[00:43] <wo0f> hi guys
[00:44] <wo0f> Im just about to reinstall ubuntu on my server
[00:44] <wo0f> im wanting this time to have terminal serivces functionality
[00:44] <wo0f> (like remote desktop)
[00:44] <wo0f> (/freenx etc/vnc)
[00:45] <wo0f> will installing via tha LTSP option be of any use to me?
[00:45] <wo0f> i won't be connecting via LAN
[00:45] <wo0f> i just want a dev desktop available via the net
[00:46] <Deeps> sounds like you're wanting ubuntu desktop rather than ubuntu server then
[00:46] <wo0f> oh
[00:46] <wo0f> i don't just want to enable 1 instance of remote desktop tho
[00:47] <wo0f> and i dont want to have X/gnome actually running on the server all the time
[00:47] <wo0f> i just need it to auto start an x session on my remote login
[00:47] <Deeps> sounds like you want vncserver i guess then
[00:47] <wo0f> i see
[00:48] <wo0f> do you know a decent tutorial for setting vnc up in this way?
[00:48] <wo0f> iv always had trouble previously
[00:50] <arrrghhh> anyone know where i download the code for the advanced tree to compile for xml-rpc?  i'm tired of my large torrents displaying incorrectly.
[00:50] <wo0f> does ubuntu impliment tightVNC ?
[00:52] <Deeps> to both of you, i'm afraid i dont know, but google might
[00:52] <arrrghhh> so if i'm copying a lot of data on my server from my ntfs drive to my new ext3 drive, what's the best method?  just cp?
[00:53] <arrrghhh> wo0f, it does vnc protocol which tightvnc is capable of connecting to...
[00:53] <arrrghhh> but that doesn't really apply to ubuntu-server.
[00:53] <Deeps> i use rsync for large transfer batches
[00:53] <wo0f> i see
[00:53] <arrrghhh> is there anything special to use rsync locally?
[00:53] <Deeps> nope
[00:54] <Deeps> just specify a local source and destination path
[00:54] <Deeps> i personally use...
[00:54] <wo0f> its just i dont want X to be running on the head of my server
[00:54] <Deeps> rsync -aPv /local/source /local/dest
[00:54] <arrrghhh> like rsync -va --progress /media/500GB/* /media/500_1
[00:54] <wo0f> i just want it to be invoked and used via network only
[00:54] <arrrghhh> is the capital P --progress?
[00:54] <Deeps> same thing, -P and --progress
[00:54] <arrrghhh> d'oh
[00:55] <Deeps> resumable, and you see progress reports, cp's too... quiet
[00:55] <arrrghhh> yea
[00:55] <arrrghhh> i've just had rsync fail for no reason before.
[00:55] <Deeps> likewise, and with cp too
[00:57] <arrrghhh> well now i have a massive amount of space
[00:57] <arrrghhh> kinda weird having it all over in so many different partitions.
[00:58] <wo0f> hmm, i guess problem is, i dont want to use vnc to connect too an existing screen, rather invoke a fresh x session on login
[00:58] <arrrghhh> eh i don't want to try and coordinate that
[00:58] <arrrghhh> wo0f, your server is running X?
[00:58] <Deeps> vncserver will let you do that wo0f
[00:58] <wo0f> cool
[00:58] <Deeps> google it, test it locally / in a vm if needbe
[00:58] <Deeps> it's fairly straightforward
[00:59] <arrrghhh> x11vnc will allow you to view their current session _and_ uses better compression (imho)
[00:59] <wo0f> Deeps: n1
[00:59] <Deeps> arrrghhh: he wants to connect and start an x session, not connect to a running session
[00:59] <wo0f> what about NX, is this worth looking into as an alternative?
[00:59] <Deeps> ie, he logs off, x goes with him
[00:59] <arrrghhh> nx is sweet
[00:59] <arrrghhh> but i had issues setting it up
[00:59] <Deeps> haven't used it personally, no idea
[01:00] <arrrghhh> i got it to work eventually, and it was like being there
[01:00] <Deeps> i remain of the opinion that servers shouldn't need more than a command line ;)
[01:00] <wo0f> well if i wont
[01:00] <wo0f> i still want it headless
[01:00] <wo0f> just serve up remote X
[01:00] <arrrghhh> servers = no X
[01:01] <wo0f> hmm
[01:01] <arrrghhh> and you can forward X apps over ssh...
[01:01] <arrrghhh> no need for vnc, nx, etc
[01:01] <wo0f> yeah?
[01:01] <wo0f> how do you do that?
[01:01] <arrrghhh> ssh -X
[01:01] <arrrghhh> well ssh -X user@server
[01:01] <arrrghhh> assuming you use the default port etc
[01:02] <arrrghhh> yea then from a command line run like "firefox &" - firefox will popup on your screen!
[01:02] <arrrghhh> technology has been in unix since like 1984 lol.  m$ still isn't capable of it (to my knowledge)
[01:02] <Deeps> urr, you just run a win32 X server
[01:02] <arrrghhh> well
[01:02] <Deeps> XMing or some such
[01:03] <arrrghhh> that's not from microshite
[01:03] <wo0f> well i assume you have to be running a nix os for that to actually work
[01:03] <arrrghhh> i use xmming at work since all our workstations are winblows
[01:03] <Deeps> no, so? most packages in ubuntu repos aren't written by canonical
[01:03] <arrrghhh> i said unix has had the technology since _x_
[01:03] <arrrghhh> and m$ still hasn't implemented it
[01:03] <Deeps> ms has rdp
[01:03] <arrrghhh> xmming + putty is not from microshaft
[01:03] <wo0f> (i mean, im chatting to via putty:P)
[01:04] <arrrghhh> but that's not an individual application
[01:04] <Deeps> wo0f: http://www.math.umn.edu/systems_guide/putty_xwin32.html
[01:04] <wo0f> Deeps: oo
[01:04] <wo0f> Deeps: (Y)
[01:04] <Deeps> change the relevant variables for your servers, rather than the umn.edu servers
[01:04] <arrrghhh> you can't forward an individual application over the internet thru a secure tunnel.
[01:05] <Deeps> no, but you can still forward an entire desktop that'll be more responsive and require less bw with RDP than you get from forwarding a single X application
[01:05] <Deeps> (in my experience)
[01:06] <arrrghhh> i honestly haven't compared b/w usage between the two.
[01:06] <Deeps> X forwarding on a high latency low speed link is a very very painful process. not half as bad over RDP
[01:06] <arrrghhh> yea the compression isn't there w/ssh./
[01:07] <Deeps> i read something about NX making things faster in both camps, but i've yet to play with it as thankfully I dont have to deal with remote guis anymore
[01:07] <wo0f> this is whats tempting me towards nx
[01:07] <arrrghhh> nx is seriously like being at the machine
[01:07] <arrrghhh> it's ridiculous
[01:07] <Deeps> well you can run rdp, x and vnc all through nx, which is nice
[01:08] <wo0f> i think nx runs as one user
[01:08] <arrrghhh> yea
[01:08] <arrrghhh> i don't know if nx runs as one user or not...
[01:08] <wo0f> so you have a separate accounts list just for nx
[01:08] <arrrghhh> it probably does.
[01:08] <wo0f> rather than running as the user your logged in as, like vnc
[01:09] <arrrghhh> wo0f, there's a lot of options, it's linux haha
[01:09] <wo0f> haha
[01:09] <wo0f> sometimes too many for my liking/understanding
[01:09] <Deeps> given that you can run x, vnc, or rdp through nx, chances are it's a case of how you configure it
[01:09] <wo0f> mm
[01:10] <wo0f> so whats LTSP
[01:10] <Deeps> freedom of choice, it's great
[01:10] <wo0f> ?
[01:10] <Deeps> thin client manager i believe
[01:10] <wo0f> so it doesnt use vnc at all?
[01:10] <Deeps> run LTSP on a powerful server
[01:11] <Deeps> run a bunch of underpowered dumb screens that simply connect to the server and accept local inputs, and display X forwarded from the server
[01:11] <Deeps> slightly overkill for what you're looking to do i think
[01:12] <wo0f> it just seems appealing as theres a install option on the disk in 8.10 now
[01:12] <Deeps> it's been an option for installing for a while, i think it was restricted to edubuntu before though
[01:22] <wo0f> is bitshift obsolete?
