[00:16] <deadbattery> anyone has used mod_bw? before
[01:08] <lamont> ScottK: uh...  smtp_bind_address
[01:08] <ScottK> lamont: That can influence it, but not guarantee a result.
[01:08] <lamont> you can bind to any local IP, and the routing table will decide which interface the traffic goes out
[01:09] <lamont> whether or not the traffic will make it back in becomes a question of rp_filter et al, and routablility of the source IP
[01:09] <lamont> if you bind to a particular IP, that _WILL_ be the source IP, modulo NAT or some such changing it later
[01:09] <ScottK> OK, maybe I'm having a brain fried day.
[01:10]  * ScottK is currently parked in Starbucks while $ELDESTDAUGHTER shops.
[01:11] <ScottK> BBHoss: ^^^ Looks like I was wrong.
[01:16] <lamont> ScottK: one of my favorite hacks for added non-hackiness is to use allow $IP1 to ssh to a box, when $IP2 (same box) would be the normal source IP
[01:16] <lamont> and then use ssh -b :-)(
[01:21] <lamont> ScottK: also, unless you have advanced routing tables turned on (and in use - see ip rule), source IP is not an input to the routing equation
[01:22] <ScottK> Right.
[01:23] <lamont> and there are some things that, while doable, should never be done.  they make me feel dirty.l
[01:23] <ScottK> You say that like it's a bad thing.
[01:24] <lamont> remind me to show you what the network topology at PrairieNOC looks like, sometime
[01:24] <ScottK> OK.
[01:24] <ScottK> I'm fairly certain my brain will hurt after.
[01:25] <lamont> it's one of those "here are the things I was solving.  here's how I did it." which has, from network experts, received a universal "that's completely sick" response.
[01:25] <lamont> that none of them have ever come up with another solution doesn't make it hurt less
[01:25] <ScottK> No doubt.
[01:25] <lamont> (client inside the network chooses which interface to route out by choosing which of two subnets (same layer 2) to use for a source subnet
[01:26] <lamont> and then the router DNATs if it goes out the non-advertised route
[01:26] <lamont> and yes, it's TOTALLY WRONG
[01:27] <lamont> and a fair part of why it's called PrairieNOC
[01:27]  * ScottK has just been informed that the SHOPPING is finished.
[01:27] <lamont> though to be fair, the "Prairie" part is just because network bandwidth TOTALLY SUCKS here
[01:27]  * ScottK will be departing momentarily.
[01:27] <lamont> end-of-shopping!! yay
[01:27] <lamont> hrm... speaking of which, I'm supposed to be $THERE, not $HERE
[01:44] <deadbattery> can some one help me with installing mod_bw?
[01:44] <deadbattery> for apache
[02:49] <twb> I want my servers to initiate a clean shutdown when I push their power button.
[02:49] <twb> Is the "acpid" package sufficient, or do I need the (bloated) "acpi-support" package?
[02:53] <twb> acpid is sufficient.
[02:57] <hads> Yup
[03:01] <xjjk> hello, how I disable the auto screen-session creation in jaunty?
[03:07] <twb> xjjk: screen as in GNU screen?
[03:07] <ScottK> Yep
[03:07] <xjjk> yes
[03:07] <twb> First I've heard about it; what's the symptoms?
[03:07] <xjjk> when I login via SSH it automatically creates a screen session
[03:07] <twb> Ugh.
[03:07] <xjjk> great for newbies
[03:07] <xjjk> not... good.. for people who use screen already and have their own setups
[03:08] <twb> xjjk: no, great for me -- but I have that in my .profile.  I don't think it should be the default for people who don't even know what screen is.
[03:08] <kgoetz> is your default shell screen?
[03:08] <twb> kgoetz: nope, that breaks scp.
[03:08] <twb> kgoetz: oh, were you talking to xjjk?
[03:08] <kgoetz> twb, yeah.
[03:08] <xjjk> not sure, checking
[03:09]  * kgoetz discovered about it breaking scp, and isnt entirely happy about it :\
[03:09] <twb> xjjk: try "getent passwd $USER" and see if it mentions screen there
[03:09] <xjjk> kgoetz, twb: no
[03:09] <twb> xjjk: OK, grep -r for screen references in /etc/profile*
[03:10]  * twb looks for a jaunty VM
[03:10] <kgoetz> or 'chsh' and see if it says screen as your login shell ;)
[03:10] <twb> kgoetz: heh
[03:11] <xjjk> twb: don't see anything there either
[03:11] <xjjk> I'd like this enabled for other people's accounts
[03:11] <xjjk> ...just not mine
[03:11] <kgoetz> haha
[03:11] <twb> xjjk: was your account the one created during the install?
[03:12] <xjjk> twb: yes
[03:12] <twb> xjjk: ok, grep -r again but in /etc/skel and ~/.??*
[03:12] <twb> Unfortunately my copy of jaunty isn't booting, but in any case I disabled the creation of an initial user...
[03:13] <xjjk> hrm... I did something, and it's not doing it anymore...
[03:13] <xjjk> I don't know what
[03:15] <xjjk> hrm... something still up
[03:16] <xjjk> I run screen, and it seems to ignore my .screenrc
[03:25] <hads> There's a screen-config tool or something
[03:26] <xjjk> hrm.. problem is the screen-profiles package
[03:26] <xjjk> it replaces screen with a wrapper script that calls a screen.real
[03:26] <xjjk> wrapper script does a lot of config mangling stuff...
[03:35] <stiv2k> hello, the init  script that comes with a certain package does not work.  what should i do?
[03:35] <stiv2k> the package is bopm
[03:38] <kansan> what is the package manager called?
[03:38] <kansan> dpkg
[03:38] <kansan> ?
[03:38] <kansan> i mean the apt-get
[03:41] <stiv2k> uh what
[03:43] <hads> It's in universe so I'd guess post to the mailing list or open a bug.
[03:45] <stiv2k> hm
[04:01] <deadbattery> is there a command that shows u in ubuntu for ur server what ips are connected to u ?
[04:12] <kc8pxy> i need some help. i'm trying to compile approx, for use in caching ubuntu packages. my insanity shows when i say I'm compiling it on a non-debian-based distro. but I've ironed out all but the final few bugs in compiling it.
[04:14] <jmarsden> deadbattery: netstat -ntu
[04:14] <kc8pxy> i still need a .cmxa file for ocaml-sha and syslog-ocaml.   neither source tarball has that file, nore creates it, upon make. why not?
[04:25] <deadbattery> Thanks jmarsden
[04:31] <deadbattery> jmarsden, is there a way to know how much each IP is specificaly using bandwidth?
[04:54] <deadbattery> can some one help me x.x?
[04:54] <kgoetz> start with iftop and iptraf
[04:54] <kgoetz> then do some research :|
[04:55] <deadbattery> i tried..
[04:55] <deadbattery> in apache2 the server breaks and i get this in error.log apache2 child pid exit signal segmentation fault
[04:55] <deadbattery> i cannot fiogure what the issue is
[04:55] <kgoetz> increase your logging
[04:56] <deadbattery> what do u mean
[04:59] <kgoetz> what part dont you understand? increase apache 2 logging level
[05:00] <deadbattery> i am a noob,
[05:00] <deadbattery> i dun get it
[05:00] <deadbattery> all the log shows is child pid errors
[05:02] <deadbattery> kgoetz what do u mean
[05:02] <kgoetz> which log file shows the errors?
[05:02] <deadbattery> error.log
[05:03] <kgoetz> does access.log give any clues?
[05:03] <deadbattery> sec
[05:04] <deadbattery> seems fine
[05:05] <deadbattery> any ideas
[05:05] <kgoetz> yes. increase the loglevel from whatever its on to something more verbose
[05:06] <kgoetz> http://letmegooglethatforyou.com/?q=change+loglevel+apach2 try the first hit
[05:06]  * kgoetz -> lunch. bbl
[05:06] <deadbattery> how wud changing log level fix anything?
[05:06] <deadbattery> it alrdy shows a lot
[05:25] <roy_hobbs> quick newbie question.  if i want to install ubuntu server to host virtual machines - the general procedure is to install ubuntu server, install the ubuntu-virt-server package, and then set up virtual machines running ubuntu jeos?
