[00:01] <Dimitree> how can i check if my apache supports mod rewrite ? or is there a simple way to make phpbb3 sitemap and seo ?
[00:07] <Dimitree> nevermind =)
[01:04] <m1r> hello
[01:05] <m1r> i am trying to install gnome desktop on ubuntu server, but it dosent show top window borders, any help
[01:05] <m1r> ?
[01:05] <soren> Ask in #ubuntu.
[01:05] <m1r> ok tnx
[01:48] <helfire> are there any tutorials on changing from php to suPHP?
[01:51] <faulkes-> not that I know offhand, check ubuntu-tutorials.com
[01:58] <helfire> i just have a production machine, wanta make sure everything goes right
[01:58] <helfire> actually i'm setting up a VM to test it out on first
[01:58] <helfire> if i cant find a good tutorial
[02:01] <faulkes-> well, if it's a production machine, vm is always a good route to go to test out changes
[02:55] <Dimitree> is this a safe way to recover mysql password ? http://www.debianadmin.com/recover-mysql-database-root-password.html
[02:56] <Dimitree> will this leave any security risks ? = ) please help
[02:57] <frame45> foo u there
[03:02] <antdedyet> Dimitree: if mysqld_safe listens on any interfaces, it could be a security issue while you are running with the skip-grant-tables; might want to comment out any interface statements in my.cnf
[03:02] <antdedyet> also, local issues could arise if regular users have mysql access
[03:03] <sommer> jdstrand: so should the sysctl.conf instructions be included in the ufw section as well?
[03:03]  * antdedyet double checks that last point ... I'm not sure non-superusers are allowed to connect while mysqld is running with skip-grant-tables.
[03:03] <jdstrand> sommer: I was just going to email you
[03:03] <jdstrand> did you read the bug report?
[03:04] <Dimitree> i dont have users yet :) antidedyet i have reset the password using this guide http://ubuntu.flowconsult.at/en/mysql-set-change-reset-root-password/
[03:04] <sommer> jdstrand: heh... yep, also noticed your email wasn't very old
[03:04] <Dimitree> do i have to disable anything after that or i just star mysql allover ?
[03:04] <jdstrand> yeah-- I just invalidated that
[03:04] <jdstrand> sommer: you do, but ufw has a separate sysctl.conf file in /etc/ufw/sysctl.conf
[03:04] <jdstrand> I am adding it in there
[03:05] <jdstrand> and will get it uploaded tomorrow
[03:05] <jdstrand> /etc/ufw/sysctl.conf will have:
[03:05] <antdedyet> Dimitree: once you run update ()  and set the root password, you can ^C  the mysqld_safe process and re-run the /etc/init.d/mysql start.
[03:05] <jdstrand> # uncomment this to allow this host to route packets between interfaces
[03:05] <jdstrand> #net/ipv4/ip_forward=1
[03:06] <sommer> jdstrand: ah, bonus
[03:06] <antdedyet> The new pass will then be in place and prompted for the new password on mysql client invocation.
[03:06] <jdstrand> also, net/ipv6/ip_forward does not exist (for your iptables section)
[03:07] <sommer> jdstrand: so when you set DEFAULT_FORWARD_POLICY ufw will turn forwarding on in /etc/ufw/sysctl.conf
[03:07] <jdstrand> no
[03:07] <Dimitree> antdedyet, is it possible to run the safe and reguler at the same time ? this guide i used had an exit command at the end and i started mysql after that and was able to login with new pasword ? im wondering if the safe one is still running ?
[03:07] <jdstrand> sommer: I was thinking I could make that assumption, but I thought wrong
[03:08] <sommer> jdstrand: I see, so update the ufw section to use /etc/ufw/sysctl.conf instead of /etc/sysctl.conf?
[03:08] <jdstrand> sommer: will have to do both /etc/ufw/sysctl.conf and /etc/default/ufw in the version that will ship with hardy
[03:08] <jdstrand> sommer: well, either would work-- but for forward compatibility, yes
[03:09] <jdstrand> (in this version it won't matter)
[03:09] <sommer> jdstrand: cool, I'll adjust the steps
[03:09] <jdstrand> but other than flipping ip_forward, I went through the MASQUERADE section and it looks good
[03:10] <sommer> that's good, I think that's a good example of using custom rules
[03:10] <jdstrand> sommer: /etc/sysctl.conf is wrong about net.ipv6.ip_forward
[03:11] <sommer> jdstrand: heh... was just going to ask for clearification on that
[03:11] <jdstrand> doesn't exist
[03:12] <sommer> okay, I'll remove that as well
[03:12] <sommer> jdstrand: wait... by doesn't exist, do you mean it's not in the file?
