[00:35] <nealmcb> re: the ec2 root password/sudo issue - is there a way to not have a password for the ubuntu user, and use the ssh credentials during a sudo to authenticate as root?
[00:35] <nealmcb> or kerberos, or something?
[00:36]  * nealmcb hates being logged out and presented with an auto-generated password to manage
[01:10] <erichammond> nealmcb: Please send your EC2 beta feedback to the mailing list so there is a record of it: ec2-beta@lists.ubuntu.com
[01:11] <nealmcb> erichammond yeah - probably not enough people around now to chat here...
[01:12] <erichammond> nealmcb: FWIW, I'm not a fan of the current strategy, but it is difficult to be both secure and easy in the EC2 environment especially if you're trying to do things the Ubuntu way.
[01:12] <erichammond> Note that it is (currently) possible to simply ignore the ubuntu user and ssh back in as root :)
[01:14] <erichammond> You could also pass in a startup user-data script which modified sudoers to allow sudo without a password (but don't tell the security guys I said so).
[01:16]  * nealmcb puts on his security hat and looks around with upturned eyes
[01:16] <nealmcb> :)
[01:19] <nealmcb> I think I was just asked for a mysql password no fewer than three times on install - a bit rude....
[01:20] <nealmcb> (I refused to set one each time)
[03:14] <nealmcb> aha - sudo via ssh-agent implemented for openbsd: http://www.usenix.org/event/lisa08/tech/full_papers/burnside/burnside_html/index.html
[03:16] <nealmcb> that's what we need for ec2
[05:34] <antdedyet> deploying a ubuntu server with kvm. :)
[05:35] <antdedyet> I haven't quite convinced the client of using ubuntu in the guests for some clients who are used to Other Distros(tm), but the host is hardy.
[05:36] <antdedyet> pretty plesant experience so far. cheers on kvm gui management tooks shaping up since last winter.
[05:36] <antdedyet> s/tooks/tools
[06:12] <Lokin> Can someone help me?
[06:13] <Lokin> I can't seem to ssh to my server
[06:13] <Lokin> and my website isn't up....
[06:14] <ropetin> Lokin: do you have local access to the box?
[06:16] <Lokin> ya
[06:16] <Lokin> just grabbed a moniter
[06:18] <Lokin> Crap. Ok never mind, How do I make my IP static?
[06:19] <Lokin> ropetin ?
[06:19] <antdedyet> Lokin: did you provide deem the IP static?
[06:19] <jmarsden> Lokin: http://doc.ubuntu.com/ubuntu/serverguide/C/network-configuration.html
[06:20] <Lokin> When I set up the DNS server I set the old ip but It changed...
[06:22] <jmarsden> Lokin: Do you mean the IP of the Ubuntu server, or your public IP as provided by your ISP?  You may need to use a dynamic DNS client if you want a server on a connection that has a dynamically assigned IP from your provider.
[06:24] <Lokin> curl whatismyip.org, That is my ISP ip right? and then 192.168.0.7 would be the server IP?
[06:28] <jmarsden> Probably.  So if the answer you are seeing from whatismyip.org is changing, you have an Internet connection from your ISP with a dynamic Ip address... so you need to use a dynamic DNS type solution.
[06:29] <jmarsden> See http://www.no-ip.org for example.
[06:32] <Lokin> jmarsden: I can't use this because my server is command line. Right?
[06:34] <jmarsden> Are you sure??  I think their linux client doesn't need a GUI... checking...
[06:35] <jmarsden> The clietn is at http://www.no-ip.com/client/linux/noip-duc-linux.tar.gz and does not seem to need a GUI to me...
[06:42] <Lokin> How do I restart apache and ssh again?
[06:44] <jmarsden> sudo service apache2 restart && sudo service ssh restart
[06:46] <Lokin> jmarsden: apache2: Could not reliably determine the server's fully qualified domain name, 127.0.1.1 for ServerName
[06:46] <Lokin> Take it thats the dynamic IP messing things up?
[06:47] <jmarsden> Lokin: That's you changing the internal (LAN) IP of the server, probably.
[06:47] <jmarsden> Edit /etc/hosts to sort that out.
[06:47] <Lokin> erg
[06:47] <jmarsden> It will probably "work" OK despite the warning, actually.
[06:48] <Lokin> Doesn't work at all out side of lynx localhost
[06:49] <jmarsden> OK, then edit /etc/hosts and put the actual static local IP of the server in there with the FQDN and hostname of the server and restart apache
[06:50] <Lokin> The static being an IP of the thing I would sign up for?
[06:50] <Lokin> At the moment I didn't think I had a static IP.
[06:51] <jmarsden> No... hmm, I think you need some basic info on IP and NAT and how the Internet works??  Your server has a local and hopefully static IP address on your LAN.  I pointed you to the page of the Ubuntu Server Guide which describes that earlier...
[06:51] <jmarsden> I said: Lokin: http://doc.ubuntu.com/ubuntu/serverguide/C/network-configuration.html
[06:51] <Lokin> K i'll...
[06:51] <Lokin> ya read that
[06:51] <jmarsden> did you do what that says to get a static IP for your server??
