osmosisi downloaded nltk_lite , and python setup.py install  fails with the error "please install the python-tk package".  Why in gods name would I install a gui toolkit package on my head less server ?00:02
rhineheart_mhello. how to install mod_fastcgi?00:52
AtomicSparki have this old netserver, duel pII (unknown speed) 256 pc100 ram 2x 8gb scsi hd. any ideas of something nifty to do with it?00:53
kgoetztake over the world!00:54
kgoetzosmosis: because it depends on it.00:54
rezman7haha, im back00:55
osmosiswell...i realized x11-common  isnt actually that bit.  i thought it was all of xorg00:55
rezman7im pretty sure my card is friend00:55
kgoetzosmosis: no, your safe :)00:55
AtomicSparki was thinking of just installing a LAMP server on it but i dont really trust it holding anything valuable lol. maybe a caching server of some kind. hmm.00:58
kgoetzIBM netserver? that would be reliable as the earth01:00
AtomicSparkkgoetz: maybe. i just don't trust these drive lasting. i mean they're used and old. ha.01:01
AtomicSparki got it for 8 dollars :D01:02
kgoetzAtomicSpark: you'd be supprised. its all server grade gear, so expect it to outlast your new shiny desktop01:03
AtomicSparkkgoetz: heh. but anyways, its not enough space to store files. what else could i do with it? dns/website caching usually only helps on large networks.01:04
AtomicSparkI could set it up to randomly portscan ip addresses. ha.01:04
kgoetzAtomicSpark: WTF do you want to store in your website?01:05
kgoetz16 gig is massive01:05
AtomicSparkkgoetz: i ment it was small to store files01:05
AtomicSparklike file sharing. :P01:05
kgoetzi still maintain its massive :)01:06
AtomicSparkyeah. a raid 5 with 6 x 80GB harddrive is massive. lol.01:06
AtomicSparkwish it had all the parts. its missing almost every fan. :'(01:08
kgoetzAtomicSpark: i could potentially be imprssed if i wasnt sitting next to 50TB of raid :p01:09
AtomicSparkgot LVM on it?01:09
kgoetznah, a proprietary filesystem01:10
AtomicSparki see LVM being nice even if you didn't add harddrives, it would be easy to re-size partitions.01:11
kgoetzas long as its on a healing raid its ok01:12
AtomicSparkdepending if the alt-cd for hardy works, i'll put encrypted LVM on my laptop.01:12
=== kraut_ is now known as kraut
rhineheart_mcan you recommend DMZ setting to ubuntu box?01:29
sommernealmcb: ubuntu-vm-builder is used to create jeos correct?01:39
sommeror anyone who may know01:41
rhineheart_msommer: can you recommend DMZ?01:43
sommeruh... as in a firewall?01:43
sommerare you asking for the best way to deploy a production Ubuntu server?01:44
sommerI guess it depends on what services you plan on running01:44
sommerand which clients need access to them01:44
rhineheart_mI will run email DNS and website services01:45
sommerwill it be accessed from the internet?01:45
sommeror just by internal clients?01:45
rhineheart_maccessible from the internet01:46
sommerin that case I'd look at dedicated firewall hardware01:46
sommercisco pix, sonicwall, etc01:46
puffsommer: Or run a firewall distro of linux.01:46
sommersure that too01:46
sommerbut I'd recommend running that on different hardware than your server :-)01:47
puffrhineheart_m:  As I said earlier, my comments were assuming you are running a separate firewall between your DMZ server and the public internet, and between your DMZ server and the private internet.01:47
rhineheart_mI have firewall by cisco..01:47
faulkes-the dmz usually sits between two firewalls fw->dmz->fw01:48
rhineheart_mcan Linksys do that? I have wrt54g01:49
AtomicSparklawl spam01:50
nxvl_workfaulkes-: or in a firewall with 3 network cards01:50
nxvl_work(one for internet, other for DMZ and the 3rth for LAN)01:50
AtomicSparkdmz is usually pointed to a server you want FULL ACCESS publicly. webserver etc. no secure info should be on it.01:50
AtomicSparkif you need dmz to open ports, you should rather just forward the ports you want instead of opening it wide open.01:51
rhineheart_mThanks AtomicSpark for that.  But can the internet break the way firewall has been set by CISCO?01:52
faulkes-Atomic: not neccesarily, take in point a java app server, where requests may all come into port 80 but it has tons of other ports it uses, like 808001:52
AtomicSparkno. infact if you have nothing forwarded on your router, your network is pretty save. nat hides all internal stuff :P01:52
AtomicSparkfaulkes-: those are ports set up by outgoing connections. dont have to worry about those.01:53
faulkes-I think we'll have to agree to disagree on that ;)01:53
nxvl_workfaulkes-: it depend on the net and the services you are running01:54
faulkes-nxvl: correct01:54
nxvl_workthere is no recipe for DMZ's, every network is different01:54
faulkes-and every network is generally different, with different requirements01:54
* nxvl_work HUGS faulkes-01:54
rhineheart_mIn my case.. I disabled Filter Internet NAT Redirection since If it enabled.. I can not access the box in the inside...01:54
AtomicSparkmaybe instead of asking how to enable dmz, tell us what you are trying to set up.01:54
AtomicSparkssh from internet?01:55
nxvl_workrhineheart_m: if we don't know your network, what it runs, and what you want we can't say you how to do things01:55
rhineheart_mpuff: I do ssh from the internet..01:55
nxvl_workrhineheart_m: try to ask more specific questions01:56
rhineheart_mnxvl_work: Again I said, I want to run website (80), ssh, email services...and I guess DNS too01:56
nxvl_workthat still says nothing to me :D01:57
AtomicSparkah. are you running this from a linux machine?01:57
nxvl_workyou are going to use a 3 network firewall or fw->DMZ->fw->LAN01:57
AtomicSparki know we're in an ubuntu channel but i want to make sure :P01:57
rhineheart_myes. Ubuntu Gutsy Gibson01:58
AtomicSparknxvl_work: i still dont see why needs 2 firewalls and a dmz.01:58
