[00:44] <slimjim8094> hey guys, quick question
[00:45] <slimjim8094> ehlo from slimjim8094
[00:45] <slimjim8094> bah, say my name when (if) you come back
[00:47] <InsomniaCity> why not just ask the question?
[00:47] <slimjim8094> ok, fair enough
[00:47] <InsomniaCity> then when they come back, they'll answer the question too
[00:47] <slimjim8094> ok - well i'm running bind9 and dhcp3-server
[00:47] <slimjim8094> on the same bodx
[00:47] <slimjim8094> box*
[00:47] <slimjim8094> i'm using this as a router/server/samba/nfs/squid/firewall/awesomebox
[00:48] <slimjim8094> and it's been working great
[00:48] <slimjim8094> but i haven't been able to get ddns-updates to work, from dhcp-server to bind9
[00:48] <slimjim8094> my main question is - do I *need* security (key) if I don't want one?
[00:48] <slimjim8094> because i'd prefer to not use one... I trust my network
[00:49] <InsomniaCity> Deeps knows about dhcp+bind9, IIRC
[00:50] <slimjim8094> ok well holla if/when you come back
[00:50] <slimjim8094> my irc beeps at me if you say my name :)
[00:51]  * kees ponders try to S-O-S slimjim8094's irc client.  ;)
[00:51] <kees> *trying
[00:51] <slimjim8094> DoS? or SOS?
[00:52] <kees> like, playing out "deet deet deet  deet   deet   deet   deet deet deet"
[00:52] <slimjim8094> rofl
[00:52] <slimjim8094> kees
[00:52] <slimjim8094> kees
[00:52] <slimjim8094> kees
[00:52] <kees> :)
[00:52] <slimjim8094> kees
[00:52] <slimjim8094> kees
[00:52] <slimjim8094> kees
[00:52] <kees> mine just highlights ;)
[00:52] <slimjim8094> kees
[00:52] <slimjim8094> kees
[00:52] <slimjim8094> kees
[00:52] <slimjim8094> how about that?
[00:52] <slimjim8094> oh
[00:52] <slimjim8094> mine does both XD
[01:41] <ray_> hi any one here
[01:44] <ray_> how you set up dns so i can use it with my routor and isp on my own on ubuntu 8
[01:44] <ray_> ?
[02:01] <slimjim8094> ray_
[02:01] <slimjim8094> oh
[02:01] <slimjim8094> well he's gone...
[04:17] <pteague> ok, this isn't good...  i'm getting something like "no journal on filesystem md0"...  there should be, it's a 1.2tb with only about 100gb free
[04:24] <mathiaz> dendrobates-: Could you modify https://blueprints.launchpad.net/ubuntu/+spec/easy-ldap-server to set me as the drafter ?
[04:27]  * ajmitch wouldn't mind being removed as assignee from these as well
[04:28] <ajmitch> while I'm starting to get back into ubutnu development where possible, I don't think I'll be taking care of these specs
[04:31] <mathiaz> ajmitch: could you change that information ?
[04:34] <pteague> http://pastebin.com/m715d8c43
[04:38] <ajmitch> mathiaz: no, I tried the other day
[04:39]  * ajmitch will try again with this spec
[04:39] <ajmitch> nope, forbidden
[04:40] <ajmitch> dendrobates is a member of ubuntu-drivers, I'm not
[04:42]  * ajmitch wishes he could help with that raid problem
[04:43] <pteague> http://pastebin.com/m715d8c43 :(
[04:44] <ajmitch> yeah, I saw
[04:44] <pteague> oops, sorry for repost... carrying on multiple convos in diff channels
[04:44] <ajmitch> does dumpe2fs tell you any thing useful?
[04:45] <pteague> can i run that directly on /dev/md0 cause it won't let me mount it at all
[04:45] <ajmitch> afik you can, and it shouldn't modify the filesystem on there that I'm aware of
[04:45] <mathiaz> ajmitch: ok - thanks - I'll ping dendrobates- about this spec.
[04:50]  * ajmitch is glad to see things moving ahead with the server team though
[04:50] <pteague> k, running dumpe2fs... it's a 1.2tb raid5 so may take a while... does it output to 1 or 2? i figured i'd dump the output to txt
[04:51] <ajmitch> so it's getting somewhere?
