[00:03] <zul> kees: for you....anything
[00:06]  * kees hugs zul
=== mindframe_ is now known as mindframe
[03:48] <m_newton> IS there any RECOMENDED/Needed security measure when runing a web server??
[03:50] <m_newton> Help?  IS there any RECOMENDED/Needed security measure when runing a web server??
[03:57] <m_newton> are the ppl in this fourm dead?
=== thomas__ is now known as The-Kernel
[07:46] <Jeeves_> Why is it, that Microsoft is stepping away from the GUI tools and into the shell-tools, and Ubuntu is going to focus on writing GUI tools for the server
[07:47] <Jeeves_> ?
[07:47] <Jeeves_> As described here: https://wiki.ubuntu.com/ServerTeam/Bug0
[07:53] <Kamping_Kaiser> my main query (use of gui tools aside) is, why arnt existing ones being adapted instead of new ones written
[07:53] <Jeeves_> Kamping_Kaiser: Because everyone can dot it better :P
[07:54] <Kamping_Kaiser> Jeeves_, hehe :P
[07:55]  * Kamping_Kaiser imagines booting ubu-serv - "hi, i'm the ubuntu logo, do you need help configuring a server?"
[07:55] <Jeeves_> My gui tool is better than yours! (Even though, they all suck)
[07:55] <Jeeves_> ARe you sure you want to add this user?
[07:55] <Jeeves_> Really?
[07:55] <Jeeves_> Really really?
[07:55] <Kamping_Kaiser> lols
[07:55] <Kamping_Kaiser> "Offer a scalable, robust, standards-compliant mail server. The answer will frequently be “does it talk natively to unmodified Outlook clients, and unmodified Exchange servers?”" <-arnt these two items directly at odds?
[07:56] <Jeeves_> Kamping_Kaiser: Indeed, they are
[07:57] <Kamping_Kaiser> Jeeves_, oh good, i was doubting my sanity for a tick there
[07:57] <Jeeves_> I don't want to sound negative or something, but I somewhat hope this bug doesn't get fixed.
[07:58] <Kamping_Kaiser> Jeeves_, i'm still not sure what the bug /is/
[07:58] <Jeeves_> The first part of the bug is great, ditch M$ in the server environment. But the way to get there IMHO is defenitly not what is described in there.
[07:58] <Kamping_Kaiser> nod
[07:58] <Jeeves_> Kamping_Kaiser: That M$ sells too many ISA servers
[07:58] <Jeeves_> And Exchange servers
[07:59] <Jeeves_> And that Ubuntu needs to be changed so people start to use that
[07:59] <Kamping_Kaiser> hm. then i'm with you - agree with the bug, not sure i like the chosen path
[07:59] <Jeeves_> Instead, you should start by fixing evolution so that it doesn't grow to 2gb memory footprint when using calendars
[08:00] <Jeeves_> Fix something that enables you to do normal calendaring (as exchange does)
[08:00] <Jeeves_> Than, you are able to get far with the current tools
[08:01] <Jeeves_> The problem isn't the configuration of the features
[08:01] <Jeeves_> The problem is the inexcistence and/or brokenness of the features
[08:01] <Kamping_Kaiser> now apples calnedar server is in debian (and probably ubuntu) that job will probably have just got much easier
[08:01]  * Kamping_Kaiser is in the process of setting itt up at work atm
[08:02] <Jeeves_> ah let me know how that goed
[08:02] <Jeeves_> s/d/s
[08:02] <Kamping_Kaiser> can do.
[08:03] <Kamping_Kaiser> only got as far as installing the packages ("backported") before getting another thing to work on, but will do
[08:17] <shtoom> hi can I use uck to build customized ubuntu servers ?
[10:34] <scuffio> hi
[10:34] <scuffio> there is anybody here  ?
[10:34] <scuffio> sorry
[10:34] <scuffio> is there...
[10:35] <scuffio> :)
[10:35] <n6rej> yeah
[10:36] <scuffio> Hi
[10:36] <scuffio> I'd like to be a memeber of this team
[10:37] <scuffio> what i have to do  ?
[10:37] <n6rej> scuffio: https://wiki.ubuntu.com/ServerTeam/GettingInvolved
[10:37] <n6rej> scuffio: i'm not a dev so I can't tell you but that will
[10:38] <scuffio>  ok mate
[10:38] <scuffio> thk
[10:38] <n6rej> np
[11:45] <scuffio> I've a problem with launchpad.
[11:46] <scuffio> basically, I don't recive the email
[11:46] <scuffio> in order to complete the registration
[11:46] <scuffio> someone can help me   ?
[11:46] <scuffio> https://launchpad.net/~ubuntu-server/+join/+login
=== jords__ is now known as jords
[13:07] <Erosion> Is OpenSSL installed by default on ubuntu-server?
[13:25] <jpds> emgent: yeah
[13:26] <jpds> err, he left, sorry emgent
[13:49] <Terrasque> heh. Found an old bug.. http://ubuntuforums.org/archive/index.php/t-583958.html - that one is apparantly not fixed yet.
