mIKEjONES | ubuntu is chrooting postfix and sasl so when I try authorizing (AUTH PLAIN) with SMTP I get this error in mail.warn "SASL authentication failure: cannot connect to saslauthd server: No such file or directory" | 00:24 |
---|---|---|
mIKEjONES | what can I do? | 00:25 |
lamont | mIKEjONES: the trivial answer is to edit /etc/postfix/master.cf and not chroot smtpd and smtp services | 00:37 |
mIKEjONES | hrm that still didn't fix it | 00:41 |
mIKEjONES | is there anyway of getting more explic messages than "Feb 18 18:41:23 ubuntu postfix/smtpd[10557]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or " | 00:42 |
mIKEjONES | maybe getting a path that it's trying to use | 00:42 |
lamont | -v on the end of the line in master.cf will make it more verbose... more -v will make it, um, moresop | 00:47 |
lamont | remember to reload postfix after editing master.crf | 00:48 |
ScottK | If you look in the Ubuntu Server documentation for Gutsy it tells you exactly how to get the saslauthd socket into the chroot. | 00:49 |
mIKEjONES | ScottK, http://www.howtoforge.com/perfect_server_ubuntu7.10_p5 ? | 00:52 |
mIKEjONES | I've found no official directions | 00:53 |
ScottK | No | 00:53 |
ScottK | Let me find it. | 00:53 |
ScottK | mIKEjONES: https://help.ubuntu.com/7.10/server/C/postfix.html | 00:54 |
lamont | ScottK: thanks | 00:54 |
ScottK | No problem. | 00:55 |
mIKEjONES | hehe | 01:03 |
mIKEjONES | thanks a lot ScottK and lamont | 01:04 |
sommer | dendrobates: I'm working on documenting likewise-open, but can't seem to join my domain :-) | 01:45 |
sommer | I think I'm getting the same time sync error that fabrizio was getting, even though I've synced with the DC | 01:46 |
sommer | dendrobates: it's also saying it can't find the DC in dns... so maybe that's the root issue, heh | 01:46 |
=== tiborio_ is now known as tiborio | ||
sommer | dendrobates: I do get .__MSBROWSE__. when doing: nmblookup -A domain... so I believe it's working | 01:50 |
rpj8 | Hey guys. Is there step-by-step instruction for configging hal with a cli installation | 02:53 |
pwnguin | if i wanted to find which applications ubuntu packages that use Xinput, would "apt-cache showpkg libxi6" be appropriate? | 03:20 |
pwnguin | intelligent people keep claiming there's only one, but that search turns up a lot of packages | 03:21 |
pwnguin | whoops | 03:28 |
pwnguin | wrong channel | 03:28 |
=== Bambi_BOFH is now known as kgoetz | ||
=== cjwatson_ is now known as cjwatson | ||
kraut | moin | 08:25 |
ere4si | how much hard disk space does the basic server install need? | 08:50 |
soren | ere4si: I forget the exact numbers, but I'm guessing around 350MB. | 08:51 |
ere4si | thks soren | 08:51 |
soren | Of course it probably won't be very useful without some space for storage and stuff. | 08:52 |
ere4si | want a partition for the server, nfs and a seperate one for file storage | 08:52 |
soren | Alright. | 08:53 |
spiekey | hey! | 09:01 |
spiekey | with a ldap backend...does samba then directly auth against the ldap database? | 09:02 |
soren | spiekey: In some circumstances, it can. | 09:07 |
[miles] | good morning guys | 09:11 |
[miles] | is there anything akin to 'chkconfig' in ubuntu please? | 09:11 |
[miles] | ah | 09:12 |
[miles] | sorry | 09:12 |
[miles] | found it | 09:12 |
[miles] | update-rc.d | 09:13 |
achandrashekar | hello.i have some ldap issues with my system and specifically with what appears to be a libnss issue. | 09:18 |
achandrashekar | my system will simply hang on boot | 09:19 |
achandrashekar | and im looking to resolve it. | 09:19 |
achandrashekar | i have seen the bug list but need a resolution. | 09:19 |
achandrashekar | any ideas? | 09:19 |
spiekey | soren: what circumstances are you thinking of? | 09:53 |
soren | spiekey: Well, you can't just take an existing ldap setup and expect samba to authenticate against it. | 09:53 |
soren | spiekey: The way linux usually does authentication is by sending your password over the wire, which is then matched against something. | 09:54 |
soren | spiekey: The way samba does it, the client generates a hash based on your password and sends *that* over the wire. | 09:54 |
soren | So the server needs to compare it to a hash that was generated by the same algorithm. | 09:55 |
soren | ...which is why samba can't authenticate against /etc/passwd and /etc/shadow. | 09:55 |
soren | You can use ldap to store the hashes from samba and thus use it as your authentication backend, but you're unlikely to be able to take an existing ldap setup and expect samba to use it for authentication. | 09:56 |
* soren -> coffee | 09:56 | |
spiekey | well, yes. Of course! But still this is a "direct" connection to ehe DB, it does not use pam or whatever.... it uses the ldap information from the smb.conf to establish the ldap connection to then do its password check. Thats what i meant ;) | 09:57 |
spiekey | soren: would you be so kind and get me one too, please? with lots of sugar. ;) | 09:57 |
* soren has no sugar and if he did, he wouldn't let it anywhere near his coffee :) | 10:02 | |
soren | spiekey: Yes, samba speaks ldap directly. | 10:03 |
* spiekey feels sick now | 10:03 | |
spiekey | soren: By the way...whats your real job? "Just" a normal admin? :) | 10:04 |
soren | spiekey: Virtualisation specialist. | 10:05 |
soren | spiekey: For Canonical. Working on Ubuntu. | 10:05 |
soren | Until quite recently I was "Ubuntu Server Developer". | 10:06 |
spiekey | sounds cool! | 10:07 |
spiekey | Virtualisation with Opensource tools? | 10:08 |
soren | Right. | 10:08 |
rooney | rer | 10:23 |
rooney | any cluster expert? | 10:23 |
rooney | http://paste.ubuntu-nl.org/56594/ | 10:24 |
rooney | i have problems with this 2 node cluster | 10:24 |
spiekey | i try to open a udp port on BoxA and run a Nmap Scan on HostB. | 10:25 |
spiekey | when i run my nmap scan the netctat daemon dies and nmap tells me that port is closed. | 10:25 |
spiekey | server: nc -u -l -p 33 | 10:25 |
spiekey | client: nmap -sU -p 33 localhost | 10:26 |
spiekey | any idea why netcat dies? | 10:26 |
achandrashekar | hello does anyone recall if the sudo addgroup --system nvram fixes the libnss issue with ldap-server boot issue? | 10:26 |
achandrashekar | its a bug thats been around a while. | 10:26 |
achandrashekar | i think it is critical for ldap now. | 10:27 |
spiekey | achandrashekar: what issue? | 10:27 |
achandrashekar | ldap-server does not boot with libnss package installed. | 10:27 |
achandrashekar | in 7.10 | 10:28 |
spiekey | i can not confirm this. I did loads of gutsy installations just a few days ago. | 10:28 |
spiekey | where does it hang exactly? | 10:29 |
achandrashekar | https://launchpad.net/ubuntu/+source/libnss-ldap/+bug/51315 | 10:30 |
ubotu | Launchpad bug 51315 in libnss-ldap "udevd: nss_ldap: failed to bind to LDAP server" [Undecided,In progress] | 10:30 |
_ruben | spiekey: netcat exists after first disconnect .. perhaps nmap connects twice (first will succeed, 2nd will fail) | 10:30 |
