[00:03] <owh> I'm getting "query (cache) [..] denied" errors in syslog. Google tells me that I can add allow-query { mumble }; to named.conf, but I have three files to choose from, named.conf  named.conf.local  named.conf.options - none of which have any obvious priority. The server guide is silent on the matter. Where should I do this?
[00:04] <owh> Or am I solving this in the wrong way?
[03:21] <uvirtbot`> New bug: #268816 in squid (main) "logrotate uses outdated sarg script" [Undecided,New] https://launchpad.net/bugs/268816
[04:06] <szx0> How can I completely remove then reinstall the Apache2.2 configuration of my Ubuntu 8.04/64Bit Server installation. I tried apt-get -f remove apache2 / apt-get --purge remove apache2 / .. then installing again and many different combinations with apache2 and apache2.2-common.. but nothing appears to make the /etc/apache2 directory or the init.d/apache2 file... ideas?
[04:11] <NCommander> szx0, conffiles are not removed
[04:11] <NCommander> szx0, you must remove them
[04:14] <slangasek> szx0: I believe the conffiles are owned by apache2.2-common, so that apt-get --purge remove apache2.2-common should give you a clean slate
[04:14] <slangasek> purging apache2 will not automatically purge the packages that it depends on
[04:14] <szx0> Purging apache2.2-common does not work
[04:14] <slangasek> what files are left behind when you purge apache2.2-common?
[04:16] <szx0> hmm okay brilliant its doing something different now
[04:16] <szx0> last time I did sudo apt-get --purge remove apache2 apache2-common and it only remove 94kb of stuff
[04:16] <szx0> i meant apache2.2-common
[04:17] <szx0> now just doing sudo apt-get --purge remove apache2.2-common it got rid of 33megs of stuff
[04:20] <kgoetz> you'd probably already removed it
[04:23] <szx0> \quit
[04:30] <lukehasnoname`> sooooooooooooren
[04:31]  * kgoetz smacks lukehasnoname` for join-and-ping
[04:31] <lukehasnoname`> ow
[04:35] <lukehasnoname`> 1) We need a better name for "Basic Ubuntu Server", as decided. 2) I was thinking, it would be cool to be able to choose your scripting language for a web server (I guess you're already on that path with RoR). As in, when you choose 'Web Server', you then choose PHP, Python, or Ruby for the language. 3) make the ubuntu server guide more easily accessible than "w3m /usr/shar/ubuntu-serverguide/html/c/index.htm
[04:38] <kgoetz> 1. cant comment. 2. that would be more qustions asked,, which i think is not what ubuntu usually does, 3. how more accessable? in text?
[04:42] <lukehasnoname`> 1) In intrepid, a new box in tasksel currently called "Basic Ubuntu Server" installs the server guide (HTML), w3m, patch, and something else. I suggested it needs a more suitable name. 2) Since PHP is no longer as dominant as it once was, I thought it would appeal to people looking to get their Python or Rails projects up quickly. 3) Perhaps a symlink or a w3m launcher in the original user's home directory to
[04:51] <kgoetz> 1. i see, not tried intrepid. 2. you could try and support 'the big 4' - perl/python/php/rails (although rails needs more intgration work), but could turn into a lot of work. 3. if motd says 'for help run w3m' i dont think filling homes with rubish is needed
[04:53] <lukehasnoname`> I agree
[04:54] <lukehasnoname`> a modified motd (if server guide is installed) could say "For help, see /path
[04:54] <lukehasnoname`> "
[04:57] <lukehasnoname`> g2g do some homework before bed
[05:38] <cchapman> hello
[07:18] <toolfan2k4> can ubuntu be used as a user server for windows?
[07:19] <kgoetz> 'user server'?
[07:20]  * _ruben thinks ADS
[07:20] <toolfan2k4> yeah like how businesses and schools give usernames to people to allow them to login on any pc on the network.
[07:21] <slangasek> Yes; Ubuntu with Samba can be used as an NT4-style domain controller for Windows
[07:23] <kgoetz> and if your luck enough to have no doze boxes, you can probably use ldap
[07:23] <toolfan2k4> no doze boxes?
[07:24] <slangasek> presumably that doesn't help with the use case he's interested in given the question he asked
[07:26] <kgoetz> yeah. but i thought i'd put it into the logs anyway
[07:27] <lukehasnoname> no doze?
[07:27] <lukehasnoname> elab.
[07:39] <toolfan2k4> ok thanks
[07:40] <toolfan2k4> what is no doze?
[07:40] <slangasek> doze being slang for Windows
[07:42] <lukehasnoname> ah
[07:42] <lukehasnoname> I thought he mean 24/7 uptime
[07:42] <toolfan2k4> ah so i figured.
[07:42] <toolfan2k4> ok so i will research samba
[07:43] <toolfan2k4> thnk slangasek
[07:43] <slangasek> sure
[07:46] <toolfan2k4> you wouldn't happen to know of a tutorial for how to set up samba as a username server?
[07:47] <lukehasnoname> http://doc.ubuntu.com/ubuntu/serverguide/C/index.html maybe
[07:47] <lukehasnoname> no clue
[07:49] <slangasek> there are probably a number of tutorials out there; the keywords are samba+pdc+nt4
[07:50] <slangasek> http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/samba-pdc.html looks promising
[07:50] <kgoetz> IIRC sambas package (or its -docs package) contains lots of info on the subject - i'll be looking into it this weekend myself
[07:51] <toolfan2k4> thank everyone....im gonna give it a try...beats the price of windows server
[07:51] <slangasek> yes, the above samba.org link points to the Samba-HOWTO-Collection, which is also in the samba-doc package
[07:52] <kgoetz> ah, nod.
