[05:51] <fabbione> morning
[05:58] <nictuku> hi fabbione
[06:05] <nictuku> fabbione, i'm a volunteer developer of a network wide updates tool for ubuntu, temporarily named "nwu". Is there any chance that it is considered for being distributed in main at dapper+1?
[06:06] <fabbione> nictuku: you need to talk with mvo
[06:06] <fabbione> he is/was in charge of that Spec iirc
[06:07] <nictuku> Nice. thank you
[07:22] -IMRMooW:#ubuntu-server- New game started, http://sre.servegame.com  : This is a webgame based on SOLAR REALMS ELITE, a famous BBS game back in 1992 (Earth2025/BRE fans are welcome)
[08:01] <acehunky> hello
[08:03] <acehunky> is there any howto on building custom Ubuntu Server Edition distro?
[08:06] <fabbione> acehunky: it's the same procedure as getting a custom image for desktop
[08:06] <fabbione> there is something written up in the wiki
[08:09] <acehunky> fabbione: through the list of packages i can see, Openoffice and other bulky packages which probably i dont need .. so finding a way to have a completely stripped down version of Ubuntu Server Edition
[08:11] <virogenesis> a server install is stripped down acehunky
[08:11] <virogenesis> its not apache or anything you have to decide what packages to install
[08:20] <fabbione> acehunky: these packages will go away soon
[08:20] <fabbione> yes we are aware that there is a bit of junk on CD
[08:21] <fabbione> acehunky: i am waiting for Kamion to fix some code that generate the package list that goes on different CDs
[08:21] <fabbione> so that we can acutally clean it properly
[08:21] <fabbione> but it's not of a big concern at the moment
[08:21] <fabbione> it will for sure happen way before release
[08:42] <acehunky> ok .. fabbione: i was working on getting asterisk and related packges on server edition ..
[12:22] <fabbione> hey neuralis
[12:26] <fabbione> neuralis: ping me when you are around
[12:34] <neuralis> fabbione: hey
[12:35] <fabbione> neuralis: yo
[12:35] <neuralis> fabbione: i'm in a crazy rush, need to split in a few minutes. what's up?
[12:35] <fabbione> neuralis: i have been checking some stuff around
[12:35] <fabbione> ok.. how long before u are back online?
[12:36] <neuralis> 14-15hrs, but i can stick around for 10-15 minutes now if it's important
[12:36] <fabbione> ok
[12:36] <fabbione> i did check drbd, ganglia and i was looking at heartbeat right now
[12:37] <fabbione> drbd is kinda of hair .. it doesn't really work on != x86*
[12:37] <neuralis> hmm, yuck
[12:37] <fabbione> and there is the major issue that the device can't be mounted on more than one node
[12:37] <fabbione> GFS support is not there yet
[12:37] <fabbione> that makes it a bit hairy imgo
[12:37] <fabbione> imho
[12:37] <neuralis> well
[12:38] <neuralis> non-x86 is a much bigger problem
[12:38] <neuralis> the only-one-mount situation is almost by design; drbd was designed for failover, not parallel use
[12:38] <fabbione> i did test ia64 and it farts on missing ioctl
[12:38] <fabbione> ganglia packages are utterly obsoleted
[12:38] <fabbione> and they are lacking a lot of stuff
[12:39] <fabbione> like the web interface
[12:39] <fabbione> as it stands i can't take them over or consider to update them to a full new upstream release
[12:39] <fabbione> 2.5.7 -> 3.0.x
[12:39] <neuralis> hmm. alright.
[12:40] <fabbione> next is heartbeat/keepalived/ipvsdam
[12:40] <fabbione> pitti is looking into the latter
[12:40] <neuralis> if we can find someone to package the new upstream release, do you think the server team can get a uvf exception for it?
[12:40] <fabbione> there are no packages around.. even the debian maintainer is MIA
[12:40] <neuralis> yeah, i meant package it from scratch
[12:40] <fabbione> uvf exception at this point starts to be hard but it is still doable
[12:40] <neuralis> okay, i'll ping ivoks and see if he has time to put it together
[12:41] <fabbione> for heartbeat i found also heartbeat-2
[12:41] <fabbione> former in main
[12:41] <fabbione> latter in universe
[12:41] <fabbione> which one do we want?
[12:41] <fabbione> i think we should stick with what's already in main
[12:41] <fabbione> but you might know better
[12:41] <neuralis> i'm inclined to agree, and i've never actually heard of heartbeat-2, let me see what it is
[12:41] <fabbione> the difference in packaging is kinda of wide.. a lot of different lives here and there
[12:42] <neuralis> ah. they just farmed out some of the functionality to the LRM and CRM: http://linux-ha.org/NewHeartbeatDesign
[12:43] <neuralis> this close to feature freeze, i'd just say let's stick with what we have in main. heartbeat-2 doesn't introduce anything that we desperately need, and we can consider it for replacing heartbeat in dapper+1.