[03:13] <sommer> or the line in the file shouldn't be there?
[03:13] <jdstrand> $ ls /proc/sys/net/ipv6/ip_forward
[03:13] <jdstrand> ls: cannot access /proc/sys/net/ipv6/ip_forward: No such file or directory
[03:13] <sommer> ah, I'm with ya
[03:14] <sommer> would that be a bug then?
[03:14] <jdstrand> $ sudo sysctl -A 2>/dev/null| grep ip_forward
[03:14] <jdstrand> net.ipv4.ip_forward = 0
[03:14] <jdstrand> no, it would be configured in conf/*/forwarding
[03:15] <sommer> okay, I'll fix the doc
[03:16] <sommer> jdstrand: thanks again for your feedback
[03:17] <jdstrand> sommer: should be net.ipv6.conf.default.forwarding=1
[03:18] <sommer> ah, so why isn't that in /etc/sysctl.conf?
[03:20] <jdstrand> that's the bug
[03:21] <sommer> aaahhh... now I'm really with ya
[03:22] <sommer> jdstrand: so I'll update the ipv6 forwarding to net.ipv6.conf.default.forwarding=1 and add #net/ipv4/ip_forward=1 to /etc/ufw/sysctl.conf, correct?
[03:23] <jdstrand> yes on ipv6
[03:23] <sommer> will the net/ipv4/ip_forward=1 already be in the file and just need uncommenting or will it need to be added?
[03:23] <jdstrand> no on /etc/ufw/sysctl.conf
[03:23] <jdstrand> I am uploading a new version of ufw
[03:23] <jdstrand> it will have the net/ipv4/ip_forward=1 in there, but commented
[03:24] <jdstrand> the docs should simply say to uncomment it
[03:24] <jdstrand> (so yes to your last comment)
[03:24] <jdstrand> *sigh*
[03:24] <sommer> gotcha, will you need to do a sysctl -p /etc/ufw/sysctl.conf after uncommenting?
[03:24] <jdstrand> sommer: yes to 'will the net/ipv4/ip_forward=1 already be in the file and just need uncommenting'
[03:25] <Dimitree> oh shait :/ now that i changed mysql pass the Lamp is broken >__< dang dang
[03:25] <sommer> jdstrand: I'm with ya... apologies I got a little confuseded by the ipv6 thing
[03:25] <antdedyet> Dimitree: Ah, so the ^C isn't applicable since mysqld_safe --skip-grant-tables will background itself, so the '/etc/init.d/mysql stop' is the easiest route after you 'flush privileges;'
[03:25] <jdstrand> sommer: the 'sudo ufw disable && sudo ufw enable' will handle it
[03:26] <sommer> jdstrand: party
[03:26] <sommer> I'll update and commit the changes
[03:26] <jdstrand> sommer: fyi-- normally you wouldn't have to disable/enable in this way, but because you are changing default policies, you need to
[03:26] <jdstrand> sommer: thanks!
[03:27] <Dimitree> antdedyet,  ok i stoped and started ti again thank you :)
[03:27] <sommer> jdstrand: np, thank you
[03:27] <antdedyet> Dimitree: np
[03:43] <dendrobates> antdedyet: I'm glad to see you becoming active in the server community.
[03:45] <sommer> jdstrand: another quick question to double check, will the net.ipv6.conf.default.forwarding=1 line be in /etc/ufw/sysctl.conf as well?
[03:45] <jdstrand> sommer: yes
[03:45] <sommer> cool, doc's updated
[03:45] <jdstrand> \o/
[03:46] <sommer> should a bug be filed about the current ipv6 sysctl line?
[03:47] <sommer> I documented it like it was already there :-)
[04:00] <antdedyet> dendrobates: Awesome. Time and pressure has only recently started permitting such activity.
[08:25] <kraut> moin
[08:55] <ivoks> someone lives in amsterdam?
[08:55] <soren> According to wikipedia, more than 700000 people, yes.
