/srv/irclogs.ubuntu.com/2009/01/09/#ubuntu-server.txt

mathiaz	zul: is there a reason why mysql-5.0 is not based on the debian package? mysql-5.0.75 is already available from the unstable repository	00:01
RediXe	Is there a way to restore postconf back to default?	00:13
zul	mathiaz: checkout the REPORT for the merge	00:17
mathiaz	zul: http://merges.ubuntu.com/m/mysql-dfsg-5.0/REPORT? there is one conflict in one patch.	00:22
zul	mathiaz: ergh	00:22
zul	not when I looked at it	00:22
lukehasnoname	Is it just me or is virt-manager crippled?	00:38
hads	Just you	00:42
owh	:)	00:42
lukehasnoname	sigh	00:48
owh	lukehasnoname: What is wrong? Did a dog eat your cat?	00:53
lukehasnoname	FFFFFFFFFFUUUUUUUUU	00:56
lukehasnoname	kvm disabled in bios	00:56
lukehasnoname	that is better than a more severe problem	00:56
hads	Pretty annoying if it's at a data centre though :)	00:57
lukehasnoname	true	00:57
lukehasnoname	is it bad that I have to jiggle my PCI NIC for Ubuntu to get past the "Configuring Network devices" process?	00:59
lukehasnoname	The card doesn't line up right with the back panel so I can't screw it in.	01:00
lukehasnoname	and virt-manager has no option for doing any sort of managing of remote virtual hosts	01:01
owh	lukehasnoname: No, that's pretty standard for cheap hardware ;-)	01:01
owh	lukehasnoname: Remote virtual hosts are supported with virt-manager.	01:02
lukehasnoname	...	01:02
lukehasnoname	I have my server, with kvm running and installed. I have my laptop, which is connected to the server with virt-manager over ssh	01:03
lukehasnoname	I have no options showing in the GUI on doing anything.	01:03
owh	lukehasnoname: File -> Open Connection	01:05
lukehasnoname	done	01:05
lukehasnoname	I'm connected	01:06
owh	lukehasnoname: Your sense of humour needs a little tweaking my son.	01:07
lukehasnoname	...	01:07
lukehasnoname	I'll effing screenshot it	01:07
lukehasnoname	I hit file > open connection. I connect via ssh to the IP of my server	01:08
lukehasnoname	with the root password	01:08
lukehasnoname	root is in the libvirtd group	01:08
lukehasnoname	then I see the connection as 'active' in the main window	01:08
lukehasnoname	Now	01:08
lukehasnoname	From there, where should I see things to manage/create VMs on that host?	01:08
lukehasnoname	unless I'm mistaking how VMM works	01:09
lukehasnoname	... because I'm connecting to a physical machine expecting to be able to create, delete, shutdown, etc. all the VMs on that machine.	01:10
lukehasnoname	damnit owh	01:16
=== martin__ is now known as _Cid
_Cid	Anyone here good with Sieve? :) I am trying to create a script to delete blatant spam (based on score) - so far, I fail :/	01:24
_Cid	and not only that ...it does weird stuff - like delete mails that are whitelisted etc etc (so yeah, I commented out that idea)	01:24
uvirtbot`	New bug: #315303 in samba (main) "smbclient crashes on "mget" command" [Undecided,New] https://launchpad.net/bugs/315303	01:35
barby	vot for me http://www.uby.ro/show.php?c=1&val=17279	01:54
barby	vot for me http://www.uby.ro/show.php?c=1&val=17279	01:54
barby	vot for me http://www.uby.ro/show.php?c=1&val=17279	01:54
barby	vot for me http://www.uby.ro/show.php?c=1&val=17279	01:54
barby	vot for me http://www.uby.ro/show.php?c=1&val=17279	01:54
barby	vot for me http://www.uby.ro/show.php?c=1&val=17279	01:54
barby	vot for me http://www.uby.ro/show.php?c=1&val=17279	01:54
blahnana	stylish	01:54
barby	love all	01:54
barby	:D	01:54
barby	:X:X	01:54
barby	vot for me http://www.uby.ro/show.php?c=1&val=17279 :X:X	01:54
barby	i`m a sexy blondysh vot for me http://www.uby.ro/show.php?c=1&val=17279	01:55
barby	:X:X	01:55
jjesse	umm can someone kick?	01:55
blahnana	barby, is that really you on that link?	01:55
barby	vot for me http://www.uby.ro/show.php?c=1&val=17279	01:55
barby	yes	01:55
barby	:X	01:55
barby	vot for me http://www.uby.ro/show.php?c=1&val=17279 hot	01:55
barby	vot for me http://www.uby.ro/show.php?c=1&val=17279 for yahoo or msn	01:55
barby	vot for me http://www.uby.ro/show.php?c=1&val=17279 or web cam	01:55
blahnana	can I email you my CC details?	01:55
jjesse	ok time to stop spamming	01:55
barby	vot for me http://www.uby.ro/show.php?c=1&val=17279 :)	01:55
barby	vot for me boy`s?	01:56
barby	vot for me http://www.uby.ro/show.php?c=1&val=17279 :X	01:56
Kamping_Kaiser	!ops barby spamming	01:56
ubottu	Error: I am only a bot, please don't think I'm intelligent :)	01:56
Kamping_Kaiser	bah.	01:56
Kamping_Kaiser	!op	01:56
ubottu	Help! Channel emergency! infinity, soren, lamont, mathiaz or tom	01:56
jjesse	!op	01:56
Kamping_Kaiser	silly bot, !ops used to work.	01:56
Kamping_Kaiser	vorian, thanks :)	01:57
vorian	no problemo	01:57
* jjesse cheers for vorian		01:57
vorian	no bot in here eh?	01:58
RediXe	Any idea why with postfix when I run telnet localhost smtp -> connects ehlo example.com nothing happens?	02:03
joe-mac	hellooooo, anybody here who can i answer a simple question about udeb files?	02:10
Kamping_Kaiser	!ask	02:11
ubottu	Please don't ask to ask a question, simply ask the question (all on ONE line, so others can read and follow it easily). If anyone knows the answer they will most likely reply. :-)	02:11
joe-mac	thanks Kamping_Kaiser but i've been asking this particular question all day and no one seems to know	02:12
joe-mac	so here goes, i've got a udeb that for some reason is not in the server install tree. it's partman-auto-raid. all i need to do is make d-i recognize it. that's it. seems to be the most difficult task, and it's looking like i may actually have to build a whole cd for it	02:13
