[00:25] <nealmcb> sommer: haven't tried it yet.  I'm lazy and was waiting for a downloadable image - got one?
[00:26]  * nealmcb is surprised at the slowness of sugar
[01:53] <sommer> nealmcb: nope, no image... I'm not really sure how to make one?
[02:12] <jjesse> hello
[02:16] <ChuckWagon> I would like to install Zend Framework.
[02:17] <ChuckWagon> I have a working Apache / PHP / MySQL already.
[02:17] <ChuckWagon> Naturally, I don't want to mess anything up.  Any hints/tips?
[02:17] <ChuckWagon> By default, it wants to install Apache for you, but I think I can turn that off.
[02:46] <thomas_newbie__> my ssh and apache server starts each time i boot up my os. How to disable that
[02:49] <kgoetz> whats the os and version? ;)
[02:50] <kgoetz> thomas_newbie__: in direct answer for apache: /etc/default/apache2
[02:51] <kgoetz> thomas_newbie__: and for ssh touch /etc/ssh/sshd_not_to_be_run
[02:56] <thomas_newbie__> kgoetz: whats the second one?
[02:56] <thomas_newbie__> kgoetz: why do I create a file?
[02:56] <thomas_newbie__> so /etc/default/ is all startup config?
[02:56] <kgoetz> no its not
[02:56] <kgoetz> its where some tools put startup settinsg
[02:57] <kgoetz> look at /etc/init.d/ssh for why you touch teh 2nd file
[02:57] <thomas_newbie__> kgoetz: but what would that do? that wouuld create an empty file....
[02:59] <kgoetz> yes it would
[02:59] <kgoetz> read the init script? 13:27 < kgoetz> look at /etc/init.d/ssh for why you touch teh 2nd file
[02:59] <thomas_newbie__> kgoetz: ohhh i see
[02:59] <thomas_newbie__> i just read the script
[03:00] <thomas_newbie__> kgoetz: dude though how would I know what settings are in each config file....? how do I know where to look for any other services besides ssh?
[03:01] <kgoetz> thomas_newbie__: depends what you want to know
[03:02] <thomas_newbie__> kgoetz: so in the future where do I look? look in the init.d/ folders config files?
[03:02] <kgoetz> thomas_newbie__: depends what you want to know
[03:02] <thomas_newbie__> :S
[03:02] <kgoetz> its something you find out with time, mostly.
[03:02] <thomas_newbie__> i see...its done the hard way :S
[03:03] <kgoetz> welcome to life :D
[03:03] <thomas_newbie__> kgoetz: hey btw I was looking to set up UML for a honeypot, what do you think?
[03:03] <kgoetz> perhaps it could be documented as part of the process installing docs.
[03:03] <kgoetz> thomas_newbie__: why?
[03:03] <thomas_newbie__> kgoetz: for learning purposes...that's a good idea right?
[03:04] <kgoetz> learn to drive your own server, before asking people to screw you over
[03:07] <thomas_newbie__> kgoetz: no but I would screw myself over....see how to break into my own system
[03:08] <kgoetz> thomas_newbie__: 'no'. theres constructive ways to learn, which dont involve making yourself a target
[03:10] <thomas_newbie__> hmm...i mean basically I would be pretending to be a client trying to break into my own server, That can be educational right?
[03:11] <kgoetz> ah... you want to honeypot yourself?
[03:11] <kgoetz> seems a somewhat nonsense way to do it.
[03:12] <thomas_newbie__> lol
[03:12] <thomas_newbie__> kgoetz: so you disaprove? its stupid, i found the user-mode linux kernel on the ubuntu package search but it diesn't fine it in adept manager
[03:13] <kgoetz> thomas_newbie__: set a goal, decide what you want the system to do, then work towards it
[03:14] <thomas_newbie__> kgoetz: i mean i have 2 servers, I just odn't know if they're safe enough....Doubt it....
[03:15] <kgoetz> thomas_newbie__: first of all what do they do, and what do you want them to be safe from?
