[02:01] <Centaur5> What would I look for to find out why windows updates no longer go through to work stations after configuring a transparent proxy with Squid?
[02:02] <kgoetz> Centaur5: squid logs
[02:02] <kgoetz> Centaur5: did you install squid alone or squid+something? (eg dans)
[02:02] <Centaur5> squidguard
[02:04] <kgoetz> not familar with it
[02:04] <kgoetz> are the dozes set to use the proxy?
[02:04] <Centaur5> logs don't show anything about blocking
[02:04] <Centaur5> Well since it's transparent I haven't actually manually configured them.
[02:05] <kgoetz> do teh logs show requests for the files?
[02:05] <kgoetz> so how does squid listen, on port 80 or using iptables to rediret to squid?
[02:06] <Centaur5> iptables redirects from port 3129 to 80
[02:07] <Centaur5> That way the machines can't get around it by disabling the proxy settings in the browser and they don't have to be configured.
[02:07] <kgoetz> does ay http work?
[02:07] <kgoetz> and dont you mean port 3128?
[02:09] <Centaur5> port 3128 gave me errors when I tried to use it so I used 3129  :)
[02:09] <Centaur5> yeah, all http traffic works
[02:10] <Centaur5> The only things I ran across that don't work is windows updates, watching youtube videos, and logging into hotmail.
[02:10] <kgoetz> gave errors?
[02:11] <Centaur5> Yeah, a couple weeks ago it said 3128 was already being used by something so I just changed it to 3129 and didn't worry further about it.  With port 3129 basically all browsing works.
[02:11] <kgoetz> hm... i've only ever known squid to listen on 3128
[02:13] <Centaur5> okay, go ahead cause I've googled for many hours and haven't found anything helpful.
[02:13] <Centaur5> I can go to youtube and hotmail but I can't actually login it freezes at login.live.blahblah and youtube just sits there pretending to load the video but no denied requests in access.log
[02:17] <Centaur5> I read that Squid isn't supposed to be capable of doing transparent SSL sites but banking and other web mail certificates work so I don't think that should be the problem.
[02:20] <kgoetz> SSL runs on a different port, so unless you redirect hte ssl port to squid its moot
[02:21] <kgoetz> are you doing any dns weirdness that could be interfering?
[02:22] <Centaur5> nope
[02:23] <kgoetz> do you hve any filtering running, or just squid caching?
[02:25] <Centaur5> squidguard is filtering porn and spyware
[02:26] <kgoetz> does it filter filetypes?
[02:26] <Centaur5> What do you use?
[02:26] <kgoetz> eg cab?
[02:26] <kgoetz> squid+dansguardian
[02:26] <kgoetz> +http-replicator
[02:26] <Centaur5> Nope, I haven't setup any other filters other than porn and spyware lists downloaded from some site.
[02:27] <kgoetz> chec if it has default blocking on anything
[02:27] <Centaur5> Well my intention is to setup clamav to scan the squid cache. Can this be done with dansguardian?
[02:27] <kgoetz> yes
[02:27] <kgoetz> # OPTION: virusengine
[02:27] <kgoetz> # Set the embedded virus scan engine to be used (clamdscan, clamav or kav).
[02:27] <kgoetz> virusengine = 'clamav'
[02:27] <Centaur5> It's that easy?
[02:28] <kgoetz> install clamav-daemon and set the option, iirc thats all ther eis to it.
[02:28] <kgoetz> then again, i've never checked its stscanning ;) the network is effectively all ubuntu
[02:28] <Centaur5> geez, no wonder I never found a howto with dansguardian....that's not needed  :)
[02:28] <kgoetz> lol
[02:29] <Centaur5> Well all my machines are Ubuntu, computers that come in for repair are typically windows.  :)
[02:29] <kgoetz> i ws goin to write one, but for some reason didnt (i think i saw something in teh works)
[02:29] <kgoetz> :0
[02:29] <kgoetz> * :)
[02:29] <Centaur5> That's why it needs to be transparent cause so many computers come in and out.
[02:29] <kgoetz> yeap.
[02:29] <kgoetz> mine is setup transparent
[02:29] <kgoetz> so i know the feeling :)
[02:29] <Centaur5> Does dansguardian give you a problem with windows updates?
[02:30] <kgoetz> yes, because it blocks cab, but you say 'whitelist everything microsft.com' or 'whitelist everything update.microsfot.com' and it lets it all through
[02:30] <Centaur5> Oh, one side note.  I can login to hotmail and watch youtube videos if I do manually set the proxy in firefox to use port 3129.
[02:30] <Centaur5> I'll try the whitelist real quick.
[02:31] <kgoetz> your transparent redirect isnt working
[02:31] <kgoetz> properly
[02:31] <kgoetz> i think :\
[02:31] <Centaur5> oh, well that's odd.
[02:31] <Centaur5> So it works on most everything just not a few sites?
[02:32] <kgoetz> hm.
[02:35] <Centaur5> well perhaps I'll just scrap what I've done and try out dans guardian
[02:37] <kgoetz> does yoru redirect look something like this ?
[02:37] <kgoetz> iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port
[02:37] <Centaur5> iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -d ! 10.0.5.1 -j DNAT --to 10.0.5.1:3129
[02:38] <kgoetz> -d ?
[02:38] <Centaur5> apache web server on the proxy machine
[02:40] <kgoetz> not sure if dnat would be a problem or not, dont kow enough about iptables
[02:44] <Centaur5> Well the -d is the resolution I found on google to give access to the local machine by saying if it's the web servers ip address then it doesn't redirect the traffic.
