[12:09] Innatech: yeah... those are older models === necrite_ [n=necrite@r190-64-194-5.dialup.adsl.anteldata.net.uy] has joined #ubuntu-server [12:10] hi all [12:10] ivoks: ah. I suppose I got lucky, then. I didn't exactly do an exhaustive search before I bought, like I should have. [12:10] what is the daemon (service) which upgrade the server time? [12:10] ntpd [12:10] ty [12:11] np [12:13] FFS [12:13] I had forgotten to install the damn SQL-server === Nafallo tries to reinstall the package [12:14] lol. still can't configure it ;-) [12:17] wow [12:17] I think I got it running :-P [12:19] yepp yepp. uploading :-) [12:21] ScottK: is there a procedure for SRU other than yell at $RANDOM_ARCHIVE_ADMIN to let it through? :-) [12:21] Main or Universe? [12:21] universe [12:22] bacula_1.36.3-2ubuntu3_source.changes: done. [12:22] https://wiki.ubuntu.com/MOTU/SRU [12:22] thanks [12:22] Nafallo: Are you a MOTU. I don't recall (sorry)? === ivoks hopes to see gtk webkit browser by the end of 2008 and then never look back at firefox again :) [12:23] ScottK: yes. since hoary IIRC :-) [12:23] not very active those days though :-/ [12:23] OK. Wasn't sure. [12:24] You just dput to dapper-proposed and an Archive Admin will publish it. [12:24] 'night all [12:25] hmm. bug report ;-) [12:25] yea. [12:26] That would be good. [12:26] I just forgot about the bugreport. I talked to pitti about it before I started mangling the package though :-P [12:27] In that case, just put "It's not in LP, but I talked to pitti about it, so it's OK for an SRU updload." in debian/changelog and I'm sure it'll be fine. [12:27] ;-0 [12:27] so if we forget about the bug in changelog I'm fine ;-) [12:27] I've already uploaded the changelog with just the things I've changed :-) [12:28] i.e. three deps in debian/control ;-) [12:29] *sigh* [12:29] I have updatedb eating 1 core === dguitar4 [n=dguitar4@c-69-143-141-223.hsd1.va.comcast.net] has joined #ubuntu-server [12:30] if I uninstall slocate that will be findutils instead, which is essential. [12:30] what should I do about the damn thing? :-/ [12:34] ha! === Nafallo solved it by telling it not to search the 2TB partition :-) === Innatech [n=daf@netblock-72-25-97-119.dslextreme.com] has joined #ubuntu-server === Burgundavia [i=corey@ubuntu/member/burgundavia] has joined #ubuntu-server [01:27] thanks all for help, gn&gl === kshahnjd [n=kunalash@ool-44c0ac9c.dyn.optonline.net] has left #ubuntu-server [] === mdz_ [i=mdz@conference/oscon/x-7a9bf107a2dc9bba] has joined #ubuntu-server === Burgundavia [i=corey@ubuntu/member/burgundavia] has joined #ubuntu-server === mgalvin [n=mgalvin@ubuntu/member/mgalvin] has joined #ubuntu-server === ryanakca [n=ryan@ubuntu/member/ryanakca] has joined #ubuntu-server === dguitar4 [n=dguitar4@c-69-143-141-223.hsd1.va.comcast.net] has left #ubuntu-server [] === jbrouhard [n=jbrouhar@cm-207-192-193-222.stjoseph.mo.npgco.com] has joined #ubuntu-server === tru_`z24 [n=truz_`24@74-129-166-232.dhcp.insightbb.com] has joined #ubuntu-server === ryanakca [n=ryan@ubuntu/member/ryanakca] has joined #ubuntu-server === sommer [n=sommer@192.154.64.85] has joined #ubuntu-server === Scunizi [n=Scunizi@ip72-197-240-36.sd.sd.cox.net] has joined #ubuntu-server === halcyonCorsair [n=halcyonC@galaxy.liverton.net.nz] has joined #ubuntu-server [06:32] hi, can anyone tell me how to set the default route to be a particular interface? [06:37] ah, nevermind...oops === jbrouhard [n=jbrouhar@cm-207-192-193-222.stjoseph.mo.npgco.com] has joined #ubuntu-server === Dessan [n=andrew@ip68-105-63-168.pn.at.cox.net] has joined #ubuntu-server === stephanbuys [n=stephanb@gw.impilinux.co.za] has joined #ubuntu-server === ||arifaX [n=||arifaX@inetpop1.witron.de] has joined #ubuntu-server === coNP [n=conp@unaffiliated/conp] has joined #ubuntu-server === ivoks [n=ivoks@83-131-95-96.adsl.net.t-com.hr] has joined #ubuntu-server === rvfh [n=rvfh@fe2adsl-2.wyplay.net] has joined #ubuntu-server === YourMomsHero [n=cirish@ip24-251-191-203.ph.ph.cox.net] has joined #ubuntu-server === bain [n=bain@196.44.1.98] has joined #ubuntu-server === [miles] [n=miles@bcn1.entorno.es] has joined #ubuntu-server === CrummyGummy [n=CrummyGu@dsl-242-25-34.telkomadsl.co.za] has joined #ubuntu-server === pschulz01 [n=pschulz0@ubuntu/member/pschulz01] has joined #ubuntu-server === stephanbuys [n=stephanb@gw.impilinux.co.za] has joined #ubuntu-server === asisak [n=conp@unaffiliated/conp] has joined #ubuntu-server === Nicke [n=niclasa@ua-83-227-140-135.cust.bredbandsbolaget.se] has joined #ubuntu-server === Dessan [n=andrew@ip68-105-63-168.pn.at.cox.net] has joined #ubuntu-server === asisak [n=conp@unaffiliated/conp] has joined #ubuntu-server === Burgundavia [n=corey@ubuntu/member/burgundavia] has joined #ubuntu-server === ||arifaX [n=||arifaX@inetpop1.witron.de] has joined #ubuntu-server === coNP [n=conp@unaffiliated/conp] has joined #ubuntu-server === kgoetz [n=kgoetz@gnewsense/friend/kgoetz] has joined #ubuntu-server === coNP_ [n=conp@unaffiliated/conp] has joined #ubuntu-server === coNP [n=conp@unaffiliated/conp] has joined #ubuntu-server === ivoks [n=ivoks@83-131-95-96.adsl.net.t-com.hr] has joined #ubuntu-server === arturaz_ [n=arturaz@2002:57f7:4d58:0:0:0:0:3] has joined #ubuntu-server === arturaz [n=arturaz@2002:57f7:4d58:0:0:0:0:3] has