[03:40] <nictuku> infinity, when you come back please let me know
[03:50] <infinity> I'm here.
[03:50] <infinity> (more or less)
[03:57] <nictuku> when you find some time, could you please check https://opensvn.csie.org/traccgi/nwu/trac.cgi/wiki  (NetworkWideUpdates)? milestone 1 is on the way
[04:00] <infinity> Is there meant to be more to the IRC quote in "other references"? :)
[04:00] <infinity> The dangling "mvo" is a bit.. Odd
[04:01] <nictuku> ah, that was "remember the nick of Michael Vogt" hehe
[04:05] <infinity> Which xmlrpc/soap implementation were you planning on using?
[04:05] <nictuku> currently it can trigger the clients to run the following tasks: cache update (apt-get update), package installation (apt-get install <pacakges>, list repositories and, the best part, list update candidates.
[04:05] <infinity> If it's generally considered mature (and well maintained upstream), the fact that it's currently in universe is no big deal.  We can promote it if/when nwu is ready to be supported.
[04:06] <infinity> I also find it reasonably entertaining that we don't have a python xmrpc/soap extension in main, since we have the python kitchen sink in mian...
[04:06] <infinity> s/mian/main/
[04:06] <nictuku> currently it uses SOAPpy and M2Crypto, both of which are in universe. I can remove m2crypto, maybe.
[04:07] <nictuku> indeed hehe. I spent the whole aftertoon asking me why there is no python soap in main hehe
[04:07] <nictuku> and asking in #ubuntu-* too =] 
[04:07] <infinity> python-soappy is not only in main, it's in the default desktop.
[04:07] <nictuku> hmm
[04:08] <nictuku> by the way, is packages.ubuntu.com supposed to not accept multiple keys in the packages search form?
[04:08] <nictuku> i could not search after, say, python soap
[04:08] <infinity> As for crypto, python-pyopenssl (also in the default desktop) may work for you.
[04:09] <infinity> I dunno, I use "apt-cache search" for multiple key searches.
[04:09] <nictuku> I needed that to find dapper packages..
[04:09] <infinity> I only find packages.ubuntu.com handy to check versions of each package in each dist.
[04:10] <nictuku> yes, removing migrating from m2crypto to pyopenssl is in the todo list
[04:13] <MarioMeyer> we would need to get python-sysinfo to main also..
[04:14] <nictuku> yeah, but it's not strictly needed for milestone1
[04:14] <nictuku> infinity, MarioMeyer, check out the "manager cli" working: http://paste.ubuntubrasil.org/11
[04:15] <MarioMeyer> this will be great to use on server farms... :P
[04:16] <nictuku> I hope so
[04:16] <infinity> nictuku: Oh, and the reason you couldn't find an xmlrpc extension is because xmlrpclib is included in the main python package.
[04:17] <nictuku> hmm
[04:17] <infinity> So, if you'd prefer to use basic xmlrpc instead of soap, that kills another dependency.
[04:18] <nictuku> that would be better
[04:18] <infinity> I've never been a big fan of SOAP anyway.  Too bloated for anything I've ever needed xmlrpc for.
[04:18] <infinity> To each their own, though.
[04:20] <nictuku> well, I'll confess. python-soappy had a nice "/usr/share/doc/python-soappy/GettingStarted.txt.gz". That's why I used it in the first place hehe
[04:21] <nictuku> if you know of a sample code of xmlrpc + pyopenssl, I'd be interested
[04:21] <infinity> Heh.  Well, I don't mind either way.  I'll admit that I've done very little xmlrpc with python, so I have no strong opinions.
[04:39] <nictuku> ah, it would be great if someone more experienced than me reviewed the architecture and security "features". MarioMeyer  had made some interesting notes and I need more of that
[04:41] <nictuku> MarioMeyer, I'll pay your honoraries when I get rich
[04:41] <MarioMeyer> haha
[04:42] <MarioMeyer> just pay a beer on FISL
[04:42] <MarioMeyer> :P
[04:42] <nictuku> :-)
[04:47] <MarioMeyer> infinity, http://paste.ubuntubrasil.org/12
[04:47] <MarioMeyer> agent running on a machine ;P
[04:50] <nictuku> MarioMeyer, I updated it with the nwu list <your machine> update-candidates |wc result hehe
[04:50] <MarioMeyer> niiiice
[06:24] <oliver_savage> Hey everyone, I just got a VPS with ubuntu running apache2, and just installed mod_python. I'm going to install postgresql shortly, are there any gotchas I should be aware of?
[07:40] <oliver_savage> anyone here using apache2?
