[12:10] <nealmcb> I wonder if it would make sense to split the ldap package/bug mail etc. out to the ubuntu-directory team?
[12:10] <ajmitch> soren: that's ok, I drink from the firehose anyway
[12:11] <ajmitch> nealmcb: the ubuntu-directory team is already bug contact for a bunch of these packages
[12:11] <soren> ajmitch: :)
[12:11] <ajmitch> maybe in future server team membership could be automatic ubuntu membership
[12:15] <Innatech> so, modprobe won't detect my Intel NICs, presumably because they're the OEM version. Can I force it somehow? Don't see anything in the man page. 
[12:20] <soren> Innatech: The driver doesn't detect them? There's always the /sys/bus/*/driver/*/new_id trick. You could try that and if it works, add the pci id's to the module source.
[12:21] <Innatech> hrrm. Is that procedure outlined somewhere? Sounds like roughly what I need to do. 
[12:21] <soren> Innatech: I'm looking for some documentation..
[12:21] <Innatech> thanks. 
[12:22] <mathiaz> soren: did you try installing using an lvm partition with server cd ?
[12:23] <soren> Can't find it. "lspci -n" to find the PCI ID. Then 'echo dead beef > /sys/blahblahbla/new_id' as root.
[12:23] <soren> mathiaz: No, I didn't make it that far. :)
[12:23] <mathiaz> soren: do you know if it was working ?
[12:24] <Innatech> Thanks again. 
[12:24] <soren> mathiaz: Nope. I can try right now?
[12:24] <mathiaz> soren: I'm testing the amd64 cds, and I can't get it work.
[12:25] <mathiaz> soren: I think it worked once, but I try again and I get stuck.
[12:25] <soren> mathiaz: Up-to-date ones? It was b0rken the day before yesterday, I think.
[12:25] <soren> mathiaz: With a clean hard drive? 
[12:25] <soren> mathiaz: *really* clean?
[12:26] <mathiaz> soren: I've removed all the partition with fdisk.
[12:26] <mathiaz> soren: but I wonder if the LVM meta data are still there.
[12:26] <soren> mathiaz: The guided installer does stuff the same way every time, so if you've just removed the partitions and it creates them the same way again, it'll find the data still there, completely intact. :)
[12:27] <soren> It works for me in an..
[12:27] <soren> i386 vmware.
[12:27] <mathiaz> soren: even if you reinstall ?
[12:27] <mathiaz> soren: I'm not doing it in a vmware. I'm testing it on a real machine.
[12:28] <mathiaz> soren: with a real cd.
[12:28] <soren> mathiaz: Even if you reinstall.
[12:29] <mathiaz> soren: ok. Thanks - I'll look into erasing lvm metadata from the disk.
[12:29] <soren> mathiaz: What you're essentially doing is clearing out the partition table (removing the partitions in fdisk), and putting the exact same data back into it again (from the installer). In effect, you've changed nothing :)
[12:30] <soren> mathiaz: and that is bound to cause confusion.
[12:30] <soren> mathiaz: A quick pvremove /dev/sda5 is likely to fix it.
[12:30] <mathiaz> soren: well. I've erased the partition before booting the cd.
[12:30] <soren> mathiaz: Same thing. 
[12:31] <soren> mathiaz: It doesn't matter if you reboot in between clearing the part table and putting the data back into it.
[12:31] <nealmcb> ajmitch: I was confused by seeing openldap2.3 in the server team package report, and now I see that openldap2.2 and openldap2 are in the ubuntu-directory package report.  should 2.3 be moved?
[12:32] <mathiaz> soren: yop. I understand now. It's a know bug 107205.
[12:32] <ubotu> Launchpad bug 107205 in partman-auto-lvm "LVM install crashed" [Undecided,New]  https://launchpad.net/bugs/107205
[12:33] <soren> mathiaz: Heh, the test case fabio mentions is fun.
[12:33] <soren> mathiaz: It works because the lvm metadata is at the end (IIRC), but that's not touched by the mkfs.ext3.
[12:34] <mathiaz> soren: that's exactly what I've been doing while testing the cd images.
[12:34] <soren> mathiaz: Ah, ok. I thought you just retried the lvm one.
[12:40] <Innatech> OK, so I'm a little lost dealing with the bus and device representations within /sys . Can I just use /etc/sysconfig/hardware to associate the e1000 module w/ the OEM card based on it's PCI ID? 