[01:24] <arrrghhh> i don't know what bitshift is
[01:24] <wo0f> is bitshift obsolete?
[01:24] <wo0f> oops sry
[01:25] <wo0f> for hard drives
[01:25] <wo0f> as opposed to LBA
[01:25] <wo0f> (logical block addressing)
[01:27] <arrrghhh> yea still don't know what bitshift is
[01:41] <mynous> having a server harddrive setup like this : /boot and /  on /dev/sda  and /home on /dev/sdb, would i see a performance boost by using /home/ftp as a directory for files to be transfered from over /ftp on /dv/sda like it is now?
[01:43] <ShawnR> has anyone else tried installing 8.10 on a fakeraid raid 0 yet? it seems that it is only using 1 of my HDDs
[01:46] <wo0f> fake raid and linux just don't mix
[01:46] <ShawnR> well, 8.10 is supposed to support it, so i figured i'd give it a shot
[01:47] <ShawnR>  dmsetup status
[01:47] <ShawnR> nvidia_ecfbjcdh: 0 976773166 mirror 2 8:0 8:16 7453/7453 1 AA 1 core
[01:47] <wo0f> are you wanting software raid, or fakeraid?
[01:47] <wo0f> if fakeraid, have you checked your chipset is supported?
[01:47] <ShawnR> and iostat shows dm-0 and dm-1 being used when doing file transfers, but i see that sda is working, but sdb is sitting still
[01:48] <ShawnR> i am pretty sure it is supported, it installed fine... but where can i double check?
[01:49] <wo0f> im not sure how youd check
[01:49] <wo0f> i know suse supports raid out of the box
[01:49] <wo0f> but i really shouldnt say that here :P
[01:49] <ShawnR> it's an nforce chipset, should be supported
[01:50] <wo0f> im pritty sure the nvidia chipsets work
[01:50] <wo0f> unlike the amd ones :/
[01:51] <ShawnR> AMD has their own chipsets now? or do you mean the ATI ones?
[01:51] <ShawnR> i guess maybe AMD rebranded the ATI chipsets with their own name
[02:01] <arrrghhh> hardware raid or nothing!
[02:07] <ShawnR> well, this is a somewhat budget file server for my own house
[02:07] <ShawnR> and the 1 pci-e slot has my eSATA card in it
[02:08] <arrrghhh> yea i just built a budget file server
[02:08] <arrrghhh> no raid...
[02:08] <wo0f> yeh amd bought out ati
[02:09] <arrrghhh> that they did
[02:09] <arrrghhh> which will hopefully open the accelerated graphics drivers for the processors.
[02:10] <arrrghhh> the graphics processors that is
[02:55] <arrrghhh> anyone have experience setting up a pxe server?  i'd love to be able to just plug machines in and boot the newest ubuntu w/o needing optical drives.  i've already got nfs setup, and i have been struggling with tftp and dhcp.
[02:56] <ShawnR> i've wanted to play with it myself, but never had the reason to actually impliment it
[02:56] <arrrghhh> i've been repairing a lot of computers lately so i'd love to have a pxe server
[02:56] <arrrghhh> show the masses ubuntu
[03:36] <J-_> When using the inadyn DNS dynamic IP updater, should I use the root, or user crontab -e?
[03:36] <J-_> Using wget
[03:38] <hads> If it doesn't need root permissions don't run it as root. That's pretty much the theory.
[03:38] <hads> A dynamic DNS updated shouldn't.
[03:38] <J-_> k
[03:39] <J-_> Thanks dewd. :)
[03:42] <J-_> hads:  Are you familiar with afraid.org's method of updating via wget? Would, 1-59 * * * * /usr/bin/wget http://freedns.afraid.org/dynamic/index.php?action=script&data_id=xxxxxx -o - >/dev/null 2>&1' >> /tmp/crontab work?
[03:42] <arrrghhh> this doesn't really have much to do with my server, but i can't get my monitors at the right resolution & in separate X screens.  twinview works tho...
[03:42] <hads> J-_: No I'm not familiar
[03:42] <J-_> Okay cool, thanks anyway!
[03:50] <J-_> !info drupal hardy
[03:50]  * J-_ facepalms
[03:50] <J-_> !info drupal
[04:12] <J-_> How can I enable mod_rewrite in apache2 in Hardy?
[04:15] <zoredache> try a2enmod
[04:18] <J-_> mod_rewrite isn't in the most.
[04:19] <hads> ?
[04:22] <zoopster> a2enmod rewrite did it for me
[04:22] <hads> Yah
[04:27] <J-_> hmm, not exactly sure what I ment to say. lol, I'm tired.
[04:27] <J-_> But I'll try that again
[04:27] <J-_> Is cl-url-rewrite the package I want to install/ enable?
[04:27] <hads> No
[04:28] <J-_> hmm, it's already enabled. But, drupal is saying otherwise.
[04:28] <hads> I think it's shipped with apache
[04:28] <J-_> Nevermind! It worked now.
[04:29] <J-_> I could have sworn it did before.
[04:29] <J-_> didn't*
[04:29] <J-_> Thanks again.
[05:57] <josh_> where is the apache root directory?
[05:59] <hads> /var/www
[06:00] <josh_> thats what i thought.  so, i have saved 2 files there how do i access them from the internet?
[06:01] <zoredache> there is a redirection setup by default, you probably need to remove that...  look in /etc/apache2/sites-available/default
[06:02] <hads> I thought there was just an "It Works" page
[06:05] <josh_> it says that i dont have permission
[06:14] <josh_> deleted through terminal
[06:27] <josh_> i am trying to add a file to a folder with terminal.  i used "sudo mkdir" to make the folder. how do i add to it?
[06:50] <incidence> josh_, man mv
[06:50] <kinnaz_> josh_ touch filename
[06:51] <incidence> oh meant that way
[06:58] <antdedyet> josh_: or cp if you just want to 'add' a file to that directory and not remove it from the old location
[06:59] <KiNnaZ> it would be easier to say, cp to copy file
[06:59] <KiNnaZ> mv to move file
[06:59] <KiNnaZ> rather to try to explain difference of cp and mv
[07:33] <hads> $EDITOR my.file
[08:11] <kraut> moin
[08:11] <lukehasnoname> morning
[08:54] <gammy> I noticed tha tthe init script for policy kit doesn't actually do *anything* except upon 'start'. Anyone care to teach me a lesson? :)
[08:58] <gammy> Is it in the kernel? :o
[09:00] <soren> How is this server related?
[09:02] <gammy> Well, it's running ubuntu server. I don't know how you have exactly defined "server specific" since the term is pretty loose.
[09:03] <gammy> Or am I only allowed to ask questions regarding topics in your serverguide (which is pretty much empty) ?
[09:04] <hads> There's stuff in the server guide.
[09:04] <soren> No, but policykit is a tool used on the desktop to achieve elevated privileges for discrete tasks.
[09:05] <soren> It's not server related at all.
[09:05] <gammy> soren: Alright - I did not know that. I was forced to install it because console-kit-daemon kept giving me SEVERE logs about it.
[09:05] <gammy> "console-kit-daemon[6283]: CRITICAL: cannot initialize libpolkit
[09:05] <gammy> "
[09:05] <gammy> That's why I installed it and related packages.
[09:06] <gammy> I wonder why it gives a critical error about it if it isn't supposed to depend on it.
[09:07] <gammy> soren: So it's only server related if it's a base package in server? Or..? Please tell me where I would be more on-topic in that case.
[09:07] <gammy> ie, it's not server-related if I run server with additional packages then
[09:07] <gammy> :o
[09:08] <Kamping_Kaiser> depends what the 'aditional packages' are
[09:08] <hads> Gnome :)
[09:08] <Kamping_Kaiser> its on topic if its server related - eg, services running on a server. not if its 'my desktop wont work on a server install'
[09:09] <gammy> I thought bloody policykit was a service.
[09:09] <gammy> this is 8.10 server edition. I only got policykit due to http://pulia.nu/tmp/console-kit-daemon these issues
[09:10] <gammy> Now again, console-kit-daemon did this out of the box - what is the *right* way to do then, if policykit is the wrong way?
[09:12] <gammy> ...I see.
[09:12] <soren> Look... It's not that we don't want to help. It just way easier to ask desktop people if you're having trouble with desktop stuff.
