/srv/irclogs.ubuntu.com/2008/05/20/#ubuntu-server.txt

giovaniapache has modules for pam, etc, I don't know how twiki handles all of its authentication00:01
ryoohkigiovani: thanks!00:06
giovanitwiki is probably using a perl module, because it's written in perl ... but talk to them00:06
=== RoAk is now known as RoAkSoAx
Konamssh doesn't load my rsa key wtf?05:43
KonamI can't see what is wrong05:43
Konamit tells me 'could not load hostkey: path_to_rsakey_created'05:44
starzo:06:30
karlito Hi. I set up a bind server. stop working. syslog = unexpected RCODE (refused) 209.61.242.77#53. is that because my domain is unregister for now and I got kick ? anyway a restart make it work again... I would better like to understand what happen06:31
starzhey whats a good free reseller control panel?06:34
karlito I set up forwarder for my ISP, but some of the address I got in the syslog are outside the ISP range I give in the option file06:34
mathiaznealmcb: http://code.google.com/p/pyrering/08:20
=== ScottK2 is now known as ScottK-uds
twbIs there a reasonable alternative to logcheck that isn't so worryingly slow?08:31
twblogwatch seems to blow rather hard.08:31
_rubentwb: we use SEC here at work without any problems08:31
twb_ruben: how hard is it to roll out?08:32
_rubennot that hard: sudo apt-get install sec08:33
twb_ruben: well yes, but presumably you also configure it a bit.08:33
twb_ruben: I mean, just as an example, thttpd has a logwatch ignore entry but not any equivalent for sec.08:34
_rubenthe config takes a bit of getting used to .. but once you get your head around it, it can do pretty much everything you want08:34
krautmoin08:35
twb_ruben: I'll take a look at it, thanks.08:35
_rubentwb: its performance is quite good imo .. we use it on a central log server for (rough estimate) 150 hosts08:36
twbCool, that's around the order of hosts I am rolling out08:36
_ruben(kinda lost count of the number of servers we got)08:36
twbI know that it needs to run on the order of ten minutes (rather than hourly/daily), so that our spooks can respond to attacks in "near real-time".08:36
_rubenwe have it running at 15 minute intervals08:36
twbCool.08:37
_rubenhmm .. seems we dont have that much logging traffic as we used to .. only ~30megs a day (mostly windows boxes)08:38
twbOh.08:38
twbHere, with a test setup of two hosts, I have 16MB of syslog after about two days08:39
twbMy plan B is to have syslog-ng filter a bunch of ignorable events out before they get into syslog08:39
_ruben131 unique hosts in yesterday's log08:39
_rubenwindows servers tend to be rather quiet, logging wise08:39
_rubentwb: btw, SEC runs realtime .. we just have it send accumulated reports every 15 minutes08:41
_rubenyou can have realtime (email/pager/whatever) triggers08:41
twb_ruben: OK, that's a Good Thing for my setup.08:41
_rubenlike when a failed disk message appears in the syslog, it sends out an email to a special mailbox08:42
_rubenone downside could be that you'll have to write 99% of the rules yourself, havent seen any packages that came with SEC filters/examples08:42
_rubenthis opposed to say logwatch, which is very common in having ignore files shipped with packagew08:43
_rubenpackages08:43
_rubenbut at least this way you'd know what you do/dont ignore ;)08:43
ivokszul: bug number? :)08:52
zulivoks: https://bugs.edge.launchpad.net/ubuntu/+source/apache2/+bug/23087808:53
uvirtbotLaunchpad bug 230878 in apache2 "Apache 2 produces an OOM after 4 hours using" [Undecided,New]08:53
twb_ruben: oops, guess what08:53
twb_ruben: I forgot to remove my simulated DOS attack from syslog08:53
twbTo wit: yes ATTACK | logger08:53
milestonehi all08:54
