth1'?
<daddioio> woohoo, she lives
<daddioio> will it do that at reboot now?
<daddioio> or do I need to tinker somewhere?
<n00b123> it is but i have already decripted it to mount on the /media/47......
<n00b123> I can see the files on lvroot
<yeats> daddioio: you can add 'auto eth1' to /etc/network/interfaces
<daddioio> dang you are right yeats I forgot to add that...sorry bout that
<yeats> ;-)
<kerframil> n00b123: if you run ls -l /dev/mapper, do you see just one entry referring to "lvroot"?
<n00b123> i can see the vgtotal-lvroot, 3 others lv and another udisks-luks-uuid-bla bla bla
<sonofzeus> hey there
<phunyguy> quick question.... I have a router that is ubuntu server, and there are several subnets attached that can all talk to each other freely.  Is there any (easy) way to get it to bounce multicast packets between networks? It's not a large network, so I am not worried about broadcast traffic becoming an issue.  I have installed pimd, but Others say it "just works", however I cannot get it to work.  Any ideas?
<PryMar56> phunyguy, dpkg -l smcroute
<PryMar56> phunyguy, http://www.google.com/search?q=ubuntuforums.org+multicast+forwarding+solved
<PryMar56>   q=site:
<skraito> hey guys
<skraito> i am coding ubuntu server hardening
<skraito> is it the same with redhat
<skraito> i am new to it
<skraito> but may be i can reuse the script from previous 0x71 script for redhat
<skraito> where can i get documentation for ubuntu-server ?
<skraito> https://help.ubuntu.com/12.04/serverguide/
<skraito> is it this one ?
<skraito> hi anyone good at ubuntu-server i would like to talk to you
<skraito> come to channel ##0x71 our whitehat hackers team
<skraito> hi ubuntu-server
<skraito> where did you get
<skraito> hi daviey
<skraito> where /etc/motd shell script
<skraito> located
<skraito> ?
<skraito> hi guys
<AfroMark> Hi all. I'm setting up ubuntu server for the first time and I could do with a little guidance.
<AfroMark> I'm following a few steps to increase security, following a few points from the guide here: http://www.thefanclub.co.za/how-to/how-secure-ubuntu-1204-lts-server-part-1-basics
<AfroMark> Trying to do no.2: Securing the Shared Memory, but I'm not sure if I'm using VIM correctly
<AfroMark> Could someone give me a little more guidance on how to insert the extra line into /etc/fstab?
<qman__> I see they fixed the PHP configuration on that guide
<qman__> that said I still disagree with several of the items they list
<qman__> ubuntu is secure by default, the rest is a matter of preference
<qman__> beyond all of that, ubuntu (and debian) have a limited version of vi by default, if you want the full featured version, install vim-nox
<qman__> and if you're unfamiliar with vim, you can use nano
<AfroMark> so it's not essential to secure the shared memory?
<qman__> it's not essential to do any of those things; securing shared memory is only important on systems where you have untrusted users with shell access
<qman__> the other major problem with that article is it doesn't explain why each thing is to be done, or what it's for
<qman__> some of them are a good idea in certain situations but not others
<qman__> for example, the SSH section
<qman__> 1. root is not allowed to log in by default
<qman__> you have to go and set a root password or set up SSH keys to enable it
<qman__> 2. changing SSH port is an annoyance only
<qman__> it's an annoyance to you as much as it is an annoyance to an attacker, and that's all
<qman__> I also advise against installing nmap on your server, since nmap can be used without root access and simply invites users to do port scans
<qman__> you should run nmap from a separate system
<rurufufuss_> what tool can one use to check where the disk usage comes from, in command line?
<rurufufuss_> my ubuntu linode's 4GB is used up, nfi where they're used :(
<qman__> rurufufuss, du
<qman__> specifically, you can do this: du -sh /*
<qman__> that will sum each of the directories in the root
<qman__> you can then get narrower in scope until you nail down what's using all that space
<qman__> you can also use find to search for files over a certain size
<qman__> find / -type f -size +100M
<qman__> will find all files 100MB or larger
<rurufufuss> qman__: thanks
<AfroMark> Can anyone help me set up Samba on my server? I'm having difficulty getting it to work.
 * n00b123 is Back !!
<agu10^_> Response:	550 Create directory operation failed.
<bekks> agu10^_: Are we supposed to guess when and what is causing that message? :)
<agu10^_> filezilla when uploading through ssh
<agu10^_> how can i fix it?
<bekks> agu10^_: Thats not FTP, but SFTP, which, in fact, is SSH.
<agu10^_> yes
<bekks> And that message indicates that you dont have permissions to create that directory.
<agu10^_> why don't i?
<agu10^_> that folder's permissions is 775
<agu10^_> and i'm the owner
<agu10^_> so WTF
<skraito> hi all
<skraito> where do you get  /etc/motd script from
<skraito> in ubuntu server
<qman__> skraito, it is generated automatically using update-motd
<skraito> update-motd ?
<skraito> is that a command ?
<skraito> nothing there
<skraito> i want to erase it how to do it ?
<agu10^_> Why can't i create dirs without sudo? permissions are 775. WTF?
<qman__> skraito, no, it is a package, see man update-motd
<agu10^_> okay at /var/www i can create dirs. but at /var/www/wildcard i can't! Why is this? wildcard is 775.
<streulma> why is Postfix config splitted in Ubuntu ?
<shankstaBytes> is there an sftp banning program?
<shankstaBytes> like failed login banning
<RoyK> streulma: what do you mean split?
<phunyguy> hello, I followed a guide on ubuntu.com to set up a bridged network interface, but I am getting errors in syslog saying:May  5 18:06:27 outerbanks kernel: [ 1691.020167] br0: received packet on eth1 with own address as source address
<wilmaaaah> evening
<wilmaaaah> has anyone running a kvm server with several virtual desktops? i have poor video performance
<wilmaaaah> will a better graphics card on the server improve the performance?
<wilmaaaah> or is this a client side issue?
<wilmaaaah> i've switched from vnc to spice and it's not much of an improvement
<wilmaaaah> serverside i have a 8mb onboard chip
<wilmaaaah> i mean, the audio is awesome. maybe it's the weak chip on my client
#ubuntu-server 2014-04-28
<zanzacar> ok thanks
<lkthomas> hey guys
<lkthomas> when I see number of processes on server, it shows around 420 processes running
<lkthomas> while the loading on each CPU doesn't go more than 5% and it's 16 cores
<lkthomas> how could I judge if I need to buy more servers in this case ?
<PryMar56> lkthomas, do you count kdmflush ? ignore those processes
<lkthomas> PryMar56: so how could I count it correctly ? :P
<zanzacar> I think ubuntu-desktop got stuck installing half way through and I am not sure how to continue. Does anyone have any thoughts?
<zanzacar> what is sane.d used for?
<SpamapS> smoser: https://bugs.launchpad.net/ubuntu/+source/iputils/+bug/1313550 <-- when you wake up. ;)
<uvirtbot> Launchpad bug 1313550 in iputils "ping does not work as a normal user on trusty tarball cloud images." [Undecided,New]
<SpamapS> utlemming: https://bugs.launchpad.net/ubuntu/+source/iputils/+bug/1313550 for you too
<lordievader> Good morning.
<smb> jamespage, I know smoser has been actioned with this. But I am wondering whether this needs a bit more attention, given that its a regression in Precise and even worse one that causes issues with running clusters. (bug 1185756)
<uvirtbot> Launchpad bug 1185756 in drbd8 "drbd8-utils not compatible with linux-lts-raring kernel in 12.04" [High,Fix released] https://launchpad.net/bugs/1185756
<jamespage> smb, morning
<jamespage> SpamapS, ah - that sounds familiar - we had a similar issue with the iso
<jamespage> SpamapS, smoser: the tarball needs to be created with an extra flag to maintain extended attributes
<smb> jamespage, Good morning. Hm, looks like I should at least set back the status to in progress or triaged. Unfortunately the regression was reported in the backport bug and I could not get anyone to open a separate bug.
<SpamapS> jamespage: I tried to coerce tar to do it but tar seems to do basically nothing iwth --xattrs :-/
<caribou> I need help in fixing bug 1313602
<uvirtbot> Launchpad bug 1313602 in nova-cloud-controller "Nova-cloud-controller charms failed to sync ssh keys between compute nodes" [Undecided,Confirmed] https://launchpad.net/bugs/1313602
<caribou> more precisely on how the authorized_keys / known_hosts are exchanged between the nova-cloud-controller & nova-compute units
<caribou> I'm having problems in understanding the requirements wrt those two files
<mojibake8> im trying to setup 2 servers in virtual box, 1 a web server and the other a database server
<mojibake8> how should i configure the network adatpters for each?
<mojibake8> such that they have static ips
<vedic> I have installed ubuntu server 12.04 . I had to try a GUI app therefore I have installed xfce4. But Ubuntu is starting in text mode only. I have to type startx manually to run gui. How to change this bahevior?
<mojibake8> vedic: i did a search, http://ubuntuforums.org/showthread.php?t=2003543
<mojibake8> 2nd post says: install display manager or click the link in the 2nd post which asks you to modify bash_profile
<vedic> mojibake8: I have updated runlevel to 5 already but still it starts in terminal mode
<vedic> mojibake8: That doesn't help
<vedic> I have added "[[ -z $DISPLAY && $XDG_VTNR -eq 1 ]] && exec startx"  to .bashrc file but doesn't work
<vedic> Anybody? Why doesn
<vedic> Why doesn't gui starts despite xfce4 installed and runlevel set to 5
<mojibake8> if im not wrong bashrc is used on boot
<jamespage> caribou, what do you need to know?
<caribou> jamespage: I'm trying to figure out what needs to be passed in authorized_keys/known_hosts between the controller and each compute node
<jamespage> caribou, ah - this is the #ETOMANYNODES error right
<vedic> mojibake8: Trying this: http://ubuntuforums.org/showthread.php?t=1385698
<caribou> jamespage: the one where relation-set(known-hosts...) explodes with "argument list too long" on the O/S side
<jamespage> caribou, the base64 encoded parameter gets to be to long
<jamespage> caribou, indeed
<caribou> jamespage: yep, that one
<caribou> jamespage: so right now, the whole file gets encoded in base64.
<jamespage> caribou,you need to fragment the keys and hosts on the relation from the nova-cloud-controller side, and re-assemble them on the remote side
<jamespage> nova-compute in this case
<caribou> jamespage: so one relation-set/get for each line in each file ?
<jamespage> caribou, that would make sense
<caribou> jamespage: ah, that helps; I was not sure if the whole file needed to be passed
<jamespage> caribou, well it does right now because that's how its been coded
<jamespage> you would need to implement code on both sides of that relation
<caribou> jamespage: this is the additional info I'm after : do we need to pass the complete files or only part of each one is suficient
<jamespage> caribou, that's not really the right question
<jamespage> caribou, you need to assemble a complete file on the compute nodes - how its gets passed is up to the charms
<caribou> jamespage: ok, let me try a few things and I'll show you what I get if that's ok with you
<vedic> mojibake8: I link I shared has worked
<vedic> should I install lightdm or gdm?
<jamespage> smb, still reading that bug btw
<smb> jamespage, Unfortunately a mix between requesting a backport of drbd to handle newer kernels and that backport failing. I think my last debdiff is working good enough (hopefully)
<vedic> I have installed lightdm after installing xfce4 on Ubuntu server. But now the screen doesn't accepts my login password
<vedic> Its simply appears like it has accepted the password but it comes back within 1 or 2 seconds
<Patrickdk> vedic, so? did you try #ubuntu
<vedic> Patrickdk: I have removed lighdm and just added shell script in .bashrc to start startxcfe4
<vedic> Its works now but without login manager
<Patrickdk> vedic, it's out of scope, that is gui stuff, not -server stuff
<vedic> Patrickdk: yea, I guess you are right. I should have posted this in #ubuntu
<vedic> Thanks for point this
<cwillu_at_work> vedic, you'll probably want to investigate /etc/x11/xsession.d/
<vedic> cwillu_at_work: I see
<stetho> Hi all. Does anyone know if there's a way that during a PXE install (or other method) using a KickStart file I can specify the install of a different kernel (3.2.0-56-generic in this case) and make it the default for grub to boot from? I'm currently scripting an apt-get install of the kernel and then rewriting the grub config with cat and I think I'm just asking for trouble doing this BUT I can't see a better way. Any suggestions?
<rbasak> hallyn: around? I'm seeing a gettimeofday syscall fail after a clone() call with CLONE_NEWIPC | CLONE_NEWNET. Do you have any tips?
<hallyn> rbasak: fail how?
<rbasak> I've also noticed that it's using a pointer to a structure that existed before the clone. I'm wondering if the cloned process considers that invalid or something.
<rbasak> hallyn: SIGSYS
<rbasak> hallyn: https://bugs.launchpad.net/ubuntu/+source/vsftpd/+bug/1219857
<uvirtbot> Launchpad bug 1219857 in vsftpd "vsftpd connections fail on amd64: "500 OOPS: child died"" [High,Confirmed]
<rbasak> hallyn: [ 2967.985773] type=1326 audit(1398685961.714:32): auid=1000 uid=65534 gid=65534 ses=2 pid=1713 comm="vsftpd" sig=31 syscall=96 compat=0 ip=0x7ffff7ffadbc code=0x0
<rbasak> I have it reproducing under gdb. Though for some reason I couldn't get gdb to stop at the SIGSYS itself - I had to reproduce down the stack to find the call.
<hallyn> have you reproduced with a handwritten testcase?
<rbasak> No. I wondered if I was missing something obvious.
<hallyn> short answer is no, clone shouldn't be affecting validity of memory at all
<hallyn> oh, you're using seccomp
<hallyn> why not just add gettimeofday to the seccomp whitelist?
<rbasak> So it is something obvious ;)
<rbasak> I'll track that down - thanks!
<hallyn> i'm trying to remember whether the seccomp filter only takes effect after a fork or not
<hallyn> s/fork/clone
<hallyn> ok - thx, i'm in an early-morning-without-coffee-after-weeklong-break funk :)
<pmatulis> stetho: you want the installer to run a different kernel or the target system to have a different kernel?
<m_tadeu> hi...crontab defines SHELL=/bin/sh....that seems to pose a problem on rinnung bash scripts, am I correct?
<m_tadeu> s/rinnung/running
<ogra_> if you have bash scripts you should explicitly use "#! /bin/bash"
<ogra_> always ...
<ogra_> (or just make your scripts POSIX compliant without any bashisms ... which is the better approach anyway)
<m_tadeu> ogra_: In deed I'm using #!/bin/bash...but I'm getting the same errors as if I  run "sh myscript"....so, just confirming this
<ogra_> $SHELL shouldnt override the hashbang line
<m_tadeu> well it seems to be doing that, somethow
<m_tadeu> I'll change the script to sh, instead of bash
<coreycb> hallyn, rbasak:  seccomp takes effect immediately but I think there might also be an option to have it take effect after the next exec
<rostam> HI in our lab I have a server & client systems. Our client system  have a disk with two partitions, sda1 & sda2. I have installed ubuntu 12.04 LTS on sda1.  The client system boots from sda1. I like to know if I can install another instance of ubuntu on sda2. Using a kickstart file and whatever is needed on the server system?  Thx
<newbie123> h
<hallyn> coreycb: near as i can tell it should take effect as soon as seccmp_load() is called
<hallyn> i don't see an option for deferring.  but presumably vsftpd does that right before the clone :)
<coreycb> hallyn, yeah I'm not seeing anything for deferring.  it might have been an option in earlier patches that was nacked.
<stetho> pmatulis: Sorry, went away from my desk. I want the target system to have a different kernel.
<pmatulis> stetho: a more recent kernel?
<stetho> No, an older kernel - 3.2.0-56-generic to be precise.
<pmatulis> stetho: just install the old package you want, and remove the recent one, with late_command .  shouldn't that work?
<zul> hallyn:  i was going to do libvirt 1.2.3 but im going to wait until 1.2.4 is out
<xutl> how to run ubuntu server live as like ubuntu desktop from dvd/usb ?
<adac> Guys, I'm trying to install supervisor via docker on precise, but since about 2 or 3 days I get the following error: https://gist.github.com/anonymous/11371085
<adac> did something change on distro side?
<xutl> !live
<ubottu> The Ubuntu Desktop CD is a "LiveCD" which can be run without altering existing files on your harddrive. Especially useful for testing your hardware's compatibility, it also includes an install option.
<stetho> pmatulis: It doesn't seem to. I've tried it and get the grub> prompt when the system reboot. Obviously I've taken this to mean it doesn't work rather than I'm doing something wrong.
<stetho> :-)
<pmatulis> stetho: pastebin the late_command
<hallyn> zul: ok
<stetho> pmatulis: I don't have it to hand anymore, it was something along the lines of d-i preseed/late_command string in-target apt-get remove -y linux-image-3.2.0-60-generic
<m_tadeu> can anyone point me to a good tutorial on how to use dash arrays? google is not helping that much
<zul> jamespage/coreycb: ok juno is open
<coreycb> zul, thanks
<pmatulis> stetho: dunno then, i haven't tried it myself
<rbasak> utlemming: hey, any eta on utopic cloud images, please?
<rbasak> (I mean dailies, of course)
<stetho> Another question about PXE:  I've got a number of servers with a single disk for the OS and two disks in RAID 1 for data. I'm trying to prepare the disks as part of a PXE boot - /dev/sda works but Ubuntu give the RAID a name like isw_chhgbfgage_RAID1 where chhgbfgage seems to be a completely random string so I can't refer to it as /dev/mapper/isw_chhgbfgage_RAID1 literally. Before I write a script that gets the contents of /dev/mapper and figures
<stetho>  out the array name, is there a "better" way to do it?
<hadifarn_> what was that package for Apache that optimize images? it was made by google
<stetho> modpagespeed
<patdk-wk> I don't know why anyone would use that for images
<patdk-wk> it's so much easier to just optimize the images, one time
<patdk-wk> than on every load
<hadifarn_> cheers stetho
<hadifarn_> apt-get package name is different?
<stetho> I don't think there's a package for it. There's a .deb for it on Google code though. Download it and dpkg-i
<stetho> http://developers.google.com/speed/pagespeed/ apparently
<cwillu_at_work> hmm, how do you go about getting a recent debootstrap on lucid?
<axisys> how do I list the linux images that are lower than current kernel version here? http://dpaste.com/1801794/
<cwillu_at_work> ah, you can run it from the source tree
<smoser> SpamapS, i really would have appreciated you opening that bug say 3 weeks ago
<smoser> ;)
<rostam> HI in our lab I have a server & client systems. Our client system  have a disk with two partitions, sda1 & sda2. I have installed ubuntu 12.04 LTS on sda1.  The client system boots from sda1. I like to know if I can install another instance of ubuntu on sda2. Using a kickstart file and whatever is needed on the server system?  Thx
<xtbman> Hey, I installed ubuntu server, and my network adapter doesn't show an IP address, and pinging my router returns an unknown host error. Is there a guide for configuring the network?
<smoser> xtbman, man interfaces
<xtbman> smoser: thanks I'll give it a shot.
<smoser> hallyn, stgraber your thoughts on https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1313550/comments/5 would be appreciated.
<uvirtbot> Launchpad bug 1313550 in maas "ping does not work as a normal user on trusty tarball cloud images." [High,Confirmed]
<smoser> especially wrt backwards compat (ie, getting that functional on precise)
<tom[]> is this the right place to get php 5.4 on 12.04lts? https://launchpad.net/~ondrej/+archive/php5-oldstable
<patdk-wk> tom, how do you mean, right place? there is no *supported* php 5.4 on 12.04
<hallyn> smoser: not sure what you're asking.  You just want the ubuntu-cloud lxc template to re-set the xattr?
<hallyn> oh, i see
<hallyn> i think the bug should be marked as affecting tar as well, as a query about backporting the xattr support...
<hallyn> though i assume it's a feature and so not possible
<tom[]> patdk-wk: i understand about canonical not including 5.4 in 12.04's packages. what i mean by "right place" is, do y'all think this is a good choice? is there ant consensus on using OndÅej SurÃ½'s ppa when you need 5.4 on a 12.04?
<smoser> hallyn, i'd consider it SRU'able as a necessary function for using newer things.
<hallyn> so you agree with marking that bug as affecting tar, fix released in trusty, confirmed on prcise?
<smoser> sure.
<tom[]> s/ant/any/
<smoser> hallyn, do you have any cycles to look at what that patch would be ?
<hallyn> and if you like i can look this afternoon at what it'll actually take to do it, no idea about the
<hallyn> yup
<patdk-wk> tom, that doesn't include *many* php modules, so the question is, does that even have enough php for you
<smoser> thanks.
<hallyn> pls assign the precise tar task to me
<patdk-wk> and then, do you think he will maintain security updates for you
<hallyn> (or i'll do it in a few mins)
<patdk-wk> personally, I wouldn't even think about pushing 5.4 onto 12.04, with it being in 14.04 currently
<patdk-wk> you just upgrade to 14.04 lts, and get security updates for 5years on it
<tom[]> patdk-wk: you already answered my next question
<tom[]> i was nervous about 14.04's newness and its hype about openstack
<patdk-wk> I know atleast in my ppa, I sync security updates as much as possible
<patdk-wk> I haven't had any real issues with 14.04
<patdk-wk> just a few minor things, that aren't production impacting
<tom[]> but i guess i should be less nervous of that than of unsupported builds
<patdk-wk> well, there are like 2 security issues a year, generally with php
<patdk-wk> enough to be concered about
<tom[]> the seasoned php user is almost as scared of php security as she is of linux
<tom[]> ;)
<xtbman> I figured out my networking issue, thanks.
<stgraber> smoser: I'm off today, I'll try and set aside some time to think about it tomorrow. I'm pretty surprised I didn't notice this before, I guess I'
<stgraber> I'm mostly running older releases in containers using lxc-download...
<stgraber> if we only support 14.04 on 12.04 and won't support 14.10 on 12.04, we may consider just setting the setuid flag again in a SRU which would be a quick and dirty fix for this
<stgraber> and likely much more easier than backporting the tar change (I also have the concern that busybox's tar likely doesn't support those flags so LXC will need to do some detection...)
<smoser> lxc download would also be broken, yeah. i affected lxc as the cloud template.
<Havenstance> okay so my drive is full, how can i figure out what files made it fill up?
<patdk-wk> dunno
<patdk-wk> but you can start with finding out what folders have the most space and/or inodes
<patdk-wk> exactly what is it full of? data or files?
<Havenstance> I think its full of old wireshark caputures
<Havenstance> but I don't know where to look for the previous saves?
<jak3000> hi all, i configured my vsftpd service on ubuntu-server, when i try acces i get a error: ftp: connect :Connection refused  why? how to solve the port21 is opened. and the service is running
<rbasak> jak3000: which release?
<Havenstance> patdk-wk, I found it thanks
<jak3000> rbasak how to know wich is the release?
<rbasak> jak3000: lsb_release -a
<rbasak> jak3000: also, which version? "dpkg-query -W vsftpd"
<jak3000> 12.04.3
<rbasak> Ah, not sure then, sorry. I asked because I'm working on a vsftpd bug right now, but it only affects >= 13.10.
<toyotapie> I need to write a bash script that can take the top of a page from two different tiff files and create a new tiff file with a single page that is half one page and half the other.
<toyotapie> is tiffcrop the right tool ?
<SpamapS> toyotapie: tried imagemagick?
<toyotapie> I am reading through the man page of imagemagick right now.
<xtbman> My server is working, such that other computers on my network can access it. I want non-local computers to access the home page, too. Is there a guide that explains how to set this up?
<xtbman> Right now, if I type 10.0.0.4 into a network computer's browser, it goes to my apache page on the server. So, somehow I have to set up an IP for outside computers to connect to.
<toyotapie> I think it's the append flag I need to use with convert :)
<sarnold> xtbman: simple mechanism is to port forward port 80 from your router to your 10.0.0.4:80
<sarnold> xtbman: http://portforward.com/english/routers/port_forwarding/  :)
<xtbman> sarnold thanks
<Havenstance> can someone recommend a good packet capturing program? Something similar to wireshark but one that would save the files in alot smaller file
<sarnold> Havenstance: compress the files with gzip?
<Havenstance> Except wireshark doesn't have the features I want anyway
<Havenstance> I want to be able to see how much data a particular IP has used over say a 30 day window
<Havenstance> then I'd open wireshark and capture the packets coming from that machine.
<Havenstance> So maybe I'm looking for something to use in conjunction with wireshark
<sarnold> Havenstance: ah you want something completely different then :)
<Havenstance> well, just something that would capture the packets but rather log the mbps usage?
<sarnold> Havenstance: check out 'ntop' and 'darkstat'. I've used ntop before and didn't really love it, but it did okay..
<Havenstance> perfect, i'll run a google search thanks sarnold
<sarnold> Havenstance: just apt-cache show ntop and apt-cache show darkstat -- see if you like the sound of them :) hehe
<Havenstance> thanks
<jak3000> how to open permanently the port 3306 ?
<jonascj> Hi all. I run an sftp server (using openssh) ans users are chrooted to /srv/sftp/{username}. What is the prettier solution for this setup regarding the users home directory and the creation of /srv/sftp/{username} (these users only have sftp access, no shell access): 1) to specify /srv/sftp as base dir during user creation and specify an empty skeleton dir (e.g. no files copied to the new home dir), or 2) manually create /srv/sft/{usernam
<sarnold> jonascj: check out adduser(8) -- the bit about /usr/local/sbin/adduser.local looks useful to you :)
<jonascj> The end result should be the an empty /srv/sftp/{username} directory. What the users homedir (in /etc/passwd) is doesn't really matter to me. In openssh matching I can chroot to /srv/sftp/%u or %h. I just have to choose the optoin based on whether I set the users homedir to /srv/sftp/{username} or if I set it to something else
<jonascj> sarnold: thanks, but adduser isn't that great for commandline adding users (from a script), is it?
<jonascj> or do adduser function just like useradd if I want to? normally one just does "adduser joe" and then you are asked a series of questions (password, room number etc.)
<zul> jamespage:  looks like git is on dep wait for utopic
<sarnold> jonascj: you can provide e.g. --gecos command line options to specify many things.. I'm not sure if it'll skip prompting entirely or not though...
<jonascj> sarnold: then I think I'll have to go with the useradd command instead of adduser :)
<jonascj> since it is automatic creation of triggered by something
<sarnold> jonascj: makes sense :) if you're already scripting it up, a bit more to create new directories isn't the worst thing :)
<jonascj> it looks like --gecos disables any interactive part of adduser, but then why user adduser vs. useradd?
<sarnold> jonascj: for the automatic and cheap /usr/local/sbin/adduser.local execution :)
<jonascj> sarnold: oh, and adduser.local holds commands which are run every time a user is added?
<sarnold> jonascj: yeah
<jonascj> sarnold: okay, point taken. that could be useful in some situations.
<sarnold> jonascj: yeah, more useful if you're doing the creating by hand. if you're already scrpiting it up, not as magical :)
<SpamapS> smoser: --include-xattrs=* ... don't you just love GNU people? "What? You turned on a feature, AND you want it to actually default to being .. on.. when you turn it.. on? CRAZY"
<jonascj> but really I was just more interrested in the "sematics" of the situation. If the users homedirectory have no special meaning (e.g. it holds no profile informaiton like .profile or .bashrc etc.) should I just set it to /tmp to emphasize that it holds no persistent files.
<smoser> SpamapS, yeah, i figured that part out.
<sarnold> jonascj: I'd make sure that only the user in question owns the directory and has write access to the directory.
<smoser> the fun part is going to be getting that fixed in 12.04 consumption. (ie, 12.04 systems using 14.04 roots)
<sarnold> jonascj: that assumption is baked into thousands of programs, it'd be best to not screw that one up :) hehe
<jonascj> sarnold: Then I might as well use the -m option of useradd (to have the homedir created) and "-b /srv/sftp". How then should I ensure that the newly created dir is empty? Specify my own skel-directory ? or empty out the /etc/skel dir?
<sarnold> jonascj: I'd probably go with the own skel directory, that feels more flexible for long-term modification
<xtbman> sarnold it worked! :)
<sarnold> xtbman: nice :)
<jonascj> sarnold: thanks - those a great suggestions :9
<jonascj> * :)
<sarnold> jonascj: have fun! :)
<jonascj> hmm, the folder to which sftp users are chrooted needs to be owned by root
<jonascj> so if I decide to chroot them to their home (/sftp/srv/{username}) then their home needs to be owned by root...
<jonascj> I do not know if I can put additional ACL on top of that to give the users permission again.
<jonascj> I know I need to get ACL up and running at some point because normal sftp users should be chrooted to /srv/sftp/{username} but sftp admins should be chrooted to /srv/sftp and have read and wirte access to the /srv/sftp/{username} folders...
<RoyK> jodh: seems strange. we're using sftp with rssh at work, and users' homedirs are definetely owned by the users' themselves
<patdk-wk> yep
<patdk-wk> if you want to use openssh chroot, you have to chroot to a like /home
<patdk-wk> you could replace ssh with like, proftpd and use the sftp module
<patdk-wk> you could use a custom sftp program
<patdk-wk> you could go apparmor crazy :)
<qhartman> anyone know how to force the order of resolv.conf entries via modification of the /etc/network/interfaces file?
<qhartman> I'm looking for something like modifying the dhclient.conf config and adding a "prepend domain-name-servers", but I don't know how to change that file with the curtin installer.
<SpamapS> smoser: so should we expect tarballs w/ xattrs soon on cloud-images.ubuntu.com ?
<SpamapS> utlemming: ^ ?
<utlemming> SpamapS: shortly. I just merged the chnage in
<SpamapS> utlemming: w00t
<smoser> again, SpamapS it' would have been nicer if you did this 3 weeks ago!
<smoser> (but thanks for raising it now)
<SpamapS> smoser: I agree. I did actually test trusty. Just not with nagios.
<SpamapS> Or the other 3 binaries that use the feature. :-P
<smoser> SpamapS, what are the other 3 binaries ?
<SpamapS> smoser: arping, gnome-keyring-daemon ... something else
<fellayaboy> hey hows it going guys
<fellayaboy> i have a question.  when i boot into pxe server. i can see my entries but when i select them they do absolutely nothing...it wont run the operating system
<fellayaboy> im using tftp-hpa & nfs
<fellayaboy> where can i see logs about my pxe server
<m_tadeu> I'm stuck in initfstab...can anyone tell me how to edit fstab from there?
<sarnold> m_tadeu: "initfstab"? I'm not sure I've heard of it..
<m_tadeu> sarnold: sorry, long day...it's initramfs....
<sarnold> m_tadeu: ah, okay; so, you've got a shell?
<sarnold> m_tadeu: does cat /etc/fstab show you your fstab or the one from the initramfs environment?
<m_tadeu> sarnold: I'm afraid /etc/fstab it doesn't exist at this point
<sarnold> m_tadeu: okay; cat /proc/mounts -- do you see your root filesystem mounted anywhere else at the moment?
<m_tadeu> sarnold: yes...rootfs is mounted in /
<sarnold> m_tadeu: oh, interesting. I expected /etc/fstab to your fstab in that case.
<m_tadeu> sarnold: the real root should be a LVM volume and the device is /dev/Root
<m_tadeu> I changed the volume name, but probable it didn't change fstab
<sarnold> m_tadeu: hrm, I haven't done LVM before :/ no idea there
<m_tadeu> sarnold: first time here too
<mgw> We have these lines in the upstart script for salt-minion:
<mgw>   # invoke salt-minion via su so that /etc/environment is read
<mgw>   exec su -c salt-minion
<mgw> it doesn't seem to work on Trusty though
<mgw> did something change?
<keithzg> Hmm. Ran into a bug where logrotate is complaining about mysql, turns out it's a known issue when you've stopped your mysql service . . . and has been around, unfixed, since 2009. Yeesh. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=544013
<uvirtbot> Debian bug 544013 in mysql-server "mysql-server-5.1: logrotate script cannot handle stopped mysqld" [Normal,Open]
<keithzg> Wonder if MariaDB solves that :P
#ubuntu-server 2014-04-29
<keithzg> Although my issue may not be that. Hmm.
<keithzg> Aha, I bet it's http://www.lornajane.net/posts/2008/Logrotate-Error-on-Ubuntu since the server in question recently ingested a dump from another one (so as to be used as the alternative backend for a sandbox wiki).
<Guegs> Is there a way to completely remove the group from a directory? I want them completely gone, not just 700 permissions.
<pmatulis> Guegs: what "group"?
<Guegs> drwx------ 2 guegs I_WANT_NOTHING_HERE 2 Apr 28 19:03
<Guegs> the group I want to remove from that dir is 'test'
<Guegs> Ehh, what the hell, I'll just chmod 777 it.
<Guegs> Err, 700. :-P
<rbasak> Guegs: all files must have a group owner. But there is a "nobody" group you can use if you have nothing else suitable. And giving the group no permission makes sense.
<Guegs> ohh, didn't know about the nobody group. Thanks.
<rbasak> Guegs: sorry, it's the "nogroup" group. "nobody" is the equivalent user.
<tonymke> Anyone know anything about configuring apache? Just wanted a specific subdomain to have a different documentroot directory than all other directories. e.g. dev.tony-lechner.com goes to /var/www/dev, while blah.tony-lechner.com or tony-lechner.com goes to /var/www/tony-lechner
<tonymke> Set up two site conf files, can't seem to get it working. https://gist.github.com/tonymke/11389308
<mwhudson> tonymke: do you have NameVirtualHost *:80 somewhere?
<ruben23> hi guys.. i have a publci  Server where it runs a web access and telephony server...im worried for attack and exploits does VPN works for this...but how do i setup..? shoudl it be separate server VPN or just built on teh same server..? does it require more bandiwidth
<tonymke> mwhudson: I do, in both. Sorry about the delay
<tonymke> mwhudson: err <VirtualHost *:80>
<mwhudson> tonymke: mine wasn't a typo :)
<tonymke> mwhudson: oh hey, that was the right word to google. thanks :)
<onorua> Hi guys, does some one run systemd on ubuntu server already in here?
<blkperl> onorua: well its not default in 14.04 so I'm guessing nobody does
<mvbemmel> Seen the large availablity on VNC options, which one is suggested for setting up a VNC between linux server and osx?
<owh> mvbemmel: To achieve what? Personally I use ssh.
<mvbemmel> owh: To have terminal acces from a mac
<mvbemmel> owh: could you pls tell what your setup is?
<owh> mvbemmel: Open up the terminal on the Mac, type ssh user@server, enter your password. Done
<mvbemmel> owh: perhpas I was thinking to difficult if the solution is that easy. Thanks!
<owh> mvbemmel: On the server you'll need to have installed openssh-server.
<mvbemmel> owh: check, tnx
<lordievader> Good morning.
<Guest67771> Hi I had a power outage last night. I restarted my Ubuntu server, but 2 core services I run (apache and a MOO server) aren't accessible. I've checked all I can think of - all was good prior to the outage. Suugestions to troubleshooot?
<sarnold> Guest67771: anything in /var/log that looks related? maybe also run a debsums -c to see if anything is corrupted or missing
<Guest67771> thanks <sarnold>, what does debsums do?
<sarnold> Guest67771: it checks the hashes that most packages provide in their manifests
<Guest67771> which log should I be looking in?
<owh> Guest67771: If you start apache manually, do you get an error?
<Guest67771> It made mention of the fully qualified domain name not being available - but started anyhow
<sarnold> Guest67771: I'd check dmesg to see if there's hard drive errors or apparmor errors, apache error.log to see if there's anything interesting there, boot log in case something was written to the console..
<Guest67771> localhost works
<sarnold> I think that's just a warning
<owh> Guest67771: Have your IP addresses stayed the same?
<Guest67771> Static IP from my ISP. The server has the same internal IP - fixed using MAC address. Checked that first!
<Guest67771> Boot log is mostly clean - 2 entries for apparmor (skipping profile)
<owh> Here's the FQDN fix: http://aslamnajeebdeen.com/blog/how-to-fix-apache-could-not-reliably-determine-the-servers-fully-qualified-domain-name-using-127011-for-servername-error-on-ubuntu
<jjohansen> Guest67771: the skipping profiles bit is normal when there are a profiles disabled. You can see which ones are disabled by looking at /etc/apparmor.d/disable
<Guest67771> SO that's probably not it.
<owh> Guest67771: Once you fix the FQDN, restart apache, then see if you can start the MOO.
<Guest67771> can I use the IP, rather than the domain name in the httpd.conf
<owh> Guest67771: Here is a more ubuntu specific link: https://help.ubuntu.com/community/ApacheMySQLPHP
<owh> Guest67771: "localhost" is what it needs.
<Guest67771> misinterpreted it
<Guest67771> apache started ok...no warnings
<owh> Can you now start the MOO?
<Guest67771> the MOO starts, but my error is server at 124.254.81.40 7777 is unreachable
<Guest67771> can't browse my deafult web page either - not using the IP address anyway - localhost still works
<owh> What happens if you go to the web server via the ip address or the host name, rather than local host?
<Guest67771> Oops! Google Chrome could not connect to 124.254.81.40
<owh> Can you ping the IP?
<Guest67771> yes...
<owh> From outside?
<Guest67771> but I am on the same network
<Guest67771> don't have access to an outside PC
<owh> I just realised I do ;-) I can ping it. Looks like no reply from the web server. Have you set-up a virtual host for this IP?
<Guest67771> no....but I din't have one before. IT's been working OK
<Guest67771> didn't
<owh> Does localhost:7777 work for you?
<owh> Guest67771: FYI I cannot tracepath to that IP.
<Guest67771> no...can't connect
<owh> I'd focus on getting the web server to respond. Likely the issue is the same for both. I'm wondering if you added some static routes or did some network wrangling to make it work last time and didn't save that, so the reboot killed it.
<Guest67771> makes sense...checked my port forwarding..it's good
<Guest67771> I recall putting the IP into  a config file..can't recall which one
<Guest67771> canyouseeme.org is showing ports 80, 7777 blocked
<unresolved> hi
<unresolved> i need some help
<owh> unresolved: Don't we all?
<unresolved> lol
<Guest67771> Hi I think I have a DNS issue with my server. The internet won't work from it, and I can't see web pages from the web server across my LAN. I have a static IP. Prior to a power outtage last night, all was good. But something must have been dumped or lost in the reboot. Any advice would be welcome. I've tried quite a few troubleshooting tacks, but this is where I'm at now.
<lorenx> hi all. i'm having some issues connecting to a 14.04 nfs server (a previuos version worked fine) from an ubuntu client
<lorenx> all the usual command seems fine. on the server side, "rpcbind -p" and "showmount -e" seem correct
<lorenx> and on the client side, "rpcinfo -p 10.0.0.1" and "rpcinfo -u 10.0.0.1 nfs" seem fine too
<lorenx> but "sudo mount" just hangs
<lorenx> any hint please? thanks
<rbasak> lorenx: try tcpdump at both ends, to make sure that all packets are getting through? And perhaps check any firewalls on the machines themselves?
<Guest67771> Hi I believe I may have a DNS issue in 12.04LTS. I had a power outage last night, and now I'm plagued with problems I need to to resolve. The server cant access the internet, and the web server isn't available. Anyone able to provide some advice please?
<lorenx> rbasak: the 2 machine see each other, no specific firewall rules are set
<lorenx> i can ping, can ssh to the server...
<lorenx> rbasak: one thing i noticed is probably a dns issue, nut i'm not sure it is the problem: http://privatepaste.com/4bb3101abc
<lorenx> (commands run form the client side)
<caribou> jamespage: remember yesterday's query about nova-cloud-controller's passing of authorized_keys/known_hosts ?
<lorenx> any hint please?
<zetheroo1> Hi all ... I just did 'apt-get update' on one of our 14.04 servers and it ended with this .. is it anything to stress about? http://paste.ubuntu.com/7358754/
<caribou> zetheroo1: you may fix this by running sudo locale-gen de_CH.UTF-8
<zetheroo1> caribou: thank you very much ... what was the problem?
<caribou> zetheroo1: the localization files were not created on your system and since you are using swiss german localization (at least I think so) the perl command issued a warning
<caribou> I get that all the time as I'm localized in french
<caribou> I even noticed some installation failure because of the localization
<zetheroo1> ok
<zetheroo1> yes, I am in Switzerland
<zetheroo1> is it normal that these files are not automatically created!? Don't they usually get created during the OS install?
<Guest67771> Hi I think I have a DNS issue with my 12.04 LTS server. It didn't show until I had a power outgae yesterday. Now I plagued with problems. Anyone able to assist with advice please?
<lorenx> hi all. i'm having some issues connecting to a 14.04 nfs server (a previuos version worked fine) from an ubuntu client
<lorenx> all the usual command seems fine. on the server side, "rpcbind -p" and "showmount -e" seem correct
<lorenx> and on the client side, "rpcinfo -p 10.0.0.1" and "rpcinfo -u 10.0.0.1 nfs" seem fine too
<lorenx> but "sudo mount" just hangs
<lorenx> any hint please?
<hiteshtr> which is best open source mail server
<pmatulis> hiteshtr: investigate postfix
<lorenx> any hint please? thanks a lot
<rbasak> lorenx: did you try tcpdump at both ends?
<lorenx> rbasak: not actually but i'm pretty sure there's nothing blocking each other... what should block the communication other than a firewall?
<lorenx> rbasak: do you think this is not enough? http://privatepaste.com/2475e6c308
<lorenx> rbasak: anyway, what should i exactly test with tcpdump? a specific port?
<rbasak> lorenx: make sure that all traffic sent from one end is received at the other end, and vice versa.
<rbasak> lorenx: usually if there's a problem somewhere it will fail, not hang. But network problems can result in hangs.
<rbasak> lorenx: given that you don't know how else to fix the issue, that's at least one side of things you can rule out.
<lorenx> rbasak: ok but the 2 computer is linked together (one is the network gateway) and *most* of the traffic is received correctly. i only have issues with nfs
<lorenx> maybe i should just monitor the moment when the mount hangs
<rbasak> lorenx: I've seen many network problems where *some* packets get through, but some property of specific packets cause some specific packets to fail.
<rbasak> eg. MTU issues, or some special flag set by a specific problem, etc.
<rbasak> I'm just saying that you should rule it out.
<lorenx> i'm not a tcpdump expert, what's the best tcpdump command i should run on the server while trying to mount from the client?
<lorenx> anyway, keep in mind that all works fine before i installed 14.04
<lorenx> i haven't changed my firewall rules or something like tat
<lorenx> if i reboot my old ubuntu server version, nfs works fine (the firewall rules are exactly the same)
<rbasak> "tcpdump -w dump.pcap -ni eth0 not port 22" or something like that. If you're not an expert, I recommend wireshark to examine the dump after.
<lorenx> i've also thought about a nfs-kernel-server 1.2.8-6ubuntu1 bug :P
<lorenx> rbasak: i see many packages and i'm not able to detect the exact nfs packages but when i ctrl-c the tcpdumo command it says "0 packets dropped by kernel"
<lorenx> rbasak: and now my mount command finally times out! "mount.nfs4: mounting 10.0.0.1:/lan failed, reason given by server: No such file or directory"
<rbasak> lorenx: OK, now examine the dump.pcap file using wireshark, as captured at both ends. wireshark highlights retransmissions and the like.
<lorenx> but i'm sure it exists
<rbasak> OK, forgot the capture now then.
<rbasak> forget
<lorenx> ok, good... but i have no idea on how to debug further now
<lorenx> isn't this weird?? http://privatepaste.com/c5ea8ad3cf
<lorenx> rbasak: ^
<mirelle> hello ubuntu-server community. im new to linux. but still not just a user.
<Ahti333> is there a good way to upgrade 12.04 to 14.04 right now (before 14.04.1 is out)? or am i better off reinstalling anyway?
<Ahti333> (uptime is not important)
<mardraum> Ahti333: do-release-upgrade
<Pici> that won't work until 14.04.1 is out.
<mardraum> unless you change a single line in a single file, right?
<Ahti333> yup. It does show 14.04 when i use --devel-release, but I'm not sure wether that's the real release or some devel version
<Pici> Its the real release, but I wouldn't expect for the upgrade from LTS to LTS to be completely tested.
<mardraum> yes well, you still need to test things yourself if you want to ensure no issues
<mardraum> even after the .1 that remains true
<MannerMan> do-release-upgrade -d will upgrade ubuntu 12.04.4 to 14.04
<MannerMan> but indeed, it's recommended to wait for 14.04.1
<Ahti333> well i can always revert to a backup when things go south
<Baluse> hello
<Baluse> Is it easy to create a user that would have access to /var/www/dudesite/  only and his personal whatever
<Baluse> i want to host my friend's site but dont want to give root access
<Ahti333> Baluse depending on your servers setup, it could be anything from very easy to mildly complicated :P
<Ahti333> create a new user for your friend, create /var/www/dudesite/ and change its ownership to the new user
<Ahti333> that's the basics
<mirelle> i have done biug shitty :D
<Baluse> so when accessing via ssh he could see and other folders right?
<Ahti333> Baluse that depends on how the permissions on thos other folders are set
<mirelle> have running "ubuntu 12.04" havce first installed node.js with "sudo apt-get install node.js". after that i did the misstake, also installed npm with "sudo apt-get install npm"
<patdk-wk> mostly, yes, unless you chroot him
<mirelle> now i get served issues when i want to update in the node.js the "npm"
<Ahti333> additionaly, if your friend might use php or any other non-static content for his website, he will be able to see any content the webserver is able to see, which you can prevent by using (for apache) mod_suexec and/or mod_suphp
<zetheroo1> I am trying to apply the fix on post #34 from this bug (which I am experiencing) : https://bugs.launchpad.net/ubuntu/+source/grub2/+bug/1274320
<uvirtbot> Launchpad bug 1274320 in grub2 "Error: diskfilter writes are not supported" [Medium,Confirmed]
<zetheroo1> problem is that it's unclear to me where this section ends ....
<mirelle> how do i uninstall all, to make it new?
<funcoland1> good morning! I'm trying to install apt packages in an offline installation and I'm using a command to grab the package with its dependencies but it's not downloading the deps for a package that is already installed on the system. does anyone know a command that will ignore what is installed on the system and still grab everything?
<zetheroo1> this is what my 00_header file looks like now (without edits): http://paste.ubuntu.com/7359770/
<zetheroo1> I tried editing it and running grub-update but got the following error: /etc/grub.d/00_header: 400: /etc/grub.d/00_header: Syntax error: end of file unexpected (expecting "fi")
<zetheroo1> odd thing is that I tried the fix from post #28 and grub-update works without a hitch after it ...
<smoser> smb, so https://bugs.launchpad.net/ubuntu/+source/drbd8/+bug/1185756
<uvirtbot> Launchpad bug 1185756 in drbd8 "drbd8-utils not compatible with linux-lts-raring kernel in 12.04" [High,Fix released]
<smb> yeeees
<smoser> just reading that, it seems like you fixed, that got into -updates.
<smb> smoser, I was about to whine in the server-team meeting
<smoser> and then a regerssion?
<smoser> and you have a fix for the regression in the debdiff there.
<smoser> right?
<smb> smoser, well, we did a backport from the saucy drbd package because the newer kernel module has so many changes it probably never would work with the older user-space. And the user-space seemed to support running the compat mode
<smoser> yeah, and that got into precise-updates
<smoser> right?
<smb> Just that it did only work as long as one used drbd directly, but not from clusters. Now we break current clusters
<smb> Yep its in updates
<smb> and a regression
<mintux> which one of them is best for server debian or ubuntu server ? i ubunu server as light as debian ?
<mintux> **is
<smb> smoser, I have fixes that make at least corosync cluster work ok. Just there is a recent report of heartbeat alone might still have problems
<smb> smoser, But I got some debug output as a PM and that looks a bit odd
<smb> smoser, As it does execute things I neither find in the drbd resource agent shipped with drbd nor in the one shipped with resource-agents
<smoser> smb, what is your debdiff against ?
<smb> smoser, against the updates version in precise
<smb> smoser, argh... maybe not
<smb> smoser, Oh yes ... sory I had a different package in my vi
<smoser> smb, yeah.
<smoser> ok.
<smoser> so the other hting i was going to say, smb...
<smb> smoser, I actually have the source deb on chinstrap
<smoser> is that afaik,
<smoser>  if (( $DRBDADM_VERSION_CODE >= 0x080400 )); then
<smoser> is busted
<smb> smoser, why ?
<smoser> oh. never mind.
<smb> smoser, that code was actually in before, I just added the else case imo
<smoser> smb link to source ?
<smoser> or re-attach debdei
<smb> smoser, chinstrap:~smb/4review
<smb> smoser, I admit diffs of patches suck
<smb> smoser, ok. must admit something seems not working right in case of running the init script with the new kernel
<smoser> smb, ok. so i guess you sort it out and then ping me
<smoser> i'm not sure what the sru team thinks, bu i think officially you need a new bug.
<smb> smoser, yeah. should not be long
<smoser> maybe not. i dont know.
<lorenx> nfs issue, isn't this weird?? http://privatepaste.com/c5ea8ad3cf
<lorenx> this actually: http://privatepaste.com/0a13a2a873
<smb> smoser, Actually it turns out that the problem I saw was only because that machine still ran a debug version of rc4 which emitted a version check number all the times. So nothing has to change
<lorenx> is there some issue with 14.04 concerning nfs?
<smoser> smb, so you think what is there is happy ?
<smoser> or you think you want/need a fix for the heartbeat issue you mentioned above
<smb> smoser, Happier than anything before. The heartbeat thing might be an issue but it looks a bit odd out and at least we would unbreak all the others
<smb> Well apart from going back to 8.3.x but I think that would not be that simple either
<smoser> ok. smb thenn i'll take another look.
<smoser> i'm not sure what to do about hte bug though
<smoser> since it is fix-released
<smoser> sorry to be process.
<smb> lorenx, not that I would know of. does syslog or dmesg on the server side give a hint
<lorenx> smb: hi and thanks for your reply... it seems that this is helping: http://goo.gl/iTvyN
<smb> smoser, Yeah, its unfortunate people did not report a new one... We may set it back to in progress?
<smoser> i dont really know, smb.
<smoser> lets ask in -devel
<smb> smoser, ok
<smb> lorenx, Ok yeah, nfs4 syntax is a bit special
<lorenx> smb, ok but wait... why it has been working fine with previous ubuntu version? it doesn't seem to me that nfsv4 is introduced with 14.04 right?
<smb> lorenx, No, it should have failed the same way. Not sure why it did work then
<smb> Maybe compat code that fell back to nfs3...
<lorenx> smb: in fact there is still something weird
<lorenx> what has been changed recently? i'm running the exact configuration i had with 12.04 but i'm having issues with my new 14.04 server
<lorenx> i also need crossmnt in my /etc/exports
<rbasak> Daviey: hey. Do you remember why we switched the ubuntu-server blog to the current location? Not everything is moved over, so it appears we're still using both :-/
<TheRealBacon> I remember when and vaguely why, but I think that's a question you should post upstream in the ops Chan perhaps
<Daviey> rbasak: the old one was wordpress.com hosted (as a subdomain) and we acquired a vanity domain. it was kinda embarrassing that we were not chewing our own produce.
<rbasak> Ah. That makes sense - thansk.
<Daviey> rbasak, i did think it was all moved over.. what have you seen that is missing?
<rbasak> Daviey: I'm told that we're not syndicating server team member blogs like we used to.
<gaughen> Daviey, well it's not so much missing as hallyn posted his minutes there
<rbasak> Also I think someone (hallyn?) was unaware and posting to the old one
<gaughen> yes, rbasak it was hallyn
<gaughen> and I wanted to confirm to keep using hallyn's name in vain
<Daviey> ah
<gaughen> thanks rbasak, Daviey was just trying to figure out why there were two and then why we moved away from the wordpress.com site as we can make changes ourselves
<Daviey> well i guess the old one should be taken offline?
<hallyn> smoser: fwiw i've got a patch that at least is passing all of tar's previous tests,  re-building to test a bit on my own then i'll ost on the bug
<gaughen> Daviey, do you know if all the data from the old one moved to the new one?
<gaughen> I could do a test to verify
<Daviey> does the post-minutes-o-matic script not make sense anymore?
<gaughen> at a minimum I think it should prevent people, like hallyn, from posting to it ;-)
<hallyn> gaughen: hey i know what we need, we need 2 more places to post the meeting notes
<smoser> hallyn, since you're there, could you look at what happens if i try to use '--xattrs' on a filesystem that doesn't suppor them ?
<hallyn> idle hands are the devil's tools
<gaughen> hallyn, YES!
<smoser> that makes it nasty
<Daviey> gaughen, it was imported.. i assumed everything... i noticed tge odd utf8 conversion issue tho
<Daviey> the*
<hallyn> smoser: i'm not actually 'there' right now
<rbasak> Daviey: the script was always a little broken for me. And I end up doing it by hand all the time.
<hallyn> but should be trivial to test later with a loopdev
<rbasak> afk
<Daviey> gaughen: ah. stufff that was 'reblogged' was empty
<gaughen> that's okay
<Daviey> ie, imported from other peoples blogs
<Daviey> iirc RT56145
<hallyn> ok i'll test that right after lunch
<smoser> hallyn, curious, what fs will you use ?
<smoser> i thought htat ext2 did not support xattr, but that was incorrect.
<smoser> i wonder about aufs.
<stgraber> smoser: aufs works but you need to pass some extra mount parameter for it
<smoser> does lxc pass said param ?
<hallyn> well you could use nfs
<stgraber> hallyn: hmm, I thought the docker folks said aufs could do xattr? Google doesn't seem to agree with that though :)
<hallyn> what does 'touch ab; setcap cap_mac_admin=ep ab' say?
<Daviey> smoser, is it only ping currently using extended attribs?
<smoser> 3 total files i think.
<smoser> i think.
<hallyn> you know, tar in trusty doesn't seem to be working iwth xattrs either
<Daviey> smoser, rather than changing every flavour to +S in sru.. (which is pretty nasty).. what about a cloud-init initial boot fixup.. xattr || chnod +S ?
<hallyn> yea, or just have the ubuntu-cloud template do it
<hallyn> or, as stgraber has suggested, back out the tar change...
<Daviey> hallyn, well that doean't fix non-lxc usage?
<hallyn> what non-lxc usage?
<mirelle> somebody want to help, integrating NOMP mining pool (based on nodejs) on dedicated root server? Ubuntu 12.04
<Daviey> Clint raised a bug he was aeeing of using the tar image directly?
<Daviey> and smoser confirmed xurtin?
<hallyn> xurtin?
<Daviey> curtin*
<Daviey> (mobile device keyboard)
<hallyn> hm, kyet another installer? :)
<hallyn> yeah see this is why back when we discussed this in lucid, we didn't (yet) proceed with xattrs :)  but i guess we have to break some eggs at some point
<Daviey> is mtr still +S?
<smoser> $ ls -l `which mtr`
<smoser> -rwsr-xr-x 1 root root 75256 Oct 21  2013 /usr/bin/mtr
<smoser> Daviey, ^ yes.
<smoser> i dont like cluod-init fixing things.
<Daviey> smoser, thanks
<smoser> cloud-init is not an installer.
<smoser> i'd rather have the packaging go back to setuid
<Daviey> smoser, isn't this a backwards fix for 12.04? trusty is unaffected?
<smoser> fwiw, overlayfs seems to be fine with xattr.
<smoser> http://paste.ubuntu.com/7360817/
<hallyn> stgraber: smoser: I'm not getting it.  "touch ab;  setcap cap_mac_admin=ep ab; tar --xattrs -cf ab.tar ab; rm ab; tar --xattrs -xf ab.tar; getcap ab' shows tar is NOT doing xattrs...
<hallyn> in uptodate trusty
<hallyn> (done as root)
<ogra_> trusty ... pfft ... old crap
<hallyn> true, true
<smoser> hallyn, you fell into same trap as me.
<smoser> see the diff between first and second of my attachments ther.e
<smoser> you not only have to tell it '--xattrs'
<smoser> you have to tell it
<smoser>  '--xattrs-include=*'
<smoser> I want you to use xattrs, and I want you to *actually collect* xattrs
<hallyn> that's idiotic.  i saw the option in the manpage, but somehow couldnt make that leap
<smoser> yeah. i did the same as you.
<hallyn> eh, so my patch still isnt' working
<TechIsCool> can anyone help me with an ip address issue? I have statically assigned an ip address with sudo ifconfig eth1 10.119.5.31 netmask 255.255.0.0 and configured a default route but it does not work
<sarnold> TechIsCool: can you ping other hosts in the 10.119/16 range?
<TechIsCool> yes
<sarnold> TechIsCool: cool. can you ping the router providing the default route?
<alaing> just checking what permissions do you guys have on your /var/www?
<alaing> and what user:group?
<alaing> drwxr-xr-x+ 20 root      root       4096 Apr 18 20:50 www
<Guest67771> I had a power outage yesterday, and my previous setup with 12.04 LTS was working smoothly.
<Guest67771> Now, my webserver isn't accessible to the outside world, and nor is my MOO server.
<Guest67771> I have a static IP,and use port forwarding on my router to direct traffic to my server. Here's my testing: can't ping google from server can't access web from server can ping server (192.168.xx.xx) from my other work station can ping my IP (124.254.xx.xx) from my other work station
<Guest67771> I'm using UFW - ports 23, 7777 and 80 are open. Firewall is active. Port forwarding is working to the correct IP address.
<Guest67771> I tested to see if the ports were visible - canyouseeme.org shows 80 and 7777 closed.
<Guest67771> I'm a noob, so I may have left something off the fresh install I did a few weeks ago. But it had all been working well. The install worked out of the box - no special fixes.
<Guest67771> I've trawled the web and this forum to find a fix. I commented out #dns=dnsmasq in networkmanager.conf - to no avail.
<Guest67771> I can recall in a previous install, having to add info to a config file regarding my IP address - at tis stage I'm not worried about domain names. The best I've come up with is to add dns-nameservers 8.8.8.8 8.8.4.4 to /etc/network/interface*.
<Guest67771> I really need to have the MOO up and running (it is running, but not accessible). You could say I'm desperate. Look forward to any advice you may be able to provide.
<championofcyrodi> Anyone have success with new Intel NUC on 12.04.4? PXE boot works with LTSP server, but nbd mount fails because ipconfig does not have any network interfaces found.  Seems like the Intel NUC's Ethernet driver is not included with the initrd used by the client(s).
<ogra_> kirkland, ^^^ didnt you play with NUCs before ?
<rostam> HI can I use preseed to automate installation of mini ubuntu iso? thx
<kirkland> ogra_: yo
<kirkland> ogra_: yep, plenty ;-)
<kirkland> looks like that user is gone, though
<ogra_> kirkland, well, they guy with the issue is gone now ... he was trying to netboot a NUC
<kirkland> ogra_: ah
<kirkland> ogra_: well, we do a TON of that with MAAS :-)
<kirkland> ogra_: works great ;-)
<ogra_> PXE seemsed to work fine but it fell over with a missing NIC driver in initrd
<kirkland> ogra_: that's odd;  it's just an e1000
<kirkland> ogra_: what is funny is how the kernel names the device
<kirkland> ogra_: sometimes its eth0, sometimes its em1 (device tree funkiness?)
<sarnold> biosdevname package does that renaming
<ogra_> yeah
<ogra_> there was a long discussion with some dell people long ago on ubuntu-devel ... iirc before 12.04
<hallyn> so biosdevnae renames it to em1, or to eth0?
<sarnold> hallyn: with the caveat that I've not personally seen one of these NUCs yet, I believe the biosdevname renames it to em1
<zerick> I have a spawn-fcgi not working, everytime I run it all processes apparently created are not present. Help plz
<hallyn> oh hey, found a missing chunk of patch (lying here on the floor) maybe tar --xattrs will work now
<hallyn> yay, it does
#ubuntu-server 2014-04-30
<elsevero> anyone here familiar with postfix mailsever ?
<Ahti333> i just updated from 12.04 to 14.04 and my apache php-fcgi setup stopped working. apache just spits out the php source code. these are the relevant files: https://gist.github.com/Ahti/f0885f81eb78f08fdd36
<Ahti333> has anybody experienced similar issues?
<bananapie> is there a way to automatically generate a .config file for a kernel compile that only includes drivers needed by the machine generating the .config file?
<tonyyarusso> bananapie: No idea, but you could get which ones are a) included and b) loaded on the building system.  Not the same as only what's needed, but a start.
<bananapie> ok.
<bananapie> I think I dreamed that I found such a tool a few weeks back.
<tonyyarusso> Ahti333: Haven't tried it, but I know several sections of the Apache config changed syntax with 2.4, so that might be it.  I'd suggest reading through the Apache 2.4 release notes on the subject to see if they mention anything you use.
<sarnold> bananapie: there's several make targets that may help, make localmodconfig and localyesconfig -- see the README for details
<bananapie> I can't believe I have to compile the kernel to get tux at boot :(
<bananapie> make localmodconfig is what I am looking for, thanks sarnold :D
<sarnold> bananapie: yeah, it'll be way faster than recompiling the full distro kernel .config :) hehe
<bananapie> definitely
<bananapie> I remember when I first switched to desktop linux. I had to compile gentoo but didn't know I had to load the acpi module before compile.
<sarnold> bananapie: if you haven't seen make oldconfig yet, check it out -- it may not help today, but it might help in six weeks :)
<bananapie> I burnt out my cpu
<sarnold> Ahti333: you have a space before .php on this line, is that intentional? FcgidWrapper /var/www/site/php-fcgi/php-fcgi-starter .php
<bananapie> thanks sarnold
<sarnold> bananapie: d'oh :/
<Ahti333> sarnold yes, that's intentional
<sarnold> Ahti333: bugger :)
<bananapie> Also, how is radeon.dpm=1 not compiled into the ubuntu kernel? It makes ubuntu difficult for non-technical users.
<array29> which better 12.04 or 14.04 for openstack?
<evilsteve> well which openstack version are you wanting to work with... havana or ice?
<array29> ice
<evilsteve> then 14.04
<array29> is there any trouble when getting icehose at 14.04?
<evilsteve> http://docs.openstack.org/trunk/install-guide/install/apt/content/
<array29> thankyou steve
<evilsteve> http://www.ubuntu.com/download/cloud
<evilsteve> yw
<Guegs> I'm trying to get a SMB share configured, and I am having one hell of a time. I followed this example to a T, but it still isn't showing up. What on earth could I be missing? https://help.ubuntu.com/10.04/serverguide/samba-fileserver.html
<Guegs> ... Well, for one Guegs, that is a 10.04 guide.
<airtonix> also you didn't supply a sample of any configuration file you're working with
<sarnold> airtonix: he's gone :)
<airtonix> damn kids and their drive by
<sarnold> haha yeah :)
<airtonix> and they wonder why no one replies
<sarnold> of course I think he figured it out when he saw the url and noticed that it's for 10.04 rather than 12.04 or 14.04..
<Guest67771> Hi my Ubuntu 12.04 LTS was working fine. I had a power oputage the other night, now a major problem is at hand.
<Guest67771> I can't access the Internet from the server. I can't ping google from the server. And I can't see ports open on the server. DOes anyone have any time to help troubleshoot this please?
<sarnold> hey Guest67771, welcome back
<Guest67771> thanks....still unresolved.
<sarnold> Guest67771: when you say you can't ping google, are you trying to ping google.com or are you trying to ping some of google's ip addresses?
<Guest67771> ping google.com...
<sarnold> trying pinging one of their IPs, such as 173.194.33.3 or 8.8.8.8
<sarnold> when troubleshooting networking problems it really helps to nail down each layer, one at a time. first, make sure you can route packets to the right places.
<Guest67771> both those work
<Guest67771> both those IP work whether the firewall is on or off
<sarnold> okay, pinging off your network works, neat. how about higher-level services? can you do e.g. host www.google.com 8.8.8.8 ?
<Guest67771> i typed  host www.google.com 8.8.8.8 and connection timed out
<sarnold> if DNS resolution works, then move to something slightly more advanced, http -- try e.g. HEAD http://173.194.33.3/  or curl 173.194.33.3 to make sure you get some data...
<sarnold> oh, interesting. so either udp can't get out or can't get back in.
<Guest67771> curl 173.194.33.3
<Guest67771> wrong keyboard...sorry
<Guest67771> curl...couldn't connect to host
<Guest67771> HEAD - 500 connection timed out
<sarnold> Guest67771: okay, looks like you get to inspect your firewall on this machine and the firewall on your router to make sure that the rules all look sane, and that your NAT is happening properly
<Guest67771> turned the firewall off on my server before - didn't seem to make a difference
<sarnold> Guest67771: timeouts like this are quite often caused by firewalls set to DROP packets rather than REJECT packets
<Guest67771> <sarnold>not usre that showed me anything....I port forward to 192.168.1.101 (my server) for ports 80, 23 and 7777
<sarnold> Guest67771: If you notice the problem when your local firewall is off that feels like blaming your router's firewall configuration is most convenient.. :)
<Guest67771> when i turned nat off, everything seemed to die
<sarnold> Guest67771: does ip addr list   show the ip address you expect? does ip route list  show a routing table that you expect?
<sarnold> Guest67771: hehe, yeah, you disconnected too. the NAT operation is closely tied to the firewall..
<Guest67771> ifconfig -a on the server shows i92.168.1.101
<Guest67771> the gateway does appear different on my firewall interface, than what i remember. Where is the configuration stored? Is it important?
<sarnold> Guest67771: the gateway is where all packets will be sent if they don't have a more specific route available. it's critical to get it right. check /etc/network/interfaces for the configuration
<Guest67771> I have sod all in mine...just the dns nameservers 8.8.8.8 yhat i added
<sarnold> Guest67771: is there anything in /etc/network/interfaces.d/ that would provide the per-interface configuration?
<Guest67771> I don't have an interfaces.d file
<sarnold> Guest67771: okay -- then you may need to configure your /etc/network/interfaces; you'll want to add an 'auto eth0' line or similar to have the interface brough up at boot, and then a stanza that starts 'iface eth0 inet static' followed by some more configuration. sadly the interfaces(5) manpage jumps right into an over-complicated example, but there's a nice simple example here: http://manpages.ubuntu.com/manpages/precise/en/ma
<Guest67771> do I take the info from LAN or WAN on my router. Ex subnet is 255.255.255.0 on LAN but 255.255.255.255 on WNA
<Guest67771> WAN
<sarnold> Guest67771: most of the details will need to match the LAN settings from your router
<Guest67771> how do I determine the network setting? I have the rest
<sarnold> Guest67771: which setting?
<Guest67771> network
<Guest67771> I have the address, netmask, gateway and broadcast
<sarnold> Guest67771: I don't see a 'network' setting in interfaces(5) or resolvconf(8)..
<Guest67771> auto eth0
<Guest67771> iface eth0 inet static
<Guest67771> address 192.168.1.150
<Guest67771> netmask 255.255.255.0
<Guest67771> network 192.168.2.0
<Guest67771> broadcast 192.168.1.255
<Guest67771> gateway 192.168.2.1
<Guest67771> safe
<sarnold> Guest67771: okay, a few questions here -- I think you can delete the 'network' line entirely, I don't see any documentation to support keeping it around. second, you've given the address here 192.168.1.150, but earlier you said the server reported address i92.168.1.101
<Guest67771> sorry, that's just a copy and paste from the web...not my settingd
<sarnold> Guest67771: the gateway address is not actually routable when you've configured the address in 192.168.1.* and used a netmask of 255.255.255.0 -- so either the address of this host is wrong or the address of the router is wrong or the netmask is wrong :) hehe
<sarnold> ah, good, that explains why nothing makes sense :)
<sarnold> feel free to pass along my advice to whoever wrote that, I wonder if they ever got their networking working :) lol
<Guest67771> I restarted network manager
<sarnold> you have network manager installed on this machine??? ooof.
<Guest67771> still can't ping google.com
<Guest67771> isn't it there by default?
<sarnold> for desktops and laptops...
<sarnold> most admins wouldn't tolerate it on servers :)
<Guest67771> mines only a home server - I'd die with just CLI...just a nOOB
<Guest67771> back to the routable bit - my ionternal IP for the server is 192.168.1.101 and the subnet is 255.255.255.0. Is that OK
<sarnold> it is if the router is in the 192.168.1.* network
<Guest67771> 254 I'd expect. Good
<Guest67771> The MOO and webserver still aren't working on the LAN. localhost works OK from the server
<Guest67771> I'm going to restart my router. After I made those changes, I went back to the router interface. The server wasn't showing, and it had the wrong MAC Address. I'll restart and check what happens.
<Guest67771> she's a goer
<Guest67771> thanks for your patience <Sarnold>
<sarnold> Guest67771: rebooting the router fixed it? o_O
<Guest67771> Thanks heaps <sarnold> - a very relieved man with my MOO working - we can do some programming at school tomorrow
<sarnold> Guest67771: cripes that shouldn't have fixed anything :)
<sarnold> Guest67771: but I'm glad it's working again :) hehe
<Guest67771> I suspect that something went ary in firewall with the MAC Address and static IP that I setup for my machine
<Guest67771> I'll make some notes for next time... I need the MOO working for school
<Guest67771> appreciate your help...CIAO
<sarnold> have fun :)
<lordievader> Good morning.
<ovidiu-florin> hello world
<ovidiu-florin> I'm trying to set up a samba share with anonimous access, but no matter how I set it it keeps asking me for a password.
<ovidiu-florin> here is my smb.conf: http://paste.kde.org/pa7ycwrte/6qkxcm
<ovidiu-florin> please help
<sarnold> ovidiu-florin: it's been ten or twelve years since I've really "done" samba, but my recollection is that anonymous, password-free access only worked for win95 and win98.