[06:53] <Lokin> I need to get better in Unix....
[06:53] <Lokin> One sec I'm working on it
[06:55] <Lokin> does the Static IP matter? and it has to be local right 192.168.x.x?
[06:57] <jmarsden> It has to be on your LAN.  It has to be unique within your LAN.
[06:57] <jmarsden> Other that that you get to pick what number you want; if it was 192.168.0.7 dynamically, you can use that...
[06:58] <Lokin> ok
[06:58] <Lokin> so thats set
[06:58] <Lokin> iface eth1 inet static
[06:59] <jmarsden> OK, so edit /etc/hosts to match that and then restart apache
[06:59] <Lokin> k
[07:00] <Lokin> 192.168.0.107           UbuntuServer
[07:00] <jmarsden> OK, now does apache restart cleanly?
[07:01] <Lokin> same error but instead of 127.0.11 it now uses 192.168.0.107.....
[07:01] <Lokin> What is the fully qualified domain name??
[07:02] <jmarsden>  servername.mydomain.com  (or whatever it really is!)
[07:02] <jmarsden> You write UbuntuServer in /etc/hosts, is that your hostname?
[07:03] <Lokin> I mean I log into to alex@UbuntuServer
[07:03] <Lokin> so yes
[07:04] <jmarsden> OK, so the FQDN is UbuntuServer.yourdomain.com (if your domain name is yourdomain.com)
[07:04] <Lokin> UbuntuServer.truehelix.com
[07:05] <Lokin> Where should the DNS be pointing to from the Domain registrar?
[07:06] <jmarsden> OK.  So now as long as your router has port 80 open from the outside redirected to 192.168.0.107, you should be set.
[07:06] <jmarsden> Lokin: ?  I don't understand your question.  DNS host record for ubuntuserver.truehelix.com should point to whatever whatismyip.com says your public IP is.
[07:07] <jmarsden> But since you can't edit it every time it changs, you can use no-ip.org, sign up, and automatically update the DNS.
[07:07] <Lokin> I set the DNS record from ixwebhosting
[07:07] <jmarsden> OK.  You can do that.  As long as you chaneg ti every time your ISP changes your public IP :)
[07:08] <Lokin> :/ OK well how do I install somthing on a webpage via command line?
[07:09] <Lokin> because no-ip needs a download(of course) and I only have command line on my server
[07:09] <ropetin> Lokin: wget is your friend
[07:09] <ropetin> man wget
[07:09] <Lokin> :)
[07:09] <Lokin> thanks
[07:09] <ropetin> NP!
[07:09] <Lokin> lol
[07:10] <Lokin> OK now on to ssh :(
[07:10] <Lokin> I can't connect anymore
[07:10] <Lokin> even via the new ip
[07:11] <Lokin> used to be able just not anymore
[07:12] <ropetin> if you ssh from the local box can you access?
[07:13] <Lokin> no...
[07:13] <Lokin> but wait
[07:13] <Lokin> the eth1 address is 192.168.0.107
[07:13] <Lokin> whereas the port fowarding is .1.107
[07:13] <Lokin> that may be a problem....
[07:13] <jmarsden> Yes, it would be.
[07:14] <ropetin> You can remove the word may from that
[07:14] <Lokin> indeeed, that be a problem.
[07:14] <Lokin> Better?
[07:15] <jmarsden> More accurate, less gramatically correct ;)
[07:15] <ropetin> :P
[07:18] <Lokin> lol
[07:18] <Lokin> Sorry, needed a scon
[07:18] <Lokin> var hungry
[07:20] <Lokin> Damn this is really starting to piss me off
[07:21] <jmarsden> Then it might be good to stop, do something else, and come back to it later?
[07:22] <Lokin> I would but I need to sleep soon. School in the morning.
[07:23] <jmarsden> Your call.  You could leave it for 24 hours... I doubt your web server is earning you $millions/hour or anything? :)
[07:23] <Lokin> lol
[07:24] <Lokin> This is true
[07:24] <Lokin> http://thar.us/view/1440
[07:24] <jmarsden> Have you edited the Ip addresses so the ones in your server agree with the router regarding your subnet?
[07:24] <Lokin> but I want ssh working at least
[07:24] <Lokin> I do a fair bit on it at school
[07:24] <Lokin> I'm just wondering where else I would have to change then to 192.168.1.107
[07:24] <Lokin> btw, Don't browse thar
[07:25] <Lokin> its Var dangerous.
[07:25] <jmarsden> edit /etc/network/interfaces and /etc/hosts
[07:25] <Lokin> ya got those
[07:25] <Lokin> Is that for ssh also?
[07:25] <jmarsden> Yes.  Now restart networking, ssh and apache
[07:25] <Lokin> networking?
[07:25] <Lokin> ok
[07:25] <jmarsden> (or just reboot the server)
[07:26] <Lokin> k
[07:26] <Lokin> all restarted
[07:26] <Lokin> ssh alex@76.204.30.102
[07:26] <Lokin> and nothin
[07:27] <Lokin> ya just timed out
[07:27] <jmarsden> Are you sure that is your current public IP?