[06:36] <Bangers> When I do "sar -d 3 3" I get "dev8-0 " for "DEV" -- what device is this??
[06:36] <Bangers> Im looking for disk IO usage stats for /
[06:57] <twb> Remind me, how do I tell which drives smartd has found?
[06:58] <twb> I tried "smartctl -i /dev/sda" and it gave an error, which doesn't really surprise me (shitty IBM hardware), but I want to know if smartd agrees with smartctl.
[07:15] <agentk> dazman: Hey that tcp redirect with iptables has stopped working again. --to-port and --to-ports aint making any difference :-(
[08:02] <quizme> hello
[08:02] <quizme> how do you set the $PATH for all users to be bash?
[08:06] <_ruben> erm .. $PATH is a list of directories to be searched for executables .. bash is a shell .. you dont set $PATH to bash
[08:08] <quizme> i mean $SHELL
[08:08] <quizme> i want it so that when i create a new account, they get the bash shell
[08:08] <quizme> i don't want to set it manually for each one
[08:16] <_ruben> quizme: see $DSHELL in /etc/adduser.conf
[08:42] <quizme> _ruben: thank you
[08:43] <twb> $SHELL is set *by* bash *iff* you're running bash.
[08:43] <twb> It would not be appropriate to set $SHELL to bash and then run, say, zsh or csh.
[08:44] <quizme> _ruben: it's already set to bash but it doesn't seem to help the situation of adding users.  it still goes to /bin/sh
[08:44] <twb> As _ruben says, to ensure that new users get /bin/bash as their default shell, check adduser.conf.  For existing users, you can use vipw or possible chsh/usermod.
[08:44] <twb> quizme: are you adding users in LDAP?
[08:45] <twb> quizme: or with useradd(8) instead of adduser(8)?
[08:45] <quizme> i adding users using the adduser command
[08:45] <quizme> i don't know what ldap is
[08:45] <quizme> when i login as the user
[08:45] <quizme> it starts up /bin/sh
[08:45] <quizme> um
[08:45] <quizme> not sure
[08:46] <twb> quizme: what is the user's name?
[08:46] <quizme> oh it should be adduser?
[08:46] <quizme> lemon
[08:46] <twb> quizme: useradd is a low-level utility which ignores adduser.conf.  adduser is what you, the admin, should run.
[08:47] <quizme> oh...
[08:47] <quizme> adduser
[08:47] <quizme> ok
[08:47] <twb> quizme: if you run "getent passwd lemon", it will either have /bin/sh or /bin/bash.  That will tell you accurately what their default shell is.
[08:48] <quizme> how do i change it to bash?
[08:49] <quizme> can i edit /etc/passwd?
[08:49] <quizme> oh yeah that worked
[08:50] <twb> quizme: as I said, 19:47 <twb> As _ruben says, to ensure that new users get /bin/bash as their default shell, check adduser.conf.  For existing users, you can use vipw or possible chsh/usermod.
[08:51] <quizme> i edited /etc/passwd
[08:52] <quizme> is there a shared .bashrc on the system?
[08:52] <jtaji> /etc/bash.bashrc
[08:53] <quizme> ah ha
[08:53] <quizme> nice
[08:54] <twb> IMO you should avoid putting your personal preferences in there.
[08:54] <twb> The /etc/bash.bashrc file is really for things like adding /opt/crap-app/bin into the default $PATH -- and actually in that case you would use /etc/profile
[08:58] <quizme> /etc/profile
[08:58] <quizme> ok
[09:58] <maxb> quizme_: chsh or usermod are preferable to editing /etc/passwd directly - less opportunity for mistakes
[09:58] <Jeeves_> vipw
[10:26] <PecisDarbs> hi people, I am writing maitanance script, is there any easy way to detect what kind of fs block device containts?
[10:27] <PecisDarbs> containts/contains/s
[10:58] <incorrect> i've just installed a number of machines,  and for some reason their uuid for admin is 112 not 119 as it is for all my other servers
[10:58] <incorrect> i thought this was supposed to be static
[11:01] <PecisDarbs> hi people, what for snappshoting LVM volumes "Allocated to snapshot " means? It is how much of original volume is copied to snapshot or how much it changes?
[11:01] <PecisDarbs> incorrect: the same CD?
[11:01] <incorrect> PecisDarbs, yep
[11:01] <PecisDarbs> configuration differs? (for example, some box has different set services)
[11:02] <PecisDarbs> incorrect: if I am correct, admin is user with sudo rights, right?
[11:02] <incorrect> well the three machines that have different uuid's for admin are vmware hosts
[11:02] <PecisDarbs> then it is easy
[11:02] <incorrect> no the group
[11:02] <incorrect> uid
[11:02] <PecisDarbs> for each service there is additional user
[11:02] <incorrect> guid
[11:02] <incorrect> d'oh
[11:02] <incorrect> i can't type
[11:02] <PecisDarbs> that's not a problem :)
[11:02] <incorrect> i mean the gid for admin has changed
[11:02] <PecisDarbs> incorrect: it still can be the same
[11:03] <PecisDarbs> count of users and groups on default install differs according to how much services you have enabled at install time
[11:03] <PecisDarbs> as far as I think it goes
[11:03] <incorrect> gid for admin on all machines i've installed has been 119, but these three vm's it got set to 112
[11:03] <incorrect> its easy enough to fix, just weird
[11:04] <incorrect> oh wait, i spotted something
[11:05] <incorrect> i think the gid for 8.04.2 for admin has changed
[11:05] <soren> incorrect: uid's over 100 are not static.
[11:05] <incorrect> that is a real pain in the butt
[11:06] <soren> Why?
[11:06] <incorrect> that is a real pig, that makes having ldap fairly useless
[11:06] <soren> How so?
[11:06] <incorrect> i wanted to add users to admin so they could sudo, have access to hardware etc
[11:07] <soren> Yes?
[11:07] <incorrect> well if the gid changes, it won't work
[11:08] <soren> sudoers says that %admin can sudo, right?
[11:08] <incorrect> yes
[11:08] <incorrect> or access hardware
[11:08] <incorrect> i don't want to go to every desktop and add them into all the groups
[11:08] <soren> And what happens if you "getent group admin"?
[11:08] <soren> I don't see how th GID factors into it.
[11:09] <incorrect> ok my mistake, its just admin
[11:09] <dazman> ah
[11:09]  * dazman wrong window
[11:09] <incorrect> ok the only issue is admin,
[11:09] <soren> We've never guaranteed that the gid for admin would be static.
[11:10] <incorrect> that is either 119 or 112
[11:10] <incorrect> i could deploy a new sudoers config to all boxes
[11:10] <soren> ...and why does that matter?
[11:10] <soren> You refer to them by name, not gid.
[11:12] <incorrect> on my ldap server i have an object cn=admin,ou=group, etc  that has a gid,   then the memberUid's are done by name
[11:12] <incorrect> what would be good is the find a list of all the groups and their use
[11:16] <soren> incorrect: I still don't see how the gid is relevant. What does "getent group admin" return?
[11:16] <incorrect> soren, it depends on the system,
[11:16] <incorrect> either 112 or 119
[11:17] <incorrect> newer installs are returning 112 and older ones are returning 119
[11:18] <incorrect> all have been 8.04
[11:18] <incorrect> i guess i could change the ldap admin entry to a 1-100 entry
[11:22] <soren> incorrect: I don't care about the gid it returns.
[11:22] <soren> I care about the members it lists.
[11:22] <incorrect> the depends on the system and if the users gid matches the system
[11:23] <soren> It only collates them if the gid matches? That's interesting.
[11:24] <incorrect> machines that have 112 gid don't get the users from the ldap server
[11:24] <soren> Rename the LDAP group or remove the local one?
[11:24] <incorrect> that would be fatal
[11:25] <incorrect> you see if i machine had to be taken off the network i couldn't sudo
[11:25] <soren> Relying on the staticness of something that is specifically documented to be dynamic seems like a bad plan.
[11:25] <achilles> hello, I have a problem in my bind service, it sunddenly stops responding for name resolution and then suddenly it returns back .. nothing appears on the log, the other services like ssh is normal .. any help ?
