[01:05] <Scunizi> Is there a download link to hardy server beta?  I can't seem to find it on the main site.
[01:11] <mathiaz> Scunizi: http://releases.ubuntu.com/hardy/
[01:11] <Scunizi> thanks.. couldn't find that page..
[01:16]  * Kamping_Kaiser finds downloading ubuntu images unnessarily complex
[03:59] <Invisionfree> How do I get X started?
[04:00] <Invisionfree> How do I get X started?
[04:01] <Invisionfree> Hello?
[04:03] <sommer> Invisionfree: what are you wanting to do?
[04:03] <sommer> oh woops you'll need to install X and it's dependencies
[04:03] <sommer> !servergui
[04:03] <ubotu> Ubuntu server does not install a desktop environment or X11 by default in order to enhance security, efficiency and performance.  !eBox provides a GUI system management option via a web interface.  See https://help.ubuntu.com/community/ServerGUI for more background and options.
[04:03] <sommer> should get you started
[04:10] <Invisionfree> sommer
[04:10] <Invisionfree> I installed KDE and x11-common
[04:10] <Invisionfree> But I don't know what to do now ..
[04:11] <Invisionfree> sommer?
[04:11] <sommer> Invisionfree: did you follow the instrucions in the link?
[04:11] <sommer> instructions even
[04:11] <Invisionfree> sommer, it's hard to open a link without any GUIs ..
[04:12] <sommer> ah, you can use w3m, it's installed by default... or another computer with a browser :)
[04:13] <Invisionfree> Well
[04:13] <Invisionfree> One is watching a movie
[04:13] <Invisionfree> Oh well
[04:16] <Invisionfree> It's installiong kubuntu-desktop.
[04:16] <sommer> Invisionfree: make sure you have: sudo apt-get install xserver-xorg x-window-system-core
[04:16] <sommer> and if you want gui login install kdm
[04:17] <Invisionfree> Ok.
[04:20] <Invisionfree> sommer, if I did apt-get install kde, do I need to install kubuntu desktop?
[04:21] <sommer> I'm not sure, I've never installed kde on a server before... I'd say give it a try and see how it goes :)
[04:21] <Invisionfree> Hmm...
[04:21] <Invisionfree> 5 minutes to restart.
[04:22] <sommer> I would think that kubuntu-desktop would include other packages like openoffice that you may not need
[04:22] <Invisionfree> sommer: If Idid, I couldinstall them
[04:23] <Scunizi> just trying to install hardy server.. At the grub install page it fails to install into "/target/".  Several retrys and nothing .. Any ideas?
[04:23] <Invisionfree> Restarting in 3 minutes!
[04:24] <Invisionfree> Two..
[04:24] <Scunizi> boom
[04:25] <sommer> Invisionfree: what are you trying to accomplish?  it may be easier for you to install the desktop edition and add server packages to it
[04:25] <sommer> Scunizi: did it give you any errors?
[04:26] <sommer> Scunizi: are you trying on a x86 or amd64?
[04:28] <Scunizi> x86 and the only error is the one about grub
[04:28] <sommer> mmm... nothing in /var/log/syslog?
[04:28] <Scunizi> sommer >>>>>  ^ <<<<<<
[04:28] <Scunizi> sorry..
[04:28] <Scunizi> haven't got past the grub part yet.. can't boot the machine.
[04:29] <sommer> you can get another console by hitting alt+f2 - f4
[04:29] <Scunizi> forgot about that.. let me check
[04:29] <lee__> sommer, I installed it, it still goes to KDE.
[04:29] <lee__> Er, CLI*
[04:29] <sommer> I believe the install log output is on alt+f4
[04:30] <sommer> lee__: did you install kdm?
[04:30] <sommer> try startx
[04:30] <lee__> Yes sommer.
[04:30] <lee__> I did
[04:30] <lee__> It gave me some error
[04:30] <sommer> what was the error?
[04:31] <lee__> error 104
[04:31] <lee__> No useable screens or something?
[04:32] <sommer> lee__: you probablty need to configure X then
[04:32] <lee__> How?
[04:32]  * lee__ forgets command
[04:32] <Scunizi> sommer.. got to ctrl-alt F2 and activated that tty. looked at the log and turned around to type here.. when turning back the screen was black with a few white squares.. however ctrl-alt-F1 takes me back to the normal install screen.. weird
[04:34] <lee__> sommer ran away, Scunizi :(
[04:34] <sommer> Scunizi: ya, sometimes the install display can be a little flaky, did you find anything on alt+f4?
[04:34] <lee__> Oh
[04:34] <sommer> lee__: looking
[04:34] <lee__> He just ran away from me then :x
[04:35] <Scunizi> sommer.. nothing.. however I decided to try lilo and it looks like it's moving along.. strange that grub wouldn't install but lilo would/is
[04:35] <sommer> lee__: try installing xdebconfigurator, I guess
[04:36] <sommer> Scunizi: ah, I think there was an issue with grub in the .iso's a few days ago, did you recently download the iso file?
[04:36] <Scunizi> never used lilo before.. this is a stand alone machine that I want to use in the house wirelessly..  .. Yep.. just got the iso tonight.
[04:37] <lee__> sommer: Installed, now what?
[04:37] <sommer> lee__: run the command I guess
[04:37] <Scunizi> rebooting into the sys.. lots of messages .. starting services and whatnot.. running local boot scripts now..
[04:37] <sommer> I've never actually used it... don't run X on my servers :)
[04:38] <lee__> sommer: I tried, its not a cmd
[04:38] <Scunizi> lee__: you trying to get the gui up?  which one gnome or kde?
[04:38] <sommer> lee__: dpkg -L xdebconfigurator | grep bin
[04:38] <sommer> should show you the executable files in the package
[04:39] <lee__> Scunizi: KDE
[04:39] <Scunizi> lee__: sudo /etc/init.d/kdm start
[04:40] <lee__> Says it's already running..
[04:41] <lee__> Scunizi: ^
[04:41] <sommer> lee__: it may be easier for you to install the desktop edition and add server packages then the other way around
[04:41] <lee__> sommer: Aw.
[05:16] <Scunizi> ping
[05:17] <Scunizi> sommer, scunizi here.. internet goes up and down tonight.. did lee__ get my message about how to start kde desktop?
[06:57] <warchief_ryan> Anyone know if theres a way to setup my ubuntu box as a NAT with out using iptables?
[06:59] <_ruben> why without iptables?
[06:59] <warchief_ryan> why with them?