achandrashekar | there is description | 10:30 |
_ruben | s/exists/exits | 10:30 |
spiekey | _ruben: any idea how i could test my udp port then? | 10:31 |
achandrashekar | but there are other linked bugs associated with it. | 10:31 |
achandrashekar | online that is. | 10:31 |
achandrashekar | and its a rather serious issue for us guys trying to use ldapserver with things like ltsp failover | 10:31 |
_ruben | spiekey: you could try using xinetd or something similar instead | 10:33 |
youngmusic | Hey. I have some trouble starting slapd. I can start the proccess with 'sudo slapd', but when i use 'sudo /etc/init.d/slapd start' the server won't start. It doesn't give any error messages either. I have not done anything to the init script. I am changing things in slapd.conf, but that is used by the server also if i start with 'sudo slapd', so that can't be the problem, i guess. Any ideas? | 10:33 |
achandrashekar | fter reboot, system fails to boot. It stops on "Starting kernel log daemon" forever | 10:33 |
spiekey | achandrashekar: i see, it is indeed a big bugid :) | 10:33 |
achandrashekar | youngmusic: that is an easier issue....take a look at /var/log/syslog | 10:33 |
achandrashekar | youngmusic: create a file slapd.pid in /var/run | 10:33 |
soren | rooney: Hmm... Our cluster expert is not around right now :( | 10:33 |
achandrashekar | then chown it | 10:33 |
achandrashekar | to openldap:openldap | 10:34 |
achandrashekar | restart and you're good | 10:34 |
soren | rooney: That log is from node2? | 10:34 |
youngmusic | ok, thanks. The init script claims to create slapd.pid if it doesn't exist, though | 10:34 |
achandrashekar | spiekey: id REALLY like to get it resolved...but not sure if that fix will work until i try at work tomorrow | 10:34 |
achandrashekar | youngmusic: i ran into it. | 10:35 |
achandrashekar | best thing you can do is open another terminal and watch the /var/log/syslog | 10:35 |
achandrashekar | tail-f /var/log/syslog | 10:35 |
achandrashekar | and then watch the magic :) | 10:35 |
achandrashekar | and OH btw....watch out for the reboot | 10:36 |
achandrashekar | id check the nsswitch file....in /etc | 10:36 |
spiekey | achandrashekar: i am quite intrested in it, too. Since we need some ubuntu-ldap stuff as well. :) | 10:36 |
achandrashekar | and if you have have something like this in there | 10:36 |
spiekey | but i never ran into that problem furtunatelly. | 10:36 |
achandrashekar | files ldap | 10:36 |
achandrashekar | then when you reboot...you will be pissed :) | 10:37 |
spiekey | ok, i never used that ;) | 10:37 |
achandrashekar | anyhow | 10:37 |
achandrashekar | and have rescue mode be your friend...lol | 10:37 |
rooney | soren: piff is the first node and herkules is the second | 10:37 |
achandrashekar | so...if you done mind...how are bugs resolved..per se | 10:37 |
achandrashekar | ?? | 10:37 |
achandrashekar | is there a core development group? | 10:38 |
achandrashekar | or does it just follow a chain of events and priority | 10:38 |
soren | achandrashekar: Where exacly does it get stuck during boot? | 10:38 |
achandrashekar | it seems that such an issue is HUGE..considering that ldap is a key component for authentication | 10:38 |
achandrashekar | here - | 10:38 |
achandrashekar | one sec | 10:38 |
achandrashekar | It stops on "Starting kernel log daemon" forever. | 10:39 |
achandrashekar | and Ive tried a couple of things | 10:39 |
soren | rooney: Am I correct to assume that you've done something that would cause herkules to be fenced? | 10:39 |
achandrashekar | bind_policy soft nope | 10:39 |
soren | rooney: And then manually acked it? | 10:39 |
achandrashekar | trying to change from S19 to S10 | 10:39 |
achandrashekar | nope | 10:39 |
achandrashekar | in rcX.d files | 10:39 |
rooney | soren: i'm just firing up the two nodes, one after one | 10:40 |
achandrashekar | and now last ill try to add up the nvram...tomorrow | 10:40 |
achandrashekar | and see. | 10:40 |
rooney | soren i'm a real newbie in clustering | 10:40 |
rooney | soren: so piff waits for herkules to join | 10:40 |
rooney | soren: and after joining something happens and herkules disconnects (because piff is killing it, but i dont know why) | 10:41 |
soren | achandrashekar: Do you have klog in /etc/passwd and /etc/group? | 10:41 |
achandrashekar | ill have to check that tommorow as well | 10:41 |
soren | rooney: I'd look in piff's logs and see why it wants to fence it. | 10:41 |
soren | achandrashekar: Do you understand the problem? | 10:41 |
rooney | i think 'just because its there' :) | 10:41 |
soren | rooney: fencing means "shoot in the head", pretty much. | 10:42 |
soren | rooney: It ought to give you a good reason. | 10:42 |
achandrashekar | is it basically that the nsswitch is looking for a network resource that isnt there? | 10:42 |
achandrashekar | and hence times out??? | 10:43 |
rooney | soren: herkules not a cluster member after 3 sec post_join_delay | 10:43 |
achandrashekar | that is my basic understanding of the issue. | 10:43 |
achandrashekar | but many have posted that adding nvram might do it to /etc/group | 10:43 |
achandrashekar | so i figured id try and confirm in here | 10:43 |
spiekey | achandrashekar: i had that problem with group. I added the timelimit option in libnss-ldap.conf | 10:43 |
soren | achandrashekar: nsswitch defines the order in which libc will look up usernames, groups, hosts, networks, netgroups, etc., etc. | 10:44 |
achandrashekar | ahh..okay | 10:44 |
rooney | soren and its no matter which one boots first, the second node dies | 10:44 |
soren | achandrashekar: If it says e.g.: "hosts: files ldap dns" and you try to look up host foo, it will look in /etc/hosts first, then in ldap and then in dns. | 10:44 |
achandrashekar | i see... okay | 10:45 |
soren | achandrashekar: So the reason it might be blocking somewhere is because it tries to look something up that it doesn't find in "files". | 10:45 |
soren | (depending on the type of entity "files" means different things. for passwd, it's /etc/passwd, for groups, it's /etc/group, etc.) | 10:45 |
spiekey | and thats where my hint might come in handy? :)) | 10:45 |
achandrashekar | and that is likely in /etc/group (at least according to others) | 10:46 |
soren | ...so if it's getting stuck when trying to start the klog deamon, it's because it's trying to find info about a user that is not defined locally, so it needs to go looking in ldap. | 10:46 |
achandrashekar | ahhhh... | 10:46 |
achandrashekar | makes sense | 10:46 |
achandrashekar | the question is which user...likely a system user | 10:47 |
soren | For klogd, it's because it's being told to run as klog, and before it can do that it needs to lookup the corresponding uid, which involves an nss lookup. | 10:47 |
soren | ...specifically, it looks up the klog user (unless you've changed the defaults). | 10:47 |
soren | So that's probably a good place to start. | 10:48 |
