[00:01] <giovani> apache has modules for pam, etc, I don't know how twiki handles all of its authentication
[00:06] <ryoohki> giovani: thanks!
[00:06] <giovani> twiki is probably using a perl module, because it's written in perl ... but talk to them
[05:43] <Konam> ssh doesn't load my rsa key wtf?
[05:43] <Konam> I can't see what is wrong
[05:44] <Konam> it tells me 'could not load hostkey: path_to_rsakey_created'
[06:30] <starz> o:
[06:31] <karlito>  Hi. I set up a bind server. stop working. syslog = unexpected RCODE (refused) 209.61.242.77#53. is that because my domain is unregister for now and I got kick ? anyway a restart make it work again... I would better like to understand what happen
[06:34] <starz> hey whats a good free reseller control panel?
[06:34] <karlito>  I set up forwarder for my ISP, but some of the address I got in the syslog are outside the ISP range I give in the option file
[08:20] <mathiaz> nealmcb: http://code.google.com/p/pyrering/
[08:31] <twb> Is there a reasonable alternative to logcheck that isn't so worryingly slow?
[08:31] <twb> logwatch seems to blow rather hard.
[08:31] <_ruben> twb: we use SEC here at work without any problems
[08:32] <twb> _ruben: how hard is it to roll out?
[08:33] <_ruben> not that hard: sudo apt-get install sec
[08:33] <twb> _ruben: well yes, but presumably you also configure it a bit.
[08:34] <twb> _ruben: I mean, just as an example, thttpd has a logwatch ignore entry but not any equivalent for sec.
[08:34] <_ruben> the config takes a bit of getting used to .. but once you get your head around it, it can do pretty much everything you want
[08:35] <kraut> moin
[08:35] <twb> _ruben: I'll take a look at it, thanks.
[08:36] <_ruben> twb: its performance is quite good imo .. we use it on a central log server for (rough estimate) 150 hosts
[08:36] <twb> Cool, that's around the order of hosts I am rolling out
[08:36] <_ruben> (kinda lost count of the number of servers we got)
[08:36] <twb> I know that it needs to run on the order of ten minutes (rather than hourly/daily), so that our spooks can respond to attacks in "near real-time".
[08:36] <_ruben> we have it running at 15 minute intervals
[08:37] <twb> Cool.
[08:38] <_ruben> hmm .. seems we dont have that much logging traffic as we used to .. only ~30megs a day (mostly windows boxes)
[08:38] <twb> Oh.
[08:39] <twb> Here, with a test setup of two hosts, I have 16MB of syslog after about two days
[08:39] <twb> My plan B is to have syslog-ng filter a bunch of ignorable events out before they get into syslog
[08:39] <_ruben> 131 unique hosts in yesterday's log
[08:39] <_ruben> windows servers tend to be rather quiet, logging wise
[08:41] <_ruben> twb: btw, SEC runs realtime .. we just have it send accumulated reports every 15 minutes
[08:41] <_ruben> you can have realtime (email/pager/whatever) triggers
[08:41] <twb> _ruben: OK, that's a Good Thing for my setup.
[08:42] <_ruben> like when a failed disk message appears in the syslog, it sends out an email to a special mailbox
[08:42] <_ruben> one downside could be that you'll have to write 99% of the rules yourself, havent seen any packages that came with SEC filters/examples
[08:43] <_ruben> this opposed to say logwatch, which is very common in having ignore files shipped with packagew
[08:43] <_ruben> packages
[08:43] <_ruben> but at least this way you'd know what you do/dont ignore ;)
[08:52] <ivoks> zul: bug number? :)
[08:53] <zul> ivoks: https://bugs.edge.launchpad.net/ubuntu/+source/apache2/+bug/230878
[08:53] <twb> _ruben: oops, guess what
[08:53] <twb> _ruben: I forgot to remove my simulated DOS attack from syslog
[08:53] <twb> To wit: yes ATTACK | logger
[08:54] <milestone> hi all
[08:54] <twb> Now I only have 3MB of log, not 16MB ^_^;;;
[08:54] <milestone> i am unable to compile drbd0.7-module-source with ubuntu hardy using module-assistant a-i drbd0.7-source
[08:57] <milestone> this is my problem http://linux.derkeiler.com/Mailing-Lists/Ubuntu/2008-05/msg01579.html
[08:58] <milestone> exactly
[08:58] <milestone> is there any reason that the new drbd module 8.2.5 has not made it into hardy? http://packages.ubuntu.com/search?keywords=drbd8-module-source&searchon=names&suite=all&section=all
[08:59] <zul> its inclded in the linux-ubuntu-modules you shouldnt need to compile the module
[09:00] <_ruben> twb: haha ;)
[09:01] <twb> logcheck is still mighty slow, though :-(
[09:01] <milestone> my main problem is now that i have compiled the module by hand and when i want to migrate the meta-disk i am getting http://pastebin.com/m1947af59
[09:08] <milestone> zul, 8.0.11 is rather old, don't you think?
