[12:14] <Burgwork> ivoks: probably because nobody has filed an MIR
[12:14] <Burgwork> I took a look at its security record
[12:14] <Burgwork> doesn't look too scary, for a php app
[12:14] <ivoks> :))
[12:14] <Burgwork> I need to do an MIR for asterisk at some point as well, so I will do zabbix
[12:15] <ivoks> that would be great addition for next LTS
[12:16] <Burgwork> the latest asterisk also supports snmp
[12:18] <Burgwork> pretty much all options for running asterisk right now suck, because of lack of security support
[12:18] <Burgwork> and given asterisk has a history of remote DoS issues...
[12:20] <ivoks> i didn't spend too much time with asterisk
[12:20] <ivoks> tried, worked, left it :)
[12:20] <ivoks> i would probably work with it, but i've left that company :D
[12:21] <Burgwork> we have an ancient 1.x cvs version of asterisk some consultant setup for us
[12:21] <Burgwork> running on White Box EL 3
[12:53] <theacolyte> I'd rather hand configure MIB/OID/SNMP than deal with it
[03:08] <firecrotch> Hi everyone, I'm wondering if you could direct me to a guide to optimizing the services on my server
[09:53] <[miles] > morning guys
[09:53] <[miles] > anyone awake?
[09:55] <lionel> morning [miles] 
[09:55] <[miles] > bonjour lionel
[09:55] <[miles] > ;)
[09:55] <lionel> :)
[09:55] <[miles] > lionel: dude, I'm currently manually updating our 6.06 LTS servers...
[09:55] <lionel> hehe. security updates ?
[09:56] <[miles] > lionel: When I was using SLES, I could automatically configure it to update
[09:56] <[miles] > lionel: in ubuntu, is there a particlar package to help do this, or is it just cron-tastic :)
[09:56] <lionel> what do you mean by automatically ?
[09:57] <[miles] > well, auto-update
[09:57] <[miles] > it would download and install all updates (SLES)
[09:57] <ivoks> yes
[09:57] <lionel> there is a unattended-upgrades package
[09:57] <[miles] > ah
[09:57] <[miles] > ok nice
[09:57] <ivoks> i'm not sure this is smart thing to do :)
[09:57] <[miles] > ah ok
[09:57] <lionel> I would not do it also :)
[09:57] <[miles] > maybe a cron notifiying me of availble updates would be better
[09:59] <[miles] > I was amazed last night... in 7 years working with linux, I have never seen any reference to "dialog" in bash scripting... then, I happend to download an ebook on linux programming, and low and behold, it's showing how to create ncurses menus in bash using dialog...
[09:59] <[miles] > saves having to code them in C
[09:59] <ivoks> you can do it with cron
[10:00] <ivoks> but you would have to create your own script
[10:00] <[miles] > aye
[10:00] <[miles] > thats fine, I don't mind doing that...
[10:00] <ivoks> there is /var/log/unattended-upgrades/unattended-upgrades.log
[10:00] <lionel> cron-apt could do it
[10:00] <ivoks> so you could parse it
[10:00] <ivoks> or that, right :)
[10:00] <[miles] > ivoks: you class that package as unstable?
[10:00] <lionel> it downloads and send a mail saying updates are available
[10:00] <ivoks> [miles] : unattended-upgrades?
[10:00] <[miles] > nod
[10:01] <ivoks> [miles] : no; it's great package; the idea iss unstable :)
[10:01] <[miles] > jaja
[10:01] <[miles] > :)
[10:01] <ivoks> default behaviour of this package is to download only
[10:01] <[miles] > ah ok
[10:02] <[miles] > I must stream-line a few things here, there is too many UBS's now
[10:02] <[miles] > like apt-proxy or what ever its called
[10:03] <ivoks> lionel: feisty's version has "Unattended-Upgrade::Mail" mail notification
[10:03] <lionel> Oh cool
[10:03] <lionel> thanks for the info
[10:03] <[miles] > can someone gimme a clue as to how / where I configure this unattended-upgrades please?
[10:04] <ivoks> [miles] : /etc/apt/apt.conf.d/50unattended-upgrades"
[10:04] <ivoks> without last "
[10:04] <[miles] > thanks
[10:04] <[miles] > ahhh heres another q4u all
[10:04] <[miles] > I use Prozilla as a download manager... as it's fast multi-part downloader
[10:05] <[miles] > can I configure apt to use it in anyway?
[10:05] <[miles] > I guess apt uses wget no?
[10:08] <ivoks> well, you can allways do --print-uris
[10:08] <ivoks> and then feed your prozilla with urls :)
[10:09] <[miles] > :)
[10:09] <[miles] > ivoks: I can't find any info on what options I can feed this autoupdater
[10:10] <ivoks> sure you can
[10:10] <ivoks> less /usr/bin/unattended-upgrade :)
[10:11] <[miles] > :O 
[10:15] <[miles] > fuck, I need coffee... time to hit a bar
[10:15] <[miles] > bbiab guys
[10:15] <[miles] > thanks for the info btw
[10:21] <gawdzilla> Is there an ircd webadmin type tool like admirc ?
[10:23] <gawdzilla> hopefully for ircd-hybrid
[10:37] <gawdzilla> Is there an ircd webadmin type tool like admirc ?
