[00:18] <zul> mathiaz: I did a thinko when uploading the system-config-samba to proposed
[00:44] <emgent> zul: rapache read hand edit and add it in the list.
[00:45] <emgent> anyway if you like, you will see docs quickly in rapache.org :)
[00:46] <emgent> (sorry for reply delay)
[00:46] <emgent> zul: now i go to sleep, if you have more other question, feel free to mail me :)
[00:46] <emgent> night people
[02:20] <Colin__> I have three NIC's in my ubuntu server, I have one that goes to the LAN and the other two are for two separate dsl lines, does anyone know how I go about setting that up???  The server is up, and it has one line already connected. DHCP is working as well as the firewall.
[02:22] <nxvl> emgent: are you still around?
[02:25] <hansin> clear
[03:13] <dbbolton> does ubuntu server come with X ?
[03:13] <hads> It's not installed by default, no.
[04:06] <mathiaz> ScottK: have you heard about bogofilter-tokyocabinet ?
[04:06] <mathiaz> ScottK: I'm looking at bogofilter merge and the new version in debian added a new package, bogofilter-tokyocabinet
[04:07] <mathiaz> ScottK: which adds a tokyocabinet backend to bogofilter IIUC
[04:07] <mathiaz> ScottK: we're already disabling the qdbm backend in ubuntu
[04:10] <ScottK> mathiaz: I have no ideas about bogofilter.
[04:11] <ScottK> Without looking, I'm going to guess that would require promoting some new depends.
[04:11] <nxvl> mathiaz: i already packaged augeas (if you haven't noticed it already)
[04:11] <mathiaz> ScottK: yes - tokyocabinet
[04:11] <mathiaz> ScottK: I wonder why qdbm has been disabled though
[04:12] <mathiaz> ScottK: it's been disabled since breezy (or even hoary)
[04:12] <mathiaz> nxvl: awesome - I hadn't noticed
[04:12] <nxvl> mathiaz: it's on revu
[04:13] <nxvl> mathiaz: and on planet ubuntu
[04:15] <ajmitch> if it's a library, that's interesting package naming
[04:16] <nxvl> ajmitch: augeas?
[04:17] <ajmitch> yes
[04:17] <nxvl> yes, it's a library
[04:17] <nxvl> and yes, it's a funny name
[04:17] <ajmitch> so why isn't is libaugeas0? :)
[04:17] <nxvl> but, it's redhat people, you never know
[04:18] <nxvl> ajmitch: i have package it as libaugeas0
[04:18] <ajmitch> not according to debian/control
[04:20] <nxvl> oh
[04:20] <nxvl> you mean the source
[04:20] <nxvl> oh no
[04:20] <nxvl> i just saw it
[04:20]  * nxvl changes 
[04:21] <nxvl> mmm
[04:21] <nxvl> i have noticed a LOT of errors
[04:21] <ajmitch> yeah
[04:21] <ajmitch> like dh_makeshlibs being commented out
[04:21] <ajmitch> that's a small problem there )
[04:21] <ajmitch> :)
[04:22] <nxvl> also i forgot that it's kind of mixed package
[04:22] <nxvl> since it has library and binary parts
[04:22] <ajmitch> that's fine, it's not uncommon to have that
[04:23] <nxvl> ajmitch: yes, but i didn't package it that way
[04:23] <nxvl> well
[04:23] <nxvl> kind of
[04:23] <ScottK> I thought the source of the name was pretty obvious.
[04:23] <ajmitch> well that's what I grabbed off revu :)
[04:23] <ajmitch> ScottK: I was just commenting on the binary package names, mainly that it wasn't libaugeas0
[04:23] <ScottK> Ah.
[04:24] <ScottK> I like the reference to the Augean Stables given what it does.
[04:29]  * ajmitch wonders if debian/copyright should refer to the LGPL-2.1 file
[04:41] <nxvl> ajmitch: i'm uploading a new version to revu
[04:59] <ajmitch> nxvl: need to rename the .dirs & .install files if you're renaming the binary package in debian/control
[05:00] <ajmitch> should also be libaugeas-dev, and possibly a libaugeas-bin if there are additional binaries
[05:00]  * ajmitch doesn't know if the latter requires the lib- prefix
[05:07] <nxvl> ajmitch: yes, i have just pushed a new version
[05:07] <nxvl> ajmitch: including the binary package
[05:09] <mathiaz> nxvl: I'd use augeas-bin rather then libaugeas-bin
[05:09] <mathiaz> nxvl: or even augeas
[05:13] <ajmitch> ah, latest policy suggests libraryname-tools
[10:37] <AnRkey> how can i get all email for the admin account to go to one of my users? I have Postfix, Dovecot-Imapd, Procmail, and Fetchmail running off a catchall account running.
[10:38] <AnRkey> bleh.... - the extra running :D
[10:40] <hads> /etc/aliases ?
[10:46] <AnRkey> ta
[10:47] <AnRkey> one more question. There is an admin group, so i can't create a user for the admin email. will an alias be a problem for same reason?
[12:37] <Koon> jdstrand: on bug 220208, I almost pinned the problem down. Could you have alook at the last comment and tell me what you think of it ?
[12:41] <chmac> Generic dns question. Is _ a valid character in a hostname? I'm getting errors trying to add a dkim hostname...
[12:42] <hads> Nope
[12:44] <chmac> hads: Know anything about DKIM?
[12:44] <hads> No sorry
[12:44] <chmac> Neither do I! :)
[12:57] <ScottK> chmac: It's a valid domain name, but not a valid hostname.  That's the whole point.
[12:57] <ScottK> chmac: If some DNS package or some DNS provider doesn't allow it, it's a bug.
[12:58] <ScottK> chmac: I'm familiar with DKIM.
[12:58] <chmac> ScottK: Aha, ok, cool
[12:58] <chmac> So should `dig blah._domainkey.domain.com` resolve?
[12:58] <chmac> Or how are the names looked up?
[13:00]  * ScottK hands chmac dig txt 2007-00._domainkey.kitterman.com as an example.
