[00:35] <nxvl> Chipzz: i runed dch -i and it asked me what to use
[00:36] <nxvl> Chipzz: that's why it's so awesomw
[00:53] <nxvl> zul: ping
[00:56] <Chipzz> nxvl: yeah but still, dpkg -P nano is way easier, shorter, and more permanent (and has more effect on other things beside just dch)
[00:56] <Chipzz> but, whatever works for you :)
[00:57] <nxvl> Chipzz: actually no, what kirkland has do is a script that manages dpkg --reconfigure
[00:58] <nxvl> Chipzz: so it's the same
[00:59] <zul> nxvl: yo
[02:50] <uvirtbot`> New bug: #257153 in openldap2.3 (main) ""TLS: peer cert untrusted or revoked (0x82)" error in Hardy's version of ldap-utils" [Undecided,New] https://launchpad.net/bugs/257153
[03:09] <jmazaredo> when i plug my ubuntu server my network gets problematic, gets connection time out, i tried changing the lan card but no avail. it is working before
[04:04] <Karamon> Hello, when I run ( # named -g -p 53 ) it fails with "loading configuration: empty label"  .. I want to set up a local domain '.lan' and serve it for my dev server.  Are there some conf files that I can pastebin that would be helpful for troubleshooting?
[04:04] <jmedina> Karamon: named-checkconf /path/to/named.conf
[04:06] <Karamon> jmedina: Would it return something if something didn't check out?  I run that and I don't even get a empty line, just another system prompt.
[04:06] <jmedina> mmm
[04:06] <Karamon> (bash prompt, whatevah)
[04:06] <jmedina> Karamon: could you pastebin your named.conf?
[04:07] <Karamon> Sure
[04:08] <Karamon> http://pastebin.com/de816730   the lines with ---s aren't really in the files, just to denote which file it is
[04:11] <jmedina> Karamon: im not sure if you need a second tld inyour zone definition
[04:11] <jmedina> not .lan
[04:11] <jmedina> something like dev.lan
[04:12] <Karamon> How would I access "http://foo.lan" from a computer in the network?
[04:12] <Karamon> Or is that not allowed?
[04:14] <Karamon> And wouldn't the conf checker return an error?
[04:14] <jmedina> mm you mean foo as the host part?
[04:14] <jmedina> or foo as the domain
[04:15] <Karamon> foo would be anything I defined in my db.local file
[04:15] <Karamon> test.lan, iloveubuntu.lan, bindsucks.lan
[04:15] <Karamon> :P
[04:16] <jmedina> Im not sure, I always worked with fqdn
[04:16] <jmedina> never tried that
[04:18] <Karamon> Well doing dev.lan did get named running then throw a whole bunch of errors about all the .lan domains I set up :P
[04:18] <jmedina> Karamon: have you tried zone "lan"
[04:18] <ajmitch> Karamon: you don't want to have the . prefix on .lan, it should work with just 'lan'
[04:19] <Karamon> Ahh
[04:20] <Karamon> Like magic
[04:20] <Karamon> One little period (just like semicolons in programming)
[04:20] <Karamon> Thanks!
[04:22] <Hypnus9> Hi room. I am running ubuntu server *.04 on my desktop, and when I try to access it via ssh, I get a connection refused message. What would cause this?
[04:22] <ScottK> Hypnus9: Did you install the ssh server?
[04:22] <Karamon> Where are bind9 log files kept?
[04:23] <Hypnus9> Yep. I have accessed it before from Windows vista, and from debian, but strangely enough, I can't access it when I am using Ubuntu desktop on my laptop
[04:24] <Hypnus9> I'm not sure where the bind9 files are kept.
[04:24] <jmedina> Karamon: they are sent to your syslog
[04:26] <Hypnus9> where is the syslog kept?
[04:26] <Karamon> Hypnus9: /var/log/syslog
[04:31] <Karamon> I am getting "Could not reliably determine server's [FQDN]" how do I make apache see my FQDN?  Should I post /var/hosts for troubleshooting?
[04:35] <jmedina> add the host to //etc/hosts
[04:38] <Karamon> I'm sorry, thats what I meant >.<  I do have a /etc/hosts file and have ( I think ) populated it correctly -- http://pastebin.com/d4f4b2a3a
[04:41] <jmedina> afaik, drake.lan is not an fqdn
[04:43] <Karamon> Isn't it a FQDN if I set it up in bind? sorry that I'm a newb
[04:44] <jmedina> not necesary
[04:45] <jmedina> how is your /etc/resolv.conf
[04:45] <jmedina> ?
[06:39] <jmazaredo> whenever i plug my server to the network my network becomes unstable, changed lancard and i put it in private and public network. it affects both
[06:39] <ScottK> I'd suggest trying to capture some data using tcpdump and see if it's doing anything unusual.
[06:44] <jmazaredo> other than that any other?
[06:44] <jmazaredo> seem all is fine
[08:14] <kraut> moin
[08:20] <J_5> is there a way to block an ip from my server?
[08:36] <soren> J_5: Sure.
[08:36] <soren> J_5: Check the ufw man page.
[08:44] <gene-r> hi, does any one know about samba?
[08:46] <gene-r> i installed ubuntu server for file share, but i need to make separate accounts for dif user, i dont want user see what other user store ther via samba. can some one helpme with a link or somthing, thanks
[08:50] <gene-r> i have tried a lot of configuration add new users but i cant get it work good or is there another way of sahre files in ubuntu server/
[08:54] <gene-r> r u in a meeting or something?
[09:41] <thefish> anyone got hold of an eee box? (not the eeepc laptop)
[09:41] <thefish> would make a nice little low power home server
[10:21] <edmoore> thefish: agreed. though i just built a more powerful mATX box for about the same money
[10:31] <thefish> edmoore: mind giving some details? I want a low power nas box for around that price (£200)
[10:33] <edmoore> thefish: cool, I am uk too so I can talk to your in english
[10:33] <thefish> huzzah!
[10:33] <edmoore> dabs.co.uk - i got an intel e2200
[10:33] <edmoore> 2gb ram
[10:33] <edmoore> gigbyte g31 s2l mobo
[10:34] <edmoore> a 250gb seagate barracude hdd
[10:34] <thefish> cool
[10:34] <edmoore> an antec nsk1380 case (really like it)
[10:34] <thefish> any idea of power consumption?