joined #ubuntu-server === iceval [n=eversun@125.60.240.201] has joined #ubuntu-server [01:00] hello [01:01] i use 7.04 for server [01:01] is it okay? [01:01] can i install squid? [01:01] yes [01:01] how to install squid sir? [01:01] Nafallo [01:01] apt-get install squid [01:01] sudo apt-get install squid [01:01] :) [01:02] :-P [01:03] does ubuntu have root? [01:03] coz i cant access my root [01:03] yes, but its locked by default [01:03] man sudo_root IIRC [01:07] ivoks: first time to use ubuntu [01:07] from windows98 [01:07] =) [01:07] i want to use ubuntu to be my server [01:07] how to install squid? [01:07] i dont see the .exe [01:08] iceval: is it serious? [01:10] im serious [01:10] i email the ubuntu and they send me 7.04 [01:10] iceval: sudo apt-get install squid [01:10] my name is cesar quinon from philippines [01:10] please cheak my email sir [01:11] done this sir sudo apt-get install squid [01:11] this one i follow ivoks: sudo apt-get install squid [01:12] i dont see the squid in applications-places-system === arturaz [n=arturaz@2002:57f7:4d58:0:0:0:0:3] has joined #ubuntu-server === dexem [n=dani@14.Red-88-26-177.staticIP.rima-tde.net] has joined #ubuntu-server [01:15] iceval: squid is not a desktop application that would show up in the menu [01:16] oh i see [01:16] how to see it sir? [01:16] so i could look for it and how to creat a proxy so that i will use it to my workstations [01:16] so you install squid on your server [01:17] and setup workstations to use that [01:18] yes [01:18] but i dont have workstation now connected [01:19] i will first make sure that squid [01:21] iceval: http://tldp.org/HOWTO/TransparentProxy.html [01:22] but... eh... [01:22] you should know some basics first... :/ [01:22] and my guess is that you don't know them [01:23] this one is better: [01:23] http://www.e-healthexpert.org/node/431 === jdstrand [n=james@mail.strandboge.com] has joined #ubuntu-server [01:24] thanks [01:25] reboot [01:25] =) === iceval [n=eversun@125.60.240.201] has left #ubuntu-server [] [01:25] reboot? [01:25] indeed === asisak is sure he'll be back [01:26] hmm [01:27] asisak: from hungary? [01:27] were you in budapest last year on conference? === pschulz01 [n=pschulz0@ubuntu/member/pschulz01] has joined #ubuntu-server [01:35] ivoks: yeah, nope :( [01:35] ivoks: how do you know? [01:35] asisak: well. have you checked what channels you hang on? ;-) [01:36] btw my name comes from the town near Zagreb [01:36] lol @ me === ScottK [n=ScottK@ubuntu/member/scottk] has joined #ubuntu-server [01:40] morning ScottK [01:41] Good morning. === asisak hides [01:41] (neither light nor tpd updates yet) === lbm [n=lbm@0x555373ab.adsl.cybercity.dk] has joined #ubuntu-server [01:59] asisak: heh [01:59] asisak: i'm from zagreb [01:59] ivoks: yeah, that's why I said that [01:59] asisak: i was in budapest, giving talk about CUPS, very bad talk, if i may add :/ [01:59] you certainly know Sisak [01:59] croatia is so small that not only i know cities, but also villages :) [02:00] :) === coNP [n=conp@unaffiliated/conp] has joined #ubuntu-server [02:01] asisak: so, why (a)sisak? :) [02:02] doh.. [02:02] never mind :) [02:02] so because of my first name [02:02] or last === tck [n=tck@194.125.126.107] has joined #ubuntu-server [02:02] yeah, i figured that out :) [02:03] the winner is: ... ivoks :) === dguitar4 [n=dguitar4@c-69-143-141-223.hsd1.va.comcast.net] has joined #ubuntu-server === dguitar4 [n=dguitar4@c-69-143-141-223.hsd1.va.comcast.net] has left #ubuntu-server [] === ScottK2 [n=ScottK@ubuntu/member/scottk] has joined #ubuntu-server [02:10] ivoks: where should I start reading to setup this beast? :-) [02:10] which one? [02:11] bacula :-) [02:11] hehe [02:11] http://www.bacula.org/dev-manual/Brief_Tutorial.html [02:11] http://www.bacula.org/rel-manual/index.html [02:11] it will be difficult at start, but once you figure it out, you'll bowl to it every day [02:12] it's complex cause it's so flexibile... [02:12] yea, that's why I choosed it :-) [02:12] thanks. [02:13] np [02:13] if you get stuck, feel free to nag me... [02:13] I will :-) [02:13] that was figure of speach :) [02:13] i was being polite :) [02:13] hehe [02:14] it has very verbose logs, so one should get all the info from it [02:25] Nafallo: if you have time, take a day or two and try figure out retenation and recycle definitions :) [02:25] ivoks: I haven't :-) [02:28] Nafallo: keep File Retention =< 30 days [02:29] Nafallo: Volume Retention depends on how much you want to ruse same volume [02:30] its a 2TB partition on RAID5 :-) [02:30] :)) [02:30] so, one day? :) [02:30] I sure hope it can take more then that ;-) [02:30] depends on what you're backing up [02:31] yea. will see how much space it will use :-) [02:32] file retention is period after backup during which you want to be able to single pick one file [02:32] volume retntion is period after backup during which you want to be able to recover data from that volume [02:33] so, file retention is less than volume [02:33] What's the point in having a volume with data on it, if you can't restore files from it? [02:34] you can [02:34] but you can't pick single file from it [02:34] cause if you do daily backup [02:34] and hold information about 1TB files in database [02:34] that database will