[02:39] will intrepid server use kernel 2.6.27-something? [02:40] Yah [02:40] schweet. i hear the ntfs-nfs problem is no more in that kernel. [02:41] i'm using the nfs-user-server package instead of the kernel-server package. i'd much rather have nfs run in kernel-space instead of user-space. [02:42] and i can just do an aptitude safe-upgrade on oct 30th and get intrepid? [02:43] You should use do-release-upgrade [02:43] i've never used that one [02:46] can i do that right now and get the beta? [02:47] Should be able to, might need a flag [02:48] like -d [02:48] Probably [02:48] well on my server i'd rather wait. i'd really like the new kernel, but i'd much prefer stability. [02:53] the -m switch for mode - server or desktop. is the mode assumed based on the current running system i hope? [03:20] can anyone help me with getting iptables to accept incoming connections on port 80 and forward these connections to an internal ip [03:55] with vm-builder, i'm supposed to have an Ubuntu intrepid installed first before running the script, aren't i? [04:52] tr-33: iptables -t nat -A PREROUTING -p tcp -d --dport 80 -j DNAT --to : [08:01] hi all, how can I disable simple bind in openldap ? [08:47] moin [08:58] hi everyone, question about mysql master/slave setup: the logrotate script on the slave fails as debian-sys-maint differs per host. How do I handle this? Just copy the debian.cnf to every host? or create a different maint user for each host? [09:02] RockHound: you could replicate each maint user on the master. [09:03] RockHound: so that every slave has all of the debian-sys-maint. [09:03] RockHound: hm - it may not actually work now that I think of it, [09:03] ;-) [09:03] RockHound: Your only option is probably to use the same debian-sys-maint on every host. [09:04] or create different users for each ost [09:04] *host [09:05] RockHound: right - but then you'd have to modify the debian.cnf anyway [09:05] true [09:07] okay will just go ahead and run with the same debian.cnf ... [09:07] RockHound: seems like the easiest way to do it [09:08] hi all, how can I disable simple bind in openldap ? [09:09] scuser: check the slapd admin manual on slapd.org ... big section about security .. don't know it from the top of my head [09:12] RockHound: I can't find slapd.org [09:12] http://www.openldap.org/doc/admin24/ [09:12] sorry [09:12] section 13.3 [09:42] erichammond1: hi - have you been able to boot an ec2 guest built with vmbuilder? === mdz_ is now known as mdz === _ruben_ is now known as _ruben === xelpud is now known as fduplex [10:30] hi all, any help with that error "unwilling to perform simple authentication" ? [10:40] hi all, how to configure an ldap client not to do simple authentication ? === Deeps_ is now known as Deeps [12:29] is there a ubuntu-server XEN iso out there? [12:30] or is it a case of installing xenified drivers after iv virtualized it? [12:31] I think the latest python-vm-builder can create images usable by XEN [12:32] + it lets you configure a lot - you should have a look :) [12:35] oo [12:36] that looks exactly what im after :D (Y) [12:36] cheers yann2 [12:38] the clever one is in intrepid but you may find a backport :) [12:47] hi all, how to configure an ldap client not to do simple authentication ? [13:22] New bug: #286290 in postfix (main) "upgrade process hangs" [Undecided,Incomplete] https://launchpad.net/bugs/286290 [13:30] hi all, can anyone tell me what are the available SASL_MECH options ? [13:30] hi all, can anyone tell me what are the available SASL_MECH options in the ldap.conf file ? [13:52] A software package I am trying to install is requiring libstdc++-libc6.2-2.so.3, can I install the libstdc++-libc6.2-2 package from gutsy in hardy? [14:32] hi all, does anyone know how to force the client not to do simple authentication, which configuration file should I modify ? [14:33] scuser: can you elaborate, I don't understand [14:35] MuelleJ: I'm trying to login to a client which is configured to do simple authentication in order to login; the users are stored in an ldap database which is configured not to allow simple authentication so I want to disable simple authentication in order to have a successful login, got it ? [14:37] scuser: with what are you trying to login? [14:37] RockHound: the client is configured to login via kerberos [14:38] What is "the client"? [14:39] RockHound: a simple computer in the network, you can call it a terminal a PC or whatever [14:41] RockHound: any ideas [14:42] it is using kerberos