[11:25] <incorrect> i can move my ldap admin group to sub 100
[11:26] <incorrect> that might work
[11:26] <soren> Why would you do that?
[11:26] <incorrect> well if that means systems pick up that group first,
[11:26] <soren> Moving it below 100 doesn't magically make it static or synchronised across your systems.
[11:26] <soren> incorrect: No.
[11:26] <incorrect> soren, sure it does
[11:27] <incorrect> my systems get the info from my ldap server
[11:27] <soren> "getent group" doesn't iterate through the gid's from 0 and upwards until it finds one with a name that matches.
[11:27] <incorrect> i change it there, it gets deployed instantly , assuming i am not running nscd
[11:27] <soren> It goes in the order defined in nsswitch.conf and looks up the name and then maps it to a gid.
[11:28] <yann2> soren > a mail for you on the kvm mailing list, from this morning
[11:28] <incorrect> ah in that case i will swap files ldap to ldap file
[11:28] <soren> yann2: Thanks for the hint.
[11:28] <soren> incorrect: Why don't you just rename the ldap group?
[11:28] <soren> ...and add it as an extra group in sudoers?
[11:29] <yann2> soren > you'll be less happy when you see it :)
[11:29] <soren> Again:
[11:29] <soren> 11:25:20 < soren> Relying on the staticness of something that is specifically documented to be dynamic seems like a bad plan.
[11:29] <incorrect> soren, i don't really want to do that on 200+ systems
[11:29] <incorrect> ldap files will do nicely
[11:29] <soren> incorrect: You'd rather change the nssiwtch.conf on 200 servers?
[11:30] <incorrect> that is less of a big deal if it gives me the desired result
[11:30] <soren> Well, it's very likely that it doesn't.
[11:30] <soren> You really usually do want files to take precedence.
[11:31] <soren> You're somehow acting as though changing the name of the ldap group and adding it to sudoers on every system wouldn't give the desired result which is not the case.
[11:31] <incorrect> that is not a nice solution to my mind
[11:32] <incorrect> yes i can create another group, add it to every machine
[11:32] <soren> No, you don't add the group locally.
[11:32] <soren> Just the line in sudoes.
[11:32] <soren> sudoers, I mean.
[11:32] <incorrect> i think its much better to use the global config from the ldap then degrade to the local files
[11:33] <soren> Well, just be careful.
[11:33] <soren> Do you for instance have a root user defined in ldap?
[11:33] <incorrect> no
[11:33] <incorrect> root is disabled
[11:34] <incorrect> super, so setting ldap files works great
[11:35] <soren> For now..
[11:36] <soren> If the network is acting up, you'll be less excited.
[11:36] <incorrect> so i pull it off the network, i get the local config
[11:36] <soren> Yes, when the network times out.
[11:36] <soren> for *every* getent call.
[11:36] <soren> But whatever.
[11:36] <incorrect> nscd
[11:36]  * soren -> lunch
[11:37] <incorrect> you set a low time out, and you will get that issue if the network acts up no matter what way round they are
[11:39] <incorrect> and set the ldap bind policy to soft
[11:56] <orudie> is it hard to set up mail server ?
[11:56] <orudie> which mail server can you recommend ?
[11:57] <incorrect> orudie, how much functionality do you want?
[11:58] <Deeps> use tasksel, select 'mailserver' from the list, it'll setup and configure the ubuntu recommended setup for you
[11:58] <orudie> incorrect, i'm not sure lol
[11:58] <incorrect> orudie, personally i use zimbra at work
[11:58] <incorrect> but that takes over your entire system pretty much
[11:58] <orudie> i want to be able to check mail with web mail client
[11:59] <orudie> i need it to work with this http://drupal.org/project/webmail_plus
[11:59] <incorrect> if you do it yourself i can be a lot of work, setting up imap, webmail clients etc
[11:59] <incorrect> do what Deeps suggested
[12:00] <orudie> the problem is that i dont have a domain yet
[12:00] <incorrect> make one up,
[12:00] <incorrect> mynet.local
[12:01] <hads> It's not that much work
[12:02] <Deeps> or get a free domain from dyndns, afraid.org or eu.org
[12:03] <hads> I use postfix and dovecot myself.
[12:03] <incorrect> me too
[12:03] <incorrect> i am probably going to set up a vm and run zimbra as its seems pretty slick these days
[12:04] <hads> I don't like their licensing
[12:04] <incorrect> i didn't think the free one was bad
[12:05] <hads> Just never been much of a fan of the "open source but you should upgrade" crowd. That's a personal thing though.
[12:11] <incorrect> people need to earn a living, for me its more about who i trust the most
[12:14] <hads> I agree, I'm not going to get into a licensing discussion though as it's a personal thing.
[12:15] <yann2> zimbra is amazing :)
[12:15] <yann2> <- very happy customer
[12:15] <incorrect> i wouldn't go that far
[12:15] <incorrect> but it does the job
[12:15] <yann2> I would
[12:15] <incorrect> then again i am using 4
[12:15] <yann2> best web app I've seen so far
[12:16] <Deeps> it's a bit heavy for a small personal use mailserver
[12:16] <incorrect> i installed 5 the other day and it seemed much better
[12:16] <yann2> good QA, very good features, etc.
[12:16] <yann2> Deeps > agreed ;)
[12:17] <yann2> I'll blog about it one of these days
[12:18] <incorrect> the only problem i found with it was firefox 3 stopped working with the admin tool
[12:18] <incorrect> but that was version 4
[12:18] <incorrect> could well be fixed now
[12:20] <yann2> this is fixed in 5
[12:21] <yann2> it has features like shared mail folder, shared calendar, tags, good anti spam etc
[12:21] <yann2> would be a pain to implement alone
[12:21] <incorrect> cool
[12:21] <incorrect> sure would
[12:21] <yann2> zimbra 5 even has a jabber server
[12:21] <incorrect> is saw that
[12:21] <incorrect> that is beta
[12:21] <yann2> well it works well :D
[12:23] <yann2> oh and the search really rocks ;)
[12:24] <incorrect> ok i am convinced
[12:26] <yann2> just try it http://www.zimbra.com/products/hosted_demo.php
[12:26] <incorrect> i am already running 4
[12:26] <incorrect> i will build a new server
[12:27] <yann2> yeah the demo is zimbra 5
[12:27] <incorrect> do you work for yahoo?
[12:27] <yann2> the only thing that really badly badly sucks is yahoo branding and project management
[12:27] <yann2> ahm
[12:27] <yann2> no? :D
[12:27] <incorrect> couldn't resist
[12:28] <yann2> I am very happy with zimbra
[12:28] <yann2> I could say the exact opposite about alfresco though
[12:28] <incorrect> i am thinking about using it at home
[12:28] <frippz> wow, yann2 _really_ likes zimbra :D
[12:28] <yann2> so many people talking about alfresco, gee, they m ust have never tried it
[12:29] <dazman> I'm really hoping the Bongo Project takes off...
[12:30] <yann2> there are other zimbra competitor fully opensource, but quite behind
[12:30] <yann2> I need the best Q&A and commercial support for that too
[12:31] <incorrect> i just like things that work and don't take the next year to install,
[12:31] <incorrect> zimbra was packaged nicely
[12:32] <incorrect> lunch
[12:33] <licantrup> hello
[12:33] <dazman> Hmm, I just bailed and installed Exchange... Heh.
[12:33] <licantrup> I want to share a windows partition from ubuntu to another ubuntu machine
[12:33] <licantrup> but nfs complain it is not compatible
[12:33] <licantrup> is there any workaround?
[12:34] <yann2> incorrect > zimbra is packaged but is supposed to be alone on the server. If you have anything else, it will break
[12:34] <yann2> it uses its own versions of mysql/postfix/blah - it's all bundled
[12:35] <dazman> yep.
[12:35] <dazman> Although, even Bongo is better if you install * from Bongo Project stuff.
[12:35] <yann2> so it's very easy to deploy - but you have to allocate a machine for it
[12:35] <lamont> yann2: and you're totally unsupportable by anything other than zimbra
[12:35] <dazman> It's *much* easier having it all packaged.. no messing around with different MTAs etc.. and it's all manageable centrally.