soren | rooney: I'd love to see the log snippet from piff as well as your cluster conf. | 10:48 |
achandrashekar | so adding that to /etc/passwd and groups will likely fix the issue. | 10:48 |
rooney | soren you can see piff's logs on the above link | 10:49 |
soren | achandrashekar: Well, the really interesting question here is how it came to be that they're not in there already. | 10:49 |
rooney | and just a minute and i'll paste cluster.conf | 10:49 |
achandrashekar | ill have to try and then post up tomorrow. | 10:49 |
achandrashekar | yeah..this is been an issue in fiesty as well. | 10:49 |
achandrashekar | what changed between dapper ---fiesty---? | 10:50 |
achandrashekar | in terms of ldap?? | 10:50 |
rooney | soren: http://paste.ubuntu-nl.org/56606/ | 10:50 |
achandrashekar | alot...i suspect | 10:50 |
achandrashekar | thanks for the advice ill try to see what happens. | 10:51 |
rooney | soren: http://paste.ubuntu-nl.org/56607/ | 10:51 |
achandrashekar | tomorrow. | 10:51 |
achandrashekar | its 2:51 AM here...and time for some sleep. | 10:51 |
achandrashekar | :) | 10:51 |
rooney | achandrashekar: hah, good nite :) | 10:51 |
achandrashekar | thnx | 10:51 |
rooney | soren: Linux piff 2.6.22-14-xen #1 SMP Wed Feb 13 23:02:34 CET 2008 x86_64 GNU/Linux | 10:52 |
soren | rooney: Hang on, I need to fire up my test cluster.. | 10:52 |
rooney | soren: k | 10:52 |
soren | :( | 10:53 |
* soren kicks python-central | 10:53 | |
spiekey | how do i install those perl modules? Net::PcapUtils, NetPacket | 10:58 |
spiekey | ah! | 10:59 |
spiekey | oh...no :-/ | 11:00 |
henkjan | soren: ah, also running hardy on your desktop? | 11:09 |
soren | henkjan: Sure. :) | 11:10 |
afief | Anybody got an easy guide on how to setup postfix? I've been wrestling with it for quite some time | 11:10 |
rooney | easyer than the manual? :) | 11:14 |
rooney | http://www.google.com/search?client=safari&rls=hu-hu&q=ubuntu+postfix+howto&ie=UTF-8&oe=UTF-8 | 11:14 |
[miles] | afief, postfix is well documented with a load of how-to's by various people... it's also super easy to configure | 11:15 |
[miles] | afief, what exactly do you want to achive? | 11:15 |
[miles] | afief, localdelivery, going to an imap server etc... ? | 11:15 |
=== MenZa_ is now known as MenZa | ||
rooney | soren: the same kernel&system without xen works like charm | 11:20 |
rooney | soren: i really do not understand | 11:20 |
[miles] | rooney, whats the problem? | 11:20 |
rooney | [miles]: 2 node cluster fails | 11:21 |
rooney | [miles]: http://paste.ubuntu-nl.org/56606/ http://paste.ubuntu-nl.org/56607/ | 11:21 |
[miles] | rooney, your using xen? | 11:21 |
rooney | [miles]: i try to :) | 11:21 |
[miles] | rooney, try KVM | 11:22 |
[miles] | rooney, works perfect for me | 11:22 |
rooney | it seems like that i have to choose between xen & clvm :) | 11:22 |
rooney | [miles]: ok, but my projekt leader wants xen | 11:22 |
rooney | and it has to work | 11:22 |
[miles] | rooney, ah | 11:22 |
[miles] | :-\ | 11:22 |
[miles] | I use kvm extensivly | 11:22 |
rooney | i think that it is a xen-ubuntu-amd64 issue | 11:22 |
[miles] | but not xen | 11:22 |
[miles] | never had any major issues with KVM | 11:23 |
rooney | same here with xen =) | 11:23 |
[miles] | :-) | 11:23 |
[miles] | damn designers... waiting for a 1 line modification to something... | 11:24 |
* [miles] goes to kick some | 11:24 | |
rooney | :) | 11:24 |
* rooney aw | 11:28 | |
afief | [miles]: sorry was AFK, I have postfix installed, but my php mail function doesn't seem to work:S | 12:00 |
faulkes- | afief: define "php mail function doesn't seem to work" | 12:04 |
afief | faulkes-: redefining my problem: I telnet into localhost 25, try to type "mail from root@localhost" and get a "Temporary system failure" error | 12:09 |
[miles] | sorry here now | 12:10 |
[miles] | afief, you just want to send yeah | 12:10 |
[miles] | afief, maybe best to have it relay | 12:11 |
[miles] | afief, to a smart host | 12:11 |
[miles] | afief, debug postfix too if it's giving you problems... also there is #postfix on freenode | 12:11 |
afief | [miles]: well I don't know much about this stuff, but I'm setting this up on a VPS, that shouldn't have to relay I think | 12:12 |
[miles] | it has a public IP yeah | 12:12 |
[miles] | and resolves etc | 12:12 |
afief | [miles]: it does | 12:15 |
[miles] | afief, the you should have no problems | 12:15 |
[miles] | afief, is it a panel or wot? | 12:15 |
afief | [miles]: a panel?:S sorry I don't know what that is | 12:16 |
[miles] | like plesk / cpanel etc | 12:17 |
[miles] | or all via console? | 12:17 |
afief | [miles]: no they give a root ssh login to a virtual server(slicehost.com) | 12:17 |
[miles] | ah ok | 12:18 |
[miles] | check your logs dude | 12:18 |
faulkes- | I would have to agree, logs will give us more information | 12:18 |
afief | faulkes-: okay which logs? | 12:18 |
[miles] | look in /var/log/maillog | 12:19 |
[miles] | erm | 12:19 |
[miles] | mail.log | 12:19 |
[miles] | sorry | 12:19 |
[miles] | is it reciving mail and sending ok? | 12:19 |
* [miles] spins 'Tilt - Invisible' | 12:20 | |
afief | [miles]: these seem to be the problematic lines in the log, alas I don't know how to fix them http://pastebin.com/m7d379f3e | 12:22 |
[miles] | afief, I don't mean to be offesnsive, but: | 12:23 |
[miles] | A) This is a postfix issue... not an ubuntu server issue | 12:23 |
[miles] | B) If you don't know how to configure mail, you need to read thru the docs on postfix.org and learn... | 12:24 |
[miles] | maybe someone will guide you thru it here, but me no... sorry | 12:24 |
afief | [miles]: no problem, I just thought setting up the mail server would be more simple | 12:25 |
[miles] | afief, you need to have an understanding of how mail works tho mate | 12:25 |
david | few things are as easy as you'd wish on *nix | 12:26 |
afief | [miles]: well I do know a bit about the SMTP protocol, but not on how the programs that manage mail work | 12:26 |
[miles] | afief, you will be able to do a cut and paste from some tutorial im sure... just find the right setup for what you require... | 12:26 |
david | (coming from other Oss) | 12:26 |
afief | david: usually things are easy, AFTER you figure out how to do them:) | 12:27 |
david | yeah :) | 12:27 |
david | I find that every day these days :P | 12:27 |
[miles] | afief, well... I think you need to spend a bit of time reading thru the docs... | 12:27 |
david | recently enforced linux on my family | 12:27 |
afief | david: well I enjoy it, I mean using Ubuntu on my desktop taught me a lot | 12:27 |
* [miles] runs corporate mail servers using postfix, dovecot, openldap etc | 12:27 | |
afief | [miles]: I will:) no problem there | 12:28 |
afief | [miles]: but could you give me some advice on how to set my server up since I have no idea about what is good for what? | 12:28 |
[miles] | http://wiki.dovecot.org/HowTo/LDAPdiablo | 12:28 |