<sarnold> ovidiu-florin: I don't think I ever got any WinNT-derived systems to ever use anonymous or password-free shares. that was ages ago, but it might be worth some searching to see if it is supposed to work with modern microsoft clients or not
<ovidiu-florin> sarnold: http://micheljansen.org/blog/entry/182
<ovidiu-florin> it is
<sarnold> ovidiu-florin: oh good. at least lets hope he's not still using win98 in 2006. :)
<ovidiu-florin> they still are, on some places
<jonascj> Hi all. Do a user need the +x on all parent dirs to make a given dir his/her working directory? E.g. if I want to "cd /a/b/c/d" do I need +x on a,b,c and d or will it suffice to hvae +x on just d?
<jonascj> I am trying to setup openssh server to allow sftpusers to have +rwx on  only /srv/sftp/{username} and sftpadmins to have +rwx on anything inside /srv/sftp.
<andol> jonascj: You'll need the +x rights for /a, /a/b/ and /a/b/c/ as well.
<jonascj> yeah okay
<jonascj> so the reason why my openssh setup fails when I remove sftpuser's execute bit on /srv/sftp is because then the user cannot make /srv/sftp/{username} his/her directory
<jonascj> also I might not be able to chroot a user to a directory on which the user do not have the execute bit (i.e. chroot'ing the user to /srv/sftp might not work if the user have no execute bit on that dir)
<jonascj> andol: but read permission do not work the same way, right? You only need +r on /a/b/c/d to list files in /a/b/c/d, not +r on /a, /a/b, /a/b/c.
<jamespage> Daviey, zul: saucy 2013.2.3 verification went ok in the lab - commented on bug 1302575
<uvirtbot> Launchpad bug 1302575 in nova "Meta bug for tracking Openstack 2013.2.3 Stable Update" [Undecided,Fix committed] https://launchpad.net/bugs/1302575
<andol> jonascj: Yepp
<jonascj> ACL on top of my root:root owned /srv/sftp (which is the chroot of the sftpusers) did not work. Only root may have permissions there. So either both sftpadmins and sftpusers can list the directories in /srv/sftp or non of them can.
<germanstudent> Can one of you recommend a good server monitoring service? Currently I'm using New Relic, but I'm looking for a more minimalistic and cheaper solution (only OS monitoring, no apps etc.)
<DarkStar1> hi everyone. Just a qq. postgres sql 9.2 is the default for which ubuntu version?
<DarkStar1> I have a12.04 and I noticed when I installed postgres it was a 9.1
<lordievader> !info postgresql
<ubottu> postgresql (source: postgresql-common (154)): object-relational SQL database (supported version). In component main, is optional. Version 9.3+154 (trusty), package size 4 kB, installed size 71 kB
<lordievader> !info postgresql saucy
<ubottu> postgresql (source: postgresql-common (148)): object-relational SQL database (supported version). In component main, is optional. Version 9.3+146really9.1+148 (saucy), package size 6 kB, installed size 69 kB
<lordievader> !info postgresql precise
<ubottu> postgresql (source: postgresql-common (129ubuntu1)): object-relational SQL database (supported version). In component main, is optional. Version 9.1+129ubuntu1 (precise), package size 5 kB, installed size 63 kB
<lordievader> DarkStar1: As you can see (^) Saucy and Trusty have 9.3
<DarkStar1> lordievader: (love the nick) Thanks
<lordievader> DarkStar1: No proble :D
<lordievader> problem*
<mardraum> "9.3+146really9.1+148"
<lordievader> Heh, that slipped by me.
<Baluse> hello
<Baluse> if i make a mistake at sshd_config them I am locked out for ever ?
<jpds> Quite.
<Baluse> great
<jpds> But sshd is special in that it'll keep running even if you restart it.
<Baluse> i tried to create a new user
<Baluse> and what to limit him
<Baluse> chroot
<Baluse> however when i connect with that user and enter password i get disconnected
<rbasak> chroot is non-trivial to set up, since the user won't be able to access any binaries, such as even the shell, and shared libraries etc. Have you accounted for this?
<Baluse> actually I want only sftp access
<Baluse> to specified folder
<rbasak> Ah. That's different and I think you can probably do that. I don't know how though, sorry.
<Baluse> k thanks
<zmaroti> hi, could someone help me with missing /dev/dri/card0 problem? (videocard matrox G200eR2), appropriate kernel modules are installed, xserver-xorg-video-mga installed, still i get [  2324.271] (EE) open /dev/dri/card0: No such device in Xorg.0.log
<zmaroti> lsmod | grep mga
<zmaroti> mga                    40811  0
<zmaroti> drm                   302817  1 mga
<Baluse> http://paste.ubuntu.com/7365762/
<Baluse> ok here is what i get
<zmaroti> Baluse, this migth help: https://wiki.archlinux.org/index.php/SFTP_chroot
<Baluse> i did chown and worked somehow
<yossarianuk> can anyone recommend any good stress testing apps for webservers  - preferably one that produces graphs?
<yossarianuk> tried to look at jenkins/gatling but that seems insanely complicated ?
<pmatulis> morning
<lordievader> Hey pmatulis, how are you doing?
<smb> smoser, The remaining oddness has been found (bug 1314598). Would you prefer to wait until the current upload gets through or do a combined replacement?
<uvirtbot> Launchpad bug 1314598 in drbd8 "[Precise] drbd8: drbdadm does not run compat mode when DRBD_DONT_WARN_ON_VERSION_MISMATCH is set" [Medium,Triaged] https://launchpad.net/bugs/1314598
<smoser> smb, well, its not even been accepted i think.
<smoser> so i'd just ask a admin to NAK it and reupload.
<smb> WFM, are you ok with the debdiff in the bug or should I provide a deb source
<smb> ?
<smb> smoser, Its in 4review on chinstrap fwiw :)
<rbasak> jamespage: do you know why python-networkx is subscribed by ~ubuntu-server? I don't see it seeded by anything server related.
<jamespage> rbasak, taskflow
<jamespage> cinder
<rbasak> Oh, OK. No problem then. I'll prioritise bug https://bugs.launchpad.net/ubuntu/+source/python-networkx/+bug/1285611
<uvirtbot> Launchpad bug 1285611 in python-networkx "python-networkx and python3-networkx conflict" [Undecided,Confirmed]
<smoser> smb. ask an admin (Daviey or stgraber) to NAK the upload.
<smoser> and give me a diff versus what is there.
<smoser> i'll apply the diff and upload.
<smb> smoser, The v2to3.debdiff on chinstrap:~smb/4review, there would be a ready source package of it as well
<smoser> smb, awesome. thanks
<smb> smoser, last upload was removed from the queue as well
<smoser> smb, ok. quick sbuild, then upload.
<smb> ack
<smoser> uploaded.
<championofcyrodi> Hi, When I do a PXE boot of Ubuntu LTSP 12.04.4 Thick Client on Intel NUC, isc-dhcp-server responds and the image is booted.  However, the error "no network interfaces detected!" pops up and the client cannot mount the nbd on the terminal server.  Followed this guide:  https://help.ubuntu.com/community/UbuntuLTSP/AddingModules but still not working.  thoughts?
<ogra_> wow, that gouide is massive overkill
<ogra_> just add the module you want to /usr/share/initramfs-tools/modules (ro for ltsp to that file inside the chroot indeed)
<ogra_> s/ro/or/
<championofcyrodi> ogra_: once i modify the file inside the chroot.  Should I still run update-initramfs -u ?
<championofcyrodi> eh, ill update anyway, can't hurt.
<jamescarr> did I miss something here? 13.10 after an apt-update and apt-get install build-essential
<jamescarr> https://gist.github.com/jamescarr/d1b51a5fa22051465531
<jamescarr> don't mind me
<jamescarr> I'm an idiot apparently
<caraconan> Hi there. Reading about upstart. Question: how I know which service is started before when at boot time?
<jodh> caraconan: Have you seen upstart-events(7) / http://upstart.ubuntu.com/cookbook/#ubuntu-well-known-events-ubuntu-specific ?
<caraconan> jodh: thanks, I'll have a look
<rbasak> caraconan: or are you asking how to understand how all the services on your system interact? initctl2dot is good for that.
<caraconan> rbasak: I was asking if service "a" is started before "b", and if there's a quick way to see it (with "legacy" init system Sxx numbers)
<rbasak> caraconan: OK. I'm not sure if there's a better way, but I'd use initctl2dot to visualise that.
<rbasak> It gives you a graph of what causes what to start.
<caraconan> rbasak: ok thanks
<savr> hi
<savr> what happened to php5-ffmpeg in 14.04?
<cfhowlett> !info ffmpeg savr
<ubottu> 'savr' is not a valid distribution: extras, kubuntu-backports, kubuntu-experimental, kubuntu-updates, lucid, lucid-backports, lucid-proposed, partner, precise, precise-backports, precise-proposed, quantal, quantal-backports, quantal-proposed, saucy, saucy-backports, saucy-proposed, stable, testing, trusty, trusty-backports, trusty-proposed, unstable, utopic, utopic-backports, utopic-proposed
<cfhowlett> !info ffmpeg
<ubottu> Package ffmpeg does not exist in trusty
<cfhowlett> savr ffmpeg has been deprecated.  use avconv
<savr> cfhowlett: some php app I'm using needs ffmpeg
<savr> is avconv plug'n'play compatible?
<cfhowlett> savr then you have issues.
<cfhowlett> savr plug and play with what?  hardware?
<ogra_> !info ffmpeg-php
<ubottu> Package ffmpeg-php does not exist in trusty
<ogra_> funny
<savr> with php and whatever needs php5-ffmpeg
<ogra_> https://launchpad.net/ubuntu/+source/ffmpeg-php/0.6.0-2.2fakesync1build1
<savr> I think it's a wordpress plugin or something
<cfhowlett> savr check with the php folks or channel.
<savr> cfhowlett: the php folks say the module hasn't been depreciated
<savr> and google isn't bringing up any discussion to why it was removed
<cfhowlett> savr ffmpeg ffmpeg version 0.8.10-4:0.8.10-0ubuntu0.12.04.1, Copyright (c) 2000-2013 the Libav developers
<cfhowlett>   built on Feb  6 2014 20:56:59 with gcc 4.6.3
<cfhowlett> *** THIS PROGRAM IS DEPRECATED ***
<cfhowlett> This program is only provided for compatibility and will be removed in a future release. Please use avconv instead.
<cfhowlett> Hyper fast Audio and Video encoder
<cfhowlett> usage: ffmpeg [options] [[infile options] -i infile]... {[outfile options] outfile}...
<cfhowlett> Use -h to get full help or, even better, run 'man ffmpeg'
<mdeslaur> savr: it won't build with the version of libav in trusty and debian so it got removed: https://bugs.launchpad.net/ubuntu/+source/ffmpeg-php/+bug/1277603
<uvirtbot> Launchpad bug 1277603 in ffmpeg-php "FTBFS against libav 9" [High,Confirmed]
<cfhowlett> mdeslaur uvirtbot thanks for that additional info.  How did you find these?  Is there a bug search utility or something?
<mdeslaur> cfhowlett: I just went to https://launchpad.net/ubuntu/+source/ffmpeg-php and clicked the bugs link at the top
<cfhowlett> mdeslaur your google-fu is unbeatable!  Thanks.
<savr> thanks
<savr> http://packages.ubuntu.com/search?suite=trusty&section=all&arch=any&keywords=avconv&searchon=names
<savr> cfhowlett: no such package?
<savr> if I didn't have to wait 30 seconds for packages.ubuntu.com to load I would have searched desc.
<cfhowlett> !info avconv
<ubottu> Package avconv does not exist in trusty
<cfhowlett> !
<cfhowlett> savr I'm on precise until point release 1 so different repos.
<savr> http://packages.ubuntu.com/search?suite=trusty&section=all&arch=any&keywords=libav&searchon=all
<savr> sooo a lts release doesn't have ffmpeg or avconv
<savr> guess no one needs their videos for the next two years
<rbasak> savr: I guess nobody has worked on this for the last two years.
<rbasak> (well a year and a half, anyway)
<savr> and no one noticed?
<rbasak> They noticed and filed a bug!
<savr> 2 years ago
<rbasak> Yep
<savr> no one noticed the package is missing cause no one fixed the bug?
<rbasak> Based on https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=694143, AFAICT upstream is not active.
<uvirtbot> Debian bug 694143 in ffmpeg-php "FTBFS against libav 9" [Serious,Open]
<rbasak> So nobody is working on keeping the module up to date, so distributions will stop shipping it.
<rbasak> It only works against an ancient version of libav, ergo use an ancient release and you'll be fine.
<rberg> ?? avconv is in the libav-tools package
<rbasak> rberg: I assume they're talking about ffmpeg-php, which depends on libav.
<cfhowlett> savr address this to the php team
<championofcyrodi> I've spent two days trying to get this Intel NUC to load the initrd.img from TFTP, and still getting the error claiming no network interfaces found...
<championofcyrodi> booting from a usb drive shows the e1000e driver being used, adding that to the modules and updating the initramfs does not help
<championofcyrodi> also tried adding the i915 driver manually, to ensure the modules file was being read... i see an error finding the i915.ko file in the amd64 image... so I know the file is being read.
<ubasrawr> hello, can anyone help me troubleshooting my isc-dhcp files? this is my pastebin for my interfaces and dhcpd.conf: http://pastebin.com/eS68WSnJ ; but i am unsure what i am doing wrong
<DarkStar1> hi all. Iâm not sure whatâs causing a reject for my ftp access for anonymous users. I have the following config for vsftpd: http://fpaste.org/98211/13988787/
<DarkStar1> to allow anonymous users to upload to the ftp directory but everytime I connect I keep getting a CONNRefuses
<vertago1_> I am trying to setup cgroups but on 14.04 it seems like the cgconfig.conf file is ignored.
<med_> smoser, utlemming: is the Ubuntu cloud-image specifically only dhcp-ing on one interface (even if there are more than one available) in an OpenStack environment (but probably generalized to any cloud-image using UserData).
 * med_ is bringing up two interfaces regularly on different nets
<smoser> med_, it only dhcp's on eth0.
<smoser> config drive could feed it networking information and that should be uspported
<med_> smoser, is that an Ubuntu server-ism or a cloud-image-ism?
<smoser> for additoinal networking
<med_> nod
<med_> thanks
<smoser> well, its an ubuntu server-ism.
<smoser> but realisitcally its the only way you can make a generic image.
<smoser> the assumption is you have dhcp on the "management" interface
<med_> nod
<smoser> (the one that will get you to the MD service)
<med_> smoser, thanks
<med_> (fyi, we do get injected static routes on both nics to 169.254.169.254)
<xperia> hi all. i have upgraded my ubuntu server to the newest version but have a small problem with a php extension. i am getting allways the error message
<xperia> PHP Warning:  PHP Startup: Unable to load dynamic library '/usr/lib/php5/20121212+lfs/mailparse.so' - /usr/lib/php5/20121212+lfs/mailparse.so: cannot open shared object file: No such file or directory in Unknown on line 0
<xperia> Problem is when i do pecl install mailparse it says that this extension is allready installed but when i go to look inside this directory there is no mailparse extension! Can anybody help me with solving this problem?
<sarnold> xperia: you can break out strace; strace -f -o /tmp/pecl.out pecl install mailparse (or whatever) then look in /tmp/pecl.out to see what files it accessed to determine that it was already installed
<xperia> sarnold: thanks a lot. i just created btw a symlink to the folder php sayed it miss the extension from the folder where the mailparse.so extension was installed and the error message disapeared. wondering why ubuntu did not install the mailparse.so extension in the same folder like all other extensions. will just do the strace tip. thanks
<sarnold> xperia: good question, I don't even see a 'mailparse.so' in my trusty apt-file search
<xperia> looks like i installed the php5 mailparse extension with phpize from the sources.
<esde> "The following packages have been kept back:  ffmpeg x264" i added these packages with ppa, and when i just ran apt-get upgrade, i noticed this error. are there newer versions available in the "stock" repos, and the ppa packages are stale and being held back?
<esde> nvm got it
<med_> dannf is there a way to turn the logging up way high when doing a dpkg -i?
<dannf> med_: not that i know of. unless you're looking at maintainer scripts. those you can edit directly in /var/lib/dpkg/info and e.g. set -x them
<med_> thanks. figured out it was a pebcak....  (not my c/k)
<DarkStar1> hi all I need help figuring out why the anonymous vsftpd isnâs allowing connections. I have configured it thus : http://fpaste.org/98211/13988787/
<sarnold> DarkStar1: check netstat -lntp and make sure the ftpd is listening on the sockets you expect
<DarkStar1> sarnold: donât know why I didnât think of that first
<sarnold> DarkStar1: it's easy to get tunnel vision just looking at logs and configuration files :) sometimes just taking a tiny step back and looking at the whole system can make all the difference..
<Patrickdk> and then, if you don't get it
<Patrickdk> take a second step back
<Patrickdk> and swing that 10lb sledge at it
<sarnold> hahaha
<DarkStar1> Iâll take the 10lb sledgehammer right now actually
<Patrickdk> allowing anonymous uploads in the config also, has nothing to do with file permissions
<Patrickdk> is the anonymous user allowed to write to that folder?
<DarkStar1> darn thing wont start at the moment
<DarkStar1> and there are no error in the logs :/
<qhartman> ugh this consistent network device naming thing is killing me in Trusty. How do I find out what the system decided to call my second NIC so I can configure it and start using it?
<qhartman> I guessed em2, but that doesn't seem to work
<qhartman> neither do any of the old ethx stand-bys
<DarkStar1> thx guys
<DarkStar1> sledgehammer fix worked
<DarkStar1> :)
<sarnold> qhartman: does ip link show   give you the name you need?
<qhartman> (both nics are embedded, and I remember the installer referring to em2)
<sarnold> DarkStar1: haha
<sarnold> qhartman: if you just want to go back I believe you can uninstall the biosdevname package
<qhartman> sarnold, aha, yes, it's apparently "rename3". That's hilarious.
<sarnold> qhartman: o_O
<qhartman> derp derp derp
<sarnold> qhartman: derp indeed
<qhartman> lol, yup, that's what it's called
<sarnold> qhartman: it might be nice to file a bug report to point out the derpiness :)
<qhartman> after adding the config "ifup rename3" works as expected.
<qhartman> Yeah, this behavior is really obnoxious as a default
<qhartman> even sans derp, it's breaking all of my automation everywhere
<qhartman> some machines have em1, some have p1p1. It's making for great fun.
<qhartman> already reported: https://bugs.launchpad.net/ubuntu/+source/biosdevname/+bug/1295873
<uvirtbot> Launchpad bug 1295873 in biosdevname "biosdevname messes up interface names from emX to renameX" [Undecided,Confirmed]
<sarnold> I can appreciate the desire to have some kind of consistency here, especially on the machines that have four or eight NICs
<sarnold> but it feels like a change that might have been better made for saucy to sort out these goofy rename3 things..
<qhartman> yeah, I get the goal, I just think their definition of "consistency" didn't really align with a number of people.
<qhartman> At least myself, and everyone else I've talked to
<qhartman> and yeah, setting this as a default on an LTS release and not making a ton of noise about it was definitely an oversight.
<qhartman> even if it wee bug-free, a change like this is super disruptive, especially for people like me who only pay attention to LTS releases on their servers
<Patrickdk> it doesn't affect upgrades though :)
<Patrickdk> atleast not yet
<qhartman> well, that's something
<Patrickdk> I had the same rename3 issue
<Patrickdk> but then, I considered the whole thing an issue
<qhartman> yeah, so do I honestly. Again, I sympathize with the desired outcome, but this is a kinda crappy way to get there.
<Patrickdk> apt-get remove devbiosname
<Patrickdk> update-initram -u
<qhartman> actually biosdevname (for the future people trolling the logs)
<qhartman> and yeah, removing that works, thanks for the pointer Patrickdk and sarnold.
<qhartman> It caught me doubly by surprise since none of the VMs or MAAS-installed Trusty machines I've worked with are using this new scheme, so I thought I had all the kin discovered.
<qhartman> *kinks
<sarnold> qhartman: heh, what an unwelcome new surprise :)
<Patrickdk> s/unwelcome/interesting/
<qhartman> no wait, you're both right!
<sarnold> hehehe
<Patrickdk> I would rather be wrong, than right with sarnold
#ubuntu-server 2014-05-01
<linux_clown> Installing Ubuntu 13.10 Server to 890FX Motherboard with AMD Quad Core.  Dying on Select Language Screen.
<linux_clown> Any wise ideas before I begin google hunt for answers?
<sarnold> linux_clown: any chance you can try 14.04 LTS? it may have already fixed an issue
<linux_clown> Well, I was troubleshooting a problem with Zentyal which uses 13.10 as base.
<sarnold> ah
<linux_clown> Come to find it looks like 13.10 Server is the problem...
<linux_clown> 'cuz now I load 13.10 server CD and same lockup...
<linux_clown> Any of those F6 options worth messing with?
<sarnold> linux_clown: maybe try maxcpus=1 kernel command line option, maybe try adding 'nomodeset' kernel command line option
<sarnold> (both are blind guesses)
<linux_clown> will try... can't hurt
<linux_clown> nope... still locking on the language window
<sarnold> linux_clown: darn. sorry.
<linux_clown> nothing harmed.  thx for the suggestion.
<linux_clown> https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1244176
<uvirtbot> Launchpad bug 1244176 in linux "Server 13.10 Install Fails with USB Keyboard (Appears to Hang)" [High,Fix released]
<linux_clown> USB keyboard - could that really be a problem?  Dang...
<linux_clown> Guess I need to hunt out a PS/2 keyboard in the attic...
<sarnold> linux_clown: wow, that looks like it exactly
<linux_clown> Dang... at the office, too... can't believe there are no old PS/2 keyboards here...
<linux_clown> yeah... even mentions failing at the select language screen..
<sarnold> surely someone's got a model m or something? :)
<linux_clown> got a friggin' keyboard museum in my garage and attic and storage unit...
<sarnold> hahaha
<linux_clown> No worries...  but don't want to wait to make the trip...
<sarnold> maybe there's some usb/ps2 adaptors laying around?
<linux_clown> good idea... I know I have a bag full of those somewhere.  Again, probably at home...
<linux_clown> I guess not a problem with 14.04 server?
<sarnold> I hope not, but the next-to-last comment on that bug report mentioned he saw something similar
<linux_clown> burning 14.04 right now - going to see...
<linux_clown> god bless america... found a ps/2 keyboard in my buddy's desk drawer...
<sarnold> \o/
<linux_clown> that's absolutely the problem... keyboard... unbelievable...
<sarnold> crazy
<linux_clown> booting like a champ now
<owh> linux_clown: Sometimes the BIOS has a USB legacy mode in which a USB keyboard pretends to be PS/2. Often there's a chicken and egg about actually selecting that option. (You need the keyboard to change it, etc.)
<owh> Typical BIOS error case in point: "You have a keyboard error, press F1 to continue."
<sarnold> hallyn,stgraber, solar designer wonders aloud if LXC rely upon SECURE_NOROOT: http://www.openwall.com/lists/oss-security/2014/05/01/3 -- the whole thread may be worth reading
<hallyn> maybe it's too late, but i'm not quite following
<hallyn> lxc isn't using SECURE_NOROOT
<hallyn> but if no_new_privs is badly interacting iwth it, then the problem isn't secure_noroot...
<sarnold> I haven't followed the thread closely enough to know if andy's on to something or not
<hallyn> andy lumo?  he's in the thread?
 * hallyn looks for a better view of the thread
<sarnold> yeah, luto's normally on the ball :)
<hallyn> i think i'll leave this ball o' fun for tomorrow, and finish up my unrelated patches tonight...
<sarnold> good plan
<RWOverdijk> "release-upgrade-motd" is consuming 100% CPU (http://askubuntu.com/questions/322343/check-new-release-process-eating-up-resources-on-ubuntu-server-13-04). I've calmed it down by changing /etc/update-manager/release-upgrades and setting Prompt=never, and changing /etc/cron.weekly/update-notifier-common commenting out #/usr/lib/ubuntu-release-upgrader/release-upgrade-motd.
<RWOverdijk> Any idea as to why it's consuming 100% cpu when running?
<jonascj> Hi all. I'm fooling around with quota (for an sftp server I'm setting up). I have enabled journaled quota and a file aquota.user have been created on my /srv partition. My first question is if these 1k blocks thta df reports and that you can set for each user means 1024bytes?
<sarnold> jonascj: 'blocks' may be 512 bytes. it'd be worth checking to make sure you don't give out half of what you expect :)
<jonascj> So the quota database does not expect 1k blocks, just blocks. And the blocks can be whatever size?
<jonascj> empty folders on my system take up 4096 bytes, so isn't that one block?
<sarnold> jonascj: it'd either be 512, because that's the historical size, or it'd be 1024, because that's way more convenient :)
<sarnold> I really don't think it'd be 4k, even if that is the smallest 'sector size' the filesystem is willing to work with
<jonascj> sarnold: dumpe2fs /dev/vdb1 | grep -i 'block size' (my sftp data lives in /srv which is mounted on /dev/vdb1). That returns "Block size:               4096"
<sarnold> jonascj: hey! I finally found some reference: "For each user the current number of files  and amount  of space (in kilobytes) is printed" -- http://manpages.ubuntu.com/manpages/precise/en/man8/repquota.8.html
<jonascj> since the quota options have to be set in fstab for the individual partitions (which house file systems) I would think that the block size referred to by the quota system is file system block (whatever that means) opposed to harddisk sector size (maybe harddisks also have a block size, I don't know)
<sarnold> jonascj: hard drives do; drives smaller than 2tb are typically 512 bytes, larger drives and some newer drives are 4096 bytes, though some lie about it and pretend to be 512 bytes for the sake of ancient windows machines which can't fathom 4k drive sectors. I believe some ssds even have larger sizes still, not to mention their huge 1M or 4M 'erase blocks'. sigh. :)
<jonascj> but it cannot be harddisk block sizes that the quota system refer to, can it? I mean it is a filesystem feature, not a harddisk feature...
<sarnold> jonascj: it -could- be filesystem block sizes, but that'd be awkward to work with as an administrator -- you'd always have to check before using them
<sarnold> jonascj: yeah, exactly
<sarnold> jonascj: the only question is were they kind enough to give up on the traditional 512 bytes...
<jonascj> sarnold: so you think it is the harddisk block size / sector size?
<sarnold> jonascj: It's probably 1024 bytes.
<jonascj> or maybe it just is 1k blocks like the quota system says. All "tutorials" I've found speak of 1k blocks (1024bytes I assume). The quota system could work with that regardless of what the blocksize of the filesystem is.
<sarnold> my laptop's disk is currently being hammered by some long-running operations otherwise I'd go test it out :) hehe
<jonascj> wouldn't the easiest for administrators be to specify sizes in bytes? MB, KB, GB...
<sarnold> jonascj: yeah, but I wouldn't be surprised if these tools don't see much love :)
<sarnold> once they came up with the 64-bit size format they probably have'nt touched them since
<jonascj> :P
<jonascj> but I am still confused. Right now I believe the word "block" does not mean anything too special. It is just means 1024 bytes. So if I want a 10MB limit I would have to specify 10
<jonascj> 10*1024*1024/1024 = 10240 blocks
<sarnold> right, that's what I would expect too
<jonascj> not 10*1024*1024/4096 = 2560 blocks even though dumpe2fs reports 4096 block size for my filesystem
<jonascj> I guess I'll just test it. Although I do not know how fast one should expect the quotas to be updated / inforced.
<sarnold> I -hope- they'd be enforced near instantly
<jonascj> or if I need a manual cronjob to update the quotas or if it is done automatically upon filesystem activity (the last option qould be the smartest)
<jonascj> sarnold: it turned out to be blocks of 1024 bytes. Setting 4096 as hard limit allows me to upload 4MB of data. repquota is 10sec delayed or something
<lordievader> Good morning.
<jonascj> if the owner of a file do not have read permission but his group or other have read permission, do the user have read permission after all?
<lordievader> jonascj: If the user is in a group with read permission then the user can read the file.
<jonascj> and if he were not in such a group but other (owner-group-other) had read permission, the user would still have read permission?
<bekks> yes.
<lordievader> If other has read access, everyone on the system can read the file/folder.
<jonascj> good, then I cannot prevent the owner from doing anything but allowing others to do said thing using basic permissions :)
<jonascj> * or not good, it would be useful for me right now, but it wouldn't make sense if it worked that way. So good after all
<keglevich> hey all...would someone maybe know if LTS 14.04 ISO's already contain "out-of-the-box" patched version of openssl or do I have to remove/update it after clean installation?
<bekks> you have to run updates.
<lordievader> Allways a good idea to run updates ;)
<keglevich> yeah...from my previous experience running updates on production server wasn't "always" a good idea... but anyway
<keglevich> ah of course...does openssl comes preinstalled with default instllation or can you install it later fresh/updated version?
<lordievader> !info openssl
<ubottu> openssl (source: openssl): Secure Sockets Layer toolkit - cryptographic utility. In component main, is standard. Version 1.0.1f-1ubuntu2 (trusty), package size 468 kB, installed size 899 kB
<lordievader> ^ makes me think it is preinstalled.
<keglevich> seems so
<keglevich> thanks for answers!
<keglevich> https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu2
<keglevich> that's the link I found...and here it says it's already patched against heartbleed
<keglevich> is that one in the ISO's or not?
<lordievader> keglevich: ^ is in the repo, I'm not sure what version is on the iso.
<keglevich> aha ok, I'll check it out then
<keglevich> or, is there any way to check it out before installing..I mean the "repo" version?
<keglevich> http://askubuntu.com/questions/449184/how-to-upgrade-openssl-1-0-1f-on-ubuntu-server-14-04
<keglevich> here again someone says it already contains updated version
<lordievader> 1.0.1f-1ubuntu2 is on the Ubu desktop iso.
<keglevich> so probably server ISO's contain same version
<keglevich> I guess..
<jonascj> what happens to an expired account (e.g. an account created with "-e yyyy-mm-dd")? Will it remain in place with all it's files and everything but just with an invalid password?
<rbasak> $ rmadison -strusty openssl openssl | 1.0.1f-1ubuntu2 | trusty | source, amd64, arm64, armhf, i386, powerpc, ppc64el
<rbasak> keglevich: ^^ this tells me that it's on the ISOs. If it weren't, I'd see trusty-updates, and it'd be on the next point release.
<rbasak> For 12.04, it looks like the next point release will be in August.
<rbasak> jonascj: correct
<Baluse>  http://www.reddit.com/r/cablefail/comments/24cxa7/50meter_lan_no_idea_if_this_works/
<jonascj> rbasak: thanks
<mardraum> the passwd is ok on an expired account, you just can't log in with it :D once you unexpire you can use the same passwd to log in (just to be clear)
<luk__> hi
<luk__> I would need a hand with my private/local debs repo
<luk__> does anyone has experience with build such?
<rbasak> !anyone | luk__
<luk__> bot or something?
<rbasak> Apparently that snippet was delted from the bot.
<rbasak> Anyway, the point is: just ask.
<luk__> apparently ... well nothing is perfect
<luk__> sure ;)
<luk__> I have local repo defined as: deb [trusted=yes] file:/opt/debs precise main
<luk__> today I've created new package (3rd one) and added to it (just cp and I've regenerated Packages.gz)
<luk__> and when I'm trying to install this new package I get  .... 1 sec ...
<luk__> hmm ... now works :)
<luk__> I think my package name was incorrect
<rbasak> :)
<luk__> or to be more precise ... the version: 1.1-SNAPSHOT
<luk__> probably '-' in the version is not the best idea
<luk__> hmm .. strange, because i.e. my other packages has version like that: 1.5.1-1ubuntu1.1
<rbasak> '-' divides the upstream revision from the packaging revision.
<rbasak> It has special meaning, distinguishing native and upstream packages.
<luk__> hmm ... now SNAPSHOT work ... maybe the reason was that before I've added version 1.1-SNAPSHOT to repo I've first installed/removed it by dpkg -i/-r
<cloudman> Hi, are there any online courses for ubuntu server admin?
<luk__> rbasak: what is the meaning of native and upstream?
<cloudman> Googles it all the links just seem to go back to the ubuntu support page
<luk__> rbasak: it was my typo I think, thanks for help anyway
<rbasak> luk__: it's where the source comes from
<rbasak> upstream is external
<rbasak> native is part of the same source tree, for packages that don't have an upstream (eg. dpkg)
<pmatulis> morning
<zul> jamespage:  we should be able to drop the python 3.2 compat patch in python-pbr right?
<zul> shazbut
<zul> jamespage:  awesome...just awesome..
<jamespage> zul, wassup?
<zul> jamespage:  utopic sqlachemy is 0.9, migrate still depends on 0.8
<bitbyte_> any one any experience in setting up transmission on ubuntu server
<jamespage> zul, that's making all the openstack packages un-installable right?
<zul> jamespage:  working on it :)
<zul> need some new deps MIR as well
<yossarianuk> hi - looking for some simple advise about optimising LVM to house QCOW images.
<yossarianuk> I am creating a KVM server that has a 3.2 TB VG to house QCOW images - i.e /var/lib/libvirtd
<yossarianuk>  i.e a 3.2 TB LVM volume group - I created the volume group with the Ubuntu-server installer and it defaulted to 4MB PE Size
<yossarianuk> would a VG of this size (and for this task) be o.k with 4MB or would increasing the size gain better performance?
<bekks> 4M is usually okay, since the block size of qcow images is smaller than 4M.
<yossarianuk> bekks: thanks for the clarification
<yossarianuk> until now I have always housed KVM vm's in LVM volumes (instead of disk images)
<yossarianuk> but now we can do live snapshots with images....
<mah454> Hello
<mah454> Please view this : http://paste.ubuntu.com/7374561/
<mah454> why system startup check for stoping some service on startup ?
<mah454> for example : Starting load fallback graphics devices
<mah454> and then : Stopping load fallback graphics devices
<BLZbubba> hi guys, anyone else here using nfs-rdma?  On 14.04 it seems to be extremely kernel-panicky
<patdk-wk> it worked fine for me on 10.04
<patdk-wk> I haven't used it since then
<topper> Hey guys,
<topper> I'm getting
<topper> GPG error: http://us-east-1.ec2.archive.ubuntu.com precise-updates Release: The following signatures were invalid: BADSIG 40976EAF437D05B5 Ubuntu Archive Automatic Signing Key <ftpmaster@ubuntu.com>
<topper> https://forums.aws.amazon.com/thread.jspa?messageID=530139
<topper> that's an awful long DNS propogation time :)
<topper> *propagation
<iscsinoob> anyone run into ubuntu servere renaming ethernet interfaces and ignoring 70-persistant-net-rules
<iscsinoob> I think it has to do with this worthless pile of crap known as networkmanager
<pmatulis> iscsinoob: n-m on a server?
<iscsinoob> isn't not there?
<iscsinoob> oh then nm
<iscsinoob> but it's still ignoring 70-persistant-net-rules
<iscsinoob> lemme try something first
<mdeslaur> iscsinoob: it's probably because of biosdevname
<iscsinoob> ugh
<iscsinoob> so what's the solution
<iscsinoob> I am doing mac address matching in the file
<mdeslaur> I think you can boot with the biosdevname=0 kernel boot parameter if you want
<iscsinoob> i'm fine with the bios n ames but when I tried to setup networking it renamed one to rename4
<iscsinoob> then I had to edit the config again
<iscsinoob> but lemme try renaming them
<mdeslaur> iscsinoob: honestly, I'd probably just kill your 70-persistant-net-rules file, and reboot
<mdeslaur> iscsinoob: and use whatever names come up as default
<mdeslaur> iscsinoob: with biosdevname, they shouldn't change anymore as they'Re based on slot now
<iscsinoob> that's what I would think
<iscsinoob> but as soon as I added stuff tin /etc/networking/interface it renamed it again
<iscsinoob> it's not consistant
<iscsinoob> I disabled biosdevname and lets see what happens
<iscsinoob> yeah it worked
<iscsinoob> soon as I did the biosdevname it renamed an interface to "yomamma"
<iscsinoob> what the heck was the purpose of biosdevname anyways
<iscsinoob> looks good, thx
<sarnold> iscsinoob: the idea is to make it easier to determine which NIC or hard drive is which in a consistent fashion when you've got thousands of machines racked up
<iscsinoob> ah
<sarnold> it feels like the kind of thing that would have been nice to have done a decade ago :)
<www2> Hi What is the best way to use a group with apache for manage website?
<www2> b.v. i have a group foo that have only acces to /var/www/foo and not acces to /var/www/bar/
<sarnold> www2: you can definitely do that; the "BSD groups" behaviour, where you set the setgid bit on the directory /var/www/foo, might be useful too
<www2> sarnold: thx and where can i find more infomation about this?
<sarnold> www2: hrm, the best documentation I can find on short notice is in the mount(8) manpage -- thogh you don't need to change any mount options to use it
<www2> sarnold: oke i dig soon the mound page btw is it oke to add group foo to www-data user?
<sarnold> www2: yes, that should be fine
<www2> sarnold: oke i do it soon when i create the group
<sarnold> hallyn: I've got a pile of failed VMs for 1292234 -- would it be helpful to you for me to hold onto them all? or can I reclaim the space?
<hallyn> bug 1292234
<uvirtbot> Launchpad bug 1292234 in qemu "qcow2 image corruption in trusty (qemu 1.7 and 2.0 candidate)" [High,Confirmed] https://launchpad.net/bugs/1292234
<hallyn> btw can anyone tell me why pad.lv isn't working?
<hallyn> sarnold: hm, you've got a pile?  do you have a regular recipe for reproducing them?
<sarnold> hallyn: not 'regular', really, but I started with iirc ten vms and now only two or three of them boot ;)
<hallyn> sarnold: well fooi.  i'm not sure i'll be able to easily d/l them from hotels over the next bit...  but anyway if you can just keep one around, maybe put it on p.c.c ?
<sarnold> hallyn: yikes yeah hotels aren't made for four gig transfers are they? :)
<hallyn> or if you know someone going to ODS or to austin next week, hand them a usb stick? :)
<sarnold> hhaha :)
<hallyn> sarnold: by any chance are you seeing gaughen or someone at a beer outing on sat?  (you're there right?)
<gaughen> sarnold, there is beer being drank tomorrow but it's in beaverton
<gaughen> sarnold, I know how it's hard to venture that far west
<sarnold> it -is- hard to venture that far away from the couch :)
<hallyn> even for beer?
<gaughen> hallyn, I'd be happy to meet sarnold for beer on Saturday but he'll have to meet me at a children's birthday party
<sarnold> lol
<gaughen> sarnold, there will be cake
<sarnold> bouncy castle? :)
<gaughen> sarnold, nah, bouncy castles are so 2005, now it's arts and crafting
<gaughen> with reclaimed materials
<sarnold> oh man I won't get the glitter off my clothes for weeks!
<sarnold> hallyn: actually it bzip2's down to just 1.7 gigs, not nearly as bad as I feared
<gaughen> is that a bad thing?
<sarnold> lol
<hallyn> uh, i'm still all about the bouncy castles, at any rate
<gaughen> hallyn, you are so 2005
<hallyn> sarnold: well, actually i should be able to fetch it from some cloud instance, so should be fine.  if you can just post one to p.c.c i'll take a look
<hallyn> else, i'll try out your recipe next week
<vonsyd0w> hello, i was wondering if the linux-virtual kernel is no longer available in 14.04? I can't find much info about this.
<vonsyd0w> I'm trying to preseed VMs about continue to get the generic kernel
<vonsyd0w> *but continue
<Term1nal> repost from #ubuntu: Question.. I've looked online about this issue but none of the proposed fixes did any good. On my ubuntu 12.04 server, mysql fails to start on boot. I attempted to reset the init scripts with update-rc.d, I tried removing/adding the bind address, setting the on-start to wait for eth0, but nothing is working. Any ideas?
<Term1nal> Second issue, at random, I get this strange issue of ksoftirqdx eating 100% of all cores on the system despite low usage/load on any of the services on the machine.
<vonsyd0w> I've got "d-i base-installer/kernel/override-image string linux-virtual" as well
<hallyn> vonsyd0w: yeah, apt-cache show suggests that linux-virtual now just depends on linux-image-generic
<pmatulis> Term1nal: does it start manually?
<sarnold> vonsyd0w: it's a transitional package in newer releases -- I assume it isn't needed any longer: http://packages.ubuntu.com/trusty/linux-virtual
<thebwt> heya guys is there a metapackage for a openstack testing environment?
<thebwt> wanting to doa  one box wonder for play
<Term1nal> pmatulis: yes, I can do: service mysql start
<Term1nal> and it works just fine
<sarnold> thebwt: investigate juju openstack charms / bundles
<vonsyd0w> hallyn & sarnold, ah OK thanks for the info. Makes sense. Thanks.
<thebwt> rgr, thanks sarnold
<pmatulis> Term1nal: i guess you need to debug the init script.  not sure if that means upstart or sysvinit
<pmatulis> Term1nal: do you have any non-standard init/upstart scripts, change anything, etc?
<vonsyd0w> thebwt, there is also devstack @ http://devstack.org - just so you have options
<Term1nal> http://pastebin.com/u8LLsfV0
<Term1nal> pmatulis: not that I know of, just a pretty bland install of mysql on 12.04, I haven't muddled with any startup scripts until this issue started to occur.
<Term1nal> thebwt: also, check out RDO and Packstack
<thebwt> thanks!
<Term1nal> pmatulis: does it help that I'm also running postfix? mysql fails to start, then postfix won't work properly until I manually start the mysql service, then restart postfix.
<sarnold> hallyn: people.canonical.com:~sarnold/sec-precise-amd64.qcow2.bz2{,.sig}  :)
<hallyn> sarnold: thx
<sarnold> hallyn: thank you! :)
<pmatulis> Term1nal: interesting.  is postfix using mysql as a backend?
<Term1nal> pmatulis: correct.
<Term1nal> pmatulis: Not sure why it's not working on start. Nothing in the syslog indicating -why- mysql isn't starting. dmesg just has generic exit with status 1 messages attempting to start it, and mysql error.log only has generic info messages and nothing critical as far as I can tell.
<pmatulis> Term1nal: did mysql install without any issue at all?
<Term1nal> it's been running for like a year no issues.
<Term1nal> I just rarely restart the machine
<Term1nal> it still works no problem functionally, it's just the startup on boot that is the problem.
<pmatulis> Term1nal: so you don't remember whether there was any issue (at all) when *installing* mysql?
<Term1nal> we've got a heat wave here in cali and our server room AC burned out so a few of our boxes thermal shutdown on us
<Term1nal> one of them happened to be this particular ubuntu box :D
<Term1nal> pmatulis: None whatsoever :(
<Term1nal> well there's an update for mysql-server so maybe I'll give that a try :D
<pmatulis> Term1nal: you'll need to investigate how to debug the mysql upstart job
<pmatulis> Term1nal: http://goo.gl/TYm7ch
<Term1nal> well whatever I tinkered with...
<Term1nal> I just ran a dist-upgrade and rebooted
<Term1nal> started up fine O.o
<pmatulis> Term1nal: good for you
<Term1nal> lol
<mgw> If I have multiple dns servers in /etc/resolv.conf, will they be roundrobined? Or just failed over when needed?
<stgraber> failover
<failover> sup
<pmatulis> heh
#ubuntu-server 2014-05-02
<Ryan_Lane> howdy. it seems 14.04 is shipped with a broken virtualenv package? ImportError: No module named _sysconfigdata_nd
<Ryan_Lane> looks like it's been this way since 13.04? any plans on this being fixed?
<Ryan_Lane> it sucks to need to upgrade virtualenv from pip to have a working python system
<sarnold> Ryan_Lane: on a first guess, poke barry in #ubuntu-devel  ?
<Ryan_Lane> thanks
<Ryan_Lane> ahhh user-error. so great.
<sarnold> :)
<mwhudson> you always figure those out shortly after complaining in public
<Ryan_Lane> yep ;)
<bananapie> My sound is not working. I am using sox play to test the problem. If I add 'AUDIODEV=hw:0' before the play command, the sound is ok. Without this line, I get no sound. I think sound is being sent to my hdmi port instead of built in speakers, what do I do?
<patdk-lap> sarnold, heh
<patdk-lap> this renaming nics is screwing me totally
<patdk-lap> all my 12.04 machines have starting having this issue when I updated them today
<patdk-lap> eth0 renamed to rename2, eth1 renamed to eth2
<patdk-lap> and then boot hangs, cause network isn't functional
<sarnold> patdk-lap: how'd it wind up on your 12.04 systems?
<patdk-lap> not the devbios thing
<patdk-lap> just the normal 70-persistant-net stuff
<sarnold> !!
<sarnold> man I've never seen that stuff go wrong
<patdk-lap> but the issue is just more noticable with that devbios thing
<patdk-lap> well, what seems to have started to cause the issue
<patdk-lap> I had eth0, and eth1
<patdk-lap> then I added eth2, and removed eth0
<patdk-lap> but it's getting confused
<patdk-lap> cause now renames need to go eth0 -> eth1 and eth1 -> eth2
<sarnold> ugh
<patdk-lap> but eth0 -> eth1 can't happen, so it calls it rename2, and dunno, gets lots
<patdk-lap> lost
<patdk-lap> seems like a concurrency issue to me
<patdk-lap> no idea what package to even think about for this issue :)
<sarnold> udev owns /lib/udev/write_net_rules -- I suspect that's who'd I'd fle the bug against first..
<lordievader> Good morning.
 * [gnubie] waves
<[gnubie]> how am i going to permanently apply my changes to the /lib/init/fstab file? somehow, after i rebooted my system, it went back to its original configuration, removing my changes.
<mardraum> vi /etc/fstab ?
<mardraum> man fstab?
<[gnubie]> mardraum: i know /etc/fstab but somehow, there are few tmpfs based partitions that are not stated in /etc/fstab and they're at /lib/init/fstab
<[gnubie]> and i want to edit some options into the tmpfs based partitions
<[gnubie]> brb
<k3> i want file server that share file among windows and ubuntu pc and sharing is based on the user how can i achieve this?
<k3> can any one solve my problem?
<k3> i want file server that share file among windows and ubuntu pc and sharing is based on the user how can i achieve this?
<yossarianuk> is there any info about doing live snapshots with KVM/libvirtd and QCOW images ?
<yossarianuk> tried doing a live backup - using - virsh snapshot-create-as --domain test snap1 --diskspec vda,file=/var/lib/libvirt/qemu/snapshot/test.snap.disk.qcow2,snapshot=external --memspec file=/var/lib/libvirt/qemu/snapshot/mem.snap.disk.qcow2,snapshot=external --atomic
<yossarianuk> but get the following error
<yossarianuk> error: internal error: unable to execute QEMU command 'transaction': Could not open '/var/lib/libvirt/images/test.img': Could not open '/var/lib/libvirt/images/test.img': Permission denied: Permission denied
<yossarianuk> --> running 14.04 .
<yossarianuk> any ideas why ?
<med_> jamespage, I'll also test the 0.80~rc1 this weekend. Thanks for pushing it out.
<jamespage> med_, np
<Voyage> this 96.47.70.253 is my VPS ip, the VPN is something else.  now is see nmap, the VPS has bazzillions of ports open. I think its because of the openvpn client?  If I didnt installed any servers/daemons, why the ports are open? is there a security risK?
<BLZbubba> ugh so what is the proper way to report kernel panic problems on 14.04?
<patdk-wk> spin around 3 times, and tap your heals together
<patdk-wk> file a bug against that package that cause it
<patdk-wk> be it the kernel in general or a dkms module
<BLZbubba> heh
<BLZbubba> kernel, sadly.  nfs-rdma appears to be completely useless
<bitbyte> hey guys really silly question
<bitbyte> im trying to kill a process on my server and ivâe tried with sudo kill <PID> but its not closing the process
<bitbyte> and also tried sudo kill  <pid>
<bitbyte> and kill <pid> as its running under my current user
<bitbyte> any ideas ?
<rbasak> bitbyte: kill effectively asks the process to terminate
<rbasak> bitbyte: you can force it with kill -9 <PID>, but then the process can't clean up. Eg. you'd get corruption on a database server.
<bitbyte> so if the process is stuck itâll queue the kill command till its unstuck
<rbasak> Yes, or just ignore it.
<rbasak> However -9 is the KILL signal, which cannot be trapped by a process.
<bitbyte> ah ok
<rbasak> "man 7 signal" for details
<bitbyte> well the item im trying to kill is www-browser http://localhost8081
<bitbyte> so I canât think too much damage will happen
<zul> jamespage/coreycb: ok migrate and sqlalchemy should be playing nice in utopic now
<Kully> hey all; I've got a server that won't reboot, won't shutdown, won't logout, and apache can't launch ("cant open logs"). Any idea's where to look? nothing's been updated just started today. I'm afraid to hard power that it won't come back up
<BLZbubba> it sure sounds like your hard drive isn't responding.  can you run dmesg?
<Kully> yea
<BLZbubba> anything interesting toward the end?
<Kully> repeats  INFO: task sync:10048 blocked for more than 120 seconds.
<Kully> and then a bunch of call traces after some hex codes
<Kully> if it's harddrive related what would I see
<Kully> i'm sorting through
<rberg> things like sync never finishing... programs loaded in ram will still work but reading from disk will hang
<Kully> ok; so like exactly what i'm getting... great.
<rberg> can you see what smart has to say?
<Kully> no
<Kully> how to run smart with raid
<rberg> software raid?
<Yaann> Hi !
<Yaann> I'm looking for a way to generate a shutdown initramfs on ubuntu, does anybody know how to do that ? It needs to disconnect properly the nbd root device.
<onorua> guys, I need to install Ubuntu server on 100 nodes, on encrypted by luks discks
<onorua> do you have any documentation on how to do this?
<onorua> Something like kicktool for Gentoo
<rberg> fai is a great tool for mass imaging.. but I have never used it to setup luks.. so I cant speak for that
<xnox> onorua: use automated d-i pressed installation which allows preseeding full-disk luks & passpharases for encryption.
<onorua> xnox, I'll give it a try
<xnox> onorua: if you google it there is plenty of official resources and guides and howtos.
<Elfuego> hey anyone around who might be able to help with an issue im having - high CPU/ram overheads when using SMB shares on ubuntu server
<Voyage> heres my ifconfig http://pastie.org/9134287 I want to setup this server (its a vps) as a vpn client. But I dont want to loose ssh and port 8080 access (which does happens when I conenct to vpn server. it looses direct connectivity).  What should be the ips in the rules ip rule add from IP-HERE table 10        ip route add default via IP-HERE table 10
<sarnold> Voyage: check your system's routing tables before and after you start the vpn client. I have a feeling the difference between the two will let you know what needs to be modified
<Voyage> hm
<Voyage> sarnold,  am. how to check the routing table for my VPS?
<Voyage> sarnold,  ip route command tells me : for this : default via 96.47.70.225 dev eth0  metric 100       ,       96.47.70.224/27 dev eth0  proto kernel  scope link  src 96.47.70.253 .       Whats my gateway ip?
<sarnold> Voyage: heh can you pastebin that intsead? it's miserable to read in irc :) hehe
<Voyage> ok
<sarnold> (the pastebinit package is awesome for pastebinning the output of commands)
<Voyage> sarnold,  http://pastie.org/9134306
<patdk-wk> are you using openvpn?
<Voyage> patdk-lap,  yes
<sarnold> Voyage: there we go :) 96.47.70.225 is your gateway
<Voyage> sarnold,  ok
<Voyage> sarnold,  am. how to check the routing table for my VPS?
<sarnold> sarnold: same thing
<patdk-wk> wait, what is the question here?
<patdk-wk> oh, you want default route over the vpn
<Voyage> so this is ok ?
<Voyage> ip rule add from 96.47.70.253 table 10
<Voyage> ip route add default via 96.47.70.225 table 10
<patdk-wk> what is the ip source of these ssh and 8080 clients?
<Voyage> patdk-wk,  i wanted to check the table routs before doing anything. as sarnold  suggested
<patdk-wk> 96.47.70.253?
<Voyage> yes
<patdk-wk> only? ever?
<patdk-wk> what?
<patdk-wk> that is your own ip
<Voyage> .253 is my vps. that is what I have made a vpnclient.    but as soon as I died. I lost ssh and other ports
<patdk-wk> this makes no sense
<patdk-wk> yes, you don't understand the issue
<Voyage> patdk-lap,  .253 is not my own ip
<patdk-wk> it's the ip on the vps
<Voyage> patdk-wk,  whats the issue?
<Voyage> yes
<Voyage> so?
<patdk-wk> and your running the vpn client on the vps?
<Voyage> yes
<patdk-wk> so when it connects, you loose ssh to the vps?
<Voyage> I connected to to a vps server
<Voyage> yes
<Voyage> i loose all. even ping
<patdk-wk> yes, cause default route is going over the vpn
<patdk-wk> is that what you want?
<Voyage> hm
<patdk-wk> do you want, by default, all internet traffic to use the vpn, or not
<Voyage> I want the VPS to browse/ use internet through vpn server. but I also want the VPS to be available for ssh and 808
<Voyage> 8080
<Voyage> patdk-wk,  got my point?
<patdk-wk> ya, but you need to do it another way
<Voyage> what way?
<patdk-wk> so yo uhave table 10
<Voyage> I dont know whats table 10
<Voyage> really
<Voyage> heres what i got help from https://forums.openvpn.net/topic7175.html
<Voyage> patdk-wk,  but first. How can I see the table routes already present. ? like sarnold  suggested?
<Voyage> patdk-wk,  secondly, will doing this solve my problem?
<Voyage> ip rule add from 96.47.70.253 table 10
<Voyage> ip route add default via 96.47.70.225 table 10
<patdk-wk> http://pastie.org/9134328
<patdk-wk> I wonder how well from ip works
<Voyage> patdk-wk,  sarnold  http://pastie.org/9134331
<patdk-wk> I normally do this via mac address matching
<Voyage> patdk-wk,  nothing  chanted with what i did in table 10. http://pastie.org/9134338#1,7-9
<patdk-wk> it shouldn't
<patdk-wk> cause you didn't change the routing table
<Voyage> patdk-lap,  the routing tables should have changed. shouldnt it
<patdk-wk> ip rule show
<patdk-wk> no
<patdk-wk> you are viewing the main table
<patdk-wk> you edited table 10
<Voyage> patdk-wk,  http://pastie.org/9134346#22
<Voyage> patdk-wk, ok. how to see table 10? and after that command that changed table 10 . are we good to go?
<patdk-wk> ip route show table 10
<Voyage> $ sudo ip route show table 10
<Voyage> default via 96.47.70.225 dev eth0
<patdk-wk> looks ok
<Voyage> good to go?
<Voyage> ok
<Voyage> now I should run the openvpn client. ?
<patdk-wk> ya
<Voyage> and I wont loose ssh
<Voyage> ok
<Voyage> great
<patdk-wk> no idea
<Voyage> let me see
<Voyage> am..
<Voyage> no idea? why?
<patdk-wk> I have never tested with that method
<Voyage> https://forums.openvpn.net/topic7175.html
<Voyage> oh ok
<patdk-wk> in my case, I was concerned about the source mac address of packets, not the source ip
<patdk-wk> cuase the source ip, I was sending to many gateways
<Voyage> k
<Voyage> will get back in a minut after starting
<patdk-wk> I was doing symetric multihoming
<patdk-wk> asymetric is much simpler
<patdk-wk> so ,either it worked
<patdk-wk> or he lost his internet
<sarnold> lets hope it worked :) i don't know details of any of the vpn things..
<Voyage> patdk-wk,  looks working.! thanks! I just dont know how to be sure that openvpm wont stop as close the console (ssh console to vps)
<patdk-wk> use nohup
<patdk-wk> or better yet
<sarnold> Voyage: you could run it in tmux or screen
<patdk-wk> just set it up correctly in /etc/openvpn
<sarnold> oo
<sarnold> better
<patdk-wk> and use the /etc/default/openvpn to do it
<Voyage> sarnold,  or just on "screen"?
<Voyage> hm
<Voyage> Now if some one wget / curl some site on the VPS , it will use the ip of VPNserver ? correct
<chestwood96> can anyone quickly eplain something about load averages?
<Voyage> patdk-wk,  sarnold  it seems that I cant ping google or wget google or do anything from VPS but I can how ever , on my local pc, do ssh -D 8080 moez@theVPS-IP and browse web. guess what. the whatismyip.com tells me that my ip is of the VPN server
<patdk-wk> Voyage, that is what you wanted
<patdk-wk> you said you wanted all internet traffic to go over the vpn, by default
<Voyage> hm
<patdk-wk> now, if it isn't working, it's an issue with your vpn
<patdk-wk> what changed had nothing to do with that
<Voyage> if i do ping google.com form my VPS. it should work. no?
<patdk-wk> I don't know
<patdk-wk> I didn't setup the vpn, or setup the firewall rules on it
<sarnold> chestwood96: load averages aren't as useful for measuring a system's load as their name implies :)
<chestwood96> but they show that it is overloaded dont they?
<chestwood96> A system load of 8 is not good on a songle core system if i get this right
<Voyage> patdk-wk,  see. mylocal pc > -D 8080 Vps (which is VPN client) > vpn server. works fine.       but when I ssh to my vps, ping google or do wget or curl. Resolving google.com (google.com)... failed: Temporary failure in name resolution.
<sarnold> chestwood96: it could be that you've got eight tasks set to run at an idle or low priority, it might not be anything to worry about or it might be big trouble -- it's more useful as a measure over time than any specific measurement
<patdk-wk> well, there would be your next issue
<sarnold> Voyage: does your vps have a route to a dns server?
<patdk-wk> your turned up the vpn
<patdk-wk> can you stil lcontact your dns servers?
<patdk-wk> man
<Gallomimia> using ubuntu server 14.04 installer to install a new system (on my desktop, as suggested by them, will add desktop packages later) with encrypted LVM on top of a software raid5. does the raid need a first partition with some kind of unencrypted boot volume, who determines what size it is and installs the various things, and how do i then configure my encrypted volumes afterward, with mountable such and such
<chestwood96> well i am running a raid5 mdadm array wich i am triing to share over nfs
<chestwood96> and i get reasonable writes locally but less than 10mb/s over nfs
<Gallomimia> yeah that i want to do secon
<Voyage> sarnold,  I dont know... patdk-wk  how to find out?
<Gallomimia> ew slowness
<Voyage> patdk-wk,  sarnold  how to contact  dns servers?
<sarnold> Voyage: find the ips of your nameserver in /etc/resolv.conf and make sure that you have routes that can cover those resolvers
<Voyage> sarnold,  nameserver 96.47.64.10
<Voyage> search keyreactions.com
<sarnold> Voyage: does your routes let you reach that host? any chance ping to it works?
<Voyage> sarnold,  how to create routes for that now?
<Voyage> should I ping  96.47.64.10 ?
<Gallomimia> diagnose before making changes
<sarnold> Gallomimia++ :)
<Voyage> sarnold,   ping  96.47.64.10
<Voyage> PING 96.47.64.10 (96.47.64.10) 56(84) bytes of data.
<Voyage> .. no output
<chestwood96> sarnold: the hardware is really weak so it is likely to overload
<Voyage> sarnold,  ya. I cant ping the  96.47.64.10. what should I do
<sarnold> chestwood96: could be; check ps aux -- and look for 'R' and 'D' tasks; the 'R' tasks are ready to run and the 'D' tasks are blocked on IO; hopefully that'll give you some feeling of which tasks are being starved
<sarnold> Voyage: since the kernel didn't complain about a route to the host, you've got a route -- it may not make sense for a local dns resolver if it goes back to your laptop or something -- so if the packets aren't getting responses they've either been firewalled on your vps or elsewhere...
<Voyage> sarnold,  everything was working fine untill the changes.
<Voyage> sarnold,  the above said things are done on the vps
<sarnold> Voyage: I don't know if openvpn decided to firewall off everything or if it decided to install broad routes over its tunnel rather than specific small routes over the tunnel...
<chestwood96> so there is a kworker procces on D and some jbd2/md0-8 when writing locally
<Gallomimia> i had this problem when i was trying to configure my vpn. i eventually gave up. i wanted local traffic on my box to still take local routes and only traffic to the internet would use the vpn. i couldn't get it working. but your dns packets aren't going where they should. either you have the wrong dns now configured, and it should be something in your vpn's services, not something at home. perhaps its still set as your local 
<Gallomimia> anyone know how to install a bootable encrypted raid5?
<Gallomimia> im a little mystified halfway thru the config
<chestwood96> sarnold: when writing over nfs there are 4 nfs processes on D
<sarnold> Gallomimia: hrm. I'm got a feeling I've heard that grub is far happier with mirrors than with other raid types.. throwing in encryption can't make it any easier :)
<sarnold> chestwood96: sounds fair. you may be able to tune the nfs processes in some way -- block sizes, tcp window sizes, etc., but I'd go slowly when making changes
<chestwood96> sarnold: for some reasons reads are ok over nfs, i get 110mb/s wich is pretty much gigabit
<sarnold> chestwood96: oh, try local writes to the same pool?
<chestwood96> my clients are 2 xenserver6.2 (centos) machines
<chestwood96> local writes are about 130mb/s the mdadm array runns pretty well
<sarnold> chestwood96: are those read speeds because the clients are using cached reads rather than going to the server for their reads? :)
<Voyage> sarnold,  after this http://pastie.org/9134455      I cannot do ping google.com from the vps. but I can how ever do  mylocal pc > -D 8080 Vps (which is VPN client) > vpn server. works fine.       but when I ssh to my vps, ping google or do wget or curl. Resolving google.com (google.com)... failed: Temporary failure in name resolution.
 * Gallomimia imagines this install magically working and presses forward
<chestwood96> sarnold: i do not know where that would becahced im triing with 1GB files
<Voyage> sarnold,  patdk-wk  any clue?
<mesut> is it possible port ubuntu touch htc desire hd ?
<sarnold> mesut: try #ubuntu-touch ?
<Gallomimia> anything's possible. the question becomes are you going to do it?
<sarnold> Voyage: hrm, no, looks like that ought to work :)
<mesut> opss sory
<Voyage> then why sarnold , the dns is not working?
<chestwood96> sarnold: btw iscsi has slightly lower reads but more than tripple writes (35mb/s)
<BLZbubba> ok this is weird, i have a mysql test that is cpu bound - using 100% of every core - but load avg is under 1.  how can that happen?
<patdk-wk> BLZbubba, exactly what does the one have to do with the other?
<patdk-wk> do you know what loadavg is?
<sarnold> BLZbubba: sounds like the machine does nothing else
<Voyage> sarnold,  for learning . this is very strange. what possible reasons can there be?
<patdk-wk> voyage, basic networking 101
<sarnold> Voyage: firewalling on your local system, firewalling on your gateway, firewalling before the dns server, firewalling on the dns server, access control lists on the dns server.. yanked wires, broken switches, broken routers, it goes on :)
<Voyage> patdk-wk,  ya, but what did I do wrong
<Voyage> ..... :(
<Voyage> sarnold,  can I be close or with a clue. there would be a solution any way
<patdk-wk> Voyage, I didn't setup your vps, your vpn, your ..., I dunno
<sarnold> Voyage: I'm sure there's a solution, it's all just software, but I don't know enough about your provider or you system to really offer a good next step. if your vps can directly contact dns servers itself you could run your own recursive resolver such as pdns-recursor, but that's a big step to take if you don't want its other features..
<Voyage> patdk-wk,  sarnold  line 72. thats where the vps was setup. normal. http://pastie.org/9134455#69
<chestwood96> sarnod: would more cpu power fix my problem?
<sarnold> chestwood96: no idea, sorry
<chestwood96> sarnold: the machine could just be insufizient
<sarnold> chestwood96: could be, or could be some tuning could make it more effective.
<Elfuego> side note - do you know if they fixed the issue with loading huge SMB shares causing a large amount of cpuram usage
<chestwood96> itl like a dinosaur athlon 64 i blought for 12 bucks including a mainboard
<sarnold> chestwood96: hahah fantastic :) performance per dollar is pretty good ;)
<chestwood96> it did its initial job pretty well but mow i repurpoused it
<chestwood96> it was easily strong enough to let my spare 7970 mine a buch of dogecoin
<sarnold> wow much coin!
<chestwood96> well i stoped because of power efficiency
<mgw> stgraber: yesterday I asked about resolv.conf behavior and you said the secondary is only used for failover
<mgw> But I mis-presented my situation
<mgw> I actually have dhcp+resolvconf+dnsmasq
<mgw> and dhcp is serving up two IPs
<mgw> I want to be sure that if I take the secondary (as served by dhcp) offline, everything will continue smoothly
<sarnold> take it out of the dhcp configuration beforehand?
<mgw> that's probably the safe way
<chestwood96> sarnold: I could get a core 2 for 40 bucks, that should do doesnt it ?
<mgw> and then, what's a safe way to force renewal
<mgw> I have salt installed, but am afraid of losing connectivity
<mgw> if I run dhclient -r
<sarnold> mgw: easiest is to wait however many seconds you've configured :)
<mgw> sarnold: thanks. And second easiest?
<sarnold> chestwood96: could be, those core 2 chips sure seemed impressive seven or eight years back :)
<sarnold> mgw: dunno :/
<mgw> sarnold: thanks
<mgw> if I run dhclient -r I will lose network, right?
<sarnold> mgw: probably; you could also try ifdown eth0 ; ifup eth0 -- or whatever the nics are ..
<chestwood96> sarnold: its apparantly about 3x faster than the 3000+ so that might work
<sarnold> chestwood96 :D
<chestwood96> but as I googled this seems to be a bug with nfs
<sarnold> chestwood96: could be, among my pals it seems more folks prefer to use illumos-based nfs servers than linux nfs servers, but that may say more about my pals than the situation :) hehe
<chestwood96> what are illumos-based servers?
<sarnold> chestwood96: smartos, omnios, openindiana, nexenta
<chestwood96> sarnold: as if that poor old 3000+ could handle ZFS
<sarnold> :)
<chestwood96> sarnold: Thanks a lot it was apleasure talking to you, i am going to try out ubuntu 10.10 where it apparantly works(according to the bugtracker) cya
<sarnold> chestwood96: yikes
<sarnold> chestwood96: 10.10 has been eol for ever :)
<sarnold> chestwood96: pick from one of these :)  https://wiki.ubuntu.com/Releases
<sarnold> chestwood96: 12.04 LTS or 14.04 LTS would be 'best' choices, you won't have to upgrade immediately and they should be pretty stable
<chestwood96> its running 14.04 atm
<chestwood96> pretty fresh install
<sarnold> oh good good
<chestwood96> but there seems to be a bug in >10.10 where nfs goes ammok https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1006446
<uvirtbot> Launchpad bug 1006446 in nfs-utils "nfs4 causes enormous load in ubuntu-server making it unusable (dup-of: 879334)" [High,Confirmed]
<uvirtbot> Launchpad bug 879334 in nfs-utils "nfsd from nfs-kernel-server very slow and system load from 25%-100% from nfsd" [Undecided,Confirmed]
<sarnold> chestwood96: comment #29 mentions switching to the deadline scheduler; switching schedulers may do the trick and would be far faster to test :)
<chestwood96> im at it just have to fund out how
<sarnold> chestwood96: comment #49 also looks easy and simple to try thogh it may not be -your- problem... but again, some tuning may help
<chestwood96> allready tried 49 -> reads went down writes stayed the same
<sarnold> chestwood96: so, scheduler.. look around in /sys for a block/sda/ directory -- mine has it under /sys/devices/blahblah/ in a really inconvient location :) but go find those..
<sarnold> chestwood96: ah, find /sys -name scheduler  ought to find them
<sarnold> chestwood96: cat those schedulers, see what they are, and pick a different one to test with :)
<chestwood96> cat /sys/devices/virtual/block/md0/queue/scheduler returns "none" am I doing it wrong?
<sarnold> chestwood96: how about the block devices underneath the raid?
<Voyage> sarnold,  patdk-wk  I see that when the openvpn is closed. I get normal internet connectivity back. Now I can use DNS and ping google.com
<patdk-wk> yes, cause your dns servers are foobar
<patdk-wk> we know that
<patdk-wk> use dns servers provided by your vpn
<Voyage> foobar?
<patdk-wk> make sure dns works over the vpn
<Voyage> ok. how?
<patdk-wk> I dunno, I didn't setup the vpn
<Voyage> how to use the dns provided by my vpn?
<patdk-wk> again, I didn't setup your vpn
<Voyage> any idea?
<chestwood96> sarnold: i think ill just put the drives into one of the xenserver hosts and share it from there they got plenty of power
<sarnold> chestwood96: hehe makes sense
<sarnold> give that poor machine a rest :)
<chestwood96> sarnold: the actual point of it was to have the storage separated so i can turn of either one without compormising the other
<chestwood96> sarnold: tanks again, you were very helpfull. good night whatever timezone youre in
<sarnold> chestwood96: thanks, have fun! :)
<rostam> Hi I see some of the ubuntu packages have "ocaml", what it means? thx
<sarnold> rostam: ocaml is a functional programming language similar to ml or haskell
<sarnold> rostam: those would probably be language bindings for whatever library it is into ocaml
<rostam> sarnold, thank you.
<raydeo> does anyone know why upstart (consistently) gets into unfixable states for me? specifically "start nginx" <hang/Ctrl-C> "status nginx" <start/starting> "stop nginx" <hang/Ctrl-C> "status nginx" <stop/starting> "start nginx" <start/starting> rinse/repeat
<raydeo> I have other scripts with this behavior, and I cannot find any workaround to even get out of this state.. if I copy nginx.conf to nginx2.conf and start that, it works fine. I have this problem on 12.04 was hoping 14.04 would solve it no to avail.