[09:11] <zul> milestone: I dont think so
[09:12] <milestone> actual released version by linbit is 8.2.5
[09:15] <zul> you could always grab the source I dont think there will be a newer version of drbd8 in hardy anytime soon
[09:20] <milestone> zul, is there any reason?
[09:21] <milestone> incompatibilities
[09:21] <milestone> ?
[09:21] <milestone> i think i will just mount the underlying device and use nfs
[09:21] <zul> milestone: because hardy only gets bugfixes basically
[09:22] <twb> Which is as it should be, amen.
[09:31] <stefg> hi, i'm using xrdp for a remote desktop on our samba-server here. The problem i'm facing is that, although i get the Desktop in german (as intended) when logging in locally. the remote session over xrdp/tightvnc always gives me an english session. I'm a bit clueless where to look. Is that an xrdp, a tightvnc or a gnome-session setting which needs to be looked at?
[09:32] <twb> stefg: what does "locale" report when run in the remote user's shell?
[09:32] <stefg> ... mom ...
[09:33] <twb> I do not understand your second remark.
[09:35] <stefg> twb: a germish acronym for 'wait a moment' ... ah, and i have LANG=<> (nothing) and everything else set to posix ... so you tracked down something it seems
[09:35] <twb> OK, for a standard shell user, you'd edit ~/.profile or ~/.bash_profile and add something like "LANG=de_DE.UTF-8".
[09:35] <twb> ...and "export LANG".
[09:36] <twb> Unfortunately, most X sessions do not read these login scripts.
[09:36] <twb> If everyone on the remote server should get a German locale, you can try "dpkg-reconfigure locales" to change the default locale; I think this edits /etc/environment.
[09:37] <twb> Otherwise, you will have to work out which (if any) user dotfiles are read by xrdp... start by looking at .Xclients/.xinitrc/.xsession.
[09:37] <stefg> twb: that's the point. via ssh or ssh -X everything is nice ... all german. but i need remote access from windows-boxen using the rdp client. and the guy usually taking care of the server isn't any good at english
[09:38] <twb> ssh -X preserves your LANG variable from the local host.
[09:38] <twb> IOW it works by accident.
[09:39] <twb> I still think you should approach the problem by editing dotfiles or reconfiguring the locales package, as I described above.  Do you have a reason to think this will not work?
[09:40] <stefg> twb: hmmm... so i chose german when installing the server, as default system language, have all lang-packs in place , and everything (including console messages) is german at the local console and via ssh. only xrdp seems to ignore the lang-settings
[09:40] <twb> stefg: ah, that is useful information.
[09:41] <stefg> btw, i reconfigured locales just to find ...up-to date
[09:42] <twb> stefg: what is the contents of /etc/default/locale ?
[09:44] <stefg> twb: LANG=de-DE.UTF8 , LANGUAGE="de-DE:de:en_GB:en"
[09:44] <twb> OK, that's good.
[09:45] <twb> I haven't looked at xrdp lately; have you looked at its config files?  Perhaps it explicitly overrides the locale by default.
[09:45] <stefg> twb: so it might be some bug with gnome-settings-daemon and xrdp... although i'm not sure if gnome-settings-daemon affects gnomes language setting
[09:46] <twb> You can check by disabling gnome and using a failsafe xterm session
[09:46] <stefg> good idea
[09:55] <stefg> hmm... that's going to take a while.
