[01:04] when working w/ NIS + NFS + autofs , anyone ever seen it take a /local/ (to the client) user account and do weird stuff with it? My admin account was just 'user' but today when booting back up the owner was 1004 and group 1005. I could not log in nor do i have ANY account named 'user' being exported in NIS i wanted that admin account local only? [01:06] i'm also getting 'permission denied' errors when trying to install software on my clients. Permissions for /home/ on the server are: 750 , didn't have issues yesterday either. [01:15] question: how do i a command so that on every startup it gets executed? [01:21] kansan: Given the channel we're on, I assume you mean in the context of a server. But, do you mean a "command" that does something and then quits, or "command" as in starting a long-lived server process? [01:22] specifically i want to add a command to /etc/rc.local ... "wget http://169.254.169.254/latest/meta-data/user-data; chef-client -J user-data;' .... how can i do that from the command line? [01:22] i want that to be run on every startup [01:22] so the latter [01:23] * altf2o_ things his server is going kaput?! [01:24] kansan: I'd place the command into a shell script in /etc/init.d/ then do sudo update-rc.d script_name default [01:24] kansan: least I think that should work [01:25] sommer, is it not enough to add it in /etc/rc.local ? [01:25] and if not, why not? [01:25] kansan: Wait... if you know you want to put it into /etc/rc.local, why are you asking what to do? [01:25] kansan: that should work too [01:25] maxb, cuz i worry that because its launching a daemon of sorts [01:26] that /etc/rc.local might not be the right place? [01:26] rc.local will only launch a deamon if the contents are deamon applications... so your wget command will run then stop, and the system will continue with the boot process [01:27] sommer, but if i put semilcolons in between; it will still run chef-client -J part [01:27] right? [01:28] it should... you can also to && which will only run if the first command is successful [01:28] is it good/bad idea to put pre authorized public keys of machines we want to be loggin in from into a server image? [01:29] should be fine... I mean they're "public" keys :) [01:29] hah ;p [01:30] I actually load my ssh key into cloned vms without any issue, it's a nice convenience [01:30] yes [01:30] i'm trying to figure out how to do it from command line [01:30] i.e. echo 'ing and >> to authorized_keys [01:31] i'm not sure how that command looks like [01:31] you could just create a standard authorized_keys file and copy it where needed [01:32] yes thats much easier [01:46] sommer, what should permissions me [01:46] be [01:46] for /etc/rc.local? [01:46] no for authorized_keys [01:47] 600? [01:47] kansan: something like that, mine are 644 [02:31] !pastebin [02:31] pastebin is a service to post multiple-lined texts so you don't flood the channel. The Ubuntu pastebin is at http://paste.ubuntu.com (make sure you give us the URL for your paste - see also the channel topic) [02:38] chroot '/mnt/build/ubuntu' apt-get install -y ruby ==> chroot: cannot run command `apt-get': No such file or directory .... ideas on how to fix? [02:44] kansan: I suspect that you might need to specify a path to apt-get. [02:48] quick question: anyone know why i'd be getting a: Error reading /home/altf2o/.nano_history: Permission denied , when simply launching: nano foo.c , ? I do launch 'nano' while 'sudo'ing for editing files, could that have messed with me? [02:51] altf2o_: quick answer: yes [02:52] altf2o_: See also: http://ubuntuforums.org/showpost.php?p=1185470&postcount=4 === jjesse_ is now known as jjesse [03:01] altf2o_: the first time you launch nano, it should be as your own user, then you'd prevent this from happening [03:02] + the ubuntuforums post [03:13] owh, is there a place i can specify the path so it'll work with ch_root? [03:18] kansan: What are you trying to do with this chroot? [03:18] Beware that chroots, whilst not *hugely* complicated, aren't as simple as they may seem, either [03:19] maxb, build an ec2 image [03:20] in /mnt/build/ubuntu [03:20] i'm really getting frustrated with it :( [03:20] I don't know anything about ec2. Can I assume that it's