| jmarsden | ababs213: Are you testing the port forwarding from *outside* your local network? | 00:00 |
|---|---|---|
| ababs213 | outside | 00:00 |
| ababs213 | so router port forwarding to local computer ip address | 00:00 |
| jmarsden | ababs213: Can the local server get out to the Internet OK -- ping yahoo.com works, for instance? | 00:01 |
| ababs213 | yes that is fine | 00:01 |
| owh | So, you can ping the machine behind the firewall? | 00:01 |
| ababs213 | but externally they cant access my basic webside | 00:01 |
| ababs213 | yes | 00:01 |
| owh | Does your router port forward port 80? | 00:02 |
| ababs213 | i havent actually got a website just the "it works!" on apache server | 00:02 |
| owh | ababs213: Hold on, can they see that from the outside? | 00:02 |
| ababs213 | no they cant | 00:03 |
| ababs213 | tcp port forward to 80 | 00:03 |
| owh | Right, so, is your router forwarding port 80? | 00:03 |
| ababs213 | Protocol Port (or Range) Host Port Timeout (sec) TCP 80 0 86400 | 00:04 |
| owh | ababs213: To the correct IP address? | 00:04 |
| jmarsden | Host appears to be empty? | 00:04 |
| owh | As in, forward incoming requests to port 80 on your server address. | 00:04 |
| owh | jmarsden: It does :) | 00:04 |
| jmarsden | Put 192.168.1.88 in there (or whatever the local server IP was) | 00:05 |
| owh | ababs213: Yeah, you're missing some bits :) | 00:05 |
| ababs213 | ok let me do some changes i will also need to make sure that the port forward is going to the right ip address. | 00:06 |
| === cint is now known as joeno | ||
| === ninja is now known as Guest88115 | ||
| === Pomiel is now known as DCPom | ||
| === Guest88115 is now known as ninja | ||
| === Pomiel is now known as DCPom | ||
| Eressolar | Right. When I direct a web browser to my server's SSH port, a page with the text "SSH-2.0-OpenSSH_4.7p1 Debian-8ubuntu1.2" is shown. Is it possible to turn this ssh server signature off? | 05:22 |
| jmarsden | Eressolar: Only by turning sshd off. | 05:23 |
| jmarsden | You could set up some sort of "port knocking" security so the port is not open except after a "knock", if you are into doing that... | 05:24 |
| jmarsden | See https://help.ubuntu.com/community/PortKnocking for info on that. But what are you really trying to achieve? | 05:26 |
| Eressolar | jmarsden: well, I prefer to have the signatures off in the (very unlikely) event a security hole is discovered in ssh, so any potential attacked would not be able to easily know which version I'm running. | 05:27 |
| Eressolar | Probably paranoia overkill, I know. I've heard of port knocking, but I don't believe my humble server is quite worth the effort and potential headache. | 05:28 |
| jmarsden | Eressolar: Trouble is many ssh clients use that signature to determine how to behave, so you really can't run SSH with no signature. Port knocking would hide SSH from attackers, at the expense of every SSH uer havingto "kock" before sshing in to your server. | 05:28 |
| hads | Yeah, SSH requires the version banner | 05:28 |
| ScottK | Generally SSH attackers hit servers fast enough I'm pretty sure they aren't optimzing for a particular target. | 05:29 |
| hads | There's also fail2ban and those type of things | 05:29 |
| jmarsden | Theoretically you could patch and recompile openssh-server to display a different version banner, but I really doubt it's worth the effort. | 05:30 |
| Eressolar | probably not :p I have faith enough in my ssh config, so I ought to not worry so much over it. | 05:31 |
| === RoAkSoAx_ is now known as RoAkSoAx | ||
| uvirtbot | New bug: #296630 in openldap (main) "Modification of cn=config prevents bind at next directory restart" [Undecided,New] https://launchpad.net/bugs/296630 | 06:16 |
