nxvl_workkees: ping00:46
=== nxvl_work is now known as nxvl
keesnxvl: hola!00:51
helfireWith multipule users on 1 server, homes in /var/www/user, how do you get set the permssions correctly? for php to work everything has to be www-data:www-data00:57
sommerhelfire: you can place the www-data user into the user's group, then allow read and execute rights to the appropriate directories01:01
sommerhelfire: there's also posix acls, that can give you much more permissions flexibility01:02
hadsOr fastcgi etc.01:02
helfiresommer: if 2 users are part of the same group wont they be able to view the contents of /var/www/user1/*01:03
hadsAlthough if they are all www-data then www-data has access to all of the contents anyway.01:04
sommerhelfire: for your situation posix acls may work best... you can give just the www-data user the appropriate permissions01:04
helfirebut for securty reasons i dont want 2 users to be able to view eachothers directories, but to serve the pages they both have to be part of *:www-data01:04
helfireare there any guides that step through setting up apache/etc with multiple users and acls?01:09
sommerhelfire: acls are sperate from apache, apache will follow the filesystem permissions... here's a rather long aritcle: http://www.suse.de/~agruen/acl/linux-acls/online/01:10
sommerhelfire: basically install the acl package, then get some experience with getfacl and setfacl, once you're used to them it's not that bad01:11
sommerthere's probably other more consice guides out there as well01:11
helfireYa, lots of guilds show you how to setup ISPconfig/apache/etc but then when multiple users come in they dont say anything about it01:13
helfireMight as well ask while i'm here, Is ISPConfig the best option in managing multiple users websites? Long time ago i just wrote a perl script to do it all for me but that was years ago hehe01:14
sommernot sure what you're looking for, basically posix acls allow the same permissions as normal, but to multiple users and groups... if in some level of acl a user doens't have permission they get denied access01:14
* sommer has never used ISPConfig01:14
helfireoh no i'm just saying for managing multiple users, setting up limits, doing all the manual work for ya01:19
sommerah, I'd say try it out and if it's horrible you can always migrate to something else... or do things manually :-)01:20
SpaceBasshey folks03:23
SpaceBassI'm having a problem with setting up 8.04 server as an ldap client03:23
SpaceBassI rebuilt my OpenDirectory server and all my other clients are working, but getent passwd does not show any OD users03:23
SpaceBassI've tried dpgk-reconfigure and it does nothing03:23
SpaceBassactually does nothing, just returns a bash prompt03:23
sommerSpaceBass: did you try sudo dpkg-reconfigure ldap-auth-config ?03:31
SpaceBasssorry - always leave the sudo off when in IRC03:32
sommerhow about sudo dpkg-reconfigure ldap-auth-client03:32
SpaceBassi just removed/reinstalled ldap-auth-config and its ran the setup again ... but I still am not seeing network users with getent passwd03:32
sommerSpaceBass: try double checking the /etc/ldap.conf file03:33
SpaceBasssommer, yeah, it looks fine03:33
sommercan you search with ldapsearch -x ?03:33
SpaceBassoddly if I remove it and re-run dpgk-reconfigure it does not create a new one ... making me think maybe its not using that file03:33
sommerit does03:34
SpaceBassnot sure why it wouldn't get re-created then03:34
SpaceBassand of couse sudo dpkg-reconfigure ldap-auth-config03:35
sommerit's probably only created during the package postinst, and dpkg-reconfiugre doesn't execute the exact same command... (that's a guess)03:35
SpaceBassis failing again03:35
SpaceBasswell, something's broken03:41
SpaceBassthe problem is that I need some kind of logs or verbose output03:42
sommerSpaceBass: stop slapd then start it in a console window with: sudo slapd -u openldap -g openldap -f /etc/ldap/slapd.conf -d -103:42
sommerthen do a getent and look for errors in the output03:43
SpaceBassslapd is the server, not the client rght?03:43
SpaceBassI'm not running slapd on this box03:43
=== freaky[t] is now known as fReAkY[t]
sommerare you sure your network connectivity is working then?03:44
SpaceBassssh is working, ping, all other clients, etc03:44
sommermay want to double check with a quick nmap scan... should see ldap in the list03:45
sommerother than that I'd try upping the logging on the server03:45
SpaceBassnmap shows that its open ... but getent passwd doesnt even cause a log entry n the server - like its not trying03:46
sommerif the slapd logging isn't at a higher level it may not register an event03:47
SpaceBassleme check03:48
owhCan I insert a stupid question into this - not knowing anything about ldap? How have you told the client where the ldap server is?03:55
