[00:28] <J-_> How can I change my server password?
[00:29] <hads> passwd
[00:30] <J-_> !passwd
[00:56] <J_5> J-_: for your user name? used passwd
[00:56] <J_5> use*
[02:30] <warchief_ryan> Does anyone know how I can have my iptables rules added at boot?
[02:34] <Ontolog> Are there command-line utilities that do the same thing as the Network Configuration GUI?
[02:34] <Ontolog> In particular, define and apply different Profiles?
[02:36] <warchief_ryan> ifconfig, depending on what your wanting to do I think.
[02:40] <Ontolog> ifconfig is very low level
[02:41] <Ontolog> i'm talking about the higher-level 'Profiles' that the GUI supports
[02:41] <ScottK> warchief_ryan: If you configure ufw, it will run at boot.
[02:41] <warchief_ryan> I have, but I want to use just iptables
[03:22] <kgoetz> does hardy still have /etc/rc.local? if so you could put a iptables-restore in there
[03:24] <warchief_ryan> why would I do that?
[03:25] <warchief_ryan> I want my rules added, wont that just restore to default?
[03:26] <kgoetz> not if you restore from a dump you made.
[03:28] <warchief_ryan> ok, how?
[03:30] <kgoetz> iptables-save and iptables-restore are both <40 line man pages. its not very complex.
[03:34] <warchief_ryan> complex maybe not, but the man pages don't really explain throughly enough, mainly about the process
[03:35] <warchief_ryan> like if its dumping it to somewhere or if ive got to state where to dump
[03:36] <kgoetz> afaik its as hard as iptables-save > /root/dump && echo "iptables-restore < /root/dump " > /etc/rc.local # again, assuming that rc.local exists andd is used
[03:39] <warchief_ryan> k thanks, ill try
[04:18] <khaotik> anyone have time to help a complete noob?
[04:20] <lrojas> hi all
[04:20] <J_5> khaotik: we were all noob's at once, just ask you question :)
[04:22] <khaotik> well i would like to attempt to set up one of my machines to run ubuntu server. I have never dealt with any server OS before. ive been using ubuntu desktop for over 1 year.
[04:22] <lrojas> i tried installing ubuntu JeOS server on VMWare fusion, but i am not sure if i am suposed to use it only to prepare an appliance or can i use to develop my web app in it... ( care to clarify that? ) but my main question is... Do man comes with JeOS? cause when i try to man something i get command not found
[04:23] <khaotik> i have an old laptop i would like to use. is there any limitations or specifications of hardware i should use or stay away from?
[04:25] <lrojas> did i get disconected?
[04:27] <lrojas> :/
[04:27] <ScottK> No.
[04:27] <lrojas> ok
[04:27] <lrojas> :)
[04:28] <ScottK> For a test server most any hardware will do.
[04:28] <ScottK> Actually for most server applications hardware is less critical than desktop since you aren't running X and a bunch of heavy apps.
[04:30] <lrojas> are you answering me? i am asuming you are answering khaotik
[04:32] <hads> lrojas: sudo aptitude install man
[04:33] <khaotik> my bad i had to take the dog for a walk
[04:33] <lrojas> hads, thanks
[04:34] <hads> JeOS is exactly the same, just a minimal install
[04:34] <lrojas> does anybody knows if i intend to run the ubuntu server under a VM, installing from the JeOS iso is better than from the regular server ISO?
[04:35] <khaotik> the reason i ask i have an old HP laptop that has 512 MB RAM 40 GB hardrive and pentium 4 1600 Mhz. would that be something sufficient to run on?
[04:36] <jhigueros>  good night may be you can helpme somebody knows where is magicfab i am loking for him
[04:39] <lrojas> hads, thanks again didnt realize that you had answered me before i asked my question
[04:44] <khaotik> well i tried installing ubuntu server on it. everything seem to load fine. then when i tried to install a GUI for it it crashed
[04:49] <hads> lrojas: No problem
[05:16] <lrojas> anybody can give me a sugestion, regarding runing ubuntu server on a Virtual Machine ( VMWare ), should i install it as JeOS Server? or is that only used to make appliances and for more general purposes the standard server is ok?
[05:17] <hads> As I mentioned it's the same thing, JeOS is just a minimal install.
[05:31] <chmac> My apache child processes are using around 20-30 MiB of physical memory after serving a few requests. Does that seem normal?
