=== lbm [n=lbm@130.225.243.71] has joined #ubuntu-server | ||
neuralis | fabbione: we have ganglia packages, please advise if anything else needs to be done with those. cheers. | 01:56 |
---|---|---|
=== await [n=Alexande@209-6-26-196.c3-0.bkl-ubr1.sbo-bkl.ma.cable.rcn.com] has joined #ubuntu-server | ||
=== Psi-Jack [n=psi-jack@cpe-70-112-220-160.austin.res.rr.com] has joined #ubuntu-server | ||
Psi-Jack | Hmm. Why does php5 depend on apache2-mpm-prefork? Does that mean that php5 is compiled with non-threading in mind? :/ | 06:01 |
LordHunter317 | php isn't thread safe. | 06:54 |
Psi-Jack | LordHunter317: Yeah. I noticed. :/ | 07:25 |
Psi-Jack | Upsets me, too. | 07:25 |
Psi-Jack | PHP itself, is threadsafe. The package made for ubuntu, is not. | 07:26 |
fabbione | PHP is not thread safe. | 07:27 |
fabbione | that's why it is built with prefork | 07:27 |
Psi-Jack | PHP5 is perfectly threadsafe. Don't tell me it's not, when I personally know it is. | 07:28 |
fabbione | upstream says otherwise according to our maintainers | 07:28 |
Psi-Jack | I've run quite reliable systems with PHP5 threaded. | 07:28 |
LordHunter317 | Psi-Jack: no, it isn't. | 07:28 |
LordHunter317 | mpre importantly, even if php5 core was, half the modules it ships with aren't. | 07:29 |
LordHunter317 | so it's effectively not-thread safe. | 07:29 |
LordHunter317 | it's shipped prefork by /everyone/ with good cause. | 07:29 |
Psi-Jack | LordHunter317: Hey. Everything /I/ use in php5, has been reliably thread-safe. Even the gd stuff. | 07:30 |
LordHunter317 | i think you've just been lucky. | 07:31 |
Psi-Jack | I've setup custom fbsd servers with a fully thread-safe base system, with all libs being thread-safe compiled. | 07:31 |
LordHunter317 | that's impossible. | 07:31 |
LordHunter317 | not everything shipped is thread-safe. | 07:31 |
LordHunter317 | you don't know what 'thread-safe' means. | 07:31 |
Psi-Jack | Not impossible, no. Not everything has the option for threading. | 07:31 |
LordHunter317 | which makes your statment a contradiction... | 07:31 |
Psi-Jack | Actually, re-read my statement. | 07:32 |
LordHunter317 | with all libs being thread-safe compiled. | 07:32 |
LordHunter317 | that's impossible, as I said. | 07:32 |
fabbione | Psi-Jack: even PHP5 build system tells you that it is not thread safe | 07:32 |
Psi-Jack | with a fully thread-safe _base_ system | 07:32 |
Psi-Jack | I didn't say EVERYTHING. | 07:32 |
LordHunter317 | yes, you did. | 07:32 |
LordHunter317 | learn to read. | 07:32 |
LordHunter317 | _all_ means everything. | 07:32 |
Psi-Jack | Where did I say all? :) | 07:33 |
LordHunter317 | 01:31 <Psi-Jack> I've setup custom fbsd servers with a fully thread-safe base system, with all libs being thread-safe compiled. | 07:33 |
LordHunter317 | and even that is a life. | 07:33 |
LordHunter317 | err lie., | 07:33 |
LordHunter317 | ANSI C isn't thread safe. | 07:33 |
LordHunter317 | it's impossible. | 07:33 |
LordHunter317 | you can't be both thread safe and in keeping with the standard. | 07:33 |
Psi-Jack | Anyway. Right now, I don't care. For the most part, I | 07:34 |
Psi-Jack | I'm just gonna deal with the prefork model, till it pains me to re-compile it. :) | 07:35 |
Psi-Jack | But, what's up with the phpmyadmin package for breezy, including /etc/phpmyadmin/config.inc.php, but not seeming to actually read it? | 07:35 |