[07:28] <Lokin> Ya...
[07:28] <Lokin> I started iptables with the startup prints
[07:28] <Lokin> how do I disable them?
[07:28] <jmarsden> Turn that back off
[07:29] <jmarsden> Did you use ufw or something else ?
[07:29] <Lokin> service iptables stop?
[07:29] <Lokin> halt?
[07:29] <jmarsden> Sure.
[07:29] <jmarsden> stop
[07:29] <Lokin> k
[07:29] <Lokin> iptables is unrecognized...
[07:30] <jmarsden> How did you start up your firewall on the server?
[07:30] <jmarsden> What did you do?
[07:30] <Lokin> Never had...
[07:30] <jmarsden> How did you start up iptables?
[07:30] <Lokin> Well... I may have trying to ste up ip fowarding
[07:30] <Lokin> start*
[07:31] <jmarsden> What command(s) did you type to start iptables/ip forwarding?
[07:32] <Lokin> Not a clue.
[07:32] <jmarsden> Sigh... you did something on your server but you have no clue what you did??
[07:32] <Lokin> Can't I just kill iptables
[07:33] <jmarsden> It is a kernel module not a service...
[07:33] <Lokin> damnit
[07:33] <jmarsden> what does service ufw status    say
[07:33] <Lokin> Well It's vary likely when setting it up I just copy pasted shit off the interwebzzz...
[07:33] <jmarsden> Well stop doing that.  Read and learn and take notes, you are now a server admin!
[07:34] <Lokin> *Firewall is not running
[07:34] <Lokin> blurgg
[07:35] <jmarsden> OK.  Try     iptables -L  (and pastebin the output somewhere so I can look at it)
[07:35] <Lokin> I once again need to point out It's command line...
[07:36] <jmarsden> There are command line pastebin scripts...
[07:36] <jmarsden> But never mind... I don't have time for that right now...
[07:37] <Lokin> Chain INPUT (Policy ACCEPT) \n target      prot opt spurce              destination
[07:37] <Lokin> 3 of them but the other 2 instead of INPUT there is FOWARD and OUTPUT
[07:37] <jmarsden> Sounds like youy have no actual rules, so that's unlikely to be the issue.
[07:37] <Lokin> k
[07:38] <jmarsden> CAn you ssh to 192.168.1.107 from anotehr PC on your local LAN?
[07:38] <Lokin> mac but I'll try
[07:39] <Lokin> doesn't look like it
[07:39] <Lokin> just timing out...
[07:40] <jmarsden> OK, what does      netstat -ntl | grep :22     output (should be just 2 lines)
[07:40] <Lokin> ... k one sec
[07:41] <Lokin> tcp      0            0 0.0.0.0:22          0.0.0.0:*            Listen
[07:41] <Lokin> and
[07:42] <Lokin> tcp6           0           0  :::22                  :::*                Listen
[07:42] <jmarsden> That's all good.
[07:43] <jmarsden> ?
[07:45] <Lokin> ergg comp died
[07:45] <Lokin> my bad
[07:46] <jmarsden> Welcome back... OK.  What does   ifconfig eth1 | grep addr: | head -1   say?
[07:46] <jmarsden> BTW why are you using eth1... what is on eth0?
[07:47] <Lokin> not sure
[07:47] <Lokin> Just said use eth1
[07:47] <Lokin> on that link you sent one sec
[07:48] <jmarsden> OK... we'd better check... you only have one wired network interface on the server, right?
[07:49] <Lokin> ya
[07:49] <Lokin> it's old
[07:49] <Lokin> no wireless either
[07:49] <jmarsden> OK.  So does    ifconfig | grep ^eth    output just one line about eth1 ?  Or a line about eth0 ?
[07:50] <Lokin> one about eth0
[07:50] <jmarsden> Then that is the name of your interface.  So edit your config to to use that, not eth1
[07:50] <Lokin> eth0        Link encap:Ethernet     HWaddr  00:40:ca...
[07:50] <Lokin> k
[07:50] <jmarsden> Most likely just edit /etc/network/interfaces
[07:52] <Lokin> k
[07:53] <jmarsden> Now do service networking restart     and then   see what ifconfig |grep ^eth  says
[07:55] <Lokin> Hrmmmm duplicate files
[07:55] <Lokin> there is now 2 things declaring eth0
[07:55] <Lokin> auto eth0
[07:56] <Lokin> and then iface
[07:56] <Lokin> one sec I'm gogin to comment out the old one
[07:56] <Lokin> k that worked... and ssh....
[07:56] <Lokin> damn
[07:57] <Lokin> still not going
[07:58] <Lokin> Time out
[07:58] <jmarsden> OK.  So now ifconfig eth0 | grep addr:    outputs a line containing   192.168.1.107 ?
[07:58] <Lokin> no...
[07:58] <Lokin> first line is inet addr:192.168.1.100
[07:59] <Lokin> Bcast is 192.168.1.255
[07:59] <Lokin> and mask is default
[07:59] <Lokin> 255.255.255.0
[07:59] <jmarsden> Then your server is at .100 not .107, so you misconfigured something somewhere!