Kamping_Kaiser	joe-mac, not tried preseeding myself, but have you checked the debian install guide? iirc it contains a section on preseeding	02:14
joe-mac	yes, i spent the better part of day with it	02:14
joe-mac	my preseed file is absolutely fine	02:14
joe-mac	the problem is that ubuntu for some unknown reason does not include partman-auto-raid, but has EVERY other partman-auto* udeb, oh and also references partman-auto-raid in the docs	02:15
joe-mac	it's like some kind of cruel joke	02:15
Kamping_Kaiser	joe-mac, sounds like something worth filing a bug on, it may have been omitted by mistake	02:16
joe-mac	so, all i need to do afaict is get d-i to see the partman-auto-raid udeb whichc i have downloaded from launchpad	02:16
joe-mac	Kamping_Kaiser: I'd agree however I found a post that seemed to indicate it was also missing in feisty, and it is in the 'universe' tree so idk maybe there is a reason they leave it out	02:16
Kamping_Kaiser	joe-mac, that sounds like the reason then. when you said its meantioned in the doco, did you mean the wiki, or the offical shipped doco?	02:17
joe-mac	the wiki on preseeding explicitly shows how to use partman-auto-raid	02:18
joe-mac	i am on my home box now, but i have it bookmarked at work, let me see if i can google it	02:18
joe-mac	this might be it, this is a text only vt100 so bare with me, https://help.ubuntu.com/8.04/installation-guide/i386/preseed-using.html	02:19
Kamping_Kaiser	joe-mac, could be a bug in the doco. (I wouldnt like to say it is until its confirmed thats the link though)	02:23
joe-mac	so yea if you go to that link	02:25
joe-mac	then click next like twice, you'll be able to see the section on partitioning with raid	02:25
joe-mac	i'd really like to be able to just add a udeb in the pool and add it in the Packages file, i mean rebuilding a whole cd tree for one package seems ridiculous	02:26
Kamping_Kaiser	I'm sure theres other ways to get the package in, I just cant remember them	02:27
joe-mac	i tried doing like a preseed/early_command or something like that, and have it run apt-install partman-auto-raid, but it didn't work, and i really didn't expect it to since it's a .udeb anyways, just shooting in the dark	02:28
Bangers	is it possible to control Vmware ESXi from Ubuntu? ie. Uploading a virtual machine (created from vmbuilder), then start it?	03:12
=== martin__ is now known as _Cid
_Cid	anyone here good with Sieve scripts? - been trying to get it to act on spam rating ...I fail :/	04:12
mlopezqc	hello people, anyone have successfully configured virtualbox with host interface in 8.10?	04:40
mlopezqc	the only thing is stopping me is that the system insists in giving an ipv6 address to the tap0 device	04:41
mlopezqc	and must be addressless	04:42
=== kraut_ is now known as kraut
jmarsden	mlopezqc: It worked for me following the info at https://help.ubuntu.com/community/VirtualBox#Networking on 8.10 (amd64)	05:05
nandemonai	Heya guys.	05:48
nandemonai	Quick question..	05:48
nandemonai	Lately I've noticed twice now that my ethernet has essentially dropped out on one machine. No ping, no resolv nothing. Light stays on and everything else seems to work fine though..	05:49
nandemonai	restarting networking of manually ifdown/ifup doesn't seem to fix it but a reboot does.	05:50
nandemonai	Any ideas on where I should be looking? Nothing in /var/log/messages of interest.	05:50
blahnana	could potentially be the driver for the card, or the card's hardware	05:51
blahnana	rebooting would reinitialise the hardware, firmware, and software	05:51
nandemonai	Ahh of course.	05:52
nandemonai	I hadn't though about that..	05:52
nandemonai	Hmm, you think that would show up in the kernel log or some such?	05:52
blahnana	yeah it's not particularly helpful, I know	05:52
nandemonai	Well it's another avenue to look into cause I was stumped.	05:53
daredevilthere	I need to setup LTSP for my home laptop to boot ubuntu	07:58
SmokeyD	hey people, for my understanding: the use of snort (or any other IDS) is purely so you can watch the logs and see when someone tries to break in?	08:18
SmokeyD	I mean, the doesn't prevent anything does it?	08:18
jmarsden	SmokeyD: How you use it is up to you; you could easily set things up to actively reset TCP streams that snort says are bad, in real time, for example...	08:19
SmokeyD	jmarsden: ok, that sounds more interesting	08:19
SmokeyD	jmarsden: are there any recommended setups for snort? I have set it up loggin to mysql and wathcing the logs with BASE, but I would rather have snort so some preventive stuff	08:20
_ruben	IDS = detection; IPS = prevention; the I and S remain the same	08:21
SmokeyD	:)	08:21
_ruben	snort can do IPS as well i think, no experience with it though	08:21
jmarsden	Have you fully tweaked is to make sure you get zero false positives from it? Otherwise, reacting to alerts could be... embarrassing -- you'd be killing of real traffic from real customers.	08:21
jmarsden	s/is/it/	08:21
SmokeyD	jmarsden that is true	08:21
SmokeyD	so you recommend running snort only on IDS, and when sure that no false positives are present, turn to IPS	08:21
SmokeyD	do many users use snort as IDS only? Or also IPS?	08:22
_ruben	we used to use logsnorter (snort clone which uses syslog as input instead of the actual traffic), but when our network increased it became too large to handle	08:23
jmarsden	SmokeyD: You may want to read the Snort docs... including the Snort FAQ, which has a question about generating iptables rules based on alerts... http://www.snort.org/docs/faq/3Q06/node102.html	08:24
SmokeyD	jmarsden, thanks	08:25
kraut	moin	08:52