[02:47] <Centaur5> Well thanks kgoetz for the help.  I think I'll just try Dans guardian and scrap what I've worked on for days.  :)
[02:48] <Burgundavia> Centaur5: you could try willow-ng
[02:48] <Burgundavia> it is in the archvies
[02:48] <Centaur5> What is that?
[02:49] <Burgundavia> another filtering software
[02:49] <Centaur5> okay, I'll look into that as well
[02:49] <Centaur5> I'll probably be back in here tomorrow but heading out for dinner now.
[02:50] <kgoetz> enjoy
[02:50] <Centaur5> thanks, have a good one
[04:04] <zylstra555> Hello. I need to get FTP on my server. How do I do this?
[04:05] <zylstra555> woah.... disconnected there for a second
[04:05] <kgoetz> install proftp, or some other ftpd?
[04:05] <zylstra555> is proftp a good one?
[04:05] <mralphabet> zylstra555: you need to pick an ftp server package, proftp is one of the common ones
[04:05] <zylstra555> mralphabet: thanks, Ill try ProFTP
[04:06] <mralphabet> zylstra555: sudo apt-get install proftp should get you rolling
[04:06] <mralphabet> zylstra555: sudo apt-get install proftpd
[04:06] <zylstra555> "E: Couldn't find package proftp"
[04:06] <mralphabet> my bad
[04:06] <zylstra555> thank you very much
[04:07] <zylstra555> (I have been clueless on how to get this to work)
[04:07] <zylstra555> Run ProFTPd as Inetd or Standalone?
[04:07] <mralphabet> inetd should be fine
[04:08] <zylstra555> "ProFTPd warning: cannot start neither in standalone nor in inetd/xinetd mode. Check your configuration."
[04:10] <zylstra555> Now what do I do with such an error?
[04:10] <mralphabet> heh
[04:10] <kgoetz> configure it?
[04:10] <kgoetz> google it? :P
[04:11] <mathiaz> zylstra555: have a look at the server guide on help.ubuntu.com
[04:11] <mralphabet> look in the messages file
[04:11] <mathiaz> zylstra555: https://help.ubuntu.com/7.04/server/C/ftp-server.html for feisty.
[04:11] <zylstra555> hmm... Ill follow that guide and see if  sudo apt-get install vsftpd  works better than proftpd
[04:12] <zylstra555> I get the same error when trying to remove proftpd
[04:14] <zylstra555> problem solved
[04:14] <zylstra555> Thanks, everyone
[04:19] <zylstra555> woah... "this FTP server is anonymous only"
[04:21] <zylstra555> How do I set up FTP so that it can be accessed via my servers username and password?
[04:22] <zylstra555> Is it possible to open another terminal through SSH?
[04:23] <zylstra555> *unevenly
[04:23] <kgoetz> you need to run screen
[04:24] <zylstra555> run screen?
[04:25] <kgoetz> zylstra555: you need to ssh into the box, run 'screen', then you can create new terminals
[04:25] <zylstra555> (can you tell I am new at this?)
[04:26] <kgoetz> yes, your asking questions badly :)
[04:26] <zylstra555> Okay, so, I have no idea what I am doing
[04:27] <zylstra555> How do I access my public HTML folder through FTP?
[04:27] <kgoetz> can you explain the setup you have?
[04:28] <zylstra555> kgoetz: Probably not, but I will try. Its a Ubuntu LAMP server, with FTP (SSL somewhere along the line) currently connected to the web (HTTP server). As for FTP, what I have is whatever was set as the default
[04:28] <zylstra555> kgoetz: (with local FTP access enabled)
[04:29] <kgoetz> and you want to put files in your ~/public_html directory
[04:29] <kgoetz> ?
[04:29] <zylstra555> Yes, using FTP
[04:29] <zylstra555> kgoetz: but I am not sure how to go about doing this
[04:30] <kgoetz> zylstra555: look in the directory i pointed you to before /usr/share/doc/vsftpd/
[04:30] <kgoetz> zylstra555: it should have instructions on setting up authentication against the system password file
[04:31] <kgoetz> zylstra555: but i'd expect the server guide to tell you as well
[04:38] <zylstra555> kgoetz: There is a list of files in that directory. when I try to open those files in Nano, nothing happens
[04:38] <zylstra555> ah, wait
[04:38] <zylstra555> nevermind
[04:38] <zylstra555> I get it
[04:38] <zylstra555> they are directories, not files
[04:40] <kgoetz> :)
[04:41] <kgoetz> afk, lunch :)
[05:43] <MLFnet> I was wondering if anyone could point me to some documentation on getting an MTA setup properly.
[05:44] <MLFnet> I've tried setting up sendmail, postfix, and exim. I seem to have a problem getting the emails off of my box and onto the Internet.
[05:44] <MLFnet> i.e. Local delivery is the only thing I can get to work.
[05:44] <sommer> MLFnet: this is the official doc: https://help.ubuntu.com/7.04/server/C/postfix.html
[05:45] <MLFnet> I've been there. Even took a look at the "
[05:45] <sommer> you might also want read through the DNS section: https://help.ubuntu.com/7.04/server/C/
[05:45] <MLFnet> Perfect setup" one as well (similar but does a few more things manually).
[05:46] <sommer> MLFnet: are you getting a specific error in /var/log/mail.log ?
[05:46] <MLFnet> The Postfix logs say that it's looked up the mail server on the other end and reports the IP addres.
[05:46] <MLFnet> Then it just sits there saying it's connected. Eventaully the mail gets deferred.