[07:00] <_ruben> because its the default and easy way of doing it? .. and 'setup my ubuntu as a NAT' doesnt make very much sense either .. tho im assuming you want a NAT-capable router
[07:01] <_ruben> squid would be another solution, tho that wouldnt cover all protocols (far from it) .. socks being yet another, but requires support in the client apps
[07:04] <warchief_ryan> iptables seem complicated, I tried squid but im not really looking for something to filter anything
[07:05] <warchief_ryan> maybe Ill just have to learn how to setup iptables
[07:07] <_ruben> http://iptables-tutorial.frozentux.net/iptables-tutorial.html .. that's a decent tutorial to start with
[07:09] <warchief_ryan> geez
[07:11] <_ruben> NAT (and networking in general, up to a certain point) is complex matter, if you dont want to dive into that, get yourself a simple hardware router (like one of those 4 port home dsl routers for like $30)
[07:13] <warchief_ryan> Im fine with networking, but iptables seem overly complicated to me
[07:15] <warchief_ryan> well thanks for the link ima need to start reading, later
[07:39] <spiekey> hey
[07:39] <spiekey> i need some "language" help :)
[07:39] <spiekey> how would you write the following in english?: Hereby i declare that the following parts work.
[07:43] <_ruben> sounds a bit "official", but is ok otherwise i'd say, though im not a native english speaker either
[07:49] <spiekey> hehe, its supposed t be official :)
[07:49] <spiekey> thanks!
[08:14] <sergevn> Hello, is there someone with experience with Freeradius?
[08:15] <kraut> moin
[08:15] <Kamping_Kaiser> sergevn, no. no one in the world
[08:23] <sergevn> Kamping_Kaiser: bummer, than I am the only one
[08:23] <sergevn> Kamping_Kaiser: who tries to make it work
[08:24] <sergevn> Kamping_Kaiser: It is easier to ask if someone CAN help me, then spam my whole problem trough the channel :)
[08:30] <Kamping_Kaiser> sergevn, it say in the /topic - ||  Be patient.  Don't ask to ask, just ask.  |
[08:30] <Kamping_Kaiser> :)
[08:30] <Kamping_Kaiser> its entirely posible we/i cant help, but i dont know until you ask :)
[08:33] <sergevn> Kamping_Kaiser: true, sorry. well the problem is I am getting the following error during authentication:
[08:34] <sergevn> rlm_eap_md5: User-Password is required for EAP-MD5 authentication
[08:34] <sergevn> It's a problem with the way freeradius handles the password.
[08:35] <sergevn> Freeradius is authenticating with OpenLDAP
[08:35] <sergevn> with a md5hash as password, so hashing is not the problem either.
[08:35] <Kamping_Kaiser> mm. i did freeradius+passwd file :/ looks like a problem i cant help with
[08:36] <sergevn> yeah, but plaintext passwd-file is out of option, because it's not secure and we have an existing ldap server
[08:36] <sergevn> it works with mschapv2 and the samba-NT hash in ldap
[08:37] <sergevn> but now It needs to authenticate with the MD5 hash in ldap, using ttls for this.
[08:39] <Kamping_Kaiser> i wasnt using plain text *hmf*. i was using system passwd
[09:07] <sergevn> Kamping_Kaiser: ah ok :)
[09:33] <kraut> "It may be necessary that grsecurity instead track the Ubuntu LTS kernel so that users can have a stable kernel with up-to-date security fixes. I will update this page when a final decision has been reached. "
[09:34] <_ruben> kraut: grsecurity .. heh .. been ages since i last touched that :)
[09:35] <kraut> _ruben: i run my private servers with grsec
[09:35] <kraut> but actually a hybrid of ubuntu/debian
[09:35] <kraut> that's ugly as hell :/
[09:36] <kraut> if grsec really goes into the LTS repo, it would be interesting to reinstall the boxes with the new LTS...
[09:37] <robin92> Hello! I try to installed "jeos-8.04-beta" on vmware GSX, but during the installation, a message appear to say that he can not install GRUB, can you help me? please I ask my question on several chanel because I need an answer quickly
[09:39] <_ruben> robin92: you might wanna check the various tty's to check for clues when that error is presented
[09:52] <robin92> _ruben: no error on tty
[09:55] <robin92> And I don't know why when I try I tried  on VMw are GSX Server the live CD does not even load
[10:11] <_ruben> live cd? jeos doesnt come on a live cd, its an install cd only
[10:12] <_ruben> gsx and vmware server being pretty much the same product, i doubt it wouldnt work with gsx
[10:12] <_ruben> unless gsx would be too old
[10:48] <mludi> hi, is there a mechanism for /etc/skel that is able to replace variables defined in the skel template files. e.g. to set the username inside a skel template file to the user whos home directory is being created?
[11:27] <kraut> x4100 (non M2) aren't supported by ubuntu dapper?
[11:27] <kraut> the setup won't boot.
[11:30] <J-_> Where is the inadyn configuration file store at?
[11:31] <J-_> I'm using dapper
[11:31] <J-_> There's no file in /etc/ called inadyn.conf
[11:32] <J-_> I guess I'll just have to create one.
[14:32]  * delcoyote hi
[14:32] <ivoks> helou
[15:07] <_ruben> damnit .. stupid debian installer :p .. cant seem to figure out how i performed an install over ssh the other .. i know i need to install the network-console module, but for some reason the installer just wont let me .. grr
[15:09] <ivoks> it's easy
[15:09] <ivoks> you need preseed file with
[15:09] <ivoks> d-i   network-console/password password install
[15:10] <ivoks> d-i   network-console/password-again password yoursupersecurepassword
[15:10] <_ruben> ivoks: that was gonna be my next attempt: custom cd .. tho last time i did it with a "standard" server install cd
[15:11] <ivoks> and append this to boot manager:
[15:11] <ivoks> preseed/url=http://path/to/your/preseed/file anna/choose_modules=network-console
[15:11] <ivoks> a kickstart file would also be nice
[15:12] <_ruben> i really should look into preseeding, had smth similar setup for my sles9 machines/installs
[15:14] <GH-VAIO> hello.. anybody here wanna trade shell account?
[15:18] <ivoks> _ruben: good luck
[15:18] <ivoks> take care guys, bye
[15:18] <_ruben> ivoks: thanks, i'll need it ;)
[15:18] <_ruben> cya
[15:18] <mathiaz> bye ivoks
[15:18] <ivoks> _ruben: just make sure to put the same password for both password and password-again
[15:19] <ivoks> _ruben: in my example, one is install, other is yoursupersec...
