[00:02] i downloaded nltk_lite , and python setup.py install fails with the error "please install the python-tk package". Why in gods name would I install a gui toolkit package on my head less server ? [00:52] hello. how to install mod_fastcgi? [00:53] i have this old netserver, duel pII (unknown speed) 256 pc100 ram 2x 8gb scsi hd. any ideas of something nifty to do with it? [00:54] take over the world! [00:54] osmosis: because it depends on it. [00:54] ok [00:54] pwnd [00:55] haha, im back [00:55] well...i realized x11-common isnt actually that bit. i thought it was all of xorg [00:55] im pretty sure my card is friend [00:55] fried* [00:55] osmosis: no, your safe :) [00:58] i was thinking of just installing a LAMP server on it but i dont really trust it holding anything valuable lol. maybe a caching server of some kind. hmm. [01:00] IBM netserver? that would be reliable as the earth [01:01] kgoetz: maybe. i just don't trust these drive lasting. i mean they're used and old. ha. [01:02] i got it for 8 dollars :D [01:03] AtomicSpark: you'd be supprised. its all server grade gear, so expect it to outlast your new shiny desktop [01:04] kgoetz: heh. but anyways, its not enough space to store files. what else could i do with it? dns/website caching usually only helps on large networks. [01:04] I could set it up to randomly portscan ip addresses. ha. [01:05] AtomicSpark: WTF do you want to store in your website? [01:05] 16 gig is massive [01:05] kgoetz: i ment it was small to store files [01:05] like file sharing. :P [01:06] i still maintain its massive :) [01:06] yeah. a raid 5 with 6 x 80GB harddrive is massive. lol. [01:08] wish it had all the parts. its missing almost every fan. :'( [01:09] AtomicSpark: i could potentially be imprssed if i wasnt sitting next to 50TB of raid :p [01:09] heh. [01:09] got LVM on it? [01:10] nah, a proprietary filesystem [01:11] i see LVM being nice even if you didn't add harddrives, it would be easy to re-size partitions. [01:12] as long as its on a healing raid its ok [01:12] depending if the alt-cd for hardy works, i'll put encrypted LVM on my laptop. === kraut_ is now known as kraut [01:29] can you recommend DMZ setting to ubuntu box? [01:39] nealmcb: ubuntu-vm-builder is used to create jeos correct? [01:41] or anyone who may know [01:43] sommer: can you recommend DMZ? [01:43] uh... as in a firewall? [01:44] are you asking for the best way to deploy a production Ubuntu server? [01:44] internet>>modem>>firewall>>DMZ [01:44] yeah.. [01:44] I guess it depends on what services you plan on running [01:44] and which clients need access to them [01:45] I will run email DNS and website services [01:45] will it be accessed from the internet? [01:45] yeah [01:45] or just by internal clients? [01:46] accessible from the internet [01:46] in that case I'd look at dedicated firewall hardware [01:46] cisco pix, sonicwall, etc [01:46] sommer: Or run a firewall distro of linux. [01:46] sure that too [01:47] but I'd recommend running that on different hardware than your server :-) [01:47] Yeah. [01:47] rhineheart_m: As I said earlier, my comments were assuming you are running a separate firewall between your DMZ server and the public internet, and between your DMZ server and the private internet. [01:47] I have firewall by cisco.. [01:48] the dmz usually sits between two firewalls fw->dmz->fw [01:49] can Linksys do that? I have wrt54g [01:50] lawl spam [01:50] faulkes-: or in a firewall with 3 network cards [01:50] (one for internet, other for DMZ and the 3rth for LAN) [01:50] dmz is usually pointed to a server you want FULL ACCESS publicly. webserver etc. no secure info should be on it. [01:51] if you need dmz to open ports, you should rather just forward the ports you want instead of opening it wide open. [01:52] Thanks AtomicSpark for that. But can the internet break the way firewall has been set by CISCO? [01:52] Atomic: not neccesarily, take in point a java app server, where requests may all come into port 80 but it has tons of other ports it uses, like 8080 [01:52] no. infact if you have nothing forwarded on your router, your network is pretty save. nat hides all internal stuff :P [01:53] faulkes-: those are ports set up by outgoing connections. dont have to worry about those. [01:53] I think we'll have to agree to disagree on that ;) [01:54] faulkes-: it depend on the net and the services you are running [01:54] nxvl: correct [01:54] there is no recipe for DMZ's, every network is different [01:54] and every network is generally different, with different requirements [01:54] heh [01:54] yes! [01:54] :D [01:54] * nxvl_work HUGS faulkes- [01:54] In my case.. I disabled Filter Internet NAT Redirection since If it enabled.. I can not access the box in the inside... [01:54] maybe instead of asking how to enable dmz, tell us what you are trying to set up. [01:55] ssh from internet? [01:55] rhineheart_m: if we don't know your network, what it runs, and what you want we can't say you how to do things [01:55] puff: I do ssh from the internet.. [01:56] rhineheart_m: try to ask more specific questions [01:56] nxvl_work: Again I said, I want to run website (80), ssh, email services...and I guess DNS too [01:57] that still says nothing to me :D [01:57] ah. are you running this from a linux machine? [01:57] you are going to use a 3 network firewall or fw->DMZ->fw->LAN [01:57] i know we're in an ubuntu channel but i want to make sure :P [01:58] yes. Ubuntu Gutsy Gibson [01:58] nxvl_work: i still dont see why needs 2 firewalls and a dmz. [01:58] which is your