[09:13] <gammy> YOU are telling me this is a desktop issue
[09:13] <gammy> I have *no* idea why you're telling me thart
[09:13] <gammy> that, sorry.
[09:13] <gammy> I am not running X, I don't have gnome installed, I don't even have a screen
[09:14] <gammy> This is ubuntu SERVER on a SERVER SERVING peoples homepages and shells. I just want to solve the problem at hand, being console-kit-daemon giving me critical errors in my log. I have no idea why it's even installed but I presumed it was "woven" into ubuntu for some reason
[09:14] <soren> I'm terribly sorry, but policykit is simply not our domain.
[09:14] <soren> What is that you don't understand?
[09:14] <soren> 09:12:46 < soren> Look... It's not that we don't want to help. It just way easier to ask desktop people if you're having trouble with desktop stuff.
[09:15] <gammy> I don't understand why it's a desktop issue.
[09:15] <gammy> You have as of yet not explained that.
[09:15] <soren> Look at policykit's description.
[09:15] <hads> Ooo circles
[09:15] <soren> It's not that hard.
[09:15] <gammy> soren: Yes, but let's *ignore* policykit for a minute.
[09:15] <Kamping_Kaiser> gammy, you can `aptitude why $package` to find out what you installed that drew in policy kit as a dependancy (assuming you didnt manually install it )
[09:15] <gammy> soren: And let's look at console-kit-daemon
[09:15] <soren> ...which yells about policykit.
[09:16] <gammy> Yes.
[09:16] <soren> Right? That's your problem, isn't it?
[09:16] <gammy> So the server component is whining about a desktop component
[09:16] <gammy> and you're telling me this is *not* a server issue?
[09:16] <soren> Can't you just accept that the desktop guys are the guys who deal with consolekit and policykit?
[09:16] <gammy> you just told me desktop was "dealt with" by the desktop guys. you had not previously said so.
[09:17] <gammy> So now I know.
[09:17] <gammy> Thanks.
[09:17] <gammy> I .. guess.
[09:17] <soren> Do you honestly think it's more useful if I just say "I don't know" instead of leading you to the right place to ask your questions?
[09:17] <soren> Bloody hell!
[09:17] <soren> 09:16:59 < gammy> you just told me desktop was "dealt with" by the desktop guys. you had not previously said so.
[09:17] <soren> ??? Big surprises there.
[09:17] <soren> Desktop guys deal with desktops. Who would have guessed?
[09:18] <hads> Never would have guessed that.
[09:18] <soren> No, how could you?
[09:18] <lukehasnoname> GUYS, guys... I'm trying to code, all this blinking is distracting me
[09:18]  * soren glances at his 381 irc windows and sends no sympathy to lukehasnoname
[09:18] <domas> =)
[09:19] <domas> let's hilight lukehasnoname a bit too!
[09:19] <Kamping_Kaiser> lukehasnoname, hehe
[09:19] <domas> so that lukehasnoname's coding would be more productive!
[09:19] <Kamping_Kaiser> domas, but lukehasnoname might be struggling!
[09:19] <lukehasnoname> damnit
[09:19] <domas> yeah, but if we don't hilight, lukehasnoname would stop coding!
[09:20] <Kamping_Kaiser> domas, ah in that case i guess lukehasnoname better stay in converstaion :D
[09:20] <domas> :-)
[09:20] <lukehasnoname> why can't 1/0 be defined
[09:20] <lukehasnoname> then I wouldn't have to handle that
[09:21] <soren> lukehasnoname: It is defined.
[09:21] <soren> lukehasnoname: It's \infty
[09:22] <lukehasnoname> new idea for a language function
[09:23] <soren> Eh?
[09:23] <lukehasnoname> double IntegerOffset(int n)
[09:23] <lukehasnoname> returns a number VERY MINUTELY tweaked below or above n
[09:24] <lukehasnoname> double IntegerOffset(int n, bool upDown = 1) //0 is down, 1 is up
[09:25] <soren> At any rate, 1/0 is defined. It's positive infinity.
[09:25] <soren> infinity: Not you.
[09:25] <soren> However, using that as an offset might not be defined. It depends.
[09:25] <lukehasnoname> so IntegerOffset(0, 1) would return 0.000000000000000000000000000000000000000000000000000000000000000001 or similar. I suppose I could define that as 0+Math.pow(1, pow(10,20))
[09:26] <lukehasnoname> I'm writing a genetic algorithm whose fitness score is 1/radius of a circle
[09:26] <lukehasnoname> if that radius is calc'ed to 0, then I have to handle it
[09:28] <soren> A circle can't have a radius of 0.
[09:29] <soren> A circle is the set of points at a given distance from a given point. The set of points at 0 distance from a point is just the point itself.
[09:29] <lukehasnoname> rather, I'm calculating the max radius a circle can have, given a center and some parameters to meet
[09:29] <lukehasnoname> there are times that the parameters are not met and the max radius val is 0
[09:33] <lukehasnoname> I have 8 hours to debug my algorithm, run tests on it, and write a one page paper about it for a test grade
[09:34] <Kamping_Kaiser> if $rad=0; <do not fail painfully>; fi ?
[09:37] <soren> if radius==0: <forget everything you used to believe about circles>
[09:39] <lukehasnoname> The zeros thing isn't trouble anymore, I don't think... it's something else now.
[09:46] <domas> soren: you're not that good at math, are you?
[09:46] <domas> soren: 1/0 is not infinity
[09:47] <Deeps> the internet disagrees
[09:47] <Deeps> http://lexlibertas.com/wordpress/wp-content/uploads/2008/04/i-divided-by-zero.jpg
[09:47] <domas> Deeps: <3
[09:47] <domas> soren: http://en.wikipedia.org/wiki/Division_by_zero :)
[09:55] <soren> domas: I just don't limit myself to real maths.
[09:55] <soren> domas: I studied maths at university. I usually know what I'm talking about.
[09:56] <domas> oh, wait, me too! :)
[09:56] <domas> I wonder how you get the 'positive infinity' number
[09:56] <Deeps> mathgeekfight
[09:57] <domas> teeheeee
[09:59] <soren> What else would it yield?
[10:00] <domas> negative infinity, if you approach it with a limit :)
[10:00] <domas> of course, if you define a concept of unsigned infinity, you can use it as much as you want
[10:00] <domas> I don't like math
[10:00] <domas> :(
[10:02] <soren> Me neither.
[10:02] <soren> Ironically :)
[10:02] <domas> hehe
[10:02] <soren> Abstract algebra is wicked cool.
[10:03] <soren> Pretty much anything else, I really don't like very much.
[10:03] <domas> math is applied philosophy :)
[10:03] <domas> physics are applied math \o/
[10:03] <domas> some more nested applied sciences
[10:03] <domas> and we end up building information systems :)
[10:04] <domas> and sit in #ubuntu-server
[10:04] <domas> haha
[10:50] <jamey-uk> I'm trying to get a custom shell script to run when I insert a USB hard drive, so far I've installed autofs and "/etc/init.d/autofs status" returns this as the configured mountpoint: "/usr/sbin/automount --timeout=300 /media program /tmp/test.sh". But it doesn't work, any ideas?
[12:43] <yann2> nijaba   http://www.securityfocus.com/bid/29106  :)
[12:44] <yann2> ah right, <52.. good we updated too hardy :)
[13:15] <Spirits-Sight> what do I type to install LAMP on Ubuntu
[13:16] <Deeps> tasksel
[13:16] <Deeps> and select it from the list
[13:17] <Spirits-Sight> do I do that at the term
[13:18] <Deeps> yep
[13:18] <Deeps> sudo tasksel
[13:18] <Deeps> even
[13:20] <_ruben> or sudo apt-get install lamp-server^
[13:23] <Spirits-Sight> thanks for your help
[13:36] <jamey-uk> Does anyone have any experience with ivman?
[13:39] <jamey-uk> I'm trying to get a script to run when an external USB hard drive is plugged in. So far I've tried usbmount, udev rules and now ivman. I've been watching /var/log/messages, USB drive is initiated as /dev/sdb but none of the daemons have worked and run my test script. Can someone help me?
[13:40] <soren> jamey-uk: I'd use dbus and subscribe to DeviceAdded events from Hal.
[13:40] <soren> I didn't know about ivman. It seems like it does kind of the same thing?