LordHunter317 | o_O? i haven't had that problem on Debian. | 07:35 |
LordHunter317 | it doesn't really matter. apache is so slow anyway. | 07:36 |
LordHunter317 | and last I looked, thread-safe php was slower, not faster. | 07:36 |
LordHunter317 | the interpreter isn't locked very well. | 07:36 |
Psi-Jack | It includes it, and all.. But, if I edit /usr/share/phpmyadmin/config.inc.php's $cfg lines, it bombs out saying that config.inc.php isn't setup. Which means, it's not reading the included /etc/phpmyadmin/config.inc.php. It's getting the blowfish, fine, but not the config. | 07:36 |
LordHunter317 | though my knowledge isn't recent. | 07:36 |
LordHunter317 | that is particular. | 07:37 |
Psi-Jack | peculier? :) | 07:37 |
LordHunter317 | it's late. | 07:37 |
LordHunter317 | i'm worried about more imporant things than my diction. | 07:37 |
Psi-Jack | And actually, in my servers, it was 3-6 times faster. :) | 07:38 |
Psi-Jack | Paired with ZendOptimizer, at least. | 07:38 |
LordHunter317 | i don't think I've deployed an application yet where apache was the bottleneck. | 07:38 |
LordHunter317 | or where, "get a new server" isn't a valid response. | 07:38 |
Psi-Jack | Son-of-a. | 07:40 |
Psi-Jack | Shoot me! | 07:40 |
Psi-Jack | Just fricken shoot me! | 07:40 |
LordHunter317 | ? | 07:40 |
Psi-Jack | All the lines in the stock phpmyadmin package config.inc.php, are commented. heh | 07:40 |
LordHunter317 | rol. | 07:41 |
Psi-Jack | One by fricken one, instead of just using a /* */ method, that actually pisses me off. :) | 07:41 |
LordHunter317 | it's preferable. | 07:41 |
LordHunter317 | any developer prefers it. | 07:41 |
Psi-Jack | Using // on every fscking line, for 20+ lines? | 07:41 |
LordHunter317 | yes. | 07:42 |
LordHunter317 | because it's nestable, and because it lets me selectively uncomment lines. | 07:42 |
Psi-Jack | I don't prefer it, and I am a developer. :p | 07:42 |
LordHunter317 | in most languages /* /* */ */ doesn't work. | 07:42 |
Psi-Jack | Grr. | 07:46 |
fabbione | neuralis: yes i saw the email. will do on monday hopefully... | 07:56 |
Psi-Jack | heh, this is odd.. | 08:00 |
Psi-Jack | Why does postfix-ldap suggest postfix-mysql and postfix-pgsql? :) | 08:00 |
LordHunter317 | someone at ubuntu bugged up. | 08:08 |
LordHunter317 | oh, did you have postfix installed at all before? | 08:08 |
LordHunter317 | what you may be seeing is postfix-ldap depending on postfix suggseting the last two. | 08:09 |
Psi-Jack | Nope. Just now finally setting up this kubuntu server I installed several days ago. | 08:09 |
LordHunter317 | well, htat's the only way I cfan see that being seen. | 08:09 |
LordHunter317 | on debian sid, ldap doesn't suggest. | 08:09 |
LordHunter317 | if it does in ubuntu, it's a bug. | 08:09 |
fabbione | the debian and ubuntu packages of postfix are exactly the same | 08:12 |
fabbione | the maintainer is the same | 08:12 |
fabbione | and there is no discrepancies between the 2 | 08:12 |
LordHunter317 | well then, that's how it was seen. | 08:12 |
fabbione | Suggests: is pulled in according to the package manager you are using | 08:12 |
fabbione | and it's not installed by default | 08:13 |
fabbione | just Suggeted | 08:13 |
fabbione | Suggested | 08:13 |
fabbione | = no harm | 08:13 |
LordHunter317 | it fustrates me though that aptitude has no way to pull suggests like it does recommends. | 08:13 |