network topography? where is you LAN [01:58] AtomicSpark: it depens on what you want to do [01:58] AtomicSpark: let me find the graphics who expain it [01:59] Internet>>modem (bridge mode)>>router>>LAN [01:59] nxvl_work: i'm getting a lan degree i know what you're talking about lol. i would keep it simple for him. just have him forward the ports from his router to the server. [02:00] AtomicSpark: i also prefer that option -> http://www.grassouille.org/docs/graphics/dmz.png [02:00] he has a wrt54g.. can't be running anything too large lol. he'll max out his connections. [02:00] AtomicSpark: http://techrepublic.com.com/i/tr/cms/contentPics/5756029-DMZ-overview-A.gif <- that one [02:00] oh i see what you are saying. interesting. [02:01] http://www.grassouille.org/docs/graphics/dmz.png <<< is a good one.. [02:01] the first link shows using dmz to the server instead of port forwarding. i would just use port forwarding so you know you are only letting in what you want. [02:01] the 2nd link is more enterprise class stuff. :P [02:02] but yeah portforwarding vs dmz. just depends if you have problems. [02:02] one time i deploy 3 firewalls for a client with 2 DMZ [02:02] AtomicSpark: yeah I got your point here.. but by default all ports are blocked in gutsy right? [02:02] i would start with portfowarding 80, 22, whatever you need. if that doesnt work, just dmz. [02:02] by default there is no firewall set up. [02:02] it was inet -> fw1 -> fw2 -> fw3 -> LAN, and a DMZ attached to fw's 1 and 2 [02:02] infact i don't even think it has a firewall till hardy. [02:03] it was crazy paranoid stuff [02:03] nxvl_work: ha. someone would just DoS him instead of try to get in. :P [02:03] rhineheart_m: i haven't see any default firewall installed on any ubuntu box [02:04] there is no firewall in ubuntu. not till hardy and thats very simple. also disabled by default. [02:04] really? that's the way information displayed in the ubuntu website [02:04] link? [02:05] "The Ubuntu Server has no open ports after the installation and contains only the essential software needed to build a secure server" [02:05] http://www.ubuntu.com/products/whatisubuntu/serveredition [02:05] "A key lesson from its Debian heritage is that of security by default. The Ubuntu Server has no open ports after the installation and contains only the essential software needed to build a secure server." [02:06] well thats because a "default install" has no LAMP installed. no apache, mysql, etc. :P [02:06] but hmm. thats interesting. i never had to open ports. let me check. [02:06] i dont quite get the point of a firewall [02:06] rhineheart_m: it has no open ports because it has no services running :D [02:07] yeah. i'm thinking thats what it means. [02:07] :D [02:07] if you have an open port, wouldn't you want it publicly accessible? [02:07] pwnguin: just like if you restrict people from entering your house.. you need to build a gate with a lock [02:07] pwnguin: not always [02:07] pwnguin: i always run mysql server listening only localhost [02:07] pwnguin: most firewalls are used to block the port from outside your router or select which ips can or cant see it. [02:08] AtomicSpark: but that's a separate firewall [02:08] but if you dont portforward or dmz, most people dont need a firewall. in that case a firewall would just actively monitor traffic. see the bad things. [02:08] i wouldn't mind a gui config tool to set up my ath0 as an AP though ;) [02:09] speaking of crazy networking [02:09] anyone have a guide for myrinet on ubuntu? [02:09] Atomic: well, thats more IDS than firewall [02:09] yeah.. I agree with that. unless it's a standalone computer. [02:09] yeah but firewall is thrown around so much. :P [02:09] * faulkes- throws a firewall at Atomic [02:10] pwnguin: i have do it a looooong ago i don't really remember how i did it [02:10] this is my concept... internet>>firewall>>single PC.. can't see a point.. [02:10] pwnguin: but i remember it wasn't hard [02:10] rhineheart_m: internet >> router >> PC, profit! [02:10] nxvl_work: i tried a guide on the wiki, but i got some errors that might mean the hardware / driver doesn't support it [02:11] or did you mean myrinet? [02:11] sorry.. what I meant.... internet>>>firewall>>>LAN>>>mutiple PCs [02:11] s/LAN/switch [02:11] lan as in... a switch? [02:12] yeah.. switch.. sorry.. it was vague [02:12] hmm. well in your use case i dont think you need a dedicated hardware firewall. [02:12] but i guess it's up to you. [02:13] yeah.. but my router has firewall in it.. [02:13] most people dont buy one unless they're buying other nice eqipment too. hp switches, enterpise routers, etc. [02:13] well. kindof. its mostly just nat protecting you. [02:13] home "routers" have a router, switch, dhcp, dns, firewall, etc all built in. [02:13] but each one is very limited. [02:14] you should of gotten the wrt54gl so we could make you put linux on it :D [02:14] it comes with linux on it :P [02:15] I see.. but I can't get that version here.. [02:15] you use their firmware or third party? the newer g's you cant flash. [02:15] wrt54gl... [02:15] wait, did you just say "nice equipment" and "hp switches"? [02:15] * faulkes- runs [02:15] haha. don't like procurves? [02:15] the L in gl stands for linux :P [02:15] yeah.. its version 7 so m sure I can't flash it with linux firmware [02:15] * faulkes- loves his cisco gear [02:16] oh boy. fan boy. [02:16] look out. [02:16] no joke. [02:16] nah, I don't have a choice in that area [02:16] just get a managed hub :p [02:16] I just what I'm given [02:16] ... [02:16] did