[09:57] <stefg> twb: tanks so far, you've put me on the right track. i guess it has something to do with .dmrc not being honored over xrdp
[10:59] <mm_202> This has probably been asked about 100s of times before, but where can I find a _decent_ guide for dhcp3 + bind9 for 8.04?
[11:02] <sommer_> mm_202: https://help.ubuntu.com/8.04/serverguide/C/index.html
[11:02] <sommer_> mm_202: there are seperate sections for DNS and DHCP
[11:03] <sommer_> mm_202: should get you started anyway
[11:03] <mm_202> heh, yes. been there.  But its okay.  I'll figure it out.
[11:03] <mm_202> Thanks.
[11:03] <sommer_> mm_202: if you have specific questions feel free to ask... someone probably knows the answer :-)
[11:04] <mm_202> Well Im just trying to figure out why the hell I cant get my dhcp leases to automatically register themselves with bind.
[11:05] <mm_202> Ive tried it before with 7.10 and Ive never had any success with it.
[11:05] <ivoks> http://my-mili.eu/matt/docs/dynamic-dns-with-dhcp-and-bind-9/
[11:05] <sommer_> mm_202: ya, I've never done that myself
[11:05] <sommer_> ivoks: :)
[11:05] <Deeps> it's fairly straight forward
[11:05]  * Deeps looks up his config
[11:07] <mm_202> hmmm
[11:07] <mm_202> Deeps: would you mind looking at my config?  Pastebin of course..
[11:10] <mm_202> Somewhat random question, but does anyone else find apparmor irritating as hell?
[11:11] <sommer_> nope... see the AppArmor section for more details :-)
[11:11] <Deeps> mm_202: http://pastebin.org/37244
[11:11] <Deeps> thats the relevant bits that i have in bind+dhcp that do dynamic zone updating, both forward and reverse
[11:12] <mm_202> lol, sommer_, Im not new to ubuntu server :P
[11:12] <Deeps> any windows machines that connect to the network and ask for a dhcp lease automatically get machinename.truman.lan dns forward+reverse assigned
[11:12] <Deeps> linux machines by default dont due to the way the dhclient defualt config works
[11:12] <mm_202> hmm, I think I see my problem.  I have {key "rndc-key"; };
[11:13] <Deeps> send host-name "<hostname>";
[11:13] <Deeps> i believe is the relevant directive for dhclient
[11:14] <mm_202> ok, danke, give me a minute to try that.
[12:51] <ren0r> hi everyone.
[12:52] <ren0r> i'm using ubuntu-server. when i create a dir under /var/run, the directory is shown and everything is fine. after reboot, the directory is deleted. how can that be?
[12:53] <mm_202> ren0r: there may be some script in /etc/init.d/ that is clearing it out.
[12:55] <ren0r> there are a lot of scripts, ye. maybe a script in /etc/rc0.d/? - is there a well known mechanism which controls the contents of /var/run/ or s.th. like this?
[12:55] <mm_202> Give me a moment and I'll check.
[12:57] <ren0r> if i'm right, every f*cking startscript in /etc/init.d, which locates it's pid-file in a subdirectory of /var/run/, creates the needed directory itself?
[12:57] <mm_202> yep.
[12:57] <ren0r> rofl
[12:58] <mm_202> I know that almost all the scripts mkdir something into /var
[12:58] <ren0r> i can't stand that. might be a security-reason, but that sounds wired.
[13:12] <_ruben> iirc /var/run (and some other dirs) are mounted with tmpfs and thus only exist in memory
[13:13] <_ruben> got bitten by it the other day .. or well, that was /var/lock/ .. some init scripts dont check for eg /var/lock/subsys/ and dont create it if needed .. worked around it by writing a small bootscript that mkdir'ed /var/lock/subsys
[13:16] <ScottK-uds> _ruben: If that happens, it's a bug that needs to be reported.  Please report bugs against the package if you didn't already.
[13:19] <_ruben> ScottK-uds: one of the packages was 3rd party (dell omsa), but openipmi seemed to be affected by it as well
[13:20] <ScottK-uds> _ruben: I know Dell is interested in getting their stuff correct too, so I'd suggest reporting it to them too.
