[04:39] <lamont> nealmcb: uh... when/where for the colorado loco party?
[07:52] <maeth> how can i install a VPN on my ubuntu machine?
[07:56] <ivoks> there are 3 vpns ubuntu supports - pptp, openvpn and vpnc
[07:57] <ivoks> which one do you want. do you need server or a client?
[07:59] <maeth> ivoks, need pptp, i already installed pptpd package
[07:59] <ivoks> great, then you just need to create a user
[08:01] <ivoks> in /etc/ppp/chap-secrets
[08:01] <ivoks> and edit /etc/pptpd.conf
[08:01] <maeth> ivoks, ok , thnx ... gonna check
[08:04] <_ruben> ivoks: and there's openswan, atleast its listed with apt-cache search
[08:04] <ivoks> _ruben: right, ipsec also
[08:11] <maeth> ivoks, can you help me with the configuring?
[08:11] <maeth> ivoks, how do i set more users?
[08:11] <ivoks> add them to chap-secrets
[08:12] <ivoks> [username]  pptpd [password]  *
[08:13] <maeth> ivoks, with the " [ ]  " ??
[08:14] <ivoks> without [] 
[08:14] <ivoks> but you should add ""
[08:14] <maeth> ""? where?
[08:14] <ivoks> example:
[08:14] <maeth> like this "username"?
[08:14] <ivoks> "ivoks" pptpd "secretpassword546;" *
[08:15] <maeth> ; that too?
[08:15] <maeth> sorry for the noob questioning
[08:15] <ivoks> in this example, ; is part of password
[08:15] <maeth> ivoks, k.. done :D
[08:15] <maeth> ivoks, thnx
[08:18] <maeth> ivoks, once created the user, i need to restart the service?
[08:21] <ivoks> no need to do that
[08:21] <maeth> ivoks, didnt worked :S
[08:22] <ivoks> check yor syslog
[08:58] <kraut> moin
[09:25] <_ruben> gug
[09:37] <soren> Good morning.
[09:40] <MenZa> Morning soren :)
[09:40] <soren> Hi, Menza :)
[12:14] <ivoks> why is /boot/grub/menu.lst world readable?
[12:15] <ivoks> :)
[12:15] <Nafallo> ivoks: it is not :-)
[12:16] <ivoks> well, i have unusal ubuntu here then :D
[12:16] <ivoks> it is, on all my ubuntus :)
[12:16] <Nafallo> no, you have the usual. I have changed some permissions where it makes sence on my server thou ;-)
[12:17] <ivoks> but we should do this by default :/
[12:17] <Nafallo> why?
[12:17] <ivoks> people would like to set passwords for grub
[12:17] <Nafallo> is there really a need before you add a password in there?
[12:17] <ivoks> this is not about me :D
[12:18] <ivoks> but people do want password there and don't have a clue that other users can read that file
[12:18] <ivoks> that would be great, yes
[12:19] <ivoks> and would require changes to passwd and useradd
[12:19] <Nafallo> oh?
[12:20] <ivoks> or update-grub should read if password is set, and chmod 640 it
[12:21] <Nafallo> that would be cleaner in my mind indeed...
[12:21] <Nafallo> grep ^password ;-)
[12:21] <ivoks> something like that... :)
[12:22] <ivoks> todo for 8.04 :)
[12:23] <Nafallo> add it to the Serverteams ideas wikipage :-)
[12:23] <ivoks> :D
[12:23] <Nafallo> and if we haven't got one, create one ;-)
[12:23] <ivoks> https://wiki.ubuntu.com/ServerTeam/HardyIdeaPool
[12:23] <Nafallo> oooh
[12:23] <Nafallo> kewl!
[12:24] <ivoks> hm, would that be packaging or feature? :)
[12:24] <Nafallo> hehe. and hardy cause we will have apport rolled out for the whole of mains servers? ;-)
[12:24] <ajmitch> it's hashed with md5, isn't it?
[12:24] <Nafallo> both :-)
[12:24] <Nafallo> ajmitch: you can choose to do that indeed.