david | I set up an ubuntu server just the other day, now I only need to find out what I want to do with it :N | 12:29 |
[miles] | thats something I'm working on for Dovecot.. but I doubt its gonna really help you | 12:29 |
[miles] | afief, the best advice I can give you is RTFM | 12:29 |
[miles] | afief, cos it really applies in your case | 12:29 |
[miles] | afief, and that 'logs speak volumes' | 12:30 |
afief | [miles]: okay | 12:30 |
[miles] | afief, take this to #postfix mate.. you will proberbly get help there | 12:30 |
afief | [miles]: I'll try to figure it out myself first I think:) thanks for your advice, sorry if I came about as a stupid script kiddie | 12:31 |
[miles] | not at all | 12:31 |
afief | [miles]: could you point me to the manual? this page doesn't seem to help www.postfix.org/postfix-manuals.html | 12:33 |
[miles] | afief, erm | 12:34 |
[miles] | dude | 12:34 |
[miles] | please.... | 12:34 |
[miles] | don't take the piss | 12:34 |
afief | huh? | 12:34 |
faulkes- | [miles]: postfix is a server issue as we directly support it | 12:34 |
[miles] | http://www.postfix.org/documentation.html | 12:35 |
faulkes- | and I think ScottK might have a word about that | 12:35 |
[miles] | faulkes-, what? | 12:35 |
faulkes- | <[miles]> A) This is a postfix issue... not an ubuntu server issue | 12:35 |
[miles] | faulkes-, your telling me supporting configuring it is #ubuntu-server ? | 12:35 |
[miles] | faulkes-, tsskk | 12:36 |
faulkes- | if he is having issues with it, then yes, we are here to help him | 12:36 |
[miles] | faulkes-, he aint even looked properly at the docs! | 12:36 |
faulkes- | then the first step is to let him know where appropriate documentation exists | 12:36 |
[miles] | faulkes-, yeah I did ... postfix.org | 12:36 |
afief | faulkes-: I think he did help me quite a bit:) he pointed me somewhere to learn, "teach a man to fish..." | 12:36 |
faulkes- | ubuntu official documentation on postfix is available at https://help.ubuntu.com/community/Servers and https://help.ubuntu.com/7.10/server/C (I may have to double check the second url) | 12:37 |
[miles] | faulkes-, if he does not have the basics, it serves no purpose building him a configuration that he fails to fully understand... and if it bombs at anytime, he's not 110% sure about what it's doing | 12:37 |
* [miles] returns to programming PHP ... | 12:38 | |
faulkes- | I'm not arguing the fact that pointing him to documentation so he can learn is a bad thing | 12:38 |
afief | [miles]: one more question: what would be the best way to remove whatever I misses with postfix and starting from scratch? | 12:38 |
david | anyone using some webgui-based torrent solution? I was looking at rtorrent the other day | 12:38 |
[miles] | david, deluge has a niffty webui | 12:39 |
[miles] | afief, I'm gonna keep refering you to http://www.postfix.org/ mate, sorry, thats my take.. I use postfix extensivly.. the docs are very very good | 12:39 |
david | interesting | 12:40 |
david | you use it? | 12:40 |
[miles] | nod | 12:40 |
faulkes- | afief: sudo apt-get remove postfix would remove the postfix installation you have now | 12:40 |
[miles] | @home | 12:40 |
david | (I plan to install sthn like it on the server) | 12:40 |
afief | faulkes-: I meant the faulty configurations | 12:40 |
david | more centralized everything :) | 12:40 |
david | I take it it watche folders etc also | 12:40 |
faulkes- | afief: I was then going to suggest you re-install it and follow the official server guide (the second link I posted) | 12:40 |
afief | faulkes-: I'm reading that now:) | 12:41 |
[miles] | afief, I wrote an app for here at work that gives me postfix + imap, cli admin tool, and webui in one install... now I would give it to you... however... | 12:41 |
[miles] | it's for centos :-) and all the webUI is in Spanish | 12:41 |
david | :) | 12:41 |
afief | [miles]: I wouldn't understand that:) | 12:42 |
[miles] | http://pastebin.ca/909700 | 12:42 |
faulkes- | and it wouldn't be supported by anyone in the community | 12:42 |
[miles] | see that | 12:42 |
[miles] | faulkes-, your right... but as I wrote it, and I launch it on production servers for corp. clients.. I support it :-) | 12:42 |
afief | looks nice | 12:43 |
faulkes- | which does absolutely nobody any good if he has it and you aren't around to support him | 12:43 |
[miles] | and the web ui is bliss | 12:43 |
[miles] | faulkes-, well.. I plan to package an Ubuntu Server version soon | 12:43 |
[miles] | faulkes-, it had to be done for RHEL and CentOS first tho | 12:43 |
[miles] | faulkes-, then will submit it to ubuntu see if they want it as a tool | 12:44 |
david | hmm. I'll keep looking for rtorrent solutions ;) | 12:44 |
faulkes- | that would be awesome, I would speak with ScottK regarding that | 12:44 |
[miles] | faulkes-, to give you an idea... on centos you do, yum install mailadmin-cli | 12:44 |
[miles] | it handles all deps | 12:44 |
[miles] | setups OpenLDAP, postfix, Dovecot etc | 12:45 |
[miles] | automagically | 12:45 |
[miles] | then just launch mailadmin commands as shown | 12:45 |
[miles] | and believe me it's working great guns atm... the bit that slowing me down is than damn web ui ... bloody clients keep asking for new features | 12:45 |
[miles] | also gotta package our special version of Horde thats tweaked to work nicer with it all | 12:46 |
* [miles] hates Horde | 12:46 | |
* [miles] also hates his boss that demands Horde | 12:46 | |
faulkes- | I'm not saying it doesn't work, or that it doesn't provide an easy install for what you are doing | 12:49 |
[miles] | I know your not | 12:49 |
faulkes- | however there are specific procedures for packaging, releasing, modifying supported software within ubuntu and debian | 12:50 |
[miles] | I know | 12:50 |
faulkes- | and I am familiar with centos, being that my work uses it exclusively right now | 12:51 |
ScottK | [miles]: You might want to start looking into Ebox as they've got a Postfix module (dunno how good it is), but Ebox in general is how Ubuntu is planning on doing server GUI ish stuff. | 12:52 |
[miles] | nice | 12:52 |
[miles] | http://video.google.com/videoplay?docid=8558307171261435083 | 12:52 |
[miles] | JAJA | 12:52 |
faulkes- | morning ScottK | 12:54 |
faulkes- | & zul | 12:54 |
ScottK | Morning faulkes-. | 12:54 |
zul | hello | 12:54 |
ScottK | I'm be AFK most of the day in meetings, so see you later. | 12:54 |
faulkes- | later, I have UDW scheduled all afternoon so | 12:54 |
faulkes- | while not server related, this may aid all server admins in emergencies, especially when dealing with PHB's | 12:55 |
faulkes- | http://crave.cnet.com/8301-1_105-9874043-1.html | 12:55 |
faulkes- | SFW | 12:55 |
[miles] | right lunch | 12:58 |
[miles] | hasta hora... ciao | 12:59 |
faulkes- | now for the joy of installing ubuntu server on the ppc platform | 13:05 |
soren | I've never tried that. How painful is it really? | 13:06 |
faulkes- | for 7.04 it appears to be fairly straight forward | 13:06 |