SmokeyD	wow, here are some interesting articles: http://www.freeos.com/projdetails/2/13/	09:13
SmokeyD1	hey people. Would it be wise to chattr +a my syslog auth.log and messages log files? Or would that break logrotate?	10:27
_ruben	why would you want that ?	10:27
_ruben	especially auth.log can hold sensitive info	10:27
SmokeyD1	_ruben: that is why. I only want to enable appending to the log, not removing files.	10:29
SmokeyD1	To prevent people who shouldn't be there from removing log entries	10:30
SmokeyD1	I am not talking about chmod but chattr.	10:30
lapo	hi	10:37
_ruben	SmokeyD1: you shouldnt be writing to those files manually	10:43
_ruben	those are written to by syslogd	10:43
_ruben	and either way, logrotate would most likely kill the attrib on next run	10:47
SmokeyD1	_ruben: I know I shouldn't be writing to those logs manually	10:56
SmokeyD1	that was not my question	10:56
SmokeyD1	I am concerned that a hacker who gains access to my system will erase the log entries before leaving	10:57
SmokeyD1	one way to make that harder is to chattr +a the logfile so you can only append to the file, not delete from it	10:57
SmokeyD1	I am wondering though if that would cause any unforseen problems	10:57
SmokeyD1	for instance with logrotate indeed	10:58
y000069	hi. i have a Dlink network card with driver, but i don't know how to compile the driver	11:02
lapo	SmokeyD1: can't you just use remote logging?	11:02
y000069	i'm using Ubuntu 8.04	11:02
SmokeyD1	lapo: hmm, maybe a better idea indeed.	11:03
lapo	SmokeyD1: I think it will brake logrotate, you should use prerotate/postrotate scripts to set/unset a attribute	11:04
SmokeyD1	lapo: thanks.	11:05
lapo	SmokeyD1: I don't see it as a big security improvement	11:05
SmokeyD1	hmm, I was thinking the same. Since logrotate can do chattr -a, why couldn't a hacker	11:05
lapo	indeed	11:06
_ruben	if you care about your logfiles, remote logs are pretty much the only decent solution	11:10
_ruben	then again, if the hacker has root, he can disable the remote logging as well .. though you'd still have the logs upto that point in time	11:10
lapo	SmokeyD1: a good paranoid solution would be to log on the serial port	11:10
SmokeyD1	lapo: :) yeah. But that is impossible for me :) I am running a virtual machine somewhere else	11:11
lapo	SmokeyD1: then it's easier, put up another vm which does logging only, you won't even need cables :-)	11:12
=== rascov_ is now known as rascov
SmokeyD1	hey people. Is there any reason why /var/lib/php5 should be world writable	13:07
SmokeyD1	it has the permissions drwx-wx-wt 2 root root	13:09
wjlroe	oh yes, mine too, not sure why that is...	13:11
wjlroe	it looks like it's all session temporary files	13:11
SmokeyD1	wjlroe: yeah so world writable would mean that any user could do stuff to sessions	13:12
SmokeyD1	isn't that a security issue?	13:12
wjlroe	no, because a normal user can create files in there, but not read them	13:12
SmokeyD1	that is true	13:12
wjlroe	i mean, it can't read files already in there	13:12
wjlroe	i suppose it avoids permission problems as to what user apache/php is running under	13:13
SmokeyD1	yeah ok	13:13
SmokeyD1	so if I set up my apache correctly (add users apache is running under to www-data) I could set group owner to www-data and chmod to 664	13:13
wjlroe	in theory, yes, there are also some cron files dealing with cleaning up session, you might want to check they will be ok still	13:14
wjlroe	but i think they run as root so shouldn't be a problem	13:15
SmokeyD1	cool. I might do that, allthough it's not really necessary	13:15
SmokeyD1	hey people. Is it wise to comment out rules in /etc/snort/rules files? I keep getting MS-SQL Worm propagation attempts for instance, but I don't run MS-SQL server so I don't care about them	13:54
SmokeyD1	would it be safe to comment it out?	13:55
heath\|work	man... I just setup a new vm with the newest vitualbox. They have made networking much easier than before! Finally!	14:02
henkjan_	virtualbox 2.1 is great indeed!	14:02
* Jeeves_ is installing two kvm-servers		14:56
johnwards	Does anyone know the reasoning behind shipping with the php suhosin patch installed by default	15:06
johnwards	and why i can't remove it without recompiling the debs (!)	15:06
johnwards	i am a massive ubuntu fan because of its flexablity and I have been convincing the bosses to move to ubuntu server. But it makes my life more difficult when i have to recompile for every release	15:07
uvirtbot`	New bug: #315500 in samba (main) "samba did not upgrade successfully..." [Undecided,New] https://launchpad.net/bugs/315500	15:30
=== martin__ is now known as _Cid
orudie	hi, quick question. I have perl v. 5.10 installed, i need version 5.8 instead. When i do sudo apt-get remove perl, it wants to free up 181 mb , and one of the packages that it wants to remove is apache2	15:48
_Cid	auch ...	15:48
_Cid	I would think it would not delete any of your conf files though (or do backup) so maybe remove it ...then re-apply apache2?	15:49
orudie	i cant remove apache 2 lol	15:49
orudie	it wants to remove mysql server too lol	15:50
orudie	in the list of packages	15:50
_Cid	hehe, pretty intrusive ...	15:50
orudie	182 mg freed? my system is like 320 meg total lol	15:51
_Cid	hehehe	15:51
_Cid	can you do a install of perl --force?	15:51
_Cid	the old version ...I wonder if apt-get would replace it then	15:51
_Cid	or look at 'dpkg --force-help'	15:52
orudie	_Cid, http://pastebin.com/m64cf5ec5	15:52
_Cid	you can uninstall a package, forcefully - without dependencies	15:52
_Cid	dpkg -r --force-all perl ..I would think <insert standard disclaimer here>	15:53
