| nealmcb | sommer: haven't tried it yet. I'm lazy and was waiting for a downloadable image - got one? | 00:25 |
|---|---|---|
| * nealmcb is surprised at the slowness of sugar | 00:26 | |
| === jjesse_ is now known as jjesse | ||
| sommer | nealmcb: nope, no image... I'm not really sure how to make one? | 01:53 |
| jjesse | hello | 02:12 |
| ChuckWagon | I would like to install Zend Framework. | 02:16 |
| ChuckWagon | I have a working Apache / PHP / MySQL already. | 02:17 |
| ChuckWagon | Naturally, I don't want to mess anything up. Any hints/tips? | 02:17 |
| ChuckWagon | By default, it wants to install Apache for you, but I think I can turn that off. | 02:17 |
| thomas_newbie__ | my ssh and apache server starts each time i boot up my os. How to disable that | 02:46 |
| kgoetz | whats the os and version? ;) | 02:49 |
| kgoetz | thomas_newbie__: in direct answer for apache: /etc/default/apache2 | 02:50 |
| kgoetz | thomas_newbie__: and for ssh touch /etc/ssh/sshd_not_to_be_run | 02:51 |
| thomas_newbie__ | kgoetz: whats the second one? | 02:56 |
| thomas_newbie__ | kgoetz: why do I create a file? | 02:56 |
| thomas_newbie__ | so /etc/default/ is all startup config? | 02:56 |
| kgoetz | no its not | 02:56 |
| kgoetz | its where some tools put startup settinsg | 02:56 |
| kgoetz | look at /etc/init.d/ssh for why you touch teh 2nd file | 02:57 |
| thomas_newbie__ | kgoetz: but what would that do? that wouuld create an empty file.... | 02:57 |
| kgoetz | yes it would | 02:59 |
| kgoetz | read the init script? 13:27 < kgoetz> look at /etc/init.d/ssh for why you touch teh 2nd file | 02:59 |
| thomas_newbie__ | kgoetz: ohhh i see | 02:59 |
| thomas_newbie__ | i just read the script | 02:59 |
| thomas_newbie__ | kgoetz: dude though how would I know what settings are in each config file....? how do I know where to look for any other services besides ssh? | 03:00 |
| kgoetz | thomas_newbie__: depends what you want to know | 03:01 |
| thomas_newbie__ | kgoetz: so in the future where do I look? look in the init.d/ folders config files? | 03:02 |
| kgoetz | thomas_newbie__: depends what you want to know | 03:02 |
| thomas_newbie__ | :S | 03:02 |
| kgoetz | its something you find out with time, mostly. | 03:02 |
| thomas_newbie__ | i see...its done the hard way :S | 03:02 |
| kgoetz | welcome to life :D | 03:03 |
| thomas_newbie__ | kgoetz: hey btw I was looking to set up UML for a honeypot, what do you think? | 03:03 |
| kgoetz | perhaps it could be documented as part of the process installing docs. | 03:03 |
| kgoetz | thomas_newbie__: why? | 03:03 |
| thomas_newbie__ | kgoetz: for learning purposes...that's a good idea right? | 03:03 |
| kgoetz | learn to drive your own server, before asking people to screw you over | 03:04 |
| thomas_newbie__ | kgoetz: no but I would screw myself over....see how to break into my own system | 03:07 |
| kgoetz | thomas_newbie__: 'no'. theres constructive ways to learn, which dont involve making yourself a target | 03:08 |
| thomas_newbie__ | hmm...i mean basically I would be pretending to be a client trying to break into my own server, That can be educational right? | 03:10 |
| kgoetz | ah... you want to honeypot yourself? | 03:11 |
| kgoetz | seems a somewhat nonsense way to do it. | 03:11 |
| thomas_newbie__ | lol | 03:12 |
| thomas_newbie__ | kgoetz: so you disaprove? its stupid, i found the user-mode linux kernel on the ubuntu package search but it diesn't fine it in adept manager | 03:12 |
| kgoetz | thomas_newbie__: set a goal, decide what you want the system to do, then work towards it | 03:13 |
| thomas_newbie__ | kgoetz: i mean i have 2 servers, I just odn't know if they're safe enough....Doubt it.... | 03:14 |
| kgoetz | thomas_newbie__: first of all what do they do, and what do you want them to be safe from? | 03:15 |