[12:41] <soren> Innatech: /etc/sysconfig ? Um...
[12:41] <Innatech> oh yeah. 
[12:41] <soren> Innatech: We don't have that in Ubuntu?
[12:41] <Innatech> long day, sorry. 
[12:42] <soren> Innatech: What's the name of the module.
[12:42] <soren> Innatech: ?
[12:42] <Innatech> e1000
[12:42] <soren> Innatech: Then it's /sys/bus/pci/driver/e1000/new_id 
[12:43] <soren> Innatech: 'echo 1234 fedc | sudo dd of=/sys/bus/pci/driver/e1000/new_id'
[12:43] <soren> Innatech: Put your vendor_id product_id combo instead of 1234 fedc.
[12:43] <Innatech> ah, easy enough. 
[12:43] <soren> Innatech: Not all drivers support it, but a lot do.
[12:43] <Innatech> I'll go see. 
[12:52] <nealmcb> soren: cute way to create a file as root without quoting a sh -c echo  :-)
[12:59] <Innatech> well, I'm not sure if that got me anywhere. I did 'echo 8086 105e | sudo dd of=/sys/bus/pci/driver/e100/new_id' and DD reported the output successfully, but lspci still shows the NICs as unknown intel ethernet devices, and they're not showing up as eth interfaces. 
[01:01] <soren> nealmcb: "sudo tee" is also good :)
[01:01] <Innatech> I do see directories for 0000:01:00.0 and 0000:01:00.1 -- which are the addresses reported by lspci . 
[01:01] <soren> Innatech: lspci will not change.
[01:02] <soren> Innatech: Check dmesg and output of "ifconfig -a"
[01:02] <soren> Anyhow, it's 1 am here now, and I've got work tomorrow morning.
[01:03] <Innatech> soren: it's alive! Where should I send the flowers & chocolates? ;P 
[01:04] <soren> Innatech: :)
[01:04] <soren> Innatech: You can fix some of my bugs, and we're even. :)
[01:04] <Innatech> seriously, thanks much. I would have mucked with that for at least a day or two on my own. 
[01:04] <soren> Innatech: the new_id trick is hopelessly poorly documented.
[01:05] <soren> Innatech: You can fix some of my bugs, and we're even. :)
[01:10] <ajmitch> nealmcb: only if it'll be useful
[01:11] <ajmitch> (wrt openldap2.3 & bug contacts)
[01:13] <leonel> are the plans for another  LTS    gutsy +1 ?
[01:15] <ajmitch> hopefully, though I don't know if it's been decided yet
[01:21] <leonel> ok
[01:21] <leonel> let's see what comes after  gutsy
[01:49] <nealmcb> ajmitch: offhand, I would think it would be useful to have the same team deal with all the versions of ldap
[01:56] <ajmitch> as long as *someone* is
[06:30] <ScottK> Going back to my earlier discussion, if you set up your DNS record correctly, dkim-filter works!
[06:30] <ScottK> Also sending test messages with an empty body to the test reflectors is problematic.
[07:03] <wintermu1e> lshw says that my hardware support MII, but mii-tool returns Not Supported error, anyone seen this?
[08:21] <Burgundavia> soren: you around yet
[08:21] <Burgundavia> ?
[09:13] <soren> Burgundavia: I am now.
[09:13] <Burgundavia> soren: do you have a screenshot of ebox on Ubuntu?
[09:16] <soren> Burgundavia: They're just like the ones on www.ebox-platform.com.
[09:16] <Burgundavia> ok, I will steal one then
[09:16] <soren> Burgundavia: There's a guy who's interested in theming it for Ubuntu, but so far, it's just like upstream.
[09:16] <Burgundavia> aside from mentioning it has been packaged, anything else interesting?
[09:24] <Burgundavia> soren: are you able to get me a screenshot with Ubuntu Firefox chrome around it?
[09:30] <soren> Burgundavia: What's this for?
[09:30] <Burgundavia> the Tribe3 release notes
[09:30] <soren> Oh. Would you mind if I see it before you submit it anywhere?
[09:31] <Burgundavia> it will go on the Tribe3 wiki page at https://wiki.ubuntu.com/GutsyGibbon/Tribe3
[09:35] <soren> Burgundavia: Alright.
[09:35] <Burgundavia> soren: worries about too much publicity?
[09:40] <soren> Burgundavia: Not "worries" per se.
[09:40] <Burgundavia> given it is pretty raw, i understand
[09:41] <soren> Burgundavia: I would have just preferred something more complete to present to the hungering masses.