owhI mean if getent passwd doesn't create an event, what is it trying to talk to instead?03:57
sommerowh: the dpkg-reconfigure ldap-auth-client configures /etc/ldap.conf which holds that information03:57
SpaceBassit reads /etc/ldap.conf03:57
sommerowh: /etc/passwd03:57
sommerSpaceBass: that is a good idea you might double check the connection setting in that file03:57
owhSo, if ldap.conf holds that information, is it what you expect it to be?03:57
SpaceBassthe ldap client libraries query the ldap server for the data03:58
owhSure, but my question is more about telling the clients who to ask for the answer.03:58
SpaceBassthats from ldap.con03:59
SpaceBassthere's a line that reads: host
SpaceBass10.1.1.15 is the ldap server03:59
owhSo, you can presumably ping the ldap serve?04:00
owh(From the client)04:00
owhHow did the end up in the ldap.conf file?04:00
SpaceBasswhen you install ldap-auth-client (or reconfigure it) it writes to that file04:01
owhWith dpkg-reconfigure?04:01
owhDoes it require a port number?04:01
SpaceBassnot if you use the default - but I did try that to doble check04:01
owhAs I said, I'm not familiar with ldap, just the principles of trouble shooting :)04:01
sommerSpaceBass: do you have ldapi:///hostname or ldap://hostname ?04:02
owhCan you improve the verbosity of the client?04:02
SpaceBassowh, wish I knew how04:02
owhAh a URI, rather than a host.04:02
SpaceBasssommer, I've tried just the IP, ldap://host and ldapi://...04:02
* owh has a gander through the RTFM.04:03
sommerSpaceBass: hmmm that should work, but you might also try Host ip_address instead of ldap://04:03
owhSpaceBass: You know about this: https://help.ubuntu.com/8.04/serverguide/C/openldap-server.html04:03
SpaceBassyeah, thats for setting up a server04:04
SpaceBassthis is a client04:04
sommerowh: doesn't cover client configuration... yet :)04:04
owhDon't make me install it :)04:04
owhOk, for a moment assume you did everything right - unlikely, but let's start somewhere.04:05
owhHow is what you're expecting not working?04:05
owhRemember, once you get to the point of pulling out your hair, most likely the problem isn't what you think it is.04:06
owhSo, I'm just testing your assumptions at the moment.04:06
SpaceBassI'm sure its one of those glaring things - like a typo04:07
SpaceBassso I'm gonna put it down for the night04:07
SpaceBassI appreciate the help - good troublshooting steps04:07
owhRight, so work with me for a mo, give me 10 minutes :)04:07
owhThen I'll let you slink off to bed :)04:07
owhSo, what are you doing that isn't working?04:07
owhWhat command is failing?04:08
owhAlso, FYI, the man page for ldap.conf says that the URI is: URI <ldap[s]://[name[:port]] ...>04:09
sommerSpaceBass: you might also try: sudo auth-client-config -a -p lac_ldap04:09
SpaceBasswell, its just not producing the expected output04:09
sommerSpaceBass: that will configure pam for ldap04:10
owhAnd the man page goes on to say: HOST <name[:port] ...>04:10
owhSo, the IP address is with a HOST command, but a URI is with a URI command. What does your ldap.conf show?04:10
SpaceBassso it implies that the port is required04:10
SpaceBassleme look04:10
owhNo, that's optional.04:10
owhSpaceBass: man ldap.conf should give you this: ldap.conf(5): ldap config file - Linux man page <http://linux.die.net/man/5/ldap.conf>04:11
SpaceBasssommer, not sure -a -p lac_ldap where the right switches - its reconfiguring every package on the system04:12
sommerSpaceBass: not sure what you mean by "every package on the system"... every time I've used it, it only configures the pam modules04:15
SpaceBasssommer, i mean cups, font server, keyboard layout...name it04:15
sommerah see what you mean... ya anything that uses pam, isn't that what you wanted?04:16
sommerto reverse it use sudo -a -r -p lac_ldap04:16
sommererr sudo auth-client-config -a -r -p lac_ldap04:17
SpaceBasstoo late now :)04:17
owhSpaceBass: Have you pasted your ldap.conf anywhere?04:17
SpaceBassowh, not yet04:17
SpaceBasswill once this finishes04:17
sommernot if you didn't want to do that... the auth-client-config is very safe and comments the original entries in the pam files04:18
owhSpaceBass: Open up a new terminal :)04:18
* owh blames sommer for eating my 10 minutes :)04:19
SpaceBassblame my brain - its slowing down04:19
* sommer they tasted good :-)04:19
SpaceBassI'm relatively old hat at this...been setting up boxes using ldap for years, but it usually "just works"04:20
sommerare you on hardy?04:20
sommerhmmm, it's always worked for me, not sure what you're missing04:20
owhSpaceBass: That's why I've been attempting to test your assumptions :)04:21
SpaceBasssommer, me too ...04:21
SpaceBassowh, :)04:21