[12:36] <dazman> lamont, true.. but it has other benefits which outweight that IMO.
[12:36] <yann2> lamont > you have other companies supporting zimbra
[12:36] <lamont> a fair chunk of why they did what they did was because it was hard to work within the existing packaging to do what they wanted...
[12:36] <lamont> yann2: I meant the package, not the company
[12:36] <yann2> lamont > I think they patched some stuff too
[12:37] <yann2> lamont > so do I.. you can buy support from other companies if that's what you meant :)
[12:37] <yann2> anyway
[12:37] <yann2> *back coding*
[12:38] <lamont> yann2: and when they file bugs against the postfix package because it doesn't do what they want, then as the postfix maintainer, there is pretty much nothing I can do to even reproduce their issue, let alone help the user..  but yeah, that helps the revenue model of zimbra and the other companies, so they're not exactly motivated to make it work correctly
[12:38] <licantrup> guys I have this message trying to mount through nfs "mount.nfs: access denied by server while mounting 192.168.1.100:/media/sda7/Videos"
[12:39] <licantrup> I have the /etx/exports file correct I think
[12:39] <downhill_> so is anyone familiar with a mechanism or perhaps bug with Ubuntu Server that would add reject routes (as in like, `route add 123.123.123.123 reject`) to the route table as well as entries to /etc/hosts.deny? My server keeps doing it for some reason and I can't figure out why.
[12:39] <yann2> lamont > you shouldn't feel concerned ;) but there are quite larges customers, and if there is a serious bug, believe me, they do care, and so does zimbra :D
[12:39] <dazman> So I presume Zimbra use their own postfix packages, and maintain their own config/bug fixes?
[12:40] <yann2> I Guess they must sync at every release and backport patches yes
[12:40] <lamont> dazman: if you have a postfix instance on the machine, and it's not the version of postfix from the archive, I really don't care what your issue is quite so much - so I hope someone does.....
[12:40] <downhill_> anybodah? :)
[12:41] <dazman> lamont, well, of course.. not much you can do either, as you're not likely to be applying their patches.. heh.
[12:41] <yann2> if you cound 20M paid-for mailboxes, and an average of 20-30$ per mailbox - I guess they have someone :P
[12:42] <yann2> but really, their quality assurance is very good - very few bugs, and properly supported - if we had the same with ubuntu (server) I'd be happy
[12:42] <yann2> :o)
[12:42] <hads> Oh dear
[12:43] <dazman> I've never really deployed a zimbra box properly.. but in terms of deploying Ubuntu Server, I've done a fair few.. and all have been faultless (with postfix packages, dovecot etc etc).. so in terms of bugs, I've yet to see any which have really affected me in a final release.
[12:44] <yann2> dazman > I am managing quite  a few hardy (50-100) and I stopped counting :)
[12:45] <yann2> but it's improving, so let's keep pushing and hope for the best
[12:46] <dazman> yann2, sure, I'm not at the 50-100 scale.. and of course more volume, more issues.  I manage 100 Exchange servers..... so I do get my pain. :p
[12:46] <yann2> ;)
[12:57] <downhill_> awww maan >.< I wanna get this fixed
[13:21] <suigeneris> hello
[13:21] <dazman> Hi.
[13:23] <downhill_> yeah...
[13:24] <dazman> Heh
[13:24] <downhill_> still wondering what's going on with the route reject rules^
[13:25] <suigeneris> i've generated and signed a certificate, but my mail client keeps giving me the warning at http://people.sabanciuniv.edu/mtozses/cert.png. why?
[13:26] <suigeneris> what field do I need to fill in like mail. ?
[13:26] <dazman> It's because you're accessing the server as mail.domain.com  but the certificate CN is for domain.com
[13:27] <dazman> To get around that, you need to access the server as the CN.. so if that cert is just for the mail.domain.com, then change it to that.
[13:27] <PecisDarbs> suigeneris: create cert for mail.domain.com not domain.com
[13:27] <dazman> suigeneris, it'll be the (CN)
[13:28] <suigeneris> CN, okay
[13:28] <suigeneris> thanks
[13:29] <suigeneris> do i need to re-generate both private and public?
[13:31] <dazman> there's no real concept of private/public is there?  It's just a certificate generated by the root authority.
[13:41] <dazman> Hmm, I'm sure someone suggested it, but LAMP for Ruby on Rails..... would be pretty cool.. Heh.  LAMR... ;)
[13:43] <dazman> Wouldn't be too difficult either.. as all the packages are there already.. just needs a metapackage with some post install tasks
[13:44] <downhill_> I'd like to see a VPN Server option
[13:44]  * dazman considers looking into it... 
[13:44] <dazman> downhill_, PPTP?  IPSEC?  OpenVPN?
[13:44] <downhill_> ovpn
[13:44] <dazman> downhill_, all?  Heh
[13:44] <downhill_> laff, all
[13:44] <[diablo]> afternoon all
[13:44] <downhill_> no, just ovpn
[13:45] <dazman> hmm
[13:45] <[diablo]> guys, anyone using a realtime kernel in ubuntu-server and / or know the status and stability please?
[13:45] <dazman> not too difficult.
[13:45] <downhill_> sets it up, makes you the beginning keys. not hard, very helpful
[13:45] <dazman> downhill_, it's just ovpn packages, generate a basic config, generate the ssl certs
[13:45] <dazman> downhill_, yea
[13:45] <downhill_> s/keys/certs/
[13:45] <dazman> I am seriously considering looking at LAMRoR though... Heh.
[13:45] <downhill_> you should
[13:46] <dazman> Not only cus' it could have a good name... but.. it's also useful.
[13:46] <downhill_> I wish there was a, like, "[X] Basic Home Server"
[13:46] <dazman> I'm sure there was a post to -server *checks*
[13:46] <downhill_> but oh well, I don't think that falls in their uh... you know
[13:46] <downhill_> vision or whatever
[13:48] <dazman> downhill_, depends what you want the home server to do - generally, everyone wants things very different..
[13:48] <dazman> downhill_, although saying that, replicating say, Windows Home Server would be pretty straight forward.
[13:48] <downhill_> the latter, and yeah, the way it's setup now is fine.
[13:48] <downhill_> just those little thoughts we all have ;)
[13:49] <dazman> of course.. always thinking :p
[13:52] <downhill_> anyway, a ovpn option would be nice :p
[13:52] <downhill_> or, FFS, a mysql option
[13:54] <Deeps> 'option' in what way for mysql?
[13:55] <downhill_> we're talking about the options it shows during install for which package sets to install. ssh server, samba file sharing, etc.
[13:55] <dazman> Oh
[13:55] <downhill_> unless I missed something :p
[13:55] <dazman> Well... kind of :P
[13:55] <dazman> I'm talking about that, but also a meta package for RoR if possible, heh.
[13:55] <downhill_> yes
[13:55] <downhill_> we're on the same page then ;)
[13:55] <dazman> Yea.
[13:56] <dazman> mysql is easy enough to install post install tho
[13:56] <downhill_> yeah but I'd like to do it during the install :p
[13:56] <dazman> All I'm thinking, is people are deploying more and more rails apps... so it'd be good to accomodate those easier, in one nice package
[13:56] <downhill_> mhmm
[13:57] <downhill_> is there a LAMPython package? :O
[14:00] <suigeneris> dazman, would CN be Organization Name or Organizational Unit
[14:00] <suigeneris> ?
[14:01] <suigeneris> Organizational Unit Name*
[14:01] <dazman> Neither.
[14:01] <dazman> It's Common Name
[14:03] <Deeps> common name should match the hostmask you use to connect to the server with
[14:07] <vertx> Hi, has anyone ever used Mikrotik (http://www.mikrotik.com)? It is based on Linux. I'm just wondering how could I reproduce its upload/download bandwidth limiting capabilities through Ubuntu server.
[14:10] <dazman> vertx, http://ubuntuforums.org/showthread.php?t=7990 may be a good start.. although an old thread now, should give you a good starting point.