[07:42] <infinity> Yes.
[08:08] <oliver_savage> i've only used apach1.3 and just started using apache2, this site-enabled and sites-available directories of doing things, is it required? Is it worth using?
[08:09] <oliver_savage> er "way of doing things"...
[08:24] <infinity> It's not "required", if you want to replace /etc/apache2 with your own configs completely, but it's definitely recommended, and makes a fair bit of sense once you get used to it.
[08:24] <infinity> (My old apache 1.3 config was pretty similar, though, with an /etc/apache/virtual directory for vhosting config snippets)
[08:33] <oliver_savage> Oh, ok I was used to just defining all the virtual hosts in the httpd.conf file, I'd only ever configured one internet facing server before. I'm sniffing through the docs now. Thanks
[09:09] <await> waves to all!
[09:15] <oliver_savage> waves back
[09:30] <oliver_savage> This document; http://doc.ubuntu.com/ubuntu/serverguide/C/ch04s10.html, is well done.
[09:38] <oliver_savage> can anyone recommend, from experience, a fairly easy to admin, lightweight mail server for a server with no xwindows?
[09:47] <fabbione> postfix
[09:49] <oliver_savage> thank you fabbione
[09:56] <oliver_savage> I'm putting together a step-by-step documentation for ubuntu 5.10 server on a VPS. Using apache2, mod_python, mail-server, multiple domains, most fun I've had all week.
[10:00] <fabbione> nice idea
[10:05] <ubijtsa2> libata will take over and drivers/ide will go away.. :)
[10:05] <ubijtsa2> *woohoo* <jump around for joy>
[10:08] <maswan> now if just those sata drivers beside 3ware would become stable and trouble-free.
[10:09] <ubijtsa2> maswan: in the Dell GX280 *spit* the sata (libata) drivers work fine
[10:10] <maswan> ubijtsa2: Well, I've been running into evil corner cases with sata_sil lately. Onboard stuff seems fine, but you're screwed if you want pci cards for a few (>4) extra ports.
[10:11] <ubijtsa2> maswan: ah. sorry to hear that
[10:12] <maswan> Well, my current workstation needed 2.6.15 to support the sata_sis chip, but that was doable, if slightly inconvenient with breezy.
[10:24] <ubijtsa2> mostly statically compiled to avoid requiring initrd
[10:26] <ubijtsa2> if the "libata drives all ?ATA" patch hits 2.6.16, I'll compile it myself for Dapper & Breezy
[10:26] <ubijtsa2> I aint gonna wait for Dapper+1 for that beauty
[10:28] <infinity> If it actually works, we may be able to convince mdz to let it into our 2.6.15... It would solve a LOT of corner cases we have in udev and initramfs and such.
[10:29] <ubijtsa2> not to mention that all disk devices become /dev/sd*
[10:30] <infinity> I'd welcome such a patch if it actually works, and if all the ide drivers are properly replaced and working.
[10:30] <ubijtsa2> even if mdz says no, I reckon many that know how to, will be running a kernel with that patch before long.
[10:31] <infinity> Oh, I'm sure they will, I mean I'd like it in the default kernels to remove some of my headaches in some complex packages.
[10:31] <ubijtsa2> it's Alan Cox that is working on it, so when it is ready, it will be working..
[10:32] <ubijtsa2> I have lots of confidence in him :)
[10:34] <fabbione> if all disks will become /dev/sd* it's really unlikely it will make dapper
[10:35] <fabbione> upgrade from breezy will be hell
[10:36] <ubijtsa2> fabbione: fstab will be a bit af a pain yeah
[10:37] <fabbione> it's not the only thing
[10:37] <fabbione> a lot of tools have /dev/hd* hardencoded
[10:37] <fabbione> to do some really stupid tests
[10:37] <fabbione> it's not a transition i wish to see in Dapper
[10:38] <ubijtsa2> yeah... but on the good side, getting shot of drivers/ide is a "Good Thing"
[10:38] <fabbione> probably
[10:38] <fabbione> anywya it's not up to me
[10:38] <ubijtsa2> To be honest, I didn't think it'd make it into Dapper
[10:39] <ubijtsa2> 2.6.16 is to late to make the cut, and a backport into 2.6.15 will most likely be painful
[11:45] <spike> anybody would be able to comment what's wrong with fuse that encfs inclusion has been refused?
[11:46] <spike> I cant remember the url, could google it out if necessary, but I read a page where they said that, without additional details or anything
[12:27] <hunger> 2~
[12:31] <hunger> Tonio_: Why is there DB on the debian-file-icon?
