/srv/irclogs.ubuntu.com/2008/08/15/#ubuntu-server.txt

emgentkirkland: ok ecryptfs sounds good, the only problem in ubuntu is if the X user change system password, true ?01:06
kirklandemgent: nope01:07
kirklandcat /etc/pam.d/common-password01:07
emgentoh true..01:07
kirklandemgent: ;-)01:07
emgentpassword   optionalpam_ecryptfs.so01:07
emgenthahah it`s perfect :)01:07
kirklandemgent: however, it is currently not very easy to change the underlying mount passphrase01:07
kirklandemgent: you'd have to mount two different directories, one with the existing data and existing password01:08
kirklandemgent: and a second one with the new password01:08
kirklandemgent: and copy the data from the old to the new01:08
kirklandemgent: and then remove the old01:08
emgentnods nods01:08
kirklandemgent: that's not ideal....01:08
kirklandemgent: but that's low on the priority list01:08
emgentok understand. nice :)01:11
taconehello, is there any standard location to store ssl certs to be used with apache2+ssl ?02:21
nxvltacone: https://help.ubuntu.com/8.04/serverguide/C/index.html02:23
ScottKlamont: Thanks.  I'm back online now.02:24
nxvlScottK: you haven't been here all day?02:24
taconenxvl: what specifically ? etc/ssl ?02:24
nxvltacone: https://help.ubuntu.com/8.04/serverguide/C/httpd.html02:24
ScottKnxvl: Nope.  Left about 14 hours ago.02:25
nxvlat the bottom of the guide02:25
taconenxvl: I am already there.02:25
taconenxvl: is there any policy I can read ? would subdirectories tollerated for /etc/ssl ?02:25
nxvltacone: not that i know, but that's the official ubuntu server guide02:25
nxvlScottK: mmm enought time to don't know about what i was asking02:26
nxvlScottK: i will wait until you get to it02:26
nxvl:D02:26
taconenxvl: I am asking because we are putting in place a wizard to set SSL certs on apache2 in our software. that's why I need feedback on which solution would be optimal02:27
nxvltacone: that's what i thought02:28
taconeok02:28
nxvltacone: i would find a good way to do it putting them into private/ and certs/ naming the certificates with the hostname or some part of it02:29
taconenxvl: the help page miss an useful information. I'd add it but seems non-editable02:29
nxvltacone: talk to sommer02:30
nxvltacone: he's our documentation leader02:30
taconenxvl: do you have his email ?02:31
nxvlsommer: ping02:31
nxvltacone: https://edge.launchpad.net/~asommer02:31
ScottKYeah!  Only 280 new emails since I was last at my desk.02:32
ScottKAlmost forgot ...02:34
nxvlScottK: i can't imagine dholbach's inbox after his 3 week holidays02:34
ScottKnxvl: Congratulations.02:34
nxvlScottK: thank you!02:34
nxvlyou get into it!02:34
nxvl:D02:34
nxvlgot*02:34
taconethanks nxvl, ~sommer doesn't seemed to be the right username :)02:35
sommernxvl: yo02:39
* sommer reading backlog02:39
sommertacone: you wanted to add something to the docs?02:40
taconeyes02:41
taconeI was about to write you a mail02:41
taconethere's a missing note for ssl config.02:41
sommerfor apache?02:42
taconehttps://help.ubuntu.com/8.04/serverguide/C/httpd.html02:42
sommerwhat's missing?02:43
taconeyou need to convert NameVirtualHost to *.80 (not just *) and then convert any <virtualhost> to use port 80.02:43
taconesurprisingly seems like even the default config (no user defined vhosts around) won't work with that.02:43
sommerah, ya that section needs some other updates... I'll add something about that02:44
taconesommer: that's valid only for hardy, not intrepid. intrepid shuold just work (haven't tried, but they seem to have adjusted)02:44
taconeok thanks02:44
sommertacone: ya, intrepid should have ssl by default02:44
sommertacone: thank you02:44
taconenp02:45
=== PrivateVoid_ is now known as PrivateVoid