[12:43] <fabbione> ok agreed
[12:43] <fabbione> so we will work out only keepalived and ipvsadm
[12:44] <fabbione> the rest deferred to dapper+1
[12:44] <neuralis> sounds good. i'll check around about ganglia, but for now it's safe to assume that's also getting deferred.
[12:44] <fabbione> well considering we have no HPC solutions anyway.. i see very little point in pushing ganglia
[12:45] <neuralis> it's not really a HPC monitoring solution, though -- it monitors server farms of any kind
[12:45] <fabbione> ok
[12:46] <fabbione> let see if we can get the new upstream version packaged in a decent way
[12:47] <neuralis> yeah. i'll send an e-mail to ivoks in a few minutes, cc you.
[12:47] <fabbione> ok
[12:47] <fabbione> thanks dude
[12:47] <fabbione> have fun
[12:47] <fabbione> sorry for taking so much time
[12:47] <neuralis> no problem, thanks for all your work
[12:47] <neuralis> take care
[12:48] <fabbione> you too
[06:04] <Psi-Jack> Anyone here use openldap for nss and pam?
[06:06] <Psi-Jack> As root, I can getent passwd or shadow, and see my user account in ldap. I can also login as my user in ldap. However, when I am logged in, I have "I have no name!" as a username, and I cannot, as the user, getent passwd.
[06:42] <Psi-Jack> Okay, next issue.
[06:42] <Psi-Jack> Is is possible to get chsh to work with changing the users' shell within ldap?
[07:18] <spike> anybody got anything like hp ultrium storageworks 215 ?
[07:19] <spike> googling gave me not even 100 results.. :/
[07:19] <spike> I found some drivers for rh9 on the hp pages, thinking of alienize 'em and see where I can get with that, but it sounds like it'll be a mess :/
[07:20] <fabbione> spike: what the hell is that?
[07:20] <Psi-Jack> Sweet,
[07:21] <spike> fabbione: http://h18006.www1.hp.com/products/storageworks/ultrium215/specs.html
[07:21] <Psi-Jack> I got ldap user accounts working, that even chfn and chsh works with. :D
[07:21] <fabbione> spike: does the scsi controller see it?
[07:22] <fabbione> if so you have the best driver you can ever imagine (after modprobe st of course)
[07:22] <fabbione> that's called tar :)
[07:23] <spike> fabbione: they've got windoze on that machine atm, migrating the backup solution to linux. I'll boot a liveCD and see how it goes (that thing isnt even working with windoze but I dont really trust their admin)
[07:23] <spike> fabbione: :)
[07:23] <fabbione> spike: well i don't trust windows..
[07:23] <fabbione> anyway tar can make tapes rock and roll
[07:23] <spike> I found that thingie mentioned on some amanda ML too
[07:23] <fabbione> i know that for experience
[07:24] <spike> ok, I'll boot the livecd, see how it goes, and investigate tar and tapes
[07:24] <fabbione> the most important thing is the block size of the device
[07:24] <spike> unfortunately this is my first experience with tapes
[07:24] <spike> but I had to start somewhere :)
[07:24] <fabbione> let me see if i can find my old scrpt
[07:25] <spike> fabbione: that'd be awesome, but pointers to doc would be even better. I'm referring to the usual tldp and bacula docs so far. if you have anything bookarked I'd appreciate that too.
[07:25] <fabbione> no sorry i don't have it anymore
[07:25] <fabbione> spike: i had this old compaq tape
[07:25] <fabbione> you see them as stX devices
[07:26] <fabbione> and i did use tar..
[07:26] <fabbione> the trick was to tell tar to use a block size = to the one on the tape device
[07:26] <fabbione> that's all
[07:26] <fabbione> otherwise you use tar as you would do normally
[07:27] <fabbione> clearly with a tape you need to learn a few more tricks that stuff like amanda & co. will do for you
[07:27] <fabbione> but otherwise there is no real difference
[07:27] <fabbione> there is a tape util somewhere to format/erase tapes
[07:27] <fabbione> food is here
[07:27] <fabbione> bbl
[07:27] <spike> ok, tnx a lot, have a nice dinner
[07:58] <allee> Psi-Jack: Feel free to add a LdapEverywhere wiki page: 1) for login change ... 2) for ch* cmd change ... etc ;)
[07:58] <allee> Psi-Jack: I will soon need a such good reference :)
[07:59] <Psi-Jack> allee: I think I will, since it seems not to be done, yet. And I got the information off a Debian/Ubuntu help site. The chfn/chsn ldap tools are actually in libnet-ldap-perl's package.
[08:03] <allee> Psi-Jack: hmm, nothing in /usr/bin or obvious in /usr/share/doc/libnet-ldap-perl/examples
[08:03] <Psi-Jack> The chfn and chsh scripts are in that examples dir.