[05:47] <sommer> just a thought, but is port 25 open on your firewall?
[05:47] <MLFnet> Good question.
[05:47] <MLFnet> This is my first time at Ubuntu.
[05:47] <MLFnet> I've use SME forever.
[05:48] <sommer> SME?
[05:48] <MLFnet> Let me look into the mail log.
[05:48] <MLFnet> www.contribs.org
[05:48] <MLFnet> It's a small business box that works quite well.
[05:48] <MLFnet> I just wanted to try new things.
[05:49] <sommer> looks like port 25 is open... at least I was able to "telnet www.contribs.org 25"
[05:49] <kgoetz> sommer: contribs.org hosts SME server
[05:49] <MLFnet> Oct 14 22:55:30 mlfnet sm-mta[10795] : l9F08wb0014139: to=<thedailyspank@gmail.com>, ctladdr=<www-data@www.mlfnet.com> (33/33), delay=05:46:32, xdelay=00:44:07, mailer=esmtp, pri=680500, relay=gsmtp163.google.com. [64.233.163.27] , dsn=4.0.0, stat=Deferred: Connection timed out with gsmtp163.google.com.
[05:49] <sommer> ah... okay
[05:50] <MLFnet> Used to be called E-Smith.
[05:50] <kgoetz> fedora based thing
[05:50] <kgoetz> never really jelled with me :)
[05:50] <MLFnet> redhat before that
[05:50] <kgoetz> fedora+redhat=same
[05:50] <sommer> I take it mlfnet.com is your domain?
[05:50] <MLFnet> yes
[05:51] <sommer> yep... I'd double check your firewall I couldn't telnet to mlfnet.com 25
[05:51] <MLFnet> Well it's not open to the outside world.
[05:52] <MLFnet> I don't send mail externally
[05:52] <sommer> so you don't want to receive mail from outside?  I must have misunderstood your question.
[05:52] <MLFnet> No
[05:53] <MLFnet> I send mail from that box to my gmail account
[05:54] <MLFnet> as well as send out invoices to customers using SureInvoice (a php based invoice system).
[05:54] <kgoetz> hi all, anyone seen this behaviour in bugzilla? http://pastebin.ca/738259
[05:54] <sommer> ah... have you setup your DNS correctly?  Google may only allow mail from proper MX records.
[05:55] <MLFnet> That's what I thought too at first. I couldn't send to other domains either. My MX records are funky since I use the Google Apps to handle my email.
[05:55] <MLFnet> I just want it to send out email. That's all. If I could just make it bounce off of mail.comcast.net that would be fine with me but I can't get it to do that either.
[05:56] <MLFnet> brb
[05:57] <sommer> kgoetz: it looks like your missing some templates... you probably firgured that though
[05:58] <kgoetz> sommer: the line i put aside - take out th extra /var/lib/bugzilla/data/template/ from teh start and ls '/var/lib/bugzilla/template/en/default/index.html.tmpl' and you can see the file
[05:59] <sommer> kgoetz: does your webserver have permission to read the file?
[06:00] <kgoetz> yes
[06:01] <sommer> is the directory in @INC?
[06:01] <kgoetz> dont know, i'm just trying to track whats calling the INC
[06:04] <MLFnet> ok, well I think I'll give it one more try, on a 100% fresh installation as per the instructions you gave me above.
[06:04] <MLFnet> If it fails, I think I'll just have to go back to SME.
[06:05] <sommer> MLFnet: you might also take a look at this link: http://www.postfix.org/STANDARD_CONFIGURATION_README.html
[06:06] <sommer> you may just need to configure the relayhost = some_smtp_server
[06:06] <sommer> you could try setting the relayhost to comcast's smtp server and see if that works...
[07:10] <kgoetz> is there any point filing a bug in ubuntu if the bug is known to exist in debian?
[07:10] <kgoetz> and is there any point filing a bug against gutsy at this stage of its cycle?
[07:39] <lamont> kgoetz: as documentation of the defect, certainly
[07:40] <lamont> if there's already a bug filed in debian, it's easiest to just mark it as affecting ubuntu in launchpad
[07:40] <lamont> if there's not a bug filed in debian, it's best to file the bug there, and then see previous step.
[07:40] <kgoetz> lamont: so file a bug -> mark it as known upstream?
[07:43] <lamont> hrm.. looks like one reports it, and then marks it as also affecting debian... really a question to ask in #launchpad (given a debian bug number, how do i make that show up in launchpad as an ubuntu bug, too?)
[07:44] <kgoetz> thanks, i'll chuck it on tonights todo list
[07:45] <lamont> I know there's a trivial way to do it (for some launchpad-ish value of "trivial")
[07:45] <kgoetz> lol
[07:45] <lamont> greasemonkey is love
[09:12] <kraut> moin
[09:14] <_ruben> g'day
[01:33] <waver_> Hello
[02:22] <Tanman> hello is anyone free?
[02:28] <ScottK> For what?
[02:28] <kraut> for sex?!
[02:36] <Tanman> no
[02:36] <Tanman> just a questiuon about apache but i have to get it going
[02:36] <Tanman> the process going ..its not behaving
[02:39] <Tanman> when i start apache i should use /etc/init.d/apache2 start
[02:39] <Tanman> right?
[02:39] <Kamping_Kaiser> yes, unless its already running
[02:40] <Kamping_Kaiser> in whichcaes you want restart or reload
[02:41] <Tanman> that doesn't seem to work
[02:42] <Tanman> it only loads one process instead of 4-5
[02:42] <_ruben> checked the error_log?