be very large after 30 days [02:34] ivoks: Ah, I can only restore the entire backup then? [02:34] yes [02:34] ivoks: Entire volume, I mean. [02:34] ok. [02:35] it's possible to recover data even if volume is older than volume retention period [02:36] but this includes scaning volume [02:36] and... well... i didn't try it and don't plan to :) [02:36] hmm [02:37] I think the first step is going through the files in remembrance:/etc/bacula ;-) [02:37] bacula-dir is most important one [02:37] everything about the jobs is defined there [02:38] what to backup, when, at which volume, retention periods, recycling, etc... [02:38] no default password? [02:38] iirc, there is no by default [02:39] but you should set one up, or two, or three :) [02:39] director can use different password for different modules (-sd, -fd and console) [02:40] but passwords are something you can setup at the end :) [02:40] and are easiest thing to do :) [02:41] hmm. === fernando [n=fernando@unaffiliated/musb] has joined #ubuntu-server === dendrobates [n=rclark@adsl-065-005-186-012.sip.asm.bellsouth.net] has joined #ubuntu-server [02:44] aha. Jobs points to JobDefs. smart :-) [02:47] don't forget, jobs can have RunBefore and RunAfter [02:47] this is great stuf... program gets executed at fd, so on director you say 'oracle stop' [02:47] and this gets executed before backup at client [02:47] seems most conf is done with vi rather than bconsole? :-) [02:47] and after backup oracle start :) [02:47] stephanbuys: ping [02:47] bconsole is not for configuration [02:48] bconsole is for monitoring and reconfiguration [02:48] ah. oki :-) [02:48] for example, in config you define maxvolumesize [02:48] but if you used volume before with different maxvolumesize, then you can reconfigure it trough bconsole [02:49] or lables... [02:49] why don't I just do the reconfig with vi then? [02:49] you can't [02:49] hehe [02:50] ok... [02:50] if you want to change something, for example volume label [02:50] you can change volume label for *new* volumes in config [02:50] but old volumes need name change to; this you can do only trough bconsole [02:51] hmm. oki. [02:51] cause, you need to rewrite volume and update sql entries [02:51] why is that? :-) [02:51] ah. oki. [02:51] i know, you tought vi can do everything :) [02:51] hehe [02:52] if you want, i could send you my config [02:52] with comments [02:52] that would be kewl! thanks! nafallo@ubuntu.com :-) [02:52] expect it later today [02:52] thanks :-) [02:52] cause i don't have time now to comment it :) [02:52] hehe [02:52] and edit :) [02:53] :-P [02:54] dendrobates, hi there [02:54] stephanbuys: have you looked at the auth-client-config package that jdstrand created? [02:55] dendrobates, nope - not yet - wasn't aware of it [02:56] stephanbuys: http://www.strandboge.com/software/auth-client-config/ [02:56] dendrobates, cool - will check it out [02:57] stephanbuys: It is a python script that configures pam.d and nssswitch.conf. [02:57] dendrobates, yeah - I saw the posting. forwarded it to my team and I will also have a look at it [02:58] stephanbuys: what time zone are you in? I want to schedule a meeting to discuss the spec, and all the packages and get agreement on how things should be done. [02:59] dendrobates, GMT +2 [02:59] stephanbuys: BTW, debian has agreed to take our changes. [02:59] dendrobates, thats great news [03:01] dendrobates, if this works well we can get use it in authtool [03:01] dendrobates, also, there was a query from the Google Summer of Code project that could perhaps do just that for us :-) [03:03] that is my thought, I like the idea of the templates, admins could create and manage their own templates to easily configure many systems. === mathiaz [n=mathiaz@modemcable178.77-70-69.static.videotron.ca] has joined #ubuntu-server [03:12] dendrobates, we implemented templates in authtool as it allowed us to have a predictable, known-to-work, set of configurations === fernando [n=fernando@unaffiliated/musb] has joined #ubuntu-server [03:38] dendrobates: FYI: I put auth-client-config in launchpad at https://launchpad.net/auth-client-config [03:39] it will just poll my website for updates for now [03:39] no new changes yet [03:44] jdstrand: Cool, I am referring to it in my spec as well, because we need to get it into Gutsy. [03:44] yeah, I saw that. great! [03:45] jdstrand, dendrobates : any plans to support winbind (or AD) authentication with this frontend? [03:46] That is my plan. But after gutsy. [03:46] I am trying to take a bitesize portion. So we can be sure to get it done. [03:46] stephanbuys: as far as auth-client-config is concerned, I just need appropriate nsswitch.conf and pam settings, and they can be added as one of the templates === coNP [n=conp@unaffiliated/conp] has joined #ubuntu-server [03:47] stephanbuys: but even if it is not included right away, auth-client-config will (todo) support pulling in settings from files in /etc/auth-client-config/profile.d, so authtool or whatever can just drop files in there [03:48] stephanbuys: they will be automatically picked up at runtime [03:49] jdstrand, I have found the RedHat tool to be a good reference on how to do this in action: http://www.koders.com/python/fid6E833D2322AF4119AF8F430040C948D7CDC0C43D.aspx?s=authconfig [03:49] jdstrand, how about credential caching and offline usage? [03:49] jdstrand, we had to enable nss-updatedb to make sure ldap auth does not break when going home :-) [03:50] so unfortunately its not just as easy as setting nsswitch.conf and pam [03:50] bain, ^^^ [03:50] stephanbuys: auth-client-config really doesn't care about any of that. It will have a database for settings for passwd, group and shadow for nsswitch, and auth, account, password and session in pam. However Ubuntu or a sysadmin wants to configure the profiles is up to them. [03:51] jdstrand, ok - fair enough. authtool can help with that (it also has a command-line mode) [03:51] auth-client-config will just provide a convenient way of maintaining a database and updating pam and nsswitch.conf, primarily for usage with debconf, but could apply to other situations [03:51] jdstrand, I see the potential of using auth-client-config as the config backend for authtool [03:52] jdstrand, we can then address the nuances like ccache, offline usage, etc through it [03:52] stephanbuys: I thought it could be applied there as well-- then authtool can focus on the ui [03:52] stephanbuys: and all that stuff you mentioned [03:52] stephanbuys: here [03:53] stephanbuys: it is one piece of a larger puzzle. kindo of like update-inetd, but for nsswitch and pam [03:53] jdstrand, ok - agreed. and _extremely_ usefull [03:53] I like the idea of pulling all config, including ccache and such out of any ui, and putting them in a separate package. [03:53] jdstrand, we can handle the different auth backends with authtool then [03:54] dendrobates, elaborate? (out of the authtool UI even?) [03:54] A user might want the functionality but not the full authtool package. === tck [n=tck@194.125.126.107] has joined #ubuntu-server [03:54] ok - so conceptually there is a dependency chain like this: [03:54] stephanbuys, dendrobates: authtool can do that, and different packages like ldap-auth-config, kerberos-auth-config, winbind-auth-config, ad-auth-config, laptop-auth-config,... can pull in whatever packages they need, and use auth-client-config as part of there configuration [03:55] pam/nsswitch.conf/etc -> auth-client-config -> authtool [03:55] s/there/their/ [03:56] It just seems like that functionality should be in auth-client config, but that is just my opinion. [03:56] jdstrand, In authtool we will then have a couple of backends defined, for example: Local Authentication, LDAP (or Ubuntu) Server, Active Directory, eDirectory [03:57] dendrobates, so enabling/disabling credential caching becomes a function of auth-client-config as well? [03:58] stephanbuys: your dependency chain is looks good to my thinking, except I would do s/authtool/(authtool|ldap-auth-config|kerberos-auth-config|...)/ [03:58] since is is not specific to any one auth scheme, yes. [03:58] dendrobates, ok - agreed. also it is one of the really subtle pieces in pam and a nightmare for a first-time administrator to get right [03:58] stephanbuys: as for the backend, auth-client-config only does nsswitch.conf and pam, so you can either give me your settings, or drop them into /etc/auth-client-config/profile.d (in 0.2) [03:59] (ccreds in pam) [03:59] I also think those advanced features should be in the next release. [03:59] think about how much better we are making things already. [04:00] jdstrand, ok - how about: am/nsswitch.conf/etc -> auth-client-config -> ldap-auth-config|kerberos-auth-config -> authtool (for GUI) [04:00] stephanbuys: have to talk to dendrobates about ldap-auth-config-- I think he will be doing debconf there? [04:01] dendrobates, jdstrand : a lot of debconf work has gone into authtool already, ajmitch envisioned using debconf where possible [04:01] jdstrand: just ldap specific debconf. [04:01] jdstrand, dendrobates : we even support dependency tracking and will install the missing auth debs if they are needed [04:02] stephanbuys: we should use that in ldap-auth-config [04:02] stephanbuys: just for clarity, ccreds and nss-updatedb settings in nsswitch.conf and pam is no problem. It is just another profile type [04:02] dendrobates, jdstrand : also authtool is great for doing things like automatic DNS discovery of the kerberos servers or LDAP lookup (in the Root DSE) of the base_dn on a LDAP server [04:03] stephanbuys: great, that is something I really wanted, it gives us an advantage over the other distros. [04:04] I also envisage "zeroconf" enabling all of this in the end so that if a user has a Ubuntu server that is ready for LDAP auth on the LAN it will be automatically detected [04:05] stephanbuys: that's my vision as well. === stephanbuys loves it when a good plan comes together [04:06] dendrobates, will you drop me an email regarding the meeting you want to hold? [04:07] stephanbuys: I think that with the use of profiles in auth-client-config, switching between them via zeroconf or even network-manager is possible [04:07] stephanbuys: I plan on send out a request today. [04:07] stephanbuys: would have to carefully think about whether that is desirable though [04:08] jdstrand, although it sounds simple we have found that in practice some things (like GDM) can be really pedantic about changes to nsswitch and pam [04:08] stephanbuys: yes-- I have found that to be true too-- sometimes a