[00:12] I'm about to setup the firewall for my server. Do you recommend ufw or iptables? [00:15] Isn't ufw essentially just another frontend to iptables? [00:15] Looks like it, yeah. So as far as security, it doesn't matter. [00:23] New bug: #286678 in samba (main) "Samba transfer of multiple files very slow" [Undecided,New] https://launchpad.net/bugs/286678 [00:23] does linux support AHCI RAID? === golb_ is now known as golb [02:07] nijaba: yeah something like that but it has to be a built smarter because afaik xen is not configured in the -generic kernels [07:43] moin [07:53] moin [08:12] hi all, does any one know how to force a linux box not to use simple bind when trying to login ? [08:12] New bug: #286828 in samba (main) "CIFS share broken after upgrade from 8.04 -> 8.10" [Undecided,New] https://launchpad.net/bugs/286828 [08:29] hi all, does any one know how to force a linux box not to use simple bind when trying to login ? [08:37] scuser: you are still at it? [08:37] RockHound: yes :'( [08:37] have you asked in other chats? openldap, kerberos etc? [08:38] RockHound: I'm trying at ubuntu and openldap but in vain [08:44] scuser: maybe you should rethink how you phrase the question [08:46] RockHound: simply now I found that I need to let the client know somehow how to bind, I think the user to bind and the method but I don't know how or where to configure this [08:48] RockHound: the client now try to use simple bind and the server deny this and I want the client to use another method other than simple bind. This is the question now [08:48] again: which tools / services are you asking your question for? No one here can read your mind of what your setup looks like. [08:50] RockHound: I'm using ubuntu 8.04 I have installed kerberos 5, slapd and ldap-utils as my client those are the tools I've installed [08:51] RockHound: In the startup of the system I want the system to contact ldap server to get the user info so I get it a ticket and I want the system to use it when It's trying to connect to ldap not to use simple bind as this is risky and insecure [08:58] scuser: I think you'll have more luck if you ask how to get it to "do X" rather than ask how to get it to "not do Y". [08:59] scuser: The answer to the latter is always simple: Turn the machine off. :) [09:02] soren: ;) [09:03] scuser: to get a helpful answer, rephrasing the question to get a precise and accurate short description of what you want to do. I am sure that the openldap chat can help you then. [09:04] ok thanks a lot :) [09:04] and googling for kerberos, sasl, ldap, pam should really show you something [09:12] New bug: #286851 in php5 (main) "CVE-2008-3658,2008-3659,2008-3660" [Undecided,New] https://launchpad.net/bugs/286851 === uvirtbot` is now known as uvirtbot [10:06] hi all, does anyone know how to make a script that runs automatically and renews a kerberos ticket in certain time every day? [10:12] scuser: cron would allow you to run such a script on a regular basis. now I have no clue what the kerberos ticket renewal would look like [10:13] nijaba: It's just using kinit command to get a new ticket after the old one expires [10:13] scuser: then you should be set to add it to your user's cron [10:15] nijaba: so what packages I have to install to have a cron and add my script to it? [10:15] scuser: nothing, should be installed by default. see http://manpages.ubuntu.com/manpages/hardy/en/man1/crontab.html [10:15] hi, where is the correct place to report a failing ubuntu mirror? (debian.charite.de doesn't have /ubuntu anymore) [10:17] phaidros: #ubuntu-mirrors [10:17] henkjan: thx [10:17] phaidros: see also http://www.ubuntu.com/getubuntu/mirror/4 === golb_ is now known as golb [10:39] nijaba: I can't find cron.allow or cron.deny and I can't find any crontab for any user on my system how can I add a crontab for a user and add scripts to it? [10:39] scuser: crontab -e should add it for you, IIRC [10:40] nijaba: and what to write in that file? [10:40] man crontab will show you [12:02] yo [12:02] how easy is it to set up Ubuntu Terminal Services? [12:02] is there just a meta