<raydeo> the only way to fix the nginx state appears to be to reboot
<raydeo> but more importantly why does it keep breaking
<Elfuego> nginx is pretty hard to get worknig right - but ones u do its pretty solid
<raydeo> sorry but this isn't an nginx question specifically
<raydeo> I have other services that are breaking in upstart as well
<rostam> HI I am getting a linker error and I do not what package I am missing: /usr/lib/x86_64-linux-gnu/libavcodec.so: undefined reference to `schro_decoder_reset'      How could I find the missing package and resolve it? thx
<sarnold> rostam: looks kinda like "schroedinger" of some sort: http://ubuntu-codesearch.surgut.co.uk/search?weighted=1&q=schro_decoder_reset
<rostam> sarnold, thank you
#ubuntu-server 2014-05-03
<mgw> OT: anybody here using System76 laptops?
<p7ank5te7> Anyone here familiar with vFense-Server? It's used for update management similar to that of WSUS for windows servers
<justizin> what do people use for an iscsi target / server on ubuntu these days?
<sarkis> hey all, i seem to have mucked something up with motd.. it won't regenerate automatically on ssh login
<sarkis> anyone know what actually triggers that action so I have a clue what to look for?
<sarnold> sarkis: update-motd runs the scripts in /etc/update-motd.d/
<sarnold> sarkis: update-motd is kicked by pam_motd in /etc/pam.d/
<sarkis> hmm i don't see pam_motd
<sarkis> ah ok it's in /etc/pam.d/login
<sarkis> and i do in fact see pam_motd, so why isn't it triggered? :(
<sarnold> only in login?
<sarnold> ssh uses the /etc/pam.d/sshd, not /etc/pam.d/login -- and pam.d/sshd may not be consulted for ssh key logins
<sarkis> aha
<sarkis> for some reason sshd is commented
<sarkis> damnit.
<sarkis> the pam_motd line in ssh
<sarkis> ugh
<sarkis> i wonder why someone would comment this out
<sarnold> maybe it busts an ancient expect script? :)
<lordievader> Good morning.
<themhz> hi all
<themhz> I have set the permissions to some files and folders in /var/www/somewebsite to 644 and for folders 755. But when I open a file from netbeans I can't edit it. Why is that happening? Physically I am the owner of those files and folders under that directory, why can't I edit them? If I change permissions to 777 I can edit them normally.
<duli> When I try to install pecl_http on ubuntu server 12.04 I get a missing php_raphf.h error (http://pastebin.com/kpdrNP7G). I can't find any info on how to install this missing dependency. Any pointers?
<dw1> something -dev
<dw1> http://www.mkfoster.com/2009/01/04/how-to-install-a-php-pecl-extensionmodule-on-ubuntu/
<duli> dw1: tks, I have already seen that link. I have all the dependencies. For some reason, it is not downloading and compiling raphf and propro when I issue pecl install pecl_http
<duli> I'll try to remove and install again..
<duli> somehing is clearly broken
<dw1> duli: you could try this upcoming 14.10 package https://launchpad.net/ubuntu/+source/php-raphf/1.0.4-1/+build/5946141
<dw1> doesnt exist for other versions
<dw1> if youre on 14.04 should work?
<duli> I tried in a fresh installed Ubuntu server 12.04. It has worked. The command pecl install pecl_http itself downloads and installs raphf and propro
<dw1> ah yeah its a pecl package too
<duli> but on the broken machine pecl thinks raphf is there, but it's not
<duli> so id does not download and compile it
<dw1> is it installed somewhere else
<dw1> can it be installed individually
<duli> okay, removing with pecl uninstall rapfh and then installing pecl_http has worked
<dw1> :)
<duli> tks
<ice9> is it possible to know from which mirror a package was installed?
<Gallomimia> installing the ubuntu server on my desktop. 14.04 image downloaded from the site. i'm installing it onto a raid5 with encryption and lvm. finally got those partitions configured but i am lacking someplace to put the grub boot loader. what did i do wrong and where do i go back to to fix it?
<PryMar56> Gallomimia, setup a block device (not LVM) for /boot, make it about 1G
<Gallomimia> yeah. will i need to de-raid the drives and slice off a partition for that?
<Gallomimia> thought this happened anyway
<PryMar56> not de-raid, but shrink the PV's
<PryMar56> raid is OK, if its raid 1, then 2 /boots are needed
<Gallomimia> it's raid5 :
<Gallomimia> i'm still within the installer of course
<Gallomimia> i have a separate drive from all this with an old bootable system
<Gallomimia> i think this means i have to deactivate all the LVM partitions and delete the volume group. then partition the encrypted volume pre-LVM
<Gallomimia> do i need to get the /boot partition before the devices are raided together?
#ubuntu-server 2014-05-04
<Gallomimia> i should like to mention this is a software raid
<arrith> Gallomimia: i hear you can RAID1 a /boot partition, and when the RAID isn't on it still should function as a boot partition. so you get super redundancy for /boot
<arrith> usually okay to get away with it since it's only like 1G
<pmatulis> speaking of raid, anyone try using mdadm with fakeraid on trusty?
<dyu> I just mounted postgres home(/var/lib/postgresql) with ecryptfs. After rebooting the machine, it is mounted for me automatically, but if I try to do any writes it tells me that it's a read-only filesystem. It's very weird coz mount shows it mounted as read/write. Here's some logs/output: http://pastebin.com/PsqkAv9Y
<Gallomimia> still having difficulty installing onto a raid5. do i need to put /boot on a separate partition which is not involved in the raid??
<InFierno> Should work fine if you dont
<InFierno> what ubuntu server version>
<Gallomimia> 14.04
<Gallomimia> i intend to install the desktop package since i'm installing on a desktop
<Gallomimia> the server installer is superior
<Gallomimia> InFierno: it didn't work fine the first time i tried it
<Gallomimia> alright so /boot is slice off. i have a raid1 across three slices, and raid5 with the remainder of the three drives. 2gig slice
<Gallomimia> how shall i secure it
<InFierno> Any particular reason you arent just using raid 10 and be done with it?
<InFierno> I stopped using parity a while back - found there was too big a write performance hit
<Gallomimia> i only have 3 drives. raid10 won't work out for me
<Gallomimia> InFierno: what is the bottle neck in the parity situation?
<Gallomimia> i feel my system won't have cpu as a bottleneck but it is likely to have a nb chip bandwidth problem. i want to overclock it and the ram
<Gallomimia> unable to install grub in /dev/sda1 why is this every time
<InFierno> You take a write performance hit when calculating parity - on my home server write performance went from ~150MB/sec at max to around 70MB/sec with raid 5/6
<InFierno> That said my home server is quite "low end"
<Gallomimia> mine has a 4ghz octocore
<Gallomimia> it should keep the pace
<Gallomimia> #grub-installer sda1 sdb1 sdc1
<Gallomimia> ls: sda1/proc: not a directory
<Gallomimia> why it fail ><
<Gallomimia> i need to fix the Use As: in the partitioner. what i set this to?
<Gallomimia> should i have them raided? software raid. the grub installer didn't like that
<InFierno> I use an SSD as a bootdrive and HDDs in raid for everything else
<InFierno> + a hardware raid card
<Gallomimia> i was planning to use the ssd's as a dm-cache device
<Gallomimia> i suppose i could move the /boot slice to an ssd
<Gallomimia> but for some reason always always always mounting /boot in installer fails miserably
<Gallomimia> currently the error message says: attempt to mount a filesystem with the type ext2 in scsi2 0 0 0 partition #1 sda at /boot failed
<Gallomimia> but why
<InFierno> bad sata cable?
<Gallomimia> the raid built fine, and it installed the full system on it
<Gallomimia> could i really see a bad sata cable this far into the installation?
<InFierno> They are reasonably easy to swap so id try it
<cfhowlett> Gallomimia THIS ^^^ or even a loose cable could do it.
<Gallomimia> well. i guess i shall consider how many sata cables i have to try a different one
<Gallomimia> should i see this problem on all 3 disks?
<Gallomimia> frack. it won't even react to my asking it to put /boot on a different of the 3
<Gallomimia> so annoying.... alright take a breather and try again in a sec
<posthuman> i installed samba4 as ad dc .  DNS works fine on my network  but dns-forwarding does not work at all. Can u help here ?
<badconduct> Hey
<badconduct> I have a debian question
<badconduct> I am using Putty to manage a server in my home network, I launched an application and you can see it running in terminal
<badconduct> if I close putty, how do I get back to that running window? Is it possible?
<lordievader> badconduct: With screen or tmux yes, else not really.
<badconduct> Ah, I need an actual terminal application
<badconduct> If I close putty, the service will still run though, correct
<lordievader> Depends on how it is started.
<badconduct> bundle exec rails server -e production -b
<badconduct> It's a Snorby server
<badconduct> http://wolfer.blog.com/2013/06/28/how-to-installing-snort-and-snorby-on-debian/
<lordievader> Is the webpage reachable after you've closed putty? (I think the  -b flag puts it in the background, guess it'll remain running)
<badconduct> Yes, if I close Putty it stays open
<badconduct> I guess I'm just wondering if it's possible to view the running application terminal again after closing putty, without resetting the program
<badconduct> (sorry, total linux newb sauce)
<Gallomimia> what the grub?? i dont know what i'm doing here. trying to configure grub to boot a system that has 3 drives in software raid5 as their boot volumes. there is also a dmcrypt and lvm2 involved
<CyL> Hi people, any nice tutorial on virtualization using libvirt+kvm (and possibly containers) in 14.04?
<resno> im having a weird permission issue with something in an nfs mount.
<resno> 3 folders all with equal permissions, and chown to the same user, 2 work 1 doesnt.
<resno> so aufs mount permissions dont actually go anywhere when done on the mount itself :)
<ddsss_> is there a package to install self-signed ssl certs?
<bekks> ddsss_: No - generate your self signed certs and use them.
<ddsss_> bekks, ahh - I think they come preinstalled: /etc/ssl/certs/ssl-cert-snakeoil.pem
<ddsss> joes anyone know why htpasswd authentication doesnt work for radicale caldav|cardav server? Here's the config file: http://paste.ubuntu.com/7394332
<ddsss> s/joes/does/
<ddsss> hmm. nvm. changing to sha1 from crypt did the trick. not sure why.
<posthuman> Hello, is there a free alternative for Microsoft WSUS  based on linux /ubuntu ?
<bekks> posthuman: No.
<bekks> posthuman: Or do you mean "how can I setup a local ubuntu mirror"?
<posthuman> nope thought about nitrobit but  free
<DzAirmaX> hi all
<DzAirmaX> what happend to motd.tail in 14.04 ? doesn't show up anymore ?
<bekks> posthuman: Dont assume anyone knows windows software in here.
<posthuman> Nitrobit runs on Linux as well and aims to be a alternative to WSUS. Or did u mean WSUS per se ?
<bekks> posthuman: So you are looking for a software that actually replaces WSUS.
<bekks> posthuman: I'd just setup WSUS on a Windows server - but thats pretty offtopic in here.
<posthuman> yep... installed samba4 as ad dc  and  now im looking for some WSUS replacement. just found that ... guess i will give it a try http://download.wsusoffline.net/
<posthuman> thank u bekks
<posthuman> :)
#ubuntu-server 2015-04-27
<kevinde> How do you guys update your server kernel without rebooting?
<kevinde> Or is that not possible
<genii> There is ksplice but not widely used
<genii> !info ksplice
<ubottu> ksplice (source: ksplice): Patching live kernel without having to reboot. In component universe, is optional. Version 0.9.9-5 (utopic), package size 527 kB, installed size 3525 kB (Only available for i386; amd64; arm; armel; armhf)
<kevinde> Do you have any idea if there's any side effects doing this compared to a full reboot,
<kevinde> Will take a look at ksplice
<OpenTokix> pmatulis: Research about what?
<braderhart> https://en.wikipedia.org/wiki/Kpatch
<Sling> in 4.0 ye :)
<lordievader> Good afternoon
<halvors> Hi! I'm trying to lease a prefix from my service provider using "dibbler-client". When i start it i just get a segfault.
<halvors> I know there is a newer release of it where this bug seems to be fixed. But when are the ubuntu maintainers going to update the package from the currently very unstable 1.0.0RC release? This launchpad.net bug report have been inactive for a year...
<halvors> https://bugs.launchpad.net/ubuntu/+source/dibbler/+bug/1313215
<YamakasY> hi guys
<YamakasY> what is this happening on Ubuntu 14.04 every time ?  percona-xtradb-cluster-server-5.6 : Depends: percona-xtrabackup (>= 2.2.5) but 2.1.8-1 is to be installed
<lordievader> PPA?
<teward> YamakasY: do you have any PPAs enabled?
<YamakasY> teward: nope, but should I ?
<YamakasY> I have the percona repos
<YamakasY> lordievader: ^^
 * YamakasY was doing some dishes :D
<lordievader> teward: What is the output of 'apt-cache policy percona-xtradb-cluster-server-5.6 percona-xtrabackup'?
<YamakasY> lordievader: that would be me ;)
<lordievader> Err, yes.
<YamakasY> lordievader: hehe
<teward> lordievader: failping :p
<YamakasY> my internal repo is higher, so the ubuntu mirror
<YamakasY> lordievader: needs some coffee :D
<lordievader> YamakasY: May I see the output?
<YamakasY> lordievader: what do you pay for it ? :P
<YamakasY> http://pastebin.com/m529Gfrs
<lordievader> I don't, you do ;)
<YamakasY> hehe
<lordievader> But to answer your question, different sources.
<lordievader> It tries the pull package A from repo.percona and package B from mirror.domain.
<YamakasY> yap as local is higer
<YamakasY> higher
<YamakasY> merci lordievader and teward
<teward> is there a way to wipe out mysql server and redo it from scratch on a given system (my laptop)?
<teward> is it just a purge of the mysql-server packages and a reinstall?
<jpds> teward: Yep.
<YamakasY> teward: I would remove /etc/mysql and /var/lib/mysql also
<teward> YamakasY: shouldn't an apt-get purge do that?
<YamakasY> teward: not for /etc/mysql
<teward> ok thanks
<teward> well apparently it's not working right... it can't start after installing now
<teward> YamakasY: apparently removing /etc/mysql will break everything, such that you have to remove all mysql components with purge then reinstall.  Then you have to beat the configuration for server until it works.  Might just nuke /var/lib/mysql next time.
<OpenTokix> teward: What are you trying to accomplish by abuseing your server?
<OpenTokix> teward: read backlog
<OpenTokix> teward: yes it is, purge will do that
<teward> OpenTokix: it's not abuse - it's in a VM :P
<teward> trying to reset the mysql database to factory settings :P
<teward> databases*
<YamakasY> teward: no, purge and than remove :)
<teward> which i did, still exploded
<YamakasY> OpenTokix: no purge will leave /etc/mysql
<YamakasY> can't I do this on daily base and doing now atm also
<teward> meh fixed now
<delinquentme> so /mnt is chownd to a group ... a user in that group however .. cant make a directory in /mnt/ without sudo
<delinquentme> why
<delinquentme> ?
<jrwren> because the directory does not have group write privileges
<arcsky> Questions guys, i have done apt-get remove syslog-ng. after i did updatedb and locate syslog-ng and files are left. how can i clean them?
<patdk-wk> apt-get purge
<arcsky> patdk-wk: its still there
<harushimo> for the server side, is there a specific partitioning scheme I should use compared to the desktop?
<sarnold> it's common to have different filesystems for / /boot /home /var /tmp on servers, to make it more difficult for users to fill important filesystems or make cross-filesystem hardlinks, etc.
<sarnold> but feel free to partition however you wish, if you dn't want to deal with /boot filling up before the autoprune feature removes older kernels, I'd understand )
<jrwren> and if you don't have multiple users you likely don't care about them filling a filesystem, so maybe not a need for separate /home
<harushimo> sarnold: that is the answering I'm looking for
<jrwren> its really up to you.
<harushimo> I'm typically follow / /boot /home swap
<harushimo> that is how I set it up on the desktop version
<vonsyd0w> what is the purpose of the server? That'll help you decide how you may want to partition it up?
<harushimo> I want to install openstack because I want to be able to run cloud foundry
<harushimo> in order to run it, you need to setup qemu, open stack and then install cloud foundry
<harushimo> that is why I'm using ubuntu server
<harushimo> plus, understand the server side too
<vonsyd0w> for example mysql dbs are stored in /var/lib/mysql. you may want to make that partition larger than others
<harushimo> right
<vonsyd0w> I'm not too familiar with openstack, but kvm stores images in /var/lib/images i think, so that could be a partition. Thats how I'd think of it
<harushimo> right
<Blueking> net drops out every day at very same time, 19.49  and has been so for 7 days...  verified that it occurs on wan side of router (pc with ubuntu server 14.04  and shorewall)  any idea how to debug this.. can't see anything in logs
<devster31> cron job?
<sarnold> automatic sprinkler system soaking your internet connection?
<Blueking> devster31 how would cron job cause it ?
<devster31> I don't know, I don't know what cron jobs you have, I suggested it simply because you said exactly at 19:49 every day for 7 days, seems pretty specific and consistent with a cron job
<Blueking> devster31  can't see anything suspicious in /var/log/ files
<devster31> then I have no ida
<devster31> idea
<gewt> i upgrade to 14.04.2 or whatever with the do-release upgrade
<gewt> now my bridge comes up but no packets flow
<gewt> possible causes?
<gewt> oh, no network interfaces work period!
<Sling> you first need to feed us details before we do tricks
<gewt> oh good. looks like a virtio-net bug
<gewt> disregard
<gewt> sorry - Monday here. ;)
<j^2> Hi! iâm trying to get https://code.launchpad.net/~d-jj/ironic/ironic-conductor/+merge/257565 merged due to a regression we found. cc zul, jamespage or coreyb any advice?
<Sling> hm in bash reverse-search mode, how do you 'reset' ?
<Pici> Sling: delete?
<Sling> and ofc im on a macbook :p
<Sling> damn you apple
<devster31> is anyone using gosu as a standard sudo replacement?
<davegarath> Hi all. I've configured my ubuntu for routing /proc/sys/net/ipv4/ip_forward = 1; masquerading in post routing -o eth0.. I'm tunneled into it and I've configured my route to use this gw. but it not works :/ what I'm wrong ?
<davegarath> http://paste.ubuntu.com/10915472/
<davegarath> I'm an idiot! for testing purpose I've configured filter FORWARD policy to DROP
<davegarath> Some day ago
<sarnold> woo :) I'm glad you found it, the pastebin looked alright..
<jamespage> j^2, is there a bug report for that?
 * jamespage looks
<j^2> jamespage: honestly dunno, it was brought up via the openstack-chef project
<jamespage> j^2, https://bugs.launchpad.net/ubuntu/+source/ironic/+bug/1429962
<j^2> yep
<j^2> thatâs it
<j^2> looks like itâs linked too jamespage
<arcsky> Good evening, can't you guys please help me. I have no logging to my messeags/syslog file. I have rsyslog running.
<jamespage> j^2, ok - taking a look now
<j^2> jamespage: thanks!
<jamespage> j^2, as vivid has now released, will probably deliver list alongside the stable update to kilo release later this week
<jamespage> list/this
<j^2> jamespage: no worries, i just want to make sure itâs in the pipeline and i haddent missed anything
<jamespage> j^2, I think that changelog was a bit inaccurate :-(
<j^2> which one?
<jamespage> j^2: I don't think the update to the init.in was ever actually made - reapplying now
<j^2> jamespage: heh, lovely. Thanks for looking into this :)
<jamespage> j^2, no problem
<j^2> jamespage: nice thanks!
#ubuntu-server 2015-04-28
<mojtaba> Hi, could you please tell me what is wrong with this config? http://paste.ubuntu.com/10918180/
<sarnold> seems fine, what issues are you having/
<mojtaba> sarnold: content of the /etc/resolve.conf showing sth else.
<mojtaba> also when I type sudo ifdown eth0, it says interface eth0 not configured
<sarnold> mojtaba: how about /etc/resolv.conf?
<mojtaba> sarnold: http://paste.ubuntu.com/10918591/
<mojtaba> sarnold: Do you know why I get that message after running sudo ifdown eth0 or sudo ifdown wlan0?
<sarnold> mojtaba: do you have 8.8.8.8 configured manually in /etc/resolvconf/ somewhere?
<mojtaba> sarnold: No, I entered in via GUI, but I removed it.
<sarnold> mojtaba: is network-manager installed on this machine?
<mojtaba> sarnold: yes
<sarnold> mojtaba: can you uninstall it? I suspect nothing will work quite right os long as you have NM installed. it's a crazy wrench to throw into any problem..
<mojtaba> sarnold: can I disable it for a moment?
<sarnold> mojtaba: no idea
<teward> servers and network-manager don't get along very well :P
<mojtaba> sarnold: what should I do after that?
<linocisco> hi all
<linocisco> root@ubuntuserver:/usr/local/src/noip-2.1.9-1# make install
<linocisco> gcc -Wall -g -Dlinux -DPREFIX=\"/usr/local\" noip2.c -o noip2
<linocisco> make: gcc: Command not found
<linocisco> make: *** [noip2] Error 127
<linocisco> root@ubuntuserver:/usr/local/src/noip-2.1.9-1#
<OpenTokix> linocisco: apt-get install build-essential
<lordievader> Good morning.
<Matsy> Hey everyone! I have a question regarding Landscape. Is it normal that I need to reboot my server for it to generate CPU/Memory graphs, and show the current process list?
<OpenTokix> Matsy: throw that shit out the window and get a graphite/collectd-system going
<Matsy> OpenTokix: I actually really like the looks / functionality of Landscape. Started a 'trial' today with a few of my non-important servers
<OpenTokix> Matsy: I have tried it to - also tried obvservatorium, nagosgraphs, cacti and munin - and graphite/collectd - oh yes, so much win
<Matsy> Well, I need something to replace my salt-environment
<Matsy> So, it needs to do a bit more than collecting logs
<OpenTokix> why are you moving away from salt?
<Matsy> Company firewalls seem to have a lot of issues with salt
<OpenTokix> Matsy: you think ladnscape will replace a fully fledged CM-system?
<Matsy> OpenTokix: I don't.
<Matsy> But, since Landscape also allows the instant deployment of custom scripts to an arbitrary amount of servers, it seems to do the job
<jcastro> landscape shouldn't require reboots to generate those graphs
<Matsy> jcastro: That's what I figured. But it didn't show anything, other than 'Virtual Environment: vmware'
<Matsy> That's the only piece of information it seemed to gather
<Matsy> Which is odd, because finding out in what kind of virtual environment the computer is without the tools installed is quite a bit more complicate than doing a ps for the list of running processes
<jcastro> the landscape guys are in #landscape
<jcastro> I don't know enough about landscape to help
<Matsy> You guys have a channel for everything
<jcastro> heh
<linocisco> http://pastebin.ubuntu.com/10922486/
<Matsy> Yes?
<Matsy> linocisco: Probably a DNS issue on your server.
<linocisco> Matsy, so what do I do?
<Matsy> linocisco: Fix the internet?
<Matsy> linocisco: dyn-update.no-ip.com resolves to 8.23.224.120 here.
<Matsy> Do a simple ping, and see if that works
<Matsy> If it doesn't, just set your nameservers to a proper DNS service (8.8.8.8 / 8.8.4.4 always work)
<linocisco> Matsy, ping is blocked
<Matsy> linocisco: Try adding dyn-update to your hostfile then
<linocisco> Matsy, it is no-ip. not dyn
<Matsy> linocisco: I know. See what hostname it tries to contact: dyn-update.no-ip.com
<linocisco> dyn-update.no-ip.com: command not found
<xqcao> jpds: ping
<kevinde> Does anyone use/still uses monit?
<kevinde> As i'm running a Teamspeak server on my Ubuntu server and recently discovered monit, I wonder how effective this is to keep your server up and running in case something like a crash occurs
<OpenTokix> kevyes
<Teduardo> Is there an issue with Ubuntu 14.04 and disk performance?
<lordievader> If there is I never noticed it.
<Teduardo> okay, i am using rsync to copy some data from a RAID-5 array with 5 drives to an SSD and it's only copying at 134MB/s
<Teduardo> and it's actually dipping down as low as 60MB/s
<Walex> Teduardo: "performance" is not a property of a distribution, but of its configuration. If you are unhappy with the defaults (which are often not the best for anything in particular), perhaps you need a system administrator to configure your system for your applications.
<OpenTokix> Teduardo: Sequential writes is not as fast on SSD:s
<OpenTokix> Teduardo: What options are you using for your rsync? --whole-file ? - Are you doing something else on the machine? - What is the performance you expecting?
<OpenTokix> Teduardo: 130M/sec from a raid5 on 5 sata-drives sounds resonable.
<OpenTokix> Teduardo: hardware or software-raid?
<Teduardo> hardware
<OpenTokix> Teduardo: you have to remember rsync is doing hashing and stuff on the files you are copying - you can try --whole-file - that will generally be more consise
<Teduardo> I guess I will just use bonnie++ to figure out if i can get it to go faster. I figured 5 drives each capable of 100MB/s seperately -1 drive for parity would be about 400MB/s
<OpenTokix> Teduardo: it is not that simple
<OpenTokix> Teduardo: it is not like the file is perfectly divided in four exactly the same size chunks
<Teduardo> ah, im guessing the seek time is horrible on 4tb drives too
<OpenTokix> The limit is not MB/sec, but operations per second, - while you are doing your rsync - do a iostat 3 to see how much ops, and how much time is spent on each operation
<OpenTokix> Depends on the number of platters
<OpenTokix> there ie 2 and 3 platter drives, 3 generally have better seek time than 2. - Also is it many small files, or few large files
<Teduardo> its one gigantic file
<OpenTokix> ok
<OpenTokix> Then the absolutly fastest thing you can do is use dd
<OpenTokix> or cp
<OpenTokix> dd if=largefile of=/new/path/of/largefile bs=8M
<OpenTokix> This will max out your machine, and you can check speed with kill -USR1 pid-of-dd
<OpenTokix> Over 8M chunks, generally will not give better performance - but you can always try
<OpenTokix> This will probably grind your machine to a halt, since it is doing only io more or less
<OpenTokix> so careful if its a internet-system
<OpenTokix> that does something =)
<Teduardo> nah this is a t630 i have in a lab
<OpenTokix> ok, dd at full speed
<OpenTokix> then
<OpenTokix> will be quickest
<OpenTokix> dd > cp > scp > rsync > > > > > > > windows explorer > > > > > os x finder
<lordievader> Hehe, osx ;)
<OpenTokix> Teduardo: Tell me what you get in terms of performance (if you try dd)
<Teduardo> 53141921792 bytes (53 GB) copied, 234.048 s, 227 MB/s
<OpenTokix> nice
<OpenTokix> only 53G =)
<OpenTokix> I tought you said large file =)
<Teduardo> he he he
<OpenTokix> Teduardo: there you go, - and I guess you learned something in the process
<Teduardo> okay, i will add 10 more drives to the array and see if the performance scales
<Teduardo> i need to be able to restore 11TB of data in less than 10 days
<Teduardo> which is why i'm going on this quest in the first place
<OpenTokix> you are already doing it in 13 hours
<OpenTokix> with 227M/sec
<Teduardo> yea that's a DD not the restore process of this wacky backup software
<OpenTokix> ok
<Teduardo> i'm trying to make sure that the underlying system is capable of what i need before i yell at the sw vendor
<OpenTokix> then I guess its a software issue more than actual hardware, but hardware helps
<OpenTokix> What backup software is it?
<Teduardo> server backup manager by idera
<OpenTokix> ok
<OpenTokix> bleh
<OpenTokix> comercial backup...
<OpenTokix> bleh
<OpenTokix> Never used any that wasnt complete useless
<OpenTokix> good luck!
<Teduardo> it works flawlessly it just takes forever
<Teduardo> it restored the 11tb of data
<OpenTokix> So its always 0 or 11TB?
<Teduardo> yeah it's just backed up data.. which i dont need until it needs to be restored
<Teduardo> but i can't have it take 10 days to restore over 10Gbps ethernet
<lordievader> But sometimes you only need a small part of the backup.
<lordievader> Like one config file.
<Teduardo> oh, yeah i'm kind of worst case scenario planning
<Teduardo> but it could be that the software is poorly written but the restore I ran was bare metal and it was just bits sent to the block device rather than files
<Teduardo> so there is no excuse for 10 days
<OpenTokix> Teduardo: did you also tune your network-settings for 10GBps?
<OpenTokix> ie. txqueue and such?
<OpenTokix> Teduardo: do _NOT_ use jumboframes on LAN
<OpenTokix> Teduardo: if its over 10Gbps, your limit is network - and not disk-speed, since your network will topout about 100MB/sec
<Teduardo> 10Gbps = 1.25GB/s
<OpenTokix> Yes you are correct, - I got a slight case of the dumb for a minute or two there.
<Teduardo> no worries.
<Patrickdk> why no jumboframes?
<Patrickdk> I only use jumboframes
<Teduardo> i dont think jumboframes actually hurts anything
<Patrickdk> and amazon has changed to only using jumboframes also
<Patrickdk> Teduardo, depends on your switch
<Teduardo> unless the switch in between is set to 1500 =D
<OpenTokix> Patrickdk: For a LAN jumboframes give no added benefit - more then increasing the complexity of your network.
<OpenTokix> Patrickdk: jumboframes, is not faster on local network
<Patrickdk> no, ifthe switch has a normal (small) packet buffer, you will overflow it quickly
<Teduardo> but i'm not even worried about the network yet like i said i'm just trying to get the read performance of the volume on the server itself showing me a little life
<OpenTokix> Patrickdk: Did a lab on this, with switches from different vendors, many different 10G cards, multiples OS:es - no difference
<Patrickdk> jumboframes or not highly depends on the nic used
<OpenTokix> Patrickdk: it is a networking myth, many believe - since it is annoying as hell to test
<Patrickdk> I do see a increase in performance on my local network
<Patrickdk> on the old nics, it was a huge improvement
<Patrickdk> on newer nics it's down to like 10% or so
<Patrickdk> but then, in vm's it goes up again
<Patrickdk> it depends if you can take advantage of the nic's tso/lsr/gro/gso or not
<Teduardo> so what should 5x4TB WD RE4s in RAID-5 do read wise in a bonnie++?
<OpenTokix> ok, if youre running in vms - performance isnt a top issue anyway =) - so nevermind
<Patrickdk> and since those only work for tcp
<Matsy> OpenTokix: I only manage VM clusters
<Patrickdk> do a crapload of udp stuff and rtp
<OpenTokix> Patrickdk: About 350-450 ios/s
<OpenTokix> iops*
<OpenTokix> Matsy: ok
<Matsy> OpenTokix: Performance is one of my highest priorities
<OpenTokix> Matsy: ok
<Patrickdk> and 3.5" 7k rpm disk is going max out around 80 iops per disk
<Matsy> OpenTokix: How can you say that 'if you are running in vms, performance isn't a top issue'
<OpenTokix> Matsy: its not
<Patrickdk> a top, it is
<Patrickdk> the top, no
<Patrickdk> it's normally second to the top
<Matsy> Yeah
<Matsy> Availability is number one
<Matsy> But performance is a very close one
<Patrickdk> or simple of management
<Patrickdk> ability to move to new hardware without it going nuts
<OpenTokix> Matsy: Depends also if your traffic is counted in the hundreds, thousands or millions per second - or if your latency is in seconds, ms or us
<Patrickdk> lots of single vm per machine
<Matsy> Patrickdk: Oh, I never use single VM machines
<Matsy> Patrickdk: A good hot-swappable environment takes care of the hardware changes
<Teduardo> so if you add more disks to a raid-5 volume does that make the performance better or does it just mean that the seek time goes up?
<Matsy> More disks to raid 5 does not mean more performance
<Sling> you shouldn't run big raid5 sets :)
<Matsy> ^
<Sling> I'd consider 6 disks the max
<Sling> beyond that the performance impact is big and much worse your rebuild times will be very long
<Sling> during which your array has no fault-protection at all
<OpenTokix> And will probably fail (the rebuild)
<Teduardo> yeah the rebuild times and stuff arent that big of a deal given it's cold/backup storage
<jpds> Deploy Ceph.
<maswan> It depends on which performance though, read performance on a raid5 is roughly equivalent to the read performance of a n-1 raid0
<Matsy> Why does performance matter on a cold storage
<Sling> I'd say, use zfs
<Teduardo> Matsy: restore not taking 10 days
<maswan> Of course, for a parity raid, raid5 is very brave with modern disk sizes
<Matsy> Teduardo: Go for 1+0 or something
<Matsy> Should only take 5 days then
<Sling> raid 6 would work as well, if your controller supports it
<Sling> gives a bit more slack
<Teduardo> r6 is slower than r5 right?
<OpenTokix> Teduardo: yes
<Sling> r6 tends to work on faster controllers
<Sling> so in theory yes, in practice no
<Sling> or 'hardly'
<OpenTokix> raid5: 2 iops/write, 6 4/iops per write
<Teduardo> ah, the controller in question is a 2GB PERC H730
<Sling> but if you're doing many writes, r5/6 is not good anyway
<Matsy> Which H730?
<Teduardo> what do ya mean?
<Sling> go for 1+0 if you want fast writes :)
<maswan> it also depends on the size of the writes, if you do full stripe writes it is not so bad, as opposed to doing random small writes and getting a read-modify-write cycle int here
<Teduardo> like i said i'm more concerned about how fast the data can be restored back to the client machine
<Teduardo> it took 10 days for a 11TB restore in a DR test
<Teduardo> trying to you know... make that.. not suck
<Matsy> 10 days?!
<Matsy> That's 700mb per minute
<Matsy> That's very very slow :p
<Teduardo> and like i said that was a bits to block device restore not a file restore
<Teduardo> so it was hot garbage
<Teduardo> anyway i will check out raid-10 and maybe enable ssd caching on the volume and see if that gets me anywhere
<Matsy> Wait, you're using SSDs?
<Teduardo> no
<Teduardo> the controller can use SSDs as read cache
<Teduardo> i will install some for that purpose
<Teduardo> just to test around with
<Teduardo> since i have pretty much unlimited hw
<Teduardo> i imagine that i'm going to find that this is all limited by the software and then im going to be unhappy
<Sling> so I have an init script with 'Required-Start:    $network $remote_fs $syslog', but during bootup it fails to bind to the interfaces defined in /etc/network/interfaces, after booting is done I restart the service, and it works fine
<Matsy> Unlimited hardware, I envy you
<Sling> what could be causing the network service to report as up to init/upstart/whatever but the interface to be still unavailable for binding?
<Sling> service in question is pdns-recursor
<maswan> Teduardo: well, if you are not seeing lots of io-wait state, you're not waiting for the storag
<Teduardo> Matsy: well, its the company's and not mine of course haha =)
<Matsy> Teduardo: I work at a university. Unlimited hardware is still very rare.
<Matsy> Every time I need to buy a new server, there's 200+ pages of bureaucracy
<Teduardo> yeah, currently i am playing with a bunch of Intel NVMe PCI Express drives
<Matsy> Sigh
<Matsy> Those are such beasts
<Teduardo> yeah, bios support for booting them is dodgy so have to use uefi and uefi + pxelinux is... errr.. wacky (for me anyway)
<Teduardo> but they are monsters, yes
<Matsy> Why do you boot them though?
<Matsy> Seems overkill for just booting
<Matsy> I mean, servers restarting in 0.1 second or 0.2 seconds
<Matsy> I'd love to switch my mongo-disks to them though :p
<Matsy> Maybe in the new fiscal year...
<Teduardo> hehe yeah, it's kind of my job to make sure that we know all of the potential answers to all of the potential questions before hand, so i just test
<Teduardo> im not sure i would boot from them
<Teduardo> and now we wait for the background initialization..
<Teduardo> woe
<delinquentme> can rsynch used to jsut sync folders remote and local?
<teward> delinquentme: rsync can be used to sync folders and files between two locations, yes, I believe, but depending on what you want to do you may have to provide additional arguments and options to it.  You may wish to refer to 'man rsync' (without the ' characters) to read up on the various options.
<rickbeldin> Hi.  Not sure where to go with this.  I'm having a landscape issue. When I login to landscape and attempt to select the 'Support' option at the top (I have valid entitlements), it takes me to a Salesforce.com login screen instead of the Canonical support portal.
<rickbeldin> The link is the 'Support' link here:  https://landscape.canonical.com/account/hp-l3-support/activities
<sarnold> rickbeldin: I think that's intentional; at least, when I go to the url you provided. I wind up at an Ubuntu SSO login prompt.. I login, see the landscape interface, hit my own "support" link, which brings me to https://eu1.salesforce.com/500/o -- which appears fully active and live..
<rickbeldin> I was using the interface yesterday, and it logged me right in to where you could see cases.
<sarnold> rickbeldin: I've heard some sso oddities can be poked in the eye by visiting https://login.ubuntu.com/ first
<rickbeldin> !!!
<rickbeldin> +1 sarnold.
<sarnold> rickbeldin: did that sort it?
<rickbeldin> Not very intuitive.  Sort of along the lines of ctrl-alt-delete or close your browser and restart.  Yes, it fixed it.  Thanks very much.
<sarnold> no kidding...
<sarnold> rickbeldin: I don't kno wmuch about the support / landscape end of things.. it feels like one of those support tickets there would be the place to report the bug, but if those cost you money, _maybe_ this is a better place to start: https://launchpad.net/ubuntu/+source/landscape -- seems a bit empty there, but it might be worth a try
<jazzorius> I have a question about ufw. The log files (small sample here: http://pastebin.com/5pguu4kN ) show many connection requests to port 80 being blocked.
<rickbeldin> Thanks. This was the first time and now I know which way to hold my nose.  : )
<sarnold> rickbeldin: hehe :)
<jazzorius> Port 80 is open because the server hosts a website. My nginx logs don't show any requests from these IPs. Is ufw blocking legitimate requests? The IP addresses seem like legit users, not server farms.
<CompuChip> Hi. Can someone please help me replace a broken disk in a RAID1. I am getting really confused with the output of mdstat to the point where I am not even sure which disk is broken (it is showing 5  md12* disks, with inactive sdb2[0](S), active sdb5[0] [U_], active sdb1[0] [U_], active sda5[1] [_U] and active sda[2] [_U]).
<CompuChip> I think it was sda that failed because for a bit I couldn't boot (no operating system) but that seems to have gone away. I get a login prompt but I can't login when booting from HDD, and now using a Server 14.04 rescue CD to get a prompt.
<sarnold> CompuChip: I think it'll be easier for other sto help you debug the issue ifyou can pastebin status outputs or similar; the pastebinit package can be very helpful here
<CompuChip> Thanks sarnold, can I install that from the rescue disk prompt?
<sarnold> CompuChip: I hope so; apt-get update && apt-get install pastebinit to find out :)
<CompuChip> apt-get not found :)
<sarnold> dang :)
<CompuChip> If I select that I want /dev/sda1 as root and open a shell there I get apt-get but no internet connection
<CompuChip> Don't seem to have a DNS, I can ping 8.8.8.8 but not google.com.
<sarnold> CompuChip: try adding 8.8.8.8 to your /etc/resolv.conf
<sarnold> CompuChip: this might work for you once you've got dns up: http://unix.stackexchange.com/a/5918/7064
<CompuChip> sarnold: thanks, got a bunch of error but think I installed astebinit
<CompuChip> Yay it worked http://paste.ubuntu.com/10928895/
<sarnold> nice! now  you get to solve your actual problem :)
<CompuChip> Shall I ask the question again? :)
<CompuChip> One of the disks in my RAID1 is broken. I am getting really confused with the output of mdstat to the point where I am not even sure which disk is broken - http://paste.ubuntu.com/10928895/
<CompuChip> What's even more confusing is that the Rescue Disk refuses to mount /dev/sdb1 as the root, even when I physically swap the connections.
<CompuChip> I can only get a shell in /dev/sda1.
<wk5h> been a while since I've run Ubuntu as a server, and getting back into it.  seems like there used to be a post-install graphical command where you could change some of the settings, such as ip address, mount points, etc. that looked a lot like the install process.  make sense?
<patdk-wk> no idea
<wk5h> thought it was a some tk scripts that was packaged with it...  maybe I'm thinking of a different distro.
#ubuntu-server 2015-04-29
<Valduare> hi guys
<Valduare> should ubuntu core be used for spinning up vms now?
<sarnold> if you need something to fit in a .tiny instance, perhaps
<Valduare> so not for seting up an nginx server then?
<sarnold> feel free to give it a shot; it may or may not be missing some of the comforts you might be used to :)
<Valduare> what would an example of that be :)
<sarnold> syslog :)
<Valduare> so no /var/logs?
<sarnold> unless programs open the log files themselves.. :)
<Valduare> oh so nginx would still be able to write its logs
<sarnold> aha! a package manifest http://cdimage.ubuntu.com/ubuntu-core/releases/14.04/release/ubuntu-core-14.04-core-amd64.manifest
<Valduare> but something like dmesg  would not be viewable in the logs?
<sarnold> right
<sarnold> granted you can install whatever you want
<Valduare> dont think iâve used dmesg from the logs just running the command myself
<sarnold> hunh, rsyslog is on tha tlist..
<Valduare> https://wiki.ubuntu.com/Core
<Valduare> says its installable
<sarnold> I was just surprised to find it in the .manifest file; which made me wonder what the manifest file represents...
<Valduare> importing the ova of ubuntu core to check it out
<shellox> hi, is anyone using the ubuntu cloud vagrant images
<shellox> https://cloud-images.ubuntu.com/vagrant/trusty/current/
<lordievader> Good morning.
<jcastro_> rbasak, https://github.com/lxc/lxd/issues/558
<samba35> i am trying to install postfix with tls ,can some one pls tell me how do i install certificate for postfix
<pmatulis> samba35: lots of information out there.  what have you tried so far?
<samba35> i failed to get it correct installtion ,i think
<samba35> pmatulis: do you have any handy web site or blog to configur postfix with tls
<pmatulis> samba35: http://www.postfix.org/documentation.html
<samba35> yes , i follow that but ...ok , let me give another try again
<pmatulis> samba35: take the time to understand stuff, email servers are tricky beasts, even without TLS
<samba35> ok
<bugs_bugger> hi can anybody help me recover from this apache2 configtest error: Cannot load /usr/lib/apache2/modules/mod_access_compat.so
<bugs_bugger> system specs: 12.04, apache2.2, tried upgrade php5.4 via ppa (ondrej) and ppa-purge, which left me with this error
<bugs_bugger> ok, i solved the problem: i disabled some mods: access_compat, mpm_prefork, authn_core, authz_core, socache_shmcb. anyone happen to know about them?
<ndee> I remember there was a tool which analyzes the log file (apache/nginx) for suspicious requests and sends you an email with them but I forgot the name of it. Anyone knows such a tool?
<devster31> where can I find a starting guide to cross-compiling for arm and TravisCI?
<teward> ndee: i can think of quite a few tools to achieve notification, however the tools I'm thinking of are IDS/IPS at the border of the network, not log review tools.
<teward> ndee: as long as you keep up to date with security patches and such, for both the websites and the web servers, the risk of some of the 'requests' being actually bad ultimately is limited
<ndee> teward: the website is up to date but there are some extensions that are in usage which are unsafe. It happened already once, that a malicious php file was uploaded.
<teward> ndee: well, you have the option to disable extensions, no?  The problem is log analysis after the fact doesn't help you
<teward> not reall
<teward> really*
<teward> because they've already exploited the environment.  You would end up having to start anew and patch and disable things *anyways*
<ndee> I know, but at least that way, I could notice the problem very fast and then disable the unsafe extension.
<patdk-wk> well, fixing things up with rewritecond and/or mod_security would be a good first step
<patdk-wk> also would be good, would be some apparmor rules
<william_home> hello, could someone point me at a contact person for a bug in the cloud archive packages on https://wiki.ubuntu.com/ServerTeam/CloudArchive#Kilo
<william_home> when installing ceph-deploy (which is not in the cloud archive update) there is a duplicate manpage which disallows install ceph
<sarnold> william_home: I think Odd_Bloke may be a good starting point
<william_home> ok thanx
<william_home> Odd_Bloke: any ideas?
<pmatulis> william_home: start by reporting the bug maybe - https://bugs.launchpad.net/cloud-archive/+filebug
<Odd_Bloke> william_home: I'm not the best point of contact; a bug is definitely your best course of action.
<Odd_Bloke> william_home: And maybe after that you can bug jamespage...
<william_home> pmatulis: and Odd_Bloke, will do. reporting the bug as we speak.
<william_home> jamespage: https://bugs.launchpad.net/cloud-archive/+bug/1450175
<william_home> ;)
<teward> rbasak: ping
<jkyle> is there a list of changes in the ubuntu preseed for 15.04 vs. 14.04?
<sarnold> pmatulis: oh cool, I hadn't seen https://bugs.launchpad.net/cloud-archive/+filebug before; that definitely beats pinging strange dudes on irc :)
<pmatulis> sarnold: then again, nothin' wrong with a little socializing...
<sarnold> pmatulis: hehe, true :)
#ubuntu-server 2015-04-30
<gdi2k> I have no idea where to start with this, so I thought I would start here - hopefully someone can point me in the right direction. We have our office at A and a server hosting a PBX at C. We are trying to optimize the route between A and C to reduce latency, but our ISP is inept. But we also have a server at B which is very close to C but has much better routes from A than A->C. So we would like to route the traffic A->B->C - what do I need at B to make
<gdi2k>  that work?
<hariom> Hey guys, I have installed openblas-dev and liblapack-dev on my Ubuntu 14.04. How to know which version of these libraries are installed?
<samba35> how do i redirect url to domain for ex .www-abcdefgh-com/xyz should redirect to test-abcdefgh-com
<william_home> samba35: http://httpd.apache.org/docs/2.4/mod/mod_alias.html#redirect
<rbasak> teward: pong
<lordievader> Good morning.
<Vexena> Hello, I heard that enabling automatic updates can be potentially dangerous on a server in a live environment, why is this exactly?
<william_home> jamespage: i was told to bug you, for packaging issues in the cloud archive?
<Vexena> Anyone know what would be the best way to start a screen session upon startup? I've tried it with a upstart .conf script like this: http://pastebin.com/ybzACJ34 but that only makes "service tsbot start" and "service tsbot stop" work but the service does not start upon startup
<Vexena> Seems like it's fixed now
<teward> rbasak: sorry about not being here around 3AM - nginx dynamic module loading slated to exist in 1.9.x, which I believe Debian might end up having.  (I hate the continual shift between mainline and stable, but Debian nginx maintainers do that)
<teward> rbasak: not sure if we'll need additional review of the package going forward or not, because there'd be a lot more 'main' packages if we support 'core' modules...
<teward> no timeline yet, but...
<rbasak> teward: thanks. Sounds good - should save us from the multiple static build hell? We can check with the security team nearer the time.
<teward> rbasak: it should, but i think we should partly rely on Debian for some of the packaging.  1.9.x was released only a couple days ago, and AFAIK dynamic package support is listed on the timeline of goals, but no idea of actual timeline or ease of implementation ye
<teward> yet*
<teward> rbasak: if it's anything like Apache, there may be a couple core "global" functions still built in, but additional plugins would be available.  The tricky part, I believe, is balancing stable vs. mainline in Ubuntu - 1.8.x is the stable release, 1.9.x is the mainline release, and that's going to supersede the stable release, my guess is for maybe a year
<teward> rbasak: i wouldn't mind additional security reviews closer to then though, code format changes, etc. and what not
<rbasak> teward: I imagine we'll want the stable release in every LTS release.
<rbasak> teward: and that implies we should try and stick to the stable release in all releases if we can - otherwise it wouldn't work.
 * rbasak wonders what Debian does here.
<devster31> dd of a 3.1 gb image is taking forever, like 30+ minutes, is this normal?
<teward> rbasak: that's... doable to an extent, but that'll require a manual upload to Ubuntu specifically of Stable
<teward> rbasak: and at that point we break Debian inheritence
<rbasak> teward: so Debian stick to mainline?
<teward> rbasak: i forget exactly how my Debian maintainer contact worded it, let me see if I can get a oneliner to provide.
<teward> i do know at one point they start using mainline then go back to stable, as for actual timeline I don't know how they determine that, probably something related to Debian release dates
<teward> rbasak: but if W series is open and 1.9.x made available in Debian, that's a mainline release, which is always going to have a higher version # than nginx stable releases
<teward> rbasak: a good 'starting point' would be what i just uploaded to the nginx team PPAs - 1.8.x
<teward> which is stable, and has debian HEAD as of... what, two days ago now?
<teward> (debian HEAD as in from the nginx git repo there)
<teward> (was needed for 1.8.x builds to work)
<rbasak> OK
<teward> but since W's name hasn't even been released yet, I don't even think W-series is open
<teward> so i'll keep my radar pointed at Debian and the announce lists waiting for W to open
<rbasak> Yeah it's not open yet.
<teward> then we'll discuss further
<rbasak> OK. Thanks!
<teward> you're welcome, i just wanted to give you the heads up :)
<teward> rbasak: http://trac.nginx.org/nginx/roadmap  <-- roadmap for the 1.9 milestone
<rbasak> Hmm. Based on that 1.9 will just miss our next LTS.
<teward> rbasak: well, i don't trust the milestone date there
<teward> because of their news statement...
<teward> 2015-04-28: nginx-1.9.0 mainline version has been released, with the stream module for generic TCP proxying and load balancing.
<rbasak> Ah
<teward> (from http://nginx.org/.  http://nginx.org/en/download.html shows that 1.9.0 is available)
<teward> rbasak: i think that's the date the milestone expires, not the date it's absolutely needed by.
<teward> rbasak: nginx has always provided both versions... one for 'stable' (not many new features, althoug hwhatever was in 1.7.x is now in 1.8.x), and one for 'mainline' which is cutting edge features
<teward> (it's an in-development release, but AFAICT it *does* work 'stable'ishly
<teward> )
<teward> (trust me, triaging for these versions is a headache sometimes... >.<)
<ebonics> anyone know offhand what happens when you run out of memory or disk space while tarring something. like does it delete the temp file
<patdk-wk> what tempfile?
<patdk-wk> tar shouldn't be making a tempfile
<teward> rbasak: this is the response from my contact @ Debian: "We stick with mainline in testing until freeze and then we stick with that version. The hope is to bump versions one time after freeze to stable and release a new debian stable with the current nginx stable"
<frickler> jamespage: would you have time to look at https://github.com/ceph/ceph/pull/4353? this is blocking http://tracker.ceph.com/issues/11388 which you already fixed for Ubuntu, but it would be great if that could also be fixed upstream
<jkyle> could someone let me know what the equivalent of the linux-headers-server package is in 15.04?
<patdk-wk> same as it was on 14.04
<patdk-wk> there is no -server for awhile now
<patdk-wk> I think it went away in 12.04
<ronator> if in doubt, use 'aptitude search foobar'
<patdk-wk> is your kernel in /boot called -server?
<patdk-wk> likely, only -generic
<jkyle> patdk-wk: My installation script isn't finding the package
<jkyle> by that name
<jkyle> also looks like some preseed options have changed
<patdk-wk> the package has not existed since before 14.04
<patdk-wk> it was a meta package that just referenced -general instead
<patdk-wk> since that reference hasn't been needed for upgrades, it's gone
<jkyle> ah, ok, I see, linux-headers-server is marked "transitional" in 14.04
<jkyle> I'll switch my scripts over
<jkyle> alright, there we go, now I just have to figure out how to automatically install grub into the MBR in the new preseed for 15.04
<_2_misstiababy> hi
<Vexena> Have anyone used Plesk before? I don't have a apache server running but I got a license for Plesk together with my VPS. I wonder if I could use Plesk for example to restart my teamspeak server?
<Vexena> Or is this only to monitor, restart,... web hosting processes such as apache, nginx, ...?
<sarnold> I have a strong dislike for web-based admin panels, I'm going to guess that they are the second most common route for attackers to gain access to systems (after ssh password bruteforce)
<Vexena> I agree with that, but it's so tempting to use :)
<Vexena> As I would like to be able to control my server from distance with my phone incase something goes wrong
<tflgen2> Question: just set up ltsp-pnp on a 14.04 box and I was wondering if there was a way to have the pxebooted clients search for their specific config file (I'd like only specifed mac addresses to be able to boot to ltsp. All others should boot from local HDD) So far, even with the correct aa-bb-cc-dd-ee-ff file, the client always gets default config. Any ideas?
<swizgard> hi. any advice on getting rid of dnsmasq here?
<swizgard> or even a good reading resource would be nice as i don't get how all these things (dhclient, network-manager, dnsmasq, etc.) play together in ubuntu
<spyridonas> Hello guys , i try to make a website work on my apache , both apache2 runs as www-data user and the folder is under www-data user/group but php can't write. Whats wrong with that? :/
<spyridonas> echo shell_exec("whoami"); says www-data
<spyridonas> folder is www-data group,user with 777 , still cant' write...
<Patrickdk> so?
<Patrickdk> did you check apparmor?
<Patrickdk> dmesg?
<spyridonas> i dont have apparmor
<spyridonas> and dmesh
<spyridonas> and dmesg
<Patrickdk> heh?
<Patrickdk> EVERYONE has dmesg
<spyridonas> oh wait
<spyridonas> how i check if apparmor is installed?
<Patrickdk> if apparmor is an issue, it would be logged in dmesg
<Patrickdk> if apparmor was active, it would also be in there
<jjohansen> spyridonas: sudo aa-status
<Patrickdk> or, someone that knows more :)
<spyridonas> oh well i guess i have it installed then
<spyridonas> but apache is not on the rules thing
<spyridonas>  5 processes are in enforce mode.    /usr/bin/freshclam (2070)    /usr/sbin/clamd (1953)    /usr/sbin/mysqld (1130)    /usr/sbin/named (1105)    /usr/sbin/ntpd (2837)
<jjohansen> Patrickdk: is correct in that if apparmor is denying something it should be logging it to dmesg, and /var/log/syslog
<ebonics> does anyone know if there's a difference in the way some ssh commands are piped back to the ssh client from sshd
<bekks> ?
<bekks> difference in the way compared to what?
<ebonics> like fundamentally. i'm using a "session" to send a command. say "ls" and it returns a single string with the output for that command
<ebonics> but when i do something like "du"  i just get read errors
<bekks> Which doesnt mean the ssh session is the issue.
<ebonics> which is why i'm asking :( cause i can't think of what it could be
<bekks> open a terminal, ssh to the remote host, run du.
<ebonics> bekks, it works fine
<Patrickdk> can the command run without a pty?
<Patrickdk> did you tell ssh to use a pty?
<Patrickdk> or did you mean actually ssh to the other machine and run it?
<Patrickdk> ssh user@remote du
<ebonics> Patrickdk, i am sshing to another machine and running it.
<Patrickdk> is different from ssh user@remote, then run du
<ebonics> but i have the ability to request a pty
<spyridonas> jjohansen: i disabled apparmor, apache still can't write on folder...
<ebonics> i do the latter Patrickdk
<ebonics> i don't know if pty is necessary for du, that's definitely a possibility
<bekks> So try it.
<Patrickdk> works with and without pty
<bekks> Thats what I told you :)
<jjohansen> spyridonas: well then its definitely not apparmor
<Patrickdk> your issue is clearly not ssh :)
<spyridonas> jjohansen: apache2 whoami says www-data
<ebonics> Patrickdk, i' m not "blaming" ssh, i just think i'm not understanding
<Patrickdk> are acl's enabled?
<jjohansen> spyridonas: I assume you have checked DAC permission
<spyridonas> jjohansen: /var/www says www-data (user-group)
<spyridonas> jjohansen: permissions are on 777
<jjohansen> right
<spyridonas> jjohansen: (temporary)
<bekks> 777 on /var/www is pretty safe way for shooting injuries in your knees.
<jjohansen> spyridonas: hrmmm other so other things that could be blocking it, are how its mounted, seccomp
<jjohansen> apache could be failing it self because of 777
<spyridonas> well since 777 can't write i dont think any kind of injuries is possible
<jjohansen> I'm not sure
<Patrickdk> I have my suexec disable itself on world writable
<Patrickdk> not sure what stock apache does
<spyridonas> the specific error is about unziping (does php have other user/permissions than apache?)
<spyridonas> error] PHP Warning:  ZipArchive::extractTo(): Permission denied in /var/wwwl/testshop/classes/Tools.php on line 2548
<ebonics> ops Patrickdk it was because i wasn't waiting for the command to complete. ls just happens to return gaster
<ebonics> faster*
<Patrickdk> heh?
<Patrickdk> /var/www != /var/wwwl
<Patrickdk> ebonics, maybe a pmtu issue?
<spyridonas> yeah i typed l somehow here >_<;
<ebonics> Patrickdk, not in this case, but i think that could very well be a problem later on
<ebonics> when i start using scp protocol
<Patrickdk> well, it would affect everything
<Patrickdk> if you have mtu issue, blocking icmp, ..., causing pmtu to break
<Patrickdk> it's noticable cause like when doing du, or ls
<Patrickdk> anything large, suddently, it stops
<Patrickdk> unless you have pmtu blackhole detection enabled
<ebonics> Patrickdk, i don't know what that is. but what's the solution? chunk the response packets?
<Patrickdk> what kind of internet connection is it on?
<ebonics> TCP
<Patrickdk> or, what is it's ip address?
<Patrickdk> tcp is a protocol
<ebonics> what do you mean
<Patrickdk> is it reachable publically?
<Patrickdk> that ssh host?
<ebonics> Patrickdk, no
<Patrickdk> well, try installing tracepath
<Patrickdk> and running it against the ssh host
<Patrickdk> and see
<Patrickdk> if both are on the same local network
<Patrickdk> your mtu's should likely be 1500
<Patrickdk> and you shouldn't have this issue
<Patrickdk> it's normally when going over the internet, and expecially if one side is on dsl
<Patrickdk> this issue will crop up
<Patrickdk> or if you use a vpn
<ebonics> Patrickdk, is there a solution, assuming it is a problem?
<ebonics> and yes i am on a vpn
<Patrickdk> yes, just properly configuring the vpn correctly :)
<Patrickdk> and not blocking icmp
<ebonics> Patrickdk, i'm not sure if this is my problem though
<ebonics> when i wait for the response then du works
<ebonics> i thought you were talking about max packet sizes over ssh
<Patrickdk> I am
<Patrickdk> but normally ssh packets are tiny
<Patrickdk> but when you run du, ls, ..., that will make larger packets
<Patrickdk> and you will notice pmtu issues
<Patrickdk> same for scp
<Patrickdk> or http
<Patrickdk> I'm not saying this IS your problem, but it sounds close
<ebonics> so Patrickdk i guess i would just need to read the ssh manpage
<ebonics> the solution would be to understand how ssh handles pmtu i guess
<Patrickdk> it doesn't
<Patrickdk> tcp does
<Patrickdk> or rather, ip does
<grendal_prime> hey im creating a ln to a usb->serial adapter for a wine application. It works fine untell i reboot.
<grendal_prime> so..as the user i run ln -s /dev/ttyUSB0 ~/.wine/dosdevices/com1 and everything works fine. application can get access to the com port. Then after i reboot i have to destroy the link and recreate it.
<grendal_prime> whhat would cause that.
<grendal_prime> ?
<bekks> the fact that the inode of the device in /dev/ is changing this is linux, not UNIX.
<bekks> Easy workaround: create an entry in /etc/rc.local with full paths
<grendal_prime> oh
<grendal_prime> sorry for my ignorance
<bekks> In linux, nowadays, /dev/ is a dynamic FS, thats why it is changing
<grendal_prime> sooooo...basically if i use a full path when i create it....well will that fix it?
<sarnold> I'm surprised it fails
<bekks> if you are using something like /usr/bin/ls -sf /dev/... /home/user/... ---- then yes.
<sarnold> it makes me wonder if wine is checking the lstat of each link and ignoring symlinks older than dev entries or osmething to try to workaround the linux dynamic /dev
<bekks> It isnt wine which is checking that.
<grendal_prime> it is wine could be a half a dozen problems
<bekks> And since the symlink resides outside of /dev/, its age is irrelevant.
<bekks> Some more sophisticated way would be creating a script in the initrd which recreates the symlink.
<bekks> But thats more a headshot than a simple workaround.
<grendal_prime> so exact syntax to creat the ln would be ... ln -s /dev/ttyUSB0 /home/myuser/.wine/dosdevices/com1
<bekks> Nope.
<bekks>  /where/is/ls ...
<bekks> Dont assume you have any sort of $PATH in /etc/rc.local
<grendal_prime> have to have the /usr/bin/ls ...im confused
<bekks> Why are you confused?
<grendal_prime> ok so basically because its not being created on system boot it is pointing to an inode that no longer exists...
<grendal_prime> that is what i sounds like your saying
<bekks> correct.
<grendal_prime> ok, so if i create a boot up script that just deletes it and then creates it..that should do the trick right?
<bekks> thats what /full/path/to/ln -sf ... does.
<grendal_prime> oh see thats what confused me
<grendal_prime> in your post you put ls no ln
<grendal_prime> i was not understanding how ls would do that.
<bekks> So take "ln" then.
<grendal_prime> alright ill give it a shot.
<grendal_prime> i need to add that to a initrd job though.
<bekks> Why? :)
<bekks> Dont you have a sane OS? :)
<bekks> wine doesnt start before /etc/rc.local
<bekks> So you can do that in /etc/rc.local
<grendal_prime> im using ..well on that machine it is using linuxmint
<grendal_prime> oh ok or there
<grendal_prime> except ln is not in /usr/bin/
<grendal_prime> hmm
<bekks> "which ln".
<grendal_prime> ok i need to put this into rc.local  /usr/bin/ln -sf /dev/ttyUSB0 /home/user/.wine/dosdevices/com1
<grendal_prime> but, ln is not located in that dir.
<grendal_prime> basically looking for the absolute path to ln executable.
<grendal_prime> maybe im going about it the wrong way
<grendal_prime> im gonna give it a shot without the full path
#ubuntu-server 2015-05-01
<grendal_prime> cause im crazy like that and i got time falling out my ass for this sort of stuff...boom!
<grendal_prime> and thats a big fat nope
<grendal_prime> oh shit figured it out
<grendal_prime> I needed to put put in the ~ so that it would be run by the user itself at log on.
<grendal_prime> that seems to have done the trick..also it means whatever user logs on they will have access...wich is a good thing.
<grendal_prime> however i wonder if i have two users logs on..well i dont think that will happen on this machine
<bekks> use the autostart mechanisms of your guest OS.
<sarnold> grendal_prime: the which program and the type shell builtin are useful for finding out where a program lives
<sarnold> grendal_prime: 'which ln' reports /bin/ln -- type is really useful if it might be a shell builtin or shell alias, e.g. note the difference between 'which echo' and 'type echo'
<spyridonas> Hello , i have the following problem : PHP can't write to filesystem but /var/www and all of the subfolders are 777 and part of www-data group/user. Apache runs as www-data. what do i need to look for ?
<spyridonas> the script tha fails is module installation for Prestashop (im sure the php code is correct)
<spyridonas> user and permissions are correct
<spyridonas> for example   move_uploaded_file(): failed to open stream: Permission denied and   ZipArchive::extractTo(): Permission denied, anything that writes to fs...
<spyridonas> #PHP
<Mortix> hi everyone, i'm having an annoying problem(KVM), i'm creating a machine and when i'm trying to connect to the machine it keep prompting password request(openssh) and black screen on the graphical console... i guess it's permission problem?
<sarnold> Mortix: are you trying to use libvirt or using qemu/kvm directly from the command line?
<sarnold> Mortix: what guest os are you trying to use? are you confident the guest ought to work with the selected bios/cpu/etc?
<sarnold> Mortix: how did you find an IP address to use for openssh? did the console have any output, ever? or was it always blank?
<Mortix> i'm getting like 20 openssh password prompt when i'm trying to open the virtual console
<Mortix> ubuntu server, connecting from different machine on the network
<Mortix> also ubuntu
<Mortix> using virt-manager
<Mortix> i couldn't create a vms before so i uncomment the #root in the /etc/libvirt/qemu.conf for user and group
<Mortix> sarnold, ?
<sarnold> Mortix: can you use virt-manager from the host to connect to the console?
<Mortix> it's ubuntu server
<Mortix> no gui
<sarnold> install virt-manager on the server, then connect with ssh -X -Y to enable X11 forwarding
<sarnold> then virt-manager should forward to your workstation
<Mortix> what it has to do with the virtual machine console? oO
<sarnold> Mortix: you can then click on the VM in question, hit the "open" button, and see the guest's console
<sarnold> it might be stuck at a grub prompt
<sarnold> or it might be stuck at a "filesystem unhealthy, fscking" screen
<Mortix> when i click open it prompt password
<Mortix> none stop
<sarnold> or if you're lucky, it's sitting at a getty login: prompt and you can log in and diagnose :)
<sarnold> what is prompting for your password? the host? the guest? what is the prompt? can you tell which program is asking?
<Mortix> virt-manager
<Mortix> also tried with virt-watcher
<Mortix> connection to the host work fine
<Mortix> prompt for password and move on
<Mortix> but when i'm trying to open a VM
<Mortix> it stuck in some loop for password
<Mortix> virt-viewer*
<sarnold> hmm. I forgot virt-manager can manage vms on other computers, too..
<sarnold> is it prompting for ssh credentials to do libvirt things on the remote host?
<sarnold> Mortix: do you have any firewal rules on the host, guests, or your workstation that might prevent the vnc or spice connections from working?
<Mortix> nop
<sarnold> Mortix: do you use a different username to connect to some hosts? perhaps your ~/.ssh/config needs some new host-specific sections to change username or key or something similar/
<Mortix> sarnold, only root and my user
<sarnold> Mortix: dang. I liked that idea. :)
<Mortix> what do you mean
<sarnold> I had hopes that it was just a wrong username somewhere..
<Mortix> i guess no leads..
<MichaelHabib1> hi
<MichaelHabib1> Q : if I created an A record (mypc.server.com -> 192.168.0.100) which points to a different address to the server.com (server.com is at 192.168.0.200). shouln't I be able to ping mypc.server.com  & ssh into it ?
<fathi> anybody can help me ? wanna learn about ubuntu server
<lordievader> Good morning.
<StathisA_> i got this on a sudo cron tab but it does not seem to work...the command works perfectly in cli.:     20 12 1 * * sudo cp /home/username/rsnapshot.log /home/username/old_logs/rsnapshot_$(date --date="last month" +%m_%Y).log
<StathisA_> any ideas?
<lordievader> User sudo?
<lordievader> Make that root ;)
<StathisA_> oh its root
<StathisA_> i've edited after i pasted
<StathisA_> is there any log to check?
<lordievader> Syslog.
<StathisA_> well it seems to "stop" ath the "+"
<StathisA_> i'll escape it with \
<lordievader> Ah, yes. Those things need to be escaped.
<StathisA_> duh..:-(
<StathisA_> i always seem to miss it...
<StathisA_> it works fine now
<devster31> is anyone using gosu as a sudo replacement?
<lordievader> devster31: Are there benefits?
<devster31> process is not involved when executing the command and it's a clean way to execute single lines, much easier when used to switch to users other than root
<bekks> And whats the benefit over sudo?
<devster31> 1 process instead of 2
<bekks> So you have gosu and the process you want to execute. That are two processes.
<bekks> Same applies for sudo.
<devster31> not exactly, let's say you give tail -f, sudo process keeps running for as long as you continue tailing the file, gosu exits immediately after tail starts
<devster31> which means you have effectively 1 process running
<bekks> And whats the benefit at that point?
<bekks> Honestly, I dont see the benefit, since sudo isnt a full blown java monster hogging resources :)
<jlbhshluekg> .
<jlbhshluekg> did usa intelligence supply isis with weapons like they did with al-qaeda to justify creating wars?
<jlbhshluekg> did usa excute the creative mess in the middle east like they said they will, does the creative mess include explosions with uncertain responsibles to create wars?
<jlbhshluekg> plz, send my qs to help limiting usa & israel aggression against others& may then lessen number of people killed in the middle east.
<jlbhshluekg> .did usa intelligence supply isis with weapons like they did with al-qaeda to justify creating wars?
<Agent86> hi ubuntu-server
<Agent86> got a question question about servers in general if you set the server up as a domain controller can you still access via local login ? I've heard windows-servers have not user/admin local users when used as a domain controller etc ???
<Agent86> I don't recall ever reading about linux servers losing local access as a domain controller. What about it ?
<Matsy> Your assumption is right: you don't lose local access
<Agent86> whew great
<Agent86> and am I correct in reading that windows servers lose local access as domain controllers ?
<teward> Agent86: no.  Case in point: at one place I worked two IT staff had admin privileges network wide.  Those users were AD-controlled, and both had administrative access to domain controllers.
<teward> Agent86: as well, there's localadmin on the domain controllers, which in an emergency could be accessed, but it was rare to do so
<teward> Agent86: I believe the general argument of "lose local access as domain controllers" is not valid because with the right setup you can still have a local administrator
<teward> who would in turn have access.
<teward> (another case in point: the virtual Windows SErver domain that it controlled in a separate segment of a VLAN on a virtual lab environment isolated from existence.
<teward> (which i set up)
<teward> Agent86: however, Windows servers tend to turn control over to Active Directory.  With the right changes to boot, or with actual access to the server itself physically, you can likely login as the local admin, but in practice the AD users with admin rights have access
<teward> that's offtopic here, thoguh
<teward> so i'm gonna stop talking, and return to beating nginx 1.8.x with a stick
<designbybeck> I have a basic server, that doesn't have much of anything running on it, but I'm getting these errors while trying to update and then trying to dpkg --configure -a
<designbybeck> http://paste.ubuntu.com/10962077/
<designbybeck> Any ideas?
<bekks> designbybeck: read only filesystem. Fix the filesystem errors before.
<designbybeck> bekks, not sure how to do that bekks
<dmsimard> Has anyone done an upgrade of a corosync cluster from 12.04 to 14.04 ? Corosync went from 1.4.2 to 2.3.3 and they can't exactly talk to each other very well - complaining about different crypto.