[05:32] <chmac> When the child is freshly created it uses < 1 MiB
[05:41] <li> jjkkll
[07:34] <skep> chmac_away: this can be normal..do you run e.g. php app's?
[07:35] <chmac_away> skep: Yeah, running large bloated php apps, phpnuke being the worse, and WordPress
[07:39] <skep> i would say its normal then..the default limit is 64MiB afaik..
[07:39] <skep> for child mem use
[07:43] <chmac_away> skep: The MaxClients at 150 was killing my server
[07:43] <chmac_away> I've reduced it to 18 now though, so hopefully it'll behave from now on
[07:44] <Ian_Corne> hehe
[07:45] <skep> chmac_away: you could also reduce the ServerLimit to the same number..
[07:46] <chmac_away> skep: I don't have a ServerLimit in my apache2.conf...
[07:48] <chmac> skep: Ok, I see how it works. I'll keep that in mind if we have problems down the line. Thanks.
[11:06] <uvirtbot`> New bug: #267696 in mysql-dfsg-5.0 (main) "mysqldump fails silently against mysql 4.0 server" [Undecided,New] https://launchpad.net/bugs/267696
[11:15] <hsn_> i need libcxa.so.3 where can i get it?
[11:36] <uvirtbot`> New bug: #267701 in php5 (main) "php5 session files purge cron job not working outside /var/lib/php5" [Undecided,New] https://launchpad.net/bugs/267701
[12:26] <skep> hsn_: libcxa.* should be in intel compiler packages..are you sure that this file isn't already on your filesystem? perhaps search via find..
[12:28] <skep> hsn_: so perhaps you just need the dev package for your compiler..
[13:17] <lrojas> hi all
[13:17] <lrojas> anybody aake?
[13:19] <lrojas> awake... awake... awake...
[13:20]  * lrojas ponders at the cavernous cacophony in here
[13:31] <soren> The keyword is patience.
[13:32] <soren> Also, most people don't bother answering "anybody awake" sort of questions. There's 107 people in here. The noise of everyone responding to those kinds of questions would be horrible. Just ask your question.
[13:51] <lrojas> i just installed ubuntu server, and i was following the documentation to install lighttpd + ruby + rails, everything installed ok but now when i try to access the site, it says conection refused... what am i doing wrong?
[13:58] <skep> lighthttp running?
[13:59] <lrojas> well, i am following this instructions : https://help.ubuntu.com/community/RubyOnRails#Lighttpd%20Installation, i executed the command for running the lighttpd service but when i check if it's up, is not
[13:59]  * zul really really hates libtool
[14:08] <soren> lrojas: Try "sudo /etc/init.d/lighttpd stop ; sudo /etc/init.d/lighttpd start"
[14:08] <soren> lrojas: Do you have another webserver running on the machine, perhaps?
[14:11] <lrojas> soren, not that i know of, is a fresh install of ubuntu...
[14:12] <lrojas> soren, i dont want to use pastebin for 6 lines, can i paste them here?
[14:14] <soren> No.
[14:14] <soren> -> pastebin.
[14:16] <lrojas> http://pastebin.com/d5fbcfee3
[14:20] <skep> looks good..and localhost in your webbrowser gives you connection refused?
[14:22] <lrojas> if it is any help, here is my /etc/lighttpd/lighttpd.conf http://pastebin.com/d109af8e3
[14:25] <skep> whats the output of "sudo netstat -ap | grep www" after starting lighthttpd?
[14:26] <soren> And just as interesting:
[14:26] <soren> sudo netstat -apn | grep lighttpd
[14:27] <skep> soren: but doesn't the n parameter converts www/lighthttpd into 80?
[14:27] <skep> ah no..mixed something up..its ok
[14:27] <lrojas> skep yes
[14:28] <lrojas> skep i get conection refused
[14:28] <soren> -n turns 'www' into 80. Nothing else.
[14:28] <\sh> guys...does anyone run a hp dl3x5 with a p400i for system hds and a p800 for MSA storage? looks like that even if the bios is saying: p400i is the default boot controller, our grub and kernel doesn't want to boot
[14:28] <soren> Well, it skips any sort of name/service resolution
[14:28] <soren> \sh: What happens?