[07:55] <emgent> kirkland: ping
[08:31] <uvirtbot`> New bug: #268868 in apache2 (main) "[Intrepid Alpha 5] NameVirtualHost entry in ports.conf causes "NameVirtualHost *:80 has no VirtualHosts" warning" [Undecided,New] https://launchpad.net/bugs/268868
[08:43] <spiekey> Morning!
[08:43] <spiekey> Can someone recommend a tool to monitor and analyse network traffic (mith mrtg or alike?)
[08:43] <spiekey> i need to find out where my network bandwith peaks are, and the ports which are beeing used ;)
[09:06] <_ruben> spiekey: iftop for realtime stats, pmacctd for longterm info
[09:36] <incorrect> I was wondering what the best mail/group ware type system was these days?  or is there even one that ubuntu promotes use of?
[10:07] <_ruben> !best
[10:52] <Koon> question: likewise-open in hardy shipped /usr/lib/libwbclient0.so. In intrepid, libwbclient0 (samba dep) ships /usr/lib/libwbclient0.so, while likewise-open uses one in /usr/lib/likewise-open/libwbclient0.so. Hardy (with samba+likewise-open installed) -> Intrepid upgrades fail, because libwbclient0 is installed before likewise-open is upgraded. Is there any way of making dist-upgrade process likewise-open upgrade before libwbclient0 is installed ?
[10:55] <soren> Koon: Yes.
[10:56] <Koon> soren: good news. How ?
[10:57] <soren> Koon: You add "Conflicts: likewise-open (some version specifier)\nReplaces: likewise-open (some version specifier)" to the new libwbclient0 package.
[10:58] <Koon> soren: ok so that would be a fix in libwbclient rather than in likewise-open. After all, it's the one stepping on the other's toes.
[11:00] <soren> Right.
[11:00] <soren> I'm surprised this is not adresssed in some kind of FAQ somewhere. At least not one that I can find.
[11:01]  * Koon reads debian policy 7.6.1 which has a clean explanation
[11:33] <uvirtbot`> New bug: #264943 in samba (main) "gvfsd-smb crashed with SIGSEGV in strlen()" [Medium,New] https://launchpad.net/bugs/264943
[11:52] <ghaleb> hello, is there a way to pass the ssh password to the ssh command ?
[11:53] <Kamping_Kaiser> ghaleb, waht do you mean?
[11:53] <Kamping_Kaiser> iirc 'expect', but if you need ot enter a password, why not use keybased logins?
[11:54] <ghaleb> I want to execute a command from a server, but the ssh client asks for password , is there a way to pass the password to the login ?
[11:55] <nijaba> ghaleb: as Kamping_Kaiser said, generate a ssh key and use this instead
[11:55] <ghaleb> I made it, but I have a problem that I tried to solve
[11:55] <ghaleb> but it didn't work
[11:55] <ghaleb> I create public an private keys
[11:55] <nijaba> ghaleb: https://help.ubuntu.com/community/SSHHowto should explain this in detail
[11:56] <ghaleb> nijaba: I know how to do it, but it didn't work for one client only
[11:56] <ghaleb> I mean, I made it manytimes , but one client can't connect , the server asks for password, despite it has the public key copied
[11:57] <nijaba> ghaleb: so you have other clients that can connect using the same key to the same server but not this one?
[11:57] <ghaleb> exactly
[11:58] <nijaba> ghaleb: and all client should be identical, or are there some differences?
[11:58] <Kamping_Kaiser> all clients using the same key? o_0
[11:58] <ghaleb> no, I generated keys using ssh-keygen
[11:58] <ghaleb> copied the public key to authorized_keys2
[11:58] <ghaleb> and connect using private
[11:58] <ghaleb> I made that on three clients, but one of them doesn't work
[11:59] <Kamping_Kaiser> did you use ssh-copy-id?
[11:59] <nijaba> ghaleb: I really like ssh-copy-id to avoid mistakes
[11:59] <nijaba> Kamping_Kaiser: :)
[11:59] <ghaleb> no, cat xyz.pub > /home/.ssh/authorized_keys2
[11:59] <ghaleb> actually >> not >
[11:59]  * Kamping_Kaiser slaps ghaleb about a bit
[11:59] <Kamping_Kaiser> nijaba, :)
[12:00] <ghaleb> this is what i did
[12:01] <ghaleb> http://www.csua.berkeley.edu/~ranga/notes/ssh_nopass.html
[12:03] <Kamping_Kaiser> not loading for me *g*
[12:05] <ghaleb> okay, then there is no way to ask a server for sth unless I create keys
[12:05] <ghaleb> hhmm
[12:09] <nijaba> ghaleb: can't load the page either
[12:09] <ghaleb> http://linuxproblem.org/art_9.html
[12:09] <ghaleb> another one, but the same issue
[12:10] <Kamping_Kaiser> this might be harsh of me, but something that has "automize" isnt something i take seriously.
[12:10] <ghaleb> okay
[12:10] <ghaleb> what do u suggest
[12:11] <Kamping_Kaiser> ghaleb, those are kind of old instructions - i belive even upstream openssh ship ssh-copy-id these days.