<bekks> designbybeck: you need to run fsck from a livecd.
<designbybeck> this is a http://cloudatcost.com server. I got it hoping to learn more about Linux servers, and just play around with stuff, but their service isn't that great
<designbybeck> bekks, ^
<patdk-wk> designbybeck, just reboot that instance
<patdk-wk> it's probably just their horrible disks timing out
<designbybeck> ..ah ok thanks patdk-wk let me try that
<Agent86> @teward thanks I was afk for a long while, but thanks for the update
<Onionnion> Can anyone recommend an upgrade path for a production 10.04 server to 14.04? Or perhaps documentation on this?
<mdeslaur> Onionnion: you need to do 10.04 -> 12.04 -> 14.04
<Onionnion> That's what I was thinking it'd be
<rattking> I got bit by this bug last night.. good job on the turnaround time!  https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1450442
<mdeslaur> Onionnion: the 10.04 end of life notice had some links in it: https://lists.ubuntu.com/archives/ubuntu-security-announce/2015-April/002931.html
<Onionnion> Precise is 12 and Trusty is 14, correct?
<mdeslaur> Onionnion: yes, that is correct
<Onionnion> thank you
<Onionnion> gotta get mail server up to date this weekend..wish I did it sooner
<mfisch> jamespage: do you have any estimates on when we'll see Juno.3 packages?
<rattking> I am having a issue with openstack booting 12.04 where udev is not generating /dev/disk/by-id unless I attach the volume after boot. does anyone know how to make /dev/disk/by-id more reliable?
<rattking> udevadm trigger use to cause this to be generated after boot, but stopped sometime recently
<grendal_prime> sarnold thanks
<grendal_prime> turns out just putting it into the rc.local file worked fine
<grendal_prime> sarnold,  werid part. the first time i run the process on the application that access the com port. it fails, second time it works werid..but whatever.
<grendal_prime> my understanding was that rc.local gets fired off when a user logs in. (thats the way the verbage in the file itself explains it)
<OpenTokix> grendal_prime: rc.local is executed when you boot up - as last item, not when someone logs in
<grendal_prime> it works with minor discomfort...like a suppository
<patdk-wk> not sure what verbage your talking about
<grendal_prime> werid part is.
<grendal_prime> "This script is executed at the end of each multiuser runlevel."
<genii> Yes, so 2 through 5
<grendal_prime> ok
<patdk-wk> so, system runlevels, not user logins
<grendal_prime> question is how would it know to create the com1 in /home/myuser/.wine/...  if it didnt run after my user loged in.
<grendal_prime> i dont specify the username specifically in the rc.local file..it will not work if i do that.
<grendal_prime> thats not an assumption ive tested it. it does not work.
<patdk-wk> it runs as root, not as a user
<patdk-wk> and it's not terminal attached
<patdk-wk> maybe you mean to use a cron job? @reboot
<grendal_prime> however if i use the ~ "home dir of the user" it works
<grendal_prime> ok i dont know obviously why its working that way...ill confess to that...what i do know is that it works if i dont specify the user account i want the link created in but instead make it a refrence to the loged in user.
<grendal_prime> then it works..(with minor discomfort)
<grendal_prime> also, if i suspend the system (its  a netbook) it works fine when its resumed.
<grendal_prime> And thanks by the way.  It got me out and the work done yesterday so today..i get to do the gardening at home.
<diegoaguilar> Hello I got an issue with  ssh server, I cant connect at all and I checked whole details .. Ive posted a question on overflow http://serverfault.com/questions/687019
<diegoaguilar> its a brand new 14.04 server
<devster31> is the daemon running?
<diegoaguilar> yep
<diegoaguilar> daemon is running
<devster31> and it worked with port 22?
<genii> Redirect udp as well
<diegoaguilar> genii, really really?
<devster31> also if you changed port and did not restart the daemon it's still on the old config
<diegoaguilar> I restarted the daemon
<genii> ssh uses both tcp and udp
<diegoaguilar> and even the machine has been restarted serveral times
<sarnold> diegoaguilar: did they perhaps redirect 2222 on their IP to 22 on your IP?
<sarnold> genii: what does ssh use udp for?
<diegoaguilar> nope sarnold I just saw the router configuration
<diegoaguilar> and they're doing it good in that case
<genii> sarnold: Not exactly sure but I had to enable forwarding both on my pfsense box before ssh worked
<diegoaguilar> I't s:  : Connection refused what I'm getting
<sarnold> genii: crazy.
<diegoaguilar> if I try another port it will lag
<diegoaguilar> and as I explained in answer, I tried iftop, and I can see the connection attemps
<diegoaguilar> but NOTHING is being logged
<diegoaguilar> in auth.log
<lordievader> diegoaguilar: Run the client in verbose mode.
<genii> diegoaguilar: Does the machine have multiple network adapters or IPs? If so may need to specify the one to be used
<diegoaguilar> how can I do that lordievader ? Nope genii eth0 is the only one enabled and working
<lordievader> diegoaguilar: ssh -v <hostname>
<lordievader> diegoaguilar: Also what is the output of 'netstat -tulpn|grep ssh'?
<diegoaguilar> I ran nmap with -SV   and shows port 2222 running working with ssh
<diegoaguilar> lordievader, I updated question with the client verbose mode output http://serverfault.com/questions/687019
<lordievader> Nmap doesn't show that. Please get me the netstat output.
<diegoaguilar> its stupid and youll ask me to shoot myself
<lordievader> ?
<diegoaguilar> but today May 1st Im not at office and since I cant ssh .. :P
<diegoaguilar> lol
<diegoaguilar> but well tell me what should I expect or not to expect from it
<genii> Probably have to continue then when you have access to the machine you are currently trying to reach
<lordievader> It's a check to see if sshd is actually listening to port 22222
<diegoaguilar> why wouldnt nmap be reliable?
<genii> diegoaguilar: Is there another machine at that location you can get into from outside? If so then can see if possible to "hopscotch" in from that one
<lordievader> diegoaguilar: Nmap checks ports, not services.
<diegoaguilar> genii, I could achieve it
<med_> jamespage, zul: ETA on Kilo Release bits and Juno.3 bits for Trusty?
#ubuntu-server 2015-05-02
<ebonics> anyone know what my problem could be here : https://dpaste.de/cvbn
<stooj> Hi all. I'm putting together a mail server but must have messed up somewhere. Using postfix + spamassassin + spamass-milter, communicating through a socket. But my mail.log contains the following every time the pipe is used:
<stooj> May  2 05:44:41 myhostname postfix/smtpd[15597]: warning: milter unix:/spamassassin/spamd.sock: unreasonable packet length: 1397768525 > 1073741823
<stooj> May  2 05:44:41 myhostname postfix/smtpd[15597]: warning: milter unix:/spamassassin/spamd.sock: read error in initial handshake
<stooj> Anyone seen this before and recognise the problem?
<Vexena> Anyone has experience with batch that knows how to run this start module "http://pastebin.com/mLGYZP8h" with the user teamspeak3?
<Vexena> As now the script always runs it as root
<Vexena> upon startup
<Vexena> I've tried adding a line in /etc/rc.local that says su teamspeak3 -c '/etc/init.d/teamspeak3 start' but that did not work
<CompuChip> Hi. I have just installed Ubuntu Server, which worked. Then I added another disk and set both disks to be single RAID0 by hardware, and now I cannot boot into the system. Even the Rescue mode from the installation CD quits with "mounting /dev/sda on /media failed Invalid argument".
<yeats> CompuChip: that message from the install CD can probably be safely ignored
<yeats> CompuChip: and yeah, if you set up RAID after installing, you'll lose all your data
<CompuChip> yeats: unfortunately it keeps hanging there, I cannot get back to the installer.
<yeats> CompuChip: you've tried Alt-F1/2/3/4/5/6/7 to get to alternate TTYs?
<CompuChip> Yes, I have
<yeats> CompuChip: in any case, you're probably beyond rescue mode - you will probably need to reinstall on the new RAID
<CompuChip> yeats:   That is fine, except how do I do that when I keep getting dropped to that "mount failed" prompt. My "RAID" is not really RAID anyway, the other disk has some backup data that I wanted to copy to the new install, that's why I set them both as separate 1-disk RAID0's (the server has a RAID adapter and I need to set something for it to activa
<CompuChip> te the disk in the first place). But even when I remove the disk and set it back to as it was, I will still have this problem.
<CompuChip> It's almost as if it no longer recognizes the hard drives as being there, except grub will still see them if I do "ls"
<CompuChip> Checked the UUID's - they are still correct btw
<CompuChip> I'm really starting to fear that somehow I broke the hardware.
<yeats> CompuChip: well hardware RAID is different than just adding a disk.  What you're describing is what I would expect to happen
<CompuChip> yeats: haha yeah, learning that the hard way. But any idea how I can re-install then?
<yeats> CompuChip: this might help http://askubuntu.com/questions/598110/ubuntu-server-14-04-2-install-error-cant-umount-media
<yeats> CompuChip: gotta head out, though - hopefully someone can assist
<CompuChip> yeats: Thanks for your help!
<CompuChip> yeats: FYI Control-C seems to be the magic key :) Will keep trying. Thanks again.
<CompuChip> Hmm I had a question about my desktop as well, but I seem to be banned from #ubuntu ?
<diegoaguilar> lordievader, are u around?
<lordievader> diegoaguilar: Sort of.
<diegoaguilar> oh, well I asked yesterday about this issue with ssh
<diegoaguilar> I made some updates, Id like you to review them
<diegoaguilar> http://serverfault.com/questions/687019
<lordievader> diegoaguilar: From your nmap: 2222/tcp closed unknown
<lordievader> diegoaguilar: Anyhow, do you have access to the server now?
<diegoaguilar> not yet but as you suggested trying netstat
<diegoaguilar> apart from that, what else should I care
<diegoaguilar> also, I think I will try enabling udp at building firewall and for ufw
<lordievader> diegoaguilar: Well there are certain steps you take to debug this. Randomly doing things might solve stuff but ain't constructive.
<lordievader> So you go the route: local, local-network, public network.
<diegoaguilar> netstat will do the local, right?
<lordievader> Yes.
<diegoaguilar> what should go for local-network
<lordievader> Nmap.
<lordievader> Or a different box.
<diegoaguilar> in same network, of course
<lordievader> Yes, local network ;)
<diegoaguilar> I read around and some people tell ssh uses udp somehow
<diegoaguilar> so I will try to enable it
<lordievader> diegoaguilar: Debug this when you have access to the machine. Doing things outside doesn't really help.
<diegoaguilar> Okey lordievader thanks
<diegoaguilar> do you think I can reach u here on next monday morning?
<lordievader> Perhaps.
<diegoaguilar> well thanks
<Vexena> Has anyone tried the ID system "Tiger" before? If so out of your experience is it worth the installation on a vps?
<lordievader> Vexena: 'ID system "Tiger"', what is that?
<Vexena> Intrusion Detection System Tiger
<Vexena> meant IDS
<Vexena> http://www.nongnu.org/tiger/
<athairus> hello everyone
<athairus> I have a ubuntu 14.04 LTS install on a virtual server instance
<athairus> and I've been going through the docs linked when logging via ssh
<athairus> I decided to give enabling kernel crash dumps a try
<athairus> and I'm following this guide: https://help.ubuntu.com/lts/serverguide/kernel-crash-dump.html
<athairus> for some reason, the boot parameter to allocate memory for dumps, crashkernel=, is not present
<athairus> is there an automated way to do this?
<athairus> in addition, the file I was told to edit is /etc/default/kdump-tool, but the file that actually exists on my box is called /etc/default/kdump-tools
<athairus> it had the line to modify, so I modified that instead
#ubuntu-server 2015-05-03
<devster31> how do I know which packages will require reboot before installing them? and how can I install them without rebooting?
<stooj> Hi all. I'm putting together a mail server but must have messed up somewhere. Using postfix + spamassassin + spamass-milter, communicating through a socket. But my mail.log contains the following every time the pipe is used:
<stooj> May  2 05:44:41 myhostname postfix/smtpd[15597]: warning: milter unix:/spamassassin/spamd.sock: unreasonable packet length: 1397768525 > 1073741823
<stooj> May  2 05:44:41 myhostname postfix/smtpd[15597]: warning: milter unix:/spamassassin/spamd.sock: read error in initial handshake
<stooj> Anyone seen this before and recognise the problem?
<[twisti]> it seems like since yesterday, everything on our LTS 12.04 server that is password related has become wonky
<[twisti]> was there any problematic update or something like that ?
<lordievader> Good morning.
<Matsy> Good morning
<lordievader> Hey Matsy, how are you?
<Matsy> Good! Really enjoying my landscape environment
<Matsy> I'm doing a semi-large tryout for landscape
<seconds> Do you guys talk about Ubuntu server with open stack or thats another channel
<kickit2> Hey everone - is there a way to force the system to wait for a connection to be established prior to continuing startup?  I have a VPN that must be connected before IP-tables loads, and right now, it launches open-vpn, but then continues right on.  The connection takes longer than for the system to get to iptables, and generates an error every time.
<PryMar56> kickit2, look at the startup sequence numbers in /etc/rcS.d & /etc/rc2.d
<PryMar56> kickit2, that situation is exactly what systemd does best
<kickit2> PryMar56 - I have already changed that and it starting in the correct order, but calls to start openvp themselves are completed quite quickly - but the connection does not become active for a few seconds at least (even after the command finishes).  the problem is that the startup sequence just marches on and wants to apply iptables rules before the connection is active
<PryMar56> kickit2, use something like this at tail of your NIC stanza in */interfaces: post-up /sbin/iptables-restore < /etc/iptables/rules
#ubuntu-server 2016-05-02
<House> hi all. does anyone have SSSD+AD working with cifs automount? i've got homefolder creation, sudo, ssh & login working but i've got 2 issues with autofs. #1: auto.smb is looking for /tmp/krb5cc_<uid>, while SSSD is writing the files as /tmp/krb5cc_<uid>_<salt>, and #2: kerberos is failing for "smbclient -k" or auto.smb
<GeekMan1222> :|
<GeekMan1222> I wonder if i can just write the files using nandpro
<GeekMan1222> woops
<jetsaredim> anyone know why mount would be assuming that my remote nfs is nfs4?
<JanC> jetsaredim: NFS4 is the default, but it should fall back to v3 or v2 if necessary?
<jetsaredim> JanC: you'd think
<JanC> unless you explicitly configure it as NFS4 probably
<jetsaredim> any reason why mount.nfs4 would just be a sym link to mount.nfs
<JanC> because it's all the same code
<jetsaredim> i'm not sure what the ls color scheme is now a days but for some reason /sbin/moun.nfs is showing up as red background with white writing
<JanC> are you mounting manually or in fstab?
<jetsaredim> manually
<jetsaredim> I just upgraded from 15.10
<jetsaredim> re-running a mount command i've run hundreds of times
<jetsaredim> literally just "mount localmachine:/export /some/local/dir"
<House> man nfs: "If the server does not support the requested version, the mount request fails.  If this option is not specified, the client negotiates a suitable version with the server, trying version 4 first, version 3 second, and version 2 last."
<House> one of the man pages says something like "mount knows nothing about nfs vs nfs4" and the "argument is constructed by mount.nfs"  so the default behaviours are set in the mount.nfs code
<House> jetsaredim:  mount.nfs4 has been rolled into mount.nfs, so the symlink is there for compatibility with old scripts & utils. you also dont (maybe cant) use "nfs4" in /etc/fstab, just use "nfs" for any version, and drop a "vers=" or "nfsvers=" (they're equivalent) in the fstab options.
<House> all this is in man pages mount, mount.nfs & nfs
<jetsaredim> yea
<jetsaredim> doesn't really add up
<House> in what way?
<jetsaredim> hm
<House> cos it's not falling back?
<jetsaredim> i think i figured out the source of my issue
<jetsaredim> nfs doesn't seem to be loaded in my kernel
<jetsaredim> now if only i could figure out why
<JanC> you have nfs-common installed?
<stemid> https://bugs.launchpad.net/ubuntu/+source/debian-installer/+bug/1117292 why would this happen when booting from a sha verified ubuntu-16.04-server-amd64.iso on a virtual system in vsphere 6? it's a 3 year old bug.
<ubottu> Launchpad bug 1117292 in usb-creator (Ubuntu) "'Unable to install busybox-initramfs' during a server installation" [Medium,In progress]
<stemid> has nothing to do with usb-creator in my case.
<elefantenn> Hey. I'm trying to configure OpenLDAP for Samba via this guide https://help.ubuntu.com/lts/serverguide/samba-ldap.html. When I run "sudo ldapmodify -Q -Y EXTERNAL -H ldapi:/// -f samba_indices.ldif" I get this http://hastebin.com/raw/ucipudirif. Does anyone know what I'm missing?
<elefantenn> I've tried asking in #samba and #openldap without any success.
<akik> in lxd, how can i make my uid=1000 on host have write access to the nfs share i shared into my container? i.e. have my uid=1000 in the container be able to write into the nfs share
<akik> i've tried adding the lxc.id_map settings into the profile of the container but after that the container fails to start
<akik> it looks like the nfs mount is written with nfs nobody uid 65534 like /proc and /sys in the lxd container
<curmet> Hello I have problem accessing my ubuntu machine via SSH from windows machine, I did
<curmet> 1. install the ssh server , sudo apt-get install openssh-server, turned firewall off
<curmet> 2. from windows I use winSCP with SFTP option, I entered the IP address of the ubuntu machine, username and password login ubuntu, port 22.
<curmet> It showed authentication banner "ubuntu 15",but it then stuck with 'authenticating with preentered-password,access denied'. Whats missing?
<pulsar12> curmet, did you fill the password on the options before connecting? try clear that and have it asking for password interactively.
<curmet> pulsar12 : I did, but still it prompt "access denied" although I fill it with the Ubuntu logon password
<pulsar12> are you using pam? the username is on local passwd? can you login on normal ssh session?
<pulsar12> curmet, the problem only happens with sftp? what about normal ssh?
<curmet> pulsar12, what port that ssh uses?
<curmet> 22?
<JanC> is sftp installed / configured?
<pulsar12> its the same as sftp
<pulsar12> sftp is just a subsystem of ssh
<curmet> JanC, I just installed openssh-server , with default configuration
<JanC> actually, it's a separate program providing it, and it can be enabled/disabled
<JanC> curmet: are you trying to log in with root?
<curmet> pulsar12 , I tried sftp:// , ftps:// , ftp://ubuntuIP , but still no luck
<curmet> JanC , yes , with root
<pulsar12> thats should be the problem :)
<JanC> you can't login as root with default config if I remember correctly
<pulsar12> you have to change the setting on sshd_config
<JanC> or better yet, don't log in as root
<curmet> so I must create other user login?
<JanC> there already should be another user?
<JanC> but you could create a special one for that too
<curmet> okay I'll try , it is not mentioned in the manual to not use root login XD
<JanC> you should never use root except when you really need to
<curmet> JanC, pulsar12 : thanks for the help , it can login now :D
<curmet> is there a way so that I can use root login ?
<JanC> also, if this is a server on the public internet, I suggest you use keys to log in instead of passwords
<JanC> curmet: all the configuration options are in the sshd_config man file  :)
<pulsar12> curmet, check PermitRootLogin option on sshd_config
<JanC> but again: seriously discouraged on the public internet
<akik> i ended up configuring the lxd container to be privileged. now the nfs disk uid's are visibile without other configuration
<holms> anyone worked with duplicity?
<holms> no idea where to go, i have an emergency =/
<andol> holms: I have some experience with it
<holms> andol: i hope privately is ok
<holms> anyone familiar with dupliclity/duply ?
<CharlieTje> Hello
<CharlieTje> Who knows a command line backup utility like timeshift?
<hallyn> zul: smb: arges: fwiw a piece-by-piece breakdown of some of my upcoming libvirt changes can be seen at https://git.launchpad.net/~libvirt-maintainers/ubuntu/+source/libvirt/log/?h=2016-04-28/yakkety
<hallyn> (from there i'm moving to one-big-commit change on top of debian)
<arges> hallyn: ok
<hallyn> i still want to switch to using upstream apparmor files (which i'll need ot quilt patch)
<zul> hallyn: ewww
<hallyn> and don't try running this yet
<hallyn> but as i'm dropping some compat scripts and enabling dtrace, thought i'd run it past y'all
<smb> hallyn, ack, you mean you will use upstream files but quilt patch them into our versions?
<arges> how many of our changes can we push into debian's packaging
<arges> for apparmor that is
<hallyn> smb: right
<hallyn> arges: you mean the policy files themselves?  hopefully all.  but all th debian/rules magic?  i assume none
<hallyn> that's for our rather crazy cloud archive stuff which they wouldn't want to support
<arges> yea cause we use a special directory
<arges> yea
<hallyn> oh.
<hallyn> which special directory?
<hallyn> arges: you just mean debian/apparmor?
<arges> hallyn: yea
<hallyn> yeah, really when i think about it i'm not sure it's worth syncing apparmor
<hallyn> the delta will actually become more confusing,
<arges> true
<hallyn> since we'll end up with more patches needing to be refreshed on every merge
<arges> anyway I'll reveiw teh rest... still a ton of stuff to merge
<hallyn> so i'll leave that for now.  maybe later.
<arges> agreed
<hallyn> all right - i'm hoping this afternoon i'll get to some testing.
<smb> arges, hallyn, the only problem with apparmor is that we cannot upstream our config as it is into Debian (or maybe we can now). But usually our apparmor was supporting more config options than it should (based on the version it claimed to be)
<hallyn> smb: what do you mean?  i was figuring i'd send changes upstream to libvir@ m-l.
<smb> hallyn, I mean that our parser support some things which Debian's parser would not. Even if the version number of both apparmor packages were similar
<smb> hallyn, I was working on and off on a method to allow us to merge things. Unfortunately its a bit complicated and almost always something else came up and then I forgot where I was
<hallyn> smb: oh, yeah.  so yeah i was figuring i'd end up writing a shell tool to do all of the policy manipulation at build time
<hallyn> i mean that's like 2 pages worth of debian/rules script right now
<smb> hallyn, Sounds like what I was at. Though I was doing a version number guess which we would be able to override. Then I talked to jj and was somewhat de-routed into trying to use the parser directly to figure things out, but then realized the parser is not part of the appmor-dev which the build depends on...
<hallyn> smb: yeah.  so i think punting on this is best.  bc as i said that piece of debdiff is actually veyr nicely compartmentalized
<hallyn> just its own set of files and dirs and one hunk of debian/rules - long, but just one hunk
<smb> Yeah, agreed
<Nickname2> Hi
<smb> hallyn, to answer the "ask about ...migrate-xend..." question: should be safe to drop. The last release that had xend was Trusty. So we are good to let that go away
<hallyn> smb: excellent, thx
<hallyn> i mean it's a very nice script and all :)
<smb> hallyn, Heh, no worries. I am glad to see that go as well :)
<EmilienM> coreycb, jamespage: why can I find openvswitch-datapath-dkms on xenial?
<EmilienM> oh, just reading https://javacruft.wordpress.com/2014/03/03/which-open-vswitch/
<holms> anyone been working with duplicity?
<holms> will even pay for support
<hallyn> meh, xen tests failed
<smb> hallyn, not surprised me is :)
<smb> hallyn, I suspect its some additional config files which you have to beat into using the "right" bootloader and emulator paths
<smb> The only thing I wonder is how Debian would pass the tests... if they do not somehow skip them
<hallyn> eh seems more likely to be my fault
<smb> hallyn, not sure, I thought you work on the next version of libvirt, which was failing for me with the xen tests when I did that quick check when we wondered whether we go for 1.3.2 for Xenial
<hallyn> oh.  right
<cagmz> i have frostvpn (http://www.frostvpn.com/ ).  is it possible to implement openvpn on my ubuntu server, and replace route my internet traffic through my own server instead?
<hallyn> smb: i'll dig deeper in a bit
<hallyn> smb: should we perhaps be building --without-xen --with-libxl?
<hallyn> bc the libxl test succeeds, the xen test fails
<smb> hallyn, If I remember that right, in theory it sounds right but the tests will fail anyway
<smb> It was a bit of a mess but I think the xen tests are libxl too.
<hallyn> i don't know why VIR_TEST_DEBUG=2 isn't working
<smb> hallyn, there should be a patch of me fiddling with some configs... I would try to check which directory that is and whether there are probably new ones which do not use /usr/bin/qemu-system-i386 for emulator and /usr/lib/xen-4.6/boot/hvmloader
<hallyn> smb: oh, i think i dropped a patch,
<smb> the latter is os loader
<hallyn> hm, no,
<hallyn> smb: will do th
<hallyn> x
<hallyn> there is no /usr/lib/xen*
<hallyn> sounds like debian/patches/ubuntu/ubuntu-xend-probe.patch
<smb> no it was ubuntu/libxl-fix-test-data.patch
<smb> and changing ./tests/xlconfigdata/*
<smb> hallyn, ^
<hallyn> where should hvmloader be?
<smb> /usr/lib/xen-4.6/boot/hvmloader
<hallyn> which package
<smb> xen-utils-4.6 I think...
<hallyn> so how did that ever work?  that's in universe and until just now we couldn't build-dep on it
<smb> hallyn, But I think the main thing is that libxl gets the paths built-in somehow (and also fixes up some parts)
<hallyn> lemme retry my build from scratch
<hallyn> maybe i had some remnants from a bad build
<smb> So we got this via the libxen-dev. If I did not mess up there should be a .pc file coming with the libxen-dev which has the paths, too
<hallyn> smb: i'll try a few more things and get back to you.  thx for the tips
<smb> hallyn, ok... I might be offline by then. so email might work better for asynchronously syncing...
<hallyn> good night
<smb> not exactly to sleep but not working. :) but thanks
<devster31> guys, is there any way to persist changes made with iproute2?
<devster31> across reboots?
<maswan> customnet init script with the appropriate iproute2 commands?
<maswan> (there's probably better ways to do this, but a plain "save state of the ip stack" doesn't exist)
<Pici> convert whatever you changed to a format for /etc/network/interfaces ?
<sdeziel> what's more annoying is those iproute commands are lost after suspend/resume
<devster31> Pici: that works if ifupdown isn't installed?
<devster31> maswan: what's customnet? if I used a script it would be something in the rc.local file, seems cleaner
<maswan> devster31: yeah, or that
<devster31> but the most important part is that there's no native way
<devster31> would sysfsutils work? using /sys/class/net/{interface name}/{thingie} to change individual parameters
<maswan> the best way is if you can map it into /etc/network/interfaces rules
<maswan> imho
<maswan> even if it is strange stuff, post-up hooks etc can do lots of stuff
<maxb> You can always just use an up command if the configuration makes sense to be bound to a single interface
<devster31> the problem is that right now ifquery --list doesn't show any interfaces, so I was hesitant to use network/interfaces , but I guess that's the most tested way
<fullstop> Hi all.  During install, how does ubuntu-server determine geolocation?
<fullstop> We acquired a netblock which was in arizona previously, and I had gone through other geolocation services to correct our location.. but ubuntu still picks arizona.
<fullstop> It this something contained locally in the iso, or is there somewhere else where I must update?
<patdk-wk> heh? ubuntu doesn't do geolocation
<sarnold> patdk-wk: http://geoip.ubuntu.com/lookup  :D
<patdk-wk> oh?
<patdk-wk> is that his issue? sarnold will fix it for you :)
<sarnold> yeah there's some kind of geoclue thing.. dunno if it's used in the installer or not, but there's that thing anyway :)
<sarnold> !info geoclue-ubuntu-geoip
<ubottu> geoclue-ubuntu-geoip (source: ubuntu-geoip): Provide positioning for GeoClue via Ubuntu GeoIP services. In component main, is optional. Version 1.0.2+14.04.20131125-0ubuntu2 (xenial), package size 10 kB, installed size 78 kB
<patdk-wk> !maxmind
<patdk-wk> heh
<sdeziel> I _think_ the installer use it for the country mirror selection (and maybe TZ)
<dasjoe> That's suprisingly close, only 2.9 km off
<patdk-wk> mine is like 40miles off
<patdk-wk> it's even worse if I use my PI space
<patdk-wk> that is like registered on the other side of the country for some reason
<patdk-wk> oh, it just gives the generic, I dunno somewhere in the USA location
<patdk-wk> would think maxmind might atleast harvest whois data
<patdk-wk> but they appear to not do that
<arooni> apparently my version of ubuntu doesnt have a log rotate script for nginx on /etc/logrotate.d/  ... should i manually set one up?
<sdeziel> arooni: the logrotate snippet is normally shipped by the nginx-common package (checked on Trusty and Xenial)
<hallyn> smb: meh, that patch (ubuntu/libxl-fix-test-data.patch) really is a pain - it breaks tons of tests which hardcode checks for /usr/lib/xen/boot/hvmloader in xml.  if we could get xen-utils-4.6 to put in a symlink that would be so much nicer
<arooni> question; i've never run logrotate before for a given rails web app... the log *was* 6GB;  in my settings i told logrotate to keep 30 days of log files; so logrotate ran succesfully; and then i had a 6GB production.log.1 file;  i ran it again on a lark and now it seems like its compressing production.log.1 => production.log.1.gz .. when will if ever logrotate remove stuff > 30 days old?
<fullstop> yep, sarnold, lists me as phoenix
<fullstop> I had corrected my data with maxmind
<sts> hello folks. Can anyone point me to the apparmor patches ubuntu includes in its kernel (eg. for mount mediation?)
<tyhicks> (I already answered sts in #ubuntu-kernel)
<jamespage> EmilienM, -dkms disappears at 14.04
<jamespage> EmilienM, the 3.13 kernel was the first kernel that had sufficient in-tree support for ovs + openstack
<EmilienM> excellent thx
<Aison> are there any major changes in /etc/network/interfaces for 16.04?
<Aison> my 16.04 randomly fails to start interfaces
<Aison> and also boottime is around 10minutes
<patdk-lap> nope
<sarnold> Aison: new 16.04 installs use systemd's default interface naming, iirc, which may be .. different .. from what you're accumsted to.
<Aison> my interfaces file: http://pastebin.com/k5Mdpafi
<Aison> in addition, there are 65 more bond0.X interfaces
<Aison> I guess the bootscript simply collapse when starting so many interfaces
<dasjoe> Aison: to get back to previous device names: ln -s /dev/null /mnt/etc/udev/rules.d/80-net-setup-link.rules
<Aison> dasjoe, the interfaces are still named eth0, eth1, eth2, eth3 here, so I don't think that there is any change?
<Aison> strange
<Aison> if have no file "80-net-setup-link.rules" in my rules.d
<Aison> ah, the devices are named by 70-persistent-net.rules here
<transhuman> hi can anyone tell me where the log for dmraid is (is it stored on the drives or in memory? I ask because I have an error which someone created a patch for (which I cant use ) that indicates the error occurs when the log is non empty (rebuild cant occur ) NOTE This bit of code is in redhat http://paste.debian.net/679050/
<dasjoe> Er, I have a wild /mnt there, it's /etc. Also, I link 80-net-setup-link.rules to /dev/null so the rules from /lib/udev/rules.d/80-net-setup-link.rules are not applied
<Aison> ah, ok
<Aison> for example, systemctl --failed says:
<Aison> â nfs-idmapd.service loaded    failed failed NFSv4 ID-name mapping service
<Aison> and
<Aison> â networking.service loaded    failed failed Raise network interfaces
<Aison> these two fails
<Aison> is it somehow possible to define the order in network/interfaces?
<Aison> so I would like to define some order
<Aison> in which the interfaces are setup at boot
<transhuman> anyone know how to clear the dmraid log the one that shows up with the command dmraid -n?
<jamescarr> I have a rather obtuse question... is there someway to modify sudoers in a way that `sudo su -c "some command"` will include the env of the user who runs it?
<sarnold> jamescarr: look for env_reset, env_keep in suoders(5) http://manpages.ubuntu.com/manpages/xenial/man5/sudoers.5.html
<sarnold> I can never find my way through that manpage but it sure feels like it should be possible
<mdeslaur> why "sudo su" instead of just sudo?
<sarnold> I'm pretty sure I saw a good reason for that once. I can't recall what it was now.
<mdeslaur> oh, perhaps to run the command as a different user
<mdeslaur> but I guess -u should be used instead
 * mdeslaur shrugs
<jamescarr> well in my case, it's a sudo -c command running in vagrant. The only way for me to change it is to push out a custom build to all of our engineers. would rather modify sudoers in the virtualbox instance instead :-)
<jamescarr> thanks
<jamescarr> env_keep looks on point
#ubuntu-server 2016-05-03
<Aison> what's wrong here? nfs-idmapd.service: Control process exited, code=exited status=1
<curmet> I've developed and tested web app (using a framework) in windows machine successfully, but after I move the app and framework folder , from c:\xampp\htdocs\ to /var/www/html to Ubuntu machine, it encounters errors, "cannot find the requested view" . What changes should I make to Ubuntu machine?
<curmet> THanks in advance :)
<Repox> Hello. I just installed Ubuntu 16.04 and I want to setup Jenkins. Now, I have some options regarding installing OpenJDK, and I can see that most information refers to openjdk-7-jre, but is there any reason why I should want to avoid openjdk-8-jre or openjdk-9-jre?
<Dulcin> Hi, is there a way to see how much data my server is using?
<ReScO> ifconfig ?
<patdk-wk> what is *data*?
<Dulcin> Well the problem is, my host tells me my server (which has been there for years) all of a sudden started using 1TB data per day since about 3 weeks ago
<Dulcin> and they charge 50 cents per gig
<Dulcin> Is there a way to verify this?
<patdk-wk> you are running mrtg/munin/cacti/... on it?
<patdk-wk> my bet is your infected and sending spam email
<patdk-wk> and attacking other websites
<Dulcin> I haven't installed those myself. It's a default ubuntu server and I only set up a web server on it
<patdk-wk> well, that is safe
<Dulcin> so what should I start with to find out?
<patdk-wk> atleast till you install php/cgi'/...
<patdk-wk> well, see what is running on the server
<patdk-wk> log all open connections
<poohbear82> my website is running on ip that starts with 10. I understand it is on the local network. How do I make it public?
<Dulcin> ok thank you I'll start with that
<patdk-wk> poohbear82, ask your network admin
<poohbear82> well conceptually... what has to happen?
<poohbear82> I'm trying to understand
<hateball> poohbear82: NAT has to happen
<patdk-wk> maybe
<patdk-wk> we don't know what has to happen, as we don't manage his network
<patdk-wk> nat, or public ip assigned, or vlan move, or ....
<patdk-wk> so many options, nothing we can really help with
<patdk-wk> or just forget about this ipv4 stuff, and use ipv6
<poohbear82> Ok, thank you.
<Dulcin> patdk-wk, I'm a bit at a loss here, can you point me in the right direction?
<Dulcin> I checked the auth.log and I see a bunch of ssh attemps on root user, but that's locked
<Dulcin> when I check 'who' I'm the only one logged on
<Dulcin> I checked netstat -tupn
<Dulcin> Most seems to be webserver connections
<patdk-wk> I never said to check auth.log
<patdk-wk> that is normally useless
<Dulcin> Sorry I'm a web developer with limited knowledge on these things
<patdk-wk> if your compromised, and it shows in auth.log, you have issues
<patdk-wk> it's almost always the web that is broken
<Dulcin> patdk-wk: but these attemps seem to fail
<Dulcin> What do I do to check if I'm compromised?
<patdk-wk> yes, and failed attempts are not a compromise
<patdk-wk> they are just normal random internet noise
<patdk-wk> everything :)
<patdk-wk> you don't know how you are compromised, or if you are, so the only way to know is to check everything
<patdk-wk> but there are only two reasons for increased internet traffic
<patdk-wk> ligit, increased usage of your server
<patdk-wk> or non-ligit, compromised server
<patdk-wk> I'm betting it's compromised, and likely via the webserver
<patdk-wk> so looking in auth.log is likely pointless
<patdk-wk> unless you have really weak passwords
<Dulcin> I dont think I do, they all have lower-upper case and special characters in them
<patdk-wk> it's possible someone compromised your password, but normally that is very rare
<patdk-wk> compared to a website getting compromised
<Dulcin> so, then I should check the web server logs?
<patdk-wk> sure, but that won't likely tell you much
<Dulcin> how do I proceed?
<patdk-wk> normally the most help those are, is after you find the comprise, to locate when it was first used, and put in place
<patdk-wk> like I said above
<patdk-wk> look for anything running that sholdn't be
<patdk-wk> look for any new files on your server
<patdk-wk> anything that doesn't belong
<patdk-wk> or if you just don't care, scrape the server and reinstall it
<patdk-wk> hopefully without whatever was that let them in
<Dulcin> patdk-wk: just got a call from my host, they finished their investigation...
<Dulcin> patdk-wk: they made an error in their calculation...
<Dulcin> I did not use 13TB in 12 days :|
<patdk-wk> :)
<patdk-wk> I would recommend you install mrtg/munin/cacti/... to monitor your usage
<Gazby> Hi everyone. Is it OK to install the ubuntu-server package (http://packages.ubuntu.com/xenial/ubuntu-server) post-install? The basic images you often get are missing several packages from a server install so I like to fix that, but open-iscsi fails to start when installing ubuntu-server so the install fails.
<patdk-wk> if nothing else, you will be able to see and predict when your usage changes and account for it
<Dulcin> patdk-wk: any preference to those?
<patdk-wk> personally I perfer munin
<patdk-wk> though I use cacti also
<patdk-wk> just cacti is kind of overbearing
<patdk-wk> lots of poeple seem to like graphite
<patdk-wk> all have different levels of setup complexity
<Gazby> +1 for munin
<Gazby> graphite is amazing, but a lot more work than munin, and probably for a more narrow use case
<Pici> I'm using graphite + grafana here for some random stuff, I like it a lot.
<Gazby> oh that's very sexy
<RoyK> I've started setting up zabbix for testing.
<Gazby> we used dashing http://dashingdemo.herokuapp.com/sample
<RoyK> Gazby: commercial thing?
<Gazby> no
<Gazby> built by shopify, floss
 * patdk-wk should floss
<Pici> grafana+graphite: http://i.imgur.com/uIyQWSS.png
 * patdk-wk is now just a stat on pici's graph
<Gazby> that's gorgeous
<genii> Pici: Are those three spikes netsplits?
<Pici> genii: yes. I put an annotation thing in, but it doesn't work that well yet: http://i.imgur.com/A6OS1Bk.png
<Pici> I'll open it up to ops once I figure out how to separate out my own personal dashboards out.  I have some of my own servers in there, plus I'm tracking unread emails and I'm working on another small project to feed some more esoteric data in.
 * genii makes sure the coffee keeps coming
<Gazby> have posted my question here: http://askubuntu.com/questions/766920/how-to-install-packages-from-basic-with-a-minimal-install
 * patdk-wk never uses anything > ubuntu-minimal
<patdk-wk> but why would open-iscsi fail?
<patdk-wk> are they using some odd kernel? openvz thing?
<Gazby> it happens on linode, standard kvm, and vultr
<Gazby> my understanding is that it always fails and the ubuntu installer just ignores it
<Gazby> you'll find it failing in the dmesg of any basic install
<TJ-> Gazby: looks like bug 1576341
<ubottu> bug 1576341 in systemd (Ubuntu) "fails in lxd container" [Undecided,Confirmed] https://launchpad.net/bugs/1576341
<patdk-wk> that wouldn't affect kvm
<Gazby> ya
<Gazby> i had seen that, the log output differs from mine also
<Pici> Gazby: hrm.  I remember needing to a bit of steps on my linode when I setup my linode, but that was a while ago and I don't recall seeing that error.
<Gazby> i could probably cobble something together is `tasksel --list-packages` was outputting a package list. i've no idea what the output of "^server" means
<mike-zal> I don't have apache on my server and yet during a boot system tries to open it. I get: The apache2 instance did not start within 20 seconds... etc. it slows down my boot
<mike-zal> how can I get rid of this automatic apache start?
<Pici> Gazby: you may want to ask #linode on oftc.net as well.
<Pici> which reminds me, I should rejoin that too.
<mike-zal> it showed afer I tried and installed webmin and then uninstalled it (with a script, just like instructed on their site)
 * patdk-wk is testing it
<patdk-wk> mike-zal, well, then you screwed it up
<mike-zal> I know :P
<patdk-wk> and you will have to ask their website what the script did
<patdk-wk> and undo it
<patdk-wk> not sure we have any idea what happened
<mike-zal> shit, sorry
<patdk-wk> Gazby, it worked fine for me
<mike-zal> ok, so new install. it's testing anyway so far
<patdk-wk> I installed a ubuntu-minimal
<patdk-wk> then did an apt-get install ubuntu-standard
<patdk-wk> it installed and worked just fine
<patdk-wk> no issues
<mike-zal> next time I won't install webmin. it's overkill for me
<mike-zal> ajenti works just fine and should be sufficient
<patdk-wk> so whatever they did to make their *custom* ubuntu 16.04 image, broke it
<patdk-wk> assuming it really is kvm, full vritualization and not openvz
<patdk-wk> but then, everything is assumed to be broken on openvz/lxc/...
<mike-zal> is it safe to install server 16.04?
<patdk-wk> what is safe?
<Gazby> patdk-wk: i'm trying to instal ubuntu-server not ubuntu-standard
<mike-zal> desktop version has cleary issues and I wonder if that's not transferred into server, although it shouldn't since there is no gui
<patdk-wk> hmm
<mike-zal> just asking what is the general opinion on this
<mike-zal> they screwed desktop and that lowever trust overall in 16-04
<patdk-wk> depends on what you call *safe*
<mike-zal> hence my wondering wheter I should insyall it or 14.04
 * patdk-wk wonders what is screwed up in desktop
<mike-zal> mostly the new software center
<patdk-wk> people actually use that?
<mike-zal> it doesn't find packages that are available through apt-get
<nacc> that issue is supposed to be fixed soon, though, iiuc?
<patdk-wk> my only issue is the gnome toolbar
<patdk-wk> that the gnome method to disable them doesn't work
<mike-zal> also this other program, what was it? for manging packages. syn something?
<mike-zal> synapitic
<nacc> synaptic
<mike-zal> also doesn't see those packages. but they are possible to install via terminal
<mike-zal> that's a major screw up and people are talkig about it
<mike-zal> anyway, that's gui problem so probably not related to servers
<nacc> also "screwed" is a bit of an overstatement (IMO), and that's also why LTS -> LTS upgrades aren't offered yet :)
<nacc> (again IMO)
 * patdk-wk did a raw install, no upgrades
<patdk-wk> oh, ubuntu-server is a new package, didn't used to exist
<patdk-wk> no wonder I was confused
<patdk-wk> looks like everything I don't use, no wonder I'm not too interested in it
<mike-zal> I red release log, there are mainly changes in packages version
<patdk-wk> only items in it, ethtool, patch, vlan
<Gazby> it exists in 14.04, that's why i'm trying to install it on 16.04, been doing it on trusty forever
<mike-zal> I'll give 16.04 try. there is no point of using old system and packages for the next few years
<patdk-wk> I looked in 14.04, it tells me no package
<patdk-wk> apt-cache show ubuntu-server
<patdk-wk> N: Unable to locate package ubuntu-server
<patdk-wk> E: No packages found
<mike-zal> and release upgrae is a bit risky
<nacc> rmadison says only xenial + yakkety, fwiw
<patdk-wk> http://packages.ubuntu.com/search?suite=all&searchon=names&keywords=ubuntu-server
<mike-zal> nacc: did you install 16.04?
<nacc> mike-zal: a few months ago, yeah
<patdk-wk> I have around 20 16.04 installs so far
<mike-zal> and no problems?
<patdk-wk> only the one on my laptop that uses the gnome scrollbars
<patdk-wk> it's damned impossible to use those scrollbars on a 4k screen that is 15"
<mike-zal> ok, got the iso. will launch startup
<nacc> mike-zal: none, but this is on a desktop (and i'm running ubuntu gnome, technically, i guess)
<mike-zal> I'm installing in VB for educational purposes
<mike-zal> learning some basics
<mike-zal> I'm planning to buy cloud VPS and move my shop there
<mike-zal> ovh will have 16-04 probably ready in summer, at least so they told me over the phone a month ago.. :P hopefully quicker
<patdk-wk> yuk
<patdk-wk> ok, ubuntu-server installed manually on ubuntu-minimal
<patdk-wk> install worked, reboot worked
<rbasak> patdk-wk: ubuntu-server is a metapackage generated from the server seed, new in Xenial. It's there so that if a user removes packages depended on by ubuntu-server, they know that they may be breaking something by no longer having what we call "Ubuntu Server", and on future release upgrades we can add to the list so users' systems can follow along.
<daftykins> hey folks, i have an OpenVPN setup running on a 14.04.4 server (so vivid HWE) that is proving to be wholly unreliable, might the 4.2 kernel have issues with openVPN?
<rbasak> ubuntu-desktop etc. already did something similar.
<daftykins> reliability woes manifest as webpages sporadically loading through the tunnel... network resources failing one moment that don't the next... etc.
<mike-zal> out of curiosity, if you decided for ubuntu server then why? why ubuntu and not centos or debian?
<daftykins> mike-zal: just checking, was that query to someone else?
<patdk-wk> rbasak, you oviously where not following along
<patdk-wk> rbasak, read Gazby
<mike-zal> that was for anyone who is willing to share
<patdk-wk> !poll
<patdk-wk> !best
<patdk-wk> damn bot
<daftykins> mike-zal: run what you like, it's not apt to ask for opinions in distro specific channels
<mike-zal> ok, then let me rephrase. why do you like ubuntu server? just curious. I have my reasons to choose it but I'd like to know why others use it
<mike-zal> I'm not looking for other server if that is what you are implying daftykins
<daftykins> mike-zal: sorry i don't follow
<patdk-wk> yes, but those reasons are specific to that person, and rarely relates to others
<mike-zal> mine are simple. I don't know much about servers so I
<mike-zal> so I'd better stick to ubuntu since I know it a little
<mike-zal> while debian or red hat systems are totally strange for me
<daftykins> debian'd be the same experience pretty much
<mike-zal> plus, there is lot of stuff on the net about ubuntu server so in case of questions, it's easy to look for answers
<mike-zal> also, ubuntu seems to be more newbie friendly
<patdk-wk> ubuntu is *debian based*
<patdk-wk> so for debian to be strange, would be really strange :)
<mike-zal> I know but there must be sime differences. never tried pure debian
<Pici> Ubuntu's releases are easier to understand.
<daftykins> in the past i found ubuntu had sane configuration defaults for packages, whereas you may install the same package on a debian machine and it just wouldn't even run
<mike-zal> so it seems that ubuntu is more user friendly after all
<WOW> Hello
<WOW> I meet a problem and can't figure it out for a couple of days...
<Pici> Whats up?
<WOW> need help...
<WOW> We have multiple trusted domains.
<daftykins> WOW: type it all on one line if you can, volunteers don't want to read a page of scrollback
<WOW> I built one ubuntu server to join domain A..Works perfect..
<WOW> I can use command id, su -...
<WOW> ok
 * patdk-wk wonders what a trusted domains is
<daftykins> windows server term probably
<daftykins> i.e. active directory domains
<WOW> I built another ubunbu server to join domain B, same steps, only different domain name..after I join the ubuntu server to domain B. I can see this server listed in domain B. I can login to the ubuntu server by build in administrator account only..Can't use any other domian accounts to login to the server or run id or su - command..If I run id command, it gives me " no such users"
<patdk-wk> ya, active directory defines it, domain doesn't could be dns, could be network, could be hundreds of things
<WOW> I have compared the settings of these two boxes...the only different is domain name...DNS works will
<WOW> well
<WOW> any special logs I can check...
<daftykins> yes authentication related ones
<WOW> I am using sssd+ realmd
<WOW> by default all the domain use should be able accesss the box once it is joined to domain...
<WOW> no issue on box one which was joined to domain A
<WOW> Doesn't work on the second box which was joined to domain B...
<WOW> runnning out of idea at all
<WOW> I can see the second box in the AD...
<daftykins> yeah so read the auth logs when trying as a domain user
<tgm4883> Has anyone used altermime to add a multiline disclaimer to all postfix emails? I've got it adding it, but it's making my disclaimer a single line
<WOW> Apr 29 15:16:18 ubuntutest login[2551]: pam_unix(login:auth): check pass; user unknown Apr 29 15:16:18 ubuntutest login[2551]: pam_unix(login:auth): authentication failure; logname=administrator@MYDOMAIN.COM uid=0 euid=0 tty=/dev/tty1 ruser= rhost= Apr 29 15:16:18 ubuntutest login[2551]: pam_sss(login:auth): authentication failure; logname=administrator@MYDOMAIN.COM uid=0 euid=0 tty=/dev/tty1 ruser= rhost= user=MYDOMAIN.COM Apr 2
<WOW> here is the logs
<WOW> I don't quite understand...
<ReScO> LDAP is kicking my ass :(
<ReScO> can't think of a proper structure
<WOW> You know what, I am going to try samba + winbind
<WOW> and see if different result...
<mike-zal> why sudo restart ssh says that there is no such command?
<genii> mike-zal: Because you want something more like sudo service ssh restart
<mike-zal> genii: thanks :)
<ReScO> Anyone in here a bit more experienced with setting up LDAP in a corporate environment?
<mike-zal> shit, can't connect to ssh from host computer. it's not doing anything :(
<mike-zal> does ssh has to be opened in ufw first?
<tarpman> ReScO: #ldap is a good channel for discussions of LDAP in general
<genii> mike-zal: You're syaing that: ssh localhost  ..or: ssh 127.0.0.1     or: ssh <exact IP of the host computer>  while on the host computer does not work?
<mike-zal> yeap
<mike-zal> I do: ssh root@localip and nothing. cursor moves to the next line
<mike-zal> I got actually only netowork IP 192.168.1.16 and I use that
<genii> Try a non-root account
<genii> work, AFK
<mike-zal> the same
<mike-zal> maybe I have something wrong on server
<genii> mike-zal: Do you have openssh-server package installed?
<mike-zal> ok, found it. ufw was blocking it. added rule for ssh
<mike-zal> genii: thanks
<genii> np
 * genii wanders back to work 
<mike-zal> how to install mysql database?
<teward> mike-zal: sudo apt-get install mysql-server
<mike-zal> sudo mysql_install_db seems to be deprecated
<mike-zal> I already got it
<teward> mike-zal: then I fail to understand your question
<teward> the 'automatic configuration' is done during the apt-get install phase
<mike-zal> it says "Please consider switching to mysqld --initialize"
<teward> and sets up the 'mysql' server
<mike-zal> ok, then maybe that is why I get "[ERROR] --initialize specified but the data directory has files in it. Aborting."
<mike-zal> I'm looking on 14.04 instalation guide so some things are outdated obviously
<mike-zal> in 14.04 it had to be done manually
<mike-zal> is php5-fpm ok for 16-04?
<mike-zal> I guess not, because I got that it doesn't have accessible version
<teward> mike-zal: there's no php5-fpm in the repositories
<teward> mike-zal: I wrote a blog post about how to get *a* version of php5.6 for the system, but it's not an official Ubuntu-supported method because PPA
<teward> !ppa
<ubottu> A Personal Package Archive (PPA) can provide alternate software not normally available in the offical Ubuntu repositories - Looking for a PPA? See https://launchpad.net/ubuntu/+ppas - WARNING: PPAs are unsupported third-party packages, and you use them at your own risk. See also !addppa and !ppa-purge
<teward> mike-zal: http://dark-net.net/?p=128
<teward> mike-zal: you can try php7.0-fpm first though
<teward> mike-zal: though you may have some headaches getting it to the same point your php5-fpm was at
<mike-zal> yeah, I found and installed php7
<mike-zal> was just looking on outdated info
<teward> mike-zal: MOST guides are not updated for 16.04 :P
<mike-zal> on digital ocean is
<mike-zal> at first I thought they didn't so I followed old tutorial but then I found newer version
<mike-zal> so far they have the best guides
<daftykins> bear in mind DO is a bit different from stock ubuntu, such as being email'd root passwords instead of a user which can sudo - although you can easily implement this setup then disable root SSH login (which is sane security practice)
<teward> ^
<teward> daftykins: though, most VPS providers fall into that category
<teward> (RamNode let me use an ISO to reinstall my VPS though, so I was able to do the full from-scratch setup on the KVM VPS heh)
<mike-zal> ok, thanks. will read about securing server later. in guide there are some basic notes how to disable the most insecurities but I'm sure that's not all. besides this is testing server so I don't want to set all security measures just yet
<mike-zal> I'm complete newbie so I have to go with some very simple to understand guides
<daftykins> no you should do the user management bits from the beginning
<axisys> how do install a older version of package? I want to install offlineimap from trusty into xenial
<axisys> sudo apt-get -t=trusty install offlineimap did not work
<axisys> The value 'trusty' is invalid for APT::Default-Release as such a release is not available in the sources
<daftykins> you can't pick a version based on distro name
<daftykins> it's also *highly* inadvisable to try to take one from an older release
<hallyn> smb: sarnold: arges: *completely* unpredictably, i'm running into trouble trying to use both groups libvirt and libvirtd :)
<axisys> daftykins: had been trying to current version working for few days.. so using docker to run older version and running offlineimap from it with shared folder for Maildir/ .. but I like to run it from outside docker
<daftykins> axisys: so the point is you're running... 16.04? and this ones is broken?
<axisys> daftykins: actually correctly speaking.. this one fixed the certificate issue and I cannot make the imap ssl work anymore.. older version silently ignored it and was working fine.. :-)
<daftykins> heh
<axisys> daftykins: may be I should take this discussion back to #offlineimap again :-)
<daftykins> or run 14.04
<axisys> last time it was quite...
<axisys> already upgraded to 16.04
<axisys> so downgrading to 14.04 would be lot of work.. so vagrant or docker are my only solutions to use older distro
<daftykins> well you can't downgrade, you'd simply spin up a VM for these times
<daftykins> back to their channel it is then by the sounds :)
<axisys> I do not want to start a whole new VM with vagrant.. so picked docker..
<axisys> daftykins: :-)
<axisys> daftykins: docker works really well.. but i need to work a little bit more for a persistent cache.. or it is kind of slow..
<hallyn> bah, bc it's trying to be too smart:
<hallyn> sudo addgroup --system --gid 117 libvirt
<hallyn> addgroup: The GID `117' is already in use.
<hallyn> -o i guess
<daftykins> docker != VM as far as i follow it
<sarnold> hallyn: *shocked* I'm shocked I say!
<hallyn> sarnold: i'm gonna give it one more go and if that fails i'll just punt on the switching to libvirt gorup for now :)
<ppetraki> hallyn, apw, so we just find the coolest g++-5.0 compiler bug  - https://bugs.launchpad.net/ubuntu/+source/gcc-5/+bug/1577891
<ubottu> Launchpad bug 1577891 in gcc-5 (Ubuntu) "Placement new destructor call optimized out" [Undecided,New]
<hallyn> ppetraki: "c++ lolz"  :)
 * hallyn hasn't used a c++ class since 2001
<ppetraki> hallyn, it's how real work get's done ;)
<hallyn> you know this actually rings a bell
<hallyn> wasn't there some libc bug or kernel bug causing a memset to always write 0s instea dof the requested bytes, or something?
<ppetraki> hallyn, me neither, until I started working here. No reason to use anything else.
<sarnold> ppetraki: the heck does this mean? :) "Signature *sp = new(p) Signature();"
<ppetraki> sarnold, "write your stuff here"
<ppetraki> aka placement new
<sarnold> in. sane.
<ppetraki> you get used to it, rarely used to be honest, but when you need it you need it
<ppetraki> what's insane is optimizing out functions that I call
<sarnold> I can imagine that if you were going to have afew million objects of a given type that you might want to use this thing with slabs that grow and shrink etc..
<ppetraki> we do
<ppetraki> represents a SHA1
<hallyn> ppetraki: well you wanted optimization, give us a prize for giving you what you want
<hallyn> what's faster than "don't do it"
<ppetraki> well, since it's a sha, and sha names the data, we'll never find it again. so that's kinda bad for a storage array
<hallyn> just blame it on btrfs
<ppetraki> hallyn, you can blame everything on that. It's not even fun anymore
<daftykins> can't spell butterfingers without btrfs!
 * daftykins ducks
<hallyn> heh ppetraki wants a challenge
<sarnold> ppetraki: hopefully useful: http://www.daemonology.net/blog/2014-09-04-how-to-zero-a-buffer.html http://www.daemonology.net/blog/2014-09-06-zeroing-buffers-is-insufficient.html
 * hallyn looks on amazon for  BOFH calendar
<hallyn> sarnold: maybe but not until the compiler is fixed i'm guessing :)
<ppetraki> sarnold, interesting...
 * ppetraki tries
<sarnold> hallyn: that may still be the end result, yes. but memset_s() or secure_memzero() may be ways to tell the compiler that they aren't noops and can't be optimized away
<hallyn> oh, i see.
<axisys> daftykins: right docker is a container.. VM is OS over Host+Software as hypervisor
<de-facto> does xenial server support using i/o schedulers as kvm guest?
<ppetraki> sarnold, is it in 16.04? can't build using this example, http://en.cppreference.com/w/c/string/byte/memset
<bekks> de-facto: that question doesnt make much sense.
<patdk-wk> de-facto, what does that mean?
<bekks> de-facto: an I/O scheduler is not some kind of vm.
<de-facto> bekks im asking because some distros deactivate schedulers when used as kvm guests (e.g. you cannot set schedulers on /dev/vda)
<patdk-wk> you can do that, but it's rather pointless
<patdk-wk> cause any scheduling you do, will be *redone*, so your just wasting cpu/memory
<sarnold> de-facto: I understand only cfq scheduler supports the io priorities anyway, and afaict everyone hates that scheduler
<sarnold> ppetraki: it may require a different -std= ..
<patdk-wk> cloud-at-cost has a 10second delay programmed into their scheduler :)
<sarnold> patdk-wk: holy
<de-facto> yeah but what if i want to do it anyhow? is it possible on xenial or blocked?
<sarnold> patdk-wk: that's one way to discourage disk IO :)
<sarnold> de-facto: I've never seen an error message from ionice :) I assume you'll continue executing just without the classes you expected
<de-facto> e.g. will         echo "cfq" > /sys/block/vda/queue/scheduler ; cat /sys/block/vda/queue/scheduler         yield something else than "none" on xenial as kvm guest (virtio /dev/vda)?
 * patdk-wk still wonders what your attempting to gain
<sarnold> de-facto: hah, looks like that fails.
<ppetraki> sarnold,  nm -D /lib/x86_64-linux-gnu/libc.so.6 | grep memset_s
<ppetraki> sarnold, no results, memset is there, I don't think it made it https://sourceware.org/ml/glibc-bugs/2015-01/msg00193.html
<ubottu> sourceware.org bug 2015 in binutils "Segfault in setlocale() call makes programs unusable" [Normal,Resolved: invalid]
<sarnold> ppetraki: :(
<ppetraki> sarnold, but I can look for alternatives, now that I know that this exists. Thank you, that was helpful.
<patdk-wk> does the vda driver even support schedulers?
<patdk-wk> still don't get why you would want to
<patdk-wk> any ordering you do, will be redone with the hosts scheduler
<de-facto> sarnold so its not possible to change scheduler in xenial on such a scenario either then?
<patdk-wk> "For better performance of I/O-intensive applications, a new I/O path was introduced for the virtio-blk interface in kernel version 3.7. This bio-based block device driver skips the I/O scheduler, and thus shortens the I/O path in guest and has lower latency. It is especially useful for high-speed storage devices, such as SSD disks. "
<sarnold> de-facto: at least my xenial guests on xenial host doesn't. i'm not sure why you'd want to, the guest hasn't got a clue what storage looks like..
<patdk-wk> it is not possible on ANY linux kernel to do it
<de-facto> sarnold i just want to try different schedulers to compare performance. on an old wheezy i got "cfq" and its fast, on jessie i got "none" and its slow. so i want to change it for comparison
<de-facto> hence my question if xenial would allow me to do that
<sarnold> sure
<sarnold> just not in VMs
<de-facto> :-(
<patdk-wk> de-facto, you have a lot more differences than just the scheduler
<patdk-wk> cause the only reason the scheduler doesn't work, is if your using bio mode of that driver
<patdk-wk> so on wheezy, it doesn't support bio mode
<de-facto> how can i disable bio mode then?
<de-facto> patdk-wk also where can i see if bio mode of what driver is used?
<de-facto> i guess you are referring to /lib/modules/3.16.0-4-amd64/kernel/drivers/block/virtio_blk.ko or similar then
<de-facto> so did everyone pull the openssl update in already?
<karstensrage> yup
<karstensrage> restarted apache, stunnel?
<karstensrage> whats else?
<de-facto> karstensrage maybe something like "apt-cache rdepends openssl" can reveal?
<de-facto> is openssl the correct dependency in that case? or lib...?
<trippeh> libssl1.0.0
<rattking> I did a "lsof | grep DEL | grep ssl" to find them
<sdeziel> karstensrage: I use this script to find processes needing a restart: https://github.com/simondeziel/puppet-unix-tools/blob/master/files/sbin/check-deleted-libs
<trippeh> I kind of want to match processes to cgroups which could be matched to systemd units
<trippeh> want to make something to, that is
<de-facto> sdeziel nice one thanks :)
<sdeziel> de-facto: I've also wrote a little nagios check for it: https://github.com/simondeziel/custom-nagios-plugins/blob/master/plugins/check_deleted_libs
<de-facto> very neat indeed :)
<sdeziel> if you run some some VMs, you might be interested by check_qemu_outdated (now I'm done promoting my stuff ;)
<karstensrage> thanks rattking and sdeziel and de-facto
<karstensrage> all restarted
<de-facto> yeah  def have to look more into automagic stuff :)
<teward> Does apache2 on systemd systems (such as 15.10 and 16.04) still install an init.d file to /etc/init.d/ ?
<teward> asking because I'm automating a 'restart web services' script to push to my servers and systems via Landscape
<teward> it also reloads ssh too (openssl!)
<sdeziel> teward: yes, the systemd task is just a wrapper around the init script
<teward> s/automating/setting up/
<teward> sdeziel: this would apply for other services such as 'ssh' too?
 * teward is trying to use the existence of the init script for apache or nginx (the two web servers he would ever use) as criterion for a services restart
<sdeziel> teward: for ssh it's a a native task
<teward> sdeziel: SSH has a restart command either way - it's the web servers i'm trying to do this with
<teward> sdeziel: http://paste.ubuntu.com/16208886/ is the 'current' script logic
<teward> but not executed
<teward> yet
<sdeziel> teward: you might want to use the generic "service" wrapper command
<sdeziel> should be working for all versions/daemons
<sdeziel> AFK now
<teward> sdeziel: OK, will do, thanks
<sdeziel> np
<teward> apparently when I set up landscape on clients, it doesn't allow scripts as root - is there a way to fix that easily on multiple systems?
<teward> without me manually redoing the landscape config
<teward> nevermind
<teward> i have a temporary fix :P
<blizzow> upgrading my ubuntu server to xenial is hanging up during the upgrade of the mdadm package.  Specifically, it looks like it hangs while trying to stop the currently running mdadm service.  Does anyone have an idea how I might get past this hurdle? I tried manually stopping the mdadm service and that's not working.  The OS is on md0, so that has me a little concerned.
<autofsckk> hi, i have an isue with the r8169 problem, i think this thing is ancient but it seems to be giving us a lot of problems in some servers, i have strange behaviour on the network, for what ive been investigating i think is because of that module issue
<autofsckk> we use very old productions servers 12.04, could it be possible that this module bug could be hurting this servers?  they run 4 of this  05:00.0 Ethernet controller: Realtek Semiconductor Co., Ltd. RTL8111/8168B PCI Express Gigabit Ethernet controller (rev 06)
<autofsckk> i get a lot of this on dmesg   http://pastie.org/private/ezasoe2ell2kejbaqgfig
<genii> !info firmware-realtek
<ubottu> Package firmware-realtek does not exist in xenial
<genii> Hm
<autofsckk> genii:  i was making some iperf test with a dev server to see if i get some info from it but it seems to be working just fine, but when i look at some logs it seems that some errors come from disconnecting
<genii> autofsckk: You might want to try the r8168-dkms package, and see if that helps
<genii> !info r8168-dkms
<ubottu> r8168-dkms (source: r8168): dkms source for the r8168 network driver. In component universe, is extra. Version 8.041.00-1 (xenial), package size 83 kB, installed size 1083 kB
<autofsckk> i mean, when i see some logs from some apps running in the server it shows that those error come from bad network or disconnections, any idea on how could i be sure that the actual module is working right?
<genii> There's no real foolproof way to be able to tell if it's due to actual network disconnections, or the driver, unfortunately
<autofsckk> i couldnt find that r8168-dkms, should i add something to the repos to get it? im sorry i dont know too much ubuntu
<autofsckk> genii:  you mean i have to make this?  https://sikpigs.wordpress.com/2013/10/07/realtek-r8168-on-ubuntu-12-04/   i already downloaded the modules from realtek, compiled them and installed it on a dev server here on the office, but i dont know how to test this stuff locally without the real environment :S well thanks for the tip anyway genii :D
<genii> autofsckk: Since the package is in the "universe" repository, you need to enable that repository in your /etc/apt/sources.list file for apt to be able to see it's there after a sudo apt-get update
<autofsckk> genii:  ah ok, thanks a lot, ill change that then :D
#ubuntu-server 2016-05-04
<House> does anyone have 16.04, sssd+AD & autofs mounting smb shares working? i've got ssh, login, /home/AD/user folder creation, & sudo. smbclient works with password, but not with -k and auto.smb is failing for the same reason.  any suggestions on troubleshooting kerberos tickets?
<lunaphyte> what am i doing wrong here? http://dpaste.com/345PZV6.txt
<k2gremlin> Hello all. I am trying to add monitoring to a plex server. PlexPy is functional if I manually launch the file. However, I am trying to get it to run as a daemon using this guide. https://github.com/drzoidberg33/plexpy/wiki/Install-as-a-daemon Followed the Ubuntu section but when I attempt to start the service, it tells me failed to start no such file or directory..
<tarpman> lunaphyte: what would "right" look like? is /topic applicable?
<lunaphyte> tarpman: ah, thanks.  yes, it is
<lunaphyte> interesting.  has that always been like that?  i seem to remember it wasn't
<lunaphyte> indeed - do-release-upgrade -d reveals an upgrade
<John[Lisbeth]> I am doing a dist-upgrade on my vm. Teeming with excitement as this is my first dist-upgrade
<sarnold> John[Lisbeth]: are you intending to use it to upgrade to a new release?
<John[Lisbeth]> yeah and I kind of already typed it
<sarnold> oops
<John[Lisbeth]> lol
<John[Lisbeth]> oh well this is just a throw-away vm anyway
<sarnold> do-release-upgrade does a significantly better job :)
<John[Lisbeth]> Yeah I forgot that one
<sarnold> granted I use dist-upgrade daily on my systems, but that'sjust to upgrade from day to day.. not jumping releases
<John[Lisbeth]> well this will be a good learning experience for me then
<John[Lisbeth]> This is just a sort of mainframe I use so my cs peers and I can get into repls
<heftig> how usable is LVM's integrated RAID?
<heftig> I would prefer being able to select mirroring/striping per LV
<norc> Hi. What is the defined behaviour of Ubuntu when no more memory can be allocated?
<hateball> flush cache or start swapping, depending on how you've set vm.swappiness
<hateball> if everything is full, crash :D
<norc> hateball: I find that hard to believe that the operating system would crash.
<norc> That would allow any application to straight crash the server by just malloc'ing until the server runs out.
<ogra_> it calls OOM and starts killing processes
<heftig> s/crash/sacrifice a random process/
<hateball> Well, yea
<norc> Random? Or is there some algorithm for selection?
<ogra_> random usually
<heftig> Yes, memory hogs are targeted first
<ogra_> there are ways to hand an oom_score value to apps
<heftig> Each process also has an attribute that modifies its likeliness to be picked
<heftig> oom_killer_something
<maswan> typically though, on a normal server, it is time to reboot after you've found the oom killing stuff
<heftig> Or oom_score_adj or something like that
<norc> Ah. Im guessing the amount of memory used is also a factor, so that memory hogs will be killed first unless that oom_score gives it some priority, right?
<ogra_> well ... there are systems that use this as a feature ;)
<ogra_> like android
<maswan> yeah, thus my weasel words in the beginning. :)
<heftig> Android uses the oom killer?
<heftig> I thought the termination of paused background processes was at user level
<ogra_> yep
<ogra_> they patch it and call it lowmemory_killer though ...
<ogra_> and yes, there is userspace involved too
<ogra_> on a very low end server like an IoT device such a feature might actually even make sense :)
<ogra_> (system reliability over app availability)
<heftig> Well, those devices usually have relatively constant memory use
<ogra_> yet :)
<ogra_> just wasit til you can install a spotify proxy and owncloud on your heating controller which is also your NAS and wlan router ;)
<heftig> Well, I would have it so potentially memory intensive/dynamic tasks in sequence
<heftig> It do potentially
<ogra_> in the above case you would want the heating and wlan serivices to be highly available and very fail ... while the others are possible to be killed
<patdk-lap> yes, very annoying, when your are running like a database server, and some other program start eating ram, and OOM kills your database
<ogra_> uh ... s/fail/failsafe/ :P
<OlofL_> anyone setup nxfilter here?
<spm_draget> Is this a known bug that phpmyadmin package fails to run because it is missing php-mbstirng and php-gettext packages? http://askubuntu.com/questions/760567/phpmyadmin-missing-mbstring-extention-ubuntu-16-04
<spm_draget> Was there an update from <mysql-5.7 to mysql-5.7 on the ubuntu 16.04 release!?