faulkes- | for 7.10 there appears to be a number of issues, which can be worked around | 13:07 |
faulkes- | just a matter of collecting all the information though | 13:07 |
faulkes- | and good morning soren | 13:07 |
faulkes- | looking forward to your UDW talk today | 13:07 |
spiekey | UDW? | 13:07 |
faulkes- | ubuntu developer week | 13:08 |
spiekey | Under Walter Talk? | 13:08 |
spiekey | oh :) | 13:08 |
faulkes- | soren: it'll get even more interesting when I fire up virtualization on it to run hardy | 13:09 |
soren | faulkes-: There's a powerpc kvm flavour in the works. | 13:10 |
* faulkes- nods | 13:10 | |
faulkes- | I'm going more for speed currently so I can get a hardy instance up and running on which i can start working on bugs/triaging/docs etc.. | 13:11 |
faulkes- | I'm looking at starting with alot of the php bug stuff | 13:12 |
faulkes- | mostly because our work uses php extensively and any attempt I would like to make to get them to convert from CentOS would require php to be solid | 13:13 |
youngmusic | I want to remove an ldap database (i was just experimenting with settings first, and now i want to get a copy of the real database in place with slapadd), can i just remove all files in /var/lib/ldap? | 13:27 |
faulkes- | you probably want to do a "sudo dpkg-reconfigure ldap-server" however I'm not sure if that is the appropriate way to do it | 13:32 |
youngmusic | yes, removing those files was not enough, in any case. But with dpkg-reconfigure, it will reset my config files, i suppose. | 13:44 |
faulkes- | yes, that is likely | 13:44 |
faulkes- | you can always cp /path/config/file ~mydir/configfile.backup | 13:45 |
youngmusic | True. On the other hand, i have done the migration now (setting up a slave server on ubuntu for a fecora core ldap master) and the data seems to be the same on both machines. It seems that they have syncronised themselves on the moment i put them both up. I didn't think that would happen, but everything seems fine. | 13:47 |
david | torrentflux was extremely easy to set up with ubuserver | 13:49 |
david | damn | 13:49 |
faulkes- | /who freenode/staff/* | 13:51 |
* [miles] spins 'Tiesto vs Kane - Rain Down On Me' ... nice | 14:20 | |
spiekey | Hi | 15:19 |
spiekey | soren: thanks for the ML response :) | 15:20 |
afief | [miles]: after over 5 hours of trying to configure postfix I just couldn't stand it anymore, installed exim4 and it just-worked(tm) after answering some simple questions... makes me feel bad about not getting postfix to work, but it gets the job done | 15:24 |
lamont | afief: trying to do what with postfix? | 15:24 |
[miles] | afief, I've worked over the years with both postfix and exim... exim's config file is well laid out... but I'm suprised your having so many problems with postfix... strange | 15:31 |
[miles] | lamont, make it work ;-) | 15:32 |
afief | lamont: currently all I want is to get the mail() function in php to work | 15:32 |
afief | [miles]: I don't know... first few attempts didn't give me problems, just didn't deliver the mail, then I started getting weird problems(which is when I came here) then I couldn't even `telnet localhost 25`, which was when I threw the towel:( | 15:33 |
[miles] | you sure it was not set to listen to the public IP only | 15:34 |
[miles] | also be sure another mta was not running | 15:34 |
afief | [miles]: yes, and I tried to login from the localhost PC too, it didn't work, the port was just closed:S | 15:34 |
afief | [miles]: well, all in all I think I am where I need to get for now, when I need a more complex system, I'll read the documentation again | 15:35 |
[miles] | that can happen, say if sendmail is running listening to localhost, and you slap postfix on also (actually this can happen in RHEL btw, I'm not saying Ubuntu) ... and that attempts to bind to localhost, can't but binds to the public ip | 15:35 |
lamont | [miles]: postfix conflicts with all other mail transport agents, per policy, just to avoid having two trying to listen at the same time | 15:36 |
afief | [miles]: could be... although I made sure to remove sendmail(yes I made quite a mess...) | 15:36 |
[miles] | lamont, (actually this can happen in RHEL btw, I'm not saying Ubuntu) | 15:36 |
[miles] | ;) | 15:36 |
lamont | afief: apt-get install postfix would have removed postfix for you | 15:36 |
lamont | er, sendmail rather | 15:37 |
lamont | afief: apt-get install postfix would have removed sendmail for you | 15:37 |
afief | lamont: I did that, but there was still a sendmail file in /etc/init.d | 15:37 |
lamont | afief: I wonder if maybe there was an error in mail.log and no postfix running? | 15:37 |
lamont | afief: bad sendmail | 15:37 |
afief | lamont: nope, no errors in there | 15:38 |
lamont | I always use apt-get install --purge... :-) | 15:38 |
lamont | interesting | 15:38 |
lamont | if you could reproduce that config, I'd be very interested in steps to get to that state... | 15:38 |
* lamont hasn't ever managed to get there, you see.... | 15:38 | |
afief | one thing was weird though: apt-get install postfix;(insert some bad configurations here); apt-get remove postfix; rm-rf /etc/posftfix; apt-get install postfix; gives an error that /etc/postfix/postfix-script doesn't exit | 15:39 |
lamont | yeah. | 15:40 |
lamont | don't rm -rf /etc/postfix without saying 'dpkg --purge postfix' | 15:40 |
afief | lamont: what's the difference? | 15:40 |
lamont | thank you though. I've been wondering how people got there. | 15:40 |
lamont | afief: then dpkg knows that all the config files are nuked | 15:40 |
lamont | and reinstall doesn't assume that it's gone because you wanted it gone, and actually installs the conffile. | 15:41 |
lamont | in good news, postfix-script moved out of /etc/ in 2.5 | 15:41 |
afief | lamont: should I have done that before or after apr-get remove? | 15:41 |
afief | **apt-get remove | 15:41 |
lamont | apt-get remove --purge is the preferred method | 15:42 |
lamont | the steps are remove then purge, fwiw | 15:42 |
afief | lamont: I'll keep it in mind for the next time, thanks a lot | 15:44 |
lamont | I'll see if there's a solution that postfix can manage to do in packaging too | 15:47 |
lamont | it's been a long-unproducible bug report | 15:47 |
zul | for those who are in interested in virtualization stuff there is a session in #ubuntu-classroom starting real soon (tm) | 16:01 |
[miles] | zul, covering what... kvm? | 16:01 |
zul | yep | 16:01 |
* [miles] heads over | 16:01 | |
[miles] | zul, you got any of the #kvm guys in there? | 16:02 |
zul | dunno but we have soren | 16:02 |
Stonekeeper | hi there. Do any of you fine people know why an "apt-get install mysql" will install 3 mysql init scripts? I have this problem where mysql fails to start, thinking that the port is already in use (which it isn't). Wondered if the issue was to so with mulitple init scripts. Thanks. | 17:23 |
Stonekeeper | (on 7.10 server) | 17:24 |