roughly like building an image on a second hard drive to later boot it directly in other hardware? [03:20] eeys [03:20] yes [03:21] How did you create the basic stuff in the chroot? [03:21] debootstrap? [03:21] ah thats the issue [03:21] i'm trying to run a scirpt that was meant to be used at the end [03:22] once stuff in the new chroot was installed [03:22] and it cant find it [03:22] i was trying to test the script if it worked on its own [03:22] cuz dloading all the packages takes time [03:41] ok i'm using eric hammonds script: wget http://ec2ubuntu-build-ami.notlong.com to build an buntu server image. how can i ensure that the resulting /etc/rc.local has: wget http://169.254.169.254/latest/meta-data/user-data; chef-client -J user-data; inside it? [03:41] it uses debootstrap i believe [03:41] maxb, ? [04:13] kansan: so, it looks like you're supposed to hook into it by writing a customization script for the --script option [04:14] well i did [04:14] we'll see if it works ;p [06:53] hi [06:56] I have configured a server that is supposed to boot diskless clients but the client i have to boot now doesnt have a screen and its not booting with it [07:04] I have configured a server that is supposed to boot diskless clients but the client i have to boot now doesnt have a screen and its not booting [07:08] hi [07:08] can someone help me? [07:47] hi [07:48] is there a step by step guide to install Oracle9i Release 2 Database Server on Ubuntu 8.10 server ? [07:54] the best method is: apt-get install mysql-server [07:54] \o/ [07:56] I think you mis-spelled postgresql [07:56] no, no, indeed, it is mysql :) [07:57] Oh, sorry, I thought you were talking about an Oracle substitute :) [07:57] I'm talking about next generation database! :) [07:57] not about substitutes [07:57] So I was right. [07:58] in a way :) [07:58] kaushal: I'm guessing that you've already tried Google? [07:58] postgres has it all over mysql [07:58] frippz, yes [08:08] kaushal: You could try https://help.ubuntu.com/community/Oracle10g The author asserts he has tested it with LTS (8.04) [08:31] :) mysql vs postgresql is allways fun. but you can ( ithink) convert oracle pgsql and tables easily to postgresql compatible form [08:32] not so long ago i found page where someone used same dataset in oracle and pg8.3, without any optimizations pg was 5-10x faster per query (both db didnt have load there).. too bad that i dont have that link === mcasadevall is now known as NCommander [08:49] what is the correct way to set /proc/sys/net/ipv4/ip_forward to 1? [08:50] echo 1 > /proc/sys/net/ipv4/ip_forward [08:50] i have logged in to a client's server a couple times now to find it off and the box has not rebooted. Is there a reason why this would be? [08:50] <_ruben> edit /etc/sysctl.conf [08:50] ta [08:50] If you want it done on reboot, what he said. [08:51] <_ruben> nothing will prevent it from being changed by whatever service/script/etc though [08:51] <_ruben> there's several ways to get the same result .. investigate what changes the value remains an issue i'd say [08:51] thanks _ruben that seems to be the elegant way to do it [08:52] i had echo 1 > ... in the rc.local file [08:52] then i added my own cron [08:52] and now /etc/sysctl.conf [08:52] Use a hammer too? :) [08:53] naa :) i think i got it now thanks [08:53] i need this client, still it would be damn funny to see his face when i cruise in there with a 4 pounder :) [10:16] hi all [10:18] i think it might be good to keep my server configurations inside a subversion repository. is there a tool which provides the management of such a task? Most importnant that hooks in with apt-get to merge configuration changes by that back into the repository? something like etckeeper [10:18] http://kitenet.net/~joey/code/etckeeper/ [10:19] milestone: its being worked on https://wiki.ubuntu.com/EtcUnderRevisionControlSpec [10:20] henkjan: great thanks. Although i want to use my subversion repository and etckeeper does not support svn [10:20] will the stuff being worked on support svn as well? [10:22] having read the page [10:22] i'd say no, given that it's build on etckeeper and using bzr [10:22] given that there's absolutely no mention of svn anywhere on the page either, i'd highly doubt