nxvl_workwhich is your network topography? where is you LAN01:58
nxvl_workAtomicSpark: it depens on what you want to do01:58
nxvl_workAtomicSpark: let me find the graphics who expain it01:58
rhineheart_mInternet>>modem (bridge mode)>>router>>LAN01:59
AtomicSparknxvl_work: i'm getting a lan degree i know what you're talking about lol. i would keep it simple for him. just have him forward the ports from his router to the server.01:59
nxvl_workAtomicSpark: i also prefer that option -> http://www.grassouille.org/docs/graphics/dmz.png02:00
AtomicSparkhe has a wrt54g.. can't be running anything too large lol. he'll max out his connections.02:00
nxvl_workAtomicSpark: http://techrepublic.com.com/i/tr/cms/contentPics/5756029-DMZ-overview-A.gif <- that one02:00
AtomicSparkoh i see what you are saying. interesting.02:00
rhineheart_mhttp://www.grassouille.org/docs/graphics/dmz.png <<< is a good one..02:01
AtomicSparkthe first link shows using dmz to the server instead of port forwarding. i would just use port forwarding so you know you are only letting in what you want.02:01
AtomicSparkthe 2nd link is more enterprise class stuff. :P02:01
AtomicSparkbut yeah portforwarding vs dmz. just depends if you have problems.02:02
nxvl_workone time i deploy 3 firewalls for a client with 2 DMZ02:02
rhineheart_mAtomicSpark: yeah I got your point here.. but by default all ports are blocked in gutsy right?02:02
AtomicSparki would start with portfowarding 80, 22, whatever you need. if that doesnt work, just dmz.02:02
AtomicSparkby default there is no firewall set up.02:02
nxvl_workit was inet -> fw1 -> fw2 -> fw3 -> LAN, and a DMZ attached to fw's 1 and 202:02
AtomicSparkinfact i don't even think it has a firewall till hardy.02:02
nxvl_workit was crazy paranoid stuff02:03
AtomicSparknxvl_work: ha. someone would just DoS him instead of try to get in. :P02:03
nxvl_workrhineheart_m: i haven't see any default firewall installed on any ubuntu box02:03
AtomicSparkthere is no firewall in ubuntu. not till hardy and thats very simple. also disabled by default.02:04
rhineheart_mreally? that's the way information displayed in the ubuntu website02:04
AtomicSpark"The Ubuntu Server has no open ports after the installation and contains only the essential software needed to build a secure server"02:05
rhineheart_m"A key lesson from its Debian heritage is that of security by default. The Ubuntu Server has no open ports after the installation and contains only the essential software needed to build a secure server."02:05
AtomicSparkwell thats because a "default install" has no LAMP installed. no apache, mysql, etc. :P02:06
AtomicSparkbut hmm. thats interesting. i never had to open ports. let me check.02:06
pwnguini dont quite get the point of a firewall02:06
nxvl_workrhineheart_m: it has no open ports because it has no services running :D02:06
AtomicSparkyeah. i'm thinking thats what it means.02:07
pwnguinif you have an open port, wouldn't you want it publicly accessible?02:07
rhineheart_mpwnguin: just like if you restrict people from entering your house.. you need to build a gate with a lock02:07
nxvl_workpwnguin: not always02:07
nxvl_workpwnguin: i always run mysql server listening only localhost02:07
AtomicSparkpwnguin: most firewalls are used to block the port from outside your router or select which ips can or cant see it.02:07
nxvl_workAtomicSpark: but that's a separate firewall02:08
AtomicSparkbut if you dont portforward or dmz, most people dont need a firewall. in that case a firewall would just actively monitor traffic. see the bad things.02:08
pwnguini wouldn't mind a gui config tool to set up my ath0 as an AP though ;)02:08
pwnguinspeaking of crazy networking02:09
pwnguinanyone have a guide for myrinet on ubuntu?02:09
faulkes-Atomic: well, thats more IDS than firewall02:09
rhineheart_myeah.. I agree with that. unless it's a standalone computer.02:09
AtomicSparkyeah but firewall is thrown around so much. :P02:09
* faulkes- throws a firewall at Atomic02:09
nxvl_workpwnguin: i have do it a looooong ago i don't really remember how i did it02:10
rhineheart_mthis is my concept... internet>>firewall>>single PC.. can't see a point..02:10
nxvl_workpwnguin: but i remember it wasn't hard02:10
AtomicSparkrhineheart_m: internet >> router >> PC, profit!02:10
pwnguinnxvl_work: i tried a guide on the wiki, but i got some errors that might mean the hardware / driver doesn't support it02:10
pwnguinor did you mean myrinet?02:11
rhineheart_msorry.. what I meant.... internet>>>firewall>>>LAN>>>mutiple PCs02:11
AtomicSparklan as in... a switch?02:11
rhineheart_myeah.. switch.. sorry.. it was vague02:12
AtomicSparkhmm. well in your use case i dont think you need a dedicated hardware firewall.02:12
AtomicSparkbut i guess it's up to you.02:12
rhineheart_myeah.. but my router has firewall in it..02:13
AtomicSparkmost people dont buy one unless they're buying other nice eqipment too. hp switches, enterpise routers, etc.02:13
AtomicSparkwell. kindof. its mostly just nat protecting you.02:13
AtomicSparkhome "routers" have a router, switch, dhcp, dns, firewall, etc all built in.02:13
AtomicSparkbut each one is very limited.02:13
AtomicSparkyou should of gotten the wrt54gl so we could make you put linux on it :D02:14
pwnguinit comes with linux on it :P02:14
rhineheart_mI see.. but I can't get that version here..02:15
AtomicSparkyou use their firmware or third party? the newer g's you cant flash.02:15
faulkes-wait, did you just say "nice equipment" and "hp switches"?02:15
* faulkes- runs02:15
AtomicSparkhaha.  don't like procurves?02:15
pwnguinthe L in gl stands for linux :P02:15
rhineheart_myeah.. its version 7 so m sure I can't flash it with linux firmware02:15
* faulkes- loves his cisco gear02:15
AtomicSparkoh boy. fan boy.02:16
AtomicSparklook out.02:16
kgoetzno joke.02:16
faulkes-nah, I don't have a choice in that area02:16
