[04:24] <jarosser> im just curious is ebox going to be with the next release of ubuntu server
[04:33] <mralphabet> jarosser: I believe so, there has been a lot of work done to get it ready.
[04:33] <jarosser> cool i played around with their live cd and it does make things easier
=== jmtt_ is now known as jmtt
[04:55] <MajorP> hello
[04:55] <MajorP> ive a question, why should i use ubuntu server insteed of debian? is there any security significate special fetures?
[04:55] <MajorP> i only know sudo and that is not the best solution, i think so
[04:56] <MajorP> ive read some docs but no page describle the sec features
[04:57] <MajorP> would be nice if u can say why u use ubuntu and no other dist
[04:58] <ScottK> One factor is do you want a steady release schedule and support window versus a release every year or two whenever the stars happen to align.
[05:00] <MajorP> okey the cycle from debian's new versions is not the best, but they are the fastet in bringing new fixes, on a server i dont need the newest apps, they must be rockstable and do there work for years
[05:01] <ScottK> My experience is that Ubuntu and Debian are both pretty quick on security fixes.  The two distros do cooperate.
[05:02] <ScottK> There are some differences in kernel hardening, but I'm not really qualified to discuss.
[05:03] <ScottK> Ubuntu has apparmor well deployed and SE Linux sort of deployed.  Debian has about the same SE Linux as Ubuntu.
[05:04] <MajorP> well right, ubuntu based on debian. i'am also not a profi but i love debian, and cant understand why there is such a hype around ubuntu, its the same on server side
[05:07] <ScottK> For me I need to be more cutting edge than Debian Stable for a variety of reason on server and desktop both and so Ubuntu serves very nicely as a stabilized Unstable.
[05:08] <MajorP> lol stabelized unstable :P
[05:08] <MajorP> ok well thats a reason
[05:09] <faulkes-> well, there is the recent addition of ufw
[05:09] <faulkes-> which makes managing iptables a trivial task
[05:09] <MajorP> ok thanks for u're input, i think ure in right, ubuntu is a modern server os
[05:10] <MajorP> and is out of the box the better choice than debian
[05:10] <faulkes-> well, I think the overall philosophy with ubuntu is that it should be easy to use
[05:10] <faulkes-> and that applies to the server edition as well
[05:10] <MajorP> sorry what is ufw?
[05:10] <faulkes-> that isn't to say debian isn't easy to use
[05:10] <ScottK> faulkes-: But if you know what you are doing, Debian is easy to use.
[05:11] <faulkes-> ubuntu firewall
[05:11] <faulkes-> ScottK: re: my last comment
[05:11] <MajorP> mh i lern linux about 1 year and i think debian is easy to use
[05:11] <ScottK> MajorP: CLI iptables helper for those that need it.
[05:11]  * ScottK too.
[05:11]  * faulkes- makes not argument otherwise
[05:11] <faulkes-> s/not/no
[05:12] <MajorP> have started with suse and in accord to debian is suse a horror trip
[05:12] <ScottK> My first mail servers were Debian, but then I needed Postfix 2.2 and Sarge only had 2.1.
[05:12]  * ScottK used opensuse desktop for a while.
[05:12] <ScottK> Never again.
[05:12] <MajorP> ;)
[05:12] <MajorP> ok on desktop i use ubuntu
[05:12] <faulkes-> my first mail server was uucp ;)
[05:13] <ScottK> Postfix still support uucp, so you can have that now if you want it.
[05:13] <MajorP> cause it's ready to use after installation and very comfortable
[05:13] <ScottK> That's where ubuntu-server aims to get.  We're getting closer.
[05:13] <faulkes-> ScottK: yeah but I'm not really going to go digging around for uucp maps
[05:13] <faulkes-> although I did love bang path addressing ;)
[05:13] <ScottK> Just saying ...
[05:14] <MajorP> what is bang path?
[05:14] <ScottK> You used to have to specify mail routing back before it was all one big happy internet
[05:15] <MajorP> ahh so long time ago?
[05:15] <MajorP> well not in years but in it ;)
[05:15] <faulkes-> yes, in a galaxy far far away
[05:15] <MajorP> :P
[05:15] <ScottK> It's essentially a compound address scheme that stores forward and reverse path routing info in the address
[05:16] <ScottK> It's actually still supported in the RFCs, but seriously deprecated.
[05:16]  * faulkes- g protocols ScottK
[05:16] <ScottK> Sort of anyway.
[05:16] <ScottK> It was deprecated in RFC 821 if that gives you an idea how long ago.