| uvirtbot | New bug: #293539 in samba (main) "package samba failed to install/upgrade: Conflicts found! Please edit `/etc/samba/smb.conf' and sort them out manually." [Undecided,Incomplete] https://launchpad.net/bugs/293539 | 07:23 |
| Trustn01 | can any body help me with sql and freeradius | 07:43 |
| kraut | moin | 08:05 |
| Bergcube | I am in the process of setting up eGroupware on Ubuntu 8.10 server. I want to do user authentication from M$ AD. I do not want the Ubuntu server to act as a DNS or LDAP server on the LAN. Egroupware says "Checking extension ldap is loaded or loadable: False". Does anybody know what package I should install to make eGroupware work without installing "too much"? | 08:26 |
| Bergcube | Or maybe even: How do I get Ubuntu 8.10 server to authenticate from M$ AD? | 08:31 |
| jmarsden | Bergcube: I suspect that is just looking for a php ldap extension. Did you try installing php5-ldap ? | 08:31 |
| jmarsden | The second question is harder :-) | 08:31 |
| Bergcube | jmarsden~ Maybe. No, I didn't try installing anything yet...... I am googling. Usually I find it's best to read first and install later.... | 08:32 |
| jmarsden | See https://help.ubuntu.com/community/ActiveDirectoryHowto for some clues on that | 08:32 |
| Bergcube | The second Q need not be answered if I get the first under control. :-D | 08:33 |
| jmarsden | Bergcube: OK. Installing php5-ldap is safe, it doesn't change how normal Ubuntu user auth is done or anything like that. | 08:34 |
| Bergcube | Will try that then! | 08:35 |
| Bergcube | :-) | 08:35 |
| Bergcube | Turns out it was already installed. So then it probably wasn't it. | 08:36 |
| jmarsden | OK. So is there and egroupware extension called ldap that it could be looking for? | 08:42 |
| Bergcube | Could be. But AFAIK I have installed ALL the EGW packages. At least the EGW metapackage description says it does so. But good idea! I will search the respository. | 08:43 |
| Bergcube | Hah! The solution was a true nobrainer. I am ashamed. A quick reboot and the error was gone. | 08:50 |
| jmarsden | It's nice when the answer is that simple :-) | 08:52 |
| Bergcube | Very nice. And a lot simpler. | 08:53 |
| ascent | Rebooting solves all the problems! | 08:54 |
| Bergcube | Then somebody should reboot the US economy. I hear there are some rumours of trouble over there. | 08:54 |
| ascent | Perhaps we should reboot the world. | 08:54 |
| Deeps | problems aren't just in the usa :/ | 08:55 |
| Bergcube | World 2.0 ! | 08:55 |
| ascent | AJAX! | 08:55 |
| Bergcube | Well, back to configuring. TTFN good people! | 08:56 |
| maxstirner1 | hello, i am having problems getting the standard hardy ubuntu courier pop3/imap going (as installed by tasksel) - any pointers for post-install configuration? | 10:15 |
| sannnn | When I install bugzilla3 on ubuntu 8.10 server edition I end up with a fine installation according to ubuntu but where to configure or how to use the thing is totally unclear. Anyone here got some experience? | 10:48 |
| sannnn | For instance I found /usr/share/bugzilla3/debian/apache.conf which sets up a virtual host.. this doesn't work by default. For phpmyadmin I didn't have to do anything. I could really use some help | 10:51 |
| Trustn01 | who can help me with setting up a internet server | 11:04 |
| sannnn | An internet server? What do you mean router, http, ssl, mail? | 11:05 |
| Trustn01 | have a server connected to internet want to give internet to clients and need to monitor it | 11:06 |
| sannnn | something like this: https://help.ubuntu.com/community/Router | 11:07 |
| Trustn01 | something like that i have every thig setup server gets internet from eht0 gives out internet using dhcp on eth1 only problem is that i need to monitor connections and setup accounts | 11:10 |