package and gui interface? [12:20] wo0f: take a look at ltsp [12:59] I am A server for only apache and php, i use gmail (google apps), i should used the php mail function, what MTA I use, what configure this? [12:59] thank's [13:01] thank's [13:01] I am A server for only apache and php, i use gmail (google apps), i should used the php mail function, what MTA I use, what configure this? [13:03] I am A server for only apache and php, i use gmail (google apps), i should used the php mail function, what MTA I use, what configure this? [13:03] gabryfan82: try postfix [13:03] ok i try this [13:03] now [13:04] apt-get install postfix [13:04] I HOW CONFIGURE THIs? [13:05] only local? [13:05] please, don't use CAPS [13:05] yes sorry [13:05] only local? [13:05] i how configure this? [13:05] only local?รน [13:05] i suppose you wan't to send mail from the server [13:06] do you want to use a smarthost (smtp server from your provider) [13:06] else choose internet [13:06] only server -> user don't user -> server [13:06] site internet? [13:06] msarthost use ssl? [13:07] for gmail? [13:07] don't use smarthost [13:08] use internet site [13:08] ok [13:08] i try this [13:09] function on NAT also? [13:12] that should also work behind nat [13:13] dont work [13:13] how configure php? [13:13] wiki.ubuntu.com [13:13] and search [13:13] ok thank's [13:14] Any documentation on which Sun boxen are supported by the sparc port? [13:15] modern sparc [13:16] zul: Is a 4800 modern (I've no idea about Sparc. Just it's come up somewhere else) [13:16] I don't even know if that's Sparc or x86 actually. [13:18] no idea [13:18] 4800 looks like sparc highend (max 12 cpus) [13:26] http://en.wikipedia.org/wiki/Sun_Fire [13:33] Thanks. [13:46] Trying to setup an SSH tunnel, using Localforward 3305 localhost:3306. but it doesn't work [13:47] I've setup sshd to allow AllowTcpForwarding yes [13:47] any suggestions? [14:58] <_ruben> hmm .. what was that command again to map dm-X names to /dev/mapper/Y names ? === sme2k8 is now known as andre === andre is now known as Guest59742 [15:49] Hey [15:49] need some advice here on a new server [15:49] anyone? [15:50] !ask | Helder_Geocrete [15:50] Helder_Geocrete: Please don't ask to ask a question, ask the question (all on ONE line, so others can read and follow it easily). If anyone knows the answer they will most likely answer. :-) [15:52] the question is simple...I need to install a new server on this new company i'm working on...and they want to use a MWSBS 2003 /2008. But i'm more inclined to use a linux distro, in this case, ubuntu... So i need to know more about the USE distro... in comparison to MSWSBS 2003/2008 [15:53] thanks in advance :) [15:53] What functionality are you interested in? === Guest59742 is now known as sme2k8 [15:55] active directory (seems I cannot find it in USE), mail server features, file server and security... [15:55] ps: newbie in ubuntu... [15:55] :$ [15:57] Helder_Geocrete: Full Active Directory features are not available, we can do a NT4 PDC at best, or a AD domain member afaict [15:58] Helder_Geocrete: for the other features see the Server Guide [15:59] http://doc.ubuntu.com/ubuntu/serverguide/C/ [16:00] that should give you information on how to set up things [16:01] well, i'm mostly interested in member login /authentication, printer server and file server...so maybe it will do the trick [16:02] thanks for the info :) [16:02] Helder_Geocrete: thats all NT4 domain stuff anyway, samba does that but be aware that you wont have the nice windows GUIs to do it all (you also wont have to deal with SBS) [16:03] well...the gui's aren't the problem...i like some hardcoding from time to time :) [16:03] has anyone ever gotten a "413 Request Entity Too Large" error for "/!svn/vcc/default" in subversion? [16:04] thanks for the info once again...be going now [16:04] i'm using Apache/2.2.4 (Ubuntu) DAV/2 SVN/1.4.4 === trashguy_ is now known as trashguy [17:11] mathiaz: intrepid amd64 server manual installation to raid1 on kvm disks succeeded [17:12] kirkland: great - let's see if raid0 and raid5 are working [17:12] kirkland: it may just be an issue with partman-auto-raid that gets stuck [17:12] mathiaz: let me check booting degraded right quite [17:12] quick [17:14] mathiaz: boot degraded continues to work, great [17:18] mathiaz: in all of my tests, i have one large / filesystem, and one small swap [17:19] kirkland: right - for raid0 and raid5 you'll have to create another partition for /boot [17:19] mathiaz: right [17:19] nealmcb: A quote for you "It's not about who votes, but about whom is counting the votes" - attributed to Joseph Stalin [17:36] nijaba: yup - very true. I've got something like that on a t-shirt [17:40] if there are any django, setuptools, xml, or windows gurus out there who want to help us do a world-class audit of the election this year in Boulder CO, check out http://neal.mcburnett.org/blog/2008/10/18/electionaudits-software-help-audit-election/ [17:51] kirkland: bug 284107 has a request for your input [17:51] Launchpad bug 284107 in partman-target "Filesystem on iSCSI should have the _netdev option in /etc/fstab" [Medium,Confirmed] https://launchpad.net/bugs/284107 [17:52] kirkland: dendrobates seems to say that it's not necessary yet [17:52] mdz: i'll add a comment there, but here's the skinny... [17:53] mdz: when we rsync with debian open-iscsi for jaunty, there will be some significant improvements in terms of the boot procedures, including a blip of code in the init script that says: [17:53] log_daemon_msg "Mounting network filesystems" [17:53] MOUNT_RESULT=1 [17:53] if mount -a -O _netdev >/dev/null 2>&1; then [17:53] MOUNT_RESULT=0 [17:54] break [17:54] fi [17:54] log_end_msg $MOUNT_RESULT [17:54] mdz: we don't currently have that code in intrepid (and I'm not proposing we add it) [17:54] mdz: however, if we do add _netdev to iscsi fstab entries, it could help us on upgrades from intrepid -> jaunty [17:55] mdz: otherwise, we'll need some logic to figure out what fstab entries are iscsi and need _netdev added at upgrade time [17:59] mdz: https://bugs.edge.launchpad.net/ubuntu/+source/partman-target/+bug/284107 updated accordingly [17:59] Launchpad bug 284107 in partman-target "Filesystem on iSCSI should have the _netdev option in /etc/fstab" [Medium,Confirmed] [18:01] mathiaz: are you handling that bacula bug? [18:03] zul: yes [18:03] k [18:03] zul: I've already answered [18:03] zul: I'm able to boot a AMI [18:03] zul: but not able to log into it [18:03] cool [18:07] kirkland: ok, so there's no point at all in changing it for Intrepid unless we add the new init script code as well, which we aren't going to do [18:08] mdz: fair enough [18:12] kirkland: I was just echoing back my understanding of what you said :-) [18:12] mdz: yes, that is my recommendation [18:13] mdz: i will be syncing/merging open-iscsi and working on it for Jaunty when the archive opens [18:13] mdz: but I don't think it's worth change it for Intrepid now [18:15] mathiaz: verified lvm install works [18:15] mathiaz: RAID0 isn't working so well [18:15] kirkland: does it get stuck? [18:15] mathiaz: if i have a separate /boot partition, yeah gets stuck [18:16] kirkland: where? [18:16] mathiaz: if i don't have a separate /boot partition, it finishes, but it's not bootable [18:16] kirkland: well - it's normal; [18:16] kirkland: grub doesn't support raid0 AFAICT [18:17] mathiaz: okay, but the hang isn't normal [18:17] kirkland: could you run a ps -ef in the vm during install? [18:17] kirkland: agreed. I've seen the same thing. [18:17] kirkland: are you testing on an intrepid host? [18:17] kirkland: and are you doing a manual partition of raid0? [18:17] mathiaz: intrepid host, yest [18:18] kirkland: ok - I was thinking it may be an issue with the virtualization stack [18:18] mathiaz: manually partitioned, sda1 = 2G, sda2 = 128M, sdb1 = 2G, sdb2 = 128M [18:18] kirkland: as we're using more then one block device to do that experiment [18:18] mathiaz: sda1+sdb1 = raid0 of 4G, with / [18:18] mathiaz: sda2 = /boot [18:18] MatBoy: sdb2 = swap [18:19] kirkland: ok - so if you don't put /boot on a separate partition the installer proceed correctly? [18:19] mathiaz: it completes [18:20] kirkland: ok [18:20] kirkland: http://people.ubuntu.com/~mathiaz/intrepid-i386-raid5-ps-ef.png [18:20] kirkland: this is the output of ps -ef when the installer is stuck [18:20] mathiaz: hmm, 07root_on_raid is mine.... [18:20] mathiaz: i've tested the crap out of that on raid1 [18:21] mathiaz: let me look at that code again [18:21] kirkland: the fact that the install completes when you have /boot on the same partition may point to an issue with boot [18:21] kirkland: you don't have a process fstab.d/hostboot? [18:22] kirkland: I think that's where the problem may be [18:22] kirkland: both raid{0,5} install are stuck with the same processes running [18:22] kirkland: both installs have /boot on a raid1 array in order to be able to boot [18:31] kirkland: I'm gonna head out. Could you investigate this raid install problem? [18:31] mathiaz: yeah [18:31] mathiaz: just saw your question of long time ago: I am able to boot vmbuilder EC2 image but not connect to it. [18:31] kirkland: great - I may check back later [18:32] erichammond1: right - it seems that we need to get the kernel modules somehow. [18:32] erichammond1: zul knows more about it [18:33] mathiaz: Been working with him over email, but our communication loop is pretty slow. We might have different work hours. [18:33] erichammond: hey [18:33] zul: 'lo! [18:34] erichammond1: I think there is a small pond between both of you [18:34] erichammond1: im working on it now and already have a solution and just trying to clear some stuff up [18:34] mathiaz: nah just a border [18:34] zul: nice, look forward to it. [18:34] I'm on the US West coast, but basically keep Hawaii hours :) [18:35] and different timezones [18:35] hm - right - anyway I'm off for now. see ya later [18:36] erichammond1: check your /msgs === _shoot^ is now known as shoot^ [19:08] hi all [19:08] sorry, i didn't make it for the meeting :/ === _backenfutter is now known as backenfutter [19:45] looking for -server sessions: https://wiki.ubuntu.com/UbuntuOpenWeek/Prep === MenZa_ is now known as MenZa [20:29] i need to install some ldap tools that will allow me to do some queries against an ldap server. isn't their a package called openldap-tools or something that will give me ldapsearch? [20:31] cyris|: there is a package ldap-utils [21:04] kirkland: I keep getting a grub error 17 when trying to install raid5 using the latest iso... just fyi [21:04] sommer: hey, i'm working an issue related in #ubuntu-installer, at the moment [21:05] sommer: also, see bug 287112 [21:05] Launchpad bug 287112 in mdadm "intrepid installer hangs when installing to raid0 or raid5" [High,In progress] https://launchpad.net/bugs/287112 [21:05] that's just been sponsored, not on the iso yet [21:05] glad to hear someone else is testing this ;-) [21:05] kirkland: ah cool, just wanted to make sure [21:06] sommer: what does your partitioning look like? [21:06] kirkland: 3 6.5G ide drives, with one 12.5G partition on the raid array [21:06] sommer: raid5 on / ? [21:07] kirkland: yep [21:07] sommer: and where's /boot? [21:07] kirkland: on the same partition, it wouldn't let me create multiple on the raid array... or did I miss configure something? [21:07] sommer: oh, that's a problem.... [21:07] sommer: we may need to add something to the documentation [21:08] sommer: /boot can't be on a RAID0 or a RAID5 device [21:08] sommer: must be on it's own partition, or a RAID1 [21:08] kirkland: ooohhh... I figured it may be something like that [21:08] sommer: when I use a RAID5, I usually create /boot on my RAID1 devices [21:08] sommer: but that's what's broken, at the moment [21:09] kirkland: the serverguide is frozen, I asked the other day to correct a typo and was denied [21:09] sommer: bummer [21:09] sommer: sorry, i should have thought about that [21:09] kirkland: ya, could we add something to the release notes? [21:09] sommer: let's put an agenda item for the server guide to discuss raid5/raid1 best practices [21:09] sommer: yeah, it'll need to go there [21:10] kirkland: sounds good [21:10] sommer: i wouldn't say it's "common knowledge", but a lot of system