LordHunter317 | well, trivially. | 08:13 |
LordHunter317 | anyway. I'm out. | 08:14 |
=== virogenesis [n=vir@ACBD9ECB.ipt.aol.com] has joined #ubuntu-server | ||
Psi-Jack | Hmm | 09:11 |
Psi-Jack | Anyone got any suggestions for ldap schema layout for virtual-hosting setups with postfix and cyrus-imapd | 09:12 |
Psi-Jack | ? | 09:12 |
=== hondadarrell [n=hondadar@c-24-5-105-207.hsd1.ca.comcast.net] has joined #ubuntu-server | ||
Psi-Jack | Looks like the misc.schema has what I need. Just gotta make proper use of it. heh | 09:19 |
=== zenrox [n=zenrox@71.115.198.118] has joined #ubuntu-server | ||
=== zenrox [n=zenrox@71.115.198.118] has joined #ubuntu-server | ||
=== mpathy [n=mm@a15197305.alturo-server.de] has joined #ubuntu-server | ||
mpathy | Hi there.. | 12:17 |
mpathy | How do I get ubuntu-server, with its nice default configuration, on a dedicated server? When I debootstrap ubuntu, I loose all the nice configuration right? is there another way? | 12:18 |
=== spike [n=spike@unaffiliated/spike] has joined #ubuntu-server | ||
=== JulienH [n=JulienH@222.67.3.159] has joined #ubuntu-server | ||
JulienH | Hi all | 12:51 |
JulienH | Will webmin package or something like be moved from "universe" to "main" in Dapper ? I'm asking because of security fixes support with the main component | 12:53 |
=== irvin [n=irvin@ubuntu/member/irvin] has joined #ubuntu-server | ||
=== ivoks [n=ivoks@ubuntu/member/ivoks] has joined #ubuntu-server | ||
=== irvin [n=irvin@ubuntu/member/irvin] has joined #ubuntu-server | ||
mpathy | are there no wiki pages or sth. like that for ubuntu-server? | 03:02 |
mpathy | because I recognized a big interest in a debian-based server-specific distribution, but with newer packages like some apache2 and php5 packages.. | 03:03 |
mpathy | really sad | 03:04 |
spike | what's sad? | 03:05 |
spike | mpathy: there are wiki pages related to ubuntu-server around, just not grouped under a macro ubuntu-server page | 03:06 |
spike | mpathy: and there's a ubuntu-server forum, check out the topic | 03:06 |
mpathy | yeah sure.. but at least I would put a link list online somewhere | 03:07 |
mpathy | spike: and a forum is not the greatest tool for this | 03:08 |
spike | mpathy: I agree, when I joined I proposed/asked for an server.ubuntu.com but I've been told that wasnt necessary | 03:09 |
mpathy | spike: perhaps a directory in the ubuntu wiki would be a start | 03:09 |
spike | might try again if more of us will support that | 03:09 |
spike | yeah, that too | 03:10 |
mpathy | spike: Hmm.. WHO told you that | 03:10 |
spike | mpathy: are you subscribed to the list? | 03:10 |
spike | mpathy: mailistlist, that is | 03:10 |
mpathy | we at the art-team do have a subdomain.. | 03:10 |
spike | ah | 03:10 |
spike | well, I'll just post on the list and see what happens | 03:11 |
mpathy | spike: No, but I will. A Mailinglist, additionally being added to GMANE, so that its accessible via a newsreader would be a good start too! :) | 03:11 |
=== fabbione [i=fabbione@gordian.fabbione.net] has joined #ubuntu-server | ||
spike | 'lo fabbione | 03:12 |
fabbione | hi spike | 03:13 |
spike | bye :) | 03:13 |
=== fabbione [i=fabbione@gordian.fabbione.net] has joined #ubuntu-server | ||
ivoks | fabbione: hi | 03:26 |
ivoks | fabbione: i just ralized we have ganglia in universe, but outdated | 03:26 |
