Zombie_Gazjmedina: Do you understand what I mean, though? Right now my machine is c-68-82-187-97.hsd1.de.comcast.net. But I own server.com and have my domain pointing to my IP address. I want my machine to be machinename.server.com.00:00
dazmanZombie_Gaz, You need to speak to the owner of the netblock to get reverse DNS setup.. as they'll need to do it on their DNS servers.. in this case, comcast to see if they'll do it for you.00:00
=== jjesse_ is now known as jjesse
Zombie_GazAh. So this isn't something I can do on my machine. It's via my ISP?00:01
jmedinayou can't set RR for your IP address, unless your ISP delegate it to you, which they do rarely00:01
dazmanZombie_Gaz, yes, the owners of the IP.00:01
Zombie_GazGot it.00:01
dazmanZombie_Gaz, and providing your own forward zone (domain.com -> Your IP) matches the reverse zone (Your IP -> domain.com), it'll show as domain.com on your IRC hostmask for example.00:01
dazmanZombie_Gaz, but really, you'll need to speak to comcast in the first instance to see if they can help.00:02
Nafallo98.0.105.78.in-addr.arpa domain name pointer home.magicalforest.net.00:02
dazmanI was lucky in that my ISP will delegate reverse DNS to me, or, now.. (which is easier) they give me a web panel to change it myself.. :)00:02
* jmedina hates in-addr.arpa00:03
Nafallodazman: ha. nice.00:03
Zombie_GazAny familiar with comcast's feelings towards this?00:05
Zombie_Gazerp (Anyone)00:05
* Zombie_Gaz has a feeling it is not positive.00:06
ScottKZombie_Gaz: Do you have a business account or a residential one?00:06
Zombie_Gazresidential  ;(00:06
ScottKComcase no haz reverse DNS for you.00:06
ScottKYou're violating your terms of service running a server.00:06
ScottKFor business accounts they have it no problem.00:07
nephishhey all, anyone running mysql with master -> slave replication00:19
milestonenephish: yeah why00:23
milestoneanyone got drbd0.7 to run under hardy?00:24
nephishwell, i am wanting to set up master slave replication on our backup server. The trick is, we are going to  move our backup computer to another location.00:24
milestoneso whats your question00:24
nephishi am wondering if that is going to present a problem.00:25
milestonewho is the master and who is the slave?00:25
nephishi would have to change the slaves host name on the main, etc.00:25
nephishmaster is our main server.00:25
nephishjust that our database is almost 8 GIG, so it will be very difficult to move the copy over once we move the system00:26
milestonenephish: stop the server, note the binlog position00:27
milestonemove the server00:27
milestonechange the configuration on the master00:27
nephishI live in the heart of Tornado Alley, so we just cannot have our main and backup server in the same place00:27
milestoneif you still need it you would have to double check00:27
milestonethen start replication server again00:27
milestonecheck if it automatically rolls all transactions from the master to the slave00:28
nephishis there some kind of option to load the slave computer from scratch?00:28
nephishi can't do a mysqldump because of how long it will lock up the database00:28
milestoneotherwise tell the master from which last transaction (the number you noted down) the transaction log should be replicated00:28
milestonethat should be it00:28
milestonenephish: maybe you can do mysqlhotcopy00:29
milestoneturn on binlog on the master00:30
milestonelock the master00:30
milestonewrite down the transaction number00:30
milestonedo mysqlhotcopy00:30
milestoneunlock the master00:30
milestonecopy everything to the slave00:31
milestoneget it up and running00:31
milestonetell the master from which numer on the transactions should be replicated00:31
milestoneand please make sure to read http://dev.mysql.com/doc/refman/5.1/en/replication.html00:31
milestonemaybe my info is outdated because it has been a while00:31
nephishlooks good00:32
nephishthanks for the link00:32
milestonenephish: google mysql replication -> first hit ;)00:32
nephishyeah, kinda bypassed it for some how-to and tutorial websites00:33
milestonenephish: it is always better to clearly understand what you are doing. Stay away from howto and tutorials if you have good documentation at hand. Which is the case with mysql00:34
MatBoywill scst be included in ubuntu ?00:56
uvirtbot`New bug: #316957 in mysql-dfsg-5.1 (universe) "package mysql-server-5.1 5.1.30-2ubuntu1 failed to install/upgrade: 子进程 post-installation script 返回了错误号 1" [Undecided,New] https://launchpad.net/bugs/31695702:25
uvirtbot`New bug: #316974 in mysql-dfsg-5.1 (universe) "Mysql dead after update" [Undecided,New] https://launchpad.net/bugs/31697403:51
DoonzHey guys How can i change the repositories from a local one to the main one. the local one is horribly slow03:55
Doonzok but where can i get the list of main servers03:57
hadsEverything is something.archive.ubuntu.com03:58
Doonzk thanx03:58
hadsUm, not literally.03:59
Doonzcause the canadian ones are brutally slow03:59
hadsIf you're in Australia you would use au.archive.ubuntu.com03:59
Doonzusa = us03:59
_Cidevening peeps04:10
nomingzican I run fsck command for NTFS partition ?04:12
nomingzii means is it safe to run fsck command in NTFS partition, I am newbie.04:13
nomingziHow to i check & repair NTFS partition in Linux CLI ?04:13
_Cidbeats me :/04:13
Doonzwhat are the letters in the repositories for usa04:15
Doonzhttp://ca.archive.ubuntu.com intrepid-updates <-- thats canada whats the usa one?04:16
uzairhey all, needed to setup a SOHO server for basica file/print sharing and authentication. it seems like samba + ldap is the solution, however apparently samba has limitations04:16
uzairi was trying to figure out what setup would work best. any help is much appreciated04:17
_Cidpardon my ignorence ...SOHO?04:17
uzairsmall office/home office04:17
ubottuSorry, I don't know anything about soho04:17
_Cidahhh, ok04:17
uzairanyone alive?04:17
_Cidwhat limitations you looking at?04:17
* ScottK finds a HP JetDirect box sitting on the network plenty for SOHO print serving.04:18
_CidI mean ...I run that setup, works fine04:18
uzairwell, apparently it _has_ limitations. i was trying to figure out what exactly04:18
hadsFor SOHO I doubt you will run into any04:18
hadsHow big is this office, do you really need central authentication?04:19
uzairbasically what i'm looking for is a file server to host the files used to run a couple windows-only apps (GoldMine & QuickBooks)04:19
_Cidno limitations so far :P04:19
uzairand was hoping I could have it work like a domain controller for central auth04:20
uzairabout 5 employees, however it can gro04:20
_CidI done a setup like that once for a 8 man company - worked fine with samba04:20
uzairi needed everything on the server (except that the apps could run locally -- esp since most clients will be windows)04:20
uzair_Cid: your experience would be greatly appreciated if shared :)04:21
_Ciduzair:  I dont know what to say really :)  I spend an afternoon, started witht he samba.conf which is pretty well documented, and a few google hits ... and had it up and running in pretty much no time04:22
uzairi'm a relatively advanced user w/ windows and maybe intermediate (although that may be pushing it) on linux, but i'm quite new to system admin. i have a large understanding of various parts of it, but never setup a whole network like this before04:22
_Ciduzair:  I seem to recall having the most trouble with getting windows to detect it as a domain server ...oh..and some issue about home directory replication I accidently set up ..and couldnt figure out how to turn of (whenever you logged in to a enw machine, bunch of files got copied over, woops)04:23
uzair_Cid: did you use samba for central auth? were people logging onto a domain or were they just mapping drives?04:23
_Ciduzair:  you can do both with samba04:23
_Ciduzair:  a starting point would be /etc/samba/samba.conf - there are commented out examples in there that pretty much does it for you :-)04:24
_Ciderr  smb.conf, sorry04:24
uzairwhat about the use of ldap?04:24
_Ciderr..was on a fedora box...think it was called FDS04:25
_Cidand/or: http://www.majen.net/smbldap/04:27
uzairthanks hads. i had found these two as well: http://www.howtoforge.com/ubuntu-gutsy-samba-domaincontroller04:27
uzairand, http://www.howtoforge.com/openldap-samba-domain-controller-ubuntu7.1004:27
_Ciduzair:   Its not that I dont want to help btw, sorry if it comes across like that ..I just dont recall a lot of issues ...kinda..just..worked04:27
uzairnp. people are often busy as well, etc. i was hoping if you had a guide or something you used, you could pass it along. if you just went at it raw, then i wouldn't really expect someone to teach me everything on the spot04:28