[04:52] <pteague> seems to be... red light is blinking on the 1st drive
[04:52]  * ajmitch probably isn't the best person to help with filesystem intricacies
[04:53] <ajmitch> since for me, things generally just work & I don't dig deeper :)
[04:54] <pteague> yeah, i usually don't have problems, but there was a power outage today... i shutdown the server, but i don't know if it finished shutting down before or after the ups went down
[05:00] <pteague> the output file is about 2.7mb & i couldn't paste the entire thing to pastebin so i just pasted a part of it - http://pastebin.com/m4f7e26fb
[05:01] <ajmitch> certainly still looks like a valid FS with metadata
[06:02] <pteague> somebody in tulsa lug was able to help me out... after a bunch more debugging ended up having to run `tune2fs -j /dev/md0`
[06:03] <ajmitch> a bit painful
[06:04] <ajmitch> and surprising that the journal could just disappear
[06:04] <pteague> yeah, i think what happened was ups died in the middle of shutdown earlier... had a tree fall on a power line 2 blocks south of here
[06:59] <ca_dsl> hi all
[06:59] <ca_dsl> I need some help with installing ubuntu 8.04 server
[06:59] <ca_dsl> anyone there that can help
[07:03] <soren> ca_dsl: That's hard to say. You haven't asked a question yet.
[07:04] <ca_dsl> o right
[07:04] <ca_dsl> trying to install ubuntu 8 on a hpt374 raid 5 array
[07:05] <ca_dsl> but the partition manager won't see the array
[07:05] <ca_dsl> it only sees the individual disks
[07:05] <ca_dsl> I am sure I am missing something simple here
[07:06] <ca_dsl> but I cant seem to find any info on the web on how to do this
[07:06] <ca_dsl> any ideas?
[07:07] <soren> Your raid-crontroller is probably not a "real" raid controller. It's quite comon.
[07:07] <soren> common,even.
[07:07] <ca_dsl> what do you mean by that?
[07:08] <soren> It just gives you a way to configure your raid arrays in a bios-ish configuration thing, and then the operating system is supposed to do software raid based on that information.
[07:08] <ca_dsl> I don't think that is the case with the Hiphpoint Rocket Raif
[07:09] <ca_dsl> err raid cards
[07:09] <ca_dsl> but I honestly don't know
[07:09] <ca_dsl> how can one tell?
[07:11] <soren> Real RAID card are *really* expensive.
[07:11] <ca_dsl> nm I just googled it and it turns out it is indeed a "Bios assisted"
[07:11] <ca_dsl> card
[07:11] <ca_dsl> that explains why I see the individual drives
[07:12] <ca_dsl> so how do I make them work as a RAID 5 on a cleam install?
[07:14] <soren> Actually... I'm not sure.
[07:18] <ca_dsl> ahh
[07:19] <ca_dsl> apparently ubuntu is loading the standard hpt366 driver (standard ide)
[07:20] <ca_dsl> so the question becomes how do I manually tell the installer to load a different driver for the hdd controller?
[07:23] <soren> You don't want to use a different driver.
[07:24] <ca_dsl> apparently the propiertary driver will see the array
[07:24] <ca_dsl> I found a howto on the install once the system is up and running
[07:25] <Koon> ca_dsl: yes, Highpoint Rocket raid cards are usually hardware raid cards, so I think your problem is more that it's not properly recognized
[07:25] <Koon> ca_dsl: which one is your model exactly ?
[07:25] <ca_dsl> Rocket Raid 454
[07:25] <ca_dsl> w/ the HPT374 chip
[07:28] <ca_dsl> Koon: any ideas then?
[07:28] <ca_dsl> I tried hitting F6 but nothing happened *grins*
[07:28] <Koon> ca_dsl: I'm looking... it should have loaded the right module
[07:29] <ca_dsl> ok
[07:29] <Koon> ca_dsl: http://stefan.freyr.org/?page_id=6
[07:29] <Koon> you apparently aren't the first one
[07:30] <ca_dsl> thats a change
[07:30] <ca_dsl> normally my problems get a response of "thats a first" or "no one else seems to have that problem"
[07:30] <ca_dsl> o thats the howto I foind
[07:30] <ca_dsl> err found
[07:31] <ca_dsl> it assumes a system is allready up and running
[07:31]  * rgl waves
[07:31] <ca_dsl> and is for x64
[07:31] <ca_dsl> I am running the x86 version
[07:31] <ca_dsl> and I am trying to install onto the array (no more space for extra drives)
[07:32] <Koon> ca_dsl: yes, I'm not so sure how you can blacklist a module and load another one soon enough in the install
[07:33] <ca_dsl> the installer has a shell
[07:33] <ca_dsl> but darned if I know what to do with it
[07:34] <ca_dsl> could I use the shell and compile the driver for the install?
[07:34] <Koon> no, you'd need a more complete system to compile things
[07:36] <ca_dsl> hmm
[07:36] <ca_dsl> there is no liveCD version of server is there?