you just say hub? [02:16] just use [02:16] a managed one at that [02:17] no smart person would ever buy a hub. the only reason you use a hub is to "hub out" so you can find network problems. [02:17] AtomicSpark: yeah. i have a pile of them [02:17] does that come with a sherpa to hookup all your bnc connectors? [02:17] you ment managed switches. [02:17] :P [02:17] but what's the risk if Filter Internet NAT Redirection is enabled? [02:17] * faulkes- runs [02:17] i dont even know what that means. [02:17] * AtomicSpark checks my router. [02:18] no, i meant managed hubs [02:18] rhinheart: without understanding what the vendor means by "Filter Internet NAT Redirection" it's hard to say [02:18] and the only bnc is the backhaul [02:18] hubs have their users [02:18] uses [02:18] cheap broadcast! [02:18] yeah. for hubbing out. lol. [02:19] * faulkes- unterminates kgoetz [02:19] wait [02:19] i think that means nat loopback? [02:19] you want that. [02:19] This feature uses Port Forwarding to prevent access to local servers from your local networked computers. < ugh.. if its nat loopback, you want that. [02:19] i always connect to my server using the public ip, even if i am on the inside. [02:20] lets you know your outside connection still works lol. [02:20] okay. so I will need that one.. [02:20] i just use hostnames [02:20] ssh tomato [02:20] etc [02:20] i googled it. [02:20] it said : If you turn this off, it will allow you to access the server on your [02:20] local network using the Outside (Internet) IP address. [02:20] If you turn it on, it will block access to the server using the Outside [02:20] IP, but still allow by using the Internal (LAN) IP. [02:21] but won't it compromised the files and printers sharing in a windows environment? [02:21] pwnguin: you use tomato firmware? [02:21] AtomicSpark: yea [02:21] AtomicSpark: it has its moments [02:21] good man. tomato rocks hard! [02:22] the pppoe stuff is shaky [02:22] sometimes it loses the password [02:22] lol. havent had that problem. [02:22] lemme tell you. that's fun when nobody is still around in the apartment when it was set [02:22] have you tried updating? there has been new versions lately. [02:22] Yeah... I have that too.. PPPOE... my dialer was set in the router.. [02:22] yea, [02:23] its a bit challenging to find a time when nobody's using the net [02:23] and im awak [02:23] it only cuts the internet when you reboot. it would take like 10 secs. :P [02:24] nope.. it won't. as long as you didn't cut the power source to the modem [02:24] well [02:25] 10 seconds is ages when your addicted to WoW apparently [02:25] haha. just do it anyways. screw em. [02:27] I just wondered why my box can't send and receive emails...from and to the internet.. [02:27] I forwarded already port 25 to the box.. (mmmm....got an idea?) [02:28] this is the last issue that ubuntu gives me pain.. [02:28] :) [02:28] you need 25 and 110 [02:28] 110? [02:28] pop3 [02:29] is it using imap? then you have to use 143 lol. [02:29] hey.. how can I check if what ports will I need to be opened? [02:30] ows..he left. [02:31] you wont need to open up any ports as a client, only as a server [02:33] but it can't still receive nor send [02:34] what do your error logs say? [02:34] and what cant send/recieve? [02:41] so any other ideas on what to do with a old hp server? [02:42] how old? [02:42] hp netserver. duel pII 256 MB ram [02:42] proxy [02:43] fileserver if it has enough disk [02:43] I have a g4 350mhz / 512 ram acting as my squid proxy [02:43] ~18 GB [02:43] does just dandy [02:43] same amount of disk for me [02:43] what would a proxy do for me? :P [02:43] I generally don't keep a large media library though [02:43] speed up your connection? [02:44] how so? i never used one before. [02:44] certainly, if you got to alot of specific sites often, it can speed things up [02:44] oh. like caches things? [02:44] caching of images, etc.. [02:44] interesting [02:44] man, five minutes is a long time to wait wondering if you survived a remote reboot [02:44] i have a 10MB connection :P [02:45] or, if you are like me and have a 14yr old niece who loves youtube and msn and all that, you can force her through the proxy and limit her bandwidth [02:45] * faulkes- whistles innocently [02:46] pwnguin: db9 getty to a remote terminal server ;) [02:46] * faulkes- loves his 2511's [02:46] well, my systems are free [02:46] can't complain about that [02:46] true that [02:47] for i had just about assumed id have to speak with the cluster admin tomorrow [02:47] get with the times man, it's an age of immediate gratification! [02:47] BOOT NOW! [02:48] and finish your fsck in 8 hours :) [02:48] hmm [02:48] [ 195.006711] CFI: Found no "amd76xrom" @fff60000 device at location zero [02:48] kgoetz: 8hrs is entirely too long, I'd have finished the bottle of scotch by then [02:48] that times a billion [02:49] faulkes-: :) [02:49] not that my employer would care [02:50] now to set up an launcher that connects to these remote screens [02:50] "can you admin a box in that state?" ..."yess, sirrrz" [02:50] im thinking melon cad [02:50] cat [02:53] hmmm, maybe I'll play with qemu and 8.04 alpha server tonight [02:54] Atomic: also, if you are connecting wirelessly to your router, I've found that by using a local internal lan proxy, my transfer rates go up by about 100k [02:55] that might not be an issue for other folks, but hey, I'm not complaining [03:01] how to completely remove postfix and its configuration files? [03:03] --purge remove [03:04] hello [03:05] and got this: dpkg - warning: while removing postfix, directory `/var/lib/postfix' not empty so not removed. [03:05] has anyone ever messed with a counter strike server? [03:06] rhineheart_m: sudo dpkg -P postfix [03:06] rhineheart_m: Then manually remove stuff like that that's left behind. [03:07] how about to completely remove dovecot? [03:07] I just want to install and configure squirrelmail from scratch [03:08] Similar procedure. [03:08] rhineheart_m: removing postfix to work on squirrelmail sounds like a lot of work ;) [03:10] kgoetz: but I don't have choice.. I can't really have it to work [03:10] rhineheart_m: postfix and squirrelmail (and apache) are seperate problems [03:12] kgoetz: what should be entered in Root and postmaster mail recipient: ? [03:12] rhineheart_m: your users login, or your email address [03:13] kgoetz: can't get you.. [03:13] rhineheart_m: in what way? [03:13] like webmaster@chicken.com? [03:14] yeah. [03:15] kgoetz: okay.. I will try...this should be the last try..or else..mmm...don't know If I will configure postfix and its related apps for squirrel [03:15] you *dont* need to configure postfix for squirrelmail. its nothing to do with postfix [03:16] okay..so what I need then? [03:16] dovecot? [03:16] squirrelmail, apache and an imap server [03:16] dovecot probably works ( i use courier) [03:17] okay.. but I guess I still need it for my drupal site...right? [03:17] need what for drupal? [03:17] registration confirmation, lost password...like that [03:18] you'll probably need a mailserver of some sort for that (i dont use drupal myself)( [03:19] but postfix is a mailserver right? [03:20] yes. [03:24] hmm. [03:24] anyone know of a free ldap service? like a simple replacement for AD/NetWare? [03:25] just for single log ons. [03:25] openldap? [03:25] yeah. have you used it? i've heard of it. :P [03:26] yes, i'm currently trying to make a squirrelmail plugin work with it [03:27] thats cool. i have a small network at work. didnt need all the overhead of small business server so i switched to linux, but miss single logons. :( [03:27] ill check out openldap server. [03:28] took us a while, but we got an almost-single signon here. [03:28] its all against the one database, so i guess its a start [03:28] likewise-open + openldap now [03:28] yeah. basically i want a single place to manage users. then the clients get that info. you know. like how AD and netware work lol. [03:29] openldap does it [03:29] Atmic: likewise-open + openldap would be the thing [03:29] good deal. [03:29] theres a bunch of directory servers available - fedora directory server is the other free one that springs to mind [03:29] faulkes-: which means ? [03:29] likewise-open? [03:30] likewise-open iirc is the client side single-signon portion [03:30] for linux [03:30] ah. the problem is, i have a mix of linux and windows clients. [03:30] which is what openldap is for [03:30] one is for sign-on, one is for storing credentials [03:31] openldap stores the credentials [03:31] never heard of likewise-open before [03:31] openldap == active directory [03:31] hmm. [03:31] is it all command line? [03:31] http://doc.ubuntu.com/ubuntu/serverguide/C/likewise-open.html [03:32] http://doc.ubuntu.com/ubuntu/serverguide/C/openldap-server.html [03:32] woo [03:33] faulkes-: so it only works with AD? [03:33] eh? no, of course not [03:34] will openldap work with fake domains? like domain.local? [03:34] not that I know of [03:34] Atomic: yes [03:35] good. [03:35] kgoetz: openldap is meant as a replacement of AD, well, to a certain extent [03:35] faulkes-: no, its a Directory implimentation. [03:35] and it *doesnt* work the same a lot of the time [03:35] true [03:36] but we're talking sign-on here [03:36] if you can sign-on to openldap via windows, signing on to openldap via linux (using likewise) should not be an issue [03:36] it may be, I havent tested it, but I am following it to a logical extent [03:37] theres a libpam-ldap module (not used it directly, just libpam-radius) [03:38] which you can use for auth on ldap (openldap and AD iirc), which is shipped in universe [03:38] kgoetz: you said earlier that you use imap server (courier) for squirrel? [03:38] rhineheart_m: yes [03:38] kgoetz: okay.. how to install it? [03:39] rhineheart_m: apt-get install courier-imap [03:39] surely you could have worked that out o_0 [03:39] rhineheart: there is significant documentation avaiable at https://help.ubuntu.com/community/Servers [03:40] is there any good tools to configure openldap? manually editing the files seems risky. :\ especially if i dont know what i am doing haha. [03:40] thanks faulkes m into it now.. [03:40] AtomicSpark: install ldapvi and ldap-tools [03:41] alright ill write that down. i might just use ubuntu on my machine. centos5 seems to not like me. [03:41] I really need to start saving and buy a fully loaded dell XPS laptop [03:42] kgoetz: I have it installed already (courier-imap). what's the next? how to configure it to work with squirrel? [03:42] i have a compaq 6820s. i like it. cant ubergame on it but it works nice. [03:43] Atomic: well, part of it would be for gaming, but the other half would be my dev machine, which needs lots of ram/hp and portability [03:44] rhineheart_m: read the doco in /usr/share/doc/squirrelmail[-doc]/ and /usr/share/doc/courier-imap/ and... [03:47] kgoetz: I can't see any documentation there for courier-imap [03:47] kgoetz: /usr/share/doc/courier-imap [03:49] rhine: ls /usr/share/doc/co and see what it lists [03:49] rhineheart_m: short version( i'll leave you to find the