[12:11] <Kamping_Kaiser> ghaleb, follow the SSHowto nijaba sugested. you'll have keys, you just need to look at the copying bit. https://help.ubuntu.com/community/SSHHowto#Public%20key%20authentication
[12:11] <Kamping_Kaiser> waho.
[12:12] <Kamping_Kaiser> the new wiki doesnt have crappy links!
[12:12] <Kamping_Kaiser> it does have a fail login system though, so i guess it balances out
[12:12] <ghaleb> so, u mean, the problem in the ssh server , right ?
[12:13] <Kamping_Kaiser> i suspect doing everything manually you've made a mistake of some sort. i'm suggesting ssh-copy-id (or whatever) might fix it up
[12:13] <ghaleb> okay, thank you, I will try it out
[12:14] <Kamping_Kaiser> gl
[12:15] <ghaleb> what is that q option, silence ssh-keygen means ?
[12:39] <ghaleb> Kamping_Kaiser: it's not working :(
[13:16] <AnRkey> can i use ufw 0.22 on hardy?
[13:18] <soren> I belive it depends on a more recent iptables than hardy provides, so I'm guessing no.
[13:21] <Kamping_Kaiser> i guers you could backport both
[13:50] <didrocks> AnRkey: I am curently backporting it
[13:51] <didrocks> (with iptables)
[14:18] <finalbeta_> Hello, I have an Ubuntu server running with MySQL. The data in the MySQL database is the only thing that changes on the server. I need to backup this server. I need minimal down time. I was thinking to use dd to clone the full disk to a second drive in the server (can I do this while the server is running). And to backup the MySQL database seperatly at scheduled intervals. When the disk fails, I should be able to just boot from disk 2 
[14:18] <AnRkey> didrocks, will it have port forwarding?
[14:19] <finalbeta_> I'm new at this, does this sound good to you? Any suggestions?
[14:19] <AnRkey> didrocks, i have test box's here if you want me to make it work a bit
[14:19] <AnRkey> i found the debs but they need iptables 1.4
[14:19] <incorrect> I was wondering what the best mail/group ware type system was these days?  or is there even one that ubuntu promotes use of?
[14:19] <AnRkey> will it lose anything in the backport?
[14:20] <AnRkey> since it wont have 1.4
[14:25] <Kamping_Kaiser> finalbeta_, rsync > dd i expect
[14:26] <jdstrand> finalbeta_: if you want no downtime, use replication to a slave server, then backup the slave
[14:26] <Kamping_Kaiser> finalbeta_, it comes down to 'how bad is downtime'
[14:26] <Kamping_Kaiser> as to what you use to avoid it
[14:26] <Kamping_Kaiser> incorrect, groupware in what way?
[14:27] <finalbeta_> Kamping_Kaiser, I don't understand the rsync, doesn't seem to help me in this case. Wont backup the mysql or give me a booting disk.
[14:27] <incorrect> Kamping_Kaiser, like zimbra
[14:27] <finalbeta_> jdstrand, Kamping_Kaiser, downtime o a couple of hours max is not that much of a problem. the shorter the better, but I can compromise
[14:28] <finalbeta_> I have a single server running a sort of web server with mysql backend. Only the MySQL changes. I need to be able to recover when the disk fails.
[14:30] <finalbeta_> so I was thinking dd the disk every few months at maintainances. and backup the database to a remote server every night. allowing me to put in the disk when the server fails, and just restore the database.
[14:32] <finalbeta_> rsync wont be able to correctly backup the mysql, unless I shut down the database. (which is an option at night). but it wont leave me with a bootable disk.
[14:35] <Kamping_Kaiser> i doubt dd will give you a bootable disk either tbh
[14:36]  * Kamping_Kaiser splits
[14:38] <spiekey> in my syslog i get iptables infos like: (...) kernel: IN= OUT=eth0 (...)  --> why is the Input information empty?
[14:38] <spiekey> does it come from nowhere? :P
[14:40] <soren> Originating interface is unknown in the OUTPUT chain.
[14:41] <finalbeta_> Kamping_Kaiser, for what I read, it does, that's the whole point of it. But I'll run that this evening.
[14:53] <Adri2000> does anyone know why vsftpd didn't get updated to the 2.0.7 upstream version?
[15:54] <spiekey> hey...i need some help using ftp proxy on a command line:
[15:54] <spiekey> http://pastebin.com/m77548bf0
[15:54] <spiekey> i do not unserstand why i dont get any traffic on port 2121 on my firewall
[16:11] <snitko> hi, what could be the reason for a service not to start at boot time, when it starts just fine manually with 'service name start' and has all appropriate symlinks in rcN.d dirs?
[16:23] <nomoa> hi, anyone can explain to me what is causing /proc permissions restrictions like this : http://pastebin.com/m14b89bf4 ?
[16:27] <soren> nomoa: What is the problem?
[16:27] <nomoa> normal user cannot see others process
[16:28] <jdstrand> ScottK: re clamav/apparmor> ok
[16:28] <nomoa> I've never seen that before
[16:29] <ScottK> jdstrand: Thanks.  So far it's quiet, I just don't want upstream bugs to get blamed on the profile.  I just finished the libclamav5 transition last night.
[16:29] <jdstrand> ScottK: sounds great :)
[16:30] <ScottK> Hurray.  hppa down under 300 builds waiting ...
