[00:51] Please help. Ubuntu 2.6.24-19-server. System clock is running fast, and ntpd is setting it back many times a day. Example : "Jul 19 15:58:00 synserv ntpd[5564]: time reset -141.725880 s". This is causing other time sensitive daemons to commit suicide. How would I find out why the system clock is fast, and ultimately resolve the issue? [01:33] Please help. Ubuntu 2.6.24-19-server. System clock is running fast, and ntpd is setting it back many times a day. Example : "Jul 19 15:58:00 synserv ntpd[5564]: time reset -141.725880 s". This is causing other time sensitive daemons to commit suicide. How would I find out why the system clock is fast, and ultimately resolve the issue? === nealmcb1 is now known as nealmcb [01:40] godsyn: ntpd would never do that. ntpdate would - a separate but related package [01:41] removing ntpdate wants me to remove ubuntu minimal :/ [01:41] godsyn: one guess is that you have a bad clock in your list of servers, so look at how it is configured. ntpq -p should tell you more [01:41] don't remove it - fix it [01:42] but fyi ubuntu-minimal is not itself a big deal if you ever do really want to remove something that depends on i [01:42] it [01:42] it is a metapackage [01:43] what is an ideal offset for an ntp server? [01:44] well, I assume ideal would be 0, what is tolerable? [01:44] it should get below 30, 0.5 is nice [01:44] milliseconds [01:45] -5.009 0.774 for #1. still, doesn't account for the 141 second change. [01:45] is there one that is way off? [01:46] which server is it? [01:46] that is the most. -ntp2.your.org 216.218.254.202 2 u 42 64 377 45.960 -5.009 2.657 [01:47] but it just changed 15 mins ago... Jul 19 20:32:44 synserv ntpd[6800]: time reset -38.871876 s [01:47] so it'll get worse over the next few hours. [01:48] perhaps something else is setting the time [01:49] if so, it fails to mention in messages or daemon.log, and does it whenever it pelases. [01:53] godsyn: very odd.... [01:54] paste the other lines of the ntpq -p output (should only be one or two) [01:54] brb [01:57] it is a bit, but seeing as there aren't many active the spam shouldn't be too much. sec. [01:57] remote refid st t when poll reach delay offset jitter [01:57] ============================================================================== [01:57] -ntp2.your.org 216.218.254.202 2 u 6 64 377 44.885 -4.632 1.517 [01:57] +wsip-98-172-32- 68.0.14.76 2 u 25 64 377 80.182 1.876 2.838 [01:57] -mirror 128.118.25.3 3 u 16 64 377 39.499 2.942 0.935 [01:57] +puttynuts.com 18.145.0.30 2 u 15 64 377 47.327 -1.202 0.918 [01:57] *europium.canoni 193.79.237.14 2 u 33 64 377 120.256 -0.650 0.847 [01:59] server 0.us.pool.ntp.org; server 1.us.pool.ntp.org; server 2.us.pool.ntp.org; server 3.us.pool.ntp.org; server ntp.ubuntu.com (from ntpd, enter replaced with ";" to reduce line feed spam)) [01:59] *ntp.conf [02:05] godsyn: so that looks great - they all agree within a couple ms - but what is ntpdate using as a reference? [02:05] * nealmcb forgets how ubuntu configures that - looks in init.d [02:06] what is in /etc/init.d/ntpdate? [02:06] 404 [02:07] hmm - I guessing that ntp has changed how it works since I last looked... [02:08] /etc/default/ntpdate == "NTPDATE_USE_NTP_CONF=yes; NTPSERVERS="ntp.ubuntu.com"; NTPOPTIONS=""; [02:08] any log info in /var/log/ntp or the like? [02:08] nothing conserning ntpdate. just ntp saying that it is changing the time. [02:08] has this just happened twice, or for a while? [02:08] a while.. [02:09] dovecot (kills itself if time changes for more than 5 secs) tipped me off about a ?week? or 2 ago. [02:09] today, i finially decided to research it. [02:09] what is mirror? [02:09] I've learned how to use ufw to configure my firewall. How do I set it up so that my rules will be applied when the system reboots? I think it resets to the default when it reboots. [02:10] I'd assume the 3rd ntp server. I'll remove it and see if it goes away. [02:12] well, that was dumb.. I restarted ntpd to apply the changes.. turns out the ntp servers listed above point to wherever the hell they want. ntpq -p now returns : [02:12] clock1.redhat.c .CDMA. 1 u 3 64 1 63.321 -6.123 0.001 [02:12] ntp2.your.org 216.218.254.202 2 u 2 64 1 57.787 3.215 0.001 [02:12] skywagon.kjsl.c 69.36.224.15 2 u 1 64 1 75.025 2.625 0.001 [02:12] europium.canoni 193.79.237.14 2 u - 64 1 132.476 6.020 0.001 [02:12] yeah - the pool effect [02:12] sorry - that's the best I can do right now - gotta run.... [02:12] still nothing over 7, but you can see, it is slowly getting worse.. [02:13] thanks