_Cidin terms of limitations, I cannot think of any you will run into with 5 users :-)04:28
uzairwhat are some limitations that these people talk off04:28
_Cidwho are these people...windows people?04:29
uzairspecifically in the intro of this article: http://www.howtoforge.com/openldap-samba-domain-controller-ubuntu7.1004:29
uzair"Please note that you do not have a fully comparable Windows domain controller at this time. Do not kid yourself, this guide only gets you a server with LDAP authentication."04:29
_Cidyeah, well..its not a fully featured domain server04:29
_Ciddont think you can set up cross domain trust ..as an example (or at least, I dont know how to)04:30
uzairhmm. now ldap seems to be quite a bit of a hassle, i was considering just using tdb. would it be a pain to switch to ldap later on?04:30
_Cidwith 5 users, I would go as light as I could - LDAP does seem a bit like overkill, unless you have a need for it04:31
uzairwell, there is potential for growth04:31
_Cidyou hiring? :D04:31
uzairi don't expect it to go beyond 20ish04:31
uzairlol, you don't wanna work for me just yet ;)04:31
uzairbut seriously, as the business grows, we're going to need people04:32
_Cidwhat you going to do?04:32
uzair  business-wise or server-wise?04:33
_Cidwell, since we are in ubuntu-server .... I was curious as to your business idea :)04:33
uzairi was hoping to basically have a file server for centralized storage of files as well as the data for a couple of windows-only apps04:33
_Ciduzair:  you will have that part up in minutes04:34
uzairlol, business idea doesn't really have much to do with ubuntu, or linux. besides, my dad takes runs that part -- i'm supposed to play the IT guy04:34
_Ciduzair:  take it in phases, get file share up and running first - again, check out smb.conf04:35
uzairnow secondly, those special apps need to be run on win machines, so they'll be there local. however all their info will be on the server04:35
_Cidassuming there is support for that in the windows client04:36
uzairthere is, checked that part out04:36
_Cidyou good then04:36
_Cid(cause I tried that with quicken once, and it did not, heh)04:36
uzairno huh? too bad...04:37
_Cidjust make the same share avaliable to all windows users ...  so they all know ..oh, the data is on the I Drive...or whatever04:37
_CidiDrive has a nice ring to it ...very Mac'ish04:38
uzairyeah, i'm sick of seeing the z drive everywhere :S04:38
uzairalright. i guess i'll get to work on doing this one step at a time.04:39
uzairso just to get a final answer, you advise for/against ldap?04:39
_Cidfor 5 users?   against  - your call if you want to position yourself for growth04:40
uzairalright then. i'll ponder over that some more. thanks for your help04:40
_Cidsure thing, good luck with it :)04:41
uzairyou as well hads04:41
Bangers1Can anyone help me with this thread?  http://ubuntuforums.org/showthread.php?p=6545446#post654544605:26
keesdoes anyone run sendmail with ssl on intrepid with outlook clients?05:46
ScottKPain all around.  No.05:48
=== antdedyet_ is now known as antdedyet
AnRkeyhow can i set sshd to only allow a set amount of connections from any one ip?06:55
Jeeves_/etc/hosts.{allow,deny} ?06:58
AnRkeyJeeves_, that would allow me to block a host, what i would like to do is limit a host's amount of connections06:59
AnRkeycan sshd limit the max connections from an ip?07:00
Jeeves_AnRkey: Not that I know of07:02
hadsHaven't heard07:03
Jeeves_Maybe iptables can do it07:03
AnRkeyJeeves_, i have denyhosts running every minute to stop dictionary attacks but some of these kids have large amounts of bandwidth. I end up getting 6000+ attempts before denyhosts has a chance to block them07:03
henkjanAnRkey: use iptables with limits07:03
AnRkeyhenkjan, could you push a little harder,almost there07:03
henkjanAnRkey: http://www.debian-administration.org/articles/18707:03
AnRkeyhenkjan, thanks very much! that seems to be exactly what i was looking for but could not get in to words to google successfully07:06
AnRkeyi looooove this os and it's team07:06
henkjanAnRkey: I googled for "ssh connection limit" :)07:07
hadsfail2ban may also be interesting07:09
AnRkeyi almost dont believe you :)07:12
AnRkeytrying that07:12
AnRkeyi tried max connections and so on07:12
AnRkeyfail2ban has broken 3 times on me07:13
AnRkeythe lists keep getting messed up for some reason07:13
AnRkeyi remember why we wanted to use it, it can check more services than the other denyhosts script07:21
Jeeves_henkjan: Jij googler!08:03
henkjanJeeves_: respect my google skills!08:16
stiv2kapache didn't shut down cleanly or something08:46
stiv2kand the address is still in use?08:46
stiv2khow can i fix this08:46
stiv2k(98)Address already in use: make_sock: could not bind to address
hadssudo invoke-rc.d apache2 stop08:46
stiv2khads: still doesnt work08:47
stiv2kwhat gives?08:48
hadsI have no idea what gives. Sounds like you'll need to kill it yourself.08:50
stiv2khads: how do i do that/08:50
Jeeves_killall -v apache2 -908:53
henkjanJeeves_: not pkill -v ? ;)08:54
hads-9 is pretty rough to start out :)08:54
stiv2kJeeves_: it says no process killed08:55
stiv2ki would love to fix this :/08:56
stiv2klike soon08:56
stiv2kthere are no apache processes08:56
stiv2kbut the socket is still there08:56
stiv2kor whatever08:56
\shstiv2k: find out the processes with : sudo fuser -n tcp 8008:58
stiv2k\sh: no results, there is no processes of apache08:58
Jeeves_henkjan: pff. You funny guy!08:58
Jeeves_stiv2k: netstat -lnp | grep 8008:58
Jeeves_What does that say?08:58
stiv2ktcp        0      0    *               LISTEN      -08:59
\shthen there is also a process08:59
\shthe fuser stuff should give it to you...08:59
stiv2kthe fuser command returns nothing...09:00
hadsadd a sudo to that netstat09:00
stiv2kit still looks the same09:03
stiv2kwtf is going on09:06
stiv2kwhy is it doing this09:06
Jeeves_stiv2k: If you run 'netstat -lnp'09:10
Jeeves_as root09:10
Jeeves_Than you see which process is using port 8009:10
stiv2kJeeves_: and?09:10
stiv2ktcp        0      0    *               LISTEN      -09:11
Jeeves_stiv2k: You're running that as root?09:12
stiv2kJeeves_: sudo09:12
Jeeves_ps uax | grep .pl ?09:13
stiv2kthere is something open on my port 443 too09:14
stiv2kJeeves_: nothing comes back from that09:15
Jeeves_stiv2k: sudo apt-get install rkhunter chkrootkit09:16
Jeeves_Run both09:16
stiv2kJeeves_: what do those do09:16
Jeeves_They check for rootkits and unwanted running software09:17
hadsapt-cache show rkhunter09:17
stiv2khey btw09:18
stiv2kthe damn init script for BOPM is broken09:18
stiv2kJeeves_: i get this09:18
stiv2k    /usr/sbin/unhide                                         [ Warning ]09:18
stiv2k    /usr/sbin/unhide-linux26                                 [ Warning ]09:18
stiv2keverything else is for the most part [ OK ]09:18
stiv2kJeeves_: no root kits here09:21
Jeeves_telnet localhost 8009:24
nmzanI know this isn't really the right place, could someone help me out with regards to sbs2k8, IIS & Exchange2k7 ?10:35
MatBoyit would be nice to have some docs about a scst installation :)10:35
nmzanor direct me to a channel with windows kiddies10:36
MatBoynmzan: #windows-server10:36
nmzanhax, didn't find that in the # list10:37
MatBoyI wonder why there is not that much infor about open-iscsi and scst10:52
eolo999hi, hi would like to find a tool to monitor file system change rates, any idea?11:01
Deepsinotify-tools may be of interest to you11:02
eolo999Deeps: thx11:04
MatBoymhh, there are really no good howto's about iscsi :S12:16
Ergo^hello, im having problem with mercurial on ubuntu12:36
Ergo^its webserver is launched on port 8000 and im not sure where to look how to disable or reconfigure it12:36
MatBoywhat is the best filesystem for iscsi luns ?12:43
Jeeves_MatBoy: Uh?13:08
MatBoyJeeves_: ?13:15
MatBoybut I don't know what FS is best for that disk13:15
MatBoy I use iscsitarget to make luns using files on a disk13:15
Jeeves_MatBoy: Why would an iscsidisk differ from a normal disk in terms of you choosing a filesystem?13:16
MatBoyJeeves_: so ext3 should be fine ?13:18
MatBoyit seems it does13:19
Jeeves_MatBoy: Yups, it is13:26
MatBoyJeeves_: but what about lvm ?13:29
MatBoyhow is that managed with iscsi ?13:30
Jeeves_MatBoy: Never used lvm13:31
MatBoyk !13:32
cor3not sure I understand why ubuntu server insists on installing apparmor13:34
cor3and it really bugs me canonical will not release their control panel thing a jig13:36
Deepsapparmour provides application security, and is enabled by defaultl, but it easily disabled and/or removed13:38