owhSpaceBass: Does it work anywhere else?04:21
owhCan you diff the config file?04:21
SpaceBassowh, all the other clients are OSX - and they do ldap a little differently04:22
SpaceBassI do have one other linux box that is working, but its 6.10lts04:22
owhWell, check the .conf file first.04:22
SpaceBasseven tried copying that file over04:23
owhWell, version differences aside, that might rule out that as a source of the issue.04:25
owhWhat happens if the 6.10 machine connects to the server? Do you see anything in the logs?04:26
owhMachines on the same network?04:28
SpaceBasssame subnet even04:29
SpaceBasssame switch04:29
owhIf you watch with wireshark, do you see anything?04:29
SpaceBassthats a great idea - but one for tomorrow :D)04:29
owhSleep well :)04:30
SpaceBassthanks guys - again, I really appericate the help04:30
* owh just poked a stick at the problem :)04:31
bingoerhi all05:36
bingoerI'm in a bit of trouble05:36
bingoerI am trying to upgrade my server from 7.10 to 7.04, and linux-image has broken05:37
bingoerit shows that linux-image-2.6.22-15-server is installed, but its not installed in /boot. So when I try to remove it or purge it, it fails because there is no System.map or initrd in /boot05:37
bingoerWhat do I do ?05:37
nealmcbwell, 7.04 is earlier than 7.1005:41
uvirtbotNew bug: #232550 in gvfs (main) ""Connect to Server..." does not mount Windows Share (dup-of: 209520)" [Undecided,Invalid] https://launchpad.net/bugs/23255008:51
=== crummygummy_ is now known as CrummyGummy
=== ewook_ is now known as ewook
uvirtbotNew bug: #246322 in nis (main) "nis package must provide DHCP client scripts" [Wishlist,Confirmed] https://launchpad.net/bugs/24632210:35
uvirtbotNew bug: #246558 in openssh (main) "ssh's init script should generate host keys if they're missing" [Undecided,New] https://launchpad.net/bugs/24655813:21
=== fReAkY[t] is now known as freaky[t]
nxvlgood morning everyone!13:35
emgenthi nxvl13:36
nxvlemgent: what's the difference between your branch and master's one on cve-tracker?13:38
emgentmaster is ubuntu-security official branch13:42
nxvlemgent: well, that obvious, but i mean in content13:59
uvirtbotNew bug: #246578 in samba (main) "using "net ads join" with -S breaks if given the long domain name " [Undecided,New] https://launchpad.net/bugs/24657814:32
zulmathiaz: any thought of dovecot 1.1.1 for intrepid?14:39
mathiazsommer: were there any plans to split out the server guide into its own bzr branch ?14:49
mathiazzul: may be - I'd look at debian also14:50
sommermathiaz: heh, I was just looking at the doc.u.c, and noticed that it hasn't been updated :)14:50
sommermathiaz: I don't think there was anything concrete as far as a different branch14:50
sommermathiaz: do you think it needs to be?14:51
mathiazsommer: it needs to be split out in its own branch14:51
mathiazsommer: one of my todo item is to add a paragraph to the Server Team KnowledgeBase about helping out with the server guide14:52
sommermathiaz: I'm not opposed, but there'll need to be some strong arguments to overcome the arguments against14:52
mathiazsommer: and if it starts with - bzr branch ubuntu-doc - wait for a 400 Meg download - we've lost most of the contributors...14:53
sommermathiaz: it's actually miles better for intrepid... the history was dumped and the layout was rearanged14:53
mathiazsommer: I'd have to go back and read the threads, but the main arguments IIRC were related to packaging stuff14:53
sommermathiaz: it only takes about 5min14:53
mathiazsommer: mhh... I'll have to look into that then - I was reading the documentation team page about using bzr14:55
mathiazsommer: and it didn't look very promising14:55
sommermathiaz: as in not enough info?  I think it's enough to get people started, but I agree it could be better14:56
mathiazsommer: well - it's much info IMO14:56
mathiazsommer: I wrote a blog post last week about dkim testing and there was an item about updating the server guide14:56
mathiazsommer: so I wanted to add some intructions on how to do it14:57
mathiazsommer: I would have liked to write some like: bzr branch lp:~ubuntu-doc/ubuntu-server-guide; edit-the-mail-section; bzr push lp:~your-lp-id/ubuntu-server-guide; submit for review to the doc team14:57
mathiazsommer: reading through the documentation page, it seemed more complex than that14:58
sommermathiaz: ya, as of now it's bzr branch, edit, submit patch to the list14:58
mathiazsommer: and this morning there was an email on ubuntu-doc about a technical review - it should have been a patch instead14:59
mathiazsommer: right - unfortunately, reading the documentation page, it seemed more complicated than bzr branch, edit, submit a patch14:59
sommerya, the doc team really doesn't use the full capabilities of bzr... especially the distrubted vcs14:59