orudie	i need to know for sure i cant screw this up lol	15:53
_Cid	dont you have some silly little package installed you dont need you could practise on (something that got dependencies)	15:54
orudie	_Cid, can you please tell me how to do this ?	16:17
_Cid	the perl thingy?	16:18
_Cid	dpkg -r --force-all perl would be how to get rid of the package without the dependencies ....but I really do not know the consequences ( in terms of, will anything be damaged) - do you really need an old version of perl that bad? :-)	16:19
orudie	_Cid, yes cause the other thing that i'm trying to install only works with the older 1	16:20
_Cid	well.... hopefully all the other packages just need perl ..and not perl 5.10 ...I would 'dpkg -r --force-all perl ; <install the perl package you want> and hope everything keeps working ;-)	16:21
orudie	_Cid, after doing dpkg -r --force-all perl , i guess it uninstalled but then i tried perl -version it sill shows its isntalled and version 5.10	16:28
Faust-C	orudie: how are you uninstalling	16:29
Faust-C	unless you do apt-get autoremove apache2	16:29
Faust-C	mysql should be left alone	16:29
Faust-C	but then again ive been wrong	16:29
orudie	what does this command do dpkg -r --force-all perl ?	16:29
orudie	removes perl without dependencies ?	16:30
_Cid	you should double check your self in the man files or so - but that is how I read it	16:30
orudie	_Cid, ok i ran the dpkg -r --force-all perl command	16:30
_Cid	cool, try to install your new (or old) version of perl now	16:31
orudie	_Cid, sudp apt-get install perl 5.8 ?	16:31
_Cid	the deb repositories keep the latest version..we will need to look in archives or so	16:32
_Cid	I thought you already had it installed	16:33
_Cid	I mean, downlaoded	16:33
_Cid	lets have a look	16:33
orudie	ok :)	16:33
_Cid	whats this package that requires 5.8 btw?	16:34
orudie	its called hlstatsx	16:34
orudie	stats system for a game server	16:35
_Cid	weird that it cannot run on perl 5.10	16:35
_Cid	so, it looks like fiesty came with 5.8 - what ubuntu are you running on?	16:36
orudie	this is what their developer replied http://www.hlxcommunity.com/forums/viewtopic.php?f=3&t=223	16:36
_Cid	You can remove the -CSDA from the first line in hlstats.pl to get it mostly working, but there will be situations that will cause the daemon to crash. not an option? :-)	16:37
LaserJock	geeze, this place is packed :-)	16:37
orudie	why do i want it to crash ?	16:37
* ScottK waves at LaserJock from the crowd.		16:38
orudie	or it should be fine ?	16:38
LaserJock	ScottK: I'm wondering if the there are any webapp packaging types in the server team	16:38
ScottK	What kind of webapp?	16:39
LaserJock	ScottK: an educational one that's PHP and uses either MySQL or PostgreSQL	16:39
orudie	_Cid, should i try to reinstall it by sudo apt-get install perl ?	16:39
_Cid	orudie: no idea what he means with some crashing, heh - and no idea how soon his 1.5 will come out .... I think your best bet is to add the backport deb file to your apt, and install via that - know how to do that?	16:39
orudie	_Cid, nope lol	16:40
LaserJock	ScottK: we have packages for it, but there's some bugs and I'd like more of a server person's view	16:40
orudie	_Cid, maybe i should try it with perl 5.10 and remove the -CSDA ?	16:41
_Cid	orudie: I think it might be easier	16:41
_Cid	orudie: then you dont have to deal with all the backport stuff	16:41
orudie	so should i do , sudo apt-get install perl ?	16:41
ScottK	LaserJock: I suspect that zul would probably be your man for at least MySQL stuff.	16:41
_Cid	orudie: yup	16:42
ScottK	LaserJock: He or mathiaz probably know best who else.	16:42
=== _Cid is now known as _Cid\|Away
=== _Cid\|Away is now known as _Cid
orudie	_Cid, ok installed without errors wheew	16:42
LaserJock	ScottK: do you think an email to the mailing list would be a good place to start?	16:43
ScottK	LaserJock: Yes.	16:43
orudie	_Cid, the -CSDA option is already commented out :(	16:45
jmarsden	LaserJock: I'm not a MOTU, and not on the server team, but I am trying to help get a wep app packaged in time for Jaunty (WebGUI)... no time tight now, but if you catch me when I am back from work ~8 hours from now maybe I can take a look at your packaging and comment -- perhaps we can learn from each other? Or I'll look for your email on the list, if I remember :)	16:56
LaserJock	jmarsden: k	16:57
ScottK	jmarsden is also going to test an SELinux SRU sometime before Intrepid goes out of support, IIRC?	16:57
=== martin__ is now known as _Cid
jmarsden\|work	ScottK: I'd be very interested in testing an SeLinux SRU,having tried to get selinux working on Intrepid and failed... ... is there an SRU I can test?	17:19
ScottK	jmarsden: Didn't we talk about this before.	17:20
ScottK	Maybe I'm confused.	17:20
jmarsden\|work	I think so... I asked about the issue, and you pointed me to a bug number, I think that's about all though?	17:20
jmarsden\|work	I'll look back through my IRC logs and see what I can find, but probably not right away...	17:22
ScottK	jmarsden: It was Bug #308350	17:23
uvirtbot`	Launchpad bug 308350 in setools "FTBFS on amd64 and lpia due to dpkg-buildpackage failure." [Medium,Fix committed] https://launchpad.net/bugs/308350	17:23
jmarsden\|work	ScottK: Thanks.	17:23
ScottK	Since it's a build failure, testing would be to see that it's at least no worst than what was there before.	17:23
jmarsden\|work	:) OK.	17:23
ScottK	The bug points to instructions on how to install from -proposed.	17:23
ScottK	Just comment in the bug after you test.	17:23
_Cid	!paste	17:29