[15:19] <ivoks> mathiaz: hi :)
[15:19] <_ruben> ivoks: figured as much ;)
[15:19] <ivoks> _ruben: you'll need kickstart file to eliminate all the pre-partitioning stuff
[15:19] <\sh> GH-VAIO, wrong channel wrong topic pls join #scriptkiddies kthxbye :)
[15:20] <ivoks> \sh: :D
[15:20] <saltedlight> hi. i'm trying to setup virtual hosts on my server but i cant find the configuration file. httpd.conf is empty. where should be the configuration file? i'm using ubuntu 8.04ß
[15:20] <\sh> saltedlight, /etc/apache2/sites-available/*
[15:20] <\sh> saltedlight, check the "default" file
[15:20] <_ruben> ivoks: guess that'll all be part of the plan to setup a complete installation rig .. if only the days for like 3 times as long
[15:25] <saltedlight> what is the difference  between sites-available and sites-enabled ? i just cant figure it out...
[15:29] <PecisDarbs> err, people, what strange protection it is on Hardy server and how to change it's behaviour?
[15:30] <PecisDarbs> I can't write custom log file in place where I want
[15:33] <sommer> PecisDarbs: what application are you trying to log?
[15:33] <PecisDarbs> bind
[15:34] <sommer> PecisDarbs: it's most probably the AppArmor profile
[15:34] <PecisDarbs> where to check that?
[15:35] <PecisDarbs> oh, so many config files :)
[15:35] <sommer> PecisDarbs: the bind9 apparmor config is in /etc/apparmor.d/usr.sbin.bind9
[15:35] <mathiaz> PecisDarbs: you should see some apparmor related messages in /var/log/syslog
[15:35] <PecisDarbs> yeah, found it
[15:35] <PecisDarbs> thanks people
[15:36] <PecisDarbs> mathiaz: I did it, it was reason I asked :)
[15:36] <sommer> PecisDarbs: for details on bind logging see: http://doc.ubuntu.com/ubuntu/serverguide/C/dns-troubleshooting.html
[15:36] <PecisDarbs> heh, rather easy config file
[15:36] <sommer> the logging section, has an example of setting up a seperate log file
[15:37] <mathiaz> PecisDarbs: https://wiki.ubuntu.com/DebuggingApparmor
[15:37] <juliux> hi
[15:38] <juliux> i next wednesday also a server team meeting?
[15:38] <sommer> mathiaz: heh, good call
[15:39] <mathiaz> juliux: yes - tomorrow at 21:00 UTC - https://wiki.ubuntu.com/ServerTeam/Meeting
[15:39] <juliux> mathiaz, also next week?
[15:39]  * juliux is searching for free slot for the loco counciol;)
[15:39] <mathiaz> juliux: yes
[15:39] <juliux> mathiaz, thxs
[16:02] <damjan> I just installed jeos-8.04 (daily) ... I wonder why 'apt-get install apache2' by default would install mpm-worker and not mpm-prefork?? is there a special reason or it's just so
[16:12] <Deeps> heh, anyone in here know why openssh-server defaults to PermitRootLogin yes now?
[16:16] <Deeps> heh, i see a number of bug reports have already been filed, and ignored on account of upstream maintainers
[16:17] <trappist> Deeps: I guess theoretically it doesn't matter, what with root being passwordless and all
[16:17] <trappist> but I'm pretty sure it should be no by default
[16:17] <Deeps> heh, my root password on my dev box was 'root'
[16:18] <Deeps> in the process of reinstalling it now
[16:27] <trappist> that's the worst thing I've ever heard
[17:16] <W8TAH> im doing an install on 6.06lts right now - ive entered apt-get install build-essential libmysqlclient15-dev python-dev  i have a list of extras that will be installed, new packages that will be installed, suggested and recomended packages - how do i tell it i want to install the entire list? (including the suggested and recomended)?
[17:18] <seisen> use aptitude instead of apt
[17:19] <W8TAH> whats that?
[17:21] <Invisionfree> Help. I tried installing KDE, kubuntu-desktop both, now it won't start, but my resolution is wayy too big, how can I fix this?
[17:21] <W8TAH> Invisionfree, this is ubuntu-server -- you might get better results in #ubuntu or #kubuntu
[17:22] <Invisionfree> W8TAH: ... I installed it on Ubuntu server ...
[17:22] <W8TAH> aptitude install .... got the same package list without the optionals
[17:22] <W8TAH> Invisionfree, oh.. ouch
[17:22] <seisen> boot into recovery mode and sudo apt-get remove kubuntu-desktop
[17:23] <seisen> usually aptitude will pull everything
[17:23] <W8TAH> not sure
[17:24] <Invisionfree> seisen: When I do that, it says "Give root password for maintenance (or type Control-D to continue) but I'm not sure what the root password is, because it's not taking my sudo password.
[17:26] <seisen> it should automatically boot into root in recovery mode
[17:26] <Invisionfree> It doesn't ..
[17:27] <seisen> what does Control+D do?
[17:28] <Invisionfree> Boots as my normal user
[17:28] <seisen> hmm.....
[17:28] <Invisionfree> I got them removed, seisen.
[17:29] <seisen> recovery mode?
[17:29] <Invisionfree> Wow, it's being slow when I boot normally though ..
[17:30] <Invisionfree> How do I remove all the packages it installed when I did apt-get install kde and apt-get install kubuntu-desktop?
[17:32] <Invisionfree> seisen: ?
[17:33] <blueyed> !openvz
[17:33] <ubotu> Sorry, I don't know anything about openvz - try searching on http://ubotu.ubuntu-nl.org/factoids.cgi
[17:33] <blueyed> Does linux-openvz work for anybody?
[17:33] <seisen> press CTRL+ALT+F2 and it will send you to a terminal session log in and remove the packages there
[17:34] <Invisionfree> What packages?
[17:35] <seisen> did you kde-4 and kubuntu-desktop
[17:35] <seisen> *install
[17:35] <Invisionfree> Just kde
[17:35] <Invisionfree> And kubuntu-desktop
[17:37] <seisen> you mean kde-core? I assume you want to remove kubuntu-desktop, correct
[17:37] <mathiaz> blueyed: dantalizing was interested in openvz
[17:38] <Invisionfree> I typed these two commands: "sudo apt-get install kde" and "sudo apt-get install kubuntu-desktop"
[17:39] <seisen> if it messed up after installing kubuntu-desktop remove that package
[17:39] <blueyed> dantalizing: does openvz work for you? (it seems to be a common problem, that it does not boot; bug 210672)
[17:39] <ubotu> Launchpad bug 210672 in linux "linux-image-2.6.24-13-openvz refuses to boot" [High,Fix committed] https://launchpad.net/bugs/210672
[17:40] <Invisionfree> I did seisen, it installed a load of other stuff with it seisen, and it didn't remove all that when I removed it ..