[02:44] <Tanman> hmm
[02:45] <Tanman> just this:
[02:45] <Tanman> [Wed Oct 17 01:42:46 2007]  [notice]  Digest: generating secret for digest authentication ...
[02:45] <Tanman> which is relating to what i have a question for
[02:47] <Tanman> ah it s back..lets see
[02:47] <Tanman> my question is in regards to password protecting the web directories
[02:48] <_ruben> and depending on the MPM i guess it'd be normal to have only 1 process .. when using prefork you would end up with more processes (unless you specify 1 in the config)
[02:48] <Tanman> it just took time :)
[02:49] <_ruben> ah ok .. makes sense to generate the secret prior to forking childs
[02:49] <Tanman> my question is in regard to password protecting the directories. i have the realm created, it comes up with the dialog box with the username and password
[02:49] <Tanman> but everytime i put my username and password in
[02:49] <Tanman> that i specified in the passwd file
[02:50] <Tanman> it doesn't accept it
[02:51] <_ruben> hmm .. never played with digest auth myself, though it might not even be related to that
[02:51] <Tanman> wwhat could it be relsated to?
[02:52] <_ruben> misconfiguration in the broadest sense of the word
[02:52] <Tanman> in my htaccess
[02:53] <Tanman> i have the authtype digest
[02:53] <Tanman> authname
[02:53] <Tanman> AuthUserfile
[02:53] <Tanman> require user xxxx (user being blanked out)
[02:54] <_ruben> apache has read access to the passwd file ? (i assume it'd show appropriate errors if it doesnt')
[02:54] <Tanman> yeah it has read. 744 for root
[02:55] <_ruben> hmm
[02:55] <Tanman> is the realm case sensitive?
[02:56] <_ruben> dont think so, but like i said, never used it myself
[02:56] <ivoks> the Digest thing happens quite often
[02:56] <ivoks> it depends on amount of RAM on computer
[02:56] <_ruben> you could try if it works with basic auth
[02:56] <ivoks> and it's normal thing
[02:56] <ivoks> just wait 3-4 minutes and it will start normaly
[02:57] <Tanman> heh
[02:57] <ivoks> just, one more thing
[02:57] <Tanman> it wasw case sensitive
[02:57] <ivoks> IE6 doesn't work very well with digest auth
[02:57] <ivoks> in some cases, you will get 400 on IE6, while IE7 and FF2 would work ok
[02:58] <Tanman> ff for me all theway
[02:58] <Tanman> oh well that workds
[02:59] <Tanman> going t;p note that
[02:59] <Tanman> thanks!
[02:59] <_ruben> IE behaves odd when it comes to auth .. when i enable user/pass login to my broadband router, i cant use IE to login, keeps throwing auth popups at me, firefox works just fine :p
[02:59] <Tanman> i am using munin
[03:00] <Tanman> to monitor my box
[03:00] <_ruben> broadband router = dsl modem/router in this case :)
[03:14] <sommer> dendrobates: quick question about ISO testing, for the server install would it be okay to select all the tasksel options then run the tests?
[03:14] <sommer> dendrobates: or is it better to do a fresh install for each task?
[03:15] <dendrobates> sommer: I have been doing each test seperately
[03:16] <RAdams> morning. Can anyone point me to a reliable step by step on joining an Ubuntu server to a domain? It's NOT going to be a DC, just a fileserver
[03:16] <RAdams> Sorry, Windows 2003 domain
[03:16] <dendrobates> sommer: Technically though, I'm not sure there is a diference.
[03:16] <sommer> dendrobates: okay I've been doing them seperately as well.
[03:17] <sommer> I'll stick with what works... thanks
[03:19] <soren> Does anyone recognize this issue: https://bugs.edge.launchpad.net/ubuntu/+source/mysql-dfsg-5.0/+bug/153221 ?
[03:19] <ubotu> Launchpad bug 153221 in mysql-dfsg-5.0 "MySQL server fails to upgrade in Gutsy" [Undecided,New] 
[03:21] <sommer> soren: I'm about to upgrade on feisty
[03:27] <soren> sommer: Alright. Keep an eye out for this, will you? Thanks!
[03:28] <sommer> sure, np
[03:31] <ScottK> lamont: Do you have an opinion on how packages for Postfix specific 'helper' packages (policy server in my case) should be named (e.g. should I include postfix in the binary package name)?
[03:31] <lamont> there's a history of prefixing with "postfix-"
[03:32] <lamont> e.g. postfix-policyd, postfix-gld, postfix-smtpguard
[03:32] <ScottK> OK.  I'll go with that.
[03:32] <ScottK> Thanks.
[03:32] <ScottK> lamont: Would you be up for uploading a source backport for me (clamav in Fiesty).
[03:33] <lamont> yeah - in a couple hours or so - I need to get ready, get to the office, and get one thing started before I do much else
[03:34] <ScottK> OK.  Maybe soren can be bothered in the meantime.
[03:36] <soren> Wazzup?
[03:37] <soren> I was on the phone...
[03:37] <ScottK> soren: I'm still looking for an upload for the clamav source backport.
[03:37] <soren> ScottK: Oh, right.
[03:37] <ScottK> Bug #151308
[03:37] <ubotu> Launchpad bug 151308 in feisty-backports "please backport Clamav from Gutsy to Feisty " [Wishlist,Confirmed]  https://launchpad.net/bugs/151308
[03:38] <soren> ScottK: I really need to see if I can track down that mysql bug first. If it's a common problem, it's pretty grave.
[03:38] <ScottK> OK.