Deepscontrol panel thing a jig? landscape? yeah. agreed.13:38
cor3I know13:38
cor3just comparing debian and ubuntu13:38
cor3I understand using ubuntu for the desktop as it takes care of all the piddly little desktop issues that you would battle with under debian13:39
cor3but the server release kinda bugs me. I ended up writing my own preseed to setup a custom firewall installation13:41
Deepsi cant speak for the devs or even state with any kind of merit or backing that this is true, but it appears to me that the approach of "linux for humans" on the desktop (ie. linux desktops without needing to know much about linux) has been carried over to the server13:42
Deepsand that ubuntu server is designed to try and make things as easy as possible for people with minimal command line experience13:42
cor3not sure how I see how it helps manage most services13:43
Kamping_KaiserDeeps, that may be the intent, I'm not sure its been a success though13:43
cor3I do like the ltsp integration though13:43
Deepswhether it's a success or not, i'd personally think it's a bad idea13:43
Kamping_Kaiseri tend to agree13:44
cor3I had to battle through that with debian13:44
cor3I like the package manager they took from debian and the kernel patch set seems to be pretty clean13:44
Deepsi like the up-to-date packages, it's great for non-critical multifunctional servers13:45
cor3the trouble I have is I am partnered with a windows guru who knows little about linux and insists on using crappy web front ends ie webmin etc13:46
Deepsoh dear13:46
cor3mean while I have compiled os's from scratch13:46
Deepswell windows admins will have to learn command lines soon, i hear the windows server 2008 can be built command line only13:46
cor3LFS and gentoo13:46
jdstrandcor3: I don't know if your firewall preseeding is for ufw or not, but ufw will have basic preseeding support in jaunty13:47
Kamping_Kaiserall the serious 'doze admins i've met use cli anyway13:47
cor3LOL ya its kinda like bash actually13:47
jdstrandcor3: also, the apparmor stuff isn't so much 'for human beings' as to keep important services as safe as possible13:47
jdstrandit's easy to update for one's needs, or to simply put in complain mode13:48
cor3ya I would prefer a full chroot and perhaps grsecurity patched kernel13:48
cor3with chroot restrictions13:48
Kamping_Kaiserjdstrand, and drive sysadmins insane trying to work out why their ldap servers wont read the SSL certs ;)13:48
jdstrandKamping_Kaiser: if apparmor is not working for you in a default installation, please file a bug13:48
jdstrandKamping_Kaiser: or a common configuration13:49
Deepscor3: dont ask for much do you ;)13:49
jdstrandcor3: apparmor effectively chroots your application13:50
ScottKkees: One thing your blog post about Sendmail/Outlook had me thinking about was that we dropped SSLv2 in Intrepid.  Dunno if that was getting used before somehow.13:50
Kamping_Kaiserjdstrand, no idea how common the setup was, but for the first time ever i had services unable to read /etc/ssl/<service>/<files> because apparmour didnt consider the path legit :)13:50
jdstrandKamping_Kaiser: this was in slapd?13:51
Kamping_Kaiserjdstrand, the service in question? yes. I dont remember if Apache had the same hissy fit or if slapd was the only one.13:52
jdstrandKamping_Kaiser: apache doesn't have an apparmor profile by default. I can fix slapd if you file a bug13:52
cor3anyone successfully integrate openldap, and spamassassin/amavisd-new?13:52
jdstrand(we can't fix these annoying problems if people don't report them)13:52
cor3I registered my own oid space for custom ltsp and snmp development work13:53
Deepsoh, and made props for apparmor, the more i use it the more i like it13:53
Kamping_Kaiserjdstrand, would it be considered bug worthy? While it seems a logical place to put the file for me, I dont know if its a standard path at all13:54
cor3I want to build the equivilant to zimbra minus the ajax front end and other nasties13:55
jdstrandKamping_Kaiser: it seems fairly reasonable to me to have SSL aware applications able to read file in /etc/ssl. if you file a bug, it can be discussed13:55
Kamping_Kaiserjdstrand, ok, I'll do so.13:55
jdstrandKamping_Kaiser: thanks!13:56
cor3Any one using the oem configuration support?13:56
Jeeves_Not me13:57
cor3I found preseeding works well enough but the oem-config-server looks like it could be useful13:58
cor3one thing i found funny is the minimal debian installation is larger than the minimal ubuntu installation13:59
cor3if installed with the 'alternate' cd13:59
cor3netbase doesn't include inetd either which I like because I rarely use it for most installations14:00
cor3still have my reservations regarding canonical though14:01
cor3especially them refusing to release their support software for what is after all a free OS14:02
cor3the folks at debian would NEVER even consider doing that14:03
Kamping_Kaiserjdstrand, its been a while since i worked on teh system in question, but heres a report https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/31710914:03
uvirtbot`Launchpad bug 317109 in apparmor "Apparmour doesnt support use of /etc/ssl/<servicename>" [Undecided,New]14:03
cor3its one thing to provide commercial support but its a completely different thing to write software specifically for something completely open and not release it. Not to mention I doubt I would want a closed source support package installed cause who knows what they do with it.14:06
cor3Seems like something old billy would do14:06
* ScottK <-- Does not work for Canonical14:07
ScottKcor3: Then don't buy their support, just use it.14:07
ScottKIt shouldn't affect your decision whether or not to use the distro.14:07
jdstrandKamping_Kaiser: thanks for the report :)14:08
cor3it just makes me question the relationship between the 2.14:08
Kamping_Kaiserjdstrand, no worries. HIH.14:08
cor3canonical != ubuntu is what people tell me14:08
ScottKcor3: That's absolutely true.14:09
ScottKAnd ubuntu != canonical.14:09
cor3but they seem to scratch each others back14:09
cor3any who14:09
cor3no worries I will continue to use ubuntu server14:09
cor3I should get more involved with the distros I use14:10
ScottKI came here from opensuse after experiencing too much "If you want it to work, buy SLES/D licenses" from Novell/SuSE.14:10
cor3I started with RH7 then debian then gentoo then debian again and now a mix of debian/ubuntu14:11
jdstrandcor3: if the landscape bits bother you, I suggest you take it up on the mailing lists14:12
Kamping_Kaiserits come up before iirc, but i'd be interested to se it come up again14:12
Deepsred hat, debian, freebsd, ubuntu, debian+fbsd+ubuntu mix now14:12
Kamping_Kaiser(even if it does come up while i'm afk :()14:12
cor3ubuntu server needs some better docs14:14
cor3still use gentoo docs for setting up a lot of stuff14:15
ScottKcor3: If you're interested in getting more involved, that's an excellent way to do it.14:15
uvirtbot`New bug: #317109 in openldap2.3 (main) "Apparmour doesnt support use of /etc/ssl/<servicename>" [Undecided,Confirmed] https://launchpad.net/bugs/31710914:15
ScottKcor3: sommer <-- Also doens't work for Canonical does the Ubuntu Server guide and is always looking for new inputs.14:15
cor3I have been thinking about it. One of the common servers I put together is a debian/ubuntu firewall/openvpn and spam filter14:16
cor3I'm sure I could put together some docs on that process but thats more of specific deployment type doc than anything else14:17
ScottKWhat configuration do you use for spam filter?14:17
jdstrandspeaking of spam...14:18
jdstrandScottK: do you use greylisting with postfix, and if so, what software?14:18
cor3up until recently I have been using exim4 + spamassassin + clamav + razor + dcc + pyzor but I have been working on a postfix + amavisd + postgrey setup14:18
ScottKjdstrand: No.  I actually have my mx at a commercial host.  They use Postfix with greylisting, but I don't know which one.14:19
jdstrandScottK: or rather, what is the recommended greylisting package for integration with postfix on Ubuntu14:19
ScottKI don't think we have one.14:19
cor3use postgrey14:19
ScottKI hear good things about postgrey.14:19
cor3its simple and effective14:19
jdstrandI started using postgrey, and it was *super easy* to setup14:19
ScottKjdstrand: None in Main IIRC.14:19
jdstrandScottK: no, I checked14:19
jdstrandpostgrey seems to work pretty well14:20
ScottKcor3: Also if you  have feedback about the default Ubuntu amavisd-new configuration, I'd like to hear that.14:20
ScottKObviously it has to be somewhat generic, but I want it to be useful.14:20