[13:21] <_ruben> ScottK-uds: hmm .. wonder why dell isnt offering .deb files themselves then .. the ones i use are made by sara.nl
[13:21] <_ruben> dell isnt really caring about linux on servers (yet) i think
[13:22] <ScottK-uds> Ah.  They do have an Ubuntu repository (at least for their desktop offerings).
[13:22] <_ruben> i hope they'll come up with smth similar for their server stuff
[13:22] <ScottK-uds> I wonder if it's stuff that could be gotten into the Ubuntu repository?
[13:23] <_ruben> mostly a licensing issue i guess? all i know they provide rpms for suse and rhel
[13:23] <ScottK-uds> If the packages are distributable, then it should be possible.
[13:23] <_ruben> sounds fair enough
[13:23] <_ruben> once my current projects are finished, i'll take another look at it
[13:24] <ScottK-uds> They don't yet officially support Ubuntu servers, I can understand why Dell doesn't provide it.
[13:24] <_ruben> yeah
[13:25] <ScottK-uds> You might file a 'needs-packaging' bug against Ubuntu about the package.  That will get there to be some visibility to someone that might be interested in packaging it.
[13:25] <ScottK-uds> Or if you're interested in learning ....
[13:26] <_ruben> i am, currently dont really have time for it tho .. *cry* .. tho i am getting experience with packaging (mostly fixing custom packages) bit by bit
[13:26] <ScottK-uds> In #ubuntu-motu we help people with learning how.
[13:26] <_ruben> did some packaging of openswan 2.4.x/2.5.x/2.6.x versions ..
[13:27] <_ruben> i know .. been idleing there for some time now
[13:27] <_ruben> picking up bit of knowledge every now and then :)
[13:27] <ScottK-uds> Ah.
[13:27] <ScottK-uds> Great.
[14:01] <daffy> hi all
[14:06] <mm_202> Hi daffy.
[14:08] <daffy> :)
[14:08] <daffy> i've a problem with a routing isp
[14:09] <daffy> i've 3 acces internet, wanadoo, free and oleane
[14:09] <daffy> but the public ip for wanadoo is 217.x.x.x and his gateway is in 193.x.x.x
[14:09] <daffy> -_-
[14:11] <mm_202> ok..
[14:11] <daffy> the problem is, wanadoo is configuring on a virtual NIC
[14:12] <daffy> and the router don't understand why the gateway is not on a same network of ip public
[14:15] <mm_202> hmm, I havent messed with virtual NICs, so I dont think I can help you much.  But Im sure someone in here can.
[14:15] <daffy> ok :)
[14:17] <daffy> shitting isp ^^ why the gateway is not on the network of ip public xD
[14:18] <Deeps> if your nic is eth0
[14:18] <gatewayer> i am on the network ^^
[14:18] <Deeps> you can make a virtual interface by simply appending :X to it
[14:18] <Deeps> eg, eth0:1
[14:18] <daffy> yes i make this Deeps
[14:18] <daffy> but when a ping the gateway of wanadoo, my source ip adress si eth0
[14:18] <daffy> not eth0:1
[14:18] <daffy> :/
[14:19] <daffy> i've game with ip route , iptable ...
[14:19] <daffy> but nothing
[14:19] <Deeps> ping -I eth0:1
[14:19] <Deeps> or ping -I ip.address.on.eth0:1
[14:19] <Deeps> force which interface to use
[14:20] <daffy> yes, it's possible this work
[14:22] <Deeps> thats a very wierd configuration though, assigning effectively 2 public ips
[14:22] <daffy> but i would like to do "ip rule add from my_ip_local_network lookup T2" (T2 is the table where is configuring wanadoo)
[14:22] <daffy> i speack english very bad :/
[14:36] <mm_202> Deeps: THANK YOU.  That fixed it.