[12:25] <ivoks> ajmitch: it can be, but it's not by default
[12:25] <ajmitch> probably a good default to have
[12:25] <ivoks> and... anyway, shadow isn't world-readable
[12:25] <ajmitch> agreed
[12:25] <Nafallo> hmm
[12:25] <ivoks> imho, we should chmod it
[12:26] <Nafallo> we should probably not set a password in there thou...
[12:26] <Nafallo> sometimes you need remote hands...
[12:27] <ivoks> that's design problem, world-readable password is security problem
[12:27] <Nafallo> yea :-)
[12:27] <Nafallo> lets start with chmod if ^password
[12:27] <ivoks> if you need remote hands, don't put password there :D
[12:27] <Nafallo> exactly :-)
[12:28] <Nafallo> I could probably set it on all the London-based servers thou ;-)
[12:28] <Nafallo> which is all of them for now.
[12:28] <Nafallo> MY systems...
[12:29] <ivoks> grub: protect menu.lst from eyes of the world (chmod 640) if password is set
[12:29] <ivoks> there...
[12:30] <ivoks> an idean in the pool :)
[12:30] <Nafallo> could we task sabdfl to negotiate x86 and x86_64 support of Dells tools on the serverside btw? ;-)
[12:31] <Nafallo> hmm. what is it with all the hype around Zimbra?
[12:31] <ivoks> marketing
[12:33] <Nafallo> ehrm
[12:33] <Nafallo> this does hell of a lot more then roundcube :-P
[12:33] <ivoks> :D
[12:33] <Nafallo> and it has taskfreak built-in ;-)
[12:34] <Nafallo> and IM :-D
[12:34] <Nafallo> :-O even
[12:34] <Nafallo> what kind of IM is it?
[12:34] <Nafallo> XMPP?
[12:34] <ivoks> yeah
[12:34] <ivoks> (iirc)
[12:35] <ivoks> bad thing with zibra atm is that it installs it's own java and services
[12:36] <Nafallo> if it is I love it and might even ask my boss to spend some time at for hardy
[12:37] <ivoks> hm...
[12:37] <ivoks> i'm not sure it includes IM
[12:38] <Nafallo> the online demo had that.
[12:39] <Nafallo> but they have five editions of the server so.. ;-)
[12:40] <ivoks> yes, for MSN and AIM
[12:40] <Nafallo> oh :-/
[12:40] <ivoks> AOL, even
[12:40] <Nafallo> where did you find that? ;-)
[12:41] <ivoks> on online demo :)
[12:41] <ivoks> IM
[12:41] <ivoks> and then look at bottom right corner
[12:43] <Nafallo> to bad they haven't got YIM, since that seems to be what my company is based on right now.
[12:43] <Nafallo> or IRC! :-)
[12:44] <ivoks> anyway...
[12:44] <ivoks> http://www.zimbra.com/forums/developers/45-xmpp-jabber-integration.html
[12:47] <Nafallo> kinky!
[12:47] <Nafallo> oh! and Yahoo bought it.
[12:47] <ivoks> right
[12:47] <Nafallo> something tells me we will see YIM in there soonish ;-)
[12:48] <Tig|> Hi everyone,  I am still having procmail/postfix issues :)  I think I have tracked it down to postfix not invoking procmail,  I have mailbox_command = procmail -a "$EXTENSION" in my main.cf but I can't find any mention in the mail.log at all, any ideas?
[12:49] <Tig|> I have restarted postfix etc :)
[12:49] <ivoks> do you have procmail installed?
[12:49] <Tig|> yep :)  and runs fine from the command line
[12:50] <Tig|> I have run :   procmail DEFAULT=/dev/null VERBOSE=yes /dev/null </dev/null from the command line and it generated the expected output
[12:50] <ivoks> and nothing like:
[12:50] <ivoks> (delivered to command: procmail -a "$EXTENSION")
[12:50] <ivoks> in mail.log?
[12:51] <Tig|> nope, no mention of procmail at all
[12:51] <Tig|> which is slightly baffling
[12:51] <Tig|> Mail is delivered and going through fine
[12:51] <ivoks> ok, try like this:
[12:52] <Tig|> does it have to be in master.cf anywhere?
