/srv/irclogs.ubuntu.com/2008/07/07/#ubuntu-server.txt

Orfeousgoing to uninstall ubuntu-server and install debian again.00:21
Orfeousthis wasnt like i expected00:21
Orfeoussee you00:21
=== nxvl_ is now known as nxvl_work
=== nxvl is now known as Guest59286
=== nxvl_work is now known as nxvl
methodswhen i run sudo i get no output and the command does not execute from what i can see05:56
AtomicSparkthe only difference between server and desktop installs (minus packages) is something about cpu timing? i forget.07:07
LTSPTNKAnyone here with a glue in integrating Ubuntu (LTSP envinroment) into Active Directory domain?07:16
sorenmethods: Is that a question?07:16
methodssoren:  when i run a command using sudo it gives me no output and doesn't run the command...07:17
sorenLTSPTNK: ogra is our LTSP dude.07:17
sorenogra: ^^07:17
sorenmethods: What command are you trying to run?07:18
methodsdoes this mean my sudoers file is messed p ?07:18
methodssudo echo test07:18
sorenmethods: And nothing at all happens?07:18
methodsnope just returns07:18
sorenInteresting. Did you edit your sudoers file?07:19
methodsidk maybe but i dont think i did07:19
methodsi have no root password either so i can't do anything07:19
sorenYou can always boot into recovery mode.07:19
methodsit's remote07:19
sorenhmm..07:20
sorenWell, you can't read your sudoers file, but can you see if it's maybe been truncated?07:20
soren(i.e. size is 0)07:20
methods-r--r----- 1 root root 394 May 13 05:51 /etc/sudoers07:21
methodswell another thing is that it asks me for the password every time07:21
methodsnormally it caches it right07:21
soren394 sounds a bit small.07:22
sorenAh, so it does actually ask you for a password?07:22
sorenYou said that it just returns..07:22
methodsyea i put in my password and it just returns07:23
soren/var/run is mounted alright?07:24
methodsyes07:24
sorenI know it sounds lame, but have you tried rebooting it?07:24
methodswhat would that do ?07:25
sorenI don't know. Since I don't know what you did to break it, it's sort of hard to come up with good ideas to fix it.07:25
sorenEspecially, ideas that a non-privileged user can do anything about.07:26
sorenOh... How would you reboot it?07:26
methodsweb panel i presume07:26
methodsanyway thanks i'll just call htem tomrorow07:26
sorennp07:27
LTSPTNK(09:17:25) soren: LTSPTNK: ogra is our LTSP dude.07:55
LTSPTNK(09:17:28) soren: ogra: ^^07:55
LTSPTNKguys, Ogra told me to try to contact this channel, becouse the problem is more LDAP/AD related than LTSP :)07:55
sorenI know what you have to do to hook into an AD domain, but I haven't a clue how that interacts with LTSP.08:04
LTSPTNKI have been trying different hook-ups, now I'm pretty satisfied with Likewise-winbind08:10
LTSPTNKbut I run to little problems, because the ppl who authenticate against AD doesnt belong to any system groups, any hints on that?08:11
sorenAdd them?08:12
nxvlsoren: i'm looking for you since friday08:12
nxvlsoren: did you get my mail?08:12
sorennxvl: I haven't gotten to it yet. I think. Which one is it?08:15
LTSPTNKadd them? U really mean I should add all the 500 users from our AD to Ubuntu LTSP server and every time we get new person to house or one leaves, follow behind and update /etc/group?08:16
sorenEasy now..08:17
sorenYou told me precisely *nothing* about your setup.08:17
sorenI don't even know which system groups you're talking about?08:19
LTSPTNKoki, I just got little upset :)08:19
nxvlsoren: about augeas08:19
nxvlsoren: and a wiki page08:19
LTSPTNKI work for one anonymous school in Finlan, doing my civil service. We have like 300 workstations/laptops in the house, all windows XP. I have been developing LTSP envinroment to replace one computing class. Infact to not to replace it, just hook the LTSP server betweem the switch and outer network.08:21
sorennxvl: Yes, I see it. I'll get to it in a minute, I think.08:21
LTSPTNKI have been testing many ways to authenticate against AD domain, only problem is the groups. I have been thingking if it is possible to add (for example) fuse group to AD and make ppl part of it. Or different, to link "domain^users" to some groups somehow, and for example "domain^admins" to "admin"08:24
LTSPTNKand by authenticating via Likewise, I'm able to see all the AD groups i belong in, by typing the "id" command :)08:25