[13:40] <jamey-uk> soren: yeah I think it must do. So I have to apt-get install dbus then? I don't understand, how/what is "subscribing" to the DeviceAdded event?
[13:41] <soren> It's a dbus term.
[13:41] <soren> DBUs has a notion of signals to which you can subscribe.
[13:41] <soren> Hal emits DeviceAdded and DeviceRemoved signals when... Well, I imagine you can guess when :)
[13:42] <jamey-uk> thanks, so how does Dbus relate to Hal, it's basically the bus that hal reports onto?
[13:42] <soren> Pretty much.
[13:42] <soren> How does ivman fail you?
[13:42] <soren> I'm looking at its config now, and it seems to do what you want?
[13:43] <soren> Better yet: What are you trying to do exactly?
[13:43] <jamey-uk> yeah it does, none of the tools i've tried have worked which leads me to believe I've set something up wrong or haven't got a needed package
[13:43] <jamey-uk> soren: thanks for asking :)
[13:44] <jamey-uk> we've got a truecrypt encrypted drive, we want it to automount this external usb drive when you plug it in, but we don't want regular mount* stuff, we've got a command/shell script that will mount the drive for us. so far, when you plug it in dmesg says it's assigned to /dev/sdb. And we can succesfully mount it manually into somewhere like /media/usb-backup.
[13:44] <jamey-uk> so now I just need *anything* to make a script run when a usb (hard drive) is plugged in. sounds simple, so far proved to be very tricky!
[13:44] <jamey-uk> any help would be much appreciated :)
[13:45] <soren> At the bottom of /etc/ivman/IvmConfigActions.xml...
[13:45] <soren> there's a match-all snippet.
[13:45] <soren> Do you see it?
[13:45] <soren> It's uncommented right now.
[13:47] <jamey-uk> erm, looking in that file, no 'match-all'...?
[13:47] <soren> It doesn't say "match-all"
[13:47] <jamey-uk> oh heh
[13:47] <soren>  97     <ivm:Match name="*">
[13:47] <jamey-uk> ah gotcha "...Match name="*"'
[13:47] <jamey-uk> yeah
[13:47] <soren> The line just before that one says: \!--
[13:47] <soren> Er..
[13:47] <soren> <!--, I mean.
[13:47] <soren> Remove that...
[13:48] <jamey-uk> yep, so remove the XML <!-- and --> comment delimiters, gotcha :P
[13:48] <soren> and the line just below </ivm:Match>, which reads "-->"
[13:48] <soren> Right.
[13:48] <jamey-uk>  /etc/init.d/ivman force-reload
[13:48] <soren> Restart ivman (sudo /etc/init.d/ivman restart)
[13:48] <jamey-uk> "Restarting ivman: manager.c:1387 (do_startup_configure) Directory /etc/ivman/ will be used for configuration files."
[13:48] <soren> Yes, that should do it too..
[13:48] <soren> tail -f /tmp/devices
[13:48] <soren> and try plugging something in
[13:49] <jamey-uk> okay, here goes :P
[13:50] <jamey-uk> *awesome*, it works :D
[13:50] <jamey-uk> "usb_device_1058_702_5758485A3037303239313933 attached at Thu Nov 6 13:50:25 GMT 2008"
[13:50] <soren> Ok. So ivman works :)
[13:50] <jamey-uk> so..., how do I get it to run a script now? :)
[13:50] <jamey-uk> fantastic, *nothing* has so far!
[13:50] <soren> Look at the config file.
[13:50] <jamey-uk> so an exec line
[13:50] <soren> The part you just enabled runs a command line.
[13:50] <soren> Right.
[13:51] <soren> Just change that to point to your script.
[13:51] <jamey-uk> what is "execun" vs exec
[13:51] <soren> Probably unplug vs plug
[13:51] <soren> I don't know, to be honest.
[13:51] <jamey-uk> oh, der
[13:51] <jamey-uk> :p
[13:51] <soren> I've never used ivman.
[13:51] <jamey-uk> yeah it is lol
[13:52] <jamey-uk> okay so i'm going to tell it to run /tmp/test.sh, which is a simple bash script that echo's "Running script" then touch's /tmp/it-is-running (which I just rm'd)
[13:52] <soren> Ok.
[13:52] <soren> Here's a trick:
[13:52] <soren> When the drive is plugged in, use lshal to find the name of the attribute you want to look for.
[13:52] <soren> In your case, you want the one that tells you the name of the block devices.
[13:53] <soren> Sorry, block device. Not plural.
[13:53] <jamey-uk> okay let me just check this script works (because it hasn't yet) and then we can get onto lshal :)
[13:54] <soren> Right. When you're comfortable that it works, run lshal, find your harddrive and pastebin that part that pertains to that.
[13:57] <jamey-uk> Okay, it works fantastic :D
[13:57] <soren> Coolness.
[13:58] <jamey-uk> http://pastebin.ca/1246866
[13:59] <soren> jamey-uk: Ok, for starters, try replacing the match name="*" thing with this:
[13:59] <soren> <ivm:Match name="hal.usb_device.serial" value="5758485A3037303239313933">
[13:59] <soren> ...and see if it still triggers.
[14:00] <soren> (don't forget to restart ivman)
[14:00] <soren> I don't know if it picks up changed config files, so I'm just taking the safe approach.
[14:01] <jamey-uk> yep, it's still working with serial clause :)
[14:01] <jamey-uk> yeah I did force-reload
[14:02] <jamey-uk> maybe I could do it on hal.info.product ("External HDD") because we're going to be using two different external HDDs that both will be mounted with the same encryption etc
[14:02] <jamey-uk> awesome, thank you *very* much soren :)
[14:03] <soren> Ok, what you probably want to do now is to find the disk in /dev/disk/by-id/
[14:03] <soren> or /dev/disk/by-uuid/
[14:03] <soren> and use that in your script.
[14:03] <scientes> why does everybody have to do all this virtualization junk when unix has had all of the same abilities with 0 overhead for decades?
[14:03] <soren> This way, ivman will make sure your script is only called for the right devices.
[14:04] <scientes> is it just cause windows sucks?
[14:04] <soren> ...and your script will make sure it find the right block device to mount.
[14:04] <soren> scientes: Because it hasn't.
[14:04] <scientes> you have to run the same kernel but otherwise what is differnt?
[14:04] <soren> Containment.
[14:05] <soren> Primarily, anyway.
[14:05] <soren> Lots of other stuff, too.
[14:05] <scientes> Its just doing a second round of permissionss, software and hardware, when there are allready these things
[14:05] <soren> Migration options, for instance.
[14:06] <scientes> it just seems like its all there but developemers have neglected it so we have to do the meta=solution
[14:06] <soren> scientes: You clearly don't know what you're talking about.
[14:06] <scientes> ok
[14:07] <soren> Explain to me what you'd do instead of using virtualisation?
[14:07] <soren> What are these magic old school incantations that achieve the same thing?
[14:07] <soren> chroots?
[14:08] <scientes> run the same app under differnt users with differnt permissions, and SELinux, etc
[14:08] <scientes> and yeah chroots
[14:08] <scientes> i guess the virtualization is cleaner, and makes the the kernel do one task and irt another
[14:08] <soren> These things all run in the same memory space, process space, filesystem, network...
[14:09] <jamey-uk> soren: or instead of /dev/disk/by-id/* I could use that match line with hal.info.udi ('/org/freedesktop/Hal/devices/usb_device_1058_702_5758485A3037303239313933')?
[14:09] <soren> jamey-uk: You can't use that to mount the disk.
[14:09] <soren> jamey-uk: ...because that's not the name of a block device.
[14:09] <scientes> you can multicast the network exactally the same as a virtual machine does, memory space is kept clean by access controls in kernel
[14:09] <soren> scientes: No, it's not.
[14:09] <scientes> and nice etc control scheduling
[14:09] <jamey-uk> soren: ah sorry I thought you meant to use that as a "filter" so that only *that* USB hard drive gets mounted
[14:10] <soren> No, no. It was to make sure you grab the correct block device.
[14:10] <jamey-uk> you mean to use /dev/disk/by-id/* to find where the symbolic link goes to, and that is the block address for the HDD
[14:10] <jamey-uk> yeah
[14:10] <jamey-uk> cool, thanks
[14:10] <soren> /dev/sd? are handed out as devices pop up.