[07:59]  * Lokin screams
[07:59] <Lokin> !!!
[07:59] <Lokin> ok well should I just change the port fowarding to .1.100
[07:59] <Lokin> for tonight at least
[07:59] <jmarsden> OK, sure...
[08:00] <Lokin> will you be on tomorow?
[08:01] <Lokin> jmarsden: ssh guest@76.204.30.102
[08:01] <jmarsden> Possibly... depends on real life stuff...  OK...
[08:01] <Lokin> lol
[08:01] <Lokin> go for it
[08:02] <Lokin> yay
[08:02] <Lokin> so far everyone has guessed the pass successfully.
[08:03] <jmarsden> You logged out of the server?
[08:03] <jmarsden> OK, well, it works... go to sleep :-)
[08:03] <Lokin> am now I'm goign to bed
[08:04] <Lokin> but just for if your on tomorow you can help me without me copying stuff over
[08:04] <miguel1234> hi
[08:04] <Lokin> HELLO!
[08:04]  * Lokin wanders off to sleep
[08:06] <miguel1234> hello someone who can help me with a problem with my mail server?
[08:07] <jmarsden> miguel1234: Ask the question and find out ;)
[08:07] <miguel1234> thanks jmarsden :)
[08:08] <jmarsden> There's a bot command about that...
[08:08] <jmarsden> !ask | miguel1234
[08:08] <miguel1234> now I have a server with postfix + + sasl2 dovecot postfixadmin + + clamsmtp + spamassasin
[08:09] <miguel1234> sucede q	
[08:09] <miguel1234> apparently the smtpd-auth does not work
[08:11] <jmarsden> OK.  Did it work when you first installed postfix?  Are you using postfix virtual domains, or...?
[08:11] <miguel1234> jmarsden, I telnet localhost to 25 and shows me the following
[08:11] <miguel1234> jmarsden, http://pastebin.com/m2cbfee
[08:12] <miguel1234> jmarsden, 	
[08:12] <miguel1234> No I look at the 250-AUTH PLAIN LOGIN
[08:12] <miguel1234> 	
[08:12] <miguel1234> apparently I do not support
[08:13] <jmarsden> I think you need to tell postfix to support that... what is your backend user database going to be?
[08:13] <miguel1234> jmarsden,  my config postfix http://pastebin.com/m50f30bb5
[08:15] <jmarsden> So... that's not the Ubuntu default... where did this config come from, and how do you know it works?
[08:16] <miguel1234> jmarsden, 	
[08:16] <miguel1234> If you already defined in my smtpd.conf here http://pastebin.com/m6b0b12da
[08:17] <miguel1234> jmarsden, here http://doc.ubuntu-es.org/Postfix/configuraci%C3%B3n_de_un_servidor_incluyendo_Postfixadmin,_Mysql,_Spamassassin_y_ClamAv
[08:18] <jmarsden> I can't easily debug a fully tweaked postfix config... you just plucked it off the Internet?  Do you understand it?
[08:19] <miguel1234> mmm
[08:19] <jmarsden> If you follow a guide like that and it fails, you can either get help from the person who wrote that guide, or understand every little detail of what they did...
[08:21] <miguel1234> I can receive emails but my problem is that I can not send them to other destinations such as external servers because the SMTP authentication does not work for me
[08:23] <jmarsden> OK.  The whole way the guide does auth is not one I am familiar with; it would take me too long to debug this... it can probably be made to work... but not by me in any reasonable amount of time.
[08:24] <jmarsden> Do you know someone else who has used this guide and got it fully working?  Maybe they can help you?
[08:30] <miguel1234> no
[09:41] <kinnaz> hello server admins, i was wondering the latest php for ubuntu is 5.2.4 but that seems to be affected by several buffer overflow exploits, does that suhosini patch protect from them or i should compile php from src to get them fixed ?
[09:41] <kinnaz> ( compile from src to get 5.2.5
[09:53] <snek> anybody have experience with setting up a 2 system cluster with a few VPS's on each machine?
[09:54] <snek> curious about how to setup the mysql databases... either we could use a mysql db on each VPS or is it better to have mysql on the main installation instead of each VPS and sharding it to the other machine?
[09:56] <kinnaz> you could do mysql replication
[09:56] <kinnaz> mysql "cluster"
[09:57] <snek> yeah i am aware of that, i plan on replicating between the VPS's as well
[09:57] <kinnaz> ah misread your question
[09:57] <kinnaz> a little
[09:57] <snek> IF each VPS has mysql on it
[09:57] <kinnaz> if you have ip for every vps then why not
[09:57] <kinnaz> have diffrent mysqls
[09:58] <kinnaz> thou running one should be better performance wise i think
[09:58] <snek> dunno, looking at the performance i am not sure what would be better.. that's the problem a bit
[09:58] <kinnaz> thou no real exp talking here, just logic
[09:58] <snek> although i guess having seperate mysql servers on each vps would be a bit more secure in terms of availability & taking care of system load
[09:58] <kinnaz> yeah
[09:59] <kinnaz> in that terms indeed
[09:59] <kinnaz> but i think having alot of mysqls servers wont hurt you much
[09:59] <kinnaz> because the mysql proccess itself doesnot take up much
[09:59] <kinnaz> the load makes it resource hungry
[09:59] <kinnaz> but if you have alot of mysql servers
[10:00] <kinnaz> it's harder/impossible
[10:00] <kinnaz> to replicate them all
[10:00] <snek> hmm ok, will have to look into that before i suggest the new setup
[10:00] <kinnaz> thou i dont know how many mysql servers you would be running
[10:00] <kinnaz> but if you like 10
[10:01] <kinnaz> it will be kind of pain in the ass
[10:01] <kinnaz> to manage them all
[10:01] <snek> hmm i think it would be about 4 or 5 vps's.. mirrored to a 2nd machine
[10:02] <snek> btw, is Xen supported by Hardy? or is another package recommended?