[10:34] <edmoore> and a pci wifi card
[10:34] <edmoore> no, though not much. The case comes with a high efficiency 350W psu
[10:35] <edmoore> which I don't think it at all taxed
[10:35] <edmoore> I also splashed out on a zalman cooler, though there's only just room for it
[10:36] <thefish> k
[10:36] <edmoore> I probably wouldn't bother with it if I had my time again
[10:36] <edmoore> and runs ubuntu server, but you could probably have guessed that given where we are :)
[10:37] <thefish> mm nice case
[10:38] <edmoore> I actually spent a little more on my box - I got a second idential hdd for software raid1, and 4gb of ram, but that's because it'll be running sims
[10:38] <edmoore> yeah - space is a bit tight inside but quite manageable
[10:38] <edmoore> and the psu comes with a 120mm fan which is a joy - totally silent
[10:38] <thefish> cool
[10:38] <thefish> running sims?
[10:38] <edmoore> physics/engineering simulations
[10:39] <thefish> ah ok
[10:39] <edmoore> chews up 100% of one core and about 2.2GB of ram for days at a time
[10:39] <thefish> ye spose they run for a while
[10:39] <edmoore> the other core and the rest of the ram is for the serving bit - files, websites, etc
[10:39] <thefish> ill only want mine for really easy stuff
[10:39] <thefish> nas
[10:39] <edmoore> so my system came to £297
[10:39] <thefish> k
[10:40] <edmoore> but if you loose the extra ram and hdd and other bits I bought (wireless pci, zalman fan) you'd probably be under £200
[10:40] <edmoore> and you'd have a lot more grunt than the eeebox
[10:41] <edmoore> mobo has built in graphics, though I've not installed any flavour of X
[10:42] <edmoore> if you do go for a non-stock cpu cooler, check it has a 4-pin connector - the mobo has the newer 4-pin pwm speed control connectors, rather than the older 3-pin type which my zalman came with. I beleive the stock cooler is 4-pin, but don't quote me on that
[10:42] <thefish> ah k
[10:43] <thefish> ye for me though, low power has more weight than max grunt :)
[10:43] <edmoore> they are compatible, but if you plug a 3 pin into a 4-pin mobo connector, it just runs at 100% all the time, which is a pain if you're in the same room as it
[10:43] <thefish> tasks: nas, screen/irssi, maybe a bt every now and then.
[10:43] <edmoore> true - what's the psu on the eeebox do you know?
[10:43] <thefish> no not sure
[10:44] <edmoore> certainly the atom will be more ecomonical to run than a core 2 duo
[10:44] <thefish> all i can find is marketing type stuff
[10:44] <thefish> http://www.nexus13.com/productcart/pc/viewPrd.asp?idproduct=1376&idcategory=0#details
[10:44] <thefish> ye defs, at the moment i have a core2duo that i can WOL if i need it
[10:44] <edmoore> it really is a tiny thing isn't it
[10:45] <thefish> and a wrt that does the basics
[10:45] <thefish> ye totally, and im thinking that thing tucked away in a corner somewhere just doing its thing
[10:45] <thefish> might even be able to claim back the windows tax
[10:45] <edmoore> yeah that put me off
[10:46] <edmoore> I saw the eeebox on trusted reviews and though 'oooh yes please' but thn the more I looked into it the more I realised a DIY would be better for me, and a week later I bought my box, which I have now had for a week
[10:46] <thefish> cool
[10:47] <thefish> ah actually theres a linux and a windows version
[10:47] <thefish> same price
[10:47] <thefish> 65W power adaptor
[10:47] <thefish> on the eee ^
[10:55] <edmoore> thefish: case closed then, I reckon :)
[10:56] <thefish> seems like it, thanks for telling me about the dev box though
[10:56] <thefish> reckon goals are slightly different
[10:56] <thefish> i would like to replace the "hog" with a box like that though
[10:58] <edmoore> thefish: cool, well I may well look at the eeebox when it's time to get a NAT
[10:59] <edmoore> stick openBSD on it and bob's your uncle.
[11:00] <thefish> i was reckoning jeos
[11:00] <thefish> just cos its what i know
[11:00] <thefish> why bsd?
[11:00]  * edmoore goolgles
[11:00] <thefish> jeos is a way cool stripped down ubuntu server ;)
[11:01] <edmoore> oh cool, looks neat
[11:01] <edmoore> I want to try openBSD just because it looks cool and everyone keeps hammering on about how secure it is. I like the idea of it on a set and forget gateway machine
[11:01] <hads> ALIX boards are good for that sort of thing.
[11:04] <thefish> ye the bsd firewall looks really cool, seems to have built-in failover stuff
[11:04] <edmoore> hads: I'd not come across them, thanks for the recommendation. They I have some old bits lying around - 12GB hdd and a celeron and a gig or ram. that should be plenty for a nat, I hope
[11:14] <busfahrer> Excuse me, I'm trying to get a program that I installed manually to autostart at boot-time. What is the clean, correct way to do so?
[11:24] <soren> busfahrer: Either create an init script for it (see /etc/init.d/skeleton for an example) and add that to the the run levels you want to run it at, or you could just add a command to someone's crontab and set it to run "@reboot"
[11:58] <ghaleb> hello, when I flush my iptables ( sudo iptables -F ) the firewall blocks everything
[12:03] <erik78se> check your iptable default policy
[12:03] <erik78se> its probably set to "DENY"
[12:04] <erik78se> or DROP rather
[12:08] <gargoyle> Quick one, what's the meta package to perform the same actions as if I had chose LAMP from the installer?
[13:30] <sommer> Koon: good morning, I noticed that likewise-open and samba use secrets.db files in different locations... just wondering if there are any plans to combine them?