[13:01] <chmac> ScottK: Oh la la :)
[13:01] <chmac> So _ should be valid in a cname record also right?
[13:01] <chmac> Our provider is asking us to set up dkim._domainkey.ourdomain.com to cname to their domain
[13:01] <ScottK> chmac: Yes.
[13:02] <ScottK> That's needed so they can dkim sign your mail as coming from your domain.
[13:02] <chmac> ScottK: Ok, getting a handle on it now, cool, thanks :)
[13:03] <ScottK> chmac: Before you do it, ask how they make sure they don't sign mail from some other customer of theirs that forges your domain.
[13:03] <ScottK> DKIM can only say the MTA signed it.  It's up to the provider to make sure the message came from a source authorized for that domain.
[13:03] <chmac> ScottK: Hehe, that would definitely be bad! They're pretty straight up I believe (I hope!)
[13:04] <ScottK> Generally large providers tend to just assume their customers won't do that.
[13:04] <chmac> ScottK: Hmm, good point
[13:05] <ScottK> It's a significant security consideration for both SPF and DKIM that isn't well dealt with by and large.
[13:05]  * ScottK manages to run a small mail service on the basis of making darn sure that doesn't happen.
[13:06] <chmac> ScottK: What's your business?
[13:07] <ScottK> I'm primarily a consultant, but I also have a small mail service I run (that's what the cname was to in the example I gave you).
[13:07] <ScottK> Email authorization and authentication technolgoies is one of my areas of specialty.
[13:08] <chmac> ScottK: Now that sounds like proper geek stuff! :)
[13:08] <ScottK> If you look, no need to tell me the web site sucks.  I'm well aware of that.  Web design is NOT one of my areas of speciality.
[13:11] <chmac> lol
[13:12] <chmac> ScottK: No, seriously, that site needs feedback. If nothing else, you could drop the background colour, I feel like my eyes are in pain!
[13:12] <chmac> ControlledMail looks fine, there's no background. It's straight text, but it looks ok.
[13:13]  * ScottK really does need to work on it.
[13:14]  * ScottK says what the heck and goes and at least does that.
[13:15] <chmac> ScottK: :) I'm glad I've made a positive impact on your web site today :)
[13:18] <chmac> ScottK: Impressive service, I like it. 50 emails a day sounds a little low, but I like the idea.
[13:18] <ScottK> That needs to be updated too as I changed the way I measure it.
[13:18] <ScottK> It's actually 2500 recipients / 24 hours now.
[13:19] <chmac> ScottK: Ok, that's waaaay more attract :)
[13:19] <chmac> $60 for a year of reliable email, not bad
[13:20] <chmac> ScottK: Do you offer an alternative to port 25 for ISP who block that port?
[13:22] <ScottK> 465 (for smtps) and 587 (for starttls).
[13:33] <marc-andre> hiho
[13:33] <lukehasnoname_> morning
[13:37] <jdstrand> Koon: re bug #220208
[13:37] <jdstrand> Koon: is it possible to install gutsy's nagios packages on hardy, just for the sake of the upgrade?
[13:38] <marc-andre> i try to set my server to UTF-8, but the env var LANG stays at "en_GB.ISO-8859-15"... i've putted LANG=en_GB.UTF-8 into /etc/environment and i did dpgk-reconfigure locales, do i miss something?
[13:38] <Koon> jdstrand: I will do that.
[13:38] <jdstrand> Koon: eg, install 2.9 on hardy, verify it's running, then apt-get upgrade to 2.11
[13:38] <jdstrand> Koon: it would be a lot less painful :)
[13:39] <jdstrand> Koon: and if it doesn't work, a simple debuild of the gutsy source package on hardy would still be easier than the dist-upgrade
[13:40] <jdstrand> where's ubottu?
[13:40] <jdstrand> ubottu: hey-- why aren't you showing me bug #220208 ?
[13:40]  * jdstrand kicks ubottu 
[13:53] <Koon> jdstrand: i can reproduce it on hardy by upgrading from nagios gutsy packages
[13:54] <jdstrand> Koon: great!
[13:54] <jdstrand> Koon: have you tried rebuilding hardy's with 'set -x'-- that might get you everything
[13:56] <Koon> jdstrand: no -- but upgrading to my own built packages using dpkg -i, I don't remember hitting the bug.
[13:56] <Koon> the sequence of events must be slightly different
[13:56] <jdstrand> Koon: interesting
[13:57] <jdstrand> Koon: do you know how to build your on apt repo?
[13:57] <Koon> jdstrand: no.
[13:57] <jdstrand> Koon: ok, let me get you some info
[13:57] <Koon> but I can look it up ;)
[13:57] <jdstrand> ...
[13:58] <jdstrand> Koon: it isn't always as straightforward as one would hope. I mean technically, it is, but I have a setup that works pretty well now
[13:59] <Koon> I could use a PPA but that may be overkill
[14:01] <jdstrand> Koon: well, I find a local repository is very convenient for doing upgrade testing with my -security updates and VMs. It's up to you how you want to proceed of course.
[14:01] <jdstrand> Koon: here is an overview http://paste.ubuntu.com/21390/
[14:03] <jdstrand> Koon: and a little helper script to do a lot of the leg work: http://paste.ubuntu.com/21391/
[14:03] <Koon> thanks
[14:03] <jdstrand> Koon: np
[14:04] <jdstrand> Koon: basically, you can dput or copy the debs in /var/www/debs/testing/<release>, then do 'update_repo <release>'
[14:04] <jdstrand> s/in/into/
[14:07] <jdstrand> Koon: keep in mind that if you have two versions of the same package in the <release> directory, apt-ftparchive may choose the earlier version, so 'apt-get update && apt-get -u upgrade' won't work as expected. You'll just want to clear out the old version in that case
[14:08] <jdstrand> Koon: and while it goes without saying, you'll need a functioning apache2/webserver install ;)
[14:08] <Koon> hehe :)
[14:13] <hansin> Not sure if this is a dumb question, but I installed Ubuntu Server 8.04, and I noticed that SSH listens on IPv6 port 22 (:::22).  When I connect via an IPv4 address netstat still states it is connected via tcp6.  No other services are doing this.  No functionality issue, just curious about this.  An input?  Thanks.