[14:29] <\sh> soren: well, it should boot...but it doesn't :)
[14:29] <\sh> no errors during installation (server)
[14:29] <lrojas> sudo netstat -ap | grep www returns nothing
[14:30] <soren> lrojas: What about "sudo netstat -apn | grep lighttpd" ?
[14:30] <lrojas> nothing either
[14:30] <soren> ps aux | grep light
[14:31] <soren> \sh: I hope you're typing more info and not just waiting for an answer..
[14:31] <lrojas> it only returns the grep itself
[14:32] <skep> lrojas: you could also check out the logs in /var/logs for something lighthttpd related..maybe in messages or the lighthttp logs itself (if there are any)
[14:33] <\sh> soren: I'm running between my desktop and my server ;)
[14:34] <\sh> strange..after installation the server doesn't boot up as expected...now I "reinstalled" grub from the "rescue system"...and now he finds the devices correctly, but totally wrong from grubs menu.lst now (which was during installation (hd1) and now it's (hd0))..no cold boot done
[14:34] <soren> Just change the boot entry in grub?
[14:38] <lrojas> how do i cd into /var/log/lighttpd ? i get permission denied, if i do sudo cd /var... i get cd commnad not found
[14:39] <\sh> soren: i did...but something goes wrong during installation via d-i and the final system...I'll have another machine with the same setup tomorrow...so I can check a bit more
[14:40] <\sh> soren: btw...do you have any clue how udev setups the devicenames for NICs? It looks a bit strange when the onboard and the other 4Gi NICs are somehow randomly counted...
[14:42] <soren> \sh: It's random.
[14:44] <soren> Upon discovering the pci devices, the modules are loaded. The modules's initialisation phases might overlap, and then you get a somewhat odd ordering of the interfaces.
[14:44] <soren> You can fix it up in /etc/udev/rules.d/70-persistent-net.rules
[14:45] <soren> You can even assign arbitrary names to nics in there. (i.e. you can name them according to function "wan", "dmz", "office", "prod", "test", etc.)
[14:47] <\sh> soren: yes..I know, I just thought that it happens via a non-random system e.g. pci-id dependent
[14:58] <_ruben> ugh .. i really oughta setup a netboot environment .. this vritual media over lan is performing like shit :/
[15:03] <_ruben> now it seems to stall even earlier .. sigh
[15:12] <uvirtbot`> New bug: #267671 in samba (main) "bug of samba" [Undecided,New] https://launchpad.net/bugs/267671
[15:17] <skep> lrojas: "sudo tail -f /var/log/messages" and/or "sudo tail -f /var/log/lighthttp...." and with these commands running try to (re)start lighthttpd and check if something is added to the logs
[15:37] <soren> _ruben: "virtual media over lan"?
[15:37] <soren> _ruben: Well, really "vritual", but I presumed that was a mistake :)
[15:38] <_ruben> soren: its a feature of this machine, as part of the remote kvm card in it .. it allows to mount isos over the network to be used as a virtual cdrom drive
[15:38] <soren> Oh.
[15:39] <_ruben> moved the iso from fileserver to my local system .. atleast feels faster .. perhaps im able to actually finish the install now :)
[15:44] <_ruben> bah .. cheered too early .. stalled on "Retrieving lvm2-udeb"
[16:13] <AnRkey> My dovecot-imapd is showing this error in the /var/log/mail.log file >> Sep  8 17:09:13 homeserver dovecot: imap-login: Aborted login (0 authentication attempts): rip=192.168.0.2, lip=192.168.0.5
[16:13] <AnRkey> i cant connect to the imapd from evolution or thunderbird
[16:14] <AnRkey> any suggestions?
[16:14] <zul> are you using the right password?
[16:19] <AnRkey> haha
[16:19] <AnRkey> i think i am beyond that yes :D
[16:19] <AnRkey> found the prob
[16:19] <AnRkey> i had sasl auth only on
[16:20] <AnRkey> it's always something simple that messes everything up :D
[16:20] <AnRkey> thanks anyway
[16:51] <uvirtbot`> New bug: #267802 in nagios2 (universe) "Home Folder for Nagios is wiped on Reboot" [Undecided,New] https://launchpad.net/bugs/267802
[17:11] <jdstrand> sommer: hi! do you have time for some quick comments regarding the ufw documentation?
[17:34] <jdstrand> lamont: hi! I have on my todo list to do the LP stuff for the bind9 SRU. I don't (yet) see that it is uploaded. can you ping me when you upload and I'll do the LP stuff?