[13:32] <Koon> sommer: I confess I'm a little lost on samba/likewise-open combinations. I was hoping some enlightenment from jerry about this
[13:35] <sommer> Koon: that's cool, I was just working on documenting Samba and AD integration, and there's a pdf from likewise that instructs to symlink /var/lib/samba/secrets.db to /etc/samba/secrets.db
[13:35] <sommer> Koon: I don't mind documenting that, but is just didsn't seem to follow the "debian" way of doing things... not that big a deal though
[13:36] <Koon> which one uses the file in /etc ? Likewise-open, I suppose
[13:36] <sommer> yep likewise
[13:36] <Koon> hm. That should be fixed (even if not a regression)
[13:37] <Koon> you cannot really consider it a "configuration file"
[13:37] <sommer> Koon: okay, I just noticed it on the version in your PPA... I tested leaving a domain, and didn't have any problems, just fyi
[13:38] <Koon> soomer: cool. A new code drop is supposed to happen soon, dendrobates might be handling it though (I leave for vacation tomorrow morning)
[13:39] <Koon> I'll make sure he knows about that secrets.db thing
[13:39] <sommer> cool, thanks man
[13:40] <sommer> it is pretty slick to configure samba with likewise-open, just need to get the kerberos and mount.cifs working :)
[14:05] <moldy> hi
[14:05] <moldy> (8.04.1) can i setup lvm+raid during installation?
[14:05] <moldy> the installer asks me for lvm, but i don't see any raid options
[14:08] <sommer> moldy: you can try out these instructions: http://doc.ubuntu.com/~mdke/test/serverguide/C/advanced-installation.html
[14:08] <sommer> moldy: that's the draft version of the serverguide so if you notice any problems, please let me know :)
[14:09] <sommer> moldy: being development they're geared toward intrepid, but the overall process is the same for hardy... just no boot degraded options
[14:11] <moldy> sommer: thank you
[14:12] <sommer> moldy: np
[14:14] <zul> infinity: ping when you are around can you look at the php5 ftbfs Im totally stumped
[14:14] <moldy> sommer: hm. i configured sw raid. then i selected the sw raid device for "use as physival volume for lvm"
[14:14] <moldy> but how can i format/configure that device now?
[14:15] <sommer> moldy: I'm not sure of the exact process of combining software raid with lvm (mostly used them seperately), but you'll probably need to create a partition on the volume group
[14:16] <sommer> moldy: have you created a volume group?
[14:16] <moldy> sommer: ah, i think i got it now
[14:16] <moldy> created a vg and an lv now
[14:16] <sommer> ya, that's it, then once you have an lv you can create a partition, then it's pretty much the same as a normal install
[14:17] <sommer> err... I think :)
[14:20] <moldy> hmmm, i cannot create more than one partition in the lv
[14:21] <moldy> ah, this is normal?
[14:21] <sommer> I only have one per lv, guess I've never tried creating multiple
[14:22] <sommer> if you had multiple partitions per lv, then how could you expand the lv?  I don't think the system would know which partition to expand
[14:23] <moldy> makes sense
[14:23] <moldy> i wasn't sure anymore... i created multiple lv now
[14:24] <moldy> actually it's pretty straightforward
[14:24] <moldy> ;)
[14:24] <sommer> heh, there starts to be a lot of terms to learn when you get into raid + lvm + partitions, and what not
[14:24] <moldy> ya
[14:37] <mok0> What happened to JeOS?
[14:37] <mok0> Can't find it
[14:45] <moldy> hm, is it normal that ubuntu 8.04.1 server uses lilo in stead of grub?
[15:05] <trakinas> hi all! Im having troubles with both cronjob and ssh.
[15:05] <trakinas> first, lets try to solve ssh... it simple cannot identify my keys.
[15:06] <trakinas> *simply
[15:07] <thefish> trakinas: what error do you get?
[15:09] <trakinas> thefish: from putty that it rejected my key
[15:09] <trakinas> simply that
[15:09] <thefish> what error message?
[15:10] <trakinas> just it: Server rejected our key
[15:10] <trakinas> nothing more.
[15:10] <thefish> ok, it could be permissions on the server side
[15:10] <thefish> you have put the public key into ~/.ssh/authorized_keys on the server?
[15:10] <trakinas> yep.
[15:11] <thefish> what are the permissions on ~/.ssh and ~/.ssh/authorized_keys
[15:11] <thefish> should be 700 on .ssh and 600 on authorized_keys iirc
[15:12] <trakinas> public is -rw-r--r--
[15:12] <thefish> ?
[15:13] <trakinas> the public key
[15:13] <trakinas> sorry!
[15:13] <thefish> ok never mind the public key mate, please answer the question
[15:13] <thefish> these dirs are on the server
[15:13] <trakinas> it is on the server side.
[15:13] <trakinas> yep
[15:13] <thefish> right
[15:13] <trakinas> and these are the properties for the key.
[15:13]  * Deeps holds thefish's hand
[15:13] <trakinas> -rw-r--r--
[15:13] <trakinas> Deeps: =(
[15:13] <thefish> Deeps: :)
[15:14] <thefish> what are the permissions on ~/.ssh and ~/.ssh/authorized_keys
[15:14] <thefish> trakinas: what are the permissions on ~/.ssh and ~/.ssh/authorized_keys
[15:14] <thefish> for the main prize
[15:15] <trakinas> the authorized_keys are -rw-------
[15:15] <trakinas> and that is 600, afaik
[15:15] <thefish> good, thats what we want
[15:15] <thefish> ok, have you checked in /var/log/auth.log for errors?
[15:16] <thefish> you can turn up logging in /etc/ssh/sshd_config with the LogLevel directive if needed
[15:16] <owh> Hmm, the meeting doesn't seem to be scheduled in #ubuntu-meeting, does that indicate that it's not happening?
[15:17] <trakinas> thefish: no error message with my user.
[15:17] <trakinas> what is annoying me is that some users can use the key, and mine cant.
[15:17] <thefish> ok trakinas, have you modified the sshd_config file at all?
[15:17] <trakinas> thefish: only when installed it.
[15:18] <thefish> you modified it, or just installed it?
[15:18] <zul> meeting in a hour isnt it
[15:18] <trakinas> thefish: made only some changes on the port.
[15:18] <thefish> ok fair enough
[15:18] <trakinas> thefish: in spite that, it is using both pass and keys.
[15:18] <thefish> is putty using this port?
[15:18] <trakinas> xyep
[15:18] <thefish> you *only* changed port?
[15:18] <owh> zul, That's what I thought, well, 60-18=42 minutes :)
[15:19] <trakinas> i can login with password
[15:19] <trakinas> thefish: yep.
[15:19] <trakinas> quite sure. checked the conf already.