kgoetzjust get a managed hub :p02:16
faulkes-I just what I'm given02:16
AtomicSparkdid you just say hub?02:16
faulkes-just use02:16
faulkes-a managed one at that02:16
AtomicSparkno smart person would ever buy a hub. the only reason you use a hub is to "hub out" so you can find network problems.02:17
kgoetzAtomicSpark: yeah. i have a pile of them02:17
faulkes-does that come with a sherpa to hookup all your bnc connectors?02:17
AtomicSparkyou ment managed switches.02:17
rhineheart_mbut what's the risk if Filter Internet NAT Redirection  is enabled?02:17
* faulkes- runs02:17
AtomicSparki dont even know what that means.02:17
* AtomicSpark checks my router.02:17
kgoetzno, i meant managed hubs02:18
faulkes-rhinheart: without understanding what the vendor means by "Filter Internet NAT Redirection" it's hard to say02:18
kgoetzand the only bnc is the backhaul02:18
pwnguinhubs have their users02:18
pwnguincheap broadcast!02:18
AtomicSparkyeah. for hubbing out. lol.02:18
* faulkes- unterminates kgoetz02:19
AtomicSparki think that means nat loopback?02:19
AtomicSparkyou want that.02:19
rhineheart_mThis feature uses Port Forwarding to prevent access to local servers from your local networked computers. <<got from their documentation..02:19
AtomicSparkugh.. if its nat loopback, you want that.02:19
AtomicSparki always connect to my server using the public ip, even if i am on the inside.02:19
AtomicSparklets you know your outside connection still works lol.02:20
rhineheart_mokay. so I will need that one..02:20
pwnguini just use hostnames02:20
pwnguinssh tomato02:20
AtomicSparki googled it.02:20
AtomicSparkit said :  If you turn this off, it will allow you to access the server on your02:20
AtomicSparklocal network using the Outside (Internet) IP address.02:20
AtomicSparkIf you turn it on, it will block access to the server using the Outside02:20
AtomicSparkIP, but still allow by using the Internal (LAN) IP.02:20
rhineheart_mbut won't it compromised the files  and printers sharing in  a windows environment?02:21
AtomicSparkpwnguin: you use tomato firmware?02:21
pwnguinAtomicSpark: yea02:21
pwnguinAtomicSpark: it has its moments02:21
AtomicSparkgood man. tomato rocks hard!02:21
pwnguinthe pppoe stuff is shaky02:22
pwnguinsometimes it loses the password02:22
AtomicSparklol. havent had that problem.02:22
pwnguinlemme tell you. that's fun when nobody is still around in the apartment when it was set02:22
AtomicSparkhave you tried updating? there has been new versions lately.02:22
rhineheart_mYeah...  I have that too.. PPPOE... my dialer was set in the router..02:22
pwnguinits a bit challenging to find a time when nobody's using the net02:23
pwnguinand im awak02:23
AtomicSparkit only cuts the internet when you reboot. it would take like 10 secs. :P02:23
rhineheart_mnope.. it won't. as long as you didn't cut the power source to the modem02:24
pwnguin10 seconds is ages when your addicted to WoW apparently02:25
AtomicSparkhaha. just do it anyways. screw em.02:25
rhineheart_mI just wondered why my box can't send and receive emails...from and to the internet..02:27
rhineheart_mI forwarded already port 25 to the box.. (mmmm....got an idea?)02:27
rhineheart_mthis is the last issue that ubuntu gives me pain..02:28
AtomicSparkyou need 25 and 11002:28
AtomicSparkis it using imap? then you have to use 143 lol.02:29
rhineheart_mhey.. how can I check if what ports will I need to be opened?02:29
rhineheart_mows..he left.02:30
kgoetzyou wont need to open up any ports as a client, only as a server02:31
rhineheart_mbut it can't still receive nor send02:33
kgoetzwhat do your error logs say?02:34
kgoetzand what cant send/recieve?02:34
AtomicSparkso any other ideas on what to do with a old hp server?02:41
kgoetzhow old?02:42
AtomicSparkhp netserver. duel pII 256 MB ram02:42
faulkes-fileserver if it has enough disk02:43
faulkes-I have a g4 350mhz / 512 ram acting as my squid proxy02:43
AtomicSpark~18 GB02:43
faulkes-does just dandy02:43
faulkes-same amount of disk for me02:43
AtomicSparkwhat would a proxy do for me? :P02:43
faulkes-I generally don't keep a large media library though02:43
kgoetzspeed up your connection?02:43
AtomicSparkhow so? i never used one before.02:44
faulkes-certainly, if you got to alot of specific sites often, it can speed things up02:44
AtomicSparkoh. like caches things?02:44
faulkes-caching of images, etc..02:44
pwnguinman, five minutes is a long time to wait wondering if you survived a remote reboot02:44
AtomicSparki have a 10MB connection :P02:44
faulkes-or, if you are like me and have a 14yr old niece who loves youtube and msn and all that, you can force her through the proxy and limit her bandwidth02:45
* faulkes- whistles innocently02:45
faulkes-pwnguin: db9 getty to a remote terminal server ;)02:46
* faulkes- loves his 2511's02:46
pwnguinwell, my systems are free02:46
pwnguincan't complain about that02:46
faulkes-true that02:46
pwnguinfor i had just about assumed id have to speak with the cluster admin tomorrow02:47
faulkes-get with the times man, it's an age of immediate gratification!02:47
faulkes-BOOT NOW!02:47
kgoetzand finish your fsck in 8 hours :)02:48
pwnguin[  195.006711] CFI: Found no "amd76xrom" @fff60000 device at location zero02:48
faulkes-kgoetz: 8hrs is entirely too long, I'd have finished the bottle of scotch by then02:48
pwnguinthat times a billion02:48
kgoetzfaulkes-: :)02:49
faulkes-not that my employer would care02:49
pwnguinnow to set up an launcher that connects to these remote screens02:50
faulkes-"can you admin a box in that state?" ..."yess, sirrrz"02:50
pwnguinim thinking melon cad02:50
faulkes-hmmm, maybe I'll play with qemu and 8.04 alpha server tonight02:53
faulkes-Atomic: also, if you are connecting wirelessly to your router, I've found that by using a local internal lan proxy, my transfer rates go up by about 100k02:54