[14:10] <jamey-uk> it's ok, they're always going to be /dev/sdb because we're only connecting a single USB HDD at once (well USB device in general)
[14:10] <soren> jamey-uk: Don't bother following the symlink. Just use the symlink directly.
[14:11] <soren> jamey-uk: Well, yes, until something goes bad and you have a block device that's stuck for some reason.. :)
[14:11] <soren> It happens :)
[14:11] <jamey-uk> soren: okay so better safe than sorry, I should have a script for each drive that looks in /dev/disk/by-id/ for the expected symlink and use this to mount? :)
[14:11] <jamey-uk> and then two different match blocks in ivman conf file?
[14:12] <soren> jamey-uk: Unless I'm gravely mistaken, the symlink will be named after one of the attributes you can see from hal. Pass that on the command line to your script.
[14:12] <soren> ...and you can get by with just one script.
[14:12] <soren> ...but possibly two match rules in ivman's config.
[14:12] <jamey-uk> ah, clever
[14:13] <soren> Or perhas ivman has other clever ways to handle it. I don't know. This is the first time I've ever heard of ivman :)
[14:13] <jamey-uk> soren: unfortunately not, the symlink is "usb-WD_3200BEV_External_5758485A3037303239313933-0:0" which isn't in http://pastebin.ca/1246866
[14:13] <soren> It's derived from the serial.
[14:14] <jamey-uk> so what do you suggest?
[14:14] <soren> How many files match /dev/disk/by-id/*5758485A3037303239313933* ?
[14:15] <jamey-uk> ah I see :)
[14:15] <soren> Heh :)
[14:16] <soren> scientes: Anything that has root privs can go snooping around in every other process's memory space.
[14:16] <soren> scientes: Anything that runs as user foo can go snooping around in every other process run by user foo.
[14:17] <scientes> but if you took away the 1024 port limit nothing would ever need root privs
[14:17] <soren> Oh, really?
[14:17] <scientes> and there is a practically unlimited number of users available
[14:17] <soren> cron could magically run as a non-privileged user?
[14:18] <soren> backup systems?
[14:18] <soren> mail servers?
[14:18] <scientes> ok, then its just a way to get around lowsey old unix defaults
[14:19] <soren> And if anything could listen below port 1024, *any* user could hijack the ssh port, the http port or any other port during logrotate, for instance.
[14:19] <scientes> not if you set user permission to specific ip addresses,
[14:20] <soren> What?
[14:20] <scientes> idk, hardware is suddnly going to be rewritten for hypervisors and we are going to have sub-kernels, i guess thats ok
[14:21] <soren> How does user permissions relate to ip addressses and how does that relate to privileged port hijacking?
[14:21] <soren> You're essentially saying that if we redefine the entire security model we already have, we wouldn't need virtualisation...
[14:22] <soren> a) We're not going to do that
[14:22] <soren> b) There's lots of other benefits of virtualisation
[14:23] <soren> Have you ever managed a system that you later needed to split over several machines due to performance requirements changing?
[14:25] <jamey-uk> soren: this doesn't pass the serial number on: <ivm:Option name="exec" value="/root/scripts/backup_to_usb2.sh `$hal.usb_device.serial`" />, is my syntax wrong? (I've got it "touch /tmp/$1"-ing)
[14:26] <soren> I think you need a $ at the end as well.
[14:27] <jamey-uk> oh yeah *duh* thanks :)
[14:27] <soren> :)
[14:27] <jamey-uk> should it be enclosed in back ticks or single quotes?
[14:30] <soren> jamey-uk: Neither, probably.
[14:31] <soren> jamey-uk: It doesn't look like something that really needs escaping, but to be on the safe side, you can put it in single quotes.
[14:34] <Spirits-Sight> what do I do to connect to a system on the outside network when there is more then one system on the network for VNC
[14:35] <jamey-uk> soren: I'm learning the basics of bash scripting heh
[14:36] <soren> Spirits-Sight: Huh?
[14:37] <Spirits-Sight> I am trying to test and see if I can connect to a computer on my network from the outside, I am not sure what I have to do to make it see able, I know it works from the network but I am unable to connect if I just use the WAN IP address
[14:40] <jamey-uk> soren: in my shell script I have this: DRIVE=`ls /dev/disk/by-id/*$1*` ... If ls failed it is set to "ls: cannot access /dev/disk/by-id/*[xxxxxx]*: No such file or directory"... How can I check whether it has "failed" and so exit the script early? :)
[14:41] <yann2> jamey-uk > http://pastealacon.com/1603
[14:42] <jamey-uk> yann2: so it returns 2 if it fails, 0 otherwise? :)
[14:42] <Deeps> 0 if it succeeds
[14:42] <Deeps> >0 if failed
[14:43] <Deeps> true of most applcations you run
[14:47] <jamey-uk> http://pastealacon.com/1604 > the syntax must be wrong because even when $? returns 0 it echo's "ls failed", where am I going wrong? :)
[14:51] <Deeps> jamey-uk: -gt, -lt, -eq, not >, < or =, when dealing with numbers
[14:53] <jamey-uk> Deeps: thanks, I've now got: "if [ $? -ne 0 ]; then". How do I add "or if $DRIVE is empty" to that if statement?
[15:01] <Pizarro> Hellow everyone
[15:02] <Pizarro> I just installed Ubuntu Server 8 and I wonder if eBox comes already isntalled (I don't know how to acces it). If not I tried to install it by apt-get install ebox but I get a broken dependencies error. Can anyone help me please? thanks
[15:06] <Deeps> if [ "$DRIVE" == "" ]
[15:06] <Pizarro> Deeps, is that for me?
[15:06] <Deeps> Pizarro: no, it's for jamey-uk
[15:06] <Deeps> !ebox | Pizarro
[15:06] <Deeps> is all i can suggest
[15:07] <Deeps> that and looking if there's any bugs on launchpad of anyone having the same problem as you
[15:08] <Pizarro> I dont understand this line:
[15:08] <Pizarro> sudo apt-get install “^ebox-.*”
[15:08] <jamey-uk> Deeps: I get "[: 46: ==: unexpected operator]"?
[15:08] <Pizarro> what are those symbols around ebox?
[15:09] <jamey-uk> Pizarro: it means match any packages that begin with "ebox-" and have any characters after that, e.g. "ebox-", "ebox-something", "ebox-sdkfjsdkgfjsdkl"
[15:09] <jamey-uk> so effectively, install all ebox related stuff
[15:09] <Pizarro> yes but I am talking about this:  “^
[15:10] <Deeps> looks like an error
[15:10] <Deeps> sudo apt-get install ^ebox-.*
[15:10] <Pizarro> ah ok, it is confussing ok ok
[15:10] <jamey-uk> yeah ? means "0 or 1 of ^ebox" but seems like an aerror
[15:10] <Deeps> the ^ and .* are used in regular expressions
[15:10] <Pizarro> let's try that
[15:11] <jamey-uk> Deeps, was that to me? any idea why I get == being an unexpected operator?
[15:11] <Pizarro> so I don't have to type  “, do I?
[15:11] <Deeps> sudo apt-get install ^ebox-.*
[15:11] <Pizarro> ok, thaks
[15:12] <Deeps> jamey-uk: no, google for bash scripting / bash conditional guides
[15:12] <Pizarro> i got a broken packets error
[15:12] <Pizarro> and this is a brand new server isntallation, just 10mi ago
[15:13] <Deeps> Pizarro: paste the full error into a pastebin?
[15:13] <Pizarro> it is in spanish...
[15:13] <Pizarro> but anyway
[15:14] <Pizarro> http://pastebin.com/m7442af61
[15:14] <Pizarro> "Hecho" is done
[15:14] <Pizarro> the line 16 says
[15:15] <Deeps> problem resides with the 'libapache-authcookie-perl' package
[15:15] <Pizarro> yeah that's right
[15:15] <Deeps> hablo espaniol ;)
[15:15] <Pizarro> it says "it's not installable"
[15:15] <Pizarro> Ha ok, perfecto entonces
[15:15] <Pizarro> Xd
[15:15] <Deeps> in here we speak english though
[15:15] <Pizarro> Where?
[15:15] <Pizarro> the channel?