to access a kerberos real which has LDAP as its backend? [14:42] or pam_ldap? [14:42] RockHound: exactly, no pam_ldap [14:43] but there must be a pam module somewhere?! [14:43] no specifically for ldap but for kerberos [14:43] RockHound: pam_krb5 is the one which I use [14:45] okay ... so the problem lies in the communication between kerberos and openldap? [14:46] RockHound: yes === lamont` is now known as lamont [14:50] RockHound: so could you help me with that or just give me guidance ? [14:54] scuser: I have not implemented such a setup myself but have you tried googling at all? [14:54] RockHound: for almost one week :D [14:55] what is the exact error that you are getting? [14:57] RockHound: the server logs reports "unwilling to perform simple authentication" error [15:00] http://www.semicomplete.com/articles/openldap-with-saslauthd/ maybe [15:01] but to answer your questions about SASL_MECHs: http://linuxcommand.org/man_pages/saslauthd8.html [15:02] and google really is your friend [15:10] RockHound: do you know about http://manpages.ubuntu.com/ ? Quite useful as well --> http://manpages.ubuntu.com/manpages/hardy/en/man8/saslauthd.html [15:12] nijaba: well thanks [15:12] RockHound: thanks to kirkland whom put it together :) [15:15] mathiaz, zul: I am proposing the merge of a couple additions to vmbuilder, could you please let me know what you think? -> https://code.launchpad.net/~nijaba/vmbuilder/libvirt-netopt/+merge/1355 [15:15] nijaba: suuuuuure :) [16:01] looks fine to me [16:02] Say, what's the server team recommending these days for system backup? [16:03] Right now I'm thinking we'd probably want to do daily differential backups to a USB-attached external hard drive, maybe a weekly full backup the same way, and then a monthly backup of the most critical components to DVD+RW. [16:03] tonyyarusso: backuppc or bacula [16:03] backuppc is simpler, bacula VERY complete [16:03] Does complete = complicated? :P [16:04] tonyyarusso: as well, unfortunately [16:04] * tonyyarusso looks at package descriptions [16:04] We could probably get away with something simple for now (one machine), but it might be a good idea to learn the more scalable option while we're at it I suppose. [16:05] tonyyarusso: I think it would be a sane investment, if you have a bit of time [16:05] In random other thoughts, samba should probably be a recommends instead of a depends for backuppc... [16:06] also odd that bacula is in main, yet lists MOTU as the maintainer. :P [16:06] tonnyarusso: mmh, that would not change much since with 8.10, recommends gets pulled by default as well, unless that's a policy comment, in which case I could not accurately comment [16:08] zul: see ^^, should we fix that? [16:08] tonyyarusso: yeah we should [16:08] i dont think its a big deal though [16:09] Okay, next question: Given recent changes to consumer data privacy law, I'd like to be able to keep the data in certain MySQL databases (but preferably not all of them) encrypted. Is there a way to do that, or would you have to do whole partitions for it to work? (I'm not familiar enough with how MySQL stores the data on disk.) [16:09] zul: No, not big. I'll drop a bug in though. [16:09] k [16:13] Huh - according to http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=389793 samba actually is needed. Probably a bug in itself, but that's beyond the scope of what I know. [16:13] Debian bug 389793 in backuppc "backuppc: Should not depdend on smbclient, samba-common | samba-tng-common" [Normal,Open] [16:21] I believe http://blog.i64.pl/PiosBlog/200609/01-secure-mysql-database/ answers the latter question. Nifty. [16:45] nxvl: congrats on your motu-sru nomination. I could use some movement on bug 179447 :) [16:45] Launchpad bug 179447 in tomcat5.5 "Installation of tomcat5.5 fails if sun-java-jdk is not installed" [Medium,Fix released] https://launchpad.net/bugs/179447 [16:52] nijaba: I'd add some checks for the net-virtio option as some distro don't support virtio at all (< hardy) [16:52] nijaba: I don't know however how easy that could be implemented. [16:52] Koon: just send me an e-mail to check it after work hours [16:52] :D [16:52] mathiaz: hmmm, no, network virtio is supported on hardy, not the bd part. [16:53] nijaba: dapper doesn't support network virtio [16:53] mathiaz: but I'll do some checking for older os, you are right [16:53] s/os/suite [16:55] dendrobates: I just installed a recent server daily into KVM using LVM and it doesn't boot. GRUB says "Error 15: file not