[15:19] <zul> owh: hourish ;)
[15:19] <thefish> ok cool
[15:20] <owh> zul, next you'll be saying that 16 bit is like 32 bit :)
[15:20] <thefish> trakinas: so you used puttygen to make the keys, then copied the public over to authorized_keys?
[15:20] <zul> owh: heh
[15:20] <trakinas> thefish: yes. didnt work. tried using keygen on the server side and importing to putty.
[15:20] <trakinas> did not work either.
[15:21] <thefish> ok trakinas, on the server: sudo tail -f /var/log/auth.log
[15:21] <thefish> that is now watching auth.log for any changes (and we should see at least *something* from putt)
[15:22] <thefish> then while thats runing, try to log in from putty, and see if any logs are made
[15:22] <trakinas> nothing... seriously...
[15:23] <trakinas> I will try from the begin. Let me remove all my keys and try it again
[15:23] <thefish> ok, lets turn it up
[15:23] <thefish> ok good plan
[15:23] <trakinas> user keys, not server keys.
[15:23] <thefish> keys are keys
[15:23] <thefish> mostly
[15:23] <thefish> so you will make the key with puttygen then copy across the public key?
[15:24] <trakinas> thefish: to be honest, Im kind lost.
[15:24] <thefish> trakinas: ok no worries, i happen to have a windows machine here, and 10 mins to spare :)
[15:24] <thefish> so lets open puttygen
[15:25] <trakinas> thefish: should I copy the public key from /etc/ssh to my .ssh/  or simply generate my key?
[15:25] <thefish> no
[15:25] <thefish> trakinas: you are on a windows machine, trying to ssh to a linux machine?
[15:25] <trakinas> okay! so i was on the right track, at least.
[15:25] <trakinas> thefish: using keys. password are okay.
[15:25] <trakinas> thefish: win to linux. correct
[15:25] <thefish> ok cool
[15:26] <thefish> are you comfortable on how public/private keys work?
[15:27] <trakinas> thefish: kind of. lets say that this server wasnt my responsability but it became from a day to another.
[15:27] <trakinas> thefish: so i had to study really quickly all these things.
[15:28] <thefish> trakinas: ok, i would read up a bit about public keys.
[15:28] <trakinas> im more of pythin programming on linux then with network.
[15:28] <thefish> never heard of pythin
[15:28] <thefish> is it good?
[15:28] <trakinas> thefish: heck yes! is a fork of python! =P
[15:28] <thefish> :P
[15:29] <thefish> ok cool, so pubkeys
[15:29] <thefish> with this type of auth, we use keys. the keys have 2 parts: a public key and a private key
[15:29] <trakinas> thefish: Im cool with that. go on.
[15:29] <thefish> now say we want to exchange data
[15:30] <thefish> i will need your public key
[15:30] <thefish> i will then use your public key to encrypt the data
[15:30] <thefish> after this, only your private key can unlock it
[15:30] <trakinas> right.
[15:30] <thefish> there is a lot more to it than that, but we use this for auth
[15:31] <thefish> so now i need to leave my public key on the server, and keep the private key very safe
[15:31] <trakinas> okay.
[15:32] <thefish> i will then ask the server to log in, and provide info that only the holder of the private key can have
[15:32] <thefish> the server verifies this with thepublic key
[15:33] <thefish> so, your windows computer will have the private key, in putty or pagent i think
[15:33] <trakinas> yep.
[15:33] <thefish> and the public key from puttygen, will go into /home/{your-serverside-user-name}/.ssh/authorized_keys
[15:34] <trakinas> so far, so good.
[15:34] <thefish> a public key may look something like: ssh-rsa
[15:34] <thefish> AAAAB3NzaC1yc2EAAAABIwAAAgEA7/qSuP8VvUysxPp6ojwnML1v4w8rQ+9xY4npsFQkYA0kOZoGhfbrVf9tBxH6DyDLaa9pE/xd+vSP4IR+dL8mwM98w6uKne7Pdl7hBe5a/DM5EHS4cqOxa+t0CijsNR0i/tY177IqDrzJJxzBKXJm2V8ndXI8350job7+RwnphA+frvfcowSGxnT6eJ+i8N9fWlqUDv2CljOni4+Ti6ELXYjAb/NLGBv3nB16cvnhZgz17q9okegB0uuzgPLfRK7nLV2Rdxe0C7ArurP5IHz4IZ9OGlcMaqUKU+0mB1H7xrRPs6YXC8lWp3TYJKkN35Bm3y6V/3h62t8o2BpFVGOL3VezCO/ySeBjv6ur1GPySiG4OzGM7xQjvk6typZbTC30pOKOoFVfYKYuMfwLNI+yelMmoue6VKWN5/
[15:34] <thefish> 7NOBGrdELSjVO4gt6vv4f2OMA9RhFvfXJcgwiBDIren4VXhw2CeDVq4ESWsBY4pYHryqWlCqS4CEiaO7/NfKGDlB5WTvAoKaYIPi8ofTYriSUj0S1tOM8dNAzrDqUnJzFVTubYua6dyzp+Z/GqqJkA5ND0sxrdLKwm7x9u+8Unn7KeZzSU3ODpxhsNRo8GUdvgn4tK3aBnqcTHQcwbeshuJhEXv7hMSHCMxxALYqvUKjy0NRt6D7uCTPncGNadW9selWOrgmk=
[15:34] <thefish> sorry for flood! that looked like a 1 liner from here...
[15:34] <trakinas> one sec! boss is calling
[15:35] <dusty_> Hey guys, I have a firewall script: http://rafb.net/p/52ujkq51.html and relevant entries in syslog.conf restarted syslog and in my firewall script i log ssh connections, so i made an ssh connection to my server and nothing appeared in /var/log/firewall.  I took the iptables script down, added one line to test logging which was: iptables -A INPUT -j LOG and then i hit 'dmesg' or tail /var/log/firewall and my logs are
[15:35] <dusty_> pounded with iptables traffic, so why does it not log with my current example what am I doing wrong ?
[15:39] <trakinas> thefish: Im alright with that.
[15:39] <trakinas> thefish: key generated, saved, uploaded to the server, chmoded to 600.
[15:40] <trakinas> thefish: the is also a ssh2 dir, should I upload it into there?
[15:40] <thefish> trakinas: what distro is the server?