[14:26] <lukehasnoname> Anyone else think that three new kernels in two months is a little much?
[14:27] <jdstrand> lukehasnoname: if you are referring to hardy, it'll calm down once .1 is released
[14:30] <lukehasnoname> I sure hope
[14:30] <lukehasnoname> I've had to recompile my video driver every time that happens
[14:30] <lukehasnoname> er
[14:30] <jdstrand> it's not just the kernel, but all kinds of SRUs
[14:30] <lukehasnoname> reinstall, its a binary
[14:30] <jdstrand> of course, those don't require you to recompile your video driver
[14:34] <ogra> well, nothing should require him to do that if he uses the packages for his driver instead :)
[14:40] <lukehasnoname> so jdstrand, are they just squeezing out updates to make sure everything is stable for a point release?
[14:44] <jdstrand> lukehasnoname: that is my understanding-- there was one -security update, and the others are SRUs
[14:45] <jdstrand> lukehasnoname: the SRU process was slightly relaxed to try to get in fixes for .1 since hardy is LTS
[14:47] <Koon> jdstrand: when you said "rebuild with set -x" you meant in which file ? the init ?
[14:48] <jdstrand> Koon: postinst or preinst-- whichever you think is failing
[14:48] <jdstrand> or both
[14:48] <Koon> I thought prerm was failing but that's the old one that gets executed
[14:49]  * Koon digs further in between
[14:49] <jdstrand> Koon: yes, but then the new one is tried
[14:50] <jdstrand> Koon: that's how maintainer scripts work. http://women.debian.org/wiki/English/MaintainerScripts
[14:51] <emgent> argh.. another xss in drupal..
[14:58]  * Koon grumbles.
[15:02]  * ivoks hates smart printers
[15:05] <zul> ivoks: hey
[15:06] <ivoks> zul: hello!
[15:06] <zul> ivoks: drbd question for you will the 8.2.6 kernel modules work with 8.0.12?
[15:06] <ivoks> huh... most probably not
[15:06] <zul> dang...
[15:06] <zul> thanks..
[15:07] <ivoks> what are you trying to do?
[15:07] <zul> ivoks: i just merged 8.0.12 and there is 8.2.6 modules in the ubuntu-intrepid tree
[15:08] <ivoks> there's 8.2.6 in kernel source?
[15:08] <ivoks> drbd is accepted in main kernel tree?
[15:08] <ivoks> wow! :D
[15:09] <zul> ivoks: no its the one from drbd.org in linux-ubuntu-modules
[15:09] <ivoks> oh, ok
[15:09] <ivoks> then we will have to package userspace tools to
[15:09]  * ivoks still doesn't have intrepid buildd :((
[15:10] <zul> ivoks: im in the process of doing that dont worry about it :)
[15:11] <melter> what's the difference between the geo-ip-perl and geo-ipfree-perl?
[15:19] <AlexC_> hey
[15:19] <ivoks> belive it or not...
[15:19] <ivoks> my printer decided that my colors have expired
[15:19] <AlexC_> when using 'top', the amount of memory a process is taken out is under 'res' or 'virt'?
[15:19] <ivoks> and refuses to print until i replace them
[15:19] <AlexC_> s/out/up
[15:28] <MrJDeaL> hi
[15:30] <lukehasnoname> hi
[15:32]  * lukehasnoname waves
[15:32] <lukehasnoname>  /dance
[15:34] <MrJDeaL> :)
[15:40] <Koon> jdstrand: in fact it's the nagios2-common.prerm script that fails. it's partly autogenerated by dh_installinit and uses the "|| exit $?" stanza. When upgrading the prerm script from nagios2-common is executed after the nagios2 one.
[15:42] <Koon> I'm searching for the right way to fix it
[15:42]  * jdstrand nods
[15:47] <sommer_> mathiaz: I was working on the ldap documentation and was wondering if there are any ldap cli tools to mange users, groups, etc ?
[15:48] <sommer_> mathiaz: or at least ones that are integrated with ubuntu
[15:48] <jdstrand> sommer_: ldapscripts
[15:48] <sommer_> mathiaz: I took a look at the ldapscripts package, and it look promising
[15:48] <mathiaz> sommer_: not that I know of
[15:48] <jdstrand> sommer_: IIRC they need to be edited somewhat
[15:48]  * delcoyote hi
[15:49] <sommer_> jdstrand: ya, that's what I noticed, and I was wondering if they handle samba attributes?
[15:49] <sommer_> jdstrand: I use some custom ruby scripts myself, but I think that wouldn't be the best way to document it :)
[15:49] <sommer_> any plans to better integrate ldapscripts?
[15:50] <mathiaz> sommer_: that could be an option
[15:50] <jdstrand> sommer_: this is in my notes:
[15:50] <jdstrand> Because ldapscripts use getent to resolve a group name to a gid, if don't have
[15:50] <mathiaz> sommer_: I haven't looked into these scripts
[15:50] <jdstrand> nsswitch.conf and libnss-ldap setup on the authorization (ie ldap) server, then
[15:50] <jdstrand> may need to do:
[15:50] <jdstrand> $ ldapsearch -b ...
[15:50] <jdstrand> $ ldapadduser foobar <gidNumber>
[15:51] <jdstrand> (if configure BASE in /etc/ldap/ldap.conf, then don't need to specify the '-b ...'
[15:51] <jdstrand> )
[15:51] <sommer_> jdstrand: ya, they didn't work out of the box for me, even after adjusting the configs, for me there was also some awkwardness with the cli options
[15:51] <jdstrand> sommer_: will likely also want to edit /etc/ldapscripts/ldapscripts.conf
[15:52] <sommer_> jdstrand: yep did that, didn't spend too much time on it yet so the config probably just needs tweeked
[15:52] <jdstrand> sommer_: I think the overall plan is to get adduser to do some of this, once the heirarchy et al is implemented. mathiaz knows more about that
[15:53] <jdstrand> sommer_: are you using GSSAPI perchance?