[08:04] <Psi-Jack> http://wiki.acm.jhu.edu/w/Central_authentication
[09:20] <Psi-Jack> Does anyone know what groups in /etc/group are used for access allowance/restrictions to various things in Ubuntu? I'm trying to migrate most non-system-related gid's to LDAP, and would like to know which can be safely moved over.
[09:32] <allee> Psi-Jack: I would say only > 1000.  uid/gid 100 - 999: They are dynamicly allocated so it maybe that they are different on your hosts.  But all gid < 1000 are handled by postinst script for you, so I don't see the gain to move them to ldap
[09:32] <Psi-Jack> allee: The gain, is to setup global and localized access/restrictions on a host-per-host basis.
[09:32] <allee> Psi-Jack: < 100 are static, so you can create a copy of them in ldap
[09:33] <Psi-Jack> Like, the cdrom, dialout, dip, lpadmin, admin, adm, etc..
[09:34] <Psi-Jack> For those that are < 100 that is.
[09:35] <Psi-Jack> So what you're suggesting, mostly, is to duplicate those into LDAP, but keep the <100 gid's in there still?
[09:35] <allee> Psi-Jack: I don't know what guid have to be available before ldap is available, therefore I suggested a copy
[09:36] <Psi-Jack> Hmm, i see. That is a safe idea.. I don't know if there's any issues with doing that, because when duplicating them into LDAP, getent group shows it as well.
[09:36] <allee> Psi-Jack: I would feel comfortable if the would be a way to merge  files and ldap group membership
[09:37] <Psi-Jack> Hehe
[09:37] <allee> Psi-Jack: but it's just that I have not tried (yet).  Maybe it works will with just group in ldap
[09:37] <allee> s/will/well/
[09:37] <Psi-Jack> What I'm going to be doing, IF I CAN remember it. Is making use of /var/db and making db-hashes of /etc/hosts, /etc/groups, etc..
[09:38] <Psi-Jack> And going with nsswitch of db ldap files, relying more on the less-readable bdb hashes.
[09:39] <Psi-Jack> What the heck..
[09:39] <Psi-Jack> Why is cupsys in the dialout group? LOL
[09:39] <allee> Psi-Jack: faxes?
[09:40] <Psi-Jack> Hmm. Does cups actually have a fax sending feature?
[09:41] <allee> Psi-Jack: there are several of them :)  Only real problem is that the ipp and the Frontend don't support a required-as-input attribute so one is problem for the fax#
[09:41] <Psi-Jack> LOL
[09:41] <Psi-Jack> Yeah. That's why I like Kfax. :)
[09:43] <allee> Psi-Jack: I wasn't really happy with kfax either (long time ago)
[09:43] <Psi-Jack> Oh, it's gotten quite a bit better since probably the last time you've used it. :)
[09:44] <allee> I've heart the viewer side was replaced/enhances with multipage support
[09:44] <Psi-Jack> excelent. So far, so good on duplication to LDAP, and removing the local user<->group associations from the group file.
[09:45] <Psi-Jack> There's kfax and kfaxview, now yes.
[09:47] <Psi-Jack> Excelent.
[09:47] <Psi-Jack> I just tested it out, making sure credentials would work like that properly. Logged in a fresh new login user, and tailed /var/log/messages, and it worked.
[09:49] <allee> kfaxview<return>  -> no multipage found -> [ok]  -> crash.  Nice enhancement :)
[09:49] <Psi-Jack> LOL. Wow.
[09:50] <Psi-Jack> Heh, I don't have any faxes to try that with. heh
[09:51] <Psi-Jack> Heck, I don't even use faxes anymore, myself. I don't even have a rj11-based phone line anymore. I'm all VoIP.
[09:52] <allee> Psi-Jack is a lucky guy :)
[09:52] <Psi-Jack> It's actually CHEAPER to use VoIP in many cases.
[09:54] <Psi-Jack> Considering that, I spend about $20/mo on 6mbit-down/1.5mbit-up cable, with bare BASIC cable from TimeWarner, and roughly $12.22 for 3 months for SkypeIN w/voicemail, and whatever amount I use for SkypeOut per month at about $0.02/min,
[10:02] <Psi-Jack> Hmm, dangut,.
[10:04] <Psi-Jack> Now I can't load up adept, or kuser, because kdesu is saying my password is wrong. :/
[10:07] <Psi-Jack> Hmm. but when I add myself to the LOCAL /etc/group:admin list, I can kdesu fine again.
[10:51] <allee> Psi-Jack: without being in /etc/group:admin, does the command 'id' list admin for your userid?
[11:24] <Psi-Jack> Well, this is starting to annoy the crap out of me.
[11:43] <Psi-Jack> HAH!
[11:43] <Psi-Jack> sudo doesn't consult nss at all! That's the problem!