<frickler> spm_draget: yes
<frickler> pretty late in the cycle I think with some fallout like https://bugs.launchpad.net/ubuntu/+source/percona-xtradb-cluster-5.6/+bug/1574509
<ubottu> Launchpad bug 1574509 in percona-xtradb-cluster-5.6 (Ubuntu) "mysqladmin-5.7 fails to set password for percona-xtradb-cluster-server-5.6" [Undecided,New]
<rbasak> nacc: see http://askubuntu.com/questions/760567/phpmyadmin-not-working-due-to-missing-mbstring-extention from above. Should phpmyadmin be listing dependencies there?
<spm_draget> I thought it was feature-freeze a few weeks before release.
<spm_draget> It blew my jira/confluence installation, too. Meh!
<teward> spm_draget: there are cases where some things can be slipped past FeatureFreeze in some cases - this was one of them
<teward> unfortunately
<teward> (in your case)
<spm_draget> *sighs* Oh well. Tomorrow is a day off. Good day to fix things :)
<nacc> teward: yeah, i guess based upon the linked to question from there, phpmyadmin already depends on php-gettext, but i guess needs a dep on php-mbstring
<nacc> teward: so i'm guessing that at least in one case, they installed from source (as the packaging wouldn't have allowed the former not to be installed)
 * teward was pinged?
<teward> oh
<nacc> teward: there are already two bugs for the same (mbstring) issue
<teward> nacc: probably should cc/ping rbasak who poked on it ;P
<teward> nacc: but yes this is one of those times where this type of thing blows up :P
<nacc> rbasak: want to upload the fix from LP: #1577482 ? I guess his versioning is off (probably for a PPA upload)
<ubottu> Launchpad bug 1577482 in phpmyadmin (Ubuntu) "PHPMyAdmin requires mbstring" [Low,New] https://launchpad.net/bugs/1577482
<teward> nacc: if it depends on mbstring then yes it should probably get that dep update - both in Yakkety and Xenial if SRU-able
<teward> but i leave that to you and rbasak, my php focus extends to about the default conf of nginx :P
<teward> oh and any php services I run but meh
<teward> thanks to Landscape, deployment scripts are fun xD
 * teward has a "Install PHP 7.0 with all necessary deps" script to push to Xenial boxes :P
<teward> (adds mbstring and gettext to the list)
<nacc> rbasak: made quite a bit of progress yesterday! the code is all there now, but have to debug why merges aren't quite working (i think it's mostly a mistake on my part with gitpython)
<rbasak> nacc: sounds good!
<rbasak> nacc: re bug 1577482, I'm happy to sponsor that, but do you need to send upstream?
<ubottu> bug 1577482 in phpmyadmin (Ubuntu) "PHPMyAdmin requires mbstring" [Low,Confirmed] https://launchpad.net/bugs/1577482
<nacc> rbasak: actually, for yakkety we should sync and selectively backport the same deps (as i think it also migh tneed php-xml) to 16.04
<rbasak> nacc: that sounds reasonable. Are you happy for me to sponsor the sync?
<rbasak> (as in - have you confirmed that it's correct?)
<nacc> rbasak: yeah, i'm filing the bug now -- one sec
<nacc> rbasak: so i believe we can sync, i'll finish that in a `requestsync` bug and subscribe you, but from an ease-of-use perspective, we may want to consider reverting parts of this in the Y cycle: http://anonscm.debian.org/cgit/collab-maint/phpmyadmin.git/commit/?id=80a81e7915ee35cd27f8521a314812f3f38bc9ff
<nacc> rbasak: as, by default, phpmyadmin won't require the apache module, which i think will violate the principle of least surprise for many users?
<nacc> i guess it will prefer fpm by default, (via php -> php7.0 -> php7.0-fpm)
<rbasak> nacc: sorry, I don't follow.
<rbasak> You want to sync but then revert something that is in the thing that we synced?
<nacc> rbasak: i think debian made it less user-friendly
<nacc> rbasak: and ubuntu is supposed to be the nicer debian :)
<nacc> rbasak: it's unrelated to our delta
<nacc> rbasak: they removed the OR'd deps on libapache2-mod-php7.0 (and i believe dep resolution will take the first one if possible?, I forget the rule)
<rbasak> Yeah, first possible.
<rbasak> Will that do the wrong thing on Ubuntu? Or otherwise, how is it less user-friendly?
<nacc> right, so i think (i'm verifying this in lxc right now) that `apt-get install phpmyadmin` in 16.04 will install libapache2-mod-php7.0, but in Debian (and if we sync in Yakkety) will install php7.0-fpm. So maybe not less user-friendly, but less expected potentially
<rbasak> Oh, because it depends on just php now, and not the specific ones?
<nacc> rbasak: right, i dont' know why debian didn't do 'Depends: libapache2-mod-php | php-cgi | php-fpm | php
<nacc> rbasak: hrm, i guess something else pulls in apache, so never mind! :)
<rbasak> nacc: I guess Debian doesn't want to choose? Ondrej prefers fpm I believe anyway?
<nacc> rbasak: yeah, that's probably why
<nacc> rbasak: ok, so that's all my point was -- we'd be making the "default" for phpmyadmin fpm, which would be a behavior change to end-users
<rbasak> nacc: I think it's worth considering whether we want to maintain a delta for this.
<sdeziel> teward: just looked at your paste (https://paste.ubuntu.com/16208886/) and in addition to using the "service" wrapper, I'd recommend calling "upgrade" on nginx so that you don't incur any downtime
<rbasak> How much are we prepared to maintain phpmyadmin in Ubuntu? I understand that we needed to do this for the transition, but what about on an ongoing basis?
<teward> sdeziel: s/upgrade/update/
<teward> sdeziel: bit late, though, i already ran the script during the scheduled maintenance window on my servers (all of them) last night
<nacc> rbasak: ideally not at all, meaning i'd rather we sync now and see what the fallout is ... it would only be in fresh installs of 16.10, afaict
<rbasak> OK. That sounds fine to me.
<nacc> rbasak: and it's an easy adjustment in the control file if people don't like it
<sdeziel> teward: no, I really meant to say "service nginx upgrade" ;_
<teward> sdeziel: heheh
<sdeziel> teward: that's the cool binary pivot thing :)
<teward> sdeziel: ah, indeed.
<sdeziel> teward: and I'm sure there will be more security updates requiring httpd restarts in the future
<teward> sdeziel: on my servers, though, it was coincided already with an nginx upgrade (PPAs with my own changes lol), so it was still necessary to 'restart' anyways (which is done during the upgrade process and in the postinst)
<teward> sdeziel: but you're right, it's why I still have the script on Landscape :)
<sdeziel> teward: why would "upgrade" not work in postinst? Sure it would require a bit more logic but should work IMHO
<teward> sdeziel: it may be using 'upgrade' but i'll double check
<teward> been a while since i stabbed the init and install scripts
<sdeziel> in fact, if the postinst could use "upgrade", I'd stop setting up a /usr/sbin/policy-rc.d before pulling those packages
<hallyn> smb: sadly i think your adding the Alias=libvirtd complicated upgrade to the new libvirtd.service
<sdeziel> teward: looks like the postinst is redoing the "upgrade" dance on its own: http://paste.ubuntu.com/16220815/
<teward> sdeziel: i don't need the code i have it here thanks (remember I constantly poke the package)
<teward> sdeziel: you're right - it rolls its own :p
<teward> but it matches the 'upgrade' code
<teward> i know there's other processes which 'stop' the thing in some versions, though... maybe I'm thinking the Trusty days
<teward> sdeziel: in my case it wouldn't have mattered - the maintenance I had planned included a kernel update on many of my KVM VPSes (and VMware VMs) so that needed some reboots anyways
<nacc> rbasak: sync bug filed and i subscribed you
<teward> which would have been ultimately the same impact of service stop, service start
<teward> but at a longer timeperiod due to the reboot
<teward> sdeziel: ^
<sdeziel> teward: indeed but I was talking more in general
<teward> sdeziel: right
<sdeziel> teward: Truty also has the same code dup
<teward> sdeziel: *shrugs* then i misread code sometimes, in any case it works as is - i'll update my scripts
<teward> sdeziel: note i'm kind of half burned out right now with other things :/
 * teward has literally only half of his attention span as of late
<smb> hallyn, hm ... not intentionally but systemd is makeing things complicated generally (imho)
<sdeziel> teward: it's not like if it was urgent ;)
<teward> sdeziel: ;)
 * teward yawns
<sdeziel> teward: want me to send a bug your way about it?
<teward> sdeziel: for the code duplication?  Send it to Debian first
<teward> i'm trying to *reduce* the delta, not add to it :p
<sdeziel> make sense, will do
<teward> sdeziel: 'low' item on the totem pole for Xenial, so it wouldn't land in Xenial unless something else came in that needed some attention
<teward> sdeziel: file against src:nginx up in Debian, file in Launchpad, link bugs.
<teward> i'll look at it 'eventually'
<sdeziel> teward: that's indeed not SRU worthy
<sdeziel> I'll try to provide a patch in the Debian bug :P
<teward> sdeziel: it would probably be implemented in Yakkety at the earliest, Z-series at the latest
<sdeziel> Z-series sounds kinda neat
<teward> the next 'merge' from debian is basically ending up as a "we have to almost start from scratch Debian"
<teward> because merges.u.c and Merge-o-Matic are breaking things
<teward> basically, keep changelog file from MoM, reapply the existing delta by hand
<teward> rbasak: ^
<teward> sarnold is also aware
<teward> (dynamic module support is breaking things!  >.<)
<rbasak> nacc: sync sponsored. Thanks!
<nacc> rbasak: thank you!
<hallyn> smb: +1
<lamont> stgraber: you around?
<lamont> stgraber: would like to chat a bit about bind vs lxd and port 53
<stgraber> lamont: around-ish, sprinting
<lamont> yeah
<lamont> I'm going to dig back to where BIND started listening on every IP instead of just using inaddr-any by default, and thinking that I may just want to change that
<lamont> I suspect that it was part of the cache-poisoning vs 16-bit ID changes
<stgraber> does that make an actual difference though? whether you bind on everything :53 or [::]:53 nothing else can bind port 53 while you're doing that
<lamont> bullcrap
<lamont> if you bind to :53 then someone binding to a particular IP:53 steals all traffic for that IP
<lamont> inaddr-any says "I'll take the traffic if no one wants it more than me"
 * lamont accidentally put postfix in production because of that feature of bind(2)
<lamont> wow. 19 years ago
<stgraber> ah, well, that's nice then :)
<teward> sdeziel: when you file the bug, link me to both the Debian one and the Launchpad one - that way I can track both, though I'll probably do that anyways whether Ig et bug numbers or not heh
<Sling> lamont: was that in the time when DEBUG on sendmail gave you root?
<lamont> Sling: I don't remember... I had postfix listenin on inaddr_any (to catch 2 ports without having an extra line of master.cf), and sendmail was listening on the production IP... and died.
<lamont> no one noticed for 2 weeks
<lamont> that was back in the alpha days
<Sling> ah sendmail way back used to respond to the DEBUG command and just gave you root like that
<Sling> cuz why not, internet was for researchers
<lamont> past that point
<lamont> it was definitely after the morris worm
<hallyn> yeah that's much much more than 19 years ago today, isn't it.  how time flies.
<lamont> time flies.  you can't: they fly too fast.  <-- thanks for the reminder
<lamont> and listening on inaddr-any is a somewhat invasive change to bind9. sigh
<hallyn> still seems to me like a .d directory is the way to go.  though inaddr-any sounds like a duh-why-not
<lamont> yeah... I'm finding that it might be more straightforward to just teach include some magic on how to handle directories
<hallyn> maybe once i finish some kernel gorp i'll take a look at implementing that
<lamont> git.debian.org//git/pkg-bind/pkg-bind.git <-- hallyn I also need to update the control file once I figure out what the url wants to be ther.
<lamont> hallyn: anyway, 9.10.3.dfsg.P4-10 is current
<lamont> said fix wanting to be SRUed into xenial (drop python2 dependency)
<lamont> hallyn: I'd be inclined to check the type of the include file, and if it's a directory, include any file directly in that directory whose name ends in ".conf"
<lamont> I'd rather not change the syntax of the config file in the least
<lamont> and with that, lunch date
<sdeziel> teward: https://bugs.launchpad.net/debian/+source/nginx/+bug/1578344 and https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=823435
<ubottu> Launchpad bug 1578344 in nginx (Ubuntu) "code duplication between nginx-*.postinst and init script" [Undecided,New]
<ubottu> Debian bug 823435 in nginx "code duplication" [Normal,Open]
<teward> sdeziel: I would retitle that a little more, expect a retitle from me :/
<sdeziel> np
<jge> hey all good afternoon, I have two ubuntu servers running 14.04.1 LTS and OpenSSL OpenSSL 1.0.1f 6 Jan 2014
<jge> however, when I do apt-get upgrade, one of them wants to upgrade openssl and the other does not see it
<jge> I have only main and security repos enabled
<jge> same on both
<jge> what am I missing here..
<mdeslaur> jge: did you do apt-get update first?
<sarnold> do they both have security.ubuntu.com repos listed?
<teward> sarnold: i would imply that based on their statement about only main + security enabled on both.
<teward> also good afternoon to you
<jge> mdeslaur: yep
<jge> sarnold: yes
<mdeslaur> jge: what's the result of "apt-cache policy openssl" on the server that doesn't find it?
<jge> damnit, I have to keep remembering the usefulness of this command.. looks like it was already upgraded to the version the other is nagging about
<jge> :)
<mdeslaur> ah, well there you go :)
<jge> thanks
<mdeslaur> yw
<lamont> hallyn: +XS-Vcs-Browser: http://anonscm.debian.org/git/pkg-bind/pkg-bind.git
<lamont> (which will be reflected in -11 :/)
<JanC> jge: do you have automatic security upgrades enabled on one of them?
<sdeziel> I wonder why HTTPS isn't the default for anonscm.debian.org
<lamont> bother.  good catch sdeziel
<lamont> it should have been https in the first place <-- hallyn
<RoyK> hm... https://launchpad.net/~kernel-ppa/+archive/ubuntu/ppa doesn't seem to work with xenial
<hallyn> lamont: just to be clear - nothing in that git tree implements .d support right?
<lamont> nothing whatsoever
<lamont> at least that I'm aware of
<sdeziel> RoyK: that PPA is empty ATM
<lamont> hallyn: thinking about it, maybe: include "/some/dir/*.conf"; <-- for syntax?
<RoyK> sdeziel: any idea where I can find upstream kernels without compiling them myself?
<sdeziel> RoyK: https://wiki.ubuntu.com/Kernel/MainlineBuilds ?
<RoyK> sergey: nothing there about xenial
<sdeziel> RoyK: I'd give that a try http://kernel.ubuntu.com/~kernel-ppa/mainline/daily/current/
<RoyK> thanks
<hallyn> lamont: it's been too long since i've used bind itself, but something analogous to /etc/network/interfaces.d/*.conf would be nice and unsurprising
<lamont> yeah... the issue is that the poor config file is structured, and the user will want to be able to inject a "include this directory" snippet into way too many places to predict.
<lamont> ergo, extend the include directive to let them do just that
<hallyn> oh.  heh.  structured.
<hallyn> don't suppose there is some existing convention for third party sed'ing of the file to add in and remove hunks or file includes?
<hallyn> grep lxd /etc/bind.conf || sed -i 's/REPLACEME/\0\nskip lxd network\n/' /etc/bind.conf
<lamont> not that I know of, though there are probably dozens. :/
<lamont> hallyn: of course, once we get the grammar, then the config file will grow to include several strtegically placed include statements
<hallyn> yeah <pained grin>
<sarnold> teward: it's possible to subscribe to the security pocket on a different server though
#ubuntu-server 2016-05-05
<nacc> rbasak: so i think there is a case we're missing ... unless i misunderstood you (for the importer)
<nacc> rbasak: if import_previous_version != tip_version, for debian
<nacc> rbasak: we currently always orphan
<nacc> rbasak: however, what about the case where debian didn't publish certain versions? so the lp publishing history does not include every version from the changelog
<nacc> rbasak: e.g., https://launchpad.net/debian/+source/strongswan/4.5.2-1, where import_previous_version is 4.5.1-1 (d/changelog), but debian/sid is 4.5.0-1 (lp spph)
<nacc> rbasak: it seems like we want the history to be as continuous as possible there, rather than a bunch of unconnected orphan chains?
<nacc> rbasak: i was just thinking that maybe get_versions_from_treeish should ensure the versions it returns are published versions? it doesn't matter for hte above case, though, it seems like 4.5.1-1 should have been published
<rstarmer> @stokachu: did you ever get a chance to try conjure-up on a KVM based system?
<stokachu> rstarmer: not yet ive been sprinting all week
<stokachu> was going to try it next week when I get back
<rstarmer> sounds good. enjoy your sprints.  Can you point me to any docs on debugging the deployment process, I may have some time to try to figure out what's going on, and it'd be good to understand anyway.
<rstarmer> or should I be looking to a pur juju mechanism for this instead (conjure-up just seems like a nice interface for managing all the pieces needed).
<stokachu> rstarmer: mostly use juju status to see which services are in an error state, then juju ssh service/0 and check the logs in /var/log/juju
<stokachu> yea we sit nicely on top of juju and lxd
<rstarmer> cool, will look off into that direction.
<stokachu> thanks, I'll definitely get this figured out I can see this being a nice benefit
<rstarmer> thanks!
<k2gremlin> Hey all quick and easy question. I want to create 2 new users to manage websites on a server. How can I lock them into their respective directories when they remote in? /var/www/webite1 and /var/www/website2
<Javezim> Anyone know how to tell Unattended Upgrades to NOT update Samba in Ubuntu 14.04.4
<andol> Javezim: Assuming a default setup you likely have a /etc/apt/apt.conf.d/50unattended-upgrades file? If you take a look in it you'll likely find examples on how to blacklist packages.
<Javezim> Would commenting out this line stop all security updates?
<Javezim> Unattended-Upgrade::Allowed-Origins {
<Javezim>      "${distro_id}:${distro_codename}-security";
<andol> Javezim: I imagine so, but if I were you I'd test and verify. Yet, in case you want to stop the automatic updates fully, wouldn't it make more sense to disable "APT::Periodic::Unattended-Upgrad" instead?
<Javezim> Is that in the 10periodic file?
<andol> Likely, but to be sure, just do a full grep under /etc/apt/apt.config.d/
<rbasak> nacc: if that's common, then yes, maybe.
<rbasak> nacc: and I like your solution.
<rbasak> nacc: unconnected orphan chains was my intent, but I didn't think it'd be very common.
<rbasak> nacc: can we keep our options open perhaps, and warn either way?
<Nonymous> What is the default username password for login into openstack dashboard after installing using conjure-up
<rbasak> stokachu: ^
<rbasak> Though he's gone it seems.
<Amadiro> Evening. I was trying to run `journalctl -b -1` to get the journal messages of the previous run on 16.04, but got the message "Specifying boot ID has no effect, no persistent journal was found". Any idea how to fix this?
<Amadiro> I tried journalctl --merge, but that doesn't give any messages older than the current boot either.
<ducasse> Amadiro: create /var/log/journal
<Amadiro> ducasse, thanks, I'll give that a shot
<Amadiro> ducasse, do you know what permissions/owner/group should be?
<ducasse> Amadiro: drwxr-sr-x 3 root systemd-journal 4096 okt.  20  2015 /var/log/journal/
<ducasse> Amadiro: AIUI journald will only write a persistent journal if that directory exists.
<rbasak> nacc: on second thought, I think you're right. I'm not sure how we'd manually fix up Debian imported orphan chains anyway.
<Amadiro> ducasse, thanks
<rbasak> nacc: as long as the version number goes up, tying them together is the best we can do I think. Provided Launchpad doesn't import intermediary versions out-of-order later.
<ducasse> Amadiro: you're welcome :)
<stokachu> NonParity: admin/openstack
<stokachu> sorry
<nacc> rbasak: ack, i'll adjust our algorithm for that, thanks!
<nacc> s/our/your/ :)
<k2gremlin> Hello all, currently on 15.10. When I try to upgrade to 16.04 using "sudo do-release-upgrade" tells me No new release found.. help? :P
<andol> k2gremlin: Seem to recall something about do-release-upgrade by default not moving to a new LTS until the first point release. You could try adding the -d option, doing "sudo do-release-upgrade -d", which I think will offer you 16.04.
<{a}qu|l3s>  Visit Irc . netchat . cl By Ragnar
<Isaboe>  Visit Irc . netchat . cl By Ragnar
<alcaldesa>  Visit Irc . netchat . cl By Ragnar
<maria37>  Visit Irc . netchat . cl By Ragnar
<COLOMBO1>  Visit Irc . netchat . cl By Ragnar
<Hugo35>  Visit Irc . netchat . cl By Ragnar
<jpdp>  Visit Irc . netchat . cl By Ragnar
<AnAiS_13_MaDriD>  Visit Irc . netchat . cl By Ragnar
<lucia10>  Visit Irc . netchat . cl By Ragnar
<a----->  Visit Irc . netchat . cl By Ragnar
<DeMonia33Barna>  Visit Irc . netchat . cl By Ragnar
<faro>  Visit Irc . netchat . cl By Ragnar
<chatina>  Visit Irc . netchat . cl By Ragnar
<Canaria35Guapa>  Visit Irc . netchat . cl By Ragnar
<sakkara40>  Visit Irc . netchat . cl By Ragnar
<andol> k2gremlin: I assume that your existing 15.10 install is fully up-to-date, and that you if nothing else have the most recent version of the ubuntu-release-upgrader-core package installed?
<k2gremlin> andol, Correct. When I log into the 15.10 install, it tells me upgrade is available. New release '16.04 LTS' available.
<andol> k2gremlin: Ok, did the -d option help then?
<k2gremlin> andol, tried that as well. -d is just accept defaults right?
<andol> No idea then.
<k2gremlin> sudo apt-get update && sudo apt-get dist-upgrade shows 0 upgraded, 0 newly installed etc..
<k2gremlin> so fully updated lol
<k2gremlin> andol, any significant problem staying on 15.10 until I can find time to just re-install the two VM's I have running Ubuntu?
<andol> k2gremlin: Well, you might want to do the upgrade within 2-3 months, because after that 15.10 won't recieve any more secure fixes.
<k2gremlin> andol, Thanks
<teward> nacc: around?
<k2gremlin> andol, got it working. had to change my Prompt=lts to Prompt=normal since 15.10 was not an LTS..
<k2gremlin> ill change it back to lts when its done
<andol> k2gremlin: Ahh, never knew that that setting also affected the from-version. Good to know, thanks.
<nacc> teward: pong
<teward> nacc: Zend errors would be in PHP or the zend-framework packages, right?
<teward> (I happened to be watching the bug announcements list, it has an apache2 issue that is Zend-related
<teward> nacc: since you know the PHP side, i thought i'd poke
<teward> :P
<teward> see if you can confirm my thought
<nacc> teward: it depends on which zend errors, zend engine itself is in PHP proper; zend-framework is MVC tooling
<teward> nacc: https://bugs.launchpad.net/bugs/1578732 looks auto-generated
<ubottu> Launchpad bug 1578732 in apache2 (Ubuntu) "/usr/sbin/apache2:11:ZEND_DO_FCALL_SPEC_HANDLER:execute_ex:dtrace_execute_ex:ZEND_DO_FCALL_SPEC_HANDLER:execute_ex" [Undecided,New]
<teward> but i doubt it's Apache
<teward> stacktraces keep pointing to libphp7.0.so and other php7.0 library items so..
<teward> .*shrugs*
 * teward happened to watch bug announcements roll in heh
<teward> nacc: but Zend is not part of Apache, the engine is in PHP, and zend-framework is separate
<nacc> teward: ack
<nacc> teward: that stacktrace is a php stakctrace
<teward> nacc: so then I should repoint this to PHP then?
<nacc> teward: what package is this (2.4.18-2ubuntu3) is that hte apche2 version?
<teward> nacc: the errors.u.c tracker has the errors filed as Apache2
<teward> because the errors were triggered as part of apache2's php module likely
<teward> which is 'seen' as part of apache2
<nacc> ah
<teward> unlike php7.0-fpm which is separate
<teward> nacc: and yes that's the apache2 version
<teward> the bug is a PHP7.0 one, though, if that's a PHP stacktrace
<nacc> teward: yep, i'd say so
<nacc> teward: although fixing these kind of bugs willoften need testing of upstream php7.0 and then psosibly filing an upstream bug
<teward> nacc: indeed.
<teward> i'm just on triage duty right now ;)
<teward> nacc: probably going to get yelled at, but that didn't read as an Apache error to me, when I saw "ZEND" :P
<nacc> teward: sure, but i also don't see what the error itself is yet
<nacc> php stack traces are awful
<nacc> did something segfault?
<teward> nacc: indeed, so it's just going to stay "New" until there's something we can test is my guess
<nacc> teward: ack
<teward> nacc: yeah it's reading an Apache crash
<teward> but the stacktrace goes to PHP module
<nacc> also i wonder if it's not showing the top, is there alimit to how many frames get copied? seems odd it would be precisely 2000
<nacc> so the error message is missing
<teward> nacc: scroll to the bottom of the errors.u.c page in the bug, and you should see incident uuid links
<teward> nacc: nfc, that's a bdmurray question
<teward> or errors.u.c people
<nacc> teward: so is e.u.c where auto-filed bugs get their data put?
 * nacc wasn't aware of it, just learning
<teward> nacc: looks like Apache crash during Apache start, but the trace points at php7.0 based on the address signature
<teward> nacc: ever see the "report error" button on the GUIs?
<teward> when something happens on the system and it generates an error report (like a crash)?
<nacc> teward: ack, i thought that was tied to apport-bug or whatever?
<teward> nacc: well, you can file a bug about it, but 'report problem' or 'report error' or similar will send to errors.u.c
<nacc> oh i see!
<teward> it's how I track the number of nginx upgrade issues without bugs for each one
<nacc> interesting
<teward> you'd be surprised how many issues I debugged in Trusty -> Utopic with that xD
<nacc> teward: and errors.u.c. has some smarts to combine them?
 * teward shrugs
<teward> nacc: AFAIK yes, but i think it does it based on traces
<teward> so the stacktrace and address signatures, and I think there's some analysis to try and ID identical issues
<nacc> teward: great, thanks for the info
<teward> nacc: but if that's a PHP stack trace then it stands to reason the php plugin is doing something wrong, with zend engine
<nacc> teward: i would agree
<teward> nacc: https://wiki.ubuntu.com/ErrorTracker
<nacc> rbasak: i'll add a sanity check that in this case and we're trying to fixup the history, there aren't any imports for versions in teh changelog between the last imported one and this one
<nacc> rbasak: and if so, we'll orphan like we were going to
<rbasak> nacc: I didn't think that fixing up the history was a special case though?
<hallyn> what the heck?  all my libvirt tests seem to be passing.  i must have set the host up wrong
<teward> hallyn: heheh
<nacc> rbasak: err, sorry, not general fixup, but the above case of a discontinous publishing history
<nacc> rbasak: which seems quite common, in lp
<nacc> rbasak: and it happens in ubuntu too: https://launchpad.net/ubuntu/+source/strongswan/+publishinghistory?batch=75&memo=75&start=75, 5.1.1-0ubuntu6 never made it out of proposed
<nacc> rbasak: hrm, another issue i just hit ... NMU uploads in debian, they seem to get deleted from the changelog on the next mainatiner upload?
<mrjazzcat> Are there instructions to setup conjure-up on 14.04.4?  From jamespage ODS talk, he mentions that is has some hoops to jump through.  I'm ready to jump.
<sarnold> looks like conjure-up is only packaged on xenial
<mrjazzcat> sarnold: thx.  Pretty big hoop :)
<sarnold> if you want to try it on trusty, maybe you could start with the 'backportpackage' tool in the ubuntu-dev-tools package
<mrjazzcat> sarnold: ok, thx
<sarnold> but it may make assumptions about what versions (or, more accurately, which features) exist in the tools it uses
<sarnold> so the next hoops might be installing e.g. dev versions of juju or whatever..
<mrjazzcat> sarnold: :)  maybe an alternative route, like the existing autopilot, then
<nacc> rbasak: i guess it can happen even for non-NMU, e.g. 5.1.0-1 dropped 4.6.4-7, 4.6.4-7, 4.6.4-8 -- i think our publishing history should reflect what's in the changelog?
<nacc> err, sorry -7, -8, -9
<hallyn> teward: yeah but i was right :)  was testing the wrong version.  zounds.
<jayjo> If I run 'sudo jupyterhub', does the privelege escalation apply to everything the jupyterhub process does in the future, or just the initial execution? Isn't a shell being launched as root and running the command juptyerhub, so further commands executed by jupyterhub are in the root shell, so should execute?
<sarnold> it depends upon the program; it could be possible for jupyterhub to change privileges if it wants to
<sarnold> it's a minor point, but I doubt sudo is starting a shell for this execution
<JanC> only if jupyterhub is a shell script or if you specify the -s parameter
<jayjo> jupyterhub is a python script
<nacc> rbasak: on a more positive note, i got changelog attribution working, so the git authorship is identical
#ubuntu-server 2016-05-06
<shannon_> hello, hopefully a quick question here.. but is there updated docs on a single server install of openstack for 16.04?  everything I can find online points to using openstack-install, which is missing from 16.04
<shannon_> I got this channel from http://openstack.astokes.org/
<shannon_> looks like the installer was possibly replaced by a binary simply called openstack, but I'm not sure how to use it as it appears to be more of an interface for managing a server already setup
<sarnold> shannon_: there's this thing, but I haven't tried it myself: http://conjure-up.io/
<shannon_> great, thanks. I'll check it out :)
<nacc> rbasak: fyi, i put some notes in the share doc
<nacc> rbasak: https://git.launchpad.net/~nacc/ubuntu/+source/strongswan
<nacc> rharper: --^ that's the full import of all the debian and ubuntu history, if you want to look at it, as an example
<nacc> rharper: for strongswan
<rstarmer> shannon_: conjure-up does work, but I had (and still have) some issues trying to use it on a KVM based virtual machine.  If you are building it on hardware directly, it should work well.  You might also want to grab the latest from the ppa rather than from the default package, as there are some tweaks to the network service that may be needed.
<rstarmer> ppa:conjure/ppa
<shannon_> ok thanks, yeah I'm installing on hardware
<rstarmer> It's pretty slick, automates juju driving LXD/LXC to deploy the services as containers.
<meloc> Hi. I've placed the mitmproxy root ca certificate in every directory i can find documented and have run update-ca-certificates over and over
<meloc> yet no new root CA is being added. no new symlinks in /etc/ssl/certs
<meloc> I can't find any actual, real documentation on this anywhere. Can someone please advise?
<Jordan_U> meloc: What kind of certificate is this file?
<meloc> standard PEM certs
<meloc> the same certs I use in Nixos and Arch without issue
<meloc> wow. just wow. it specifically looks for .crt files
<meloc> rename .pem or .cer to .crt and it works. wooo. Thanks for the rubber duck debugging assistance!
<Jordan_U> You're welcome :)
<OlofL_> I installed sudo apt-get install --no-install-recommends lubuntu-desktop, how do I get to gui?
<OlofL_> startx errors
<rbasak> nacc: looking good! I'll review the doc but we should probably do a hangout sync today to catch up I think?
<rharper> nacc: thanks!
<aard> hi, trying to figure out if the newest lts comes with a newer jmicron driver (jme) than 1.0.8 that comes with 14.04.
<sdeziel> aard: I'm afraid it's still 1.0.8: https://paste.ubuntu.com/16258501/
<aard> aww that's a shame but thanks for the answer sdeziel
<sdeziel> aard: you are welcome
<rbasak> nacc: I just found out about http://dep.debian.net/deps/dep14/. Might be worth looking into harmonising.
<rbasak> It's pretty close to what we're doing lready.
<trippeh> aard: in kernel drivers quite rarely actually update their version numbers though.
<trippeh> so it can have significant fixes
<aard> trippeh: hmm okay thx
<trippeh> https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/log/drivers/net/ethernet/jme.c there's at least a few fixes since 2014
<trippeh> since/during, anyway
<nacc> rbasak: ack, i'm around now
<nacc> rbasak: if you still are
<nacc> trippeh: even in mainline, the version is still 1.0.8
<nacc> trippeh: the 'version' of drivers is often nonsensical now that we have git :) just refer to, if you can, of the sha1 of the kernel commit that is the source for the kernel image
<nacc> trippeh: since it all moves together if it's in mainline
<nacc> aard: --^ actually, sorry
<nacc> rbasak: ok, are you ok if we change our naming to match dep14? e.g., s/:/%/ rather than s/:/_/
<nacc> rbasak: we should update git-dsc-commit too (i've got a --tree-only patch for that too)
<nacc> rbasak: do you want me to default to signed tags? i'm not sure if that will work with the faked authorship?
<JanC> maybe they should change the "version" of drivers like that to something like "git" then  ;)
<nacc> JanC: heh
<trippeh> heh yeah the version strings in in-kernel drivers is causing a bit of confusion.
<trippeh> they are pretty much "random"
<nacc> trippeh: they are also in the driver source, which relies on the driver vendors to update them; and some drivers don't get many updates (or only get bugfixes)
<nacc> and not all of those come from the vendor anymore, which means versions don't change correspondingly
<nacc> tbh, i'd ignore any string a driver emits about its own version, if it's from the kernel source :)
<nacc> and just trust the uname/git-sha to tell you what the src is
<JanC> hence, make a kernel policy to use a version string which makes that obvious for those drivers  :)
<JanC> solves the confusion part at least
<nacc> i'm sure for some vendors they do use the version string
<nacc> it's just not consistent
<nacc> JanC: feel free to suggest on LKML :-P
<hallyn> smb: you know it's a good thing we didn't try to merge libvirt 1.3.3 last cycle, bc i think it's a bit of a lemon
<nacc> rbasak: if you do come back online today, just ping me, or even just set up the hangout, i'll join (in case I don't see the ping)
<gQuigs> Can anyone help me understand what update-status does in the nova-compute charm (see bottom of https://api.jujucharms.com/charmstore/v5/trusty/nova-compute-254/archive/hooks/nova_compute_hooks.py)
<gQuigs> and what could make it fail..
<gQuigs> with http://pastebin.ubuntu.com/16264350/
<aard> nacc trippeh: so kernel driver versions doesn't say much really, as far as i understand. well, it states that a driver is "at least" a certain version so to speak
<hallyn> smb: jdstrand: arges: so i think i may have the libvirt-bin.service->libvirtd.service rename mostly working, but qrt failures pointed out that any scripts doing service libvirt-bin restart (for instance) will fail...
<hallyn> that is, systemctl restart libvirt-bin will work,
<hallyn> bc we have libvirtd aliased as libvirt-bin.service.  but 'service' and 'invoke-rc'd don't know about that
<hallyn> is that a problem?
<arges> hallyn: might be a good way to find obsolete scripts : )
<hallyn> roaksoax: jamespage: smoser: ^ will things like maas or subiquity hav ea problem with it?
<hallyn> arges: 'obsolete' sadly may not be accurate in our cloud archive world
<arges> hallyn: oh yea...
<hallyn> :(
<smoser> hm.
<arges> hmm
<hallyn> dunno if there is a way to trick it
<hallyn> and don't know what all we 'officially' support
<hallyn> sigh @ gratuitous rename
<JB_____> I have installed a host with dhcp server and FW server (ufw/iptables). But my rules in ufw are only apply on my host and absolutly not on my NAT... exemple if I block internet acces my host doesn't heave any more internet but on my private network internet stay present.. somebody can help me ? :/
<hallyn> all right well lets see how many more different failures i've got (qrt still running).  maybe i can still do better
<nacc> aard: it's just a string in the source, basically :)
<arges> hallyn: i think we're going to have to do it at some point. better at the first release after an LTS than later
<arges> but then cloud archive backporting may need extra logic
<hallyn> yeah
<hallyn> that may be the way to go
<hallyn> so i mihgt just push without extra logic for now while we work out bugs in regular setups, then we can accomodate whatever jamespage and friends need later
<jamespage> hallyn, arges: we have capability to support renaming of a service, and I think that on a systemd enabled install, we use systemctl transparently to the charm
<jamespage> service_restart(XX) -> systemctl restart XXX
<jamespage> but I'll check that
<hallyn> sounds good
<hallyn> all right, i'm now down to actually fewer qrt failures than with the xenial version.  yay.
<LostSoul> Hello
<ryankoski> hello all, I'm looking for a way to delay the autoimport of zfs pool in 16.04 to ensure that my devices are up and ready (not working on reboot right now)
<ryankoski> any tips?
<rattking> you could take alook at rootdelay or rootwait to slow the kernel down a bit
<ryankoski> @rattking, thanks for the tip, giving that a shot now
<ryankoski> no go
#ubuntu-server 2016-05-07
<Ph1LZ> hey! quick question regarding 16.04: I'm changing my /etc/network/interfaces.d/50-cloud-init.cfg from dhcp to static IP but I'm losing my changes at each reboot. Can someone help me please? ( 16.04 server on EC2 )
<sarnold> Ph1LZ: are other changes persistent?
<Ph1LZ> if I'm configuring it in /etc/network/interfaces everything works fine.
<Ph1LZ> I guess there's something rewriting that 50-cloud-init.cfg on EC2 at startup
<sarnold> Ph1LZ: looks a bit like https://bugs.launchpad.net/cloud-init/+bug/1571004
<ubottu> Launchpad bug 1571004 in cloud-init "apply networking only on first instance boot" [Medium,In progress]
<Ph1LZ> hehe ... yup looks like it. Thanks!
<de-facto> !usn
<ubottu> Please see http://www.ubuntu.com/usn for information about recent Ubuntu security updates.
<de-facto> quite a lot of security fixes in the latest kernel update, just a heads up, spread the word :P
<lordievader> Good morning.
<guamaboy> So... does anyone know where i an find some free Netflix accounts
<andol> guamaboy: Or, you could just pay for a regular account??
<andol> guamaboy: Also, what made you think that #ubuntu-server was the right channel to ask in?
<guamaboy> im knew to th whole irc thing... i barely understand the concept of the topics
#ubuntu-server 2016-05-08
<mike-zal> just out of the blue ubuntu starter hang during boot while: a start job is running to raise network interfaces
<mike-zal> and it shows 5:07 time. after it takes so long, system boots but shows degraded state.
<mike-zal> few days ago system was bootjing just fine and I didn't do anything for many days and today there is this bug :(
<mike-zal> ah, I just recalled. in the last session when it was all fine, I upgraded system and then powered off and didn't boot until now. so I guess update did something.
<dasjoe> mike-zal: it's probably no longer using ethX names for network interfaces
<mike-zal> should I edit etc/network/interfaces then?
<mike-zal> dasjoe: ?
<dasjoe> If you want future reboots to be faster and your settings to actually apply, yes
<mike-zal> but it doesn't resolve the problem. I'm running server inside local wifi network and my address changed from 16 to 17 since last boot. maybe that's the reason?
<mike-zal> trying find out my currient eth name
<dasjoe> "ip a" will show device names
<mike-zal> ok, it shows enp0s3
<mike-zal> hmm... the same is in interfaces
<mike-zal> not sure what to do now
<eligiobz> Hi there, I'm running 14.04 with iReadMail (using nginx as my webserver) and there's people telneting on port 80 to probe other sites, how can I stop this?
<Sling> eligiobz: stop what exactly?
<Sling> if they don't provide a Host header they will land at the default vhost
<eligiobz> people telneting on port 80 to prove sites
<Sling> prove?
<eligiobz> probe*
<Sling> what do you mean with that?
<eligiobz> my logs report people using mod_proxy as follows
<eligiobz> Connection attempts using mod_proxy:   114.43.12.205 -> smtp.mail.yahoo.com:25: 5 Time(s)
<Sling> how did you configure mod_proxy?
<eligiobz> it's the default configuration provided by iRedMail. I had a look at it and is being used to redirect to other services
<eligiobz> proxy_set_header Host $http_host;
<eligiobz> proxy_set_header X-Real-IP $remote_addr;
<eligiobz> proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
<eligiobz> proxy_set_header X-Forwarded-Proto $scheme;
<wolflarson_> hello, dumb question. php is not working on my new 16.04 server. I have apache and php installed and http pages work just fine but php files are returned as text in the page source instead of running with php
<wolflarson_> is there something I need to do to apache to make this work again?
#ubuntu-server 2017-05-01
<Polarcraft> Has anyone else had issues with mysql-server on Ubuntu 16.04 where the socket isn't being created?
<roelof> someone who knows a answer to this problem : https://askubuntu.com/questions/910562/no-mail-log-when-sending-with-postfix-ubuntu-17-04
<roelof> nobody ?
<roelof> someone who can help me figure this out : https://askubuntu.com/questions/910562/no-mail-log-when-sending-with-postfix-ubuntu-17-04
<cpaelzer> jamespage: I saw you abandoned ticket 72 with the new OVS and so much more
<cpaelzer> jamespage: big issues or just test done and further uploads will be on a different path
<jamespage> cpaelzer: no issues; just needed todo a followup on most of those packages for a rebuild for sqlalchemy 1.1.x
<necrophcodr> Hi. Is there any fault-tolerant replicated reliable filesystem like GlusterFS and CephFS that works on Ubuntu 16.04 and Ubuntu 14.04 clients _and_ servers?
<Kyoku> how would I figure out which packages to remove to get an already running 16.04 server into a minimal package state?
<Kyoku> let me try a different question, if I run  apt-cache showpkg openssh-server and remove all the packages that are NOT listed, will my server still run?
<Seveas> Kyoku: try debfoster for more targeted pruning. Just removing everything that's not a dependency of openssh-server is not a good idea at all
<Kyoku> thanks seveas, I'm basically trying to create a sub 100MB footprint instance in EC2 which is proving to be a pain, the raw http://cloud-images.ubuntu.com/releases/xenial/release/ubuntu-16.04-server-cloudimg-amd64.tar.gz is around 1GB
<Kyoku> rcj can you point me to the tools / documentation you use to create http://cloud-images.ubuntu.com/releases/xenial/release/ubuntu-16.04-server-cloudimg-amd64.tar.gz please? i want to try to build a tiny image, like the mini iso but in EC2
<Seveas> Kyoku: that'll prove to be quite tricky. Kernel+initramfs is nearly 50mb already
<Seveas> s/nearly/over/
<Seveas> hurricane:~$ du -hc /boot/*-4.10.0-20* | tail -n1
<Seveas> 64M	total
<Seveas> that's kernel+initramfs+abi+System.map+efi
<nacc> Kyoku: is the a better why to that goal, then "because"?
<Kyoku> nacc yes, mainly because of a project requiring 500-1,000 instances per region so it's an extreme optimization to reduce all types of resource usage and costs, and improve speed of moving things around and firing them up etc.  so far i've got the footprint down to 764M with debfoster
<rcj> Kyoku: The basic Ubuntu cloud image is produced from https://launchpad.net/livecd-rootfs with the ubuntu-cpc target, but that is difficult to run outside of the launchpad-buildd (lp:launchpad-buildd) environment.
<Kyoku> after disabling all logging and auto updates that might actually be small enough - it's at /dev/xvda1      991M  764M  161M  83% / right now
<nacc> Kyoku: wouldn't containers be better than VMs for such a workload?
<rcj> And the image is build from the cloud-image seed http://bazaar.launchpad.net/~ubuntu-core-dev/ubuntu-seeds/ubuntu.zesty/view/head:/cloud-image (which is a minor addition above ubuntu-server http://bazaar.launchpad.net/~ubuntu-core-dev/ubuntu-seeds/ubuntu.zesty/view/head:/server
<Kyoku> nacc i'm not certain about containers, if they can be allocated dedicated ip's then maybe
<Kyoku> thanks rcj
<nacc> Kyoku: they definitely can
<Kyoku> do you know if lxd can handle dedicated ip's nacc?
<Kyoku> the external elastic kind
<nacc> Kyoku: https://github.com/lxc/lxd/issues/2083
<nacc> Kyoku: maybe?
<nacc> Kyoku: i'm not sure how/if it works in an ec2 sense
<C-Otto> hi
<C-Otto> i'm an administrator of a large FTP server, and we now also provide the ubuntu cloud images
<C-Otto> we managed to find an upstream rsync source, but lack a contact address or mailing list
<C-Otto> launchpad also does not offer a way to setup our mirror
<C-Otto> so, could you provide some admin contact?
<C-Otto> right now there's a permission error on the master server, which we're unable to communicate
<nacc> C-Otto: contact user for the cloud images?
<nacc> Odd_Bloke: --^ ?
<C-Otto> nacc: was that directed to me?
<ikonia> C-Otto: which server are you trying to sync from ?
<nacc> C-Otto: i was clarifying your question, yes, and I was pointing someone who could help if your answer is yes
<nacc> rcj: --^ as well, i think?
<C-Otto> nacc: cloud-images.ubuntu.com
<C-Otto> nacc: ok. then yes
<C-Otto> ikonia: sorry, that's for you: cloud-images.ubuntu.com
<nacc> C-Otto: ok
<ikonia> C-Otto: rsync ?
<C-Otto> ikonia: yes
<sarnold> heh I didn't know those did rsync. neat.
<ikonia> C-Otto: responds for me
<C-Otto> ikonia: yes, i know - it's a permission problem
<C-Otto> ikonia: besides, i'd like a contact address for future issues, too :)
<ikonia> C-Otto: what permissions problem, it's syncing fine for me
<C-Otto> ikonia: lost+found cannot be accessed
<ikonia> thats not a problem
<ikonia> lost and found shouldn't be synced
<C-Otto> ikonia: you don't have to read my error mails, so I don't think you can decide on that
<qman__> that's a filesystem recovery directory
<ikonia> you should have that in --exclude
<C-Otto> you should not expose that to the internet
<ikonia> C-Otto: I can decide on that
<ikonia> you should exclude it
<C-Otto> i'd rather not mirror projects that pose such work on me
<ikonia> then don't mirror it then
<C-Otto> but before we take a detour, i'm here for a contact address - could you provide it to me?
<ikonia> if you can't be bothered to type --exclude=lost+found - don't mirror it
<ikonia> C-Otto: I can't be bothered working with someone who poses such work on me
<C-Otto> ikonia: could you provide a contact address?
<nacc> C-Otto: i've pinged the folks that I think can help, they will respond when they can, i hope
<C-Otto> nacc: thank you
<ikonia> C-Otto: it's detailed in the wiki
<ikonia> C-Otto: I can't be bothered working with someone who asks me to read the wiki page for him
<C-Otto> ikonia: could you point me to that? my collegue was unable to find it
<ikonia> C-Otto: no
<C-Otto> hm.
<ikonia> C-Otto: in the same way you can't be bothered to type --exclude
<ikonia> I can't be bothered to type the url
<C-Otto> maybe anyone else reading this is in the mood to help?
<ikonia> you could read it yourself
<ikonia> that seems to be a key opion
<ikonia> option
<C-Otto> i don't even know what 'the wiki' is, i'm not an ubuntu user
<ikonia> you found the IRC channel
<ikonia> I'm pretty sure you could find the wiki
<C-Otto> ikonia: i feel that your energy could be invested in more helpful responses
<ikonia> C-Otto: I provide more helpful responses to people with helpful attitudes
<C-Otto> i'm quite helpful, i'd say
<sarnold> ikonia: I really don't think we have a wiki page about mirroring the cloud images. where is it?
<ikonia> sarnold: it's the overall mirror maintainers
<sarnold> ikonia: I don't think that's a safe assumption.
<ikonia> sarnold: it's a canonical contact detail for the ubuntu mirrors, I'd say that would get the ball moving pretty well
<rcj> C-Otto: Hi, I'll try to help you out.  I'm part of the team that produces the images which show up on cloud-images.u.c.  However, that web service is run by the same folks that run the Ubuntu archive mirrors.  That is to say, I can't keep lost+found from showing up, but the folks in #ubuntu-mirrors can.
<rcj> C-Otto: and I'll open a ticket internally to see about removing that entirely.
<C-Otto> thank you
<bindi> does @hourly in cron run exactly at 1:00, 2:00, etc?
<sarnold> it should, yes
<nacc> rcj: thanks!
#ubuntu-server 2017-05-02
<cpaelzer> good morning
<cpaelzer> rbasak: the revised edition of the squid tests will be added to squid4 by Amos
<cpaelzer> rbasak:for squid3 we have to device on next merge if we want to use them as they are now or if you want to move in the same shrinked version that will be in squid4 then
<cpaelzer> rbasak: we can talk later today about that
<lordievader> Good morning
<zioproto> hey there
<zioproto> we upgraded trusty to xenial and mitaka to newton
<zioproto> we are hitting a few 'ulimit' issues
<zioproto> is there any limit in /proc for the routing of the packets in the namespaces on the network nodes
<zioproto> ?
<help-im-stuck> hello
<help-im-stuck> i wrote lxc launch ubuntu:16.04 and it downloaded 2 things.. adapted-kangaroo and cunning-gelding.. what are these for? Can't find much on google about this..
<TafThorne> I think...
<TafThorne> Those are the randomy generated named the scripts generate for your two new containers.
<TafThorne> If you chose to name your container it would use that name instead.  If you do not specify a name it makes one up.  That is based on the whole 30 minutes of lxc related stuff I have typed in on one afternoon.
<help-im-stuck> :)
<help-im-stuck> Thanks for the info
<TafThorne> You are welcome.  I hope it is at least vaguely correct.
<help-im-stuck> but who does it download 2 containers when i asked for one?
<TafThorne> The US should start waking up soon.
<help-im-stuck> why*
<help-im-stuck> what timezone are you in?
<TafThorne> UK so currently BST which is... GMT+1 or UTC+1
<TafThorne> I am meant to be doing some testing using lxc for a bug that is probably fixed.  I downloaded a something, connected to the container, logged in and then something.
<help-im-stuck> so it's only one hour difference from where i am
<TafThorne> Dunno.  It is 13:0019
<TafThorne> for me
<help-im-stuck> it's 14:02 for me
<help-im-stuck> do i really need multicast on ubuntu server?
<help-im-stuck> ufw is blocking it anyway
<hateball> depends if you are serving stuff that you announce with multicast I guess
<hateball> like cups services or whatever
<help-im-stuck> my modem/router sends multicast requests to my ubuntu.. even tho upnp is disabled on the router xD
<hateball> did you reboot the router after doing so
<hateball> some routers only re-read configs on reboot, like crappy ISP ones :p
<help-im-stuck> yes, i rebooted it
<hateball> and you havent any smb shares going?
<help-im-stuck> the ufw log says src=modem ip dest = 224.0.0.1
<help-im-stuck> so it's my modem.. maybe i should give my isp a call
<maswan> well, upnp is not the only multicast out there, is there?
<maswan> I'm thinking of mdns etc
<hateball> yes, is why I asked if there were any smb shares or something in the router
<hateball> or if it shares a printer perhaps
<hateball> or maybe even media sharing
<help-im-stuck> no, it's a pretty simple config.. it just acts dhcp for my internal lan
<help-im-stuck> what is session c1 ?
<aaronr> cpaelzer: thanks for your help on that Nagios issue. added an SRU to the launchpad bug, if there's anything else I can do to help out with resolving that issue please let me know.
<cpaelzer> aaronr: thank you for your support
<cpaelzer> aaronr: the next thing to do is really create the updated packages
<cpaelzer> aaronr: the USBSD even we now de regularly is for people to learn doing so, otherwise this is down to waiting until priority made it happen by someone who already knows how
<cpaelzer> aaronr: that is the event I linked on the bug
<cpaelzer> whenever I see issue which would perfectly qualify for that even I kind of "offer" it more explcitly
<cpaelzer> after all we are a community, so I like teaching how things are done
<aaronr> i'm totally up for learning about that. :) I've done some packaging for PPAs before so I have a little experience, but I've not worked on any official packages, so not sure what differences there would be
<cpaelzer> not only for the sake of not doing them on my own :-)
<help-im-stuck> lxc exec <container> bash .. and I don't have to enter a root password.. not even when typing it as a regular user.. why?
<cpaelzer> aaronr: there are a few things which "shold be done" like on the versioning, on a proper changelog and so on
<cpaelzer> aaronr: but in general all of that is out there documented, yet as ducumentation is - it is useless if not guided through a bit
<ahasenack> help-im-stuck: because you are in the lxd group
<help-im-stuck> i see :o
<aaronr> yeah i remember that from reading docs before, although it's been a while. am i best off waiting until the next event and then tackling this during that?
<aaronr> happy to do so if that's best
<cpaelzer> aaronr: yeah if nobody else picked it until then that would be great
<cpaelzer> aaronr: but if you happen to prefer other timing than every other week on wednesdays let me know
<cpaelzer> aaronr: I do not insist on the timing, we jsut happen to try to keep these days free for it
<cpaelzer> aaronr: if no one shows up there is always plenty to fill the days, but vice versa if one is active and willing we could do on another day
<cpaelzer> aaronr: next event is on 10th May, and if you want to do on another day catch me here and give me a bit headroom to clean up other tasks
<aaronr> ah okay, in that case when I get some free time am I okay to just pop in here and ask for a little help? if so, I should be able to tackle it this week, or i can just book some time in for may 10th
<cpaelzer> aaronr: ok both work, you will find me here
<cpaelzer> aaronr: and if I'm not around nacc and rbasak are the others to catch for this
<aaronr> cpaelzer: okay great. i'll try and tackle it this week at some point then. I'll give one of you a shout once I get a bit of time to look at it
<aaronr> thanks again for all your help on this
<cpaelzer> nacc: I think I found a nice new importer case :-)
<cpaelzer> nacc: well I'm talking too early let me check the detauls first and then I'll file something for you
<rbasak> cpaelzer: well I want to know too :-)
<cpaelzer> just found the reasons I think
<cpaelzer> rbasak: nacc: https://packages.debian.org/search?suite=sid&searchon=names&keywords=exim4
<cpaelzer> The last version never migrated for Debian on "hurd-i386" it seems
<cpaelzer> that makes unstable/sid have 4.89-1 AND 4.89-2 for tools like rmadison and such
<cpaelzer> nacc: rbasak: it seems usd merge picks the first version for the tagging of new/debian
<cpaelzer> I'd think it should pick the last in that case
<cpaelzer> although it might differ case by case dependign what the reason is
<rbasak> The importer should be blind to build issues - it sees source only.
<cpaelzer> rbasak: nacc: oh I see it is not only the tagging, there isn't even a lpusip/import/4.89-2
<rbasak> And 4.89-2 is published in sid, so that's all it should care about.
<rbasak> Right
<rbasak> So either it hasn't imported 4.89-2 yet or there's some different issue with it.
<rbasak> Perhaps the empty directory bug?
<rbasak> Those should block imports now.
<rbasak> (until we've fixed it)
<rbasak> nacc will need to check the importer log to see why 4.89-2 isn't imported. Or we could try importing manually to see.
<cpaelzer> rbasak: he imported it a few days ago for me manually
<cpaelzer> rbasak: I'm checking what the dates of that upload are, but I think it was in his manual run
<rbasak> usd.source_information.SourceExtractionException: Empty directory/ies found in source package, which are not representable in git. Please report a bug at https://bugs.launchpad.net/usd-importer.
<rbasak> So that's the reason. The import would be buggy.
<cpaelzer> -2 is form 20th April and his re-upload was on 27th, so it should be there
<cpaelzer> oh I see
<cpaelzer> rbasak: you said that is "The empty dir bug" it didn't introduce himself to me :-)
<cpaelzer> that is bug 1687057 I assume?
<ubottu> bug 1687057 in usd-importer "git cannot represent empty directories by default" [Undecided,Confirmed] https://launchpad.net/bugs/1687057
<rbasak> Yes. I just updated the bug.
<cpaelzer> rbasak: lets talk about that later when we sync anyway
<rbasak> ack
<cpaelzer> rbasak: I can pick another package for now
<rcj> C-Otto: Just a follow-up on cloud-images.u.c.  lost+found has been removed
<jbicha> hi, does Ubuntu Server want to be the bug subscriber for LP: #1200296 ?
<ubottu> Launchpad bug 1200296 in ubuntu-meta (Ubuntu) "[MIR] spice-vdagent" [Wishlist,Confirmed] https://launchpad.net/bugs/1200296
<cpaelzer> nacc: for the first time used the "warp up all" usd merge finish, but I get missing debian/control.in
<cpaelzer> nacc: is that a known issue or should I file something so you can look deeper?
<rbasak> jbicha: I don't think ~ubuntu-server wants to be touching the spice stuff at all, but perhaps we have to because qemu :-/
<cpaelzer> I still don't "want" to touch it
<cpaelzer> :-)
<rbasak> I think it'll be between cpaelzer and dpb1 to decide :)
<cpaelzer> need to read on the history of those decisions first
<cpaelzer> and dpb1 likely is a bit busy atm
<cpaelzer> I'll keep the bug open to look at it
<cpaelzer> there are also more MIRs on accelerated 3d on virt, but that was new and then full of CVEs at first
<cpaelzer> so that didn't pass yet either
<cpaelzer> even Debian dropped it again after a few weeks
<ndee> hi there, when I do a df, I see following: /dev/md2        1.8T  1.7T     0 100% /
<ndee> df -i gives me /dev/md2       121561088 27353493 94207595   23% /
<ndee> how come the harddisk as 100GB free but I can't write any more data to it?
<nacc> ndee: what message do you get when you try to write?
<ndee> nacc: I deleted now some files and I can write again
<ndee> nacc: but how can the display in "df" be off for about 100GB?
<nacc> ndee: you haven't said any error messages or what you were trying to write
<nacc> ndee: so i don't know
<ndee> nacc: the message was: No space left on device
<ahasenack> ndee: does that filesystem has reserved space for the root user? By default, unless you changed that during mkfs, it will
<tomreyn> ndee: if it's an ext* file system: sudo dumpe2fs -h /dev/md0 | grep ^Reserved
<tomreyn> md1 rather in your case
<tomreyn> i mean md2
<ndee> tomreyn: umpe2fs 1.42.9 (4-Feb-2014)
<ndee> Reserved block count:     24311012
<ndee> Reserved GDT blocks:      908
<ndee> Reserved blocks uid:      0 (user root)
<ndee> Reserved blocks gid:      0 (group root)
<ahasenack> 24311012 * ${block_size}
<ahasenack> block_size is further down, remove the grep and use |less
<ndee> the block_size is 1kb
<ndee> ah no, 4096
<ndee> jup, that matches it around
<ndee> thanks!
<ahasenack> you can change that setting with tune2fs
<ahasenack> -m (percentage) or -r (actual count)
<teward> ahasenack: if you ahve any questions on the nginx triage guidelines up there, let me know - I know powersj, rbasak, and others had asked me how to handle certain triage cases so I put the special cases up :p
<teward> (since some of them are "Not Going To Happen" and we didn't want to step on any workflows I have in place heh)
<teward> (in case that wasn't clear during the meeting, I didn't want to steal the entire stage for too long :P)
<nacc> teward: you are quite the diva :)
<teward> nacc: i'm semi-attention-whorey if that's what you mean :P
<nacc> teward: lol
<teward> just glad I resolved the FTBFSes with the assist from Debian heh
<dougquaid> I have an ubuntu server without a gui, but I want to install a minimal version of the xubuntu desktop on it. What packages do I need for that?
<ahasenack> teward: oh, it's ok, I just wanted to know what the "template" for the mysql triage page would look like, that's all
<teward> ahasenack: i think the 'template' is slightly different
<teward> in that there's no real template.
<teward> but if the MySQL page uses the nginx page i wrote as a start point, that's cool :)
<ahasenack> I think that's the intention :)
<powersj> https://wiki.ubuntu.com/ServerTeam/mysql is our start
<teward> somehow my quick attempt with the NGINX page happened to make the template for mysql heh
<mason> dougquaid: apt install xubuntu-core or xubuntu-desktop at a guess
<__Yiota> ok, is anyone experiencing issues with services on 16.04?
<teward> __Yiota: 'services'?
<__Yiota> yes
<__Yiota> pgpool2, nginx, haproxy
<__Yiota> they fail to start sometimes
<teward> being more specific next time might help.
<nacc> __Yiota: and what 'issues'
<nacc> __Yiota: your statement is so vague as to be contentless
<teward> I haven't had issues with 'nginx', and 'fail to start' suggests you should be looking at error logs lol
<__Yiota> that's the thing, the error logs don't show anything
<__Yiota> pgpool2 logs, haproxy logs, all clean
<__Yiota> sudo service haproxy status shows it has started without errors
<__Yiota> I guess the issue is we built our cookbooks on 14.04
<teward> __Yiota: don't rely on that
<__Yiota> we upgraded without testing, pinning these issues down is hard
<teward> `sudo systemctl -l status [SERVICE]`
<__Yiota> is there a system.d log?
<__Yiota> thank you teward
<teward> get the actual useful data from there lol, stop relying on upstart stuff.
<teward> or dedicated service error log files (for example, /var/log/nginx/error.log heh)
<__Yiota> I see
<__Yiota> hi
<__Yiota> I created an ssh tunnel to my node's ip
<__Yiota> I pointed chrome to the SOCKS proxy on localhost
<__Yiota> everytime I create the SSH tunnel, no other computer except mine can access it
<__Yiota> I've closed the SSH tunnel and I can still access the node via DNS via load balancer
<__Yiota> and im also able to access it via the node's ip
<__Yiota> any ideas?
<RoyK> __Yiota: autossh?
<__Yiota> ssh -D 8080 -C -N me@node_ip
<RoyK> try autossh
<help-im-stuck> so.. i'm trying to create a lxc vpn and i've done so.. it's working but i don't know how to check for dns-leaks and such from the commandline.. any ideas?
<sarnold> help-im-stuck: there's a website listed in https://bugs.launchpad.net/ubuntu/+source/openvpn/+bug/1685391 that may be helpful; I've never tried it but someone else recentlypointed it out..
<ubottu> Launchpad bug 1624317 in systemd (Ubuntu) "duplicate for #1685391 systemd-resolved breaks VPN with split-horizon DNS" [High,Confirmed]
<help-im-stuck> so it's broken?
<sarnold> no idea
<help-im-stuck> i block my isp:s dns servers with ufw
<sarnold> be sure to block tcp too
<help-im-stuck> yes, both
<help-im-stuck> but in tcpdump, when i boot my lxc and it connects.. i can see that it talks to isp dns:es..
<help-im-stuck> but after that it's all ok
<help-im-stuck> maybe it should be like that..
<help-im-stuck> I would like to have a vpn+dnscrypt in one lxc.. that acts like a nat router and give other lxc:s ip:s..
<help-im-stuck> how about the -new- lxd and lxc.. no more config files to edit and everything should be done by lxc command ?
<help-im-stuck> lxc start .. etc
<help-im-stuck> are there any additional info about this new config system?
<ahasenack> help-im-stuck: https://linuxcontainers.org/lxd/introduction/ should be a starting point for everything lxd related
 * mason bookmarks that.
<help-im-stuck> been reading there all day :)
<powersj> This is also reading through if you are new to lxd 2.0 https://stgraber.org/2016/03/11/lxd-2-0-blog-post-series-012/
<powersj> worth reading*
<help-im-stuck> powersj, thanks
<ahasenack> help-im-stuck: lots of good blog posts there indeed
<Skittishtrigger> I am using ubuntu 16.04-server and am having issues with a vsftpd(secure) connection. Would it be ok to ask questions pertaining to that here or is there a btter spot?
<Skittishtrigger> ufw is NOT the issue btw.
<Skittishtrigger> Anyways https://gist.github.com/skittishtrigger/889dd213e7ab6eba93b573ca06760f7b is my current setup. Initial tests before securing went fine but after adding the chroot list connections started timing out (connected but timeout after 20sec)
<Skittishtrigger> nevermind. I apologize. I found a better channel for that. thank you thoguh.
<Dynamiiic>  hi, ive got 2 ubuntu servers (1 14.04 and 1 on 16.04) when i SSH into them the 14.04 serv has tab-autocompletion whilst 16.06 doenst, any experience with it?
<tarpman> Dynamiiic: apt install bash-completion
<Dynamiiic> apt list | grep auto-complete
<Dynamiiic> WARNING: apt does not have a stable CLI interface. Use with caution in scripts.
<Dynamiiic> auto-complete-el/xenial,now 1.3.1-2 all [installed]
<Dynamiiic> yet it wouldnt auto-complete parameters like apt-get (install) like 14.04 would
<Dynamiiic> it would only complete apt-get
<tarpman> Dynamiiic: auto-complete-el is completion for emacs. not for your shell.
<Dynamiiic>  apt-get install bash-completion
<Dynamiiic> bash-completion is already the newest version (1:2.1-4.2ubuntu1.1).
<tarpman> is your shell bash?
<Dynamiiic> oh wow.
<Dynamiiic> i simply connect thru ssh, the 14.04 server seems to start in bash whilst 16.06 doenst
<Dynamiiic> excuse me for the troubles
<tarpman> if you want to change your login shell to bash: chsh -s /bin/bash
<Dynamiiic> dont recall doing that on the 14.04 one tho, was that default back then?
<tarpman> it should be default on 16.04 as well. I can't say why your 16.04 server would be different
<tarpman> maybe some difference in how your user was created/configured. idk
<Dynamiiic> hmm, etc/passwd shows:
<Dynamiiic> $uname:x:1000:1000:,,,:/home/$uname:/bin/bash
<tarpman> ok. if you ssh in and do echo $SHELL - does that say /bin/bash?
<sarnold> or ls -l /proc/$$/exe ?
<tarpman> check your ~/.bashrc, the lines for enabling completion may be commented out
<tarpman> I've been porting my own .bashrc for so long I have no idea what the default looks like any more :)
<Dynamiiic> $uname@hostname:~$ echo $SHELL
<Dynamiiic> $uname@hostname:~$ ls -l /proc/$$/exe
<Dynamiiic> lrwxrwxrwx 1 $uname $uname 0 May  2 23:17 /proc/8581/exe -> /bin/bash
<Dynamiiic> $uname@hostname:~$
<Dynamiiic> oh, echo $SHELL returns /bin/bash
<Dynamiiic> well, on the 14.04 install its commented out but still works
<Dynamiiic> tried ucommenting on 16.06 but that didnt do the trick
<Dynamiiic> un*
<tarpman> takes effect after you either source ~/.bashrc or log out and in again
<tarpman> not sure whether the default /etc/bash.bashrc has completion uncommented or not
<Dynamiiic> default its uncommented i believe
<Dynamiiic> guess i didnt remember to source ~/.bashrc after editting
<Dynamiiic> fixed, thanks alot
<Dynamiiic> strange it wasnt on by default tho
<Dynamiiic> also, if running a small wordpress site on a low-memory server would you guys recommend nginx or apache?
<sarnold> whichever you understand better
<sarnold> I prefer nginx because it feels simpler in all respects
<Dynamiiic> i can setup both but looking for performance
<sarnold> then make it a high-memory server? :)
<sarnold> I suspect wordpress caching / database performance may matter more than which front end you're running
<Dynamiiic> haha, running it for a small company that belongs to a friend, he doenst want too much hosting costs/year so i suggested iÂ´d setup a server for him
<Dynamiiic> a 256MB serv should be sufficient for his traffic, but think nginx is better optimized
<sarnold> that would be my expectation too but I can't promise that it's based on anything scientific :)
<ppetraki> it's hard to go wrong with nginx
<vagvaf> hello people. I think have completely broken my php installation and need help. this is the error that i'm getting: https://pastebin.com/Y0w10T1s
<sarnold> vagvaf: eww. I think I'd aim for apt-get purge for all those php things and try to return to a clean slate quickly. Be sure to backup whatever -is- configured first if you've got anything configured..
<vagvaf> sarnold, i don't. let me try it
<patdk-lp> hmm, missing things
<patdk-lp> just phpmoddisable or whatever all the stuff
<patdk-lp> that should fix it up
<patdk-lp> well, fix fpm so it runs
<sarnold> oh? I figured it was unhappy at the apt level too
<patdk-lp> probably what is hanging it all up
<patdk-lp> it is, cause the install package for fpm isn't sucessful cause the restart of fpm fails
<patdk-lp> so making it start clean, will fix it up and it will fix up the other stuff
<patdk-lp> and likely have only one thing to fix afterwards
<patdk-lp> the big question I have, is why have mod-php and fpm installed at the same time
<patdk-lp> they are redundant
<patdk-lp> or maybe, disable fpm from systemd so it doesn't attempt to start it
<patdk-lp> but that doesn't always work out during package update time
<vagvaf> so, i purged php.* and reinstalled it. i get no errors anymore but my localhost/info.php returns a blank page
<patdk-lp> well, could do that too :)
<patdk-lp> now what did you install?
<patdk-lp> mod-php or php-fpm?
<patdk-lp> you can only use one or the other, or even php-cgi
<patdk-lp> you can have them all installed, but useless to attempt to use more than one
<vagvaf> php php-common php7.0 php7.0-cli php7.0-common php7.0-fpm php7.0-json php7.0-opcache php7.0-readline
<patdk-lp> ok, did you configure apache to use php-fpm?
<vagvaf> patdk-lp no..i will look for it
<patdk-lp> see if a php file is in /etc/apache2/mods-enabled too
<patdk-lp> one of those might have pulled in mod-php
<patdk-lp> not sure if php does or not
<patdk-lp> if you wouldn't have specified all those, but let it pull in dependencies itself, yo uwouldn't get into this whole mess so badly :)
<patdk-lp> but it being blank is odd
<vagvaf> i just installed php it drew everything else by itself ;)
<patdk-lp> unless php is working
<patdk-lp> what do you mean just installed?