[17:40] <seisen> hold on
[17:42] <seisen> which version of Ubuntu?
[17:42] <Invisionfree> server 7.10
[17:43] <seisen> !pastebin
[17:43] <ubotu> pastebin is a service to post multiple-lined texts so you don't flood the channel. The Ubuntu pastebin is at http://paste.ubuntu-nl.org (make sure you give us the URL for your paste - see also the channel topic)
[17:43] <Invisionfree> ..?
[17:43] <seisen> http://paste.ubuntu-nl.org/63328/
[17:44] <Invisionfree> holy ..
[17:44] <seisen> ya
[17:45] <seisen> thats why I didn't post it to the channel
[17:46] <Invisionfree> Lmfao
[17:46] <Invisionfree> I SSHed in to do it
[17:46] <Invisionfree> But I can hear the box straining to do all this
[17:46]  * seisen goes to get fire extinguisher
[17:46] <Invisionfree> Lolol
[17:53] <Invisionfree> seisen: How can I fix my resolution on it, it's still bad,
[17:55] <seisen> I believe its sudo dpkg-reconfigure xserver-xorg
[17:56] <Invisionfree> seisen: What if I removed that package?
[17:57] <seisen> did you remove it?
[17:58] <Invisionfree> No, but it's tempting..
[17:59] <seisen> then you won't anything but a terminal
[18:01] <dantalizing> blueyed: openvz is working for me ...sorry been back and forth...nneed to go to a meeting now...bbiab
[18:05] <Invisionfree> seisen: I only want a terminal, would removing that fix my res problems?
[18:06] <seisen> ya
[18:06] <seisen> so why did you install kde?
[18:12] <W8TAH> hi folks -- was doing a build of zenoss on 6.06 got this error message -- what do i need to install
[18:12] <W8TAH> http://www.pastebin.ca/986221
[18:13] <W8TAH> the server is a 6.06 fully built and dist-upgraded today
[18:14] <seisen> autoconf
[18:14] <seisen> I believe
[18:19] <W8TAH> apt-get install autoconf?
[18:20] <seisen> ya
[18:21] <W8TAH> ok - its runnin we'll see boout 20 min build
[19:00] <PodMan99b> hey all for 7.10 is there a vhost-mysql package for apache?? i cant get it to start says stuff is missing ... anyone used this?
[19:24] <\sh> vhost-mysql?
[19:34] <PodMan99b> yea configure apache vhosts with mysql
[19:42] <GH-VAIO> hello.. anybody here wanna trade shell account?
[19:44] <infinity> *blink*
[19:45] <sommer> is that like trading baseball cards?
[19:45] <zul> sommer: no we do hockey cards
[19:46] <sommer> zul: lol, hockey's cool too
[19:46] <zul> sommer: when we were kids we through them in the school yards and there were mad dashes to get the cards
[19:47] <sommer> heh, did they come with a stick of nasty gum in the pack?
[19:47] <zul> sommer: well when they were in the package :)
[19:47]  * sommer always ate the gum anyway
[19:47] <zul> hey Koon
[19:48] <Koon> hello zul !
[19:51] <mathiaz> Hi Koon
[19:51] <Koon> Hello mathiaz (& everyone else)
[19:53] <Koon> I'll be missing tomorrow's meeting, I've to go to Beaune to meet a last time with my ex-boss-above-my-boss
[19:54] <nxvl> http://www.iaps.com/2008-server-reliability-survey.html
[19:55] <zul> nxvl: are we first?
[19:55] <nxvl> zul: kind of
[19:57] <nxvl> zul: we are one of the firsts
[19:57] <nxvl> Linux distributions from Novell and Red Hat as well as open source Ubuntu were the clear winners
[20:00] <Invisionfree> If I do a port scan, and it says port 80 is open, why can't I access 12.203.90.214:80?
[20:00] <zul> Invisionfree: firewall upstream maybe?
[20:02] <nxvl> apache is down
[20:02] <nxvl> or it's fitered
[20:02] <Invisionfree> A couple of people on another network said they can access it
[20:02] <Invisionfree> But I don't see how ..
[20:03] <nxvl> or it's blocking all non localhost connections
[20:03] <nxvl> by telnet i have connected
[20:03] <nxvl> by i can't via web browser
[20:13] <nxvl> Invisionfree: 80 responds here
[20:14] <nxvl> Invisionfree: it is a router, doesn't it?
[20:14] <nxvl> Invisionfree: it was slow, but is works
[20:14] <Invisionfree> nxvl: What do you see? Vonage?
[20:15] <nxvl> yup
[20:15] <nxvl> and a login screen
[20:20] <nijaba> nxvl: thanks for the link.  I love the "22% of the survey respondents
[20:20] <nijaba> are running at least one Ubuntu server at their sites".  This is GREAT
[20:25] <nxvl> nijaba: yes it is!
[20:25] <nxvl> nijaba: i was so happy reading that note
[20:32] <Invisionfree> How can my ports still be closed? http://img390.imageshack.us/img390/8184/vonageportsan5.png and http://img177.imageshack.us/img177/2638/linksysportswe1.png and http://img291.imageshack.us/img291/5340/routeriphr3.png
[20:35] <nxvl> Invisionfree: you are publiching to much information about your private network, don't do that
[20:36] <Invisionfree> nxvl: I want this fixed :(
[20:36] <nxvl> Invisionfree: you are not enabling the redirectiong of port 80 -> http://img390.imageshack.us/img390/8184/vonageportsan5.png
[20:36] <nxvl> Invisionfree: there are PM
[20:36] <Invisionfree> nxvl: I am using non-standard ports, it's getting actively refused on port 803, and port scans say port 803 is closed ..
[20:37] <nxvl> Invisionfree: even internaly?
[20:37] <Invisionfree> nxvl: As in http://192.168.1.107:803?
[20:38] <nxvl> yup
[20:38] <Invisionfree> Firefox can't establish a connection to the server at 192.168.1.107:803.
[20:38] <nxvl> that's the problem
[20:38] <nxvl> :D
[20:38] <nxvl> telnet it
[20:39] <Invisionfree> Say wha? On which comp?
[20:39] <nxvl> "telnet 192.168.1.107 80"
[20:39] <Invisionfree> You mnean 803?
[20:39] <nxvl> yes, sorry
[20:39] <nxvl> "telnet 192.168.1.107 803"
[20:39] <Invisionfree> telnet: Unable to connect to remote host: Connection refused
[20:39] <nxvl> your apache isn't listening on port 803
[20:40] <Invisionfree> Oh, how does I change that?