ivoks | realized | 03:26 |
fabbione | ivoks: yes. | 03:27 |
fabbione | i know | 03:27 |
fabbione | that's why we needed the new packages | 03:28 |
fabbione | to replace the old ones and move them to main | 03:28 |
fabbione | i only need to look at the packages you did before updating tehm | 03:28 |
fabbione | them | 03:28 |
ivoks | ok | 03:28 |
=== mpathy [n=mm@a15197305.alturo-server.de] has joined #ubuntu-server | ||
fabbione | ivoks: if you want to look at them and see if you need to merge bits, you have time till tomorrow/tuesday | 03:29 |
fabbione | i am sort of overloaded to death | 03:30 |
ivoks | fabbione: ok | 03:30 |
ivoks | fabbione: take it easy :) | 03:30 |
fabbione | i can't | 03:30 |
fabbione | we have Feature Freeze next week | 03:30 |
=== christl [n=chris@chello212186104043.37.11.vie.surfer.at] has joined #ubuntu-server | ||
=== christl [n=chris@chello212186104043.37.11.vie.surfer.at] has left #ubuntu-server [] | ||
Micksa | is there any way at all to permanently change perms in files in /dev? | 04:25 |
ubijtsa2 | Micksa: you can make udev set them for you when it creates the device nodes | 04:28 |
Micksa | ah, I see | 04:29 |
ubijtsa2 | Micksa: /etc/udev/permissions.rules is what you want to look at | 04:29 |
spike | hey ubijtsa2 , how you doin? | 04:29 |
ubijtsa2 | lo spike | 04:29 |
Micksa | do you mean permissions.d? | 04:29 |
Micksa | or rules.d? | 04:29 |
ubijtsa2 | I'm doing alright, DL'ing Kubuntu Flight4 now :) | 04:30 |
ubijtsa2 | Micksa: permissions.d probably | 04:30 |
ubijtsa2 | I have a permissions.rules file (Breezy) | 04:30 |
spike | me too | 04:31 |
ubijtsa2 | spike: how's you then? | 04:31 |
spike | but guess that's like normal .d stuff, where apps can place their files | 04:31 |
spike | there's no reference to it neither in .rules nor in /etc/init.d/udev, tho | 04:31 |
spike | maybe it's somewhere else, havent looked to deeply | 04:32 |
spike | too* | 04:32 |
ubijtsa2 | :) | 04:32 |
spike | ubijtsa2: I'm coming back home at last!! I was about to kill myself here :) | 04:32 |
Micksa | I'll figure it out | 04:32 |
Micksa | dammit | 04:33 |
Micksa | I can't get a 2.4 uml working in dapper | 04:33 |
spike | ubijtsa2: one more week to go, tho :/ | 04:33 |
Micksa | there appears to be no hope | 04:33 |
ubijtsa2 | spike: *grin* alrighty :) | 04:33 |
Micksa | mslade@boo:~$ linux | 04:33 |
Micksa | Killed | 04:33 |
ubijtsa2 | spike: how'd the cv stuff go? | 04:33 |
spike | ubijtsa2: my version worked too :P | 04:33 |
ubijtsa2 | spike: good stuff :) | 04:33 |
spike | and that's actually more than a problem now ehehe, kinda overloaded :) | 04:34 |
Micksa | WTF | 04:34 |
Micksa | mslade@boo:~$ strace linux | 04:34 |
Micksa | execve("/home/mslade/bin/linux", ["linux"] , [/* 41 vars */] ) = 0 | 04:34 |
Micksa | +++ killed by SIGKILL +++ | 04:34 |
spike | coffee break, c you in a bit | 04:35 |
=== lbm [n=lbm@x1-6-00-13-10-7a-d1-e4.k233.webspeed.dk] has joined #ubuntu-server | ||
=== virogenesis [n=vir@ACBD9ECB.ipt.aol.com] has joined #ubuntu-server | ||
virogenesis | hi | 05:35 |
LordHunter317 | hi | 05:48 |
virogenesis | after installing postgresql what needs to be done to be to use it would you say? | 05:52 |
spike | virogenesis: depends how you intend to use it of course | 05:56 |
virogenesis | i'll be using it locally basicaly a webdev box , same machine i'll code on | 05:57 |