restart of the system is in order (I think it has something to do with glibc, but...) [04:09] stephanbuys: the idea was more to do it on boot, before gdm or anything. But again, this is (way) down the road [04:09] jdstrand, exactly :-) [04:10] jdstrand, I think in practice users do not switch auth backends too frequently (it creates too much of a uid and gid mess), so we should be pretty isolated from that requirement for a while [04:10] jdstrand, dendrobates : ever consider OpenID as a potential auth backend? [04:10] stephanbuys: agreed [04:11] stephanbuys: no, but checking it out now [04:12] stephanbuys: I thought openid was like ms passport. [04:12] Ahh I get it. === kupesoft [n=dave@red-gw.cs.toronto.edu] has joined #ubuntu-server [04:13] dendrobates, its all about authentication, of course you might not "trust" all potential auth provides to log onto your work laptop (for example) [04:13] s/provides/providers/ [04:13] so you are saying sytem auth using openid? Has this been done before? What about nss? === David_CDRJ [n=david@200.156.70.1] has joined #ubuntu-server [04:14] stephanbuys: the concept seems similar to kerberos [04:14] jdstrand, exactly, but potentially a 100 times easier to deploy :-) [04:14] hi there [04:14] jdstrand, and "future proof" in a way [04:15] dendrobates, no, not as far as I know [04:15] does anybody have problem with de e1000 module in ubuntu server 7.04 [04:15] David_CDRJ: Hi [04:15] ? === stephanbuys still gets nightmares thinking about GSSAPI and kerberos integration into all Ubuntu client apps [04:16] stephanbuys: I know what you are saying, but with PAM, kerberos doesn't have to be a total nightmare. Maybe just a bad dream. :) === allyson [n=allyson@189.25.36.37] has joined #ubuntu-server [04:17] jdstrand, lol [04:18] stephanbuys: really it is just finding the right combination of of ccreds, update-nss and kerberos. That is what takes so long. But with the work we are doing here, we should be able to take that pain away from users. [04:18] i tried to update de module to the newest version bug every time i reboot the server the old one came back! [04:19] jdstrand, true, "Rome wasn't built in a day" seems appropriate [04:19] stephanbuys: it seems openid does just the authentication. So still need ldap for network authorization. Am I understanding this correctly? [04:20] jdstrand, correct. OpenID is all about authentication. The "trust" of that authentication is then determined by the "service provider". which would then lead to authorization [04:21] jdstrand, for example, I would only "trust" OpenID authentication from "logon.mydomain.com" to authorize users to access work computers [04:21] stephanbuys: I was thinking about uids and gids [04:21] stephanbuys: the provider doesn't handle that does it? [04:21] i guess my problem are a little less interesting that autentication... [04:21] jdstrand, ah - I see. [04:22] jdstrand, theoretically it could === ToonArmy [n=chris@88-105-150-55.dynamic.dsl.as9105.com] has joined #ubuntu-server [04:22] jdstrand, OpenID should allow the user to easily select an identity with certain meta-data. That meta-data could of course provide uid and gid [04:23] David_CDRJ: be patient-- people tend to check this less frequently than others. For more immediate response, try #ubuntu [04:23] jdstrand, but to be honest I haven't thought that through yet =) [04:23] jdstrand: thanks === bain waves [04:25] jdstrand, http://openid.net/specs.bml -> OpenID Attribute Exchange 1.0 - Draft 5 === asisak [n=conp@unaffiliated/conp] has joined #ubuntu-server [04:30] stephanbuys: looking through that and some googling, seems very website-centric, though there http://code.google.com/p/pam-openid/ [04:32] jdstrand, oh it is, still something to keep on the radar perhaps, and something to differentiate Ubuntu from other players. What I really like about it is that there are already loads of providers out there and that it seems very simple [04:32] stephanbuys: yeah-- seems cool === fernando [n=fernando@unaffiliated/musb] has joined #ubuntu-server [04:39] jdstrand, dendrobates : I've got to run - good chatting to you. bye === allyson [n=allyson@189.25.36.37] has left #ubuntu-server ["Konversation] === leonel [n=leonel@189.155.107.241] has joined #ubuntu-server === kshahnjd [n=kunalash@ool-44c0ac9c.dyn.optonline.net] has joined #ubuntu-server [04:57] I'm having trouble with the vsftpd configuration, I followed the ubuntu server guide precisely, I can log in, but when using my client (filezilla) I receive 'critical transfer error' when attempting transfer to /var/www [04:57] my home directory I receive the same error, but the transfer seems to work === jbrouhard [n=jbrouhar@cm-207-192-193-222.stjoseph.mo.npgco.com] has joined #ubuntu-server === ivoks [n=ivoks@1-33.dsl.iskon.hr] has joined #ubuntu-server [05:37] has Debian ever used chkconfig? [05:37] or always used update-rc.d === asisak [n=conp@unaffiliated/conp] has joined #ubuntu-server [05:47] its ok, i found sysv-rc-conf -- looks nice [06:05] Nafallo: mail on its way [06:05] can someone recommend me something besides vsftpd? I am not having a good time using it [06:05] kewl, thanks :-) [06:05] kshahnjd: I would recommend vsftpd :-) [06:05] NO :( [06:06] kshahnjd: yes, vsftpd or noftp [06:06] yes, I would :-) [06:06] I can't seem to figure out the permissions for the /var/www directory [06:06] what hard times? [06:06] sftp! [06:06] i had my account join the www-data group [06:06] and.. still weird things are going down [06:07] like...? [06:07] joing user www-data group shouldn't have any effect :) [06:07] i still don't have permissions, I get errors, i chmod'ed a directory within /var/www [06:07] and using filezilla i still get 'crticial transfer errors' [06:07] but it appears to have uploaded successfully... [06:08] someone pointed me to what seemed to be an overly complex virtual user config.. I don't feel like it needed to be that complicated, i may be wrong [06:08] probably am [06:09] maybe it would be better for you and us if you would say what you want to achive, not how you are doing it [06:09] :) [06:09] he, sry, alright, so I have an account, my username, kshah, I want to be able to whatever I want to the /var/www directory and subdirectories [06:10] *to do whatever I want* as in, rwx, mkdir, deldir, etc [06:10] ok [06:10] this doesn't have anything to do with ftp [06:10] chown -R kshah /var/www/ [06:10] and that's it [06:10] but doesn't that steal permission away from www-data ? [06:11] www-data doesn't have any permissions there [06:11] ? [06:11] only read [06:11] www-data can write only in /tmp and /var/tmp [06:11] like every other user [06:11] created by an app" [06:11] you *don't* want to chown /var/www to www-data [06:12] i see [06:12] so I can chown only for one user, what if there are multiple ftp users that should all be able to toy around with that /var/www dir? [06:13] should i then create a group which has permissions to it? [06:13] create group, chgrp that dir to that group, and make it writable for that group [06:13] don't make it writable for www-data, never! [06:13] only cache dirs and upload dirs [06:13] thats a security risk, right? [06:13] yes [06:14] so, lets say.. for instance i'm using drupal, a cms, which has certain files permissions set.. me changing owner will not effect that files permissions? [06:14] it will just override them for em? [06:14] *me? [06:17] phone, sec === novavision is now known as purefusion === ivoks [n=ivoks@1-33.dsl.iskon.hr] has joined #ubuntu-server [06:28] back [06:29] where were we? :) [06:29] Nafallo: does it help? [06:35] ivoks: wow. -dir is damn huge to get the mind around :-) [06:35] and mine will probably be larger when I'm finished :-P [06:36] :) [06:36] right, every single thing is customisable [06:37] Nafallo: i have even bigger, but this one isn't for sharing :) [06:37] :-P [06:39] includes couple of autochangers :) [06:40] sarge. does that still have security support? [06:41] hmm. seems like it. [06:43] in -fd I just point to the director I just set up, right? [06:44] yea. looks like it. [06:44] right [06:48] hmm [06:49] if I specify client in jobs instead of jobdefs I can have jobdef called servers with most other options included... [06:49] yes [06:49] if I have options in JobDefs and specify other options that are already set in JobDefs in Jobs, which one will go though? :-) [06:50] :) [06:50] check out documentation :) [06:50] hehe [06:51] JobDefs should be common settings [06:51] yea [06:53] so if I want to backup one host I do a JobDefs, two Jobs and two Schedulers then... [06:53] I guess [06:53] full daily and incremental from time to time :-P [06:54] no [06:54] one scheduler [06:55] oh? [06:55] with couple of Run [06:55] Rub = Full sun at 22:00 [06:55] Run = Incremental mon-sat at 22:00 [06:55] for example [06:56] that's inside one schedule [06:56] but if I want full backup every 12h and incremental every hour? [06:56] hmm. oki [06:56] two jobdefs only if you include something else in full backup [06:57] but if fileset is the same, and only diff is incremental/full [06:57] then one scheduler with two Run's [06:57] Runs [06:57] so one of everything and two jobs :-P [06:57] no, one everything :) [06:58] ehrm. === Nafallo tries to wrap his head around it :-) [06:58] you can do with two schedulers, if you want, but it's not must have [06:58] :) [06:59] so I don't need two Jobs for defining Level? [07:00] if you have a client [07:00] and file storage [07:01] then define one jobdefs, one job, one client, one storage [07:01] if you want to run daily incremental, and full on sunday [07:01] then one scheduler [07:01] with Run = Full mon-sat at 22:00 [07:01] eerrrr [07:01] I think I'm confused by Level then :-P [07:02] what is that doing in JobDefs? [07:02] Level is default, but you can without it :) [07:02] ah [07:02] let me check docs [07:02] :) [07:03] remove Level [07:03] you don't need it [07:03] oki. thanks. === asisak [n=conp@unaffiliated/conp] has joined #ubuntu-server [07:11] np [07:11] this will take some time to get the mind around :-) [07:12] damn. the standard JobDefs is used by some Catalogthingie :P [07:14] ? [07:14] ah, Catalog [07:14] yes, you need this [07:15] I wonder what was in the standard JobDefs then :-P [07:15] it exports bacula's SQL into file and writes it to backup media [07:15] :)) [07:16] so I will need an -fd on localhost then= [07:16] ? [07:17] yes [07:18] *sigh* thanks [07:18] to backup one host I need to backup two ;-) [07:18] you don't backup host [07:18] you backup bacula information [07:19] that way your