[20:42] <nxvl> mmm
[20:42] <nxvl> let me check
[20:42] <Koon> /etc/apache2/ports.conf apparently
[20:42] <Invisionfree> nxvl: I got it
[20:42] <nxvl> #ServerName www.example.com:80
[20:43] <nxvl> on apache.conf
[20:43] <nijaba> just in case some of you have some time, feel free to test some Release Candidate isos....  http://iso.qa.ubuntu.com/
[20:43] <Invisionfree> nxvl: What do you get on http://12.203.90.214:803
[20:46] <nxvl> Apache/2.2.4 (Ubuntu) Server at 12.203.90.214 Port 803
[20:47] <nxvl> and "It works!" on http://12.203.90.214:803/apache2-default/
[20:47] <Invisionfree> nxvl: What do you get on http://12.203.90.214:803 <- Screenshot please?
[20:47] <Invisionfree> nxvl: Where is ssh server conf?
[20:48] <nxvl> mm
[20:48] <nxvl> /etc/ssh/ ?
[20:48] <nxvl> /etc/ssh/sshd_config
[20:50] <nxvl> Invisionfree: http://nvalcarcel.aureal.com.pe/stuff/Screenshot.png
[20:50] <Invisionfree> nxvl: ssh -p 22000 12.203.90.214
[20:50] <Invisionfree> Yes!
[20:52] <nxvl> Invisionfree: it responds
[20:52] <Invisionfree> YES!
[20:52] <Invisionfree> Now
[20:52] <Invisionfree> All I gotta do
[20:52] <Invisionfree> Is figure out how to make my router issue that box a static IP
[20:53] <nxvl> easy, don't use dhcp
[20:53] <nxvl> :D
[20:53] <JaxxMaxx_> or use a static DHCP mapping to the MAC addr
[20:54] <nxvl> JaxxMaxx_: yes, but it dependr on the router model
[20:54] <Invisionfree> Linksys WRT54G
[20:58] <sommer> nijaba: do you know if there is a list of mirros that have daily ISOs?
[20:58] <Invisionfree> sommer
[20:58] <Invisionfree> My resolution is still ****ed, so I've been booting into recovery mode.
[20:58] <nijaba> sommer: I get a message about it each time I start rsync, hold on
[20:58] <Invisionfree> I'm going to try something as soon as I edit boot scripts
[20:59] <Invisionfree> How do I make Ubuntu server do something when it boots
[20:59] <Invisionfree> So I don't need to type it every time?
[20:59] <nijaba> sommer: https://launchpad.net/ubuntu/+cdmirrors
[21:00] <Invisionfree> So I don't need to type it every time?
[21:01] <Invisionfree> sommer, nxvl?
[21:01] <sommer> nijaba: ya, I did some checking of the US links, but the ones I checked don't seem to have the daily builds.  only releases
[21:01] <Invisionfree> sp,,er
[21:01] <Invisionfree> How do I make Ubuntu server do something when it boots <- Please halp sommer
[21:02] <nijaba> Does anyone one have a VMware-ESX and/or a VMWare server at hand.  Jeos needs some test love: http://iso.qa.ubuntu.com/qatracker/result/1469/257
[21:02] <sommer> Invisionfree: sorry I'm in the middle of a couple of other things... what do you want it to do?
[21:02] <nijaba> http://iso.qa.ubuntu.com/qatracker/result/1469/258
[21:03] <Invisionfree> sommer: When it boots, run these commands: sudo ifconfig wlan0 up - sudo iwconfig wlan0 essid linksys - sudo dhclient
[21:04] <sommer> Invisionfree: create a shell script with those commands and add the script path to rc.local, but if you just want to configure network /etc/network/interfaces is the proper place
[21:05] <Invisionfree> How do I make a shell script?
[21:05] <Invisionfree> .sh?
[21:10] <bipolar> kirkland: are you here?
[21:10] <kirkland> bipolar: hi
[21:11] <bipolar> kirkland: I got your nick handle from your comment in bug 155947.
[21:11] <ubotu> Launchpad bug 155947 in libnss-ldap "ldap config  causes Ubuntu to hang at a reboot" [Undecided,Incomplete] https://launchpad.net/bugs/155947
[21:11] <bipolar> kirkland: about ldap issues. I'm hoping you may be able to help me with something related.
[21:12] <kirkland> bipolar: okay.  are you able to reproduce that bug exactly, or something similar?
[21:12] <bipolar> kirkland: I havn't gotten that far yet. I'm still working on getting ldap auth working on Hardy. my current workstations are Feisty.
[21:13] <bipolar> it seems that 'dpkg-reconfigure -plow ldap-auth-config' doesn't create any config files that I can find. :(
[21:13] <kirkland> bipolar: okay, that sounds like that path of this bug
[21:14] <bipolar> yes.
[21:14] <kirkland> bipolar: so you have ldap authentication working successfully on your feisty workstations?
[21:14] <bipolar> yes
[21:14] <bipolar> I have about 20 workstations
[21:14] <bipolar> this Hardy one is a fresh install
[21:15] <kirkland> and youre trying this on one test hardy machine?
[21:15] <bipolar> yep.
[21:15] <bipolar> I found this bug searching for the ldap config file issue. google led me to https://bugs.launchpad.net/ubuntu/+source/libnss-ldap/+bug/155947/comments/3
[21:15] <ubotu> Launchpad bug 155947 in libnss-ldap "ldap config  causes Ubuntu to hang at a reboot" [Undecided,Incomplete]
[21:16] <bipolar> I don't know what debconf is doing with the info I'm giving it, but it's not putting it anywhere I can find :(
[21:17] <kirkland> dendrobates-: are you around?  I think you might have helpful info about this.
[21:17] <kirkland> bipolar: let me try something
[21:17] <dendrobates-> kirkland: yep
[21:18] <kirkland> dendrobates-: see the last few lines by bipolar
[21:19] <dendrobates-> kirkland: a debconf issue.
[21:19] <Invisionfree> sommer?
[21:20] <blueyed> Is it possible to install the ubuntu-server .iso on a server without a physical cdrom drive? E.g. by installing a minimal system and then making grub mount from a prepared partition, where the iso has been unpacked?
[21:21] <kirkland> bipolar: and this hardy system... is it a fresh install, or an upgrade from feisty or gutsy?
[21:21] <bipolar> kirkland: fresh install
[21:22] <bipolar> although I played with making an ldap.conf file by hand at one point. I've moved the old one out of the way though.
[21:22] <bipolar> maybe there is an option saved somewhere that's still telling debconf not to overwrite the now nonexistant ldap.conf file?
[21:22] <W8TAH> Will Server 8.04 be a LTS release as well, and will it be released on the same date as Desktop 8.04?