mathiazsommer: I would be fine with the process above14:59
mathiazsommer: exactly - I'll add a paragraph on working on the server guide15:01
sommermathiaz: I'm not opposed with the process either, additionally seperating the packaging would allow the serverteam control of SRUs15:01
mathiazsommer: I'll do more experimentation on how it takes to branch the ubuntu-doc tree15:01
mathiazsommer: right - IMO packaging bits should not be the reason for keeping all the docs in one branch15:01
mathiazsommer: conceptually I don't see why someone working on the server guide would need a copy of the Ubuntu migrating from windows guide15:02
sommermathiaz: an advantage of not branching is interaction with more than one team in the Ubuntu community... or at least letting the doc team have rights to the branch, I think would good15:03
mathiazsommer: basically you'd need to separate the packaging bits and the documentation, ie go to the standard upstream/maintainer system15:03
mathiazsommer: sure - I don't have a problem with that15:03
mathiazsommer: but I really like to say to new contributors - wanna fix a typo in the server guide ? -> bzr branch lp:~ubuntu-doc/server-guide15:04
mathiazsommer: the server-guide branch would still be part of the ubuntu-doc team15:04
sommersure, and I really like the potential to do an SRU on the serverguide even if others consider it too much work :-)15:05
sommermathiaz: I'll start playing around with the bzr branching too, then we can come up with a game plan15:05
sommermathiaz: also on the agenda for intrepid is pdf version of the serverguide, which shouldn't be a big deal, but could be easier if there is another branch15:06
mathiazsommer: that could be another option15:07
bAndie9100hi all15:08
krautis it possible to see java-threads of a jvm with ps?15:08
bAndie9100i would make a special network, can u help me?15:08
=== lukehasnoname is now known as zaapiel
=== zaapiel is now known as lukehasnoname
_rubeninstalling jeos under hyper-v .. *shiver*15:15
mathiazsommer: hm - it took 8 minutes to branch the intrepid doc repository15:22
sommermathiaz: heh, still far better than the hardy docs15:25
sommermathiaz: but that is pretty long if you're focussing on just the serverguide15:25
mathiazsommer: glancing through the rules and control file, it seems that the serverguide has its own instructions15:28
mathiazsommer: so it could really be split from other parts15:29
sommermathiaz: cool, I'm all for it... I think the benefits outweigh any negatives15:30
mathiazsommer: from a packaging POV it would mean creating a new source package for it15:31
mathiazsommer: however we may need to keep track of the styles15:31
_rubenheh .. no network support for hyper-v during jeos install .. how surprising :p15:36
zulmathiaz: has that iproute SRU bug been uploaded yet?15:52
mathiazzul: yes - It's in -proposed15:53
mathiazzul: well - in the queue15:53
mathiazzul: but not accepted AFAICT15:53
zulyeah there is a samba sru and nut sru that hasnt been accepted yet either15:53
nealmcbserver team meeting in 4 minutes in #ubuntu-meeting15:56
HellMindguys, the install looks for fs-secondary-modules .ude , buts the file is .udeb16:23
HellMindwhy is that?16:23
HellMind8.04 amd6416:28
HellMindthe amd64 iso is wrong, the long filenames in it are wrong16:36
lukehasnonamemany server guys are in the meeting right now, they'll be back shortly after 11am EST16:37
HellMindhow many hours ?16:38
HellMind7 hours :S16:38
lukehasnoname20-30 mins16:38
HellMindanyone is using ispconfig or vhcs or similar?16:44
ivoksi use ispconfig16:54
ivoksudebs are 'debs' for debian installer16:54
=== Smaug is now known as Smaug|away
HellMindnice I will install ispconfig16:56
HellMindI'm saying that the iso amd64 is broken, the filenames are wrong16:57
HellMindthe names are chunked16:57
HellMindfs-secondary*  nic-restricted*16:57
LaserJockmathiaz: I need to head out in a bit, got a minute for the serverguide translation bit?17:02
mathiazLaserJock: sure17:02
mathiazLaserJock: I was wondering if we need to have the .po files in the bzr branch17:02
LaserJockyou need a .pot17:03
LaserJockthat'll then end up on Rosetta where it gets translated17:03
LaserJockthen when you go to do a release you download the .po tarball from Rosetta17:03
mathiazLaserJock: right - the .pot file is generated at some point when building the src pkg17:03
LaserJockmathiaz: actually, the .pot is kept in bzr17:03
LaserJockand is refreshed once in a while17:04
mathiazLaserJock: right - and for the server guide, there is also the .po files17:04
LaserJockok, so once you download the .po files17:04
LaserJockyou convert them back into docbook XML17:04
LaserJockso you don't need the .po files in bzr17:05