backup host can fail and you'll be able to recreate everything [07:19] yea, but need the daemon, so no real diff ;-) [07:20] oh! both the default JobDefs and that CatalogJob has Level :-P === Nafallo wonders why it even has a JobDefs specified. === ivoks [n=ivoks@1-33.dsl.iskon.hr] has joined #ubuntu-server === sahafeez [n=sahafeez@67.109.14.227.ptr.us.xo.net] has joined #ubuntu-server === ivoks [n=ivoks@1-33.dsl.iskon.hr] has joined #ubuntu-server === ivoks [n=ivoks@1-33.dsl.iskon.hr] has joined #ubuntu-server === jbrouhard [n=jbrouhar@cm-207-192-193-222.stjoseph.mo.npgco.com] has joined #ubuntu-server === arturaz [n=arturaz@2002:57f7:4d58:0:0:0:0:3] has joined #ubuntu-server [08:14] Is there any compelling reason to use the 64bit LTS on Xeon servers? [08:14] or am I just asking for dependency problems? [08:14] i use 64bit on servers [08:14] do you have to symlink everything? [08:15] or do most 32 programs find the libs they need? [08:15] *32bit [08:16] i don't use 32bit programs [08:16] on 64bit servers === arturaz [n=arturaz@2002:57f7:4d58:0:0:0:0:3] has joined #ubuntu-server [08:16] ah. [08:16] if you need 32bit programs [08:16] use 32bit OS [08:16] unless your server has more than 4GB of RAM [08:17] I'm not entirely sure what I might need, eventually. Nah, not over 4GB yet. [08:17] Probably safest to go with the regular 32bit x86 version for now. === jbrouhard [n=jbrouhar@cm-207-192-193-222.stjoseph.mo.npgco.com] has joined #ubuntu-server [08:20] 64-bit host with 32-bit VMs? :-) [08:21] Nafallo: LTS is in question :) [08:21] Nafallo: how's bacula coming along? :) [08:22] dunno. confusing enough for me to leave it off and go fetch something to drink ;-) [08:22] LTS can do XEN? I've seen tutorials. [08:23] yes, you are right [08:23] we use openvz at work on LTS as well ;-) [08:23] dendrobates: you were struggling with openssl licensing a couple of weeks ago. [08:24] mathiaz: yes [08:24] dendrobates: have you looked at yassl - http://yassl.com/ ? [08:24] dendrobates: that's what mysql is using. [08:24] mathiz: hmm? [08:25] dendrobates: I'm reading through mysql changelogs and they mention yassl [08:25] mathiaz: I'll look at it. [08:25] dendrobates: and some licensing issues. But I'm not sure how relevant this is to your openldap problem. [08:27] mathiaz: It might be useful if openldap could successfully compile with it. [08:28] dendrobates: they say that there is an openssl compability layer. [08:29] dendrobates: and it seems that they've updated their license to cover the linking of third party software. [08:29] mathiaz: gnutls has one as well, but it does not work with openldap. [08:29] dendrobates: in this case, it was apache linked to mysql linked to yassl [08:30] dendrobates: yeah I remember. Anyway, it may be worth to look at it. If it compiles, then I think, the licensing issue doesn't exist. === Dessan [n=andrew@ip68-105-63-168.pn.at.cox.net] has joined #ubuntu-server === madmetal_spyros [n=madmetal@ppp147-197.dsl.hol.gr] has joined #ubuntu-server === CrummyGummy [n=CrummyGu@dsl-242-25-34.telkomadsl.co.za] has joined #ubuntu-server === nrpil [n=nrpil@s5591f679.adsl.wanadoo.nl] has joined #ubuntu-server [09:34] ScottK: I started to work on lighttpd (again) [09:34] Great. [09:35] ScottK: can you please help me if there is some SRU tutorial and / or what bugs qualify serious enough to be put back? [09:36] asisak: https://wiki.ubuntu.com/MOTU/SRU [09:36] Since lighttpd is in Universe. [09:36] thanks... reading... [09:36] yeah, I know [09:37] actually it was high time to do something universe-related since I want to become a MOTU :) [09:37] https://wiki.ubuntu.com/SecurityUpdateProcedures for security bugs. [09:38] what does SRU exactly mean? [09:38] security related update? === pircjo1 [n=pircjo@adsl-76-224-29-163.dsl.emhril.sbcglobal.net] has joined #ubuntu-server [09:39] Stable Release Update [09:39] I see [09:39] SRU is for serious, but non-security (e.g. crash/data loss/package not installable) fixes for released versions. [09:40] I'm running UBUNTU 6.06 server and I have connected a windows network drive via cifs I am getting an intermittent error when I cp files to it "Bad file Descriptor" [09:41] ScottK: I might get it wrong, but bug #127718 speaks about security fixes [09:41] Launchpad bug 127718 in lighttpd "lighttpd security fixes" [Low,In progress] https://launchpad.net/bugs/127718 [09:41] Yes. You should use the security process for that one. [09:42] hmmm === purefusion [n=novavisi@adsl-bg-070-130.wcnet.org] has left #ubuntu-server [] [09:45] Any advise on mounting a windows network drive? [10:00] So-- kernel panic trying to install LTS x86 on a dual core opteron. "MP-Bios bug : 8254 timer not connected to IO-APIC" "Kernel panic -- not syncing: IO-APIC+ timer doesn't work! " [10:01] apic=debug gives a little more information--mostly, that all of the workarounds failed. [10:01] What do I lose if I use noapic? This is a server, with a 3ware RAID card. I don't want to cause interrupt problems. [10:13] you already loose [10:13] with broken hardware [10:15] disable ioapic in bios if you can [10:15] It's a brand new Silicon Mechanics / Supermicro server. Tested out on CentOS5. If anything's broken, its the LTS kernel/distro/installer. [10:16] I know how to work around it, I'm just