[09:41] <Burgundavia> welcome to release notes for alphas
[09:41] <soren> Burgundavia: :)
[12:51] <madmetal_spyros> hey :)
[01:55] <Kream> hi all 
[01:55] <Kream> what's the recommended way to start ntpd at every boot ?
[01:56] <Kream> /etc/default/ntp does not have anything like NTPD_ENABLE=yes|no
[02:03] <infinity> Kream: It starts on boot by default.
[02:04] <infinity> Kream: It will exit if the clock is ridiculously skewed, however (so, you might want something like ntpdate fixing the clock before ntpd starts)
[02:10] <Kream> all right. 
[02:11] <Kream> how do i set that up ? something like ntpdate -b pool.ntp.org 
[02:18] <Kream> so that /etc/init.d/ntpdate is called before /etc/init.d/ntp 
[02:19] <soren> Kream: IIRC, just install the ntpdate package and it should be called automatically before ntp.
[02:23] <infinity> If it's not run before ntpd starts, that's a bug.
[02:24] <infinity> Given that it's run from if-up.d, it better run first. :)
[02:25] <soren> infinity: Agreed.
[02:28] <eikke> is there any way to force ntpd to use some ntp server, even if it's got stratum 16?
[02:46] <soren> eikke: Sure. /etc/default/ntpdate for ntpdate, /etc/ntp.conf for ntpd
[03:00] <incorrect> i am looking at setting up a firewall
[03:01] <incorrect> what are the best options these days?
[03:14] <dendrobates> incorrect: are you looking for a gui to help you?
[03:14] <incorrect> no
[03:14] <incorrect> i am not sure if i should use keepalived
[03:15] <incorrect> or if i could do something similar with fwbuilder and heartbeat
[03:16] <dendrobates> incorrect if I am not mistaken, keepalived is used for high availibility.
[03:16] <incorrect> yes
[03:17] <dendrobates> netfilter and iptables in the kernel are what allow you to create a host based firewall.
[03:17] <incorrect> i know
[03:17] <dendrobates> what are you trying to do exactly.
[03:19] <incorrect> well i have a network, i want to create a firewall for it,
[03:19] <incorrect> i guess i need to learn more about VRRP
[03:20] <dendrobates> So you have two machines you want to use as firewalls, and you want to use vrrp to allow failover?
[03:21] <incorrect> doesn't have to be vrrp
[03:21] <incorrect> there is the zebra project too
[03:22] <dendrobates> now I understand.  I have always done this with appliances, but I have heard good things about vrrpd.
[03:22] <incorrect> err quagga
[03:22] <incorrect> i have load blancers so keep alived is not really what i want
[03:23] <dendrobates> you just want state info transferred between firewalls, so if you lose one, you don't drop sessions, right?
[03:23] <incorrect> bingo
[03:24] <incorrect> if you know of a good alliance that would be helpful too
[03:25] <dendrobates> Unfortunately, I have always used firewall appliances for this, but I knew someone who had one cisco pix firewall and used vrrpd to transfer state to a linux box as failover.
[03:27] <dendrobates> but it looks like it is a abandoned project.
[03:29] <incorrect> keepalived is a good implementation
[03:29] <incorrect> what appliance do you use?
[03:31] <dendrobates> I have used both nokia switched firewalls and most recently cisco pix and cisco asa.
[03:31] <dendrobates> the nokia's ran checkpoint.
[03:32] <incorrect> what would you recommend? 
[03:33] <dendrobates> I liked the nokia's better, but they are very expensive.
[03:35] <incorrect> i don't like cisco equipment
[03:42] <dendrobates> usually I didn't have a choice.  
[03:47] <incorrect> i would have to hire a cisco guy to configure it
[03:47] <incorrect> fwbuilder might be able to do it for me
[03:49] <incorrect> they used to say openBSD was about the best things to use for firewalls
[03:51] <incorrect> err thing
[04:01] <lamont> ScottK: mine is more of a violent reaction than mere aversion
[04:01] <ryanakca> ScottK: you were saying you'd like to work with the server team to document setting up the Kolab server?
[04:02] <ScottK> ryanakca: I was saying I thought kubuntu and server team ought to work together on that.
[04:02] <ryanakca> ah, hehe :)
[04:02] <ryanakca> hmm... maybe get the doc team to help out?
[04:03] <ScottK> That'd be good.