[07:38] <Koon> ca_dsl: no
[07:39] <ca_dsl> hmm
[07:39] <ca_dsl> yet another wall
[07:39] <ca_dsl> i seem to have a nack with stumping the experts
[07:40] <Koon> I suppose you could compile the hpt374 module on another system, copy it somehow when you drop to the shell, rmmod hpt366 and insmod hpt374... but I couldn't tell you the exact steps
[07:41] <Koon> the easiest would be to have one disk outside the array
[07:41] <Koon> install on it
[07:41] <ca_dsl> yeah rmmod is not a shell command on the install
[07:41] <ca_dsl> I am thinking you are right about using another disk
[07:42] <ca_dsl> it would keep the system seperated from the data
[07:42] <ca_dsl> and the howto would then work...
[07:43]  * ca_dsl stares at the case and wonders how to install another drive
[07:43]  * ca_dsl grabs hit hot glue and another drive
[07:44] <Koon> ca_dsl: good luck !
[07:44] <ca_dsl> thnx
[07:44] <ca_dsl> is 7 drives in a mid tower too many :D
[07:46] <ca_dsl> frankenserver, in fact I think that will be its name
[07:48] <ca_dsl> wonder where I can hire an Igor
[08:03] <soren> :*)
[08:04] <ca_dsl> koon and soren thanks for the help
[08:04] <soren> np :)
[08:10]  * ca_dsl bows spins and is gone
[08:30] <Furom> Does anyone in here comprehend how SMTP works? I need insight to this subject. For example, lets say that I have an SMTP server running, it should recieve emails from something like, ANYTHING@my.ip.ad.dre.ss, right? Or is there extra steps I have to take to make it work? My situation is, that I'm using a ruby server that I'm programming myself, to store text emails in mysql. I don't want an over complicated system that enables
[08:30] <Furom> transfer of files and such. I just need to be able to receive emails.
[08:38] <hads> Furom: It's not really #ubuntu-server related. Probably the best way would be to setup a standard MTA and have your mail delivered to your script via pipe.
[08:42] <Furom> hads: Ah, I figured it would be, since technically, it's an SMTP server setup that I'm trying to accomplish. Well, guess I better get back to googling.
[09:37] <kraut> moin
[09:44] <daffy> hi all
[09:44] <daffy> somebody use egroupware software ?
[09:44] <daffy> i've a problem with it :(
[09:45] <soren> !ask
[09:47] <daffy> i use egroupware with ldap authentification, and "felamimail" don't use the correct user for connect to the imap server, egroupware use UID for authentification on egrouware and felamimail use this login but my configuration on ldap for mail adress is not the same as UID
[10:21] <soren> Whu... PHP seriously doesn't have an execve function?
[10:22] <daffy> this is for me ?
[10:22] <soren> No.
[10:22] <soren> For me.
[10:22] <daffy> oki ^^
[12:21] <soren> And presto! The first stab at a web-enabled version of ubuntu-vm-builder is now functional.
[12:23] <frippz> soren: sounds cool. so where's the Sourceforge page? :D
[12:23] <ogra> sourceforge ... pffft .... thats so 90s ...
[12:24]  * soren shudders at the mere thought of dealing with sourceforge again.
[12:24] <Kamping_Kaiser> hehe
[12:24] <frippz> fine.... so what's the hot stuff these days? google code? :P
[12:25] <soren> I liked their build farm, but the web interface? NEver again..
[12:25] <soren> launchpad, dude!
[12:25] <frippz> of course... silly me :)
[12:25] <soren> That's where it's at. All the cool kids use it.
[12:25] <Kamping_Kaiser> funny that :P
[12:26] <frippz> as soon as I can get my boss to hock up the €200 for a new rack server, I'll get into virtualization as well :)
[12:26] <frippz> and a web interface would be nice
[12:31] <frippz> heh, meant €2000
[12:31] <frippz> I'd like to see the rack server you get for €200
[12:42] <dthacker> well the storm woke me up, I might as well go to work.
[13:23] <pschulz01> Kamping_Kaiser: ping
[13:24] <Kamping_Kaiser> pschulz01, pong
[13:24] <pschulz01> Kamping_Kaiser: We have some deadlines :-(
[13:24] <pschulz01> Kamping_Kaiser: re. bugzilla3
[13:24] <pschulz01> Kamping_Kaiser: :-)
[13:25] <zul> monkeys!
[13:25] <Kamping_Kaiser> pschulz01, :/ thats bad what sort of deadline?
[13:26] <pschulz01> Kamping_Kaiser: Friday week.. get everyone using new bugzilla (cutover).
[13:27] <Kamping_Kaiser> pschulz01, i might come in extra day/s next week then.
[13:27] <sommer> morning all
[13:28] <pschulz01> Kamping_Kaiser: I might just install it.. as we have it now.