cor3I'll have to get back to on it. I am testing the solution before making use of it for my clients but so far it seems to perform better than my previous exim4 setup14:21
ScottKOf course.  It has postfix.14:23
cor3ya big time14:23
cor3I started using exim4 while working for a previous employer14:23
cor3they were a debian heavy shop and used exim4 exclusively14:23
cor3so you go with what you know but I wanted to slim out the install14:24
cor3spam filtration can be resource intensive14:24
cor3one of the LTSP devs lives in my city14:25
cor3we got together for lunch a few years back14:25
cor3he worked on the ubuntu ltsp integration14:25
cor3Scott Balneavs is his name if I recall14:25
ScottKLooks like https://launchpad.net/~sbalneav14:27
cor3thats him14:28
cor3he was largely responsible for ltspfs too14:28
* ScottK detatches to experiment with new IRC cilent builds. See you later.14:28
=== _jmedina is now known as jmedina
ivokshi! :)16:14
Ward1983if i install 8.04 server, where can i tell on what disk it should install grub?16:14
Ward1983just askign to make sure i dont miss it16:14
ivoksWard1983: iirc, you won't be offered that16:15
Ward1983ivoks, so can i do that anyway?16:15
Ward1983ivoks, else i need to open up my PC, unplug the harddisks except the one i want to install on, afterwards plug them back in and fix my menu.lst :s16:16
Ward1983a ton of work16:16
MianoSMits going to install grub where you tell it to partition the fs16:17
Ward1983ivoks, i know its possible with ubuntu desktop16:17
ivoksyou can, of course, preesed all that16:17
ivoksi think MianoSM is right16:17
MianoSMSo when you go through the partition manager if you have sda and sdb, if you install on sdb, it should install grub on sdb16:17
MianoSMand vice versa16:17
Ward1983MianoSM, are you sure? ubuntu allways takes the first disk by default unless you tell it where to install to16:17
Ward1983i meant ubuntu desktop16:17
MianoSMRight, you are going to have to dictate the partitioning.16:17
ivoksWard1983: first disk in grub isn't the first disk on OS16:17
MianoSMYou can change the listing in grub so far as disk order.16:18
Ward1983ivoks, i know i did not say that16:18
Ward1983ivoks, it allways takes the first disk of the system16:18
Ward1983ok thats chinese16:18
ivoksWard1983: i really haven't been thinking about this16:19
ivoksso, i don't know for sure16:19
Ward1983it does (desktop)16:19
MianoSMIf you set your bios to boot from a maxtor and a seagate hard drive, they will both have an mbr. Ubuntu will label then sda and sdb16:19
ivoksi always installed ubuntu server on first disk :)16:19
MianoSMUse the manual partition choice, and select the correct disk, and be sure to have a SuperGrubDisk on hand in the case of error.16:20
Ward1983MianoSM, i just want both ubuntu-server and grub on the third disk on my system, grub would call it (hd2,0) or /dev/sdc116:20
MianoSMWard1983: that's absolutely possible.16:21
Ward1983ok never mind ill just unplug the other disks....16:21
MianoSMYou found JC?16:21
Ward1983MianoSM, ah ok so how do i do that please?16:21
ivokspreseed it16:22
Ward1983MianoSM, ah ok so how do i do that please? installing on (hd2)16:24
ivoksWard1983: if you would wait for an hour, i could try that scenario in my VM and let you know results16:24
ivoksthat service would cost you $50016:24
Ward1983ivoks, nah ill try it myself then lol16:25
MianoSMI'm telling you, the drive you choose to install the OS to will carry the GRUB installation.16:25
Ward1983ivoks, i assumed you knew how to do it since you said its possible16:25
ivoksi told you16:25
ivoksyou can preseed it16:25
Ward1983MianoSM, and i asked you if you are absolutely sure :)16:25
Ward1983MianoSM, its not that important, i can restore the bootloaders of the other disks if needed16:25
MianoSMIn my experience, I haven't seen it happen otherwise.16:26
Ward1983ivoks, aaaaaah ok sorry i didnt understand lol16:26
Ward1983MianoSM, because you allways used the first disk? :p16:26
MianoSMNo, not always. I had a RAID 0 set up over 2 disks (hd0), and then a third drive (hd1) that I installed on.16:27
Ward1983ivoks, so can i preceed only grub?16:27
dinsdale07Hi, this is the output of a line of top:      15924 www-data  20   0 32228 6972 1292 R  100  0.2 147:40.99 perl.  I want to know which script is running, it just displays "perl". How do I do that?16:27
Ward1983ivoks, sorry i dont understand that second link16:28
Jeeves_dinsdale07: c16:28
dinsdale07Jeeves_, you mean top -c?16:29
Ward1983MianoSM, maybe it has something to do with the raid16:29
Jeeves_dinsdale07: No16:29
Jeeves_in top16:29
Jeeves_type c16:29
MatBoyok, iscsi seems to be nice :)16:29
Ward1983MianoSM, well ill jsut try it since preceeding doesnt seem to get explained anywhere16:29
Jeeves_which will show the entire commandline16:29
Ward1983debian people allways presume everyone gets born knowing everything16:29
MianoSMNot "everything", but most of it. ;)16:30
dinsdale07Jeeves_, yes it works, thanks - now it shows httpds, that looks like the ssh deamon16:30
Jeeves_dinsdale07: Ehm, httpd or sshd are not perl scripts :)16:30
Ward1983MianoSM, well gonna reboot, wish me luck16:31
MianoSMfauxhawk: please send me that picture again16:31
dinsdale07Jeeves_, that's what concerns me... it shouldn't show as perl in the first place.16:31
MianoSMfauxhawk: you're that girl from the other night right?16:31
fauxhawkMianoSM : wat16:31
* fauxhawk not a chick16:32
MianoSMfauxhawk: oh, do you have a gf that could have been talking to me or a wife maybe?16:32
fauxhawkMianoSM : sure let me get on that for you16:33
dinsdale07MianoSM, tyring to make it into bash.org?16:33
MianoSMdinsdale07: what is bash.org?16:33
MianoSMsomething for scripting?16:33
dinsdale07not really, check it out :-)16:34
MianoSMdinsdale07: is it work safe?16:34
fauxhawkMianoSM: no, it will steal your soul16:35
MatBoykewl ! Il like iscsi16:35
dinsdale07MianoSM, unless you look up quotes of bloodninja16:35
MianoSMha, I know bloodninja16:35
MianoSMnice site, I get it now ;)16:36
MianoSMI could have sworn I was helping fauxy the other night though. :(16:36
fauxhawkMianoSM: you helped me install ubuntu16:38
fauxhawkit was a swell time16:38
dinsdale07in top - how can "perl" and "httpds" be related. they show under the same PID if I toggle "c" in top16:41
MianoSMcan we see the full line from top please?16:42
MianoSMroot      5292  0.0  0.6  10040  6268 ?        Ss   Jan10   0:10 /usr/bin/perl /usr/local/webmin/miniserv.pl /etc/webmin/miniserv.conf16:43
MianoSMThat's webmin being run by perl. If you have a web server that is being run by perl, you could see both in the command under top.16:44
MianoSMUsing htop and sorting by tree might help you visualize it as well (sudo apt-get install htop).16:44
dinsdale07these are the two lines when I toggle. http://pastebin.com/d4132ddf216:45
fauxhawkhtop should really replace top16:45
dinsdale07I haven't installed webmin - but ispconfig.16:45
dinsdale07I think ispconfig mainly consists of perl scripts, that could explain it.16:46
dinsdale07ah - nice: htop. how colorful :-)16:47
fauxhawkdinsdale07: htop with treeview is much better at showing how processes are related16:49
dinsdale07yes, it's very nice - how do I get the F5, F10 etc commands to work though. They are bind to my local machine16:51
MianoSMT also acts as F516:51
MianoSMand Q = F1016:52
* MianoSM afk2 eat bbl.16:52
dinsdale07I see, it's smallcaps t and q for my console btw. Very tidy.16:53
nephishhey all, back with another master-slave replication question.16:54
nephishdo you have to wipe out the current bin log on the master and reset it before starting replication?16:55
ivoksreset master;16:57
vorianmathiaz: ping16:57
ivoksnephish: you don't have to do that16:57
* ScottK waves at mathiaz too.16:57
ivoksnephish: when setting replication, you have to dump master and import on slave16:57
ivoksnephish: then set slave to start replication from current master record16:57
nephishright, i used mysqlhotcopy to get a shot of the server database while under a flush with readlock16:58
nephishthen restarted the master.16:58
ivokssorry, i don't know what myslhotcopy is16:58
ivoksi do everything with mysql client16:58
nephisham i supposed to wait untill the slave has everything squared away before releasing the lock on the master?16:58
ScottKmathiaz: Instead of not building mysql-server, mysql-client, mysql-common for 5.1 at all, we need something like mysql-server5.1, mysql-client5.1, mysql-common5.1.16:59
ScottKvorian: That's right, isn't it?16:59
ivoksnephish: import DB, set the replication from master16:59
ScottK... or zul?16:59