[03:39] <lamont> ScottK: ok.  I'll ping you when I get to the office and see where we stand
[03:39] <ScottK> lamont: Thanks.
[03:41] <RAdams> what's the bare minimum for a GNOME desktop on ubuntu server?
[03:42] <soren> Same as on any other system..
[03:42] <sommer> soren: my MySQL upgrade on feisty went fine.
[03:43] <sommer> soren: I'm also upgrading a Gutsy system, but it could take a while.
[03:43] <soren> sommer: np
[03:43] <RAdams> soren: If I knew what that bare minimum was on any system, then I wouldn't be asking the question
[03:43] <soren> sommer: The fiesty upgrade was feisty->feisty?
[03:43] <sommer> soren: correct just like the second comment: 5.0.38-0ubuntu1  5.0.38-0ubuntu1.1
[03:44] <soren> RAdams: Nevertheless, you felt the need to specify that it was on ubuntu server. That sort of suggests that you're loooking for how it would be different from a regular system.
[03:44] <soren> RAdams: I think a couple of GB of space and 384 MB of RAM is what is usually suggested as a minimum.
[03:44] <soren> RAdams: More is preferred, less is possible, but probably rather annoying.
[03:45] <RAdams> soren: ok, thanks. What packages constitute that minimum set?
[03:45] <soren> RAdams: That's for you to decide. It depends what you want to do.
[03:45] <soren> RAdams: Try asking in a different channel. This is not server stuff.
[03:46] <RAdams> soren: fair enough. I'm more concerned about joining this windows 2003 domain than I am about X, anyway ;)
[03:46] <soren> RAdams: You can come back with that sort of questions when they arise, then :)
[03:46] <RAdams> are there any good guides for joining a windows 2003 domain?
[03:47] <soren> Probably :)
[03:47] <RAdams> >.<
[03:48] <soren> I don't know if it's any good, but it's there: https://wiki.ubuntu.com/JoinWindowsDomain
[03:48] <soren> Uargh, no don't use that.
[03:48] <soren> Iz evil.
[03:49] <soren> Someone ought to go through the wiki and do a sanity check.
[03:50] <RAdams> soren: I haven't RTFA, but what is wrong with it?
[03:50] <soren> It tells the reader to install strange packages from odd places.
[03:51] <sommer> soren: heh... we sort of started doing that as part of the ServerTeam documentors section.
[03:51] <soren> sommer: I meant the *entire* wiki. It's probably full of that sort of thing :)
[03:51] <sommer> ah... I would agree with that
[03:52] <soren> https://help.ubuntu.com/community/ActiveDirectoryWinbindHowto looks sensible (at a glance)
[03:52] <RAdams> soren: thanks, I'll read through it
[03:56] <sommer> soren: I was also able to update MySQL on Gutsy: mysql-server-5.0 5.0.45-1ubuntu2 (using .../mysql-server-5.0_5.0.45-1ubuntu3_i386.deb)
[03:58] <RAdams> soren: on the first step of that guide you linked to, it indicates I ought to be able to ping my AD DC by hostname. I cannot. Ping by IP works, but not by hostname. I have all the packages recommended. What do you suggest?
[03:58] <soren> Fix your dns?
[03:59] <RAdams> soren: how do I set what DNS server to use? :(
[03:59] <soren> /etc/resolv.conf
[03:59] <Jester45> anyone know how to fix a dependacy conflict with libc6 being allready installed but libc6-i686 needs a diffrent version i just dist-upgraded a headless server to gutsy
[03:59] <soren> Jester45: Does "apt-get -f install" do the right thing by any chance?
[04:00] <Jester45> should i do apt-get -f install libc6 or without a package
[04:00] <soren> without
[04:00] <Jester45> i tried it with a pakage name and it didnt work
[04:00] <Jester45> ok
[04:00] <RAdams> soren: the right IPs are in my resolv.conf, but I still can't ping by hostname
[04:00] <Jester45> humm... do you know how to leave irssi without closing it :0
[04:01] <soren> Jester45: Try in another terminal?
[04:01] <Jester45> RAdams: can you ping those ips?
[04:01] <RAdams> jester45: yes
[04:01] <soren> RAdams: It's hard to say. Can you ping your name servers?
[04:01] <RAdams> soren: those are my nameservers. I can ping them, but not by hostname
[04:02] <Jester45> it said 1 package not fully installed or removed so i guess the lic upgraded failed
[04:02] <soren> RAdams: Try nslookup ip.of.your.ns
[04:02] <soren> and see if you can lookup a hostname
[04:03] <soren> Jester45: Sure, but we already knew that? Does it offer to fix it?
[04:04] <RAdams> soren: excellent. turns out the name of the server is hostname.domainname
[04:04] <RAdams> I didn't realize this
[04:05] <Jester45> yes, i didnt know that. i think the upgrade didnt finish. aband i restarted the server thinking it did
[04:05] <soren> Jester45: Oh, ok. I thought that was part of your original question :)
[04:05] <Jester45> o i know what i did i ran sudo apt-get dist-upgrade -y & so i could close the ssh session and it would finish
[04:06] <Jester45> not thinking of the preconfiguring stuff that i had to tell it whatto do
[04:06] <soren> I'm not sure that would work.
[04:06] <Jester45> at least it downloaded it all now it just has to install the packages
[04:06] <soren> I'm not sure how apt-get will feel about the terminal disappearing.
[04:07] <Jester45> it stalled im guessing when it asked me what apache to configure
[04:07] <Jester45> that was the first think i had to tell it what to do this time
[04:08] <soren> You passed -y?