[03:18] <thomas_newbie__> kgoetz: apache2 webserver. I am only using it mainly for learning purposes. I am thinking of maybe setting up an authentication or some kind. My teacher said using PAM and perhaps using it for logging aswell. I also want to be sure that I will be safe from the outside world when experimenting with my server. I don't want to jeopardize my other computer on MY LAN. Also i have an SSH server that is
[03:18] <thomas_newbie__> just there for now.......
[03:22] <kgoetz> apache isnt a particularly problem prone bit of software
[03:22] <kgoetz> its more what you run in apache that will cause issues
[03:22] <kgoetz> as for pam, yeah, you could backend on it
[03:23] <kgoetz> i have done it
[03:25] <thomas_newbie__> what do you man backend
[03:25] <kgoetz> authenticate against
[03:29] <thomas_newbie__> kgoetz: I'm thinking of changing default port 80 to something else for security...What is a good port #?
[03:31] <kgoetz> you wont gain security from it
[03:31] <thomas_newbie__> kgoetz: most people expect all webservers to be port 80...
[03:31] <kgoetz> thomas_newbie__: look into 'security by obscurity'
[03:51] <thomas_newbie__> kgoetz: well i've been reading
[03:51] <thomas_newbie__> kgoetz: and what exactly did you mean of security through obscurity
[03:51] <thomas_newbie__> kgoetz: the fact that I'm ignoring everything else and just changing the port # as a quick fix?
[03:52] <kgoetz> thomas_newbie__: basically, yes
[03:58] <thomas_newbie__> kgoetz: can i ask you one more question
[03:59] <kgoetz> sure
[03:59] <thomas_newbie__> kgoetz: if you don't think I should learn by using UML, then what should i learn next? Conserning my Webserver however
[04:00] <kgoetz> thomas_newbie__: learn something thats useful to you - make the system do what you want it to.
[04:00] <kgoetz> as you learn more you can try and make it do different things
[04:01] <thomas_newbie__> shall I try to use PHP adn PERL?
[04:01] <kgoetz> what do you want to do?
[04:02]  * kgoetz doesnt use either
[04:02] <thomas_newbie__> secure the server
[04:02] <thomas_newbie__> loggi
[04:04] <thomas_newbie__> you don't use PHP for your webserver?
[04:04] <thomas_newbie__> kgoetz:
[04:05] <kgoetz> not at home, at work we run (eg) mediawiki, an dneed it for that
[09:49] <XiXaQ> I would appreciate it if someone could have a look at http://wiki.ubuntu.com/CalendarServer and finish it. What's necessary, is making a user for it, scripts for /etc/init.d and scripts to run it at boot and shut it down with the system.
[15:28] <oly-> hum, i just installed request tracker to try it out, but have no idea what port / address i need to type in to get up the web interface
[15:28] <oly-> anyone happen to know ?
[15:28] <jjesse> i thought it was /rt
[15:29] <jjesse> http://localhost/rt?
[15:29] <oly-> just tried that nothing
[15:29] <oly-> this is straight from gutsy repo version 3.6
[15:30] <oly-> its a real shame they dont put a note in the descriptions of these packages with how to access the web interfaces
[15:31] <oly-> i hit this problem far to often :p
[15:31] <sommer> oly-: have you seen this guide: http://wiki.bestpractical.com/view/UbuntuInstallGuide
[15:32] <sommer> oly-: on my installation I created a vhost and I simply go to the "ServerName" directive
[15:32] <oly-> nope thxs that looks like it will ansswer my question :)
[15:32] <oly-> well usually the deb files do all that for you
[15:33] <sommer> oly-: np, basically create a new vhost pointing the DocumentRoot to /usr/share/request-tracker3.6/html/
[15:33] <sommer> oly-: ya, but with webapps it's more open to the admins preferences I think
[15:33] <oly-> okay will do thxs for that info :)
[15:33] <sommer> welcome
[15:33] <oly-> i am all for that but a default setup is nice
[15:34] <oly-> i only want to give it a quick try to see if its any good
[15:34] <sommer> oly-: I've found it to be great, as a help desk anyway
[15:35] <oly-> cool, i mainly need ldap support and a simple interface
[15:35] <oly-> with e-mail support as well for sending in requests
[15:35] <sommer> oly-: LDAP is a little tricky, but the RT wiki has instructions
[15:36] <sommer> and email support works great as well :)
[15:36] <oly-> yeah LDAPs often tricky lol
[15:41] <pubo> hi everybody!