| thomas_newbie__ | kgoetz: apache2 webserver. I am only using it mainly for learning purposes. I am thinking of maybe setting up an authentication or some kind. My teacher said using PAM and perhaps using it for logging aswell. I also want to be sure that I will be safe from the outside world when experimenting with my server. I don't want to jeopardize my other computer on MY LAN. Also i have an SSH server that is | 03:18 |
| thomas_newbie__ | just there for now....... | 03:18 |
| kgoetz | apache isnt a particularly problem prone bit of software | 03:22 |
| kgoetz | its more what you run in apache that will cause issues | 03:22 |
| kgoetz | as for pam, yeah, you could backend on it | 03:22 |
| kgoetz | i have done it | 03:23 |
| thomas_newbie__ | what do you man backend | 03:25 |
| kgoetz | authenticate against | 03:25 |
| thomas_newbie__ | kgoetz: I'm thinking of changing default port 80 to something else for security...What is a good port #? | 03:29 |
| kgoetz | you wont gain security from it | 03:31 |
| thomas_newbie__ | kgoetz: most people expect all webservers to be port 80... | 03:31 |
| kgoetz | thomas_newbie__: look into 'security by obscurity' | 03:31 |
| thomas_newbie__ | kgoetz: well i've been reading | 03:51 |
| thomas_newbie__ | kgoetz: and what exactly did you mean of security through obscurity | 03:51 |
| thomas_newbie__ | kgoetz: the fact that I'm ignoring everything else and just changing the port # as a quick fix? | 03:51 |
| kgoetz | thomas_newbie__: basically, yes | 03:52 |
| thomas_newbie__ | kgoetz: can i ask you one more question | 03:58 |
| kgoetz | sure | 03:59 |
| thomas_newbie__ | kgoetz: if you don't think I should learn by using UML, then what should i learn next? Conserning my Webserver however | 03:59 |
| kgoetz | thomas_newbie__: learn something thats useful to you - make the system do what you want it to. | 04:00 |
| kgoetz | as you learn more you can try and make it do different things | 04:00 |
| thomas_newbie__ | shall I try to use PHP adn PERL? | 04:01 |
| kgoetz | what do you want to do? | 04:01 |
| * kgoetz doesnt use either | 04:02 | |
| thomas_newbie__ | secure the server | 04:02 |
| thomas_newbie__ | loggi | 04:02 |
| thomas_newbie__ | you don't use PHP for your webserver? | 04:04 |
| thomas_newbie__ | kgoetz: | 04:04 |
| kgoetz | not at home, at work we run (eg) mediawiki, an dneed it for that | 04:05 |
| === ember_ is now known as ember | ||
| XiXaQ | I would appreciate it if someone could have a look at http://wiki.ubuntu.com/CalendarServer and finish it. What's necessary, is making a user for it, scripts for /etc/init.d and scripts to run it at boot and shut it down with the system. | 09:49 |
| === ember_ is now known as ember | ||
| oly- | hum, i just installed request tracker to try it out, but have no idea what port / address i need to type in to get up the web interface | 15:28 |
| oly- | anyone happen to know ? | 15:28 |
| jjesse | i thought it was /rt | 15:28 |
| jjesse | http://localhost/rt? | 15:29 |
| oly- | just tried that nothing | 15:29 |
| oly- | this is straight from gutsy repo version 3.6 | 15:29 |
| oly- | its a real shame they dont put a note in the descriptions of these packages with how to access the web interfaces | 15:30 |
| oly- | i hit this problem far to often :p | 15:31 |
| sommer | oly-: have you seen this guide: http://wiki.bestpractical.com/view/UbuntuInstallGuide | 15:31 |
| sommer | oly-: on my installation I created a vhost and I simply go to the "ServerName" directive | 15:32 |
| oly- | nope thxs that looks like it will ansswer my question :) | 15:32 |
| oly- | well usually the deb files do all that for you | 15:32 |
| sommer | oly-: np, basically create a new vhost pointing the DocumentRoot to /usr/share/request-tracker3.6/html/ | 15:33 |