LaserJockjust the .pot and the translated docbook17:05
mathiazLaserJock: so now I'm stuck on convert back to docbook17:05
mathiazLaserJock: this is where the fr/, de/, etc... directory are created ?17:06
LaserJockso before translation you should have just a C/ directory17:06
mathiazLaserJock: are these on the website ?17:06
mathiazLaserJock: https://help.ubuntu.com/8.04/add-applications/ only show c/17:06
LaserJockoh right yeah17:06
LaserJockwe don't put translations on help.ubuntu.com17:06
LaserJockwe recommend that translations be put on LoCo websites17:07
mathiazLaserJock: ok - only in the binary debs17:07
mathiazLaserJock: and once you have the docbook xml for translated packages, you have to rebuild the html files ?17:07
mathiazLaserJock: or you just ship the docbook xml ?17:08
LaserJockah, that depends17:08
=== Nafallo_ is now known as Nafallo
LaserJockfor Ubuntu/Edubuntu at least we just ship xml17:08
LaserJockI imagine you guys will want html at least17:08
mathiazLaserJock: that's because yelp is able to read docbook17:09
LaserJockor maybe info17:09
LaserJockmathiaz: yes, exactly17:09
LaserJockI'm not sure what KDE does these days, it used to do just HTML I think17:09
mathiazLaserJock: ok - to go back on the .pot file process, you need to upload it manually ?17:09
mathiazLaserJock: or LP figures out automatically when there is a .pot file in the src deb ?17:10
LaserJockthere might be some work with the Rosetta admins17:10
mathiazLaserJock: yeah - to which question ?17:10
LaserJocksince it's not a normal package17:10
LaserJocksorry ;-)17:11
LaserJockit extracts them from source packages17:11
LaserJockso you generate the .pot and put that in your source package17:11
mathiazLaserJock: ok - thanks for the input - I think I better understand the whole workflow now.17:11
mathiazLaserJock: then you upload the src pck to LP and it will show up in rosetta automatically17:12
LaserJockpretty much17:12
LaserJockthe first time it might take some pushing :-)17:12
LaserJockbut once the LP admins approve the .pot the first time it's automatic17:12
mathiazLaserJock: ok - gotcha - thanks !17:13
LaserJockbut actually right now it's already in Rosetta17:14
nxvlbtw i forgot to mention on the meeting17:14
LaserJockmathiaz: https://translations.edge.launchpad.net/ubuntu/hardy/+source/ubuntu-docs/+pots/serverguide17:15
nxvlScottK (or persia) suggested me to backport augeas to hardy for testing and playing17:15
nxvldid you think is a good idea?17:15
LaserJockmathiaz: I gotta run now, but if sommer needs help with scripts, etc. for translations have him email me17:16
LaserJockmathiaz: I had to figure all this stuff out for edubuntu-docs and have scripts for generating .pots and coverting .po to docbook17:17
mathiaznxvl: that may be helpful in the begining of the release cycle17:21
mathiaznxvl: to get people started in the next few weeks17:21
mathiaznxvl: but after feature freeze, we definetly want to focus on intrepid17:21
nxvlmathiaz: so, you suggest to try to backport it inmediately after it reachs the archive?17:23
mathiaznxvl: yes - I'd put it in a ppa17:23
mathiaznxvl: and point people to the ppa17:24
nxvli forgot about ppas17:24
nxvli will upload it tonight17:24
nxvlnow need to work17:25
nxvlread you later!17:25
uvirtbotNew bug: #246664 in samba (main) "during winbind upgrade running desktop is harmed" [Undecided,New] https://launchpad.net/bugs/24666418:11
tolunHi everyone...18:24
tolunmy email server cannot generate pgp...18:25
tolunI am using ubuntu 8.04.1 server x64 + atmail18:26
=== Smaug|away is now known as Smaug
tolunHow can I check that pgp is installed correctly and works fine?18:35
HellMindI'm trying to install the amd64 ubuntu server 8.04 from an usb pendrive to a raid 1 lvm partitioned disk with a mobo g33 intel. I got multiple problems :(18:36
HellMindI finished the installation but it doesnt show me the login screen18:37
ikoniatolun: your trying to get your mail server to pgp sign mails ?18:37
ikoniaHellMind: what does it show you18:38
tolunikonia, yes...18:38
ikoniatolun: your client pgp signs mail, not the server normally18:38
HellMindthe last thing it does is  loop, module loaded18:38
ikoniatolun: your mail server just delivers what your client injects into it18:38
ikoniaHellMind: you've installed, and then rebooted ?18:39
ikoniaHellMind: I'm just checking18:39
ikoniaHellMind: you get grub and it walks through the start up sequence ?18:39
HellMindif i press ctrl alt del the login screen apears, but everything is incomplete and with errors18:39
HellMindyes grubs its ok18:40
ikoniaHellMind: when you say login screen, do you mean the gdm desktop, or just a shell login ?18:40
HellMindthe only error i can se is, abnormal exit of modprobe18:40
HellMindno shell18:40