[12:53] <ivoks> mailbox_command = procmail -a "$EXTENSION" /etc/procmailrc
[12:53] <ivoks> no
[12:53] <Tig|> thanks will try that :)
[12:54] <ivoks> hm... hm...
[12:54] <ivoks> mailbox_command = procmail -a "$EXTENSION" -m /etc/procmailrc
[12:56] <Tig|> alas still nothing in the logs :(
[12:57] <ivoks> sec, phone
[12:57] <Tig|> no problem,  thanks for the help :)
[01:14] <ivoks> ok...
[01:14] <ivoks> postconf | grep mailbox_command
[01:14] <ivoks> what does this return?
[01:14] <ivoks> or postconf mailbox_command
[01:18] <Tig|> sorry back now :)
[01:19] <Tig|> mailbox_command = procmail -a "$EXTENSION"  -m /etc/procmailrc
[01:19] <Tig|> mailbox_command_maps =
[01:21] <ivoks> ok, that looks ok
[01:22] <ivoks> when you grep 'develiered to' your /var/log/mail.log, what does it return?
[01:23] <ivoks> Nafallo: it would be very hard to get ubuntu-server on dell servers
[01:23] <Nafallo> ivoks: oh?
[01:23] <Nafallo> ivoks: why is that?
[01:23] <ivoks> politics :D
[01:24] <ivoks> dell has relations with redhat and novell, and adding ubuntu there... hm... well, it's worth trying...
[01:24] <Tig|> or just buy them bare and install it yourself :)
[01:25] <ivoks> Tig|: did you grep /var/log/mail.log?
[01:25] <Tig|> yep
[01:25] <ivoks> and?
[01:25] <Tig|> just sanitising some of the data in it :)
[01:25] <Tig|> there are lots of entries
[01:25] <ivoks> ok :)
[01:25] <Nafallo> ivoks: I don't need it fully supported. but I think it would be worthwhile to bring up providing official debs for their tools.
[01:26] <ivoks> only one would be enough
[01:26] <ivoks> Nafallo: that would surly be a step in right direction
[01:26] <Tig|> Oct  8 14:06:49 telinf postfix/local[7920] : 173B4204608: to=<support@foo.com>, relay=local, delay=0.95, delays=0.18/0.01/0/0.77, dsn=2.0.0, status=sent (delivered to command: /usr/bin/rt-mailgate-3.6 --queue '! New Requests !' --action correspond --url http://foo.com/)
[01:26] <ivoks> surly? is this a word? :)
[01:26] <Nafallo> ivoks: I think they are committed to do it if someone steps up to talk to them as well.
[01:26] <Nafallo> ivoks: surely ;-)
[01:26] <ivoks> ah, thanks
[01:27] <ivoks> Tig|: well, your mail is forwarded to that /usr/bin/rt-mailgate-3.6
[01:27] <Tig|> yep that is done in aliases
[01:27] <ivoks> Tig|: if that thing doesn't return mail to postfix, then postfix can't use procmail
[01:28] <Tig|> hmm
[01:28] <Tig|> wouldn't procmail do the filtering before it goes to the alias?
[01:28] <ivoks> no
[01:28] <Tig|> aha!
[01:29] <Tig|> right I will have to bounce it through a different address first :)
[01:29] <ivoks> even better
[01:29] <ivoks> create procmail rule to send a copy to that service
[01:31] <Tig|> ah that would do it,  I  can create a global procmail that will send it to the right aliases, it only has to last a couple of weeks :)
[01:31] <_ruben> Dell is already shipping Ubuntu desktop right? So why not server as well ;-)
[01:31] <Tig|> wonderful :)  thanks for that I don't think I am going mad now :)
[01:31] <Nafallo> _ruben: my thought as well.
[01:31] <ivoks> longer period of support
[01:32] <ivoks> but, we should try, i'm all for that
[01:32] <Nafallo> _ruben: and linux.dell.com seems to lean in the direction that they want to provide debs.