vorianScottK: right16:59
ivoksnephish: you can then release master16:59
ivoksnephish: and start slave replication16:59
vorianwe also need all the libs16:59
mathiazScottK: there is mysql-server-5.1, mysql-client-5.117:00
ivoksnephish: you just have to have replication logs17:00
ScottKvorian: ^^17:00
mathiazScottK: for now they still depend on mysql-common from 5.0 though17:00
ScottKvorian: So what else do we need?17:00
ScottKmathiaz: vorian has been doing the amarok packaging ...17:00
nephishi have the log bin and position written down, but when i load the db into slave i am supposed to wait till the slave is replicating to release the master?17:00
mathiazScottK: vorian: mysql-server and mysql-client a just empty packages that depends on the latest version from mysql17:00
ivoksso, amarok depends on mysql?17:01
vorianivoks: it does now17:01
ScottKivoks: Yes.  Even better it uses embedded so it needs 5.1.17:01
ivoksi tought amarok is meedia player17:01
ScottKIt is.17:01
vorianivoks: yes, but it stores collections :)17:01
ivoksnot a wanna-be everything app :)17:01
nephishivoks, i thought amarock used sqlite17:02
ScottKnephish: That's Amarok 1.  We're talking Amarok 2.17:02
nephishah, ok17:02
ivoksimagine evolution, installing postfix and dovecot :)17:03
nephishIvoks, i just can't get it to work, does the relay log have something to do with the replication?17:03
nephishThis should be so simple.17:03
ivoksnephish: there was a nice howto, wait a minute17:03
nephishboth computers are running ubuntu  8.10, and useing latest mysql-server from the ubuntu repositories17:04
smarterivoks: yup, but amarok 2.0 use mysql embedded from 5.1 as databse17:04
smarterit used it in the 1.x serie (KDE3)17:04
ivokssmarter: i have 'server' perspective17:05
nephishIvoks, yes, that is the exact how to that got me here, i just can't tell if i am missing a step17:05
mathiazsmarter: why was sqlite dumped and mysql used instead?17:05
ivoks5.1 is not ready for production17:05
smartermathiaz: let me find you the blog post about that...17:06
ScottKWell it's 'released' and we pretty well have to jump to Amarok 2 for Kubuntu.17:06
ivoksthis is a loose-loose situation :/17:06
smartermathiaz: http://amarok.kde.org/blog/archives/812-MySQL-in-Amarok-2-The-Reality.html17:06
ScottKlose-lose even17:06
ivokslose-lose :D17:06
ivoksif i hear another one about 'ubuntu not supporting KDE'... :)17:07
ScottKivoks: This one we are actually working together on reasonably well.  It's a hard one.17:07
ivoksScottK: mysql 'stable' releases are versioned 5.x.4x :)17:08
* ScottK notes that Kubuntu still has no bluetooth in Intrepid or Jaunty thanks to Ubuntu.17:08
ivoksScottK: this is #ubuntu-server :p17:08
ScottKSure thing.17:08
ivokswe don't have bluetooth :D17:09
mathiazivoks: I think that for the type of usage and workload amarok is going to put on mysql, 5.1 could be consider stable17:09
ivoksmathiaz: i agree, but i'm not sure that's the case for servers17:09
ivokswell, as i said, this is a lose-lose17:09
ivokshopefully, 5.1 will became stable before 10.0217:10
mathiazivoks: oh yes. That's why from a server perspective, we just wanna provide mysql-5.1 in universe17:10
ivoksmathiaz: oh, we'll have both?17:10
mathiazivoks: from the server POV, mysql 5.0 should be in main and 5.1 in universe17:10
mathiazivoks: we *already* have both.17:10
ivoksi agree17:10
ivoksmathiaz: eh, sorry, i'm still out of sync with jaunty :/17:11
mathiazivoks: the target would to get 5.1 in main for the next LTS.17:11
ScottKUnfortunately, Amarok is normally in Main.  We've had to demote it because of 5.1.17:11
ScottKNot having it on the CD will be a not good thing.17:11
ScottKSo no easy answer.17:11
ivoksah well...17:12
ivoksnephish: do you have anything in DB already?17:13
ivoksnephish: best thing would be to start with empty db17:13
nephishslave is empty, or can be17:13
nephishmain server is running for last three years17:14
ivoksand master is full?17:14
ivoksok, so, in production?17:14
nephishour old backup cratered, yes master is full 8 GB17:14
ivoksok, open two terminals17:14
ivoksconnect to master and slave17:15
ivoksnephish: connect to mysqls17:16
ivoksnephish: and run 'show slave status\G' on slave17:16
ivoksthere should be:17:16
ivoks          Slave_IO_Running: Yes17:16
ivoks          Slave_SQL_Running: Yes17:16
nephishhave io = yes, running = no17:17
ivoksnow lock tables on master17:17
ivoksand run 'show master status;'17:17
* smarter wonders how the other distros will manage this amarok dependency...17:17
nephishflush tables with read lock?17:18
ivokslock it, you have to put some downtime :(17:18
ivoksdid you lock it?17:19
ivokson master, dump the database to a file17:19
nephishyes, and show master status17:19
ivoksrun 'snow master status;' again17:20
ivoksposition shouldn't be different then before17:20
ivoksyou've created replication user with read privileges on master?17:21
nephishyes, replication user is good17:23
ivoksdid you dump it?17:23
ivoks(the database)17:23
nephishmaking copy with mysqlhotcopy. takes a bit because it is a large db17:24
nephishmysqldump would take hours17:24
ivoks8GB right?17:25
ivoksanyway... once you dump it17:25
ivokswrite down position from master17:25
nephishwait, maybe the import into the slave would take that long, dump itself may not17:25
nephishand it will be different?17:26
ivoksit should be the same17:26
ivokssince you've locked tables17:26
ivoksbut, write it down after you dump it17:26
ivoksthen unlock master and leave it to work as before17:26
ivoksimport that database on slave17:27
ivoksand set up replication on slave:17:27
nephishslave shoud be running ? drop the db on slave, right? do i need to stop slave?17:27
nephishbefore i import the database?17:27
ivokschange master to master_host="[ip of master]", master_user="[replication user]", master_password="[replication password]", master_log_file="[master log file]", master_log_post="[position you wrote]"17:28
ivoksyes, slave should be running17:28
nephishdump the db on the slave right?17:29
ivoksmysql log file has all the logs of everything done on mysql17:29
ivoksso, you create a duplicate from one position17:29
ivoksimport that copy on slave17:29
ivoksand replicate all the changes from that position17:29
ivoksafter 'change master'17:30
ivoksstart slave;17:30
nephishso slave should not be running now?17:30
ivoksyes it should17:30
ivoksit should be empty17:30
ivoksthen import that dump17:30
ivoksrun that change master...17:31
ivoksand start slave;17:31
ivoksstart slave; is a command in mysql that starts replication17:31
ivoksnot the mysql it self17:31
nephishok, dump is finished, will copy to backup machine17:31
nephishlog position was the same after dump17:32
ivokswrite it down and unlock tables17:32
ivoksyou don't need master anymore17:32
ivoksi guess you set up everything in /etc/mysql/conf.d/blabla.cnf?17:33
ivokslike server-id17:33
ivoksmaster-host and all those variables17:33
nephishyes, got that stuff17:33
nephishanything i need to do with the relay log?17:33
nephishon the slave?17:33
ivoksnothing now17:33
nephishhotcopy basically copies all the files in /var/lib/mysql/db_name over to a new directory that can be placed in another database17:36
ivoksthat's not what we want17:36
ivokswe want dump of single database17:36
ivoksnot everything17:36
ivoksoh, db_name17:37
ivokssorry :)17:37
nephishso it should be cool?17:37
nephishthere are three files per table, all MyISAM17:38
ivoksok, move that to slave17:38
nephishin transit now17:39
nephishhey thanks for taking your time on this17:39
ivoksright, i'll provide you a bank account at the end :)17:39
nephishhe he17:40
ivoksso, what's the status?17:46
ivoksnephish: you have replication log name from 'show master status;' on master?17:47
vorianmathiaz: would you be so kind as to take a peek at http://dpaste.com/109036/ ?17:47
nephishin the my.cnf on slave, there is the statement log-bin=mysql-bin  and on the master when show master status, the log name is mysql-bin.00000417:50
ivoksso, replication log is mysql-bin.00000417:51
nephishin the my.cnf/17:51
ivoksand replication position is... the on you know17:51
ivoksin my.cnf you define the name17:51
ivoksbut logs rotate17:51
ivoksthat's why you have 00000417:51
nephishso what i have is cool17:52
ivoksyes, everything is ok17:52
ivoksdid you transfer the detabase?17:52
nephishon the slave, since i did a drop database, should i create database? or should i just copy the database files to the /var/lib/mysql ?17:53
nephishthey are in a folder with the same name as the database.17:53
ivokscreate database first17:53
ivoksthen copy the files17:53
ivoksstill copying?18:03