sorenI'm not really sure what mechanisms likewise/winbind offers for that.08:25
sorenTruth be told, I haven't really used it. :/08:25
LTSPTNKwhat kind of authentication U have used?08:27
sorenLDAP08:27
lancesHi, I'm hoping you all can help me with a very strange problem that I've run into. If I add an IPv6 tunnel to /etc/network/interfaces, without even enabling radvd, it breaks connectivity to certain websites to some of my NATed IPv4 clients although the affected sites work just fine from the gateway machine themselves.08:29
LTSPTNKdoes it work with 2003 / 2008 AD??08:29
lancesor if NATed through a different gateway.08:29
sorenLTSPTNK: Don't know. I really meant that I've never really used AD.08:30
lancesanyone have any ideas?08:31
LTSPTNKawh, ok, i see08:31
LTSPTNKas far as i know, AD is just modified LDAP and they are compatible to some point...08:32
LTSPTNKin LDAP U can add ppl to be part of the system groups in server side?08:32
sorenI've never really needed to, I think.08:36
nxvlsoren: btw08:53
nxvlsoren: if you haven't read it in planet ubuntu still, augeas got it's second ack08:54
nxvlsoren: so we can start breaking it any time from now on08:54
sorennxvl: Has it been uploaded?08:54
nxvlsoren: not still i think08:54
nxvlsoren: the 2nd acker was unsure about the first one (if it was still valid on not)08:55
nxvlso i'm waiting for raphink to upload it08:55
nxvl(the first acker)08:55
sorenOh, ok.08:56
nxvlsoren: bot if you want to give it a 3th ack and upload i won't get mad08:56
nxvls/bot/but08:56
soren:)08:56
sorenIf it's got two ack's already, I don't think I will. I'm a rather slow reviewer :)08:56
nxvlsoren: btw, if you got impressed with the 1st copyright, check the actual one08:57
nxvlsoren: even i am impressed with it08:57
nxvlsoren: and i wrote it08:58
soren:)08:58
=== folke_ is now known as afk_away
=== afk_away is now known as folke
nxvlsoren: thanks for your answer!09:18
nxvlsoren: if you got some time, would you like to write the libvirt lense?09:18
sorennp :)09:18
nxvlsoren: i think it will be really easy, since there is already an xml module09:18
sorenI'm not sure such a thing makes sens.09:18
sorenYou are *really* not supposed to edit those files directly.09:18
nxvlsoren: yes, i wanted to discuss it with you09:18
sorenEver.09:18
nxvlsoren: so better to remove it from the list?09:19
nxvlsoren: and not include libvirt support on augeas?09:19
sorenI would say so. Sorry, I missed the fact that it was on there.09:19
sorenI only really looked for stuff that might be missing and not so much stuff that was on there, but shouldn't be. :)09:19
nxvlsoren: but, you don't think it would be useful to have libvirt support (or some kind of kvm support) on ucsa (or however i call it later)09:20
sorenSure, but as far as I understand augeas, it only deals with files directly, correct?09:20
nxvlyep09:21
sorenThen it's not going to be suitable for working with libvirt.09:21
sorenThat is not to say that UCSA couldn't, though.09:21
nxvloh ok09:21
nxvlso, you are saying that there mustn't be config file support for kvm, but other kind of support for it?09:22
sorenWhen you're dealing with libvirt, you'r not just editing files. You need to do special things to extract the config file and special things to put it back and make it take effect.09:23
nxvlbut, editing files will be needed09:23
sorenThat's the core of the issue. There are various ways to work around this. How you choose to do so is up to you :)09:24
sorenWell, yes, files will have to be edited.09:24
nxvlso augeas will need to support it09:24
sorenProbably.09:24
sorenSomehow.09:24
nxvland make aditional work on ucsa09:24
nxvlfor the effects to be taken09:24
sorenUnless you can throw random files at augeas and make it read that (instead of having augeas go look for the files itself)09:25
nxvli don't know much of kvm or the virtualization software that we use09:25
nxvlthat's why i wanted to discuss this with you, so you can guide me on how to plan it09:25
nxvlsoren: i think we can09:26
sorenAIUI, if you want to work with grub in augeas, it finds the menu.lst by itself. You don't tell it "hey, I want you to parse /boot/grub/menu.lst using the grub lens". You just tell it that you want to change grub's config.09:26
soren...and it goes and find the file.09:26
nxvlsoren: you can specify "/path/*"09:26
sorenOk.09:26