[14:10] <PecisDarbs> vertx: afaik it is based on FreeBSD now
[14:10] <PecisDarbs> anyway, it should be reproducable on Linux
[14:11] <dazman> It's RouterOS isn't it?
[14:11] <PecisDarbs> ahh
[14:11] <PecisDarbs> yes
[14:12] <dazman> Ah, it's RouterOS with a Linux kernel.
[14:14] <suigeneris> how do i view my private ket?
[14:14] <suigeneris> key*
[14:14] <downhill_> ls ./blah.key :p
[14:15] <suigeneris> cute
[14:15] <downhill_> what are you really trying to ask?
[14:15] <suigeneris> downhill_, see the values of the certificate
[14:16] <downhill_> you could simply use cat then
[14:16] <downhill_> but you want to do that with your .crt, not your .key
[14:16] <suigeneris> it was openssl something
[14:17] <downhill_> it's human-readable if you cat your .crt, but whatever...
[14:30] <suigeneris> hmm
[14:42] <suigeneris> I am reading the book of postfix, i applied the steps CA.pl -newca, openssl req -new -nodes -keyout privatekey.pem -out privatekey.pem -days 1825 and openssl ca -policy policy_anything -out publiccert.pem -infiles privatekey.pem , copied the key and cert under /etc/ssl/private and /etc/ssl/certs and restarted postfix, but I am missing something and I can't use the new cert
[14:50] <suigeneris> can someone help me?
[15:30] <beniwtv> Hi all... I'm using Hardy LTS server, and I wanted to use asterisk-app-fax. However, when calling RxFax, Asterisk just crashes (Segmentation fault). Has anyone seen that problem?
[15:31] <downhill_> strace might be able to give you more information as to what's going on
[15:37] <beniwtv> downhill_: strace is here: http://pastebin.com/m5d473871
[15:38] <beniwtv> Also, I found this bug in Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=479612. Might be the same?
[15:46] <DogWater> Anyone have any tips on increasing speed of small file transfers with samba? perhaps filesystem?
[15:47] <Faust-C> DogWater: do nic teaming, maybe use xfs (i think its good)
[15:48] <DogWater> okay, so perhaps RAID-5 /w XFS?
[15:49] <Faust-C> DogWater: sounds good, my setup is:
[15:50] <Faust-C> 4 disks, mdraid raid1 (cause i need space), lvm using xfs, 6-8 smb shares, cheap nic cards
[15:50] <Faust-C> and works great
[15:50] <Faust-C> but i wish it was better
[15:50] <DogWater> Oh, I have a perc6i (dell 2950-iii) in the particular server i'm referring to atm, and i'm currently just using raid-1 but i'm considering moving the fs that i need to be faster to xfs/raid-5
[15:51] <Faust-C> remember to look into fs optimizations, best practices, etc
[16:03] <DogWater> cripes at importing gpgkeys
[16:10] <eolo999> hi, someone knows something about which services are generally on port 4734? We are receiving a flood attack to that port...
[16:57] <dazman> eolo999, according to /etc/services, nothing.. so it's none standard probably.
[16:57] <eolo999> dazman: i know, that's why i asked here
[16:58] <eolo999> ...
[16:58] <dazman> seems random to flood one port... heh.
[17:00] <dazman> And, if google doesn't know, it doesn't exist (Tm)
[17:01] <dazman> And Google doesn't seem to know... nearest I got was line 4734 in tcp.c on OpenSolaris... :)
[17:18] <frippz> I'm trying to mount an SMB-share but I keep getting "wrong fs type". I thought that the package samba-client would provide all necessary stuff to mount SMB/CIFS
[17:19] <genii> frippz: You may need smbfs package installed
[17:20] <frippz> genii: there we go! now I got a permission denied instead. it's going in the right direction! :D thanks for you help
[17:20] <genii> frippz: np
[17:21] <frippz> prolly forgot to activate an account on the NAS or something...
[17:45] <simplexio> has anyone idea why make-kpkg dosent work with 2.6.28-3 kernel.org source ?
[17:46] <ivoks> why do you use make-kpkg?
[17:46] <ivoks> you are compiling ubuntu kernel source or non-ubuntu kernel source?
[17:47] <simplexio> kernel.org
[17:47] <ivoks> oh... ok
[17:47] <simplexio> i have allways thoght that its "easiest" way to do it
[17:48] <ivoks> i haven't compiled kernel.org's kernel for years...
[17:48] <simplexio> offcourse make bzImage && make modules_install should work too but. then i need to modity menu.lst etc.. by hand
[17:48] <ivoks> er... you don't need to edit it manually
[17:48] <ivoks> update-grub will pick it up
[17:49] <ivoks> just name it vmlinuz-version
[17:50] <simplexio> nice
[17:50] <ivoks> update-initramfs will also create initrd
[17:50] <ivoks> if you need it
[17:51] <simplexio> i had some strange problems with 2.6.27-server version.
[17:51] <simplexio> currently it seems that software raid1 on swap isnt that good idea
[17:52] <ivoks> i managed to issue a command in vim after which it's runnin 100% cpu for 15 minutes :)
[17:52] <ivoks> why not?
[17:53] <simplexio> swapper could alloc memory, same happened to nfsd under heavy load
[17:54] <simplexio> could not ..
[18:03] <dazman> ivoks, I presume it's not :w :p
[18:04] <ivoks> dazman:
[18:04] <ivoks> :'<,'>s/),(/);\rINSERT INTO `mdl_backup_log` VALUES (/g
[18:05] <ivoks> i should write a howto make your mysql dump 5 times bigger
[18:05] <cellofellow> mysql isn't listening for tcp connections. why?
[18:05] <cellofellow> ie port 3306 is closed. I don't have ufw blocking it
[18:06] <ivoks> that's how it is configured by default
[18:06] <ivoks> you can change that
[18:06] <cellofellow> how?
[18:07] <ivoks> create /etc/mysql/conf/custom.cnf
[18:07] <ivoks> and put in it:
[18:07] <ivoks> [mysqld]
[18:07] <ivoks> bind-address = 0.0.0.0
[18:07] <cellofellow> ok
[18:08] <ivoks> and restart mysql
[18:08] <cellofellow> still closed :(
[18:09] <cellofellow> at least when nmap
[18:10] <ivoks> it should work, iirc
[18:11] <cellofellow> oh, it's /etc/mysql/conf.d, not .../conf
[18:11] <ivoks> ah, sorry
[18:12] <cellofellow> ok, working now. thanks
[18:13] <dazman> :)
[18:21] <dazman> In terms of keeping thing sensible... how realistic is creating a metapackage to install apache, mysql, ruby, gem etc. (anything for RubyOnRails) with all the post install stuff which is required?
[18:27] <alex_joni> ivoks: around?
[18:27] <ivoks> yes
[18:28] <alex_joni> tried an 8.10 server install on that hardware, same issues with grub
[18:28] <alex_joni> rebooted in recovery mode, and installed grub2 which did the job beautifully
[18:28] <alex_joni> (after hacking about 2h at grub-install to convince it to recognize /dev/rd/c0d0 as the install device)
[18:29] <alex_joni> (that grub-install was part of the standard grub, not grub2)
[18:29] <ivoks> grub2 works for you?
[18:29] <alex_joni> yes, in this case it worked GREAT
[18:30] <ivoks> it's good to know *another* case where grub2 works, while grub and lilo don't
[18:30] <alex_joni> this isn't one of the most common pieces of hardware, but it's good to have an alternative that just works
[18:31] <ivoks> linux needs new boot loader anyway
[18:31] <alex_joni> 2.6.27-7-server worked ok too.. detecting everything needed on that machine
[18:31] <ivoks> i'm afraid grub2 isn't ready yet
[18:31] <alex_joni> well, I'm not saying it should be made a default or anything
[18:31] <alex_joni> but if it's not too hard maybe having it on the install CD as a failsafe could be beneficial
[18:32] <alex_joni> if it's far from beeing ready, then it probably can wait
[18:37] <ivoks> it's good to know that last grub2 patch was sent 10 minutes ago :)
[18:38] <alex_joni> heh.. anyways, thanks
[18:38] <ivoks> np
[18:45] <alex_joni> PCI stuff seems to take really long .. something seems borken
[18:45] <alex_joni> http://eneas.juve.ro/~juve/primergy/syslog
[18:45] <alex_joni> 140s to 252s it just hangs
[18:57] <ivoks> ?