[13:51] <Terrasque> after upgrading from feisty to gutsy I encountered it, on my root partition, no less. Leaving me with the very basic init system to fix things.. Is there a text editor in that system, btw? I couldnt find any, and had to resort to cat, sed, cp and mv
[16:33] <will01> if i have a vpn server thats connected to the switch, and the switch is connected to a router, which is plugged into the modem, will i be able to use that vpn anywhere?
[16:38] <lamont> will01: I'm having trouble parsing your question...
[16:38] <InsomniaCity> will01: that depends on how your router is set up
[16:38] <lamont> by "anywhere" do you mean "in even one location" or "everywhere"
[16:40] <lamont> and in any case, the answer is "you'll be able to use that from anywhere that has IP connectivity (can reach) the vpn server, which, in turn, depends on the config of all of those devices, as well as possibly your ISP (some ISPs hand out RFC1918 addrs to their customers, which is really just sad...))
[16:41] <lamont> will01: your question basically boils down to "if I plug something into my switch, can I talk to it from anywhere?"...  and the answer winds up being "it depends"
[16:42] <will01> ok
[16:45] <lamont> I have run vpn endpoints with a topology of: internet -> modem -> router -> switch -> vpn many times.. my current config is slightly different in immaterial ways.
[16:47] <lamont> brb
[16:58] <will01> i got it figured out, forgot to configure the dmz doh
=== astro76_ is now known as astro76
=== RoAk is now known as RoAkSoAx
[20:54] <methods> anyone home ?
[21:01] <methods> rubygems keeps saying it can't find sqlite3.h even though i have the dev package installed
[21:02] <methods> i had to get it from universe
[21:07] <RainCT> Hi
[21:07] <RainCT> Is it possible to let SSH listen on port 80 or will this kill penguins? :P
[21:08] <stickystyle> RainCT: You can have ssh listen on any port you want.
[21:09] <stickystyle> providing that it doesn't have something already running on it.
[21:09] <RainCT> Ah. So if there's already Apache on port 80 SSH can't run there, or?
[21:09] <stickystyle> Yes, if apache is already running on port 80 you cannot run sshd there also.
[21:10] <stickystyle> I'm thinking your trying to get past a proxy...am I right?
[21:11] <RainCT> not sure what it is, but yes :P
[21:11] <RainCT> I'm building a server as baccalaureate research project and the PC is at school
[21:12] <RainCT> and I'm waiting since weeks for the technicians from the education department who give the internet to open the ports (until now they've only opened 80)
[21:12] <stickystyle> Ah.
[21:17] <stickystyle> So if you already have apache running on port 80, and port 80 is the only port that you have open on the server, i guess your kind of stuck for ssh access.
[21:18] <stickystyle> there are little php apps out there that will give you a kind of shell through your web browser, but they are ridiculously insecure and i could never recomend running on.
[21:18] <RainCT> right. well, thanks :)
[21:20] <JanC> there is a python one too
[21:20] <JanC> and AFAIK it is secure enough if you use decent authentication/encryption   ;)
[21:25] <lamont> RainCT: you could do abusive things with openvpn and iptables DNAT - but that's a very long discussion that I don't have time for
[21:25] <RainCT> JanC: well, I guess I'll wait for a while more before falling back to such stuff
[21:25] <lamont> (if the source port is XXXX then DNAT to the openvpn instance, otherwise, let it through to port 80
[21:26] <lamont> or I suppose you could do that with SSH as well
[21:27] <mfournier>  
[21:28] <lamont> ssh -D XXXX -p 80 server  - and then the server has iptables -t nat -A PREROUTING -p tcp --sport XXXX --dport 80 -j DNAT --to-destination :22
[21:29] <lamont> the downside to that is that every now and then, some poor web user will get an ssh connection instead of an http connection...
[21:30] <RainCT> lamont: what would the XXXX there be?
[21:30] <lamont> some number, probably >= 1024, definitely <= 65535
[21:31] <RainCT> ah, I see. the local port to use, right?
[21:31] <lamont> note also that circumventing an organization's firewall usually has some administrative penalties attached to it....
[21:31] <lamont> yes
[21:32] <RainCT> great, thanks
[21:33] <lamont> of course, if the client goes through any sort of NAT firewalling or a proxy, then that won't do anything for you, since the port is likely to be different then
[22:30] <UbuntuJul> hi everyone - Linux newbie here, having some troubles getting PHP to "work" - anybody feel like spreading some love?
[22:49] <emgent> heya
[22:50] <RainCT> bye
[23:04] <firehead_eom> hey guys.
[23:06] <firehead_eom> i have a question about setting up a mail server using a SQL database to hold virtual domains and users.
[23:09] <firehead_eom> so far, i've followed the default 'tasksel' to install a standard mail server, but alas, the howtos i've found end with me needing to use phpmyadmin to create users and no easy way to connect via imap.