[08:55] <ivoks> i hear there are wallets laying around the whole city
[08:56] <soren> Eh?
[08:56] <ivoks> thousands of them :)
[08:56] <ivoks> http://www.splinq.com/en/news/splinq-launches-new-discount-site-in-the-netherlands
[08:57] <soren> Wow. Large scale littering.
[08:58] <soren> They should get this guy to come and clean up: http://upload.wikimedia.org/wikipedia/commons/0/00/International_tidyman.svg
[08:58] <soren> He's awesome.
[08:58] <ivoks> hehe
[09:06] <_ruben> holland, yes; amsterdam, no; guess i'll stick to my own wallet then ;)
[10:12] <AnRkey> why would my samba server give very slow transfer speeds?
[10:53] <wkornewald> what's the difference between a debian and an ubuntu server? I want to choose a VPS and I'm not sure which one is easier to maintain/setup
[10:54] <_ruben> ubuntu is based upon debian, so globally they're identical, but they differ in the details
[10:54] <wkornewald> BTW, I don't like fiddling with settings and compiling my custom kernel/apps. it should just work with the minmum amount of effort on my side
[10:54] <_ruben> maintainance and setup arent that much different i think, tho ofcourse, here you'd only hear that ubuntu is easier/better/etc
[10:55] <wkornewald> well, at #linux some guys told me that ubuntu isn't as stable as debian and security fixes will become a problem
[10:55] <_ruben> well .. that depends on your definition of "fiddling with settings", no distro will do exactly what you do out of the box
[10:55] <_ruben> ubuntu has a way faster release cycle, which might make you think its less stable, you do however get newer software in return, and thats a fact
[10:57] <wkornewald> all I need is a very basic LAMP system (PHP for phpmysql only; otherwise Python for the web app)
[10:58] <_ruben> installing a lamp system (based on php) is a one-liner on ubuntu .. adding python support might just be another single line (never done it)
[10:58] <wkornewald> I might even use GMail for email handling (i.e.: point my mx to their server) if that makes things simpler for me (no SPAM filter, etc.)
[10:59] <wkornewald> the Python stuff isn't the problem. the initial LAMP setup and security and maintenance are my problems. it's the first time I'll have a VPS (i.e., root access)
[11:00] <wkornewald> is it really as simple as running "apt-get update"+upgrade regularly (esp. when http://www.ubuntu.com/usn shows something new)?
[11:00] <_ruben> seting up LAMP is one command .. security and maintenance, well, subscribe to the ubuntu security lists and keep your install up to date
[11:00] <_ruben> pretty much yeah
[11:00] <wkornewald> and what does "pretty much" mean? there must be a catch ;)
[11:01] <_ruben> and "sudo apt-get install lamp-server^" is all you need to get a LAMP setup running ;)
[11:01] <wkornewald> cool. I think my VPS might even come pre-installed with LAMP (at least Apache and MySQL are)
[11:02] <_ruben> well, it depends on the level of security and all you want to have .. having your system firewalled properly is a must as well ofcourse
[11:03] <wkornewald> since I won't run any publicly accessible services apart from http and ssh the firewall part shouldn't be too difficult I hope
[11:04] <wkornewald> is there a good security checklist for ubuntu LAMP servers?
[11:42] <_ruben> wkornewald: not that im aware of (was having lunch)
[11:50] <wkornewald> _ruben, which DB would you recommend, BTW? I guess that any serious web app will need transactions, so the comparison would be mysql+innodb vs postgresql and here the speed difference isn't so significant, is it?
[11:51] <wkornewald> to me, mysql currently looks more interesting because it got (or will get) acquired by sun
[11:59] <_ruben> i only have experience with mysql (and a little mssql on our windows systems)
[11:59] <wkornewald> ok. I'll probably go with mysql since it's pre-installed
[13:42] <ivoks> am i missing something here?
[13:42] <ivoks> mysqladmin --defaults-extra-file=/etc/mysql/debian.cnf create $database_name
[13:44] <sommer> ivoks: feels good to me... do you need -u username -p?