[05:16] <ScottK> Gotta run.  It's late here.
[05:16] <faulkes-> aye, although there is still some use of it in areas where telecom infrastructure is not up to snuff
[05:16] <faulkes-> night ScottK
[05:16] <MajorP> ok thanks for the explication
[05:17] <faulkes-> speaking of which, I should probably hit the sack as well, I have to be up early for a meeting in the city
[05:17]  * faulkes- hates meetings
[05:17] <MajorP> how long ure doing linux faulkes-?
[05:17] <MajorP> ok cya ScottK!
[05:17] <faulkes-> since kernel 0.99p1
[05:18] <MajorP> ha not bad
[05:18] <MajorP> when was that?
[05:18] <faulkes-> 93-94'ish
[05:18] <MajorP> nice, while i was playing in the sandbox ;P
[05:19] <lamont> ScottK: uploading 2.5.1-1 to sid, pls poke me to ask for the sync once the alpha gets out and unfreezes us
[05:19]  * faulkes- is an old old man
[05:19] <faulkes-> evening lamont
[05:19] <lamont> evening
[05:21] <faulkes-> man, I'm really enjoying playing with fusesmb
[05:23] <MajorP> which dist u would use on a 1gb usb stick?
[05:24] <MajorP> archlinux or is there smt better out there?
[05:26] <faulkes-> it has never occured to me to do so
[05:26] <faulkes-> other than to have usb emergency recovery stick
[05:27]  * faulkes- enjoys his laptop
[05:28] <faulkes-> although I need to buy a new laptop soon
[05:28] <ScottK> lamont: OK.  Or I could just ask.
[05:28] <ScottK> faulkes-: How old?
[05:28] <ScottK> Or did we have this conversation already?
[05:29] <ScottK> And I'm old enough I forgot.
[05:31] <MajorP> ok :), dont have enough money for a laptop but i have a nokia e61 its a good compromise, i can surf, write mails, tel via voip and also can connect on a server through ssh when i need in emergency
[05:31] <robc4> faulkes, thanks for answering my question so promptly about ebox on the forums (I am e30power on there)
[05:58] <faulkes-> np
[05:58] <faulkes-> glad to have helped
[06:00] <faulkes-> ScottK: don't remember if we did or not
[06:00] <faulkes-> 35 in actual years
[06:00] <faulkes-> well, what I really want is to get a new dell xps fully loaded
[08:30] <nijaba> good morning
[08:51] <[miles]> moaning
[09:28] <kraut> moin
[10:27] <_ruben> a collegue just a 7.10 server install .. 2x 250GB sata, with s/w raid + lvm .. which had the OS end up with lilo instead of grub .. my own installs (with slightly different partitioning) do have grub
[10:27] <_ruben> this new install is one big raid1 with lvm on top it
[10:27] <_ruben> grub cant boot lvm on top of raid?
[10:28] <henkjan> guided partitioning with lvm does create a separate /boot, not on lvm
[10:29] <henkjan> so thats what i'm using when im doing it manually
[10:29] <_ruben> hmm .. i used to have seperate /boot partitions as well .. thought the werent necesary no more .. might have him do a reinstall then ;)
[10:30] <henkjan> s/w raid + lvm rocks btw :)
[10:32] <_evert_> hi all
[10:33] <_ruben> henkjan: yup .. been using it for quite a while .. thought i'd get rid of the various mdX devices tho .. initialy i had md0: /boot; md1: /; md2: lvm; md3: swap
[10:33] <_ruben> root on lvm isnt a problem these days .. guess /boot remains a bit special
[10:34] <henkjan> it was just recently i discoverd the +lvm option. At first created way to much mdX devics (for every partition)
[10:36] <_ruben> hehe
[10:43] <soren> Does anyone know how to move around extents on a physical volume? I want to shrink a pv, but it won't let me because it (in its infinite wisdom) apparantly alloceted a few of the very last extents on the pv.
[10:44] <soren> Or if I could just figure out *what* is allocated there, that would also be helpful.
[10:47] <soren> *headdesk*
[10:48] <soren> dmsetup table ftw
[10:51] <_ruben> what's "recommended" method for building 32bit packages on a 64bit host (also taking in account the output of uname, kernel versions, etc)?
[10:51] <_ruben> i want to create some sort of sandbox on a 64bits host in which to be able to build 32bit stuff .. or is a vm the desired approach?
[11:08] <nijaba> _ruben: why don't you use PPA?  it should do the cross arch building for you...