faulkes-that might not be an issue for other folks, but hey, I'm not complaining02:55
rhineheart_mhow to completely remove postfix and its configuration files?03:01
kgoetz--purge remove03:03
rhineheart_mand got this: dpkg - warning: while removing postfix, directory `/var/lib/postfix' not empty so not removed.03:05
rezman7has anyone ever messed with a counter strike server?03:05
ScottKrhineheart_m: sudo dpkg -P postfix03:06
ScottKrhineheart_m: Then manually remove stuff like that that's left behind.03:06
rhineheart_mhow about to completely remove dovecot?03:07
rhineheart_mI just want to install and configure squirrelmail from scratch03:07
ScottKSimilar procedure.03:08
kgoetzrhineheart_m: removing postfix to work on squirrelmail sounds like a lot of work ;)03:08
rhineheart_mkgoetz: but I don't have choice.. I can't really have it to work03:10
kgoetzrhineheart_m: postfix and squirrelmail (and apache) are seperate problems03:10
rhineheart_mkgoetz: what should be entered in Root and postmaster mail recipient:  ?03:12
kgoetzrhineheart_m: your users login, or your email address03:12
rhineheart_mkgoetz: can't get you..03:13
kgoetzrhineheart_m: in what way?03:13
rhineheart_mlike webmaster@chicken.com?03:13
rhineheart_mkgoetz: okay.. I will try...this should be the last try..or else..mmm...don't know If I will configure postfix and its related apps for squirrel03:15
kgoetzyou *dont* need to configure postfix for squirrelmail. its nothing to do with postfix03:15
rhineheart_mokay..so what I need then?03:16
kgoetzsquirrelmail, apache and an imap server03:16
kgoetzdovecot probably works ( i use courier)03:16
rhineheart_mokay.. but I guess I still need it for my drupal site...right?03:17
kgoetzneed what for drupal?03:17
rhineheart_mregistration confirmation, lost password...like that03:17
kgoetzyou'll probably need a mailserver of some sort for that (i dont use drupal myself)(03:18
rhineheart_mbut postfix is a mailserver right?03:19
AtomicSparkanyone know of a free ldap service? like a simple replacement for AD/NetWare?03:24
AtomicSparkjust for single log ons.03:25
AtomicSparkyeah. have you used it? i've heard of it. :P03:25
kgoetzyes, i'm currently trying to make a squirrelmail plugin work with it03:26
AtomicSparkthats cool. i have a small network at work. didnt need all the overhead of small business server so i switched to linux, but miss single logons. :(03:27
AtomicSparkill check out openldap server.03:27
kgoetztook us a while, but we got an almost-single signon here.03:28
kgoetzits all against the one database, so i guess its a start03:28
faulkes-likewise-open + openldap now03:28
AtomicSparkyeah. basically i want a single place to manage users. then the clients get that info. you know. like how AD and netware work lol.03:28
kgoetzopenldap does it03:29
faulkes-Atmic: likewise-open + openldap would be the thing03:29
AtomicSparkgood deal.03:29
kgoetztheres a bunch of directory servers available - fedora directory server is the other free one that springs to mind03:29
kgoetzfaulkes-: which means ?03:29
faulkes-likewise-open iirc is the client side single-signon portion03:30
faulkes-for linux03:30
AtomicSparkah. the problem is, i have a mix of linux and windows clients.03:30
faulkes-which is what openldap is for03:30
faulkes-one is for sign-on, one is for storing credentials03:30
faulkes-openldap stores the credentials03:31
kgoetznever heard of likewise-open before03:31
faulkes-openldap == active directory03:31
AtomicSparkis it all command line?03:31
kgoetzfaulkes-: so it only works with AD?03:33
faulkes-eh? no, of course not03:33
AtomicSparkwill openldap work with fake domains? like domain.local?03:34
faulkes-not that I know of03:34
faulkes-Atomic: yes03:34
faulkes-kgoetz: openldap is meant as a replacement of AD, well, to a certain extent03:35
kgoetzfaulkes-: no, its a Directory implimentation.03:35
kgoetzand it *doesnt* work the same a lot of the time03:35
faulkes-but we're talking sign-on here03:36
faulkes-if you can sign-on to openldap via windows, signing on to openldap via linux (using likewise) should not be an issue03:36
faulkes-it may be, I havent tested it, but I am following it to a logical extent03:36
kgoetztheres a libpam-ldap module (not used it directly, just libpam-radius)03:37
kgoetzwhich you can use for auth on ldap (openldap and AD iirc), which is shipped in universe03:38
rhineheart_mkgoetz: you said earlier that you use imap server (courier) for squirrel?03:38
kgoetzrhineheart_m: yes03:38
rhineheart_mkgoetz: okay.. how to install it?03:38
kgoetzrhineheart_m: apt-get install courier-imap03:39
kgoetzsurely you could have worked that out o_003:39
faulkes-rhineheart: there is significant documentation avaiable at https://help.ubuntu.com/community/Servers03:39
AtomicSparkis there any good tools to configure openldap? manually editing the files seems risky. :\ especially if i dont know what i am doing haha.03:40
rhineheart_mthanks faulkes m into it now..03:40
kgoetzAtomicSpark: install ldapvi and ldap-tools03:40
AtomicSparkalright ill write that down. i might just use ubuntu on my machine. centos5 seems to not like me.03:41
faulkes-I really need to start saving and buy a fully loaded dell XPS laptop03:41
rhineheart_mkgoetz: I have it installed already (courier-imap). what's the next? how to configure it to work with squirrel?03:42
AtomicSparki have a compaq 6820s. i like it. cant ubergame on it but it works nice.03:42
faulkes-Atomic: well, part of it would be for gaming, but the other half would be my dev machine, which needs lots of ram/hp and portability03:43
kgoetzrhineheart_m: read the doco in /usr/share/doc/squirrelmail[-doc]/ and /usr/share/doc/courier-imap/ and...03:44
rhineheart_mkgoetz: I can't see any documentation there for courier-imap03:47
rhineheart_mkgoetz: /usr/share/doc/courier-imap03:47
faulkes-rhine: ls /usr/share/doc/co <tab> and see what it lists03:49