[04:04] <ryanakca> Any volunteers willing to help out in setting up/documenting a kolab server on feisty? I can write down the steps, except it won't be exactly "documentation" style
[04:04] <ScottK> The idea being that there's a synergy here between cool stuff you can do with a Kubuntu desktop and a kolab server running on ubuntu-server.
[04:07] <ScottK> nixternal afaik.  Dunno who else.
[04:08] <ScottK> dendrobates: Do you think this would be something the server team could work on with Kubuntu?
[04:10] <dendrobates> ScottK: impi linux is using kolab, they might already have this.
[04:10] <ScottK> What or who is impi linux?
[04:11] <dendrobates> The only problem I have with kolab is that there is no exchange integration. afaik
[04:11] <dendrobates> exchange integration is a requirement in many instances.
[04:11] <ScottK> Sure.
[04:12] <ScottK> In this case it's a Kubuntu desktop with Kolab on Ubuntu Server, so it's cool.
[04:12] <ryanakca> Kolab in the repos is 1.9.4... current version is 2.1
[04:12] <dendrobates> It certainly sounds worthwhile.
[04:12] <ScottK> I think mainly what might be needed is some advice an assistance for ryanakca when he hits roadblocks.
[04:12] <ScottK> Is kolab universe or main?
[04:13] <soren> no
[04:13] <soren> :)
[04:13] <ryanakca> Universe
[04:14] <ScottK> Cool.  Then let's update it.
[04:14] <ryanakca> and eGroupware at 1.2.106-2.dfsg-3 needs updating to 1.4
[04:15] <ryanakca> ScottK: hmm. do you have commit access to the debian svn? (the sources/etc are all maintained on:
[04:15] <ryanakca> WARNING: 'kolabd' is maintained in the 'Svn' version control system at:
[04:15] <ryanakca> svn://svn.debian.org/pkg-kolab/kolabd/
[04:15] <ScottK> ryanakca: No.
[04:16] <ryanakca> shucks... I do suppose we could just send them our copy?
[04:16] <ryanakca> how would we deal with .src.rpm in packaging?
[04:16] <ryanakca> (they don't offer .tar.gz)
[04:16] <ScottK> ryanakca: I'll send it to Debian.
[04:17] <ryanakca> yep
[04:18] <ryanakca> methinks that eGroupware would be an easier solution, but might as well update kolab while we're at it
[04:18] <dendrobates> upstream must have a tar.gz, even if they don'toffer it now.  We should ask.   I can strip off the srpm stuff pretty easily though.
[04:19] <ScottK> Isn't egroupware one of the server team targets for Gutsy anyway?
[04:19] <dendrobates> Guys, this is great.  We are actually talking about doing stings in #ubuntu-server.
[04:19] <dendrobates> instead of the usual - *my apache doesn't work*
[04:20] <ryanakca> haha :)
[04:20] <dendrobates> *how do you know it doesn't work*
[04:20] <dendrobates> * it just doesn't*
[04:20] <ScottK> ryanakca: What are you uscanning?
[04:20] <ryanakca> ScottK: so, if eGroupware is one of the server team targets, shall we go for it,
[04:20] <ryanakca> eGroupware
[04:21] <ScottK> dendrobates: Who was working on egroupware?
[04:21] <ryanakca> update the package, and write the documentation for it, with Kubuntu integration?
[04:21] <dendrobates> I wouldn't want to discourage anyone from grabbing something and running with it.
[04:21] <ScottK> Right.
[04:21] <dendrobates> ScottK: I don't think anyone at this time.  
[04:22] <ScottK> OK.  I thought that was on the list.
[04:23] <dendrobates> worst case it brings us up to date with kolab, best case, we have our groupware solution.
[04:23] <ScottK> Heh.
[04:23] <ryanakca> ok
[04:23] <dendrobates> I think it is on the list, but there are too few of us.
[04:23] <dendrobates> we can't tackle everything at once.
[04:24] <jtole> hey guys, I know this isn't a ubuntu specific question but I have to ask, what are some of the best ways for monitoring server performance / usage of hardware, I mean how do you keep tabs on what percentage of cpu is being used regularly percentage of memory, bandwidth etc, I mean besides logging in and running ps 
[04:24] <dendrobates> My *only* concern about kolab is lack of exchange support.  I would like to talk to canonical's support guys and see what customers are asking for.