[04:08] <soren> ...so it should have just said yes to whichever questions your were asked. Almost, anyway.
[04:09] <Jester45> yes do get past the part when it ask if you want to continue when it shows the packages that will be upgraded
[04:10] <Jester45> well i dont think it will auto answer to the ncurses questions
[04:10] <Jester45> because its not y/n its multi choice
[04:12] <soren> Well, I believe it will e.g. overwrite config files with new versions.
[04:13] <mathiaz> Jester45: I don't think that running apt-get and then closing the terminal is a good idea, even with -y.
[04:13] <mathiaz> Jester45: debconf may expect a valid terminal.
[04:13] <mathiaz> Jester45: you should run the upgrade command in a screen session.
[04:15] <Jester45> i think it just stalled after the download because after a rebooted it was the same kernel then when i ran the upgrade again now that i can leave the terminal open it didnt need to dnwload anything but is installing
[04:29] <Jester45> whats your suggestion for a mail server + webui for it
[04:31] <Jester45> im thinking squirrelmail but im not sure how it works
[04:33] <_ruben> webui for reading mail or for administering mail accounts
[04:34] <Jester45> i want a server so that i can use a desktop client as they tend tobe better then a webui but if im away from my house i would like a webui so i can access it
[04:35] <Jester45> there will be only 1 or 2 accounts so administering can be cli/config only
[04:35] <_ruben> squirrelmail is decent choice then, been quite a while since i set it up, but from what i recall its pretty straightforward
[04:35] <Jester45> i dont think squirrel main is what im looking for i tihnk its only only web ui
[04:37] <Jester45> or im i wrong
[05:14] <leitao> hello. How could I enable/disable dad (Duplicate Address Detection) in my dhcp server?
[05:17] <sommer> leitao: IPv4 or IPv6?
[05:17] <leitao> sommer: IPV4
[05:17] <sommer> is it possible with IPv4?
[05:18] <sommer> I just did some quick searching and the only stuff I can find is for IPv6.
[05:18] <leitao> sommer: yes. That is what I've found as well.
[05:19] <leitao> sommer: do you know if it is impossible in IPv4?
[05:19] <sommer> sorry, this is actually the first time I've heard of it.
[05:19] <sommer> you could always configure IPv6 I guess... heh
[05:20] <leitao> sommer: hahahh
[06:13] <lamont> ScottK: so I'm at the office if you still need that
[06:40] <ScottK> lamont: Yes I do: Bug #151308
[06:40] <ubotu> Launchpad bug 151308 in feisty-backports "please backport Clamav from Gutsy to Feisty " [Wishlist,Confirmed]  https://launchpad.net/bugs/151308
[06:48] <lamont> ScottK: and doing this backport is a good thing? and you have a diff for me to apply? (or a packaged source-blob)?
[06:48] <ScottK> lamont: Yes.  Debdiff is in the bug (I've checked it).
[06:49] <lamont> doh
[06:49] <lamont> ok
[06:49] <lamont> I need to get something started and then I can do that
[06:49] <ScottK> You should be able to get the Gutsy package and apply the debdiff and be off the the races.
[06:49] <ScottK> Great.
[08:17] <RAdams> "/etc/init.d/ntpdate restart" returns a no such file error on a fresh install of Ubuntu Server. What should the content of that file be, and why isn't it there when ntpdate is installed?
[08:18] <ScottK> soren: Since jdong clarified the source backports policy, would you be up for one?
[08:19] <sommer> RAdams: I think the package you're looking for is: openntpd
[08:20] <sommer> if you're looking for a ntp server that is?
[08:21] <RAdams> sommer: I'm actually configuring this machine to look to the local Windows AD DC for time configuration. I've set everything correctly, but the howto I'm reading tells me to restart ntpdate, which does not exist in my init.d
[08:23] <sommer> RAdams: ah, the guide must be a little dated.  Try: sudo ntpdate pool.ntp.org
[08:23] <sommer> or rather ntpdate your_DC
[08:24] <RAdams> sommer: that seemed to do the trick
[08:24] <RAdams> thanks
[08:24] <sommer> np
[08:28] <leitao> how could I discover what process is listening an specific UDP/TCP port?
[08:30] <leitao> I found it. fuser. ;-)
[08:32] <soren> ScottK: Sure.
[08:32] <ScottK> soren: How about Bug #153287.  It's got two packages in it and debdiffs for both.
[08:32] <ubotu> Launchpad bug 153287 in dapper-backports "Please source backport pyspf 2.0.4-1/pypolicyd-spf 0.4.1-1 from Gutsy to Dapper" [Wishlist,Confirmed]  https://launchpad.net/bugs/153287
[08:33] <shane_> Hey guys, I'm having a problem with lighttpd (but I get it with Apache as well), and I've no idea what's going on. I'm running Gutsy.
[08:33] <soren> shane_: What's the problem?
[08:34] <shane_> Basically, I have /var/www/public_html set as the document root, and whenever I try to access http://209.59.142.60/ (that's the server), it redirects to /index.html/, regardless of whether or not there is an index.html (or an index.php for that matter)
[08:35] <shane_> *.90
[08:35] <shane_> That should be.
[08:35] <shane_> http://209.59.142.90/
[08:36] <RAdams> https://help.ubuntu.com/community/ActiveDirectoryWinbindHowto tells me krb5-config will present a prompt. It gives me no such prompt, instead returning the usage help. I'm not sure how to proceed.
[08:37] <soren> shane_: It doesn't when I access it?
[08:37] <soren> ScottK: I'm looking at it. This is a first for me, so I want to check things properly first.