mathiaz | Stonekeeper: you should have a look in /var/log/daemon.log | 17:25 |
mathiaz | Stonekeeper: that's where the error messages for mysql are sent. | 17:25 |
Stonekeeper | oh, thank you | 17:25 |
Stonekeeper | they were tturning up in syslog though | 17:25 |
Stonekeeper | hmm.. yeah, it can't bind to the port. If i start it manually, it works though :/ | 17:28 |
mathiaz | Stonekeeper: did you modify the default installation of the init scripts ? | 17:31 |
nealmcb | sommer: Yea for proud documentation writers! I thought of you when I read this slogan from the famed Peter Saint-Andre "I guess you could say I put the M in RTFM" https://stpeter.im/?p=2144 | 17:31 |
mathiaz | Stonekeeper: only one init script should be turned on by default - mysql | 17:31 |
mathiaz | Stonekeeper: the other two scripts are used when nbd clustering is setup. | 17:32 |
Stonekeeper | i think the other 2 are installed by default as i haven't installed the clustering support, at least, not deliberately | 17:32 |
Stonekeeper | ah i think i know what is happening | 17:33 |
mathiaz | Stonekeeper: they should be installed, but not turned on. | 17:34 |
Stonekeeper | hmm.. ok. Thanks for your time mathiaz | 17:37 |
sommer | nealmcb: heh... that's good | 17:49 |
faulkes- | qustion,hoyou typith brokkybr :) | 18:01 |
nox-Hand | Hey | 18:06 |
nox-Hand | Installed Ubuntu-server few days ago, and wondering whether the upgrade I made to a full system is the reason its not working in apt: | 18:06 |
nox-Hand | Cause I am rather confused about this apt error: http://pastebin.ca/910001 | 18:06 |
_ruben | crap .. kernel panic on one of my gutsy servers .. Kernel panic - not syncing: Fatal exception in interrupt | 18:09 |
_ruben | lets see if i can find an existing LP entry for it | 18:09 |
c1|freaky | is there any good tutorial for a useful encryption of a second harddisk (where important stuff is stured) for a server? | 18:25 |
_ruben | just make sure nobody steals your harddrive ;) | 18:31 |
_ruben | hmm .. kernel upgrade *seems* to have fixed my kernel panic | 18:35 |
_ruben | crap ... now it claims it cannot find ext3 fs on my raid volume .. *cry* | 18:37 |
_ruben | guess i wont have to bother sorting out the stuff i had on this old filesytem .. perhaps i should just let it go and embrace the 1TB of free diskspace | 18:59 |
_ruben | omg .. just too stupid .. its reiserfs, not ext3 | 19:01 |
faulkes- | err, utc -5 / 17:00 == 2pm est correct? | 19:44 |
mathiaz | faulkes-: 17 - 5 = 12 | 19:46 |
mathiaz | faulkes-: 17:00 UTC == 12:00 EST | 19:46 |
sommer | faulkes-: here's the cheat sheet I use: http://www.dxing.com/utcgmt.htm :-) | 19:46 |
sommer | though I'm they're pretty much memorized by now... heh | 19:48 |
zul | date --utc always help as well | 19:48 |
sommer | heh... I was about to say you can also use google | 19:49 |
faulkes- | yes, it does | 19:50 |
faulkes- | I thought soren was presenting virt stuff at 17:00 utc though | 19:50 |
soren | Nope. | 19:50 |
soren | Well, maybe you thought so.. | 19:50 |
* faulkes- eyes UDW wiki page | 19:50 | |
mathiaz | soren: is there a way to change the boot order of a kvm guest ? | 19:52 |
soren | mathiaz: libvirt style or command line? | 19:53 |
mathiaz | soren: when I install a new guest from an iso, on reboot it boots from the iso. | 19:53 |
soren | mathiaz: Using libvirt or directly from command line? | 19:53 |
mathiaz | soren: There is a thread on libvirt ml about it. | 19:53 |
mathiaz | soren: I'm using virsh | 19:53 |
mathiaz | soren: so I guest libvirt | 19:54 |
soren | mathiaz: Right. | 19:54 |
mathiaz | soren: /guess/ | 19:54 |
soren | You grab the current xml (using dumpxml), change the boot device, and define the domain again. | 19:54 |
soren | It sees that the uuid is the same and then just replaces the current settings with your new ones. | 19:54 |
mathiaz | soren: ok. | 19:54 |
mathiaz | soren: there is no way to set the boot order to hd,cdrom | 19:55 |
mathiaz | soren: on the first install, hd is empty so it goes to cdrom | 19:55 |
mathiaz | soren: on reboot it boots from the hd. | 19:55 |
mathiaz | soren: I was able to do that with vmware-server. | 19:55 |
soren | Hmm.. | 19:56 |
soren | I think you can specify multiple boot tags. | 19:56 |
soren | <boot dev='hd' /><boot dev='cdrom' /> | 19:56 |
soren | should do it. | 19:57 |
mathiaz | soren: I'll try that. | 19:57 |
sommer | anyone else tried likewise-open? | 20:02 |
sommer | or had DNS errors trying to join a domain? | 20:03 |
mathiaz | sommer: what is the exact error you have ? | 20:06 |
sommer | mathiaz: it's a three liner: | 20:06 |
sommer | Failed to contact DC when trying to synchronize local system clock! | 20:06 |
sommer | None of the domain controllers listed in DNS could be contacted, or there are no DCs listed in DNS | 20:06 |
sommer | FAILED [Error code: 0008000e] | 20:07 |
sommer | there are some bugs that seem to related to the error, so I guess I could reply and ask how/if they fixed the issue | 20:07 |
sommer | seems like dendrobates was talking to someone not long ago about a similar issue, but I didn't really pay attention :( | 20:08 |
mathiaz | sommer: you could try to run domain in debug mode | 20:09 |
mathiaz | sommer: are you using the gui or the cli ? | 20:09 |
sommer | mathiaz: cli | 20:09 |
sommer | mathiaz: do you mean the AD domain in debug? | 20:09 |
dendrobates | sommer: are you using AD as your dns server? | 20:09 |
sommer | dendrobates: yep | 20:09 |
mathiaz | sommer: nope. domain-cli | 20:10 |
sommer | mathiaz: ah | 20:10 |
mathiaz | sommer: you can increase the logging level. | 20:10 |
sommer | sure one sec | 20:10 |
dendrobates | sommer: are you using the fqdn of the domain in the command? | 20:10 |
dendrobates | sommer: you can't use the netbios name. | 20:10 |
sommer | dendrobates: yep fqdn | 20:11 |
sommer | full command: sudo domainjoin-cli --log . join frog.org Administrator | 20:11 |
sommer | also tried FROG.org and other variations with no dice | 20:12 |
mathiaz | sommer: could you add the option --log-level debug ? | 20:12 |
sommer | mathiaz: doesn't like --log-level debug | 20:13 |
dendrobates | sommer: so the name of the machine is frog.org. | 20:13 |
sommer | dendrobates: the name of the AD domain is frog.org | 20:14 |
dendrobates | sommer: you can't use the ad domain name, that is the netbios name. You must use the fqdn of the server. | 20:14 |
zul | is there a reason why we keep the php5.ini memoy limit low? | 20:14 |
sommer | dendrobates: ahhhhh... one sec | 20:15 |
mathiaz | zul: what is the default from upstream ? | 20:15 |
zul | gimme a sec. | 20:16 |
zul | 128MB | 20:18 |
mathiaz | zul: is there a mention of the memory limit in the changelog ? | 20:19 |
sommer | dendrobates: same error using: sudo domainjoin-cli --log . join servyserv.frog.org Administrator | 20:20 |
zul | mathiaz: yes reading through it https://bugs.edge.launchpad.net/ubuntu/+source/php5/+bug/148871 | 20:20 |