it [10:22] Deeeps: i think its in the nature of the VCS internal structure [10:23] bzr and git are distributed repositories [10:23] subversion is a central repository [10:24] which has control of what is being out there, while git allows for managing the repository locally [10:27] anyone aware of http://lists.debian.org/debian-devel/2005/02/msg00495.html [10:27] ? === |boozary is now known as Mohammad[B] [10:37] milestone: I use bzr :) [10:44] hi anibody uses ESMTP ? i have problems settin it up. [10:44] on one location work ok on other no [10:54] Guys I've been using webmin to configure my ubuntu hardy server. However being that I'm an Ubuntu tester I thought it would be more prudent to use the ebox platform instead. To that end I have set up a test box so I can play about with ebox and get the server the way I'd like it. In the doc for 8.04 is says if you want to install all the packages use ebox-all meta package this doesn't seem to exist or am I doing s [10:56] davmor2: try apt-get install ^ebox-.* [10:56] to install all modules [10:57] Deeeps: Thanks I was going to do that after, I found a howto but wanted to check if the docs were correct or not first. [10:59] looks like the docs may be wrong if the ebox-all package doesn't exist [10:59] recommend filing a bug report! [11:02] Deeeps: Thanks anyway :) === davmor2 is now known as davmor2-away [11:41] I'm not really sure if I understand the concept of ebox. is it possible to administer several server from one ebox installation? [11:41] *servers [11:44] <_ruben> iirc you'd install ebox on each server you'd want to manage [11:45] hmm, ok. a little unfortunate for some servers that would otherwise be very lean (i.e. a pure DNS-server) if Apache and other stuff has to go there as well [11:48] <_ruben> you'd use solutions like cfengine for that .. we use own script for it actually .. bash+cvs [11:48] <_ruben> which is kinda like etckeeper i think [13:48] awesome [13:50] i'm trying to set up a server. i've installed openldap and, now i need to install powerdns and dhcp3-server. which of these two do i install first? [13:51] <_ruben> no apparent order .. you could install em all at once if you want [13:53] ruben: ok, thanks! i was wondering, because the instructions i'm following talked about setting dns servers in /etc/resolv.conf, which made me think maybe the order of installation mattered. [13:53] that is the dhcp installation instructions === Mohammad[B] is now known as |boozary === |boozary is now known as |Mohammad[B] [14:08] dayo__: worst case you get to restart both of the servers after you've configured everything *shrug* [14:09] * _ruben takes a stroll down to the serverroom .. server isnt coming after a (what appeared to be a successful) remote install .. sigh [14:10] <_ruben> coming up that is === davmor2-away is now known as davmor2 [14:15] cjwatson: well, i've installed and configured dhcp3-server. now on to install pdns-server and pdns-ldap-backend [14:29] that's pdns-backend-ldap ...... maybe that's why tutorials have been hard to google. hmmm [14:32] I have a backup of /var/spool/mail and I want to know how I can get the restored files to be processed and delivered to the maildirs? [14:36] AnRkey: this is what i use: http://www.howtoforge.com/linux_backuppc [14:42] does anyone know any good tutorials for installing powerdns with LDAP as backend? [14:53] Hi. Does somebody have experience in getting MPD to work on the server edition? [14:58] cedeel: What's the problem? [14:59] seems to have resolved itself... was a permission problem with the default user not being in the audio group [15:01] dayo__, you're talking about the same thing bind does; it *can* (though few do) store records in ldap; is this what you're talking about? like the A records, etc...? [15:06] dayo__, there's are examples in /usr/share/doc/pdns-backend-ldap [15:06] dayo__, and there's a manpage that's installed: zone2ldap [15:07] dayo__, and you have to add the schema dnsdomain2 to openldap; i can't remember how to do this, because ubuntu uses the dn=config configuration storage method [15:08] dayo__, but it did install that for you, so that step is done... in /etc/ldap/schema [15:08] are people using here seperate MySQL servers to authenticate