[10:02] <snek> need to be able to give each vps each own amount of ram & cpu cycles
[10:05] <kinnaz> snek you need xen kernel for hardy i think
[10:05] <kinnaz> otherwise it would be running okey
[10:05] <stefg> Hi, i'm planning on setting up a file server in a virtual machine. The question i'm facing is wether to use a simple file or a raw partition for the samba shares. One one hand i#d like to keep it simple and have a simple file (which can easily be backed up by the hosting OS), OTOH i fear the performance hit. Experiences? Opinions?
[10:05] <stefg> ... btw... kvm/qemu
[10:08] <snek> you can use a single file to store all shares? i wasn't even aware of that..
[10:08] <snek> personally i setup a raid5 fileserver for a company which gets backed up each night using rsync to an offsite server.. about 700GB of video files & photoshop files.. works fine!
[10:10] <snek> works with an Areca 8 port sata raid controller, pumps out about 400MB/s now :)
[10:12] <stefg> I plan on simply adding a 300 GB file/partition to the virtual machine as second disk and mount it to serve... pretty straightforward. for rsync/rbackup it would be less hassle to simply use a file which contains all the samba shares, but surfing the net i find opinions that i/o performance is crap for simple file storage. i mean we're talking 30 users here... does it even matter ?
[10:16] <snek> can't say i have much experience with that, but i know that reading from a single file costs you about 10 - 20% performance.. if that's still acceptable (lets say a hdd does 75MB/s in an ideal situation, then you'd do about 55 - 60MB/s but an 100mbit line can only handle 12MB/s) then i wouldn't worry too much about it)
[10:16] <snek> your lan connection will most likely be the bottleneck, not the way you setup the share
[10:17] <frippz> stefg: have you looked at this article? http://www.howtoforge.com/virtualization-with-kvm-on-ubuntu-8.10-p4
[10:17] <stefg> frippz: not yet :-) thx for the link
[10:18] <frippz> stefg: have a look a this one as well. might be interesting regarding backing up LVM Partitions. http://www.howtoforge.com/linux_lvm_snapshots
[10:19] <frippz> I will be doing something similar in january when our new rack server arrives at work, so I've been studying these articles thoroughly :)
[10:19] <stefg> frippz: interesting read, although lvm snapshots are nothing i could use, and actaully i'd try to avoid the extra complexity of lvm... space requiremants are foreseeable, and i'm a fan of the KISS philosophy
[10:20] <frippz> stefg:
[10:20] <frippz> stefg: not familiar with that philosophy
[10:21]  * frippz hits up Google :)
[10:21] <stefg> Keep It Simple Stupid ... don't use fancy things for their own sake
[10:21] <frippz> stefg: heh, it just hit me :)
[10:22] <frippz> well, that article mentions about I/O problems as well, so there might be something to it
[10:24] <stefg> but snek is probably right... even if 5 users from 5 different 100MB segments access the server they'll not hit more than 50-60 MB/s i/o bandwith... the raid-10 can easily handle that, even if i loose 10-20% i/o performance by having a filesystem on a filesystem
[10:24] <UyCaRumBa> hola
[10:24] <UyCaRumBa> alguien que hable español ?
[10:51] <UyCaRumBa> hi
[10:51] <UyCaRumBa> because it shows ubuntu 8.10 non 250 AUTH LOGIN ?
[11:32] <kraut> moin
[12:25] <fevel> an I use iptables instead of ufw?
[12:26] <Deeps> sure
[12:26] <Deeps> ufw is just a frontend for iptables anyway
[12:28] <fevel> ok
[13:30] <Faust-C> i have a failed lvm volume that im trying to repair but when i run a lvm cmd i get a error about I/O
[13:31] <soren> "failed lvm volume"?
[13:34] <Faust-C> hmm how do i explain
[13:34] <Faust-C> the hdd was in another system but atm im using it as a external hdd to get the data off
[13:34] <Faust-C> but i cant due to the damn thing complaining about I/O
[13:43] <Faust-C> brb
[13:44] <frippz> I'm trying to find out how much space BIND is taking up (zone files etc.). is there any other place than /etc/bind that I should look at?