sorenWell... Yes, I suppose you can use that somehow.09:27
nxvlsoren: to the api you need to tell it which file you want to edit. I think09:27
nxvlsoren: for yum it uses *09:28
sorenSo in UCSA, you'd: 1) Extract all configurations virtual machines and dump them in /var/tmp/ucsa/libvirt, 2) add a special lens (that know to look in /var/tmp/ucsa/libvirt) to libaugeas, 3) parse the stuff, 4) make changes, 5) define everything from what's now in /var/tmp/ucsa/libvirt09:28
nxvl  let filter = (incl "/etc/yum.conf") . (incl "/etc/yum.repos.d/*")09:28
* nxvl moves libvirt to the bottom of the ToDo since it looks like a nightmare09:29
nxvl:D09:29
nxvlok now i need to sleep09:30
nxvlwe can discuss more about this later, when we are almost reaching the lenses goal09:30
nxvli hope i reach it for intrepid09:31
nxvland have augeas (the standalone version of it) for intrepid+109:31
nxvland discuss the desing of it in california (if get invited)09:31
nxvls/if/if i/g09:32
sorenCool.09:36
nxvlyeah, augeas has simplified my work a lot09:38
nxvlsoren: have a good day!09:39
nxvli'm gone09:39
sorenGood night!09:39
nxvli need to be at work on 4.5 hours09:39
nxvlsoren: please think about if you want to have kvm support on ucsa and send me some documents on how to do this (how the configuration work and such things) to plan it better09:40
nxvlsoren: thank you!09:40
spiekeyhi10:07
spiekeyis there a netinstall cd for hardy?10:08
=== mdz_ is now known as mdz
krautmoin10:12
ograsoren, ltsp just uses ssh for everything, so the proper question would have been "how do i integrate ssh (including X forwarding) into AD"10:52
sorenOh.10:55
sorenOk, thanks.10:55
ograwe try to keep away from user management as far as we can in ltsp :)10:56
ograits all ssh only using whatever is set up on the server for auth ...10:57
sorenSounds reasonable enough. That's good to know.10:58
LTSPTNKit is good to see that ppl really care about my problem here :) this school has a lot of potential to start using Linux allmost as prior system if all goes well :)11:16
=== fReAkY[t] is now known as freaky[t]
=== freaky[t] is now known as fReAkY[t]
=== fReAkY[t] is now known as freaky[t]
thefishhi folks, could anyone point me at a ubuntu-specific doc for apache ssl "the ubuntu way" - ie how to set up vhosts, ssl etc13:29
sommerthefish: there's some information in the serverguide: https://help.ubuntu.com/8.04/serverguide/C/httpd.html13:32
thefishthanks sommer13:34
sommernp13:34
tolunhi13:37
tolun is there anybody for helping me?13:37
tolun;)13:37
toluni have got a start up service problem...13:38
tolun:(13:39
lukehasnoname_I likely can't help, but when you get on a channel just ask a question and see for a response13:40
tolunok13:40
tolunHow can I run ssh service at start up?13:42
tolunautomatically...;)13:42
thefishtolun, sudo update-rc.d ssh defaults13:44
thefishtolun, it should be set to start automatically when you install it anyway, do you have the ssh server installed?13:44
tolunyes...thanks a lot... I will try it now13:45
tolunthefish, thank you... it has been worked...13:52
thefishtolun, glad it helped :)13:52
tolunthefish, if I want to remove this start up script what should I do?13:53
thefishtolun, you can either remove the links in /etc/init.d (bad) or sudo update-rc.d ssl remove (best)13:54
thefishtolun, man update-rc.d ;)13:54
tolunwow :D ok...13:55
tolunagain really thank you...13:55
thefishno worries13:55
tolunguys... have a nice day... bye bye13:56
thefishseeya tolun13:57
biczallo anyone use knokd?13:58
bAndie9100hi all14:37
bAndie9100help! i would make a network with dump clients14:39
bAndie9100on those exist only /tmp /var and /dev14:39
bAndie9100other directories will be mounted via NFS14:39
bAndie9100how should i do that?14:39
bAndie9100its enough, to be the same kernels on serever and clients both?14:39
zuljust a thought to throw out there do we want dovecot 1.1.1?15:02
sommerzul: sure15:07
thefishzul, its the best imap server ive played with - really easy and impressive15:08
thefishnot tested in very high load situations though15:08
folkeAnyone here with knowledge bout 8.04 and vmware esx ?15:18
folkeI am having trouble to compile vmware-tools on hardy with esx 3.0215:19
=== jjesse_ is now known as jjesse
_rubenfolke: depending on your needs you might want to try using open-vm-tools instead of the commercial vmware tools15:29