[01:32] <_ruben> im in the process of testing ubuntu server on a poweredge860 here at work
[01:32] <Tig|> Right I am going to get some lunch,  thanks for your help :)
[01:32] <ivoks> Tig|: enyoj
[01:32] <_ruben> lets check that url
[01:32] <ivoks> enjoy even
[01:32] <Nafallo> to bad their BMC hangs in 64-bit on dapper.
[01:32] <Tig|> _ruben: I have ubuntu-server running on 1850s and 1855s if that helps :)
[01:33] <Nafallo> I have it on 2850s
[01:33] <ivoks> i have it on 1600SC, 1500SC and 1435SC
[01:33] <Nafallo> and smaller machines... want the heck are they called again ;-)
[01:34] <Nafallo> SC1425
[01:34] <_ruben> we currently run novell's SLES9 on SC1425's and PE860's
[01:34] <ivoks> eh.. and 1650 too :D
[01:34] <_ruben> sc1425 is retired tho
[01:34] <Nafallo> I need to document what systems we have before it's to late...
[01:35] <_ruben> hehe
[01:35] <ivoks> in company i worked before, first thing to do was replace suse with (at first) debian and (later) ubuntu :)
[01:36] <ivoks> 20-30 machines
[01:37] <_ruben> here we started with slackware (4.0, before i even worked here) .. then debian potato, followed by woody .. then sarge took too long to become stable and we really needed a 2.6 kernel, so the decision was made to go with SLES9 .. now im investigating a possible move from SLES9 to Ubuntu
[01:41] <ivoks> maybe we should, for a start, edit http://linux.dell.com/wiki/index.php/Ubuntu-server
[01:42] <ivoks> and even create remastered CD with as few as possible questions
[01:48] <Nafallo> ivoks: add to ideas :-)
[01:48] <ivoks> Nafallo: :D
[01:50] <ivoks> bbl
[03:38] <Gargoyle> Hello
[03:38] <ivoks> hi
[03:40] <Gargoyle> Anyone use vmware?
[03:40] <soren> Yes.
[03:40] <ivoks> god, no :D
[03:41] <_ruben> heh
[03:41] <Gargoyle> soren: You us ubuntu host, and other guests?
[03:41] <_ruben> i am, but not on ubuntu, yet
[03:41] <Gargoyle> *use
[03:42] <Gargoyle> Just wondering how others find the stability/performance of it?
[03:43] <soren> Gargoyle: Both stability and performance is fine, IMO.
[03:43] <_ruben> stability: no problems .. performance: highly depends on the use of it
[03:45] <Gargoyle> Probably 4 guests. 2 win 2k3 server and 2 linux.
[03:47] <ivoks> at the same time?
[03:47] <_ruben> shouldnt be a problem, but also highly depends on the hardware you want to run it on, and how heavy the virtual servers' load will be
[03:49] <Gargoyle> What is the reason for apt not updating my linux-image-server package?
[03:50] <ivoks> apt-get upgrade never installs new packages
[03:50] <ivoks> apt-get dist-upgrade installs new packages if needed
[03:51] <Gargoyle> Well, the vmware installer wants to build a module so I installed the linux-headers-server package, and it's telling me the headers are for a diff version than my running kernel
[03:51] <ivoks> right
[03:51] <ivoks> run apt-get dist-upgrade
[03:52] <Gargoyle> ahh
[03:52] <Gargoyle> sweet
[03:53] <Gargoyle> Is dist-upgrade needed just for kernel updates?
[03:53] <soren> Gargoyle: Mostly, yes. The kernel packages change their name when the ABI changes.
[03:53] <ivoks> yes, and when using beta version of ubuntu :D
[03:54] <Gargoyle> ivoks: I was going to try the 7.10 beta, but it couldn't find the network cards in the server!
[03:55] <ivoks> ?!
[03:55] <ivoks> what kind of network cards are they?
[03:55] <Gargoyle> I'll tell you once its rebooted with 6.10
[03:55] <Gargoyle> I thin broadcom
[03:56] <ivoks> it didn't work during installation or after it?