[13:45] <ivoks> hm, no
[13:45] <ivoks> but it works wihtout -extra part
[13:45] <ivoks> is there a special reason why dbconfig-common isn't in main? :(
[14:02] <ivoks> Access denied for user 'debian-sys-maint'@'localhost' to database 'bacula'
[14:02] <ivoks> i touhgt debian-sys-maint is mighty account :)
[14:04] <sommer> it's mighty in my eyes... heh
[14:04] <sommer> fyi the dev docs are on the web: http://doc.ubuntu.com/ubuntu/server/C/index.html
[15:10] <tjaalton> sommer: hey, re: vmware; now that lum contains open-vm-tools, I guess the vmware-tools in lrm are redundant?
[15:10] <tjaalton> don't know when they were built the last time
[15:13] <sommer> not too sure, soren or zul probably know more
[15:16] <soren> eh?
[15:16] <soren> Oh, same again :)
[15:19] <_ruben> hrm .. just downloaded server edition of hardy alpha4 and it seems like it looks straight through my raid array :(
[15:19] <_ruben> dell sc1420 machine, with both scsi and sata raid controller
[15:25] <_ruben> hmm .. "HostRAID" .. probably some fancy name for software raid :/
[15:32] <soren> _ruben: It's called fakeraid.
[15:32] <soren> _ruben: ...if you want to google for it.
[15:37] <_ruben> soren: yeah .. i had some small hope for it being real raid .. untill i noticed the 'hostraid' part (combined with the fact that ubuntu sees raw disks) .. setting up s/w raid + lvm atm :)
[15:37] <_ruben> since afaik thats still prefered over fakeraid
[15:40] <soren> _ruben: If the price tag leaves you in any sort of doubt as to whether it's proper hardware raid or not, then it's not.
[15:40] <soren> Really.
[15:41] <_ruben> soren: its an old box
[15:41] <_ruben> so pricetag isnt on it no more :p
[15:41] <soren> Was it free?
[15:41] <soren> Then stop complaining. :)
[15:41] <_ruben> no, but bought years ago
[15:41] <_ruben> and not by me personnally
[15:44] <_ruben> just a no longer used machine im gonna use to play with kvm and test stuff
[15:59] <_ruben> crap .. cpu too old .. no vt, thus no kvm
[16:11] <_ruben> crap .. qemu requires framebuffer .. lets continue tomorow
[17:02] <soulc> is there vsftp for ubuntu?
[17:03] <soulc> got it needed the d on the end
[17:05] <foo> Anyone use logwatch? I was writing a custom script to grab logs on systems, parse them, and e-mail... but I think I should just be using logwatch.
[17:06] <soulc> where can I get help with mail?
[17:15] <faulkes-> soulc: https://help.ubuntu.com/community/Servers has mail related documentation
[17:15] <faulkes-> however "mail" is a rather large subject, perhaps you can be more specific
[17:47] <soulc> ture
[17:47] <soulc> ha ha  1/2 an hour later
[17:47] <soulc> ture
[17:47] <soulc> damn
[17:47] <soulc> true
[17:49] <soulc> ok I installed the internet mail server postfix local mta and I guess a smtp program for internet mail....
[17:50] <soulc> I guess that is right.  sorry if I hit <enter> too often went from irc to im then both irc and im
[17:50] <soulc> ls -al /var/log
[17:51] <soulc> opps
[17:58] <peterdv> OK, when it comes to postfix, I wil recommend you to have a look at http://www.postfix.org/docs.html and especially the excellent notes from Ralf Hildebrandt (http://www.postfix.org/docs.html). The path to take really depends on your requirements (authorization, security, spam filtering etc.). I am afraid that it takes some time to explore the various different architectures available. Personally I find postfix an excellent ch
[18:03] <peterdv> Sorry, Rlaf's work is at http://www.arschkrebs.de/postfix/
[18:03] <faulkes-> I would also consider reading the Server Guide page about Postfix
[18:03] <faulkes-> https://help.ubuntu.com/7.10/server/C/postfix.html
[18:04] <faulkes-> and peterdv's suggestions are both excellent resources
[18:06]  * ScottK would add that the postfix documentation is not organized for beginners.  "The Book of Postfix" will tell you everything you need to know and more.
[18:07] <peterdv> True
[18:10] <ivoks> hello
[18:11] <ivoks> mathiaz: any objections on filling mir for dbconfig-common?
[18:12] <mathiaz> ivoks: it will rejected.
[18:12] <mathiaz> ivoks: it will be rejected.
[18:12] <ivoks> is there a special reason?