[15:41] <trakinas> thefish: not sure if it is 7.10 or 7.10 upgraded to 8.smth
[15:41] <trakinas> one sec
[15:42] <trakinas> kernel version helps
[15:42] <trakinas> ?
[15:42] <thefish> ok thats fine, no worries
[15:42] <thefish> you have only the 2 computers?
[15:42] <trakinas> or is there any command to check the distro version:
[15:42] <thefish> trakinas: its not needed, but a useful one is `lsb-release -a`
[15:42] <trakinas> thefish: no. a bunch of them. loggin through password works great.
[15:42] <trakinas> with the quotes?
[15:42] <thefish> ok so its just key login that we need to fix ye?
[15:43] <trakinas> yep
[15:43] <thefish> those are backtics, and no
[15:43] <trakinas> thefish: thanks! did not know the name. "english are not me first language"
[15:43] <thefish> i guessed that trakinas ;)
[15:43] <trakinas> :]
[15:44] <thefish> trakinas: please do "grep AuthorizedKeysFile /etc/ssh/sshd_config"
[15:44] <thefish> on the server
[15:44] <thefish> it should return just one line
[15:44] <trakinas> AuthorizedKeysFile      %h/.ssh/authorized_keys
[15:45] <trakinas> not commented.
[15:45] <thefish> ok cool, so this is the file that need to have the public key in it
[15:46] <dusty_> anyone ?
[15:47] <trakinas> thefish: i can paste bin it in somewhere.
[15:47] <thefish> yes please trakinas
[15:51] <mok0> How do you remove a public key from ~/.ssh/known_hosts?? It used to be that the host name was in the file, but no longer
[15:52] <sommer> ssh-keygen -R hostname
[15:52] <thefish> mok0: with vi - :set nu
[15:52] <thefish> sommer: nice one, didnt know that, i always went to the file and searched for the line number :)
[15:52] <owh> sommer: Cool, I didn't know that :)
[15:52] <sommer> :-)
[15:52] <owh> thefish: Ditto :)
[15:53] <Deeps> or just :<line number: to jump to that line
[15:53] <mok0> thefish: how do I know the line number?
[15:53] <owh> mok0: It says so in the error :)
[15:53] <thefish> mok0: the error
[15:53] <thefish> pff fast typists
[15:53] <mok0> ah
[15:54] <mok0> heh you're right
[15:55] <owh> You all know about ssh-copy-id while we're at it too?
[15:57] <thefish> owh: ye that saved me much caffeine :)
[15:57] <thefish> ssh-add was like a religious experience
[15:57] <thefish> or however you spell that
[15:58] <mok0> owh: nope, but it's cool!
[15:58] <thefish> hows this for cool, discovered today: you can use "screen" to share a tty
[15:59] <thefish> and have many viewers or participants
[15:59] <owh> Yup
[15:59] <thefish> damn thats nice
[15:59] <thefish> i had to show a guy in another town how to do a specific ubu server setup
[15:59] <thefish> just screened it
[15:59] <owh> And you can use it to log what you were up to, so you can log into a server maintained by someone else and fix their server while they make sure that you're not fsking with it :)
[16:00] <thefish> ye
[16:00] <thefish> theres some cool clipboard stuff as well, not played there yet though
[16:02] <thefish> owh: know any cool tricks for updating many servers at once?
[16:02] <thefish> apt-lots-of-them update...
[16:02] <thefish> fedora now has the super cool spacewalk
[16:03] <thefish> and i know theres landscape, but its pretty pricey
[16:03] <owh> Dunno, but I'm in a meeting in #u-m
[16:03] <mok0> thefish: look at dsh
[16:03] <owh> (That's the ubuntu-server meeting BTW)
[16:04] <thefish> mok0: cool, will do
[16:04] <mok0> thefish: another gem from Junichi-san
[16:05] <thefish> cool
[16:05] <[diablo]> thefish, mish
[16:05] <thefish> mok0: i guess you mean Dancers' shell, not "Deliberate Self-Harm" ;P
[16:05] <mok0> heh
[16:06] <thefish> [diablo]: ello
[16:06] <[diablo]> thefish, that u mate?
[16:06] <thefish> pity people like [diablo] are allowed on this channel, it spoils it for the decent folks
[16:06] <[diablo]> ok, it's you
[16:06] <thefish> where do i report that [diablo] is trying to cyber me?
[16:07] <[diablo]> JAJA
[16:09] <thefish> mok0: cool, but i really would like something like landscape, that says what updates are available for each server, and shows any errors etc that may happen
[16:10] <mok0> thefish: landscape is not too expensive
[16:10] <thefish> check out http://www.redhat.com/spacewalk/
[16:10] <thefish> mok0: $150/year/node is too expensive here
[16:11] <mok0> thefish: oh, I didn't know it was per-node
[16:11] <thefish> ye
[16:11] <thefish> for an "important" server, i wouldnt go without it
[16:11] <mok0> thefish: well, then I stand corrected
[16:11] <thefish> but most here are easily replaceable etc
[16:12] <thefish> mok0:  http://brainstorm.ubuntu.com/idea/6338/
[16:13] <mok0> thefish: interesting reading...
[16:13] <thefish> ye totally
[16:13] <mok0> thefish: I rely on cfengine to do most distributed maintenance
[16:14] <mok0> thefish: you could set it to do apt-get dist-upgrade if you wanted to
[16:14] <thefish> mm, looks interesting
[16:15] <thefish> will it report back and say server X needs this update, and server Y failed on update Z?
[16:15] <mok0> thefish: personally, I like to watch ;-)
[16:15] <thefish> hehe
[16:15] <thefish> rhn is really cool like that as well
[16:15] <mok0> thefish: no it is completely standalone
[16:15] <thefish> ok
[16:16] <mok0> thefish: you mean the redhat cluster utils?