[18:58] <orudie> hi, i would like to set up mail server but dont know how to
[18:58] <orudie> should i use task sel ?
[18:58] <alex_joni> ivoks: it doesn't seem to do anything for about 2 minutes
[18:59] <alex_joni> same in the beginning
[19:03] <orudie> anyone ?
[19:03] <alex_joni> orudie: no harm in trying..
[19:04] <orudie> ok
[19:08] <ivoks> orudie: there are docs
[19:08] <orudie> ivoks, i just installed postfix, but how do i configure it
[19:09] <ivoks> https://help.ubuntu.com/community/MailServer
[19:10] <alex_joni> depends on the level of config you need
[19:10] <alex_joni> if it's a simple setup, dpkg-reconfigure used to do the trick
[19:21] <orudie> ok i think i configured it, but what are the pop and smtp servers ?
[19:21] <ivoks> https://help.ubuntu.com/community/MailServer
[19:21] <ivoks> :)
[19:22] <ivoks> https://help.ubuntu.com/community/MailServer#Mail%20Delivery%20Agent
[19:29] <simplexio> i complained whiel ago that 2.6.28.3 dosent like make-kpkg.. it works just fine on my 8.10 desktop. so does someonr know list of all packages needed to use it somewhere
[19:37] <orudie> can someone help me configure postfix ?
[19:37] <orudie> i followed this tutorial https://help.ubuntu.com/community/Postfix
[19:38] <orudie> now i'm actually trying to put info into thunderbird
[19:38] <orudie> dont know what to put imap or pop
[19:40] <orudie> sending of username did not succeed. Mail pop.selsovet.com responded: Plaintext authentication disallowed on non-secure connections.
[20:02] <orudie> can someone help me set up mail server please ?
[20:05] <dazman> hmm.
[20:05] <dazman> orudie, if you've only install postfix, then you have no imap/pop3 server yet.. postfix is just an MTA
[20:05] <dazman> orudie, you need something such as courier or dovecot for IMAP/POP3
[20:06] <orudie> ohhh
[20:06] <orudie> i see
[20:06] <dazman> https://help.ubuntu.com/community/Dovecot for example
[20:06] <dazman> or, https://help.ubuntu.com/community/Courier for Courier.
[20:12] <dou213> what is the maximum number of history-entries possible?
[20:15] <jmarsden|work> dou213: 500 by default, but you can set to any natural number... probably a 32bit value, so I'd guess somewhere over 2 billion... do you really have that much disk space for history files?
[20:17] <dou213> jmarsden|work, i just want it to keep something like 2000 last commands so that i can search for them easier... but when i set it to 2000 (or 5000) it does nothing
[20:17] <dou213> it remains on 500 as before
[20:17] <jmarsden|work> You logged out and back in, right?
[20:17] <orudie> ok i set up courier , tested without errors
[20:18] <Deeps> orudie: or use tasksel and install the mail-server task if you want it all setup for you in one go
[20:18] <jmarsden|work> dou213: I have mine set to 1000 with no issues...
[20:18] <Deeps> orudie: oh, too late, heh. nm then
[20:18] <orudie> Deeps, i did tasksel mail-server
[20:18] <orudie> it didnt , it only set up postfix
[20:18] <orudie> thats it
[20:18] <dou213> jmarsden|work, yes i set it to 5000 e.g. and then when i log out and back in, i see he only kept the last  500
[20:19] <orudie> Deeps, now the question is how do i check mail ?
[20:19] <orudie> i want to test with thunderbird
[20:20] <jmarsden|work> you are setting both HISTFILESIZE and HISTSIZE, right?
[20:22] <dou213> jmarsden|work, ups, no only HISTSIZE... should both be set?
[20:22] <jmarsden|work> dou213: Yes.  man bash!  Setting both HISTSIZE and HISTFILE works for me, has worked for me for years... :)
[20:22] <orudie> Deeps, hi , can you help please ?
[20:22] <jmarsden|work> dou213: My typo... set both HISTSIZE and HISTFILESIZE
[20:23] <dou213> how do i set the HISTFILESIZE? 'export HISTFILESIZE="nr" '?
[20:23] <jmarsden|work> dou213: Yes.
[20:24] <dou213> jmarsden|work, ok thx, damn then it is written wrong in the book
[20:24] <simplexio> ou jee.. : [38670.820007] Pid: 10432, comm: linuxdcpp Not tainted 2.6.27-7-server #1
[20:24] <simplexio> has anyone else had these ?
[20:24] <orudie> can anyone help me with mail server please ?
[20:25] <orudie> is there a way to configure it with a web interface ?
[20:25] <simplexio> calltrace says something about xfs, and memory allocations
[20:25] <Deeps> orudie: oh, are you sure? it's supposed to install dovecot imap + pop3 as well as a few other things too
[20:26] <dou213> jmarsden|work, and how can i see what the actual value of the HISTSIZE is?
[20:26] <jmarsden|work> dou213: echo $HISTSIZE  -- like any other shell variable :)
[20:26] <Deeps> orudie: and to check mail, you connect to your server's hostmask/ip address with your mail client, either with pop3 or imap, and use the username + password you ssh into the server with
[20:26] <dou213> thx
[20:27] <orudie> Deeps, yes thats what i'm trying  to do get wrong password error
[20:27] <Deeps> orudie: look in the logs for the imap/pop3 server to see what appears there?
[20:28] <simplexio> anyidea howto use top to suspend process?, its only working prog now. loads are ~50
[20:29] <orudie> Deeps, sending of password did not succeed. Mail server pop.selsovet.com responded: Login failed
[20:29] <orudie> Deeps, this is the thunderbird's error
[20:29] <nschembr_> I checked with #ubuntu first but no luck. I'm running ubuntu  server. I want to install xterm without installing X11. Is  there a way to use dpkg to install the base package and the  dependances one at a time.
[20:30] <orudie> i love love to be able to configure this with a web interface
[20:30] <jmarsden|work> nschembr_: dpkg --force-depends -i packagename.deb   # But if you break stuff, you own all the pieces!
[20:31] <Deeps> orudie: and what does the mailserver log say?
[20:31] <orudie> Deeps, anything ?
[20:31] <orudie> i dont know where its located
[20:31] <Deeps> orudie: somewhere in /var/log/
[20:31] <jmarsden|work> orudie: /var/log/maillog by default
[20:32] <Deeps> isn't that the MTA rather than the imapd/pop3d?
[20:33] <tuan123> hi everyone
[20:33] <nschembr_> jmarsden|work: thank you. Do you know if I can build a meta pkg that will automate my steps when I done. Is there a How to?
[20:33] <tuan123> has anyone use libvirt+kvm+jeos in a productive environment?
[20:33] <orudie> this is the few last lines of the log
[20:33] <orudie> http://pastebin.com/m26d2d801
[20:33] <tuan123> because i have now configured everything up, but it is a bit unstable
[20:34] <jmarsden|work> nschembr_: Well, there's the Packaging Guide at https://wiki.ubuntu.com/PackagingGuide/Complete
[20:37] <jmarsden|work> simplexio: You can kill or renice processes in top using k and r respectively.  I don't think you can suspend processes using top.
[20:37] <orudie> anything?
[20:40] <simplexio> hihii.. whats is fuuny loads in fileserver are now 80+, but samba share still works. so i can play video from there
[20:40] <simplexio> and top on fileserver says that i core is in use on stuck program and another one is waiting
[20:41] <nschembr_> jmarsden|work: thank you
[20:41] <jmarsden|work> nschembr_: No problem
[20:42] <orudie> jmarsden|work, can you help me please bro ?
[20:43] <Deeps> orudie: try using username 'paul' instead of 'paul@...'
[20:44] <orudie> Deeps, blah, it worked
[20:44] <jmarsden|work> orudie: I'm at work... working... can't really spend a lot of time helping out right now...