[15:53] <sommer_> ah, I was thinking that may be a better aproach :)
[15:54] <sommer_> jdstrand: I don't think I'm using gssapi... unless it's on by default
[15:55] <jdstrand> sommer_: no. I did some patches to /usr/share/ldapscripts/runtime to specify different bind mechanisms
[15:55] <jdstrand> (just locally)
[15:55] <mathiaz> sommer_: well - one option is to add ldap support to adduser - whether that will be part of intrepid is a good question
[15:55] <sommer_> jdstrand: ah cool
[15:56] <sommer_> mathiaz: I see... just fyi I'd be very willing to help with that
[15:56] <sommer_> my ruby scripts are to be honest pretty hacky
[15:57] <mathiaz> sommer_: yeah - I think that everyone has their own hacky scripts
[15:57] <mathiaz> sommer_: providing a standard way would help a lot
[15:58] <sommer_> seems like everyone is caught up in finding a gui tool for this kind of thing, but a cli ldap user management utility is needed as well, at least a well intergrated one, heh
[15:59] <mathiaz> sommer_: yes - the issue IMO is how flexible it is with the schema
[16:00] <sommer_> mathiaz: sure, that's a good point... the cool thing about smbpasswd is that it adds the samba attributes for you
[16:00] <sommer_> I like the way ldapscripts allows you to use custimized templates
[16:01] <mathiaz> sommer_: yes - I should have a look into the ldapscripts
[16:01] <mathiaz> sommer_: once we have the cli - then we could build/integrate gui
[16:01] <lukehasnoname> Ah, nothing like watching a package-manager debate on ##freebsd
[16:02] <sommer_> mathiaz: cool, well just let me know if there's anything I can help with, test, etc
[16:05] <sommer_> mathiaz: in the mean time I'll work on documenting ldapscripts as way to manage users
[16:05] <hansin> IRC question, what does the double pound symbols (##) vs. the single pound (#) symbol mean for a channel, as represented above?
[16:05] <mathiaz> sommer_: great - file bug reports if things are not working correclty
[16:06] <lukehasnoname> ## is for non-official chats, # is for channels verified to be associated with an organization
[16:06] <lukehasnoname> although ##freebsd is the FreeBSD channel. </offtopic>
[16:08] <hansin> Thanks, that helps.
[16:23] <lukehasnoname> Hey guys, for a repo mirror, can I just download the entire directory of the ubuntu U.S. repo instead of using apt-mirror?
[16:31] <hansin> My screen session locked up, and I had to reset irssi, so I lost a question I accessed earlier.  Does anyone know why SSH runs as IPv6, and does it even matter?  Thanks.
[16:31] <hansin> s/asked
[16:32] <Koon> jdstrand: the idea is to fix it by having nagios2-common.prerm gracefully fail if nagios2 was already stopped. I have two ways to fix it :
[16:32] <Koon> jdstrand: 1/  just patch nagios2-common.prerm so that it contains what we want (lintian will complain that it does not contain #DEBHELPER#)
[16:33] <Koon> jdstrand: 2/ make use of --error-handler in dh_installinit (required mods in rules and nagios2-common.prerm so slightly heavier patch)
[16:34] <Koon> jdstrand: which one do you prefer for a security patch ?
[16:35] <jdstrand> Koon: for -security the smaller patch wins
[16:36] <Koon> jdstrand: ok, will post it on the bug.
[16:36] <jdstrand> Koon: for intrepid, whatever is best, and then forward to debian
[16:36] <ivoks> Koon: hi
[16:37] <Koon> jdstrand: no nagios2 fopr intrepid, will see if it's in nagios3
[16:42] <mathiaz> Koon: the second option is probably the best one
[16:43] <Koon> mathiaz: yes
[16:48] <jdstrand> Koon: how small are the changes for --error-handler?
[16:48] <Koon> very small... I'll post the two, make your choice
[16:49] <jdstrand> Koon: just a one line change in rules? I'd be ok with that.
[16:49] <mathiaz> jdstrand: usually - just one line in debian/rules
[16:49] <jdstrand> Koon: well, that is probably fine then
[16:49] <Koon> mathiaz: I still have to implement the error_handling function ?
[16:49] <jdstrand> Koon: cool. just ping me when ready
[16:49] <Koon> mathiaz: in the prerm file ?
[16:50] <zul> mathiaz: im going to keep a list of things to fix for 8.04.2
[16:51] <mathiaz> Koon: well - it depends what function should be the error_handling
[16:51] <mathiaz> Koon: I've used true sometime
[16:51] <mathiaz> Koon: so you don't have to implement a specific function
[16:51] <Koon> echo "Nagios was probably already stopped"; exit 0
[16:52] <mathiaz> Koon: well - then true works in that case
[16:52] <mathiaz> Koon: is there real value to add a message in a prerm script ?
[16:52] <mathiaz> Koon: add *that* message
[16:53] <Koon> mathiaz: well... see the output during the update on https://bugs.launchpad.net/ubuntu/+source/nagios2/+bug/220208/comments/7
[16:53] <mathiaz> Koon: if the goal is to fail if the daemon has already stopped, then you can just use true as the error handler
[16:53] <Koon> mathiaz: it looks a little strange to say "failed -- looks like it went ok"
[16:54] <Koon> mathiaz: but you're the expert ;)
[16:55] <mathiaz> Koon: well - you're attached patch looks okay to me - but you can replace it with --error-handler=true
[16:55] <mathiaz> Koon: it will generate exactly the same code :)
[16:55] <Koon> and avoid the lintian warning.
[16:55] <mathiaz> Koon: We're doing the same thing in apparmor
[16:55] <Koon> ok then.