abaqueirohello, I have this problem: I installed Ubuntu Server for sparc, I have 2 disk (hda, hdd) both with four partitions, the partitions 1º are only unused 8 Mb partitions, the partitions 2º are about 512 Mb, and I created a Raid1 device for the swap, the partitions 4º about 19Gb in both disk are for a RAID1 device, wich contain a ext3 filesystem (including /boot), ubuntu instalation was ok, until the instalation of silo, where it says there was an 05:12
abaqueiro[S] instead of the [U_] that I expected05:12
abaqueiroin the boot messages it says something about md0 stopped and md1 stopped and something about bind hda405:13
abaqueirodoes anyone have and idea what can be happening???05:17
joebob777as7i'm having some pretty poor network performance can someone give me a hand? it's about 1/10th the speed it runs in vista...05:47
abaqueirowireless?05:49
joebob777as7sending a 3GB file only runs between 2 and 5mbps... and on vista it's over 20mbps05:49
joebob777as7abaqueiro, wired05:49
joebob777as7abaqueiro, i'm trying to stream some movies and they aren't working :(05:51
abaqueirocould be the wireless driver, or the protocol you are using to transfer the movies05:51
joebob777as7abaqueiro, it's wired05:52
joebob777as7samba05:52
jmedinajoebob777as7: check the mode05:52
jmedinaethtool eth005:52
jmedinafor example05:52
joebob777as7jmedina, http://pastebin.ca/117243805:53
joebob777as7jmedina, peaks at about 6 mbps05:54
jmedinait is Half05:54
jmedina#05:54
jmedinaSpeed: 100Mb/s05:54
jmedina#05:54
jmedina        Duplex: Half05:54
joebob777as7jmedina, how can I make it full?05:54
jmedinatry to change it to full05:55
jmedinaman ethtool05:55
jmedinadont remember the param, but it is in the manpage05:55
joebob777as7jmedina, will it interrupt my transfer if I try it now?05:56
jmedinajoebob777as7:  :S05:58
joebob777as7jmedina, so I ran this: sudo ethtool -s eth1 duplex full speed 100006:00
joebob777as7and it is still half... :(06:00
jmedinammm what about the other side?06:00
jmedinais there more hosts?06:00
jmedinaare06:00
joebob777as7the other side is fine it's been tested in vista...06:01
jmedinafull speed 1000?06:01
joebob777as7jmedina, well no it's only 100 but full 10006:01
jmedinabut did you type 1000 in the prompt?06:02
joebob777as7yes06:02
joebob777as7do I need to set it while it's running?06:02
joebob777as7or before I start the transfer?06:04
jmedinanot sure06:04
jmedinaits been a long time since I used06:04
joebob777as7jmedina, ok thx for pointing me in the right direction.06:06
jmedinayou can also try with mii-tool06:07
jmedinajoebob777as7: try this06:12
jmedinaethtool -s eth0 speed 100 duplex full autoneg off06:12
krautmoin09:16
mdzI'm seeing an apparent deadlock between mutt and dovecot on Intrepid, which was working great until recently11:42
mdzmutt is blocked reading from dovecot, and dovecot is just polling waiting for something to happen11:42
mdzneither of them has changed recently, though11:42
mok0mdz: ... rebooting doesn't help?11:43
mdzmok0: I haven't tried rebooting, why?11:43
mdzdisconnecting from dovecot and reconnecting gets it working again for a while, then it gets stuck again11:44
mok0Because it would remove zombie processes, dead socket files etc11:44
mok0mdz: is dovecot running on a remote server?11:44
mdzmok0: no, locally via a pipe (mutt's "set tunnel")11:44
mdzand dovecot --exec-mail imap11:45
mok0Hmm11:45
mdzI'm going to try to get a trace of the imap conversation and see what's going wrong11:46
mok0I stopped using mutt when we introduced dovecot...11:46
mok0mutt sucks at imap11:46
mdzmok0: what did you switch to?11:46
mok0kmail11:46
mdzit does a bit11:46
ivoksmok0: fetch your mail with fetchmail then :)11:46
mok0I used thunderbird for a while, but I prefer kmail11:46
mdzit's very good at a number of other things, though11:46