[13:29] <pschulz01> Kamping_Kaiser: The we will have a week to sort out the data migration.
[13:29] <pschulz01> Kamping_Kaiser: SSL should just work (touch wood).
[13:30] <Kamping_Kaiser> pschulz01, i expect its close. i'll find out how its going thursday i guess ;)
[13:30] <pschulz01> Kamping_Kaiser: Ok.
[13:34] <Kamping_Kaiser> afk. sleep :)
[13:59] <sommer> jdstrand: I was playing with the smbd apparmor profile in the apparmor-profiles package, and I think there a couple more directories that should be added by default:
[13:59] <sommer>   /var/spool/samba/** rw,
[13:59] <sommer>   /var/run/utmp rwk,
[13:59] <sommer> just an fyi :)
[13:59] <Asad2005> can someone help me set up my wireless NIC wlan0 as access point, my eth0 is currently set up as DHCP server hardy64
[14:00] <jdstrand> sommer: thanks! can you file a bug against apparmor-profiles?
[14:00] <sommer> jdstrand: sure will do
[15:04] <emgent> heya
[16:23] <cjsstables> Morning.  Have a problem with a user logging into ldap network server.  User can log in with a windows client but cannot log in with a linux client.  other users are not affected.  where do I begin my search to remedy this issue
[16:32] <mathiaz> Koon: well - it's hard to find a time that would fit almost everyone.
[16:33] <mathiaz> Koon: http://timeanddate.com/worldclock/meetingtime.html?month=6&day=4&year=2008&p1=196&p2=69&p3=43&p4=224
[16:34] <Koon> mathiaz: yes, looks like the less worse time on that table
[16:39] <zul> mathiaz: do you want to do the mysql merge?
[16:54] <mathiaz> zul: Not in the next few hours - go ahead
[17:40] <rgl> any of you guys using powerdns?
[19:22] <Asad2005> can someone help me set up my wireless NIC wlan0 as access point, my eth0 is currently set up as DHCP server hardy64
[19:26] <gladk> Asad2005: what access point do zou have_
[19:26] <gladk> ?
[19:26] <gladk> sorry, Deutsch keyboard :
[19:26] <gladk> :)
[20:05] <slimjim8094> sup
[20:05] <slimjim8094> listen - i have a question about ddns-updates
[20:06] <slimjim8094> can anyone give me a hand?
[20:06] <mathiaz> jdstrand: ok - I'll join #ubuntu-meeting now - ping me when you're about to be up
[20:10] <spiekey_> hi
[20:13] <mathiaz> sommer: is auth-client-config documented in the Server Guide ?
[20:16] <sommer> mathiaz: I don't think so
[20:18] <sommer> mathiaz: nopers, currently the serverguide covers setting up services, not necessarily configuring clients to use them
[20:18] <sommer> mathiaz: that can be added though :-)
[20:18] <mathiaz> sommer: right - it may be worth adding about a section about this
[20:19] <mathiaz> sommer: or a section about how-to integrate your ubuntu server in an existing infrastructure
[20:19] <sommer> mathiaz: sure, I'll add it to the list
[20:19] <mathiaz> sommer: that would cover likewise-open, nss and pam
[20:20] <mathiaz> sommer: I've just updated a spec about this topic - https://wiki.ubuntu.com/NameServicesIntegration
[20:25] <sommer> mathiaz: just added a note to the serverguide spec as well: https://wiki.ubuntu.com/IntrepidServerGuide
[20:26] <mathiaz> dendrobates: could you update this blueprint https://blueprints.launchpad.net/ubuntu/+spec/network-authentication ?
[20:27] <mathiaz> dendrobates: and make me the drafter ?
[20:32] <ledmushroom> Ok lets say that I have multi users on this pc ubuntu 8 and I was wondering is there away to limit there ability  to d/l anything with out a password, I mean let them on the net but no d/l of any kind. thats it
[20:33] <ledmushroom> Ok lets say that I have multi users on this pc ubuntu 8 and I was wondering is there away to limit there ability  to d/l anything with out a password, I mean let them on the net but no d/l of any kind. thats it
[20:33] <ledmushroom> dont know what happened to the first post
[20:34] <soren> What do you mean by "on the net but no d/l of any kind"?
[20:36] <ledmushroom> they would be allowed to surf but not download anything with out a password or something
[20:37] <soren> Surfing and downloading is the same thing.
[20:37] <soren> (in this context)
[20:38] <Deeps> sounds like the guy wants a browser in kiosk mode
[20:38] <nealmcb> yeah - like it is hard to tell the difference between listening to music and recording it....  but tell that to the DRM fanatics
[20:38] <ledmushroom>  so what you mean is no unless i take away the net all together
[20:39] <nealmcb> ledmushroom: what do you want to prevent - changes to the system?