ubottu	pastebin is a service to post multiple-lined texts so you don't flood the channel. The Ubuntu pastebin is at http://paste.ubuntu.com (make sure you give us the URL for your paste - see also the channel topic)	17:29
_Cid	http://paste.ubuntu.com/102842/	17:29
orudie	_Cid, how can i execute a cron job ?	17:51
_Cid	Cron job are basically a scheduler - runs a command on a given interval	17:51
_Cid	like every 10 minutes..once a day etc etc	17:51
_Cid	I wonder ...	17:52
_Cid	!cron	17:52
ubottu	cron is a way to schedule execution of software/scripts. See https://help.ubuntu.com/community/CronHowto - There is also a decent Howto at http://www.tech-geeks.org/contrib/mdrone/cron&crontab-howto.htm	17:52
_Cid	hah :)	17:52
genii	!crontab	17:52
genii	Hm	17:52
_Cid	I win!	17:52
* genii feeds _Cid a cookie		17:52
* _Cid wont eat it ..noooo - it goes in a frame on the wall!		17:52
genii	orudie: When I forget the crontab file layout, I refer back to http://www.adminschoice.com/docs/crontab.htm	17:54
genii	You may find it useful	17:54
Doonz	Hey guys i installed Firestarter on my Ubuntu box. The home netwrok is being routed through the ubuntu box. Everything is working except for my internet has severely slowed down. Any ideas or suggestions to start dealing with this?	18:31
Doonz	Hey guys i installed Firestarter on my Ubuntu box. The home netwrok is being routed through the ubuntu box. Everything is working except for my internet has severely slowed down. Any ideas or suggestions to start dealing with this?	18:31
Doonz	sorry for the double	18:31
zoopster1	Doonz: and it speeds up after disabling the firewall?	18:39
Doonz	kills the internet connection	18:40
=== zoopster1 is now known as zoopster
zoopster	Doonz: so you are using NAT then. I just use UFW and notice no diff, but I'm also not logging much...so I might not be much help since I don't know what changes Firestarter makes	18:42
Doonz	ok	18:43
Doonz	thanx	18:43
zoopster	Doonz: firestarter is only a front end...so you need to see what changed since adding it if that is when you noticed the slow down	18:46
zoopster	Doonz: it could be something unrelated	18:47
Doonz	see	18:47
Doonz	the thing is i went from a hardware router	18:47
Doonz	but it only had a 10mbit wan link so i figure great can use my ubuntu box as a firewall a router for my windows netork	18:47
Doonz	but since then its beeen extremely slow browsing web pages and thing	18:48
zoopster	Doonz: ah...you went from a hw router to a sw router...so you need to optimize it...that has nothing to do with firestarter.	18:48
jmarsden\|work	Doonz: Check the logs that firestarter makes of denied traffic, it may be denying something you need?	18:48
Doonz	ok	18:49
Doonz	jmarsden\|work: what would it be denying that i need?	18:50
Doonz	zoopster: what would i need to optimize and how would i go about doing that?	18:50
jmarsden\|work	DNS?? Who knows, read the logs :)	18:50
Doonz	Dns is fine or else i wouldnt be browing the net	18:50
Doonz	Hostname: sserver1 - OS: Linux 2.6.27-9-generic/i686 - CPU: 2 x Intel(R) Xeon(TM) (3400.072 MHz) - Processes: 149 - Uptime: 7d 10h 47m - Load Average: 0.25 - Memory Usage: 458.81MB/2023.76MB (22.67%) - Disk Usage: 1870.05GB/6088.28GB (30.72%)	18:51
Doonz	thats the system its one	18:51
_Cid	not true ... if it waits for 2 timeouts before finding a good one fx, that would work - but slow everything down	18:51
jmarsden\|work	No, it could be blocking traffic to one server and you then wait for a while and then retry to a different one, or it could be allowing UDP DNS but not TCP DNS, or ...	18:51
Doonz	ok so what ports would that be?	18:51
Doonz	port 53 is allowed for all clients	18:52
zoopster	Doonz: look at the logs to see what is happening	18:52
jmarsden\|work	Doonz: Do not guess, read the logs... really.	18:52
_Cid	how is browsing from the actual box, snappy or sluggish?	18:52
Doonz	as snappy as it was prior to this	18:52
xinel	i want to create an ssh tunnel from eth2 to the outside world and allow anyone from eth0 to connect through it, any ideas?	18:52
Doonz	where would the logs be kept?	18:53
zoopster	Doonz: even more reason to dig into your logs further to see what may be getting blocked or otherwise slowing you down	18:53
_Cid	Doonz: DNS could be ok then - I am going to echo what everyone else already said ..search your log files for suspicious behaviour .... if you think its the firewall, you could perhaps try to act as a router without the firewall to isolate the issue?	18:53
_Cid	!log	18:53
_Cid	darn :P check /var/log	18:54
Doonz	i thouthg of that but when i turn off the firewall no internet works	18:54
zoopster	Doonz: so you need to enable NAT only...but don't bother...dig into the logs see what is happening and that will probably guide you where you need to go	18:54
Doonz	hmm nothing in the log directory from firestarter	18:54
jmarsden\|work	Doonz: There is an Events page in its GUI that should show everything it blocks, and you can load/import the stuff from its logs, probably from /var/log/messages	18:55
Doonz	Hehe i secured my box and disabled remote admin from the outside world	18:56
jmarsden\|work	You can't ssh to it?	18:56
Doonz	im ssh into atm	18:57
Doonz	but i cant see the gui	18:57
jmarsden\|work	Then you can run X apps over the SSH link... right?	18:57
Doonz	oh really	18:57
_Cid	if you dont know which log to look into ... checking date stamps to see recent entrides is a good start ....and then use tail on the files to see what is happening	18:57
* Doonz is a linux newbie		18:57
_Cid	tail -f if youw ant it to keep updating	18:57
_Cid	you can ignore all log files ending on .gz btw ...they are older - part of the log rotation	18:58