HellMindi mean, shell , no gdm18:40
ikoniaHellMind: can you boot into single user mode (add single on the end of your kernel boot options)18:40
tolunikonia, yes you have right... and I know that... Webmail part try to create a pgp key for a one account but server does not response back...18:40
ikoniatolun: the mail server does nothing for pgp18:41
ikoniatolun: what are you expecting the server to do ?18:41
tolunI understand from atmail product that it takes pgp requests and it creates on server's pgp application and it returns back this key to user via webmail18:43
HellMindit does the same, I think the install weren succesfully18:44
HellMindi cant se the /var/log dir18:44
HellMindit is recommended having multiple lvm partitions?18:44
ikoniaHellMind: the layout doesn't matter as long as it has / and swap18:44
tolunikonia, I understand from atmail product that it takes pgp requests and it creates on server's pgp application and it returns back this key to user via webmail18:44
ikoniatolun: I have no idea how that would work,18:45
tolunikonia, it is really interresting... How can I check that server's pgp is working?18:46
ikoniatolun: I've not idea, I can't see a way to allow a mail to manage pgp18:47
tolunikonia, ok not problem... do you know that how can I check only the pgp application?18:48
ikoniatolun: test it on the command line18:48
ikoniajust make a pgp key18:48
ikoniamake a file then try to sign it18:48
tolunikonia, how...:'(18:49
ikoniatolun: man pgp it's 3 steps, 1  create key 2. create object 3. sign object with key18:49
tolunikonia, here is the result for your advertisement.... man pgp No manual entry for pgp18:51
tolunSee 'man 7 undocumented' for help when manual pages are not available.18:51
ikoniablue-frog_: thank you !18:52
tolunblue-frog, thanks...18:52
HellMindI think my problem is because I configured the raid 1 using debian, the raid ar /dev/mdx, ubuntu is trying to use it, or remove it here /dev/md/x18:54
ikoniaHellMind: shouldn't matter18:56
ikoniaHellMind: the path is /dev/md$x, not /dev/md/$x18:56
HellMindhow can I unisnstall the raid to start again18:58
HellMindfrom 018:58
HellMindbecause the installer inst work18:58
ikoniaHellMind: remove the partition18:58
HellMindhow :S18:59
HellMindthe /dev/md0 is there18:59
ikoniaHellMind: ok, thats a good thing18:59
ikoniaHellMind: use the installer to format it18:59
ikoniaHellMind: your good to go18:59
HellMindmy hds hav no partition :(19:00
ikoniaHellMind: they shouldn't have if you've put them in a raid config19:00
ikoniaHellMind: you may want to mirror on a partition level, or slice up /dev/md019:00
HellMindI want to delete the previous /dev/md0 1 2 raid19:07
HellMindthe installer is wrong again19:07
HellMinddunno what it executes but it fails, it says the partition is in use and the syslog says /dev/md/0 isnt exits, which is true, the raid is/dev/md019:08
HellMindis there a way to restart the installer without booting again?19:14
tolunhi again guys....19:20
tolunI have problem with creating a pgp key... it says that it needs more 300bytes for generating the key... How?19:21
tolunthe original message is: "Not enough random bytes available.  Please do some other work to give19:22
tolunthe OS a chance to collect more entropy! (Need 300 more bytes)"19:22
tolunHow can I generate random bytes for it?19:23
uvirtbotNew bug: #246702 in glibc (main) "[CVE-2008-1447] Randomize DNS query source ports to prevent cache poisoning" [Undecided,New] https://launchpad.net/bugs/24670219:42
HellMindI MADE IT20:22
HellMindthe error was in the bios :S, with 1m on the vga it hangs, with 8 no20:23
telexicon_I'm trying to install ubuntu server 8.04 on a poweredge 2450 but its throwing up a bunch of errors when trying to read packages from the cd during install: Exception Emask 0x0 Sact 0x0 Sett 0x0 action 0x2 frozen -> soft resetting link, eventually it fails with an I/O error20:23
ScottKmathiaz: My regrets on missing the meeting today.  I had a family emergency to deal with.  How did the meeting go?20:23
mathiazScottK: hope all is well on your side - it was busy busy20:26
ScottKIt's all done.  We had to put one of our dogs down last night and one kid was at camp 2 1/2 hours drive away.  So I went and got her last night and then took her back this morning.  Then I crashed.20:29
kirklandmathiaz: hey....20:36
kirklandmathiaz: I just ran into a nasty little situation with the lsb status_of_proc() that causes it not to operate properly, if run by a non-root user20:37
keeskirkland: shellfoo?20:38
kirklandkees: well, only slight....20:38
kirklandkees: so in /lib/lsb/init-functions, you'll see a pidofproc() function20:38
kirklandkees: which is used by my status_of_proc() function20:38
kirklandkees: it tries to intelligently determine a proc's pid20:38