details in the ubuntu guides): install courier/squirrelmail. configure courier to auth on ldap, configure squirrelmail to auth on courier [03:49] i have a number of dirs for `ls /usr/share/doc/courier-*` [03:51] kgoetz: are you trying to tell me that I need LDAP for this purpose? [03:51] no, courier/squirrelmail can auth against local pw's iirc [03:52] i.e. /etc/passwd [03:52] all depends on how you set it up [03:52] yes they can [03:52] or mysql. [03:52] The available modules you [03:52] # can use are: authuserdb authpam authpgsql authldap authmysql authcustom authpipe [03:53] so anything you can auth pam against you can auth squirrelmail against [03:53] * kgoetz is authing on pam for his courier [03:56] kgoetz: so..what should I do to configure courier to auth on ldap, configure squirrelmail to auth on courier? [03:57] kgoetz: I can't find a documentation on how to configure the two of them [03:58] kgoetz: and I got this error: ERROR: Connection dropped by IMAP server. [03:58] "aptitude search courier" [03:59] p courier-doc - Courier Mail Server - Additional documentation [03:59] if the beginning of that like doesn't start with "i" [03:59] do "sudo apt-get install courier-doc" [04:00] which should provide you with the /usr/share/doc/courier-* docs [04:00] rhineheart_m: configured courier, restarted it then run /usr/sbin/squirrelmail-configure ? [04:01] kgoetz: That's the problem.. I don't know how to configure courier... [04:03] https://help.ubuntu.com/community/Courier [04:03] kgoetz: I bet you can't get it working. [04:03] pschulz01: i can get his mail working or ours... [04:04] kgoetz: Don't make me hit you.. 'cause I can. [04:04] *grin* [04:04] kgoetz: I think we got away with it. [04:05] * kgoetz goes back to not working ^H^H working hard [04:05] aye [04:05] I have a project plan that needs finishing [04:05] * pschulz01 looks at mysql and goes *shudder* [04:06] heh [04:06] faulkes-: Bye [04:06] * faulkes- points pschulz01 at mysql-cluster [04:06] * kgoetz thinks the aircon needs fixing [04:06] . it mught have been the air-conditioning. [04:12] kgoetz: I tried the instructions there.. but I can't login [04:12] kgoetz: I got this: * BYE [ALERT] Fatal error: Maildir: Permission denied [04:13] rhineheart_m: that error looks fairly self explanitory to me :) [04:14] kgoetz: that's the error I got.. [04:15] rhineheart_m: does the maildir exist? [04:16] !pastebin | rhineheart_m [04:16] rhineheart_m: pastebin is a service to post multiple-lines texts so you don't flood the channel. The Ubuntu pastebin is at http://paste.ubuntu-nl.org (make sure you give us the URL for your paste - see also the channel topic) [04:16] !private message | rhineheart_m [04:16] rhineheart_m: Please ask your questions in the channel so that other people can also benefit AND help you. Please don't PM a user in the channel without asking first, some find it rude. [04:18] back on topic on openldap, how would you set up logon scripts. say i wanted all the users home folders on the server when they log in, can i do that? would it be easier to just have the mount a "home" folder? [04:18] AtomicSpark: That would be done somewhere in PAM. [04:19] AtomicSpark: Then is wouldn;t matter how they authenticated when they logged in. [04:19] yes I have it there.. [04:20] AtomicSpark: run `apt-cache search libpam` and look at the results, theres lots of cool things you can abuse pam to do [04:20] this one: /home/webmaster/Maildir [04:20] rhineheart_m: Does it have any subdirectories in it? [04:21] rhineheart_m: does the user 'webmaster' exist? how is email getting pointed to them? [04:21] pschulz01: yes is has [04:21] rhineheart_m: pastebin your /etc/aliases file [04:22] # Added by installer for initial user [04:22] root: administrator [04:22] rhineheart_m: the *whole* file into a *pastebin* [04:23] that's the whole file already with cat [04:23] rhineheart_m: 'webmaster' != 'administrator' [04:24] should i install a DNS server? id just be using it for authentication. [04:24] AtomicSpark: hm? [04:24] well. it would need it to be on a domain... :P [04:24] wah? [04:25] AtomicSpark: You shouldn't.. as long as other machines can find your LDAP server you should be fine. ie. you can use IP addresses. [04:26] how do you configure the clients then? [04:28] oh hey i found info about likewise-open [04:30] heh i could always run a SMB server in KVM. [04:30] * AtomicSpark hides [04:31] AtomicSpark: They access the LDAP server via IP address rather than host.domain [04:32] interesting. but the windows machines wont beable to join an ip address. :P [04:32] but a DNS server would be good. just have it forward queries. better then using the router. [04:32] meh then i should put DHCP on the server too. [04:34] AtomicSpark: your confusing different sorts of domain [04:39] maybe so. [04:39] so i can have windows and linux clients authenticate to the openLDAP server without a DNS server installed? [04:40] linux yes, windows .... ##windows :) [04:40] lol. [04:42] well my plan is to make a decent replacement for this inventory software we have that we will no longer support. then after thats gone we can make almost a full switch to linux. [04:43] tis good :D [04:43] what sort of inventory? (out of intrest) [04:44] furniture [04:44] *grins* [04:45] we use this windows ap that runs off of access 97. they want way too much for updates and we only use it for inventory. no sales or whatever. [04:45] so a simple mysql database with a php frontend should be fine. [04:45] sounds like it would be perfect [04:46] since mysql is open, you