[16:34] <nomoa> the main problem is for stuff like zabbix-agent which need to access /proc/PIDs for monitoring process information, I have to hack its user to uid:0, I really can't understand how I can disable such security feature... uid 0 for zabbix user is really risky work-around :(
[16:42] <kees> nomoa: most things in /proc/$pid is world-readable.  what are you trying to access that you can't?
[16:42] <jdstrand> umm, my kernels don't do that. that sounds like openwall's restricted /proc patch
[16:43] <jdstrand> nomoa: ^
[16:43] <nomoa> kees, I can't: dr-x------ 6 root root 0 2008-09-05 17:51 /proc/1
[16:43] <nomoa> jdstrand, hum?
[16:43] <Lifer> Hi. Has anyone performed an "apt-get upgrade" with today's upgrades?
[16:44] <kees> nomoa: yeah, you're not running a standard kernel.
[16:44] <jdstrand> (I checked hardy -generic and -server, and intrepid -generic)
[16:44] <kees> $ ls /proc/1 -lda
[16:44] <kees> dr-xr-xr-x 7 root root 0 2008-09-10 16:44 /proc/1/
[16:44] <nomoa> kees, I would like the same :)
[16:44] <jdstrand> nomoa: 'uname -a'
[16:45] <nomoa> Linux ________ 2.6.24.5-grsec-xxxx-grs-ipv4-64 #3 SMP Tue May 27 19:09:58 CEST 2008 x86_64 GNU/Linux
[16:45] <ivoks> oh lol
[16:45] <jdstrand> well, there you go ;)
[16:45] <Lifer> Hello. Can I get help here with an unbuntu V71.0 server problem?
[16:46] <ivoks> Lifer: if that's v7.10, then yes, v71.0 is scheduled for ~ 60 years
[16:47] <ScottK> Lifer: Possibly.  Describing the actual problem increases your odds.
[16:47] <jdstrand> jdstrand: your grsec kernel will almost certainly carry the restricted /proc patch
[16:48] <jdstrand> heh
[16:48] <jdstrand> nomoa: ^
[16:48] <jdstrand> nomoa: if it's your own kernel, check the docs and see if there is a sysctl setting or recompile it without restricted /proc
[16:48] <nomoa> jdstrand, thank you to point me to this grsec stuff... I'll look at there
[16:49] <nomoa> jdstrand, nope it was installed by our provider
[16:49] <nomoa> jdstrand, annoying parano stuff
[16:49] <ivoks> grsec is actually great, imho
[16:50] <Lifer> ScottK:ivoks: I installed ircd-hybrid: "apt-get install icrd-hybrid", then did and upgrade and update: "apt-get upgrade", "apt-get update". Now cygwin does not connect via xwin from my Windows box to the unbuntu server.
[16:50]  * ScottK isn't the right guy to help with IRC stuff.
[16:50] <nomoa> ivoks, it breaks many things, not so linux philosophy IMHO
[16:50] <jdstrand> it is in certain situations, but it is interesting that in this instance, a user may end up with less security because of working around restricted /proc (eg, running zabbix as root)
[16:50] <ivoks> nomoa: it does break things; already broken things :)
[16:51] <ivoks> Lifer: i doubt it's realted to ubuntu
[16:51] <nomoa> ivoks, not sure : look at zabbix, is it broken to monitor stuff? :)
[16:52] <Lifer> ivoks: I installed ircd-hybrid: "apt-get install icrd-hybrid", then did and upgrade and update: "apt-get upgrade", "apt-get update". Now cygwin does not connect via xwin from my Windows box to the unbuntu server.
[16:52] <Lifer> ScottK: Not irc prob, but upgrades prob, IMHO
[16:52] <ivoks> nomoa: i've never looked at zabbix, but i can tell for sure that zenos is totally broken
[16:53] <ivoks> Lifer: did it upgrade anything?
[16:53] <Lifer> Yes. Is there a log I can inspect?
[16:53] <ivoks>  /var/log/dpkg.log
[16:53] <Lifer> ivoks: Yes. Is there a log I can inspect?
[16:54] <ivoks> er.. zenoss, not zenos
[16:56] <Lifer> ivoks: upgraded: postfix, triggeres-pending, libc6
[16:57] <ivoks> so, nothing relevant for network
[16:57] <ivoks> i'd bet on windows firewall...
[17:05] <Lifer> ivoks: no change to windows.  Cygwin/Xwin works with other unbuntu server.  Other Client Cygwin/Xwin does not work, also.
[17:06] <ivoks> Lifer: it's ubuntu
[17:06] <ivoks> not unbuntu
[17:07] <ivoks> try 'telnet your_ubuntu_server 6000'
[17:08] <ivoks> and see it that works; if you can connect, than everything is ok, if you can't connect then x11 service is not started on ubuntu server
[17:08] <Lifer> ivoks: I removed ircd-hypbrid, rebooted server. XWin now works
[17:08] <ivoks> which brings us to question 'how come we talk about GUI on server channel?'
[17:08] <ivoks> right, reboot usually starts all services :)
[17:09] <Lifer> ivoks: It didn't work when I rebooted with ircd-hybrid installed
[17:09] <ivoks> maybe you've configured ircd to listen on port 6000?