mdzI'm told thunderbird has good keyboard navigation now11:47
mok0ivoks: I'm not that enamoured with mutt. I used it when I needed a local mail reader on the mail host.11:47
ivoksas for GUI clients, claws just rules all of them11:48
mok0ivoks: I run kubuntu, don't like the looks of GTK11:48
mok0anyways, we're getting OT11:49
ivoksright11:49
ivoksmdz: have you tried with other clients?11:50
ivokstelneting to port 143 would be enough...11:50
mdzivoks: I have run dovecot --exec-imap locally, and it talks to me11:51
mdzit talks to mutt, too, until it goes bad11:51
mdzit gets hung up immediately after mutt has saved a message to my sent folder11:51
mdzmutt blocks there and never actually gives the message to sendmail to send it out11:51
mdzI sent probably 50 messages through this same setup yesterday11:51
ivokssent folder is imap folder or local folder?11:53
mdzivoks: imap11:54
ivoksyou don't have access to dovecot's logs?11:56
ivoksor even better, dovecot's configuration... it can provide very nice debuging logs11:57
zulmorning12:40
foolanohi there12:41
michaelmonhi guys! need help on this. were you able to set up raid 0 on three disks?13:14
michaelmonthanks a lot!13:14
_rubenraid0 .. yuck!13:46
=== ahasenack is now known as ahasenack-flying
Gothfunchi.  how do i make files and dirs created inherit the parent dir's group and permissions?14:11
sommerGothfunc: I believe the umask command may be what you're looking for14:13
sommerGothfunc: http://www.lockergnome.com/linux/2002/08/29/the-users-mask/   may be of help14:14
Gothfunci have that command in mind, but it seems to only affect the shell session.  reading the link now14:15
Gothfuncsommer: if i wanted to apply that to any session for any user, how might i do that?14:17
sommerGothfunc: I think if you change the setting in /etc/skel/.profile it will be set for each session14:17
Gothfuncgotcha14:17
* Gothfunc looks14:17
sommerGothfunc: at least there's an entry at the top :)14:17
Gothfuncawesome, thanks sommer :)14:18
sommerGothfunc: np, it actually mentions the /etc/profile, you might want to take a look at that as weel14:19
sommer/weel/well/g14:19
Gothfuncok14:20
Gothfuncok that works, with /etc/profile14:23
Gothfuncbut still lacking group inheritance14:23
Gothfunc(with directories that are actually g+s)14:24
Gothfuncit just assigns the group equal to the user14:24
Gothfuncgothfunc/gothfunc14:24
Gothfuncnevermind, got it14:26
Gothfunc:P14:26
=== ahasenack-flying is now known as ahasenack
juannicolasHi, i don't know if my problems actually is ubuntu or my proftpd server, I need to transfer files that are more than 2 gigs and it would not let me.15:00
_rubenjuannicolas: could be a filesystem problem15:13
_rubenbut proftpd might be the prob too, if its not compiled with large file support15:14
juannicolas_ruben  Im trying to transfer files more than 2 gig size between mandrake to ubuntu15:14
uvirtbot`New bug: #258162 in postfix (main) "Postfix local privilege escalation via hardlinked symlinks" [Undecided,New] https://launchpad.net/bugs/25816215:39
lamontI love people filing bugs that are fixed.  or have we not quite published it for -security, I wonder15:41
zullamont: its so much fun15:43
ScottKlamont: I commented to that effect15:45
zullamont: kees is at debconf and jamie is on vacation afaik pitti is handling security15:47
* lamont smacks it into fix committed status with a comment15:48
ScottKlamont: We have not quite published it.15:48
lamontthat's why it's committed, not released15:48
ScottKRight, I typed that before I saw your last comment.15:49
ekimusanyone already running slapd with a cn=config backend? I'm right now playing around with it (spare box was an etch and I didn't care to reinstall) but I'm having quite some problems but I'm not sure wether it's the ldap browser (apache directory studio) or wether it's indeed slapd.16:18