[13:45] <lamont> frippz: /var/cache/bind
[13:46] <lamont> and potentially /var/lib/bind
[13:46] <frippz> lamont: thanks. another 12K there :)
[13:47] <lamont> frippz: the most accurate answer is "see /etc/bind/named.conf et al, and what directories get referenced therein"
[13:48] <frippz> I'm guessing all the essential stuff resides in /etc (will be relocating BIND to another machine next year)
[13:56] <Mal3ko> how do i check if server is having a problem to cope with high cpu demanding process?
[13:59] <soren> Mal3ko: You look outside your office to see if there's a queue of users who are annoyed with your servers. If there isn't, you're fine.
[13:59]  * soren is not kidding
[13:59] <Mal3ko> lol
[13:59] <soren> There's no single metric to check.
[13:59] <Mal3ko> maybe like hard disk load?
[14:00] <soren> If people are happy with the service you're providing, you're fine. That's the only single, useful metric that always applies.
[15:50] <kinnaz_> hello server admins, i was wondering the latest php for ubuntu is 5.2.4 but that seems to be affected by several buffer overflow exploits, does that suhosini patch protect from them or i should compile php from src to get them fixed ?
[15:56] <Deeps> which version of ubuntu are you using?
[15:58] <Deeps> cuz heh, i see 5.2.3 in gutsy and 5.2.6 in intrepid, so i'm not sure where you're getting 5.2.4 from
[16:01] <genii> Deeps: I think 5.2.4 may be in -backports
[16:02] <Deeps> i forgot to look at hardy, heh
[16:02] <Deeps> you've still not mentioned which version you're using though
[16:04] <Deeps> generally, you'd wanna check the changelog or buglist of the package you're concerned about
[16:04] <Deeps> search for it on packages.ubuntu.com
[16:04] <Deeps> e.g., this is the changelog for php5 in hardy: http://changelogs.ubuntu.com/changelogs/pool/main/p/php5/php5_5.2.4-2ubuntu5.3/changelog
[16:25] <mgagne> howdy
[16:25] <mgagne> is there anyone here who has experience running Xen 3.3 backport in 8.04.1
[16:26] <mgagne> My networking is borked but I can see a peth0 device with a proper IP addres
[16:26] <mgagne> address*
[16:34] <LordDicranius> simplexio: so, it's working now. I was using an live Ubuntu environment for the workstation. I just installed it to the hard drive and it worked right away haha
[16:44] <amon> hi guys, i have an apparmor questions
[16:45] <amon> *question
[16:46] <amon> its not server specific but the ubuntu homepage sent me here
[16:47] <amon> how can i open links sent to me in skype in firefox, i tried to allow skype access to /usr/bin/xdg-open, but now it wants to access firefox.sh
[17:33] <mib_zp4tvgxc> can anyone help me or point me in the right direction ---> i moved my svn server laptop from college to home. when i try to update or commit, the svn is trying to access the college ip address, is there a way to switch it to point to my home address? --thanks
[17:37] <Deeps> mib_zp4tvgxc: svn switch --relocate
[17:38] <mib_zp4tvgxc> does it take params
[17:38] <mib_zp4tvgxc> or anything
[17:38] <Deeps> mib_zp4tvgxc: svn switch --relocate old-addr new-addr
[17:39] <mib_zp4tvgxc> thanks alot
[17:39] <mib_zp4tvgxc> on server box right
[17:39] <Deeps> on your svn client
[17:39] <mib_zp4tvgxc> ooh ok, thanks
[17:52] <mgagne> anyone here have experience with xen 3.3 and hardy?
[17:52] <mgagne> i have a networking question
[17:52] <_jmedina> mgagne: which one?
[17:53] <mgagne>  _jmedina hardy 8.04.1 with xen 3.3 backport
[17:53] <_jmedina> I mean the networking question
[17:54] <mgagne> well i got the system to boot with the xen kernel, now i have 2 interfaces in ifconfig, lo and peth0
[17:54] <mgagne> i added eth0 back to interfaces and it gets an ip as well as peth0
[17:54] <mgagne> but i cant ping google.com etc from dom0
[17:55] <mgagne> it does work when i run "ip link set peth0 down"
[17:55] <mgagne> but than peth0 grabs an ip again shortly after
[17:55] <mgagne> probably because xend is doing something with it?
[17:56] <_jmedina> using bridge networking?
[17:56] <mgagne> i believe so
[17:57] <mgagne> i changed very little about the xen configuration when i installed it
[17:57] <_jmedina> peth0 is the real interface, eth0 is a virtual interface attached to the bridge port
[17:57] <_jmedina> run
[17:57] <_jmedina> brctl show
[17:58] <mgagne> ok it lists eth8 with an id, stp not enabled, and interfaces are peth0
[17:58] <mgagne> eth0*
[17:58] <_jmedina> mgagne: could you paste bin it?