[12:32] <hunger> Sorry, wrong channel again!
[01:05] <lapo> hi
[01:11] <lapo> lo interface won't came up on boot here, I have an all lvm setup with a /var on an lv, since I think /var is not mounted afterI have a
[01:12] <lapo> sorry
[01:12] <lapo> I think /var is not mounted early enough, I can see ifupdown complaining that there is not /var/run
[01:13] <fabbione> lapo: file a but http://launchpad.net/malone/
[01:13] <lapo> fabbione, against what I should file the bug? init?
[01:15] <fabbione> ifupdown
[01:15] <lapo> k, tnx
[07:02] <christl> anyone here using clamav?
[07:06] <lionelp> yep
[07:11] <christl> one question: is under ubuntu something similar to the debian-volatile repository?
[07:12] <christl> so, that the signatures/engine are always up-to-date
[07:12] <lionelp> to my knowledge, the answer is no
[07:12] <lionelp> signatures are idependant, with freshclam you can get new signatures everyday
[07:13] <lionelp> that is not the case for the engine, ok
[07:13] <lionelp> it would be a good idea... I do not know if it is planned...
[07:14] <christl> have you ever tried the debian-repository? (with pinning .. only for clamav)
[07:14] <lionelp> i have not tried
[08:24] <await> fabbione ping
[09:00] <mkrufky> im trying to set up apache2 using php to access a mssql database, and i get this error: Fatal error:  Call to undefined function mssql_connect() --  all resources tell me that i must recompile php with freetds support, but I was under the impresseion that Ubuntu Just Works (tm) ...  I already have dev-freetds and sqlrelay-freetds packages installed
[09:01] <mkrufky> what is my next step?
[11:31] <tiris> anyone home?
[11:33] <tiris> I have a quick question about ubuntu server (not sure if this is the place to get it answered).
[11:34] <spike> tiris: go on
[11:35] <tiris> okay, I have installed a server and was going to use it for a fileserver...I also want to access it from outside the LAN...like at work.
[11:36] <tiris> but I am afraid of connecting it to the internet because I know nothing about security
[11:36] <Pygi> fabbione: ping
[11:37] <Pygi> tiris: what's the prob?
[11:37] <tiris> any suggestions for quick reading material on tools and practices for server security for ubuntu?
[11:39] <tiris> keep in mind that I am really new to the linux jive and really, really new to the linux-server jive
[11:44] <spike> tiris: then dont really expose a box to the net
[11:45] <spike> tiris: there's not quick reading. u can start with the debian security howto, that will apply to ubuntu as well
[11:45] <tiris> I want to learn how to safely expose the box to the net.
[11:45] <tiris> I would like to be able to access my files from work.
[11:46] <spike> tiris: sshfs sounds like ur best bet judging from what u're saying
[11:46] <spike> it's fairly easy to secure ssh, and it seems the file sharing is limited to you
[11:46] <spike> ssh daemon*
[11:48] <tiris> I am a little familiar with ssh. I know how to use it and set it up, but what vonerabilities am I opening myself to when I connect to the Internet...how easy is it for someone to get access when they are not supposed to?
[11:50] <spike> tiris: either an ssh bug, and let's say it's quite unsual, or a weak password. ssh bruteforcing is *very* common, and weak password is they way they go
[11:51] <tiris> how do I know when an unauthorized attempt was made?
[11:51] <tiris> how do I know when an unauthorized attempt was made and succeeded and what the user did while having access?
[11:53] <spike> tiris: what u can do is employ an ssh keys solution, that will prevent pwd bruteforcing totally disabling pwd based access
[11:53] <spike> tiris: /var/log/auth.log and lastlog command
[11:55] <tiris> can you point me to a good HOWTO on this ssh keys setup?
[11:56] <spike> tiris: http://www-128.ibm.com/developerworks/library/l-keyc.html
[11:56] <spike> as the big black line at the beginning says, it's a 3 part tutorial, read all of them, not just that one
[11:57] <spike> at least part 1 and 2, u dont need 3 at this stage
[11:57] <tiris> okay. Thanks this should get me started. Thanks again.
[11:58] <spike> tiris: read the secure debian howto too please
[11:58] <tiris> what is the url?
[11:59] <spike> u can find it urself, it's not hard
[11:59] <spike> check out the documentation section on debian.org, it's there
[11:59] <tiris> is it an official howto from debian?
[11:59] <spike> yes
[11:59] <tiris> okay thanks
[12:00] <Pygi> one of the good tutorials for unixes/linuxes in general is also a freebsd documentation