[20:39] <ledmushroom> right
[20:39] <ledmushroom> i guess
[20:39] <nealmcb> like a kiosk mode?
[20:39] <Deeps> 20:38:31 < Deeps> sounds like the guy wants a browser in kiosk mode
[20:39] <ledmushroom> i guess if i knew what that was
[20:39] <nealmcb> Deeps: right - I was just doing it in conversational style :)
[20:40] <Deeps> where you can surf the net, but not do anything else
[20:40] <Deeps> like at a cybercafe, or a internet point at an airport
[20:40] <nealmcb> kiosk mode == where the computer is supposed to remain the same for the next user - can't install programs or change preferences?
[20:40] <ledmushroom> i guess but havent been to any of those i suppose so
[20:40] <ledmushroom> hehe
[20:40] <Deeps> or download files
[20:40] <ledmushroom> yes
[20:41] <nealmcb> well, "download" is too overloaded in meaning to make much sense here
[20:41] <Deeps> write files to disk and/or run random applications
[20:42] <nealmcb> is it a server or a desktop with a gui?
[20:42] <ledmushroom> yes deeps
[20:42] <nealmcb> (my question was for ledmushroom...)
[20:42] <nealmcb> !servergui | CyberKing
[20:43] <ledmushroom> desktop
[20:43] <ledmushroom> sorry was lost for a min
[20:43] <nealmcb> ledmushroom: then you'll probably get better help in #ubuntu or another channel - the folks here don't do much with guis
[20:43] <Deeps> although if you insist on a gui, installing ubuntu desktop and tasksel -i ubuntu-server would be the same as installing ubuntu server and tasksel -i ubuntu-desktop
[20:44] <ledmushroom>  they told me to ask in here
[20:44] <ledmushroom> lol
[20:44] <nealmcb> Deeps: well, you'd have a slightly different kernel, but yeah
[20:44] <Deeps> point
[20:44] <nealmcb> :)
[20:45] <nealmcb> ledmushroom: this is dated, but may give some ideas: http://ubuntuforums.org/showthread.php?t=338980&highlight=kiosk+cafe
[20:45] <ledmushroom> ty
[20:49] <nealmcb> CyberKing: installing ubuntu-server provides a command-line interface.  ebox provides a web gui interface
[20:49] <nealmcb> ..as noted in that page...
[20:55] <slimjim8094> ehlo from slimjim8094
[20:56] <slimjim8094> anyone know anything about BIND + dhcp-server ddns?
[20:56] <sergevn> until when are there updates for gutsy server?
[20:56] <nealmcb> gutsy is supported for 18 months - until next spring
[20:57] <sergevn> nealmcb: ok cool thx :)
[20:57] <sergevn> I have my production server running on gutsy ( i know bad idea )
[20:57] <sergevn> I dont know if it's safe to upgrade to hardy on the fly?
[20:57] <nealmcb> not necessarily a bad idea - there are lots of scenarios out there...
[20:57] <sergevn> only running apache, php, mysql, postfix, dovecot
[20:59] <nealmcb> well, "safe" as in "no one will die", but most folks test the upgrade on a non-production box first....
[20:59]  * nealmcb considers heart attacks and revises his answer....
[21:00] <ph4mp573r> hey, I keep getting a "file to large" bounce back on email. I checked /etc/postfix/main.cf & master.cf and couldn't find a size limit. Any ideas? Ubuntu Server 8.04 LTS
[21:00] <sergevn> nealmcb: hehe :), well postfix en dovecot depend on mysql
[21:00] <sergevn> nealmcb: im not worrying about apache, but about dovecot/postfix
[21:01] <nealmcb> ph4mp573r: you're running the server that is sending the bounce message?
[21:01] <ph4mp573r> yes
[21:02]  * soren hugs jdstrand 
[21:02] <soren> jdstrand: Congratulations, dude!
[21:02] <ph4mp573r> any idea where the size limit is set?
[21:03] <nealmcb> what does this say:  postconf -d
[21:05] <nealmcb> cheers for jdstrand - new core-dev:  https://lists.ubuntu.com/archives/motu-council/2008-May/001101.html
[21:07] <jdstrand> thanks nealmcb!
[21:07] <ph4mp573r> bounce_size_limit = 50000
[21:07] <ph4mp573r> bounce_size_limit = 50000
[21:07] <ph4mp573r> it says bounce_size_limit = 50000
[21:07] <ph4mp573r> where is that set?
[21:07] <JanC> sergevn: just try the upgrade in a virtual machine
[21:07] <ScottK> nealmcb: Not yet.  He still has to go in front of the tech board.