Doonz	yeah	18:58
Doonz	im curious about this xapp over ssh	18:58
genii	Doonz: x apps over internet are so laggy you will wich for cli back	19:00
genii	*wish	19:00
Lamo	I'm going crazy trying to setup Bugzilla3 on my Intrepid Server. I've installed via apt and set all the passwords per this guide http://www.hacksawlabs.com/index.php?option=com_content&view=article&id=55:install-bugzilla-on-ubuntu-810&catid=36:system-administration&Itemid=53 yet i get 404 when going to http://192.168.1.108/bugzilla3?	19:00
Doonz	oh ok	19:01
jmarsden\|work	Doonz: You can learn where the logs are, or you can use X over SSH... your call :)	19:01
jmarsden\|work	I'd strongly suspect they are in /var/log/messages	19:02
jmarsden\|work	genii: Doonz has a 10mbps link, so X at 10Mbps should be sane enough...	19:03
Doonz	its actually 25	19:07
Doonz	so how would i get x to work over ssh	19:07
xinel	hrmms say i got an .ovpn, .crt .key file and installed openvpn where would i put the files to get it all to work?	19:09
genii	Doonz: At any rate, down and dirty: in /etc/ssh/sshd_config: X11Forwarding yes then restart sshd server: sudo /etc/init.d/ssh restart then when login remote, use switch: -X (I like also -v and -C) to start an X app: xterm & appname	19:10
nijaba	kirkland: as soon as finished pushing, lp:~nijaba/screen-profiles/windows has the goodies you wanted...	19:55
kirkland	nijaba: wicked!	19:56
kirkland	nijaba: i just added load average, and memory info to the status bar :-)	19:56
kirkland	nijaba: loadavg from mdeslaur	19:56
nijaba	\o/	19:56
nijaba	kirkland: whenever the push ends you'll have:	20:06
nijaba	1/ a way to dismiss the help window	20:06
nijaba	2/ a way to enable disable default screen	20:07
nijaba	3/ create new screen allows to add to defaults	20:07
* nijaba hopes that will please jdstrand		20:07
jdstrand	nijaba: sounds fantastic :)	20:08
kirkland	nijaba: outstanding!	20:08
* nijaba wonders how long the push will take at 300B/s		20:09
* nijaba only has 30 min of batery left :(		20:09
kirkland	nijaba: cool, i'm merging now	20:43
nijaba	kirkland: what? but it looks like my push is not complete... is it?	20:44
kirkland	nijaba: oh ...	20:44
kirkland	nijaba: you're right	20:44
kirkland	nijaba: i was "attempting" to do the merge	20:44
kirkland	nijaba: i just did a push, very fast for me	20:44
nijaba	kirkland: I may have to wait til I am on a normal network	20:44
kirkland	nijaba: can you pastebin the bzr diff?	20:45
kirkland	nijaba: i can try and apply it manually	20:45
kirkland	nijaba: i'd like to push a new version to universe	20:45
kirkland	nijaba: i was waiting to blog about it until the welcome screen was enabled again	20:45
kirkland	nijaba: like jdstrand, i think many users would be lost with hints as to the wicked-cool shortcuts we've created	20:46
kirkland	nijaba: and we need welcome/help.txt for that ;-)	20:46
nijaba	kirkland: ahhh... my battery is dying, you'll have to wait a couple hours :(	20:48
kirkland	nijaba: i can't wait!	20:48
kirkland	:-)	20:48
kirkland	nijaba: j/k	20:48
kirkland	nijaba: bzr diff \| pastebinit	20:48
kirkland	nijaba: okay, i'm going to upload 1.5 now	20:54
kirkland	nijaba: ping me here when you can upload your merge (somewhere)	20:55
kirkland	nijaba: i'm quite interested in it	20:55
kirkland	nijaba: s/merge/branch/g	20:55
nijaba	kirkland: eheh, found a power plug	20:59
kirkland	nijaba: where are you?	20:59
kirkland	nick58b: somewhere interesting?	20:59
nijaba	kirkland: traveling to netherland this we	21:00
zul	nijaba: lay off the the wacky cafes there	21:01
kirkland	or bring us some!	21:01
nijaba	kirkland: what's the syntax for the bzr diff	21:02
kirkland	nijaba: bzr diff	21:02
kirkland	nijaba: or give it two revisions	21:02
kirkland	bzr -r21 -r 25	21:02
nijaba	zul: not going to amsterdam, but to the islands in the north	21:02
kirkland	nijaba: or something	21:02
zul	or bring us some seeds so we can make umm...rope	21:02
kirkland	nijaba: pick the last revision before you started making your changes	21:02
kirkland	nijaba: and then the current one	21:02
kirkland	nijaba: bzr diff -r21 -r23	21:02
kirkland	nijaba: something like that	21:03
kirkland	nijaba: see my comment to https://bugs.edge.launchpad.net/ubuntu/+source/screen-profiles/+bug/311443	21:04
uvirtbot`	Launchpad bug 311443 in screen-profiles "running applications at startup doesn't work" [Undecided,Confirmed]	21:04
kirkland	nijaba: you say "is quite easy to fix" ... can you enlighten me?	21:05
nijaba	kirkland: http://pastebin.ubuntu.com/102917/	21:05
kirkland	nijaba: cool, thanks, looking now....	21:05
kirkland	nijaba: hmm, i just realized ...	21:07
kirkland	nijaba: ctrl-g in vi is "tell me what line i'm on" ... :-/	21:07
nijaba	kirkland: I believed somehow when I read this bug report that we were not passing the $@, but I guess I had been skiing to much at the time	21:08
nijaba	kirkland: why would you need this when it is written on the bottom right	21:08
kirkland	nijaba: hmm, not always	21:08
mathiaz	nijaba: are you doing bug triagging while skiing down the slopes?	21:17
nijaba	kirkland: was finally able to push my branch	21:21
nijaba	mathiaz: well, evenings are long in december	21:21
kirkland	nijaba: cool, i'm merging from your diff, it's good	21:21
kirkland	nijaba: one thing, i'm changing though...	21:22
nijaba	kirkland: tell me	21:22
kirkland	nijaba: i'm making a select-screen-windows	21:22
kirkland	nijaba: i don't think the window selection belongs in select-screen-profile	21:22
kirkland	nijaba: it's kinda messy there	21:22
nijaba	kirkland: well, you'd better be sure the cp has occured at least once	21:23