| Trustn01 | what will be the best to use to control client login and bandwith usage | 11:28 |
| Deeps | sounds like you need some cybercafe-esque software | 11:29 |
| Trustn01 | something like that but would like to run it on ubuntu | 11:30 |
| Trustn01 | is there something for ubuntu | 11:30 |
| Deeps | personally i have no idea, google might | 11:31 |
| Deeps | googling 'cyber cafe ubuntu' indicates other people have asked this before | 11:31 |
| Deeps | https://answers.launchpad.net/ubuntu/+question/12168 looks particularly relevant to your interests | 11:31 |
| Trustn01 | will have a look | 11:32 |
| Deeps | gl | 11:32 |
| yann2 | hello | 11:33 |
| yann2 | anyone using munin here? I am looking for feedback on runin munin with the rrds in ramfs, if anyone is doing that.. | 11:33 |
| ascent | I'm just running it in disc-mode :) | 11:35 |
| yann2 | I've got terrible disk issues, it may be a combination of munin and poor i/o, but I am trying to improve it | 11:35 |
| Omahn | kirkland: I have a question about your degraded RAID test case if you're available.. | 12:56 |
| wB3 | hello, E: method http has died unexpectedly! in guest os(kvm with ubuntu intrepid) | 13:12 |
| wB3 | python-urllib can fetch from the same mirror normally | 13:12 |
| === Chipzz_ is now known as Chipzz | ||
| ScottK | leonel: Did you also see the patch discussed on the pkg-clamav list? | 14:24 |
| leonel | ScottK: http://lists.alioth.debian.org/pipermail/pkg-clamav-devel/2008-November/000177.html | 14:38 |
| ScottK | Yes. That's the one. | 14:39 |
| ScottK | mathiaz: I have to give regrets for the Server Team meeting today. The main thing needed for the libdb migration task is someone to go through the rdpends and move them up to 4.6. | 15:01 |
| ScottK | The only trick is packages that use transcations need special care. | 15:02 |
| ScottK | Since Debian has migration as a release goal for Lenny, mostly there should be patches in Debian for this. | 15:02 |
| soren | ScottK: I thought we already consolidated libdb to 4.6? | 15:07 |
| ScottK | soren: I think Main got done. | 15:07 |
| ScottK | Maybe it's done and I failed to notice. | 15:08 |
| soren | Maybe I'm making this all up. | 15:08 |
| soren | Maybe there is no libdb at all. | 15:08 |
| zul | i remember doing alot of them | 15:08 |
| ScottK | Nope. 4.2 - 4.5 are still there in Intrepid. | 15:08 |
| ScottK | Except for slapd it looks based on casual observation of the apt-cache rdepends output that Main is done. | 15:10 |
| soren | Yeah, not even main is done. slapd depends on libdb4.2 | 15:10 |
| soren | Oh, ok :) | 15:11 |
| BrunoXLambert | Is there any kind of "official" inventory program in ubuntu? I mean something like ocsinventory-ng but that actually works | 15:20 |
| Omahn | kirkland: You're clarification on the degraded RAID booting makes perfect sense. I've run out of time for today but I'll be updating the bug report tomorrow to report that everything works successfully on both virtual hardware (VMware) and physical tin. | 15:30 |
| Omahn | *Your | 15:30 |
| kirkland | Omahn: ah, cool, thanks so much for testing | 15:30 |
| kirkland | Omahn: was that you, that I was responding to? | 15:31 |
| Omahn | kirkland: Yep. | 15:31 |
| kirkland | Omahn: it's a sensitive topic, "newly degraded" | 15:31 |
| Omahn | kirkland: I can imagine :-) | 15:31 |
| kirkland | Omahn: but we figured that just begged more explanation | 15:31 |
| kirkland | Omahn: we'll need to document it better, though ;-) | 15:31 |
| Omahn | kirkland: I think it's the right behaviour, just needs documenting on wherever the documentation ends up. | 15:31 |
| kirkland | Omahn: agreed | 15:31 |
| kirkland | Omahn: i think it *might* be in the mdadm manpage | 15:32 |
| Omahn | kirkland: And on a Ubuntu wiki page I'm guessing? | 15:32 |