kgoetzrhineheart_m: short version( i'll leave you to find the details in the ubuntu guides): install courier/squirrelmail. configure courier to auth on ldap, configure squirrelmail to auth on courier03:49
kgoetzi have a number of dirs for `ls /usr/share/doc/courier-*`03:49
rhineheart_mkgoetz: are you trying to tell me that I need LDAP for this purpose?03:51
faulkes-no, courier/squirrelmail can auth against local pw's iirc03:51
faulkes-i.e. /etc/passwd03:52
faulkes-all depends on how you set it up03:52
kgoetzyes they can03:52
kgoetzor mysql.03:52
kgoetz The available modules you03:52
kgoetz# can use are: authuserdb authpam authpgsql authldap authmysql authcustom authpipe03:52
kgoetzso anything you can auth pam against you can auth squirrelmail against03:53
* kgoetz is authing on pam for his courier03:53
rhineheart_mkgoetz: so..what should I do to configure courier to auth on ldap, configure squirrelmail to auth on courier?03:56
rhineheart_mkgoetz: I can't find a documentation on how to configure the two of them03:57
rhineheart_mkgoetz: and I got this error: ERROR: Connection dropped by IMAP server.03:58
faulkes-"aptitude search courier"03:58
faulkes-p   courier-doc                                                      - Courier Mail Server - Additional documentation03:59
faulkes-if the beginning of that like doesn't start with "i"03:59
faulkes-do "sudo apt-get install courier-doc"03:59
faulkes-which should provide you with the /usr/share/doc/courier-* docs04:00
kgoetzrhineheart_m: configured courier, restarted it then run /usr/sbin/squirrelmail-configure ?04:00
rhineheart_mkgoetz: That's the problem.. I don't know how to configure courier...04:01
pschulz01kgoetz: I bet you can't get it working.04:03
kgoetzpschulz01: i can get his mail working or ours...04:03
pschulz01kgoetz: Don't make me hit you.. 'cause I can.04:04
pschulz01kgoetz: I think we got away with it.04:04
* kgoetz goes back to not working ^H^H working hard04:05
faulkes-I have a project plan that needs finishing04:05
* pschulz01 looks at mysql and goes *shudder*04:05
pschulz01faulkes-: Bye04:06
* faulkes- points pschulz01 at mysql-cluster04:06
* kgoetz thinks the aircon needs fixing04:06
pschulz01. it mught have been the air-conditioning.04:06
rhineheart_mkgoetz: I tried the instructions there.. but I can't login04:12
rhineheart_mkgoetz: I got this: * BYE [ALERT] Fatal error: Maildir: Permission denied04:12
kgoetzrhineheart_m: that error looks fairly self explanitory to me :)04:13
rhineheart_mkgoetz: that's the error I got..04:14
kgoetzrhineheart_m: does the maildir exist?04:15
kgoetz!pastebin | rhineheart_m04:16
uboturhineheart_m: pastebin is a service to post multiple-lines texts so you don't flood the channel. The Ubuntu pastebin is at http://paste.ubuntu-nl.org (make sure you give us the URL for your paste - see also the channel topic)04:16
kgoetz!private message | rhineheart_m04:16
uboturhineheart_m: Please ask your questions in the channel so that other people can also benefit AND help you. Please don't PM a user in the channel without asking first, some find it rude.04:16
AtomicSparkback on topic on openldap, how would you set up logon scripts. say i wanted all the users home folders on the server when they log in, can i do that? would it be easier to just have the mount a "home" folder?04:18
pschulz01AtomicSpark: That would be done somewhere in PAM.04:18
pschulz01AtomicSpark: Then is wouldn;t matter how they authenticated when they logged in.04:19
rhineheart_myes I have it there..04:19
kgoetzAtomicSpark: run `apt-cache search libpam` and look at the results, theres lots of cool things you can abuse pam to do04:20
rhineheart_mthis one: /home/webmaster/Maildir04:20
pschulz01rhineheart_m: Does it have any subdirectories in it?04:20
kgoetzrhineheart_m: does the user 'webmaster' exist? how is email getting pointed to them?04:21
rhineheart_mpschulz01: yes is has04:21
kgoetzrhineheart_m: pastebin your /etc/aliases file04:21
rhineheart_m# Added by installer for initial user04:22
rhineheart_mroot:   administrator04:22
kgoetzrhineheart_m: the *whole* file into a *pastebin*04:22
rhineheart_mthat's the whole file already with cat04:23
pschulz01rhineheart_m: 'webmaster' != 'administrator'04:23
AtomicSparkshould i install a DNS server? id just be using it for authentication.04:24
kgoetzAtomicSpark: hm?04:24
AtomicSparkwell. it would need it to be on a domain... :P04:24
pschulz01AtomicSpark: You shouldn't..  as long as other machines can find your LDAP server you should be fine. ie. you can use IP addresses.04:25
AtomicSparkhow do you configure the clients then?04:26
AtomicSparkoh hey i found info about likewise-open04:28
AtomicSparkheh i could always run a SMB server in KVM.04:30
* AtomicSpark hides04:30
pschulz01AtomicSpark: They access the LDAP server via IP address rather than host.domain04:31
AtomicSparkinteresting. but the windows machines wont beable to join an ip address. :P04:32
AtomicSparkbut a DNS server would be good. just have it forward queries. better then using the router.04:32
AtomicSparkmeh then i should put DHCP on the server too.04:32
kgoetzAtomicSpark: your confusing different sorts of domain04:34
AtomicSparkmaybe so.04:39
AtomicSparkso i can have windows and linux clients authenticate to the openLDAP server without a DNS server installed?04:39
kgoetzlinux yes, windows .... ##windows :)04:40
AtomicSparkwell my plan is to make a decent replacement for this inventory software we have that we will no longer support. then after thats gone we can make almost a full switch to linux.04:42
AtomicSparktis good :D04:43
kgoetzwhat sort of inventory? (out of intrest)04:43
AtomicSparkwe use this windows ap that runs off of access 97. they want way too much for updates and we only use it for inventory. no sales or whatever.04:45
AtomicSparkso a simple mysql database with a php frontend should be fine.04:45