[15:41] <pubo> does anyone use ldap + phpldapadmin?
[15:42] <pubo> I'm getting the message "Could not start TLS. Please check your LDAP server configuration."
[15:42] <sommer> pubo: is your LDAP server using STARTTLS?
[15:43] <pubo> uhm, I'm not sure, but if I do "ldapsearch -x -Z" the output is correct
[15:43] <pubo> sommer, /etc/init.d/slapd starttls?
[15:44] <sommer> pubo: ah you should be good then... can you login using TLS, I guess should have been my question :)
[15:45] <pubo> and netstat says: *:ldaps                 *:*                     LISTEN     8017/slapd, so I thought slapd is correctly configurated
[15:45] <pubo> was
[15:46] <sommer> pubo: in your config.php do you have: $ldapservers->SetValue($i,'server','tls', true); ?
[15:47] <pubo> yes, but if I change it to false, then everything goes right
[15:47] <sommer> pubo: is your ldap server using a self-signed cert?
[15:48] <pubo> I made my self CA, and then I created a certificate and signed it
[15:48] <sommer> ah you might try adding 'TLS_REQCERT never' to /etc/ldap/ldap.conf and see if works with 'tls', true
[15:49] <pubo> with Common Name = server.domain.es
[15:49] <dthacker-work> Hi,  I'm running postfix on ubuntu-server and I'd like to get reports on the how much traffic is going through.  Are there specific packages that you would recommend?
[15:49] <pubo> sommer, I'm goin to... :)
[15:50] <pubo> nothing :"(
[15:52] <sommer> pubo: MMMmmm... I'm pretty sure that's what worked for me, another thing you can try is run a packet sniffer (like wireshark) and see where the LDAP communication is failing
[15:53] <sommer> pubo: also try running slapd from the console with a high debug ouput: slapd -h "ldap:// ldaps://" -d -1 -f /etc/ldap/slapd.conf
[15:54] <pubo> I was doing that xD. Please, take a look at:
[15:54] <pubo> tls_read: want=5 error=Resource temporarily unavailable
[15:54] <pubo> TLS trace: SSL_accept:error in SSLv3 read certificate verify A
[15:55] <sommer> pubo: does slapd have permission to read the cert?
[15:55] <pubo> yes, I changed the permissions to 755
[15:55] <pubo> Do you want I post in pastebin the whole auth log?
[15:56] <sommer> sure
[15:56] <pubo> http://pastebin.com/m7c399685
[15:59] <sommer> pubo: I think you have tls started
[16:00] <sommer> are you running phpldapadmin on the same host as your ldap server?
[16:01] <pubo> yes, but I'm trying to login from another PC as the server doesn't have any browser installed
[16:02] <sommer> pubo: gotcha
[16:02] <pubo> really?!!
[16:03] <sommer> heh, I understand your setup now anyway... you tried the TLS_REQCERT option on the phpldapadmin server, correct?
[16:04] <pubo> uhm, don't know xDD. I'm very noob in ldap :)
[16:05] <pubo> I only want to configure ldap to use TLS, and manage it with phpldapadmin. But I'd like the client-server authentication were through TLS
[16:06] <sommer> pubo: sure, the TLS_REQCERT option in /etc/ldap/ldap.conf determines whether or not the LDAP client verifies the servers certificate
[16:08] <pubo> sommer, in both archives (slapd.conf and ldap.conf) I't set TLS_REQCERT     never
[16:09] <sommer> pubo: and still not working?