nephishjust done18:04
ivoksok, now connect to mysql on slave18:06
ivoksas root, of course18:06
ivokschange master to master_host="[ip of master]", master_user="[replication user]", master_password="[replication password]", master_log_file="[master log file]", master_log_post="[position you wrote]"18:06
kirklandnijaba: ping18:07
nijabakirkland: pong18:09
kirklandnijaba: http://blog.dustinkirkland.com/2009/01/ubuntu-jaunty-testing-screen-profiles.html18:09
kirklandnijaba: screenshots of your tool18:09
kirkland(well, that sounds bad...)18:09
kirklandnijaba: screenshots of screen-profiles-helper18:10
nijabanot as long as you don't say my BIG tool ;)18:10
kirklandnijaba: :-D18:10
kirklandnijaba: it's a python tool18:10
nephishivoks, is it master_log_pos ? not master_log_post18:10
kirklandnijaba: :-P18:10
kirklandnijaba: okay, so, do you have time to put together the MIR?18:10
kirklandnijaba: i think i'd like to try to get it into the server cd seed by the next alpha18:11
ivoksnephish: my bad18:11
nephishits cool18:11
kirklandnijaba: i was thinking we could make 'screen' depend on screen-profiles18:11
ivoksno errors?18:11
nephishquery ok, 0 rows affected (0,40 sec)18:12
nijabakirkland: as you know, we are in meetings all day, I'll try to skeeze it in some time in the evenings18:12
ivoksnephish: ok, now run 'show slave status\G'18:12
ivoksnephish: and check Exec_Master_Log_Pos18:12
* nijaba goes have some food18:12
kirklandnijaba: and nudge the screen-owned /etc/screenrc to /etc/screenrc.orig, and dh_installlink the /usr/share/screen-profiles/profiles/ubuntu -> /etc/screenrc18:12
ivokser... 'Relay_Log_Pos'18:12
kirklandnijaba: that's just a thought at this point, but it shouldn't be too hard18:12
kirklandnijaba: possibly controversial18:13
ivoksnephish: it should be the same as the position from master18:13
nephishok Exec_Master_Log_Pos is same as the position18:13
nijabakirkland: hmmm that's an interesting thought18:13
nephishso far so good18:13
ivoksnephish: 'start slave;'18:13
kirklandnijaba: just a thought at this point18:14
stiv2kis anyone here familiar with init script?18:14
stiv2kthis init script that came with the bopm package does *not* work at all18:14
kirklandnijaba: it would avoid forcing every user to run select-screen-profile on every machine18:14
uvirtbot`New bug: #317187 in samba (main) "Samba server does not work in Ubuntu 8.10" [Undecided,New] https://launchpad.net/bugs/31718718:14
ivoksnephish: now 'show slave status\G'18:14
ivoksnephish: and check the output18:14
ivoksnephish: like Slave_IO_State18:14
ivoksnephish: and Slave_IO_Running & Slave_SQL_Running18:15
nephishlooks good, Slave_IO_Running = yes18:15
kirklandnijaba: anyway, we need to get it into main first18:15
nephishand Slave_SQL_Running Yes18:15
nephishno errors18:15
ivokshow about Slave_IO_State?18:15
ivoksthe first one18:15
ivoksshould be 'Waiting for master to send event'18:16
nephishwaiting for master to send event18:16
ivoksnow, last check18:16
ivoksin another terminal, connect to master mysql18:16
mathiazvorian: looks good to me.18:16
ivoksand, at the same time run 'show slave status\G' on slave and 'show master status;' on master18:16
mathiazvorian: I'll get more work done on the 5.1 package as it doesn't work for now.18:16
vorianmathiaz: ok, i'll upload it once i'm done building it18:17
ivoksnephish: Relay_Log_Pos on slave and Position on master should be the same18:17
mathiazvorian: sorry for breaking libmysqlclient-dev - but I had to fix the libmysqlclient15-dev first as it broke things in main (ooo)18:17
voriansure, it's no big deal :)18:17
nephishon show master status?18:18
ivoksnephish: Position on master (from show master status;) and Relay_Log_Pos on slave (from show slave status\G)18:18
nephishyes they are the same18:19
ivoksnephish: congrats, evertyhing is ok18:19
nephishcool, thanks !18:19
nephishi am dumping the transcript of this18:19
nephishto have for next time18:20
* jmedina wants that script18:20
* ivoks wants money :)18:20
* jmedina wants beer and money18:20
jmedinaand the script18:20
ivoksok, take care people18:21
ivoksi'm done for today18:21
nephishthans again ivoks,18:21
ivoksno problem18:21
stiv2khello, this init script that came with the bopm package does *not* work at all... can anyone take a look at it?18:21
mathiazvorian: ok wfm. your diff would just fix libmysqlclient16-dev so that you can build against it.18:32
mathiazvorian: it doesn't fix mysql-server-5.1 not starting correctly.18:33
mathiazvorian: fixing the server would require more work.18:34
mathiazvorian: I'm looking into that.18:34
vorianmathiaz: ok18:34
mathiazvorian: but at least you should be able to work on amarok2 and make it work18:34
mathiazvorian: IIUC amarok uses the embeded server which shouldn't require a working server process (which doesn't work right now in 5.1)18:35
vorianmathiaz: ok, so you are ok with me making this upload then?18:35
mathiazvorian: ^^ this is just an assumption though. I'm not really familiar with the embeded version.18:35
mathiazvorian: yes - if that can help you move forward on amarok.18:35
mathiazvorian: make sure that libmysqlclient16-dev has all the files - that's what your diff fixes.18:36
vorianmathiaz: great, that will help out tremedously18:36
vorianmathiaz: i'm testing that now, i have a nice hook that will show me any missing files18:37
Ward1983nice isntalling the xen kernel means getting a bridge with the name of my networkcard.....18:38
Ward1983my networking was screwed up, even my router started tripping18:39
Ward1983so how do i undo trhis? not i presume18:39
keesScottK: yeah, good point.  I think that wasn't it, though, since msmtp choked too.  seems like the cafile list was the culprit.18:45
=== lamont` is now known as lamont
kirklandnijaba: https://wiki.ubuntu.com/MainInclusionReportScreenProfiles19:17
firecrotchI have two ubuntu servers and can connect to a samba share on one server but not the other. both servers are running intrepid, configured identically except for one of them also having apache installed.  trying to connect from windows XP and vista. any clue as to what the problem could be?19:19
Faust-Cfirecrotch: what do logs say19:23
firecrotchFaust-C:  Nothing at all19:24
MianoSMfirecrotch: firewall?19:24
Faust-Cfirecrotch: logs on the server have to say something19:25
Faust-Ceither turn off fw19:25
uvirtbot`New bug: #317216 in mysql-dfsg-5.1 (universe) ""/etc/init.d/mysql start" fails, so package can't be configured" [Undecided,New] https://launchpad.net/bugs/31721619:30
firecrotchFaust-C:  there's nothing in /var/log/samba/log.(hostname of machine connecting from), and it can't be a firewall issue if the other server works just fine19:31
Faust-Cfirecrotch: did you check the other logs19:31
Faust-Cmessages, warn, etc19:31
firecrotchFaust-C: nothing in the other logs either related to this19:34
jmedinaFaust-C: trye with smbclient locally19:36
jmedinasmbclient //localhost/share -U username19:36
jmedinaor anonymous smbclient -N //localhost/share19:36
Tim__Reichhartwhich is better cat5e or cat6 if you going to wire up 3 servers?19:43
nadley_I would like to know how to set up a VPN with ubuntu server ?19:44
=== mcasadevall is now known as NCommander
jmedinanadley_: the easyiest way is to openvpn19:50
MianoSMOr use a DD-WRT router.19:51
jmedinaI think there is vpn howto in the community docs, but is for a bridged setup, for routed setup you better follow the official openvpn howto19:51
MianoSMTim__Reichhart: it doesn't matter Cat5e would be fine.19:51
nadley_jmedina: oki thx but how I use it19:52
jmedinanadley_: just install openvpn create a config file in /etc/openvpn/server.conf according to the openvpn howto19:52
jmedinawell there are clients for linux, mac, windows (including vista)19:52
nadley_jmedina: what is the difference between a bridged and a routed ?19:52
jmedinanadley_: I can't explaint it right now, it is documented in the howto19:53
incidenceHey, I'm having problems with amavis+spamassassin. It doesn't deliver spam messages to .Junk and it doesn't mark them as spam (rewrite subject(20:06
incidence* )20:06
nijabakirkland: https://wiki.ubuntu.com/screen-profiles-mir.  I think we (I) forgot to use gettext for screen-profiles-helper.  Do you think we should wait til it is done before submitting the MIR bug?20:26
stormblueI have a server (Drapper with 2.6.15-51 kernel) that when I boot it up it acts like it's going to load and then I see, "Okay boot the kernel" as the last line.  The screen flickers a little before this and a little after this.  If I boot up into recovery mode I can boot right up.  Any ideas on what this could be or any logs I should check?  I've checked /var/log/messages and /var/log/demsg and didn't see anything that screamed there was an issue.  An20:35