trying to make sure that the workaround won't cause problems down the road. If I want to use a different distro, this is the time to decide. [10:18] well, you've got message from kernel [10:18] IO-APIC doesn't work [10:18] so, disabling it wouldn't harm [10:18] Right. So--what do I lose by going with LTS w/o APIC -- versus, say, CentOS with it? [10:18] are you sure it is with it? [10:19] Yup. [10:19] then report kernel bug if you have time [10:19] Yes. Great. But, meanwhile I have to do my job. I've never been able to figure out what the practical consequences of disabling APIC are. [10:19] er... [10:20] APIC is for SMP machines [10:20] dual core. === coNP [n=conp@unaffiliated/conp] has joined #ubuntu-server [10:20] can the new landscape app install ubuntu onto remote machines a la windows SMS [10:20] Innatech: disabling apic would mean disabling second core [10:20] >blink< [10:21] are you sure about that? [10:21] We're talking about APIC, not ACPI. [10:22] http://wiki.linuxquestions.org/wiki/APIC [10:23] ah, nice. Thanks. [10:23] it is possible that CentOS is using UP kernel for installation (i'm not sure, but could be...) [10:26] Well, this is a tested CentOS install that Silicon Mechanics left on the system when they were done testing. [10:26] It's not an installer. [10:27] Still, I suppose I'll go ahead with the LTS install and see what happens. I don't really want CentOS on this box. [10:27] try with nolacpi first [10:27] beh [10:27] nolapic [10:27] yeah, no lapic. [10:27] that's an idea. [10:28] something that works often for me is 'pci=nommconf' [10:28] this is when i get random lockups [10:29] not related to APIC, but wouldn't hurt to try... [10:30] i would love to get my hands on this -> http://www.canonical.com/landscape [10:32] tck-afk: then wait just a bit more :) [10:32] we will get the client [10:32] the main package is for subscribers only [10:32] 'we'? [10:32] users, clients [10:32] yes :) [10:33] http://packages.ubuntu.com/feisty/admin/landscape-client : empty [10:33] they are teasing us [10:33] that means it will be open source [10:33] so everybody could write their own server part [10:33] well theres the client and the server side i guess [10:34] ivoks: sure, though I'd say the server part is fairly complex [10:35] ajmitch: i guess it is, yes [10:35] I'm glad there's at least something more than just rumours now [10:35] if it can do what Windows SMS or HP's radius does i'd be well impressed [10:35] i wonder could it push down images [10:35] images? [10:35] like network install? [10:36] clients could pxe boot etc.. [10:36] yeah [10:36] be wicked [10:36] you can do that already :) [10:36] managed centrally ? [10:36] you don't manage installation procedure, you start it and wait for it to finish [10:37] i like the Semi-connected management: [10:37] without interaction [10:37] i wonder how many in-house developers they have coding all this stuff [10:37] Yay! nolapic works. So, what's the difference between noapic and nolapic? [10:37] they certainly churn out alot of slick apps and tools [10:39] Innatech: Local APIC interrupts [10:39] yeah, I get that. So what's the difference between APIC and local APIC? [10:40] http://en.wikipedia.org/wiki/Intel_APIC_Architecture#Local_APICs [10:40] lapic is part of apic === madmetal_spyros [n=madmetal@ppp147-197.dsl.hol.gr] has left #ubuntu-server ["Leaving"] [10:40] hmm. Interesting. [10:42] tck-afk: anyway, i would love to see landscape too :/ [10:43] i guess it will be expanded RHN :) [10:43] having used windows SMS on my last contract [10:44] it could really change how businesses look at a large scale rollout [10:44] to use HP's radia (http://support.openview.hp.com/radia.jsp) is over 100,000 euro [10:45] afaik M$ give SMS (Systems Management Server) away for free === jbrouhard [n=jbrouhar@cm-207-192-193-222.stjoseph.mo.npgco.com] has joined #ubuntu-server [10:49] 'night all === stickystyle [n=stickyst@65-97-153-194.ftl.fdn.com] has joined #ubuntu-server === dendrobates [n=rclark@adsl-065-005-186-012.sip.asm.bellsouth.net] has left #ubuntu-server [] === vciaglia [n=vciaglia@host212-156-dynamic.17-87-r.retail.telecomitalia.it] has joined #ubuntu-server === sahafeez [n=sahafeez@67.109.14.227.ptr.us.xo.net] has joined #ubuntu-server [11:54] ScottK: debian seem to have fixed these issues [11:54] some of the at least [11:55] coNP: For lighttpd? We need to patch the released versions in Ubuntu, not bring in new Debian versions. [11:55] sure, but neither debian will bring in new versions to fix security issue [11:55] s [11:57] but I am too sleepy to investigate this any more [11:57] security things are hard [11:58] see you [11:58] OK. [12:04] I have an Intel dual PT/1000 NIC (PCI-E) in my router. A couple days ago, LTS was happily recognizing it, although I had to shove it's PCI ID into /sys/.../new_id for it to be recognized. However, since then the devices it's assigned to seem to change mysteriously--first it was eth3 & eth4 (which made sense as 0, 1 & 2 are on the motherboard.) However, now they show up as eth3 & eth5 (which doesn't make much sense) -- and neith [12:04] er one of them seems to detect a link. How do I troubleshoot this? One thing I noticed is that lsmod doesn't show any active use of e1000 -- but ethtool says that they're using e1000.