[03:56] <Gargoyle> It worked during the install
[03:56] <Gargoyle> but not after the reboot
[03:58] <Gargoyle> Oh no, Intell pro/1000
[03:58] <Gargoyle> jeez, my typing is bad today.
[03:58] <ivoks> that's ok
[03:58] <ivoks> that's bug which is fixed
[03:59] <Gargoyle> ahh.
[03:59] <ivoks> they were working after install too, but were eth2 and eth3, not eth0 and eth1 :D
[04:00] <Gargoyle> Well, I noticed under vmware fusion on my mac, it was eth1. but I didn't try eth2 or 3
[04:00] <Gargoyle> :D
[04:02] <Gargoyle> If my host was using bonded nics, can vmware use the bond instead of each card?
[04:03] <ivoks> i think that should be possible, but i don't use vmware :)
[04:03] <_ruben> never tried that either
[04:04] <ivoks> well, kvm can do that :D
[04:04] <Gargoyle> I'll add it to my experiment list!
[04:04] <Gargoyle> :)
[04:04] <Gargoyle> ivoks: Can kvm do a remote console?
[04:04] <ivoks> instead of eth0 and eth1, it should use bond0
[04:04] <ivoks> remote console?
[04:05] <ivoks> with kvm it's possible to move running system from one computer to the other :D
[04:06] <Gargoyle> In vmware I can use the vmware console on my pc to manage/install the virtual machines on the server without needing to install a gui environment on the server.
[04:06] <Gargoyle> What is the ubuntu equiv of inetd / xinetd?
[04:07] <ivoks> Gargoyle: well, of course you can do that with kvm :) export DISPLAY etc
[04:07] <ivoks> Gargoyle: we don't use any by default, but both inetd and xinetd are available in repos
[04:08] <ivoks> or, yeah... you can use vnc with kvm
[04:09] <Gargoyle> ivoks: before the OS is installed?
[04:09] <ivoks> yes
[04:09] <Gargoyle> ohhh
[04:09] <Gargoyle> cool
[04:10] <Gargoyle> because vmware is being a bitch!
[04:16] <Roge> Gargoyle,  you could always try virtualbox
[04:26] <Gargoyle> vbox looks OK. Does it need a gui on the host?
[04:38] <Gargoyle> right, vmware has been binned for being an arse to install!
[05:11] <dendrobates> Server Team meeting wow at #ubuntu meeting.  All invited.
[05:12] <dendrobates> #ubuntu-meeting
[05:44] <nny> any way to just get the mpg123 package in 6.06 server without xmms?
[05:45] <dantalizing> apt-get install mpg123?
[05:45] <nny> nay
[05:46] <nny> may just get the source and compile, asterisk is picky about the version
[06:40] <lionel> nny: you just have to apt-get install mpg123. It's in multiverse (so check multiverse repository is activated)
[06:55] <nny> lionel: thanks, no need, the software i use needs the real 123 software, not 321 symlinked, i got it
[06:55] <lionel> nny: mpg123 in multiverse is the real mpg123 no symlink
[06:56] <lionel> well, have gone...
[08:54] <sommer> mathiaz: when testing ISOs when it says CD self-check is that done automatically?
[08:54] <sommer> or is there an options somewhere I missed
[08:54] <mathiaz> sommer: when you boot the cd
[08:54] <mathiaz> sommer: you have the option to test the iso.
[08:55] <sommer> ah okay... I missed it than.
[08:55] <sommer> /than/then
[08:56] <mathiaz> sommer: instead of 'install to hard disk' you can 'check the iso'
[08:56] <sommer> cool, thanks mathiaz
[09:25] <ScottK> mathiaz: What was the "Change MTA for Hardy" discussion about.  I appear to have missed that.
[09:26] <mathiaz> ScottK: it'S the dependency on a m-t-a
[09:26] <mathiaz> ScottK: so that we can set a default mta to postfix
[09:26] <ScottK> Ah.  That discussion.  OK.
[09:26] <ScottK> THanks.
[09:26] <mathiaz> ScottK: and debian can set it to exim if they want.
[09:27] <ScottK> Right.  I remember now.
[09:49] <ajmitch> good morning