[16:10] <pubo> no :(
[16:14] <pubo> ufff, that's stressing xD
[16:16] <pubo> sommer, in login DN should I have something like cn=admin,dc=server,dc=es ?
[16:16] <sommer> pubo: in your phpldapadmin config.php?
[16:17] <pubo> no, in the login dialog at phpldapadmin page
[16:17] <sommer> ah, in my install I do
[16:17] <pubo> I did not made any change in config.php
[16:18] <pubo> did make... sorry (spanish) xDD
[16:18] <sommer> okay, I login to phpldapadmin using the full dn
[16:19] <sommer> but I also bind with the full dn in config.php
[16:19] <pubo> ok, I'm going to try it
[16:23] <citybird> hello. i have a question about pxe servers
[16:24] <pubo> :'''(
[16:24] <citybird> i have configured my ubuntu linux install with tftpd and downloaded the network boot image and started the daemon...
[16:25] <citybird> then i added the servername as the tftp server on my windows dhcp server...
[16:26] <citybird> problem.. every tutorial i have found say use the dhcp server as your pxe server but they dont say how to configure the dhcp server specificly if your pxe server is somewhere else.
[16:28] <sommer> pubo: are you using port 389 in your config.php?
[16:29] <pubo> sommer, nop, 636 :S
[16:30] <sommer> pubo: you might try 389... TLS works over the default port, 636 is for SSL IIRC
[16:30] <pubo> Error message from phpldapadmin: "LDAP said: Operations error". And google get no results.. ¿?¿??¿
[16:31] <sommer> pubo: when using 389?
[16:32] <pubo> every time. Using it and with 636 port :(
[16:32] <sommer> so you tried 389?
[16:32] <pubo> I start ldap server with: /usr/sbin/slapd -h ldap:/// ldaps:/// -g openldap -u openldap
[16:32] <pubo> sommer, yes, I've just tried it
[16:33] <pubo> maybe group and user should be www-data?
[16:33] <sommer> pubo: nope openldap is correct user and group
[16:34] <sommer> try adding the -f /etc/ldap/slapd.conf option
[16:34] <sommer> just to make sure it's using the correct config file
[16:39] <pubo> no...
[16:39] <pubo>  -h 'ldap:/// ldaps:///'  (is this correct?)
[16:40] <sommer> pubo: yep
[16:40] <pubo> sommer, do you have installed ldap on your pc? Could you send me the configs?
[16:41] <sommer> pubo: sure, I'll pastebin
[16:43] <pubo> http://pastebin.com/m11c956c7
[16:43] <pubo> this is my TLS config and ldapsearch output
[16:47] <sommer> pubo: here's mine: http://pastebin.com/m7020400
[16:47] <sommer> it's migrated from a redhat config so some things may not be 100% the same
[16:52] <pubo> :O
[16:53] <citybird> oops, it's working now.
[16:53] <pubo> no, but...
[16:53] <pubo> I changed my slapd.conf to TLSCertificateFile /etc/ssl/empresaCA/newcert.pem
[16:53] <pubo> TLSCertificateKeyFile /etc/ssl/empresaCA/newreq.pem
[16:54] <pubo> TLSCipherSuite HIGH
[16:54] <pubo> (Removed CA path)
[16:55] <pubo> and now, when I do ldapsearch -x -Z, I get:
[16:55] <pubo>  additional info: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
[16:56] <pubo> I made a wrong certificate?
[17:49] <zul> afternoon
[17:57] <pubo> sommer, are you there?
[17:58] <pubo> sommer, do you remember the guide you read to made ldap on your network?