[18:12] <mathiaz> ivoks: it has already been looked at. moodle had to be changed in order to get in main.
[18:13] <mathiaz> ivoks: so the option is to drop dbconfig-common.
[18:13] <ivoks> ok, i'll take a look at moodle to see how it's done
[18:13] <ivoks> everything else i've already striped
[18:14] <ivoks> bacula builds now only with main libs
[18:28] <ivoks> mathiaz: wwwconfig was droped; there's no mention of dbconfig
[18:31] <mathiaz> ivoks: so how does moodle handle db creation ?
[18:31] <ivoks> trough large perl scripts
[18:31] <ivoks> i'll copy that
[18:32] <ivoks> but having dbconfig would make it easier...
[18:32] <soulc> thanks for the resources
[19:07] <faulkes-> today, my valentine goes to squid proxy
[19:07]  * faulkes- <heart> squid
[19:11] <sommer> faulkes-: details!
[19:14] <faulkes-> heh
[19:15] <faulkes-> I have my niece staying with me and lets say, teenagers aren't particularly aware or caring of what they install / download
[19:15] <faulkes-> so I forced the only windows box here into a proxy, which bans a bunch of sites and rate limits others
[19:16] <faulkes-> leaving my precious bandwidth alone so I can download ubuntu iso's
[19:16] <sommer> sweet
[19:17] <faulkes-> as much fun as it is having to clean up malware, spyware and all the other junk that gets infested on windows
[19:17] <jronnblom> nice thing about squid is that it is simple to connect to Active Directory and with NTLM authentication in the background the users don't know that they're running through a proxy
[19:18]  * faulkes- nods
[19:18] <jronnblom> and finally the squidguard project has come back from death (died in early 2000 i think)
[19:20] <jronnblom> I have a box with ~ 3000 clients connected through dapper + modfied squid ;)
[19:25] <moos3> can anyone help me with a openldap issue?
[19:26] <peterdv> Dont know ....
[19:26] <faulkes-> aye, I used to run squid for my isp, forward and reverse
[19:26] <moos3> Feb 14 13:59:39 edgecomb slapd[4606]: @(#) $OpenLDAP: slapd 2.3.35 (Dec  3 2007 20:02:39) $ ^Ibuildd@terranova:/build/buildd/openldap2.3-2.3.35/debian/build/servers/slapd
[19:26] <jronnblom> replaced it with what?
[19:26] <moos3> any ideas what that means
[19:27] <faulkes-> jronnblom: no idea, sold it in '99 after we brought it to a regional level, for all I know, they could still be running it
[19:29] <faulkes-> that would appear to be a startup message for slapd
[19:29] <faulkes-> it is an informational message, not an error
[19:29] <faulkes-> unless there is stuff after it, which is more error-like in nature
[19:30] <faulkes-> jron: since then I've worked with f5's and cisco stuff mostly
[19:30] <moos3> all i did was change was access to attrs=userPassword,sambaNTPassword,sambaLMPassword from access to attrs=userPassword,shawdowChanges
[19:31] <moos3> any ideas why it fails in 7.10
[19:31] <faulkes-> define "fail"
[19:31] <moos3> slapd wont start
[19:32] <faulkes-> any other slapd messages in the log other than the startup message?
[19:32] <moos3> root@edgecomb:/home/richard# /etc/init.d/slapd restart
[19:32] <moos3> Stopping OpenLDAP: slapd.
[19:32] <moos3> Starting OpenLDAP: slapd - failed.
[19:32] <moos3> The operation failed but no output was produced. For hints on what went
[19:32] <moos3> wrong please refer to the system's logfiles (e.g. /var/log/syslog) or
[19:32] <moos3> try running the daemon in Debug mode like via "slapd -d 16383" (warning:
[19:32] <moos3> this will create copious output).
[19:32] <moos3> Below, you can find the command line options used by this script to
[19:32] <moos3> run slapd and slurpd. Do not forget to specify those options if you
[19:32] <moos3> want to look to debugging output:
[19:32] <moos3>   slapd -g openldap -u openldap
[19:32] <moos3> thats all i get
[19:32] <moos3> sorry for the paste
[19:33] <peterdv> Did you try "slapd -d 16383" ?
[19:33] <moos3> yeah
[19:33] <faulkes-> and?