folke_ruben: Oh, is this in hardy repo?15:29
_rubenno, it was, but has been pulled due to being alpha status, its maintained/developed by vmware though15:30
_rubenhttp://open-vm-tools.sf.net15:30
folkeAh, tnx, I will look in to that. You said "depending on your needs".. Is there som drawbacks?15:30
_rubenthe commercial vmware tools offer more functionality .. i dont have a complete list of differences in my head15:31
folkeI am thinking of using 8.04 in production enviroment.15:32
folkeNot so i/o hungry servers, at first..15:32
folkefrom what I see in the faq, it says that non-experimental stuff is released.15:34
folkeBut nithing about stability and performance.15:34
_rubennot using esx in production here (due to its licensing method regarding 3rd party usage) .. so not sure how it'd perform there15:36
folke_ruben: Have you heard anythoing pro / con with the open source tools.. Would be really nice if they worked nicely tho,..15:40
zulsoren: ping did you mention that you had an munin patch for me?15:41
_rubenfolke: i installed em on some test machines that hardly do anything .. and i lurk on the open-vm-tools mailing list, which doesnt mention all that much problems (most of em are compilation ones)15:48
sorenzul: Yes! Hang on.15:49
folke_ruben: Perhaps I give it a try on an internal 8.04 jeos at first :)15:49
sorenzul: http://people.ubuntu.com/~soren/221-apt-ubuntu-changes.patch15:50
sorenzul: Sorry about the delay. I had an ssh key issue I needed worked out first (And I was too lazy to just do it from another machine).15:50
zulsoren: no problem im going to merge the new one today and want to update the patc15:51
zulpatch even15:51
sorencool15:51
zuljdstrand: have you seen this? http://www.imapwiki.org/ImapTest16:16
Dark_Shadow2greetings, how do i bring up my network at the local.premount time inside a initram?16:22
sorenWhy?16:25
Dark_Shadow2one sec, longer explanation16:25
Dark_Shadow2pxe boot, client is diskless, should get a "image" from nfs/whatever networksource with full rw support in ram, currently im editing the init script so that it makes the "real_root" inside a created ramdisk, therefor i need to get the image , but error message seems to be that the network isnt up yet16:27
tolunhi everyone...16:30
Dark_Shadow2the finished idea bout it is having a pxe with some "images" of the clients, the clients get a minimal sys to boot, and chroot inside their image16:31
Dark_Shadow2hu tolun16:31
toluni need an information...about a package name for db and db-devel...16:31
tolunwhat are the new names for that? or how can I install them?16:32
Dark_Shadow2cant say, dont know, sry16:32
mathiazDark_Shadow2: you should ask the ltsp guys about this setup - that's what ltsp is doing IIRC - ogra should be able to help you16:32
Dark_Shadow2hmm i could allways try16:33
Dark_Shadow2thought the clients should not get a "terminal" at all16:33
Dark_Shadow2ill check that tomorrow, thx for the tip16:33
ograDark_Shadow2, what we do is to chave a botstrapped chroot with X, login manager and some other bits, that is rolled into a squashfs ... the client mounts that as nbd device and sets up a unionfs from it ... if you take that, ad remove all packages you dont want you should essentially have a minimal system to mount nfs shares over the dirs16:35
sommertolun: you may be looking for libdb4.6 and libdb4.6-dev?16:35
tolunmaybe16:37
toluni really dont know... one of the product which is named as @mail it needs this db and dbdevel...16:38
ScottKtolun: sommer is almost certainly pointing you in the right direction.16:38
tolunhimmm ok16:39
tolunthank you sommer and ScottK16:39
lukehasnoname_ScottK: You know that feeling, when long ago you said something or advocated something and no one listened, and now people realize what you were trying to say?16:40
ScottKYes.16:40
Dark_Shadow2that should be an option, ill give it some reading and a try tomorrow, need to go now, thx though16:43
ograDark_Shadow2, https://help.ubuntu.com/community/UbuntuLTSP/LTSPQuickInstall (you want the bottom part)16:44
tolunHow can I activate apache2's mod_deflate ?16:44
sommertolun: sudo a2enmod deflate then sudo /etc/init.d/apache2 force-reload16:46
uvirtbotNew bug: #246298 in bacula (universe) "package bacula-director-sqlite3 2.4.0-1ubuntu1 [modified: usr/sbin/bacula-dir usr/sbin/dbcheck] failed to install/upgrade: " [Undecided,New] https://launchpad.net/bugs/24629816:47