spike | you could use psql to talk to the db, or install the relevant modules to use it through ur application of choice, ie apache/php if it's a web thingie | 05:58 |
spike | virogenesis: what language are you gonna use for web development? | 06:00 |
=== await [n=Alexande@207-172-213-68.c3-0.bkl-ubr1.sbo-bkl.ma.cable.rcn.com] has joined #ubuntu-server | ||
virogenesis | i've got apache and php installed its just with mysql you set a password for root for the db what happens with postgresql? | 06:01 |
spike | virogenesis: have you read postgresql documentation? | 06:02 |
virogenesis | i guess its alot different from mysql by the sounds of it i should read it i suppose | 06:03 |
spike | you suppose right | 06:05 |
LordHunter317 | you don't. | 06:05 |
LordHunter317 | unless you're going to use it over the network, you don't set a password. | 06:05 |
LordHunter317 | ever. | 06:05 |
LordHunter317 | create an account for whatever use will run the software you're using. | 06:06 |
LordHunter317 | it checks the credentials of the acessing process. | 06:06 |
LordHunter317 | so sudo -u postgres psql to start the monitor as the DB admin, and 'CREATE USER me;' so you can acess the DB, then 'CREATE USER www-data;' for Apache. | 06:06 |
LordHunter317 | then grant permissions as needed. | 06:06 |
=== spike shrugs | ||
spike | so all the hosted applications can nicely access each other DB | 06:08 |
spike | nice plan | 06:08 |
virogenesis | sounds simple enough thanks LordHunter317 answers a few questions i'm gonna read the docs aswell | 06:08 |
LordHunter317 | spike: no. | 06:08 |
LordHunter317 | for hosted stuff, you have everything urnning as different users anyway. | 06:08 |
LordHunter317 | you hvae to. | 06:08 |
LordHunter317 | it's infinitely more secure for local databases than a password. | 06:09 |
spike | not everybody uses suexec or suphp | 06:09 |
LordHunter317 | moreover, most hosting provdiers ptu databases on other machiens anyway, rendering this irrelevant. | 06:09 |
LordHunter317 | spike: and if you have multiple users and you don't, you're incompetent. | 06:09 |
LordHunter317 | pure and simple. | 06:09 |
LordHunter317 | multiple untrusted users don't share an account, unless it's the anonymous FTP / SAMBA/ etc. account. | 06:10 |
LordHunter317 | and oyu have more immeidate things to worry about than the database, in that case. | 06:10 |
spike | LordHunter317: pure and simple, but not given. point is u cant jump is and say that "user/password" arent of any use assuming all of that | 06:10 |
LordHunter317 | like <?php system("/bin/rm -rf /var/www/*") ?> and trashing /everyone's/ files | 06:10 |
LordHunter317 | spike: yes, I can. see above. | 06:10 |
LordHunter317 | if you have multiple untrusted users, they run in seperate accounts. | 06:11 |
LordHunter317 | your security is already gone if you don't do it, so discussing hte database is irrelevant. | 06:11 |
LordHunter317 | you're overextending yourself. | 06:11 |
spike | I'm what? | 06:11 |
LordHunter317 | overextending. the database is of no concernt at that point. | 06:11 |
LordHunter317 | who cares if I can get in the database? I can delete all their files anyway. | 06:11 |
LordHunter317 | or trojan their scrips. | 06:12 |
LordHunter317 | the username/apssword security on the db become instantly irrelevant. | 06:12 |