ProFTP or is running it locally a wiser idea ? [15:09] MatBoy, security-wise you mean? [15:11] Hello, I'm trying to set up samba on my Ubuntu server, so I can map a drive from my windows boxes and store files on the server. I've a problem in the smb.conf (?) where the username in the windows logon box automatically adds the windows macnine name to the login name - like this. I type and click OK, it immediately pops back up with and of course won't let me succeed in logging in [15:13] looseparts, you don't need samba for that; you can just mount a samba share using mount; i.e. cifs [15:13] from the windows side? [15:14] looseparts, ah, i got it the other way around [15:14] i want to store windows files on the linux server [15:14] dayo__, that does not help much i'm afraid [15:15] i have the files restored, but the mails are not being delivered [15:15] looseparts, so you're talking about windows -> linux, right? [15:15] rdw200169, yes [15:16] looseparts, yah, just mount the windows share on the linux server [15:16] i think he wants to store the files on the server [15:16] and thus, mount a share from his linux server on his windows clients [15:17] uh. shouldn't i be mounting the linux share on my windows boxes? [15:17] looseparts: what version of ubuntu are you using> [15:17] looseparts, that's what i'm been asking; trying to figure it out [15:18] see, i want to run Robocopy and incremenatlly backup my wife (unending) work on my linux server for safekeepping. [15:18] rdw200169: 1514.37 < looseparts> i want to store windows files on the linux server [15:18] it's 8.04 lts [15:18] and xp [15:19] looseparts: see https://help.ubuntu.com/8.04/serverguide/C/configuring-samba.html, scroll down to the section headed 'user accounts' [15:19] (sorry - I meant my wife's unending work - she's doing a lot of writing... [15:19] Deeeps, i'll look there - thanks [15:21] Deeeps, et al. I'm off the work - I'll (re)read the configuing-samba.html and touch back in an hour or two. thanks for your help. [15:22] I am trying to get the version of kvm available in jaunty to run on intrepid. The amd64 version available on the packages pages makes dpkg produce an error that udev will break and fails to install. I do not know how to build debian packages from source, i did try exploring that yesterday. Does anyone have any suggestions? [15:23] refnumzx: https://wiki.ubuntu.com/Prevu may be relevant to your interests [16:15] 0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0 [16:33] kirkland: loving the new dark theme [18:39] I have a script I want to run whenever someone logs in (via ssh, gdm, whatever)... I though I could just put it in /etc/profile.d/, but that didn't seem to work. Any suggestions? === ivoks_ is now known as ivoks [18:48] shell-dependent i would say [19:30] kaje: The content in /etc/profile.d/ is sourced not run. [19:46] Hello everyone :) I have made a script that updates the system and installs Nginx with PHP support and MySQL with minimal user-interaction (only asks for mysql root password pretty early). If anyone could please check it out and give me some feedback it would be great! http://insecure.no/2009/01/easy-nginx-php-and-mysql-installer-script/ [19:49] And if anyone knows how to suppress the big blue screen asking for MySQL root password so i can set it manually later? Hope anyone has a tips or two for me :) [19:55] andol: Where should I put a script that I want to run whenever someone logs in? [19:56] kaje: I'd say that /etc/profile.d/ is the right idea; just do it as a shell script fragment that will be sourced (executed in the current login shell) not executed in a separate process. [19:56] hi! [19:59] kaje: So you can do echo 'echo Hello shell user' |sudo tee /etc/profile.d/hello.sh and then log in and it should display that little message to everyone who logs in. [20:00] kaje: Define "logs in" - console? ssh? X? What about the difference between interactive and non-interactive ssh? [20:01] * domas points to 'sudo bash' ;-) [20:01] thehook: you can specify dpkg 'noninteractive mode' [20:01] thehook: the easiest way is just sending to background :) [20:02] domas: will the script continue then? [20:02] thehook: you can also put in < /dev/null [20:02] so dpkg notices