ubotu | Launchpad bug 148871 in php5 "Lower memory limit for php5" [Medium,Fix released] | 20:20 |
sommer | the DC is running in a qemu instance... fyi | 20:20 |
mathiaz | soren: awesome - setting boot hd, then boot cdrom works as expected :) | 20:21 |
dendrobates | sommer: domainjoin-cli --log /tmp/join.log --loglevel verbose join <ad domain> <admin name> <admin pw> | 20:21 |
faulkes- | hmmm, ubuntu ppc is err, hmmm "interesting" | 20:21 |
zul | mathiaz: yeah leave it as it is, its intentional https://bugs.edge.launchpad.net/ubuntu/+source/php5/+bug/148871 | 20:21 |
ubotu | Launchpad bug 148871 in php5 "Lower memory limit for php5" [Medium,Fix released] | 20:21 |
dendrobates | sommer: I need to see the log. | 20:21 |
sommer | dendrobates: sure... one sec | 20:23 |
sommer | dendrobates: http://paste.ubuntu-nl.org/56661/ | 20:24 |
soren | mathiaz: Cool! | 20:25 |
mathiaz | soren: if I shutdown a guest using poweroff in the guest, the host doesn't stop the guest. | 20:26 |
soren | zul, mathiaz: What's the issue with php's memory_limit? | 20:26 |
soren | I forget what the default on_shutdown is.. | 20:26 |
zul | people are complaining that it is too low but they can adjust it themselves | 20:26 |
mathiaz | soren: the guest console says that the system is halted, but virsh list report that the host is still running | 20:26 |
mathiaz | soren: ok. I can adjust the behavior with the on_shutdown option. thks. | 20:27 |
soren | sommer: No, that's not the name of it, apparantly. | 20:27 |
soren | whoops | 20:27 |
sommer | soren: the domain? | 20:27 |
soren | mathiaz: No, that's not the name of it, apparantly. | 20:27 |
soren | sommer: Not for you. Sorry :) | 20:28 |
sommer | soren: heh | 20:28 |
soren | mathiaz: It's on_poweroff, and it's always "destroy". | 20:28 |
mathiaz | soren: hum... it doesn't get destroyed. | 20:31 |
mathiaz | soren: I'm using create instead of define - could this be the reason ? | 20:31 |
soren | mathiaz: That shouldn't matter, no. | 20:31 |
soren | mathiaz: "shouldn't" is the keyword. | 20:31 |
soren | mathiaz: It might, but it shouldn't :) | 20:32 |
dendrobates | sommer: do you have admin access on the AD server? | 20:32 |
sommer | dendrobates: yep | 20:32 |
mathiaz | soren: right. I've got the same result using create. | 20:34 |
mathiaz | soren: should I file a bug ? | 20:34 |
soren | Yes, please. | 20:34 |
dexem | what's the status of ebox? do you think it will be able to be accepted as an exception? | 20:34 |
soren | zul: ^^ | 20:34 |
dexem | O:-) Just to know... I don't want to create pressure :P | 20:35 |
zul | dexem: im working with javier from ebox its getting there and I sent a couple of patches to him today | 20:35 |
zul | dexem: we'll have another set of eyes look at the packages once he incorperates the changes | 20:36 |
dexem | ok :) you had time to review the new packages, great :) | 20:36 |
dexem | aham nice | 20:36 |
zul | dexem: yes this would be my second review :) | 20:37 |
dendrobates | sommer: is the ad server using itself for dns? | 20:39 |
dendrobates | sommer: set the dns of the nic to 127.0.0.1 | 20:39 |
sommer | dendrobates: um... probably not, changing | 20:39 |
dendrobates | if it is using another dns server, it will mot find the correct records. | 20:40 |
dendrobates | sommer: is this a production AD server? | 20:40 |
sommer | dendrobates: nope, it's a test qemu instance | 20:41 |
sommer | setup to work on documenting likewise-open for the server guide | 20:41 |
dendrobates | sommer: after you change dns fo rthe nic,m you need to restart networking from the command line, which I forgot how to do, or reboot. | 20:42 |
sommer | dendrobates: okay, will do | 20:42 |
dendrobates | sommer: you should be able to go into the dns control panel on AD and see the fqdn, and a bunch of entries under it, that corespond to the services that have been auto registered. | 20:43 |
dexem | zul: ops! I can't answer you directly... anyway, thanks, no problem :) I'm continuously asking javier about it... he nearly hates me :) (we work together, but in different areas :P) | 20:43 |
zul | ah.. | 20:44 |
zul | good to know | 20:44 |
Runithard | hello, how do I list attached IDE devices? | 20:49 |
Runithard | I'm trying to mount a drive.... and I'm not sure if it's plugged in | 20:49 |
Runithard | yep.......... | 20:51 |
sommer | dendrobates: changed AD servers dns to use itself and received the same error. here's the output: http://paste.ubuntu-nl.org/56664/ | 20:52 |
Runithard | ok........... bringing down box... | 20:53 |
Runithard | brb | 20:53 |
dendrobates | sommer: have you looked at AD's dns entry? | 20:53 |
sommer | dendrobates: is there something spedific I should look for? | 20:54 |
sommer | there's an A record for the domain, the AD server, and the client | 20:54 |
sommer | dendrobates: all under the frog.org zone | 20:55 |
dendrobates | sommer: yeah, you should be able to expand the the fqdn of the AD server and see some SRV records underneath it. | 20:55 |
sommer | dendrobates: checking | 20:55 |
sommer | dendrobates: yep there are some under _msdcs > dc, domains, etc | 20:57 |
sommer | dendrobates: SRV records for _ldap, _kerberos, and friends | 20:58 |
dendrobates | sommer: cool. are those directly under frog.org? | 20:58 |
sommer | dendrobates: yes | 20:59 |
sommer | dendrobates: there are no SRV records at the same level as the A records... but I'm not sure there should be | 21:00 |
dendrobates | sommer ok, use forg.org as the domain | 21:00 |
sommer | trying | 21:00 |
sommer | dendrobates: there was a vast amount of ouput that time | 21:01 |
sommer | dendrobates: heh and a SUCCESS message at the end :-) | 21:01 |
sommer | party! | 21:01 |
dendrobates | sommer: you are joined. | 21:01 |
sommer | sweet, so I guess it was the using itself for dns issue | 21:02 |
sommer | I'll be sure and document that. | 21:02 |
sommer | dendrobates: thanks for your help | 21:03 |
dendrobates | sommer: on most AD instances, it should just work. | 21:03 |
dendrobates | sommer: I will be pussing a new version later this week with better error codes, and likewise has someone writing official docs. | 21:04 |
dendrobates | pushing, perhaps. | 21:04 |
faileas | I might be picking up a used dual proc server in the coming weeks. Wondering if i should use the generic kernel, or is there a SMP kernel i should use? | 21:04 |
sommer | dendrobates: ah, so should something be added to a troubleshooting section? | 21:04 |
sommer | dendrobates: manpages for the domainjoin-cli command would be nice :-) | 21:05 |
dendrobates | sommer: yeah, all the responses will change. and I have asked for manpages. | 21:05 |
sommer | dendrobates: cool, I'll keep it fairly simple then, and double check it before SF | 21:06 |
sommer | shweet... ssh works with domain users! | 21:10 |
dendrobates | sommer: so far I cannot get kerberos based ssh to work. | 21:12 |
sommer | dendrobates: mmm... I've haven't used kerberos much myself | 21:13 |