twbNow I only have 3MB of log, not 16MB ^_^;;;08:54
milestonei am unable to compile drbd0.7-module-source with ubuntu hardy using module-assistant a-i drbd0.7-source08:54
milestonethis is my problem http://linux.derkeiler.com/Mailing-Lists/Ubuntu/2008-05/msg01579.html08:57
milestoneexactly08:58
milestoneis there any reason that the new drbd module 8.2.5 has not made it into hardy? http://packages.ubuntu.com/search?keywords=drbd8-module-source&searchon=names&suite=all&section=all08:58
zulits inclded in the linux-ubuntu-modules you shouldnt need to compile the module08:59
_rubentwb: haha ;)09:00
twblogcheck is still mighty slow, though :-(09:01
milestonemy main problem is now that i have compiled the module by hand and when i want to migrate the meta-disk i am getting http://pastebin.com/m1947af5909:01
=== kees_ is now known as kees
uvirtbotNew bug: #232134 in openssh (main) "ssh behaves as if key is encrypted when permissions are set incorrectly" [Undecided,New] https://launchpad.net/bugs/23213409:06
milestonezul, 8.0.11 is rather old, don't you think?09:08
zulmilestone: I dont think so09:11
milestoneactual released version by linbit is 8.2.509:12
zulyou could always grab the source I dont think there will be a newer version of drbd8 in hardy anytime soon09:15
milestonezul, is there any reason?09:20
milestoneincompatibilities09:21
milestone?09:21
milestonei think i will just mount the underlying device and use nfs09:21
zulmilestone: because hardy only gets bugfixes basically09:21
twbWhich is as it should be, amen.09:22
stefghi, i'm using xrdp for a remote desktop on our samba-server here. The problem i'm facing is that, although i get the Desktop in german (as intended) when logging in locally. the remote session over xrdp/tightvnc always gives me an english session. I'm a bit clueless where to look. Is that an xrdp, a tightvnc or a gnome-session setting which needs to be looked at?09:31
twbstefg: what does "locale" report when run in the remote user's shell?09:32
stefg... mom ...09:32
twbI do not understand your second remark.09:33
stefgtwb: a germish acronym for 'wait a moment' ... ah, and i have LANG=<> (nothing) and everything else set to posix ... so you tracked down something it seems09:35
twbOK, for a standard shell user, you'd edit ~/.profile or ~/.bash_profile and add something like "LANG=de_DE.UTF-8".09:35
twb...and "export LANG".09:35
twbUnfortunately, most X sessions do not read these login scripts.09:36
twbIf everyone on the remote server should get a German locale, you can try "dpkg-reconfigure locales" to change the default locale; I think this edits /etc/environment.09:36
twbOtherwise, you will have to work out which (if any) user dotfiles are read by xrdp... start by looking at .Xclients/.xinitrc/.xsession.09:37
stefgtwb: that's the point. via ssh or ssh -X everything is nice ... all german. but i need remote access from windows-boxen using the rdp client. and the guy usually taking care of the server isn't any good at english09:37
twbssh -X preserves your LANG variable from the local host.09:38
twbIOW it works by accident.09:38
twbI still think you should approach the problem by editing dotfiles or reconfiguring the locales package, as I described above.  Do you have a reason to think this will not work?09:39
stefgtwb: hmmm... so i chose german when installing the server, as default system language, have all lang-packs in place , and everything (including console messages) is german at the local console and via ssh. only xrdp seems to ignore the lang-settings09:40
twbstefg: ah, that is useful information.09:40
stefgbtw, i reconfigured locales just to find ...up-to date09:41
twbstefg: what is the contents of /etc/default/locale ?09:42