agentkstormblue: It could be screen mode lines in grub. Espically if your getting screen flicker.20:42
stormblueagentk: Can you explain further? Doesn't the line, "Okay boot the kernel" mean I'm outside of GRUB?20:44
agentkstormblue: When you have to option of booting the recovery kernel, go to the main kernel and press E to edit it then go to the kernel line and press E to edit that too. And remove a different option on that line and test it until you find the option that is causing it.20:44
agentkstormblue: Yes, but if the recovery option is booting ok, then the problem is the difference in kernel options between recovery and normal.20:45
stormblueOh, okay.20:45
stormblueThat makes sense.20:45
agentkstormblue: The only difference between my normal and recovery kernel is a word at then end of the kernel line: splash20:46
stormblueOkay.  I'll check it out.20:46
stormblueAre you on ubuntu?20:47
agentkstormblue: Yes. 8.04 and 8.10 servers and 8.10 desktops20:47
stormblueHow do I save from the edit screen CTRL + O ?20:49
agentkstormblue: To save the changes you will need to edit the grub file once booted. /boot/grub/menu.lst20:59
stormblueOkay.  I took splash and quiet out and it was fixed.21:00
dinsdale07does the name "httpds" tells someone something. I see this process stuck on my webserver since hours and I'm quite suspicious.22:36
mdf1why don't you strace it22:36
mdf1or figure out the full path to the binary and use dpkg -S /path/to/httpds to show the package it belongs to22:37
dinsdale07I don't even find a binary by that name on my server. under top it shows up as perl unless with the "c" option22:38
mdf1got the process id?22:39
kirklandnijaba: do you mind if i rename screen-profiles-helper to screen-profiles-configurator (and make all the necessary updates)?22:39
dinsdale07mdf1, yes,22:40
dinsdale07kann I link the process ID to the exact binary executed somehow?22:40
mdf1believe you can. under /proc22:41
mdf1file /proc/<pid>/exe22:42
mdf1root@mdf-vostro-1500:~# file /proc/32702/exe22:43
mdf1/proc/32702/exe: symbolic link to `/usr/sbin/rsyslogd'22:43
dinsdale07I didn't know that - that's excellent.22:45
dinsdale07it says symbolic link to /usr/bin/perl22:45
mdf1dinsdale07, you can also see the process listing from 'ps -aux' which might provide more information than top22:45
dinsdale07Oh my dear - that doesn't sound too good... It's all owned by www-data so it seems to be a perl script started by the apache.22:46
mdf1or created by, which also isn't good22:46
MianoSMso: sudo /etc/init.d/apache restart22:46
dinsdale07mdf1, I think the process is masking itself by the name of "httpds", there is no path to the exact perlscript.22:47
dinsdale07MianoSM, if someone can start a perlscript via the web on my server I need to investigate this and get to the bottom22:47
MianoSMdinsdale07: Sweet! let us know what you dig up.22:48
mdf1dinsdale07, you can strace the process or just kill it. Also netstat -nap | grep PID to see if there are any network sockets open to/from it22:58
dinsdale07I had a look which files the process has opened - this is the result: http://paste.org/484422:58
dinsdale07mdf - your command returns:  tcp        0      0 $myip:53978     VERBUNDEN   15924/[httpds]23:02
dinsdale07this is definately nothing that should be running here ...23:02
mdf1lotta error logs open, and a connection to ns.km23337.keymachine.de:afs3-fileserver looks suspicious23:03
dinsdale07but thanks so much for your commands - that's going at least in the right direction23:03
MianoSMThis machine is still online/connected to the Internet?23:03
hadschkrootkit etc.23:04
dinsdale07yes - I can't take it offline though ...23:04
hadsYou may need to :|23:04
mdf1I wouldn't, not yet23:04
hadsand rkhunter23:05
jmedinadinsdale07: dinsdale07 have you looked at /tmp, usually when someone install a script via http it stores it in /tmp23:05
mdf1I'd use tcpdump to capture the network traffic to the other system23:05
jmedinasometimes in a hiden directory like /tmp/\ .\ . \ /tmp or like that23:05
dinsdale07It must have been going on for some time now so I hope I can at least leave it online to investigate.23:05
MianoSMThat's slightly inconsiderate.23:06
dinsdale07MianoSM, if I shut it down I don't know what it is doing23:08
MianoSMThat's what logs are for.23:08
MianoSMI'm just saying, if you do find that it is a rootkit. Hopefully it's just some bad code.23:09
wasabiebox is pretty rocking when it works.23:09
MianoSMwasabi: do you like it better then webmin?23:10
wasabiunless webmin has changed substantially since last I looked at it23:10
wasabiNope, still ugly as heck.23:10
MianoSMI just find webmin extremely easy to use, being one package that works with less then five commands.23:11
wasabiAnd geared towards hard core admins.23:11
Deeps!webmin | MianoSM23:11
ubottuMianoSM: webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system. See !ebox instead.23:11
Deepsmind you, ebox is broken in intrepid23:11
ubottuebox is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/eBox23:11
wasabiShould add it's broken in intrepid. :023:11
wasabiIn two ways.23:11
Deeps2311.21 < Deeps> mind you, ebox is broken in intrepid23:11
MianoSMI've worked with ebox, and do not care for it after working with webmin.23:11
wasabigot cha23:11
wasabiebox isn't really meant for total box admin, as far as I can tell.23:11
Deepsalso noted on the wiki too23:12
wasabiit's meant for a targetted set of devices.23:12
Deepsit's still fairly new too23:12
wasabiBut, with it being on Ubuntu now... I really like it.23:12
Deepswebmin's been around a lot longer23:12
Deepseitherway, it's a bad idea to be dependant on a web/graphical ui to manage your server, you should be able to use the command line comfortably23:13
wasabiI disagre.23:13
wasabiBut thanks. :)23:13
MianoSMDeeps: I completely agree.23:13
Deepswasabi: you think command line knowledge is superfluous, and it's acceptable to be a server admin that's dependant on web/graphical front ends?23:15
MianoSMEveryone has to start somewhere though.23:15
uvirtbot`New bug: #316849 in mysql-dfsg-5.1 (universe) "mysql-server-5.1 doesn't start - skip-bdb option unsupported" [High,Confirmed] https://launchpad.net/bugs/31684923:15
Deepsindeed, it's an easy way to start, but bad to be dependant on23:15
MianoSMIn that regard webmin/ebox can help ease the transition over time, and still allow administration.23:15
MianoSMJust like many will argue that admins shouldn't use ufw, and instead learn IPTables.23:16
Deepswell, if you're transitioning home stuff, sure. if it's anything business critical, YDIW, and will probably suffer more in the long run23:16
Deepsoh i think ufw is great, i'm starting to use it now too23:17
* jdstrand wonders why an admin shouldn't use ufw23:17
Deepsit's a wonderful front end, just like webmin/ebox/whatever23:17
jdstrandI mean, it has sane defaults and one could argue it will help prevent mistakes23:17
jdstrandbut, different strokes...23:18
Deepsbut i'd still reckon it'd be bad to be entirely dependant on, without knowledge of how iptables works23:18
MianoSMAt present the latest LTS does not support ufw with port ranges...23:18
jdstrandwell, you need to know iptables to do the fancy stuff anyway23:18
jdstrandMianoSM: there will be a backport23:19
wasabiDeeps: No? Why assume the polar?23:19
wasabiDeeps: I madea  statement that I disagreed with what you said, not that I agreed with the polar opposite.23:19
Deepswasabi: i wasnt making any assumptions, i was asking a question, hoping you'd expand on your statement :)23:19
Deepsmaybe i should have prefixed it with 'do'23:20
wasabiI think deep knowledge of a command line should not be required to do a whole lot of tasks on a server.23:20
jdstrandbut, if I may say, ufw works exceddingly well for a desktop user23:20
wasabiI think being able to point and click to configure a firewall and NAT, and some users, is great.23:20
jdstrandexceedingly even23:20
wasabiAnd I don't think it's shameful.23:20
Deepsaye, ufw's great for a desktop OS23:20
wasabiAnd more pragmatically, whether it is or is not desired is besides the point.23:21
wasabiPeople want it.23:21
wasabiAnd if they don't get it with us, they'll find it elsewhere.23:21
wasabiI'd prefer they find it with us.23:21
Deepswasabi: i totally agree with you, deep knowledge of a command line should not be required to do a whole lot of tasks on a server, point and click for firewall/services configuration is great23:21
MianoSMI suppose therein lies the opportunity for a "home server"?23:21