[11:16] <faulkes-> morning
[11:26] <sergevn> faulkes-: morning
[11:41]  * _ruben googles for ppa .. seen it mentioned numerous times, no clue what it is ;)
[11:42] <_ruben> ah, but wouldnt using ppa slow down the whole process, can imagine there's a queue you'd have to wait on
[11:45] <faulkes-> iirc you can build your own cross compiling environment although I don't think ubuntu has anything out of the box which does that
[11:45] <faulkes-> and certainly, if you create a 32bit vm, that would make things quite easy
[11:49] <_ruben> vm will probably be the way to go .. especially on the longer term .. later this year i'll be deploying a vmware esx environment
[11:50] <_ruben> my current vmware machines have some performance issues disk/cpu wise
[11:57] <soren> _ruben: Setting up a pbuilder is not very difficult.
[11:57] <soren> _ruben: There's certainly a howto on the wiki somewhere.
[11:58] <soren> _ruben: #ubuntu-motu is a goot place to start.
[12:01] <_ruben> hmm .. hylafax is in ubuntu .. hylafax+ isnt .. there a source tarball/deb/rpm/srpm avail .. no mention on how to build your own .deb .. bah
[12:01] <_ruben> ok .. lets look at pbuilder
[12:02] <_ruben> pbuilder looks rather trivial
[12:02] <_ruben> ccache looks nice as well
[12:47] <mok1> Grrr. My nismaster can't bind to YP server :-/
[12:48] <normanm> hi all , I'm using ldap to store user / groups . Now i want to allow all users ( ldap ) in a specific group ( ldap ) to execude all commands via sudo . so i added the %group config stuff to suoders file. But sudo just keep telling me that the user was not found in sudoers file. if i add the username directly it works. Any ideA ?
[12:48] <mok1> normanm: look in /etc/nsswitch.conf
[12:49] <zul> morning
[12:49] <mok1> morning, zul
[12:49] <normanm> mok1, there is allready: sudoers: file ldap
[12:49] <mok1> normanm: what if you move file behind ldap?
[12:50] <normanm> mok1, same
[12:51] <normanm> maurer is not in the sudoers file.  This incident will be reported.
[12:51] <mok1> normanm: id maurer?
[12:52] <normanm> mok1, its works via ssh and login
[12:52] <normanm> root@dmz-pf:~# id maurer
[12:52] <normanm> uid=10000(maurer) gid=20000(staff) groups=20000(staff),20002(website),20003(fwadmin)
[12:53] <mok1> normanm: ... and you have %staff in sudoers I guess
[12:53] <normanm> mok1, yes:
[12:53] <normanm> %staff  ALL=(ALL)       ALL
[12:55] <mok1> normanm: weird. That gid number is awfully high though. Perhaps there is some convention for that?
[12:55] <mok1>  For example, if uid < 1000, lots of things dont work right
[12:55] <mok1> (for users)
[12:57] <normanm> mok1, you are right...!
=== cjwatson_ is now known as cjwatson
[12:57] <normanm> it works with 2000
[12:57] <mok1> normanm: heh! It'd be nice to know where that is documented...
[12:58] <normanm> mok1 true.. I not found any docs telling so
[13:24] <ScottK> faulkes-: You are a youngster, BTW.
[13:25] <sommer> morning all
[13:25] <kgoetz> hey :)
[13:44] <nijaba> morning sommer
[13:44] <nijaba> faulkes-, sommer: limesurvey bug just fixed.  Will open testing soon
[13:47] <sommer> cool :)
[14:00] <coNP[uni]> Hey everyone!
[14:01] <coNP[uni]> What should I make to start iscsi before mounts?
[14:01] <coNP[uni]> (Ubuntu Gutsy)
[14:02] <kgoetz> er, whats your question?
[14:04] <coNP[uni]> I want to mount a filesystem from an ISCSI disk
[14:04] <coNP[uni]> But it seems that fstab entries are mounted _before_ open-ISCSI service is started
[14:05] <mathiaz> coNP[uni]: that may be a bug in open-iscsi then.
[14:05] <kgoetz> most likely yes.
[14:05]  * coNP[uni] tries something else first
[14:05] <mathiaz> coNP[uni]: when is open-scsi started ?
[14:05] <kgoetz> isnt iscsi done in kernel? filesystems need to be mounted to load most modules
[14:06] <mathiaz> kgoetz: the iscsi module should be in the initrd
[14:08] <kgoetz> mathiaz: i'd more or less agree.