can do neat stuff like display pictures on your website of your instock items. :D [04:47] AtomicSpark: more importantly, sine its open, the cost of migrating *away* is compartively tiny [04:47] haha yeah. [04:48] i cant even export the data from the fake access 97 thing :| [04:49] mmm. [04:49] * kgoetz is serious about the cost of migrating away btw [04:50] ha. i wonder if there is any opensource inventory software that is a frontend for mysql or something. :P [04:50] ill have to research this more [05:03] sommer: re: "nealmcb: ubuntu-vm-builder is used to create jeos correct?" - well, some might get confused, given the jeos "cdimage" which is not made by ubuntu-vm-builder. I'd say we could fix that by not distributing a jeos cdimage at all, and just distribute some vm images made by ubuntu-vm-builder, and call those jeos's for different purposes (web server, mail server, whaetever). And I've heard support for that, but not much movement, exce [05:10] its interesting they have that. probably to support the big vmware boom lately. they should be pushing the KVM package they like so much. [05:19] I got this error: ERROR: Connection dropped by IMAP server. [06:42] Hello all. [06:42] I was wondering if I could get some assistance on something please. [06:44] I'm attempting to access /var/www through FileZilla on a server I just setup. I am running proftpd, and created a shortcut to /var/www using ln -s. I can see the shortcut in FileZilla, but when I try to go into it I get Failed to retrieve directory listing. [07:25] I got it figured out. I was doing my ln -s shortcut backwards. === joerlend_ is now known as XiXaQ [09:57] justYeah, I hate that. [09:58] kgoetz: Yeah. See thin [09:58] Whoops. [09:58] kgoetz: Yeah, see http://catb.org/~esr/writings/cups-horror.html [09:58] ah, an ESR link. this should be worth reading ;) [10:00] And the funny thing is, ESR even makes mistakes. "...what any non-technical user would do... Print Queue" [10:00] ANy non-technical user would say "print what?" [10:01] :) [10:01] Hee... "If the designers were half-smart about UI issues (like, say, Windows programmers)" [10:01] Note the back-handed compliment; half-smart :-) [10:04] fedora core 1. thats goign back a bit [10:06] Yeah. [10:07] About four years? Five? [10:07] Btw, what he's talking about, fundamentally, is usability engineering; the difference between spiffy popups and wizards and a UI designed for usability. [10:10] five sounds right [10:10] This specific example also illustrates a principle I like to call "shallow complexity". [10:11] In other words, sometimes you're better off just letting people deal with complexity directly, and doing your best to keep that complexity shallow. Instead, all too often people think they're "fixing" it by spreading it across a dozen popups and wizards. [10:20] G'ngiht. [10:30] * kgoetz wonders how you configure cups without root :/ [10:30] * kgoetz says words about ubuntu [10:45] kgoetz: You can configure cups without root? :P [10:46] MenZa: dunno, but you have to be able to configure it somehow [10:48] Well, there's a web-based thing for it [10:48] yep. but you need a login. what that is, i have no idea [10:49] Usually, it is root, with the root password [10:49] But you don't have that under Ubuntu :) [10:50] Jeeves_: yes, hence the problem :p [10:50] :P [10:50] :d === c_schmitz is now known as c_schmitz|away [12:12] kgoetz: any user in the lpadmin group can configure cups... at least that's what I've found [12:12] sommer, using their username/password in the cups auth boxes? *sigh* i just got home :| [12:13] sommer, i'll try it out though, thanks [12:25] np [12:30] <\sh> moins [12:33] <\sh> guys, we need to do something with the mess of tomcat5.5 [12:33] <\sh> it needs a jdk and not a jre...and all packages providing java-virtual-machine, which is a suggests of tomcat5.5, are JREs [12:36] \sh, hello [12:37] <\sh> hey Kamping_Kaiser [12:37] how are you going? [12:38] <\sh> Kamping_Kaiser: good :) everything is green :) [12:39] nice :) [12:47] * Kamping_Kaiser is finding the beta survey quite grueling [13:18] hi. Does anyone know if Gutsy/Hardy can support a 4TB partition or is that down to the FS? thanks. [13:21] its filesystem specific [13:23] ok thanks. what filesystem would you recommend for that amount of storage? [13:24] if i was to use say gutsy server. [13:25] i think ext3 maxes at 4T. i belive the newer filesystems will handle it, but i'm a bit suspicious of them (eg reiser, zfs and all the trendy ones) [13:27] yes, i am too. Well, I'm getting 8x1TB and am going to mirror them so if i claim some space for swap and OS parition then I'm going to be <4T [13:30] ok thanks Kamping_Kaiser for your time. I'm happy I can use ext3. [13:31] Stonekeeper, no problem [13:33] Kamping_Kaiser: sorry, forgot to ask: I'll be getting 32G Ram too. Will that mean I'm forced to use 64bit? [13:33] Stonekeeper, yes [13:34] fark. i just finished the beta survey *heh*. 