stefgtwb: LANG=de-DE.UTF8 , LANGUAGE="de-DE:de:en_GB:en"09:44
twbOK, that's good.09:44
twbI haven't looked at xrdp lately; have you looked at its config files?  Perhaps it explicitly overrides the locale by default.09:45
stefgtwb: so it might be some bug with gnome-settings-daemon and xrdp... although i'm not sure if gnome-settings-daemon affects gnomes language setting09:45
twbYou can check by disabling gnome and using a failsafe xterm session09:46
stefggood idea09:46
stefghmm... that's going to take a while.09:55
stefgtwb: tanks so far, you've put me on the right track. i guess it has something to do with .dmrc not being honored over xrdp09:57
=== klaf_ is now known as klaf
mm_202This has probably been asked about 100s of times before, but where can I find a _decent_ guide for dhcp3 + bind9 for 8.04?10:59
sommer_mm_202: https://help.ubuntu.com/8.04/serverguide/C/index.html11:02
sommer_mm_202: there are seperate sections for DNS and DHCP11:02
sommer_mm_202: should get you started anyway11:03
mm_202heh, yes. been there.  But its okay.  I'll figure it out.11:03
mm_202Thanks.11:03
sommer_mm_202: if you have specific questions feel free to ask... someone probably knows the answer :-)11:03
mm_202Well Im just trying to figure out why the hell I cant get my dhcp leases to automatically register themselves with bind.11:04
mm_202Ive tried it before with 7.10 and Ive never had any success with it.11:05
ivokshttp://my-mili.eu/matt/docs/dynamic-dns-with-dhcp-and-bind-9/11:05
sommer_mm_202: ya, I've never done that myself11:05
sommer_ivoks: :)11:05
Deepsit's fairly straight forward11:05
* Deeps looks up his config11:05
mm_202hmmm11:07
mm_202Deeps: would you mind looking at my config?  Pastebin of course..11:07
mm_202Somewhat random question, but does anyone else find apparmor irritating as hell?11:10
sommer_nope... see the AppArmor section for more details :-)11:11
Deepsmm_202: http://pastebin.org/3724411:11
Deepsthats the relevant bits that i have in bind+dhcp that do dynamic zone updating, both forward and reverse11:11
mm_202lol, sommer_, Im not new to ubuntu server :P11:12
Deepsany windows machines that connect to the network and ask for a dhcp lease automatically get machinename.truman.lan dns forward+reverse assigned11:12
Deepslinux machines by default dont due to the way the dhclient defualt config works11:12
mm_202hmm, I think I see my problem.  I have {key "rndc-key"; };11:12
Deepssend host-name "<hostname>";11:13
Deepsi believe is the relevant directive for dhclient11:13
mm_202ok, danke, give me a minute to try that.11:14
ren0rhi everyone.12:51
ren0ri'm using ubuntu-server. when i create a dir under /var/run, the directory is shown and everything is fine. after reboot, the directory is deleted. how can that be?12:52
mm_202ren0r: there may be some script in /etc/init.d/ that is clearing it out.12:53
ren0rthere are a lot of scripts, ye. maybe a script in /etc/rc0.d/? - is there a well known mechanism which controls the contents of /var/run/ or s.th. like this?12:55
mm_202Give me a moment and I'll check.12:55
ren0rif i'm right, every f*cking startscript in /etc/init.d, which locates it's pid-file in a subdirectory of /var/run/, creates the needed directory itself?12:57
mm_202yep.12:57
ren0rrofl12:57
mm_202I know that almost all the scripts mkdir something into /var12:58
ren0ri can't stand that. might be a security-reason, but that sounds wired.12:58
_rubeniirc /var/run (and some other dirs) are mounted with tmpfs and thus only exist in memory13:12
_rubengot bitten by it the other day .. or well, that was /var/lock/ .. some init scripts dont check for eg /var/lock/subsys/ and dont create it if needed .. worked around it by writing a small bootscript that mkdir'ed /var/lock/subsys13:13