[15:16] <Pizarro> ah ok
[15:16] <Deeps> https://bugs.launchpad.net/ubuntu/+source/ebox/+bug/255368
[15:16] <Pizarro> let's see
[15:17] <Pizarro> so basically the file was removed, that's the issue
[15:17] <alpine_style> let's say i stuff a NIC card in my Ubuntu server and it's recognized as eth0, then one day i pull it out how do i free up eth0 so it can be used again by another NIC at the OS level?
[15:18] <Deeps> alpine_style: /etc/udev/rules.d/??-persistent-net.rules
[15:19] <Pizarro> mmm.
[15:19] <Pizarro> Is there any other alternative to eBox?
[15:19] <Pizarro> I don't feel confident using it now after this..
[15:19] <Deeps> not that is supported by ubuntu
[15:19] <Deeps> there are various other tools that do similar things
[15:19] <Pizarro> Suported by ubuntu?
[15:19] <Deeps> webmin, ispconfig
[15:19] <Deeps> !webmin
[15:20] <Deeps> !ispconfig
[15:20] <Deeps> fair enough
[15:20] <Pizarro> Well I would say the ebox is not longer suported by Ubuntu too, since you can't install it due no existing dependencies
[15:20] <Deeps> well, it is officially supported, that it cant be installed right now is a bug
[15:21] <Pizarro> Well I can download manually from launchpad, but how can I do it from the server? wget?
[15:22] <Pizarro> done
[15:22] <alpine_style> Deeps: can you just delete the iface from that file?
[15:22] <Pizarro> Is it possible to do this?: apt-get [whatever].deb ?
[15:22] <Deeps> alpine_style: yep
[15:23] <alpine_style> Deeps: wow, never new anything about that trick
[15:23] <Pizarro> I mean, sorry. apt-get install [whatever].deb
[15:23] <Deeps> Pizarro: nope, you either need to add the launchpad repository to your apt sources, or you need to wget all the relevant debs and dpkg -i blah.deb
[15:24] <Pizarro> Deeps, I already downloaded the main ebox package, but to install a DEB pkg from the command line? Shall I use apt-get install too?
[15:26] <Deeps> apt-get will download packages from the apt repositories listed in your apt sources file
[15:26] <Deeps> dpkg -i will install deb files you've downloaded yourself manually
[15:33] <alpine_style> Deeps: you can delete lines from 70-persistent-net.rules, but as soon as you reboot they just reappear
[15:35] <netrat> when doing a new install of ubuntu server 8.04 or 8.10 with LVM on top of software raid, is LVM automatically aligned with stripe size of the raid?
[15:42] <Pizarro> Ok...
[15:42] <Pizarro> new issue
[15:43] <Pizarro> I want to install a vpn server to get access to Microsoft comptuers outthere..however using OpenVPN I have to setup certificates to give to the clients..which is not usuall under Micrsosoft enciroments when usint the default vpn client..any clue?
[15:45] <netrat> if you want to use openvpn in windows, then you have to install the openvpn client
[15:45] <Pizarro> so they can't use the default XP vpn cliente, right?
[15:45] <netrat> Microsoft XP has built-in support for PPTP and L2TP vpn tunnels
[15:46] <Pizarro> For example, I was given only an VPN account name and password, nothing else, and I can connect to that VPN network...I want to do the same in my side, but using OpenVPN I have to send each client a certificate!!!
[15:47] <Pizarro> which is a little bit complicated since the users can use difierent computers
[15:47] <Pizarro> am I right?
[15:47] <netrat> yes
[15:47] <netrat> install a pptp server on your ubuntu box
[15:48] <Pizarro> Ah i tried to instal poptop in the last server isntallation and I couldn't make it to work properly; whenever the clients use to get disconnected after some seconds
[15:48] <Pizarro> And I couldn solve it, and no help
[15:48] <Pizarro> so I wanted to move to OpenVpn
[15:49] <Pizarro> is there any alternative to poptop?
[15:50] <Aleka> Trying to get help on where the setting to turn the terminal bell would be >> right now I am doing setterm -bfreq 0 , but that is per session
[15:53] <Pizarro> Also I cant install OpenVPN!!!!! I got the same dependencies error as when installing ebox!!
[15:53] <Pizarro> Is this happengin only to me?
[15:54] <Pizarro> Could you please check the packet "openvpn"?
[16:45] <Pizarro> PLEASE Can anyone help me with Open VPN??? I am really bad
[16:52] <Pizarro> Nobody can help me please???
[16:53] <Pizarro> I really want to keep going with linux, but the situation forces me to move on with another thing
[17:27] <Pizarro> Hi, can anyone explain me how to set up a VPN network???
[17:27] <Pizarro> I am confusesd about local ip and remote ip
[17:27] <Pizarro> I dont understand de concept
[17:31] <darkvertex> ﻿Pizarro: read about it here http://en.wikipedia.org/wiki/Virtual_private_network and http://openvpn.net
[17:33] <Pizarro> thanks
[17:34] <darkvertex> ﻿Pizarro: you're welcome
[17:37] <penguinhunters> Anyone have some good documentation on migrating 2003 AD information into openLDAP...
[17:59] <ghost3> I have an issue.. I have a tower im using as a server at my brothers house cause he has high speed access. there are 3 pc connected to the router which issuse ip address in the likes of 192.168.15.3 and so on. but when I goto whatismyip.com it give me a diffrant ip addy.. my server is running a noip client but when ever I try to access my server from a remote site it times out. any ideals?
[18:02] <darkvertex> ﻿ghost3: that would be because ﻿whatismyip.com sees your legal ip addr.
[18:03] <ghost3> ok, the router they have is for there voip phone. not sure if I should/can disable dhcp on the router..if I did/could would that fix the issue and if not what could I do to access it?
[18:06] <darkvertex> ﻿ghost3: by what ip addr sis you try to connect to your server? the 192.168.xx.xx one? that would not work.
[18:06] <darkvertex> s/sis/did
[18:09] <ghost3> no. I know that is for the local network. the noip I was using was michaelhoward.hopto.org I started noip client on this pc so it canceled out the redirection to this pc..i just stoped the client and the server should up date the client here in a few mins. I don't remember the ip
[18:12] <ghost3> the server is of course running ubuntu but my brothers pc are running windows xp & vista. im not sure what the network is doing with 3 diff os's captureing the request on one legal ip address.
[18:14] <ghost3> im watching my noip account on line when the server sends for the up date ill get the ip address then ill tell you what it is.
[18:16] <ghost3> is anyone thinking about what I said or am I wasting my time? its just to quiet not sure if anyone is listening
[18:17] <darkvertex> ﻿ghost3: The differences in OS's doesn't really matter, they're NAT-ed to a single legal ip addr. That is common usage at a small network (e.g. home network, soho etc). I just don't quite get your question.
[18:17] <unit3> ok, I've been tracking bug #286080, problems with apparmor.
[18:18] <unit3> and after a bunch of discussion with jdstrand, and building a new proposed apparmor package...
[18:18] <unit3> I'm still having problems with apparmor.
[18:18] <Pizarro> Ok, I solved the VPN connection, now it is working with PPTP instead ofr OpenVPN
[18:18] <Pizarro> SOLVED
[18:19] <unit3> jd helped me track it down to the apparmor profile for clamav-daemon, which doesn't contain a reference to the latest resolvconf stuff, and suggested I purge and reinstall clamav-daemon to get it to install the correct version of that profile.
[18:19] <ghost3> ok. thank you. when ever I goto michaelhoward.hopto.org it times out. I have apache listing on port 8080 and I have some other services running.. I can't access any of them.
[18:19] <unit3> So I've done that, but it's still broken.
[18:19] <darkvertex> ﻿Pizarro: great! :)
[18:19] <unit3> I verified after a purge that /etc/apparmor.d/usr.sbin.clamd was gone, and that after apt-get install apparmor it came back.
[18:20] <unit3> But it's the same broken version that's supposed to be updated in the intrepid package.
[18:20] <Pizarro> darkvertex, yeah, my issue was due the staff related to certificates with OpenVPN, so finally I went with PopTop
[18:20] <unit3> ie, doesn't contain a reference to "#include <abstractions/nameservice>"
[18:20] <Pizarro> *stuff
[18:20] <unit3> Does the i386 version of this package just contain an old version of the config file, or what?