[14:08] <coNP[uni]> Actually we also need to start the ISCSI service
[14:08] <coNP[uni]> So that /dev/sd? becomes available
[14:38] <clusty> is there a mod_gzip apache module package?
[14:38] <clusty> can't seem to find it
[14:41] <zul> libapache-mod-gzip or something
[14:41] <coNP[uni]> are you sure an external module is needed?
[14:45] <clusty> quite sure
[14:46] <clusty> at least for suse i needed one
[14:46] <clusty> i better just try :D
[14:47] <clusty> there is nothing in mods-available
[14:50] <clusty> there is a mod_deflate
[14:50] <clusty> think that replaces it
[17:16] <AnRkey> how can i get my intell dp35dp board to work with raid 5 and Ubuntu server?
[17:33] <mathiaz> dantalizing: are you working on the monthly report ?
[17:40] <dantalizing> mathiaz: i am
[17:40] <mathiaz> dantalizing: great. Thanks for doing this work.,
[17:41] <dantalizing> my tiny tiny contribution
[17:41] <mathiaz> dantalizing: As you may have noticed I've brought up the question of status reporting during last meeting.
[17:41] <mathiaz> dantalizing: I'd like to stream line the process of reporting so that everything is integrated nicely.
[17:41] <dantalizing> i did see that in the minutes, i missed most of the last meeting due to my  own meetings
[17:41] <mathiaz> dantalizing: np.
[17:42] <mathiaz> dantalizing: so - the idea is to ask members to update a wiki page with status on their work done during last week
[17:43] <mathiaz> dantalizing: could we use the ReportingPage to do that ?
[17:43] <dantalizing> yeah, that'll be better than trying to cull what is going on from IRC and minutes
[17:43] <dantalizing> definitely
[17:43] <mathiaz> dantalizing: I've looked over the MonthlyReports.
[17:44] <mathiaz> dantalizing: the mobile team does a report using section per week.
[17:44] <mathiaz> dantalizing: I think that's a bit too precise.
[17:44] <mathiaz> dantalizing: so I thought about having a section for each week on ReportingPage
[17:45] <mathiaz> dantalizing: and then when we prepare the monthly report we just collapse the section into one and merge activities reports
[17:45] <dantalizing> mathiaz: ok
[17:45] <mathiaz> dantalizing: so that the monthly report is a summary of the weekly reports.
[17:46] <dantalizing> mathiaz: ok
[17:46] <mathiaz> dantalizing: so the workflow would be to copy MonthlyReports to Archive/Month
[17:46] <mathiaz> dantalizing: do the editing in Archive/Month
[17:47] <mathiaz> dantalizing: and copy Archive/Month in the MonthlyReport
[17:47] <mathiaz> dantalizing: does this work for you ?
[17:47] <dantalizing> mathiaz: sounds good
[17:48] <dantalizing> mathiaz: you own it, so its up to you.. i'm just helping out...
[17:48] <mathiaz> dantalizing: great !
[17:48] <mathiaz> dantalizing: I'll document the process.
[17:48] <dantalizing> i can do this, np
[17:48] <mathiaz> dantalizing: well - you do the real work...
[17:48] <mathiaz> dantalizing: so you know what's needed and how to improve the process
[17:49] <dantalizing> mathiaz: so each section of the roadmap will have an update, theoretically, correct?
[17:49] <mathiaz> dantalizing: yes
[17:49] <mathiaz> dantalizing: I'll keep the ReportingPage up to date
[17:49] <mathiaz> dantalizing: with a list of sections where status reporting is needed
[17:50] <mathiaz> dantalizing: and before each meeting I'll send an email asking developers to update the section.
[17:50] <dantalizing> mathiaz: so we'll have to add a section for things like the mentoring program... an 'other' or 'miscellaneous' to catch stuff outside the roadmap
[17:50] <mathiaz> dantalizing: correct.
[17:50] <dantalizing> mathiaz: ok, np
=== cjwatson_ is now known as cjwatson
[19:36] <electrolite> hello all
[19:42] <electrolite> anyone know if the apache2.2.4-3build1 ubuntu .deb pkg has an issue with mod_ldap? As soon as I enable the authnz_ldap.load mods-enabled, apache flakes with this error "[Fri Feb 22 14:07:45 2008] [error] Module mod_ldap missing. Mod_ldap (aka. util_ldap) must be loaded in order for mod_auth_ldap to function properly". I think it be that the aforementioned ubuntu deb pkg wasn't compiled with mod_ldap parameter enabled? Any ideas?