found" [16:56] mdz: hmm, can you create a bug? kirkland can you reproduce it? [16:59] dendrobates: I just phoned cjwatson and he is looking into it [16:59] dendrobates: it looks like it is using GRUB and uuid when it shouldn't be [16:59] dendrobates: i'm downloading the server iso now [17:00] kirkland: I'm about to head onto a phone call but if you tell me which package, I'll get a bug filed when I get off [17:01] mdz: file against grub, assign to me, and i'll reclassify as per necessary [17:08] mathiaz: --net-virtio check added in the branch [17:13] nijaba: ok - looks good to me. I don't know if it's a good thing to merge it in trunk now. [17:13] mathiaz: how so? [17:13] nijaba: this is a new a feature - and we'll have to ask for a FFexception [17:13] mathiaz: gah, right :( [17:13] nijaba: there is a bunch of new code already - most of it is bug fix. [17:14] nijaba: the ec2 plugin is the only one that qualifies as a new feature. [17:14] nijaba: Do you happen to know if the version of dvd+rw-tools in Ubuntu has the patch needed for Bacula mentioned at the bottom of http://www.bacula.org/en/dev-manual/System_Requirements.html ? [17:14] nijaba: while I agree that this is useful, I don't think *now* is the best moment to merge it. [17:15] mathiaz: ok, np. maybe I'll add the check on libvirt / kvm only then [17:15] nijaba: yeah - that seems like a good check to have. [17:18] tonyyarusso: feisty and > have 7.0 or >, so I'd ask on some bacula chan/ml if they know if the patch has been integrated, is still needed [17:18] tonyyarusso: http://packages.ubuntu.com/search?keywords=dvd%2Brw-tools&searchon=names&suite=all§ion=all [17:19] okay, thanks [17:25] mathiaz: ok, rev 252 has it [17:43] mdz: dendrobates: i am able to reproduce the problem [17:43] mdz: dendrobates: looks like a bug somewhere in the new dm code, as the grub entry is set to root=/dev/dm-0 [17:43] mdz: dendrobates: which should not be the case [17:44] kirkland: please liaise with Colin about it, he's looking into it as well [17:44] mdz: -> #ubuntu-devel, okay [17:52] nijaba: Ah, here we go - "Note, some Linux distros such as Debian dvd+rw-tools-7.0-4 package already have the patch applied" [17:53] tonyyarusso: \o/ === iftel is now known as sme2k8 [18:17] nijaba mathiaz: lp:~zulcss/vmbuilder/vmbuilder-bugfixes [18:18] zul: great. Will look at it after dinner. Does it include the separate package for ec2? [18:20] nijaba: of course [18:20] * nijaba hugs zul [18:21] nijaba: tries to remember what he was doing ;) [19:25] I was wondering if anybody could help me decode my "df" output :) [19:25] which part of it? [19:25] the device names [19:26] c0d0p*, c0d1p*, c0d2p* [19:26] c0d0 conists of 2 physical drives [19:26] c0d1 and c0d2 both consist of 3 physical drives [19:27] it's a hardware raid setup [19:27] c0d1 and c0d2 both are one big partition [19:27] ah, ok [19:27] as far as i can tell [19:27] ok, that makes more sense [19:28] at a new job and I'm tryin to decipher stuff since according to my IT manager he knows nothing about it, it was setup by the guy they bought it from [19:28] heh [19:31] is there a term for the c0d2p1 stretching across 3 physical hard drives? [19:32] probably striping [19:32] in trying to research I've come across "physical partitions," "logical partitions", "physical volumes", "logical volumes" - and those are all just confusing me lol [19:32] oooh [19:32] rebooting the server and getting to the RAID controller software would probably tell me more, huh? [19:32] look up how RAID works first [19:33] you might not see much sense from the config you get without knowing RAID first [19:33] ok [19:34] I think that get me on the right path [19:34] thx for you help hylje :) [19:34] you're welcome [20:05] zul: bzr merge lp:~zulcss/vmbuilder/vmbuilder-bugfixes [20:05] Nothing to do. [20:06] zul: did you forget to push your changes? [20:06] yeah.... [20:06] lemme check [20:07] *sigh* [20:07] gimme a sec :) [20:07] np [20:09] how do you delete branches? [20:10] zul: mark them obsolete [20:10] zul: click on the yellow pen icon [20:11] err s/obsolete/abandoned [20:16] lp:~zulcss/vmbuilder/vmbuilder-ec2fix [20:22] zul: re: return '/boot/vmlinuz-2.6.27-7-server' [20:22] 29 [20:22] [20:22] 29 [20:22] [20:22] 30 [20:22] def xen_ramdisk_path(self): [20:22] 30 [20:22] def xen_ramdisk_path(self): [20:22] 31 [20:22] return '/boot/initrd.img-2.6.27-2-server' [20:22] 31 [20:22] return '/boot/initrd.img-2.6.27-7-server' [20:23] f*ck [20:23] zul: does this means we will need to update pvb