[21:22] <kirkland> bipolar: it should generate /etc/ldap.conf
[21:23] <kirkland> blueyed: it is possible.  you can use pxe/tftp, or i've even kicked off an install by booting from a usb stick
[21:23] <bipolar> # ls /etc/ldap.conf
[21:23] <bipolar> ls: cannot access /etc/ldap.conf: No such file or directory
[21:23] <kirkland> W8TAH: yes, 8.04 is an LTS release, all of the release dates are the same day
[21:24] <W8TAH> ok cool - -thanks kirkland
[21:24] <kirkland> do you have ldap-auth-config installed?
[21:24] <kirkland> W8TAH: Desktop and Server are mostly just different groupings of packages
[21:24] <bipolar> kirkland: yes
[21:25] <W8TAH> kirkland, yes, im aware of that -- i have several builds ahead of me and would prefer to do the new version - -i thought i had read someplace that one of the relases wasnt going to be an LTS, but i couldnt find it on the website again
[21:26] <W8TAH> it MAY have been the kubuntu that is using kde4 but im not positive
[21:26] <kirkland> bipolar: hmm, interesting, I see that too
[21:26] <kirkland> bipolar: if i move /etc/ldap.conf out of the way, and then do the dpkg-reconfigure, i answer the questions but it doesn't create a new file
[21:26] <blueyed> kirkland: I guess pxe does not work so well over the internet? (it's a dedicated server, and they do not seem to support pxe in their network)
[21:27] <bipolar> kirkland: well, that narrows it down
[21:28] <kirkland> bipolar: let me run an strace
[21:30] <kirkland> blueyed: yeah pxe over the internet isn't advised
[21:30] <Evil-MoBo> any web developers? who might be able to tell me the name of a good program for editing and createing flash on ubuntu
[21:34] <Invisionfree> libsasl2-modules-gssapi-heimdal: Depends: libsasl2-modules (= 2.1.22.dfsg1-12) but 2.1.22.dfsg1-9ubuntu2 is to be installed
[21:34] <Invisionfree>  
[21:34] <Invisionfree> What's this mean and how do I fix it?
[21:34] <Invisionfree> !repos
[21:35] <ubotu> The packages in Ubuntu are divided into several sections. More information at https://help.ubuntu.com/community/Repositories and http://www.ubuntu.com/ubuntu/components - See https://wiki.ubuntu.com/RecommendedSources for the recommended way to set up your repositories
[21:37] <Invisionfree> sommer, nxvl?
[21:41] <sommer>  Invisionfree what version are you running?  what are you trying to install?
[21:42] <Invisionfree> sommer, Ubunt 7.10 server, and I'll give you the command, here's my sources.list
[21:42] <Invisionfree> http://paste.ubuntu-nl.org/63350/
[21:42] <Invisionfree> apt-get install heimdal-clients heimdal-docs heimdal-kcm heimdal-servers libgssapi4-heimdal libpam-heimdal libsasl2-modules-gssapi-heimdal libsasl2-2 libsasl2-modules-ldap ldap-utils libnss-ldap libpam-ldap libpam-cracklib libldap2 nscd ssh-krb5 ntpdate ntp
[21:42] <sommer> nijaba: doh, us.cdimage.ubuntu.com... much faster for me :)
[21:43] <nijaba> sommer: sounds like a good pick :)
[21:44] <sommer> Invisionfree: I'd try commenting the backports lines in your sources.list, then do sudo apt-get update, then try installing
[21:44] <Invisionfree> sommer: Already did, Seveas in #Ubuntu says I'm missing some repos.
[21:44] <sommer> Invisionfree: either that or leave the backports in and do sudo apt-get upgrade
[21:44] <Invisionfree> I did sommer.
[21:46] <kirkland> bipolar: so it appears that at least part of this is "by design"
[21:47] <kirkland> bipolar: ldap-auth-config honors the fact that the user deleted the file
[21:47] <bipolar> oh, boy
[21:47] <bipolar> any way to reset that? or maybe it should be changed?
[21:48] <bipolar> if the file is deleted... why not put a new file in it's place? sounds a bit odd.
[21:48] <bipolar> maybe there is a situation I'm not concidering
[21:51] <kirkland> bipolar: i'm still digging
[21:51] <bipolar> k. thanks :)
[21:51] <Invisionfree> FUCK
[21:54] <kirkland> bipolar: you can purge the package, and reinstall it
[21:54] <kirkland> bipolar:  looks like that's the preferred mechanism for getting fresh, clean conf for it
[21:54] <kirkland> bipolar: note, "purge", remove is not enough
[22:12] <bipolar> kirkland: ok. I'll try that
[22:21] <bipolar> kirkland: that did it. it created an ldap.conf file
[22:21] <Stev> hi
[22:22] <Stev> i'm logged via ssh on a remote system, booted from a rescuecd, i would like to install ubuntu server. Someone can give me some tips? Tnx
[22:22] <kirkland> bipolar: good.  did you customize it accordingly?
[22:23]  * faulkes- repeatedly slams head into desk
[22:23] <kirkland> Stev: I'm not sure you can install from a rescue cd
[22:24] <bipolar> kirkland: I havn't made it work yet... we use ssl certs.
[22:24] <bipolar> gotta put that data in. the stuff I told debconf is in there though.
[22:24] <kirkland> bipolar: oh, good
[22:24] <kirkland> bipolar: so did you re-run dpkg-reconfigure?
[22:25] <kirkland> bipolar: or did debconf prompt you on the install of ldap-auth-config?
[22:25] <bipolar> it prompted on install
[22:25] <kirkland> bipolar: very good
[22:25] <Stev> kirkland: can't i dd a disk into the hd? i've two hd's.. maybe i can copy the cd to one and install to the other..
[22:27] <kirkland> sorry, Stev, i personally don't have that expertise
[22:27] <Stev> ok, thank you anyway :)
[22:28] <Invisionfree> kirkland: Can you help me CHROOT into my sewrver oinsstall?
[22:28] <Invisionfree> Er, server install* :P
[22:29] <kirkland> Invisionfree: um, possibly.  what's the holdup?
[22:29] <Invisionfree> kirkland: I have no idea how to do it :P
[22:30] <bipolar> hmmm.... whats the equv of the TLS_CACERT, TLS_CERT, and TLS_KEY lines from the old /etc/ldap/ldap.conf for the new /etc/ldap.conf? without them nss can't talk to the ldap server.
[22:31] <kirkland> Invisionfree: it would be best for you to start with some documentation, like https://help.ubuntu.com/community/BasicChroot
[22:31] <Invisionfree> kirkland: I really need to fix my passwords, will you tell me what commands to run if I promise to read that later? :x
[22:33] <bipolar> If install the old /etc/ldap/ldap.conf file, it works. weird
[22:33] <bipolar> at least 'getent password' shows my ldap users
[22:34] <kirkland> Invisionfree: have you booted a rescue cd or a live cd?