[20:44] <Deeps> orudie: "use the username + password you ssh into the server with"
[20:44] <Deeps> orudie: would be what i suggested a while ago ;)
[20:44] <orudie> Deeps, so far i'm logged in
[20:44] <orudie> Deeps, hold on let me try sending
[20:45] <Deeps> orudie: same user/pass should apply for sending mail
[20:45] <orudie> Deeps, ok, what should i put for outgoing server?
[20:45] <Deeps> orudie: same as you've put for incoming server, it's the same machine, same ip
[20:46] <orudie> Deeps, or , so for outgoing its also pop.domain.com ?
[20:46] <Deeps> orudie: your dns labels are your business, the host is still the same, you can address it by ip or by whatever hostmask you choose to make
[20:47] <orudie> Deeps, i just sent an email to this new mail server, so far nothing
[20:47] <Deeps> orudie: do you have MX records defined for your domain to point to the server?
[20:48] <orudie> MX records ?
[20:48] <Deeps> i'm gonna have to pass you onto someone else for your 'how mailserver son the internet work' / dns primer i'm afraid, google while you wait i guess!
[20:51] <orudie> Deeps, what should i read up ?
[21:01] <orudie> so i should set up SMTP on my ubuntu ?
[21:07] <orudie> i guess i need to set up smtp server ?
[21:12] <ScottK> If you know nothing about administering a mail server, I recommend that you run, do not walk, to a good book store and buy "The Book of Postfix".
[21:12] <hads> There's some responsibility required running a public mail server, you should do some reading.
[21:24] <Deeps> ScottK: can i file that recommendation as a bug against ubuntu-docs? :D
[21:25] <ScottK> Deeps: Not really.  Ubuntu docs can tell you about how to use Ubuntu packages.  Teaching you about mail server administration is really too much.
[21:26] <Deeps> "mailservers for human beings"
[21:26] <Deeps> ?
[21:28] <ScottK> Maybe, but administering a public facing mail server requires a certain amount of knowing stuff there's no way a distro can hide.
[21:31] <Deeps> i feel that way about computing generally, heh.
[21:32] <ivoks> spend 95% of time thinking about the problem, and only 5% solving it
[21:32] <ivoks> you can apply that to mail servers
[21:32] <ivoks> you should read and learn most of the times
[21:32] <ivoks> implementation is easy, once you understand the problem
[21:33] <ivoks> most people do it other way arround - that's why we have spam :)
[21:33] <orudie> problem?
[21:33] <ivoks> yes, problem 'i need mail server, and don't know anything about it'
[21:35] <dazman> "I need to relay though it.. allow *"
[21:35] <dazman> eh
[21:36] <dazman> s/though/through/
[21:36] <ivoks> most of the MTAs come with relay disabled
[21:36] <ivoks> yet, people still manage to create open relays :)
[22:05] <ScottK> The trouble with idiot proofing is they are so darn clever.
[22:09] <dazman> Ha.
[22:13] <hads> So true
[22:36] <nschembr_> I'm remastering the livecd and I need to setup  /etc/network/interfaces with a static file. It's over writen  a boot.
[22:38] <deadbattery>  is there anything specific and special i would do for streaming .avi files through a web dibvx player, to perhaps tweak anything?
[23:00] <roy_hobbs> Newbie question about virtualization:  Is the general procedure to install ubuntu server edition, install the ubuntu-virt-server package, and then setup as many ubuntu jeos (for example) virtual machines as necessary?   Also, has anyone seen any benchmarks on the free VMWare server vs KVM (which ubuntu seems to prefer)
[23:01] <ivoks> ubuntu-virt-server is just part of ubuntu-server
[23:01] <ivoks> it's bundle of services for setting up host for virtual guests
[23:01] <roy_hobbs> Yeah, but it's not installed by default correct?
[23:01] <ivoks> correct
[23:04] <roy_hobbs> If I have a cpu without virtualization instruction sets, would I be better off with xen or virtualbox?  Or is this a question that's difficult to answer?
[23:05] <ivoks> i really don't know
[23:05] <ivoks> i use kvm
[23:05] <ivoks> i dumped vmware cause of it
[23:05] <roy_hobbs> The free version you mean?
[23:06] <ivoks> yes
[23:06] <hads> KVM rocks
[23:06] <ivoks> i agree
[23:06] <roy_hobbs> Yeah I kinda figured KVM was somewhere in between the free and pay versions of vmware
[23:06] <ivoks> it's just beautifull
[23:06] <hads> It's also free rather than "free".
[23:06] <ivoks> i've worked with ESX, if that's what you are refering to
[23:07] <roy_hobbs> yes esx
[23:07] <ivoks> and i still like kvm more
[23:07] <roy_hobbs> hads: yeah i understand the difference between $$$ and FOSS
[23:07] <hads> It's fantasticly non-invasive too.
[23:07] <ivoks> and it doesn't create problems on kernel upgrade :)
[23:07] <ivoks> and it just works
[23:07] <roy_hobbs> is there and precedent that you know of for migrating a virtual box to a physical machine?
[23:08] <roy_hobbs> ivoks: You mean since that DKMS or whatever it is?
[23:08] <hads> KVM is in the standard kernel
[23:08] <ivoks> kvm is designed for linux
[23:08] <ivoks> not for all OS
[23:09] <ivoks> so, it should provide better results
[23:09] <ivoks> it doesn't have pretty and powerfull GUI, but i don't care for that
[23:09] <gcleric> kvm is also designed for cpu that support virtualiztion.
[23:09] <ivoks> correct
[23:09] <ivoks> that's also a +
[23:10] <ivoks> it's not ad hoc added support
[23:11] <roy_hobbs> gcleric: yeah but will it work reasonably well without a cpu with virt. support?
[23:11] <ivoks> it won't work at all
[23:12] <gcleric> roy_hobbs: noope...you will get a warning if you try.
[23:12] <orudie> ivoks, can you help me with mail server please ?
[23:12] <gcleric> Intel VT and AMD-V cpu only,
[23:13] <ivoks> orudie: maybe (it's 00AM here :)
[23:13] <ivoks> so, be fast
[23:13] <ivoks> :)
[23:14] <roy_hobbs> So would the difference between a solution that's a hypervisor vs one that does virtualization be running it on cpu with or without virtualiztion support?  (I keep seeing the terms hypervisor, virtualization, and paravirtualization and am having trouble sorting them out.
[23:14] <roy_hobbs> )
[23:14] <orudie> ivoks, ok so far i have postfix installed and courier
[23:15] <orudie> trying to get it working though
[23:15] <ivoks> orudie: now, remove courier
[23:15] <ivoks> and install dovecot
[23:15] <ivoks> :)
[23:15] <orudie> i think i have both installed lol
[23:15] <ivoks> it much nicer and easier to set up
[23:16] <ivoks> hypervisor = kvm, qemu, vmware, virtual box, etc...
[23:16] <ivoks> !virtualization
[23:16] <ivoks> !paravirtualization
[23:16] <ivoks> http://en.wikipedia.org/wiki/Paravirtualization
[23:17] <orudie> so what do i do ivoks ?
[23:17] <ivoks> orudie: remove courier and install dovecot
[23:18] <ivoks> dovecot-imapd and dovecot-pop3d
[23:18] <orudie> i think i  have that installed already
[23:18] <orudie> i think i installed both
[23:18] <orudie> how can i remove courier ?
[23:19] <ivoks> apt-get purge courier.*
[23:19] <Bangers> When I do "sar -d 3 3" I get "dev8-0 " for "DEV" -- what device is this??
[23:19] <Bangers> Im looking for disk IO usage stats for /
[23:19] <ivoks> if you don't know how to deinstall packages
[23:19] <ivoks> you should really learn how to use your operating system, before you do something st...d
[23:19] <orudie> hold on
[23:20] <roy_hobbs> Thanks to those of you who have helped me get started.  Now the fun begins
[23:20] <orudie> ivoks, ok courier removed
[23:20] <ivoks> orudie: now, ask your self and let us know; what kind of mail server do you want
[23:21] <orudie> pop3
[23:21] <ivoks> will public access, only local delivery, etc...
[23:21] <ivoks> orudie: we all know pop3/imap/smtp
[23:21] <orudie> i am trying to set it up for a small company with about 10 people
[23:21] <ivoks> orudie: but you should know what kind of mail server - who will use it
[23:21] <ivoks> ok
[23:22] <ivoks> only for internal mail, or you want to send mail outside?