at each kernel release? [20:23] yep [20:23] meh... [20:23] unless if I come up with a way to automatically detect it [20:23] * nijaba tought he selected only one line before pasting... [20:24] zul: mhh, let me think about that. /me not too please at the prospect of running after the latest kernel... [20:25] nijaba: what I was thinking was to grab all of the config-2.6.27-*-server files in /boot and look for HVC_XEN and return the latest one by data [20:25] date even [20:27] zul: the way versioning works, latest should be last in alphabetical order as well [20:27] true [20:29] zul: have time to give a shot at this, or do yo need offloading? [20:31] nijaba: can you look at it, I have to look at why Im doing something wrong here [20:31] zul: np [20:35] zul: regarding http://bazaar.launchpad.net/~zulcss/vmbuilder/vmbuilder-ec2fix/revision/254?start_revid=255, did you forget to add some python-vmbuilder-ec2.install file? [20:35] indeed, I guess I didnt do a bzr add [20:36] it just contains the ec2 python directory [20:36] ok, I'll add it. Thanks [20:45] I have installed php and mysql by themselves. Is there a difference between this and using the tasksel method? [20:45] would it be better to remove apache, php and mysql and install lamp using tasksel? [20:49] zul: I would suggest you to install https://pastebin.canonical.com/10376/ as ~/.vim/python [20:50] sandstrom: if it works, it means that you should have done it very close to what tasksel would do [20:50] nijaba: I think it's a bit rude to use a private pastebin on a public channel like this. [20:50] nijaba: so there is no point in doing it all over with tasksel? [20:51] ScottK: oh, sorry, I thought I used a public one [20:51] tasksel wont glue it all together in any specific way? [20:51] nijaba: No. The canonical one is closed. [20:52] ScottK: yes, but I thought I used the ubuntu one. So here it is: http://pastebin.ubuntu.com/60231/ [20:53] sandstrom: no, it just makes sure you have a sensible set of packages whose install has been tuned to glue it all together. So if you picked the same packages, you should be fine [20:54] I picked php5, mysql5 and thats it [20:54] (and apache2) [20:55] sandstrom: may need a few more to glue is all, so would advise to just run tasksel to complete [20:55] but I didn't go into build-details on which php module to include or what apach2 modules to include [20:55] thanks [21:36] New bug: #286614 in openldap (main) "slapd apparmor profile needs update for multiple databases" [Undecided,New] https://launchpad.net/bugs/286614 [21:41] New bug: #286616 in openldap (main) "slapd apparmor profile needs update for multiple databases" [Undecided,New] https://launchpad.net/bugs/286616 [22:07] is there an rss feed of Ubuntu updates? [22:07] similar to the debian feeds? [22:36] New bug: #286643 in bacula (universe) "bacula client configuration is broken out of the box" [Undecided,New] https://launchpad.net/bugs/286643 [23:03] nijaba: awesome - all of my test for python-vm-builder are working now! [23:10] mathiaz: yes, and rev 253 now merges zul's fixes [23:10] mathiaz: there are a couple new bugs for vmware, but I think we'll deal with that later. time for an upload [23:22] nijaba: right - I'll work on doing an upload tomorrow [23:22] nijaba: kvm+libvirt testing works for me now. [23:23] nijaba: I'll have to test the ec2 plugin tomorrow [23:23] nijaba: and then we get something uploaded. [23:23] libvirt, you demon bitch goddess. [23:23] oh, sorry. was that out loud? [23:27] Speaking of which, anyone want to explain the concept of KVM in oversimplified terms? (I used VMware Fusion briefly, but I still don't really understand the different types of virtualization and whatnot, and what host/guest pairings work in each, etc.) [23:27] I have a friend who'd like to have a Windows guest on his Ubuntu server for the sole purpose of running a distributed rendering application, so I'm starting to look into how that could be done with KVM and how it works. [23:29] zul: here is my experimental branch for xen https://code.launchpad.net/~nijaba/vmbuilder/xendiscoverkernel [23:29] kvm+special hardware+heady goodness [23:29] nijaba: coolio [23:31] hi [23:33] * nijaba -> bed [23:34] goodnight [23:34] I installed ubuntu desktop edition 8.04, but i'm using like server (mysql). I'm not sure, is it correct ? [23:34] Maybe i'm loosing to much performance. [23:36] i think, all peoples sleeping :) [23:36] good night guys. [23:48] [Solars], [23:49] what was the torrent thing u showed me