| sommer | oly-: ya, but with webapps it's more open to the admins preferences I think | 15:33 |
| oly- | okay will do thxs for that info :) | 15:33 |
| sommer | welcome | 15:33 |
| oly- | i am all for that but a default setup is nice | 15:33 |
| oly- | i only want to give it a quick try to see if its any good | 15:34 |
| sommer | oly-: I've found it to be great, as a help desk anyway | 15:34 |
| oly- | cool, i mainly need ldap support and a simple interface | 15:35 |
| oly- | with e-mail support as well for sending in requests | 15:35 |
| sommer | oly-: LDAP is a little tricky, but the RT wiki has instructions | 15:35 |
| sommer | and email support works great as well :) | 15:36 |
| oly- | yeah LDAPs often tricky lol | 15:36 |
| pubo | hi everybody! | 15:41 |
| pubo | does anyone use ldap + phpldapadmin? | 15:41 |
| pubo | I'm getting the message "Could not start TLS. Please check your LDAP server configuration." | 15:42 |
| sommer | pubo: is your LDAP server using STARTTLS? | 15:42 |
| pubo | uhm, I'm not sure, but if I do "ldapsearch -x -Z" the output is correct | 15:43 |
| pubo | sommer, /etc/init.d/slapd starttls? | 15:43 |
| sommer | pubo: ah you should be good then... can you login using TLS, I guess should have been my question :) | 15:44 |
| pubo | and netstat says: *:ldaps *:* LISTEN 8017/slapd, so I thought slapd is correctly configurated | 15:45 |
| pubo | was | 15:45 |
| sommer | pubo: in your config.php do you have: $ldapservers->SetValue($i,'server','tls', true); ? | 15:46 |
| pubo | yes, but if I change it to false, then everything goes right | 15:47 |
| sommer | pubo: is your ldap server using a self-signed cert? | 15:47 |
| pubo | I made my self CA, and then I created a certificate and signed it | 15:48 |
| sommer | ah you might try adding 'TLS_REQCERT never' to /etc/ldap/ldap.conf and see if works with 'tls', true | 15:48 |
| pubo | with Common Name = server.domain.es | 15:49 |
| dthacker-work | Hi, I'm running postfix on ubuntu-server and I'd like to get reports on the how much traffic is going through. Are there specific packages that you would recommend? | 15:49 |
| pubo | sommer, I'm goin to... :) | 15:49 |
| pubo | nothing :"( | 15:50 |
| sommer | pubo: MMMmmm... I'm pretty sure that's what worked for me, another thing you can try is run a packet sniffer (like wireshark) and see where the LDAP communication is failing | 15:52 |
| sommer | pubo: also try running slapd from the console with a high debug ouput: slapd -h "ldap:// ldaps://" -d -1 -f /etc/ldap/slapd.conf | 15:53 |
| pubo | I was doing that xD. Please, take a look at: | 15:54 |
| pubo | tls_read: want=5 error=Resource temporarily unavailable | 15:54 |
| pubo | TLS trace: SSL_accept:error in SSLv3 read certificate verify A | 15:54 |
| sommer | pubo: does slapd have permission to read the cert? | 15:55 |
| pubo | yes, I changed the permissions to 755 | 15:55 |
| pubo | Do you want I post in pastebin the whole auth log? | 15:55 |
| sommer | sure | 15:56 |
| pubo | http://pastebin.com/m7c399685 | 15:56 |
| sommer | pubo: I think you have tls started | 15:59 |
| sommer | are you running phpldapadmin on the same host as your ldap server? | 16:00 |
| pubo | yes, but I'm trying to login from another PC as the server doesn't have any browser installed | 16:01 |
| sommer | pubo: gotcha | 16:02 |
| pubo | really?!! | 16:02 |
| sommer | heh, I understand your setup now anyway... you tried the TLS_REQCERT option on the phpldapadmin server, correct? | 16:03 |
| pubo | uhm, don't know xDD. I'm very noob in ldap :) | 16:04 |
| pubo | I only want to configure ldap to use TLS, and manage it with phpldapadmin. But I'd like the client-server authentication were through TLS | 16:05 |