jay2don't worry if I don't have a question right now I just want listen and learn new stuff currently17:49
jay2I hope no one minds17:50
ScottKNot at all.17:51
jay2ty17:51
puboHi17:54
puboI'm setting up Apache + SSL, and I would like Apache to start/restart automaticaly without having to type the password17:54
jay2ty you just gave me another idea lol17:55
infinitypubo: Then don't have passworded private keys.17:56
infinitypubo: If you can name one good reason to have a passphrase on your private key, I'll give you a cookie.17:56
puboinfinity, then, I should create the key without a password?17:57
infinitypubo: Yes.17:57
pubouhm, ok :)17:57
infinitypubo: As long as it's readable (on-disk) only by root, you've lost no security here.17:58
puboI thought It was a security problem not tu set a password17:58
infinitypubo: Think about the fact that root can read the key from memory once apache loads it anyway.17:58
pubooki doki... thank you17:58
infinity(The only possible implication is physical security, but if you have people with physical access to your server, you have bigger problems than key management, IMO)17:59
puboinfinity, no. I use an Internet private server :)18:00
* delcoyote hi18:04
zulsoren: btw I included your patch in the upload thanks18:14
shing`What are some good cluster management options for ubuntu?18:18
LieZ^andyway to turn on remote access for vnc from bash?18:18
uvirtbotNew bug: #246343 in dhcp3 (main) "dhclient.conf should request nis-domain etc. by default" [Undecided,New] https://launchpad.net/bugs/24634318:42
zuluh no18:42
infinity*shrug*18:47
infinityUntil there's a better mechanism for packages to list which dhcpoptions they want to request, it's better to ask for too many than too few.18:47
mathiazScottK: what do you think about the libdb transition in intrepid ? I'm updating the ServerTeam roadmap and there is an item about libdb4 transition19:13
mathiazkirkland: what is the state of status action to init scripts ?19:14
LMJmoin moin19:14
mathiaznealmcb: any new factoids that should be updated ?19:15
kirklandmathiaz: the common library pieces are present in Intrepid's /lib/lsb/init-functions19:15
sommer!serverguide19:15
ubottuSorry, I don't know anything about serverguide19:15
mathiaz!inetd19:15
ubottuSorry, I don't know anything about inetd19:15
sommerI vote for serverguide :)19:15
mathiaz!openssl19:15
kirklandmathiaz: we now need to add the 4-line block to the pertinent init scripts, and bump their depends up to >= a particular version of lsb19:15
ubottuSorry, I don't know anything about openssl19:15
mathiazkirkland: is this still something that is targeted for intrepid ?19:16
kirklandmathiaz: i'd very much like to see it done for the server init scripts19:16
lukehasnoname_!ubottu19:16
ubottuHi! I'm #ubuntu-server's favorite infobot, you can search my brain yourself at http://tinyurl.com/5zfb6t - Usage info: http://wiki.ubuntu.com/UbuntuBots19:16
kirklandmathiaz: i was sort of hoping owh would run with it19:17
kirklandmathiaz: or perhaps another community member19:17
BockBilbohello!19:26
BockBilboI'm trying to configure my ubuntu server for accepting ssh connections using dsa keys but it doesnt seem to work fine. I have added my public key to the server's authorized_keys file but when starting the connection, the server does not give any answer after sending the public key...19:28
BockBilboI've configured this many other times on different ubuntu servers, and can't find out whats happing this time on this server19:28
BockBilboI've also tried to configure a different server to check if I'm missing something, and the configuration works on the other server!19:29
BockBilboanyone here has experienced something similar?19:29
slicslakyou've done a diff on your ssh config files and another servers config files?19:31
BockBilboyeah19:31
BockBilbothey are both the same19:31
slicslakauthoried_keys has the correct perms and is in the correct directory with correct perms?19:31
BockBilboits on .ssh19:31
BockBilbowith 60019:31
BockBilboowned by the user19:31
LieZ^now seriously really noob questoion, is my vnc server running, heres a pic19:32
LieZ^http://img411.imageshack.us/img411/9115/vnccq4.png19:32
slicslakorry BockBilbo that's all i can think of19:33