kirkland	nijaba: oh.... that's seeding that file	21:23
nijaba	kirkland: else you'll get an ugly error when screen starts	21:23
nijaba	kirkland: yep, the ~/.screenrc-windows	21:24
kirkland	nijaba: hmm, in that case, this code needs a conditional around it	21:24
kirkland	if [ ! -e "$HOME/.screenrc-window" ]; then	21:24
kirkland	cp "$PROFILE_DIR/$x" "$HOME/.screenrc-window"	21:24
kirkland	fi	21:24
kirkland	nijaba: sorry dude	21:24
kirkland	nijaba: i'm on crack	21:24
nijaba	kirkland: what condition? if it does not exist, we should always create it	21:24
kirkland	nijaba: i see it now	21:24
kirkland	nijaba: :-)	21:25
nijaba	kirkland: ahh, np ;)	21:25
kirkland	nijaba: hang on though ...	21:25
kirkland	nijaba: it copies $x to that every time	21:25
kirkland	nijaba: that doesn't seem right	21:25
kirkland	nijaba: for x in $profiles; do .... done	21:26
nijaba	kirkland: $x? where?	21:26
kirkland	<kirkland> if [ ! -e "$HOME/.screenrc-window" ]; then	21:26
kirkland	<kirkland> cp "$PROFILE_DIR/$x" "$HOME/.screenrc-window"	21:26
kirkland	<kirkland> fi	21:26
kirkland	nijaba: that can't be right, huh?	21:26
nijaba	kirkland: huh, no, let me check	21:26
nijaba	kirkland: uh..... not right at all, been a been quick here	21:27
nijaba	kirkland: it should just copy /usr/share/screen-profiles/windows/common ONCE	21:28
kirkland	nijaba: k	21:29
kirkland	nijaba: i'll fix	21:29
nijaba	kirkland: thanks... that was bad, sorry	21:29
kirkland	nijaba: no worries	21:29
kirkland	nijaba: do you mind if change it to .screenrc-windows ?	21:30
kirkland	nijaba: i'll update all instances	21:30
kirkland	nijaba: note "windows" vs "window"	21:30
kirkland	nijaba: just to be clear that you can open more than 1	21:31
nijaba	kirkland: sure, it's what I thought I named it :P	21:32
kirkland	nijaba: :-P cool	21:32
nijaba	kirkland: that's even how it is named elsewhere	21:32
kirkland	nijaba: ah, you did... in some places	21:32
kirkland	nijaba: but not in others	21:33
kirkland	nijaba: shame!	21:33
kirkland	:-)	21:33
nijaba	kirkland: that must be the only piece of code I DID NOT test!	21:33
kirkland	nijaba: surrrrrrrree	21:33
kirkland	nijaba: that was the only case	21:33
kirkland	nijaba: the bit that copies the skeleton	21:33
kirkland	nijaba: how do i make the initial help window not quite as wide?	21:44
kirkland	nijaba: by like 2 characters?	21:44
nijaba	kirkland: in screen-profile-helper:91	21:46
kirkland	nijaba: thanks	21:46
nijaba	kirkland: change 76 to 74	21:46
kirkland	nijaba: okay, it doesn't look like the select-screen-profile functionality in the helper is quite working	21:46
kirkland	nijaba: i tried changing to debian, and restarting screen	21:46
kirkland	nijaba: (also, i need to update the message about pressing F5 since I changed that)	21:47
kirkland	nijaba: nice, 74 looks better than 76, perfect	21:47
nijaba	kirkland: that was working... wonder what changed	21:48
kirkland	nijaba: hmm, i might have broken something in the merge	21:48
nijaba	kirkland: Iook at line 143, I just call select-screen-profile --set %s	21:49
nijaba	kirkland: did you check that you --set is still working after the merge?	21:49
kirkland	nijaba: it's not, i'm fixing it	21:49
nijaba	kirkland: cool	21:50
kirkland	nijaba: yup, i broke it :-)	21:50
nijaba	kirkland: eheh, 1-1	21:50
nijaba	kirkland: so, what do you think of the new functions?	21:51
kirkland	nijaba: fixed!	21:51
kirkland	nijaba: i'm liking!	21:51
kirkland	nijaba: i'm still testing it	21:51
nijaba	cool	21:51
nijaba	good idea :D	21:51
kirkland	nijaba: i think i'm going to drop the ".screenrc" from "ubuntu.screenrc" ...	21:52
kirkland	nijaba: it might break the few people that are using this right now, but it's far better to break those few people now than later :-)	21:52
kirkland	nijaba: it would make those more descriptive	21:52
nijaba	kirkland: would be nice	21:52
kirkland	nijaba: they'd simply have to re-run select-screen-profile	21:52
kirkland	nijaba: actually, we could fix it in a maintainer script, postinst	21:54
kirkland	nijaba: i don't think it's really worth it though	21:54
nijaba	kirkland: not in a development version. We just need to have the info in the readme	21:55
kirkland	nijaba: i'm also going to drop "common" from the listing	21:56
kirkland	nijaba: no need	21:56
kirkland	nijaba: hmm, okay, un-checking "display help on startup" works	22:01
kirkland	nijaba: and i can get to it by going to "Help"	22:02
kirkland	nijaba: but i can't re-check it to "display help on startup"	22:02
nijaba	kirkland: yes that's as designed	22:02
kirkland	nijaba: how would i turn "display help on startup" back on?	22:03
nijaba	kirkland: modify .screen-profiles-helper to put it back on	22:03
kirkland	nijaba: ah	22:03
kirkland	nijaba: it would be nice if the checkbox were on the helper page either way	22:04
nijaba	kirkland: if you want I can always show the check box	22:04
kirkland	nijaba: i think i see how to enable that	22:04
kirkland	nijaba: let me try	22:04
nijaba	kirkland: always pass intro=1 and config to the help function	22:04
kirkland	nijaba: cool	22:04
kirkland	nijaba: oh, hmm, i see now	22:05
kirkland	nijaba: okay, i think that's due to a miscommunication	22:05
nijaba	kirkland: hmm, there is some code missing for turning it back on	22:05
nijaba	kirkland: see line 111	22:06
nijaba	kirkland: can do it if you want	22:06
nijaba	kirkland: I just thought it should have behaved as a hint dialog, where you can decide to not see it anymore...	22:07
kirkland	nijaba: gotcha	22:08
kirkland	nijaba: that can be in a future upload	22:08
nijaba	kirkland: so you think the checkbox should always be there?	22:08