[17:10] <Lifer> hmmm
[17:11] <ivoks> it should listen at 6665, 6666, 6667, 6668 and 6669
[17:11] <Lifer> ivoks: I configured nothing wrt ircd-hybrid. Does that use the same ports as Xwin? I thought IRC used 6667
[17:12] <Lifer> ivoks: BTW, IRC did not work wither
[17:12] <Lifer> *either
[17:12] <ivoks> Lifer: well, i don't know
[17:13] <Lifer> ivoks: is there a file that lists who is using which ports?
[17:14] <ivoks>  /etc/services
[17:15] <Lifer> ivoks: I'll reinstall ircd-hybrid and see which ports it tries to use. be back in a bit.
[17:16] <ivoks> i've told you which it uses
[17:17] <Lifer> ivoks: It should also work. But it got that wrong, too.
[17:20] <spiritssight> how much different is the server verison over the desktop
[17:20] <Lifer> ivoks: The install sequence was different this time (post upgrade).
[17:25] <Lifer> ivoks: is /etc/services the ports that this installation is using, or a list of recommend/supported ports?
[17:26] <ivoks> too many questions and i don't have time
[17:34] <nomoa> is there a way to know kernel config options without the .config nor /proc/config.gz file...? (desperate)
[17:41] <jmedina> nomoa: what is the problem with those files?
[17:43] <nomoa> jmedina, I need to know the value of a kernel config parameter, but the guy how installed the system did not leave the config files
[17:44] <jmedina> nomoa: which parameter?
[17:44] <jmedina> maybe someone here know how to check it
[17:44] <nomoa> jmedina, CONFIG_GRKERNSEC_PROC_GID
[17:45] <jmedina> isnt there any grsec specific option to check that?
[17:46] <nomoa> all grsec config is done inside the kernel, but ovh (our provider) do not give the .config
[17:46] <nomoa> so I don't know what is the right group to put zabbix in in order to have access to /proc
[17:48] <jmedina> nomoa: dont you have any other app integrated with grsec? maybe you can compare it
[17:49]  * jmedina loves that kind ob obscurity, I mean security....
[17:50] <nomoa> jmedina, it's a unmodified ubuntu 8.04 server with the only exception of this grsecurity kernel
[17:50] <jmedina> nomoa: did you ask at ##grsecurity?
[17:50] <jmedina> bu, emty channel
[17:50] <nomoa> that was my intention :)
[17:50] <nomoa> arf
[17:51] <nomoa> I will try #give-me-rope-chair-paper-pen then :)
[17:52] <nomoa> I give up, thank you all
[18:50] <leonel> is  AMD  recomended for  ubuntu server ?? i've only used  intel  so   there's a new server comming and I'm thinking for an AMD dual core ..
[18:53] <sdh> runs fine on my amd x2 6000+
[18:55] <uvirtbot`> New bug: #269085 in apache2 (main) "apache2ctl refers to APACHE2_RUN_USER instead of APACHE_RUN_USER" [Undecided,New] https://launchpad.net/bugs/269085
[18:57] <jmedina> same here, with about 50 virtual machines running in amd servers since 3 years with xen
[19:22] <Goosemoose> when writing a preseed file: d-i preseed/late_command string wget http://10.0.2.131/post_install_tasks && chmod +x ./post_install_tasks && ./post_install_tasks returns 'failed with exit code 127'. but if i run it on the machine after install it works fine
[19:22] <Goosemoose> any idea why?
[20:06] <Smelne> i have aproblem with pure-ftpd none of my users can login
[20:09] <jmedina> Smelne: what kind of users?
[20:09] <jmedina> local? virtual?
[20:16] <Smelne> I'm sorry, i was afk for a bit. They are virtual users, and all of them recieve a 530 authentication failure
[20:16] <jmedina> Smelne: what do the logs says?
[20:18] <Smelne> It says "[INFO] New connection from 192.168.0.241, [INFO] PAM_RHOST enabled. Getting the peer address, [WARNING] Authentication failed for user [sfmbeheer], [INFO] Logout."
[20:19] <Smelne> The joke is that no passwords have been changed, no users removed or anyhing. We've had to restart the server yesterday after a kernel update, and this is hwat we were met with after the server came back up
[20:21] <jmedina> that is no a pure-ftpd message
[20:21] <Smelne> I've got it straight from PureAdmin, so i'm fairly sure that it is
[20:21] <jmedina> Smelne: can you show a user with purepw?
[20:22] <jmedina> that is a pam message, are you sure you are still using virtual users?
[20:23] <jmedina> can you show the output from ps aux | grep pure-ftpd
[20:23] <jmedina> ?
[20:23] <Smelne> Hmmm.... Just a sec...
[20:23] <Smelne> Unable to open the password file, what the....
[20:24] <jmedina> something in the config files changed?
[20:24] <Smelne> Not that i know of. We've just rebooted the server.
[20:28] <Smelne> smelnefm@ariadne:~$ ps aux | grep pure-ftpd
[20:28] <Smelne> root     11320  0.0  0.0   4840   636 ?        Ss   21:27   0:00 pure-ftpd (SERVER)
[20:28] <Smelne> smelnefm 11412  0.0  0.0   2884   760 pts/2    R+   21:28   0:00 grep pure-ftpd
[20:29] <jmedina> hat about your options?
[20:30] <emgent> kirkland: ping
[20:30] <Smelne> jmedina, which ones?
[20:30] <jmedina> your pure-ftpd config files
[20:30] <jmedina> the ones that set the autentication
[20:31] <jmedina>  /etc/pure-ftpd/auth/
[20:32] <jmedina> ls -l /etc/pure-ftpd/auth/
[20:32] <kirkland> emgent: pong!