for the assistance! [02:13] :) [02:14] kaje, how are you making your changes? [02:14] ufw allow ssh [02:15] for example [02:15] see /etc/ufw/* [02:15] ie : /etc/ufw/before.rules [02:16] what do I put in there? ufw allow ssh? [02:17] Hi there, can anyone suggest a company to buy a PXE bootable thin client from (the mini-pc variety, preferably VESA mountable)? [02:17] for example: http://www.norhtec.com/products/mcsr/index.html [02:18] oh.. kaje : [02:18] ufw allow ssh enable (enable / diable to enable / diable on boot) [02:20] Trying to mount an nfs share from a hardy box with -t nfs4 is giving me the error of "Operation not permitted". Mounting it with -t nfs works fine. Could anyone point me towards why ? [02:22] oh, it does save it between boots... nevermind. Thanks for the help [02:25] sef : i'm assuming that is being ran with root priviledges, right? [02:25] can I get the full error? [02:36] I'm trying to use the web interface to configure my cups server, but when I go to 192.168.1.5:631, it gives me a 403 Forbidden error... Any thoughts? [02:43] kaje : yep, sec. [02:44] see /etc/cups/cupsd.conf [02:44] much like htaccess [02:45] better? [02:51] guess so [03:48] is there a command to type to get a listing of computers on network?? thanks inadvance [03:49] arp? === hessml|away is now known as hessml|away|away [03:54] linos: even for a local network there is not a foolproof one. [03:55] linos: tell us more about what you're trying to do [03:55] nealmcb, I was told smbtree would work. does that sound correct? [03:56] linos: tell us more about what you're trying to do [03:56] that might tell you something about computers that are connected to a samba server, but that is a different thing [03:58] but it is sort of like network neighborhood. but other computers could be lurking [03:58] hads, well, I have a network here a home and I would like to rdesktop a windows pc from my ubuntu edgy system. so I was looking for an easy command to type to obtain the ip addresses on my network [03:58] avahi is another option - zero configuration networking [03:59] I use "service-discovery-applet" to find cooperative local machines [03:59] but I think windows machines are less likely than macs or linux machines to be configured with avahi [03:59] DNS? [04:00] yes [04:01] nealmcb, so there really is no direct command to type to obtain all ip addresses on my local lan [04:02] linos: correct - networking is a very diverse sort of thing [04:02] ok [04:02] thanks for the tip [04:02] but again it depends on what you want. you can easily configure [04:03] multiple machines to cooperate with avahi to make them all easy to find [04:03] but you can't count on using that to find hackers on your wifi channel etc [04:04] avahi uses mdns, a form of dns === hessml|away is now known as hessml|away|away [06:11] anyone lurking? =) [09:28] hello, I have installed a vpn server, and clients are successfully join the network, but they can only see the vpn server machine, the other two servers aren't accessible, any ideas ? === freaky[t] is now known as fReAkY[t] [10:21] ip forwarding isn't enabled [10:21] and/or your routers dont know that the vpn subnet goes via the vpn server [10:21] so the other 2 servers get a ping from an ip that they have no specific routing for, forward it to their default router, which doesn't know that it's supposed to to the vpn server and sends it on elsewhere / bins it [10:30] exot: ^^ [10:34] Deeps, hi hi [10:34] Deeps, u mean I should install a gateway server and vpn installed on , right ? [10:35] exot: no, simply that your router needs to know the route for the vpn client's ip range [10:35] hmm [10:35] if your network is on 192.168.0.0/24 and your vpn server on 192.168.0.200 and your vpn clients on 10.200.1.0/24 [10:35] you'd need to tell your router that 10.200.1.0/24 is routed via 192.168.0.200 [10:36] easiest way is to configure that as a static route [10:36] great [10:36] I got it [10:36] but regarding to the dns server [10:36] my www server make some redirections [10:37] so, I should tell the dns somehow to resolve special ip's for vpn clients [10:38] if you need resolution based on query ip, BIND has a feature called 'views' that would probably serve you [10:38] I see .. I will look for it [10:38] thank you really Deeps === fReAkY[t] is now known as freaky[t] [12:38] i installed apache, how do i release the server to the world so that people can see it from my external ip address? [12:39] www.portforward.com ? [12:39] by default apache binds to 0.0.0.0:80 [12:39] so anyone can acccess it as long as your router/firewall permits [12:39] default firewall rules tends to be very relaxed too afaik [12:51] my external ip is http://196.38.218.25, it connects but times out, whats the problem there? [12:54] your router or firewall isnt allowing access (didn't i say that already?) [13:13] anyone else had the problem of networking seemingly just failing for no explainable reason? iwconfig thinks it's still connected, but the machine cannot be reached via ping, ssh or samba share, and needs to have it's network connection reset in order to function again. (Feisty) [16:14] hi, i need to setup a mail server (dovecot, postix, squirrelmail) and a proxy server (squid), and to login ina centralized openldap... so there is some web interface to manage openldap in ubuntu server? [16:36] !ebox | danilom [16:36] danilom: ebox is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/eBox [16:37] !ldap [16:37] LDAP is the Lightweight Directory Access Protocol. For more information and installation instructions, see https://help.ubuntu.com/community/OpenLDAPServer [16:37] nealmcb, so it dont use phpldapadmin [16:38] danilom: "it"? [16:38] nealmcb, i mean ubuntu server [16:39] ubuntu server offers several gui admin tools for ldap, as noted in the help link above [16:39] nealmcb, thanks [16:41] * nealmcb add eBox to https://help.ubuntu.com/community/OpenLDAPServer [16:41] danilom: my pleasure [16:41] danilom: and let us know how it works out for you and what you prefer! [16:43] nealmcb, well im asking first, i need to install postfix, dovecot, squirrelmail, squid, samba.. and authenticate it to a openldap.. so im listening for some suggestion... [16:44] run tasksel to get most of the mail stuff nicely integrated, then add stuff like squirrelmail etc [16:44] but I don't know the details of getting mail using ldap - the experts like scottk may be more active during the week [16:44] nealmcb, the thing is, after i setup all the servers with openldap... some people remain, and need to manage accounts.. but more of these people really dont know what a console is... [16:45] ...getting mail *servers configured* using ldap [16:45] so im looking for a nice interface... [16:59] nealmcb: I've never had to do ldap myself. From what I've read, it's not so hard from a Postfix perspective once you get the ldap stuff set up. === jjesse_ is now known as jjesse [17:00] There are quite a number of how-tos for using ldap to get valid recipients out of an Exhange box, so I suspect they'd be useful as well for a more general case. [17:00] ScottK: ok. I was wondering about using ldap for stuff like squirrelmail and dovecot also [17:00] danilom: ^ [17:00] * ScottK is not the guy to ask about ldap. [17:00] heyyyyyyyyyy guys \o/ [17:00] ScottK <3 [17:00] * ScottK has a project in mind that'll need it, but I haven't actually gotten to that stage yet. [17:00] Heya Kludge^WalesUK [17:01] ok im reading nealmcb [17:01] howdy dudey! \o/ i has my server now. It's all up and running and was almost painless apart from a few things virtualization didn't account for :D [17:01] so who are our best ldap+mail gurus? I wonder if ispconfig does anything like that [17:01] next lil thing is trying to get a file web-server set up (done that bit) just want it to be authenticated =/ [17:03] nealmcb: ispconfig does a LOT of things, so it's probably not the best way to figure it out. [17:03] nealmcb: Did sommer put anything in the server guide about it? [17:04] are you at all familiar with apache, ScottK? [17:04] Kludge^WalesUK: No. I'm more of a mail server guy than a web server guy. [17:04] ScottK: about ldap and mail? I don't know. But he's highlighted now :) [17:04] There are others here that are. [17:05] nealmcb: Yeah. That was my intent. We'll see. [17:05] hmm cool. I've googled for a few hours, and as far as i can see its something to do with .htpaccess and .htpasswd [17:05] I have webmin installed to see if it'd help me any, it helped a little but doesn't do what i need it to do with apache i'm hoping to learn quite a bit here, and to eventually be able to give advice =) google IS my friend, but gugh, sometimes i've googled for 2hrs or more just to get something to work because some tutorials miss out a step that a techy would just naturally fill-in, a n00b wouldn't know theres a step missing :P [17:18] Kludge^WalesUK: I'd encourage you to work from the Ubuntu Server guide as much as possible and where you find such holes, report them so we can fix them. [17:19] there's a