[04:25] <ryanakca> dendrobates: so, I'll try out eGroupware... hmm. upstream now includes debian/... which is identical to the debian/ that Debian created for egroupware-1.2.106-2.dfsg
[04:25] <ryanakca> dendrobates: ok
[04:25] <ryanakca> dendrobates: how would we get in touch with them?
[04:25] <mathiaz> jtole: you can have a look at cricket
[04:25] <mathiaz> jtole: http://cricket.sourceforge.net/
[04:26] <dendrobates> I work for Canonical, I can just ask them. 
[04:26] <ryanakca> ah, nice :)
[04:26] <dendrobates> morning mathiaz.
[04:26] <mathiaz> dendrobates: morning rick.
[04:27] <ryanakca> ScottK: *packaging question* If upstream includes a debian/, I have to contact them and ask them to remove it, even though it's identical to the one we created for the last packaged version?
[04:27] <jtole> mathiaz, thanks, taking a look now
[04:27] <ScottK> Uh, what package?
[04:27] <dendrobates> jtole: I second cricket.  It is used by large companies, very sucessfully.
[04:28] <dendrobates> brb
[04:28] <ryanakca> ScottK: upstream's egroupware-1.4.001/ contains the debian/ that we created for egroupware-1.2.106-2.dfsg . Can we use it or no?
[04:28] <ScottK> You can
[04:28] <incorrect> i can't make up my mind if i should use ubuntu current or LTS
[04:29] <ScottK> Generally it's good to ask to have it removed, but not critical.
[04:29] <incorrect> LTS already kinda lags
[04:30] <ScottK> ryanakca: As long as it's decent (which since we made it, it should be) it's not a huge issue.  The only critical issues is if you have to remove a file from the debian dir.  You have to repack the source to do that.
[04:30] <ryanakca> ScottK: ok
[04:31] <jtole> and cricket works on a client server architecture of sorts, I mean like I said, there is a fair number of computers in need of monitoring here and I would kinda like a collective way to view them all from one location
[04:34] <ryanakca> hmm.. nope. they modified debian/control to add some dependencies
[04:34] <ScottK> That's fine
[04:35] <ScottK> You can probaby assume they didn't do that randomly.
[04:35] <ryanakca> ok.
[04:35] <ScottK> Just make sure we have all the depends.
[04:39] <jtole> ok, now I am still setting it up and reading about it etc but I have installed cricket via apt-get at the moment and I am not entirely sure how I access the cgi of it unless... ah heck, I will start reading over apache config files
[04:50] <ryanakca> ScottK: ok. I'm confused, mind giving me a bit of advice on if I should use the old debian control, upstream's control, or a mix of the two? (diff, upstream's, old debian, http://pastebin.ca/626244 )
[04:51] <ScottK> Remove the php4 stuff.  We don't ship php4 anymore.
[04:52] <ScottK> You will also need to remove apache as we only do apache2 now.
[04:54] <ScottK> ryanakca: Other than that it looks not insane.
[04:55] <ScottK> So I'd take the upstream one (which has changes for the new version) and do the above to it.
[04:55] <ryanakca> ok
[04:55] <ryanakca> thanks :)
[04:57] <dendrobates> I'm back
[04:58] <dendrobates> At least for a while.  My wife is have her mothers of twins play group at our house today.
[04:58] <dendrobates> 7 moms + 14 babies = -1 Rick's
[04:59] <ryanakca> haha :)
[04:59] <ScottK> Ah.  Very quiet here.  15 year old is not awake yet (even though it's 11AM here), 13 year old is at camp, and the 4 year old and her au pair are at the zoo.
[05:04] <dendrobates> soren: it'll be soon enough for you.   
[05:04] <soren> dendrobates: True.
[05:04] <dendrobates> they usually follow closely behind a wedding.  Sometimes mere days:  :)
[05:04] <soren> dendrobates: They won't be 15 or 13 years old for a while though. :)
[05:05] <dendrobates> unless you adopt.
[05:05] <soren> Nah, if they're that old, it's too late to train them to do dishes and shit.
[05:06] <ScottK> Dream on.
[05:10] <soren> I'm not saying that it'll necessarily work if they're younger. I'm just completely SOL if I don't get them until they're teenagers.
[05:10] <incorrect> i am looking at running up some virtual servers,  i've played with vmware, and that is ok,  but is there anything else of interest? 
[05:11] <ScottK> dendrobates: What is your srcrpm to orig.tar.gz magic?