[20:32] <kirkland> emgent: sorry dude, got your ping while i was sleeping, and forgot ;-)
[20:32] <emgent> heya kirkland can i query you little bit ? :)
[20:32] <Smelne> jmedina, Well, what do you need to know about the config files?
[20:33] <jmedina> Smelne: the order of the files
[20:33] <jmedina> ls -l /etc/pure-ftpd/auth/
[20:33] <jmedina> that one
[20:33] <kirkland> emgent: sure
[20:33] <jmedina> I do Have
[20:33] <jmedina> $ ls -l /etc/pure-ftpd/auth/
[20:33] <jmedina> total 0
[20:33] <jmedina> lrwxrwxrwx 1 root root 26 2007-07-30 17:43 45puredb -> /etc/pure-ftpd/conf/PureDB
[20:33] <jmedina> lrwxrwxrwx 1 root root 26 2007-07-30 17:22 65unix -> ../conf/UnixAuthentication
[20:33] <jmedina> lrwxrwxrwx 1 root root 25 2007-07-30 17:22 70pam -> ../conf/PAMAuthentication
[20:33] <jmedina> sorry for the flood
[20:33] <Smelne> 65unix, 70pam
[20:33] <jmedina> :(
[20:34] <Smelne> I habve no puredb there though
[20:34] <jmedina> where are you storing your virutal users?
[20:35] <Smelne> a locate revealed that on this system, puredb is located in
[20:35] <jmedina> because with taht configs, says taht you are using unix auth by default
[20:35] <Smelne> in /etc/pure-ftpd/conf/PureDB i mean
[20:36] <jmedina> yeap, they are symlinks, look at my example
[20:36] <Smelne> That's what io thought. So why it's spitting out PAM messages is beyond me
[20:36] <jmedina> if you want to enable puredb virtual users you need to add a symlink in auth directory with a lower number, like mine (45)
[20:37] <Smelne> But that still doesn't explain why it used to work
[20:38] <jmedina> nop, Im not trying to explain that, just wanted to check if you really was using puredb virtual users
[20:41] <Smelne> Trying with the symlink now. Fingers crossed
[20:42] <nxvl> soren: http://paste.ubuntu.com/45897/
[20:42] <nxvl> soren: why is ubuntu-vm-builder don't letting me use "intrepid" as hostname saying is not a valid vm?
[20:44] <Smelne> jmedina, Ha! Now it won't connect at all!
[20:44]  * Smelne laughs hysterically
[20:45] <jmedina> jeje
[20:45] <jmedina> Smelne: first, could you see your virtual users?
[20:49] <Smelne> I just noticed a strange discrepancy. pure-pw is looking for pureftpd.passwd in /etc/pure-ftpd, but that file is located in /etc
[20:50] <jmedina> my 45auth file points to /etc/pure-ftpd/pureftpd.pdb
[20:50] <Smelne> Got it, finally got the user infpo
[20:50] <jmedina> Smelne: try -f  option with pure-pw
[20:51] <Smelne> I have, that gave me the user info
[20:53] <fozilla> I "successfully" installed jailkit, but ssh session closes immediately after logging on. auth.log show 1) accepted password, 2) session opened, 3) entering jail and 4) session closed... all within a second. Any ideas why I can'r keep a session open?
[20:55] <Smelne> jmedina, ever since i made the symlink, all connections are refused to the FTP server.
[20:58] <Smelne> jmedina, are you still there?
[20:58] <jmedina> yeap
[21:01] <w8tah> gettin an error when i boot up -- eth0: ERROR while getting interface flags: No such device - -where to start _ the device is there
[21:02] <Smelne> jmedina, I've removed the symlink, and instead of flatout resetting the connection, it again fails to authenticate. Call me crazy, but it looks like progress to me.
[21:02] <jmedina> Smelne: did you restart pure-ftpd?
[21:03] <fozilla> w8tah, what does dmesg say about the device?
[21:03] <Smelne> jmedina, Several times. I'll try to re-create the symlink
[21:03] <jmedina> stop it, check that there is no pure-ftp remaining, and then start it again, somethings it does not dies
[21:03] <jmedina> it happened to me
[21:03] <w8tah> fozilla: looking
[21:03] <Smelne> The system monitor shows that it's not running, and so does top, and pidof
[21:05] <jarlo> Newbie to IRC channel: I'm unable to update server -Errors were encountered while processing:
[21:05] <jarlo>  /var/cache/apt/archives/mysql-server-5.0_5.0.51a-3ubuntu5.3_i386.deb
[21:05] <jarlo> any advice?
[21:09] <jmedina> jarlo: is that all?
[21:10] <jmedina> jarlo: do you have free space?
[21:10] <w8tah> fozilla: i see the drivers for both nicks initializing, and a rather cryptic message about udev changing the name of eth0 to eth3
[21:10] <w8tah> thats it
[21:10] <w8tah> fozilla: in addition -- lspci shows both nicks
[21:11] <NCommander> jarlo, what error came up before that?
[21:11] <Smelne> jmedina, thanks for your help, i think we'll just have to go with another FTP server to replace pure-ftpd. Any suggestions?
[21:11] <jmedina> Smelne: I dont recomend other than pure-ftpd
[21:12] <jmedina> smelne, could you try to run pure-ftpd manually?