kgoetzsounds like it would be perfect04:45
AtomicSparksince mysql is open, you can do neat stuff like display pictures on your website of your instock items. :D04:46
kgoetzAtomicSpark: more importantly, sine its open, the cost of migrating *away* is compartively tiny04:47
AtomicSparkhaha yeah.04:47
AtomicSparki cant even export the data from the fake access 97 thing :|04:48
* kgoetz is serious about the cost of migrating away btw04:49
AtomicSparkha. i wonder if there is any opensource inventory software that is a frontend for mysql or something. :P04:50
AtomicSparkill have to research this more04:50
nealmcbsommer: re: "nealmcb: ubuntu-vm-builder is used to create jeos correct?"  - well, some might get confused, given the jeos "cdimage" which is not made by ubuntu-vm-builder.  I'd say we could fix that by not distributing a jeos cdimage at all, and just distribute some vm images made by ubuntu-vm-builder, and call those jeos's for different purposes (web server, mail server, whaetever).  And I've heard support for that, but not much movement, exce05:03
AtomicSparkits interesting they have that. probably to support the big vmware boom lately. they should be pushing the KVM package they like so much.05:10
rhineheart_mI got this error: ERROR: Connection dropped by IMAP server.05:19
justinmiller87Hello all.06:42
justinmiller87I was wondering if I could get some assistance on something please.06:42
justinmiller87I'm attempting to access /var/www through FileZilla on a server I just setup. I am running proftpd, and created a shortcut to /var/www using ln -s. I can see the shortcut in FileZilla, but when I try to go into it I get Failed to retrieve directory listing.06:44
justinmiller87I got it figured out. I was doing my ln -s shortcut backwards.07:25
=== joerlend_ is now known as XiXaQ
puffjustYeah, I hate that.09:57
puffkgoetz: Yeah.  See thin09:58
puffkgoetz: Yeah, see http://catb.org/~esr/writings/cups-horror.html09:58
kgoetzah, an ESR link. this should be worth reading ;)09:58
puffAnd the funny thing is, ESR even makes mistakes.  "...what any non-technical user would do... Print Queue"10:00
puffANy non-technical user would say "print what?"10:00
puffHee... "If the designers were half-smart about UI issues (like, say, Windows programmers)"10:01
puffNote the back-handed compliment;  half-smart :-)10:01
kgoetzfedora core 1. thats goign back a bit10:04
puffAbout four years? Five?10:07
puffBtw, what he's talking about, fundamentally, is usability engineering;  the difference between spiffy popups and wizards and a UI designed for usability.10:07
kgoetzfive sounds right10:10
puffThis specific example also illustrates a principle I like to call "shallow complexity".10:10
puffIn other words, sometimes you're better off just letting people deal with complexity directly, and doing your best to keep that complexity shallow.  Instead, all too often people think they're "fixing" it by spreading it across a dozen popups and wizards.10:11
* kgoetz wonders how you configure cups without root :/10:30
* kgoetz says words about ubuntu10:30
MenZakgoetz: You can configure cups without root? :P10:45
kgoetzMenZa: dunno, but you have to be able to configure it somehow10:46
MenZaWell, there's a web-based thing for it10:48
kgoetzyep. but you need a login. what that is, i have no idea10:48
Jeeves_Usually, it is root, with the root password10:49
Jeeves_But you don't have that under Ubuntu :)10:49
kgoetzJeeves_: yes, hence the problem :p10:50
=== c_schmitz is now known as c_schmitz|away
sommerkgoetz: any user in the lpadmin group can configure cups... at least that's what I've found12:12
Kamping_Kaisersommer, using their username/password in the cups auth boxes? *sigh* i just got home :|12:12
Kamping_Kaisersommer, i'll try it out though, thanks12:13
\shguys, we need to do something with the mess of tomcat5.512:33
\shit needs a jdk and not a jre...and all packages providing java-virtual-machine, which is a suggests of tomcat5.5, are JREs12:33
Kamping_Kaiser\sh, hello12:36
\shhey Kamping_Kaiser12:37
Kamping_Kaiserhow are you going?12:37
\shKamping_Kaiser: good :) everything is green :)12:38
Kamping_Kaisernice :)12:39
* Kamping_Kaiser is finding the beta survey quite grueling12:47
Stonekeeperhi. Does anyone know if Gutsy/Hardy can support a 4TB partition or is that down to the FS? thanks.13:18
Kamping_Kaiserits filesystem specific13:21
Stonekeeperok thanks. what filesystem would you recommend for that amount of storage?13:23
Stonekeeperif i was to use say gutsy server.13:24
Kamping_Kaiseri think ext3 maxes at 4T. i belive the newer filesystems will handle it, but i'm a bit suspicious of them (eg reiser, zfs and all the trendy ones)13:25
Stonekeeperyes, i am too. Well, I'm getting 8x1TB and am going to mirror them so if i claim some space for swap and OS parition then I'm going to be <4T13:27
Stonekeeperok thanks Kamping_Kaiser for your time. I'm happy I can use ext3.13:30
Kamping_KaiserStonekeeper, no problem13:31
StonekeeperKamping_Kaiser: sorry, forgot to ask: I'll be getting 32G Ram too. Will that mean I'm forced to use 64bit?13:33
Kamping_KaiserStonekeeper, yes13:33
Kamping_Kaiserfark. i just finished the beta survey *heh*. 1 hour.13:34
Stonekeeperthanks Kamping_Kaiser13:41
CrummyGummyHiya, Anyone using supervise?13:43
_rubeni do, but not on ubuntu (yet)13:47
_rubenand probably wont13:47
CrummyGummyAny ideas what could be causing this? Does java just react wierdly to signals?13:51
henkjanCrummyGummy: what do you mean?13:52
CrummyGummyErm, maybe the stuff I typed didn't get through...13:53
CrummyGummydaemontools starts progs with no probs but when I restart/kill my java servers it just spawns another one. I had a similar problem with start-stop-daemon. That was wierdly enough fixed by a reboot.13:54
CrummyGummy reboot/unplanned reboot/13:54