<patdk-lp> apt-get install php7.0-fpm
<patdk-lp> that wouldn't pull in cli
<patdk-lp> you might need cli, but not websites
<vagvaf> apt-get install php
<patdk-lp> ya, that is too generic
<patdk-lp> you didn't tell it what php yo uwanted so it made a guess
<patdk-lp> cli/cgi/fpm/mod
<vagvaf> i don't see a php file in /etc/apache2/mods-enabled
<patdk-lp> ok
<patdk-lp> restart apache
<patdk-lp> then tell is what happens
<patdk-lp> looks like, apt-get install php, picks fpm/mod/cgi
<patdk-lp> likely fpm first
<patdk-lp> to help your sanity, if you just want it simple
<patdk-lp> apt-get remove php7.0-fpm; apt-get install libapache2-mod-php7.0
<vagvaf> aaah thanks :D
<patdk-lp> mod-php is much easier, but ends up using more memory normally
<patdk-lp> and you have to be careful what apache threading model you use
<patdk-lp> but it's *simple*
<patdk-lp> if you just want to leave most htings at default settings
<patdk-lp> fpm is great, but does require a lot of manual work, but is highly flexable :)
<vagvaf> still blank page
<patdk-lp> what does apache log say?
<patdk-lp> in /var/log/apache2/, likely access/other/error
<patdk-lp> or is this server public and I can test?
<vagvaf> no it's not public
<vagvaf> hold on
<vagvaf> this is the message: https://pastebin.com/1AW8y41H
<patdk-lp> nothing in the other files?
<vagvaf> hold on
<vagvaf> it worked!
<patdk-lp> could have been browser caching issue
<vagvaf> thanks a lot!!
<teward> since when do Xenial LXD images come with SSH password auth disabled by default
#ubuntu-server 2017-05-03
<help-im-stuck> them all does nowdays
<help-im-stuck> lxd.... been on it all day
<help-im-stuck> just want a vpn+dnscrypt-proxy that gives out ip's to other containers such as my torrent-lxc
<sarnold> doesn't each lxd container get their own network stack? i'm curious if 'gives out ips' is realistic or feasible
<help-im-stuck> they get their ip from the lxcbr0.. managed by dnsmasq.. wonder if a lxc could create a bridge on the host..
<help-im-stuck> it could work with static routing
<help-im-stuck> i'm so tired of my crappy hardware for my "server".. wish esxi har support for the nics.. or if i had money to buy a nic that is supported by esxi
<TLoFP> How well supported is ZFS in Ubuntu 17.04? I have to decide between Motherboard Raid 0 and a ZFS implementation; any suggestions?
<YankDownUnder> TLoFP, I made the mistake of ReiserFS a long time ago...I shan't do that again...
<YankDownUnder> TLoFP, If this is a VM situation - you can experiment..given the time and energy and ambition...
<TLoFP> YankDownUnder: unfortunatly I have no time :P
<YankDownUnder> TLoFP, THAT can be a problem.
<TLoFP> YankDownUnder: this is going to be an 2x4TB for a video system
<TLoFP> I will have two days to get the system operational, and that includes reinstalling the Hyper-V host
<TLoFP> so I am preparing the ubuntu VM ahead of time so that I will be ready to deploy once the host is operational
<TLoFP> unfortunaly that means I don't get to really play with the direct attach disks untill deployment though
<YankDownUnder> TLoFP, In considering 1.) Time frame 2.) Application 3.) Priority => I'd not "experiment" with ZFS...too many "unknowns" in the mix for comfort.
<TLoFP> YankDownUnder: thanks, thats kind of what I was trying to feel out with "how well is it supported"
<YankDownUnder> TLoFP, I'd also RE-THINK using 17.04 - since it is NOT an LTS release...
<YankDownUnder> I'd love to say that "problems MAY happen in upgrades/updates" - but nowadays I'd be more apt to say "problems WILL happen"...ergo, sticking to LTS releases...yadda yadda yadda.
<TLoFP> YankDownUnder: ture I hadn't thought about that
<TLoFP> I just read ubuntu systems are only supported for 9 months, LTS is 5 years... wow
<TLoFP> I though the regular relases had 2 year support, boy was I wrong
<YankDownUnder> TLoFP, "Plan the work, work the plan" - K.I.S.S. - saves YOU time and frustration/stress/anxiety.
<TLoFP> so 16.04 must be a little over a year old now, yes? and in about a year we will see 18.04 LTS at which point 16.04 will be 2 years old
<TLoFP> eventually I will have to upgrade.. so I am not sure that the fear of upgrading really makes sense
<TLoFP> plus it is a VM so making a backup and restoring is trivial, shoudl something go awray
<YankDownUnder> Yeah...something like that...I can wait for 18.04...ain't like it's a stress...and things just work...and if they don't work, there's enough resource that is DEPENDABLE to get it to work...know what I mean?
<TLoFP> Yea
<TLoFP> I think what I am most afraid of is me
<YankDownUnder> Putting off "upgrades" - like on a two year basis - ain't a bad thing. Gives one time to "work it all out" prior to an actual upgrade...
<TLoFP> in otherwords I "forget" to "maintain/update" 17.04 than in less then a year I am in a bad situation
<TLoFP> whereas 16.04 will continue to install security updates for almost half a decade without me having to do major/if any maintance
<YankDownUnder> Less work, less stress.
<TLoFP> YankDownUnder: either your old or you work in IT... wise words
<YankDownUnder> I started in 86, bro.
<TLoFP> i'll stick to 16.04 and upgrade to 18.04 if im in a good place when it comes out
<lyn||ian> I run development releases day to day on my laptop but still use LTS for servers
<YankDownUnder> TLoFP, In giving a solution that is "rock solid" to the client, you're only ensuring your own reputation for "doing the right thing" and being also dependable...
<TLoFP> lol, it's been a while I am afraid I hadn't even seen day light back then
<TLoFP> YankDownUnder: true. This is a high risk / high reward client too. Failure would be unacceptable. (read: the wife) hahah  :D
<YankDownUnder> Wife: Most important client. Do *NOT* fail client.
<TLoFP> Pretty much
<YankDownUnder> TLoFP, Women do NOT forget. Anything. Ever. Infinitely.
<TLoFP> true words
<TLoFP> that still leavs: crappy on-board raid 0 or ubuntu-software raid 0.
<YankDownUnder> Kinda been married a few times...AND some...ahem...yersh...MEANWHILE, back to the topic - the entire ideology about building ON and around an LTS release is safer in the long run, and you're warranted support. As well, since it's tried and true and tested, your "support" toward the client would be minimal (without hardware issues).
<TLoFP> unfortunatly I am not a pro, but I know enough that pro's typically look at motherboard raid controllers with distain. But that was years ago and typically had to do with higher raid systems that actually have to do parity calculations
<TLoFP> YankDownUnder: true
<TLoFP> YankDownUnder: i'll take that to heart and play with 17.04 on my desktop sandbox. I get to have both :D
<YankDownUnder> TLoFP, Software based RAID is easy to fix. Hardware based RAID - well, things can (and generally will) go "south"
<TLoFP> YankDownUnder: and performance of RAID 0? overhead?
<YankDownUnder> TLoFP, It's a server OS...YOU tweak the performance of the disk i/o...YOU tweak the server to do - well, whatever...and it's all tweak-able...hardware based RAID is, well, not very tweak-able...given the situation with the OS running in a VM and all that lovely jazz...hmm...
<TLoFP> YankDownUnder: I figured i might get away with less dedicated resources to this particular VM, thus freeing up more for others
<YankDownUnder> TLoFP, You're running a VM on a machine - and the VM is talking to external drives...what is this "host" machine doing aside from just hosting a VM?
<TLoFP> YankDownUnder: the host is being downgraded from 2012 R2 to Win10; it will host a Ubuntu-server install with minimal resources. Three 2012 R2 or 2016 Servers (Storage Server, Domain Controller, Radius Server) and a Ubuntu-Desktop VM
<TLoFP> YankDownUnder: to clarify the drives are internally connted SATA drives.
<YankDownUnder> I have an absolute dislike/loathing/deep seated hatred for ANYTHING MS based - server or otherwise. Sorry.
<TLoFP> YankDownUnder: I get that, and I don't blame you for it.
<YankDownUnder> I was around before MS destroyed the industry and turned it into a complete lie/scam/legal nightmare/lie/illusion/lie/scam/lie...
<TLoFP> I have tried to ditch MS many times but my professional career has always prevented me from doing that
<TLoFP> so at some point I decided to put on the waders and embrace the sh*t
<YankDownUnder> ...hence my move to Mac and linux...clients were told to either switch or be ditched. The ones that switched have all been very happy. The ones that were ditched - whinged about it - some came around eventually - the rest still try to "bait" me into fixing their crud.
<TLoFP> It's not possible in many cases. Allot of software runs only on WinSux
<YankDownUnder> "That which you allow - continues" - I'll take a higher ground. I will stay away from it and stay in the niche and in the background. MS already has planted the seeds for their own destruction. Long ago. I'll just sit in the background making use of OS's that have lived a longer life...hmm... :)
<TLoFP> YankDownUnder: nice play. Just in case you haven't heard, but apparenlty MS is embracing linux/open source now
<TLoFP> also btw. I am currently having this issue with my boss: how do you explain to people that open-source isn't evil?
<TLoFP> or even, what I take for granted, that open-source is NOT less secure than MS but in fact more secure due to its open-source nature
<TLoFP> idk... that both souded really stupid when I read it back
<TLoFP> but the really is I am dumbfounded when somebody tells me that they think MS is more secure "because it is a closed software and thus people don't know how to exploit it"
<YankDownUnder> F.O.S.S. newsletters and open document media presentations. Always good to offer information to the uninformed.
<TLoFP> like all exploits ever where discovered by reading the source code.... sigh
<YankDownUnder> Could show the documentation about "Section 7"...hmm...
<YankDownUnder> Either which, I digress.
<cpaelzer> good morning everybody
<lordievader> Good morning.
<Skittishtrigger> I could use the advice for 16.04-server.  No ufw or isp tables (All disabled/flushed, etc atm)  Installed a basic lamp(apache/info.php all work as expected. all defaults)then did basic vsftp server.  Functioned with basic setup locally and remotely(did the ssl/userlist/chroot_list setup) everything worked fine up until the chroot_list.  Removed/purged reinstalled, default config, no response/connection refused.
<Skittishtrigger> Ever ran into this on a simple vfstp setup or possible have a point in the direction I should be using??.
<Skittishtrigger> Maybe I am missing something for 16.04(14 was the last I was really active with servers at all)
<sarnold> Skittishtrigger: check netstat -tlnp output to see what state the socket is in
<sarnold> of course I took long enough to find your question that there's a chance it's already fallen out of the various TIME_WAIT states and is free to use again
<Skittishtrigger> (lol) ya, that was the first think I tried. everything was listening where it should be at the time(in the middle of purging it all again. lol)
<Skittishtrigger> I am probably missing something obvious since I am so tired.
<sarnold> do you -need- an ftp server? it's a terrible protocol..
<Skittishtrigger> it is, and I set up ftp then do sftp
<Skittishtrigger> I might have to just go with something like elfnider
<Skittishtrigger> eflnider/slfidner
<Skittishtrigger> screwit. close enough
<cpaelzer> rbasak: I also mass submit remaining Delta this morning even though hope is low to be taken given what happened last time
<cpaelzer> rbasak: I'd guess if we really want that Delta in I'd need to adopt ntp in Debian
<cpaelzer> a step I considered but not yet want to take
<cpaelzer> we will see how things work with this round of changes
<cpaelzer> you also remember the long set of potential-delta we submitted last year
<cpaelzer> that isn't in either
<cpaelzer> skip the last sentence
<cpaelzer> but it is not accepted
<cpaelzer> the only thing that was accepted is accepted wrong (bug closed no change done)
<cpaelzer> I already reopened
<TafThorne> I am trying to setup a telnet server on an Ubuntu test machine (I need it because I am writing a noddy Telnet client on an eCos platform and want a server to test against).  I have tried following a few instructions about installing xinetd and telnetd and editing the /etc/init.d/xinetd files but I don't think the server is accepting traffic.  Any time I try to connect in I get a connection refused.  Can anyone suggest what I am missing?
<tomreyn> TafThorne: the servers (both inetd and telnetd) will be logging, check their log files.
<tomreyn> start with /var/log/syslog
<tomreyn> TafThorne: also, are you aware that you can run ssh clients on eCos? there are multiple implementations.
<tomreyn> my understanding is that even in RTOS people are starting to move away from insecure protocols wherever possible.
<TafThorne> tomreyn: I am working on a _very_ old version of eCos with a few layers of a 3rd partie's code and then my code on a resource constrained platform.
<tomreyn> okay, i just felt the need to point it out in case you have other options.
<TafThorne> tomreyn: I cannot add new utilities to the eCos system.  Only write my own little bif of applicaiton code to run on the side.  These coms should all stay inside the metal case of the unit so security on the channel is not that critical. Thanks for checking though.
<TafThorne> tomreyn: all static linking and using 3rd party closed code too.  Else I would be looking at getting someone else's anything client installed.
<tomreyn> :-/ hope you can finish that task soon. ;)
<TafThorne> We really, really, really want to move on to a more modern Linux Kernel.
<tomreyn> here are some hints on making inetd log more: http://ubuntuguide.net/install-and-enable-telnet-server-in-ubuntu-linux
<tomreyn> any luck with the logs?
<TafThorne> Anyway back to telnet.  In the syslog I can see http://pastebin.ubuntu.com/24504511/
<TafThorne> And further down I have noticed that freshclam is still moaning "freshclam[1036]: WARNING: getpatch: Can't download daily-21693.cdiff from db.local.clamav.net" becasue once appon a time I used apt-cacherng and it seems to think its a full http mirror proxy even after it is disabled >_<
<tomreyn> can you also share the configuration file(s) you modified?
<TafThorne> Sure
<tomreyn> "missing service keyword [file=/etc/xinetd.d/telnet] [line=1]" sounds like an issue
<TafThorne> That bit did look a bit iffy to me too http://pastebin.ubuntu.com/24504515/
<tomreyn> i'm not sure about initd configuration really, haven't used it for ages, but i guess this line is wrong, or misplaced: telnet stream tcp nowait telnetd /usr/sbin/tcpd /usr/sbin/in.telnetd
<tomreyn> also uncomment the log_type statement so you actualyl get logs
<tomreyn> so the "telnet stream tcp nowait telnetd /usr/sbin/tcpd /usr/sbin/in.telnetd" line should probably go into /etc/inetd.conf (no 'x' there!)
<tomreyn> (so not into /etc/xinetd.d/telnet where you have it now)
<tomreyn> As a result, /etc/xinetd.d/telnet will start with a 'service' line, which it must.
<tomreyn> (comments as indicated by a # character are ok)
<tomreyn> does this help?
<TafThorne> OK I shall try out those suggestions.  I will be AFK for a couple of minutes while I run out to the sandwidch van.
<TafThorne> It does all sound helpful.  Thank you.
<Haris> hello all
<tomreyn> good luck. i may or may not be around when you return
<tomreyn> hi Haris
<Haris> directoryindex is not working on 14.04 lts apache 2.4.7, even after explicit mention in vhost config
<Haris> I have a laravel framework in a vhost, where I'm redirecting / to /public via index.html. that index.html is not being found. apache is returning me an empty page for /
<Haris> on the vhost
<Haris> ..laravel framework install+. ...
<Haris> most likely directoryindex function is not working. I'v verified, the dir mod is loaded, so it should be working out of the box
<TafThorne> tomreyn: I am back.  I shall give your suggestions a spin.
<tomreyn> chances are you have conflicting or overriding configurations?
<tomreyn> Haris: ^
<tomreyn> https://httpd.apache.org/docs/2.4/mod/mod_dir.html#directoryindex is the documentation
<Haris> I agree. that may be the case
<tomreyn> Haris: maybe you have a .htaccess file with an Options statement aroudn somewhere?
<Haris> hmm
<Haris> not on / path
<Haris> in /public yes
<tomreyn> temporarily disabling .htaccess files via https://httpd.apache.org/docs/2.4/mod/core.html#allowoverride may help identify this
<Haris> Options -MultiViews <---
<Haris> in /public/.htaccess
<Haris> pasting vhost config
<tomreyn> that might help
<tomreyn> "Options -MultiViews" is not an issue in this context
<Haris> https://pastebin.ca/3806640
<Haris> this is my vhost config file
<Haris> most other than this is out of the box
<TafThorne> hmm... got a little further, syslog had complaints about the only_from and access_times lines so I dropped those.  No errors now but no telnet either.
<tomreyn> can you post your updated configurations?
<Haris> which updated ones
<tomreyn> this was to TafThorne
<TafThorne> Sorry, I am confusing things.  I will do so.
<Haris> DirectoryIndex explicit mention also doesn't help in making it work
<tomreyn> Haris: i can't access the pastebin:
<tomreyn> orry, an error has occurred. Reason: That is an invalid ID, or the post has expired.
<Haris> https://pastebin.ca/raw/3806640 ?
<tomreyn> this one works, interesting
<Haris> https://pastebin.com/zz9QKz0P
<Ben64> need more conf
<Haris> which part ?
<Ben64> /etc/apache2/apache2.conf probably
<Haris> that's the default one. no chagnes from my end in it
<Haris> changes+
<Ben64> oh well
<Ben64> i tried
<Haris> I was surprised not have found directoryindex on it
<Haris> on=it
<Haris> on=in
<TafThorne> tomreyn: here is my updated set of configs http://pastebin.ubuntu.com/24504607/
<tomreyn> Haris: and there's nothing in /var/log/apache2/devwebapp-error_log and /var/log/apache2/devwebapp-access_log ?
<Haris> nope
<Ben64> its a conf problem
<Haris> that's also surprising
<Haris> it should at least say / was accessed
<Haris> apachectl -t says OK
<Haris> apachectl -S also says ok
<Haris> AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1. Set the 'ServerName' directive globally to suppress this message <--- just this msg. but this is inconsequential
<Haris> but this won't detect conflicts
<tomreyn> TafThorne: /etc/init.d/telnet is not /etc/inetd.conf
<Haris> apache is not even logging when I access /index.html or / specifically
<tomreyn> Haris: unless you have much traffic on this server, run tail -f across all apache log file and use it to find out which vhost your requests are hitting
<Haris> already doing that
<Haris> =)
<tomreyn> your requests seem to end up on a different vhost or the default vhost
<Haris> the index.html file only 3 lines of html code, for redirecting to /public
<Haris> hmm
<tomreyn> i'm suggesting that this file is never read or returned
<tomreyn> because your requests hit a different vhost
<TafThorne>  tomreyn: moved the file.
<tomreyn> (but it's really just a guess)
<Haris> its like links has cached the pages
<Haris> :@
<tomreyn> Haris: use curl or wget -O- to debug this
<tomreyn> TafThorne: any change?
<Haris> wget is getting the 3 liner html code i.e., <script> window.location = 'public'; </script>
<tomreyn> Haris:  "curl -I <url>" that is
<Haris> perhaps its the links text browser which is not yet capable of going through html redirects ?
<tomreyn> okay so your index.html IS returned
<Haris> yep
<Haris> links is just not parsing it correctly
<Haris> or not giving the "user friendly" parsing
<Ben64> still a conf problem
<tomreyn> http redicrections with javascript are ugly, why do you do this?
<Haris> I just have the <script> 3 liner snippet in index.html
<TafThorne> tomreyn: I thought not based on netstat but I just tried to run telnet from PuTTY and it is working!  Thank you for all your assistance.
<Ben64> yeah, should be a 301 or something though
<Haris> there's no 3xx in log :@
<tomreyn> TafThorne: a pleasure ;)
<Haris> just a 200 for / or /index.html
<Ben64> no i mean do that instead of that silly redirect
<Haris> at most
<tomreyn> right, use a Redirect statement
<TafThorne> tomreyn: I'll go try setting some IP range limits and things now.  Not the end of the world as I am behind a corporate firewall and I mostly trust my work colleges.
<tomreyn> TafThorne: trusting your co,legues helps with the work athmosphere ... and breaks stuff. ;)
<TafThorne> tomreyn: sounds about right
<cpaelzer> rbasak: are you SRU duty anyway today?
<cpaelzer> rbasak: and even if not might I ask for a share of this hat of yours :-)
<cpaelzer> I just realized I might better continue to ask in ubuntu-release so that others can pick if they want as well
<rbasak> Sure
<cpaelzer> jamespage: is there an even more minimal version of getting openstack to control my system than e.g. the conjure-up openstack?
<cpaelzer> jamespage: all I'd need is a setup good enough to verify bug 1643911 - it seems with openstack out it just works :-/
<ubottu> bug 1643911 in OpenStack Compute (nova) "libvirt randomly crashes on xenial nodes with "*** Error in `/usr/sbin/libvirtd': malloc(): memory corruption:"" [Medium,Confirmed] https://launchpad.net/bugs/1643911
<yossarianuk> hi - how can I use EFI using mdraid (software raid)
<yossarianuk> i.e I cannot use swraid for /boot/efi can i ?
<nacc> yossarianuk: swraid for /boot/efi makes no sense, afaict
<compdoc> you would hope mdadm would also clone the the boot sections
<yossarianuk> nacc: so how do I use mdraid with EFI ?
<yossarianuk> or is it best to go back to legacy  and use biosboot partition to still use GPT ?
<yossarianuk> i.e the EFI partition would need to be on every disk (in case the primary disk fails)
<yossarianuk> i.e how should I deal with mirroring the EFI partition on other disks if not using RAID?
<nacc> yossarianuk: i'm not sure
<nacc> yossarianuk: i would be amazed if your bios can understand a raid'd efi partition
<nacc> yossarianuk: unless youmean you are just mirroring all your disks
<nacc> yossarianuk: efi requires efi system partition is fat32 as recongized by bios
<nacc> yossarianuk: i think you'd basically need to partition the disks similarly
<nacc> yossarianuk: and then dd sda1 to sdb1 etc
<nacc> yossarianuk: and raid the non-/boot/efi dirs
<nacc> yossarianuk: *partitions
<nacc> yossarianuk: and then you'd need multiple efi menus
<nacc> yossarianuk: e.g., https://www.centos.org/forums/viewtopic.php?t=46952
<yossarianuk> nacc: by multiple efi menus - do you mean i.e 1. ubuntu - sda 2. ubuntu -sdb , etc
<yossarianuk> ok cheers
<yossarianuk> i guess its just a extra step when changing disks, etc
<nacc> yossarianuk: i think there is, e.g. efibootmgr
<yossarianuk> I may just go back to legacy and use biosboot (to use GPT with legacy)..
<nacc> yossarianuk: so you basically have to tell efi, there is another efi boot menu on this partition
<nacc> yossarianuk: and yeah, it'd be a distinct step on adding/replacing each disk in the RAID
<yossarianuk> thanks for your help
<nacc> yossarianuk: np
<tomreyn> interesting discussion, i don't see how using BIOS + biosboot is an improvement over UEFI + ESP when it comes to data security though?
<tomreyn> i'd say you depend on a single disk / partition / file system and have no RIAD option in either configuration
<tomreyn> yossarianuk: am i wrong?
<tomreyn> * RAID
<yossarianuk> tomreyn: you are right I believe
<yossarianuk> however you can install a bios boot  partiton on every drive, and gruib-install ... should pick it up I think..
<yossarianuk> I've chosen to try and use UEFI..
<yossarianuk> as soon enough therer will be no legacy option
<tomreyn> i guess what we'd need would be a patch to the shim package to add a script which allows for cloning the ESP to a list of given devices upon updates.
<yossarianuk> I used to use mdraid all the time, however when I did no one was really using UEFI..
<yossarianuk> tomreyn: that would be really useful.
<tomreyn> just, i odnt feel qualified to develop it ;)
<tomreyn> + time + money yaddayaddayadda
<tomreyn> with the bios boot partition i think you'd have the same issue - update grub would only update one of them by default, unless you run it manually and specify the secondary target
<yossarianuk> i thought you did (with bios boot)  -  grub-install /dev/sda /dev/sdb , etc
<tomreyn> this said, i did a uefi firmware upgrade over the network from within the uefi shell the other day for the first time, and i find a proprietary firmware having this capability very scary.
<tomreyn> yes, you instruct grub to be installed to the given device this way. but when grub packages update, how does the updated boot block get written to all biosboot disks?
<tomreyn> (IIRC it does not get written there automatically at all, you'll need to re-run the comand manually)
<yossarianuk> its the first time not using HWRAID in a while for me...
<yossarianuk> just can't face using legacy - seems like a defeat..
<teward> Greetings to you all.
<drab> hi, I'm trying to figure out how I'm supposed to do remote backups/snapshosts with zfs without creating a huge sec hole
<drab> when I used to use things like backupninja the destination would be a directory owned by a backup user so even if they got in through that ssh key they wouldn't get access to the whole system (altho they'd have access to the backups, but that's unavoidable)
<drab> with zfs you need sudo to run it, so even if I created another user and allowed it to take snapts etc, being able to run zfs on the system would mean access to the whole system (assuming root on zfs)
<drab> with just a data partition and no root on zfs I guess I could add a backup user to sudoers to only use zfs and that's the best I've managed to get so far
<drab> any other idea?
<drab> another option I guess would be to stream to files into a spool dir on the remote machine and then have another cron to zfs receive and delete the snaps
<blizzow> I have a wad of servers running 16.04.2 with intel x504-t2 10GBe network cards plugged into netgear 10GBe switches.  I am going to set the MTU to 9000 on the NIC interfaces and on the switches. Anyone here know what other tunables I should be setting and what they should be set to?
<cncr04s> all devices on the 10g switches should be set to 9000 then
<cncr04s> if you talk to internets from there, it will have to fragment the packets then, which is not ideal.
<blizzow> I have a pfSense firewall cluster talking to the internets.
<blizzow> No other kernel tunables I should be setting?
<blizzow> What about VMs running on those ubuntu based servers?  They're running bridged interfaces.
<cncr04s> set the mtu to 9000 on those too
<cncr04s> mtu is just the mtu, comms are done by ip protocols and work with the mtu size
<meena> Hello happy people o/~
<meena> I'm debugging an issue where a freshly provisioned VM doesn't show any signs of PV / VG / LV
<ikonia> ok ?
<meena> This is Ubuntu 16.04.2, we setup pv on our second disk, create vg01, and two lvs
<ikonia> so what have you done to debug this ?
<meena> now, the funny part is, i can
<meena> o_O i honestly don't know what's going on any more.
<ikonia> so what have you done to debug this ?
<meena> ikonia: usually, before i join an irc channel to ask a question i have collected all the facts, command outputs, links to bugs, etcâ¦
<ikonia> so what have you done to debug this ?
<meena> however, in this particular case, nothing matches up, i think i'll have to restart gathering facts.
<meena> (is ikonia a bot?)
<ikonia> no
<ikonia> I'm asking what you have actually done to debug this
<C-Otto> ikonia: enjoy life
<meena> aah, cool. i'm destroying my work in a loop.
<meena> *that* does dfinitely explain why it's non-deterministic.
<rfleming> Greetings.  Can anyone recommend a fast, lightweight, secure DNS server?
<blizzow> djbdns?
<blizzow> bind?
<meena> rfleming: for which purpose?
<drab> rfleming: authoritative or recursive?
<mybalzitch> imperial or metric
<drab> wait, there's something else besides the metric system?
<meena> in two countries, yes.
<rfleming> Authoritative
<rfleming> Internet
<rfleming> Sorry... got distracted in #ubuntu-offtopic
<rfleming> I've been toying with djbdns, but it's not real 'friendly'
<rfleming> :)
<drab> rfleming: for prod/heavy loads or local stuff?
<rfleming> internet facing for a domain
<rfleming> I don't think it'll get hit too hard
<drab> prvoided that if you ask 10 ppl you'll probably get 10 different answers and maybe even some good reasons, for me it boils down to:
<drab> maradns for simple things, bind for simple-to-grow-or-large
<drab> and if you need any fancier backends, pdns
<drab> (powerdns)
<rfleming> there will be several domain names served, but most of them will have a CNAME pointing to the primary domain
<drab> djb ime is just a pita, I don't see the value added to justify the headaches
<rfleming> and the primary domain only has <10 A records and <5 CNAME records...
<rfleming> throw in MX, TXT for _dmarc, _domainkey and spf... and the odd-man-out SRV record.
<rfleming> do any support replication?
<drab> rfleming: pdns and bind do, I don't think maradns does
<rfleming> OK.  Thanks for you input.
<rfleming> I'll poke around some of those.
<drab> rfleming: in case you haven't seen it, it's reasonably good comparison chart: https://en.wikipedia.org/wiki/Comparison_of_DNS_server_software#Feature_matrix
<rfleming> now THAT is something I haven't seen.
<rfleming> Thanks for that
<blizzow> BIND has everything.
<rfleming> blizzow: including the kitchen sink
<rfleming> Correct me if I'm wrong... Split-horizon is the ability for the DNS server to offer up different data depending upon where the call originates?
<blizzow> correct
<rfleming> ok, cool.  That's handy
<rfleming> I guess I'm going to use BIND :)
<blizzow> I found learning and managing it to be painful, but I've never used the webmin module. Once learned and set up, it was pretty damn reliable. Especially after using source code management to store the BIND configs. We did end up using djbdns to do some reverse lookup caching and blacklist lookup because that was just really, really fast.
<blizzow> and small.
#ubuntu-server 2017-05-04
<CodeMouse92__> Anyone using OpenDKIM, I just wrote a script for my server that automates most of the key rotation process: https://github.com/CodeMouse92/dkim_manage
<CodeMouse92__> Feedback welcome, of course
<sarnold> CodeMouse92__: I recommend changing from mkdir -p $TEMP to using mktemp -d to create a random directory for your script to work in; otherwise you run the risk of other users on the system being able to read the keys or otherwise manipulate the script in unexpected ways; this can sometimes be leveraged to arbitrary code execution
<CodeMouse92__> sarnold: While I see your point, note that $TEMP is used in multiple places
<CodeMouse92__> How can I load that into the variable for reuse *across executions*?
<sarnold> CodeMouse92__: it's not cleaned up once you're done? hrm. then maybe a /var/somethingorotherdkim would make more sense?
<CodeMouse92__> sarnold: Makes sense. I'll change the default value in the script. Else, you're welcome to pull-request if you want credit
<sarnold> CodeMouse92__: no need, thanks :)
<sarnold> (or more accurately, no time.. sigh :)
<CodeMouse92__> Heh
<CodeMouse92__> Okay, well, I'll switch that now.
<patdk-lap> I don't really get the point of the script
<patdk-lap> the key needs to be published into dns before you start using it
<sarnold> CodeMouse92__: ^^
<CodeMouse92__> patdk-lap: There are a lot of other things that need to be done as well.
<CodeMouse92__> And parsing out the DNS text record is anything but foolproof
<patdk-lap> hmm, not that I am aware of
<patdk-lap> I just make a new key, push it to dns
<patdk-lap> then a week later update my mailserver to use it
<patdk-lap> been that way for hmm, a decade?
<CodeMouse92__> Maybe you're using a different platform. At least for me, on Linode, I have to generate the key, update the DNS record, wait for it to propegate, test the key, and then move the key into place and update key.table
<patdk-lap> I do the same for my dane/tlsa certs
<patdk-lap> not sure what linode has to do with it
<patdk-lap> do they give you servers that don't operate like normal servers?
<CodeMouse92__> Uhm, no. Seriously, you must have some really unusually advanced technology that all the docs don't know about
<CodeMouse92__> because I've talked to at least four people today who work with this, and they all have to do the same stuff I do
<patdk-lap> nope, it's pretty simple, and just takes a simple script like you have
<patdk-lap> run script weekly
<patdk-lap> generate new key, publish key using nsupdate
<CodeMouse92__> Okay, we're not on the same page then. You don't update this cert weekly
<patdk-lap> check if old key exists, move old key to production
<CodeMouse92__> Yeah...you must be working with something else.
<patdk-lap> why not?
<CodeMouse92__> Read the docs
<patdk-lap> dkim should be rotated often
<patdk-lap> just like certificates
<CodeMouse92__> Not *weekly*
<CodeMouse92__> Shoot, not even Google does it weekly
<patdk-lap> heh? why not?
<patdk-lap> google NEVER rotated theirs
<CodeMouse92__> It's designed to be a monthly thing.
<patdk-lap> and used 512bits
<CodeMouse92__> Anyway, whatever, we're not going anywhere.
<patdk-lap> that is why we got into the whole dkim key length issue
<CodeMouse92__> Glad you've got this all figured out, tell the world, I'm out of this convo now.
<patdk-lap> it's designed to be however you want it to be :)
<patdk-lap> they recommend *atleast*
<patdk-lap> you can always do it more often
 * CodeMouse92__ shrugs
<CodeMouse92__> Ohhhhh, I think I know what's going on.
<CodeMouse92__> Somehow you've configured this so you never actually update OpenDKIM's configuration files.
<patdk-lap> since google is the one the screwed dkim in the first place with never rotating their 512bit key, and getting it compromised, I wouldn't point at them for how to do things right
<CodeMouse92__> nsupdate is only for pushing to the DNS, but my script handles the *other stuff
<patdk-lap> updating config files is risky
<patdk-lap> why do you need to update the config file?
 * CodeMouse92__ sighs deeply
<CodeMouse92__> RTD, have a nice day.
<patdk-lap> ok
<patdk-lap> guess I will never know
<sarnold> i'm so glad I don't manage an email server
<patdk-lap> I still don't get why updating your rsa key weekly is a bad idea
<sarnold> automation is king
<sarnold> you test your script every week :)
<patdk-lap> it's so much easier for me to script it weekly than monthly
<sarnold> that sounds like a good way to catch errors
<patdk-lap> and costs me nothing
<patdk-lap> if I did monthly
<patdk-lap> a new key would be pushed to dns to warm up a month ahead of usage
<patdk-lap> then a month of usage, and a month of retirement
<patdk-lap> weekly, it only has to stick around for 3 weeks
<sarnold> patdk-lap: oh you know, maybe he uses a one-minute ttl or something, so he's not worried about hitting dkim fails?
<patdk-lap> that wouldn't be an issue even if it was an hour
<patdk-lap> the issue would be if your using dnssec
<patdk-lap> and dns replication delays
<sarnold> patdk-lap: hrm. I never think of dns propogation as being 'delayed' so much as free to hand out stale data until the ttl expires.. what am I missing?
<lordievader> Good morning
<patdk-lap> sarnold, dnssec signatures, the rr records are out of sync, causing the verification to fail
<patdk-lap> without dnssec, it's just the non-existing entry ttl you really have to worry about, besides your name servers all getting in sync
<rbasak> nacc: Skuggen says he'd like https://bugs.launchpad.net/ubuntu/+source/ruby-riddle/+bug/1686859/comments/7 sponsored. It's in my todo unless you get to it first.
<ubottu> Launchpad bug 1686859 in ruby-riddle (Ubuntu) "ruby-riddle tests start mysql server with unknown option --force" [Undecided,New]
<nacc> rbasak: ack i'll do it next then
<nacc> rbasak: so you cn remove from your todo :)
<rbasak> Thanks :)
<nacc> rbasak: thank you!
<nacc> rbasak: i'm doing another transition (well, ready to upload, just testing it now) for dlm -> dlm_controld (dropping delta in 3 srcpkgs). Once I test those and these three php packages, i'm pivoting back to the importer and the namespaces
<rbasak> ack
<rbasak> nacc, cpaelzer_: https://wiki.ubuntu.com/UbuntuDevelopment/Merging/GitWorkflow step "git rebase -i old/debian" - any reason for the -i?
<rbasak> Sorry
<rbasak> I mean "git rebase -i new/debian"
<rbasak> Step 3.1
<nacc> rbasak: no, i suppose not
<nacc> rbasak: it will fail or succeed regardless and it's always just p's
<rbasak> Yeah. OK, I'll edit.
<nacc> and on fail, regular rebase will drop you to the shell to fixup
<nacc> rbasak: it so happens that in my case, i do use -i, because i know i want to drop some things )
<nacc> :)
<rbasak> nacc: also, I'm not sure the "git status --ignored" and "git commit --allow-empty" make sense. If a commit already applies exactly, git will just drop and and you won't know.
<nacc> rbasak: sorry in which context
<rbasak> nacc: git rebase new/debian
<rbasak> of the logical.
<nacc> rbasak: git-rebase stops you
<nacc> rbasak: iirc?
<rbasak> I didn't think it did. I could be wrong.
<nacc> rbasak: i'm pretty sure it stopped me :)
<nacc> rbasak: but i'd need to test it again to check
<nacc> rbasak: if you tell git-rebase to p something over
<nacc> and it cleanly no longer applies, then it will stop and tell you that you have a now-empty commit
<nacc> that is the distinction between something becoming empty vs. picking an empty commit
<compdoc> isnt a bbcmicrocomputer the Sinclair?
<RoyK> ubunt on a 6205 would be rather hard
<azeem> hey, I'm running Postgres on Pacemaker with trusty (14.04) and noticed that the resource-agents package does not seem to support the pacemaker version (1.1.10), is there some chance to get patches applied for that package?
<nacc> azeem: what specifically happens?
<nacc> azeem: but yes, patches can be applied, file a bug
<nacc> !bug | azeem
<ubottu> azeem: If you find a bug in Ubuntu or any of its derivatives, please report it using the command Â« ubuntu-bug <package> Â» - See https://help.ubuntu.com/community/ReportingBugs for other ways to report bugs.
<azeem> nacc: it's not super bad, but the pgsql agent does not set the master-score for standbys and standbys think there is no master in some corner-cases
<azeem> I'll file a bug
<nacc> azeem: yeah, that's probably the correct first choice
<nacc> azeem: is the bug fixed upstream / later versions of ubuntu?
<azeem> yeah
<azeem> but just backporting resource-agents won't work I think cause newer versions might also need a newer pacemaker
<nacc> azeem: yes, it won't be a backport of a newer version
<nacc> azeem: but the fix must already exist to sru it to older releases
<nacc> !sru | azeem
<ubottu> azeem: Stable Release Update information is at http://wiki.ubuntu.com/StableReleaseUpdates
<azeem> ok thanks
<beisner_> thedac, thanks;  celebrating a fixed false pass looks odd, but \o/ "Finished: FAILURE"
<thedac> cool
<beisner_> o/ thedac channels are hard sometimes.
<thedac> :)
<tomreyn> hmm, i have a trusty system where the unattended-upgrades package is installed. i just learnt that it stopped running updated roughly half a year ago. i cannot say why. /var/lib/apt/periodic/ was empty (no time stamp file), the configuration file is http://paste.ubuntu.com/24513841/
<sarnold> tomreyn: eww
<sarnold> tomreyn: does the mailx root thing work?
<hallyn> scary
<sarnold> tomreyn: does the mailx root thing work?
<tomreyn> sarnold: i actually modified the 'Unattended-Upgrade::MailOnlyOnError "false";' line just now. it was saying "true" before
<tomreyn> and the system was not rtrying to send mail
<tomreyn> i assume that's what you mean by 'the mailx root thing'?
<sarnold> tomreyn: just the comment near the 'root' line says it it expects mailx address to work
<sarnold> tomreyn: so I thought it would be worth testing if 'mailx root' actually works
<tomreyn> yes mailx is available and in the path
<tomreyn> yes works
<sarnold> okay
<sarnold> good, but that was my only idea
<sarnold> heh
<tomreyn> thanks
<tomreyn> this isn't the first system i have seen unattended-upgrade behave unreliably on, so i'm a little worried about it.
<tomreyn> but it may be PEBKAC, you never know
<sarnold> the fact that it stopped working six months back is troubling -- that's far enough back that you're unlikely to have logs that might help track it down
<tomreyn> right, i don't have logs of the latest run
<tomreyn> and the syslogs i have don't show that it was triggered
<tomreyn> (but i'm not sure what i'd need to search for, apparently unattended upgrades themselves only report that they're run if in debug mode)
<sarnold> does /var/log/dpkg.* have anything from the time preiod?
<tomreyn> there's this huge gap in them between when it stopped working in dec 2016 and today where i triggered changes using apt.
<tomreyn> i'll just keep an eye on it
#ubuntu-server 2017-05-05
<cpaelzer_> good morning
<lordievader> Good morning.
<caribou> cpaelzer: I see that you looked at LP: #1644428 I should give you a bit of context on that bug
<ubottu> Launchpad bug 1644428 in samba (Ubuntu) "Unable to log in with AD account after update" [Undecided,Confirmed] https://launchpad.net/bugs/1644428
<caribou> cpaelzer: it was created after we pushed a change to make some library statically linked which caused unexpected breakage
<caribou> cpaelzer: so the change was reverted and re-SRUed
<caribou> people have been piggybacking on that bug but it concerns a change that was reverted and never made available on the other releases
<sarnold> :(
<zioproto> hello all
<zioproto> anyone has a Neutron Network node running on Ubuntu Xenial ??
<zioproto> I have a funny problem with udp packet drop in the router namespace
<zioproto> I have no idea how to fix this. The Neutron network node now running Xenial, is dropping UDP packets instead of doing the DNAT to the internal IP of the instances. With a tool called Dropwatch I can see that the packets are dropped at the function __udp4_lib_rcv. Basically it is like if the packet is not processed by iptables but it gets to the host, and
<zioproto> because there is no socket listening on that UDP port it is dropped
<zioproto> I feel I am hitting some limit introduced by some systemd config or some other weird tooling in Xenial
<zioproto> Found the problem, I had to reset the conntrack entries
<zioproto> there is a race condition between floating IP interfaces creations and iptables rules creations by the network node
<zioproto> conntrack will cache the traffic to local, and will ignore the DNAT iptable rule
<fishcooker> let's say i have ubuntu server with many installed package how to revert back to initial state without rebuild or reinstall the built-in package?
<tomreyn> zioproto: interesting problem and solution, thanks for sharing.
<tomreyn> fishcooker: you could apt-get download the package and dpkg -x it, then diff and cherry pick the files you want / need.
<tomreyn> ...but i'm not sure i got understood your need properly.
<fishcooker> i accidentally upgrade to 16.04 from 14.04 then i can't reboot it http://vpaste.net/u84uO
<fishcooker> noted tomreyn
<tomreyn> fishcooker: hmm this looks like it can be a broken upgrade.
<tomreyn> how did you upgrade? are you actually looking for assitence with it?
<fishcooker> tomreyn: actually i change the sources.list to the local repository then apt install -f
<fishcooker> i copy the xenial repository to my trusty sources.list ... just noticed, tomreyn
<tomreyn> fishcooker: hmm well trhat's not a supported upgrade process, but i assume you're aware.
<thatstevecena> Good morning. Are there any Postfix people here? I'm having a problem with Ubuntu 14.04.5LTS, Postfix and DKIM. I'm able to validate signatures for a few hours but ultimately they all start failing. Using other testing sites all the signatures that fail pass.
<ahasenack> cpaelzer: hi, do you have an example of a server SRU that used the git workflow?
<tasslehoff> I have a server with 4 disks in RAID5 (mdadm). One broke, and now I'm swapping all of them. My plan was. Delete RAID -> Swap disks -> Create RAID, but do I need to? Can I just swap the disks and then create the new RAID?
<nacc> tasslehoff: why are you swapping all of them if only one broke?
<bindi> y u no zfs
<tasslehoff> nacc: They are old, and I fear more will break soon. Also I bought better disks.
<nacc> ahasenack: there isn't a strict workflow for SRU in git, as it's not typically a merge. I find it easiest (presuming versions are the same) to use cherry-pick across the branches
<nacc> tasslehoff: are they the same size as the old disks?
<tasslehoff> nacc: yes.
<nacc> tasslehoff: so why not swap them one at a time and let mdadm rebuild the array?
<nacc> tasslehoff: if you are planning on wiping the RAID, then I don't see why you wouldn't delete and recreate the array
<tasslehoff> nacc: I have a usb drive that can hold all the data, so I thought it faster to backup the data there.
<nacc> tasslehoff: oh so you're backing up the RAID first?
<tasslehoff> nacc: yep! should have mentioned that :)
<nacc> tasslehoff: well, i think mdadm configuration uses the disk by name (depends on how you configured it, i guess) -- i think you're best off deleting the array first
<tasslehoff> nacc: ok. https://www.digitalocean.com/community/tutorials/how-to-create-raid-arrays-with-mdadm-on-ubuntu-16-04 seems a good guide
<ppetraki> nacc, tasslehoff, md uses metadata to determine array membership, drive letter name ordering is not deterministic on Linux.
<nacc> ppetraki: ah ok, i wasn't sure, thanks!
<nacc> ppetraki: yeah, i figured that would be pretty error-prone
<ppetraki> nacc, tasslehoff, it's also a *really good idea* to save a copy of the mdadm.conf off box
<nacc> ppetraki: yeah i'd say so :)
<ppetraki> nacc, it writes that guid to the superblock location on media. The only thing you really need to worry about is if you start making dd clones of your array members
<nacc> ppetraki: makes sense
<nacc> ppetraki: thanks for clarifying!
<ppetraki> nacc, you're welcome
<ppetraki> nacc, it's also a good idea if you're doing SSDs to over provision, give the garbage collector some scratch to run. Assuming these are consumer grade SSDs
<nacc> ppetraki: yep, that seems like reasonable advice
<ppetraki> nacc, drive vendors keep about 7% to themselves for that purpose that you can't get back, but if you only ever write to the first 80% of the drive, it's smart enough to know it can use the remaining 20% for tmp space while it frees up larger ranges of clean pages for you to write to. They're really thin provisioned under the hood.
<ppetraki> nacc, pdf warning, it improves performance too :) http://www.samsung.com/semiconductor/minisite/ssd/downloads/document/Samsung_SSD_845DC_04_Over-provisioning.pdf
<ahasenack> nacc: for SRU MPs, the target git repo should be lpusdp? ~ubuntu-server-dev/ubuntu/+source/?
<ahasenack> I cloned lpusip, i.e., ~usd-import-team/ubuntu/+source/
<ahasenack> to prepare it
<ppetraki> nacc, so to over provision on a md array you would simply provision to 80% less size when create the array. Do not mess with partitions unless you want to figure out alignment issues.
<nacc> ahasenack: no, you can ignore usdp now
 * ppetraki means 20% less
<nacc> ahasenack: you can propose merging to the appropriate series-devel on lpusip
<ahasenack> nacc: thx
 * ppetraki over provisioning is a stupid term
<nacc> ppetraki: :)
<ppetraki> nacc, https://www.percona.com/blog/2011/06/09/aligning-io-on-a-hard-disk-raid-the-theory/ , save a copy of this, I swear it moved.
<ahasenack> nacc: "target/reference path" in lp is the target branch, right? ubuntu/zesty-devel for example?
<nacc> ahasenack: yeah
<ahasenack> ok
<nacc> ppetraki: bookmarked :)
<azeem> nacc: ok, I've created a bug for now: https://bugs.launchpad.net/ubuntu/+source/resource-agents/+bug/1688613
<ubottu> Launchpad bug 1688613 in resource-agents (Ubuntu) "pgsql RA has problems with pacemaker version" [Undecided,New]
<nacc> azeem: cool
<RoyK_Home> hm - I've moved a server to another location - some users are on ecryptfs and they don't seem to get their homedirs mounted - any idea what to do? I have the old vm - I just wonder what I might have forgotten to restore
<jamespage> semiosis: around?
<coreycb> jamespage: nacc has the new python-django in a ppa in case we want to test with it -- https://bugs.launchpad.net/ubuntu/+source/python-django/+bug/1605278
<ubottu> Launchpad bug 1605278 in python-django (Ubuntu Artful) "Merge python-django 1:1.11-1 from Debian unstable" [Wishlist,In progress]
<coreycb> jamespage: pkgs for the latest newton point releases are uploaded to the sru queue
<pmatulis> re high availability with postgresql, i see reference to 'pgsql RA'. what is "RA"?
<sarnold> guessing https://raw.githubusercontent.com/ClusterLabs/resource-agents/a6f4ddf76cb4bbc1b3df4c9b6632a6351b63c19e/heartbeat/pgsql
<TLoFP> If I want to join two drives in Raid 0 (software) is it possible to keep the data that is on one of the drives?
<pmatulis> sarnold, thanks
<azeem> pmatulis: yeah, RA is resource agent
<azeem> pmatulis: where did you see it?
<pmatulis> azeem, reading stuff on the net
<sarnold> TLoFP: it seems unlikely to me; but if you like to live dangerously -maybe- you could try an inplace conversion to btrfs and then see if you can add a second drive to the btrfs thingy
<sarnold> TLoFP: but (a) i'm not sure I trust btrfs yet (b) i'm doubly-unsure if you can trust btrfs's multiple drives stuff yet (c) only one copy of data scares me now (d) two drives in one filesystem like that doubles the chances for catastrophic failure compared tojust one drive..
<azeem> pmatulis: ah ok, I just wondered cause I filed #1688613 a few hours ago
<azeem> which says "pgsql RA"
<sarnold> TLoFP: .. and half the point of raid-0 ish things is so you could spread IOs across multiple disks for higher throughput, which this wuoldn't achieve if you just leave all the data on the one drive untouched
<gartral> hey all, I'm at my literal wits' end here, I have an apache install on 16.04 that refuses to cooperate, I try to reload it after changing some site-configs and it tells me apache2.service isn't running... the site is up!
<TLoFP> sarnold: thanks. I thought this wasn't easily possible, but wanted to check
<sarnold> gartral: netstat -lntp
<sarnold> TLoFP: just please be sure that you've got backups of anything you care about :)
<TLoFP> right that is the issue sarnold
<TLoFP> I have 4 TB of data that I would like to keep but it is low priority
<TLoFP> I am adding another 4TB disk to the system to allow for 8TB of storage.
<gartral> sarnold: what am I looking for in here?
<TLoFP> I have no ability to backup 4TB. So I am stuck
<sarnold> gartral: something bound to your web ports
<gartral> sarnold: nothing is, at all, but the apache welcome page is up... I'm very confused now
<sarnold> TLoFP: I'm a huge fan of zfs, I really like the redundancy and checksums and compression and snapshots and so on
<sarnold> TLoFP: but it's not very .. consumer-oriented. it's not much for 'just add one more drive to this pool'
<TLoFP> sarnold: but I doesn't seem that ZFS is straight forward configuration
<gartral> wait...
<sarnold> gartral: ggrab a different browser perhaps/ maybe it's stuck in cache
<sarnold> TLoFP: I found zfs way simpler to understand than mdadm, but that might just be me
<gartral> I might of figured it out... openvpn and apache both try to use port 443, don't they?
<gartral> yea, apache isn't loaded at all, so now what?
<sarnold> gartral: check apache logs to see if emitted any reasons why it couldn't start
<sarnold> gartral: /var/log/apache* and perhaps journalctl -u apache2 or whatever the service name
<gartral> sarnold: apache logs are unreadable for me, it's a shared host
<sarnold> gartral: please explain further
<sarnold> TLoFP: if you're curious about zfs I suggest this blog post series https://pthree.org/2012/12/04/zfs-administration-part-i-vdevs/
<gartral> sarnold: I can't read /var/log/apache, at all.. even with sudo su
<sarnold> gartral: curious. can you pastebin the output of sudo namei -l /var/log/apache2/error.log ?
<nacc> gartral: i assume you meant /var/log/apache2 not /var/log/apache
<gartral> nacc: indeed
<gartral> sarnold: http://paste.ubuntu.com/24519145/
<gartral> yea... NO PERMS, at all
<nacc> gartral: is this a VPS or something?
<gartral> sarnold: I think I know why to... ls -la shows /var/log/apache2 \-> /dev/zero so it's just dumping all apache logs into the garbage bin
<gartral> nacc: it is
<nacc> gartral: sounds like a bad VPS provider
<nacc> gartral: and not really ubuntu, as that is definitely not the ubuntu configuration
<gartral> nacc: no... it's ubuntu, it's just configured to keep as little logs as possible..
<nacc> gartral: which ... is not ubuntu
<nacc> gartral: sounds fundamentally broken
<nacc> gartral: as you can't debug why things don't work without logs
<gartral> nacc: http://paste.ubuntu.com/24519180/
<nacc> gartral: that's just reading files in /etc
<nacc> gartral: unfortunately, VPS are terrible in this regard
<nacc> gartral: what does `uname -a` report?
<nacc> we've had people come into #ubuntu saying they are running 16.04.2 and the kernel is 2.6 based
<gartral> nacc: Linux kitsunet-emergency-znc 4.4.0-66-generic #87-Ubuntu SMP Fri Mar 3 15:29:05 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
<nacc> because the VPS provider can override whatever they want
<nacc> (particularly for containers)
<nacc> gartral: i would first reproduce it with a stock ubuntu (no modification to the configuration)
<gartral> nacc: unfortunetly I'm lacking resources for that
<nacc> gartral: and/or you can change your server's configuration to not drop all logging
<gartral> hang on, I might be able to redirect the symlink
<gartral> nacc: my thoughts exactly
<gartral> we want error.log, right?
<gartral> nacc: the timestamps are bizzare but http://paste.ubuntu.com/24519201/
<gartral> they're off and padded with extra 0s
<nacc> gartral: the extra 0s could just be the resolution of your timesource
<nacc> gartral: that doesn't indicate any errors
<nacc> gartral: is apache running?
<nacc> gartral: not the service, the process
<gartral> nacc: not that i can see, no
<gartral> nacc: I gotta move and head out, I'll be connected but I'll be slow to respond for a bit
<gartral> back
<gartral> nacc: so apache doesn't appear to be running
<nacc> gartral: ok, how are you checking that?
<CodeMouse92__> I must be missing something freakin' obvious.
<CodeMouse92__> I'm trying to set up SquirrelMail on a subdomain (webmail.example.com), without something else running on example.com
<CodeMouse92__> I've got the <VirtualHost *:80> in both
<CodeMouse92__> And the ServerName is set to 'example.com' and 'webmail.example.com' in their .confs, respectively)
<CodeMouse92__> The main site is in mousepawgames.conf, and the squirrelmail is in squirrelmail.conf, both in sites-available, both a2ensite'd up
<CodeMouse92__> No access errors
<CodeMouse92__> HOWEVER: squirrelmail is NOT serving to webmail.example.com - it's actually serving to example.com (if I shut off port 80 on the main site one to prevent blocking
<CodeMouse92__> Freaky as heck - what am I missing here?
<tarpman> CodeMouse92__: does apachectl -S provide any info?
<CodeMouse92__> tarpman: Plenty of info, no errors that I can see. Want me to pastebin this sucker?
<tarpman> not sure I'll be able to make anything of it
<tarpman> but please do, someone else might
<CodeMouse92__> Point is, it IS showing both sites....stand by
<CodeMouse92__> https://bpaste.net/show/2e7940cb773a
<CodeMouse92__> But webmail.mousepawgames.net literally goes nowhere.
<CodeMouse92__> (Worth noting that subdomains aren't being blocked...the 'mail.' subdomain works fine in its context of Postfix/Dovecot)
<tarpman> webmail.mousepawgames.net gets me a squirrelmail login
<CodeMouse92__> You're kidding
<tarpman> once I /etc/hosts it, anyway. DNS?
<tarpman> looks like DNS and not apache, to me
<CodeMouse92__> ...
<CodeMouse92__> That's bizarre. I'm remoting into the server (Linode) in question, so it won't be *my* DNS persay
<tarpman> (also this is an argument for not doing the "example.com" thing - harder to see your actual problem)
<CodeMouse92__> Yeah, I get that
<tarpman> are you remoting into it via the name "webmail.mousepawgames.net"?
<tarpman> 8.8.8.8 says NXDOMAIN
<CodeMouse92__> Well, no, I mean I'm SSHing into the server. I'm remote.
<tarpman> and ns1.linode.com says NXDOMAIN too
<CodeMouse92__> Yeah, without overriding with /etc/hosts, webmail.mousepawgames.net is *not* working...
<CodeMouse92__> Uhm, hm. Do I need to literally add each subdomain to Linode's DNS?
<tarpman> yes.
<CodeMouse92__> HAH. Told you I thought I was missing the obvious
<tarpman> or well rather
<tarpman> depends what you mean by 'subdomain'
<tarpman> mousepawgames.net is the domain
<tarpman> webmail.mousepawgames.net is a host within that domain
<tarpman> if you had mail.internal.mousepawgames.net, I'd call internal.mousepawgames.net a subdomain
<CodeMouse92__> Yeah, mousepawgames.net is set up and all...
<tarpman> https://www.linode.com/docs/assets/912-hosting-2.png
<tarpman> so in the manager for mousepawgames.net
 * CodeMouse92__ nods and adds the A/AAAA record
<tarpman> you want to add an A record for webmail.mousepawgames.net (bottom table in there)
<tarpman> or alternatively a CNAME (an alias) pointing at mousepawgames.net itself
<CodeMouse92__> Actually, middle table, but yeah
<tarpman> either ior
<tarpman> *or
<tarpman> HTH anyway
<CodeMouse92__> Yeah, thank you tarpman
#ubuntu-server 2017-05-06
<SupaYoshi> i want to re-stream camera streams, from a local ipcamera (x15 cameras) that are accessable on a ubuntu server, and then let the ubuntu server "re-stream" all the streams, by multicast? anyone an idea how to do this?
<SupaYoshi> i read on gstreamer, and other thigs
<ice9> is it possible  to upgrade from 16.04 to 17.04?
<ice9> do-release-upgrade -d show no new release found
<andol> icey: Might be that /etc/update-manager/release-upgrades is set to only do LTS upgrades.
<icey> Whoops andol...:-)
<xibalba> anyone using pi-hole?
<xibalba> wondering if there is a way to add in my own dns entries
<xibalba> currently i have my pi-hole box forwarding to a nother ubuntuer server running powerdns-recursor to do that
#ubuntu-server 2017-05-07
<bindi> is it possible to have the pc speaker beep when lvm asks for encryption password? headless server
<Rihannsu> hello, im trying to set up a vpn connection from a vps using ubuntu server 16.04, what is the simplest way to accomplish this. I've tried openvpn and cant get the dns resolver to work and pptpd wont connect period. I have been slaving at this all day any help would be greatly appriciated.
<sarnold> Rihannsu: do you need to modify security groups with your vps provider to allow the incoming connections? most are highly restricted by default
<Rihannsu> i could try that, i also got it to work one way. I sent my dns to google dns on my windows wireless adapter and it worked great but only on this pc. im trying to tunnel the vpn through the network, does that help?
<Rihannsu> my router is the one connecting to the server
<Rihannsu> do you know of any good vps providers off hand that are friendly to this sort of thing?
<sarnold> i'd sort of expect them all to be able to handle it; it's just sockets afterall
<Rihannsu> ok i sent a support ticket
<Rihannsu> do they throttle the port speed also? The best speed i could get was 5mbps
<sarnold> some providers do indeed sell different speeds
<Rihannsu> it said on the package i purchased that id get 1gbps on the port, is their something im doing wrong?
<Ben64> you need 1gbps everywhere in between for that to happen
<Rihannsu> my connection at home is 60mbps, if i could even get 30mbps id be extremely pleased, where is the speed being lost? Does the tunnel kill that much speed?
<sarnold> there's a lot of variables; perhaps they've got 1gbps ports all over but only 10gbps out of their datacenter.. maybe if you've got ten machines in their network, they'd all be doing 1gbps with each other happily, but not hit those speeds leaving the network
<sarnold> how many hops are between you and your VPS? what kind of latency do you see when you ping it?
<Rihannsu> if i connect ill drop dns and be disconnected bare with me a second
<sarnold> were you testing wired or wireless on your network? maybe it's all local congestion :)
<Rihannsu> i am using wireless but on my lane i get 100 mbps
<Rihannsu> lan
<sarnold> adn packetloss looks alright?
<Rihannsu> hold on ill have to tracert my server, brb
<Rihannsu> cant connect now, jeez this is such an incredible headache
<Rihannsu> maybe im asking the wrong questions...
<Rihannsu> my objective is to have a us ip address while located overseas, what is the best way to accomplish this?
<sarnold> 'best' is hard to quantify :)
<sarnold> some people are happy to just sign up with a commercial vpn service
<Rihannsu> ok let me try this then, simplist as security isnt a huge concern
<Rihannsu> commerical vpn is ok but i need a decent connection speed
<sarnold> I think that runs the risk of giving data you care about most to a centrialized point that may or may not have your best interests at heart
<Rihannsu> well i will be using this vpn for a very specific task only
<sarnold> but if you have good hygiene habits like always using ssh or tls for sites you care about it, it's probably fine, no different from usng open wifi points..
<Anonymes> what's up?
<gartral> jjohansen: your bouncer is having a seizurism
<gartral> jjohansen: your bouncer is having a seizurism
<dax> phunyguy: probably could do with a banmask$##fix_your_connection ^
<dax> or that
<phunyguy> \o/
<phunyguy> sorry, doing a million things at once or I would've done it
<dax> np
<ubool32_t> Hey, What security changes should I make before I make an apache web server internet facing?
<Polarcraft> Just curious here, does anyone know of a good virtualization panel or a vm management panel? I have heard of solus and proxmox, but solus is outdated and I don't want to go full in with something that is priced high for me.
<compdoc> I use virt-manager. dont know if youd call that a 'panel'
#ubuntu-server 2018-04-30
<DirtyCajun> PSA: For anyone who hasnt done the 18.04 upgrade that is going to and uses nginx+php: If you are using 7.0 sockets you will need to change them to 7.2 sockets. (20 minutes of confusion on my end till i figured it out)
<cpaelzer> good morning
<Mava> any opensource tips (on in general anything) when considering first tests with hyperconverged infrastructure
<tomreyn> first of all, you'll need to dissolve this marketing term to make it clear what you're asking
<tomreyn> (and then it's still a *very* broad question, and may not be well suited for a support channel)
<gunix> Mava: what do you need? containers, vms?
<RoyK> "hyperconverged" translates to something like "we got tired of the old system with separate storage and compute power, and went back to adding drives to our servers again, and then used the existing methods for controlling redundacy, so that system upgrades can be done on both storage and cpu at the same time" (which may or may not be a good idea, depending on your needs)
<cyphermox> teward: cloud-init overwriting netplan is a message there for "safety". In some cases it /might/, say if you have cloud-init re-configure the system. On "static" not-cloud-based servers, it won't
<Mava> RoyK: exactly, the good old methods starts to rise their head again.
<Mava> gunix: either ones.
<RoyK> Mava: I was being rethorical
<gunix> Mava: if you need VMs, go for openstack. you need containers, go for kubernetes. you need both, go for both
<Mava> gunix: yup, that was I was afraid =D
<gunix> Mava: why afraid? this is the future :D
<Mava> any idea how e.g. kubernetes konsiders the virtual san ?
<gunix> Mava: there are various storage drivers for kubernetes. most people use glusterfs, with heketi (an API that helps kubernetes manage gluster volumes)
<Mava> ah
<gunix> Mava: other people use CEPH
<gunix> mostly the people with heavy openstack background will do ceph when doing kubernetes, since they know ceph inside out (55% of openstack environments use ceph storage, according to the survey from last year)
<RoyK> isn't CEPH the preferred one these days, as in over glusterfs?
<gunix> RoyK: not for kubernetes.
<RoyK> ok
<gunix> RoyK: a big kubernetes project is openshift and it comes by default with glusterfs
<gunix> RoyK: also, regarding storage, most people use kubernetes via public cloud, and public cloud solutions have their own dark magic with storage, so you can't know unless you have somebody on the inside :D
<Mava> :D
<Mava> but the storage plays a big role, somehow understandable that they are not very often advertised outside
<Mava> nonetheless, thanks gunix and RoyK for the chat! this really got my brains back to the tracks
<RoyK> :)
<gunix> Mava: just start playing around. it's really fun technology
<RoyK> Mava: as for raid1+0, please try zfs and check if it does what you want - it really isn't hard
<Mava> and I definitely will (to both)! ^ ^
<RoyK> :)
<gunix> raid is a tabu subject in cloud
<gunix> a lot of people use JBOD
<gunix> you need mad skills to do raid the right way.
<Mava> JBOD ? You got to be kidding?
<Mava> afaik the zfs should be fine nowdays. at least i've been satisfied with the zfs so far
<gunix> Mava: i am not kidding with jbod :D
<gunix> Mava: https://www.youtube.com/watch?v=ShC1eN52CrE
<gunix> maybe in the last 2 years people started to adopt this more often
<gunix> but this was the status in 2016
<gunix> with netapp leading research on this
<nacc> rbasak: just checking in on the importer tests review
<RoyK> gunix: the thing about jbod is that they use raid-ish things on top
<gunix> RoyK: most people just let ceph/heketi/swift handle the disks
<RoyK> https://xkcd.com/1987/
<jaimehrubiks> I dont even program in python and my env is like hell
<nacc> jaimehrubiks: ?
<jaimehrubiks> i was talking about the previous message, the xkcd post
<sarnold> nacc: https://xkcd.com/
<nacc> ah
<Howie69>  TCP: request_sock_TCP: Possible SYN flooding on port 80. Sending cookies.  Check SNMP counters.
<Howie69> That's a new one on me...
<Howie69> Especially since I don't have SNMP running...
<sarnold> Howie69: check netstat -s
<Howie69> 72 SYN cookies sent
<Howie69> ?
<sarnold> that's not too much of a flood..
<Howie69> Yeah..
<Howie69> I was wondering why it was logged
<Howie69> I feel rusty...
<Howie69> All of my scripting over the years... and now I am trying to hand write my apache2 configs :)
<sarnold> hrm I get lost a bit in the kernel sources .. there's a possibility that your web server isn't handling requests quickly enough, and the 'backlog' of listen requests is being overflowed
<Howie69> bleh...
<sarnold> normally this happens when someone aims a synflood bot at your host
<Howie69> Yeah, I've seen that, but didn't find any evidence
<sarnold> but 72 syn cookies does'nt feel like much of a flood, since that'd be .01 seconds of data or less
<sarnold> so maybe it's just your webserver unable to respond to incoming connections in reasonable time?
<Howie69> Or oversensitive logs?
<sarnold> I suspect this is a rare event, and thus worthwhile to log
<sarnold> it'd be difficult to spot syn floods without network monitoring without this
<Howie69> fair enough
<Howie69> I am skipping something...
<Howie69> So, my apache2 config is missing something
<Howie69> Ah... I can see...
<RoyK> sarnold: s/netstat/ss/ ;)
<Howie69> Between my old debian servers and this ubuntu server
<sarnold> RoyK: heh, I checked the ss manpage first but couldn't figure out how to get the data :(
<Howie69> It seems that apache has seperated the vhost to a module?
<Howie69> I see vhost.load
<Howie69> but not a config...
<Howie69> Is that for namevirtualhosts?
<RoyK> Howie69: /etc/apache2/sites-enabled
<RoyK> Howie69: /etc/apache2/sites-available
<RoyK> the former contains symlinks to the latter
<Howie69> RoyK: Those I am familiar with
<Howie69> I've done all of that...
<RoyK> ok, sorry
<RoyK> I just barged in ;)
<Howie69> and actually mirrored my debianb server
<Howie69> debian
<Howie69> but, it seems namevirtualhost isn't working
<Howie69> everything is just going to my default dir
<RoyK> just curious, but why move from debian to ubuntu?
<Howie69> My server to AWS
<Howie69> They didn't offer debian :)
 * RoyK started out with slackware 25 years ago or so, moved to redhat, moved to debian, tried different things, moved to ubuntu, and moved back to debian
<Howie69> RoyK: I will probably keep all my physical servers on Debian
<Howie69> but, For AWS and GoogleCloud, they want to use Ubuntu
<RoyK> Howie69: I'm using crowncloud for a few VMs
<Howie69> So, it's not as bad as a conversion to their proprietary cloud OSes
<RoyK> works well
<Howie69> RoyK: I'm just starting.  I prefer my own servers :(
<RoyK> and is rather on the cheap side, and supports a lot of distros
<Howie69> :)
<RoyK> so do I - but not for everything
<Howie69> I was down for a few years medically... trying to catch up now
<RoyK> welcome back :)
<Howie69> I did some great work while I was in the hospital.  I just can't remember any of it
<RoyK> I don't think I've had that sort of drugs - but what the hell - welcome back anyway
<Howie69> Thanks
<Howie69> but, to the matter at hand... I suppose I have to link vhost.load?
<Howie69> vhost_alias.load
<RoyK> whiver ubuntu version is this?
<RoyK> s/whiver/which/
<Howie69> crap... I forgot the command...
<RoyK> lsb_release -a
<Howie69> 16.04 I think
<Howie69> I was right
<RoyK> is the server listening to port 80?
<RoyK> netstat -l or ss -l should show
<Howie69> Yes
<Howie69> I get default site
<RoyK> ok, and there's a file for your virtualhost under /etc/apache2/sites-available and a symlink to it in /etc/apache2/sites-enabled ?
<RoyK> Howie69: just going through this slowly to make sure
<Howie69> RoyK: of course
<sarnold> does it have a .conf name?
<sarnold> iirc more recent apaches care about the filename
<Howie69> it seems like that would be in the apache2 error.log or access.log, but I'll check
<Howie69> well, yeah, I have a .conf and .load
<RoyK> a .load in sites-enabled? that shouldn't be necessary - it's for modules
<Howie69> Sorry, that's in the modules, yes
<RoyK> Howie69: ./apache2.conf:IncludeOptional sites-enabled/*.conf
<Howie69> You are saying they want a .conf in sites-available?
<RoyK> that's from debian stretch
<RoyK> probably the same on ubuntu 16.04
<Howie69> stick around.  I have to deal with kids.  BBS
#ubuntu-server 2018-05-01
<mica> i am having dificuties using netplan network configuration on ubuntu 18.04 server LTS, is there any graphical way of setting this up to make sure i am not doing typo errors in config? centos has nmtui for example thank you in advance for helping
<mica> no one here can help ?
<lordievader> Good morning
<dpb1> mica: patience
<mica> dpb1:  i do have it but as you can see it is a bit slow here :)  managed in the meantime to get server 16 lts installed and configured, it hink ubuntu 18 is sthill nbaking and should not be used in production unless properly documented and tested.