BockBilbohehe19:33
BockBilbome too19:33
BockBilboi have compared the debug on a connection that works19:33
BockBilbowith the one that doesnt19:33
BockBilboand this is the main diff:19:33
BockBilboin both, after stablishing an initial connection with the ssh server, the client shows this message: debug2: we sent a publickey packet, wait for reply19:37
mathiazkirkland: you may wanna update the section about status action in init scripts on the ServerTeam Roadmap19:37
BockBilbowhen making a connection it should continue with: debug1: Server accepts key: pkalg ssh-dss blen 43319:37
mathiazkirkland: it seems that what's written there related to the hardy dev cycle.19:37
kirklandmathiaz: yeah, no problem19:38
kirklandmathiaz: i can do that19:38
nealmcbmathiaz: last I recall we needed to work on the factoids related to virtualization19:38
nealmcb!virtualization19:38
ubottuThere are several solutions for running other operating systems (or their programs) inside Ubuntu, while using the native CPU as much as possible: !QEmu (with !KQemu), !VirtualBox, !VMWare, as well as !WINE and !Cedega for Windows applications19:38
nealmcb!kvm19:38
ubottuSorry, I don't know anything about kvm19:38
mathiaz^^ that should be fixed :)19:39
uvirtbotmathiaz: Error: "^" is not a valid command.19:39
BockBilbodebug1: Authentications that can continue: publickey,password19:39
BockBilbodebug2: we did not send a packet, disable method19:39
BockBilbobut when the non working server i get: debug1: Authentications that can continue: publickey,password // debug2: we did not send a packet, disable method19:39
BockBilbosorry for the flood...19:39
nealmcbubottu: kvm is the preferred virtualization approach in Ubuntu.  For more information see https://help.ubuntu.com/community/KVM19:39
mathiaz!paste | BockBilbo19:39
ubottuBockBilbo: pastebin is a service to post multiple-lined texts so you don't flood the channel. The Ubuntu pastebin is at http://paste.ubuntu.com (make sure you give us the URL for your paste - see also the channel topic)19:39
nealmcbubottu: virtualization is <reply> There are several solutions for running other operating systems (or their programs) inside Ubuntu, while using the native CPU as much as possible: !kvm is the preferred approach in Ubuntu.  See also !QEmu (with !KQemu), !VirtualBox, !VMWare, as well as !WINE and !Cedega for Windows applications19:40
BockBilbomathiaz, ok19:40
nealmcbsoren - any comments on those proposals?19:40
ScottKmathiaz: We should still try to get rid of anything older the 4.6.19:40
ScottKkirkland: There is a thread going on now in debian-devel about LSB and status was discussed as a good thing.  This might be an opportune time to send the lsb/init-functions patch to Debian.19:42
ScottKYou might discuss it with slangesek.19:42
nealmcbBockBilbo: I recall some serious recent concerns over dsa usage with ssh given its vulnerability to random number generator problems19:42
ScottKThere has also been a big upswing in SSH cracking attempts.19:43
nealmcbBockBilbo: see e.g. http://wiki.debian.org/SSLkeys19:45
BockBilbohttp://paste.ubuntu.com/25754/19:48
BockBilboi have written down the steps I've taken and the verbose output of a connection19:48
BockBilbonealmcb im going to take a look at it now19:48
BockBilbobut it still is strange the fact that the method I'm trying to follow worked with an ssh server on  ubuntu desktop installation and not on the server19:49
BockBilbonealmcb, I already knew about that issued, I have perhaps reinstalled the whole openssh-server package, purging the previous installation, so all the config file should be new...19:52
nealmcbBockBilbo: yeah - I don't know if it is related, and I haven't heard of plans to withdraw support.  but I for one won't be using dsa for that reason and for the covert channel issue.  I'm curious - why do you want to use dsa?19:59
BockBilboi was just trying it20:00
BockBilboi tried rsa too20:00
BockBilboand didnt work20:00
kirklandScottK: I've sent to Debian already20:18
kirklandScottK: see http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=48328520:18
uvirtbotDebian bug 483285 in lsb-base "lsb-base: lsb status_of_proc() function" [Wishlist,Open]20:19
ScottKOK.  You might ask slangesek for suggestions about how to push it.20:19