[08:37] <shane_> soren: Oh... maybe it's a client-side problem then. I'll just double-check.
[08:38] <soren> shane_: You should be using wget or curl or something to test. Firefox tends to cache overaggressively.
[08:38] <ScottK> soren: Thanks.  No rush.  I've built, installed, and tested both of those, so let me know if I can answer questions.
[08:39] <shane_> soren: Thanks for that, you're correct. Heh, I feel really stupid now, but thanks a lot for the help.
[08:40] <soren> shane_: Don't. It's a very common mistake :)
[08:51] <RAdams> sommer: any ideas on my question above?
[08:51] <ScottK> soren: I'll be back in a few, I need to reset my router.
[08:55] <sommer> RAdams: I believe it's just an example... should okay to get rid of it, but you should make a backup of the config just in case.
[08:58] <RAdams> sommer: kerebos realm = my_domain?
[09:01] <sommer> RAdams: I'm not entirely sure I haven't tried to configure Linux and AD for ages... you could always try it and see how it goes :)
[09:01] <soren> ScottK: pypolicyd-spf is 0.5-1 in Debian. Do you want to wait until we've synced that?
[09:11] <soren> ScottK2: You're sure the python-support stuff is kosher on Dapper?
[09:12] <ScottK> soren: We had python-support in Dapper.  It doesn't act the way it does now, but it works.
[09:13] <ScottK> soren: The downside is it installs stuff in site-packages, so it's not IAW current Python policy, but it's no harm.
[09:14] <ScottK> It's either that or don't even try to support current policy and go back to a binary per python version.
[09:15] <soren> ScottK: Well, that's surely what I would do if it were an SRU, but since it's -backports it's really more your call than mine.
[09:15] <soren> ScottK: And it looks sensible.
[09:15] <ScottK> Well we were supposed to support the new Python policy in Dapper, but support was incomplete.
[09:16] <soren> ScottK: Ok, I think I'm happy. Did you see my question w.r.t. pypolicyd-spf?
[09:16] <ScottK> No, I did not.
[09:16] <soren> 21:01:26 < soren> ScottK: pypolicyd-spf is 0.5-1 in Debian. Do you want to wait until we've synced that?
[09:17] <ScottK> soren: No.  It's got significant additional complexity.  I'm not comfortable with backporting it yet.  In fact I'm about to release 0.5.1 because of a major oops in 0.5.
[09:17] <soren> ScottK: Oh, you're upstream?
[09:17] <ScottK> For that one, yes.
[09:17] <soren> I didn't realise that.
[09:17] <ScottK> Upstream and Debian maintainer.
[09:18] <soren> You're DD?
[09:18] <ScottK> No.  Member of Debian Python Applications Team.
[09:18] <soren> Damn. We could have exchanged sponsorship services :)
[09:18] <ScottK> DPAT has DDs who are very good about sponsoring.
[09:20] <soren> ScottK: I know it doesn't really matter, but what do you think would be the most appropriate amount of changelog to include in the .changes file?
[09:21] <ScottK> In theory all of it since it's a new package I'd guess.  Not sure if you really want to do that or not.
[09:21] <soren> I'm thinking since 1.6-2ubuntu1 (or actually 1.6-3)
[09:21] <ScottK> Ah for pyspf.  Yes.
[09:22] <soren> 1.6-3 since the ubuntu specific changelog got nuked in a sync at some point.
[09:22] <ScottK> Yes.  I got that one updated in Ubuntu while I worked on Debian for a while.
[09:23] <soren> I just upload this to the usual place, right?
[09:25] <ScottK> Yep (dapper-backports is the pocket, but debian/changelog takes care of that for you).
[09:25] <soren> Sure, sure.
[09:25] <soren> ScottK: Alright, here goes :)
[09:28] <soren> ScottK: There.
[09:29] <ScottK> soren: Thanks.  That's been on my TODO for a long time.  Appreciate the help.
[09:31] <soren> ScottK: Thanks for guiding me through it!
[09:33] <lamont> ScottK: hip deep in assigned task atm.
[09:33] <lamont> ScottK: it'll happen sometime today
[09:33] <ScottK> lamont: OK.  No problem.
[09:34] <ScottK> Understand being busy.
[09:37] <Yahooadam> hey all, having a problem with apt-get update
[09:38] <ScottK> soren: I got the accept/NEW announcements so it appears it's all landed.  Thanks.
[09:38] <Yahooadam> bzip2: data integrity error when decompressing
[09:39] <Yahooadam> failed to fetch http://gb.archive.ubuntu.com/ubuntu/dists/feisty/main/binary-i386/Packages.bz2
[09:40] <Yahooadam> Sub-Process bzip2 returned an error code (2)
[09:42] <Yahooadam> anyone got any ideas /
[09:42] <Yahooadam> ?
[09:42] <Yahooadam> just downloaded the package in windowz without an issue ....
[09:43] <soren> Yahooadam: You've got apt-get on windows?
[09:43] <Yahooadam> no, but i dowloaded Packages.bz2 and extracted
[09:43] <Yahooadam> and opened the Packages file inside with wordpad
[09:44] <Yahooadam> none of that giving an error
[09:44] <Yahooadam> ive tried apt-get clean and apt-get autoclean too
[09:45] <soren> What if you fetch it with wget on your ubuntu box?