sommerekimus: I've started the documentation of it :)16:18
ekimussommer: is that public? is it a wiki? i could add my notes :)16:19
sommerekimus: basically rewriting the serverguide openldap section: https://help.ubuntu.com/8.04/serverguide/C/openldap-server.html16:20
sommerekimus: I haven't commited my changes yet16:20
ekimushehe, always learning great things. I didn't even know about a serverguide in general. :)16:21
sommerekimus: if you want to send me your notes that's cool, I should have a commit ready by Sunday or Mondayish16:21
kirklandzul: superm1 was asking last night about mysql-server's "recommends" on mailx16:21
sommerekimus: reviews of the serverguide is always appreciated :)16:21
zulkirkland: what about it?16:21
kirklandzul: if we thought it could be dropped to a 'suggests'16:22
kirklandzul: lamont and ScottK had some good ideas about using a meta package, instead of specific MTA, like mailx16:22
zulkirkland: propbably yeah it could16:22
lamontkirkland: mailx is not an MTA16:23
kirklandlamont: MUA, sorry16:23
ekimussommer: I will try to give it a review. But i can't quite promise not to mix in some debian stuff (although that would have to be _very_ special). in most cases one can still use debian docs for ubuntu and the other way around16:24
sommerekimus: they're usually pretty close... not sure what the status of the new cn=config changes are in debian though16:25
sommerekimus: that is the intrepid cn=config changes... I assume that's what you're testing, heh16:25
ekimussommer: is help.ubuntu.com maintained by canoncial. I can't find a login or discusion button.16:25
uvirtbot`New bug: #258192 in dhcp3 (main) "problem with paths and binding to ldap server" [Undecided,New] https://launchpad.net/bugs/25819216:25
ekimussommer: actually I'm just getting used to to the ldap part itself right now. I just hackishly fixed the etch init script so that it doesn't choke on new style config16:26
sommerekimus: it's a community wiki, maintained by members of the ubuntu community... canonical does manage the servers16:26
sommerekimus: with intrepid slapd will use cn=config by default... which is why the docs need updated, it's a pretty big change :)16:27
ekimusahh nice. the openldap admin guide is talking about "old style" config also when they refer to the slapd.conf file.16:28
sommerekimus: ya, I've found that cn=config documentation isn't as prevelant as slapd.conf... but once you get understand which objects control what, and their attributes, it's not that bad16:29
ekimustrue, the nicest thing about it is no restarts for acl changes. the bad thing is... you can lock yourself out _a lot_ easier :)16:31
sommerekimus: heheh... haven't done that yet, but I'm sure it'll happen sooner or later16:31
sommerit's also very cool for updated indexes and adding schemas16:31
ekimusyeah i just did dad with loading the dynlist overlay and adding a schema (actually just converted the dynlist schema) and configured dynamic groups for just a single backend. very nice16:37
ekimusok going for my break now16:37
edmoorehi everyone. So are there less evil options than installing gnome-desktop if I want to occassionally use a gui ap, sometimes on a monitor, sometimes over vnc?16:48
ekimusedmoore: sure just use only xorg and the apps you want (although you'll end up with all the gnome and qt stuff anyway after some time)16:54
ekimusedmoore: or use tools that connect to an IP and tunnel thru ssh or some vpn16:54
edmooresecond option sounds better. Would dearly like to avoid clogging this box up with crap16:55
ekimuswhat kind of gui programs are you talking about? db management stuff, gparted (only local), ....?17:04