| sommer | pubo: sure, the TLS_REQCERT option in /etc/ldap/ldap.conf determines whether or not the LDAP client verifies the servers certificate | 16:06 |
| pubo | sommer, in both archives (slapd.conf and ldap.conf) I't set TLS_REQCERT never | 16:08 |
| sommer | pubo: and still not working? | 16:09 |
| pubo | no :( | 16:10 |
| pubo | ufff, that's stressing xD | 16:14 |
| pubo | sommer, in login DN should I have something like cn=admin,dc=server,dc=es ? | 16:16 |
| sommer | pubo: in your phpldapadmin config.php? | 16:16 |
| pubo | no, in the login dialog at phpldapadmin page | 16:17 |
| sommer | ah, in my install I do | 16:17 |
| pubo | I did not made any change in config.php | 16:17 |
| pubo | did make... sorry (spanish) xDD | 16:18 |
| sommer | okay, I login to phpldapadmin using the full dn | 16:18 |
| sommer | but I also bind with the full dn in config.php | 16:19 |
| pubo | ok, I'm going to try it | 16:19 |
| citybird | hello. i have a question about pxe servers | 16:23 |
| === \sh_away is now known as \sh | ||
| pubo | :'''( | 16:24 |
| citybird | i have configured my ubuntu linux install with tftpd and downloaded the network boot image and started the daemon... | 16:24 |
| citybird | then i added the servername as the tftp server on my windows dhcp server... | 16:25 |
| citybird | problem.. every tutorial i have found say use the dhcp server as your pxe server but they dont say how to configure the dhcp server specificly if your pxe server is somewhere else. | 16:26 |
| sommer | pubo: are you using port 389 in your config.php? | 16:28 |
| pubo | sommer, nop, 636 :S | 16:29 |
| sommer | pubo: you might try 389... TLS works over the default port, 636 is for SSL IIRC | 16:30 |
| pubo | Error message from phpldapadmin: "LDAP said: Operations error". And google get no results.. ¿?¿??¿ | 16:30 |
| sommer | pubo: when using 389? | 16:31 |
| pubo | every time. Using it and with 636 port :( | 16:32 |
| sommer | so you tried 389? | 16:32 |
| pubo | I start ldap server with: /usr/sbin/slapd -h ldap:/// ldaps:/// -g openldap -u openldap | 16:32 |
| pubo | sommer, yes, I've just tried it | 16:32 |
| pubo | maybe group and user should be www-data? | 16:33 |
| sommer | pubo: nope openldap is correct user and group | 16:33 |
| sommer | try adding the -f /etc/ldap/slapd.conf option | 16:34 |
| sommer | just to make sure it's using the correct config file | 16:34 |
| pubo | no... | 16:39 |
| pubo | -h 'ldap:/// ldaps:///' (is this correct?) | 16:39 |
| sommer | pubo: yep | 16:40 |
| pubo | sommer, do you have installed ldap on your pc? Could you send me the configs? | 16:40 |
| sommer | pubo: sure, I'll pastebin | 16:41 |
| pubo | http://pastebin.com/m11c956c7 | 16:43 |
| pubo | this is my TLS config and ldapsearch output | 16:43 |
| sommer | pubo: here's mine: http://pastebin.com/m7020400 | 16:47 |
| sommer | it's migrated from a redhat config so some things may not be 100% the same | 16:47 |
| pubo | :O | 16:52 |
| citybird | oops, it's working now. | 16:53 |
| pubo | no, but... | 16:53 |
| pubo | I changed my slapd.conf to TLSCertificateFile /etc/ssl/empresaCA/newcert.pem | 16:53 |
| pubo | TLSCertificateKeyFile /etc/ssl/empresaCA/newreq.pem | 16:53 |
| pubo | TLSCipherSuite HIGH | 16:54 |
| pubo | (Removed CA path) | 16:54 |
| pubo | and now, when I do ldapsearch -x -Z, I get: | 16:55 |
| pubo | additional info: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed | 16:55 |
| pubo | I made a wrong certificate? | 16:56 |
| === jjesse_ is now known as jjesse | ||
| === jjesse_ is now known as jjesse | ||
| zul | afternoon | 17:49 |
| pubo | sommer, are you there? | 17:57 |
| pubo | sommer, do you remember the guide you read to made ldap on your network? | 17:58 |
| sommer | just got back | 17:58 |
| sommer | yep: http://www.oreilly.com/catalog/ldapsa/ | 17:59 |