[16:56] <mathiaz> Koon: when we upgrade the profiles but the kernel is not updated yet, the apparmor init script fails to reload the profiles
[16:56] <mathiaz> Koon: so to avoid an upgrade failure we just ignore the init script failure
[16:56] <mathiaz> Koon: in that case it's a legitimate thing to do
[16:57] <mathiaz> Koon: glancing through the bug report, it seems that it's legitimate to ignore the failure to stop the daemon in nagios-common
[17:22] <zul> mathiaz: ping
[17:23] <Koon> jdstrand: smaller/better patch posted on the bug. Tested ok.
[17:24]  * jdstrand looking
[17:25] <jdstrand> Koon: so that's it-- a one-liner?
[17:26] <Koon> well. hm. yes. Lots of hours to produce that, I know ;)
[17:26] <jdstrand> Koon: heh. nice work! I will get this rolling and pushed out today
[17:27] <ScottK> Sometimes it's really hard to create a simple solution.
[17:29] <cara> Hi all
[17:30] <cara> I'm having an issue with my server and its clients.  I set up my server as a router/dhcp ... it gives my clients addresses but when I look in their routing tables I see that they are getting my previous server's name as the gateway.  Where could they get this name from?
[17:33] <zul> mathiaz: im about to head for lunch but I begin tracking stuff for after 8.04.1 is relased on a seperate page
[17:33] <zul> https://wiki.ubuntu.com/ServerTeam/StableReleaseTracker
[17:36] <mathiaz> zul: what is currenttracking ?
[17:36] <mathiaz> zul: is this material for 8.04.2 ?
[17:36] <mathiaz> zul: if so, I'd rename it to StableTracker8042
[17:36] <mathiaz> zul: the same way as 8.04.1
[17:44] <cara> can anyone help me?
[18:18] <jdstrand> kirkland: oh, fyi, I updated the initscript and added a manpage for nssldap-update-ignoreusers when doing the libnss-ldap update
[18:18] <kirkland> jdstrand: oh, cool
[18:19] <kirkland> jdstrand: i forgot that was a work item
[18:19] <kirkland> jdstrand: or, rather, i may not have ever realized that was a work item :-/
[18:19] <jdstrand> kirkland: well, I was the last to touch it, so I got to merge it
[18:19] <kirkland> jdstrand: ;-)
[18:19] <jdstrand> I ran lintian on it and those two things popped up
[18:44] <cxo> what is the initrd.img link in / used for?
[18:46] <zul> mathiaz: done
[18:46] <mathiaz> jdstrand: hm - whenever I try to install libnss-ldap/libpamldap nscd is installed by default
[18:46] <mathiaz> jdstrand: I'm currently merging libpam-ldap
[18:46] <mathiaz> jdstrand: does it make sense to have nscd pulled in by default ?
[18:51] <jdstrand> mathiaz: I saw that too-- it's because of mvo's apt change to pull in Recommends automatically
[18:52] <jdstrand> mathiaz: ultimately, it is probably a good thing. for initially configuring it, perhaps not
[18:53] <jdstrand> mathiaz: I thought it might be worth discussing, so didn't incorporate changing it to Suggests into my merge (which also Recommends nscd)
[18:56] <mathiaz> jdstrand: right - have you seen the latest comment from the debian maintainer ?
[18:56] <jdstrand> mathiaz: the 'from your friendly debian maintainer' comment?
[18:56] <mathiaz> jdstrand: yeah
[18:57] <jdstrand> mathiaz: yeah
[18:58] <jdstrand> mathiaz: without having looked at any of the code, the openldap stuff sounds like it be rally good, if we can get it in
[18:58] <mathiaz> jdstrand: one of the item for intrepid is to get the new nss ldap overlay in shape
[18:58] <jdstrand> s/rally/really/
[18:58]  * jdstrand nods
[18:58] <mathiaz> jdstrand: yes - this is why I skipped the libnss-ldap merge
[18:59] <mathiaz> jdstrand: I wonder if it's worth spending time on doing merge with the mid-term plan is to drop it
[18:59] <jdstrand> mathiaz: merge is done
[18:59] <mathiaz> jdstrand: well - the question is no more then :)
[18:59] <mathiaz> jdstrand: I've just uploaded libpam-ldap
[18:59] <jdstrand> mathiaz: 260-1ubuntu1 is uploaded and in intrepid :)
[19:00] <mathiaz> jdstrand: do you have an ldap server for your testing ?
[19:00] <jdstrand> mathiaz: 260 was supposed to fix stuff, so I just merged it
[19:01] <jdstrand> mathiaz: I do, but I haven't been doing much with it lately
[19:01] <mathiaz> jdstrand: I've tried to use ldapscripts in intrepid but it wasn't working
[19:02] <mathiaz> jdstrand: first it still uses /etc/pam_ldap.conf - but then the ldapaddgrp script wasn't working with neither dash nor bash
[19:02] <jdstrand> mathiaz: I haven't tried them lately
[19:02] <jdstrand> mathiaz: sounds like the need some love
[19:04] <sommer_> mathiaz: found the same issue with hardy ldapscripts
[19:04] <sommer_> mathiaz: haven't had time to file a bug yest though
[19:04] <sommer_> er yet
[19:04] <mathiaz> sommer_: issue == ?
[19:04] <mathiaz> sommer_: not working with a POSIX shell ?
[19:05] <sommer_> sorry, looking for /etc/pam_ldap.conf... has several egrep errors at least ldapadduser did
[19:05] <mathiaz> sommer_: right - this is something that is different between debian and ubuntu
[19:05] <sommer_> mathiaz: yep, just wanted to fyi when I noticed you talking about it
[19:05] <mathiaz> sommer_: once ln -s /etc/ldap.conf /etc/pam_ldap.conf scripts complain about trap
[19:07] <sommer_> ah, I'll give that a try
[19:10] <lukehasnoname> hey, where is the gui spec on the wiki? don't we have an outline of what we're trying to achieve/
[19:10] <kees> kirkland: can you untag "bitesize" from 64064 since it isn't?  ;)
[19:10] <kirkland> kees: :-)  sure
[19:11] <kirkland> kees: untagged "bitesize"
[19:11] <kees> kirkland: cool, thanks.