[19:34] <peterdv> Surely it was'nt silent
[19:36] <moos3> heres the output http://pastebin.org/19615
[19:36] <moos3> way to much to paste in here
[19:36] <peterdv> Thanks
[19:37] <moos3> ideas?
[19:39] <moos3> you want to see my config file for it?
[19:39] <peterdv> line 246: /etc/ldap/slapd.conf: line 101: unknown attr "sambaNTPassword" in to clause
[19:41] <moos3> so what should I cahnge it to then
[19:41] <sommer> is this for a school project?
[19:41] <moos3> no
[19:41] <moos3> I wish
[19:41] <sommer> testing?
[19:41] <peterdv> lines 202-203 was the samba schema read by slapd ? Is the file present ? permissions ?
[19:41] <moos3> becuase then I wouldn't be pressed for time
[19:42] <moos3> yeah testing a move from windows environment to complete open source
[19:42] <sommer> ah, I agree with peterdv. do you have the samba schema file loaded?
[19:43] <moos3> yeah
[19:43] <peterdv> "etc/ldap/slapd.conf: line 15: unknown directive <incldue> inside backend database definition (ignored)."
[19:45] <moos3> ok, looking to make sure
[19:50] <peterdv> I think what i tells you is that you have placed the include in a wrong place. I tend to start the file by including all the schema's right at the top of the file
[19:55] <moos3> ok there
[19:57] <moos3> ok I made sure the permissions are correct and still dies
[19:58] <Goosemoose> dendrobates, what was the link to the active directory authentication program? i forgot to write it down. i want to get it rolled into my preseed im running
[19:59] <dendrobates> Goosemoose: just a sec
[19:59] <Goosemoose> ok, thanks
[20:00] <avatar_> https://bugs.launchpad.net/ubuntu/+source/likewise-open
[20:00] <dendrobates> Goosemoose: https://launchpad.net/~dendrobates/+archive
[20:01] <Goosemoose> thanks dendrobates, is there instructions on how to install that with a preseed file somewhere/
[20:01] <Goosemoose> im pushing 200 computers
[20:01] <dendrobates> Goosemoose: there is a new upstream codedrop in a few minutes.
[20:01] <Goosemoose> ok, ill wait a few minutes to download
[20:02] <Goosemoose> even though it says for hardy, it will still work in the current release right?
[20:02] <dendrobates> Goosemoose: if you wait until it's in the archive it will be easier.
[20:02] <Goosemoose> when will that be?
[20:03] <dendrobates> Goosemoose: I hope to hvae it reviewed after the new code drop hits, then it will take a short time for it to show up.
[20:03] <dendrobates> Goosemoose: have you tested it?
[20:04] <Goosemoose> dendrobates, no i haven't tried it yet
[20:05] <Goosemoose> i set up one machine using a 8 page doc
[20:05] <Goosemoose> to connect to my AD domain
[20:05] <Goosemoose> users log into ubuntu with their AD account
[20:05] <Goosemoose> but replicating that on all machines would be a major PIA
[20:05] <Goosemoose> so ive been waiting for the utility release
[20:05] <dendrobates> Goosemoose: Are the machines using AD for DNS?
[20:05] <Goosemoose> yes
[20:06] <Goosemoose> It's a school
[20:06] <Goosemoose> I have 200 windows machiens
[20:06] <Goosemoose> now rolling out 200 ubuntu
[20:06] <Goosemoose> 6 in each classroom
[20:06] <Goosemoose> got a large donation from kinkos :)
[20:06] <Goosemoose> P4, 2.6 ghz machines
[20:06] <Goosemoose> work pretty well
[20:11] <dendrobates> Goosemoose: I'll ping you when the new release is up.
[20:12] <Goosemoose> dendrobates, ok thanks
[20:13] <Goosemoose> another server question, in my preseed I create an administrator user. And that account seems to automatically get administrator access. How can I create a normal user account as well?
[20:55] <jronnblom> Goosemoose: I do it with a script that I run in preseed using late-command
[20:56] <jronnblom> d-i preseed/late_command string preseed_fetch http://mywebserver/preseed/install_me.sh /target/root/install_me.sh ; chmod u+x /target/ro
[20:56] <jronnblom> ot/install_me.sh ; in-target /root/install_me.sh
[20:56] <Goosemoose> jronnblom, thats how you install new users, or install the AD script?