henkjanthe purpose of daemontools IS to start a process again if it gets killed right?13:55
CrummyGummyYes, and it does that very well. It can also stop progs which I seem to be having a problem with.13:57
henkjanso, whats the problem?13:57
CrummyGummyIf I use svc -k or svc -t its spawns another instance without shutting down the first one.13:58
henkjan" when I restart/kill my java servers it just spawns another one." seems right behaviour to me13:58
\shsoren: pingeling13:58
henkjanah, okay13:58
CrummyGummyJa, 5,6,7 instances later I have a real problem.13:58
soren\sh: pong14:12
\shsoren: tomcat5.5, doko meant you are the right person...14:13
\shsoren: tomcat5.5 suggests java-virtual-machine , but all packages providing this package are JREs...tomcat but needs a JDK...14:13
\shsoren: AFAIK we don't have a virtual package name for jdks (at least I didn't find one)...and tomcat is not installable at this moment...14:14
\shsoren: suggesting a free JDK (icedtea e.g.) doesn't help, because when we do this, we have to disable tomcats security manager (it works only with suns jdk)...14:14
\shsoren: so, given all this, what should we do to have a clean installable tomcat5.5. package? :)14:15
soren\sh: Sorry, went away for a few minutes..14:16
soren\sh: Er... Fix icedtea?14:17
sorenTo be honest, though.. I don't really care much about Java.14:17
rhineheart_mhello! how to remove completely squirrelmail and its configuration?14:18
\shsoren: well, we should care about installable packages :) I don't know if it's ok to Suggest: icedtea-java7-jdk | sun-java6-jdk (which means suggesting a package from multiverse)14:18
henkjanrhineheart_m: apt-get remove --purge $packagename14:18
Kamping_Kaiseryou were told that at least twice before14:18
soren\sh: I'm not sure.14:23
Kamping_Kaiserfaulkes-, sorry about the baby bugfiling DoS in LP ;)14:23
\shsoren: I'll raise this on u-d ml...I think we need a solution for this, and we should find a consense14:24
henkjanKamping_Kaiser: indeed, first asking how to remove postfix, 2nd asking how to remove dovecot14:25
Kamping_Kaisernight all14:37
sommerKamping_Kaiser: later on14:38
sommerhey nijaba14:39
lamonthenkjan: you know, a fresh install will also remove that package for him... :-)14:47
lamontoh wait.  did I say that out loud?14:47
henkjanmaybe a sudo rm -rf /14:48
LupusNoctisnaughty naughty!14:48
faulkes-morning nijaba14:55
faulkes-whole bunch of new reports in server-survey14:56
faulkes-I've commited at least one fix to my branch14:56
rhineheart_mhello.. can you help me configure postfix?15:18
dantalizingsee this window will work for a bit15:36
mathiaznijaba: https://help.launchpad.net/BugTrackerEmailInterface17:07
nijabathanks mathiaz17:07
=== \sh is now known as \sh_away
baffleWhat is considered "best practice" for allocating storage for virtual machines? Defining LVM logical volumes pr. partition/pr. server or defining one LVM logical volume pr. server wich contains it own set of partitions/pv/vg/lv definitions?18:50
baffleAnd; Does KVM and/or XEN support the ability to detect a change in size of the blockdevice? I.e. if I grow a blockdevice at the host OS, can I do a scsi rescan on the guest?18:51
faulkes-I couldn't answer off-hand, iirc soren is doing most of the work on KVM stuff18:52
=== c_schmitz is now known as c_schmitz|away
bafflefaulkes-: Yes, I've noticed. His last Q&A session sure did answer a lot of questions I had regarding KVM. I guess we're moving away from XEN now.18:54
baffleI just wish "someone" would write virtio drivers for Windows.18:54
sorenbaffle: I'm not sure, to be honest. I don't think it will grow like that.18:55
sorenbaffle: You'd need to close the vm and start it again, I think.18:55
soren"think" being the key word here.18:55
sorenbaffle: W.r.t. to best practices, it really depends on what you're doing.18:56
sorenbaffle: for various reasons, I do a lot of throw-away vm's, so setting up an lv is a bit pointless.18:56
bafflesoren: I use them mostly for production services.18:57
sorenbaffle: Using an lv will give you the best performance.18:59
bafflesoren: Having the ability to do a scsi rescan and detect a larger blockdevice sure would be sweet; I'm a bit suprised that noone upstream (XEN/KVM) has looked into this. :-) At least this is something we do quite often on production servers that are not virtualized.18:59
sorenbaffle: I honestly don't know.19:00
bafflesoren: My question was if best practice was using *one* LV (I.e. giving the guest /dev/sda) or multiple LVs (I.e. giving the host /dev/sda1 /dev/sda2 etc).. The latter is what I do for XEN paravirtualized hosts, as it allows the host to easily do offline growing of volumes and filesystems. I think this might be the wrong approach for KVM hosts.19:01
bafflesoren: Is Canonical comitting any resources to do feature developement on upstream libvirt/virt-manager?19:04
AtomicSparkquick question, where does apache place the default public_html folder?19:04
sorenAtomicSpark: your home directory19:04
sorenbaffle: It doesn't place it. You create it.19:05
sorenbaffle: Not per se, no.19:05
AtomicSparkk thanks. i'm in class. showing off my leet linux skillz. ha.19:05
sorenbaffle: Whether you should use one or several lv's (or partitions or whatever) is really up to you and your workflow. I don't see much of a difference.19:06
bafflesoren: I guess so. It really boils down to if you want to do storage management on the host or the guest.19:08
sorenbaffle: Precisely.19:09
bafflesoren: The servers we will be deploying Hardy on need to be able to have controlled simultaneous access to the shared storage (SAN). I guess CLVM is the (only?) solution for this, but I seem to be unable to find any proper documentation for it? We have a few RHEL clusters, but they seem to be a bit "black box". Are you aware of any Ubuntu installations running CLVM in produciton? Is there any Ubuntu documentation on this?19:11