1 hour. [13:41] thanks Kamping_Kaiser [13:42] np [13:43] Hiya, Anyone using supervise? [13:43] daemon-tools. [13:47] <_ruben> i do, but not on ubuntu (yet) [13:47] <_ruben> and probably wont [13:51] Any ideas what could be causing this? Does java just react wierdly to signals? [13:52] CrummyGummy: what do you mean? [13:53] Erm, maybe the stuff I typed didn't get through... [13:54] daemontools starts progs with no probs but when I restart/kill my java servers it just spawns another one. I had a similar problem with start-stop-daemon. That was wierdly enough fixed by a reboot. [13:54] reboot/unplanned reboot/ [13:55] the purpose of daemontools IS to start a process again if it gets killed right? [13:57] Yes, and it does that very well. It can also stop progs which I seem to be having a problem with. [13:57] so, whats the problem? [13:58] If I use svc -k or svc -t its spawns another instance without shutting down the first one. [13:58] " when I restart/kill my java servers it just spawns another one." seems right behaviour to me [13:58] <\sh> soren: pingeling [13:58] ah, okay [13:58] Ja, 5,6,7 instances later I have a real problem. [14:12] \sh: pong [14:13] <\sh> soren: tomcat5.5, doko meant you are the right person... [14:13] <\sh> soren: tomcat5.5 suggests java-virtual-machine , but all packages providing this package are JREs...tomcat but needs a JDK... [14:14] <\sh> soren: AFAIK we don't have a virtual package name for jdks (at least I didn't find one)...and tomcat is not installable at this moment... [14:14] <\sh> soren: suggesting a free JDK (icedtea e.g.) doesn't help, because when we do this, we have to disable tomcats security manager (it works only with suns jdk)... [14:15] <\sh> soren: so, given all this, what should we do to have a clean installable tomcat5.5. package? :) [14:16] \sh: Sorry, went away for a few minutes.. [14:17] \sh: Er... Fix icedtea? [14:17] To be honest, though.. I don't really care much about Java. [14:18] hello! how to remove completely squirrelmail and its configuration? [14:18] <\sh> soren: well, we should care about installable packages :) I don't know if it's ok to Suggest: icedtea-java7-jdk | sun-java6-jdk (which means suggesting a package from multiverse) [14:18] rhineheart_m: apt-get remove --purge $packagename [14:18] you were told that at least twice before [14:23] \sh: I'm not sure. [14:23] faulkes-, sorry about the baby bugfiling DoS in LP ;) [14:24] <\sh> soren: I'll raise this on u-d ml...I think we need a solution for this, and we should find a consense [14:25] Kamping_Kaiser: indeed, first asking how to remove postfix, 2nd asking how to remove dovecot [14:37] night all [14:38] Kamping_Kaiser: later on [14:39] morning [14:39] hey nijaba [14:47] henkjan: you know, a fresh install will also remove that package for him... :-) [14:47] oh wait. did I say that out loud? [14:47] :) [14:48] maybe a sudo rm -rf / [14:48] naughty naughty! [14:55] morning nijaba [14:56] whole bunch of new reports in server-survey [14:56] I've commited at least one fix to my branch [15:18] hello.. can you help me configure postfix? [15:36] see this window will work for a bit [17:07] nijaba: https://help.launchpad.net/BugTrackerEmailInterface [17:07] thanks mathiaz === \sh is now known as \sh_away [18:50] What is considered "best practice" for allocating storage for virtual machines? Defining LVM logical volumes pr. partition/pr. server or defining one LVM logical volume pr. server wich contains it own set of partitions/pv/vg/lv definitions? [18:51] And; Does KVM and/or XEN support the ability to detect a change in size of the blockdevice? I.e. if I grow a blockdevice at the host OS, can I do a scsi rescan on the guest? [18:52] I couldn't answer off-hand, iirc soren is doing most of the work on KVM stuff === c_schmitz is now known as c_schmitz|away [18:54] faulkes-: Yes, I've noticed. His last Q&A session sure did answer a lot of questions I had regarding KVM. I guess we're moving away from XEN now. [18:54] I just wish "someone" would write virtio drivers for Windows. [18:55] baffle: I'm not sure, to be honest. I don't think it will grow like that. [18:55] baffle: You'd need to close the vm and start it again, I think. [18:55] "think" being the key word here. [18:56] baffle: W.r.t. to best practices, it really depends on what you're doing. [18:56] baffle: for various reasons, I do a lot of throw-away vm's, so setting up an lv is a bit pointless. [18:57] soren: I use them mostly for production services. [18:59] baffle: Using an lv will give you the best performance. [18:59] soren: Having the ability to do a scsi rescan and detect a larger blockdevice sure would be sweet; I'm a bit suprised that noone upstream (XEN/KVM) has looked into this. :-) At least this is something we do quite often on production servers that are not virtualized. [19:00] baffle: I honestly don't know. [19:01] soren: My question was if best practice was using *one* LV (I.e. giving the guest /dev/sda) or multiple LVs (I.e. giving the host /dev/sda1 /dev/sda2 etc).. The latter is what I do for XEN paravirtualized hosts, as it allows the host to easily do offline growing of volumes and filesystems. I think this might be the wrong approach for KVM hosts. [19:04] soren: Is Canonical comitting any resources to do feature developement on upstream libvirt/virt-manager? [19:04] quick question, where does apache place the default public_html folder? [19:04] AtomicSpark: your home directory [19:05] baffle: It doesn't place it. You create it. [19:05] baffle: Not per se, no. [19:05] k thanks. i'm in class. showing off my leet linux skillz. ha. [19:06] baffle: Whether you should use one or several lv's (or partitions or whatever) is really up to you and your workflow. I don't see much of a difference. [19:08] soren: I guess so. It really boils down to if you want to do storage management on the host or the guest. [19:09] baffle: Precisely. [19:11] soren: The servers we will be deploying Hardy on need to be able to have controlled simultaneous access to the shared storage (SAN). I guess CLVM is the (only?) solution for this, but I seem to be unable to find any proper documentation