[14:36] <Deeps> haha, long minute
[14:36] <mm_202> yeah, had some work problems I had to deal with :)
[14:36] <Deeps> you'd have probably been able to diagnose that the issue was with the rndc key by looking at syslog btw
[14:37] <Deeps> dhcpd would have spat out some errors about being unable to update the zone
[14:37] <mm_202> no, the syslog didnt show anything
[14:37] <Deeps> you might have needed to enable a higher level of syslog output ;)
[14:37] <mm_202> But Im sure if I messed with the logging, that I would of gotten it
[14:37] <mm_202> heh, yeah
[14:37] <Deeps> all's well that ends well
[16:06] <cyris|> morning ubuntu server users
[16:07] <Wicky656> Morning
[16:07] <mm_202> Mornings suck.
[16:07] <cyris|> Wicky656, they sure do
[16:08] <Wicky656> at least I didn't get paged last night
[16:14] <Wicky656> anyone have problems with apt-mirror hanging when run from cron?
[16:20] <zul> ivoks: http://people.ubuntu.com/~chucks/bacula.diff
[18:05] <android6011> what are the disk space requirements for hardy server?
[18:16] <cyris|> android6011, recommended 8gig
[18:16] <cyris|> android6011, https://help.ubuntu.com/community/Installation/SystemRequirements
[18:17] <android6011> ok thank you
[18:19]  * delcoyote hi
[18:27] <Zta> How do I regenerate my Courier SSL certificates?
[18:28] <Zta> /usr/lib/courier/imapd.pem I think
[18:39] <Zta> found out
[19:44] <spiekey_> hi
[19:45] <spiekey_> has anyone an  idea whats going wrong here (vmware module)? http://pastebin.ca/1024013
[19:47] <RoAkSoAx> spiekey_, http://ubuntu-tutorials.com/2008/05/03/install-vmware-server-105-on-ubuntu-804-hardy/
[20:04] <spiekey_> thanks
[20:30] <spiekey_> any idea if vmware server 2.0 works  ?
[20:30] <spiekey_> (beta)
[20:40] <stickystyle> spiekey_: my impressions from the server beta forums is that its flakey on all platforms.
[20:41] <stickystyle> I personly had problmes with it on 6.06
[20:45] <spiekey_> thanks ;)
[21:06] <hotmonkeyluv> I can't seem to mount my ntfs partitions when installing 8.04, is that normal?
[21:18] <good_dana> hotmonkeyluv: no
[21:19] <hotmonkeyluv> i see
[21:19] <hotmonkeyluv> good_dana: Might there be a way to force it?
[21:20] <good_dana> how are you trying to mount them now?
[21:20] <hotmonkeyluv> here is the error msg: http://ubuntuforums.org/showthread.php?p=5004564#post5004564
[21:20] <hotmonkeyluv> what do you mean good_dana
[21:21] <hotmonkeyluv> the options that i have for the partition are: use as=ntfs, mount point=/windows, bootable flag=on
[21:22] <hotmonkeyluv> good_dana: and I can resize, copy, erase, or delete the partition too. (and resize works)
[21:23] <good_dana> yeah, that doesnt make sense, do you have any other nfts partitions you can try and mount?
[21:24] <igor47> does anyone know how to get the ssh-vulnkey utility on an edgy server?
[21:24] <hotmonkeyluv> I had 2, but i got fed up, so I converted one to ext3
[21:24] <hotmonkeyluv> I couldn't mount that one either
[21:24] <hotmonkeyluv> same msg, different numbers
[21:25] <Nafallo> igor47: edgy is EOL fwiw :-)
[21:25] <igor47> Nafallo: oh hmm.  i suppose i'd better upgrade that box then
[21:26] <Nafallo> ya
[21:29] <hotmonkeyluv> good_dana: do you have any ideas?
[21:30] <good_dana> hotmonkeyluv: sorry, no
[21:31] <hotmonkeyluv> good_dana: *sigh*
[21:31] <hotmonkeyluv> is it easy to manually mount scsi partitions via the cli?
[21:31] <hotmonkeyluv> good_dana: cause I think i'll just do that
[22:17] <_CitizenKane_> I just installed pecl onto ubuntu server 7.10 and when I try to run it, it immediately segfaults, does anyone know how to fix this?
[22:20] <xenocampanoli> Question about user daemons:  Is there a standard tool for making a user daemon part of system startup?  I have a bunch of mongrel servers I want to start simultaneously with apache2 for an internal admin system, but I want them running off their own accounts if I can...???