[17:37] <sommer> jdstrand: can I ping you in about 2 hours?
[17:38] <jdstrand> sommer: sure. ping me when ready (I may be out, but will certainly be available around that time)
[17:41] <lamont> jdstrand: git clone git://git.debian.org/~lamont/bind9.git
[17:41] <lamont> :-)
[17:41] <lamont> or was I packaging it?
[17:41] <jdstrand> lamont: oh, I thought you said you'd upload
[17:41] <jdstrand> (I thought that was where we left it)
[17:42] <lamont> right
[17:42] <lamont> sorry
[17:42] <jdstrand> np at all
[17:42] <lamont> I'll get to that tonight,  I expect
[17:42] <jdstrand> cool-- feel free to ping me when uploaded
[18:27] <uvirtbot`> New bug: #263840 in samba (main) "smbpasswd crashed with SIGSEGV in dump_core()" [Medium,Incomplete] https://launchpad.net/bugs/263840
[18:32] <_ruben> bah .. most neboot tuts are geared towards -desktop, not -server :/
[18:33] <_ruben> s/neboot/netboot/
[20:05] <Goosemoose> anyone know what to set in the preseed file to get the new computers to authenticate users against the domain?
[20:06] <mathiaz> Goosemoose: have you looked into using the late_command option ?
[20:06] <Goosemoose> yeah i just cant seem to get likewise to work right
[20:07] <mathiaz> Goosemoose: AFAIR the likewise-open package doesn't support preseeding the domain part
[20:07] <Goosemoose> that would be bad, i dont want to manually go join 250 machines to the domain
[20:07] <mathiaz> Goosemoose: IIRC you can pass the administrator password on the domain-join command line
[20:07] <Goosemoose> hmm
[20:08] <mathiaz> Goosemoose: so you can use the late_command option to perform the domain-join and adding likewise-open to the list of packages to be installed
[20:08] <Goosemoose> ok ill have to figure out the domain-join part, i must have something wrong with it
[20:08] <mathiaz> Goosemoose: be aware that the preseed will go uncrypted on the network
[20:09] <Goosemoose> i used MD5 for the admin user on the machine, I'm guessing domain-join doesn't support that?
[20:09] <mathiaz> Goosemoose: another solution is to setup ssh public keys on installs and then ssh into the box to do the domain-join
[20:10] <Goosemoose> i'd rather avoid that if i can
[20:11] <mathiaz> Goosemoose: right - it seems the first you'd have to take is to figure the domain-join command line
[20:11] <Goosemoose> ok
[20:11] <Goosemoose> im going to look on the forums some more
[20:12] <mathiaz> Goosemoose: once you've got the command line, you can choose where you want to automate it : late_command in preseed (less secure depending on your installation environment) or via ssh
[20:12] <Goosemoose> ok
[20:25] <Goosemoose> hmm, i just installed likewise-open on a machine via sudo apt-get install likewise-open, but the domain-join command does not exist
[20:25] <Goosemoose> is there another dependency?
[20:25] <Goosemoose> nvm its domainjoin-cli
[20:26] <sommer> jdstrand: pinger
[20:27] <jdstrand> sommer: hey
[20:27] <sommer> ufw has some new options?
[20:27] <jdstrand> sommer: I just have a few really small things
[20:27] <jdstrand> sommer: 1) ufw has 'status' and 'status verbose'
[20:28] <sommer> jdstrand: ah, I'll note that
[20:28] <jdstrand> sommer: 2) until case-insensitive profile names are in place, when referencing applications profiles, we should use a capitalized first letter
[20:28] <jdstrand> sommer: eg 'Samba' or 'Apache'
[20:29] <sommer> okay, are the --update-new options the same?... I thought there were some changes, at least from the one email thread
[20:30] <jdstrand> sommer: let's get back to that in just a sec
[20:30] <sommer> heh, no problem
[20:31] <jdstrand> sommer: you say: "Similar to allowing traffic to a port, enabling an application profile is accomplished by entering"
[20:32] <zul> mathiaz: do you have an opinnon on bug #267701
[20:32] <uvirtbot`> Launchpad bug 267701 in php5 "php5 session files purge cron job not working outside /var/lib/php5" [Undecided,New] https://launchpad.net/bugs/267701
[20:32] <jdstrand> sommer: but there really isn't a concept of 'enabling an application profile"
[20:32] <jdstrand> sommer: it's really, just using it, like you might use a protocol name in /etc/services
[20:33] <jdstrand> sommer: you use 'enabled' in a few places in there, so the workding may need to change somewhat
[20:33] <jdstrand> sommer: does that make sense?