[05:14] <`6og> i'm copying lots of email into an imapd (courier). is 90%cpu usage usaual? the mail client is evolution
[05:14] <ScottK> If you have them unpacked, diff -ruN will get you the same result as the debdiff.
[05:16] <soren> incorrect: Depends. VirtualBox is pretty neat and exists in a GPL version.
[05:17] <soren> incorrect: qemu also works rather well with kqemu.
[05:17] <ryanakca> ScottK: I have all the .debdiffs in debian/ along with upstream's original files. And most of the debdiffs are exact copies of upstream. I'm trying to delete all the copies...
[05:17] <soren> incorrect: xen seems to work for a lot of people.
[05:17] <incorrect> how about running 64bit OS's
[05:17] <ScottK> Ah.
[05:17] <soren> incorrect: qemu AFAIR still has issues with that.
[05:17] <soren> incorrect: The others should be fine, I think.
[05:18] <soren> incorrect: I've never used Xen, though. I'm not sure about that.
[05:18] <incorrect> xen didn't seem to have an amd64
[05:19] <soren> incorrect: "Support for x86/64 is available since Xen 3.0."
[05:19] <soren> incorrect: From the Xen FAQ.
[05:20] <incorrect> i wonder if it just hasnt been packaged
[05:21] <soren> incorrect: E.g. xen-image-xen0-2.6.16-11.2-generic has existed since edgy?
[05:21] <soren> incorrect: (that's an amd64 image)
[05:21] <ScottK> ryanakca: What arch is your server going to be?
[05:21] <incorrect> fair enough
[05:22] <ryanakca> ScottK: I think 386... the server itself is 64bit, but I don't have anything to build the updated 64bit packages on
[05:22] <ScottK> OK.  
[05:22] <ryanakca> ScottK: (other than waiting a couple days to get it built on the Ubuntu buildd)
[05:23] <ScottK> I can build you i386 packages for testing the kolad updates.
[05:25] <ScottK> OK.  Then maybe I'll quit expending effort on Kolab.
[05:25] <eikke> soren: doesnt work
[05:25] <eikke> Server dropped: strata too high
[05:25] <ryanakca> ScottK: ok
[05:26] <soren> eikke: ntpdate or ntpd?
[05:26] <eikke> ntpdate
[05:26] <eikke> I'd like to have continuous updates through ntpd too, though... problem is I can only access one ntp server
[05:27] <eikke> its like this: I got an ntp server on my gateway which does work (afaik), now I want all servers in dmz to sync against that one
[05:27] <eikke> not one-shot at bootup, as some of them tend to drift quite easily :s
[05:30] <ryanakca> ScottK: know of any php person that I could ask about commenting out certain parts? example: http://pastebin.ca/626277
[05:31] <soren> eikke: Sorry, got to run for a couple of hours.
[05:31] <eikke> np :)
[05:31] <ScottK> ryanakca: What's the question.
[05:31] <dendrobates> eikke: ntpdate is deprecated
[05:31] <ryanakca> ScottK: should I leave it commented out, as done by upstream, or uncomment it as done by Debian
[05:33] <ScottK> In general, I'd tend to follow Debian, but I know nothing about php.
[05:33] <ryanakca> same here.
[05:33] <ryanakca> hm
[05:33] <eikke> dendrobates: I dont want to use it anyway :)
[05:33] <ScottK> This is probably not a bad place to find someone who knows about PHP and LDAP though.
[05:33] <eikke> dendrobates: I just want to force ntpd to get the time out of my gateway, whether it likes its stratum or not
[05:34] <ryanakca> Umm... anybody knoweldgable about PHP & LDAP, should I leave it commented out, as by upstream, or uncomment in, as by Debian? http://pastebin.ca/626277
[05:35] <dendrobates>  eikke: ntpd -q should behave like ntpdate, and might ignore the stratum stuff.
[05:35] <eikke> dendrobates: but then I got to execute that command periodicly?
[05:36] <dendrobates> Yes, in a cronjob, which I consider preferable. 
[05:40] <ryanakca> ScottK: erm. Does Ubuntu have an AUP/Security Policy for using it's servers/etc that we could copy over, or would we have to write one up?
[05:40] <ScottK> Dunno
[05:41] <ryanakca> hmm... ask someone on the CC or in #canonical-sysadmins ?
[05:41] <ryanakca> (I don't know who knows what, so I'm kindof hopeless when it comes to HR in Ubuntu)
[05:42] <dendrobates> I'm sure there is an AUP for canonical systems, but why would you copy that?