kirklandScottK: maintainer says "I'm holding off on integrating these patches until I20:19
kirklandget 3.2-12 into testing; adding functionality would break the spirit of the freeze, but I'll plan on getting status_of_proc() into unstable soon after that migration happens (hopefully soon)"20:19
ScottKThat's not so bad.  It may miss Lenny though.20:19
sorennealmcb: Looks fine20:24
nealmcbsoren: pretty simple...  I proposed these a few weeks ago, but people probably missed them.  I'll follow up  in u-ops20:25
nealmcbthere may be more that could use help there also20:25
nealmcb(related to virtualization)20:26
LieZ^how do i tell what virtual display vnc is running on please?20:27
nealmcb!virtualization20:31
ubottuThere are several solutions for running other operating systems (or their programs) inside Ubuntu, while using the native CPU as much as possible: !kvm is the preferred approach in Ubuntu.  See also !QEmu (with !KQemu), !VirtualBox, !VMWare, as well as !WINE and !Cedega for Windows applications20:31
nealmcb!kvm20:33
ubottukvm is the preferred virtualization approach in Ubuntu. For more information see https://help.ubuntu.com/community/KVM20:33
nealmcb:)20:33
BockBilboim afraid i havent been able to fix the problem20:47
BockBilbothanks anyway20:47
BockBilbo:)20:47
specialKevinanybody heard about issues installing 8.04.1 as a xen guest21:28
specialKevinwhen I try to install it just suspends the guest and then when I bring it back goes back to the begining of the installer21:28
Deeps8.04 doesn't work in xen, dunno if that got resolved for .121:29
ScottKlamont: Please see ubuntu-server ML.  You have mail (re why is Postfix shipped in chroot and BIND not).21:31
specialKevinDeeps: do you know what the issue with 8.04 and Xen is or a bug report I can follow21:34
Deepssearch the bug tracker for xen, it's a kernel issue and there's some patch that can be applied which resolves some issues i believe21:35
=== erichammond1 is now known as erichammond
lamontScottK: because BIND had an installed base when I got it, that's why22:00
ScottKlamont: I think it'd be useful if you'd respond on the list...22:00
lamontyeah22:00
lamontwill do so in a little bit22:01
ScottKOK.22:01
* lamont needs to finish out his work day22:01
ScottKWould BIND defaults in chroot be a good release goal for Lenny +1/Intrepid +1?22:01
RoAkSoAxScottK: +122:02
* ScottK isn't the one that needs convincing.22:02
RoAkSoAxlol22:02
RoAkSoAxso who is needed to be convinced?22:02
ScottK^^^ lamont is the maintainer for BIND in Debian and Ubuntu, but give him a chance to finish work first before you bug him too much.22:03
uvirtbotScottK: Error: "^^" is not a valid command.22:03
ScottK ^^^ lamont is the maintainer for BIND in Debian and Ubuntu, but give him a chance to finish work first before you bug him too much.22:03
RoAkSoAxi see22:04
nxvl_workScottK: my next proposal (on CA i hope) will be chroot services out-of-the-box22:04
RoAkSoAxthat would be better xD22:05
RoAkSoAxbut bind should have been chrooted by default long time ago xD22:06
lamontScottK: certainly for new installs, yes22:11
lamontRoAkSoAx: the one point where it almost was, I broke a fair chunk of the installed base, it never made it out of unstable22:11
lamontactually, that wasn't chrooting - that was just running as non-root22:11
lamontwhich it now does just on fresh installs, not upgrades22:12
nxvl_worklamont: what about a bind-chroot meta package containing only the configuration of a bind chrooted?22:12
lamonteither requires an API exported from the bind package, or be delivered from bind9 source, else iz config violation22:13
ScottKnxvl_work: I think doing it on new installs is reasonable.22:14
nxvl_workScottK: yep, that's why i suggest a new package instead of changing the new one22:14
nxvl_workbut lamont is right, it is config violation22:14
RoAkSoAxyeah would be better to have new pkg with chroot config as nxvl_work said22:14
* nxvl_work will figure out how to do it wihout breaking debian policy rules22:15
nxvl_worknick nxvl22:15
lamontgiven that 99% of the user community has their own FHS-hating ideas on where files live, I want to give them a few minutes to get over the pain we caused with apparmor before we do more to them22:15
lamontnxvl_work: it is a violation of policy for a package to modify a config file of another package.22:15