| pubo | oki, thanks a million :) | 18:19 |
| sommer | pubo: np, it feels like you're really close though | 18:21 |
| pubo | I must make a mistake in somewhere. I've just tried to implement ldapserver with phpldapadmin and TLS in a VMWARE virtual machine, and this time everything has gone right, so I think I will start from the beggining :) | 18:23 |
| sommer | pubo: ah... sometimes that works best :-) | 18:27 |
| poor_man | hi all | 18:36 |
| poor_man | how can i list the unfformated newly added drives to my machine? | 18:37 |
| poor_man | i tried df command but only shows formated and mounted drives | 18:38 |
| sommer | pubo: you can look though dmesg... dmesg | grep -i sda for example | 18:39 |
| sommer | woops meant poor_man | 18:39 |
| poor_man | dmesg thats the command | 18:41 |
| poor_man | and the next command to format and mount it | 18:41 |
| poor_man | format it as EXT3, the entire disk and after make a mount | 18:42 |
| sommer | poor_man: you'll need to create a partition with fdisk... fdisk /dev/sda (or whatever your drive is) | 18:43 |
| poor_man | thanks, lets try that | 18:43 |
| sommer | poor_man: you might also take a look at this article: https://help.ubuntu.com/community/Mount | 18:44 |
| nxvl_work | soren: now that the alpha3 is out, can you upload Bug #130836 | 19:12 |
| ubotu | Launchpad bug 130836 in apache2 "Specify OpenDocument icon(s) in Apache2 configuration" [Wishlist,Confirmed] https://launchpad.net/bugs/130836 | 19:12 |
| ScatterBrain | Anyone running vmware 1.0.4 on Gutsy 32-bit? | 20:41 |
| jjesse | ScatterBrain: i'm running vmware server | 20:43 |
| jjesse | 1.0.4 | 20:43 |
| ScatterBrain | jjesse: on 32-bit Gutsy? | 20:44 |
| jjesse | ScatterBrain: yes | 20:44 |
| ScatterBrain | jjesse: Any hoops you had to jump through? | 20:45 |
| jjesse | ScatterBrain: 1.0.4 build-56528 | 20:45 |
| jjesse | i followed the isntall guide (google vmware install gutsy) | 20:45 |
| ScatterBrain | Or simply d/l the tar ball and install? | 20:45 |
| jjesse | i think its from christer edwards | 20:45 |
| jjesse | http://ubuntu-tutorials.com/2007/11/17/install-vmware-server-on-ubuntu-710-gutsy-gibbon-updated/ | 20:46 |
| ScatterBrain | fopund it...reading...thx. | 20:46 |
| jjesse | np | 20:47 |
| Nafallo | partner has it | 20:57 |
| ScatterBrain | Nafallo: the parner repos? Has vmware server? | 21:08 |
| Nafallo | yes. but correctly spelled. | 21:09 |
| ScatterBrain | heh ;-) | 21:09 |
| ScatterBrain | hmmm... me goes to check that out | 21:09 |
| * emgent hi | 21:21 | |
| === \sh is now known as \sh_away | ||
| jvargas | hi | 21:46 |
| jvargas | let's say i installed subversion in a partition of 100Gb, what if the available space becomes unavailable, can i some way join another partition to supply 100Gb more of space for the same subversion repository directory? | 21:48 |
| jvargas | /srv/svn for example is mounted on /dev/hda, can i do something so that the space is merged with /dev/hdb's ? | 21:49 |
| mathiaz | jvargas: you need to use lvm to do that kind of partition management. | 22:09 |
| jvargas | mathiaz: already using LVS | 22:12 |
| jvargas | but the filesystem auto resizes ? | 22:12 |
| mathiaz | jvargas: you can resize ext3 filesystem - have a look at resize2fs | 22:17 |
| danp | i'm trying to preseed network info from the boot line but i'm having trouble (i think) with sourcing confmodule in my early script. anyone familiar with that? | 22:30 |
| nealmcb | XiXaQ: I'm poking at https://wiki.ubuntu.com/CalendarServer Thanks!! I would think that recurring events are possible with webcal also? Specifying the format of the files (ical?) would help. | 22:41 |
| nealmcb | or perhaps a reference to http://en.wikipedia.org/wiki/Webcal | 22:42 |
| danp | irissssh | 22:43 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!