LordHunter317 | so I can still get in the DB. | 06:12 |
spike | u're missing the point, but whatever, I'm not the one who asked a question | 06:12 |
LordHunter317 | spike: no, I', not, you are. | 06:13 |
LordHunter317 | spike: if two "users" share an account as www-data. | 06:13 |
LordHunter317 | the permissions used to access the database are /irrelevant/. | 06:13 |
LordHunter317 | be it a process credentials check or username/password for the db, user a can get user b's data and vice-versa. | 06:13 |
spike | u're missing the point because u're trying to convince me of something I already know :) | 06:13 |
LordHunter317 | because they trojan the scripts. | 06:13 |
LordHunter317 | spike: no, you don't, as you wouldn;'t have said waht you said if you did. | 06:13 |
spike | and u're missing the point because u dont answer like that someone who never used pgsql | 06:14 |
spike | no, I said that because I didnt assume what you did | 06:14 |
spike | that's the difference | 06:14 |
LordHunter317 | spike: i;m assuming zero. | 06:14 |
LordHunter317 | what's teh assumption? | 06:14 |
spike | u're assuming best practise | 06:14 |
LordHunter317 | no, I'm not. | 06:14 |
LordHunter317 | it still holds in the case you mentioned. | 06:14 |
LordHunter317 | because it's irrelevant. | 06:15 |
LordHunter317 | as I've said. | 06:15 |
LordHunter317 | do you need me to set this up and show you? | 06:15 |
LordHunter317 | i can. | 06:15 |
LordHunter317 | and I should make a minor correctoin: they can't necessarily trojan the script, but they certainly can read the DB password out of it. | 06:16 |
spike | u should make a lot of minor corrections, like safe_mode and denied access to /bin/rm | 06:18 |
LordHunter317 | neither of which will stop DB access. | 06:18 |
LordHunter317 | and safe_mode can be bypassed pretty trivally anyway. | 06:18 |
LordHunter317 | *oops* | 06:18 |
virogenesis | its highly annoying that they talk about the syntax before admining the server bloody weird | 06:44 |
LordHunter317 | tehy're seperate parts. | 06:45 |
LordHunter317 | there isn't much admining to do, really. | 06:46 |
LordHunter317 | it's very much a "it works" or "it doesn't owrk" situation, most of the time. | 06:46 |
LordHunter317 | the rest is just avoiding some gotchas, like SELECT COUNT(*) and that bulk loading via INSERT or SPROC is really, really slow. | 06:47 |
LordHunter317 | also, Npgsql sucks but that doesn't matter unless you're doing .NET development. | 06:50 |
=== await [n=Alexande@207-172-213-68.c3-0.bkl-ubr1.sbo-bkl.ma.cable.rcn.com] has joined #ubuntu-server | ||
=== nsilva [n=nathans@c-67-171-250-99.hsd1.wa.comcast.net] has joined #ubuntu-server | ||
=== nsilva [n=nathans@c-67-171-250-99.hsd1.wa.comcast.net] has joined #ubuntu-server | ||
=== await [n=Alexande@207-172-213-68.c3-0.bkl-ubr1.sbo-bkl.ma.cable.rcn.com] has joined #ubuntu-server | ||
=== nictuku [n=yves@201.15.116.192] has joined #ubuntu-server | ||
=== virogenesis [n=vir@ACBD9ECB.ipt.aol.com] has joined #ubuntu-server | ||
=== hunger [n=tobias@p54A60F4C.dip0.t-ipconnect.de] has joined #ubuntu-server | ||
=== zenrox [n=zenrox@71.115.198.118] has joined #ubuntu-server | ||
=== zenrox [n=zenrox@71.115.198.118] has joined #ubuntu-server | ||
=== zenrox [n=zenrox@71.115.198.118] has joined #ubuntu-server |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!