[05:43] <eikke> dendrobates: watching tcpdump on my gateway shows activity, but the client log says "no reply, clock not set" after ntpd -q -n -g
[05:46] <dendrobates> eikke:  What does your /etc/ntpd.conf look like?
[05:47] <dendrobates> sorry ntp.conf
[05:47] <ryanakca> dendrobates: *shrugs* to be safe? I've been reading Network Security first-step by Cisco, and the main reason of having an AUP/General Policy is to "Be Safe" in case something ever does happen... mind you, it's only open to Kubuntu Members, so we'll probably never use it.
[05:48] <eikke> dendrobates: http://pastebin.com/d3599fa7f
[05:48] <dendrobates> The AUP would be dictated by the policy of the company/organization that runs the system.
[05:50] <ryanakca> dendrobates: but, then, there's always "inheritance" (*searches for the exact term*)... anything done on the server is the SysAdmin's/Companies fault. If the system isn't secure and someone does something 'malicious' using it, it would be the organisation's fault for not properly securing the system, and they would get the blame... at least that's what I understand from that particular chapter. 
[05:50] <ryanakca> "downstream liability" is the word I was looking for
[05:52] <dendrobates> The GPL takes care of liability.  We could include an example of an AUP, though.
[05:53] <dendrobates> eikke: does smoke.dmz.vtk.ugent.be respond to a ntpdate request?
[05:54] <eikke> dendrobates: yes, but when running it in debug mode, it says "Strata too high, dropping server"
[05:54] <dendrobates> It would be up to whoever runs the server to create an acceptable use policy according to their own policies and regulatory requirements.
[05:57] <dendrobates> An AUP should exist, but Ubuntu should not provide it. 
[05:58] <ryanakca> If Ubuntu has one that's "standard" for it's own servers (not the end user's, but Ubuntu itself as an organisation), I should use it.
[05:58] <ryanakca> (not in the package, but for the one I'm setting up for kubuntu-devel)
[05:59] <dendrobates> Are you doing this for canonical?
[05:59] <dendrobates> is this official?
[06:01] <ryanakca> dendrobates: https://lists.ubuntu.com/archives/kubuntu-devel/2007-July/001802.html . "Official" no, but I've had good response on the k-devel ML, Hobbsee's for it, and Riddell is for it, and elmo knows about it.
[06:02] <dendrobates> It's up to you then.  Most network security books have examples, and it is important to present your AUP at login.
[07:42] <munckfish> mathiaz: Hello
[07:44] <mathiaz> munckfish: hi
[07:44] <munckfish> Hello, do you have a minute to quickly discuss 
[07:44] <munckfish> lp #106244?
[07:44] <ubotu> Launchpad bug 106244 in mysql-dfsg-5.0 "CONF Variable in /etc/init.d/mysql unused" [Wishlist,Triaged]  https://launchpad.net/bugs/106244
[07:45] <munckfish> I won't keep you long cause I need to shut down for the day
[07:45] <mathiaz> munckfish: ok. Let me check this bug
[07:45] <mathiaz> munckfish: ok - I see.
[07:46] <munckfish> I wasn't sure of the process for accepting offer of mentoring
[07:46] <mathiaz> munckfish: you just need to patch the init script to use CONF instead of the hardcoded filename my.cnf
[07:46] <munckfish> ok, I have a patch that's no problem
[07:47] <munckfish> I have applied it to the feisty version and to the current gutsy
[07:47] <mathiaz> munckfish: ok. You can attach it to the bug
[07:47] <munckfish> which do you want gutsy version or both?
[07:47] <mathiaz> gutsy
[07:47] <munckfish> ok
[07:47] <munckfish> version number? dch -i just appends ubuntu1 to the end
[07:47] <munckfish> that ok?
[07:47] <mathiaz> It won't qualify for an stable release update for feisty
[07:48] <munckfish> considering such as small change?
[07:48] <mathiaz> munckfish: yes
[07:48] <munckfish> really? ok I see
[07:48] <mathiaz> that's ok - as it's a new release.
[07:48] <munckfish> once I've done that and if you approve it
[07:48] <munckfish> what would happen then?
[07:48] <mathiaz> it'll be published.
[07:49] <munckfish> ok that's the part of the process that I don't fully understand
[07:49] <mathiaz> munckfish: do you have a patch for init or debdiff ?