it doesn't own terminal [20:02] dunno :) [20:02] I wouldn't use mysql package from ubuntu [20:03] I'd use one from mysql.com :) [20:03] hehe, i dont think it will work with > /dev/null at leaast but maybe the noninteractive mode [20:03] thehook: < /dev/null [20:03] thehook: not > /dev/null [20:03] anyway, there's a way to set batch behavior somehow [20:04] and that's the way im looking for :P hehe, but i cant find it though :s [20:05] I told you, try redirecting input [20:05] some guy said something about search google for "dpkg default priority" but all i find is dpkg-reconfigure --priority="low" [20:05] or running with & :) [20:05] i am trying :) but i think the script will hang if it isn't getting any input [20:06] hehehe [20:06] you have limited thinking then! [20:06] thehook: Read the debconf(7) man page, look at the non-interactive front end option... [20:06] anyway, I'll reiterate, I wouldn't use ubuntu package myself [20:07] or at least I'd do considerable changes to it [20:07] after I install it [20:08] it has at least 3 major mistakes [20:10] domas: like what then? the only reason i'm using apt-get is because it will get updates automatically later :) [20:10] jmarsden: thanks, i will :) [20:10] jmarsden|work: thanks, i will :) [20:11] :) I should have /away'ed before I left for work... I forgot to do that today! [20:11] hehe [20:14] jmarsden|work: how do i get the debconf(7) i just seem to get debconf(1).. im not to familiar with the man :P [20:16] man 7 debconf [20:16] BTW, you should also do man man and read that :) [20:17] hehehe, i tried man debconf 7 actually :P [20:24] domas: would you please tell me what the 3 mistakes with ubuntu package of mysql? :) [20:25] im trying to make the script as secure as possible so i would love to hear what. [20:25] thehook: 1. CHECK TABLE on every restart 2. ~mysql permissions [20:25] 3. old mysql version [20:25] mysql permission? [20:26] and is it bad that it does CHECK TABLE on every restart? [20:27] thehook: if you had any 300GB innodb tables, you wouldn't like that ;-) [20:27] well, even 10G is noticeable [20:27] is there any way to fix this with configuration after install? [20:27] yes [20:27] you have to edit the file installed by package [20:28] the config files right? what about the permissions? i will try to add this in my scripts :) [20:30] just change mysql userdir to /nonexisting [20:30] ~mysql should never be writable by mysqld [20:30] i'm not that into mysql configuration and would love if you maybe could help me a little bit to make a secure configuration :) [20:31] come to my talk at mysql conference! [20:31] where? [20:31] http://en.oreilly.com/mysql2009/public/schedule/detail/6753 [20:31] :-D [20:32] nice :) but too bad im living in norway :s [20:34] but i would love to if it was possible [20:35] it is a good conference [20:35] im sure it is, i want to go already [20:36] but brb, i think i need some food :P [20:51] hi [20:52] i was able to makeup a NIC by sending an handmake frame but now my dhcp tftp servers dont boot the wakeup client... [20:53] makeup=wakeup [21:03] Can someone please give me some guidance for installing sound on my server? [21:10] I'm trying to get ssl working with apache on my ubuntu server. I've followed the instructions in the documentation on the ubuntu site. Now I'm getting this error when I try to look at the page in my web browser: ssl_error_rx_record_too_long [21:10] Any thoughts? I'm not seeing any message in the apache error log [21:28] kaje: Perhaps see http://kainotes.blogspot.com/2008/08/creating-ssl-certificate-for-apache-on.html [21:34] The way I fixed it was to add NameVirtualHost *:80 \n NameVirtualHost *:443 to the top of my defaul vhost [21:35] Then every vhost had to be or [21:35] not sure why that was necessary, but it worked... [22:19] is this a valid /etc/rc.local file? : http://pastie.org/373672 [22:21] kansan: You may wish to be explicit in where you expect the user-data to be downloaded (what directory) and perhaps even remove the file afterwards. [22:21] erichammond, where would you recommend? [22:21] to put it that is/ [22:22] kansan: /tmp is always convenient for temporary files :) [22:22] erichammond, once i invoke with user-data; is it safe to delete at that