sommer | maybe something with the AD implementation? | 21:14 |
sommer | the domain\user thing is sort of awkward as well | 21:14 |
mathiaz | sommer: you can try user@domain | 21:15 |
mathiaz | sommer: it should also work | 21:15 |
sommer | mathiaz: doesn't seem to work from a gutsy non-domain host | 21:16 |
sommer | ssh 'frog\user'@host.frog.org works though | 21:17 |
sommer | I don't think the domain\user thing is really too big a deal... seem more of a training issue to me | 21:19 |
faulkes- | well, this should be fun, ubuntu server ppc -> qemu -> hardy install | 21:20 |
mathiaz | sommer: is ssh -l user@domain host working ? | 21:22 |
Nafallo | no | 21:22 |
Nafallo | cause if you do @ -l shouldn't be there :-) | 21:22 |
Nafallo | should it? | 21:23 |
faileas | faulkes-: o0 | 21:23 |
faileas | faulkes-: not worried about the HUGE performance hit? ;p | 21:23 |
* Nafallo ponders | 21:24 | |
Nafallo | right... tired :-) | 21:24 |
mathiaz | Nafallo: well - if you're in a kerberos environement (such as AD) you should be able to use user@domain to specify which user you want | 21:24 |
Nafallo | yea. just read up a bit :-) | 21:24 |
sommer | mathiaz: nope, no dice | 21:24 |
Nafallo | /and/ read who was typing what ;-) | 21:25 |
jdstrand | has anyone tried OSX (powerpc) under kvm/libvirt? | 21:26 |
faulkes- | user@domain is also common in stuff like radius | 21:27 |
sommer | mathiaz: it may be something with my setup | 21:29 |
sommer | I just realized I had ufw configured... it did join the domain eventually :-) | 21:30 |
mathiaz | sommer: domainjoin-cli should take care of setting up your machine as a kerberos client. | 21:30 |
sommer | mathiaz: does it need restarted? | 21:30 |
mathiaz | sommer: however you may need to change the configuration of openssh client. | 21:30 |
mathiaz | sommer: and may be enable a couple of options. | 21:30 |
sommer | mathiaz: ah, gotcha | 21:31 |
mathiaz | sommer: likewise-open should cache your kerberos ticket, which can be used by any application such as openssh client. | 21:31 |
mathiaz | sommer: this is what dendrobates was refering to. | 21:31 |
mathiaz | sommer: you should be able to authenticate to the AD domain once, and then be able to login on any kerberized service. | 21:32 |
sommer | mathiaz: makes sense, I just have the one machine connected to the domain | 21:32 |
sommer | cool stuff though | 21:32 |
mathiaz | sommer: yes - you should try to add a second machine to your domain. This is when things gets really interesting. | 21:33 |
jdstrand | mathiaz: ssh can be a little trickier (haven't done it on hardy with likewise). sometimes you need to add to ssh_config 'GSSAPIAuthentication yes' | 21:34 |
jdstrand | mathiaz: does likewise setup /etc/krb5.conf? | 21:34 |
mathiaz | jdstrand: yes. | 21:35 |
jdstrand | cool | 21:36 |
sommer | are the other binaries lwi* the same as or similar to those that come with samba? | 21:42 |
mathiaz | sommer: what do you mean ? | 21:44 |
sommer | mathiaz: the likewise-open package has other executables lwinet, lwimsg, lwiinfo | 21:44 |
sommer | mathiaz: they seem very similar to samba to me | 21:45 |
mathiaz | sommer: correct. | 21:45 |
mathiaz | sommer: likewise-open is based on samba code, mainly winbindd. | 21:45 |
sommer | so there's not much sense in documenting them? | 21:45 |
mathiaz | sommer: I think they should be documented | 21:46 |
mathiaz | sommer: there isn't any man page yet - that should be fixed soon. | 21:46 |
mathiaz | sommer: you may wanna wait for the man page. | 21:46 |
sommer | mathiaz: cool, I could write up some of the more common options | 21:46 |
mathiaz | sommer: but the commands are similar to the ones in samba. | 21:46 |
sommer | whenever the man pages arrives... heh | 21:47 |
frame45 | foo: Thanks for the email | 22:34 |
frame45 | foo: ? can I run the desktop edition w/o a keyboard / monitor? | 22:34 |
faulkes- | wouldn't be much of a desktop without them now would it ;) | 22:39 |
faulkes- | however, the answer is yes, you can | 22:39 |
frame45 | do you have to do anything special it get it to work without them? | 22:43 |
faulkes- | I guess my question would be, what is it you are trying to achieve by having a headless desktop? | 22:45 |
faulkes- | however, in general, no, you do not need to do anything special | 22:46 |
frame45 | making my magic pumpkin server of course! | 22:46 |
frame45 | I am wanting a file / FTP server that I can connect to from work or a friends house. | 22:46 |
frame45 | I would like to be able to access my files on my ubuntu laptop or my friend's computer via http. | 22:47 |
faulkes- | frame45: basicly you would need to install the appropriate server components from the repositories and configure them as you require | 23:04 |
faulkes- | if you are doing remote access, I would further suggest you use sftp/scp (winscp for windows) instead of ftp | 23:05 |
faulkes- | as it is far more secure | 23:05 |
mindframe- | why won't my swap work? swapon: /dev/mapper/klx-swap_1: Invalid argument | 23:15 |
mok0 | mindframe-: what does ls -l /dev/mapper/klx-swap_1 say? | 23:27 |
mindframe- | brw-rw---- 1 root disk 254, 2 2008-02-18 09:08 /dev/mapper/klx-swap_1 | 23:34 |
mindframe- | mok0, ^ | 23:35 |
ScottK | lamont: I see 2.5.1 is released and announced... | 23:45 |
mok0 | mindframe-: how about swapon -s ? | 23:45 |
lamont | ScottK: yeah. I've even merged it in git, I just need to upload it. | 23:46 |
lamont | been working on going through the bugs one more time to find template-changing bugs, so I can do one spam-o-gram to the translators | 23:47 |
mindframe- | mok0, lists nothing | 23:49 |
mok0 | mindframe-: I have swap on an lvm partition, and it works ok | 23:50 |
mindframe- | mok0, i have my swap encrypted with dmcrypt... but it was working after initial install | 23:51 |
mindframe- | i have vm.swapiness set to 0 for a while | 23:51 |
mindframe- | *had | 23:51 |
mok0 | mindframe-: hmm, can you turn that off again? | 23:51 |
mok0 | mindframe-: the encryption I mean | 23:52 |
mindframe- | turn encryption off? or swappiness? | 23:52 |
mok0 | mindframe-: how about lvdisplay (as root)... Can you see the swap logical partition? | 23:54 |
mok0 | logical volume | 23:54 |
mindframe- | yes | 23:54 |
mindframe- | i think i'm missing a line in /etc/crypttab | 23:54 |
mok0 | mindframe-: my /etc/fstab uses the UUID to mount the swap | 23:55 |
mindframe- | same here | 23:55 |
mindframe- | its just not mounting | 23:55 |
mindframe- | let me make sure uuid is correct | 23:55 |
mok0 | mindframe-: that's weird | 23:56 |
mindframe- | should lvm uuid and fstab uuid match? | 23:56 |
mok0 | mindframe-: yes | 23:56 |
mindframe- | thats odd because my root uuid's do not match | 23:57 |
mok0 | mindframe-: try this: blkid | 23:58 |
mok0 | mindframe-: the uuid you get for your swap should match the one from fstab | 23:59 |
mok0 | mindframe-: perhaps that crypt thing changed the uuid? | 23:59 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!