kirklandkees: it seems, however, there's a strange dependency on being root20:39
kirklandkees: if $pidfile exists, it tries to run "kill -0"20:39
kirklandkees: to determine if the process can be sent signals20:39
kirklandkees: well, not root necessarily, but the owner of the process20:39
keeswell, it expects you to be able to kill the process you're querying20:40
kirklandkees: ideally, querying status should be a non-priv operation, IMHO...  your thoughts?20:40
keesyou mean for the "status" init command?20:40
kirklandkees: yup20:41
keesI'd say it'd be nice, but not really a requirement20:41
kirklandkees: further down in that pidofproc() function it uses /bin/pidof20:41
kirklandkees: that works fine as not-the-owner-of-the-process20:41
keessome processes need extra perms to know for sure if they're operating correctly20:41
keesI'm assuming the kill-test is to make sure the process isn't zombie.20:43
keesthat's the only thing I can think of20:43
kirklandkees: right...20:43
kirklandkees: hmm, i'll have to think on this a little more20:44
keesanother option seems to be to make the pid file not world-readable20:44
keesthen it won't try the kill test20:44
kirklandkees: that seems a little heavyweight20:44
keesmaybe do a uid check?20:45
kirklandkees: i think i could more centrally test access on that file in addition to doing the file check20:45
ivoksare we aware of http://www.isc.org/index.pl?/sw/bind/index.php20:47
kirklandivoks: i saw jdstrand comment on it earlier on #ubuntu-devel20:47
ivoksthis means all DNS software20:47
keesivoks: yeah, it should be in the archive in about 40 minutes20:48
ivoksvery nice20:48
ScottKkees: Do we have a fix for the libc stub resolver too?  Debian says they don't.20:49
keesScottK: we don't, and I've been attempting to more information about that.20:49
ScottKWork around is install BIND I guess.20:50
keesyeah, or trust your upstream DNS resolver and network20:50
kirklandkees: what if I changed it to: if [ -f "$pidfile" && -r "$pidfile"] ?20:50
kirklandkees: check if it's readable....20:51
keesthe -f is redundant20:51
keesbut that's already handled20:51
kirklandkees: what about the "and is a regular file" part of -f?20:51
keesyour problem is when it's readable, but not your process20:51
keesit's no greater race than the -f/read case.20:52
kirklandkees: my bad... I need -O, True if file exists and its owner matches the effective user id of this process.20:57
keesowner of the file may not be the uid of the process, though.20:58
ph8hey all, i'm trying to convert an ubuntu desktop install to ubuntu-server with apt - can anyone tell me if the server repositories are different? or do i just need to install some kind of 'server' package?21:06
infinityph8: It's the same repositories, there's nothing to "convert", except to install a different kernel flavour, and to remove a lot of packages (ubuntu-server is pretty bare-bones)21:07
infinityph8: If you don't care about removing all the packages (and, really, if you did, you might just want to reinstall), then you're just left with the kernel... apt-get install linux-server21:08
ph8i would reinstall but i've just setup my raid and i think it might be quicker for me to wildcard off a load of packages21:09
ph8thanks i've just installed linux-image-server21:09
ivoksand people say that linux servers are hard to install21:13
HellMindare imposible to install21:14
HellMindisnt easy having the appliance already done in a vm :S21:14
kirklandkees: okay, i'm going to have to take a different approach21:23
kirklandkees: namely, status_of_proc() will not use the pidofproc() function.  rather, it'll use /bin/pidof21:23
keeskirkland: well, but that may ignore the pid files.  that's the expected behavior21:39
kirklandkees: yes, it will ignore pidfiles21:39
kirklandkees: do you see a problem with that?  it'll look for a daemon of a given name, specified in the init script21:39
keeskirkland: I'm confused, are you adding a new function or rewiring an old one?21:40
kirklandkees: i wrote status_of_proc() from scratch...  was recently applied to Ubuntu's lsb package21:41
kirklandkees: there are no users of that function yet21:41
kirklandkees: i'm working on a stack of patches to use it21:41
kirklandkees: that's when i came across this process ownership bug21:41
keesaaaah, okay.  then I'm cool with the change you suggested.  :)21:41
keesnote though, that some things may misbehave -- e.g. sendmail has multiple PIDs, but only the master pid in the pid file.21:42
kirklandkees: right, apache too, huh?21:43
kirklandkees: see: https://bugs.edge.launchpad.net/ubuntu/+source/lsb/+bug/24673521:46
uvirtbotLaunchpad bug 246735 in lsb "status_of_proc() calls pidofproc() which calls kill, requiring ownership privileges on the process" [Undecided,New]21:46