[19:11] <kirkland> kees: i did submit a "bitesize" patch to that one, doesn't address your network filesystem concerns, though
[19:12] <kirkland> kees: (which i must admit, i do not entirely grasp atm)
[19:36] <Arrick> hey all
[19:36] <Arrick> hey, anyone know how to import a mysql.sql db into mysql from terminal on a server setup?
[19:41] <zul> mathiaz:  so should php5 depend on libdb4.6-db rather than libdb-dev because it looks like its pointing to libdb4.7-dev right now
[19:41] <zul> The following packages have unmet dependencies:
[19:41] <zul>   libdb-dev: Depends: libdb4.7-dev (= 4.7.25-0ubuntu2) but it is not going to be installed
[19:41] <zul>              Conflicts: libdb4.6-dev but 4.6.21-10 is to be installed
[19:45] <Arrick> hey, anyone know how to import a mysql.sql db into mysql from terminal on a server setup?
[19:46] <zul> Arrick: couldnt you do mysql -u root -p < databasefile
[19:46] <Arrick> dunno, im not an sql guy lol
[19:46] <Arrick> I can try
[19:47] <ScottK> zul: As long as you are consistent about build-dep libdb4.x-dev and depends  libdb4.6y where x == y I don't think it matters which.
[19:47] <Arrick> nope, it says no DB selected
[19:53] <infinity> zul: Perl, apache, python, and PHP should always build-dep on the same version of libdb-dev
[19:53] <infinity> zul: (Generally updated in roughly that order)
[19:53] <infinity> zul: libapache2-mod-perl2 in that list, too.
[19:53] <zul> infinity: arrgh..
[19:54] <infinity> zul: Oh, and subversion.
[19:54] <zul> infinity: I was going to use Build-Depends on libdb4.6-dev
[19:54] <infinity> zul: Subversion being the most annoying of the bunch, because it uses transactions, and needs migration code.  But I think David and I sorted that out long ago with db4.2->db4.3 or so.
[19:55] <infinity> zul: libdb4.6-dev should be fine, if that's what we've settled on for this cycle, just make sure it's the same for all of the above.
[19:55] <infinity> zul: (and anything else you can find in that mess of "interpreted languages and apache modules")
[19:56] <zul> I dont think we have settled on any for this cycle bug that can be bumped when it comes to it
[19:56] <infinity> zul: The key being that you never want to have more than one libdb version loaded into apache's memory space at the same time.
[19:56] <ScottK> zul: I'd suggest you do a survey and then write ubuntu-devel with the right answer.
[19:57] <zul> infinity: apr-util uses libdb4.6-dev still though
[19:57] <infinity> zul: Right, then the rest of them should use libdb4.6 as well, until someone decides to do otherwise.
[19:57] <zul> infinity: cool
[20:00] <infinity> zul: Note that if distro has decided to rev perl to 4.7 (Perl's usually the first to bump), then apr-util/apache/php/python/subversion/etc all need to follow ASAP.
[20:01] <zul> infinity: cool Ill make a note of it
[20:17] <Arrick> zul, I installed phpmyadmin and got it, thanks though
[20:18] <Arrick> now to figure out how to fine where the mysql(i).so file is so I can config apache to work with it
[20:18] <Arrick> hrm, nevermind
[20:50] <hansin> I was curious about US 8.04 running exim4 by default.  I am no expert here, but I assume it is set to only be used for local services to route emails.  Does anyone know anything about this?  I don't see it listening to any ports.  Sorry about my novice status in this areas.  Thanks.
[21:01] <mathiaz> zul: why is that nagios-plugins is in main, but neither nagios2 nor nagios3 are in main ?
[21:24] <enaner> what are somet hings i can do with the ubuntu server edition
[21:25] <mathiaz> enaner: https://help.ubuntu.com/8.04/serverguide/C/index.html
[21:27] <enaner> mathiaz can u tell me briefly
[21:27] <enaner> theres a lotta info in that page
[21:27] <enaner> whats a openssh server
[21:28] <enaner> i just wanna toy with a spare comptuer
[21:28] <enaner> what do u suggest
[21:31] <enaner> i want to run a IRC server
[21:46] <jjesse> if i was going to stand up a simple email server for pop and smtp what would be the reommendation?
[21:46] <jjesse> internal only for demoing something for work
[21:47] <hansin> enaner: You can do a lot.  The SSH server allows you to access that computer via another computer using the SSH protocol.  I run US 8.04 on an older PC headless (no monitor) and access it via SSH (I use putty as an SSH client on XP, and SSH via the shell when in Linux).  You can run all sorts of "services" via Ubuntu Server.  The cool thing about Ubuntu Server is that by default it does not install and run all sorts of services th
[21:48] <ScottK> jjesse: Postfix + Dovecot.
[21:48] <jjesse> ScottK: simple install and config?
[21:48] <jjesse> never done it before
[21:48] <jjesse> apt-get install postfix apt-get install dovecot?
[21:49] <ScottK> Server guide has good docs on it.
[21:49] <jjesse> awesome will work on it
[21:49] <ScottK> Basic postfix setup is pretty easy.
[21:53] <lukehasnoname> var/: Contains variable files. These include runtime files used by programs, log files, spool directories, databases, and other items that change with the normal operation of the system and its applications.
[21:53] <lukehasnoname> Why do (likely to be) static web pages go in a subdir of /var?
[21:54] <ScottK> Because they are data for the web server package.
[21:55] <mathiaz> lukehasnoname: http://pathname.com/fhs/pub/fhs-2.3.html
[21:55] <mathiaz> lukehasnoname: I think /var/www/ is for historical reasons
[21:55] <mathiaz> lukehasnoname: according to FHS, it could be moved to /srv
[21:57] <lukehasnoname>  /var/www isn't even in that document, 1994-2004. /srv would make sense under that definition, or under a different logic, so would /usr/local/apache
[22:00] <lukehasnoname> nah, /srv would make sense
[22:00] <lukehasnoname> rather, /srv/www
[22:02] <enaner> hansin: can i install the desktop edition on my headless computer and access it thru SSH?