[23:09] <firehead_eom> any help would be greatly appreciated.
[23:11] <nealmcb> firehead_eom: what do you mean, no easy way to connect via imap?  is the dovecot server installed?
[23:12]  * nealmcb notes that you may find more folks around to help during the week
[23:12] <firehead_eom> nealmcb: i installed dovecot, but i believe my settings are such that when i try to connect using an email client, the connection is actively refused, leading me to believe it's most likely a mysql problem
[23:13] <nealmcb> is the port open?
[23:13] <nealmcb> what exactly do you see?
[23:13] <firehead_eom> true.. i'm in no hurry to set this up quickly, but i wanted to see if help could be found.
[23:14] <sergevn> firehead_eom: try using syscp
[23:15] <firehead_eom> i'm sad to say i won't be able to answer that question. I realised that i'd muddled the settings a bit too much and proceeded to apt-get --purge remove all non-core packages from the server.
[23:17] <firehead_eom> i have to admit, i'm kind of new to setting up a mail server with a sql backend.
[23:18] <nealmcb> sergevn: doesn't look like syscp is packaged for ubuntu - do you know why not?
[23:20] <sergevn> nealmcb: syscp is an complete ISP package, it contains smtp(postfix, dovecot etc) ,http(apache) and ftp(proftpd)
[23:20] <sergevn> nealmcb: all based on mysql
[23:21] <firehead_eom> oh.. interesting.
[23:21] <sergevn> yes, and it's opensource ofcourse :)
[23:22] <nealmcb> sergevn: still seems like it would be nice to have the isp-specific things in a package, and use the standard tasksel for all those things
[23:22] <nealmcb> otherwise os upgrades can be more difficult
[23:23] <nealmcb> is there an up-to-date howto on using syscp in ubuntu?
[23:23] <sergevn> nealmcb: yes, just use the debian-etch howto on their website
[23:23] <sergevn> nealmcb: i currently have it running on gutsy.
[23:23]  * nealmcb wonders how the config is different....
[23:24] <sergevn> nealmcb: not that different, it also works on freebsd
[23:24] <sergevn> it's application dependand, not OS dependand :)
[23:24] <sergevn> maybe the peeps on #syscp could give you a better explanation ;)
[23:25] <sergevn> ;) = :)
[23:25] <sergevn> I have it running on my hosting servers and works perfect.
[23:26] <sergevn> Safe by design :)
[23:26] <nealmcb> well, offhand I'd recommend using standard packages - easier security updates, better ubuntu support etc
[23:26] <sergevn> nealmcb: yeah, that's the catch, with syscp you are using packages of your distro. sysscp is only a set of phpscripts :)
[23:27] <nealmcb> catch?
[23:27] <sergevn> catch/trick/advantage
[23:27] <nealmcb> if syscp uses standard packages for most stuff, then again I wonder why it isn't packaged already itself
[23:28] <sergevn> just copy the php files in your webroot
[23:28] <firehead_eom> wouldn't that mean, however, that if the packages themselves are changed, then syscp may not be able to recognise that change and break?
[23:29] <firehead_eom> then again, it's worth a look/try.
[23:29] <sergevn> firehead_eom: could be with an dist-upgrade, but not likely
[23:29] <firehead_eom> thanks sergevn :)
[23:29] <firehead_eom> and thanks to you too nealmcb.
[23:29] <sergevn> syscp has very good documentation and irc support :)
[23:29] <sergevn> firehead_eom: no prob, you can always contact me if you have problems with installing it
[23:30] <sergevn> nealmcb: you too
[23:30] <sergevn> to make it clear, you just install the postfix-mysql package allong with your normal postfix install.
[23:31] <sergevn> in the configuration file you put the SQL query's that is documented on their website and in the syscp panel itself while installing
[23:43]  * danshearer is away: Zzzz
[23:46] <samuel> Can anyone help me with getting the image GD installed for php?
[23:47] <nealmcb> !ask | samuel
[23:48] <nealmcb> samuel: Guide to asking questions on IRC: http://www.sabi.co.uk/Notes/linuxHelpAsk.html  | Be patient.  Don't ask to ask, just ask.
[23:48] <samuel> Oh, sorry.
[23:48] <nealmcb> :)
[23:49] <samuel> Anyways, I found the solution to my problem. =/ I was just searching for the wrong terms.
[23:50] <nealmcb> samuel: yeah - I often find that just crafting a good question is all I need to figure out the answer :)
[23:51] <seisen_> i tried settting up raid on a server but there is a previous raid setup on there that can't be deleted because it keeps popping up that its still busy, how can I get rid of it.
[23:51] <samuel> nealmcb: It's hard as hell to google for what you're trying to do, when you've used windows all your life. The excessive use of command line probably discuouraged people from properly documenting things, or something.
=== seisen_ is now known as seisen
[23:55] <nealmcb> seisen: I don't know, but more specifics (versions, error messages, etc like in that guide above) will make it more likely that someone else can hep
[23:55] <nealmcb> help