[18:21] <Pizarro> Now I have another question (last one I promess), Is there any web tool to manage Ubuntu server remotly? (eBox is not installable now sine one of the dependencies has been removed temporaly because is bugy), and Wibmin is not supported by Ubunut anymore
[18:22] <ghost3> pizarro: I use webmin.
[18:22] <Pizarro> ghost3, How did you install it? It is not under apt
[18:22] <ghost3> browser based server admin tool
[18:23] <ghost3> you have to download it. very easy to install. ill find the link
[18:23] <Pizarro> ok thanks mate
[18:23] <darkvertex> ﻿ghost3: What are you trying to do? Connect to your server over the internet? I can  ping ﻿michaelhoward.hopto.org fine right now.
[18:23] <penguinhunters> now that we have some activity I will ask again...
[18:23] <penguinhunters> Anyone have some good documentation on migrating 2003 AD information into openLDAP...
[18:23] <ghost3> pizarro http://www.webmin.com/
[18:23] <jdstrand> unit3: :/
[18:24] <Pizarro> ghost3, thanks, I'll take a look
[18:24] <unit3> jdstrand: yeah, I'm pretty puzzled... I'm going to go pull apart the package file I've got in /var/cache/apt, and see what the config looks like in there.
[18:24] <jdstrand> unit3: it appears *I* had a modified usr.sbin.clamd file
[18:24] <unit3> ... :)
[18:24]  * jdstrand filly very silly
[18:24] <ghost3> darkvertex yes. that address is to noip.com which redirects to my server.
[18:24] <jdstrand> feels
[18:24] <unit3> Heh, well, at least we're tracking it down. :)
[18:24] <darkvertex> ﻿penguinhunters: sorry, no idea
[18:24] <unit3> So, wanna get your modified config into clamav-daemon? ;)
[18:26] <ScottK> jdstrand: You probably tested the TCP sockets change I haven't uploaded yet.
[18:28] <unit3> ScottK: oh, is that for a fresh copy of clam not being allowed to start a socket? because I'm running into that now after the purge-reinstall, and I *really* need clam to be running because dspam (and exim) block on it missing. :(
[18:29] <unit3> oh, I guess if I just unload the apparmor profiles it starts.
[18:29] <Pizarro> ghost3, can't install webmin
[18:29] <unit3> I should mark the clamd profile as warn rather than enforce for now, I guess.
[18:29] <darkvertex> ﻿ghost3: ﻿pinging to that address never times out for me. FTI, I'm across an ocean from where you are.  But I can't access your web on 8080 port.
[18:29] <Pizarro> ghost3, I get the same error as with ebox,
[18:29] <jdstrand> unit3: just put in in complain mode
[18:30] <unit3> jdstrand: yeah, that's what I meant. :)
[18:30] <jdstrand> unit3: you can also update it yourself-- it's just a conffile
[18:30] <darkvertex> *FYI
[18:30] <Pizarro> ghost3, there are some libs that have been remoeved from the repositories
[18:30] <Pizarro> libauthen-pam-perl
[18:30] <unit3> jdstrand: I just don't want to get into the situation where it sees it modified, so I don't get the newest maintainer version on upgrade in future releases.
[18:30] <Pizarro> is not under the repositories now,
[18:32] <ScottK> unit3: Or you can make this change to the profile and have it work: http://launchpadlibrarian.net/18953684/usr.sbin.clamd-patch
[18:32] <darkvertex> ﻿ghost3: If you encounter the same problem, that is you cannot access the web server, then I suggest you open port 8080 on you firewall/router.
[18:33] <unit3> ScottK: oh, that's where that patch is... no, I'm cool with complain mode for now if I know that it'll get patched into an official package shortly.
[18:33] <ghost3> darkvertex ill try that when I go back over there. duh. I can't believe I didn't think of that. thanks
[18:47] <jdstrand> unit3: yes, it is bug #288942 that I verified, which is why I had the updated profile installed
[18:48] <unit3> jdstrand: gotcha, makes sense.
[18:48] <jdstrand> ScottK: what is the git repo for clamav? I can't seem to find it in the alioth pages
[18:48] <unit3> Now if I can just get some motion on the killer raid10 bug I found yesterday, I'll be feeling better about intrepid.
[18:49] <ScottK> jdstrand: ssh://git.debian.org/git/pkg-clamav/clamav
[18:49] <jdstrand> ScottK: thanks
[18:50] <jdstrand> ScottK: btw-- any word on when that will get uploaded?
[18:50] <ScottK> jdstrand: They're working on 0.94.1 now (there has been ML traffic).  Once they've uploaded, I'll have it for Jaunty and intrepid-updates very shortly.
[18:51] <jdstrand> ScottK: great! thanks
[18:51] <unit3> Do any of the kernel (package) maintainers hang out here at all, or do I need to another channel to get their ear?
[18:52] <unit3> or are they too busy right now to discuss stuff on irc? ;)
[18:53] <ghost3> it got real quite when you asked about that unit3
[18:55] <unit3> I noticed. ;)
[18:55] <ghost3> shhh...were taking a nap
[18:56] <unit3> I'll take the hint for now, but honestly, bug #285156 has me quaking in my boots...
[18:56] <unit3> I've got at least two machines on raid10 that have been upgraded to intrepid before I discovered that issue, and one of them has already had a drive failure... and as of now, I have no way of fixing that array.
[18:56] <unit3> So I'm pretty worried.
[18:57] <ghost3> downgrade to 8.04?
[18:57] <ghost3> is this a 8.10 bug only?
[18:57] <unit3> it seems to be a 2.6.27 bug actually.
[18:57] <unit3> although that's only been confirmed across debian and ubuntu so far, so it could be a debian packaging problem too.
[18:57] <unit3> but behaviour looks like a kernel regression since .26
[18:58] <ghost3> hmmm... is it possible to downgrade your kernal?
[18:58] <unit3> Maybe, might be the easiest solution.
[18:58] <ghost3> test it on a DD'ed partion.
[18:59] <unit3> ghost3: you mean the re-add? dd it out from /dev/zero and then add it?
[19:00] <unit3> I'll try that, and then see if I can grab a debian linux-source-2.6.26 to build a kernel package from.
[19:00] <unit3> assuming there isn't too much difference between the debian and ubuntu kernel packages?
[19:00] <ghost3> if it works let everyone know. for a short term soultion anyway
[19:01] <slicslak> so.... the full vim isntalled by default right?  what do i have to install to get it?  i thought i had done it before with the package name vim, but aptitude says that's already installed
[19:01] <unit3> ghost3: will do, and I'll post results on the bug of course.
[19:01] <ScottK> unit3: Ubuntu does their kernel completely seperately from Debian.
[19:01] <ghost3> :-D
[19:01] <unit3> ScottK: ok... is there a source or amd64 generic package for 2.6.26?
[19:01] <ivoks> apt-get source linux-image-2.6.26-generic
[19:01] <ivoks> er...
[19:02] <ivoks> apt-get source linux-image-2.6.26-XY-generic
[19:02] <ScottK> Not any more.
[19:02] <unit3> yeah, that's what I thought... :(
[19:02] <ivoks> oh, right... 2.6.26 :)
[19:02] <unit3> well, regardless, dd'ing now.
[19:02] <ScottK> unit3: You should be able to dig through the history of the linux-source (I think that's what it's called) and find 2.6.26
[19:03] <unit3> ScottK: dig through where? on launchpad somewhere? or in git?
[19:04] <ScottK> On Launchpad somewhere.  Git would work too no doubt.
[19:04] <unit3> ok... I'll poke at launchpad since I don't know the git setup as well...
[19:04] <unit3> after I get control of my machine back though, since that dd is apparently doing a number on my system responsiveness. :(
[19:05] <slicslak> nvm, had to do a update first
[19:16] <Baversjo> Ubuntu Professionals! Is there any way i could invoke a script when a user is authenicating? Not when the user is authenicated, before that.
[19:17] <unit3> Baversjo: you could with a custom pam module, although that may be more programming than you're looking for.
[19:18] <unit3> Not sure if there already exists a pam module that just runs a custom script.
[19:18] <Baversjo> Would be great if it did
[19:19] <Baversjo> Here is my problem: I don't want multiple instances of the same users (needed) on my system. When I am connected to my SSHD and my Internet goes down, I'm still logged in on that computer. Then my users cannot login again.