[20:58] <jronnblom> thats how I adapt thing on the desktop after the preseed install is finish (I add a local user account among other things)
[20:58] <jronnblom> In your case I suppose all you user accounts is in the AD?
[21:03] <moos3> ok back to sqaure one with ldap issue, samba is all configured and this is still giving me issues access to attrs=userPassword,shadowLastChange,sambaNTPassword,sambaLMPassword
[21:04] <moos3> ideas?
[21:06] <Goosemoose> jronnblom, yes
[21:08] <jronnblom> Goosemoose: you need help with an AD script to create new users, is that what your asking for or did I missunderstand the question?
[21:09] <Goosemoose> im asking lots of things :D
[21:09] <Goosemoose> dendrobates is posting the new version of his program
[21:09] <jronnblom> ;)
[21:09] <Goosemoose> i need to figure out how to work that into a preseed
[21:10] <jronnblom> you could use late_command and download a script which in turns uses wget to download the program...
[21:21] <Goosemoose> ok, guess i need to read up more about the program
[21:23] <jronnblom> me too, likewise-open seems almost to good to be true ;)
[21:24] <moos3> ok this doesn't make any sense at all, all the how-to's say this is correct access to attrs=userPassword,shadowLastChange,sambaNTPassword,sambaLMPassword I dont understand why it fails then
[21:53] <pwnguin> i think i confused the installer =(
[21:54] <pwnguin> im running the installer via ssh -- is there a way to reset the current decisions without rebooting?
[21:55] <pwnguin> it just sits at the partitioner at 50 percent saying please wait...
[21:56] <moos3> pwngiun: which installer
[21:56] <pwnguin> the text mode one?
[21:57] <moos3> so you booted off the cd and then started sshd and then connected?
[21:57] <pwnguin> yea
[22:00] <pwnguin> i was trying to browse for a raid option, and i might have run two menus at the same time
[22:01] <pwnguin> maybe ill just grab the cluster admin and see about resetting it
[22:11] <moos3> yeah
[22:13] <pwnguin> i can still bring up a root console
[23:01] <mathiaz> soren: can I run a guest using a logical volume as the root disk ?
[23:06] <soren> mathiaz: Sure.
[23:07] <mathiaz> soren: hum. how do you define that in the xml file ?
[23:08] <mathiaz> soren: I've tried using <disk type='block' device='disk'> but it fails.
[23:09] <mathiaz> soren: my xml configuration file: http://pastebin.ca/904456
[23:09] <soren> mathiaz: What happens if you just do type='file' ?
[23:10] <mathiaz> soren: and using a logical volume as a source ?
[23:10] <soren> akvist: Yup.
[23:11] <mathiaz> soren: I guess I meant yup for me.
[23:11] <mathiaz> soren: it fails with a qemu error: qemu: could not open disk image /dev/mapper/ubuntu-vm_hardy-server
[23:12] <mathiaz> soren: the configuration that is the paste works.
[23:12] <mathiaz> soren: if I comment type=file and use type=block instead, create fails.
[23:14] <soren> mathiaz: create? What exactly are you doing?
[23:14] <mathiaz> soren: I'm using virsh
[23:14] <soren> Ok.
[23:14] <mathiaz> soren: from the shell, I use the command "create vm/cfg/test-srv.xml"
[23:15] <soren> You probably want "define vm/cfg/test-srv.xml" instead
[23:15] <mathiaz> soren: ok. So how do I start a vm then ?
[23:15] <soren> mathiaz: start
[23:15] <soren> :)
[23:16] <soren> "create foo.xml" instantiates the domain. When you shut it down, it ceases to exist.
[23:16] <soren> "define foo.xml" adds it to libvirt, so to speak.
[23:16] <mathiaz> soren: hum... it's documented neither in the man page, nor in the help message.
[23:17] <mathiaz> soren: IIUC create = define+start
[23:17] <soren> No, the documentation really relies on you having the same understanding of the word "create" as the authors have.
[23:17] <soren> No.
[23:17] <soren> create = load+start
[23:17] <soren> (load is a term I just made up)
[23:17] <soren> It doesn't get defined.
[23:17] <soren> It just starts it.
[23:18] <soren> and when you stop it, it disappears again completely.