wasabiThe lower the barrier of entry, the wider the swath of audience you can speak to, and the more jobs you can solve for people.23:22
wasabiThe thing is to do so while not pissing off another segment.23:22
Deepshowever if you're entirely dependant on these friendly front ends, it's easy to hide bad things going on in the background23:22
wasabiOr at least MY segment. :023:22
wasabiDeeps: Great. And?23:22
wasabiDeeps: The vast majority of offices in the world run Microsoft servers internally now for their infrastructure. And they have issues. The cost of those issues is however not greater than the cost of people capable of knowing the nitty gritty of all the systems.23:23
wasabiIf they were, they'd not be running them.23:23
wasabiAnd that's just reality as I see it. :023:24
wasabiI'd much rather get those same people using Ubuntu.23:24
wasabiebox is an awesome step towards that.23:24
MianoSMWell, there is a large push for a more friendly GUI/Frontend to the server - but every problem has a tool that will resolve it best. Linux/Ubuntu is a free O/S and as such the cost is in knowledge, not in licensing.23:25
Deepsi've never said it isn't23:25
MianoSMFunny enough even MS is starting to make servers without a GUI (available in 2k8 for many roles).23:26
JanCwasabi: a good & "easy" web or GUI admin is certainly something we need to get into small & medium business23:28
dazmanI think Windows SBS is a pretty good "plug in and go" method of a small business server.. in that, on first boot, you get the nice welcome screen where pretty much the main core functionality is all configured using wizards etc.23:33
dazmanIt means people with little knowledge of what anything the server does, can get it up and running to best practices pretty well.23:33
Faust-Chmm i wonder if i can use gfs+iscsi to have more than one client connect23:34
jmedinawhy not?23:34
jmedinait is a common use, like gfs+FC23:35
Faust-Cjmedina: w/ windows being the client ?23:36
Faust-Cive been messing w/ esx so much i didnt realize that there arent many "network" file systems23:36
* Faust-C has 3 windows servers that need to centrally store files on 1 linux server23:37
wasabiMianoSM: knowledge is always more expensive.23:40
jmedinaFaust-C: dont know, I dont use windows23:42
dazmanwasabi: I think that's a big barrier.  I spoke to some company the other day who was migrating away from an opensource solution to a Microsoft solution (including Microsoft Exchange for e-mail) because support was much cheaper and more accessible.23:43
Faust-Cjmedina: i usually dont either23:43
wasabiI did that.23:43
Faust-Cbut since no one else can solve this issue its left up to me23:43
wasabiI run Exchange, AD, and all the Apache stuff is IIS now.23:43
jmedinaFaust-C: but iscsi is for block level, I dont kwon if there is gfs support for windows23:43
Faust-Cjmedina: yeah ive been trying hard to figure this out23:44
dazmanwasabi: Exchange is a big big big selling point for Microsoft - there's nothing, IMO, in terms of what it does available elsewhere.23:44
wasabiNope. Nothing.23:44
wasabiBut AD is the same.23:44
dazmanwasabi: I'm hoping hula project turns into a project which can really start to be a viable alternative.23:44
wasabiMS SQL I think is similar.23:44
wasabiHula is dead.23:44
jmedinafor years23:44
wasabiNovell pulled away from that in 200623:44
dazmanIt's still being developed, albeit not as quick as I'd hoped. I think they're going for version 1 soon.23:45
dazmanSorry, not hula23:45
wasabiIf so, it's all volunteer.23:45
wasabiI've never seen anybody who understood why Exchange rocked.23:45
wasabiAnd provided what was good.23:45
dazmanwasabi: You've seen me? :P23:45
jmedinawasabi: it rocks in the specs :D23:45
wasabiIt rocks because of the UI. That's about it.23:46
wasabiAnd the integration into AD.23:46
wasabiAnd the client.23:46
dazman*technically* it's not the best implemented.23:46
wasabiBut each of those things can be developed independently.23:46
dazmanIt could be better.. certainly room for improvement.23:46
wasabiInstead of pretending 'groupware' is important.23:46
Faust-CeDir is superior than AD imo23:46
wasabieDir is idiotic.23:46
Faust-CAD is only good at managing windows desktops23:46
wasabiAD is good at setting up authentication.23:46
dazmanHowever, its the integration with clients, AD, the featureset (altho that is limited in parts too, to point which can cause big problems), etc.23:46
wasabieDir is good if you want a blank slate LDAP server.23:47
Faust-Caside from that AD has no other functionality23:47
wasabiBut who WANTS that?23:47
Faust-Cwasabi: AD is good at setting up windows auth and desktop settings23:47
wasabiAD solves a problem. It gets you an authentication infrastructure immediately.23:47
Faust-Caside from that i see no use in it23:47
wasabiFaust-C: Works fine with my Linux desktops and servers.23:47
wasabiedir solves a different problem: it gets you a blank LDAP server.23:47
dazmanAD also stores lots of configuration... for exchange for example.23:47
dazmanIt does quite a bit.23:47
Faust-Cwasabi: im speaking for locking down windows desktop settings23:47
wasabiThat's not WHY you buy AD.23:48
wasabithat's a benefit.23:48
wasabiThe core is for centralized/distributed authentication and information.23:48
Faust-Cand exchange i was interested in until i saw the price tag23:48
wasabiExchange is like 1k.23:48
wasabiWhich is nothing.23:48
Faust-Cwhat about cals23:49
wasabi25 per user.23:49
dazmanThe fact you can install, for example, a mail server (Exchange) and all configuration and infrastructure information is instantly available via the domain, is a pretty big admin benefit.23:49
wasabiOutlook license included with CALs23:49
Faust-Cwasabi: if you have all that setup already23:49
wasabidazman: and the domain can have THOUSANDS of DCs, all replicating.23:49
wasabiWith automatic site management, least cost pathing.23:49
Faust-Cunfortunatly i have to fix all the crap here23:49
* jmedina thinks wasabi sells exchange and AD23:50
wasabiAnd it does this automatically. YOu do nothing more than answer 3 questions and enter a username/password.23:50
dazmanwasabi: Indeed.23:50
wasabiWe have most of the technical pieces required for that.23:50
wasabiWe have LDAP servers, we have Kerberos KDCs.23:50
wasabiWe just don't have a coherent vision to tie them together with a good UI.23:50
JanCwasabi: etc. etc. exactly ツ23:50
jmedinazivios looks promising23:51
dazmanwasabi: things like, Exchange.  You have 10 mailbox servers - mailflow all in AD, knows where to send mail to whichever user.. irrelevent of the mailbox server in use.. move mailbox, all mail is routed to a different server.  Things like that, for redundancy, management, usability is a big big big plus.. and it's where opensource solutions need to start looking.23:51
wasabiAnd the same is true on the Exchange side. We have good IMAP servers. We have good calendar servers. CalDAV stuff.23:51
wasabiBut we don't have any coherent vision to tie them together.23:51
JanCRed Hat & Novell & Apple have some solutions around that though23:51
dazman*if* we could bring it all together.... well... that's the key thing.. but, possible.23:51
JanCthe unix/linux spirit requires us to come up with a solution that's both easy for mediocre admins and at the same time flexible enough for great admins though  :)23:53
dazmanJanC: This is where Microsoft have got it sorted though - one side they have SBS, which is all wizard based, very easy to setup for anyone.. but then they have full products, such as 2008, where you can install server core and that's it.. allowing the admin just a powershell to configure it all.23:54
dazmanJanC: completely different markets, totally different people.. but the same products presented a different way.23:55
JanCdazman: right, and we *have* the tools to build something similar or even better23:56
dazmanJanC: we do.. yep.  It's just, doing it.. and bringing those tools together.23:56
dazmanJanC: and up to now (well, certainly in the 10-12 years I've been around), it's not happened.. lots of tried, projects come, projects disappeared :(23:56
JanCdazman: AFAIK companies like RedHat, Novell, IBM & Apple have at least some solutions that they use for their clients...23:57
JanCmaybe not complete yet23:58
dazmanThey certainly aren't complete, but they do have some sort of solution.23:58
JanCIBM *has* solutions23:58
dazmanGetting to the point Apple are at, in terms of this stuff, it wouldn't be *that* much work relatively.23:58
JanCbut IBM is a very untransparant company23:59

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!