[17:58] <mgagne> _jmedina: sure
[18:00] <mgagne> jmedina: http://pastebin.com/de79dcbf
[18:01] <mgagne> jmedina: I had to type it out because the system with Xen is not able to get on the network reliably
[18:01] <mgagne> but its character for character what im seeing
[18:02] <mgagne> jmedina: if you need anything else paste binned I can use my usb stick though
[18:05] <jmedina> mgagne: ok, then show your xend-config.sxp
[18:05] <jmedina> egrep -v '^#|^$' /etc/xen/xend-config.xsp
[18:05] <jmedina> your /etc/network/interfaces
[18:05] <jmedina> the output of ethtool eth0 and ethtool peth0
[18:06] <mgagne> ok will do, give me a min
[18:12] <mgagne> jmedina: here it is  http://pastebin.com/m27136fd9
[18:19] <mgagne> jmedina: when i ping google.com it resolves an ip but i get Destination Host Unreachable
[18:20] <jmedina> mgagne: I forgot about ifconfig -a and route -n
[18:21] <Nafallo> DNS and routing is different things :-)
[18:21] <Nafallo> fwiw
[18:21] <jmedina> mgagne: can you ping your default gw?
[18:22] <mgagne> jmedina: ok ill paste bin those, lemme check
[18:22] <slofgren> mgagne: sounds like lack of a default gw being assigned
[18:26] <mgagne> i believe i can ping the gateway
[18:26] <mgagne> lemme get the command output
[18:30] <mgagne> jmedina: http://pastebin.com/m7f722890
[18:31] <jmedina> mgagne: you have two default gateways
[18:31] <jmedina> eth0 and peth0 are in the same segment
[18:31] <jmedina> did you configure peth0 with a IP addr?
[18:31] <jmedina> #
[18:31] <jmedina> 0.0.0.0         192.168.2.100   0.0.0.0         UG    0      0        0 peth0
[18:31] <jmedina> #
[18:31] <jmedina> 0.0.0.0         192.168.2.100   0.0.0.0         UG    100    0        0 eth0
[18:32] <mgagne> nope, I didn't try to manually configure anything but eth0 in interfaces, I was hoping I could get away with dhcp
[18:34] <jmedina> mgagne: try to remove the IP from peth0
[18:34] <mgagne> jmedina: I am guessing I can't just use ip link set peth0 down right?
[18:35] <jmedina> mgagne: nop, that will disable the interface
[18:35] <jmedina> it is with ip del addr
[18:35] <mgagne> jmedina: just give it the interface than?
[18:37] <mgagne> jmedina: ip addr del peth0 says it needs the inet prefix, where do I get that value
[18:39] <jmedina> mgagne: did you try: ip address del 192.168.2.47/24 dev peth0
[18:40] <mgagne> yeah
[18:40] <mgagne> jmedina: I can ping google now
[18:41] <jmedina> good
[18:41] <jmedina> now you need to resove why peth0 gets that address
[18:41] <mgagne> jmedina: is peth0 half-configured? should it not be pulling its own ip?
[18:41] <jmedina> I dont know if you used dhclient peth0 or something
[18:43] <mgagne> hmmm, the only networking items I might have changed were in the configs I posted
[18:43] <mgagne> this was a fresh install as of about 5 hours ago
[18:45] <mgagne> jmedina: thanks for the help so far, I spent quite a while on Google prior to this with no success :)
[18:45] <mgagne> jmedina: so basically I need to figure out why peth0 is getting an address, and then permanently prevent it?
[18:45] <jmedina> mgagne: I have not used 3.3 only 3.2 not sure if the network-bridge script configs you interfaces automagically
[18:46] <mgagne> ahh
[18:46] <mgagne> is it worth trying to disable it?
[18:48] <mgagne> jmedina: have you dealt with the libc warning you get with Xen in Ubuntu?
[18:48] <mgagne> -> http://wiki.xensource.com/xenwiki/DebianTlsLibcDiversion
[18:48] <mgagne> jmedina: just curious
[18:48] <jmedina> mgagne: that doesnt affect ubuntu
[18:48] <jmedina> it is for debian/etch
[18:49] <jmedina> hardy already has a xen-friendly libc
[18:49] <mgagne> ok, even though i get the warning
[18:50] <mgagne> sorry I meant that as a question
[19:01] <Faust-C> hmmm
[19:08] <toehio> hello
[19:08] <toehio> I just installed ubuntu server 8.1 and was wondering how I should set-up my users.
[19:09] <toehio> I currently have a user as my own name, 'toehio'.
[19:09] <toehio> Should I make seperate users for webservers, voip and games?
[19:29] <r00tintheb0x> Anyone using bacula that has email messages working?
[19:49] <Oliber> i've got a minor headache with NFS & Heartbeat, when the NFS server is running on the active node (2 node cluster with drbd/etc) only the primary IP address on the machine has all of the RPC services listed, the virtual IP gets portmapper and status
[19:49] <Oliber> do i need to use another NIC and use IPAddr over IPAddr2?
[19:54] <axisys> how to convert a desktop to a server?
[19:55] <axisys> I dont any of the desktop craps
[19:55] <axisys> i dont want to re-install with a server cd now
[19:55] <Oliber> "apt-get remove" the packages you don't want
[19:55] <axisys> Oliber: is there a bundle pkg that can remove all desktop stuff?