[20:33] <sommer> jdstrand: I think so
[20:33] <jdstrand> sommer: ok good-- eg "To view details about which ports, protocols, etc are enabled for an application, enter:"
[20:33] <mathiaz> zul: we should find out why php is creating session in /tmp/
[20:34] <jdstrand> sommer: here, just do s/enabled/defined/
[20:34] <mathiaz> zul: or which module is causing that - and fix it there
[20:34] <zul> mathiaz: cool..
[20:34] <jdstrand> sommer: now to your previous question
[20:35] <jdstrand> sommer: 'ufw app update <foo>' only does something if you used the profile 'foo' in your rulesets
[20:35] <jdstrand> sommer: otherwise it's a no-op
[20:36] <sommer> jdstrand: gotcha
[20:36] <jdstrand> sommer: 'ufw app update --add-new <foo>' will do as above, but will also add a rule to your existing rules if the default application policy is changed away from 'skip'
[20:36] <jdstrand> sommer: no packages do that currently
[20:37] <jdstrand> sommer: unless you are going to talk about how an administrator can use applications profiles, you might want to just skip mentioning '--add-new'
[20:37] <jdstrand> sommer: what do you think?
[20:38] <sommer> jdstrand: I think that'd be simpler
[20:38] <jdstrand> (it is in the man page)
[20:38] <jdstrand> sommer: I agree
[20:38] <jdstrand> sommer: it was always intended for maintainer scripts, and possibly for advanced sysadmins
[20:38] <sommer> jdstrand: cool, I'll rework that bit
[20:39] <jdstrand> sommer: that's all I have. thanks *soo* much for the docs :)
[20:39] <sommer> jdstrand: np, thank you
[21:11] <sommer> jdstrand: ufw section updated :-)
[21:12] <sommer> jdstrand: it may be tomorrow before the changes appear on the website though
[21:12] <jdstrand> \o/
[21:12] <jdstrand> sommer: ok, I'll check then
[21:12] <jdstrand> sommer: thanks again
[21:13] <sommer> welcome :)
[21:28] <zeth> hello
[21:28] <zeth> I am doing
[21:28] <zeth> I am trying to install something
[21:28] <zeth> and apt-get blocks me
[21:28] <zeth> The following packages have unmet dependencies. libdb4.6-dev: Conflicts: libdb4.3-dev but 4.3.29-11ubuntu1 is to be installed
[21:28] <zeth> How do I have both?
[21:30] <arakthor> I have no idea if this is sane, or works, but have you tried installing that dependency by itself
[21:30] <zeth> arakthor: you mean from source?
[21:30] <zeth> or just apt-get install libdb4.3-dev ?
[21:31] <zeth> does not seem to make much difference installing it alone
[21:31] <arakthor> apt-get install libdb4.3-dev is what I meant
[21:32] <arakthor> err
[21:32] <arakthor> sorry
[21:32] <arakthor> 4.6
[21:32] <zeth> libdb4.3-dev is already the newest version.
[21:32] <zeth> if I do that
[21:32] <zeth> 4.6
[21:32] <zeth> then I get
[21:32] <zeth> The following packages will be REMOVED apache-dev libdb4.3-dev
[21:32] <zeth> removing apache-dev might be very bad
[21:32] <arakthor> ah
[21:34] <guntbert> zeth: I've  seen such behaviour after enabling "proposed"
[21:36] <zeth> oh right
[21:36] <zeth> yes
[21:36] <zeth> that sounds good
[21:36] <zeth> know how I can fix it?
[21:36] <zeth> Look through my sources.list?
[21:38] <guntbert> I'm on ubuntu desktop, but on server, yes, edit sources.list seems sensible
[21:39] <zeth> no proposed there
[22:22] <dendrobates> ScottK: bug #267901
[22:22] <uvirtbot`> Launchpad bug 267901 in smart "smart does not correctly verify packages coming from archives." [High,Fix released] https://launchpad.net/bugs/267901
[22:23] <dendrobates> ScottK: I uploaded a fix.