| sannnn | Is there information (for ubuntu) or someone with experience with a bugzilla setup | 15:34 |
| kirkland | Omahn: well, probably the Ubuntu Server Guide, which has the "official" RAID section | 15:34 |
| kirkland | Omahn: and perhaps help.ubuntu.com/community, which is a wiki | 15:34 |
| kirkland | Omahn: there are some RAID pages there | 15:34 |
| kirkland | Omahn: feel free to take the lead on that one ;-) | 15:34 |
| * kirkland is swamped as it it :-) | 15:34 | |
| Omahn | kirkland: :-) | 15:34 |
| * Omahn adds to the TODO list | 15:34 | |
| Omahn | Actually, I was going to ask you something earlier.. | 15:35 |
| Omahn | I've done a slightly different test case to the one you mention in the SRU bug report. | 15:35 |
| kirkland | k | 15:35 |
| kirkland | different how? | 15:35 |
| Omahn | In the bug report you have both disks running independently at different times. | 15:35 |
| Omahn | I have always rescrubbed the array after breaking it each time. | 15:35 |
| Omahn | If each disk is used independently then the user is always going to have some data loss. | 15:36 |
| zoopster | speaking of docs - will the 8.10 Official ServerGuide be posted soon? | 15:36 |
| Omahn | (Even if it's only a couple of minutes of logs) | 15:36 |
| Omahn | I suspect my results are still valid though. | 15:36 |
| * Omahn heads home | 15:41 | |
| kirkland | Omahn: yes, you're absolutely right ... if you boot off of each disk independently (without the other), and then you boot with both attached, that's a bad scenario ;-) | 15:44 |
| kirkland | Omahn: i suspect that mdadm will use the more recently touched disk | 15:45 |
| kirkland | Omahn: but I can't confirm that | 15:45 |
| \sh | ScottK: taking care of the rest of the libdb* to 4.6 crap | 15:47 |
| \sh | new buildserver needs something to do ,) | 15:47 |
| \sh | hmm...why don't we have openNMS in our repos? | 15:49 |
| mncvn | Hi. | 15:56 |
| mathiaz | kirkland: right - mdadm will use the most recently touched disk | 15:57 |
| mathiaz | kirkland: I think we've already talked about that some weeks ago | 15:57 |
| kirkland | mathiaz: right, Omahn, mathiaz confirmed this | 15:57 |
| kirkland | mathiaz: howdy! | 15:57 |
| mncvn | Everyone can help me??? | 15:58 |
| mathiaz | !ask | mncvn | 15:58 |
| ubottu | mncvn: Please don't ask to ask a question, simply ask the question (all on ONE line, so others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) | 15:58 |
| mncvn | I want study how to configure Ubuntu Server. Where should i start???? | 15:58 |
| zoopster | https://help.ubuntu.com/8.04/serverguide/C/index.html is a great place to start | 15:59 |
| mncvn | zoopster: Thanks, I'll start from this. | 16:03 |
| zoopster | mncvm: if there are specific q's just ask, but this will get you installed and configured with the basics | 16:03 |
| mncvn | zoopster: Yes thanks, I want to begin from the basic. And after that, if i've any problem, may i personal ask you??? | 16:05 |
| zoopster | mncvn: you are best to ask the question in this channel - I may or may not be available to answer but someone will | 16:08 |
| mncvn | ah...........yes, sure | 16:13 |
| mncvn | zoopster: Thanks, bibi | 16:14 |
| zul | kirkland: do you want to merge php5 again? | 16:37 |
| * zul is trying to spread the pain around again | 16:37 | |
| kirkland | zul: arg.... | 16:37 |
| kirkland | zul: yeah, i suppose i can | 16:37 |
| zul | kirkland: thanks ;) | 16:37 |
| uvirtbot | New bug: #225919 in openldap (main) "package update-manager 1:0.87.24 failed to install/upgrade: ErrorMessage: SystemError in cache.commit(): E:Sub-process /usr/bin/dpkg returned an error code (1), E:Sub-process /usr/bin/dpkg returned an error code (1)" [Medium,Triaged] https://launchpad.net/bugs/225919 | 16:39 |