[22:03]  * lukehasnoname goes to /Meeting
[22:06] <jjesse> ScottK: once i install, how do i add new mailboxes?
[22:07] <jjesse> nerver mind will read the documentation :)
[22:07] <hansin> enaner: You should be able to as long as you install the SSH server (I know it installs the SSH client by default, but can't remember if it installs the SSH server and has it start up automatically).  I installed my server edition using a monitor and keyboard for install, then shut it down and pull the monitor and keyboard and installed it on my network and booted it back up.  But, yes it is possible, just not sure if you need to 
[22:09] <enaner> hansin can you guide me through it
[22:09] <enaner> i am almost finished with the installation of the server edition
[22:09] <jjesse> enaner: have you installed the ssh server?
[22:09] <jjesse> if i recall correctly there was an option during installation
[22:09] <enaner> i installed like all the servers
[22:09] <enaner> i selected all of em
[22:10] <jjesse> when ssh is installed
[22:10] <jjesse> if you are using putty then you open a new session and putin the address and make sure ssh is chosen
[22:11] <hansin> enaner: Yes, it is one of the install options.  I think in the past you got SSH server by default, but now you hvae to pick it.  I don't know what happens if you don't, because I chose it (like I said, I think it used to be default).  I did NOT install LAMP, email server, etc.  Just SSH.  I can add the rest later, but if you installed these it isn't too big of a deal, especially if you are looking to learn things.
[22:11] <hansin> enaner: Are you trying to run all this on an internal network?  At home?
[22:15] <enaner> hansin but when i access it with the SSH, what are some things ill b able to do?
[22:16] <jjesse> enaner: everything you can do from the console
[22:16] <enaner> what exactly can i do from the console
[22:16] <enaner> can i run a irc network
[22:16] <jjesse> what are you trying to do?
[22:16] <enaner> or a website
[22:17] <jjesse> enaner: yes you can with the right packages installed, have you read through the server guide?
[22:17] <jjesse> anyone else having problems getting to the dovecot site?  www.dovecot.org
[22:20] <hansin> enaner: I take you are pretty new to this.  That is okay, it just means you are going to go through a bit of a learning curve.  I personally like the simplicty of Ubuntu Server (not that it can't be set up to do powerful things), and think it is a great way to learn about using a server based Linux installation.  I am by no means an expert, but I can navigate the CLI (command prompt) pretty well.  Yes, you can run a web server (ma
[22:23] <hansin> Right now I am at work and am using SSH to log into my box, and have irssi (IRC chat client) running in screen (a console "mulitplexer).  I have MySQL installed and also Lighttp and nginx, but I am not really doing anything with them right now.  My internet provider leaves all ports open, so I can in theory make available all sorts of services as long as the don't generate too much incoming traffic.
[22:23] <lukehasnoname> hansin what ISP you have
[22:23] <lukehasnoname> where you live, is the better question
[22:24] <hansin> Comcast cable ;)  In Colorado.  They seem to leave all ports open as long as you don't abuse it, which I intend not to do (maybe they block 25; not sure).  I know there was the whole bittorrent traffic issue, but that hasn't affected me.
[22:24] <enaner> hansin what im trying to do right now is ... be able to access that computer from this one that im using ... basically not use ne keyboard mouse or monitor for the server computer
[22:24] <enaner> i need your help to set this up
[22:24] <enaner> after that ill set things up
[22:24] <enaner> by reading stuff
[22:25] <jjesse> enaner: then use ssh
[22:25] <jjesse> it will give you "console" access
[22:25] <enaner> yes but how?
[22:25] <lukehasnoname> hansin: They throttle BT and such and I hate them
[22:25] <enaner> type ssh on the server comp?
[22:25] <jjesse> enaner: from what computer are you going to be accessing the server?
[22:25] <jjesse> what operating system?
[22:26] <hansin> But it is coole (and why I don't use DSL) because I get a public IP address (sure, dynamic, buy I can use dynamic DNS, and it really doesn't change often) and I can test and play with all sorts of services from home.  Works for me.  I know if the BT issue, and I use BT a bit, but the other stuff I state here is much more important to me.
[22:26] <enaner> both ubuntu
[22:26] <enaner> one desktop and one server
[22:27] <jjesse> then open up a terminal session adn type ssh ip address
[22:27] <hansin> enaner: do you have both PCs connected directly together, or are both plugged into a router?
[22:27] <enaner> router
[22:28] <hansin> okay, and you will need to know the IP address of the ubuntu server PC.  I assume it is set for DHCP, but then you need to know what IP address your router assigned it in order to SSH into (you need to know its "telephone number" so to speak).
[22:28] <enaner> yea
[22:29] <enaner> the ip addresses are going to be different i assume
[22:29] <enaner> is there a command i can type inthe server comp to get its ip
[22:29] <hansin> okay, and what OS are you running on you desktop?  I don't care, just need to know (yes, the router should assign a uniqe IP address for each).
[22:29] <enaner> Ubuntu 8.04
[22:30] <hansin> okay, do you know how to open a terminal from your desktop?
[22:30] <enaner> hardy for both server and desktop
[22:30] <enaner> no clue
[22:30] <enaner> o yea
[22:30] <enaner> i noe
[22:30] <enaner> lol
[22:30] <hansin> open one up...
[22:30] <enaner> done
[22:30] <hansin> type in "ifconfig".  What does it say (just need the IP address it returns)?
[22:31] <hansin> for example: 192.168.1.xxx
[22:31] <enaner> yea
[22:31] <enaner> got it
[22:31] <hansin> but that is the IP address for your desktop, not your server...
[22:32] <enaner>  inet addr:
[22:32] <enaner> Bcast:1
[22:32] <enaner> Bcast:1
[22:32] <enaner> and mask
[22:32] <enaner> it shud b the inet addr:
[22:32] <enaner> right
[22:32] <hansin> just inet address:
[22:32] <hansin> yes
[22:33] <hansin> enaner: who do you get internet from?
[22:33] <enaner> cable vision
[22:33] <enaner> optimum
[22:33] <hansin> Are you connected to you router via Ethernet cables for both PCs?  No wirelss?