admins understand the raid5 limitation of grub/bootloaders [21:10] kirkland: heh, most of my experience is with hardware raid5 :) [21:11] kirkland: the whole disk formating filesystem thing can get complicated pretty quick :) [21:12] * sommer is just going to use fat32 from now on [22:51] hi [22:53] I'm having an issue with my ubuntu server, I can't seem to forward X11 app [22:53] through ssh [22:55] anyone? [22:56] kandjar: do you have a gui installed? [22:58] no [22:59] not on the server [22:59] do I need to have a X server on the server box? [22:59] I m only logging through ssh to it [22:59] isn't that what you're trying to do? [23:00] I m trying to ssh to the server [23:00] using ssh -X or -Y [23:00] and having the display redirected to my remote client [23:00] the server's display? [23:01] basically, I m log on a client machine [23:01] and I'm trying to get: 'ssh -X server xlogo' working [23:02] whats wrong with plain old SSH [23:02] ? [23:02] I have some xapp I wanna run :) [23:02] I'm not sure what that is, but without a gui on the server the only thing to display is console [23:02] I m remotely logged on the server [23:06] sommer, trashguy: haven't you heard of X11 forwarding? [23:07] yes, but the machine you're forwarding needs a gui... at least when I've done it [23:08] since by default ubuntu-server has no gui... [23:08] by default anyway [23:09] sommer: that's what I'm wondering. I regularly forward a machine that doesn't have a full GUI installation -- but it must have some base X packages that kandjar is missing. [23:16] hi guys. I need to move some instalation, but i need to backup a few mysql db... can i copy the /var/lib/mysql to the new server? [23:17] or that doesn't work? [23:18] nikkolay: I'd use mysqldump [23:22] ok [23:22] soundray, X11 on a server? [23:22] maybe something like: mysqldump --all-databases > /home/nikko/bakcups/mysql.sql [23:22] ? [23:22] what kind of insanity is this [23:26] trashguy: not everything that you cannot immediately relate to is insanity [23:26] trashguy: I'll give you an example, if you're interested [23:26] I can see [23:26] no reasoning of waisting server resources on x [23:27] That's the point, there is no wasting of resources [23:27] unless you are doing some sort of thin client thing and the soul purpose is centralized desktop etc [23:28] I'm running CPU intensive processes on a remote cluster. It outputs images to a filesystem local to the cluster. [23:28] okay [23:28] To view those images, I log into the login server of the cluster with X forwarding enabled and launch a viewer that displays selected sections from 3D or 4D image volumes. [23:29] The graphical output is forwarded through an encrypted tunnel to be displayed locally on my (full) X server. [23:30] The remote machine needs only basic X functionality installed, e.g. xauth [23:30] i did something similar with a render cluster [23:30] i just set up webdav to remotely open the images [23:30] which, btw, was what was missing on kandjar's server. Now it's installed -- problem fixed [23:33] trashguy: doesn't that mean that you have to transfer the entire file before it can be displayed? [23:34] yes [23:34] i can see [23:34] That would be a clear disadvantage for my scenario [23:34] yes [23:34] i agree [23:34] majority of the people i see running x is to avoid command line though [23:36] Burn them at the stake! [23:36] :) [23:36] i been using freebsd to long im a cli nazi [23:36] ^^ [23:36] trashguy: Error: "^" is not a valid command. [23:37] Zimbra doesn't play nice [23:37] with FreeBSD [23:37] so here I am ;) [23:38] Content management? [23:38] Exchange alternative [23:38] Oh, groupware [23:40] trashguy: do you have a suggestion for calendar and todo lists that works well on the command line? [23:41] A PIM application? [23:54] soundray, not somuch on CLI [23:54] i been inundated by the bras on how much they loved outlook at their old jobs [23:54] s/bras/brass/ [23:56] trashguy: I'll try 'when' [23:57] we are currently using oracle calendar [23:58] it iwll be nice when that is gone and I have one less solaris machine to deal with ^^