| === nealmcb1 is now known as nealmcb | ||
| === samuraipengui1 is now known as samuraipenguin | ||
| slicslak | i just used tasksel to deselect mail and it also uninstalled all my LAMP stuff!!! | 17:22 |
| slicslak | i just duplicated this on another server. is this a bug or what? | 17:26 |
| scientes | can i do two exec lines in upstart? | 18:25 |
| mynous | is there a way to disable the ebox web configuration page? | 19:12 |
| zul | what do you mean by disable? | 19:17 |
| mynous | the http config page, make it inaccessable | 19:17 |
| mynous | also, does ebox use postgresql? | 19:18 |
| zul | mynous: not that I know of and it uses mysql | 19:26 |
| mynous | weird, for some reason i have postgresql AND mysql running. i only installed mysql | 19:26 |
| ivoks | zul: ebox uses postgre | 19:27 |
| zul | ivoks: i could have sworn it uses mysql | 19:27 |
| mynous | is there an easy way to uninstall ebox, i know when i installed it the server needed to be manually restarted | 19:28 |
| ivoks | apt-get purge ebox.* | 19:28 |
| mynous | shouldnt need a restart? | 19:29 |
| ivoks | restart? | 19:29 |
| ivoks | what's restart? | 19:29 |
| ivoks | removing programs on linux doesn't require restart of computer | 19:29 |
| mynous | well doing apt-get install ebox-all, the server locked up and required a manual reboot | 19:29 |
| ivoks | unless we are talking about kernel or libc | 19:30 |
| mynous | ok | 19:30 |
| ivoks | that didn't lock up server, something else might have | 19:30 |
| mynous | dunno i got : Setting up ebox-network (0.11.99-0ubuntu1) ... and then no response until a restart of the server | 19:32 |
| ivoks | ebox set network and firewall :) | 19:34 |
| mynous | yeah that sucked | 19:34 |
| === dantalizing_1 is now known as dantalizing | ||
| albertux | hello | 21:04 |
| albertux | quick question | 21:04 |
| gravity1187 | albertux: wassup | 21:04 |
| albertux | Hey gravity, is there a way to setup encrypted folders on hardy server as in intrepid ibex? | 21:05 |
| albertux | i see a huge dependency list when i try to install ecryptfs-utils on hardy | 21:06 |
| albertux | i think even sudoku is required | 21:07 |
| albertux | lol | 21:07 |
| gravity1187 | I remember talk about it, but I don't remember what the final answer was | 21:07 |
| gravity1187 | googling now | 21:07 |
| gravity1187 | your trying to just to the user homefolder correct | 21:09 |
| gravity1187 | albertux: the short answer is yes it just wasn't supported in main in hardy as it is in Ibex | 21:13 |
| albertux | well i just need to store some config files | 21:14 |
| albertux | i haven't yet chosen a folder | 21:15 |
| albertux | but just because i need to install ecryptfs-utils without the thousand dependencies | 21:15 |
| albertux | it looks like is tied to the desktop install | 21:15 |
| gravity1187 | looking at the dependents now | 21:16 |
| gravity1187 | http://packages.ubuntu.com/hardy/ecryptfs-utils | 21:17 |
| andol | albertux: Well, there is always the option of using EncFS instead. Still, it's a bit hackish, so I wouldn't use it on lots of users. | 21:19 |
| andol | albertux: http://www.andreasolsson.se/2008/08/21/my-private-eee-folder/ | 21:19 |
| albertux | that's basically what i need, i'll give it a try. thanks a lot. | 21:21 |
| uvirtbot | New bug: #296952 in mysql-dfsg-5.0 (main) "mysqlhotcopy failed on table with hyphen in name" [Undecided,New] https://launchpad.net/bugs/296952 | 21:21 |
| espacious | some packages are not upgraded how can i force the upgrade? | 22:22 |
| espacious | trought apt-get | 22:22 |
| espacious | ok found out just had to apt-get install those packages | 22:24 |
| === jdstrand_ is now known as jdstrand | ||
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!