ScottK-uds_ruben: If that happens, it's a bug that needs to be reported.  Please report bugs against the package if you didn't already.13:16
_rubenScottK-uds: one of the packages was 3rd party (dell omsa), but openipmi seemed to be affected by it as well13:19
ScottK-uds_ruben: I know Dell is interested in getting their stuff correct too, so I'd suggest reporting it to them too.13:20
_rubenScottK-uds: hmm .. wonder why dell isnt offering .deb files themselves then .. the ones i use are made by sara.nl13:21
_rubendell isnt really caring about linux on servers (yet) i think13:21
ScottK-udsAh.  They do have an Ubuntu repository (at least for their desktop offerings).13:22
_rubeni hope they'll come up with smth similar for their server stuff13:22
ScottK-udsI wonder if it's stuff that could be gotten into the Ubuntu repository?13:22
_rubenmostly a licensing issue i guess? all i know they provide rpms for suse and rhel13:23
ScottK-udsIf the packages are distributable, then it should be possible.13:23
_rubensounds fair enough13:23
_rubenonce my current projects are finished, i'll take another look at it13:23
ScottK-udsThey don't yet officially support Ubuntu servers, I can understand why Dell doesn't provide it.13:24
_rubenyeah13:24
ScottK-udsYou might file a 'needs-packaging' bug against Ubuntu about the package.  That will get there to be some visibility to someone that might be interested in packaging it.13:25
ScottK-udsOr if you're interested in learning ....13:25
_rubeni am, currently dont really have time for it tho .. *cry* .. tho i am getting experience with packaging (mostly fixing custom packages) bit by bit13:26
ScottK-udsIn #ubuntu-motu we help people with learning how.13:26
_rubendid some packaging of openswan 2.4.x/2.5.x/2.6.x versions ..13:26
_rubeni know .. been idleing there for some time now13:27
_rubenpicking up bit of knowledge every now and then :)13:27
ScottK-udsAh.13:27
ScottK-udsGreat.13:27
daffyhi all14:01
mm_202Hi daffy.14:06
daffy:)14:08
daffyi've a problem with a routing isp14:08
daffyi've 3 acces internet, wanadoo, free and oleane14:09
daffybut the public ip for wanadoo is 217.x.x.x and his gateway is in 193.x.x.x14:09
daffy-_-14:09
mm_202ok..14:11
daffythe problem is, wanadoo is configuring on a virtual NIC14:11
daffyand the router don't understand why the gateway is not on a same network of ip public14:12
mm_202hmm, I havent messed with virtual NICs, so I dont think I can help you much.  But Im sure someone in here can.14:15
daffyok :)14:15
daffyshitting isp ^^ why the gateway is not on the network of ip public xD14:17
Deepsif your nic is eth014:18
gatewayeri am on the network ^^14:18
Deepsyou can make a virtual interface by simply appending :X to it14:18
Deepseg, eth0:114:18
daffyyes i make this Deeps14:18
daffybut when a ping the gateway of wanadoo, my source ip adress si eth014:18
daffynot eth0:114:18
daffy:/14:18
daffyi've game with ip route , iptable ...14:19
daffybut nothing14:19
Deepsping -I eth0:114:19
Deepsor ping -I ip.address.on.eth0:114:19
Deepsforce which interface to use14:19
daffyyes, it's possible this work14:20
Deepsthats a very wierd configuration though, assigning effectively 2 public ips14:22
daffybut i would like to do "ip rule add from my_ip_local_network lookup T2" (T2 is the table where is configuring wanadoo)14:22
daffyi speack english very bad :/14:22
mm_202Deeps: THANK YOU.  That fixed it.14:36
Deepshaha, long minute14:36
mm_202yeah, had some work problems I had to deal with :)14:36
Deepsyou'd have probably been able to diagnose that the issue was with the rndc key by looking at syslog btw14:36