[19:19] <Baversjo> Because they are allready logged in!
[19:20] <unit3> I'm not sure what you mean... you don't want people to login more than once?
[19:20] <unit3> I'm not sure how that relates to a loss of internet access though...
[19:22] <Baversjo> When a user is allready connected, I don't want the same user to be able to connect on another computer. I added this line in the /etc/security/limits.conf for this to be possible: @ssh - maxlogins 1
[19:22] <Baversjo> This works great, but the user is still connected when his/her connection to the server is somehow interupted, and then they cannot login again.
[19:23] <ScottK> Baversjo: But can't they just work around this by ssh to another machine from the remote one they are in?
[19:24] <unit3> Baversjo: oh, is your problem primarily that if the connection gets interrupted, and there's an existing connection, they can't establish a new connection?
[19:24] <Baversjo> ScottK: I'm using scponly so they can't do that, even if I don't care acually. I don't want them to be logged in to my system with multipe instances.
[19:25] <unit3> I'm not sure how you'd work around that, other than having an idle timeout on existing logins.
[19:25] <Baversjo> unit3: Exactly.
[19:25] <unit3> Lemme check the sshd_config manpage, see if it's got any helpful hints. :)
[19:25] <Baversjo> unit3: Thank you very much :D
[19:25] <unit3> oh, there is an idle timeout option:
[19:26] <unit3> ClientAliveInterval. by default it's not used, but you can set it to a number of seconds, after which it will disconnect a client that hasn't sent anything.
[19:26] <unit3> So if you set that to something suitably low, like 30s, then if there's a connection interruption they should only have to wait 30 seconds before they can login again.
[19:26] <unit3> Will that work for you?
[19:27] <unit3> Also, note that it only works with SSH/SFTP v2 clients.
[19:27] <Baversjo> ye i have that
[19:27] <unit3> Ok, well, give that a try then, see if it works the way you want.
[19:28] <Baversjo> unit3: But I don't know, the user can't send any commands to the server so they will maybe be disconnected immidietly.
[19:28] <Baversjo> I'm building a proxy service xD
[19:29] <unit3> Baversjo: it doesn't mean commandline commands, it just means as part of the protocol it requests a response from the client.
[19:29] <Baversjo> nice
[19:29] <unit3> any ssh/sftp v2 client should send those responses automatically.
[19:29] <unit3> so you shouldn't have to worry about it, the only time it should disconnect someone is if the connection gets interrupted for the amount you specified.
[19:33] <Baversjo> Nice, I'm using putty (or actually plink, command line putty) to make the connection. I'm going to disconnect and w8 for a minute and two now and see if it works and I'll come back here after that :D
[19:33] <Baversjo> or two*
[19:33] <unit3> ok. :)
[19:33] <unit3> oh, except it may not work for existing connections.
[19:34] <unit3> you probably need to put that into the sshd_config, then restart sshd, then make a new connection to test it with.
[19:35] <Baversjo> ye done already xD
[19:37] <unit3> heheh alright then. :)
[19:38] <Baversjo_> Yey it worked! Thx unit3!
[19:39] <unit3> Cool, good to hear. :)
[19:40] <unit3> alright, back to my raid10 issue... spare partition has been zeroed, time to re-add again.
[19:40] <Baversjo_> I've built my own proxy program that is powered by Ubuntu, sshd and Putty and users connect to my server using their MAC-address as username and their own password, the thing with this feature is that users cannot use their account on different computers even if they MAC-spoof because the user only can be connected with one instance at once ^^. Success! :D
[19:40] <unit3> Neat. :)
[19:41] <unit3> Damnit! even after zeroing the partition, it refuses to rebuild the array. :(
[19:41] <unit3> well, I'll update the ticket with that anyway. Time to build a 2.6.26 kernel package.
[19:41] <Baversjo_> unit3: Sounds complicated :S xD
[19:41] <unit3> Baversjo: yeah, it's a rather nasty bug with raid10 in intrepid... so don't upgrade any machines that are using linux software raid10 to intrepid just yet. :(
[19:43] <Baversjo_> unit3: I started with Linux like one year ago and I got to admit that i thought it sucked pretty much from the beggining. But now when I've learned the basics I find it much better then Windows that I'm used to.
[19:44] <unit3> Baversjo: it's one of those things that's really powerful once you learn more, and makes it difficult to go back because you expect that level of power and control everywhere else. ;)
[19:45] <Baversjo_> agreed :D
[19:56] <jdstrand> ScottK: where is the debian/ directory for pkg-clamav? is it in a different repo?
[19:56] <ScottK> There are several branches there.
[19:56] <ScottK> There's a 0.94.1 and a 0.94.1+debian.
[19:57] <ScottK> Debian's debian dir is in the latter.
[19:57] <ScottK> There is also an Ubuntu/devel branch that has our changes in it.
[19:57] <jdstrand> ok-- I thought I checked there, but must have missed it
[19:57] <jdstrand> ScottK: thanks
[20:04] <Aleka> 've been getting a "302 Moved Temporarily [IP: 91.189.88.31 80]" on a lot of my apt sources today (universe, multiverse). This is a clean server install.. anything I need to correct?
[20:06] <andol> Aleka: I'm not sure on how apt handles those? Does it automagially follow the new url?
[20:06] <andol> Aleka: Or does it simply break?
[20:06] <Aleka> just breaks
[20:08] <andol> Aleka: Well, then you might want to use another mirror, at least temporary.
[20:09] <andol> aleka: the 302 is a standard http response. In other word it is something happening on the repository mirror, not on your computer.
[20:10] <aleka> andol: At this point, they're all pointing to us.*.ubuntu*, should I just have all of them point to *ubuntu.com?
[20:11] <andol> aleka: Not entirely sure what the best syntax/choice is when it comes to US-mirrors.
[20:11] <andol> aleka: If you know a good one close by I would specify it by name.
[20:12] <andol> aleka: Those I am familiar with are in Sweden, and most likely not your first choice :-)
[20:12] <aleka> lol.. I guess not
[20:12] <aleka> I am just wondering if I should try and remove the us mirror and just have it point to ubuntu.com
[20:13] <andol> aleka: That would work, but might not be optimal
[20:13] <andol> aleka: Another option is to pick one from here https://launchpad.net/ubuntu/+archivemirrors
[20:14] <aleka> andol: Actually, its not even the us mirrors a getting the http error on... its the security repos(security.ubuntu.com) and the archive (which is a us mirror)
[20:15] <andol> aleka: That sounds more strange then. Myself I have no trouble reaching security.ubuntu.com
[20:16] <andol> aleka: In short, I don't know then :) Perhaps there are some local problem, or you might be behind some kind of proxy or I don't know
[20:17] <aleka> I can't even ping it
[20:17] <andol> aleka: right now I'm mostly guessning
[20:17] <aleka> andol: Thanks... will try to get it figured out
[21:16] <unit3> ugg... I forgot dpkg-buildpackage -b builds *all* the different kernel variants.
[21:16] <unit3> Can someone remind me what I need to do to just build the -generic variant and modules?
[21:53] <soren> unit3: https://wiki.ubuntu.com/KernelMaintenance has a lot of info on the subject.
[21:54] <soren> unit3: https://wiki.ubuntu.com/KernelMaintenanceStarter likewise.
[21:54] <unit3> great, thanks.
[21:54] <soren> The latter is the "cheat sheet" for the former :)
[21:54] <unit3> heh, it actually finished just now, so I guess I don't need it right at this moment anyway. ;)
[21:54] <soren> These sorts of questions are likely to be answered faster in #ubuntu-kernel, though.
[21:54] <unit3> But I'll remember it's in the wiki for next time.
[21:54] <soren> Faster and more competently, even :)
[21:54] <unit3> Oh ok, I'll head that way, since the problem I'm fighting with is a kernel issue (I think)
[23:00] <Baversjo_> Hey! I'm using PAM to limit number of logins to my server (maxlogins). When another instance of the user is active the new instance just gets disconnected. Is it possible to view the Access denied message instead? I need this that information, the ssh client can not just exit :S
[23:00] <Baversjo_> that information*
[23:04] <Baversjo_> Maybe that's not the way PAM works? Should I use my own script to determine if a user can authenticate instead?
[23:19] <moo---> happy world plone day (plone.org)