[17:58] <sommer> just got back
[17:59] <sommer> yep: http://www.oreilly.com/catalog/ldapsa/
[18:19] <pubo> oki, thanks a million :)
[18:21] <sommer> pubo: np, it feels like you're really close though
[18:23] <pubo> I must make a mistake in somewhere. I've just tried to implement ldapserver with phpldapadmin and TLS in a VMWARE virtual machine, and this time everything has gone right, so I think I will start from the beggining :)
[18:27] <sommer> pubo: ah... sometimes that works best :-)
[18:36] <poor_man> hi all
[18:37] <poor_man> how can i list the unfformated newly added drives to my machine?
[18:38] <poor_man> i tried df command but only shows formated and mounted drives
[18:39] <sommer> pubo: you can look though dmesg... dmesg | grep -i sda for example
[18:39] <sommer> woops meant poor_man
[18:41] <poor_man> dmesg thats the command
[18:41] <poor_man> and the next command to format and mount it
[18:42] <poor_man> format it as EXT3, the entire disk and after make a mount
[18:43] <sommer> poor_man: you'll need to create a partition with fdisk... fdisk /dev/sda (or whatever your drive is)
[18:43] <poor_man> thanks, lets try that
[18:44] <sommer> poor_man: you might also take a look at this article: https://help.ubuntu.com/community/Mount
[19:12] <nxvl_work> soren: now that the alpha3 is out, can you upload Bug #130836
[19:12] <ubotu> Launchpad bug 130836 in apache2 "Specify OpenDocument icon(s) in Apache2 configuration" [Wishlist,Confirmed] https://launchpad.net/bugs/130836
[20:41] <ScatterBrain> Anyone running vmware 1.0.4 on Gutsy 32-bit?
[20:43] <jjesse> ScatterBrain: i'm running vmware server
[20:43] <jjesse> 1.0.4
[20:44] <ScatterBrain> jjesse: on 32-bit Gutsy?
[20:44] <jjesse> ScatterBrain:  yes
[20:45] <ScatterBrain> jjesse: Any hoops you had to jump through?
[20:45] <jjesse> ScatterBrain:  1.0.4 build-56528
[20:45] <jjesse> i followed the isntall guide (google vmware install gutsy)
[20:45] <ScatterBrain> Or simply d/l the tar ball and install?
[20:45] <jjesse> i think its from christer edwards
[20:46] <jjesse> http://ubuntu-tutorials.com/2007/11/17/install-vmware-server-on-ubuntu-710-gutsy-gibbon-updated/
[20:46] <ScatterBrain> fopund it...reading...thx.
[20:47] <jjesse> np
[20:57] <Nafallo> partner has it
[21:08] <ScatterBrain> Nafallo: the parner repos?  Has vmware server?
[21:09] <Nafallo> yes. but correctly spelled.
[21:09] <ScatterBrain> heh  ;-)
[21:09] <ScatterBrain> hmmm... me goes to check that out
[21:21]  * emgent hi
[21:46] <jvargas> hi
[21:48] <jvargas> let's say i installed subversion in a partition of 100Gb, what if the available space becomes unavailable, can i some way join another partition to supply 100Gb more of space for the same subversion repository directory?
[21:49] <jvargas> /srv/svn for example is mounted on /dev/hda, can i do something so that the space is merged with /dev/hdb's ?
[22:09] <mathiaz> jvargas: you need to use lvm to do that kind of partition management.
[22:12] <jvargas> mathiaz: already using LVS
[22:12] <jvargas> but the filesystem auto resizes ?
[22:17] <mathiaz> jvargas: you can resize ext3 filesystem - have a look at resize2fs
[22:30] <danp> i'm trying to preseed network info from the boot line but i'm having trouble (i think) with sourcing confmodule in my early script. anyone familiar with that?
[22:41] <nealmcb> XiXaQ: I'm poking at https://wiki.ubuntu.com/CalendarServer  Thanks!!   I would think  that recurring events are possible with webcal also?  Specifying the format of the files (ical?) would help.
[22:42] <nealmcb> or perhaps a reference to http://en.wikipedia.org/wiki/Webcal
[22:43] <danp> irissssh