lamontit's pretty simple... either you get the other package to export an API, or you don't do it.22:16
nxvl_worklamont: yes, i know, that's why i will figure out how to have a different package (let's say bind-chroot) without breaking any rules22:17
lamontnxvl_work: choose (A) or (B).  it's actually really simple.22:18
RoAkSoAxwhat about having an script to chroot bind ?22:18
nxvl_work:D22:18
nxvl_worklamont: or you do duplicate binary with different config file22:18
nxvl_workmm22:18
nxvl_workdebconf option, could be, but i'm sure it will break actual configurations at some point22:18
RoAkSoAxyeah might be22:23
nxvl_worklamont: you are a canonical sysadmin, aren't you?22:31
lamontnxvl_work: when I'm at work, yes22:31
lamontby night, I'm core-dev22:32
lamontand only slightly split-personality :-)22:32
ScottKNot to mention Debian Developer.22:32
nxvl_work:D22:32
nxvl_workheh22:32
RoAkSoAxpor lol22:36
cameronhIs there any way to get libapache2-mod-mono and libapache2-mod-php5 to run together? both appear to be built against a different apache worker.23:13
infinitycameronh: Looks like mod_mono either needs to be rebuilt or (more likely) just needs its dependencies loosened a bit.23:26
infinitycameronh: The fact that no one has complained about this in either Ubuntu or Debian (and, in fact, there are no open bugs against it at all) is a pretty big warning sign to me that the thing doesn't much get used or tested, though.23:27
cameronhinfinity: seems the problem is that PHP isn't thread-safe but mod-mono is compiled for a threadsafe apache. I don't know much about the apache build process though... does building it against a threaded MPM mean it can't be used in a thread-free MPM?23:27
cameronhinfinity: googling around seems to suggest you should set PHP up with FastCGI and rather than an apache module unfortunately23:28
infinitycameronh: No, pretty much all modules are build against the threaded headers, except for a few like PHP.23:28
infinitycameronh: Using FastCGI is certainly an option.  The CGI binary in php5-cgi has FastCGI support.23:28
cameronhinfinity: there are a few bug reports but with very little progress on them, for example https://bugs.launchpad.net/ubuntu/+source/mod-mono/+bug/22778123:28
uvirtbotLaunchpad bug 227781 in mod-mono "libapache2-mod-mono and libapache2-mod-php are mutually exclusive" [Undecided,New]23:28
infinitycameronh: Either way, the mod_mono packaging is pretty clearly wrong.23:28
infinitycameronh: Ugh, yeah, the Debian maintainer appears to not understand the apache2 headers.23:30
cameronhinfinity: hmm :/23:30
infinity  * Replaced build-dependency apache2-dev || apache2-threaded-dev with only23:31
infinity    apache2-threaded-dev.23:31
infinity  * Replaced apache2 binary dependency with apache2-mpm-worker, as the built23:31
infinity    module for threaded apache will not work with prefork apache.23:31
infinityThat's a blatant lie.  apache2-dev *is* apache2-threaded-dev, so nothing changed when he made that change. :/23:31
cameronhinfinity: yeah the situation looked a little weird when i was trying to decipher it .. given that i don't know much about the innards of the apt/dpkg package manager23:32
infinityI'll comment on the Ubuntu bug for now...23:33
infinityCould certainly get it fixed in Intrepid... Getting an SRU accepted for Hardy might be a different story.23:33
cameronhyeah... i've got an intrepid dev server anyway so i could use that personally .. my stuff is going into prod on a windows box anyway23:34
cameronhinfinity: do you think that perhaps mod-mono itself had some sort of bug that made it incompatible with prefork? it still wouldn't explain the apache2-dev apache2-threaded-dev change, but maybe there is some truth in the second statement23:39
infinitycameronh: I really doubt it.23:50
infinitycameronh: I've never built any module against the threaded MPMs that wouldn't run with the non-threaded ones.23:51
infinitycameronh: If this was possible at all, it would be a bug in Apache, IMO, and we'd have a mess of reports about it from users of more popular threaded modules (like subversion, mod_perl, mod_python...)23:51
cameronhinfinity: ah. Well in that case, certainly seems like the apache maintainer is getting confused23:52
infinitys/apache/mod-mono/23:52
cameronhyes, rather :P23:53

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!