ekimushmmm is there an OID to use for private usage, like everyone that knows this objectclass will never leave the organization should use OID 1.1.2.2.117:26
uvirtbot`New bug: #258353 in bacula (universe) "package bacula-director-pgsql 2.4.2-1ubuntu2 failed to install/upgrade: Unterprozess post-installation script gab den Fehlerwert 2 zurück" [Undecided,New] https://launchpad.net/bugs/25835318:06
leonel intrepid  feature freeze is on 18 aug .. that means  no more new packages right ?18:43
leonelso ...  no django 1.0 in intrepid ..  it get released on sept 2 ..18:44
sommerleonel: it's actually on the 28th... it's just number 18 in the list18:44
sommerat least that's the way I read the table :)18:45
leonelright .. but no  django 1.0  for intrepid ??18:46
sommernot sure, you might ask the last person to update the package18:47
* sommer thought there was some type of exception process18:47
sommerleonel: you might give this a read: https://wiki.ubuntu.com/FreezeExceptionProcess18:48
leonelsommer: thanks18:48
sommernp18:48
kaushalhi19:23
kaushalI have configured openvpn client using Network Manager on Ubuntu 8.04 Linux Desktop, The issue is that I need to add sudo ip route add 10.0.0.0/8 via 10.10.50.12 dev tap0 every time whenever i need to connect to openvpn server19:23
kaushalany clue19:23
K4kI'm having difficulty with the motd on my server, it seems to be showing up twice when I login via ssh, and I have no idea why19:27
K4kI found a forum thread saying that it could be that bootmisc.sh is cating together motd with motd.tail and if .tail had the same message as motd it would cause it19:28
K4kbut I checked it and then re-ran the bootmisc script and then re-logged in but it didn't help19:29
ArtimusDeathholehey peeps.  I finally got my LSI SAS3081E-R HBA's, as per suggestion int he channel19:30
ArtimusDeathholeI am reading through modload to load the driver and I am having trouble finding the module itself.   I have checked under /lib/kernel/drv/amd64 as the man page mentioned, but it isnt in there.   I know that the SUNWlsimega is installed, but what should I be looking for?19:31
ArtimusDeathholeim sorry that was /usr/kernel/drv/amd6419:32
ArtimusDeathholeI may be dumb19:34
zuloh I think you might want a solaris channel19:35
ArtimusDeathholeyeah,  I just noticed I popped this into the wrong window19:35
ArtimusDeathholemy bad19:35
ArtimusDeathhole<===  dumb19:36
kirklandzul: ping20:05
kirklandzul: any chance you can sponsor my fix for https://bugs.launchpad.net/ubuntu/+source/ecryptfs-utils/+bug/258388 ?20:05
uvirtbot`Launchpad bug 258388 in ecryptfs-utils "ecryptfs-setup-private should protect users from overwriting an existing setup" [Undecided,New]20:05
zulkirkland: slim chance ;)20:05
zulkirkland: are all of these patches going back into debian so we dont carry them for intrepid+1?20:06
kirklandzul: they're going back to the upstream git tree20:06
kirklandzul: and yes, the debian maintainer is taking them20:06
zulkirkland: nifty thats what I like to hear20:07
kirklandzul: that's the way i roll 8-)20:07
kirklandzul: my fixes can be seen applied here: http://git.kernel.org/?p=linux/kernel/git/mhalcrow/ecryptfs-utils.git;a=summary20:07
zulkirkland: your word is good enough for me20:08
kirklandzul: and i ping the debian maintainer periodically and ask him to sync up to the latest upstream release20:08
kirklandhttp://packages.qa.debian.org/e/ecryptfs-utils.html20:08
zulkirkland: done20:10
kirklandzul: you rock so much20:11
zulI know :)20:11
AquaraptorIs there a "powered by ubuntu server" logo somewhere? I'd like to put one on my site22:38
TerrasqueHey. Got a problem with the 8.04 kernel. Upgraded from 6.06, and the server is unstable with the new kernel. Old 6.06 kernel works fine tho23:42

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!