Deepsdhcpd would have spat out some errors about being unable to update the zone14:37
mm_202no, the syslog didnt show anything14:37
Deepsyou might have needed to enable a higher level of syslog output ;)14:37
mm_202But Im sure if I messed with the logging, that I would of gotten it14:37
mm_202heh, yeah14:37
Deepsall's well that ends well14:37
cyris|morning ubuntu server users16:06
Wicky656Morning16:07
mm_202Mornings suck.16:07
cyris|Wicky656, they sure do16:07
Wicky656at least I didn't get paged last night16:08
Wicky656anyone have problems with apt-mirror hanging when run from cron?16:14
zulivoks: http://people.ubuntu.com/~chucks/bacula.diff16:20
android6011what are the disk space requirements for hardy server?18:05
cyris|android6011, recommended 8gig18:16
cyris|android6011, https://help.ubuntu.com/community/Installation/SystemRequirements18:16
android6011ok thank you18:17
* delcoyote hi18:19
ZtaHow do I regenerate my Courier SSL certificates?18:27
Zta/usr/lib/courier/imapd.pem I think18:28
Ztafound out18:39
spiekey_hi19:44
spiekey_has anyone an  idea whats going wrong here (vmware module)? http://pastebin.ca/102401319:45
RoAkSoAxspiekey_, http://ubuntu-tutorials.com/2008/05/03/install-vmware-server-105-on-ubuntu-804-hardy/19:47
spiekey_thanks20:04
spiekey_any idea if vmware server 2.0 works  ?20:30
spiekey_(beta)20:30
stickystylespiekey_: my impressions from the server beta forums is that its flakey on all platforms.20:40
stickystyleI personly had problmes with it on 6.0620:41
spiekey_thanks ;)20:45
hotmonkeyluvI can't seem to mount my ntfs partitions when installing 8.04, is that normal?21:06
good_danahotmonkeyluv: no21:18
hotmonkeyluvi see21:19
hotmonkeyluvgood_dana: Might there be a way to force it?21:19
good_danahow are you trying to mount them now?21:20
hotmonkeyluvhere is the error msg: http://ubuntuforums.org/showthread.php?p=5004564#post500456421:20
hotmonkeyluvwhat do you mean good_dana21:20
hotmonkeyluvthe options that i have for the partition are: use as=ntfs, mount point=/windows, bootable flag=on21:21
hotmonkeyluvgood_dana: and I can resize, copy, erase, or delete the partition too. (and resize works)21:22
good_danayeah, that doesnt make sense, do you have any other nfts partitions you can try and mount?21:23
igor47does anyone know how to get the ssh-vulnkey utility on an edgy server?21:24
hotmonkeyluvI had 2, but i got fed up, so I converted one to ext321:24
hotmonkeyluvI couldn't mount that one either21:24
hotmonkeyluvsame msg, different numbers21:24
Nafalloigor47: edgy is EOL fwiw :-)21:25
igor47Nafallo: oh hmm.  i suppose i'd better upgrade that box then21:25
Nafalloya21:26
hotmonkeyluvgood_dana: do you have any ideas?21:29
good_danahotmonkeyluv: sorry, no21:30
hotmonkeyluvgood_dana: *sigh*21:31
hotmonkeyluvis it easy to manually mount scsi partitions via the cli?21:31
hotmonkeyluvgood_dana: cause I think i'll just do that21:31
_CitizenKane_I just installed pecl onto ubuntu server 7.10 and when I try to run it, it immediately segfaults, does anyone know how to fix this?22:17
xenocampanoliQuestion about user daemons:  Is there a standard tool for making a user daemon part of system startup?  I have a bunch of mongrel servers I want to start simultaneously with apache2 for an internal admin system, but I want them running off their own accounts if I can...???22:20
=== ScottK2 is now known as ScottK-uds
ScottK-uds_CitizenKane_: It works on most hardware.  What is the exact error you're getting (what is the "It" that segfaults)?22:46
_CitizenKane_ScottK-uds: the pecl command segfaults22:46
ScottK-udsSo the basic system runs OK then?22:47
_CitizenKane_ScottK-uds: ya, otherwise the system is solid22:47