[16:17] <thefish> na rhn, for keeping the servers updated
[16:17] <thefish> same as landscape pretty much
[16:18] <thefish> mok0: https://rhn.redhat.com
[16:18] <mok0> thefish: hm, google finds RedHat Network
[16:18] <mok0> ah thx
[16:19] <thefish> its really useful for big distributed missions
[16:19] <thefish> does alerts etc as well
[16:19] <mok0> thefish: costs money though
[16:19] <thefish> yep, costs, but for main servers its worth it
[16:19] <thefish> comes with the subscription though
[16:20] <mok0> thefish: probably cant install .debs though :-)
[16:20] <thefish> hehe
[16:20] <thefish> i was thinking about that as a spacewalk addon
[16:21] <mok0> thefish: seems spacewalk is based on kickstart
[16:21] <mok0> thefish: ... another redhat thingie
[16:21] <thefish> k
[16:22] <mok0> thefish: I don't think kickstart is supported by Debian/Ubuntu
[16:22] <thefish> i doubt it
[16:22] <thefish> im using zenoss to monitor, so we get all that, but it would be really nice to add updates to that
[16:22] <thefish> so much less work
[16:23] <mok0> We just have a really simple script that does an ssh to all machines with "apt-get dist-upgrade"
[16:24] <thefish> dont you worry about that one day beating you up and stealing your lunch?
[16:24] <mok0> thefish: yes :-)
[16:24] <thefish> and what about config file updates etc
[16:24] <thefish> hehehe
[16:24] <mok0> thefish: it doesn't happen very often though
[16:24] <thefish> ye
[16:24] <mok0> thefish: cfengine takes care of config files
[16:25] <thefish> aah ok
[16:25] <thefish> seems similar to puppet
[16:25]  * mok0 looks 
[16:26] <mok0> yeah
[16:34] <kpettit> is there any good docs for keeping a internal repository for ubuntu?  Basically I have a slow network connection and a bunch of ubuntu server and want to avoid downloading when possible
[16:36] <thefish> kpettit: http://www.subvs.co.uk/apt-proxy_on_ubuntu
[16:37] <kpettit> thefish, looks perfect.  Thanks
[16:37] <thefish> :)
[16:37] <thefish> kpettit: one change:
[16:37] <kpettit> ?
[16:37] <thefish> on the clients, dont change their sources.list
[16:38] <thefish> create a file /etc/apt/apt.conf.d/02proxy
[16:38] <thefish> inside, put: Acquire::http { Proxy "http://ip.of.server.box:9999"; };
[16:38] <thefish> that assumes you use port 9999
[16:39] <kpettit> ah ok.  I'm going to go through it right now.
[16:39] <kpettit> I'm starting with a fresh office and machine, it's nice to get a chance to start from scratch
[16:40] <thefish> ye totally
[16:40] <thefish> kpettit: you may also want to check out apt-cacher-ng
[16:41]  * kpettit looking it up...
[16:41] <thefish> not very much docs, but you may have less problems than apt-proxy
[16:42] <kpettit> ok.  I'm install both packages.  I'll go the path of least resistance
[16:43] <kpettit> would doing something like a nfs share of /var/cache/apt/archives work?
[16:47] <infinity> zul: pong...
[16:48] <zul> infinity: hey I been fighting the php5 ftbfs without much success if possible can you take a look at it?
[16:52] <infinity> zul: That does look pretty stumpy.  I'll have to test locally.
[16:52] <zul> infinity: thanks I was able to reproduce it locally though
[16:52] <infinity> zul: Well, yes, but local reproduction is the first step to then sorting out WTF. :)
[16:53] <zul> infinity: heh
[16:53] <kpettit> thefish, sharing the cache directory over samba seems to be doing the trick.  I'm trying with 32 and 64bit machine.  Going to see if I can create colisions in the "partial" directory to see how it does with that
[16:54] <thefish> ouch
[16:55] <kpettit> I'm going to be the one updating all the machines so I don't worry about a collision that much, but I'm curious what will happen
[16:55] <thefish> kpettit: apt-cacher-ng is seriously less work, and was built for purpose
[16:55] <kpettit> I just finished the download for that one.
[16:55]  * kpettit checking it out
[16:56] <thefish> the download?
[16:56] <thefish> sudo apt-get install apt-cacher-ng
[16:56] <thefish> done
[16:56] <thefish> then just add the 02proxy file to each client
[16:56] <kpettit> yeah, it just took apt-get a bit to grab it.
[16:56] <kpettit> slow network connection here
[16:56] <thefish> k
[16:57] <kpettit> your right about the docs being sparse
[16:58] <thefish> kpettit: thing is you dont really need em, just install the server, config the clients and fire away
[16:58] <thefish> with apt-cacher-ng, there is a http interface as well, shows you how much your cache is being used etc
[16:59] <thefish> make sure the ports match though, i think apt-cacher-ng doesnt use 9999 as default
[16:59] <kpettit> ah that's cool
[17:04] <thefish> kpettit: working?
[17:05] <kpettit> still readying through the docs I found.  The had some HTML docs in /usr/share/doc
[17:08]  * delcoyote hi
[17:10] <kpettit> thefish, I've got my apt-cache-ng server started on port 9999.  On the client I want to test I created that 02proxy file.
[17:10] <kpettit> Do I need to start apt-cacher-ng on the clients as well?
[17:11] <thefish> kpettit: no
[17:11] <thefish> just apt-get update etc
[17:12] <thefish> do one full upgrade, then on the next ones it will be lan speed
[17:12] <kpettit> ok.  Doing that now.
[17:12] <kpettit> how can I tell if it's worknig?
[17:12] <thefish> you can also import apt-cache if you have some
[17:12] <thefish> kpettit: i guess sudo netstat -untap will show you it listening/transferring
[17:12] <thefish> ps will show on the server as well
[17:13] <thefish> but on the client, sudo netstat -untap will show a connection to the apt-cacher-ng server
[17:15] <kpettit> The client is listening like it wants to be a server
[17:15] <thefish> you installed apt-cacher-ng on the client?
[17:15] <kpettit> yes
[17:16] <thefish> its *just* for the server
[17:16] <thefish> remove from the client
[17:16] <thefish> 1: install apt-cacher-ng on server
[17:16] <thefish> 2: edit/create /etc/apt/apt.conf.d/02proxy on the clients
[17:16] <thefish> 3: sudo apt-get update && sudo apt-get upgrade on the clients
[17:16] <thefish> 4: profit
[17:17] <kpettit> ah ok.  IN the html instructions it shows the 02proxy in the apt-cacher-ng directory.  That's what confused me.
[17:17] <thefish> :)
[17:25] <infinity> zul: Well, for starters, it doesn't help that config.sub is completely missing...