[22:46] <ScottK-uds> _CitizenKane_: It works on most hardware.  What is the exact error you're getting (what is the "It" that segfaults)?
[22:46] <_CitizenKane_> ScottK-uds: the pecl command segfaults
[22:47] <ScottK-uds> So the basic system runs OK then?
[22:47] <_CitizenKane_> ScottK-uds: ya, otherwise the system is solid
[22:48] <ScottK-uds> Pecl isn't an Ubuntu package, though, is it?
[22:48] <_CitizenKane_> ScottK-uds: it is part of the php-pear packe
[22:48] <_CitizenKane_> package*
[22:49] <ScottK-uds> Ah.
[22:49]  * ScottK-uds isn't a php user.
[22:50] <ScottK-uds> I'm looking to see if I can find a relevant bug.
[22:52] <_CitizenKane_> ScottK-uds: thanks
[22:53] <ScottK-uds> _CitizenKane_: It appears to work for other people.  I'd suggest you file a bug in Launchpad with as much detail as you can muster on what happens and the steps to recreate it.
[22:54] <ScottK-uds> The server team is usually pretty good about getting to bugs in supported packages.
[22:54] <_CitizenKane_> ScottK-uds: will do, thanks again
[22:56] <timboy> I've got a question. my webmail account sends mail fine but when I set up my account in outlook I get the messages back with saying it "was considered unsolicited bulk e-mail (UBE)."
[22:58] <hotmonkeyluv> I want to install fluxbox, what is the xserver thingie i need to install? is it xorg or X11 or what?
[22:58] <starz> could someone explain the implications of installing package hardne?
[23:08] <timboy> I've never seen this before but it never fails from outlook... is it an outlook issue? or is it an issue with my mail server?
[23:09] <timboy> the dot code is 5.7.1
[23:09] <timboy> not that I know of. My sister uses outlook 2003 and has no issues...
[23:11] <ScottK-uds> Dear lamont: Please make hppa buildd able to install base files: base-files: Depends: libpam-modules (>= 0.79-3ubuntu3) but it is not going to be installed
[23:12] <ScottK-uds> http://launchpadlibrarian.net/14626671/buildlog_ubuntu-intrepid-hppa.libnet-dns-perl_0.63-1build1_CHROOTWAIT.txt.gz
[23:13] <ScottK-uds> timboy: I'd suggest checking your server logs and see if Outlook is really sending it through your server.
[23:14] <timboy> ScottK-uds it's not... so it seams it's an outlook issue. I just installed thunderbird and it worked fine...
[23:14] <ScottK-uds> So look into your Outlook setup.
[23:14] <ScottK-uds> Moral of this story is, of course, don't use Outlook.
[23:15] <ScottK-uds> timboy: What version of Outlook and are you using SMTP Auth?
[23:16] <timboy> scottk-uds: "Gay 2007" i think is the rightful name and yes smtp auth
[23:18] <ScottK-uds> OK.  If it's 2007 it can use regular starttls.  It doesn't need smtps.  Are you connecting via port 25 or 587?  Port 25 is often blocked or redirected by ISPs.
[23:18] <timboy> 25
[23:19] <timboy> but thunderbird worked fine on 25
[23:19] <lamont> ScottK-uds: sigh
[23:19] <lamont> ScottK-uds: if you see infinity, feel free to ask him if he knows about that
[23:19] <ScottK-uds> OK.  Then I guess I'd check and make sure you have the hostnmae right.
[23:20] <ScottK-uds> lamont: It's gone midnight here, so certainly no time son.
[23:20] <ScottK-uds> son/soon
[23:23] <lamont> ScottK-uds: right.
[23:23] <lamont> and time to fetch kids, I think
[23:23] <ScottK-uds> Good luck with that.
[23:23] <ScottK-uds> Not sure if that means you come back with them or not.
[23:24] <mok0> soren around=
[23:24] <mok0> s/=/?/
[23:26] <xenocampanoli> Question about user daemons:  Is there a standard tool for making a user daemon part of system startup?  I have a bunch of mongrel servers I want to start simultaneously with apache2 for an internal admin system, but I want them running off their own accounts if I can...???
[23:50] <dani> hi