bafflesoren: (Sorry for the Q&A session, I just happend to have a bunch of questions in my head; Be sure to tell if you're too busy. :-))19:12
sorenbaffle: I'm aware of their existence. AFAIK, we don't have any Ubuntu specific docs for it.19:17
bafflesoren: So even if the components are part of main, it's basically just imports from Debian I guess. At least that makes things the same. :-)19:20
=== \sh_away is now known as \sh
sorenbaffle: We get a *lot* of stuff from Debian.19:30
sorenbaffle: I maintain kvm in Ubuntu myself, though.19:30
sorenbaffle: Up until very recently clvm was maintained here, too.19:31
coffeedudedendrobates: back online now.  You still need me ?19:34
dendrobatescoffeedude: any idea on the release date of 4.0.5?19:36
=== c_schmitz|away is now known as c_schmitz
coffeedudedendrobates: I can tag a official release on Monday.19:40
dendrobatescoffeedude: thanks19:40
coffeedudedendrobates: ping me if you don't have someone by 2pm EST.19:41
coffeedudedendrobates: on Monday that is.,19:41
=== c_schmitz is now known as c_schmitz|away
=== c_schmitz|away is now known as c_schmitz
=== \sh is now known as \sh_away
jetsaredimi accidentally fat-fingered a chmod command and 777'd / on my server - is there any way to get out of this without reinstalling?21:37
jetsaredimerr chmod -R 777 /21:38
Jeeves_jetsaredim: Hmm21:46
Jeeves_I fixed that once using the permissions found on a backup-tape21:46
* jetsaredim doesn't have backup tape :(21:48
Jeeves_jetsaredim: Than, I guessed you're kinda screwed21:49
Jeeves_Unless you have another box21:49
Jeeves_Somewhat the same21:49
jetsaredimnot really21:57
jetsaredimgood thing I setup md on my spare drives to backup files to21:57
jetsaredimjust sucks that I'll have to re-setup django again21:57
jetsaredimis there an updated alpha4 cd for ubuntu-server?22:04
luca__chi ha voglia di aiutare un principiante ?22:06
rhineheart_mhello! what's the best smtp server for ubuntu?23:18
puffrhineheart_m: There are lots of different opinions out there about that.  Three of the more popular packages are postfix, exim and qmail.23:25
puffrhineheart_m: I chose postfix, because all of the experts I call for help use postfix.23:25
mathiaz!postfix | rhineheart_m23:27
uboturhineheart_m: postfix is the default !MTA and !MDA on Ubuntu. For help, read https://help.ubuntu.com/community/Postfix and https://help.ubuntu.com/community/PostfixBasicSetupHowto - See also !MailServer23:27
Kamping_Kaiserubuntu defaults to postfix (you removed it remember?), debian uses exim23:27
Kamping_Kaiserand aiui no sane person uses qmail anymore23:27
puffKamping_Kaiser: Oh?  What's up with that?  Last thing I heard was that the guy who wrote qmail (wietse?) was a pain to work with, so a signficiant faction of folks didn't want to deal with it.23:29
Kamping_Kaiserpuff, from my reading a default qmail isnt rfc complient, and is a spammers heaven. it needs 3rd party patches "and stuff" before it becomes responsible again (debian had an argument about this recently if your after a quick link)23:30
rhineheart_mKamping_Kaiser: I have this strange problem..if I change /etc/postfix/main.cf to  #mailbox_command = procmail -a "$EXTENSION"  it could receive mails from yahoo. What do you think?23:32
Kamping_Kaiserrhineheart_m, i think you havent given us enough details yet23:33
rhineheart_mKamping_Kaiser: I am using postfix..Trying to configure squirrelmail to work with postfix. My box has courier-imap installed too..23:34
rhineheart_mKamping_Kaiser: my problem? Cannot send emails..but I can receive with /etc/postfix/main.cf configured to to #mailbox_command = procmail -a "$EXTENSION"23:35
Kamping_Kaiserrhineheart_m, and what was it before you commented that lilne?23:35
rhineheart_mKamping_Kaiser: my networks mynetworks = (I tried adding after but doesn't change.23:36
Kamping_Kaiserrhineheart_m, did you change the #mailbox_command line in any way?23:37
rhineheart_mKamping_Kaiser: I changed it with # so that my squirrelmail could receive mails23:39
rhineheart_mKamping_Kaiser: the complete line-- #mailbox_command = procmail -a "$EXTENSION"23:39
Kamping_Kaiserrhineheart_m, you want to set `home_mailbox = Maildir/`23:41
Kamping_Kaiseri'm guessing23:41
rhineheart_mKamping_Kaiser: this is the line: home_mailbox = Maildir/23:43
rhineheart_mKamping_Kaiser: but still it can't send mails..23:44
Kamping_Kaiserrhineheart_m, you probably havent configured it correctly. check your mail logs for errors23:44
* Kamping_Kaiser thinks 'deja vu'23:45
rhineheart_mKamping_Kaiser: every time I send message this will happen: Undelivered Mail Returned to Sender23:51
rhineheart_mKamping_Kaiser: let me check the logs... a minute..23:51
Kamping_Kaiserrhineheart_m, pastebin the last 10 lines of your mail.error and mail.log23:52
Kamping_Kaiserrhineheart_m, *pastebin*23:54
Kamping_Kaiserrhineheart_m, *do* *not* *message* *me*23:54
rhineheart_mI forgot the link to pastebin23:54
Kamping_Kaiserthen ask for it23:55
Kamping_Kaiserubotu, pastebin | rhineheart_m23:55
uboturhineheart_m: pastebin is a service to post multiple-lines texts so you don't flood the channel. The Ubuntu pastebin is at http://paste.ubuntu-nl.org (make sure you give us the URL for your paste - see also the channel topic)23:55
Kamping_Kaiserand becaues you seem to have forgotten:23:56
Kamping_Kaiser!private message | rhineheart_m23:56
uboturhineheart_m: Please ask your questions in the channel so that other people can also benefit AND help you. Please don't PM a user in the channel without asking first, some find it rude.23:56
Kamping_Kaiserrhineheart_m, to=<webmaster@***@info>, two @ in an email address?23:57
rhineheart_mKamping_Kaiser: sorry..typo error.. this is the right one there.. http://paste.ubuntu-nl.org/57775/23:59

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!