kirklandkees: patch at the bottom21:46
kirklandkees: doko sponsored my last upload, i guess i can talk to him about this fix21:46
keeskirkland: okay, cool21:49
gregbradywhat software examines/blocks sshd access to a computer?  It updates the hosts.deny file.21:53
gregbradyI think it allows 5 attempts or something and then adds that ip address to the hosts.deny file.21:54
gregbradyI think it allows 5 attempts or something and then adds that ip address to the hosts.deny file.21:55
kirklandkees: doko doesn't appear active.  any chance you can review and apply the lsb fix?  All of the rest of my patches depend on it, as I'll need lsb-base (>= 3.2-12ubuntu2) in each package's debian/control file21:57
kirklandzul also offered some review/sponsoring/uploading too..........  pretty please?21:57
keeskirkland: well, the archive is currently in soft freeze...22:00
kirklandkees: oh...  hmm, what does that mean?  is that to spin cd's or something?22:00
gregbradyivoks, thank you....22:01
keeskirkland: yeah, alpha 2 is being spun thursday.  we're in freeze until after alpha 2: https://lists.ubuntu.com/archives/ubuntu-devel-announce/2008-July/000446.html22:03
kirklandkees: hmm, well, this change is not disruptive, perhaps unnecessary22:04
kirklandkees: i'll ping slangasek about it22:05
keeskirkland: okay22:05
kirklandkees: thanks!22:05
keeskirkland: np.  :)22:05
kirklandkees: see slangasek's comment in #ubuntu-devel....22:10
kirklandkees: are you willing/able to sponsor, or should I knock on someone else's door?22:11
keeskirkland: I can do it, what's the bug #?22:13
kirklandkees: https://bugs.edge.launchpad.net/ubuntu/+source/lsb/+bug/24673522:14
uvirtbotLaunchpad bug 246735 in lsb "status_of_proc() calls pidofproc() which calls kill, requiring ownership privileges on the process" [Medium,In progress]22:14
nxvlkirkland: we are having the lsb patch included today?22:14
nxvlkirkland: or just in ubuntu22:14
kirklandnxvl: it was included in ubuntu a month ago or so22:15
kirklandnxvl: Debian agreed to it in principle, want to wait until they open up their archive22:15
* nxvl is not following it22:15
kirklandnxvl: i found an issue with the way pidofproc() is implemented, requiring root privileges22:15
kirklandnxvl: i reworked status_of_proc() to use /bin/pidof rather than pidofproc() to get around that22:16
keeskirkland: your patch would case pidof output to appears on stdout22:16
kirklandkees: okay, i need a >/dev/null22:16
nxvlaugeas has took my life for the past month22:16
keeskirkland: ah, yeah, that's in the prior version, cool.22:16
kirklandkees: one sec22:17
kirklandkees: okay, fixed22:17
kirklandkees: anything else before I update the debdiff?22:17
kirklandkees: I also switched status=1  to status="1"22:17
keeskirkland: cool, I think that's fine22:18
kirklandkees: updated patch posted22:19
nxvlaugeas hasn't reach the archive and i have already received 3 new lenses22:31
* nxvl loves FOSS Community work22:32
tester_I am having troubles loading DBDriver mysql.  I've put an explanation of my problem at: http://pastebin.com/mb23133  Anyone got a moment to help me?22:35
* delcoyote hi22:41
runescan anyone help with virtual hosts files in Apache using hostname?22:57
owhkirkland: Nice catch on the status_of_proc()23:50
kirklandowh: thx.23:50
owhYou seem to have been a busy boy :)23:51
kirklandowh: i've just finished a batch of patches for at, bind9, cron, openssh, samba, sysklogd23:51
owhI saw those come past, haven't looked yet. Are they different from the ones we made before?23:51
kirklandowh: yeah, slightly23:52
* owh has a gander.23:52
owhemgent: Salutations.23:52
owhkirkland: Just the depends?23:54
kirklandowh: yup23:54
owhCool, I didn't know how to do that and didn't get around to ask anyone.23:54
* owh hasn't stood still for some time :(23:54
kirklandowh: no problem...23:55
owhExcellent, onto the next problem :)23:55
owhHow did the meeting go today, that time is really, really bad for me :(23:55
owhkirkland: Hmm, did you see this comment: (permalink)  <https://bugs.launchpad.net/ubuntu/+source/lsb/+bug/203169/comments/12>23:56
uvirtbotLaunchpad bug 203169 in sysklogd ""status" function for init scripts" [Wishlist,In progress]23:56
owhkirkland: Especially the "exit $?" a completely redundant no-op...23:57
kirklandowh: right, i fixed the versioned dependency thing23:57
owhkirkland: Yeah, I'm talking about the second point.23:57
kirklandowh: right, so my response is (a) exit $? doesn't hurt23:58
kirklandowh: (b) "most" != "all"23:58
* owh is waiting for the punchline :)23:59
kirklandowh: (c) in the case that $?=0, we're explicitly exiting with the status, not executing anything else beyond23:59

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!