[23:18] <soren> If, however, you define it, libvirt remembers it. After defining it, you can start it.
[23:19] <mathiaz> soren: ok. you need to define if you want to have your guest persistant across host reboot.
[23:19] <mathiaz> soren: or when libvirtd is restarted
[23:19] <soren> Precisely.
[23:20] <mathiaz> soren: so if I use this xml file: http://pastebin.ca/904468
[23:20] <mathiaz> soren: define fails with the following error: libvir: QEMU error : hda
[23:20] <soren> won't work.
[23:20] <soren> a) you probably don't want localtime
[23:21] <soren> b) /usr/bin/qemu-system-x86_64 <---
[23:21] <soren> er..
[23:21] <soren> Hm...
 and <emulator>/usr/bin/qemu-system-x86_64</emulator> probably adds up to it trying to use kqemu.
[23:23] <soren> mathiaz: Oh.
[23:23] <soren> You need to:
[23:23] <soren> No, sorry. :)
[23:23]  * soren has tired eyes.
[23:24] <soren> I'm wouldn't have thought qemu/kvm cared whether the type was block or file.
[23:24] <soren> What's the exact error if you try with type='file' ?
[23:24] <soren> And which hypervisor are you connecting to?
[23:25] <mathiaz> soren: when using type='file
[23:25] <mathiaz> soren: I get: qemu: could not open disk image /dev/mapper/ubuntu-vm_hardy-server
[23:25] <mathiaz> soren: for the connection string, I've used: qemu:///system
[23:26] <mathiaz> soren: if this is what you meant with hypervisor I'm connecting to
[23:26] <soren> Yeah, that's what I meant.
[23:26] <soren> Erm...
[23:26] <soren> This is a logical volume?
[23:26] <mathiaz> soren: yes.
[23:26] <mathiaz> soren: not filesystem created on it.
[23:26] <soren> In that case, I'm not sure I belive that /dev/mapper/ubuntu-vm_hardy-server exists.
[23:27] <soren> Could you doublecheck?
[23:27] <soren> I'm guessing one of those - should be --.
[23:27] <mathiaz> soren: yes.
[23:27] <mathiaz> soren: you're right.
[23:28] <soren> \o/
[23:28] <mathiaz> soren: you have to use type=file
[23:28] <mathiaz> soren: so type-block doesn't work ?
[23:28] <soren> Right. I think type=block only makes sense for Xen.
[23:29] <mathiaz> soren: is there a way to specify that the vnc server should listen on 0.0.0.0 instead of 127.0.0.1 ?
[23:31] <soren> mathiaz: Yes, you can add listen='0.0.0.0'
[23:31] <mathiaz> soren: great !
[23:32] <soren> mathiaz: The docs are really awful, IMO.
[23:32] <mathiaz> soren: yes.
[23:32] <soren> mathiaz: Documentation by example doesn't work well in this case.
[23:32] <mathiaz> soren: so now I'm trying to boot using an iso: http://pastebin.ca/904473
[23:33] <soren> Ok.
[23:33] <mathiaz> soren: I've got an error while creating/defining.
[23:34] <soren> Yes?
[23:35] <mathiaz> soren: http://pastebin.ca/904473 is my configuration
[23:35] <mathiaz> soren: there isn't any specific error message
[23:35] <mathiaz> soren: just: libvir: QEMU error :
[23:38] <soren> mathiaz: Does it work anyway, by any chance?
[23:39] <mathiaz> soren: it seems the problem is <boot dev="cdrom">
[23:40] <soren> Ah, yes, your xml is invalid.
[23:40] <soren> it should be <boot dev='cdrom' />
[23:41] <mathiaz> soren: yeaaah ! It works :)
[23:41] <mathiaz> soren: It seems that you cannot define a cdrom as being hdb
[23:42] <soren> mathiaz: That's right.
[23:42] <soren> It's a limitation in qemu.
[23:43] <mathiaz> soren: I didn't get the network part.
[23:43] <mathiaz> soren: there are multiple options in the documentation for qemu
[23:44] <mathiaz> soren: which is the default in ubuntu ?
[23:45] <soren> mathiaz: I recommend virtual.
[23:45] <soren> mathiaz: It's got everything "user" has, and more.
[23:45] <soren> mathiaz: and doesn't require you to change anything at all on the host.
[23:46] <mathiaz> soren: ok