[09:46] <Yahooadam> i _really_ wish windows ICS was working
[09:47] <Yahooadam> i have to unplug my network connection to get my ubuntu box on the network :(
[09:47] <Yahooadam> brb then :p
[09:57] <RAdams> Sanity Saving Advice (TM): In /etc/krb5.conf when configuring for winbind, ALL REALM PARAMETERS SHOULD BE CAPS
[09:57] <RAdams> :|
[09:57] <RAdams> That took an hour of my life I'll never get back
[09:58] <ajmitch> kerberos is fun like that
[09:59] <RAdams> yes, a blast
[09:59] <RAdams> I get errors looking up users or groups with wbinfo. Where should I begin troubleshooting that?
[10:00] <RAdams> I successfully joined the domain: net ads -U admin join
[10:04] <Yahooadam> right
[10:04] <Yahooadam> it wgetted it ok ...
[10:18] <RAdams> A W3k user just logged onto my Ubuntu Server :O
[10:28] <RAdams> how do I share a folder via smb? I've never done it strictly through terminal
[10:29] <Yahooadam> smb.conf
[10:31] <Yahooadam> http://www.bit-tech.net/bits/2007/06/05/build_your_own_server/4
[10:33] <sommer> RAdams: did you follow the guide in the wiki?
[10:34] <RAdams> sommer: https://help.ubuntu.com/community/ActiveDirectoryWinbindHowto
[10:34] <sommer> it would be really great if you could update it with any changes/improvements
[10:34] <RAdams> sommer: sure :)
[10:35] <RAdams> how do I set this share I made so ANY domain user can write to it?
[10:35] <RAdams> it's already set in my smb.conf
[10:35] <RAdams> writable = yes
[10:35] <RAdams> lock = no
[10:37] <mralphabet> the group needs write access to it
[10:37] <sommer> RAdams: I think that should work, you'll want to make sure the directory exists and that the Linux permissions are kosher.
[10:37] <RAdams> how do I change the directory so it is writable to any logged in user? chmod 777?
[10:42] <sommer> RAdams: that's the least secure way of doing it.  The other way would be to add all your users into a group and give that group write permissions.
[10:43] <RAdams> sommer: how do I add every user who logs into the machine, local or domain, to a group? Isn't there a group for that already?
[10:46] <mathiaz> RAdams: you could try with the force user and force group options in the share definition (smb.conf).
[10:46] <mathiaz> RAdams: that way, access control is done at the samba level and not at the filesystem level.
[10:49] <sommer> RAdams: you also might take a look at the Samba "add group script" option.
[10:52] <shane_> Hey guys, does anybody know if it's possible to configure lighttpd to treat incoming URLs as case insensitive, even if the filesystem is case-sensitive? It's just I have to get this badly-coded webapp up-and-running that was obviously coded on a case-insensitive system?
[11:05] <shane_> Anyone?
[11:09] <fujin_> shane_: not sure with lighttpd, but you can probably get around it in Apache with some regex matching
[11:10] <shane_> fujin_: Hmmm I'll try playing around with some regex then
[11:10] <fujin_> probably the easiest way around it is to convert every incoming request into lowercase
[11:12] <shane_> Well it's not as simple as that because not all the files are lowercase, and I don't know how much they'd break if I moved them all. I think I'll just leave it for now.
[11:13] <shane_> I'm also having a problem where it takes ~30 seconds to connect the the MySQL server. The MySQL server is another machine on the same local network. Once it's connected the queries are executes quickly enough, it's just connecting takes for ever. Does anybody know what might be causing this?
[11:15] <fujin_> dns resolution on the mysql server
[11:15] <shane_> I'm doing it by IP though.
[11:16] <fujin_> yes, I understand that
[11:16] <shane_> So why would DNS be an issue?
[11:16] <fujin_> the mysql server probably does a DNS lookup against the connecting ip address
[11:16] <fujin_> are it's nameservers configured correctly
[11:16] <shane_> Ah right, that's probably it then.
[11:17] <shane_> Well we are having DNS problems at the moment, so probably not.
[11:17] <fujin_> generally when you connect to something and it takes a long-ass time, it's dns related
[11:17] <shane_> Yeah - I just didn't realise DNS would come into the equation because I was doing it by IP. Thanks.
[11:18] <fujin_> np
[11:18] <fujin_> that was just a guess
[11:19] <shane_> It's probably correct, because DNS is broken at the moment.
[11:22] <RAdams> sommer: FYI: chgrp "NAME OF A GROUP ON THE WINDOWS DOMAIN" /path/to/share/listed/in/smb.conf also works
[11:25] <Yahooadam> just tried to extract the packages.bz2 i got on ubuntu, and it gives an error
[11:25] <Yahooadam> 4: huff+mtf rt+rld] data integrity (CRC) error in data
[12:00] <Yahooadam> anyone ....
[12:00] <Yahooadam> how can u get the packages fixed >_<
[12:20] <RAdams> how do I enable ssh access to my server from another computer on the domain?
[12:22] <fujin_> eh?
[12:22] <fujin_> install ssh
[12:22] <fujin_> start the daemon
[12:22] <fujin_> poke a hole in firewall if necessary
[12:23] <Yahooadam> you dont even need to start the daemon
[12:23] <Yahooadam> installing it does it for you :p
[12:23] <fujin_> s/start the daemon/ensure the daemon is running/
[12:24] <Yahooadam> basically, sudo apt-get install ssh
[12:24] <Yahooadam> and you _should_ be set normally
[12:24] <RAdams> Starting OpenBSD Open Secure Shell Server [fail] 
[12:25] <fujin_> well, that's not ideal
[12:25] <fujin_> any errors?
[12:26] <fujin_> dpkg --purge openssh-server && apt-get install openssh-server