kirkland	nijaba: i'm more interested in being able to disable the helper altogether, if you want to permanently dismiss it	22:08
kirkland	nijaba: yeah, i think so	22:08
nijaba	kirkland: ok I'll try to work on that	22:09
kirkland	nijaba: minor	22:09
kirkland	nijaba: hmm, pruning the welcome window out of the list isn't working right	22:11
nijaba	kirkland: what?	22:12
ScottK	lamont: Do you known anything about unbound for DNS? I'm looking at a package that wants to use it for DNSSEC and I'm uncertain if I should build against it.	22:12
kirkland	nijaba: i'm looking at the python now	22:13
nijaba	kirkland: if you have an issue, it is not with the python code	22:13
kirkland	nijaba: it's not updating .screenrc-windows	22:13
nijaba	kirkland: but just that your .screenrc-windows is not the file used	22:13
nijaba	kirkland: ???	22:13
nijaba	kirkland: it does here	22:14
nijaba	kirkland: what are your permissions on this file?	22:14
nephish	hey all, just installed ubuntu-server 8.10, it's doing great, but i don't know how to get cron mail. i have dovecot and postfix, and the system users get mail from a maildirmake solution, but can't seem to get it right on root user	22:14
kirkland	nijaba: -rw-r--r-- 1 kirkland kirkland 79 2009-01-09 15:39 .screenrc-windows	22:14
nephish	oh, and i never enabled a root account, really	22:14
nijaba	kirkland: that should be fine	22:15
kirkland	nijaba: so i "uncheck" the -helper window	22:15
kirkland	nijaba: then i click "save"	22:15
kirkland	nijaba: and it kills that window in my current session	22:15
kirkland	nijaba: i exit screen	22:15
kirkland	nijaba: cat ~/.screenrc-windows	22:15
kirkland	nijaba: and it's still there	22:15
nijaba	kirkland: what do you mean "it kills that window"?	22:16
kirkland	nijaba: yeah, when i "save", it kills the helper altogether ... that must be the problem	22:16
kirkland	nijaba: http://pastebin.com/f7bcd2a7f	22:19
kirkland	nijaba: diff against that and see if i've changed something obvious causing this breakage	22:19
nijaba	kirkland: I can't reproduce	22:20
nijaba	kirkland: yes, that IS the problem	22:22
kirkland	nijaba: you found my problem?	22:23
nijaba	kirkland: my train is arriving. I need to split, sorry	22:23
kirkland	nijaba: okay, thanks	22:23
Zombie_Gaz	I need help with ircd-ircu... Can somone give me a sample O line for the .conf file?	22:29
Zombie_Gaz	Or do I specify this in a different file?	22:30
nephish	is it possible to run a virtual host off of a different port than the rest of the webserver? I mean, can I have one virt host on port 80 and a different one on port 8000?	22:35
_Cid	nephish: yes ...that should be quite doable	22:39
nephish	cool, thanks	22:40
_Cid	nephish: check out the listen parameter in the examples: http://httpd.apache.org/docs/2.0/vhosts/examples.html	22:40
nephish	ok	22:41
RainCT	Hi	23:16
kirkland	nijaba: got it!!!!!	23:18
kirkland	nijaba: friggin python identation bs	23:18
* kirkland hates on python for a while		23:18
RainCT	I'm trying to setup SFTP with chroot (as described here: http://tinyurl.com/ubuntu-sftp) but I get "Directive `ChrootDirectory' is not allowed within a Match block" and sshd fails to start.	23:18
RainCT	What's the problem there? (I'm using Hardy for the server)	23:19
kirkland	RainCT: looks like a prob in your config file	23:19
kirkland	RainCT: i don't know what a "Match block" is though	23:19
RainCT	kirkland: see the URL	23:20
RainCT	(there are several other pages which suggest doing the same, so I don't think it's wrong..)	23:21
ScottK	RainCT: The how-to I think you are using said for Intrepid and later. Perhaps Hardy's openssh doesn't support it.	23:23
kirkland	RainCT: I think scottk is correct ... http://www.debian-administration.org/articles/590	23:24
nephish	hey all, i think i set something up wrong, my main user is not getting mail from cron, and when i check the mail queue there are lots of messages in there for root, but i cannot seem to get them.	23:24
RainCT	ScottK: That's what I'm starting to think (I think I saw something about OpenSSH 5.0), but i hoped I'm wrong P	23:24
kirkland	RainCT: also, see the difference in the man pages of sshd_config between hardy and intrepid: http://manpages.ubuntu.com/cgi-bin/search.py?cx=003883529982892832976%3A5zl6o8w6f0s&cof=FORID%3A9&ie=UTF-8&q=sshd_config&titles=Title&lr=lang_en	23:24
RainCT	any chance to get a backport?	23:25
kirkland	RainCT: ie, no 'chroot' at http://manpages.ubuntu.com/manpages/hardy/en/man5/sshd_config.5.html	23:25
* kirkland runs		23:25
kirkland	:-)	23:25
RainCT	heh	23:25
ScottK	kirkland: Here's an idea for you for manpages.ubuntu.com .... Wouldn't it be nice to diff the man page text between two Ubuntu releases ...	23:25
kirkland	ScottK: word ;-)	23:25
ScottK	Yeah. I started typing that before you put that up there.	23:26
kirkland	ScottK: file a wishlist bug at https://bugs.edge.launchpad.net/ubuntu-manpage-repository	23:26
ScottK	Sure thing.	23:26
kirkland	ScottK: i'm also going to put a dynamic bug link on each manpage	23:26
ScottK	I suspect you'll have to set the importance.	23:26
kirkland	ScottK: i get lots of bugs against ubuntu-manpage-repository for bad info in a manpage :-)	23:27
kirkland	messenger-shooting	23:27
ScottK	kirkland: Bug #315662 - I can't set importance.	23:28
uvirtbot`	Launchpad bug 315662 in ubuntu-manpage-repository "Diff between releases" [Undecided,New] https://launchpad.net/bugs/315662	23:28
kirkland	ScottK: got it, thanks!	23:29
* RainCT waits for his PPA to build a backport of OpenSSH		23:29
RainCT	bah, won't build until in 1 hour.. I'm off then, good night	23:31
RainCT	and thanks	23:31

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!