[07:49] <munckfish> I will upload a debdiff
[07:49] <mathiaz> munckfish: excellent
[07:49] <mathiaz> munckfish: attach the debdiff to the bug, and I'll have a look at it.
[07:50] <munckfish> great, I'll try to do this just now, but I may not get back to this till Monday, I hope you don't mind. It's time for me to switch off you see :)
[07:51] <mathiaz> munckfish: np.
[07:51] <munckfish> mathiaz: thx for you time
[08:01] <munckfish> mathiaz: I have one problem preventing from uploading my debdiff
[08:02] <munckfish> I have modified only debian/{control,changelog,*mysql.init} but for some reason the debdiff is showing some *.po files has having changed
[08:05] <mathiaz> munckfish: did you do a debbuild clean before debdiff ?
[08:06] <munckfish> no but it's was freshly patched from dpkg-source -x *.dsc
[08:07] <munckfish> I then ran debuild -S
[08:07] <munckfish> cd ..; debdiff file1.dsc file2.dsc
[08:08] <ScottK> munckfish: This is common.  Just delete the po file changes from your debdiff before you attach it and all should be fine.
[08:08] <munckfish> ok will do
[08:09] <munckfish> any idea why this occurred?
[08:09] <ScottK> No.  I've seen it before with some packages that have po files, but not all.  Not sure why it happens.
[08:16] <munckfish> ok I've attached the debdiff, cheers for the help. bfn
[09:12] <BFTD> http://pastebin.ca/626571
[09:13] <BFTD> I get that error, how do I update the packages that are in /var/cache/apt/archives ?
[09:22] <mralphabet> type apt-get
[09:22] <mralphabet> BFTD: ^^
[09:22] <mralphabet> BFTD: it will give you all of its options
[09:22] <coNP> "sudo apt-get update" should do the trick
[09:30] <BFTD> thats the command I ran when  I got that error
[09:40] <BFTD> how can I restart apache2?
[09:41] <BFTD> /usr/sbin/apache2 restart?
[09:41] <coNP> BFTD: sudo /etc/init.d/apache2 restart
[09:41] <BFTD> ok
[09:42] <BFTD> I'll be using it alot
[09:42] <BFTD> I noticed that that error makes no really difference, everything gets downloaded and I can still use apt-get
[09:43] <coNP> you might use reload / force-reload as well
[09:49] <BFTD> anyone know of some memory intensive cli programs?
[09:49] <BFTD> command/apps*
[09:50] <Nafallo> make -j 5000 ? :-)
[09:50] <Nafallo> fabb_laptop should have some examples ;-)
[09:51] <dendrobates> 'make -j' without a number will continue forking until it cannot allocate any more memory. 
[09:51] <ajmitch> morning
[09:52] <nealmcb> some of the boinc distributed computing apps?  what are you trying to do?
[09:52] <dendrobates> ajmitch: good afternoon.
[09:56] <Nafallo> ajmitch: evening :-)
[11:22] <soren> Heh. My bittorrent client reveals the popularity of the server CD's. It's not all that impressing. :)
[11:23] <mralphabet> soren: you have your client seeding cd's?
[11:23] <soren> mralphabet: Yup.
[11:24] <soren> mralphabet: Yes, the fraction of server CD users using bittorrent to fetch their CD's is likely different from that of the desktop CD's.
[11:25] <soren> mralphabet: It does reveal an interesting trend, though. :)
[11:31] <mralphabet> soren: I have a bandwidth limit on my torrents so it was faster to use http
[11:33] <soren> mralphabet: Your ISP detects that it's bittorrent traffic?
[11:36] <soothsayer> Is it considered safe to open the NTP port for UDP incoming? ntpd doesn't act as a server that can itself be queried by default right?
[11:36] <mralphabet> soren: no, that's a self limitation so it doesn't flood my pipe
[11:37] <soren> mralphabet: Ah. I've yet to actually saturate my link. :)
[11:37] <soren> mralphabet: 100 Mbit/s is a lot :)
[11:37] <mralphabet> soren: I have ~300k inbound and I limit torrents to 200k inbound, http was giving me ~320k so it was going quick
[11:37] <ajmitch> it would be trivial to saturate mine
[11:37] <mralphabet> soren: crimeny
[11:38] <soren> mralphabet: Not at home, though. I have a machine at a co-lo facility for that sort of thing.
[11:39] <mralphabet> soren: still, it's nice to have a colo
[11:39] <soren> mralphabet: Very.