[17:26] <zul> how the hell did that happen?
[17:28] <infinity> zul: Not sure.  It's not something we dropped in a patch, it should be copied into place in the build.
[17:28] <zul> infinity: thats weird because I tried the previous version and the same thing happens
[17:28] <infinity> zul: Yep.  I'd assume autotools breakage.
[17:29] <zul> infinity: lovely
[17:30] <kpettit> thefish, it's working!  Thanks allot for the help.
[17:30] <infinity>   * bin/autoreconf.in: Check whether libtoolize supports --install, if it
[17:30] <infinity>     does, libtoolize is safe to run at all times since it will not install
[17:30] <infinity>     new files unless --install is passed to it as well.
[17:30] <infinity> I might blame that change.
[17:30]  * infinity rolls back autoconf to test his theory.
[17:34] <kirkland> mathiaz: are you reviewing dendrobates's landscape-client package today?
[17:35] <mathiaz> kirkland: done already
[17:35] <mathiaz> infinity: zul: yes - it's libtoolize
[17:35] <kirkland> mathiaz: ah, cool, okay.  is there a debconf question that prompts for a launchpad key?
[17:35] <mathiaz> infinity: zul: you have to use the -i option so that it installs config.sub,guess
[17:35] <mathiaz> infinity: zul: -f will just delete the files, but not update them
[17:36] <mathiaz> infinity: zul: I've already fixed cdbs to do so
[17:36] <mathiaz> kirkland: nope
[17:36] <mathiaz> kirkland: are you looking for debconf examples ?
[17:36] <infinity> mathiaz: Ugh.  debian/rules doesn't libtoolize, it's the upstream source.
[17:36] <infinity> mathiaz: Yay, backward compat!
[17:36] <kirkland> mathiaz: i have read the debconf documentation
[17:37]  * mathiaz tries to find an package that has a simple debconf setup
[17:39] <infinity> zul: s/--copy/--copy --install/ in debian/patches/033-we_WANT_libtool.patch should do the trick. Testing.
[17:40] <infinity> zul: Yup, that fixes it.
[17:40] <infinity> zul: I'll just upload this here.
[17:40] <zul> infinity: cool thanks for the help I appreciate it
[17:40] <mathiaz> kirkland: you may look at mysql-dfsg-5.0
[17:40] <infinity> zul: Or... I would if FreeTDS worked.
[17:40] <mathiaz> kirkland: especially mysql-server-5.0.config and mysql-server-5.0.templates
[17:40] <kirkland> mathiaz: yup, prompting for the root password, right?
[17:40] <kirkland> mathiaz: that's what I'm emulating
[17:41] <mathiaz> kirkland: yes - there is such an example
[17:41] <zul> infinity: I think there is a patch in debian about that
[17:41] <mathiaz> kirkland: ah ok - there is also openldap
[17:41] <kirkland> mathiaz: okay, i'd like to work off of dendrobates' populated landscape-client package...  is it uploaded yet?
[17:41] <mathiaz> kirkland: nope - there are some changes needed
[17:41] <zul> infinity: I can fix that one if you want
[17:41] <mathiaz> kirkland: the package is not ready for upload IMO
[17:42] <kirkland> mathiaz: okay....
[17:42] <mathiaz> kirkland: the difference between mysql and openldap is that mysql keeps the root password in the debconf database while openldap wipes it out
[17:42] <kirkland> mathiaz: perhaps i'll just send him a patch
[17:45] <infinity> zul: Ahh, I see the Debian patch.
[17:45] <zul> infinity: I can just apply it locally and upload the fi
[17:46] <zul> fix even
[17:46] <infinity> zul: Sure, go nuts.
[17:46] <zul> infinity: again thanks for the help
[17:46] <infinity> zul: NP...
[17:47] <infinity> zul: 10-to-1 odds that the s/--copy/--copy --install/ will make the package non-backportable, BTW.
[17:47] <infinity> zul: So we'll need to add more logic to detect if --install is supported before using it, if you care.
[17:47] <zul> infinity: ill mention it in the changelog then
[17:49] <infinity> Oh, wait.
[17:51] <infinity> zul: Nevermind.  Unwait.
[17:51] <zul> k
[17:51] <infinity> zul: autoreconf has --install checking support built in.  But, of course, php doesn't USE autoreconf anywhere. :)
[17:52] <zul> heh silly rabbit
[17:53]  * infinity shrugs.
[17:54] <infinity> zul: FWIW, autoreconf's test pretty much just consists of "grep -- --install `libtoolize --help`"
[17:54] <infinity> zul: Would be easy enough to add that to the libtoolize patch and make it backportable.
[17:54] <infinity> zul: (I can do that and submit a patch, if you like)
[17:55] <zul> infinity: yes that would be nice
[17:55] <zul> im doing a test build anyways
[18:02] <infinity> zul: http://lucifer.0c3.net/~adconrad/
[18:03] <zul> infinity: thanks
[18:03]  * infinity should commit the same to Debian SVN...
[18:12] <infinity> zul: Committed to Debian SVN as well, so it's a patch you won't have to carry after -3 is out.
[18:13] <zul> infinity: cool
[18:30] <zul> i seriously hate php5 now
[18:34] <zul> infinity: its bitching about dlsym now
[18:34] <zul> infinity: http://pastebin.com/m3a417348
[18:45] <lamont> zul: it doesn't have to be 5 for me to hate it
[18:45] <zul> lamont: im discovering that as well
[18:46] <lamont> Please Hack Promptly
[18:47] <lamont> though, to be fair, these days it's mostly other things that are still propagating the original "security-clueless php snippets"
[18:48] <zul> its just not building
[19:01] <infinity> zul: Can you bounce your patch to me?
[19:03] <trakinas> when trying to use keys for logging into the ssh i receive this: FATAL ERROR: Server unexpectedly closed network connection
[19:06] <lamont> trakinas: the obvious-and-possibly-painful answer to that is: what does the error log on the server say?
[19:07] <trakinas> nothing...
[19:08] <zul> infinity: people.ubuntu.com/~chucks/depreeciated_freetds_check.patch
[19:16] <kees> kirkland: ah, /dev/null for dev map, yeah, I get it now.  cool.