[19:45] <sommer> electrolite: do you have libapache-mod-ldap installed?
[19:45] <sommer> and enabled
[19:46] <electrolite> let me check real quick...
[19:46] <mathiaz> electrolite: make sure it's enabled.
[19:46] <mathiaz> electrolite: libapache-mod-ldap is not what you want
[19:46] <mathiaz> sommer: it's for apache 1.3
[19:46] <mathiaz> sommer: for apache2, you'd have to look for libapache2-mod-ldap
[19:47] <sommer> mathiaz: ah, seemed the most likely from apt-cache search apache | grep ldap
[19:47] <mathiaz> sommer: but that doesn't exist because the ldap module is part of apache2 IIRC
[19:47] <sommer> mathiaz: gotcah
[19:47] <mathiaz> sommer: right. libapache == 1.3 - libapache2 == 2.2
[19:51] <electrolite> yep, it is for 1.3.....
[19:52] <electrolite> I think that mod_ldap is a compile switch that wasn't set on the precompiled binary pkg from the ubuntu repository for the apache2.2.4-3build1 pkg
[19:52] <electrolite> I'm trying to see if there's something I've overlooked before I'm forced to download the source for apache and compile it myself
[19:54] <mathiaz> electrolite: which swith are you talking about ?
[19:55] <mathiaz> electrolite: --with-ldap=yes is used to configure apache2
[19:57] <electrolite> Yep...I don't think that is enabled in the the .deb in the ubuntu repository. I'm trying to load authnz_ldap.load and it's dependent on mod_ldap
[19:58] <electrolite> I think that they (ubuntu apache2.2.4-3build1 developers-pkg makers) didn't include --with-ldap=yes
[19:59] <electrolite> I'm running ubuntu 2.6.22-14-server
[20:00] <mathiaz> electrolite: did you enable the ldap module ?
[20:00] <mathiaz> electrolite: there is a ldap.load in /etc/apache2/mods-available/
[20:00] <electrolite> yep...let me confirm it's enabled
[20:00] <mathiaz> electrolite: is there a symlink /etc/apache2/mods-enabled/ldap.load ?
[20:06] <electrolite> there is now. excuse me while I go bury my head in the sand.
[20:07] <electrolite> Thank you Mathiaz....apparently, I missed the ldap.load sym link.
[20:08] <electrolite> apache is loading now.
[20:08] <electrolite> my conf file's wrong...but that's ok...I'll fix that now. Thanks
[20:18] <achandrashekar> Hi posted up on a ldap issue causing my system not to boot. Hangs on klog. It appears to be posted up on bug reports. Can someone help out?
[20:35] <mathiaz> sommer: what do you think about the ServerGuy wiki page ?
[20:35] <mathiaz> sommer: s/Guy/Gui/
[20:36] <sommer> mathiaz: I think it's okay, still pretty rough
[20:36] <mathiaz> sommer: I think it's ok. I've just quickly read it and it's good.
[20:36] <mathiaz> sommer: I think we can remove it from the Roadmap or may be ask for a review ?
[20:37] <sommer> mathiaz: no I think it covers what we were looking for... I've actually been meaning to remove that :-)
[20:37] <mathiaz> sommer: ok - I'll remove it.
[20:37] <sommer> cool thanks
[20:38] <mathiaz> sommer: could you add a section about in the ReportingPage ?
[20:38] <sommer> sure
[20:38] <mathiaz> sommer: https://wiki.ubuntu.com/ServerTeam/ReportingPage
[20:39] <mathiaz> dantalizing: I've reorganized the ReportingPage a little bit.
[20:39] <mathiaz> dantalizing: I've moved all the archived report directly under ReportingPage/
[20:40] <mathiaz> dantalizing: I've also update the ReportingPage for the month of March and start asking people to update the wiki page with what they're doing.
[20:40] <mathiaz> dantalizing: so the content of the page is about the month of March
[20:40] <mathiaz> dantalizing: for the month of February, you still have to go through the meeting minutes I've sent.
[20:42] <sommer> mathiaz: report updated
[20:48] <mathiaz> sommer: awesome - Thanks ! :)
[20:48] <sommer> welcome
[21:06] <dantalizing> mathiaz: ok, i'll the report updated soon
[22:14] <mindframe-> is there anything in ubuntu that would affect firefox sending dns requests through a socks5 proxy?
[22:14] <mindframe-> no matter how i configure firefox or foxyproxy dns requests are still done on the client side