for it? We have a few RHEL clusters, but they seem to be a bit "black box". Are you aware of any Ubuntu installations running CLVM in produciton? Is there any Ubuntu documentation on this? [19:12] soren: (Sorry for the Q&A session, I just happend to have a bunch of questions in my head; Be sure to tell if you're too busy. :-)) [19:17] baffle: I'm aware of their existence. AFAIK, we don't have any Ubuntu specific docs for it. [19:20] soren: So even if the components are part of main, it's basically just imports from Debian I guess. At least that makes things the same. :-) === \sh_away is now known as \sh [19:30] baffle: We get a *lot* of stuff from Debian. [19:30] baffle: I maintain kvm in Ubuntu myself, though. [19:31] baffle: Up until very recently clvm was maintained here, too. [19:34] dendrobates: back online now. You still need me ? [19:36] coffeedude: any idea on the release date of 4.0.5? === c_schmitz|away is now known as c_schmitz [19:40] dendrobates: I can tag a official release on Monday. [19:40] coffeedude: thanks [19:41] dendrobates: ping me if you don't have someone by 2pm EST. [19:41] dendrobates: on Monday that is., === c_schmitz is now known as c_schmitz|away === c_schmitz|away is now known as c_schmitz === \sh is now known as \sh_away [21:37] i accidentally fat-fingered a chmod command and 777'd / on my server - is there any way to get out of this without reinstalling? [21:38] err chmod -R 777 / [21:46] jetsaredim: Hmm [21:46] I fixed that once using the permissions found on a backup-tape [21:48] * jetsaredim doesn't have backup tape :( [21:49] jetsaredim: Than, I guessed you're kinda screwed [21:49] Unless you have another box [21:49] Somewhat the same [21:57] not really [21:57] good thing I setup md on my spare drives to backup files to [21:57] just sucks that I'll have to re-setup django again [22:04] is there an updated alpha4 cd for ubuntu-server? [22:06] chi ha voglia di aiutare un principiante ? [23:18] hello! what's the best smtp server for ubuntu? [23:25] rhineheart_m: There are lots of different opinions out there about that. Three of the more popular packages are postfix, exim and qmail. [23:25] rhineheart_m: I chose postfix, because all of the experts I call for help use postfix. [23:27] !postfix | rhineheart_m [23:27] rhineheart_m: postfix is the default !MTA and !MDA on Ubuntu. For help, read https://help.ubuntu.com/community/Postfix and https://help.ubuntu.com/community/PostfixBasicSetupHowto - See also !MailServer [23:27] ubuntu defaults to postfix (you removed it remember?), debian uses exim [23:27] and aiui no sane person uses qmail anymore [23:29] Kamping_Kaiser: Oh? What's up with that? Last thing I heard was that the guy who wrote qmail (wietse?) was a pain to work with, so a signficiant faction of folks didn't want to deal with it. [23:30] puff, from my reading a default qmail isnt rfc complient, and is a spammers heaven. it needs 3rd party patches "and stuff" before it becomes responsible again (debian had an argument about this recently if your after a quick link) [23:32] Kamping_Kaiser: I have this strange problem..if I change /etc/postfix/main.cf to #mailbox_command = procmail -a "$EXTENSION" it could receive mails from yahoo. What do you think? [23:33] rhineheart_m, i think you havent given us enough details yet [23:34] Kamping_Kaiser: I am using postfix..Trying to configure squirrelmail to work with postfix. My box has courier-imap installed too.. [23:35] Kamping_Kaiser: my problem? Cannot send emails..but I can receive with /etc/postfix/main.cf configured to to #mailbox_command = procmail -a "$EXTENSION" [23:35] rhineheart_m, and what was it before you commented that lilne? [23:36] Kamping_Kaiser: my networks mynetworks = 127.0.0.0/8 (I tried adding 192.168.1.0/24 after 127.0.0.0/8 but doesn't change. [23:37] rhineheart_m, did you change the #mailbox_command line in any way? [23:39] Kamping_Kaiser: I changed it with # so that my squirrelmail could receive mails [23:39] Kamping_Kaiser: the complete line-- #mailbox_command = procmail -a "$EXTENSION" [23:41] rhineheart_m, you want to set `home_mailbox = Maildir/` [23:41] i'm guessing [23:43] Kamping_Kaiser: this is the line: home_mailbox = Maildir/ [23:44] Kamping_Kaiser: but still it can't send mails.. [23:44] rhineheart_m, you probably havent configured it correctly. check your mail logs for errors [23:45] * Kamping_Kaiser thinks 'deja vu' [23:51] Kamping_Kaiser: every time I send message this will happen: Undelivered Mail Returned to Sender [23:51] Kamping_Kaiser: let me check the logs... a minute.. [23:52] rhineheart_m, pastebin the last 10 lines of your mail.error and mail.log [23:54] rhineheart_m, *pastebin* [23:54] rhineheart_m, *do* *not* *message* *me* [23:54] I forgot the link to pastebin [23:55] then ask for it [23:55] ubotu, pastebin | rhineheart_m [23:55] rhineheart_m: pastebin is a service to post multiple-lines texts so you don't flood the channel. The Ubuntu pastebin is at http://paste.ubuntu-nl.org (make sure you give us the URL for your paste - see also the channel topic) [23:55] http://paste.ubuntu-nl.org/57773/ [23:56] and becaues you seem to have forgotten: [23:56] !private message | rhineheart_m [23:56] rhineheart_m: Please ask your questions in the channel so that other people can also benefit AND help you. Please don't PM a user in the channel without asking first, some find it rude. [23:57] rhineheart_m, to=, two @ in an email address? [23:59] Kamping_Kaiser: sorry..typo error.. this is the right one there.. http://paste.ubuntu-nl.org/57775/