[10:44] <[miles] > gawdzilla: I don't know of one
[10:44] <[miles] > gawdzilla: you hit sourceforge?
[10:44] <gawdzilla> yup
[10:44] <gawdzilla> and anope forums
[10:45] <[miles] > gawdzilla: one second... you want an admin interface to control an irc server? correct?
[10:46] <gawdzilla> yup
[10:46] <[miles] > right, gimme a min
[10:46] <gawdzilla> nickserv chanserv and so on
[10:46] <[miles] > I'm just asking in another channel
[10:47] <gawdzilla> bot maintenaince would be nice but I'd settle for minimalistic service control
[10:47] <gawdzilla> thanks
[10:50] <[miles] > sorry, the guys I thought might know... don't
[10:50] <[miles] > gawdzilla: ask in #freenode ?
[10:51] <[miles] > gawdzilla: surely someone there will know....
[10:51] <gawdzilla> OK, thanks for the suggestions
[10:51] <[miles] > gawdzilla: it's the only thing I can personally think of... asking there
[10:51] <[miles] > gawdzilla: does it have to be irc server?
[10:51] <[miles] > gawdzilla: jabber servers are cool
[10:52] <gawdzilla> Yes since I'm already running it
[10:52] <gawdzilla> tho later a migration to jabber with an irc bridge could be interesting
[10:54] <[miles] > gawdzilla: I personally install jabber servers normally
[10:55] <gawdzilla> yes they have many interesting interfaces toother protocols
[10:56] <[miles] > nod
[11:02] <[miles] > lionel: still there?
[11:03] <lionel> [miles] : yep
[11:03] <[miles] > lionel: do you happen to know, the next LTS release?
[11:03] <lionel> no
[11:03] <[miles] > lionel: with 5 year support on server.
[11:03] <[miles] > lionel: ah ok
[11:03] <lionel> it is not planned obviously
[11:03] <lionel> I heard some times ago that it would be every two years
[11:04] <[miles] > ok
[11:04] <lionel> so feisty+2 may be a LTS...
[11:04] <lionel> feisty will not be and feisty+1 will probabily not be
[11:05] <[miles] > k
[11:05] <[miles] > lionel: you work for Canonical?
[11:06] <lionel> no :)
[11:06] <[miles] > :)
[11:06] <[miles] > contributor?
[11:07] <lionel> yep, only contributor
[11:07] <lionel> (small contributor ;))
[11:08] <[miles] > jeje
[02:07] <davekempe> was someone here asking about securing PHP apps for shared hosting?
[02:15] <shawarma> davekempe: There was some talk about in on the mailing list. Maybe here, too.
[02:15] <davekempe> yeah i cbfed posting to mailing list, but was going to suggest apparmour
[02:15] <davekempe> need to test it some more, but it should be in fiesty
[02:16] <shawarma> cbfed?
[02:16] <ajmitch> "can't be bothered" :)
[02:16] <davekempe> :)
[02:16] <shawarma> huh?
[02:17] <shawarma> That becomes "cbfed" how?
[02:17] <davekempe> lol
[02:17] <ajmitch> replaced bothered with another word
[02:18] <shawarma> fish? finger? fenestrate?
[02:18] <shawarma> fantasise?
[02:18] <ajmitch> fish
[02:18] <shawarma> Oh, good.
[02:18] <shawarma> Then I get it.
[02:19] <shawarma> :-p
[02:20] <davekempe> anyway. what do you guys think of apparmour?
[02:21] <ajmitch> not a huge fan, though I can see a few people using it
[02:22] <davekempe> why not a fan?
[02:23] <ajmitch> path-based MAC, weak & messy
[02:23] <ajmitch> labelling is more complex, causes more complex policy, but is more complete in that regard
[02:28] <davekempe> all security is compromise
[07:04] <theacolyte> join #cacti
[07:04] <theacolyte> !
[08:57] <jjesse> is there a feisty download for ubuntu server x86?
[08:57] <jjesse> i see a daily for amd64 and also sparc but no x86
[09:00] <fabbione> jjesse: if you are looking for daily build, there was a bug on our cdimage publisher.. so today image might not be there
[09:00] <fabbione> otherwise just download Beta release and dist upgrade
[09:01] <jjesse> fabbione: is that from cdimage.ubuntu.com/ubuntu-server/ ? 
[09:02] <fabbione> http://cdimage.ubuntu.com/ubuntu-server/daily/current/ <- those are daily build
[09:02] <fabbione> and i386 is missing
[09:02] <fabbione> http://releases.ubuntu.com/feisty/ <- beta release
[09:02] <jjesse> ah sorry 
[09:02] <jjesse> silly me
[09:02] <fabbione> no problem
[10:22] <theacolyte> ooo, reading the instructions on upgrading to 7.04 -- nice work on that, very easy :)
[10:23] <shawarma> Is there a guide for upgrading servers?
[10:24] <theacolyte> yup
[10:24] <theacolyte> https://help.ubuntu.com/community/UpgradeNotes
[10:24] <theacolyte> err sorry
[10:24] <theacolyte> https://help.ubuntu.com/community/FeistyUpgrades