[23:22] <orudie> outside
[23:22] <ivoks> does your server has a static IP
[23:22] <orudie> yes
[23:22] <ivoks> or is it on ADSL or some sort of dynamic IP
[23:22] <orudie> its static
[23:23] <ivoks> is your domain registred to that server?
[23:23] <orudie> i have ubuntu 8.10 server installed on a vps
[23:23] <ivoks> does MX record of your domain points to that IP
[23:23] <orudie> well i registered a domain and used zoneedit to point the domain to my ip
[23:24] <ivoks> does 'dig -t mx you_domain' returns IP of your server?
[23:24] <ivoks> your_domain
[23:24] <ivoks> doh... hate english
[23:24] <owh> ivoks: Esperanto instead?
[23:25] <owh> ivoks: Or Dutch?
[23:25] <ivoks> nope, croatian?
[23:25] <orudie> ivoks, http://pastebin.com/m6568bc2e
[23:25] <owh> ivoks: Nah, no-one speaks croatian :)
[23:25] <ivoks> owh: :p
[23:26] <orudie> ivoks, the ip of my server is 207.192.72.15
[23:26] <ivoks> you should be very carefull with disclosing so much info to a unknown people
[23:27] <ivoks> now i could help you set your server as open rely, send spam over it and you'll end up in jail
[23:27] <ivoks> :)
[23:27] <ivoks> ....do you feel lucky? :)
[23:27] <ivoks> anyway...
[23:27] <ivoks> i see you have smtp running
[23:28] <ivoks> and you haven't installed dovecot-imapd and dovecot-pop3d
[23:28] <orudie> ok sorry
[23:29] <orudie> so are we ready to proceed ?
[23:29] <ivoks> sudo apt-get install dovecot-imapd dovecot-pop3d
[23:29] <orudie> okd one
[23:29] <orudie> done
[23:29] <Victor_Petrescu> hi
[23:30] <Victor_Petrescu> I have an apache2 problem
[23:30] <ivoks> hm... i don't see open ports on that ip
[23:30] <Victor_Petrescu> (98)Address already in use: make_sock: could not bind to address 0.0.0.0:443
[23:30] <Victor_Petrescu> no listening sockets available, shutting down
[23:30] <ivoks> orudie: sudo /etc/init.d/dovecot restart
[23:30] <ivoks> Victor_Petrescu: sudo /etc/init.d/apache stop
[23:30] <ivoks> Victor_Petrescu: sudo killall -9 apache2
[23:30] <ivoks> Victor_Petrescu: sudo /etc/init.d/apache start
[23:30] <orudie> ivoks, ok restarted
[23:31] <Victor_Petrescu> apache2: no process killed
[23:31] <orudie> * Restarting IMAP/POP3 mail server dovecot                              [ OK ]
[23:31] <ivoks> orudie: still noething
[23:31] <Victor_Petrescu> (98)Address already in use: make_sock: could not bind to address 0.0.0.0:443
[23:31] <Victor_Petrescu> no listening sockets available, shutting down
[23:31] <Victor_Petrescu> Unable to open logs
[23:31] <Victor_Petrescu>                                                                          [fail]
[23:31] <orudie> hmmm, what cna i try ?
[23:31] <ivoks> Victor_Petrescu: then you have something else running on that port
[23:31] <Victor_Petrescu> on 443?
[23:32] <ivoks> Victor_Petrescu: sudo netstat -natp | grep 443
[23:32] <ivoks> orudie: telnet localhost 110
[23:32] <Victor_Petrescu> tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN      23134/webcit
[23:32] <Victor_Petrescu> cmon ..
[23:32] <Victor_Petrescu> Citadel
[23:32] <ivoks> Victor_Petrescu: there, you see
[23:32] <Victor_Petrescu> just installed it
[23:32] <Victor_Petrescu> can't they both work?
[23:32] <ivoks> Victor_Petrescu: not on 443
[23:33] <Victor_Petrescu> I don't need SSL for apache
[23:33] <Victor_Petrescu> where can I delete that?
[23:33] <orudie> Trying 127.0.0.1...
[23:33] <orudie> telnet: Unable to connect to remote host: Connection refused
[23:33] <luckyone> hello all... I have a server that has just recently started going non-responsive every couple of days - requiring a reboot...
[23:33] <luckyone> any idea where I could start looking for that?
[23:33] <ivoks> luckyone: memoy?
[23:33] <ivoks> memory
[23:33] <ivoks> orudie: ok
[23:33] <luckyone> maybe...
[23:34] <luckyone> if it was running out of memory, would it log that somewhere?
[23:34] <ivoks> orudie: egrep ^protocols /etc/dovecot/dovecot.conf
[23:34] <orudie> protocols = none
[23:34] <ivoks> luckyone: yes, but it would kill a process then
[23:35] <ivoks> luckyone: i'm guessing it's hardware problem
[23:35] <luckyone> like apache and the ssh server?
[23:35] <ivoks> orudie: change that none to 'imap imaps pop3 pop3s'
[23:35] <luckyone> hmm, it is on a virtual server - hosted by serveraxis.com
[23:36] <orudie> ivoks, nano /etc/dovecot/dovecot.conf ?
[23:36] <ivoks> orudie: well, whatever you like
[23:36] <ivoks> nano, vim, emacs, ed
[23:37] <luckyone> ivoks: I have a binary file /var/log/faillog, would that mean anything?
[23:37] <Victor_Petrescu> ivoks, can't really get it to work
[23:37] <luckyone> orudie: vim ftw!!!
[23:37] <ivoks> luckyone: everybody has that one
[23:37] <ivoks> Victor_Petrescu: what could be a problem? stop citadel, start apache
[23:38] <luckyone> ivoks: any recs on where to start?
[23:38] <ivoks> Victor_Petrescu: setup citadel on localhost:12345 and then set up apache to proxy to citadel
[23:38] <ivoks> luckyone: kern.log syslog
[23:38] <luckyone> ivoks: also how do I get this server on landscape? what sort of reporting does that provide
[23:39] <ivoks> luckyone: buy a support from canonical :)
[23:40] <luckyone> you have to buy support from canonical to use  landscape?
[23:40] <ivoks> yes
[23:40] <Victor_Petrescu> so that means I would have to reinstall i?
[23:40] <ivoks> Victor_Petrescu: i never installed citadel, so i don't know
[23:40] <Victor_Petrescu> ok
[23:43] <Victor_Petrescu> ok .. so apache running..
[23:43] <ivoks> Victor_Petrescu: configure citadel on some other port
[23:43] <Victor_Petrescu> citadel running :D
[23:44] <ivoks> Victor_Petrescu: and on localhost
[23:44] <Victor_Petrescu> did
[23:44] <luckyone> ivoks: so lots fo these, Feb  5 17:10:46 VO12106 kernel: apache2 invoked oom-killer: gfp_mask=0x200d2, order=0, oomkilladj=0
[23:44] <Victor_Petrescu> now I wonder if the mail() function still works under PHP
[23:44] <ivoks> and then proxy domain:443/citadel to that localhost:port
[23:44] <ivoks> luckyone: oom-killer is in-kernel function
[23:44] <ivoks> luckyone: it kills processes when there's no more memory
[23:45] <luckyone> is it normal?
[23:46] <ivoks> well, it's normal
[23:46] <ivoks> if you like having your processes killed
[23:46] <ivoks> it means your ram gets filled
[23:47] <ivoks> oom-killer doesn't know which process to kill
[23:47] <ivoks> so you might say it kills randomly
[23:47] <ivoks> it might kill sshd too
[23:47] <luckyone> can I tell it to never kill sshd?
[23:47] <ivoks> i'm not sure, i think not
[23:48] <luckyone> I would like that to be among the last to die
[23:48] <luckyone> kill lots of apache, mysqld, etc - not my sshd ;)
[23:48] <ivoks> or, add RAM :)
[23:49] <luckyone> looking at how expensive that is from my VPS provider
[23:51]  * luckyone sets memory_limit to < 48M in the mean time....