point? [22:23] kansan: I don't know how chef-client operates. [22:25] will wget overwrite the file if it already exists? if not how can i make sure to? [22:25] kansan: If you are starting with the Ubuntu AMIs I list on http://alestic.com then you can simply pass in a script to user-data and it will automatically be run on first boot. That script could save the data file and run chef-client. [22:26] kansan: I don't know how much other custom configuration you are doing, but it might even be possible to not have to build your own AMIs. [22:26] erichammond, i'm close to not having to build one [22:26] kansan: Do you want to run chef-client on every reboot of the server? or just on the first boot? [22:26] erichammond, i'm now usuing chef which automates things [22:27] erichammond, every reboot [22:27] user-data cannot be changed after the EC2 instance starts, so why does it need to be run on reboots? [22:27] erichammond, chef-client needs to start up [22:27] upon boot [22:28] and if it cant be changed [22:28] i dont need to rm it [22:28] problem solved [22:28] right [22:28] so /tmp is not the best place for that [22:28] ah you're right [22:29] i think it gets auto cleaned [22:29] where should i put instead? [22:29] i'm thinking /etc/ ? [22:30] kansan: I would expect the chef documentation to have example locations under /etc or the like. [22:30] wait better [22:30] /etc/chef [22:30] along with chef config [22:30] perfect [22:30] erichammond, it doesnt really document how to start it up with ec2 [22:30] folks in #chef are helping [22:32] kansan: If you choose to use the user-data script hooks in the public Ubuntu AMIs, you will want to have that script install a chef-client startup program under /etc/init.d and symlink from /etc/rc4.d so that it gets started on reboots. [22:33] erichammond, isnt it enough to put this cd /etc/chef; wget http://169.254.169.254/latest/meta-data/user-data; chef-client -J user-data; [22:33] inside /etc/rc.local ? [22:33] i thought rc.local gets run on every boot [22:33] oh you're saying if i choose not to bundle an ami? [22:44] kansan: right on the last q. (out to lunch, be back later) [22:57] New bug: #322503 in samba (main) "smbd crashes __kernel_vsyscall ()" [Undecided,New] https://launchpad.net/bugs/322503 [22:58] hi [23:02] hello [23:04] New bug: #322337 in samba (main) "package samba-tools None [modified: /var/lib/dpkg/info/samba-tools.list] failed to install/upgrade: trying to overwrite `/usr/bin/nsstest', which is also in package samba4" [Undecided,New] https://launchpad.net/bugs/322337 [23:32] What is the terminal command to remove a user from a group? Specifically to remove a user from being able to use sudo. (admin group I think) [23:34] RediXe: check the man pages for usermod [23:34] RediXe: personally, i just edit the /etc/group file in vim [23:35] * altf2o_ wonders why his first 'sudo' command takes /forever/ to run. Subsequent ones are fast. [23:35] dayo__, okay that just seems like the best way i guess. I thought there would be a more "accepted" solution using something like usermod. [23:38] RediXe: imo "accepted" is whatever works and u're most comfortable with [23:39] for auditing purposes, using sudo usermod is probably better [23:39] RediXe, also look at gpasswd [23:40] altf2o_: probably because the second time all the files it needs are cached in memory? ;) [23:40] dayo__, okay :D I have used that method before I am just writing a wiki entry for setting up new machines for new employees (small office) I'll looking into usermod and gpasswd thanks :) [23:40] :) [23:40] that's my guess, it's just annoying, i have no idea why it's starting to do this out of nowhere. One day it took 3 seconds for the first one, now it takes 30 [23:40] iirc the command would be `gpasswd -R $username $groupname` [23:41] altf2o_: oh, that sounds like something else is wrong [23:41] RediXe: probably better off having them use one of those tools for your office environment then, rather than vi, as the change can be logged then [23:41] JanC: yeah and i've been messing with so many things i have no idea where i could've jacked something up. [23:41] Deeeps, okay. [23:52] I have some weird issues with proftpd and mysql... my quota is not updated in the DB...