[21:08] <nealmcb> ScottK - this was from #ubuntu-meeting - but maybe I missed something - cc meeting now?
[21:08] <JanC> make sure that you have the same software running in the VM before you start upgrading in it
[21:08] <ScottK> Ah
[21:08]  * ScottK was reading the mail, not the IRC channel.
[21:08] <Deeps> or just use something like partimage to copy your current machine to a virtual disk and do the upgrade that way
[21:08] <Deeps> (in the vm)
[21:09] <nealmcb> ScottK - yeah - I meant to also reference the meeting channel - but I haven't read all of what is going on...
[21:09] <nealmcb> ScottK - can you answer ph4mp573r's question on setting size limits?  ^^
[21:09] <ScottK> Yes.
[21:10] <ScottK> Bounce size limit isn't it.  Give me a sec.
[21:10] <ph4mp573r> k thank you
[21:11] <sparky01> I have a question about the recent kernel patch...
[21:11] <ScottK> ph4mp573r:
[21:11] <sergevn> JanC: yes ill try this next week, thanks
[21:11] <ScottK> ph4mp573r: What does postconf | grep message_size_limit produce?
[21:11] <sparky01> why would it not download and install on server. It says packages held back... ?
[21:11] <sergevn> Does this also count for security updates? the support limit of next spring?
[21:12] <ScottK> sergevn: Yes.
[21:12] <ph4mp573r> 10240000
[21:12] <ph4mp573r> Scottk: 10240000
[21:12] <ScottK> ph4mp573r: That's the default.
[21:12] <ScottK> ~ 10MB
[21:12] <ScottK> ph4mp573r: How big a message do you want to send?
[21:12] <ph4mp573r> yeah, the emails that he's complaining on bouncing are each 10.1MB lol.
[21:12] <sparky01> why would the server report that it kept back server security patches?
[21:13] <ScottK> Also don't forget to allow some extra for 8 bit / 7 bit conversion.
[21:13] <ScottK> sparky01: It's the same as for any new kernel update.
[21:13] <sparky01> ?
[21:13] <ph4mp573r> so where is the size limit set Scott?
[21:13] <nealmcb> sparky01: perhaps you need to dist-upgrade?
[21:13] <ScottK> ph4mp573r: Add something like message_size_limit = 15360000 in main.cf and then reload postfix.
[21:14] <sparky01> ScottK, are they kept back until they are more fully tested or something?  please help me understand
[21:14] <ScottK> sparky01: Every kernel upgrade has a new package with is so you have to dist-upgrade to get it.  The fact that it's from security is no different.
[21:14] <sparky01> ScottK, thanks so much. i got it
[21:14] <ScottK> If you dist-upgrade and it's still held back, it means not all the packages are published yet and you should wait.
[21:15] <ph4mp573r> ScottK: so I just have to add it, even if it's not there?
[21:15] <ScottK> Yes.  The default, message_size_limit = 10240000, is implicitly there.
[21:16] <mathiaz> ogra: is there reason to use nss_ldap in an LTSP infrastructure ?
[21:23] <ph4mp573r> thanks ScottK that worked
[21:30] <karlito>  anyone got experience setting Bind9 : I got everything set for my local network. I can dig, ntlookup and ping. but where do I set the address seen from the outside world. my static ip given by my ISP. Any doc ?
[21:31] <sommer> karlito: check out the DNS section of the server guide: https://help.ubuntu.com/8.04/serverguide/C/dns-configuration.html#dns-caching-configuration
[21:40] <karlito> the guide use private address that are not routable over the internet, but for my need I should substitute those address for one given by my ISP ? thank for the link.
[21:41] <sommer> karlito: correct you'll want the fowarder addresses to be the ones from your ISP
[21:42] <karlito> why the guide do not include real life exemple ? got any idea ?
[21:42] <Deeps> because everyone can use those private ips, if it uses public ips it'll be specific to one person's configuration only
[21:42] <sommer> yep yep
[21:44] <karlito> got it. thank
[21:44] <sommer> np
[22:13] <maw_> has anyone successfully install VMware tools on 8.04 guest?
[22:15] <x0r-> Anyone familiar with OpenLDAP and StartTLS? I have an issue starting TLS * TLS: warning: cacertdir not implemented for gnutls *
[22:34] <Overand> Thesse days, should I be doing apt-get upgrade or aptitude upgrade?