[21:12] <Smelne> Maybe, but pure-ftpd just don't seem to want to play nice anymore
[21:12] <jmedina> not with the debian/ubuntu scripts (pure-ftp-wrapper)
[21:14] <Smelne> jmedina, If i run pure-ftpd manually, i get a permission denied. Running it as root (*shudder*), gives no feedback
[21:14] <jarlo> yes plenty of space
[21:14] <jmedina> Smelne: wait, did you tell it to use pure-ftpd?
[21:14] <jmedina> pure-db
[21:15] <fozilla> w8tah: not sure how that happened, but a few posts seem have similar issues... they solved it by editing the persistent net rules in /etc/udev/rules.d
[21:15] <jarlo> previous error
[21:15] <jarlo> Preparing to replace mysql-server-5.0 5.0.51a-3ubuntu5 (using .../mysql-server-5.0_5.0.51a-3ubuntu5.3_i386.deb) ...
[21:15] <jarlo>  * Stopping MySQL database server mysqld                                 [fail]
[21:15] <jarlo> invoke-rc.d: initscript mysql, action "stop" failed.
[21:15] <w8tah> fozilla: ok - thanks
[21:15] <fozilla> w8tah: did you change any hardware recently?
[21:15] <Smelne> jmedina, We've been using pureadmin from day one, i have no idea what the command line should look like
[21:15] <w8tah> yes sort of - -i moved the hdd adn memory to an identical chassis after the previous one had a mobo issue
[21:17] <jmedina> try something like
[21:17] <jmedina>  /usr/sbin/pure-ftpd -l puredb:/etc/pure-ftpd/pureftpd.pdb
[21:17] <jmedina> never used pureadmin
[21:20] <Smelne> jmedina, someone should tell you everyday that he or she loves you. I'm in!
[21:20] <MattJ> Hi all
[21:20] <jmedina> Smelne: I prefer a beer
[21:20] <jmedina> :P
[21:21] <MattJ> Did I completely imagine that there was a metapackage for a lamp server?
[21:21] <jmedina> Smelne: so , is it working?
[21:21] <Smelne> Then consider yourself loved by a keg of beer ;-)
[21:21] <Smelne> yes
[21:21] <Smelne> Now... Time to put that command in a script for easy starting.
[21:22] <jmedina> Smelne:  please, run this
[21:22] <jmedina> stop pure-ftpd manually, double check that there is no pure-ftpd process running
[21:22] <jmedina> and then
[21:22] <jmedina> bash -x /etc/init.d/pure-ftpd start
[21:22] <jmedina> and give me the last line, the one whose launches /usr/sbin/pure-ftpd bla bla bla bla
[21:22] <jarlo> Also should probably include the final two errors. Which suggests the process could not remove the older mysql version. I'm new to linux server admin so struggling a bit. Any help would be great. dpkg - trying script from the new package instead ...
[21:22] <jarlo>  * Stopping MySQL database server mysqld                                 [fail]
[21:22] <jarlo> invoke-rc.d: initscript mysql, action "stop" failed.
[21:22] <jarlo>  subprocess new pre-removal script returned error exit status 1
[21:23] <jarlo>  * Stopping MySQL database server mysqld                                 [fail]
[21:23] <jarlo> invoke-rc.d: initscript mysql, action "stop" failed.
[21:24] <jmedina> Smelne: that is to check how is invoked by the script maybe something is wrong with the configs
[21:24] <Smelne> jmedina, I guess i'll have to edit that init.d script
[21:24] <Smelne> It says "/usr/sbin/pure-ftpd-wrapper: Invalid configuration file /etc/pure-ftpd/conf/PureDB: "/etc/pure-ftpd/pureftpd.pdb": No such file"
[21:25] <jmedina> mmm
[21:25] <jmedina> where is your pureftpd.pdb file located at?
[21:25] <danielm_mc> holas
[21:25] <jmedina> Smelne: mine is: Running: /usr/sbin/pure-ftpd -l puredb:/etc/pure-ftpd/pureftpd.pdb -u 1000 -E -A -j -O clf:/var/log/pure-ftpd/transfer.log -C 2 -H -I 4 -B
[21:26] <Smelne> Mine is in /etc
[21:28] <jmedina> Smelne: only change your /etc/pure-ftpd/conf/PureDB file
[21:28] <jmedina> change the path to the file
[21:29] <Smelne> Right-o
[21:29] <jmedina> and start again with the script and bash -s
[21:29] <jmedina> bash -x
[21:30] <Smelne> tHIS TIME, THAT DOES NOT THROW ANY ERRORS
[21:30] <Smelne> wOOPS
[21:30] <Smelne> Argh!
[21:31] <jmedina> what?
[21:31] <jmedina> is it working?
[21:32] <Smelne> LOL, sorry, i was attacked by a killer caps lock key. Yes, it's working. I have started the daemon from pureadmin again, and it's running, and logins are working again
[21:33] <w8tah> fozilla: can you point me to one of the entries about udev changing the interface name - im not sure how to edit those rules -- but its driving me NUTS
[21:33] <jmedina> Smelne: Im not sure, but I think pureadmin is the one who created the puredb file in /etc
[21:34] <jmedina> because afaik, pure-pw creates it in /etc/pure-ftpd/
[21:34] <fozilla> w8tah: let me bring up my rules
[21:34] <Smelne> Well, at any rate, you have helped getting it running again. Consider yourself treated to two kegs of beer! :-))))
[21:34] <w8tah> thank you
[21:35] <Smelne> jmedina, i hope we'll meet IRL one day, so i can really give you that beer. But for now i will have to say goodnight
[21:35] <jmedina> IRL?