[22:34] <bipolar> stranger... if i put JUST THOSE LINES in /etc/ldap/ldap.conf it works :P
[22:35] <kirkland> bipolar: the encryption lines?
[22:35] <bipolar> the TLS_CACERT, TLS_CERT, and TLS_KEY lines
[22:35] <bipolar> all three paths to cert files
[22:35] <kirkland> bipolar: you copied those lines from /etc/ldap/ldap.conf to /etc/ldap.conf ?
[22:35] <bipolar> I tried that. it didn't work.
[22:36] <kirkland> ok....?
[22:36] <bipolar> but putting just those lines in /etc/ldap/ldap.conf makes it work.
[22:36] <kirkland> bipolar: as in, wc -l /etc/ldap/ldap.conf == 3
[22:36] <bipolar> yeah
[22:37] <kirkland> hmmf
[22:37] <bipolar> well... without comments
[22:37] <bipolar> let me remove all the comments
[22:37] <kirkland> bipolar: nothing else of substance in there
[22:37] <kirkland> bipolar: oh, right....  i get it
[22:37] <kirkland> that file is what's used by the command line ldap utilities
[22:37]  * kirkland just remembered that
[22:37] <bipolar> yep. thats all it needs
[22:38] <bipolar> with just those lines in /etc/ldap/ldap.conf getent works. without them, nothing.
[22:38] <kirkland> bipolar: right, that makes sense to me, if you have a secure ldap server
[22:38] <kirkland> bipolar: so have you tried logging in yet with an ldap user?
[22:39] <bipolar> no. pam not configured yet... unless debconf took care of it.
[22:39] <bipolar> yes. it did
[22:39] <bipolar> I just sshed into it
[22:40] <bipolar> with my ldap account. it works.
[22:40] <bipolar> so, now I should disconnect the network and see if it boots, right?
[22:40] <kirkland> debconf handled your pam correctly too
[22:40] <bipolar> yeah
[22:40] <bipolar> I logged in anyway :)
[22:40] <kirkland> bipolar: yup, booting is what I'm most interested in
[22:40] <bipolar> ok. I'll do it.
[22:41] <kirkland> bipolar: are you near the machine, in case it hangs?
[22:41] <kirkland> bipolar: ie, can you get it into a recovery mode?
[22:42] <bipolar> The machine is in my office
[22:42] <bipolar> it's rebooting now
[22:43] <kirkland> bipolar: the other machines in your office, will you be reinstalling those with hardy from scratch, or doing a live upgrade?
[22:43] <bipolar> it's hung at "*Starting kernel log daemon..."
[22:43] <bipolar> kirkland: from scratch
[22:43] <kirkland> bipolar: whoa
[22:43] <kirkland> bipolar: that's *exactly* what the bug says, and I've been trying to reproduce that for 3 weeks
[22:43] <bipolar> tell me what you want... I'll help you debug it. ;)
[22:43] <kirkland> sweet
[22:43] <bipolar> maybe I should get food first... :P
[22:44] <kirkland> okay, let's be very clear about hung
[22:44] <kirkland> bipolar: up to you, but i'm very, very interested in getting to the bottom of this
[22:44] <bipolar> no disk activity, nothing moving on the screen.
[22:44] <kirkland> bipolar: responds to ping?
[22:44] <bipolar> pressing return puts a newline on the screen.
[22:44] <bipolar> I disconnected the network.
[22:44] <kirkland> aha
[22:44] <bipolar> so, no ;)
[22:45] <kirkland> okay, capslock/numlock?
[22:45] <kirkland> toggling those, does it affect the lcd's?
[22:45] <bipolar> yes
[22:45] <bipolar> it's not really "hung"
[22:45] <bipolar> I wonder if it will timeout....
[22:45] <kirkland> bipolar: it should in 60seconds
[22:45] <kirkland> bipolar: that's what I get when I try to reproduce it
[22:46] <bipolar> ok.
[22:46] <kirkland> bipolar: people swear that it's a "hang" but I've never hung the kernel doing this
[22:46] <bipolar> hasn't been a min yet.
[22:46] <kirkland> bipolar: can you switch to another tty?
[22:46] <kirkland> ctrl-alt-f2 ?
[22:46] <bipolar> most people use the word 'hung' and 'it's not doing anything' interchangably :)
[22:46] <bipolar> let me try...
[22:46] <bipolar> yes
[22:47] <bipolar> can't login though
[22:47] <bipolar> although vt's 2-7 show a getty prompt
[22:47] <kirkland> bipolar: a login prompt?
[22:47] <bipolar> yeah
[22:47] <kirkland> bipolar: and it takes your username?
[22:47] <bipolar> yep
[22:47] <bipolar> but never asks for pw
[22:47] <kirkland> bipolar: prompts for a password?
[22:48] <kirkland> bipolar: okay, good
[22:48] <bipolar> then come sup with "Login timed out after 60 seconds", and does not return to a prompt
[22:49] <jdstrand> bipolar: getty's show that it is not 'hung' in the way described
[22:49] <bipolar> I hate to do this, but I really gotta go get something to eat. I haven't eaten all day. mind if I just run though the drivethru down the street?
[22:49] <kirkland> bipolar: okay, so it timed out the ldap login, but did not fall back to local authentication
[22:49] <jdstrand> bipolar: the problem is that tty1 gets console messages on boot
[22:49] <kirkland> bipolar: sure, that's fine
[22:49] <kirkland> bipolar: find me here in a bit
[22:49] <bipolar> won't be long... 10 min
[22:49] <jdstrand> normally just pressing 'enter' will be good, but as the login process hangs, you don't see it
[23:00] <bipolar> kirkland: I'm back... food in hand
[23:05] <kirkland> bipolar: hey, enjoy your fast food, I'm chatting with a few people about this
[23:05] <bipolar> ok
[23:06] <bipolar> wow... it does this even with the network connected
[23:07] <bipolar> unpingable... probbly because the network hasn't been brought up yet
[23:07] <kirkland> bipolar: reboot with the network attached
[23:08] <bipolar> I did.