server-guide?! [17:23] Kludge^WalesUK: http://doc.ubuntu.com/ubuntu/serverguide/C/ [17:23] * Kludge^WalesUK clicketh [17:27] nice one! book marked and will definitely look over :D [17:27] !serverguide [17:27] Sorry, I don't know anything about serverguide [17:28] * nealmcb remembers he was gonna talk to sommer about that factoid - oops [17:30] !search server [17:30] Found: aptproxy, ftpd, mldonkey, mda, smtp, teg, ubuntu-server, identify, torrents, compiz [17:30] * ScottK wonders why the server guide is still stamped draft. [17:30] !serverguide is The Ubuntu server guide may be found at http://doc.ubuntu.com/ubuntu/serverguide/C/ [17:30] I'll remember that, jpds [17:31] nealmcb: There you go. [17:31] jpds: you rock! [17:34] Kludge^WalesUK: note also the reference to the serverguide in the /topic, and many other handy things [17:35] i've been idling here for a few days, I didn't notice the topic :X maybe an ONJOIN /notice would be better noticed? [17:36] !ntfs [17:36] To view your Windows/Mac partitions see https://help.ubuntu.com/community/AutomaticallyMountPartitions - For NTFS write access, see /msg ubottu NTFS-3g or /msg ubottu FUSE [17:36] Is there an "easy" way to convert from 32bit to 64bit installs? I have a couple of machines I'd like to go 64bit with 32 bit installs. [17:36] ubottu: ntfs is To view your Windows/Mac partitions see https://help.ubuntu.com/community/AutomaticallyMountPartitions - For write access, see !NTFS-3g or !FUSE [17:37] jpds: I guess I'm still not on the approved list, so if you want to update that one also, be by guest [17:37] (since some channels use other bots like ubot3) [17:38] !fuse [17:38] FUSE (Filesystem in Userspace) is a !kernel driver that allows non-root users to create their own filesystems. See http://en.wikipedia.org/wiki/Filesystem_in_Userspace for more on FUSE. Some examples of filesystems that use FUSE are !ntfs-3g, sshfs and isofs. A full list of Filesystems that use FUSE is here: http://fuse.sourceforge.net/wiki/index.php/FileSystems [17:38] !ntfs is To view your Windows/Mac partitions see https://help.ubuntu.com/community/AutomaticallyMountPartitions - For write access, see !NTFS-3g or !FUSE [17:38] But ntfs already means something else! [17:38] !no, ntfs is To view your Windows/Mac partitions see https://help.ubuntu.com/community/AutomaticallyMountPartitions - For write access, see !NTFS-3g or !FUSE [17:38] I'll remember that jpds [17:39] :) [17:39] going to assume noone knows of a way. Thanks anyways. [17:40] GodSyn_BB: I doubt it [17:40] was afraid of that. [17:41] except remembering packages via dpkg --get-selections for remembering packages etc [17:41] /13 [17:42] * nealmcb wonders about easy ways to sync changes from /etc - and whether any packages have configs that differ between 32 and 64 bit [18:13] * delcoyote hi [18:22] anyone adept with apache about? =) [18:33] Kludge^WalesUK: You'll rarely hear a response to that sort of question here, as discussed in the Guide to asking questions on IRC. Just ask your question. (And I find sometimes that just forcing myself to actually ask a good question leads me to find out the answer myself) [18:33] (see /topic again) [18:34] okie. i'll re-read, thankies === ScottK2 is now known as ScottK [19:07] anyone else had the problem of networking seemingly just failing for no explainable reason? iwconfig thinks it's still connected, but the machine cannot be reached via ping, ssh or samba share, and needs to have it's network connection reset in order to function again. (Feisty) [21:10] seems compression does not work even its enabled in the backuppc config, anyone any ideas? [22:23] is it possible to run an ftp server over port 110? [22:26] Anything is possible [23:05] i have a really serious problem, my /var/logs are 2.2GB, including kernel log of like 700MB. I'm currently locked out even over SSH. the / is 100% full, and the swap is 72% full... Can i safely reboot? =/ [23:05] Quite possibly not. If / is full bad things will happen. [23:06] i have no idea what's been writing such huge logfiles. I'm thinking its the "monitoring" function of my OVH manager [23:06] Running mysql? [23:07] no, i think i was trying to install that and it failed... to the point eventually i got a message that the device was full =/ [23:17] what exactly is likely to happen if i issue a "hard reboot" nothing is responding, not the httpd SSH, or VNC [23:26] Unsure, you may need console access to access to bring it back up. [23:28] where would one best request a backport of an intrepid package to hardy?