[22:34] <enaner> ethernet for both
[22:34] <hansin> So what I need is the entry for inet addr: to help
[22:34] <enaner> well i have 3 comps in total connected to router thru ethernet
[22:34] <hansin> Most likely 192.168.1.xxx (this is called a Private IP address, and is not accessable through the internet like a Public IP address would be).
[22:35] <enaner> http://pastebin.ubuntu.com/21493/
[22:36] <enaner> wud it b dangerous
[22:36] <enaner> if someone gets this info
[22:37] <enaner> hansin: ?
[22:37] <hansin> enaner: No worries about this, because this is a Private IP address.  No one can hit your PC/network with a 192.168.1 IP address...
[22:38] <enaner> ok
[22:38] <enaner> ok so what shud i do next hansin
[22:39] <hansin> So what you need to figure out is what the server IP address, but without having a keyboard or monitor connected to the server PC, you can not run "ifconfig" on the server directly to figure this out...  Give me a sec here to think what I would do (I'm thinking ping...)
[22:39] <hansin> One last quick question, did you set both the desktop and server boxed up with the same account name?
[22:41] <hansin> enaner: You said you had 3 PCs plugged into the router.  Was the server the third one added?  FYI, 192.168.1.1 is VERY much likely your router's IP address for the interface that is facing LAN side (your internal network).
[22:42] <hansin> I am assuming the extra PC (not the ones we are talking about here; you desktop and server) was the first one that was attached to your router?
[22:53] <hansin> enaner: You still here?  I am at work so I will have to jump back in and out, but I am guess your IP address for you server is 192.168.1.4; but would need to test.  Maybe you are already in.
[23:01] <Ballena> To get write access to the /var/www owned by www-data; is the only thing I have to do adding me self as a member of that group?
[23:08] <enaner> yea im here hansin
[23:08] <enaner> what shud i do
[23:11] <enaner> ne one here?
[23:14] <enaner> ﻿slayton: I would like to access a PC(ubuntu-server) that is connected to the same router as the one I am currently using (ubuntu hard). What should I do if I want to use the server computer headless aka from this computer through SSH. I have no idea, and I will have to do it now, as I will have to return my brothers keyboard and Monitor ASAP .. thanks in advance for your help. :)
[23:18] <hansin> enaner: If you are around and have a few minutes, I can help, but I am at work so need to go "boom, boom, boom" and get it done.
[23:22] <enaner> yea
[23:22] <enaner> im around
[23:22] <enaner> im waiting for you actually
[23:23] <enaner> 127.0.0.1 < could this be the ip address of my server pc? thats wat it says after i type ifconfig
[23:23] <enaner> so then i tried
[23:23] <enaner> "ssh murgi@127.0.01"
[23:24] <enaner> root@enaner-desktop:~# sudo ssh murgi-server@127.0.0.1
[23:24] <enaner> ssh: connect to host 127.0.0.1 port 22: Connection refused
[23:25] <hansin> enaner: 127.0.0.1 is what is called the loopback address.  It is basically a way for the computer to communicate with itself.  You didn't see any entery for eth0 or ethX (1,2,3 whatever)?
[23:26] <hansin> enaner: learn about using sudo.  Looks like you are logged in as root on your desktop.  Just search "root" and "ubuntu" when you have time...
[23:28] <enaner> yea
[23:28] <hansin> enaner: so your 127.0.0.1 entry for "ifconfig" is for device "lo".  That is your loopback device and is only used for internal communication for a single PC.  Seach "loopback device" to learn more when you can.
[23:28] <enaner> k
[23:28] <enaner> so how do i find the ip
[23:29] <hansin> enaner: So try running "ping 192.168.1.2" and let me know sort of what it says (does it say host unreachable?"
[23:29] <hansin> From 192.168.1.100 icmp_seq=1 Destination Host Unreachable
[23:29] <enaner> unreachable
[23:29] <hansin> not what you want...
[23:29] <enaner> root@enaner-desktop:~# sudo ssh murgi-server@127.0.0.1
[23:29] <enaner> ssh: connect to host 127.0.0.1 port 22: Connection refused
[23:30] <hansin> try "ping 192.168.1.4"
[23:30] <enaner> same thing
[23:30] <enaner> unreachable
[23:30] <hansin> enaner: you don't want to ping or SSH to 127.0.0.1...  You woud be in essence hitting the same machine you are running these on...
[23:31] <hansin> My guess is your server box hasn't aquired an IP address, since you are only getting back 127.0.0.1 (I assume you plugged your monitor and keyboard into the server and ran"ifconfig")
[23:32] <enaner> yea
[23:32] <qman__> Hi guys, I was wondering if someone could help me write an init script. I installed srcds on a ubuntu box, and am going to use it to run a Counter Strike Source game server. I created a user just for this purpose, and got the server functional and all.
[23:32] <enaner> well its currently plugged into my brothers monitor+keyboard+mouse
[23:33] <qman__> I want to create an init script that runs the server as that user, for security purposes
[23:34] <hansin> enaner: okay, run "ifconfig" and tell me if it has only an entry for "lo" or if there is one for "eth0" as well.
[23:39] <hansin> enaner: Any luck??
[23:53] <enane1> sorry
[23:55] <hansin> enaner: I'm out of here in about 15 minutes...  So let me know if you want to try this...
[23:56] <enaner> yea
[23:56] <enaner> ill do wateva u say
[23:57] <enaner> go ahead
[23:57] <hansin> do you have keyboard+monitor access to the server PC?
[23:57] <enaner> yea
[23:57] <hansin> enaner: okay, run "ifconfig" and tell me if it has only an entry for "lo" or if there is one for "eth0" as well.
[23:58] <enaner> only for lo
[23:58] <enaner> i just checked
[23:58] <enaner> but if i type ifconfig eth
[23:58] <enaner> then something does come up
[23:58] <enaner> but nothing that looks like a ipnumber
[23:59] <hansin> on server type "cat /etc/network/interfaces"
[23:59] <enaner> ok