ScottK-udsPecl isn't an Ubuntu package, though, is it?22:48
_CitizenKane_ScottK-uds: it is part of the php-pear packe22:48
_CitizenKane_package*22:48
ScottK-udsAh.22:49
* ScottK-uds isn't a php user.22:49
ScottK-udsI'm looking to see if I can find a relevant bug.22:50
_CitizenKane_ScottK-uds: thanks22:52
ScottK-uds_CitizenKane_: It appears to work for other people.  I'd suggest you file a bug in Launchpad with as much detail as you can muster on what happens and the steps to recreate it.22:53
ScottK-udsThe server team is usually pretty good about getting to bugs in supported packages.22:54
_CitizenKane_ScottK-uds: will do, thanks again22:54
timboyI've got a question. my webmail account sends mail fine but when I set up my account in outlook I get the messages back with saying it "was considered unsolicited bulk e-mail (UBE)."22:56
hotmonkeyluvI want to install fluxbox, what is the xserver thingie i need to install? is it xorg or X11 or what?22:58
starzcould someone explain the implications of installing package hardne?22:58
timboyI've never seen this before but it never fails from outlook... is it an outlook issue? or is it an issue with my mail server?23:08
timboythe dot code is 5.7.123:09
timboynot that I know of. My sister uses outlook 2003 and has no issues...23:09
ScottK-udsDear lamont: Please make hppa buildd able to install base files: base-files: Depends: libpam-modules (>= 0.79-3ubuntu3) but it is not going to be installed23:11
ScottK-udshttp://launchpadlibrarian.net/14626671/buildlog_ubuntu-intrepid-hppa.libnet-dns-perl_0.63-1build1_CHROOTWAIT.txt.gz23:12
ScottK-udstimboy: I'd suggest checking your server logs and see if Outlook is really sending it through your server.23:13
timboyScottK-uds it's not... so it seams it's an outlook issue. I just installed thunderbird and it worked fine...23:14
ScottK-udsSo look into your Outlook setup.23:14
ScottK-udsMoral of this story is, of course, don't use Outlook.23:14
ScottK-udstimboy: What version of Outlook and are you using SMTP Auth?23:15
timboyscottk-uds: "Gay 2007" i think is the rightful name and yes smtp auth23:16
ScottK-udsOK.  If it's 2007 it can use regular starttls.  It doesn't need smtps.  Are you connecting via port 25 or 587?  Port 25 is often blocked or redirected by ISPs.23:18
timboy2523:18
timboybut thunderbird worked fine on 2523:19
lamontScottK-uds: sigh23:19
lamontScottK-uds: if you see infinity, feel free to ask him if he knows about that23:19
ScottK-udsOK.  Then I guess I'd check and make sure you have the hostnmae right.23:19
ScottK-udslamont: It's gone midnight here, so certainly no time son.23:20
ScottK-udsson/soon23:20
lamontScottK-uds: right.23:23
lamontand time to fetch kids, I think23:23
ScottK-udsGood luck with that.23:23
ScottK-udsNot sure if that means you come back with them or not.23:23
mok0soren around=23:24
mok0s/=/?/23:24
xenocampanoliQuestion about user daemons:  Is there a standard tool for making a user daemon part of system startup?  I have a bunch of mongrel servers I want to start simultaneously with apache2 for an internal admin system, but I want them running off their own accounts if I can...???23:26
=== dani changed the topic of #ubuntu-server to: Ubuntu Server discussion and support || For general (not servehir specific) support visit #ubuntu || Get involved: https://wiki.ubuntu.com/ServerTeam/GettingInvolved || Guide to asking questions on IRC: http://www.sabi.co.uk/Notes/linuxHelpAsk.html || http://www.catb.org/~esr/faqs/smart-questions.html || Be patient. Don't ask to ask, just ask. || server guide: http://tinyurl.com/65jzxw || https://wiki.ubuntu.com/ServerTeam
danihi23:50

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!