[22:38] <maw_> I was just reading the man about that, apparently apt-get is the quick method and not dependancy friendly
[22:38] <maw_> quote from man:  under no circumstances are currently installed packages removed, or packages not already installed retrieved and installed
[22:38] <kirkland>  zul: a bunch of people are asking for php5-5.2.6 to be backported to Hardy, citing the unusually high number of security fixes (kees, ding ding) in the release
[22:39] <kirkland> zul: see Bug #227464
[22:39] <maw_> Overand: it seems apt-get dist-upgrade is best suited to handle current packages and any dependencies
[22:40] <hads> apt-get or aptitude will be fine.
[22:41] <ScottK> maw_: dist-upgrade is only needed if a new package is pulled in (as is normally the case for kernel updates).
[22:41] <kees> kirkland: I'd like to get those fixed backported to all the stable releases... just haven't had time yet.
[22:42] <kirkland> kees: backport of each patch is preferred over a merge of 5.2.6 ?
[22:42] <kirkland> kees: one user is reporting that his schools network is blocking servers running php < 5.2.6
[22:43] <kees> we don't do version bumps for PHP -- we backport fixes.
[22:43] <kees> it's not a "merge" if it's to hardy.  :)
[22:44] <kirkland> gotcha.
[22:44] <kirkland> kees: well, at first glance, it looks like a *sizable* debdiff.......
[22:44] <kirkland> (by my nascent standards)
[22:44] <Overand> wow.  go 7zip - 9600megs of log files down to 145megs, heh
[22:45] <kees> kirkland: well, you already found all the security bug fixes.  that'll be small.  It just needs some time and attention.
[22:46] <kirkland> kees: ah, right, that detective work you sent me on a few weeks ago.... i hadn't made the connection until now  (light bulb)
[22:46] <kees> :)
[22:46] <maw_> ScottK: I was making my comment based on 'man apt-get' which defines upgrade as not being dependency friendly and dist-upgrade resolving dependency issues
[23:04] <mathiaz> kees: pam modules are related to authentication - how would call the general domain that nss deals with ? authorization ?
[23:07] <kees> mathiaz: hmm
[23:08] <kees> mathiaz: they're really just directory lookup systems.
[23:08] <kees> looking up lists of hosts, people, groups, etc.
[23:09] <mathiaz> kees: right - I'm trying to find a good term for that role, but haven't got one yet
[23:10] <mindframe->  is there anything that should be backed up in /var/ besides /var/log?
[23:10] <ScottK> maw_: The practical distinction is will install a new package if needed
[23:10] <mindframe-> this would be for a system restore situation
[23:10] <kees> mindframe-: everything in /var is important.  :P
[23:10] <nijaba> mindframe-: quite a bit, yes
[23:11] <kees> mathiaz: "name service", though that's confusing with DNS
[23:11] <kees> directory service?
[23:11] <kees> that's confusing for LDAP
[23:12] <ph8> Hi all, i'm trying to find a way of replicating filesystems across machines, for redundancy/resilience - i want to have two machines in failover and the files on each should match exactly if possible - is there a better way than an rsync crontab'ed every minute? Seems a bit messy
[23:12] <nijaba> mathiaz: what are you trying to name?
[23:12] <kees> nijaba: the role that nss fills
[23:12] <mathiaz> nijaba: pam -> authentication; nss -> ?
[23:12] <ScottK> ph8: If you want bi-directional replication you might want to look at unison
[23:13] <nijaba> mathiaz: directory lookup service is what comes to my mind
[23:14] <nijaba> ph8: what about a shared block device such as DRBD?
[23:15] <kees> in addition to drbd, there's also clustered file systems, but I've never worked with them.
[23:15] <slimjim8094> hey guys - trying to do a ddns-update  between my dhcp-server and bind (same box)
[23:15] <kees> doing a md raid1 on top of physical + drbd was what I wanted to try, but it required that the machines never mounted it at the same time.
[23:16] <slimjim8094> it's not working - anybody know what's up?
[23:16] <kees> slimjim8094: I'm not much help, I haven't used ddns :(
[23:17] <slimjim8094> i think i get errors...
[23:17] <slimjim8094> i was just about to muck around with it for a bit more
[23:19] <ph8> sounds ideal nijaba and ScottK, i'll probably try DRBD, thanks
[23:22] <mathiaz> nijaba: what do you think about this: http://people.ubuntu.com/~mathiaz/network_auth_integration.png ?
[23:22]  * nijaba looking
[23:22] <mathiaz> nijaba: I've tried to summarize the option for network authentication scenarii
[23:24] <nijaba> mathiaz: I think you summarized quite well the options we cant to cover for interepid :)
[23:24] <mathiaz> nijaba: cant ?
[23:24] <nijaba> errr. s/cant/can
[23:25] <nijaba> errr... x 2 s/cant/want
[23:25] <nijaba> duh
[23:26] <mathiaz> nijaba: I was asking about the nss role in order to qualify the components in blue
[23:26] <mathiaz> nijaba: the components in red deal with authentication, the blue deal with ?