[19:17] <kirkland> kees: okay good
[19:17] <kirkland> are you looking at http://bazaar.launchpad.net/~kirkland/grub/33649b/annotate/841?file_id=grubinstall_better_r-20080808231927-tsz86l2dgjy6usoc-1 ?
[19:17] <kirkland> kees: that's the best, most current patch to look at
[19:17] <kees> kirkland: yeah
[19:18] <kees> kirkland: rockin' yeah, looks good.  I'd like to test it some, but it's probably good enough to upload if cjwatson has looked it over too
[19:19] <kirkland> kees: cjwatson is out on vacation
[19:19] <kirkland> kees: i've been working with slangasek on it
[19:19] <kirkland> kees: he was almost happy with it friday
[19:19] <kees> kirkland: ah! right, cool.
[19:19] <kirkland> kees: recommended one change, which had a trickle effect, the result is the current patch you're looking at
[19:19] <kirkland> kees: i'm hoping he'll ping me sometime today with a thumbs up
[19:19] <kirkland> kees: i've tested the heck out of it
[19:19] <kees> kirkland: I ran into him briefly, I'll check
[19:20] <kirkland> kees: thanks.
[19:20] <kirkland> kees: i'm trying to get this into alpha4, which probably necessitates action very, very soon
[19:22] <kees> kirkland: if you can prep the source.changes and associated files somewhere, I can upload them.
[19:22] <kirkland> kees: um, grub is managed in bzr
[19:22] <kirkland> kees: which is why i have a bzr branch
[19:23] <kirkland> kees: i have the changelog entry and stuff in that same branch
[19:42] <juannicolas> Hi, can someone help me how to install postgresql8.0 in ubuntu hardy? apt-get can't find the pkg in the source list.
[19:43] <juannicolas> I'm trying to install postgresql 8.0 via source but is asking for to many libraries
[19:48] <kees> kirkland: right, but it still needs to be uploaded.  :)
[19:49] <kirkland> kees: interesting, okay...  so what do you need from me?
[19:49] <kirkland> kees: a debdiff, or a bzr branch?
[20:02] <infinity> zul: That's really, really weird... autotools isn't converting that one m4 snippet into shell... And only that one, afaict.
[20:03] <zul> remove it then?
[20:03] <infinity> zul: That would be the brute force option, but I'm more curious about the real bug here.
[20:04]  * nxvl HUGS zul 
[20:04] <zul> hi nxvl
[20:04] <nxvl> zul: thank you for your comments!
[20:04] <zul> nxvl: no problems
[20:09] <infinity> autoconf is rewriting aclocal.m4 ... That seems just wrong...
[20:11] <infinity> Oh, no, the build system is doing that.
[20:11] <infinity> That makes slightly more sense.
[20:11] <infinity> And the new libtool doesn't ship that macro in aclocal.
[20:11] <infinity> \o/
[20:24] <infinity> zul: Meh.  Fixing that just leads to more libtool failures later.
[20:25] <zul> heh
[20:25] <infinity> Configuring libtool
[20:25] <infinity> ../configure: line 135465: LTOPTIONS_VERSION: command not found
[20:25] <infinity> ../configure: line 135466: LTSUGAR_VERSION: command not found
[20:25] <infinity> ../configure: line 135467: LTVERSION_VERSION: command not found
[20:25] <infinity> ../configure: line 135468: LTOBSOLETE_VERSION: command not found
[20:25] <infinity> Etc, etc.
[20:25] <infinity> zul: I'd recommend putting together a package that fixes the non-libtool bugs, then dropping it in Keybuk's lap with a big red bow and a tag marked "HALP!"
[20:26] <zul> frig Ill do that first thing in the morning I have to go pick up my son from the day care
[21:06] <kees> kirkland: a bzr branch plus a regular source.changes fileset to upload at the same time.  :)
[21:08] <uvirtbot`> New bug: #257411 in samba (main) "mount.cifs ignores iocharset even specified" [Undecided,New] https://launchpad.net/bugs/257411
[21:39] <Guest45207> need some smb.conf help, can't seem to authenticate at the group level
[21:39] <Guest45207> here's the smb.con http://pastebin.com/d146764bf
[21:40] <sommer> Guest45207: does %S map back to a group name?
[21:41] <Guest45207> how can i check
[21:41] <Guest45207> it did on the previous server i used the config file on, however that was not using ldap
[21:42] <sommer> not sure, probably in the log file...  you have have to set a higher log level
[21:42] <sommer> err, "may have to"
[21:43] <sommer> Guest45207: what group are you trying to force to?
[21:43] <sommer> you might try "force group = @group_name" where group_name is a system group
[21:44] <Guest45207> ok, i'll give that a shot real fast
[21:44] <Guest45207> i though that's what the valid users thing took care of the "@bclab"
[21:46] <sommer> yep, but if %S isn't a system group, Samba isn't going to know which group you to authenticate to... at least if %S isn't a system group
[21:53] <Guest45207> putting in force group = @group makes the share unusable
[22:13] <kirkland> kees: is this what you need? http://pastebin.ubuntu.com/36964/
[22:14] <kirkland> kees: looks like grub has released a few times... 0.97-29ubuntu34
[22:14] <kirkland> kees: my work would create grub_0.97-29ubuntu29
[22:14] <kirkland> kees: looks like benc and pitti have been active on grub
[22:15] <infinity> zul: php5 uploaded with several different FTBFS issues fixed.
[22:25] <zul> infinity: ergh....
[22:26] <zul> thats good but meh..:)
[22:27] <kirkland> kees: also, i've been using liferea, with its data in ~/Private ... no problem ;-)
[22:28] <infinity> zul: Meh?
[22:30] <kirkland> kees: would you prefer a debdiff against 0.97-29ubuntu34?  I can do that too...
[22:38] <kirkland> kees: perhaps this is what you want: http://people.ubuntu.com/~kirkland/grub/
[22:38] <kirkland> kees: most notably: http://people.ubuntu.com/~kirkland/grub/grub.33649.debdiff
[22:38] <kirkland> kees: and http://people.ubuntu.com/~kirkland/grub/grub_0.97-29ubuntu35_amd64.changes
[23:36] <kees> kirkland: you'll want to use debuild -S (for a source .changes file).  that's the easiest to sponsor.
[23:42] <zul> infinity: meh as being php is evil
[23:55] <ScottK> zul: Isn't that redundant.