[21:35] <jmedina> what is that?
[21:35] <Smelne> In real Life
[21:36] <Smelne> :-)
[21:36] <jmedina> ohh, when you come to mexico city, call me :P
[21:36] <danielm_mc> hey can you use iptables w/ dns ?
[21:36] <Smelne> :-))
[21:36] <fozilla> w8tah: do you have your eth1 (or whatever you don't want) entry?
[21:36] <w8tah> yes - -one moment please
[21:37] <jmedina> danielm_mc: yes, but I wont trust it
[21:37] <danielm_mc> what if you want to block a host by ddns ?
[21:38] <fozilla> w8tah: basically change that to eth0, and your second card to eth1... if that's appropriate, making sure the mac is correct for each entry
[21:38] <w8tah> ok - let me post my rules file real quick for u
[21:39] <w8tah> http://pastebin.ca/1200404
[21:40] <jmedina> danielm_mc: dns names can trivially be faked by an atacker
[21:41] <danielm_mc> yah true
[21:42] <jmedina> and I'm not sure if iptables/netfilter cache the names un utils iptables reload or something
[21:42] <jmedina> I would better use public keys authenticacion...
[21:42] <w8tah> fozilla: i see a prob - the mac is diff - should i change it to match the one being reported? -- ahh - -its different motherboard - -so hence diff mac
[21:42] <w8tah> the light is dawning
[21:45] <fozilla> w8tah: find which mac addresses are correct using ifconfig -a, then comment out the other two using #... If the last two are correct, then change eth2 to eth0 and eth3 to eth1
[21:45] <fozilla> w8tah: yeah, you got it
[21:45] <w8tah> ok - thanks
[21:52] <Goosemoose> i have one screen that pops up when doing preseed pxe install that says the 'selected device already contains logical volumes'. I thought that this would take care of it, but it doesn't: d-i partman-auto/purge_lvm_from_device boolean true
[21:53] <Goosemoose> any idea on what im missing?
[22:10] <slangasek> dendrobates: ping
[22:10] <dendrobates> slangasek: sup
[22:12] <slangasek> dendrobates: hi, I didn't get a response from coffeedude to my pings on bug #262264 and he doesn't seem to be around now; do you have a notion of what the "right" fix for this is?
[22:12] <uvirtbot`> Launchpad bug 262264 in likewise-open "Fails to join a domain: Unknown pam configuration" [Critical,In progress] https://launchpad.net/bugs/262264
[22:13] <slangasek> i.e., should likewise-open integrate itself completely with pam-auth-update, meaning that the PAM config is changed as soon as the package is installed, or should it just be updated to handle prepending itself to the new config layout?
[22:13] <slangasek> (I have a preference for the former, of course; we could probably even make it possible to toggle the config via likewise-open using debconf-communicate...0
[22:13] <slangasek> )
[22:14] <dendrobates> slangasek: I agree, have you looked at the patch Jerry provided?  I have not yet.
[22:15] <slangasek> dendrobates: the one Jerry did, or the one Thierry did?  Jerry's patch seems to be to only update the pattern matching and continue twiddling by hand
[22:16] <dendrobates> slangasek: ah, I had hoped he would use pam-auth-update.
[22:16] <dendrobates> slangasek: jerry made the change and Koon made a diff between the two versions.
[22:17] <slangasek> ok; I think I'll test out Jerry's patch and make sure things get added in the right place with that option
[22:18] <dendrobates> slangasek:  Do you want me to ask Jerry to use pam-auth-update?  We seem short of time.
[22:18] <slangasek> if not, I'll dive into a pam-auth-update solution
[22:18] <dendrobates> slangasek: Koon can help, if necessary.
[22:18] <slangasek> I imagine that at this point, it would be faster for me to do a pam-auth-update fix since I've fully internalized the semantics of that tool and I don't think anyone else has yet :/
[22:19] <dendrobates> slangasek: true, but we have to learn it sometime.  :)
[22:20] <NCommander> hey slangasek, I took a look at NM for you
[22:23] <NCommander> slangasek, its cleanly written so adding the code to add search domains w/ DHCP should be straightforward enough
[22:24] <slangasek> NCommander: does that mean you're writing and submitting a patch? :)
[22:24] <NCommander> slangasek, sometime this weekend, I have a life tonight and tommorow
[22:24] <NCommander> slangasek, you will of course sponsor the upload into Ubuntu as it works its way through the NM SVN :-)
[22:25] <slangasek> well, no, I'll let asac handle that actually
[22:26] <hads> hadley Rich
[22:26] <hads> Excuse me.
[22:27]  * NCommander found a rather stupid bug with a backport
[22:27] <NCommander>   pbuilder-satisfydepends-dummy: Depends: etl-dev (>= 0.04.11) but it is not installable
[22:27] <NCommander> BAH, dpkg sees 0.04.11~hardy1 lower than  0.04.11
[23:39] <Quark_> Is this the right place for help with IRCD-Hybrid server installation?
[23:46] <slangasek> Quark_: in practice, probably not
[23:46] <Baryon> Hi. Can anyone help with a connectivity issue with a newly installed ircd-hybrid IRC server?
[23:50] <Quark_> The server is working like a champ (V7.10), but I cannot connect to the ircd-hybrid server I installed today.