<dpb1> mica: there is no graphical way, no.  but, if you put up a pastebin of your netplan yaml, someone would be happy to check.
<dpb1> mica: also, askubuntu is a good place to type up what you are trying to do
<blackflow> mica: yeah but who's gonna do the testing :) bugreporting from users is very valuable.
<cyphermox> mica: there's 'netplan try' if you're unsure of config, and we put a lot of examples of common things to do up on http://netplan.io/examples
<gunix> does anybo have any idea how to connect two VMs without using bridge? so nic2 from vm1 connected to nic3 from vm2...
<compdoc> you can use the built-in virtual lan
<sdeziel> gunix: it's still kind of a bridge but you can use MACVLAN
<sdeziel> gunix: but could you elaborate as to why you don't want a regular bridge?
<gunix> sdeziel: to connect multiple switches together, to simluate a DC
<sdeziel> gunix: why wouldn't that work with regular bridges?
<gunix> sdeziel: because you don't get lldp
<sdeziel> gunix: found this: https://the-bitmask.com/2017/08/04/fwd-lldp-frames-on-linuxbridge/
<sdeziel> gunix: that said, I never had to deal with lldp so YMMV ;)
<gunix> sdeziel: it's ok, 3rd party blogs is usually the last stuff i reffer to :D
<gunix> i will try this first:
<gunix> -netdev socket,id=mynet0,listen=:1234
<gunix> -netdev socket,id=mynet0,connect=:1234
<sdeziel> gunix: I expect that will be slower but probably good enough for an experiment
<sdeziel> gunix: the same without the blog bits: https://www.kernel.org/doc/Documentation/ABI/testing/sysfs-class-net
<teward> I have a server that has a bunch of Public IPs on it.  From a NAT perspective, containers on the system use IPs as 1:1 IP ranges.  Unfortunately, this causes some issues, because right now the individual IPs can't talk to each other, and the IPs sit only on the NIC on the host (and attempts to communicate between each other return 'Connection Refused').  Is there a way to make the IPs communicate with each other?
<teward> I should know this and it's something simple likely but...
<blackflow> teward: sounds like you need to NAT only when dst is not in the subnet of those IPs
<blackflow> though from what you describe, I fail to see what exactly is going on. You have a bunch of public IPs, but then NAT to containers' subnet?
<teward> blackflow: i figured it out, it's a "split DNS" problem
<teward> in that i need to serve the IPs for the boxes internally separate from the public
<teward> so it's a NAT problem but it's not a NAT problem too
<blackflow> if it's DNS then you can't talk about IPs, but hostnames
<teward> blackflow: it's "both"
<teward> DNS resolves to public IP
<teward> but the containers sit on the same bridge/subnet
<teward> so they need to talk with the 'internal' IP that is on the same subnet
<teward> i had this issue before but overlooked this >.>
<teward> i can fix it now, I know what to do *stabs the postfix configs on these boxes to handle the local delivery route differently*
<blackflow> I still don't get it though, you have public IPs, and then still do NAT?
<teward> blackflow: too hard to explain without my diagram - TL;DR I figured out a solution, I'll fix the actual problem 'later' once I have free time :P
<teward> and will probably be back here.  It's probably a NAT problem but meh
<blackflow> mkay.
<gunix> sdeziel: thank you for the advice
<BLZbubba> i'm trying the 18.04 text mode server installer.  i already pre-created the partitions on disk how I like them.  what does it take for the new installer to use them?
<BLZbubba> the only options appear to be to wipe the disk and automatically partition, or to wipe the disk and manually partition
<BLZbubba> but the manual partition option doesn't let me set up things like efi and swap the way I like them
<BLZbubba> can i use the old installer instead?
<sdeziel> BLZbubba: the alternate installer is still officially supported
<RoyK> the "alternate" installer should be the official
<RoyK> the new one sucks
<RoyK> whoever came up with the idea of ditching all sorts of options like re-using partitions, creating raid, lvm, encrypted drives, whatever, should be giving a public speach about why they did it on an LTS release and allow for at least three hours for questions
<RoyK> s/speach/speech/
 * RoyK wonders if the S in LTS now means Suffering
<BLZbubba> haha still only 1% as horrible as 10.04 was though
<BLZbubba> ubuntu 10.04 was the worst release of any distro in history
<BLZbubba> hmm do i need a new iso to switch installers?
<BLZbubba> or should I try "OEM"
<mason> BLZbubba: The installer you want is its own ISO.
<mason> BLZbubba: https://www.ubuntu.com/download/alternative-downloads#alternate-ubuntu-server-installer
<gbc> hi all ... can anyone please help me figure out a boot issue? i suspect i may have screwed up my init scripts
<gbc> ... when a server boots, does it transition right into its default runlevel? or does it start in runlevel 1 and then transition to runlevel 2?
<sarnold> both upstart and systemd have some amount of runlevel-ish stuff as compatibility, but I don't think either one *really* thinks in terms of runlevels
<gbc> i've got a VM running 14.04 ... it boots partially and then hangs ... i never get a command prompt ... since i can't login, i'm trying to deduce how far it gets in the boot process (or which job might be hanging)
<gbc> ... i thought maybe if i could force it into singleuser mode, maybe i'd be able to login and selectively enable services
<sarnold> good idea, can you get to the kernel command line and add 'single' to it? I *think* that ought to work..
<gbc> problem is, i can't login to the VM ... so, i can't edit grub directly ...
<gbc> i *can* mount the guest's qcow image in the host and edit its filesystem that way ...
<gbc> but update-grub seems to assume that it reads/writes to specific location ...
<gbc> can't figure out how to trick it to overwrite the guest VM's boot command
<sarnold> if you've got console access to it you might be able to use a left-shift key to get to a prompt or menu or similar
<gbc> it's a VM ... i can do "virsh console" to get to the serial console ... i see some services starting, and then it hangs ... never get a login prompt :(
<gbc> ... network starts (i can ping it), but it doesn't get far enough to start sshd/telnet :(
<gbc> sarnold... gtg in a minute...thanks for the time & sharing your thoughts
<sarnold> gbc: good luck; sorry I don't know much about interacting with grub via serial .. never needed that
<irwiss> ha, was about to complain how 18.04 slowed down ssh/tmux but apparently the vm had flakey connection issues that got resolved today, hail lazyness! :P
<compdoc> 18.04 seems fast at all things to me
#ubuntu-server 2018-05-02
<Howie69> bleh
<Howie69> still looking for a apache2 channel to ask a question...
<Howie69> But, since it's on an Ubuntu server, I guess I can ask here..
<Howie69> I know it's something simple I'm overlooking...
<Howie69> I have userdir module enabled and configured... and when I test it, I get 403 error...
<Howie69> The dir and file is 755
<RoyK> #httpd
<Howie69> ahhh
<Howie69> I bet I'm going to feel real dumb when I get the answer...
<Howie69> ...and I do, but it's not my fault they changed the deny order :)
<sarnold> rofl
<sarnold> Howie69: was that seriously it?
<Howie69> sarnold: And a few other changes from 2.2 to 2.4
<Howie69> The last time I configured an apache2 server it was 2.2.  Thy renamed some modules, moved some configs, things like that
<Tuna-Fish> Hi, how can I make the screen go to sleep after a while on a ubuntu server 18.04? Google only finds how to make it not do so on earlier ones.
<genii> Does it only have one monitor?
<Tuna-Fish> yes
<genii> For permanent, add something like consoleblank=1 60           to the kernel options of /etc/default/grub file and sudo update-grub    ... in this example, monitor will turn off after 60 seconds if no activity
<genii> So find a line in there like GRUB_CMDLINE_LINUX="something something"     and add a space after the last thing, and put consoleblank=1 <number of seconds to turn off after> between that and the ending double quotations
<Tuna-Fish> genii: thanks, took this long until I was able to reboot. Although consoleblank=1 300 actually sets the blanking time to 1 second, consoleblank=300 did what I wanted it to
<cpaelzer> good morning
<lordievader> Good morning
<Neo4> what length password should be?
<Neo4> at least 15 - 20 symbols?
<Neo4> I have 8 length password, is it weak?
<Neo4> 25 character is a long password, however then longer password the more secure
<Neo4> https://www.grc.com/haystack.htm
<lordievader> The longer the more time it takes to bruteforce. The length of the password should be something you are comfortable with.
<Neo4> yes
<Neo4> we can select passwordk base on songs
<Neo4> for example take a few first letters from song that you know
<Neo4> something like
<Neo4> where have all the good men gone?
<Neo4> and where all the gods?
<Neo4> where the street wise gerculeses to fight the rising odd
<Neo4> password should be whatgmgawatgwtswgtftro
<Neo4> yeasy
<Neo4> or other song
<lordievader> You have made your point.
<Neo4> when I was afraid I was petrified
<Neo4> kept thinking I could never live without you by my side
<Neo4> but I spend so many times just thinking how you did me wrong
<Neo4> ...
<Neo4> pass wiwaiwpkticnlwybmsbissmtjthydmw
<Neo4> lordievader: good methods?
<Neo4> you can take 2 symbols first and last from each word and phrase will shorter
<Neo4> lordievader: do you know how to use command line? options
<Neo4> for example what is difference between apt-get -help and apt-get --help ?
<OpenTokix> Just generate your passwords and use a password manager.
<lordievader> OpenTokix: That is usually the best method.
<Neo4> it has significant difference, who know what?
<Neo4> -- or - ?
<Neo4> OpenTokix: lordievader:  guys?
<Neo4> ok, it might difficult question, I exmplaine
<lordievader> Convention says - should be followed by a single letter while -- should be followed by a full word.
<Neo4> lordievader: yes, you are right
<OpenTokix> Neo4: It is a programming difference. There is sort of a standard that one dash - is used for short options like -h and double dash is used for long options, like --help.
<Neo4> right
<OpenTokix> but it is not a hard and fast rule, there is many exceptions ofc.
<Neo4> apt-get -help = apt-get -h -e -l -p , it will execute like four parameters and apt-get --help usually uses to word
<ducasse> for some programs at least, -help would give you options -h, -e, -l and -p
<Neo4> OpenTokix: I didn't know this before reading linux bible book
<Neo4> :)
<OpenTokix> Neo4: Only bible worth reading
<Neo4> OpenTokix: yes, there describe fedora and red hat, but UNIX family os all equal all that commands and approaches could be applied in any
<Neo4> OpenTokix: I almost finished this book https://www.amazon.com/Linux-Bible-Christopher-Negus/dp/1118999878/ref=sr_1_2?ie=UTF8&qid=1525243987&sr=8-2&keywords=linux+bible
<Neo4> have already read 600 pages
<Neo4> very nice book, so many useful information...
<Neo4> especially about man how to use it
<Neo4> for to be powerful linux user we need to know how to edit text file, be able to use command line, vim
<OpenTokix> Neo4: I dont think I am less interested of a subject in the world then the amount of pages you have read in a book, why are you telling anyone this? - Log out and keep reading.
<Neo4> OpenTokix: I've read 30 page today, enough, will read later or tomorrow
<Neo4> OpenTokix: many informations there
<Neo4> I can't digest
<Neo4> :)
<Neo4> OpenTokix: remove windows and install linux! I really would say after that book you will easy use linux. it is really linux bible
<tvw> What is the difference between Ubuntu Server and Ubuntu Live Server and why is the latter one the recommended variant? What does "Live" mean in this context - the other variant seems very alive too.
<dpb1> tvw: https://wiki.ubuntu.com/BionicBeaver/ReleaseNotes -- search for 'live'
<ahasenack> I also think the "live" name is wrong
<dpb1> it's not easily changed, but agreed it's not ideal
<ahasenack> essentially "live" means the new installer
<tvw> I read the ReleaseNotes. They only tell me what you cannot do with the "live" version and that it comes with a new installer. But installations is so fast, that there must be more differences. And after the first restart and logging in, I get some "cloud" messages, which I have not seen when installing with the classic installer.
<ahasenack> tvw: well, the new installer is http://launchpad.net/subiquity if you want to learn what it does under the hood
<ahasenack> https://github.com/CanonicalLtd/subiquity for the code
<tvw> ahasenack: Thanks.
<BLZbubba> tvw: live server has the horrible new installer
<tvw> BLZbubba: I see ;-) To be honest, I like the overall approach. But I wonder why it is proposed as the main version while it seems to lack a lot of thinks as can be read in the Release Notes.
<BLZbubba> yes, LTS releases are the worst time to surprise people.  they should have learned this with the !#%^#%^ upstart debacle in 2010
<xnox> i agree that "Live" is a missnormer. Mostly a reflection, that it is not a minimal d-i environment, but actually a full ubuntu server squashfs running at runtime like the desktop installer.
<xnox> e.g. switching to tty2, one gets a shell of a fully live session of Ubuntu Server.
<xnox> one can "try" things there, like "Tru Ubuntu" from the desktop session.
<dpb1> BLZbubba: I like the installer
<BLZbubba> once it can partition drives properly i will be able to try it again.  at least the old version let me partition ahead of time, the new one insists on wiping it every time
<dpb1> BLZbubba: that will come, yes.
<nacc> dpb1: rbasak: do we have a page about the root mysql login stuff from 16.04? trying to find it in my history
<Slashman> hello, I have a service that keeps crashing, it is generating core dumps "Main process exited, code=dumped, status=11/SEGV", where can I find those?
<NightMonkey> Howdy. I use the CloudWatch perl scripts for my Ubuntu EC2 instances, which are launched from the official Ubuntu AMIs. I'm finding that recently the scripts are not reporting the disk mount devices as they used to ("/dev/xvda1") but now report them as "/dev/disk/by-uuid/c70a26ec-1dda-455c-acfd-792015b2bb6f". This causes my metrics to report "INSUFFICIENT_DATA". Has anyone found a fix for this?
<rbasak> nacc: IIRC it's in NEWS.Debian
<rbasak> Not sure though need to check
<nacc> rbasak: ok, thanks just needed to point a user at it
<ahasenack> Slashman: take a look in /var/crash
<Slashman> ahasenack: thanks, unfortunately, I have rollbacked the container now, I'll take a look next time
<ahasenack> Slashman: /proc/sys/kernel/core_pattern is what tells how core files are handled
<ahasenack> in ubuntu, that's this by default:
<ahasenack> $ cat /proc/sys/kernel/core_pattern
<ahasenack> |/usr/share/apport/apport %p %s %c %d %P
<ahasenack> apport then creates a "crash file" in /var/crash, which includes the core dump
<Slashman> hm, and how does this translate to /var/crash ?
<Slashman> ok
<ahasenack> notice the pipe at the beginning
<ahasenack> |/usr/share/....
<ahasenack> NightMonkey: /dev/disk/.... is a link to /dev/xvda1, right? (in that example)
#ubuntu-server 2018-05-03
<jlacroix> Hello everyone. I have an LXD server (18.04) with five containers running on it. The containers have very low usage, it's more of a test server for me to play with than it is a production system. My issue is that it runs VERY slow. For example, if I run: apt dist-upgrade (for example) it takes a very long time, it seems that it can take 30-60 seconds to install any app (the packages seem to download fast though). I was hoping someone
<jlacroix> can provide documentation links to what I can do to tune it, I wasn't able to find anything
<jlacroix> Also, it's installed via snap, if that matters
<lordievader> Good morning
<lordievader> jlacroix: I'd try to pinpoint what the problem actually is. Is it disk related, ram, cpu, etc.
<Neo4> who know whether my server is properly work?
<Neo4> here is test result
<Neo4> https://ssl-tools.net/mailservers/mail.kselax.ru
<Neo4> What shall I do for correct those all?
<lordievader> Neo4: You don't want to use a self-signed certificate.
<Neo4> lordievader: see, there weak ciphers, do you know how I could forbid weak ciphers?
<Neo4> and should I forbid them?
<lordievader> I try to stay away from mail servers, so no. Read the documentation of your mail server.
<Neo4> lordievader: how TLS works?
<Neo4> there ssl3
<lordievader> But weak ciphers is less of a problem than a self signed certificate.
<OpenTokix> lordievader: no
<OpenTokix> Self signed cert is no less secure then a signed cert.
<lordievader> Fair enough.
<Neo4> not bad? :)
<Neo4> https://ssl-tools.net/mailservers/kselax.ru
<Neo4> I have to get certificate from let's encrypt for mail.kselax.ru, how fast get it?
<Neo4> see here, How to correct that all errors?
<Neo4> https://mxtoolbox.com/domain/mail.kselax.ru/
<blackflow> Neo4: blacklisted by Spamhaus? you're better off getting a new IP. Preferably with a reputable hosting provider that is not blacklisted.
<Ussat> and stop what ya doin to get blacklisted
<Neo4> blackflow: can I write them and ask kick me from black list I won't more?
<blackflow> Neo4: you could try, but that's Spamhaus. Chances are they'll just laugh at you.
<Ussat> You are probably there for a reason
<Ussat> and they have a process for being removed
<Neo4> nice :)
<Neo4> https://ssl-tools.net/mailservers/kselax.ru
<Neo4> left overcome 5 errors and everything will work perfectly
<Maxel> ok I've added byobu to my ubuntu server, and I want to try and start a second shell session but none of the commands I've googled seem to be working. is there a default key combo? I didn't customize anything
<ahasenack> ctrl-a
<ahasenack> then it will ask you
<Maxel> ah, thanks!
<gabboman> Hi, anyone has experience with conjure-up? is it compatible wit 18.04?
<dpb1> gaughen: yes
<dpb1> and yes
<gaughen> dpb1, what?
<nacc> dpb1: did you mean gabboman, who left?
<dpb1> nacc: yes
<dpb1> :)
<dpb1> gaughen: sorry
<enoch85> hey, I'm having issues with setting static IP with netplan
<enoch85> I use the following YAML: https://codebeautify.org/yaml-validator/cbd763fb
<enoch85> which is valid
<enoch85> but netplan apply gives an error
<enoch85> Error in network definition //etc/netplan/01-netcfg.yaml line 4 column 13: expected mapping
<nacc> enoch85: oh, sorry, i think your indentation is wrong maybe
<nacc> enoch85: you should be indented below the ens32: line, no?
<nacc> enoch85: yaml is sensitive to the layout
<enoch85> nacc, yeah I know yaml is sesetive, and I really don't like the fact the ifupdown is depcrecated in 18.04, but yeah... why does a valid yaml gives an error
<enoch85> hwo should I intendent exacly?
<enoch85> how*
<nacc> enoch85: well 'valid' just means it parses
<nacc> not that it's well-formed
<enoch85> ok, hmm
<nacc> enoch85: you are defining ethernets, which means the first entry is the key into that dictionary (that's how i think o fit)
<enoch85> so is it 2 spaces between every intended line?
<nacc> so everything for ens32 should be under ens32: indentend
<nacc> *indented
<nacc> otherwise, it thinks you are defining an empty (or invalid) ens32 entry, then a dhcp4: entry (also invalid), etc.
<powersj> also take a look at: https://netplan.io/examples#dhcp-and-static-addressing
<nacc> powersj: thanks!
<nacc> enoch85: i say this knowing next to nothing about netplan syntax, just based upon judicious use of parsing :)
<enoch85> ok, so it works now :)
<enoch85> https://codebeautify.org/yaml-validator/cb8a1a24
<enoch85> thanks ncc
<enoch85> nacc, powersj
<nacc> enoch85: yw
<nacc> enoch85: it helps to translate the yaml into a dictionary
<nacc> enoch85: to see how it's actually going to be used
<enoch85> nacc, I know what dictionary is, but what do you mean in relation to netplan?
<nacc> enoch85: the yaml is being transformed into a dictionary
<enoch85> nacc, aah ok
<nacc> enoch85: so if you had read your original, as a dictionary, i think you would have seen the error immediately
<cyphermox> I have code in progress that should improve the error reporting
<nacc> cyphermox: nice
<nacc> cyphermox: yeah there seem to be 'classes' of errors
<nacc> from parse failures to structural issues
#ubuntu-server 2018-05-04
<sarnold> sdeziel: btw on bionic I needed to add  'k' on /home/sarnold/.msmtp.log to the msmpt profile
<Neo4> Hi! I have question. Read this link!
<Neo4> https://pastebin.com/MYjcPiL0
<cpaelzer> good morning
<lordievader> Good morning
<sdeziel> sarnold: noted, thanks
<sdeziel> sarnold: there was no rule for ~/.msmtp.log but what do you think of this https://paste.ubuntu.com/p/f76QH6bnYq/ ?
<jr_admin> does anyone know how you can stop www-data from emailing you constantly?  i keep getting mail from www-data every 10 minutes that awstat.conf was not able to access acccess.log file to modify it.  i already went to /etc/logrotate.d/apache2 and modifed it to to "create 666 root adm" but i still get permission denied for awstat.conf to access /var/log/aapache2/access.log to write to
<RoyK> jr_admin: can the awstat user access the directory?
<jr_admin> RoyK, how can i find out if he does or not
<RoyK> jr_admin: su -s /bin/bash - $username
<RoyK> where $username is the user running awstat
<jr_admin> im sorry im a newb. but how do i find out whos running awstat..my guess is apache or im not sure of the official username
<jr_admin> RoyK, i guess that would be the person whos logged in?  or www-data?
<RoyK> jrahmy: not sure how awstat is run - is it a cronjob?
<RoyK> erm - that was meant for jr_admin, who just left
<sarnold> sdeziel: ah! looks good to me. I hadn't realized I specified the log location by hand :)
<sdeziel> sarnold: great
<bladernr> Hey, is there a wiki page or something that explains the differences between subiquity and d-i in Bionic?
<bladernr> Just something that's kind of a high-level comparison explaining why we have two images for Ubuntu Server
<bladernr> I know there's a very small blurb about it in the release notes, but I was hoping for something more consumable for non-engineers.
<Blueking> ubuntu 18.04 LTS good ?
<sarnold> most folks seem to be liking it well enough
<nacc> bladernr: subiquity and ubiquity you mean?
<bladernr> nacc, no, there are two Ubuntu Server images... one uses Subiquity and the other is d-i based.
<bladernr> nacc, the subiquity image is on releases.ubuntu.com while users are directed to cdimages.ubuntu.com for the d-i one
<nacc> bladernr: both installers are available from the reqular ISO, aiui?
<nacc> dpb1: --^ ?
<bladernr> ubuntu-18.04-server-live.iso vs ubuntu-18.04-server.iso...
<powersj> live == new default installer based on subiquity; provides a more streamlined experience, ask less questions, and eventually enable more complex scenarios
<powersj> the old ISO using d-i, also referred to as ubiquity, is still around to enable features that are not yet enabled in the live ISO
<powersj> both are available at http://cdimages.ubuntu.com/ubuntu-server/
<nacc> powersj: thanks!
<powersj> daily-live == subiquity, daily == ubiquity
<nacc> i think the release notes also talk a bit about the differences and when you might need to use the old installer
<bladernr> nacc, yeah, the release notes were pretty light, I was just hoping for something like a side-by-side I could just easily pass along to partners when they ask.  No worries though.
<bladernr> powersj, also thanks, I didn't realize the d-i server image was referred to as ubuiquity... ubiquity to me was always the live image on the Desktop ISO, I never really connected that name to the server iso
<powersj> yeah, it is probably more accurate to say d-i
<_KaszpiR_> bladernr from my experience I can say preseed from xenial works under bonic
<_KaszpiR_> at least if using netboot
<nacc> bladernr: yeah i'm not sure it's been done, but probably worth doing :)
#ubuntu-server 2018-05-05
<kevr> ssh server is resetting connection by default on install for 18.04 live
<Squall5668> kevr: You said on #ubuntu you were using the installer script of adding your public key to the server and it didn't work. Make sure you haven't accidentally messed up the .ssh folder permissions
<Squall5668> assuming that's what the installer is trying to do ofcourse. I haven't tried that option
<sarnold> if you're using an rsa key make sure it's > 1024 bits
<Pici> /2/25
<kevr> Squall5668: it looks like it generated some errored out ssh_host_* keys
<kevr> i fixed it by removing those and regenerating them with dpkg-reconfigure
<kevr> seems like that bootstrapper github thing is broken possibly
<Squall5668> interesting, thanks
<kevr> np :) thanks for the help/reply
<Squall5668> Well, you have much bigger oranges than I do if you trust an automated script/option/whatever to install your ssh key on a server for you
<kevr> this isn't a production server
<kevr> i was doing it for simplicity sake at the time
<kevr> if i could just enter my pass there, it would just save me time of transferring it over layer from my other machine
<kevr> also, i was curious if it actually worked
<kevr> s/layer/later/
<sarnold> ssh-copy-id and ssh-import-id tools may be useful
<kevr> it's not a question of how to import ssh keys onto a linux box
<kevr> i was more curious about the new feature than anything.
<dpb1> bladernr: if you think that is necessary, changes to the release notes are welcome.
<TheEagerPadawan> upgraded my ubuntu desktop from 17.10 to 18.04 and apperently i did something with the cryptsetup
<TheEagerPadawan> orginally i thought it had something to do with ubuntu being more font of qwerty then azerty which doesn't seem to be the case
<TheEagerPadawan> after some failled passwords i does drop my in intrafms (busybox)
<TheEagerPadawan> any thought on how i can straighten this problem out :s
<TheEagerPadawan> got a major major problem
<TheEagerPadawan>  
<TheEagerPadawan> so updated my ubuntu desktop 17.10 to 18.04 LTS yesterday.
<TheEagerPadawan>  
<TheEagerPadawan> Apperently it broke cryptsetupafter booting up as usually it asks me for the password to unlik sda3_crypt
<TheEagerPadawan>  
<TheEagerPadawan> when i provide it return the eroor cryptsetup(sda3_crypt): cryptsetup failed, bad password or optionscheck the error messages by pressing esc i get the following:
<TheEagerPadawan>  
<TheEagerPadawan> WARNING: Failed to connect to lvmetad. Failling back to device scanning
<TheEagerPadawan>  
<TheEagerPadawan> volume group "ubuntu-vg" not found
<TheEagerPadawan>  
<blackflow> TheEagerPadawan: do you have a bionic live cd/usb? did you try to manually unlock the luks container?
<TheEagerPadawan> i do not have a live cd atm, very limited in regards to compute power atm
<TheEagerPadawan> how would i go about unlocking the luck container?
<TheEagerPadawan> luks*
<blackflow> TheEagerPadawan: by using cryptsetup directly from the live env
<TheEagerPadawan> ok let me rephrase it, i'm quite unfamiliar with the cryptsetup
<blackflow> cryptsetup luksOpen /dev/sda3 sda3_crypt
<blackflow> that creates the /dev/mapper/sda3_crypt block device which you can mount or run lvm scan on, don't know what your setup is
<blackflow> in short, that mapper device is the unlocked, plaintext sda3
<TheEagerPadawan> let's discuss further in DM
<TheEagerPadawan> ok let me try to get back into a limited shell
<SSMAdmin> Hi all.  Remote Desktop (VNC) related:  May I be misunderstanding how VNC works?  I had the impression I should be able to remote control server user A's desktop, while someone else is logged in to the server as user B.  I can not get this functionality, so I wonder if I misunderstand the use of VNC?  It works if I first (physically at the server) log in as user A, then remote connect as user A, but that is not what I wanted.
<tomreyn> remote controlling linux servers is done using ssh.
<SSMAdmin> tomreyn, this is a Home Theater PC server
<nucc1> Hi, how do i configure a static IP on ubuntu server?
<TheEagerPadawan> blackflow ait lets see what this does
<SSMAdmin> tomreyn, I am aware "server admins" prefer to work in ssh consol to "control the server", but I am asking what is possible to achieve.  If VNC can not be set up to achieve what I want, how else can I achieve it?
<pedrojbm> hello ^^
<nucc1> https://paste.ubuntu.com/p/Q9ncdSMJvQ/ i've got that netplan yaml file
<nucc1> when i apply it, i doon't see any gateway and i can't reach the internet.
<TheEagerPadawan> blackflow: is returns the message no key available with this passprashe
<blackflow> TheEagerPadawan: and you're sure it's not keymap error? if you type the passphrase on the command line, it's exactly as it should be?
<TheEagerPadawan> on the limited cli that i'm currenty in (initramfs) yes
<TheEagerPadawan> also found this - but i don't really understand it
<TheEagerPadawan> https://bugs.launchpad.net/cryptsetup/+bug/1767527
<ubottu> Launchpad bug 1767527 in cryptsetup (Ubuntu) "[18.04] Installation boot failure. WARNING: invalid line in /etc/crypttab" [Critical,In progress]
<TheEagerPadawan> brb
<TheEagerPadawan> so it seems like some dev f'd up :s
<blackflow> TheEagerPadawan: I can't see that bug right now, I have an issue with my ubuntu box atm... but crypttab is irrelevant when you use cryptsetup directly, that's for initramfs and related tools.
<pedrojbm> I am trying to install ubuntu server into HP Gen8 with 2 drives in raid 1 (hardware) but I see 2 drives in installation.
<blackflow> TheEagerPadawan: I'm assuming the encryption was set up by the installer?
<TheEagerPadawan> well the encryption was setup on 17.04 ofc
<TheEagerPadawan> eg an earlier version of ubuntu
<TheEagerPadawan> any further thoughts?
<SSMAdmin> How can I achieve similar Virtual Mode VNC functionality as described here: https://www.realvnc.com/en/connect/docs/server-modes.html without signing up for their Entreprise Subscription.
<TheEagerPadawan> blackflow: any further thoughts?
<Neo4> how to ban user if he send many mails?
<nucc1> how does one execute a script in response to network events? it seems like you can no longer use /etc/network/if-pre-up.d/ for example
<blackflow> Alright, so moving the discussion from -hardened.... the end result of flipping a single sysctl and adding a few lines to /etc/modules is a total meltdown of gnome, even after upgrade to 18.04, which required complete reinstallation of the system.
<blackflow> This is Ubuntu in 2018.
<JanC> GNOME isn't exactly a server thing...
<JanC> SSMAdmin: VNC itself allows what you want, but your VNC server might not (or might be configured to not allow it or something); try to look at the logs on the server side to see why it doesn't work...
<RoyK> SSMAdmin: not using realvnc is a good start - x11vnc has some of what you want - nomachine my have the rest
<RoyK> nomachine isn't really OSS, though
<RoyK> SSMAdmin: looks like x11vnc should be able to do it
<SSMAdmin> JanC, my VNC server is only what is buildt in Ubuntu 18.04, I activated "Sharing - Screen Sharing" in desktop tools area.  So there is no errors, just limited functionality..i guess
<SSMAdmin> RoyK, thank you. Do you know a guide how to set it up?
<compdoc> have they continued to develope vnc? I got so tired of the clipboard sharing between client/host not working well, I left vnc long ago
<RoyK> SSMAdmin: try googling it - there are modes of "shared" and "once" and so on set on the commandline - I haven't tried to setup things the way you want
<SSMAdmin> I wonder if it may be better to set up https://wiki.x2go.org/doku.php/doc:newtox2go
<tomreyn> x2go is open source, nomachine nx is not. functionality is similar.
<SSMAdmin> Here is a x2go setup guide for Debian 8, can anyone see anything here that would have to be changed for working in Ubuntu 18.04? https://www.digitalocean.com/community/tutorials/how-to-set-up-a-remote-desktop-with-x2go-on-debian-8
<RoyK> SSMAdmin: *reading*
<RoyK> SSMAdmin: looks good
<SSMAdmin> RoyK, I wonder about this part: "Install and configure a complete desktop environment that's similar to what you would get with Debian XFCE from a bootable DVD on your local PC:
<SSMAdmin> sudo apt-get install task-xfce-desktop"
<SSMAdmin> Is that installing a Debian desktop on my Ubuntu server, will that go well?
<RoyK> probably the same thing
<RoyK> but AFAICS you can disable the autostart of the x server on your machine
<samba35>  can some one please correct my understanding , if i use kni (kernel mode drivers)  then i dont require phyiscal hardware right ?
 * RoyK has no idea about kni
<SSMAdmin> RoyK, ok...but why would I disable the autostart?
<RoyK> well, if you don't want a graphical console on your serverâ¦
<RoyK> I don't like that
<RoyK> meaning - I generally don't use a gui on a server - text suffices
<samba35> kernel native interface i mean
<SSMAdmin> RoyK, I know too little about these things to know what you are talkning about.  I just want to be able to remote connect to user A desktop environment, while user B is watching netflix on his/her desktop displayed on our livingroms TV screen
<RoyK> SSMAdmin: yes, and AFAICS that shouldn't necessitatea x11 server running on the server
<RoyK> - Unlike VNC, X2Go sets up the environment when you log in, so you don't need to leave an X server running all the time. Plus, your session continues running even after you disconnect, which means that when you reconnect you'll find everything as you left it, just like on a local desktop.
<RoyK> from the link you posted
<SSMAdmin> RoyK, I already have ubuntu-desktop installed on the 18.04 server, so my familiy can watch films and browse the net.  While my family is doing whatever they want to do with the machine in the living room, I would like to be albe to sit in my computer room remote controlling my server login with a full desktop enviroment
<RoyK> obviously meaning you'll need quite a bit of RAM if you want a lot of users
<RoyK> looks so, yes
<RoyK> I've only read what you posted, though - haven't used this myself
<compdoc> SSMAdmin, the default gnome desktop is installed?
<SSMAdmin> I have only two users.  My family watching video or browsing the internet in front of the servers TV screen, and med connecting and doing work in the background from remote controlled connection.  Thats my plan, anyway
<SSMAdmin> compdoc, yes
<SSMAdmin> compdoc, apt install ubuntu-desktop
<RoyK> SSMAdmin: how much memory does the server have?
<SSMAdmin> 4G
<compdoc> Ive tried that, and x2go would only allow me to connect to the console desktop. I have to use the Mate desktop to allow multiple logins
<RoyK> SSMAdmin: make sure you have some swap, then, preferably on an ssd, since gnome is rather on the heavy side
<RoyK> or get more memory
<SSMAdmin> compdoc, ok, so I have to uninstall ubuntu-desktop and install the Mate one?
<compdoc> I used to install Server and then the mate desktop, but now with 18.04, I just install the minimal version of Ubuntu Mate
<compdoc> last time I looked, the ppas to install Mate are not ready yet
<SSMAdmin> compdoc, what minimal version?  Is it a minimal server version with mate desktop in it?
<compdoc> but there might still be a way to install it. your have to search it
<compdoc> ubuntu server and ubuntu desktop are the same thing now. one just has a gui
<SSMAdmin> RoyK, I think I have some 4 - 8 G swap on a ssd, so that may be enough?
<compdoc> I use minimal installs becuase i dont use bluetooth and allthe other crap
<SSMAdmin> compdoc, thanks, good to know, then I can save me all the hazzle of installing the server, and installing desktop on top of it :-)
<compdoc> yeah, its nice
<tomreyn> !info ubuntu-mate-cloudtop
<ubottu> Package ubuntu-mate-cloudtop does not exist in artful
<tomreyn> !info ubuntu-mate-cloudtop xenial
<ubottu> ubuntu-mate-cloudtop (source: ubuntu-mate-meta): Ubuntu MATE - reduced desktop for terminal server deployment. In component universe, is optional. Version 1.154.1 (xenial), package size 3 kB, installed size 16 kB
<compdoc> but basically, you just need a 2d desktop. doesnt have to be mate
<SSMAdmin> compdoc, sorry but I dont understand this minimal install yet.  Is it some option during installation, or is it a separat iso image?
<compdoc> yes, option when installing the 18.04 desktop
<compdoc> I mean the desktop install dvd
<SSMAdmin> understand now, thank you
<SSMAdmin> hmm, installing the ubuntu-mate-cloudtop...what about my family sitting in front of the server itself in the livingroom, can they log in as ususal as if they are logging in to standard desktop environment?
<compdoc> they need the x2go client
<SSMAdmin> so they need a client machine, that defeats the purpose of doing this in the first place
<compdoc> you mean they log into the console?
<compdoc> thats works as normal
<SSMAdmin> Why should it be so damn complicated?  Currently my family log in to watch tv (or whatever), while I am able to ssh into my user on the server.  It should be just as easy to serve me my own graphical desktop
<compdoc> thats exactly what will happen
<SSMAdmin> they log into the desktop, start their internet browser, watch netflix or whatever
<compdoc> you need the x2go client, then
<SSMAdmin> I will need it, I can use whatever I have to use in order to remote connect to MY user environment, but my family should not need an extra client machine just to log into the server sitting right in front of them under the TV
<compdoc> they dont. i misunderstood what you were saying
<compdoc> only the remote viewer needs it
<SSMAdmin> compdoc, ok, then I am the one misunderstanding :-)
<SSMAdmin> Ok then, is it an easy way to just remove ubuntu-desktop and install mate?
<SSMAdmin> Or...*scratching my head*...do my family need ubuntu-desktop, while I am using mate?  Sorry for all these stupid questions, but I am trying to learn
<Guest69> Hi! Is it possible to install the new Ubuntu 18 LTS without any network?
<Guest69> I can't get past the network part on the install
<JanC> SSMAdmin: I think GNOME uses its own internal VNC server
<JanC> it's called "vino"
<SSMAdmin> JanC, ok...and this one has limitations, or could it be easy to configuring it to allow what I want to do?
<JanC> I'm not sure
<JanC> but looking at documentation for the correct VNC servers (so vino, not realvnc or such) might be useful
<SSMAdmin> Anyway, you guys have helped me enough, I need to start testing some of your suggestions instead of going talk-circles with myself dragging you all with me
<JanC> maybe the VNC client matters too
<SSMAdmin> I try installing a mate server on a virtualmachine, and then x2go on top of that, then I see what happens
<TheEagerPadawan> how does one decrypt a private desktop on ubuntu 18.04 , ecryptfs-recover-private doesn't seem to be available
<blackflow> TheEagerPadawan: you left before I came back, I noticed one thing with upgrade to 18.04, the locale changed.
<JanC> TheEagerPadawan: it's in 'ecryptfs-utils'
<blackflow> I had to switch usage of Z and Y in the passphrase
<blackflow> s/locale/keymap
<TheEagerPadawan> JanC: there is no install candidate for that in on my linux live cd
<TheEagerPadawan> blackflow: ok and how do i approach that , from the live cd or from the initramfs
<blackflow> TheEagerPadawan: on the passphrase prompt. Do you have Z or Y in the passphrase? swap them when typing it.
<TheEagerPadawan> i do not have a z or y
<JanC> TheEagerPadawan: do you have universe enabled?
<blackflow> TheEagerPadawan: otherwise, I've had a total meltdown of 17.10 which upgrade to 18.04 did not fix, so I'm nuking everything and reinstalling another OS, so I can't be of any more help there.
<TheEagerPadawan> what do you mean with universe
<JanC> universe repositories
<TheEagerPadawan> need to check will try blackflow approach first
<TheEagerPadawan> yeah ubuntu is going to get a ton of flack for this
<JanC> for what?
<TheEagerPadawan> ok here comes a long story
<JanC> ecryptfs-utils is still installed for me after upgrade...
<TheEagerPadawan> so i updated my ubuntu 17.10 to 18.04 yesterday , apperently it broke cryptsetup after booting up as usually it asks me for the password to unlik sda3_crypt
<TheEagerPadawan> unlock *
<TheEagerPadawan> when i provide it return the follow error: cryptsetup(sda3_crypt): cryptsetup failed, bad password or optionscheck the error messages by pressing esc i get the following:
<TheEagerPadawan> WARNING: Failed to connect to lvmetad. Failling back to device scanning
<JanC> seems like you were missing lvm2 or something like that?
<TheEagerPadawan> volume group "ubuntu-vg" not found
<TheEagerPadawan> cannot process volume group ubuntu-vgAfter a few failed logins i get dropped in a shell though any thought on how to defuck this
<blackflow> note that lvm and no vg found is the consequence of the LUKS container not unlocking (the pv that contains the vg)
<TheEagerPadawan> found this https://bugs.launchpad.net/cryptsetup/+bug/1767527could
<ubottu> Launchpad bug 1767527 in cryptsetup (Ubuntu) "[18.04] Installation boot failure. WARNING: invalid line in /etc/crypttab" [Critical,In progress]
<blackflow> so you basically have one problem there: inability to unlock the LUKS container with the same passphrase
<TheEagerPadawan> create a live live linux usb disk, managed to unlock the partition itself by providing the password as usual
<TheEagerPadawan> however the home folder it self is also encrypted , ...
<blackflow> TheEagerPadawan: I'd really advise trying to boot form a rescue/installation USB/liveCD/env thingy, and try cryptsetup manually.
<TheEagerPadawan> so wooo ...
<blackflow> TheEagerPadawan: that way you can verify if the upgrade borked the LUKS headers. if it did, say g'bye to it, unless you backed it up.
<JanC> well, he just said he could unlock it...
<TheEagerPadawan> seriously if i find the person responsible for this mess, terrible things
<blackflow> JanC: could or couldn't?
<TheEagerPadawan> the partition is unlockable via liveusb
<TheEagerPadawan> need to figure out how to get access to my encrypted homefolder though
<blackflow> ah, k.
<JanC> blackflow: you can read what he said yourself, right?
<TheEagerPadawan> well kinda spamming in frustration so ...
<blackflow> JanC: I was going on a previous convo with TheEagerPadawan, I guess I missed the new info.
<blackflow> TheEagerPadawan: in which case, back up, nuke & pave.
<TheEagerPadawan> well yeah that is the idea
<TheEagerPadawan> but i need to be able to unlock my home folder :s
<JanC> maybe check if '/sbin/lvmetad' is installed on the upgraded system?
<blackflow> TheEagerPadawan: you had /home encrypted atop of LUKS?
<JanC> TheEagerPadawan: like I said, add universe repo, install ecryptfs-utils
<TheEagerPadawan> just a sec
<TheEagerPadawan> well i should really give it to the linux audit team
<TheEagerPadawan> here have fun with this xD
<TheEagerPadawan> so back into the linux live cd - 511GB encrypted harddisk
<TheEagerPadawan> double click - provide password - decrypts and mounts to  /dev/dm-1
<TheEagerPadawan> now what :)
<TheEagerPadawan> and yes blackflow home folder was encrypted as well as the partition it self
<TheEagerPadawan> ok now how do i add this universe repo
<blackflow> sure it's not already enabled? see in /etc/apt/sources.list orwhatsthepath
<JanC> the GUI has an option for that, right?
<TheEagerPadawan> got bionic main restricted, bionic security main restricted and bionic-updates main restricted
<blackflow> "GUI isn't exactly a server thing...."
<JanC> he's on a live USB
<TheEagerPadawan> don't care it's a desktop but i come here for the more hardcore question
<blackflow> TheEagerPadawan: add 'universe' for example after 'main', run apt update
<JanC> so then ad 'universe' after 'main' & 'restricted'
<JanC> add*
<JanC> (only add it once)
<JanC> (once on the same line, I mean)
<RoyK> SSMAdmin: any luck with x2go?
<TheEagerPadawan> well this is not promising
<SSMAdmin> compdoc, earlier you said "ubuntu server and ubuntu desktop are the same thing now. one just has a gui".  Maybe I am wrong, but I have the impresson that is not the case.  One difference between the two, is that the server during installaton ask where to install the GRUB loader, while the desktop version just assume it should be installed at /sda1 or something like that.  That actually happened to me, and sda1 was actually
<SSMAdmin> another storage harddrive, I had to do the installation all over again after first physically disconnecting all extra harddrives.  Of course it could have been some error on my part, but if not..then there is difference between server and desktop
<TheEagerPadawan> https://ibb.co/jG4a17
<SSMAdmin> RoyK, I have not started yet, had to download desktop iso
<RoyK> ok
<SSMAdmin> family and children running around too
<blackflow> SSMAdmin: no, the desktop installer also asks where to install grub
<SSMAdmin> blackflow, ok, then there must have been an error on my part, sorry about that
<blackflow> TheEagerPadawan: try giviing the path to the home dir
<TheEagerPadawan> well i don't have the mountphrase which is a tad of an issue
<blackflow> SSMAdmin: the difference between server and desktop is in the (meta)packages installed, that's pretty much it. there's ubuntu-minimal, ubuntu-server, ubuntu-desktop, that pull in adequate packages. also the new netplan.io NIH thingy is using different backends for network config, systemd-networkd on servers or NetworkManager on desktops.
<blackflow> TheEagerPadawan: well you unlocked the LUKS container right?
<TheEagerPadawan> yes
<blackflow> did you mount the filesystems on it?
<TheEagerPadawan> yes
<blackflow> so you'd have the path to the .../home/ in it, right?
<SSMAdmin> I just tried installing ubuntu desktop 18.04, I saw no option to choose MATE, where do I make that choice?
<TheEagerPadawan> yeah, which contains the private desktop that we are are recovoring
<TheEagerPadawan> install mate-desktop ssmadmin or download it from ubuntu mate directly
<JanC> ecryptfs encrypted home uses your login password
<blackflow> TheEagerPadawan: right, so can you give that path to ecryptfs-recover-private thing?
<blackflow> I never used that tool, but am looking at the manpage of it, suggests you can give it the path
<JanC> which it needs to decrypt the key
<TheEagerPadawan> yeah but i asks for the mount passphrase
<SSMAdmin> TheEagerPadawan, ok, then I have to install ubuntu server, and then apt install mate-desktop?  I thought it would be a choice to make during install of the desktop iso version
<JanC> the key should be somewhere in your home
<blackflow> ...... the encrypted home? :)  or liveusb home?
<TheEagerPadawan> well which is fricking encrypted
<JanC> the key is encrypted with your login password
<blackflow> SSMAdmin: why not use UbuntuMATE official isos?
<JanC> it's somewhere in a hidden directory IIRC
<JanC> probably ~/.ecryptfs/Private.sig
<JanC> (not on the USB, of course, your old home!)
<JanC> or somewhere in that directory
<TheEagerPadawan> well i can't access that
<JanC> eh?
<TheEagerPadawan> since it is encrypted ain it :p
<JanC> ecryptf is a stacked filesystem
<JanC> so you should be able to access it
<TheEagerPadawan> could you be a bit more precise i'm working from an live usb
<JanC> (there might be permission issues, I guess)
<TheEagerPadawan> managed to decrypt the harddisk
<TheEagerPadawan> or partition rather
<TheEagerPadawan> still have a strugle with the desktop
<JanC> eh?
<TheEagerPadawan> LUKS decrypted, home dir not
<SSMAdmin> blackflow, downloading now, I was not aware until now that there is official mate iso :-)
<blackflow> TheEagerPadawan: I think what JanC is suggesting, is that you look into /path/to/mounted/LUKS/partition's/home/
<JanC> and your username under that
<JanC> and then .ecryptfs/
<JanC> I _think_ that's where it stores the encryption key
<TheEagerPadawan> home   .ecryptfs   name
<TheEagerPadawan> welp those directory have a 1000 permission
<TheEagerPadawan> can i savely chmod themN
<JanC> do you want to fix it or just save data?
<TheEagerPadawan> save data at this point
<TheEagerPadawan> aready frustrated enough
<JanC> then I guess chown could be okay, I guess (but for some files, especially configuration files, chmod may break things; e.g. when you want to save ssh keys or such)
<blackflow> consider that frustration as a valuable lesson never to upgrade stuff without having a working backup :)
<JanC> if it's just documents & such, it doesn't really matter how you get access to them, I guess...
<TheEagerPadawan> true and it always get the one time you forget to do so ^^
<TheEagerPadawan> well going to grab so food first
<TheEagerPadawan> then have another crack at it
<JanC> (you could also work as root to be preserve user/permissions & such with the right commands)
<TheEagerPadawan> well feel free to provide them
<JanC> cp can do that with the -p option
<JanC> or rsync
<JanC> or cp --preserve=... (see manpage)
<TheEagerPadawan> well before i do i need to figure out how to unlock the private directory
<TheEagerPadawan> private desktop *
<TheEagerPadawan> or how to defuck the crypto during boot
<SSMAdmin> In this guide UbuntuMATE is mentioned as an alternativ, does this mean in MATE I do not need to install XFCE? https://www.digitalocean.com/community/tutorials/how-to-set-up-a-remote-desktop-with-x2go-on-debian-8
<SSMAdmin> (remember I am not a tech guy)
<TheEagerPadawan> xfce and mate are two different desktop environments
<SSMAdmin> I have installed UbuntuMATE, now trying next step - installing and configuring x2go
<SSMAdmin> TheEagerPadawan, ok, thank you
<SSMAdmin> In MATE, above guide says I need "compositing disabled".  What is compositing, and where do I disable it?
<SSMAdmin> OK, I think I understand, compositing is related to a video card.  So when testing MATE in a virtualbox virtualmachine, I should disable compositing, while installing it on my Home Theather box with a graphic card I should leave compositing enabled?
<TheEagerPadawan> JanC and blackflow ... any further suggestions ?
<blackflow> TheEagerPadawan: nope, sorry. I never worked with ecryptfs. as for the luks issue.... the whole cryptsetup + systemd thing is pretty much broken, issues already filed. I run my own initramfs.
<TheEagerPadawan> well have a ticket is all fine and all: https://bugs.launchpad.net/cryptsetup/+bug/1767527
<ubottu> Launchpad bug 1767527 in cryptsetup (Ubuntu) "[18.04] Installation boot failure. WARNING: invalid line in /etc/crypttab" [Critical,In progress]
<TheEagerPadawan> an actually solution is something else ofcourse
<JanC> if that is your issue, it's easy to fix?
<TheEagerPadawan> well be my guest ....
<TheEagerPadawan> honestly i have no clue anymore been fighting this mess since early this morning ...
<SSMAdmin> AMAZING stuff.  Installed UbuntuMATE, then x2go server, then x2go client on a client machine.  Everything works as I wanted.  Thanks everyone who has helped: tomreyn JanC RoyK compdoc blackflow TheEagerPadawan :-)
<TheEagerPadawan> well that is one problem solved
<blackflow> TheEagerPadawan: you and I bud. and all I wanted was to block module loading after boot. if only I knew that I'd have to nuke and pave the entire system because of that..... I would have gone out biking, the day was splendid.
<SSMAdmin> TheEagerPadawan, yes, I have another challenge.  If I reinstall the server using UbuntuMate instead of UbuntuServer, what will happen to my currently installed software Raid1?
<TheEagerPadawan> well i would have studied for OSCP
<TheEagerPadawan> but well thanks to a certain ubuntu dev
<blackflow> TheEagerPadawan: I don't think it's anyone specific. The whole project quality is.... well...   :)
<blackflow> I mean just look at netplan. textbook NIH, solution in search of a problem.
<TheEagerPadawan> well i expected more of ubuntu to be honest, i mean it one of the biggest names in the linux world
<RoyK> SSMAdmin: nice - guess I'll gotta try that one day :)
<SSMAdmin> RoyK, I actually only used two small parts of the digitalocean x2go guide, that was apt install server and apt install client, MATE seems to be ready for this stuff
<SSMAdmin> Guys, in my currently installed Ubuntu Server 18.04..could I just uninstall/remove ubuntu-desktop and install MATE gui?
<TheEagerPadawan> are you working in a vm :)
<SSMAdmin> TheEagerPadawan, for testing UbuntuMATE yes, but my real server is not a vm, its a physical computer sitting under the TV in the family livingroom :-)
<JanC> SSMAdmin: first install 'ubuntu-mate-desktop', then switch to it, then remove 'ubuntu-desktop' & whatever you don't need
<SSMAdmin> JanC, ok, how to I switch to ubuntu-mate-desktop?
<TheEagerPadawan> JanC any further thoughts on my issue(s)?
<JanC> SSMAdmin: you should be able to switch on the login screen, I think
<TheEagerPadawan> if you logout, you can switch desktop environment (there should be a cog) - SSMAdmin
<SSMAdmin> Ok, thought I could do it easily in the ssh terminal
<TheEagerPadawan> ssh ain't a gui mate
<tomreyn> the cog shows up once you chose / entered the user name to login as, below the password field.
<SSMAdmin> I know ssh is not a gui :-)
<SSMAdmin> I just want to replace one desktop environment with another, I dont need both of them
<JanC> I'm sure you can change the default somehow; see the gdm manual (or that for whatever DM you are using)
<TheEagerPadawan> still trying to resolve this whole crypto missery
<JanC> maybe the ecryptfs thing works better when you work as uid 1000 ?
<TheEagerPadawan> how?
<tomreyn> sudo -u 1000 -i
<TheEagerPadawan> unable to initialize policy plugin
<SSMAdmin> Anyone know what is the difference between 'apt install ubuntu-mate-desktop' and 'tasksel install ubuntu-mate-desktop'?
<tomreyn> run this: tasksel --test install ubuntu-mate-desktop
<tomreyn> ...and you shall know the differences
<TheEagerPadawan> still having the same crypto issues ......... sigh
<SSMAdmin> Oh boy!  I have initiated apt install ubuntu-mate-desktop on my live server, and are now presented with a question about choosing between 'gdm3' and 'lightdm'.  I have no idea what this is, what should I choose?
<SSMAdmin> Beforehand I have ubuntu-desktop installed
<JanC> they are both "display managers" (they implement the graphical login screen & such)
<JanC> gnome-shell needs gdm3, but MATE should work just fine with lightdm (and ubuntu mate uses the latter by default IIRC)
<SSMAdmin> JanC, chose lightdm, crossing fingers and toes
<TheEagerPadawan> still fighting the same issue(s) i had this morning
<TheEagerPadawan> help is welcome ofcourse
<SSMAdmin> JanC, the lightdm vs gdm3 dialog box was about choosing a default display manager.  Is it possible to configure it so that the user can choose at log in screen what display manager to use?  Or if I misunderstand this, I want my family to be able to continue using Unity, while I use MATE from remote x2go connection.  How can I achieve this?
<JanC> SSMAdmin: you can choose a desktop environment at the login screen
<SSMAdmin> I figured it out, cool :-)
<TheEagerPadawan> still running into the sameproblem peeps
<compdoc> too eager are you, padawan
<Tempadoros> Hello everyone. I just tried upgrading an 16.04 server to 18.04 server and I'm trying to get the samba dc back up and running. I'm getting a weird error on krb services though. "Cannot open DB2 database '/etc/krb5kdc/principal': No such file or directory"
<Tempadoros> That file doesn't exist on my backup either, so I wonder why it's looking for it? I'd appreciate any help
<TheEagerPadawan> eager to solve this mess yes
<JanC> Tempadoros: maybe also try asking in #samba (also note that in general LTS upgrades aren't recommended before the .1 version is out)
<Tempadoros> JanC: It's a test no worries. Thanks, I'll try there after I look around a bit more.
<TheEagerPadawan> i stop trying for today *sigh*
<Tempadoros> Of course it was because of systemd as usual. If anyone else has the same issue, systemd-resolved was grabbing udp 53 so samba dns was dead
<JanC> that's not a systemd issue per sÃ©
<JanC> you should file a bug report, because that seems like something not only you would run into
<JanC> and it would probably apply to other services which want to use UDP 53
<Tempadoros> Well it's AD, I should have checked if DNS was up before anything else. Still I probably will.
<JanC> Tempadoros: when upgrading it probably shouldn't add an extra DNS server though...
<compdoc> just now installed samba on my new 18.04 server, and works great with my netplan .yaml
<JanC> compdoc: in full AD mode incl. DNS or just the file sharing?
<compdoc> ooops, youre right. just file sharing. my bad
<compdoc> do you people know of a good site that explains setting up AD? I know someone that could use it
<Tempadoros> Well, the samba wiki is good
<SSMAdmin> Crazy idea:  On x2go server machine run a group meeting in meet.jit.si or appear.in, and having my own video camera running on my x2go client computer.  Is that possible?
<SSMAdmin> stupid idea, I found another way to do it :-)
<teward> just a note to server team members: There's going to be an additional packaging delta added to nginx in C-cycle, because third party module compatibility is "more limited" in the current build - it needs an option called "--with-compat" enabled to allow third parties to add their own modules, either as packages or as one-offs outside the packaging, and it's recommended to have it enabled (by nginx)
<teward> but neither we nor Debian do.
<teward> if there's any objections to that let me know.
<teward> I'm going to have to check with the SRU team to see if we can apply that in 18.04 via -updates, it doesn't add any real features or functional chagnes, but might be outside the scope of a standard SRU...
<rbasak> teward: thanks. Is there any downside to --with-compat? Why isn't it enabled by upstream by default?
<JanC> well, if it allows external modules then it does add a very real feature, right?  :)
<teward> rbasak: it *is* enabled upstream
<teward> JanC: you can build them currently, but you need to do a complete recompile along with the existing package, which already ships dynamic modules
<teward> rbasak: upstream nginx.org enables it.  Debian nginx doesn't enable it.
<teward> upstream nginx.org actually recommends enabling it from a packager's perspective
<teward> I probed Debian for their reasoning in Debian Bug 897926 (https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=897926)
<ubottu> Debian bug 897926 in src:nginx "Enable --with-compat configure argument" [Wishlist,Open]
<teward> and i haven't had a reply yet.
<rbasak> teward: I'm asking why the configure script requires --with-compat rather than just defaulting to it.
<JanC> teward: you mean you need to do a complete recompile of nginx for every 3rd party module you build?
<teward> JanC: without the with-compat, then yes.
<JanC> ugh
<teward> and it has to be compiled alongside the existing packaging.  Which is why with-compat was introduced
<teward> JanC: so beyond the existing dynamic modules of which some third-party ones are in Universe as part of the nginx source package, it prohibits others from adding external third-party dynamic modules without first adding to the packaging
<teward> which defeats the purpose of the dynamic modules :P
<teward> rbasak: the correct answer to your statement is "Undefined"
<JanC> still sounds like a feature then, even if not for end users  :)
<teward> I have a separate off-list inquiry to the NGINX upstream contacts.
<teward> JanC: which is why I said it'll be added in C-cyle
<JanC> or not for most end users at least
<teward> i haven't finished the internal debate for SRU justification
<rbasak> teward: if there is a reason, I think we should know what it is before enabling it
<rbasak> teward: if there's no reason, then they should just make it default upstream
<rbasak> Right now it feels rather like ./configure --make-better
<rbasak> Seems superfluous :)
<teward> rbasak: well, considering I have 6 pending inquiries for this on my direct email alone
<JanC> ./configure --fixme
<teward> and that's just from this week
<teward> it begs consideration
<teward> rbasak: i think http://mailman.nginx.org/pipermail/nginx-devel/2016-October/008920.html is relevant
<teward> since this is really explaining what goes on behind the scenes
<teward> and I think it explains what dynamic modules *require*
<teward> so the package changes done by Debian to make 'dynamic modules' doesn't really make dynamic modules
<JanC> teward: does the module ABI change on security fices or bug fixes?
#ubuntu-server 2018-05-06
<JanC> if the ABI stays the same then that would make security updates smaller/easier too, which would also be a benefit?
<teward> JanC: never got a clear answer on that from NGINX devs.  I've gotten mixed answers, but nothing clear.  I'm sending a complete list with these inquiries from you and rbasak to the nginx-devel list shortly
<JanC> if it often changes, then you would suddenly have multiple source packages to build & test
<teward> ... assuming my computer gets off its lazy processor state and decides to speed up.
<JanC> (assuming the 3rd party modules would become separate packages then)
<teward> JanC: that's been a consideration point back in Xenial
<teward> since the likelihood of that happening is near nil currently, because it'd require the nginx source to be rebuilt by every such source package, that consideration was shelved.
<teward> both here and in Debian
<teward> it's also what delayed getting the dynamic module support enabled and forced it to be enabled in 16.10
<teward> ... that and Debian didn't give us much choice in that matter, deciding to enable it themselves.
<teward> rbasak: JanC: once I get the answers, I'll let you know what they say.  Ultimately, though, if Debian accepts debian bug 897926 and its proposal, it'd get included in the next merge.
<ubottu> Debian bug 897926 in src:nginx "Enable --with-compat configure argument" [Wishlist,Open] http://bugs.debian.org/897926
<teward> mother...okay, so NGINX set up strict "envelope sender" and "From" enforcement that they need to match.  (I hate MTAs configured that way...)
<teward> let me finish setting up my mail server for my other domain so I can use that to submit the inquiry.  Since apparently @ubuntu.com as an 'alias' for "From" is stupid
<teward> *grumbles angrily at stupid configuraiton setups for mail servers*
<JanC> you can use Sender: with a proper address in some such setups
<teward> JanC: true...
<teward> ... except SPF would fail and Google won't let me set the Sender header in Thunderbird :P
<teward> s/would fail/would possibly fail/
<teward> it's odd how strict they are...
<teward> *shrugs*
<teward> it didn't have this issue until recently, so I guess I'll go complain to their customer relations team later.
<JanC> what I mean is that if Sender: is okay according to SPF, but From: isn't, they will accepted that too
<teward> aaaand 18.04, Postfix, and Dovecot don't want to work.
<teward> JanC: it's more the envelope outer field and the inner from field not matching
<teward> I"ve seen that issue before on overly-strict mail environs
<teward> and the mail gateways at work (we just add 0.5 to the spam score instead of outright refusing now, for spam determination instead; if the SPF matches and the DKIM matches if present then it invalidates that 0.5)
<JanC> right, but sometimes they are okay if either From: or Sender: matches with the envelope outer field  :)
<teward> right, I just can't set that with Google-routed mail
<teward> at least, not if I"m using TBird as the client.
<teward> sure, if I write it by hand in Python it'll work, but :p
<teward> at that point I may as well send it through my normal mailserver.
<JanC> you can't add arbitrary headers in TB?
<teward> ... which doesn't want to behave in 18.04 with the same 16.04 configs, and there's no errors.
<teward> JanC: not in *this* version of TBird, the addon I had to do that went AWOL.  16.04 TBird is... interesting.
<teward> *normally* I'd run this through a custom mail handler that then sends through Google, but I'm lazy and don't want to go and find that code in my backups right now.
<JanC> maybe try Evolution or something  ;)
<teward> JanC: oh you mean that thing that hasn't worked in eons, because Evolution didn't support Google's new auth system and therefore stopped being a viable mail client.
<teward> Unless they've done major Evolution version bumps and feature inclusion in Xenial without my knowing
<JanC> hm?
<teward> or without tsimonq2 knowing and he'd probably tell me :P
<JanC> I never heard anybody complain about that actually (certainly not in recent years)
<teward> JanC: well i'm painfully old school
<teward> and it won't matter once I up this system to 18.04 because yay new software.
<JanC> wasn't that with the gnome accounts thing?
<teward> remind me again, does Evolution ahve an exchange-compatible plugin since I also need to work with that for work email...
<JanC> IIRC GNOME accounts aren't particularly well-maintained, but IIRC it still works with Evolution's native support
<JanC> it has 2 Exchange plugins IIRC
<teward> JanC: more important, does it work with Exchange 2k8 through 2k13? because my workplace uses ancient obsolete exchange at the moment (reason: NEGLECT OF SYSTEMS AND STINGINESS WITH BUDGETS)
<teward> (that's changing in 2018 now...)
<teward> (this said, my *own* business's mail servers are Postfix+Dovecot+IMAP with some heavy duty filtering and auth requirements, so...)
<JanC> there is an #evolution channel on GIMPnet  :)
<JanC> I have no experience with the Exchange stuff
<JanC> but I see people who use it on the channel & mailing list from time to time
<JanC> it supports Exchange over EWS and over MAPI apparently
<JanC> teward: evolution EWS accounts supposedly work with Exchange 2k7 & later
<JanC> https://help.gnome.org/users/evolution/stable/exchange-connectors-overview.html.en
<teward> well good it'll work with the new exchange and replacement for Microsoft's ancient decrepit poor excuse for a WAF that was called Threat Management Gateway
<teward> as I said, obsolete systems due to neglect.
<JanC> seems like it mostly only supports features from 2k7 though
<JanC> plus a bit of 2k10 stuff
<teward> yeah there's not much between 2k10 and 2k16 beyond webui interface changes but meh.  As long as it supports, I'll investigate the switch when I finish upgrading this laptop to 18.04
<teward> in the interim, Thunderbird it is.
<JanC> :)
<teward> ... and more importantly and more urgently...
<JanC> to be fair, evolution is in universe in Ubuntu, so doesn't always get bug fixes & such...
<teward> *glares evilly at 18.04 Dovecot and grabs the laser sword to go hack away at its config further*
<JanC> maybe I'll wait until .1 before upgrading my server  :)
<JanC> will likely be a new install actually
<teward> probably wouldn't hurt, though the upgrades have given me headaches, so i'm doing 'new install, transfer old data over, nuke old server' really :p
<JanC> right, that's what I've done with my VPS in the past
<teward> ... and I'm having some fun with 18.04 myself on other non-critical servers too ;)
<JanC> although I usually test the new one before switching over  :)
<JanC> old one is still 14.04 actually
<teward> Most of my servers are pretty non-complex or are containerized 16.04
<JanC> so going to need some Dovecot/Postfix config changes I'm sure
<teward> straight DNS servers and an lxd host system :p
<teward> JanC: well what's odd is, there's not much difference in the guides for email on 18.04 compared to 16.04 since the major dovecot versions haven't changed much
<JanC> might do that for the new one too
<teward> so why it's failing with a bog-standard postfix/dovecot non-virtual user account delivery system is making me scratch my head
<teward> i'll dig into it later
<teward> for now, I think a drink is needed.  *goes to grab a cold one from the fridge*
<JanC> teward: like I said, I'll be coming from 14.04 with a config that dates back 15 years or so
<teward> heh
<teward> JanC: the only 14.04 server I have is a Mailborder mail gateway system because their software set isn't updated for 16.04 or newer yet
<teward> ... and a couple DNS servers but those are *real* easy to move over
<teward> since Bind hasn't changed that much :P
<JanC> unless you want to move them to other software  :)
<teward> they've got a 16.04 update coming out in the next quarter
<teward> ... and any other viable replacement would be outside my budget currently if I wanted feature parity
<teward> *shrugs*
<chamar> whaaa. 18.04 got a new installer. nice
<TheEagerPadawan> and still having the same issue(s) as earlier due to an upgrade of 17.10 to 18.04
<chamar> :/ First install of 18.04 server.. can't say much yet
<chamar> Trying out conjure-up ... don't expect much since I didn't had much success in the past.
<TheEagerPadawan> anyone an idea how to get around "volume group "ubuntu-vg" not found during the LUKS decrypt process
<Neo4> see this 5 errors, I'll correct them now
<Neo4> https://mxtoolbox.com/domain/mail.kselax.ru/
<Neo4> from what start?
<Neo4> DMARC - domain based massage authentication
<Neo4> reporting and conformance
<Neo4> who know how to check SPF record?
<Neo4> I've created one http://pix.toile-libre.org/?img=1525588936.png
<Neo4> what does it mean?
<Neo4> http://www.openspf.org/Why?show-form=1&identity=neo%40kselax.ru&ip-address=91.227.18.36&.submit=Submit
<Neo4> why rejected?
<TheEagerPadawan> still having the same issues as yesterday - posted the whole story here to not overly spam the channel - https://paste.ubuntu.com/p/4wwXmYmJ9t/
<Neo4> who know what is wrong with certificate?
<Neo4> https://mxtoolbox.com/domain/mail.kselax.ru/
<_KaszpiR_> Neo4 people already told you few days ago that's not gonna work
<blackflow> Neo4: what certificate?
<Neo4> blackflow: I've corrrected that, now works
<_KaszpiR_> and if you don't know how to fix DNS issues then don't even bother with setting up mail server, especially when your ip is on spamhaus blacklist
<blackflow> Neo4: you're still blacklisted tho'
<Neo4> there was error 'mismatch name of certificate' I did for two name one certificate and not all good
<blackflow> yeah, just due to that spamhaus bl, you'll have your mail rejected by most recipients.
<blackflow> ours certainly :)
<Neo4> blackflow: and black list nothing means, my mails deliver not like spam, Do you want I send you message for test?
<blackflow> Neo4: you can send it, it would be rejected. I configured our MTAs to query spamhaus and a few other lists.
<Neo4> blackflow: when we set SPF record google resolve mails like good
<_KaszpiR_> lol
<blackflow> Neo4: nah. SPF protects YOU, not the recipient.
<Neo4> blackflow: rejected wholly or will mark like spam?
<Neo4> blackflow: but google without SPF put all mails to spam
<Neo4> with not
<Neo4> who want I send him mail?
<Neo4> put your main here, I will send
<Neo4> now
<Neo4> :)
<blackflow> Neo4: thta depends on how the MTA is confiugred. cPanel/Exim ones will reject. Ours will drop it to Junk folder of the recipient.
<Neo4> _KaszpiR_: Do you think it won't work?
<Neo4> blackflow: because spam list? I think little MTA uses black lists
<Neo4> blackflow: enough spamassassin
<blackflow> Neo4: most MTAs use black lists
<blackflow> all cPanel/Exim and Plesk deployments do, and that's almost the entire shared hosting industry.
<Neo4> blackflow: gmail.com is the biggest and reliable MTA and it doesn't use, All other MTA should follow gmail.com...
<blackflow> yahoo/bing will drop you if you're on spamhaus. google has its own rules afaik.
<Neo4> blackflow: and there exists blackhows?
<blackflow> Neo4: funny thing about gmail, our MTAs are not blacklisted and have ALL the settings recommended by gmail (spf, dkim, dmarc, rdns, ....), and yet a good percentage of mail sent to @gmail.com still ends up in Junk.
<blackflow> gmail has its own rules.
<Neo4> ok
<Neo4> blackflow: do you think I have to pull my ip from blacklist?
<blackflow> recipients click "This is not spam" and its no longer going to Junk, for them.
<Neo4> _KaszpiR_: what do you mean DNS problem?
<blackflow> Neo4: yes, you do. especially spamhaus.
<blackflow> but that might either go smoothly, or not at all. then you'd have to change the IP.
<Neo4> _KaszpiR_: there all looks like nice
<Neo4> blackflow: ok, will see
<Neo4> but nice it works :)
<Neo4> only black left black lists
<Neo4> two errors
<Neo4> we won't count warnings, it's not important
<Neo4> I only have gmail.com
<Neo4> Who want I test his mail?