[23:08] <bipolar> same thing
[23:08] <bipolar> it's trying to reach the ldap server before the network is brought up
[23:08] <bipolar> and not falling back to local auth
[23:09] <bipolar> I can see how this would be annoying
[23:09] <kirkland> bipolar: boot back into single user, and pastebin your /etc/nsswitch.conf
[23:10] <bipolar> ok
[23:12] <bipolar> ouch
[23:12] <bipolar> recovery menu :)
[23:13] <bipolar> recovery menu doesn't work... prints codes on the screen for up and down arrow keys :P
[23:13] <bipolar> I'll try init=/bin/sh
[23:13] <kirkland> bipolar: try appending "single" onto the end of the first kernel boot line
[23:14] <bipolar> thats what I tried first :(
[23:14] <bipolar> maybe I should have used the grub menu recovery one, but I'm old school ;P
[23:15] <bipolar> damn... it's hung. and I mean HUNG. numlock key doesn't work. no activity at all
[23:15] <bipolar> during usb config
[23:15] <kirkland> whoa
[23:16] <bipolar> how did it get there when I used init=/bin/sh
[23:17] <bipolar> using the grub recovery menu worked.
[23:19] <bipolar> ran dhclient eth0, logging into w/ ssh
[23:19] <kirkland> bipolar: okay, so i've confirmed the work around in the bug
[23:19] <bipolar> http://pastebin.com/m6418b32f
[23:19] <kirkland> bipolar: bind_policy soft
[23:20] <bipolar> kirkland: where do I put that?
[23:20] <kirkland> grep for it in /etc/ldap.conf
[23:20] <kirkland> should be commented out and "hard"
[23:22] <bipolar> yep
[23:22] <bipolar> changed... rebooting
[23:22] <kirkland> bipolar: i think it'll prompt you twice
[23:22] <kirkland> the second time, letting you straight in
[23:22] <bipolar> for the password?
[23:22] <kirkland> yup
[23:22] <bipolar> I've seen that before.
[23:22] <kirkland> ldap first, then local
[23:22] <bipolar> on other machines
[23:22] <kirkland> (when ldap doesn't respond)
[23:23] <bipolar> it's booted
[23:25] <bipolar> well, it doesn't ask twice
[23:25] <bipolar> seems to work
[23:25] <kirkland> bipolar: ah, right, yours is compat ldap
[23:25] <kirkland> bipolar: mine was different
[23:25] <bipolar> so, is this a real fix or a workaround that needs to be cleaned up?
[23:26] <kirkland> bipolar: well, it's all configuration
[23:26] <kirkland> bipolar: i don't think "bind policy soft" is appropriate
[23:26] <bipolar> and it shouln't 'hang' either way....
[23:31] <kirkland> bipolar: okay....
[23:31] <kirkland> bipolar: so back to your "hang"
[23:31] <bipolar> k
[23:32] <kirkland> bipolar: when/how did that happen?
[23:32] <bipolar> the real one?
[23:32] <bipolar> where the numlock wouldn't work?
[23:32] <kirkland> bipolar: yeah, the one where capslock didn't work
[23:32] <kirkland> bipolar: right...  what were the conditions?
[23:32] <bipolar> I appended 'init=/bin/sh' to the end of the boot line
[23:32] <kirkland> bipolar: hmm, i'm not familiar with that one
[23:33] <bipolar> it got to initing usb devices, and hung hard. had to hold down the power button until it shut off
[23:33] <bipolar> that init thing might not work any more on modern systems :P
[23:33] <bipolar> due to... god knows what
[23:34] <bipolar> but the recovery menu worked
[23:34] <bipolar> I should have tried that first :)
[23:35] <kirkland> bipolar: okay, but using the recovery option in the grub menu
[23:35] <bipolar> yes
[23:35] <bipolar> using the recovery option in the grub menu worked
[23:36] <bipolar> adding 'single' to the standard grub menu item did not... the arrow keys didn't work once the menu popped up.
[23:38] <kirkland> right, well, the recovery menu item is the supported one
[23:38] <kirkland> so that's only one I'm going to concern myself with now
[23:39] <kirkland> bipolar: cool, i think I have everything I need from you
[23:39] <bipolar> understandable... I'm happy! it works! :)
[23:39] <kirkland> bipolar: I need to add some documentation to this bug
[23:39] <bipolar> hopefuly an eligant solution can be found
[23:39] <kirkland> bipolar: well, it's entirely a configuration issue
[23:40] <bipolar> it is?
[23:40] <kirkland> bipolar: yup
[23:40] <kirkland> bipolar: I've been talking to jdstrand
[23:40] <bipolar> I suppose it has something to do with it looking for the ldap server before the network is up?
[23:41] <kirkland> bipolar: huh?
[23:42] <bipolar> well, why exactly does it fail to fallback properly?
[23:43] <bipolar> even with the network connected it fails
[23:43] <kirkland> bipolar: does getent work?
[23:44] <bipolar> now? yes
[23:45] <kirkland> so with the network, if fails to authenticate against ldap, but getent queries ldap properly?
[23:45] <bipolar> er... wait a min...
[23:46] <bipolar> without the "bind policy soft" it won't boot weather it's got a network cable hooked up to it or not.
[23:46] <bipolar> with "bind policy soft" everything works as expected.
[23:46] <bipolar> when the cable is connected, and the network configured, getent shows the users, and I can log in as them.
[23:46] <bipolar> with the cable disconnected, or the network unconfigured, getent does not show the users, and I can't log in as them
[23:51] <jdstrand> bipolar: with the cable disconnected, or the network unconfigured, do you get to a login prompt (or at least can you see one with 'ctrl-alt-f2'?
[23:55] <kirkland> jdstrand: my understanding is, yes, he get's the prompt, no he can't login
[23:55] <kirkland> jdstrand: sounds like its the fallback that's failing
[23:55] <kirkland> jdstrand: because the bind_policy is hard
[23:55] <jdstrand> kirkland: it is my opinion that it is a configuration problem.
[23:55]  * jdstrand nods
[23:56] <kirkland> jdstrand: and ldap just keeps the machine spinning until it gets a connection
[23:56]  * kirkland lightbulb moment
[23:56] <jdstrand> kirkland: if the bind policy is hard, and the user and group only exists in ldap or ldap is queried first or required for authentication, then it is doing what it is supposed to do (ie nothing until the ldap server is available)
[23:57] <kirkland> jdstrand: hmm, what about root?
[23:58] <kirkland> jdstrand: i'm seeing the same behavior when trying to login as root
[23:58] <kirkland> jdstrand: perhaps we need to excuse all users below a certain uid?
[23:58] <jdstrand> kirkland: it all depends on your nsswitch.conf and pam settings
[23:59] <jdstrand> kirkland: IIRC, you can do exactly that iwth pam-ldap
[23:59] <bipolar> the failure to boot isn't even getting to a login prompt without switching vt's manully
[23:59] <kirkland> jdstrand: perhaps the 'fix' is that we sanitize those defaults