[19:56] <Oliber> i don't know, if you remove X11 it'll probably want to take most of the GUI apps with it
[19:56] <Oliber> i havn't done it personally
[19:58] <refnumzx> I have a bit of a complex question.  I would like to virtualize a couple of samba boxes using the built in KVM tools in ubuntu 8.10.  I am going to buy an external storage box with 4 disks inside each 500 GB and connected with an E-SATA connection. If I want to mount different partitions on the same disk to different virtual machines, will these cause problems?
[20:12] <jmedina> refnumzx: nop, that is a normal situation
[20:12] <jmedina> just make sure you dont use the same partition on more than 2 guests
[21:55] <Faust-C> finally i got something accomplised
[21:55] <antdedyet> and there was much rejoicing. ;)
[22:11] <Faust-C> lol
[22:11] <Faust-C> got gallery2 working (just need to figure out how to play movies thru it), nagios working, and soon RT
[22:27] <jmedina> RT?
[22:28] <Faust-C> request-tracker
[22:28] <Faust-C> hmm im assuming that pkg 'net-snmp' will get me Net::SNMP
[22:28] <Faust-C> trying to get everything i need to centreon
[22:29] <_45h_> hi. my ubuntu+xen everytime crashes into kernel panic with hard filesystem errors. its bug or easter egg?
[22:30] <_45h_> i cant find any error messages in logs about it
[22:31] <_45h_> after 1-2 days of work FS crashes fully
[22:32] <_45h_> Superblock is corrupt and cannot be repaired
[22:32] <_45h_> since both primary and secondary copies are corrupt.
[22:33] <_45h_> its fsck log after first day of work
[22:33] <jmedina> _45h_: I have about 5 xen servers running hardy without problemas, each host with about 10 guests
[22:33] <jmedina> _45h_: you can recover the super block, I doubt you only have 2 copies of the superblock
[22:34] <jmedina> but that could be a hardware problem
[22:35] <_45h_> raid1 fully functional
[22:35] <_45h_> and tested many times
[22:35] <jmedina> hardy? intrepid?
[22:36] <_45h_> tryed both. now i have debian 4.0 + jfs
[22:36] <jmedina> probably jfs i the problem
[22:36] <jmedina> :D
[22:36] <_45h_> first time it was ext3
[22:36] <jmedina> never had such problems
[22:36] <_45h_> jfs works fine
[22:36] <jmedina> and I have been working with xen since dapper
[22:37] <_45h_> show me your manual
[22:37] <jmedina> my manual?
[22:37] <_45h_> documentation
[22:37] <_45h_> man
[22:37] <_45h_> howto :)
[22:37] <jmedina> I dont have manual, only apt-get install ubuntu-xen-server xen-tools
[22:38] <jmedina> guest runing on image files, partitions, lvm
[22:38] <jmedina> all the machines created with xen-tools
[22:38] <_45h_> are you using image files or partitions?
[22:39] <_45h_> for guest systems
[22:39] <jmedina> image files, partitions and LVM
[22:39] <_45h_> hm
[22:39] <jmedina> only ext3
[22:39] <_45h_> ext3 sucks. first crash after 14 hours of work
[22:40] <_45h_> jfs work more 24 hours )
[22:40] <jmedina> _45h_: that is a serious problem
[22:41] <jmedina> _45h_: did you try fat32?
[22:41] <jmedina> just kidding
[22:41] <_45h_> haha )
[22:41] <jmedina> _45h_: so have you tried with another hardware?
[22:41] <_45h_> fat12 ))))))
[22:41] <_45h_> and partition for each file )
[22:41] <jmedina> fat12 longs 12 hours
[22:41] <jmedina> :D
[22:42] <_45h_> hardware works fine
[22:43] <_45h_> before i used this serv about 1 year
[22:43] <_45h_> best hardware that i have
[22:43] <hads> So "it used to work fine"
[22:43] <jmedina> hardware fails
[22:44] <jmedina> _45h_: and what about with a normal kernel? not the xen
[22:44] <_45h_> hardware errors with empty logs?
[22:44] <_45h_> em...
[22:45] <_45h_> not tested
[22:46] <_45h_> jmedina, are you using generic kernel? or xen?
[22:46] <jmedina> xen
[22:49] <_45h_> i found this bug on ubuntuforums
[22:52] <jmedina> ?
[22:52] <_45h_> some peoples reporting this problem
[22:52] <_45h_> kernel panic
[22:53] <jmedina> which bug?
[22:53] <_45h_> kernel crash )
[22:54] <jmedina> is it a registred bug?
[22:55] <_45h_> only some forum messages
[22:59] <_45h_> 2.6.18-xen is too old? )
[22:59] <jmedina> yeap
[23:00] <jmedina> even dapper has 2.6.19
[23:00] <jmedina> hardy
[23:00] <jmedina> # uname -r
[23:00] <jmedina> 2.6.24-21-xen
[23:00] <_45h_> anyway 810 also died as this debian
[23:01] <ScottK> No, Dapper is 2.6.15
[23:03] <jmedina> true
[23:03] <jmedina> :D
[23:03] <jmedina> this is gutsy
[23:03] <jmedina> running dapper as guest
[23:03] <jmedina> ohh, it is feisty