<blackflow> fix that dmarc problem
<Neo4> blackflow: I've already done it, It has dmarc record, and will verified during 1 - 2 days
<Neo4> left only blacklists
<Neo4> and create good documentation 'how set up mail server'
<Neo4> my set up is: postfix+dovecot+spamassassin+roundcobe+opendkim
<Neo4> there lack some app that will give ban users who send spam automatically
<Neo4> I will seek it
<Neo4> then will open 'close relay'
<Neo4> pulbic mail server site, where any users will able to register and get mail
<Neo4> :)
<blackflow> for free?
<Neo4> blackflow: yes
<blackflow> good to know. adding your server to our internal blacklists :)
<Neo4> blackflow: ok, here much work, I don't know how customize folders inside and how to use quotes. I might not be do this
<blackflow> running an MTA these days requires  alot of knowledge and experience.
<blackflow> if I were you, (and I kinda was 10+ years ago when I started running own MTA), I'd start with a personal mail server, keep that going for a year or so, learning and understanding all aspects of it.
<Neo4> blackflow: does it means I have a lot of knowledge? I managed to set up whole mail server? :)
<Neo4> It means I have a lot of knowledge ))))
<blackflow> because... with lack of knowledge and experience, you'll be overrun with spam and thus blocked by everyone.
<Neo4> there much to learn, I won't do it, for me enough postfix + SPF record, and might DkIM
<blackflow> Neo4: setting up by reading a tutorial does not constitute having knowledge and experience. For starters, you'll have to learn how to train SpamAssassin for quality spam detection.
<Neo4> blackflow: I think it's not important, more important how to restrict postfix send spam, incoming messages are not dangerous
<Neo4> blackflow: this is main
<blackflow> you think you have a lot of knowledge? I'm pretty sure you have no idea how to set up SA learning via bayes. or running a  feedback look between post-queue SA and a pre-queue Postfix policyd
<blackflow> *feedback loop
<Neo4> blackflow: I don't know what that means, no, not a lot
<blackflow> yes, spamassassin does both ways. see, you've still got a lot to learn ;)
<Neo4> I won't learn mail server further
<Neo4> blackflow: yes, quotas, others
<Neo4> blackflow: I consider this all isn't important
<blackflow> maybe not if you're running a mail server just for yourself.
<Neo4> blackflow: I won't care about user
<Neo4> blackflow: see you run your mail server for yourself, and somebody hack your account and able to send spam, He can black listed your mail server
<blackflow> no I run for our company, with hundreds of clients using our mail services.
<Neo4> or you allow user register on your site and give them SMTP access to server, they also can send spam and lay down your server
<blackflow> I _started_ with my own postifx, just for myself, yes.
<Neo4> blackflow: no, I say main it's not incoming mails, outcoming mails more dangerous
<blackflow> no we don't allow random users register for e-mail. they have to be our clients, pay up for the full service, sign the contracts, and only then they get the email accounts.
<Neo4> blackflow: even don't need antivirus, doesn't matter, windows users have his own antivirus
<blackflow> I wouldn't even consider starting a "free for all" e-mail business. it'd be a waste of time and effort. GMail and others have years of engineering behind them with powerful spam detection systems and AIs, and they STILL have problems with SPAM. yeah, no thanks.
<Neo4> we must remove all redundant applications
<Neo4> blackflow: see if I will create online shop, I need only postfix + SPF ?
<blackflow> for what?
<blackflow> if you want to run a mail server that sends out mail, from a web shop, you need more than just spf, if you want your mail received by as much recipients as possible.
<Neo4> blackflow: if do 'online stores' for people you must set up VPS, and needed apps, do you think postfix + SPF is enough
<Neo4> blackflow: SPF, DKIM ?
<Neo4> two?
<blackflow> and rDNS, and DMARC, and NOT have blacklisted IPs,    and you'll still have occasional problems with your mail landing to Junk :)
<Neo4> black list? If I buy server on digitalocen for 5$, sure it will blacklisted
<blackflow> Neo4: that depends
<Neo4> blackflow: no, blacklist will always if your client doesn't have money, good client won't hire you
<blackflow> that does not make any sense.
<Neo4> blackflow: I think all ip will blacklisted, what we can do postfix + SPF + DKIM +DMARC , and enough for majority servers?
<Neo4> blackflow: why?
<Neo4> blackflow: some guy whant show, he doesn't have money or what do it as cheap as he could, it has sense, and we will buy cheaper server
<blackflow> because blacklisting has nothing to do wtih clients having money....
<blackflow> like I said, our MTAs are NOT blacklisted, haven' been, anywhere, for the past 3 years.
<Neo4> blackflow: how I will check on digitalocean droplets?
<blackflow> we don't send out newsletters and spam-like stuff. our clients use it for transactional, business email.
<blackflow> Neo4: you get a droplet, and then you check if the IP is blacklisted.
<Neo4> I will create one then if that ip blacklist will remove and create nest?
<Neo4> blackflow: ok, understood, on this server that I use not, I don't have droplet, I paid and use what you got
<Neo4> )))
<Neo4> I use now*
<blackflow> Neo4: also note, even if your own IP is not blacklisted, some customer of the cloud service you use could get your entire subnet blacklisted. I've seen that happen a lot at Rackspace back when we were using them. Spamhaus of course, and they refused to delist.
<blackflow> it's a game of whack-a-mole.
<Neo4> blackflow: ok
<blackflow> ideally, you'd want a provider with low tolerance for spam. we use Hetzner. never had an issue with blacklisted subnet with them, like at Rackspace and even Leaseweb.
<blackflow> OVH has improved a lot too. nowadays they screen your outgoing mail and block you pre-emptively.
<blackflow> but I wouldn't use OVH for other reasons (lousy network, for one)
<Neo4> it will take 1 - 2 days to create instruction or even more :(
#ubuntu-server 2019-04-29
<technoob> Hi guys
<technoob_> hey guys
<technoob_> right now i have 2 application running that wants port 80
<technoob_> how do i control which one to use?
<technoob_> is there like a switch?
<sdeziel> technoob_: you could have only one start
<sdeziel> technoob_: or you could tell one to use a different port
<sdeziel> technoob_: or you could keep them binding port 80 but on different IPs
<technoob_> sdeziel: how do i tell one to use different port?
<sdeziel> technoob_: each application is different
<sdeziel> technoob_: what are the 2 ones you are using?
<technoob_> i think its because of nginx
<technoob_> nextcloud and erpnext
<technoob_> both uses nginx i think
<sdeziel> technoob_: have you used the snap to install nextcloud?
<technoob_> yes
<sdeziel> technoob_: check the readme in https://github.com/nextcloud/nextcloud-snap they explain how to bind a different port
<technoob_> can i ask you guys if i understand correctly
<technoob_> so nginx is the one taht uses port 80 right?
<technoob_> and theres two instance that uses port 80
<sdeziel> technoob_: I don't know what erpnext uses as web server but nextcloud's snap ships with apache2.
<technoob_> so nginx is the one who determines which of those 2 gets the port 80 right?
<technoob_> oh
<technoob_> i see
<sdeziel> technoob_: not exactly, who ever gets to bing port 80 is the service that first starts
<technoob_> erpnext is nginx
<technoob_> and nextcloud is apache
<sdeziel> both wants to bind to port 80 by default
<sdeziel> only one succeeds and it's the first that tried to bind that won the race
<technoob_> oh
<technoob_> so in that case nginx won right?
<sdeziel> technoob_: you can check which application binds which ports with "sudo ss -nltp"
<technoob_> its the one with 0.0.0.0:80
<technoob_> right?
<technoob_>  0.0.0.0:80                               0.0.0.0:*                users:(("nginx",pid=1256,fd=6),("nginx",pid=1255,fd=6),("nginx",pid=1254,fd=6))
<technoob_> sdeziel:
<sdeziel> technoob_: so yeah, that confirms that nginx won the race
<technoob_> ok
<technoob_> i changed the port on nextcloud but now it says its in maintenance mode
<technoob_> lol
<technoob_> oh wait
<technoob_> its ok
<technoob_> i can now get in
<technoob_> i see the login page
<technoob_> why is port 80 the most popular lol
<neildugan> Hi... I just installed a lxc VM, it seems that the way ubuntu 18.04 sets up the network, as /etc/netplan doesn't exists and netplan isn't installed.  How do I setup the network? I want to setup a static IP.
<technoob_> sdeziel:
<sdeziel> technoob_: that's the default port for HTTP
<technoob_> oh
<technoob_> okies
<sdeziel> neildugan: I would have expected that all 18.04 official image were using netplan but maybe yours still has an ifupdown setup? Check /etc/network/interfaces maybe?
<neildugan> sdeziel, the file cat /etc/network/interfaces.d/50-cloud-init.cfg  says "..."Changes to it will not persist across an instance ... To disable cloud-init's network configuration capabilities .. "
<sdeziel> neildugan: OK so that's still using ifupdown. Follow the instructions to disable cloud-init's network config and then your static configuration should stick through reboots
<Ussat> Odd its not useing netplan
<OerHeks> try /etc/netplan/50-cloud-init.yaml
<OerHeks> and after that; netplan apply
<phobosoph> hi
<phobosoph> So I want to do run some ansible upgrade on a system
<phobosoph> but before doing that I want to test it locally
<phobosoph> How can I create a snapshot of an existing Ubuntu system that can be booted in a VM?
<tomreyn> you can create an image, import that to the VM infrastructure, and do snapshotting there (if supported), if that's what you mean.
<tomreyn> most virtualization solutions provde some "physical to virtual" (p2v) import mechanism. or you could just create an image file using dd or similar utilities, and import that.
<tomreyn> in the end it's probably rather a support question for the channel of the virtualization you'll be using.
<Ussat> what hypervisor ?
<tomreyn> phobosoph: ^
<Ussat> if vmware, they have a P2V program
<rbasak> Usually you don't have to go that far.
<rbasak> If you take a filesystem copy of an Ubuntu system, it should generally work in a VM as soon as you're sorted out the bootloader.
<rbasak> (and /etc/fstab, etc)
<rbasak> And the initial ramdisk (man update-initramfs)
<phobosoph> can I also downloda the stuff directly over SSH?
<phobosoph> the existing free disk space is not enough for putting the image onto
<rbasak> Of course doing it exactly will find edge case problems with the upgrade that might be lurking in there.
<rbasak> You could just grab the real (as opposed to /proc, /sys etc) filesystems via rsync or something.
<rbasak> That'd give you a reasonable approximation to find any issues that exist in userspace with your proposed upgrade.
<rbasak> It is a little involved in making the result bootable though, and I don't really have the time to walk you through that.
<rbasak> Updating /etc/fstab, bootloader, initramfs, etc.
<phobosoph> rbasak: I could rsync/sftp the file system down to an empty mounted virtual disk and then boot from it afterwards in a VM?
<rbasak> That's what I'm saying, yes, but there are things you need to fix up before it'll work.
<phobosoph> hm, nice
<Ussat> P2V
<phobosoph> Ussat: can P2V also run over SSH/SFTP?
<Ussat> Its been years since I have used it, I am not sure
<Ussat> almost everything I build now is a VM
<phobosoph> cool
<Ussat> So, youre testing ansible based update ?
<Ussat> I have been useing ansible to update all my systems for some time...whats the question
<phobosoph> Ussat: I updated my ansible playbooks from upstream (roots.io trellis) and now I want to be sure it can update/apply on an existing system
<phobosoph> ideally I could test it as a VM frist
<phobosoph> not that something goes wrong and the system is left in an undetermined/broken state
<Ussat> I would just build a quick VM then
<phobosoph> I did, but the VM is not the same as the production system
<Ussat> ahh fair nuff
<phobosoph> yes :/
<phobosoph> hm, I think about creating a new virtual server as production server, transfer everything onto and kill the old one
<Ussat> That would be the best IMHO
<jayjo> what's the easiest way to run a very simple python script periodically on boot via an AMI on aws? Do I need a systemd/upstart or can I just add a script to the crontab?
<jayjo> i have a running docker swarm cluster, and I'd like to add a cluster maintenance task to the manager nodes to run every 5 minutes
<tomreyn> either works. a systemd timer activating a systemd service would probably be the proper approach.
<tomreyn> i'd recommend against upstart (it's still possible to use it but not the right way on any supported releases anymore)
<jayjo> one other detail.. if I install the systemd service, will I still need to 'start' it on boot or will all installed ones start on boot
<jayjo> trying to engineer it so I have one AMI, and can 'start' the management service only on managers
<teward> ayyy, dput via SFTP works.  *laughs evilly*
<tomreyn> jayjo: you need to "systemctl enable" the service
<jayjo> so I can just do that in the userdata of the manager nodes?
<tomreyn> but this may clash with a timer, make sure that's not the case.
<tomreyn> only enabling the configured service / timer on the manager nodes should be possible, yes,
<tomreyn> (i've not had to do this, yet.)
<jayjo> so I install it in the AMI and then calling "systemctl enable" should only be run on the manager nodes because this is what starts the service
<jayjo> I only would call 'start' if i called 'stop' or something else?
<nacc> jayjo: enable does not start unless you run with --now
<jayjo> hmm, so would I run 'systemctl enable ClusterMaintenance.service' on all nodes (to install) and only 'systemctl start ClusterMaintenance' on the manager nodes?
<nacc> jayjo: sorry, i wasn't reading the other bits, just wanted to point that out
<tomreyn> jayjo: this sounds like it could work for your use case, yes. this doesn't cover the regular activation (timer/cron job) vector you had in mind initially, though.
<jayjo> tomreyn: I think that I will just re-factor the python script to run forever and handle the timing within the script, as long as the system will monitor it and re-run it if it fails
<tomreyn> i assumed you would ;)
#ubuntu-server 2019-04-30
<ddstreet> cpaelzer__ i have a libvirt xml that won't start because virsh isn't creating an apparmor profile for it...you know of anything that might cause libvirt to do that, or what the best way to debug libvirt's call to virt-aa-helper?
<ddstreet> this is on disco host
<ddstreet> guest xml is https://pastebin.ubuntu.com/p/V5NcWkg2Pg/
<phobosoph> hi
<phobosoph> Would a perfect upgrade from Ubuntu Server 16 to 18 result in a system that is Ubuntu Server 18 (LTS)? It would be basically undistiguishable?
<phobosoph> This isn't windows, rigth? :)
<lotuspsychje> phobosoph: before lts upgrading you might wanna read the releasenotes
<lotuspsychje> phobosoph: i think for server lts upgrades its important to know some relevant package versions upfront right?
<phobosoph> yes
<phobosoph> lotuspsychje: but when the upgrade finished, the resulting 18 system would be identical - more or less -to a fresh 18 install, right?
<phobosoph> the package installer would simply overwrite the existing stuff, cleaning up old stuff ,et
<phobosoph> so like a imaging thing on package-level
<phobosoph> ?
<lotuspsychje> phobosoph: well nothing can beat a clean install, but the idea of an lts upgrade 'should' work like a charm
<Ussat> there will still be cruft left over, but mostly like a fresh 18
<lotuspsychje> phobosoph: apt always wants to heal itself too
<Ussat> It doesnt change to netplan if I remember correctly
<phobosoph> that's good
<phobosoph> because netplan should be kept :)
<lotuspsychje> phobosoph: https://wiki.ubuntu.com/BionicBeaver/ReleaseNotes#Ubuntu_Server
<Ussat> been a while since I have done one though
<sdeziel> phobosoph: without a clean install, you'd probably have a FS with different features enabled (metadata_csum comes to mind for ext4)
<phobosoph> sdeziel: can I change this afterwards? easily?
<sdeziel> phobosoph: apparently that's doable https://ext4.wiki.kernel.org/index.php/Ext4_Metadata_Checksums#Detailed_Instructions
<phobosoph> thanks man!
<phobosoph> ubuntu/debian/*nix is awesome
<sdeziel> phobosoph: that's just an example to highlight that many things would be subtly different
<phobosoph> sdeziel: what else would be different subtly? :/  netplan + fs. But kernel, all packages and everything else would be upgraded
<sdeziel> phobosoph: yes, the packages would be upgraded and you'd be fully supported
<phobosoph> good!
<phobosoph> for everything else, ansible is used. Sure, it won't enforce the whole system state, just the application/services.
<sdeziel> phobosoph: some packages might be left as uninstalled but not purged, some .dpkg-* files may be left behind. Not a concern usually, it's just that one can usually distinguish when a box was dist-upgraded :)
<phobosoph> ok
<phobosoph> sdeziel: theoretically I could even search for this stuff and remove it afterwards
<sdeziel> absolutely
<cpaelzer__> ddstreet: yes I have some commands that help doing that
<cpaelzer__> just a sec
<Ussat> I have not done a upgrade in a while, but I recall it was pretty smooth in all I did do
<cpaelzer> ddstreet: you need to be on the system or copy off the disk files
<cpaelzer> ddstreet: but the TL;DR is that you can run it like sudo /usr/lib/libvirt/virt-aa-helper -r -d -u 'libvirt-d007102b-7ac8-46b0-a634-2ef994ba620f'  < disco-gl-set.xml
<cpaelzer> adapt the UUID to yous and the filename
<cpaelzer> then this would do what it would do on guest startup
<cpaelzer> ddstreet: looking at the XML I'd expect skiboot.lid to not be accessible
<cpaelzer> without the disks (as I don't have them) and without skiboot it works for me
<phobosoph> Ussat: I am backing up everything now and then start the upgrade :)
<phobosoph> I have terrible memories of windows updates, hehe
<cpaelzer> ddstreet: /etc/apparmor.d/usr.lib.libvirt.virt-aa-helper does not allow /usr/share/skiboot/skiboot - so it will fail on that for sure
<Ussat> Welll TBH Win updates are pretty smooth now
<Ussat> but I have done about 50 prod Ubuntu updates and all went well
<Ussat> but all done with em now
<phobosoph> hm, not sure if this chanel is the right one...
<phobosoph> I want to take backups regularly
<phobosoph> storage should be cheap, I am ok with more expensive retrieval
<phobosoph> ideal with file delta, european data protection compliance thing
<phobosoph> are there good + cheap services for backing up data off-site?
<Ussat> I can tell you what we do, its good but not cheap
<phobosoph> Ussat: ok, tell me :)  I think I get too cheap when it comes to data which is probably bad
<Ussat> We are a fairly large IBM shop. we use TSM
<Ussat> IBM Spectrum Protect its new name
<ddstreet> cpaelzer *wow* the problem was that it doesn't allow accessing files in /usr/share?  that's an incredibly obfuscated way to communicate the error to users :-)
<ddstreet> especially since using /usr/share/AAVMF/AAVMF_CODE.fd for arm guests works fine
<ddstreet> cpaelzer thnx tho - it's working now that i copied skiboot into a per-guest copy in /var/lib/libvirt/images/
<ddstreet> cpaelzer do you happen to know why usr.lib.libvirt.virt-aa-helper doesn't allow using the known, installed by ubuntu packages, loader files, like skiboot?
<cpaelzer> ddstreet: because no one ever asked for it i guess
<ddstreet> ah
<ddstreet> so no specific security reason then
<cpaelzer> no
<ddstreet> ok interesting thnx!
<cpaelzer> common things -> default profile; uncommon things loacl override
<cpaelzer> if nobody asked ever => uncommon :-)
<amitkm9204> Hi guys
<amitkm9204> I want to know about ndtrack command
<amitkm9204> As i am getting high cpu utilisation due to this command
<weedmic> what was the command you typed amitkm9204?
<amitkm9204> using top
<amitkm9204> I getting high cpu utilisation
<amitkm9204> Command name is ndtrack
<weedmic> if u use htop, it will give u a more usable interface - u can order the dynamic table by many different ways
<OerHeks> where does ndtrack come from? cannot find it in the repos
<weedmic> i am unfamiliar with "ndtrack"
<weedmic> no man page, in google I get proffered ndtrack.exe :D
<OerHeks> flexnetservice?
<weedmic> so it's something you are using wine to use - that would certainly use some cpu points
<phobosoph> hi
<phobosoph> so I run do-release-upgrade
<phobosoph> it didn't start but it aborted
<phobosoph> (Ctrl+c)
<phobosoph> when I now run it again, it doesn't want to upgrade
<phobosoph> how can I reset it?
<sdeziel> phobosoph: are you sure it didn't run to completion the first time?
<phobosoph> not
<phobosoph> I cancelled it very early, nothing started yet
<phobosoph> but apparently it thinks there is nothing to be upgraded, probably the sourceslist?
<sdeziel> phobosoph: cat /etc/os-release to check
<sarnold> are you sure it's not still running in a screen somewhere?
<phobosoph> 16.04
<phobosoph> so not 18
<phobosoph> not upgraded
<phobosoph> hm
<phobosoph> sarnold: pretty sure
<phobosoph> So what can I do? :/
<phobosoph> so that I can at least finish the upgrade?
<phobosoph> or reset it that it asks for upgrading?
<phobosoph> it didn't start
<sdeziel> phobosoph: I'd start by pasting the error you get when running it
<albert23> phobosoph: check if /etc/apt/sources.list refers to bionic instead of xenial. If it points to bionic there is indeed no LTS upgrade available
<phobosoph> Please install all available updates for your release before upgrading.
<phobosoph> so it is probably the sources, right
<phobosoph> how can I reset the apt sources back to 16?
<catbadger> Hi
<catbadger> I have a server with 2 nics. i want to install squid and set it up as a gateway/transparent proxy for the internal network. can someone explain what i need to do with netplan to achieve this?
<catbadger> i have that little bit of knowledge on me haha
<catbadger> i'm following this tutorial https://veesp.com/en/blog/how-to-setup-squid-on-ubuntu
<catbadger> it employs /etc/networking/interfaces... i need to use netplan now i guess
<phobosoph> alright, it seems that I just have to replace 'bionic' (18) with 'xenial' (16) in /etc/apt/sources.list to restore
#ubuntu-server 2019-05-01
<zzlatev> hey guys
<soulseeker> can usb ethernet have usage for installing with mini.iso
<soulseeker> I was looking at the codes and notice  the mimics
 * soulseeker jerks arm for the mimics
 * soulseeker spins arm 
 * soulseeker wiggle wiggle
<lordievader> Good morning
<phobosoph> hi
<phobosoph> So I had an issue yesterday where the ubuntu dist updater tool was cancelled and then wanted me to upgrade before starting the upgrade afterwards.
<phobosoph> I was able to fix this: Just replace the codename of distribution to update to with the codename of old distribution
<phobosoph> in /etc/apt/sources.list
<sdeziel> phobosoph: did it allow you to start the process again?
<phobosoph> yes
<phobosoph> it is running right now, looks good
<sdeziel> great
<phobosoph> I am using the KVM console instead SSH to keep connection during upgrade
<RoyK> phobosoph: do-release-upgrade should do the job - no need to do it the debian way
<catbadger> hi!
<RoyK> hello
<catbadger> I am looking to set up a gateway server with 2 nics. i am using iptables to pass the traffic from my internal network out to the world as is, but i want to set up reverse proxy for some servers. I want these servers to handle their own ssl and such, and just want the gateway to proxy all traffic for the servers FQDN to the server's internal ip. once that is up i want to be able to set up alarms based on traffic volume and maybe do some stuff
<catbadger> after. I thought squid was the right fit but it insists on being a caching server that handles the ssl and such for each server...
<catbadger> is there a project that's better suited to what i'm trying to do than squid?
<sdeziel> catbadger: for a reverse proxy thing, I'd look at nginx or haproxy, both are really nice
<sdeziel> catbadger: if you want to terminate SSL/TLS on the backends, haproxy might be better suited for the job
<catbadger> that sounds about right. does haproxy let me analyze the traffic to each destination in real time?
<RoyK> catbadger: haproxy with the certs will probably be easier
<sdeziel> catbadger: if you terminate TLS at the backends, haproxy would operate in TCP proxy mode, not much to inspect but you'd get TCP logging
<RoyK> catbadger: or nginx
<RoyK> nginx is good for proxying https to http or even to https if you don't trust the network in the back
<sdeziel> catbadger: in TCP proxy mode, you can generally look at the unencrypted portion of the TLS session so you can learn which hostname/cipher/proto ... but nothing more
<catbadger> that's ok. i just want to be able to analyze volume from the proxy
<RoyK> it should be easy for both, last I checked
<catbadger> okie thank you all
<catbadger> both
<RoyK> just setup grafana or something to draw the graphs :)
<RoyK> or just zabbix - or munin or â¦
<phobosoph> hi
<phobosoph> Sick question: Is it possible to downgrade smbd on bionic to the samba/smbd used by xenial? :)
<teward> unlikely given build depends, etc.
<teward> not certain you can't but it's probably *unlikely*
<Ussat> 8 ball says.....prob not
<phobosoph> teward, Ussat: I need to install the samba package from Xenial on my Bionic Ubuntu system
<teward> yes you said that already
<Ussat> Ya, survey says..........not a good idea
<Ussat> deps will be different to start
<teward> ^
<Ussat> lets start here, WHY do you need that one ?
<teward> ^ this as well
<teward> 'cause it sounds like an XY problem in the current way you asked
<blackflow> the bot has factoids :)
<blackflow> !xy
<ubottu> The XY problem is when you need to do X, and you think you can use Y to do X, so you ask about how to do Y, when what you really should do is state what your X problem is. There may be a Z solution that is even better than Y, but nobody can suggest it if X is never mentioned.
<phobosoph> OK, so this is Ubuntu on WSL (Windows Subsystem for Linux) and samba from Bionic Ubuntu (from Canonical) got  issues starting)
<Ussat> OK....full stop right there
<phobosoph> it worked with the samba from Ubuntu Xenial
<Ussat> WSL is NOT real ubuntu, networking stuff is VERY different
<phobosoph> right
<Ussat> use a VM if you must
<Ussat> doin ANY network stuff with WSL may or may not work
<blackflow> WSL is really just one emulated bash process
<Ussat> really, use a VM
<Ussat> ^^^
<Ussat> You will be much happier with a VM, VMware player is free
<Ussat> WSL is in my opinion, a novelty.....its ok for some light stuff, network stuff is not one of those
<jerichowasahoax> why are you installing samba in a windows-emulation
<jerichowasahoax> instead of, say, the built in samba daemon in windows
<jerichowasahoax> this sounds like we're at least two levels of xy problem deep
<Ussat> jerichowasahoax, and that ya
<phobosoph> samba windows daemon? :O
<phobosoph> right
<Ussat> what ere you REALLY trying to do
<phobosoph> because samba is used through a ssh tunnel :D
<Ussat> ...
<phobosoph> so the target box can git clone
<Ussat> REALLY dont use WSL
<jerichowasahoax> look fam just throw the whole project away and start over
<Ussat> use a VM and then share the folders via the hypervisor
<Ussat> WSL is a very bad idea for this
<jerichowasahoax> why are you trying to git clone through samba anyway
<jerichowasahoax> what possible advantage would that have
<phobosoph> the deployment thing wants a git repository - and I don't want to host all these git repos publicly
<phobosoph> so I use a SSH tunnel and samba so it can clone locally (from its perspective)
<Ussat> so...use git for windows if you must
<phobosoph> hm
<jerichowasahoax> i use openvpn for that
<Ussat> but ya ssh + samba + wsl = bad juju
<phobosoph> VPN stuff, interesting!
<jerichowasahoax> stick openvpn on a box, git clone ssh://vcs.internal.example.com/project.git
<phobosoph> I have to use a SSH reverse tunnel though because my internet is behind a double NAT - or rather my ISP NATs me anyway
<Ussat> wait, if youre useing ssh, no need to use a vpn
<phobosoph> right, I use a reverse SSH from the target machine to get a samba mount
<Ussat> You REALLY need to sit down and draw this out...because this is ugly. and DONT use WSL
<phobosoph> originally I used NFS but it was behaving bad, it often got stuck
<phobosoph> hm right
<jerichowasahoax> if you must use an ubuntu "guest" for this task, install hyper-v
<Ussat> or vmware player
<jerichowasahoax> he's already got the windows license, most of those come with hyper-v now
<Ussat> unless its win7
<phobosoph> right, I got pro + hyperv support, I use it for docker on windows
<Ussat> and player is free
<Ussat> I am not a hyper-v fan is all I am sure its fine
<jerichowasahoax> i'm kind of allergic to vmware, myself ;-)
<Ussat> I have a little over 1k *nix systems in esxi :)
<jerichowasahoax> i most strongly prefer qemu kvms but windows doesn't have those afaik
<jerichowasahoax> hyper-v comes close
<phobosoph> I am not a fan of hyper-v :)  I had issues with ipv6 and ubuntu as guest
<phobosoph> but after disablign ipv6 completely in ubuntu guest it works fine
<phobosoph> hi
<phobosoph> So I am now using native Windows file sharing service instead of samba
<phobosoph> I still use WSL though - but this works very nicely now.
<phobosoph> it tunnels over SSH, directly using the SSH client options
<phobosoph> so on the server/target system side I only need samba package for cifs-utils
<catbadger> my 18.04 reverse tcp proxy setup is failing to start haproxy https://pastebin.com/jaZv8xgZ PLEASE HELP I'M FREAKING OUT
<sarnold> catbadger: any error messages in the log? any errors in dmesg? what gives you the impression it's not working?
<sdeziel> catbadger: you may want to use "haproxy -c -f /etc/haproxy/haproxy.cfg" to sanity check the config
<sdeziel> the line "server [domainnamehere.com] 192.168.0.2:* check" looks bogus to me
<phobosoph> he, I also got some haproxy experience and yes, its logging thing is strange
<sdeziel> phobosoph: the log config in there looks pretty much like the stock config, no?
<phobosoph> dev/log, so syslog?
<sdeziel> yup, that's a dedicated socket created inside the default chroot
<sdeziel> the magic happens in /etc/rsyslog.d/49-haproxy.conf
<catbadger> @sarnold @sdeziel thank you. i got it working
<sdeziel> yw
<sarnold> catbadger: cool, what was it?
<catbadger> the config was completely wrong.
<catbadger> haha
<catbadger> changed a lot
<sarnold> well, that'll do it :)
<foo> I have screen overriding my titles I set with ctrl+a A ... any idea where this might be stored?
<foo> or what setting that is? it seems to update it with a path
<sarnold> is it perhaps your PS1 environment variable?
<foo> sarnold: thank you, that's possible. I wonder if screen is set to override that when values of PS1 change
<foo> $ echo $PS1
<foo> [\u@\h \W]\$
<foo> eg. I want it to stay at whatever I set it at with ctrl+a A
<sarnold> hmm. that's nice and boring. bummer.
<foo> sarnold: what is "that" - my PS1, or what I want it to do?
<sarnold> your PS1. that shouldn't cause retitling things
<foo> sarnold: oh, ok, thanks. This must be a screen setting
<sarnold> foo: what's in your ~/.screenrc?
<foo> sarnold: nothing, must be a global setting overriding. I could snag from another system perhaps
<sarnold> hmmmm. /etc/screenrc ?
<foo> sarnold: thanks, yup. I bet it's in here... somewhere.
<mwhudson> foo: PROMPT_COMMAND?
<foo> mwhudson: looks like that could very well be it, thank you
<mwhudson> foo: lots of places for things to hide :)
<foo> mwhudson: :)
<sarnold> mwhudson: ha :) nice
#ubuntu-server 2019-05-02
<lordievader> Good morning
<paul98> hey
<paul98> i'm running ubuntu server in a chrooted sftp server which has a directory mapped to the users home dir which is a s3 bucket mapped by fuse s3fs, I can mount the drive and list the contents, I can write to a folder but when I try move a file into a folder I get opertion not permitted, I su to the user same error, I tried as root same error, I unmounted the s3 bucket and re mounted it. still nothing,
<paul98> it did work fine till just before easter where it looked like the mount dropped so i remounted it but i just can't move from the users root dir to the folder, I can create files directly in folder
<lotuspsychje> idle here a bit paul98 as US wakeup might get more volunteers
<paul98> lotuspsychje: thanks, it's just really odd one :(
<geodb27> People : hi ! I've setup an ubuntu lts 18.04 server and it works fine but for the ntp daemon which doesn't start at boot time. Why is "systemctl enable ntp" not working ?
<soulseeker> which one of you are volunteers
<lotuspsychje> soulseeker: volunteers are everywhere, if you have a question please just ask in the channel
<soulseeker> when using the netinstalker at the select software option why doesnt it prompt for software sekections like gnome
<lotuspsychje> soulseeker: you are in the server channel here, are you going to install gnome on a server?
<soulseeker> lotuspsychje it is a laptop but it does need to run server software
<soulseeker> paul98 hi
<soulseeker> were you using paul981
<soulseeker> lotuspsychje it all installed but grub2
<soulseeker> default install hoping to avoid problems
<paul98> soulseeker: yes it was me
<paul98> I couldn't remember my registered nick lol
<soulseeker> did you get it working paul
<paul98> nope, spoke to aws and it seems a mount issh
<paul98> issue*
<paul98> i've just restarted the server to see if that fixed it, I don't know alot about it
<soulseeker> lotuspsychje was that you? aws
<lotuspsychje> soulseeker: can you make a full sentence that makes sense?
<soulseeker> it isnt real as far as I can tell paul
<geodb27> I've had to restart my machine, so I don't know if my question was asnwered or not :-(
<soulseeker> -of amazon
<soulseeker> lotuspsycheje are you the amazon program?
<paul98> i rebooted it but still get same issue. something has gone wrong.
<soulseeker> paul what were you trying to copy
<paul98> it's just a csv file. it's just s3 bucket mounted via s3fs, i can touch a file directly into the processed/ but i can't mv from the root of s3 bucket into /proccessed as user root or the use who is sftp user
<soulseeker> paul did you read the dune series
<paul98> although I can list the s3 bucket contents of root and the processed/
<paul98> this worked fine, then suddenly it looked like the mount dropped, so i remounted it, but i can't write to the processed dir on the bucket
<paul98> outside the mapped mount dir I can aws s3 cp to the bucket any file
<soulseeker> paul touch it where
<soulseeker> paul touch the file reminds me of icecat
<soulseeker> where is the file you are trying to mv
<paul98> if i go into the proccessed folder on the mount, and touch txt.txt it works
<paul98> if i try to move a file from the root of the mount into processed mount root/proccessed i get operation not permitted
<soulseeker> lotuspsychje can you repeat that at paul
<soulseeker> what are you ralking about ptocessed mount
<soulseeker> answet my question
<soulseeker> wgete is the gule ypu are trying to mv
<soulseeker> where is the file
<paul98> i have a s3 bucket mounted using s3fs
<soulseeker> ok
<soulseeker> where is the file
<paul98> /var/sftp/s3bucketname/
<paul98> the file is in that location
<paul98> in /var/sftp/s3bucketname/ there is a folder called processed
<soulseeker> ok
<paul98> i can not move a file from /var/sftp/s3bucketname/ to var/sftp/s3bucketname/processed/ as I get operation ot permitted
<paul98> I just created a new folder called test in /var/sftp/s3bucketname/ and tried to move a file to it, I can't do that either
<soulseeker> how did you mount it
<soulseeker> hey hey the cat
<soulseeker> my imaginary cat moving imaginary files
<soulseeker> gow did you mount the s3bucket
<paul98> . /var/sftp/s3bucketmount fuse.s3fs _netdev,allow_other,multireq_max=5,iam_role=auto,complement_stat,uid=1500,gid=1500,umask=133 0 0
<soulseeker> that isnt root
<paul98> but it worked, it's worked for a year till s3fs stopped working so i re mounted it
<soulseeker> uid 1500
<paul98> that's from /etc/fstab
<paul98> sorry it's mapped to the sftp user
<soulseeker> it can be thr permissions of the amazon thing
<paul98> i've checked with amazon and they said the s3 bucket setup is fine
<soulseeker> it looks like you have some nonstandard amazon software to be mounting using special types
<paul98> i'm using s3fs fuse to mount the s3 bucket
<soulseeker> fuse.s3fs
<paul98> correct
<soulseeker> is that known by mount?
<soulseeker> I dont know it
<soulseeker> maybe the cat was listening to reach out and touch faith when it posed for the icecat logo
<soulseeker> there are permissions on both sides
<soulseeker> what user are you using to run mv
<paul98> tried the sftp user and root
<paul98> get same issue
<soulseeker> and it is touchable, the file ?
<soulseeker> if it is not moving with root that suggest it is the remote permissions
<soulseeker> look into the permissions on the buckwt side
<soulseeker> check the processed folder
<paul98> the processed folder on the s3 bucket is fine
<paul98> if i come outside the /var/sftp/s3bucketmount and run aws s3 cp test.txt s3://bucketname/ it works
<soulseeker> it is owned by sftp
<paul98> so it's something to do with that directory  / chroot
<soulseeker> no that isnt a valid test
<soulseeker> you are attempting a remote move
<soulseeker> not a local to remote copy
<paul98> if i do local to remote from the s3bucket dir I get operation not permitted
<paul98> I can touch a file in the root of s3 bucket
<soulseeker> check the iamrole settings
<paul98> I can go into processed and touch a file and it works
<paul98> I just can not move from root of the s3 bucket into the folder in that same directory
<soulseeker> whatever the s3fs manpage says
<soulseeker> it has to do with remote permissions
<soulseeker> what does the compaby do with this stuff
<soulseeker> before I support it
<soulseeker> I dont care to support moving porno files
<soulseeker> paul if you read dune series you go deeper and deeper
<soulseeker> exploring moral challenges in war scenarios
<soulseeker> you come to the moral aspects of martyrdom and psychology mixed
<soulseeker> very advanced subjects
<soulseeker> -to be clothed in white
 * soulseeker twitches
<soulseeker> paul98 you are the company
<soulseeker> amazon is not "real" but it is there
<soulseeker> use it well
<blackflow> teward: ping
<ahasenack> rbasak: cpaelzer: hi, I need to upload two no-change-rebuilds because of the clamav soname bump (somebody else uploaded new clamav, but it's a server package, so it being in migration for so long pings us)
<ahasenack> how should I proceed with reviews? None?
<ahasenack> they are c-icap-modules and pg-snakeoil
<ahasenack> I just tested a local build, and they picked up the new libclamav9 dep just fine
<ahasenack> ...and libclamunrar
<rbasak> Good question.
<rbasak> I'd say go ahead, no review needed.
<ahasenack> k
<ahasenack> rbasak: oh, one more
<ahasenack> it's a deb sync
<ahasenack> what will the rebuild version be like, just the usual -Nbuild1?
<ahasenack> I think so, since there are no ubuntu changes
<ahasenack> but I don't know debian's rule for no-change rebuids, if it's the same, we could collide
<rbasak> Debian doesn't do no-change rebuilds as they have binNMUs (unless something changed recently?)
<rbasak> -Nbuild1 is fine
<rbasak> "dch -R" should do the right thing
<ahasenack> it did, thanks
<geodb27> People : hi ! Is that normal that the installer jumps back to the initial screen when one fills in the search domains when configuring manually the ip address of the machine ? And the same when trying to alter the partition table preset when selecting "full disk with lvm" ?
<teward> blackflow: ERR: No route to host.
<teward> blackflow: what's up?
<tomreyn> geodb27: bug 1816954 - see comment 4
<ubottu> bug 1816954 in subiquity (Ubuntu) "Unable to show Info nor Set static IP during install" [Undecided,Fix committed] https://launchpad.net/bugs/1816954
<tomreyn> (please don't cross-post)
<teward> geodb27: ^ yes,  known issue where providing a search domain errors out.  Set it without the search domain then set the search domain post-install
<tomreyn> ^ this workaround won't work if you need to set a static ip address, though, use the one from comment 4 then
<teward> tomreyn: really?  I've gotten subiquity to set the static IP if I give it the config WITHOUT a search domain
<teward> then set the search domain post-install
<teward> unless things've changed?
<tomreyn> teward: oh i'm just going by what the error report discusses.
<teward> tomreyn: yeah, so if you set the *search domain* it will explode
<tomreyn> "Also, when setting manual IPv4 information, selecting Save crashes the installer and starts over."
<teward> tomreyn: if and only if you put in the search domain
<tomreyn> i see
<teward> tomreyn: so, in the 18.04.2 ISO's subiquity, static IP setting works *EXCEPT* if you put a search domain in
<tomreyn> i understand that's what you're saying and i will believe it once i've tested it, too. ;-)
<teward> then it does some odd Python error I haven't been able to fully see because of the speed my VMs are efficient at (literally restarts before I get to dig into the error logs).
<teward> put in the static config without the search domain and it won't explode.
<teward> https://bugs.launchpad.net/subiquity/+bug/1816192 is probably the better bug
<ubottu> Launchpad bug 1816192 in subiquity "Installation crashes when setting the IPv4 settings to manual and having a value for search domains" [Undecided,Fix released]
<teward> but that isn't on the ISO(s) yet
<tomreyn> so if you select "info" on the
<tomreyn> ..NIC / ip address context menu it crashes, too
<tomreyn> teward: ^ but you'Re right, it doesn't crash if you set a static ipv4 or ipv6 address, don't touch "info", don't set a search domain
<teward> right, that's the only thing I didn't test, but *setting* the IPv4 or v6 is doable
<teward> blackflow: responding to your ping, but i do have things to do today, if it's important email me via Launchpad or via my ubuntu.com address
<catbadger> morning!
<catbadger> anyone know how to run apache 1 in the foreground?
<tomreyn> catbadger: (as previously discussed) there's no supported ubuntu version which comes with apache 1.x
<tomreyn> you could try asking in #httpd, but i assume it's not supported there either.
<catbadger> lol hastag community
<teward> ... #httpd is another IRC channel :|
<teward> APache 1.x is **long since dead** though
<teward> so I wouldn't expect to find *anyone* able to assist you in this matter
<catbadger> already solved.
<catbadger> thanks anyway
<tomreyn> thumbs will just send you away with fire once he finds out what you run ;)
 * teward picks up the flamethrower
<teward> tomreyn: you assume I won't :P
<tomreyn> i'd never dare to assume that!
 * sarnold notes that catbadger is now that httpd 1.x expert :)
<teward> hah
<catbadger> hi all
<catbadger> https://serverfault.com/questions/965608/trying-to-set-up-haproxy-letsencrypt-for-ssl-termination-gateway-not-answering i have a websrver running letsencrypt certs, I've set up a tcp proxy to allow the webserver to manage its own certs for now. in the interim, i'm setting up the proxy to terminate the ssl, this isn't working... i'm getting a dns error that makes no sense. http://leafdns.com/index.cgi?testid=A8086532 the actual
<catbadger> the error at certbot is 'Failed to establish a new connection: [Errno -3] Temporary failure in name resolution'
<catbadger> what does "The parent nameservers do not have your nameservers listed" mean?
<weedmic> can you ping the server u r trying to reach by it's name? number? none?  generally, if you can ping numbers but not names, you need a dns (try 8.8.8.8)
<RoyK> catbadger: sounds like a dns messup. which domain is this?
<weedmic> catbadger: ^
<catbadger> omg
<catbadger> it's my /etc/resolve.conf... why does it keep getting overwritten?
<catbadger> sepcifically the nameserver line
<RoyK> catbadger: it's usually controlled by whatever network config package you're using
<catbadger> so... netplan?
<weedmic> you can't edit that file - it says right in it "DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN" (and there is no "e" in resolve.conf.
<sarnold> catbadger: /etc/resolv.conf or /etc/resolve.conf?
<catbadger> i have nameservers: addresses [x.x.x.x,x.x.x.x] in my netplan config, but apply is writing nameserver 127.0.0.53
<catbadger> resolv
<weedmic> what do you want to change it to and I can give you the command
<sarnold> catbadger: check out the systemd-resolved manpages
<catbadger> 8.8.8.8 8.8.4.4
<weedmic> ok, you can do that with route command - I'll give an exact sample momentarily
<catbadger> thank you
<weedmic> soz - i don't have it, I put it in using thegraphical method under networks>configure network
<weedmic> i was thinking gateway not dns
<weedmic> To make the DNS related changes in resolv.conf permanent, you need to change the DHCP configuration file named dhclient.conf . You can find the file in /etc/dhcp/dhclient.conf . Open the file for editing (don't forget to use sudo).
<catbadger> thanks anyway
<catbadger> that's actually pretty helpful thanks
<weedmic> and this - but... i did it with the graphical interface and it worked fine on all the machines https://askubuntu.com/questions/130452/how-do-i-add-a-dns-server-via-resolv-conf
<weedmic> 8.8.8.8 and 8.8.4.4
<catbadger> sigh
<catbadger> https://askubuntu.com/a/1001295/946188 has the ansewr
<weedmic> ty 4 sharing the answer
<catbadger> :) posterity etc.
<weedmic> i added it to my cheat sheet (speakin gof which - i recommend cht.sh shell to get working examples of things (over manpage)
<axisys> what are the three parameters mean in preseed partitioning?
<axisys> 40 50 100 ext3
<axisys> 40 M min, 100 M max .. and what's in the middle? and why need 3 parameters?
<blackflow> teward: I've asked in #nginx, when I pinged you, you can /lastlog me there, wanted to ask if you're aware of such a problem, this is Ubuntu Bionic
<teward> blackflow: /lastlog only works so long as it's in my logs, which #nginx is NOT stored in my ZNC logs for more than a bit.  Your message wasn't in the scrollback
<blackflow> teward: tl;dr  it appears that in a http2 request of a static html with many static png images, the images randomly error out with "timeout" error_logged  and "200 0" access_logged, which I can't understand as it's all a single tcp connection
<teward> i'm not aware of any major HTTP/2 issues such as that
<blackflow> teward: I've since switched back http1.1 and there aren't any errors (but FF opens 5 connections to load up all the images on that page) --  the page is a munin status page with png graphs from rrd
<teward> > [2019-05-02 14:25:15] <teward> i'm not aware of any major HTTP/2 issues such as that
<teward> it SOUNDS like an issue with your client with the timeout errors being seen
<teward> but i've not had any reported issues such as that, and I'm pretty sure they'd have been bug-reported.  You might want to try with the PPA version which is newer
<teward> I have to upload the latest mainline and stable to it but
<blackflow> teward: possible, but.... this was a FreeBSD server before it migrated to Ubuntu, same base version (1.14), and there were no such problems there with http2
<teward> might have some bugfixes (use the mainline PPA)
<teward> blackflow: *I* have yet to encounter any such breakages, but without a munin setup myself to test with and a copy of your configs I can't give any real insights either way :|
<blackflow> that was my next step, to see if it's a bug fixed in newer version.    then again, from what I know, http2 is still kinda experimental, and I've seen a few nginx bug in that area fixed, from the nginx mailinglist
<teward> I'm not *aware* of any such major problems (third time I've said this) which would cause the problem you're seeing.
<teward> blackflow: actually, HTTP/2 *itself* is considered stable, there's just OCCASIONAL things that pop up
<teward> it's the SRU rules that prohibit me from making nginx updates to newer upstream releases :P
<blackflow> teward: I'll replicate with an example I can share publically, this URL is behind firewall and auth, so I can't
<teward> blackflow: yep, a minimal reproducible example that would allow me to test, etc. would be great
<teward> because what if the problem is actually munin not liking it xD
<blackflow> teward: biggest problem is, it's not _every_ request. I thought it correlated to a packet loss I observed but then that makes no sense, that's tcp, lost packets would be retried. this is logged as client timeout, which is weird
<blackflow> teward: munin only creates static html+png. I've copied the page to exclude munin's cron overwriting png's mid-request, and it still appeared, so munin is out of the equation.
<teward> well, then provide a minimum reproducible example :P
<teward> so I can test/see if i can replicate
<teward> it's also entirely possible it *is* a client side issue on your side, since you haven't indicated what browser/OS you're connecting to it with
<teward> but as I said, i'm not aware of any major bugs in HTTP/2 in 1.14 that'd cause the problems you're experiencing
<blackflow> yup will do. Also, does this make any sense? run request + timeout within the same second?  https://dpaste.de/zKzb
<blackflow> teward: Ubuntu Bionic on the client side too :)
<blackflow> (stock apt-installed Firefox)
<teward> blackflow: yes in some cases it can make sense
<teward> it's unusual but it usually means the client never sent ACK/SYN packets back (or they were lost in transit) in accepted timespansz
<blackflow> FF logged 17 second "receiving" before it gave up, in the dev console
<teward> but without wireshark/tshark logs on either side
<blackflow> hrm... that's why I thought it was this packet loss to blame but.... again.... being tcp, wouldn't lost packets be retried?
<teward> only so many times
<teward> you're thinking at a pure protocol level
<teward> there's only so many times packets are retried (time to live is a thing on TCP packets you know)
<blackflow> I'll prepare a public test page.
<weedmic> i have several overseas servers - they are unning postfix and mailutils.  except for 1, they all work as expected.  1 always goes to junk in user's outlook, and cannot be junk unjunked.  i printed and compared all the mail.cf files.  The only thing unique on the 1 machine is "myhostname" does not end in .internal, but .local - could that be the real reason?
<axisys> got it .. <min> <pri> <max>
<jdr> I dont know think that would cause it. Why are they not ending in real TLD?
<soulseeker> dax screwed things up again
<soulseeker> a long list of messages sent to #ubuntu
<soulseeker> is there any way to add rootdelay during lilo boot
<soulseeker> after a fresh install it fails to boot not finding the partition
<soulseeker> but by the time the boot fails the partition can br seen by the shell
<soulseeker> paul98 are you there
<soulseeker> prepare to exterminate mafia
<soulseeker> all mafia everywhere
<soulseeker> specificly watch police
<soulseeker> they gravitate to positions of power
<soulseeker> police and mayors
<tomreyn> soulseeker: please rest your enter key.
<soulseeker> tomreyn yeah ok, do you have any suggestionabout how to boot from lilo everything needed was explained
<tomreyn> soulseeker: no, not personally, it's been years ago that i had to work with lilo
<soulseeker> do you know hpw to continue the boot manuly mount returns invalid argument
<soulseeker> it mounts with type specified but how to contnue the boot, what is the automated process doing
<soulseeker> how to tell the initram to hand root to the mount
<soulseeker> welcome back lucas gray
<soulseeker> lucas_gray do you care to work with me for booting the fresh install
<soulseeker> it halts booting and drops to shell because it does not find the boot partition it mounts fine manuly but what next how to contunue booting
<soulseeker> all of these volunteers and nobody knpws how to continue booting
<soulseeker> lucas_gray talk to me
<soulseeker> It seems you are following me
<soulseeker> you show up on various networks, talk to me
<tomreyn> soulseeker: try in ##linux, too, if you can't find immediate support here. maybe there's also a lilo channel?
<blackflow> teward: ping?
<soulseeker> lilo isnt the focus anymore it failed after booting I can install grub
<soulseeker> lilo was selected because it detectsd sdb during indtall where grub was looking at sda
<soulseeker> Id have used grub hut the installer had no option to select the right drive
<soulseeker> if you read what Ive typed you can see where this is at sitting at initram shrll waiting for firstboot
<soulseeker> what is the process to do it manuly
<soulseeker> hi scotte whats going on
<soulseeker> do you monitor this channel
<soulseeker> things like this lucas_gray follow mr around from channel to channel buy do not respond to anything
<soulseeker> there is nothing but boss attitudes making complaints lile this tomreyn
<soulseeker> it is reminisciant of police
<soulseeker> thrt claim to be protexting something but it isnt there
<soulseeker> "keep this channel open for support" but no support
<soulseeker> like americans protecting nonexistant freedom
<soulseeker> scotte do you speak
<soulseeker> hello scotte can you read
<sarnold> soulseeker: hopefully useful to you http://rurounijones.github.io/blog/2009/03/17/how-to-ask-for-help-on-irc/
#ubuntu-server 2019-05-03
<soulseeker> hey paul98 how's thinhs going with you
<soulseeker> I was working on installing ubuntu and encountered some problems booting.
<soulseeker> it was interesting to find out that the pivot_root did not work which suggest ubuntu boots se other wayv
<soulseeker> funny how pivot_root does not work
<soulseeker> I checked it over again and it reads invalid argument for a standard invocation
<soulseeker> paul98 talk to me
<soulseeker> paul98 have you heard of a roman ring wormhole
<soulseeker> suppose you want to send a message through time
<soulseeker> say past or future past seems easier
<soulseeker> say you have a journling filesystem
<soulseeker> and want to commenicAte to somebody using the file system
<soulseeker> and write synchfonicity in the fesystem
<soulseeker> that iz earth right
<soulseeker> sulposed unintentional jfs
<soulseeker> by the way paul98 I have some company information that didnt take on #frenode
<soulseeker> if you desire to look it over , only ask
<soulseeker> hey unshackled!
<soulseeker> welcome
<soulseeker> the spirits which go through humanity
<soulseeker> the different social structures
<soulseeker> how to do away with archaic forms
<soulseeker> shackles is an example
<soulseeker> archaic satanic ritual of binding or bondage of human bodies
<soulseeker> mammonic deemon
<soulseeker> these forms of deemon worsgip remain in the filesystem long after they need to be removed
<soulseeker> thats mostly what the police do
<soulseeker> but now advancing towards worse torture
<soulseeker> with electric guns
<lotuspsychje> soulseeker: can you stop that please, this is the ubuntu server support channel not a satanistic chat
<cpaelzer> ahasenack: for your clamav rebuild on a sync - I had the smae question a while ago, you chose correct
<cpaelzer> in my case the base version was even more odd (I don't remember details), but the TL;DR was more or less "... as long as your new versions does not contain ubuntu it will be auto-synced still"
<geodb27> People : hi ! I'm trying to write a kickstart file to automate the installation process of my ubuntu18.04.2-servers. I'm having troubles to write the partitionning. The instructions in the ks.cfg are not recognized. From what I remember, it worked fine with 16.04 version. Are there some notes about writing such a kickstart other than  https://wiki.dinfadom.com/index.php/Kickstart_-_Ubuntu_18.04_LTS ?
<geodb27> So far, here is my ks.cfg file : https://pastebin.com/Fni4ga5d
<frickler> geodb27: not sure whether you are seeing the same issue, but in order to deploy 18.04 with the same setup I was using for 16.04 I have to use the network installer iso from http://cdimage.ubuntu.com/netboot/18.04/ instead of the new server-install iso
<geodb27> Thanks for your answer and help frickler. As a matter of fact, I've fallen on a page (https://opstuff.blog/2018/10/16/ubuntu-18-04-unattended-setup/) that seems to point that the prefered way is to use a preseed file.
<zzlatev> Hey guys, can I make a mirror of my ubuntu-server and use it to another machine?
<RoyK> zzlatev: yes, but it's generally not a good idea since UUID will be the same etc
<RoyK> zzlatev: better setup the new machine with ansible or something else for automation and use those rules to setup the next machine automatically
<zzlatev> hmm
<zzlatev> OK
<blackflow> UUIDs can be changed tho
<blackflow> teward: ping, btw, that was a client-side issue, Firefox on Bionic, in certain situations I can't isolate, has issues with http2 streams.
<catbadger> hi
<ixil> hello, I'm trying to setup bionic(server) in lxc/lxd but can't work out how to make it use dhcp - I've been trying w/ netplan
<teward> blackflow: sounds like  Firefox then needs a bug filed against it
<teward> blackflow:  if FFox is using some buggy HTTP/2 implementations that'd explain things
<teward> or if you have addons enabled that break things :P
<teward> ixil: out of the box, if you deploy an LXD Bionic image it'll be set to DHCP for IPv4
<teward> `lxc launch ubuntu:bionic foobar` defaults in itself to a DHCP'd netplan, it requires that you have DHCP on the default network bridge/segment the container is dropped onto though
<ixil> teward: that's what I thought - possibly my host(an archlinux box) is misconfigured?
<teward> possibly, but you'd want to go to #lxcontainers for support with the LXD config on your arch box
<ixil> teward: well I use the default `lxdbr0` that `lxd init` brought up
<teward> ixil: *points to the #lxcontainers channel*
<ixil> teward: bit quite over there but I can give it another go, but even still manually configuring through `ip` seems to work, so for netplan itself I'm not sure what I'm doing wrong
<teward> (we don't support arch here ;) )
<teward> ixil: probably not necessarily a netplan problem.
<teward> esp. if `netplan apply` doesn't complain about network config being wrong
<ixil> teward: I suspect I have teh netplan config syntax wrong
<teward> pastebin your netplan config then
<ixil> http://ix.io/1HUl
<teward> ixil: any chance you have a /etc/netplan/50-cloud-init.yaml at all?  You might want to refer to that to the 'proper format'
<teward> usually I suggest to configure the devices directly rather than using a match clause
<ixil> teward: so I used the cloud-init as a template, but left it in /etc/netplan
<ixil> http://ix.io/1HUm <- top is `ip a` on the bionic machine, and bottom my host's relevant links
<ixil> I'm new with netplan, but I've just been doing a `sudo netplan apply; sudo netplan try;` followed by checking `ip addr`
<ixil> the point of the match was the interface gets called eth1@ifXX by lxc, is that something I should look to change?
<teward> ixil: you can be fairly certain that those interface names 'won't change' - those're locked in usually on the config level of the VM from my testing.
<teward> so you don't really need the *match* where you can just specify the individual devices
<ixil> teward: I just `lxc restart ...` the container, and the interfaces are now eth@if107 :/
<teward> :|
<albert23> shouldn't filename 10-custom.conf be 10-custom.yaml?
<teward> ixil: ^ that
<teward> make sure it's a .yaml file
<teward> then try and apply it.
<teward> i have to head into a meeting...
<ixil> albert23: you're my hero
<cyphermox> ixil: no need to do apply and then try, it's the same thing
<ixil> now the config at least shows up under /run/systemd/network/ but it doesn't seem to be correct
<cyphermox> do one or the other
<ixil> cyphermox: ah thanks, I thought it might be, but thought to err on the side of caution
<cyphermox> "try" is just a fancy "apply" with a timer to attempt to revert if you don't respond within the timeout
<cyphermox> revert often works, but not for all kinds of setups
<ixil> ahh well there's no point in doing try, as I can't really check anyway as I have no secondary console to check from the container side
<cyphermox> well, that's the thing
<cyphermox> if you run that in screen you can reconnect (or you won't lose the connection at all)
<blackflow> teward: biggest problem is I can't isolate what in FF causes this. I tried --safe-mode, and the problem doesn't appear there. It doe appear if I run normal mode but disable the two extensions I use. It does appear if I run a fresh new profile. It doesn't appear on every page load. There's no consistency ot point out the issue.
<teward> blackflow: i'd file a bug with firefox then either way
<blackflow> teward: I'm not sure if it is, or if it's something specific to my setup. I asked someone her yesterday to try my test page, from Bionic ,and they saw nothing.
<blackflow> no problem I mean.
<blackflow> someone *here
<jdr> Any issues with running bind, apache, and postfix all on the same server?
<sarnold> should be fine
<teward> just make sure to harden them all properly
<teward> and not leave yourself open to vulnerabilities heh
<sdeziel> postfix + a recursive caching server is rather common/best practice
<teward> yep
<jdr> Gotcha. Thanks.
<leftyfb> Is the 127.0.1.1 entry in /etc/hosts for server important? It looks like it's just a debian/ubuntu thing for some gnome applications that don't like not being able to resolve your hostname to an ip if you don't have a local DNS server on the network.
<leftyfb> The reason I ask is because "dnsdomainname" fails to work if that entry exists without a FQDN which from what I can tell, DHCP is not able to populate
<ahasenack> leftyfb: did you get that entry in /etc/hosts by default after an install?
<leftyfb> ahasenack: yes. I checked with a fresh server install. It's just 127.0.1.1 <hostname> # no FQDN
<ahasenack> 18.04 or what?
<leftyfb> if the entry exists at all, it looks for FQDN there, if none is found, there is no result in looking it up. If there's no entry, it looks up via DNS
<ahasenack> using the new installer, or the old one?
<ahasenack> afaik that's a cloud-init parameter that the installer may be passing to it, or not passing, and some default is assumed
<leftyfb> ahasenack: 16.04. I know 18.04 has a separate issue with /etc/host since I reported the bug :)
<ahasenack> aha
<ahasenack> well, 16.04 is definitely the old installer, I don't recall what it was doing back then
<ahasenack> I like my machines to work without having to add that entry
<leftyfb> right
<leftyfb> which is why I'm asking if the entry is necessary in a server environment. I don't think it is
<leftyfb> because it certainly breaks local FQDN lookup
<leftyfb> ahasenack: I'm betting the classic installer for 18.04 will have the same issue
<ahasenack> I really don't remember
<ahasenack> my laptop has it, but it's a desktop
#ubuntu-server 2019-05-04
<ScriptGeek> I just got a server running ubuntu and following instructions to set it up with LAMP, but I'm unable to determine if apache is configured correctly since I can't get to the default apache page
<ScriptGeek> these are the instructions: https://www.vultr.com/docs/how-to-install-apache-mysql-and-php-on-ubuntu-18-04
<ScriptGeek> where is says to enter the server ip in the browser, "http://SERVER_IP/... I get nothing.... of course the IP is IPV6
<lotuspsychje> ScriptGeek: nmap -PN -sV yourip to see if apache is running perhaps?
<lotuspsychje> !lamp
<ubottu> LAMP is an acronym for Linux-Apache-MySQL-PHP. However, the term is often used for setups using alternative but different software, such as Perl or Python instead of PHP, and Postgres instead of MySQL. For help with setting up LAMP on Ubuntu, see  https://help.ubuntu.com/community/ApacheMySQLPHP - See also the Server CD installation process.
<ScriptGeek> lotuspsychje: I'm not sure what that does... I ran the command, but I don't see anything about Apache in the results
<lotuspsychje> ScriptGeek: it should show open, or filtered ports/or services running /or all closed
<ScriptGeek> only 1 shows and it's port 22, because I'm ssh'd into the server. it says: Not shown: 999 closed ports
<ScriptGeek> ok, I ran the installation again
<ScriptGeek> and the nmap command again... this time it shows Apache running on port 80
<ScriptGeek> maybe I can get to the default page now... let's see
<ScriptGeek> nope
<TJ-> ScriptGeek: you say you're using IPv6 addresses?
<ScriptGeek> TJ-: yes
<TJ-> ScriptGeek: what are the 1st 4 octets of the address? Is it fe80: (link-local) ?
<ScriptGeek> I just googled a bit and it looks like ipv6 addresses need to be in square brackets
<ScriptGeek> TJ-: it's 2001:19f0:5:2c40
<TJ-> ScriptGeek: there is that sometimes, but for link-local addresses you've got to add a suffix denoting WHICH interface to use, as in fe80:....1234%wlan0
<TJ-> ScriptGeek: OK, that is not a valid address
<TJ-> ScriptGeek: I think you're missing a double colon "::" that represents a run of zeros e.g. 0000:0000:0000 can be shortened to ::
<TJ-> ScriptGeek: maybe it should be "2001:19f0:5::2c40" ?
<TJ-> ScriptGeek: usually each allocation is a /64 so the first 4 groups are fixed and your site can allocate any value in the last 4 groups
<ScriptGeek> this ipv6 stuff is like greek to me
<ScriptGeek> here's another ipv6 number: fe80::5400:2ff:fe04:fbc8
<TJ-> ScriptGeek: well it is 128-bit addresses (16 bytes) rather than 32-bit (4 bytes)
<TJ-> ScriptGeek: and that is a link-local address (starts with fe80:) - they are per-link (interface) so 2 interfaces could advertise the same address, therefore we have to add a suffix when there are multiple interfaces to tell the OS which to use, as in %wlan0 or %eth0
<ScriptGeek> well, I'm out of time for today, I'll look at it later. Thank you for the help
<TJ-> ScriptGeek: for a browser you'd need to do something like http://[2001:19f0:5::2c40]
<TJ-> ScriptGeek: best thing is to use "ping6" to ensure you're using the correct form of the address and can get a response, then move to the browser. That way you know the address is valid syntax
<ChunkzZ> hi
<ChunkzZ> how do I install ubuntu's 19 server? I try and it says it has installed but it just boots me into bios?
<ChunkzZ> am I doing something wrong?
<TJ-> ChunkzZ: installing on what make/model, and in UEFI or BIOS/CSM/Legacy mode?
<ChunkzZ> TJ-, bios, no uefi. that's disabled. amd 5350 8gb ram 120gb ssd.
<ChunkzZ> I install it, it says it has installed and asks to reboot.. I reboot and it's just loading the bios.
<ChunkzZ> ubuntu 18.04 LTS's server works fine, this one; nope.
<pavlos> ChunkzZ: did it write the bootloader to your sda ?
<TJ-> ChunkzZ: it sounds like a UEFI issue, because usually Legacy/BIOS mode would report "Boot device missing" and freeze
<ChunkzZ> pavlos, it asked where to use the hdd, so I put use entire disk.
<ChunkzZ> TJ-, I don't want to use eifi though.
<ChunkzZ> uefi
<ChunkzZ> when I'm booting, I'm booting from a usb that's set to no uefi.
<TJ-> ChunkzZ: that's fine, I'm just pointing out that getting dropped into the firmware setup ob boot sounds like a UEFI action, not Legacy/BIOS
<ChunkzZ> so what do I go to get it working?
<pavlos> ChunkzZ: I assume this is 19.04 server?
<ChunkzZ> yes.
<pavlos> ChunkzZ: since 18.04 works
<ChunkzZ> 18 LTS doesn't have this issue....
<pavlos> ChunkzZ: just made a VM with 1904server and it boots w/o issues
<ScriptGeek> have to search through text files manually when using nano since Ctrl+W closes my remote ssh window in my browser
<ScriptGeek> maybe I can redo the keybindings
<ScriptGeek> for nano
<tomreyn> redoing either the browsers' or noan's key bindings might be an option. or using some other editor.
<tomreyn> *nano's, not noan's ;-)
<tomreyn> it's also possible that you may need to mouse click into the temrinal "window" on your browser to ensure the shortcut ends up there, is not handled by the web browser
<ScriptGeek> maybe I should just use putty
<tomreyn> using an actual ssh client has been reported to help people in the past.
<tomreyn> there's also openssh, a much more usable client (if you ask me)
<ScriptGeek> putty is definitely ugly
<ScriptGeek> any openssh builds for windows?
<tomreyn> !WSL
<ubottu> Windows 10 has a feature called Windows Subsystem for Linux, which allows it to run Ubuntu (and other Linux distro) userspace programs without porting/recompliation. For discussion and support, see #ubuntu-on-windows or ##windows. For installation instructions, see https://msdn.microsoft.com/en-us/commandline/wsl/install_guide
<tomreyn> also https://docs.microsoft.com/en-us/windows-server/administration/openssh/openssh_install_firstuse
<tomreyn> but then this is really an ubuntu channel here
<ScriptGeek> well, I'm using windows to ssh into my ubuntu server
<tomreyn> and you're looking for a software to run, on windows, which acts as an ssh client.
<ScriptGeek> ok, sorry
<tomreyn> no worries, i just think it's sometimes needed to point this out. i would not join ##windows to ask on instructions to to install, on linux, an rdp client.
#ubuntu-server 2019-05-05
<Moobuntu001_> If I have an ubuntu server with a 802.11AC PCIe Adapter, what package do I use to broadcast the SSID and manage WiFi clients, and how do I throttle the up and down speed for individual clients?
<ScriptGeek> what does: "su znc -" (without the quotes) do?
<ScriptGeek> it's asking for a password
<ScriptGeek> I created a user via: "adduser --disabled-password znc"
<RoyK> ScriptGeek: run "sudo -i" first to become root
<RoyK> "su - znc" (not su znc -") will make you turn into the znc user with that user's environment
<RoyK> su means "switch user" (albeit misunderstood to mean "superuser")
<ScriptGeek> RoyK: I'm following these instructions: https://www.vultr.com/docs/install-and-setup-znc-on-ubuntu
<ScriptGeek> su - znc and su znc - both ask for passwords, but I didn't set a password
<RoyK> ScriptGeek: are you root?
<ScriptGeek> yes
<RoyK> what's the output of "id"?
<ScriptGeek> uid=1000(znc) gid=1000(znc) groups=1000(znc)
<RoyK> then you're not root, you're znc
<ScriptGeek> does this mean I logged in as znc anyways, despite the message about authentication failed?
<RoyK> if you're root, the prompt ends in a #, if you're a normal user, it's a $
<RoyK> but I need some sleep now - good luck
<ScriptGeek> kk, thanks for the help
<tomreyn> looks like vultr's ubuntu images only set up a root user by default, no sudo user.
<tomreyn> ideally you'd have created a sudo user before creating the additional (restricted, non sudo) znc user. and then you'd always work as the sudo user, never (or only if strictly necessary) as root.
<tomreyn> there's this (unsupported, as every other) PPA which provides znc builds: https://launchpad.net/~teward/+archive/ubuntu/znc
<tomreyn> ScriptGeek: ^
 * teward received a ping
 * teward sees it was a passive ping
 * teward goes back to watching TV
<tomreyn> sorry ;-)
<teward> you're fine.
<tomreyn> i'll try to remember to urlencode your nick in urls i post in the future ;-)
<teward> heheheh
<teward> tomreyn: nah you're good.  I'm just not 100% IRC-capable today :p
<teward> been busy redesigning my network :P
<teward> networks*
 * teward has two internet connections and therefore two independent LANs in his apartment
<tomreyn> uuh, that' sunderstandable then
<teward> tomreyn: ESPECIALLY getting the two networks talking between each other for DNS purposes, that was the trickiest xD
<teward> VPNs are *not fun* :P
<OerHeks> spam-balancing
<teward> heheh
<teward> OerHeks: also a lesson in how NOT to interoperate Ubuntu-driven/routed network systems to interconnect with pfSense and Sophos XG Firewall driven VPN systems.
<teward> :P
<tomreyn> i can think of one or two better way to spend a sunday night. ;)
<OerHeks> pfsense can do loadbalancing, iirc