[23:26] <nijaba> mathiaz: so that's what I call the directory lookup phase
[23:26] <mathiaz> nijaba: right - often this is part of the authorization phase
[23:27] <nijaba> authentication has 2 phase: directory lookup and credential checking
[23:27] <nijaba> authorization has 2 phases: directory lookup and right computation
[23:29] <nijaba> note that in order to authenticate someone using only its cn, for example, you will first need to search for it's dn, this is what the directory lookup stands for
[23:30] <nijaba> in the authorization phase, you will do a directory lookup to see what objects are linked to your dn and acculate right inherited by it
[23:30] <nijaba> you then check it against your rules to see if anything matches (or not)
[23:31] <nijaba> mathiaz: does this help?
[23:36] <mathiaz> nijaba: yes - thnaks
[23:40] <ph8> If i read 'failover to seperate location over fiber-optic ring' - does the fibre-optic mean anything? Should i just approach the application like it's got a normal internet connection or is there some super-secret ring language i'm likely to need to talk? (i.e. making a pair of failover machines, i'd probably have them act as primary+secondary NSes, so if one fails - the other is active)
[23:42] <nijaba> ph8: where is this sentence coming from?
[23:43] <nijaba> ph8: I would say that it just means that if you want to have two systems in failover that are not within Ethernet reach, a fiber optic link is highly recommended to avoid latency problems
[23:43] <ph8> It's what I was told to design, a 'resilient FTP cluster of two machines' with Fail-over to separate location over fibre-optic ring
[23:44] <ph8> ah i see, so the machine would have two connected ethernet ports essentially
[23:44] <ph8> and i'd somehow have to confirm DRBD to use the fibre
[23:44] <nijaba> ph8: so the 2 machines are not in the same location?  or the separate location has another set of machines?
[23:44] <infinity> Not ethernet, FDDI.
[23:44] <ph8> since that's uber-fast
[23:44] <ph8> one machine in each DC yep
[23:44] <infinity> (There are differences...)
[23:45] <ph8> oo neve rheard of one of those
[23:45] <ph8> thanks
[23:45] <infinity> But, I suppose, for a point-to-point connection, the differences are meaningless to most people. :)
[23:45] <infinity> A "ring" of two machines isn't much of a ring.
[23:45] <ph8> indeed :p
[23:45] <hads> heh
[23:46] <ph8> ok so that's not actually too complicated
[23:46] <nijaba> infinity: one could argue that the minimal expression of a ring
[23:46] <ph8> that's good
[23:46] <ph8> (or is it? :p)
[23:46] <infinity> nijaba: Well, it's still technically a token ring network.  The "token" bit being the key here.  But I might argue the "ring" aspect a bit. :)
[23:47] <nijaba> infinity: you win ;)
[23:47] <infinity> (And the practical differences between token ring and carrier detect/select are miniman when it's a point-to-point connection)
[23:47] <infinity> minimal, too.
[23:49] <nijaba> ph8: people that have experience building such architecture are generally well paid, if that helps define "complicated"
[23:49] <infinity> Neat, I'm well-paid.
[23:50] <nijaba> I would hope you are, infinity
[23:50] <RoAkSoAx> lol.. i wanna be well paid when i start working :P
[23:50] <infinity> nijaba: If you could be so kind as to convey this information to my bank account, I'd appreciate it.
[23:51]  * nijaba googling for your bank acount number :P
[23:53]  * nijaba talk to him -> said to see with your employer ;)
[23:54] <nijaba> ok, enough fun for tonight, time to go to bed
[23:55] <infinity> G'night. :)
[23:55]  * RoAkSoAx has to wait like 6 more hours to go to bed :P
[23:56] <ph8> I think i'm getting the architecture, just got to make the machines :-)
[23:56] <ph8> Should be a good summer project
[23:56] <RoAkSoAx> ph8: what's your summer project?
[23:57] <ph8> see above
[23:57] <ph8> nn
[23:58] <LeChacal> hello, with the new kernel update that came out i for the desktop was going to upgrade my server but i only have remote access right now and i was wondering if it would be smart to update remotely and if i can how should i do it? because will take about 20+ min to download the update and by that time my ssh session will have timed out does that matter?
[23:58] <RoAkSoAx> a ftp server in master/slave with DRBD data replication?
[23:59] <hads> LeChacal: Use screen
[23:59] <LeChacal> hads: that is what i was going to do but wondered if that was a safe thing to do
[23:59] <hads> and your server must have a really slow connection.
[23:59] <LeChacal> hads: thank you i will do that